when we check and ignore the two names "." and ".."
we must do so for both methods a caller can provide the name :
offset into a tvb, as well as a char* to a string.
also add ->full_name in the dissection to the replies so that fh
matches
both request and reply and not ->name
svn path=/trunk/; revision=25941
All I've done in these is to split the 3 obviously distinct protocols (BSSMAP & RP) from the still-large (and wrongly-named) DTAP (really the whole of layer 3 - it includes RR and packet parts too).
So far I've only split in a "minimum change" manner - there is clearly some tidying and structure enhancement of how the common bits are used, removing the globals just added, and great scope for consistency of white space, improved naming etc. - but I thought it best to keep it very close to the original initially to establish the split.
With some changes to make it compile on Windows.
svn path=/trunk/; revision=25917
the GLIB version instead.
Reindent some (does someone have their tabstops set to 4?).
Create and use some #defines instead of hard-coded values. For example,
replace 0x00 with ANSI_X34 in both the value_string and the case statement.
(This file could use a lot more of such changes.)
packet-bacapp.c appears to compile cleanly now so move it to
CLEAN_DISSECTOR_SOURCE.
svn path=/trunk/; revision=25758
FIP is the FCoE Initialization Protocol. FCoE is Fibre-Channel over Ethernet.
FIP is being finalized in t11.org, and further changes are not expected.
svn path=/trunk/; revision=25748
connection-oriented transport protocol and ISO 8602/ITU-T X.234
connectionless transport protocol) out of packet-clnp.c into
packet-isotp.c.
svn path=/trunk/; revision=25746
warnings (such as the warning you get when you say
"prefs_register_boolean_preference" rather than
"prefs_register_bool_preference") show up as errors.
svn path=/trunk/; revision=25735
Added MS/TP decoding for the WTAP BACnet MS/TP datalink, and added decoding for
BACnet MS/TP datalink from a Cimetrics U+4 which spews SNAP protocol packets.
svn path=/trunk/; revision=25291
This extends the EyeSDN wiretap module to be able to support:
- DSS1/Q.931
- PPP
- LAPB/X.25
- ATM raw cells
- SS7 MTP2
svn path=/trunk/; revision=25123
can see which fields belong to which bit.
Also make sure that we can filter on the fields in the rfc2190 dissector
by actually parsing them even when tree=NULL.
svn path=/trunk/; revision=25046
"DCC". Googling for
DCCP "Distributed Checksum Clearinghouse Protocol"
finds only hits related to Ethereal/Wireshark, either on the Ethereal or
Wireshark Web site, or on discussions where Datagram Congestion Control
Protocol developers were griping that Ethereal/Wireshark already used
DCCP for the Distributed Checksum Clearinghouse protocol.
Next step: fix the Datagram Congestion Control Protocol dissector.
svn path=/trunk/; revision=24645
The protocol is called Xcsl a TCP based and ASCII based protocol that is used
to control call generators. The Xcsl dissector decodes the Call Specification
Language.
svn path=/trunk/; revision=24601
This is a new dissector plugin for Hilscher analyzer frames.
These frames are generated by Hilscher analyzer products and are identified via
their unique source MAC address (this is a reserved MAC from Hilscher-range and
will never be used by another network device). Most likely these frames are
only generated on a virtual network interface or the generating device is
attached directly via patch cable to a real network interface, but not routed
through a network. The Ethernet-header (destination MAC, source MAC and
Length/Type) is not displayed in the protocol tree for these frames as this is
overhead-information which has no practical use in this case.
Note:
This is a heuristic Ethernet dissector which means it gets called for every
Ethernet frame. So as to not cause a performance hit for most Wireshark users
it has a preference which, by default, disables the dissector.
svn path=/trunk/; revision=24495
This is a dissector for the Parallel Redundancy Protocol (PRP) defined in chapter
6 of the IEC 62439.
PRP uses two independent networks in parallel and allows redundancy without
switchovers.
