Re: [Wireshark-dev] RFC: Internally Generated Records

Yes, that it what I was saying. Cool, you can look forward to the openSAFETY patch, the minute the change hit the official repo ;-) regards, Roland On Mon, Aug 4, 2014 at 11:51 PM, Evan Huus eapa...@gmail.com wrote: On Aug 4, 2014, at 17:21, Roland Knall rkn...@gmail.com wrote: Am

Re: [Wireshark-dev] Trunk Windows CMake builds are broken

The #include config.h statement is a mistake, it should refer to #include config.h I've committed a change to https://code.wireshark.org/review/#/c/3763/ . It builds find on my Linux and Mac (using GLib 2.36). Also looking at the Mac buildbot (GLib 2.34 is the issue) right now, and maybe have

Re: [Wireshark-dev] should extcap dir be a preference?

I had a preference setting already in place, but removed it after considering that extcap filters might be installed via some sort of automatic setup, and searching for a user-defined path may proof to be trickier than assuming a pre-defined one. That's why I added the folder to the about dialog,

[Wireshark-dev] False-Positives handling with heuristic filters

Hi I have a more general question: At what point do you stop carrying about false-positives with a heuristic filter? I have openSAFETY traces, where less then 0,2% of all displayed frames are false-positives. But I cannot finetune the heuristic anymore, or I increase the risk for getting

Re: [Wireshark-dev] Extcap

Hi Configuration is not passed during consecutive starts via the interface list, or if you start from the main-screen. But they are shared if you restart the capture. Currently I am in the process of writing the limitations down, to further down the road write a wiki-page containing all

[Wireshark-dev] CapturePrivileges not working

Hi This might be a question for -users, but t seems, that the explanation on http://wiki.wireshark.org/CaptureSetup/CapturePrivileges does not seem to work anymore in Linux (running Mint 17, based on Ubuntu 14.04 LTS). I have set the dumpcap utility as defined the wiki-page, not using a group,

Re: [Wireshark-dev] CapturePrivileges not working

and Linux doesn't support setuid (and I'd guess also setcap) shell scripts. You'd need to put the permissions on .libs/lt-dumpcap or whatever it is. On Monday, October 13, 2014, Roland Knall rkn...@gmail.com wrote: Hi This might be a question for -users, but t seems, that the explanation on http

Re: [Wireshark-dev] Capture from multiple remote machines

Hi There exisyts a new interface in Wireshark, called extcap. It is a plugin interface, which allows you to use self-written programs as capture interfaces. So far the interface is only in main, but if you download any 1.9x version, it should be included. This would allow you to write a program,

Re: [Wireshark-dev] Backporting policy for protocols that are under construction

Hi The original argument for the backport was not so much the implementation of a new feature, but rather the removal of a never used feature and implementation of the actual used feature instead. I agree that the development branch is very stable, but at the same time, many people prefer to use

[Wireshark-dev] Problem with building fresh on Mac 10.10.1

Hi The setupscript does not seem to work properly. All I get are the following messages: ./macosx-setup.sh: line 578: test: 10.1: integer expression expected ./macosx-setup.sh: line 578: test: 10.1: integer expression expected macosx-setup.sh: Couldn't find an SDK for OS X 10.10.1 or later

Re: [Wireshark-dev] macosx-setup.sh fails now

Hi To look for Qt, set a environment variable namend QT_DIR to the folder of your qt install, which contains the bin folder containing qmake, and also add the path for qmake for your path. That way all Qt5 libraries will be found. CAP or at least SETCAP could be the capabilites utility for Linux,

[Wireshark-dev] CMake on Windows - Can build, but not run executable

Hi I can build wireshark successfully (gtk and qt interfaces) on Windows, but If I want to execute it, he complains that the side-by-side configuration is not correct. If I trace the launch with sxstrace, he complains, that the ProcessorArchitecture is wrong for the target (amd64). The build is

[Wireshark-dev] UI Support for plugins

Hi I have posted some code [1] I am currently working on, which would add a menu structure for individual plugins to wireshark (currently only gtk). The reason for this is, that we have some proprietary analysis tools, which will be available for free for our customers (including maybe

[Wireshark-dev] Building Own GUI for stats plugin

Hi I am creating a separate stats plugin, which will only be distributed to customers and in-house. Adding a statistics entry and displaying the general information is a no-brainer using the stats_tree functions. But I would need to add my own GUI elements, as well as graphical and statistics

Re: [Wireshark-dev] Google deprecating OpenID 2.0

to upload patches and comment on them (using the ssh -p 29418 code.wireshark.org gerrit review command). So, although I would not be able to use the website anymore, the account is still valid. regards, Roland On Mon, Feb 23, 2015 at 11:00 AM, Roland Knall rkn...@gmail.com wrote: Same here. I

Re: [Wireshark-dev] Google deprecating OpenID 2.0

Same here. I tried to link a Launchpad account to the existing one, and he created a new one instead. I accept, that this might be a Gerrit issue, and has nothing to do with Wireshark in general. But in my local installation I fixed it via adding the identity locally using the ssh gerrit

Re: [Wireshark-dev] CMake on Windows - Can build, but not run executable

as environment variable, the build worked. I used the stdio information from the buildbot to figure it out, but others may well have some issues here. regards, Roland On Wed, Mar 25, 2015 at 6:32 PM, Graham Bloice graham.blo...@trihedral.com wrote: On 25 March 2015 at 08:17, Roland Knall rkn

Re: [Wireshark-dev] Where to call Qt Extcap dialog

On Mon, Apr 27, 2015 at 9:06 PM, Gerald Combs ger...@wireshark.org wrote: On 4/27/15 7:09 AM, Roland Knall wrote: Hi @Michal - I though of a adding a button there, but this would also break usability. Also, changing the current behavior is not something I want to do, with a lot

[Wireshark-dev] Where to call Qt Extcap dialog

Hi I am currently implementing a Qt Dialog for the extcap interfaces. The dialog part is rather simple and mostly tricky because of the different kinds of interface options for extcap interfaces. But I ran into an issue, which is irritating. How should the extcap interface options be shown? On

Re: [Wireshark-dev] Where to call Qt Extcap dialog

Hi @Michal - I though of a adding a button there, but this would also break usability. Also, changing the current behavior is not something I want to do, with a lot of people (but mostly Graham) agreeing to it. What I though of is adding a text on the far right side of the interface display, like

Re: [Wireshark-dev] Wireshark runtime messages we don't want to see

, Apr 30, 2015 at 10:08 PM, Guy Harris g...@alum.mit.edu wrote: On Apr 30, 2015, at 1:00 PM, Roland Knall rkn...@gmail.com wrote: On Thu, Apr 30, 2015 at 6:58 PM, Joerg Mayer jma...@loplof.de wrote: ERROR: Cannot connect to ADB: Connection refused INFO: Please check that adb daemon

Re: [Wireshark-dev] Wireshark runtime messages we don't want to see

On Thu, Apr 30, 2015 at 6:58 PM, Joerg Mayer jma...@loplof.de wrote: ERROR: Cannot connect to ADB: Connection refused INFO: Please check that adb daemon is running. Do not know about the others, but ERROR: Cannot connect to ADB: Connection refused INFO: Please check that adb daemon is

Re: [Wireshark-dev] Windows automated builds migrated to CMake

Hi Am I correct, that as for now, there is no plan to move the download of the necessary libraries for building Wireshark on Windows from the nmake system to cmake as well? Also, the wiki pages do not seem to reflect the cmake build and the buildbot waterfall display only seem to run cmake, but

Re: [Wireshark-dev] Windows automated builds migrated to CMake

...@trihedral.com wrote: On 16 April 2015 at 09:29, Roland Knall rkn...@gmail.com wrote: Also, the wiki pages do not seem to reflect the cmake build and the buildbot waterfall display only seem to run cmake, but not build using it? Would be helpful to setup a cmake enforced build on Windows

[Wireshark-dev] Windows Buildbot seems to be down.

Just, fyi ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev

[Wireshark-dev] Qt version for the Wireshark Windows build

Hi Is it possible to download the Qt version, with which the buildbot builds the windows version of Wireshark? Our company has switched to 5.4 and the plugin I am building uses a Qt class, which introduced flags only available with 5.4. If I load my plugin in wireshark, wireshark claims the

Re: [Wireshark-dev] Qt version for the Wireshark Windows build

, Roland Knall wrote: Hi Is it possible to download the Qt version, with which the buildbot builds the windows version of Wireshark? Our company has switched to 5.4 and the plugin I am building uses a Qt class, which introduced flags only available with 5.4. If I load my plugin

Re: [Wireshark-dev] Qt version for the Wireshark Windows build

/ I got there by copying one of the online installer links listed at https://www.qt.io/download-open-source/ and trimming off the file and version. On 6/3/15 7:32 AM, Roland Knall wrote: Hi Is it possible to download the Qt

Re: [Wireshark-dev] Wireshark 1.99.6 is now available

Hi The original extcap message, mentioning that Qt does not support it yet is not correct anymore and should be changed. Also menus for plugins are supported in the Gtk version as well, although not as nice. regards, Roland Am 28.05.2015 um 22:25 schrieb Gerald Combs ger...@wireshark.org:

[Wireshark-dev] Automated build for 1.99.8 on Windows missing?

Hi I was just trying to find an automated build for Windows on https://www.wireshark.org/download/automated/ . The only builds I can find are for 1.12rc7 and PDB builds for 1.99.8, but no builds for 1.99.8 in either x86 or x64 directories. Has this been changed on purpose, or am I missing

Re: [Wireshark-dev] RFC: Internally Generated Records

Hi Evan Did this approach got implemented? If not, I would like to give it a try. regards, Roland On Tue, Aug 5, 2014 at 12:14 AM, Roland Knall rkn...@gmail.com wrote: Yes, that it what I was saying. Cool, you can look forward to the openSAFETY patch, the minute the change hit the official

Re: [Wireshark-dev] RFC: Internally Generated Records

Good, have some vacation days coming up and will give it a try. regards, Roland On Tue, Aug 18, 2015 at 4:53 PM, Evan Huus eapa...@gmail.com wrote: On Tue, Aug 18, 2015 at 10:49 AM, Roland Knall rkn...@gmail.com wrote: Hi Evan Did this approach got implemented? If not, I would like

[Wireshark-dev] PcapNG format support for dumpcap

Hi I've filed a bug report ( https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11370) for support in dumpcap and wireshark, to enable pcapng as a data format for capturing. We would need this for an extcap interface, where we would use the packet comments to add additional information to each

Re: [Wireshark-dev] PcapNG format support for dumpcap

like that, and we are actively looking into that. If and when we are going to develop something like that has not been decided yet. kind regards, Roland On Thu, Jul 16, 2015 at 9:20 PM, Guy Harris g...@alum.mit.edu wrote: On Jul 16, 2015, at 12:49 AM, Roland Knall rkn...@gmail.com wrote: I've

Re: [Wireshark-dev] CAN over Ethernet

Hi It depends how the CAN messages are being transported within Ethernet. Then you could write a dissector for the method, which in turn calls the CAN dissector. The same thing happens with a lot of other dissectors,the openSAFETY disssector for instance. regards, Roland On Sat, Nov 7, 2015 at

Re: [Wireshark-dev] Extcap

Hi 2 suggestions for you. First, is you initiate extcap via console, do you run it as root? And is wireshark running as non-root? If yo, you might need capture privileges as suggested by the wireshark wiki page. Second, yes the directories are not very intuitive. Usually if you run it from a

[Wireshark-dev] Petri-Dish circumvention breaks daily-build

Hi In our company we have our own Wireshark tools and plugins, which use the main wireshark repository. To ensure that those do not break (and if they break we can fix them in due time), we synchronize with the Wireshark repo every night and build it with our own tools on Windows and Linux. And

Re: [Wireshark-dev] Add support for remote capture in linux

Hi Would it not be easier to achieve this using an extcap interface? You can see the extcap_example in /doc as well as androiddump for examples. Such interfaces can be configured with a separate options dialog and are quite versatile, and most of all, it does not need you to change dumpcap in a

Re: [Wireshark-dev] Add plugin_if_get_framenr()

Hi The plugin_if functionality exists, because methods called by plugins run in a different thread context than the gui. Therefore, if you want to gui to act in a certain way, you have to somehow cross the context to achieve whatever you want to do. Your proposed idea goes in the other

Re: [Wireshark-dev] plugin_if_goto_frame causes protection exception

You should commit this change via gerrit. I think it is ok but you should also check in your code if a call is valid or not by checking for a loaded trace. Regards, Roland > Am 27.11.2015 um 23:52 schrieb Paul Offord : > > Hi, > > If you call plugin_if_goto_frame

Re: [Wireshark-dev] overriding built-in dissector

As far as I know, overriding a default dissector is not possible, or more precise not necessarily very easy. But what you could do is, to implement a generic heuristic entry point in the dis dissector, which then in turn you could use to let your custom plugin take over the dissection from the dis

Re: [Wireshark-dev] plugin_if menu problems

Hi I do not have anything standing in front of my callbacks, therefore I would remove WS_DLL_PUBLIC_DEF completely. It is not necessary in your case. Secondly, if you are using the latest git source of Wireshark or the 2.0 source, the correct prototype for the callback would be: void

Re: [Wireshark-dev] Extcap DLTs

You could try USER0. The problem here is, that I have to register the extcap interface with the other interfaces at some point, and usually this happens way before the capture starts (at which point an extcap utility might know which DLT it could produce). Therefore I first ask the utility for all

Re: [Wireshark-dev] Extcap DLTs

On Tue, Nov 24, 2015 at 2:00 PM, Dario Lombardo wrote: > > Where is it defined? I can't compile something like > > g_print("dlt {number=%u}{name=%s}{display=%s}\n", USER0, > RANDPKT_EXTCAP_INTERFACE, wtap_encap_string(USER0)); > >From the python example in doc:

Re: [Wireshark-dev] Highlight fields

Hi No, currently there is no direct way to do this. And any new way would require a change to the dissectors handling the messages regards On Wed, Feb 10, 2016 at 11:44 AM, Juan Jose Martin Carrascosa < jua...@rti.com> wrote: > Hi all, > > Let's say I have several submessages in a packet

Re: [Wireshark-dev] linking errors on Windows

Hi Could you provide some form of linker output so that we could see, which functions you are talking about? regards Roland On Wed, Feb 24, 2016 at 6:25 AM, Edwin Groothuis < edwin.grooth...@riverbed.com> wrote: > Greetings, > > > > I’m in the process of upgrading an 1.10 environment into the

Re: [Wireshark-dev] Mac Build Error

On Fri, Jan 22, 2016 at 8:26 AM, Guy Harris <g...@alum.mit.edu> wrote: > On Jan 21, 2016, at 9:36 PM, Roland Knall <rkn...@gmail.com> wrote: > > > FYI, the only sure-fire way in CMAKE to set specific only linker flags > is using the target properties. > >

Re: [Wireshark-dev] Mac Build Error

On Fri, Jan 22, 2016 at 1:40 AM, Guy Harris wrote: > > > This means we can't use CMAKE_REQUIRED_FLAGS, and have to find some > *other* way to specify the flag to be tested. FYI, the only sure-fire way in CMAKE to set specific only linker flags is using the target properties.

Re: [Wireshark-dev] Mac Build Error

On Fri, Jan 22, 2016 at 9:06 AM, Guy Harris <g...@alum.mit.edu> wrote: > On Jan 21, 2016, at 11:42 PM, Roland Knall <rkn...@gmail.com> wrote: > > > Sorry to disappoint ;-), but it can be done, just not in a convenient > way. And the 9oo10 mostly is fixed by using

Re: [Wireshark-dev] Bug Report Wireshark 2.0.2 - File Merge

Hi Could you please file a bug report with https://bugs.wireshark.org/bugzilla/ kind regards Roland > Am 25.03.2016 um 17:58 schrieb Francis Chartier : > > Hello, > > I am using Wireshark 2.0.2 to debug videoconference. > > I joined the 2 traces of the Firewall

Re: [Wireshark-dev] Building with CMake on Win10 and VS2013 (win64)

Take a look in your build directory, there must be a folder called CMakeFiles. In it, you'll find CMakeError.log. This file should contain, at it's bottom, the call which lead to the error and a more detailed error information in regard to the missing utility. regards Roland On Tue, Mar 29, 2016

Re: [Wireshark-dev] Building with CMake on Win10 and VS2013 (win64)

herwise I would have attached it). When it > does, the output (like that below) would include a note about "See also > CMakeError.log)" at the last line (right after line about CMakeOutput.log) > > > -Original Message- > From: Roland Knall <rkn...

