2014-08-06 17:07:42 +00:00
|
|
|
/* endpoint_dialog.cpp
|
|
|
|
|
*
|
|
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
|
*
|
2018-04-30 07:47:58 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
|
|
|
|
*/
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
#include "endpoint_dialog.h"
|
|
|
|
|
|
2018-02-09 01:20:26 +00:00
|
|
|
#include <epan/maxmind_db.h>
|
2014-08-06 17:07:42 +00:00
|
|
|
|
2016-01-12 19:02:58 +00:00
|
|
|
#include <epan/prefs.h>
|
|
|
|
|
|
2014-08-06 17:07:42 +00:00
|
|
|
#include "ui/recent.h"
|
|
|
|
|
#include "ui/traffic_table_ui.h"
|
|
|
|
|
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
#include "wsutil/file_util.h"
|
2018-02-09 01:20:26 +00:00
|
|
|
#include "wsutil/pint.h"
|
2014-08-06 17:07:42 +00:00
|
|
|
#include "wsutil/str_util.h"
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
#include <wsutil/utf8_entities.h>
|
2014-08-06 17:07:42 +00:00
|
|
|
|
2017-07-25 14:15:18 +00:00
|
|
|
#include <ui/qt/utils/qt_ui_utils.h>
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
#include <ui/qt/utils/variant_pointer.h>
|
|
|
|
|
#include <ui/qt/widgets/wireshark_file_dialog.h>
|
2014-08-06 17:07:42 +00:00
|
|
|
#include "wireshark_application.h"
|
|
|
|
|
|
2015-02-08 20:24:19 +00:00
|
|
|
#include <QCheckBox>
|
2014-09-05 18:17:17 +00:00
|
|
|
#include <QDesktopServices>
|
2015-02-08 20:24:19 +00:00
|
|
|
#include <QDialogButtonBox>
|
2014-08-06 17:07:42 +00:00
|
|
|
#include <QMessageBox>
|
2015-02-08 20:24:19 +00:00
|
|
|
#include <QPushButton>
|
2014-09-05 18:17:17 +00:00
|
|
|
#include <QUrl>
|
2019-09-01 18:37:38 +00:00
|
|
|
#include <QTemporaryFile>
|
2014-08-06 17:07:42 +00:00
|
|
|
|
2016-06-22 17:56:30 +00:00
|
|
|
static const QString table_name_ = QObject::tr("Endpoint");
|
2014-12-22 23:51:36 +00:00
|
|
|
EndpointDialog::EndpointDialog(QWidget &parent, CaptureFile &cf, int cli_proto_id, const char *filter) :
|
2014-08-06 17:07:42 +00:00
|
|
|
TrafficTableDialog(parent, cf, filter, table_name_)
|
|
|
|
|
{
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
#ifdef HAVE_MAXMINDDB
|
|
|
|
|
map_bt_ = buttonBox()->addButton(tr("Map"), QDialogButtonBox::ActionRole);
|
|
|
|
|
map_bt_->setToolTip(tr("Draw IPv4 or IPv6 endpoints on a map."));
|
|
|
|
|
connect(trafficTableTabWidget(), &QTabWidget::currentChanged, this, &EndpointDialog::tabChanged);
|
|
|
|
|
|
|
|
|
|
QMenu *map_menu_ = new QMenu(map_bt_);
|
|
|
|
|
QAction *action;
|
|
|
|
|
action = map_menu_->addAction(tr("Open in browser"));
|
|
|
|
|
connect(action, &QAction::triggered, this, &EndpointDialog::openMap);
|
2020-09-29 00:40:05 +00:00
|
|
|
action = map_menu_->addAction(tr("Save As…"));
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
connect(action, &QAction::triggered, this, &EndpointDialog::saveMap);
|
|
|
|
|
map_bt_->setMenu(map_menu_);
|
|
|
|
|
#endif
|
2015-08-24 19:33:49 +00:00
|
|
|
addProgressFrame(&parent);
|
|
|
|
|
|
2014-08-06 17:07:42 +00:00
|
|
|
QList<int> endp_protos;
|
|
|
|
|
for (GList *endp_tab = recent.endpoint_tabs; endp_tab; endp_tab = endp_tab->next) {
|
|
|
|
|
int proto_id = proto_get_id_by_short_name((const char *)endp_tab->data);
|
|
|
|
|
if (proto_id > -1 && !endp_protos.contains(proto_id)) {
|
|
|
|
|
endp_protos.append(proto_id);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (endp_protos.isEmpty()) {
|
|
|
|
|
endp_protos = defaultProtos();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Bring the command-line specified type to the front.
|
2017-02-07 22:05:17 +00:00
|
|
|
if ((cli_proto_id > 0) && (get_conversation_by_proto_id(cli_proto_id))) {
|
2014-08-06 17:07:42 +00:00
|
|
|
endp_protos.removeAll(cli_proto_id);
|
|
|
|
|
endp_protos.prepend(cli_proto_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// QTabWidget selects the first item by default.
