These are similar to the routines added to ui/alert_box.c for dialog-box
libwiretap error reporting.
This centralizes the knowledge about what to say for various libwiretap
errors, removing some duplicate code, and giving more details in some
programs.
Change-Id: I737405c4edaa0e6c27840f78a8c587a8b3ee120b
Reviewed-on: https://code.wireshark.org/review/21234
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They deal with sets of hfids, which can belong to protocols as well as
fields (I guess you could argue that a protocol is a field, but...).
Change-Id: Ibd103cfa26427ead4ef54be89f1251908004cfae
Reviewed-on: https://code.wireshark.org/review/21154
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes sure that postdissectors that indicate that they need certain
fields in the first pass will get them.
While we're at it:
Fix the field-fetching code in TRANSUM not to assume it got any
instances of the field being fetched.
Rename process_packet_first_pass() in sharkd to process_packet(), as
it's the only routine in sharkd that processes packets.
Rename process_packet() in tshark and tfshark to
process_packet_single_pass(), as it's what's used if we're only doing
one-pass analysis.
Clean up comments and whitespace.
Change-Id: I3769af952c66f5ca4b68002ad6213858ab9cab9b
Reviewed-on: https://code.wireshark.org/review/21063
Reviewed-by: Guy Harris <guy@alum.mit.edu>
XXX_prime_with_YYY makes it a bit clearer than does XXX_prime_YYY that
we're not priming YYY, we're priming XXX *using* YYY.
Change-Id: I1686b8b5469bc0f0bd6db8551fb6301776a1b133
Reviewed-on: https://code.wireshark.org/review/21031
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently, this is only used to determine whether a protocol tree needs
to be built on the first pass or not - if there are postdissectors that
need fields, it does - but eventually we should be able to use it to
prime the dissection to deliver those fields in cases where we don't
need the *entire* protocol tree (rather than using a hack such as
cooking up a fake tap with a fake filter to do that).
Update MATE and TRANSUM to use it.
Clean up code to check whether we need a protocol tree, and add comments
before that code indicating, in each case, what the criteria are.
The array of postdissectors includes a length, so we don't need to
separately keep track of the number of postdissectors.
Clean up indentation while we're at it.
Change-Id: I71d4025848206d144bc54cc82941089a50e80ab7
Reviewed-on: https://code.wireshark.org/review/21029
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, nothing using libwireshark needs to know what settings need to
be loaded, they just call epan_load_settings().
Change-Id: I9390e259e286fc4f5acaeaac2767e4c3c4b656af
Reviewed-on: https://code.wireshark.org/review/20983
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It doesn't belong in libwireshark, as it doesn't affect dissection, but
it *does* belong in libui, as it's helper code for the UIs.
Change-Id: I8a5e0640a299a08e9ec1917dd253197438ebfdbc
Reviewed-on: https://code.wireshark.org/review/20974
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No need to duplicate it in N different programs.
Update comments while we're at it.
Change-Id: I3096cbe5448a19363eff6303bdd54e522dae9336
Reviewed-on: https://code.wireshark.org/review/20973
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's identical in the GTK+ and Qt UIs, and it should just be done in
libwireshark.
Rename some routines to just speak of enabled_and_disabled_lists, so we
don't have to say enabled_and_disabled_protos_and_heuristic_dissectors
or something such as that.
Clean up indentation.
Change-Id: Ief2e612d9e1b60d8d0123b6bd3409dce5faf6495
Reviewed-on: https://code.wireshark.org/review/20970
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a "report a warning message" routine to the "report_err" code in
libwsutil, and rename files and routines appropriately, as they don't
only handle errors any more.
Have a routine read_enabled_and_disabled_protos() that reads all the
files that enable or disable protocols or heuristic dissectors, enables
and disables them based on the contents of those files, and reports
errors itself (as warnings) using the new "report a warning message"
routine. Fix that error reporting to report separately on the disabled
protocols, enabled protocols, and heuristic dissectors files.
Have a routine to set up the enabled and disabled protocols and
heuristic dissectors from the command-line arguments, so it's done the
same way in all programs.
If we try to enable or disable an unknown heuristic dissector via a
command-line argument, report an error.
Update a bunch of comments.
Update the name of disabled_protos_cleanup(), as it cleans up
information for disabled *and* enabled protocols and for heuristic
dissectors.
Support the command-line flags to enable and disable protocols and
heuristic dissectors in tfshark.
Change-Id: I9b8bd29947cccdf6dc34a0540b5509ef941391df
Reviewed-on: https://code.wireshark.org/review/20966
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I6ffe2d21cabfe326568b5f090c322d4dafd92d9d
Reviewed-on: https://code.wireshark.org/review/20181
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The cleanup routine has been added to exit section of the applications.
Those which required a exit restyle have been patched as well.
Change-Id: I3a8787f0718ac7fef00dc58176869c7510fda7b1
Reviewed-on: https://code.wireshark.org/review/19949
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
This patch introduces the frame.interface_description field.
While testing this new functionality it became obvious that we have
a non-optimal interaction between the existing cfile.c's
cap_file_get_interface_name(), the recently added frame.interface_name
field and this new frame.interface_description field.
The string returned from cap_file_get_interface_name() may in fact
come from one of three different sources: the idb's interface name
(if it exists) or the idb's interface description (if that exists)
or a default text of "unknown". The string ultimately becomes the
rame.interface_name whether or not the idb had an interface name
option to begin with. This behavior does not allow one to test for
the simple presence of frame.interface_name. The new peer function
cap_file_get_interface_description() added by this patch returns
NULL instead of "unknown" if the idb does not have an interface
description. Should cap_file_get_interface_name() be similarly
modified to return NULL if the idb does not have an interface name?
Bug: 9781
Change-Id: Ie479f373c5080c004dd22bd88919838feca71e95
Reviewed-on: https://code.wireshark.org/review/19861
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The clean_exit block allows deallocation of memory on exit.
Change-Id: I52078f0e4e851b6aa5f34cbbd15eba0a4f37cae0
Reviewed-on: https://code.wireshark.org/review/19940
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
sharkd listens on UNIX socket and allows external clients
to run commands like: loading file, analysing frames or running TAP(s).
Change-Id: I443b2865e4adfd1c11f4f57d09ff7fce6b1e8766
Reviewed-on: https://code.wireshark.org/review/18208
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>