Substantial enhancements to MQ protocol: all Structure, MSG_REQUEST/ASYNC_RESP,
MQ Multi Segment are decoded until version 7.1/7.5
svn path=/trunk/; revision=52085
TODO :
* Support HTTP Header Compression (draft-ietf-httpbis-header-compression)
* Enhance display of Data
* Reassembling of continuation frame (and other frame)
* Add same tap and ping/pong time response
svn path=/trunk/; revision=51591
Dissector for the Sippy RTPproxy controlling protocol. RTPproxy is a well-known
(among SIP-engineers) application and it operates using its own simple
text-based protocol. There are several competing products but all of them
implements it (sometimes slightly extending).
svn path=/trunk/; revision=51417
Rename packet-cmd.c to packet-cisco-metadata.c .
Assign copyright to the author.
Also add the dissector to cmake (oops, should have been in r51198!).
svn path=/trunk/; revision=51226
Dissector for Stanag 4607 protocol.
From me:
- don't add expert info under if (tree)
- simplify loop and overflow checking
svn path=/trunk/; revision=51131
The overhead is not large, and it makes append much faster (O(1) vs O(n)).
It also will make a queue easy to add, which I need for a dissector I'm
writing...
svn path=/trunk/; revision=50744
there and moving it avoids having to recompile the file for use in editcap
and mergecap (which don't link against libwireshark).
svn path=/trunk/; revision=50650
Before:
user0 - USER 0
user1 - USER 1
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
After:
user0 - USER 0
user1 - USER 1
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
svn path=/trunk/; revision=50482
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8718
More zigbee dissection, adding the following clusters:
- appliance identification
- meter identification
- appliance statistics
- appliance events and alert
svn path=/trunk/; revision=50202
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8718
Move zbee-on-off to zbee-general in preparation to avoid an enormous number of
small files when adding dissection for more zbee cluster types.
svn path=/trunk/; revision=50078
From Uli Heilmeier
CARP shares the same protocol ID as VRRP (and VRRP's is IANA registered), so heuristics are provided. VRRP and CARP are very similar, so I'm not sure having heuristics for both dissectors will help CARP.
svn path=/trunk/; revision=49931
Some Notes:
1. Converted to "new style" dissectors with data being passed between dissectors
2. Combined header files into one since there wasn't much that should have really been in the header files. Implemented functionality is in c module of respective dissector.
Not sure if LCT preferences should just be in the LCT dissector and not the RMT-ALC "parent", but kept for backwards compatibility.
svn path=/trunk/; revision=49555
Dissector for PTP-over-IP (picture transfer protocol). PTP-over-USB also exists
but is not identical, so some parts of the dissector are shared for future use.
svn path=/trunk/; revision=49221
recurring callbacks, I suspect most other potential uses will be once-only, so
make that possible, and improve the documentation on the remaining issues.
Also separate out the code into its own files and the testing into its own
test case.
svn path=/trunk/; revision=49209
of the binary dir. Fixed that.
NOTE: It fails with and without this patch for out of tree builds:
jmayer@egg:~/work/wireshark/svn/build/qt-gtk3> make dumpabi
[ 1%] Built target wsutil
[ 1%] Generating libwsutil.abi.tar.gz
ERROR: can't find modules
cp: cannot stat `abi_dumps/libwsutil/libwsutil_*': No such file or directory
make[3]: *** [wsutil/libwsutil.abi.tar.gz] Error 1
make[2]: *** [wsutil/CMakeFiles/dumpabi-libwsutil.dir/all] Error 2
make[1]: *** [CMakeFiles/dumpabi.dir/rule] Error 2
make: *** [dumpabi] Error 2
jmayer@egg:~/work/wireshark/svn/build/qt-gtk3>
svn path=/trunk/; revision=49014
------------------------------------------------------------------------
r47064 | cmaynard | 2013-01-14 16:39:38 +0100 (Mo, 14 Jan 2013) | 2 lines
packet-ncp2222.c -> dissectors/packet-ncp2222.c
------------------------------------------------------------------------
r47078 | gerald | 2013-01-14 21:05:24 +0100 (Mo, 14 Jan 2013) | 2 lines
Put packet-ncp2222.c in epan/dissectors. This matches Makefile.am's behavior.
------------------------------------------------------------------------
The first commit tried to make cmake behavior mimic autofoo behavior while
it should be the other way round: out of tree builds fail with packet-ncp2222.c
generation with autofoo.
The second commit just fixed the first one.
svn path=/trunk/; revision=49008
dissector for ISO 10747 Inter Domain Routing Protocol
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8562
from me:
check for negative return value of tvb_reported_length_remaining()
remove unused hf entries
add modelines
don't initialise variables unless it's necessary
make idrp a new-style dissector
svn path=/trunk/; revision=49002
New dissector for PULSE protocol for Linux Virtual Server redundancy
very small dissector for PULSE protocol for Linux Virtual Server redundancy.
About pulse, see http://sourceware.org/piranha.
From me :
Add Modelines info
Replace tab by space
svn path=/trunk/; revision=48773
Merged packet-rtps.c and packet-rtps2.c into a single dissector. It appears packet-rtps2.[ch] "API" needs to be externally available, otherwise I would have rolled (the newly merged) packet-rtps.h into packet-rtps.c as well.
Converted many of the remaining proto_tree_add_text to proto_tree_add_item/expert_info and cleaned up the manual string manipulation so checkAPIs.pl is happy.
Added a "cooked" capture file to the SampleCaptures page on the wiki for future fuzztesting/regression.
svn path=/trunk/; revision=48727
Dissector for NASDAQ's OUCH 4.x protocol.
From me:
- fix svn Id tag
- g_snprintf includes the null-terminator in its len count, so the buffer
only has to be ITEM_LABEL_LENGTH, not (ITEM_LABEL_LENGTH + 1).
svn path=/trunk/; revision=48479
Dissector for NASDAQ's SoupBinTCP protocol (which is non-trivially different
from the old packet-nasdaq-soup dissector).
From me:
- fix CMake entry
- remove C++-style comments
- fix SVN Id tag
svn path=/trunk/; revision=48452
(removed in r48218) which did nothing particularly useful. Also lets us remove
another debugging environment variable.
svn path=/trunk/; revision=48219
New dissector for the honeypot-feeds protocol.
From me: Misc. tweaks to expert info layout and remove a few unneeded initializers.
svn path=/trunk/; revision=47962
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
Support all PDU Type (IPv4/6 Prefix, Serial Notify/Query...)
Not supported the packet with a lot of PDU (fragmentation)
svn path=/trunk/; revision=47470
As part of a semster project in our 3rd semester of
"secure information systems" at the university of
applied sciences upper austria, we built a wireshark
dissector for the OpenVPN protocol.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8240
From me:
Rework reassembly code and tree display of
message fragments and reassembled messages.
Fix various bugs and do some cleanup.
Also: Do minor whitespace changes in AUTHORS.
svn path=/trunk/; revision=47247
Dissector for the SEL (Schweitzer Engineering Labs) Fast Message protocol.
From me:
- use wmem instead of glib to not leak memory
- simplify port preference
- remove unneeded initializers
- modelines
- Id tag
svn path=/trunk/; revision=46949
Enhancement to support MPLS-TP FM and LI payloads as per RFC 6427 and RFC 6435
Fixed some errors found by checkapi, changed filter names to use
proto abbr.
svn path=/trunk/; revision=46084
yet initialized because I can't figure out where the enter() and leave() calls
should go - the obvious place in packet.c causes a lot of assertion errors.
svn path=/trunk/; revision=45879
USBAudio dissector can reassemble SysEx commands.
MIDI SysEx dissector can (partially) dissect DigiTech protocol.
From me :
Fix a wrong encoding type found by fix-encoding-args tools
Add Modelines info
svn path=/trunk/; revision=45873
Add a dissector for the America Online protocol (not the AIM protocol).
From me: always use ENC_NA for FT_UINT8 types.
svn path=/trunk/; revision=45731
Add support for HCI 3.0+HS and v4.0, Bluetooth Low Energy. This includes
dissection of additional HCI commands and events, Attribute Protocol and
Security Manager Protocol.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7872
svn path=/trunk/; revision=45709
Updated wireshark_gen.py to generate hf_ variables for all of the IDL "types". The "simple" types use proto_tree_add_* (not text), while the "complex" types use the GIOP dissector API. checkhf.pl generates some warnings because (some of) the hf_ variables are being generated for the "complex" types, but are not being used. That will be done in Part 2.
expert_add_info_format now linked to a real item instead of being attached to a duplicative proto_tree_add_text(). This cleaned up literally thousands of unnecessary proto_tree_add_text()s
svn path=/trunk/; revision=45472
Add Bluetooth Protocol BNEP. Supported version: 1.0.
I changed offset to be an int to follow WS convention.While at it I changed other types to fit the tvb_get routines.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7719
svn path=/trunk/; revision=44894
HFP is moved from RFCOMM where named HF.
Then fix name to one used by SIG specification: HFP.
Next step is improve dissection of HFP by dissect
specific for this profile AT commands.
From Michal Labedzki on behalf of Tieto Corporation
Part of bug #7639
svn path=/trunk/; revision=44877
use hdcp2 for protocol name, info column and filter names
(actually, hdcp and hdcp2 have nothing in common -
hdcp2 was a complete redesign to fix security issues in hdcp)
svn path=/trunk/; revision=44527
Also, get rid of check_col() calls and unused preferences, and use
col_add_fstr() where appropriate.
Fix up some indentation.
svn path=/trunk/; revision=44222
Add new dissector for DVB-S2 Baseband Frame and GSE dissection
There is a standard for satellite receiving equipment to output all the received
data over an ethernet interface. This dissector is able to show these packets
according to the ETSI standards.
By default the dissector is disabled, it can be enabled in the protocol
settings dialogue
svn path=/trunk/; revision=44109
SDH support for wireshark.
- Added GPL license.
- Removed not needed includes.
- Skipped th .h file as it wasn't used.
svn path=/trunk/; revision=43106
New dissector for WSE Remote Ethernet protocol
From me :
* Fix Compilation under linux
* Use proto_tree_add_item*
* Make build-in dissector
* Include Status.* and Codef.* in dissector
* Reorder function (to respect Wireshark Codelines)
* Add Modelines Info and fix indent (use 4 spaces)
* Fix check* tools
* Add Clement to AUTHORS
svn path=/trunk/; revision=43086
Given the problems with the original attempt, and the fact that there's a new
version of the protocol spec out (v1.1), I took a crack at writing a new
dissector from scratch. It doesn't decode the fields within the message
parameters (there are far too many to bother with for an initial draft), but it
decodes everything else.
Even though it's not complete, I feel it's worth checking in as an intermediate
step (assuming it passes review), since it's still far better than nothing, and
adding full parameter-field decoding is going to take a lot of time simply for
transcribing all the different fields.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1957
svn path=/trunk/; revision=42383
encapsulations.
For pre-V9 AiroPeek captures, leave the radio information in the packet
data, just as we do with the Prism, AVS, radiotap, and NetMon headers.
Add a dissector for it.
svn path=/trunk/; revision=42379
Add WebSocket Protocol dissector (RFC6455)
* Support Base Framing Protocol
* Support of major opcode (Text, Binary, Close, Ping, Pong...)
* Support of unmask Payload (Client-to-Server Masking)
TODO
* Add fragmentation support
* Add WebSocket Extensions
svn path=/trunk/; revision=42163
From Tom Cook and Tom Alexander.
1. A VWR encapsulation that reads VeriWave capture files (*.vwr)
generated from
WaveTest test hardware
2. Dissectors that display the VeriWave tap headers (both 802.11 and
Ethernet)
3. A dissector for the WaveAgent protocol. The WaveAgent dissector is
heuristic and parses the WaveAgent packet (a UDP payload).
The WaveAgent dissector has been Fuzz tested.
The VWR ENCAP and dissectors have been used extensively by VeriWave
customers in a special version of WireSark compiled by VeriWave.
svn path=/trunk/; revision=42155
This patch adds support for the DVB Bouquet Association Table (BAT) from ETSI
EN 300 468.
With this last patch, the support for the DVB SI table is quite complete.
svn path=/trunk/; revision=41836
Add MAC Address Acquisition Protocol Dissector
Add the dissector for MAAP - the MAC address acquisition protocol for 802.3
Ethernet defined in IEEE1722.
svn path=/trunk/; revision=41811
This patch adds support for the DVB Time Offset Table and the related
descriptor.
It also contains the Stuffing Descriptor as an added bonus.
svn path=/trunk/; revision=41766
This patch adds support for DVB Network Information Table as documented in
ETSI EN 300 468.
The patch also contains additional mpeg descriptors usually found in NIT plus
a few minor bugfix for other descriptors.
svn path=/trunk/; revision=41754
Add support for ETV Data processing & simple MPEG DSM-CC handling.
Witha a change of the name of dissect() in packet-etv.c to dissect-etv_common().
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6978
svn path=/trunk/; revision=41735
I'm contributing a new dissector for the HART/IP protocol. This
protocol is specified by the HART Conformance Foundation (HCF). It is
a standard protocol used in the process control industry. It
essential wraps the multip-drop serial HART packets in TCP or UDP
packets. The standard has been approved by the HCF and has been
assigned UDP/TCP port 5094 by IANA.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6961
--This line, and those below,
will be ignored--
M AUTHORS
M epan/CMakeLists.txt
M epan/dissectors/Makefile.common
AM epan/dissectors/packet-hartip.c
M ui/gtk/main_menubar.c
svn path=/trunk/; revision=41644
Move Y.1711 out of MPLS dissector
ITU-T Y.1711 code was "embedded" into the MPLS dissector in 2006.
This patch moves it into its own dissector.
From me :
Fix a Clang warning
svn path=/trunk/; revision=41486
packet-gmr1_dtap: Add dissector for GMR1 DTAP messages (Step 4(4)).
Added to Cmalelists.txt and #if 0 zero lenght hf array which windows
build did not like.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6921
svn path=/trunk/; revision=41450
A new dissector for IEEE 1722.1.
From me: some code cleanup, including:
- Get rid of some unnecessary local variable initializations.
- Put all of 1722.1 under one subtree.
- Just put if(tree)s in the top-level function rather than scattered throughout.
- Remove a couple "set but not used" warnings (a couple are #if'd out).
- Don't use deprecated functions.
svn path=/trunk/; revision=41282
Dissector for Alcatel-Lucent Enterprise Universal Alcatel- and NOE protocol, take II.
families.
Meant as a replacement for existing UA-dissector in trunk because of better
feature set:
- latest protocol specifiaction
- more detailed dissection and filtering possibilities on subprotocols
- RTP stream setup
- NOE over SIP
Lars Ruoff
On behalf of Alcatel-Lucent Enterprise
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6844
svn path=/trunk/; revision=41266
Support for MPLS Packet Loss and Delay Measurement, RFC 6374
Support for MPLS Packet Loss and Delay Measurement, RFC 6374.
Any packetformat is supported: DLM, ILM, DM, DLM+DM and ILM+DM.
From me :
* Prefer proto_tree_add_item when it is possible
* add Modelines information
svn path=/trunk/; revision=41260
via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6792
This is a new dissector for the non-standard Ericsson OM2000 protocol, as it is
used for the OML on A-bis of Ericsson RBS 2xxx BTSs.
It also includes a dissector for a shim-layer protocol that Ericsson uses for
IP-based A-bis like the RBS 2409. As the protocol is not publicly documented,
I have invented the name "EHDLC" (Ericsson HLDC) for it.
svn path=/trunk/; revision=41195
Dissector for Alcatel-Lucent Enterprise Universal Alcatel- and NOE protocol
families.
Meant as a replacement for existing UA-dissector in trunk because of better
feature set:
- latest protocol specifiaction
- more detailed dissection and filtering possibilities on subprotocols
- RTP stream setup
- NOE over SIP
Lars Ruoff
On behalf of Alcatel-Lucent Enterprise
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6844
svn path=/trunk/; revision=41134