Also modified eCPRI dissector to call it for payloads. This dissector will
claim the "IQ Data" and "Real-Time Control Data" message types - others
are still handled by eCPRI.
Convert wiretap/ascend.y.in from Bison/YACC to Lemon and rename it to
wiretap/ascend_parser.lemon. Tighten up some of our scanning and
parsing. Make the indentation in it and related files consistent. Aside
from the recent IPv4 fragment offset changes, this produces identical
output to the 3.4 branch for the Ascend trace files I have here.
Remove the comment about supporting other commands. Another timeline
might have an Ascend that successfully pivoted to DSL or 15625B+1D
gigabit ISDN, but this one has neither.
This was our last/only Bison/YACC file, so remove Bison/YACC as a
development and packaging dependency and remove references to it from
the documentation.
Improve script by ignoring common contractions, dealing with
e.g. \n within strings, and finding multiple concatenated words even
when no camelCase is used.
Also includes some actual spelling fixes.
Make Protobuf fields that are not serialized on the wire (missing in
capture files) to be displayed with default values by setting the new
'add_default_value' preference. The default values might be explicitly
declared in 'proto2' files, or false for bools, first value for enums,
zero for numeric types.
Default values are generated in epan/protobuf_lang_tree.c during the
nodes of fields are created. The default_value_xxx() methods of field
descriptor are added into epan/protobuf-helper.c/h and
epan/protobuf_lang_tree.c/h files.
close#17000
The google.protobuf.Timestamp is a standard protobuf message type and
consists of seconds and nanos fields. We dissect protobuf field in
google.protobuf.Timestamp type as wireshark FT_ABSOLUTE_TIME field.
And add tvb_get_protobuf_field_uint() to make it easy to get a
Protobuf field of varint type from the tvb.
close#16927
Added a dissector to reassemble IPP Over USB packets and pass them to
the HTTP dissector. Added a display filter so IPPUSB packets can be
filtered. Dissector checks to ensure semgent is IPPUSB and supports
reassembly of send-documents and print-job documents. It also supports
the reassembly and dissection of packets that are truncted or
incomplete.
Change-Id: Icc9525592c07b00baaac887a70bc9e7568273016
It's possible to play opus payload with libopus (https://opus-codec.org/).
Closes#16882.
Helped-by: Pascal Quantin <pascal.quantin@gmail.com>
Signed-off-by: Lin Sun <lin.sun@zoom.us>
Signed-off-by: Yuanzhi Li <ryanlee@mail.ustc.edu.cn>
Stream Specification: https://www.ilda.com/resources/StandardsDocs/ILDA_IDN-Stream_rev001.pdf
The stream specification only defines IDN messages. The other packet commands
like ping request, ping response, etc. (see line 25 - 31 in packet-idn.c)
are part of the hello specification which is not released yet. We were still
able to implement some hello packets since we received a preliminary version
of the hello specification, because we need the hello packets for our work.
related to #16707
Replace bugs.wireshark.org links with their equivalent
gitlab.com/wireshark/wireshark/issues links in the AsciiDoctor buglink
macro and the please_report_bug function. Update the bug URLs in
comments in the tools and test directories.
We started allowing source files to be encoded as UTF-8 in April 2019 in
bd75f5af0a. Update README.developer to match.
README.developer no longer has a "Code style" section, so update the
Developer's Guide to point to the "Portability" section.
Bug: 16764
Change-Id: Iff902150491c984d3069c1b83acef9c2c8ce12c7
Reviewed-on: https://code.wireshark.org/review/38106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new top-level view that shows each packet as a series of diagrams
similar to what you'd find in a networking textook or an RFC.
Add proto_item_set_bits_offset_len so that we can display some diagram
fields correctly.
Bugs / to do:
- Make this a separate dialog instead of a main window view?
- Handle bitfields / flags
Change-Id: Iba4897a5bf1dcd73929dde6210d5483cf07f54df
Reviewed-on: https://code.wireshark.org/review/37497
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id33135d82f30f0d88910b994492b4a64ac170d84
Reviewed-on: https://code.wireshark.org/review/38105
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is send from DCAgent to FSSO collector using UDP 8002 packet
It is based on analysis of protocol (and log)
Bug: 16657
Change-Id: I2e23a403a103c25820d714446d4e3245af04e876
Reviewed-on: https://code.wireshark.org/review/37547
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
sshdump can now be copied in multiple instances. Each instance will
show up a different interface and will have its own profile.
