Re: [Wireshark-dev] IP src/dst from Qt

On Mon, Oct 31, 2016 at 3:16 PM, Roland Knall wrote: > I would implement a listener for the tap interface of the ip dissector. > Which point in the code should I read for this? ___ Sent via:

Re: [Wireshark-dev] IP src/dst from Qt

on. I do a similar > thing with a 3rd-party plugin of mine. > > regards > Roland > > On Mon, Oct 31, 2016 at 2:44 PM, Dario Lombardo < > dario.lombardo...@gmail.com> wrote: > >> Hi >> I'd like to read the ip src/dst of the current open file from the Qt UI. >

[Wireshark-dev] Identities on gerrit

I tried to link 2 identities on gerrit (google and github) but I got "forbidden" from the gerrit server. Is that intentional? Shouldn't that be allowed without admin work? Dario. ___ Sent via:Wireshark-dev mailing list

[Wireshark-dev] RPCAP module for hydra

I'd like to share with you that a new module has been added to thc-hydra, the password cracker. This is a module to crack a RPCAP access. I didn't have tested it so far, but it's on my todo list. Have fun! Dario. https://github.com/vanhauser-thc/thc-hydra/pull/165

Re: [Wireshark-dev] g_print & co on Windows

> > >> > I seem to remember that when starting Wireshark on Windows from the > command line that I had to redirect stdout and stderr to files to see the > output. > Good catch! It works for extcaps as well. ___ Sent via:

[Wireshark-dev] g_print & co on Windows

Hi I'm debugging sshdump on windows and I found an unexpected behavior with glib logging functions. g_error: seems to work. A popup appears and program stops g_warning: nothing, with or without G_MESSAGES_DEBUG=all g_debug: same as above g_print: nothing printed I recall something about those

Re: [Wireshark-dev] Enable extcap by default or not

Even if I am not strong on that, I'd vote for enable by default. I admin that some of them are specific (like ciscodump or androiddump), but I consider others like sshdump and randpktdump pretty general. Having them hidden by default would limit their use. New users will never notice this new

Re: [Wireshark-dev] Remove of GTK interface

During the last Sharkfest, I heard from many users and power-users still some affection to GTK interface. It surprised me a bit, since when I switched to Qt, it was a matter of will. Resistance to change? Maybe. Something not to care about? Surely not. The switch-off of GTK will happen, but...

Re: [Wireshark-dev] ./configure failing on Ubuntu 14.04

On Thu, Sep 1, 2016 at 1:42 PM, Guy Harris wrote: > > Would something for Red Hat/Fedora/Centos(?) be useful as well? > There is tools/install_rpms_for_devel.sh. I used it a bit but I think it needs improvement. To have the whole dev environment (almost all optional packages)

Re: [Wireshark-dev] Compiling on Centos7

... Which lib is cmake looking for? Libnl or libnl3? Anyway, without libnl3-devel compilation goes to the end. On Thu, Sep 1, 2016 at 11:01 AM, Dario Lombardo <dario.lombardo...@gmail.com > wrote: > I' trying to compile the current master on Centos7. Some of the code in > caputils doe

[Wireshark-dev] Compiling on Centos7

I' trying to compile the current master on Centos7. Some of the code in caputils doesn't compile, so I patched it. Now the compilation stops with Linking C executable run/dumpcap /usr/bin/ld: run/libcaputils.a(ws80211_utils.c.o): undefined reference to symbol 'nl_socket_free' /usr/bin/ld: note:

Re: [Wireshark-dev] ./configure failing on Ubuntu 14.04

Hi Anders If I recall correctly it's something related to the thread "CMAKE and RPM". Can you check the archives and look if it's related to your problem? On Wed, Aug 31, 2016 at 3:05 PM, Anders Broman wrote: > Hi, > > I’m getting > > checking for Qt5Core - version

Re: [Wireshark-dev] Exported PUD proto_name

On Mon, Aug 29, 2016 at 5:30 PM, Pascal Quantin <pascal.quan...@gmail.com> wrote: > Hi Dario, > > 2016-08-29 17:03 GMT+02:00 Dario Lombardo <dario.lombardo...@gmail.com>: > >> I tried again with udpdump using >> - http (4 bytes long), aligned ==> works corre

Re: [Wireshark-dev] Exported PUD proto_name

10:44 AM, Dario Lombardo < dario.lombardo...@gmail.com> wrote: > Ok, we'll wait for some clarifications from Alexis. > > ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark

Re: [Wireshark-dev] Exported PUD proto_name

Ok, we'll wait for some clarifications from Alexis. On Fri, Aug 26, 2016 at 10:25 AM, Pascal Quantin <pascal.quan...@gmail.com> wrote: > > > 2016-08-26 10:14 GMT+02:00 Dario Lombardo <dario.lombardo...@gmail.com>: > >> It seems that it prevents the d

Re: [Wireshark-dev] Exported PUD proto_name

into "aruba_erm\x00\x00\x00" that is not matched by the dissectors table. Alexis, did I get the point? On Fri, Aug 26, 2016 at 10:05 AM, Pascal Quantin <pascal.quan...@gmail.com> wrote: > Hi Dario, > > 2016-08-26 10:02 GMT+02:00 Dario Lombardo <dario.lombardo...@gmail.c

[Wireshark-dev] Exported PUD proto_name

Hi, I'm looking into the code of exported_pdu.c and specifically into export_pdu_create_tags(). The first tag it creates is the tag with proto_name. The piece of code that I don't understand is /* Start by computing size of protocol name as a tag */ proto_str_len =

Re: [Wireshark-dev] Registering protocol details

On Sun, Aug 7, 2016 at 1:10 PM, Paul Offord wrote: > Hi Anders, > > > > Thanks for the prompt reply. I’ve read through exported_pdu.h and I don’t > understand how this helps me. Is there somewhere I can read more about > using exported_pdu functions? > > > > Thanks

Re: [Wireshark-dev] Windows compilation fails

On Fri, Aug 5, 2016 at 4:19 PM, Graham Bloice <graham.blo...@trihedral.com> wrote: > On 5 August 2016 at 14:56, Dario Lombardo <dario.lombardo...@gmail.com> > wrote: > >> What Qt version? I think I've seen that one before. >>>> >>> >>>

Re: [Wireshark-dev] Windows compilation fails

> > What Qt version? I think I've seen that one before. >> > > 5.3.2. ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe:

Re: [Wireshark-dev] Windows compilation fails

an...@gmail.com> wrote: > > Le 5 août 2016 14:34, "Graham Bloice" <graham.blo...@trihedral.com> a > écrit : > > > > On 5 August 2016 at 13:29, Dario Lombardo <dario.lombardo...@gmail.com> > wrote: > >> > >> I'm trying to compi

[Wireshark-dev] Windows compilation fails

I'm trying to compile wireshark on windows, but it fails. I have low skills on windows, so maybe I'm missing something very basic. Any hint? Thank you. "c:\Development\wsbuild64\Wireshark.sln" (default target) (1) ->

Re: [Wireshark-dev] extcap.c does not build on SUSE 11.3. g_spawn_check_exit_status requires glib 2.34

This call exists from glib 2.34. We should add this version as minimum requirement to build extcap. On Mon, Aug 1, 2016 at 10:34 AM, Anders Broman wrote: > Hi, > > I get > > extcap.c:842: undefined reference to `g_spawn_check_exit_status' on SUSe > 11.3 with top of

Re: [Wireshark-dev] Considering ignoring Coverity 'tainted' checks

I can't answer for all the "tainted" checks on coverity, but the ones I'm patching seem reasonable. Quick example num = tvb_get_ntohl(...) for (i = 0; i < num; i++) { } Nothing is going to crash in wireshark, but if a tainted packet contains 0x, why should we loop with this value, until

[Wireshark-dev] Console output from dissectors

Hello Running checkAPI against the dissectors, I get warnings like Warning: Found termoutput APIs in packet-wtp.c: printf Are the dissector expected to produce console output? If yes, which function should they use? g_log()? Thanks Dario.

Re: [Wireshark-dev] [Wireshark-commits] buildbot failure in Wireshark (development) on OSX 10.6 x64

On Mon, Jun 27, 2016 at 3:16 AM, Jim Young wrote: > > Time for a Petri Dish for OS X? > > Jim Y. > Giant +1 for this. ___ Sent via:Wireshark-dev mailing list Archives:

Re: [Wireshark-dev] Windows dev, gerrit, git-review, etc.

