Re: [Wireshark-dev] View file internals?

I think you’re looking for View -> Reload as File Format/Capture (Ctrl+Shift+F). - Chris From: Wireshark-dev On Behalf Of Anders Broman Sent: Thursday, August 10, 2023 8:27 AM To: Developer support list for Wireshark Subject: [Wireshark-dev] View file internals? Hi, How do you open a file to

Re: [Wireshark-dev] Ability to dynamically dissect in more detail?

You could add a preference to your dissector to only perform detailed dissection for a specific frame, with the default frame number being 0 so that by default no detailed dissection is performed for any frame. Then you just need to compare the frame number from the pinfo data with the frame

[Wireshark-dev] Windows builds: Spectre-mitigated libraries

I noticed in the CMakeError.log file the following: C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\MSBuild\Microsoft\VC\v160\Microsoft.CppBuild.targets(458,5): error MSB8040: Spectre-mitigated libraries are required for this project. Install them from the Visual Studio

Re: [Wireshark-dev] Building Wireshark 3.4.0 documentation on Windows

> -Original Message- > From: Wireshark-dev On Behalf Of > John Dill > Sent: Monday, November 2, 2020 11:34 AM > To: wireshark-dev@wireshark.org > Subject: Re: [Wireshark-dev] Building Wireshark 3.4.0 documentation on > Windows > > I build on Windows primarily and I've had recent issues

Re: [Wireshark-dev] Building Wireshark 3.4.0 documentation on Windows

> From: Wireshark-dev On Behalf Of Graham > Bloice > Sent: Monday, November 2, 2020 11:04 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Building Wireshark 3.4.0 documentation on Windows > > FWIW, Strawberry Perl has failed to update for me with chocolatey the last

Re: [Wireshark-dev] Building Wireshark 3.4.0 documentation on Windows

gt; On 11/1/20 2:29 PM, Graham Bloice wrote: > > > > On Sat, 31 Oct 2020 at 18:42, Maynard, Chris via Wireshark-dev d...@wireshark.org <mailto:wireshark-dev@wireshark.org>> wrote: > > > > Section 2.2.8 of the Wireshark Developer’s Guide[1] instructs you to >

Re: [Wireshark-dev] Building Wireshark 3.4.0 documentation on Windows

e-3.4/CMakeLists.txt#L1214 From: Wireshark-dev On Behalf Of Maynard, Chris via Wireshark-dev Sent: Saturday, October 31, 2020 2:42 PM To: wireshark-dev@wireshark.org Cc: Maynard, Chris Subject: [Wireshark-dev] Building Wireshark 3.4.0 documentation on Windows Section 2.2.8 of the Wireshark

[Wireshark-dev] Building Wireshark 3.4.0 documentation on Windows

Section 2.2.8 of the Wireshark Developer's Guide[1] instructs you to install asciidoctor, xsltproc and docbook if you want to build the Wireshark documentation; however, it doesn't specify the minimum version requirements of those tools. Attempting to build the documentation for the new 3.4.0

Re: [Wireshark-dev] pcapng / interface names / OPT_IDB_NAME

> -Original Message- > From: Wireshark-dev On Behalf Of > Harald Welte > Sent: Saturday, October 17, 2020 10:26 AM > To: wireshark-dev@wireshark.org > Subject: [Wireshark-dev] pcapng / interface names / OPT_IDB_NAME > > Dear wireshark developers, > > I'm currently facing a problem where I

Re: [Wireshark-dev] lua decoder accessing info from layers above

> From: Wireshark-dev On Behalf Of > qiangxiong.huang > Sent: Wednesday, October 14, 2020 11:35 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] lua decoder accessing info from layers above > > The best way is to check the pinfo. port_type to get the current

Re: [Wireshark-dev] lua decoder accessing info from layers above

> From: Wireshark-dev On Behalf Of chuck c > Sent: Wednesday, October 14, 2020 10:33 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] lua decoder accessing info from layers above > > local p_foo = Proto.new("foo", "foo") > local f_frame_protocols =

Re: [Wireshark-dev] lua decoder accessing info from layers above

> From: Wireshark-dev On Behalf Of Fulko > Hew > Sent: Monday, October 12, 2020 8:00 PM > To: Developer support list for Wireshark > Subject: [Wireshark-dev] lua decoder accessing info from layers above > > I'm trying to update/improve someone else's decoder written in Lua. > It's for a simple

[Wireshark-dev] Gitlab doesn't show all epan/dissectors/ files.

