Age | Commit message (Collapse) | Author | Files | Lines |
|
Extcap is a plugin interface, which allows for the usage
of external capture interfaces via pipes using a predefined
configuration language which results in a graphical gui.
This implementation seeks for a generic implementation,
which results in a seamless integration with the current
system, and does add all external interfaces as simple
interfaces.
Windows Note: Due to limitations with GTK and Windows,
a gspawn-winXX-helper.exe, respective gspawn-winXX-helper-console.exe
is needed, which is part of any GTK windows installation.
The default installation directory from the build is an extcap
subdirectory underneath the run directory. The folder used by
extcap may be viewed in the folders tab of the about dialog.
The default installation directory for extcap plugins with
a pre-build or installer version of wireshark is the extcap
subdirectory underneath the main wireshark directory.
For more information see:
http://youtu.be/Nn84T506SwU
bug #9009
Also take a look in doc/extcap_example.py for a Python-example
and in extcap.pod for the arguments grammer.
Todo:
- Integrate with Qt - currently no GUI is generated, but
the interfaces are still usable
Change-Id: I4f1239b2f1ebd8b2969f73af137915f5be1ce50f
Signed-off-by: Mike Ryan <mikeryan+wireshark@lacklustre.net>
Signed-off-by: Mike Kershaw <dragorn@kismetwireless.net>
Signed-off-by: Roland Knall <rknall@gmail.com>
Reviewed-on: https://code.wireshark.org/review/359
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1- removed unnecessary include <wiretap/erf.h>
2- used fall through in protocol switch case instead of calling same
function with same params.
fixes/changes after review with Evan Huus, changes ETH/IPv4/IPv6/Infiniband/InfinibandLink
to use dissector table instead of direct function calls.
other protocols should be called in the same way, we'll do it when have
the time.
instead of calling subdissector directly from packet-erf.c code it's
easier to declare this and each time we need to register a new
protocol over erf format we sould easily extend it from the protcol module
instead using "dissector_add_uint()" function.
the change is still backward compatible, if no upper protocol is
registered for the specifc type an old fasion direct function call
is performed.
Change-Id: I3ae1ccfdd49ab8f90667185296cc950dc2184475
Reviewed-on: https://code.wireshark.org/review/3670
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Also, don't initialize ie_item, in the hopes that cases where we don't
set it will be caught at compile time rather than run time.
Change-Id: I768251d19a7508ec876af44b987a4ecfd04258f7
Reviewed-on: https://code.wireshark.org/review/3759
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
See, for example:
http://code.google.com/p/diod/wiki/protocol#attach,_auth_--_messages_to_establish_a_connection
and
http://code.google.com/p/diod/wiki/protocol#Overview
where the latter says
9P2000.L consists of a subset of the canonical 9P2000
operations, the 9P2000.u attach and auth messages, plus new
operations designed to map to the Linux VFS in a straightforward
way.
so tattach and tauth are the same as 9P2000.u.
Don't throw a dissector assertion of there's data at the end of the
packet; in the particular case that found this bug, yes, it was a
dissector bug, but it could also be a malformed packet, and we should
not throw dissector assertions unless we know *for certain* that the
problem is a dissector bug rather than a malformed packet.
Change-Id: I5ef5d837bccb4e7c4844d31a138aa55a85ec1b60
Reviewed-on: https://code.wireshark.org/review/3758
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Sorting them to match the definitions of the hfi variables makes it
easier to compare the two lists.
Comparing the lists found a missing entry; add it.
Change-Id: I3517667336b1355195c5a227f0d02f1740a7c4cd
Reviewed-on: https://code.wireshark.org/review/3757
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That avoids a warning printed when making a value_string_ext table out
of it.
