Before:
user0 - USER 0
user1 - USER 1
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
After:
user0 - USER 0
user1 - USER 1
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
svn path=/trunk/; revision=50482
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
ourselves.
Clean up various bits of "distribute" vs. "don't distribute" stuff in
the process - use similar names, and make the "distribute vs. don't
distribute" distinction the same as the "don't clean with "make
distclean" vs. clean with "make distclean"" distinction.
svn path=/trunk/; revision=47485
packet-ax25.c and packet-arp.c.
Add an "ax25.pid" dissector table for those protocol IDs, use it in the
AX.25 dissector, and have dissectors register in that table with their
protocol IDs.
Get rid of some unneeded includes.
Clean up some "AX25"s in user-visible strings - say "AX.25" instead.
Clean up some indentation.
svn path=/trunk/; revision=44235
The ANSI C12.22 protocol is a smart grid protocol for utility meters, including
gas, water and electric. The dissector implemented in the patch file includes
full support for all EPSEM (Extended Protocol Specification for Electricity
Metering) services and includes a full implementation of the C12.22 security
modes.
[...]
To decrypt the attached sample file, you need to set up the key table in the
preferences to include key 0 with a value of 6624C7E23034E4036FE5CB3A8B5DAB44.
Me: Fixes for:
[ 64%] Building C object epan/CMakeFiles/epan.dir/dissectors/packet-c1222.c.o
../../asn1/c1222/packet-c1222-template.c: In function ‘dissect_epsem’:
../../asn1/c1222/packet-c1222-template.c:860:15: error: variable ‘ft’ set but not used [-Werror=unused-but-set-variable]
[ 5%] Building C object epan/CMakeFiles/epan.dir/dissectors/packet-c1222.c.o
../../asn1/c1222/packet-c1222-template.c:103:19: error: ‘c1222_flags’ defined but not used [-Werror=unused-variable]
svn path=/trunk/; revision=40500
in README.devloper. Remove g_gnuc.h since it's no longer needed. Remove
tvbuff_init(), tvbuff_cleanup(), reassemble_init(), and
reassemble_cleanup() since they were only used for older GLib versions
which didn't support GSlices. Assume we always support the "matches"
operator.
svn path=/trunk/; revision=37978
date as YYYY/DDD, where DDD is a 1-origin day of year. Move the formats
to a "time_fmt.h" file, included by the headers that use it. Have
abs_time_to_str() and abs_time_secs_to_str() take the date format value,
rather than a Boolean "show this as UTC" flag, as an argument. Document
the ABSOLUTE_TIME_ formats a bit better. Use that format in the CCSDS
and VCDU dissectors, rather than having those dissectors do the
formatting themselves.
svn path=/trunk/; revision=32034
An NHRP extension offset of 0 is not an error - it means there are no
extensions.
Start using the address family number to determine the type of
link-layer addresses in NHRP. Don't fetch IPv4 addresses and add them
to the tree - just use proto_tree_add_item().
svn path=/trunk/; revision=28286
some functions to match.
Add GeoIP lookups to the IP dissector. Add a preference for GeoIP lookups,
which is disabled by default.
svn path=/trunk/; revision=27063
GeoIP can map IP addresses to Countries, Cities, AS numbers, ISPs,
etc. If any library paths are defined AND any database files are found,
corresponding columns are added to the endpoint tables in the GUI.
To do:
- Add columns to the conversation list
- Add GeoIP info to "-z conv,..."
- Create a default UAT file.
svn path=/trunk/; revision=26571
capinfos and dumpcap don't need to depend on libwireshark nor directly pull
in those modules). Because capinfos and editcap were only being linked with
privileges.c if we had plugins, this allows those programs to be linked when
someone is compiling --without-plugins.
svn path=/trunk/; revision=25640
- Change ugly GLIB version checking statements to GLIB_CHECK_VERSION
- Remove ws_strsplit files because we no longer need to borrow GLIB2's
g_strsplit code for the no longer supported GLIB1 builds
svn path=/trunk/; revision=24829
different ways, add a set of common conversion routines. Add a
"Frequency/Channel" column and fill it in where we can. Fix RSSI column
printing in PPI.
