| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The check in the caller suggests this function can fail. The
assert should not be necessary, then.
Bug: 16218
Change-Id: Ic2186f3c51751db61436719bbf5bce609d364d40
Reviewed-on: https://code.wireshark.org/review/35162
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 16207
Change-Id: I95047f76430f5e83083b950a8ed7400e6cdd40ec
Reviewed-on: https://code.wireshark.org/review/35117
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 16187
Change-Id: I440ef96c1743a0e75fb7556f16fc510cf4754f34
Reviewed-on: https://code.wireshark.org/review/35017
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iba03bae6dedd296477be1e7d522b4936efefef10
Reviewed-on: https://code.wireshark.org/review/34977
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
According to https://www.elastic.co/guide/en/elasticsearch/reference/6.7/date.html
a timestamp can be string or integer. Print the absolute times as string and the
relative times as integers.
The format for the time will be "date_nanos" as described here
https://www.elastic.co/guide/en/elasticsearch/reference/current/date_nanos.html
Ping-Bug: 15784
Change-Id: I430939961767fa65d11f2d3c939b203c8c84e88e
Reviewed-on: https://code.wireshark.org/review/34166
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Ping-Bug: 15784
Change-Id: I2d8d01465718239e55787f56c35524614d4db5cf
Reviewed-on: https://code.wireshark.org/review/33265
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The outputs of -T ek and -G elastic-mapping don't match. To be effective
the fields in the mapping report and the fields in the traffic output must
be the same.
2 issues have been fixed. The elastic-mapping requires the parent protocol
to be prepended to the field to match the traffic output. The field "dns.a"
has been changed to "dns_dns_a".
The traffic output prints some fields with a leading "text_". This happens
for some fields that have been created under a text only field. One example
is "dns.a", that was printed as "text_dns_a". This has been fixed by accessing
the parent hfinfo resulting in "dns_dns_a" as other fields for the dns
protocol.
Bug: 15759
Change-Id: Ibd000c865102ca49bb6a6394019a475483eae4cc
Reviewed-on: https://code.wireshark.org/review/33099
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Eneko Gómez <eneko.gomez.tecnalia@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Newer versions of elastic are using 'doc' as type. Change the code
according to that.
Fix point (4) of the linked bug.
Bug: 15763
Change-Id: Ia28102a0914c6308eb3516daa57af2e49ce9a4e5
Reviewed-on: https://code.wireshark.org/review/33111
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Eneko Gómez <eneko.gomez.tecnalia@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Small rework while here to prevent the creation of str_escaped if
the input string is enough for the check.
Bug: 15758
Change-Id: I5facf0307d1e0fed882bbe3ef91463164cf3440c
Reviewed-on: https://code.wireshark.org/review/33100
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Convert our various PROTO_ITEM_ macros to inline functions and document
them.
Change-Id: I070b15d4f70d2189217a177ee8ba2740be36327c
Reviewed-on: https://code.wireshark.org/review/32706
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The 'null' placeholder has been used in such a fields. Otherwise
the json dumper would complain for the lack of a value, getting
confused by a double name add without values.
Bug: 15628
Change-Id: I016325790f8d4a02ed9288225e861ba2d23a82f9
Reviewed-on: https://code.wireshark.org/review/32532
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
fix warning found with clang and -Wdocumentation CFLAG
Change-Id: I9fc122012161c5942c08cb90a9aeda1da6185180
Reviewed-on: https://code.wireshark.org/review/31808
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fix the assertion to check for the actual requirements. Add tests for -T
combined with -e.
Bug: 15444
Change-Id: I83e7663572db0c60194f6d6128b9e1ae7396b3f6
Fixes: v2.9.1rc0-226-g30c90fa745 ("epan: use json_dumper for json outputs.")
Reviewed-on: https://code.wireshark.org/review/31724
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Memleak found & fixed by Shinya Sasaki.
