[Actually 1 g_malloc() + N tvb_memcpy() instead of
~ N g_malloc()/g_free() + N*(N+1)/2 tvb_memcpy() where N = number of chunks].
svn path=/trunk/; revision=40242
- New Config option to configure the sequence of frames using UDP
- an Info will be added, if the SCM UDID is not configured or if it is wrongly
configured, so that the user can act on it.
- SCM UDID will only be printed if configured correctly, if not a warning will
be added to inform, that the first byte for the UDID will be assumed to be 00
- UDP dissection can enforce the number of sub-package the dissection should
assume
- SSDO: isRequest is determined by it's field not by the message id
- SSDO: Unused code for SNMT Reset Guarding SCM has been removed
- SNMT: error_group and error_code for SN_FAIL have not been dissected
correctly
- Sercos III: bug != instead of ==, is fixed
- dissect_opensafety_udp renamed to dissect_opensafety_udpdata, because of
future dissector called opensafety_udp which will handle transport of
openSAFETY data over UDP
- dissect_opensafety_udpdata enhanced to determine the index of the given frame
in the package. Needed for correct assembly of COL_INFO
- Added heuristic dissector hook for opensafety_udp dissector. The dissector
will be submitted to this list at a future point
- Enhanced description of the dissector to reflect it's capabilities
- Reworked the description for the config options to be more understandable
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6672
svn path=/trunk/; revision=40214
Essentially: generate tvbuffs as needed; don't save them for later reuse
with the result they are never freed.
Also:
- move a struct from packet-nfs.h to packet-nfs.c since it's only used locally;
- reformat some long lines.
svn path=/trunk/; revision=40205
call, and using ep_address_to_str(), so it can handle any address type,
including AT_NONE if the source address isn't available.
svn path=/trunk/; revision=40196
protocol.
Point to an HP document o the protocol, and discuss the two ways to hook
up the dissector.
Don't bother checking the destination address - either the OUI/PID
suffices, or the MAC address is both necessary and, presumably,
sufficient and we need to introduce a heuristic dissector table for SNAP
frames. What's more, there's no guarantee that the destination address
is a MAC address - it might be absent, e.g. because you're capturing on
the Linux "any" device and are getting the "Linux cooked" header, with
only a destination address.
Don't put the source address into the Info column - it's already in the
source column *if* it exists (which it might not, for packets captured
from the "any" device and sent by the machine doing the capturing).
svn path=/trunk/; revision=40195
Actual problem:
A REAL_DATA tvbuff wasn't being added to the "data_sources"
for a frame. When displaying the frame, when a field referencing the tvb was selected
for display there was no 'hex bytes' tab for the field and so bytes ended up being
highlighted in the currently displayed hex bytes tab (thus highlighting bytes in a pane
not related to the field).
Consider: Add some code in field creation (proto_tree_add...) to at least warn if
a field is being created using a tvb whose data_source is not in the
data_sources list for the frame ?
svn path=/trunk/; revision=40182
uninitialised. The warnings are bogus, but could have been avoided, as the test
to see if we're using a compression profile is redundant/will always be TRUE
in those functions...
Also removed some unnecessary braces from switch cases (no local variables were defined).
svn path=/trunk/; revision=40181
eliminates the global variable for tracking which nibble is
to be decoded by taking advantage of the fact that half octet IEs always occur
in pairs, and thus a pair can be grouped together for decoding.
There was probably also some confusion caused by the macros UPPER_NIBBLE and
LOWER_NIBBLE because the GSM bit numbering is opposite to Wireshark internal
numbering, so I have changed these to be LEFT_NIBBLE and RIGHT_NIBBLE, which
corresponds to the display format in Wireshark.
The dissection order of half octet IEs has been adjusted where necessary to
align with the ordering shown in the GSM specifications.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6658
svn path=/trunk/; revision=40157
Do more length checks, so we reject trailers that have nothing to
dissect.
Test for the trailer length being >= 8, rather than for having the 0x08
bit set (they amount to the same thing, as the trailer length is <= 14,
and >= 8 is what we really want if we're checking whether there's a
timestamp).
svn path=/trunk/; revision=40142
Some commands and IEs from the current release of Asterisk are missing from the
IAX protocol dissector. This patch provides them.
svn path=/trunk/; revision=40141
ASCONF and ASCONF_ACK chunks have a "Sequence Number" field (RFC 5061, 4.1.1
and 4.1.2). The dissector wrongly calls it "Serial number". The attached patch
fixes this issue.
svn path=/trunk/; revision=40140
ZigBee ZCL Dissector reports invalid status
The status code 0x8d contained in an attriute status record in a configure reporting response frame is incorrectly displayed as "Write only" (where WRITE_ONLY = 0x8f). According to the ZigBee Cluster Library Specification, Document 075123r03ZB, April 26, 2010 a status of 0x8d should display as "INVALID_DATA_TYPE"
From me :
Fix this issue (Wrong value define) based on Specs available in ZigBee.org
svn path=/trunk/; revision=40133
Mesh Peering Management reason code field interpreted as status code
The Mesh Peering Management tag displays a status code instead of a reason code
svn path=/trunk/; revision=40132
It's tedious to parse the blockack bitmap by hand, showing it in wireshark
directly is much nicer. Attached patch does so, only for compressed BA for now.
