Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I76ca4d075756e3ac691070e0c05344a410ea2498
Reviewed-on: https://code.wireshark.org/review/2507
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
In some cases "-v" was already used so "-V" is the option.
Note that the version information in these utilities is much shorter than what
is presented by the big programs.
As requested by https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5804
Bug: 5804
Change-Id: I35db35a4eace2797afd895f9be7322ef39928480
Reviewed-on: https://code.wireshark.org/review/2489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I84dda519e617b24d92fcf374670a4a6ee6f488ee
Reviewed-on: https://code.wireshark.org/review/2506
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: I55884d48911de307cde52accfebbda69f2989526
Reviewed-on: https://code.wireshark.org/review/2505
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The files that use LONGOPT_CAPTURE_COMMON and OPTSTRING_CAPTURE_COMMON
include capture_opts.h unconditionally, so there's no need to define
them if we don't have pcap. In addition, we want the capture options
"available" even if we don't have pcap, so we can tell the user "you're
using a version of *shark without pcap, but you gave a capture option".
Change-Id: I0bd3893b73d3d903610d0bc6cacb60bfb37096f4
Reviewed-on: https://code.wireshark.org/review/2503
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I55a04fe6f72c22f1a936ef45b215a8813f7a02db
Reviewed-on: https://code.wireshark.org/review/2502
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: I1f006805548829435710b1d86297aa9168afe7f9
Reviewed-on: https://code.wireshark.org/review/2501
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: I265367f07253be4379efbb6689ec944f04ef6134
Reviewed-on: https://code.wireshark.org/review/2500
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: I666d819fdee67d945dd46bd03749f190eb2873b4
Reviewed-on: https://code.wireshark.org/review/2499
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
Change-Id: I6c67f9ea9d115a8396af0904ef9a73d2c528dcaa
Reviewed-on: https://code.wireshark.org/review/2498
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
(The name for -p matches what's in the tcpdump trunk.)
Change-Id: If4f1824518aee1f0213f140d884db9c676dd15c4
Reviewed-on: https://code.wireshark.org/review/2497
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
While we're at it, simplify the #ifdefs and #defines in capture_opts.h -
don't do the same tests twice.
Change-Id: I2079167f31789470ef77120054d769d5914745e3
Reviewed-on: https://code.wireshark.org/review/2496
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I827615d45051c9d66407516b311d3de448de6d07
Reviewed-on: https://code.wireshark.org/review/2495
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: If0078797a2e7b14edbd1b64863c4961c9b198168
Reviewed-on: https://code.wireshark.org/review/2494
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
No capturing, no capture options.
Change-Id: I0023184b9c358d5876f19a098590f34d641c8649
Reviewed-on: https://code.wireshark.org/review/2493
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The names match tcpdump trunk's names for the corresponding options.
Also have capture_opts.h provide a #define for the part of the short
option string that corresponds to the capture short options that all our
programs that take capture short options take (those are largely the
ones we have in common with tcpdump).
Change-Id: Ia209425959c801725850b56a7d63441ee99b5001
Reviewed-on: https://code.wireshark.org/review/2492
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Also, make the convention for long-only options be that their
case-statement values start at 128, so they avoid colliding with any
ASCII code points, including control characters.
Make the tables of long options "static const" while we're at it, and
get rid of unnecessary casts.
Change-Id: I55702a85e9bc078b1cd0f2803ebb68a710405bab
Reviewed-on: https://code.wireshark.org/review/2491
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
subtree
Bug: 10211
Change-Id: Ide37f2a2b33f0d6d7cdff897eed02a8c1ea24f7d
Reviewed-on: https://code.wireshark.org/review/2488
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I7166528e312c99b8477361140869ebeb2b7c03b9
Reviewed-on: https://code.wireshark.org/review/2487
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
This fix does change the format printed for values using bitmasks
(because the bit values are printed first) and is not always wanted
in this dissectors (because of readability).
We should have a better way of doing what I want in this dissectors,
so I'll have a look at this later.
Change-Id: I2477aa6b1d0c42a7ad5848bba3cb74dce3bba1f0
Reviewed-on: https://code.wireshark.org/review/2485
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: Icd272fc9ae749728a601966de573843390e278ab
Reviewed-on: https://code.wireshark.org/review/2484
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6653b733dfd2c587909371e50fd0c2efc4649dcd
Reviewed-on: https://code.wireshark.org/review/2482
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I5762fb30f57d0f9bc3e5fc786577ed1cc49b64d7
Reviewed-on: https://code.wireshark.org/review/2481
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I56aae95d61930c74ac9962225e1bcda72079595e
Reviewed-on: https://code.wireshark.org/review/2477
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
This is intended as a replacement for all of the proto_tree_add_text followed by proto_item_add_subtree calls.
Change-Id: I892136d7b9d8b4e100996097eff62ce7af9512d2
Reviewed-on: https://code.wireshark.org/review/2472
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I945830a6dd9c34adf9802fa9e9948e2e90d8aba8
Reviewed-on: https://code.wireshark.org/review/2476
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Hidden fields are deprecated, and we were hiding them inconsistently anyways.
Bug:10211
Change-Id: Iaf1576ae7bc04c0c0bd896c096b117f1b8af2e9e
Reviewed-on: https://code.wireshark.org/review/2474
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I5e40df8af6841e3dad71c41d7e43c7971611b15f
Reviewed-on: https://code.wireshark.org/review/2473
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Also ensured some files have their correct names at the top so they are more easily grepped
Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
pre-commit script.
1. Correctly identify ASN.1 dissectors (so checkfiltername.pl can be more lenient on them)
2. "Whitelist" known (good) filters
Change-Id: Iea662190b6655a1919bf08bc35e7978eb2693509
Reviewed-on: https://code.wireshark.org/review/2453
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Essentially:
When more data is needed to continue dissecting a PDU, use
DESEGMENT_ONE_MORE_SEGMENT instead of repeatedly requesting
additional bytes (for one or a few more fields).
- Improves the efficiency of the dissection;
- Prevents 'one-pass' tshark dissection from redissecting
the PDU repeatedly many, many times with each time dissecting
the PDU with one or a few more additional fields.
This generated *lots* of (repeated) output since a reassembled
VNC PDU can contain many fields (each of short length).
- (A comment in packet-tcp.c states, in effect, that repeatedly
requesting a specific amount of more bytes to dissect a PDU
will "break reassembly" although I note that the reassembly did
seem to work (in-efficiently)).
Note: Although this patch improves the handling of reassembly, the
dissector has significant issues. For example. see Bug #5366.
I expect this fixes the Bug #10134 issue: "Cannot allocate memory";
Before the fix, 'tshark -nVxr' for the input file generated trees with
multiple hundreds of thousands of entries and generated reassembled
PDUs consisting of many, many small fragments.
Change-Id: I970037c346fbaa4bffa5726fd5bee5f69396eabf
Reviewed-on: https://code.wireshark.org/review/2471
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Iea53b17480d758c16822d80778fa4f186a188a91
Reviewed-on: https://code.wireshark.org/review/2470
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I8e026dd75085723b95eb2542e102b4383379dfc8
Reviewed-on: https://code.wireshark.org/review/2469
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Don't destroy interesting_hfids hash table, just remove all values.
Change-Id: I119aaebf91aca8916aea0f15376ff2cb9d3fbc35
Reviewed-on: https://code.wireshark.org/review/2467
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The data is actually
64-bit, and was being fetched that way - but not stored that way - leading to some very strange
(and large) values.
Change-Id: I2235ae7f1bab7f48f99afac70109a7d8f9b38e2b
Reviewed-on: https://code.wireshark.org/review/2468
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I41931121ab8854e4737aeb565b4f51be87426fa9
Reviewed-on: https://code.wireshark.org/review/2375
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
of all coming from proto_zbee_nwk.
Change-Id: I8049e84af4670b3dec436d2bab143d59557c07aa
Reviewed-on: https://code.wireshark.org/review/2450
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Set initialize position to center on parent
bug: 3817
Change-Id: Iad48aa762d892908d50f742606160c8305084f48
Reviewed-on: https://code.wireshark.org/review/2459
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Tested-by: Balint Reczey <balint@balintreczey.hu>
|
|
Also rename base protocol filter name to match prefix of all other fields
Change-Id: Iff234c1443252b9f8e6d87fd7a76925746b5e513
Reviewed-on: https://code.wireshark.org/review/2449
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Cleaned up filter names that were shared, but had different types (which can cause problems in a display filter compare)
Also cleaned up many [FIELDDESCR] that effectively mimicked the field name. Even more could probably be done (and/or rename field name to be more descriptive), but I was being conservative.
Change-Id: I2e072b4f411c390b9430a0a0d903133d6decae5e
Reviewed-on: https://code.wireshark.org/review/2448
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I947085e2bffa3141dac20e3fe92077c515801297
Reviewed-on: https://code.wireshark.org/review/2466
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Don't manually fetch each character to find ',' use tvb_find_guint8()
Change-Id: I29711421469e868a86bf2edd7adf8dcc85ed26eb
Reviewed-on: https://code.wireshark.org/review/2446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I59ad726c16d4a85dd065f4a21bdf5d86e47c82cd
Reviewed-on: https://code.wireshark.org/review/2451
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ibd2fa6c791253e4dbac9a21532e894db3327ce57
Reviewed-on: https://code.wireshark.org/review/2465
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
(unknown length)
this fixes bug 9527
Change-Id: I255ae9662dfeea06e61e4b0891e0ea8eaa254d0f
Reviewed-on: https://code.wireshark.org/review/2462
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Ie1a71046b791bcbbf3cf02ddd1c4ddc88b388302
Reviewed-on: https://code.wireshark.org/review/2461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Yes, this is a Gtk-UI fix but it's a one-liner and easy enough.
Fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8715
Bug: 8715
Change-Id: I554b6c953e83ff3d8cb57029e844f2f481b751dd
Reviewed-on: https://code.wireshark.org/review/2460
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
Check for all the different AF_INET6 values that are on various OSes.
If Totem is, and will forever be, used *ONLY* on one particular OS, feel
free to remove the uses of other _AF_INET6 values (but do *not* change
back to using the OS's AF_INET6; this should dissect the protocol
correctly on *all* OSes).
Add a common AF_INET definition to epan/aftypes.h while we're at it, and
use that; as most OSes picked up 4.2BSD's AF_INET value, most if not all
of them use 2, but IPv6 came out after 4.2BSD, and various OSes all
picked their own values for AF_INET6.
Change-Id: Iae15dfdd15203ed3ecd078a6499821dc09139a98
Reviewed-on: https://code.wireshark.org/review/2458
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ieb231d9f551f3e157197f56378088fb0069388d3
Reviewed-on: https://code.wireshark.org/review/2455
Reviewed-by: Michael Mann <mmann78@netscape.net>
|