X-Git-Url: http://git.samba.org/?p=metze%2Fwireshark%2Fwip.git;a=blobdiff_plain;f=colorfilters;h=c9848198b2301a935dae05a622e4dd300fa12fff;hp=c89442c369aaf59917b3dd8b77d0c87a9a4f3e52;hb=e902d62725a81d84bb6dd9fc408e2b177b24eeb0;hpb=de0ca39861f9dc6c31719fa62d936a725f294a39

diff --git a/colorfilters b/colorfilters
index c89442c369..c9848198b2 100644
--- a/colorfilters
+++ b/colorfilters
@@ -1,24 +1,21 @@
 # DO NOT EDIT THIS FILE!  It was created by Wireshark
-@Bad TCP@tcp.analysis.flags@[0,0,0][65535,24383,24383]
-@HSRP State Change@hsrp.state != 8 && hsrp.state != 16@[0,0,0][65535,63222,0]
-@Spanning Tree Topology  Change@stp.type == 0x80@[0,0,0][65535,63222,0]
-@OSPF State Change@ospf.msg != 1@[0,0,0][65535,63222,0]
-@ICMP errors@icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11@[0,0,0][0,65535,3616]
-@ARP@arp@[55011,59486,65534][0,0,0]
-@ICMP@icmp@[49680,49737,65535][0,0,0]
-@TCP RST@tcp.flags.reset eq 1@[37008,0,0][65535,63121,32911]
-@TTL low or unexpected@( ! ip.dst == 224.0.0.0/4 && ip.ttl < 5) || (ip.dst == 224.0.0.0/24 && ip.ttl != 1)@[37008,0,0][65535,65535,65535]
-@Checksum Errors@cdp.checksum_bad==1 || edp.checksum_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1@[0,0,0][65535,24383,24383]
-@SMB@smb || nbss || nbns || nbipx || ipxsap || netbios@[65534,64008,39339][0,0,0]
-@HTTP@http || tcp.port == 80@[36107,65535,32590][0,0,0]
-@IPX@ipx || spx@[65534,58325,58808][0,0,0]
-@DCERPC@dcerpc@[51199,38706,65533][0,0,0]
-@Routing@hsrp || eigrp || ospf || bgp || cdp || vrrp || gvrp || igmp || ismp@[65534,62325,54808][0,0,0]
-@TCP SYN/FIN@tcp.flags & 0x02 || tcp.flags.fin == 1@[41026,41026,41026][0,0,0]
-@TCP@tcp@[59345,58980,65534][0,0,0]
-@UDP@udp@[28834,57427,65533][0,0,0]
-@Broadcast@eth[0] & 1@[65535,65535,65535][32768,32768,32768]
-@Subnet Management@infiniband.mad.mgmtclass == 0x81 || infiniband.mad.mgmtclass == 0x01@[2602,11570,65535][65535,65535,65535]
-@Subnet Administration@infiniband.mad.mgmtclass == 0x03@[6957,36050,61400][65535,65535,65535]
-@Not Implemented@infiniband.mad.mgmtclass != 0x81 && infiniband.mad.mgmtclass != 0x03 && infiniband.mad.mgmtclass != 0x01@[52640,31280,10653][65535,65535,65535]
-@Infiniband Data@infiniband.lrh.vl != 0x0f@[6660,20360,11712][65535,65535,65535]
+@Bad TCP@tcp.analysis.flags && !tcp.analysis.window_update@[4718,10030,11796][63479,34695,34695]
+@HSRP State Change@hsrp.state != 8 && hsrp.state != 16@[4718,10030,11796][65535,64764,40092]
+@Spanning Tree Topology  Change@stp.type == 0x80@[4718,10030,11796][65535,64764,40092]
+@OSPF State Change@ospf.msg != 1@[4718,10030,11796][65535,64764,40092]
+@ICMP errors@icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11 || icmpv6.type eq 1 || icmpv6.type eq 2 || icmpv6.type eq 3 || icmpv6.type eq 4@[4718,10030,11796][47031,63479,29812]
+@ARP@arp@[64250,61680,55255][4718,10030,11796]
+@ICMP@icmp || icmpv6@[64764,57568,65535][4718,10030,11796]
+@TCP RST@tcp.flags.reset eq 1@[42148,0,0][65535,64764,40092]
+@SCTP ABORT@sctp.chunk_type eq ABORT@[42148,0,0][65535,64764,40092]
+@TTL low or unexpected@( ! ip.dst == 224.0.0.0/4 && ip.ttl < 5 && !pim && !ospf) || (ip.dst == 224.0.0.0/24 && ip.dst != 224.0.0.251 && ip.ttl != 1 && !(vrrp || carp))@[42148,0,0][60652,61680,60395]
+@Checksum Errors@eth.fcs.status=="Bad" || ip.checksum.status=="Bad" || tcp.checksum.status=="Bad" || udp.checksum.status=="Bad" || sctp.checksum.status=="Bad" || mstp.checksum.status=="Bad" || cdp.checksum.status=="Bad" || edp.checksum.status=="Bad" || wlan.fcs.status=="Bad" || stt.checksum.status=="Bad"@[4718,10030,11796][63479,34695,34695]
+@SMB@smb || nbss || nbns || netbios@[65278,65535,53456][4718,10030,11796]
+@HTTP@http || tcp.port == 80 || http2@[58596,65535,51143][4718,10030,11796]
+@DCERPC@dcerpc@[51199,38706,65533][4718,10030,11796]
+@Routing@hsrp || eigrp || ospf || bgp || cdp || vrrp || carp || gvrp || igmp || ismp@[65534,62325,54808][4718,10030,11796]
+@TCP SYN/FIN@tcp.flags & 0x02 || tcp.flags.fin == 1@[41026,41026,41026][4718,10030,11796]
+@TCP@tcp@[59345,58980,65535][4718,10030,11796]
+@UDP@udp@[56026,61166,65535][4718,10030,11796]
+@Broadcast@eth[0] & 1@[65535,65535,65535][47802,48573,46774]
+@System Event@systemd_journal || sysdig@[59110,59110,59110][11565,28527,39578]