| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
An extcap utility can provide configuration for controls to use in a
GUI interface toolbar. This controls are bidirectional and can be
used to control the extcap utility while capturing.
This is useful in scenarios where configuration can be done based on
findings in the capture process, setting temporary values or give other
inputs without restarting current capture.
Todo:
- Add support for Windows
Change-Id: Ie15fa67f92eb27d8b73df6bb36f66b9a7d81932d
Reviewed-on: https://code.wireshark.org/review/19982
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
It doesn't belong in libwireshark, as it doesn't affect dissection, but
it *does* belong in libui, as it's helper code for the UIs.
Change-Id: I8a5e0640a299a08e9ec1917dd253197438ebfdbc
Reviewed-on: https://code.wireshark.org/review/20974
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The cleanup routine has been added to exit section of the applications.
Those which required a exit restyle have been patched as well.
Change-Id: I3a8787f0718ac7fef00dc58176869c7510fda7b1
Reviewed-on: https://code.wireshark.org/review/19949
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
This required a restyle of the way the different apps exit.
Change-Id: Iedf728488954cc415b620ff0284d2e60f38f87d2
Reviewed-on: https://code.wireshark.org/review/19780
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Use the get.*guint32 routines to get unsigned values.
Change-Id: I75e83b2d21bdf08c7c995e36e4deb3b1c6d6959d
Reviewed-on: https://code.wireshark.org/review/17651
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This patch reads out the stderr messages from an extcap
utility and displays it to an user. It was tested on Qt
but not on GTK, but should work their as well.
On Mac OS/X and Windows the child_watch does not behave
as it was intended. Therefore in extcap_cleanup, the callbacks
are called manually, if and only if, they have not been
called already.
The reason why it displays two error messages is, that
by the time the first one is being displayed, glib has not
returned from the spawned process on Linux yet. So there
is no way to add the stderr correctly, and putting a handler
to stderr into interface_opts will lead to memory errors,
cause then the code tries to access memory outside of its
protection.
Bug: 11892
Change-Id: I2db60dd480fed3e01428b91a705057e4f088bd15
Reviewed-on: https://code.wireshark.org/review/12954
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Move g_spawn to separate file and implement functions to
use Windows based method of spawning, instead of the glib
based version
Change-Id: Ibae03d834ec86531eba37dc8768fbf17ddadf57f
Reviewed-on: https://code.wireshark.org/review/16049
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Really, all the GUI-related options should be pulled out, so they're not
cluttering up dumpcap and tshark.
Change-Id: I0276dee2be48bae3498a819d8c0c2747fe1352e7
Reviewed-on: https://code.wireshark.org/review/16180
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
GUI from CLI
Move ui/filters.[ch] to filter_files.[ch] because dumpcap is using functionality.
Bug: 8091
Change-Id: I195c82fc023f97d6f331b8718c45a2d83d30faea
Reviewed-on: https://code.wireshark.org/review/5925
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Valgrind report leaks of several allocations like these:
590 bytes in 50 blocks are possibly lost in loss record 29,818 of 31,670
at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xCB9C8A7: __vasprintf_chk (vasprintf_chk.c:82)
by 0xA3D8DCA: g_vasprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B846C: g_strdup_vprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B850B: g_strdup_printf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0x6F4B51: scan_local_interfaces (iface_lists.c:254)
by 0x6EF3D8: iface_mon_handler2 (iface_monitor.c:113)
by 0xBE56F1D: ??? (in /lib/libnl-3.so.200.3.0)
by 0xBA16F19: ??? (in /usr/lib/libnl-route-3.so.200.3.0)
by 0xBE54E5E: nl_cache_parse (in /lib/libnl-3.so.200.3.0)
by 0xBE585CA: nl_msg_parse (in /lib/libnl-3.so.200.3.0)
by 0x6EF372: iface_mon_handler (iface_monitor.c:123)
When the list of network interfaces is updated allocations done
for global_capture_opts.all_ifaces elements leak memory. Fixed by
introducing a helper function to be used for removing an interface_t
element from all_ifaces array. While at it also fixed misc leaks when
updating individual allocated records of all_ifaces elements.
Change-Id: I035e6936a44edeef2ebe4780931c14cde99e93a4
Reviewed-on: https://code.wireshark.org/review/12209
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Have wsutil/file_util.h include them on UN*X, just as it includes io.h
on Windows, so we can have a rule of "if you do file operations, include
<wsutil/file_util.h> and use the routines in it".