Fix up whitespace along the way.
svn path=/trunk/; revision=22538
add the possibility, that a dissector writer can provide (usually non-trivial) display filters specific for the protocol in question (with an example in packet-dcerpc-pn-io.c), that will appear in the GUI
svn path=/trunk/; revision=22530
such as the fact that Flex strips all but the last component of the "-o"
argument, and that it doesn't generate a header file to declare routines
the generated lexical analyzer defines. Use that script when building
lexical analyzers, and, for each lexical analyzer, include the generated
header file in the generated analyzer.
svn path=/trunk/; revision=22446
epan/filesystem.c
have get_plugin_dir() calling init_plugin_dir() if necessary
epan/epan.c and epan/report_err.c
move the report_failure family into the new report_err.c file, have epan_init() calling the initializer
epan/plugins.h and epan/proto.c
do not have init_plugins() calling the proto_reg functions instead do it in init_proto()
gtk/main.c and tshark.c
init_plugin_dir() has become suprefluous
capinfos.c and editcap.c
load the wiretap plugins
Makefiles
do what's needed to build withe the above changes.
svn path=/trunk/; revision=21935
there's no need for files in DISTCLEANFILES to be in
MAINTAINERCLEANFILES as well.
In epan, split the generated source files into those that should be
cleaned by "make distclean" and those that shouldn't, and have
DISTCLEANFILES include only the ones that should be cleaned by "make
distclean" and have MAINTAINERCLEANFILES include the ones that shouldn't
be cleaned by "make distclean". This should fix bug 1595.
The generated source files don't need to be in EXTRA_DIST.
Use LIBWIRESHARK_DISTCLEAN_GENERATED_SRC and
LIBWIRESHARK_NODISTCLEAN_GENERATED_SRC in epan/Makefile.nmake.
svn path=/trunk/; revision=21882
libraries. A single library is generated with the lex code without the barrier
"stop on warning". Another library is generated from the remaining source
files with the "stop on warning" barrier.
svn path=/trunk/; revision=21813
to work around the "data" field of a GArray being a guint8 *, and
defines a g_array_data() macro to extract that field and cast it to void
*.
Use that header where needed.
svn path=/trunk/; revision=21627
Create two new files (ws_strsplit.[ch]) that use GTK2 code to override
the buggy g_strsplit() function when compiling for GTK1. Include this
work-around function (ws_strsplit) in libwireshark.def. Add notes on usage
to README.developer. Include epan/ws_strsplit.h in all files that use
g_strsplit().
svn path=/trunk/; revision=20804
UAT is an API to handle User Accessible Tables,
an UAT is basically an array of arbitrary structs that has a file representation
as a mean for mantaining things like:
- the snmp_users_table
- dfilter macros
- ipsec/ssl key bindings
- k12 configuration,
- and many other table-like user modifiable preferences
comming soon gtk's uat_window() and prefs_add_uat()
uat.h is fairly doc[uo]m[m]?ented, a README with a simple example of how is to be used will be available as I write them
svn path=/trunk/; revision=20586
New dissector for ETSI DCP (ETSI TS 102 821).
Code rearranged to look more like other Wireshark dissectors and some warnings/errors
on Windows fixed.
svn path=/trunk/; revision=19981
Here are some patches and a new module to introduce the notion of Tcap context for a Tcap transaction. For each Tcap transaction, several parameters, like session identifier, start time or OID, will be saved in a hash table, to keep these informations available for the next messages. This context is then given to the upper layer, and can be used, for example, to generate transaction-associated statistics.
Moreover, the Upper protocol, detected in the Begin of the TCAP transaction ( according to the OID ), is saved in the context, and will be reused for the next messages of the transaction. This help the decoding of SS7 messages, without any SSN configuration in the "wireshark preferences".
You will have too, the possibility to apply a filter to see only the messages related to a TCAP transaction. (tcap.srt.session_id=XXX)
To enable the use of the Tcap context, you have 2 new parameters in the preferences,
- SRT, enable search for a Tcap context for any TCAP messages
- persistentSRT, keep the Tcap context, even after the transaction has been closed. This is mandatory with Wireshark, to have a clean display of the stats.
There is 2 new timers in the preferences for the statistics, to tune the retransmission timeout, and messages lost timeout.
svn path=/trunk/; revision=19341
in last year by Gianluca Varenni.
Add partial support for reading from named pipes (currently disabled).
Move utf_8to16() and utf_16to8() to a separate module (unicode-utils.[ch])
so that we don't have to cut and paste code in dumpcap.c.
Fix up whitespace.
svn path=/trunk/; revision=19291
I think I've changed all corresponding appearances from FT_STRING to FT_GUID, so assert the FT_ type as it should only be a FT_GUID now.
Add a generic implementation in guid_utils.h to have a way to store data about GUID to name resolving (something like value_string for e.g. int). It might be better to have a single registry for all GUID's of all dissectors and implement the GUID name resolving into the proto_tree_add... functions.
svn path=/trunk/; revision=18935
FT_UINT_BYTES and FT_UINT_STRING correctly when the tree argument is
null (which involves carving proto_tree_add_item() into bits and having
both ptvcursor_add() and proto_tree_add_item() call those bits).
svn path=/trunk/; revision=16287
04-stream.diff
A simplified packet reassembly API built on top of fragment_add_seq_next for
reassembling fragments that are delivered in-order, where fragments are
identified by a framenum and an offset into that frame. Streams are attached
to a conversation or a circuit and are unidirectional.
svn path=/trunk/; revision=16082
directory to the epan directory. Some of them should perhaps ultimately
be moved to epan/dissectors, if they pertain only to stuff exported by a
particular dissector.
Fix Gerald's e-mail address in files we're moving.
svn path=/trunk/; revision=15844
column-utils.h, and add it to expert.h, so we check the arguments to
"expert_add_info_format()", at least if the format argument is a
constant string.
Fix some more calls to "expert_add_info_format()" to pass it a format
string.
Don't record BoundsError exceptions as expert events - they merely
reflect a capture done with a snapshot length too short to capture all
of the packet (any case where it's caused by something else is a bug).
svn path=/trunk/; revision=15776
Please see: http://wiki.ethereal.com/Development/ExpertInfo for a complete overview of the intended feature and it's current state of implementation.
While I'm working on this, I've also added some more status result codes to the DCE/RPC and DCOM dissectors.
svn path=/trunk/; revision=15754
Among the improvements are:
- fixes to call-tracking (it's now less likely to confuse two separate
calls, for instance)
- improvements to Information Element dissection (clearer dissection,
dissects more IE types, easier to extend)
- you can now filter on the content of DTMF packets
- Analysis of timestamps (calculation of absolute timestamp, and packet
lateness).
- fixed a couple of assertion failures in subtle corner-cases.
negative relative times:
- get_timedelta()
- addtime()
- ftype-time.c:relative_val_from_unparsed()
I've also moved get_timedelta() and addtime() out of calldata.c into a
new file, epan/nstime.c, as I needed to use them in a dissector I'm
working on (and they therefore needed to go into libethereal).
svn path=/trunk/; revision=15201
This offesr memory allocation with a packet scope making memory leaks less likely and memory management faster.
Add initialization calls for both tethereal and ethereal.
Convert the ip_to_str() function to use this and avoid doing the silly rotating buffers thing it previously did.
We also need an equivalent set of functions for allocation with capture file scope (free when next capture is loaded) but i dont know where to put the free_all call.
svn path=/trunk/; revision=14984
Guy Harris