More fine tuning of the SMC-Rv2 support, and add the support to show
the GID list in a CLC proposal message.
Signed-off-by: Karsten Graul <kgraul@linux.ibm.com>
Add SMCRv2 clc proposal/accept/confirm and decline support.
Proposal and decline parsing routines are used by SMC-R(v2) and SMC-D(v2).
Enhance the existing SMC protocol dissector in such
a generic way that it supports both SMC-R(v2) and SMC-D(v2)
protocols. These two protocols are similar to each other.
SMC-D and SMC-R has a version 1 and version 2.
Signed-off-by: Guvenc Gulce <guvenc@linux.ibm.com>
If name resolution is enabled in the conversations and endpoints
dialogs, sort address columns by the resolved names, not by the
addresses; sorting them by address will give *very* unexpected results,
and not make it easier to look for addresses by name.
The existing PEAP support does not decode the inner attributes, this
commit adds that support by introducing packet-peap.c which recreates
a 'pseudo' EAP header before looping the TVB back into the EAP dissector.
Decode TEAP's O-flag.
We also update the diagram and references as PEAPv0 has a different view
of how the flags are used compared to the RFCs and drafts.
libsinsp currently only supports string and unsigned 64-bit integer
field types. For string fields that might contain a parseable address,
add ".v4" and ".v6" subtree items with a corresponding field type.
For example, the ct.srcip field now dissects as
Sysdig Event 1: 880 bytes
Falco Bridge
cloudtrail Plugin
[ ... ]
Source IP: 3.92.225.50
[Source IP (IPv4): 3.92.225.50]
Add get_configuration_namespace() and use it in code that writes
"generated by" comments at the top of various configuration files.
Update our Logwolf colorfilters.
Tarballs created by git archive have the commit ID stored in their
header. Only preserve a preexisting tarball if that commit ID matches
that of the current commit, even if the versions match.
Fix the creation of a temporary commit for when the working directory
does not match the tree. (When git diff-index is called without
--quiet or --exit-code, the exit code is success even when there
are differences). Use git stash create, as it is intended for scripts
like this; it creates a temporary stash not stored in the ref namespace
which does not require being popped later, and does nothing and outputs
the empty string instead of a commit ID if there are no local changes.
This helps when generating tarballs or building rpm packages repeatedly
out of a changing working tree.
Prepare for adding reusing code where only descriptive name differs.
But the numbers are encoded using the same rules.
"E.164 number (MSISDN)" & "E.164 number (ISDN)" for example.
The End of LLDPDU TLV is optional, should not as malformed even if missing.
Resolve it by checking whether the total length of each TLV reaches the total length of TVB.
Close#18029
Fix
epan/conversation_filter.h:43:11: warning: parameter 'A' not found in the function declaration [-Wdocumentation]
* @param A valid protocol name.
^
epan/conversation_filter.h:43:11: note: did you mean 'proto_name'?
The extract_fields struct and calling convention changed, so update to
match. Extract all of our fields at once, which noticeably speeds up
dissection here.
Add support to display filters for matching a specific layer within a frame.
Layers are counted sequentially up the protocol stack. Each protocol
(dissector) that appears in the stack is one layer.
LINK-LAYER#1 <-> IP#1 <-> TCP#1 <-> IP#2 <-> TCP#2 <-> etc.
The syntax allows for negative indexes and ranges with the usual semantics
for slices (but note that counting starts at one):
tcp.port#[2-4] == 1024
Matches layers 2 to 4 inclusive.
Fixes#3791.
The word range is used for different things with different
meanings and that is confusing. Avoid using "range" in code to
mean "slice".
A range is one or more intervals with a lower and upper bound.
A slice is a range applied to a bytes field.
Replace range with slice wherever appropriate. This usage of
"slice" instead of range is generally correct and consistent in
the documentation.
Packet info already contains the notion of layer depth for the
current protocol, among all the protocols in the frame. This
adds an extra layer number for the protocols that are the same
as the current one. Obviously this will only go above one if
the protocol is repeated in the stack, such as with IP tunneling.
Adds extra logic to track numbers for each protocol in the frame
and update them when calling a dissector.
The total layer number and protocol layer number are store in
the field info structure so they can be used after dissection,
namely by display filters.