void
register_show_exception(void)
{
static ei_register_info ei[] = {
{ &ei_malformed_dissector_bug, { "_ws.malformed.dissector_bug", PI_MALFORMED, PI_ERROR, "Dissector bug", EXPFILL }},
{ &ei_malformed_reassembly, { "_ws.malformed.reassembly", PI_MALFORMED, PI_ERROR, "Reassembly error", EXPFILL }},
{ &ei_malformed, { "_ws.malformed.expert", PI_MALFORMED, PI_ERROR, "Malformed Packet (Exception occurred)", EXPFILL }},
};
expert_module_t* expert_malformed;
proto_short = proto_register_protocol("Short Frame", "Short frame", "_ws.short");
proto_malformed = proto_register_protocol("Malformed Packet",
"Malformed packet", "_ws.malformed");
proto_unreassembled = proto_register_protocol(
"Unreassembled Fragmented Packet",
"Unreassembled fragmented packet", "_ws.unreassembled");
expert_malformed = expert_register_protocol(proto_malformed);
expert_register_field_array(expert_malformed, ei, array_length(ei));
/* "Short Frame", "Malformed Packet", and "Unreassembled Fragmented
Packet" aren't really protocols, they're error indications;
disabling them makes no sense. */
proto_set_cant_toggle(proto_short);
proto_set_cant_toggle(proto_malformed);
proto_set_cant_toggle(proto_unreassembled);
}
void
expert_init(void)
{
static hf_register_info hf[] = {
{ &hf_expert_msg,
{ "Message", "expert.message", FT_STRING, BASE_NONE, NULL, 0, "Wireshark expert information", HFILL }
},
{ &hf_expert_group,
{ "Group", "expert.group", FT_UINT32, BASE_HEX, VALS(expert_group_vals), 0, "Wireshark expert group", HFILL }
},
{ &hf_expert_severity,
{ "Severity level", "expert.severity", FT_UINT32, BASE_HEX, VALS(expert_severity_vals), 0, "Wireshark expert severity level", HFILL }
}
};
static gint *ett[] = {
&ett_expert,
&ett_subexpert
};
if (expert_tap == -1) {
expert_tap = register_tap("expert");
}
if (proto_expert == -1) {
proto_expert = proto_register_protocol("Expert Info", "Expert", "expert");
proto_register_field_array(proto_expert, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
proto_set_cant_toggle(proto_expert);
}
highest_severity = 0;
}
/*--- proto_register_q932_ros -----------------------------------------------*/
void proto_register_q932_ros(void) {
/* List of fields */
static hf_register_info hf[] = {
#include "packet-q932-ros-hfarr.c"
};
/* List of subtrees */
static gint *ett[] = {
#include "packet-q932-ros-ettarr.c"
};
static ei_register_info ei[] = {
{ &ei_ros_undecoded, { "q932.ros.undecoded", PI_UNDECODED, PI_WARN, "Undecoded", EXPFILL }},
};
expert_module_t* expert_q932_ros;
/* Register protocol and dissector */
proto_q932_ros = proto_register_protocol(PNAME, PSNAME, PFNAME);
proto_set_cant_toggle(proto_q932_ros);
/* Register fields and subtrees */
proto_register_field_array(proto_q932_ros, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
expert_q932_ros = expert_register_protocol(proto_q932_ros);
expert_register_field_array(expert_q932_ros, ei, array_length(ei));
new_register_dissector(PFNAME, dissect_q932_ros, proto_q932_ros);
}
void
proto_register_media(void)
{
static hf_register_info hf[] = {
{ &hf_media_type,
{ "Media type", "media.type",
FT_BYTES, BASE_NONE, NULL, 0,
NULL, HFILL }},
};
static gint *ett[] = {
&ett_media
};
proto_media = proto_register_protocol (
"Media Type", /* name */
"Media", /* short name */
"media" /* abbrev */
);
new_register_dissector("media", dissect_media, proto_media);
register_heur_dissector_list("media", &heur_subdissector_list);
proto_register_field_array(proto_media, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
/*
* "Media" is used to dissect something whose normal dissector
* is disabled, so it cannot itself be disabled.
*/
proto_set_cant_toggle(proto_media);
}
void
register_show_exception(void)
{
proto_short = proto_register_protocol("Short Frame", "Short frame", "short");
proto_malformed = proto_register_protocol("Malformed Packet",
"Malformed packet", "malformed");
proto_unreassembled = proto_register_protocol(
"Unreassembled Fragmented Packet",
"Unreassembled fragmented packet", "unreassembled");
/* "Short Frame", "Malformed Packet", and "Unreassembled Fragmented
Packet" aren't really protocols, they're error indications;
disabling them makes no sense. */
proto_set_cant_toggle(proto_short);
proto_set_cant_toggle(proto_malformed);
proto_set_cant_toggle(proto_unreassembled);
}
/*
* Disable protocols as per the stored configuration
*/
void
set_disabled_protos_list(void)
{
gint i;
GList *fl_ent;
protocol_def *prot;
/*
* assume all protocols are enabled by default
*/
if (disabled_protos == NULL)
goto skip;
fl_ent = g_list_first(disabled_protos);
while (fl_ent != NULL) {
prot = (protocol_def *) fl_ent->data;
i = proto_get_id_by_filter_name(prot->name);
if (i == -1) {
/* XXX - complain here? */
} else {
if (proto_can_toggle_protocol(i))
proto_set_decoding(i, FALSE);
}
fl_ent = fl_ent->next;
}
skip:
if (global_disabled_protos == NULL)
return;
fl_ent = g_list_first(global_disabled_protos);
while (fl_ent != NULL) {
prot = (protocol_def *) fl_ent->data;
i = proto_get_id_by_filter_name(prot->name);
if (i == -1) {
/* XXX - complain here? */
} else {
if (proto_can_toggle_protocol(i)) {
proto_set_decoding(i, FALSE);
proto_set_cant_toggle(i);
}
}
fl_ent = fl_ent->next;
}
}
void
proto_register_frame(void)
{
wtap_encap_dissector_table = register_dissector_table("wtap_encap",
"Wiretap encapsulation type", FT_UINT32, BASE_DEC);
proto_frame = proto_register_protocol("Frame", "Frame", "frame");
proto_pkt_comment = proto_register_protocol("Packet comments", "Pkt_Comment", "pkt_comment");
register_dissector("frame",dissect_frame,proto_frame);
/* You can't disable dissection of "Frame", as that would be
tantamount to not doing any dissection whatsoever. */
proto_set_cant_toggle(proto_frame);
frame_tap=register_tap("frame");
}
void
proto_register_media(void)
{
static gint *ett[] = {
&ett_media
};
proto_media = proto_register_protocol (
"Media Type", /* name */
"Media", /* short name */
"media" /* abbrev */
);
register_dissector("media", dissect_media, proto_media);
register_heur_dissector_list("media", &heur_subdissector_list);
proto_register_subtree_array(ett, array_length(ett));
/*
* "Media" is used to dissect something whose normal dissector
* is disabled, so it cannot itself be disabled.
*/
proto_set_cant_toggle(proto_media);
}
/*--- proto_register_q932_ros -----------------------------------------------*/
void proto_register_q932_ros(void) {
/* List of fields */
static hf_register_info hf[] = {
#include "packet-q932-ros-hfarr.c"
};
/* List of subtrees */
static gint *ett[] = {
#include "packet-q932-ros-ettarr.c"
};
/* Register protocol and dissector */
proto_q932_ros = proto_register_protocol(PNAME, PSNAME, PFNAME);
proto_set_cant_toggle(proto_q932_ros);
/* Register fields and subtrees */
proto_register_field_array(proto_q932_ros, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
new_register_dissector(PFNAME, dissect_q932_ros, proto_q932_ros);
}
void
proto_register_ethertype(void)
{
/* Decode As handling */
static build_valid_func eth_da_build_value[1] = {eth_value};
static decode_as_value_t eth_da_values = {eth_prompt, 1, eth_da_build_value};
static decode_as_t ethertype_da = {"ethertype", "Link", "ethertype", 1, 0, ð_da_values, NULL, NULL,
decode_as_default_populate_list, decode_as_default_reset, decode_as_default_change, NULL};
proto_ethertype = proto_register_protocol("Ethertype", "Ethertype", "ethertype");
/* This isn't a real protocol, so you can't disable its dissection. */
proto_set_cant_toggle(proto_ethertype);
register_dissector("ethertype", dissect_ethertype, proto_ethertype);
/* subdissector code */
ethertype_dissector_table = register_dissector_table("ethertype",
"Ethertype", proto_ethertype, FT_UINT16, BASE_HEX, DISSECTOR_TABLE_NOT_ALLOW_DUPLICATE);
register_capture_dissector_table("ethertype", "Ethertype");
register_decode_as(ðertype_da);
}
void
proto_register_file(void)
{
static hf_register_info hf[] = {
{ &hf_file_record_number,
{ "Record Number", "file.record_number",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_file_record_len,
{ "Record length", "file.record_len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
#if 0
{ &hf_frame_file_off,
{ "File Offset", "file.offset",
FT_INT64, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
#endif
{ &hf_file_marked,
{ "File record is marked", "file.marked",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"File record is marked in the GUI", HFILL }},
{ &hf_file_ignored,
{ "File record is ignored", "file.ignored",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"File record is ignored by the dissectors", HFILL }},
{ &hf_file_protocols,
{ "File record types in frame", "file.record_types",
FT_STRING, BASE_NONE, NULL, 0x0,
"File record types carried by this frame", HFILL }},
{ &hf_file_color_filter_name,
{ "Coloring Rule Name", "file.coloring_rule.name",
FT_STRING, BASE_NONE, NULL, 0x0,
"The file record matched the coloring rule with this name", HFILL }},
{ &hf_file_color_filter_text,
{ "Coloring Rule String", "file.coloring_rule.string",
FT_STRING, BASE_NONE, NULL, 0x0,
"The file record matched this coloring rule string", HFILL }},
{ &hf_file_num_p_prot_data,
{ "Number of per-record-data", "file.p_record_data",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_file_proto_name_and_key,
{ "Protocol Name and Key", "file.proto_name_and_key",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_file_ftap_encap,
{ "Encapsulation type", "file.encap_type",
FT_INT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
};
static gint *ett[] = {
&ett_file
};
#if 0
module_t *file_module;
#endif
proto_file = proto_register_protocol("File", "File", "file");
proto_register_field_array(proto_file, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
register_dissector("file",dissect_file_record,proto_file);
file_encap_dissector_table = register_dissector_table("ftap_encap",
"Filetap encapsulation type", proto_file, FT_UINT32, BASE_DEC, DISSECTOR_TABLE_NOT_ALLOW_DUPLICATE);
/* You can't disable dissection of "Frame", as that would be
tantamount to not doing any dissection whatsoever. */
proto_set_cant_toggle(proto_file);
/* Our preferences */
#if 0
frame_module = prefs_register_protocol(proto_frame, NULL);
prefs_register_bool_preference(frame_module, "show_file_off",
"Show File Offset", "Show offset of frame in capture file", &show_file_off);
#endif
file_tap=register_tap("file");
}
void
proto_register_frame(void)
{
static hf_register_info hf[] = {
{ &hf_frame_arrival_time,
{ "Arrival Time", "frame.time", FT_ABSOLUTE_TIME, BASE_NONE, NULL, 0x0,
"Absolute time when this frame was captured", HFILL }},
{ &hf_frame_time_invalid,
{ "Arrival Timestamp invalid", "frame.time_invalid", FT_NONE, BASE_NONE, NULL, 0x0,
"The timestamp from the capture is out of the valid range", HFILL }},
{ &hf_frame_time_delta,
{ "Time delta from previous captured frame", "frame.time_delta", FT_RELATIVE_TIME, BASE_NONE, NULL,
0x0,
NULL, HFILL }},
{ &hf_frame_time_delta_displayed,
{ "Time delta from previous displayed frame", "frame.time_delta_displayed", FT_RELATIVE_TIME, BASE_NONE, NULL,
0x0,
NULL, HFILL }},
{ &hf_frame_time_relative,
{ "Time since reference or first frame", "frame.time_relative", FT_RELATIVE_TIME, BASE_NONE, NULL,
0x0,
"Time relative to time reference or first frame", HFILL }},
{ &hf_frame_time_reference,
{ "This is a Time Reference frame", "frame.ref_time", FT_NONE, BASE_NONE, NULL, 0x0,
"This frame is a Time Reference frame", HFILL }},
{ &hf_frame_number,
{ "Frame Number", "frame.number", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_len,
{ "Frame length on the wire", "frame.len", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_capture_len,
{ "Frame length stored into the capture file", "frame.cap_len", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_md5_hash,
{ "Frame MD5 Hash", "frame.md5_hash", FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_p2p_dir,
{ "Point-to-Point Direction", "frame.p2p_dir", FT_INT8, BASE_DEC, VALS(p2p_dirs), 0x0,
NULL, HFILL }},
{ &hf_link_number,
{ "Link Number", "frame.link_nr", FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_file_off,
{ "File Offset", "frame.file_off", FT_INT64, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_marked,
{ "Frame is marked", "frame.marked", FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is marked in the GUI", HFILL }},
{ &hf_frame_protocols,
{ "Protocols in frame", "frame.protocols", FT_STRING, BASE_NONE, NULL, 0x0,
"Protocols carried by this frame", HFILL }},
{ &hf_frame_color_filter_name,
{ "Coloring Rule Name", "frame.coloring_rule.name", FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched the coloring rule with this name", HFILL }},
{ &hf_frame_color_filter_text,
{ "Coloring Rule String", "frame.coloring_rule.string", FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched this coloring rule string", HFILL }}
};
static gint *ett[] = {
&ett_frame
};
module_t *frame_module;
wtap_encap_dissector_table = register_dissector_table("wtap_encap",
"Wiretap encapsulation type", FT_UINT32, BASE_DEC);
proto_frame = proto_register_protocol("Frame", "Frame", "frame");
proto_register_field_array(proto_frame, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
register_dissector("frame",dissect_frame,proto_frame);
/* You can't disable dissection of "Frame", as that would be
tantamount to not doing any dissection whatsoever. */
proto_set_cant_toggle(proto_frame);
proto_short = proto_register_protocol("Short Frame", "Short frame", "short");
proto_malformed = proto_register_protocol("Malformed Packet",
"Malformed packet", "malformed");
proto_unreassembled = proto_register_protocol(
"Unreassembled Fragmented Packet",
"Unreassembled fragmented packet", "unreassembled");
/* "Short Frame", "Malformed Packet", and "Unreassembled Fragmented
Packet" aren't really protocols, they're error indications;
disabling them makes no sense. */
proto_set_cant_toggle(proto_short);
proto_set_cant_toggle(proto_malformed);
proto_set_cant_toggle(proto_unreassembled);
/* Our preferences */
frame_module = prefs_register_protocol(proto_frame, NULL);
prefs_register_bool_preference(frame_module, "show_file_off",
"Show File Offset", "Show offset of frame in capture file", &show_file_off);
prefs_register_bool_preference(frame_module, "force_docsis_encap",
"Treat all frames as DOCSIS frames", "Treat all frames as DOCSIS Frames", &force_docsis_encap);
prefs_register_bool_preference(frame_module, "generate_md5_hash",
"Generate an MD5 hash of each frame",
"Whether or not MD5 hashes should be generated for each frame, useful for finding duplicate frames.",
&generate_md5_hash);
frame_tap=register_tap("frame");
}
void
proto_register_frame(void)
{
static hf_register_info hf[] = {
{ &hf_frame_arrival_time,
{ "Arrival Time", "frame.time",
FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0,
"Absolute time when this frame was captured", HFILL }},
{ &hf_frame_shift_offset,
{ "Time shift for this packet", "frame.offset_shift",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time shift applied to this packet", HFILL }},
{ &hf_frame_arrival_time_epoch,
{ "Epoch Time", "frame.time_epoch",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Epoch time when this frame was captured", HFILL }},
{ &hf_frame_time_delta,
{ "Time delta from previous captured frame", "frame.time_delta",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_delta_displayed,
{ "Time delta from previous displayed frame", "frame.time_delta_displayed",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_relative,
{ "Time since reference or first frame", "frame.time_relative",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time relative to time reference or first frame", HFILL }},
{ &hf_frame_time_reference,
{ "This is a Time Reference frame", "frame.ref_time",
FT_NONE, BASE_NONE, NULL, 0x0,
"This frame is a Time Reference frame", HFILL }},
{ &hf_frame_number,
{ "Frame Number", "frame.number",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_len,
{ "Frame length on the wire", "frame.len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_capture_len,
{ "Frame length stored into the capture file", "frame.cap_len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_md5_hash,
{ "Frame MD5 Hash", "frame.md5_hash",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_p2p_dir,
{ "Point-to-Point Direction", "frame.p2p_dir",
FT_INT8, BASE_DEC, VALS(p2p_dirs), 0x0,
NULL, HFILL }},
{ &hf_link_number,
{ "Link Number", "frame.link_nr",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_file_off,
{ "File Offset", "frame.file_off",
FT_INT64, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_marked,
{ "Frame is marked", "frame.marked",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is marked in the GUI", HFILL }},
{ &hf_frame_ignored,
{ "Frame is ignored", "frame.ignored",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is ignored by the dissectors", HFILL }},
{ &hf_frame_protocols,
{ "Protocols in frame", "frame.protocols",
FT_STRING, BASE_NONE, NULL, 0x0,
"Protocols carried by this frame", HFILL }},
{ &hf_frame_color_filter_name,
{ "Coloring Rule Name", "frame.coloring_rule.name",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched the coloring rule with this name", HFILL }},
{ &hf_frame_color_filter_text,
{ "Coloring Rule String", "frame.coloring_rule.string",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched this coloring rule string", HFILL }},
{ &hf_frame_interface_id,
{ "Interface id", "frame.interface_id",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_pack_flags,
{ "Packet flags", "frame.packet_flags",
FT_UINT32, BASE_HEX, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_pack_direction,
{ "Direction", "frame.packet_flags_direction",
FT_UINT32, BASE_HEX, VALS(packet_word_directions), PACKET_WORD_DIRECTION_MASK,
NULL, HFILL }},
{ &hf_frame_pack_reception_type,
{ "Reception type", "frame.packet_flags_reception_type",
FT_UINT32, BASE_DEC, VALS(packet_word_reception_types), PACKET_WORD_RECEPTION_TYPE_MASK,
NULL, HFILL }},
{ &hf_frame_pack_fcs_length,
{ "FCS length", "frame.packet_flags_fcs_length",
FT_UINT32, BASE_DEC, NULL, PACKET_WORD_FCS_LENGTH_MASK,
NULL, HFILL }},
{ &hf_frame_pack_reserved,
{ "Reserved", "frame.packet_flags_reserved",
FT_UINT32, BASE_DEC, NULL, PACKET_WORD_RESERVED_MASK,
NULL, HFILL }},
{ &hf_frame_pack_crc_error,
{ "CRC error", "frame.packet_flags_crc_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_CRC_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_wrong_packet_too_long_error,
{ "Packet too long error", "frame.packet_flags_packet_too_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PACKET_TOO_LONG_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_wrong_packet_too_short_error,
{ "Packet too short error", "frame.packet_flags_packet_too_short_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PACKET_TOO_SHORT_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_wrong_inter_frame_gap_error,
{ "Wrong interframe gap error", "frame.packet_flags_wrong_inter_frame_gap_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_WRONG_INTER_FRAME_GAP_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_unaligned_frame_error,
{ "Unaligned frame error", "frame.packet_flags_unaligned_frame_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_UNALIGNED_FRAME_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_start_frame_delimiter_error,
{ "Start frame delimiter error", "frame.packet_flags_start_frame_delimiter_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_START_FRAME_DELIMITER_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_preamble_error,
{ "Preamble error", "frame.packet_flags_preamble_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PREAMBLE_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_symbol_error,
{ "Symbol error", "frame.packet_flags_symbol_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_SYMBOL_ERR_MASK,
NULL, HFILL }},
{ &hf_comments_text,
{ "Comment", "frame.comment",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
};
static hf_register_info hf_encap =
{ &hf_frame_wtap_encap,
{ "Encapsulation type", "frame.encap_type",
FT_INT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }};
static gint *ett[] = {
&ett_frame,
&ett_flags,
&ett_comments
};
static ei_register_info ei[] = {
{ &ei_comments_text, { "frame.comment.expert", PI_COMMENTS_GROUP, PI_COMMENT, "Formatted comment", EXPFILL }},
{ &ei_arrive_time_out_of_range, { "frame.time_invalid", PI_SEQUENCE, PI_NOTE, "Arrival Time: Fractional second out of range (0-1000000000)", EXPFILL }},
};
module_t *frame_module;
expert_module_t* expert_frame;
if (hf_encap.hfinfo.strings == NULL) {
int encap_count = wtap_get_num_encap_types();
value_string *arr;
int i;
hf_encap.hfinfo.strings = arr = g_new(value_string, encap_count+1);
for (i = 0; i < encap_count; i++) {
arr[i].value = i;
arr[i].strptr = wtap_encap_string(i);
}
arr[encap_count].value = 0;
arr[encap_count].strptr = NULL;
}
wtap_encap_dissector_table = register_dissector_table("wtap_encap",
"Wiretap encapsulation type", FT_UINT32, BASE_DEC);
wtap_fts_rec_dissector_table = register_dissector_table("wtap_fts_rec",
"Wiretap file type for file-type-specific records", FT_UINT32, BASE_DEC);
proto_frame = proto_register_protocol("Frame", "Frame", "frame");
proto_pkt_comment = proto_register_protocol("Packet comments", "Pkt_Comment", "pkt_comment");
proto_register_field_array(proto_frame, hf, array_length(hf));
proto_register_field_array(proto_frame, &hf_encap, 1);
proto_register_subtree_array(ett, array_length(ett));
expert_frame = expert_register_protocol(proto_frame);
expert_register_field_array(expert_frame, ei, array_length(ei));
register_dissector("frame",dissect_frame,proto_frame);
/* You can't disable dissection of "Frame", as that would be
tantamount to not doing any dissection whatsoever. */
proto_set_cant_toggle(proto_frame);
/* Our preferences */
frame_module = prefs_register_protocol(proto_frame, NULL);
prefs_register_bool_preference(frame_module, "show_file_off",
"Show File Offset", "Show offset of frame in capture file", &show_file_off);
prefs_register_bool_preference(frame_module, "force_docsis_encap",
"Treat all frames as DOCSIS frames", "Treat all frames as DOCSIS Frames", &force_docsis_encap);
prefs_register_bool_preference(frame_module, "generate_md5_hash",
"Generate an MD5 hash of each frame",
"Whether or not MD5 hashes should be generated for each frame, useful for finding duplicate frames.",
&generate_md5_hash);
prefs_register_bool_preference(frame_module, "generate_epoch_time",
"Generate an epoch time entry for each frame",
"Whether or not an Epoch time entry should be generated for each frame.",
&generate_epoch_time);
prefs_register_bool_preference(frame_module, "generate_bits_field",
"Show the number of bits in the frame",
"Whether or not the number of bits in the frame should be shown.",
&generate_bits_field);
frame_tap=register_tap("frame");
}
void
expert_packet_init(void)
{
module_t *module_expert;
uat_t *expert_uat;
static hf_register_info hf[] = {
{ &hf_expert_msg,
{ "Message", "_ws.expert.message", FT_STRING, BASE_NONE, NULL, 0, "Wireshark expert information", HFILL }
},
{ &hf_expert_group,
{ "Group", "_ws.expert.group", FT_UINT32, BASE_HEX, VALS(expert_group_vals), 0, "Wireshark expert group", HFILL }
},
{ &hf_expert_severity,
{ "Severity level", "_ws.expert.severity", FT_UINT32, BASE_HEX, VALS(expert_severity_vals), 0, "Wireshark expert severity level", HFILL }
}
};
static gint *ett[] = {
&ett_expert,
&ett_subexpert
};
/* UAT for overriding severity levels */
static uat_field_t custom_expert_fields[] = {
UAT_FLD_CSTRING(uat_expert_entries, field, "Field name", "Expert Info filter name"),
UAT_FLD_VS(uat_expert_entries, severity, "Severity", expert_severity_vals, "Custom severity level"),
UAT_END_FIELDS
};
if (expert_tap == -1) {
expert_tap = register_tap("expert");
}
if (proto_expert == -1) {
proto_expert = proto_register_protocol("Expert Info", "Expert", "_ws.expert");
proto_register_field_array(proto_expert, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
proto_set_cant_toggle(proto_expert);
module_expert = prefs_register_protocol(proto_expert, NULL);
expert_uat = uat_new("Expert Info Severity Level Configuration",
sizeof(expert_level_entry_t),
"expert_severity",
TRUE,
(void **)&uat_expert_entries,
&expert_level_entry_count,
UAT_AFFECTS_DISSECTION,
NULL,
uat_expert_copy_cb,
uat_expert_update_cb,
uat_expert_free_cb,
uat_expert_post_update_cb,
custom_expert_fields);
prefs_register_uat_preference(module_expert,
"expert_severity_levels",
"Severity Level Configuration",
"A table that overrides Expert Info field severity levels to user configured levels",
expert_uat);
}
highest_severity = 0;
proto_malformed = proto_get_id_by_filter_name("_ws.malformed");
}
void
proto_register_frame(void)
{
static hf_register_info hf[] = {
{ &hf_frame_arrival_time,
{ "Arrival Time", "frame.time",
FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0,
"Absolute time when this frame was captured", HFILL }},
{ &hf_frame_shift_offset,
{ "Time shift for this packet", "frame.offset_shift",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time shift applied to this packet", HFILL }},
{ &hf_frame_arrival_time_epoch,
{ "Epoch Time", "frame.time_epoch",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Epoch time when this frame was captured", HFILL }},
{ &hf_frame_time_invalid,
{ "Arrival Timestamp invalid", "frame.time_invalid",
FT_NONE, BASE_NONE, NULL, 0x0,
"The timestamp from the capture is out of the valid range", HFILL }},
{ &hf_frame_time_delta,
{ "Time delta from previous captured frame", "frame.time_delta",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_delta_displayed,
{ "Time delta from previous displayed frame", "frame.time_delta_displayed",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_relative,
{ "Time since reference or first frame", "frame.time_relative",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time relative to time reference or first frame", HFILL }},
{ &hf_frame_time_reference,
{ "This is a Time Reference frame", "frame.ref_time",
FT_NONE, BASE_NONE, NULL, 0x0,
"This frame is a Time Reference frame", HFILL }},
{ &hf_frame_number,
{ "Frame Number", "frame.number",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_len,
{ "Frame length on the wire", "frame.len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_capture_len,
{ "Frame length stored into the capture file", "frame.cap_len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_md5_hash,
{ "Frame MD5 Hash", "frame.md5_hash",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_p2p_dir,
{ "Point-to-Point Direction", "frame.p2p_dir",
FT_INT8, BASE_DEC, VALS(p2p_dirs), 0x0,
NULL, HFILL }},
{ &hf_link_number,
{ "Link Number", "frame.link_nr",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_file_off,
{ "File Offset", "frame.file_off",
FT_INT64, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_marked,
{ "Frame is marked", "frame.marked",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is marked in the GUI", HFILL }},
{ &hf_frame_ignored,
{ "Frame is ignored", "frame.ignored",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is ignored by the dissectors", HFILL }},
{ &hf_frame_protocols,
{ "Protocols in frame", "frame.protocols",
FT_STRING, BASE_NONE, NULL, 0x0,
"Protocols carried by this frame", HFILL }},
{ &hf_frame_color_filter_name,
{ "Coloring Rule Name", "frame.coloring_rule.name",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched the coloring rule with this name", HFILL }},
{ &hf_frame_color_filter_text,
{ "Coloring Rule String", "frame.coloring_rule.string",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched this coloring rule string", HFILL }},
{ &hf_frame_interface_id,
{ "Interface id", "frame.interface_id",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_comments_text,
{ "Comment", "frame.comment",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
};
static hf_register_info hf_encap =
{ &hf_frame_wtap_encap,
{ "Encapsulation type", "frame.encap_type",
FT_INT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }};
static gint *ett[] = {
&ett_frame,
&ett_comments
};
module_t *frame_module;
if (hf_encap.hfinfo.strings == NULL) {
int encap_count = wtap_get_num_encap_types();
value_string *arr;
int i;
hf_encap.hfinfo.strings = arr = g_new(value_string, encap_count+1);
for (i = 0; i < encap_count; i++) {
arr[i].value = i;
arr[i].strptr = wtap_encap_string(i);
}
arr[encap_count].value = 0;
arr[encap_count].strptr = NULL;
}
wtap_encap_dissector_table = register_dissector_table("wtap_encap",
"Wiretap encapsulation type", FT_UINT32, BASE_DEC);
proto_frame = proto_register_protocol("Frame", "Frame", "frame");
proto_pkt_comment = proto_register_protocol("Packet comments", "Pkt_Comment", "pkt_comment");
proto_register_field_array(proto_frame, hf, array_length(hf));
proto_register_field_array(proto_frame, &hf_encap, 1);
proto_register_subtree_array(ett, array_length(ett));
register_dissector("frame",dissect_frame,proto_frame);
/* You can't disable dissection of "Frame", as that would be
tantamount to not doing any dissection whatsoever. */
proto_set_cant_toggle(proto_frame);
proto_short = proto_register_protocol("Short Frame", "Short frame", "short");
proto_malformed = proto_register_protocol("Malformed Packet",
"Malformed packet", "malformed");
proto_unreassembled = proto_register_protocol(
"Unreassembled Fragmented Packet",
"Unreassembled fragmented packet", "unreassembled");
/* "Short Frame", "Malformed Packet", and "Unreassembled Fragmented
Packet" aren't really protocols, they're error indications;
disabling them makes no sense. */
proto_set_cant_toggle(proto_short);
proto_set_cant_toggle(proto_malformed);
proto_set_cant_toggle(proto_unreassembled);
/* Our preferences */
frame_module = prefs_register_protocol(proto_frame, NULL);
prefs_register_bool_preference(frame_module, "show_file_off",
"Show File Offset", "Show offset of frame in capture file", &show_file_off);
prefs_register_bool_preference(frame_module, "force_docsis_encap",
"Treat all frames as DOCSIS frames", "Treat all frames as DOCSIS Frames", &force_docsis_encap);
prefs_register_bool_preference(frame_module, "generate_md5_hash",
"Generate an MD5 hash of each frame",
"Whether or not MD5 hashes should be generated for each frame, useful for finding duplicate frames.",
&generate_md5_hash);
prefs_register_bool_preference(frame_module, "generate_epoch_time",
"Generate an epoch time entry for each frame",
"Whether or not an Epoch time entry should be generated for each frame.",
&generate_epoch_time);
prefs_register_bool_preference(frame_module, "generate_bits_field",
"Show the number of bits in the frame",
"Whether or not the number of bits in the frame should be shown.",
&generate_bits_field);
frame_tap=register_tap("frame");
}