The protocol is sending Mac multicast messages with Ethertype 0x88fb. In
addition to that it adds to every Ethernet frame a 4 byte trailer before
the FCS. The trailer is detected by checking a size field and an identifier
which are part of the trailer. Therefore, if the last 4 bytes of a frame
match a correct trailer they get interpreted as a trailer, although it was
probably not a real one.
Note:
This is a post-dissector which means it gets called for every frame. So as
to not cause a performance hit for every Wireshark user (who may not even be
looking at Ethernet frames) it currently disables itself every time Wireshark
starts up. (There should be a better way to do this--maybe different Profiles
(as discussed on -dev recently) is the way to go.)
From me:
Put ETHERTYPE_PRP (not IANA registered) in etypes.h and packet-ethertype.c
svn path=/trunk/; revision=24493
Add a dissector for the Scripting Service Protocol provided as part of the
RSPLIB package. RSPLIB is an Open Source implementation of the upcoming
Reliable Server Pooling standard. The scripting service is an application
for load distribution, based on Reliable Server Pooling.
From me:
Shorten the protocol name to SSP.
svn path=/trunk/; revision=24276
Added support for Symbian OS btsnoop.
The bluetooth HCI layer in Symbian OS can be configured to log all packets to a
file. The log format, "btsnoop" is based on the RFC1761 "snoop" format - but
differences in the header make it incompatible.
The btsnoop format supports logging of these formats:
"H1" (raw HCI packets without framing)
"H4" (HCI UART packets including packet type header)
"H5" (HCI 3 wire UART packets including framing)
"BCSP" (HCI bluecore serial protocol including framing)
"H1" and "H4" are section numbers in the original v1 bluetooth specifications,
but still used colloquially - wireshark's existing support for Linux bluez HCI
logs uses the "H4" name.
In practice, the "H1" format is used for H5,BCSP and USB HCI logs, as the HCI
packet logs are mainly useful for debugging higher layers, bluetooth profiles
and bluetooth applications.
From me:
Deleted some unused prototypes.
Mark an unused parameter.
svn path=/trunk/; revision=24263
This modifications are for the new protocol support.
HSE protocol was defined at Fieldbus Foundation <http://www.fieldbus.org/>.
svn path=/trunk/; revision=24064
have them use least some of the radio-information fields, so that the
same field name can be used for multiple radio header types. The AVS
header can supply the data rate in bits/second, so have that field be in
those units, and make it 64 bits to leave room for the future, Just In
Case. Display it as Mb/s, however.
svn path=/trunk/; revision=23911
1/ patches to support the libpcap/SITA format 'WTAP_ENCAP_SITA'.
2/ patches to the LAPB dissector to accept MLP (Multi-link protocol)
(although MLP dissection has _not_ been added (yet)).
3/ New protocol dissectors for:
a) SITA's WAN layer 0 status header,
b) An airline protocol ALC,
c) An airline (and other industry) protocol UTS.
These patches are submitted as a set since the new protocol dissectors are not
useful without the libpcap/SITA related changes, and there is no point in
having those changes without the additional dissectors.
This fixes bug/enhancement 2016.
svn path=/trunk/; revision=23885
This dissector supports version 3.0 of the dlm (Distributed Lock Manager) protocol.
Actual implementation for the protocol is in linux kernel. See files under linux/fs/dlm/.
svn path=/trunk/; revision=23828
http://www.wireshark.org/lists/wireshark-dev/200711/msg00228.html
Only a single (private) capture file is currently available which contains only a few of the P7 operations, so testing has been minimal.
