date:20180109

[Wireshark-bugs] [Bug 14304] Data field of BGP NOTIFICATION message (OPEN/Bad Peer AS) is not dissected

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14304

Uli Heilmeier  changed:

   What|Removed |Added

 Status|CONFIRMED   |RESOLVED
 Resolution|--- |FIXED
 CC||u...@heilmeier.eu

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14305] [Proposal] Dissect special BGP AS 23456 as AS_TRANS

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14305

Uli Heilmeier  changed:

   What|Removed |Added

 Status|IN_PROGRESS |RESOLVED
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14305] [Proposal] Dissect special BGP AS 23456 as AS_TRANS

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14305

--- Comment #4 from Gerrit Code Review  ---
Change 25172 merged by Anders Broman:
BGP: Resolve AS23456 to AS_TRANS

https://code.wireshark.org/review/25172

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14266] In a WiFi capture log, the 11ac “beamformed” and TXOP_PS_NOT_ALLOWED bits are shown as “true” in radiotap and “false” in "802.11 radio"

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14266

--- Comment #29 from Guy Harris  ---
(In reply to zpchi004 from comment #28)
> Yes. It didn't work with 2.4.2, but does work with 2.4.3.

There is no change between the 2.4.2 and 2.4.3 code that would obviously have
fixed this bug.  The radiotap dissector wasn't even changed between 2.4.2 and
2.4.3; the "802.11 radio information" dissector was changed, but not in any way
that would obviously have affected this.

Perhaps either 1) there's a compiler bug that the 2.4.2 code stumbles across
but the 2.4.3 code doesn't or 2) there's an underlying bug in the code and some
of the changes in 2.4.3 hide it.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14318] ui/gtk/about_dlg.c:480:3: error: ‘resultArray’ undeclared, 482:7: error: ‘i’ undeclared during compilation

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14318

--- Comment #1 from Garri  ---
Have to say, I use neither libsmi nor GeoIP.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14304] Data field of BGP NOTIFICATION message (OPEN/Bad Peer AS) is not dissected

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14304

--- Comment #4 from Gerrit Code Review  ---
Change 25217 merged by Anders Broman:
BGP: Add dissection of data field on BGP NOTIFICATION message (OPEN/Bad Peer
AS)

https://code.wireshark.org/review/25217

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14318] ui/gtk/about_dlg.c:480:3: error: ‘resultArray’ undeclared, 482:7: error: ‘i’ undeclared during compilation

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14318

Garri  changed:

   What|Removed |Added

  Component|GTK+ UI |Build process

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14266] In a WiFi capture log, the 11ac “beamformed” and TXOP_PS_NOT_ALLOWED bits are shown as “true” in radiotap and “false” in "802.11 radio"

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14266

--- Comment #28 from zpchi...@yahoo.com ---
Yes. It didn't work with 2.4.2, but does work with 2.4.3.

No matter, beamformed packet is the first one, or the last one, or the one in
the middle, all "true/false" fields are correct.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14266] In a WiFi capture log, the 11ac “beamformed” and TXOP_PS_NOT_ALLOWED bits are shown as “true” in radiotap and “false” in "802.11 radio"

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14266

--- Comment #27 from Guy Harris  ---
(In reply to zpchi004 from comment #26)
> Hi Guy,
> 
> It looks like the bug is fixed with the latest release. Could you confirm?

I don't have a capture with which to test, so I can't "confirm" in the sense of
"it doesn't work with an older release but it does work with a newer release".

I can, however, check what's different, if anything, between the release where
it works and the release where it doesn't.  Are you saying it didn't work with
2.4.2, but does work with 2.4.3?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14266] In a WiFi capture log, the 11ac “beamformed” and TXOP_PS_NOT_ALLOWED bits are shown as “true” in radiotap and “false” in "802.11 radio"

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14266

--- Comment #26 from zpchi...@yahoo.com ---
Hi Guy,

It looks like the bug is fixed with the latest release. Could you confirm?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14299] There should be an invalid check for pinfo->dst in mrdisc

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14299

Gerald Combs  changed:

