* Add missing commas and hyphens
* Remove extra apostrophes
* Use consistent spelling for some
* English words like gray/grey
and behavior/behaviour
* Remove that "Control" is "Strg" in German.
* Correct usage of a vs an
* Minor rephrasing in a few locations
This functionality has been added in d2a660d8, where its limitations
are described.
Improvements:
* the Substream index menu now properly filters for available stream numbers;
* Follow Stream selects the first stream in the current packet
Known issue (which is still there): if a packet contains multiple QUIC
streams, then we will show data also from streams other than the selected
one (see #16093)
Note that there is no way to follow a QUIC connection.
Close#17453
Modify YAML output format so it includes information about peers and
absolute timestamps for each packet.
This also adds yaml output to tshark: -z follow,tcp,yaml,X
Changes:
- RTP Player added to Telephony/RTP menu.
- When openning RTP Analysis or RTP Player from RTP menu, just selected
stream is added. When Ctrl is hold during opening, reverse stream is
searched and added too.
- RTP Player: Added tool to select/deselect all inaudible streams
- RTP Player: Added Prepare Filter button
- RTP Player: Added Analyze button
- RTP Analysis: Added Prepare Filter button
- documentation updated
Code changes:
- RTP Player::rescanPacket() is not fired multiple times during rate change and during dialog creation
- Error shown in RTP player is cleared after every new decode of streams
- RTP Player handles case when Qt do not emit stop stream event
- "Select" menu code unified between dialogs>
- RTP Player: Audio routing menu unified
- buttons are connected to actions by signals()
- Analyze dialog is called by list of rtpstream_id, not rtpstream_info
Introduce a new TCP preference to allow the user to choose the
precedence between Fast Retransmission or Out-Of-Order. When
performing the SEQ analysis, ambiguous packets will be considered
with the chosen priority, helping in the final interpretation.
Closes#15987
In rare circumstances Spurious Retransmissions are not detected
and the SEQ analysis would instead conclude with a Fast Retransmit
or an Out-Of-Order. As Spurious Retransmissions are more certain
than the latter ones, their respective precedences are changed.
The documentation is updated accordingly. Closes#13863.
Add missing entries, regularize the descriptions, etc..
Note that pcap and pcapng are the native formats.
Fix various issues.
Update the editcap -F output to match urrent reality.
While we're at it, sort the libwiretap modules, putting observer.c in
the right place.
This pull request includes:
* The "Follow DCCP stream" feature.
* Updated docbook documentation for the "Follow DCCP stream" feature.
* Test for the feature.
* Corresponding packet trace for the test.
In some circumstances when dealing with a series of out-of-order
packets, the last packet of this series is marked as a
retransmission instead of an out-of-order. Closes#17214.
Expand the description of the "TCP ZeroWindow" analysis flag.
Change-Id: Icf9b5cb60d305150eb13e5d74f4a4d2008fa96e4
Reviewed-on: https://code.wireshark.org/review/36938
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the name resolution section of the User's Guide. Use title case
in the rest of the chapter and switch [float]s to [discrete]s.
Change-Id: I7093de72592466c32e130b952f9979f1b47fa280
Reviewed-on: https://code.wireshark.org/review/36923
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Provide more details about the threshold used for TCP Out-Of-Order
detection.
Switch from dashes for lists to asterisks as recommended at
https://asciidoctor.org/docs/asciidoc-recommended-practices
Change-Id: Ibb6d3d3d5ca15acba5f679ea26142d65f96c69a8
Reviewed-on: https://code.wireshark.org/review/35840
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Update the Expert Information section of the User's Guide. Use the term
"Expert Information" to describe the dialog and "expert information
item" to describe each generated item. Update related text elsewhere.
Update the expert icon and other parts of the status bar docs.
Change-Id: I0c2cba0cbb3c74a1f6e3a37d4a2a592faccb350f
Reviewed-on: https://code.wireshark.org/review/35462
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Used egrep "\b([a-zA-Z]+) \1\b" docbook/wsug_src/*.adoc to find instances
where words were erroneously duplicated.
Change-Id: Ie390fa4f1c61a288ff0ed77aa84c4fb01f4de27e
Reviewed-on: https://code.wireshark.org/review/34725
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The QUIC transport protocol provides a stream, similar to HTTP/2. Make
it possible to look at the stream contents. This can be helpful while
HTTP/3 support is not yet complete.
Known issues that will be addressed in the future:
- If a single packet contains multiple streams, then Follow QUIC Stream
will wrongly include data from streams other than the selected one.
This is tracked by bug 16093 and affects HTTP/2 as well.
- The Substream index menu does not properly filter for available
stream numbers. If a non-existing stream is selected, then changing
to another (potentially valid) index results in the "Capture file
invalid." error. As workaround, clear the display filter first.
- Follow Stream always selects Stream ID 0 instead of the first or
currently selected stream field in a packet. Users should manually
update the stream index as needed.
Change-Id: I5866be380d58c96f0a71a29abdbd1be20ae3534a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.
Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.
[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]
Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
As noted in "AsciiDoc Recommended Practices" at
https://asciidoctor.org/docs/asciidoc-recommended-practices/, the
AsciiDoc/Asciidoctor community seems to have settled on ".adoc" as a
file extension and that's the one preferred by the Asciidoctor project.
Update our filenames to match.
Change-Id: I2d352623d42d65d950b64310c3655b0fd177ee8c
Reviewed-on: https://code.wireshark.org/review/32037
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Uli Heilmeier