From me: made it filterable.
svn path=/trunk/; revision=40126
- ... and make that distinction configurable for capture files that do not have padding in small frames, but do have trailers
- Add VSS-Monitoring dissector to show by the TAP inserted time- and portstamps
svn path=/trunk/; revision=40108
The offset in "Cell Selection Indicator after Release of all TCH and SDCCH" was not correct because the length was element was decoded twice. So I removed the second decoding of the length.
svn path=/trunk/; revision=40088
self-contradictory (it's 4 bits, not 8). Furthermore, the C language
doesn't support "unsigned char" as a bitfield type; some compilers might
accept that, but if you crank up the warning levels, even GCC will warn
about that.
svn path=/trunk/; revision=40078
officially listed as "Unassigned", and people might use it for their own
purposes (and, in fact, one bug-submitter was doing so; they probably
should have used 253 or 254, but...). Get rid of the code to dissect
it.
svn path=/trunk/; revision=40075
This patch covers following -
i) Support for detecting OSPFv2 Opaque RI LSA. (RFC4970)
ii) Support for detecting OSPFv2 RI Capabilities TLV (RFC4970)
iii) Support for detecting OSPF Dynamic Hostname TLV (RFC5642)
iv) As per RFC4970, support for detecting RI LSA for OSPFv3 as well.
svn path=/trunk/; revision=40073
dissector for ELCOM communication protocol. This protocol is
used mainly by power utilities, to exchange historical, cyclic, and event based
data between SCADA systems.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6616
svn path=/trunk/; revision=40071
Add S1 related info to the DRX parameter dissection (IE
common to 2G/3G/LTE) as specified in 3GPP 24.301 Release 9.8.0 chapter 10.5.5.6.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6642
svn path=/trunk/; revision=40070
Show SDU lengths for UM PDUs.
Also, if the logged pduLength is < the real RLC PDU length, show that the length of the last segment is unknown.
svn path=/trunk/; revision=40067
updates the decoding of the Test Procedures functions
described in 3GPP 44.014, 34.109 and 36.509.
It also fixes a small issue where Wireshark was trying to decode the skip
indicator as a transaction identifier for those messages.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6638
svn path=/trunk/; revision=40064
- set extent of headers item properly
- show in the info column what the data would look like, based upon reported length and segment offsets
svn path=/trunk/; revision=40062
adds to the Protocol Configuration Options the decoding of
the following container identifiers:
- Selected Bearer Control Mode
- DSMIPv6 Home Agent Address
- DSMIPv6 Home Network Prefix
- DSMIPv6 IPv4 Home Agent Address
- P-CSCF IPv4 Address
- DNS Server IPv4 Address
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6636
svn path=/trunk/; revision=40057
Currently Wireshark limits the Access Point Name length to 50 bytes. But
according to 3GPP 24.008 chapter 10.5.6.1, the maximum length is 100 bytes (102
bytes minus the IEI and length fields) and not 50.
The attached patch increases the MAX_APN_LENGTH define value and allow the
correct display of an APN with a size greater than 50 bytes.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6628
svn path=/trunk/; revision=40044
Add this new ID in GRE dissector
The frame with the new GRE ID is not 802.11 frame such as 80XX GRE ID but a 802.3 frame with curious ethertype (8211 the same id with PAPI Protocol...)
svn path=/trunk/; revision=40039
For now use Jeff's fix:
"The REAL problem is that the GSM_MAP dissector is using this value_string_ext
in the hf without BASE_EXT_STRING:
{ &hf_gsm_old_localValue,
{ "localValue", "gsm_old.localValue",
FT_INT32, BASE_DEC, &gsm_old_GSMMAPOperationLocalvalue_vals_ext, 0,
"OperationLocalvalue", HFILL }},
This, in turn, appears to be caused because OperationLocalValue is an alias
for/of GSMMAPOperationLocalValue and only the latter is defined with
.USE_VALS_EXT.
