looking for dissectors in /usr/local/src/wireshark/epan/wspython/wspy_dissectors
looking for dissectors in /home/sfisher/.wireshark/plugins
registered protocols []
svn path=/trunk/; revision=39723
XXX - "svnversion.h" is distributed in the release tarball; should
we be deleting it with "make clean", or should we only do that with
"make maintainer-clean"?
is probably "we should only do that with "make maintainer-clean""; see
http://www.wireshark.org/lists/wireshark-dev/201111/msg00027.html
and followups.
svn path=/trunk/; revision=39716
Many enhancements, and some fixes, to the Spice dissector:
- SASL authentication support
- indention, tab fixes
- LZ image dissection (fixing at least one TODO item)
- dissect Spice client agent data
- fix some proto_tree_add_item() offsets
- probably some more that I forgot.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6535#attach_7355
svn path=/trunk/; revision=39710
byte-swapped form - i.e., not network byte order, but the reverse of
network byte order - as, a long time ago, somebody asked to have the
"little_endian" flag affect the way proto_tree_add_item() fetched IPv4
addresses from the packet.
Use ENC_BIG_ENDIAN for IPv4 addresses (ENC_NA and ENC_BIG_ENDIAN have
the same value, but this makes it clearer that we, sadly, need to care).
svn path=/trunk/; revision=39708
- Renaming opensafety.msg.type to opensafety.msg.direction
- Introducing real opensafety.msg.type as opensafety.msg.category and generated
field
- Adding openSAFETY Sender and Receiver field, for all types of messages
- Adding openSAFETY Domain number and Node number as generated fields, which
allows filtering for them
- Rework PACKET_RECEIVED_BY and PACKET_SEND_FROM_TO_ALL to PACKET_RECEIVER and
PACKET_SENDER
- Replaced PACKET_SEND_FROM_TO with calls to PACKET_RECEIVER and PACKET_SENDER
- Added functions, so that the new sender and receiver fields as well as
network information are added as sub-trees
- Removed DISSECTOR_ASSERT in opensafety_get_scm_udid as it is not needed here
anymore
- Added the connection valid bit to the dissection tree ( has been there as
message type, but was never validated )
- Added calculations for Domain Network Addr, depending if a valid UDID for the
SCM is present in SSDO and SPDO
- Corrected error, where sub-tree for spdo dissection used global ssdo_tree
instead of spdo_tree
- Added "Message Type unknown" which leads to PI_MALFORMED marked entry in
dissect_opensafety_message
- Added check for ( length - frameOffset ) is below or equal zero, to avoid
using dissector asserts
- Added check for freak frame start detection, where both frame starts would be
equal (could happen during fuzztest)
- Removed DISSECTOR_ASSERT for both frame starts being different
- Added check, that if the frame address is above 1024, the package get's
marked as PI_MALFORMED (fuzztest)
- Fixed CID 1215, CID 1224 and CID 1246/1247
- Corrected naming issue with openSAFETY/SercosIII dissection using UDP
transport
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6528
svn path=/trunk/; revision=39701
Dissector for HSR and PRP-1
Here is a patch that adds a dissector for HSR and for PRP-1. Both protocols are defined in IEC62439 Part 3. (High-availability Seamless Redundancy / Parallel Redundancy Protocol)
The existing PRP dissector has been refactored to support both the old PRP (now called PRP-0) and the new PRP-1.
There are three distinct dissectors:
- HSR (ethertype 892F)
- HSR/PRP supervision (ethertype 88FB)
- PRP-0 and PRP-1 (trailer dissector; disabled by default)
From me :
* Fix Clang Warning
* Add modification for CMakeLists.txt
svn path=/trunk/; revision=39692
Enhance Universal Alcatel Protocol
Several fixes and heuristic version. You can also specify the ports (as in the previous version), if the heuristic version is not working properly.
svn path=/trunk/; revision=39691
Wireshark unable to parse ERSPAN from HP Comware platforms
Huawei GRE ERSPAN is not decoded properly
Add a pref to FORCE to decode directly Ethernet frame in GRE (with no ERSPAN Header)
svn path=/trunk/; revision=39687
Enhancement for the Component Status Protocol dissector
The attached patch adds a dissection of the message flags field to the Component Status Protocol dissector.
svn path=/trunk/; revision=39686
packet-bacapp.c:6154: error: stray '\250' in program
packet-bacapp.c:7137: warning: cast to pointer from integer of different size
svn path=/trunk/; revision=39680
I found many new properties in BACnet that were not decoded correctly in
Wireshark. I have attached a patch that adds decoding to the following
properties:
Fixed the following properties to decode:
In the Accumulator Object:
scale (187)
prescale (185)
logging-record (184)
In Access Door Object:
door-members (228)
masked-alarm-values (234)
In the Pulse Converter Object:
input-reference (181)
In the Group Object:
list-of-group-members (53)
In the Event Enrollment Object:
object-property-reference (78)
In the Command Object:
action (2)
In the Trend Log Multiple object:
log-buffer (131)
In the Event Log Object:
log-buffer (131)
In the Structured View object:
subordinate-list (211)
Added decoding for the following enumeration type properties:
Logging-type (197)
event-state (36)
reliability (103)
notify-type (208)
door-status (231)
lock-status (233)
secured-status (235)
maintenance-required (158)
program-state (92)
program-change (90)
reason-for-halt (100)
mode (160)
silenced (163)
operation-expected (161)
tracking-value (164)
file-access-method (41)
The above fixes also fixed the log-buffer decoding of the old trend log
recorded as Wireshark bug: #6458
I believe this patch also fixes bug: #6235. But the original bug did not
contain a capture file so I am not positive my capture represents the
originators issue.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6475
svn path=/trunk/; revision=39676
negative integers and integers up to MAXINT64. We still don't support
integers between MAXINT64 and MAXUINT64, which would be 9 bytes long.
svn path=/trunk/; revision=39673
Stig Bjørlykke