diff options
-rw-r--r-- | NEWS | 24 | ||||
-rw-r--r-- | doc/editcap.adoc | 33 | ||||
-rw-r--r-- | doc/mergecap.adoc | 18 | ||||
-rw-r--r-- | docbook/release-notes.adoc | 3 | ||||
-rw-r--r-- | editcap.c | 20 | ||||
-rw-r--r-- | mergecap.c | 12 | ||||
-rw-r--r-- | test/suite_mergecap.py | 34 |
7 files changed, 89 insertions, 55 deletions
@@ -37,6 +37,24 @@ Wireshark 3.7.1 Release Notes • If a filter is applied, two columns are shown in either dialog detailing the difference between unmatched and matched packets + • Columns are now sorted via secondary properties if an identical + entry is found. + + • Conversations will be sorted via second address and first port + number + + • Endpoints will be sorted via port numbers + + • IPv6 addresses are sorted correctly after IPv4 addresses + + • The dialog elements have been moved to make it easier to handle + for new users. + + • Selection of tap elements is done via list + + • All configurations and options are done via a left side button + row + • The PCRE2 library (https://www.pcre.org/) is now a required dependency to build Wireshark. @@ -53,6 +71,10 @@ Wireshark 3.7.1 Release Notes byte. Display filters or Coloring rules using the field will need to be adjusted. + • The 'v' (lower case) and 'V' (upper case) switches have been + swapped for editcap and mergecap to match the other command line + utilities. + Many other improvements have been made. See the “New and Updated Features” section below for more details. @@ -310,7 +332,7 @@ Wireshark 3.7.1 Release Notes A complete FAQ is available on the Wireshark web site[7]. - Last updated 2022-06-12 16:30:07 UTC + Last updated 2022-06-15 01:39:18 UTC References diff --git a/doc/editcap.adoc b/doc/editcap.adoc index 35d9e8f814..2dc96585ba 100644 --- a/doc/editcap.adoc +++ b/doc/editcap.adoc @@ -20,7 +20,6 @@ editcap - Edit and/or translate the format of capture files [ *-C* [offset:]<choplen> ] [ *-E* <error probability> ] [ *-F* <file format> ] -[ *-h* ] [ *-i* <seconds per file> ] [ *-o* <change offset> ] [ *-L* ] @@ -29,7 +28,7 @@ editcap - Edit and/or translate the format of capture files [ *-S* <strict time adjustment> ] [ *-t* <time adjustment> ] [ *-T* <encapsulation type> ] -[ *-v* ] +[ *-V* ] [ *--inject-secrets* <secrets type>,<file> ] [ *--discard-all-secrets* ] [ *--capture-comment* <comment> ] @@ -43,7 +42,7 @@ __outfile__ *-d* *-D* <dup window> *-w* <dup time window> -[ *-v* ] +[ *-V* ] [ *-I* <bytes to ignore> ] [ *--skip-radiotap-header* ] __infile__ @@ -51,7 +50,11 @@ __outfile__ [manarg] *editcap* -[ *-V* ] +*-h|--help* + +[manarg] +*editcap* +*-v|--version* == DESCRIPTION @@ -183,7 +186,7 @@ Attempts to remove duplicate packets. The length and MD5 hash of the current packet are compared to the previous <dup window> - 1 packets. If a match is found, the current packet is skipped. -The use of the option *-D 0* combined with the *-v* option is useful +The use of the option *-D 0* combined with the *-V* option is useful in that each packet's Packet number, Len and MD5 Hash will be printed to standard error. This verbose output (specifically the MD5 hash strings) can be useful in scripts to identify duplicate packets across trace @@ -215,7 +218,7 @@ provides a list of the available output formats. The default is the *pcapng* format. -- --h:: +-h|--help:: + -- Prints the version and options and exits. @@ -378,20 +381,20 @@ capture to an FDDI capture if an Ethernet capture is read and '*-T packet, you will need od(1)/xref:text2pcap.html[text2pcap](1). -- --v:: +-v|--version:: + -- -Causes *editcap* to print verbose messages while it's working. - -Use of *-v* with the de-duplication switches of *-d*, *-D* or *-w* -will cause all MD5 hashes to be printed whether the packet is skipped -or not. +Print the version and exit. -- -V:: + -- -Print the version and exit. +Causes *editcap* to print verbose messages while it's working. + +Use of *-V* with the de-duplication switches of *-d*, *-D* or *-w* +will cause all MD5 hashes to be printed whether the packet is skipped +or not. -- -w <dup time window>:: @@ -516,11 +519,11 @@ To remove duplicate packets seen __equal to or less than__ 1/10th of a second: To display the MD5 hash for all of the packets (and NOT generate any real output file): - editcap -v -D 0 capture.pcapng /dev/null + editcap -V -D 0 capture.pcapng /dev/null or on Windows systems - editcap -v -D 0 capture.pcapng NUL + editcap -V -D 0 capture.pcapng NUL To advance the timestamps of each packet forward by 3.0827 seconds: diff --git a/doc/mergecap.adoc b/doc/mergecap.adoc index f1bca75846..407f3f506a 100644 --- a/doc/mergecap.adoc +++ b/doc/mergecap.adoc @@ -15,14 +15,20 @@ mergecap - Merges two or more capture files into one *mergecap* [ *-a* ] [ *-F* <__file format__> ] -[ *-h* ] [ *-I* <__IDB merge mode__> ] [ *-s* <__snaplen__> ] -[ *-v* ] [ *-V* ] *-w* <__outfile__>|- <__infile__> [<__infile__> __...__] +[manarg] +*mergecap* +*-h|--help* + +[manarg] +*mergecap* +*-v|--version* + == DESCRIPTION *Mergecap* is a program that combines multiple saved capture files into @@ -84,7 +90,7 @@ the file in several formats; *mergecap -F* provides a list of the available output formats. By default this is the *pcapng* format. -- --h:: +-h|--help:: + -- Prints the version and options and exits. @@ -134,16 +140,16 @@ making them incapable of handling gigabit Ethernet captures if jumbo frames were used). -- --v:: +-v|--version:: + -- -Causes *mergecap* to print a number of messages while it's working. +Print the version and exit. -- -V:: + -- -Print the version and exit. +Causes *mergecap* to print a number of messages while it's working. -- -w <outfile>|-:: diff --git a/docbook/release-notes.adoc b/docbook/release-notes.adoc index 2a309789da..8bbb430a6b 100644 --- a/docbook/release-notes.adoc +++ b/docbook/release-notes.adoc @@ -52,6 +52,9 @@ wsbuglink:17779[] * The ip.flags field is now only the three high bits, not the full byte. Display filters or Coloring rules using the field will need to be adjusted. +* The 'v' (lower case) and 'V' (upper case) switches have been swapped for editcap and mergecap to + match the other command line utilities. + Many other improvements have been made. See the “New and Updated Features” section below for more details. @@ -754,14 +754,14 @@ print_usage(FILE *output) fprintf(output, " -d remove packet if duplicate (window == %d).\n", DEFAULT_DUP_DEPTH); fprintf(output, " -D <dup window> remove packet if duplicate; configurable <dup window>.\n"); fprintf(output, " Valid <dup window> values are 0 to %d.\n", MAX_DUP_DEPTH); - fprintf(output, " NOTE: A <dup window> of 0 with -v (verbose option) is\n"); + fprintf(output, " NOTE: A <dup window> of 0 with -V (verbose option) is\n"); fprintf(output, " useful to print MD5 hashes.\n"); fprintf(output, " -w <dup time window> remove packet if duplicate packet is found EQUAL TO OR\n"); fprintf(output, " LESS THAN <dup time window> prior to current packet.\n"); fprintf(output, " A <dup time window> is specified in relative seconds\n"); fprintf(output, " (e.g. 0.000001).\n"); fprintf(output, " NOTE: The use of the 'Duplicate packet removal' options with\n"); - fprintf(output, " other editcap options except -v may not always work as expected.\n"); + fprintf(output, " other editcap options except -V may not always work as expected.\n"); fprintf(output, " Specifically the -r, -t or -S options will very likely NOT have the\n"); fprintf(output, " desired effect if combined with the -d, -D or -w.\n"); fprintf(output, " --skip-radiotap-header skip radiotap header when checking for packet duplicates.\n"); @@ -836,12 +836,12 @@ print_usage(FILE *output) fprintf(output, " command line.\n"); fprintf(output, "\n"); fprintf(output, "Miscellaneous:\n"); - fprintf(output, " -h display this help and exit.\n"); - fprintf(output, " -v verbose output.\n"); - fprintf(output, " If -v is used with any of the 'Duplicate Packet\n"); + fprintf(output, " -h, --help display this help and exit.\n"); + fprintf(output, " -V verbose output.\n"); + fprintf(output, " If -V is used with any of the 'Duplicate Packet\n"); fprintf(output, " Removal' options (-d, -D or -w) then Packet lengths\n"); fprintf(output, " and MD5 hashes are printed to standard-error.\n"); - fprintf(output, " -V, --version print version information and exit.\n"); + fprintf(output, " -v, --version print version information and exit.\n"); } struct string_elem { @@ -1135,7 +1135,7 @@ main(int argc, char *argv[]) {"inject-secrets", ws_required_argument, NULL, LONGOPT_INJECT_SECRETS}, {"discard-all-secrets", ws_no_argument, NULL, LONGOPT_DISCARD_ALL_SECRETS}, {"help", ws_no_argument, NULL, 'h'}, - {"version", ws_no_argument, NULL, 'V'}, + {"version", ws_no_argument, NULL, 'v'}, {"capture-comment", ws_required_argument, NULL, LONGOPT_CAPTURE_COMMENT}, {"discard-capture-comment", ws_no_argument, NULL, LONGOPT_DISCARD_CAPTURE_COMMENT}, {0, 0, 0, 0 } @@ -1498,16 +1498,16 @@ main(int argc, char *argv[]) } break; - case 'v': + case 'V': if (verbose) { - cmdarg_err("-v was specified twice"); + cmdarg_err("-V was specified twice"); ret = INVALID_OPTION; goto clean_exit; } verbose = TRUE; break; - case 'V': + case 'v': show_version(); goto clean_exit; break; diff --git a/mergecap.c b/mergecap.c index 8bc5be0466..5d56ce60a7 100644 --- a/mergecap.c +++ b/mergecap.c @@ -66,9 +66,9 @@ print_usage(FILE *output) fprintf(output, " an empty \"-I\" option will list the merge modes.\n"); fprintf(output, "\n"); fprintf(output, "Miscellaneous:\n"); - fprintf(output, " -h display this help and exit.\n"); - fprintf(output, " -v verbose output.\n"); - fprintf(output, " -V print version information and exit.\n"); + fprintf(output, " -h, --help display this help and exit.\n"); + fprintf(output, " -V verbose output.\n"); + fprintf(output, " -v, --version print version information and exit.\n"); } /* @@ -200,7 +200,7 @@ main(int argc, char *argv[]) int opt; static const struct ws_option long_options[] = { {"help", ws_no_argument, NULL, 'h'}, - {"version", ws_no_argument, NULL, 'V'}, + {"version", ws_no_argument, NULL, 'v'}, {0, 0, 0, 0 } }; gboolean do_append = FALSE; @@ -293,11 +293,11 @@ main(int argc, char *argv[]) snaplen = get_nonzero_guint32(ws_optarg, "snapshot length"); break; - case 'v': + case 'V': verbose = TRUE; break; - case 'V': + case 'v': show_version(); goto clean_exit; break; diff --git a/test/suite_mergecap.py b/test/suite_mergecap.py index f6f9265844..f3b99e648e 100644 --- a/test/suite_mergecap.py +++ b/test/suite_mergecap.py @@ -78,7 +78,7 @@ class case_mergecap_pcap(subprocesstest.SubprocessTestCase): # $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcap) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-F', 'pcap', '-w', testout_file, capture_file('dhcp.pcap'), @@ -90,7 +90,7 @@ class case_mergecap_pcap(subprocesstest.SubprocessTestCase): # $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcap) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-F', 'pcap', '-w', testout_file, capture_file('dhcp.pcap'), capture_file('dhcp.pcap'), @@ -102,7 +102,7 @@ class case_mergecap_pcap(subprocesstest.SubprocessTestCase): # $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}empty.pcap" "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}empty.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcap) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-F', 'pcap', '-w', testout_file, capture_file('empty.pcap'), capture_file('dhcp.pcap'), capture_file('empty.pcap'), @@ -114,7 +114,7 @@ class case_mergecap_pcap(subprocesstest.SubprocessTestCase): # $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp-nanosecond.pcap" "${CAPTURE_DIR}rsasnakeoil2.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcap) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-F', 'pcap', '-w', testout_file, capture_file('dhcp-nanosecond.pcap'), capture_file('rsasnakeoil2.pcap'), @@ -130,7 +130,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-w', testout_file, capture_file('dhcp.pcap'), )) @@ -141,7 +141,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-w', testout_file, capture_file('dhcp.pcap'), capture_file('dhcp.pcap'), )) @@ -152,7 +152,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'none' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'none', '-w', testout_file, capture_file('dhcp.pcap'), capture_file('dhcp.pcap'), @@ -164,7 +164,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'all' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'all', '-w', testout_file, capture_file('dhcp.pcap'), capture_file('dhcp.pcap'), @@ -176,7 +176,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'any' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'any', '-w', testout_file, capture_file('dhcp.pcap'), capture_file('dhcp.pcap'), @@ -188,7 +188,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcapng" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-w', testout_file, capture_file('dhcp.pcapng'), )) @@ -199,7 +199,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}many_interfaces.pcapng.1" > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-w', testout_file, capture_file('many_interfaces.pcapng.1'), )) @@ -210,7 +210,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-w', testout_file, capture_file('many_interfaces.pcapng.1'), capture_file('many_interfaces.pcapng.2'), @@ -223,7 +223,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'none' -w testout.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'none', '-w', testout_file, capture_file('many_interfaces.pcapng.1'), @@ -238,7 +238,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'none' -w testin.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1 testin_file = self.filename_from_id('testin.pcapng') self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'none', '-w', testin_file, capture_file('many_interfaces.pcapng.1'), @@ -251,7 +251,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'all' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'all', '-w', testout_file, testin_file, testin_file, testin_file, @@ -265,7 +265,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'none' -w testin.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1 testin_file = self.filename_from_id('testin.pcapng') self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'none', '-w', testin_file, capture_file('many_interfaces.pcapng.1'), @@ -278,7 +278,7 @@ class case_mergecap_pcapng(subprocesstest.SubprocessTestCase): # $MERGECAP -vI 'any' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcapng) mergecap_proc = self.assertRun((cmd_mergecap, - '-v', + '-V', '-I', 'any', '-w', testout_file, testin_file, testin_file, testin_file, |