osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
wireshark/tools
History
Gerald Combs 0d497e8125 Initial Sysdig syscall (event) support. 
Add a dissector for reading Sysdig event blocks. It only handles plain
events but it's usable for reading trace files on hand here.

Use a script to generate various parts of the dissector. As an experiment,
update parts in-place instead of using a template.

Ultimately there should probably be a top-level "Syscall" or "Event"
dissector alongside the "Frame" dissector, which could then call this.
You could then directly compare an executable's system calls alongside
its network traffic.

For now leverage the pcapng_block dissector and keep everything under
"Frame".

Next steps:
- Items listed at the top of packet-sysdig-event.c.

Change-Id: I17077e8d7f40d10a946d61189ebc077d81c4da37
Reviewed-on: https://code.wireshark.org/review/11103
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
 		2015-11-10 20:59:53 +00:00
..
cppcheck Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
dftestfiles Rename PCAP files to .pcap; set mime-type appropriately. Should these files be in the test/captures directory? 2013-09-18 14:23:14 +00:00
dftestlib Make the dfilter time tests work regardless of what time zone the tests are 2015-11-10 09:04:48 +00:00
lemon Bail out immediately if we can't allocate a buffer for carving up $PATH. 2015-10-25 02:02:16 +00:00
npl Remove all $Id$ from top of file 2014-03-04 14:27:33 +00:00
pidl tools/pidl: avoid trailing tabs 2015-11-01 09:00:13 +00:00
tpg Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
.gitattributes Add simple script to export release tarball right from Git 2014-06-19 00:35:02 +00:00
Get-HardenFlags.ps1 Explain why Get-HardenFlags currently fails. 2015-10-30 18:31:00 +00:00
Makefile.am Initial Sysdig syscall (event) support. 2015-11-10 20:59:53 +00:00
Makefile.nmake Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
SkinnyProtocolOptimized.xml dissector-skinny: Update skinny dissector to fix ServerRes Message 2015-09-13 19:24:00 +00:00
WiresharkXML.py
asn2deb
asn2wrs.py tools/asn2wrs.py: fix isdn-sup generation with Py3 2015-06-29 22:46:58 +00:00
checkAPIs.pl tools/checkAPIs.pl: improve the hf_ error messages 2015-10-29 12:29:48 +00:00
checkfiltername.pl Remove proto_tree_add_text from some dissectors. 2015-05-26 15:20:46 +00:00
checkhf.pl Replace HF_EMPTY and ETT_EMPTY with -1 2015-03-25 01:05:02 +00:00
checklicenses.py Always use html2text.py for FAQ, improve output 2015-03-25 07:08:52 +00:00
colorfilters2js.pl Add license header to colorfilters2js.pl as per email from Dirk. 2013-09-13 23:02:39 +00:00
commit-msg Add commit-msg hook to tools to spare searching for it 2014-04-08 17:23:14 +00:00
compare-abis.sh Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
compress-pngs.sh WSUG and image updates. 2015-02-14 19:47:03 +00:00
convert-proto-tree-new.awk Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
convert_expert_add_info_format.pl Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
convert_proto_tree_add_text.pl tvb_bytes_to_ep_str -> tvb_bytes_to_str 2015-01-07 18:16:23 +00:00
debian-setup.sh Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
delete_includes.py delete_includes.py: Python 3 compatibility 2015-03-22 16:33:47 +00:00
dfilter-test.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
extract_asn1_from_spec.pl LTE RRC: upgrade dissector to v12.5.0 2015-03-31 21:40:10 +00:00
fix-encoding-args.pl Add proto_tree_add_bitmask_with_flags. 2014-12-08 01:13:02 +00:00
fix_pragma_wdocumentation.sh Add tools for fix -Wdocumentation 2014-11-11 17:31:43 +00:00
fixhf.pl Update my email address in a couple more spots. 2014-06-25 02:15:55 +00:00
ftsanity.py ftsanity.py: make it work with modern tshark 2015-03-24 05:13:46 +00:00
fuzz-test.sh fuzz-test.sh: added missing option in help. 2015-08-13 11:24:08 +00:00
