Use it for all the per-file information, including the per-file
link-layer type and the per-file snapshot length.
Change-Id: Id75687c7faa6418a2bfcf7f8198206a9f95db629
Reviewed-on: https://code.wireshark.org/review/30616
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Error:
../ui/alert_box.c: In function ‘cfile_write_failure_alert_box’:
../ui/alert_box.c:359:13: error: this statement may fall through [-Werror=implicit-fallthrough=]
simple_error_message_box(
^~~~~~~~~~~~~~~~~~~~~~~~~
"Frame %u%s has a network type that differs from the network type of earlier packets, which isn't supported in a \"%s\" file.",
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
framenum, in_file_string,
~~~~~~~~~~~~~~~~~~~~~~~~~
wtap_file_type_subtype_string(file_type_subtype));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../ui/alert_box.c:364:9: note: here
case WTAP_ERR_PACKET_TOO_LARGE:
^~~~
Change-Id: I55464afff5625ae8c587470e417234560c7e606c
Reviewed-on: https://code.wireshark.org/review/30623
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If, in the process of opening the input file, we determine that it has
packets of more than one link-layer type, we can catch attempts to write
that file to a file of a format that doesn't support more than one
link-layer type at the time we try to open the output file.
If, however, we don't discover that the file has more than one
link-layer type until we've already created the output file - for
example, if we have a pcapng file with a new IDB, with a different
link-layer type from previous IDBs, after packet blocks for the earlier
interfces - we can't catch that until we try to write the packet.
Currently, that causes the packet's data to be written out as is, so the
output file claims it's of the file's link-layer type, causing programs
reading the file to misdissect the packet.
Report WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on the write attempt
instead, and have a nicer error message for
WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on a write.
Change-Id: Ic41f2e4367cfe5667eb30c88cc6d3bfe422462f6
Reviewed-on: https://code.wireshark.org/review/30617
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Previously 'tshark -z expert' was failing with abort when a packet
contains a comment
- Add a new comment parameter and update the tshark's manual page
- Add a new comment_level severity and change the default lavel to it.
- Add various 'tshark -z expert' tests
Change-Id: I188317da5e00019b8f2b725f0fe84942f774520f
Reviewed-on: https://code.wireshark.org/review/30610
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the routines always take a parameters pointer; pass either null or
a pointer to an initialized-to-nothing structure in cases where we were
calling the non-_ng versions.
Change-Id: I23b779d87f3fbd29306ebe1df568852be113d3b2
Reviewed-on: https://code.wireshark.org/review/30590
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Four variants of wtap_dump_open_ng exists, each of them take the same
three parameters for the SHB, IDB and NRB blocks that has to be written
before packets are even written. Similarly, a lot of tools always create
these arguments based on an existing capture file session (wth).
Address the former duplication by creating a new data structure to hold
the arguments. Address the second issue by creating new helper functions
to initialize the parameters based on a wth. This refactoring should
make it easier to add the new Decryption Secrets Block (DSB).
No functional change intended.
Change-Id: I42c019dc1d48a476773459212ca213de91a55684
Reviewed-on: https://code.wireshark.org/review/30578
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Remove "Export SSL Session Keys", "Import/Export Color Filters" and
"Export Raw Bytes" dialogs. These were only used by GTK+ as Qt has its
own implementation.
Change-Id: I0520a0f6e35d0f8a55c58e77f89c5229393c2b23
Reviewed-on: https://code.wireshark.org/review/30559
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the ability to rotate files after a specified number of packets (`-b
packets:NUM`). Move some condition checks to capture_loop_write_packet_cb.
Add `-a packets:NUM` in order to be consistent. It is functionally
equivalent to the `-c` flag.
Add a corresponding "packets" option to the Capture Interfaces dialog
Output tab.
Add initial tests for autostop and ringbuffer conditions.
