Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Bluetooth dissector is used to add ability to filter all bluetooth
payload from capture files (there are many transport like:
hci_h4, hci_h1, hci_usb, hci_mon, btle). Also it is used to placeholder for
all data tree used to store additional informations like bd_addrs, names, etc.
Finally it is used to be one point for Bluetooth
Endpoints/Conversation filtering what is enabled now.
Also add Master/Slave Role and Connection Mode tracking.
Change-Id: I67048080fb8ee16fa0f4ec429c1257de81ddd737
Reviewed-on: https://code.wireshark.org/review/5771
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Change-Id: I6b8fc8db006bc3b8f8f4bac019cb7e240931d3b5
Reviewed-on: https://code.wireshark.org/review/5619
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change type field type from byte sequence to string.
Change-Id: I3e2ac6fbb5ce7187ba1183d63236e9a2bcd824ee
Reviewed-on: https://code.wireshark.org/review/4417
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
There are two cases:
1. btl2cap -> btrfcomm -> btobex
2. btl2cap -> btobex
Case 2 is rare, so according to its name and to avoid confusion
I based on it.
Bug:10316
Change-Id: Ibeabeaf2f8376425460c56bad8fb980b460dd940
Reviewed-on: https://code.wireshark.org/review/3225
Reviewed-by: Evan Huus <eapache@gmail.com>
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From Michal Labedzki
1. Bluetooth: Implement the rest of fields in Low Energy Link Layer dissector
2. Bluetooth: Merge all UUIDs together
3. Bluetooth: Extract LE Channel MAP to separate dissector
4. Ubertooth: Dissect CC2400 registers
svn path=/trunk/; revision=54700
protocol IDs. This is substantially more efficient, which means we can build it
all the time rather than only if tree (in my benchmarks the extra time taken is
not large enough to be statistically significant even over tens of thousands of
packets).
This fixes what was probably a bug in btobex that relied on layer_names for
non-tree dissection. It also enables a much simpler fix for
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9303
svn path=/trunk/; revision=53089
- when the text parameter is constant col_add_str() and col_set_str() are equivalent but col_set_str() is faster.
- same for replace col_append_fstr and col_append_str
- remove col_clear() when it's redundant:
+ before a col_set/col_add if the dissector can't throw an exception.
- replace col_append() after a col_clear() with faster col_add... or col_set
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9344
svn path=/trunk/; revision=52948
Bluetooth protocols use items, so dissect it to improve filtering and better user experience - text object cannot be filterable or comparable.
From Michal Labedzki
svn path=/trunk/; revision=52863
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8824
Convert bluetooth emem trees to wmem trees.
Add modelines and fix indentation.
Correct typo in wmem_tree.h that still referred to emem.
svn path=/trunk/; revision=50076
be done on flows from one address to another; reassembly for protocols
running atop TCP should be done on flows from one TCP endpoint to
another.
We do this by:
adding "reassembly table" as a data structure;
associating hash tables for both in-progress reassemblies and
completed reassemblies with that data structure (currently, not
all reassemblies use the latter; they might keep completed
reassemblies in the first table);
having functions to create and destroy keys in that table;
offering standard routines for doing address-based and
address-and-port-based flow processing, so that dissectors not
needing their own specialized flow processing can just use them.
This fixes some mis-reassemblies of NIS YPSERV YPALL responses (where
the second YPALL response is processed as if it were a continuation of
a previous response between different endpoints, even though said
response is already reassembled), and also allows the DCE RPC-specific
stuff to be moved out of epan/reassembly.c into the DCE RPC dissector.
svn path=/trunk/; revision=48491
Be consistent in short name of protocols
Use prefix "BT " in short name for all Bluetooth dissectors. A reason
for that is protocol names start by "bt", Bluetooth dissectors can
be easy identificated, also DecodeBy looks better (sorted).
Please be note that "SDP" is reserved for different dissector, so using
"BT SDP" is good choice.
Also fix two naming mistakes.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8304
svn path=/trunk/; revision=48389
Bluetooth: Improve support of MAP, PBAP, BPP and BIP in OBEX
Add support for recognize profiles using OBEX (by "Target"), then add
all Application Parameters specific for MAP, PBAP, BPP, BIP.
Also fix one FIXME, so now dissecting by OBEX does not cause malformed
frames while jumping over dissected packets.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8304
svn path=/trunk/; revision=47632
The reassembled fragments tree in the Packet Details view is awesome, but it
lacks one thing: a field that exposes the reassembled data.
tcp.data already exists for exposing a single TCP segment's payload as a byte
array. It would be handy to have something similar for a single application
layer PDU when TCP segment reassembly is involved. I propose
tcp.reassembled.data, named and placed after the already existing field
tcp.reassembled.length.
My primary use case for this feature is outputting tcp.reassembled.data with
tshark for further processing with a script.
The attached patch implements this very feature. Because the reassembled
fragment tree code is general purpose, i.e. not specific to just TCP, any
dissector that relies upon it can add a similar field very cheaply. In that
vein I've also implemented ip.reassembled.data and ipv6.reassembled.data, which
expose reassembled fragment data as a single byte stream for IPv4 and IPv6,
respectively. All other protocols that use the reassembly code have been left
alone, other than inserting NULL into their initializer lists for the newly
introduced struct field reassemble.h:fragment_items.hf_reassembled_data.
svn path=/trunk/; revision=44802
