15 years agoFrom Steve Karg:
jake [Sun, 16 Apr 2006 22:03:04 +0000 (22:03 +0000)]
From Steve Karg:
1) BACnet signed values were being decoded incorrectly for negative
values since BACnet tries to be clever and minimizes the number of bytes
sent on the wire and drops the leading FF on negative values.  For
example, -200 is passed as FF 38 on the wire, but would display as 65336.
2) Since the BACnet unsigned values were decoded using a 64-bit entity,
I changed the decoding such that allows all 8 bytes to be decoded.  The
function can now decode 5, 6, and 7 byte values.
3) Corrected warning about signed/unsigned in a pointer parameter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17877 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoSquelch a compiler warning.
guy [Sun, 16 Apr 2006 22:00:11 +0000 (22:00 +0000)]
Squelch a compiler warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17876 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agobssgp - handle LLC PDU of 0 length.
etxrab [Sun, 16 Apr 2006 19:14:21 +0000 (19:14 +0000)]
bssgp - handle LLC PDU of 0 length.
Gsm_a - radio pri included in Modify PDP context request.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17875 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoThe code to read hcidump files sets the p2p pseudo-header for
guy [Sun, 16 Apr 2006 10:54:32 +0000 (10:54 +0000)]
The code to read hcidump files sets the p2p pseudo-header for

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17874 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoGet rid of the unused WTAP_ENCAP value - holes in the number space cause
guy [Sun, 16 Apr 2006 10:38:47 +0000 (10:38 +0000)]
Get rid of the unused WTAP_ENCAP value - holes in the number space cause
ugly printouts for "editcap -T".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17873 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd some missing little-endianizing.
guy [Sun, 16 Apr 2006 02:59:49 +0000 (02:59 +0000)]
Add some missing little-endianizing.

Get rid of some unnecessary casts.

Multiply seconds by 10^9, not 10^6, to get nanoseconds.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17872 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd a loop to process TLVs in the file header.
guy [Sun, 16 Apr 2006 02:04:42 +0000 (02:04 +0000)]
Add a loop to process TLVs in the file header.

Advertise nanosecond resolution.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17871 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoMove file format definitions to the header file.
guy [Sun, 16 Apr 2006 00:52:36 +0000 (00:52 +0000)]
Move file format definitions to the header file.

Put the code to read the packet header and the packet data into routines
(which also fixes some places where observer_seek_read() was using the
sequential file handle rather than the random file handle), make the
packet header reader skip over the TLVs,

Do some additional sanity checking.

Wiretap supports nanosecond resolution; provide nanosecond resolution
time stamps.

Rename some structure members to match their purpose (they're TLV
counts, not flags).

Remove the TLV header from the TLV structures (and eliminate TLV
structures if we don't have the contents or they're just a string); if
we process them, we'll probably end up reading the header and data

Add some information about some of the TLVs in expert information packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17870 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoSake Blok wrote....
jake [Sat, 15 Apr 2006 19:00:42 +0000 (19:00 +0000)]
Sake Blok wrote....
I have taken a look at the trace myself and calculated the TpS to be
20000000.0 for this particular trace. If I also discard the start_timestamp
like it has been done for other versions of the netxray format, then I get
the proper results.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17869 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd some missing commands.
etxrab [Sat, 15 Apr 2006 18:41:39 +0000 (18:41 +0000)]
Add some missing commands.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17868 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Martin Mathieson:
etxrab [Sat, 15 Apr 2006 15:16:26 +0000 (15:16 +0000)]
From Martin Mathieson:
Please find a patch to catapult_dct2000.c:
- doesn't use g_hash_table_new_full(), which is missing from earlier versions of glib
- fixed a couple of memory leaks
- hopefully cast away a few warnings I saw on the fedora and solaris buildbot logs

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17867 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofrom Martin Mathieson: add catapult_dct2000.h
ulfl [Fri, 14 Apr 2006 13:46:19 +0000 (13:46 +0000)]
from Martin Mathieson: add catapult_dct2000.h

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17866 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofix #865: if the timestamps fraction (m/u/nsec) of a packet is out of range (<0 or...
ulfl [Fri, 14 Apr 2006 13:32:03 +0000 (13:32 +0000)]
fix #865: if the timestamps fraction (m/u/nsec) of a packet is out of range (<0 or >1000000000) add a generated line to the protocol tree and a corresponding expert info entry