   What|Removed |Added

   See Also||https://bugs.wireshark.org/
   ||bugzilla/show_bug.cgi?id=13
   ||707

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13707] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-mrdisc.c:183:13

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13707

Gerald Combs  changed:

   What|Removed |Added

   See Also||https://bugs.wireshark.org/
   ||bugzilla/show_bug.cgi?id=14
   ||299

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14297] There are two missing bounds check for m_ptr array in get_signature_ts function in wiretap/vwr.c file

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297

--- Comment #7 from Young  ---
(In reply to Gerald Combs from comment #5)
> This doesn't appear to be exploitable or cause a denial of service, and
> therefore doesn't appear to warrant a CVE ID. If it does please let me know.

It will cause the application to crash (DoS). 
This issue is similar to bug 11791.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14297] There are two missing bounds check for m_ptr array in get_signature_ts function in wiretap/vwr.c file

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297

--- Comment #6 from Young  ---
(In reply to Gerrit Code Review from comment #4)
> Change 25229 had a related patch set uploaded by Gerald Combs:
> IxVeriWave: Adjust signature timestamp checking.
> 
> https://code.wireshark.org/review/25229

In my opinion, the logic of fix is wrong in function get_signature_ts.

Below is the correct logic.
if (sig_off + 15 >= sig_max)
return 0;

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

--- Comment #8 from Gerald Combs  ---
This doesn't appear to be exploitable or cause a denial of service using our
standard (wmem) memory allocator, and therefore doesn't appear to warrant a CVE
ID. If it does please let me know.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14297] There are two missing bounds check for m_ptr array in get_signature_ts function in wiretap/vwr.c file

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297

--- Comment #5 from Gerald Combs  ---
This doesn't appear to be exploitable or cause a denial of service, and
therefore doesn't appear to warrant a CVE ID. If it does please let me know.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

--- Comment #7 from Gerrit Code Review  ---
Change 25234 merged by Gerald Combs:
WCP: Add a length check.

https://code.wireshark.org/review/25234

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

--- Comment #6 from Gerrit Code Review  ---
Change 25233 merged by Gerald Combs:
WCP: Add a length check.

https://code.wireshark.org/review/25233

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

Gerald Combs  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

--- Comment #5 from Gerrit Code Review  ---
Change 25234 had a related patch set uploaded by Gerald Combs:
WCP: Add a length check.

https://code.wireshark.org/review/25234

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

--- Comment #4 from Gerrit Code Review  ---
Change 25233 had a related patch set uploaded by Gerald Combs:
WCP: Add a length check.

https://code.wireshark.org/review/25233

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14314] extcap tools fail on assert started_with_special_privs

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14314

--- Comment #6 from Gerrit Code Review  ---
Change 25194 merged by Anders Broman:
wiretap: add a parameter to wtap_init() indicating whether plugins must be
loaded

https://code.wireshark.org/review/25194

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

--- Comment #3 from Gerrit Code Review  ---
Change 25230 merged by Anders Broman:
WCP: Add a length check.

https://code.wireshark.org/review/25230

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14270] NTP read ordered list command is not dissected

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14270

--- Comment #2 from Gerrit Code Review  ---
Change 25232 had a related patch set uploaded by Uli Heilmeier:
NTP: Update values for opcode

https://code.wireshark.org/review/25232

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

--- Comment #2 from Gerrit Code Review  ---
Change 25230 had a related patch set uploaded by Gerald Combs:
WCP: Add a length check.

https://code.wireshark.org/review/25230

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14251] Heap out of bounds read in wcp_uncompress()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251

Gerald Combs  changed:

   What|Removed |Added

  Group|private |

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14270] NTP read ordered list command is not dissected

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14270

Uli Heilmeier  changed:

   What|Removed |Added

 Status|CONFIRMED   |IN_PROGRESS
 CC||u...@heilmeier.eu

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14184] Add Stream Number to UDP and TCP Conversation Statistics window

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14184

--- Comment #3 from Chris S  ---
Thank you! I knew I remembered being able to vote before, but I guess my eyes
kept skipping over it this time.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14184] Add Stream Number to UDP and TCP Conversation Statistics window

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14184

--- Comment #2 from Christopher Maynard  ---
(In reply to Chris S from comment #1)
> It doesn't look like this site allows for up votes, ...

