The introduction of pcap_list_datalinks() predates the introduction of
PCAP_ERROR, so the presence of pcap_list_datalinks() doesn't guarantee
that PCAP_ERROR is defined. Change the use of PCAP_ERROR when checking
the result of pcap_list_datalinks() to just check for -1.
Change-Id: Id8229b7aebd02eaf3701983f9343503397af4fb3
Reviewed-on: https://code.wireshark.org/review/19351
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also added a note above field_display_e enum to indicate that this
values are parsed in make-init-lua.pl to build init.lua.
Change-Id: Ibd125684f9a68e1b8116fae0ccbc72147825d75d
Reviewed-on: https://code.wireshark.org/review/19336
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
1. Convert the Mellanox encapsulation header into a heuristic dissector.
2. Convert EtherType header dissection into a heuristic dissector.
3. Convert "heuristic preferences" to use deprecated_heur_dissector_pref.
Ping-Bug: 5061
Ping-Bug: 2672
Change-Id: Iabcac1af8e07f3f6f25f825ed56b2036c3285783
Reviewed-on: https://code.wireshark.org/review/19317
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I9d9ffdb7d32a940dbe155e82946d59f649cafe09
Reviewed-on: https://code.wireshark.org/review/19345
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
BDAT handling takes the whole packet to add to its count of necessary
bytes, but wasn't updating the offset, so if a BDAT "data packet" had
multiple CRLF segments in it, the BDAT byte counter became inaccurate.
Bug: 13030
Change-Id: Idd44ccb95a8f4710db4546a918661c63a343260c
Reviewed-on: https://code.wireshark.org/review/19343
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This script mimics tools/debian-setup.sh for RPM based systems.
It installs all the required and optional packages to compile
Wireshark. Tested on Centos 7, Fedora 25, openSUSE Leap 42.1.
Change-Id: Ifc55f45608e5f5a74188d4fb5612bedb6437fcb1
Reviewed-on: https://code.wireshark.org/review/19088
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Set STAT_FLAG_WRONG_TIMESTAMP for RTP sequence when newer packet has lower timestamp than previous one.
Change-Id: Ib18830eea33ddb3dbbdf3beba279131c0fc5a948
Reviewed-on: https://code.wireshark.org/review/19292
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Problem is in 2.0 and master. It is probably in 2.2 too.
Change-Id: Iaa8adea788dcd5da7cff32d56d483a1e7d52d226
Reviewed-on: https://code.wireshark.org/review/19340
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The time-based moving average code should use a constant window size
as the denominator when calculating throughput.
Added QDoubleSpinbox widget to choose the time-based moving average size.
Also added (optional) ability to select ACK (reverse) packets as well as data
packets when clicking on the base graph.
(useful, for example, when examining SACK or DSACK packets)
Added CheckBox widget (with tooltip) for user to choose ACK selection
Change-Id: Ib3ba4f9be9e30aa8f3088b0b2d48b4ca214f7cc3
Reviewed-on: https://code.wireshark.org/review/19108
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I93b24285443d99799f83c40f61f413c2d106c85f
Reviewed-on: https://code.wireshark.org/review/19338
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Because luaL_argerror() does a longjmp all memory free must be done
before calling this.
Also rewrote true_false_string_from_table() to be a bit simpler
and to give argument error when too many strings in the table.
Change-Id: Ied0fa468f1274155c746fe2e086dacf1a8582b08
Reviewed-on: https://code.wireshark.org/review/19325
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
But is observed in 2.0 and later branches.
Change-Id: I46fcbb33824d30bac1999e1b61d9c249972d17f0
Reviewed-on: https://code.wireshark.org/review/19316
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add "LE Set Extended Advertising Data",
"LE Set Extended Scan Response Data", and
"LE Set Extended Advertising Enable" command parser.
Change-Id: I3027dc9c213c15f503fa5495829726db3a207300
Reviewed-on: https://code.wireshark.org/review/19251
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Burst 4 and Burst 5 values are now properly decoded.
Change-Id: I6232a19eb849a419825be69435069e4be721cbc1
Reviewed-on: https://code.wireshark.org/review/19327
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Based on EUROCAE ED-137B specification:
ED-137B, Part 1: RADIO, INTEROPERABILITY STANDARDS FOR VOIP ATM COMPONENTS
https://boutique.eurocae.net/eshop/catalog/index.php
Bug: 13252
Change-Id: Ifab1aaf47e3405fcd46309167237f11ce2d7e2ff
Reviewed-on: https://code.wireshark.org/review/19302
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 13251
Change-Id: I56a01e779f7f0eadc8a078f88543269a91148f00
Reviewed-on: https://code.wireshark.org/review/19293
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I433b6357914063ba7dbbe119771770e98e019091
Reviewed-on: https://code.wireshark.org/review/19324
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add RFC6926 and RFC7724
Change-Id: I2e10c337f3fe3043e5c36f501eb3e29b16bfcecc
Reviewed-on: https://code.wireshark.org/review/19312
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ic6812fd266832743962e020cfc8f0af2d4742fdf
Reviewed-on: https://code.wireshark.org/review/19308
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
Fragment offset unit is 8-octet, not bytes.
Reverts regression introduced in 232cb9a2dd.
Change-Id: Id015209b45e15cd630f42ed2c3bbf342094b8ba6
Reviewed-on: https://code.wireshark.org/review/19307
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Otherwise, we get complaints when generating the value_string_ext from
it.
Change-Id: I2b4fc4c57b1f0c47706fe73187192c155593da84
Reviewed-on: https://code.wireshark.org/review/19306
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The check*.pl scripts presume that files with the prefix "packet-"
are dissector files and therefore have different rules than other
files. Rather than trying to clarify that more with additional
directory information, just make any non-dissector file with
"packet-" filename prefix conform if it fails a "dissector specific"
check from the scripts.
Change-Id: I7cb52e1fad4ea62320492bb690904260f958aeb4
Reviewed-on: https://code.wireshark.org/review/19304
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Applications can also use GSMTAP framing to convey log messages
which would traditionally be printed on stderr or on log files. This
allows the ordered/interspersed display of protocol messages with log
lines from the applications that send or received those messages.
The osmocom logging framework (part of libosmocore) implements this in
libosmocore.git Change-Id I9a7e72b8c9c6f6f2d76d1ea2332dcdee12394625
Change-Id: I0de723445e5b5ce0199a4081808111240a9ed047
Reviewed-on: https://code.wireshark.org/review/19183
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
1. Generically handle/display all unparsed data. Any unparsed data can be found with cip.data
2. This now shows at least some unparsed data that was not previously displayed. Previously, extra data sent with Get Attribute List requests was not displayed. It was difficult to tell why devices were returning errors, without knowing there was extra data.
3. Make most functions return the number of bytes processed to support the above points.
Change-Id: I290c09d76e74c18facaef99c8903e7937fbdd710
Reviewed-on: https://code.wireshark.org/review/19263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I152a388db2f3b8c035c80bd06dfbb9a18f10c031
Reviewed-on: https://code.wireshark.org/review/19284
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Variables are removed
Change-Id: I54bb00a74255625c7ce487cfd31794fcdb9fa979
Reviewed-on: https://code.wireshark.org/review/19295
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Many proto_item_append_text calls were just adding a unit string to a field.
There's a better way to do that now.
Change-Id: Id18d5ac1ea4d8ecdc4cbe7ebaec07fbd2eab6e78
Reviewed-on: https://code.wireshark.org/review/19289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
proto_tree_add_uint_format_value had the most use of unit strings, this
patch handles all of the other proto_tree_add_xxx_format_value calls that
could be better served using BASE_UNIT_STRING with a "unit string" in hf_ field.
Added more "common" unit string values to unit_strings.[ch]
Change-Id: I0fb680be781e10037eb7bd40dd21a9ee20c1fb1c
Reviewed-on: https://code.wireshark.org/review/19288
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, $PATH points to .../Wireshark.app/Contents/Resources/bin, so
the man command will look in
.../Wireshark.app/Contents/Resources/share/man.
This also may obviate the need to install the wrapper scripts in
/usr/local/bin, although those scripts obviate the need to re-set PATH
after installing Wireshark.
Change-Id: I7202b5a0fe5d2b90c956dc0db2af073f6c08b00d
Reviewed-on: https://code.wireshark.org/review/19296
Reviewed-by: Guy Harris <guy@alum.mit.edu>