This module implements a dissector for the main table in a SCTE-35 message, a
splice_info_section. This payload is carried in a MPEG Section Table with a
table ID of 0xFC. PIDs carrying this sort of table are also noted in the PMT
with a stream type of 0x86, and a registration descriptor with fourcc 'CUEI'.
The various splice command types are implemented in separate modules, and are
linked to this dissector through the field scte35.splice_command_type. Field
names follow the conventions documented in the SCTE35 specification.
This dissector does not support encrypted SCTE35 messages, other than
indication through the scte35.encrypted_packet flag.
The SCTE-35 protocol is described by the Society of Cable Telecommunications
Engineers at <https://www.scte.org/documents/pdf/Standards/Top%20Ten/ANSI_SCTE%2035%202013.pdf>.
Bug: 12521
Change-Id: I3113e6e61a4e7f1a4a932a0128ca2846c7ce6e6f
Reviewed-on: https://code.wireshark.org/review/15562
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
--sort-and-group--
One
--sort-and-group--
used to be converted into
and One
Remove the leading and in this case.
Change-Id: I3332b316c4fcce164c94e36c3c7b4480947bdf68
Reviewed-on: https://code.wireshark.org/review/17003
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
See http://uftp-multicast.sourceforge.net/ for the original publication
of these dissectors. Both v3 and v4 protocols are dissected.
Bug: 12718
Change-Id: If691a573b9440c7cbe3b35711231b628cf3c8604
Reviewed-on: https://code.wireshark.org/review/16936
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Icc9b6c6bcaac1f3056fa83a4ae9ef66e1537b1a5
Reviewed-on: https://code.wireshark.org/review/16492
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12657
Change-Id: Ib0d9e18b31c1252f63025b10f7a67de6a5e4462c
Reviewed-on: https://code.wireshark.org/review/16491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Compress the source tarball using xz instead of bzip2. Other open source
projects (including many of our dependencies) have been using xz for a
while so hopefully this won't be too much of a shock.
Remove the patch-bzip2 Autotools target while we're here.
Change-Id: I456d27b6cd56a43aba829bd45938f98568eb7b1d
Reviewed-on: https://code.wireshark.org/review/16735
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Ericsson uses a vendor-specific packetized PCU-CCU interface on their
packetized A-bis, which can be encapsulated in their own variant of HDLC
on top of L2TP.
The new P-GSL dissector is called from packet-ehdlc.c, which in turn
integrates with packet-l2tp.c.
Change-Id: Ifca190577b1c9691209221d79e3ef034dc3ca650
Reviewed-on: https://code.wireshark.org/review/16510
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This dissector currently onl dissects the TFP header, treating the
payload (TRAU) as opaque data. Still, it is an improvement to see the
header information like timeslot, sequence number, delay and frame type.
The new TFP dissector is called from packet-ehdlc.c, which in turn is
used inside Ericsson-specific L2TP.
Change-Id: I8835c07e259ec9a324ec92aac39abbef2c902af3
Reviewed-on: https://code.wireshark.org/review/16509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is an attempt to standardize display/handling of checksum fields for all dissectors.
The main target is for dissectors that do validation, but dissectors that just report the
checksum were also included just to make them easier to find in the future.
Bug: 10620
Bug: 12058
Ping-Bug: 8859
Change-Id: Ia8abd86e42eaf8ed50de6b173409e914b17993bf
Reviewed-on: https://code.wireshark.org/review/16380
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Based on IEEE Std 802.1BR-2012
Bug: 12613
Change-Id: Ic5198471f67a1af728df40a09443a1cab2621169
Reviewed-on: https://code.wireshark.org/review/16402
Reviewed-by: Michael Mann <mmann78@netscape.net>
Generating LUA documentation source for the developer guide says that
it's generating XML, which it did before the switch to AsciiDoc. Fix
this statement.
Change-Id: Ib8625af84c74b5f6dc31c1e9e5ded80d9d7940ff
Reviewed-on: https://code.wireshark.org/review/16320
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added info about debugging under Visual Studio.
Updated buildbot info.
Change-Id: I9a6a0a2b14e3616a35f652c99b04ee23ea642ba5
Reviewed-on: https://code.wireshark.org/review/16307
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Add actions to switch between ASCII and EBCDIC, similar to the hex and
bits items.
Bug: 5298
Change-Id: Ib601ac6e89411e6482f3e4172726e16a08fdbd2b
Reviewed-on: https://code.wireshark.org/review/16225
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Recompress PNGs using the current versions of various compressors:
optipng 0.7.6
advpng 1.20
advdef 1.20
pngcrush 1.8.1
Parallelize PNG compression. Note why we're not using a couple of other
compression utilities.
Change-Id: I52757d0bc2d424013e7f00b693a0f5378427cc31
Reviewed-on: https://code.wireshark.org/review/16209
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Now that nmake build system has been removed they are not needed anymore.
Change-Id: I88075f955bb4349185859c1af4be22e53de5850f
Reviewed-on: https://code.wireshark.org/review/16050
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Generate column text dynamically. This keeps us from having to iterate
over our tree items each time we receive updates.
Set the uniformRowHeights property.
Stop automatically resizing columns after 200 items.
Fixup name resolution behavior. Disable the checkbox if host name
resolution is disabled.
