Whenever data is received on the iface monitor socket the list of
local network interfaces is refreshed. No check whether an interface
is really added/removed is done. Changes to network interface options
like promiscous mode flag generate traffic on the iface monitor socket
that not necessarily mean an interface was brought up or down resulting
in an unwanted refresh of local interfaces.
When local interfaces are refreshed selected capture interface(s) get
deselected. This in turn makes "Restart current capture" fail with a no
capture interface selected error.
Fixed by moving the refresh action from socket monitor callback to iface
monitor callback where interface up/down status is known.
Bug: 11834
Change-Id: Iffd39c3240049880b5a8311bc6484f3d1433f387
Reviewed-on: https://code.wireshark.org/review/12317
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update all View options to new recent settings to reflect the changes.
Also show/hide toolbars and packet panes accordingly.
Change-Id: Idb07bd5c51c01810b1f4467d2401936dc533731b
Reviewed-on: https://code.wireshark.org/review/12405
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Bug: 11820
Change-Id: I7e0a603c20ca0c524399beb3d89e14c45dc3a06e
Reviewed-on: https://code.wireshark.org/review/12393
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
QTreeView sets the stretchLastSection property of its header by default.
In our case this means that if the sum of our recent column widths
exceeds the width of the packet list viewport QHeaderView will shrink
the last column to fit.
Disable setStretchLastSection. We want its behavior when our columns are
too narrow so check for that in ::showEvent and temporarily enable it
there.
Bug: 11738
Change-Id: Ia4aad63e4f4bf899891bcebb7032dc5ebeb74cc7
Reviewed-on: https://code.wireshark.org/review/12392
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 11846
Change-Id: I6eac46dc397263fe005e803730c5d3084bfb7f74
Reviewed-on: https://code.wireshark.org/review/12391
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The font is part of the preferences.
Change-Id: Ibcdf1c06e92fc43547825b5fea9560e904003081
Reviewed-on: https://code.wireshark.org/review/12386
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Display Filter Macros may have changed and if a macro is currently
used in the display filter then cf_redissect_packets() will bail
out in an assert if trying to apply an invalid filter.
Change-Id: I842016360672d76d190454ce80ccc7604f2075b3
Reviewed-on: https://code.wireshark.org/review/12388
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using getOpenFileName() even with ShowDirsOnly option does not work.
Let's use the dedicated getExistingDirectory() method instead.
Bug: 11842
Change-Id: Ie22c4c479005467dbf64d9a90a8f3b82d355d495
Reviewed-on: https://code.wireshark.org/review/12384
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We actually have to *use* the return value of the method, which the macro did
for us.
Change-Id: I240ca7e526a18054fe39c6c4ded902998dc2fef0
Reviewed-on: https://code.wireshark.org/review/12389
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
This is a common packet when sniffing Cisco routers performing L2TP
with their proprietary AVPs.
Change-Id: I8093f7e3ceb39c9af5b6292289c55f705b53dffb
Reviewed-on: https://code.wireshark.org/review/12368
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The 'pinfo->clnp_dstref' variable is assigned values twice successively
Change-Id: I02b8ae54728f88c2173b4522d436bd2f7b1b7bc0
Reviewed-on: https://code.wireshark.org/review/12365
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A "ZLB" message is a Zero Length Body message. See RFC 3931
Change-Id: I89d8f2328754e236f0704f851831fd8274f3b99e
Reviewed-on: https://code.wireshark.org/review/12366
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Everywhere else in the l2tp packet tree we show the control connection ID as
an unsigned decimal.
Change-Id: I189b9ce8c56b024a249d18fc62641c2f5283b0c1
Reviewed-on: https://code.wireshark.org/review/12367
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The interfaces preferences are different for each profile so ensure
we update the interface settings when changing profile.
This bug was introduced in version 1.8.0.
Change-Id: Icf22670875e01bab6204c300ddc7fb8aeb3dcecf
Reviewed-on: https://code.wireshark.org/review/12363
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Use common function to generate the interface display name, both
when scanning for interfaces (scan_local_interfaces()) and when
changing Comment in the Manage Interfaces dialog.
Change-Id: I3260208856563aaf387ce397d4ae61bddcc89b4f
Reviewed-on: https://code.wireshark.org/review/12362
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
GLib 2.32 is required for use of g_hash_table_contains function
Change-Id: Ia2af2868ab1029d392d921d915b8898fb5ec81a4
Reviewed-on: https://code.wireshark.org/review/12361
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tracks the interation between PMNS_NAMES and PMNS_IDS packets to build
up a mapping from PMID to a text name and displays the name whenever the
PMID is displayed.
Change-Id: I665b293c32fee95b649fe6a6e26989db1eff38e0
Reviewed-on: https://code.wireshark.org/review/12303
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That's what my_dgt_tbcd_unpack() did; do the same thing here.