A special marker in the packet list would be too much effort to implement

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17865 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoSVN properties...
etxrab [Fri, 14 Apr 2006 13:12:13 +0000 (13:12 +0000)]
SVN properties...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17864 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoSVN properties...
etxrab [Fri, 14 Apr 2006 13:08:41 +0000 (13:08 +0000)]
SVN properties...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17863 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Martin Mathieson:
etxrab [Fri, 14 Apr 2006 12:41:06 +0000 (12:41 +0000)]
From Martin Mathieson:

patch and new files provide support for Catapult DCT2000
.out files to wiretap and ethereal.

This wiretap support (catapult_dct2000.c+h) appends a short header to
each packet giving some context, and a corresponding ethereal dissector
(packet-catapult-dct2000.c) parses this before passing the real payload
onto an existing ethereal dissector (for ethernet, ip, lapd, ppp,

For now, there is only support for saving dct2000 files in their own
format, although I may add support for converting between dct2000 and
libpcap later.

updated version of these files and patch, now with support
for MTP2.  Olivier's trace used the ANSI variant - the MTP2 and MTP3
decode fine with the right preferences set (although the ISUP dissector
reports a reserved/retired message type).

Witha a change to NOT to declare gboolean catapult_dct2000_board_ports_only;
as extern as MSVC choked on it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17862 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoSkip non-data records. Fixes bug 767.
guy [Fri, 14 Apr 2006 10:22:29 +0000 (10:22 +0000)]
Skip non-data records.  Fixes bug 767.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17861 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agobugfix: don't crash with a Null pointer exception, if the open file preview timestamp...
ulfl [Fri, 14 Apr 2006 08:50:41 +0000 (08:50 +0000)]
bugfix: don't crash with a Null pointer exception, if the open file preview timestamp can't be converted

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17860 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Martin Mathieson:
etxrab [Thu, 13 Apr 2006 22:30:20 +0000 (22:30 +0000)]
From Martin Mathieson:
-  Also show vpi/vci in info column

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17859 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Frederic Roudaut:
etxrab [Thu, 13 Apr 2006 22:26:13 +0000 (22:26 +0000)]
From Frederic Roudaut:
I updated my previous patch of ESP :

* It now check authentication for (similar to the ICMP checksum):

- NULL Authentication
- HMAC-SHA1-96 [RFC2404]
- HMAC-MD5-96 [RFC2403] (2)

I put aside AES-XCBC-MAC-96 [RFC3566] because I did not succeed to have
a working implementation.
I added a field for any authenticator of 12bytes length (without
authentication process)

* I also correct the printing of this authenticator field which was
decrypted :-[ .

Thus, with this patch  if libgcrypt is linked withe ethereal you should
have the availability to :
- decrypt packets
- check authentication
 at the same time or not.
If noone of these options are set (or libgcrypt is not available) you
also may use the previous heuristic.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17858 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoPass the right tree argument to the DOCSIS dissector if "treat all
guy [Thu, 13 Apr 2006 19:06:52 +0000 (19:06 +0000)]
Pass the right tree argument to the DOCSIS dissector if "treat all
frames as DOCSIS" was selected.  Fixes bug 872.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17856 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoUpdate to current IEEE list
jmayer [Thu, 13 Apr 2006 16:34:00 +0000 (16:34 +0000)]
Update to current IEEE list

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17855 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFix typo.
guy [Wed, 12 Apr 2006 21:21:47 +0000 (21:21 +0000)]
Fix typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17852 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Jaap Keuter, fix for 871: split interface details statistics into it's own tab...
ulfl [Wed, 12 Apr 2006 20:58:20 +0000 (20:58 +0000)]
From Jaap Keuter, fix for 871: split interface details statistics into it's own tab, making the dialog a lot smaller.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17850 f5534014-38df-0310-8fa8-9805f1628bb7

