Switch the Command Prompt instructions back to using the
platform-specific variants. Switch back to setting WIRESHARK_BASE_DIR.
Change-Id: Ie9f865e5fac1312f2eb3762e439d53ab9a038bd4
Reviewed-on: https://code.wireshark.org/review/23112
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The old URL fetched VS 2013 when I tried it; update to a link that
fetches VS 2015.
Change-Id: Ib33e8f09bef51a532c986e70ae6ac5d9d1f1dabe
Reviewed-on: https://code.wireshark.org/review/23094
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The protocol help feature was completely removed in g09efa5fb8b and
deprecated long before that.
Change-Id: Ia0bde785002025c0cf9e3f783a5cad7f784938a2
Reviewed-on: https://code.wireshark.org/review/23076
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Including attributes in Public Action frames and those that can appear in GAS
frames.
Change-Id: I8d2a717984295592952b8fff82879197ace2a4b2
Reviewed-on: https://code.wireshark.org/review/22615
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update the Windows section for Visual Studio 2015. Copy the content from
README.cmake to its own WSDG section and remove README.cmake.
Remove the PowerShell sections. Our required version (2.0) ships with
every supported version of Windows. Remove the sed section.
Change-Id: Id37c6e71bacc247a3ed1992adb1408ec13f6a187
Reviewed-on: https://code.wireshark.org/review/22940
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This will leave more room for messages on smaller screens. Set the
default OFF because this is probably only useful for developers.
Group Status Bar settings in the Layout frame.
Change-Id: Iea9a55b6c088aac10ee7680b1e8a882ed00c73be
Reviewed-on: https://code.wireshark.org/review/22824
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The information about the selected packet number is available from
the Number column and from the Frame entry in the Packet Details
so make the entry in the status bar optional.
Also remove duplicate "Packet:" entry, add the UTF8_MIDDLE_DOT
separator and rename the prefix to "Selected Packet:".
Bug: 13902
Change-Id: I0e7ba884bdcbdc87a5738223ef92f52e4ac195e5
Reviewed-on: https://code.wireshark.org/review/22807
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Rename "enterprises" to "enterprises.tsv" so that its format is a bit more
obvious and so that double-clicking the file might do something useful.
Add it to the Windows packages.
Change-Id: I5ef54a04ce1b4926aa4535e756e04b3e2a56d463
Reviewed-on: https://code.wireshark.org/review/22616
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"enterprise-numbers" is converted to tab-separated values and renamed
"enterprises". Unused fields are stripped.
PENs are stored in a hash table loaded at run-time.
User "enterprises" file is loaded from the personal config dir.
Misc make-sminmpec.pl improvements and fixes.
Note: names of type "Entity (formerly ...)" have the formerly part commented out for a cleaner output.
Change-Id: I60c533afbe3e399077fbf432088064471ad3e1e2
Reviewed-on: https://code.wireshark.org/review/22246
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
The filter expressions data was shoved into the preference file in a
very loose, non-arrayed form. It's much easier to manage in code
(and for users in a separate file) as a UAT.
The GTK GUI was hacked to use the existing UAT dialog rather than
rewrite the pref_filter_expressions.c to support a UAT. Should
be okay since it's deprecated.
Change-Id: I688cebb4b7b6594878c1398365e79a205f1902d9
Ping-Bug: 13814
Reviewed-on: https://code.wireshark.org/review/22354
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make the "matches" operator case-insensitive by default. Case
sensitivity can be switched back on using "(?-i)".
It might be nice to make "contains" case-insensitive as well, but we'd
need a caseless version of epan_memmem.
Change-Id: I5e39a52c148477c30c808152bcace08348df815a
Reviewed-on: https://code.wireshark.org/review/22330
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The spurious retransmission check operates on the last-seen
acknowledgment in the reverse direction. Adjust the analysis logic so
that it is checked independently of the forward sequence number.
Update the documentation accordingly.
Change-Id: I3714f44398501a581f967c61e119fe95f90209b1
Reviewed-on: https://code.wireshark.org/review/21769
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Initial implementation of LoRaWAN dissector based on LoRa Alliance specification.
Features:
- Frame dissection for fields as per documentation
- Payload decryption
- MIC verification
Not implemented:
- Region specific information (frequencies etc)
- Statistics
Bug: 13775
Change-Id: I6031755dfd582dd78ed7c2566cdb390c577c9078
Reviewed-on: https://code.wireshark.org/review/22017
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With this commit, tshark will mimic the packet coloring present in the
Wireshark GUI whenever "--color" is passed. This initial commit only
adds such support for the standard text output format. A future commit
could potentially broaden this support to other output modes (such as
"-V" mode).
Bug: 5158
Change-Id: I59329e32475b0c67e28802e79610544d4868ea2d
Reviewed-on: https://code.wireshark.org/review/21325
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add support for handling LoRaTap (https://github.com/eriknl/LoRaTap) DLT in
wiretap and add dissector for LoRaTap headers.
Exposes Syncword for subdissectors to dissect frame payload.
Change-Id: Ie4ba2189964376938f45eb3da93f2c3376042e85
Reviewed-on: https://code.wireshark.org/review/21915
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Asciidoc will just create a link from a URL that appears in the text. If
we want the link to appear as an address without a description, there's
no need to add an empty description. We should, however, have a space
behind the link to separate it from the text that follows.
Change-Id: Ic01b1dbbea922d785776f1965481ed58f389e30a
Reviewed-on: https://code.wireshark.org/review/21789
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
len() can now handle FT_STRING, FT_STRINGZ, FT_STRINGZPAD,
FT_UINT_STRING, FT_BYTES, and FT_UINT_BYTES
through the use of fvalue_length()
Change-Id: I53baf2657f7804f64e63e4645d0b84b782ae9b08
Reviewed-on: https://code.wireshark.org/review/21775
Reviewed-by: Michael Mann <mmann78@netscape.net>
Try to document as accurately as possible the circumstances under which
each TCP analysis flag is added.
Update some TCP debugging code.
Change-Id: I793756f73b8ade328e150acf32bc203792e29449
Reviewed-on: https://code.wireshark.org/review/21749
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I0974f13a032a908bcc27f583c3e059f57959881f
Reviewed-on: https://code.wireshark.org/review/21552
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Bug: 13689
Change-Id: I9573d0106a1639cfc2d416a4146f558047cfd67e
Reviewed-on: https://code.wireshark.org/review/21524
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
UDP-NM is an automotive communication protocol as standardized by
AUTOSAR and is specified in AUTOSAR_SWS_UDPNetworkManagement.pdf,
which can be accessed on:
autosar.org -> Classic Platform -> Software Arch -> Comm Stack.
It can run over UDP or CAN, which is why "UDP" is not in any user
exposed strings.
Change-Id: I68adfd941c193588a6c8ef0fe1cb7271f921623e
Reviewed-on: https://code.wireshark.org/review/21437
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This prevents ASCIIDOC2xxx from being invoked (which would define
useless targets and error out during the build since a2x is missing).
Now Wireshark.sln builds successfully without Cygwin.
Change-Id: I37684ce4a2ef22bdc74b388ced44271e14a1d337
Reviewed-on: https://code.wireshark.org/review/21384
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
An extcap utility can provide configuration for controls to use in a
GUI interface toolbar. This controls are bidirectional and can be
used to control the extcap utility while capturing.
This is useful in scenarios where configuration can be done based on
findings in the capture process, setting temporary values or give other
inputs without restarting current capture.
Todo:
- Add support for Windows
Change-Id: Ie15fa67f92eb27d8b73df6bb36f66b9a7d81932d
Reviewed-on: https://code.wireshark.org/review/19982
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Only commands and top-level attributes are recognized, no specialization
is done (yet?) since it is a large protocol.
Fields are extracted from Linux v4.10-rc4-749-g8585989d146c using the
"tools/generate-nl80211-fields.py --update" command.
Depends on the Generic Netlink (genl) dissector.
Change-Id: I7f81b91e3beacca8ebcb853137212406004f65e8
Ping-Bug: 13561
Reviewed-on: https://code.wireshark.org/review/20914
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For consistency with other netlink dissectors, the file is named
"netlink-generic", but the short protocol name is "genl" for brevity.
