Age | Commit message (Collapse) | Author | Files | Lines |
|
Let subdissectors handle parsing and addition of the Netlink header
instead of doing this before calling subdissectors. After this patch:
- Protocol filters like "netlink-netfilter" can be used to match
packets (previously only a text item was added to the tree).
- Subdissectors have more freedom in modifying the type field, so now
it shows the correct type directly rather than "Message type:
Protocol-specific".
- netfilter: the type fields are now actually linked to a tvb,
previously it was linked to a NULL tvb.
- netfilter: fix unintended rejection of packets (the length should
have been added to the offset, otherwise it would fallback to the
data dissector).
- Now subdissectors will not be called for control messages (so the
netlink-conntrack.pcap sample now shows "Netlink" instead of "Netlink
route" for the "End of dump" control message).
Change-Id: I2ab1bef91fb0080664195b281a6a45c9702914e5
Reviewed-on: https://code.wireshark.org/review/20910
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some legacy tools, including iproute2 < 3.9, issue shorter RTM_GETLINK
and RTM_GETADDR dump queries which only contain struct rtgenmsg rather
than struct ifinfomsg. As noted in kernel comment in rtnl_dump_ifinfo(),
these legacy requests will be (even with attributes) always shorter than
struct ifinfomsg so that they are easy to detect.
Similar problem can be observed with tools using nl_rtgen_request()
function from libnl3; this also affects other RTM_GET* types.
If such legacy message is detected by length shorter than expected data
structure, parse it as this legacy version with (1-byte) struct
rtgenmsg so that it's shown as intended rather than as malformed.
Change-Id: I53b6bff9e44cd2359d7cd313b6f0724f63f0e74d
Reviewed-on: https://code.wireshark.org/review/20461
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michal Kubeček <mkubecek@suse.cz>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Always give the netlink data struct to dissect_netlink_attributes() so
we can extract which endianness we should use. This fixes the netlink
dissector on big endian.
Change-Id: Ia485a29035c947908c29a9e30d0aba8d4fc94093
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-on: https://code.wireshark.org/review/17636
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
NLA types consist of a type and two flags, add new fields for this.
Add a new parameter to restrict the data consumed by the
dissect_netlink_attributes function, this is needed when implementing
nested attributes using another call to this function. This also avoids
adding padding to the payload and matches the comment in
include/uapi/linux/netlink.h (Linux 4.7).
Change-Id: I34dbfa466081b6c6c4580941aff568bd120b4210
Reviewed-on: https://code.wireshark.org/review/17030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Based on inspection of the Linux 4.7 source code. Replaced tabs by
spaces in enums and value_strings for consistency.
Change-Id: I78b5de53b53dc3f2a7c807a72d8d94880f6406d5
Reviewed-on: https://code.wireshark.org/review/16931
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Also some other tricks to remove unnecessary tvb_get_string_enc calls.
Change-Id: I2f40d9175b6c0bb0b1364b4089bfaa287edf0914
Reviewed-on: https://code.wireshark.org/review/16158
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id218dec9e5a721d6c63fd34962ffe50b6ab8dd56
Reviewed-on: https://code.wireshark.org/review/11946
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Diederik de Groot <dkgroot@talon.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Added missing strings to netlink_route_ifla_attr_vals
Improved dissection of netlink.hdr_flags
Replaced deprecated use of tvb_length_remaining
Change-Id: Ie16f7e602e1fb69a0a88a4d0657ec2d6da3c0d83
Reviewed-on: https://code.wireshark.org/review/8916
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I391cdf80a6e4ae5b0f4068e0500a90d013588f8a
Reviewed-on: https://code.wireshark.org/review/4442
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iee5cb12d3b6669c7e45e18352ebcd151db721ad3
Reviewed-on: https://code.wireshark.org/review/408
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ia03a1cd4590aceda30ead4aa93ad413d90c6aea6
Reviewed-on: https://code.wireshark.org/review/372
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
- set pinfo->p2p_dir based on portid
- check for nlmsg type in dissect_netlink_sock_diag()
- sock diag support LINUX_AF_INET6, LINUX_AF_PACKET
- naming cleanup
svn path=/trunk/; revision=54073
|
|
- add netlink socket diag,
- dissect socket diag meminfo structures,
- add prototypes.
svn path=/trunk/; revision=54006
|
|
svn path=/trunk/; revision=53943
|
|
svn path=/trunk/; revision=53885
|
|
- add standard message types
- add dissection for WS_RTM_*NEIGH
- add BASE_CUSTOM functions to print bitfields
svn path=/trunk/; revision=53864
|
|
+ try to fix make dist
svn path=/trunk/; revision=53854
|
|
packet-netlink-route.c:672: warning: request for implicit conversion from 'void *' to 'struct packet_netlink_data *' not permitted in C++
svn path=/trunk/; revision=53853
|
|
netlink, nflog.
svn path=/trunk/; revision=53852
|
|
svn path=/trunk/; revision=53850
|