Change-Id: Ib2fef604d6ee9e39a8b1edd72d58d0cb02d3bb64
Reviewed-on: https://code.wireshark.org/review/16110
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
TShark has had the functionality for awhile. While the GUI version
still has ways to change and persist Decode As functionality, adding
command line functionality gives the Decode As from initial launch
of the GUI.
Was also an excuse to refactor a bunch of code out of tshark.c
Bug: 5143
Change-Id: Ie67007d75e897bc06cc9afd9b84372a96b93778c
Reviewed-on: https://code.wireshark.org/review/16008
Reviewed-by: Michael Mann <mmann78@netscape.net>
Should we call it the intelligenter scroll bar?
Change-Id: I67e76c1aabeb4b2e87e38815fe4ab120f0869b25
Reviewed-on: https://code.wireshark.org/review/15936
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Device dialog appears when user double clicks on device in
Devices dialog (Bluetooth->Devices). It provides
summary of device, like BD_ADDR, name, timeouts, etc.
Base on information from HCI layer, so this feature is more interesting
for local devices (capturing on its side). Each field has changes counter,
what mean that value at specified field changes in time, for example:
user change device name 3 times. Please note that initial change
is not counted. It means that you can see fielkd without any value
then change occur and counter is not increased. It will be increased
next time. Reason for that is in most cases field value is unknown
at start.
Change-Id: Ife0a6bd454eac00a28f8eb2906e1b395695b0307
Reviewed-on: https://code.wireshark.org/review/15793
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Many of our AsciiDoc "macros" are simple string replacements. Start
converting them to attributes.
Update the release notes.
Change-Id: I23d9ffd311f13a34c16cde3b4898b7f7bb8ba638
Reviewed-on: https://code.wireshark.org/review/15778
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add Follow, Firewall, and Flow updates.
Sort and group the new protocol list.
Remove some fixed bugs.
Change-Id: I76f92f746d0f695567cc411cd6c6cd8d59d923c4
Reviewed-on: https://code.wireshark.org/review/15712
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Showing 'if (tree)' constructions in code samples and then having to
explain these are no longer nessasery, or even wrong in many cases,
indicates that these shouldn't be in the code samples in the first
place.
Change-Id: I1a0ccc84ad24ff998548fa913bc00c0336bf1123
Reviewed-on: https://code.wireshark.org/review/15659
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I74cddcce3104da269e9587ee78ff29785734188f
Reviewed-on: https://code.wireshark.org/review/12479
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Update the graphic showing the functional blocks, incorporating the
changes which were listed as incorrect in the corresponding text.
Change-Id: Id962b4e31cb2912a4de75fc0a7e7ab97ff60d117
Reviewed-on: https://code.wireshark.org/review/15662
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12455
Change-Id: I1c1fc4b2bff0e446d3eb8e1b3be4ea7669cec923
Reviewed-on: https://code.wireshark.org/review/15511
Reviewed-by: Michael Mann <mmann78@netscape.net>
We need to point xsltproc to the images directories.
The bigger images have scaling problems but at least they're
there now.
This is already done in cmake.
Change-Id: I260a8f3e335b9f5726811bcd6811f6c5b9f3a6b2
Reviewed-on: https://code.wireshark.org/review/15408
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
We neeed to set the build directory (because that's where the wslua stuff gets
put).
Also fix up wslua dependencies:
- It's needed (only) for the asciidoc->XML step
- It's not needed for the wsug any more
Change-Id: Ic1231a964b1edfb7d2eeacc5cc1c3fdda6969f21
Reviewed-on: https://code.wireshark.org/review/15407
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Let the make recipe fail if a dependency is missing. That is more user-friendly
(a2x: command not found) than an empty target and having to re-run configure.
Test for both w3m and lynx when generating text files. If neither is available
skip it.
Add an explicit target to build pdf documentation.
Change-Id: I760475acd7278f5ab5a782c1828a134c58cf7b42
Reviewed-on: https://code.wireshark.org/review/15229
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
The preference is disabled by default and saves a little
bit of memory for those that don't get process information
from IPFIX.
Change-Id: I4b6a106d156862a8d53bf2ad5ee88ea857637815
Reviewed-on: https://code.wireshark.org/review/15139
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12272
Change-Id: I9e58187695ceef089b452657d2fe60400114f522
Reviewed-on: https://code.wireshark.org/review/14866
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make it easier to link the hex with ascii bytes. The background color
will become yellow for bytes with the mouse focus.
Bug: 11547
Change-Id: Iab87e598a302ecf7bb7b37cd6ad55ea291c02b82
Reviewed-on: https://code.wireshark.org/review/14716
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
the mplog format is used by some commercial logging tools that capture
ISO 14443 traffic between a card reader and a contactless smartcard
Change-Id: If359b8f0f671eb2a7c6315e2b8960a5bd581a9e9
Reviewed-on: https://code.wireshark.org/review/14950
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Bluetooth BR/EDR RF dissector is pseudoheader with some
useful information to decode Bluetooth air packets.
This implements LINKTYPE_BLUETOOTH_BREDR_BB assigned
by tcpdump group.
Change-Id: I751d1f5d9c15650d93e6e8b2cc94294eb48c73de
Reviewed-on: https://code.wireshark.org/review/14760
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
As suggested by Graham Bloice.
Change-Id: Ic42e89e2b4ce98cbda827533d234ee1e3d03d32f
Reviewed-on: https://code.wireshark.org/review/14583
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Ping-Bug: 11209
Change-Id: Ife36b7ad02d22e2fa53eedc8d49a81ff8c578844
Reviewed-on: https://code.wireshark.org/review/14554
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove dependencies on xmllint. We don't write DocBook by hand any more
and we haven't used it in a long time in the CMake builds.
Change-Id: Ic07f03b00c4554c058eece0462b0925d565b6da1
Reviewed-on: https://code.wireshark.org/review/14506
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Initial import of source code for the dissector of the ISO 8583-1
'financial transaction card originated messages - Interchange
message specification' standard.
Bug: 12244
Change-Id: I24804cab4a93131ec9afa307844ad62eb2e01089
Reviewed-on: https://code.wireshark.org/review/14311
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lightweight M2M is a protocol on top of CoAP that is used for
device management. The specification contains a custom payload
format - a simple type, length, value binary encoding.
This patch adds support for dissecting this payload format.
While not yet officially registered, the main open source
implementation of the lwm2m protocol - eclipse's leshan - uses this
content type 1542 for its messages.
Bug: 12110
Change-Id: Ib022d1f485c706f1d69ceec7200790448d080965
Reviewed-on: https://code.wireshark.org/review/13835
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
- Add ShowAsASCIIandControl to keep ShowAsASCII only ASCII printable.
- Enable show selected when ShowAsRAW.
- Use QString::fromLatin1() when ShowAs8859_1.
- Don't replace null with symbol for null when ShowAsUTF8.
Change-Id: I25750247160e33d342fde12e6a998e3198270acf
Reviewed-on: https://code.wireshark.org/review/14220
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Bug: 12160
Change-Id: I00771df346893c1112599f8affb9a47f9d793a87
Reviewed-on: https://code.wireshark.org/review/14199
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Let targets depend on the generate_developer-guide.xml target instead of
the developer-guide.xml output file.
Change-Id: I66106ad69c9baedbd58a008b4dbbbf93b787c2c2
Reviewed-on: https://code.wireshark.org/review/14156
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissector for the USB3 Vision machine vision camera protocol.
* Descriptors
* Bootstrap registers
* Control (GenCP)
* Stream data
A sample capture (usb_u3v_sample.pcapng) has been uploaded to
https://wiki.wireshark.org/SampleCapture
USB3 Vision a standard developed under the sponsorship
of the AIA for the benefit of the machine vision industry.
U3V stands for USB3 Vision (TM) Protocol
Change-Id: If1206df7974c6a91cf18f59ddecf9d38b9827934
Reviewed-on: https://code.wireshark.org/review/14008
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Documentation changes only (comments and docbook).
Update WSDG with the fragment_add_seq_check API that was introduced in
Wireshark 1.10.
Fix typos and clarify the many functions we have for adding reassembling
fragments.
Change-Id: I38715a8f58e9cf1fe3e34ee4b1a4ae339630282b
Reviewed-on: https://code.wireshark.org/review/14066
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for using regular expressions in the Search Frame
when searching in packet list, packet details and packet bytes.
This search is in many cases faster than plain string search.
Change-Id: I2d8a709046f90d7b278fb39547fc4e2e420623bc
Reviewed-on: https://code.wireshark.org/review/13981
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add an option to decode the packet bytes from base64 or zlib compressed.
Also add configurable start byte and end byte to make it possible to
decode a subset of bytes. It's also possible to select a range in ASCII
view and select "Show selected" from the context menu to make a subset.
In ASCII view a null terminator is replaced by UTF8 symbol for NULL,
and a CR is replaced by UTF8 symbol for carriage return. This is done
to make it possible to "Show selected" from the context menu.
Change-Id: Ie03c9912c304c121af6ca9e998a6e8445b5382c5
Reviewed-on: https://code.wireshark.org/review/13958
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 12033
Change-Id: I04ad97933639b1c6192608d12a1fb72f4c3725e2
Reviewed-on: https://code.wireshark.org/review/13576
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw or UTF-8.
Images supported are what's supported by QImage, and HTML supported
is what's supported by QTextEdit.
Change-Id: I96fc5c5d222c5389078576463cf78d82cf55528d
Reviewed-on: https://code.wireshark.org/review/13807
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
For historiacal reasons OBEX protocol was implemented as
"Bluetooth OBEX", that means it is OBEX + Bluetooth related stuff.
However Bluetooth related stuff does not caused any issue right now,
so allow to use this dissector in non-Bluetooth cases.
Bug: 11724
Change-Id: Ic645308bc854602d009f254ebbfd1b703a4c6a25
Reviewed-on: https://code.wireshark.org/review/13740
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Userlog is user flow logs of H3C device.
Flow logging records users' access to the extranet. The device classifies and
calculates flows through the 5-tuple information, which includes source IP address,
destination IP address, source port, destination port, and protocol number,
and generates user flow logs. Flow logging records the 5-tuple information of
the packets and number of the bytes received and sent. With flow logs, administrators
can track and record accesses to the network, facilitating the availability and
security of the network.
examplecapture: https://wiki.wireshark.org/SampleCaptures#UserLog
Bug: 11878
Change-Id: If3b5ca75bdd6cd8dc12af4a35401c5a6aa193a73
Reviewed-on: https://code.wireshark.org/review/8148
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move ui/filters.[ch] to filter_files.[ch] because dumpcap is using functionality.
