[Wireshark-dev] Change wiki page

[Juan Jose Martin Carrascosa]

Hi everybody,

How can I edit a wiki page? I don't know how to do it!

https://wiki.wireshark.org/Contrib

I want to fix the typos in the Colouring rules section. It should be rtps,
not rtsp.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Change wiki page

[Juan Jose Martin Carrascosa]

Got it! Thanks!

PS: Nice captcha questions.

Juanjo

On Tue, Mar 15, 2016 at 12:37 PM, Pascal Quantin 
wrote:

> Hi,
>
> 2016-03-15 11:57 GMT+01:00 Juan Jose Martin Carrascosa :
>
>> Hi everybody,
>>
>> How can I edit a wiki page? I don't know how to do it!
>>
>> https://wiki.wireshark.org/Contrib
>>
>> I want to fix the typos in the Colouring rules section. It should be
>> rtps, not rtsp.
>>
>
>  on the top left of the screen, click on the login link, then on the
> "create a new one now" link.
>
> Pascal.
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Manually resolve name

[Juan Jose Martin Carrascosa]

Hi Alexis,

Thanks for your answer.

I will wait until the current patch is approved and then I will add more
functionality, so I submit multiple simpler patches.

Thanks,
Juanjo Martin

On Wed, Mar 16, 2016 at 3:07 PM, Alexis La Goutte  wrote:

> Hi Juan,
>
> On Wed, Mar 16, 2016 at 1:18 PM, Juan Jose Martin Carrascosa <
> jua...@rti.com> wrote:
>
>> Hi everybody,
>>
>> I have managed to create an RTPS address using the guidPrefix, and I
>> created a new column for it (adding it also to pinfo->rtps_src).
>>
> We try to avoid to add new stuff of pinfo..
> You can add a column via "Right Click" Apply as Column
>
>>
>> It looks like this:
>>
>> [image: Inline image 2]
>>
>> This is going to help a lot in the debugging of RTPS issues.
>>
>> My next goal is to be able to manually resolve the Participant GUID
>> displayed, the same way we are capable of resolving the IP addresses (as I
>> did with HostB in the picture above).
>>
>> 1) How can I do that? Where do I have to code?
>>
> There is a vlan id name mapping in progress, it is the same idea :
> https://code.wireshark.org/review/#/c/14471/
>
>>
>> 2) If I get it done, would it be included in the community version? or
>> would something like this be rejected?
>>
> I think i can be add...
>
>>
>> Thanks!
>> Juanjo Martin
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Manually resolve name

[Juan Jose Martin Carrascosa]

Hi everybody,

I have managed to create an RTPS address using the guidPrefix, and I
created a new column for it (adding it also to pinfo->rtps_src).

It looks like this:

[image: Inline image 2]

This is going to help a lot in the debugging of RTPS issues.

My next goal is to be able to manually resolve the Participant GUID
displayed, the same way we are capable of resolving the IP addresses (as I
did with HostB in the picture above).

1) How can I do that? Where do I have to code?

2) If I get it done, would it be included in the community version? or
would something like this be rejected?

Thanks!
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] FT_TYPE appropiated?

[Juan Jose Martin Carrascosa]

Hi all,

I have a field that has the following content (hex bytes):

0a00020f7cfb0001

If I use FT_STRING, it displays 0a\n. Thus, I decided to use FT_BYTES.

The problem now is that when I do right-click -> Apply as column, if I do
right-click in the column and do "apply as filter" or "prepare a filter",
it interprets the content as FT_STRING. Thus, the filter created by the
column doesn't work.

What options do you think I have here? I don't mind changing the
representation of the field or fixing the column, but anything that works!

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] ./configure fails

[Juan Jose Martin Carrascosa]

Hi all,

./configure was working for me two weeks ago.

Now it fails with:

./configure: line 19638: AX_COMPILER_VENDOR: command not found
./configure: line 19646: AX_COMPILER_VENDOR: command not found
checking whether the compiler fails when given an unknown warning option...
yes
checking whether the compiler fails when given an warning option not
supported for C++... no, adding -Werror
./configure: line 19907: syntax error near unexpected token `$GCC_OPTION,'
./configure: line 19907: `  AX_APPEND_FLAG($GCC_OPTION,
WS_CFLAGS)'

Any ideas? Any changes? Should I update anything?

Ubuntu 12.04 gcc 4.6.3

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] ./configure fails

[Juan Jose Martin Carrascosa]

Nice! And obvious... thanks!

On Wed, Mar 30, 2016 at 2:59 PM, João Valverde <
joao.valve...@tecnico.ulisboa.pt> wrote:

>
>
> On 30-03-2016 11:46, Juan Jose Martin Carrascosa wrote:
>
>> Hi all,
>>
>> ./configure was working for me two weeks ago.
>>
>> Now it fails with:
>>
>> ./configure: line 19638: AX_COMPILER_VENDOR: command not found
>> ./configure: line 19646: AX_COMPILER_VENDOR: command not found
>> checking whether the compiler fails when given an unknown warning
>> option... yes
>> checking whether the compiler fails when given an warning option not
>> supported for C++... no, adding -Werror
>> ./configure: line 19907: syntax error near unexpected token `$GCC_OPTION,'
>> ./configure: line 19907: `  AX_APPEND_FLAG($GCC_OPTION,
>> WS_CFLAGS)'
>>
>> Any ideas? Any changes? Should I update anything?
>>
>
> Have you tried re-running ./autogen.sh?
>
>
>> Ubuntu 12.04 gcc 4.6.3
>>
>> Thanks,
>> Juanjo Martin
>>
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>   mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Obfuscating a capture

[Juan Jose Martin Carrascosa]

Hi everybody,

is there an existing way to obfuscate a capture? For instance, select a few
fields and make them zero or random.

I want to find a way to obfuscate captures so we can provide them to other
people, or other people to us (security reasons).

Any ideas? I don't feel like writing it myself!

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Compiling a plugin in Windows

[Juan Jose Martin Carrascosa]

Hi everybody,

I want to compile a plugin (C file) in Windows, to generate a .dll and
provide it to Wireshark. I don't want to compile the whole tree of
Wireshark. I just want to compile this C file.

Does anybody have any resource/idea/instructions that can help me?

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Compiling a plugin in Windows

[Juan Jose Martin Carrascosa]

OK. Thanks for the information Graham.

If I manage somehow to create a build infrastructure for plugins, I will
share it.

Thanks,
Juanjo Martin

On Tue, Apr 5, 2016 at 4:26 PM, Graham Bloice 
wrote:

>
>
> On 5 April 2016 at 15:03, Juan Jose Martin Carrascosa 
> wrote:
>
>> Hi everybody,
>>
>> I want to compile a plugin (C file) in Windows, to generate a .dll and
>> provide it to Wireshark. I don't want to compile the whole tree of
>> Wireshark. I just want to compile this C file.
>>
>> Does anybody have any resource/idea/instructions that can help me?
>>
>> Thanks,
>> Juanjo Martin
>>
>>
> At present we don't support that scenario.  You have to provide a full
> build environment and compile your plugin there.
>
> --
> Graham Bloice
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Building installer for Windows

[Juan Jose Martin Carrascosa]

Hi all,

Did we change this?

Run

> msbuild /m /p:Configuration=RelWithDebInfo nsis_package_prep.vcxproj
> msbuild /m /p:Configuration=RelWithDebInfo nsis_package.vcxproj

to build a Wireshark installer.

I can't find those projects.

Thanks,

Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Building installer for Windows

[Juan Jose Martin Carrascosa]

True:

//Path to the makensis utility.
MAKENSIS_EXECUTABLE:FILEPATH=MAKENSIS_EXECUTABLE-NOTFOUND

Thanks Graham.

On Tue, Apr 5, 2016 at 7:00 PM, Graham Bloice 
wrote:

>
>
> On 5 April 2016 at 17:30, Juan Jose Martin Carrascosa 
> wrote:
>
>> Hi all,
>>
>> Did we change this?
>>
>> Run
>>
>> > msbuild /m /p:Configuration=RelWithDebInfo nsis_package_prep.vcxproj
>> > msbuild /m /p:Configuration=RelWithDebInfo nsis_package.vcxproj
>>
>> to build a Wireshark installer.
>>
>> I can't find those projects.
>>
>> Thanks,
>>
>> Juanjo Martin
>>
>>
> Nope, they should be in the top-level of your build directory.  Do you
> have NSIS installed?  Did CMake find it (look in the CMakeCache.txt in the
> build dir for MAKENSIS_EXECUTABLE)?
>
> --
> Graham Bloice
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Duplicate dissectors error

[Juan Jose Martin Carrascosa]

Hi everybody,

I am adding plugins to my Wireshark installation, so they register
themselves in the table rtps.type_name (created in packet-rtps.c).

Duplicate dissectors (null) and (null) for protocol Custom in dissector
table rtps.type_name
Duplicate dissectors (null) and (null) for protocol Custom_A in dissector
table rtps.type_name
Duplicate dissectors (null) and (null) for protocol Custom_A in dissector
table rtps.type_name
Duplicate dissectors (null) and (null) for protocol Custom_A in dissector
table rtps.type_name
Duplicate dissectors (null) and (null) for protocol (none) in dissector
table rtps.type_name

That error message comes from dissector_add_for_decode_as(). Actually, I
don't expect my dissectors to be called from decode_as...

Few things:

1) This message is printed to stderr instead of using any Logging API.
Should we change that?

2) Which is the right way to design this so I don't get those errors? I
could change the value DISSECTOR_TABLE_NOT_ALLOW_DUPLICATE
to DISSECTOR_TABLE_ALLOW_DUPLICATE when I create the rtps.type_name table
but I'd prefer to solve the issue instead of patching it.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Duplicate dissectors error

[Juan Jose Martin Carrascosa]

Hi Guy,

Thanks for your answer. What I meant regarding the logging API is to use
something that can be disabled changing the verbosity of Wireshark. I've
seen that previously.

The plugins are added using dissector_add_string() to the rtps.type_name
table. What is the side effect of adding duplicated protocols? Just issues
with "decode as"? If that is the only side effect, I can live with it.

Let me know if I can provide more information.