The site does allow votes.  If you look above next to "Importance: ...", you
should see "(vote)".

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14319] Unable to add custom port to protocol

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14319

--- Comment #1 from Christopher Maynard  ---
(In reply to Caleb Beau Horton from comment #0)
> Version 2.4.3 (v2.4.3-0-g368ba1ee37)

> Attempted to add port 7539 to the SSH protocol. SSH protocol shows only port
> 22. Added this by appending ',7539' to the port box. Pressed 'OK'. Then
> re-opened 'Preferences' and those changes were not saved.

This simply isn't supported with version 2.4.3, which is the version you
reported that you're using.  Port ranges *are* supported in master though[1],
so you could try using a recent automated build from
https://www.wireshark.org/download/automated/win64/ if you wish.

The "Decode As" feature should still work though.  Either right-click on a
packet of interest in the Packet Details pane and choose "Decode As..." or
navigate to the "Decode As" window via "Analyze -> Decode As..."[2], then add a
new entry and fill out the information for that entry, selecting "SSH" from the
"Current" drop-down protocol list to decode the traffic on port 7539 as ssh
traffic.

[1]:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=880c2aa04ff2bbff6f1b1df286da3cc6c829bc69

[2]:
https://www.wireshark.org/docs/wsug_html_chunked/ChCustProtocolDissectionSection.html#ChAdvDecodeAs

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14313] dumpcap unconditionally enables the kernel's BPF JIT compiler

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14313

--- Comment #7 from Gerrit Code Review  ---
Change 25207 merged by Gerald Combs:
Do not automatically enable the linux kernel's BPF JIT compiler

https://code.wireshark.org/review/25207

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14297] There are two missing bounds check for m_ptr array in get_signature_ts function in wiretap/vwr.c file

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297

--- Comment #4 from Gerrit Code Review  ---
Change 25229 had a related patch set uploaded by Gerald Combs:
IxVeriWave: Adjust signature timestamp checking.

https://code.wireshark.org/review/25229

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14253] Stack overflow in cond_some()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

--- Comment #13 from Gerrit Code Review  ---
Change 25228 merged by Gerald Combs:
Fix tvbparse recursion limit check.

https://code.wireshark.org/review/25228

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14253] Stack overflow in cond_some()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

--- Comment #12 from Gerrit Code Review  ---
Change 25227 merged by Gerald Combs:
Fix tvbparse recursion limit check.

https://code.wireshark.org/review/25227

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14297] There are two missing bounds check for m_ptr array in get_signature_ts function in wiretap/vwr.c file

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297

Gerald Combs  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |IN_PROGRESS

--- Comment #3 from Gerald Combs  ---
(In reply to Young from comment #2)
> As you mentioned, there are checks for m_ptr's bound before calling function
> get_signature_ts.
> However, in my opinion, there is still a one-byte-off read bug.
> 
> Suppose that, mdsu_length is 15 and sig_off is 0. Then check for m_ptr is
> satisfied in line 1802. However, if the function get_signature_ts try to
> access m_ptr[sig_off+15], there will be a one-byte-off read bug.
> 
> So, the correct check should like this.
> 
> if ((m_ptr[sig_off] == 0xdd) && (sig_off + 15 < msdu_length) && (f_flow !=
> 0))
> sig_ts = get_signature_ts(m_ptr, sig_off);
> 
> The same as line 1036 and line 1456.

Gotcha. Reopening the bug.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14319] New: Unable to add custom port to protocol

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14319

Bug ID: 14319
   Summary: Unable to add custom port to protocol
   Product: Wireshark
   Version: 2.4.3
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: kg5...@gmail.com
  Target Milestone: ---

Build Information:
Version 2.4.3 (v2.4.3-0-g368ba1ee37)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.3, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP, with nghttp2 1.14.0,
with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap,
with
SBC, with SpanDSP.

Running on 64-bit Windows 10, build 16299, with Intel(R) Core(TM) i5-4300M CPU
@
2.60GHz (with SSE4.2), with 8089 MB of physical memory, with locale
English_United States.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap.

Built using Microsoft Visual C++ 14.0 build 24215
--
Attempted to add port 7539 to the SSH protocol. SSH protocol shows only port
22. Added this by appending ',7539' to the port box. Pressed 'OK'. Then
re-opened 'Preferences' and those changes were not saved.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14184] Add Stream Number to UDP and TCP Conversation Statistics window

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14184

--- Comment #1 from Chris S  ---
It doesn't look like this site allows for up votes, but I was just coming here
to suggest this same thing. Looks like Laura beat me to it :) This would be a
VERY useful feature.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14184] Add Stream Number to UDP and TCP Conversation Statistics window

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14184

Chris S  changed:

   What|Removed |Added

 CC||chrisser...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Pascal Quantin  changed:

   What|Removed |Added

 Status|CONFIRMED   |INCOMPLETE

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Christoph Wurm  changed:

   What|Removed |Added

 CC||w...@elastic.co

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14318] ui/gtk/about_dlg.c:480:3: error: ‘resultArray’ undeclared, 482:7: error: ‘i’ undeclared during compilation

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14318

Garri  changed:

   What|Removed |Added

Summary|about_dlg.c:480:3: error:   |ui/gtk/about_dlg.c:480:3:
   |‘resultArray’ undeclared,   |error: ‘resultArray’
   |about_dlg.c:482:7: error:   |undeclared, 482:7: error:
   |‘i’ undeclared  |‘i’ undeclared during
   ||compilation

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14318] New: about_dlg.c:480:3: error: ‘resultArray’ undeclared, about_dlg.c:482:7: error: ‘i’ undeclared

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14318

Bug ID: 14318
   Summary: about_dlg.c:480:3: error: ‘resultArray’ undeclared,
about_dlg.c:482:7: error: ‘i’ undeclared
   Product: Wireshark
   Version: Git
  Hardware: x86-64
OS: Gentoo
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: GTK+ UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: g.djavad...@gmail.com
  Target Milestone: ---

Build Information:
latest git
--
Hello,

I the following commit has removed extcap conditional blocks:

---
commit e80b40adbe823be084fb49cd84336939916120bb
Author: Dario Lombardo 
Date:   Sat Jan 6 21:39:26 2018 +0100

extcap: remove conditional compilation.


@@ -401,7 +397,7 @@ about_folders_page_new(void)
   char *path;
   static const gchar *titles[] = { "Name", "Folder", "Typical Files"};
   GtkWidget*scrolledwindow;
-#if defined(HAVE_LIBSMI) || defined(HAVE_GEOIP) || defined(HAVE_EXTCAP)
+#if defined(HAVE_LIBSMI) || defined(HAVE_GEOIP)
   gint  i;
   gchar   **resultArray;
 #endif
@@ -478,7 +474,6 @@ about_folders_page_new(void)
   "lua scripts");
 #endif

-#ifdef HAVE_EXTCAP
   /* extcap */
   constpath = get_extcap_dir();

@@ -488,7 +483,6 @@ about_folders_page_new(void)
 about_folders_row(table, "Extcap path", g_strstrip(resultArray[i]),
   "Extcap Plugins search path");
   g_strfreev(resultArray);
-#endif

 #ifdef HAVE_GEOIP
   /* GeoIP */

---



But the required variables are declared only in conditional block:

#if defined(HAVE_LIBSMI) || defined(HAVE_GEOIP)
  gint  i;
  gchar   **resultArray;
#endif



Thanks in advance!