Bug: 8091
Change-Id: I195c82fc023f97d6f331b8718c45a2d83d30faea
Reviewed-on: https://code.wireshark.org/review/5925
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
IPOS is the networking operating system used in
Ericsson's SSR 8000, Router 6000, and SP routers, etc..
This change added the IPOS kernel packet header dissector.
The change creates a new file for IPOS protocol named "packet-ipos.c".
IPOS will register sub dissectors with the dissect
table "sll_linux_dissector_table" for IPOS internal ethernet
packet types. IPOS dissector also calls the existing REDBACK
dissector.
Change-Id: I642b932010be6aa05314f21ea8596d1c45eacf5b
Reviewed-on: https://code.wireshark.org/review/13408
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update images and describe related packets and the intelligent
scrollbar. Suggest a way to make it easier to get a screenshot of
related packets.
Change-Id: I5bf27b0c53fb62f3e567765400141a374a465e4e
Reviewed-on: https://code.wireshark.org/review/13159
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update link to Gerrit.
Update Windows Git section with info on install options
and updated links.
Fix CMake section header level.
Change-Id: I24769534e07e79a0608201e103cb8f1b8625cf86
Reviewed-on: https://code.wireshark.org/review/13158
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
1. Pump Configuration and Control
2. Fan Control
3. Dehumidification Control
4. Thermostat User Interface Configuration
Change-Id: I854f992a0c6e8a5714f308e97f30e7bc26fb73fc
Reviewed-on: https://code.wireshark.org/review/13102
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for Generic Framing Procedure. Generic Framing Procedure (GFP)
is used to map octet-aligned variable length payloads (e.g. Ethernet, MPLS,
octet-aligned PPP, IP) into octet-synchronous signals such as SONET/SDH
(ITU-T G.707) and OTN (ITU-T G.709). GFP is a telecommunications industry
standard defined in ITU-T G.7041/Y.1303.
(https://www.itu.int/rec/T-REC-G.7041/)
Bug: 11961
Change-Id: Idf5b311e82b051b1ee65bde5149b3de405537b02
Reviewed-on: https://code.wireshark.org/review/13043
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* tvb_*_length mentioned in README.dissector
* fixed typos in README.dissector
* using stats_tree_register_plugin in the stats_tree examples both in README.stats_tree and the dev guide
* removed the version information and the #endif from the stats tree section in README.dissector
Change-Id: I27df0b5dfd66a7c0ac5b0fe1bdc882b3e9ffda74
Reviewed-on: https://code.wireshark.org/review/12908
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This dissector was mostly code-reviewed in a previous change:
https://code.wireshark.org/review/#/c/11305
But it had an issue with a pointer using a sequence number (8 Bytes).
This change is meant to correct that, as well as a small formatting
error I found in the text shown.
Change-Id: Ib7e27eb2734c46e970b99161bd04438b5675bde4
Reviewed-on: https://code.wireshark.org/review/12660
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Qt already has a menu item for this in Statistics -> Capture File Properties
Bug: 9628
Change-Id: I85dd6f85d43fbfb60c2f4db82d9a02d91866127c
Reviewed-on: https://code.wireshark.org/review/12725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This dissector shows the information related to the RTI TCP Control
messages used to manage the TCP connections, but also dissects the
RTPS data that is sent on top of RTI TCP. This only happens with
RTI's DDS implementation.
Bug: 11640
Change-Id: I89fcb620256aeed7cae5829b70d92c6868d94929
Reviewed-on: https://code.wireshark.org/review/11305
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Developed by Emerson Industrial Automation (Control Techniques Division)
eCMP is a protocol for setting up and controlling the devices in a factory
automation system. eCMP has about 30 commands; most are embedded into TCP/IP
messages, but cyclic data messages use the UDP protocol.
Bug: 10562
Change-Id: I9a421f39dfbdbc9e28d8f7cba72c22e270064641
Reviewed-on: https://code.wireshark.org/review/3157
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Try to clarify 2003 and XP support in the User's and Developer's guides.
Change-Id: Id08b21374485bf7655b83bb20b7c3d70f8871499
Reviewed-on: https://code.wireshark.org/review/12275
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Almost all replacements were done awhile ago, just put the final nail in the coffin.
Change-Id: I0a708d886da5a500c2a1e2c9ee2736794bdb9411
Reviewed-on: https://code.wireshark.org/review/12206
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The typedef for the "old style" has been removed as well as any old vs new style checks.
The release notes have been updated to reflect the API change, even though the search/replace of the "new style" function names hasn't happen yet. But it will be coming shortly...
Change-Id: I6d1eeb51d30e3b2b27f0eafd85fe0ddc0ca25b14
Reviewed-on: https://code.wireshark.org/review/12153
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove references to nmake, add references to CMake.
Change-Id: Iea2d2b2fbdbab131bae823d5d6a5306630a70347
Reviewed-on: https://code.wireshark.org/review/12079
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix a bunch of typos.
Commented out Strawberry Perl section on Windows, CMake no longer
uses it.
Removed commented out svn commit section.
Change-Id: Ied53c1b9aed69dc2c99449ef198f69a8cba42d5e
Reviewed-on: https://code.wireshark.org/review/12011
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do not remove "ws.css" when doing a build in the source tree. Ignore
files that were automatically generated with cmake and the Ninja
generator (cmake -GNinja).