|
|
|
|
|
foreach (int endp_proto, endp_protos) {
|
|
|
|
|
addTrafficTable(get_conversation_by_proto_id(endp_proto));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fillTypeMenu(endp_protos);
|
|
|
|
|
|
2016-09-13 11:37:11 +00:00
|
|
|
QPushButton *close_bt = buttonBox()->button(QDialogButtonBox::Close);
|
|
|
|
|
if (close_bt) {
|
|
|
|
|
close_bt->setDefault(true);
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-23 20:10:52 +00:00
|
|
|
updateWidgets();
|
|
|
|
|
// currentTabChanged();
|
2014-08-06 17:07:42 +00:00
|
|
|
|
2015-07-29 17:36:46 +00:00
|
|
|
cap_file_.delayedRetapPackets();
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
EndpointDialog::~EndpointDialog()
|
|
|
|
|
{
|
|
|
|
|
prefs_clear_string_list(recent.endpoint_tabs);
|
|
|
|
|
recent.endpoint_tabs = NULL;
|
|
|
|
|
|
|
|
|
|
EndpointTreeWidget *cur_tree = qobject_cast<EndpointTreeWidget *>(trafficTableTabWidget()->currentWidget());
|
|
|
|
|
foreach (QAction *ea, traffic_type_menu_.actions()) {
|
|
|
|
|
int proto_id = ea->data().value<int>();
|
|
|
|
|
if (proto_id_to_tree_.contains(proto_id) && ea->isChecked()) {
|
|
|
|
|
char *title = g_strdup(proto_get_protocol_short_name(find_protocol_by_id(proto_id)));
|
|
|
|
|
if (proto_id_to_tree_[proto_id] == cur_tree) {
|
|
|
|
|
recent.endpoint_tabs = g_list_prepend(recent.endpoint_tabs, title);
|
|
|
|
|
} else {
|
|
|
|
|
recent.endpoint_tabs = g_list_append(recent.endpoint_tabs, title);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-12-21 21:23:02 +00:00
|
|
|
void EndpointDialog::captureFileClosing()
|
2014-08-06 17:07:42 +00:00
|
|
|
{
|
2014-12-21 21:23:02 +00:00
|
|
|
// Keep the dialog around but disable any controls that depend
|
|
|
|
|
// on a live capture file.
|
|
|
|
|
for (int i = 0; i < trafficTableTabWidget()->count(); i++) {
|
|
|
|
|
EndpointTreeWidget *cur_tree = qobject_cast<EndpointTreeWidget *>(trafficTableTabWidget()->widget(i));
|
2016-06-22 19:44:02 +00:00
|
|
|
disconnect(cur_tree, SIGNAL(filterAction(QString,FilterAction::Action,FilterAction::ActionType)),
|
|
|
|
|
this, SIGNAL(filterAction(QString,FilterAction::Action,FilterAction::ActionType)));
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
2021-01-10 20:57:47 +00:00
|
|
|
TrafficTableDialog::captureFileClosing();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void EndpointDialog::captureFileClosed()
|
|
|
|
|
{
|
2014-12-21 21:23:02 +00:00
|
|
|
displayFilterCheckBox()->setEnabled(false);
|
|
|
|
|
enabledTypesPushButton()->setEnabled(false);
|
2021-01-10 20:57:47 +00:00
|
|
|
TrafficTableDialog::captureFileClosed();
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool EndpointDialog::addTrafficTable(register_ct_t *table)
|
|
|
|
|
{
|
|
|
|
|
int proto_id = get_conversation_proto_id(table);
|
|
|
|
|
|
|
|
|
|
if (!table || proto_id_to_tree_.contains(proto_id)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
EndpointTreeWidget *endp_tree = new EndpointTreeWidget(this, table);
|
|
|
|
|
|
|
|
|
|
proto_id_to_tree_[proto_id] = endp_tree;
|
|
|
|
|
const char* table_name = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
|
|
|
|
|
|
|
|
|
|
trafficTableTabWidget()->addTab(endp_tree, table_name);
|
|
|
|
|
|
|
|
|
|
connect(endp_tree, SIGNAL(titleChanged(QWidget*,QString)),
|
|
|
|
|
this, SLOT(setTabText(QWidget*,QString)));
|
2016-06-22 19:44:02 +00:00
|
|
|
connect(endp_tree, SIGNAL(filterAction(QString,FilterAction::Action,FilterAction::ActionType)),
|
|
|
|
|
this, SIGNAL(filterAction(QString,FilterAction::Action,FilterAction::ActionType)));
|
2014-08-06 17:07:42 +00:00
|
|
|
connect(nameResolutionCheckBox(), SIGNAL(toggled(bool)),
|
|
|
|
|
endp_tree, SLOT(setNameResolutionEnabled(bool)));
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
#ifdef HAVE_MAXMINDDB
|
|
|
|
|
connect(endp_tree, &EndpointTreeWidget::geoIPStatusChanged,
|
|
|
|
|
this, &EndpointDialog::tabChanged);
|
|
|
|
|
#endif
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
// XXX Move to ConversationTreeWidget ctor?
|
2014-11-29 18:29:26 +00:00
|
|
|
QByteArray filter_utf8;
|
2014-08-06 17:07:42 +00:00
|
|
|
const char *filter = NULL;
|
|
|
|
|
if (displayFilterCheckBox()->isChecked()) {
|
2014-12-21 21:23:02 +00:00
|
|
|
filter = cap_file_.capFile()->dfilter;
|
2014-08-06 17:07:42 +00:00
|
|
|
} else if (!filter_.isEmpty()) {
|
2014-11-29 18:29:26 +00:00
|
|
|
filter_utf8 = filter_.toUtf8();
|
|
|
|
|
filter = filter_utf8.constData();
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
endp_tree->trafficTreeHash()->user_data = endp_tree;
|
|
|
|
|
|
2015-08-24 19:30:56 +00:00
|
|
|
registerTapListener(proto_get_protocol_filter_name(proto_id), endp_tree->trafficTreeHash(), filter, 0,
|
|
|
|
|
EndpointTreeWidget::tapReset,
|
|
|
|
|
get_hostlist_packet_func(table),
|
|
|
|
|
EndpointTreeWidget::tapDraw);
|
2014-08-06 17:07:42 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
#ifdef HAVE_MAXMINDDB
|
|
|
|
|
void EndpointDialog::tabChanged()
|
|
|
|
|
{
|
|
|
|
|
EndpointTreeWidget *cur_tree = qobject_cast<EndpointTreeWidget *>(trafficTableTabWidget()->currentWidget());
|
|
|
|
|
map_bt_->setEnabled(cur_tree && cur_tree->hasGeoIPData());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
QUrl EndpointDialog::createMap(bool json_only)
|
|
|
|
|
{
|
|
|
|
|
EndpointTreeWidget *cur_tree = qobject_cast<EndpointTreeWidget *>(trafficTableTabWidget()->currentWidget());
|
|
|
|
|
if (!cur_tree) {
|
|
|
|
|
return QUrl();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Construct list of hosts with a valid MMDB entry.
|
|
|
|
|
QTreeWidgetItemIterator it(cur_tree);
|
|
|
|
|
GPtrArray *hosts_arr = g_ptr_array_new();
|
|
|
|
|
while (*it) {
|
|
|
|
|
const mmdb_lookup_t *geo = VariantPointer<const mmdb_lookup_t>::asPtr((*it)->data(0, Qt::UserRole + 1));
|
|
|
|
|
if (maxmind_db_has_coords(geo)) {
|
|
|
|
|
hostlist_talker_t *host = VariantPointer<hostlist_talker_t>::asPtr((*it)->data(0, Qt::UserRole));
|
|
|
|
|
g_ptr_array_add(hosts_arr, (gpointer)host);
|
|
|
|
|
}
|
|
|
|
|
++it;
|
|
|
|
|
}
|
|
|
|
|
if (hosts_arr->len == 0) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"), tr("No endpoints available to map"));
|
|
|
|
|
g_ptr_array_free(hosts_arr, TRUE);
|
|
|
|
|
return QUrl();
|
|
|
|
|
}
|
|
|
|
|
g_ptr_array_add(hosts_arr, NULL);
|
|
|
|
|
hostlist_talker_t **hosts = (hostlist_talker_t **)g_ptr_array_free(hosts_arr, FALSE);
|
|
|
|
|
|
2020-12-11 11:24:23 +00:00
|
|
|
QString tempname = QString("%1/ipmapXXXXXX.html").arg(QDir::tempPath());
|
|
|
|
|
QTemporaryFile tf(tempname);
|
2019-09-01 18:37:38 +00:00
|
|
|
if (!tf.open()) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"), tr("Unable to create temporary file"));
|
|
|
|
|
g_free(hosts);
|
|
|
|
|
return QUrl();
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
}
|
2020-03-27 17:03:22 +00:00
|
|
|
|
|
|
|
|
//
|
|
|
|
|
// XXX - At least with Qt 5.12 retrieving the name only works when
|
|
|
|
|
// it has been retrieved at least once when the file is open.
|
|
|
|
|
//
|
|
|
|
|
QString tempfilename = tf.fileName();
|
2019-09-01 18:37:38 +00:00
|
|
|
int fd = tf.handle();
|
2020-01-24 18:17:22 +00:00
|
|
|
//
|
|
|
|
|
// XXX - QFileDevice.handle() can return -1, but can QTemporaryFile.handle()
|
|
|
|
|
// do so if QTemporaryFile.open() has succeeded?
|
|
|
|
|
//
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
if (fd == -1) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"), tr("Unable to create temporary file"));
|
|
|
|
|
g_free(hosts);
|
|
|
|
|
return QUrl();
|
|
|
|
|
}
|
2020-12-12 11:27:51 +00:00
|
|
|
// duplicate file descriptor as it is not allowed to perform a fclose before closing QFile
|
dup() can fail; check whether it does.
If, for example, you run out of file descriptors, dup() can fail, and
ws_dup() is a wrapper around it on UN*X. Don't just pass the result of
ws_dup() to ws_fdopen(); instead, save its result, check against -1 and,
if it's -1, give up, otherwise pass it to ws_fdopen().
This addresses Coverity CID 1471708.
Also, if ws_fdopen() fails, close the descriptor we got from ws_dup();
this closes a possible FD leak.
2021-01-19 07:31:27 +00:00
|
|
|
int duped_fd = ws_dup(fd);
|
|
|
|
|
if (duped_fd == -1) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"), tr("Unable to create temporary file"));
|
|
|
|
|
g_free(hosts);
|
|
|
|
|
return QUrl();
|
|
|
|
|
}
|
|
|
|
|
FILE* fp = ws_fdopen(duped_fd, "wb");
|
2020-01-24 18:17:22 +00:00
|
|
|
if (fp == NULL) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"), tr("Unable to create temporary file"));
|
|
|
|
|
g_free(hosts);
|
dup() can fail; check whether it does.
If, for example, you run out of file descriptors, dup() can fail, and
ws_dup() is a wrapper around it on UN*X. Don't just pass the result of
ws_dup() to ws_fdopen(); instead, save its result, check against -1 and,
if it's -1, give up, otherwise pass it to ws_fdopen().
This addresses Coverity CID 1471708.
Also, if ws_fdopen() fails, close the descriptor we got from ws_dup();
this closes a possible FD leak.
2021-01-19 07:31:27 +00:00
|
|
|
ws_close(duped_fd);
|
2020-01-24 18:17:22 +00:00
|
|
|
return QUrl();
|
|
|
|
|
}
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
|
|
|
|
|
gchar *err_str;
|
|
|
|
|
if (!write_endpoint_geoip_map(fp, json_only, hosts, &err_str)) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"), err_str);
|
|
|
|
|
g_free(err_str);
|
|
|
|
|
g_free(hosts);
|
|
|
|
|
fclose(fp);
|
|
|
|
|
return QUrl();
|
|
|
|
|
}
|
|
|
|
|
g_free(hosts);
|
|
|
|
|
if (fclose(fp) == EOF) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"), g_strerror(errno));
|
|
|
|
|
return QUrl();
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-27 17:03:22 +00:00
|
|
|
tf.setAutoRemove(false);
|
2019-09-01 18:37:38 +00:00
|
|
|
return QUrl::fromLocalFile(tf.fileName());
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void EndpointDialog::openMap()
|
|
|
|
|
{
|
|
|
|
|
QUrl map_file = createMap(false);
|
|
|
|
|
if (!map_file.isEmpty()) {
|
|
|
|
|
QDesktopServices::openUrl(map_file);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void EndpointDialog::saveMap()
|
|
|
|
|
{
|
|
|
|
|
QString destination_file =
|
|
|
|
|
WiresharkFileDialog::getSaveFileName(this, tr("Save Endpoints Map"),
|
|
|
|
|
"ipmap.html",
|
|
|
|
|
"HTML files (*.html);;GeoJSON files (*.json)");
|
|
|
|
|
if (destination_file.isEmpty()) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
QUrl map_file = createMap(destination_file.endsWith(".json"));
|
|
|
|
|
if (!map_file.isEmpty()) {
|
|
|
|
|
QString source_file = map_file.toLocalFile();
|
|
|
|
|
QFile::remove(destination_file);
|
|
|
|
|
if (!QFile::rename(source_file, destination_file)) {
|
|
|
|
|
QMessageBox::warning(this, tr("Map file error"),
|
|
|
|
|
tr("Failed to save map file %1.").arg(destination_file));
|
|
|
|
|
QFile::remove(source_file);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-08-06 17:07:42 +00:00
|
|
|
void EndpointDialog::on_buttonBox_helpRequested()
|
|
|
|
|
{
|
|
|
|
|
wsApp->helpTopicAction(HELP_STATS_ENDPOINTS_DIALOG);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void init_endpoint_table(struct register_ct* ct, const char *filter)
|
|
|
|
|
{
|
|
|
|
|
wsApp->emitStatCommandSignal("Endpoints", filter, GINT_TO_POINTER(get_conversation_proto_id(ct)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// EndpointTreeWidgetItem
|
|
|
|
|
// TrafficTableTreeWidgetItem / QTreeWidgetItem subclass that allows sorting
|
|
|
|
|
|
2018-02-09 01:20:26 +00:00
|
|
|
static const char *data_none_ = UTF8_EM_DASH;
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
class EndpointTreeWidgetItem : public TrafficTableTreeWidgetItem
|
|
|
|
|
{
|
|
|
|
|
public:
|
2016-06-23 20:10:52 +00:00
|
|
|
EndpointTreeWidgetItem(GArray *conv_array, guint conv_idx, bool *resolve_names_ptr) :
|
|
|
|
|
TrafficTableTreeWidgetItem(NULL),
|
2016-06-22 17:56:30 +00:00
|
|
|
conv_array_(conv_array),
|
|
|
|
|
conv_idx_(conv_idx),
|
2016-06-23 20:10:52 +00:00
|
|
|
resolve_names_ptr_(resolve_names_ptr)
|
2016-06-22 17:56:30 +00:00
|
|
|
{}
|
|
|
|
|
|
|
|
|
|
hostlist_talker_t *hostlistTalker() {
|
|
|
|
|
return &g_array_index(conv_array_, hostlist_talker_t, conv_idx_);
|
|
|
|
|
}
|
2014-08-06 17:07:42 +00:00
|
|
|
|
2016-06-23 20:10:52 +00:00
|
|
|
virtual QVariant data(int column, int role) const {
|
|
|
|
|
if (role == Qt::DisplayRole) {
|
|
|
|
|
// Column text cooked representation.