Bug: 15406
Change-Id: I2d982a7876c1cd595cabe18ee0dc00db576a5837
Reviewed-on: https://code.wireshark.org/review/31669
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
They include -Tjson, -Tjsonraw, -Tek.
Change-Id: Ib3d700482ce5c29727c3f778cc3c46a1bf7756c4
Reviewed-on: https://code.wireshark.org/review/31000
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Instead of using the current date (that can differ from packets)
take if from the current frame. That will put the frame in an index
related to its capture date instead of its loading date.
Small indentation fixes.
Change-Id: If9f9dad1399c2b1bf145e8bcc45a6936e4599cd7
Reviewed-on: https://code.wireshark.org/review/31204
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Bug: 15253
Change-Id: I3b294fa65c1bd4ef4184bcf2e1b56ef4f55cbb82
Reviewed-on: https://code.wireshark.org/review/30461
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This fixes the following asserts
#2 0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e11f90 "/home/vasko/sources/wireshark/epan/print.c", line=598, func=0x7ffff4e12e20 <__func__.18585> "proto_tree_write_node_pdml",
message=0x555555aaab70 "code should not be reached") at gtestutils.c:2532
#3 0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
#2 0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e11f90 "/home/vasko/sources/wireshark/epan/print.c", line=983,
func=0x7ffff4e12e40 <__func__.18697> "write_json_proto_node_hex_dump", message=0x555555aac9d0 "code should not be reached") at gtestutils.c:2532
#3 0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
#4 0x00007ffff39a8f87 in write_json_proto_node_hex_dump (node=0x7fffdc86e550, data=0x7fffffffce60) at /home/vasko/sources/wireshark/epan/print.c:983
#2 0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e12010 "/home/vasko/sources/wireshark/epan/print.c", line=1299,
func=0x7ffff4e12ef0 <__func__.18804> "ek_write_hex", message=0x555555aac290 "code should not be reached") at gtestutils.c:2532
#3 0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
#4 0x00007ffff39a9a32 in ek_write_hex (fi=0x7fffdc86e4e0, pdata=0x7fffffffce90) at /home/vasko/sources/wireshark/epan/print.c:1299
Change-Id: I48a7e87863fb6708cd668582a240e5ba71d1b5a0
Reviewed-on: https://code.wireshark.org/review/28891
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Tshark poorly handles printing when using -T options where a field
contains newline, carriage return, or other special characters such as tab.
Bug: 14907
Change-Id: I94a797bb98b94aac254bcd2e6911b37192e9c91f
Reviewed-on: https://code.wireshark.org/review/28442
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Change-Id: Ie95cf37f9cd283545693e290340a7489cc989c95
Reviewed-on: https://code.wireshark.org/review/26970
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Skip hidden columns when we export to CSV, EK, and PSML.
Change-Id: Id1dc0f4d3cf34e74ce52893d0f0a30f4b4d61aed
Reviewed-on: https://code.wireshark.org/review/26588
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
For each occurrence, if there was already an occurrence in the array, we
were just removing it. not freeing what it pointed to.
While we're at it, expand comments. and always check the array size with
"!= 0", not "> 0" - the value is unsigned, so they're equivalent, but
this makes the code more self-consistent.
Change-Id: I538f46b296a7721a39ba4366c2f6269e7e097b0d
Reviewed-on: https://code.wireshark.org/review/26328
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ib6dc913ab1eeff7b29e18930b66b728080629773
Reviewed-on: https://code.wireshark.org/review/26183
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: ronnie sahlberg <ronniesahlberg@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Skipping dissectors dir for now.
Change-Id: I717b66bfbc7cc81b83f8c2cbc011fcad643796aa
Reviewed-on: https://code.wireshark.org/review/25694
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Some oddities with regard to file permissions have crept into
the repository. Reset execute rights on various files which do
not need them.
