Replace the Wireshark code for that with code that matches what TShark
does.
Update a comment in TShark while we're at it.
Fixes#14215.
(Still leaves it popping up the full window, but that's a bigger
change.)
`-k` is a capture option, so add a HAVE_LIBPCAP check similar to other
flags. Fixes
../ui/commandline.c:459:41: error: no member named 'start_capture' in 'struct commandline_param_info'
global_commandline_info.start_capture = TRUE;
~~~~~~~~~~~~~~~~~~~~~~~ ^
It's not a generic capture option also supported by TShark and dumpcap,
it's Wireshark-specific (dumpcap *always* starts a capture, and TShark
starts one iff it's passed one or more interfaces on which to capture;
only Wireshark needs it to start the capture immediately - that's a
relic of the days when Wireshark *itself* did what dumpcap now does for
Wireshark).
Handle it in commandline_other_options(), rather than in
capture_opts_add_opt().
That lets us get rid of an argument to capture_opts_add_opt(), and dummy
variables in TShark and dumpcap used to work with that extra argument.
Some applications emits improper bencode packets (w/o terminating 'e' -
they erroneously imply that EOF can be considered as a
end-of-dictionary). Let's not fail while parsing these packets.
Change-Id: Ib650e246c7f56b40ef07227eb0dd175a30e4d3a9
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
"Commonly-used" meaning "used by more than one source file".
Clean up the exit codes, combining some duplicates with different names,
and using some instead of raw numbers in some places.
"Received" could mean "received by the rpcap client" or "received as
part of the capturing process by Wireshark". The former would mean "no
capture is happening", so there would be no packets *to* interpret using
that preference; use "captured" to clarify that it's the latter (which
could mean it was dropped as part of the capture process, or it could
just mean we started capturing in the middle of the remote capture
process).
The User Info field was appearing when it shouldn't and the Ranging Common
Info was at the wrong level.
Change-Id: Id75222b3048f9ad735fa78d07d5778f08e4c8474
Changes:
- Added description of playlist idea and related operations
- Added description of RTP Player dialog
- Added description of VoIP Calls dialog
- Added description of Flow Graph dialog
- Added help link to Flow Graph dialog
- Added description of RTP Streams window
- Added description of RTP Stream Analysis window
- Updated related past images
Calling cmake with -DENABLE_VLD=ON when building with Visual Studio,
results in debug configuration being linked to Visual Leak Detector.
By default, Visual Leak Detector outputs the leak summary to Visual
Studio debug window. When ENABLE_VLD is active, VLD is linked to all
wireshark libraries and executables.
Add a heuristic sub dissector table to allow other dissectors
to register and be called if no match is found for the UAT
configured sub dissectors.
Pass the topic string to the heuristic sub dissector in the data
pointer as an aid for the heuristic.
According to specification, size of PROFINETIOServiceResPDU
is calculated and checked under dissect_RSI_RSP_block
function. Moreover, dissect_rsi_blocks function is added and
type of PDU and operation number (Opnum) are checked before
dissection starts.
Improve dissection of IEEE 802.15.4 TAP DLT by reporting the number of
data bytes of the original data frame and create a separate packet bytes
pane containing just that data without the TAP TLV content.
Drop in the comment from libpcap about version 1.2 (I wrote that
comment, and generously double-license it under the BSD license and the
GPL :-)).
Redo the version test as
if (!({version is one we handle}))
to match the way it's done in libpcap.
- parse the number of system call arguments in a way that works for both V1 and V2 event blocks
- returned the correct error string when unable to read the nparams entry from a sysdig event block V2
Update the pcap-ng reader and sysdig event dissector to support the second version of the sysdig event block, which was introduced after Wireshark's original implementation