Change-Id: I24cae27eb8ae9664e3354ba646fd5503649349b1
Reviewed-on: https://code.wireshark.org/review/12007
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Update the docs to indicate the modified -G parameter required for
CMake when building an x64 version.
Change-Id: I9cc75ca99daf248111242c2962df313de32ca0d1
Reviewed-on: https://code.wireshark.org/review/11992
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id0c583eacbef01d9dbdb54c27893d44cc32d9a31
Reviewed-on: https://code.wireshark.org/review/11680
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The one from official CMake (3.3.2) does not look for the default 64bits installation path. Let's add it.
Also add a WIRESHARK_CYGWIN_INSTALL_PATH environment variable allowing to force it.
For reference, registry based detection fails to detect a 64bits installation because it gets redirected to the Wow6432 node.
Change-Id: If3172494e3ab232e094389b493e6b67023662ae5
Reviewed-on: https://code.wireshark.org/review/11769
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
CMake generated CHM supports it properly, contrary to NMake. As this is the future, let's put it back!
Change-Id: Ifc5ea84942043c04808546df75ae956effa16747
Reviewed-on: https://code.wireshark.org/review/11763
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Specify which ./configure options are passed into the RPM.
Describe the 3 package RPM package names and their contents.
Describe how to enable parallel builds when making RPMs.
RPM now stands for "RPM Package Manager."
Fix some markup problems.
Change-Id: I1664aa0956719e872d302a4af2c092318f5eea6d
Reviewed-on: https://code.wireshark.org/review/11737
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a dissector for the ISO14443 protocols between a contactless
smartcard and a card reader.
The overall approach is similar to DVB-CI. We have a pseudo-header in
front of the captured data that has information about the type of the
captured data and the direction.
For now, the dissector registers itself by name so it can be linked to a
user-DLT. I am applying for an official DLT.
Change-Id: I9c4a28ef5b220f205baf58381bf1962996887a9d
Reviewed-on: https://code.wireshark.org/review/11663
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I16280d3fd4023c5a16026e8e10f1d12dfca45641
Reviewed-on: https://code.wireshark.org/review/11657
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Updated the WSDG Windows build instructions to use CMake.
Change-Id: I5006c07e09ec6f628e8bc44006a3f1086e831a3c
Reviewed-on: https://code.wireshark.org/review/11485
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Updated the main window and main menu screenshots. Update the markup for
the File and Edit menus.
Change-Id: I31282e3913692895a35e749c54c77c8069c7167a
Reviewed-on: https://code.wireshark.org/review/11487
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Also reword the "reload of the current capture file as MIME or capture file"
item a bit.
Lastly, these release notes are a preview of 2.2 now (not 2.0).
Change-Id: Ie0ad7573b0df56534d02b8942b7a6376546bedc5
Reviewed-on: https://code.wireshark.org/review/11287
Reviewed-by: Michael Mann <mmann78@netscape.net>
The title "New File Format Support" containing a list that included PCAP and
PCAPNG caught my eye: Wireshark has supported those for years. (Attempt to)
explain what it means.
Change-Id: I472fabcca00befee9032cd7ef11bf30257b8ff8e
Reviewed-on: https://code.wireshark.org/review/11076
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 1a434143693a7f9ce103dfcf53e60c63415c81e8)
Reviewed-on: https://code.wireshark.org/review/11147
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
You can switch now between Capture mode and FileFormat of it.
This works only if there is MIME FileFormat dissector of opened file.
Change-Id: I9e98e972775561cfbe731ee1a1b99300d119efc6
Reviewed-on: https://code.wireshark.org/review/10090
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
For it shall cast a blight upon xmllint validation.
Change-Id: I3d39f1ace960aba738e494190dad1f15da2e39d9
Reviewed-on: https://code.wireshark.org/review/10990
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Note the "initial". This is woefully incomplete. See the "to do" lists
below and in the code.
This differs a bit from the GTK+ version in that you specify one or more
streams to be decoded.
Instead of showing waveforms in individual widgets, add them all to a
single QCustomPlot. This conserves screen real estate and lets us more
easily take advantage of the QCP API. It also looks better IMHO.
Change a bunch of checks for QtMultimediaWidgets to QtMultimedia. We
probably won't use the widgets until we make 5.0 our minimum Qt
version and plain old QtMultimedia lets us support Qt 4 more easily
(in theory at least).
Add resampling code from libspeex. I initially used this to resample
each packet to match the preferred rate of our output device, but this
resulted in poorer audio quality than expected. Leave it in and use to
create visual samples for QCP and to match rates any time the rate
changes. The latter is currently untested.
Add some debugging macros.
Note that both the RTP player and RTP analysis dialogs decode audio data
using different code.
Note that voip_calls_packet and voip_calls_init_tap appear to be dead
code.
To do:
- Add silence frames where needed.
- Implement the jitter buffer.
- Implement the playback timing controls.
- Tapping / scanning streams might be too slow.
Change-Id: I20dd3b66d3df53c9b1f3501262dc01458849f6b4
Bug: 9007
Reviewed-on: https://code.wireshark.org/review/10458
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Neighborhood Watch Protocol (NWP) is an XIA protocol for resolving network
addresses to link-layer addresses. Hosts on a LAN send NWP Announcement
packets with their host identifiers (HIDs), and neighbors in the LAN respond
with NWP Neighbor List packets containing their HIDs and associated link-layer
addresses.
Bug: 11492
Change-Id: Ib1e801474b1aa72f5dd3d8303eeec36b96ee0a99
Reviewed-on: https://code.wireshark.org/review/10316
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This replaces a question (recently remarked upon on -users) with a link to
someplace where we already have documentation on the subject.
Change-Id: I6c5cf2b0f674c129aaa017da0ca44176c5be665f
Reviewed-on: https://code.wireshark.org/review/10677
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Its time has finally come.
Technically I just renamed it to proto_tree_add_text_internal and removed the WS_DLL_PUBLIC (so it shouldn't link outside of epan). It's still (legitimately) used by expert.c otherwise I would have made it static within proto.c (and the rename wouldn't have been necessary).
Change-Id: I9bdf888d5e92bc7b70a3f5461b9297a66d994b80
Reviewed-on: https://code.wireshark.org/review/10594
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
TCPROS is a transport layer for ROS Messages and Services.
It uses standard TCP/IP sockets for transporting message data.
Inbound connections are received via a TCP Server Socket with a header containing message data type and routing information.
For more information, see: http://wiki.ros.org/ROS/TCPROS
Bug: 11404
Change-Id: If8810dbb2cb6d6522eb035fd0fa1cf49933bad3d
Reviewed-on: https://code.wireshark.org/review/9807
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added the wifi capturing feature in the Androiddump.
Wifi packet capturing is done by making use of tcpdump in android devices.
Android wifi will appear as a capture interface in the interface window.
This will be an added support for android devices for device network bandwidth analysis.
Change-Id: I71d24ae5d1764d3ee7e50f09cd0b530ee9654844
Reviewed-on: https://code.wireshark.org/review/10414
Reviewed-by: ronnie sahlberg <ronniesahlberg@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Added a new relational test: 'x in {a b c}'. The only LHS entity
supported at this time is a field. The generated DFVM operations are
equivalent to an OR'ed series of =='s, but with the redundant existence
tests removed.
Change-Id: Iddc89b81cf7ad6319aef1a2a94f93314cb721a8a
Reviewed-on: https://code.wireshark.org/review/10246
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Copied from the RTP Analysis dialog, just like the GTK+ version.
Change-Id: I111020bc4073a3a3ba583bdace51a91ee5fef300
Reviewed-on: https://code.wireshark.org/review/10447
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Serval is a service-centric architecture that has been ported to XIA to
allow applications to communicate using service names. This change adds
a dissector for XIP Serval, which sits between layers 3 and 4, and
also amends the XIP dissector to be able to invoke it.
Bug: 11491
Change-Id: I11299ddbd0fb9eaf8728f8b3fde2a63656963114
Reviewed-on: https://code.wireshark.org/review/10315
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add ProgressFame::addToButtonBox, which violates the UX guidelines on
every platform we support by inserting a ProgressFrame into a
QDialogButtonBox.
Call addToButtonBox in the constructors of a bunch of dialogs.
Change-Id: I33ac5fd7a976ee6e0527de569a5c4b528980dae1
Reviewed-on: https://code.wireshark.org/review/10242
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This adds a dissector Concise Binary Object Representation (CBOR) (RFC 7049).
CBOR is a binary data format designed for implementations with small
code size as used in the IoT. It uses a structure similar to JSON, but
encodes the data in binary format. This is used on top of CoAP for
example.
Change-Id: I9d7b7d4f7609c899bfc68250cdfebd5dc64e0402
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/9848
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
They have educational values and can be used to debugging some issues.
Now Wireshark can open three files (BTSNOOP, PCAP, PCAPNG)
in two modes: Capture (Traditional) and File-Format.
Change-Id: I833b2464d11864f170923dc989a1925d3d217943
Reviewed-on: https://code.wireshark.org/review/10089
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add custom {developer,user}_guide_docbook targets for docbook output. Make
sure the HTML, PDF, and CHM outputs depend on their associated docbook
target and not on the output .xml file. This keeps us from running a2x
instances in parallel.
Change-Id: I73b0db50ae92f62eb08ae284d498cdf2d697ac00
Reviewed-on: https://code.wireshark.org/review/9920
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Improve consistency when referring to 3GPP TS 32.423:
- The standard name is "3GPP TS 32.423" (with "TS", and "." separator).
- Fix typo in number series ("32" not "34").
- The standard refers to "Trace", not "Nettrace".
Change-Id: If9994b9c6de69b6e1bdfc6679fbaabe698971949
Reviewed-on: https://code.wireshark.org/review/9795
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move the boolean flag for using captured DNS packet info for name resolution
to the Name Resolution preferences settings, as it was rather surprising to
disable Name Resolution preferences and still have names being resolved. Also
disble them all if the '-n' command line switch is used, and re-enable it for
a 'd' character in the '-N' option.
Bug: 10337
Change-Id: Ie4d47bab0100db3360cc447cd3e446b2e39aa917
Reviewed-on: https://code.wireshark.org/review/9786
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
This changeset is a forward port of Gregors ms-wsp branch from his
repo http://repo.or.cz/w/wireshark-wip.git. Most of the messages of
the MS-WSP protocol are implemented here and as such consists of the
majority of the changes for the dissector.
In addition to the forward porting Gregors work I added some extra bits
1) cater for SMB2 Read Response and Write Request msgs that can also
contain MSWSP messages
2) update property specifications with info extracted from MS-WSP protocol
doc
3) store some basic data about previously seen messages that are needed
for dissecting CPMGetRows request
4) expand/update dissect_CPMSetBindings & parse_CTableColumn routines
5) parse and store CTableColumn & CPMSetBindingsIn structures in conversation
related data for use later.
6) fully dissect/parse SeekDesciption of CPMGetRowsOut
7) dissect CPMGetRows out message specifically the Rows & Columns
8) flesh out the boolean properties of uBooleanOptions field
9) flesh out various other dissectors:
CPMRatioFinished
CPMRestartPosition
CPMCompareBmkIn/CPMCompareBmkOut
CPMGetApproximatePosition
CPMGetSendNotifyOut
FindIndicesIn/Out
FetchValue
Bug: 11321
Change-Id: I68b5c2f3e63874c1dbb271feab89b2b8aa65ac39
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9440
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ia31326105cf559c2196d45369270552fb78da6c7
Reviewed-on: https://code.wireshark.org/review/9692
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
HCI Summary dialogue collect HCI Opcodes, HCI Events, Hardware Errors,
Statuses and Reasons. Also show occurrence of them. The top level item
is group of items (by OGF or types), the second level item is in real
command, event, hardware error, status or reason. The third level items
are direct link to packet that contains second level item type.
Change-Id: I6b6bd02533c4605a2dd2c1f5dfee46f72a0f3fdc
Reviewed-on: https://code.wireshark.org/review/9676
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Future: Allow multiple protocols to be disabled in one option statement
(perhaps using a comma or colon delmited set of names in <proto_name>)
instead of having to specify --disable-protocol <proto_name> multiple times.
Change-Id: I9b8f960acf75298ebb098d9b667fca49dca52306
Reviewed-on: https://code.wireshark.org/review/9631
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The size of some of the wslua source files has grown large, and it's hard
to quickly find things. So split them up based on class name, as much as
seems reasonable. Also have the make-wsluarm.pl Perl script handle this.
Change-Id: Ib495ec5c2a4df90495c0a05504856288a0b09213
Reviewed-on: https://code.wireshark.org/review/9579
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
The eXpressive Internet Protocol (XIP) is the network layer
protocol for the eXpressive Internet Architecture (XIA), a
future Internet architecture project. The addresses in XIP are
directed acyclic graphs, so much of the code included in this
addition verifies the correctness of the DAGs and displays them
in human-readable form.
Bug: 11265
Change-Id: I948aaa73b927f8afc162d89689d184c5657f60b1
Reviewed-on: https://code.wireshark.org/review/8881
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix a typo ("and and") while we're at it.
Change-Id: Ib68bbdf0b358f56b36cf53906f105c5ee6493ec4
Reviewed-on: https://code.wireshark.org/review/9446
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The pathnames have spaces, so they must be quoted.
At least on my VM, I had to run it as Administrator.
Change-Id: I7600edbdbe3205c7f766cc651bd6b86340efa0ff
Reviewed-on: https://code.wireshark.org/review/9429
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Split the nsis_package target into nsis_package_prep which has
dependencies and nsis_package which has no dependencies and as a result
blindly builds the package. Remove the nsis_uninstaller target since
that's now handled by nsis_package_prep. Nsis_package_prep *should*
also take care of the dependencies for portableapps_package, but that
hasn't been tested.
Update the Developer's Guide.
This requires coordination with the Windows buildbots.
Change-Id: Ib9e3141832c782355135a1637fba5a07c2ca4ba1
Reviewed-on: https://code.wireshark.org/review/9217
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Please found it under Bluetooth menu. It shows all devices found
in logs, not only connected, all that its address can be found in
logs. Show if device is local (in most cases: capturing on it side)
and manufacturer and LMP version what should answer the question what
version of Bluetooth is used by Bluetooth device chip.
Also firmware version.
Change-Id: I32e3b7100cdebcaa850b6541de0ab89dff41c0e1
Reviewed-on: https://code.wireshark.org/review/8901
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Add support for RPCoRDMA and as a result support NFSoRDMA protocol
Bug:11251
Change-Id: I1a4af1b4e6b344224f5ce0efa77d7dbfca8aae46
Signed-off-by: Slava Shwartsman <slavash@mellanox.com>
Signed-off-by: Yan Burman <yanb@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/8758
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Implements dissection for the Performance Co-Pilot proxy protocol. Its a
simple protocol that exchanges host and port information and then passes
all traffic via the usual PCP protocol.
Change-Id: I54fbf6b7755b7b1c60e0e1696ac9c4f0d98d8fe7
Reviewed-on: https://code.wireshark.org/review/8704
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Changes from the GTK+ UI:
- The display filter is built on the fly with immediate syntax feedback.
- Slightly different layout.
- You can search for fields.
Make the plain SyntaxLineEdit a bit more plain.
Bug: 11128
Change-Id: I06a48cd7b9ba7b9dc193b0199540aede4eb62fa7
Reviewed-on: https://code.wireshark.org/review/8742
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I6c5405beef4e8d880d73d9706e61e953431cce4f
Reviewed-on: https://code.wireshark.org/review/8504
Reviewed-by: Michael Mann <mmann78@netscape.net>
A IRC user was asking about the meaning of `my.username` and noted that
information is scattered over places. This patch tries to make the
documentation more friendly for newcomers which are unfamiliar with
Gerrit (and maybe OpenID?).
