Age | Commit message (Collapse) | Author | Files | Lines |
|
We only need is_linux_bonding_device() if we have pcap_create(). We
need get_data_link_types() regardless of whether we have pcap_create()
or not.
Change-Id: I035f8ddcd57c0424662a2029f928bffa969a3f6c
Reviewed-on: https://code.wireshark.org/review/13099
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Few of these functions exist if we're not building with libpcap.
Change-Id: Icead80bc1993a229341fb4fcba6f1e5901c610ee
Reviewed-on: https://code.wireshark.org/review/13097
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
We don't need it.
Change-Id: Idca29cbd7208c388a1f5d4e2b0131f5cfddc7896
Reviewed-on: https://code.wireshark.org/review/13096
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ifc0f89706c0633925c57d1fed3a56c7e531a3b39
Reviewed-on: https://code.wireshark.org/review/13095
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The latest WinPcap has both pcap_open() and pcap_create(), and the
latter is independent of whether we have remote capture.
Change-Id: I889555b74b0c15d5519a8d178719c938d374a938
Reviewed-on: https://code.wireshark.org/review/13094
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Move the code to open capture devices and get properties of capture
devices there, joining the code to get a list of capture devices.
This lets us do a better job of handling pcap_create() in WinPcap,
including handling both WinPcap with pcap_create() and WinPcap without
pcap_create() at run time, just in case somebody tries using WinPcap 3.x
with a Wireshark built with WinPcap 4.x.
It also could make it easier to use libpcap/WinPcap directly in
Wireshark and TShark, if we have versions of libpcap/WinPcap that run
small helper utilities to do privileged functions, allowing programs
using them never to need elevated privileges themselves. That might
make it easier to fix some issues with running TShark when not saving to
a file (we could avoid the file entirely) and with delays when stopping
a capture in Wireshark (Wireshark could stop writing to the file as soon
as you click the stop button, rather than letting dumpcap do so when the
signal gets to it).
It might also make it easier to handle future versions of
libpcap/WinPcap that support using pcap_create()/pcap_activate() for
remote captures, and other future extensions to libpcap/WinPcap.
Rename some XXX_linktype routines to XXX_datalink to indicate that they
work with DLT_ values rather than LINKTYPE_ values; future versions of
libpcap might use LINKTYPE_ values in newer APIs.
Check for pcap_create() on all platforms in CMake.
Change-Id: Ia12e1692c96ec945c07a135d246958771a29c817
Reviewed-on: https://code.wireshark.org/review/13062
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
If the error is something other than ENOENT, return that error
indication.
Change-Id: If866cab5f0de0e4fa8b1ed1cead1290feb88a3cb
Reviewed-on: https://code.wireshark.org/review/13091
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Copy over and adapt missing logic from the GTK+ UI which adds recent
capture filter entries when we start a capture.
Change-Id: Ifcf8b719e53727b7c269d9890731d542d1759efc
Ping-Bug: 11950
Reviewed-on: https://code.wireshark.org/review/13086
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
No need for the GTK dependency on dissectors/packet-ipv6.h.
Add the stream_addr typedef in follow.h to make some code simpler.
Change-Id: I1cf906f58734a90263141362f2da33a140f93533
Reviewed-on: https://code.wireshark.org/review/13063
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Most probably this issue was introduced as a copy paste from RNG-REQ packet when INIT-RNG-REQ packet was first created.
Change-Id: I5eb0ac666c76b48d70b3383312f0598b6110cc03
Reviewed-on: https://code.wireshark.org/review/13085
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I16abf022ea79f763b82a28f9dffccbf56630f14c
Reviewed-on: https://code.wireshark.org/review/13087
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have subdissectors do the bit math checking for particular flag bits.
Change-Id: Ie6350e316f79af879be9fc512ce215f24449a7e5
Reviewed-on: https://code.wireshark.org/review/13071
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
See I651e76c6d53b0
Change-Id: I8082f22da0d16655104ad8699f08abdaf916a941
Reviewed-on: https://code.wireshark.org/review/13078
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Wrong fieldname for nstrace.tcpdbg.tcprtt (was nstrace.tcpdbg.tcpack)
Bug: 11964
Change-Id: Ic3e6131eeb3d46f77e4042020afb7c4ecf8dcc9f
Reviewed-on: https://code.wireshark.org/review/13079
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change the tokenizer to two regular expressions, which
make the parsing of the sentence strings a lot safer and faster.
Change-Id: I444adb8db10b689dd387c0caa951981ba28be917
Reviewed-on: https://code.wireshark.org/review/13040
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Warning found by Clang"
This is the correct fix commit 0e7b7dc8839899e7cbfa4ff65788d84a1af1e4b5.
(As committed, deleting these two lines makes the dissector return the wrong
number of bytes processed.)