It doesn't seem to be possible to list all dissectors in a web browser anymore, and those that are listed are populated very slowly. Compare the loading of https://gitlab.com/wireshark/wireshark/-/tree/master/epan/dissectors with that of

Re: [Wireshark-dev] Filtering on a field when there is more than one such field in a Wi-Fi packet

There’s also a proposal to bring occurrence-matching to filtering in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3791, but even if this were to be implemented it would still have its limits since it would only match packets where the occurrence was the same for all packets, which isn’t

Re: [Wireshark-dev] The Wireshark wiki has a new home

> -Original Message- > From: Wireshark-dev On Behalf > Of Guy Harris > Sent: Tuesday, August 11, 2020 11:52 PM > To: Developer support list for Wireshark > Cc: Community support list for Wireshark > Subject: Re: [Wireshark-dev] The Wireshark wiki has a new home > > On Aug 11, 2020, at

Re: [Wireshark-dev] [Wireshark-commits] master 9b07412: Qt: Add a packet diagram view.

I think there are a couple of bugs associated with this change. 1) Debug is printed that probably shouldn't be. 2) Panes become empty/missing when changing the layout. Steps to reproduce: I created a pcap file containing a single mal-formed packet based on data from

[Wireshark-dev] ask.wireshark.org RSS feed

I don't seem to be receiving any messages for ask.wireshark.org via the RSS feed anymore. Am I the only one who seems affected by this or has anyone else noticed this too? I looked at my local email client's RSS settings and the feed is set to https://ask.wireshark.org/feeds/rss/. As far as

[Wireshark-dev] Windows uninstaller doesn't remove translations.

I'm building Wireshark on Windows, but I've upgraded Qt to 5.12.7. Everything is fine except when uninstalling Wireshark. It seems that Wireshark now installs the translations in C:\Program Files\Wireshark\styles\translations, but this directory isn't removed during the un-installation

Re: [Wireshark-dev] Problem in 'packet-f5ethtrailer.c'

> -Original Message- > From: Wireshark-dev On Behalf > Of Gisle Vanem > Sent: Thursday, March 19, 2020 1:33 PM > To: wireshark-dev@wireshark.org > Subject: Re: [Wireshark-dev] Problem in 'packet-f5ethtrailer.c' > > Maynard, Chris wrote: > > > Which s

Re: [Wireshark-dev] Problem in 'packet-f5ethtrailer.c'

> -Original Message- > From: Wireshark-dev On Behalf > Of Gisle Vanem > Sent: Thursday, March 19, 2020 10:41 AM > To: wireshark-dev > Subject: [Wireshark-dev] Problem in 'packet-f5ethtrailer.c' > > I'm surprised no one has come across this compile error yet: >

Re: [Wireshark-dev] [Wireshark-commits] wireshark-win64-libs rev 635: / /trunk/packages/: npcap-0.9987.exe npcap-0.9988.exe /trunk/: README.txt

"Rather serious memory leak in Npcap 0.9988. Consider reverting to 0.9987 until the next release. Thanks! " Ref: https://twitter.com/bonsaiviking/status/1239297302361247749 -Original Message- From: Wireshark-commits On Behalf Of pas...@wireshark.org Sent: Saturday, March 7, 2020 5:42

Re: [Wireshark-dev] Mixing Exported_pdu with Lua

I’m not quite sure what is meant by EXPORTED_PDU here. Maybe you could share some Lua code and provide a little more detail and context? - Chris (I don’t consider myself a Lua expert by any means, but I’ve written a number of Lua dissectors, so I guess that qualifies me as one of the

Re: [Wireshark-dev] Lua Example in Wiki - broken link

> -Original Message- > From: Wireshark-dev On Behalf > Of Adam Baxter > Sent: Friday, February 14, 2020 11:02 PM > To: wireshark-dev@wireshark.org > Subject: [Wireshark-dev] Lua Example in Wiki - broken link > > Hi all, > > https://wiki.wireshark.org/Lua/Examples has a link to >

