Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Current layer number needs to be unconditionally saved after v2.3.0rc0-3740-ge1f84f985e,
which increased the number of dissectors that use current layer number to
determine Decode As value.
Change-Id: Ib82370af94ea00613a337890369e228cffa1ed81
Reviewed-on: https://code.wireshark.org/review/21928
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Either 1) it can be determined from the libwiretap encapsulation type,
in which case it's redundant information or 2) there *is* no pcap/pcapng
link-layer header type for that encapsulation type, in which case you
need to check for the attempt to determine it failing and handle that
failure appropriately.
Change-Id: Ie9557b513365c1fc8c6df74b9c8239e29aad46bc
Reviewed-on: https://code.wireshark.org/review/21924
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This property was introduced in Qt 5.1.
Change-Id: I3446886d65fbeaf011a69071b605b044e5205b60
Reviewed-on: https://code.wireshark.org/review/21895
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When having hidden interfaces it was not possible to unhide all
in the "Manage Interfaces" dialog because prefs.capture_devices_hide
was not updated when not having any hidden interfaces.
This bug was introduced in g6eee29bf.
Change-Id: If94c2e592eea60e6f1ef1ce2107ff9b2b27c3176
Reviewed-on: https://code.wireshark.org/review/21869
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Add prefs_set_gui_theme_is_dark and call it in the WiresharkApplication
constructor. Add a set of dark syntax color defaults.
We could alternatively add a preference for the syntax foreground color,
but that would imply adding a preference for the background color as
well.
Bug: 11131
Bug: 13738
Change-Id: Iefe135ed04e63372ed434c5b9759647c9f4046e3
Reviewed-on: https://code.wireshark.org/review/21827
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The generated Ui_MainWindow::setupUi() can grow larger than our configured
limit, so turn off -Wframe-larger-than= for ui_main_window.h.
Change-Id: I550ff30ebe566b711c63f7a9d0276e5b06244407
Reviewed-on: https://code.wireshark.org/review/21866
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Matches Id45052f21ebb290bf92c201370584156a65f2e19
Change-Id: I2b097d176ec3ce0637af95d66d2f58b834c79ea2
Reviewed-on: https://code.wireshark.org/review/21783
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The about dialog compilation fails when plugins and LUA are disabled.
Add the missing preprocessor statements.
Also make the plugin tab really empty when there's nothing to report.
Change-Id: Idba0dc86e7110e56b2d949f517c966a121d28e47
Reviewed-on: https://code.wireshark.org/review/21768
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add the cause for a syntax error while parsing UATs. Example output:
$ tshark -ouat:ssl_keys:,
tshark: Invalid -o flag "uat:ssl_keys:,": ssl_keys:1: No IP address given.
$ tshark -ouat:unknown:,
tshark: Invalid -o flag "uat:unknown:,": Unknown preference
Change-Id: I549406c4e31a81d29f487ef47bdb3c22da084947
Reviewed-on: https://code.wireshark.org/review/21748
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There isn't an API to do it and if WinPcap isn't present it can
cause a crash.
Change-Id: I5338f854acb26f0822ac027e6c853a550da3f7b1
Reviewed-on: https://code.wireshark.org/review/21758
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is most likely due to WinPcap not being installed.
Bug: 13672
Change-Id: Ic7069f98c7f8068cdc5045204c2e23ab56b3f7eb
Reviewed-on: https://code.wireshark.org/review/21757
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Move gtk's fld_tostr() to epan API as uat_fld_tostr.
Change-Id: I01e3b66ca9ea3cd1e2e06e2122190ee42b9ad44b
Reviewed-on: https://code.wireshark.org/review/21664
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't try to compile code that uses pcap if you don't have it.
Change-Id: Ifa98b4ff47783f5347cb6e1129bbf4e5cac35aab
Reviewed-on: https://code.wireshark.org/review/21611
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have a header file that defines HAVE_REMOTE if HAVE_PCAP_REMOTE is
defined, and then includes pcap.h. Replace all other includes of
pcap.h, and the definition of HAVE_REMOTE, with includes of that file.
Check for anything other than wspcap.h including pcap.h in checkAPIs.pl.
Change-Id: I3cbee8208944ad6f006f568b3fe3134e10b2a883
Reviewed-on: https://code.wireshark.org/review/21605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WinPcap made the mistake of having stuff in its public header fines
depend on a configuration #define, HAVE_REMOTE; this means that we need
to forcibly define it when building with remote capture support.
The tip of the libpcap master branch does not have that botch; hopefully
future versions of libpcap-for-Windows will be based on that libpcap and
thus lack that botch as well.
Defining HAVE_REMOTE in config.h is not the right fix, as it makes it
look like a *Wireshark* configuration option that code in Wireshark
should test, rather than a *WinPcap* configuration option that the
pcap.h that ships with the WinPcap SDK should have been changed, as part
of the build process, to correctly define or not, so that users of
WinPcap don't have to define it themselves.
Change-Id: I62d1eca6d3c900d0dcc9fbc011db77f595a86313
Reviewed-on: https://code.wireshark.org/review/21593
Reviewed-by: Guy Harris <guy@alum.mit.edu>
QFont::toString returned the default font (which might be unavailable),
leading to use of non-monospace fonts in the bytes view. Detect the
effective font instead and apply it to avoid this issue.
Add additional logic to invoke font detection when the configured font
is bad (for example, because of the bug or because a font has been
removed in meantime).
Bug: 13638
Change-Id: I8a625cf365c90119caebe8c4deada0df7426e53a
Reviewed-on: https://code.wireshark.org/review/21551
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Ahmad Fatoum <ahmad@a3f.at>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The packet details context menu allows you, through the Protocol
Preferences sub menu to manipulate (disable) the protocol dissection
through the Disable <protocol>... option. This opens up the appropriate
dialog and select the applicable protocol.
This fails for protocols which have their can_toggle flag reset (e.g.
the frame protocol). The dialog opens, but the protocol can't be found,
hence the top item is selected.
Instead disable the menu option for protocols which can't have their
enabled state toggled.
Change-Id: Ifa83f656a8ab747f379d3ca0114520e5efed4b67
Reviewed-on: https://code.wireshark.org/review/21494
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Select one of the capturing interfaces when start capture
- Only send user changed control values when start capture
- Don't show hidden interfaces
- Allow a toolbar with no interfaces
- Renamed button role "reset" to "restore"
- Improved control number validation
- Updated documentation
Change-Id: Icc8d04043c95c1f3ef8d7cdc3b251be4471cba0a
Reviewed-on: https://code.wireshark.org/review/21445
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This makes it easier to copy error messages.
Change-Id: I39284d9b2d716336c6fc4b211e5346abcebf0aee
Reviewed-on: https://code.wireshark.org/review/21326
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
An extcap utility can provide configuration for controls to use in a
GUI interface toolbar. This controls are bidirectional and can be
used to control the extcap utility while capturing.
This is useful in scenarios where configuration can be done based on
findings in the capture process, setting temporary values or give other
inputs without restarting current capture.
Todo:
- Add support for Windows
Change-Id: Ie15fa67f92eb27d8b73df6bb36f66b9a7d81932d
Reviewed-on: https://code.wireshark.org/review/19982
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Packet ranges are used only in the UI; move the packet range stuff into
libui.
Don't pass a print_args_t structure to libwireshark packet-printing
routines, just pass the few parameters they need. Move the declaration
of print_args_t into file.h.
Change-Id: Icff5991eea7d7d56f33b4716105895263d275bcf
Reviewed-on: https://code.wireshark.org/review/21308
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have them just return the information needed for the caller to produce
an error message, and have the callers use the new cfile_ routines for
reporting errors.
This requires that the "write failure alert box" routine take the
*input* file name as an argument, so that, on a merge, if the problem is
that a record from a given input file can't be written out to the type
of output file we're generating, the input file name can be given, along
with the record number in that file.
Change-Id: If5a5e00539e7e652008a523dec92c0b359a48e71
Reviewed-on: https://code.wireshark.org/review/21257
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Expand comments while we're at it.
Change-Id: I6dcc791eab1c9e323a9572f3d54720d223bdd64b
Reviewed-on: https://code.wireshark.org/review/21252
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The GTK+ UI performs automatic formatting of the units (us, ms, s) based
on the magnitude of the value (for MIN/MAX/SUM calculations). Internally
the numbers are stored as integers (microseconds).
The Qt UI did not have this formatting feature yet and would therefore
display the values as-is (in microseconds). This patch rescales the Y
value and appends an appropriate label (s, ms or us).
With multiple graphs, rescaling is disabled completely for simplicity
(GTK+ would still try to find an appropriate unit prefix if there are
multiple time graphs).
Bug: 12828
Change-Id: I26ed68fc3497e06ac283a618fee8b673b1b0cf71
Reviewed-on: https://code.wireshark.org/review/21062
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This workaround prevents moving around other columns during drag and
drop and also transfers the sorting order to the new position.
Bug: 13183
Ping-Bug: 13540
Change-Id: I4609c63557bf3abf06ba417ac1b40cac22a82abc
Reviewed-on: https://code.wireshark.org/review/21022
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Guy Harris
Pau Espin