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14253] Stack overflow in cond_some()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

--- Comment #11 from Gerrit Code Review  ---
Change 25228 had a related patch set uploaded by Gerald Combs:
Fix tvbparse recursion limit check.

https://code.wireshark.org/review/25228

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14253] Stack overflow in cond_some()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

--- Comment #10 from Gerrit Code Review  ---
Change 25227 had a related patch set uploaded by Gerald Combs:
Fix tvbparse recursion limit check.

https://code.wireshark.org/review/25227

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14253] Stack overflow in cond_some()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

--- Comment #9 from Gerrit Code Review  ---
Change 25226 merged by Gerald Combs:
Fix tvbparse recursion limit check.

https://code.wireshark.org/review/25226

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14317] New: I/O grap shows nothing

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14317

Bug ID: 14317
   Summary: I/O grap shows nothing
   Product: Wireshark
   Version: 2.5.x (Experimental)
  Hardware: x86-64
OS: Debian
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: patrick@linux.com
  Target Milestone: ---

Created attachment 16065
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16065&action=edit
I/O graph doesn't display anything

Build Information:
Compiled (64-bit) with Qt 5.9.2, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.54.2, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.13.0, with Lua 5.1.5, with GnuTLS 3.5.16, with Gcrypt 1.8.1, with MIT
Kerberos, with GeoIP, with nghttp2 1.28.0, with LZ4, with Snappy, with libxml2
2.9.4, with QtMultimedia, with SBC, with SpanDSP, with bcg729.

Running on Linux 4.14.0-2-amd64, with Intel(R) Core(TM) i5-5250U CPU @ 1.60GHz
(with SSE4.2), with 3857 MB of physical memory, with locale en_GB.UTF-8, with
libpcap version 1.8.1, with GnuTLS 3.5.16, with Gcrypt 1.8.1, with zlib 1.2.8,
binary plugins supported (0 loaded).

Built using gcc 7.2.0.

--
When I open the I/O graph (while capturing or with a trace file loded from the
harddrive) the mouse become very slows for a while and it seems like the I/O
graph is not opening.

After a while when the mouse response returns to normal, the I/O grap seems to
be openen in a pop-under and not a pop-up as expected.

Also, the graph doesn't display anything (see screenshot).

to reproduce:
1. open wireshark 2.5.0
2. open a trace file/start a capture
3. open the I/O Graph

Patrick

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14316] New: segfault when swithing profiles

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14316

Bug ID: 14316
   Summary: segfault when swithing profiles
   Product: Wireshark
   Version: 2.4.3
  Hardware: x86-64
OS: Debian
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: patrick@linux.com
  Target Milestone: ---

Build Information:
Compiled (64-bit) with Qt 5.9.2, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.54.2, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.13.0, with Lua 5.1.5, with GnuTLS 3.5.16, with Gcrypt 1.8.1, with MIT
Kerberos, with GeoIP, with nghttp2 1.28.0, with LZ4, with Snappy, with libxml2
2.9.4, with QtMultimedia, without AirPcap, with SBC, with SpanDSP.

Running on Linux 4.14.0-2-amd64, with Intel(R) Core(TM) i5-5250U CPU @ 1.60GHz
(with SSE4.2), with 3857 MB of physical memory, with locale en_GB.UTF-8, with
libpcap version 1.8.1, with GnuTLS 3.5.16, with Gcrypt 1.8.1, with zlib 1.2.8.

Built using gcc 7.2.0.
--
When I load an "old" profile (like the Nmap Detection profile from the
wiresharkbook website located here:
(http://wiresharkbook.com/studyguide_supplements/9781893939943-wireshark_configs.zip))
and switch back to another profile wireshark segfaults.

This happens on my Debian system with both 2.4.3 and the 2.5.0 development
build.
Both are compiled from source with the folowing parameters:
./configure --prefix=/usr --enable-setuid-install
--with-dumpcap-group=wireshark --enable-tfshark=yes --with-gtk=3 --with-qt=5

to reproduce:
1. copy "Nmap Detection" profile to personal preferences directory
2. start wireshark
3. Select the Nmap Detection profile
4. Select another profile

When I check the color rules I also notice that the first rule is disabled (I
guess it's incompatiblee with the new system ?) and when I close it Wireshark
also gives an error message that there are invalid coloring rules (it only
shows this after opening the coloring rules preferences).

when I start wireshark in the console I get a pretty long list of errors, all
related to the fact that it's an older incompatible profile I think. 