15 years ago0.10.14 -> 0.99.0.
gerald [Wed, 12 Apr 2006 20:54:40 +0000 (20:54 +0000)]
0.10.14 -> 0.99.0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17849 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd a few entries to the "Known Bugs" section.
gerald [Wed, 12 Apr 2006 20:52:09 +0000 (20:52 +0000)]
Add a few entries to the "Known Bugs" section.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17848 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoUpdate Lua.
gerald [Wed, 12 Apr 2006 20:36:31 +0000 (20:36 +0000)]
Update Lua.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17847 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd 2px height to avoid a vertical scrollbar with Gtk-Wimp
jake [Mon, 10 Apr 2006 17:24:14 +0000 (17:24 +0000)]
Add 2px height to avoid a vertical scrollbar with Gtk-Wimp

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17846 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofix #868: don't assert but simply ignore values that don't have the proper size
ulfl [Mon, 10 Apr 2006 01:34:23 +0000 (01:34 +0000)]
fix #868: don't assert but simply ignore values that don't have the proper size

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17845 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFix for bug 848. Make a scrollable window when more than 10 interfaces are listed.
jake [Sat, 8 Apr 2006 20:19:40 +0000 (20:19 +0000)]
Fix for bug 848. Make a scrollable window when more than 10 interfaces are listed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17844 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFix bug 597:
etxrab [Sat, 8 Apr 2006 13:03:18 +0000 (13:03 +0000)]
Fix bug 597:
- Add TCP reassembly to get the proper packet length
- Add "result = check_ucp(tvb, &endpkt);" in dissect_udp_commong to fill some variables used.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17843 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoset SVN properties correct "when will I ever learn" :-(
ulfl [Sat, 8 Apr 2006 00:20:00 +0000 (00:20 +0000)]
set SVN properties correct "when will I ever learn" :-(

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17842 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoadd packet-dcom-dispatch.h
ulfl [Sat, 8 Apr 2006 00:17:51 +0000 (00:17 +0000)]
add packet-dcom-dispatch.h

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17841 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agobring HRESULT values in the right order
ulfl [Fri, 7 Apr 2006 22:05:34 +0000 (22:05 +0000)]
bring HRESULT values in the right order

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17840 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agosome of the CBA interfaces are actually derived from IDispatch, dissect the methods...
ulfl [Fri, 7 Apr 2006 22:03:58 +0000 (22:03 +0000)]
some of the CBA interfaces are actually derived from IDispatch, dissect the methods accordingly

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17839 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agomake dissect_scsi_rsp() take an exchange structure as parameter instead of just a...
sahlberg [Fri, 7 Apr 2006 10:15:15 +0000 (10:15 +0000)]
make dissect_scsi_rsp() take an exchange structure as parameter instead of just a lun.

this finally allows us to have scsi.time  for scsi transactions   but we need to cleanup and refactor the other three scsi entrypoints before we should implement scsi srt    to make the other three also take an exchange data structure as parameter from their transports (and get rid of the pinfo->private_data )

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17838 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFix bug 851
etxrab [Thu, 6 Apr 2006 20:50:48 +0000 (20:50 +0000)]
Fix bug 851

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17837 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoBetter read NTP LSW from the right spot
jake [Thu, 6 Apr 2006 20:47:22 +0000 (20:47 +0000)]
Better read NTP LSW from the right spot

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17836 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoHandle a filter that evaluates to an empty "matches everything" filter.
guy [Thu, 6 Apr 2006 20:07:16 +0000 (20:07 +0000)]
Handle a filter that evaluates to an empty "matches everything" filter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17835 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom: Martin Mathieson
jake [Thu, 6 Apr 2006 13:30:45 +0000 (13:30 +0000)]
From: Martin Mathieson
- fixes bug 863 (RTCP sender report's NTP time display incorrect - use using wrong bytes)
- makes NTP timestamp MSW and LSW proper filterable fields, displaying them in dec and hex
- when doing roundtrip calculations, rationalise fields added, add link to LSR frame whenever it matches

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17834 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agochange iscsi to track transaction data in a fc_exchange_data structure just as...
sahlberg [Thu, 6 Apr 2006 11:05:18 +0000 (11:05 +0000)]
change iscsi to track transaction data in a fc_exchange_data structure   just as the fc / fcp transport does.

while reusing this structure for multi-purpose would make it berret suited to move the struct from packet-fc.h to packet-scsi.h
we would have to include packet-scsi.h   for everyone that includes packet-fc.h  and that are a few dependencies.
(would have to include it even in packet-llc.c)

so leave it as a fc structure for now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17833 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoremove the hashtables for pdu tracking and replace with an se_tree
sahlberg [Thu, 6 Apr 2006 10:41:49 +0000 (10:41 +0000)]
remove the hashtables for pdu tracking and replace with an se_tree
indexed by itt

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17832 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoattach the iscsi_session to the conversation instead of using a hashtable to map...
sahlberg [Thu, 6 Apr 2006 09:47:31 +0000 (09:47 +0000)]
attach the iscsi_session to the conversation instead of using a hashtable to map conversation to iscsi_session.

use the pointer to iscsi_Session  as conversation index for the exchange tracking for now,   it works just as well   and will be replaced with better exchange tracking shortly  anyway

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17831 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoget rid of a field we are not using
sahlberg [Thu, 6 Apr 2006 09:16:10 +0000 (09:16 +0000)]
get rid of a field we are not using

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17830 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoadd a field for storing the scsi opcode in the exchange struct.
sahlberg [Thu, 6 Apr 2006 08:33:08 +0000 (08:33 +0000)]
add a field for storing the scsi opcode in the exchange struct.

it is silly that scsi has to track these things itself  when all the transports
already keep track of exchanges.

the scsi transports should all use the fc_exchange_data structure to pass lun to scsi and where scsi kan store the opcode between requests and data/response packets

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17829 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd two missing *-exp.cnf files
etxrab [Thu, 6 Apr 2006 05:09:45 +0000 (05:09 +0000)]
Add two missing *-exp.cnf files
tcap.asn - whitespace changes

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17828 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agouse the fc exchange structure to track LUN values from fcp command all the way throu...
sahlberg [Thu, 6 Apr 2006 03:15:16 +0000 (03:15 +0000)]
use the fc exchange structure to track LUN values from fcp command  all the way through to the response
and get rid of the broken hashtable used for the same purpose previously.

some additional cleanups.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17827 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agouse the fc exchange data to track fcp response times
sahlberg [Thu, 6 Apr 2006 02:46:41 +0000 (02:46 +0000)]
use the fc exchange data to track fcp response times

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17826 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agomake fc pass the fchdr structure as pinfo->private data to higher layer protocols
sahlberg [Thu, 6 Apr 2006 02:15:41 +0000 (02:15 +0000)]
make fc pass the fchdr structure as pinfo->private data to higher layer protocols

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17825 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoremove another field from a structure that we never use.
sahlberg [Thu, 6 Apr 2006 02:04:22 +0000 (02:04 +0000)]
remove another field from a structure that we never use.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17824 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoremove a field we no longer use in this dissector from the conversation structure.
sahlberg [Thu, 6 Apr 2006 01:17:36 +0000 (01:17 +0000)]
remove a field we no longer use in this dissector from the conversation structure.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17823 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agomove conversation tracking out from the type specific subdissectors and track them...
sahlberg [Thu, 6 Apr 2006 01:16:23 +0000 (01:16 +0000)]
move conversation tracking out from the type specific subdissectors and track them in the main entry point for the protocol dissector instead.

this is semi-temporary though since FCP will always sit ontop of FC which also tracks the same conversations  so there is no need to do a redundant conversation tracking in fcp itself.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17822 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agodecode the first two bytes of the negotiate protocol request as buffercode
sahlberg [Wed, 5 Apr 2006 23:33:35 +0000 (23:33 +0000)]
decode the first two bytes of the negotiate protocol request as buffercode

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17821 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofrom metze
sahlberg [Wed, 5 Apr 2006 21:38:41 +0000 (21:38 +0000)]
from metze

dissect smb2 break responses   used by a server to break an oplock

these unsolicited responses are sent with a commandseqnum of -1   so mark these in the header as unsolicited as well

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17820 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoUpdate PPIDs to latest IANA regsitration status.
tuexen [Wed, 5 Apr 2006 20:24:48 +0000 (20:24 +0000)]
Update PPIDs to latest IANA regsitration status.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17819 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoExpand some value strings, get map_error from gsm_map use the added IE's.
etxrab [Wed, 5 Apr 2006 18:54:43 +0000 (18:54 +0000)]
Expand some value strings, get map_error from gsm_map use the added IE's.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17818 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd some IE:s
etxrab [Wed, 5 Apr 2006 16:05:29 +0000 (16:05 +0000)]
Add some IE:s

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17817 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Martin Mathieson:
etxrab [Wed, 5 Apr 2006 16:04:46 +0000 (16:04 +0000)]
From Martin Mathieson:
This patch fixes the decode problem mentioned in this bug report:

"3. Frames 9 and 13 are only partially decoded and show up as "Packet size limited during capture" It looks like the decode chokes on the DQ-RI line."

DQ-RI is a localconnectionoptions parameter and shouldn't appear as a top-level parameter. This patch makes sure that all of the single-character top-level parmeter codes are followed immediately by a ':'.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17816 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrof Jeff Morriss:
etxrab [Wed, 5 Apr 2006 16:03:36 +0000 (16:03 +0000)]
Frof Jeff Morriss:
The attached patch adds support for the Japan SS7 variants (TTC/NTT) to
the MTP3, MTP3MG, SCCP, and SCCPMG dissectors.  It's not as thoroughly
implemented nor tested as I'd like, but it does a good job of at least
the basic dissection and I'm out of time for now.

It also fixes bug I found in the SCCP dissector where it would show an
End of Optional parameter even when the Optional pointer was 0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17815 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofrom previous commit
sahlberg [Wed, 5 Apr 2006 10:07:49 +0000 (10:07 +0000)]
from previous commit

dont dereference cdata null pointer

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17814 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agocreate the protocol tree in the main function and not down in the individual helper...
sahlberg [Wed, 5 Apr 2006 09:51:14 +0000 (09:51 +0000)]
create the protocol tree in the main function and not down in the individual helper functions

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17813 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoremove some crap
sahlberg [Wed, 5 Apr 2006 08:58:16 +0000 (08:58 +0000)]
remove some crap

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17812 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoimake fcp responses that do carry a scsi response code
sahlberg [Wed, 5 Apr 2006 08:51:45 +0000 (08:51 +0000)]
imake fcp responses    that do carry a scsi response code
call the scsi response dissector as well
(so that eventually we can do things like SRT for SCSI)

it doesnt work yet since fcp is using some incredibly broken logic to
track state between frames.

the cdata stuff can just not ever work exscept for single scan tethereal dissection.
is there noone at all looking at these protocols wioth ethereal?
has noone noticed it is completely broken yet?

sigh,    soon   i think i will be able to add the originally estimated trivial to implement   SCSI SRT

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17811 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agomake reportluns use the new macros to catch and flag alloclen truncation
sahlberg [Wed, 5 Apr 2006 07:25:57 +0000 (07:25 +0000)]
make reportluns use the new macros to catch and flag alloclen truncation

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17810 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agocleaning up bits and pieces
sahlberg [Wed, 5 Apr 2006 05:51:51 +0000 (05:51 +0000)]
cleaning up bits and pieces

replacing the hashtables with a better exchange   se_tree

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17809 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd a dissector for Nortels LGE Monitor protocol.
etxrab [Wed, 5 Apr 2006 05:05:42 +0000 (05:05 +0000)]
Add a dissector for Nortels LGE Monitor protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17808 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoadd dissection of the fcp response bidir read residual field
sahlberg [Wed, 5 Apr 2006 01:17:32 +0000 (01:17 +0000)]
add dissection of the fcp response   bidir read residual field

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17807 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agomove some arrays from the header to fcp.c
sahlberg [Tue, 4 Apr 2006 22:22:18 +0000 (22:22 +0000)]
move some arrays from the header to fcp.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17806 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agorefactoring of the fcp response dissector
sahlberg [Tue, 4 Apr 2006 22:21:48 +0000 (22:21 +0000)]
refactoring of the fcp response dissector

add missing flags to the dissection   and during refactoring fix several things that just can not have worked previously.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17805 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agomajor refactoring of the ifcp dissector.
sahlberg [Tue, 4 Apr 2006 11:58:56 +0000 (11:58 +0000)]
major refactoring of the ifcp dissector.

remove the port preference setting and replace it with strong heuristics instead
(attempt but fail to set a conversation dissector when the heuristics and the dissection match)

use tcp_dissect_pdus() for reassembly and pdu tracking and get rid of the try-to-step-through-the-pdu-to-find-where-the-next-pdu-starts thing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17804 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Irene: Make buttons unselecable when nothing would happen.
tuexen [Tue, 4 Apr 2006 09:04:08 +0000 (09:04 +0000)]
From Irene: Make buttons unselecable when nothing would happen.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17803 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofix for bug #856
sahlberg [Tue, 4 Apr 2006 07:53:39 +0000 (07:53 +0000)]
fix for bug #856

dont try to lookup a NULL string since this string will be dereferenced
in the ghashtable   hash callback

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17802 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agodislay a flags field as "Flags" instead of "SCCS Flags"
sahlberg [Mon, 3 Apr 2006 20:39:55 +0000 (20:39 +0000)]
dislay a flags field as "Flags" instead of "SCCS Flags"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17801 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agouse col_set_fence() after we have populated the info column with the SCSI details...
sahlberg [Mon, 3 Apr 2006 20:29:53 +0000 (20:29 +0000)]
use col_set_fence() after we have populated the info column with the SCSI details   so that if there are other pdus followinf this scsi pdu in the packet they will not overwrite it

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17800 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoadd dissection of the inq sync flag
sahlberg [Mon, 3 Apr 2006 20:12:24 +0000 (20:12 +0000)]
add dissection of the inq sync flag
sort the entries in scsi_verdesc_val   so it is easier to add missing entries

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17799 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFix bug http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=850 problems with tagged...
etxrab [Mon, 3 Apr 2006 19:07:52 +0000 (19:07 +0000)]
Fix bug bugs.ethereal.com/bugzilla/show_bug.cgi?id=850 problems with tagged assignments.
Add som OID names.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17798 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoAdd a null pointer check. Fixes the current Buildbot menagerie failure.
gerald [Mon, 3 Apr 2006 14:44:56 +0000 (14:44 +0000)]
Add a null pointer check.  Fixes the current Buildbot menagerie failure.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17797 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoa krb_error pdu with the error_code ERR_CLIENT_REVOKED
sahlberg [Mon, 3 Apr 2006 08:55:04 +0000 (08:55 +0000)]
a krb_error pdu with the error_code   ERR_CLIENT_REVOKED
issued by ms kdc contains a PA_DATA structure with a salt that contains an
nt_status code explaining why the client was not allowed to get a (tgt) ticket

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17796 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofurther prettification of the inq dissector.
sahlberg [Mon, 3 Apr 2006 08:20:54 +0000 (08:20 +0000)]
further prettification of the inq dissector.

further refactorinf of  the scsi  alloc_len macros

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17795 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agodissect byte 7 of the inq response
sahlberg [Mon, 3 Apr 2006 03:19:52 +0000 (03:19 +0000)]
dissect byte 7 of the inq response

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17794 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoDon't report the interface name unconditionally.
guy [Mon, 3 Apr 2006 03:15:29 +0000 (03:15 +0000)]
Don't report the interface name unconditionally.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17793 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoSet the right structure member.
guy [Mon, 3 Apr 2006 03:12:32 +0000 (03:12 +0000)]
Set the right structure member.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17792 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoadd dissection of byte 6 of inq response
sahlberg [Mon, 3 Apr 2006 02:40:07 +0000 (02:40 +0000)]
add dissection of byte 6 of inq response
(except fopr 3 bits that only exist for pscsi)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17791 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoClean up if CreateProcess() fails.
guy [Mon, 3 Apr 2006 01:58:43 +0000 (01:58 +0000)]
Clean up if CreateProcess() fails.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17790 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoPut the low-level sync routines into a common file so they can be shared
guy [Mon, 3 Apr 2006 01:56:53 +0000 (01:56 +0000)]
Put the low-level sync routines into a common file so they can be shared
by dumpcap and Ethereal (so that, on UN*X, the child process can report
a detailed "can't exec dumpcap" error).

Rename most of the "sync_pipe_XXX_to_parent()" routines, as they're also
in Tethereal, which doesn't have a sync pipe.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17789 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoadd dissection of the flags in byte 5 of the inquiry response
sahlberg [Mon, 3 Apr 2006 01:44:56 +0000 (01:44 +0000)]
add dissection of the flags in byte 5 of the inquiry response

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17788 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoprettify dissection of the aca flags byte in the inq response data.
sahlberg [Mon, 3 Apr 2006 00:55:21 +0000 (00:55 +0000)]
prettify dissection of the aca flags byte in the inq response data.

add dissection of two additional bits and the respdataformat bitvield

add booleans for the filter fields

make all the fields filterable

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17787 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoIn Tethereal, don't save to a temporary file if "-w" isn't specified,
guy [Mon, 3 Apr 2006 00:52:59 +0000 (00:52 +0000)]
In Tethereal, don't save to a temporary file if "-w" isn't specified,
even if doing a live capture; just print the packets without saving

In dumpcap:

default to the capturing the entire packet;

don't do the "Press any key" stuff when debugging on UN*X;

do console logging (to the standard error) even when we're
running as the capture child (the sync pipe should only be the
standard output, not the standard error).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17786 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agothe hash,name,fullname of an nfs filehandle are all
sahlberg [Sun, 2 Apr 2006 23:24:00 +0000 (23:24 +0000)]
the hash,name,fullname of an nfs filehandle are all
generated items

mark them as generated items in the dissect pane

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17785 f5534014-38df-0310-8fa8-9805f1628bb7

15 years ago change TRY_SCSI_SHORT_TRANSFER to use the allocation length specified in the CDB
sahlberg [Sun, 2 Apr 2006 22:50:46 +0000 (22:50 +0000)]
 change TRY_SCSI_SHORT_TRANSFER   to use the allocation length specified in the CDB
instead of the allocation length from the data pdu   since sometimes the datapdu will be completely empty and thus we cant extract it from the data pdu.
(unclear if this is really allowed by scsi   but anyway)
this should make the scsi transfer length checking more correct.

update mmc  getconfiguration   and spc  inquiry  to use these macros
and flag these packets that are short due to a too small alloc_len
as truncated due to scsi  and not being short/malformed packets.

at the same time,  get rid of a few horrible   offset+x   in the inquiry dissector and replace with proper offset incrementation instead.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17784 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoprettify dissection of nfsv3 fattr3 structure
sahlberg [Sun, 2 Apr 2006 21:04:11 +0000 (21:04 +0000)]
prettify dissection of nfsv3 fattr3 structure

put useful info like type,mode,uid,gid on the expansion lines so we dont have to open the expansion to see these values.

allow it to push this info multiple expansion lines upward
and optionally (such as for GETATTR replies) put this info in the info column as well

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17783 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Martin Mathieson:
etxrab [Sun, 2 Apr 2006 19:38:36 +0000 (19:38 +0000)]
From Martin Mathieson:
Removes the use of the deprecated proto_tree_add_item_hidden() function

I was adding the 'msmms.command.unknown' field in lots of places (a
habit of mine in my own dissectors), but this probably isn't useful.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17782 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Greg Morris:
etxrab [Sun, 2 Apr 2006 19:37:12 +0000 (19:37 +0000)]
From Greg Morris:
Fixes bug 830
Adds a few more expert info details.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17781 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Ming Zhang:
etxrab [Fri, 31 Mar 2006 05:11:57 +0000 (05:11 +0000)]
From Ming Zhang:
fix a minor error in mode_select, packet-scsi.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17780 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Francesco Fondelli:
etxrab [Fri, 31 Mar 2006 05:09:37 +0000 (05:09 +0000)]
From Francesco Fondelli:

you find attached a patch for dissecting MPLS OAM pdus
as defind in Y.1711 ITU-T doc.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17779 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFrom Irene: Fix problems with off screen drawings
tuexen [Thu, 30 Mar 2006 22:17:42 +0000 (22:17 +0000)]
From Irene: Fix problems with off screen drawings
            Make rectangle clickable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17778 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agofix for Bug 849
lego [Thu, 30 Mar 2006 20:29:36 +0000 (20:29 +0000)]
fix for  Bug 849

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17777 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoremove some useless code.
lego [Thu, 30 Mar 2006 20:15:59 +0000 (20:15 +0000)]
remove some useless code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17776 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoDelete init.lua when asked to delete global settings.
lego [Thu, 30 Mar 2006 19:56:33 +0000 (19:56 +0000)]
Delete init.lua when asked to delete global settings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17775 f5534014-38df-0310-8fa8-9805f1628bb7

15 years agoFix FieldInfo and add an attribute for the filter name.
lego [Thu, 30 Mar 2006 19:48:05 +0000 (19:48 +0000)]
Fix FieldInfo and add an attribute  for the filter name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17774 f5534014-38df-0310-8fa8-9805f1628bb7