Age | Commit message (Collapse) | Author | Files | Lines |
|
Wireshark is
quit. Temporary coloring filters can be set by:
- pressing <ctrl>-<digit> will create a conversation coloring filter based on the
addresses of the currently selected packet (order TCP/UDP/IP/Ethernet)
This can also be achieved from the "View|Colorize Conversation" menu.
- Rightclicking on a packet in the packet-list will give the option to
"Colorize Conversation" just as "Conversation Filter" does.
- Rightclicking on an item in the packet-detail-list will give the option to
"Colorize with filter" which works similar to "Apply as filter"
Temporary filters can be cleared from the same menus or by pressing <ctrl>-<space>.
This patch also adds an item to the above mentioned menu's to add a permanent color filter
in the same way.
The colors for the temporary coloring rules are now hardcoded as I do not know
how to change the color of menu-items and therefore I chose to use icons to
show the actual color of each of the ten temporary coloring rules. Is it at all
possible to have different menu items in different colors?
One other way of solving this is to recreate the icons on the fly after changing
the colors. I will have a look into that once it is clear whether I can use
different colors within the menu structure.
svn path=/trunk/; revision=23560
|
|
Added support for Wifi Simple Config aka Wifi Protected Setup
From me:
Added standard copyright header to packet-wps
svn path=/trunk/; revision=23549
|
|
This patch updates the DTLS dissector to be compatible with OpenSSL 0.9.8f in
the following ways:
* Handle both SSL version number 0xfeff (RFC 4347 and OpenSSL 0.9.8f), and
0x100 (Used by OpenSSL 0.9.8e and earlier)
* Reassemble fragmented handshake messages.
svn path=/trunk/; revision=23369
|
|
svn path=/trunk/; revision=23344
|
|
This patch adds support for IMPS 1.3 protocol dissection and also
updates IMPS 1.2 protocol to approved release version.
From me:
- Updated vals_wbxml_public_ids table.
- Reindented file.
svn path=/trunk/; revision=23078
|
|
found by desktop-file-validate:
wireshark.desktop: warning: value "" for key "Path" in group "Desktop Entry"
does not look like an absolute path
wireshark.desktop: warning: value "GNOME;Application;Network;" for key
"Categories" in group "Desktop Entry" contains a deprecated value
"Application"
wireshark-root.desktop: warning: key "Encoding" in group "Desktop Entry" is
deprecated
wireshark-root.desktop: warning: value "" for key "Path" in group "Desktop
Entry" does not look like an absolute path
wireshark-root.desktop: warning: value "GNOME;Application;Network;" for key
"Categories" in group "Desktop Entry" contains a deprecated value
"Application"
svn path=/trunk/; revision=23034
|
|
- reassembling of fragmented TIPCv2 messages
- calling of heuristic subdissectors
- multicast upper+lower bound header fields are now shown
- corrects few typos in the comments in packet-tipc.c
svn path=/trunk/; revision=22889
|
|
svn path=/trunk/; revision=22801
|
|
svn path=/trunk/; revision=22683
|
|
Enhancement patch:
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1758
This change gives Wireshark the ability to read ATM captures saved by UpTime
Select traffic capture.
svn path=/trunk/; revision=22612
|
|
When LACP packets have the actor state or partner state fields set to 0x00,
wireshark prints the state like this (note the closing parenthesis):
Actor State: 0x00)
Since there are no flags set, this fields should be printed like this:
Actor State: 0x00
svn path=/trunk/; revision=22594
|
|
svn path=/trunk/; revision=22541
|
|
Removed a unused hf_ entry
From Ian Brumby:
- Fixed decoding of 4 character and longer SICs
svn path=/trunk/; revision=22512
|
|
explanations from me at the top of that file
add it to the distributed files, to the Win32 NSIS and U3 packages. UNIX packages will still miss this (optional) file.
svn path=/trunk/; revision=22487
|
|
- add support of session management for tcap ANSI.
(In fact, this support already exist for ANSI MAP subdissector, but as our
simulators can reuse the tcap transaction Id, the decoding of the response
may be wrong)
- move the code related to asn1 in tcap.cnf, and update tcap.cnf
- move the code related to the session management in tcap-persistentdata
- add a compilation option to free the entry in the hashtable for a closed
transaction. This is used only for tshark statistics generation, with huge file.
- cleanup and add some comments
Add Id tags to epan/tcap-persistentdata.{c,h}
svn path=/trunk/; revision=22415
|
|
last draft, draft-ietf-behave-rfc3489bis-07. Changelog:
* My employer is now sponsoring this work, so added a copyright line.
