QObject::connect: No such signal WiresharkApplication::openCaptureFile(QString&,QString&,unsigned int) in main.cpp:502
QObject::connect: (receiver name: 'MainWindow')
Change-Id: I0d6283c1b55619fa6878161d0a74db1ec9107bf2
Reviewed-on: https://code.wireshark.org/review/529
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Source/Destination BD_ADDRs and name are filterable.
Also simplify code around wmem trees, and enable commented "data"
field in unreassembled case and fix btl2cap offsets
(discovered by enabling "data" field).
Change-Id: Ic28c9bf19bcd6281b652be538b221da74df4bb76
Reviewed-on: https://code.wireshark.org/review/471
Reviewed-by: Evan Huus <eapache@gmail.com>
Interface ID should correspond to the Wireshark Interface Id
to avoid mixing data from various interfaces in dissectors.
Change-Id: Ibaa3ddab7f0ebd0985efea74439b94a5881145a7
Reviewed-on: https://code.wireshark.org/review/472
Reviewed-by: Evan Huus <eapache@gmail.com>
When capturing, they'll be in host byte order. The top of the libpcap
trunk and 1.5 branch, when reading a file, will, if necessary, byte-swap
the type and length values so that they're in the byte order of the host
reading the file (rather than the host that wrote the file).
Do the same when we read a file, and have the NFLOG dissector assume
host byte order for those fields.
Change-Id: I493aed1e07b626af1157d75f3bc293b0a694ad07
Reviewed-on: https://code.wireshark.org/review/148
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
All it checks is that they don't crash, but this is enough to catch malformed
extended value strings and other oddities.
Change-Id: If853e8e2b19517a784daa4bbb8e41eddc7c7ddd9
Reviewed-on: https://code.wireshark.org/review/520
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Added DCP decoding of reset to factory
removed unused value_strings
corrected decoding of PDSubFrameBlock
most of the length display added a dec_hex display
Signed-off-by: Widok <kellingwido@aol.com>
Change-Id: I17b59b45eff37b65047a7a3e5e275f01a37ee616
Reviewed-on: https://code.wireshark.org/review/517
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Now that we have the ability to choose input file format type
in the GUI, we might as well have it in the command-line too.
Plus it would help me in test-stuies if we had a commandline.
So I've added a '-X read_format:Foo' for this. Using just
'-X read_format:', or with a bad name, will make it print out
the full list (in tshark); just like the '-F' does for output
file formats.
Note: I am *not* putting in code for Win32 GUI,
because I can't compile that and I wouldn't have even
done the GTK one if I could compile Qt originally. (I don't think we need
to add any more features to GTK or Win32, just Qt from now on,
right?)
Change-Id: I2fe6481d186f63bd2303b9e591edf397a2e14b64
Reviewed-on: https://code.wireshark.org/review/493
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(Copyright or info about file...)
Change-Id: I90ba8b1c3ec8406b0c3365a69a8555837fc4bbb1
Reviewed-on: https://code.wireshark.org/review/515
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Create a placeholder protocol tree item under which to put the options,
do the analysis of fields from the fixed-length portion of the TCP
header (such as sequence numbers), and then do a straightforward
dissection of the options, throwing an exception if we run past the end
of the options field.
This is a bit simpler, and doesn't add confusing notes about
truncation of the options.
XXX - we're currently not including selective acknowledgments in any of
the SEQ/ACK analysis; should we? That means, of course, that we have to
dissect the options before doing that analysis, and if the options were
cut short by slicing, you lose....
Change-Id: I425a6c83f26512b802267f76739cbf40121b3040
Reviewed-on: https://code.wireshark.org/review/511
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The previous macro gave the correct alignment, but there was one case where it
would add a whole block of unnecessary ALIGN_SIZE bytes. The new one is also
slightly faster to compute.
Benchmark win of about 3%.
Change-Id: I5d8bad0f78dc0e383e14c2c7a951328a06400020
Reviewed-on: https://code.wireshark.org/review/492
Reviewed-by: Evan Huus <eapache@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It has been extremely well-tested at this point, and is a very hot code path so
the performance gain is measurable (~1-2% on most captures I tried).
Change-Id: I2f5e03d2f348f56e740bf0dfbc83a4fd9cc8c5a9
Reviewed-on: https://code.wireshark.org/review/499
Reviewed-by: Anders Broman <a.broman58@gmail.com>
label_mark_truncated()
Change-Id: I7ede5f9776d26ebce2ccf427cf6ff5dec56814cd
Reviewed-on: https://code.wireshark.org/review/465
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
The content of a YMSG message is a sequence of lines, each one of which
contains a text string (in some ASCII-based encoding) for a key, a
0xc080 separator, and a text string (in some ASCII-based encoding) for a
value. That's not a string in any ASCII-based encoding I know of - 0xc0
0x80 is not, for example, a valid UTF-8 sequence (it's a too-long
sequence for NUL).
This should fix bug 9832:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9832
by avoiding the general "GTK+ on Windows crashes when asked to copy
something that's not valid UTF-8" problem.
Fix some field descriptions while we're at it.
Change-Id: I4084dabc89b0186ecd1a7329452ca2f1cb48f1c0
Reviewed-on: https://code.wireshark.org/review/488
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- Multiple value string arrays were defined in packet-fcels.h (which was included
in two differnt .c files). Only one of the arrays was actually used in two
different .c files. All the value_string arrays (and most of the #defines)
moved to packet-fcels.c.
- Other:
Use -1 instead of tvb_length() for the length param of several proto_tree_add...() calls.
Add editor modelines.
Change-Id: Idc642caf1c8d62b658147a234d5560b8f2fd0630
Reviewed-on: https://code.wireshark.org/review/479
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
- Value string arrrays should never be defined in a .h file (especially one
included in multiple .c files).
So: a. The value_string array (and associated #defines) was moved from the .h file
to packet-rtp_events.c
b. A public extended value_string was created in packet-rtp_events.c
and declared as external in packet-rtp_events.h
- Other:
Remove a few unneeded initializers;
Add editor modelines.
Change-Id: Ib580c3e50ab5ce79484c9c6af57f62ca604b57d1
Reviewed-on: https://code.wireshark.org/review/468
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
- Move setting COL_PROTO & clearing COL_INFO to before a tvb fetch which
could cause an exception;
- Remove some unneeded initializers;
- Fix up some long-lines and whitespace;
- Use a consistent indentation;
- Add editor modelines.
Change-Id: I8a8015a65d5dc581ed02cbd134231481b9f96263
Reviewed-on: https://code.wireshark.org/review/467
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I9e50920fbc09fdf0650be3a63fee8153ce0fd3df
Reviewed-on: https://code.wireshark.org/review/462
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I8ecfdb1c366310d224660e89c99136a0a9f4a067
Reviewed-on: https://code.wireshark.org/review/461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia1db91ef9344e46a3f32204bbf9cdbcc514980ce
Reviewed-on: https://code.wireshark.org/review/460
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I1e9ff715c3e315c9e36abb69fb5f441b71477501
Reviewed-on: https://code.wireshark.org/review/459
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I1542d715594b1b90e2442edb6f220ddc4dd99675
Reviewed-on: https://code.wireshark.org/review/458
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I355600320865a9c7c17093d37fc693b02f0a7f0c
Reviewed-on: https://code.wireshark.org/review/457
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Idea44f0e4678f738336215f4a250b9e9d9a60fbc
Reviewed-on: https://code.wireshark.org/review/456
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I81ef4cd363acf6cff99fd0f75b135962c4c22f53
Reviewed-on: https://code.wireshark.org/review/455
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
It's still O(n) in the worst case since the comparison function doesn't appear
to be suitable for use in a tree or hash-table, but at least we no longer spend
O(n) by default just finding the end of the list so we can iterate backwards.
Discovered while investigating bug #9823, but probably not the cause of that
bug.
Change-Id: Ib6c3691cff8e7fa49703df7c75635ef797c8fbe8
Reviewed-on: https://code.wireshark.org/review/443
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Misc changes:
- sort entries in an enum by value;
- add some XXX notes as to possible missing entries in a value-string array;
- remove an unneeded initializer;
- 0 --> FALSE for several boolean values;
- whitespace.
Change-Id: I6c8f1c1f37edad120d979fcd2d7278e7981ca5a7
Reviewed-on: https://code.wireshark.org/review/449
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>