Change-Id: I7874e6db9d6805abcc21f113f1de7c2cf687e624
Reviewed-on: https://code.wireshark.org/review/3756
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
In WCCP V2, check whether the length field runs past the end of the
packet (actual packet data, not captured data) and, if so, report an
error with expert info, otherwise use the length field to set the length
of the tvbuff. That allows the dissector to just use the tvbuff checks
to do length checks, so eliminate manual length checks.
In find_wccp_address_table(), stop if we run past the reported length or
packet length; if we fail to find an address table because we run past
the captured length, we should probably note that if we're trying to
dissect addresses.
Don't do any other checks against the captured length, just throw the
BoundsError assertion, to report that the packet was cut short during
the capture process.
When creating a protocol subtree for an item, give it a "to the end"
initial length", and only set the length when we're finished dissecting
the item, based on the amount of data dissected.
Don't speak of dissectors in expert info - the user needn't know what a
dissector is; what matters is what the protocol specifies.
Properly report "item is too short" errors - those are indicated by item
dissectors returning a negative value, so show the negative of that
value.
Make the top level item for a capability element be a separate item from
the element type; use hf_capability_element_type for the type rather
than the entire element, and put the type and length into the protocol
tree in that order, as that's the order in which they appear in the
packet.
Don't do capability element length checks in the capability element
dissector, do it in the dissector for the particular capability element,
and don't fail with a dissector bug report, fail with an expert info.
Sort the ett[] array to match the list of ett_ definitions, to make it
easier to check that they're all registered.
Change-Id: I6545e000b6caf9824f89234602635668fa1d38d6
Reviewed-on: https://code.wireshark.org/review/3754
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
4189: Local variable is initialized but not referenced
Fix some variables found by this
Change-Id: Icc13def5413f1fe885ec25e659462c8906a6cfa0
Reviewed-on: https://code.wireshark.org/review/3748
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Move decode of the User-Name AVP out of the 3GPP-specific file.
Add a couple of macros for 3GPP AppIDs (rather than using the number directly)
in both files.
Change-Id: I496b4ae86b05264462167b6e41ce1451392de11b
Reviewed-on: https://code.wireshark.org/review/3753
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
are not found.
Accurately describe the default behavior: Wireshark will use the libraries if
they are available.
May help avoid problems like that described in:
https://ask.wireshark.org/questions/35600/not-able-to-configure-wireshark-with-gnutls
Change-Id: I5f0b2ce87cb7c6b337de93609f13d8027e662263
Reviewed-on: https://code.wireshark.org/review/3750
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
Also: re-enable use of DISSECTOR_ASSERT_CMP... macros in packet-ceph.c
Change-Id: Icee80381f5c8feb14cfc7e4033bdeb893018ce95
Reviewed-on: https://code.wireshark.org/review/3749
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ibc814fb56f34b6c74cb7751e790978748ea8b1db
Reviewed-on: https://code.wireshark.org/review/3747
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fix deprecated APIs
Restore delted hf.
Change-Id: I5c08dd8e702a6fadd0409cec608d9a7b153f8164
Reviewed-on: https://code.wireshark.org/review/3746
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fix a few deprecated APIs
Change-Id: I8a535417234a6e739eeb0835e524d6e367150340
Reviewed-on: https://code.wireshark.org/review/3745
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I0a4a738a410f0aece9459852a51d6c96f11aae76
Reviewed-on: https://code.wireshark.org/review/3739
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
macros since they have a bug.
Change-Id: I007931980644a9283083052f8c27d553f052470a
Reviewed-on: https://code.wireshark.org/review/3743
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
New messages:
- Mon Paxos.
- Mon Global ID.
- Mon Get Version
- OSD Ping
- Ping
- OSD Boot
- OSD PG Create.
- PG Stats.
Other updates:
- Documentation for modifying the dissector.
- Update assertions to show values.
- Replace proto_tree_add_text()/expert_add_info...() by proto_tree_add_expert...().
- Fix a bug: misplaced break.
- Do some minor whitespace & other cosmetic changes.