This will help users connecting to different hosts. Instead of changing
profiles, sshdump can be cloned, and each instance will be used for a
single host.
Change-Id: If4fb42cf78021c6f16213ae91cbf41ec7f61ca77
Reviewed-on: https://code.wireshark.org/review/37883
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap binaries are not part of default install.
Normal (graphical) allows them to be selected for installation.
Add flags to allow install when doing command line (silent) install.
Ping-Bug: 16562
Change-Id: I6ce0fa3b46f9820dc7f66945cda963a3f629579b
Reviewed-on: https://code.wireshark.org/review/37185
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Technically Enhanced Capture Module Protocol (TECMP) allows the
transport of data recorded on different technologies (e.g. Ethernet,
CAN, LIN, FlexRay). A typical usage scenario is data recording in
vehicles, e.g. for validating and testing autonomous driving.
Bug: 16661
Change-Id: If7c08529049cc1d30d9a5640b4216eac83546800
Reviewed-on: https://code.wireshark.org/review/37610
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to the Decode As dialog to copy entries from
another profile.
Change-Id: Ia04edd063bd2eba14b2b14acfd53b03111646f7e
Reviewed-on: https://code.wireshark.org/review/37616
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Update the text in the Code Requirements section. Switch to a
description list. Add a list of allowed licenses.
Change-Id: Ic9bf88bee7122684f5e3b80185be37a7e4e7b011
Reviewed-on: https://code.wireshark.org/review/37417
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a dissector for Asphodel (https://bitbucket.org/suprocktech/asphodel).
Asphodel is a protocol for streaming real-time data from sensors in industrial
environments. This protocol dissector supports complete dissection of the UDP
advertisment packets, and simple dissection of the TCP command and stream data.
Sample Capture:
https://wiki.wireshark.org/SampleCaptures#Asphodel_Protocol
Change-Id: I6a7f730a4ce5349ac48b4fd86e61429983af5bf9
Reviewed-on: https://code.wireshark.org/review/37318
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Add an entry for CMAKE_OSX_DEPLOYMENT_TARGET to the CMake section.
Change-Id: I6b15d0e3dfeb501b61049b09a0cb94f6a9297353
Reviewed-on: https://code.wireshark.org/review/37337
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since Wireshark 3.2 the filter toolbar no longer has an Expression button.
Remove this from the Users Guide as well.
Change-Id: I54d0356c42ff599296fa800e7d730e6098f35976
Reviewed-on: https://code.wireshark.org/review/37338
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Note that Windows Package Manager (winget) and Scoop exist, but don't
currently provide all of the packages we require.
Change-Id: I69f6958faec3454f37eda79e5b76d3e70d399555
Reviewed-on: https://code.wireshark.org/review/37320
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a "recent_common" description and update it and the "recent"
description. Update the "manuf" description. Alphabetize the lists of
configuration files. Update some markup.
Change-Id: I3d3cd451dbaa1778eb7dd841b162dff8c6ba99c1
Reviewed-on: https://code.wireshark.org/review/37310
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is the dissector for the LBMSRS protocol which
comes under the 29West protocol suite
Bug: 16466 - LBMSRS sample capture file uploaded in this bug
Change-Id: I7458783f8cff5179064fbd68e910c162db1c5fd7
Reviewed-on: https://code.wireshark.org/review/36917
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds a basic dissector for ScyllaDB RPC protocol.
ScyllaDB (www.scylladb.com) is a No-SQL database serving multiple
client protocols (e.g. CQL). The newly introduced dissector
provides a way to inspect Scylla's internal protocol, used by
the nodes to communicate with each other - share data, gossip
the cluster state, update the schemas, etc.
This dissector implements only a shallow dissection of most packets,
i.e. recognizing the packet type. Two requests with deeper dissection
are MUTATION and READ_DATA, used by I/O operations in the database.
Bug: 16471
Change-Id: Ibba8262bd4e5a637b24b3e7846c42c6534ef811b
Signed-off-by: Piotr Sarna <sarna@scylladb.com>
Reviewed-on: https://code.wireshark.org/review/36633
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Expand the description of the "TCP ZeroWindow" analysis flag.
