Re: [Wireshark-dev] wiretap function wtap_open_offline fails with SIGSEGV

2018-05-03 Thread Martin Sehnoutka
. gboolean ok = wtap_read(wth, &err, &errinfo, &data_offset); wtap_rec *rec = wtap_get_rec(wth); cout << "\ndrop count: "; if (rec->presence_flags & WTAP_HAS_DROP_COUNT) ... Is it implemented? Regards, -- Martin Sehnoutka | Associate Software

[Wireshark-dev] wiretap function wtap_open_offline fails with SIGSEGV

2018-05-03 Thread Martin Sehnoutka
ap_opttypes.c:191 #1 0x77b3e531 in wtap_open_offline (filename=, type=0, err=0x7fffe3d4, err_info=0x7fffe3c8, do_random=0) at file_access.c:837 #2 0x00400be0 in main (argc=2, argv=0x7fffe4c8) at ../main.cpp:21 Any ideas what goes wrong here? It fails on a function call, t

[Wireshark-dev] Using /var/tmp instead of /tmp

2017-06-29 Thread Martin Sehnoutka
just wondering why is it Fedora specific. -- Martin Sehnoutka | Associate Software Engineer PGP: 5FD64AF5 UTC+1 (CET) RED HAT | TRIED. TESTED. TRUSTED. signature.asc Description: OpenPGP digital signature ___ Sent via:Wire

[Wireshark-dev] Default snaplen in man page

2017-03-27 Thread Martin Sehnoutka
44 When running wireshark it indeed seems like the default value is 262144 (it drops the same amount of packets, as it does without specifying any snaplen). Should I fill in a bug report? Regards, -- Martin Sehnoutka | Associate Software Engineer PGP: 5FD64AF5 UTC+1 (CET) RED HAT | TRIED.

Re: [Wireshark-dev] Redhat binaries

2016-12-22 Thread Martin Sehnoutka
this package and the link to the GUI package is better in my opinion. We also have a Qt package (wireshark-qt) and a cli package (wireshark-cli)*. You can install all of them and choose GUI version using 'update-alternatives'. * https://koji.fedoraproject.org/koji/buildinfo?buildID=818878

[Wireshark-dev] Segfault when running older Wireshark with capture from CVE-2013-4075

2016-11-11 Thread Martin Sehnoutka
still not handled: https://github.com/msehnout/wireshark/blob/master/epan/dissectors/packet-gmr1_bcch.c#L1091 Thanks for any advice. Martin -- Martin Sehnoutka | Associate Software Engineer PGP: 5FD64AF5 UTC+1 (CET) RED HAT | TRIED. TESTED. TRUSTED. ___

[Wireshark-dev] question about tshark output

2016-08-03 Thread Martin Sehnoutka
Tfields -e tcp.len -e frame.len -e data.len -E separator=, | head --lines=5 0,74, 0,74, 0,66, 139,205,139 0,66, Now, tcp.len is displayed as 0, but data.len is empty. Is it by design? Does it mean "not applicable"? Best regards, -- Martin Sehnoutka Associate Software Engineer Brno,