wireshark
15:59:21  Warn Obsolete preference "gui.scrollbar_on_right" at line 10
of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn Obsolete preference "gui.packet_list_sel_browse" at line
14 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn Obsolete preference "gui.protocol_tree_sel_browse" at
line 18 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn Preference "column.format" has been converted to
"gui.column.format"
Save your preferences to make this change permanent.
15:59:21  Warn No such preference "agentx.tcp.agentx_port" at line 262
of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn Obsolete preference "ah.place_ah_payload_in_subtree" at
line 266 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn Obsolete preference "alc.default.udp_port.enabled" at
line 274 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "artnet.udp_port" at line 339 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "artnet.dmx_disp_chan_val_type" at
line 344 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "artnet.dmx_disp_chan_nr_type" at
line 349 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "artnet.dmx_disp_col_count" at line
354 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "asn1.tcp_ports" at line 358 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "asn1.udp_ports" at line 362 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "asn1.sctp_ports" at line 366 of
/home/analyzer/.config/wireshark/profiles/Nmap Detection/preferences (save
preferences to remove this warning)
15:59:21  Warn No such preference "asn1.desegment_messages" at

[Wireshark-bugs] [Bug 14253] Stack overflow in cond_some()

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

Stig Bjørlykke  changed:

   What|Removed |Added

 Status|RESOLVED|CONFIRMED
 Resolution|FIXED   |---
 Ever confirmed|0   |1
 CC||s...@bjorlykke.org

--- Comment #8 from Stig Bjørlykke  ---
The first fix seems to have broken json parsing.

A fix for this is proposed here:
https://code.wireshark.org/review/25226/

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12958] Wrong JSON format returned by new -T json feature

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12958

Pascal Quantin  changed:

   What|Removed |Added

   See Also||https://bugs.wireshark.org/
   ||bugzilla/show_bug.cgi?id=14
   ||315

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com

--- Comment #1 from Pascal Quantin  ---
Hi Elias,

I'm not sure I understood your request properly, but JSON key deduplication was
tracked by bug 12958 that is solved in master branch. Could you give it a try?

Thanks,
Pascal.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Pascal Quantin  changed:

   What|Removed |Added

   See Also||https://bugs.wireshark.org/
   ||bugzilla/show_bug.cgi?id=12
   ||958

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

elias abou hamad  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |CONFIRMED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

elias abou hamad  changed:

   What|Removed |Added

   Priority|Low |High

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] New: -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Bug ID: 14315
   Summary: -T ek enterprise private entry
   Product: Wireshark
   Version: 2.4.3
  Hardware: x86-64
OS: Ubuntu
Status: UNCONFIRMED
  Severity: Critical
  Priority: Low
 Component: TShark
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: elias.abouha...@idm.net.lb
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.4.3 (Git v2.4.3 packaged as 2.4.3-1~xenial1)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.48.2, with zlib 1.2.8, with SMI 0.4.8, with c-ares 1.10.0, with Lua
5.2.4, with GnuTLS 3.4.10, with Gcrypt 1.6.5, with MIT Kerberos, with GeoIP,
with nghttp2 1.7.1, with LZ4, with Snappy, with libxml2 2.9.3.

Running on Linux 4.4.0-104-generic, with Intel(R) Core(TM)2 Duo CPU E7200 
@
2.53GHz, with 3942 MB of physical memory, with locale LC_CTYPE=en_US.UTF-8,
LC_NUMERIC=ar_LB.UTF-8, LC_TIME=ar_LB.UTF-8, LC_COLLATE=en_US.UTF-8,
LC_MONETARY=ar_LB.UTF-8, LC_MESSAGES=en_US.UTF-8, LC_PAPER=ar_LB.UTF-8,
LC_NAME=ar_LB.UTF-8, LC_ADDRESS=ar_LB.UTF-8, LC_TELEPHONE=ar_LB.UTF-8,
LC_MEASUREMENT=ar_LB.UTF-8, LC_IDENTIFICATION=ar_LB.UTF-8, with libpcap version
1.7.4, with GnuTLS 3.4.10, with Gcrypt 1.6.5, with zlib 1.2.8.

