diff --git a/packet-ipx.c b/packet-ipx.c index 7793e42130..93334ac25c 100644 --- a/packet-ipx.c +++ b/packet-ipx.c @@ -2,7 +2,7 @@ * Routines for NetWare's IPX * Gilbert Ramirez * - * $Id: packet-ipx.c,v 1.10 1998/10/14 04:28:48 gram Exp $ + * $Id: packet-ipx.c,v 1.11 1998/10/14 05:18:30 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -91,6 +91,8 @@ static struct port_info ports[] = { { 0x0455, NULL, "NetBIOS" }, { 0x0456, NULL, "Diagnostic" }, { 0x0457, NULL, "Serialization" }, + { 0x0551, NULL, "NWLink SMB Name Query" }, + { 0x0553, dissect_nwlink_dg,"NWLink SMB Datagram" }, { 0x055d, NULL, "Attachmate Gateway" }, { 0x0000, NULL, NULL } }; @@ -134,7 +136,7 @@ ipx_packet_type(u_char val) return "NCP"; } else if (val == 20) { - return "NetBIOS Name Packet"; + return "NetBIOS Broadcast"; } else if (val >= 16 && val <= 31) { return "Experimental Protocol"; @@ -224,8 +226,11 @@ dissect_ipx(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { break; case 20: /* NetBIOS */ - dissect_nbipx_ns(pd, offset, fd, tree); - break; + if (dsocket == 0x0455) { + dissect_nbipx_ns(pd, offset, fd, tree); + break; + } + /* else fall through */ case 0: /* IPX, fall through to default */ default: diff --git a/packet-ipx.h b/packet-ipx.h index e2ddefa522..ce5f20f9e9 100644 --- a/packet-ipx.h +++ b/packet-ipx.h @@ -2,7 +2,7 @@ * Routines for NetWare's IPX * Gilbert Ramirez * - * $Id: packet-ipx.h,v 1.1 1998/09/23 05:25:10 gram Exp $ + * $Id: packet-ipx.h,v 1.2 1998/10/14 05:18:31 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -91,3 +91,5 @@ struct ipx_rip_packet #define IPX_NODE_LEN (6) #endif +gchar* +ipxnet_to_string(const guint8 *ad); diff --git a/packet-nbipx.c b/packet-nbipx.c index 2f12c2ccdf..490f29a944 100644 --- a/packet-nbipx.c +++ b/packet-nbipx.c @@ -2,7 +2,7 @@ * Routines for NetBIOS over IPX packet disassembly * Gilbert Ramirez * - * $Id: packet-nbipx.c,v 1.2 1998/10/14 04:28:49 gram Exp $ + * $Id: packet-nbipx.c,v 1.3 1998/10/14 05:18:32 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -46,39 +46,88 @@ #include "packet.h" #include "packet-ipx.h" /* for ipxnet_to_string() */ +enum nbipx_protocol { + NETBIOS_NETWARE, + NETBIOS_NWLINK +}; + +static void +nbipx_ns(const u_char *pd, int offset, frame_data *fd, GtkTree *tree, + enum nbipx_protocol nbipx); + /* There is no RFC or public specification of Netware or Microsoft * NetBIOS over IPX packets. I have had to decode the protocol myself, * so there are holes and perhaps errors in this code. (gram) */ +static char +*packet_type[] = { + "", + "Name Query" +}; struct nbipx_header { + /* Netware & NT NetBIOS over IPX */ guint32 router[8]; guint8 name_type; guint8 packet_type; + char name[17]; + + /* NT NetBIOS over IPX */ + guint16 junk; + char node_name[17]; + }; - +/* NetWare */ void dissect_nbipx_ns(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) +{ + nbipx_ns(pd, offset, fd, tree, NETBIOS_NETWARE); +} + +void +dissect_nwlink_dg(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) +{ + nbipx_ns(pd, offset, fd, tree, NETBIOS_NWLINK); +} + + +static void +nbipx_ns(const u_char *pd, int offset, frame_data *fd, GtkTree *tree, + enum nbipx_protocol nbipx) { GtkWidget *nbipx_tree, *ti; struct nbipx_header header; int i, rtr_offset; + int name_offset; + + if (nbipx == NETBIOS_NETWARE) { + name_offset = 34; + } + else { + name_offset = 36; + } - char *packet_type[] = { - "", - "Name Query" - }; header.name_type = pd[offset+32]; header.packet_type = pd[offset+33]; - memcpy(header.name, &pd[offset+34], 16); + memcpy(header.name, &pd[offset+name_offset], 16); header.name[16] = 0; /* null-terminate the string */ + if (nbipx == NETBIOS_NWLINK) { + memcpy(header.node_name, &pd[offset+52], 16); + header.node_name[17] = 0; /* null-terminate the string */ + } + if (fd->win_info[COL_NUM]) { + if (nbipx == NETBIOS_NETWARE) { strcpy(fd->win_info[COL_PROTOCOL], "NetBIOS"); + } + else { + strcpy(fd->win_info[COL_PROTOCOL], "NWLink"); + } switch (header.packet_type) { case 1: @@ -119,22 +168,25 @@ dissect_nbipx_ns(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) add_item_to_tree(nbipx_tree, offset+32, 1, "Name Type: %02X", header.name_type); - add_item_to_tree(nbipx_tree, offset+34, 16, "Name String: %s", - header.name); + + if (nbipx == NETBIOS_NETWARE) { + add_item_to_tree(nbipx_tree, offset+name_offset, 16, + "Name String: %s", header.name); + } + else { + add_item_to_tree(nbipx_tree, offset+name_offset, 16, + "Group Name String: %s", header.name); + add_item_to_tree(nbipx_tree, offset+52, 16, + "Node Name String: %s", header.node_name); + + } + } + + if (nbipx == NETBIOS_NWLINK) { + dissect_data(pd, offset + 68, fd, tree); } } - - - - - - - - - - - diff --git a/packet.h b/packet.h index d837e791dc..90f12013a5 100644 --- a/packet.h +++ b/packet.h @@ -1,7 +1,7 @@ /* packet.h * Definitions for packet disassembly structures and routines * - * $Id: packet.h,v 1.15 1998/10/14 04:28:47 gram Exp $ + * $Id: packet.h,v 1.16 1998/10/14 05:18:32 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -521,6 +521,7 @@ void dissect_lpd(const u_char *, int, frame_data *, GtkTree *); void dissect_nbipx_ns(const u_char *, int, frame_data *, GtkTree *); void dissect_nbns(const u_char *, int, frame_data *, GtkTree *); void dissect_ncp(const u_char *, int, frame_data *, GtkTree *); +void dissect_nwlink_dg(const u_char *, int, frame_data *, GtkTree *); void dissect_osi(const u_char *, int, frame_data *, GtkTree *); void dissect_ospf(const u_char *, int, frame_data *, GtkTree *); void dissect_ospf_hello(const u_char *, int, frame_data *, GtkTree *);