[Wireshark-bugs] [Bug 15087] Add feature to stop capture based on data content - using display filter syntax

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15087

--- Comment #2 from Dylan  ---
One implementation that meets the spirit of this enhancement is here:
https://code.wireshark.org/review/#/c/29195/

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15086] Add feature to stop capture based on data content using - capture filters syntax

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15086

Dylan  changed:

   What|Removed |Added

   Severity|Major   |Enhancement

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15087] Add feature to stop capture based on data content - using display filter syntax

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15087

Dylan  changed:

   What|Removed |Added

   Severity|Major   |Enhancement

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15086] Add feature to stop capture based on data content using - capture filters syntax

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15086

--- Comment #1 from Dylan  ---
See bigger description, use cases, etc in the other related bug:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15087 (stop based on
display filter syntax)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15087] Add feature to stop capture based on data content - using display filter syntax

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15087

--- Comment #1 from Dylan  ---
There is a large need to allow users to stop captures based on some
content found inside the capture.

There is a similar tool that exists: Dumpcap.bat
(https://wiki.wireshark.org/Tools), but it has the following limitations:
1. It's a standalone tool, which is not included with Wireshark.
2. Most users don't know it exists because of #1
3. It's Windows only
4. It relies on capture filters, instead of display filter syntax. (Most
users are more familiar with display filter syntax)
5. It requires two separate capture processes running.

Use cases:
1. We often have to let captures run for days to find one instance of a
problem. Due to the time that capture takes, and the sheer volume of
captured data, we have to use ring buffers. But, because the problem could
happen in the old ring buffer data (which was deleted) before we notice
the symptom of the issue, we have lost all relevant capture data about the
problem. There really isn't a workaround for this use case.
2. For single capture cases (non-Ring buffer), it's very convenient to
have the problem condition at the end of a capture. Then, you can just
scroll up to find the potential cause of the issue. You can still use
Wireshark (before this patch) for this use case, but you have to sift
through more data. This patch just makes this use case easier.

Related to: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15086 (stop
based on capture filter syntax)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15086] Add feature to stop capture based on data content using - capture filters syntax

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15086

Dylan  changed:

   What|Removed |Added

Summary|Add feature to stop capture |Add feature to stop capture
   |based on data content using |based on data content using
   |capture filters |- capture filters syntax

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15087] New: Add feature to stop capture based on data content - using display filter syntax

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15087

Bug ID: 15087
   Summary: Add feature to stop capture based on data content -
using display filter syntax
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: daul...@gmail.com
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
It would be nice to be able to stop captures based on the data that Wireshark
sees, using display filter syntax. Display filter syntax has a strong advantage
over capture filter syntax because:
1. It's easier to use (subjective opinion)
2. More people are familiar with display filters
3. Display filters leverage the full dissector processing

Some examples to stop a capture:
http.request.method == GET
_ws.malformed && http
etc

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15086] New: Add feature to stop capture based on data content using capture filters

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15086

Bug ID: 15086
   Summary: Add feature to stop capture based on data content
using capture filters
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: daul...@gmail.com
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
This could use capture filter (BPF) style syntax. It may make sense to have
this level of filtering enabled in libpcap, and exposed as some kind of
interface to Wireshark.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15081] Feature Request - Time since capture start

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15081

Guy Harris  changed:

   What|Removed |Added

 OS|Windows 10  |All
   Hardware|x86 |All

--- Comment #4 from Guy Harris  ---
(In reply to Peter Wu from comment #1)
> If you would like to know the capture start time, you can use the menu option
> Statistcs -> Capture File Properties

Actually, what it shows is the time stamp of the first packet in the capture,
which is not necessarily the time the capture started.

pcap files don't have any mechanism to store a capture start time; pcapng files
can store it in an Interface Statistics Block.  Some, but not all, other file
formats that Wireshark can read also store a capture start time.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15084] Plugins do not work because Wireshark searches for plugins in nonexistent directory

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15084

Alexis La Goutte  changed:

   What|Removed |Added

 CC||alexis.lagou...@gmail.com,
   ||bal...@balintreczey.hu

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15084] New: Plugins do not work because Wireshark searches for plugins in nonexistent directory

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15084

Bug ID: 15084
   Summary: Plugins do not work because Wireshark searches for
plugins in nonexistent directory
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: Ubuntu
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Build process
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: adang1...@gmail.com
  Target Milestone: ---

Created attachment 16569
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16569=edit
Help->About Wireshark->Folders reveals incorrect plugin paths

Build Information:
Wireshark 2.9.0 (v2.9.0rc0-1617-ga65ac191)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.5, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.56.1, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.14.0, with Lua 5.2.4, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with MIT
Kerberos, with MaxMind DB resolver, with nghttp2 1.30.0, with LZ4, with Snappy,
with libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.

