Update the Transifex URL and describe how its resources are organized.
Change-Id: Icc03ff57da73c0a60da0ea1e7ff19d6ecffae3a1
Reviewed-on: https://code.wireshark.org/review/35637
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a section for the Packet Lengths window. Use title case for the
column headers. Fix a button name and other issues elsewhere.
Change-Id: I339d56aa169158e0788acd02a897729205e9f50e
Reviewed-on: https://code.wireshark.org/review/35615
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a note about case sensitive directories on Windows.
Recommend the "winflexbison3" Chocolatey package.
Update our list of Linux distributions.
Change-Id: I4676453941a66de71215d6ce6cf7057623c92fec
Reviewed-on: https://code.wireshark.org/review/35622
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add an initial "es" Qt translation file and an accompanying flag image.
The image came from
https://en.wikipedia.org/wiki/File:Flag_of_Spain.svg
and is in the public domain.
(We already had a debian/po/es.po.)
Change-Id: I5378ad2cbffb2267389fc8ae6af6d591071e0144
Reviewed-on: https://code.wireshark.org/review/35620
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Two enhancements and one fixed bug:
1. Add dissecting protobuf fields as wireshark (header) fields preferences. User
can input the full names of protobuf fields or messages in Filter toolbar for
searching.
2. Add 'protobuf_field' dissector table. Dissector based on protobuf can register
itself to 'protobuf_field' keyed with the full names of fields of BYETS or STRING
types.
3. A bug about search MESSAGE or ENUM type in context is fixed.
4. Another small enhancement is adding prefs_set_preference_effect_fields() which
can mark a preference that affects fields change (triggering FieldsChanged event).
See the linked bug for sample capture file and .proto files.
Ping-Bug: 16209
Change-Id: Ibc3c45a6d596a8bb983b0d847dd6a22801af7e04
Reviewed-on: https://code.wireshark.org/review/35111
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the Expert Information section of the User's Guide. Use the term
"Expert Information" to describe the dialog and "expert information
item" to describe each generated item. Update related text elsewhere.
Update the expert icon and other parts of the status bar docs.
Change-Id: I0c2cba0cbb3c74a1f6e3a37d4a2a592faccb350f
Reviewed-on: https://code.wireshark.org/review/35462
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Generalize the "missing bpf.h" entry. Remove the UCD SNMP and Fink
entries.
Change-Id: I276f2387c4bf017c7ba4f0a37cce525efd1c24ae
Reviewed-on: https://code.wireshark.org/review/35469
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the last of our description list term formatting. This is better
handled using CSS. Update the filter expression dialog DL text.
Change-Id: Ib21e2ee5265c9b476d960e7d73ac99b25b646141
Reviewed-on: https://code.wireshark.org/review/35437
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove some formatting and link to the list archives.
Change-Id: I45c5a24b4a6d01234aafab71dc080cf98f4e22cf
Reviewed-on: https://code.wireshark.org/review/35435
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update the minimum version in various documents. Remove some
no-longer-needed code from scripts that call windeployqt.
Change-Id: I16da4bced9780c9f1b1969aae7c52e2fce1968aa
Reviewed-on: https://code.wireshark.org/review/35391
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add an "Export Specified Packets" section. Update the "Export Packet
Dissections," "Packet Range," and "Packet Format" sections. Update some
markup and text throughout the chapter.
Change-Id: I7b7c6fcc41c4fdc684c86a34364ed9baa5123d15
Reviewed-on: https://code.wireshark.org/review/35359
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update a few screenshots and associated text. (The file open, save as,
and merge images date back to the Ethereal era!) The interface options
dialog no longer exists, so remove that screenshot and text.
Mark GTK+ and outdated images as such in CMakeLists.txt.
Change-Id: Ia01788434a1c96dd3f527c9d4ae34b1ca30f92d7
Reviewed-on: https://code.wireshark.org/review/35345
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update some of the FAQ and WSUG content for Windows 7's impending
demise. Add supported releases for macOS and other updates.
Change-Id: I5741ac631f39803fa060e9f5c2006a75cb54136f
Reviewed-on: https://code.wireshark.org/review/35333
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a section for the Wireless menu.
Remove some unused images. It doesn't look like we ever used
ws-*-preferences.png. They had ENTITY definitions in the original XML,
but those weren't referenced anywhere.
