Age | Commit message (Collapse) | Author | Files | Lines |
|
Change the name of the button macro to "btn" in order to be compatible
with AsciiDoctor.
Change-Id: I673e0fe0ae7b343abeb1afba0b9b11402efdf0d6
Reviewed-on: https://code.wireshark.org/review/23187
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Create a common_src directory for common guide content. Add a
typographic convention section. Update some of the content accordingly.
Change-Id: I4f69c0f52a985c48e07fa0628b19734ec691f74e
Reviewed-on: https://code.wireshark.org/review/23131
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
pcap provides a pcap_set_tstamp_type function, which can be used to request
hardware timestamps from a supporting kernel.
This patch adds support for aforementioned function as well as two new
command line options to dumpcap, wireshark and tshark:
--list-time-stamp-types
List time stamp types supported for the interface
--time-stamp-type <type>
Change the interface's timestamp method
Name choice mimics those used by tcpdump(1), which already supports this
feature. However, unlike tcpdump, we provide both options unconditionally.
If Wireshark was configured without pcap_set_tstamp_type being available,
--list-time-stamp-types reports an empty list.
Change-Id: I418a4b2b84cb01949cd262aad0ad8427f5ac0652
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Reviewed-on: https://code.wireshark.org/review/23113
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Clarify and fix some items.
Change-Id: I1f9f8a32ceaa1de4c1ec2936913c87c08ba63c88
Reviewed-on: https://code.wireshark.org/review/23123
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
The protocol help feature was completely removed in g09efa5fb8b and
deprecated long before that.
Change-Id: Ia0bde785002025c0cf9e3f783a5cad7f784938a2
Reviewed-on: https://code.wireshark.org/review/23076
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ic236b307a0d9d81a0c906fa33599706165d4360d
Reviewed-on: https://code.wireshark.org/review/23061
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Make the "matches" operator case-insensitive by default. Case
sensitivity can be switched back on using "(?-i)".
It might be nice to make "contains" case-insensitive as well, but we'd
need a caseless version of epan_memmem.
Change-Id: I5e39a52c148477c30c808152bcace08348df815a
Reviewed-on: https://code.wireshark.org/review/22330
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The spurious retransmission check operates on the last-seen
acknowledgment in the reverse direction. Adjust the analysis logic so
that it is checked independently of the forward sequence number.
Update the documentation accordingly.
Change-Id: I3714f44398501a581f967c61e119fe95f90209b1
Reviewed-on: https://code.wireshark.org/review/21769
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Try to document as accurately as possible the circumstances under which
each TCP analysis flag is added.
Update some TCP debugging code.
Change-Id: I793756f73b8ade328e150acf32bc203792e29449
Reviewed-on: https://code.wireshark.org/review/21749
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Default value for snaplen is defined in wiretap/wtap.h:
#define WTAP_MAX_PACKET_SIZE 262144
and used in capture_opts.c:
capture_opts->default_options.snaplen =
WTAP_MAX_PACKET_SIZE;
but help and man pages don't reflect this change.
Change-Id: I35ddf1e8b7ffd657f4e01b3fe6b4c44c9acece2b
Reviewed-on: https://code.wireshark.org/review/20738
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I25bab6eb1072bec102e00a76027c7742a0ea883b
Reviewed-on: https://code.wireshark.org/review/20714
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Since v2.1.0rc0-184-gb0b53fa593, $XDG_CONFIG_HOME/wireshark (instead of
$HOME/.wireshark) is used, clarify this in the WSUG and manuals.
Change-Id: I74a6f9b86bd8d54ee326ca83d7536e091d6da08a
Reviewed-on: https://code.wireshark.org/review/20364
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add the ability to move back and forth in the packet selection history
similar to GTK+. Update the documentation accordingly.
Change-Id: If1fdc1e59b240c0588c292dc0f7f0a5f083c30e1
Reviewed-on: https://code.wireshark.org/review/20320
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic2ab4f9050c9c76349d8d872b8fc2bf9feb7827d
Reviewed-on: https://code.wireshark.org/review/20325
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Added examples for the matches, contains and bitwise_and operators.
Most of the text and the examples have been taken from the wiki and the
wireshark-filter manpage.
Bug: 13320
Change-Id: Icd9a325c05ecd4ecd1cbde8162a4c88cae335d1d
Reviewed-on: https://code.wireshark.org/review/19758
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Move the replacement definitions in asciidoc.conf to
attributes.asciidoc. This makes the markup a bit cleaner and is more
compatible with AsciiDoctor. Use a standard naming scheme for URLs.
Change-Id: Ica73aaadb013be2a4e6a3963fb54e6db6e02e98f
Reviewed-on: https://code.wireshark.org/review/18655
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Set variablelist.as.blocks in custom_layer_pdf.xsl so that we don't end
up with list text squeezed into tiny columns on the right. Set column
widths for most of our tables.
Change-Id: I3fe47d945a7945618012c9de1fc0e97b788dea9e
Reviewed-on: https://code.wireshark.org/review/17893
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Adjust the column widths of some tables to that they render more cleanly
and without FOP warnings. Move some table content to plain text instead
of trying to shove it into table cells. Fix some other layout and
formatting.
Change-Id: I40e40fd7ca5c3cc594ea30c8b1ad233afd4cdca4
Reviewed-on: https://code.wireshark.org/review/17880
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Wrap monospace text in our PDF output. Fix the formatting of a list. Fix
an anchor reference.
Change-Id: Id9433f3e3462569299e6702b4a4e137481ad80c4
Reviewed-on: https://code.wireshark.org/review/17877
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Pass relative image directory paths to xsltproc. The DocBook documentation
says you can use a URI, but trying to get that to work with CMake
and Windows appears to be a path to tears and undignified wails of
frustration.
Add attributes for our different types of images and use them so that
the PDFs don't scale our screenshots to an unusable size.
Change-Id: I786d09d9ef9be3d423b2af426a8867739ae12c1a
Reviewed-on: https://code.wireshark.org/review/17688
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Add a checkbox which lets you toggle between absolute and relative start
times. Use the local time for now. Fixes bug 11618.
Adjust our time precision based on the capture file's time precision.
Fixes bug 12803.
Update the User's Guide accordingly.
Bug: 11618
Bug: 12803
Change-Id: I0049d6db6e4d0b6967bf35e6d056a61bfb4de10f
Reviewed-on: https://code.wireshark.org/review/17448
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Add a timeline indicator to the Start and Duration columns in the
Conversations dialog. Add tooltips to the columns that explain what's
going on.
Round the timeline rect corners and do the same for Prototocol Hierarchy
Statistics. This should hopefully differentiate the graph bars from a
text selection and IMHO it looks better.
Update the PHS and Conversations images in the User's Guide.
Change-Id: I61d6c25843be522cc444e01ba77cb5b1e991fa36
Reviewed-on: https://code.wireshark.org/review/17396
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Compress the source tarball using xz instead of bzip2. Other open source
projects (including many of our dependencies) have been using xz for a
while so hopefully this won't be too much of a shock.
Remove the patch-bzip2 Autotools target while we're here.
Change-Id: I456d27b6cd56a43aba829bd45938f98568eb7b1d
Reviewed-on: https://code.wireshark.org/review/16735
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
TShark has had the functionality for awhile. While the GUI version
still has ways to change and persist Decode As functionality, adding
command line functionality gives the Decode As from initial launch
of the GUI.
Was also an excuse to refactor a bunch of code out of tshark.c
Bug: 5143
Change-Id: Ie67007d75e897bc06cc9afd9b84372a96b93778c
Reviewed-on: https://code.wireshark.org/review/16008
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Many of our AsciiDoc "macros" are simple string replacements. Start
converting them to attributes.
Update the release notes.
Change-Id: I23d9ffd311f13a34c16cde3b4898b7f7bb8ba638
Reviewed-on: https://code.wireshark.org/review/15778
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Bug: 12455
Change-Id: I1c1fc4b2bff0e446d3eb8e1b3be4ea7669cec923
Reviewed-on: https://code.wireshark.org/review/15511
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib64be403d4c684079f1b15d66ac52566e5ff37d0
Reviewed-on: https://code.wireshark.org/review/15501
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: Ie5e670b769eb0674950f3679ef511047641c2873
Reviewed-on: https://code.wireshark.org/review/14751
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
As suggested by Graham Bloice.
Change-Id: Ic42e89e2b4ce98cbda827533d234ee1e3d03d32f
Reviewed-on: https://code.wireshark.org/review/14583
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
Ping-Bug: 11209
Change-Id: Ife36b7ad02d22e2fa53eedc8d49a81ff8c578844
Reviewed-on: https://code.wireshark.org/review/14554
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Relevant mailing list message:
https://www.wireshark.org/lists/wireshark-dev/201503/msg00007.html
Change-Id: I0cff6d4d64fb52a651bcf6b28c183e43653b1cc2
Reviewed-on: https://code.wireshark.org/review/14519
Reviewed-by: João Valverde <j@v6e.pt>
|
|
- Add ShowAsASCIIandControl to keep ShowAsASCII only ASCII printable.
- Enable show selected when ShowAsRAW.
- Use QString::fromLatin1() when ShowAs8859_1.
- Don't replace null with symbol for null when ShowAsUTF8.
Change-Id: I25750247160e33d342fde12e6a998e3198270acf
Reviewed-on: https://code.wireshark.org/review/14220
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Add an option to decode the packet bytes from base64 or zlib compressed.
Also add configurable start byte and end byte to make it possible to
decode a subset of bytes. It's also possible to select a range in ASCII
view and select "Show selected" from the context menu to make a subset.
In ASCII view a null terminator is replaced by UTF8 symbol for NULL,
and a CR is replaced by UTF8 symbol for carriage return. This is done
to make it possible to "Show selected" from the context menu.