Change-Id: I2e88bbc6942f6af40199d5b03a71e182c1896871
Reviewed-on: https://code.wireshark.org/review/13074
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I48080dd6839d3cb02b6ea3717d69b56dbf3e59d8
Reviewed-on: https://code.wireshark.org/review/13077
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9e83373802b9cac5707cc30f0cc94314b39baf5b
Reviewed-on: https://code.wireshark.org/review/13056
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
* rename 'system' variable to 'system_msg'.
* change 'system' variable type to gboolean.
Fixes compile error on OSX.
Change-Id: I772b3126e6f7ebdab0797eaac223787956e02aef
Reviewed-on: https://code.wireshark.org/review/13075
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
[KISS - Keep It Simple, Stupid]
Convert the Follow TCP functionality to use a tap from the TCP dissector that passes the tvb of the payload. This makes things A LOT simpler, but relies on the TCP dissector to make all decisions.
The "tap" logic passes tvb data
1. Before calls to process_tcp_payload
2. Before hf_tcp_segment_data fields (that aren't retransmissions or otherwise handled)
Follow up patches will be necessary to clean up all of the supporting "follow" functionality that is now useless.
Bug: 6925
Bug: 9780
Change-Id: I4e7f5d453519be839de39a109bafa899b9987139
Reviewed-on: https://code.wireshark.org/review/13038
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Fix:
* Byte 0 of OSC MIDI argument denotes a 'port', not a 'channel'.
* Byte 1 is either
* 'system' message (0xf0 - 0xff) and handled byte-wise or
* 'non-system' message and handled nibble-wise
* Left nibble denotes 'status'
* Right nibble denotes 'channel'
Tidy up:
* Simplify/shorted format strings for whole MIDI message.
* Add 'port' value.
* Mask 'status' and 'channel' as twin nibbles.
* Change data bytes (Bytes 2, 3) to be reported as decimals by default.
* Mask data bytes (Bytes 2, 3) with 0x7f.
* Add note names for 'noteOn', 'noteOff', 'notePressure' messages.
* Add velocity value for 'noteOn', 'noteOff' messages.
* Add pressure value for 'notePressure', 'channelPressure' messages.
* Add 14-bit (7bit LSB, 7bit MSB) value for 'pitchBend' messages.
Change-Id: I651e76c6d53b01225c3245f10fc555310c7e8c8a
Reviewed-on: https://code.wireshark.org/review/13060
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
for Zigbee
Change-Id: Ib8f68ce06c52fcbc1f66597f6f2c6f5e0b6a56d8
Reviewed-on: https://code.wireshark.org/review/12909
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Id95640db0e647a696b39ccbfabc8cf2922df1407
Reviewed-on: https://code.wireshark.org/review/13051
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I703d3123b2c345d0a4a5accbb5fd28cb2e1098a2
Reviewed-on: https://code.wireshark.org/review/13072
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Have the TCP dissector pass FIN bit to subdissectors (HTTP only one currently using it) so subdissector can use information to determine that no more segments are coming.
Bug: 9848
Change-Id: I4aebb5141f41d99598e4776bf25e74101016f5d1
Reviewed-on: https://code.wireshark.org/review/12984
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
We don't check HAVE_LIBPCAP elsewhere, and we do use GLib functions, but
don't use the GLib dynamic-loading APIs ourselves, and don't appear to
use anything from libpcap or libwiretap, so include only <glib.h> and
include it unconditionally.
Change-Id: I97f06f56b7d87c671c0aaea1a0e60f2df7adfbd1
Reviewed-on: https://code.wireshark.org/review/13067
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Extention -> Extension
Change-Id: I1624721b2e7725ec6129b3ad06327e25c0a6291d
Reviewed-on: https://code.wireshark.org/review/13053
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
VS2010 didn't like the extra ; in the variable declarations (C99 issue?)
Change-Id: Ic0fcd8342cdd3669172985a2d8023eb7b375c0b9
Reviewed-on: https://code.wireshark.org/review/13068
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie53b64f7e5b39a50dffb62fc0b886da71e0a3bd2
Reviewed-on: https://code.wireshark.org/review/13066
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: If4bbdfc4f185c3fb33211250d1e4aeff09d72d9c
Reviewed-on: https://code.wireshark.org/review/13065
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That makes it clearer that they're libwiretap headers.
Change-Id: Ia78a3496913b901073ee59e62bfb72c1677450fa
Reviewed-on: https://code.wireshark.org/review/13064
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: If08fd1481e58f785fed90a7d8c24aa2a1e0f3df7
Reviewed-on: https://code.wireshark.org/review/12958
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I4d54b851e3bd316e10edea29d1d7e311be338c71
Reviewed-on: https://code.wireshark.org/review/13054
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
If we're dissecting heuristically, and we don't have the full fragment,
but it looks like the beginning of an RPC call or reply, ask for more
data rather than rejecting it.
That way, we can recognize handle large calls and replies, such as large
NFS writes, when transported over TCP.
Clean up conversation handling while we're at it.
Bug: 11955
Change-Id: I0237255165a277a051d355810f1500cf4228d7c8
Reviewed-on: https://code.wireshark.org/review/13061
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Disable promiscuous mode, snaplen, buffer size and monitor mode
settings for extcap interfaces.
Bug: 11865
Change-Id: I20c67815ece99b8e742e36c727f415931b87af1f
Reviewed-on: https://code.wireshark.org/review/13023
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Regular expressions follow the Qt Regex syntax, which is
formulated after the Perl Regex syntax. A more detailed
overview of the possible rules can be found at:
http://doc.qt.io/qt-4.8/qregexp.html
If a required option is present, even the double-click on
the interface will first start the options dialog (Qt only)
Required fields are marked bold and put first in the dialog.
Additionally if validation failes (which it will if a required
field is kept empty, but also if a non-required textfield is
violating the defined regex), the label of the field is marked
with red.
Change-Id: If04a1146d0dfa778332ab2a39122c7a6ee1e93d2
Reviewed-on: https://code.wireshark.org/review/12914
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I080bcb25edcee0c38984cd1a7f7f36a7fd3ff36c
Reviewed-on: https://code.wireshark.org/review/13055
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change some Netscaler ICA fields to display absolute time and
not epoch timestamp seconds.
Change Process ID field to display decimal number
Change-Id: I57eb8883f4699072df90c0ea351e4bce3313dc0e
Reviewed-on: https://code.wireshark.org/review/13049
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ie91b5a1a06a20c37973e9de228bde01947eab871
Reviewed-on: https://code.wireshark.org/review/13050
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This makes it possible to use a capture filter on an interface
with user DLTs (147-162).
Bug: 11656
Ping-Bug: 11668
Change-Id: Ie9931b27e8dc8ea239e7e04e26d0ae1cacba50c9
Reviewed-on: https://code.wireshark.org/review/12996
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Add support for Generic Framing Procedure. Generic Framing Procedure (GFP)
is used to map octet-aligned variable length payloads (e.g. Ethernet, MPLS,
octet-aligned PPP, IP) into octet-synchronous signals such as SONET/SDH
(ITU-T G.707) and OTN (ITU-T G.709). GFP is a telecommunications industry
standard defined in ITU-T G.7041/Y.1303.
(https://www.itu.int/rec/T-REC-G.7041/)
Bug: 11961
Change-Id: Idf5b311e82b051b1ee65bde5149b3de405537b02
Reviewed-on: https://code.wireshark.org/review/13043
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9e53a0cd2f1b12717498e158d96d800338e01adf
Reviewed-on: https://code.wireshark.org/review/13047
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
If we ever need to look at the value of any field in the packet, we
should do it the way we do in the RTP analysis code, rather than walking
the entire protocol tree.
Get rid of an unnecessary extra level of indirection for the filter
string.
Change-Id: Ie95c0171da79e7f24019a3f67396f6a533959881
Reviewed-on: https://code.wireshark.org/review/13046
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Instead, prime the epan_dissect_t's tree to look for rtp.ssrc, and
extract that value with proto_get_finfo_ptr_array().
Also, have the filter used to check whether the packet is a candidate
for RTP analysis to check for RTPv2 (and add a check for IPv4 or IPv6
back to the Qt version), and get rid of an unnecessary extra level of
indirection for that string.
In the Qt version, if findStreams() set the error string, don't
overwrite it with a "No streams found." indication, and fix error
handling for the "filter didn't compile" case.
Change-Id: I09d0ea37ccd4806d99e3b6394f2a8a376e974705
Reviewed-on: https://code.wireshark.org/review/13045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Also protect against any badly registered protocol
Bug: 11958
Change-Id: I0c03f50c2c5478a9524ad06e669510ffb5739b21
Reviewed-on: https://code.wireshark.org/review/13041
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Bug: 11959
Change-Id: I594413b26bb33f38099046e26c1d20bba7f649fa
Reviewed-on: https://code.wireshark.org/review/13042
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I9ef842b4ed543cfbd199e49496bc01a09f71404b
Reviewed-on: https://code.wireshark.org/review/13039
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ic279965ec4fff22825a9cf8e4819fb24f3cf8475
Reviewed-on: https://code.wireshark.org/review/13026
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The message system includes mode-transition and alarm events by PLC
programmed blocks. The IDs in the mode-transition events are the same as
used in a SZL response, so I used the same decoding function.
Change-Id: If00990c21190ba0bed7933d6c8cfb590c6d8eab2
Reviewed-on: https://code.wireshark.org/review/13032
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Firstly, when building with autogen.sh and configure script, the
wireshark.pc is not generated at all. Then, due to not matching
names some variables are not being replaced as they should be.
Bug: 11069
Change-Id: Iefa7a9b536f3fee7f9ad78803aaacc5bb64a9c8d
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-on: https://code.wireshark.org/review/13005
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|