Improve reload Lua plugins to handle fieldsChanged before calling
the preferences apply callback, because a proto.prefs_changed()
function may call reload_packets() or redissect_packets(), and this
requires the fields to be updated.
Support reloading a Lua FileHandler when this is in use for a
loaded capture file. Prompt to save the file if having unsaved
changes because the file must be reloaded.
Fixes#17615
Allow the user to select multiple packets, and
* add the same comment to all selected packets
* remove all comments from selected packets
A new comment is added to each packet, now that we support multiple
comments per packet.
This is one potential way to address #8713.
Save a list of all user options that were specified on the Wireshark
command line using the `-o` option. Reapply those preferences after
reloading Lua plugins. Fixes the behaviour given in #12331 wherein such
prefs were reset to the defaults, not the command-line values, when
reloading Lua plugins.
When the user changes a preference in the Wireshark UI, remove that
preference from the stored command line options, so it doesn't get reset
when Lua plugins are reloaded again.
Don't store the comments in a capture_options structure, because that's
available only if we're being built with capture support, and
--capture-comment can be used in TShark when reading a capture file and
writing another capture file, with no live capture taking place.
This means we don't handle that option in capture_opts_add_opt(); handle
it in the programs that support it.
Support writing multiple comments in dumpcap when capturing.
These changes also fix builds without pcap, and makes --capture-comment
work in Wireshark when a capture is started from the command line with
-k.
Update the help messages to indicate that --capture-comment adds a
capture comment, it doesn't change any comment (much less "the" comment,
as there isn't necessarily a single comment).
Update the man pages:
- not to presume that only pcapng files support file comments (even if
that's true now, it might not be true in the future);
- to note that multiple instances of --capture-comment are supported,
and that multiple comments will be written, whether capturing or reading
one file and writing another;
- clarify that Wireshark doesn't *discard* SHB comments other than the
first one, even though it only displays the first one;
Mostly functioning proof of concept for #14329. This work is intended to
allow Wireshark to support multiple packet comments per packet.
Uses and expands upon the `wtap_block` API in `wiretap/wtap_opttypes.h`.
It attaches a `wtap_block` structure to `wtap_rec` in place of its
current `opt_comment` and `packet_verdict` members to hold OPT_COMMENT
and OPT_PKT_VERDICT option values.
This functionality has been added in d2a660d8, where its limitations
are described.
Improvements:
* the Substream index menu now properly filters for available stream numbers;
* Follow Stream selects the first stream in the current packet
Known issue (which is still there): if a packet contains multiple QUIC
streams, then we will show data also from streams other than the selected
one (see #16093)
Note that there is no way to follow a QUIC connection.
Close#17453
Experience has shown that:
1. The current logging methods are not very reliable or practical.
A logging bitmask makes little sense as the user-facing interface (who
would want debug but not crtical messages for example?); it's
computer-friendly and user-unfriendly. More importantly the console
log level preference is initialized too late in the startup process
to be used for the logging subsystem and that fact raises a number
of annoying and hard-to-fix usability issues.
2. Coding around G_MESSAGES_DEBUG to comply with our log level mask
and not clobber the user's settings or not create unexpected log misses
is unworkable and generally follows the principle of most surprise.
The fact that G_MESSAGES_DEBUG="all" can leak to other programs using
GLib is also annoying.
3. The non-structured GLib logging API is very opinionated and lacks
configurability beyond replacing the log handler.
4. Windows GUI has some special code to attach to a console,
but it would be nice to abstract away the rest under a single
interface.
5. Using this logger seems to be noticeably faster.
Deprecate the console log level preference and extend our API to
implement a log handler in wsutil/wslog.h to provide easy-to-use,
flexible and dependable logging during all execution phases.
Log levels have a hierarchy, from most verbose to least verbose
(debug to error). When a given level is set everything above that
is also enabled.
The log level can be set with an environment variable or a command
line option (parsed as soon as possible but still later than the
environment). The default log level is "message".
Dissector logging is not included because it is not clear what log
domain they should use. An explosion to thousands of domains is
not desirable and putting everything in a single domain is probably
too coarse and noisy. For now I think it makes sense to let them do
their own thing using g_log_default_handler() and continue using the
G_MESSAGES_DEBUG mechanism with specific domains for each individual
dissector.
In the future a mechanism may be added to selectively enable these
domains at runtime while trying to avoid the problems introduced
by G_MESSAGES_DEBUG.
Use wsApp->setLastOpenDirFromFilename() to convert a filename
to a directory name before calling wsApp->setLastOpenDir().
This will ensure to always store a directory instead of a filename
in the recent gui.fileopen_remembered_dir.
Add a generic function to write content to file. Use this on write
TLS session keys from UI and tshark, and for export objects.
Remove the now unused export_object_ui.[ch].
Singletons moved from main_window to each class's static open<NameOfClass>
method:
- RtpPlayerDialog
- RtpStreamDialog
- VoipCallsDialog
- RtpAnalysisDialog
Fixed issue with selecting RTP stream in sequence dialog. When user
selected a stream and moved mouse to Rtp Player button and pressed it,
incorrect RTP stream was sent to it.
When user press S(elect)/D(eselect) key, all RTP streams related to
selected call/calls are selected/deselected in RTP Streams window. If
window is not shown, it is opened.
Documentation updated.
Changes:
- RTP Player added to Telephony/RTP menu.
- When openning RTP Analysis or RTP Player from RTP menu, just selected
stream is added. When Ctrl is hold during opening, reverse stream is
searched and added too.
- RTP Player: Added tool to select/deselect all inaudible streams
- RTP Player: Added Prepare Filter button
- RTP Player: Added Analyze button
- RTP Analysis: Added Prepare Filter button
- documentation updated
Code changes:
- RTP Player::rescanPacket() is not fired multiple times during rate change and during dialog creation
- Error shown in RTP player is cleared after every new decode of streams
- RTP Player handles case when Qt do not emit stop stream event
- "Select" menu code unified between dialogs>
- RTP Player: Audio routing menu unified
- buttons are connected to actions by signals()
- Analyze dialog is called by list of rtpstream_id, not rtpstream_info
Changes:
- refactored main_dialog handling of telephony dialogs
- RTP Player dialog is nonmodal now and can be left open
- it is possible to issue three actions on RTP Player dialog from other
dialogs (other dialog have selected set of RTP streams before action)
- replace - removes existing streams from RTP dialog and shows new set
- add - adds new set to existing list in RTP dialog
- remove - remove streams in set from list in RTP dialog
- Sequence Dialog:
- was modified to hold rtpstream_info_t for RTP streams
- added Play button
- VoIP features (RTP Play button, select/deselect RTP stream) are
disabled after creation and must be enabled. It handles that RTP
Play button is not shown e.g. in TCP sequence show
Changes:
- epan/follow.c: follow_conv_filter_func has new parameter
epan_dissect_t *edt, so filter can be generated based on decoded tree
of packet below the cursor
- menu Follow/SIP Call is enabled when sip packet is selected
- value of sip.Call-ID is used as filter for SIP call
- for sharkd it generates filter just 'sip.Call-ID' with no value
Remove the editor modeline blocks from most of the source files in ui/qt
by running
perl -i -p0e 's{ \n+ /[ *\n]+ editor \s+ modelines .* shiftwidth= .* \*/ \s+ } {\n}gsix' $( ag -g '\.(cpp|h)' )
then cleaning up the remaining files by hand.
This *shouldn't* affect anyone since
- All of the source files in ui/qt use 4 space indentation, which
matches the default in our top-level .editorconfig
- The one notable editor that's likely to be used on these files and
*doesn't* support EditorConfig (Qt Creator) defaults to 4 space
indentation.
This pull request includes:
* The "Follow DCCP stream" feature.
* Updated docbook documentation for the "Follow DCCP stream" feature.
* Test for the feature.
* Corresponding packet trace for the test.
VoIP Calls dialog and RTP Streams dialog has now option to apply display
filter dialog during processing packets.
Filter checkbox is activated during dialog open when display filter is active.
New field apply_display_filter had to be added to voip_calls_tapinfo_t and
_rtpstream_tapinfo/rtpstream_tapinfo_t structures.
The fix solves issue #16952. It reverts commit 88813716 which introduced memory leak which causes the issue. The original issue with duplicating entries is solved too.
Because commit was cherry picked to 3.4.0 (might be in more branches), this patch should be cherry picked too.
Add ui/urls.h to define some URLs on various of our websites. Use the
GitLab URL for the wiki. Add a macro to generate wiki URLs.
Update wiki URLs in comments etc.
Use the #defined URL for the docs page in
WelcomePage::on_helpLabel_clicked; that removes the last user of
topic_online_url(), so get rid of it and swallow it up into
topic_action_url().
Run
$ gsed -i -e 's/\(tr *(.*".*\)" *UTF8_HORIZONTAL_ELLIPSIS/\1…"/' $( ag -l 'tr *\(.*" *UTF8_HORIZONTAL_ELLIPSIS' )
$ gsed -i -e 's/\(tr *( *\)UTF8_HORIZONTAL_ELLIPSIS *"/\1"…/' $( ag -l 'tr *\( *UTF8_HORIZONTAL_ELLIPSIS *"' )
in ui/qt. As discussed in #16812, the UTF8_ macros were required at one
time because we only allowed ASCII in our source code. However, that
requirement has since been relaxed and Qt's translation framework
doesn't handle concatenating strings and macros very well.
Add a new top-level view that shows each packet as a series of diagrams
similar to what you'd find in a networking textook or an RFC.
Add proto_item_set_bits_offset_len so that we can display some diagram
fields correctly.
Bugs / to do:
- Make this a separate dialog instead of a main window view?
- Handle bitfields / flags
Change-Id: Iba4897a5bf1dcd73929dde6210d5483cf07f54df
Reviewed-on: https://code.wireshark.org/review/37497
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use pushStatus() in C++ code, improve translation support and end
each message with a dot.
Change-Id: I3f673da4736c3fe49203048da282afa1abf92337
Reviewed-on: https://code.wireshark.org/review/37887
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use the existing (possible hidden) column when doing "Apply as Column"
on a field which is already used as a custom column. This will help
prevent having multiple equal custom columns, where all will be hidden
at startup and profile change when only one of them are configured as
hidden.
Multiple equal columns can always be manually configured using
"Preferences -> Appearance -> Columns" if this is intended.
Change-Id: Ib03893facfa3f194f3b3303645fb3f9313ec9e91
Reviewed-on: https://code.wireshark.org/review/37861
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use the QT text codec support to add charset conversions for all character
encodings supported by QT to Show Packet Bytes and Follow Stream (Save As
will convert to UTF-8.) Note that this is dynamic and the exact list will
depend on the version of QT and if libicu support is enabled. This does
make the list of codecs pretty long, so hopefully it shows up well on all
the different QT styles.
This does not yet support when multibyte characters span more than one packet
in Follow Stream, though the current code doesn't do that for UTF-8 or UTF-16
already. This is probably most useful for HTTP captures.
Bug: 16137
Change-Id: I6d5cd761a5d9d914b7a787fe8eb02b07b19642e6
Ping-Bug: 16630
Reviewed-on: https://code.wireshark.org/review/37707
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Fix the following deprecation issues for Qt 5.15:
Use Qt::WindowFlags() instead of 0 in Qt >= 5.6.
Pass Qt::SkipEmptyParts instead of QString::SkipEmptyParts to QString::split() in Qt >= 5.15.
Use QMultiMap instead of QMap where we were using QMap::uniqeKeys().
Use QCP::Interactions() instead of 0.
Use '\n' instead of QTextStream::endl.
Use QWheelEvent::angleDelta() instead of QWheelEvent::angle().
Change-Id: Ie2d69d3a396c0821c2c34f506ddad6f8e22f7049
Reviewed-on: https://code.wireshark.org/review/37334
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix Copy->Description from context menu in Packet List and
Packet Dialog. This was broken in gf6534b8a.
Align MainWindow::actionEditCopyTriggered() using the same procedure.
Improve ProtoTree::ctxCopyVisibleItems().
Bug: 16323
Change-Id: I564b73c027019bc59629aa84098db8f307e92d40
Reviewed-on: https://code.wireshark.org/review/36339
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MainWindow::captureFileReadStarted() is called inside event handlers.
There isn't any actual processing after the captureFileReadStarted() is
called so in most cases the code will quickly return to the event loop.
In case of cf_read() callbacks, there is dedicated "slow processing"
detection implemented that eventually leads to processEvent() call in
update_progress_dlg().
Change-Id: Icfefa0ba7bf1bec43014e30756d0eec4078d389c
Reviewed-on: https://code.wireshark.org/review/36113
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Use the "create_new" property convention similar to PacketList. Fix a
"QWidget::insertAction: Attempt to insert null action" warning in the
packet dialog while at it.
Change-Id: I29b3b113aba92634b1b9a3427e2313fca30633eb
Reviewed-on: https://code.wireshark.org/review/36023
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
PreferencesDialog::setPane takes a preference module name. Fix a
comparison in PrefModuleTreeView::setPane and update some variable names
in order to make things a bit more obvious.
Modernize some related code while we're here.
Bug: 16250
Change-Id: I8f4c7e5261a219e3f32e6e9a71574d81b1852219
Reviewed-on: https://code.wireshark.org/review/35304
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Martin Mathieson