| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
|
|
|
|
Add custom title option %C to show the first capture comment from
command line argument.
Ping: #19296
|
|
Update manuf, services enterprise numbers, translations, and other items.
services failed.
|
|
Remove the major.minor version from the plugin path, i.e:
lib/plugins/X.Y/{epan,wiretap,codecs}
and use an unversioned path:
lib/plugins/{epan,wiretap,codecs}
Introduce a new naming policy for plugins that requires
name.so.ABI_VERSION.
This is a simplified filesystem layoutfor plugins some
important benefits such as:
* improves compatibility between Wireshark versions, because
a plugin that wasn't recompiled will be automatically picked
up, but only if it has a compatible ABI version in the file name.
* does not clash with Apple guidelines
* simpler for users to understand and apply
* just overall simpler and easier to maintain, removes a lot
of complexity from CMake code
It does impose more requirements on the plugin naming scheme
but this should be handled completely transparently
by the build system.
It would also be possible to add support for unversioned *.so file
extensions at the same time, although in ths case it is not possible
to support multiple Wireshark ABI versions with only *.so, of course.
This wasn't done here but it may or may not be a useful enhancement
in the future.
Follow-up to 90b16b40921b737aadf9186685d866fd80e37ee6.
|
|
[skip ci]
|
|
|
|
Those are no longer supported by Microsoft nor Qt 6.
Also add Windows 11 and Server 2022 to the list of MS supported
versions.
[skip ci]
Fix #19512
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
Manual revert of commit 0e82c6b4b8ed18ef1878446dd26d6345be2d2c2b.
Fixes #19493.
|
|
The NSIS installer choices have been simplified, and Wireshark
Foundation signs our official macOS packages.
|
|
Update manuf, services enterprise numbers, translations, and other items.
services failed.
|
|
According to the Asciidoctor docs, we can assign multiple anchors
to a section using this method, which still uses the modern shorthand
syntax for the main anchor (the one that's been used for the last five
years). We have to use the double square brackets for the additional
anchor, though.
https://docs.asciidoctor.org/asciidoc/latest/attributes/id/#add-additional-anchors-to-a-section
Related to #17982
|
|
The help button for Time Shift already tries to open this page,
so use the existing name for the section so older versions work.
Related to #17982
|
|
[skip ci]
Follow-up to fix #18464
|
|
The XXXXXX is not a number, it's alphanumeric
[skip ci]
Fix #18464
|
|
Initially taken from the Wiki page (including images, compressed
with tools/compress-pngs.py), and expanded to cover lastest additions.
Link the Help button from the 802.11 Decryption Keys UAT to the page.
Fix #11273
|
|
|
|
|
|
Add support for command line parameters, rename the preference to match.
Use the correct `SSLKEYLOGFILE` environment variable name in the text.
Rename SSL to TLS, we are no longer in 1999. Clarify that applications
other than browsers can be selected. Various dialog text improvements.
Move the Launch button to the right to make it stand out more.
Relates to #19471
|
|
Once upon a time, Wireshark could use GNU ADNS instead of c-ares
for asynchronous DNS lookups. GNU ADNS didn't check the system
hosts file (see 51984de040b804ca6614830acc62c641cd6d8959), so
we added the system hosts file using the same mechanism as profile
paths when using ADNS.
This was then confusing, because "use external DNS resolver / use
system DNS resolving" could be off but /etc/hosts was still used,
so the "only use profile hosts" option was created to avoid using
external system DNS hostsnames at all.
c-ares (and, for that matter, libunbound) does read /etc/hosts, so
this option doesn't do its primary purpose anymore. All it usually
does now is keep any hosts file in the global profile from being used,
but we don't have any other name resolution options where there's a
pref not to use global profile data.
Even more confusingly, if the option is true, then the -H option
to tshark to give a hosts file on the command line doesn't work.
add_hosts_file checks the preference and then doesn't actually
read the file from the command line, which is surely never wanted.
Most people don't understand what the option means, despite the
tooltip, and assume that it means "only use the hosts file as a
source of name resolution data", not "when using hosts files as
a source of name resolution data, only use the one from the personal
profile and not any from the global profile, the tshark command line,
or any other source."
Just mark the option as obsolete.
Related to #11470
|
|
Describe the at operator and field references, taking some
information from the wireshark-filter man page and expanding some.
Create some cross-references between saved filters, filter buttons,
display filter macros, and field references, because they're all
useful to use with each other.
Fix #17594
|
|
We can launch more than browsers.
|
|
It doesn't "look the same as the ASCII setting," it's ASCII hex
bytes instead of a text representation. Also note that the display
has added line separators per packet, but saving it does not.
[skip ci]
|
|
It's more compact than "bitwise_and" and inspired by C.
|
|
This reverts commit ef836e9afecd30901ea68677867c69b520f87d6a.
To improve usability the commit created other issues that do not
have an easy fix.
|
|
Restore the type hierarchy for efficient loading of binary
plugins. Do not recurse.
