[Wireshark-bugs] [Bug 5514] New: GIT : malformed packet
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5514 Summary: GIT : malformed packet Product: Wireshark Version: SVN Platform: Other OS/Version: All Status: NEW Severity: Minor Priority: Low Component: Wireshark AssignedTo: wireshark-bugs@wireshark.org ReportedBy: toralf.foers...@gmx.de Build Information: Paste the COMPLETE build information from Help-About Wireshark, wireshark -v, or tshark -v. -- At the command line I get : tfoer...@n22 ~/devel/linux-2.6 $ git pull fatal: The remote end hung up unexpectedly the stream is attached. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5514] GIT : malformed packet
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5514 --- Comment #1 from Toralf Förster toralf.foers...@gmx.de 2010-12-22 02:17:15 PST --- Created an attachment (id=5654) -- (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5654) GIT packet stream -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5514] GIT : malformed packet
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5514 Alexis La Goutte alexis.lagou...@gmail.com changed: What|Removed |Added CC||alexis.lagou...@gmail.com --- Comment #2 from Alexis La Goutte alexis.lagou...@gmail.com 2010-12-22 03:27:33 PST --- Hi The packet work with release 1.4.* The bug come from revision 34776 ( http://anonsvn.wireshark.org/viewvc?view=revrevision=34776 ) Accurately subtvb = tvb_new_subset(tvb, offset+4, plen-4, plen-4); - ti2 = proto_tree_add_item(git_tree, hf_git_packet_data, tvb, offset+4, + proto_tree_add_item(git_tree, hf_git_packet_data, subtvb, offset+4, plen-4, FALSE); (the tvb is change to subtvb) I joint a patch to fix this issue (i also remove subtvb, it is not used in this code...) -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5514] GIT : malformed packet
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5514 Alexis La Goutte alexis.lagou...@gmail.com changed: What|Removed |Added Attachment #5655||review_for_checkin? Flag|| --- Comment #3 from Alexis La Goutte alexis.lagou...@gmail.com 2010-12-22 03:28:06 PST --- Created an attachment (id=5655) -- (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5655) Patch to fix Git Issue -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 4300] DTN: Bundle Protocol Control flag length check is incorrect
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4300 --- Comment #7 from Jaap Keuter jaap.keu...@xs4all.nl 2010-12-22 12:51:28 CET --- (In reply to comment #6) sdnv_length is a variable field so it is fine to check if sdnv_length 1, but sdnv_length 1 || sdnv_length 4 is not correct because there is a possibility that the length will be greater than 4. Currently (r35242) the check is for ' 1' (which signals an error condition in the SDNV decoder), and ' sizeof(gint64)' (in evaluate_sdnv_64()). As far as I can tell this is at least enough to hold the bundle processing control flags. In theory the SDNV could be longer than that (imagine near infinite leading zeros), but we have to cross over into fixed size types somewhere, so a size limit has to be imposed. As far as I'm concerned this bug can be closed as 'FIXED'. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5514] GIT : malformed packet
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5514 Stig Bjørlykke s...@bjorlykke.org changed: What|Removed |Added Status|NEW |RESOLVED CC||s...@bjorlykke.org Resolution||FIXED -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5514] GIT : malformed packet
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5514 Stig Bjørlykke s...@bjorlykke.org changed: What|Removed |Added Attachment #5655|review_for_checkin? |review_for_checkin+ Flag|| --- Comment #4 from Stig Bjørlykke s...@bjorlykke.org 2010-12-22 05:19:55 PST --- (From update of attachment 5655) Whops, my fault. Committed revision 35243. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 4300] DTN: Bundle Protocol Control flag length check is incorrect
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4300 Chris Maynard christopher.mayn...@gtech.com changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #8 from Chris Maynard christopher.mayn...@gtech.com 2010-12-22 06:39:36 PST --- (In reply to comment #7) As far as I'm concerned this bug can be closed as 'FIXED'. So it shall be. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5500] failed assertion in ISAKMP dissector (proto.c:4002)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5500 Alexis La Goutte alexis.lagou...@gmail.com changed: What|Removed |Added Attachment #5656||review_for_checkin? Flag|| --- Comment #2 from Alexis La Goutte alexis.lagou...@gmail.com 2010-12-22 06:42:47 PST --- Created an attachment (id=5656) -- (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5656) Patch to fix a typo error Hi, I search to fix this issue... The problem come from 2 call proto_tree_move_item (line 4603 and 4624 from file packet-isakmp.c) i not found yet the solution but find a typo error.. (Oups !) -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5515] New: The MAC of a switch which appears in captures doesn't match with the real one.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5515 Summary: The MAC of a switch which appears in captures doesn't match with the real one. Product: Wireshark Version: 1.4.2 Platform: Other OS/Version: Windows XP Status: NEW Severity: Major Priority: Low Component: Wireshark AssignedTo: wireshark-bugs@wireshark.org ReportedBy: leticia.roque...@es.non.schneider-electric.com Build Information: Version 1.4.2 (SVN Rev 34959 from /trunk-1.4) Copyright 1998-2010 Gerald Combs ger...@wireshark.org and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (32-bit) with GTK+ 2.16.6, with GLib 2.22.4, with WinPcap (version unknown), with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Nov 18 2010), with AirPcap. Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch 1_0_rel0b (20091008), GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap. Built using Microsoft Visual C++ 9.0 build 30729 Wireshark is Open Source Software released under the GNU General Public License. Check the man page and http://www.wireshark.org for more information. -- I have 4 switches from telemecanique. Each one have his mac in a sticker, I have verified that is true with the software Ethernet switch configurator. When I sniff with wireshark it doesn't show the correct mac, for example: real MAC: 00 80 63 40 FF 4A wireshark MAC: 00 80 63 40 FF 54 This happends with every switch. I have try with a PLC M340 and wireshark shors the correct MAC. Can you help me? -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 4338] mp2t: Implementing PCR clock measurements and analysis
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4338 --- Comment #4 from Chris Maynard christopher.mayn...@gtech.com 2010-12-22 07:49:50 PST --- (In reply to comment #2) You can't really depend on that, we might go multithreaded (gasp). I think the only proper way is using a tap. Is that still a concern ... that we *might* go multithreaded? -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5500] failed assertion in ISAKMP dissector (proto.c:4002)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5500 --- Comment #3 from Jaap Keuter jaap.keu...@xs4all.nl 2010-12-22 17:46:09 CET --- (In reply to comment #2) Created an attachment (id=5656) -- (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5656) [details] Patch to fix a typo error ... i not found yet the solution but find a typo error.. (Oups !) Still works though. :) -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 4338] mp2t: Implementing PCR clock measurements and analysis
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4338 --- Comment #5 from Jaap Keuter jaap.keu...@xs4all.nl 2010-12-22 17:47:55 CET --- (In reply to comment #4) (In reply to comment #2) You can't really depend on that, we might go multithreaded (gasp). I think the only proper way is using a tap. Is that still a concern ... that we *might* go multithreaded? Yes, or multidocument. We should at least code in that direction. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5279] Replace Mark All Displayed Packets (toggle) with Invert All Displayed Marked/Unmarked Packets
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5279 --- Comment #9 from Sake s...@euronet.nl 2010-12-22 09:29:04 PST --- OK 100% score for option 1 ;-) I implemented option 1 in revision 35244. Chris, could you check whether this indeed provides enough flexibility for (un)marking sets of packets? I also looked at the Ignore options, but I believe they can be left as is. It kind of makes sense to be able to un-ignore all ignored packet independent of the current displayed packets. Unignoring only displayed packets is kind of useless as they are only shown when || frame.ignored==1 is used as display filter. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5279] Replace Mark All Displayed Packets (toggle) with Invert All Displayed Marked/Unmarked Packets
