Modifications to RTT graph:
- change x-axis to time (s) rather than sequence number
[ avoids sequence number wraparound ambiguity, plus
easier to correlate RTT changes to tcptrace graph ]
- change RTT computation to properly handle acks to GSO packets
- change RTT computation to take SACK blocks into account
Bug fixes:
- eliminate potential memory leak if some packets are unacked
- ensure RTT graph is shown if TCPGraph window is opened to it directly
Change-Id: I2bdcab97399ebde0f15c78fa19c882529a814580
Reviewed-on: https://code.wireshark.org/review/19662
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Last parameter is the destination buffer size, not the number of bytes to copy.
Bug: 13332
Change-Id: I9a6f5231d2d7a94fd5e692e8bbf4f5dba30b7c1a
Reviewed-on: https://code.wireshark.org/review/19677
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12859
Change-Id: Iaf2242b0dcf16f211d5a7565b96099cc44e8bf3d
Reviewed-on: https://code.wireshark.org/review/17899
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dissectors can register shutdown functions, that will be called
just before program exit. Those function will free the memory
allocated during the init function.
Change-Id: Id88228af2cc916bfb316fe7b36d46499f6e4f8d4
Reviewed-on: https://code.wireshark.org/review/19282
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Interpret packet contents according to the descriptive fields contained
in the BB header. Instead of always assuming a Generic Stream frame format,
use the TS/GS field to detect Generic Stream, Generic Packetized, Transport
Stream, or (reserved) frame formats and decode accordingly.
In the case of Generic Stream frames, check the validity of header fields
ISSYI, NPD, and UPL, and issue expert info if they are invalid for Generic
Stream frames. Then dissect as GSE (as before).
For other frame formats, just dump them as bytes for now.
Change-Id: I6b040207f83369110eb704c543861c887f77baa7
Reviewed-on: https://code.wireshark.org/review/19634
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
V6.0 only has one space after "ETHERWATCH", not two so heuristics fail.
"ETHERWATCH " (one space) still seems like enough of a distinction.
Bug: 13093
Change-Id: Ib8786f6e2f5f595a4cab710b91cf78d175a6ab88
Reviewed-on: https://code.wireshark.org/review/19673
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Detailed decode of Membership status & User Position in GroupID Mamagement frame.
Bug: 13322
Change-Id: I74b1d93757e3e10a2a0d4423fcfdcd2265e1bd62
Reviewed-on: https://code.wireshark.org/review/19564
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This metric is commonly used as an estimate of the sender's congestion window.
[ when examining a capture taken from the sender ]
Change-Id: I812d5556cef477c08ef1e5d396fbdddda9a6751e
Reviewed-on: https://code.wireshark.org/review/19661
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Because of the DNS name encoding, the consumed bytes in the tvb and
the length of the string of the dns name can be different. We need
to handle them separately for the purpose they are. Moreover the
name string can contain null bytes, then we can't rely on strlen()
but we need the actual length.
Subsequent calls to proto_tree_add_string() will require to pass
the string to format_text() in order have non-printable characters
printed.
Bug: 13289
Change-Id: I6d0b295867ece265f8995f82da2c629992aeb703
Reviewed-on: https://code.wireshark.org/review/19539
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
update support of draft-ietf-pce-segment-routing-08
Change-Id: I4d25268bb331462fbe219f242ff8278b017de37b
Reviewed-on: https://code.wireshark.org/review/19642
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
First Ack Block is always present in ACK Frame (don't depend of present of NACK)
Change-Id: I702151a6ccb236272ace9dfdf0f4b507a549871e
Reviewed-on: https://code.wireshark.org/review/19627
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Improved operation_code map to resolve RSVD v2 codes.
Changed GET_FILE_INFO -> GET_INITIAL_INFO for spec conformance.
See https://msdn.microsoft.com/en-us/library/dn392322.aspx
SMB2 IOCTL FSCTL_SVHDX_ASYNC_TUNNEL_REQUEST must be handled in the same way as FSCTL_SVHDX_SYNC_TUNNEL_REQUEST:
RSVD dissector must be used (new async flow used by RSVDv2).
See https://msdn.microsoft.com/en-us/library/dn366375.aspx
Ping-Bug: 11232
Change-Id: Ie51773fc2199a7674538101b87cec398354bd97a
Reviewed-on: https://code.wireshark.org/review/19657
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If7c790c25ed24da1b1442ee86e3a2f75bd3f8856
Reviewed-on: https://code.wireshark.org/review/19658
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For running through the postseq cleanup and final registration lists, we
can use the same dummy function call_routine() that is used for the init
and the cleanup lists. We don't need our own copies.
Change-Id: Ia1ea647d5831adda26dab86eceba8fcf704ce122
Reviewed-on: https://code.wireshark.org/review/19668
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Create pinos for all of the PPP protocols options and a dissector table to store
them all. Adapt a new version of dissect_ip_tcp_options, (now ppp_dissect_options)
that uses the dissector tables for name of options and dissection function.
Also standardize the dissectors for all protocols so that all include type and
length in the dissection.
Change-Id: I0033574e2831789040a1ce2857bf0e825d791cbe
Reviewed-on: https://code.wireshark.org/review/19656
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ic1972399b706407ce8f15a3e554f1304a36d1009
Reviewed-on: https://code.wireshark.org/review/19663
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Call to plugin_if_get_ws_info when no packets are being displayed
causes an Access Violation in plugin_if_mainwindow_get_ws_info
as the pointer in cf->current_frame is NULL.
Bug: 12973
Change-Id: I33e8fe6f3894963a6f1f1ec9aa9169f85e1e3b18
Reviewed-on: https://code.wireshark.org/review/19659
Reviewed-by: Roland Knall <rknall@gmail.com>
Like for OpenFlow (v4/1.3) (g4b7c2781fb)
Change-Id: I61cfea015e548e5eaa37856df86e96bd0ba21795
Ping-Bug: 13221
Reviewed-on: https://code.wireshark.org/review/19644
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I0275a6e0d5d151f086d96c6388b9fa647ea0085c
Reviewed-on: https://code.wireshark.org/review/19654
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Now all unimplemented commands are in /* TODO */
Change-Id: I53c8dd0a660b62403214a3c75297e627337ed5fb
Reviewed-on: https://code.wireshark.org/review/19645
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia28ceef189f8fe16105da88c01e1a159d5029c0a
Reviewed-on: https://code.wireshark.org/review/19655
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If4c35d18db1dc982e981004838e0eabbf4479e78
Reviewed-on: https://code.wireshark.org/review/19653
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Iafc9f1c4b2a0210d8098b37eefc095e740182258
Reviewed-on: https://code.wireshark.org/review/19648
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Length of CDBBuffer must be always 16 bytes
If CDBLength is less than 16, add padding bytes
Change-Id: I241a10325ebe17b32469eaf7dc530fc7fe2105de
Reviewed-on: https://code.wireshark.org/review/19628
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch adds support to dissect data of the connect command which
comes along with the cmd in same packet.
It also removed unwanted tvb addition for rdma fabric commands,
completion and nvme commands.
Bug: 13201
Change-Id: I33062f67a69cdca4b909ed8c08201dea5e0aa095
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/19632
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
I've tested with pcaps from SampleCaptures (wiki).
Change-Id: Ifa1b628fbc675843c54dfd4b993809fd072dc69c
Reviewed-on: https://code.wireshark.org/review/19636
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
use same indent like packet-xml.c
Change-Id: I687b0306ba1d3559ce4a299a0e66c55e3f04fdfd
Reviewed-on: https://code.wireshark.org/review/19641
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I1a4b50873a183c0f6051dc0db3fecf5e62c92cbb
Reviewed-on: https://code.wireshark.org/review/19633
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Avoid leaking memory for the stringified UAT field values (tostr) and
for copies of rows.
Change-Id: I1bf20035fabe92da8216c820bc47ebce7dd73951
Reviewed-on: https://code.wireshark.org/review/19604
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
GSE Padding is outside of any GSE Packet and continues to the end of the
Baseband Frame, per 4.2.1 of ETSI TS 102 606-1.
Added dvb-s2_gse.padding as an integer representing the length in bytes
of the padding field.
Change-Id: I9ed22c37a1969059a09ba44d9e3473cb9d0a1880
Reviewed-on: https://code.wireshark.org/review/19579
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hex digits 0xa through 0xe are '*', '#', 'a', 'b', and 'c',
respectively.
Constify the dgt_set_t argument to tvb_bcd_dig_to_wmem_packet_str(),
while we're at it.
Bug: 13316
Change-Id: I7586f35d23fd262453779d99946e7ccad4b6ffab
Reviewed-on: https://code.wireshark.org/review/19620
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This patch passes RDMA read request packets to ULP dissectors similar to
other RDMA packets so that ULP dissector can have opportunity to show as
upper layer protocol instead of IB or RRoCE.
Change-Id: I594d8eada858b7f77fc94be44e3639526789779e
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/19619
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I00fea4d2e8c4d7fc8fc54627ced21796d40b854a
Reviewed-on: https://code.wireshark.org/review/19616
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The current mechanism that reads the first 20 blocks looking for a headerd
oesn't work in all cases. I was given sample files that consist of
data blocks only and have no header.
Use a new approach to detect a .camins file by searching for pairs of
size high + size low blocks, either read or write. Go through the
entire file. If we have significantly more pairs than single, non-matching
blocks, this is a camins file.
Change-Id: Ic91e7db7149b105e26896d1a89cad4a2a73d0f13
Reviewed-on: https://code.wireshark.org/review/19603
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Remove unnecessary Q_DECLARE_METATYPE macros and replace calls
to QVariant conversions with VariantPointer where necessary
Change-Id: Ia4690590095f930bf94644197de7fa30b00ee7ec
Reviewed-on: https://code.wireshark.org/review/19611
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
The list of points (for interface traffic statistics) is part of the
interface tree model/view. Remove the pointer indirection to simplify
cleanup and avoid leaking a PointList.
Note that the SparkLineDelegate is used in two different places
(CaptureInterfacesDialog and InterfaceTreeModel).
Change-Id: I5fef7dadd44fdf58c07844fee269f509c712a36f
Reviewed-on: https://code.wireshark.org/review/19606
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: Ie68a5c6c193f362e78d4f4b1f20edf7747e2313f
Reviewed-on: https://code.wireshark.org/review/19614
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Kevin Hogan