Change-Id: I7f027b48ef22c8680f6224f189d4e9d0bd8114c0
Reviewed-on: https://code.wireshark.org/review/35328
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Documentation of the Tshark and dumpcap command line options between
help text, manual page and user's guide diverged over time. One aspect
of this is the implementation of more long options. This change tries to
update all documentation to be complete and in sync again.
Change-Id: Ie8bee013df8d209080fcf288072774f18f9ff51f
Reviewed-on: https://code.wireshark.org/review/35261
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The WSDG is a mix of references to 32 and 64 architectures. Use 64
in more places.
Change-Id: Ifb4b3189912268808cfe8fdb5119f2177c815163
Reviewed-on: https://code.wireshark.org/review/35248
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I537fbb26681555d0cd303d4b614bc016e935eb70
Reviewed-on: https://code.wireshark.org/review/35225
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The update_tools_help CMake target is periodically run, but the output
of `wireshark -h` was previously not included.
Bug: 16166
Change-Id: Ib7aac89ff31d7b7c7033496b512d97bfbd727aaa
Reviewed-on: https://code.wireshark.org/review/35205
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Although c-ares support was techically optional, it was either on by
default or required in all of our packaging. Go ahead and require it
globally. C-ares is widely available and synchronous name resolution can
easily result in a horrific user experience.
Change-Id: Id67c797316ed6b8a0ab5052e55a43a1b9e2a2464
Reviewed-on: https://code.wireshark.org/review/35188
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Updated the toolchain references to VS 2019,
removing mentions of 2015 & 2017.
Bug: 16211
Change-Id: Ic1607ac2c2713a5d324d40319c4e1be5365eb6f7
Reviewed-on: https://code.wireshark.org/review/35180
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change improves Wireshark ability to save rtp streams. It allows a user
to save any supported codec with 8 kHz rate. In real, it means G.711 and
G.729 for now.
There is no hardcoded codec limitation during save anymore. If code detects
unsupported codec or rate during save, it replaces samples with silence and
reports it. Therefore any added codec in future will be supported.
Note to RTP saving:
RTP streams (there can be up to two of them for save) can contain multiple
codecs in each direction - some of it can be supported and some
unsupported. What should be exported then?
Till my patch save do not run and a user received nothing even part of stream
was OK/encoded with supported codec.
Therefore I managed the code to start with export and do its best.
Unknown codec/part is replaced with silence and user is warned after
export. Therefore a user will get:
a) audio - when all codecs are supported (no warning)
b) mix audio/silence - when some codecs are supported (warning)
c) only silence - when no codec is supported (warning)
BTW same output user sees/gets in RTP player for years.
Change-Id: Id938d419f5841af46d2d2d3ddfaf1ec9a0235bcc
Reviewed-on: https://code.wireshark.org/review/35105
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Update the new protocol list and clarify our Qt versions.
Change-Id: If4d5e591b4419cc3171616825201375fdc5401aa
Reviewed-on: https://code.wireshark.org/review/35165
Reviewed-by: Gerald Combs <gerald@wireshark.org>
They no longer reside to the right of the display filter toolbar, but
have been moved to Analyze->Display Filter Expressions... as well as
the context menu of the display filter edit
Change-Id: I5afb87a483838204be33f5b8b965643c2c95e306
Reviewed-on: https://code.wireshark.org/review/35151
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: Ia96444bc463337e0ffb050a05ce4d454dd18986d
Reviewed-on: https://code.wireshark.org/review/35103
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add support for automatic updates using the Sparkle framework. Add
FindSparkle.cmake and associated CMake plumbing. Add a public key and
other info to Info.plist.in. Add ui/macosx/sparkle_bridge.{h,m}, which
wraps the Sparkle API. Make code that's specific to WinSparkle
Windows-only.
Add Sparkle installation steps to the macos-setup scripts. Sparkle
prints a warning if your bundle is unsigned (which is the case during
development) so disable installing it by default.
Updating here takes a long time. We might be able to fix that by
shipping our DSYMs separately.
Change-Id: I6cc6671db5657dadc514bda6bf6e1c8bbc9468a5
Reviewed-on: https://code.wireshark.org/review/35090
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Documentation of the Wireshark command line options between help text,
manual page and user's guide diverged over time. One aspect of this is
the implementation of more long options. This change tries to update
all documentation to be complete and in sync again.
Bug: 16168
Change-Id: Id833fbeb14fdb7b3dbc1564504a25d96f4367c91
Reviewed-on: https://code.wireshark.org/review/35047
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Some parts of HTML Help have issues displaying curly quotes. Add a
title argument to the XML2HHP macro so that we can set one with a
straight quote. Set the title using the htmlhelp.title XSL parameter
instead of relying on HTML Help to derive it for us. This seems to keep
"???TITLE???" from being mysteriously appended to the title.
Try setting htmlhelp.window.geometry while we're here.
Bug: 16183
Change-Id: I0bf2dbeeb811dc65010ab5223725d6b5cdc96966
Reviewed-on: https://code.wireshark.org/review/35031
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Allow the storage of extcap plugins in the personal directory and
enable loading from there. It will also take precedence of any
system-wide extcaps with an identical name
Change-Id: Ib88e09a26c4f99cf5e793327f2808c7445c6b1b5
Reviewed-on: https://code.wireshark.org/review/34988
Reviewed-by: Roland Knall <rknall@gmail.com>
Buttons can be left-aligned in the display filter edit bar, by selecting
the corresponding option from the context menu
Bug: 14123
Change-Id: I18b48bb0ea43a598b2e309dcad9210463be06414
Reviewed-on: https://code.wireshark.org/review/34980
Reviewed-by: Roland Knall <rknall@gmail.com>
Add a graph for the currently display filter if none exists, upon
opening IOGraph
Change-Id: Ic25b014484898dd1917b13f2616fd519e2e8183b
Reviewed-on: https://code.wireshark.org/review/34984
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Make the mimetype for the display filter more generic, so that external
programs can attach to Wireshark and users can drag and drop display
filters to the program
Change-Id: Id78b4dff7883e3dab879a31aad07f577d8cc4ee3
Reviewed-on: https://code.wireshark.org/review/34936
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If working in streaming RPC mode, many grpc messages will be
contained in one http2 stream, the stream will end very late
(for example ETCD watch stream).
So we could not rely on old http2 reassembly mode which call
sub-dissector only END_STREAM appeared. We need a reassembly
mode that call subdissector which support streaming mode as
soon as the message in STREAM is available.
Please refer to comments of
reassemble_http2_data_according_to_subdissector() function
of epan/dissectors/packet-http2.c for more detail.
See the linked bug for streaming mode gRPC capture files.
Ping-Bug: 16160
Change-Id: Id9e5337a0e3ca9f8c8119d74d2c1fe4cc263afc3
Reviewed-on: https://code.wireshark.org/review/23988
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Ensure, that all mimedata uses similar mimetypes and document
the mimetypes being used throughout wireshark
Change-Id: I7c02d0a5e12a823153640e600051abb95d58cdeb
Reviewed-on: https://code.wireshark.org/review/34923
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The recent macOS installer changes were backported to master-3.0, so
they're no longer new in master.
Change-Id: I357e0f8facbc2266c3780bcf8d696b5c2b00602d
Reviewed-on: https://code.wireshark.org/review/34745
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Used egrep "\b([a-zA-Z]+) \1\b" docbook/wsug_src/*.adoc to find instances
where words were erroneously duplicated.
Change-Id: Ie390fa4f1c61a288ff0ed77aa84c4fb01f4de27e
Reviewed-on: https://code.wireshark.org/review/34725
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. A C-style Protocol Buffers Language (PBL) parser for *.proto file is added.
It contains protobuf_lang_scanner.l (lex scanner), epan/protobuf_lang.y (grammar
parser), and protobuf_lang_tree.h/c (grammar tree implementation).
2. The protobuf-helper.h/cpp is an interface wrapper layer. If one day C++ is allowed,
we can create a protobuf-helper.cpp file, which using offical protobuf C++
library, to replace protobuf-helper.c. That keeps packet-protobuf.c unchanged.
3. User can specify protobuf search paths, and the UDP ports to protobuf message type
maps at the Protobuf protocol preferences.
4. Other dissectors can pass the message type to Protobuf dissector by data parameter
or pinfo->private_table["pb_msg_type"] (pinfo.private["pb_msg_type"] in lua).
Some Sample of GRPC with Protobuf captures can be found in Bug: 13932.
Bug: 13932
Change-Id: Ife16c2f7b381296f8db4740dabe5f8362a456f48
Reviewed-on: https://code.wireshark.org/review/22892
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The QUIC transport protocol provides a stream, similar to HTTP/2. Make
it possible to look at the stream contents. This can be helpful while
HTTP/3 support is not yet complete.
Known issues that will be addressed in the future:
- If a single packet contains multiple streams, then Follow QUIC Stream
will wrongly include data from streams other than the selected one.
This is tracked by bug 16093 and affects HTTP/2 as well.
- The Substream index menu does not properly filter for available
stream numbers. If a non-existing stream is selected, then changing
to another (potentially valid) index results in the "Capture file
invalid." error. As workaround, clear the display filter first.
- Follow Stream always selects Stream ID 0 instead of the first or
currently selected stream field in a packet. Users should manually
update the stream index as needed.
Change-Id: I5866be380d58c96f0a71a29abdbd1be20ae3534a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Scalable service-Oriented MiddlewarE over IP (SOME/IP) is the
standard communication middleware for IP and Ethernet based
communication. It supports Service Discovery, RPC, Pub/Sub, and more.
Bug: 16014
Change-Id: Ifd6549818ccc87f376a5fb9ba1d6c335818c6e00
Signed-off-by: Dr. Lars Völker <lars.voelker@bmw.de>
Reviewed-on: https://code.wireshark.org/review/34497
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Create ChmodBPF installer and uninstaller packages using pkgbuild and
productbuild. Place them in Wireshark.app/Resources/Extras.
Add a path_helper installer and uninstaller which respectively add and
remove /etc/*paths.d/Wireshark.
Remove the PackageMaker and utility-launcher assets and build targets.
Show a message in the main welcome screen if we don't have capture
permissions. Add an link which launches the ChmodBPF installer.
Add a "macOS Extras" item to About → Folders.
Migrate "Read me first" from RTF to Asciidoctor, which lets us add links
and looks like our other documentation.
Rename dmg_set_style.scpt to arrange_dmg.applescript and make it plain
text. Always run it in osx-dmg.sh.
Bug: 6991
Bug: 12593
Bug: 11399
Ping-Bug: 16074
Change-Id: I7b6aa89aae2be522b4141b0d44e8142dec749e90
Reviewed-on: https://code.wireshark.org/review/31047
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.
Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.
[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]
Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The spelling error for "Desription" in the context menu was very
obvious. The others were found by scanning the output of:
grep -Po '<source>\K.*(?=</source>)' wireshark_en.ts
Change-Id: I4b95236c82f76828a115d59d7c8e0b853eae1d26
Reviewed-on: https://code.wireshark.org/review/34582
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Update some of the packet list and detail context menu items.
Add a release note entry noting the new Apply/Prepare behavior and
update some other items.
Change-Id: I3c2336a3f438f2d97bdb4df764e2af78a3499d81
Reviewed-on: https://code.wireshark.org/review/34543
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The Diagnostic Log and Trace protocol (DLT) is a commonly used and
standardized protocol in the automotive industry used to retrieve
log data. This patch adds the protocol to Wireshark. Keep in mind
that ports have to be configured before the dissector can be used.
Change-Id: I24592705476fb0c3bb83a1cc10b3dae8867523f4
Signed-off-by: Dr. Lars Völker <lars.voelker@bmw.de>
Reviewed-on: https://code.wireshark.org/review/34462
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow a selection of the list based on the protocol type. That way
one can easily enable/disable for instance just heuristic protocols
Change-Id: I1ee8df5d9887c764272ec55b33703855c0c91f5a
Reviewed-on: https://code.wireshark.org/review/34442
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
List syntax is *not* one of the more straightforward parts of AsciiDoc.
Change-Id: Icfed27de84c8c11cad02c4ba4d359786cd480eea
Reviewed-on: https://code.wireshark.org/review/34423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Confusing though it might be, a patch-matching expression containing
only the name of a Boolean field matches all packets containing that
field, regardless of whether the field is true or false; you need to
compare the field against 1 to check whether it's true.
Change-Id: I615acc4d71964c8474e6f3655ade8814cbe07b22
Reviewed-on: https://code.wireshark.org/review/34422
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The Linux kernel includes a module called drop monitor which -
unsurprisingly - monitors packet drops.
Once enabled, the module will periodically send netlink notifications to
user space over generic netlink. Historically, these notifications only
included the program counter where the drop occurred and the number of
packets that were dropped in this location in the last interval.
Patches in net-next (queued for Linux kernel 5.4) extend drop monitor
with another mode of operation where the dropped packets themselves are
sent to user space along with relevant metadata as netlink
notifications. This allows users to perform a more detailed analysis of
the dropped packets.
This patch adds a dissector for these netlink packets. The dissector is
expected to be invoked by the generic netlink dissector and during its
hand off routine it adds an entry in the 'genl.family' dissector table.
The various netlink attributes are dissected by calling
dissect_netlink_attributes(), in a similar fashion to the rtnetlink
dissector. The dropped packet itself is encoded in the netlink attribute
'NET_DM_ATTR_PAYLOAD' and dissected by invoking a dissector from the
'sll.ltype' dissector table based on the packet's protocol which is
encoded in the 'NET_DM_ATTR_PROTO' attribute.
Bug: 16018
Change-Id: I10bfa4b9c9d8f5e82769c250f929f74693142a23
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/34351
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also, put the search field on top, as this is the default for search
fields and apply the change of enable/disable and invert-all only to
the selected items, instead of all items.
Bug: 16013
Change-Id: If4ef1c5ce63eef6fa72db679cdcbf52dcb0e8fb6
Reviewed-on: https://code.wireshark.org/review/34393
Reviewed-by: Roland Knall <rknall@gmail.com>
With the design changes made in the Qt interface with respect to the
Deocode as dialogs the Users Guide content is confusing. Update the
graphics and text to accurately describe the current design. Update
references in other parts of the document too.
Change-Id: Iad6af555d2da3430230c7f176bf2ec1e808cc134
Reviewed-on: https://code.wireshark.org/review/34337
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This protocol is a non-standard, ad-hoc protocol to pass baseband GSM
bursts between the modem (osmo-trx) and the encoder / decoder
(osmo-bts-trx). Osmocom inherited this when forking OsmoTRX off the
OpenBTS "Transceiver" program.
Change-Id: I31f5071d08eff1731f1d602886e204c87eed107c
Related: OS#4081 (https://osmocom.org/issues/4081)
Bug: 14814
Reviewed-on: https://code.wireshark.org/review/26796
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
In the configuration files overview the dfilter_macros file was missing.
Add its description and slay a few typos on the way.
Bug: 15973
Change-Id: I381d0482ac13dce6ea1daf44300c74d3a1ff03fe
Reviewed-on: https://code.wireshark.org/review/34243
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(That's the master and 3.0.x buildbots; the 2.6 Mac buildbot is running
an older version of Apple's UNIX-for-Macs - sufficiently older that
Apple's name for it was different back then.)
While we're at it, note that it's been updated past VS 2013.
Change-Id: I063daa7c38ff58aed0c77950d4265b5544783f2c
Reviewed-on: https://code.wireshark.org/review/34217
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add an item about marking packets using the middle mouse button to the
release notes.
Update the "Marking Packets" section of the User's Guide accordingly.
Use "menu:...[]" to mark up menu items in a bunch of places. It looks
like we need to a add a "guimenu" class to ws.css.
Change-Id: Ide99112f7643e509d8af8a4aa6ddb4287f3585cf
Reviewed-on: https://code.wireshark.org/review/34182
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patchset ensures a 1:1 replacement of the old 3.0 version of the profiles
dialog. It is a major bugfix for the new version in case of handling creating/
deleting and adding profiles.
Delete can be performed on multiple profiles now, by selecting the profiles
which need to be deleted.
Import/Export functionality has been overhauled to follow these rules:
* No imports while changes are pending, due to datamodel sanity
* Export for Default Profile and Global Profiles is not possible
* Either all personal profiles can be selected or individually choosen ones
* Use last directory and store it properly
* Imports can be cancelled
* Only one import is allowed at a time (but it can contain as many profiles as needed)
Change-Id: Ie2fccd397202ec06976d764734437284f464409a
Reviewed-on: https://code.wireshark.org/review/34123
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
- Use apt instead of aptitude.
- Update example file name versions.
- Remove leading $ from command lines.
Change-Id: I888f6612615ac252c0c0b3f867bac36610ae3e51
Reviewed-on: https://code.wireshark.org/review/34110
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
To allow for easy import of profiles, one can select a directory
to import profiles from
Change-Id: I12f66e3dc6bd272d34baa76093152dce412b0158
Reviewed-on: https://code.wireshark.org/review/34038
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Remove some dead links or point them to archive.org while at it. All
updated links have been verified.
Change-Id: Icf02167a13d5fe9dfce39ea57525b3f185554c9d
Reviewed-on: https://code.wireshark.org/review/34028
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>