Allow an exception for the root of the binary plugins
folder. Scan this path also and skip incompatible plugins.
This facilitates quick manual copying of plugins.
Follow-up to ef836e9afecd30901ea68677867c69b520f87d6a.
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
The folder structure was introduced to organize the
plugins and permit more efficient loading during the
startup but the gains are slight and the requirement
is awkward to describe and easy to forget in practice.
Remove that requirement and load any compatible binary
plugin in the plugin folder. This also allows extra
flexibility to organize the plugins in categories,
for example adding an "external" folder for plugins
external to the project, or whatever else one might
wish.
To check for library compatibility we add an extra string
signature token in the plugin that can be compared with
the expected plugin type.
The downside is that the initialization is still performed
3 times and more files need to be skipped now but in practice
this should not have a measurable performance impact
and this eliminates a class of annoying small forgetful mistakes
when manually installing files.
This is still compatible with the old requirement of having a
epan/wiretap/codecs subfolder. At most one sublevel is allowed
to minimize security risks and slowness with any random folder
hierarchies if the plugins folder setting is somehow misconfigured
or hijacked.
Ping #19389.
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
Change 'Control Protocol dissection' to 'Control Protocol Dissection'
|
|
[skip ci]
|
|
Add a new stats tree window under IPv4 Statistics and
IPv6 Statistics that shows TTLs grouped by source address
(and destination address grouped under TTL/Hop Limit.)
Fix #19321
|
|
Allow Edit Resolved Name to be called from the packet details,
for fields that are IPv4 or IPv6 addresses.
Add to the combobox of possible addresses to edit all (non hidden)
IPv4 or IPv6 fields. Set the index of the combobox to the selected
column (if it is an address, and the packet list has focus or was
selected), or to the currently selected field (if selected from
the packet details, and an IP address.) Check other types of
address columns (such as network address and custom columns) to
see if they match the unresolved string for an IP address.
Don't both redissecting the packets if the network resolution is
off, because it won't do anything. There's a use case for editing
several names before turning on the preference to avoid processor
intensive redissects.
Fix #17284
|
|
When parsing an expression such as
Filter:
_ws.ftypes.boolean == true
Instructions:
0000 READ_TREE _ws.ftypes.boolean <FT_BOOLEAN> -> R0
0001 IF_FALSE_GOTO 3
0002 ANY_EQ R0 == 1 <FT_UINT64>
0003 RETURN
it gives the wrong type. Conceptually there is no reason a boolean
should be a value string.
This commit also fixes the error message to avoid calling invalid
boolean tokens "invalid numbers" when parsing booleans.
The code now use g_ascii_strcasecmp() to accept true, True, trUE, etc.
Initially the intention was to require non-numeric literals to
start with an upper-case letter, to reserve lower-case for protocol
names, but since "true" and "false" have been accepted as integers
for a long time via value strings, that intention is dropped.
As a consequence true/false are added to reserved keywords.
After this change:
Filter:
_ws.ftypes.boolean == true
Instructions:
0000 READ_TREE _ws.ftypes.boolean <FT_BOOLEAN> -> R0
0001 IF_FALSE_GOTO 3
0002 ANY_EQ R0 == 1 <FT_BOOLEAN>
0003 RETURN
|
|
The option to trigger name resolution for only the current
packet doesn't exist anymore. What does exist in the same
location in the View menu is the Edit Resolved Name action,
so update it.
[skip ci]
|
|
Update manuf, services enterprise numbers, translations, and other items.
services failed.
|
|
Fixes: #19242
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
Make whether or not we are autoscrolling a "recent" item.
Make the selection of automatically scrolling in the Capture
Options tab actually have an effect (right now it does nothing.)
Switching to a recent also means that the command line "-l" option
actually turns on automatic scrolling if the recent value is off
(currently it has no effect because it is always later overridden
by the preference value).
Document our behavior that autoscrolling, if turned on, temporarily
turns off when manually scrolling upwards or Go'ing directly to
a packet (so that a user can examine a chosen packet.) This temporary
effect does not change the "recent" status, which changes only when
the user directly turns the behavior on or off (through the capture
window, the button or menu item, or the -l command line option.)
|
|
This adds a dialog in the Tools menu to open a console and evaluate
Lua code using the embedded Lua engine. It replaces the previous
console.lua implementation that was more limited to use, because
it relies on GUI bits exposed to Lua. It used two separate windows
for that reason.
The implementation uses the existing "funnel" API amd relies heavily
on callbacks to maintain separation between GUI and epan code and
make it generic enough to possibly support more use cases than just
the Lua 5.2 console.
The open and close callbacks are used to install and remove a custom
print() lua function with dialog creation and destruction.
The eval callback is basically the same as luaL_dostring().
|
|
Update manuf, services enterprise numbers, translations, and other items.
services failed.
|
|
|
|
- Update the 'File Set - List Files' and import dialog images
- Add missing boldings in options in TShark man page
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
|
|
|
|
|
|
|
