| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This is used to select ringbuffer savefile name template. Choose one of two
savefile name templates:
If value is 1, make running file number part before start time part; this is
the original and default behaviour (e.g. log_00001_20210828164426.pcap).
If value is greater than 1, make start time part before running number part
(e.g. log_20210828164426_00001.pcap).
The latter makes alphabetical sortig order equal to creation time order, and
keeps related multiple file sets in same directory close to each other (e.g.
while browsing in wireshark "Open file" dialog).
Signed-off-by: Juha Takala <juha.takala+rauta@iki.fi>
|
|
Don't store the comments in a capture_options structure, because that's
available only if we're being built with capture support, and
--capture-comment can be used in TShark when reading a capture file and
writing another capture file, with no live capture taking place.
This means we don't handle that option in capture_opts_add_opt(); handle
it in the programs that support it.
Support writing multiple comments in dumpcap when capturing.
These changes also fix builds without pcap, and makes --capture-comment
work in Wireshark when a capture is started from the command line with
-k.
Update the help messages to indicate that --capture-comment adds a
capture comment, it doesn't change any comment (much less "the" comment,
as there isn't necessarily a single comment).
Update the man pages:
- not to presume that only pcapng files support file comments (even if
that's true now, it might not be true in the future);
- to note that multiple instances of --capture-comment are supported,
and that multiple comments will be written, whether capturing or reading
one file and writing another;
- clarify that Wireshark doesn't *discard* SHB comments other than the
first one, even though it only displays the first one;
|
|
The latter is what editcap calls --capture-comment, and the _NUM serves
no purpose whatsoever. One #define name for it suffices.
|
|
Allows adding one or more capture comments to a new pcapng file when
tshark is reading from a file. Currently, tshark only allows setting one
capture comment, and that only when doing a live capture.
The use case for this feature is given in bug #15005.
I decided to allow multiple capture comments to match the same ability
in `editcap`.
To allow this change, I changed the function signature of
`process_cap_file()` so it takes a `capture_options` struct instead of
individual parameters that affect the capture.
|
|
|
|
A domain filter can be given in the environment variable
'WS_LOG_DOMAINS' or in a command-line options "--log-domains".
The filter is specified as a comma separated case insensitive list,
for example:
./tshark --log-domains=main,capture
Domain data type switches from an enum to a string. There is no
constaint on adding new domains, neither in code or at runtime.
The string format is arbitrary, only positive matches will produce
output.
|
|
Experience has shown that:
1. The current logging methods are not very reliable or practical.
A logging bitmask makes little sense as the user-facing interface (who
would want debug but not crtical messages for example?); it's
computer-friendly and user-unfriendly. More importantly the console
log level preference is initialized too late in the startup process
to be used for the logging subsystem and that fact raises a number
of annoying and hard-to-fix usability issues.
2. Coding around G_MESSAGES_DEBUG to comply with our log level mask
and not clobber the user's settings or not create unexpected log misses
is unworkable and generally follows the principle of most surprise.
The fact that G_MESSAGES_DEBUG="all" can leak to other programs using
GLib is also annoying.
3. The non-structured GLib logging API is very opinionated and lacks
configurability beyond replacing the log handler.
4. Windows GUI has some special code to attach to a console,
but it would be nice to abstract away the rest under a single
interface.
5. Using this logger seems to be noticeably faster.
Deprecate the console log level preference and extend our API to
implement a log handler in wsutil/wslog.h to provide easy-to-use,
flexible and dependable logging during all execution phases.
Log levels have a hierarchy, from most verbose to least verbose
(debug to error). When a given level is set everything above that
is also enabled.
The log level can be set with an environment variable or a command
line option (parsed as soon as possible but still later than the
environment). The default log level is "message".
Dissector logging is not included because it is not clear what log
domain they should use. An explosion to thousands of domains is
not desirable and putting everything in a single domain is probably
too coarse and noisy. For now I think it makes sense to let them do
their own thing using g_log_default_handler() and continue using the
G_MESSAGES_DEBUG mechanism with specific domains for each individual
dissector.
