Add reassembly support for AFS.
From me: minor tweaks to conform to other reassemblable protocols; indentation
fixes; modelines
svn path=/trunk/; revision=52113
TODO :
* Support HTTP Header Compression (draft-ietf-httpbis-header-compression)
* Enhance display of Data
* Reassembling of continuation frame (and other frame)
* Add same tap and ping/pong time response
svn path=/trunk/; revision=51591
Dissector for the Sippy RTPproxy controlling protocol. RTPproxy is a well-known
(among SIP-engineers) application and it operates using its own simple
text-based protocol. There are several competing products but all of them
implements it (sometimes slightly extending).
svn path=/trunk/; revision=51417
This patch adds XRO (Exclude Routes) support to RSVP dissector. It
also extends coverage of some new Attribute Flags (LSP_ATTRIBUTES object).
svn path=/trunk/; revision=51199
Add support for the Cisco MetaData (0x8909) ethertype.
From me:
Don't try to register the "eth.type" abbreviation; use "cmd.type" instead.
Add SVN id.
Clean up trailing white space and fix up some indentation.
Don't declare a variable static that need not be.
svn path=/trunk/; revision=51198
From Bart Van Assche.
Changes:
- Add REGISTER AND MOVE and REPLACE LOST RESERVATION service actions.
- Decode the PARAMETER LIST LENGTH field correctly - this is a four
byte field instead of a two byte field.
- For the REGISTER AND MOVE service action, add support for decoding
the RELATIVE TARGET PORT IDENTIFIER, TRANSPORT ID LENGTH and
TransportID fields.
- Fix parsing of the SERVICE ACTION field - this field is five bits
wide instead of four.
- Move the definition of the "scsi.persresv.control.unreg" field just
below the other REGISTER AND MOVE service action parameter list fields.
See also http://www.t10.org/cgi-bin/ac.pl?t=f&f=spc4r36h.pdf.
- Only display persistent reservation information in a PERSISTENT
RESERVE IN response if the ALLOCATION LENGTH field in the request
was not zero.
- Correct the offset of the (SPC-2) SCOPE-SPECIFIC ADDRESS field.
This field starts at offset 16 and not at offset 8.
- Correct the offsets of the SCOPE and TYPE fields. These fields
are both contained in the byte at offset 21.
- Correct the base of the TRANSPORTID LENGTH field from BASE_HEX
into BASE_NONE since this is the base required by non-numeric types.
For more information, see also:
* http://www.t10.org/cgi-bin/ac.pl?t=f&f=spc4r36h.pdf
* http://www.t10.org/cgi-bin/ac.pl?t=f&f=spc2r20.pdf
svn path=/trunk/; revision=51152
In SSH, the protocol version message is terminated by CR LF. Wireshark, in the
info column, strips out the LF, but not the CR.
Attaching a patch to rectify that.
Also, as requested, update the contributor's email address in AUTHORS.
svn path=/trunk/; revision=50902
When a TCP segment contains the end of two or more SSL PDUs, the TCP reassembly
code passes that segment up to the SSL dissector multiple times--one for each
SSL PDU. The SSL dissector queues the packet for SSL tap listeners each time it
is invoked. Therefore a single packet can be processed by SSL tap listeners
multiple times. But the tap data that the SSL dissector sends to its tap
listeners is a linked list of all PDUs in the packet.
The SSL tap listener responsible for populating the Follow SSL Stream dialog
did not account for the possibility of seeing a packet multiple times. As a
result, it would process the entire linked list of PDUs each time it received a
packet, and that would result in some SSL PDUs showing up two or more times in
the dialog.
This patch fixes the described bug. It also implements a few slight
improvements in closely related code. See bugzilla for details.
svn path=/trunk/; revision=49387
I want to add last four colours to Profile Bluetooth. This should
significantly improve readability - rule is one colour for one
protocol/profile.
Also take responsibility (in the AUTHORS file) for first three dissectors.
svn path=/trunk/; revision=49330
via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8635
"enhanced WCCP decoder"
GRE part of the patch.
Me:
Reorder values
Manually apply the rejected parts of the patch (incompatible whitespace)
Fix whitespace inconsistencies of the patch.
svn path=/trunk/; revision=49240
Dissector for PTP-over-IP (picture transfer protocol). PTP-over-USB also exists
but is not identical, so some parts of the dissector are shared for future use.
svn path=/trunk/; revision=49221
[PATCH 1/8]
Add a subtree for the random DTLS elements. This is what TLS already does, and
it makes more sense than prefixing their display names.
