In the world of CMake calling "set" with multiple values creates a
semicolon-separated list. For WS_WIN_LIBS we want a single string so we
need to call "set" with a single, quoted value.
Change-Id: I96c5085af58adfb97ce16195eb27cc8ddb612d6a
Reviewed-on: https://code.wireshark.org/review/10158
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Try to keep the main display filter editor from emitting warnings when
we populate the recent item list.
Change-Id: Ib0c150093e03d4d2ca2ac6cd72c0e37d041fe98b
Ping-Bug: 11438
Reviewed-on: https://code.wireshark.org/review/10157
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If we run into an error when trying to register a tap listener, return
instead of tapping packets. This should fix some (but likely not all)
double frees found by Stig. For now close each statistics dialog if we
find an error. Note that we might want to keep them open instead.
Add checks and cleanups to some of the stats table free routines.
Call fillTree once in TapParameterDialog's constructor instead of each
time it's shown. Make fillTree a slot which lets us use a delay timer so
that the dialog is visible when we retap packets.
Change-Id: Id49f2f2a99bc8e5b1d32990024986b3c8b1abe24
Reviewed-on: https://code.wireshark.org/review/10153
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Deprecated filters are still valid. Update display filter checks to make
sure we can apply them.
Bug: 11438
Change-Id: Ib5e009c070b40912434e0ffd771203ed1e1ba093
Reviewed-on: https://code.wireshark.org/review/10154
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: Ifa6170622bc8331097bc3fe9c567c97ce826c340
Reviewed-on: https://code.wireshark.org/review/10140
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Otherwise dissection will fail when analyzing a capture with a snap length set
Change-Id: If6714364efffdd1fbf88c947743929a71f75c663
Reviewed-on: https://code.wireshark.org/review/10135
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Otherwise dissection will fail when analyzing a capture with a snap length set
Change-Id: I764f48c624d0cc411b04ee62f8ecccaf6abb6f0c
Reviewed-on: https://code.wireshark.org/review/10134
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Mergecap needs setargv.obj in order to get wildcard support. This is linked
in nmake but not cmake.
Bug: 10354
Change-Id: Icccf6b36495ac4b376f651d689b4a1f9e2c6042d
Reviewed-on: https://code.wireshark.org/review/10143
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
The 'number_of_interfaces' member of struct wtap is not used - nor is it
needed since the interface_data is a GArray with its own 'len' member.
Change-Id: Id0fb25248dea4bea9fc88a8ea35c09ba55029d89
Reviewed-on: https://code.wireshark.org/review/10138
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Like bug 11447, when wiretap reads a legacy PCAP file it needs to
set the interface description's tsprecision member. And like bug
11447, I'm wondering why we have the field to begin with. But I'm
fixing this so that the Windows buildbots can get going again.
Change-Id: I71d0fe2e999ee7d11f1f5cc424681a99e17b1b1b
Reviewed-on: https://code.wireshark.org/review/10139
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Down the rabbit hole we go...
Change-Id: I8371b95b85128209b56960eb6e54648a6babbb84
Reviewed-on: https://code.wireshark.org/review/10137
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
This change will be undone once the problem is found.
Change-Id: Ica9cfe31b4e30fad2bb9de508af61baa1c455cc1
Reviewed-on: https://code.wireshark.org/review/10136
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
The tap_sequence_analysis was adapted to store the protocol of each
frame. Therefore a new variable was introduced. In case of an ICMP or
ICMPv6 packet, the ICMP message type and code is retrieved. The adapted
ICMP and ICMPv6 dissector stores both values in packet info (see [1]).
In case of ICMP and ICMPv6 packets, the source and destination port is
not set or 0, respectively. Compared to that, the NetFlow service export
protocol [2] codes the ICMP message type and code into the port numbers.
The source port is zero while the destination is defined as: destination
port = ICMP type * 256 + ICMP code. This definition was implemented for
the ICMP and ICMPv6 packets.
References
[1] https://code.wireshark.org/review/10097
[2] http://www.ietf.org/rfc/rfc3954.txt
Change-Id: I07518e360975682a3f45e80cb24f82f58cfb15f0
Reviewed-on: https://code.wireshark.org/review/10098
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found also by Coverity (CID 1316607)
Change-Id: Ib6a4437fd24b51a8aa87d4bcdb5ee2a1dc43dae3
Reviewed-on: https://code.wireshark.org/review/10124
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
When fields have changed the compiled display filter may be invalid
or need a recompile to be valid.
Filters which are not valid after a recompile is set to a filter
matching no packets (frame.number == 0) to indicate that this does
no longer match anything. We should probably have a better filter
matching no packet for this purpose.
Change-Id: Id27efa9f46e77e20df50d7366f26d5cada186f93
Reviewed-on: https://code.wireshark.org/review/10123
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add a test suite for mergecap (and indirectly capinfos I guess).
This is not exhaustive, but it's a start.
Change-Id: I9442b4c32e31a74b1673961ad6ab50821441de3e
Reviewed-on: https://code.wireshark.org/review/10082
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add more information about the capture file, and about the interface
descriptions in it. Also remove long-unused g_options code.
Change-Id: I93cbd70fc7b09ec1b8b2fd6c85bb885c7f749543
Reviewed-on: https://code.wireshark.org/review/10073
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also use TEST-NET-1 for IPv4 examples.
Replaced note using comma with parentheses
Change-Id: I9855207aec7a335b80986aa63bd235edc4278d3a
Reviewed-on: https://code.wireshark.org/review/10061
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Add the UDP multicast stream dialog. Abuse TapParameterDialog a bit more
so that we can edit parameters.
Remove some unused struct members and an unused function.
Change-Id: I962c70344e792f0959527e4bcba8a20bd7e8acf9
Reviewed-on: https://code.wireshark.org/review/10084
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Move an include guard to match our conventions (and make it easier
to spot).
Change-Id: I4bad61a0194219f69217713d051e0ff53ff5a76a
Reviewed-on: https://code.wireshark.org/review/10110
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use common code for all time stamps, so it's handled the same for the
Packet Block, Enhanced Packet Block, and Interface Statistics Block.
Show the high and low parts of the time stamp as fields; file dissectors
should show the raw file details. Mark the calculated time stamp as
generated, as it's not the raw file data.
Get the 64-bit time stamp by shifting the high part left 32 bits and
ORing in the low part; no need to play games with unions and byte order
Change-Id: I19b2c3227a3ca1e93ec653f279136aa18687581f
Reviewed-on: https://code.wireshark.org/review/10116
Reviewed-by: Guy Harris <guy@alum.mit.edu>