Change-Id: Ie03c9912c304c121af6ca9e998a6e8445b5382c5
Reviewed-on: https://code.wireshark.org/review/13958
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw or UTF-8.
Images supported are what's supported by QImage, and HTML supported
is what's supported by QTextEdit.
Change-Id: I96fc5c5d222c5389078576463cf78d82cf55528d
Reviewed-on: https://code.wireshark.org/review/13807
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
GUI from CLI
Move ui/filters.[ch] to filter_files.[ch] because dumpcap is using functionality.
Bug: 8091
Change-Id: I195c82fc023f97d6f331b8718c45a2d83d30faea
Reviewed-on: https://code.wireshark.org/review/5925
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib76ddbf98c2ce89285bd00ba039fbf1a0baeb8aa
Reviewed-on: https://code.wireshark.org/review/13177
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Update images and text.
Change-Id: If024a37a01cd7ab40ae2d5f50f26ca41a159fd41
Reviewed-on: https://code.wireshark.org/review/13173
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Update images and describe related packets and the intelligent
scrollbar. Suggest a way to make it easier to get a screenshot of
related packets.
Change-Id: I5bf27b0c53fb62f3e567765400141a374a465e4e
Reviewed-on: https://code.wireshark.org/review/13159
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Qt already has a menu item for this in Statistics -> Capture File Properties
Bug: 9628
Change-Id: I85dd6f85d43fbfb60c2f4db82d9a02d91866127c
Reviewed-on: https://code.wireshark.org/review/12725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Reported by Thomas Guttler in https://wireshark.org/lists/wireshark-dev/201512/msg00069.html
Change-Id: Ia482f01e30b734ddfd9ca21081cf4401d26e827b
Reviewed-on: https://code.wireshark.org/review/12503
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Try to clarify 2003 and XP support in the User's and Developer's guides.
Change-Id: Id08b21374485bf7655b83bb20b7c3d70f8871499
Reviewed-on: https://code.wireshark.org/review/12275
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Specify which ./configure options are passed into the RPM.
Describe the 3 package RPM package names and their contents.
Describe how to enable parallel builds when making RPMs.
RPM now stands for "RPM Package Manager."
Fix some markup problems.
Change-Id: I1664aa0956719e872d302a4af2c092318f5eea6d
Reviewed-on: https://code.wireshark.org/review/11737
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9b4c5ab2e98ad6daa618bcda20b53a23467e16e0
Reviewed-on: https://code.wireshark.org/review/11734
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I98905988ceb394d27307d1cbe883d8fe95ac23e4
Reviewed-on: https://code.wireshark.org/review/11703
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Updated the main window and main menu screenshots. Update the markup for
the File and Edit menus.
Change-Id: I31282e3913692895a35e749c54c77c8069c7167a
Reviewed-on: https://code.wireshark.org/review/11487
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Note the "initial". This is woefully incomplete. See the "to do" lists
below and in the code.
This differs a bit from the GTK+ version in that you specify one or more
streams to be decoded.
Instead of showing waveforms in individual widgets, add them all to a
single QCustomPlot. This conserves screen real estate and lets us more
easily take advantage of the QCP API. It also looks better IMHO.
Change a bunch of checks for QtMultimediaWidgets to QtMultimedia. We
probably won't use the widgets until we make 5.0 our minimum Qt
version and plain old QtMultimedia lets us support Qt 4 more easily
(in theory at least).
Add resampling code from libspeex. I initially used this to resample
each packet to match the preferred rate of our output device, but this
resulted in poorer audio quality than expected. Leave it in and use to
create visual samples for QCP and to match rates any time the rate
changes. The latter is currently untested.
Add some debugging macros.
Note that both the RTP player and RTP analysis dialogs decode audio data
using different code.
Note that voip_calls_packet and voip_calls_init_tap appear to be dead
code.
To do:
- Add silence frames where needed.
- Implement the jitter buffer.
- Implement the playback timing controls.
- Tapping / scanning streams might be too slow.
Change-Id: I20dd3b66d3df53c9b1f3501262dc01458849f6b4
Bug: 9007
Reviewed-on: https://code.wireshark.org/review/10458
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
This replaces a question (recently remarked upon on -users) with a link to
someplace where we already have documentation on the subject.
Change-Id: I6c5cf2b0f674c129aaa017da0ca44176c5be665f
Reviewed-on: https://code.wireshark.org/review/10677
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Added a new relational test: 'x in {a b c}'. The only LHS entity
supported at this time is a field. The generated DFVM operations are
equivalent to an OR'ed series of =='s, but with the redundant existence
tests removed.
Change-Id: Iddc89b81cf7ad6319aef1a2a94f93314cb721a8a
Reviewed-on: https://code.wireshark.org/review/10246
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Copied from the RTP Analysis dialog, just like the GTK+ version.
Change-Id: I111020bc4073a3a3ba583bdace51a91ee5fef300
Reviewed-on: https://code.wireshark.org/review/10447
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|