Running on Linux 4.15.0-33-generic, with Intel(R) Core(TM) i7-7600U CPU @
2.80GHz (with SSE4.2), with 3944 MB of physical memory, with locale
en_US.UTF-8,
with libpcap version 1.8.1, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with zlib
1.2.11, binary plugins supported (0 loaded).

Built using gcc 7.3.0.
--
Overview: No plugins work when I build a Wireshark 2.9.0 Debian Package on
Ubuntu 18.04 and then install the application from the package. This is due to
Wireshark not searching in the correct folder for plugins.

To Reproduce:
1. Clone the Git development repository and enter the new directory.
git clone https://code.wireshark.org/review/wireshark
$ cd wireshark
2. Set up the build environment for Debian packages.
$ sudo tools/debian-setup.sh --install-optional
3. Build the Debian packages. If you receive an error about unmet dependencies,
then install the dependencies and retry the command. The build will take a
while to complete.
$ dpkg-buildpackage -rfakeroot -us -uc
4. Install the necessary packages for Wireshark to run. Ignore unmet dependency
errors for now if any appear; they will be fixed later. When you are asked
whether non-superusers should be able to capture packets, choose either option.
$ cd ..
$ sudo dpkg -i libwsutil0_2.9.0_amd64.deb
$ sudo dpkg -i libwireshark-data_2.9.0_all.deb
$ sudo dpkg -i libwscodecs0_2.9.0_amd64.deb
$ sudo dpkg -i libwiretap0_2.9.0_amd64.deb
$ sudo dpkg -i libwireshark0_2.9.0_amd64.deb
$ sudo dpkg -i wireshark-common_2.9.0_amd64.deb
$ sudo dpkg -i wireshark-qt_2.9.0_amd64.deb
$ sudo dpkg -i wireshark_2.9.0_amd64.deb
5. If any unmet dependencies errors appeared, then fix them.
$ sudo apt -f install
6. Open Wireshark.
$ wireshark

Problem: No plugins are active. I determined that the cause is that Wireshark
is not searching in the correct folder for plugins. In the dialog box at
Help->About Wireshark->Folders, the Global Plugins, Global Lua Plugins, and
Extcap path folders are listed, respectively, as the following.
/usr//usr/lib/x86_64-linux-gnu/wireshark/plugins/2.9
/usr//usr/lib/x86_64-linux-gnu/wireshark/plugins
/usr//usr/lib/x86_64-linux-gnu/wireshark/extcap
It appears there is an extra '/usr/' string at the beginning of these paths.
When I created a symbolic link from /usr/usr to /usr and restarted Wireshark,
all plugins started working again. This confirms that the issue is due to the
incorrect paths.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15021] ZigBee APS re-assemble with re-used sequence number

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15021

--- Comment #1 from Gerrit Code Review  ---
Change 29307 had a related patch set uploaded by Kenneth Soerensen:
[WIP] reassemble: Add fragment_add_seq_timeout that can handle missing or
re-transmitted fragments

https://code.wireshark.org/review/29307

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15081] Feature Request - Time since capture start

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15081

--- Comment #3 from Peter Wu  ---
The Capture File Properties dialog shows the elapsed time. Why would you like
to see an continously updating timer?

