10 years agoAdd monitor mode support to Wireshark *on the command line*; support
guy [Fri, 7 May 2010 01:55:13 +0000 (01:55 +0000)]
Add monitor mode support to Wireshark *on the command line*; support
through the GUI requires more work.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32706 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoOops, -B disappeared from the list of dumpcap options in the change to
guy [Fri, 7 May 2010 01:50:22 +0000 (01:50 +0000)]
Oops, -B disappeared from the list of dumpcap options in the change to
support multiple, err, optional options.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32705 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdd monitor mode support to TShark.
guy [Fri, 7 May 2010 01:46:38 +0000 (01:46 +0000)]
Add monitor mode support to TShark.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32704 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoHandle -I in the options processing.
guy [Fri, 7 May 2010 01:25:53 +0000 (01:25 +0000)]
Handle -I in the options processing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32703 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoBeginnings of monitor mode support with libpcap 1.x.
guy [Fri, 7 May 2010 01:22:33 +0000 (01:22 +0000)]
Beginnings of monitor mode support with libpcap 1.x.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32702 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoInstead, say that the default is platform-dependent.
guy [Fri, 7 May 2010 00:28:42 +0000 (00:28 +0000)]
Instead, say that the default is platform-dependent.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32701 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoNow that we support -B on various UN*X platforms as well as Windows, we
guy [Fri, 7 May 2010 00:16:52 +0000 (00:16 +0000)]
Now that we support -B on various UN*X platforms as well as Windows, we
can no longer state what the default is (it's platform-dependent).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32700 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Jouni Malinen via bug 4713:
gerald [Fri, 7 May 2010 00:13:33 +0000 (00:13 +0000)]
From Jouni Malinen via bug 4713:

The 0x80 bit in the Action Category field indicates that the
transmitter is reporting an unrecognized category (or somehow
incorrect frame). Rest of the frame body is identical to the original
Action frame, so we should handle dissecting of these just like with
the category without the 0x80 bit.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32699 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoOur default target platform is still win32.
gerald [Thu, 6 May 2010 23:58:18 +0000 (23:58 +0000)]
Our default target platform is still win32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32698 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoSet the timestamp seconds type to TS_SECONDS_DEFAULT at startup so we
gerald [Thu, 6 May 2010 23:51:37 +0000 (23:51 +0000)]
Set the timestamp seconds type to TS_SECONDS_DEFAULT at startup so we
don't abort.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32697 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Hadar Shoham via bug 4750:
gerald [Thu, 6 May 2010 23:34:56 +0000 (23:34 +0000)]
From Hadar Shoham via bug 4750:

1. add docsis3.0 support in bootp option 60
2. change to text option 123 (Cable lab)
3. change to text option 43 sub option 8 (OUI)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32696 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoJust check for pcap_create(); it first appeared in libpcap 1.0.0, and
guy [Thu, 6 May 2010 23:33:41 +0000 (23:33 +0000)]
Just check for pcap_create(); it first appeared in libpcap 1.0.0, and
pcap_set_buffer_size() did as well, so there aren't any libpcap releases
with pcap_create() but not pcap_set_buffer_size().

Only do one check for pcap_create.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32695 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix compilation.
gerald [Thu, 6 May 2010 23:29:55 +0000 (23:29 +0000)]
Fix compilation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32694 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoUse consistent indentation & whitespace.
wmeier [Thu, 6 May 2010 21:16:31 +0000 (21:16 +0000)]
Use consistent indentation & whitespace.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32693 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Mathieu Parent:
jake [Thu, 6 May 2010 19:16:45 +0000 (19:16 +0000)]
From Mathieu Parent:
* Added LineInstance and CallId to keypadButton-, stimulus-, offHook-, onHook-,
  startTone-, stopTone-, setRingerMessage
* Added RingMode to setRingerMessage
* Added displayName to LineStatMessage

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32692 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agotvbparse_len_left does not seem to exist in tvbparse.c
etxrab [Thu, 6 May 2010 19:15:25 +0000 (19:15 +0000)]
tvbparse_len_left does not seem to exist in tvbparse.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32691 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFollow up for revision 32670.
jake [Thu, 6 May 2010 18:41:23 +0000 (18:41 +0000)]
Follow up for revision 32670.
Straighten out is_acn() function.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32690 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoCleanup and export the TVB parser.
jake [Thu, 6 May 2010 18:37:47 +0000 (18:37 +0000)]
Cleanup and export the TVB parser.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32689 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoChecking in Stigs changes from
etxrab [Thu, 6 May 2010 18:34:30 +0000 (18:34 +0000)]
Checking in Stigs changes from
BUT not activating the check for
This should make it possible to build with support for setting the buffersize if not capturing 802.11 traffic.