Re: [Wireshark-dev] Deprecating nmake

Try to set the path to the Python Executable in cmake. Seems he catches the Cygwin version by mistake. Regards > Am 02.04.2016 um 16:07 schrieb RobiOneKenobi : > > Hi, > > I'm trying to migrate to CMake, but i'm facing 2 problems > > In Win64, it stops after a few

Re: [Wireshark-dev] Embedding external program into wireshark menu

Hi In principal there exists an interface called extcap, which allows it to implement separate utilities as capture interfaces. See sshdump or androiddump for example. Those interfaces then will create the pcap trace and wireshark can utilize them, as if they where a network card or similar. For

Re: [Wireshark-dev] Question on payload reassembly

Hi Just a short question, does your sequence counter repeat? If so, this can be an issue. Also, for the openSAFETY dissector it only worked properly, after I implemented fragment_add_seq_offset, so it will allways count internally beginning with 0. You can see that in line 1272 of

Re: [Wireshark-dev] extcap.c does not build on SUSE 11.3. g_spawn_check_exit_status requires glib 2.34

Hi No, I've uploaded a new patch to gerrit ( https://code.wireshark.org/review/16827), which removes the need for this function. Just fyi, the min glib version to be supported is 2.14.0, and although I'd appreciate a discussion to change that in the future, this patch is a pretty simple fix.

Re: [Wireshark-dev] Adding Qt5 libs via VS Additional Dependencies

Paul, could you give an example, why you chose Qt libraries over Gtk? Was it not possible, or is it a personal choice? I do have plugins for WS, which use Qt, but not for dissectors, so I am just curious, what was missing. regards Roland On Fri, Aug 5, 2016 at 11:20 AM, Graham Bloice

Re: [Wireshark-dev] Adding Qt5 libs via VS Additional Dependencies

By the way, we are not > planning to submit this to be incorporated into the main stream code. > > > > You can see Syncro in action here http://www.youtube.com/watch? > v=anEZGfF4P10=5m5s if you are interested. > > > > Best regards…Paul > > > > *From:*

Re: [Wireshark-dev] Adding Qt5 libs via VS Additional Dependencies

dissector. We don’t use any of the GUI stuff from Qt, just the TCP > server functionality, multi-threading functions and Signals & Slots to > communicate between threads. > > > > Best regards…Paul > > > > *From:* wireshark-dev-boun...@wireshark.org [mailto:wiresh

Re: [Wireshark-dev] Conditional compiles

There is some misconception about the general approach with this idea. Whilst I applaud any attempt to reduce the number of defines, as it eases the implementation of new features (due to not stumbling over undetected #define issues), I strongly suggest taking a different route here. HAVE_LIBPCAP

Re: [Wireshark-dev] Wireshark no longer builds on SuSE 11.3

I was hoping to say, let's drop SuSE 11.3, as SuSE 11.4 has glib version 2.28, which includes the function. Also ReadHat 5 drops support by the end of next month. But SLES still supports it until 2019. As for the convenience method, I would not provide a compatibility header, as this would

Re: [Wireshark-dev] Wireshark no longer builds on SuSE 11.3

On Tue, Feb 14, 2017 at 4:28 PM, Peter Wu wrote: > Where did you find SLES 11.4 support for GLib 2.28? I only see 2.22.5 > for SLES 11.3 and the release notes do not mention newer versions: > https://www.suse.com/releasenotes/x86_64/SUSE-SLES/11-SP4/ > SLED (for desktop)

Re: [Wireshark-dev] Bugzilla SSL Issue?

On Fri, Jan 20, 2017 at 3:59 PM, João Valverde < joao.valve...@tecnico.ulisboa.pt> wrote: > I think the correct (?) URL is: https://bugs.wireshark.org/ Of course it is. For that URL it is working Thanks ___ Sent via:

Re: [Wireshark-dev] Extcap version

That is an early design flaw - still going strong to that very day. It stems from the fact, that the version query was introduced later on, and the interface list query basically covered that as well. Additionally, parsed extcap interfaces where not parsed on a tool (meaning executable) level, but

Re: [Wireshark-dev] Extcap version

sition: lives in extcap_info and in > extcap_interface at the same time. I don't think we need both: I hardly > figure out how we'd need to different help pages/files for 2 different > intefaces of the same extcap. What about removing the help in the interface? > > On Mon, Feb 27, 2017 at 11:3

[Wireshark-dev] Remove of GTK interface

Hi As I understand correctly, the gtk interface is being phased out to a point, where it will not be included in 2.4 anymore. I am currently one the brink of adding new features to extcap, and doing so would need me to change some internal interfaces, some of which are used only by the gtk

Re: [Wireshark-dev] Enable extcap by default or not

No, it just means, that extcap interfaces are either available by default or not. They do not run permanently. regards On Fri, Sep 9, 2016 at 8:02 PM, Bill Meier <wme...@newsguy.com> wrote: > On 9/9/2016 1:42 AM, Roland Knall wrote: > >> Hello List >> >> There i

[Wireshark-dev] Enable extcap by default or not

Hello List There is currently a discussion going on in https://code.wireshark.org/review/#/c/17498 in regard to enabling extcap features by default or not. There are basically two sides to the argument: Cons - extcap interfaces are advanced features, which will not be used by a majority of

Re: [Wireshark-dev] Ethernet header below MPLS...

On how he did that, Wireshark dissectors can attach each other to dissect payloads if they apply for them. So in this case, the MPLS dissector has a hook, to which either the ETH dissector has attached or was called by the MPLS dissector. - Roland On Fri, Sep 16, 2016 at 3:03 AM, Guy Harris

Re: [Wireshark-dev] Enable extcap by default or not

On Fri, Sep 9, 2016 at 8:16 AM, Graham Bloice wrote: > > >> > I vote for disable by default, I feel that the extcap interfaces are > superfluous and confusing to most of the users I support as they are for > "niche" purposes. > > I don't follow the argument that a

[Wireshark-dev] Docker image for WS Build

Hello I've created a docker image, to build Wireshark for a Linux build. You can find it on https://hub.docker.com/r/rknall/wsbuilder/ It contains Qt5, Lua and libssh, and can be used for building docker in a Jenkins environment (that is, what I am using it for) with the Jenkins user "jenkins"

Re: [Wireshark-dev] Docker image for WS Build

> Am 07.10.2016 um 17:08 schrieb Alexis La Goutte <alexis.lagou...@gmail.com>: > > > >> On Thu, Oct 6, 2016 at 9:53 AM, Roland Knall <rkn...@gmail.com> wrote: >> Hello >> >> I've created a docker image, to build Wireshark for a L

Re: [Wireshark-dev] Docker image for WS Build

I will do that in the coming days. Thanks, Roland On Thu, Oct 6, 2016 at 2:47 PM, Jaap Keuter <jaap.keu...@xs4all.nl> wrote: > > > On 06 Oct 2016, at 09:53, Roland Knall <rkn...@gmail.com> wrote: > > > > Hello > > > > I've created a docker image, to

Re: [Wireshark-dev] Wireshark 2.2.0rc1 is now available

Hi Gerald Could you mention the fix for https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11892 in the release notes - "extcap utilities keep running, after capture shut down". regards Roland On Tue, Aug 23, 2016 at 12:49 AM, Gerald Combs wrote: > I'm proud to announce

Re: [Wireshark-dev] GUI Change for Wireshark Remote Interfaces

On Thu, Oct 27, 2016 at 1:14 PM, Peter Wu wrote: > Not being able to store remote interface is probably a bug / missing > feature. See for example user responses at > https://ask.wireshark.org/questions/47141/remote-capture-on-startup > > Kind regards, > Peter > This raises

Re: [Wireshark-dev] GUI Change for Wireshark Remote Interfaces

blo...@trihedral.com > wrote: > > > On 27 October 2016 at 10:36, Roland Knall <rkn...@gmail.com> wrote: > >> Hi >> >> I am currently rewriting the ManageInterfacesDialog, and so far I am >> nearly done. The last thing open are the Remote Capture Interface

[Wireshark-dev] GUI Change for Wireshark Remote Interfaces

Hi I am currently rewriting the ManageInterfacesDialog, and so far I am nearly done. The last thing open are the Remote Capture Interfaces. But to do this the right way, I am also going to get rid of the two popup dialogs and change the layout of the tab a little bit. So I wanted to get some

Re: [Wireshark-dev] GUI Change for Wireshark Remote Interfaces

Guy, is the version on github for libpcap already equipped with pcap_open on Mac? I don't need it to function, just for the cmake script to work and run, as it would make development of the new version so much easier. I'll change the title accordingly, but the interface changes should be ok so

[Wireshark-dev] Change of minimum supported Qt version in master

Hi all Due to new features in master and due to the fact, that 4.7 (our old minimum version) is no longer supported by the current major distributions, we switched the minimum version of Qt to Qt 4.8 (LTS) Please see https://wiki.wireshark.org/Development/Support_library_version_tracking for the

Re: [Wireshark-dev] Live wireshark capture packets from my windows filter driver

Hi One possibility would be an extcap device. See README.extcap in the doc subdirectory for more details. regards On Sat, Nov 12, 2016 at 3:35 AM, Ashok Nandoori wrote: > Hi, > > Can you send me some pointers on how to write plug-in to wireshark to > capture live packets

Re: [Wireshark-dev] GUI Change for Wireshark Remote Interfaces

I've changed the pcap by hand using cmake-gui. Works but have not tried running it against anything or capturing. regards On Fri, Oct 28, 2016 at 11:14 AM, Joerg Mayer wrote: > On Thu, Oct 27, 2016 at 09:36:47PM -0700, Guy Harris wrote: > > On Oct 27, 2016, at 8:54 PM, Guy

Re: [Wireshark-dev] IP src/dst from Qt

issectors to find all regards, Roland On Mon, Oct 31, 2016 at 3:23 PM, Dario Lombardo <dario.lombardo...@gmail.com > wrote: > > > On Mon, Oct 31, 2016 at 3:16 PM, Roland Knall <rkn...@gmail.com> wrote: > >> I would implement a listener for the tap interface of th

Re: [Wireshark-dev] IP src/dst from Qt

, Dario Lombardo <dario.lombardo...@gmail.com > wrote: > As a starting point I'd like to have the ones in packet_info. > > On Mon, Oct 31, 2016 at 2:50 PM, Roland Knall <rkn...@gmail.com> wrote: > >> Hi >> >> What ip src/dest do you mean? If you mean the on

Re: [Wireshark-dev] IP src/dst from Qt

Hi What ip src/dest do you mean? If you mean the ones from a packet trace, a tap interface might be the easiest to get the information. I do a similar thing with a 3rd-party plugin of mine. regards Roland On Mon, Oct 31, 2016 at 2:44 PM, Dario Lombardo wrote: >

Re: [Wireshark-dev] New statistics panel for RTPS

Hi This depends on how sophisticated you want the final panel to be. If you just want to add new statistics for one dissector, this likely could be done in a week. Take a look at README.stats_tree for details in the doc subdirectory of the source-code. If you want a more sophisticated analysis

Re: [Wireshark-dev] How do I set the epan/dissectors/Makefile.am CUSTOM_DISSECTOR_SRC variable from a script when I run configure?

Just my two cents here. If you would change your build-system to CMake, you could use the CMakeListsCustom.txt files to achieve the same thing. You would not need to script anything, and could directly just copy the necessary file into the build. The plugins and additional dissectors do not need

Re: [Wireshark-dev] extcap slowing down start of WS

@Stiq - this is the plan going forward. But first, I need to fix the initial call to the interfaces on Windows, because there is an issue with stdin buffers on Windows and a large number of interfaces. The register preferences call is a necessity, but the one in fill_in_local_interfaces could be

Re: [Wireshark-dev] Remote Control Plugin - Can I submit to the Wireshark project

ty of controlling Wireshark from a loosely > coupled application. Is this code suitable for submission to the project? > > > > Thanks and regards…Paul > > > > *From:* wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-bounces@ > wireshark.org] *On Behalf Of *R

Re: [Wireshark-dev] VS 2015 or not

VS2015 is safe for now, although I'd not got any further up. Basically, when a new VS version is being released it might take some time, to get special IDE shenanigans back-ported, same goes with new Xcode versions on Mac. If you want to build plugins against official versions of WS, or just want

Re: [Wireshark-dev] Extcap limitations?