gen-bugnote "tools" updates. 2014-02-25 00:00:54 +00:00
generate-bacnet-vendors.py [tools] Add missing GPL license to generate-bacnet-vendors.py 2014-10-08 10:52:38 +00:00
generate-sysdig-event.py Initial Sysdig syscall (event) support. 2015-11-10 20:59:53 +00:00
git-compare-abis.sh Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
git-export-release.sh Generate xz compressed archives instead of .bz2-s 2014-06-19 00:35:56 +00:00
html2text.py html2text.py: Python 2.5 compatibility, improve Unicode support 2015-03-26 07:14:20 +00:00
idl2deb
idl2wrs Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
indexcap.py indexcap.py: fix tmpdir handling, python 3 compat 2015-03-25 07:09:41 +00:00
install_rpms_for_devel.sh Install GTK3 too. 2015-08-17 20:53:58 +00:00
lex.py Ply parser updated to 3.5 (from GitHub github.com/dabeaz/ply) 2013-12-04 14:45:32 +00:00
list_protos_in_cap.sh indexcap.py: fix tmpdir handling, python 3 compat 2015-03-25 07:09:41 +00:00
make-dissector-reg.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
make-manuf Add OUI-28 to make-manuf. 2015-10-16 18:43:20 +00:00
make-services.pl Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
make-services.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
make-sminmpec.pl Be less aggressive about rebuilding sminmpec.c. 2014-05-09 09:03:24 +00:00
make-tap-reg.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
make-usb.py Fixup make-usb.py 2015-07-19 20:24:08 +00:00
make_charset_table.c Use %zu, not %zd, to print a size_t value (%zd would be for ssize_t). 2015-06-06 19:20:19 +00:00
msnchat
native-nmake.cmd
ncp2222.py NCP2222: change ncp.nds_return_all_classes filter type from FT_STRING to FT_UINT32 2015-09-29 21:48:42 +00:00
netscreen2dump.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
parse_xml2skinny_dissector.py dissector-skinny: Update skinny dissector to fix ServerRes Message 2015-09-13 19:24:00 +00:00
pkt-from-core.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
pre-commit tools/pre-commit: compare files instead of mtime 2015-09-08 11:01:18 +00:00
process-x11-fields.pl x11 generator: Fix indent (use always 4 spaces) and add modelines 2015-10-21 12:18:16 +00:00
process-x11-xcb.pl x11 generator: Fix indent (use always 4 spaces) and add modelines 2015-10-21 12:18:16 +00:00
randpkt-test.sh tools: permit setting BIN_DIR in the environment 2015-06-26 06:52:58 +00:00
rdps.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
runa2x.sh Fix Cygwin path 2015-01-12 12:40:04 +00:00
runlex.sh Fix the flex wrapper to ensure Cygwin /bin is on the path for Windows. 2014-07-08 13:14:42 +00:00
setuid-root.pl.in Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
test-captures.sh tools: permit setting BIN_DIR in the environment 2015-06-26 06:52:58 +00:00
test-common.sh tools: permit setting BIN_DIR in the environment 2015-06-26 06:52:58 +00:00
textify.ps1 Modified script to not use PS 3.0 constructs 2014-08-20 06:24:44 +00:00
update-tx Don't commit translation updates for now. 2015-04-05 15:56:30 +00:00
usb-ptp-extract-models.pl Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
usb-ptp-extract-models.txt
valgrind-wireshark.sh Update valgrind script for the UI 2015-06-26 21:17:39 +00:00
vg-suppressions Add ws_mempbrk_sse42_compile to Valgrind suppression list 2015-02-15 18:46:54 +00:00
win-setup.ps1 Add USBPcap 1.1.0.0-g794bf26 to Windows installer 2015-10-08 04:18:39 +00:00
win-setup.sh Pass HTTP URLs to wget. 2015-04-09 19:56:19 +00:00
wireshark_be.py Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
wireshark_gen.py idl2wrs: Fix Dead Store (Dead assignement/Dead increment) warning found by Clang 2015-09-28 20:11:05 +00:00
ws-coding-style.cfg Remove $Id$ and other Subversion leftovers from the tools. 2014-02-14 01:35:57 +00:00
yacc.py Ply parser updated to 3.5 (from GitHub github.com/dabeaz/ply) 2013-12-04 14:45:32 +00:00