| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Remove duplicate length field to adjust to the other options.
tcp.options.rvbd.probe.len has already reported by tcp.option_len
Add missing space between "Transparency" and IP address.
Change-Id: I8b4260b34d760b73ee529a687418c4b6adcfaa0e
Reviewed-on: https://code.wireshark.org/review/24239
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
With commit f30b1e3b3bc4cec85296c280cdae88d3d17fae04 TCP options are handled
in an own dissector table. Therefore we can't read ahead or behind to get
the SYN flag or the CFE flag.
Bug: 14150
Change-Id: Ibbf1836104d32216ddfa2d4e07dccbcf948bb26c
Reviewed-on: https://code.wireshark.org/review/24181
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Uli Heilmeier <openid@heilmeier.eu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Follow up to having conversions use endpoint_type instead of
port_type.
Change-Id: Ifd59a33bd8b9a013c242bce5fcceb09533f02c17
Reviewed-on: https://code.wireshark.org/review/24172
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
For the moment this mirrors the port_type enumeration (PT_XXX), but the
intent is to move away from using "port types", eliminating most (if not
all)
Added conversation_pt_to_endpoint_type() so that conversations deal with the
correct enumeration. This is for dissector that use pinfo->ptype as input
to conversation APIs. Explicit use of port types are converted to using
ENDPOINT_XXX type.
Change-Id: Ia0bf553a3943b702c921f185407e03ce93ebf0ef
Reviewed-on: https://code.wireshark.org/review/24166
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
We have WS_INET_ADDRSTRLEN and WS_INET6_ADDRSTRLEN; use them.
Change-Id: Idade0da9fae70d891901acd787b06d21e2ddbc5f
Reviewed-on: https://code.wireshark.org/review/24156
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The intention is to make it more transparent when making a switch
to an "endpoint" over address/port combination.
Change-Id: Ic424c32095ecb103bcb4f7f4079c549de2c8d9c4
Reviewed-on: https://code.wireshark.org/review/24148
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This makes it easier to identify the simpler/common conversations
Change-Id: I7094f23e49156ee27f5f72c8e130308470f3e462
Reviewed-on: https://code.wireshark.org/review/24145
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Note that changes to tcp_analyze_sequence_number should be synced with
docbook/wsug_src/WSUG_chapter_advanced.asciidoc#ChAdvTCPAnalysis.
Change-Id: Iac72d2cf808d84c17fa5f12012675e0af1895cd1
Reviewed-on: https://code.wireshark.org/review/23989
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Sequence analysis has its own "filtering" system that required its
tap functions to look for some "filter flags". register_tap_listener()
already comes with a filter argument, so use that to simplify logic
of tap functions in dissectors.
Also have Qt GUI for Flow Graph look like other dialogs that have a
"Limit to display filter" checkbox.
Change-Id: I91d9d9599309786892f5b50c98692e52651e7174
Reviewed-on: https://code.wireshark.org/review/23659
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. Remove protocol member from seq_analysis_item_t.
It's not used by any GUI, so don't burden dissectors with populating it.
2. Allow any dissector to change colors display by flow graph
3. Provide helper functions that may be common if other dissectors
want to create sequence analysis.
Change-Id: I04fa3c9f3cf6879ab9a8d7d6f4896b4979d010d7
Reviewed-on: https://code.wireshark.org/review/23613
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Create registration system to allow creation of analysis items
to be localized to the dissector. For now only frame (all) and
TCP are supported.
VOIP functionality will be covered in a separate patch.
Change-Id: I5b05ef6d5afff8d0b162b03a0f451ab810602e81
Reviewed-on: https://code.wireshark.org/review/23571
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Using GCC version 7.1.1.
Change-Id: I7447a48fc97efb1eb15a016a29165f69d37f40a6
Reviewed-on: https://code.wireshark.org/review/23399
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: I006d872a83649e72a6c83abac68cbae064457162
Reviewed-on: https://code.wireshark.org/review/23346
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Make the tcp segment data available on all tcp packets, regardless of
reassembly of higher layer protocols.
Change-Id: I1a5024e427e07b85bfc3a4aad5d0a401beb1049d
Reviewed-on: https://code.wireshark.org/review/22374
Reviewed-by: Sake Blok <sake@euronet.nl>
Petri-Dish: Sake Blok <sake@euronet.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
While you can add both the sequence number and next sequence number as
columns, the latter would remain empty if it was the same. This disrupts
the user reading flow who would have to look left and right, so just
display the field unconditionally.
Change-Id: I80efb972eaa9a16813a87ac0fdf6a045a3eb9d2f
Suggested-by: Laura Chappell
Reviewed-on: https://code.wireshark.org/review/22307
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Format tcp.hdr_len in the tree similar to ip.hdr_len. Add comments
noting that they should be consistent.
Change-Id: Ic64282d8386c8ed339811bc9c22b5962c707d292
Reviewed-on: https://code.wireshark.org/review/22314
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
More than one packet could be meant by that
Change-Id: Ie751a282c927608414673c2cd48b11dc5e6d5ea6
Reviewed-on: https://code.wireshark.org/review/22283
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The spurious retransmission check operates on the last-seen
acknowledgment in the reverse direction. Adjust the analysis logic so
that it is checked independently of the forward sequence number.
Update the documentation accordingly.
Change-Id: I3714f44398501a581f967c61e119fe95f90209b1
Reviewed-on: https://code.wireshark.org/review/21769
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Dissectors that rely on pinfo structure information may have the
data overwritten if the data is tunneled. Address it by using
proto data that is based on pinfo->curr_layer_num.
Bug: 13746
Change-Id: I1c29f26a3c49f368876f0e96908705bc9c099ce1
Reviewed-on: https://code.wireshark.org/review/21559
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Try to document as accurately as possible the circumstances under which
each TCP analysis flag is added.
Update some TCP debugging code.
Change-Id: I793756f73b8ade328e150acf32bc203792e29449
Reviewed-on: https://code.wireshark.org/review/21749
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Add support to configure a port number for encapsulating TCP
packets in UDP.
Change-Id: I9aea1eda4537b05e76e76ed0417acb34705bad9e
Reviewed-on: https://code.wireshark.org/review/21473
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
|
|
Doing the checks ourselves doesn't save a lot of time.
Change-Id: Icd96d6487ba88bc8a0f9d475e8f569803b40cf1a
Reviewed-on: https://code.wireshark.org/review/20859
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change from col_append_sep_fstr() to col_append_sep_str() when
appending strings without formatting.
Change-Id: I315aca9b815c204a5bc78f7326402c40d1325f0e
Reviewed-on: https://code.wireshark.org/review/20846
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Prefix the Info column entry "[TCP segment of a reassembled PDU]"
with a space if the column is not empty.
Change-Id: If4fc46b2d8a2d261044767c534da34e2d27435f8
Reviewed-on: https://code.wireshark.org/review/20845
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
As discussed on the mailinglist, rewriting dissectors to use Libgcrypt
functions as Libgcrypt will be mandatory after change 20030.
Removal of following functions:
- crypt_md4
- crypt_rc4*
- aes_cmac_encrypt_*
- md5_*
- sha1_*
- sha256_*
Further candidates:
- aes_*
- rijndael_*
- ...
Added functions:
- ws_hmac_buffer
Added const macros:
- HASH_MD5_LENGTH
- HASH_SHA1_LENGTH
Changes on epan/crypt/* verified with captures from
https://wiki.wireshark.org/HowToDecrypt802.11
Changes on packet-snmp.c and packet-radius.c verified with captures from
https://wiki.wireshark.org/SampleCapture
Changes on packet-tacacs.c verified with capture from
http://ccie-in-3-months.blogspot.nl/2009/04/decoding-login-credentials-regardless.html
Change-Id: Iea6ba2bf207cf0f1bf2117068fb1abcfeaafaa46
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20095
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
It was returning (ip.src == ... && <protocol>.port == ...).
Now, I think correctly returns (ip.addr == ... && <protocol>.port == ...)
Change-Id: I242e13c0c79c2222e2b27fc2f9ee348b89d21ec1
Reviewed-on: https://code.wireshark.org/review/20281
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 3264
Change-Id: I9fa8cfaf1e21a8a984941ee40e2e404ae21e55c9
Reviewed-on: https://code.wireshark.org/review/19528
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Unless I'm missing something, that code can't be reached, so local_proto
should always be set.
Change-Id: Idf765552d66cce684eb0de8dc8da57382aaf8444
Reviewed-on: https://code.wireshark.org/review/19486
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This provides external access for dissectors and plugins to provide their
own implementation of TCP options.
Bug: 13141
Bug: 4452
Change-Id: I2fa6290616a4d8a8b421dd6daf98a23ce55479b9
Reviewed-on: https://code.wireshark.org/review/19461
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They already know who they are when they register themselves. Saving the
handle then to avoid finding it later.
Not sure if this will increase unnecessary register_dissector functions
(instead of using create_dissector_handle in proto_reg_handoff function)
when other dissectors copy/paste, but it should make startup time
a few microseconds better.
Change-Id: I3839be791b32b84887ac51a6a65fb5733e9f1f43
Reviewed-on: https://code.wireshark.org/review/19481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
proto_tree_add_uint_format_value had the most use of unit strings, this
patch handles all of the other proto_tree_add_xxx_format_value calls that
could be better served using BASE_UNIT_STRING with a "unit string" in hf_ field.
Added more "common" unit string values to unit_strings.[ch]
Change-Id: I0fb680be781e10037eb7bd40dd21a9ee20c1fb1c
Reviewed-on: https://code.wireshark.org/review/19288
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This was inspired by the https://www.wireshark.org/lists/wireshark-dev/201505/msg00029.html thread.
Used TCP and NTP dissectors as the guinea pig with sample use.
Documentation updates includes some unrelated cleanup just because it was noticed.
Change-Id: I59b26e1ca3b95e3473e4757f1759d7ad82976965
Reviewed-on: https://code.wireshark.org/review/19211
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The Calculated Checksum tree item prints the checksum from the
tvb, instead of the computed one (the "should be 0x...." tree
item above it _does_ print the computed one). As such, in a packet
with bad checksum, the Calculated Checksum is incorrect. Fix the value.
This seems to have been introduced in ad6fc87d ("Add
proto_tree_add_checksum.")
Change-Id: Ia20d5addc40956713a944102e79d25317b969a0e
Reviewed-on: https://code.wireshark.org/review/18859
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 13147
Change-Id: Icfd1343458c0795c4e3a74e4ed4f06d18f1c1831
Reviewed-on: https://code.wireshark.org/review/18854
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Use the model from the 2.0 branch and earlier that only "tapped" the
follow data in a single location. This fixes duplicate data for
reassembled data and handles out-of-order packets.
Bug: 12855
Change-Id: I5268f13e3c08e9271acf026b859de693ad794c94
Reviewed-on: https://code.wireshark.org/review/18368
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Mirror it after protocol dissector API.
Change-Id: I7985bcfa9e07654c7cf005efec94efc205d7a304
Reviewed-on: https://code.wireshark.org/review/18496
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The next sequence number is off by one when there is TCP payload
in a SYN or FIN packet (e.g. when using TCP FastOpen).
Bug: 12579
Bug: 12838
Change-Id: Idb68cea4b4dcba39461019c08db09367cbfc6d68
Reviewed-on: https://code.wireshark.org/review/16239
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
'exp_pdu_tcp_dissector_data_size/exp_pdu_tcp_dissector_data_populate_data' [-Wmissing-prototypes]
Change-Id: I259f457868f4b8cde7e188d88d3d55f97070ee3b
Reviewed-on: https://code.wireshark.org/review/17145
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows for much easier anonymized captures for protocols running
atop TCP/UDP.
Added support for "TCP dissector data" tag within export PDU (34) so that
the tcpinfo struct that TCP dissector normally passes to its subdissectors
can be saved.
Change-Id: Icd63c049162332e5bcb2720159e5cf8aac893788
Reviewed-on: https://code.wireshark.org/review/16285
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
We may want to add expert infos for IPv6 extension headers over IPv4 (TODO).
Any side-effects that don't make sense (e.g: IPv6 Routing over IPv4) are
ignored.
The IPv6 Next Header decode as is replaced by IP Proto decode as. It
didn't fit a conceptual model well and it also was not working very well
in practice (for multiple extension headers).
We now support decoding any IP Protocol number as an extension header.
Bug: 12673
Change-Id: Icbde019aba8990cc556ef2bd832f64cba76c24b6
Reviewed-on: https://code.wireshark.org/review/16681
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Bug: 12641
Change-Id: I7ba5cbf795eef3e77a7161b8dc8752d9c10610f8
Reviewed-on: https://code.wireshark.org/review/16583
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
This is an attempt to standardize display/handling of checksum fields for all dissectors.
The main target is for dissectors that do validation, but dissectors that just report the
checksum were also included just to make them easier to find in the future.
Bug: 10620
Bug: 12058
Ping-Bug: 8859
Change-Id: Ia8abd86e42eaf8ed50de6b173409e914b17993bf
Reviewed-on: https://code.wireshark.org/review/16380
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 12635
Change-Id: I077e0a2632c528acf7978123a61d8e0380f3e4e2
Reviewed-on: https://code.wireshark.org/review/16556
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Id08427246f5b481c004e861719b9b213796438c1
Reviewed-on: https://code.wireshark.org/review/16409
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
Even though TCP window scale shift is only 8 bits, the scale
calculated from it is max 16384. therefor a 16 bit value.
Let the tree item map to the single byte in the TVB, while
allowing the value to be 16 bit.
Bug: 12525
Change-Id: I41cebc62f6b8b09e13efa5f3b7432001e8d994e1
Reviewed-on: https://code.wireshark.org/review/15914
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Most protocols just want to limit COL_INFO or COL_PROTOCOL
so give that level of granularity.
Bug: 12144
Bug: 5117
Bug: 11144
Change-Id: I8de9b7d2c69e90d3fbfc0a52c2bd78c3de58e2f8
Reviewed-on: https://code.wireshark.org/review/15894
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I30f1b92ee438361c3bd58743f7d1ae8d5ffc96f0
Reviewed-on: https://code.wireshark.org/review/15718
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