Remove includes of unistd.h, fcntl.h, and sys/stat.h that aren't
necessary (whether because of the addition of them to wsutil/file_util.h
or because they weren't needed in the first place).
Change-Id: Ie241dd74deff284e39a5f690a297dbb6e1dc485f
Reviewed-on: https://code.wireshark.org/review/11619
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Dumpcap captures packets, and supports the usual capture options, so it
needs this, but it does *not* link with libwireshark (deliberately, so
that the libwireshark code isn't linked into a program that might run
with special privileges), so we must not depend on anything in
libwireshark.
Change-Id: Id975fd6a83a4b2a493c67493e41e69b784a050aa
Reviewed-on: https://code.wireshark.org/review/11546
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Extcap parameters must be saved when doing the interface number/name matching,
otherwise extcap program is not launched and pipe is not created
Change-Id: Iaa0c9ad145049ee6e7a285dfca904ceb0baf417f
Reviewed-on: https://code.wireshark.org/review/8017
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
It can be set if either 1) this is Windows (where we're assumed to be
using WinPcap, which includes calls to set the buffer size) or 2) we
have pcap_create() (in which case we also have pcap_set_buffer_size(),
at least in a normal libpcap release).
Use that rather than testing "defined(_WIN32) ||
defined(HAVE_PCAP_CREATE)"; that makes it a bit more obvious what's
being tested.
Change-Id: Id9f8455019d19206b04dd6820a748cb97ae5ad12
Reviewed-on: https://code.wireshark.org/review/7816
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
g_ascii_isXXX() can be handed a char value safely; they won't try to use
it as an index into a table before checking it.
Change-Id: Icf80163fb5f9dccd0b97917e318b1db0bf3e0cf8
Reviewed-on: https://code.wireshark.org/review/4801
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That avoids locale dependency and handles possibly-signed chars(which
we weren't always doing before).
Change-Id: I89e50678abb8c3e535081c92ca25bc1bab672c68
Reviewed-on: https://code.wireshark.org/review/4798
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I4da7b335d905dbca10bbce03aa88e1cdeeb1f8ad
Reviewed-on: https://code.wireshark.org/review/4626
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This fixes redundant extcap_pid handle close that could occur in
capture_opts_del_iface() which resulted in unhandled exception on
Windows.
Change-Id: I06b680fcb65cd6fd854a25fb1b01248dce3251a1
Reviewed-on: https://code.wireshark.org/review/4447
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
I was able to trigger it when trying to change the options of extcap_example.py interface
Change-Id: I9ecff51d47b3ef6e178637b31d49af46a1928acd
Reviewed-on: https://code.wireshark.org/review/3822
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
don't pick up the in-tree copy.
Change-Id: I7ec473876cdba1a025c52362d7f6adc62d24ce71
Reviewed-on: https://code.wireshark.org/review/3798
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
Extcap is a plugin interface, which allows for the usage
of external capture interfaces via pipes using a predefined
configuration language which results in a graphical gui.
This implementation seeks for a generic implementation,
which results in a seamless integration with the current
system, and does add all external interfaces as simple
interfaces.
Windows Note: Due to limitations with GTK and Windows,
a gspawn-winXX-helper.exe, respective gspawn-winXX-helper-console.exe
is needed, which is part of any GTK windows installation.
The default installation directory from the build is an extcap
subdirectory underneath the run directory. The folder used by
extcap may be viewed in the folders tab of the about dialog.
The default installation directory for extcap plugins with
a pre-build or installer version of wireshark is the extcap
subdirectory underneath the main wireshark directory.
For more information see:
http://youtu.be/Nn84T506SwU
bug #9009
Also take a look in doc/extcap_example.py for a Python-example
and in extcap.pod for the arguments grammer.
Todo:
- Integrate with Qt - currently no GUI is generated, but
the interfaces are still usable
Change-Id: I4f1239b2f1ebd8b2969f73af137915f5be1ce50f
Signed-off-by: Mike Ryan <mikeryan+wireshark@lacklustre.net>
Signed-off-by: Mike Kershaw <dragorn@kismetwireless.net>
Signed-off-by: Roland Knall <rknall@gmail.com>
Reviewed-on: https://code.wireshark.org/review/359
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It just means "pcap didn't give me any interfaces, and didn't report an
error". Hopefully, in the future, there will be pcap APIs that
distinguish between the (admittedly unlikely, these days) case of "there
really *are* no interfaces on which *anybody* can capture" and "you
don't have sufficient permission to capture", and we can report the
latter as an error. (Given that pcap supports more than just "regular
interfaces", though, there are cases where you don't have permission to
capture on those but you have permission to capture raw USB traffic, for
example, so perhaps what's really needed is per-interface indications of
permissions.)