Hello extcap is a frontend for WS pipes. Therefore it strongly relies on the moment on the formates dumpcap supports on pipes, and that is only pcap atm. There was talk and some movement in the direction of pcapng, and it is on my list of items to be implemented in the next free timeslot (and

Re: [Wireshark-dev] Building latest Wireshark using VS2013

Hi The solution should rather be if (tvb_get_ntohl(tvb, offset) != 0x2001) { return; } This follows the coding rules within the file. I can't even begin to imagine, what msbuild is complaining about, but who really knows, what that build-system is thinking in it's core..

Re: [Wireshark-dev] Inclusion of KDE code in WS

On Wed, Dec 28, 2016 at 10:14 AM, Michal Labedzki <michal.labed...@tieto.com > wrote: > > On 28 December 2016 at 09:37, Roland Knall <rkn...@gmail.com> wrote: > >> git://anongit.kde.org/kitemmodels.git >> > > Online: > https://cgit.kde.org/kitemmodels.gi

[Wireshark-dev] Inclusion of KDE code in WS

Hi Short question: Would it be ok, to include 3 KDE classes (from git:// anongit.kde.org/kitemmodels.git) with the WS sourcecode, after asking the author (single author in this case) if this is ok? The code is licensed with GPL 2.1 Long question: I am running into a rather difficult issue with

Re: [Wireshark-dev] QT DLLs missing from build environment

@Paul - I would also recommend to update to the latest version, but at least 5.6. I am currently building with 5.6.1 on all three plattforms. regards Roland On Tue, Dec 27, 2016 at 3:03 PM, Anders Broman wrote: > Hi, > > At some point I think there was a fault in Qt

Re: [Wireshark-dev] Build with VS 2013 on Windows 7

It could be, that the version of Powershell required is not the correct one. Some versions of Windows Server use a version out-of-the-box which is too old for the script to work. Not sure, which version to use, but I'd try to update to the latest one. Another thing could be an improperly cleaned

Re: [Wireshark-dev] small vs large patch sets ?

> > >> Is there a better way of doing thing? >> > You can push all patches with the same topic, and they will be reviewed > one after each other. > > Gerrit also allows an easy rebase of patchsets, so one patchset can be rebased while others stay the same. Take a look at "git review" which also

Re: [Wireshark-dev] Specifying dissectors declaratively

Generally speaking we can divide new protocol languages in two different classes: - interpreting ones - compiled ones The interpreting class has LUA and wsgd as representative. They have their benefits, but I do not really like the approach of interpreting at runtime. CSjark seems interesting,

Re: [Wireshark-dev] Master build fails without pcap

I am currently on it. Apparently I invoked a hidden bug in HAVE_PCAP availability. Cheers > Am 28.07.2017 um 00:15 schrieb Gisle Vanem : > > Dario Lombardo wrote: > > > The current master can't build if we disable PCAP in cmake. > > I can't be build if HAVE_EXTCAP is

Re: [Wireshark-dev] Using Google Protobuf to Export Full Packet Dissection Data via Named Pipe

Did you take a look at tshark's -T parameter? "tshark -T jsonraw" for instance, delivers full dissection in Json format. What would be needed is only to shove that into a pipe to capture from some other place. Cheers Roland On Tue, Jul 11, 2017 at 2:48 PM, Mark Landriscina

Re: [Wireshark-dev] Dissector for link layer to run before ethernet one

If the header is always identifiable easily, you could write a heuristic dissector for "frame" and work from there. cheers Roland On Thu, Jul 20, 2017 at 1:47 PM, Mihai Cîrîc via Wireshark-dev < wireshark-dev@wireshark.org> wrote: > Hello all, > > I have some capture files with packets

<    1   2   3   4   5   >