Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I7b794cba2feda2cae40411e2b1cb9fb091d08220
Reviewed-on: https://code.wireshark.org/review/12480
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I0476519c02ffdd426b4fdfe8a206d61b728c327a
Reviewed-on: https://code.wireshark.org/review/12026
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Inspired by: https://www.wireshark.org/lists/wireshark-users/201508/msg00023.html
Change-Id: Ib632b79aef5cbb4c83965a276ec955be43493455
Reviewed-on: https://code.wireshark.org/review/10472
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I36b2731d67f9345d2fd0c23800bba7d2be94c387
Reviewed-on: https://code.wireshark.org/review/6008
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
the mpeg-pes dissector replaced source or destination address with
decoding timestamp, presentation timestamp or pack data rate
these values don't belong into address columns and erase the IP
addresses when mpeg-pes is transmitted over IP
the timestamps etc can be displayed in a user-defined column if required
this patch is part of
Bug: 10505
Change-Id: I1bf561648f848eb18818862edd138724abfc8e88
Reviewed-on: https://code.wireshark.org/review/4472
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
I coincidentally found a few files with errors, so I thought it might be time to run it on the whole directory again.
Change-Id: Ia32e54b3b1b94e5a418ed758ea79807c8bc7e798
Reviewed-on: https://code.wireshark.org/review/978
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie476c6f82f318188b41ed922b92c6fec119ea954
Reviewed-on: https://code.wireshark.org/review/244
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
svn path=/trunk/; revision=53859
|
|
svn path=/trunk/; revision=53655
|
|
svn path=/trunk/; revision=53382
|
|
svn path=/trunk/; revision=52447
|
|
adjusting it by 8 everywhere.
Seems to fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9087 though
someone more familiar with the protocol will have to verify it's actually
correct now.
svn path=/trunk/; revision=51784
|
|
svn path=/trunk/; revision=49927
|
|
svn path=/trunk/; revision=48820
|
|
was done using textual search+replace, not anything syntax-aware, so presumably
it got most comments as well (except where there were typos).
Use a consistent coding style, and make proper use of the WS_DLL_* defines.
Group the functions appropriately in the header.
I ended up getting rid of most of the explanatory comments since many of them
duplicated what was in the value_string.c file (and were out of sync with the
recent updates I made to those in r48633). Presumably most of the comments
should be in the .h file not the .c file, but there's enough churn ahead that
it's not worth fixing yet.
Part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8467
svn path=/trunk/; revision=48634
|
|
Explicitly declare/cast 'unsigned <variable>' as 'unsigned int <variable>'
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7810
svn path=/trunk/; revision=45418
|
|
svn path=/trunk/; revision=45110
|
|
svn path=/trunk/; revision=45017
|
|
svn path=/trunk/; revision=44871
|
|
Add new parameter 'data' to heur_dissector_t and new_dissector_t, for now it's always NULL
svn path=/trunk/; revision=44860
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
proto_tree_add_item() calls.
svn path=/trunk/; revision=42496
|
|
svn path=/trunk/; revision=42396
|
|
svn path=/trunk/; revision=40458
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
The only change in each file is in a comment showing the asn2wrs cmd used to build that file.
svn path=/trunk/; revision=39427
|
|
dissectors:
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39294
|
|
reference an hf item (in hf[] with types:
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|1|0|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39263
|
|
svn path=/trunk/; revision=37118
|
|
svn path=/trunk/; revision=35538
|
|
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
|
|
svn path=/trunk/; revision=35126
|
|
- Change spaces in the name to underscores before comparing it to the blurb.
- Check if the type simply as T_ prepended to the name.
- Don't put in a blurb of "NULL".
and regenerate the dissectors.
svn path=/trunk/; revision=32748
|
|
svn path=/trunk/; revision=32744
|
|
svn path=/trunk/; revision=32417
|
|
svn path=/trunk/; revision=32405
|
|
The following patch adds decoding of "trick mode" fields in MPEG PES packet.
svn path=/trunk/; revision=30783
|
|
svn path=/trunk/; revision=30454
|
|
svn path=/trunk/; revision=29446
|
|
svn path=/trunk/; revision=29344
|
|
svn path=/trunk/; revision=29340
|
|
svn path=/trunk/; revision=28848
|
|
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
|
|
svn path=/trunk/; revision=28379
|