Modify YAML output format so it includes information about peers and
absolute timestamps for each packet.
This also adds yaml output to tshark: -z follow,tcp,yaml,X
Run
git diff --name-only --diff-filter=A v3.5.0rc0.. epan/dissectors/{file,packet}-*.c plugins
and add any missing dissectors to the release notes. Take the liberty of
fixing up some dissector names and clean up some whitespace.
Added documentation on the Regular Expression import mode
Added documentation for the associated ui-fields
Updated the screenshot for the import-from-hexdump dialog
Added a screenshot of the Regular expression mode tab
Updated the documentation for the updated Timestamp format
Added an entry in the release notes about this new/updated feature
Here's a grab bag of trivial cleanup to the documentation. This change:
- Cleans up some comments in the asciidoctor macros which are no longer
accurate (and do not appear in the build products anyway).
- Fixes a missing space in the text "Wireshark Q&A" in the release notes.
- Allows the "docbook" backend to produce hyperlinks too... That seems to be
necessary if we want to start using our custom link macros in WSDG, which
seems like a reasonable thing to do. And fixes up a wrong variable name in
the handling of the case where we are not able to produce a hyperlink.
This pull request includes:
* The "Follow DCCP stream" feature.
* Updated docbook documentation for the "Follow DCCP stream" feature.
* Test for the feature.
* Corresponding packet trace for the test.
Also modified eCPRI dissector to call it for payloads. This dissector will
claim the "IQ Data" and "Real-Time Control Data" message types - others
are still handled by eCPRI.
Make Protobuf fields that are not serialized on the wire (missing in
capture files) to be displayed with default values by setting the new
'add_default_value' preference. The default values might be explicitly
declared in 'proto2' files, or false for bools, first value for enums,
zero for numeric types.
Default values are generated in epan/protobuf_lang_tree.c during the
nodes of fields are created. The default_value_xxx() methods of field
descriptor are added into epan/protobuf-helper.c/h and
epan/protobuf_lang_tree.c/h files.
close#17000
The google.protobuf.Timestamp is a standard protobuf message type and
consists of seconds and nanos fields. We dissect protobuf field in
google.protobuf.Timestamp type as wireshark FT_ABSOLUTE_TIME field.
And add tvb_get_protobuf_field_uint() to make it easy to get a
Protobuf field of varint type from the tvb.
close#16927
Added a dissector to reassemble IPP Over USB packets and pass them to
the HTTP dissector. Added a display filter so IPPUSB packets can be
filtered. Dissector checks to ensure semgent is IPPUSB and supports
reassembly of send-documents and print-job documents. It also supports
the reassembly and dissection of packets that are truncted or
incomplete.
Change-Id: Icc9525592c07b00baaac887a70bc9e7568273016
It's possible to play opus payload with libopus (https://opus-codec.org/).
Closes#16882.
Helped-by: Pascal Quantin <pascal.quantin@gmail.com>
Signed-off-by: Lin Sun <lin.sun@zoom.us>
Signed-off-by: Yuanzhi Li <ryanlee@mail.ustc.edu.cn>
Stream Specification: https://www.ilda.com/resources/StandardsDocs/ILDA_IDN-Stream_rev001.pdf
The stream specification only defines IDN messages. The other packet commands
like ping request, ping response, etc. (see line 25 - 31 in packet-idn.c)
are part of the hello specification which is not released yet. We were still
able to implement some hello packets since we received a preliminary version
of the hello specification, because we need the hello packets for our work.
related to #16707
Bug: 16764
Change-Id: Iff902150491c984d3069c1b83acef9c2c8ce12c7
Reviewed-on: https://code.wireshark.org/review/38106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new top-level view that shows each packet as a series of diagrams
similar to what you'd find in a networking textook or an RFC.
Add proto_item_set_bits_offset_len so that we can display some diagram
fields correctly.
Bugs / to do:
- Make this a separate dialog instead of a main window view?
- Handle bitfields / flags
Change-Id: Iba4897a5bf1dcd73929dde6210d5483cf07f54df
Reviewed-on: https://code.wireshark.org/review/37497
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id33135d82f30f0d88910b994492b4a64ac170d84
Reviewed-on: https://code.wireshark.org/review/38105
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is send from DCAgent to FSSO collector using UDP 8002 packet
It is based on analysis of protocol (and log)
Bug: 16657
Change-Id: I2e23a403a103c25820d714446d4e3245af04e876
Reviewed-on: https://code.wireshark.org/review/37547
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
sshdump can now be copied in multiple instances. Each instance will
show up a different interface and will have its own profile.
This will help users connecting to different hosts. Instead of changing
profiles, sshdump can be cloned, and each instance will be used for a
single host.
Change-Id: If4fb42cf78021c6f16213ae91cbf41ec7f61ca77
Reviewed-on: https://code.wireshark.org/review/37883
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Technically Enhanced Capture Module Protocol (TECMP) allows the
transport of data recorded on different technologies (e.g. Ethernet,
CAN, LIN, FlexRay). A typical usage scenario is data recording in
vehicles, e.g. for validating and testing autonomous driving.
Bug: 16661
Change-Id: If7c08529049cc1d30d9a5640b4216eac83546800
Reviewed-on: https://code.wireshark.org/review/37610
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to the Decode As dialog to copy entries from
another profile.
Change-Id: Ia04edd063bd2eba14b2b14acfd53b03111646f7e
Reviewed-on: https://code.wireshark.org/review/37616
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add a dissector for Asphodel (https://bitbucket.org/suprocktech/asphodel).
Asphodel is a protocol for streaming real-time data from sensors in industrial
environments. This protocol dissector supports complete dissection of the UDP
advertisment packets, and simple dissection of the TCP command and stream data.
Sample Capture:
https://wiki.wireshark.org/SampleCaptures#Asphodel_Protocol
Change-Id: I6a7f730a4ce5349ac48b4fd86e61429983af5bf9
Reviewed-on: https://code.wireshark.org/review/37318
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
This is the dissector for the LBMSRS protocol which
comes under the 29West protocol suite
Bug: 16466 - LBMSRS sample capture file uploaded in this bug
Change-Id: I7458783f8cff5179064fbd68e910c162db1c5fd7
Reviewed-on: https://code.wireshark.org/review/36917
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds a basic dissector for ScyllaDB RPC protocol.
ScyllaDB (www.scylladb.com) is a No-SQL database serving multiple
client protocols (e.g. CQL). The newly introduced dissector
provides a way to inspect Scylla's internal protocol, used by
the nodes to communicate with each other - share data, gossip
the cluster state, update the schemas, etc.
This dissector implements only a shallow dissection of most packets,
i.e. recognizing the packet type. Two requests with deeper dissection
are MUTATION and READ_DATA, used by I/O operations in the database.
Bug: 16471
Change-Id: Ibba8262bd4e5a637b24b3e7846c42c6534ef811b
Signed-off-by: Piotr Sarna <sarna@scylladb.com>
Reviewed-on: https://code.wireshark.org/review/36633
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Start dissecting the class-specific control messages.
Change-Id: I21e97777c9fc0396a8c0c575ba21909f58bbb577
Reviewed-on: https://code.wireshark.org/review/36539
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Initial support for TEAP (Tunnel Extensible Authentication Protocol)
defined in RFC7170.
Only partial support implemented. Mainly the parts needed to discover
the carried EAP payload when establishing IEEE802.11 EAP-TEAP
connections.
Bug: 16379
Change-Id: Ic2b31d0b871b430792a371cd09926811e350c32b
Reviewed-on: https://code.wireshark.org/review/36104
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Toff