| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Allow subdissectors to specify the command field for the Generic Netlink
message header, similar to how Netlink subdissectors handle the Netlink
message header (for its type field).
Pass the root tree instead of the genl tree to subdissectors (so
subdissectors can add their own layer).
Change-Id: I3e56f538661b7e8a51d2411da14d181ead820c4b
Reviewed-on: https://code.wireshark.org/review/21150
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
For consistency with other netlink dissectors, the file is named
"netlink-generic", but the short protocol name is "genl" for brevity.
Ping-Bug: 13561
Change-Id: I6f94454f8366467fd833c3e57364c515aee9e86f
Reviewed-on: https://code.wireshark.org/review/20875
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Let subdissectors handle parsing and addition of the Netlink header
instead of doing this before calling subdissectors. After this patch:
- Protocol filters like "netlink-netfilter" can be used to match
packets (previously only a text item was added to the tree).
- Subdissectors have more freedom in modifying the type field, so now
it shows the correct type directly rather than "Message type:
Protocol-specific".
- netfilter: the type fields are now actually linked to a tvb,
previously it was linked to a NULL tvb.
- netfilter: fix unintended rejection of packets (the length should
have been added to the offset, otherwise it would fallback to the
data dissector).
- Now subdissectors will not be called for control messages (so the
netlink-conntrack.pcap sample now shows "Netlink" instead of "Netlink
route" for the "End of dump" control message).
Change-Id: I2ab1bef91fb0080664195b281a6a45c9702914e5
Reviewed-on: https://code.wireshark.org/review/20910
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
From https://wiki.linuxfoundation.org/networking/generic_netlink_howto
"Arrays can be represented by using a single nested attribute as a
container with several of the same attribute type inside each
representing a spot in the array."
This patch adds a helper function to dissect such a type (it will be
used by Generic Netlink for CTRL_ATTR_OPS and CTRL_ATTR_MCAST_GROUPS).
Change-Id: I60537712f7fb0f9d4fb8850c6c8eef590635f49f
Reviewed-on: https://code.wireshark.org/review/20903
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id12caf9d40b0f53880ea4cc9200c340086e0b39b
Reviewed-on: https://code.wireshark.org/review/20661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Always give the netlink data struct to dissect_netlink_attributes() so
we can extract which endianness we should use. This fixes the netlink
dissector on big endian.
Change-Id: Ia485a29035c947908c29a9e30d0aba8d4fc94093
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-on: https://code.wireshark.org/review/17636
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
See net/netfilter/nfnetlink_log.c, that is the only place that sets
NFULA_PACKET_HDR to struct nfulnl_msg_packet_hdr.
Tested with nflog-ebtables.pcapng from SampleCaptures wiki.
Change-Id: I7e21f8f584f3911b3aa7d0d027ff9624886bef73
Reviewed-on: https://code.wireshark.org/review/17191
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
These constants are mostly overlapping, except for NFPROTO_ARP. A manual
study of the Linux v4.7 code shows which fields to use and also reveal
that nflog.family can never be NFPROTO_ARP because (1) bridge traffic
use NFPROTO_BRIDGE and (2) arptables has no ULOG/NFLOG target.
This patch affects how some family fields are displayed but do not
affect subdissector calls.
Change-Id: I7cc73a8dcf73fe68c7ccaaa0f3b329fe484c8bfe
Reviewed-on: https://code.wireshark.org/review/17190
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
NLA types consist of a type and two flags, add new fields for this.
Add a new parameter to restrict the data consumed by the
dissect_netlink_attributes function, this is needed when implementing
nested attributes using another call to this function. This also avoids
adding padding to the payload and matches the comment in
include/uapi/linux/netlink.h (Linux 4.7).
Change-Id: I34dbfa466081b6c6c4580941aff568bd120b4210
Reviewed-on: https://code.wireshark.org/review/17030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Print "Protocol-specific" instead of "Unknown (0x0016)" for the type
since its interpretation depend on the subprotocol.
Dissect struct nlmsgerr (refactor and reuse the header dissection code).
Dissect Dump interrupted and Dump filtered flags.
Adjust field descriptions and value_string based on the netlink(7)
manual and linux/netlink.h. Display Flags as hex instead of decimal.
Expanded inline tabs, renamed netlink.hdr_flags.match_all to
netlink.hdr_flags.match for consistency.
Change-Id: If2b5c8d2b68fd94e70d1d8b98e63171b42b0d65c
Reviewed-on: https://code.wireshark.org/review/16932
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Based on inspection of the Linux 4.7 source code. Replaced tabs by
spaces in enums and value_strings for consistency.
Change-Id: I78b5de53b53dc3f2a7c807a72d8d94880f6406d5
Reviewed-on: https://code.wireshark.org/review/16931
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Added missing strings to netlink_route_ifla_attr_vals
Improved dissection of netlink.hdr_flags
Replaced deprecated use of tvb_length_remaining
Change-Id: Ie16f7e602e1fb69a0a88a4d0657ec2d6da3c0d83
Reviewed-on: https://code.wireshark.org/review/8916
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- add netlink socket diag,
- dissect socket diag meminfo structures,
- add prototypes.
svn path=/trunk/; revision=54006
|
|
svn path=/trunk/; revision=53943
|
|
- add standard message types
- add dissection for WS_RTM_*NEIGH
- add BASE_CUSTOM functions to print bitfields
svn path=/trunk/; revision=53864
|
|
svn path=/trunk/; revision=53850
|