Change-Id: Ia68c6ba652c748bd2661fd6eda736e880f414dc5
Reviewed-on: https://code.wireshark.org/review/12359
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That should be used in for errors in the BCD strings where only 0
through 9 ar valid.
Fix comments to reflect that the two checks for '?' in the output of
tvb_bcd_dig_to_wmem_packet_str() are doing different checks - one is
checking for end-of-string padding, the other is checking for anything
that's not a digit.
Change-Id: I615587b34883ed5bfdc57827451c6e00e213fa5f
Reviewed-on: https://code.wireshark.org/review/12358
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Copy-and-pasteo.)
Add some comments while we're at it.
Change-Id: If03a43203a2ee7fad54b76cbdaf9318768edc1b0
Reviewed-on: https://code.wireshark.org/review/12354
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Developed by Emerson Industrial Automation (Control Techniques Division)
eCMP is a protocol for setting up and controlling the devices in a factory
automation system. eCMP has about 30 commands; most are embedded into TCP/IP
messages, but cyclic data messages use the UDP protocol.
Bug: 10562
Change-Id: I9a421f39dfbdbc9e28d8f7cba72c22e270064641
Reviewed-on: https://code.wireshark.org/review/3157
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
As the comment says, that routine "[ensures] there is a valid bitrate",
and a bitrate of 0, which comes from truncating a fractional bitrate, is
not a valid bitrate (an MPEG-2 Transport Stream with a bitrate less than
1 bit per second is not going to carrry any sensible audio/video
stream).
Make the "first" argument unsigned; it can never be negative.
Restructure the code and change some data types to make it more obvious
that it can't.
Change-Id: Idd4d073dc558bb31271318e14b2f74292cd16a2b
Reviewed-on: https://code.wireshark.org/review/12352
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 11815
Change-Id: I107cf90df87bdafa23bd4b81acbc25d98773b223
Reviewed-on: https://code.wireshark.org/review/12347
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In these frames the Ok and Close buttons are implemented
as standalone buttons. This leads to the scenario, that
they break plattform-ui preferences on the one hand, as
well as not being the same order throughout.
This patch replaces all Ok/Close buttons with the Qt
button box, which handles the plattform-ui internally, and
additionally allways enforces the same order.
Change-Id: If62b90016b222322f60c0962da04c8277589a57f
Reviewed-on: https://code.wireshark.org/review/12335
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Bug: 11831
Change-Id: Ic4b963bf5a790c2f57b26a15f6226924f742fa55
Reviewed-on: https://code.wireshark.org/review/12340
Reviewed-by: Michael Mann <mmann78@netscape.net>
For codecs using compression (so not G.711) the number of decoded bytes is different from payload len * sample bytes.
This result in a truncated audio buffer and inaudible audio.
Change-Id: I755c19df37820c1c56acc7bd7b67fcc104516474
Reviewed-on: https://code.wireshark.org/review/12336
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The current code generates a shrill noise at least on Windows.
Presumably memccpy does not behave as initially expected :)
Change-Id: Id23a35d1d41ef4044b6a96c093a8fa927828f8b3
Reviewed-on: https://code.wireshark.org/review/12337
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
EtherNet/IP
1. Only decode 32-bit header if there is enough data. Previously, this would show malformed data, even for I/O packets that have no data, eg: heartbeat data.
2. Typos
CIP
1. Many Time Sync attribute responses were flagged incorrectly as malformed.
2. Create service response highlighted the instance number incorrectly, and showed warnings.
3. Set Attribute List Request should exit early if it doesn't know about a particular attribute.
4. Incorrect format for Safety Network Segment: Router Format.
5. Typos
Change-Id: I506dbb053c247bc8efcbde2cce6ab24d9550c897
Reviewed-on: https://code.wireshark.org/review/12321
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A call to plugin_if_goto_frame when there is no capture file
loaded causes a protection exception in cf_goto_file. This
fix avoids that problem.
Bug: 11810
Change-Id: I7e6f31690a4b0d8d4252b41d8d438979cb253050
Reviewed-on: https://code.wireshark.org/review/12306
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics
Change-Id: Ie246592282bd0791021159f90b4b8aeb92cff86f
Reviewed-on: https://code.wireshark.org/review/12333
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The examples showing how to add menu entries are based on
older versions of some of the related functions. This change
corrects those examples.
Bug: 11819
Change-Id: Iad9beb2e87d3d1efe5f9dfa93a0e7110b8d9f53a
Reviewed-on: https://code.wireshark.org/review/12308
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Parse and display NetSwitch and SubSwitch fields, treating 0x00 and 0x7f
as "special" values with meaning beyond what is usually offered by these
fields.
Change-Id: Idf94361793441f5f4b32c23e7f7f9250ed952a37
Reviewed-on: https://code.wireshark.org/review/12279
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>