For your initial use case (checking how long the capture is in progress), I
thought that this manual action would be good enough. Do you have a use case
where you often need to check the capture duration?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15078] TCP Reassembly fails when the first segment is out-of-order

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15078

--- Comment #2 from Gerrit Code Review  ---
Change 29305 had a related patch set uploaded by Peter Wu:
tcp: fix OoO reassembly when the first data packet is OoO

https://code.wireshark.org/review/29305

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15083] New: sad

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15083

Bug ID: 15083
   Summary: sad
   Product: Web sites
   Version: N/A
  Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Bugzilla Spam
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: penyunata...@gmail.com
  Target Milestone: ---

Created attachment 16568
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16568=edit
sad

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15078] TCP Reassembly fails when the first segment is out-of-order

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15078

Peter Wu  changed:

   What|Removed |Added

 OS|Windows 7   |All
Summary|Wireshark still fails to|TCP Reassembly fails when
   |reassemble TCP out-of-order |the first segment is
   |segments|out-of-order
   Hardware|x86 |All
 CC||pe...@lekensteyn.nl
 Status|UNCONFIRMED |IN_PROGRESS
Version|unspecified |Git
 Ever confirmed|0   |1

--- Comment #1 from Peter Wu  ---
The current mechanism assumes that the first non-empty packet is not OoO. That
might be reasonable when a capture starts in midst of a connection, but when
the SYN packet is available, then a more reliable start can be determined.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14506] PROXY protocol (v2) support (HAproxy) for TCP: skip and maybe implement a full dissector

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14506

--- Comment #17 from cheng0201  ---
thanks, it works now after enable (Try heuristic sub-dissectors first).

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15081] Feature Request - Time since capture start

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15081

--- Comment #2 from Vladimir Gerasimov  ---
Hi Peter,
I meant not the time/date when capture was started, but live counter of time
passed since capture was started.

It could be linked with "capture start" and "capture stop" buttons.

Now I can go to Statistcs -> Capture File Properties, but it's not live and I
have to call it again and again while capture is in progress to check "time
span" value.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15081] Feature Request - Time since capture start

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15081

Peter Wu  changed:

   What|Removed |Added

 CC||pe...@lekensteyn.nl
   Severity|Major   |Enhancement

--- Comment #1 from Peter Wu  ---
If you would like to know the capture start time, you can use the menu option
Statistcs -> Capture File Properties

Would that be sufficient to address your use case?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15082] UAC jumped out several times(10 on my computer) when starting Wireshark UI. npcap restrict to Administrative access Configured.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15082

--- Comment #1 from a_skywalker1...@hotmail.com ---
P.S. Npcap I installed is from the nmap 7.70 installer, and extracted npcap
installer is "npcap-0.99-r2-oem.exe", if the word "oem" really matters somehow.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15082] New: UAC jumped out several times(10 on my computer) when starting Wireshark UI. npcap restrict to Administrative access Configured.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15082

Bug ID: 15082
   Summary: UAC jumped out several times(10 on my computer) when
starting Wireshark UI. npcap restrict to
Administrative access Configured.
   Product: Wireshark
   Version: 2.6.2
  Hardware: x86-64
OS: Windows 10
Status: UNCONFIRMED
  Severity: Minor
  Priority: Low
 Component: Capture file support (libwiretap)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: a_skywalker1...@hotmail.com
  Target Milestone: ---

Build Information:
Wireshark 2.6.2 (v2.6.2-0-g1b3cedbc)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.5, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with MaxMind DB resolver, with
nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia,
with AirPcap, with SBC, with SpanDSP, with bcg729.

Running on 64-bit Windows 10, build 10240, with Intel(R) Core(TM) i7-6500U CPU
@
2.50GHz (with SSE4.2), with 12159 MB of physical memory, with locale
English_United States.1252, with Npcap version 0.99-r2, based on libpcap
version
1.8.1, with GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap, binary plugins
supported (0 loaded).

Built using Microsoft Visual C++ 14.12 build 25835
--
Before installing wireshark, I installed nmap on my computer, and installed
npcap, too. When I was installing npcap, I set it to "Restrict driver's access
to Administrators only" for security considerations. Then I installed wireshark
and started it. It prompted me UAC 10 times in order to load all the NICs.