Change-Id: Ib05658072925d59fc682173673c5638d157a269a
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25490
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 13020
Change-Id: Ia83797a4e390be7cc59a9718735edc1c7f9a5712
Reviewed-on: https://code.wireshark.org/review/24928
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- bug fix for wrong level introduced in SHA-1:b8ead953
- fix indent for Close off fake wrapper protocol
Change-Id: Iccb10af8f3ac1604fc5582d730f2fd39ffaeb1c0
Reviewed-on: https://code.wireshark.org/review/24681
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Removing duplicated double quote.
Bug: 12958
Change-Id: I17f443efd8572e1d17ced5b8ec8f743253be859b
Reviewed-on: https://code.wireshark.org/review/24273
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: Ica20efe7122476af55b70c72d8af40244c25f902
Reviewed-on: https://code.wireshark.org/review/24259
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I5b2006a74e95759afce518aaadfe47c54978476a
Reviewed-on: https://code.wireshark.org/review/24215
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Collects multiple values of the same field into an array.
Empty protocols are now written as empty objects to not conflict
with the same protocols in other packets.
Remove _score since it has no effect.
Bug: 12958
Change-Id: Ibe8ea9bc1e3e63dea1fe4eaf522fa38cad88a17f
Reviewed-on: https://code.wireshark.org/review/24171
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When using the Elasticsearch output but only printing the packet
summary with -P a segfault will occur because the empty packet
tree is not properly handled in this case.
Change-Id: I0c91314ae013785ae6dceabd6af33db4b836d1b2
Reviewed-on: https://code.wireshark.org/review/24153
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Currently, the Elasticsearch output exports the packet details and,
if -x is specified, the raw hex data.
This change adds the option of exporting the packet summary as well.
The default stays the same (packet details only), but now the existing
-P switch turns on printing of the packet summary. It also turns off
printing packet details, which can be turned back on with -V to print
both, and combined with -x to print all three: summary, details and
raw hex.
The packet summary is especially useful when exploring and visualizing
the data in Kibana, e.g. by displaying the summary "Info" field/column
in a table, as in the Wireshark GUI.
Change-Id: I2030490cfdd905572397bc3d5457ba49d805a5c4
Reviewed-on: https://code.wireshark.org/review/22716
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Refactors the ES output to use hash tables and lists in preparation
of deduplicating fields. ES 5.x allows those, but will only store
the last instance and discard any other without warning.
ES 6.x altogether refuses to accept documents containing
duplicate fields.
This change should not change the output of Tshark in any way.
A subsequent change will introduce the actual deduplication.
Bug: 12958
Change-Id: I329ef0878e33b42d65a53bcac977429d87cde3ca
Reviewed-on: https://code.wireshark.org/review/23042
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
It's not installed so like most other files it doesn't need or benefit
from the prefix.
Change-Id: I01517e06f12b3101fee21b68cba3bc6842bbef5c
Reviewed-on: https://code.wireshark.org/review/23751
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
It's not available at the old URL any more.
Change-Id: Id8baba5e02cf0e3227365f53a11caa054ef2c40f
Reviewed-on: https://code.wireshark.org/review/23165
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
color_t is 16-bit per channel, the print string assumes the usual 8-bit.
Use 8-bit per channel as per older patches proposed for bug 6682 via
color_t_to_rgb().
Change-Id: I7d71bc04e52376c0ecb598aedafa066f982de840
Ping-Bug: 6682
Reviewed-on: https://code.wireshark.org/review/23154
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I82602ceb735a055602a18c2c52e0669c4efd7773
Reviewed-on: https://code.wireshark.org/review/22748
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iba3a95d67413d7f1a84436fc51dfdf13251bcece
Reviewed-on: https://code.wireshark.org/review/22620
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Adds the --no-duplicate-keys option to tshark. If -T json is specified,
this option can be specified in order to transform the duplicate keys
produced by -T json into single keys with as value a json array of all
separate values.