Hi Gordon Did you take a look at this? https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html On Thu, May 26, 2016 at 2:50 AM, Gordon Ross wrote: > I'm an experienced unix developer, familiar with git, but I'm having > trouble getting all the git+gerrit

Re: [Wireshark-dev] wmem in gtk

Oh sure, it was trivial! Any idea on why it compiles on my ubuntu? I can't find any conditional compilation. On Mon, May 2, 2016 at 2:58 PM, Pascal Quantin <pascal.quan...@gmail.com> wrote: > Hi Dario, > > 2016-05-02 14:56 GMT+02:00 Dario Lombardo <dario.lombardo...@gmail

[Wireshark-dev] wmem in gtk

Hi all In this change https://code.wireshark.org/review/#/c/15051/ I'm getting an error from ubuntu buildbot https://buildbot.wireshark.org/petri-dish/builders/Ubuntu%20x86-64%20Petri%20Dish/builds/6330/steps/compile/logs/stdio The error is addr_resolution_dlg.c:32:23: fatal error:

Re: [Wireshark-dev] Connection slow and got interrupted when cloning the Wireshark repo

On Tue, Apr 19, 2016 at 1:44 PM, Yang Luo wrote: > > I found I can push using https, but the reminds me it lacks change-id. > > I'm not sure I got your point, but you can get rid of all change-id issues using the tools/pre-commit hook. Read here

Re: [Wireshark-dev] Connection slow and got interrupted when cloning the Wireshark repo

enied (publickey). > fatal: Could not read from remote repository. > > Please make sure you have the correct access rights > and the repository exists. > > > On Tue, Apr 19, 2016 at 6:35 PM, Dario Lombardo < > dario.lombardo...@gmail.com> wrote: > >> Hi Yang >

Re: [Wireshark-dev] Connection slow and got interrupted when cloning the Wireshark repo

Hi Yang You can clone from github, then add whatever git remote you want. But you don't need to do that, since the command to push a change to gerrit can be issued to point directly to wireshark repo. As stated here https://www.wireshark.org/docs/wsdg_html_chunked/ChSrcContribute.html you can push

Re: [Wireshark-dev] Current master not compiling

On Mon, Apr 4, 2016 at 12:24 PM, Guy Harris <g...@alum.mit.edu> wrote: > On Apr 4, 2016, at 1:51 AM, Dario Lombardo <dario.lombardo...@gmail.com> > wrote: > > > But how did the buildbot let it pass? > > Because it has a newer version of Flex than you do? &g

[Wireshark-dev] Current master not compiling

Today I'm not able to compile the current master 6f98a0fac33db70b3ceb71d939b0a9d0d47747cc. Using git bisect I've found that the culprit seems to be this commit commit 59816ef00c6dd09532d80b393ba03f8194aba236 Author: Guy Harris Date: Wed Mar 30 18:44:01 2016 -0700 Make

Re: [Wireshark-dev] #ifdef mess

On Tue, Mar 29, 2016 at 3:48 AM, Guy Harris wrote: > > which is a bit of a greasy hack - appending an empty string to str, just > so it's marked as used - but I suspect the extra CPU time spent doing that, > on platforms unlucky enough not to have zlib, will be lost in the

Re: [Wireshark-dev] Missing protocols and wishlist

On Thu, Mar 10, 2016 at 2:08 PM, Alexis La Goutte wrote: > You can search on bugtracker all bug with "Enhancement" > > Thanks. Is there a way to filter all the tickets and get only the enhancements?

