Re: [Wireshark-dev] Switch master and PD Windows builders to Visual Studio 2019?

Hi, C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\IDE\CommonExtensions\Microsoft\CMake\CMake\bin>cmake --version cmake version 3.14.19060802-MSVC_2 Regards Anders From: Wireshark-dev On Behalf Of Graham Bloice Sent: den 11 september 2019 11:58 To: Developer

[Wireshark-dev] Warnings from Qt

Hi, Recently I'm getting: 16:14:09.906 Main Warn DirectWrite: CreateFontFaceFromHDC() failed (Indicates an error in an input file such as a font file.) for QFontDef(Family="Fixedsys", pointsize=9.75, pixelsize=15, styleHint=5, weight=50, stretch=100, hintingPreference=0)

Re: [Wireshark-dev] Accessing Mystery Case Studies under Wire Shark

Hi, No idea what you are talking about. /Regards Anders From: Wireshark-dev On Behalf Of St John, John Arthur Sent: den 7 november 2019 01:12 To: wireshark-dev@wireshark.org Cc: St John, John Arthur Subject: [Wireshark-dev] Accessing Mystery Case Studies under Wire Shark Good Day

Re: [Wireshark-dev] Brotli decompression

Hi, On Windows it should be included, check About Wireshark Regards Anders -Original Message- From: Wireshark-dev On Behalf Of Jasper Bongertz Sent: den 19 december 2019 13:30 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] Brotli decompression Hello all, I found this in

Re: [Wireshark-dev] Unable to detect custom protocol dissector

From: Wireshark-dev On Behalf Of Graham Bloice Sent: den 13 februari 2020 11:09 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Unable to detect custom protocol dissector Does your custom build of Wireshark include Lua? What does the Help | About Wireshark |

Re: [Wireshark-dev] Unable to detect custom protocol dissector

Hi, I don’t write Lua code but try Dissector.get(name) Using gnw as name Regards Anders From: Wireshark-dev On Behalf Of sandip gangakhedkar Sent: den 13 februari 2020 23:11 To: Developer support list for

Re: [Wireshark-dev] Mixing Exported_pdu with Lua

Hi, I do not do LUA code but did you do Proto.new(name, desc) and then use that name to call the dissector? @lua guys: Does that register the LUA dissector by name? or do you do it some other way? Regards Anders From:

Re: [Wireshark-dev] Bypassing the first layer

the link, for future reference? On Wed, Jan 15, 2020 at 2:15 PM Juanjo Martin Carrascosa mailto:jua...@rti.com> > wrote: Found the presentation, this is fantastic. Thanks! On Wed, Jan 15, 2020 at 12:58 PM Anders Broman via Wireshark-dev mailto:wireshark-dev@wireshark.o

Re: [Wireshark-dev] Bypassing the first layer

Hi, In the frame layer there is the “Encapsulation type” the way the pcap format works this indicates how the data following should be interpreted. Linktype/encapsulation type is defined at https://www.tcpdump.org/linktypes.html so one thing you could

Re: [Wireshark-dev] q on catching error in sub-dissectors.

-Original Message- From: Wireshark-dev On Behalf Of João Valverde Sent: den 21 januari 2020 15:47 To: wireshark-dev@wireshark.org Subject: Re: [Wireshark-dev] q on catching error in sub-dissectors. On 21/01/20 14:33, Christian Hopps wrote: > So I've got a payload of packets in a

Re: [Wireshark-dev] HTTP2 headers not dissected

, 2020 at 03:11:01PM +, Anders Broman via Wireshark-dev wrote: > It seems like at least in some cases when there is multiple HTTP2 > streams the header fields are not decoded but if > > Packets belonging to that stream is put in a separate trace file > decoding works. Can

[Wireshark-dev] HTTP2 decryption test fails

Hi, https://code.wireshark.org/review/#/c/36851/ seems to make the test fail. Not sure what the problem might be. Can someone take a look? Regards Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent

[Wireshark-dev] Wireshark wiki on portable aps

Hi, This page may need some love  Is it built with cmake? Regards Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent via:Wireshark-dev mailing list Archives:

[Wireshark-dev] HTTP2 headers not dissected

Hi, It seems like at least in some cases when there is multiple HTTP2 streams the header fields are not decoded but if Packets belonging to that stream is put in a separate trace file decoding works. Best regards Anders smime.p7s Description: S/MIME cryptographic signature

