MIBenum values are from an IANA registry, not a WAP specification; add
<epan/iana_charsets.h> to declare the MIBenum -> Wireshark encoding
mapper routine and the value_string_ext for MIBenum values, and
epan/iana_charsets.c to define them.
Change-Id: I6d9c82cd011bd5211c688322e6423de38e161f41
Reviewed-on: https://code.wireshark.org/review/15298
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Remove the need for version.h.in and bring CMake up to par with autotools.
Change-Id: I701b56c475f5fdec1f9a028536fff6992ce8eaca
Reviewed-on: https://code.wireshark.org/review/15031
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
This allows keeping the code-sharing with the static linking.
This "fixes" a hypothetical ABI mismatch with wsutil and avoids pulling more
external dependencies to wsutil than strictly necessary.
A nice side-effect is that libwsutil no longer depends on version.h.
Follow up to f95976eefc.
Change-Id: I8f0d6a557ab3f7ce6f0e2c269124c89f29d6ad23
Reviewed-on: https://code.wireshark.org/review/15002
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Smaller epan/CMakeLists.txt is easier to work with and this structure
is well suited to CMake. It should make it easier to manage and configure
each epan module differently if necessary.
Change-Id: Ia649db3b7dcd405aa43dbdba3288699d5e375229
Reviewed-on: https://code.wireshark.org/review/14068
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Lightweight M2M is a protocol on top of CoAP that is used for
device management. The specification contains a custom payload
format - a simple type, length, value binary encoding.
This patch adds support for dissecting this payload format.
While not yet officially registered, the main open source
implementation of the lwm2m protocol - eclipse's leshan - uses this
content type 1542 for its messages.
Bug: 12110
Change-Id: Ib022d1f485c706f1d69ceec7200790448d080965
Reviewed-on: https://code.wireshark.org/review/13835
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissector for the USB3 Vision machine vision camera protocol.
* Descriptors
* Bootstrap registers
* Control (GenCP)
* Stream data
A sample capture (usb_u3v_sample.pcapng) has been uploaded to
https://wiki.wireshark.org/SampleCapture
USB3 Vision a standard developed under the sponsorship
of the AIA for the benefit of the machine vision industry.
U3V stands for USB3 Vision (TM) Protocol
Change-Id: If1206df7974c6a91cf18f59ddecf9d38b9827934
Reviewed-on: https://code.wireshark.org/review/14008
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12033
Change-Id: I04ad97933639b1c6192608d12a1fb72f4c3725e2
Reviewed-on: https://code.wireshark.org/review/13576
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For historiacal reasons OBEX protocol was implemented as
"Bluetooth OBEX", that means it is OBEX + Bluetooth related stuff.
However Bluetooth related stuff does not caused any issue right now,
so allow to use this dissector in non-Bluetooth cases.
Bug: 11724
Change-Id: Ic645308bc854602d009f254ebbfd1b703a4c6a25
Reviewed-on: https://code.wireshark.org/review/13740
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Userlog is user flow logs of H3C device.
Flow logging records users' access to the extranet. The device classifies and
calculates flows through the 5-tuple information, which includes source IP address,
destination IP address, source port, destination port, and protocol number,
and generates user flow logs. Flow logging records the 5-tuple information of
the packets and number of the bytes received and sent. With flow logs, administrators
can track and record accesses to the network, facilitating the availability and
security of the network.
examplecapture: https://wiki.wireshark.org/SampleCaptures#UserLog
Bug: 11878
Change-Id: If3b5ca75bdd6cd8dc12af4a35401c5a6aa193a73
Reviewed-on: https://code.wireshark.org/review/8148
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
packet-ositp.c is more complete and is what's used, so we don't need
packet-x224.c.
Change-Id: Id3409d7b2af0e4ecbc64c74bb6d1ed9ea8f31738
Reviewed-on: https://code.wireshark.org/review/13650
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not tied to the frame_data structure any more, so it belongs by
itself.
Clean up some #includes while we're at it; in particular, frame_data.h
doesn't use anything related to tvbuffs, so don't have it gratuitiously
include tvbuff.h.
Change-Id: Ic32922d4a3840bac47007c5d4c546b8842245e0c
Reviewed-on: https://code.wireshark.org/review/13518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
IPOS is the networking operating system used in
Ericsson's SSR 8000, Router 6000, and SP routers, etc..
This change added the IPOS kernel packet header dissector.
The change creates a new file for IPOS protocol named "packet-ipos.c".
IPOS will register sub dissectors with the dissect
table "sll_linux_dissector_table" for IPOS internal ethernet
packet types. IPOS dissector also calls the existing REDBACK
dissector.
Change-Id: I642b932010be6aa05314f21ea8596d1c45eacf5b
Reviewed-on: https://code.wireshark.org/review/13408
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Pump Configuration and Control
2. Fan Control
3. Dehumidification Control
4. Thermostat User Interface Configuration
Change-Id: I854f992a0c6e8a5714f308e97f30e7bc26fb73fc
Reviewed-on: https://code.wireshark.org/review/13102
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for Generic Framing Procedure. Generic Framing Procedure (GFP)
is used to map octet-aligned variable length payloads (e.g. Ethernet, MPLS,
octet-aligned PPP, IP) into octet-synchronous signals such as SONET/SDH
(ITU-T G.707) and OTN (ITU-T G.709). GFP is a telecommunications industry
standard defined in ITU-T G.7041/Y.1303.
(https://www.itu.int/rec/T-REC-G.7041/)
Bug: 11961
Change-Id: Idf5b311e82b051b1ee65bde5149b3de405537b02
Reviewed-on: https://code.wireshark.org/review/13043
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for IEEE-11073 32-bit FLOAT and 16 bit SFLOAT field types.
Use them in Bluetooth ATT dissector.
Change-Id: Ife0f3843da84a9af23483b0a0d9b69cd2f511d08
Reviewed-on: https://code.wireshark.org/review/12680
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This also moved color.h into color_filters.h
Change-Id: Ic19e27aa1b3ec67e764aa7ee8bbef7b1187bb12e
Reviewed-on: https://code.wireshark.org/review/12831
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ifc99c47e4bf8c03355f60ab508cd7f9b2fb249e4
Reviewed-on: https://code.wireshark.org/review/12776
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This dissector was mostly code-reviewed in a previous change:
https://code.wireshark.org/review/#/c/11305
But it had an issue with a pointer using a sequence number (8 Bytes).
This change is meant to correct that, as well as a small formatting
error I found in the text shown.
Change-Id: Ib7e27eb2734c46e970b99161bd04438b5675bde4
Reviewed-on: https://code.wireshark.org/review/12660
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Capture dissectors could be architected like dissection dissectors, with tables and subtables and possibly using tvbs to pass there data instead of raw byte arrays. This is a first step towards that by refactoring capture_info_packet() to work off of a "capture dissector table"
Registering the capture dissection functions instead of calling them directly also clears up a bunch of dissector header files who sole purpose was providing the capture dissection function definition.
Change-Id: I10e9b79e061f32d2572f009823601d4f048d37aa
Reviewed-on: https://code.wireshark.org/review/12581
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This dissector shows the information related to the RTI TCP Control
messages used to manage the TCP connections, but also dissects the
RTPS data that is sent on top of RTI TCP. This only happens with
RTI's DDS implementation.
Bug: 11640
Change-Id: I89fcb620256aeed7cae5829b70d92c6868d94929
Reviewed-on: https://code.wireshark.org/review/11305
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This reverts commit b56f53884b.
Sadly, we *do* get warnings at this point with older versions of Flex,
such as the one on the 32-bit OS X buildbot.
Change-Id: I9aec1a16e9f2e1bbcfaac3dffdabdd89af5815e3
Reviewed-on: https://code.wireshark.org/review/12443
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We shouldn't be getting warnings at this point.
Change-Id: I363a48546cb8d916425f42962ae1697d52ed9a29
Reviewed-on: https://code.wireshark.org/review/12436
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Developed by Emerson Industrial Automation (Control Techniques Division)
eCMP is a protocol for setting up and controlling the devices in a factory
automation system. eCMP has about 30 commands; most are embedded into TCP/IP
messages, but cyclic data messages use the UDP protocol.
Bug: 10562
Change-Id: I9a421f39dfbdbc9e28d8f7cba72c22e270064641
Reviewed-on: https://code.wireshark.org/review/3157
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use relative path names for the script names and mesa/xcbproto directories so
different paths (from different users) don't cause deltas.
Also, with help from Peter Wu and Graham, get generation of the X11 dissector
working from cmake.
Change-Id: I95cd2a0f973dcbc67f457ff94c28e46a666afb74
Reviewed-on: https://code.wireshark.org/review/12213
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Process it in libwiretap; no need to hand it to libwireshark for
dissection, it can just dissect the radio information pseudo-header with
the processed information.
Change-Id: I482697947eecbd3967cf1910ba2fa2bff805cd66
Reviewed-on: https://code.wireshark.org/review/12202
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Interval trees (wmem_itree_t) are implemented as an extension of wmem_tree with a
guint64-based range as the key.
This is useful for instance in MPTCP analysis, to look for packets
matching a range defined by a mapping across TCP subflows.
Change-Id: Iea706d44fe975e390a4191ad0257ef37d5c71525
Reviewed-on: https://code.wireshark.org/review/11714
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Put that dissector into its own file, and get handles for it from the
pcap and pcapng file dissectors. Put the value_string of pcap/pcapng
LINKTYPE_ values there, and have the pcap and pcapng file dissectors
import it.
Expand that table to include all LINKTYPE_ values in the current
libpcap.
Change-Id: I9397035efa5711e8a18a26e056d3b54494fd3148
Reviewed-on: https://code.wireshark.org/review/12000
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Id0c583eacbef01d9dbdb54c27893d44cc32d9a31
Reviewed-on: https://code.wireshark.org/review/11680
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is a dissector for the ISO14443 protocols between a contactless
smartcard and a card reader.
The overall approach is similar to DVB-CI. We have a pseudo-header in
front of the captured data that has information about the type of the
captured data and the direction.
For now, the dissector registers itself by name so it can be linked to a
user-DLT. I am applying for an official DLT.
Change-Id: I9c4a28ef5b220f205baf58381bf1962996887a9d
Reviewed-on: https://code.wireshark.org/review/11663
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a dissector for reading Sysdig event blocks. It only handles plain
events but it's usable for reading trace files on hand here.
Use a script to generate various parts of the dissector. As an experiment,
update parts in-place instead of using a template.
Ultimately there should probably be a top-level "Syscall" or "Event"
dissector alongside the "Frame" dissector, which could then call this.
You could then directly compare an executable's system calls alongside
its network traffic.
For now leverage the pcapng_block dissector and keep everything under
"Frame".
Next steps:
- Items listed at the top of packet-sysdig-event.c.
Change-Id: I17077e8d7f40d10a946d61189ebc077d81c4da37
Reviewed-on: https://code.wireshark.org/review/11103
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
See [MS-SWN], https://msdn.microsoft.com/en-us/library/hh536748.aspx
Change-Id: Ie92dad2c229ec08e7f7e31be9422450305b3908a
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-on: https://code.wireshark.org/review/11366
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Rename the color_dissector_filters.[ch] files to just
dissector_filters.[ch], and rename the routines not to include the
string "color_", as those filters can be used as color filters *or*
display filters.
Remove "color_" from other places where we're not doing colorization.
In the GTK+ code, combine the two loops that add menu items for filters
in the dissector-provided filters list into one.
Change-Id: I08ecccc6b1b1be675e4129a0589f36c9f240407c
Reviewed-on: https://code.wireshark.org/review/11379
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In the GTK, there was "colorize" (via context menu using color_dissector_filter.{c,h}) or "not colorize" (via main menu using dissector_filters.{c,h}). In Qt, you have the option to colorize (via context menu using color_dissector_filter.{c,h}) or not colorize (via main menu using color_dissector_filter.{c,h}).
Combine all into "colorize" and convert GTK to use color_dissector_filter.{c,h} in the "not colorize" main menu like Qt.
Change-Id: Ib3ca1c822f5f66ab5b812632d808f7905b328483
Reviewed-on: https://code.wireshark.org/review/11263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add "/WX" to the Visual C++ compiler flags if DISABLE_WERROR is off,
similar to config.nmake.
We haven't compiled C++ code with -Wshorten-64-to-32 for quite
some time so there's no need to add -Wno-shorten-64-to-32 in
ui/qt/CMakeLists.txt.
Additionally, squelch
----
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3050) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3065) : see reference to function template instantiation 'void std::_Median<_RanIt,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3127) : see reference to function template instantiation 'std::pair<_RanIt,_RanIt> std::_Unguarded_partition<_RanIt,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3157) : see reference to function template instantiation 'void std::_Sort<_Iter,int,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Diff,_Pr)' being compiled
with
[
_Iter=QList<QString>::iterator
, _RanIt=QList<QString>::iterator
, _Diff=int
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
.\rpc_service_response_time_dialog.cpp(130) : see reference to function template instantiation 'void std::sort<QList<QString>::iterator,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3051) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3052) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3053) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
----
in both rpc_service_response_time_dialog.cpp and wireshark_application.cpp
so that we'll compile successfully.
Change-Id: I457bcede99dcb1f3c1001f1f559c4901bb000357
Reviewed-on: https://code.wireshark.org/review/10533
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Neighborhood Watch Protocol (NWP) is an XIA protocol for resolving network
addresses to link-layer addresses. Hosts on a LAN send NWP Announcement
packets with their host identifiers (HIDs), and neighbors in the LAN respond
with NWP Neighbor List packets containing their HIDs and associated link-layer
addresses.
Bug: 11492
Change-Id: Ib1e801474b1aa72f5dd3d8303eeec36b96ee0a99
Reviewed-on: https://code.wireshark.org/review/10316
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add DIRTY_CORBA_IDL_DISSECTOR_SRC back to our various makefiles and move
packet-cosnaming.c back to it.
Change-Id: I2f0427ad47bf0e2f166577608da7f5feaf848a48
Reviewed-on: https://code.wireshark.org/review/10691
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It looks like "items" could have contributed to fields/data being at an incorrect level off of a tree.
Change-Id: I93616ef8b6b364c578f989882045dee42cb6d3c3
Reviewed-on: https://code.wireshark.org/review/8558
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TCPROS is a transport layer for ROS Messages and Services.