Change-Id: Ib19ce509b67fb5e6fb31e82b5a551a9e952a9c6d
Reviewed-on: https://code.wireshark.org/review/3623
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
and use it to decode the User-Name AVP of S6a/S6d messages.
Also clean up some white space/formatting.
Change-Id: Idf2d4cad2af1826b24de7d59407ffeb36100c19b
Reviewed-on: https://code.wireshark.org/review/3742
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
Remove set-but-not-used variable.
Mark a parameter as unused.
Change-Id: I7c3af353da2967e5d611deb2cb027a9e30e54bdf
Reviewed-on: https://code.wireshark.org/review/3741
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
Change-Id: I3d5e91bd0bdb44fe033284aa38bc1f3a1dc35f4f
Reviewed-on: https://code.wireshark.org/review/3740
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
this fixes the bugfix for
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10386
(hopefully)
Change-Id: Ib61e1033cae7516181c3557bf78d01b4249a7393
Reviewed-on: https://code.wireshark.org/review/3738
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
for USB control messages
Change-Id: I9d2ad2995975e1853c73d712b429a30cead8f473
Reviewed-on: https://code.wireshark.org/review/3737
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Fix dissection when MCC starts in the high nibble.
Replace deprecated APIs
Change-Id: Ic08a1db9ee7ebb535bf7914191807304e9f88981
Reviewed-on: https://code.wireshark.org/review/3736
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie527b89f6be2d100dfd8bc7c96c2f2ac7efa3efc
Reviewed-on: https://code.wireshark.org/review/3735
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
(another small step to make this function understandable)
Change-Id: Ib00aa00af8287969dd2d80a33c1f0ebd0b8f2248
Reviewed-on: https://code.wireshark.org/review/3734
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I8004c4fd6e9cac3615d27b375229a79d01dfcd68
Reviewed-on: https://code.wireshark.org/review/3733
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: If14357a02a60eff5fc7e50567c2c6bfc6ee3dcc6
Reviewed-on: https://code.wireshark.org/review/3732
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
standard descriptors
usb_trans_info is a part of usb_conv_info, there's no need to have it as
a separate parameter
Change-Id: I3608c10543b896ca04c6062de23297d852dae31a
Reviewed-on: https://code.wireshark.org/review/3731
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
get descriptor response on their own, only as part of a configuration
descriptor
Change-Id: I2d70ab1d1adc19cbc0fe8c2c835071153a40ae7d
Reviewed-on: https://code.wireshark.org/review/3730
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
usb conversation, there's no need to clean up usb_conv_info after
parsing the configuration descriptor
this wouldn't work anyway if one of the subfunctions throws an exception
Change-Id: Ifd13f320db1ec17c3b706778ce0f5dffa1349770
Reviewed-on: https://code.wireshark.org/review/3729
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
This reverts commit 22e10bea0cbd2b29d6e7b82a3ead3910d71988a2.
Now that the fuzz failures are fixed, we can re-enable the
audio-specific extensions.
Change-Id: Id788e10aaa3dbf289df364f7da9ef01e24ba47f9
Reviewed-on: https://code.wireshark.org/review/3728
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
new packet
this fixes the fuzz failures in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10386
Change-Id: I8c0ba8c8da9af8d7a3ef9cdd7781769b9966f1a2
Reviewed-on: https://code.wireshark.org/review/3727
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
we don't have to set them to NULL again
Change-Id: Iacd01ca207d2b74ebdbd5a7635f00e6d03b13721
Reviewed-on: https://code.wireshark.org/review/3726
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
packet-gtp.c: In function 'decode_gtp_imsi':
packet-gtp.c:3210:18: error: variable 'imsi_str' set but not used [-Werror=unused-but-set-variable]
cc1: all warnings being treated as errors
make[5]: *** [libdissectors_la-packet-gtp.lo] Error 1
by commenting out the unused variable
Change-Id: I498595f93423c599f902a1a0cc42b63cef2c4d7c
Reviewed-on: https://code.wireshark.org/review/3725
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I66eb683d6b1f9dccae3e566ad4dd4cfd18b81ddb
Reviewed-on: https://code.wireshark.org/review/3713
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
- Specify that proto_register...() and proto_reg_handoff...() prototypes are required;
- Indicate that certain #includes should be used only as needed;
- Don't use CamelCase (or CAPS) in variable names;
- Do some reformatting of certain lines;
- Futz hf[] array entry so checkAPIs and checkhf tests don't fail.