The code for handling the 'B' option should be OK in any case.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32688 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoCheck for pcap_create
etxrab [Thu, 6 May 2010 15:39:08 +0000 (15:39 +0000)]
Check for pcap_create
Using pcap create and pcap_activate should make it possible
to set the capture buffer size on Linux systems as well as Windows.
Help to implement it would be apreciated :-)


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32687 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdd PPID 28 IRCP
etxrab [Thu, 6 May 2010 12:54:43 +0000 (12:54 +0000)]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32686 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoMoved command line option for seconds type to -u.
stig [Thu, 6 May 2010 12:31:24 +0000 (12:31 +0000)]
Moved command line option for seconds type to -u.
Added this option to tshark.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32685 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoSimplified hour_min_sec calculations.
stig [Thu, 6 May 2010 11:25:15 +0000 (11:25 +0000)]
Simplified hour_min_sec calculations.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32684 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdded an option to display seconds as hours, minutes and seconds
stig [Thu, 6 May 2010 10:32:59 +0000 (10:32 +0000)]
Added an option to display seconds as hours, minutes and seconds
in the packet list, on this format: "1h 2m 3.456s".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32683 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoCalculate correct PDU lenght if the per_length_determinant is one byte long.
etxrab [Wed, 5 May 2010 19:22:28 +0000 (19:22 +0000)]
Calculate correct PDU lenght if the per_length_determinant is one byte long.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32680 f5534014-38df-0310-8fa8-9805f1628bb7

10 years ago- Remove check_col()
etxrab [Wed, 5 May 2010 17:22:40 +0000 (17:22 +0000)]
- Remove check_col()
- only read method string once.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32677 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoTry to avoid the user confusion reported in
morriss [Wed, 5 May 2010 14:29:55 +0000 (14:29 +0000)]
Try to avoid the user confusion reported in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3477 by not using blurbs
that look like abbreviations (filter strings).

While we're at it try to avoid giving blurbs that are identical (or nearly so)
to the field name.

Regenerate a couple of dissectors like this to prove out the idea.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32673 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoH.225.0 updated to version 7 (2009-12)
kukosa [Wed, 5 May 2010 13:14:41 +0000 (13:14 +0000)]
H.225.0 updated to version 7 (2009-12)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32672 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFile updated from ASN.1 database where the bug in ASN.1 definition has been fixed...
kukosa [Wed, 5 May 2010 10:29:23 +0000 (10:29 +0000)]
File updated from ASN.1 database where the bug in ASN.1 definition has been fixed on request

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32671 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Jim Schaettle:
etxrab [Wed, 5 May 2010 05:52:37 +0000 (05:52 +0000)]
From Jim Schaettle:
Add Ratified DMX to ACN Dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32670 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Andrew Feren:
etxrab [Wed, 5 May 2010 05:41:07 +0000 (05:41 +0000)]
From Andrew Feren:
The current implementation of options templates continues reading past the end
of the option template.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32669 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoUpdate the comment about being based on the GTK Tree View Tutorial,
sfisher [Wed, 5 May 2010 02:33:34 +0000 (02:33 +0000)]
Update the comment about being based on the GTK Tree View Tutorial,
including putting /tutorial/ at the end of the URL because the
main web-site is something unrelated to the tutorial.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32668 f5534014-38df-0310-8fa8-9805f1628bb7

10 years ago1.3.5 -> 1.3.6.
gerald [Wed, 5 May 2010 00:28:24 +0000 (00:28 +0000)]
1.3.5 -> 1.3.6.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32667 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoBuild 1.3.5.
gerald [Tue, 4 May 2010 23:03:42 +0000 (23:03 +0000)]
Build 1.3.5.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32666 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoUn-C++-ify a comment.
gerald [Tue, 4 May 2010 21:52:41 +0000 (21:52 +0000)]
Un-C++-ify a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32664 f5534014-38df-0310-8fa8-9805f1628bb7

10 years ago H.245 updated to v15 (2009-12)
kukosa [Tue, 4 May 2010 19:01:25 +0000 (19:01 +0000)]
 H.245 updated to v15 (2009-12)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32660 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRemove unused variables.
etxrab [Tue, 4 May 2010 15:36:54 +0000 (15:36 +0000)]
Remove unused variables.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32659 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRefactor the code to parse SIP contact parameters.
etxrab [Tue, 4 May 2010 15:12:44 +0000 (15:12 +0000)]
Refactor the code to parse SIP contact parameters.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32658 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Andrew Feren:
etxrab [Tue, 4 May 2010 05:34:14 +0000 (05:34 +0000)]
From Andrew Feren:
Solve Problems decoding variable length strings in IPFIX.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32657 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Jouni Malinen:
jake [Tue, 4 May 2010 05:31:29 +0000 (05:31 +0000)]
From Jouni Malinen:
Dissect the optional IEs following the fixed fields in Deauthentication
and Disassociation frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32656 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRework code to handle multiple messages in a packet.
wmeier [Mon, 3 May 2010 23:05:27 +0000 (23:05 +0000)]
Rework code to handle multiple messages in a packet.
Fixes Bug #4709.
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4709

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32654 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoUpdate capinfos man page.
wmeier [Mon, 3 May 2010 20:38:06 +0000 (20:38 +0000)]
Update capinfos man page.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32653 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoUpdate the capinfos documentation.
wmeier [Mon, 3 May 2010 20:25:33 +0000 (20:25 +0000)]
Update the capinfos documentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32652 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRemove extra % in printf format string.
morriss [Mon, 3 May 2010 19:42:09 +0000 (19:42 +0000)]
Remove extra % in printf format string.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32651 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4734 :
morriss [Mon, 3 May 2010 19:33:23 +0000 (19:33 +0000)]
Fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4734 :

Don't crash on a malformed SMB packet.  According to svn blame, this code
has been here since rev 21713 though maybe something else changed to make the
crash apparent.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32650 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdd "inferred" snapshot length (if any) to the output.
wmeier [Mon, 3 May 2010 19:08:11 +0000 (19:08 +0000)]
Add "inferred" snapshot length (if any) to the output.
A snapshot length is inferred if there are records
in a capture file with "capture length" less than
"packet length".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32649 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoThis patch is submitted on behalf of Mellanox Technologies:
etxrab [Mon, 3 May 2010 18:31:00 +0000 (18:31 +0000)]
This patch is submitted on behalf of Mellanox Technologies:
Printing to the source and destination columns by the Infiniband dissector is
not working properly. This patch changes the printing code to perform the
correct operations, so that the source and destination information properly
appears in the columns.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32648 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoThis patch is submitted on behalf of Mellanox Technologies:
etxrab [Mon, 3 May 2010 18:14:38 +0000 (18:14 +0000)]
This patch is submitted on behalf of Mellanox Technologies:
This patch adds code for correct dissection of two performance management
datagrams to the Infiniband dissector. The added MADs are PortCounters and
PortCounters Extended.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32647 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoThis patch is submitted on behalf of Mellanox Technologies:
etxrab [Mon, 3 May 2010 18:06:21 +0000 (18:06 +0000)]
This patch is submitted on behalf of Mellanox Technologies:
This patch adds value strings that display the meaning of the possible values for the infiniband.mad.method field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32646 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoThis patch is submitted on behalf of Mellanox Technologies:
etxrab [Mon, 3 May 2010 17:58:22 +0000 (17:58 +0000)]
This patch is submitted on behalf of Mellanox Technologies:
This patch fixes a bug in Infiniband dissection where the offset was
incorrectly incremented in some cases leading to attempt to read past the end
of the tvb and a MALFORMED-PACKET error being issued.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32645 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoThis patch is submitted on behalf of Mellanox Technologies:
etxrab [Mon, 3 May 2010 17:51:01 +0000 (17:51 +0000)]
This patch is submitted on behalf of Mellanox Technologies:
This patch fixes the code to correctly identify MAD
packets by their source and destination queue pairs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32644 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoignore unreassembled fragments if the first segment of the next message comes
kukosa [Mon, 3 May 2010 08:07:53 +0000 (08:07 +0000)]
ignore unreassembled fragments if the first segment of the next message comes

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32643 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoadd SAPI "Q.931 packet mode communication" which is obsolete but used in some traces
kukosa [Mon, 3 May 2010 07:16:25 +0000 (07:16 +0000)]
add SAPI "Q.931 packet mode communication" which is obsolete but used in some traces

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32641 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoTry to fix the solaris build bot.
etxrab [Mon, 3 May 2010 05:03:51 +0000 (05:03 +0000)]
Try to fix the solaris build bot.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32640 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoChange two instances of "an Wireshark plugin" to "a Wireshark plugin".
sfisher [Sun, 2 May 2010 23:39:58 +0000 (23:39 +0000)]
Change two instances of "an Wireshark plugin" to "a Wireshark plugin".
The use of "an" must have been leftover from the Ethereal days ("an
Ethereal plugin").