Thanks,
Juanjo Martin

On Mon, Aug 29, 2016 at 5:31 PM, Guy Harris  wrote:

> On Aug 29, 2016, at 3:59 PM, Juan Jose Martin Carrascosa 
> wrote:
>
> > Hi everybody,
> >
> > I am adding plugins to my Wireshark installation, so they register
> themselves in the table rtps.type_name (created in packet-rtps.c).
> >
> > Duplicate dissectors (null) and (null) for protocol Custom in dissector
> table rtps.type_name
> > Duplicate dissectors (null) and (null) for protocol Custom_A in
> dissector table rtps.type_name
> > Duplicate dissectors (null) and (null) for protocol Custom_A in
> dissector table rtps.type_name
> > Duplicate dissectors (null) and (null) for protocol Custom_A in
> dissector table rtps.type_name
> > Duplicate dissectors (null) and (null) for protocol (none) in dissector
> table rtps.type_name
> >
> > That error message comes from dissector_add_for_decode_as(). Actually, I
> don't expect my dissectors to be called from decode_as...
> >
> > Few things:
> >
> > 1) This message is printed to stderr instead of using any Logging API.
> Should we change that?
>
> Well, that would first involve having a logging API to use.
>
> For command-line based programs such as TShark, it would print them to
> stderr; for Wireshark, it could put them in an "error console" window that
> the user could pop up.  (On some OSes, output to stderr from GUI programs
> shows up in a log window, but that's not guaranteed.)
>
> > 2) Which is the right way to design this so I don't get those errors? I
> could change the value DISSECTOR_TABLE_NOT_ALLOW_DUPLICATE to
> DISSECTOR_TABLE_ALLOW_DUPLICATE when I create the rtps.type_name table
> but I'd prefer to solve the issue instead of patching it.
>
> So what's the code that's registering your plugins (the reg_handoff
> routines for them)?
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Duplicate dissectors error

[Juan Jose Martin Carrascosa]

Glad to see that my question brought up such a nice discussion.

I think that so far I will go with allowing duplicates in rtps. I have
submitted this patch:

https://code.wireshark.org/review/#/c/17393/

Do I have your blessing? :)

Thanks,
Juanjo

On Mon, Aug 29, 2016 at 8:13 PM, Guy Harris  wrote:

> On Aug 29, 2016, at 7:58 PM, Michael Mann  wrote:
>
> > The "justified" ones  (i.e.  those not using Decode As) were changed to
> "duplicates allowed".
>
> Why not disable Decode As entries by default, so that
> dissector_add_for_decode_as() does nothing for the dissector table, and, in
> register_decode_as(), look up the dissector table by name and set the table
> to "allow Decode As entries"?
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] New statistics panel for RTPS

[Juan Jose Martin Carrascosa]

Hi everybody,

I need to estimate how many weeks more or less would it take to implement a
new panel in Statistics for RTPS. I think it's time to get this kind of
stuff done :)

I know everything about RTPS and I have been updating the dissector for a
long time. Also, I know how to navigate through the source code.

How many weeks do you think this can take? I just need a rough estimation.
Even if somebody says 10 weeks and it finally takes 15 I won't blame
everybody. I just need something so I can start thinking about it!

Thanks!
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] New statistics panel for RTPS

[Juan Jose Martin Carrascosa]

Thanks Roland. Exactly what I needed.

Also thanks for the prompt response.
Juanjo Martin

On Thu, Nov 3, 2016 at 11:52 AM, Roland Knall  wrote:

> Hi
>
> This depends on how sophisticated you want the final panel to be. If you
> just want to add new statistics for one dissector, this likely could be
> done in a week. Take a look at README.stats_tree for details in the doc
> subdirectory of the source-code.
>
> If you want a more sophisticated analysis done, this could take a little
> more time, but still well less than 10 weeks. Just keep in mind, that if
> you do not use the stats_tree, you will have to implement the new
> statistics for all three ui interfaces (Qt, GTK and tshark), which will
> take the majority of the timeframe.
>
> regards
> Roland
>
> On Thu, Nov 3, 2016 at 11:42 AM, Juan Jose Martin Carrascosa <
> jua...@rti.com> wrote:
>
>> Hi everybody,
>>
>> I need to estimate how many weeks more or less would it take to implement
>> a new panel in Statistics for RTPS. I think it's time to get this kind of
>> stuff done :)
>>
>> I know everything about RTPS and I have been updating the dissector for a
>> long time. Also, I know how to navigate through the source code.
>>
>> How many weeks do you think this can take? I just need a rough
>> estimation. Even if somebody says 10 weeks and it finally takes 15 I won't
>> blame everybody. I just need something so I can start thinking about it!
>>
>> Thanks!
>> Juanjo Martin
>>
>> 
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr
>> ibe
>>
>
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] New statistics panel for RTPS

[Juan Jose Martin Carrascosa]

Thanks Dario. Useful stuff!

On Thu, Nov 3, 2016 at 12:59 PM, Dario Lombardo  wrote:

> Sorry I meant 9bbc337 and 696fcdb.
>
> On Thu, Nov 3, 2016 at 12:54 PM, Dario Lombardo <
> dario.lombardo...@gmail.com> wrote:
>
>> Take a look at b845e29 and 38d08e0. They're 2 examples of stats_tree for
>> DNS and HPFEEDS that do exactly what Roland said. Use them as examples.
>>
>> On Thu, Nov 3, 2016 at 11:56 AM, Juan Jose Martin Carrascosa <
>> jua...@rti.com> wrote:
>>
>>> Thanks Roland. Exactly what I needed.
>>>
>>> Also thanks for the prompt response.
>>> Juanjo Martin
>>>
>>> On Thu, Nov 3, 2016 at 11:52 AM, Roland Knall  wrote:
>>>
>>>> Hi
>>>>
>>>> This depends on how sophisticated you want the final panel to be. If
>>>> you just want to add new statistics for one dissector, this likely could be
>>>> done in a week. Take a look at README.stats_tree for details in the doc
>>>> subdirectory of the source-code.
>>>>
>>>> If you want a more sophisticated analysis done, this could take a
>>>> little more time, but still well less than 10 weeks. Just keep in mind,
>>>> that if you do not use the stats_tree, you will have to implement the new
>>>> statistics for all three ui interfaces (Qt, GTK and tshark), which will
>>>> take the majority of the timeframe.
>>>>
>>>> regards
>>>> Roland
>>>>
>>>> On Thu, Nov 3, 2016 at 11:42 AM, Juan Jose Martin Carrascosa <
>>>> jua...@rti.com> wrote:
>>>>
>>>>> Hi everybody,
>>>>>
>>>>> I need to estimate how many weeks more or less would it take to
>>>>> implement a new panel in Statistics for RTPS. I think it's time to get 
>>>>> this
>>>>> kind of stuff done :)
>>>>>
>>>>> I know everything about RTPS and I have been updating the dissector
>>>>> for a long time. Also, I know how to navigate through the source code.
>>>>>
>>>>> How many weeks do you think this can take? I just need a rough
>>>>> estimation. Even if somebody says 10 weeks and it finally takes 15 I won't
>>>>> blame everybody. I just need something so I can start thinking about it!
>>>>>
>>>>> Thanks!
>>>>> Juanjo Martin
>>>>>
>>>>> 
>>>>> ___
>>>>> Sent via:Wireshark-dev mailing list 
>>>>> Archives:https://www.wireshark.org/lists/wireshark-dev
>>>>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>>>>  mailto:wireshark-dev-requ...@wireshark.org
>>>>> ?subject=unsubscribe
>>>>>
>>>>
>>>>
>>>> 
>>>> ___
>>>> Sent via:Wireshark-dev mailing list 
>>>> Archives:https://www.wireshark.org/lists/wireshark-dev
>>>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>>>  mailto:wireshark-dev-requ...@wireshark.org
>>>> ?subject=unsubscribe
>>>>
>>>
>>>
>>>
>>> --
>>>
>>> Juanjo Martin
>>> Senior Application Engineer
>>> Professional Services Group
>>> Office: +34 958 27 88 62
>>> Mobile: +34 656 30 20 56
>>> jua...@rti.com
>>> www.rti.com
>>>
>>> 
>>> ___
>>> Sent via:Wireshark-dev mailing list 
>>> Archives:https://www.wireshark.org/lists/wireshark-dev
>>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr
>>> ibe
>>>
>>
>>
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Correct way to add bytes to tree

[Juan Jose Martin Carrascosa]

Hi all,

I have what I need to add bytes to a tree using proto_tree_add_item or
proto_tree_add_bytes. The problem is that I want to customize the name of
the proto_item adding a couple of parameters that I know from before.
Something like this:

given id = 5 and length = 10, tvb, offset and length. Assuming that for
example the bytes are "a05651"

Displayed content should be:

*Member (id = 5, len = 10): a05651*

However, I can't make it work properly using the _format or _format_value
variants. It ends not adding the content of the bytes:

*Member (id = 5, len = 10):*

Any help?

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Correct way to add bytes to tree

[Juan Jose Martin Carrascosa]

Hi all,

Thanks for the prompt answers. I have ended up adding the value as a
sub-element. So I don't need to do what I specified above anymore.

Patch here! https://code.wireshark.org/review/#/c/19458/

Thanks,
Juanjo Martin

On Wed, Dec 28, 2016 at 8:46 PM, Alexis La Goutte  wrote:

> You can also look proto_item_append_text
>
> On Wed, Dec 28, 2016 at 7:54 PM, Jaap Keuter 
> wrote:
>
>> Hi,
>>
>> Sharing part of the relevant code would help answer your question, eg.
>> the proto_add_ calls tested.
>>
>> Thanks,
>> Jaap
>>
>> On 28 Dec 2016, at 19:09, Juan Jose Martin Carrascosa 
>> wrote:
>>
>> Hi all,
>>
>> I have what I need to add bytes to a tree using proto_tree_add_item or
>> proto_tree_add_bytes. The problem is that I want to customize the name of
>> the proto_item adding a couple of parameters that I know from before.
>> Something like this:
>>
>> given id = 5 and length = 10, tvb, offset and length. Assuming that for
>> example the bytes are "a05651"
>>
>> Displayed content should be:
>>
>> *Member (id = 5, len = 10): a05651*
>>
>> However, I can't make it work properly using the _format or _format_value
>> variants. It ends not adding the content of the bytes:
>>
>> *Member (id = 5, len = 10):*
>>
>> Any help?
>>
>> Thanks,
>> Juanjo Martin
>>
>>
>>
>> 
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr
>> ibe
>>
>
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] New GUI for specific protocol

[Juan Jose Martin Carrascosa]

Hi everybody,

I would like to write a new GUI to show nicely the information obtained
from the RTPS dissector. Can Wireshark help with that? Is there already a
process in place for this? Having a separate tool/GUI would work for me.

Just looking for recommendations/ideas that allow me to use the existing
capture engine so I don't need to duplicate the packet-rtps dissector (and
everything under it)...

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] New GUI for specific protocol

[Juan Jose Martin Carrascosa]

Makes sense. Thanks for the information. I will definitely look into this.

Thanks,
Juanjo Martin

On Tue, Jan 24, 2017 at 9:10 PM, Guy Harris  wrote:

> On Jan 24, 2017, at 9:51 AM, Juan Jose Martin Carrascosa 
> wrote:
>
> > I would like to write a new GUI to show nicely the information obtained
> from the RTPS dissector. Can Wireshark help with that?
>
> There is no provision in Wireshark for showing the raw dissection result
> (the protocol tree) differently.  This is intentional - dissectors are
> supposed to exist, and work, independently of any particular UI code
> (that's why TShark works).
>
> If you want to show information in some *other* form, you should write a
> tap with a GUI.  See doc/README.tapping for information on writing a tap.
> The tap's per-packet function is passed an epan_dissect_t pointer (which
> includes a pointer to the *entire* protocol tree, not just the subtree for
> the protocol being tapped) and a const void * that points to whatever data
> the dissector passes to the tap.
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] New GUI for specific protocol

[Juan Jose Martin Carrascosa]

Hi again,

Can somebody point to me any simple example? I am able to tap the dissector
but I would like to write now a simple app that prints a message in the
terminal every time the packet() function is called. I know this looks
simple, but it's been some time and I can't get this running...

Thanks,
Juanjo Martin

On Tue, Jan 24, 2017 at 9:10 PM, Guy Harris  wrote:

> On Jan 24, 2017, at 9:51 AM, Juan Jose Martin Carrascosa 
> wrote:
>
> > I would like to write a new GUI to show nicely the information obtained
> from the RTPS dissector. Can Wireshark help with that?
>
> There is no provision in Wireshark for showing the raw dissection result
> (the protocol tree) differently.  This is intentional - dissectors are
> supposed to exist, and work, independently of any particular UI code
> (that's why TShark works).
>
> If you want to show information in some *other* form, you should write a
> tap with a GUI.  See doc/README.tapping for information on writing a tap.
> The tap's per-packet function is passed an epan_dissect_t pointer (which
> includes a pointer to the *entire* protocol tree, not just the subtree for
> the protocol being tapped) and a const void * that points to whatever data
> the dissector passes to the tap.
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Add a protocol to the "decode as" option

[Juan Jose Martin Carrascosa]

Hi everybody,

I have a set of plugins that work on top of the RTPS protocol. Which is the
cleanest and right way to get this set of plugins available when I click in
"decode as" in a RTPS packet?

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Best way to give configuration information to a protocol

[Juan Jose Martin Carrascosa]

Hi all,

Which is the best way to pass configuration to a protocol? Do we have any
builtin mechanisms? I tried to upload a patch using CSV at some point but
it didn't succeed. So I wonder if there is any recommended way I can
implement: table or list in the Preferences, XML file, CSV file...

My goal is to pass ("*GUID*", "*plugin_name*") pairs to the RTPS protocol
so Wireshark knows dynamically what plugin it should call to deserialize
data that is written by the DataWriter with id = "GUID". The GUID is part
of the DATA packet and it is already dissected and known at that point.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Best way to give configuration information to a protocol

[Juan Jose Martin Carrascosa]

Hi Pascal,

Thanks for your suggestion. I will definitely look into the UAT dialog.

The GUID / plugin mapping changes every time the system recorded is
rebooted so I can't hardcode the relationship in the Wireshark code. It has
to be dynamically configured. But it is OK to assume that in one pcap file
the relationship GUID / plugin is static.

Regards,
Juanjo Martin

On Mon, Sep 18, 2017 at 9:03 PM, Pascal Quantin 
wrote:

> Hi Juan Jose,
>
> 2017-09-18 17:12 GMT+02:00 Juan Jose Martin Carrascosa :
>
>> Hi all,
>>
>> Which is the best way to pass configuration to a protocol? Do we have any
>> builtin mechanisms? I tried to upload a patch using CSV at some point but
>> it didn't succeed. So I wonder if there is any recommended way I can
>> implement: table or list in the Preferences, XML file, CSV file...
>>
>> My goal is to pass ("*GUID*", "*plugin_name*") pairs to the RTPS
>> protocol so Wireshark knows dynamically what plugin it should call to
>> deserialize data that is written by the DataWriter with id = "GUID". The
>> GUID is part of the DATA packet and it is already dissected and known at
>> that point.
>>
>
> A UAT dialog could be appropriate for your needs. Several dissectors are
> already using it and can be taken as an example (packet-ipsec.c,
> packet-http.c, ...).
> Or if the GUID / plugin mapping never changes, you could create a
> dissector table and have your plugin register to this table (see
> register_dissector_table() / register_custom_dissector_table() and the
> corresponding dissector_add_XXX() functions).
>
> Best regards,
> Pascal.
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Best way to give configuration information to a protocol

[Juan Jose Martin Carrascosa]

Hi all,

I have now an UAT dialog. In the ~~copy_cb of the records, I am allocating
an object and passing it to a registry that I maintain in the dissector.

The registry is initialized like this:

  registry = wmem_map_new_autoreset(wmem_epan_scope(), wmem_file_scope(),
hash_by_guid, compare_by_guid);

However, if there is already an object in the UAT config file, when I start
Wireshark (I know that we are out of the file scope) I get the following
error:

*ERROR:wmem_core.c:52:wmem_alloc: assertion failed: (allocator->in_scope)*
*Aborted (core dumped)*

Because I am doing:

type_mapping_object = wmem_new(wmem_file_scope(), type_mapping);

My question is, how can I manage this situation? should I allocate the
object in a different callback? or should I change the scope? I have tried
wmem_epan_scope() and it doesn't work either.

My goal is to populate the registry with the information I have in the UAT
configuration file.

Thanks,
Juanjo Martin

On Mon, Sep 18, 2017 at 9:33 PM, Michael Mann via Wireshark-dev <
wireshark-dev@wireshark.org> wrote:

> I would agree that a dissector table for the GUIDs is probably the best
> way to go. I also just created a GUID dissector table in my recent work
> with Netmon.  grep "netmon.provider_id" for example of how to setup a GUID
> dissector table (it's much more straightforward than the DCE/RPC one)
>
>
> -Original Message-
> From: Pascal Quantin 
> To: Developer support list for Wireshark 
> Sent: Mon, Sep 18, 2017 3:03 pm
> Subject: Re: [Wireshark-dev] Best way to give configuration information to
> a protocol
>
> Hi Juan Jose,
>
> 2017-09-18 17:12 GMT+02:00 Juan Jose Martin Carrascosa :
>
> Hi all,
>
> Which is the best way to pass configuration to a protocol? Do we have any
> builtin mechanisms? I tried to upload a patch using CSV at some point but
> it didn't succeed. So I wonder if there is any recommended way I can
> implement: table or list in the Preferences, XML file, CSV file...
>
> My goal is to pass ("*GUID*", "*plugin_name*") pairs to the RTPS protocol
> so Wireshark knows dynamically what plugin it should call to deserialize
> data that is written by the DataWriter with id = "GUID". The GUID is part
> of the DATA packet and it is already dissected and known at that point.
>
>
> A UAT dialog could be appropriate for your needs. Several dissectors are
> already using it and can be taken as an example (packet-ipsec.c,
> packet-http.c, ...).
> Or if the GUID / plugin mapping never changes, you could create a
> dissector table and have your plugin register to this table (see
> register_dissector_table() / register_custom_dissector_table() and the
> corresponding dissector_add_XXX() functions).
>
> Best regards,
> Pascal.
> ___
> Sent via: Wireshark-dev mailing list 
> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe:
> https://www.wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
> 
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Exporting as CSV

[Juan Jose Martin Carrascosa]

Hi folks,

I am exporting as CSV the captured data. I have found that long fields are
exported partially. For example:

Field : 12345678901234567890123456789012345678901234567890
CSV export: 12345678901234567...

Is there any way to make the CSV export take into account the full content?
Changing this would save me tons of hours of work :-)

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] 2.4.2 Stable release doesn't compile in Centos 7.1 64 bits

[Juan Jose Martin Carrascosa]

Hi all,

I am trying to compile the source from the downloads webpage for version
2.4.2 and I get when doing make:

Making all in epan
make[2]: Entering directory `epan'
  LN_S ws_version_info.c
cp: missing destination file operand after ‘../ws_version_info.c’
Try 'cp --help' for more information.

Version 2.5.0 build 997-gdafb529 from the automated builds works. Is this a
known problem? I would like to use a "Stable release" if possible that is
why I don't want 2.5.0.

Regards,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] 2.4.2 Stable release doesn't compile in Centos 7.1 64 bits

[Juan Jose Martin Carrascosa]

Thanks João.

I am removing the line causing the error. Any issue in the main engine by
removing that? I just want it for local usage. I don't think that problems
with the version will cause big impact right? :-)

Regards,
Juanjo Martin



On Fri, Oct 27, 2017 at 2:36 PM, João Valverde <
joao.valve...@tecnico.ulisboa.pt> wrote:

>
>
> On 27-10-2017 13:05, Juan Jose Martin Carrascosa wrote:
>
>> Hi all,
>>
>> I am trying to compile the source from the downloads webpage for version
>> 2.4.2 and I get when doing make:
>>
>> Making all in epan
>> make[2]: Entering directory `epan'
>>LN_S ws_version_info.c
>> cp: missing destination file operand after ‘../ws_version_info.c’
>> Try 'cp --help' for more information.
>>
>> Version 2.5.0 build 997-gdafb529 from the automated builds works. Is this
>> a known problem?
>>
>
> No. It's a bug in the build, thanks for reporting, although why 2.4.2
> doesn't detect a working "ln -s" on your system is hard to guess.
>
> I would like to use a "Stable release" if possible
>
>> that is why I don't want 2.5.0.
>>
>> Regards,
>> Juanjo Martin
>>
>>
>> 
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>   mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe




-- 

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Gerrit patches with trailing whitespace

[Juan Jose Martin Carrascosa]

I think that you are talking about my just committed changes. I just did it
and I just checked in the website that it has the whitespaces...

As Evan said, I don't have it installed by default and I wasn't really
aware of the process (even reading the doc a couple of times). I am really
sorry.

I will take a look at how to "stop" my changes from being reviewed and fix
it.

Thanks!
Juanjo


On Mon, Aug 25, 2014 at 7:08 PM, Evan Huus  wrote:

> Probably they are simply not installing the hook - none of our tooling
> sets it up by default that I'm aware of.
>
> On Mon, Aug 25, 2014 at 1:06 PM, Graham Bloice
>  wrote:
> > When reviewing some submissions on Gerrit, I've noted a few with trailing
> > whitespace.  The git pre-commit hook always warns me of this, so how are
> > folks managing to do this?  Are they using clients that ignore the hook?
> >
> > --
> > Graham Bloice
> >
> >
> ___
> > Sent via:Wireshark-dev mailing list 
> > Archives:http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Equivalency between APIs

[Juan Jose Martin Carrascosa]

Hi all,

I need to remove the proto_tree_add_text calls, and I wanted to know if
this is equivalent:

Before:

ti_channel = proto_tree_add_text(rtps_parameter_tree, tvb, off, 0,
"Channel[%u]", ch);
channel_tree = proto_item_add_subtree(ti_channel,
ett_rtps_locator_filter_channel);

Now:
channel_tree = proto_tree_add_subtree_format(rtps_parameter_tree,
tvb, off, 0,
   ett_rtps_locator_filter_channel, &ti_channel, "Channel[%u]", ch);


Thanks!
Juanjo
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Equivalency between APIs

[Juan Jose Martin Carrascosa]

Thanks for your reply. Regarding the last comment, just to double check
since I am not very experienced on this... it would be like:

 channel_tree = proto_tree_add_subtree_format(rtps_parameter_tree, tvb,
off, 0,
   ett_rtps_locator_filter_channel, NULL, "Channel[%u]", ch);

True?

- Juanjo


On Tue, Aug 26, 2014 at 5:19 PM,  wrote:

>   You are correct.  proto_tree_add_subtree is for no printf-style
> arguments, proto_tree_add_subtree_format is for when you need printf-style
> arguments for your subtree.
>
> One thing to check (if you're compiler doesn't do it for you because
> somebody's will) is that you may no longer need the proto_item* passed into
> proto_tree_add_subtree[_format].
>
> Many dissectors had
> ti = proto_tree_add_text()
> subtree = proto_item_add_subtree(ti, ett)
>
> and never referenced ti again.  So when that's converted to
> proto_tree_add_subtree, you can just pass NULL in for the proto_item*
> parameter.
>
>
>
>
> -Original Message-
> From: Juan Jose Martin Carrascosa 
> To: Developer support list for Wireshark 
> Sent: Tue, Aug 26, 2014 9:43 am
> Subject: [Wireshark-dev] Equivalency between APIs
>
>  Hi all,
>
>  I need to remove the proto_tree_add_text calls, and I wanted to know if
> this is equivalent:
>
>  Before:
>
>   ti_channel = proto_tree_add_text(rtps_parameter_tree, tvb, off,
> 0, "Channel[%u]", ch);
> channel_tree = proto_item_add_subtree(ti_channel,
> ett_rtps_locator_filter_channel);
>
>  Now:
>  channel_tree =
> proto_tree_add_subtree_format(rtps_parameter_tree, tvb, off, 0,
>ett_rtps_locator_filter_channel, &ti_channel, "Channel[%u]",
> ch);
>
>
>  Thanks!
> Juanjo
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe 
> 
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Usage of BASE_CUSTOM

[Juan Jose Martin Carrascosa]

Hi all,

In a code review I was told to use proto_tree_add_item and BASE_CUSTOM to
replace this deprecated call:

  proto_tree_add_text(rtps_parameter_tree, tvb, offset, param_length,
"productVersion: %d.%d%c rev%d",
major, minor, release, revision);

I have been looking for documentation or guidelines but I can't find
anything. Can anyone help me with this? What would be the change? Pointing
me to any doc would be OK also.

Thanks,
Juanjo
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Usage of BASE_CUSTOM

[Juan Jose Martin Carrascosa]

Alexis,

I finally decided to create the subtree with inner elements as you
suggested.

Thanks!
Juanjo


On Thu, Aug 28, 2014 at 12:39 PM, Alexis La Goutte <
alexis.lagou...@gmail.com> wrote:

> On Thu, Aug 28, 2014 at 11:45 AM, Juan Jose Martin Carrascosa
>  wrote:
> > Hi all,
> >
> > In a code review I was told to use proto_tree_add_item and BASE_CUSTOM to
> > replace this deprecated call:
> >
> >   proto_tree_add_text(rtps_parameter_tree, tvb, offset, param_length,
> > "productVersion: %d.%d%c rev%d",
> > major, minor, release, revision);
>
> It will be better to use a proto_tree_add_item for each value ?
>  subtree= proto_tree_add_subtree_format(rtps_parameter_tree, tvb, off, 4,
> ett_rtps_locator_filter_channel,
> NULL"productVersion: %d.%d%c rev%d", major, minor, release, revision);
>
> proto_tree_add_item(subtree, hf_rtps_param_product_version_major ,
> tvb, offset, ENC_NA);
> proto_tree_add_item(subtree, hf_rtps_param_product_version_minor, tvb,
> offset+1, ENC_NA);
> proto_tree_add_item(subtree, hf_rtps_param_product_version_release ,
> tvb, offset+2, ENC_NA);
> proto_tree_add_item(subtree, hf_rtps_param_product_version_revision ,
> tvb, offset+3, ENC_NA);
>
> >
> > I have been looking for documentation or guidelines but I can't find
> > anything. Can anyone help me with this? What would be the change?
> Pointing
> > me to any doc would be OK also.
>
> You can look packet-ieee80211.c, there is some case with BASE_CUSTOM
> >
> > Thanks,
> > Juanjo
> >
> >
> ___
> > Sent via:Wireshark-dev mailing list 
> > Archives:http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Changing author of an already accepted change

[Juan Jose Martin Carrascosa]

Hi all,

My change has been accepted and merged to master, and I wonder if it would
be possible to change the author that appears in "git log".

Currently it shows Juanjo, and since everyone is showing their last name,
it would be great to show "Juanjo Martin".

How can I change that? I have seen that doing:

 git commit --amend --author="Juanjo Martin "

 I can do that, but that change must be accepted too, right?

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Changing author of an already accepted change

[Juan Jose Martin Carrascosa]

Then it's OK. I just wanted to be coherent with everyone's changes.

I have done this in my machine, so in the future changes it appears
correctly:

git config --global user.name "Juanjo Martin"

Thanks for the quick response!

Juanjo Martin


On Tue, Sep 2, 2014 at 6:56 PM, Evan Huus  wrote:

> Unfortunately it's been written in stone at this point. There is
> basically no way to modify history for a widely-distributed project
> like this (amending that commit would cause all sorts of conflicts for
> everybody who has a copy of the current git repository).
>
> The best we can do is probably add a note to the AUTHORS file or
> something...
>
> On Tue, Sep 2, 2014 at 12:51 PM, Juan Jose Martin Carrascosa
>  wrote:
> > Hi all,
> >
> > My change has been accepted and merged to master, and I wonder if it
> would
> > be possible to change the author that appears in "git log".
> >
> > Currently it shows Juanjo, and since everyone is showing their last
> name, it
> > would be great to show "Juanjo Martin".
> >
> > How can I change that? I have seen that doing:
> >
> >  git commit --amend --author="Juanjo Martin "
> >
> >  I can do that, but that change must be accepted too, right?
> >
> > Thanks,
> > Juanjo Martin
> >
> >
> ___
> > Sent via:Wireshark-dev mailing list 
> > Archives:http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] New dissector between existing protocols

[Juan Jose Martin Carrascosa]

Hi all!

I have to implement a new dissector that goes between TCP and RTPS. The
name is not decided yet so let's call it XXX. I wonder, what is the best
way to proceed here:

1) Currently, RTPS is already registered with UDP and TCP. Register it also
with XXX. I don't know what steps do I need to do in the XXX dissector to
let other dissectors listen to this one...

2) Do an #include packet-rtps.h in the packet-xxx.c dissector and call the
function dissect_rtps with its parameters.

3) Other approach that I am not aware of but you consider right.

Please, in case the proper way to do things is number one, can you point me
to any example or documentation? I am planning to provide this to the
Wireshark community and I want to make it correctly.

If you need any extra information, please let me know it.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] New dissector between existing protocols

[Juan Jose Martin Carrascosa]

Hi again,

I have been reading some source code (UDP), and I have found the following:

1) When the dissection is completed, we call "decode_udp_ports".
2) Within this function, we get a subset of the tvb with next_tvb =
tvb_new_subset(tvb, offset, len, reported_len);
3) We provide that subset to the heuristic dissectors registered
with call_heur_dissector_direct(udp_p_info->heur_dtbl_entry, next_tvb,
pinfo, tree, NULL);

I will assume that this is the way to go and I will implement it like this.

Thanks!
Juanjo Martin

On Thu, Nov 27, 2014 at 12:09 PM, Juan Jose Martin Carrascosa <
jua...@rti.com> wrote:

> Hi all!
>
> I have to implement a new dissector that goes between TCP and RTPS. The
> name is not decided yet so let's call it XXX. I wonder, what is the best
> way to proceed here:
>
> 1) Currently, RTPS is already registered with UDP and TCP. Register it
> also with XXX. I don't know what steps do I need to do in the XXX dissector
> to let other dissectors listen to this one...
>
> 2) Do an #include packet-rtps.h in the packet-xxx.c dissector and call the
> function dissect_rtps with its parameters.
>
> 3) Other approach that I am not aware of but you consider right.
>
> Please, in case the proper way to do things is number one, can you point
> me to any example or documentation? I am planning to provide this to the
> Wireshark community and I want to make it correctly.
>
> If you need any extra information, please let me know it.
>
> Thanks,
> Juanjo Martin
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] New dissector between existing protocols

[Juan Jose Martin Carrascosa]

Hi Anders,

Many thanks for your reply.

My protocol carries a magic word at the beginning and may go in whatever
port. So, it has to be heuristic. Right?

The protocols stack would be: IP -> TCP -> My protocol -> RTPS

I will take into account to include the preference to turn the heuristic
off.

Thanks,
Juanjo Martin

On Thu, Nov 27, 2014 at 1:37 PM, Anders Broman 
wrote:

>  Hi,
>
> “Next dissector” in TCP and UDP dissectors is by default determined by
> first looking at the port numbers and calling …try_port to see if a
> dissector is registered for that source or destination port if that fails
> it continues
>
> With the heuristic tables and finally calls the data dissector if no match
> was found.
>
>
>
> Heuristics works best for protocols with a distinct signature in the first
> bytes like a magic number. In other cases it works less well. RTP is an
> example of a protocol less suited for heuristics, obviously I don’t know how
>
> Well your protocol suits the bill.
>
>
>
> If your protocol always carries SRTP I’d implement it as a UDP/TCP
> protocol registering on port(ranges) specified in preferences the default
> being 0(not registered) and perhaps as a heuristic protocol too if the
> heuristic has a reasonable chance of success, perhaps with a preference to
> turn the heuristic off like in the RTP dissector.
>
>
>
> Then I’d look up the handle of the SRTP dissector and call that
> unconditionally for the payload of your protocol. Actually pretty much the
> way the RTP dissector works I think.
>
>
>
> Just my 2 cents
>
> Regards
>
> Anders
>
>
>
> *From:* wireshark-dev-boun...@wireshark.org [mailto:
> wireshark-dev-boun...@wireshark.org] *On Behalf Of *Juan Jose Martin
> Carrascosa
> *Sent:* den 27 november 2014 13:05
> *To:* Developer support list for Wireshark
> *Subject:* Re: [Wireshark-dev] New dissector between existing protocols
>
>
>
> Hi again,
>
>
>
> I have been reading some source code (UDP), and I have found the following:
>
>
>
> 1) When the dissection is completed, we call "decode_udp_ports".
>
> 2) Within this function, we get a subset of the tvb with next_tvb =
> tvb_new_subset(tvb, offset, len, reported_len);
>
> 3) We provide that subset to the heuristic dissectors registered
> with call_heur_dissector_direct(udp_p_info->heur_dtbl_entry, next_tvb,
> pinfo, tree, NULL);
>
>
>
> I will assume that this is the way to go and I will implement it like this.
>
>
>
> Thanks!
>
> Juanjo Martin
>
>
>
> On Thu, Nov 27, 2014 at 12:09 PM, Juan Jose Martin Carrascosa <
> jua...@rti.com> wrote:
>
> Hi all!
>
>
>
> I have to implement a new dissector that goes between TCP and RTPS. The
> name is not decided yet so let's call it XXX. I wonder, what is the best
> way to proceed here:
>
>
>
> 1) Currently, RTPS is already registered with UDP and TCP. Register it
> also with XXX. I don't know what steps do I need to do in the XXX dissector
> to let other dissectors listen to this one...
>
>
>
> 2) Do an #include packet-rtps.h in the packet-xxx.c dissector and call the
> function dissect_rtps with its parameters.
>
>
>
> 3) Other approach that I am not aware of but you consider right.
>
>
>
> Please, in case the proper way to do things is number one, can you point
> me to any example or documentation? I am planning to provide this to the
> Wireshark community and I want to make it correctly.
>
>
>
> If you need any extra information, please let me know it.
>
>
>
> Thanks,
>
> Juanjo Martin
>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] What Wireshark base version to use for customization

[Juan Jose Martin Carrascosa]

Hi all,

I have the task to customize and package a custom Wireshark version, so we
can provide that to our customers.

I wonder what Wireshark version should I use as base. The latest stable
release or the development release?

Also, I have been looking for the information to package binaries. So far,
I have found the README files, and the Development webpage
. Any other source of information I
can take a look at? My plan is to provide binaries for some Linux
distributions, Solaris, MacOS and Windows.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] What Wireshark base version to use for customization

[Juan Jose Martin Carrascosa]

Hi Anders,

Yes! I was aware of the licensing terms. Is it mandatory to provide the
source in the same bundle as the binary or on the other hand. I can mention
in our documentation that the source code is available, and if they ask for
it, provide it?

Thanks for the advice regarding the development version.

Juanjo Martin

On Wed, Dec 10, 2014 at 4:13 PM, Anders Broman 
wrote:

>  Hi,
>
> Note that under GPL you are obliged to supply the source code of your
> modifications if you distribute binaries to your customers.
>
> I would use the development version to get the bleeding edge stuff or the
> latest stable if stability is more of an issue.
>
>
>
> Regards
>
> Anders
>
>
>
> *From:* wireshark-dev-boun...@wireshark.org [mailto:
> wireshark-dev-boun...@wireshark.org] *On Behalf Of *Juan Jose Martin
> Carrascosa
> *Sent:* den 10 december 2014 14:39
> *To:* Developer support list for Wireshark
> *Subject:* [Wireshark-dev] What Wireshark base version to use for
> customization
>
>
>
> Hi all,
>
>
>
> I have the task to customize and package a custom Wireshark version, so we
> can provide that to our customers.
>
>
>
> I wonder what Wireshark version should I use as base. The latest stable
> release or the development release?
>
>
>
> Also, I have been looking for the information to package binaries. So far,
> I have found the README files, and the Development webpage
> <http://wiki.wireshark.org/Development>. Any other source of information
> I can take a look at? My plan is to provide binaries for some Linux
> distributions, Solaris, MacOS and Windows.
>
>
>
> Thanks,
>
> Juanjo Martin
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] What Wireshark base version to use for customization

[Juan Jose Martin Carrascosa]

Many thanks for the detailed info to everyone.

I already pushed some of my changes (already accepted) to the repository,
and I will keep doing that in the future.

I have a last question (technical one this time). Do you build Wireshark
for Solaris (9 and 10)? I am facing issues doing it and I want to know if
it is supposed to work and the problems are on my side.

Anyone here has done that before manually? Any recommendation on where to
get the missing packages?

Thanks!
Juanjo Martin

On Wed, Dec 10, 2014 at 5:17 PM, Graham Bloice 
wrote:

> Hi Juan,
>
> The GPL FAQ has answers for this type of question (
> http://www.gnu.org/licenses/gpl-faq.html, see the section "Distribution
> of programs released under the GNU licenses") but note that Wireshark is
> GPL 2.0.
>
> On 10 December 2014 at 15:21, Juan Jose Martin Carrascosa 
> wrote:
>
>> Hi Anders,
>>
>> Yes! I was aware of the licensing terms. Is it mandatory to provide the
>> source in the same bundle as the binary or on the other hand. I can mention
>> in our documentation that the source code is available, and if they ask for
>> it, provide it?
>>
>> Thanks for the advice regarding the development version.
>>
>> Juanjo Martin
>>
>> On Wed, Dec 10, 2014 at 4:13 PM, Anders Broman <
>> anders.bro...@ericsson.com> wrote:
>>
>>>  Hi,
>>>
>>> Note that under GPL you are obliged to supply the source code of your
>>> modifications if you distribute binaries to your customers.
>>>
>>> I would use the development version to get the bleeding edge stuff or
>>> the latest stable if stability is more of an issue.
>>>
>>>
>>>
>>> Regards
>>>
>>> Anders
>>>
>>>
>>>
>>> *From:* wireshark-dev-boun...@wireshark.org [mailto:
>>> wireshark-dev-boun...@wireshark.org] *On Behalf Of *Juan Jose Martin
>>> Carrascosa
>>> *Sent:* den 10 december 2014 14:39
>>> *To:* Developer support list for Wireshark
>>> *Subject:* [Wireshark-dev] What Wireshark base version to use for
>>> customization
>>>
>>>
>>>
>>> Hi all,
>>>
>>>
>>>
>>> I have the task to customize and package a custom Wireshark version, so
>>> we can provide that to our customers.
>>>
>>>
>>>
>>> I wonder what Wireshark version should I use as base. The latest stable
>>> release or the development release?
>>>
>>>
>>>
>>> Also, I have been looking for the information to package binaries. So
>>> far, I have found the README files, and the Development webpage
>>> <http://wiki.wireshark.org/Development>. Any other source of
>>> information I can take a look at? My plan is to provide binaries for some
>>> Linux distributions, Solaris, MacOS and Windows.
>>>
>>>
>>>
>>> Thanks,
>>>
>>> Juanjo Martin
>>>
>>>
>>> ___
>>> Sent via:Wireshark-dev mailing list 
>>> Archives:http://www.wireshark.org/lists/wireshark-dev
>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>>  mailto:wireshark-dev-requ...@wireshark.org
>>> ?subject=unsubscribe
>>>
>>
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:http://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
>
> --
> Graham Bloice
> Software Developer
> Trihedral UK Limited
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Mandatory content in additional documentation

[Juan Jose Martin Carrascosa]

Hi all,

I am working on preparing some bundles of a customized Wireshark version to
provide them to some of our customers, and I have a question regarding
documentation.

I am preparing a PDF, kind of a Getting Started guide, and I wonder if I
have to include any specific statement or content since Wireshark is open
source. If that is the case, can you point me to the content I have to
include?

Thanks! And Merry Christmas to everyone.

- Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Issues packaging Wireshark in Ubuntu

[Juan Jose Martin Carrascosa]

Hi all,

I have a very quick question: am I supposed to create deb packages by doing
"make debian-package"? The makefile doesn't recognize that option :(

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Issues packaging Wireshark in Ubuntu

[Juan Jose Martin Carrascosa]

It works perfectly. Many thanks for the prompt answer.

Juanjo Martin

On Fri, Jan 16, 2015 at 5:15 PM, Bálint Réczey 
wrote:

> Hi Juanjo,
>
> 2015-01-16 17:04 GMT+01:00 Juan Jose Martin Carrascosa :
> > Hi all,
> >
> > I have a very quick question: am I supposed to create deb packages by
> doing
> > "make debian-package"? The makefile doesn't recognize that option :(
> No, by running dpkg-buildpackage -rfakeroot.
>
> Cheers,
> Balint
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
>
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Adding folder to package and modifying its content in "packaging-time"

[Juan Jose Martin Carrascosa]

Hi all,

I have added a folder to the root folder and I would like to modify its
content when I create the packages. Is there any documentation regarding
what files do I have to modify?

I am packaging for Windows, Linux and Mac.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Issue with dissector on top of TCP

[Juan Jose Martin Carrascosa]

Hi all,

I am writing a dissector on top of TCP (let's call it Wrapper). For a given
TCP segment, I see that the payload length is 1460 bytes. Within those
bytes, I have messages of my Wrapper protocol.  The message length of my
protocol for those messages is 72 bytes.

This is, 20 x messages = 1440. The remainder is 20 bytes. And those 20
bytes are not being dissected nor used at all. (I have verified all this
information). Those 20 messages are the beginning of a new Wrapper message,
but the message is not completed in that segment.

The issue is that the next TCP segment starts 20 bytes later, and thus, it
results in dissection errors since that packet, making Malformed Packets or
not dissected packets almost everything.

I would need to know which is the proper way to let TCP know that those 20
bytes have to be used for the next segment.

Do I have to do anything with the tvb? or on the other hand I have to play
with the return value?

I have spent already a lot of hours on this and can't figure it out. I hope
anyone has any advice for this.

Thanks,
Juanjo
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Issue with dissector on top of TCP

[Juan Jose Martin Carrascosa]

Hi Anders,

Thanks for the prompt reply. I will give it a try.

Thanks again,
Juanjo

On Thu, Mar 19, 2015 at 4:23 PM, Anders Broman 
wrote:

>
>
>
>
> *From:* wireshark-dev-boun...@wireshark.org [mailto:
> wireshark-dev-boun...@wireshark.org] *On Behalf Of *Juan Jose Martin
> Carrascosa
> *Sent:* den 19 mars 2015 16:05
> *To:* Developer support list for Wireshark
> *Subject:* [Wireshark-dev] Issue with dissector on top of TCP
>
>
>
> Hi all,
>
>
>
> I am writing a dissector on top of TCP (let's call it Wrapper). For a
> given TCP segment, I see that the payload length is 1460 bytes. Within
> those bytes, I have messages of my Wrapper protocol.  The message length of
> my protocol for those messages is 72 bytes.
>
>
>
> This is, 20 x messages = 1440. The remainder is 20 bytes. And those 20
> bytes are not being dissected nor used at all. (I have verified all this
> information). Those 20 messages are the beginning of a new Wrapper message,
> but the message is not completed in that segment.
>
>
>
> The issue is that the next TCP segment starts 20 bytes later, and thus, it
> results in dissection errors since that packet, making Malformed Packets or
> not dissected packets almost everything.
>
>
>
> I would need to know which is the proper way to let TCP know that those 20
> bytes have to be used for the next segment.
>
>
>
> Do I have to do anything with the tvb? or on the other hand I have to play
> with the return value?
>
>
>
> I have spent already a lot of hours on this and can't figure it out. I
> hope anyone has any advice for this.
>
>
>
> Thanks,
>
> Juanjo
>
>
>
> See doc/README.dissector
>
>
>
> 2.7 Reassembly/desegmentation for protocols running atop TCP.
>
>
>
> Section 2.7.1 Using tcp_dissect_pdus(). Should probably work for you.
> Grep for tcp_dissect_pdus in the sources to find multiple examples on how
> to use it…
>
>
>
> Regards
>
> Anders
>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Usage of make-version.pl

[Juan Jose Martin Carrascosa]

Hi all,

I am building Wireshark for Windows, Linux and Mac. I have been reading and
analyzing the make-version.pl script and I have found that I am not a perl
expert: I have no idea about how to use version.conf.

Can anyone tell me what to put in version.conf and what arguments to use
when calling make-version.pl if I want to add an extra version like "-ABCD"?

For instance, Wireshark 1.99.1-ABCD. Sorry for the newbie question!

Thanks in advance,
Juanjo
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Usage of make-version.pl

[Juan Jose Martin Carrascosa]

Thanks for the prompt reply Pascal.

I already knew how to "hard code" it within configure.ac. I just wanted to
know if we had a more elegant way.

Thanks again, it is awesome to have this help since I am alone working on
this :)

Juanjo

On Mon, Mar 23, 2015 at 6:38 PM, Pascal Quantin 
wrote:

> 2015-03-23 17:49 GMT+01:00 Juan Jose Martin Carrascosa :
>
>> Hi all,
>>
>> I am building Wireshark for Windows, Linux and Mac. I have been reading
>> and analyzing the make-version.pl script and I have found that I am not
>> a perl expert: I have no idea about how to use version.conf.
>>
>> Can anyone tell me what to put in version.conf and what arguments to use
>> when calling make-version.pl if I want to add an extra version like
>> "-ABCD"?
>>
>> For instance, Wireshark 1.99.1-ABCD. Sorry for the newbie question!
>>
>>
> Hi Juanjo,
>
> this is supported natively for Windows, you just need to edit config.nmake
> to set the VERSION_EXTRA variable.
> For Linux/Mac, this does not seem to be supported out of the box. What you
> might try (but I have not verified this myself and I'm more a Windows guy
> so autofoo is kind of magic for me) is to edit configure.ac and put your
> string in the empty square brackets of the line:
> m4_append([version_micro_extra], [])
>
> Other might have a better answers ;)
>
> Regards,
> Pascal.
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Usage of make-version.pl

[Juan Jose Martin Carrascosa]

Actually, this is the one winning:

enable: 1
pkg_format: -ABCD
pkg_enable: 1

Thanks Pascal!

Juanjo

On Mon, Mar 23, 2015 at 6:47 PM, Pascal Quantin 
wrote:

>
>
> 2015-03-23 18:42 GMT+01:00 Juan Jose Martin Carrascosa :
>
>> Thanks for the prompt reply Pascal.
>>
>> I already knew how to "hard code" it within configure.ac. I just wanted
>> to know if we had a more elegant way.
>>
>> Thanks again, it is awesome to have this help since I am alone working on
>> this :)
>>
>> Juanjo
>>
>
> Did you give a try to the following command?
> perl make-version.pl --set-release
>
> with a version.conf file containing:
> enable: 1
> pkg_format: %#-ABCD
> pkg_enable: 1
>
> Pascal.
>
>
>> On Mon, Mar 23, 2015 at 6:38 PM, Pascal Quantin > > wrote:
>>
>>> 2015-03-23 17:49 GMT+01:00 Juan Jose Martin Carrascosa :
>>>
>>>> Hi all,
>>>>
>>>> I am building Wireshark for Windows, Linux and Mac. I have been reading
>>>> and analyzing the make-version.pl script and I have found that I am
>>>> not a perl expert: I have no idea about how to use version.conf.
>>>>
>>>> Can anyone tell me what to put in version.conf and what arguments to
>>>> use when calling make-version.pl if I want to add an extra version
>>>> like "-ABCD"?
>>>>
>>>> For instance, Wireshark 1.99.1-ABCD. Sorry for the newbie question!
>>>>
>>>>
>>> Hi Juanjo,
>>>
>>> this is supported natively for Windows, you just need to edit
>>> config.nmake to set the VERSION_EXTRA variable.
>>> For Linux/Mac, this does not seem to be supported out of the box. What
>>> you might try (but I have not verified this myself and I'm more a Windows
>>> guy so autofoo is kind of magic for me) is to edit configure.ac and put
>>> your string in the empty square brackets of the line:
>>> m4_append([version_micro_extra], [])
>>>
>>> Other might have a better answers ;)
>>>
>>> Regards,
>>> Pascal.
>>>
>>>
>>> ___
>>> Sent via:Wireshark-dev mailing list 
>>> Archives:https://www.wireshark.org/lists/wireshark-dev
>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>>  mailto:wireshark-dev-requ...@wireshark.org
>>> ?subject=unsubscribe
>>>
>>
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] dpkg-buildpackage -rfakeroot picking wrong version and dissectors

[Juan Jose Martin Carrascosa]

Hi all,

I am building a package for Ubuntu, and the debian packages I get as result
are not picking the proper customized version (set in configure.ac), but
what is worse, a custom dissector I wrote is not in the packages.

I did "make" before doing the packaging and ./wireshark-gtk is as I expect.

Do I have to configure anything else before doing dpkg-buildpackage
-rfakeroot?

By the way, the rest of the build system works sweet in Centos, Mac and
Windows.

Thanks,
Juanjo
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] dpkg-buildpackage -rfakeroot picking wrong version and dissectors

[Juan Jose Martin Carrascosa]

Thanks for the prompt reply Bálint.

So, I assume that what I did for the make build doesn't apply here. Does
anyone know how to modify the cmake build for:

1) add a dissector
2) add files to the package (for instance, a pdf in the root directory)
3) change the version

Any documentation/guidelines would be appreciated.

Thanks,
Juanjo

On Wed, Mar 25, 2015 at 3:36 PM, Bálint Réczey 
wrote:

> Hi Juanjo,
>
> 2015-03-25 15:26 GMT+01:00 Juan Jose Martin Carrascosa :
> > Hi all,
> >
> > I am building a package for Ubuntu, and the debian packages I get as
> result
> > are not picking the proper customized version (set in configure.ac), but
> > what is worse, a custom dissector I wrote is not in the packages.
> The Debian packages use the cmake-based build system thus you have your
> custimizations present there to be part of the packages.
>
> Cheers,
> Balint
>
> >
> > I did "make" before doing the packaging and ./wireshark-gtk is as I
> expect.
> >
> > Do I have to configure anything else before doing dpkg-buildpackage
> > -rfakeroot?
> >
> > By the way, the rest of the build system works sweet in Centos, Mac and
> > Windows.
> >
> > Thanks,
> > Juanjo
> >
> >
> ___
> > Sent via:Wireshark-dev mailing list 
> > Archives:https://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] dpkg-buildpackage -rfakeroot picking wrong version and dissectors

[Juan Jose Martin Carrascosa]

Well, after doing some awful research...

1) To add the dissector, I edited epan/CMakeLists.txt.
2) To add files to the package, I added my custom files to the same list
that colorfilters is, and it seems it work.
3) It seems the version is controlled in CMakeLists.txt using
PROJECT__VERSION and PROJECT_VERSION_EXTENSION.

I think I got it working. Thanks for the initial point Bálint.

Juanjo

On Wed, Mar 25, 2015 at 4:06 PM, Juan Jose Martin Carrascosa  wrote:

> Thanks for the prompt reply Bálint.
>
> So, I assume that what I did for the make build doesn't apply here. Does
> anyone know how to modify the cmake build for:
>
> 1) add a dissector
> 2) add files to the package (for instance, a pdf in the root directory)
> 3) change the version
>
> Any documentation/guidelines would be appreciated.
>
> Thanks,
> Juanjo
>
> On Wed, Mar 25, 2015 at 3:36 PM, Bálint Réczey 
> wrote:
>
>> Hi Juanjo,
>>
>> 2015-03-25 15:26 GMT+01:00 Juan Jose Martin Carrascosa :
>> > Hi all,
>> >
>> > I am building a package for Ubuntu, and the debian packages I get as
>> result
>> > are not picking the proper customized version (set in configure.ac),
>> but
>> > what is worse, a custom dissector I wrote is not in the packages.
>> The Debian packages use the cmake-based build system thus you have your
>> custimizations present there to be part of the packages.
>>
>> Cheers,
>> Balint
>>
>> >
>> > I did "make" before doing the packaging and ./wireshark-gtk is as I
>> expect.
>> >
>> > Do I have to configure anything else before doing dpkg-buildpackage
>> > -rfakeroot?
>> >
>> > By the way, the rest of the build system works sweet in Centos, Mac and
>> > Windows.
>> >
>> > Thanks,
>> > Juanjo
>> >
>> >
>> ___
>> > Sent via:Wireshark-dev mailing list 
>> > Archives:https://www.wireshark.org/lists/wireshark-dev
>> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>> >  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Windows automated builds migrated to CMake

[Juan Jose Martin Carrascosa]

Awesome. Good job!

- Juanjo

On Thursday, April 16, 2015, Graham Bloice 
wrote:

> Woohoo.
>
> Change to delete *.nmake incoming :-)
>
> On 16 April 2015 at 04:06, Gerald Combs  > wrote:
>
>> We reached a bit of a milestone today. The packages created by the
>> 32-bit and 64-bit Windows builders at
>> https://buildbot.wireshark.org/trunk/waterfall are now produced using
>> CMake and MSBuild.
>>
>> Thanks to everyone for helping to get the Windows CMake environment up
>> and running!
>>
>> ___
>> Sent via:Wireshark-dev mailing list > >
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> 
>> ?subject=unsubscribe
>>
>
>
>
> --
> Graham Bloice
> Software Developer
> Trihedral UK Limited
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Storing information to show it in future packets

[Juan Jose Martin Carrascosa]

Hi everyone,

I wonder which would be the best way to store information gathered from
captured packets so I can show it in packets captured after.

To give some context... in the RTPS protocol, information about the Writers
of the data is provided in the discovery phase (Type of data,
configuration, etc.). This phase happens at the beginning of the
communication.

After that, when user data samples are sent they just contain the Writer
ID. I would like to know, with regards to performance, which is the best
way to store the data and retrieve it. For instance, any kind of hash
table? Ideally, I would store all the information in something like this:

struct WriterInfo {
inner_struct writer_id; < key
string my_info_string;
string my_other_info_string;
gint my_info_int;
...
};

I have already a prototype up and running but I think that this is far from
being the best approach.

Regards,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Storing information to show it in future packets

[Juan Jose Martin Carrascosa]

I will. Thanks Graham!

On Tue, Sep 15, 2015 at 3:28 PM, Graham Bloice 
wrote:

> On 15 September 2015 at 14:07, Juan Jose Martin Carrascosa  > wrote:
>
>> Hi everyone,
>>
>> I wonder which would be the best way to store information gathered from
>> captured packets so I can show it in packets captured after.
>>
>> To give some context... in the RTPS protocol, information about the
>> Writers of the data is provided in the discovery phase (Type of data,
>> configuration, etc.). This phase happens at the beginning of the
>> communication.
>>
>> After that, when user data samples are sent they just contain the Writer
>> ID. I would like to know, with regards to performance, which is the best
>> way to store the data and retrieve it. For instance, any kind of hash
>> table? Ideally, I would store all the information in something like this:
>>
>> struct WriterInfo {
>> inner_struct writer_id; <<<<<<<<< key
>> string my_info_string;
>> string my_other_info_string;
>> gint my_info_int;
>> ...
>> };
>>
>> I have already a prototype up and running but I think that this is far
>> from being the best approach.
>>
>> Regards,
>> Juanjo Martin
>>
>
>
> You probably want to look at conversations in README.dissector,
> especially conversation_add_proto_data and conversation_get_proto_data.
>
> --
> Graham Bloice
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Compiling a plugin

[Juan Jose Martin Carrascosa]

Hi all,

I am looking for documentation regarding how to compile a plugin without
the build directory.

For instance, imagine I develop a plugin and I want to share it with a
colleague. He modifies something and wants to compile it. Does he need the
full build directory?

If any documentation about this exists, can you point me to it?

For your reference, I am interesting on doing it in Linux.

Thanks in advance.

Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Compiling a plugin

[Juan Jose Martin Carrascosa]

Graham and Dario,

Many thanks for the info. The option Dario suggests seems good enough for
this. I will try to use that approach. Analyzing the CMakeLists.txt file it
seems it won't require a lot of changes.

Thanks again. This definitively helps.

Juanjo Martin

On Wed, Sep 23, 2015 at 4:50 PM, Dario Lombardo  wrote:

> You can also start from this project of mine.
>
> https://github.com/crondaemon/hcrt-dissector
>
> This compiles a plugin using cmake without compiling the whole thing. The
> resulting .so can (or, better, was used to, since this is an old code) be
> installed inside the distribution wireshark. Hope it works for you.
>
> On Wed, Sep 23, 2015 at 3:52 PM, Juan Jose Martin Carrascosa <
> jua...@rti.com> wrote:
>
>> Hi all,
>>
>> I am looking for documentation regarding how to compile a plugin without
>> the build directory.
>>
>> For instance, imagine I develop a plugin and I want to share it with a
>> colleague. He modifies something and wants to compile it. Does he need the
>> full build directory?
>>
>> If any documentation about this exists, can you point me to it?
>>
>> For your reference, I am interesting on doing it in Linux.
>>
>> Thanks in advance.
>>
>> Juanjo Martin
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Send comments in Gerrit

[Juan Jose Martin Carrascosa]

Hi guys,

I don't remember how to send the answers to the comments I got in a
Code-Review. They are all drafts right now.

Can anybody help me? Sorry for the dumb question :)

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Printing floats using scientific notation when > than X digits

[Juan Jose Martin Carrascosa]

Hi team,

Do you think it would be possible to know at run-time when a float value
exceeds X digits? I would like to show the value using scientific notation
but not in all cases, and I am reaching a point where I think it is not
possible.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Printing floats using scientific notation when > than X digits

[Juan Jose Martin Carrascosa]

Hi all,

I solved the issue by using %-7g to print floats and %-16g to print
doubles. It chooses when using scientific notation and also adjusts the
output to the left.

Hope this helps anyone!

Thanks,
Juanjo Martin

On Wed, Nov 4, 2015 at 1:44 PM, Juan Jose Martin Carrascosa 
wrote:

> Hi team,
>
> Do you think it would be possible to know at run-time when a float value
> exceeds X digits? I would like to show the value using scientific notation
> but not in all cases, and I am reaching a point where I think it is not
> possible.
>
> Thanks,
> Juanjo Martin
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Review of Gerrit patch for RTPS

[Juan Jose Martin Carrascosa]

Hi everyone,

It has been almost two weeks and I am surprised I still didn't have a
review here. I am surprised because I always get reviews very early! (in
the first 24h, which is awesome).

https://code.wireshark.org/review/#/c/11602/

I understand that everyone might be busy. I just want to make sure this is
not missed since it is (in my opinion) a very cool feature for RTPS.

Any volunteers? :)

Thanks!
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Review of Gerrit patch for RTPS

[Juan Jose Martin Carrascosa]

I assumed that you were busy. Thanks for the answer.

Is there anything I can help with? I may be able to spend some hours this
weekend.

Thanks,
Juanjo Martin

On Wednesday, November 18, 2015, Pascal Quantin 
wrote:

> Hi Juan,
>
> 2015-11-18 17:36 GMT+01:00 Juan Jose Martin Carrascosa  >:
>
>> Hi everyone,
>>
>> It has been almost two weeks and I am surprised I still didn't have a
>> review here. I am surprised because I always get reviews very early! (in
>> the first 24h, which is awesome).
>>
>> https://code.wireshark.org/review/#/c/11602/
>>
>> I understand that everyone might be busy. I just want to make sure this
>> is not missed since it is (in my opinion) a very cool feature for RTPS.
>>
>> Any volunteers? :)
>>
>
> As you saw we are quite busy, and polishing Wireshark 2.0 is taking a good
> part or our bandwidth :)
> One of the interest of Gerrit is to ensure that patch sets do not get lost
> !
>
> Regards,
> Pascal.
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Review of Gerrit patch for RTPS

[Juan Jose Martin Carrascosa]

It makes sense. I will create a bug and attach a capture to it. Then I will
reference the bug from the Gerrit issue. That is the process right?

Thanks,
Juanjo Martin

On Thu, Nov 19, 2015 at 9:14 AM, Dario Lombardo  wrote:

> I think that attaching some samples would help a lot.
>
> On Wed, Nov 18, 2015 at 7:21 PM, Juan Jose Martin Carrascosa <
> jua...@rti.com> wrote:
>
>> I assumed that you were busy. Thanks for the answer.
>>
>> Is there anything I can help with? I may be able to spend some hours this
>> weekend.
>>
>> Thanks,
>> Juanjo Martin
>>
>> On Wednesday, November 18, 2015, Pascal Quantin 
>> wrote:
>>
>>> Hi Juan,
>>>
>>> 2015-11-18 17:36 GMT+01:00 Juan Jose Martin Carrascosa :
>>>
>>>> Hi everyone,
>>>>
>>>> It has been almost two weeks and I am surprised I still didn't have a
>>>> review here. I am surprised because I always get reviews very early! (in
>>>> the first 24h, which is awesome).
>>>>
>>>> https://code.wireshark.org/review/#/c/11602/
>>>>
>>>> I understand that everyone might be busy. I just want to make sure this
>>>> is not missed since it is (in my opinion) a very cool feature for RTPS.
>>>>
>>>> Any volunteers? :)
>>>>
>>>
>>> As you saw we are quite busy, and polishing Wireshark 2.0 is taking a
>>> good part or our bandwidth :)
>>> One of the interest of Gerrit is to ensure that patch sets do not get
>>> lost !
>>>
>>> Regards,
>>> Pascal.
>>>
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Merge to master-2.0

[Juan Jose Martin Carrascosa]

Hi all,

I got a merge approved for RTPS and it is available in master. I wanted to
try it with the build from:

https://www.wireshark.org/download/automated/

But I see only installers for master-2.0.

1) Do we have the same build infrastructure for master?
2) If the answer to (1) is NO, Is my feature going to be at some point in
master-2.0? (1df7c07 RTPS: Added Topic Information feature.)
3) Is it guaranteed that it's going to be in the next development release?
If not, how does it work?

Thanks!
Juanjo Martin

PS: Thanks Pascal for the prompt code-reviews.
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Call XML and JSON dissectors with new HTTP Content-Type

[Juan Jose Martin Carrascosa]

Hi all,

Web Integration Service (http://www.omg.org/spec/DDS-WEB/1.0/Beta2/) is a
new service that sends/receives DDS traffic (RTPS) over HTTP. The
serialization is not directly RTPS but a conversion handled internally,
that can be XML or JSON.

I would like to add support to show the content of the HTTP packets as it
is done for XML. The Content-Type is "application/dds-web+xml". If I change
it to "application/xml" internally, it works sweet.

How can I make Wireshark apply the XML dissector when
receiving "application/dds-web+xml"? I have been inspecting the code but I
want some advice since this is an important dissector.

I will implement this for myself, and once it is stable and I make sure it
doesn't change, I will push the changes to the community.

Also, knowing how to implement the equivalent for JSON would be awesome.

Thanks,
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Call XML and JSON dissectors with new HTTP Content-Type

[Juan Jose Martin Carrascosa]

Super nice! Thanks Alexis and Pascal for the prompt replies. It works.

I will commit my changes once they are final in the OMG.

Thanks,
Juanjo Martin

On Thu, Dec 17, 2015 at 1:51 PM, Alexis La Goutte  wrote:

> Hi,
>
> I will response the same reponse like Pascal
> for json if there is a application/dds-web+json, you need to add
>
> dissector_add_string("media_type", "application/dds-web+json",
> json_handle);
> on proto_reg_handoff_json() function from packet-json.c
>
> Cheers
>
> On Thu, Dec 17, 2015 at 1:48 PM, Pascal Quantin 
> wrote:
>
>> Hi Juan,
>>
>> 2015-12-17 13:40 GMT+01:00 Juan Jose Martin Carrascosa :
>>
>>> Hi all,
>>>
>>> Web Integration Service (http://www.omg.org/spec/DDS-WEB/1.0/Beta2/) is
>>> a new service that sends/receives DDS traffic (RTPS) over HTTP. The
>>> serialization is not directly RTPS but a conversion handled internally,
>>> that can be XML or JSON.
>>>
>>> I would like to add support to show the content of the HTTP packets as
>>> it is done for XML. The Content-Type is "application/dds-web+xml". If I
>>> change it to "application/xml" internally, it works sweet.
>>>
>>> How can I make Wireshark apply the XML dissector when
>>> receiving "application/dds-web+xml"? I have been inspecting the code but I
>>> want some advice since this is an important dissector.
>>>
>>
>> You probably simply need to add an entry in the default_media_types[]
>> array found at the beginning of epan/dissectors/packet-xml.c file.
>>
>>
>>>
>>> I will implement this for myself, and once it is stable and I make sure
>>> it doesn't change, I will push the changes to the community.
>>>
>>> Also, knowing how to implement the equivalent for JSON would be awesome.
>>>
>>
>> Does it have a specific Content-Type, like "application/dds-web+json"? If
>> yes, you simply need to add it in proto_reg_handoff_json() function.
>>
>> Pascal.
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 622 73 29 03
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Call XML and JSON dissectors with new HTTP Content-Type

[Juan Jose Martin Carrascosa]

It seems the strings are official and won't change in the specification.

Uploaded the patch: https://code.wireshark.org/review/#/c/12701/

If anyone has a couple of minutes... ;)

Thanks!
Juanjo Martin

On Thu, Dec 17, 2015 at 1:56 PM, Juan Jose Martin Carrascosa  wrote:

> Super nice! Thanks Alexis and Pascal for the prompt replies. It works.
>
> I will commit my changes once they are final in the OMG.
>
> Thanks,
> Juanjo Martin
>
> On Thu, Dec 17, 2015 at 1:51 PM, Alexis La Goutte <
> alexis.lagou...@gmail.com> wrote:
>
>> Hi,
>>
>> I will response the same reponse like Pascal
>> for json if there is a application/dds-web+json, you need to add
>>
>> dissector_add_string("media_type", "application/dds-web+json",
>> json_handle);
>> on proto_reg_handoff_json() function from packet-json.c
>>
>> Cheers
>>
>> On Thu, Dec 17, 2015 at 1:48 PM, Pascal Quantin > > wrote:
>>
>>> Hi Juan,
>>>
>>> 2015-12-17 13:40 GMT+01:00 Juan Jose Martin Carrascosa :
>>>
>>>> Hi all,
>>>>
>>>> Web Integration Service (http://www.omg.org/spec/DDS-WEB/1.0/Beta2/)
>>>> is a new service that sends/receives DDS traffic (RTPS) over HTTP. The
>>>> serialization is not directly RTPS but a conversion handled internally,
>>>> that can be XML or JSON.
>>>>
>>>> I would like to add support to show the content of the HTTP packets as
>>>> it is done for XML. The Content-Type is "application/dds-web+xml". If I
>>>> change it to "application/xml" internally, it works sweet.
>>>>
>>>> How can I make Wireshark apply the XML dissector when
>>>> receiving "application/dds-web+xml"? I have been inspecting the code but I
>>>> want some advice since this is an important dissector.
>>>>
>>>
>>> You probably simply need to add an entry in the default_media_types[]
>>> array found at the beginning of epan/dissectors/packet-xml.c file.
>>>
>>>
>>>>
>>>> I will implement this for myself, and once it is stable and I make sure
>>>> it doesn't change, I will push the changes to the community.
>>>>
>>>> Also, knowing how to implement the equivalent for JSON would be awesome.
>>>>
>>>
>>> Does it have a specific Content-Type, like "application/dds-web+json"?
>>> If yes, you simply need to add it in proto_reg_handoff_json() function.
>>>
>>> Pascal.
>>>
>>>
>>> ___
>>> Sent via:Wireshark-dev mailing list 
>>> Archives:https://www.wireshark.org/lists/wireshark-dev
>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>>  mailto:wireshark-dev-requ...@wireshark.org
>>> ?subject=unsubscribe
>>>
>>
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
>
> --
>
> Juanjo Martin
> Applications Engineer
> Professional Services Group
> Office: +34 958 27 88 62
> Mobile: +34 622 73 29 03
> jua...@rti.com
> www.rti.com
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 622 73 29 03
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Specify filter using API

[Juan Jose Martin Carrascosa]

Hi all,

Is there any way to specify the filter name using an API? Like, I use this
generic hf_field for my plugin and I specify the filter name in the code
paths.

It may not be the proper way to work when providing changes to the
community, but it would help a lot in my use case.

Thanks!
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Specify filter using API

[Juan Jose Martin Carrascosa]

Thanks for the info Guy.

I am not willing to hack the core, so I will go ahead with the multiple
fields.

Thanks,
Juanjo Martin

On Mon, Feb 8, 2016 at 6:21 PM, Guy Harris  wrote:

> On Feb 8, 2016, at 8:27 AM, Juan Jose Martin Carrascosa 
> wrote:
>
> > Is there any way to specify the filter name using an API? Like, I use
> this generic hf_field for my plugin and I specify the filter name in the
> code paths.
>
> No.
>
> You'll either have to create multiple fields (the preferred solution) or
> use a hacked version of the Wireshark core.
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 622 73 29 03
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Highlight fields

[Juan Jose Martin Carrascosa]

Hi all,

Let's say I have several submessages in a packet (RTPS). When I filter, one
of them matches so the whole RTPS (UDP datagram) matches and thus, it is
shown in the display. However, if the amount of submessages is large
(200?), it is quite tedious to find the matching submessage.

Is there any way in Wireshark (GUI or changing source code) to solve my
issue? Highlighting the field that makes something match a filter or
something like that.

Thanks!
Juanjo Martin
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Highlight fields

[Juan Jose Martin Carrascosa]

Do you know which would be the approach? I am willing to implement it. Any
idea is very much appreciated!

Thanks,
Juanjo

On Wed, Feb 10, 2016 at 1:45 PM, Roland Knall  wrote:

> Hi
>
> No, currently there is no direct way to do this. And any new way would
> require a change to the dissectors handling the messages
>
> regards
>
> On Wed, Feb 10, 2016 at 11:44 AM, Juan Jose Martin Carrascosa <
> jua...@rti.com> wrote:
>
>> Hi all,
>>
>> Let's say I have several submessages in a packet (RTPS). When I filter,
>> one of them matches so the whole RTPS (UDP datagram) matches and thus, it
>> is shown in the display. However, if the amount of submessages is large
>> (200?), it is quite tedious to find the matching submessage.
>>
>> Is there any way in Wireshark (GUI or changing source code) to solve my
>> issue? Highlighting the field that makes something match a filter or
>> something like that.
>>
>> Thanks!
>> Juanjo Martin
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 622 73 29 03
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Highlight fields

[Juan Jose Martin Carrascosa]

That idea sounds awesome and enough for me.

Can you tell me how to detect if a proto_item is passing a filter?

Thanks,
Juanjo

On Fri, Feb 12, 2016 at 3:22 PM, Jeff Morriss 
wrote:

> I'm not sure this would require changes to the dissectors.
>
> I would /think/ that this could be done similar to how the Expert Info
> system highlights the (tree) path down to the item to which the expert info
> is attached.  That is, it could be done in the proto_tree_add*() calls by,
> for example:
>
>1. Checking if the field being added was part of the display filter
>2. If so then highlighting the path back to the root of the tree (like
>the expert info calls do)
>
> I don't know, however, how you could visually distinguish expert info's
> from the "here is(are) your field(s)" highlights.
> On Wed, Feb 10, 2016 at 7:48 AM, Juan Jose Martin Carrascosa <
> jua...@rti.com> wrote:
>
>> Do you know which would be the approach? I am willing to implement it.
>> Any idea is very much appreciated!
>>
>> Thanks,
>> Juanjo
>>
>> On Wed, Feb 10, 2016 at 1:45 PM, Roland Knall  wrote:
>>
>>> Hi
>>>
>>> No, currently there is no direct way to do this. And any new way would
>>> require a change to the dissectors handling the messages
>>>
>>> regards
>>>
>>> On Wed, Feb 10, 2016 at 11:44 AM, Juan Jose Martin Carrascosa <
>>> jua...@rti.com> wrote:
>>>
>>>> Hi all,
>>>>
>>>> Let's say I have several submessages in a packet (RTPS). When I filter,
>>>> one of them matches so the whole RTPS (UDP datagram) matches and thus, it
>>>> is shown in the display. However, if the amount of submessages is large
>>>> (200?), it is quite tedious to find the matching submessage.
>>>>
>>>> Is there any way in Wireshark (GUI or changing source code) to solve my
>>>> issue? Highlighting the field that makes something match a filter or
>>>> something like that.
>>>>
>>>> Thanks!
>>>> Juanjo Martin
>>>>
>>>>
>>>> ___
>>>> Sent via:Wireshark-dev mailing list 
>>>> Archives:https://www.wireshark.org/lists/wireshark-dev
>>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>>>  mailto:wireshark-dev-requ...@wireshark.org
>>>> ?subject=unsubscribe
>>>>
>>>
>>>
>>>
>>> ___
>>> Sent via:Wireshark-dev mailing list 
>>> Archives:https://www.wireshark.org/lists/wireshark-dev
>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>>  mailto:wireshark-dev-requ...@wireshark.org
>>> ?subject=unsubscribe
>>>
>>
>>
>>
>> --
>>
>> Juanjo Martin
>> Applications Engineer
>> Professional Services Group
>> Office: +34 958 27 88 62
>> Mobile: +34 622 73 29 03
>> jua...@rti.com
>> www.rti.com
>>
>>
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org
>> ?subject=unsubscribe
>>
>
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>



-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 622 73 29 03
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Highlight fields

[Juan Jose Martin Carrascosa]

Shoot an email in this thread if you do so. I am highly interested on this
feature.

Thanks!
Juanjo

On Tuesday, February 23, 2016, Stig Bjørlykke  wrote:

> On Tue, Feb 23, 2016 at 9:11 PM, Jeff Morriss  > wrote:
>
>> (A first--and useful--step would be to highlight the tree item when
>> searching with a display filter.  Or maybe that's the whole solution?)
>>
>
> I'm already thinking about doing this in Find Packet with a display
> filter, so this could be common functionality.
>
>
> --
> Stig Bjørlykke
>


-- 

Juanjo Martin
Applications Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
jua...@rti.com
www.rti.com
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe