According to the EIGRP draft RFC (https://tools.ietf.org/html/draft-savage-eigrp-04#section-6.8.1), 2nd bit (0x2) in EIGRP classic bit field should be interpreted as Candidate Default (CD)
Reported by Garri
Bug:12136
Change-Id: I56dcbbc7db480e67962e2edfbd8d9c6b117f30ef
Reviewed-on: https://code.wireshark.org/review/13987
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for using regular expressions in the Search Frame
when searching in packet list, packet details and packet bytes.
This search is in many cases faster than plain string search.
Change-Id: I2d8a709046f90d7b278fb39547fc4e2e420623bc
Reviewed-on: https://code.wireshark.org/review/13981
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change g_list into wmem_list to solve the leak. Leak found by valgrind.
==14755== 3,384 (504 direct, 2,880 indirect) bytes in 21 blocks are definitely lost in loss record 3,380 of 3,418
==14755== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14755== by 0xA806610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==14755== by 0xA81C22D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==14755== by 0xA7FD4F3: g_list_append (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==14755== by 0x67CD825: build_get_attr_all_table (packet-cip.c:5402)
==14755== by 0x67CD825: proto_register_cip (packet-cip.c:8067)
==14755== by 0x71C83F9: register_all_protocols (register.c:229)
==14755== by 0x65F14D7: proto_init (proto.c:521)
==14755== by 0x65CF961: epan_init (epan.c:126)
==14755== by 0x1153F0: main (tshark.c:1220)
Change-Id: I9c25ee5b5bf04b9afb8b0bf22bb6f3d7022bf4d3
Reviewed-on: https://code.wireshark.org/review/13969
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The current code which dissects the idProduct (and to some extend the
idVendor) item for USB devices is overly complicated. A better method
to format the product string in the right way is using:
proto_tree_add_uint_format_value.
This gets rid of the additinal string and item manipulation altogether.
Change-Id: Iadd69b7dc284e62039402de53418f41460d88a5d
Reviewed-on: https://code.wireshark.org/review/13973
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The argument to the resize method for QByteArray is an int, not a
size_t.
Change-Id: Id30bc03daec6d6ead8669794b5cb0247718be66b
Reviewed-on: https://code.wireshark.org/review/13977
Reviewed-by: Guy Harris <guy@alum.mit.edu>
if the bit is set, it's an R(NAK) block
Change-Id: I0e44bd72d1c2a69a582792d08bf450e6ef2d163b
Reviewed-on: https://code.wireshark.org/review/13976
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add an option to decode the packet bytes from base64 or zlib compressed.
Also add configurable start byte and end byte to make it possible to
decode a subset of bytes. It's also possible to select a range in ASCII
view and select "Show selected" from the context menu to make a subset.
In ASCII view a null terminator is replaced by UTF8 symbol for NULL,
and a CR is replaced by UTF8 symbol for carriage return. This is done
to make it possible to "Show selected" from the context menu.
Change-Id: Ie03c9912c304c121af6ca9e998a6e8445b5382c5
Reviewed-on: https://code.wireshark.org/review/13958
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
File had both whitespaces and tabs for indentation. Replace
whitespace indentation with tabs. This is the same indentation
mode as ws80211.c file uses.
Change-Id: I46bbd675f5089eb502b489fdfd70f30510bc95ef
Reviewed-on: https://code.wireshark.org/review/13963
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The standard says that UDPv6 is the index 2. However, the dissector
contained the old implementation of RTI DDS (which had SHMEM = 2
and UDPv6 = 5). I have updated the dissector to be compliant with
the standard and indirectly be compliant with the new version of
RTI DDS which now implements the standard in this aspect.
Change-Id: Iaade0e457fda35362c04a7658d62242cf8868127
Reviewed-on: https://code.wireshark.org/review/13922
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. More Identity attributes
2. Port attributes
3. Set Attribute List request highlighted too much attribute data
4. TCP/IP object, Attr 5 needs padding
5. Switch most attributes to use wrappers instead of dissect_epath() directly.
6. Change new Volume 8 attributes to treat path size as words instead of bytes, when parsing size+EPATH formats.
Change-Id: I1b8c476475c6fbb9c7cdb99ec4a6c28934631a19
Reviewed-on: https://code.wireshark.org/review/13898
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
'const gpointer' is the same as 'void *const'. Replace with gconstpointer
where straightforward (assuming that was the intent) and use gpointer everywhere
else for clarity (that does not change *API* constness contract; it just means
a variable is not declared immutable inside the called funtion).