General attribute types, containing information from the X.400 envelope, are also included.
svn path=/trunk/; revision=23479
This dissects the initial Connect-Initial and Connect-confirm pdus of
setting up t.125
The dissector needs to be enhanced to also decode the data payload so
that it can decode any furhter packets on the connection after these two
initial handshake packets
svn path=/trunk/; revision=23307
H.225
- change RysMessage_vals to h225_Rasmessage_vals
- use #.PDU directive for H323-UserInformation and RasMessage instead of implementing it by hands
- register RasMessage_PDU as "h225.ras" dissector for calling it from H.460
asn2wrs make PDUs exportable
svn path=/trunk/; revision=23226
- Generic Extensible Framework helper
- Annex M1 (QSIG over H.323)
- Annex M4
- Annex R
H.225/H.245 support for Generic Extensible Framework (GEF)
H.235 register MIKEY into new H.225/H.245 GEF tables
regenerate H.225,H.245,H.235,H.450,H.450-ROS,T.35 from new makefiles
svn path=/trunk/; revision=23216
I would like to submit the dissector that will add support for dissecting CFM
packets with the ethertype 0x8902 defined by the IEEE proposal for 802.1ag
Draft 8.1. This code has been tested using the CFM feature implemented on a
pre-GA build of the Spirent TestCenter, and the Alcatel-Lucent 7330 ISAM
product. Code has been reviewed and tested by the design team at
Alcatel-Lucent in the Access Network Department (AND).
I have also added some elements for the ITU proposal Y.1731, where it will
recognize all additional opcodes for that proposal, and it will fully dissect
the AIS PDU.
Fuzztest has been performed and has passed.
svn path=/trunk/; revision=23170
This is a replacement of the existing decoding of ERF files (Extensible Record
Format from Endace).
For the decoding of the ERF files, according to the "type of record" given in
the ERF header, several decoders can be used. Up to now, the decoder is
determined according to an environment variable, or with a kind of heuristic.
And, all the treatment is done during the file extraction.
The new architecture, will separate the ERF file decoding, and the ERF record
decoding. The ERF records will be decoded with a specific dissector. This
dissector can be configured with options, to replace the environment variable.
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1839
svn path=/trunk/; revision=23092
indicate that they're for DFS; update comments as well.
Rename packet-dcerpc-afs4int.c to packet-dcerpc-fileexp.c, and change
the short and filter names for the protocol, and the names for the
filterable fields, to reflect the fact that it's for the File Exporter
protocol in DFS. ("AFS 4" = DCE DFS.)
svn path=/trunk/; revision=22827
TNEF is a Microsoft defined format for carrying additional information about a message (e.g. rich text formatting)
and generally appears as a "winmail.dat" attachment. Details are here:
http://msdn2.microsoft.com/en-us/library/ms530652.aspx
This is a basic dissector which handles the TNEF attributes and the MAPI properties (found in MAPIPROPS
TNEF attribute). It is not complete and requires further work to complete the dissection. However it will
dissect TNEF generated from Outlook (including messages with attachments).
It is registered under the appropriate BER OID (1.2.840.113556.3.10.1) for X.400 attachments and media
type ("application/ms-tnef") for MIME messages. For MIME messages, any content-transfer-encoding
(usually base64) needs to be removed before calling this dissector. There is a preference in the
MIME multipart dissector to do this.
svn path=/trunk/; revision=22312
It provides basic dissection of the text-based protocol, providing fields for filtering.
It also calls the multipart dissector for any MIME body that is found.
It includes very basic support for MIXER (RFC 2156) fields.
It also registers itself as "message/rfc822" in the media type table.
svn path=/trunk/; revision=22241
Attached is a patch file and a new dissector for FCoE. This protocol
is described at http://fcoe.com and has been submitted to T11. It is an encapsulation protocol that can be used to transport FC frames over raw Ethernet when the link is loss-free due to pause. The Ethertype 0x8906 has been reserved through IEEE for this protocol.
svn path=/trunk/; revision=21967
Replace the Interbase dissector by a Firebird/Interbase
dissector.
Me:
Fix warnings about unused parameters
Fix warnings about unused variables
Fix warning about unused function
Fix warning about mixed code and declaration
Declare all dissection functions static
Remove function declarations and move the switching
function down instead.
Update AUTHORS file
Add $Id$ and email address to file header
Fix filename in first comment line
svn path=/trunk/; revision=21843
Anders Broman