Adding upstream version 4.2.2.upstream/4.2.2

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

13 files changed, 960 insertions, 0 deletions

diff --git a/resources/share/doc/wireshark/pdml2html.xsl b/resources/share/doc/wireshark/pdml2html.xsl
new file mode 100644
index 00000000..37f70e21
--- /dev/null
+++ b/resources/share/doc/wireshark/pdml2html.xsl
@@ -0,0 +1,221 @@
+<?xml version="1.0"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<!-- This XSLT will convert a PDML file, saved by Wireshark, into
+     HTML. The HTML page should look similar to Wireshark. See
+     https://gitlab.com/wireshark/wireshark/-/wikis/PDML for information
+     on how to generate such a HTML file from PDML.
+     For questions contact Dirk Jagdmann (doj@cubic.org).
+
+     Version: 2010-06-09
+
+     Wireshark - Network traffic analyzer
+     By Gerald Combs <gerald@wireshark.org>
+     Copyright 1998 Gerald Combs
+
+     SPDX-License-Identifier: GPL-2.0-or-later
+     -->
+
+<!-- set parameters of the HTML output -->
+<xsl:output method="html" encoding="UTF-8" omit-xml-declaration="no" standalone="yes" indent="yes"/>
+
+<!-- this matches the "field" tag -->
+<xsl:template match="field">
+  &#160;&#160;&#160; <!-- indent with 3 non-breaking spaces -->
+
+  <!-- output either the "showname" or "show" attribute -->
+  <xsl:choose>
+    <xsl:when test="string-length(@showname)>0">
+      <xsl:value-of select="@showname"/><br/>
+    </xsl:when>
+    <xsl:otherwise>
+      <!--<xsl:value-of select="@name"/>:--> <xsl:value-of select="@show"/><br/>
+    </xsl:otherwise>
+  </xsl:choose>
+
+  <xsl:apply-templates/> <!-- we expect to match "field" tags -->
+</xsl:template>
+
+<!-- this matches the "packet" tag -->
+<xsl:template match="packet">
+
+  <!-- declare some variables for later use -->
+  <xsl:variable name="frame_num" select="proto[@name='frame']/field[@name='frame.number']/@show"/>
+  <xsl:variable name="frame_id"  select="concat('f',$frame_num)"/>
+  <xsl:variable name="frame_c"   select="concat($frame_id,'c')"/>
+
+  <!-- the "title" bar of the frame -->
+  <div width="100%" id="{$frame_id}">
+    <a href="javascript:toggle_node('{$frame_c}')">&#8658;</a> <!-- #8658 is a "rArr" (double right arrow) character -->
+    Frame <xsl:value-of select="$frame_num"/>:
+    <xsl:for-each select="proto[@name!='geninfo']">
+      <xsl:value-of select="@name"/>,
+    </xsl:for-each>
+    <small><a href="javascript:hide_node('{$frame_id}')">[X]</a></small>
+  </div>
+
+  <!-- the frame contents are stored in a div, so we can toggle it -->
+  <div width="100%" id="{$frame_c}" style="display:none">
+    <!-- loop through all proto tags, but skip the "geninfo" one -->
+    <xsl:for-each select="proto[@name!='geninfo']">
+
+      <xsl:variable name="proto" select="concat($frame_id,@name,count(preceding-sibling::proto)+1)"/>
+
+      <!-- the "title" bar of the proto -->
+      <div width="100%" style="background-color:#e5e5e5; margin-bottom: 2px">
+        &#160;<a href="javascript:toggle_node('{$proto}')">&#8658;</a>&#160;<xsl:value-of select="@showname"/>
+
+        <!-- print "proto" details inside another div -->
+        <div width="100%" id="{$proto}" style="display:none">
+         <xsl:apply-templates/> <!-- we expect to match "field" tags -->
+        </div>
+      </div>
+    </xsl:for-each>
+  </div>
+
+  <!-- use the javascript function set_node_color() to set the color
+       of the frame title bar. Defer colorization until the full page has
+       been loaded. If the browser would support the XPath function
+       replace() we could simply set the class attribute of the title bar div,
+       but for now we're stuck with class names from Wireshark's colorfilters
+       that contain spaces and we can't handle them in CSS. -->
+  <script type="text/javascript">
+    dojo.addOnLoad(function(){
+      set_node_color(
+        '<xsl:value-of select="$frame_id"/>',
+        '<xsl:value-of select="proto[@name='frame']/field[@name='frame.coloring_rule.name']/@show"/>'
+      );
+    });
+  </script>
+</xsl:template>
+
+<xsl:template match="pdml">
+  Capture Filename: <b><xsl:value-of select="@capture_file"/></b>
+  PDML created: <b><xsl:value-of select="@time"/></b>
+  <tt>
+    <xsl:apply-templates/> <!-- we expect to match the "packet" nodes -->
+  </tt>
+</xsl:template>
+
+<!-- this block matches the start of the PDML file -->
+<xsl:template match="/">
+  <html>
+  <head>
+    <title>poor man's Wireshark</title>
+    <script src="https://ajax.googleapis.com/ajax/libs/dojo/1.4/dojo/dojo.xd.js" type="text/javascript"></script>
+    <script type="text/javascript">
+function set_node(node, str)
+{
+  if(dojo.isString(node))
+    node = dojo.byId(node);
+  if(!node) return;
+  node.style.display = str;
+}
+function toggle_node(node)
+{
+  if(dojo.isString(node))
+    node = dojo.byId(node);
+  if(!node) return;
+  set_node(node, (node.style.display != 'none') ? 'none' : 'block');
+}
+function hide_node(node)
+{
+  set_node(node, 'none');
+}
+// this function was generated by colorfilters2js.pl
+function set_node_color(node,colorname)
+{
+  if(dojo.isString(node))
+    node = dojo.byId(node);
+  if(!node) return;
+  var fg;
+  var bg;
+  if(colorname == 'Bad TCP') {
+    bg='#000000';
+    fg='#ff5f5f';
+  }
+  if(colorname == 'HSRP State Change') {
+    bg='#000000';
+    fg='#fff600';
+  }
+  if(colorname == 'Spanning Tree Topology  Change') {
+    bg='#000000';
+    fg='#fff600';
+  }
+  if(colorname == 'OSPF State Change') {
+    bg='#000000';
+    fg='#fff600';
+  }
+  if(colorname == 'ICMP errors') {
+    bg='#000000';
+    fg='#00ff0e';
+  }
+  if(colorname == 'ARP') {
+    bg='#d6e8ff';
+    fg='#000000';
+  }
+  if(colorname == 'ICMP') {
+    bg='#c2c2ff';
+    fg='#000000';
+  }
+  if(colorname == 'TCP RST') {
+    bg='#900000';
+    fg='#fff680';
+  }
+  if(colorname == 'TTL low or unexpected') {
+    bg='#900000';
+    fg='#ffffff';
+  }
+  if(colorname == 'Checksum Errors') {
+    bg='#000000';
+    fg='#ff5f5f';
+  }
+  if(colorname == 'SMB') {
+    bg='#fffa99';
+    fg='#000000';
+  }
+  if(colorname == 'HTTP') {
+    bg='#8dff7f';
+    fg='#000000';
+  }
+  if(colorname == 'IPX') {
+    bg='#ffe3e5';
+    fg='#000000';
+  }
+  if(colorname == 'DCERPC') {
+    bg='#c797ff';
+    fg='#000000';
+  }
+  if(colorname == 'Routing') {
+    bg='#fff3d6';
+    fg='#000000';
+  }
+  if(colorname == 'TCP SYN/FIN') {
+    bg='#a0a0a0';
+    fg='#000000';
+  }
+  if(colorname == 'TCP') {
+    bg='#e7e6ff';
+    fg='#000000';
+  }
+  if(colorname == 'UDP') {
+    bg='#70e0ff';
+    fg='#000000';
+  }
+  if(colorname == 'Broadcast') {
+    bg='#ffffff';
+    fg='#808080';
+  }
+  if(fg.length > 0)
+    node.style.color = fg;
+  if(bg.length > 0)
+    node.style.background = bg;
+}
+    </script>
+  </head>
+    <body>
+      <xsl:apply-templates/> <!-- we expect to match the "pdml" node -->
+    </body>
+  </html>
+</xsl:template>
+
+</xsl:stylesheet>
diff --git a/resources/share/logray/colorfilters b/resources/share/logray/colorfilters
new file mode 100644
index 00000000..a3c9785f
--- /dev/null
+++ b/resources/share/logray/colorfilters
@@ -0,0 +1,4 @@
+# This file was created by Logray. Edit with care.
+@Errors@ct.error@[4626,10023,11822][63479,34695,34695]
+@State Modifying Event@ct.readonly == "false"@[61423,50372,39578][0,0,0]
+@Administrative Activity@cloudtrail and not (ct.name ~ "^Describe.*" or ct.name ~ "^List.*"  or ct.name ~ "^(Batch|)Get.*")@[61423,50372,39578][0,0,0]
diff --git a/resources/share/logray/dfilter_buttons b/resources/share/logray/dfilter_buttons
new file mode 100644
index 00000000..57b024b5
--- /dev/null
+++ b/resources/share/logray/dfilter_buttons
@@ -0,0 +1,5 @@
+# This file is automatically generated, DO NOT MODIFY.
+"TRUE","S3","ct.shortsrc == \x22s3\x22","S3 events"
+"TRUE","EC2","ct.shortsrc == \x22ec2\x22","EC2 events"
+"TRUE","S3 PutObject","ct.name == \x22PutObject\x22",""
+"TRUE","Writes","ct.readonly == \x22false\x22",""
diff --git a/resources/share/wireshark/cfilters b/resources/share/wireshark/cfilters
new file mode 100644
index 00000000..b22fa938
--- /dev/null
+++ b/resources/share/wireshark/cfilters
@@ -0,0 +1,15 @@
+"Ethernet address 00:00:5e:00:53:00" ether host 00:00:5e:00:53:00
+"Ethernet type 0x0806 (ARP)" ether proto 0x0806
+"No Broadcast and no Multicast" not broadcast and not multicast
+"No ARP" not arp
+"IPv4 only" ip
+"IPv4 address 192.0.2.1" host 192.0.2.1
+"IPv6 only" ip6
+"IPv6 address 2001:db8::1" host 2001:db8::1
+"TCP only" tcp
+"UDP only" udp
+"Non-DNS" not port 53
+"TCP or UDP port 80 (HTTP)" port 80
+"HTTP TCP port (80)" tcp port http
+"No ARP and no DNS" not arp and port not 53
+"Non-HTTP and non-SMTP to/from www.wireshark.org" not port 80 and not port 25 and host www.wireshark.org
diff --git a/resources/share/wireshark/colorfilters b/resources/share/wireshark/colorfilters
new file mode 100644
index 00000000..b20e464d
--- /dev/null
+++ b/resources/share/wireshark/colorfilters
@@ -0,0 +1,22 @@
+# DO NOT EDIT THIS FILE!  It was created by Wireshark
+@Bad TCP@tcp.analysis.flags && !tcp.analysis.window_update && !tcp.analysis.keep_alive && !tcp.analysis.keep_alive_ack@[4718,10030,11796][63479,34695,34695]
+@HSRP State Change@hsrp.state != 8 && hsrp.state != 16@[4718,10030,11796][65535,64764,40092]
+@Spanning Tree Topology  Change@stp.type == 0x80@[4718,10030,11796][65535,64764,40092]
+@OSPF State Change@ospf.msg != 1@[4718,10030,11796][65535,64764,40092]
+@ICMP errors@icmp.type in { 3..5, 11 } || icmpv6.type in { 1..4 }@[4718,10030,11796][47031,63479,29812]
+@ARP@arp@[64250,61680,55255][4718,10030,11796]
+@ICMP@icmp || icmpv6@[64764,57568,65535][4718,10030,11796]
+@TCP RST@tcp.flags.reset eq 1@[42148,0,0][65535,64764,40092]
+@SCTP ABORT@sctp.chunk_type eq ABORT@[42148,0,0][65535,64764,40092]
+@IPv4 TTL low or unexpected@(ip.dst != 224.0.0.0/4 && ip.ttl < 5 && !(pim || ospf || eigrp || bgp || tcp.port==179)) || (ip.dst == 224.0.0.0/24 && ip.dst != 224.0.0.251 && ip.ttl != 1 && !(vrrp || carp || eigrp || rip || glbp))@[42148,0,0][60652,61680,60395]
+@IPv6 hop limit low or unexpected@(ipv6.dst != ff00::/8 && ipv6.hlim < 5 && !( ospf|| bgp || tcp.port==179)) || (ipv6.dst==ff00::/8 && ipv6.hlim not in {1, 64, 255})@[42148,0,0][60652,61680,60395]