Specifying --no-duplicate-keys changes the function which groups node
children that is passed to write_json_proto_tree. Instead of a function
that puts each node in a separate group (proto_node_group_children_by_unique)
a function is passed that groups children that have the same json key
together (proto_node_group_children_by_json_key). This will lead to
some groups having multiple values. Groups with multiple values are
written to the output as a json array. This includes normal json keys
but also keys with the "_raw" and "_tree" suffix.
If --no-duplicate-keys is specified with an option other than "-T json"
or "-T jsonraw" or without -T an error is shown and tshark will exit.
"Export Packet Dissections -> As JSON" in the GUI is hardcoded to use
the duplicated keys format.
Fixes one regression in the output where a filtered json key (-j) with
both a value and children would not have the "_tree" suffix added to the
json key containing the children.
Includes a little code cleanup (removes one instance of code
duplication and simplifies a while loop).
Fixes a memory leak (I thought this fix was already included in the
previous refactor patch but something must have gone wrong when updating
the patch so I'm including it again in this patch).
Bug: 12958
Change-Id: I401f8fc877b5c590686567c3c44cdb832e9e7dfe
Reviewed-on: https://code.wireshark.org/review/22166
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Refactors the print.c json output functions to be more intuitive and
to allow easy switching to single json keys with a json array of values
instead of duplicate json keys. With this commit the json output does
not change at all.
These changes have been tested on multiple decrypted http2 traces with
the following testing method:
- Save the pcap file as json with a build of the current master branch.
- Save the pcap file as json with a build of the master branch + this
commit.
- Compare the files for changes with the "cmp" utility.
No differences were found between files for multiple different decrypted
http2 traces. Printing with the "-x" or "-j" options also does not
produce any changes either.
Bug: 12958
Change-Id: Ibd3d39119c3a08906389aa8bbf4e2a2b21dd824e
Reviewed-on: https://code.wireshark.org/review/22064
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 6682
Change-Id: I19330d06aa3d5692503c61369c3c650d595971f5
Reviewed-on: https://code.wireshark.org/review/22077
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stephen Donnelly <stephen.donnelly@endace.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Some hf_ variables were "cached" in print.c to break dependency on (frame)
dissectors. They are no longer used (and check*.pl scripts found them)
Change-Id: Ib46e5f5e58da54b6d7a3f85586581507f653c55a
Reviewed-on: https://code.wireshark.org/review/22078
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9c04bc1d6fc5511d404987dd94eee342e0d75442
Reviewed-on: https://code.wireshark.org/review/21332
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Packet ranges are used only in the UI; move the packet range stuff into
libui.
Don't pass a print_args_t structure to libwireshark packet-printing
routines, just pass the few parameters they need. Move the declaration
of print_args_t into file.h.
Change-Id: Icff5991eea7d7d56f33b4716105895263d275bcf
Reviewed-on: https://code.wireshark.org/review/21308
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Modified tshark -T json -x output
Added tshark -T jsonraw output
json2pcap.py (can be used for basic packet editing by modifying json)
The modification in tshark -T json -x and new tshark -T jsonraw output
add into hex-data output in JSON also information on which position
each field is dissected in the original frame, what is the field length,
bitmask (for not byte aligned fields) and type. This information can be
used for latter processing. One use-case is json2pcap script which
assembles the protocol layers back together from upper to lowers layers,
which allows the basic packet modification/editing/rewriting.
Change-Id: Ibf948eb8fc7e3b0b51c12df6c3855f705a9c7925
Reviewed-on: https://code.wireshark.org/review/19990
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Modified epan/print.c to use function print_indent
Change-Id: Iefcb1e3c7813919c6af70d57a4f8a6f921595360
Reviewed-on: https://code.wireshark.org/review/20060
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 12847
Change-Id: I8a560dc44dceb06123d8bcecd512d132ee4ebb0d
Reviewed-on: https://code.wireshark.org/review/19671
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