Ping-Bug: 13561
Change-Id: I6f94454f8366467fd833c3e57364c515aee9e86f
Reviewed-on: https://code.wireshark.org/review/20875
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Additional dissectors for Mesh Link Establishment (MLE) and Thread CoAP
TMF messages. MLE is also used in ZigBee IP.
Change-Id: I5b9c224d7df48855b79ccac67dca7661a51d0a9b
Bug: 13495
Reviewed-on: https://code.wireshark.org/review/20594
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Enhancements to security processing add support for Thread, MLE and ZigBee
IP. Thread and ZigBee IP use a hash for key derivation for MAC and MLE
security processing. Thread additionally uses a sequence counter.
Ping-Bug: 13495
Change-Id: Ib8351b21e5615cd44880f5126f59fd0dc0a11742
Reviewed-on: https://code.wireshark.org/review/20585
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
While "cmake -DENABLE_CHM_GUIDES=ON" succeeds on Linux, the actual build
fails. Since the default for ENABLE_CHM_GUIDES is OFF, let's fail early
when ENABLE_CHM_GUIDES is requested.
When hcc.exe is found, do report the package as available.
Change-Id: If6fc3eb18f1150c251e2886f1f16277669f8ec25
Reviewed-on: https://code.wireshark.org/review/20811
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Bug: 13541
Change-Id: Ie8133be9ef7b3943d8cf66c5c4fe024250912253
Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Reviewed-on: https://code.wireshark.org/review/20820
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Id574fc20e17333646d615cab415b2d40b4487375
Reviewed-on: https://code.wireshark.org/review/20333
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Default value for snaplen is defined in wiretap/wtap.h:
#define WTAP_MAX_PACKET_SIZE 262144
and used in capture_opts.c:
capture_opts->default_options.snaplen =
WTAP_MAX_PACKET_SIZE;
but help and man pages don't reflect this change.
Change-Id: I35ddf1e8b7ffd657f4e01b3fe6b4c44c9acece2b
Reviewed-on: https://code.wireshark.org/review/20738
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I25bab6eb1072bec102e00a76027c7742a0ea883b
Reviewed-on: https://code.wireshark.org/review/20714
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since v2.1.0rc0-184-gb0b53fa593, $XDG_CONFIG_HOME/wireshark (instead of
$HOME/.wireshark) is used, clarify this in the WSUG and manuals.
Change-Id: I74a6f9b86bd8d54ee326ca83d7536e091d6da08a
Reviewed-on: https://code.wireshark.org/review/20364
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since v2.1.0rc0-184-gb0b53fa593, the config directory has changed.
Change-Id: Idbeb62f2393d1a4ec192da2d85e6bfb76782aeb8
Reviewed-on: https://code.wireshark.org/review/20365
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add the ability to move back and forth in the packet selection history
similar to GTK+. Update the documentation accordingly.
Change-Id: If1fdc1e59b240c0588c292dc0f7f0a5f083c30e1
Reviewed-on: https://code.wireshark.org/review/20320
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for resetting the Default profile by deleting it in
the Profile Dialog. All profile files will be deleted and all
other files will be kept.
Change-Id: I795a6db3ee7b2c29e7aba461183e6cc411798b75
Reviewed-on: https://code.wireshark.org/review/20097
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Removed all guards for HAVE_LIBGCRYPT, change autotools and CMake to
error out if it is not available. Update release notes, developer
documentation and README with the new status. Clarify relation with
GnuTLS in macosx-setup.sh. Install Libgcrypt via brew script.
Motivation for this change is that many dissectors depend on Libgcrypt
and having it optional increases the maintenance burden (there have been
several compile issues in the past due to the optional status).
Furthermore, wsutil has crypto code that can be replaced by Libgcrypt.
Change-Id: Idf0021b8c4cd5db70b8766f7dcc2a8b3acbf042f
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20030
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Adds support for IndigoCare nursecall protocols
Bug: 13241
Change-Id: I83098c15d467ea42da8301c6b6a5568d9892fc60
Reviewed-on: https://code.wireshark.org/review/19224
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added examples for the matches, contains and bitwise_and operators.
Most of the text and the examples have been taken from the wiki and the
wireshark-filter manpage.