Change-Id: Icf9b5cb60d305150eb13e5d74f4a4d2008fa96e4
Reviewed-on: https://code.wireshark.org/review/36938
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to
https://asciidoctor.org/docs/asciidoc-asciidoctor-diffs/
[discrete] is preferred over [float] for discrete headings.
Change-Id: I4d67a72c19a8cf75ad8cf37c55e6f5abddb14d04
Reviewed-on: https://code.wireshark.org/review/36925
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the name resolution section of the User's Guide. Use title case
in the rest of the chapter and switch [float]s to [discrete]s.
Change-Id: I7093de72592466c32e130b952f9979f1b47fa280
Reviewed-on: https://code.wireshark.org/review/36923
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an illustration of the advanced preferences along with some examples
from https://wiki.wireshark.org/Preferences/Layout.
Change-Id: I5dd6afe06bef9a0f5e1862f13fb716d63032cd96
Reviewed-on: https://code.wireshark.org/review/36927
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Move some of the documentation about documentation toolchain itself from
docbook/README.adoc to the documentation toolchain chapter in the WSDG.
Fix the Debugger section level.
Change-Id: I8db92d334dd479324453f7b0bd25b33ea770c532
Reviewed-on: https://code.wireshark.org/review/36843
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove nested example tags from the dissection chapter, including and
unbalanced one. Mark our source blocks with [source,c].
Enable syntax highlighting in the Developer's and User's guides. This
isn't supported in the DocBook backend (which we use to generate the
HTML guides), but it is in the PDF backend.
Add a comment about failing on warnings when we generate our guides.
Change-Id: Ieee29fe75364ca23769aa997f90126e31b72cc8b
Reviewed-on: https://code.wireshark.org/review/36767
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
On UN*X platforms, we now build the Wireshark shared libraries with
compiler and linker options that arrange that most symbols are "hidden",
and only those declared with WS_DLL_PUBLIC are exported from the
libraries, if such options are available.
Change-Id: Ie954f114046fe4af678672b12cea693ac9882ba1
Reviewed-on: https://code.wireshark.org/review/36726
Reviewed-by: Guy Harris <gharris@sonic.net>
Add content from https://wiki.wireshark.org/LuaAPI/GUI and update as
needed.
Separate some of our Asciidoctor output with newlines.
Change-Id: I2b8b9449c94bd69095fbd4b65ea415cd4d525c30
Reviewed-on: https://code.wireshark.org/review/36613
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Start dissecting the class-specific control messages.
Change-Id: I21e97777c9fc0396a8c0c575ba21909f58bbb577
Reviewed-on: https://code.wireshark.org/review/36539
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I45ae45f61042dc612a63727e9790bf3c036fa608
Reviewed-on: https://code.wireshark.org/review/36533
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the Service Response Time section of the User's Guide. The sample
captures page had a nice SMB2 capture file, so use that for the example.
Use title case for "Diameter" to match the RFCs.
Change-Id: Icff510dbe2d77db9cd42548ad58439d17282e851
Reviewed-on: https://code.wireshark.org/review/36421
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the I/O Graphs section of the User's Guide. Use the name "I/O
Graphs" consistently.
Update the image thanks to Chuck Craft.
Ping-Bug: 16359
Change-Id: I6b60fd1b79a849e4467c7ca7927279e16dd6e671
Reviewed-on: https://code.wireshark.org/review/35762
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add links to the command prompt documentation and mention that you can
set up a VC++ environment in an existing command prompt.
Change-Id: I74a2e1450ad1113ef94896fc2c6dbd06d96e3d40
Reviewed-on: https://code.wireshark.org/review/36352
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When entering a deprecated protocol name in the filter a warning is
placed in the status bar to this effect. The new protocol name is
not reveiled though, leaving the user in doubt what to use.
This change adds the new protocol name to the text in the status bar.
Change-Id: Ib892f79893471065eca81c7cf17e165256fdc9a9
Reviewed-on: https://code.wireshark.org/review/36086
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
vcredist is now shipped with VS. No need to download it, then no
chance of getting the wrong one.
Change-Id: I90f3874d6e09dfb4de736756ef39274c028a5441
Reviewed-on: https://code.wireshark.org/review/36311
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Windows installers are signed by the "Wireshark Foundation, Inc."
Change-Id: I69881faccaf6345c25d8e106e3dbb96bdc302599
Reviewed-on: https://code.wireshark.org/review/36302
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Initial support for TEAP (Tunnel Extensible Authentication Protocol)
defined in RFC7170.