|
|
|
|
|
hostlist_talker_t *endp_item = &g_array_index(conv_array_, hostlist_talker_t, conv_idx_);
|
|
|
|
|
|
|
|
|
|
bool resolve_names = false;
|
|
|
|
|
if (resolve_names_ptr_ && *resolve_names_ptr_) resolve_names = true;
|
|
|
|
|
switch (column) {
|
|
|
|
|
case ENDP_COLUMN_PACKETS:
|
|
|
|
|
return QString("%L1").arg(endp_item->tx_frames + endp_item->rx_frames);
|
|
|
|
|
case ENDP_COLUMN_BYTES:
|
|
|
|
|
return gchar_free_to_qstring(format_size(endp_item->tx_bytes + endp_item->rx_bytes, format_size_unit_none|format_size_prefix_si));
|
|
|
|
|
case ENDP_COLUMN_PKT_AB:
|
|
|
|
|
return QString("%L1").arg(endp_item->tx_frames);
|
|
|
|
|
case ENDP_COLUMN_BYTES_AB:
|
|
|
|
|
return gchar_free_to_qstring(format_size(endp_item->tx_bytes, format_size_unit_none|format_size_prefix_si));
|
|
|
|
|
case ENDP_COLUMN_PKT_BA:
|
|
|
|
|
return QString("%L1").arg(endp_item->rx_frames);
|
|
|
|
|
case ENDP_COLUMN_BYTES_BA:
|
|
|
|
|
return gchar_free_to_qstring(format_size(endp_item->rx_bytes, format_size_unit_none|format_size_prefix_si));
|
|
|
|
|
default:
|
2018-02-09 01:20:26 +00:00
|
|
|
QVariant col_data = colData(column, resolve_names);
|
|
|
|
|
if (col_data.isValid()) return col_data;
|
|
|
|
|
return QVariant(data_none_);
|
2016-06-23 20:10:52 +00:00
|
|
|
}
|
|
|
|
|
}
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
if (role == Qt::UserRole) {
|
|
|
|
|
hostlist_talker_t *endp_item = &g_array_index(conv_array_, hostlist_talker_t, conv_idx_);
|
|
|
|
|
return VariantPointer<hostlist_talker_t>::asQVariant(endp_item);
|
|
|
|
|
}
|
|
|
|
|
if (role == Qt::UserRole + 1) {
|
|
|
|
|
return VariantPointer<const mmdb_lookup_t>::asQVariant(mmdbLookup());
|
|
|
|
|
}
|
2016-06-23 20:10:52 +00:00
|
|
|
return QTreeWidgetItem::data(column, role);
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
const mmdb_lookup_t *mmdbLookup() const {
|
2016-06-22 17:56:30 +00:00
|
|
|
hostlist_talker_t *endp_item = &g_array_index(conv_array_, hostlist_talker_t, conv_idx_);
|
2018-02-09 01:20:26 +00:00
|
|
|
const mmdb_lookup_t *mmdb_lookup = NULL;
|
|
|
|
|
if (endp_item->myaddress.type == AT_IPv4) {
|
2019-03-17 21:18:32 +00:00
|
|
|
mmdb_lookup = maxmind_db_lookup_ipv4((const ws_in4_addr *) endp_item->myaddress.data);
|
2018-02-09 01:20:26 +00:00
|
|
|
} else if (endp_item->myaddress.type == AT_IPv6) {
|
2019-03-17 21:18:32 +00:00
|
|
|
mmdb_lookup = maxmind_db_lookup_ipv6((const ws_in6_addr *) endp_item->myaddress.data);
|
2018-02-09 01:20:26 +00:00
|
|
|
}
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
return mmdb_lookup && mmdb_lookup->found ? mmdb_lookup : NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Column text raw representation.
|
|
|
|
|
// Return a string, qulonglong, double, or invalid QVariant representing the raw column data.
|
|
|
|
|
QVariant colData(int col, bool resolve_names) const {
|
|
|
|
|
hostlist_talker_t *endp_item = &g_array_index(conv_array_, hostlist_talker_t, conv_idx_);
|
|
|
|
|
const mmdb_lookup_t *mmdb_lookup = mmdbLookup();
|
2018-02-09 01:20:26 +00:00
|
|
|
|
2014-08-06 17:07:42 +00:00
|
|
|
switch (col) {
|
|
|
|
|
case ENDP_COLUMN_ADDR:
|
2016-06-27 01:38:19 +00:00
|
|
|
{
|
2016-01-20 03:11:16 +00:00
|
|
|
char* addr_str = get_conversation_address(NULL, &endp_item->myaddress, resolve_names);
|
2015-01-05 02:40:05 +00:00
|
|
|
QString q_addr_str(addr_str);
|
|
|
|
|
wmem_free(NULL, addr_str);
|
|
|
|
|
return q_addr_str;
|
2016-06-27 01:38:19 +00:00
|
|
|
}
|
2014-08-06 17:07:42 +00:00
|
|
|
case ENDP_COLUMN_PORT:
|
|
|
|
|
if (resolve_names) {
|
2017-10-29 18:29:27 +00:00
|
|
|
char* port_str = get_conversation_port(NULL, endp_item->port, endp_item->etype, resolve_names);
|
2015-01-07 21:24:17 +00:00
|
|
|
QString q_port_str(port_str);
|
|
|
|
|
wmem_free(NULL, port_str);
|
|
|
|
|
return q_port_str;
|
2014-08-06 17:07:42 +00:00
|
|
|
} else {
|
|
|
|
|
return quint32(endp_item->port);
|
|
|
|
|
}
|
|
|
|
|
case ENDP_COLUMN_PACKETS:
|
|
|
|
|
return quint64(endp_item->tx_frames + endp_item->rx_frames);
|
|
|
|
|
case ENDP_COLUMN_BYTES:
|
|
|
|
|
return quint64(endp_item->tx_bytes + endp_item->rx_bytes);
|
|
|
|
|
case ENDP_COLUMN_PKT_AB:
|
|
|
|
|
return quint64(endp_item->tx_frames);
|
|
|
|
|
case ENDP_COLUMN_BYTES_AB:
|
|
|
|
|
return quint64(endp_item->tx_bytes);
|
|
|
|
|
case ENDP_COLUMN_PKT_BA:
|
|
|
|
|
return quint64(endp_item->rx_frames);
|
|
|
|
|
case ENDP_COLUMN_BYTES_BA:
|
|
|
|
|
return quint64(endp_item->rx_bytes);
|
2018-02-09 01:20:26 +00:00
|
|
|
case ENDP_COLUMN_GEO_COUNTRY:
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
if (mmdb_lookup && mmdb_lookup->country) {
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant(mmdb_lookup->country);
|
2016-06-23 20:10:52 +00:00
|
|
|
}
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant();
|
|
|
|
|
case ENDP_COLUMN_GEO_CITY:
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
if (mmdb_lookup && mmdb_lookup->city) {
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant(mmdb_lookup->city);
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant();
|
|
|
|
|
case ENDP_COLUMN_GEO_AS_NUM:
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
if (mmdb_lookup && mmdb_lookup->as_number) {
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant(mmdb_lookup->as_number);
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant();
|
|
|
|
|
case ENDP_COLUMN_GEO_AS_ORG:
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
if (mmdb_lookup && mmdb_lookup->as_org) {
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant(mmdb_lookup->as_org);
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
2018-02-09 01:20:26 +00:00
|
|
|
return QVariant();
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return QVariant();
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-06-27 01:38:19 +00:00
|
|
|
|
2014-08-06 17:07:42 +00:00
|
|
|
bool operator< (const QTreeWidgetItem &other) const
|
|
|
|
|
{
|
2016-06-22 17:56:30 +00:00
|
|
|
const EndpointTreeWidgetItem *other_row = static_cast<const EndpointTreeWidgetItem *>(&other);
|
|
|
|
|
hostlist_talker_t *endp_item = &g_array_index(conv_array_, hostlist_talker_t, conv_idx_);
|
|
|
|
|
hostlist_talker_t *other_item = &g_array_index(other_row->conv_array_, hostlist_talker_t, other_row->conv_idx_);
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
int sort_col = treeWidget()->sortColumn();
|
|
|
|
|
|
|
|
|
|
switch(sort_col) {
|
|
|
|
|
case ENDP_COLUMN_ADDR:
|
|
|
|
|
return cmp_address(&endp_item->myaddress, &other_item->myaddress) < 0 ? true : false;
|
|
|
|
|
case ENDP_COLUMN_PORT:
|
|
|
|
|
return endp_item->port < other_item->port;
|
|
|
|
|
case ENDP_COLUMN_PACKETS:
|
|
|
|
|
return (endp_item->tx_frames + endp_item->rx_frames) < (other_item->tx_frames + other_item->rx_frames);
|
|
|
|
|
case ENDP_COLUMN_BYTES:
|
|
|
|
|
return (endp_item->tx_bytes + endp_item->rx_bytes) < (other_item->tx_bytes + other_item->rx_bytes);
|
|
|
|
|
case ENDP_COLUMN_PKT_AB:
|
|
|
|
|
return endp_item->tx_frames < other_item->tx_frames;
|
|
|
|
|
case ENDP_COLUMN_BYTES_AB:
|
|
|
|
|
return endp_item->tx_bytes < other_item->tx_bytes;
|
|
|
|
|
case ENDP_COLUMN_PKT_BA:
|
|
|
|
|
return endp_item->rx_frames < other_item->rx_frames;
|
|
|
|
|
case ENDP_COLUMN_BYTES_BA:
|
|
|
|
|
return endp_item->rx_bytes < other_item->rx_bytes;
|
2018-02-09 01:20:26 +00:00
|
|
|
case ENDP_COLUMN_GEO_COUNTRY:
|
|
|
|
|
case ENDP_COLUMN_GEO_CITY:
|
|
|
|
|
case ENDP_COLUMN_GEO_AS_ORG:
|
2014-08-06 17:07:42 +00:00
|
|
|
{
|
2018-02-09 01:20:26 +00:00
|
|
|
QString this_str = data(sort_col, Qt::DisplayRole).toString();
|
|
|
|
|
QString other_str = other_row->data(sort_col, Qt::DisplayRole).toString();
|
|
|
|
|
return (this_str < other_str);
|
|
|
|
|
}
|
|
|
|
|
case ENDP_COLUMN_GEO_AS_NUM:
|
|
|
|
|
{
|
|
|
|
|
// Valid values first, similar to strings above.
|
|
|
|
|
bool ok;
|
|
|
|
|
unsigned this_asn = colData(sort_col, false).toUInt(&ok);
|
|
|
|
|
if (!ok) this_asn = UINT_MAX;
|
|
|
|
|
unsigned other_asn = other_row->colData(sort_col, false).toUInt(&ok);
|
|
|
|
|
if (!ok) other_asn = UINT_MAX;
|
|
|
|
|
return (this_asn < other_asn);
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
default:
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-06-22 17:56:30 +00:00
|
|
|
private:
|
|
|
|
|
GArray *conv_array_;
|
|
|
|
|
guint conv_idx_;
|
2016-06-23 20:10:52 +00:00
|
|
|
bool *resolve_names_ptr_;
|
2014-08-06 17:07:42 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
// EndpointTreeWidget
|
|
|
|
|
// TrafficTableTreeWidget / QTreeWidget subclass that allows tapping
|
|
|
|
|
//
|
|
|
|
|
|
|
|
|
|
EndpointTreeWidget::EndpointTreeWidget(QWidget *parent, register_ct_t *table) :
|
2018-02-09 01:20:26 +00:00
|
|
|
TrafficTableTreeWidget(parent, table),
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
#ifdef HAVE_MAXMINDDB
|
|
|
|
|
has_geoip_data_(false),
|
|
|
|
|
#endif
|
2018-02-09 01:20:26 +00:00
|
|
|
table_address_type_(AT_NONE)
|
2014-08-06 17:07:42 +00:00
|
|
|
{
|
2014-09-05 14:42:02 +00:00
|
|
|
setColumnCount(ENDP_NUM_COLUMNS);
|
2016-06-23 20:10:52 +00:00
|
|
|
setUniformRowHeights(true);
|
2014-08-06 17:07:42 +00:00
|
|
|
|
2018-02-09 01:20:26 +00:00
|
|
|
QString proto_filter_name = proto_get_protocol_filter_name(get_conversation_proto_id(table_));
|
|
|
|
|
if (proto_filter_name == "ip") {
|
|
|
|
|
table_address_type_ = AT_IPv4;
|
|
|
|
|
} else if (proto_filter_name == "ipv6") {
|
|
|
|
|
table_address_type_ = AT_IPv6;
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
if (get_conversation_hide_ports(table_)) {
|
|
|
|
|
hideColumn(ENDP_COLUMN_PORT);
|
2018-02-09 01:20:26 +00:00
|
|
|
} else if (proto_filter_name == "ncp") {
|
2014-08-06 17:07:42 +00:00
|
|
|
headerItem()->setText(ENDP_COLUMN_PORT, endp_conn_title);
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-09 01:20:26 +00:00
|
|
|
int column_count = ENDP_NUM_COLUMNS;
|
|
|
|
|
if (table_address_type_ == AT_IPv4 || table_address_type_ == AT_IPv6) {
|
|
|
|
|
column_count = ENDP_NUM_GEO_COLUMNS;
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
2018-02-09 01:20:26 +00:00
|
|
|
for (int col = 0; col < column_count; col++) {
|
|
|
|
|
headerItem()->setText(col, endp_column_titles[col]);
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
int one_en = fontMetrics().height() / 2;
|
|
|
|
|
for (int i = 0; i < columnCount(); i++) {
|
|
|
|
|
switch (i) {
|
|
|
|
|
case ENDP_COLUMN_ADDR:
|
2014-09-05 03:42:42 +00:00
|
|
|
setColumnWidth(i, one_en * (int) strlen("000.000.000.000"));
|
2014-08-06 17:07:42 +00:00
|
|
|
break;
|
|
|
|
|
case ENDP_COLUMN_PORT:
|
2014-09-05 03:42:42 +00:00
|
|
|
setColumnWidth(i, one_en * (int) strlen("000000"));
|
2014-08-06 17:07:42 +00:00
|
|
|
break;
|
|
|
|
|
case ENDP_COLUMN_PACKETS:
|
|
|
|
|
case ENDP_COLUMN_PKT_AB:
|
|
|
|
|
case ENDP_COLUMN_PKT_BA:
|
2014-09-05 03:42:42 +00:00
|
|
|
setColumnWidth(i, one_en * (int) strlen("00,000"));
|
2014-08-06 17:07:42 +00:00
|
|
|
break;
|
|
|
|
|
case ENDP_COLUMN_BYTES:
|
|
|
|
|
case ENDP_COLUMN_BYTES_AB:
|
|
|
|
|
case ENDP_COLUMN_BYTES_BA:
|
2014-09-05 03:42:42 +00:00
|
|
|
setColumnWidth(i, one_en * (int) strlen("000,000"));
|
2014-08-06 17:07:42 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2018-02-09 01:20:26 +00:00
|
|
|
setColumnWidth(i, one_en * 15); // Geolocation
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
QMenu *submenu;
|
|
|
|
|
|
|
|
|
|
FilterAction::Action cur_action = FilterAction::ActionApply;
|
|
|
|
|
submenu = ctx_menu_.addMenu(FilterAction::actionName(cur_action));
|
|
|
|
|
foreach (FilterAction::ActionType at, FilterAction::actionTypes()) {
|
|
|
|
|
FilterAction *fa = new FilterAction(submenu, cur_action, at);
|
|
|
|
|
submenu->addAction(fa);
|
|
|
|
|
connect(fa, SIGNAL(triggered()), this, SLOT(filterActionTriggered()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cur_action = FilterAction::ActionPrepare;
|
|
|
|
|
submenu = ctx_menu_.addMenu(FilterAction::actionName(cur_action));
|
|
|
|
|
foreach (FilterAction::ActionType at, FilterAction::actionTypes()) {
|
|
|
|
|
FilterAction *fa = new FilterAction(submenu, cur_action, at);
|
|
|
|
|
submenu->addAction(fa);
|
|
|
|
|
connect(fa, SIGNAL(triggered()), this, SLOT(filterActionTriggered()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cur_action = FilterAction::ActionFind;
|
|
|
|
|
submenu = ctx_menu_.addMenu(FilterAction::actionName(cur_action));
|
|
|
|
|
foreach (FilterAction::ActionType at, FilterAction::actionTypes()) {
|
|
|
|
|
FilterAction *fa = new FilterAction(submenu, cur_action, at);
|
|
|
|
|
submenu->addAction(fa);
|
|
|
|
|
connect(fa, SIGNAL(triggered()), this, SLOT(filterActionTriggered()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cur_action = FilterAction::ActionColorize;
|
|
|
|
|
submenu = ctx_menu_.addMenu(FilterAction::actionName(cur_action));
|
|
|
|
|
foreach (FilterAction::ActionType at, FilterAction::actionTypes()) {
|
|
|
|
|
FilterAction *fa = new FilterAction(submenu, cur_action, at);
|
|
|
|
|
submenu->addAction(fa);
|
|
|
|
|
connect(fa, SIGNAL(triggered()), this, SLOT(filterActionTriggered()));
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-23 20:10:52 +00:00
|
|
|
updateItems();
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
EndpointTreeWidget::~EndpointTreeWidget()
|
|
|
|
|
{
|
|
|
|
|
reset_hostlist_table_data(&hash_);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void EndpointTreeWidget::tapReset(void *conv_hash_ptr)
|
|
|
|
|
{
|
|
|
|
|
conv_hash_t *hash = (conv_hash_t*)conv_hash_ptr;
|
2016-06-22 17:56:30 +00:00
|
|
|
EndpointTreeWidget *endp_tree = qobject_cast<EndpointTreeWidget *>((EndpointTreeWidget *)hash->user_data);
|
2014-08-06 17:07:42 +00:00
|
|
|
if (!endp_tree) return;
|
|
|
|
|
|
|
|
|
|
endp_tree->clear();
|
|
|
|
|
reset_hostlist_table_data(&endp_tree->hash_);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void EndpointTreeWidget::tapDraw(void *conv_hash_ptr)
|
|
|
|
|
{
|
|
|
|
|
conv_hash_t *hash = (conv_hash_t*)conv_hash_ptr;
|
2016-06-22 17:56:30 +00:00
|
|
|
EndpointTreeWidget *endp_tree = qobject_cast<EndpointTreeWidget *>((EndpointTreeWidget *)hash->user_data);
|
2014-08-06 17:07:42 +00:00
|
|
|
if (!endp_tree) return;
|
|
|
|
|
|
2016-06-23 20:10:52 +00:00
|
|
|
endp_tree->updateItems();
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
|
2016-06-23 20:10:52 +00:00
|
|
|
void EndpointTreeWidget::updateItems()
|
2014-08-06 17:07:42 +00:00
|
|
|
{
|
2016-06-23 20:10:52 +00:00
|
|
|
bool resize = topLevelItemCount() < resizeThreshold();
|
2014-08-06 17:07:42 +00:00
|
|
|
title_ = proto_get_protocol_short_name(find_protocol_by_id(get_conversation_proto_id(table_)));
|
|
|
|
|
|
|
|
|
|
if (hash_.conv_array && hash_.conv_array->len > 0) {
|
|
|
|
|
title_.append(QString(" %1 %2").arg(UTF8_MIDDLE_DOT).arg(hash_.conv_array->len));
|
|
|
|
|
}
|
|
|
|
|
emit titleChanged(this, title_);
|
|
|
|
|
|
|
|
|
|
if (!hash_.conv_array) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
setSortingEnabled(false);
|
2016-06-23 20:10:52 +00:00
|
|
|
|
|
|
|
|
QList<QTreeWidgetItem *>new_items;
|
2014-08-06 17:07:42 +00:00
|
|
|
for (int i = topLevelItemCount(); i < (int) hash_.conv_array->len; i++) {
|
2016-06-23 20:10:52 +00:00
|
|
|
EndpointTreeWidgetItem *etwi = new EndpointTreeWidgetItem(hash_.conv_array, i, &resolve_names_);
|
|
|
|
|
new_items << etwi;
|
2014-08-06 17:07:42 +00:00
|
|
|
|
|
|
|
|
for (int col = 0; col < columnCount(); col++) {
|
|
|
|
|
if (col != ENDP_COLUMN_ADDR && col < ENDP_NUM_COLUMNS) {
|
|
|
|
|
etwi->setTextAlignment(col, Qt::AlignRight);
|
|
|
|
|
}
|
|
|
|
|
}
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
|
|
|
|
|
#ifdef HAVE_MAXMINDDB
|
|
|
|
|
// Assume that an asynchronous MMDB lookup has completed before (for
|
|
|
|
|
// example, in the dissection tree). If so, then we do not have to check
|
|
|
|
|
// all previous items for availability of any MMDB result.
|
|
|
|
|
if (!has_geoip_data_ && maxmind_db_has_coords(etwi->mmdbLookup())) {
|
|
|
|
|
has_geoip_data_ = true;
|
|
|
|
|
emit geoIPStatusChanged();
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
2016-06-23 20:10:52 +00:00
|
|
|
addTopLevelItems(new_items);
|
2014-08-06 17:07:42 +00:00
|
|
|
setSortingEnabled(true);
|
|
|
|
|
|
2016-06-23 20:10:52 +00:00
|
|
|
if (resize) {
|
|
|
|
|
for (int col = 0; col < columnCount(); col++) {
|
|
|
|
|
resizeColumnToContents(col);
|
|
|
|
|
}
|
2014-08-06 17:07:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void EndpointTreeWidget::filterActionTriggered()
|
|
|
|
|
{
|
|
|
|
|
EndpointTreeWidgetItem *etwi = static_cast<EndpointTreeWidgetItem *>(currentItem());
|
|
|
|
|
FilterAction *fa = qobject_cast<FilterAction *>(QObject::sender());
|
|
|
|
|
|
|
|
|
|
if (!fa || !etwi) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-22 17:56:30 +00:00
|
|
|
hostlist_talker_t *endp_item = etwi->hostlistTalker();
|
2014-08-06 17:07:42 +00:00
|
|
|
if (!endp_item) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
QString filter = get_hostlist_filter(endp_item);
|
|
|
|
|
emit filterAction(filter, fa->action(), fa->actionType());
|
|
|
|
|
}
|