Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I155a2293d48a62bd198aa20f0fb68f76934cdb6a
Reviewed-on: https://code.wireshark.org/review/18031
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The patch adds support for parsing the 4 types of ERSPAN III platform
specific sub-header, if presented.
Change-Id: I1719fceb71ed40918e6b16f25a6355d78840f6c6
Signed-off-by: William Tu <u9012063@gmail.com>
Reviewed-on: https://code.wireshark.org/review/16702
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add link to ERSPAN protocol spec, remove obsolete comments, and
remove unnecessary 'if(tree)' check.
Change-Id: I1b4950777c84d62301c322afdfc876949db0d4ed
Signed-off-by: William Tu <u9012063@gmail.com>
Reviewed-on: https://code.wireshark.org/review/16675
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
For ERSPAN type II (version == 1), the offset is shifted by 4 at the
end. As a result, the 'offset+=2' at the end of ERSPAN type III should
be in its own 'else' scope.
Change-Id: I64a55d5722e3f4f5672ca2a4228583b3b51559e1
Reviewed-on: https://code.wireshark.org/review/16568
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Current ERSPAN II dissector does not support parsing EN field and Index.
The patch follows the field description in draft:
https://tools.ietf.org/html/draft-foschiano-erspan-01
Change-Id: I92ce56264be0fb2560c4d1a5da35738cf45a8c96
Reviewed-on: https://code.wireshark.org/review/16400
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
mangles packets)
Change-Id: I3dce1a4c5f14e2fc11c3f97e216df1f68340fba4
Reviewed-on: https://code.wireshark.org/review/11957
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: Ie514f126352e7598acc4f7c38db9c61d105d5e48
Reviewed-on: https://code.wireshark.org/review/11850
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I5de4c34e2acafbe47a8ca3f07040a774e72d0d3e
Reviewed-on: https://code.wireshark.org/review/6787
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I1f5f83ed441f6009125cf2cbe5023af04986898a
Reviewed-on: https://code.wireshark.org/review/4392
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=54135
|
|
svn path=/trunk/; revision=49581
|
|
#BACKPORT (1.8, 1.6)
svn path=/trunk/; revision=47965
|
|
svn path=/trunk/; revision=45017
|
|
svn path=/trunk/; revision=44445
|
|
svn path=/trunk/; revision=44441
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
svn path=/trunk/; revision=39721
|
|
Wireshark unable to parse ERSPAN from HP Comware platforms
Huawei GRE ERSPAN is not decoded properly
Add a pref to FORCE to decode directly Ethernet frame in GRE (with no ERSPAN Header)
svn path=/trunk/; revision=39687
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
reference an hf item (in hf[] with types:
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39260
|
|
svn path=/trunk/; revision=38746
|
|
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
|
|
indicate that the last 4 bytes of both types are similar.
So the extra bytes in type III are inserted before those
last bytes.
svn path=/trunk/; revision=34238
|
|
- Print "Type II" and "Type III" as versionstrings.
- Make sure that version = 1 or 2
svn path=/trunk/; revision=34222
|
|
- Add decoding of direction bit for version 2 (type III) erspan.
Me:
- Decode the original direction bit as unknown in case of version 2.
- The original unknown3 value seems to indicate whether the packet
was too long to fit into a single mtu (trunkated).
- "Timestamp(s)" -> "Timestamp"
svn path=/trunk/; revision=34221
|
|
Updates for the Cisco ERSPAN type III (version 2) protocol.
svn path=/trunk/; revision=34209
|
|
check_col.diff
Remove redundant calls to check_col() if it guards only one columns function with one parameter after the column type.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4394
svn path=/trunk/; revision=31519
|
|
Dissectors using call_dissector() function inside a 'if (tree) {}' block.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4107
svn path=/trunk/; revision=30415
|
|
svn path=/trunk/; revision=29446
|
|
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
|
|
svn path=/trunk/; revision=24170
|
|
1. Priority field decode.
The 802.1q tag field of a frame is separated from its frame body in
a ERSPAN packet.
Current packet-cisco-erspan.c decodes only the vlan id field of the
802.1q tag.
This patch can also decode the priority field of the 802.1q tag.
2. Direction of a captured frame decode.
A ERSPAN packet includes the additional information of the direction
a captured frame as below.
If a caputred frame comes from outside to a switch port, this means an
'Incoming' frame. If a caputred frame goes out of a switch port,
this is an 'Outgoing' frame.
Added an extra unknown value for the bit between direction and spanid.
svn path=/trunk/; revision=22649
|
|
svn path=/trunk/; revision=21428
|
|
to actually call this (aka to handle the ambiguities of DLT values).
svn path=/trunk/; revision=21427
|