Gtk popped up a search box when typing in the tree view.
Most places in Qt, a Search: field was added to the dialog.
Looks possible to buffer keystrokes and do a string search in Qt.
Default value is 400ms (even on Windows). Average typing speed of
200 cpm = 300ms per character = too close to 400ms when searching
the protocol name in Preferences -> Protocols.
This adds new syntax to read a field from the tree as bytes, instead
of the actual type. This is a useful extension for example to match
matformed strings that contain unicode replacement characters. In
this case it is not possible to match the raw value of the malformed
string field. This extension fills this need and is generic enough
that it should be useful in many other situations.
The syntax used is to prefix the field name with "@". The following
artificial example tests if the HTTP user agent contains a particular
invalid UTF-8 sequence:
@http.user_agent == "Mozill\xAA"
Where simply using "http.user_agent" won't work because the invalid byte
sequence will have been replaced with U+FFFD.
Considering the following programs:
$ dftest '_ws.ftypes.string == "ABC"'
Filter: _ws.ftypes.string == "ABC"
Syntax tree:
0 TEST_ANY_EQ:
1 FIELD(_ws.ftypes.string <FT_STRING>)
1 FVALUE("ABC" <FT_STRING>)
Instructions:
00000 READ_TREE _ws.ftypes.string <FT_STRING> -> reg#0
00001 IF_FALSE_GOTO 3
00002 ANY_EQ reg#0 == "ABC" <FT_STRING>
00003 RETURN
$ dftest '@_ws.ftypes.string == "ABC"'
Filter: @_ws.ftypes.string == "ABC"
Syntax tree:
0 TEST_ANY_EQ:
1 FIELD(_ws.ftypes.string <RAW>)
1 FVALUE(41:42:43 <FT_BYTES>)
Instructions:
00000 READ_TREE @_ws.ftypes.string <FT_BYTES> -> reg#0
00001 IF_FALSE_GOTO 3
00002 ANY_EQ reg#0 == 41:42:43 <FT_BYTES>
00003 RETURN
In the second case the field has a "raw" type, that equates directly to
FT_BYTES, and the field value is read from the protocol raw data.
That will 1) install 6.4, which isn't the recommended LTS version and 2)
install headers and libraries for MinGW-w64, not for Visual Studio.
That means that if you're trying to build with Visual Studio, things
won't work.
Removing the artificial shell prompt symbols does not hurt
legibility and makes is significantly easier to copy-paste
commands, either by double-clicking for a single line or
click and drag for a multiline block of text.
The <...> syntax for literals, intended to be as generic as
possible, unintentionally introduced an ambiguity with the
relational expression "a < b or a > c".
Literals are values like numbers, bytes, IPv6 addresses or, one
could imagine, UNC paths for example, if an FT_UNC type were to
be added in the future.
We could use a new unique symbol like @...@ but the <...>
syntax is very recent and may not be necessary with ":xxx" so
just remove it.
A byte array can be explicitly declared by prefixing with a colon. It
is not as generic but the main ambiguity that this new syntax attempted
to solve is bytes vs protocol names. We don't want to introduce a new
reserved symbol for now, until other requirements if any are more clear.
Fixes#18418.
Use the variables WIRESHARK_QT{5,6}_PREFIX_PATH.
This allows having Qt5 and Qt6 paths configured isimultaneously and switch easily between them.
Use list(APPEND) to avoid clobbering other CMAKE_PREFIX_PATH paths.
Follow-up to b33210750c.
Linux builds were left behind on the Qt transition, presumably because
our Ubuntu CI image does not support Qt6.
Enable Qt6 by default and explicitly disable it for slower or more
conservative Linux distros.
Drop experimental status for Qt6, because we are using it to build
official Windows and macOS releases.
Remove the redundant BASE_FLOAT field display type. The name
BASE_FLOAT is meaningless and the value aliased to BASE_NONE.
Require BASE_NONE instead of BASE_FLOAT (corresponding to
the printf() %g format).
Add new float display types using BASE_DEC, BASE_HEX and BASE_EXP
corresponfing to %f, %a and %e respectively.
Add support for BASE_CUSTOM with floats.
The "Last updated" footer time is the last modified time of the source
file. We could make it reproducible using something like
git-restore-mtime, but it's easier (and IMHO less ugly) to just remove
the footer.
Rename wslua_util.c to wslua_utility.c so that our file name has the
form "wslua_<lower case lua module name>.c", which is the case for our
other modules.
Changes:
- The tool now recognizes which software is running on a device - IOS, IOS XE
or ASA. Based on it, it uses correct sequence of commands to setup
capture, read captured packets and clear the capture.
- The tool reads packets on the fly so you don't have to wait till
--remote-count of packets is reached.
- The tool reads timestamps from capture on the device for IOS and ASA (on
IOS-XE, there is no timestamp in dump).
- Except Windows platform the tool handles early stop of capture on the device
and clear of capture buffer on the device (it finish the capture).
- There are special interface names to allow the tool to generate
specific capture types.
- Documentation updated.
Closes#17672.
Adding an explanation on minimum required versions to the release
notes, as well as bumping c-ares to version 1.14.0
The previous minimum (1.5.0) has been released in 2008. The new
version has been choosen to correlate with those distros, that
also provide a minimum version of Qt5 higher than 5.9, as 5.9
is no longer supported in the main branch
Chuck Craft