[Wireshark-dev] Missing protocols and wishlist

Hello list Is there a list of currently missing protocols in wireshark or some kind of wishlist? As far as I recall there is a wiki page but I can't find it. Thanks Dario. ___ Sent via:Wireshark-dev mailing list

Re: [Wireshark-dev] Building with current GIT clone fails

Link to the change about AUTHORS re-generation. https://code.wireshark.org/review/#/c/14339/ On Fri, Mar 4, 2016 at 2:01 PM, Dario Lombardo <dario.lombardo...@gmail.com> wrote: > > > On Fri, Mar 4, 2016 at 1:59 PM, Graham Bloice <graham.blo...@trihedral.com > &g

Re: [Wireshark-dev] Building with current GIT clone fails

On Fri, Mar 4, 2016 at 1:59 PM, Graham Bloice wrote: > Currently they are green, although I'm getting a build error on Windows > about generation of the AUTHORS file. The binaries are all still good > though. > > There is an outstading issue I'm working on

[Wireshark-dev] Portable sockets

Hello everybody I'm working on a new extcap that listens on a port for incoming packets produced by capture devices. I have to create a small, standard udp server. I was wandering which functions I am supposed to use to be portable. Are POSIX sockets ok on Windows (I suppose they're fine on OSX)?

[Wireshark-dev] Buildslaves

The petri-dish buildslaves seem to be down https://buildbot.wireshark.org/petri-dish/buildslaves is there some maintenance in place? ___ Sent via:Wireshark-dev mailing list Archives:

Re: [Wireshark-dev] Setting up git for gerrit

On Mon, Nov 30, 2015 at 12:11 PM, Graham Bloice wrote: > Unfortunately I've never run git over http(s), so have no advice to > offer. I suggest you continue without the luxury of git-review for the > moment. > > A quick hack for pushing to gerrit without git-review

Re: [Wireshark-dev] wiretap - using as a library rather than coupled with Wireshark?

-automated. This couldn't apply to a released software, whose requiremets include wiretap, but could apply to scenarios of task-oriented softwares (I mean not general purpose ones). On Thu, Nov 26, 2015 at 7:54 PM, Guy Harris <g...@alum.mit.edu> wrote: > > On Nov 26, 2015, at 1:18 AM, Da

Re: [Wireshark-dev] wiretap - using as a library rather than coupled with Wireshark?

On Thu, Nov 26, 2015 at 9:41 AM, Guy Harris wrote: > > It can't be, and probably will never be able to be, built independently of > the "Wireshark utilities" library, the source to which is in the wsutil > directory. > Provided that this is not a published lib, that has an

[Wireshark-dev] Extcap DLTs

I'm working on a new extcap that will leverage randpkt-core to give wireshark a local random packet generator through randpktdump (the new extcap). I'm stucking with the DLTs part. The extcap must answer to the external call about which DLTs it can generate. Randpkt-core can generate 5 different

Re: [Wireshark-dev] Extcap DLTs

On Tue, Nov 24, 2015 at 2:03 PM, Roland Knall wrote: > > Which bug are you referring to? > > Sorry... https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11733 ___ Sent via:Wireshark-dev mailing list

Re: [Wireshark-dev] Extcap DLTs

set more generic options via a gui hook-up (using the plugin_if > functionality). But you could also use a more generic preference in > Wireshark itself and read from there. > > regards, > Roland > > > On Tue, Nov 24, 2015 at 12:29 PM, Dario Lombardo < > dario.lombardo

Re: [Wireshark-dev] Extcap DLTs

On Tue, Nov 24, 2015 at 2:00 PM, Dario Lombardo <dario.lombardo...@gmail.com > wrote: > > > I don't like it very much... Having too many interfaces is not likeable. > Expecially when related to this bug > > https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11733 &g

Re: [Wireshark-dev] Buildbots

On Thu, Nov 19, 2015 at 5:59 PM, Graham Bloice wrote: > There's also the: > > 2.0 buildbot - https://buildbot.wireshark.org/wireshark-2.0/waterfall > 1.12 buildbot - https://buildbot.wireshark.org/wireshark-1.12/waterfall > Debian LTS buildbot - >

Re: [Wireshark-dev] Release process: Transifex Sync

> > > I agree with you. There is need to sync with Transifex as one of > latest step of releasing. > I was conviced that Alexis put the sync in place. Doesn't it work? https://www.wireshark.org/lists/wireshark-dev/201502/msg00162.html

Re: [Wireshark-dev] Review of Gerrit patch for RTPS

I think that attaching some samples would help a lot. On Wed, Nov 18, 2015 at 7:21 PM, Juan Jose Martin Carrascosa wrote: > I assumed that you were busy. Thanks for the answer. > > Is there anything I can help with? I may be able to spend some hours this > weekend. > > Thanks,

[Wireshark-dev] Buildbots

I've found 2 different buildbot projects for wireshark https://buildbot.wireshark.org/petri-dish/ and https://buildbot.wireshark.org/wireshark-master/ Can anyone explain me the difference? I've understood that petri-dish is manually triggered by core-devs from gerrit. Who triggers the

Re: [Wireshark-dev] CMake: Disable building with QT ?

Harris <g...@alum.mit.edu> wrote: > > On Nov 13, 2015, at 12:26 AM, Dario Lombardo <dario.lombardo...@gmail.com> > wrote: > > > A useful feature of cmake that works at least on ubuntu is the tab > completion. So you can run > > > > cmake -DBUILD > &g

Re: [Wireshark-dev] CMake: Disable building with QT ?

A useful feature of cmake that works at least on ubuntu is the tab completion. So you can run cmake -DBUILD and you get a list of build targets that can be enabled/disabled. You can also try with cmake -DENABLE that gives you a list of features you can enable or disable. cmake -D gives you,

Re: [Wireshark-dev] Code format change when pushing

Do you mean formatting? Like indentation, etc? Probably your editor formats your code in a different way from gerrit. Your best bet is to configure your editor to print spaces/tabs so you can see exactly how it's formatted. Then change it according to your modeline and push again. On Thu, Nov 5,

Re: [Wireshark-dev] command line tools

Sounds pretty similar to tcprewrite, isn't it? http://tcpreplay.synfin.net/wiki/tcprewrite On Fri, Oct 30, 2015 at 1:14 AM, Bret Jordan wrote: > Dev list, > > I wrote a command line tool that you might want to include in the > Wireshark bundle of command line tools. > >

[Wireshark-dev] Extcap

I'm playing with extcap, but I can't make it fully work. I can run androiddump, and I can list the interfaces. # ./run/extcap/androiddump --extcap-interfaces interface {display=Android Logcat Main}{value=android-logcat-main-XX} interface {display=Android Logcat

Re: [Wireshark-dev] Extcap

On Mon, Oct 19, 2015 at 3:24 PM, Michal Labedzki wrote: > 3. Did you build your Wireshark with libpcap (aka do you have any > other interfaces?) Yes. I have eth0, lo, etc... > and extcap? I am building using cmake (ccmake), > check that you have ENABLE_EXTCAP = ON.

Re: [Wireshark-dev] Extcap

On Mon, Oct 19, 2015 at 2:39 PM, Michal Labedzki wrote: > Hello Dario, > > 1. What OS do you have? > ubuntu 14.04 64bit. > 2. Are you using "installed" Wireshark or from build source? (run from > build-directory) > Build from source, and run with

Re: [Wireshark-dev] Extcap

Looks like it's working now... I suppose that -DENABLE_EXTCAP=ON was the thing that made it work, and I got confused. Thanks everybody for your help. ___ Sent via:Wireshark-dev mailing list

Re: [Wireshark-dev] Extcap

On Mon, Oct 19, 2015 at 4:03 PM, Michal Labedzki wrote: > Try to do: > $ export WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 > $ ./run/wireshark > > Yes, it's what I usually do. > Check also your config.h (build directory): grep EXTCAP config.h > > I have something like

Re: [Wireshark-dev] Add support for remote capture in linux

h > interfaces can be configured with a separate options dialog and are quite > versatile, and most of all, it does not need you to change dumpcap in a way > that it is still working across multiple systems. > > regards, > Roland > > On Fri, Oct 2, 2015 at 12:35 PM, Dario Lomba

Re: [Wireshark-dev] Add support for remote capture in linux

satile, and most of all, it does not need you to change dumpcap in a way >> that it is still working across multiple systems. >> >> regards, >> Roland >> >> On Fri, Oct 2, 2015 at 12:35 PM, Dario Lombardo < >> dario.lombardo...@gmail.com> wrote:

Re: [Wireshark-dev] Add support for remote capture in linux

remote capture without using additional software and without opening additional ports if 22 is already open. On Fri, Oct 2, 2015 at 1:32 PM, Dario Lombardo <dario.lombardo...@gmail.com> wrote: > Do you mean to reimplement rpcapd on linux? > > On Fri, Oct 2, 2015 at 1:26 PM

Re: [Wireshark-dev] Compiling a plugin

Hi Martin Did you take a look at this ? https://ask.wireshark.org/questions/42914/build-a-plugin-on-linux It should answer to your question. Dario. On Wed, Sep 23, 2015 at 3:52 PM, Juan Jose Martin Carrascosa wrote: > Hi all, > > I am looking for documentation regarding how

[Wireshark-dev] size_t vs int

Hi list I'm playing with afl and clang and I've found some points in the code where afl/clang complains, and I'd like to discuss how to change them with you. A warning message got is ../codecs/sbc/sbc.c:111:16: warning: implicit conversion loses integer precision: 'size_t' (aka 'unsigned long')

[Wireshark-dev] WIRESHARK_QUIT_AFTER_CAPTURE

Hi list Wireshark can quit after capture when the variable WIRESHARK_QUIT_AFTER_CAPTURE is set and -a and -k are activated. This is used mainly for testing purposes, according to the manual. This feature doesn't work in offline mode, when opening a local file. This would be very useful, so I tried

[Wireshark-dev] Crash during fuzzing

Hi list II was fuzzing a protocol, and I experienced a crash. The fuzz-test.sh gave me this output $ ../tools/fuzz-test.sh -b run ../data/hpfeed_all_packets_sample.pcap [...] Starting pass 130: ../data/hpfeeds_all_packets_sample.pcap: (-nVxr) (-nr) OK Starting pass 131:

Re: [Wireshark-dev] How do I submit changes to gerrit again?

Hi Richard If you commit with SSH, you can upload your public key in gerrit (upper right corner - settings - SSH public keys). If you commit with HTTP, you should use the password gerrit provides you (upper right cornet - settings - HTTP password). Dario. On Fri, Jul 3, 2015 at 5:57 AM, Richard

Re: [Wireshark-dev] Wrong URL at https://www.wireshark.org/docs/wsug_html_chunked/ChIntroHelp.html#ChIntroQA

In wireshark's bugzilla you can file a bug, for website also. https://bugs.wireshark.org/bugzilla/enter_bug.cgi On Thu, Jul 2, 2015 at 12:30 AM, Rouslan Ryabykh rrryab...@gmail.com wrote: Hello. Didn't find enough time to know where to send an appropriate address to send the info, so let it

[Wireshark-dev] hadoop dissector

Hi list I opened a hadoop 2.6 capture file with the current master and I found that the hadoop dissector fails in opening the file (wrong dissection). This is probably related to the changes in the wire protocol that have not been reflected into the current dissector. So I decided to start

Re: [Wireshark-dev] Gerrit upgrade tomorrow

On Sat, May 9, 2015 at 1:34 PM, Graham Bloice graham.blo...@trihedral.com wrote: Seems to work for me, without needing to relink my old Google identity. Works for me, as well. ___ Sent via:Wireshark-dev mailing list

Re: [Wireshark-dev] Gerrit upgrade tomorrow

Hi Gerald Do we still need to re-bind the google account to the actual gerrit profile or will be automatically done based on the email address? Thanks Dario. On Fri, May 8, 2015 at 12:12 AM, Gerald Combs ger...@wireshark.org wrote: Gerrit 2.10.4 has been released, which includes improved

Re: [Wireshark-dev] Wireshark code review

Since you now have 2 changes submitted, you should abandon one of them (do it from the web interface), then follow Alexis' suggestion about sqashing and amending, then push the final revision into the survived change (do it using the correct change-id, read it from the web interface again). I

Re: [Wireshark-dev] Wireshark code review

On Wed, Mar 25, 2015 at 10:03 AM, Alexis La Goutte alexis.lagou...@gmail.com wrote: From local branch ? or remote branch ? (master / master-1.12...) From local. ___ Sent via:Wireshark-dev mailing list

Re: [Wireshark-dev] Wireshark 1.99.5 is now available

On Fri, Mar 20, 2015 at 1:46 AM, Gerald Combs ger...@wireshark.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm proud to announce the release of Wireshark 1.99.5. Hi Gerald Just out of curiosity... why 2 releases so close? Dario.

[Wireshark-dev] Packet editor

Guys, do you know wireedit? https://wireedit.com/ I looks like pretty close to how I would have figured out the packet editor feature in wireshark. Unfortunately it is not open source nor natively for linux (w32 bin with wine 8-|), so my testing stopped at their how-to video. Is there anyone

Re: [Wireshark-dev] Use Transifex for manage Translations

How does the transfer into gerrit works? Is there a dummy account that commits and merges automatically? What about credits for contributions? Are they trasferred in some way from tx to git? Dario. ___ Sent via:

Re: [Wireshark-dev] Menagerie

On Mon, Mar 2, 2015 at 2:16 PM, Evan Huus eapa...@gmail.com wrote: The fastest way to get a decent menagerie right now might be to write a script that scrapes all public bugzilla attachments... That's where the majority of our menagerie comes from anyways. I downloaded samples from

Re: [Wireshark-dev] Menagerie

Evan, I'm not still able to download the torrent. Anyone tried and succeded? Can't the daily menagerie be exposed via a more convenient interface like http? I don't think the generated traffic would flood the server, especially if the files are compressed in a tar.bz2 or a zip.

Re: [Wireshark-dev] Menagerie

On Fri, Feb 27, 2015 at 3:36 PM, Evan Huus eapa...@gmail.com wrote: I have rsync set up via ssh to the host server, but I'm pretty sure we can't just give everyone ssh access :) Yes of course :). Maybe a public interface like http (or even rsync should be unautenticated, but I have no

[Wireshark-dev] Undissected reserved fields

I'm playing with the undissected bytes functionality of wireshark, patching some dissectors that clearly lack some fields. But now I've found some of them that fall in a grey area and I'd lilke to discuss with other devels the best way to go on. I've found that many dissectors lack decoding of

Re: [Wireshark-dev] Menagerie

need to open a hole in my firewall or something. I'm at work now anyways, so I'll look at it again tonight unless somebody beats me to it. Evan On Fri, Feb 27, 2015 at 9:07 AM, Dario Lombardo dario.lombardo...@gmail.com wrote: Should be supported by your torrent client (maybe create torrent

Re: [Wireshark-dev] Menagerie

On Fri, Feb 27, 2015 at 1:55 PM, Evan Huus eapa...@gmail.com wrote: I'm not sure if there is a more convenient way to download the entire menagerie available to the general public. Who can know that? Gerald maybe? It would be very useful when conducting large scale tests to have access to a

Re: [Wireshark-dev] Menagerie

, Feb 27, 2015 at 8:00 AM, Dario Lombardo dario.lombardo...@gmail.com wrote: On Fri, Feb 27, 2015 at 1:55 PM, Evan Huus eapa...@gmail.com wrote: I'm not sure if there is a more convenient way to download the entire menagerie available to the general public. Who can know that? Gerald

Re: [Wireshark-dev] Menagerie

On Fri, Feb 27, 2015 at 3:19 PM, Ed Beroset bero...@mindspring.com wrote: From the originally sent torrent, it seems to be 1.88G. I'm interested in this too and could seed pretty much perpetually once we get it started. I would rather prefer a rsync-compatible interface. The scenario I'm

[Wireshark-dev] Menagerie

Browsing the buildbot site, I've read somewhere about menagerie. I suppose it is a large set of file that is used as regression test. Is it correct? Is it possible to download it? And to upload new samples to it? Thanks. Dario.

[Wireshark-dev] ISIS ISO

I've found an undecoded byte in the ISIS dissector. Before submitting a patch, I usually check with the reference standard (RFC, or others) the correctness of what I found. I found http://1.bp.blogspot.com/-9_nvv3M8ToU/T0-QsqCGc3I/AsI/YcBnXq2mkQI/s1600/pdu+format+ii.PNG Does anyone have

Re: [Wireshark-dev] Google deprecating OpenID 2.0

Just had a try. Doesn't work for me too. On Mon, Feb 23, 2015 at 8:16 AM, Michal Labedzki michal.labed...@tieto.com wrote: Did you try log with Google+? I do not have any idea what is username for Google+ :) (or probably that does not work for me) On 23 February 2015 at 08:08, Dario Lombardo

Re: [Wireshark-dev] Google deprecating OpenID 2.0

On Mon, Feb 23, 2015 at 10:15 AM, Michal Labedzki michal.labed...@tieto.com wrote: Ok. I had feedback about Google+. Username is that long number after slash in URL when you are log in. Somehow it works... (created the second account... [no Core permission there...]) Can you provide more

Re: [Wireshark-dev] Google deprecating OpenID 2.0

michal.labed...@tieto.com wrote: URL from address bar... Also there is no changes from my other account, so I called it the second. On 23 February 2015 at 10:22, Dario Lombardo dario.lombardo...@gmail.com wrote: On Mon, Feb 23, 2015 at 10:15 AM, Michal Labedzki michal.labed...@tieto.com wrote

Re: [Wireshark-dev] Google deprecating OpenID 2.0

Shouldn't it be enough to log in into gerrit using google+ instead of google? The link Graham provided states that google+ implements the new version and supports google accounts (updated or not to g+). On Feb 22, 2015 6:10 PM, Richard Sharpe realrichardsha...@gmail.com wrote: On Sun, Feb 22,

[Wireshark-dev] Can't compile with cmake

Today I can't compile wireshark using cmake. Using git bisect I've found out that this commit is responsible for that 7263af87c6b0019c1bfda0f66fdc991330941892 I'm looking forward in the code to find out what exactly broke the compilation. Dario.

Re: [Wireshark-dev] Can't compile with cmake

-dev-boun...@wireshark.org] *On Behalf Of *Alexis La Goutte *Sent:* den 18 februari 2015 14:27 *To:* Developer support list for Wireshark *Subject:* Re: [Wireshark-dev] Can't compile with cmake Hi Dario, What the warning ? On Wed, Feb 18, 2015 at 2:24 PM, Dario Lombardo dario.lombardo

Re: [Wireshark-dev] Can't compile with cmake

https://code.wireshark.org/review/7235 (1 line ;)). On Wed, Feb 18, 2015 at 2:44 PM, Dario Lombardo dario.lombardo...@gmail.com wrote: I've found out what is happened. A file (qcustomplot.cpp) was missing. I'm pushing the patch. On Wed, Feb 18, 2015 at 2:30 PM, Anders Broman anders.bro

Re: [Wireshark-dev] False positive from the new Look for incomplete dissectors function.

On Fri, Feb 13, 2015 at 5:15 PM, Jeff Morriss jeff.morriss...@gmail.com wrote: I have to admit that I like being able to click on a byte and see what field it maps to. From that perspective I like when padding is claimed by the dissector which knew it was padding. And when CR+NL are claimed

Re: [Wireshark-dev] False positive from the new Look for incomplete dissectors function.

On Thu, Feb 12, 2015 at 6:18 PM, Anders Broman a.broma...@gmail.com wrote: I suspected as much, but I think all the sip lines skip the CRLF... What about adding the skipped bytes as hidden, labeled as unused bytes? ___

Re: [Wireshark-dev] False positive from the new Look for incomplete dissectors function.

On Fri, Feb 13, 2015 at 10:14 AM, Anders Broman a.broma...@gmail.com wrote: First thought is, unnecessary processing to satisfy this new functionality, which frankly I have my doubts about... I have the same feeling. But I can't figure out something else so far.

Re: [Wireshark-dev] False positive from the new Look for incomplete dissectors function.

: *From:* wireshark-dev-boun...@wireshark.org [mailto: wireshark-dev-boun...@wireshark.org] *On Behalf Of *Dario Lombardo *Sent:* den 13 februari 2015 10:18 *To:* Developer support list for Wireshark *Subject:* Re: [Wireshark-dev] False positive from the new Look for incomplete dissectors

Re: [Wireshark-dev] False positive from the new Look for incomplete dissectors function.

Hi Anders If you carefully have a look at the bytes, you can notice that the 2 bytes reported by the logs are claimed by the SIP dissector, but they're not decoded. Until SIP/2.0, bytes are decoded (address up to 0x0040+12). From Max-Forward and beyond (address 0x0040+15) they are decoded.

<    1   2   3   4   5   >