gsm_a :
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1754
SMS CP (gsm_a_dtap), RP (gsm_a_rp) and T-PDU (gsm_sms) protocol stacks are
decoded in Wireshark when called by BSSAP or RANAP.
Same protocol stack can be called by GPRS-LLC (sapi 7). Simple modification
needed in packet-gsm_a.c to add dtap dissector to llcgprs.sapi 7.
Me a comment in gprs-llc.
svn path=/trunk/; revision=22559
TODO:
- Global
- add libsmi to autoconf (I modified CFLAGS and LDADDs in the makefile.ams appending my own values, that's good only for me)
- have other users of oid_resolv.h get to use the new functions in oids.h
- add a menu item or preference setting for the smi_modules UAT ( the smi_modules file has one dquoted string per line with the name of each module to be loaded)
- SNMP
- put complete information in the labels of the VarBind Items
- add oids to COL_INFO
- negative testing (Well, testing in general)
- OIDS
- implement "ALL" modules
- some functions are not yet tested or implemented
I'll put a TO-DO list on the wiki for people (incl. me) to add more items
svn path=/trunk/; revision=22556
Fixed an offset for diagnostic in COL_INFO.
This file should really be rewritten to use more proto_tree_add_item's
instead of proto_tree_add_text's.
svn path=/trunk/; revision=22552
different ways, add a set of common conversion routines. Add a
"Frequency/Channel" column and fill it in where we can. Fix RSSI column
printing in PPI.
Fix up whitespace along the way.
svn path=/trunk/; revision=22538
Supports RC2, RC4 and 3DES with SHA1 Password-based Encryption using libgcrypt functions.
Password is provided as a preference, as is trying to decode with a empty/NULL password.
svn path=/trunk/; revision=22534
add the possibility, that a dissector writer can provide (usually non-trivial) display filters specific for the protocol in question (with an example in packet-dcerpc-pn-io.c), that will appear in the GUI
svn path=/trunk/; revision=22530
- s/ntohl/g_ntohl
- s/free/g_free
- Change some tvb_get_string()+g_free()'s into tvb_get_ephemeral_string()
- Change some tvb_fake_unicode()+g_free()'s into tvb_get_ephemeral_faked_unicode()
- Change some tvb_get_string() calls that were clearly memory leaks (like
atoi(tvb_get_string(...))) into tvb_get_ephemeral_string()
svn path=/trunk/; revision=22515
Minor problem in packet-gtp.c when decoding the PDP context Information
Element (7.7.29 in 29.060) The two uplink TEIDs are reversed in
packet-gtp.c, it should be control plane, followed by data.
Reworked the patch.
svn path=/trunk/; revision=22500
Please find enclosed a patch to update BA status code for PMIPv6
according to draft-ietf-netlmm-proxymip6-01 Section 8.5
svn path=/trunk/; revision=22499
Fro Stig Bjørlykke:
1. BER: Added support for empty indef SET
2. RTSE: Added fragment length in COL_INFO
3. IMF: Use correct hf_id for extension value
4. DOP: Fix typo in COL_INFO oid name
svn path=/trunk/; revision=22492
A new version of the IEEE1588/PTP dissector. This dissector now includes the
coming version 2 of the standard. It supports both IP/UDP and pure ethernet
frames.
I've done some minor changes:
LL suffix doesn't work on Win32, used G_GINT64_CONSTANT instead - as described in doc/readme.developer
removed ETHERTYPE_PTP definition, already defined in etypes.h
removed some duplicated "if (tree)"
svn path=/trunk/; revision=22472
"white space" in the Content-Type field before the semi-colon.
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1716
Still does not work correctly as packet-multipart.c seems to have got broken.
svn path=/trunk/; revision=22470
Adds a heur_dissector_delete() function to allow heuristic dissectors to be
dynamically disabled based upon, for example, preference settings.
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1697
svn path=/trunk/; revision=22463
such as the fact that Flex strips all but the last component of the "-o"
argument, and that it doesn't generate a header file to declare routines
the generated lexical analyzer defines. Use that script when building
lexical analyzers, and, for each lexical analyzer, include the generated
header file in the generated analyzer.
svn path=/trunk/; revision=22446
Don't put $(srcdir)/ at the beginning of those file names - other
Makefile.am files don't have it, and it appears to break "make
distcheck", at least on my Mac OS X 10.4 machine.
svn path=/trunk/; revision=22439
there is a mistake in the assigned number of the update request and update
ack shim6 control message. Accordingly to draft-ietf-shim6-proto-08 the
update request has a value of 64 and the update ack 65.
svn path=/trunk/; revision=22438
Makefile.nmake files; currently, it has the (F)lex-to-C rule and a
.SUFFIXES pseudo-rule to add .l to the list of suffixes. Have
Makefile.nmake files with .l.c rules include Makefile.nmake.inc to get
that rule.