Re: [Wireshark-dev] Unable to detect custom protocol dissector

expert_geonw = expert_register_protocol(proto_geonw); expert_register_field_array(expert_geonw, ei, array_length(ei)); Am I missing something here? Thanks again for your help. On Thu, Feb 13, 2020 at 10:50 PM Maynard, Chris via Wireshark-dev <mailto:wireshark-dev@wireshark.org> wr

Re: [Wireshark-dev] Unable to detect custom protocol dissector

I’m not sure what you’re trying to do, but there’s already a Wireshark built-in dissector for GeoNetworking[1]. If you’re trying to replace it for some reason, then you may either need to disable that one or remove it completely. And if you’re trying to implement in Lua, then you’ll need to

[Wireshark-dev] Wireshark, low MSS and CVE-2019-11477, 11478 and 11479

In light of these 3 CVE's, CVE-2019-11477, 11478 and 11479[3], and the apparently effective work-around to avoid them according to the recent December 2019 Internet Protocol Journal[4] article, "MSS Values of TCP" by Geoff Huston, should Wireshark add an Expert Info for any TCP MSS value seen

Re: [Wireshark-dev] [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta.

> -Original Message- > From: Guy Harris [mailto:g...@alum.mit.edu] > Sent: Wednesday, December 25, 2019 4:50 PM > To: Maynard, Chris > Cc: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] [Wireshark-commits] master 8d65ccf: Show > answers a

Re: [Wireshark-dev] [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta.

> -Original Message- > From: Guy Harris [mailto:g...@alum.mit.edu] > Sent: Wednesday, December 25, 2019 3:19 PM > To: Maynard, Chris > Cc: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] [Wireshark-commits] master 8d65ccf: Show > answers a

Re: [Wireshark-dev] [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta.

> -Original Message- > From: Guy Harris [mailto:g...@alum.mit.edu] > Sent: Wednesday, December 25, 2019 1:23 PM > To: Developer support list for Wireshark > Cc: Maynard, Chris > Subject: Re: [Wireshark-dev] [Wireshark-commits] master 8d65ccf: Show > answers a

Re: [Wireshark-dev] [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta.

> -Original Message- > From: Wireshark-commits [mailto:wireshark-commits-boun...@wireshark.org] > On Behalf Of Wireshark code review > Sent: Sunday, December 22, 2019 1:01 AM > To: wireshark-comm...@wireshark.org > Subject: [Wireshark-commits] master 8d65ccf: Show answers a line at a time,

Re: [Wireshark-dev] Updating to the latest version of python with choco causes a failure

> From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of > Graham Bloice > Sent: Wednesday, December 11, 2019 12:54 PM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Updating to the latest version of python with > choco causes a failure > > > Or

[Wireshark-dev] Updating to the latest version of python with choco causes a failure

I updated all choco packages including python3, but when "choco install python3" was run according to the latest instructions in the developer's guide[1], it installed Python 3.8.0, which caused a failure: CMake Error at cmake/modules/LocatePythonModule.cmake:47 (message): Could

[Wireshark-dev] c-ares version not updated

There was a bug with the c-ares 1.15.0 release where the version wasn't updated. As such, Wireshark's "About Wireshark" shows 1.14.0 instead of the proper 1.15.0 version. For example: 3.3.0 (v3.3.0rc0-114-gb098353ad9d3) Compiled (64-bit) with Qt 5.12.6, with WinPcap SDK (WpdPack)

Re: [Wireshark-dev] First experience with Visual Studio 2019

> -Original Message- > From: Gerald Combs [mailto:ger...@wireshark.org] > Sent: Friday, December 6, 2019 6:49 PM > To: Developer support list for Wireshark > Cc: Maynard, Chris > Subject: Re: [Wireshark-dev] First experience with Visual Studio 2019 > > On 12/6/19

[Wireshark-dev] First experience with Visual Studio 2019

In preparation for Wireshark 3.2.0, I installed Visual Studio 2019 today and tried to build Wireshark (yes, from the "x64 Native Tools Command Prompt for VS 2019"). The 64-bit build itself succeeded and I was able to run the compiled Wireshark.exe with "Help -> About Wireshark" details as

[Wireshark-dev] col_append_frame_number()

Why does col_append_frame_number() take a packet_info * as its first argument, whereas all other col_append_*() functions take a column_info *? Isn't this inconsistent? And why only allow a frame number to be appended - what if you want to append a frame number along with other data?

Re: [Wireshark-dev] 3.1.1 and 3.2.0 release schedule

> -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of Gerald Combs > Sent: Tuesday, November 12, 2019 7:12 PM > To: Developer support list for Wireshark > Subject: [Wireshark-dev] 3.1.1 and 3.2.0 release schedule > > A few people at

Re: [Wireshark-dev] Recursion depth limit for packet reassembly

> -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of Thomas Wiens > Sent: Saturday, November 9, 2019 7:18 AM > To: wireshark-dev@wireshark.org > Subject: [Wireshark-dev] Recursion depth limit for packet reassembly > > Hi, > > I'm working on

Re: [Wireshark-dev] Building on Windows ...

> -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of Richard Sharpe > Sent: Wednesday, November 13, 2019 11:12 AM > To: Developer support list for Wireshark > Subject: [Wireshark-dev] Building on Windows ... > > Seems there is one more

Re: [Wireshark-dev] Speex for Windows?

12:37 PM To: Developer support list for Wireshark Cc: Maynard, Chris Subject: Re: [Wireshark-dev] Speex for Windows? Hi Chris, Le lun. 8 juil. 2019 à 18:35, Maynard, Chris via Wireshark-dev mailto:wireshark-dev@wireshark.org>> a écrit : When compiling master (v3.1.0rc0-1232-gd8ad7a

[Wireshark-dev] Speex for Windows?

When compiling master (v3.1.0rc0-1232-gd8ad7a686384) on Windows, I noticed: -- Could NOT find SpeexDSP (missing: SPEEXDSP_LIBRARY SPEEXDSP_INCLUDE_DIR) ... -- The following OPTIONAL packages have not been found: * SpeexDSP , SpeexDSP is a patent-free, Open Source/Free

Re: [Wireshark-dev] Question about dissector "enhancement" / bug

You can find the download link by navigating from https://www.wireshark.org/ -> Download -> More downloads and documentation can be found on the downloads page -> Live on the Bleeding Edge: You can download source code packages and Windows installers

[Wireshark-dev] Building a custom rpm from the source tarball, post 3.0

In the old days prior to Wireshark 3.0, one could visit https://www.wireshark.org/download/src/all-versions/, download the source tarball of interest (e.g., wireshark-2.6.6.tar.xz), extract it, modify it as necessary and build both a custom Windows installer and a custom RHEL7 rpm. Beginning

Re: [Wireshark-dev] Lua debug statement not working in Wireshark 3

From https://www.wireshark.org/docs/relnotes/wireshark-3.0.0.html Major API Changes * Lua: the various logging functions (debug, info, message, warn and critical) have been removed. Use the print function instead for debugging purposes. - Chris From: Wireshark-dev

Re: [Wireshark-dev] Wireshark 3.0.1 build warning on Windows

> -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of Guy Harris > Sent: Wednesday, April 10, 2019 5:35 PM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Wireshark 3.0.1 build warning on Windows > > Check out > >

[Wireshark-dev] Wireshark 3.0.1 build warning on Windows

I noticed this warning when compiling Wireshark 3.0.0 too but forgot to report it earlier. Is anyone else seeing this warning? I don't see this warning on any of the builds with the x86 buildbot: https://buildbot.wireshark.org/wireshark-master/builders/Windows%20Server%202016%20x86 Note that

Re: [Wireshark-dev] Wireshark hosts file location

See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11470 - Chris From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Jasper Bongertz Sent: Thursday, March 21, 2019 6:38 AM To: Roland Knall ; Developer support list for Wireshark Subject: Re: [Wireshark-dev]

Re: [Wireshark-dev] Q site: not (or rarely) getting emails for followed questions

Can you check your “email alerts” settings? - Chris From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Jeff Morriss Sent: Monday, March 11, 2019 10:40 AM To: Developer support list for Wireshark Subject: [Wireshark-dev] Q site: not (or rarely) getting emails for

Re: [Wireshark-dev] use -M parameter lead to auto shut down

What version of tshark are you using and on what platform? Perhaps you could provide “tshark -v” output? If you’re not using the latest stable version (currently version 2.6.5), you could try updating. If you are using the latest stable version, then you might want to file a bug about this

Re: [Wireshark-dev] Corrupted TCP sequence number calculations?

4 Dec 2018, at 04:55, Maynard, Chris mailto:christopher.mayn...@igt.com>> wrote: I enabled the same debug and frame 10 looks good: analyze_sequence numbers frame:9 FWD list lastflags:0x base_seq:3273800524: nextseq:3273800529 lastack:3273800529 REV list lastflags:0x base_se

Re: [Wireshark-dev] Corrupted TCP sequence number calculations?

I enabled the same debug and frame 10 looks good: analyze_sequence numbers frame:9 FWD list lastflags:0x base_seq:3273800524: nextseq:3273800529 lastack:3273800529 REV list lastflags:0x base_seq:3871803454 nextseq:3871803553 lastack:3871803504 Frame:8 Seq:3871803504 Nextseq:3871803553

Re: [Wireshark-dev] Warning when building with latest Qt

Yes, I've seen the same warning. As far as I can tell, it's because qtmain.pdb was not included in the Qt 5.11.2 installation by the Qt folks. For example, compare the presence of qtmain.pdb in: C:\Qt\5.11.1\msvc2017_64\lib\ to its notable absence in C:\Qt\5.11.2\msvc2017_64\lib\. - Chris

Re: [Wireshark-dev] [Wireshark-commits] wireshark-win64-libs rev 533: /trunk/ /trunk/packages/: GeoIP-1.6.10-win64ws.zip GeoIP-1.6.6-win64ws.zip /trunk/: README.txt

: /trunk/ /trunk/packages/: GeoIP-1.6.10-win64ws.zip GeoIP-1.6.6-win64ws.zip /trunk/: README.txt Hi Chris, Le mer. 7 nov. 2018 à 17:11, Maynard, Chris mailto:christopher.mayn...@igt.com>> a écrit : I was just curious if the removal of these packages is in prepration for updated 1.6.12 pa

Re: [Wireshark-dev] [Wireshark-commits] wireshark-win64-libs rev 533: /trunk/ /trunk/packages/: GeoIP-1.6.10-win64ws.zip GeoIP-1.6.6-win64ws.zip /trunk/: README.txt

I was just curious if the removal of these packages is in prepration for updated 1.6.12 packages or if GeoIP support is being removed altogether, and if that's the case, then what might be the reason for that? Thanks. - Chris -Original Message- From: Wireshark-commits

Re: [Wireshark-dev] Bug 2.6.4 mac

The best place to report a Wireshark bug is at https://bugs.wireshark.org/bugzilla/ so it can be better tracked, although you might want to search the bug list first to see if it’s already been reported. - Chris From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Paul

[Wireshark-dev] Windows development - Qt and WSDG updates?

VS2017 is used by both the 64-bit and 32-bit buildbots, and both use Qt 5.9.5. Qt 5.9.6 has been available since June 2018[1] and 5.9.7 is supposedly due last month - should the buildbots be updated to 5.9.6 or 5.9.7 when it's released? Of course, the next LTS release, Qt 5.12, is due to be

Re: [Wireshark-dev] Does lua provide something like range strings?

> -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of Peter Wu > Sent: Tuesday, October 9, 2018 10:14 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Does lua provide something like range strings? > > Hi

[Wireshark-dev] New linker warnings compiling Wireshark on Windows

With master, I'm seeing 16 new linker warnings of the form, "LINK : warning LNK4075: ignoring '/INCREMENTAL' due to '/RELEASE' specification". It seems the buildbot is seeing them too. From

Re: [Wireshark-dev] tools/check[hf|APIs|filtername].pl need updating?

to new API... > > Cheers > > On Tue, Sep 18, 2018 at 6:05 PM Jakub Zawadzki > wrote: >> >> Hi, >> >> W dniu 2018-09-18 16:56, Maynard, Chris napisał(a): >> > While investigating the transum-related crash, I had suspected some >> >

[Wireshark-dev] tools/check[hf|APIs|filtername].pl need updating?

While investigating the transum-related crash, I had suspected some unregistered hf's and ran the various tools like checkhf.pl. I then noticed that a number of dissectors seemed to have changed a bit from what I was used to before, which lead me to the realization that at least some of these

Re: [Wireshark-dev] Unhandled exception

by default perhaps fussing is overkill, they might prolong fussing time unduly? Regards Anders From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org>> On Behalf Of Maynard, Chris Sent: den 18 september 2018 15:36 To: Developer support list for Wireshark mailto:wiresha

Re: [Wireshark-dev] Unhandled exception

uot; }, { -1, "dns.id<http://dns.id>"}, }; Regards Anders -Original Message- From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org>> On Behalf Of João Valverde Sent: den 18 september 2018 10:10 To: wireshark-dev@wireshark.org<mailto:wireshark-dev@wiresh

Re: [Wireshark-dev] Unhandled exception

Thanks for the tips Richard, but after some additional testing and some head-scratching, I discovered the source of the problem was something in my profile, because if I switched to a pristine profile, then master ran fine. Through divide-and-conquer/trial-and-error, I discovered that it was

[Wireshark-dev] Unhandled exception

Hello, Recently I've begun seeing the following unhandled exception with master when loading any capture file or attempting to capture on any interface - at least that I tried, but I haven't found any capture file or capture interface where this doesn't happen now: Unhandled exception

Re: [Wireshark-dev] Is there any way to specify remote interfaces with tshark?

The dumpcap man page[1] mentions the syntax for remote capturing, but the tshark man page[2] does not. It probably should. The same goes for "dumpcap -h" output: Usage: dumpcap [options] ... Capture interface: -iname or idx of interface (def: first non-loopback),

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

> From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of > David Aldrich > Sent: Thursday, September 6, 2018 8:38 AM > To: wireshark-dev@wireshark.org > Subject: Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths > using preferences? > > Hi Chris > > Thank

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

Small correction. > -Original Message- > > 2) What does this line do? > > > > table.insert(t, (bit.band(bit.rshift(val, i), 1) == 1 and '1') or '0') > > This shifts val right i number of bits, where i is a value between 16 and 1, > and > then tests that bit to see if it's set or not.

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

> From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of > David Aldrich > Sent: Thursday, September 6, 2018 7:01 AM > To: wireshark-dev@wireshark.org > Subject: Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths > using preferences? > > Hi Chris >  >

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

You might want to implement a function to handle this, something like so? local function dissect_RuPortId_F(tree, buffer) local t = {} local mask = 2^my_protocol.prefs.ru_port_id_width - 1 local val = bit.band(buffer(4, 2):uint(), mask) for i = 15, 0, -1 do if

Re: [Wireshark-dev] Can a Lua dissector access Wireshark preferences?

If you look at the documentation for ProtoField.new and friends[1], you can see that there’s a “mask” argument. That specifies how many bits applies to this field. So for example, below there are 2 fields, field1 is the upper nibble of a byte, field2 is the lower nibble of a byte: local

Re: [Wireshark-dev] Access to the menagerie

See https://www.wireshark.org/lists//wireshark-dev/201406/msg00253.html and

Re: [Wireshark-dev] Why is my petri-dish build failing?

> -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of Richard Sharpe > Sent: Thursday, August 2, 2018 12:22 AM > To: Developer support list for Wireshark > Subject: [Wireshark-dev] Why is my petri-dish build failing? > > Hmmm, > > I

Re: [Wireshark-dev] error building wireshark-2.6.2 on RHEL 7.3

> From: Shahar Keren (shkeren) [mailto:shke...@cisco.com] > Sent: Monday, July 30, 2018 1:07 PM > To: Maynard, Chris ; Developer support list for > Wireshark > Subject: Re: error building wireshark-2.6.2 on RHEL 7.3 > > Thanks for your replies > > Regarding Mayn

Re: [Wireshark-dev] Lua update?

mailto:pascal.quan...@gmail.com>> a écrit : Hi Chris, Le jeu. 12 juil. 2018 à 20:30, Maynard, Chris mailto:christopher.mayn...@igt.com>> a écrit : Is there any particular reason why Wireshark for Windows still ships with Lua 5.2.4? An upgrade to 5.3+ would be a welcome one. Than

[Wireshark-dev] Lua update?

Is there any particular reason why Wireshark for Windows still ships with Lua 5.2.4? An upgrade to 5.3+ would be a welcome one. Thanks. - Chris CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary,

Re: [Wireshark-dev] Didn't we just have SharkFest?

There's always another Sharkfest! ;) https://sharkfesteurope.wireshark.org/ - Chris (為什麼要嘗試用Wireshark幫助其他人？我不知道;為什麼不！) > -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of Richard Sharpe > Sent: Friday, July 6, 2018 10:30 PM > To:

Re: [Wireshark-dev] [External] Re: Problem building a dissector for 2.6

On Behalf Of Andy Ling Sent: Tuesday, May 22, 2018 5:58 AM To: 'Developer support list for Wireshark' <wireshark-dev@wireshark.org> Subject: Re: [Wireshark-dev] [External] Re: Problem building a dissector for 2.6 From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of May

Re: [Wireshark-dev] [External] Re: Problem building a dissector for 2.6

You could also try explicitly building the documentation, i.e., with all_guides.vcxproj to see if the documentation builds properly before attempting to build the NSIS prep and installer? The Windows Server 2016 x86 buildbot does this, although the Windows Server 2016 x64 buildbot does not for

Re: [Wireshark-dev] libpcap min version for Wireshark 3.0?

FYI: RHEL7 (7.2) ships with libpcap 1.5.3-8 and I’m told the latest RHEL7 (7.5) ships with 1.5.3-11. - Chris From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Roland Knall Sent: Thursday, April 26, 2018 6:44 AM To: Developer support list for Wireshark

Re: [Wireshark-dev] Doxygen causing build error

es the "ALL" flag so that shouldn't > happen. > > I'm not sure if it's worth the effort to try to make doxygen.cfg compatible > with > Cygwin. I'll upload a change that tries to avoid building with it. > > > On 4/21/18 11:57 PM, Roland Knall wrote: > > Cygwins

Re: [Wireshark-dev] Windows builds

PLATFORM should be set to x64 not win64. When in doubt, I find it very useful to check the environment of the buildbots: https://buildbot.wireshark.org/wireshark-master/waterfall. - Chris From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Dario Lombardo Sent: Sunday,

[Wireshark-dev] Doxygen causing build error

Has anyone successfully compiled Wireshark on Windows with Doxygen installed? I have Cygwin's doxygen installed, but Wireshark fails to build after this commit: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ad84eec866713b2f75e9b11a30468b81be7d3d5e. I noticed that neither

[Wireshark-dev] /Qspectre

For Win32/64 developers, the Wireshark Developer's Guide currently mentions "Microsoft Visual Studio 2015 Community Edition" as the compiler to download and install[1]. That is the version I'm currently running. Here are the relevant details: Microsoft Visual Studio Community 2015

Re: [Wireshark-dev] Test

I'm not aware of any constraints with respect to URL's. Here's a test of your message with the original URL you intended to write; let's see if this goes through ... - Chris Hi, Is there anyone who knows of an updated sharktooks that works with the latest wireshark (2.2+) ?

Re: [Wireshark-dev] TCP reassembling and also difference in WS 2.4.2 and WS_2.5_Master in qt_ui

I think for the first issue with reassembly failing due to out-of-order packets, there is already a bug opened: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13517 As for the related packet symbols not being shown on the master branch, that appears to be a new bug that should be reported

Re: [Wireshark-dev] Wireshark Help on UHD-Display

From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Alfred Bauer Sent: Sunday, December 3, 2017 1:27 PM To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] Wireshark Help on UHD-Display Hi. i have a new laptop from HP (ENVY) with UHD Display 17.3", (Resolution

Re: [Wireshark-dev] Lua question for dissectors

From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Roland Knall Sent: Thursday, November 30, 2017 9:11 AM To: Developer support list for Wireshark Subject: [Wireshark-dev] Lua question for dissectors Hi Just a short question, can anyone

Re: [Wireshark-dev] Processing packet before exporting it.

> -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On > Behalf Of João Valverde > Sent: Thursday, November 23, 2017 7:14 PM > To: wireshark-dev@wireshark.org > Subject: Re: [Wireshark-dev] Processing packet before exporting it. > > > > On 22-11-2017

Re: [Wireshark-dev] Filter expression aliases and parameterization ...

Does a Wireshark Display Filter Macro[1] work for you? Analyze -> Display Filter Macros -> [+] Name: wlan_beacon Text: wlan.fc.type_subtype == 0x19 [OK] To use it: ${wlan_beacon} - Chris [1]: https://www.wireshark.org/docs/wsug_html_chunked/ChDisplayFilterMacrosSection.html

Re: [Wireshark-dev] Removing existing coloring filter for Wireshark 2.4.0 for Mac OSX

I would refer you to my answer to this question: https://ask.wireshark.org/questions/63045/impossible-to-edit-the-color-rule Basically, delete your colorfilters file(s) from your personal configuration directory, then copy over the default colorfilters file from the Wireshark installation

[Wireshark-dev] Wiki file attachment problem

I noticed today that I am no longer able to delete or overwrite file attachments on https://wiki.wireshark.org/Tools. Is it possible to get permission to do so again? Regards, - Chris CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or

Re: [Wireshark-dev] linux package requirements for wireshark build

The last line of tools/install_rpms_for_devel.sh is: echo "This tool has been obsoleted by tools/rpm-setup.sh" So would it be better to use tools/rpm-setup.sh instead? Whichever one is recommend, maybe it would be a good idea to mention it in the Wireshark developer’s guide, such as in Section

Re: [Wireshark-dev] My Windows build seemed to be going so well until ...

> Sigh. There is something really weird about my cygwin setup. I managed to get > past the previous problems and now am hitting this: > >"C:\Development\wsbuild64\Wireshark.sln" (default target) (1) -> >"C:\Development\wsbuild64\docbook\all_guides.vcxproj.metaproj" > (default

Re: [Wireshark-dev] stable[32|64].xml

g> > Subject: Re: [Wireshark-dev] stable[32|64].xml > > On 5/4/17 9:56 AM, Maynard, Chris wrote: > > Can someone please share the latest stable32.xml and stable64.xml > > files for automatic updates? It seems that the format has changed, > > but I can’t tell what it sh

Re: [Wireshark-dev] stable[32|64].xml

OK, according to https://sparkle-project.org/documentation/publishing/#publishing-an-update, it seems updates MUST be served up over HTTPS now. - Chris From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Maynard, Chris Sent: Thursday, May 4, 2017 12:57 PM

[Wireshark-dev] stable[32|64].xml

Can someone please share the latest stable32.xml and stable64.xml files for automatic updates? It seems that the format has changed, but I can't tell what it should be because "Check for updates..." now uses a secure connection so the information is encrypted. The format is useful to know if

Re: [Wireshark-dev] 'No "ACK" from receiver, failed to send data' question is inaccessible.

It seems the problem has been fixed. If someone did something to fix it, then thank you! And if not, then you can disregard. - Chris From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Maynard, Chris Sent: Monday, May 1, 2017 2:01 PM

[Wireshark-dev] 'No "ACK" from receiver, failed to send data' question is inaccessible.

I was going to follow up on a question[1], but I encountered a system error trying to open it. No other questions seem to be affected, so it seems strange that this one is. Not sure what to make of it or if there's anything that can be done to fix it, but I thought I'd report it. 500 Server

[Wireshark-dev] Nsis installer build location

Is there some particular reason why the Wireshark NSIS installer is built in tree and not in the build directory like the portableapps installer is? - Chris -- CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain

Re: [Wireshark-dev] Bugzilla is unreachable

e ware trying to fix > >> it, please check back a little bit later > >> > >> cheers, > >> Roland > >> > >> On Wed, Apr 26, 2017 at 3:44 PM, Maynard, Chris > >> <christopher.mayn...@igt.com <mailto:christopher.mayn...@igt.com>>

  1   2   3   4   5   6   >