Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I2775bfb7d86a9c2dc257cf4d7a5bc2b6f9e68f35
Reviewed-on: https://code.wireshark.org/review/33851
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I890a273dcc732551a9cb6ce4288efbb552c89576
Reviewed-on: https://code.wireshark.org/review/27062
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Skipping dissectors dir for now.
Change-Id: I717b66bfbc7cc81b83f8c2cbc011fcad643796aa
Reviewed-on: https://code.wireshark.org/review/25694
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
"enterprise-numbers" is converted to tab-separated values and renamed
"enterprises". Unused fields are stripped.
PENs are stored in a hash table loaded at run-time.
User "enterprises" file is loaded from the personal config dir.
Misc make-sminmpec.pl improvements and fixes.
Note: names of type "Entity (formerly ...)" have the formerly part commented out for a cleaner output.
Change-Id: I60c533afbe3e399077fbf432088064471ad3e1e2
Reviewed-on: https://code.wireshark.org/review/22246
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
-- Elements to be decoded described in IE-doctor format (RFC 7013 section 10)
httprequrl(26866/1)<string>
httprspstatus(26866/2)<unsigned16>{identifier}
sslcertificateissuercommonname(26866/101)<string>
sslcertificatesubjectcommonname(26866/102)<string>
sslcertificateissuer(26866/103)<string>
sslcertificatesubject(26866/104)<string>
sslcertificatevalidnotbefore(26866/105)<string>
sslcertificatevalidnotafter(26866/106)<string>
sslcetificateserialnumber(26866/107)<octetArray>
sslcertificatesignaturealgorithm(26866/108)<octetArray>
sslcertificatesubjectpubalgorithm(26866/109)<octetArray>
sslcertificatesubjectpubkeysize(26866/110)<unsigned16>
sslcertificatesubjectaltname(26866/111)<string>
sslservernameindication(26866/112)<string>
sslserverversion(26866/113)<unsigned16>
sslservercipher(26866/114)<unsigned16>
sslservercompressionmethod(26866/115)<unsigned8>
sslserversessionid(26866/116)<octetArray>
dnsidentifier(26866/201)<unsigned16>{identifier}
dnsopcode(26866/202)<unsigned8>{identifier}
dnsresponsecode(26866/203)<unsigned8>{identifier}
dnsqueryname(26866/204)<string>
dnsresponsename(26866/205)<string>
dnsresponsettl(26866/206)<unsigned32>
dnsresponseipv4address(26866/207)<ipv4Address>
dnsresponseipv6address(26866/208)<ipv6Address>
dnsbits(26866/209)<string>
dnsqdcount(26866/210)<unsigned16>
dnsancount(26866/211)<unsigned16>
dnsnscount(26866/212)<unsigned16>
dnsarcount(26866/213)<unsigned16>
dnsquerytype(26866/214)<unsigned16>
dnsqueryclass(26866/215)<unsigned16>
dnsresponsetype(26866/216)<unsigned16>
dnsresponseclass(26866/217)<unsigned16>
dnsresponserdlength(26866/218)<unsigned16>
dnsresponserdata(26866/219)<string>
dnsauthorityname(26866/220)<string>
dnsauthoritytype(26866/221)<unsigned16>
dnsauthorityclass(26866/222)<unsigned16>
dnsauthorityttl(26866/223)<unsigned32>
dnsauthorityrdlength(26866/224)<unsigned16>
dnsauthorityrdata(26866/225)<string>
dnsadditionalname(26866/226)<string>
dnsadditionaltype(26866/227)<unsigned16>
dnsadditionalclass(26866/228)<unsigned16>
dnsadditionalttl(26866/229)<unsigned32>
dnsadditionalrdlength(26866/230)<unsigned16>
dnsadditionalrdata(26866/231)<string>
Bug: 13688
Change-Id: I4a2472d9bb86d195851edd3a1f5e688ba31dde89
Reviewed-on: https://code.wireshark.org/review/21519
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie7411d4d41e3f0a0ea98ed4a14d40c5715535c8a
Reviewed-on: https://code.wireshark.org/review/17815
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I252b4f892a539c7fa585615ef636fc26de356bf7
Reviewed-on: https://code.wireshark.org/review/16055
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Basic dissection of AVPs from RFC 5515.