Bug: 13320
Change-Id: Icd9a325c05ecd4ecd1cbde8162a4c88cae335d1d
Reviewed-on: https://code.wireshark.org/review/19758
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Any call of the form tvb_new_subset_length_caplen(tvb, offset, -1, -1)
should instead be tvb_new_subset_remaining(tvb, offset).
Change-Id: I4bc95b028103ea4fc82453ef3460c147d7ccabd6
Reviewed-on: https://code.wireshark.org/review/19598
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
NVM Express is high speed interface for accessing solid state drives.
NVM Express specifications are maintained by NVM Express industry
association at http://www.nvmexpress.org.
Bug: 13201
Change-Id: Id40edaf72838eea9f4087c8ddba9518a9374efab
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/19063
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Parav Pandit <paravpandit@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit introduces a new dissector aimed at decoding the USB
protocol used by X-Rite i1 Display Pro (and derivatives) colorimeter. It
is based on reverse engineering work by Graeme Gill from the ArgyllCMS
project.
Change-Id: Icdfd0c3f75499d0df4360c6eb6856078de30ba56
Reviewed-on: https://code.wireshark.org/review/18901
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ping-Bug: 12759
Change-Id: Ic4d47155168978541fb8c3670fcabaf3c35f8aad
Reviewed-on: https://code.wireshark.org/review/19187
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Applications can also use GSMTAP framing to convey log messages
which would traditionally be printed on stderr or on log files. This
allows the ordered/interspersed display of protocol messages with log
lines from the applications that send or received those messages.
The osmocom logging framework (part of libosmocore) implements this in
libosmocore.git Change-Id I9a7e72b8c9c6f6f2d76d1ea2332dcdee12394625
Change-Id: I0de723445e5b5ce0199a4081808111240a9ed047
Reviewed-on: https://code.wireshark.org/review/19183
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The ASCIIDOC_CONF_FILES setting for asciidoc was only generated
if any of the guides were being built.
Clean up a dup setting and some and blank lines in FindASCIIDOC
Change-Id: Ie8ab97db09e18cdb8d7e2a7bd4dcf8c288dd036f
Reviewed-on: https://code.wireshark.org/review/19291
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
This was inspired by the https://www.wireshark.org/lists/wireshark-dev/201505/msg00029.html thread.
Used TCP and NTP dissectors as the guinea pig with sample use.
Documentation updates includes some unrelated cleanup just because it was noticed.
Change-Id: I59b26e1ca3b95e3473e4757f1759d7ad82976965
Reviewed-on: https://code.wireshark.org/review/19211
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Many capitalization can be found for this library (spandsp, Spandsp, SpanDSP),
let's use the one found in the library README and in its spec file.
Change-Id: Ia66b723e5d582a6218da1b6366b7d4859272f80c
Reviewed-on: https://code.wireshark.org/review/19122
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add a combobox for selecting the output device and populate it with our
available devices. Let the user know if our output format isn't
supported.
Ping-Bug: 13105
Change-Id: I299c7d0f191bb66d93896338036000e2c377781f
Reviewed-on: https://code.wireshark.org/review/19046
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Integrate the Spandsp library for G.722 and G.726 support. Adds support
for G.722 and all eight variants of G.726.
Note: this also fixes a crash in Qt (buffer overrun, reading too much
data) caused by confusion of the larger output buffer (resample_buff)
with the smaller input buffer (decode_buff). It was not triggered before
because the sample rate was always 8k, but with the addition of the new
codecs, a different sample rate became possible (16k).
Fix also a crash which occurs when the RTP_STREAM_DEBUG macro is enabled
and the VOIP Calls dialog is opened (the begin frame, start_fd, is not
yet known and therfore a NULL dereference could occur).
Passes testing (plays normally without bad RTP timing errors) with
SampleCaptures files: sip-rtp-g722.pcap and sip-rtp-g726.pcap. Tested
with cmake (Qt), autotools (Qt and GTK+) with ASAN enabled.
Bug: 5619
Change-Id: I5661908d193927bba50901079119eeff0c04991f
Reviewed-on: https://code.wireshark.org/review/18939
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
A new "--export-object <protocol>,<destdir>" option is added to tshark.