The login page already recommends Launchpad, so no need to write it
here.
Change-Id: Ic55c9a2073d0045c6367f3efc8c842e53215f2dd
Reviewed-on: https://code.wireshark.org/review/8288
Reviewed-by: Mark <launchpad@markcunningham.ie>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Bug: 11063
Change-Id: I3daa9e6a75e52df1587678bd78f42e4e46fe4509
Reviewed-on: https://code.wireshark.org/review/7557
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove check_git_version.sh and its associated targets. We haven't used
git_version.xml since the AsciiDoc conversion.
Change-Id: I480f0094c4355d71201f2dd285198581bbbfc415
Reviewed-on: https://code.wireshark.org/review/8104
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
- GIAS dissector
- Netscaler 3.5 support
- GUI menu API for plugins
Change-Id: I88f52a73e1149de6fe0588c1316b27fac9af59ce
Reviewed-on: https://code.wireshark.org/review/8090
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add win-setup.ps1, which duplicates the following tasks performed by
config.nmake + Makefile.nmake + win-setup.sh:
- Create the windows library directory.
- Download files.
- Download and unpack zip files.
- Check and set current-tag.txt
Don't verify applications or libraries. CMakeLists.txt does that.
Update the Developer's Guide.
Have POWERSHELL_COMMAND use dot sourcing instead of "-File", which
appears to be a synonym for "-IgnoreTheExitStatusReturnedByThisScript".
This removes our dependencies on unzip and wget and reduces our dependency
on bash.
Change-Id: Ia9def24acbe183d81b9d477fa42e655e4a3a6614
Reviewed-on: https://code.wireshark.org/review/7990
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add missing androiddump stuff like:
- release notes
- documentation
- Windows nmake support
- running androiddump as a windows application instead of console on Windows
- addition of androiddump to the Windows installer
Change-Id: I3bc6cc70e4dc96c0cd776f3d965dd2aa0309995d
Reviewed-on: https://code.wireshark.org/review/7981
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Update the PA section of the Developer's Guide.
Change-Id: I383d2a2405e742eb353390f5a43fd6d6d32cb25b
Reviewed-on: https://code.wireshark.org/review/8012
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Bug: 5553
Change-Id: If297036b6d7a7afe163d97b05bc4a319d6cf2e97
Reviewed-on: https://code.wireshark.org/review/7949
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Its CA certificate configuration appears to be incomplete. Recommend
Cygwin's instead.
Change-Id: I0e7ddbfbb2a37f2872a820442e2d185f20ef551e
Reviewed-on: https://code.wireshark.org/review/7948
Reviewed-by: Gerald Combs <gerald@wireshark.org>
A recent commit broke compilation with Python 3. The original author of
html2text.py is deceased and the fork has increased the number of files
for this "simple" helper.
The html2text.py script in this patch was rewritten and its output
matches with lynx (except for a few newlines around lists). This means
that indentation has been added for headings, paragraphs and lists.
Also, since it was written from scratch, a new license could be chosen
that matches Wireshark.
Since now the in-tree html2text.py script provides nicer output, remove
detection of the alternative programs (elinks, links). lynx/w3m is
somehow still necessary for asciidoc though.
(I also looked into reusing html2text.py for the release notes to
replace asciidoc, but the --format=html output produces different output
(HTML adds a ToC and section numbers). For now still require lynx for
release notes)
Tested with Python 2.6.6, 2.7.9, 3.2.6 and 3.4.3 under LC_ALL=C and
LC_ALL=en_US.UTF-8 on Linux. Tested reading from stdin and file, writing
to file, pipe and tty. Tested with cmake (Ninja) and autotools on Arch
Linux x86_64. Test:
# For each $PATH per python version, execute (with varying LC_ALL)
help/faq.py -b | tools/html2text.py /dev/stdin | md5sum
help/faq.py -b | tools/html2text.py | md5sum
help/faq.py -b | tools/html2text.py
help/faq.py -b | tools/html2text.py >/dev/null
Change-Id: I6409450a3e6c8b010ca082251f9db7358b0cc2fd
Reviewed-on: https://code.wireshark.org/review/7779
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Took the original patch from bug 5116 and made the dissector "human readable".
Bug: 5116
Change-Id: Ic5cc35f919865bc84ee8a3d0589f498ef13e8f6f
Signed-off-by: Michael Mann <mmann78@netscape.net>
Signed-off-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-on: https://code.wireshark.org/review/7605
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Originally suggested by Bill Meier for the MQTT protocol[1], but the
Websocket protocol can also benefit from this. Since
DESEGMENT_ONE_MORE_SEGMENT is a valid packet length, use the zero length
instead as an indicator that the length is not yet known.
Updated documentation too and remove the function documentation from
packet-tcp.c since it is duplicated in packet-tcp.h.
A noteworthy WSDG change is that the get_pdu_len parameter of
tcp_dissect_pdus gained another void pointer since
v1.99.2rc0-890-gceb8d95 ("Lua: Expose tcp_dissect_pdus() to Lua").
[1]: https://www.wireshark.org/lists/wireshark-dev/201405/msg00044.html
Change-Id: I4eba380e00cd757635eb5639c2857356dae3171e
Reviewed-on: https://code.wireshark.org/review/7279
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>