The interface_options struct passed to dumpcap is populated
differently when running Wireshark with and without -k.
Previously, only with -k was there a valid pointer in
interface_opts.timestamp_type
Fixes: aca55a2 ("Add hardware timestamping support")
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Change-Id: Ic7ecc5a1190c28197d6a7271f1b353f74d43ca61
Reviewed-on: https://code.wireshark.org/review/23160
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Create a common_src directory for common guide content. Add a
typographic convention section. Update some of the content accordingly.
Change-Id: I4f69c0f52a985c48e07fa0628b19734ec691f74e
Reviewed-on: https://code.wireshark.org/review/23131
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
pcap provides a pcap_set_tstamp_type function, which can be used to request
hardware timestamps from a supporting kernel.
This patch adds support for aforementioned function as well as two new
command line options to dumpcap, wireshark and tshark:
--list-time-stamp-types
List time stamp types supported for the interface
--time-stamp-type <type>
Change the interface's timestamp method
Name choice mimics those used by tcpdump(1), which already supports this
feature. However, unlike tcpdump, we provide both options unconditionally.
If Wireshark was configured without pcap_set_tstamp_type being available,
--list-time-stamp-types reports an empty list.
Change-Id: I418a4b2b84cb01949cd262aad0ad8427f5ac0652
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Reviewed-on: https://code.wireshark.org/review/23113
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A full media type could be "text/html; charset=utf-8". The the media type
dissector wasn't being called properly with only the "text/html" but
instead the whole string.
Additionally, make sure that the media type parameters are passed in
correctly which is important for things like multipart/* which should
have a boundary.
Most of the string parsing code was adapted from
packet-spdy.c:spdy_parse_content_type().
Change-Id: Ide59da8f65264dc142e0f9bb67671ce2af66c8a2
Reviewed-on: https://code.wireshark.org/review/23140
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Showing a description of the 'sub_type' in the
fields tree for RRC payloads.
Change-Id: Ie4fd4498690db27d4b996fff99fa74b676be9ddb
Reviewed-on: https://code.wireshark.org/review/23133
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
call_dissect_function() does already check internally
if dissect_function is NULL
Change-Id: I4780733ee38bcde74b498bedb1031eefa3c07da4
Reviewed-on: https://code.wireshark.org/review/23159
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Fix/syncronise spelling for similar field types
- Fix cog.py script invocation
Change-Id: Iab6d8ac6414c1ba9b97c49d7d0a4d2609eb1a55b
Reviewed-on: https://code.wireshark.org/review/23153
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
color_t is 16-bit per channel, the print string assumes the usual 8-bit.
Use 8-bit per channel as per older patches proposed for bug 6682 via
color_t_to_rgb().
Change-Id: I7d71bc04e52376c0ecb598aedafa066f982de840
Ping-Bug: 6682
Reviewed-on: https://code.wireshark.org/review/23154
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Need to add for other ctype value too...
Change-Id: I815fee790403d848fed4c3501dae9951dbcb93a3
Ping-Bug: 13977
Reviewed-on: https://code.wireshark.org/review/23152
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's not available from cacetech.com any more.
Change-Id: I6627a9102235f07731c55a2fe3cd82adc1899450
Reviewed-on: https://code.wireshark.org/review/23155
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also move "Length of packet" to correct position.
Change-Id: I2efd5087396a8904eb16bcc3191cc9ea3beac2e9
Reviewed-on: https://code.wireshark.org/review/23135
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's very incomplete and we already have installation makers for supported OSes.
Change-Id: Ide6332b9b6d69b66e7262662d781b548526ab752
Reviewed-on: https://code.wireshark.org/review/22226
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
During validation it was discovered that the incorrect bit was displayed,
verified against the ZigBee test tool that bit 0 is used for validity
Change-Id: Iaaa2f8021b2aa269f660626fdd252cade732b60f
Reviewed-on: https://code.wireshark.org/review/23124
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I493771df32b83691fa587b9a725c15df6057fb52
Ping-Bug: 13977
Reviewed-on: https://code.wireshark.org/review/23104
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I7f0950d82c50c8f019d844d726ffe7a0015618c5
Reviewed-on: https://code.wireshark.org/review/23117
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also display PSMP ID in decimal
Ping-Bug: 13977
Change-Id: If6b87ab87339038d763dcc1c97353aaf9d69a02c
Reviewed-on: https://code.wireshark.org/review/23103
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TRANSUM fails to calculate RTE figures for DCE-RPC where request Packet
Type is zero
Bug: 13988
Change-Id: I1dd7aee0283042703530a6d72fff063279e6147e
Reviewed-on: https://code.wireshark.org/review/23115
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie98f0c70190206b4682bf1b1b13add51c52303db
Reviewed-on: https://code.wireshark.org/review/23009
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The ZCL Default Response command can be sent in response to any profile-wide or
cluster specific command. The Default Response command is itself a profile-wide
command so the Default Response frame control is of no help in deciding whether
the original request is profile-wide or cluster-specific. The simplest solution
is to not attempt interpretation. A more sophisticated solution would be to cache
all ZCL frame counters and match Default Responses based on sequence number, but
this is problematic because sequence numbers repeat. At least for now we can
always display the information correctly.