Change-Id: I7b8abb0829e8502f5259c95e8af31655f79d36a1
Reviewed-on: https://code.wireshark.org/review/3169
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
capture_opts.c:1017:61: error: declaration of 'index' shadows a global declaration [-Werror=shadow]
Change-Id: Ie409b4fa7abeb85e460bea398735cdc98d9034b1
Reviewed-on: https://code.wireshark.org/review/3041
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
when we delete an interface from all_ifaces, delete it from ifaces as well
remove its selected status if it was selected
at the moment, an interface that was used for capturing before will
never be removed from the list of interfaces even if it becomes
unavailable as it remains in ifaces and will be re-added to all_ifaces
in scan_local_interfaces()
new helper function capture_opts_del_iface() to delete an entry from ifaces and
free all its components
Change-Id: Ie3271a7ed086367e511d3a971f3b68cfc014115d
Reviewed-on: https://code.wireshark.org/review/2965
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Some of those routines are used only in dumpcap; others are used in
TShark and Wireshark as well.
Change-Id: I9d92483f2fcff57a7d8b6bf6bdf2870505d19fb7
Reviewed-on: https://code.wireshark.org/review/2841
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Id0f3d4d60a1acc7aa64fd3737b8f16df5bca4e5a
Reviewed-on: https://code.wireshark.org/review/2708
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Move the routines to parse numerical command-line arguments there.
Make cmdarg_err() and cmdarg_err_cont() routines in wsutil that just
call routines specified by a call to cmdarg_err_init(), and have
programs supply the appropriate routines to it.
Change-Id: Ic24fc758c0e647f4ff49eb91673529bcb9587b01
Reviewed-on: https://code.wireshark.org/review/2704
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I780c69ee637dcd9846756a2e2d6a35baf02d826d
Reviewed-on: https://code.wireshark.org/review/2594
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
temp is a clone of the local if_info, but the type
attribute is not copied correctly
Additionally, the if_type member is exposed via the
capture options
Change-Id: Id53f0dfd1e127921e1b89bbf78cb431ee257a96c
Reviewed-on: https://code.wireshark.org/review/404
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
svn path=/trunk/; revision=53769
|
|
capture buffer size in IEC units, but document it as such.
#BACKPORT(1.10, 1.8(?))
svn path=/trunk/; revision=53728
|
|
capture_opts->default_options.linktype to -1 means.
svn path=/trunk/; revision=53591
|
|
long filename. Bug 2274 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2274)
Yes this solution leaks memory, but I think the handful of bytes leaked is worth fixing this nuisance. Won't backport until leak is fixed though.
svn path=/trunk/; revision=52793
|
|
properly so that we avoid overflow conditions and so that we ensure we don't capture more than 2GiB. Also, document the max filesize autostop value of 2GIB as well as indicating that it's truly GiB and not GB.
This fixes the problem reported on ask: http://ask.wireshark.org/questions/23891/wireshark-wont-run-with-multiple-capture-files
#BACKPORT(1.10) ... not sure about 1.8?
svn path=/trunk/; revision=51576
|
|
svn path=/trunk/; revision=50946
|
|
svn path=/trunk/; revision=50945
|
|
svn path=/trunk/; revision=50943
|
|
svn path=/trunk/; revision=50191
|
|
Friendly Names support causing unnecessary delay when Wireshark starts.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8034
svn path=/trunk/; revision=49752
|
|
it into a separate capture_session structure. capture_opts should
contain only user-specified option information (and stuff directly
derived from it, such as the "capturing from a pipe" flag).
svn path=/trunk/; revision=49493
|
|
capture_opts_default_iface_if_necessary(), to reflect what it actually
does.
svn path=/trunk/; revision=49491
|
|
(This helps flag capture_interface_list() calls that should perhaps be
checked to see whether an error should be reported if they fail.)
svn path=/trunk/; revision=49281
|
|
anything from it.
svn path=/trunk/; revision=49278
|
|
than the standard error.
In Wireshark on Windows, create a console before doing so and destroy it
before exiting. Don't do that in TShark or dumpcap, as those are
console-mode programs on Windows.
This should fix bug 8609 and still allow "wireshark -D" and "wireshark
-L" to work when the standard output isn't redirected.
svn path=/trunk/; revision=49025
|
|
svn path=/trunk/; revision=48275
|
|
svn path=/trunk/; revision=47942
|
|
svn path=/trunk/; revision=47920
|