Change-Id: Ie03846f4bebd2a9bece464c85cc3c2ef46dd4fe5
Reviewed-on: https://code.wireshark.org/review/3724
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I2e8d18df71688c654f7acaff51fae7823c08aa6a
Reviewed-on: https://code.wireshark.org/review/3677
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
fix offset in dissect_e212_mcc_mnc_in_address().
Change-Id: I68006ea3e2c79e2549e6f2d2c8a997e44fc3cdf1
Reviewed-on: https://code.wireshark.org/review/3722
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Remove deprecated APIs
Change-Id: I1d5a1437000c5bc4ffd7708bc5b3ab42f7019acf
Reviewed-on: https://code.wireshark.org/review/3721
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I5196f2be4b15704517ff1dc8bfacc6f9b52ecd71
Reviewed-on: https://code.wireshark.org/review/3720
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
E212.
Change-Id: I203502b39d4ef216282d305f90c930aca84241bf
Reviewed-on: https://code.wireshark.org/review/3718
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Also fix up some whitespace.
Change-Id: I7cd78740199ce7b2682902a5687c4f05c2c963b2
Reviewed-on: https://code.wireshark.org/review/3716
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
- remove soft deprecated APIs and unused hf.
Change-Id: Id00c3dd35f3fc65f543bc29df6d35515c45fe7e1
Reviewed-on: https://code.wireshark.org/review/3715
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: If75925224fc487f583635d9a4346fa900cb0d1d1
Reviewed-on: https://code.wireshark.org/review/3703
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This squelches an assertion.
Use %u to print it, while we're at it.
Reformat the generated named fields to match the others.
Use proto_tree_add_item for the beacon type.
Change-Id: I1dcf161141638de8d7314a3733391a63e0608f67
Reviewed-on: https://code.wireshark.org/review/3711
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The authentication string was not being factored in on the length reply.
Also there was an issue with different banners. Now the banner length
must match what we expect or the packet is rejected. If the banner
length changes the protocol is different and we won't be able to parse
it anyways.
Change-Id: I0c1a7379edaa203042486a0e6f9ce3642427da99
Reviewed-on: https://code.wireshark.org/review/3710
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The argument is no longer guaranteed to be a const that hangs around.
Bug: 10395
Change-Id: I3c658f6db5927e09a9a38f9ec0fbce153b3e1bc2
Reviewed-on: https://code.wireshark.org/review/3709
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
That's not supported. Put the unknown enterprise number in a a 4-byte
value, as that's what it is, and then just skip to the end of the
packet.
Change-Id: I2cce84bfbb46a114d4809dbc61a021d497eb87a8
Reviewed-on: https://code.wireshark.org/review/3708
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Unless we plan to fill in all 256 entries in the TLV type table, and
unless that's because all 256 types are valid, we should report unknown
types with an expert info, not a dissector assertion.
Change-Id: Ia6fca37ad6a5969caad3229abaf08a25e20ba992
Reviewed-on: https://code.wireshark.org/review/3707
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
proto_tree_add_expert() is to be used only on an item that's been
created as a tree (i.e., an interior node, complete with an ett_ value);
to hang expert info off of an *item*, which might *not* have been set up
to take subtree items, use expert_add_info().
Change-Id: Icdcdf39c31c0a03ff80dbb629186e8f6fa82e8ab
Reviewed-on: https://code.wireshark.org/review/3705
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|