Change-Id: I66eb968927ed287deb8edb96db96d7c73526c257
Reviewed-on: https://code.wireshark.org/review/30534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix the build for displaying the tabs wrongly on mac
Change-Id: I58265b7cf9a4758885ef1add13417c42a467be9d
Reviewed-on: https://code.wireshark.org/review/30462
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
To mimic the behaviour we have with remote controls, we
hide the wireless toolbar if it cannot be used, instead
of displaying an empty toolbar with the information that
it is not supported
Change-Id: Iccb0bf78a29a2547adf2290198df8a1bf3450d82
Reviewed-on: https://code.wireshark.org/review/30455
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: I9d81bda8a33c7a07118e8aff2917215c92e870f4
Reviewed-on: https://code.wireshark.org/review/30436
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
When importing a file from hex dump, this change adds a way to
add a custom dummy header. It's an export_pdu header which uses
one single tag: the protocol name. This allows to call directly
a dissector without more dummy headers.
Example: it can be used to call the DNS dissector without fake
eth/ip/udp headers.
Change-Id: I12fd6d09a131acd9bd1f0d7c4c8aefcd0d718b26
Reviewed-on: https://code.wireshark.org/review/30403
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Follow the logic in tools/generate_authors.pl for matching the
Acknowledgements section (which looks for a substring match instead of a
literal string.
Change-Id: I42e1553b6820af3fb2d5b9cda0fa0e6e6ca7e729
Reviewed-on: https://code.wireshark.org/review/30432
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add prefix and postfix "=" to satisfy text splitter to avoid empty text area.
Change-Id: I3c8e4fd4711ea8fcc7bba9583ff3fe5cb06ce4a1
Reviewed-on: https://code.wireshark.org/review/30428
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I5e9025545f9127d1c5c6200844f9b917af975998
Reviewed-on: https://code.wireshark.org/review/28844
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Avoid assuming an export object's row number is consistent throughout,
because the row number can change if the display is filtered or sorted.
Instead, look up the index in the model with mapToSource().
Bug: 14545
Change-Id: I61099dfb4f3abc056417eb7d6ffbc7a988553dd8
Reviewed-on: https://code.wireshark.org/review/30388
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add a preference (enabled by default) that can enable/disable the ability for Wireshark to autocomplete display and capture filter controls.
Bug: 14368
Change-Id: Ib2b688bb75c4465dab14a6a635a870d7e5c4fe80
Reviewed-on: https://code.wireshark.org/review/30320
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Opening the Follow TCP Stream dialog triggers redissection and ended up
triggering a "first <= rowCount(parent)" assertion failure. Fix the
first and end arguments to reflect the actual number of displayed rows.
Bug: 15014
Change-Id: Ic07834948a133bea752e45751ebe8be2da98a35e
Reviewed-on: https://code.wireshark.org/review/30302
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Register the follow_free as a finish callback.
Call the tap's finish callback in free_tap_listener which is called from
both remove_tap_listener and tap_cleanup.
Describe the finish callback in README.tapping
Change-Id: Ie79ce8f39b0ca6d84810d2e3307dcff38b18d3ac
Reviewed-on: https://code.wireshark.org/review/29309
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The purpose of this function is to check if a configuration file exists
and has at least one entry which is not a comment.
Use this when building the list of profiles where the user can copy
configuration from, to avoid listing profiles with empty files or files
with only comments.
Change-Id: If45f52025959818fb1213ffac488cd59441e9fce
Reviewed-on: https://code.wireshark.org/review/30113
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add the pathLabel for Coloring Rules, Decode As, Display Filters
and Capture Filter. Put the absolute file path into the pathLabel
if the file exists. This aligns with UAT dialogs and frames.
Change-Id: I72bd06e31bab220de0a0ef8df99df9a4daed667c
Reviewed-on: https://code.wireshark.org/review/30089
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to UAT frames to copy entries from another profile.
Change-Id: I9decb5ed5d67e97388ee7b22a15cacae4d5a3621
Reviewed-on: https://code.wireshark.org/review/30084
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Refactor CopyFromProfile class from Button to Menu to make it
usable for existing buttons, both QPushButton and QToolButton.
Change-Id: I7d23b4225dbe45f961fb05e73dbb4dd51e6f8ea1
Reviewed-on: https://code.wireshark.org/review/30083
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add a clear all button to easily remove all existing entries.
Change-Id: I76e7ee2b7b85a9b4e5f9f5a788a89f38f70ee8ce
Reviewed-on: https://code.wireshark.org/review/30052
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Call it from wmain() in the command-line tools, passing it the input
argument count and vector, and call it from main() in Wireshark, after
getting a UTF-16 argument vector from passing the result of
GetCommandLineW() to CommandLineToArgvW().
Change-Id: I0e51703c0a6c92f7892d196e700ab437bd702514
Reviewed-on: https://code.wireshark.org/review/30063
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Doing so for command-line programs means that the argument list doesn't
ever get converted to the local code page; converting to the local code
page can mangle file names that *can't* be converted to the local code
page.
Furthermore, code that uses setargv.obj rather than wsetargv.obj has
issues in some versions of Windows 10; see bug 15151.
That means that converting the argument list to UTF-8 is a bit simpler -
we don't need to call GetCommandLineW() or CommandLineToArgvW(), we just
loop over the UTF-16LE argument strings in argv[].
While we're at it, note in Wireshark's main() why we discard argv on
Windows (Qt does the same "convert-to-the-local-code-page" stuff); that
means we *do* need to call GetCommandLineW() and CommandLineToArgvW() in
main() (i.e., we duplicate what Qt's WinMain() does, but converting to
UTF-8 rather than to the local code page).
Change-Id: I35b57c1b658fb3e9b0c685097afe324e9fe98649
Ping-Bug: 15151
Reviewed-on: https://code.wireshark.org/review/30051
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a new button to the IO Graphs dialog to copy entries from
another profile. Add a clear all button to easily remove all
existing entries before copying.
Change-Id: I66cb27163663e5f2223d0dd3f8566f0fbebb553c
Reviewed-on: https://code.wireshark.org/review/30043
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The correct role for the newly introduced copy from profile button is
ActionRole because it "causes changes to the elements within the dialog".
Change-Id: I8613d00c0fdb33f2873e999aea9a54ea1f49dffb
Reviewed-on: https://code.wireshark.org/review/30044
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Call createIOGraph() when adding a new graph by duplicating
an existing to actually create the new graph.
This is a regression from g5b3e3ee5.
Change-Id: If1d8e4386a44dc4867d75fbad2d9ebb2e4b22307
Reviewed-on: https://code.wireshark.org/review/30034
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add 'v' option for VLAN ID resolving and get rid of
deprecated 'C' option.
Bug: 14826
Change-Id: I63104f4a465d251048693ad02882ea7eb2c4d926
Reviewed-on: https://code.wireshark.org/review/30029
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to UAT dialogs to copy entries from another profile.
Change-Id: I641ba764d8738f738466529d74d4a21ff13075a0
Reviewed-on: https://code.wireshark.org/review/30028
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add a new button to the Coloring Rules dialog to copy entries from
another profile, or system defaults. The "copy from profile" button
will also be used for other dialogs.
Add a clear all button to easily remove all existing entries before
importing or copying from another profile.
Change-Id: Ia1e66444731018372b4354164c5a722fd73d403b
Reviewed-on: https://code.wireshark.org/review/30008
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The Configuration Profiles dialog shows global profiles in Italic.
Align the profiles popup menu to also do this.
Change-Id: Ifc22f1bb905cd407682adbdc5e4cbee4c42cb961
Reviewed-on: https://code.wireshark.org/review/29989
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If ByteViewTab is related to a use-after-free crash, then the issue is
probably related to the backing buffer becoming invalid. Document this.
Change-Id: I7f7c8daaf86b42f00b7886de54507d425e5312f6
Reviewed-on: https://code.wireshark.org/review/29924
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>