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5279 Chris Maynard christopher.mayn...@gtech.com changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #10 from Chris Maynard christopher.mayn...@gtech.com 2010-12-22 10:28:49 PST --- (In reply to comment #9) I implemented option 1 in revision 35244. Chris, could you check whether this indeed provides enough flexibility for (un)marking sets of packets? Thanks Sake! The new mark/unmark behavior makes a lot more sense now and I think it provides all the flexibility needed. I also looked at the Ignore options, but I believe they can be left as is. It kind of makes sense to be able to un-ignore all ignored packet independent of the current displayed packets. Unignoring only displayed packets is kind of useless as they are only shown when || frame.ignored==1 is used as display filter. I hadn't really played around too much with the ignore packet feature before, so I didn't realize those packets would not show up at all if a display filter was applied. So, because they don't show up as Ignored like they do when there's no display filter applied, I agree with you in that there's no point changing the existing behavior for ignored packets. If that ever changes (i.e., ignored packets that also match a display filter show up as Ignored, then I think it would make sense to change it similarly. Until then, closing the bug as fixed. Thanks again. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5513] Prepare Filter in RTP Streams dialog does not work correctly
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5513 Jaap Keuter jaap.keu...@xs4all.nl changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #2 from Jaap Keuter jaap.keu...@xs4all.nl 2010-12-22 21:25:28 CET --- Slightly different version committed revision 35247. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5279] Replace Mark All Displayed Packets (toggle) with Invert All Displayed Marked/Unmarked Packets
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5279 --- Comment #11 from Sake s...@euronet.nl 2010-12-22 12:42:45 PST --- (In reply to comment #10) (In reply to comment #9) I implemented option 1 in revision 35244. Chris, could you check whether this indeed provides enough flexibility for (un)marking sets of packets? Thanks Sake! The new mark/unmark behavior makes a lot more sense now and I think it provides all the flexibility needed. You're very welcome! If that ever changes (i.e., ignored packets that also match a display filter show up as Ignored, then I think it would make sense to change it similarly. Until then, closing the bug as fixed. Thanks again. Well, the whole point of ignoring packets is to prevent them from being dissected. I use it mostly when there is the same traffic on two vlans. This breaks TCP analysis as each packet is seen twice. Selecting all packets from one vlan and ignoring all of those returns TCP analysis for the other vlan :-) -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5515] The MAC of a switch which appears in captures doesn't match with the real one.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5515 Sake s...@euronet.nl changed: What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID --- Comment #1 from Sake s...@euronet.nl 2010-12-22 12:55:32 PST --- You can best ask your reseller or the Telemecanique support channel for assistance. Wireshark shows the mac-addresses as they are seen on the wire. You can check this also by looking at the arp-table of a directly connected device. Ping the switch first and then do a 'arp -an'. Just a tip: many Layer3 devices own a whole range of mac-addresses as they may need mac-addresses for many purposes. This might be the case here as well. Closing as INVALID as this is not a Wireshark problem. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5516] New: Server 2008: tshark -i - doesn't work like it does on windows XP
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5516 Summary: Server 2008: tshark -i - doesn't work like it does on windows XP Product: Wireshark Version: 1.4.2 Platform: x86-64 OS/Version: Windows Server 2008 Status: NEW Severity: Normal Priority: Low Component: TShark AssignedTo: wireshark-bugs@wireshark.org ReportedBy: cr...@alcatel-lucent.com Build Information: The NPF driver isn't running. You may have trouble capturing or listing interfaces. TShark 1.4.2 (SVN Rev 34959 from /trunk-1.4) Copyright 1998-2010 Gerald Combs ger...@wireshark.org and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (32-bit) with GLib 2.22.4, with WinPcap (version unknown), with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with MIT Kerberos, with GeoIP. Running on 32-bit Windows Server 2008 R2, build 7600, without WinPcap. Built using Microsoft Visual C++ 9.0 build 30729 -- I'm downloading and installing the wireshark windows PortableApps (32-bit) onto a x86 64-bit machine running windows server 2008. I'm comparing running tshark from here, with the same installation running on a 32-bit laptop with windows XP. When I'm on my windows xp machine, both the following commands work fine: tshark -i - IN05a.pcap tshark -r IN05a.pcap If I run the exact same commands on a windows server 2008 machine, the -i fails but the -r works. Here's what I see for the failing -i command: === The NPF driver isn't running. You may have trouble capturing or listing interfaces. tshark: WinPcap couldn't be found. Unable to load WinPcap (wpcap.dll); TShark will not be able to capture packets. In order to capture packets, WinPcap must be installed; see http://www.winpcap.org/ or the mirror at http://www.mirrors.wiretapped.net/security/packet-capture/winpcap/ or the mirror at http://winpcap.cs.pu.edu.tw/ for a downloadable version of WinPcap and for instructions on how to install WinPcap. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5279] Replace Mark All Displayed Packets (toggle) with Invert All Displayed Marked/Unmarked Packets
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5279 --- Comment #12 from Chris Maynard christopher.mayn...@gtech.com 2010-12-22 14:24:58 PST --- (In reply to comment #11) Well, the whole point of ignoring packets is to prevent them from being dissected. True. But actually there are other display filters that will cause ignored packets to still be displayed. Most (if not all?) would be due to the various frame.xyz filters, and not necessarily just because of frame.ignored==1. For example, if a display filter of frame.number X is applied and there are ignored packets somewhere within frames 1-(X-1), then the ignored packets will still be displayed. Or if you're looking at packets within a certain time interval, you might use frame.time_relative X frame.time_relative Y, but if there are ignored packets within that interval, then they'll still be displayed. You can imagine other similar cases when applying other such frame filters involving frame.length, frame contains, etc. So it's not completely out of the question then that one might be interested in only un-ignoring those frames that match those various frame filters in order to find out what those particular frames are, but still leave any other ignored packets as ignored. There's obviously a very small subset of the overall display filters where ignored packets could still be displayed, so perhaps it's not worth it. Or maybe it is? -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5496] IEC60870-5-104: fix computing of milliseconds in CP56time2a and add bitstring of 32 bits and step position support (ASDU types 5, 7, 32, 33, 47, 51, 60 and 64)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5496 Jaap Keuter jaap.keu...@xs4all.nl changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #2 from Jaap Keuter jaap.keu...@xs4all.nl 2010-12-23 00:28:45 CET --- Committed revision 35249. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 4393] Error when compiling due to uninitialized variables and -Werror flag
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4393 Chris Maynard christopher.mayn...@gtech.com changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #8 from Chris Maynard christopher.mayn...@gtech.com 2010-12-22 16:12:14 PST --- Looks like confounder was initialized in rev 33709, required because update_vars could be set to 1 but confounder left uninitialized if tvb_bytes_exist() had returned 0. I don't think the other two need to be initialized because update_vars is initialized to 0, so the only way for digest and encrypted_seq to be used in the if(update_vars) block is if the first if block had been entered, those variables initialized and update_vars set to 1. Closing as fixed. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 4397] Wireshark crashes when capturing packets at random on OS X 10.6.2 Server (Snow Leopard)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4397 --- Comment #6 from Chris Maynard christopher.mayn...@gtech.com 2010-12-22 16:46:38 PST --- (In reply to comment #5) Will follow-up shortly. Any update? We're now at 1.4.2 on the stable branch and 1.5.0-SVN-35249 on the development branch. http://www.wireshark.org/download.html http://www.wireshark.org/download/automated/osx/ -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 4409] minor bug in bgp dissector
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4409 Chris Maynard christopher.mayn...@gtech.com changed: What|Removed |Added Attachment #5657||review_for_checkin? Flag|| --- Comment #3 from Chris Maynard christopher.mayn...@gtech.com 2010-12-22 19:03:33 PST --- Created an attachment (id=5657) -- (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5657) Properly define and dissect BGP_EXT_COM_LINKBAND. I reviewed the latest IETF draft document and relevant RFC's. Attached is my proposed patch, which I'll commit soon unless I hear otherwise. References: Section 2 of http://tools.ietf.org/html/draft-ietf-idr-link-bandwidth-01 Sections 2 and 3.1 of http://tools.ietf.org/html/rfc4360 http://www.iana.org/assignments/bgp-extended-communities -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5501] command line options don't work in OSX
