Age | Commit message (Collapse) | Author | Files | Lines |
|
A conversation in Wireshark might have two endpoints or might have no
endpoints; few if any have one endpoint. Distinguish between
conversations and endpoints.
|
|
More {host, hostlist} -> endpoint.
|
|
The "conversation table" mechanism supports two types of tables, one for
the "Conversations" menu item under "Statistics" and one for the
"Endpoints" menu item under "Statistics". The first of them shows
statistics for conversations at various layers of the networking stack;
the second of them shows statistics for endpoints at various layers of
the networking stack.
The latter is *not* a table of hosts; an endpoint might be a host,
identified by an address at some network level (MAC, IP, etc.), or it
might be a port on a host, identified by an address/port pair.
Some data types, function names, etc. use "host" or "hostlist" or other
terms that imply that an endpoint is a host; change them to speak of
endpoints rather than hosts, using names similar to the corresponding
functions for conversations.
Provide wrapper functions and typedefs for backwards source and binary
compatibility; mark them as deprecated in favor of the new names.
Clean up some comment errors found in the process.
|
|
Use host byte-order with AT_NUMERIC to make it more generic
and practical.
Change openSAFETY to pass addresses in host byte-order (the
previous code assumed they were in little-endian).
Plus a few cleanups.
|
|
|
|
|
|
As requested [here][1], help with replacing calls to
`wmem_packet_scope()` with references to `pinfo->pool`.
My principles were:
* Plugins chosen semi-randomly.
* When a calling function already has a `pinfo` argument, just use that.
* Remove `_U_` from its signature if it was there.
* Don't go more than 2 or 3 levels deep of changing signatures.
* If a function is clearly allocing memory to return, change the
function signature to take a `wmem_allocator_t *`. Otherwise, either
that or take a `packet_info *` as seems to make sense.
* No mention of `wmem_packet_scope()` should remain in the files I've
touched.
* I didn't always succeed at this, but I made a dent.
[1]: https://www.wireshark.org/lists/wireshark-dev/202107/msg00052.html
|
|
|
|
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- UDPCP: fix test for Sync frame detection
- Avoid a couple of redundant assignemnts
Change-Id: Ib69a3ff4f0e802ddbbbd29eb2a803372c41a7ce4
Reviewed-on: https://code.wireshark.org/review/36526
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Convert our various PROTO_ITEM_ macros to inline functions and document
them.
Change-Id: I070b15d4f70d2189217a177ee8ba2740be36327c
Reviewed-on: https://code.wireshark.org/review/32706
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
There may be some amount of bogosity involved but initialize the
variables and add a default case to prevent the noise and the build
from breaking with -Werror.
Change-Id: I20432ea74a1e5edc28be75a97077c9aa7bc87a35
Reviewed-on: https://code.wireshark.org/review/23426
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Adding a transport protocol for UDP, which replaces the
never used current implementation and adding also additional
header information for the transport
Change-Id: I943ac789bdc7355c114295dd1c8f1c1b475a5f8b
Reviewed-on: https://code.wireshark.org/review/23408
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Original sanity check was missed for fragmentation
Bug: 13755
Change-Id: If9e24e01a119c869b02f198456776c8e6c6f2ad0
Reviewed-on: https://code.wireshark.org/review/22193
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
To enhance the possibility for dissections, add a list
of nodes, you explicitly want to see and print an info
text in the node list for all nodes filtered
Change-Id: I08e8a7ddcfd7b78fee24431ffdae75124a8ecddd
Reviewed-on: https://code.wireshark.org/review/21383
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Length calculation leads to -1, which will result in a large malloc
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1212
Bug: 13649
Change-Id: Iccb78b8c8ec9ca8e8f97bc12d0d8f41526d1f791
Reviewed-on: https://code.wireshark.org/review/21367
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change from col_append_fstr() to col_append_str() when
appending strings without formatting.
Change-Id: I8975704c246f2b9a1301ed5f96273aa9d61c6f44
Reviewed-on: https://code.wireshark.org/review/20857
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
They already know who they are when they register themselves. Saving the
handle then to avoid finding it later.
Not sure if this will increase unnecessary register_dissector functions
(instead of using create_dissector_handle in proto_reg_handoff function)
when other dissectors copy/paste, but it should make startup time
a few microseconds better.
Change-Id: I3839be791b32b84887ac51a6a65fb5733e9f1f43
Reviewed-on: https://code.wireshark.org/review/19481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Several calls to proto_tree_add_uint_format_value could be better served
using BASE_UNIT_STRING with a "unit string" in hf_ field. There also
a few cases where proto_tree_add_uint_format_value could just be
proto_tree_add_uint.
Added a few more "common" unit string values to unit_strings.[ch]
Change-Id: Iaedff82c515269c9c31ab9100dff19f5563c932d
Reviewed-on: https://code.wireshark.org/review/19242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Similar to the "tcp.port" changes in I99604f95d426ad345f4b494598d94178b886eb67,
convert dissectors that use "udp.port".
More cleanup done on dissectors that use both TCP and UDP dissector
tables, so that less preference callbacks exist.
Change-Id: If07be9b9e850c244336a7069599cd554ce312dd3
Reviewed-on: https://code.wireshark.org/review/18120
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This leads to too many false-negatives in certain traces
Change-Id: Ia081dc802b6f55926beec2383a864173cae6eb51
Reviewed-on: https://code.wireshark.org/review/16883
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
|
|
This is being done, to prevent false-positives which can
not be filtered out using the heuristics, but have to be
caught using additional check measurements
Change-Id: I2ff2c97decf8a93d43f8f5b54e4d147552970b3f
Reviewed-on: https://code.wireshark.org/review/16843
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Also add information about error group/code acknowledged,
and additional parameter set missing, if applicable
Change-Id: I911d9941a33ff4064649090908e0fcc2bf6e00f8
Reviewed-on: https://code.wireshark.org/review/16319
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Add the absolute byte offset of each openSAFETY frame to
dissection, so a change in the offset can be easily detected
Change-Id: Ib935eff7ba1e2e1169cb9071a5c9703cc58fc123
Reviewed-on: https://code.wireshark.org/review/16301
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Expert Infos can be a little overwhelming in large traces. This
preference will allow any user to enable the PI_NOTE declared
expert infos to be shown only when they are really necessary.
Fix a bug with SCM UDID validity detection as well
Change-Id: I2d197684157f1ea748bfbcc6fa2dfdb348722223
Reviewed-on: https://code.wireshark.org/review/14625
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Either remove them completely, or put them inside an #ifdef.
Change-Id: Iceff4909e250c17812f38d94e067f7c37ab72e1b
Reviewed-on: https://code.wireshark.org/review/11630
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Remove the need for the registration of a dedicated SIII dissector,
as this might interfere with "Decode As" handling, as well as being
redundant and no longer needed.
The udpdata dissector can handle both and gate to the correct
sub-dissector if necessary.
Change-Id: I756cd845e7e8d64848d9928ad9ff04d571434835
Reviewed-on: https://code.wireshark.org/review/11421
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8cfd1c223c70c7e03728af8b2f7cbf9354d7ad86
Ping-Bug: 3949
Reviewed-on: https://code.wireshark.org/review/10865
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Cosmetic change, to better distinguish if multiple
SPDO packages have been detected.
This should also be back-ported to 1.12 and 2.0
Change-Id: I3d0b26ecb6e0cc60b3cdc9861920c5ccaeb70cbd
Reviewed-on: https://code.wireshark.org/review/10829
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
SPDOs code the 0x04 bit differently, as it is not part
of the message type, but rather a flag for connection validation
I do not want to introduce a second message type, as this would break
compatibility with existing stored filters, also adding the bitmask
to the hf field, would alter the byte value, as it would shift
the value to the right.
Change-Id: I6b70bec29a55dfb556652d9dc940a896b864943b
Reviewed-on: https://code.wireshark.org/review/10595
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
These aren't "true" shadow issues, but the script doesn't completely understand C syntax (for things like struct member names "time" and "index"). But fixing them creates less noise.
Change-Id: I5a2db1549095824530428529e86cab453c031a04
Reviewed-on: https://code.wireshark.org/review/10368
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
If multiple packets of openSAFETY are present in a single network
packet, searching for the packet needed is complicated. This patch
increases the information along the same lines as the eth and frame
subdissectors
Change-Id: Id3d237135cfadb35c839208749aeeb1652b29830
Reviewed-on: https://code.wireshark.org/review/9871
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
- Bugfix for the SCM UDID, where the expert info was generated
even if not necessary, and a SCM UDID consisting of zeroes was
considered to be valid
- Using the new method for enabling/disabling heuristic dissectors,
this patch reworks the SIII dissection to perform exactly the
same as the EPL dissection (which is the expected behavior)
Change-Id: Ide559c3e104b77818cef642b34e0076a7c5bd13d
Reviewed-on: https://code.wireshark.org/review/9735
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This patch is partially automatically generated, but are modified
manually. In particular, assignments and function calls have been
audited.
Some debugging comments and ifdef'd prints have been removed. The
lookup tables of the dcm and sip dissectors are now cleared. It is only
called on reopening files anyway.
The isakmp dissector is modified to use g_hash_table_new_full for
destruction of its keys and values.
Fix a memleak in ipsec dissector when libgcrypt is not enabled.
Generated using
https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=3c6128ee266024d164650955f93c7740484abd68
(with AUDIT = True).
Change-Id: I3fd910bdee663842ac0196334fe0189b67e251b0
Reviewed-on: https://code.wireshark.org/review/9225
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
- Wrong true-positives if the frame got wrongly detected
Change-Id: Ifaaec601bde260f8a38c61aad1e5e79b16003c60
Reviewed-on: https://code.wireshark.org/review/9123
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- Add b16 counter to SPDO Time Request/Response
- Mark generated time fields as generated
- Fix +1 addition for frameOffset
- Fix CRC2 calculation for subframes with just 5 bytes datalength
Change-Id: I59ef7bf445de47c2bd165ae0f94d64d9f11d636b
Reviewed-on: https://code.wireshark.org/review/8875
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
- The starting offset for a consecutive frame search was off by 1
Change-Id: Ife77f9823e7e6d9a6601dba9c4cca74984e4ed40
Reviewed-on: https://code.wireshark.org/review/8741
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
by Clang
Change-Id: Iccd80450835946abbe68d66fb4ccbc1c799e6065
Reviewed-on: https://code.wireshark.org/review/8137
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Implementing a tap interface as well as a packet structure
which contains all necessary information from a single
openSAFETY frame.
This structure is located in a separate packet-opensafety.h so
that plugins and other programs, which want to utilize the tap
interface, may benefit from the same defines
The 40bit calculation was implemented in a wrong fashion,
so that it never calculated the correct UDID
Change-Id: I62895f91d0a255a5489b9bf397a40d824a27383f
Reviewed-on: https://code.wireshark.org/review/7275
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Replace deprecated API functions tvb_length and tvb_length_remaining
Change-Id: Ibf4c7b12a1a6ea3b1a750dce7faf2f4933b4c470
Reviewed-on: https://code.wireshark.org/review/8063
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|