osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

From Motonori Shindo: support for reading CoSine L2 debug output. 

svn path=/trunk/; revision=5922
This commit is contained in:
Guy Harris 2002-07-31 19:27:57 +00:00
parent 6b10bf4a37
commit 5d929e0e8f
19 changed files with 875 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
AUTHORS
View File

@ -862,6 +862,7 @@ Motonori Shindo <mshindo[AT]mshindo.net> {
Windows binary distribution
Delete installed data files on a Windows uninstallation
OSPF fixes
Support for reading CoSine L2 debug output
}
Terje Krogdahl <tekr[AT]nextra.com> {

3
Makefile.am
View File

@ -1,7 +1,7 @@
# Makefile.am
# Automake file for Ethereal
#
# $Id: Makefile.am,v 1.447 2002/07/12 22:52:33 guy Exp $
# $Id: Makefile.am,v 1.448 2002/07/31 19:27:39 guy Exp $
#
# Ethereal - Network traffic analyzer
# By Gerald Combs <gerald@ethereal.com>
@ -109,6 +109,7 @@ DISSECTOR_SRC = \
packet-clip.c \
packet-clnp.c \
packet-cops.c \
packet-cosine.c \
packet-cups.c \
packet-data.c \
packet-dccp.c \

3
Makefile.nmake
View File

@ -1,7 +1,7 @@
## Makefile for building ethereal.exe with Microsoft C and nmake
## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
#
# $Id: Makefile.nmake,v 1.196 2002/07/09 20:49:27 tpot Exp $
# $Id: Makefile.nmake,v 1.197 2002/07/31 19:27:39 guy Exp $
include config.nmake
include <win32.mak>
@ -50,6 +50,7 @@ DISSECTOR_SRC = \
packet-clip.c \
packet-clnp.c \
packet-cops.c \
packet-cosine.c \
packet-cups.c \
packet-data.c \
packet-dccp.c \

15
README
View File

@ -1,4 +1,4 @@
$Id: README,v 1.58 2002/05/29 19:16:40 guy Exp $
$Id: README,v 1.59 2002/07/31 19:27:39 guy Exp $
General Information
------- -----------
@ -107,6 +107,7 @@ pppd logs (pppdump-format files)
VMS's TCPIPtrace utility
DBS Etherwatch for VMS
Traffic captures from Visual Networks' Visual UpTime
CoSine L2 debug output
In addition, it can read gzipped versions of any of these files
automatically, if you have the zlib library available when compiling
@ -147,9 +148,15 @@ Ethereal can also read dump trace output from the Toshiba "Compact Router"
line of ISDN routers (TR-600 and TR-650). You can telnet to the router
and start a dump session with "snoop dump".
To use the Lucent/Ascend and Toshiba traces with Ethereal, you must capture
the trace output to a file on disk. The trace is happening inside the router
and the router has no way of saving the trace to a file for you.
CoSine L2 debug output can also be read by Ethereal. To get the L2
debug output, get in the diags mode first and then use
"create-pkt-log-profile" and "apply-pkt-log-profile" commands under
layer-2 category. For more detail how to use these commands, you
should examine the help command by "layer-2 create ?" or "layer-2 apply ?".
To use the Lucent/Ascend, Toshiba and CoSine traces with Ethereal, you must
capture the trace output to a file on disk. The trace is happening inside
the router and the router has no way of saving the trace to a file for you.
An easy way of doing this under Unix is to run "telnet <ascend> | tee <outfile>".
Or, if your system has the "script" command installed, you can save
a shell session, including telnet to a file. For example, to a file named

14
doc/editcap.pod
View File

@ -34,13 +34,13 @@ B<nettl>, the dump output from B<Toshiba's> ISDN routers, the output
from B<i4btrace> from the ISDN4BSD project, the output in B<IPLog>
format from the Cisco Secure Intrusion Detection System, B<pppd logs>
(pppdump format), the output from VMS's B<TCPIPtrace> utility, the text
output from the B<DBS Etherwatch> VMS utility, and traffic capture files
from Visual Networks' Visual UpTime. There is no need to tell
B<Editcap> what type of file you are reading; it will determine the file
type by itself. B<Editcap> is also capable of reading any of these file
formats if they are compressed using gzip. B<Editcap> recognizes this
directly from the file; the '.gz' extension is not required for this
purpose.
output from the B<DBS Etherwatch> VMS utility, traffic capture files
from Visual Networks' Visual UpTime and the output from B<CoSine> L2
debug. There is no need to tell B<Editcap> what type of file you are
reading; it will determine the file type by itself. B<Editcap> is also
capable of reading any of these file formats if they are compressed
using gzip. B<Editcap> recognizes this directly from the file; the
'.gz' extension is not required for this purpose.
By default, it writes the capture file in B<libpcap> format, and writes
all of the packets in the capture file to the output file. The B<-F>

14
doc/ethereal.pod.template
View File

@ -49,13 +49,13 @@ HP-UX's B<nettl>, the dump output from B<Toshiba's> ISDN routers, the
output from B<i4btrace> from the ISDN4BSD project, the output in
B<IPLog> format from the Cisco Secure Intrusion Detection System, B<pppd
logs> (pppdump format), the output from VMS's B<TCPIPtrace> utility, the
text output from the B<DBS Etherwatch> VMS utility, and traffic capture
files from Visual Networks' Visual UpTime. There is no need to tell
B<Ethereal> what type of file you are reading; it will determine the
file type by itself. B<Ethereal> is also capable of reading any of
these file formats if they are compressed using gzip. B<Ethereal>
recognizes this directly from the file; the '.gz' extension is not
required for this purpose.
text output from the B<DBS Etherwatch> VMS utility, traffic capture
files from Visual Networks' Visual UpTime, and the output from B<CoSine>
L2 debug. There is no need to tell B<Ethereal> what type of file you
are reading; it will determine the file type by itself. B<Ethereal>
is also capable of reading any of these file formats if they are
compressed using gzip. B<Ethereal> recognizes this directly from the
file; the '.gz' extension is not required for this purpose.
Like other protocol analyzers, B<Ethereal>'s main window shows 3 views
of a packet. It shows a summary line, briefly describing what the

14
doc/mergecap.pod
View File

@ -31,13 +31,13 @@ B<nettl>, the dump output from B<Toshiba's> ISDN routers, the output
from B<i4btrace> from the ISDN4BSD project, the output in B<IPLog>
format from the Cisco Secure Intrusion Detection System, B<pppd logs>
(pppdump format), the output from VMS's B<TCPIPtrace> utility, the text
output from the B<DBS Etherwatch> VMS utility, and traffic capture files
from Visual Networks' Visual UpTime. There is no need to tell
B<Mergecap> what type of file you are reading; it will determine the
file type by itself. B<Mergecap> is also capable of reading any of
these file formats if they are compressed using gzip. B<Mergecap>
recognizes this directly from the file; the '.gz' extension is not
required for this purpose.
output from the B<DBS Etherwatch> VMS utility, traffic capture files
from Visual Networks' Visual UpTime, and the output from B<CoSine> L2
debug. There is no need to tell B<Mergecap> what type of file you are
reading; it will determine the file type by itself. B<Mergecap> is
also capable of reading any of these file formats if they are compressed
using gzip. B<Mergecap> recognizes this directly from the file; the
'.gz' extension is not required for this purpose.
By default, it writes the capture file in B<libpcap> format, and writes
all of the packets in both input capture files to the output file. The

13
doc/tethereal.pod.template
View File

@ -49,12 +49,13 @@ from B<Toshiba's> ISDN routers, the output from B<i4btrace> from the
ISDN4BSD project, the output in B<IPLog> format from the Cisco Secure
Intrusion Detection System, B<pppd logs> (pppdump format), the output
from VMS's B<TCPIPtrace> utility, the text output from the B<DBS
Etherwatch> VMS utility, and traffic capture files from Visual Networks'
Visual UpTime. There is no need to tell B<Tethereal> what type of file
you are reading; it will determine the file type by itself.
B<Tethereal> is also capable of reading any of these file formats if
they are compressed using gzip. B<Tethereal> recognizes this directly
from the file; the '.gz' extension is not required for this purpose.
Etherwatch> VMS utility, traffic capture files from Visual Networks'
Visual UpTime, and the output from B<CoSine> L2 debug. There is no
need to tell B<Tethereal> what type of file you are reading; it will
determine the file type by itself. B<Tethereal> is also capable of
reading any of these file formats if they are compressed using gzip.
B<Tethereal> recognizes this directly from the file; the '.gz' extension
is not required for this purpose.
If the B<-w> flag is not specified, B<Tethereal> prints a decoded form
of the packets it captures or reads; otherwise, it writes those packets

207
packet-cosine.c Normal file
View File

@ -0,0 +1,207 @@
/* packet-cosine.c
* Routines for decoding CoSine IPNOS L2 debug output
*
* $Id: packet-cosine.c,v 1.1 2002/07/31 19:27:39 guy Exp $
*
* Motonori Shindo <mshindo@mshindo.net>
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/*
* XXX TODO:
* o PPoATM and PPoFR encapsulation needs more test.
*
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#include <glib.h>
#include <string.h>
#include <epan/packet.h>
static int proto_cosine = -1;
static int hf_pro = -1;
static int hf_off = -1;
static int hf_pri = -1;
static int hf_rm = -1;
static int hf_err = -1;
static int hf_code1 = -1;
static int hf_code2 = -1;
static gint ett_raw = -1;
static dissector_handle_t eth_handle;
static dissector_handle_t ppp_hdlc_handle;
static dissector_handle_t llc_handle;
static dissector_handle_t chdlc_handle;
static dissector_handle_t fr_handle;
static dissector_handle_t data_handle;
static void
dissect_cosine(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree *fh_tree;
proto_item *ti;
union wtap_pseudo_header *pseudo_header = pinfo->pseudo_header;
/* load the top pane info. This should be overwritten by
the next protocol in the stack */
if(check_col(pinfo->cinfo, COL_RES_DL_SRC))
col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "N/A" );
if(check_col(pinfo->cinfo, COL_RES_DL_DST))
col_set_str(pinfo->cinfo, COL_RES_DL_DST, "N/A" );
if(check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL, "N/A" );
if(check_col(pinfo->cinfo, COL_INFO))
col_set_str(pinfo->cinfo, COL_INFO, "CoSine IPNOS L2 debug output" );
/* populate a tree in the second pane with the status of the link
layer (ie none) */
if(tree) {
ti = proto_tree_add_protocol_format(tree, proto_cosine, tvb, 0, 4,
"CoSine IPNOS L2 debug output (%s)",
pseudo_header->cosine.if_name);
fh_tree = proto_item_add_subtree(ti, ett_raw);
proto_tree_add_uint(fh_tree, hf_pro, tvb, 0, 0, pseudo_header->cosine.pro);
proto_tree_add_uint(fh_tree, hf_off, tvb, 0, 0, pseudo_header->cosine.off);
proto_tree_add_uint(fh_tree, hf_pri, tvb, 0, 0, pseudo_header->cosine.pri);
proto_tree_add_uint(fh_tree, hf_rm, tvb, 0, 0, pseudo_header->cosine.rm);
proto_tree_add_uint(fh_tree, hf_err, tvb, 0, 0, pseudo_header->cosine.err);
proto_tree_add_uint(fh_tree, hf_code1, tvb, 0, 0,
pseudo_header->cosine.code1);
proto_tree_add_uint(fh_tree, hf_code2, tvb, 0, 0,
pseudo_header->cosine.code2);
switch (pseudo_header->cosine.encap) {
case COSINE_ENCAP_ETH:
break;
case COSINE_ENCAP_ATM:
case COSINE_ENCAP_PPoATM:
proto_tree_add_text(fh_tree, tvb, 0, 16, "SAR header");
break;
case COSINE_ENCAP_PPP:
case COSINE_ENCAP_FR:
case COSINE_ENCAP_PPoFR:
proto_tree_add_text(fh_tree, tvb, 0, 4, "Channel handle ID");
break;
case COSINE_ENCAP_HDLC:
if (pseudo_header->cosine.direction == COSINE_DIR_TX) {
proto_tree_add_text(fh_tree, tvb, 0, 2,
"Channel handle ID");
} else if (pseudo_header->cosine.direction == COSINE_DIR_RX) {
proto_tree_add_text(fh_tree, tvb, 0, 4,
"Channel handle ID");
}
break;
default:
break;
}
}
switch (pseudo_header->cosine.encap) {
case COSINE_ENCAP_ETH:
call_dissector(eth_handle, tvb_new_subset(tvb, 0, -1, -1),
pinfo, tree);
break;
case COSINE_ENCAP_ATM:
case COSINE_ENCAP_PPoATM:
call_dissector(llc_handle, tvb_new_subset(tvb, 16, -1, -1),
pinfo, tree);
break;
case COSINE_ENCAP_PPP:
call_dissector(ppp_hdlc_handle, tvb_new_subset(tvb, 4, -1, -1),
pinfo, tree);
break;
case COSINE_ENCAP_HDLC:
if (pseudo_header->cosine.direction == COSINE_DIR_TX) {
call_dissector(chdlc_handle, tvb_new_subset(tvb, 2, -1, -1),
pinfo, tree);
} else if (pseudo_header->cosine.direction == COSINE_DIR_RX) {
call_dissector(chdlc_handle, tvb_new_subset(tvb, 4, -1, -1),
pinfo, tree);
}
break;
case COSINE_ENCAP_FR:
case COSINE_ENCAP_PPoFR:
call_dissector(fr_handle, tvb_new_subset(tvb, 4, -1, -1),
pinfo, tree);
break;
case COSINE_ENCAP_TEST:
case COSINE_ENCAP_UNKNOWN:
call_dissector(data_handle, tvb, pinfo, tree);
break;
default:
break;
}
}
void
proto_register_cosine(void)
{
static hf_register_info hf[] = {
{ &hf_pro,
{ "Pro", "cosine.pro", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL}},
{ &hf_off,
{ "Pro", "cosine.off", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL}},
{ &hf_pri,
{ "Pri", "cosine.pri", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL}},
{ &hf_rm,
{ "RM", "cosine.rm", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL}},
{ &hf_err,
{ "Err", "cosine.err", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL}},
{ &hf_code1,
{ "Code1", "cosine.code1", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL}},
{ &hf_code2,
{ "Code2", "cosine.code2", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL}},
};
static gint *ett[] = {
&ett_raw,
};
proto_cosine = proto_register_protocol("CoSine IPNOS L2 debug output",
"CoSine", "cosine");
proto_register_field_array(proto_cosine, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
}
void
proto_reg_handoff_cosine(void)
{
dissector_handle_t cosine_handle;
/*
* Get handles for dissectors.
*/
eth_handle = find_dissector("eth");
ppp_hdlc_handle = find_dissector("ppp_hdlc");
llc_handle = find_dissector("llc");
chdlc_handle = find_dissector("chdlc");
fr_handle = find_dissector("fr");
data_handle = find_dissector("data");
cosine_handle = create_dissector_handle(dissect_cosine, proto_cosine);
dissector_add("wtap_encap", WTAP_ENCAP_COSINE, cosine_handle);
}

5
packet-fr.c
View File

@ -3,7 +3,7 @@
*
* Copyright 2001, Paul Ionescu <paul@acorp.ro>
*
* $Id: packet-fr.c,v 1.28 2002/01/21 07:36:34 guy Exp $
* $Id: packet-fr.c,v 1.29 2002/07/31 19:27:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@ -419,7 +419,8 @@ void proto_register_fr(void)
fr_subdissector_table = register_dissector_table("fr.ietf",
"Frame Relay NLPID", FT_UINT8, BASE_HEX);
register_dissector("fr", dissect_fr_uncompressed, proto_fr);
register_dissector("fr_uncompressed", dissect_fr_uncompressed, proto_fr);
register_dissector("fr", dissect_fr, proto_fr);
}
void proto_reg_handoff_fr(void)

8
packet-wcp.c
View File

@ -2,7 +2,7 @@
* Routines for Wellfleet Compression frame disassembly
* Copyright 2001, Jeffrey C. Foster <jfoste@woodward.com>
*
* $Id: packet-wcp.c,v 1.25 2002/06/06 22:42:27 gerald Exp $
* $Id: packet-wcp.c,v 1.26 2002/07/31 19:27:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@ -174,7 +174,7 @@ static int hf_wcp_offset = -1;
static gint ett_wcp = -1;
static gint ett_wcp_field = -1;
static dissector_handle_t fr_handle;
static dissector_handle_t fr_uncompressed_handle;
/*
* Bits in the address field.
@ -397,7 +397,7 @@ static void dissect_wcp( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
tvb_reported_length( tvb)-1, 1,
tvb_get_guint8( tvb, tvb_reported_length(tvb)-1));
call_dissector(fr_handle, next_tvb, pinfo, tree);
call_dissector(fr_uncompressed_handle, next_tvb, pinfo, tree);
return;
}
@ -740,7 +740,7 @@ proto_reg_handoff_wcp(void) {
/*
* Get handle for the Frame Relay (uncompressed) dissector.
*/
fr_handle = find_dissector("fr");
fr_uncompressed_handle = find_dissector("fr_uncompressed");
wcp_handle = create_dissector_handle(dissect_wcp, proto_wcp);
dissector_add("fr.ietf", NLPID_COMPRESSED, wcp_handle);

1
wiretap/AUTHORS
View File

@ -13,4 +13,5 @@ Chris Jepeway <thai-dragon[AT]eleven29.com>
Marc Milgram <mmilgram[AT]arrayinc.com>
Tom Nisbet <Tnisbet[AT]VisualNetworks.com>
Ronnie Sahlberg <sahlberg[AT]optushome.com.au>
Motonori Shindo <mshindo[AT]mshindo.net>
Markus Steinmann <ms[AT]seh.de>

4
wiretap/Makefile.am
View File

@ -1,7 +1,7 @@
# Makefile.am
# Automake file for Wiretap
#
# $Id: Makefile.am,v 1.38 2002/06/07 21:11:24 guy Exp $
# $Id: Makefile.am,v 1.39 2002/07/31 19:27:56 guy Exp $
#
# Ethereal - Network traffic analyzer
# By Gerald Combs <gerald@zing.org>
@ -42,6 +42,8 @@ libwiretap_a_SOURCES = \
atm.h \
buffer.c \
buffer.h \
cosine.h \
cosine.c \
csids.c \
csids.h \
dbs-etherwatch.c \

3
wiretap/Makefile.nmake
View File

@ -1,5 +1,5 @@
#
# $Id: Makefile.nmake,v 1.27 2002/06/13 10:39:29 guy Exp $
# $Id: Makefile.nmake,v 1.28 2002/07/31 19:27:56 guy Exp $
#
include ..\config.nmake
@ -18,6 +18,7 @@ OBJECTS=ascend-grammar.obj \
ascend.obj \
atm.obj \
buffer.obj \
cosine.obj \
csids.obj \
dbs-etherwatch.obj \
etherpeek.obj \

530
wiretap/cosine.c Normal file
View File

@ -0,0 +1,530 @@
/* cosine.c
*
* $Id: cosine.c,v 1.1 2002/07/31 19:27:56 guy Exp $
*
* CoSine IPNOS L2 debug output parsing
* Copyright (c) 2002 by Motonori Shindo <mshindo@mshindo.net>
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "wtap-int.h"
#include "buffer.h"
#include "cosine.h"
#include "file_wrappers.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
/*
IPNOS: CONFIG VPN(100) VR(1.1.1.1)# diags
ipnos diags: Control (1/0) :: layer-2 ?
Registered commands for area "layer-2"
apply-pkt-log-profile Configure packet logging on an interface
create-pkt-log-profile Set packet-log-profile to be used for packet logging (see layer-2 pkt-log)
detail Get Layer 2 low-level details
ipnos diags: Control (1/0) :: layer-2 create ?
create-pkt-log-profile <pkt-log-profile-id ctl-tx-trace-length ctl-rx-trace-length data-tx-trace-length data-rx-trace-length pe-logging-or-control-blade>
ipnos diags: Control (1/0) :: layer-2 create 1 32 32 0 0 0
ipnos diags: Control (1/0) :: layer-2 create 2 32 32 100 100 0
ipnos diags: Control (1/0) :: layer-2 apply ?
apply-pkt-log-profile <slot port channel subif pkt-log-profile-id>
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 1
Successfully applied packet-log-profile on LI
-- Note that only the control packets are logged because the data packet size parameters are 0 in profile 1
IPNOS: CONFIG VPN(200) VR(3.3.3.3)# ping 20.20.20.43
vpn 200 : [max tries 4, timeout 5 seconds, data length 64 bytes, ttl 255]
ping #1 ok, RTT 0.000 seconds
ping #2 ok, RTT 0.000 seconds
ping #3 ok, RTT 0.000 seconds
ping #4 ok, RTT 0.000 seconds
[finished]
IPNOS: CONFIG VPN(200) VR(3.3.3.3)# 2000-2-1,18:19:46.8: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
2000-2-1,18:19:46.8: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
2000-2-1,18:19:46.8: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
2000-2-1,18:19:46.8: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x8030000]
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 0
Successfully applied packet-log-profile on LI
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 2
Successfully applied packet-log-profile on LI
-- Note that both control and data packets are logged because the data packet size parameter is 100 in profile 2
Please ignore the event-log messages getting mixed up with the ping command
ping 20.20.20.43 cou2000-2-1,18:20:17.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
00 D0 D8 D2 FF 03 C0 21 09 29 00 08 6B 60 84 AA
2000-2-1,18:20:17.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
00 D0 D8 D2 FF 03 C0 21 09 29 00 08 6D FE FA AA
2000-2-1,18:20:17.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
00 D0 D8 D2 FF 03 C0 21 0A 29 00 08 6B 60 84 AA
2000-2-1,18:20:17.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x8030000]
00 D0 D8 D2 FF 03 C0 21 0A 29 00 08 6D FE FA AA
nt 1 length 500
vpn 200 : [max tries 1, timeout 5 seconds, data length 500 bytes, ttl 255]
2000-2-1,18:20:24.1: l2-tx (PPP:3/7/1:100), Length:536, Pro:1, Off:8, Pri:7, RM:0, Err:0 [0x4070, 0x801]
00 D0 D8 D2 FF 03 00 21 45 00 02 10 00 27 00 00
FF 01 69 51 14 14 14 22 14 14 14 2B 08 00 AD B8
00 03 00 01 10 11 12 13 14 15 16 17 18 19 1A 1B
1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B
2C 2D 2E 2F 30 31 32 33 34 35 36 37 38 39 3A 3B
3C 3D 3E 3F 40 41 42 43 44 45 46 47 48 49 4A 4B
4C 4D 4E 4F
ping #1 ok, RTT 0.010 seconds
2000-2-1,18:20:24.1: l2-rx (PPP:3/7/1:100), Length:536, Pro:1, Off:8, Pri:7, RM:0, Err:0 [0x4071, 0x30801]
00 D0 D8 D2 FF 03 00 21 45 00 02 10 00 23 00 00
FF 01 69 55 14 14 14 2B 14 14 14 22 00 00 B5 B8
00 03 00 01 10 11 12 13 14 15 16 17 18 19 1A 1B
1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B
2C 2D 2E 2F 30 31 32 33 34 35 36 37 38 39 3A 3B
3C 3D 3E 3F 40 41 42 43 44 45 46 47 48 49 4A 4B
4C 4D 4E 4F
[finished]
IPNOS: CONFIG VPN(200) VR(3.3.3.3)# 2000-2-1,18:20:27.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
00 D0 D8 D2 FF 03 C0 21 09 2A 00 08 6B 60 84 AA
2000-2-1,18:20:27.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
00 D0 D8 D2 FF 03 C0 21 09 2A 00 08 6D FE FA AA
2000-2-1,18:20:27.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
00 D0 D8 D2 FF 03 C0 21 0A 2A 00 08 6B 60 84 AA
2000-2-1,18:20:27.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
00 D0 D8 D2 FF 03 C0 21 0A 2A 00 08 6D FE FA AA
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 0
Successfully applied packet-log-profile on LI
ipnos diags: Control (1/0) ::
*/
/* XXX TODO:
o Handle a case where an empty line doesn't exists as a delimiter of
each packet. If the output is sent to a control blade and
displayed as an event log, there's always an empty line between
each packet output, but it may not be true when it is an PE
output.
o Some telnet client on Windows may put in a line break at 80
columns when it save the session to a text file ("CRT" is such an
example). I don't think it's a good idea for the telnet client to
do so, but CRT is widely used in Windows community, I should
take care of that in the future.
*/
/* Magic text to check for CoSine L2 debug output */
#define COSINE_HDR_MAGIC_STR1 "l2-tx"
#define COSINE_HDR_MAGIC_STR2 "l2-rx"
/* Magic text for start of packet */
#define COSINE_REC_MAGIC_STR1 COSINE_HDR_MAGIC_STR1
#define COSINE_REC_MAGIC_STR2 COSINE_HDR_MAGIC_STR2
#define COSINE_HEADER_LINES_TO_CHECK 200
#define COSINE_LINE_LENGTH 240
/*
* XXX - is this the biggest packet we can get?
*/
#define COSINE_MAX_PACKET_LEN 16384
static gboolean empty_line(const char *line);
static long cosine_seek_next_packet(wtap *wth, int *err, char *hdr);
static gboolean cosine_check_file_type(wtap *wth, int *err);
static gboolean cosine_read(wtap *wth, int *err, long *data_offset);
static gboolean cosine_seek_read(wtap *wth, long seek_off,
union wtap_pseudo_header *pseudo_header, guint8 *pd,
int len, int *err);
static int parse_cosine_rec_hdr(wtap *wth, const char *line,
union wtap_pseudo_header *pseudo_header, int *err);
static int parse_cosine_hex_dump(FILE_T fh, int pkt_len, guint8* buf,
int *err);
static int parse_single_hex_dump_line(char* rec, guint8 *buf,
guint byte_offset);
/* Returns TRUE if the line appears to be an empty line. Otherwise it
returns FALSE. */
static gboolean empty_line(const char *line)
{
while (*line) {
if (isspace(*line)) {
line++;
continue;
} else {
break;
}
}
if (*line == '\0')
return TRUE;
else
return FALSE;
}
/* Seeks to the beginning of the next packet, and returns the
byte offset. Copy the header line to hdr. Returns -1 on failure,
and sets "*err" to the error and set hdr as NULL. */
static long cosine_seek_next_packet(wtap *wth, int *err, char *hdr)
{
long cur_off;
char buf[COSINE_LINE_LENGTH];
while (1) {
cur_off = file_tell(wth->fh);
if (cur_off == -1) {
/* Error */
*err = file_error(wth->fh);
hdr = NULL;
return -1;
}
if (file_gets(buf, sizeof(buf), wth->fh) != NULL) {
if (strstr(buf, COSINE_REC_MAGIC_STR1) ||
strstr(buf, COSINE_REC_MAGIC_STR2)) {
strncpy(hdr, buf, COSINE_LINE_LENGTH-1);
hdr[COSINE_LINE_LENGTH-1] = '\0';
return cur_off;
}
} else {
if (file_eof(wth->fh)) {
/* We got an EOF. */
*err = 0;
} else {
/* We (presumably) got an error (there's no
equivalent to "ferror()" in zlib, alas,
so we don't have a wrapper to check for
an error). */
*err = file_error(wth->fh);
}
break;
}
}
hdr = NULL;
return -1;
}
/* Look through the first part of a file to see if this is
* a CoSine L2 debug output.
*
* Returns TRUE if it is, FALSE if it isn't or if we get an I/O error;
* if we get an I/O error, "*err" will be set to a non-zero value.
*/
static gboolean cosine_check_file_type(wtap *wth, int *err)
{
char buf[COSINE_LINE_LENGTH];
guint reclen, line;
buf[COSINE_LINE_LENGTH-1] = '\0';
for (line = 0; line < COSINE_HEADER_LINES_TO_CHECK; line++) {
if (file_gets(buf, COSINE_LINE_LENGTH, wth->fh) != NULL) {
reclen = strlen(buf);
if (reclen < strlen(COSINE_HDR_MAGIC_STR1) ||
reclen < strlen(COSINE_HDR_MAGIC_STR2)) {
continue;
}
if (strstr(buf, COSINE_HDR_MAGIC_STR1) ||
strstr(buf, COSINE_HDR_MAGIC_STR2)) {
return TRUE;
}
} else {
/* EOF or error. */
if (file_eof(wth->fh))
*err = 0;
else
*err = file_error(wth->fh);
return FALSE;
}
}
*err = 0;
return FALSE;
}
int cosine_open(wtap *wth, int *err)
{
/* Look for CoSine header */
if (!cosine_check_file_type(wth, err)) {
if (*err == 0)
return 0;
else
return -1;
}
if (file_seek(wth->fh, 0L, SEEK_SET, err) == -1) { /* rewind */
*err = file_error(wth->fh);
return -1;
}
wth->data_offset = 0;
wth->file_encap = WTAP_ENCAP_COSINE;
wth->file_type = WTAP_FILE_COSINE;
wth->snapshot_length = 0; /* not known */
wth->subtype_read = cosine_read;
wth->subtype_seek_read = cosine_seek_read;
return 1;
}
/* Find the next packet and parse it; called from wtap_loop(). */
static gboolean cosine_read(wtap *wth, int *err, long *data_offset)
{
long offset;
guint8 *buf;
int pkt_len, caplen;
char line[COSINE_LINE_LENGTH];
/* Find the next packet */
offset = cosine_seek_next_packet(wth, err, line);
if (offset < 0)
return FALSE;
/* Parse the header */
pkt_len = parse_cosine_rec_hdr(wth, line, &wth->pseudo_header, err);
if (pkt_len == -1)
return FALSE;
/* Make sure we have enough room for the packet */
buffer_assure_space(wth->frame_buffer, COSINE_MAX_PACKET_LEN);
buf = buffer_start_ptr(wth->frame_buffer);
/* Convert the ASCII hex dump to binary data */
if ((caplen = parse_cosine_hex_dump(wth->fh, pkt_len, buf, err)) == -1)
return FALSE;
wth->data_offset = offset;
wth->phdr.caplen = caplen;
*data_offset = offset;
return TRUE;
}
/* Used to read packets in random-access fashion */
static gboolean
cosine_seek_read (wtap *wth, long seek_off,
union wtap_pseudo_header *pseudo_header, guint8 *pd, int len, int *err)
{
char line[COSINE_LINE_LENGTH];
if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1) {
*err = file_error(wth->random_fh);
return FALSE;
}
if (file_gets(line, COSINE_LINE_LENGTH, wth->random_fh) == NULL) {
*err = file_error(wth->random_fh);
if (*err == 0) {
*err = WTAP_ERR_SHORT_READ;
}
return FALSE;
}
if (parse_cosine_rec_hdr(NULL, line, pseudo_header, err) == -1) {
*err = file_error(wth->random_fh);
if (*err == 0) {
*err = WTAP_ERR_BAD_RECORD;
}
return FALSE;
}
return parse_cosine_hex_dump(wth->random_fh, len, pd, err);
}
/* Parses a packet record header. There are two possible formats:
1) output to a control blade with date and time
2002-5-10,20:1:31.4: l2-tx (FR:3/7/1:1), Length:18, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
2) output to PE without date and time
l2-tx (FR:3/7/1:1), Length:18, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0] */
static int
parse_cosine_rec_hdr(wtap *wth, const char *line, union wtap_pseudo_header *pseudo_header, int *err)
{
int num_items_scanned;
int yy, mm, dd, hr, min, sec, csec, pkt_len;
int pro, off, pri, rm, error, code1, code2;
char if_name[COSINE_MAX_IF_NAME_LEN], direction[6];
struct tm tm;
if (sscanf(line, "%d-%d-%d,%d:%d:%d.%d:",
&yy, &mm, &dd, &hr, &min, &sec, &csec) == 7) {
/* appears to be output to a control blade */
num_items_scanned = sscanf(line,
"%d-%d-%d,%d:%d:%d.%d: %5s (%127[A-Za-z0-9/:]), Length:%d, Pro:%d, Off:%d, Pri:%d, RM:%d, Err:%d [%x, %x]",
&yy, &mm, &dd, &hr, &min, &sec, &csec,
direction, if_name, &pkt_len,
&pro, &off, &pri, &rm, &error,
&code1, &code2);
if (num_items_scanned != 17) {
*err = WTAP_ERR_BAD_RECORD;
return -1;
}
} else {
/* appears to be output to PE */
num_items_scanned = sscanf(line,
"%5s (%127[A-Za-z0-9/:]), Length:%d, Pro:%d, Off:%d, Pri:%d, RM:%d, Err:%d [%x, %x]",
direction, if_name, &pkt_len,
&pro, &off, &pri, &rm, &error,
&code1, &code2);
if (num_items_scanned != 10) {
*err = WTAP_ERR_BAD_RECORD;
return -1;
}
yy = mm = dd = hr = min = sec = csec = 0;
}
if (wth) {
tm.tm_year = yy - 1900;
tm.tm_mon = mm - 1;
tm.tm_mday = dd;
tm.tm_hour = hr;
tm.tm_min = min;
tm.tm_sec = sec;
tm.tm_isdst = -1;
wth->phdr.ts.tv_sec = mktime(&tm);
wth->phdr.ts.tv_usec = csec * 10000;
wth->phdr.len = pkt_len;
wth->phdr.pkt_encap = WTAP_ENCAP_COSINE;
}
/* XXX need to handle other encapsulations like Cisco HDLC,
Frame Relay and ATM */
if (strncmp(if_name, "TEST:", 5) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_TEST;
} else if (strncmp(if_name, "PPoATM:", 7) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_PPoATM;
} else if (strncmp(if_name, "PPoFR:", 6) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_PPoFR;
} else if (strncmp(if_name, "ATM:", 4) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_ATM;
} else if (strncmp(if_name, "FR:", 3) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_FR;
} else if (strncmp(if_name, "HDLC:", 5) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_HDLC;
} else if (strncmp(if_name, "PPP:", 4) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_PPP;
} else if (strncmp(if_name, "HDLC:", 5) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_HDLC;
} else if (strncmp(if_name, "ETH:", 4) == 0) {
pseudo_header->cosine.encap = COSINE_ENCAP_ETH;
} else {
pseudo_header->cosine.encap = COSINE_ENCAP_UNKNOWN;
}
if (strncmp(direction, "l2-tx", 5) == 0) {
pseudo_header->cosine.direction = COSINE_DIR_TX;
} else if (strncmp(direction, "l2-rx", 5) == 0) {
pseudo_header->cosine.direction = COSINE_DIR_RX;
}
strncpy(pseudo_header->cosine.if_name, if_name,
COSINE_MAX_IF_NAME_LEN - 1);
pseudo_header->cosine.pro = pro;
pseudo_header->cosine.off = off;
pseudo_header->cosine.pri = pri;
pseudo_header->cosine.rm = rm;
pseudo_header->cosine.err = error;
pseudo_header->cosine.code1 = code1;
pseudo_header->cosine.code2 = code2;
return pkt_len;
}
/* Converts ASCII hex dump to binary data. Returns the capture length.
If any error is encountered, -1 is returned. */
static int
parse_cosine_hex_dump(FILE_T fh, int pkt_len, guint8* buf, int *err)
{
char line[COSINE_LINE_LENGTH];
int i, hex_lines, n, caplen = 0;
/* Calculate the number of hex dump lines, each
* containing 16 bytes of data */
hex_lines = pkt_len / 16 + ((pkt_len % 16) ? 1 : 0);
for (i = 0; i < hex_lines; i++) {
if (file_gets(line, COSINE_LINE_LENGTH, fh) == NULL) {
*err = file_error(fh);
if (*err == 0) {
*err = WTAP_ERR_SHORT_READ;
}
return -1;
}
if (empty_line(line)) {
break;
}
if ((n = parse_single_hex_dump_line(line, buf, i*16)) == -1) {
*err = WTAP_ERR_BAD_RECORD;
return -1;
}
caplen += n;
}
return caplen;
}
/* Take a string representing one line from a hex dump and converts
* the text to binary data. We place the bytes in the buffer at the
* specified offset.
*
* Returns number of bytes successfully read, -1 if bad. */
static int
parse_single_hex_dump_line(char* rec, guint8 *buf, guint byte_offset)
{
int num_items_scanned, i;
unsigned int bytes[16];
num_items_scanned = sscanf(rec, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
&bytes[0], &bytes[1], &bytes[2], &bytes[3],
&bytes[4], &bytes[5], &bytes[6], &bytes[7],
&bytes[8], &bytes[9], &bytes[10], &bytes[11],
&bytes[12], &bytes[13], &bytes[14], &bytes[15]);
if (num_items_scanned == 0)
return -1;
if (num_items_scanned > 16)
num_items_scanned = 16;
for (i=0; i<num_items_scanned; i++) {
buf[byte_offset + i] = (guint8)bytes[i];
}
return num_items_scanned;
}

32
wiretap/cosine.h Normal file
View File

@ -0,0 +1,32 @@
/* cosine.h
*
* $Id: cosine.h,v 1.1 2002/07/31 19:27:57 guy Exp $
*
* CoSine IPNOS L2 debug output parsing
* Copyright (c) 2002 by Motonori Shindo <mshindo@mshindo.net>
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
#ifndef __W_COSINE_H__
#define __W_COSINE_H__
int cosine_open(wtap *wth, int *err);
#endif

8
wiretap/file.c
View File

@ -1,6 +1,6 @@
/* file.c
*
* $Id: file.c,v 1.95 2002/07/29 06:09:58 guy Exp $
* $Id: file.c,v 1.96 2002/07/31 19:27:57 guy Exp $
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@ -67,6 +67,7 @@
#include "vms.h"
#include "dbs-etherwatch.h"
#include "visual.h"
#include "cosine.h"
/* The open_file_* routines should return:
*
@ -119,6 +120,7 @@ static int (*open_routines[])(wtap *, int *) = {
csids_open,
vms_open,
dbs_etherwatch_open,
cosine_open,
};
#define N_FILE_TYPES (sizeof open_routines / sizeof open_routines[0])
@ -437,6 +439,10 @@ static const struct file_type_info {
/* WTAP_FILE_VISUAL_NETWORKS */
{ "Visual Networks traffic capture", "visual",
visual_dump_can_write_encap, visual_dump_open },
/* WTAP_FILE_COSINE */
{ "CoSine IPSX L2 capture", "cosine",
NULL, NULL },
};
/* Name that should be somewhat descriptive. */

5
wiretap/wtap.c
View File

@ -1,6 +1,6 @@
/* wtap.c
*
* $Id: wtap.c,v 1.68 2002/07/29 06:09:59 guy Exp $
* $Id: wtap.c,v 1.69 2002/07/31 19:27:57 guy Exp $
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@ -142,6 +142,9 @@ static const struct encap_type_info {
/* WTAP_ENCAP_HHDLC */
{ "HiPath HDLC", "hhdlc" },
/* WTAP_ENCAP_COSINE */
{ "CoSine L2 debug log", "cosine" },
};
/* Name that should be somewhat descriptive. */

41
wiretap/wtap.h
View File

@ -1,6 +1,6 @@
/* wtap.h
*
* $Id: wtap.h,v 1.118 2002/07/29 06:09:59 guy Exp $
* $Id: wtap.h,v 1.119 2002/07/31 19:27:57 guy Exp $
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@ -114,9 +114,10 @@
#define WTAP_ENCAP_PFLOG 26
#define WTAP_ENCAP_HHDLC 27
#define WTAP_ENCAP_DOCSIS 28
#define WTAP_ENCAP_COSINE 29
/* last WTAP_ENCAP_ value + 1 */
#define WTAP_NUM_ENCAP_TYPES 29
#define WTAP_NUM_ENCAP_TYPES 30
/* File types that can be read by wiretap.
We support writing some many of these file types, too, so we
@ -153,9 +154,10 @@
#define WTAP_FILE_VMS 29
#define WTAP_FILE_DBS_ETHERWATCH 30
#define WTAP_FILE_VISUAL_NETWORKS 31
#define WTAP_FILE_COSINE 32
/* last WTAP_FILE_ value + 1 */
#define WTAP_NUM_FILE_TYPES 32
#define WTAP_NUM_FILE_TYPES 33
/*
* Maximum packet size we'll support.
@ -291,12 +293,45 @@ struct ieee_802_11_phdr {
guint8 signal_level; /* percentage */
};
/* Packet "pseudo-header" for the output from CoSine L2 debug output. */
/* XXX */
#define COSINE_MAX_IF_NAME_LEN 128
#define COSINE_ENCAP_TEST 1
#define COSINE_ENCAP_PPoATM 2
#define COSINE_ENCAP_PPoFR 3
#define COSINE_ENCAP_ATM 4
#define COSINE_ENCAP_FR 5
#define COSINE_ENCAP_HDLC 6
#define COSINE_ENCAP_PPP 7
#define COSINE_ENCAP_ETH 8
#define COSINE_ENCAP_UNKNOWN 99
#define COSINE_DIR_TX 1
#define COSINE_DIR_RX 2
/* XXX */
struct cosine_phdr {
guint8 encap; /* COSINE_ENCAP_* as defined above */
guint8 direction; /* COSINE_DIR_*, as defined above */
char if_name[COSINE_MAX_IF_NAME_LEN];
guint16 pro; /* */
guint16 off; /* */
guint16 pri; /* */
guint16 rm; /* */
guint16 err; /* */
guint16 code1; /* */
guint16 code2; /* */
};
union wtap_pseudo_header {
struct x25_phdr x25;
struct atm_phdr atm;
struct ascend_phdr ascend;
struct p2p_phdr p2p;
struct ieee_802_11_phdr ieee_802_11;
struct cosine_phdr cosine;
};
struct wtap_pkthdr {