-- By Gerald Combs <gerald@wireshark.org>
-- Copyright 1998 Gerald Combs
--
--- This program is free software; you can redistribute it and/or
--- modify it under the terms of the GNU General Public License
--- as published by the Free Software Foundation; either version 2
--- of the License, or (at your option) any later version.
---
--- This program is distributed in the hope that it will be useful,
--- but WITHOUT ANY WARRANTY; without even the implied warranty of
--- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
--- GNU General Public License for more details.
---
--- You should have received a copy of the GNU General Public License
--- along with this program; if not, write to the Free Software
--- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+-- SPDX-License-Identifier: GPL-2.0-or-later
-- Set disable_lua to true to disable Lua support.
disable_lua = false
package.path = name .. sep .. "?.lua;" .. package.path
end
--- -- Wiretap encapsulations XXX
+-- Wiretap encapsulations XXX
wtap_encaps = {
["PER_PACKET"] = -1,
["UNKNOWN"] = 0,
["GFP_T"] = 178,
["GFP_F"] = 179,
["IP_OVER_IB_PCAP"] = 180,
- ["JUNIPER_VN"] = 181
+ ["JUNIPER_VN"] = 181,
+ ["USB_DARWIN"] = 182,
+ ["LORATAP"] = 183,
+ ["3MB_ETHERNET"] = 184,
+ ["VSOCK"] = 185,
+ ["NORDIC_BLE"] = 186,
+ ["NETMON_NET_NETEVENT"] = 187,
+ ["NETMON_HEADER"] = 188,
+ ["NETMON_NET_FILTER"] = 189,
+ ["NETMON_NETWORK_INFO_EX"] = 190,
+ ["MA_WFP_CAPTURE_V4"] = 191,
+ ["MA_WFP_CAPTURE_V6"] = 192,
+ ["MA_WFP_CAPTURE_2V4"] = 193,
+ ["MA_WFP_CAPTURE_2V6"] = 194,
+ ["MA_WFP_CAPTURE_AUTH_V4"] = 195,
+ ["MA_WFP_CAPTURE_AUTH_V6"] = 196,
+ ["JUNIPER_ST"] = 197,
+ ["ETHERNET_MPACKET"] = 198,
+ ["DOCSIS31_XRA31"] = 199
}
wtap = wtap_encaps -- for bw compatibility
--- -- Wiretap file types
+-- Wiretap file types
wtap_filetypes = {
["UNKNOWN"] = 0,
["PCAP"] = 1,
}
--- -- Wiretap timestamp precision types
+-- Wiretap timestamp precision types
wtap_tsprecs = {
["SEC"] = 0,
["DSEC"] = 1,
}
--- -- Wiretap file comment types
+-- Wiretap file comment types
wtap_comments = {
["PER_SECTION"] = 0x00000001,
["PER_INTERFACE"] = 0x00000002,
}
--- -- Field Types
+-- Field Types
ftypes = {
["NONE"] = 0,
["PROTOCOL"] = 1,
["BOOLEAN"] = 2,
- ["UINT8"] = 3,
- ["UINT16"] = 4,
- ["UINT24"] = 5,
- ["UINT32"] = 6,
- ["UINT40"] = 7,
- ["UINT48"] = 8,
- ["UINT56"] = 9,
- ["UINT64"] = 10,
- ["INT8"] = 11,
- ["INT16"] = 12,
- ["INT24"] = 13,
- ["INT32"] = 14,
- ["INT40"] = 15,
- ["INT48"] = 16,
- ["INT56"] = 17,
- ["INT64"] = 18,
- ["IEEE_11073_SFLOAT"] = 19,
- ["IEEE_11073_FLOAT"] = 20,
- ["FLOAT"] = 21,
- ["DOUBLE"] = 22,
- ["ABSOLUTE_TIME"] = 23,
- ["RELATIVE_TIME"] = 24,
- ["STRING"] = 25,
- ["STRINGZ"] = 26,
- ["UINT_STRING"] = 27,
