forked from osmocom/wireshark
Try to detect duplicated packets due to mirroring/span ports by comparing src MAC addresses.
svn path=/trunk/; revision=47324
This commit is contained in:
parent
29f02b2bb2
commit
80d3245f4a
|
@ -450,6 +450,10 @@ int rtp_packet_analyse(tap_rtp_stat_t *statinfo,
|
||||||
|
|
||||||
/* Is this the first packet we got in this direction? */
|
/* Is this the first packet we got in this direction? */
|
||||||
if (statinfo->first_packet) {
|
if (statinfo->first_packet) {
|
||||||
|
/* Save the MAC address of the first RTP frame */
|
||||||
|
if( pinfo->dl_src.type == AT_ETHER){
|
||||||
|
COPY_ADDRESS(&(statinfo->first_packet_mac_addr), &(pinfo->dl_src));
|
||||||
|
}
|
||||||
statinfo->start_seq_nr = rtpinfo->info_seq_num;
|
statinfo->start_seq_nr = rtpinfo->info_seq_num;
|
||||||
statinfo->stop_seq_nr = rtpinfo->info_seq_num;
|
statinfo->stop_seq_nr = rtpinfo->info_seq_num;
|
||||||
statinfo->seq_num = rtpinfo->info_seq_num;
|
statinfo->seq_num = rtpinfo->info_seq_num;
|
||||||
|
@ -482,6 +486,15 @@ int rtp_packet_analyse(tap_rtp_stat_t *statinfo,
|
||||||
/* Reset flags */
|
/* Reset flags */
|
||||||
statinfo->flags = 0;
|
statinfo->flags = 0;
|
||||||
|
|
||||||
|
/* Chek for duplicates (src mac differs from first_packet_mac_addr) */
|
||||||
|
if( pinfo->dl_src.type == AT_ETHER){
|
||||||
|
if(!ADDRESSES_EQUAL(&(statinfo->first_packet_mac_addr), &(pinfo->dl_src))){
|
||||||
|
statinfo->flags |= STAT_FLAG_DUP_PKT;
|
||||||
|
statinfo->delta = current_time-(statinfo->time);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* When calculating expected rtp packets the seq number can wrap around
|
/* When calculating expected rtp packets the seq number can wrap around
|
||||||
* so we have to count the number of cycles
|
* so we have to count the number of cycles
|
||||||
* Variable cycles counts the wraps around in forwarding connection and
|
* Variable cycles counts the wraps around in forwarding connection and
|
||||||
|
|
|
@ -555,6 +555,7 @@ static const GdkColor COLOR_DEFAULT = {0, 0xffff, 0xffff, 0xffff};
|
||||||
static const GdkColor COLOR_ERROR = {0, 0xffff, 0xbfff, 0xbfff};
|
static const GdkColor COLOR_ERROR = {0, 0xffff, 0xbfff, 0xbfff};
|
||||||
static const GdkColor COLOR_WARNING = {0, 0xffff, 0xdfff, 0xbfff};
|
static const GdkColor COLOR_WARNING = {0, 0xffff, 0xdfff, 0xbfff};
|
||||||
static const GdkColor COLOR_CN = {0, 0xbfff, 0xbfff, 0xffff};
|
static const GdkColor COLOR_CN = {0, 0xbfff, 0xbfff, 0xffff};
|
||||||
|
GdkColor yellow = {0, 0xffff, 0xffff, 0x0000};
|
||||||
COLOR_T_EVENT g_snprintf(color_str, sizeof(color_str), "#ef8c bfff ffff");
|
COLOR_T_EVENT g_snprintf(color_str, sizeof(color_str), "#ef8c bfff ffff");
|
||||||
static const GdkColor COLOR_FOREGROUND = {0, 0x0000, 0x0000, 0x0000};
|
static const GdkColor COLOR_FOREGROUND = {0, 0x0000, 0x0000, 0x0000};
|
||||||
*/
|
*/
|
||||||
|
@ -569,7 +570,7 @@ rtp_packet_add_info(GtkWidget *list, user_data_t * user_data,
|
||||||
gchar timeStr[32];
|
gchar timeStr[32];
|
||||||
struct tm *tm_tmp;
|
struct tm *tm_tmp;
|
||||||
time_t then;
|
time_t then;
|
||||||
gchar status[40];
|
gchar status[80];
|
||||||
gchar color_str[14];
|
gchar color_str[14];
|
||||||
|
|
||||||
then = pinfo->fd->abs_ts.secs;
|
then = pinfo->fd->abs_ts.secs;
|
||||||
|
@ -602,6 +603,11 @@ rtp_packet_add_info(GtkWidget *list, user_data_t * user_data,
|
||||||
/* color = COLOR_ERROR; */
|
/* color = COLOR_ERROR; */
|
||||||
g_snprintf(color_str, sizeof(color_str), "#ffffbfffbfff");
|
g_snprintf(color_str, sizeof(color_str), "#ffffbfffbfff");
|
||||||
}
|
}
|
||||||
|
else if (statinfo->flags & STAT_FLAG_DUP_PKT) {
|
||||||
|
g_snprintf(status, sizeof(status), "Suspected duplicate(MAC address) only delta time calculated");
|
||||||
|
/* color = Yellow; */
|
||||||
|
g_snprintf(color_str, sizeof(color_str), "#ffffffff0000");
|
||||||
|
}
|
||||||
else if (statinfo->flags & STAT_FLAG_REG_PT_CHANGE) {
|
else if (statinfo->flags & STAT_FLAG_REG_PT_CHANGE) {
|
||||||
if (statinfo->flags & STAT_FLAG_PT_T_EVENT) {
|
if (statinfo->flags & STAT_FLAG_PT_T_EVENT) {
|
||||||
g_snprintf(status, sizeof(status), "Payload changed to PT=%u telephone/event", statinfo->pt);
|
g_snprintf(status, sizeof(status), "Payload changed to PT=%u telephone/event", statinfo->pt);
|
||||||
|
@ -1353,9 +1359,10 @@ dialog_graph_draw(user_data_t* user_data)
|
||||||
* ((last_interval-interval)/user_data->dlg.dialog_graph.interval + 1))
|
* ((last_interval-interval)/user_data->dlg.dialog_graph.interval + 1))
|
||||||
+ left_x_border;
|
+ left_x_border;
|
||||||
|
|
||||||
if (user_data->dlg.dialog_graph.graph[i]
|
if (user_data->dlg.dialog_graph.graph[i].items[interval/user_data->dlg.dialog_graph.interval].flags &
|
||||||
.items[interval/user_data->dlg.dialog_graph.interval].flags & (STAT_FLAG_WRONG_SEQ|STAT_FLAG_MARKER)) {
|
(STAT_FLAG_WRONG_SEQ|STAT_FLAG_MARKER|STAT_FLAG_DUP_PKT)) {
|
||||||
if (user_data->dlg.dialog_graph.graph[i].items[interval/user_data->dlg.dialog_graph.interval].flags & STAT_FLAG_WRONG_SEQ) {
|
if (user_data->dlg.dialog_graph.graph[i].items[interval/user_data->dlg.dialog_graph.interval].flags &
|
||||||
|
(STAT_FLAG_WRONG_SEQ|STAT_FLAG_DUP_PKT)) {
|
||||||
g_strlcpy(label_string, "x", sizeof(label_string));
|
g_strlcpy(label_string, "x", sizeof(label_string));
|
||||||
} else {
|
} else {
|
||||||
g_strlcpy(label_string, "m", sizeof(label_string));
|
g_strlcpy(label_string, "m", sizeof(label_string));
|
||||||
|
@ -3547,7 +3554,8 @@ create_rtp_dialog(user_data_t* user_data)
|
||||||
str_src, user_data->port_src_fwd, str_dst, user_data->port_dst_fwd, user_data->ssrc_fwd);
|
str_src, user_data->port_src_fwd, str_dst, user_data->port_dst_fwd, user_data->ssrc_fwd);
|
||||||
|
|
||||||
g_snprintf(label_forward_tree, sizeof(label_forward_tree),
|
g_snprintf(label_forward_tree, sizeof(label_forward_tree),
|
||||||
"Analysing stream from %s port %u to %s port %u SSRC = 0x%X",
|
"Analysing stream from %s port %u to %s port %u SSRC = 0x%X \n"
|
||||||
|
"Note many things affects the accurasy of the analysis, use with caution",
|
||||||
str_src, user_data->port_src_fwd, str_dst, user_data->port_dst_fwd, user_data->ssrc_fwd);
|
str_src, user_data->port_src_fwd, str_dst, user_data->port_dst_fwd, user_data->ssrc_fwd);
|
||||||
|
|
||||||
|
|
||||||
|
@ -3555,7 +3563,8 @@ create_rtp_dialog(user_data_t* user_data)
|
||||||
g_strlcpy(str_dst, get_addr_name(&(user_data->dst_rev)), sizeof(str_dst));
|
g_strlcpy(str_dst, get_addr_name(&(user_data->dst_rev)), sizeof(str_dst));
|
||||||
|
|
||||||
g_snprintf(label_reverse, sizeof(label_reverse),
|
g_snprintf(label_reverse, sizeof(label_reverse),
|
||||||
"Analysing stream from %s port %u to %s port %u SSRC = 0x%X",
|
"Analysing stream from %s port %u to %s port %u SSRC = 0x%X \n"
|
||||||
|
"Note many things affects the accurasy of the analysis, use with caution",
|
||||||
str_src, user_data->port_src_rev, str_dst, user_data->port_dst_rev, user_data->ssrc_rev);
|
str_src, user_data->port_src_rev, str_dst, user_data->port_dst_rev, user_data->ssrc_rev);
|
||||||
|
|
||||||
/* Start a notebook for flipping between sets of changes */
|
/* Start a notebook for flipping between sets of changes */
|
||||||
|
|
|
@ -64,12 +64,13 @@ typedef struct _bw_history_item {
|
||||||
#define BUFF_BW 300
|
#define BUFF_BW 300
|
||||||
|
|
||||||
typedef struct _tap_rtp_stat_t {
|
typedef struct _tap_rtp_stat_t {
|
||||||
gboolean first_packet; /* do not use in code that is called after rtp_packet_analyse */
|
gboolean first_packet; /**< do not use in code that is called after rtp_packet_analyse */
|
||||||
/* use (flags & STAT_FLAG_FIRST) instead */
|
/* use (flags & STAT_FLAG_FIRST) instead */
|
||||||
/* all of the following fields will be initialized after
|
/* all of the following fields will be initialized after
|
||||||
* rtp_packet_analyse has been called
|
* rtp_packet_analyse has been called
|
||||||
*/
|
*/
|
||||||
guint32 flags; /* see STAT_FLAG-defines below */
|
address first_packet_mac_addr; /**< MAC address of first packet, used to determine duplicates due to mirroring */
|
||||||
|
guint32 flags; /* see STAT_FLAG-defines below */
|
||||||
guint16 seq_num;
|
guint16 seq_num;
|
||||||
guint32 timestamp;
|
guint32 timestamp;
|
||||||
guint32 first_timestamp;
|
guint32 first_timestamp;
|
||||||
|
@ -88,7 +89,7 @@ typedef struct _tap_rtp_stat_t {
|
||||||
double sumTS;
|
double sumTS;
|
||||||
double sumt2;
|
double sumt2;
|
||||||
double sumtTS;
|
double sumtTS;
|
||||||
double time; /* Unit is ms */
|
double time; /**< Unit is ms */
|
||||||
double start_time;
|
double start_time;
|
||||||
double lastnominaltime;
|
double lastnominaltime;
|
||||||
double max_delta;
|
double max_delta;
|
||||||
|
@ -118,6 +119,7 @@ typedef struct _tap_rtp_stat_t {
|
||||||
#define STAT_FLAG_REG_PT_CHANGE 0x040
|
#define STAT_FLAG_REG_PT_CHANGE 0x040
|
||||||
#define STAT_FLAG_WRONG_TIMESTAMP 0x080
|
#define STAT_FLAG_WRONG_TIMESTAMP 0x080
|
||||||
#define STAT_FLAG_PT_T_EVENT 0x100
|
#define STAT_FLAG_PT_T_EVENT 0x100
|
||||||
|
#define STAT_FLAG_DUP_PKT 0x200
|
||||||
|
|
||||||
/* forward */
|
/* forward */
|
||||||
struct _rtp_info;
|
struct _rtp_info;
|
||||||
|
|
Loading…
Reference in New Issue