Built using gcc 5.4.0 20160609.
--
Dear All,

Please note that wen im using tshark to collect IPFIX v10 from Procera Device
using the -T ek i have a small issue that i have the same duplicate key
"text_cflow_enterprise_private_entry" . on the other hand once use -T json the
key well be enterprise_private_entry.ID , the ID is the private enterprise ID
could we have to do this in the -T ek to avoid duplicate key and stored it in
elastic-search and how we can extract the templates to do the elastic mapping.





json Example : {"timestamp" : "1515480481323", "layers" : {"frame":
{"filtered": "frame"},"eth": {"filtered": "eth"},"ip": {"filtered":
"ip"},"udp": {"filtered": "udp"},"cflow": {"cflow_cflow_version":
"10","cflow_cflow_len": "1461","cflow_cflow_timestamp": "Jan  9, 2018
08:48:01.0 EET","cflow_timestamp_cflow_exporttime":
"1515480481","cflow_cflow_sequence": "1661603079","cflow_cflow_od_id":
"2880943041","cflow_text": "Set 1 [id=33145] (11
flows)","text_cflow_flowset_id": "33145","text_cflow_flowset_length":
"1445","text_cflow_template_frame": "84162","text_text": "Flow
1","text_cflow_timedelta": "1.0","cflow_timedelta_cflow_abstimestart":
"Jan  9, 2018 08:48:00.0 EET","cflow_timedelta_cflow_abstimeend": "Jan 
9, 2018 08:48:01.0 EET","text_cflow_protocol":
"6","text_cflow_post_natsource_ipv4_address":
"10.3.73.213","text_cflow_post_natdestination_ipv4_address":
"162.125.1.1","text_cflow_post_naptdestination_transport_port":
"443","text_cflow_srcport": "49712","text_cflow_enterprise_private_entry":
"","cflow_enterprise_private_entry_cflow_string_len_short":
"0","text_cflow_enterprise_private_entry":
"42:65:69:6e:67:20:61:6e:61:6c:79:7a:65:64","cflow_enterprise_private_entry_cflow_string_len_short":
"14","text_cflow_enterprise_private_entry":
"42:65:69:6e:67:20:61:6e:61:6c:79:7a:65:64","cflow_enterprise_private_entry_cflow_string_len_short":
"14","text_cflow_enterprise_private_entry": "00:00","text_cflow_outputint":
"121","text_cflow_enterprise_private_entry":
"","cflow_enterprise_private_entry_cflow_string_len_short":
"0","text_cflow_srcaddr": "10.3.73.213","text_cflow_srcaddrv6":
"::","text_cflow_srcas": "0","text_cflow_dstas": "0","text_cflow_dstaddrv6":
"::","text_cflow_dstaddr": "162.125.1.1","text_cflow_dstport":
"443","text_cflow_permanent_octets": "706","text_cflow_inputint":
"121","text_cflow_permanent_packets": "7","text_text": "Flow
2","text_cflow_timedelta": "20.0","cflow_timedelta_cflow_abstimestart":
"Jan  9, 2018 08:47:41.0 EET","cflow_timedelta_cflow_abstimeend": "Jan 
9, 2018 08:48:01.0 EET","text_cflow_protocol":
"17","text_cflow_post_natsource_ipv4_address":
"10.210.30.68","text_cflow_post_natdestination_ipv4_address":
"8.8.8.8","text_cflow_post_naptdestination_transport_port":
"53","text_cflow_srcport": "61021","text_cflow_enterprise_private_entry":
"","cflow_enterprise_private_entry_cflow_string_len_short":
"0","text_cflow_enterprise_private_entry":
"44:4e:53","cflow_enterprise_private_entry_cflow_string_len_short":
"3","text_cflow_enterprise_private_entry":
"44:4e:53","cflow_enterprise_private_entry_cflow_string_len_short":
"3","text_cflow_enterprise_private_entry": "00:00","text_cflow_outputint":
"131","text_cflow_enterprise_private_entry":
"","cflow_enterprise_private_entry_cfl

[Wireshark-bugs] [Bug 8557] Remote interfaces are not saved

2018-01-09 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8557

--- Comment #20 from Gerrit Code Review  ---
Change 25067 merged by Michael Mann:
Populate Remote Interfaces with data from recent file

https://code.wireshark.org/review/25067

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

55 matches

Mail list logo