- for Q.1950 I used the value_string for GB events as the value_string for the parameters of BNC change.
> In observed event descriptor, it is called “eventName”, but in event descriptor,
> it is called “pkgdName”. It should be “eventName” in both cases.
svn path=/trunk/; revision=20986
When dumping elements in a constructor in dissect_unknown_ber the last element is not put in the correct subtree, because the while- loop does not include the header length when checking for the end.
svn path=/trunk/; revision=20984
- Note in the user's guide that export object is not available
in GTK1 builds of Wireshark.
- Make scanning through the slists more efficient
- Use new tap.c function called have_tap_listener() to only save
object payload data when the export object listener is actively
listening for it.
- Save objects in the HTTP dissector with g_malloc() instead of
se_malloc() and free it when we're done with it - when the
export object window is closed (Fixes bug #1412)
- Various minor improvements
svn path=/trunk/; revision=20980
tell if a specific tap id is currently listening for data.
This complements the function have_tap_listeners(), which checks
to see if any tap is currently listening.
svn path=/trunk/; revision=20979
This patch adds support for key-mgmt session attributes in SDP (defined in RFC 4567). The patch also contains a Multimedia Internet KEYing (MIKEY is defined in RFC 3830) dissector plugin for "mikey" key-mgmt data.
svn path=/trunk/; revision=20977
+ Add the fields sctp.sack_gap_block_start_tsn and sctp.sack_gap_block_end_tsn so that one can filter over a tsn ack acked by a gap block.
svn path=/trunk/; revision=20976
I've had a good look at the code in packet-tcp.c, and whilst it's
somewhat impenetrable, I've come to the conclusion that it just doesn't
support multiple pdus as described.
That's not entirely unreasonable in itself; my objection is solely to
the fact that README.developer is completely misleading. In fact, even
the example dissect_cstr won't work on the tcp dissector, because if you
set desegment_len=1 the tcp dissector believes that you know what you
are doing and doesn't let you change your mind later.
Furthermore, 2.7.2 says that you can set desegment_len=-1; that doesn't
work either, because the tcp dissector expects
DESEGMENT_ONE_MORE_SEGMENT, which is 0x0fffffff, which is nowhere near -1.
In short, I think the relevant section of README.developer needs a
rewrite. I attach a patch - comments welcome.
svn path=/trunk/; revision=20974
Admittedly not much, so if you have any ideas what the rest means or where
I'm wrong please provide feedback.
As tapa uses udp 5000 and ip protocol 4, I needed to add a hack for the
ip part to properly dispatch betweeen ipip and tapa-tunnel (actually I
was unable to turn the ipip dissector into a heuristic dissector :-)
svn path=/trunk/; revision=20971
Also tweak the space requirements and restore the VERSION_EXTRA information to the description, both within the manifest.u3i.
svn path=/trunk/; revision=20964
- Add to User's Guide
- Add a help button
- Move a lot of code into the shared export_object.c file and out of
dissector specific file export_object_http.c. This will make adding
additional protocols much easier.
- Change comment in packet-http.c to reflect new name (Export Object)
- Various other minor improvements
svn path=/trunk/; revision=20961
There is an error in the page:
http://wireshark.org/docs/wsug_html_chunked/ChCapCaptureFilterSection.html
According to Example 4.2, the filter 'tcp port 23 and not host 10.0.0.5'
captures all telnet traffic not from 10.0.0.5. But this filter also discards
traffic to 10.0.0.5. Either you use this filter to capture all telnet traffic
not to and not from 10.0.0.5 or you use filter 'tcp port 23 and not src host
10.0.0.5'.
svn path=/trunk/; revision=20955
Up and running.
As it is analysis will stop at TSN rollover (0xffffffff->0x00000000).
And It will start to misbehave when a TSN is seen again in the same half association (that's a case where an out-of-memory error will probably had happened before).
It still needs testing.
svn path=/trunk/; revision=20947
============================ Samba log start ============
------------------------------------------------------------------------
r21545 | jelmer | 2007-02-26 18:43:01 +0100 (Mon, 26 Feb 2007) | 1 line
Changed paths:
M /branches/SAMBA_4_0
M /branches/SAMBA_4_0/source/pidl/tests/wireshark-ndr.pl
Fix pidl test.
------------------------------------------------------------------------
r21555 | jelmer | 2007-02-27 13:46:19 +0100 (Tue, 27 Feb 2007) | 1 line
Changed paths:
M /branches/SAMBA_4_0
M /branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm
M /branches/SAMBA_4_0/source/pidl/tests/wireshark-conf.pl
Some tests for TYPE in wireshark conformance files.
------------------------------------------------------------------------
r21559 | jelmer | 2007-02-27 14:41:56 +0100 (Tue, 27 Feb 2007) | 1 line
Changed paths:
M /branches/SAMBA_4_0
M /branches/SAMBA_4_0/source/pidl/tests/wireshark-conf.pl
More tests.
------------------------------------------------------------------------
------------------------------------------------------------------------
============================ Samba log end ==============
svn path=/trunk/; revision=20945
I attached a patch to this dissector, which includes some corrections, updates and SDO by UDP support. I will upload a sample capture of SDO by UDP to the wiki. The patch is fuzzy tested against the current SVN rev under Linux and it builds also under MSVC2005.
svn path=/trunk/; revision=20937