I'm struggling for some time now with displaying bitfields, I'm sure there
must be something I'm overlooking, or it's just a bit difficult to do in
Wireshark.
I have a 32bit, little endian field, which I'd like to parse the bits (as
set/not set):
Example:
05 00 00 00
1 0 0 0 Feature A - set
Hi Folks.
This year the Honeynet Project[1] mentored 12 projects for the Google
Summer of Code[2]. Project #8's goal was to extend Wireshark and
add it some forensics & security analysis plugins.
WireShnork[3] plugin allows applying Snort IDS[4] rules and signatures
against pcap files in Wireshar
Based on the current discussion about the use of the format field for
proto_tree_add_item(), I have once again revised the patch file for Bug 5531 (
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5531 ). It has gotten a
lot of votes and was originally submitted over nine months ago. Is th
Balint Reczey wrote:
On 10/07/2011 04:26 PM, Jeff Morriss wrote:
Balint Reczey wrote:
On 10/07/2011 04:07 PM, Jeff Morriss wrote:
Gerald Combs wrote:
On 10/4/11 1:11 PM, Jeff Morriss wrote:
Balint Reczey wrote:
Let's make Python a requirement now.
I fully support the idea of not keeping gen
Anders Broman skrev 2011-10-07 18:10:
Mike Morrin skrev 2011-10-07 17:48:
-Original Message-
From: wireshark-dev-boun...@wireshark.org
[mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Stephen Fisher
Sent: 07 October 2011 16:32
To: Developer support list for Wireshark
Subject: R
On 10/07/2011 04:26 PM, Jeff Morriss wrote:
Balint Reczey wrote:
On 10/07/2011 04:07 PM, Jeff Morriss wrote:
Gerald Combs wrote:
On 10/4/11 1:11 PM, Jeff Morriss wrote:
Balint Reczey wrote:
Let's make Python a requirement now.
I fully support the idea of not keeping generated files in SVN an
Mike Morrin skrev 2011-10-07 17:48:
-Original Message-
From: wireshark-dev-boun...@wireshark.org
[mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Stephen Fisher
Sent: 07 October 2011 16:32
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Global conversation
-Original Message-
From: wireshark-dev-boun...@wireshark.org
[mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Stephen Fisher
Sent: 07 October 2011 16:32
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Global conversation
On Fri, Oct 07, 2011 at 02:51:35PM +
On Fri, Oct 07, 2011 at 11:31:24AM +0200, Marcel Haas wrote:
> I have some packets witch are compress witz zlib.
> I want to uncompress them.
Take a look at the tvb_uncompress() or tvb_child_uncompress() functions
in epan/tvbuff.c. An example of tvb_child_uncompress() is in the HTTP
dissecto
On Fri, Oct 07, 2011 at 02:51:35PM +0200, Anders Broman wrote:
> Perhaps it could be done if we had a Global conversation to which you
> cold add a List of per protocol conversations.
We could create a new set of conversation functions, such as:
global_conversation_new()
global_
Balint Reczey wrote:
On 10/07/2011 04:07 PM, Jeff Morriss wrote:
Gerald Combs wrote:
On 10/4/11 1:11 PM, Jeff Morriss wrote:
Balint Reczey wrote:
Let's make Python a requirement now.
I fully support the idea of not keeping generated files in SVN and in
the release tarball.
I know it's been a
On 10/07/2011 04:07 PM, Jeff Morriss wrote:
Gerald Combs wrote:
On 10/4/11 1:11 PM, Jeff Morriss wrote:
Balint Reczey wrote:
Let's make Python a requirement now.
I fully support the idea of not keeping generated files in SVN and in
the release tarball.
I know it's been a while, but... Any ot
Gerald Combs wrote:
On 10/4/11 1:11 PM, Jeff Morriss wrote:
Balint Reczey wrote:
Let's make Python a requirement now.
I fully support the idea of not keeping generated files in SVN and in
the release tarball.
I know it's been a while, but... Any other thoughts/votes on this topic?
It's fine
>>Thus wrote Guy Harris (g...@alum.mit.edu):
>
>> We should probably also add a notion of "conversations" available to
>> dissectors at multiple layers (a notion more general than the current
>> address-and-port-endpoint-pair notion, that can include multiple
>> address layers, "circuits" for
Thus wrote Guy Harris (g...@alum.mit.edu):
> We should probably also add a notion of "conversations" available to
> dissectors at multiple layers (a notion more general than the current
> address-and-port-endpoint-pair notion, that can include multiple
> address layers, "circuits" for protocols th
On Fri, 7 Oct 2011 13:21:15 +0200, fa...@freesurf.fr wrote:
I have a example from my plugin if it may help:
unsigned char Ip_Buffer[2000];
/* Get the buffer bytes to decompress */
tvb_memcpy(tvb, Ip_Buffer, (*bitoffset)/8,lgpdubit/8);
/*
* Decompress it
I have a example from my plugin if it may help:
unsigned char Ip_Buffer[2000];
/* Get the buffer bytes to decompress */
tvb_memcpy(tvb, Ip_Buffer, (*bitoffset)/8,lgpdubit/8);
/*
* Decompress it:
* Decompressed buffer is output in Op_Buffer,
On Fri, 7 Oct 2011 13:51:13 +0400, Max Dmitrichenko
wrote:
2011/10/7 Marcel Haas :
And i have the next problem. Damn wireshark kick my ass :)
I have some packets witch are compress witz zlib.
I want to uncompress them.
I read the dev-guid about transformed data but i dont have a clue.
I were t
2011/10/7 Marcel Haas :
> And i have the next problem. Damn wireshark kick my ass :)
>
> I have some packets witch are compress witz zlib.
> I want to uncompress them.
> I read the dev-guid about transformed data but i dont have a clue.
> I were testing some stuff but with no good result.
> Can som
And i have the next problem. Damn wireshark kick my ass :)
I have some packets witch are compress witz zlib.
I want to uncompress them.
I read the dev-guid about transformed data but i dont have a clue.
I were testing some stuff but with no good result.
Can someone help me with that ?
thx and re
>
> On Oct 7, 2011, at 1:19 AM, fa...@freesurf.fr wrote:
>
>> Is there any way to send some information to a plugin dissector from the
>> wireshark GUI interface?
>
> What sort of information?
>
Typically a filename + Directory where the the plugin dissector would
write some statistic information.
On Oct 7, 2011, at 1:19 AM, fa...@freesurf.fr wrote:
> Is there any way to send some information to a plugin dissector from the
> wireshark GUI interface?
What sort of information?
> For instance using a wireshark menu to set some variable that will be
> accessible from the plugin.
As Anders s
Hi,
Can't you do what you want through preferences possibly with a UAT table?
GUI code is not suppposed to live in plugins. With the new UIManager code in
trunk it is possible
To add items to the menubar. There's absolutly no guatrantee that that API is
stable and I'm
Not sure if it would work f
Hello,
Is there any way to send some information to a plugin dissector from the
wireshark GUI interface?
For instance using a wireshark menu to set some variable that will be
accessible from the plugin.
Or maybe it is possible to add a menu from the plugin?
Thanks
Fabien
_
On Thu, 06 Oct 2011 10:11:23 -0400, Jeff Morriss
wrote:
Marcel Haas wrote:
On Thu, 06 Oct 2011 09:10:38 -0400, Jeff Morriss
wrote:
Marcel Haas wrote:
Hey,
I have a new problem.
Some of u still remember that im writing my own function and
include it to wireshark/epan file folder.
i built it
25 matches
Mail list logo
