The name of the block, in the pcapng specification is the systemd
Journal Export Block; add "export" after "journal" in various
variable/enum/define names.
ws_log_domains.h needs to be included before wslog.h to be used
to define WS_LOG_DOMAIN. Also the definition for enum ws_log_level
needs to be exported for other APIs so move that to ws_log_domains.h
and rename the file to ws_log_defs.h to reflect the new scope.
A domain filter can be given in the environment variable
'WS_LOG_DOMAINS' or in a command-line options "--log-domains".
The filter is specified as a comma separated case insensitive list,
for example:
./tshark --log-domains=main,capture
Domain data type switches from an enum to a string. There is no
constaint on adding new domains, neither in code or at runtime.
The string format is arbitrary, only positive matches will produce
output.
Experience has shown that:
1. The current logging methods are not very reliable or practical.
A logging bitmask makes little sense as the user-facing interface (who
would want debug but not crtical messages for example?); it's
computer-friendly and user-unfriendly. More importantly the console
log level preference is initialized too late in the startup process
to be used for the logging subsystem and that fact raises a number
of annoying and hard-to-fix usability issues.
2. Coding around G_MESSAGES_DEBUG to comply with our log level mask
and not clobber the user's settings or not create unexpected log misses
is unworkable and generally follows the principle of most surprise.
The fact that G_MESSAGES_DEBUG="all" can leak to other programs using
GLib is also annoying.
3. The non-structured GLib logging API is very opinionated and lacks
configurability beyond replacing the log handler.
4. Windows GUI has some special code to attach to a console,
but it would be nice to abstract away the rest under a single
interface.
5. Using this logger seems to be noticeably faster.
Deprecate the console log level preference and extend our API to
implement a log handler in wsutil/wslog.h to provide easy-to-use,
flexible and dependable logging during all execution phases.
Log levels have a hierarchy, from most verbose to least verbose
(debug to error). When a given level is set everything above that
is also enabled.
The log level can be set with an environment variable or a command
line option (parsed as soon as possible but still later than the
environment). The default log level is "message".
Dissector logging is not included because it is not clear what log
domain they should use. An explosion to thousands of domains is
not desirable and putting everything in a single domain is probably
too coarse and noisy. For now I think it makes sense to let them do
their own thing using g_log_default_handler() and continue using the
G_MESSAGES_DEBUG mechanism with specific domains for each individual
dissector.
In the future a mechanism may be added to selectively enable these
domains at runtime while trying to avoid the problems introduced
by G_MESSAGES_DEBUG.
Use wsApp->setLastOpenDirFromFilename() to convert a filename
to a directory name before calling wsApp->setLastOpenDir().
This will ensure to always store a directory instead of a filename
in the recent gui.fileopen_remembered_dir.
Add a generic function to write content to file. Use this on write
TLS session keys from UI and tshark, and for export objects.
Remove the now unused export_object_ui.[ch].
Analyze -> SCTP -> Filter this Association was missing in the menu, but available in the context menu for packets. This MR fixes the issue by adding Analyze -> SCTP -> Filter this Association again.
Analyze -> Follow -> DCCP Stream was missing in the menu, but available
in the context menu for packets. This MR fixes the issue by adding
Analyze -> Follow -> DCCP Stream again.
The secs member of nstime_t is a time_t, which is difficult to print in
a way that's compatible across platforms. Convert our time to floating
point and print that value instead. Fixes
../ui/cli/tap-follow.c:304:63: error: format specifies type 'unsigned long long' but the argument has type 'time_t' (aka 'long') [-Werror,-Wformat]
printf(" timestamp: %" G_GINT64_MODIFIER "u.%09d\n", follow_record->abs_ts.secs, follow_record->abs_ts.nsecs);
~~~~~~~~~~~~~~~~~~~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~~~~
%ld
on macOS.
Modify YAML output format so it includes information about peers and
absolute timestamps for each packet.
This also adds yaml output to tshark: -z follow,tcp,yaml,X
Don't allocate the rtpstream_id_t's until we know we have enough
information to fill them in and use them.
Keep trace of whether we have used them and, if not, free them.
Singletons moved from main_window to each class's static open<NameOfClass>
method:
- RtpPlayerDialog
- RtpStreamDialog
- VoipCallsDialog
- RtpAnalysisDialog
Fixed issue with selecting RTP stream in sequence dialog. When user
selected a stream and moved mouse to Rtp Player button and pressed it,
incorrect RTP stream was sent to it.
When enumerating port-to-name entries, the callback to
wmem_map_foreach() gets passed:
- a key, which is the port number for the entry;
- a value, which is a pointer to a structure containing pointers to port
names for various transport protocols;
- a user data pointer.
That's sufficient (if you work around some C++ annoyances) to append a
row to a PortsModel, if the user data pointer is a pointer to the
PortsModel.
The existing code, instead, appended to a QStringList of lines (in
effect, undoing the effort of the code that read the services file and
filled in the wmem_map, re-generating a set of lines) in the callback,
and then iterated over all the lines, splitting them with blanks and
appending rows.
Looking at that made my eyeballs bleed so badly that I decided not to
spend any time figuring out why it wasn't working.
So I just make the callback just append rows, avoiding all the
string-pushing.
Fixes#17395.
It looks like multi-configuration generators (notably MSBuild) need
Qt autogen properties set on the wireshark target as well as qtui. Do
so unconditionally in both cases. (We were doing so conditionally for
qtui before.)
Set CMAKE_AUTO{MOC,UIC,RCC} if we're running CMake 3.20.0 or 3.20.1 in
order to work around CMake issue 22085, otherwise set the AUTOMOC,
AUTOUIC, and AUTORCC properties for the qtui target. The latter is
preferred since it keeps us from running Qt's meta-object, user
interface, or resource compilers on code outside of ui/qt. Ping #17314.
When button is pressed or triggered by shortcut, it opens same
window as before.
User can click small arrow next to button and it open menu with all
new actions e.g. Set/Add/Remove for RTP Player.
Documentation updated.
Code is NOT able to do VAD (Voice Activity Detection) so audio silence
(sequence of equal samples) nor noise are not recognized as silence. Just
missing RTP (Confort Noise, interupted RTP, ...) and muted streams are
recognized as silence for this feature.
User can control duration of shortest silence to skip.
Updated documentation.
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
The secs field is a time_t, which is not necessarily 32 bits. If it's
not, casting away the upper bits, by casting to guint32, introduces a
Y2.038K bug.
Either cast to time_t or, if you're assigning a time_t to it, don't
bother with the cast.
João Valverde