New link type DLT_ETW is added for write and read Event Trace on Windows.
This change updates MBIM dissector to decode a MBIM message from
a DLT_ETW packet.
It's possible to play opus payload with libopus (https://opus-codec.org/).
Closes#16882.
Helped-by: Pascal Quantin <pascal.quantin@gmail.com>
Signed-off-by: Lin Sun <lin.sun@zoom.us>
Signed-off-by: Yuanzhi Li <ryanlee@mail.ustc.edu.cn>
Extcap binaries are not part of default install.
Normal (graphical) allows them to be selected for installation.
Add flags to allow install when doing command line (silent) install.
Ping-Bug: 16562
Change-Id: I6ce0fa3b46f9820dc7f66945cda963a3f629579b
Reviewed-on: https://code.wireshark.org/review/37185
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is possible to decode iLBC payload. It uses libilbc library (https://github.com/TimothyGu/libilbc).
Bug: 16314
Change-Id: Id4cad7ae32305a0e94ef32beb24e07733d7f834e
Reviewed-on: https://code.wireshark.org/review/35686
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The updates to windeployqt-to-nsis.ps1 g7a09c78f12 added SetOutPath
calls to qt-dll-manifest.nsh. This means we need to reset the output
path before adding our translation files.
Change-Id: I4b4ede72efa67cc4617aaae5baf8d38df6952df7
Reviewed-on: https://code.wireshark.org/review/35705
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The NSIS licensing page is centered around making the user agree to
a EULA. We don't have one of those. Replace the "you must accept" and
"I agree" text with something more neutral.
We could alternatively omit with the licensing page altogether, but
the GPL is an important aspect of the project and deserves some sort
of mention.
Bug: 1115
Change-Id: I5fd5beac2188b61a90c2842de7d7547aa815ff4f
Reviewed-on: https://code.wireshark.org/review/35624
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the option to run Wireshark from the NSIS installer. As noted in
bug 16195, this runs Wireshark as Administrator which is something we
recommend against.
Bug: 16195
Change-Id: I0692262a611d72d9e9f9c2131ce71cc62b4737b1
Reviewed-on: https://code.wireshark.org/review/35143
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
While we are at it, let's deactivate by default the legacy loopback adapter installation
Change-Id: I4950e9dc6de8a2faeda272c03165a9f305862f6b
Reviewed-on: https://code.wireshark.org/review/35004
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
This reverts commit f1285fcf06.
NSIS package is broken with this commit.
Change-Id: Ief22a308edad188fa2d5fab79355f19493359fa6
Reviewed-on: https://code.wireshark.org/review/34758
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
HTML docs are installed to both $docdir and $pkgdatadir. Fix that
to install to $docdir only.
Change-Id: I115158585b6df9170d9a01249adbc8548df91f14
Reviewed-on: https://code.wireshark.org/review/34640
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Created the Microsoft Diameter file based on MS-CHAP-* AVPs listed at
https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml#eap-numbers-10
Many values are displayed as bytes for simplicit. The MS-CHAP2-Success
attribute could for example be dissected further as 1 byte followed by a
string, but that requires more effort.
Allow padding to be missing since the eap-ttls-mschapv2.pcapng capture
would throw a Malformed Packet exception otherwise.
Bug: 15603
Change-Id: I9efc322a86802e78bb6cd4bc3df1c1282a45fe9e
Reviewed-on: https://code.wireshark.org/review/34291
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We know the native Windows library path early on in the configure
process. Use it to set the location of the Npcap and USBPcap installers
instead of trying to derive it from the GLib DLL path.
Change-Id: I02d48e115b374fb6080a7fe8017cba789254d5f1
Reviewed-on: https://code.wireshark.org/review/32475
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If the Visual C++ Redistributable installer returns 1638
(ERROR_PRODUCT_VERSION) treat it as a success.
Bug: 15509
Change-Id: I136704ddc3266abc1a79f0fdcdd0b6cb7e33266e
Reviewed-on: https://code.wireshark.org/review/32041
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert our self-generating FAQ to Asciidoctor via the following steps:
- `help/faq.py > /tmp/faq.html`.
- `pandoc -t asciidoc -o docbook/faq.adoc /tmp/faq.html`.
- Manually clean up the markup using a text editor.
Question and answer content was left intact. Removing or updating
obsolete content will have to be done in a separate change.
The Asciidoctor project uses the .adoc extension, so start using it here
as well.
The contents of the "help" directory appear to have been used for
offline support in help_url.c, but that functionality was removed in
2008 in 242e3b78bc. Its content is covered in the User's Guide and man
pages so remove it.
Change-Id: I9060eefe97cfc137f8b414077c30f814379b576a
Reviewed-on: https://code.wireshark.org/review/32014
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Uninstalling WinPcap through recent Npcap installers seem to fail
for some users. For now install Npcap native mode instead.
Bug: 15476
Change-Id: I9114eb824fb1bd99d5da82e8bff87f7b7eb49a74
Reviewed-on: https://code.wireshark.org/review/31870
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
We package the documentation for other programs we supply, so we should
package the documentation for them as well.
Change-Id: I37854631bad4aa799fb6ebb009bea3f4692fe530
Reviewed-on: https://code.wireshark.org/review/31492
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Along with checking for exit code 3010 (reboot required), check for
other errors and show a warning as needed.
Add a note about the Universal CRT to the User's Guide.
Bug: 15358
Change-Id: Ia49dbdc66edc8ea68f957ec353f1115536002d13
Reviewed-on: https://code.wireshark.org/review/31100
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
While we are at it, let's propose by default to upgrade to Npcap when WinPcap
is intalled.
Change-Id: Id9aeb3a507127b5956185fba2b74c60cf1dfdf96
Reviewed-on: https://code.wireshark.org/review/31079
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a script that disables all of our desegmentation and reassembly
preferences and use it to create a "No Reassembly" profile.
Change-Id: Icd0b72e9e271a511e637acde9018f3aae018e589
Reviewed-on: https://code.wireshark.org/review/30799
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Migrate the Additional Tasks page to nsDialog. Create it using NSIS
Dialog Designer.
Migrate the Modern UI code (WinPcapPage.ini and USBPcapPage.ini) to
Modern UI2.
Use LogicLib flow control instead of Gotos+labels in more places.
Change-Id: I1a3733f0202ca372456074f43e5ae23b1da4e1b9
Reviewed-on: https://code.wireshark.org/review/27449
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The installer is not presenting applicable text in the description
box when highlighting the new file type and codec plugin options.
Change-Id: I25fbc7800a594796ac8f4f15b39431a89b404d0e
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/27248
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove GTK+ entries from .gitignore and start removing it from
packaging.
Change-Id: I70391000906e983eab250c8158b486c3dc6d4a16
Reviewed-on: https://code.wireshark.org/review/26988
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Mention Npcap on the WinPcap installer page and add a link to it.
Update some other text and tell developers to use NSIS 3.0 while we're
here.
Change-Id: I64728f014f518439ba4a38eda7a283274d40fcdc
Reviewed-on: https://code.wireshark.org/review/26515
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only install mmdbresolve if MAXMINDDB_FOUND is true.
Fixup the Qt about box and WiX GTK defines while we're here.
Change-Id: I7ac3c21ddb4aebc1dae1c3d8cfd2bcafc4139d2e
Reviewed-on: https://code.wireshark.org/review/26299
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
MaxMind is discontinuing its legacy databases in April in favor of
GeoIP2, which use a newer database format (MaxMind DB). The reference C
library (libmaxminddb) is available under the Apache 2.0 license which
isn't quite compatible with ours.
Add mmdbresolve, a utility that reads IPv4 and IPv6 addresses on stdin
and prints resolved information on stdout. Place it under a liberal
license (MIT) so that we can keep libmaxminddb at arm's length. Add
epan/maxmind_db.[ch], which spawns mmdbresolve and communicates with it
via stdio.
Migrate the preferences and documentation to MaxMindDB.
Change the IPv4 and IPv6 asnum fields to FT_UINT32s. Change the
geographic coordinate fields to FT_DOUBLEs.
Bug: 10658
Change-Id: I24aeed637bea1b41d173270bda413af230f4425f
Reviewed-on: https://code.wireshark.org/review/26214
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Cleanup the support for older versions of Visual Studio
Change-Id: Ieb97d56e9bff6a5902433e8d99b27276bc7034f7
Reviewed-on: https://code.wireshark.org/review/26247
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the endpoint map and its button from the Qt and GTK+ UIs. It
depends on GeoIP Legacy for coordinate information and those databases
are being deprecated in favor of MaxMind DB. We *could* upgrade the code
to use mmdbresolve, but according to
https://dev.maxmind.com/geoip/geoip2/geolite2/ they're also going to
remove coordinate information from GeoLite2:
"In addition, in 2019, latitude and longitude coordinates in the
GeoLite2 databases will be removed.* Latitude and longitude coordinates
will continue to be provided in GeoIP2 databases. Please check back for
updates."
Change-Id: I43e1593d282a0f1aae897b1f4724117d1496b21e
Reviewed-on: https://code.wireshark.org/review/26229
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Set the API target level to Win7, along with installer changes
to match.
Change-Id: Icd93964eadf93018c56218e3efdfed10b9f8959a
Reviewed-on: https://code.wireshark.org/review/26218
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
This codec plugin serves a dual purpose.
First it is to add L16 codec suppport to Wireshark.
Second it is an illustration of a basic codec plugin module.
Change-Id: I64394dab3257ae49dece0257b16cd969503918e2
Reviewed-on: https://code.wireshark.org/review/26131
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stuff that calls it is built in, and stuff it calls is built in, so
there's not much point in having it be a plugin; we already have
examples of plugin dissectors.
Change-Id: I512e0fda62faedb5f03f476fbece2e267e1d644f
Reviewed-on: https://code.wireshark.org/review/25775
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Graham Bloice