+@Checksum Errors@eth.fcs.status=="Bad" || ip.checksum.status=="Bad" || tcp.checksum.status=="Bad" || udp.checksum.status=="Bad" || sctp.checksum.status=="Bad" || mstp.checksum.status=="Bad" || cdp.checksum.status=="Bad" || edp.checksum.status=="Bad" || wlan.fcs.status=="Bad" || stt.checksum.status=="Bad"@[4718,10030,11796][63479,34695,34695]
+@SMB@smb || nbss || nbns || netbios@[65278,65535,53456][4718,10030,11796]
+@HTTP@http || tcp.port == 80 || http2@[58596,65535,51143][4718,10030,11796]
+@DCERPC@dcerpc@[51199,38706,65533][4718,10030,11796]
+@Routing@hsrp || eigrp || ospf || bgp || cdp || vrrp || carp || gvrp || igmp || ismp@[65534,62325,54808][4718,10030,11796]
+@TCP SYN/FIN@tcp.flags & 0x02 || tcp.flags.fin == 1@[41026,41026,41026][4718,10030,11796]
+@TCP@tcp@[59345,58980,65535][4718,10030,11796]
+@UDP@udp@[56026,61166,65535][4718,10030,11796]
+@Broadcast@eth[0] & 1@[65535,65535,65535][47802,48573,46774]
+@System Event@systemd_journal || sysdig@[59110,59110,59110][11565,28527,39578]
diff --git a/resources/share/wireshark/dfilter_macros b/resources/share/wireshark/dfilter_macros
new file mode 100644
index 00000000..a85f9134
--- /dev/null
+++ b/resources/share/wireshark/dfilter_macros
@@ -0,0 +1,6 @@
+# DO NOT MODIFY
+# This file is the macro file shipped with Wireshark.
+# For your personal macros, use the same file in your profile dir.
+"private_ipv4","$1 == 192.168.0.0/16 or $1 == 172.16.0.0/12 or $1 == 10.0.0.0/8"
+"private_ethernet","$1[0] & 0x0F == 2"
+"private_ipv6", "ipv6 && $1 == fc00::/7"
diff --git a/resources/share/wireshark/dfilters b/resources/share/wireshark/dfilters
new file mode 100644
index 00000000..a11f9f06
--- /dev/null
+++ b/resources/share/wireshark/dfilters
@@ -0,0 +1,16 @@
+"Ethernet address 00:00:5e:00:53:00" eth.addr == 00:00:5e:00:53:00
+"Ethernet type 0x0806 (ARP)" eth.type == 0x0806
+"Ethernet broadcast" eth.addr == ff:ff:ff:ff:ff:ff
+"No ARP" not arp
+"IPv4 only" ip
+"IPv4 address 192.0.2.1" ip.addr == 192.0.2.1
+"IPv4 address isn't 192.0.2.1" ip.addr != 192.0.2.1
+"IPv6 only" ipv6
+"IPv6 address 2001:db8::1" ipv6.addr == 2001:db8::1
+"TCP only" tcp
+"UDP only" udp
+"Non-DNS port" !(udp.port == 53 || tcp.port == 53)
+"TCP or UDP port is 80 (HTTP)" tcp.port == 80 || udp.port == 80
+"HTTP" http
+"No ARP and no DNS" not arp and not dns
+"Non-HTTP and non-SMTP to/from 192.0.2.1" ip.addr == 192.0.2.1 and tcp.port not in {80, 25}
diff --git a/resources/share/wireshark/ipmap.html b/resources/share/wireshark/ipmap.html
new file mode 100644
index 00000000..fa8b542f
--- /dev/null
+++ b/resources/share/wireshark/ipmap.html
@@ -0,0 +1,380 @@
+<!doctype html>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0">
+<title>Wireshark: IP Location Map</title>
+<link rel="stylesheet" href="https://unpkg.com/leaflet@1.4.0/dist/leaflet.css"
+    integrity="sha512-puBpdR0798OZvTTbP4A8Ix/l+A4dHDD0DGqYW6RQ+9jxkRFclaxxQb/SJAWZfWAkuyeQUytO7+7N4QKrDh+drA=="
+    crossorigin="">
+<link rel="stylesheet" href="https://unpkg.com/leaflet.markercluster@1.4.1/dist/MarkerCluster.Default.css"
+    integrity="sha512-BBToHPBStgMiw0lD4AtkRIZmdndhB6aQbXpX7omcrXeG2PauGBl2lzq2xUZTxaLxYz5IDHlmneCZ1IJ+P3kYtQ=="
+    crossorigin="">
+<link rel="stylesheet" href="https://unpkg.com/leaflet.markercluster@1.4.1/dist/MarkerCluster.css"
+    integrity="sha512-RLEjtaFGdC4iQMJDbMzim/dOvAu+8Qp9sw7QE4wIMYcg2goVoivzwgSZq9CsIxp4xKAZPKh5J2f2lOko2Ze6FQ=="
+    crossorigin="">
+<!--
+<link rel="stylesheet" href="https://unpkg.com/leaflet-measure@3.1.0/dist/leaflet-measure.css"
+    integrity="sha512-wgiKVjb46JxgnGNL6xagIy2+vpqLQmmHH7fWD/BnPzouddSmbRTf6xatWIRbH2Rgr2F+tLtCZKbxnhm5Xz0BcA=="
+    crossorigin="">
+-->
+<style>
+html, body {
+    margin: 0;
+    padding: 0;
+    height: 100%;
+}
+#map {
+    height: 100%;
+}
+.file-picker-enabled #map, #file-picker-container {
+    display: none;
+}
+.file-picker-enabled #file-picker-container {
+    display: block;
+    margin: 2em;
+}
+.range-control {
+    padding: 3px 5px;
+    color: #333;
+    background: #fff;
+    opacity: .5;
+}
+.range-control:hover { opacity: 1; }
+.range-control-label { padding-right: 3px; }
+.range-control-input { padding: 0; width: 130px; }
+.range-control-input, .range-control-label { vertical-align: middle; }
+</style>
+<script src="https://unpkg.com/leaflet@1.4.0/dist/leaflet.js"
+    integrity="sha512-QVftwZFqvtRNi0ZyCtsznlKSWOStnDORoefr1enyq5mVL4tmKB3S/EnC3rRJcxCPavG10IcrVGSmPh6Qw5lwrg=="
+    crossorigin=""></script>
+<script src="https://unpkg.com/leaflet.markercluster@1.4.1/dist/leaflet.markercluster.js"
+    integrity="sha512-MQlyPV+ol2lp4KodaU/Xmrn+txc1TP15pOBF/2Sfre7MRsA/pB4Vy58bEqe9u7a7DczMLtU5wT8n7OblJepKbg=="
+    crossorigin=""></script>
+<!--
+<script src="https://unpkg.com/leaflet-measure@3.1.0/dist/leaflet-measure.js"
+    integrity="sha512-ovh6EqS7MUI3QjLWBM7CY8Gu8cSM5x6vQofUMwKGbHVDPSAS2lmNv6Wq5es5WCz1muyojQxcc8rA3CvVjD2Z+A=="
+    crossorigin=""></script>
+-->
+<script>
+var map;
+
+function sortIpKey(v) {
+    if (/\./.test(v)) {
+        // Assume IPv4. Convert 192.0.2.34 -> 192.000.002.034 for alpha sort.
