headers
Cristian Constantin | 1 Feb 12:23

tcp conversations

hi!

in the case that two hosts host_a and host_b are communicating using:

* tcp as a transport protocol
* ip addresses: ip_addr_host_a, ip_addr_host_b
* tcp ports (always!): tcp_port_host_a, tcp_port_host_b

and the tcp connection is NOT persistent (i.e. it is explicitly terminated and
started all over again) what is wireshark supposed to display in the
gui window "TCP Conversations":

a. one conversation between {ip_addr_host_a, tcp_port_host_a} and
{ip_addr_host_b, tcp_port_host_b} containing all the actual
"incarnations of the connection" (this is the actual term used in the tcp rfc
http://tools.ietf.org/html/rfc793#section-2.7)

b. multiple conversations between the above (based/sorted on new ISNs)
(one conversation per actual "incarnation of the connection")

thanks a lot!
bye now!
cristian
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
(Continue reading)

Permalink | Reply | 0 comments |
headers
Joerg Mayer | 1 Feb 15:14
Picon

Re: Conference room before FOSDEM

I was on holiday until this morning. I'll be there from the evening of
2nd until Sunday.

On Fri, Jan 20, 2012 at 05:12:18PM -0800, Gerald Combs wrote:
> Can any developer who is attending FOSDEM *and* would like to meet at
> the hotel on Friday the 3rd send me an email? I'm working on booking a
> conference room for the day and need to size the room accordingly.
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@...?subject=unsubscribe

--

-- 
Joerg Mayer                                           <jmayer@...>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
Permalink | Reply | 3 comments |
headers
Gerald Combs | 1 Feb 17:48
Favicon
Gravatar

Re: Conference room before FOSDEM

Great!

For anyone unable to attend in person I might be able to arrange for
some sort of call-in capability. I'll see what I can scare up.

On 2/1/12 3:14 PM, Joerg Mayer wrote:
> I was on holiday until this morning. I'll be there from the evening of
> 2nd until Sunday.
> 
> On Fri, Jan 20, 2012 at 05:12:18PM -0800, Gerald Combs wrote:
>> Can any developer who is attending FOSDEM *and* would like to meet at
>> the hotel on Friday the 3rd send me an email? I'm working on booking a
>> conference room for the day and need to size the room accordingly.
>> ___________________________________________________________________________
>> Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
>> Archives:    http://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>              mailto:wireshark-dev-request@...?subject=unsubscribe
> 

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
Permalink | Reply | 2 comments |
headers
Anders Broman | 1 Feb 18:06
Picon
Favicon

Re: Conference room before FOSDEM


-----Original Message-----
From: wireshark-dev-bounces@...
[mailto:wireshark-dev-bounces@...] On Behalf Of Gerald Combs
Sent: den 1 februari 2012 17:49
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Conference room before FOSDEM

>Great!
>
>For anyone unable to attend in person I might be able to arrange for some sort of call-in capability. I'll
see what I can scare up.
Hi,
At lest for Friday I'd be interested depending on the time of course.
Regards
Anders

On 2/1/12 3:14 PM, Joerg Mayer wrote:
> I was on holiday until this morning. I'll be there from the evening of 
> 2nd until Sunday.
> 
> On Fri, Jan 20, 2012 at 05:12:18PM -0800, Gerald Combs wrote:
>> Can any developer who is attending FOSDEM *and* would like to meet at 
>> the hotel on Friday the 3rd send me an email? I'm working on booking 
>> a conference room for the day and need to size the room accordingly.
>> ___________________________________________________________________________
>> Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
>> Archives:    http://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>
(Continue reading)

Permalink | Reply | 1 comment |
headers
Bill Meier | 1 Feb 19:12
Favicon

Building Qt Wireshark:: using QMake

 From doc/README.qt

  "Autotools + QMake is a basket full of crazy that hasn't yet
been sorted and folded.

(Autotools + Boring Old Make, without using
QMake at all, might actually be simpler:

+1 !

---------

Understanding and coping with the details of qmake doesn't particularly 
appeal to me.

Based upon my experiences of the last day or so (on Windows), AFAIKT the 
qmake documentation in places is out of date, wrong, or incomplete 
(using the documentation supplied with the 0.4.8 Qt Creator).

For Windows, it does seem possible to to figure things out but maybe 
just using nmake might not be too hard.

I'll eventually look into using nmake (after doing a bit more work to 
fix up using qmake on Windows).

Maybe doing something like we do now will be workable.

That is: have a "Common" file defining lists of files, etc and so on

--------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Andrew Kampjes | 2 Feb 03:24
Picon
Favicon

accessing all TVB elements

I have a dissector and I need to load all the TVB elements to be displayed to preform a custom reassembly on them.

The dissect_PROTO() function only gets the current TVB that you've clicked on at a time. I need either random access to the other TVB elements during the dissect_PROTO() function or at least sequential access when the file is loaded and the dissector run.

Thanks,
Andrew.

-- 
Andrew Kampjes
Junior Software Developer - Endace

andrew.kampjes-81Z5ieZTBdrQT0dZR+AlfA@public.gmane.org 
www.endace.com; LinkedIn; follow us on Twitter

power to see all

This email (including any attachments) is intended to be read by the named recipient(s) only. If the email wasn’t addressed to you, you mustn’t use, distribute or copy any part of it. If you’ve received it in error please delete it (along with any attachments) and inform us of the error. Emails aren’t secure and can’t be guaranteed to be error free as they can be intercepted, amended, lost or destroyed. It’s your responsibility to check this email and any attachments for viruses. These risks are deemed accepted by everyone that communicates with us by email. 

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
Permalink | Reply | 1 comment |
headers
Anders Broman | 2 Feb 07:21

Fwd: [Wireshark-commits] rev 40801: /trunk/epan/ /trunk/epan/dissectors/: Makefile.common packet-HI2Operations.c packet-hi2operations.c /trunk/epan/: CMakeLists.txt

Hi,
That is perhaps doing it backwards e.g the list sorting should perhaps have been changed.
- C:\wireshark\asn1\HI2Operations
- HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version11(11)}

Regards
Anders

-------- Ursprungligt meddelande -------- Ämne: Datum: Från: Svar till: Till:
[Wireshark-commits] rev 40801: /trunk/epan/ /trunk/epan/dissectors/: Makefile.common packet-HI2Operations.c packet-hi2operations.c /trunk/epan/: CMakeLists.txt
Thu, 02 Feb 2012 01:08:03 GMT
jmayer-IZ8446WsY0/dtAWm4Da02A@public.gmane.org
wireshark-dev-IZ8446WsY0/dtAWm4Da02A@public.gmane.org
wireshark-commits-IZ8446WsY0/dtAWm4Da02A@public.gmane.org


http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=40801 User: jmayer Date: 2012/02/01 05:08 PM Log: packet-HI2Operations.c was sorted into the file list as if it were spelled packet-hi2operations.c. Rename the file to represent this. Directory: /trunk/epan/dissectors/ Changes Path Action +1 -1 Makefile.common Modified +0 -5168 packet-HI2Operations.c Removed +5168 -0 packet-hi2operations.c Added Directory: /trunk/epan/ Changes Path Action +1 -1 CMakeLists.txt Modified ___________________________________________________________________________ Sent via: Wireshark-commits mailing list <wireshark-commits-IZ8446WsY0/dtAWm4Da02A@public.gmane.org> Archives: http://www.wireshark.org/lists/wireshark-commits Unsubscribe: https://wireshark.org/mailman/options/wireshark-commits mailto:wireshark-commits-request-IZ8446WsY0/dtAWm4Da02A@public.gmane.org?subject=unsubscribe 
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
Permalink | Reply | 1 comment |
headers
Jagadish venepalli | 2 Feb 14:37
Picon

ss7 traces

Dear Team,

I want to learn the ss7 protocol traces and ISDN traces through wireshark, can u send me theany document regarding this.

please do needful

awaiting for your valuable responses.

--

Thanks and Regards
Jagadeesh chandra venepalli
Ph.no: 919966079933

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
Permalink | Reply | 1 comment |
headers
Stephen Fisher | 2 Feb 19:46

Re: accessing all TVB elements


---- On Wed, 01 Feb 2012 19:24:19 -0700 Andrew Kampjes  wrote ---- 

> I have a dissector and I need to load all the TVB elements to be displayed to preform a custom reassembly on them.
> 
> The dissect_PROTO() function only gets the current TVB that you've clicked on at a time. I need either
random access to the other TVB elements during the dissect_PROTO() function or at least sequential
access when the file is loaded and the dissector run.

Read doc/README.developer, section 2.7 titled "Reassembly/desegmentation for protocols running atop
TCP" if it's a TCP based protocol.  There is another, more complicated, reassembly method that can be used
with any protocol.  Once you reassemble the stream, the TVB from the final packet in the stream will contain
all of the payload.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
Permalink | Reply | 0 comments |
headers
Jeff Morriss | 2 Feb 20:29
Picon

Re: ss7 traces

Jagadish venepalli wrote:
> Dear Team,
> 
> I want to learn the ss7 protocol traces and ISDN traces through 
> wireshark, can u send me theany document regarding this.

I'm not sure what you mean.  Do you want some SS7 traces?  There are 
some in the SIGTRAN section on the SampleCaptures page:

http://wiki.wireshark.org/SampleCaptures

If you want information about SS7 support, the wiki has some pages about 
that, too.  A basic starting place:

http://wiki.wireshark.org/SS7
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@...>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@...?subject=unsubscribe
Permalink | Reply | 0 comments |

Gmane