Only partial support implemented. Mainly the parts needed to discover
the carried EAP payload when establishing IEEE802.11 EAP-TEAP
connections.
Bug: 16379
Change-Id: Ic2b31d0b871b430792a371cd09926811e350c32b
Reviewed-on: https://code.wireshark.org/review/36104
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ACDR is a protocol over UDP that is used by AudioCodes devices for
recording traffic to and from the device.
It adds a header to each packet that contains extra data about the packet.
For some packet types (like SIP), it also appends the IP and UDP/TCP
headers of the sent/received packet.
The dissector unwraps the ACDR header, and displays the packets with the
original type (and when available, with the original addresses).
Bug: 16275
Change-Id: I19ad90053a2ef73da80881dc5e94aa362de23ea3
Reviewed-on: https://code.wireshark.org/review/35417
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It is possible to decode iLBC payload. It uses libilbc library (https://github.com/TimothyGu/libilbc).
Bug: 16314
Change-Id: Id4cad7ae32305a0e94ef32beb24e07733d7f834e
Reviewed-on: https://code.wireshark.org/review/35686
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Provide more details about the threshold used for TCP Out-Of-Order
detection.
Switch from dashes for lists to asterisks as recommended at
https://asciidoctor.org/docs/asciidoc-recommended-practices
Change-Id: Ibb6d3d3d5ca15acba5f679ea26142d65f96c69a8
Reviewed-on: https://code.wireshark.org/review/35840
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
C-ares is required, so don't mark it as optional. Add Win64 download
URLs and list them first. Zlib is part of our vcpkg bundle.
Change-Id: I232f4df988aa12afde0b66fff203187136504e94
Reviewed-on: https://code.wireshark.org/review/35700
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the release notes and some PNGs non-executable.
Change-Id: Iecd52e782258f6d7a485138f8f965b7dce52a0dc
Reviewed-on: https://code.wireshark.org/review/35689
Reviewed-by: Gerald Combs <gerald@wireshark.org>
We don't currently distinguish between missing and zero values in I/O
graphs. This can be problematic in scatter plots since the plot points
tend to show up as chartjunk which overwhelms the X axis. In plain,
non-calculated plots assume that zero values mean "missing" and omit
those points.
Describe this in the User's Guide, but comment the text out for now
pending a full update to the I/O Graph section.
Switch to title case in our default graphs. Make the TCP Errors graph
red by default.
Change-Id: I92dcbf05f58ae0b7b7734fa8dfc342424bbea114
Reviewed-on: https://code.wireshark.org/review/35645
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Note that you can edit the packet ranges shown in the Packet Lengths
dialog.
Change-Id: I23170de175e5b7cf5545240b3e4c8be716ce2c27
Reviewed-on: https://code.wireshark.org/review/35638
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update the Transifex URL and describe how its resources are organized.
Change-Id: Icc03ff57da73c0a60da0ea1e7ff19d6ecffae3a1
Reviewed-on: https://code.wireshark.org/review/35637
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a section for the Packet Lengths window. Use title case for the
column headers. Fix a button name and other issues elsewhere.
Change-Id: I339d56aa169158e0788acd02a897729205e9f50e
Reviewed-on: https://code.wireshark.org/review/35615
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a note about case sensitive directories on Windows.
Recommend the "winflexbison3" Chocolatey package.
Update our list of Linux distributions.
Change-Id: I4676453941a66de71215d6ce6cf7057623c92fec
Reviewed-on: https://code.wireshark.org/review/35622
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add an initial "es" Qt translation file and an accompanying flag image.
The image came from
https://en.wikipedia.org/wiki/File:Flag_of_Spain.svg
and is in the public domain.
(We already had a debian/po/es.po.)
Change-Id: I5378ad2cbffb2267389fc8ae6af6d591071e0144
Reviewed-on: https://code.wireshark.org/review/35620
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Two enhancements and one fixed bug:
1. Add dissecting protobuf fields as wireshark (header) fields preferences. User
can input the full names of protobuf fields or messages in Filter toolbar for
searching.
2. Add 'protobuf_field' dissector table. Dissector based on protobuf can register
itself to 'protobuf_field' keyed with the full names of fields of BYETS or STRING
types.
3. A bug about search MESSAGE or ENUM type in context is fixed.
4. Another small enhancement is adding prefs_set_preference_effect_fields() which
can mark a preference that affects fields change (triggering FieldsChanged event).
