Change-Id: I525ac2aae2bdbfd5f3a2f3b35f1bf10dde053f66
Reviewed-on: https://code.wireshark.org/review/2667
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The data that is sent when downloading or uploading from a server is
sent in segments to the client.To clearly display all the segments
belonging together the splitted payload needs to be reassembled.
The behaviour is described in the powerlink specification 301 v1.2.0
chapter 6.3.2.4.1.1 Download Protocol and chapter 6.3.2.4.2 Upload
Protocol. The payload of the download/upload is now reassembled.
Signed-off-by: Lukas Emersberger <lukas.emersberger@gmail.com>
Change-Id: I17c30f15e75da47bcaba8f1fda1e412849ec268c
Reviewed-on: https://code.wireshark.org/review/1120
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The MN interprets the CMD layer data only if the CN increments
the Send-Sequence-Counter => new data. The MN interprets the
data only once, if the same frame is sent again the MN ignores
the data.
The behaviour is described in the powerlink specification 301 v1.2.0
chapter 6.3.2.3.2.3 Error: Duplication of Frame
Frames which duplicate previous sent data are now marked as
duplicated frames.
Signed-off-by: Lukas Emersberger <lukas.emersberger@gmail.com>
Change-Id: I9ef24b52712bfd3c735856b0cd5747c47aeef72a
Reviewed-on: https://code.wireshark.org/review/992
Reviewed-by: Evan Huus <eapache@gmail.com>
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This squelches a run-time warning.
Change-Id: I5b147530b7f9255c3564fe24b56e0ea3eab45852
Reviewed-on: https://code.wireshark.org/review/995
Reviewed-by: Guy Harris <guy@alum.mit.edu>
packet-epl.c:2248: warning: declaration of 'index' shadows a global declaration
packet-epl.c: In function 'dissect_epl_sdo_command_write_multiple_by_index':
packet-epl.c:2380: warning: declaration of 'index' shadows a global declaration
packet-epl.c: In function 'dissect_epl_sdo_command_read_by_index':
packet-epl.c:2489: warning: declaration of 'index' shadows a global declaration
Change-Id: Ib1a1d1d2aa596df558162839e7594b7fd12559a3
Reviewed-on: https://code.wireshark.org/review/765
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Each package is dissected using a reference to object indeces, so
that in the view of the dissector output, a clear indication
to what the index means and what the subindices mean is given.
Additional special entries (mappings, timestamps) have their own hf
fields, and can be searched for via display filter.
Signed-off-by: Lukas Emersberger <lukas.emersberger@gmail.com>
Change-Id: I928c11a9f4a5b762c8947713a0f70e03bd711158
Reviewed-on: https://code.wireshark.org/review/730
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Lukas Emersberger <lukas.emersberger@br-automation.co.at>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Adding a typedefinition which can be deactivated, so
that certain types of frames are only detected in their
respective transport protocols
- Rename bytes array as it is a key-word for some IDEs and
hinders syntax checking
- Add node info to the time request from/by fields
- EPL: add message type to heuristic dissection call
Change-Id: Ia572bb68fc1d24d70e72b77867f0dad323b055b9
Reviewed-on: https://code.wireshark.org/review/750
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- For PollResponse-Chaining SyncReq and SyncResp frames were introduced.
Those frame-types are not recognized by Wireshark yet.
- Currently only the FeatureFlags 0-13 where interpreted by Wireshark.
Flags 14-15 and all extended flags where missing.
14 = SDO Read/Write All by Index
15 = SDO Read/Write Multiple Parameter by Index
16 = Multiple-ASend Support (TRUE = Device supports Multiple-ASend; FALSE = Device doesn’t support Multiple-ASend)
17 = Ring Redundancy (TRUE = MN supports ring redundancy; FALSE = MN does not support ring redundancy)
18 = PResChaining (TRUE = Device supports PResChaining; FALSE = Device does not support PResChaining)
19 = Multiple PReq/PRes (TRUE = Device supports Multiple PReq/PRes; FALSE = Device does not support Multiple PReq/PRes)
20 = Dynamic Node Allocation (TRUE = Device supports DNA; FALSE = Device does not support DNA)
Signed-off-by: Lukas Emersberger <lukas.emersberger@gmail.com>
Change-Id: I9ac19f8b71b1be1094f410141c0f806996b1cb25
Reviewed-on: https://code.wireshark.org/review/589
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a permanent solution for bug #9786. guint overflows
are now prevented, and the remaining length is queried from
tvb and taken into consideration.
As a side-effect, the fix brought up two bugs in the openSAFETY
dissector, which where fixed as well.
