[Wireshark-dev] Wireshark build containing particular change
Hi, I want to get a build which contains the change that I have submitted for review. For example, This change https://code.wireshark.org/review/#/c/8580/ has this as the last comment "Change has been successfully cherry-picked as 3bc42dbf8e5c63a7a85e6d14d2d2bd3636a6dc81 by Anders Broman " . Now, How do I find a development build that contains this change ? --Anil ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] 802.11 timeline view and aggregation
The main thing that is 802.11 specific is that it relies on the hardware timestamps (radiotap.mactime) to have guaranteed accuracy. The 802.11 mac relies heavily on frame timing, and the extension splits into 2 parts - 1 part that calculates frame durations and start and end times from the available radiotap information, timestamps, and details of what physical layer framing and headers are in use. It also calculated the inter-frame spaces that are so important to the 802.11 MAC, and another part of the code that uses all this data and provides the visualization. I imagine this kind of display would be very useful for other, non 802.11 protocols as well, although software based timestamps would mean that the display might not be perfectly accurate. Also with software based timestamps sometimes packets can appear to overlap, and that would need to be resolved. No documentation was written, and I don't have any screenshots (although the functionality worked very well the niceties of the GUI were never finished). The packet timeline was rendered anti-aliased, so when zoomed out you could see the density of traffic vary over a large period of time, and when you zoomed in you could see single microseconds. I am currently working to bring the code up to date and get it building on the master branch. I can take some screenshots when I get the code running. This is partly why I was asking questions about whether the gtk build is expected to work in the current master branch - since all the visualization code was gtk. I was also previously developing on Debian, but am now using Mac OS (which I am not very familiar with), and have been having trouble with getting the master branch to build. QT is working, but GTK is not yet for me. I imagine the code from github would build quite easily on a 2 or 3 year old Debian or Ubuntu OS image. It does not display the timeline unless all the required physical layer information is available from radiotap to correctly calculate the packet durations. Also on github are patches to the linux kernel to have the intel drivers include all the required information in the radiotap captures. On Mon, Jun 1, 2015 at 7:29 PM, Guy Harris wrote: > > On May 29, 2015, at 9:04 PM, Simon Barber wrote: > > > A few years ago I wrote an extension for Wireshark that allows 802.11 > frames to be viewed on a zoomable, scrollable timeline in a third pane > added to the main display. > > Is there anything 802.11 specific about this - and, if so, are there parts > that aren't 802.11-specific and that would be useful for other link layer > types? > > Is there some documentation of what it does, preferably with a screenshot? > ___ > Sent via:Wireshark-dev mailing list > Archives:https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe > ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Restarting WinPcap development
As you may have noticed, the WinPcap project has been dormant for some time. In order to help the project move forward I've been working with Gianluca to convert the private WinPcap CVS repository to a public Gerrit project at https://code.wireshark.org/review. Additionally Riverbed has agreed to open the WinPcap OEM (aka WinPcap Pro) source code. I'll try to get that merged into the main WinPcap repository soon. My immediate goal is to lend bits of Wireshark's infrastructure to WinPcap so that we can fix compatibility issues with Windows 8 and 10, including support for Microsoft's newer and more strict driver signing requirements. Along with the Gerrit project, a WinPcap builder has been added to the Buildbot master at https://buildbot.wireshark.org/tcpdump/waterfall. The long term goals and direction of the project are less well-defined and are largely up to the community. For example, a strong argument can be made for integrating WinPcap with libpcap. If you have ideas or opinions about this please send them to winpcap-users or tcpdump-workers as appropriate. Many thanks to Loris Degioanni and Gianluca Varenni for creating WinPcap, to Riverbed for providing hosting, and to the various development and user communities for their ongoing support. ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Problems building on Mac OS Yosemite
On May 29, 2015, at 11:23 PM, Simon Barber wrote: > On May 29, 2015 11:20 PM, "Guy Harris" wrote: > >> On May 29, 2015, at 9:16 PM, Simon Barber wrote: >> >>> I'm trying to build wireshark out of the git repository, master branch, on >>> my Mac OS Yosemite machine. >> >> You've installed XQuartz, right? > > Yes. xlogo runs OK. What does ls -ld /usr/X11 print? If it prints ls: /usr/X11: No such file or directory then you probably installed XQuartz on a machine running a pre-Yosemite version of OS X, and then upgraded to Yosemite, and the Yosemite installer proceeded to trash your XQuartz installation. Do sudo ln -s /opt/X11 /usr/X11 to fix the XQuartz installation, and then, in your source directory, do rm -rf macosx-support-libs and re-run the macosx-setup.sh script. If "ls -ld /usr/X11" doesn't print "ls: /usr/X11: No such file or directory", what does ls -l /usr/X11/lib/libcairo.la print? ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] 802.11 timeline view and aggregation
On May 29, 2015, at 9:04 PM, Simon Barber wrote: > A few years ago I wrote an extension for Wireshark that allows 802.11 frames > to be viewed on a zoomable, scrollable timeline in a third pane added to the > main display. Is there anything 802.11 specific about this - and, if so, are there parts that aren't 802.11-specific and that would be useful for other link layer types? Is there some documentation of what it does, preferably with a screenshot? ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] master-1.10 out-of-memory fuzz failures
Well here's a good example. These two bugs are out-of-memory fuzz failures that failed at the same time of day (one is master-1.12 and one is master-1.10): https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11243 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11244 It certainly appears the machine is simply running low on memory while testing. On 05/30/2015 10:46 PM, Jeff Morriss wrote: I ended up focusing on master-1.10 because there were so many bugs out there. I guess that's just because most of the bugs against master were already dup'd out! I was wondering if maybe all the fuzz bots are running on the same (virtual)machine and may be contending for memory (e.g., if two or more of the buildbots run Valgrind at the same time then the box simply runs out of memory). On 05/30/2015 10:27 PM, Evan Huus wrote: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11147 and its many duplicates suggest a similar issue with the master buildbot. On Sat, May 30, 2015 at 10:22 PM, Jeff Morriss wrote: There have been plenty of fuzz failures from the 1.10 branch in the past few months, including: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11050 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11065 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11077 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11090 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11094 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11150 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11239 All of the captures associated with those bugs run fine for me. The last one's error: /home/wireshark/builders/wireshark-1.10-fuzz/fuzztest/build/.libs/lt-tshark: error while loading shared libraries: libwireshark.so.3: failed to map segment from shared object: Cannot allocate memory really supports the theory that it's not the software that has the problem but the buildbot itself. Is there something wrong with the box? In the mean time I'll close all those bugs as WORKSFORME. ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
