Re: [Wireshark-dev] error building wireshark-2.6.2 on RHEL 7.3

2018-07-30 Thread Richard Sharpe
actually build 2.6.2, I build master ... but I have been building it from before 2.6 was forked. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list Archives:https://www.w

Re: [Wireshark-dev] Wireshark 64bit on multicore CPU's

2018-07-26 Thread Richard Sharpe
ireShark runs on multi-core CPUs, it does not distribute the important work, AFAIK, among separate cores. In my experience, the things that improve Wireshark performance are: 1. Memory. 64GB or more. 2. Using SSDs or NVMe. -- Regards, Richard Sharpe

[Wireshark-dev] Didn't we just have SharkFest?

2018-07-06 Thread Richard Sharpe
https://www.nationalgeographic.com/tv/sharkfest/ -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe

Re: [Wireshark-dev] Wrongly escaped UTF-8 characters in JSON values ( epan/print.c )

2018-07-06 Thread Richard Sharpe
gt;> >> with >> >> default: >> fputc(*p, fh); >> >> I do not know the Wireshark code, so I am not submitting a patch. This, >> however, should work because JSON supports UTF-8 (see again [1]). >> >> [1] From the JSON page on Wikip

Re: [Wireshark-dev] Retrieving dissection result from another dissector

2018-07-03 Thread Richard Sharpe
of which serves the original purpose, > using file scope, and one of which serves this new purpose, using pinfo->pool > scope? That might make it more obvious what is going on when reading the code, so I think that

Re: [Wireshark-dev] Retrieving dissection result from another dissector

2018-07-03 Thread Richard Sharpe
_dissector_with_data() it should > work. Yes. Once you have a large enough number of parameters to any function anyway it becomes easier to pass in a pointer to a structure ... -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) __

Re: [Wireshark-dev] Retrieving dissection result from another dissector

2018-07-03 Thread Richard Sharpe
? You can pass in a void * pointer to a blob of data. Put the result in that blob of data. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list Archives:https://www.wire

Re: [Wireshark-dev] Support for WLAN SSID Parameter

2018-06-18 Thread Richard Sharpe
t; I would like this supported please? Do you have a capture with that tag in it? Can you send it along. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list Archives:https://www.wire

[Wireshark-dev] Issues around the handling of RSN and encryption headers in the 802.11 dissector

2018-05-28 Thread Richard Sharpe
, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev

Re: [Wireshark-dev] Does proto_deregister_field really work?

2018-05-28 Thread Richard Sharpe
On Sun, May 27, 2018 at 3:19 AM, Peter Wu <pe...@lekensteyn.nl> wrote: > Hi Richard, > > On Wed, May 09, 2018 at 04:51:13PM -0700, Richard Sharpe wrote: >> Hi folks, >> >> I have an application where I want to change the specification of an >> HF entry o

Re: [Wireshark-dev] Does proto_tree_add_bits_item treat the bits in a little endian manner as well of you say ENC_LITTLE_ENDIAN

2018-05-17 Thread Richard Sharpe
On Thu, May 17, 2018 at 3:41 AM, Peter Wu <pe...@lekensteyn.nl> wrote: > On Wed, May 16, 2018 at 08:32:12AM -0700, Richard Sharpe wrote: >> On Wed, May 16, 2018 at 8:01 AM, Richard Sharpe >> <realrichardsha...@gmail.com> wrote: >> > Hi folks, &

Re: [Wireshark-dev] Does proto_tree_add_bits_item treat the bits in a little endian manner as well of you say ENC_LITTLE_ENDIAN

2018-05-16 Thread Richard Sharpe
On Wed, May 16, 2018 at 8:01 AM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > Hi folks, > > I am seeing something weird with proto_tree_add_bits_item, although it > could be my misunderstanding as well. > > Attached are two screen shots showing the dissected

[Wireshark-dev] Does proto_deregister_field really work?

2018-05-09 Thread Richard Sharpe
to register a fixed array but modify the entries? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org

Re: [Wireshark-dev] How to merge Gerrit accounts created with Github and Google Oauth?

2018-05-06 Thread Richard Sharpe
___ > Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives:https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-d

Re: [Wireshark-dev] SPEC files

2018-04-24 Thread Richard Sharpe
e them? (It is not mandatory, just a convention.) Do the tools generate the SPEC file in the correct place? Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list <wireshark-de

Re: [Wireshark-dev] The latest master branch is not building wireshark or tshark for me

2018-04-17 Thread Richard Sharpe
On Tue, Apr 17, 2018 at 9:37 PM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > Hi, > > I just updated to the latest master branch and now find that it is > compulsory to use cmake. > > Unfortunately, and despite installing a bunch of qt5 packages so the >

[Wireshark-dev] The latest master branch is not building wireshark or tshark for me

2018-04-17 Thread Richard Sharpe
, as far as I can see. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshark-dev Unsub

Re: [Wireshark-dev] Building latest Wireshark master gives undefined reference to `hb_font_funcs_set_nominal_glyph_func' on RHEL 7.2

2018-04-14 Thread Richard Sharpe
On Sat, Apr 14, 2018 at 4:18 PM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > Hi folks, > > I am trying to build the latest master on RHEL7.2 and am getting this: > > /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/libQt5Gui.so:

[Wireshark-dev] Building latest Wireshark master gives undefined reference to `hb_font_funcs_set_nominal_glyph_func' on RHEL 7.2

2018-04-14 Thread Richard Sharpe
Hi folks, I am trying to build the latest master on RHEL7.2 and am getting this: /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/libQt5Gui.so: undefined reference to `hb_font_funcs_set_nominal_glyph_func' Does anyone know what library I need? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹

Re: [Wireshark-dev] Lua Dissector Dev Tool

2018-03-29 Thread Richard Sharpe
't think this is going to be a big issue. If you are aware > of the syntactic differences, you can write a 5.2 compatible dissector and > run it on Wirebait 5.3. I have no contribution to these issues. However, I think the name 'sharkbait' would be a catchier n

Re: [Wireshark-dev] Removal of one of my gerrit accounts

2018-03-22 Thread Richard Sharpe
Who can help? Gerald can, I believe. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wires

Re: [Wireshark-dev] 802.11 decryption in Wireshark

2018-03-16 Thread Richard Sharpe
seek in epan/crypt/dot11decrypt.c -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshar

Re: [Wireshark-dev] Building a protocol tree

2018-03-11 Thread Richard Sharpe
oud.com > __________ > > ___ > Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives:https://www.wireshark.org/list

[Wireshark-dev] UTF-8 SSIDs in 802.11

2018-03-07 Thread Richard Sharpe
*ssid or guchar *ssid above? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe:

[Wireshark-dev] Seeing these errors with packet-quic.c because I don't have certain libraries ...

2018-03-01 Thread Richard Sharpe
*quic_tree, guint offset, quic_info_data_t *quic_info, guint32 pkn){ ^ cc1: all warnings being treated as errors -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via

Re: [Wireshark-dev] Creating a TVB

2018-02-28 Thread Richard Sharpe
There is a section on > TVBUFF_SUBSET but that doesn’t seem relevant. > > How do I get the block data into a TVB, preferably without having to copy > it? Do functions like tvb_new_subset* not work for you? Check existing dissectors. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) __

[Wireshark-dev] Should I be creating review requests for 2.5.x for the 802.11ax code changes?

2018-02-25 Thread Richard Sharpe
Hi folks, Now that 2.5 appears to have branched, will changes in master automatically be pulled into 2.5.next, or do I need to create review requests for them via Gerritt? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操

[Wireshark-dev] Why does Gerritt sometimes allow a merge but other times want a cherry-pick?

2018-02-23 Thread Richard Sharpe
Hi folks, I notice that Gerritt wants to use a cherry-pick strategy for my latest changes for bug 14455 here https://code.wireshark.org/review/#/c/26046 I am not sure how to proceed at this point? Do I cherry-pick the change to master? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操

Re: [Wireshark-dev] Windows builds seem to fail with some frequency even though the Linux builds don't!

2018-02-21 Thread Richard Sharpe
On Wed, Feb 21, 2018 at 7:41 AM, Graham Bloice <graham.blo...@trihedral.com> wrote: > > > On 21 February 2018 at 15:24, Richard Sharpe <realrichardsha...@gmail.com> > wrote: >> >> On Wed, Feb 21, 2018 at 2:55 AM, Graham Bloice >> <graham.blo...@trihed

Re: [Wireshark-dev] Windows builds seem to fail with some frequency even though the Linux builds don't!

2018-02-21 Thread Richard Sharpe
On Wed, Feb 21, 2018 at 2:55 AM, Graham Bloice <graham.blo...@trihedral.com> wrote: > > > On 20 February 2018 at 18:01, Richard Sharpe <realrichardsha...@gmail.com> > wrote: >> >> Hi, >> >> I have noticed over the last few days that Windows builds

Re: [Wireshark-dev] gerrit registration problems

2018-02-20 Thread Richard Sharpe
festation? Is it this one? https://code.wireshark.org/review/#/c/25956/ -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.

[Wireshark-dev] Windows builds seem to fail with some frequency even though the Linux builds don't!

2018-02-20 Thread Richard Sharpe
Hi, I have noticed over the last few days that Windows builds are failing quite a lot even though the Linux builds are not. Also, I cannot seem to find the reason for the build failures. Is it something I am doing? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操

Re: [Wireshark-dev] IEEE802.11 Block Ack esoterica question

2018-02-19 Thread Richard Sharpe
nsert BAR and BA in places, so it will probably be better to conform to the spec. There is a relatively easy to do that, I believe. > On Mon, Feb 19, 2018 at 12:39 PM, Richard Sharpe > <realrichardsha...@gmail.com> wrote: >> >> On Mon, Feb 19, 2018 at 12:33 PM, Simon Barber vi

Re: [Wireshark-dev] IEEE802.11 Block Ack esoterica question

2018-02-19 Thread Richard Sharpe
(but not HE block acks ...) It is, of course, mixed in with a lot of other changes: https://code.wireshark.org/review/#/c/25685 > On Mon, Feb 19, 2018 at 12:13 PM, Richard Sharpe > <realrichardsha...@gmail.com> wrote: >> >> Hi folks, >> >> In handling 802.11ax

[Wireshark-dev] IEEE802.11 Block Ack esoterica question

2018-02-19 Thread Richard Sharpe
no just 'wlan.ba.blah-blah'. Does anyone have an opinion on whether or not that is unreasonable? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Ar

Re: [Wireshark-dev] Face issues while installing wireshark on rhel 7

2018-02-13 Thread Richard Sharpe
ad it. You know there is an app on RHEL for taking a screen shot, don't you? That way you don't have to worry about holding the camera steady. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list

Re: [Wireshark-dev] How does tshark "synchronize" multiple interfaces?

2018-02-06 Thread Richard Sharpe
On Tue, Feb 6, 2018 at 9:07 AM, S. Jacobi <sjac...@mailueberfall.de> wrote: > On Tue, 6 Feb 2018 09:05:14 -0800 > Richard Sharpe <realrichardsha...@gmail.com> wrote: > >> On Tue, Feb 6, 2018 at 8:39 AM, S. Jacobi <sjac...@mailueberfall.de> >> wrote: >>

Re: [Wireshark-dev] How does tshark "synchronize" multiple interfaces?

2018-02-06 Thread Richard Sharpe
teful for > any information on this. As far as I am aware it is the kernel that is doing this. Also, I believe that only Linux supports the any device. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:

Re: [Wireshark-dev] How is wireshark unpacking SMB Packets?

2018-02-05 Thread Richard Sharpe
code of wireshark for this part. Well, the source code is all there in epan/dissectors/packet-smb.c and packet-smb2.c etc. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wi

Re: [Wireshark-dev] What's the process to get a Zookeeper dissector packaged with wireshark?

2018-01-24 Thread Richard Sharpe
Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives:https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe -- Regards

[Wireshark-dev] Configure is not setting #ifdef HAVE_LIBGCRYPT_AEAD so get compile errors

2018-01-22 Thread Richard Sharpe
){ ^ cc1: all warnings being treated as errors This appears to be because, although I have libgcrypt-devel installed, configure is not finding what it wants. Can we fix this? #ifdef that function as well? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操

[Wireshark-dev] Outstanding changes I would like to get in ...

2018-01-19 Thread Richard Sharpe
stuff on the radiotap dissector that I need to complete but that also can go in as updates. I think I also have some DPP updates as well. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list

[Wireshark-dev] Where do I find the nascent release notes so I can update them for 802.11ax

2018-01-18 Thread Richard Sharpe
Hi folks, If we decide to include the 802.11ax changes I guess the release notes need to be updated. How do I do that? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-

Re: [Wireshark-dev] Subtree expand/collapse tracking

2018-01-13 Thread Richard Sharpe
reshark.org/bugzilla/show_bug.cgi?id=14340 > > On Windows 7 64 Bit it's the same problem. > Does no one else notice this? I think I have seen this under Linux as well with builds from Master ... not sure how far it goes back but I can easily test 2.0.1. -

[Wireshark-dev] Does tshark use the preferences that you have established with Wireshark?

2018-01-12 Thread Richard Sharpe
Hi Folks, Does tshark use your Wireshark preferences as well? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wiresha

Re: [Wireshark-dev] EAPOL and Key MIC values longer than 16 bytes

2018-01-03 Thread Richard Sharpe
On Tue, Jan 2, 2018 at 11:16 PM, Guy Harris <g...@alum.mit.edu> wrote: > On Jan 2, 2018, at 9:02 PM, Richard Sharpe <realrichardsha...@gmail.com> > wrote: > >> The DPP spec requires the EAPOL Key MIC length to be the same as the >> Nonce length. > >

[Wireshark-dev] EAPOL and Key MIC values longer than 16 bytes

2018-01-02 Thread Richard Sharpe
is 24 bytes, not the 32 bytes I am seeing. Perhaps the only thing I can do is to introduce a preference for EAPOL that allows the user to specify a different Key MIC size. Thoughts. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操

[Wireshark-dev] Do the Petri-disk builds build something I can install?

2017-12-27 Thread Richard Sharpe
Hi Folks, Will I get something I can install from the petri-dish builds and if so, where can I get them? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.

Re: [Wireshark-dev] Build issues with packet-ieee80211.c

2017-12-24 Thread Richard Sharpe
On Sun, Dec 24, 2017 at 7:08 AM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > On Sun, Dec 24, 2017 at 1:16 AM, Martin Mathieson via Wireshark-dev > <wireshark-dev@wireshark.org> wrote: >> Hi Richard, >> >> Please see https://code.wireshark.org/review

Re: [Wireshark-dev] Build issues with packet-ieee80211.c

2017-12-24 Thread Richard Sharpe
’ defined but not > used [-Werror=unused-const-variable=] static const value_string > vht_max_mpdu_in_amsdu[] = { H, that should not have happened. Thanks. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:

Re: [Wireshark-dev] Build issues with packet-quic.c

2017-12-23 Thread Richard Sharpe
On Sat, Dec 23, 2017 at 1:44 PM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > On Sat, Dec 23, 2017 at 1:25 PM, Dario Lombardo > <dario.lombardo...@gmail.com> wrote: >> Hi Richard, and Merry Christmas to you! >> Which version are you using? Git blame shows m

Re: [Wireshark-dev] Build issues with packet-quic.c

2017-12-23 Thread Richard Sharpe
> my compilers. Hmmm, strange. I am using the latest master ... maybe my default compiler flags are more strict ... I am building on something that is like RHEL 7.2 with gcc 4.8.5 but it just started happening ... and it seems to occur when I pull in Alexis' recent changes. -- Regards, Ri

[Wireshark-dev] Build issues with packet-quic.c

2017-12-23 Thread Richard Sharpe
:471:32: note: 'num_ts' was declared here guint8 num_blocks = 0, num_ts; Is it fixed already? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.

Re: [Wireshark-dev] size_t under Windows ...

2017-11-24 Thread Richard Sharpe
On Fri, Nov 24, 2017 at 11:52 AM, Guy Harris <g...@alum.mit.edu> wrote: > On Nov 23, 2017, at 2:12 PM, Richard Sharpe <realrichardsha...@gmail.com> > wrote: > >> I am running into problems with this in my latest build: >> >> #if defined(_WIN32) >>

[Wireshark-dev] size_t under Windows ...

2017-11-23 Thread Richard Sharpe
ndif I suspect that I should simply define both of those as size_t and get rid of the Windows specific stuff. Does any one else have an opinion? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing

Re: [Wireshark-dev] Processing packet before exporting it.

2017-11-22 Thread Richard Sharpe
;> >> As Guy already explained you, Wireshark is not designed to modify >> packets, only to interpret their content. So this is not the right tools for >> your needs and that's probably why no one else replied to your previous >> similar questions. >> >> Best

Re: [Wireshark-dev] RTP packet dissection in C#

2017-11-17 Thread Richard Sharpe
a:Wireshark-dev mailing list <wireshark-dev@wireshark.org> >> Archives:https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> >> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe > > &

Re: [Wireshark-dev] Multiple TRANSUM fixes

2017-11-13 Thread Richard Sharpe
ent, can I list the bugs? And if I do, will gerrit > update Bugzilla? I'm guessing not for all, so what the best way to handle > this? > > Thanks and regards...Paul > > -Original Message- > From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of &g

Re: [Wireshark-dev] Multiple TRANSUM fixes

2017-11-13 Thread Richard Sharpe
ng when we reopen that one bug. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https

Re: [Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-12 Thread Richard Sharpe
On Sat, Nov 11, 2017 at 10:25 AM, Guy Harris <g...@alum.mit.edu> wrote: > On Nov 11, 2017, at 9:55 AM, Richard Sharpe <realrichardsha...@gmail.com> > wrote: > >> Hmmm, the problem really seems to be that my dev environment fails to >> find pcap_open so it cannot s

Re: [Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-11 Thread Richard Sharpe
On Sat, Nov 11, 2017 at 11:38 AM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > On Sat, Nov 11, 2017 at 11:11 AM, Guy Harris <g...@alum.mit.edu> wrote: >> On Nov 11, 2017, at 11:06 AM, Richard Sharpe <realrichardsha...@gmail.com> >> wrote: >>

Re: [Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-11 Thread Richard Sharpe
On Sat, Nov 11, 2017 at 11:11 AM, Guy Harris <g...@alum.mit.edu> wrote: > On Nov 11, 2017, at 11:06 AM, Richard Sharpe <realrichardsha...@gmail.com> > wrote: > >> Sure. The immediate problem though is that acinclude.m4 assumes that >> checking for pcap_open is

Re: [Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-11 Thread Richard Sharpe
On Sat, Nov 11, 2017 at 10:52 AM, Guy Harris <g...@alum.mit.edu> wrote: > On Nov 11, 2017, at 10:45 AM, Richard Sharpe <realrichardsha...@gmail.com> > wrote: > >> I notice that the latest libpcap git repo calls pcap_open_rpcap from >> pcap_open_live ... but I d

Re: [Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-11 Thread Richard Sharpe
On Sat, Nov 11, 2017 at 10:25 AM, Guy Harris <g...@alum.mit.edu> wrote: > On Nov 11, 2017, at 9:55 AM, Richard Sharpe <realrichardsha...@gmail.com> > wrote: > >> Hmmm, the problem really seems to be that my dev environment fails to >> find pcap_open so it cannot s

Re: [Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-11 Thread Richard Sharpe
On Sat, Nov 11, 2017 at 8:19 AM, Pascal Quantin <pascal.quan...@gmail.com> wrote: > > > Le 11 nov. 2017 17:15, "Richard Sharpe" <realrichardsha...@gmail.com> a > écrit : > > On Sat, Nov 11, 2017 at 7:50 AM, Pascal Quantin > <pascal.quan...@gmail.com

Re: [Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-11 Thread Richard Sharpe
On Sat, Nov 11, 2017 at 7:50 AM, Pascal Quantin <pascal.quan...@gmail.com> wrote: > Hi Richard, > > 2017-11-11 16:45 GMT+01:00 Richard Sharpe <realrichardsha...@gmail.com>: >> >> Hi folks, >> >> I am hearing from one user that they could no longer us

[Wireshark-dev] rpcap support seems to have disappeared ...

2017-11-11 Thread Richard Sharpe
o work or if it works? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark

Re: [Wireshark-dev] Filter expression aliases and parameterization ...

2017-11-08 Thread Richard Sharpe
he alias when someone types in the other form. Ie, if they enter wlan.beacon it should list in brackets (wlan.fc.type_subtype == 0x19) and vice versa. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev

[Wireshark-dev] Can someone else test the fix to bug 6027?

2017-11-08 Thread Richard Sharpe
/ -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/o

Re: [Wireshark-dev] Who did this to master?

2017-11-08 Thread Richard Sharpe
On Wed, Nov 8, 2017 at 2:35 AM, Stig Bjørlykke <s...@bjorlykke.org> wrote: > On Wed, Nov 8, 2017 at 10:43 AM, Richard Sharpe > <realrichardsha...@gmail.com> wrote: >> My changes have not touched packet-btmesh.c >> >> CC packet-btmes

Re: [Wireshark-dev] Who did this to master?

2017-11-08 Thread Richard Sharpe
ht answer, neither my master fails to compile. Hmmm, strange ... I am having problems with forward declarations as well. > On Wed, Nov 8, 2017 at 10:43 AM, Richard Sharpe > <realrichardsha...@gmail.com> wrote: >> >> My changes have not touched packet-btmesh.c >&g

[Wireshark-dev] Who did this to master?

2017-11-08 Thread Richard Sharpe
] create_master_security_keys(rec); ^ -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe:

[Wireshark-dev] Filter expression aliases and parameterization ...

2017-11-08 Thread Richard Sharpe
e handling of filter expressions. Can anyone think of another way of doing this? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https

[Wireshark-dev] Have problem where one capture with EAPOL decrypts OK but another does not

2017-11-07 Thread Richard Sharpe
anyone seen this? Also, where is the key info assembled in the dissector? I have not yet understood where in the code this is being done. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list

[Wireshark-dev] Microsoft-XBOX OUI shown as "Microsof"

2017-11-05 Thread Richard Sharpe
Hi folks, I am seeing the Microsoft-XBOX OUI 00-50-F2 appear is "(Microsof)" in some dissections, as shown in the attached. I cannot find where this is coming from. Does anyone know? -- Regards, Richard Sharpe (何以解憂

[Wireshark-dev] Does any know if tshark will automatically use encryption keys entered via Preferences

2017-11-01 Thread Richard Sharpe
Hi folks, I know the question is a little vague, but I know that the SMB dissector can use a Keytab. However, when tshark is running can it also use the same Keytab? Can preferences be specified on the tshark command line? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操

[Wireshark-dev] Parameter passing when using a dissector table to call a sub-dissector

2017-10-18 Thread Richard Sharpe
dividing the filter expression into two fields. Are there any good suggestions? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:

Re: [Wireshark-dev] Reusing the code for various things in ieee802.11 in other dissectors ...

2017-10-16 Thread Richard Sharpe
On Mon, Oct 16, 2017 at 7:09 AM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > On Sun, Oct 15, 2017 at 7:36 PM, Michael Mann via Wireshark-dev > <wireshark-dev@wireshark.org> wrote: >> >> >> >> -----Original Message- >> F

Re: [Wireshark-dev] Reusing the code for various things in ieee802.11 in other dissectors ...

2017-10-16 Thread Richard Sharpe
On Sun, Oct 15, 2017 at 7:36 PM, Michael Mann via Wireshark-dev <wireshark-dev@wireshark.org> wrote: > > > > -Original Message----- > From: Richard Sharpe <realrichardsha...@gmail.com> > To: Developer support list for Wireshark <wireshark-dev@wireshark.org&g

[Wireshark-dev] Reusing the code for various things in ieee802.11 in other dissectors ...

2017-10-14 Thread Richard Sharpe
with this. One is dissector tables. Another is to declare certain functions non-static and put the definitions in header files. There might be others. Are there any suggestions? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via

Re: [Wireshark-dev] Adding pcap-ng pipe support to dumpcap

2017-08-30 Thread Richard Sharpe
wireshark.org > Subject: Re: [Wireshark-dev] Adding pcap-ng pipe support to dumpcap > > On 08/29/2017 02:35 PM, Richard Sharpe wrote: >>> On Tue, Aug 29, 2017 at 10:50 AM, Ed Beroset <bero...@mindspring.com> wrote: >>>> On 06/16/2017 01:27 PM, Richard Sharpe wrote: >

Re: [Wireshark-dev] Adding pcap-ng pipe support to dumpcap

2017-08-29 Thread Richard Sharpe
On Tue, Aug 29, 2017 at 10:50 AM, Ed Beroset <bero...@mindspring.com> wrote: > On 06/16/2017 01:27 PM, Richard Sharpe wrote: >> >> On Fri, Jun 16, 2017 at 9:36 AM, Kvidera, Evan D <ekvider...@winona.edu> >> wrote: >>> >>> Hello Wireshark Devs

[Wireshark-dev] Introducing an FT_OUI type, should it be an integer or bytes?

2017-08-19 Thread Richard Sharpe
Hi folks, I have a change up for review that introduces a new type, FT_OUI. It works. However, the big question is that it changes the current practice from the OUI being an INT24 to being BYTES. This breaks backward compatibility I imagine. Is this a big issue? -- Regards, Richard Sharpe (何

Re: [Wireshark-dev] Making oui_base_custom available more generally

2017-08-19 Thread Richard Sharpe
ler doing the following? > -Original Message----- > From: Richard Sharpe <realrichardsha...@gmail.com> > To: Developer support list for Wireshark <wireshark-dev@wireshark.org> > Sent: Sat, Aug 19, 2017 11:29 am > Subject: Re: [Wireshark-dev] Making oui_base_custom availab

Re: [Wireshark-dev] Making oui_base_custom available more generally

2017-08-19 Thread Richard Sharpe
olved_from_encoded etc replaced with get_manuf_name_if_known and a few other changes. Does that seem reasonable to you? There's a couple of other places in there where I am not sure what is going on, but I can stumble through ... -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)

Re: [Wireshark-dev] Making oui_base_custom available more generally

2017-08-19 Thread Richard Sharpe
; packet-ieee80211.h: that should be the place. > Cheers, > Dario. > > On Sat, Aug 19, 2017 at 4:14 AM, Richard Sharpe > <realrichardsha...@gmail.com> wrote: > > Hi folks, > > I have a need to deal with OUIs in a dissector I am writing and find > that it is defined a

[Wireshark-dev] Making oui_base_custom available more generally

2017-08-18 Thread Richard Sharpe
Hi folks, I have a need to deal with OUIs in a dissector I am writing and find that it is defined as static void in packet_ieee80211.c. Should I simply remove static from that declaration, or should we promote it to some other file to make it generally available? -- Regards, Richard Sharpe (何以

Re: [Wireshark-dev] Vendor-specific dissectors for 802.11

2017-08-13 Thread Richard Sharpe
ms. That is, it is not clear to me how to unify them at the moment. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org

Re: [Wireshark-dev] Vendor-specific dissectors for 802.11

2017-08-13 Thread Richard Sharpe
may need its own dissector table for vendor specific functionality too. I would love to give this some thought, and may do, but the damn IEEE802.11 2012 spec is 2600+ pages long! -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ S

Re: [Wireshark-dev] Vendor-specific dissectors for 802.11

2017-08-13 Thread Richard Sharpe
code in packet-ieee80211.c to separate dissectors. Indeed, the whole 802.11 dissector could do with a good cleanup. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wi

Re: [Wireshark-dev] Using Google Protobuf to Export Full Packet Dissection Data via Named Pipe

2017-07-11 Thread Richard Sharpe
and at the moment. Not a big deal. Perhaps a more light-weight serialization like XDR would be appropriate ... -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-d

[Wireshark-dev] Should I add new commits to address review comments?

2017-07-11 Thread Richard Sharpe
Hi folks, Last time I made a change I created a new commit based on review comments and then squashed the two commits, but that caused issues. Is it better to simply submit the new commit or do I need to ensure I keep the original change-id in the commit? -- Regards, Richard Sharpe (何以解憂?唯有杜康

Re: [Wireshark-dev] Using Google Protobuf to Export Full Packet Dissection Data via Named Pipe

2017-07-11 Thread Richard Sharpe
reshark-dev@wireshark.org> >> Archives:https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> >> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe > > > _________

Re: [Wireshark-dev] Using Google Protobuf to Export Full Packet Dissection Data via Named Pipe

2017-07-11 Thread Richard Sharpe
ny code as yet. I guess I will have to do some more work on this soon when my new 802.11 sub-dissector project is done. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshar

Re: [Wireshark-dev] Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string

2017-07-01 Thread Richard Sharpe
b2, dns, etc, it works. I wonder what the difference is ... > > -Original Message----- > From: Richard Sharpe <realrichardsha...@gmail.com> > To: Developer support list for Wireshark <wireshark-dev@wireshark.org> > Sent: Sat, Jul 1, 2017 2:31 pm > Subject: Re: [Wir

Re: [Wireshark-dev] Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string

2017-07-01 Thread Richard Sharpe
as what I used in col_set_str. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https

Re: [Wireshark-dev] My Windows build seemed to be going so well until ...

2017-06-19 Thread Richard Sharpe
On Mon, Jun 19, 2017 at 12:36 PM, Graham Bloice <graham.blo...@trihedral.com> wrote: > > > On 19 June 2017 at 19:40, Richard Sharpe <realrichardsha...@gmail.com> > wrote: >> >> On Mon, Jun 19, 2017 at 11:12 AM, Richard Sharpe >> <realrichardsha...@gma

Re: [Wireshark-dev] My Windows build seemed to be going so well until ...

2017-06-19 Thread Richard Sharpe
On Mon, Jun 19, 2017 at 11:12 AM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > On Mon, Jun 19, 2017 at 8:08 AM, Graham Bloice > <graham.blo...@trihedral.com> wrote: >> >> >> On 19 June 2017 at 15:02, Jeff Morriss <jeff.morriss...@gmail.com> wrote:

Re: [Wireshark-dev] My Windows build seemed to be going so well until ...

2017-06-19 Thread Richard Sharpe
On Mon, Jun 19, 2017 at 8:08 AM, Graham Bloice <graham.blo...@trihedral.com> wrote: > > > On 19 June 2017 at 15:02, Jeff Morriss <jeff.morriss...@gmail.com> wrote: >> >> >> >> On Sun, Jun 18, 2017 at 6:18 PM, Richard Sharpe >> <realrichards

[Wireshark-dev] My Windows build seemed to be going so well until ...

2017-06-18 Thread Richard Sharpe
A quick search suggests that other people are seeing similar errors. I definitely have access to the internet and am doing this from home. Also, a wget from a different shell (cygwin) succeeds for that file. Is there some tool I have failed to install that is needed? -- Regards, Richard

<    1   2   3   4   5   6   >