Age | Commit message (Collapse) | Author | Files | Lines |
|
Reduce false positives of the CLTP on UDP dissector (RFC 1240)
by looking at the parameters as well and also ruling out length
indicator zero.
See https://ask.wireshark.org/question/31455/i-see-a-malformed-packet-in-wireshark-from-a-google-ip-address-on-port-2400-using-r-goose-protocol-what-could-this-be/
RFC 1240 was rendered Historic by RFC 2556, which noted that
"at this time there do not seem to be any implementations" and
recommended TPKT (ISO on TCP) instead.
However, R-GOOSE does use RFC 1240. In practice, it seems like
R-GOOSE uses the IANA registered port for ISO-TSAP, 102, just like
TPKT does on TCP. Perhaps we should register the dissector to that
port instead of a heuristic dissector if someone can confirm that.
Move the dissector from goose to ositp. This doesn't cause any
preference issues because heuristic dissectors are saved in the
preference file by name and the name won't change.
|
|
Don't subtract our cycle size when resetting our proto depth.
Fixes #19580
|
|
Add a recursion depth check whenever we have cyclic dependencies.
Regenerate our dissectors.
Fixes #19501
|
|
|
|
|
|
Same as with !8955, To debug with line directive build with
-DENABLE_DEBUG_A2W=ON flag
|
|
To debug with line directive build with -DENABLE_DEBUG_A2W=ON flag
|
|
Let's add it as a hidden filter for IEEE 754 single precision floating point
Closes #18491
|
|
|
|
|
|
Part 1/2 as the commits were too big for CI.
Largely find/replace, with a few manual tweaks. Then regenerate the asn1
dissector sources and make sure everything still builds. There are a
handful of cases I skipped as too complex, but this covers most of the
asn1 dissectors.
|
|
Added to the protocol a new option to display the decimal representation
of floating-point values.
Minor fixes: Avoid the double 'return' on dissect_goose_UtcTime function
and fix the simulation BLURB to follow other fields approach.
|
|
|
|
The simulated mirror bit of the reserve1 field is now interpreted.
New expert info warning: S bit set and simulation attribute clear.
|
|
This enables filtering R-GOOSE packets on protocol level, too.
|
|
|
|
|
|
R-GOOSE (Routable GOOSE) protocol is GOOSE protocol embedded into
RFC 1240: OSI Connectionless Transport over UDP.
|
|
The GOOSE dissector included Wireshark is using the GOOSE message
definition that was described in an older version of the IEC 61850
standard. To be precise, the current field names in Wireshark
corresponds to the Edition 1 of the IEC 61850 standard.
This GOOSE message definition is defined in Table 23 of the
IEC 61850-7-2:2003.
In this release (IEC 61850-7-2:2003) there is a field name called: Test.
However, in the new version of the IEC 61850, the Edition 2 of the
IEC 61850 standard, the Test field was renamed to Simulation.
To be precise, the new GOOSE message definition is defined
in Table 43 of the IEC 61850-7-2:2010.
Bug: 16402
Change-Id: I407987d7f4564b5bafa0c9217756c3f9f23918f6
Reviewed-on: https://code.wireshark.org/review/36175
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ied0c91ea070ee76603e7ecb29d874e0c1a65892e
Reviewed-on: https://code.wireshark.org/review/32684
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic73e72b3d2e7590eaed07f6eb30f74f4303e7a65
Reviewed-on: https://code.wireshark.org/review/25880
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
If an ASN.1 dissector is calling register_dissector for itself in its proto_register_xxx
function and then calling find_dissector for itself in its proto_reg_handoff_xxx
function then just create a static handle for that dissector and use the return
value of register_dissector, so the find isn't necessary.
Change-Id: I911bdadc2fb4259601c141b955e741a2369cc447
Reviewed-on: https://code.wireshark.org/review/16233
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1208fe3c2ba428995526f561e8f792b8d871e9a9
Reviewed-on: https://code.wireshark.org/review/14388
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: I7b794cba2feda2cae40411e2b1cb9fb091d08220
Reviewed-on: https://code.wireshark.org/review/12480
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I0476519c02ffdd426b4fdfe8a206d61b728c327a
Reviewed-on: https://code.wireshark.org/review/12026
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9c8bf6beec47afb901e492723b335a28a24f455e
Reviewed-on: https://code.wireshark.org/review/8004
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I36b2731d67f9345d2fd0c23800bba7d2be94c387
Reviewed-on: https://code.wireshark.org/review/6008
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This mostly involved adding expert info capabilities to many of the dissectors so that they could correctly flag error conditions.
Only remaining proto_tree_add_text calls are in H248.cnf, which has a convoluted way of using hf_ data to make its tree.
Change-Id: I6412150c2ec1977d7fa38f3f0ed416680bdfb141
Reviewed-on: https://code.wireshark.org/review/3500
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Fixes bug 9886
Change-Id: I8624ef1c5874aea5521d21c998510fc29c838936
Reviewed-on: https://code.wireshark.org/review/657
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ie476c6f82f318188b41ed922b92c6fec119ea954
Reviewed-on: https://code.wireshark.org/review/244
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
svn path=/trunk/; revision=54314
|
|
buffers. Remove two unused functions.
svn path=/trunk/; revision=54250
|
|
svn path=/trunk/; revision=53872
|
|
svn path=/trunk/; revision=50337
|
|
A bunch of files didn't really need to include these header files so remove
the include line rather than changing it.
svn path=/trunk/; revision=50154
|
|
NOTE: Kerberos ASN.1 template was updated, but not generated to source.
svn path=/trunk/; revision=49707
|
|
incompatible filters in ASN.1 dissectors
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2402
svn path=/trunk/; revision=49599
|
|
From Guy: override two fields in the GOOSE ASN.1 dissector to be unsigned
Together these fix
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8250
svn path=/trunk/; revision=49055
|
|
svn path=/trunk/; revision=48820
|
|
svn path=/trunk/; revision=45110
|
|
svn path=/trunk/; revision=45017
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6734
#BACKPORT:YES
svn path=/trunk/; revision=40873
|
|
Updated the GOOSE dissector ASN.1 file to be able to display data for UTC timestamps.
svn path=/trunk/; revision=40628
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
The only change in each file is in a comment showing the asn2wrs cmd used to build that file.
svn path=/trunk/; revision=39427
|