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32639 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRun deprecated-gtk-todoon all files in the gtk dir.
etxrab [Sun, 2 May 2010 21:42:53 +0000 (21:42 +0000)]
Run deprecated-gtk-todoon all files in the gtk dir.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32638 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRewrite: strcpy -> g_strlcpy.
stig [Sun, 2 May 2010 20:21:39 +0000 (20:21 +0000)]
Rewrite: strcpy -> g_strlcpy.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32637 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRewrite: gtk_combo_new -> gtk_combo_box_entry_new_text.
stig [Sun, 2 May 2010 19:50:44 +0000 (19:50 +0000)]
Rewrite: gtk_combo_new -> gtk_combo_box_entry_new_text.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32636 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix:
etxrab [Sun, 2 May 2010 17:02:11 +0000 (17:02 +0000)]
packet-ip.c:1311: warning: 'field_tree' may be used uninitialized in this function

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32635 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Jakub Zawadzki:
etxrab [Sun, 2 May 2010 15:37:23 +0000 (15:37 +0000)]
From Jakub Zawadzki:
Fix copy&paste error + add support for proto_tree_add_bits API

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32634 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Jakub Zawadzki:
etxrab [Sun, 2 May 2010 15:36:44 +0000 (15:36 +0000)]
From Jakub Zawadzki:
patch for ip.flags (using proto_tree_add_bits_item).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32633 f5534014-38df-0310-8fa8-9805f1628bb7

10 years ago[Automatic manuf and enterprise-numbers update for 2010-05-02]
gerald [Sun, 2 May 2010 15:03:30 +0000 (15:03 +0000)]
[Automatic manuf and enterprise-numbers update for 2010-05-02]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32630 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoDon't type prune the data_ptr pointer for UAT.
stig [Sun, 2 May 2010 13:50:52 +0000 (13:50 +0000)]
Don't type prune the data_ptr pointer for UAT.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32629 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoDon't type prune the data_ptr pointer for UAT.
stig [Sun, 2 May 2010 13:50:19 +0000 (13:50 +0000)]
Don't type prune the data_ptr pointer for UAT.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32628 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Hitoshi Irino:
jake [Sun, 2 May 2010 12:50:54 +0000 (12:50 +0000)]
From Hitoshi Irino:
The function "dissect_v9_pdu" of "epan/dissectors/packet-netflow.c" decodes
NetFlow v9 packets and IPFIX packets with same logic. But, the "scope field" is
different between NetFlow v9 and IPFIX. NetFlow v9 has only 5 kind of scopes.
On the other hand, many Information Elements can be used as scope fields in
IPFIX packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32627 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix for bug 4723:
jake [Sun, 2 May 2010 12:32:52 +0000 (12:32 +0000)]
Fix for bug 4723:
Don't type prune the data_ptr pointer for UAT.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32626 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdded some more dissecting.
stig [Sun, 2 May 2010 10:03:08 +0000 (10:03 +0000)]
Added some more dissecting.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32625 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoDisable ok button when no name entered.
stig [Sun, 2 May 2010 10:01:54 +0000 (10:01 +0000)]
Disable ok button when no name entered.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32624 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdded tooltips for UAT column headers.
stig [Sun, 2 May 2010 09:59:02 +0000 (09:59 +0000)]
Added tooltips for UAT column headers.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32623 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoDissect 3GPP AVP 5 3GPP-GPRS Negotiated QoS profile.
etxrab [Sat, 1 May 2010 14:58:03 +0000 (14:58 +0000)]
Dissect 3GPP AVP 5 3GPP-GPRS Negotiated QoS profile.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32622 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoReplace GtkClist in uat_gui.c with GtkTreeView+GtkListStore. Pop up the
gerald [Fri, 30 Apr 2010 22:33:51 +0000 (22:33 +0000)]
Replace GtkClist in uat_gui.c with GtkTreeView+GtkListStore. Pop up the
edit window when an item is double-clicked. Add a couple of convenience
routines to gui_utils.c.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32621 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRevert rev 32519 for now: it is making the dissector bug a little too obvious. It...
morriss [Fri, 30 Apr 2010 22:00:05 +0000 (22:00 +0000)]
Revert rev 32519 for now: it is making the dissector bug a little too obvious.  It may make sense to put the check back in once the bug (tracked via 4698) is fixed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32620 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoPick up other check from the almost-identical routine in
guy [Fri, 30 Apr 2010 21:55:42 +0000 (21:55 +0000)]
Pick up other check from the almost-identical routine in

(The common code should be in a utility routine.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32619 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix comment.
guy [Fri, 30 Apr 2010 21:51:47 +0000 (21:51 +0000)]
Fix comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32618 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix up indentation a bit
morriss [Fri, 30 Apr 2010 21:40:57 +0000 (21:40 +0000)]
Fix up indentation a bit

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32617 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1696 :
morriss [Fri, 30 Apr 2010 21:40:39 +0000 (21:40 +0000)]
Fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1696 :

The change put in with rev 11382 meant that, on 64-bit systems, we could not
parse negative numbers into integers (since -1 taken as an unsigned 64-bit
number is (significantly) larger than G_MAX_UINT32).

To fix this, split the val_from_unparsed() routine for integers into two
routines: one for signed and one for unsigned; each routine can then do the
appropriate "is this bigger than what fits in a *32?" test.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32616 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdd a catch-all if statement for column formats that are filled in by
gerald [Fri, 30 Apr 2010 20:49:41 +0000 (20:49 +0000)]
Add a catch-all if statement for column formats that are filled in by
dissectors. Fixes bug 4732.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32615 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Chris Maynard: Fix Bug #1292: "Win32: confusing setup target warning if cl.exe...
wmeier [Fri, 30 Apr 2010 20:15:27 +0000 (20:15 +0000)]
From Chris Maynard: Fix Bug #1292: "Win32: confusing setup target warning if cl.exe is not in path"
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1292

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32614 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix a gcc -Wshadow warning.
wmeier [Fri, 30 Apr 2010 18:19:47 +0000 (18:19 +0000)]
Fix a gcc -Wshadow warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32613 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix a gcc -Wshadow warning.
wmeier [Fri, 30 Apr 2010 17:47:23 +0000 (17:47 +0000)]
Fix a gcc -Wshadow warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32612 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoTrivial: Update AUTHORS entry, remove out-of-date comments, minor formatting
martinm [Fri, 30 Apr 2010 17:15:59 +0000 (17:15 +0000)]
Trivial: Update AUTHORS entry, remove out-of-date comments, minor formatting

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32611 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoClean up some calls to use the same offset as the call to put the parent
guy [Fri, 30 Apr 2010 08:26:12 +0000 (08:26 +0000)]
Clean up some calls to use the same offset as the call to put the parent
into the protocol tree.

Put the cases for various Radiotap data items into numerical order by
the bit number.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32610 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoSeveral dissectors fill in custom custom data in the source and
gerald [Thu, 29 Apr 2010 23:53:57 +0000 (23:53 +0000)]
Several dissectors fill in custom custom data in the source and
destination address columns. Don't clobber it in the new packet list.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32609 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoTerminate a string so that strchr doesn't wander off. Hopefully fixes bugs
gerald [Thu, 29 Apr 2010 22:36:40 +0000 (22:36 +0000)]
Terminate a string so that strchr doesn't wander off. Hopefully fixes bugs
4725 and 4728.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32608 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoRemove an unused variable.
gerald [Thu, 29 Apr 2010 22:35:00 +0000 (22:35 +0000)]
Remove an unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32607 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Mike Morrin:
etxrab [Thu, 29 Apr 2010 20:45:53 +0000 (20:45 +0000)]
From Mike Morrin:
Dissection of BSSMAP IEs: Old BSS to New BSS Info and New BSS to Old BSS Info

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32606 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoForgot a //
etxrab [Thu, 29 Apr 2010 20:41:35 +0000 (20:41 +0000)]
Forgot a //

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32605 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoSimplify dissect_sip_authorization_item().
etxrab [Thu, 29 Apr 2010 20:02:14 +0000 (20:02 +0000)]
Simplify dissect_sip_authorization_item().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32604 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4308 :
morriss [Thu, 29 Apr 2010 19:30:54 +0000 (19:30 +0000)]
Fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4308 :

Make a function that checks if the user is running as root or if npf.sys isn't
loaded (on Windows) and call it *after* showing the main window so that the
popup (if any) shows up above the main window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32603 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoDo the header matching on lower case.
etxrab [Thu, 29 Apr 2010 19:11:48 +0000 (19:11 +0000)]
Do the header matching on lower case.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32602 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoMake the indentation consistent.
morriss [Thu, 29 Apr 2010 18:17:29 +0000 (18:17 +0000)]
Make the indentation consistent.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32601 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoautentification info gives malformed packet if no space before "="
etxrab [Thu, 29 Apr 2010 16:08:14 +0000 (16:08 +0000)]
autentification info gives malformed packet if no space before "="

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32600 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoMake a variable a guint8* instead of a char* since it a) holds TVB data and b) matche...
morriss [Thu, 29 Apr 2010 15:23:10 +0000 (15:23 +0000)]
Make a variable a guint8* instead of a char* since it a) holds TVB data and b) matches what tvb_new_child_real_data() wants for its 2nd argument.  This cleans up a warning from the Sun compiler.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32599 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoMake a variable a guint8* instead of a char* since it a) holds TVB data and b) matche...
morriss [Thu, 29 Apr 2010 14:58:22 +0000 (14:58 +0000)]
Make a variable a guint8* instead of a char* since it a) holds TVB data and b) matches what tvb_new_child_real_data() wants for its 2nd argument.  This cleans up a warning from the Sun compiler.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32598 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoUse strchr() instead of index()--Windows doesn't appear to have the latter.
morriss [Thu, 29 Apr 2010 14:38:26 +0000 (14:38 +0000)]
Use strchr() instead of index()--Windows doesn't appear to have the latter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32597 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoFrom Michael Speck via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4726 :
morriss [Thu, 29 Apr 2010 13:12:54 +0000 (13:12 +0000)]
From Michael Speck via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4726 :

If "Help -> About Wireshark" is selected from Wireshark's main menu an error
message pops up:

Could not open file "<DevelopmentPath>\Wireshark_Source\wireshark-gtk2\COPYING":
No such file or directory

The attached patch handles this situation by looking for COPYING.txt instead of
COPYING on windows systems.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32596 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoIt is becomming more common that iscsi vendors use iscsi-redirectors and redirect
sahlberg [Thu, 29 Apr 2010 08:41:23 +0000 (08:41 +0000)]
It is becomming more common that iscsi vendors use iscsi-redirectors and redirect
initiators to a different host/port and thus often redirect to non-3260.

The heuristics to detect iscsi is quite weak since there is very little
in the average iscsi header that can be used to semi-reliably identify
something as iscsi and not random data/something else.
As such, the heuristics also use/rely on the port being 3260 in order
to reduce the otherwise massive numbver of false positives that would arise.

Add decoding of the text key/value pairs and trigger on TargetAddress.
This field would describe a address/port where we can quite reliably
assume that this traffic is indeed iscsi and not something else.

When seeing the iscsi redirect/TargetAddress, use this as a signalling hint
and register a conversation dissector for TCP to that address/port so that
any future packet to/from this port is sent to the iscsi dissector.

If the signalling/redirect is not in the capture, wireshark will not detect
the traffic as iscsi and the user will have to use DecodeAs.  and manually
\set it to iscsi.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32595 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoAdd snaplen to capinfos output. Idea from Chris Maynard on -dev.
sfisher [Thu, 29 Apr 2010 06:29:51 +0000 (06:29 +0000)]
Add snaplen to capinfos output.  Idea from Chris Maynard on -dev.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32594 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoDelay starting the resolv_update_cb until the main window has been displayed
morriss [Thu, 29 Apr 2010 00:09:01 +0000 (00:09 +0000)]
Delay starting the resolv_update_cb until the main window has been displayed
This avoids this error:

(lt-wireshark:16779): Gdk-CRITICAL **: gdk_window_invalidate_rect: assertion `window != NULL' failed

before the main window has been drawn if you've got a personal hosts file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32593 f5534014-38df-0310-8fa8-9805f1628bb7

10 years agoUse proto_add_item() and clean up the code a bit.
etxrab [Wed, 28 Apr 2010 21:20:57 +0000 (21:20 +0000)]
Use proto_add_item() and clean up the code a bit.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32592 f5534014-38df-0310-8fa8-9805f1628bb7