Lawful Interception (LI) is the main area and should be located first
in name, which will be more easy of use for new user when want to
filter messages
Be a little more careful in TrafficTab about whether we
want the Proxy Model or the Source Model, since the tap
filter doesn't exclude rows from the source model (since
the non-displayed rows are used to as part of the percentages
of the total.)
When we want to respect the display filtering or the sorting,
use the proxy model.
In the tap data model, only claim we have GeoIPData (which makes
the map available) if a row that isn't filtered out has data.
Fix#18530
RFC 4666 section 1.3.1 states that "TCP MAY be used as the underlying
common transport protocol" under certain scenarios. There is even
IANA-allocated TCP port 2905 for that purpose (see section 1.4.8).
Change some instances of "packet" to "event" in Logray's menu items.
Remove "Export Objects" and "Export PDUs" and associated code. Remove
the packet diagram menu items and associated code. Remove the "Decode
as" menu items and associated code.
Use "Selected" instead of the parenthetical plural "Packet(s)" for
marking and ignoring. Remove an attempt at plural translation which
apparently doesn't work if we don't have a "%n" in the translation
string.
Fix a misplaced brace in debug-only function conversation_element_list_values.
(The "#if 0" means that the compiler didn't catch it.)
Move the type_names array to file-level to avoid the two copies getting out of
sync again.
Add a DISSECTOR_ASSERT to ensure that input conversation_element_type values
are within range.
Add a pinfo conversation filter which enables related packets based on
(container.id, proc.id) combinations. Register the "Process" conversation
filter first so that the "Go" menu behavior matches the related packet
display.
Handle cases where container.id is missing.
Add 64-bit integer type support to conversations.
min and max need to handle null arguments where the GPtrArray
is null, generated when there have been other opcodes between
the field loading and the function. (They are ignored, not
treated as zero, so they don't change the minimum.)
Prevents crashes with filters where a field does not exist in the tree:
min(tcp.srcport * 10, tcp.dstport * 10) == 800
min(len(tcp.payload), len(udp.payload)) == 153
min(len(tcp.payload[2:]) + 2, len(udp.payload[2:]) + 2) == 153
where a register is loaded where it has not had its GPtrArray created:
./run/dftest 'min(len(tcp.payload), len(udp.payload))'
Filter:
min(len(tcp.payload), len(udp.payload))
Instructions:
0000 READ_TREE tcp.payload -> R1
0001 IF_FALSE_GOTO 3
0002 LENGTH R1 -> R2
0003 STACK_PUSH R2
0004 READ_TREE udp.payload -> R3
0005 IF_FALSE_GOTO 7
0006 LENGTH R3 -> R4
0007 STACK_PUSH R4
0008 CALL_FUNCTION min(R2, R4) -> R0
0009 STACK_POP [2]
0010 IF_FALSE_GOTO 12
0011 NOT_ALL_ZERO R0
0012 RETURN
Related to fcb6bb5763
(Prior to that commit, this worked because a NULL pointer is a
valid, empty GSList.)
Commit 05e404e8cb was wrong...
This allows dissection of the 'NETLOGON' attribute in
the same way as the 'netlogon' attribute.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
If the OpenSecureChannel message is not captured, then whether
messages are signed, and what the signature length is is unknown.
This creates a preference that can be set to a default value to use,
instead of assuming that all messages on the channel are unsigned.
Fix#15206
One of these modifies a field name ("hart_ip.pt.rsp.transducer_serail_number"
in packet-hartip.c), a few are in text displayed for fields (in packet-nvme.c)
or for unknown fields (in packet-oer.c and packet-per.c), one is in a
preprocessor macro (in packet-cip.[ch]), and the rest are all in comments.
arry -> array
authos -> authors
compatability -> compatibility
contigous -> contiguous
dispaly -> display
erorr -> error
filed (where it was obviously incorrect) -> field or filled
hueristic -> heuristic
regsiter -> register
serail -> serial
When showing the follow data as text (ASCII, UTF-8, EBCDIC, etc), add a
newline at each turn. Add the ability to show delta times between
packets and turns. Add a recent setting for delta times.
Make the initial dialog a bit wider.
Save and restore our scoll position when reading a stream.
Manually connect our signals and slots. Fix some clazy warnings.
While we do immediately free it and recompile in rescan_packets,
or if we open a capture file in cf_read, if we start a capture
we go from cf_open to cf_continue_tail, and we want to use this
filter since we don't compile during a capture for each group
of packets (for reasons explained in the previous commit.)
Fixup 08cf0e9553
Gerald Combs
Vadim Yanitskiy