While we're at it, simplify the #ifdefs and #defines in capture_opts.h -
don't do the same tests twice.
Change-Id: I2079167f31789470ef77120054d769d5914745e3
Reviewed-on: https://code.wireshark.org/review/2496
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No capturing, no capture options.
Change-Id: I0023184b9c358d5876f19a098590f34d641c8649
Reviewed-on: https://code.wireshark.org/review/2493
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The names match tcpdump trunk's names for the corresponding options.
Also have capture_opts.h provide a #define for the part of the short
option string that corresponds to the capture short options that all our
programs that take capture short options take (those are largely the
ones we have in common with tcpdump).
Change-Id: Ia209425959c801725850b56a7d63441ee99b5001
Reviewed-on: https://code.wireshark.org/review/2492
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, make the convention for long-only options be that their
case-statement values start at 128, so they avoid colliding with any
ASCII code points, including control characters.
Make the tables of long options "static const" while we're at it, and
get rid of unnecessary casts.
Change-Id: I55702a85e9bc078b1cd0f2803ebb68a710405bab
Reviewed-on: https://code.wireshark.org/review/2491
Reviewed-by: Guy Harris <guy@alum.mit.edu>
64-bit, and was being fetched that way - but not stored that way - leading to some very strange
(and large) values.
Change-Id: I2235ae7f1bab7f48f99afac70109a7d8f9b38e2b
Reviewed-on: https://code.wireshark.org/review/2468
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Set initialize position to center on parent
bug: 3817
Change-Id: Iad48aa762d892908d50f742606160c8305084f48
Reviewed-on: https://code.wireshark.org/review/2459
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Tested-by: Balint Reczey <balint@balintreczey.hu>
Change-Id: Ibd2fa6c791253e4dbac9a21532e894db3327ce57
Reviewed-on: https://code.wireshark.org/review/2465
Reviewed-by: Michael Mann <mmann78@netscape.net>
ws_gtk_grid_attach_extended() to do the heavy lifting.
Change-Id: I1c9d12556857196f53fadbce70f206a3cc41f7a5
Reviewed-on: https://code.wireshark.org/review/2433
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
bug: 10204
Change-Id: Ie21cc07b0ac9a56648ec72062ce58a1ac800318e
Reviewed-on: https://code.wireshark.org/review/2420
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove some dependencies on having an open capture file.
Change-Id: Iad5d03e0a45ed31c83781861ef1ed7fdeb92e4a5
Reviewed-on: https://code.wireshark.org/review/2352
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Several header file references in .ui files needed to be changed to not
be global, and the path to stats_tree_dialog.ui needed a "../qt" path
prepended to be found from the build...-Release directory.
Change-Id: I51c0bb15eed706f483085020ce2b3cea3c1cdc95
Reviewed-on: https://code.wireshark.org/review/2281
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Move visibility to its own method and call it when we show ourselves and
when we thaw.
Change-Id: I936cd33e5ccabddb32061ea347a465ac12f1be87
Reviewed-on: https://code.wireshark.org/review/2289
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Also remove that function as it is now unused.
Fix what appeared to be a memory leak in the manual address resolution dialog
while in the neighbourhood.
Change-Id: I75128ab0f95e5a7673f92bfeea45191f00581c25
Reviewed-on: https://code.wireshark.org/review/2244
Reviewed-by: Michael Mann <mmann78@netscape.net>
Show the addresses as a tooltip in capture interfaces.
Change-Id: I911784e09ed9479229a7d6f8a7f1476e2e1e6224
Reviewed-on: https://code.wireshark.org/review/2155
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
I'm guessing that GCC is complaining because "device" isn't guaranteed
to be set (if there are no interfaces, the body of the loop will never
be executed), so do with the list of link-layer header types what's done
for the buffer size and snapshot length.
But should the column-setting code be executed if the interface isn't
found?
Change-Id: I8c365a482b8af44cdd1c1a7f41ca611141387c86
Reviewed-on: https://code.wireshark.org/review/2180
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- allow to change the interface options in the table
- save the options to preferences when the dialog is left
- add a field for setting a capture filter for all selected interfaces
- add a "Compile BPF" button and a window to show the compiled filter output
- try to address Alexis' and Evan's comments
Change-Id: Ic1272e29183ec80e2d2f4b3e494c79dabe2c3b6f
Reviewed-on: https://code.wireshark.org/review/1946
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Fix indent (remove tabs)
* Add title to the window
Change-Id: I454046e47fa17969c710fa8dec4fac8cb7dbf22f
Reviewed-on: https://code.wireshark.org/review/1917
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I07207177e97e22bb8810226818b2280db5f5055e
Reviewed-on: https://code.wireshark.org/review/1836
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a dissector table indexed by the file type, and, for the
file-type-specific records, have the frame dissector skip the usual
pseudo-header processing, as the pseudo-header has a file-type-specific
record subtype in it, and call the dissector for that file type's
records.
Change-Id: Ibe97cf6340ffb0dabc08f355891bc346391b91f9
Reviewed-on: https://code.wireshark.org/review/1782
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a "record type" field to "struct wtap_pkthdr"; currently, it can be
REC_TYPE_PACKET, for a record containing a packet, or
REC_TYPE_FILE_TYPE_SPECIFIC, for records containing file-type-specific
data.
Modify code that reads packets to be able to handle non-packet records,
even if that just means ignoring them.
Rename some routines to indicate that they handle more than just
packets.
We don't yet have any libwiretap code that supplies records other than
REC_TYPE_PACKET or that supporting writing records other than
REC_TYPE_PACKET, or any code to support plugins for handling
REC_TYPE_FILE_TYPE_SPECIFIC records; this is just the first step for bug
8590.
Change-Id: Idb40b78f17c2c3aea72031bcd252abf9bc11c813
Reviewed-on: https://code.wireshark.org/review/1773
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit c0c480d08c.
A better way to do this is to have the record type be part of struct wtap_pkthdr; that keeps the metadata for the record together and requires fewer API changes. That is in-progress.
Change-Id: Ic558f163a48e2c6d0df7f55e81a35a5e24b53bc6
Reviewed-on: https://code.wireshark.org/review/1741
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is the first step towards implementing the mechanisms requestd in
bug 8590; currently, we don't return any records other than packet
records from libwiretap, and just ignore non-packet records in the rest
of Wireshark, but this at least gets the ball rolling.
Change-Id: I34a45b54dd361f69fdad1a758d8ca4f42d67d574
Reviewed-on: https://code.wireshark.org/review/1736
Reviewed-by: Guy Harris <guy@alum.mit.edu>
emem was exposed because of its memory limits trying to output PDML for a very large byte field in a capture file.
When converting from proto_construct_match_selected_string to fvalue_to_string_repr remember proto_construct_match_selected_string includes fieldname + value, not just value
bug:10081
Change-Id: I4fc6ea7fd1f63cff410207c8b30562771af40ada
Reviewed-on: https://code.wireshark.org/review/1578
Reviewed-by: Evan Huus <eapache@gmail.com>
While investigating an ASAN issue (fixed in
commit dcdd076ab0), I got greatly confused
by three different types having the same "interface_data" field name:
* pcapng_t *pn stores an array of interface_data_t objects.
* wtap *wth stores an array of wtapng_if_descr_t objects.
* pcapng_dump_t should store an array of interface_data_t objects.
pcapng_dump_t and friends are unused since
commit c7f1a431d2, so drop it.
To fix the confusion, rename the interface_data_t type to
interface_info_t type and use the local variable "iface_info"
everywhere. Rename interface_data of pcapng_t to "interfaces" and
add a comment what this exactly means (interfaces listed in the capture
file).
Drop the number_of_interfaces field for interfaces as the array
length is already available from GArray. Now interface_data is always
initialized for wth (which also gets copied to idb).
s/int/guint/g and replace cast at some places.
There are no regressions for the in-tree test suite.
Change-Id: I2d5985c9f1e43f8230dbb4a73bd1e243c4858170
Reviewed-on: https://code.wireshark.org/review/1656
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That variable is only defined if we HAVE_LIBPCAP. Should fix OSX10.5 buildbot.
Change-Id: I0bafc48955ef4af3c0b8d9d7a35b1e8b27577d31
Reviewed-on: https://code.wireshark.org/review/1669
Reviewed-by: Evan Huus <eapache@gmail.com>
Don't need launch "Qt" for some console only parameters (-h -v ...)
Based on GTK+ code
Change-Id: I1a810e394088959aefbbb39fb88836591a8b2367
Reviewed-on: https://code.wireshark.org/review/1311
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to the GTK+ docs, gtk_init calls "signal(SIGPIPE, SIG_IGN)" at
startup. Replicate that behavior here, otherwise we tend to terminate
unexpectedly.
Change-Id: Ia017402755d647e6050af40deacef6765eea8694
Reviewed-on: https://code.wireshark.org/review/1614
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
With tshark stats are being configured before the file gets loaded and the number of TCP streams are computed
Bug: 9541
Change-Id: I42c2891124f1781b05967d5f071ad40df2d6d9f5
Reviewed-on: https://code.wireshark.org/review/1598
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This allows to properly identify hosts that use the same port number
Change-Id: I93bf5b53e4df1d339fb06b372b90f88fce6785a0
Reviewed-on: https://code.wireshark.org/review/1588
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
It was broken since 48285bb16b
While we are at it, display the streams in the same order as Qt version
Change-Id: I12df1c033dd51b7a162adca3fd36b31af5c074a1
Reviewed-on: https://code.wireshark.org/review/1587
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
- get the right IPv6 client address
- display the right client to server string for UDP/SSL in Qt port
Change-Id: I399cc38b8a32321198deccdd8e2ecd05b54e14db
Reviewed-on: https://code.wireshark.org/review/1586
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>