* Added a comment for each method/attribute with the RFC/I-D where is
it defined, so it will be easier to add new STUN usages.
* Removed the SHARED-SECRET method.
* Removed the PASSWORD and REFRESH-INTERVAL attributes.
* Changed "Response" to "Success Response".
* Changed "Error Reason Phase" to "Error Reason Phrase".
* Added reassembly for TCP segments on STUN2.
* Updated STUN acronym expansion.
* Renamed STUN2_ERROR to ERROR_RESPONSE.
* Changed the value of attribute FINGERPRINT from 0x8025 to 0x8028.
* Display if an unknown attribute is comprehension-optional or
comprehension-required.
* Reorganized order of attributes in the dissector code.
* The message length is now displayed in decimal.
svn path=/trunk/; revision=22383
|
|
description in Heimdal.
svn path=/trunk/; revision=22364
|
|
receiving a SES MAJOR SYNC POINT, as this indicates the end of the
COTP DT Data stream. Previous the RTSE dissector was called when
receiving a COTP DT Data fragment with the "last data unit" bit set,
but this does not work with messages fragmented in RTSE. Reassembly
can be turned off in the preferences.
svn path=/trunk/; revision=22176
|
|
- Remove ethertype preference from recently added FCoE dissector
Me:
- Add Joe to the AUTHORS list
- Change previous line in AUTHORS list from @ to [AT] in e-mail address
svn path=/trunk/; revision=22133
|
|
svn path=/trunk/; revision=21869
|
|
Replace the Interbase dissector by a Firebird/Interbase
dissector.
Me:
Fix warnings about unused parameters
Fix warnings about unused variables
Fix warning about unused function
Fix warning about mixed code and declaration
Declare all dissection functions static
Remove function declarations and move the switching
function down instead.
Update AUTHORS file
Add $Id$ and email address to file header
Fix filename in first comment line
svn path=/trunk/; revision=21843
|
|
The attached patch adds ability of of creating radio button, drop-down
list and range type preference entries to the Lua plugin.
It also fixes a lua compile warning/error in wslua_gui.c.
The patch is written by Tamas Regos, he asked me to send it to the list.
svn path=/trunk/; revision=21655
|
|
Attachment is a patch for adding a new Juniper NSRP dissector. In this patch, OICQ author email address
<dubingyao@gmail.com> has also been updated to <secfire@gmail.com>.
svn path=/trunk/; revision=21599
|
|
the current SVN (rev 21448) 802.11 WMM TSPEC dissector seems to have
some bugs.
TS Info field should be three bytes long, not two. Suspension Interval
field is missing altogether, shifting all other fields by four bytes.
Maximum Burst Size, Minimum PHY Rate, Peak Data Rate and Delay Bound
are in wrong order.
svn path=/trunk/; revision=21450
|
|
svn path=/trunk/; revision=21447
|
|
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1522
Support for WLCCP version 0xC1.
Also updated his email address in AUTHORS.
svn path=/trunk/; revision=21404
|
|
I would like to handle the rare situation of Little Endian encoded
IP addresses, so i added a function which reads the address with
tvb_get_ipv4(), then swaps the bytes before SET_ADDRESS().
svn path=/trunk/; revision=21397
|
|
- Break out and display A-MSDUs
- HT Control field (currently disabled)
- Action No Ack
- HT Information IE
- HT Capability IE
- Block Ack Request
- Secondary Channel Offset Tag
- Measurement Request Tag
- Measurement Report Tag
...along with a bunch of other updates, including displaying the
type/subtype as a hex value (first nibble: type, second nibble: subtype).
svn path=/trunk/; revision=21391
|
|
New dissector support, SHIM6
checked in with the following modifications :
- use of proto_tree_add_item whenever possible (addition of several hf_items),
- use distinct subtree idx for each subtree,
- addition of some subtrees,
- split shim_opts in several functions,
- accurate incrementation of offset in locator preferences (in case of option length > 3)
- add true_false_string for critical options and protocol differentiation (hip, shim6)
- add ipv6.shim6.checkksum_good, ipv6.shim6.checkksum_bad, cksum expert info
section added to AUTHORS
svn path=/trunk/; revision=21390
|
|
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1464
Support for Symantec SGS v3 files.
svn path=/trunk/; revision=21362
|
|
Dissector for the DRDA protocol. This is the protocol used by among
others the DB2 database.
modify his entry in AUTHORS
svn path=/trunk/; revision=21331
|
|
support for usb host/endpoint lists
svn path=/trunk/; revision=21180
|
|
support for USB conversations
svn path=/trunk/; revision=21179
|
|
New protocol: AMQP
svn path=/trunk/; revision=21174
|
|
Wiretap support to read MPEG files
svn path=/trunk/; revision=21112
|
|
comes before the descriptor type.
svn path=/trunk/; revision=21061
|
|
message dissection.