Upd: Remove stdio.h and fix one encoding error found by
fix-encoding-args.pl
Change-Id: Ic2d478a8ea15b0bcfd2536a074c217daf610fe08
Reviewed-on: https://code.wireshark.org/review/291
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Up until now, openSAFETY hooked into a heuristic filter for epl
and dissected the whole package, handing back some epl header
information by calling epl again. This was time-consuming and
on a busy network led to an increase in dropped packages and
memory usage, as well as unresponsivness.
This patch only takes the payload data of epl frames, and
therefore greatly reduces the dissection overhead of openSAFETY.
On a second note, intergap data between safety frames is now
being displayed as Data, but only if the option for doing so
is specifically enabled in the openSAFETY preferences, as it
changes the behaviour of the dissector output.
Upd: Because of the gap handling, some frames where marked
as being truncated, although they were not, or did not contain
openSAFETY frames at all. In the course of the fix for this,
the byte copying for the byte swap with MBTCP has been moved
to only occur when needed, and is additionaly guarded.
Upd2: Identation and comment fixes
Upd3: Change memcpy to memdup and move find_dissector ( "data" )
to proto_reg_handoff
PLK: Store data dissector pointer
Move the if-clause to proto_reg_handoff as documented
in comment of Change-id: 191
Change-Id: I3038ed465900a2b5e63b3a0967abd62a4c66f318
Reviewed-on: https://code.wireshark.org/review/191
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Up until now, the heuristic dissector for epl allways passed the
complete epl frame. Therefore a lot of information got passed,
which was not needed, resulting in subdissectors to have to call
the epl dissector again, if the epl data had to be dissected.
This patch adds a second heuristic dissector (not breaking the
way, the existing one is working), which only passes the payload
of the epl frame to a sub-dissector, therefore reducing memory
overhead and increasing dissection speed.
Upd: Changes according to comments in patchset
Change-Id: I2ef309310f421f24d96dd1c188e188ccfa5935cd
Reviewed-on: https://code.wireshark.org/review/190
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
- when the text parameter is constant col_add_str() and col_set_str() are equivalent but col_set_str() is faster.
- same for replace col_append_fstr and col_append_str
- remove col_clear() when it's redundant:
+ before a col_set/col_add if the dissector can't throw an exception.
- replace col_append() after a col_clear() with faster col_add... or col_set
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9344
svn path=/trunk/; revision=52948
There seem to be several cases of proto_tree_add_string_format where a "string" value/filter doesn't really make sense because it's always empty, and is just being used as a "filterable subtree header (placeholder)". They appear to be more for "presense" than "value" and should probably be FT_NONE, although I'd almost argue for removing the filter in favor of proto_tree_add_text.
svn path=/trunk/; revision=52296
was done using textual search+replace, not anything syntax-aware, so presumably
it got most comments as well (except where there were typos).
Use a consistent coding style, and make proper use of the WS_DLL_* defines.
Group the functions appropriately in the header.
I ended up getting rid of most of the explanatory comments since many of them
duplicated what was in the value_string.c file (and were out of sync with the
recent updates I made to those in r48633). Presumably most of the comments
should be in the .h file not the .c file, but there's enough churn ahead that
it's not worth fixing yet.
Part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8467
svn path=/trunk/; revision=48634
Also (for a few files):
- create/use some extended value strings;
- remove unneeded #include files;
- remove unneeded variable initialization;
- re-order fcns slightly so prefs_reg_handoff...() at end, etc
svn path=/trunk/; revision=44438
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_BOOLEAN
FT_IPv4
FT_EUI64
FT_GUID
FT_UINT_STRING
Also: For type FT_ITv6 use ENC_NA. (This was missed in SVN #39260)
svn path=/trunk/; revision=39328
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39288
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39260
Patch, which removes both EPL and EPLv1 .h files, as well as adding a heuristic dissector hook to EPL (v1 is nearly nowhere in use anymore, therefore not needed)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5751
svn path=/trunk/; revision=36198
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
ABSOLUTE_TIME_LOCAL or ABSOLUTE_TIME_UTC, indicating whether to display
the date/time in local time or UTC. (int)ABSOLUTE_TIME_LOCAL ==
(int)BASE_NONE, so there's no source or binary compatiblity issue,
although we might want to eliminate BASE_NONE at some point and have the
BASE_ values used with integral types start at 0, so that you can't
specify BASE_NONE for an integral field.
svn path=/trunk/; revision=31319
fields, as there are several different possible time formats, and
there's not yet any way to specify the particular format. However, we
don't need to format the time stamp - let the Wireshark core code do that.
svn path=/trunk/; revision=31226
Michael Mann