Age | Commit message (Collapse) | Author | Files | Lines |
|
Add dissector for XMCP protocol.
From me:
- Fixed an obvious bug setting transaction_id_key[2].key = NULL,
where transaction_id_key is defined with only 2 elements.
- Only register heur_dissector once.
- Only find media_type_dissector_table once.
- Added packet-xmcp.c to CMakeLists.txt
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39131 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39103 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
A work in progress.
Can be used with the SSL dissector to decrypt Enhanced RDP Security SSL.
With Standard RDP Security (e.g those on Wiki), the PDUs are all encrypted
after the SecurityExchange PDU.
Wiki to be updated with an example SSL protected capture and associated
key material.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39066 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Cisco FabricPath protocol dissector.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6017
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38934 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
..and the makefile...
Ref http://xmpp.org/
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5992
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38891 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
build
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38475 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add Dissector for HDFS Data
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38432 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add Dissector for HDFS
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38431 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6115
* Update pflog dissector to the last header format (OpenBSD 4.9)
* Dissect all new field (uid, pid, saddr, daddr...)
* Replace proto_tree_add_xxx(uint/string...) by proto_tree_add_item
* Remove not needed packet-pflog.h file
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38364 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Vuze, called Azureus before, is a great BT client and has a lot of users,
while its DHT implementation is different from the official one.
From me: New-style dissectors are supposed to to always return
"bytes dissected" (not just when tree != NULL);
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37755 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
The menu gets a new item (Statistics -> RTSP -> Packet Counter).
Like HTTP, filter can be set and then the dialog windows shows the result of the RTSP analysis.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6042
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37741 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Please see the attached patch which updates the ppi-geolocation support
to v2.0 of the specification. This iteration adds a new tag (sensor) and
removes support for velocity/acceleration from the vector tag. Most of
the changes center on the Vector tag. Everything that takes place
elsewhere is cosmetic.
I ran this iteration through fuzz-test and check-APIs just like last
time.
From me:
Replace tvb_get_ephemeral_string with tvb_format_text. Move dissector
registration to the bottom of each file.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37733 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
- Add new dissector packet-mime-encap which understands mime_file fragmentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37636 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Attached is a dissector for the Lontalk protocol (EIA-709.1). This dissector
registers as a subdissector of the CN/IP protocol.
Some code (mostly definitions) were taken from Bug #2252
(http://bugs.wireshark.org/bugzilla/attachment.cgi?id=4562)
From me: minor mostly cosmetic changes.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5909
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37599 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37597 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Attached is a dissector for CN/IP protocol described in EIA-852. It is mainly
used to encapsulate and send Lontalk (EIA-709.1) or EIA-600 frames over UDP (or
TCP).
This dissector can only decode the common header and data frames can be decoded
by further dissectors.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5907
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37596 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
I made the following improvements to the Modbus/TCP dissector:
1. Implemented protocol to the latest specification (v1.1b). See
http://www.modbus.org/specs.php.
2. Upgraded to "tcp_dissect_pdus" instead of having the dissector do it
manually. This also provides TCP packet reassembly support.
3. Removed support for UDP port 502 because it's not supported by the protocol
specification. I believe "Decode As..." could be used in its place.
4. Added dissector support for the following function codes:
a) 8 - Diagnostics
b) 11 - Event Counter
c) 12 - Event Log
d) 43 - Encapsulation Transport (mostly for 43/14)
5. Removed support for function codes not in the protocol specification. None
of them were really being parsed, they just offered a "name" for the function
code.
6. Moved protocol #defines to header file for access from other dissectors. I
plan to have other dissectors use this, but one patch at a time.
7. Created "modbus" dissector that is accessible to other dissectors.
8. Renamed base "display filter name" to reflect PROTOABBREV.
I removed defines for value_strings, I think it's better to export the vaöue strings if needed.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5923
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37539 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37487 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37436 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37434 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37432 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5943 :
The two patches attached allow the dissection of the Homeplug AV Ethernet MAC
management frames between a controlling device and a Homeplug AV Ethernet to
PLC adapter. This protocol is pretty similar to the previous generation
Homeplug protocol (dissected by packet-homeplug.c) but a couple of noticeable
differences make it require its own dissector handler.
This dissector is based on the work done by Nicolas Thill, Xavier Carcelle and
myself in the Faifa project (https://dev.open-plc.org).
The dissector handles the standard Homeplug AV Ethernet MAC management frames
(called public) as well as the Intellon specific management frames (vendor).
From me:
Remove unnecessary global variables.
Add to COL_INFO even when !tree.
Remove gotos.
Remove unnecessary includes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37403 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5900 :
I have created a dissector for the Multiple MAC Registration Protocol based on
the exiting dissector of the Multiple Stream Reservation Protocol (bugzilla id:
4757 ) You can found the documentation of the Protocol here:
http://standards.ieee.org/getieee802/download/802.1ak-2007.pdf It's also
includes the corrections of the protocol you will found here:
http://standards.ieee.org/getieee802/download/802.1Q-2005_Cor1-2008.pdf
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37104 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
modifications by me as described/documented in the bug report.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37045 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
packet-xtp.c
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36994 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
A variant of 3GPP TS 27.010 multiplexing protocol dissector.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5829
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36927 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5854 :
The Locator/ID Separation Protocol [1] is being standardized within the IETF,
and it is nearing RFC status (pending security review). I have been maintaining
a dissector patch for about a year, see [2]. Feedback received indicates that,
among others, it is widely used by the developers of a large router vendor,
without issues.
In January I submitted the dissector for data plane packets as bug #5602, which
was committed as r35615. The patch attached to this bug adds support for
dissection of control plane packets.
[1] http://tools.ietf.org/html/draft-ietf-lisp
[2] http://lisp.ccaba.upc.edu/wireshark/
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36845 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
A new dissector for uTorrent Transport Protocol
From me :
* Add link to spec BEP-0029
* Add note about type/version
* Rework extensions loop
* Use 2-space indenting
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36715 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Adds BMC protocol, including adding support for MAC and RLC CTCH channels to carry it.
From me:
Removed hf blurbs = def and removed check_col added tp CMakeList.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36662 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Limitations:
- Small CID
- RTP profile
- IPv4
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36659 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36540 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36537 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Protocol (RFC 6126)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36518 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
* Number of ICMP echo requests, replies, lost replies and percent loss.
* Min, Max, Average SRT (Service Response Time), and standard deviation.
(This is my first tap, so hopefully I didn't miss something, but we'll see ...)
TODO: Add a Wireshark tap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36480 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5694 :
This patch adds the capability to create BACnet statistics trees.
Find the respective menu items under 'Statistics->BACnet'.
Packets can be sorted by different criteria:
- Src/Dst IP adresses
- Instance ID
- Object Type
- Service
From me:
- Don't use C++/C99-style comments.
- Name variables for tick_stat_node() don't need to be static.
- Change updateBacnetInfoValue() to require 'data' to be ep_ allocated. Change
the couple of calls that did not send in ep_ allocated data to do so.
- Change one or two functions to be static.
- Do not use (memory-unsafe) g_sprintf().
- Use ep_strconcat() instead of leaking memory with g_strconcat().
- Put back one if(tree) that doesn't appear to do any harm.
- Remove variable declarations and #includes from the header file.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36468 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
A patch to add ATM over TCP Dissector.
The dissector dissect only the ATMTCP header (VCI, VPI, Payload Length)
The data are not yet dissect, it is necessary to add a "UAT" (As with the K12
dissector) to indicate the type (ILMI, AAL, ATM...) of data (based on VCI/VPI)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36354 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Patch, which removes both EPL and EPLv1 .h files, as well as adding a heuristic dissector hook to EPL (v1 is nearly nowhere in use anymore, therefore not needed)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5751
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36198 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Added packet-mndp.c to Makefile build.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36179 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5654
From me:
- Entry for DVBCI added to wtap.c encap_table_base[];
- Some code simplification with respect to the use of col_...() for COL_INFO;
- Certain tests for "enough bytes available" not really needed;
- (Other minor tweaks);
- #include<stdio.h> not req'd;
- Minor reformatting and whitespace cleanup;
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36149 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36070 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36068 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5713 :
Enhance RIPng
* Replace tvb_memcpy/proto_tree_add_text by proto_tree_add_item
* Remove dependency to packet-ipv6.h
* Remove packet-ripng.h (not needed)
Also update AUTHORS file
From me:
Put a check_col() back and reword (shorten) a couple of the new blurbs.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36033 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
on the naming policy for X.400 protocols.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36013 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
implemented
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35819 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35787 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35766 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35762 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35761 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35704 f5534014-38df-0310-8fa8-9805f1628bb7
|