[PATCH 2/8]
Show the actual hex content of the cookie by just using proto_tree_add_item.
The cookie length has its own field, so there's no need to display it twice.
[From me]
Fix an @ in the AUTHORS file
svn path=/trunk/; revision=49172
Dissector for NASDAQ's SoupBinTCP protocol (which is non-trivially different
from the old packet-nasdaq-soup dissector).
From me:
- fix CMake entry
- remove C++-style comments
- fix SVN Id tag
svn path=/trunk/; revision=48452
Centralize logic related to per-interface conversations, and expose it for use
by class-specific dissectors.
Class-specific descriptor dissectors also need to know the interface in whose
context they are called to work.
This is a prerequisite for a USB Video Class dissector, which needs to decode
many class-specific descriptors.
svn path=/trunk/; revision=47990
New dissector for the honeypot-feeds protocol.
From me: Misc. tweaks to expert info layout and remove a few unneeded initializers.
svn path=/trunk/; revision=47962
As part of a semster project in our 3rd semester of
"secure information systems" at the university of
applied sciences upper austria, we built a wireshark
dissector for the OpenVPN protocol.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8240
From me:
Rework reassembly code and tree display of
message fragments and reassembled messages.
Fix various bugs and do some cleanup.
Also: Do minor whitespace changes in AUTHORS.
svn path=/trunk/; revision=47247
Dissector for the SEL (Schweitzer Engineering Labs) Fast Message protocol.
From me:
- use wmem instead of glib to not leak memory
- simplify port preference
- remove unneeded initializers
- modelines
- Id tag
svn path=/trunk/; revision=46949
This patch provides
i) support for Shared Use of Experimental TCP Options (draft-ietf-tcpm-experimental-options-03)
ii) support for TCP Fast Open (draft-ietf-tcpm-fastopen-02).
A new 'TFO=R' string is appended at the column info in case a client sends a SYN packet with a Fast Open Cookie Request. Moreover, if the server responds with a SYN-ACK containing a Fast Open Cookie option a 'TFO=C' is shown (as well as in any subsequent client attempt to send SYN + DATA).
tcp.options.tfo display filter can be used in order to easily select the complete TFO three-way handshake.
Chrome (and I think also Firefox) has support for client-side TFO. Linux 3.7 got both client and server-side support.
svn path=/trunk/; revision=46723
(with a few minor fixes by me).
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8002
major change:
reassembling of PNIO fragments (only works if OpenSafty dissector is disabled)
minor changes:
improved handling of DFP Frames
added / updated
MRP Block decoding
ARServerBlock
ARVendorBlock
PDInterfaceDataReal
PDInterfaceAdjust
PDPortStatistic
SubdirFrameData corrected display and subblocks added
PDIRGlobalData complete dissection
decoding of FrameDataProperties and ARTypes updated to conform the STD
removed now usuported RTC2 ranges
svn path=/trunk/; revision=46522
Add a dissector for the America Online protocol (not the AIM protocol).
From me: always use ENC_NA for FT_UINT8 types.
svn path=/trunk/; revision=45731
Add support for HCI 3.0+HS and v4.0, Bluetooth Low Energy. This includes
dissection of additional HCI commands and events, Attribute Protocol and
Security Manager Protocol.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7872
svn path=/trunk/; revision=45709
Add some additional memory-allocation failure checks in Lemon.
Use NULL rather than 0 as the null-pointer constant in those
checks.
From me:
Catch one more of the NULL-vs-0 cases.
Fix some failure messages to use fprintf(stderr, ...) -
ErrorMsg() requires a file name and line number, and is
generally used if you're going to continue rather than just give
up.
svn path=/trunk/; revision=45214
Add Bluetooth Protocol BNEP. Supported version: 1.0.
I changed offset to be an int to follow WS convention.While at it I changed other types to fit the tvb_get routines.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7719
svn path=/trunk/; revision=44894
New dissector for WSE Remote Ethernet protocol
From me :
* Fix Compilation under linux
* Use proto_tree_add_item*
* Make build-in dissector
* Include Status.* and Codef.* in dissector
* Reorder function (to respect Wireshark Codelines)
* Add Modelines Info and fix indent (use 4 spaces)
* Fix check* tools
* Add Clement to AUTHORS
svn path=/trunk/; revision=43086
Bill Meier