Ping-Bug: 12208
Change-Id: Ie16073378a66a81f8378eab7a83988ef9e8a5c88
Reviewed-on: https://code.wireshark.org/review/14246
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Add support for Barracuda NGFirewall Ipfix Audit. Used documentation
found at https://techlib.barracuda.com/NG61/ConfigAuditReportingIPFIX
The configuration allows to switch between little endian and big
endian for a Ipfix collector. This commit expects big endian encoding.
However it seems that there is a bug in NGFirewall 6.1.1 which
interchanges the encoding (little-endian instead of big endian and vice
versa).
Bug: 11902
Change-Id: I84c497188eadedf6781dce309888242b0dc1592f
Reviewed-on: https://code.wireshark.org/review/12703
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
This commit adds dissection of Citrix Ntscaler Appflow
templates to Netflow/Ipfix.
The documenation for the templates was found at:
https://raw.githubusercontent.com/splunk/ipfix/master/app/Splunk_TA_IPFIX/bin/IPFIX/information-elements/5951.xml
Due to non-disclosure I can't provide any sample pcap.
Change-Id: I1d34ad4298a51c71986bc8565cc5f3802b0df3c2
Reviewed-on: https://code.wireshark.org/review/7740
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I62886bda3220d9aa3a5b3aee8b40063a8bb7745d
Reviewed-on: https://code.wireshark.org/review/6843
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Based from FortiAP/WiFi 5.2.x
Change-Id: Ia78d15d54db01939a3d91947db39e35b3abc2519
Reviewed-on: https://code.wireshark.org/review/5646
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- Sequence number analysis using flow sequence within an observation domain.
- Link back from data set to template frame, if have seen
- Show more information (observation domain ID, set ID, etc) in Info column and protocol roots
- Look up protocol field from ip_proto
Change-Id: I3147387a3cd0d1fc33b879b3ba226753ed2cd8dd
Reviewed-on: https://code.wireshark.org/review/6331
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=48884
|
|
Extension(NVSE) and use it for 3GPP2.
svn path=/trunk/; revision=48623
|
|
Also remove old WS_VAR_IMPORT define and related Makefile magic
everywhere in the project.
svn path=/trunk/; revision=47992
|
|
svn path=/trunk/; revision=46467
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
svn path=/trunk/; revision=41103
|
|
svn path=/trunk/; revision=40636
|
|
Add a bunch of NetFlow/IPFIX extensions from Plixer and ntop.
A little cleanup as well.
From me: remove duplicate blurbs.
svn path=/trunk/; revision=35142
|
|
svn path=/trunk/; revision=34217
|
|
Also: packet-nhrp.c: #include sminmpec.h not req'd;
svn path=/trunk/; revision=34143
|
|
svn path=/trunk/; revision=31853
|
|
support for vendor-specific IEs. Fix variable-length record handling. Add
conversation tracking to the UDP dissector and add process flow
information to TCP and UDP conversations.
This lets us run process flow collectors on one or more machines and
have the process username, PID, command name, etc. show up in the TCP
and UDP protocol trees.
svn path=/trunk/; revision=28366
|
|
sminmpec_values array is marked as just "export" instead of "WS_VAR_IMPORT" in
epan/sminmpec.h. This prevents its using in Windows builds of plugins directly.
svn path=/trunk/; revision=20720
|
|
svn path=/trunk/; revision=18197
|
|
svn path=/trunk/; revision=14672
|
|
svn path=/trunk/; revision=14628
|
|
Add Netscreen vendor specific attributes
svn path=/trunk/; revision=13650
|
|
Add VENDOR_IETF to <epan/sminmpec.h>, and add an entry for it to
sminmpec_values[], so that the L2TP dissector can use them rather than
defining its own copy of the private enterprise number values and table
- and make it do so.
svn path=/trunk/; revision=12999
|
|
svn path=/trunk/; revision=12594
|
|
(PKT-SP-EM-I09-040402). Code contributed by CableLabs.
svn path=/trunk/; revision=12195
|
|
Systems and the Wi-Fi Alliance, and add Radius vendor-specific
attributes for them.
svn path=/trunk/; revision=12164
|
|
for organizations to an <epan/sminmpec.h> header, and add in the ones
that were used (without #defines) in the Diameter dissector.
Merge the value_string tables for them from the Diameter and Radius
dissectors into epan/sminmpec.c and merge them.
Use that value_string table in the Diameter and Radius dissectors.
Constify some stuff in the Diameter dissector.
svn path=/trunk/; revision=12159
|