This maybe not your bug(as I think npcap is also a problem), and invoking UAC
might be necessary for wireshark to show the traffic on different interfaces.
But I'd also recommend you to design something like a "UAC helper" to deal with
such thing when it's really necessary to invoke commands with UAC. As that
really troubles s much and I(and possibly many other users that enabled
"restrict access to admin only") truly think this is a pain in the ass.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15081] New: Feature Request - Time since capture start

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15081

Bug ID: 15081
   Summary: Feature Request - Time since capture start
   Product: Wireshark
   Version: 2.6.2
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: g...@unitop.ua
  Target Milestone: ---

Created attachment 16567
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16567=edit
Timer wanted

Build Information:
Version 2.6.3rc0-42-gf9e8b0fa (v2.6.3rc0-42-gf9e8b0fa) 
Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later
 This is free software;
see the source for copying conditions. There is NO warranty; not even for
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
Compiled (64-bit) with Qt 5.9.5, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with MaxMind DB resolver, with
nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia,
with AirPcap, with SBC, with SpanDSP, with bcg729. 
Running on 64-bit Windows 10, build 17134, with Intel(R) Core(TM) i3-4160 CPU @
3.60GHz (with SSE4.2), with 24245 MB of physical memory, with locale
Russian_Russia.1251, with Npcap version 0.99-r7, based on libpcap version
1.8.1, with GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap, binary plugins
supported (14 loaded). Built using Microsoft Visual C++ 14.12 build 25835 
--
Hello,

It would be great to have timer in status bar that shows time passed from
capture start (see attached).
I often have packet list scrolling disabled or "seconds since beginning of
capture" column disabled and therefor have no idea how long capture is in
progress.


Regards,
Vladimir

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14474] AVTP control frames are not decoded.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14474

--- Comment #2 from Uli Heilmeier  ---
Conclusion after reading IEEE 1722-2016:

* CD bit it not used anymore:
s. IEEE 1722-2016 paragraph 1.3.1: "...For example, the cd bit of the Audio
Video Transport Protocol Data Units (AVTPDU) common header (see 4.4.3) has been
removed, but formats that used this bit in the previous revision have been
updated to have the mostsignificant bit of the subtype field set, retaining
binary compatibility..."

* The subtype 0x80 used in the capture file is not used:
s. IEEE 1722-2016 table 6: "...80 to 80(16) Reserved..."

=> @Praveen: Can you be more specific what subtype you're missing and provide a
appropriate sample capture.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com
 Resolution|--- |FIXED
 Status|UNCONFIRMED |RESOLVED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #8 from Gerrit Code Review  ---
Change 29303 merged by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat to info column

https://code.wireshark.org/review/29303

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #7 from Gerrit Code Review  ---
Change 29303 had a related patch set uploaded by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat to info column

https://code.wireshark.org/review/29303

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #6 from Gerrit Code Review  ---
Change 29302 merged by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat to info column

https://code.wireshark.org/review/29302

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #4 from Gerrit Code Review  ---
Change 29301 merged by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat to info column

https://code.wireshark.org/review/29301

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #5 from Gerrit Code Review  ---
Change 29302 had a related patch set uploaded by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat to info column

https://code.wireshark.org/review/29302

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #2 from Gerrit Code Review  ---
Change 29299 merged by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat to info column

https://code.wireshark.org/review/29299

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #3 from Gerrit Code Review  ---
Change 29301 had a related patch set uploaded by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat to info column

https://code.wireshark.org/review/29301

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14506] PROXY protocol (v2) support (HAproxy) for TCP: skip and maybe implement a full dissector

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14506

--- Comment #16 from Alexis La Goutte  ---
We support only v2 and you need to enable a Preferencd on TCP dissector to
enable subdissector heuristic (don’t remember the exact name of pref)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 15079] Heartbeat message "Info" displayed without comma separator

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079

--- Comment #1 from Gerrit Code Review  ---
Change 29299 had a related patch set uploaded by Pascal Quantin:
SSL: use col_append_sep_str() to add heartbeat request to info column

https://code.wireshark.org/review/29299

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14506] PROXY protocol (v2) support (HAproxy) for TCP: skip and maybe implement a full dissector

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14506

cheng0201  changed:

   What|Removed |Added

 CC||cheng0...@gmail.com

--- Comment #15 from cheng0201  ---
check with development branch win64 Version 2.9.0-1583-g0fa2b0bf
(v2.9.0rc0-1583-g0fa2b0bf) , it cannot get the proxy protocol packet with
filter "proxy". And when choose the proxy protocol packet to "Decode As", there
is no option for proxy.
I'm not sure I use it coorectly, could you please give some advices on how to
use proxy to decode proxy protocol packet? or is there another build is OK to
support proxy protocol?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe