Age | Commit message (Collapse) | Author | Files | Lines |
|
Sequence analysis has its own "filtering" system that required its
tap functions to look for some "filter flags". register_tap_listener()
already comes with a filter argument, so use that to simplify logic
of tap functions in dissectors.
Also have Qt GUI for Flow Graph look like other dialogs that have a
"Limit to display filter" checkbox.
Change-Id: I91d9d9599309786892f5b50c98692e52651e7174
Reviewed-on: https://code.wireshark.org/review/23659
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Since dissectors are now populating the timestamp of the seq_analysis_item_t
structure within the tap function, don't have the sequence_anaylsis redo it
when writing an ASCII file. This removes the need for the capture_file
parameter and simplifies the logic a bit.
Also just have GUI register the tap itself. It will provide for some more
flexibility in the future.
Change-Id: I55b2f951b977ea70ac9f7eb4929245b0779e5f0e
Reviewed-on: https://code.wireshark.org/review/23650
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Reduce all of the code duplication and just register the sequence
analysis functionality in LBM dissector.
Change-Id: I6cb5a7f0a92b04357334bbae301fa2d730a21994
Reviewed-on: https://code.wireshark.org/review/23630
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This structure contains an array of 65536 bytes.
Change-Id: Ied2c584100cb613dc195fbc5de7ae9a5ec5b770b
Reviewed-on: https://code.wireshark.org/review/21077
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I30f1b92ee438361c3bd58743f7d1ae8d5ffc96f0
Reviewed-on: https://code.wireshark.org/review/15718
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
apply a mask to get the lower 32 bit of a guint64
(there's no need for a right shift)
Change-Id: Ia8c963dc0dd88f56c4ccaf0c37a1bd3d51d65d27
Reviewed-on: https://code.wireshark.org/review/15490
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I0e845668a1b9dbec93ea920a8585ecfe60f001d1
Reviewed-on: https://code.wireshark.org/review/15044
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 11984
Change-Id: I16ef6e830f0377992233a1bd255c1e3877e56a55
Reviewed-on: https://code.wireshark.org/review/13375
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8bc9af431e70243b05f4f0ce8c2b8ee451383788
Reviewed-on: https://code.wireshark.org/review/11463
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the asn1 and epan directories.
Change-Id: I4043b0931d4353d60cffbd829e30269eb8d08cf4
Reviewed-on: https://code.wireshark.org/review/11200
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
These aren't "true" shadow issues, but the script doesn't completely understand C syntax (for things like struct member names "time" and "index"). But fixing them creates less noise.
Change-Id: I5a2db1549095824530428529e86cab453c031a04
Reviewed-on: https://code.wireshark.org/review/10368
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
[There were no actual indentation changes since since none of the files
contained tabs].
Change-Id: I92ff551e70274f459c466e1c1d449905e0e7dc92
Reviewed-on: https://code.wireshark.org/review/9945
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
type: [0, 255] found by PVS Studio (V569)
Change-Id: I5dacce44941ac132172df6d7f343fddd114bd888
Reviewed-on: https://code.wireshark.org/review/8792
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
http://www.bitterfilms.com/rejected.html
1) There is *NO* guarantee that you can safely dereference a misaligned
pointer.
2) There is *NO* guarantee that you are running on a little-endian
machine, so that an attempt to fetch a 32-bit integer through such a
pointer will fetch it in little-endian form.
Instead, fetch it using tvb_get_letohl(), which 1) doesn't care about
alignment and 2) always fetches in little-endian order.
Change-Id: I44721cbf3c4456797990cc741836c9dd8c6c3696
Reviewed-on: https://code.wireshark.org/review/8423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Copy addresses with wmem-scope instead of (forced) seasonal scope. All existing instances were converted to wmem_file_scope, but the flexibility is there for other scopes.
Change-Id: I8e58837b9ef574ec7dd87e278470d7063ae8c1c2
Reviewed-on: https://code.wireshark.org/review/6564
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I36954ea0d8b525b4d7a1b3407f9e9d0e1c9bbd67
Reviewed-on: https://code.wireshark.org/review/6378
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Third batch (packet-icmpv6.c -> packet-mac-lte.c).
Will look at cleaning up and committing script afterwards.
Change-Id: Ib91e36ad200db01c3000605f6a7a21125b96a640
Reviewed-on: https://code.wireshark.org/review/6018
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
to proto_tree_add_bitmask().
Correctly set the length of LBT-RM and LBT-RU header blocks.
Various other cosmetic cleanups.
Change-Id: If19bbdeb10176b8059fd4cf657719b3b9817bc6a
Reviewed-on: https://code.wireshark.org/review/4776
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Other minor cleanup while in the neighborhood.
Change-Id: If73a029f564219782c313d4154c24c7ce7458b52
Reviewed-on: https://code.wireshark.org/review/3574
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
fixed-length fields. The idea is to allow user-written tap
listeners easier access to the tap data. Also correct the conditions (in packet-lbmc.c) under which a subdissector would be
called, if present.
Change-Id: I5244cfbd17314058f7d3b9f42d647e0e6c375e14
Reviewed-on: https://code.wireshark.org/review/3007
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I5f6ecd246e358edc3a2f4963c201b2435e4a1a42
Reviewed-on: https://code.wireshark.org/review/2910
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I2091f7eb86c64fd086f44a7cf15e7c5483f9b44c
Reviewed-on: https://code.wireshark.org/review/2716
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
tables made avaialble by these dissectors.
Change-Id: If3a143eb9546c9de63cd32b2347000b09e0e3c93
Reviewed-on: https://code.wireshark.org/review/2688
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I58aa249d73ab44f5f56b1559b38b216cdb542ecb
Reviewed-on: https://code.wireshark.org/review/1280
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- Remove unneeded #includes;
- Move proto_reg_handoff...(() to the end of the file as per convention;
- Use dissector_add_handle() instead of using dissector_add_uint(..., 0, ...);
- #if 0 an unused global function (which caused a [-Wmissing-prototypes] warning);
- Remove an empty proto_reg-handoff...();
- 'if (already_registered)' not required in one case.
Change-Id: I74f267c2721df13eb4d52d7f19a6ded423218a39
Reviewed-on: https://code.wireshark.org/review/1277
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ia0779c6055f6e2864d2099fd607d9763e4040380
Reviewed-on: https://code.wireshark.org/review/1233
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I859597ebc957a58f659800ef63318f94e80feabf
Reviewed-on: https://code.wireshark.org/review/1104
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I34fb09b62e79bfadd362c0ade81bec80dd0f14e0
Reviewed-on: https://code.wireshark.org/review/1058
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Fixes bug 9965.
(Also fixes a typo in an expert info string.)
Change-Id: I0b4f9bc4619e0d2ba291795973070598e2e142fe
Reviewed-on: https://code.wireshark.org/review/1051
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
See the comment for details.
Change-Id: I0b1800dd884736e00201f09166c0d2bd6795b6c3
Reviewed-on: https://code.wireshark.org/review/1047
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
So don't pull in <netinet/in.h>. Also, avoid <sys/types.h> in
packet-dcom.c.
While we're at it, do *not* assume that pinfo->src or pinfo->dst are
IPv4 addresses.
Change-Id: I5fc8e859780a8d863aaf6e90a21a7039cabae0e6
Reviewed-on: https://code.wireshark.org/review/1006
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I4506be6ae8deda5e8d1e038b089620a15b650b03
Reviewed-on: https://code.wireshark.org/review/1000
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: If8fcfe1971c8863f370e440f64c36eb7566f6852
Reviewed-on: https://code.wireshark.org/review/113
Reviewed-by: Michael Mann <mmann78@netscape.net>
|