The names Makefile.am.inc and Makefile.nmake.inc aren't necessarily the
right names for the files in question.
Use $(PACKAGE) in the Mate plugin's Makefile, rather than "mate".
svn path=/trunk/; revision=22437
Makefile.am files; currently, it has the (F)lex-to-C rule. Have
Makefile.am files with .l.c rules include Makefile.am.inc to get that
rule.
svn path=/trunk/; revision=22436
Move the %options to the beginning if they weren't already there, and
put them in the same order in all files.
Add "prefix=" options to .l files that don't already have them, so we
don't have to pass a "-P" option.
Add "never-interactive" and "noyywrap" options to our lexical analyzers,
to remove extra isatty() checks and to eliminate the need for yywrap()
from the Flex library.
Get rid of %option nostdinit - that's the default.
Add .l.c: rules to Makefile.am files, replacing the rules for specific
.l files. Have those rules all check that $(LEX) is set.
Update the address for the FSF.
svn path=/trunk/; revision=22424
Correct bug in TCAP statistics when read filter is used.
Rename the TCAP decoding functions to show which are ITU vs. ANSI.
Don't unregister an ITU SSN if it's used by an ANSI subdissector.
svn path=/trunk/; revision=22421
RFC 4627 defines "The application/json Media Type for JavaScript Object Notation (JSON)"
application/json is a text based type used by JavaScript applications and web pages.
svn path=/trunk/; revision=22420
- add support of session management for tcap ANSI.
(In fact, this support already exist for ANSI MAP subdissector, but as our
simulators can reuse the tcap transaction Id, the decoding of the response
may be wrong)
- move the code related to asn1 in tcap.cnf, and update tcap.cnf
- move the code related to the session management in tcap-persistentdata
- add a compilation option to free the entry in the hashtable for a closed
transaction. This is used only for tshark statistics generation, with huge file.
- cleanup and add some comments
Add Id tags to epan/tcap-persistentdata.{c,h}
svn path=/trunk/; revision=22415
- modify subtypes for individual TCMessage/ansi... fields instead of switching based on hf_index inside common TransactionPDU type
svn path=/trunk/; revision=22411
_want_ what's currently in the INFO column (usually a more generic message
type from a lower level dissector) replaced (usually with a more
specific--higher level--message type from the currect dissector). Add a
comment there not to change it back and to explain the use of col_set_fence()
in case someone finds data there that they _don't_ want replaced.
svn path=/trunk/; revision=22409
- add a subtree to the ApplyChargingXX Report
- add a subtree to ReleaseCall and ReleaseSMS
- synchronize Unix and Windows makefile.
svn path=/trunk/; revision=22396
last draft, draft-ietf-behave-rfc3489bis-07. Changelog:
* My employer is now sponsoring this work, so added a copyright line.
* Added a comment for each method/attribute with the RFC/I-D where is
it defined, so it will be easier to add new STUN usages.
* Removed the SHARED-SECRET method.
* Removed the PASSWORD and REFRESH-INTERVAL attributes.
* Changed "Response" to "Success Response".
* Changed "Error Reason Phase" to "Error Reason Phrase".
* Added reassembly for TCP segments on STUN2.
* Updated STUN acronym expansion.
* Renamed STUN2_ERROR to ERROR_RESPONSE.
* Changed the value of attribute FINGERPRINT from 0x8025 to 0x8028.
* Display if an unknown attribute is comprehension-optional or
comprehension-required.
* Reorganized order of attributes in the dissector code.
* The message length is now displayed in decimal.
svn path=/trunk/; revision=22383
This is a major re-write of the WLCCP version 0xc1 dissector. It now is
able to dissect many more WLCCP message types and the TLVs that may be
included in a message. Placeholders are left for message types and
TLV types that we do not currently have enough data to engineer a
dissector.
svn path=/trunk/; revision=22330
The work is still incomplete (anything but strings and numbers appears as bytes) but I want others to start testing it.
TODO:
builders and decoders for:
- (ntp) timestamps
- addresses
- diameteruris
- diameteridentities
- ipfilterrules
- qosfilterrules
- mipregistrationrequests
svn path=/trunk/; revision=22318
TNEF is a Microsoft defined format for carrying additional information about a message (e.g. rich text formatting)
and generally appears as a "winmail.dat" attachment. Details are here:
http://msdn2.microsoft.com/en-us/library/ms530652.aspx
This is a basic dissector which handles the TNEF attributes and the MAPI properties (found in MAPIPROPS
TNEF attribute). It is not complete and requires further work to complete the dissection. However it will
dissect TNEF generated from Outlook (including messages with attachments).
It is registered under the appropriate BER OID (1.2.840.113556.3.10.1) for X.400 attachments and media
type ("application/ms-tnef") for MIME messages. For MIME messages, any content-transfer-encoding
(usually base64) needs to be removed before calling this dissector. There is a preference in the
MIME multipart dissector to do this.
svn path=/trunk/; revision=22312
body before passing it to a sub-dissector. The decoded content is added
as a new source, named with the filename or the content-type.
svn path=/trunk/; revision=22311
this module was never really finished and was therefore semi-useless.
disabled now since the change to samr broke it and the real fix to
unbreak it would be a substantial rewrite of it
(and adding a nice gui so one can see which sids are mapped...)
disabled it but did not remove it since i do think the module is
useful IF it is completed with a lot more operations.
svn path=/trunk/; revision=22271
add a fix for ack/seq tracking when the tcp is broken and sends a
non-zero ack field for SYN packets.
add a warning to the dissect pane that illustrates that these are broken
packets
svn path=/trunk/; revision=22267
Attached is a patch that fixes bug 1670 and related issues.
For the BACnet GetEventInformation-ACK request dissector:
1. Corrected BitString decoding for acknowledgedTransitions and eventEnable.
2. Corrected the ability to decode more than one event.
3. Grouped each item of the sequence using subtrees. Added more informative
text to Priority and Timestamp.
4. Corrected eventState to use BACnetEventState enumeration instead of
BACnetEventStateFilter.
svn path=/trunk/; revision=22262
First patch is only to reindent the packet-mip6 files.
Second patch adds PMIPv6 options (draft-ietf-netlmm-proxymip6-01.txt) and Mobile Node Identifier Option (RFC4283).
svn path=/trunk/; revision=22258
This patch adds an option to packet-ber to show unexpected tags/data as unknown BER. It also fixes some offset/length combinations when adding the error message to the tree.
svn path=/trunk/; revision=22244
It provides basic dissection of the text-based protocol, providing fields for filtering.
It also calls the multipart dissector for any MIME body that is found.
It includes very basic support for MIXER (RFC 2156) fields.
It also registers itself as "message/rfc822" in the media type table.
svn path=/trunk/; revision=22241
apparently broken and send 64 bytes for these fields.
mark these packets in the decode pane that the isns host is broken
change the calculation of offset to just increment it by tag size len
size and length one at the very end of the attribute dissector
svn path=/trunk/; revision=22236
over anybody who edits the sys/net80211/ieee80211_radiotap.h header on
any operating system. I also think he needs to be willing to use that
power when necessary.
svn path=/trunk/; revision=22217
Changes are only for protocol version 2.
The changes are:
- dissect "TIPC Bundler Protocol" messages correctly
- search for other dissectors which want to dissect encapsulated data according to the TIPC user or TIPC type of a message. The data dissection is difficult since a TIPC data message does not necessarily a "type" set. So for the moment - while TIPC is not widely used - just triggering for the user of a message will be sufficient for people looking into the TIPC protocol.
- "Dissect TIPC data" in the preferences is now switched on by default
- to show undissected data, the "data" dissector is now used.
- corrected some typos
svn path=/trunk/; revision=22183
a SASL encapsulated ldap blob can contain more than one LDAP message so
the rest_is_pad parameter is bogus and thus removed.
make dissect_ldap_pdu handle when we have more than one LDAP message
inside one sasl blob
svn path=/trunk/; revision=22181
receiving a SES MAJOR SYNC POINT, as this indicates the end of the
COTP DT Data stream. Previous the RTSE dissector was called when
receiving a COTP DT Data fragment with the "last data unit" bit set,
but this does not work with messages fragmented in RTSE. Reassembly
can be turned off in the preferences.
svn path=/trunk/; revision=22176
fragmented data without adding an empty data fragment.
This is used by the RTSE dissector which can't identify the
last fragment until after it has been added.
svn path=/trunk/; revision=22174
COTP DT Data (class 1) fragment in the same frame. Also added the
generated dst_ref and a reference to the "COTP segment data" to the
tree.
svn path=/trunk/; revision=22173
Jaap Keuter