Re: [Wireshark-dev] [Wireshark-commits] master 3147087: Fix ranlib "has no symbols" errors in the codecs directory.
On Dec 9, 2014, at 1:25 PM, Wireshark code review wrote: > URL: > https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3147087de323c0294b51006f97b641fc408f1b06 > Submitter: Gerald Combs (ger...@wireshark.org) > Changed: branch: master > Repository: wireshark > > Commits: > > 3147087 by Gerald Combs (ger...@wireshark.org): > >Fix ranlib "has no symbols" errors in the codecs directory. > >Don't build the G.722 or G.726 codecs for now. Each are wrapped in >"#ifdef HAVE_SPANDSP", which we don't define. Should we be checking for that library: http://www.soft-switch.org as per, for example: https://www.wireshark.org/lists/wireshark-dev/201412/msg00013.html and https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5619 or is spandsp not yet mature or cross-platform (where "platform" includes "CPU" - and "generation of the instruction set of that CPU") enough? They also say: http://www.soft-switch.org/installing-spandsp.html "A number of Linux and other software distributions include SpanDSP, but they usually supply older versions of the library, which lack a lot of the features of the current version." Even if we don't want to use it by default if present, should we have --with-spandsp, defaulting to "no", so that people don't have to do quite as much work to use it if they choose to build a custom version of Wireshark? ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Doubt regarding absolute time in wireshark
On Dec 9, 2014, at 1:04 AM, Vishnu Bhatt wrote: > Suppose I capture a pcap file in country ‘A’ and the the pcap file is being > seen in some other machine in country ‘B’. What “absolute time” should > Wireshark display? I’ve seen ambiguous behavior, in some cases A’s time zone > is displayed and sometimes B’s timezone. I'm assuming here that by "pcap file" you're specifically referring to files in pcap format, not just to all types of captures, no matter what file format they're in. (Note also that some countries have more than one time zone, so I'll refer to "machine A" and "machine B", and their locations, rather than to "country A" and "country B".) In pcap files, time stamps are supposed to be stored as seconds since January 1, 1970, 00:00:00 UTC, followed by microseconds (or, in a variant of that format, with a different magic number, nanoseconds) since that second. If machines A and B are in different time zones (or have different daylight savings time/summer time rules), then, by default, B's time zone should be used, as, by default, the routines Wireshark uses to convert those time stamps should convert them to local time in the time zone of the machine on which Wireshark is running. Pcap files have a "time zone offset" field, but no programs I know of set it in the file, so neither tcpdump nor Wireshark use it, nor will use it - and, as no programs I know of set it, even if they *did* use it, it wouldn't give you time stamps in the time zone of the machine that captured the packet. So I'm somewhat surprised that, unless you configure machine B to be in machine A's time zone - or, on UN*X, run Wireshark with the TZ environment variable set for machine A's time zone - you *ever* see machine A's time zone. The same applies to pcap-ng files, which store time stamps as units since January 1, 1970, 00:00:00 UTC. It has a not-well-described option in an Interface Description Block for a time zone, but, as it's not well described, I know of no software that uses it. Some other capture file formats store time stamps in local time; Wireshark converts them to UTC for internal use, using routines that will convert them assuming that they're in the local time of the machine running Wireshark. This *could* make it appear (modulo differences in daylight savings time/summer time rules) as if it's showing the time stamps from machine A's time zone. However, again, that won't happen for *pcap* files. ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] TCP reassembly and Return value of a new-style dissector
Hi, I have recently come across some problems with reassembly of SIP messages over TCP one problem seems to be related to when a segment contains one full PDU and a segment of the next following PDU in this case the first SIP line of the following PDU is not complete. I think the ultimate solution would be for the TCP dissector to call the SIP dissector again with the next incomplete PDU after receiving the number of bytes "accepted" by the SIP dissector e.g using the "new-style dissector interface. also see http://seclists.org/wireshark/2014/Jun/289 As I read the code the first step would be to have call_dissector()[OK] try_conversation_dissector() dissector_try_heuristic() dissector_try_uint_new [OK] Return the number of bytes consumed, 0 or -1(need more data) not sure about DESEGMENT_UNTIL_FIN (-2?). If people agree the biggest change is to change dissector_try_heuristic() to return an int. What do you think? Regards Anders ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Qt not found
