| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The statistics that use the stats_tree API parse the -z option
without expecting a comma separator between the statistics name
and the filter. This is contrary to both the man pages and how
all the other options work. Fix that so it's consistent.
Fix #17656
|
|
The Linux SocketCAN header now uses the formerly-reserved byte in the
SocketCAN header after the "payload length" field as an "FD flags"
field, with a flag bit reserved to indicate whether the frame is a
classic CAN frame or a CAN FD frame, with two other bits giving frame
information for FD frames.
For LINKTYPE_CAN_SOCKETCAN, use that flag bit to determine whether the
frame is classic CAN or CAN FD. As some older LINKTYPE_CAN_SOCKETCAN
captures have SocketCAN headers in which the fields after the "payload
length" field were uninitialized, so trust that thge "FD flags" was
filled in, rather than possibly randomly uninitialized, only if the only
bits set in that field are the bits defined to be in that field and the
two reserved bytes after it are zero.
This will be needed when the current main-branch libpcap is released, as
it uses LINKTYPE_CAN_SOCKETCAN rather than LINKTYPE_LINUX_SLL for
ARPHRD_CAN devices; we add it now to future-proof the Wireshark releases
to which this is being committed. It also handles what existing CAN FD
captures using LINKTYPE_CAN_SOCKETCAN exist.
For LINKTYPE_LINUX_SLL frames, we have the protocol field to distinguish
between classic CAN and CAN FD, so we use that to determine the frame
type, rather than looking at the CANFD_FDF flag.
dissect_socketcan_common() now handles both classic CAN and CAN FD
frames.
|
|
The uninitialized memory causes access violations printing
duplicated nodes.
Fixes 5dd90e3b30a98956a9c1db9dfd068964b36d8757.
|
|
|
|
Revert recent "docs" target changes. It made that target build faster,
but broke other dependencies. Keep the AsciidoctorJ changes.
Revert "doc: fix the macOS build."
This reverts commit 119667d886c111b6feab703953624d56c756fdd6.
Revert "CMake: Try to make our man page builds faster."
This reverts commit 74747c4d2ffef25c20d950525aa316bb5e2a0700.
|
|
Always use the internal API to access "deprecated" and initialize
the data structure on demand. This fixes a null pointer dereference
introduced previously.
Use reference counting to share the array cleanly and avoid memory
leaks.
Keep the pointer in dfwork_t.
|
|
The lexical rules for fields and unparsed strings are ambiguous,
e.g. "fc" can be the protocol fibre channel or the byte 0xfc.
In general a name is determined to be a protocol field or not by
checking the registry.
Resolving the name in the parser gives more flexibility, for example
to use different semantic rules according to the relation between
LHS and RHS, and allows function names and protocol names to co-exist
without ambiguity.
Before:
Filter: tcp == 1
Constants:
00000 PUT_FVALUE 01 <FT_PROTOCOL> -> reg#1
Instructions:
00000 READ_TREE tcp -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_EQ reg#0 == reg#1
00003 RETURN
Filter: tcp() == 1
dftest: Syntax error near "(".
After:
Filter: tcp == 1
Constants:
00000 PUT_FVALUE 01 <FT_PROTOCOL> -> reg#1
Instructions:
(same)
Filter: tcp() == 1
dftest: Function 'tcp' does not exist
It's also a goal to make it easier to modify the lexer rules.
Ping #12810.
|
|
|
|
|
|
BUNDLE_RESOURCE_SHARE_MAN[14]_FILES shouold *not* have the generate_
prefixes; names with those prefixes are fake targets, not names of files
that we generate, so attempting to copy files with those names fails.
It should, however, have "doc/" before the names of the man pages, as
they're generated into the doc directory of the top-level build
directory.
|
|
We need to update global_ld.inpkts_to_sync_pipe as soon as we've written
a packet to the current capture file. If we're writing to multiple
files, then, if we delay counting until after we switch to another file,
the packet-count message we send to the parent before switching won't
include the packet, and the first packet-count message we send to the
parent *after* switching *will* include the packet, which could mean the
parent will try to read more packets than there are in the new file, in
which case it'll get an EOF and, at least in the case of TShark, treat
that as an error and stop capturing.
This should fix issue #17654.
While we're at it, don't send a "we have no packets" packet-count
message even for the packet-count message we send just before switching
files.
|
|
Depend on our generator targets instead of the generated files, which
allows parallel builds outside of Ninja. Don't reserve JRE memory when
building HTML and man page targets. This reduces the "docs" target build
time on my Windows VM here from over two minutes to under one.
|
|
|
|
|
|
|
|
|
|
Add captype and its documentation to the NSIS and WiX packages.
|
|
Fixes #17649.
|
|
Change-Id: Icce8f7a30caf0d52c01b20b8535a1f157a1e4f56
|
|
Change-Id: I914f4aae11b4c459a6db0d7b18ab81b73747fd58
|
|
Change-Id: I7d5350d1a590e8c5a2b87f4cc0d815d5da63a2f1
|
|
Files not having the eri_enb_log_magic should not be opened as a
eNode-B raw log file format.
|
|
|
|
|
|
|
|
There exists a program called "captype" but it's not used here.
|
|
Add endpoint type for uTP connection IDs.
Manage uTP conversations, creating generated stream ID to filter
on both sides of a conversation.
Display more information in INFO column, similar to TCP.
This is some progress towards #8792.
|
|
epan/dissectors/packet-bpv7.c (00000000000010d0 T bp_block_canonical_free) is not referred to so could be static?
epan/dissectors/packet-bpv7.c (0000000000000e50 T bp_creation_ts_new) is not referred to so could be static?
One function was not called at all - the other only in this dissector so could be static.
|
|
|
|
|
|
|
|
The verbiage for first/last packets and start/end times seem
to not be consistent. Changing will also require a change to
Capture File Statistics in the Wireshark Gui. Future MR.
|
|
For #16186. Proposed changes to the tooltips which appear when a filter
expression is potentially problematic.
Rename references to "User's Guide" to "Help" since the link to the
User's Guide in the Help menu is just called *Contents*.
Name specific sections within the help which pertain to the warning
tooltip being shown. Gives first-time users some help in finding the
right part of the sizeable User's Guide.
|
|
Closes #17089
|
|
Since the wraparound aware GT_SEQ is used, passing in 0 for the
ACK number can result in thinking that bytes are missing and
dropping frames from the follow stream tap.
|
|
In rare circumstances when a connection could not established on
the first try, succeeding in establishing it later would generate
many Retransmissions. Closes 17616.
|
|
Always make sure our offset advances in dissect_bencoded_list.
Fixes #17651.
|
|
Use the `copycss` attribute in the release notes and FAQ to copy ws.css
to the right location.
|
|
|
|
This avoids having to save/free the pointer for each tostr()
invocation (or leak memory).
|
|
We fetch the protocol IDs for several protocols, but use none of them.
Get rid of them.
|
|
Shared libraries should not export symbols exported by other libraries to avoid
collisions.
Fixes #17645.
|
|
|
|
|
|
|
|
|
|
The usage of PRIi64 and PRIu64 may lead to failed builds on MacOS - at
least it did for me.
This patch fixes this.
|
|
|
|
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