Re: [Wireshark-dev] Dissecting http2 traffic

0:18AM +, Anders Broman via Wireshark-dev wrote: > Hi, > > I think there is a demand to dissect http2 traffic where all packets in a > session is not captured. This is currently not possible. > > As the http2 protocol creates dynamic data for compression/decompression and >

[Wireshark-dev] Dissecting http2 traffic

Hi, I think there is a demand to dissect http2 traffic where all packets in a session is not captured. This is currently not possible. As the http2 protocol creates dynamic data for compression/decompression and if the packet adding a new index to the index table is not Present then that header

Re: [Wireshark-dev] Build without LUA fails

From: Pascal Quantin Sent: den 17 mars 2020 10:13 To: Developer support list for Wireshark Cc: Anders Broman Subject: Re: [Wireshark-dev] Build without LUA fails Hi Anders, Le mar. 17 mars 2020 à 10:02, Anders Broman via Wireshark-dev mailto:wireshark-dev@wireshark.org

[Wireshark-dev] Build without LUA fails

Hi, Someone at work is trying to build without LUA and getting, from cmake: : - The following OPTIONAL packages have not been found: * LIBSSH (required version >= 0.6), Library for implementing SSH clients, extcap remote SSH interfaces (sshdump, ciscodump)

Re: [Wireshark-dev] nas_eps value type change request

Hi, The proper way to request features or report bugs is through https://bugs.wireshark.org/bugzilla/ or start a discussion on the mailing lists. If I look in the 3GPP specifications TS 23.003 Chapter 2.4 …”The TMSI consists of 4 octets. It can be coded using a full hexadecimal

Re: [Wireshark-dev] Create dissctor groups to easily dissable unneded protocols.

n creating a list. /Anders On Wed, Oct 21, 2020 at 9:34 AM Anders Broman via Wireshark-dev mailto:wireshark-dev@wireshark.org> > wrote: Hi, In the developers den we discussed the possibility of disabling unneeded protocols and I brought up the idea of protocol groups. If there is interest i

[Wireshark-dev] Intermittent Builder Windows Petri Dish x64 failed (failed ctest) failures seriously annoying.

Hi, We have intermittent false petri dish failures. Can someone with insight into the tests have a look? Best regards Anders Example Builder Windows Petri Dish x64 failed (failed ctest) -

[Wireshark-dev] Build boot stuck?

Hi, The latest build seems to take a long time. /Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev

Re: [Wireshark-dev] Reassembling IPP info through USB

-Original Message- From: Wireshark-dev On Behalf Of Guy Harris Sent: den 9 juli 2020 04:00 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Reassembling IPP info through USB On Jul 8, 2020, at 6:06 PM, Jamie Hare wrote: > I am attempting to create a dissector

[Wireshark-dev] Include LUA dissectors in installers?

Hi, Does anyone have modified CMakefiles to include LUA dissectors in nsis and RPMs? Regards Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent via:Wireshark-dev mailing list Archives:

[Wireshark-dev] Recent console warning from Qt?

Hi, Has anyone else seen this Main Warn QWinTaskbarButton: qIID_ITaskbarList4 was not initialized: 0x, ? Regards Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent via:Wireshark-dev mailing

Re: [Wireshark-dev] Recent console warning from Qt?

dev On Behalf Of > Anders Broman via Wireshark-dev > Sent: Tuesday, December 8, 2020 3:55 AM > To: wireshark-dev@wireshark.org > Cc: Anders Broman > Subject: [Wireshark-dev] Recent console warning from Qt? > > Hi, > Has anyone else seen this Main Warn QWinTaskba

[Wireshark-dev] Problem with ENC_BCD_DIGITS_0_9 odd/even

Hi, There is a problem with the BCD encoded numbers as they may be padded and unfortunately with Zero. "Encoding scheme: BCD. Note: Filler H'0 (last digit) is used in case of the odd number of digits." In order to present this properly It would be good to be able to pass an odd/even

[Wireshark-dev] Long time to merge?

Hi, What is the most efficient way to merge MRs with git-lab? Approve one request and wait until it's merged or stage a couple? I set up a bunch this morning and it is still not complete I think. What buttons to press in what order? When to assign to git-lab utility? Regards Anders

[Wireshark-dev] Qt warning on Windows build.

Hi, Currently there is one Warnimg produced for the Windows build C:\Development\ewireshark\trunk\ui\qt\widgets\byte_view_text.cpp(187,38): warning C4996: 'QFont::ForceIntegerMetrics': was declared deprecated [C:\Development\wsbuild64\ui\qt\qtui.vcxproj] Regards Anders smime.p7s

Re: [Wireshark-dev] Handling malformed packet exceptions from within ASN.1 dissectors

Hi, I think a TRY CATCH block is the thing to use. Grep for CTACH and I think you will find a bunch of examples. Regards Anders -Original Message- From: Wireshark-dev On Behalf Of Richard Sharpe Sent: den 3 november 2020 00:26 To: Developer support list for Wireshark Subject:

[Wireshark-dev] Create dissctor groups to easily dissable unneded protocols.

Hi, In the developers den we discussed the possibility of disabling unneeded protocols and I brought up the idea of protocol groups. If there is interest in this feature I would need help with the GUI part - volunteers? As a PoC I was thinking of something along these lines. Turn all protocols

Re: [Wireshark-dev] Dissector functions and variables that could be static

Hi, Did some googling out of curiosity and found https://jelmer.uk/klaus/wireshark/blob/e738b556d72d4db5d7df85969c15117dedd0d063/epan/dissectors/packet-xml.c Search for “xml_get_attrib" So it seems it was part of packet-xml.c at some point so perhaps safe to remove… /Anders From:

Re: [Wireshark-dev] ASN1: How to display an octet-string as UTF16 LE

-Original Message- From: Wireshark-dev On Behalf Of Isaac Boukris Sent: den 16 juni 2021 12:52 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] ASN1: How to display an octet-string as UTF16 LE Hello, I'd like to add the following asn1 struct to the credssp dissector

Re: [Wireshark-dev] ASN.1-based dissector decoding by port number vs switch/case using 1st octet

Hi, I think you should go for 2. Wouldn’t this type of construct from the goose protocol work? GSEMngtRequests ::= CHOICE { getGoReference[1] IMPLICIT GetReferenceRequestPdu, getGOOSEElementNumber [2]

[Wireshark-dev] MR 2984 stuck?

Hi, Could someone have a look at https://gitlab.com/wireshark/wireshark/-/merge_requests/2984 It seems like the pipelines are stuck? Regards Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent via:

[Wireshark-dev] Pipeline stuck?

Hi, In https://gitlab.com/wireshark/wireshark/-/merge_requests/1934 The pipeline seems stuck, how to reset? Regards Anders smime.p7s Description: S/MIME cryptographic signature

Re: [Wireshark-dev] general inquiry on building dissectors for wireshark-3.4.4

Hi, If the protocol is truly described by asn1 documents there are plenty of examples in epan/dissectors/asn1/ Basically you need the asn1 description a template and a .cnf file. Are you building on Windows or Linux? I’m not familiar with building the asn1 based dissectors on Linux. Are you

Re: [Wireshark-dev] still unclear how to build a new ASN.1-based dissector

Hi, Perhaps a misconception here, the generated files are part of the source tree currently so when you change any of the files in the ../asn1/foo directory you need to run make foo and check in the generated .c and optionally .h file. So on the very first round add the directory and files

Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector example (foo)

Hi, So you are saying that if you create foo dir like epan/dissectors/asn1/foo/ Rename and update the custom cmake file to set(CUSTOM_ASN1_SRC_DIR foo ) And place your source file and cmake.txt in the foo dir then rerun the cmake process Nothing happens? Try to

Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector example (foo)

lter? It's not there. On Tue, Apr 13, 2021 at 8:10 AM Anders Broman via Wireshark-dev mailto:wireshark-dev@wireshark.org> > wrote: Hi, So you are saying that if you create foo dir like epan/dissectors/asn1/foo/ Rename and update the custom cmake file to set(CUSTOM_ASN1_SRC_DIR

Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector example (foo)

Hi, On what OS are you doing this? Regards Anders From: Wireshark-dev On Behalf Of Vincent Randal Sent: den 13 april 2021 14:32 To: Developer support list for Wireshark Subject: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector example (foo) Hello everyone, I

[Wireshark-dev] MR that commes up as "OK to Merge" fails pipline

Hi, This MR https://gitlab.com/wireshark/wireshark/-/merge_requests/2178 passed check but failed merge at the firsts attempt - the author then amended It passed check and came up with a green merge button. It then fails pipeline.

[Wireshark-dev] Edit resolved name stopped working?

Hi, Has "Edit resolved name" stopped working or what needs to be set in order for it to work? In a trace with no resolved IPs the menu "Edit resolved names" is greyed out. Regards Anders smime.p7s Description: S/MIME cryptographic signature

[Wireshark-dev] Wireshark does not build on Ubunty 18.04 with LZ4 (to old version?)

Hi, Build fails complaining on wiretap/file_wrappers.c:199:5 error: unknown type name 'LZ4F_dctx' As far as I understand in the older package it uses LZ4F_dctx_s Should we require a higher version of the LZ4 library? Do we need something like this:

[Wireshark-dev] Warning message when starting wireshark "color_filters.c:658 -- read_filters_file(): Could not compile "Checksum Errors" in colorfilters "

Hi, Top of trunk I get ** (wireshark:13228) 12:52:43.789284 [Epan WARNING] C:\Development\wireshark\epan\color_filters.c:658 -- read_filters_file(): Could not compile "Checksum Errors" in colorfilters file "C:\Development\wsbuild-gpl\run\RelWithDebInfo\colorfilters". "Bad" cannot be converted

Re: [Wireshark-dev] Debianbuild fails on Ubuntu 18.04

, Anders Broman via Wireshark-dev ezt írta (időpont: 2021. okt. 20., Sze, 11:24): > > Hi, > > I can no longer create a debian package on Ubuntu 18.04... The build fails due to a debhelper bug. I've submitted the workaround at https://gitlab.com/wireshark/wireshark/-/merge_requests/47

[Wireshark-dev] Debianbuild fails on Ubuntu 18.04

Hi, I can no longer create a debian package on Ubuntu 18.04... Best regards Anders # check all necessary headers are included cc -c debian/headers-check.c -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2

[Wireshark-dev] Compilation on Windows taking a very long time?

Hi, Is it just me or is compilation time on Windows much longer now? Regards Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent via:Wireshark-dev mailing list Archives:

[Wireshark-dev] New Warnings on Windows builds? Related to defilter changes?

Hi, Recently these warnings started to show up C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(49,1): warning C4005: 'INT8_MIN': macro redefinition [C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj] C:\Program

Re: [Wireshark-dev] I have added another file to wireshark but keep getting unresolved references

Hi, Did you try to delete the build dir and re-run CMake? Regards Anders -Original Message- From: Wireshark-dev On Behalf Of Richard Sharpe Sent: den 24 oktober 2021 15:17 To: Developer support list for Wireshark Subject: [Wireshark-dev] I have added another file to wireshark but keep

[Wireshark-dev] Failed build on SLED 15

Hi, We get glib-compat.h:31:7: note: include '' or provide a declaration of 'memcpy' when building on SLED 15. Regards Anders smime.p7s Description: S/MIME cryptographic signature ___ Sent via:Wireshark-dev

[Wireshark-dev] TCP reassembly fails when ethernet tunnled over TCP

Hi, We have a proprietary protocol sending usually small frames mixed with larger tunneled ethernet frames over TCP. If we then have a TCP segment where the ethernet frame Spans 2 segments reassembly fails presumably because pinfo does not have the IP address of the TCP segment. I think we would

[Wireshark-dev] MSVC gives warnings "qt_ui_utils.cpp(208, 25): warning C4996: 'QProcess::startDetached'"

Hi, Just built and got the following warning: ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996: 'QProcess::startDetached': Use QProcess::startDetached(const QString , const QStringList ) instead [C:\Development\wsbuild64\ui\qt\qtui.vcxproj]

Re: [Wireshark-dev] MSVC gives warnings "qt_ui_utils.cpp(208, 25): warning C4996: 'QProcess::startDetached'"

ached'" Which Qt version are you on? Am Fr., 11. Feb. 2022 um 11:06 Uhr schrieb Anders Broman via Wireshark-dev mailto:wireshark-dev@wireshark.org> >: Hi, Just built and got the following warning: ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996: 'QProcess::startDetache

Re: [Wireshark-dev] Including sharkd in the installation downloads

Hi, I guess it is just a matter of doing a section for sharkd in the Wireshark.nsi file similar to tshark? : !insertmacro MUI_DESCRIPTION_TEXT ${SecTShark} "Text based network protocol analyzer." : Section "TShark" SecTShark ;--- SetOutPath

[Wireshark-dev] Pending LUA MRs

Hi, Can some one familiar with LUA please look at the LUA MRs I have tried to put labels on LUA related MRs. Non core developers can assist by leaving comments. Best regards Anders ___ Sent via:Wireshark-dev mailing list