Experience has shown that:
1. The current logging methods are not very reliable or practical.
A logging bitmask makes little sense as the user-facing interface (who
would want debug but not crtical messages for example?); it's
computer-friendly and user-unfriendly. More importantly the console
log level preference is initialized too late in the startup process
to be used for the logging subsystem and that fact raises a number
of annoying and hard-to-fix usability issues.
2. Coding around G_MESSAGES_DEBUG to comply with our log level mask
and not clobber the user's settings or not create unexpected log misses
is unworkable and generally follows the principle of most surprise.
The fact that G_MESSAGES_DEBUG="all" can leak to other programs using
GLib is also annoying.
3. The non-structured GLib logging API is very opinionated and lacks
configurability beyond replacing the log handler.
4. Windows GUI has some special code to attach to a console,
but it would be nice to abstract away the rest under a single
interface.
5. Using this logger seems to be noticeably faster.
Deprecate the console log level preference and extend our API to
implement a log handler in wsutil/wslog.h to provide easy-to-use,
flexible and dependable logging during all execution phases.
Log levels have a hierarchy, from most verbose to least verbose
(debug to error). When a given level is set everything above that
is also enabled.
The log level can be set with an environment variable or a command
line option (parsed as soon as possible but still later than the
environment). The default log level is "message".
Dissector logging is not included because it is not clear what log
domain they should use. An explosion to thousands of domains is
not desirable and putting everything in a single domain is probably
too coarse and noisy. For now I think it makes sense to let them do
their own thing using g_log_default_handler() and continue using the
G_MESSAGES_DEBUG mechanism with specific domains for each individual
dissector.
In the future a mechanism may be added to selectively enable these
domains at runtime while trying to avoid the problems introduced
by G_MESSAGES_DEBUG.
Remove the editor modeline blocks from the source files in ui that use 4
space indentation by running
perl -i -p0e 's{ \n+ /[ *\n]+ editor \s+ modelines .* shiftwidth= .* \*/ \s+ } {\n}gsix' $( ag -l shiftwidth=4 $( ag -g '\.(c|cpp|h|m|mm)') )
This gives us one source of indentation truth for these files, and it
*shouldn't* affect anyone since
- These files match the default in our top-level .editorconfig.
- The one notable editor that's likely to be used on these files and
*doesn't* support EditorConfig (Qt Creator) defaults to 4 space
indentation.
Have dumpcap in child mode return an error message with a primary and
secondary string, instead of using stderr. When writing to the console
log we ignore the second message to prevent flooding the log with
tutorial-like info on permissions.
Adds a pre-commit hook for detecting and replacing
occurrences of `g_malloc()` and `wmem_alloc()` with
`g_new()` and `wmem_new()`, to improve the
readability of Wireshark's code, and
occurrences of
`g_malloc(sizeof(struct myobj) * foo)`
with
`g_new(struct myobj, foo)`
to prevent integer overflows
Also fixes all existing occurrences across
the codebase.
Simplify timing code by relying on g_get_monotonic_time which has the
additional benefit that it is unaffected by clock jumps.
Change-Id: Ib61b848eb5e20d68d486a07e3528ccafb03f8814
Reviewed-on: https://code.wireshark.org/review/33976
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's only used there, so move it there.
Change-Id: I68472150e020ba94166782e3e4c08cba94c0f9ee
Reviewed-on: https://code.wireshark.org/review/29114
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move */ to a separate line below the SPDX identifier.
Change-Id: Id1032215449cfccae0933147b45e04b65e0b727f
Reviewed-on: https://code.wireshark.org/review/27211
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I6b05399395bcc35e59b73b4030ba4a05711a7b1a
Reviewed-on: https://code.wireshark.org/review/25565
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix a regression introduced by I09beab751c9c2917f017b6c082166d86ca693544.
Change-Id: I57b971086470e836f4147500143c35494118e754
Reviewed-on: https://code.wireshark.org/review/24765
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Move fill_in_local_interfaces to a worker thread and start it as early
as possible. Add a mutex for global_capture_opts.
Change-Id: I09beab751c9c2917f017b6c082166d86ca693544
Reviewed-on: https://code.wireshark.org/review/24757
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It seems the locked field of interface_t was used to avoid
simultaneous updates of interface entries from either multiple
threads or most likely the recursive UI update callbacks
case later identified.
Since 802362e ("Avoid recursive scan_local_interfaces operation")
the recursive callback behavior is no longer happening. And as
code does not have consistent checks the locked field can anyway
hardly protect a multi-threaded case if such a case exists.
Remove the unnecessary locked field.
Ping-Bug: 13864
Change-Id: Idc393f702b82aa6014dd636572d00f0d67120bf3
Reviewed-on: https://code.wireshark.org/review/23262
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change access of ifaces elements from by val to by reference.
With this change unnecessary copying of the whole struct is avoided
but even more important is that elements no longer have to be
removed and inserted whenever data is updated.
This change aims to make it more clear that ifaces elements shall
never directly be removed from the array. Instead use function
capture_opts_del_iface
NOTE: Code for GTK UI not updated
Ping-Bug: 13864
Change-Id: I04b65d5ee36526b30d959b8e5a2a48a3c7c4f15b
Reviewed-on: https://code.wireshark.org/review/23204
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change access of all_ifaces elements from by val to by reference.
With this change unnecessary copying of the whole struct is avoided
but even more important is that elements no longer have to be
removed and inserted whenever data is updated.
This change aims to make it more clear that all_ifaces elements
shall never be removed from the array without freeing resources
via the capture_opts_free_interface_t function.
NOTE: Code for GTK UI not updated
Ping-Bug: 13864
Change-Id: I36742cb1d5c8daa136c9d3732a044a7c8e5c7fe7
Reviewed-on: https://code.wireshark.org/review/23201
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The interface_options struct passed to dumpcap is populated
differently when running Wireshark with and without -k.
Previously, only with -k was there a valid pointer in
interface_opts.timestamp_type
Fixes: aca55a2 ("Add hardware timestamping support")
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Change-Id: Ic7ecc5a1190c28197d6a7271f1b353f74d43ca61
Reviewed-on: https://code.wireshark.org/review/23160
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(Named) pipes like "/tmp/fifo" or "-" have if_type == IF_WIRED instead
of IF_PIPE. Always try to add such interfaces such that "wireshark -i
/tmp/fifo" shows a "/tmp/fifo" item in the interfaces list.
Note that if an interface is really gone (like a disconnected USB
Ethernet device), then this could result in stale items in the list.
Ping-Bug: 13865
Fixes: v2.3.0rc0-2812-g40a5fb567a ("Restore interface selection after interface refresh")
Change-Id: Id05c65df332490a5bb789e4d6ca6404358edc3ec
Reviewed-on: https://code.wireshark.org/review/22407
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "wireshark -i lo" option somehow did not mark interfaces as
selected. It turns out that the "-i" option populates the "ifaces"
array during option parsing, but we must also set the "selected"
property in the "all_ifaces" array in function "scan_local_interfaces".
Bug: 13865
Fixes: v2.3.0rc0-2812-g40a5fb567a ("Restore interface selection after interface refresh")
Change-Id: Iacfeaf14efe2696f37f0e021259c59fb677de435
Reviewed-on: https://code.wireshark.org/review/22478
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remember which interfaces were selected for the next capture and restore
the selection (note that only active capture devices are stored in
"ifaces", so simply querying that list does not work).
The original change tried to fix duplicate devices (which were added
from "ifaces" to "all_ifaces") by clearing "ifaces", this patch tries to
fix that by ignoring all non-PIPE devices while preserving "ifaces".
Now after refreshing the interfaces list in Qt, the selection in the
Manage Interfaces dialog is preserved. Removal of the bluetooth0
interface+refresh does hide the interface. Read+refresh does add the
interface (and preserve the selected state).
Change-Id: I26a78982f0327c835dc96da9c813e38f31d6cd3d
Fixes: v1.99.0-rc1-879-g55733ea170 ("fix scan_local_interfaces()")
Reviewed-on: https://code.wireshark.org/review/20477
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the local networks interfaces changes quickly or when refreshing the
list of network interfaces there's a risk of recursive calls into
scan_local_interfaces. The recursive calls are a result of calling
update_cb to process UI events during function operation which in turn
again discover a network interface change. This results in strange
duplicate entries of network interfaces and crashes.
To avoid recursive calls a check is added to stop running the function while
already updating. This patch is really just a workaround for the problem.
Ideally some asynchronous operation should be implemented instead to avoid
the UI update_cb callback alltogether.
Bug: 11553
Bug: 12263
Change-Id: I3b74d8f196677e0e261a395aff558dd9f685b538
Reviewed-on: https://code.wireshark.org/review/14492
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Done for performance improvements.
This could probably be done in checkAPIs.pl, but this was just
a quick manual check with grepping.
Change-Id: I91ff102cb528bb00fa2f65489de53890e7e46f2d
Reviewed-on: https://code.wireshark.org/review/15751
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
global_capture_opts.ifaces store the interfaces that were added for the
next capture and must always be marked as selected.
Fixes regression from 92a2661.
Bug: 11939
Change-Id: Ib3dcd1b228b7a9681439e172d934e0ce66de6c0f
Reviewed-on: https://code.wireshark.org/review/14725
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Valgrind report leaks of several allocations like these:
590 bytes in 50 blocks are possibly lost in loss record 29,818 of 31,670
at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xCB9C8A7: __vasprintf_chk (vasprintf_chk.c:82)
by 0xA3D8DCA: g_vasprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B846C: g_strdup_vprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B850B: g_strdup_printf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0x6F4B51: scan_local_interfaces (iface_lists.c:254)
by 0x6EF3D8: iface_mon_handler2 (iface_monitor.c:113)
by 0xBE56F1D: ??? (in /lib/libnl-3.so.200.3.0)
by 0xBA16F19: ??? (in /usr/lib/libnl-route-3.so.200.3.0)
by 0xBE54E5E: nl_cache_parse (in /lib/libnl-3.so.200.3.0)
by 0xBE585CA: nl_msg_parse (in /lib/libnl-3.so.200.3.0)
by 0x6EF372: iface_mon_handler (iface_monitor.c:123)
When the list of network interfaces is updated allocations done
for global_capture_opts.all_ifaces elements leak memory. Fixed by
introducing a helper function to be used for removing an interface_t
element from all_ifaces array. While at it also fixed misc leaks when
updating individual allocated records of all_ifaces elements.
Change-Id: I035e6936a44edeef2ebe4780931c14cde99e93a4
Reviewed-on: https://code.wireshark.org/review/12209
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The interfaces preferences are different for each profile so ensure
we update the interface settings when changing profile.
This bug was introduced in version 1.8.0.
Change-Id: Icf22670875e01bab6204c300ddc7fb8aeb3dcecf
Reviewed-on: https://code.wireshark.org/review/12363
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Use common function to generate the interface display name, both
when scanning for interfaces (scan_local_interfaces()) and when
changing Comment in the Manage Interfaces dialog.
Change-Id: I3260208856563aaf387ce397d4ae61bddcc89b4f
Reviewed-on: https://code.wireshark.org/review/12362
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Valgrind report leaks like these:
6 bytes in 6 blocks are definitely lost in loss record 2,197 of 46,703
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xA5C1610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA5D8B0E: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0x69A211: ManageInterfacesDialog::localAccepted() (manage_interfaces_dialog.cpp:454)
by 0x69A500: ManageInterfacesDialog::on_buttonBox_accepted() (manage_interfaces_dialog.cpp:211)
by 0x71DB32: ManageInterfacesDialog::qt_metacall(QMetaObject::Call, int, void**) (manage_interfaces_dialog.moc.cpp:245)
by 0xBEBE36C: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xBEBE2A5: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xAF87E41: QAbstractButton::clicked(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11095: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11BAD: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11D23: QAbstractButton::mouseReleaseEvent(QMouseEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
96 bytes in 4 blocks are definitely lost in loss record 42,458 of 52,779
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xA5C1610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA5D722D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA5B84F3: g_list_append (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0x731F9A: hide_interface (iface_lists.c:426)
by 0x69A211: ManageInterfacesDialog::localAccepted() (manage_interfaces_dialog.cpp:454)
by 0x69A4F0: ManageInterfacesDialog::on_buttonBox_accepted() (manage_interfaces_dialog.cpp:211)
by 0x71DB22: ManageInterfacesDialog::qt_metacall(QMetaObject::Call, int, void**) (manage_interfaces_dialog.moc.cpp:245)
by 0xBEBE36C: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xBEBE2A5: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xAF87E41: QAbstractButton::clicked(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11095: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
These are caused by leaks inside hide_interface function and among
its users. Fixed by letting hide_interface function free its
resources properly and making sure the users follow the pattern.
Change-Id: I91527b83d36dc38b402d0f4a1db4b7db40fd83f9
Reviewed-on: https://code.wireshark.org/review/12113
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the ui directory.
Change-Id: I10e95e66c8da5b880133452ebc484c53046e87ba
Reviewed-on: https://code.wireshark.org/review/11199
Reviewed-by: Michael Mann <mmann78@netscape.net>
Found by starting Wireshark within an empty profile, opening
Preferences, search for Protocol "IEEE 802.11" (because it has radio
buttons), then close everything again.
Many fixes are trivial, but the various recent_read_* functions in
recent.c were changed to return a boolean such that the result can
always be checked even if errno==0.
QButtonGroup leak was hinted by Clang Static Analyzer, all other
memleaks were found using ASAN/LSan.
Change-Id: Ia73f5d4c09d92f22e72377be59e23342f8ad7211
Reviewed-on: https://code.wireshark.org/review/10776
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make use of -A parameter when querying data link types supported by a given interface with dumpcap.
Ensure to pass the authentication parameters configured for a remote interface when calling capture_get_if_capabilities()
Bug: 11366
Change-Id: I4efea615084a82108e4a12a64e8c46817f30a5c6
Reviewed-on: https://code.wireshark.org/review/9690
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"Not found" is different from "found, and false". Have it return a
boolean "did I find the property" indication and, if it did, supply the
property value through a pointer.
Change-Id: Iaa942ea346410b35e512ff1a3821cbf60c88dfd6
Reviewed-on: https://code.wireshark.org/review/7916
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It can be set if either 1) this is Windows (where we're assumed to be
using WinPcap, which includes calls to set the buffer size) or 2) we
have pcap_create() (in which case we also have pcap_set_buffer_size(),
at least in a normal libpcap release).
Use that rather than testing "defined(_WIN32) ||
defined(HAVE_PCAP_CREATE)"; that makes it a bit more obvious what's
being tested.
Change-Id: Id9f8455019d19206b04dd6820a748cb97ae5ad12
Reviewed-on: https://code.wireshark.org/review/7816
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We were doing it similarly, but not the same, in several places; make a
common routine for it.
Have that code check to make sure the DLT_ value in question is actually
supported by the device; if not, pick the first supported DLT_ value, if
any; this keeps it from, for example, picking a bad DLT_ value if your
defaults were set based on monitor mode being on but monitor mode
actually being off, or vice versa.
Change-Id: I1722bfeaf60429bc5c6f665fdea3d466052b13bd
Reviewed-on: https://code.wireshark.org/review/7795
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The first entry in the list does not have a leading comma, so a strstr()
for ",{ifname}(" will not work. Instead, use g_strsplit() with a comma
for all of the preferences.
Have common code for all the "uncomplicated" preferences. Have a
specialized handler for the one "complicated" preference.
Change-Id: I2144a98ab0cb70db56eaaba88175d6e03885de2a
Reviewed-on: https://code.wireshark.org/review/7741
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I4f1078b20f41800f72a751612703ad0d4c2ae87b
Reviewed-on: https://code.wireshark.org/review/6323
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I1d258923a7a63539ec8456d3e306bca5016a1e4b
Reviewed-on: https://code.wireshark.org/review/6060
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40d0c8253743183aecef252040b7dd6742ae5c71
Reviewed-on: https://code.wireshark.org/review/5934
Reviewed-by: Michael Mann <mmann78@netscape.net>
Extcap is a plugin interface, which allows for the usage
of external capture interfaces via pipes using a predefined
configuration language which results in a graphical gui.
This implementation seeks for a generic implementation,
which results in a seamless integration with the current
system, and does add all external interfaces as simple
interfaces.
Windows Note: Due to limitations with GTK and Windows,
a gspawn-winXX-helper.exe, respective gspawn-winXX-helper-console.exe
is needed, which is part of any GTK windows installation.
The default installation directory from the build is an extcap
subdirectory underneath the run directory. The folder used by
extcap may be viewed in the folders tab of the about dialog.
The default installation directory for extcap plugins with
a pre-build or installer version of wireshark is the extcap
subdirectory underneath the main wireshark directory.
For more information see:
http://youtu.be/Nn84T506SwU
bug #9009
Also take a look in doc/extcap_example.py for a Python-example
and in extcap.pod for the arguments grammer.
Todo:
- Integrate with Qt - currently no GUI is generated, but
the interfaces are still usable
Change-Id: I4f1239b2f1ebd8b2969f73af137915f5be1ce50f
Signed-off-by: Mike Ryan <mikeryan+wireshark@lacklustre.net>
Signed-off-by: Mike Kershaw <dragorn@kismetwireless.net>
Signed-off-by: Roland Knall <rknall@gmail.com>
Reviewed-on: https://code.wireshark.org/review/359
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't assume that a change to the interface list is from a non-empty
interface list to a different non-empty interface list.
Change-Id: I94054ca0cf2661704aff1869385aa2155c19677d
Reviewed-on: https://code.wireshark.org/review/3193
Reviewed-by: Guy Harris <guy@alum.mit.edu>
when we delete an interface from all_ifaces, delete it from ifaces as well
remove its selected status if it was selected
at the moment, an interface that was used for capturing before will
never be removed from the list of interfaces even if it becomes
unavailable as it remains in ifaces and will be re-added to all_ifaces
in scan_local_interfaces()
new helper function capture_opts_del_iface() to delete an entry from ifaces and
free all its components
Change-Id: Ie3271a7ed086367e511d3a971f3b68cfc014115d
Reviewed-on: https://code.wireshark.org/review/2965
Reviewed-by: Evan Huus <eapache@gmail.com>
(named pipes added with -i <pipe name> don't have such a description)
Change-Id: I5986c607f5103b800c4353fd3cf01f24149e2e5c
Reviewed-on: https://code.wireshark.org/review/2940
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
temp is a clone of the local if_info, but the type
attribute is not copied correctly
Additionally, the if_type member is exposed via the
capture options
Change-Id: Id53f0dfd1e127921e1b89bbf78cb431ee257a96c
Reviewed-on: https://code.wireshark.org/review/404
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
João Valverde