I can fix it by doing:
Index: asn1/gsm_map/gsm_map.cnf
===================================================================
--- asn1/gsm_map/gsm_map.cnf (revision 39628)
+++ asn1/gsm_map/gsm_map.cnf (working copy)
@@ -54,6 +54,7 @@
#.USE_VALS_EXT
GSMMAPOperationLocalvalue
+OperationLocalvalue
#.EXPORTS
AddressString
But it seems to be that asn2wrs should arguably be figuring this out on its
own."
svn path=/trunk/; revision=40033
Part of patch:
2. BFD extension has been added as per RFC 6428, to decode the BFD packet with
ACH encapsulation(without IP/UDP header encapsulation). The channel type in ACH
header identifies the BFD payload as BFD CC or CV packet. Also decoding for
MPLS-TP source MEP-ID TLV in BFD CV packet has been added.
applied with a change to add packet-bfd.h
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6610#add_comment
svn path=/trunk/; revision=40029
LSP Ping extension has been added as per RFC 6426, to decode the LSP Ping
packet with ACH encapsulation(without IP/UDP header encapsulation). The channel
type in ACH header identifies the LSP Ping packet. Also support for decoding
new TLVs and Sub-TLVs defined in the RFC 6426 has been provided.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6610#add_comment
svn path=/trunk/; revision=40028
BFD extension has been added as per RFC 6428, to decode the BFD packet with
ACH encapsulation(without IP/UDP header encapsulation). The channel type in ACH
header identifies the BFD payload as BFD CC or CV packet. Also decoding for
MPLS-TP source MEP-ID TLV in BFD CV packet has been added.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6610#add_comment
svn path=/trunk/; revision=40027
- Removed some mpls preferences which are no longer relevant/needed like
decode PWAC payloads as PPP traffic and assume all channel types except 0x21
are raw BFD.
- MPLS extension from PW-ACH to MPLS Generic Associated Channel as per RFC 5586
- Updated Pseudowire Associated Channel Types as per
http://www.iana.org/assignments/pwe3-parameters
- Updated the VCCV bitmaps as per RFC 5885
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6574
svn path=/trunk/; revision=40026
Strictly speaking, it appears that __except(EXCEPTION_EXECUTE_HANDLER)
rather than __exept(TRUE) should be used altho in actuality there's
no difference since TRUE (as defined by GLIB) == EXCEPTION_EXECUTE_HANDLER.
svn path=/trunk/; revision=40022
- Remove unneeded #includes;
- Use val_to_str_const() in several places;
- Reformat long lines;
- Fix whitepace and indentation.
svn path=/trunk/; revision=40016
kNet (KristalliNet) dissector for Wireshark
kNet is a connection-oriented network protocol for transmitting arbitrary application-specific messages between network hosts. It is designed primarily for applications that require a method for rapid space-efficient real-time communication. kNet is an application-level protocol which can be ran either over UDP, TCP or SCTP transports.
From me :
* Add Modelines information and fix trailing whitespace
* Merge packet-knet.h in packet-knet.c
* Make Checkhf happy
* Fix Clang/GCC Warning about unused variable
* Add Authors info & CMakeList.txt
svn path=/trunk/; revision=40010
- Use a (slightly) less simplistic hashing algorithm to reduce collisions;
Note: A GHashTable which handles collisions rather than
a home-grown hash table (which does not) needs to be implemented.
- Don't replace an existing template in the cache when a collision occurs;
Fixes Bug #6325https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6325
svn path=/trunk/; revision=39990
added the display of intermediate value used to decode ARFCN in
range 1024/256 format.
So now the W(n) values can be displayed and localised in the tvb buffer.
The code was reworked a little to use the get_bit functions.
svn path=/trunk/; revision=39976
- SASL authentication support - improved (and correct) state machine.
- indention, tab fixes
- macro to fetch PDU, simplifying the code (and improving its readability)
- properly show the length of agent messages and align them under the right tree.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6589
From me: Fix some indentation & remove some trailing whitespace.
svn path=/trunk/; revision=39972
packet-x11.c: hundreds of:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/x11-extension-implementation.h: In function ‘xselinuxGetClientContext’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/x11-extension-implementation.h:27994:9: warning: variable ‘f_resource’ set but not used [-Wunused-but-set-variable]
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/x11-extension-implementation.h: In function ‘xselinuxGetClientContext_Reply’:
dissectors/packet-dcerpc-mapi.c: set but not used
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c: In function ‘mapi_dissect_struct_Release_req’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c:8592:14: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c: In function ‘mapi_dissect_struct_Release_repl’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c:8617:14: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c: In function ‘mapi_dissect_struct_RecipSMTP’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c:8848:14: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
dissecots/packet-dcerpc-drsuapi.c: set but not used
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-drsuapi.c: In function ‘drsuapi_dissect_DsGetNCChangesCtr7’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-drsuapi.c:2920:17: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
Btw.: Does it really make sense to use an extra CMakefile for the dcerpc/ dir?
I'd rather the the idl2wrs.c in tools/ and the generatorstuff in epan/CMake
More files with the same problem.
svn path=/trunk/; revision=39968
