Age | Commit message (Collapse) | Author | Files | Lines |
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie137e6f4e20fe26b1a4d9510e267896219c1c631
Reviewed-on: https://code.wireshark.org/review/9075
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
The return values of new-style dissectors always use the captured length, so
replace those automagically with sed.
Change-Id: Ic43072ee4a80d433cd4264444583a0e670adc26a
Reviewed-on: https://code.wireshark.org/review/9065
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: Ie40a195db622ebfb096fa5088c5467a1385e69bf
Reviewed-on: https://code.wireshark.org/review/9062
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I391cdf80a6e4ae5b0f4068e0500a90d013588f8a
Reviewed-on: https://code.wireshark.org/review/4442
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I4497f1b8b6eab0e576d9dd31b732965f9a6679c6
Reviewed-on: https://code.wireshark.org/review/4124
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The content of a YMSG message is a sequence of lines, each one of which
contains a text string (in some ASCII-based encoding) for a key, a
0xc080 separator, and a text string (in some ASCII-based encoding) for a
value. That's not a string in any ASCII-based encoding I know of - 0xc0
0x80 is not, for example, a valid UTF-8 sequence (it's a too-long
sequence for NUL).
This should fix bug 9832:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9832
by avoiding the general "GTK+ on Windows crashes when asked to copy
something that's not valid UTF-8" problem.
Fix some field descriptions while we're at it.
Change-Id: I4084dabc89b0186ecd1a7329452ca2f1cb48f1c0
Reviewed-on: https://code.wireshark.org/review/488
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
svn path=/trunk/; revision=53901
|
|
"new" style dissectors.
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
|
|
svn path=/trunk/; revision=50641
|
|
This leaves just the Pidl dissectors remaining for removal of check_col() in the dissectors directory. A small handful of check_col() calls remain outside of the dissectors.
svn path=/trunk/; revision=49941
|
|
svn path=/trunk/; revision=45017
|
|
Add new parameter 'data' to heur_dissector_t and new_dissector_t, for now it's always NULL
svn path=/trunk/; revision=44860
|
|
- whitespace cleanup;
- Remove redundant code;
packet-ymsg.c:
- Check if bytes available before doing tvb fetch for heuristic check;
- Required tcp pdu "fixed part length" is 10 (not 8);
- Use val_to_str_const() as appropriate;
- Remove some unneeded initializations.
svn path=/trunk/; revision=42802
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7276
svn path=/trunk/; revision=42801
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
FT_STRINGZ, FT_UINT_STRING as follows:
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
|
|
non-autogenerated epan/dissectors:
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39288
|
|
Wireshark does not extract the vendor identifier (i.e. the 7th and 8th bytes)
from the header of YMSG packets. The current implementations skips over these
bytes during dissection, presumably because they were believed to be padding.
svn path=/trunk/; revision=32830
|
|
svn path=/trunk/; revision=32410
|
|
svn path=/trunk/; revision=32367
|
|
svn path=/trunk/; revision=31673
|
|
svn path=/trunk/; revision=29340
|
|
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
|
|
svn path=/trunk/; revision=27547
|
|
svn path=/trunk/; revision=27390
|
|
svn path=/trunk/; revision=27065
|
|
- use fences so that multiple summaries can appear together in the info column
svn path=/trunk/; revision=21829
|
|
them, add -Wno-pointer-sign to CFLAGS when gcc will accept it.
svn path=/trunk/; revision=21253
|
|
to packet-iuup.c.
svn path=/trunk/; revision=21244
|
|
tcp_dissect_pdus() to also include a packet_info pointer.
there are many reasons why some protocols actually need to be able to access the pinfo structure while determining the pdu size
svn path=/trunk/; revision=19751
|
|
Here is an updated patch. Should be pretty safe. Just added a couple of constants and changed some strings to be cleaner and easier to read.
svn path=/trunk/; revision=19743
|
|
I have put together a patch for YMSG packet dissector. This is based on my own code and service lists (this
should match Gaim and Kopete service lists). This new code should bring the code up to par to most of the
known services. Which should cover up to Yahoo 7.x or most of it.
I have also setup a new set of constants which are specific to YMSG packets. These are the types that I've
seen in miranda network logs and they should reveal more information. The other constants are mostly for buddy
statuses and need nor apply to the YMSG header. I have left them in the code (for now). These constants are
currently used in my own code.
svn path=/trunk/; revision=19255
|
|
svn path=/trunk/; revision=18196
|
|
acked_packets (i.e. packets that have interesting tcp properties such as being retransmissions etc) hang off the per conversation tcpd struct instead of being global.
while this should improve performance by unmeasurably little it does have the sideeffect that once we finish the rewrite tcp analysis might actually work and work well even for tcp over tcp tunnelling.
this also means that if you include packet-tcp.h you also need to include emem.h .
svn path=/trunk/; revision=17681
|
|
stun - add support for 3 extra Message Attributes as described in draft-ietf-behave-rfc3489bis-00
ymsg
- avoid looking beyond the tvb while looking for content item delimiters (causing most frames to be shown as malformed packet)
- makes content items (and their keys and values) filterable (includes fix to bug 415)
svn path=/trunk/; revision=16005
|
|
svn path=/trunk/; revision=15191
|
|
Some updates to the yahoo msg dissector.
svn path=/trunk/; revision=14632
|
|
svn path=/trunk/; revision=12115
|
|
places, as we also use "defragmentation" and "reassembling". Use reassembling as the general term for such actions.
I (hopefully) didn't changed any protocol fields or preference file names, but only the GUI labels appearing in the protocol display and the protocol preferences.
Also added a note to the protocol preferences (where appropriate), that you have to enable "Allow subdissectors to reassemble TCP streams" at the corresponding protocol settings for TCP reassembling to take effect.
If you encounter any mistakes I've made here, please let me know...
svn path=/trunk/; revision=11784
|
|
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
svn path=/trunk/; revision=11410
|