[Wireshark-dev] Get "Malformed Packet" for 802.11 Beacon frames on Windows

Hi list, I have enabled 802.11 control and management frames capture on Windows using Npcap. I found that the Beacon frames are marked as "Malformed Packet" by Wireshark 2.0.2. The false trace of the No. 40 packet is here: (BTW, is there any simple copy text method for a packet in Wireshark,

[Wireshark-dev] Fake MAC addresses in text2pcap and "Import from hex dump"

When synthesizing an Ethernet header, text2pcap uses 0a:02:02:02:02:02 as the destination address and 0a:01:01:01:01:01 as the source address, while "Import from hex dump" uses 20:52:45:43:56:00 as the destination and 20:53:45:4E:44:00 as the source. Is there some reason why they're different?

Re: [Wireshark-dev] checkapi

On 11 April 2016 at 19:37, Guy Harris wrote: > On Apr 11, 2016, at 7:29 AM, Jeff Morriss > wrote: > > > On Sun, Apr 10, 2016 at 4:44 PM, Graham Bloice < > graham.blo...@trihedral.com> wrote: > > > >> After creating an initial change to add checkAPI

Re: [Wireshark-dev] compiling asn.1 dissectors in Linux

On 11-04-2016 21:33, Guy Harris wrote: On Apr 11, 2016, at 1:13 PM, Born In wrote: Thank you. Was able to get past this. Have another seemingly basic question. How do you append a suffix to the version number of custom compiled version of wireshark? The Windows method

Re: [Wireshark-dev] compiling asn.1 dissectors in Linux

On Apr 11, 2016, at 1:13 PM, Born In wrote: > Thank you. Was able to get past this. > > Have another seemingly basic question. How do you append a suffix to the > version number of custom compiled version of wireshark? > The Windows method of using an environment variable

Re: [Wireshark-dev] checkapi

On Apr 11, 2016, at 7:29 AM, Jeff Morriss wrote: > On Sun, Apr 10, 2016 at 4:44 PM, Graham Bloice > wrote: > >> After creating an initial change to add checkAPI to CMake builds, following >> the current checks done by nmake, I got the

Re: [Wireshark-dev] compiling asn.1 dissectors in Linux

On Apr 11, 2016, at 10:48 AM, d3c1...@yahoo.com wrote: > How do I regenerate ASN.1 based dissectors when I change some .asn and .cfg > files in wireshark/epan/dissectors/asn1/lte-rrc/ ? cd epan/dissectors/asn1/lte-rrc make > I know about it in Windows (thanks to Pascal), but

Re: [Wireshark-dev] checkapi

On Mon, Apr 11, 2016 at 12:45 PM, Graham Bloice wrote: > > > > On 11 April 2016 at 16:54, Jeff Morriss wrote: > >> >> >> On Mon, Apr 11, 2016 at 11:36 AM, Graham Bloice < >> graham.blo...@trihedral.com> wrote: >> >>> >>> >>> On 11 April

Re: [Wireshark-dev] checkapi

On 11 April 2016 at 16:54, Jeff Morriss wrote: > > > On Mon, Apr 11, 2016 at 11:36 AM, Graham Bloice < > graham.blo...@trihedral.com> wrote: > >> >> >> On 11 April 2016 at 16:03, Jeff Morriss >> wrote: >> >>> >>> >>> On Mon, Apr 11, 2016 at

Re: [Wireshark-dev] checkapi

On Mon, Apr 11, 2016 at 11:36 AM, Graham Bloice wrote: > > > On 11 April 2016 at 16:03, Jeff Morriss wrote: > >> >> >> On Mon, Apr 11, 2016 at 10:29 AM, Jeff Morriss > > wrote: >> >>> >>> On Sun, Apr 10, 2016

Re: [Wireshark-dev] checkapi

On 11 April 2016 at 16:03, Jeff Morriss wrote: > > > On Mon, Apr 11, 2016 at 10:29 AM, Jeff Morriss > wrote: > >> >> On Sun, Apr 10, 2016 at 4:44 PM, Graham Bloice < >> graham.blo...@trihedral.com> wrote: >> >>> After creating an initial

Re: [Wireshark-dev] checkapi

On Mon, Apr 11, 2016 at 10:29 AM, Jeff Morriss wrote: > > CUSTOMBUILD : error : Found prohibited APIs in inet_aton.c: >> htonl,isascii,isdigit,islower,isspace,isxdigit >>

Re: [Wireshark-dev] checkapi

On Mon, Apr 11, 2016 at 10:29 AM, Jeff Morriss wrote: > > On Sun, Apr 10, 2016 at 4:44 PM, Graham Bloice < > graham.blo...@trihedral.com> wrote: > >> After creating an initial change to add checkAPI to CMake builds, >> following the current checks done by nmake, I got

Re: [Wireshark-dev] checkapi

On Sun, Apr 10, 2016 at 4:44 PM, Graham Bloice wrote: > After creating an initial change to add checkAPI to CMake builds, > following the current checks done by nmake, I got the attached (massaged) > output. > > While there are some warnings to be fixed up, I'm more