+        return v.replace(/\b\d\b/g, '00$&').replace(/\b\d{2}\b/g, '0$&');
+    } else {
+        // Assume IPv6. We won't handle :: correctly. Hope for the best.
+        return v;
+    }
+}
+
+function escapeHtml(text) {
+    if (!text) return '';
+    return text.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+}
+function sanitizeHtml(text) {
+    // Handle legacy data containing <div class="geoip_property">...</div>
+    // (since Wireshark 2.0) or <br/> (before v1.99.0-rc1-1781-g7e63805708).
+    text = text
+        .replace(/<div[^>]*>/g, '')
+        .replace(/<\/div>|<br\/>/g, '\n')
+        .replace(/&#39;/g, "'");
+    return escapeHtml(text).replace(/\n/g, '<br>');
+}
+
+var RangeControl = L.Control.extend({
+    options: {
+        // @option label: String = 'Speed:'
+        // The HTML text to be displayed next to the slider.
+        label: '',
+        title: '',
+
+        min: 0,
+        max: 100,
+        value: 0,
+
+        // @option onChange: Function = *
+        // A `Function` that is called on slider value changes.
+        // Called with two arguments, the new and previous range value.
+    },
+    onAdd: function(map) {
+        var className = 'range-control';
+        var container = L.DomUtil.create('div', className + ' leaflet-bar');
+        L.DomEvent.disableClickPropagation(container);
+        var label = L.DomUtil.create('label', className + '-label', container);
+        var labelText = L.DomUtil.create('span', className + '-label', label);
+        labelText.title = this.options.title;
+        labelText.innerHTML = this.options.label;
+        var input = L.DomUtil.create('input', className + '-input', label);
+        this._input = input;
+        input.type = 'range';
+        input.min = this.options.min;
+        input.max = this.options.max;
+        this._lastValue = input.valueAsNumber = this.options.value;
+        L.DomEvent.on(input, 'change', this._onInputChange, this);
+        return container;
+    },
+    _onInputChange: function(ev) {
+        var value = this._input.valueAsNumber;
+        if (value !== this._lastValue) {
+            if (this.options.onChange) {
+                this.options.onChange(value, this._lastValue);
+            }
+            this._lastValue = value;
+        }
+    }
+});
+
+var rangeControl = function(options) {
+    return new RangeControl(options);
+};
+
+function loadGeoJSON(obj) {
+    'use strict';
+    if (map) map.remove();
+    map = L.map('map');
+    var tileServer = 'https://{s}.basemaps.cartocdn.com/light_all/{z}/{x}/{y}{r}.png';
+    L.tileLayer(tileServer, {
+        minZoom: 2,
+        maxZoom: 16,
+        subdomains: 'abcd',
+        attribution: '&copy; <a href="https://www.openstreetmap.org/copyright">OpenStreetMap</a> contributors &copy; <a href="https://carto.com/attributions">CARTO</a>'
+    }).addTo(map);
+    L.control.scale().addTo(map);
+
+    // Measurement tool, useful for investigating accuracy-related issues.
+    if (L.control.measure) {
+        L.control.measure({
+            primaryLengthUnit: 'kilometers',
+            secondaryLengthUnit: 'miles'
+        }).addTo(map);
+    }
+
+    var geoJson = L.geoJSON(obj, {
+        pointToLayer: function(feature, latlng) {
+            // MaxMind databases use km for accuracy, but they always use
+            // 50, 100, 200 or 1000. That is too course, so ignore it and use a
+            // fixed 1km radius.
+            // See https://gitlab.com/wireshark/wireshark/-/issues/14693#note_400735005
+            return L.circle(latlng, {radius: 1e3});
+        },
+        onEachFeature: function(feature, layer) {
+            var props = feature.properties;
+            var title, lines = [];
+            if (props.title && props.description) {
+                title = escapeHtml(props.title);
+                lines.push(sanitizeHtml(props.description));
+            } else {
+                title = escapeHtml(props.ip);
+                if (props.autonomous_system_number) {
+                    var line = 'AS: ' + props.autonomous_system_number;
+                    line += ' (' + props.autonomous_system_organization + ')';
+                    lines.push(escapeHtml(line));
+                }
+                if (props.city) {
+                    lines.push(escapeHtml('City: ' + props.city));
+                }
+                if (props.country) {
+                    lines.push(escapeHtml('Country: ' + props.country));
+                }
+                if ('packets' in props) {
+                    lines.push(escapeHtml('Packets: ' + props.packets));
+                }
+                if ('bytes' in props) {
+                    lines.push(escapeHtml('Bytes: ' + props.bytes));
+                }
+            }
+            if (title) {
+                layer.bindTooltip(title, {
+                    offset: [10, 0],
+                    direction: 'right',
+                    sticky: true
+                });
+            }
+            if (title && lines.length) {
+                layer.bindPopup('<b>' + title + '</b><br>' + lines.join('<br>'));
+            }
+        }
+    });
+
+    map.on('zoomend', function() {
+        // Ensure that the circles are clearly visible even when zoomed out.
