Change-Id: I9f7df2f62197c574087dbcce2c7b0ba7e6c8c56b
Reviewed-on: https://code.wireshark.org/review/24197
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add support for configuring message decoding based on topic.
Matching criteria is equal-to, contains, starts-with, ends-with
or regular expression.
Change-Id: I677d869716eb1d2798974e2c65605a454421a66c
Reviewed-on: https://code.wireshark.org/review/24196
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This patch includes several minor improvements:
- Special (only for Sinumerik NC): allow NCK address description in
data-part
- Userdata parameter part: add text definition for second req/res
- Don't add data tree in userdata telegrams, when there is no data in
there
- Cyclic functions: add new subfunction
- Alarming: add SCAN message decoding
- Improve info column display when there are multiple PDUs in one frame
Change-Id: Ib9afd0c6b14cf97ed645084e095f79fb40b07f43
Reviewed-on: https://code.wireshark.org/review/24170
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove all dependancy for the byte_view_text from the epan system,
and therefore cleanly separate data and display for further separation
of dissection and view
Change-Id: Id1ee91b93da4511afa95f24da4cbbf39cbb89b1f
Reviewed-on: https://code.wireshark.org/review/24050
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Collects multiple values of the same field into an array.
Empty protocols are now written as empty objects to not conflict
with the same protocols in other packets.
Remove _score since it has no effect.
Bug: 12958
Change-Id: Ibe8ea9bc1e3e63dea1fe4eaf522fa38cad88a17f
Reviewed-on: https://code.wireshark.org/review/24171
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When using the Elasticsearch output but only printing the packet
summary with -P a segfault will occur because the empty packet
tree is not properly handled in this case.
Change-Id: I0c91314ae013785ae6dceabd6af33db4b836d1b2
Reviewed-on: https://code.wireshark.org/review/24153
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia46903586219ee79210a980a04024af02acb0db0
Reviewed-on: https://code.wireshark.org/review/24189
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia0c3b688dfdcd9fdad4f65df12ef97db99bdb095
Reviewed-on: https://code.wireshark.org/review/24192
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
We require support for AF_INET/AF_INET6 to run and assume this is available
on all supported platforms. If and when reality clashes with that assumption just
avoid aborting. Errors are to be expected as long as they don't produce a crash.
Change-Id: I5c107b1a8fd64441eb96f48381412e180b66feb7
Reviewed-on: https://code.wireshark.org/review/24187
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
After other changes, add info about -G help
and update output from -G dissector-tables.
Change-Id: I339d5c31a606720ef92e641e59ec5a45114321a8
Reviewed-on: https://code.wireshark.org/review/24188
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Fix a tpyo while we're at it.
Change-Id: I1bde763ec2bd188c0f8afd1069db5a9f23963e8e
Reviewed-on: https://code.wireshark.org/review/24186
Reviewed-by: Guy Harris <guy@alum.mit.edu>
NCP and SBCCS values used for conversation (endpoints) and not
to pass "type" to subdissectors.
Change-Id: I56a13d2bb7d718b340e9b5a102c43f6e0012bfb9
Reviewed-on: https://code.wireshark.org/review/24174
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
It defines a ws_in4_addr type, which is intended to hold IPv4 addresses
in network byte order, and some macros to test for IPv4 addresses in the
local network control block and multicast IPv4 addresses.
Use those macros in places where dissectors had their own code for that
purpose.
Change-Id: I4252b410e37207157be85119a332e2a6913b332f
Reviewed-on: https://code.wireshark.org/review/24178
Reviewed-by: Guy Harris <guy@alum.mit.edu>
FT_IPv6 doesn't expose the prefix, which is used only for values in
filter expressions, not values in protocol fields; do the same for
FT_IPv4, hiding the netmask, and using fvalue_get_integer() to get the
value, having it return a network-byte-order value for the address.
(This also makes it opaque whether the address and netmask are stored in
host or network byte order.)
Change-Id: I4285a87f6ccef2c0ccec040490ddcd15d787326e
Reviewed-on: https://code.wireshark.org/review/24177
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just directly use the addr field, converting from host to network byte
order if necessary.
Change-Id: Ie1cd9ea5527b7824014dc315225ad2a6adb61c38
Reviewed-on: https://code.wireshark.org/review/24176
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use our DIAG_OFF macros instead while at it.
Change-Id: I01d8d71a42fb108be156a68f8552ce537a1e2484
Reviewed-on: https://code.wireshark.org/review/15467
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Follow up to having conversions use endpoint_type instead of
port_type.