- ["ETHER"] = 28,
- ["BYTES"] = 29,
- ["UINT_BYTES"] = 30,
- ["IPv4"] = 31,
- ["IPv6"] = 32,
- ["IPXNET"] = 33,
- ["FRAMENUM"] = 34,
- ["PCRE"] = 35,
- ["GUID"] = 36,
- ["OID"] = 37,
- ["EUI64"] = 38,
- ["AX25"] = 39,
- ["VINES"] = 40,
- ["REL_OID"] = 41,
- ["SYSTEM_ID"] = 42,
- ["STRINGZPAD"] = 43,
- ["FCWWN"] = 44
+ ["CHAR"] = 3,
+ ["UINT8"] = 4,
+ ["UINT16"] = 5,
+ ["UINT24"] = 6,
+ ["UINT32"] = 7,
+ ["UINT40"] = 8,
+ ["UINT48"] = 9,
+ ["UINT56"] = 10,
+ ["UINT64"] = 11,
+ ["INT8"] = 12,
+ ["INT16"] = 13,
+ ["INT24"] = 14,
+ ["INT32"] = 15,
+ ["INT40"] = 16,
+ ["INT48"] = 17,
+ ["INT56"] = 18,
+ ["INT64"] = 19,
+ ["IEEE_11073_SFLOAT"] = 20,
+ ["IEEE_11073_FLOAT"] = 21,
+ ["FLOAT"] = 22,
+ ["DOUBLE"] = 23,
+ ["ABSOLUTE_TIME"] = 24,
+ ["RELATIVE_TIME"] = 25,
+ ["STRING"] = 26,
+ ["STRINGZ"] = 27,
+ ["UINT_STRING"] = 28,
+ ["ETHER"] = 29,
+ ["BYTES"] = 30,
+ ["UINT_BYTES"] = 31,
+ ["IPv4"] = 32,
+ ["IPv6"] = 33,
+ ["IPXNET"] = 34,
+ ["FRAMENUM"] = 35,
+ ["PCRE"] = 36,
+ ["GUID"] = 37,
+ ["OID"] = 38,
+ ["EUI64"] = 39,
+ ["AX25"] = 40,
+ ["VINES"] = 41,
+ ["REL_OID"] = 42,
+ ["SYSTEM_ID"] = 43,
+ ["STRINGZPAD"] = 44,
+ ["FCWWN"] = 45
}
-- the following table is since 2.0
--- -- Field Type FRAMENUM Types
+-- Field Type FRAMENUM Types
frametype = {
["NONE"] = 0,
["REQUEST"] = 1,
["RESPONSE"] = 2,
["ACK"] = 3,
- ["DUP_ACK"] = 4
+ ["DUP_ACK"] = 4,
+ ["RETRANS_PREV"] = 5,
+ ["RETRANS_NEXT"] = 6
}
-- the following table is since 1.12
--- -- Wiretap record_types
+-- Wiretap record_types
wtap_rec_types = {
["PACKET"] = 0, -- packet
["FT_SPECIFIC_EVENT"] = 1, -- file-type-specific event
-- the following table is since 1.11.3
--- -- Wiretap presence flags
+-- Wiretap presence flags
wtap_presence_flags = {
["TS"] = 1, -- time stamp
["CAP_LEN"] = 2, -- captured length separate from on-the-network length
}
--- -- Display Bases
- base = {
- ["NONE"] = 0,
- ["DEC"] = 1,
- ["HEX"] = 2,
- ["OCT"] = 3,
- ["DEC_HEX"] = 4,
- ["HEX_DEC"] = 5,
- ["CUSTOM"] = 6,
- ["NETMASK"] = 12,
- ["PT_UDP"] = 13,
- ["PT_TCP"] = 14,
- ["PT_DCCP"] = 15,
- ["PT_SCTP"] = 16,
+-- Display Bases
+base = {
+ ["NONE"] = 0, -- none
+ ["DEC"] = 1, -- decimal
+ ["HEX"] = 2, -- hexadecimal
+ ["OCT"] = 3, -- octal
+ ["DEC_HEX"] = 4, -- decimal (hexadecimal)
+ ["HEX_DEC"] = 5, -- hexadecimal (decimal)
+ ["CUSTOM"] = 6, -- call custom routine (in ->strings) to format
+ ["ASCII"] = 0, -- shows non-printable ASCII characters as C-style escapes
+ ["UNICODE"] = 7, -- shows non-printable UNICODE characters as \\uXXXX (XXX for now non-printable characters display depends on UI)
+ ["DOT"] = 8, -- hexadecimal bytes with a period (.) between each byte
+ ["DASH"] = 9, -- hexadecimal bytes with a dash (-) between each byte
+ ["COLON"] = 10, -- hexadecimal bytes with a colon (:) between each byte
+ ["SPACE"] = 11, -- hexadecimal bytes with a space between each byte
+ ["NETMASK"] = 12, -- Used for IPv4 address that shouldn't be resolved (like for netmasks)
+ ["PT_UDP"] = 13, -- UDP port
+ ["PT_TCP"] = 14, -- TCP port
+ ["PT_DCCP"] = 15, -- DCCP port
+ ["PT_SCTP"] = 16, -- SCTP port
+ ["OUI"] = 17, -- OUI resolution
+ ["UNIT_STRING"] = 4096, -- Add unit text to the field value
+ ["LOCAL"] = 1000, -- local time in our time zone, with month and day
+ ["UTC"] = 1001, -- UTC, with month and day
+ ["DOY_UTC"] = 1002, -- UTC, with 1-origin day-of-year
}
-
--- -- Encodings
+-- Encodings
ENC_BIG_ENDIAN = 0
ENC_LITTLE_ENDIAN = 2147483648
ENC_TIME_TIMESPEC = 0
ENC_TIME_NTP = 2
ENC_TIME_TOD = 4
-ENC_TIME_NTP_BASE_ZERO = 8
+ENC_TIME_RTPS = 8
+ENC_TIME_NTP_BASE_ZERO = 14
+ENC_TIME_TIMEVAL = 16
+ENC_TIME_SECS = 18
+ENC_TIME_MSECS = 20
+ENC_TIME_SECS_NTP = 24
+ENC_TIME_RFC_3971 = 32
+ENC_TIME_MSEC_NTP = 34
ENC_CHARENCODING_MASK = 2147483646
ENC_ASCII = 0
ENC_UTF_8 = 2
ENC_MAC_ROMAN = 48
ENC_CP437 = 50
ENC_ASCII_7BITS = 52
+ENC_T61 = 54
+ENC_EBCDIC_CP037 = 56
+ENC_ZIGBEE = 58
ENC_NA = 0
ENC_STR_NUM = 16777216
ENC_STR_HEX = 33554432
ENC_STRING = 50331648
ENC_STR_MASK = 65534
ENC_NUM_PREF = 2097152
+ENC_VARINT_PROTOBUF = 2
+ENC_VARINT_QUIC = 4
ENC_SEP_NONE = 65536
ENC_SEP_COLON = 131072
ENC_SEP_DASH = 262144
-
--- -- Expert flags and facilities (deprecated - see 'expert' table below)
+-- Expert flags and facilities (deprecated - see 'expert' table below)
PI_SEVERITY_MASK = 15728640
PI_COMMENT = 1048576
PI_CHAT = 2097152
PI_COMMENTS_GROUP = 184549376
PI_DECRYPTION = 201326592
PI_ASSUMPTION = 218103808
+PI_DEPRECATED = 234881024
-- the following table is since 1.11.3
--- -- Expert flags and facilities
+-- Expert flags and facilities
expert = {
-- Expert event groups
group = {
["DECRYPTION"] = 201326592,
-- The protocol field has incomplete data, decode based on assumed value
["ASSUMPTION"] = 218103808,
+ -- The protocol field has been deprecated, usually PI_NOTE severity
+ ["DEPRECATED"] = 234881024,
},
-- Expert severity levels
severity = {
--- -- menu groups for register_menu
+-- menu groups for register_menu
MENU_ANALYZE_UNSORTED = 0
MENU_ANALYZE_CONVERSATION = 1
MENU_STAT_UNSORTED = 2
-- other useful constants
+-- DATA_DIR and USER_DIR have a trailing directory separator.
GUI_ENABLED = gui_enabled()
-DATA_DIR = Dir.global_config_path()
-USER_DIR = Dir.personal_config_path()
+DATA_DIR = Dir.global_config_path()..package.config:sub(1,1)
+USER_DIR = Dir.personal_config_path()..package.config:sub(1,1)
-- deprecated function names
datafile_path = Dir.global_config_path
projects / config / sarah / etc.git / commitdiff