See the linked bug for sample capture file and .proto files.
Ping-Bug: 16209
Change-Id: Ibc3c45a6d596a8bb983b0d847dd6a22801af7e04
Reviewed-on: https://code.wireshark.org/review/35111
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the Expert Information section of the User's Guide. Use the term
"Expert Information" to describe the dialog and "expert information
item" to describe each generated item. Update related text elsewhere.
Update the expert icon and other parts of the status bar docs.
Change-Id: I0c2cba0cbb3c74a1f6e3a37d4a2a592faccb350f
Reviewed-on: https://code.wireshark.org/review/35462
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Generalize the "missing bpf.h" entry. Remove the UCD SNMP and Fink
entries.
Change-Id: I276f2387c4bf017c7ba4f0a37cce525efd1c24ae
Reviewed-on: https://code.wireshark.org/review/35469
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the last of our description list term formatting. This is better
handled using CSS. Update the filter expression dialog DL text.
Change-Id: Ib21e2ee5265c9b476d960e7d73ac99b25b646141
Reviewed-on: https://code.wireshark.org/review/35437
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove some formatting and link to the list archives.
Change-Id: I45c5a24b4a6d01234aafab71dc080cf98f4e22cf
Reviewed-on: https://code.wireshark.org/review/35435
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update the minimum version in various documents. Remove some
no-longer-needed code from scripts that call windeployqt.
Change-Id: I16da4bced9780c9f1b1969aae7c52e2fce1968aa
Reviewed-on: https://code.wireshark.org/review/35391
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add an "Export Specified Packets" section. Update the "Export Packet
Dissections," "Packet Range," and "Packet Format" sections. Update some
markup and text throughout the chapter.
Change-Id: I7b7c6fcc41c4fdc684c86a34364ed9baa5123d15
Reviewed-on: https://code.wireshark.org/review/35359
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update a few screenshots and associated text. (The file open, save as,
and merge images date back to the Ethereal era!) The interface options
dialog no longer exists, so remove that screenshot and text.
Mark GTK+ and outdated images as such in CMakeLists.txt.
Change-Id: Ia01788434a1c96dd3f527c9d4ae34b1ca30f92d7
Reviewed-on: https://code.wireshark.org/review/35345
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update some of the FAQ and WSUG content for Windows 7's impending
demise. Add supported releases for macOS and other updates.
Change-Id: I5741ac631f39803fa060e9f5c2006a75cb54136f
Reviewed-on: https://code.wireshark.org/review/35333
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a section for the Wireless menu.
Remove some unused images. It doesn't look like we ever used
ws-*-preferences.png. They had ENTITY definitions in the original XML,
but those weren't referenced anywhere.
Change-Id: I7f027b48ef22c8680f6224f189d4e9d0bd8114c0
Reviewed-on: https://code.wireshark.org/review/35328
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Documentation of the Tshark and dumpcap command line options between
help text, manual page and user's guide diverged over time. One aspect
of this is the implementation of more long options. This change tries to
update all documentation to be complete and in sync again.
Change-Id: Ie8bee013df8d209080fcf288072774f18f9ff51f
Reviewed-on: https://code.wireshark.org/review/35261
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The WSDG is a mix of references to 32 and 64 architectures. Use 64
in more places.
Change-Id: Ifb4b3189912268808cfe8fdb5119f2177c815163
Reviewed-on: https://code.wireshark.org/review/35248
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I537fbb26681555d0cd303d4b614bc016e935eb70
Reviewed-on: https://code.wireshark.org/review/35225
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The update_tools_help CMake target is periodically run, but the output
of `wireshark -h` was previously not included.
Bug: 16166
Change-Id: Ib7aac89ff31d7b7c7033496b512d97bfbd727aaa
Reviewed-on: https://code.wireshark.org/review/35205
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Although c-ares support was techically optional, it was either on by
default or required in all of our packaging. Go ahead and require it
globally. C-ares is widely available and synchronous name resolution can
easily result in a horrific user experience.
Change-Id: Id67c797316ed6b8a0ab5052e55a43a1b9e2a2464
Reviewed-on: https://code.wireshark.org/review/35188
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Updated the toolchain references to VS 2019,
removing mentions of 2015 & 2017.
