Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Move some text from README.qt to the Developer's Guide. Add an overview.
Change-Id: Ia20ed837939e34871b157566c38cd0c6e590bc38
Reviewed-on: https://code.wireshark.org/review/7087
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change name from proto_tree_add_new_bytes to
proto_tree_add_bytes_with_length and other tweaks
pointed by Peter Wu.
Change-Id: I6058c28a74a154e2882e4eb04558bedcede6f508
Reviewed-on: https://code.wireshark.org/review/7039
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Remove emem's 8-byte-memory-alignment configure check as well as references
to all the environment variables emem used.
Change-Id: I897aec9e9c68e064454561e7a9f066b18892ec66
Reviewed-on: https://code.wireshark.org/review/6950
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Iddd1200e62bf3200cb1a68408378dd9d47120b77
Reviewed-on: https://code.wireshark.org/review/6939
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
frame_data has long been gone. struct _packet_info is the same as
packet_info, just use that for brevity.
Change-Id: Ieb02bf6b642d728a7f80087f5cd750b9691e34e9
Reviewed-on: https://code.wireshark.org/review/6865
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add address_to_qstring and address_to_display_qstring, which wrap
address_to_string and address_to_display respectively and return
QStrings. Convert most of the instances in ui/qt to the new routines.
Fix a some memory leaks in the process.
Change-Id: Icda80bbfe0b2df723d54c8da84355255f819af89
Reviewed-on: https://code.wireshark.org/review/6848
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
Change-Id: I256fd5395b062fa954ebd60598721323ea1d7ff1
Bug: 10875
Reviewed-on: https://code.wireshark.org/review/6713
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Lua-created tvbuffs should be kept around for the duration of pinfo's
lifetime, instead of only for the duration of frame dissection. So
instead of using the frame dissector's frame_end_routine, we'll register
a callback to wmem for pinfo pool's allocator.
Bug: 10888
Change-Id: I3e9db671c3f2a7cab9e258aca17f3be8acaf2417
Reviewed-on: https://code.wireshark.org/review/6768
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
I.e., you don't need a trailing blank, at least not with the current
version (and there shouldn't be a requirement for such an extra trailing
blank).
Change-Id: Ia2b732c74fc6020acc01a2c0c52ed3567d36d762
Reviewed-on: https://code.wireshark.org/review/6575
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There's no requirement for "display" field values to have names
beginning with BASE_; use SEP_, to indicate that they're separators.
(And, yes, we should introduce SEP_NONE, with a value of 0, and use it.)
While we're at it, fix BASE_SEMICOLON - the separator is a colon, not a
semicolon - and document SEP_SPACE in doc/README.dissector.
Change-Id: I856aafda2c60b8320dffe287f0deb06a9604a2bf
Reviewed-on: https://code.wireshark.org/review/6486
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I4a803d83844d937804849b2ad3b067381c9b96d0
Reviewed-on: https://code.wireshark.org/review/6448
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There isn't a legitimate use for the API, all cases can be covered with proto_tree_add_item. As a bonus, a few more tvb_get_ptr calls can be removed.
Change-Id: I3bb86ba8f05ef3363407bcfe9b059ee27ebc135d
Reviewed-on: https://code.wireshark.org/review/6429
Reviewed-by: Michael Mann <mmann78@netscape.net>
This affects both the dissector (that has been added with a tap interface and a stats generator) and the UI (to recall the stats menu).
Change-Id: I90658f7aa6707aa39bdd787a51b20fed4dbddc53
Reviewed-on: https://code.wireshark.org/review/6236
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter.
Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type.
Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values.
Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9
Reviewed-on: https://code.wireshark.org/review/6098
Reviewed-by: Michael Mann <mmann78@netscape.net>
"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector.
Change-Id: If34bcb5165b493948e784ba038ab202803a59843
Reviewed-on: https://code.wireshark.org/review/6154
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
-z "follow,udp" tshark cli command now supports a stream index
It is now possible to select the UDP stream displayed in Qt GUI (like for TCP)
Change-Id: Ia367f36ea4f60db0fddb997a7e0903c09e172f2d
Reviewed-on: https://code.wireshark.org/review/6083
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Also, convert the "string" hf_ entries that used tvb_fcwwn_to_str as a string to use proto_tree_add_item with FT_FCWWN type.
Change-Id: I4ca77870499fd8239584a70874998b5d194a7167
Reviewed-on: https://code.wireshark.org/review/6036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- packet.h should be first Wireshark #include
after config.h and "system" includes.
- '#include <glib.h>' not needed.
Change-Id: Ibec076818f3f509aabb4d240e939ef719f3798d6
Reviewed-on: https://code.wireshark.org/review/5939
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Go back to a single view similar to the GTK+ UI. Apply layouts using Qt
Designer.
