"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector.
Change-Id: If34bcb5165b493948e784ba038ab202803a59843
Reviewed-on: https://code.wireshark.org/review/6154
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Icd04c5f1f09b9cf704828e4b6a598cd2c1f6dd15
Reviewed-on: https://code.wireshark.org/review/6172
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fifth batch (packet-rtp.c -> end).
Will look at cleaning up and committing script afterwards.
Change-Id: I8ed61dc941d98d3f7259a9d1f74e214eb7b4bfa2
Reviewed-on: https://code.wireshark.org/review/6052
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I396e9af7971ee8be6fc9548162ff37fe704f0289
Reviewed-on: https://code.wireshark.org/review/5651
Reviewed-by: Michael Mann <mmann78@netscape.net>
The fact that the vtag matches the initiate tag doesn't mean much if both are 0
(uninitialized).
Also leave in some (commented-out) debug to make debugging this stuff easier
in the future.
Change-Id: Id007de8bf9d2d4e0bb18309ed3e2572fedda45f1
Reviewed-on: https://code.wireshark.org/review/5571
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: I13197cc48068bb35ee12a7023cfe5f76bbc4e264
Reviewed-on: https://code.wireshark.org/review/5486
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add support for PAD chunks as defined in RFC 4820.
Change-Id: I66a83d5d133429154fe40ccef26687c8350463cf
Reviewed-on: https://code.wireshark.org/review/5393
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
The length reported as value length for unknown chunks
was actually the chunk length. Therefore it was off by 4.
Change-Id: Ieea79d2c51b4729fc139395174625d1f362d1ee5
Reviewed-on: https://code.wireshark.org/review/5392
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Follow TCP's lead by putting the filter in a subtree under the checksum.
Change-Id: I9351ee865011cd04bc3d3e88c51e8dbb3dc23f07
Reviewed-on: https://code.wireshark.org/review/4082
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
The warning coming after change in g018b84de8
Change-Id: Ia96cdb2993a6283d8de2647c6723ec6b2b0977eb
Reviewed-on: https://code.wireshark.org/review/3752
Reviewed-by: Evan Huus <eapache@gmail.com>
This is very similar in architecture to the changes made to the Conversation table functionality. Since all conversations have endpoints/hostlists, the "registered" list is shared for both.
Change-Id: Ie8c6910a68a1b3f27c5b18c4494f49b9404a7b31
Reviewed-on: https://code.wireshark.org/review/3214
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That doesn't eliminate them, but at least it encapsulates them.
Change-Id: I78f0202cb7d2eb86e2dce220b2b97acc256d1e42
Reviewed-on: https://code.wireshark.org/review/3489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- remove unneeded initializers;
- replace tabs in files with editor mode line 'expandtabs';
- col_set_str() --> col_add_str() (in one case);
- tvb_length() -- > tvb_reported_length() (in one case);
- do some whitespace & indentation fixes/changes.
Change-Id: Ib8ffbbcdb6e4a74c0df6021a75430ae1ef9ae089
Reviewed-on: https://code.wireshark.org/review/3435
Reviewed-by: Bill Meier <wmeier@newsguy.com>
I intentionally left the fields displayed alone (so they don't exactly match Wireshark GUI), because as Guy points out in bug 6310, not sure its A Bug or A Feature. But at least all types of conversations allowed are in sync with Wireshark GUI.
Bug:6310
Change-Id: I722837df510a39dadc1f9a07a99275509516698c
Reviewed-on: https://code.wireshark.org/review/3212
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Refactor (non-GUI) conversation table functionality from gtk/Qt to epan. Also refactor "common GUI" conversation table functionality.
The idea is to not have to modify the GUI when a dissector adds a new "conversation type"
Change-Id: I11f08d0d7edd631218663ba4b902c4a4c849acda
Reviewed-on: https://code.wireshark.org/review/3113
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This patch escapes some characters like \n when showing text
contained in a packet by appending it to a protocol item.
Change-Id: Ice0040040ec7ab573dd9a412f8c0c197a566a031
Reviewed-on: https://code.wireshark.org/review/3095
Petri-Dish: Michael Tüxen <tuexen@wireshark.org>
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Change-Id: I8d66b1bc7dbdfee3d4bf6fd3b3c21c6323b66f44
Reviewed-on: https://code.wireshark.org/review/2946
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also ensured some files have their correct names at the top so they are more easily grepped
Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also remove the reference to the original ID.
Change-Id: I51357fc04699a40af2d34ec2bd36518d09d3b180
Reviewed-on: https://code.wireshark.org/review/1848
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add ep_ to routines that may return ephemeral strings.
Change "get_XXX" to "XXX_to_display" if the routine returns a formatted
string if it can't get a name.
Change-Id: Ia0e82784349752cf4285bf82788316c9588fdd88
Reviewed-on: https://code.wireshark.org/review/1217
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't attempt reassembly and squash an expert info when we're in an error
packet.
Change-Id: I7d19e4ab7add78829bf1e28ad92dce3a7431c37d
Reviewed-on: https://code.wireshark.org/review/964
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Add a comment indicating what we should be doing when the PKTDROP chunk contains
a truncated data chunk.
Change-Id: Icbba4c6dafc5c2656fc337734a1a570ef4a055d2
Reviewed-on: https://code.wireshark.org/review/950
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's still O(n) in the worst case since the comparison function doesn't appear
to be suitable for use in a tree or hash-table, but at least we no longer spend
O(n) by default just finding the end of the list so we can iterate backwards.
Discovered while investigating bug #9823, but probably not the cause of that
bug.
Change-Id: Ib6c3691cff8e7fa49703df7c75635ef797c8fbe8
Reviewed-on: https://code.wireshark.org/review/443
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Rename the 2nd SCTP Transport tab to "SCTP(PPID)" to make it obvious what it
is.
Fix up casing and code formatting in both SCTP and TCP Decode-As code.
svn path=/trunk/; revision=54391