It uses standard TCP/IP sockets for transporting message data.
Inbound connections are received via a TCP Server Socket with a header containing message data type and routing information.
For more information, see: http://wiki.ros.org/ROS/TCPROS
Bug: 11404
Change-Id: If8810dbb2cb6d6522eb035fd0fa1cf49933bad3d
Reviewed-on: https://code.wireshark.org/review/9807
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added a new relational test: 'x in {a b c}'. The only LHS entity
supported at this time is a field. The generated DFVM operations are
equivalent to an OR'ed series of =='s, but with the redundant existence
tests removed.
Change-Id: Iddc89b81cf7ad6319aef1a2a94f93314cb721a8a
Reviewed-on: https://code.wireshark.org/review/10246
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Serval is a service-centric architecture that has been ported to XIA to
allow applications to communicate using service names. This change adds
a dissector for XIP Serval, which sits between layers 3 and 4, and
also amends the XIP dissector to be able to invoke it.
Bug: 11491
Change-Id: I11299ddbd0fb9eaf8728f8b3fde2a63656963114
Reviewed-on: https://code.wireshark.org/review/10315
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This adds a dissector Concise Binary Object Representation (CBOR) (RFC 7049).
CBOR is a binary data format designed for implementations with small
code size as used in the IoT. It uses a structure similar to JSON, but
encodes the data in binary format. This is used on top of CoAP for
example.
Change-Id: I9d7b7d4f7609c899bfc68250cdfebd5dc64e0402
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/9848
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
They have educational values and can be used to debugging some issues.
Now Wireshark can open three files (BTSNOOP, PCAP, PCAPNG)
in two modes: Capture (Traditional) and File-Format.
Change-Id: I833b2464d11864f170923dc989a1925d3d217943
Reviewed-on: https://code.wireshark.org/review/10089
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The CMake dumpbabi targets collectively copy over 800 files. Do
that when when we build the actual targets instead of at configure
time. Hopefully this will speed up initial CMake runs.
Change-Id: I6e4d691e24c73ea05d638a0f897f570541c84e38
Reviewed-on: https://code.wireshark.org/review/10052
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This changeset is a forward port of Gregors ms-wsp branch from his
repo http://repo.or.cz/w/wireshark-wip.git. Most of the messages of
the MS-WSP protocol are implemented here and as such consists of the
majority of the changes for the dissector.
In addition to the forward porting Gregors work I added some extra bits
1) cater for SMB2 Read Response and Write Request msgs that can also
contain MSWSP messages
2) update property specifications with info extracted from MS-WSP protocol
doc
3) store some basic data about previously seen messages that are needed
for dissecting CPMGetRows request
4) expand/update dissect_CPMSetBindings & parse_CTableColumn routines
5) parse and store CTableColumn & CPMSetBindingsIn structures in conversation
related data for use later.
6) fully dissect/parse SeekDesciption of CPMGetRowsOut
7) dissect CPMGetRows out message specifically the Rows & Columns
8) flesh out the boolean properties of uBooleanOptions field
9) flesh out various other dissectors:
CPMRatioFinished
CPMRestartPosition
CPMCompareBmkIn/CPMCompareBmkOut
CPMGetApproximatePosition
CPMGetSendNotifyOut
FindIndicesIn/Out
FetchValue
Bug: 11321
Change-Id: I68b5c2f3e63874c1dbb271feab89b2b8aa65ac39
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9440
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The eXpressive Internet Protocol (XIP) is the network layer
protocol for the eXpressive Internet Architecture (XIA), a
future Internet architecture project. The addresses in XIP are
directed acyclic graphs, so much of the code included in this
addition verifies the correctness of the DAGs and displays them
in human-readable form.
Bug: 11265
Change-Id: I948aaa73b927f8afc162d89689d184c5657f60b1
Reviewed-on: https://code.wireshark.org/review/8881
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
BTSNOOP format is supported by libwiretap and this dissector add
ability to open the same file in second mode:
1. Wireshark aka Protocol Viewer (default)
2. Fileshark aka File Viewer
Mode 2 also has feature to dissect protocols contained by this file,
try "Protocol Preferences -> Dissect next layer".
Change-Id: I99f0df5b55d31bf5a7d6e9269bfc054c09022b51
Reviewed-on: https://code.wireshark.org/review/17
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename ext_menubar to a more appropriate plugin_if.
External menus can be implemented by plugins to present
additional menus for deep-packet analysis. One side-effect
of such menus being implemented as plugins is, that they
are being executed in different threads and therefore can
only use limited access to the main GUI. Also, there is
no safe cross-gui (GTK and Qt) way for many features.
This patch implements a first functionality, by which a
plugin implemented using ext_menubar can apply a display
filter to the main view.
For now the implementation supports filtering, as well as
saving a preference.
Change-Id: Iffe4caa954bbeb8ce356352de4dae348a50efba9
Reviewed-on: https://code.wireshark.org/review/8773
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Very similar to the refactoring of SRT stats, it provides more commonality of the stats for all GUI interfaces. Currently implemented for TShark and GTK. Affected dissectors: MEGACO, MGCP, Radius
Change-Id: Icb73a7e603dc3502b39bf696227fcaae37d4ed21
Reviewed-on: https://code.wireshark.org/review/8998
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Create "common" SRT tap data collection intended for all GUIs. Refactor/merge functionality of existing dissectors that have SRT support (AFP, DCERPC, Diameter, FC, GTP, LDAP, NCP, RPC, SCIS, SMB, and SMB2) for both TShark and GTK.
SMB and DCERPC "tap packet filtering" were different between TShark and GTK, so I went with GTK filter logic.
CAMEL "tap packet filtering" was different between TShark and GTK, so GTK filtering logic was pushed to the dissector and the TShark tap was left alone.
Change-Id: I7d6eaad0673fe628ef337f9165d7ed94f4a5e1cc
Reviewed-on: https://code.wireshark.org/review/8894
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add the wireless toolbar to the Qt UI.
Start adding AirPcap support to ui/80211_utils. Add FCS validation
routines to ws80211_utils.
Move a bunch of AirPcap routines that require epan from caputils to
ui/gtk. They were required for driver key management, which we'll
leave to the AirPcap Control Panel in the Qt UI.
Move frequency-utils to wsutil.
Change-Id: I44446758046621d183f5c2ba9f6526bf01e084f1
Reviewed-on: https://code.wireshark.org/review/8910
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add support for RPCoRDMA and as a result support NFSoRDMA protocol
Bug:11251
Change-Id: I1a4af1b4e6b344224f5ce0efa77d7dbfca8aae46
Signed-off-by: Slava Shwartsman <slavash@mellanox.com>
Signed-off-by: Yan Burman <yanb@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/8758
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Implements dissection for the Performance Co-Pilot proxy protocol. Its a
simple protocol that exchanges host and port information and then passes
all traffic via the usual PCP protocol.
Change-Id: I54fbf6b7755b7b1c60e0e1696ac9c4f0d98d8fe7
Reviewed-on: https://code.wireshark.org/review/8704
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 2771
Change-Id: Ic2904c981a182be5859c3840025e7ffa9ea387ed
Reviewed-on: https://code.wireshark.org/review/8501
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Need to have packet-gias.c in the DIRTY_CORBA_IDL_DISSECTOR_SRC grouping to work around the warnings still generated.
Change-Id: I08ea1f7d90577cc112b85e7fc00171827f58d6d2
Reviewed-on: https://code.wireshark.org/review/8266
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 11063
Change-Id: I3daa9e6a75e52df1587678bd78f42e4e46fe4509
Reviewed-on: https://code.wireshark.org/review/7557
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A Corba (GIOP) based protocol for the exchange of Intelligence, Surveillance
and Reconnaissance (ISR) products.
Defined in STANAG 4559/AEDP-5 "NATO Standard ISR Library Interface (NSILI)"
See http://www.nato.int/structur/ac/224/standard/4559/4559.htm for more
information.
The dissector is generated using idl2wrs using the gias.idl, with some
manual corrections, as noted in README.gias.
Patch Set 4: Initialise uninitialised variables and no longer mark them as
unused.
Change-Id: Ieae93a135b30078f2d34e66f8c7b2e476438224e
Reviewed-on: https://code.wireshark.org/review/7965
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Plugins may utilize the tap interface to provide special tools
or analysis options, not otherwise available in Wireshark, or
perhaps not allowed to be distributed freely. Up until now, those
tools either had to start automatically, or could not be started
at all, or had to be started separately.
It should be possible, that those tools may be started using a
menu entry directly from Wireshark. This interface tries to achieve
exactly that.
This interface uses a clean interface, which can be implemented in
any plugin or dissector. Documentation for this has been added to
README.plugins.
Separators are only supported for now in the Qt interface, but
URLs can now be added as a simple item, and the UI will use the
same methods used for other URL calls to open them.
Change-Id: I170107dafb66f6badaa864d05a9091e5cbbf52c2
Reviewed-on: https://code.wireshark.org/review/7865
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 5553
Change-Id: If297036b6d7a7afe163d97b05bc4a319d6cf2e97
Reviewed-on: https://code.wireshark.org/review/7949
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a "test-programs" target to each toolchain which builds each unit
test executable. "test-programs" must now be built before running
the unit test suite.
Change-Id: I9317a1e305d987f244c4bd8b4a7f05d11fed7090
Reviewed-on: https://code.wireshark.org/review/7673
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Process wslua/CMakeLists.txt using add_subdirectory instead of
include. Generate files in the build directory instead of the source
directory.
Copy lua scripts to DATAFILE_DIR instead of DATAFILE_DIR/lua. That's
where init.lua looks for console.lua.
Always set WIRESHARK_RUN_FROM_BUILD_DIRECTORY when testing. We
presumably want to test our source files and not files which may or
may not be in the system path.
When we're running from the build directory look for lua scripts in both
the Autotools and CMake build locations.
Change-Id: Ic15ab8c58ff1b170d000c9b3e0a329af2ec44b7b
Reviewed-on: https://code.wireshark.org/review/7590
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Took the original patch from bug 5116 and made the dissector "human readable".
Bug: 5116
Change-Id: Ic5cc35f919865bc84ee8a3d0589f498ef13e8f6f
Signed-off-by: Michael Mann <mmann78@netscape.net>
Signed-off-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-on: https://code.wireshark.org/review/7605
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
packet-nbt.c handles all of NetBIOS-over-TCP, not just the name service;
the file name is historical.
Change-Id: I333d331fd9453cea8d1d7595b4fd2650f0a92e98
Reviewed-on: https://code.wireshark.org/review/7259
Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Support per draft-ietf-grow-bmp-07
Change-Id: Iadb833157e7832077429c048e28e9814da29e2c6
Reviewed-on: https://code.wireshark.org/review/7192
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Put them into separate CORBA_IDL_ variables, to keep the two types of
generated dissectors separate.
Change-Id: I4eb091a76ba5bc7d73533ef38fb29adc12a8ec42
Reviewed-on: https://code.wireshark.org/review/7250
Reviewed-by: Guy Harris <guy@alum.mit.edu>
... with some changes from Jeff Morriss:
- Change how SSTP is "registered": rather than trying something complicated,
just put the intelligence for recognizing SSTP into the HTTP dissector.
(This does mean the SSTP dissector needs to do its own desegmentation now
but it makes things much cleaner.)
- Use proto_tree_add_subtree_format() instead of proto_tree_add_text() +
proto_item_add_subtree().
- The messagetype is 16 bits, use tvb_get_guint16() instead of tvb_get_guint8()
(fixes COL_INFO display)
- A few other few misc. cleanups
(I didn't update NEWS because I can no longer build NEWS without adding UTF8
fancy quotes and so forth.)
Bug: 8239
Change-Id: I3631ae65f67bea69815ccf43472fdbcac3ca3499
Reviewed-on: https://code.wireshark.org/review/7227
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
libjsmn has also been moved from epan/ to wsutil/ to make it visible from wiretap.
Change-Id: I59abb3419acb1baa83194b38152d3651ed5c123c
Bug: 10878
Reviewed-on: https://code.wireshark.org/review/6716
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Some or all are used by the Infiniband, MBIM, and RSVD dissectors; put
them into a common source file, with a header for them, and just include
the header in the dissectors.
Change-Id: I724f0c2232ba751ccbd491222af6f03bafd6d63c
Reviewed-on: https://code.wireshark.org/review/7182
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There is still a little more work to do here, especially we should call the
SCSI dissector for handling SCSI CDBs etc ...
This is a potential fix for bug 10913.
Ping-Bug: 10913.
Change-Id: Ia8ff1a8207bb5b1cd18079086ff8c472ae3f8736
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/7022
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This allows for even more cleanup with respect to how address types are handled, including removing address_to_str.c. Most of the functionality was folded into address_types.c, but the remainder was just dispersed because it didn't make sense to keep the file.
Change-Id: Id4e9391f0c3c26eff8c27b362e4f7a1970d718b4
Reviewed-on: https://code.wireshark.org/review/7038
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Now address types are setup just like field types and must be registered with a structure that provides its string representation (and more things in the future). Address types that are limited to a single dissector are registered by the dissector. More "common" ones are globally registered. There are still a few that really belong in a dissector, but have other dependencies currently not accounted for in the address type support.
Many of the "address to string" conversions that involved g_sprintf have be changed to use more "performance friendly" methods (some at the cost of needing to_str-int.h)
Leaving all comments regarding this "solution" in address_to_str.c in until all have been implemented
Change-Id: I494f413e016b22859c44675def11135f228796e0
Reviewed-on: https://code.wireshark.org/review/7019
Reviewed-by: Michael Mann <mmann78@netscape.net>
no ethertype 0x8203-0x8205 support in trunk.
0x8204 is QNX OS VER 6's qnet ethernet protocol number.
Bug:3934
Change-Id: I52555b568c3a304f1512fe25f949330b46f49a93
Reviewed-on: https://code.wireshark.org/review/6363
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Iddd1200e62bf3200cb1a68408378dd9d47120b77
Reviewed-on: https://code.wireshark.org/review/6939
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I19b2a1b19e1e77a6456e2310daf64ddff572b0d2
Reviewed-on: https://code.wireshark.org/review/6788
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
While it does make packet-sigcomp.c much bigger, there's no reason for it to be in epan directory.
Change-Id: I2d78c32de1d56e76578e610d4df586b5610d1b49
Reviewed-on: https://code.wireshark.org/review/6682
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
To check if a payload is json, the library libjsmn has been added to the source tree, with its licence (MIT).
TODO: the libjsmn can be used to extract tokens in the standard dissection other than heurisitic part.
HPFEEDS dissector has also been changed in order to leverage the new json dissector.
Bug: 10834
Change-Id: Ib1df2a699982dbdd2b5418e97edbdb5cbd9c8978
Reviewed-on: https://code.wireshark.org/review/6350
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
this is a protocol between payment terminals and
electronic cash-register systems / vending machines
Change-Id: Ieac87c0af8e15f2dfe8b4a6274f3b56d652a5b1f
Reviewed-on: https://code.wireshark.org/review/6531
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
CMake now generates local copies of .rc files for all the Windows
components and uses the files in the build of the components.
The .rc.in files that include an icon were modified to allow the icon
path to be set by CMake. The path is removed for nmake builds.
Updated build architecture detection, required for wireshark.manifest.in
Change-Id: I7b1ff43050e9b0efb861d1041636fb4aef49a4f8
Reviewed-on: https://code.wireshark.org/review/6482
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Since those command/events are vendor specific and proprietary
not all commands/events are implemented. All implemented commands can be
found in Open Source implementations for Broadcom chip. If you found more,
please let me know.
Change-Id: Ie68d3737c88a8cef39260a9d93192cfc81871d6c
Reviewed-on: https://code.wireshark.org/review/6406
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
The functionality was suiting for address_to_str.c and the #defines belong in packet-atalk.h. Kept the address structure with the "address string conversion", but that can probably be better cleaned up when the address to str as a whole is cleaned up.
Would also consider making AT_ATALK an FT_ type as well.
Change-Id: Ia534096c707e6fb94acdfee0d332beda6571c371
Reviewed-on: https://code.wireshark.org/review/6417
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move capchild, caputils, codecs and wsutil into a Libs group
Move gtkui into UI group
Move update-sminmpec into tools group
Change-Id: Iaf2bfe4697265af2c3ed9c9d7de2d5d1ef3cafee
Reviewed-on: https://code.wireshark.org/review/6332
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
Bluetooth dissector is used to add ability to filter all bluetooth
payload from capture files (there are many transport like:
hci_h4, hci_h1, hci_usb, hci_mon, btle). Also it is used to placeholder for
all data tree used to store additional informations like bd_addrs, names, etc.
Finally it is used to be one point for Bluetooth
Endpoints/Conversation filtering what is enabled now.
Also add Master/Slave Role and Connection Mode tracking.
Change-Id: I67048080fb8ee16fa0f4ec429c1257de81ddd737
Reviewed-on: https://code.wireshark.org/review/5771
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Removed attrID and cmdID ZCL cluster functions.
Bug in ZCL HVAC attribute registration.
Fixed bug in ZCL command ID field registration.
Update Manufacturer Codes and Profile Ids to ZigBee-053874r26 Oct 2014
Fixed broken fragmented ZigBee packet collection and reassembly
Use protocol fields for Thermostat schedule transitions.
Added support for Key Establishment Cluster (CBKE) at SE 1.2a
Updated Message cluster to SE 1.2a spec
Added attribute reporting status which is common to all SE 1.2a clusters
Added SE 1.2a tunnel cluster support
ZigBee Smart Energy (SE) decryption appears to have been broken for some time. For SE you do not know the Link Key until after successful completion of Key Establishment and then manually enter it into preferences. Entry in preferences was broken such that when the new Link Key was entered all existing link keys would be lost. This lead to the loss of the Network Key as well when the Transport Key message was re-processed without the Pre-Configured Link Key. The Link Key 'key ring' has been moved to the UAT post-update callback so that it will always be updated correctly after changes to the link keys in preferences
The attribute reporting status attribute which is common to all SE clusters was accidentally shared, now each cluster has it's own instance
ZigBee security added key display for decrypted packets
ZigBee Security Preferences fixed UAT type for Label so key label is editable again
Added definition for Retail Service profile
Added dissection for profile-wide (General Command Frame) commands when the profile is unknown
Added zbee-zcl-misc.c to precommit check whitelist as it contains ias and hvac clusters avoiding proliferation of too many small files
Change-Id: I53d85ba9d782db6a0e7e78c51b0bc7cdcdbca3ad
Reviewed-on: https://code.wireshark.org/review/5565
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use by MACSec
Change-Id: I27eee40ddc476435aecd57711c1b3597c2049901
Reviewed-on: https://code.wireshark.org/review/5751
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Have dissectors register their desire to be part of "color" conversation filters and have the GUI use that registered list. GUI actually using API will come in a separate commit.
