This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(Fix a typoo while we're at it.)
Change-Id: I2129c301ea377a9fb48b3f5abd418f7319659638
Reviewed-on: https://code.wireshark.org/review/32050
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As noted in "AsciiDoc Recommended Practices" at
https://asciidoctor.org/docs/asciidoc-recommended-practices/, the
AsciiDoc/Asciidoctor community seems to have settled on ".adoc" as a
file extension and that's the one preferred by the Asciidoctor project.
Update our filenames to match.
Change-Id: I2d352623d42d65d950b64310c3655b0fd177ee8c
Reviewed-on: https://code.wireshark.org/review/32037
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert our self-generating FAQ to Asciidoctor via the following steps:
- `help/faq.py > /tmp/faq.html`.
- `pandoc -t asciidoc -o docbook/faq.adoc /tmp/faq.html`.
- Manually clean up the markup using a text editor.
Question and answer content was left intact. Removing or updating
obsolete content will have to be done in a separate change.
The Asciidoctor project uses the .adoc extension, so start using it here
as well.
The contents of the "help" directory appear to have been used for
offline support in help_url.c, but that functionality was removed in
2008 in 242e3b78bc. Its content is covered in the User's Guide and man
pages so remove it.
Change-Id: I9060eefe97cfc137f8b414077c30f814379b576a
Reviewed-on: https://code.wireshark.org/review/32014
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update some items in the toolchain section.
Change-Id: I3c2035873d4ee311b639dd3b5c94e3530abad8bc
Reviewed-on: https://code.wireshark.org/review/31944
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pass "--pdb" to windeployqt 5.6 and later.
Add a note about installing the "Qt Debug Information Files" component
to the Developer's Guide.
Change-Id: I81329bc9f9131050b1076fe275445b6325c24794
Reviewed-on: https://code.wireshark.org/review/31921
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ElektroBit High Speed Capture and Replay protocol is produced by a
PCIe Card for interfacing high speed automotive interfaces.
Bug: 15474
Change-Id: Ibb3ea36d9281b2779e2cc13d29b66dc382782ca3
Reviewed-on: https://code.wireshark.org/review/31847
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Align the usage help text for '-' as filename for stdin and stdout
with the text used for wireshark.
Change-Id: I67011b8234616940b7878fd5768c9e2a9e79f9f0
Reviewed-on: https://code.wireshark.org/review/31838
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Update release notes now that this GUI is mostly functional.
Change-Id: I118fbbe879e366643084f0e7ac3e437a29f21d5f
Reviewed-on: https://code.wireshark.org/review/31797
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The Colmetadata handling for TEXT, NTEXT, and IMAGE types was incorrect for
TDS 7 versions before TDS 7.2. In addition, the macros using for testing
versions were incorrect.
Clean up max length display to agree with Microsoft specification (as best
as I can understand it).
Bug: 3098
Change-Id: I8254649fd3de97c103078ceaac1557fde3569ded
Reviewed-on: https://code.wireshark.org/review/31734
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the single byte within a ZeroWindowProbe triggers reassembly within a
subdissector, a new MSP will be created with just a single byte. Be sure
not to mark subsequent segments that contain the full segment data as
retransmission as this prevents the subdissector from seeing the data.
Bug: 15427
Change-Id: I36ae2622689c6606c99cdff70b6beba4b9d25ca7
Reviewed-on: https://code.wireshark.org/review/31732
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jasper Bongertz <jasper@packet-foo.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The single byte within the ZWP could be retransmitted with the next
segment, this is perfectly acceptable behavior. Do not flag these new
segments as retransmissions or Out-Of-Order.
Bug: 15427
Change-Id: I76db2b7a2b684c8c78fa24c9c4b457e1833d12b7
Reviewed-on: https://code.wireshark.org/review/31731
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jasper Bongertz <jasper@packet-foo.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Avoid pinging www.wireshark.org, this removes an external dependency.
Instead send small UDP datagrams to UDP port 9 (discard) every 50ms.
Enable this for all platforms (including macOS and Linux) by default.
On Windows the tests requires Npcap and will be skipped with WinPcap.
Remove the --capture-interface option since it is no longer needed.
Copy WSDG Wireshark Tests Quick Start to README.test and add a link.
Change-Id: Id4105a6b1e95407ebf69b871c785c68f9ae26368
Reviewed-on: https://code.wireshark.org/review/31677
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
From the updates to text2pcap take the updates to the code comments and
apply them here as well. This also applies to the User Guide help texts.
Change-Id: I4e73fb1372ea0c1866c6d0fee7c14bc645fbe1b1
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31636
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Building only a subset of programs is not a very common situation, it is
more likely that some feature was accidentally disabled. For that
reason, fail tests by default unless a program is explicitly permitted
to be missing.
The '-v' test is now dropped from the Travis tests, the sole reason of
adding it was to see which tests got (accidentally) skipped.
Change-Id: I725f4508541d8ed980e17d69fb7aee1ad2875d73
Reviewed-on: https://code.wireshark.org/review/31660
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Mention some changes to aid developers and distributors.
Change-Id: Ifd33796fd3b4883275c034021d25ae9b35eef1a5
Reviewed-on: https://code.wireshark.org/review/31651
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The DTLS and TLS dissectors already share code for parsing the key log
file contents but the actual key material was stored separately. As
implementations (like GnuTLS) write the TLS and DTLS secrets to the same
file (specified by the SSLKEYLOGFILE environment variable), it seems
reasonable to combine them.
This also enables use of the pcapng Decryption Secrets Block for
decryption of DTLS traces. The dtls.keylog_file preference has become
obsolete and can no longer be used (this was not tested anyway).
A new test was added based on dtls12-aes128ccm8.pcap, the master secret
was extracted using the tls.debug_file preference.
Bug: 15252
Change-Id: Idfd52c251da966fe111dea37bc3fb143d968f744
Reviewed-on: https://code.wireshark.org/review/31577
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Rename sections to avoid files named like
_documentation_toolchain.html and _adding_or_modifying_tests.html.
Rewrite the testing introduction to directly show the required commands
for the pytest method. That provides much nicer output and finishes
faster, except when you cannot install extra build dependencies there
should be no reason to avoid it. ctest is removed from the description
since it does not provide many advantages over the test target (except
for the possibility of adding --verbose I guess).
Group some related sections under a "Test suite structure" heading in
order to collect some small sections on a single page.
Fix some other grammatical issues while at it.
Change-Id: I8ab821a67254e62c0fc3d18630e4bc8b0ef872dd
Reviewed-on: https://code.wireshark.org/review/31550
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Read our major, minor, and micro versions from CMakeLists.txt.
Add the ability to set our extra version information differently if our
Git commit is tagged or untagged. Change our extra version placeholder
from "%#" to "{vcsinfo}".
Add --tagged-version-extra (-t) and --untagged-version-extra (-u)
arguments for specifying the tagged and untagged extra formats. Add
--force-extra (-f) so that we can force one format or the other.
Require the major.minor.micro version to be specified when using
--set-version (-v).
Update appveyor.yml and the Developer's Guide to match the new behavior.
Change-Id: I6e5d55470aff7e7c61e75f208e24c4105276905a
Reviewed-on: https://code.wireshark.org/review/31479
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This function can convert non-string fields into strings. This allows the
user to apply string functions (like contains and matches) to non-string fields.
Examples:
string(frame.number) matches "[13579]$" => for odd frames
string(eth.dst) matches "aa\.bb\.cc\.dd\.ee\..." => to match a group of stations
string(snmp.name) matches "^1.2.3.4" => for all OIDs under a specific node
Change-Id: I18173f50ba5314ecdcd1e4b66c7e8ba5b44257ee
Reviewed-on: https://code.wireshark.org/review/31427
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The FindPythonInterp module does not verify that a discovered 'python'
program is actually Python 3. Replace this deprecated module by a modern
version that was introduced with CMake 3.12.
Remove PYTHON_EXECUTABLE from WSDG now that it is much more likely that
CMake discovers the right version.
Change-Id: I1f8438baced3d5bf9e1e2732980ad177d3257ca3
Reviewed-on: https://code.wireshark.org/review/31468
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move doc/README.packaging to the Developer's Guide and update the
content.
Change-Id: I25fda6cade8f3cfd11af865745bedd0fb5a7c86f
Reviewed-on: https://code.wireshark.org/review/31474
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Declare Cygwin as unsupported and remove all supporting code. Simplify
some Chocolatey notes in the WSDG.
Remove FindPerl.cmake as it only existed to force use of Wireshark's
bundled FindCygwin.cmake (bug 13922). FindXSLTPROC.cmake special
handling for Cygwin was also removed, in theory this could cause issues
when the PATH contains a Cygwin xsltproc, but it's unsupported anyway.
Change-Id: Iabfac2b4a9fd930530505d27bdba618bdb8f7f34
Reviewed-on: https://code.wireshark.org/review/31452
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Instead of giving horribly out-of-date instructions on how to add a new
module to libpcap, just point to the document that I started whipping up
earlier today (it definitely needs work - it's incomplete - but I'll be
getting back to it).
While we're at it, update the notes on adding support for new LINKTYPE_
values to libwiretap, and note that it's only necessary if you had to
add a new DLT_ *and* there isn't already a WTAP_ENCAP_ value that would
correspond to that DLT_.
Change-Id: I3882d0a57b29e98f73c074317bc6df7458fcc677
Reviewed-on: https://code.wireshark.org/review/31397
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove traces of the "config" module, it was removed. Add a new section
on using pytest.
Change-Id: I763fc53359157f5fcb04198ed98e2d7f7a2c7220
Reviewed-on: https://code.wireshark.org/review/31372
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Finish migrating the User's and Developer's guides to modern syntax.
Remove :compat-mode: from attributes.asciidoc.
Change-Id: I1232676c6ef4c3638253d070dcbae6d3c1ead284
Reviewed-on: https://code.wireshark.org/review/31374
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Expand the Npcap text. Make it clear that you might need to purchase a
license to redistribute Npcap.
Change-Id: I9340ed2d363e66443797478c59859ce10d648aff
Reviewed-on: https://code.wireshark.org/review/31351
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Drop mentions of DDD in favor of Qt Creator, CLion, and Eclipse. From
looking at https://sourceware.org/gdb/wiki/GDB%20Front%20Ends I'm
guessing that those have superseded DDD, as nice at it is/was.
Change-Id: I445a909ab8c8aa73c90f868d6b0958bb8faf62d6
Reviewed-on: https://code.wireshark.org/review/31353
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The full explanation is a bit more complicated - we'd have to mention
the dumpcap/*shark split, and the code on both sides of the split.
Change-Id: I43f8fc3c589bdf900e20714b55a3b4f544879bc2
Reviewed-on: https://code.wireshark.org/review/31349
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update the Windows CRT text to mention the Universal CRT.
Replace references to WinPcap with Npcap.
Update the Qt LTS text.
Add a WiX / .msi section
Use curly quotes.
Use the {cpp} attribute so that the "++" in "C++" doesn't trigger
monospace formatting.
Make the various "Unix" and "Windows" subsection title names uniform.
Give them the "discrete" attribute so that they don't clutter up the
TOC.
Title-case section titles.
Remove the reference to m4. As far as I can tell we don't require it.
Change-Id: I73f851adae640f77205781d6c4962002c2d53f49
Reviewed-on: https://code.wireshark.org/review/31343
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The Smart Metering Equipment Technical Specifications (SMETS) requires
that Gas Smart Metering Equipment (GSME), and Electricity Smart
Metering Equipment (ESME) including variants, meet the requirements
described in the Great Britain Companion Specification (GBCS).
GBCS messages are end-to-end and contains ZigBee, DLMS or ASN.1
formatted payloads. The GBCS messages are transported via IPor via
the ZigBee Tunneling cluster.
https://smartenergycodecompany.co.uk/document-download-centre/download-info/gbcs-v2-1/
Bug: 15381
Change-Id: I28ca9831fc266a6abd310db103306b98786e63f9
Reviewed-on: https://code.wireshark.org/review/31168
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Martin Boye Petersen <martinboyepetersen@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add dissection of Metro Ethernet Forum specification of Implementation
Agreement for the Emulation of PDH Circuits over Metro Ethernet
Networks [MEF 8]. This includes the introduction of a RTP shim header
dissection function, as is not uncommon in PW and CES services.
Signed-off-by: Jaap Keuter <jaap.keuter@aimvalley.nl>
Change-Id: I6de81007ce11793cd5352fadadd80d3f6f45ae0d
Reviewed-on: https://code.wireshark.org/review/31239
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Update the images and descriptions for the packet list, column header
popup, packet list popup, and packet detail popups.
Add images and descriptions for the byte view popup.
Use title case in more places.
Change-Id: Icf3af426c97c6e7cf97dee377c20039b7b8791ce
Reviewed-on: https://code.wireshark.org/review/31271
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Lua internally uses ANSI C APIs (such as fopen). On many systems (macOS
and Linux for example) these work fine with UTF-8. Windows however
requires special Unicode APIs (such as _wfopen), so patch the Lua
library to interpret paths are UTF-8 and call appropriate Unicode APIs.
Changes compared to the previous LuaBinaries zip archive:
- Patched with UTF-8 support for loadfile, os.execute, etc.
- Built with VS 2015 (VCRUNTIME140.dll) instead of MinGW (MSVCRT.dll).
- Includes PDB file for lua52.dll
- Includes lua52.exe and luac52.exe with UTF-8 argv support (wmain).
- Includes build scripts, source files and README.md.
- Extra subdirectory named after the zip file.
These zip files are taken from https://github.com/Lekensteyn/lua-unicode
(the "prepared" source zips can be found here as well.)
Bug: 15118
Change-Id: I219f046d6e0fd5093287b5d6503a48ba7d1fc6a4
Reviewed-on: https://code.wireshark.org/review/31165
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
NISO Z39.50 is a protocol used by libraries and library vendors for information retrieval and catalog manipulation. It is defined using ASN.1 using BER encoding. It has an assigned TCP port of 210. This is an initial implementation.
Features:
- The Z39.50 standard OIDs are defined.
- The bib-1 attribute set is decoded.
- The bib-1 diagnostics are decoded.
- Some OCTET STRINGs which are nearly always printable ASCII are special-cased.
- The MARC (MAchine Readable Cataloging) format is decoded. Only the MARC21 variant is
currently handled, but this is one of the most common variants. The most common tags
are decoded. The MARC dissector is included in the Z39.50 dissector, but the code is
structured in such away that it could be pulled out.
Todo:
- Add information to the Wiki about Z39.50.
As part of this work, the definition of isdigit_string() was fixed to avoid const complaints.
Change-Id: I29a7db53375ef8be83738a1ab98707761d878717
Reviewed-on: https://code.wireshark.org/review/31209
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No yet available at 100% (35,8%) but work in progress...
Change-Id: I3d0d861037abe5e5f2611f95ac27ad42c8d20c47
Reviewed-on: https://code.wireshark.org/review/31158
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No yet available at 100% (57,05%) but work in progress...
Change-Id: I3fa95c49003aa6fd5183d24fe76b721520a44ba0
Reviewed-on: https://code.wireshark.org/review/31157
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Along with checking for exit code 3010 (reboot required), check for
other errors and show a warning as needed.
Add a note about the Universal CRT to the User's Guide.
Bug: 15358
Change-Id: Ia49dbdc66edc8ea68f957ec353f1115536002d13
Reviewed-on: https://code.wireshark.org/review/31100
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissector for Intelligent Transport System facility messages:
- Cooperative Awareness Message (CAM)
- Decentralized Environmental Notification Message (DENM)
- Infrastructure to Vehicle Information Message (IVIM)
- MAP (topology) Extended Message (MAPEM)
- Signal Phase And Timing Extended Message (SPATEM)
- Signal Request Extended Message (SREM)
- Signal request Status Extended Message (SSEM)
- Electric Vehicle Charging Spot Notification (EVCSN)
- Electric Vehicle - Recharging Spot Reservation (EVRSR)
- Tyre Information System (TIS) and Tyre Pressure Gauge (TPG) interoperability
Subdissectors:
- ITS version if ever the ITS PDU header is changed
- Version << 16 | MessageID to register new message dissectors
- RegionId << 16 | type to register regional extensions
AddGrpC regional additions already provided
TAP:
- its TAP with ItsPduHeader fields provided
Bug: 15148
Change-Id: I4c71d4dfa1d5d63cb57f61a4e1436a60a3482205
Reviewed-on: https://code.wireshark.org/review/31049
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Implements V2X protocol dissectors:
* Geonetworking (network layer):
Dissector is registered on top of Ethernet (ethertype=0x8947). Secured
Packets are dissected up to the basic header, the rest is shown as data.
GN_ADDR address type is registerd and provides resolution of station
type and country code in the address. MID is shown as an ethernet address.
All the fields are dissected for non Secured Packets.
A subdissector table named "geonw.ch.nh" is provided on the next header
field. IPv6 is automatically registered. Heuristic dissectors is not
supported. If no dissector is foundd, payload is shown as data.
A preference boolean allows to enable/disable sequence number checking.
Tap "geonw" gets headers of all packets (with most fields).
Expert info tests if and provide feedback on:
- version is zero (no other version possible),
- reserved fields are zeros,
- payload_len matching with reported length of buffer,
- Remaining Hop Limit is 1 for Beacon and SHB,
- low RHL or RHL > Max Hop Limit,
- country code is less than 999 (3 digits ITU-T E.164),
- latitude, longitude, heading and angle limits,
- (suspected) duplicate packets,
- LS_REQUEST/LS_REPLY matching.
* Basic Transport Portocol:
BTP-X (X=A or B) dissectors are registered on top of Geonetworking.
Subdissector tables "btpx.port" allow to register for a given port,
while heuristic dissector can register to "btpx.payload". Decode as
capability is supported.
"btpx" taps get headers of all packets with ports/@ infos.
"btpx_follow" taps get the payload.
Bug: 15148
Change-Id: Iab5f4486d4c38068d9ad4361e77296b747f9b1bb
Reviewed-on: https://code.wireshark.org/review/30992
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
New built-in dissector for PCOM protocol (ASCII and binary modes included)
Bug: 15315
Change-Id: Ie13da6bfd7fefefbc5bb5df3461c7fc18261df81
Reviewed-on: https://code.wireshark.org/review/30823
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an "appimage" target that will create an AppImage package. Current
AppImage tools assume that you only have one executable, so add
a custom AppRun wrapper that will let you run our associated CLI
utilities via symlinks, e.g.
ln -s ./Wireshark-3.2.1-x86.appimage capinfos
./capinfos --help
Packaging requires both linuxdeployqt and appimagetool, although we
might be able to reduce this to just linuxdeployqt:
https://github.com/probonopd/linuxdeployqthttps://github.com/AppImage/AppImageKit
I haven't done much testing beyond running Wireshark and
capinfos. There are undoubtedly issues that need to be fixed.
Bug: 14464
Change-Id: Ic004ba1962e6a8630ebb017349d9b2c0462fd5fe
Reviewed-on: https://code.wireshark.org/review/30953
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Clean up the release notes in preparation for 2.9.0 and 3.0.
Change-Id: I7feb37846ce0b1c3caf248f616943b0f80cf60f3
Reviewed-on: https://code.wireshark.org/review/31012
Reviewed-by: Gerald Combs <gerald@wireshark.org>
1) The default build configuration is to select PCAPNG as
output format, but it can be selected as PCAP. Some of the
command line tools have the option to select the output
format and default towards the build configuration.
This has to be reflected in their help output also.
2) Various documentation files are still stating that PCAP is
the default format of various tools. With the default build
configuration being PCAPNG these have to be adjusted as well.
(with lack of dynamic content the documentation can only refer
to the default build configuration format).
Change-Id: I51d19642a7ed8c99817971c1f25d20972095021e
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30951
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With the introduction of the ip command (from iproute2) on modern
Linux systems it becomes common to see this tool available,
gradually replacing tools like netstat and ifconfig.
Change-Id: I1fb309e741c07c93271b61a35c4833d36bcc5cb8
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30924
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Supported Protocols list has move from Help to View.
Also everything is presented in one dialog now.
Change-Id: Ie6105741b1307a0de062a33e4f5e3f933cd14caa
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30845
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
More information on Apple's proprietary AWDL protocol can be found in
Milan Stute, David Kreitschmann, and Matthias Hollick. "One Billion Apples'
Secret Sauce: Recipe for the Apple Wireless Direct Link Ad hoc Protocol"
in ACM MobiCom '18. https://doi.org/10.1145/3241539.3241566
Bug: 15245
Change-Id: I5ce18125b3c957f338909e46f18e30405a3d3941
Reviewed-on: https://code.wireshark.org/review/30413
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Upcoming changes need GnuTLS >= 3.0.2. Require GnuTLS 3.2 (or newer) for
licensing reasons. The Debian control file still mentions 3.2.14 because
older packages linked with a GMP library that was not GPLv2+ compatible.
RHEL6 only has 2.12.23, but is already unsupported anyway.
Change-Id: I024b2a734ebb16b73a624bb2435c254e963d8b7d
Reviewed-on: https://code.wireshark.org/review/30832
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a script that disables all of our desegmentation and reassembly
preferences and use it to create a "No Reassembly" profile.
Change-Id: Icd0b72e9e271a511e637acde9018f3aae018e589
Reviewed-on: https://code.wireshark.org/review/30799
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Various parts of the text2pcap documentation need some fixing up.
This change brings them back in line and up to date with current
features.
Change-Id: I038cf5c4943d2a4bbcc3d0fbd8f5e111dcf0d0a9
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30754
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Try to describe the motivation of pytest fixtures and update the
examples. Add a missing build dependency in CMake while at it.
Change-Id: I5384a86f2191835b834285b81343a7ee56f88e79
Reviewed-on: https://code.wireshark.org/review/30632
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
A race condition exists with msbuild where building some targets
(generate_{developer,user}-guide.xml, {developer,user}_guide_pdf) will
result in parallel, repeated execution of the commands to copy 'ws.css'.
Synchronize those executions using a single target to avoid this.
Change-Id: Ie93d07e504bc18fa4e4e8aac5b611fba329ff188
Reviewed-on: https://code.wireshark.org/review/30553
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the ability to rotate files after a specified number of packets (`-b
packets:NUM`). Move some condition checks to capture_loop_write_packet_cb.
Add `-a packets:NUM` in order to be consistent. It is functionally
equivalent to the `-c` flag.
Add a corresponding "packets" option to the Capture Interfaces dialog
Output tab.
Add initial tests for autostop and ringbuffer conditions.
Change-Id: I66eb968927ed287deb8edb96db96d7c73526c257
Reviewed-on: https://code.wireshark.org/review/30534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Python 3 is widely available. All major Linux distributions support it.
RHEL is covered via EPEL (which is already required for cmake3). Drop
support for Python 2 in order to reduce maintenance costs. The main
motivation is being able to simplify the tests.
CMake is updated to search for Python >= 3.4 and will fail if
unavailable (generating dissectors.c requires Python, so it is quite an
important piece to have).
The documentation is updated to reflect the Python 3.7 paths used by
Chocolatey. Tested the git-review installation instructions in Windows 7
x64 without a previous Chocolatey installation.
macOS brew now installs Python 3 (its dependencies are already installed
by python@2 for libxml2). The macOS (non-brew variant) is updated to use
the official 64-bit installer to install Python 3.
Change-Id: I80b1e36957f338e0dad1bfcc173b6418682cddba
Reviewed-on: https://code.wireshark.org/review/30192
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
sshdump and ciscodump have been updated to use it.
Change-Id: I4e1e0d35f086d76c13264939bc4f14308cc88cfb
Reviewed-on: https://code.wireshark.org/review/30496
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When importing a file from hex dump, this change adds a way to
add a custom dummy header. It's an export_pdu header which uses
one single tag: the protocol name. This allows to call directly
a dissector without more dummy headers.
Example: it can be used to call the DNS dissector without fake
eth/ip/udp headers.
Change-Id: I12fd6d09a131acd9bd1f0d7c4c8aefcd0d718b26
Reviewed-on: https://code.wireshark.org/review/30403
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I5e9025545f9127d1c5c6200844f9b917af975998
Reviewed-on: https://code.wireshark.org/review/28844
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I1f828df1735bd10ef8849d208e10ea1339ba37e2
Reviewed-on: https://code.wireshark.org/review/26403
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
At least on my W10 machine, they shols up as "xxx Native Tools
Commmand Prompt for VS 2017", not "VS2017 xxx Native Tools Command
Prompt".
Change-Id: I55d7ad24df717cfce21f6abdaf97ed1972128e3c
Reviewed-on: https://code.wireshark.org/review/30215
Reviewed-by: Guy Harris <guy@alum.mit.edu>
More use of "UNIX-like" as the term for "macOS and Linux and *BSD and
Solaris and AIX and..." or, alternatively, for "not Windows".
Add Fedora as a Linux distribution for which packages are available.
Use "Windows" rather than "Win32" in more cases; "Win32" dates back to
the days when the big difference was between Boring Old 16-bit Windows
and modern shiny new 32-bit Windows, but the former is now dead and the
latter now supports both 32-bit and 64-bit machines and software. More
people have probably never heard "Win32" but are familiar with
"Windows".
*ALL* UNIX-like platforms support symlinks; Linux wasn't even the first
one, it just picked them up from the UN*Xes with which it was trying to
be compatible.
Change-Id: I254e74f0ed3c86b55d00f9e8d7b78d009b61fb5e
Reviewed-on: https://code.wireshark.org/review/30178
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We use VS 2017, not VS 2015, for 2.6.x and development builds.
Microsoft's documentation is moving from msdn.microsoft.com to
docs.microsoft.com.
The way you download pre-2017 versions of VS has changed.
Update links to the Android, GNOME, KDE and macOS human interface
guidelines while we're at it.
Change-Id: I1a3973f76aa5b476cb906b8a8604b82d6131e9c5
Reviewed-on: https://code.wireshark.org/review/30168
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a new button to UAT frames to copy entries from another profile.
Change-Id: I9decb5ed5d67e97388ee7b22a15cacae4d5a3621
Reviewed-on: https://code.wireshark.org/review/30084
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add an entry for the copy from profile feature for coloring rules,
IO graphs and protocol preference tables.
Change-Id: I79a191c1ec13e96fcb1b5fb04dd28c95dd034aca
Reviewed-on: https://code.wireshark.org/review/30070
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add 'v' option for VLAN ID resolving and get rid of
deprecated 'C' option.
Bug: 14826
Change-Id: I63104f4a465d251048693ad02882ea7eb2c4d926
Reviewed-on: https://code.wireshark.org/review/30029
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Switch the Capture Interfaces section to paragraphs and add one for
sdjournal.
Change-Id: I677a403bf2ea377214c6179f9f22facc9a4ff091
Reviewed-on: https://code.wireshark.org/review/29963
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This reverts commit 5dd0c8daa5.
Reason for revert: As Guy pointed out, Oracle ships a recent version.
Change-Id: I9689dfd0656d95f7ae57ae86c2bea7d09afddc70
Reviewed-on: https://code.wireshark.org/review/29815
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Stop listing Solaris as a supported platform. I'm not sure if you can
compile Wireshark out of the box on it any more and the available binary
packages I can find are ancient.
Change-Id: I89afef01abe05986ce660327731c5504c6622ff7
Reviewed-on: https://code.wireshark.org/review/29764
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS"
over "SSL" in user interface text and in the documentation.
Fix the test_tls_master_secret test while we're here.
Bug: 14922
Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8
Reviewed-on: https://code.wireshark.org/review/29649
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The "known bugs" list is rarely updated. Remove it and add more helpful
and up-to-date references.
Change-Id: I5aea57c66c6645b5c903ebcebcb1676af5204ce2
Reviewed-on: https://code.wireshark.org/review/29048
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The references read like
This table is handled by an Section 11.7, "User Table" with the
following fields.
which looked a little weird.
Change-Id: I4ae9af48e7edf75aa0c7708614f4a11696db9ee1
Reviewed-on: https://code.wireshark.org/review/29530
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- It cannot support IPv6.
- Non-standard use (specifically recommended against in the RFCs)
of the IPv4 fragment ID field.
- Has a narrow and non-obvious use case, IMO.
- It is not supported in the Qt GUI.
- Significant maintenance burden for an obscure feature.
Change-Id: Icaf429269dc42f78c38b8d20001508132499faf8
Reviewed-on: https://code.wireshark.org/review/29239
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
The "debug" logging function overwrites the "debug" package which breaks
luacov: https://github.com/keplerproject/luacov/issues/55
Change-Id: I9b6025c060733198bfff8ea959444c09d6e08709
Reviewed-on: https://code.wireshark.org/review/29449
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update docbook/wsug_src/*.txt using tools/update-tools-help.py. This
removes a lot of unwanted behavior that came with updating via a CMake
target.
Change-Id: I0a24f425e9673ef7bd074210d7047654c6755e79
Reviewed-on: https://code.wireshark.org/review/29416
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove 'Payload Length' from extcap toolbar control protocol because
this does not exist in the protocol.
Change-Id: I9eea7366d2992a7b7ac769f290c5d7e8e1090ce8
Reviewed-on: https://code.wireshark.org/review/29378
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add support for aliasing one protocol name to another and for filtering
using aliased fields. Mark aliased fields as deprecated.
Rename the BOOTP dissector to DHCP and alias "bootp" to "dhcp". This
lets you use both "dhcp.type" and "bootp.type" as display filter fields
without having to duplicate all 500+ DHCP/BOOTP fields.
To do:
- Add checks to proto.c:check_valid_filter_name_or_fail?
- Transition SSL to TLS.
- Rename packet-bootp.c to packet-dhcp.c?
Change-Id: I29977859995e8347d80b8e83f1618db441b10279
Ping-Bug: 14922
Reviewed-on: https://code.wireshark.org/review/29327
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a file parser and dissector that can handle the output of
`journalctl -o export`. From here we can add a systemd journal extcap
and possibly support for the JSON and binary formats.
Change-Id: I01576959b2c347ce7ac9aa57cdb5c119c81d61e9
Reviewed-on: https://code.wireshark.org/review/29311
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change occurrences of GIT to Git. Fix a couple of URLs. Other changes.
Change-Id: I9eb69ee16f692c2bf71b62e7a2db4b762d9ab4bf
Reviewed-on: https://code.wireshark.org/review/29237
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the images and text to match the current main and display filter
toolbars.
Change-Id: I4d23a3ece35c3b9186b4fff170f6c391f4d157c9
Reviewed-on: https://code.wireshark.org/review/29234
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The Internals menu items were moved under the View menu a while back.
Fix an internals dialog title.
Change-Id: I78d61bf4f52bf9eb86cf7ff59fc036b9f7e846f5
Reviewed-on: https://code.wireshark.org/review/29228
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The version argument to --extcap-version is optional, and some versions
of getopt_long() require, for a flag whose argument is optional, that
the argument be supplied as --flag=value, not --flag value.
Change-Id: I5e34132d8bb729b845ac75ff94d6d548c1c35a3d
Reviewed-on: https://code.wireshark.org/review/28864
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use our target name instead of $<TARGET_FILE:...> in a few places. As
Peter pointed out, CMake will do the desired substitution for us. Update
a comment.
Change-Id: I03bf98cc1bf4807213eb89e5e5b1f4e3c08c17be
Reviewed-on: https://code.wireshark.org/review/28836
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change the dependencies of various wsug targets to update_tools_help
instead of the files it generates. Have the nsis_package_prep
and wix_package_prep targets depend on user_guide_chm instead of
update_tools_help. This should make parallel builds of all_guides,
wix_package_prep and possibly other targets more reliable.
Change-Id: I473f0e608aade1ac0053c03bef0942c69c650f65
Reviewed-on: https://code.wireshark.org/review/28838
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
oss-fuzz disables all targets except for fuzzshark, be sure to check for
tool availability or the cmake step will fail.
Change-Id: Ia873fdc1b548033ac61622f61299b5af7dfb41d9
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9533
Fixes: v2.9.0rc0-1251-gffbd3151b5 ("CMake: Fixup our tools help dependencies.")
Reviewed-on: https://code.wireshark.org/review/28832
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Generate help for dumpcap and rawshark only if PCAP_FOUND is true. Note
that we should generate all of the tools help conditionally.
Change-Id: I2145717dee8d8a1ac3d4fd328240f58dbdd07e6c
Reviewed-on: https://code.wireshark.org/review/28785
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Make sure each tools help target is generated by and depends on its
generating executable.
Change-Id: I716c0db23b297e2d2692b72a47259c40aa0c52fa
Reviewed-on: https://code.wireshark.org/review/28780
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Separate includes by blank lines as recommended in
https://asciidoctor.org/docs/user-manual/#include-directive.
Separate block attributes as well.
Change-Id: I933917a14eae6d1fe1879372917ab2208755f470
Reviewed-on: https://code.wireshark.org/review/28769
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Deprecate "disable_lua" in favor of "enable_lua". Configuration options
typically use "true" or a similar value to enable features. Using
"disable_lua = false" to enable Lua seems odd.
Change-Id: I224acad0559d409ea0a28b5555d1eb898564328c
Reviewed-on: https://code.wireshark.org/review/28773
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Hide the Compare option, reorder the chapters to match the current Qt
order and move the Wireless menu to a new chapter.
Change-Id: I7f0eeb45f4894f66a9c91d62d7d43db775f469e5
Reviewed-on: https://code.wireshark.org/review/28761
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Some issues in the developer doc have been corrected
Change-Id: I0d60e9080ef582dafa12607fb5ea43a8ae5d2d0f
Reviewed-on: https://code.wireshark.org/review/28727
Reviewed-by: Roland Knall <rknall@gmail.com>
Move the information from README.extcap into docbook.
Change-Id: Ic6504787750d04fe6c66479896cba8d6148d804d
Reviewed-on: https://code.wireshark.org/review/28690
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
1. Use proto_tree_add_bitmask for the flags example
2. GLib download link was dead
3. Remove old frontend information. I can't find any download for
hethereal, and Packetyzer is so old that it's not useful for any current
developers.
Change-Id: Ifa0a7363fccb95fb2ef315d84fbbcf7414ae6a6d
Reviewed-on: https://code.wireshark.org/review/28632
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On Ubuntu trusty, Asciidoctor 1.4 is installed. This does not satisfy
the minimum version requirement (1.5) and should not be used even if the
binary is available.
Change-Id: Iaffd55a5bcb26510b4b59f209768a61c3116d32f
Fixes: v2.5.1rc0-76-g94a0f7c641 ("Switch from AsciiDoc to Asciidoctor.")
Reviewed-on: https://code.wireshark.org/review/28576
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Currently out-of-order segments will result in cutting a stream into
two pieces while the out-of-order segment itself is ignored. For
example, a stream of segments "ABDCE" is interpreted as "AB", "DE" with
"C" ignored. This behavior breaks TLS decryption or prevent application
layer PDUs (such as HTTP requests/responses) from being reconstructed.
To fix this, buffer segments when a gap is detected.
The proposed approach extends the "multi-segment PDU" (MSP) mechanism
which is normally used for linking multiple, sequential TCP segments
into a single PDU. When a gap is detected between segments, it is
assumed that the segments within this gap are out-of-order and will be
received (or retransmitted) later.
The current implementation has a limitation though, if multiple gaps
exist, then the subdissector will only be called when all gaps are
filled (the subdissector will receive segments later than necessary).
For example with "ACEBD", "ABC" can already be processed after "B" is
received (with "E" still buffered), but due to how MSP are extended, it
must receive "D" too before it reassembles "ABCDE". In practice this
could mean that the request/response times between HTTP requests and
responses are slightly off, but at least the stream is correct now.
(These limitations are documented in the User's Guide.)
As the feature fails at least the 802.11 decryption test where packets
are missing (instead of OoO), hide this feature behind a preference.
Tested with captures containing out-of-order TCP segments from the
linked bug reports, comparing the effect of toggling the preference on
the summary output of tshark, the verbose output (-V) and the two-pass
output (-2 or -2V). Captures marked with "ok" just needed "simple"
out-of-order handling. Captures marked with "ok2" additionally required
the reassembly API change to set the correct reassembled length.
This change does "regress" on bug 10289 though when the preference is
enabled as retransmitted single-segment PDUs are now passed to
subdissectors. I added a TODO comment for this unrelated cosmetic issue.
Bug: 3389 # capture 2907 (HTTP) ok
Bug: 4727 # capture 4590 (HTTP) ok
Bug: 9461 # capture 12130 (TLS/HTTP/RPC-over-HTTP +key 12131) ok
Bug: 12006 # capture 14236 (HTTP) ok2; capture 15261 (HTTP) ok
Bug: 13517 # capture 15370 (HTTP) ok; capture 16059 (MQ) ok
Bug: 13754 # capture 15593 (MySQL) ok2
Bug: 14649 # capture 16305 (WebSocket) ok
Change-Id: If3938c5c1c96db8f7f50e39ea779f623ce657d56
Reviewed-on: https://code.wireshark.org/review/27943
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We still need the "length == 2" behavior.
This reverts commit 622b17a475.
Change-Id: Id3b7ed9231f3fefeeac5fb910b792139c4844ec8
Reviewed-on: https://code.wireshark.org/review/28484
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The output for this case is achieved by the following one.
Change-Id: I585aba39ebb67d65a8f5159217ea8a85ad13e49c
Reviewed-on: https://code.wireshark.org/review/28421
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This fixes the guides compilation error:
ninja: error: '../docbook/developer-guide.pdf', needed by 'docbook/CMakeFiles/developer_guide_pdf', missing and no known rule to make it
Change-Id: I58c45da34e60b950f5560716372377962a84e42e
Reviewed-on: https://code.wireshark.org/review/28393
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Previously, before the AsciiDoc conversion, the Users' and
Developers' Guide used to carry version information on the
title page. This seems to have been dropped, for reasons
unknown to me.
At least AsciiDoctor allows to add a subtitle, so the
wireshark-version attribute can be expanded into it.
Change-Id: Ib0a90393aff1a323b7026c49e2aa11f5115b3ec7
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/28330
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Qt UI's main module started out as ui/qt/main.cpp but was moved to
the top-level directory in order to appease Autotools. We don't need to
do that any more, so move it back.
Change-Id: Ic5bc0ed5b754e36cc2b9e682f2ca097781233dfd
Reviewed-on: https://code.wireshark.org/review/28090
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With MATE being an integral part of Wireshark for a long time now and its
documentation being part of the Wiki for a while it is time to move it
into the Wireshark Users Guide.
All credits go to Luis Ontanon for creating MATE and the Wiki pages,
the various contributors to those pages and especially Pavel Sindelka for
the creation of the graphics.
This change merely incorporates the contents of the Wiki pages into an
asciidoc file for processing into documentation output. It is in no way a
claim to knowledge of or deep insight in the workings of MATE on my part.
Change-Id: Id9c60fd3ba4a52aafb988370ea7d658907970ccd
Reviewed-on: https://code.wireshark.org/review/27894
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AsciiDoc allows dashes in macro names but not underscores. Current
versions of AsciiDoctor allow the inverse. Remove underscores to allow
for easier copying and pasting.
Remove asciidoc.conf while we're here. It's no longer used.
Change-Id: I32d8a4ec695b9e17a80ac720ee9faf62dbb362d3
Reviewed-on: https://code.wireshark.org/review/27787
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
DoIP is a vehicle bus protocol. It is carried by TCP or UDP and may include an UDS payload.
Change-Id: I1459c51fd710da8e2aaff0056bbf3f6e42c1b25e
Reviewed-on: https://code.wireshark.org/review/27448
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add back the capture info dialog. Draw sparklines for each protocol.
Update the User's Guide.
Bug: 12004
Change-Id: I45be8a0df4752255831a8b139ee84bb34d675ba9
Reviewed-on: https://code.wireshark.org/review/27565
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
And put hyphens in "out-of-tree" and "in-tree".
Change-Id: I55c54a1334f490f948310139741fecf27203a359
Reviewed-on: https://code.wireshark.org/review/27550
Reviewed-by: Guy Harris <guy@alum.mit.edu>
macOS is a UNIX(R) and FreeBSD isn't a UNIX(R), but we mentioned macOS
along with UNIX but didn't mention FreeBSD along with UNIX.
Instead, just speak of "UN*Xes" and give Linux, macOS, and *BSD as
examples. Feel free to add Solaris, AIX, or HP-UX if you want, assuming
you can build Wireshark on them.
Change-Id: I85be3861fa0bc603b93d077a2d9d587d43cb6e7e
Reviewed-on: https://code.wireshark.org/review/27549
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Several graphics files are not listed in the symbol that defines
the dependancy for document building. Adding these files to the
WSUG_GRPAHICS symbol makes the list consistent.
Bug: 14676
Change-Id: I3016a1994473f90df460d726773c8470dbedd3bc
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/27471
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This speeds up the copy/paste step-by-step sequence.
Change-Id: Ib2e3ee54c8c86b7357260ecaab5d129ef296a9e9
Reviewed-on: https://code.wireshark.org/review/27309
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Note in the quick setup and tools documentation that we no longer
require or recommend Cygwin.
Change-Id: Ie0eb92c5817ae1d786136035adf8fa3988c8b98d
Reviewed-on: https://code.wireshark.org/review/27244
Reviewed-by: Guy Harris <guy@alum.mit.edu>
ENABLE_CHM_GUIDES is no longer in CMakeOptions.txt
Change-Id: I217ac89f12c95e66591465e3230c19968dcc0bde
Reviewed-on: https://code.wireshark.org/review/27209
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>