In the future a mechanism may be added to selectively enable these
domains at runtime while trying to avoid the problems introduced
by G_MESSAGES_DEBUG.
|
|
In dumpcap, if we're being run by TShark or Wireshark, if there are no
link-layer types, just provide an empty list to our caller; let them
construct an empty list of link-layer types when they read our output.
In the code that reads that list, don't report an error if the list is
empty, rely on the caller to do so.
Have capture_opts_print_if_capabilities() do more work, moving some
functions from its callers to it.
|
|
It's not a generic capture option also supported by TShark and dumpcap,
it's Wireshark-specific (dumpcap *always* starts a capture, and TShark
starts one iff it's passed one or more interfaces on which to capture;
only Wireshark needs it to start the capture immediately - that's a
relic of the days when Wireshark *itself* did what dumpcap now does for
Wireshark).
Handle it in commandline_other_options(), rather than in
capture_opts_add_opt().
That lets us get rid of an argument to capture_opts_add_opt(), and dummy
variables in TShark and dumpcap used to work with that extra argument.
|
|
The distinction between the different kinds of capture utility
may not warrant a special subfolfer for each, and sometimes the
distinction is not be clear or some functions could stradle
multiple "categories" (like capture_ifinfo.[ch]).
Simplify by having only a generic 'capture' subfolder. The
separate CMake libraries are kept as a way to reuse object code
efficiently.
|
|
Fixes #17318.
|
|
Add --ifname and --ifdescr to allow the name and description for an
interface or pipe to be set; this overrides the specified name or
reported description for an interface, and overrides the pipe path name
and provides a description for a pipe.
Provide those arguments when capturing from an extcap program.
This is mainly for extcaps, so you have something more meaningful than
some random path name as the interface name and something descriptive
for the description.
|
|
For
A & B ? C : D
put "A & B" in parentheses, to clarify the precedence.
|
|
|
|
This proposal adds a new option '-b printname:<filename>' to dumpcap. If
used, dumpcap will print the name of each ring buffer file it creates
after it is closed. Allows the use of '-'/'stdout' and 'stderr'.
Use case: Since the file name is printed after the file is closed for
writing, an automated capture process can do something like the
following with the guarantee that the file in question will not be
changed.
dumpcap -i eth0 -b files:2 -b printname:stdout [-b ...] | \
while read cap_file_name ; do
# Do something with $cap_file_name
done
This sort of scripting is difficult in dumpcap's current form. Dumpcap
prints the names of new files to stderr as it *opens* them, so a script
attempting to use this must sleep for "-b duration:value" seconds plus
some fudge time to be sure it's getting a closed, unchanging file.
Change-Id: Idb288cc7c8c30443256d35c8cd4460a2e3f0861c
Reviewed-on: https://code.wireshark.org/review/37994
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Our current assumption that a numeric argument to -i must be an index
interface is not valid on Linux; see
https://github.com/the-tcpdump-group/tcpdump/issues/522
Change-Id: Ieb6e17e6ceb23095a463336f0c88182373503aa6
Reviewed-on: https://code.wireshark.org/review/37369
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
pcapng has been the compile-time default since 2011. If there are any
users who would like to use the libpcap format, then they should use
runtime options instead (e.g. `tshark -P` or `editcap -F pcap`).
Change-Id: I54b70368cdc3ca78bc8617bc488cc687740a1eb9
Reviewed-on: https://code.wireshark.org/review/36721
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Change-Id: Ib9ff78d148a2364c84d84b4a9b020b3d783654a3
Reviewed-on: https://code.wireshark.org/review/36602
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Make it possible to remove the "Capture to a permanent file" setting
in Capture Interfaces Output dialog by turning off saving_to_file in
updateInterfaces().
Also make sure to free the old values for save_file and orig_save_file
to avoid memory leaks.
Set orig_save_file to the same as save_file from the '-w' option to
fill in the current "Capture to a permanent file" value correctly.
Change-Id: I1f4df8cfa279f934eff028f32838b9734b627af1
Reviewed-on: https://code.wireshark.org/review/32111
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
cmdarg_err() is for reporting errors for command-line programs and
command-line errors in GUI programs; it's not something for any of the
Wireshark libraries to use.
The various routines for parsing numerical command-line arguments are
not for general use, they're just for use when parsing arguments.
Change-Id: I100bd4a55ab8ee4497f41d9651b0c5670e6c1e7f
Reviewed-on: https://code.wireshark.org/review/31281
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add the ability to rotate files after a specified number of packets (`-b
packets:NUM`). Move some condition checks to capture_loop_write_packet_cb.
Add `-a packets:NUM` in order to be consistent. It is functionally
equivalent to the `-c` flag.
Add a corresponding "packets" option to the Capture Interfaces dialog
Output tab.
Add initial tests for autostop and ringbuffer conditions.
Change-Id: I66eb968927ed287deb8edb96db96d7c73526c257
Reviewed-on: https://code.wireshark.org/review/30534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I584df2c7ae8041a29d9941995883c232abb040d6
Reviewed-on: https://code.wireshark.org/review/30452
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Move the condition logic from capture_stop_conditions.c to dumpcap.c.
Remove capture_stop_conditions.[ch] and conditions.[ch].
Switch duration values to doubles.
Change-Id: Ifa74fb13ec8fc923b0721597a6cf071d72069ea0
Reviewed-on: https://code.wireshark.org/review/30440
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
valgrind --tool=memcheck --leak-check=full ./run/tshark -r sctp.pcap -U "OSI layer 3" -w exported.pcap
13 bytes in 1 blocks are definitely lost in loss record 20 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xB27B3C5: g_malloc (gmem.c:99)
by 0xB294D22: g_strdup (gstrfuncs.c:363)
by 0x117B5D: capture_opts_add_opt (capture_opts.c:889)
by 0x118C0E: main (tshark.c:1112)
Change-Id: I9b794015aa4d2626b43a5743864c2d732c6acaa1
Reviewed-on: https://code.wireshark.org/review/29125
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ia3b7e35e469a3231bb749025debe11d3ba2de99a
Reviewed-on: https://code.wireshark.org/review/29148
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
capture_opts_add_iface_opt(), when called in a program acting as a
capture child, will fetch the description for the interface, and will
also generate a "display name" for the interface.
In the process, we clean up capture_opts_add_iface_opt() a bit,
combining duplicate code.
We rename console_display_name to just display_name, as it may also be
used in the title bar of Wireshark when capturing.
Change-Id: Ifd18955bb3cb41df4c0ed4362d4854068c825b96
Reviewed-on: https://code.wireshark.org/review/29117
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Iff833bf5c197959c8decb62d6ce794c6d0415fb7
Reviewed-on: https://code.wireshark.org/review/26978
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Document ws_pipe.h. Define invalid PIDs in one place.
Extcap didn't use stdin before 1a0987904f. Make sure we close it.
Change-Id: I7a69cd9b5137ae82435e64628a22e4d812d58f89
Reviewed-on: https://code.wireshark.org/review/26226
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Move the contents of extcap_spawn to ws_pipe. Rename various extcap_*
prefixes to ws_pipe_*. Open stdin when we spawn processes.
Change-Id: I9286295443ee955bb6328b0ed6f945ee0bb2a798
Reviewed-on: https://code.wireshark.org/review/26216
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
At one point, I remember a discussion resulting in the official name of
the next-generation replacement for pcap format being changed to
"pcapng", with no hyphen.
Make Wireshark reflect that.