Rename the menu item and class to "Capture File Properties". It's not
really a summary if it contains details such as "marked average bits
per second". We might want to move this to a "Properties" item under
the "File" menu similar to other applications.
Add the GTK+ summary icon (for now) to the toolbar and open the
properties dialog on clicking.
Singleton dialogs delenda est[1]. Let the user open as many summaries on
as many capture files as he or she wishes. Also, global cfile delenda
est[2].
Don't blindly include QtGui. Add specific components instead.
Use consistent method names, variable names, and patterns. Try to
document what "consistent" means.
Adjust the way we display some statistics to match the summary bar, e.g.
displayed = captured if we don't have a filter applied.
[1] Not really.
[2] Yes, really.
Change-Id: I11793b1d79dd0c3f70414ac8592b86181da59916
Reviewed-on: https://code.wireshark.org/review/5274
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Specifically: show the use of tcp_dissect_pdus()
for a TCP heuristic dissector
Change-Id: I02f184b2c8ef6ed128ef3d0bc59eed759aae54bb
Reviewed-on: https://code.wireshark.org/review/5399
Reviewed-by: Bill Meier <wmeier@newsguy.com>
That list doesn't show the entries in the dissector tables, just
information about the tables themselves.
Clean up some tshark man page issues while we're at it.
Change-Id: I70beee34110f5c0d58105944dd71105a8400f5ca
Reviewed-on: https://code.wireshark.org/review/5360
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- get language as soon as possible (before creating any Qt objects) to make all
translations working
- dynamic list of supported languages
- runtime change of GUI language (no need to restart application)
- add flags icons support
- search for *.qm languages in buildin resources, then
data dir called "languages" (main directory in sources or
/usr/share/wireshark/languages), then user directory
(UNIX: ~/.wireshark/languages); "languages" directory should contains
files wireshark_xx.qm where xx is language code (en, en_GB, etc.),
and optional xx.svg for flag icon
- try to fix some untranslated manually-created UI items
(need manual reset text of those components)
Change-Id: I62ca8a8cddce47cec9dbcad6b0bd68b6cfd92229
Reviewed-on: https://code.wireshark.org/review/5041
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
- If boolflags are being used, an extra space is added
to the call of the extcap filter. This leads to the
argumentparser of python to exit with an error-code,
and the extcap filter will not start. This patch instead
catches the unknown arguments and prints them on stdout,
as well as running the dissection with the rest of the
arguments list.
Basically this is a work-around, for a behaviour not
yet fixed in extcap, but it stabilizes the usage of the demo
Change-Id: I7589292692b0b3c839909fd09d62a4714cbe869e
Reviewed-on: https://code.wireshark.org/review/4638
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
There are protocols out there that have 64-bit wide bit mask fields, so
make the internal representation and bitfield decoders 64-bit aware.
For this, the ws_ctz() fallback and bits_count_ones() have to be tweaked
slightly.
Change-Id: I19237b954a69c9e6c55864f281993c1e8731a233
Reviewed-on: https://code.wireshark.org/review/4158
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There is regular expression that extracts only the number from
--extcap-interface argument and only that number (as string) is being
passed to extcap_dlts().
Change-Id: I5159f9405a766c1edff792213b2aef72b9a29ba4
Reviewed-on: https://code.wireshark.org/review/4550
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Description:
Ignore the specified bytes number at the beginning of the frame during MD5 hash calculation.
Useful to remove duplicated packets taken on several routers or SW(differents mac addresses for example).
e.g. -I 26 in case of Ether/IP/ will ignore ether(14) and IP header(20 - 4(src ip) - 4(dst ip)).
The default value is 0.
This option is only relevant when used with -d|-D|-w
Bug: 8511
Change-Id: I009a09d32778a182b2d88f372651f658a4938882
Reviewed-on: https://code.wireshark.org/review/4104
Tested-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
documents referring to the split out sections.
Remove trailing whitespace while at this.
Change-Id: I36cfe0ac55e8f653bffbf850e01f582aacf85557
Reviewed-on: https://code.wireshark.org/review/4094
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Make sure the Qt UI is named "Wireshark" and its executable is named
"wireshark" or "wireshark.exe". Make sure the GTK+ UI is named
"Wireshark 1" or "Wireshark (GTK+)" depending on how much the target
audience is likely to care about UI toolkits. Make sure the GTK+
executable is named "wireshark-gtk" or "wireshark-gtk.exe".
It looks like moving to Qt 5.3 (g978faf3) broke the PortableApps
package. It's likely even more broken now.
Autotools out-of-tree builds also broke on Ubuntu 12.02 (automake
1.11.3) at some point. The first attempt to compile in ui/qt returns
"error: source_file.cpp: No such file or directory". The second attempt
works. Out-of-tree builds work fine on Ubuntu 14.04 (automake 1.14.1).
Tested:
- Nmake builds
- NSIS packaging
- CMake builds (Windows, OS X)
- Autotools build and distcheck
- RPM packaging
To do:
- Test Debian packaging
- Fix PortableApps
Change-Id: I66429870e05fd2d6fc901942477959ed6164fce2
Reviewed-on: https://code.wireshark.org/review/3919
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Convert QTableWidget to QTreeWidget.
It looks like the GTK+ version has a separate set of apply/save buttons
for each tab which *only* operates on that tab. This can result unexpected
behavior which throws away changes if the user updates more than one
tab. Use a single "OK" button that applies all of our changes instead.
Reorder the tabs. Put Local Interfaces first and select it by default.
Always show Remote Interfaces. Disable it on platforms that don't have
PCAP_REMOTE.
Automatically start editing when we add a new pipe. Don't immediately
update pipe interface settings. Wait until we hit "OK" instead.
Rename NewFileDelegate to PathChooserDelegate. Note that we might want
to move it use it elsewhere in the application.
Try switching the user-facing terminology from "Hide" to the more
positive "Show".
Tell the user that we don't save pipe or remote interface settings.
Add a help URL for the "Manage Interfaces" dialog box.
Use the GLib and Qt string functions and classes to split and join
comma-separated preferences. This makes sure capture_dev_user_descr_find
doesn't skip over the first interface. It also keeps the Qt code from
adding a leading comma to our capture preferences.
Add a note about strings to README.qt. Summary: Use QStrings.
For another day:
- If we *do* save remote settings we need to store credentials securely,
e.g. with CryptProtectData.
- Get rid of the remote settings dialogs. Their controls should fit in the
remote settings tab.
- Add an extcap tab.
- We need getter/setter functions for global_capture_opts.all_ifaces. We
iterate over it *way* too much.
Change-Id: Ib7b61972f3ece4325e0230f725e7f2678acbb24b
Reviewed-on: https://code.wireshark.org/review/3873
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
(This change needs to be approved Roland Knall--by the file's author--in
Gerrit.)
Change-Id: I58285cb1d773a57fe7d087799bf6d2ffbd962364
Reviewed-on: https://code.wireshark.org/review/3773
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Extcap is a plugin interface, which allows for the usage
of external capture interfaces via pipes using a predefined
configuration language which results in a graphical gui.
This implementation seeks for a generic implementation,
which results in a seamless integration with the current
system, and does add all external interfaces as simple
interfaces.
Windows Note: Due to limitations with GTK and Windows,
a gspawn-winXX-helper.exe, respective gspawn-winXX-helper-console.exe
is needed, which is part of any GTK windows installation.
The default installation directory from the build is an extcap
subdirectory underneath the run directory. The folder used by
extcap may be viewed in the folders tab of the about dialog.
The default installation directory for extcap plugins with
a pre-build or installer version of wireshark is the extcap
subdirectory underneath the main wireshark directory.
For more information see:
http://youtu.be/Nn84T506SwU
bug #9009
Also take a look in doc/extcap_example.py for a Python-example
and in extcap.pod for the arguments grammer.
Todo:
- Integrate with Qt - currently no GUI is generated, but
the interfaces are still usable
Change-Id: I4f1239b2f1ebd8b2969f73af137915f5be1ce50f
Signed-off-by: Mike Ryan <mikeryan+wireshark@lacklustre.net>
Signed-off-by: Mike Kershaw <dragorn@kismetwireless.net>
Signed-off-by: Roland Knall <rknall@gmail.com>
Reviewed-on: https://code.wireshark.org/review/359
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Specify that proto_register...() and proto_reg_handoff...() prototypes are required;
- Indicate that certain #includes should be used only as needed;
- Don't use CamelCase (or CAPS) in variable names;
- Do some reformatting of certain lines;
- Futz hf[] array entry so checkAPIs and checkhf tests don't fail.
Change-Id: Ie03846f4bebd2a9bece464c85cc3c2ef46dd4fe5
Reviewed-on: https://code.wireshark.org/review/3724
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I2e8d18df71688c654f7acaff51fae7823c08aa6a
Reviewed-on: https://code.wireshark.org/review/3677
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Files from the debian directory, documents from the doc directory,
graphics from the docbook/wsug_graphics directory, and the echld
Makefile.nmake.
Change-Id: Iccccc58811753581b0b180053defd937aea22f95
Reviewed-on: https://code.wireshark.org/review/3283
Reviewed-by: Guy Harris <guy@alum.mit.edu>