Add interface name (colon delimited) to SP_DROPS ('D') message so when dropped
packets are outputted, they include the interface name for clarity.
Bug: 13498
Change-Id: I68cdde4f20a574580f089dc5096d815cde5d3357
Reviewed-on: https://code.wireshark.org/review/31218
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap utilities can be Python scripts. Show the files as URLs and
allow double click to open.
Change-Id: I214caa2683896b89fbe6243562eee9b12d4ae217
Reviewed-on: https://code.wireshark.org/review/31221
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No yet available at 100% (35,8%) but work in progress...
Change-Id: I3d0d861037abe5e5f2611f95ac27ad42c8d20c47
Reviewed-on: https://code.wireshark.org/review/31158
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No yet available at 100% (57,05%) but work in progress...
Change-Id: I3fa95c49003aa6fd5183d24fe76b721520a44ba0
Reviewed-on: https://code.wireshark.org/review/31157
Reviewed-by: Anders Broman <a.broman58@gmail.com>
QTextEdit supports the scrollbar. The drawback of having a scrollbar
is that we need to remove the space (on the right, at least). This change
switches from QLabel to QTextBrowser and removes the empty spaces and the
horizontal layout (not needed anymore). The resulting look is a mix
from the Authors tab and original look.
While on it, the default height has been increased to make room for the full
message (not needing the scrollbar with the defualt message) and the link
to the wireshark site has been made clickable.
Bug: 15375
Change-Id: Id0a10f366c0797c98264d3a1cad58a4dc11467e3
Reviewed-on: https://code.wireshark.org/review/31153
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When TimeShiftDialog is used, it should trigger the need to save the packet capture.
Ping-Bug: 14306
Change-Id: Ia0dfbefdabcb9d759b5ed2ce897637f9727d0768
Reviewed-on: https://code.wireshark.org/review/31057
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I1fde99f9c2f282ec4709a04bcb8dcdf7bbbc72a8
Reviewed-on: https://code.wireshark.org/review/31152
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Write the "Packet list column pixel widths" preference value in a
format that is both more human friendly and is more consistent with
other similarly formatted multivalued preference values.
From this ...
> # Packet list column pixel widths.
> # Each pair of strings consists of a column format and its pixel width.
> column.width: %m, 75, %t, 72, %s, 113, %d, 113, %p, 92, %L, 82, %i, 475
To this ...
> # Packet list column pixel widths.
> # Each pair of strings consists of a column format and its pixel width.
> column.width:
> %m, 75,
> %t, 72,
> %s, 113,
> %d, 113,
> %p, 92,
> %L, 82,
> %i, 475
The preference reading code already accepts this new format.
Change-Id: Id731ec81e8ebf87ecfb268e48dfeaa96d8e00668
Reviewed-on: https://code.wireshark.org/review/31140
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In ModulePreferencesScrollArea we create QPushButtons that open modal
UAT and file dialogs. Open them via the "clicked" signal instead of
the "pressed" signal. "clicked" is a general activation signal that
fires after the mouse button has been clicked+released or a keyboard
event. "pressed" fires before "released" and can be problematic in
some cases.
Bug: 15366
Change-Id: Icb353d86ae0a4b4b97e5f63df791ec562070756d
Reviewed-on: https://code.wireshark.org/review/31123
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Free the wspstat_t only after freeing the hash table contained in it.
Change-Id: I2aa31d74b6d0f86e5404a9b614fee8a3f6708938
Ping-Bug: 15365
Reviewed-on: https://code.wireshark.org/review/31108
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It really shouldn't free the comment passed to it, as the caller
allocated it, and knows how to free it if necessary; it might not even
have been allocated.
Make the comment argument a "const char *" to 1) allow passing string
constants etc. and 2) to catch any attempts to free it in
exp_pdu_open().
Make the callers free it after exp_pdu_open() returns.
(Alternatively, we could have exp_pdu_open() take the file name argument
and generate the comment itself, so that all code paths generate the
same comment.)
Change-Id: I6e6924b05565761b641a6c3b4d9a2e97f4264e1b
Ping-Bug: 15365
Reviewed-on: https://code.wireshark.org/review/31105
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There's no guarantee that sp->filter is non-null; if it's null, that
means there's no filter.
Bug: 15369
Change-Id: I2a61db2e134aa70d30c2265b63aabf99c35e362e
Reviewed-on: https://code.wireshark.org/review/31096
Reviewed-by: Guy Harris <guy@alum.mit.edu>
On Windows, filename strings inside Wireshark are UTF-8 strings, so
error messages containing file names are UTF-8 strings. Convert from
UTF-8, not from the local code page.
Bug: 15367
Change-Id: I52f3de2606ec6a592e7cb82b1a9aaeeef8acecef
Reviewed-on: https://code.wireshark.org/review/31090
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When creating the temporary capture file to store the imported data in
the file is created with the pcap format. To conform to the change to
using pcapng format by default it is only reasonable to generated a
temporary pcapng format file as well.
Change-Id: I842431c1449751f8f2f3b85a47cab731de794c8a
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31066
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id720d7857328c1f464c4568b0a279a864921b031
Reviewed-on: https://code.wireshark.org/review/31052
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ensure that capture_stat_start always returns a non-NULL if_stat_cache_t
pointer. This keeps InterfaceTreeModel::updateStatistic from repeatedly
running dumpcap when we're unable to gather statistics, e.g. when we
don't have capture permissions.
Bug: 14284
Change-Id: Id408714a934abab2abdee1d4bb5e4bed872af016
Reviewed-on: https://code.wireshark.org/review/31038
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Have a ws_init_version_info() routine that, given an application name
string:
constructs the app-name-and-version-information string, and
saves it;
adds the initial crash information on platforms that support it,
and saves it.
Have show_version() use the saved information and take no arguments.
Add a show_help_header() routine to print the header for --help
command-line options, given a description of the application; it prints
the application name and version information, the description, and the
"See {wireshark.org URL}" line.
Use those routines in various places, including providing the
"application name" string in pcapng SHBs.
Change-Id: I0042a8fcc91aa919ad5c381a8b8674a007ce66df
Reviewed-on: https://code.wireshark.org/review/31029
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The multicast statistics tap provides a continually updating list which the draw function just has to iterate through.
Bug: 15271
Change-Id: I270e7ca9460ec9568756b6c8d98f4f17653c8cad
Reviewed-on: https://code.wireshark.org/review/30976
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Get rid of the IMPORT_MAX_PACKET #define; just directly use
WTAP_MAX_PACKET_SIZE_STANDARD, to match what text2pcap.c does.
Update comments in text2pcap.c and ui/text_import.c to say the maximum
packet size is WTAP_MAX_PACKET_SIZE_STANDARD.
Change-Id: I34118f76426d1416fccf43b2a356ad8d200de19b
Ping-Bug: 15292
Reviewed-on: https://code.wireshark.org/review/30945
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Import size is increased to 256kiB, but tooltip says 64kB.
Adjust text according to limit set bt code.
Change-Id: I586248fd25a96e4ffe0936babc90b4150c14f118
Ping-Bug: 15292
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30940
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't set the display filter combo's minimum size. This lets us show
more filter expression buttons.
Clear the filter expression toolbar before redrawing it. This gets rid
of a leftover artifact here on macOS.
Change-Id: Iab944e8992caf554e024521df52d0089a4501674
Reviewed-on: https://code.wireshark.org/review/30902
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We don't need it and, if there *is* no pcap.h header, because the pcap
headers aren't installed, it won't compile.
Bug: 15317
Change-Id: Ie2a107f6117aad8f87943cd72269211f13b71142
Reviewed-on: https://code.wireshark.org/review/30883
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The key for the manuf table is 24 bits of the ether addr while the key
for services table needs is a 16 bit port. Store this value directly,
saving some memory and improving startup time by a tiny bit.
Likewise for ipxnet_hash_table and vlan_hash_table. These tables seem
unused though, perhaps it should be removed.
Change-Id: Ide9ffad8e2c9af24afa82adb2e009f32a5f43d38
Reviewed-on: https://code.wireshark.org/review/30756
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use the libwiretap APIs to get lists of all compressed file suffixes or
to get the compressed file suffix for a given compression type.
(The net effect is the same, as the only compression type supported is
gzip, but if any compression types are added in the future, that code
won't need to be changed.)
Change-Id: I7de3b764604d50c4c60b6f20dd16ee87fc00e5b2
Reviewed-on: https://code.wireshark.org/review/30734
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move all the compressed-file type stuff to wiretap/file_wrappers.c.
Rename wtap_compressed_file_extension() to
wtap_compression_type_extension() for consistency with the other
compression-type-extension routine names.
Move the declarations of the compression-type-extension routines in the
header file.
wtap_compression_type_extension() now returns NULL for
WTAP_UNCOMPRESSED; there's no need to special-case it.
Get rid of the now-unused wtap_compression_type_supported() and
WTAP_NUM_COMPRESSION_TYPES.
Change-Id: Ib93874079bea669a0c87104513dba0d21390455a
Reviewed-on: https://code.wireshark.org/review/30729
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It *should* never happen, but just make sure of that by calling it only
for "open for writing" ("save") dialogs.
Change-Id: I1813f31537c0aa4efdf08c1622db9cb9e7f5ae83
Reviewed-on: https://code.wireshark.org/review/30726
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add wtap_compressed_file_extension(), which returns NULL for
WTAP_UNCOMPRESSED and the appropriate file extension for other
compression types.
Add wtap_compression_type_supported(), which returns TRUE for
WTAP_UNCOMPRESSED and all supported compression types and FALSE
otherwise. ("Supported" means "the code can decompmress files in that
compression format and can write files in that compression format", so
WTAP_GAIP_COMPRESSED is supported iff libwiretap is built with zlib.)
In MainWindow::fileAddExtension, instead of checking for
WTAP_GZIP_COMPRESSED and using ".gz" as the extension, use the extension
returned by wtap_compressed_file_extension() for the compression type.
Change-Id: I47cb0eca8c887ada3562df30b54e76509008180f
Reviewed-on: https://code.wireshark.org/review/30707
Reviewed-by: Guy Harris <guy@alum.mit.edu>
compressed_file_extension shouldn't include the ".", as we insert the
"." before it.
Use it when appending the extension, rather than hardwiring "gz" in two
places.
Change-Id: I89e3ed1df9a8457fdbb6e6386686176816f4671b
Reviewed-on: https://code.wireshark.org/review/30682
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If the file is to be compressed, then:
if the type in which the file is to be written has a set of extensions
it uses, leave the file name alone if it ends with one of those
extensions followed by the extension for the compression type,
otherwise append the default extension for that file type followed by
the extension for the compression type;
if it doesn't, leave the file name alone if it ends with the extension
for the compression type, otherwise append the extension for the
compression type;
otherwise:
if the type in which the file is to be written has a set of extensions
it uses, leave the file name alone if it ends with one of those
extensions, otherwise append the default extension for that file type followed by
the extension for the compression type;
if it doesn't, leave the file name alone if it ends with the extension
for the compression type, otherwise append the extension for the
compression type.
Change-Id: I7c4093af28cc30d579a2ae9faa8f4164b4764001
Reviewed-on: https://code.wireshark.org/review/30681
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I08d45c87c9232edcabfc69d25a773552fe9e0871
Fixes: v2.9.0rc0-2567-g43872a3a0e (""." in version numbers and file names isn't translated into other languages.")
Reviewed-on: https://code.wireshark.org/review/30680
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"xxx.pcap.gz" is "xxx.pcap.gz" in any language. "3.0.1" is "3.0.1" in
any language.
Change-Id: I231a3f9bd21a3ea5d56a8e410d20b1bc3927540f
Reviewed-on: https://code.wireshark.org/review/30676
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Iabdd87128a2af8c668c0602ea677f71984e64723
Fixes: v2.9.0rc0-2556-gb894c53d5e ("Add an API to get a description of a compression type, and use it.")
Reviewed-on: https://code.wireshark.org/review/30670
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add wtap_compression_type_description(), which returns NULL for
WTAP_UNCOMPRESSED and a descriptive string for other compression types.
Instead of checking for WTAP_GZIP_COMPRESSED and appending "(gzip
compressed)", just pass the compression type to
wtap_compression_type_description() and, if the result is non-null,
append its result, wrapped in parentheses, with a space before the left
parenthesis.
Change-Id: I79a999c7838a883953795d5cbab009966e14b65e
Reviewed-on: https://code.wireshark.org/review/30666
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use it for all the per-file information, including the per-file
link-layer type and the per-file snapshot length.
Change-Id: Id75687c7faa6418a2bfcf7f8198206a9f95db629
Reviewed-on: https://code.wireshark.org/review/30616
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Error:
../ui/alert_box.c: In function ‘cfile_write_failure_alert_box’:
../ui/alert_box.c:359:13: error: this statement may fall through [-Werror=implicit-fallthrough=]
simple_error_message_box(
^~~~~~~~~~~~~~~~~~~~~~~~~
"Frame %u%s has a network type that differs from the network type of earlier packets, which isn't supported in a \"%s\" file.",
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
framenum, in_file_string,
~~~~~~~~~~~~~~~~~~~~~~~~~
wtap_file_type_subtype_string(file_type_subtype));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../ui/alert_box.c:364:9: note: here
case WTAP_ERR_PACKET_TOO_LARGE:
^~~~
Change-Id: I55464afff5625ae8c587470e417234560c7e606c
Reviewed-on: https://code.wireshark.org/review/30623
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If, in the process of opening the input file, we determine that it has
packets of more than one link-layer type, we can catch attempts to write
that file to a file of a format that doesn't support more than one
link-layer type at the time we try to open the output file.
If, however, we don't discover that the file has more than one
link-layer type until we've already created the output file - for
example, if we have a pcapng file with a new IDB, with a different
link-layer type from previous IDBs, after packet blocks for the earlier
interfces - we can't catch that until we try to write the packet.
Currently, that causes the packet's data to be written out as is, so the
output file claims it's of the file's link-layer type, causing programs
reading the file to misdissect the packet.
Report WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on the write attempt
instead, and have a nicer error message for
WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on a write.
Change-Id: Ic41f2e4367cfe5667eb30c88cc6d3bfe422462f6
Reviewed-on: https://code.wireshark.org/review/30617
Reviewed-by: Guy Harris <guy@alum.mit.edu>