Change-Id: Ie66fb13a0fe3a8682143106dab601952e9154e2a
Reviewed-on: https://code.wireshark.org/review/25214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ia54bba388755cf27a343fe6d69d244bf1ab897f9
Reviewed-on: https://code.wireshark.org/review/25186
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Calling scan_local_interfaces ends up calling fork via extcap. Doing so
from a thread is ill-adivsed:
https://rachelbythebay.com/w/2014/08/16/forkenv/
http://www.linuxprogrammingblog.com/threads-and-fork-think-twice-before-using-them
This reverts commit 5b4894b7959f44e077f36194c490cbf402e1e659.
Revert "fix compilation without pcap." as well.
This reverts commit 51300b3c834a3877d567fb57ae78ec74ec8ba80d.
Change-Id: Ic80582b52398c44af73c6d74dbb3216c4d1b37fc
Reviewed-on: https://code.wireshark.org/review/24772
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Fix a regression introduced by I09beab751c9c2917f017b6c082166d86ca693544.
Change-Id: I57b971086470e836f4147500143c35494118e754
Reviewed-on: https://code.wireshark.org/review/24765
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
A while back Graham pointed out the SPDX project (spdx.org), which is
working on standardizing license specifications:
https://www.wireshark.org/lists/wireshark-dev/201509/msg00119.html
Appendix V of the specification describes a short identifier
(SPDX-License-Identifier) that you can use in place of boilerplate in
your source files:
https://spdx.org/spdx-specification-21-web-version#h.twlc0ztnng3b
Start the conversion process with our top-level C and C++ files.
Change-Id: Iba1d835776714deb6285e2181e8ca17f95221878
Reviewed-on: https://code.wireshark.org/review/24302
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
NULL checks were removed for following free functions:
- g_free "If mem is NULL it simply returns"
https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html#g-free
- g_slist_free(_full)? "NULL is considered to be the empty list"
https://developer.gnome.org/glib/stable/glib-Singly-Linked-Lists.html
- g_strfreev "If str_array is NULL, this function simply returns."
https://developer.gnome.org/glib/stable/glib-String-Utility-Functions.html#g-strfreev
- g_slice_free "If mem is NULL, this macro does nothing."
https://developer.gnome.org/glib/stable/glib-Memory-Slices.html#g-slice-free
- g_match_info_free "not NULL... otherwise does nothing"
https://developer.gnome.org/glib/stable/glib-Perl-compatible-regular-expressions.html#g-match-info-free
- dfilter_free defined in Wireshark code. Returns early when passed NULL
epan/dfilter/dfilter.c
They were also removed around calls to g_strdup where applicable:
- g_strdup "If str is NULL it returns NULL."
https://developer.gnome.org/glib/stable/glib-String-Utility-Functions.html#g-strdup
Change-Id: Ie80c2db89bef531edc3aed7b7c9f654e1d654d04
Reviewed-on: https://code.wireshark.org/review/23406
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
At shutdown the array keeping all interface_options is freed.
The array elements however are not making valgrind and ASAN
complain. Make sure the elements are freed on cleanup.
Ping-Bug: 13864
Change-Id: If8b810ea5f4f11c5ce770a9ffa6c2c791bc561fe
Reviewed-on: https://code.wireshark.org/review/23265
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change access of ifaces elements from by val to by reference.
With this change unnecessary copying of the whole struct is avoided
but even more important is that elements no longer have to be
removed and inserted whenever data is updated.
This change aims to make it more clear that ifaces elements shall
never directly be removed from the array. Instead use function
capture_opts_del_iface
NOTE: Code for GTK UI not updated
Ping-Bug: 13864
Change-Id: I04b65d5ee36526b30d959b8e5a2a48a3c7c4f15b
Reviewed-on: https://code.wireshark.org/review/23204
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
At shutdown the array keeping all network interfaces is freed.
The array elements however are not making valgrind and ASAN
complain. Make sure the elements are freed on cleanup.