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5501 --- Comment #2 from Chris Welsh rednectar.ch...@gmail.com 2010-12-22 20:50:19 PST --- (In reply to comment #1) OS X GUI applications don't take that sort of command-line option. In addition, as Wireshark is, even on OS X, an X11-based app, the OS X binary distribution wraps it in a wrapper program that's an OS X GUI app binary. /Applications/Wireshark.app/Contents/MacOS/Wireshark is that binary; it is *not* the Wireshark binary itself. The Wireshark binary is in /Applications/Wireshark.app/Contents/Resources/bin/wireshark-bin, but it's not runnable from there. To be able to run Wireshark from the command line, you need to install the wrapper scripts in, for example, /usr/local/bin - when the dmg is opened, it has the Wireshark item to drag to /Applications (a symbolic link for which is also in the top-level directory of the dmg), and it also has a Read me first file and a Utilities folder. Open the Utilities folder, and it has a Command Line folder. Open the Command Line folder and drag everything in it to /usr/local/bin (or copy them from the command line if you want). With that done, /usr/local/bin/wireshark is the script to run Wireshark from the command line: /usr/local/bin/wireshark -r /Sources/Captures/GNS3/SW1_to_SW2.cap (or, if /usr/local/bin is in your path, just wireshark -r /Sources/Captures/GNS3/SW1_to_SW2.cap and you can also leave the -r out. Alternatively, for files with extensions for which an application has been registered, the open command can be used to open the file from the command line. Once you've installed Wireshark from the dmg, you could, for example, do open /Sources/Captures/GNS3/SW1_to_SW2.cap (In reply to comment #1) Guy - thanks so much. I've posted a link to this reply on GNS3.net so others can read it - to think that in the end all I had to do to get Wireshark launched with the required file opened was simply open filename. Too easy. Be assured I really appreciate the time you took to answer this, and I've learned a few other morsels about OSX into the bargain. Thanks again. CW OS X GUI applications don't take that sort of command-line option. In addition, as Wireshark is, even on OS X, an X11-based app, the OS X binary distribution wraps it in a wrapper program that's an OS X GUI app binary. /Applications/Wireshark.app/Contents/MacOS/Wireshark is that binary; it is *not* the Wireshark binary itself. The Wireshark binary is in /Applications/Wireshark.app/Contents/Resources/bin/wireshark-bin, but it's not runnable from there. To be able to run Wireshark from the command line, you need to install the wrapper scripts in, for example, /usr/local/bin - when the dmg is opened, it has the Wireshark item to drag to /Applications (a symbolic link for which is also in the top-level directory of the dmg), and it also has a Read me first file and a Utilities folder. Open the Utilities folder, and it has a Command Line folder. Open the Command Line folder and drag everything in it to /usr/local/bin (or copy them from the command line if you want). With that done, /usr/local/bin/wireshark is the script to run Wireshark from the command line: /usr/local/bin/wireshark -r /Sources/Captures/GNS3/SW1_to_SW2.cap (or, if /usr/local/bin is in your path, just wireshark -r /Sources/Captures/GNS3/SW1_to_SW2.cap and you can also leave the -r out. Alternatively, for files with extensions for which an application has been registered, the open command can be used to open the file from the command line. Once you've installed Wireshark from the dmg, you could, for example, do open /Sources/Captures/GNS3/SW1_to_SW2.cap -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 5516] Server 2008: tshark -i - doesn't work like it does on windows XP
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5516 --- Comment #1 from Stephen Fisher st...@stephen-fisher.com 2010-12-22 23:10:04 MST --- (In reply to comment #0) The NPF driver isn't running. You may have trouble capturing or listing interfaces. I'm downloading and installing the wireshark windows PortableApps (32-bit) When I'm on my windows xp machine, both the following commands work fine: The NPF driver isn't running. You may have trouble capturing or listing interfaces. tshark: WinPcap couldn't be found. That's exactly the problem - WinPcap isn't installed. Even when running via PortableApps, you have to install WinPcap on the system itself unless something has changed that I missed. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. ___ Sent via:Wireshark-bugs mailing list wireshark-bugs@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