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1383
svn path=/trunk/; revision=21016
|
|
I've refactored the offending code branch and added some comments so
hopefully the intent is a bit clearer. The loop termination conditions
are now obviously independent of the content on the wire (they were
meant to be before, but I admit it was obscure). I've tried using the
ephemeral memory routines.
Add a check for a maximum fragment count, and bail out of reassembly instead
of triggering an ep_alloc exception. Add Julian to AUTHORS. Update the
release notes.
svn path=/trunk/; revision=21007
|
|
svn path=/trunk/; revision=20975
|
|
EtherNet/IP dissector
svn path=/trunk/; revision=20897
|
|
svn path=/trunk/; revision=20839
|
|
svn path=/trunk/; revision=20819
|
|
and 20651
svn path=/trunk/; revision=20803
|
|
Attached is a wireshark patch that adds support for decoding DHCP option 125
and the DHCP option 125 suboptions defined by the DSL Forum's TR-111
specification.
svn path=/trunk/; revision=20783
|
|
svn path=/trunk/; revision=20757
|
|
You must enable this feature via Edit/Preferences/Protocols/SCTP
svn path=/trunk/; revision=20756
|
|
sminmpec_values array is marked as just "export" instead of "WS_VAR_IMPORT" in
epan/sminmpec.h. This prevents its using in Windows builds of plugins directly.
svn path=/trunk/; revision=20720
|
|
Ian Schorr <ian.schorr@gmail.com>
Wed, Jan 31, 2007 at 7:24 PM
To: wireshark-dev@wireshark.org
Hello,
Please consider for checkin the following new dissectors, for the FMP protocol.
FMP (File Mapping Protocol) is the network protocol basis for EMC's HighRoad (MPFS) technology. Highroad is used to allow multiple clients to share access to NAS-shared files while allowing clients to directly access data volumes (via, for example, Fibre Channel or iSCSI). EMC currently uses this technology in our Celerra NAS servers, and we're currently in the process of open sourcing portions of the technology.
FMP actually consists of two ONC/RPC-based protocols - the core FMP protocol, and FMP/Notify. The latter is used as an asynchronous callback to inform clients of status changes, such as lock revocation.
We'd like to offer these dissectors to Wireshark users for help in debugging or otherwise troubleshooting MPFS-related problems. There are still a few minor changes that need to be made ( i.e. a handful of fields that aren't decoded) but the dissector is overall fairly complete and very usable.
Let me know if there are questions or feedback, or otherwise if other info is needed (like sample captures, which I don't want to send out to the mailing list).
Thanks,
Ian Schorr
EMC Corporation
svn path=/trunk/; revision=20679
|
|
(as generated by the Cisco ITP packet logging facility).
svn path=/trunk/; revision=20665
|
|
1 Add ALCAP and NBAP as subdissectors of SSCOP. Previously it only
knows about SSCF-NNI and data. (Changes in packet-sscop.c,
packet-sscop.h)
2 Add capability for lower layer to force SSCOP to choose a particular
dissector. It is passed as "subdissector" field of SSCOP protocol
data. This is required because different payload protocol is
distinguished by different VPI/VCI. There is no protocol field inside
SSCOP frame. (Changes in packet-sscop.c, packet-sscop.h)
3 Make K12xx configuration file supporting the following syntax:
C:\k1297\stacks\umts_iub\umts_iub_aal2l3.stk sscop:alcap
This says dissect with SSCOP first and then pass to ALCAP.
The change is made general, so it supports arbitrary number of
protocol, like "proto1:proto2:proto3". Using ":" as separator
allow us to expand the syntax further to support parameters like
"proto1 param1:proto2 param2 param3". (Changes in packet-k12.c)
With above 3 changes together, dissecting Iub traces are correct for
control and signaling planes. I am still investigating user plane
frames because writing UMTS RLC/MAC protocol dissector is required.
The patch and sample .rf file (same as my previous patch) is in the
attachment.
plus:
Add Kriang to the AUTHORS list (and once at it upate my own record)
svn path=/trunk/; revision=20580
|