Change-Id: Ifd59a33bd8b9a013c242bce5fcceb09533f02c17
Reviewed-on: https://code.wireshark.org/review/24172
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The "internal" port type has been serialized by export PDU functionality
and nettrace_3gpp_32_423 wiretap. To better support "endpoint" functionality
the port types will be removed/updated and that changes the implicit values
from the port_type enum.
Take a snapshot of the current port_type values and use those specific values
when reading/writing export PDU data and provide conversion functions that can
be modified when port_types are removed. Do the same for nettrace_3gpp_32_423
wiretap.
Change-Id: I770bd0cab22e84f3cf49032fc86c5927bf85263f
Reviewed-on: https://code.wireshark.org/review/24169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
make-manuf lives in the "tools" directory.
Change-Id: I9be2d44178f27d46629c439ff61f624d8d99e681
Reviewed-on: https://code.wireshark.org/review/24168
Reviewed-by: Michael Mann <mmann78@netscape.net>
For the moment this mirrors the port_type enumeration (PT_XXX), but the
intent is to move away from using "port types", eliminating most (if not
all)
Added conversation_pt_to_endpoint_type() so that conversations deal with the
correct enumeration. This is for dissector that use pinfo->ptype as input
to conversation APIs. Explicit use of port types are converted to using
ENDPOINT_XXX type.
Change-Id: Ia0bf553a3943b702c921f185407e03ce93ebf0ef
Reviewed-on: https://code.wireshark.org/review/24166
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I480e58a1676677bb362bb4e9dc866c5d5f0814e1
Reviewed-on: https://code.wireshark.org/review/24111
Reviewed-by: Jeff Dyer <jmasterfunk@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Allocate the buffer at the point we fill it in, and pick the appropriate
size or let the wmem_strXXX routine do it for us.
If we aren't using an address table, just fetch the value as an IPv4
address and hand it to ip_to_str_buf() - don't fetch it in host byte
order and then *fix* it by byte-swapping (hint: on a big-endian machine,
host byte order *is* network byte order and you don't want to swap it;
not all the world's an x86).
Change-Id: I966b107271ba166ff76a5600fbc4922808e7ead1
Reviewed-on: https://code.wireshark.org/review/24159
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We have WS_INET_ADDRSTRLEN and WS_INET6_ADDRSTRLEN; use them.
Change-Id: Idade0da9fae70d891901acd787b06d21e2ddbc5f
Reviewed-on: https://code.wireshark.org/review/24156
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a comment explaining why Windows has different, larger values for
INET_ADDRSTRLEN and INET6_ADDRSTRLEN.
Change-Id: I4ad53c6cffae46d108f778460ce653dcc9343c64
Reviewed-on: https://code.wireshark.org/review/24155
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dead weight. If this feature is wanted getprotobynumber()
should be called once on startup.
Change-Id: I0358bacdc60466f676fa1aab7f4b7c9e588d8d74
Reviewed-on: https://code.wireshark.org/review/24045
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
The intention is to make it more transparent when making a switch
to an "endpoint" over address/port combination.
Change-Id: Ic424c32095ecb103bcb4f7f4079c549de2c8d9c4
Reviewed-on: https://code.wireshark.org/review/24148
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The information was for internal debugging, presumably as conversations
were converted to use the new algorithm. The algorithm has been in
place for a few years now and GTK is deprecated.
Change-Id: Ice0d0611bfbc0970089c671ab2cca15bfa5bf2fa
Reviewed-on: https://code.wireshark.org/review/24147
Reviewed-by: Michael Mann <mmann78@netscape.net>
The variables in the check were reversed
Change-Id: Idc7fc2b88ac1cde699b76423890918ce4b0ac086
Reviewed-on: https://code.wireshark.org/review/24149
Reviewed-by: Michael Mann <mmann78@netscape.net>
It was duplicated in GTK, so just make it public (at least for now)
Change-Id: I89d985b2d42f0edb1c535a65a97b132920dedbcd
Reviewed-on: https://code.wireshark.org/review/24146
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This makes it easier to identify the simpler/common conversations
Change-Id: I7094f23e49156ee27f5f72c8e130308470f3e462
Reviewed-on: https://code.wireshark.org/review/24145
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 14113
Change-Id: I73c4962597d8f8bab83f089c9821269e0b7b1568
Reviewed-on: https://code.wireshark.org/review/24109
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Magnus Henoch <magnus.henoch@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>