Hello developers,
I'd like to write a wiki page about using the XSLT program to convert a PDML
file into a HTML file. I'm thus requesting wiki editor permissions. My wiki
username is "doj".
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-
velopers will interpret it differently. Use the longer, but explicit function
names.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archi
the
frame and the captured length. I suggest that we simply state these lengths in
the function name and *not* have an unqualified (shorter) name which will get
misinterpreted. So my suggestion for a rename would be:
tvb_actual_length()
tvb_captured_length()
--
---> Dirk Jagdmann
> http://cub
do you have a new_register_dissector("amp", ...) in the proto_register_amp()
function? Otherwise the SSL dissector can not match the "amp" string to a
dissector handle/function.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-
sed OsX 10.9 yet, so I don't know if it requires any extra steps.
You shouldn't use macports to install dependencies. What you need is Xcode + X11
packages, then use the macosx-setup.sh to install any dependencies into
/usr/local/.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
the original function. I can use a single temp global, but that's just
ugly and won't work if we ever do multithreading.
It may be ugly, but using thread local storage for that global variable will
make it safe for multi-threading.
--
---> Dirk Jagdmann
> http:
sting this system?
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wir
name just
differ in capitalization and my brain typically wouldn't notice any difference,
so it may not make any big difference.
Side note: it may be worthwhile to add a recommendation to the check-api program
that short name and filter name should case insensitive compare equal.
--
-
ce the dissector short name is typically used as
the filter prefix. It is just confusing if slightly different strings are shown,
because they come from some other list/database.
--
---> Dirk Jagdmann
> http://cubic.
old_offset = lseek(fd, 0, SEEK_CUR); // missing error handling
lseek(fd, offset, SEEK_SET); // missing error handling
const ssize_t ret = read(fd, buf, count);
lseek(fd, old_offset, SEEK_SET); // missing error handling
return ret;
}
--
---> Dirk Jagdmann
> http://cubic.or
> I took a half-educated whack at fixing those in r51080. Thanks for pointing
> it
> out (and feel free to point out any mistakes I may have made).
It all looks reasonable, thenk you for making those changes.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> ht
while you are renaming the displayed name of this variable, the rest of the SMB2
dissector is using the term "sequence number" in many places. It's now confusing
if source code comments talk about sequence numbers and use them in hash tables,
while the dissection shows it as Message ID. To really w
s to examine SSL/TLS or DTLS (maybe
studying something generic about these kinds of encryption protocols)
the user would like to have a filter prefix that will match both use cases.
--
---> Dirk Jagdmann ^ doj / cubic
>
packets may not be matched.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: h
packets. Also there are definately
more file formats than network protocols.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://
re of the packet/file/application lifetime might work.
We should research this, write guidelines how to use C++ objects in Wireshark
and then make a decision if we want to allow C++ features everywhere.
Another advantage would be that we can use real C++ exceptions.
--
---> Dirk Jagdmann
> http:/
oid*)macros)" helps?
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscri
d just be too much effort, so I quit.
I suggest it is not worth investing time to support those non-working
old versions, as nobody seems to have complained yet (and I don't think
anybody will in the future).
--
---> Dirk Jagdmann
> http://cubic.
I've created https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8821
with my suggestion. We can continue to discuss there if/what/how we'd
like to determine the optimum number of parallel make jobs.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> h
I'm studying cmake rules in the plugin/ directory. I can not find out,
how cmake knows how to build the plugin.c file for each of the plugins.
Where is this defined?
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http:/
(personal note, my old MacBook Pro has two cores and no hyper-thread, so
personally I'm fine with 3 make jobs [note that this was the default in
the OsX build script for a long time])
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
_
_OPT" ] ; then
MAKE_BUILD_OPT="-j 3"
fi
This way the user can set custom make options, but the script has a default.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:
m 'char *' to 'struct state *' increases required
alignment from 1 to 8 [-Werror,-Wcast-align]
newaction->x.stp = (struct state *)arg;
and many more of this type. Is somebody looking into cmake builds on OsX?
--
---> Dirk Jagdmann
--
older Wireshark releases.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscrib
Note that we would still be committed to supporting OS X PPC and U3
users until Wireshark 1.10 reaches end of life in 2015.
I suggest remove OsX PPC and U3 even for the 1.10 release. Your changes
for GTK/QT sound reasonable.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-
I dont think composite tvbs actually work. or at least they didnt
work when we originally wrote the reassembly code.
They have been fixed last year. They are working for me in 1.8.x code.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.
le button, which probably has two
advantages:
- no confusion
- one less button in the bar
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailin
g the glib functions. Otherwise we would just add more code to
Wireshark and related tools for no real benefit.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wiresha
indows cmd.exe, run the vcvars32.bat script, then add the path to your
cygwin bin directory to your PATH. That should result in a shell which can run
the Microsoft tools and the cygwin tools.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
if it works for all
platform we care about. However we should also add a section to the
developer README to explain the new macros.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
__
d ett value, that's probably a better approach. It is
not a static code analysis, but if our users report on issues, it's easy
to fix them.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
#!/usr/bin/env perl
use strict;
die "usage: checkett.
thernet src/dst address + payload length
- specific protocol dissectors can create their own hashes, for example
DCE/RPC dissector can use protocol type (UUID) + Call ID; HTTP dissector
could use header key/value pairs, etc.
Via a context menu on the packet I can select which of these hashes to
me
mangling etc).
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailma
maybe mention in the developer README how to bring back verbose build output.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives
(prefs.capture_device != NULL) &&
(prefs.capture_device[0] != '\0')) {
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
cator); // or like this?
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscrib
TTP, but it should give some results. If that
doesn't work well, you'll have to look into your own custom dissector.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Se
g (for
me) from the Mac finder to Wireshark. I don't know if DnD is supported with
GTK2/X11 on Mac, but it may not be.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:
Hello Wireshark developers,
is there a way to register a cleanup function in a dissector to be
called when a file closed? I have a couple of hash tables allocated
using g_hash_table_new() that I want to free when the user closes the file.
--
---> Dirk Jagdmann
> http://cubic.or
make python a
mandatory requirement for building. It's easy to install on every major platform
we are supporting and not having to maintain the same program written is a step
in the right direction.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
--
ows, OsX and the Linux/BSD
world. Did someone start such a project? Would we prefer a certain existing
protocol/library? I could also think about simply using a multicast socket and
send messages across. This would without further effort allow Wireshark control
from different hosts.
--
-
though it can be downloaded and build fast, I prefer to only install the
minimum of support programs required to build a GTK on Mac. Since OsX tar can
handle bzip2, I prefer to use that and not install the xz program.
--
---> Dirk Jagdmann
> http://cubic.or
can remove that old release candidate, or alternatively put a
daily/weekly tarball of trunk on that page.
---> Dirk Jagdmann ^ doj / cubic
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wire
n fix them
manually later.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: ht
ASCII *and* ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN ?
Shouldn't this be ENC_ASCII | ENC_NA in this case ?
Probably. Don't expect every developer of the various dissectors to have
specified 100% correct parameters here, since a lot of combinations so
far did just work.
--
---> Dirk Jagdmann
obably a lot of work, I vote for this approach. For the 1.8
release we should emit warnings if FT_ and ENC_ don't match, then for 1.10 emit
error/exceptions, so that eventually all FT_ and ENC_ values express the real
relationshi
> Now that we require GLib 2.14 (which includes GRegex) we don't need libpcre.
> Should we remove the support for libpcre completely?
Away with it, less dependencies are always preferred.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
->
long
double" format. And 64bit of double should be enough for a nanosecond precision.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:
ll frames captures today, you'll write a filter as
"frame.time>='2011-08-02 00:00:00' && frame.time<='2011-08-02 23:59:59'"
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
lso document that these scripts exists and move them to a common
directory (probably below the tools/ directory), so people can find them
easily. At least for your mac script you should review the README.macos file,
since it probably contains outdated content as well.
---> Dirk Jagdmann ^ doj /
ntains a
similar script to install gtk and dependencies, but is no longer working.
---> Dirk Jagdmann ^ doj / cubic
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev maili
compilers and not some ad-hoc string match/replace.
---> Dirk Jagdmann ^ doj / cubic
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
Archives:http://www.wiresha
Gerald Combs wrote:
> Is there any reason we shouldn't make GLib 2.14.0 and GTK+ 2.12.0 the
> minimum required versions to build Wireshark? This would let us get rid
I don't see any reason.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-
that includes, as
> already pointed out, leaving things in a clean state for when the next
> field is added to the end of that tag.)
If only I could have expressed this so good...
--
---> Dirk Jagdmann
> http://cubic.org/~do
ting the offset is well proven throughout the code.
Having that additional integer increment will not result in wasted CPU cycles.
And if you have an incomplete dissector if the correct offset increment is used,
you will not introduce a bug when adding additional proto_items.
--
---> Dirk J
, data_size);
But tvb_get_ptr() can return NULL when out of bounds of the current packet. I
guess this condition is reached on your 6th iteration.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
> #define MYPROTO_FLAG_SAMPLING 0xf0
A better name would be
#define MYPROTO_MASK_SAMPLING 0xf0
since it is a bitmask you're defining here.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> htt
changes.
I think having one concise document which shows the way how new development
should be made is a good thing. The WSDG from the website looks like generated
from docbook. So we could generate a plain text file from that and put it a
README.developer into the sources.
---> Dirk Ja
g
systems have different default ranges and you can typically override those
defaults. See
http://en.wikipedia.org/wiki/Ephemeral_port
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
s which are
not heuristic, but if a port clash occurs the developer who wants to submit a
new dissector should convert the existing one to heuristic and make his new one
heuristic as well. Or simply live with the fact, that some other dissector might
"win the lottery" which one gets
ot;non
serial cable distribution". I guess your approach is fine then. Does it work
with your earlier applemidi dissector?
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent
that
we don't need to have a new MIDI dissection implementation for other protocols.
--
---> Dirk Jagdmann
> http://cubic.org/~doj
-> http://llg.cubic.org
___
Sent via:Wireshark-dev mailing list
A
shark.app/Contents/Resources/bin/ results in:
>
> This is fixed in trunk in revision 34583, I'll add it to the roadmap
> for released versions.
> Try the attached patch.
that patch is working for me.
---> Dirk Jagdmann ^ doj
et up a OsX
compilation environment lately and maybe has hints how to resolve all
dependencies for an Application (and eventually Package) creation?
---> Dirk Jagdmann ^ doj / cubic
> http://cubic.org/~doj
-> http://llg.cubic.org
__
65 matches
Mail list logo
