Use it for OPT_COMMENT in the SHB, as there may be ore than one instance
of OPT_COMMENT in an SHB.
Also, use wtap_optionblock_get_option_string for OPT_SHB_HARDWARE,
OPT_SHB_OS, and OPT_SHB_USERAPPL; they're specified as "only one
instance allowed".
Change-Id: I23ad87e41e40b7ae1155e96c0523a6f8caad5204
Reviewed-on: https://code.wireshark.org/review/15750
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't put them in the summary structure; the summary routines should
calculate summary statistics, not dig up every bit of information that
*could* appear in a summary.
Instead, have the GUI code call wtap_file_get_shb() to get the SHB
information and call wtap_optionblock_get_option_string() to fetch the
option values.
Move the option code definitions into wtap_opttypes.h, as they're used
by the API.
Change-Id: Icef11f5fb30fdc3df1bb0208aae9ed0aebaf0182
Reviewed-on: https://code.wireshark.org/review/15748
Reviewed-by: Guy Harris <guy@alum.mit.edu>
and fix Bad cookie text
Change-Id: Ie9e2629a9f6cff4e2a35fcf4bf399858dd21c5ef
Reviewed-on: https://code.wireshark.org/review/15721
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I97d7a97f923baa655d043647a16d6eb4f356d899
Reviewed-on: https://code.wireshark.org/review/15729
Reviewed-by: Mike Morrin <morrinmike@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5a6133cb0ec0bf8807bb3bdfa3721657420b53a2
Reviewed-on: https://code.wireshark.org/review/15730
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The enhanced checkhf.pl in https://code.wireshark.org/review/#/c/15717/
validates ei items in addition to href items. This patch addresses the
false positive ERRORS reported by the enhanced checkhf.pl for a "cosmetic"
issue (missing space after { in ei array entries).
Change-Id: I87876ce2cfa4b0e11cb22f457bd9ab025d939e5c
Reviewed-on: https://code.wireshark.org/review/15739
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
From https://groups.google.com/a/chromium.org/d/msg/proto-quic/HKwPvmpV-rw/svYt4cLNMwAJ
Changes:
1) Entropy is deprecated. Received entropy byte is removed from ACK FRAME, and sent entropy byte is removed from STOP_WAITING FRAME.
2) ACK FRAME now reports the largest packet number observed so far followed by received packets ranges (rather than missing packet ranges).
3) Private flags byte is removed from packet header
Change-Id: I6a84a3019ee529f31638f8bf6d0cb77e4a8a3f90
Reviewed-on: https://code.wireshark.org/review/15480
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Before there was a wrong dissection of parameters that wasn't
predictable because of the wrong offset. This could lead to anything.
Now, it shows an expert warning indicating that the RTPS packet
doesn't contain all the bytes specified by the parameter but it shows
properly the parameterId and the length. In order to parse properly
the whole PID_EXTENDED parameter we'd need to handle fragments. That
is not the purpose of this commit.
Change-Id: I0f3f0f1d309d43a530047f510169fb07983a9fb6
Reviewed-on: https://code.wireshark.org/review/15698
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ERROR: NO ARRAY: epan/dissectors/packet-amqp.c, ei_amqp_amqp_1_0_frame_length_exceeds_65K
Missing a space after { (need fix check ?)
Change-Id: Idce3b270c53feb7fc12e8c82fb87932faa1e468d
Reviewed-on: https://code.wireshark.org/review/15728
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 11788
Change-Id: I3f4df884d98903222de8a340de6a08e680687b0a
Reviewed-on: https://code.wireshark.org/review/15727
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I30f1b92ee438361c3bd58743f7d1ae8d5ffc96f0
Reviewed-on: https://code.wireshark.org/review/15718
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The spec puts the reserved value at 0xf but our internal table has 'unknown' at
0; since all the other values seem to be offset-by-one, just take the modulus
0xf to avoid running off the end of the table.
Bug: 12191
Change-Id: I83c8fb66797bbdee52a2246fb1eea6e37cbc7eb0
Reviewed-on: https://code.wireshark.org/review/15722
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
fixing problems in qt ui code comming from the fact that qreal type is float on
ARM platform and double on other platforms, which causes build errors on ARM
(not all casts are probably strictly necessary)
Bug: 12483
Change-Id: Ife5e6d3649a7ee1ad4e7eadffe9f4484ff2718de
Reviewed-on: https://code.wireshark.org/review/15723
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I897099bf9f6ee38d0ec9a7a5e9fb3bba43b5fe0f
Reviewed-on: https://code.wireshark.org/review/15704
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Adam Goldman <adam.goldman@intel.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It has nothing to do with controlling privileges; it only tests whether
the NPF or Npcap service (driver) is running, so it belongs in caputils.
While we're at it, fix its signature (in C, a function with no arguments
must have "void" as the argument list, for backwards compatibility with
pre-function-prototype C), and close the handles it opens, so we don't
have open handles leaked.
Change-Id: Ia99e99d81617ed2e8cda2c44e53061b4502a2b58
Reviewed-on: https://code.wireshark.org/review/15714
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1) Start Npcap service for capturing packets on
Windows if WinPcap service is unavailable.
2) Search Npcap DLLs (wpcap.dll, Packet.dll) also in
"system32\Npcap" folder after "system32" is searched.
Change-Id: I6810382db431a4e7fe309edd08757db60d8ade38
Reviewed-on: https://code.wireshark.org/review/15707
Reviewed-by: Yang Luo <hsluoyz@gmail.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add Follow, Firewall, and Flow updates.
Sort and group the new protocol list.
Remove some fixed bugs.
Change-Id: I76f92f746d0f695567cc411cd6c6cd8d59d923c4
Reviewed-on: https://code.wireshark.org/review/15712
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add an option to display the "follow" data as UTF-16.
Bug: 237
Change-Id: Id95ffc014b8ef718f3b6e9f3415806ada309c3a2
Reviewed-on: https://code.wireshark.org/review/15702
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Ping-bug: 12490
Change-Id: I27ce4a0b870d81bfdea188f00ff8101897ad969d
Reviewed-on: https://code.wireshark.org/review/15710
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Showing 'if (tree)' constructions in code samples and then having to
explain these are no longer nessasery, or even wrong in many cases,
indicates that these shouldn't be in the code samples in the first
place.
Change-Id: I1a0ccc84ad24ff998548fa913bc00c0336bf1123
Reviewed-on: https://code.wireshark.org/review/15659
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It should loop on captured data, not reported one
While we are at it, let's call tvb_format_text_wsp() only once
Change-Id: If6805a91d8e5dcf641e682b453522d88cbc2df6c
Reviewed-on: https://code.wireshark.org/review/15699
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Also update faq to include new temporary file format.
Change-Id: Ie6c318bb359974b89ff3e268155315c22ba7c4e4
Reviewed-on: https://code.wireshark.org/review/15685
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We keep the preference only for the single check that could be somewhat costly.
Change-Id: If43a6965a0cf50e0e1864cf1900e529c773b5710
Reviewed-on: https://code.wireshark.org/review/15695
Reviewed-by: João Valverde <j@v6e.pt>
Add the Firewall ACL Rules dialog. Try showing all valid rules for a
given product instead of making the user select from a combobox. We can
add the combo back easily enough if that's desired.
Add a rule hint field and use it in the Qt and GTK+ UIs.
Bug: 12469
Change-Id: I39dd840e9838f96d7c5e2b4c34662811c21d0386
Reviewed-on: https://code.wireshark.org/review/15689
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Switch from enabled/disabled comboboxes to checkboxes. This requires
less clicking on the user's part and less translating.
Draw em dashes instead of "n/a" for non-applicable items, and use
the disabled palette when drawing them.
Change-Id: Ic97b6d44734b679bbeee00e9c2a322e7b8a67247
Reviewed-on: https://code.wireshark.org/review/15661
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: Ifacf00247f457d710e16044b6805c2f41dacddc1
Reviewed-on: https://code.wireshark.org/review/15686
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This doesn't try to use any data from multiple Name Resolution blocks, it
just converts single Name Resolution block usage into a GArray, so the
potential is there to then use/support multiple Name Resolution blocks
within a file format (like pcapng)
Change-Id: Ib0b584af0bd263f183bd6d31ba18275ab0577d0c
Reviewed-on: https://code.wireshark.org/review/15684
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia07cb14995c3f06d8a32330209bb17fde344350a
Reviewed-on: https://code.wireshark.org/review/15688
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
DisplayFilterEdit deals with entire filters and some edit boxes just need a
single protocol field. This control will do the trick.
Bug: 12321
Change-Id: I8e5837ea9a6955ada29b7e516ea022ab1dd46f0d
Reviewed-on: https://code.wireshark.org/review/15595
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Not all packet have a color filter, so check for this before use.
Bug: 12065
Change-Id: Ieed8d369342bde50fe8a1562be9379695da9fbaa
Reviewed-on: https://code.wireshark.org/review/15677
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This fixes a compile error with Qt version 4.8.5-8 as installed in RHEL 7.0:
sequence_dialog.cpp: In member function 'void SequenceDialog::mouseMoved(QMouseEvent*)':
sequence_dialog.cpp:306:35: error: 'escape' is not a member of 'Qt'
QString raw_comment = Qt::escape(sai->comment);
^
Change-Id: Ibbf62123441645471d66aa329f0d63d0ee198017
Reviewed-on: https://code.wireshark.org/review/15682
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
This doesn't try to use any data from multiple Section Header blocks, it
just converts single Section Header block usage into a GArray, so the
potential is there to then use/support multiple Section Header blocks
within a file format (like pcapng)
Change-Id: I6ad1f7b8daf4b1ad7ba0eb1ecf2e170421505486
Reviewed-on: https://code.wireshark.org/review/15636
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
+ TLV 15 has value decoded as on off
+ TLV 16 shows text parameters instead of decimal value
Change-Id: I6f0baa410f12e20825379a3ff0cd6174aa2bc576
Reviewed-on: https://code.wireshark.org/review/15678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix a bitmask for Stack compiliance revision.
Add Network manager field.
Bug: 12488
Change-Id: I0a0908f288997686b76899ee80d51c590599a32e
Reviewed-on: https://code.wireshark.org/review/15681
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris