Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I12bbe9e1d81560f1874d4e575b19db1842fa0c72
Reviewed-on: https://code.wireshark.org/review/6352
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
- Sequence number analysis using flow sequence within an observation domain.
- Link back from data set to template frame, if have seen
- Show more information (observation domain ID, set ID, etc) in Info column and protocol roots
- Look up protocol field from ip_proto
Change-Id: I3147387a3cd0d1fc33b879b3ba226753ed2cd8dd
Reviewed-on: https://code.wireshark.org/review/6331
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I2a312af906ddf01ff05083a657f474a921ab95a3
Reviewed-on: https://code.wireshark.org/review/6337
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I2c5b662f6b46d60a97a491ca8ec01b3f0e41fa56
Reviewed-on: https://code.wireshark.org/review/6338
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The first version of ACP 142 uses the fletcher algorithm for checksum.
Indicate if this (now old variant) checksum is used.
Change-Id: Id6f3e7ecfcde022b339bdb956cd6f642a917076a
Reviewed-on: https://code.wireshark.org/review/6342
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
The previous s5066ses commit added sapid value strings but missed
updating PDU type 21 and 25.
Change-Id: I5cd4dba14eacdf2f590490a95b0cc62b04193b9e
Reviewed-on: https://code.wireshark.org/review/6341
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
S5066 spec describes a transport layer for some
clients like Acp 142 and DMP but not for all of
them. Since RCOP/UDOP header definition are given
in S'5066 specification, consuming these header
bytes in S'5066 SIS dissector may be appropriate
Bug: 10827
Change-Id: Iffdf5d567e1a417ccbafdac919f5a5200159d31b
Reviewed-on: https://code.wireshark.org/review/6292
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
(Yes, we know, we're casting 16-bit integers to pointers. That's
because various generic maps need to be able to take arbitrary values as
keys, and sometimes the arbitrary values aren't structures to which we
point, but just integral values, and that's why GUINT_TO_POINTER()
exists, but it doesn't do enough casting to suppress harmless warnings.)
Change-Id: I1a9c68b4b1007f0a38017ba3570b94efb0b6845a
Reviewed-on: https://code.wireshark.org/review/6329
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ifda0b97df7e25b535a5010f25c8e8e1af83cb532
Reviewed-on: https://code.wireshark.org/review/6328
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
the make that comes with *BSD and other systems now.
Change-Id: Ib2eee8d37e7029202675bac35839b1c0d5fc5131
Reviewed-on: https://code.wireshark.org/review/6320
Reviewed-by: Stephen Fisher <sfisher@sdf.org>
|
|
Almost all instances require using "manual" memory management, but it gets some ep_ calls out of the GUI.
Change-Id: Ifa7303766b08d09442ccf3d7063cbe061578ecd9
Reviewed-on: https://code.wireshark.org/review/6318
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ied8e931541e8e570ef32376eec61779a32bbd493
Reviewed-on: https://code.wireshark.org/review/6322
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I234b9dad79e3327637f8cdcd406a49f9e7435f33
Reviewed-on: https://code.wireshark.org/review/6321
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This affects both the dissector (that has been added with a tap interface and a stats generator) and the UI (to recall the stats menu).
Change-Id: I90658f7aa6707aa39bdd787a51b20fed4dbddc53
Reviewed-on: https://code.wireshark.org/review/6236
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Bug: 10787
Change-Id: I225dab439e195bbd308bcafd4658e77ef9023c0f
Reviewed-on: https://code.wireshark.org/review/6263
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Bug: 10744
Change-Id: I9fbd7c881ab6b17fa9febb55a4f33dbb229c900b
Reviewed-on: https://code.wireshark.org/review/6264
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
formats.
Change-Id: I7ea32170b1cdcbc16c1d62b1069c4ed71ea6e9bb
Reviewed-on: https://code.wireshark.org/review/6099
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Discovered by Noam Rathaus.
Change-Id: Ia0275601b2a825ba616656064d9a6eca109e34fa
Reviewed-on: https://code.wireshark.org/review/6256
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
* Add Fast Close subtype
* Sender MAC => Sender HMAC
* Display some reserved field
* Add new flag (Checksum, Extensibility, HMAC-SHA1...) from MP Capability subtype
* Use also proto_tree_add_bitmask for flag
Change-Id: I2e4dfd75623d3218c574e3a112e799666adcc377
Reviewed-on: https://code.wireshark.org/review/6034
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
type.
These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter.
Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type.
Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values.
Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9
Reviewed-on: https://code.wireshark.org/review/6098
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I87f2be4b28f6409e525afc36e8ed834fae3befbb
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Reviewed-on: https://code.wireshark.org/review/6300
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Those are related to the Packet Data service.
Change-Id: Ia8e9732901609e1cdad38558aac4a2f3475a0a9d
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Reviewed-on: https://code.wireshark.org/review/6291
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I1761af90bd85b14e6021a5d7b07686a37593a152
Reviewed-on: https://code.wireshark.org/review/6279
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ibef3cee6930dea08fc7a87635c48de609d3d4015
Reviewed-on: https://code.wireshark.org/review/6299
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ia21d8f68b5d898b4493da8cf948ad421f94234fc
Reviewed-on: https://code.wireshark.org/review/6278
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Turns out the special values 1023/1022/1021 can happen in any group
and not just the last one.
The last one is still special though with codes [1100->1209] being
exclusive to it.
Change-Id: If86d0260aaa2cc1215560b89d7fc57d7ef21f082
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Reviewed-on: https://code.wireshark.org/review/6290
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
The spec doesn't always match 100% reality. In this case it seems some
manufacturer implemented NULL GPS position with longitude.
Change-Id: I0c09627d64814a9467ecbecdc18e43974e4bab4a
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Reviewed-on: https://code.wireshark.org/review/6289
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
No need to do sign extension manually, the core code now supports
signed integers with bitmask and it will do the sign extension.
Not sure if that was always the code, but it works now.
This also have the advantage that the real value 'seen' by wireshark
when applying filters is the real signed value.
Change-Id: I47e2357e5556160a00110ad63e3342879769a0b9
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Reviewed-on: https://code.wireshark.org/review/6288
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
It is the revert of adb81f335d17a151361f00001e125480eeaf7bc5
Change-Id: I7a19ff175ca1ab59d0d0d9e89b3b3e6e12de3b96
Reviewed-on: https://code.wireshark.org/review/6273
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 10780
Change-Id: I2526fb9a5a2dfd61b19dff5ba1b7902f77927f4a
Reviewed-on: https://code.wireshark.org/review/6276
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
None of HAVE_KERBEROS, HAVE_MIT_KERBEROS or HAVE_HEIMDAL_KERBEROS or
HAVE_LIBNETTLE defined when it's compiled. So how is HAVE_KERBEROS
getting defined when wireshark-qt.cpp is compiled?
Change-Id: If238ff54aa4f0cda662c7a52d76e33363a77240d
Reviewed-on: https://code.wireshark.org/review/6262
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Let's try to figure out why, on the 64-bit Windows build,
wireshark-qt.cpp is being compiled to call read_keytab_file() but
packet-kerberos.c is not being compiled to define it.
Change-Id: I782406e2189819d9400b84b6632fe0fb62c5996d
Reviewed-on: https://code.wireshark.org/review/6261
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
macro that should be expert info.
Change-Id: I045368a0a91586231fc4b1e2700c2275088b76af
Reviewed-on: https://code.wireshark.org/review/6244
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
We don't declare it, so all the DLL export stuff won't work, and we
shouldn't need it, as we shouldn't be calling it if we don't have
Kerberos (we shouldn't support the -K option if we don't have Kerberos,
for example).
Change-Id: I7e7b12aa93c4f31953300ef513fc09a1f55f8aef
Reviewed-on: https://code.wireshark.org/review/6255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
true_false_string definitions were inverted
While we are at it, use the exact same wording as in the spec
Bug: 10825
Change-Id: Ia391b310e92eb88a9a144a2fb0974701a460afc8
Reviewed-on: https://code.wireshark.org/review/6251
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I46f8efc8c95bf4501a631ef3adc5291939ab1497
Reviewed-on: https://code.wireshark.org/review/6240
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I71639f95f8efff9619e00dae45763ff863f0ca21
Reviewed-on: https://code.wireshark.org/review/6237
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: If97f1b17bf8dbd6bac708b7dfbef6df73fad0f30
Reviewed-on: https://code.wireshark.org/review/6218
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
This may not always be necessary, but....
Change-Id: Ib409839dbee0574c516568a1f43793f8b407f611
Reviewed-on: https://code.wireshark.org/review/6232
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That way, for example, format_text() calls on the decoded result don't
go past the end of the decoded result.
Fix some more indentation while we're at it.
Bug: 10823
Change-Id: Ia7b7b1d9fb06af5df945f19a375bf5bef3277018
Reviewed-on: https://code.wireshark.org/review/6221
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I90dbf0b31fc737150a01533763a7869b34c68cb6
Reviewed-on: https://code.wireshark.org/review/6220
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector.
Change-Id: If34bcb5165b493948e784ba038ab202803a59843
Reviewed-on: https://code.wireshark.org/review/6154
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ifd3d201a09944e3fc36188f891ea8a584886101d
Reviewed-on: https://code.wireshark.org/review/5884
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I5b190ee35086664ed053d376def4e21ab9ad9236
Reviewed-on: https://code.wireshark.org/review/6213
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6d21bda89f8032d302620e21ac393dc345165ac7
Reviewed-on: https://code.wireshark.org/review/6212
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I5aa6cafc6249b3a820b1bbf2eddc2ec1fdc88685
Reviewed-on: https://code.wireshark.org/review/6211
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Don't throw its declaration in file.h, as it's not defined in file.c.
Instead, include it in epan/dissectors/packet-kerberos.h and include
that wherever read_keytab_file() is called.
Yes, that means you also have to include <epan/asn1.h> and, therefore,
you have to include <epan/packet.h>. Yes, that should be cleaned up,
perhaps by splitting the Kerberos support code into "stuff that handles
encryption keys without any reference to dissection" and "stuff that
does dissection-related work".
Change-Id: Ide5c31e6d85e6011d57202f728dbc656e36138ef
Reviewed-on: https://code.wireshark.org/review/6210
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Wrap its declarations in the usual "extern "C"" stuff.
Change-Id: I353ab334bc08a69fdacaaab5672edf758b14766a
Reviewed-on: https://code.wireshark.org/review/6201
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 10347
Change-Id: Ic173f31d8cf3fd002454f4c22b85c19bae42d544
Reviewed-on: https://code.wireshark.org/review/6175
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I86e6c9103990bedf93c323e1360394a7c0a39db4
Reviewed-on: https://code.wireshark.org/review/6173
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|