Bug: 16211
Change-Id: Ic1607ac2c2713a5d324d40319c4e1be5365eb6f7
Reviewed-on: https://code.wireshark.org/review/35180
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change improves Wireshark ability to save rtp streams. It allows a user
to save any supported codec with 8 kHz rate. In real, it means G.711 and
G.729 for now.
There is no hardcoded codec limitation during save anymore. If code detects
unsupported codec or rate during save, it replaces samples with silence and
reports it. Therefore any added codec in future will be supported.
Note to RTP saving:
RTP streams (there can be up to two of them for save) can contain multiple
codecs in each direction - some of it can be supported and some
unsupported. What should be exported then?
Till my patch save do not run and a user received nothing even part of stream
was OK/encoded with supported codec.
Therefore I managed the code to start with export and do its best.
Unknown codec/part is replaced with silence and user is warned after
export. Therefore a user will get:
a) audio - when all codecs are supported (no warning)
b) mix audio/silence - when some codecs are supported (warning)
c) only silence - when no codec is supported (warning)
BTW same output user sees/gets in RTP player for years.
Change-Id: Id938d419f5841af46d2d2d3ddfaf1ec9a0235bcc
Reviewed-on: https://code.wireshark.org/review/35105
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Update the new protocol list and clarify our Qt versions.
Change-Id: If4d5e591b4419cc3171616825201375fdc5401aa
Reviewed-on: https://code.wireshark.org/review/35165
Reviewed-by: Gerald Combs <gerald@wireshark.org>
They no longer reside to the right of the display filter toolbar, but
have been moved to Analyze->Display Filter Expressions... as well as
the context menu of the display filter edit
Change-Id: I5afb87a483838204be33f5b8b965643c2c95e306
Reviewed-on: https://code.wireshark.org/review/35151
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: Ia96444bc463337e0ffb050a05ce4d454dd18986d
Reviewed-on: https://code.wireshark.org/review/35103
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add support for automatic updates using the Sparkle framework. Add
FindSparkle.cmake and associated CMake plumbing. Add a public key and
other info to Info.plist.in. Add ui/macosx/sparkle_bridge.{h,m}, which
wraps the Sparkle API. Make code that's specific to WinSparkle
Windows-only.
Add Sparkle installation steps to the macos-setup scripts. Sparkle
prints a warning if your bundle is unsigned (which is the case during
development) so disable installing it by default.
Updating here takes a long time. We might be able to fix that by
shipping our DSYMs separately.
Change-Id: I6cc6671db5657dadc514bda6bf6e1c8bbc9468a5
Reviewed-on: https://code.wireshark.org/review/35090
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Documentation of the Wireshark command line options between help text,
manual page and user's guide diverged over time. One aspect of this is
the implementation of more long options. This change tries to update
all documentation to be complete and in sync again.
Bug: 16168
Change-Id: Id833fbeb14fdb7b3dbc1564504a25d96f4367c91
Reviewed-on: https://code.wireshark.org/review/35047
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Some parts of HTML Help have issues displaying curly quotes. Add a
title argument to the XML2HHP macro so that we can set one with a
straight quote. Set the title using the htmlhelp.title XSL parameter
instead of relying on HTML Help to derive it for us. This seems to keep
"???TITLE???" from being mysteriously appended to the title.
Try setting htmlhelp.window.geometry while we're here.
Bug: 16183
Change-Id: I0bf2dbeeb811dc65010ab5223725d6b5cdc96966
Reviewed-on: https://code.wireshark.org/review/35031
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Allow the storage of extcap plugins in the personal directory and
enable loading from there. It will also take precedence of any
system-wide extcaps with an identical name
Change-Id: Ib88e09a26c4f99cf5e793327f2808c7445c6b1b5
Reviewed-on: https://code.wireshark.org/review/34988
Reviewed-by: Roland Knall <rknall@gmail.com>
Buttons can be left-aligned in the display filter edit bar, by selecting
the corresponding option from the context menu
Bug: 14123
Change-Id: I18b48bb0ea43a598b2e309dcad9210463be06414
Reviewed-on: https://code.wireshark.org/review/34980
Reviewed-by: Roland Knall <rknall@gmail.com>
Add a graph for the currently display filter if none exists, upon
opening IOGraph
Change-Id: Ic25b014484898dd1917b13f2616fd519e2e8183b
Reviewed-on: https://code.wireshark.org/review/34984
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Make the mimetype for the display filter more generic, so that external
programs can attach to Wireshark and users can drag and drop display
filters to the program
Change-Id: Id78b4dff7883e3dab879a31aad07f577d8cc4ee3
Reviewed-on: https://code.wireshark.org/review/34936
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If working in streaming RPC mode, many grpc messages will be
contained in one http2 stream, the stream will end very late
(for example ETCD watch stream).