Change-Id: Iad2ef13205bfb4ff0056b2bce056353b58942267
Reviewed-on: https://code.wireshark.org/review/13945
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
TL and T0 are followed by TA(1), TB(1) and TC(1), in this order
Change-Id: I356da8bb475d55f36e5b9ff02d35fcf35c457223
Reviewed-on: https://code.wireshark.org/review/13961
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
use the same hf as for ATQB's FWI
Change-Id: I2c1db117688e16e91fc4072d9b6f4bba46f64fd6
Reviewed-on: https://code.wireshark.org/review/13960
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
We cannot easily predict what will happen, given the configuration of
the OS, the permissions on files, the availability of extcap devices,
the version of libpcap/WinPcap/NPcap (present or future), etc., etc.,
etc.. Allow those tests to succeed (as would be the case if you have
the necessary permissions) or fail with a non-command-line-syntax error
(as would be the case if you don't have the necessary permissions), but
not to fail with a command-line syntax error.
Change-Id: I76af898d5f146fcf3507c06f101acb578085e6fa
Reviewed-on: https://code.wireshark.org/review/13957
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add settings to the QLineEdit context menu to use textual or regular
expression search. Use this in Follow Stream and Show Packet Bytes.
Change-Id: I3a9f5a923f616629aa40a334921871f98b518f30
Reviewed-on: https://code.wireshark.org/review/13942
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: If33cf41f46f2be9c66fc4a626af6a2c010fba7d3
Reviewed-on: https://code.wireshark.org/review/13931
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
For 802.11n, if the GI length is present in the MCS field and is "short
GI", "gi_length" is equal to 1, not to 0, so set the "short GI" flag in
the generic radio information to "gi_length".
Bug: 12123
Change-Id: Ica2c5794698a643a6393f0468cdbfe025aa90074
Reviewed-on: https://code.wireshark.org/review/13950
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, add it to the list of dependencies.
Change-Id: I424c0657c87ab97d704b86a3b0722fb7f33b9f49
Reviewed-on: https://code.wireshark.org/review/13949
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, get rid of the stuff for the extcap programs, as that's now
handled by extcap/Makefile.nmake.
Change-Id: Ide94c1cfc97d50e5d9fabbb923d9c52cccb62fa0
Reviewed-on: https://code.wireshark.org/review/13947
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That lets the version of Wireshark built with autotools find the extcap
programs.
Don't install the extcap programs under ${datadir} - that puts it under
a share directory, and share directories are for platform-independent
files, which executable images aren't (they're instruction-set
dependent, hence platform-dependent).
Change-Id: I992eeb984bdbe6b3476777f7114628c83df6080f
Reviewed-on: https://code.wireshark.org/review/13943
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add additional --novlan flag for removing vlan tag info before checking for duplicates.
When capturing with -i any you could see packets more than once and some drivers include vlan info.
With the --novlan the vlan info is removed from the packet so that checksum duplication detection can be used,
if the rest of the packets are the same.
Change-Id: I5dca6e20259a0a396875919e9e60cc42291579d3
Reviewed-on: https://code.wireshark.org/review/13414
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From scan-build:
packet-lwm.c:466:33: warning: Assigned value is garbage or undefined
Change-Id: Ib9e1cfd3f9462d0bbb5a87ae4d323c333878323d
Reviewed-on: https://code.wireshark.org/review/13937
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
semcheck.c:986:24: warning: cast from function call of type 'sttype_id_t' to non-matching type 'int' [-Wbad-function-cast]
semcheck.c:986:5: warning: format '%p' expects argument of type 'void *', but argument 3 has type 'struct stnode_t *' [-Wformat=]
Change-Id: I83031251c83f6597eb7c31f35e02c5a95bd2dabb
Reviewed-on: https://code.wireshark.org/review/13930
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Have the Frame Relay dissector first check the fr.osinl table and then
the osinl.incl table, so that it finds Q.933 rather than Q.931 for an
NLPID of 0x08.
Change-Id: I1582482003c2ff96100f6c3e1eb77917ab04c9ee
Reviewed-on: https://code.wireshark.org/review/13929
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No need for platform-specific system header boilerplate.
Change-Id: I5387a0005ddb0d7aab3c5b9f28d6282053c1b0fd
Reviewed-on: https://code.wireshark.org/review/13865
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
If you hand that string to a UNIX API, it'll probably fail; you need to
expand ${datadir} in the *build* process.
Do it the same way we handle PLUGIN_INSTALL_DIR.
Change-Id: I09e8a8467ab7b0e912a174be3335ee1faff91abb
Reviewed-on: https://code.wireshark.org/review/13928
Reviewed-by: Guy Harris <guy@alum.mit.edu>
text2pcap.c:1254:17: error: statement is indented as if it were guarded by... [-Werror=misleading-indentation]
Change-Id: Ifa031f5faad3445bcd3ab893d83c5dc6386fe3a2
Reviewed-on: https://code.wireshark.org/review/13927
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
on my particular trace. This duplicates the value with the C/R-bit set. Needs
a proper fix eventually.
Small indentation fix.
Change-Id: I6bf7c560b5161994b8d90d7ae70724c03c6df73b
Reviewed-on: https://code.wireshark.org/review/13926
Reviewed-by: Jörg Mayer <jmayer@loplof.de>