2014-12-09 12:07 GMT+01:00 Vishnu Bhatt : > Thanks for the reply Pascal. So for now I am ignoring this warning but > it would be a great help if you could please give a step by step procedure > to make it working with Qt. I read the developers guide but am not clear on > this one. > As Graham said, this is explained in the developers guide here: https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html#ChSetupQt Then you might have to set the QT5_BASE_DIR environment variable according to your installation path (looks like this info is missing in the current guide). But you should only bother to do this is you are building from the master development branch (where all the Qt development happens). Pascal. > > *From:* wireshark-dev-boun...@wireshark.org [mailto: > wireshark-dev-boun...@wireshark.org] *On Behalf Of *Pascal Quantin > *Sent:* Tuesday, December 09, 2014 4:28 PM > *To:* Developer support list for Wireshark > *Subject:* Re: [Wireshark-dev] Qt not found > > > > 2014-12-09 11:47 GMT+01:00 Vishnu Bhatt : > > Hello, > > > > I am trying to build 1.12.2 on windows 7 machine (both 32-bit and 64-bit). > I am getting the following warning: > > > > nmake -f Makefile.nmake verify_tools > > > > Can't find Qt. This will become a problem at some point. > > > > What should be the solution to it? > > > > Hi Vishnu, > > as stated in the warning, it will be a problem *at some point* but we have > not reached this point yet (Qt GUI is simply not mature in the 1.12 > branch). So you can safely ignore this warning (even the official 1.12.2 > does not bundle Qt GUI anymore) as it will not prevent to build the GTK UI > and installer. > Maybe we should remove this warning in master-1.12 branch to avoid > confusion. > > Pascal. >"DISCLAIMER: This message is proprietary to Aricent and is intended > solely for the use of the individual to whom it is addressed. It may > contain privileged or confidential information and should not be circulated > or used for any purpose other than for what it is intended. If you have > received this message in error, please notify the originator immediately. > If you are not the intended recipient, you are notified that you are > strictly prohibited from using, copying, altering, or disclosing the > contents of this message. Aricent accepts no responsibility for loss or > damage arising from the use of the information transmitted by this email > including damage from virus." > > ___ > Sent via:Wireshark-dev mailing list > Archives:http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe > ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Qt not found
Thanks for the reply Pascal. So for now I am ignoring this warning but it would be a great help if you could please give a step by step procedure to make it working with Qt. I read the developers guide but am not clear on this one. From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Pascal Quantin Sent: Tuesday, December 09, 2014 4:28 PM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Qt not found 2014-12-09 11:47 GMT+01:00 Vishnu Bhatt mailto:vishnu.bh...@aricent.com>>: Hello, I am trying to build 1.12.2 on windows 7 machine (both 32-bit and 64-bit). I am getting the following warning: nmake -f Makefile.nmake verify_tools Can't find Qt. This will become a problem at some point. What should be the solution to it? Hi Vishnu, as stated in the warning, it will be a problem *at some point* but we have not reached this point yet (Qt GUI is simply not mature in the 1.12 branch). So you can safely ignore this warning (even the official 1.12.2 does not bundle Qt GUI anymore) as it will not prevent to build the GTK UI and installer. Maybe we should remove this warning in master-1.12 branch to avoid confusion. Pascal. "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus." ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Qt not found
2014-12-09 11:47 GMT+01:00 Vishnu Bhatt : > Hello, > > > > I am trying to build 1.12.2 on windows 7 machine (both 32-bit and 64-bit). > I am getting the following warning: > > > > nmake -f Makefile.nmake verify_tools > > > > Can't find Qt. This will become a problem at some point. > > > > What should be the solution to it? > Hi Vishnu, as stated in the warning, it will be a problem *at some point* but we have not reached this point yet (Qt GUI is simply not mature in the 1.12 branch). So you can safely ignore this warning (even the official 1.12.2 does not bundle Qt GUI anymore) as it will not prevent to build the GTK UI and installer. Maybe we should remove this warning in master-1.12 branch to avoid confusion. Pascal. ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Qt not found
On 9 December 2014 at 10:47, Vishnu Bhatt wrote: > Hello, > > > > I am trying to build 1.12.2 on windows 7 machine (both 32-bit and 64-bit). > I am getting the following warning: > > > > nmake -f Makefile.nmake verify_tools > > > > Can't find Qt. This will become a problem at some point. > > > > What should be the solution to it? > > > > > You have two options: - modify config.nmake such that the QT version isn't built, not a great idea going forward as the QT version will be the default version and the GTK version deprecated. - Install the appropriate QT build parts as per the Developers Guide Section 2.2.2 "Install QT" ( https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html#ChSetupQt ). -- Graham Bloice ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Qt not found
Hello, I am trying to build 1.12.2 on windows 7 machine (both 32-bit and 64-bit). I am getting the following warning: nmake -f Makefile.nmake verify_tools Can't find Qt. This will become a problem at some point. What should be the solution to it? Thanks "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus." ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Doubt regarding absolute time in wireshark
Hello, Suppose I capture a pcap file in country 'A' and the the pcap file is being seen in some other machine in country 'B'. What "absolute time" should Wireshark display? I've seen ambiguous behavior, in some cases A's time zone is displayed and sometimes B's timezone. What should be the correct behavior? Thanks "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus." ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
