When fields have changed the compiled display filter may be invalid
or need a recompile to be valid.
Filters which are not valid after a recompile is set to a filter
matching no packets (frame.number == 0) to indicate that this does
no longer match anything. We should probably have a better filter
matching no packet for this purpose.
Change-Id: Id27efa9f46e77e20df50d7366f26d5cada186f93
Reviewed-on: https://code.wireshark.org/review/10123
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
ICMP (and a few other protocols) can carry "error packets" as payloads in
certain cases. In the same way that we don't (by default) call TCP reassembly
code on TCP packets we know are out-of-order, we also shouldn't call tap code on
frames carried in ICMP error packets.
Bug: 11184
Change-Id: Ie83dbb505c8fdc15c5554705488c16fa0274a06a
Reviewed-on: https://code.wireshark.org/review/8446
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Functions with no parameters must be written func(void). Fixes (some) of the
buildbots.
Change-Id: I1a6e5c0553e032e99419fe67eb4b573bbdfe7fe6
Reviewed-on: https://code.wireshark.org/review/388
Reviewed-by: Evan Huus <eapache@gmail.com>
There are some common things people need to do, such as convert to/from hex or get
the raw binary string in a ByteArray/Tvb/TvbRange. These have been added, as well
as some tests for them in the testsuites. Also, functions have been added to allow
a script to get all the available tap types and filter fields, since they are
not exactly what one can see in the Wireshark gui.
Change-Id: I92e5e4eae713bb90d79b0c024eaa4e55b99cc96b
Reviewed-on: https://code.wireshark.org/review/249
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
knowledge of particular types of plugins. Instead, let particular types
of plugins register with the common plugin code, giving a name and a
routine to recognize that type of plugin.
In particular applications, only process the relevant plugin types.
Add a Makefile.common to the codecs directory.
svn path=/trunk/; revision=53710
Implement DICOM, HTTP, and SMB object exports. Rename the GTK+ export
files. C++-ize epan/tap.h. Fix an apparent memory leak in
eo_save_all_clicked_cb.
The Qt dialog has an indeterminate progress bar. I tried adding
something similar to the GTK+ dialog but event processing led down a
rabbit hole.
svn path=/trunk/; revision=45647
Add a new tap flag to indicate that a tap listener is just a "dissector helper",
that is, a tap which is used by a dissector to help it do its dissection but
does not, itself, require dissection.
Use this new flag in the dissectors which register taps.
Remove the (now-unused) have_tap_listeners() function.
svn path=/trunk/; revision=37069
* Number of ICMP echo requests, replies, lost replies and percent loss.
* Min, Max, Average SRT (Service Response Time), and standard deviation.
(This is my first tap, so hopefully I didn't miss something, but we'll see ...)
TODO: Add a Wireshark tap.
svn path=/trunk/; revision=36480
a protocol tree;
the column values.
This includes stats-tree listeners.
Have the routines to build the packet list, and to retap packets, honor
those requirements. This means that cf_retap_packets() no longer needs
an argument to specify whether to construct the column values or not, so
get rid of that argument.
This also means that there's no need for a tap to have a fake filter
to ensure that the protocol tree will be built, so don't set up a fake
"frame" filter.
While we're at it, clean up some cases where "no filter" was represented
as a null string rather than a null pointer.
Have a routine to return an indication of the number of tap listeners
with filters; use that rather than the global num_tap_filters.
Clean up some indentation and some gboolean vs. gint items.
svn path=/trunk/; revision=28645
That means that G_GINT64_MODIFIER will be defined, so don't check
whether it's defined.
We don't use the PRI[douxX]64 macros, as we use the GLib print routines
and thus use G_GINT64_MODIFIER instead. Get rid of the checks for
whether inttypes.h defines PRI[douxX]64; just check whether it exists at
all.
That means we don't set INTTYPES_H_DEFINES_FORMATS, so don't check for
it.
svn path=/trunk/; revision=25243
around them. Print 64-bit types using the PRI macros; add inttypes.h to
tap.h (if necessary) to pick up those macros for all the taps.
svn path=/trunk/; revision=21442
tell if a specific tap id is currently listening for data.
This complements the function have_tap_listeners(), which checks
to see if any tap is currently listening.
svn path=/trunk/; revision=20979
This function can be called from a dissector to fetch (if any) tapped data from a tap.
This can offer an alternative method of passing data between different dissectors much cleaner than the pinfo pollition and private_data design mistake.
The SMB2 dissector uses this method to extract vital data such as Account_Name from the ntlmssp dissector (that is 3 leveld down from smb2)
svn path=/trunk/; revision=16722
and "Statistics" menu items into "stat.h" and "stat.c", to separate them
from the core tapping APIs. A tap could conceivably not register as a
"-z" command-line argument or "Statistics" menu item, and a stat could
conceivably not be implemented as a tap, and dissectors that implement
tapping points don't need the UI-related stuff from "stat.h", they just
want the tap-related stuff in <epan/tap.h>.
svn path=/trunk/; revision=15427
_U_-ify some unused arguments, rather than assigning them to themselves.
Un-constify one variable that gets assigned a mallocated pointer.
Clean up indentation.
svn path=/trunk/; revision=15236
it's used to register a callback for a tap listener invoked if the
specified command line argument is specified to the "-z" flag.
Move it, along with routines to:
look up a "-z" argument in the table constructed by
"register_tap_listener_cmd_arg()" and either save the full
argument to "-z" and the corresponding listener if it's found or
return a failure indication if it isn't;
list the available tap listeners;
call the "init" routines for the tap listeners saved in the
table above;
and have Ethereal and Tethereal use those routines.
svn path=/trunk/; revision=13993
const pointer (so that we don't get complaints when we make the
tap-specific data argument to "tap_queue_packet()" a const pointer,
allowing dissectors to hand const data to a tap without a complaint), we
should make the tap per-packet function take a const pointer as an
argument as well. Do so.
In some taps, use _U_, or actually use the argument, rather than
sticking in dummy "X = X" assignments to fake use of parameters. (This
means that the tap functions in question no longer have the notion that
they act on a particular static structure wired in.)
svn path=/trunk/; revision=12910
to resolve it to a name.
Fix up some const-pointer-to-non-const-pointer, and
function-pointer-to-void-*, conversions.
Fix some comments.
svn path=/trunk/; revision=12863
Stig Bjørlykke