+        // Larger values will increase the size of the circle.
+        var visibleZoomLevel = 9;
+        var radius = 1e3;
+        if (map.getZoom() < visibleZoomLevel) {
+            // Enlarge radius to ensure it is easy to select.
+            radius *= map.getZoomScale(visibleZoomLevel, map.getZoom());
+        }
+        geoJson.eachLayer(function(layer) {
+            layer.setRadius(radius);
+        });
+    });
+
+    // Cluster nearby/overlapping nodes by default.
+    var clusterGroup = L.markerClusterGroup({
+        zoomToBoundsOnClick: false,
+        spiderfyOnMaxZoom: false,
+        maxClusterRadius: 10
+    });
+    clusterGroup.addTo(map).addLayer(geoJson);
+    map.fitWorld().fitBounds(clusterGroup.getBounds());
+
+    // Summarize nodes within the cluster.
+    clusterGroup.on('clustermouseover', function(ev) {
+        // More addresses will be stripped.
+        var cutoff = 30;
+        var cluster = ev.propagatedFrom;
+        var addresses = cluster.getAllChildMarkers().map(function(marker) {
+            return marker.getTooltip().getContent();
+        });
+        addresses.sort(function(a, b) {
+            a = sortIpKey(a);
+            b = sortIpKey(b);
+            return a === b ? 0 : (a < b ? -1 : 1);
+        });
+        var deleted = addresses.splice(cutoff).length;
+        var title = addresses.join('<br>');
+        if (deleted) {
+            title += '<br>(and ' + deleted + ' more)';
+        }
+        cluster.bindTooltip(title, {
+            offset: [10, 0],
+            direction: 'right',
+            sticky: true,
+            opacity: 0.8
+        }).openTooltip();
+    }).on('clustermouseout', function(ev) {
+        ev.propagatedFrom.unbindTooltip();
+    }).on('clusterclick', function(ev) {
+        ev.propagatedFrom.spiderfy();
+    });
+
+    // Provide an option to disable clustering
+    rangeControl({
+        label: 'Cluster radius:',
+        title: 'Control merging of nearby nodes. Set to the minimum to disable merges.',
+        min: 0,
+        max: 100,
+        value: clusterGroup.options.maxClusterRadius,
+        onChange: function(value, oldValue) {
+            // Apply new radius: remove map, clear markers and finally add new.
+            clusterGroup.options.maxClusterRadius = value;
+            clusterGroup.remove().clearLayers().addTo(map);
+            // Value 0: clustering is disabled, the map is directly used.
+            geoJson.remove().addTo(value === 0 ? map : clusterGroup);
+        }
+    }).addTo(map);
+}
+
+function showError(msg) {
+    document.getElementById('error-message').textContent = msg;
+    document.body.classList.add('file-picker-enabled');
+}
+
+function loadData(data) {
+    'use strict';
+    var html_match, what, error;
+    var reOldHtml = /^ *var endpoints = (\{[\s\S]+? *\});$/m;
+    // Complicated regex to support html-minifier.
+    var reNewHtml = /<script[^>]+id="?ipmap-data"?(?: [^>]*)?>\s*(\{[\S\s]+?\})\s*<\/script>/;
+    if ((html_match = reNewHtml.exec(data))) {
+        // Match new ipmap.html file.
+        what = 'new ipmap.html';
+        data = html_match[1];
+    } else if ((html_match = reOldHtml.exec(data))) {
+        // Match old ipmap.html file
+        what = 'old ipmap.html';
+        var text = html_match[1].replace(/'/g, '"');
+        text = text.replace(/ class="geoip_property"/g, '');
+        data = text.replace(/\/\/ Start endpoint list.*/, '');
+    } else if (/^\s*\{[\s\S]+\}\s*$/.test(data)) {
+        // Assume GeoJSON (.json) file.
+        what = 'GeoJSON file';
+    } else {
+        what = 'unknown file';
+        error = 'Unrecognized file contents';
+    }
+    if (!error) {
+        try {
+            loadGeoJSON(JSON.parse(data));
+            return true;
+        } catch (e) {
+            error = e;
+        }
+    }
+    var msg = 'Failed to load map data from ' + what + ': ' + error;
+    msg += '; data was: ' + data.substring(0, 120);
+    if (data.length > 100) msg += '... (' + data.length + ' bytes)';
+    showError(msg);
+}
+
+(function() {
+    'use strict';
+    function loadFromUrl(url) {
+        var xhr = new XMLHttpRequest();
+        xhr.open('GET', url, true);
+        xhr.onload = function() {
+            if (xhr.status !== 200) {
+                showError('Failed to retrieve ' + url + ': ' + xhr.status + ' ' + xhr.statusText);
+                return;
+            }
+            loadData(xhr.responseText);
+        };
+        xhr.onerror = function() {
+            showError('Failed to retrieve ' + url + ': ' + xhr.status + ' ' + xhr.statusText);
+        };
+        xhr.send(null);
+    }
+
+    addEventListener('load', function() {
+        // Note: FileReader and classList do not work with IE9 or older.
+        var fileSelector = document.getElementById('file-picker');
+        fileSelector.addEventListener('change', function() {
+            if (!fileSelector.files.length) {
+                return;
+            }
+            document.body.classList.remove('file-picker-enabled');
+            var reader = new FileReader();
+            reader.onload = function() {
+                if (!loadData(reader.result)) {
+                    document.body.classList.add('file-picker-enabled');
+                }
+            };
+            reader.onerror = function() {
+                showError('Failed to read file.');
+            };
+            reader.readAsText(fileSelector.files[0]);
+        });
+
+        // Force file picker when the "file" URL is given.
+        var url = location.search.match(/[?&]url=([^&]*)/);
+        if (url) {
+            url = decodeURIComponent(url[1]);
+            if (url) {
+                loadFromUrl(url);
+            } else {
+                showError('');
+            }
+            return;
+        }
+
+        var data = document.getElementById('ipmap-data');
+        if (data) {
+            loadData(data.textContent);
+        } else {
+            showError('');
+        }
+    });
+}());
+</script>
+<div id="file-picker-container">
+<label>Select an ipmap.html or GeoJSON .json file as created by Wireshark.<br>
+<input type="file" id="file-picker" accept=".json,.html"></label>
+<p id="error-message"></p>
+</div>
+<div id="map"></div>
+<!--
+    Wireshark will append a script tag (id="ipmap-data" type="application/json")
+    below, containing a GeoJSON object. If missing, then a file picker will be
+    displayed which can be useful during development.
+-->
diff --git a/resources/share/wireshark/profiles/Bluetooth/colorfilters b/resources/share/wireshark/profiles/Bluetooth/colorfilters
new file mode 100644
index 00000000..3d58a6ac
--- /dev/null
+++ b/resources/share/wireshark/profiles/Bluetooth/colorfilters
@@ -0,0 +1,52 @@
+# DO NOT EDIT THIS FILE!  It was created by Wireshark
+@Bad TCP@tcp.analysis.flags && !tcp.analysis.window_update@[0,0,0][65535,24383,24383]
+@HSRP State Change@hsrp.state != 8 && hsrp.state != 16@[0,0,0][65535,63222,0]
+@Spanning Tree Topology  Change@stp.type == 0x80@[0,0,0][65535,63222,0]
+@OSPF State Change@ospf.msg != 1@[0,0,0][65535,63222,0]
+@ICMP errors@icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11 || icmpv6.type eq 1 || icmpv6.type eq 2 || icmpv6.type eq 3 || icmpv6.type eq 4@[0,0,0][0,65535,3616]
+@ARP@arp@[55011,59486,65534][0,0,0]
+@ICMP@icmp || icmpv6@[49680,49737,65535][0,0,0]
+@TCP RST@tcp.flags.reset eq 1@[37008,0,0][65535,63121,32911]
+@SCTP ABORT@sctp.chunk_type eq ABORT@[37008,0,0][65535,63121,32911]
+@IPv4 TTL low or unexpected@(ip.dst != 224.0.0.0/4 && ip.ttl < 5 && !(pim || ospf || eigrp || bgp || tcp.port==179)) || (ip.dst == 224.0.0.0/24 && ip.dst != 224.0.0.251 && ip.ttl != 1 && !(vrrp || carp || eigrp || rip || glbp))@[42148,0,0][60652,61680,60395]
+@IPv6 hop limit low or unexpected@(ipv6.dst != ff00::/8 && ipv6.hlim < 5 && !( ospf|| bgp || tcp.port==179)) || (ipv6.dst==ff00::/8 && ipv6.hlim not in {1, 64, 255})@[42148,0,0][60652,61680,60395]
+@Checksum Errors@cdp.checksum.status=="Bad" || edp.checksum.status=="Bad" || ip.checksum.status=="Bad" || tcp.checksum.status=="Bad" || udp.checksum.status=="Bad"|| sctp.checksum.status=="Bad" || mstp.checksum.status=="Bad"@[0,0,0][65535,24383,24383]
+@SMB@smb || nbss || nbns || nbipx || ipxsap || netbios@[65534,64008,39339][0,0,0]
+@HTTP@http || tcp.port == 80@[36107,65535,32590][0,0,0]
+@IPX@ipx || spx@[65534,58325,58808][0,0,0]
+@DCERPC@dcerpc@[51199,38706,65533][0,0,0]
+@Routing@hsrp || eigrp || ospf || bgp || cdp || vrrp || carp || gvrp || igmp || ismp@[65534,62325,54808][0,0,0]
+@TCP SYN/FIN@tcp.flags & 0x02 || tcp.flags.fin == 1@[41026,41026,41026][0,0,0]
+@TCP@tcp@[59345,58980,65534][0,0,0]
+@UDP@udp@[28834,57427,65533][0,0,0]
+@Broadcast@eth[0] & 1@[65535,65535,65535][32768,32768,32768]
+
+# Bluetooth
+# For Bluetooth each color is assigned to dissector,
+# but higher position on that list is needed for meet encapsulation
+# requirements, for example AVRCP is on top of AVCTP,
+# AVCTP is on top of L2CAP, etc.
+@AVRCP@btavrcp@[42408,33825,25486][5111,4915,4652]
+@AVCTP@btavctp@[52805,45039,37599][5111,4915,4652]
+@VDP@btvdp@[64930,48878,57789][5111,4915,4652]
+@A2DP@bta2dp@[65535,55032,52260][5111,4915,4652]
+@AVDTP@btavdtp@[60726,32232,22916][5111,4915,4652]
+@HCRP@bthcrp@[38416,38416,38416][5111,4915,4652]
+@BNEP@btbnep@[46590,24119,49858][5111,4915,4652]
+@HID@bthid@[47057,38562,38562][5111,4915,4652]
+@OBEX@obex@[15856,45391,43152][5111,4915,4652]
+@SAP@btsap@[51110,54321,18857][5111,4915,4652]
+@HFP@bthfp@[57840,49413,65535][5111,4915,4652]
+@HSP@bthsp@[52394,49749,56625][7995,7208,6946]
+@DUN@btdun@[54914,48086,52739][7995,7208,6946]
+@GNSS@btgnss@[65535,56858,42421][7995,7208,6946]
+@RFCOMM@btrfcomm@[64249,44202,25136][5111,4915,4652]
+@MCAP@btmcap@[62194,62965,53970][5111,4915,4652]
+@SDP@btsdp@[34255,42642,22057][5111,4915,4652]
+@ATT@btatt@[35252,51463,40197][7995,7208,6946]
+@AMP@btamp@[61646,61964,60015][7995,7208,6946]
+@SMP@btsmp@[55255,54741,5911][7967,7196,6939]
+@L2CAP@btl2cap@[58215,49541,23520][4718,10030,11796]
+@SCO@bthci_sco@[65535,28803,61093][5111,4915,4652]
+@HCI_EVT@bthci_evt@[47126,60905,65535][5111,4915,4652]
+@HCI_CMD@bthci_cmd@[18901,48590,65535][4718,10030,11796]
diff --git a/resources/share/wireshark/profiles/Bluetooth/preferences b/resources/share/wireshark/profiles/Bluetooth/preferences
new file mode 100644
index 00000000..d1095410
--- /dev/null
+++ b/resources/share/wireshark/profiles/Bluetooth/preferences
@@ -0,0 +1,19 @@
+####### User Interface: Columns ########
+
+# Packet list column format
+# Each pair of strings consists of a column title and its format
+gui.column.format:
+	"No.", "%m",
+	"Time", "%Yt",
+	"Delta", "%Gt",
+	"Source", "%s",
+	"Destination", "%d",
+	"Protocol", "%p",
+	"Length", "%L",
+	"Info", "%i"
+
+####### User Interface: Layout ########
+
+# Layout type (1-6)
+# A decimal number
+gui.layout_type: 3
diff --git a/resources/share/wireshark/profiles/Classic/colorfilters b/resources/share/wireshark/profiles/Classic/colorfilters
new file mode 100644
index 00000000..4eacdf9a
--- /dev/null
+++ b/resources/share/wireshark/profiles/Classic/colorfilters
@@ -0,0 +1,22 @@
+# DO NOT EDIT THIS FILE!  It was created by Wireshark
+@Bad TCP@tcp.analysis.flags && !tcp.analysis.window_update && !tcp.analysis.keep_alive && !tcp.analysis.keep_alive_ack@[0,0,0][65535,24383,24383]
+@HSRP State Change@hsrp.state != 8 && hsrp.state != 16@[0,0,0][65535,63222,0]
+@Spanning Tree Topology  Change@stp.type == 0x80@[0,0,0][65535,63222,0]
+@OSPF State Change@ospf.msg != 1@[0,0,0][65535,63222,0]
+@ICMP errors@icmp.type in { 3..5, 11 } || icmpv6.type in { 1..4 }@[0,0,0][0,65535,3616]
+@ARP@arp@[55011,59486,65534][0,0,0]
+@ICMP@icmp || icmpv6@[49680,49737,65535][0,0,0]
+@TCP RST@tcp.flags.reset eq 1@[37008,0,0][65535,63121,32911]
+@SCTP ABORT@sctp.chunk_type eq ABORT@[37008,0,0][65535,63121,32911]
+@IPv4 TTL low or unexpected@(ip.dst != 224.0.0.0/4 && ip.ttl < 5 && !(pim || ospf || eigrp || bgp || tcp.port==179)) || (ip.dst == 224.0.0.0/24 && ip.dst != 224.0.0.251 && ip.ttl != 1 && !(vrrp || carp || eigrp || rip || glbp))@[42148,0,0][60652,61680,60395]
+@IPv6 hop limit low or unexpected@(ipv6.dst != ff00::/8 && ipv6.hlim < 5 && !( ospf|| bgp || tcp.port==179)) || (ipv6.dst==ff00::/8 && ipv6.hlim not in {1, 64, 255})@[42148,0,0][60652,61680,60395]
+@Checksum Errors@eth.fcs.status=="Bad" || ip.checksum.status=="Bad" || tcp.checksum.status=="Bad" || udp.checksum.status=="Bad" || sctp.checksum.status=="Bad" || mstp.checksum.status=="Bad" || cdp.checksum.status=="Bad" || edp.checksum.status=="Bad" || wlan.fcs.status=="Bad" || stt.checksum.status=="Bad"@[0,0,0][65535,24383,24383]
+@SMB@smb || nbss || nbns || netbios@[65534,64008,39339][0,0,0]
+@HTTP@http || tcp.port == 80 || http2@[36107,65535,32590][0,0,0]
+
+@DCERPC@dcerpc@[51199,38706,65533][0,0,0]
+@Routing@hsrp || eigrp || ospf || bgp || cdp || vrrp || carp || gvrp || igmp || ismp@[65534,62325,54808][0,0,0]
+@TCP SYN/FIN@tcp.flags & 0x02 || tcp.flags.fin == 1@[41026,41026,41026][0,0,0]
+@TCP@tcp@[59345,58980,65534][0,0,0]
+@UDP@udp@[28834,57427,65533][0,0,0]
+@Broadcast@eth[0] & 1@[65535,65535,65535][32768,32768,32768]
diff --git a/resources/share/wireshark/profiles/No Reassembly/preferences b/resources/share/wireshark/profiles/No Reassembly/preferences
new file mode 100644
index 00000000..c1b86483
--- /dev/null
+++ b/resources/share/wireshark/profiles/No Reassembly/preferences
@@ -0,0 +1,180 @@
+# Generated by make-no-reassembly-profile.py
+
+####### Protocols ########
+
+aim.desegment: FALSE
+aol.desegment: FALSE
+atp.desegment: FALSE
+bzr.desegment: FALSE
+bgp.desegment: FALSE
+bitcoin.desegment: FALSE
+bittorrent.desegment: FALSE
+bthci_acl.hci_acl_reassembly: FALSE
+bthci_iso.hci_iso_reassembly: FALSE
+bmp.desegment: FALSE
+bpv7.bp_reassemble_payload: FALSE
+c1222.desegment: FALSE
+capwap.reassemble: FALSE
+cast.reassembly: FALSE
+cflow.desegment: FALSE
+clnp.reassemble: FALSE
+cmp.desegment: FALSE
+cops.desegment: FALSE
+cotp.reassemble: FALSE
+couchbase.desegment_pdus: FALSE
+db-lsp.desegment_pdus: FALSE
+dcerpc.desegment_dcerpc: FALSE
+dcerpc.reassemble_dcerpc: FALSE
+dhcpfo.desegment: FALSE
+dhcpv6.bulk_leasequery.desegment: FALSE
+diameter.desegment: FALSE
+dicom.pdv_reassemble: FALSE
+distcc.desegment_distcc_over_tcp: FALSE
+djiuav.desegment: FALSE
+dlep.desegment: FALSE
+dnp3.desegment: FALSE
+dns.desegment_dns_messages: FALSE
+drda.desegment: FALSE
+dsi.desegment: FALSE
+edonkey.desegment: FALSE
+enip.desegment: FALSE
+fc.reassemble: FALSE
+fcip.desegment: FALSE
+fix.desegment: FALSE
+gadu-gadu.desegment: FALSE
+gearman.desegment: FALSE
+ged125.desegment_body: FALSE
+giop.desegment_giop_messages: FALSE
+giop.reassemble: FALSE
+git.desegment: FALSE
+gryphon.desegment: FALSE
+gsm_sms.reassemble: FALSE
+gsm_sms.reassemble_with_lower_layers_info: FALSE
+gss-api.gssapi_reassembly: FALSE
+h225.reassembly: FALSE
+h245.reassembly: FALSE
+h248.desegment: FALSE
+h501.desegment: FALSE
+hart_ip.desegment: FALSE
+hzlcst.desegment: FALSE
+hpfeeds.desegment_hpfeeds_messages: FALSE
+http.desegment_headers: FALSE
+http.desegment_body: FALSE
+ifcp.desegment: FALSE
+ilp.desegment_ilp_messages: FALSE
+ipdc.desegment_ipdc_messages: FALSE
+ippusb.attempt_reassembly: FALSE
+iscsi.desegment_iscsi_messages: FALSE
+isns.desegment: FALSE
+iwarp_ddp_rdmap.reassemble_iwarp_rdma_send: FALSE
+jxta.desegment: FALSE
+kip.desegment: FALSE
+kpasswd.desegment: FALSE
+kerberos.desegment: FALSE
+lg8979.desegment: FALSE
+lapdm.reassemble: FALSE
+laplink.desegment_laplink_over_tcp: FALSE
+ldap.desegment_ldap_messages: FALSE
+ldp.desegment_ldp_messages: FALSE
+ltp.reassemble_block: FALSE
+memcache.desegment_headers: FALSE
+memcache.desegment_pdus: FALSE
+mbrtu.desegment: FALSE
+mbtcp.desegment: FALSE
+mq.desegment: FALSE
+mq.reassembly: FALSE
+mysql.desegment_buffers: FALSE
+nasdaq_soup.desegment: FALSE
+nbd.desegment_nbd_messages: FALSE
+nbss.desegment_nbss_commands: FALSE
+ncp.desegment: FALSE
+ndmp.desegment: FALSE
+ndps.desegment_tcp: FALSE
+ndps.desegment_spx: FALSE
+netsync.desegment_netsync_messages: FALSE
+opa.mad.reassemble_rmpp: FALSE
+openflow.desegment: FALSE
+openwire.desegment: FALSE
+opsi.desegment_opsi_messages: FALSE
+rtse.reassemble: FALSE
+idmp.desegment_idmp_messages: FALSE
+idmp.reassemble: FALSE
+p_mul.reassemble: FALSE
+pn_rt.desegment: FALSE
+pop.desegment_data: FALSE
+ppi.reassemble: FALSE
+pvfs.desegment: FALSE
+q931.desegment_h323_messages: FALSE
+q931.reassembly: FALSE
+quic.reassemble_crypto_out_of_order: FALSE
+resp.desegment_data: FALSE
+rlc.perform_reassembly: FALSE
+rlc-lte.reassembly: FALSE
+rlc-nr.reassemble_am_frames: FALSE
+rpc.desegment_rpc_over_tcp: FALSE
+rpcap.desegment_pdus: FALSE
+rsync.desegment: FALSE
+rtmpt.desegment: FALSE
+rtp.desegment_rtp_streams: FALSE
+rtsp.desegment_headers: FALSE
+rtsp.desegment_body: FALSE
+sametime.reassemble: FALSE
+sapni.desegment: FALSE
+sasp.desegment_sasp_messages: FALSE
+sctp.reassembly: FALSE
+scylla.desegment: FALSE
+selfm.desegment: FALSE
+ses.desegment: FALSE
+sip.desegment_headers: FALSE
+sip.desegment_body: FALSE
+skinny.desegment: FALSE
+smb.trans_reassembly: FALSE
+smb.dcerpc_reassembly: FALSE
+smb2.pipe_reassembly: FALSE
+smb_direct.reassemble_smb_direct: FALSE
+sml.reassemble: FALSE
+smp.desegment: FALSE
+smpp.reassemble_smpp_over_tcp: FALSE
+smtp.desegment_lines: FALSE
+smtp.desegment_data: FALSE
+snmp.desegment: FALSE
+someip.reassemble_tp: FALSE
+slsk.desegment: FALSE
+soupbintcp.desegment: FALSE
+srvloc.desegment_tcp: FALSE
+ssh.desegment_buffers: FALSE
+s5066dts.proto_desegment: FALSE
+s5066sis.desegment_pdus: FALSE
+starteam.desegment: FALSE
+stt.reassemble: FALSE
+t38.reassembly: FALSE
+tacplus.desegment: FALSE
+tali.reassemble: FALSE
+tcp.desegment_tcp_streams: FALSE
+tcpcl.desegment_transfer: FALSE
+tcpros.desegment_tcpros_messages: FALSE
+tds.desegment_buffers: FALSE
+thrift.desegment_framed: FALSE
+tibia.reassemble_tcp_segments: FALSE
+tipc.desegment: FALSE
+tls.desegment_ssl_records: FALSE
+tls.desegment_ssl_application_data: FALSE
+tns.desegment_tns_messages: FALSE
+tpkt.desegment: FALSE
+transum.reassembly: FALSE
+uci.tcp.desegment: FALSE
+ucp.desegment_ucp_messages: FALSE
+udpcp.attempt_reassembly: FALSE
+ulp.desegment_ulp_messages: FALSE
+uma.desegment_ucp_messages: FALSE
+vnc.desegment: FALSE
+winsrepl.reassemble: FALSE
+wow.desegment: FALSE
+x25.reassemble: FALSE
+x11.desegment: FALSE
+xmpp.desegment: FALSE
+xot.desegment: FALSE
+yami.desegment: FALSE
+ymsg.desegment: FALSE
+z3950.desegment_buffers: FALSE
+zabbix.desegment: FALSE
diff --git a/resources/share/wireshark/smi_modules b/resources/share/wireshark/smi_modules
new file mode 100644
index 00000000..5c93c850
--- /dev/null
+++ b/resources/share/wireshark/smi_modules
@@ -0,0 +1,18 @@
+# Default MIB modules to load
+"IP-MIB"
+"IF-MIB"
+"TCP-MIB"
+"UDP-MIB"
+"SNMPv2-MIB"
+"RFC1213-MIB"
+"IPV6-ICMP-MIB"
+"IPV6-MIB"
+"SNMP-COMMUNITY-MIB"
+"SNMP-FRAMEWORK-MIB"
+"SNMP-MPD-MIB"
+"SNMP-NOTIFICATION-MIB"
+"SNMP-PROXY-MIB"
+"SNMP-TARGET-MIB"
+"SNMP-USER-BASED-SM-MIB"
+"SNMP-USM-DH-OBJECTS-MIB"
+"SNMP-VIEW-BASED-ACM-MIB"