Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Specifically: Use ENC_LITTLE_ENDIAN (not ENC_NA) to match all
other integral fetches in the cip dissector.
Change-Id: I5d330084168493f53135dbb97674a2dba9ed7477
Reviewed-on: https://code.wireshark.org/review/5732
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I398e9cf4f6882e76644aa758e12c39a39159e95f
Reviewed-on: https://code.wireshark.org/review/3319
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5f573dffabb8685a8e5a334ff2bfb24d9838daa6
Reviewed-on: https://code.wireshark.org/review/2601
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: Ia69cbe9fea364c735bde956d84a82404b46ec236
Reviewed-on: https://code.wireshark.org/review/1810
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If085a9fc69bbbf28a7c801930a664c412a4a5b7a
Reviewed-on: https://code.wireshark.org/review/1734
Reviewed-by: Michael Mann <mmann78@netscape.net>
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I'm not sold on the name or module the proto_data functions live in, but I believe the function arguments are solid and gives us the most flexibility for the future. And search/replace of a function name is easy enough to do.
The big driving force for getting this in sooner rather than later is the saved memory on ethernet packets (and IP packets soon), that used to have file_scope() proto data when all it needed was packet_scope() data (technically packet_info->pool scoped), strictly for Decode As.
All dissectors that use p_add_proto_data() only for Decode As functionality have been converted to using packet_scope(). All other dissectors were converted to using file_scope() which was the original scope for "proto" data.
svn path=/trunk/; revision=53520
was done using textual search+replace, not anything syntax-aware, so presumably
it got most comments as well (except where there were typos).
Use a consistent coding style, and make proper use of the WS_DLL_* defines.
Group the functions appropriately in the header.
I ended up getting rid of most of the explanatory comments since many of them
duplicated what was in the value_string.c file (and were out of sync with the
recent updates I made to those in r48633). Presumably most of the comments
should be in the .h file not the .c file, but there's enough churn ahead that
it's not worth fixing yet.
Part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8467
svn path=/trunk/; revision=48634
Added the start of IPv6 support for I/O conversations (waiting for spec definitions to complete).
Added support for multiple messages in a single frame to be separated in the COL_INFO column.
ENIP
Added ListIdentity delay dissection
remove check_col()
CIP
Added TimeSync object dissection
svn path=/trunk/; revision=46020
This is a portion of the patch supplied in bug 7902 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7902). Breaking the functionality up into smaller chunks.
This definitively breaks the Modbus dissection into 3 dissectors:
Modbus - real protocol PDU
Modbus/TCP - Encapsulation of Modbus over TCP (with a small header before PDU)
Modbus RTU - Originally an encapsulation of Modbus over serial (with smaller header + CRC), but can also be sent over TCP.
General cleanup/refactoring (including display filter names) based on the 3 dissectors.
Also included:
1. Enhanced dissection to include preferences for register data to be dissected as UINT16, UINT32 or FLOAT
2. Dynamic port registration
3. Additional fields now filterable
svn path=/trunk/; revision=45793
Also (for a few files):
- create/use some extended value strings;
- remove unneeded #include files;
- remove unneeded variable initialization;
- re-order fcns slightly so prefs_reg_handoff...() at end, etc
svn path=/trunk/; revision=44438
The attached patches fix the following issues:
1. CIP-Motion shouldn't be a heuristic dissector. CIP-Motion packets are
determined by specific fields in a CIP ForwardOpen. I ran into situations
where CIP-Motion's "vague" heuristics incorrectly dissected packets meant for
CIP-Safety. Of course this requires the ForwardOpen to be in the trace, but it
is the most deterministic way to have CIP-Motion packets.
2. Minor bugfix to the CIP-Safety dissector. A couple of fields were
"missing", causing errant malformed packets.
svn path=/trunk/; revision=41283