Change-Id: I5ffe922d97894fe7bf3182056b76ab5839a9461a
Reviewed-on: https://code.wireshark.org/review/5658
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add Telephony menu items for VoIP Calls and SIP Flows. Put VoIP Calls at
the top, since that seems to be the primary item.
Add configure-time checks for QtMultimediaWidgets in anticipation of
adding a VoIP playback dialog.
Add an icon for the playback button. (Yes, I've been avoiding
GNOME-level gratuitous icons so far but this is one of the rare
occiasions where it makes sense.)
Add a help link define for the VoIP calls dialog.
Change-Id: I5d0799685c598ad9af76fe9667f8ea7d14b66050
Reviewed-on: https://code.wireshark.org/review/5674
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
no ethertype 0x8203-0x8205 support in trunk.
0x8204 is QNX OS VER 6's qnet ethernet protocol number.
Bug:3934
Change-Id: I5f3e910876bb7fb86de2111f856d026fdf220917
Reviewed-on: https://code.wireshark.org/review/2954
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
RFC draft http://www.ietf.org/id/draft-fox-tcpm-shared-memory-rdma-05.txt
used as reference for packet dissection.
A small change was made to packet-infiniband, to add the Queue Number to the
info column. This allows for easy indentification of session traffic for a
particular QP.
Also: infiniband: tvb_length() --> tvb_captured_length()
Bug: 10715
Change-Id: I774ceffaa5c271cb6a28ab4ed21e53cd42f2547b
Reviewed-on: https://code.wireshark.org/review/5386
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Put the low-level print stream code from epan/print.c into
epan/print_stream.c, leaving the higher-level stuff in print.c
Change-Id: Iae961f168ec655a29f434257b1af0937fca9f025
Reviewed-on: https://code.wireshark.org/review/5436
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The intent is to handle more than just command-line arguments; reflect that.
Change-Id: Ia10efda85a9d11c6579d1bec6f789cee30d9e825
Reviewed-on: https://code.wireshark.org/review/5304
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Provides dissection for the elasticsearch protocol. This includes full
dissection of the multicast discovery protocol, the HTTP query interface
and partial dissection of the binary protocol.
Change-Id: I738fb498976e44fa05168c2bc3a7e842a9e96df9
Reviewed-on: https://code.wireshark.org/review/4948
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
For the moment there is only the lzxpress compression used by DRS
Bug: 10546
Change-Id: Ifc7e1767934224c0198f0b09caa3efbad979ca1f
Reviewed-on: https://code.wireshark.org/review/4600
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Include new Couchbase Server 3.0 DCP support
Change-Id: I38d0edd7d135a92c130a60dab650aef0ab1205be
Reviewed-on: https://code.wireshark.org/review/2956
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previoulsy added "adb_cs" is only for adb client <-> adb daemon communication
by loopback interface (by TCP). But there is also communication between
adb daemon and device (by TCP or USB). This transport protocol is different, but
now support is done.
ADB services are shared between ADB and ADB_CS so put them into "adb_service"
dissector. There is still some services to be added.
Change-Id: I754331d3dc6ccf3c17445f5563d01cf2fe1489c7
Reviewed-on: https://code.wireshark.org/review/4651
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Bug: 10534
Change-Id: Id56008da0c21a5f3a0309cdf21aff287c7820dcf
Reviewed-on: https://code.wireshark.org/review/4372
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 8673
Change-Id: I4e8270c76291d6ea0e0187f00a342804275f2c11
Reviewed-on: https://code.wireshark.org/review/4547
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
x11 dissector don't have longer warning !
and fix different between Autotools and CMake (about gsm_a_common dissector)
Change-Id: Id9da62d84b8b0bb4b0ed5d8fc62abba4e2442ed2
Reviewed-on: https://code.wireshark.org/review/4621
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Now mapi and drsuapi build without warning !
Change-Id: Iae19af2fd06fd998a13696ba2adf6cd12d311f58
Reviewed-on: https://code.wireshark.org/review/4619
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
draft-kouvelas-lisp-rloc-membership-00 specifies 9 new LISP control
message types using TCP transport instead of UDP (which is used by all
existing messages). These new messages are related to each other and
are used to exchange RLOC membership information between a tunnel router
and a map server.
Bug: 10494
Change-Id: I129f0d6344693092bd5d0efb06b025e89fd26bf2
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/4253
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Fix -Wunused-function (Add functions to mdssvc.cnf with NOEMIT)
* Remove dissector DCERPC mdssvc from DIRTY list
Change-Id: Ic097b0067a44fcfd9298ace1abeb7ca8f0daf00b
Reviewed-on: https://code.wireshark.org/review/4346
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Fix -Wunused-function (Add functions to lsa.cnf with NOEMIT)
* Remove also some MANUAL function (no unused too..)
* Remove dissector DCERPC lsa from DIRTY list
Change-Id: I7b7f924f244757207f378b8650b8dd30e739da08
Reviewed-on: https://code.wireshark.org/review/4325
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris