When Wireshark attempts to read an SNMP packet with a variable-bindings item
with an OID containing an index string which includes an entry of type
"Unsigned32", Wireshark will stop dissecting the packet at this index entry and
end with the error:
[Dissector bug, protocol SNMP: proto.c:2761: failed assertion
"DISSECTOR_ASSERT_NOT_REACHED"]
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5883
svn path=/trunk/; revision=37558
1.) The resolution of the time values displayed by tshark's "-z io,stat, ..."
should be increased from milliseconds to microseconds (from 3 to 6 decimal
places) in order to be consistent with -z relative time-related options such as
"-z smb,rtt" and "-z rpc,rtt" which display values to 5 decimal places.
[Please note that separate enhancement requests for 6 decimal of precision in
Wireshark will be submitted shortly.)
2.) The "frames bytes" column displayed in '-z io,stat' is too narrow, frames
and bytes should each have 15 spaces like all the other column types.
3.) The types "FRAMES" and "BYTES" should be added to allow users to display
these values separately and allow for filters to be specified.
4.) The 'SUM' option should allow for relative time values such as SRTs to be
summed. This would be useful for the calculation of such things as
request concurrency (total_SRT_time / duration).
5.) The tshark man page needs some corrections and readability improvements
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4915
svn path=/trunk/; revision=37555
I made the following improvements to the Modbus/TCP dissector:
1. Implemented protocol to the latest specification (v1.1b). See
http://www.modbus.org/specs.php.
2. Upgraded to "tcp_dissect_pdus" instead of having the dissector do it
manually. This also provides TCP packet reassembly support.
3. Removed support for UDP port 502 because it's not supported by the protocol
specification. I believe "Decode As..." could be used in its place.
4. Added dissector support for the following function codes:
a) 8 - Diagnostics
b) 11 - Event Counter
c) 12 - Event Log
d) 43 - Encapsulation Transport (mostly for 43/14)
5. Removed support for function codes not in the protocol specification. None
of them were really being parsed, they just offered a "name" for the function
code.
6. Moved protocol #defines to header file for access from other dissectors. I
plan to have other dissectors use this, but one patch at a time.
7. Created "modbus" dissector that is accessible to other dissectors.
8. Renamed base "display filter name" to reflect PROTOABBREV.
I removed defines for value_strings, I think it's better to export the vaöue strings if needed.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5923
svn path=/trunk/; revision=37539
Handling of SercosIII if the plugin can not be loaded.
Changed the behaviour - if the SercosIII plugin is not available, the
openSAFETY dissector registers itself for ETHERTYPE_SERCOS. SercosIII
packages can not be dissected anyway in such a case and currently no
other dissector will handle those packages.
The following steps will be taken to display the situation to the user:
The message "SercosIII dissector not available, openSAFETY/SercosIII
native dissection." will be added to the tree. Additionally a similar
warning will be presented on the console during startup of wireshark.
All openSAFETY packages will be dissected, displaying the normal
openSAFETY information.
This will be more transparent for the customer.
svn path=/trunk/; revision=37533
- get_full_XXX functions are unused in the code
- A case statement which handles only 2 of the many enum elements
creates another warning promoted to error
- The patch removed usage of a variable but not the variable declaration
itself.
svn path=/trunk/; revision=37517
UATification of ESP
UATification of ESP SA keys. Some notes:
1. Trimmed a lot of fat removing the code that parsed (and reparsed) ESP SA
keys, since UATs can take care of all that.
2. There was no validation on the src/dest, so that was carried through (ie
there is still no validation of src/dest fields)
3. Formatting of the source was a little off, so I attempted to fix the
functions I needed to deal with. I know that's frowned upon, but the braces
were such that I couldn't tell if/else blocks to understand the code. If
somebody wanted to run an indent program on the file, that would be
appreciated.
Added some casts to make it compile on win64.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1123
svn path=/trunk/; revision=37516
Stig Bjørlykke