Qt: MaxMind GeoIP columns not added to Endpoints table
Summary
There was a check in endpoint_dialog.cpp to include geoip columns:
int column_count = ENDP_NUM_COLUMNS;
if (table_address_type_ == AT_IPv4 || table_address_type_ == AT_IPv6) {
column_count = ENDP_NUM_GEO_COLUMNS;
}
The columnCount
was changed in !7053 (merged) and is now (atap_data_model.cpp)
int EndpointDataModel::columnCount(const QModelIndex &) const
{
return ENDP_NUM_COLUMNS;
}
enums
defined in atap_data_model.h:
typedef enum
{
ENDP_COLUMN_ADDR,
ENDP_COLUMN_PORT,
ENDP_COLUMN_PACKETS,
ENDP_COLUMN_BYTES,
ENDP_COLUMN_PACKETS_TOTAL,
ENDP_COLUMN_BYTES_TOTAL,
ENDP_COLUMN_PKT_AB,
ENDP_COLUMN_BYTES_AB,
ENDP_COLUMN_PKT_BA,
ENDP_COLUMN_BYTES_BA,
ENDP_NUM_COLUMNS,
ENDP_COLUMN_GEO_COUNTRY = ENDP_NUM_COLUMNS,
ENDP_COLUMN_GEO_CITY,
ENDP_COLUMN_GEO_AS_NUM,
ENDP_COLUMN_GEO_AS_ORG,
ENDP_NUM_GEO_COLUMNS
} endpoint_column_type_e;
Steps to reproduce
(How one can reproduce the issue - this is very important)
What is the current bug behavior?
(What actually happens)
What is the expected correct behavior?
Also update WSUG (8.6.1. The “Endpoints” Window) with screen shot of IPv4
or IPv6
table showing geo columns. Will then match text description below it:
Note that in this example we have MaxMind DB configured which gives us extra geographic columns.
Sample capture file
(If possible attach a sample capture file, not screenshot of dissection, showing this issue)
Relevant logs and/or screenshots
(Paste any relevant logs here)
(Paste any relevant screenshots here)
Build information
Version 4.1.0-CDC (v4.1.0rc0-137-g9464cc51ce46).
Compiled (64-bit) using Microsoft Visual Studio 2022 (VC++ 14.32, build 31329),
with GLib 2.72.3, with PCRE2, with zlib 1.2.12, with Qt 6.2.4, with libpcap,
with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.10.1, with
Kerberos (MIT), with MaxMind, with nghttp2 1.49.0, with brotli, with LZ4, with
Zstandard, with Snappy, with libxml2 2.9.14, with libsmi 0.4.8, without
QtMultimedia, with automatic updates using WinSparkle 0.5.7, with AirPcap, with
SpeexDSP (using bundled resampler), with Minizip, with binary plugins.
Running on 64-bit Windows 10 (21H2), build 19044, with Intel(R) Xeon(R) CPU
E5645 @ 2.40GHz (with SSE4.2), with 8190 MB of physical memory, with GLib
2.72.3, with PCRE2 10.40 2022-04-14, with Qt 6.2.4, with Npcap version 1.60,
based on libpcap version 1.10.2-PRE-GIT, with c-ares 1.18.1, with GnuTLS 3.6.3,
with Gcrypt 1.10.1, with nghttp2 1.49.0, with brotli 1.0.9, with LZ4 1.9.3, with
Zstandard 1.5.2, with AirPcap 4.1.0 build 1622, with light display mode, without
HiDPI, with LC_TYPE=English_United States.utf8, binary plugins supported.
Edited by Chuck Craft