Change-Id: I827e2d2f9d6e5f7c9dfa572d2ee2ac3c9f170d70
Reviewed-on: https://code.wireshark.org/review/22688
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some Android devices support 802.11 monitor mode and nlmon
interfaces. Add linktype defines to be able to capture frames
from such interfaces.
Change-Id: I8b8b444ac2821542fc946694b71c8d9fb7ba1238
Reviewed-on: https://code.wireshark.org/review/23080
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Switch the Command Prompt instructions back to using the
platform-specific variants. Switch back to setting WIRESHARK_BASE_DIR.
Change-Id: Ie9f865e5fac1312f2eb3762e439d53ab9a038bd4
Reviewed-on: https://code.wireshark.org/review/23112
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"The release mode (CMAKE_BUILD_TYPE=release) defines NDEBUG" isn't
Linux-specific; it's true in the Unix Makefile generator, and possibly
in other generators. (The Visual Studio generator, at least for newer
versions of VS, lets you specify at *build* time what type of build to
do, so the generated build files don't unconditionally define, or not
define, NDEBUG, they do so based on the build type.)
The RPATH stuff is done on Unix-like systems *except* for macOS.
Change-Id: Ieffbaaa9a8e11a1a30b34036a2412c6735baa0c8
Reviewed-on: https://code.wireshark.org/review/23114
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Field is only 1 not 2 bytes long.
Bug: 13987
Change-Id: If22e19e917bd41907248a497b30883e89fc9ff4b
Reviewed-on: https://code.wireshark.org/review/23109
Reviewed-by: Michael Mann <mmann78@netscape.net>
It is a list of Neighbor report (for request and response)
Missing dissection of Neighbor Sublelement 0x03 (BSS Transition Candidate Preference)
Issue reported by Mark Williams
Bug: 13985
Change-Id: Ic3871866ba4779ee69e91d6d57b46926466b340c
Reviewed-on: https://code.wireshark.org/review/23107
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Recent changes had the bt snoop capturing function stop working for
Android API versions >= 21. One of the command strings used for
detecting btsnoop server socket interface got messed up when
refactoring code. Fix by using the correct command strings again.
Fixes: faf100ec ("androiddump: Introduce adb_connect_transport helper function")
Change-Id: Id645d24cfb0cb23f36484cfd6416768c89bce51b
Reviewed-on: https://code.wireshark.org/review/23106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead of trying to ship README.md, convert its line endings and make
sure the result is named README.txt.
Change-Id: I4e081587c73342b01633b3a31ea03068e3fc1733
Reviewed-on: https://code.wireshark.org/review/23098
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I86e3097a322a4a354235ce941e52e6d4c6baf8ca
Reviewed-on: https://code.wireshark.org/review/23097
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That's a separate README file for this directory, and its name is
README, not README.md like the top-level README file.
Change-Id: I9ec920de6a844441e00d4608608563bc4ddd8349
Reviewed-on: https://code.wireshark.org/review/23096
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The old URL fetched VS 2013 when I tried it; update to a link that
fetches VS 2015.
Change-Id: Ib33e8f09bef51a532c986e70ae6ac5d9d1f1dabe
Reviewed-on: https://code.wireshark.org/review/23094
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do it via type "abinary" like the comment suggests.
Note: VSA "abinary" code path untested.
Ping-Bug: 11630
Change-Id: Ie8ebbb2fdbc9f04faad40150652277f1396ea030
Reviewed-on: https://code.wireshark.org/review/22973
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is an ugly workaround for the fact that attributes 241-246 are
currently hardcoded as extended type. This is to restore previous
functionality to dissect some Ascend AVPs that shouldn't be using the
IANA allocation space.
Ping-Bug: 11630
Change-Id: I6bebefd21fe5149f5f57b3280c9992a0eca85e62
Reviewed-on: https://code.wireshark.org/review/22972
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ahmad Fatoum