So we could not rely on old http2 reassembly mode which call
sub-dissector only END_STREAM appeared. We need a reassembly
mode that call subdissector which support streaming mode as
soon as the message in STREAM is available.
Please refer to comments of
reassemble_http2_data_according_to_subdissector() function
of epan/dissectors/packet-http2.c for more detail.
See the linked bug for streaming mode gRPC capture files.
Ping-Bug: 16160
Change-Id: Id9e5337a0e3ca9f8c8119d74d2c1fe4cc263afc3
Reviewed-on: https://code.wireshark.org/review/23988
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Ensure, that all mimedata uses similar mimetypes and document
the mimetypes being used throughout wireshark
Change-Id: I7c02d0a5e12a823153640e600051abb95d58cdeb
Reviewed-on: https://code.wireshark.org/review/34923
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The recent macOS installer changes were backported to master-3.0, so
they're no longer new in master.
Change-Id: I357e0f8facbc2266c3780bcf8d696b5c2b00602d
Reviewed-on: https://code.wireshark.org/review/34745
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Used egrep "\b([a-zA-Z]+) \1\b" docbook/wsug_src/*.adoc to find instances
where words were erroneously duplicated.
Change-Id: Ie390fa4f1c61a288ff0ed77aa84c4fb01f4de27e
Reviewed-on: https://code.wireshark.org/review/34725
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. A C-style Protocol Buffers Language (PBL) parser for *.proto file is added.
It contains protobuf_lang_scanner.l (lex scanner), epan/protobuf_lang.y (grammar
parser), and protobuf_lang_tree.h/c (grammar tree implementation).
2. The protobuf-helper.h/cpp is an interface wrapper layer. If one day C++ is allowed,
we can create a protobuf-helper.cpp file, which using offical protobuf C++
library, to replace protobuf-helper.c. That keeps packet-protobuf.c unchanged.
3. User can specify protobuf search paths, and the UDP ports to protobuf message type
maps at the Protobuf protocol preferences.
4. Other dissectors can pass the message type to Protobuf dissector by data parameter
or pinfo->private_table["pb_msg_type"] (pinfo.private["pb_msg_type"] in lua).
Some Sample of GRPC with Protobuf captures can be found in Bug: 13932.
Bug: 13932
Change-Id: Ife16c2f7b381296f8db4740dabe5f8362a456f48
Reviewed-on: https://code.wireshark.org/review/22892
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The QUIC transport protocol provides a stream, similar to HTTP/2. Make
it possible to look at the stream contents. This can be helpful while
HTTP/3 support is not yet complete.
Known issues that will be addressed in the future:
- If a single packet contains multiple streams, then Follow QUIC Stream
will wrongly include data from streams other than the selected one.
This is tracked by bug 16093 and affects HTTP/2 as well.
- The Substream index menu does not properly filter for available
stream numbers. If a non-existing stream is selected, then changing
to another (potentially valid) index results in the "Capture file
invalid." error. As workaround, clear the display filter first.
- Follow Stream always selects Stream ID 0 instead of the first or
currently selected stream field in a packet. Users should manually
update the stream index as needed.
Change-Id: I5866be380d58c96f0a71a29abdbd1be20ae3534a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Scalable service-Oriented MiddlewarE over IP (SOME/IP) is the
standard communication middleware for IP and Ethernet based
communication. It supports Service Discovery, RPC, Pub/Sub, and more.
Bug: 16014
Change-Id: Ifd6549818ccc87f376a5fb9ba1d6c335818c6e00
Signed-off-by: Dr. Lars Völker <lars.voelker@bmw.de>
Reviewed-on: https://code.wireshark.org/review/34497
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Create ChmodBPF installer and uninstaller packages using pkgbuild and
productbuild. Place them in Wireshark.app/Resources/Extras.
Add a path_helper installer and uninstaller which respectively add and
remove /etc/*paths.d/Wireshark.
Remove the PackageMaker and utility-launcher assets and build targets.
Show a message in the main welcome screen if we don't have capture
permissions. Add an link which launches the ChmodBPF installer.
Add a "macOS Extras" item to About → Folders.
Migrate "Read me first" from RTF to Asciidoctor, which lets us add links
and looks like our other documentation.
Rename dmg_set_style.scpt to arrange_dmg.applescript and make it plain
text. Always run it in osx-dmg.sh.
Bug: 6991
Bug: 12593
Bug: 11399
Ping-Bug: 16074
Change-Id: I7b6aa89aae2be522b4141b0d44e8142dec749e90
Reviewed-on: https://code.wireshark.org/review/31047
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.
Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.
[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]
Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The spelling error for "Desription" in the context menu was very
obvious. The others were found by scanning the output of:
grep -Po '<source>\K.*(?=</source>)' wireshark_en.ts
Change-Id: I4b95236c82f76828a115d59d7c8e0b853eae1d26
Reviewed-on: https://code.wireshark.org/review/34582
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Update some of the packet list and detail context menu items.
Add a release note entry noting the new Apply/Prepare behavior and
update some other items.
Change-Id: I3c2336a3f438f2d97bdb4df764e2af78a3499d81
Reviewed-on: https://code.wireshark.org/review/34543
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The Diagnostic Log and Trace protocol (DLT) is a commonly used and
standardized protocol in the automotive industry used to retrieve
log data. This patch adds the protocol to Wireshark. Keep in mind
that ports have to be configured before the dissector can be used.
Change-Id: I24592705476fb0c3bb83a1cc10b3dae8867523f4
Signed-off-by: Dr. Lars Völker <lars.voelker@bmw.de>
Reviewed-on: https://code.wireshark.org/review/34462
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow a selection of the list based on the protocol type. That way
one can easily enable/disable for instance just heuristic protocols
Change-Id: I1ee8df5d9887c764272ec55b33703855c0c91f5a
Reviewed-on: https://code.wireshark.org/review/34442
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
List syntax is *not* one of the more straightforward parts of AsciiDoc.
Change-Id: Icfed27de84c8c11cad02c4ba4d359786cd480eea
Reviewed-on: https://code.wireshark.org/review/34423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Confusing though it might be, a patch-matching expression containing
only the name of a Boolean field matches all packets containing that
field, regardless of whether the field is true or false; you need to
compare the field against 1 to check whether it's true.
Change-Id: I615acc4d71964c8474e6f3655ade8814cbe07b22
Reviewed-on: https://code.wireshark.org/review/34422
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The Linux kernel includes a module called drop monitor which -
unsurprisingly - monitors packet drops.
Once enabled, the module will periodically send netlink notifications to
user space over generic netlink. Historically, these notifications only
included the program counter where the drop occurred and the number of
packets that were dropped in this location in the last interval.
Patches in net-next (queued for Linux kernel 5.4) extend drop monitor
with another mode of operation where the dropped packets themselves are
sent to user space along with relevant metadata as netlink
notifications. This allows users to perform a more detailed analysis of
the dropped packets.
This patch adds a dissector for these netlink packets. The dissector is
expected to be invoked by the generic netlink dissector and during its
hand off routine it adds an entry in the 'genl.family' dissector table.
The various netlink attributes are dissected by calling
dissect_netlink_attributes(), in a similar fashion to the rtnetlink
dissector. The dropped packet itself is encoded in the netlink attribute
'NET_DM_ATTR_PAYLOAD' and dissected by invoking a dissector from the
'sll.ltype' dissector table based on the packet's protocol which is
encoded in the 'NET_DM_ATTR_PROTO' attribute.
Bug: 16018
Change-Id: I10bfa4b9c9d8f5e82769c250f929f74693142a23
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/34351
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also, put the search field on top, as this is the default for search
fields and apply the change of enable/disable and invert-all only to
the selected items, instead of all items.
Bug: 16013
Change-Id: If4ef1c5ce63eef6fa72db679cdcbf52dcb0e8fb6
Reviewed-on: https://code.wireshark.org/review/34393
Reviewed-by: Roland Knall <rknall@gmail.com>
With the design changes made in the Qt interface with respect to the
Deocode as dialogs the Users Guide content is confusing. Update the
graphics and text to accurately describe the current design. Update
references in other parts of the document too.
Change-Id: Iad6af555d2da3430230c7f176bf2ec1e808cc134
Reviewed-on: https://code.wireshark.org/review/34337
Reviewed-by: Gerald Combs <gerald@wireshark.org>