This required refactoring Export Object behavior in all GUIs to give the
export object handling to the dissector, rather than the ui layer.
Included in the refactoring was fixing some serious memory leaks in Qt
Export Object dialog, crash due to memory scope issues in GTK Export
Object dialog, and addition sorting column feature in Qt dialog (set
up by creating a widget to manage the items that were previously
leaking memory)
Bug: 9319
Ping-Bug: 13174
Change-Id: I515d7662fa1f150f672b1476716f347ec27deb9b
Reviewed-on: https://code.wireshark.org/review/18927
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Rename the text highlight enum "HighlightMode" to make its use and
intent more clear. Add a mode for the offset highlight instead of using
a separate variable. Use our palette to draw the hover highlight colors.
Add a note about colors to the Developer's Guide.
Change-Id: I488b2512a5058e17eb5b49c8ac55616100f32fbc
Reviewed-on: https://code.wireshark.org/review/18953
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This dissector allows Snort to process all of the
packets passed to Wireshark, and for the alerts to
be shown in the protocol tree. It is also possible
to set the source of alerts to be packet comments.
Change-Id: I6e0a50d3418001cbac2d185639adda2553a40de8
Reviewed-on: https://code.wireshark.org/review/18848
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Move the replacement definitions in asciidoc.conf to
attributes.asciidoc. This makes the markup a bit cleaner and is more
compatible with AsciiDoctor. Use a standard naming scheme for URLs.
Change-Id: Ica73aaadb013be2a4e6a3963fb54e6db6e02e98f
Reviewed-on: https://code.wireshark.org/review/18655
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: Ieb36a77a98da1ce6e5de34010806cdc05f8e6533
Reviewed-on: https://code.wireshark.org/review/15637
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anish Bhatt <anish@gatech.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The feature activates/deactivates fullscreen mode of Qt UI.
A new menu item has been added as well as a shortcut (F11 or Ctrl+Cmd+F)
according to browsers common shortcut.
Change-Id: I01906b494d0a13ce70d27c00ebbe03e6ec87cbd7
Reviewed-on: https://code.wireshark.org/review/18332
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix the casing of the preference while at it (it now matches other name
resolution preferences).
Change-Id: Ibfecbc94f9eccefa7d3b1a50ae2598dfefb707a2
Reviewed-on: https://code.wireshark.org/review/18330
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I suggested disabling GTK+ by default at Sharkfest EU and no one
objected, hence this patch.
Disable it by default in both Autotools and CMake. Make sure it's
enabled for Debian packaging. The RPM packaging enables GTK3 explicitly
so no change appears to be necessary there.
Change-Id: If5daeaef4bb26cf60006bc8883be15b2cf6c6ae4
Reviewed-on: https://code.wireshark.org/review/18256
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Improve example with better formatting, clarification comments and more
common variable names.
Extend make-wsluarm.pl to support arguments containing underscores.
Fixes the description of dissect_tcp_pdus.
Change TvbRange.tvb(tvb) into tvbrange:tvb() and ByteArray.tvb(name)
into bytearray:tvb(name), these are really instance methods.
Change-Id: I1e20ef46195dc6c06f9ac790d3432db283d21a5e
Reviewed-on: https://code.wireshark.org/review/18226
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Running "ninja developer_guide_html" somehow did not produce a new HTML
docbook once wsluarm.ascii (a dependency of developer-guide.xml) was
modified.
It turns out that output file docbook/wsdg_html/index.html only had a
ordering-only dependency on target generate_developer-guide.xml. An
extra dependency is needed on the output file to ensure that the HTML
file gets rebuild on changes.
See the last note on
https://samthursfield.wordpress.com/2015/11/21/cmake-dependencies-between-targets-and-files-and-custom-commands/
Fixes v2.1.0rc0-2137-gd544ecd ("cmake: fix parallel docbook build").
Change-Id: I7689c71994f13b29cf7f8561f7c993aa8298632d
Reviewed-on: https://code.wireshark.org/review/18225
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
http://fc00.io/
Bug: 13014
Change-Id: I846d4dc28a8cb03bc877f0b4a392864100019d2d
Reviewed-on: https://code.wireshark.org/review/18117
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12985
Change-Id: Iceacd3d122337091380d56bd7fa9875bf7cb4d47
Reviewed-on: https://code.wireshark.org/review/18134
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12906
Change-Id: I0dafdd74b21b27189d0a532c679e449c536f76f0
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/17725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The Osmux protocol bundles multiple AMR frames inside one UDP packet to avoid
the overhead of having one IP/UDP/RTP packet per AMR frame. It is used by the
osmocom project.
Sponsored-by: On-Waves ehf
Change-Id: I8fb21e54adec8d8bd7ac5ebd2154100a73ab71c9
Reviewed-on: https://code.wireshark.org/review/16996
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12942
Change-Id: I69ab22caa9938167db421ca2f0346ca086280823
Reviewed-on: https://code.wireshark.org/review/17890
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Set variablelist.as.blocks in custom_layer_pdf.xsl so that we don't end
up with list text squeezed into tiny columns on the right. Set column
widths for most of our tables.
Change-Id: I3fe47d945a7945618012c9de1fc0e97b788dea9e
Reviewed-on: https://code.wireshark.org/review/17893
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Adjust the column widths of some tables to that they render more cleanly
and without FOP warnings. Move some table content to plain text instead
of trying to shove it into table cells. Fix some other layout and
formatting.
Change-Id: I40e40fd7ca5c3cc594ea30c8b1ad233afd4cdca4
Reviewed-on: https://code.wireshark.org/review/17880
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Wrap monospace text in our PDF output. Fix the formatting of a list. Fix
an anchor reference.
Change-Id: Id9433f3e3462569299e6702b4a4e137481ad80c4
Reviewed-on: https://code.wireshark.org/review/17877
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pass relative image directory paths to xsltproc. The DocBook documentation
says you can use a URI, but trying to get that to work with CMake
and Windows appears to be a path to tears and undignified wails of
frustration.
Add attributes for our different types of images and use them so that
the PDFs don't scale our screenshots to an unusable size.
Change-Id: I786d09d9ef9be3d423b2af426a8867739ae12c1a
Reviewed-on: https://code.wireshark.org/review/17688
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This change based on BlueZ code on the same license that Wireshark is.
It seems that a lot of commands/events are incomplete or unknown,
however better to have them.
Also rename variables (etc.) of the first dissector to contain
vendor name like new one, to distinguish them.
Change-Id: I2db3ed73d477699032a44bac2d3c88a9230b0095
Reviewed-on: https://code.wireshark.org/review/17657
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 12687
Change-Id: Ib489b4c6aff1e0611e9b8a086054e56284f24b84
Reviewed-on: https://code.wireshark.org/review/16787
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add notes about the Windows Installer and source packages.
Change-Id: Ic1aea3b547afab6dfdf0218b6ea257046a20cf00
Reviewed-on: https://code.wireshark.org/review/17562
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a checkbox which lets you toggle between absolute and relative start
times. Use the local time for now. Fixes bug 11618.
Adjust our time precision based on the capture file's time precision.
Fixes bug 12803.
Update the User's Guide accordingly.
Bug: 11618
Bug: 12803
Change-Id: I0049d6db6e4d0b6967bf35e6d056a61bfb4de10f
Reviewed-on: https://code.wireshark.org/review/17448
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a timeline indicator to the Start and Duration columns in the
Conversations dialog. Add tooltips to the columns that explain what's
going on.
Round the timeline rect corners and do the same for Prototocol Hierarchy
Statistics. This should hopefully differentiate the graph bars from a
text selection and IMHO it looks better.
Update the PHS and Conversations images in the User's Guide.
Change-Id: I61d6c25843be522cc444e01ba77cb5b1e991fa36
Reviewed-on: https://code.wireshark.org/review/17396
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The RFtap protocol is a simple metadata header designed to provide
Radio Frequency (RF) metadata about frames.
For official specifications see: https://rftap.github.io/
Signed-off-by: Jonathan Brucker <jonathan.brucke@gmail.com>
Change-Id: I0d008b2baadcc5cc9577113e9795eef2691b961a
Reviewed-on: https://code.wireshark.org/review/17355
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>