Ping-Bug: 13864
Change-Id: I1efeb03f42fb6f0b87dada8ef50d85f47f93e0dc
Reviewed-on: https://code.wireshark.org/review/23202
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change access of all_ifaces elements from by val to by reference.
With this change unnecessary copying of the whole struct is avoided
but even more important is that elements no longer have to be
removed and inserted whenever data is updated.
This change aims to make it more clear that all_ifaces elements
shall never be removed from the array without freeing resources
via the capture_opts_free_interface_t function.
NOTE: Code for GTK UI not updated
Ping-Bug: 13864
Change-Id: I36742cb1d5c8daa136c9d3732a044a7c8e5c7fe7
Reviewed-on: https://code.wireshark.org/review/23201
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add support for extcap control pipes on Windows.
Improved read loop in InterfaceToolbarReader.
Delay opening control pipes until extcap has opened the fifo pipe.
Make extcap_example.py work on Windows.
Bug: 13833
Change-Id: I4b47d25452637759b8a3be53be48eee5365bc0e4
Reviewed-on: https://code.wireshark.org/review/23211
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
On Windows the pipe names does not get random characters appended.
Add the interface name and pipe type to make it unique.
This partly fixes the issue with capturing from multiple extcap
interfaces on Windows.
Ping-Bug: 13653
Ping-Bug: 13833
Change-Id: I4290b37cf789bf77608993682a803aca29513d28
Reviewed-on: https://code.wireshark.org/review/23158
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The interface_options struct passed to dumpcap is populated
differently when running Wireshark with and without -k.
Previously, only with -k was there a valid pointer in
interface_opts.timestamp_type
Fixes: aca55a2 ("Add hardware timestamping support")
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Change-Id: Ic7ecc5a1190c28197d6a7271f1b353f74d43ca61
Reviewed-on: https://code.wireshark.org/review/23160
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
pcap provides a pcap_set_tstamp_type function, which can be used to request
hardware timestamps from a supporting kernel.
This patch adds support for aforementioned function as well as two new
command line options to dumpcap, wireshark and tshark:
--list-time-stamp-types
List time stamp types supported for the interface
--time-stamp-type <type>
Change the interface's timestamp method
Name choice mimics those used by tcpdump(1), which already supports this
feature. However, unlike tcpdump, we provide both options unconditionally.
If Wireshark was configured without pcap_set_tstamp_type being available,
--list-time-stamp-types reports an empty list.
Change-Id: I418a4b2b84cb01949cd262aad0ad8427f5ac0652
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Reviewed-on: https://code.wireshark.org/review/23113
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add the "interval" option to "-b". Each new capture starts at the
exact start of a time interval. For instance, using -b interval:3600
will start a new capture file at each whole hour.
Changed the duration option in the GUI interfaces to use the new
interval option.
Change-Id: I0180c43843f5d2f0c2f50153c9ce42ac7fa5aeae
Reviewed-on: https://code.wireshark.org/review/22428
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Sake Blok <sake.blok@SYN-bit.nl>
|
|
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
An extcap utility can provide configuration for controls to use in a
GUI interface toolbar. This controls are bidirectional and can be
used to control the extcap utility while capturing.
This is useful in scenarios where configuration can be done based on
findings in the capture process, setting temporary values or give other
inputs without restarting current capture.
Todo:
- Add support for Windows
Change-Id: Ie15fa67f92eb27d8b73df6bb36f66b9a7d81932d
Reviewed-on: https://code.wireshark.org/review/19982
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
It doesn't belong in libwireshark, as it doesn't affect dissection, but
it *does* belong in libui, as it's helper code for the UIs.
Change-Id: I8a5e0640a299a08e9ec1917dd253197438ebfdbc
Reviewed-on: https://code.wireshark.org/review/20974
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The cleanup routine has been added to exit section of the applications.
Those which required a exit restyle have been patched as well.
Change-Id: I3a8787f0718ac7fef00dc58176869c7510fda7b1
Reviewed-on: https://code.wireshark.org/review/19949
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
