diff --git a/Makefile.am b/Makefile.am index ff27376e29..fd79696f86 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ # Makefile.am # Automake file for Ethereal # -# $Id: Makefile.am,v 1.416 2002/03/16 02:25:48 guy Exp $ +# $Id: Makefile.am,v 1.417 2002/04/08 09:44:40 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs @@ -75,7 +75,6 @@ DISSECTOR_SRC = \ packet-aarp.c \ packet-afs.c \ packet-aim.c \ - packet-airopeek.c \ packet-arp.c \ packet-ascend.c\ packet-atalk.c \ diff --git a/Makefile.nmake b/Makefile.nmake index 35b98b6b04..b4aec44aec 100644 --- a/Makefile.nmake +++ b/Makefile.nmake @@ -1,7 +1,7 @@ ## Makefile for building ethereal.exe with Microsoft C and nmake ## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake # -# $Id: Makefile.nmake,v 1.175 2002/03/16 02:25:48 guy Exp $ +# $Id: Makefile.nmake,v 1.176 2002/04/08 09:44:40 guy Exp $ include config.nmake include @@ -26,7 +26,6 @@ DISSECTOR_SRC = \ packet-aarp.c \ packet-afs.c \ packet-aim.c \ - packet-airopeek.c \ packet-arp.c \ packet-ascend.c\ packet-atalk.c \ diff --git a/packet-airopeek.c b/packet-airopeek.c deleted file mode 100644 index 9e19f05444..0000000000 --- a/packet-airopeek.c +++ /dev/null @@ -1,137 +0,0 @@ -/* packet-airopeek.c - * Routines for AiroPeek capture file dissection - * - * $Id: packet-airopeek.c,v 1.4 2002/04/08 09:09:47 guy Exp $ - * - * Ethereal - Network traffic analyzer - * By Gerald Combs - * Copyright 1998 Gerald Combs - * - * Copied from README.developer - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - */ - -#ifdef HAVE_CONFIG_H -# include "config.h" -#endif - -#ifdef HAVE_SYS_TYPES_H -# include -#endif - -#include - -#include -#include "packet-ieee80211.h" - -/* protocol */ -static int proto_airopeek = -1; - -/* header fields */ -static int hf_airopeek_data_rate = -1; -static int hf_airopeek_channel = -1; -static int hf_airopeek_signal_strength = -1; - -static gint ett_airopeek = -1; - -static dissector_handle_t ieee80211_handle; - -static void -dissect_airopeek(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) -{ - proto_tree *airopeek_tree; - proto_item *ti; - guint8 data_rate; - guint8 signal_strength; - tvbuff_t *next_tvb; - gint length, reported_length; - - if (check_col(pinfo->cinfo, COL_PROTOCOL)) - col_set_str(pinfo->cinfo, COL_PROTOCOL, "AiroPeek"); - if (check_col(pinfo->cinfo, COL_INFO)) - col_clear(pinfo->cinfo, COL_INFO); - - if (tree) { - ti = proto_tree_add_protocol_format(tree, proto_airopeek, - tvb, 0, 3, "AiroPeek Radio Information"); - airopeek_tree = proto_item_add_subtree(ti, ett_airopeek); - - data_rate = tvb_get_guint8(tvb, 0); - proto_tree_add_uint_format(airopeek_tree, hf_airopeek_data_rate, - tvb, 0, 1, data_rate, - "Data Rate: %g mb/s", .5*data_rate); - - proto_tree_add_item(airopeek_tree, hf_airopeek_channel, - tvb, 1, 1, FALSE); - - signal_strength = tvb_get_guint8(tvb, 2); - proto_tree_add_uint_format(airopeek_tree, hf_airopeek_signal_strength, - tvb, 2, 1, signal_strength, - "Signal Strength: %u%%", signal_strength); - } - - /* - * Dissect the 802.11 header and data. - * The last 4 bytes appear to be random data - the length might - * include the FCS - so we reduce the length by 4. - */ - length = tvb_ensure_length_remaining(tvb, 4); - reported_length = tvb_reported_length_remaining(tvb, 4); - if (reported_length < 4) - THROW(ReportedBoundsError); - reported_length -= 4; - if (length > reported_length) - length = reported_length; - next_tvb = tvb_new_subset(tvb, 4, length, reported_length); - call_dissector(ieee80211_handle, next_tvb, pinfo, tree); -} - -void -proto_register_airopeek(void) -{ - static hf_register_info hf[] = { - { &hf_airopeek_data_rate, - { "Data Rate", "airopeek.data_rate", FT_UINT8, BASE_DEC, NULL, - 0x0, "", HFILL}}, - { &hf_airopeek_channel, - { "Channel", "airopeek.channel", FT_UINT8, BASE_DEC, NULL, - 0x0, "", HFILL}}, - { &hf_airopeek_signal_strength, - { "Signal Strength", "airopeek.signal_strength", FT_UINT8, BASE_DEC, NULL, - 0x0, "", HFILL}}, - }; - static gint *ett[] = { - &ett_airopeek - }; - - proto_airopeek = proto_register_protocol("AiroPeek radio information", - "AiroPeek", "airopeek"); - proto_register_field_array(proto_airopeek, hf, array_length(hf)); - proto_register_subtree_array(ett, array_length(ett)); -} - -void -proto_reg_handoff_airopeek(void) -{ - dissector_handle_t airopeek_handle; - - /* handle for 802.11 dissector */ - ieee80211_handle = find_dissector("wlan"); - - airopeek_handle = create_dissector_handle(dissect_airopeek, - proto_airopeek); - dissector_add("wtap_encap", WTAP_ENCAP_AIROPEEK, airopeek_handle); -} diff --git a/wiretap/etherpeek.c b/wiretap/etherpeek.c index 5ac5d90b85..000458c3e5 100644 --- a/wiretap/etherpeek.c +++ b/wiretap/etherpeek.c @@ -2,7 +2,7 @@ * Routines for opening EtherPeek (and TokenPeek?) files * Copyright (c) 2001, Daniel Thompson * - * $Id: etherpeek.c,v 1.17 2002/02/27 08:57:24 guy Exp $ + * $Id: etherpeek.c,v 1.18 2002/04/08 09:44:42 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -118,6 +118,16 @@ typedef struct etherpeek_utime { #define ETHERPEEK_V7_TIMESTAMP_LOWER_OFFSET 12 #define ETHERPEEK_V7_PKT_SIZE 16 +/* + * AiroPeek radio information, at the beginning of every packet. + */ +typedef struct { + guint8 data_rate; + guint8 channel; + guint8 signal_level; + guint8 unused; +} airopeek_radio_hdr_t; + typedef struct etherpeek_encap_lookup { guint16 protoNum; int encap; @@ -131,6 +141,8 @@ static const etherpeek_encap_lookup_t etherpeek_encap[] = { (sizeof (etherpeek_encap) / sizeof (etherpeek_encap[0])) static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset); +static gboolean etherpeek_seek_read_v7(wtap *wth, long seek_off, + union wtap_pseudo_header *pseudo_header, u_char *pd, int length, int *err); static gboolean etherpeek_read_v56(wtap *wth, int *err, long *data_offset); static void etherpeek_close(wtap *wth); @@ -220,8 +232,13 @@ int etherpeek_open(wtap *wth, int *err) * 802.11, with a private header giving * some radio information. Presumably * this is from AiroPeek. + * + * We supply the private header as + * the WTAP_ENCAP_IEEE_802_11_WITH_RADIO + * pseudo-header, rather than as frame + * data. */ - file_encap = WTAP_ENCAP_AIROPEEK; + file_encap = WTAP_ENCAP_IEEE_802_11_WITH_RADIO; break; default: @@ -302,7 +319,7 @@ int etherpeek_open(wtap *wth, int *err) wth->file_type = WTAP_FILE_ETHERPEEK_V7; wth->file_encap = file_encap; wth->subtype_read = etherpeek_read_v7; - wth->subtype_seek_read = wtap_def_seek_read; + wth->subtype_seek_read = etherpeek_seek_read_v7; break; default: @@ -330,6 +347,7 @@ static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset) guint8 status; etherpeek_utime timestamp; double t; + airopeek_radio_hdr_t radio_hdr; wtap_file_read_expected_bytes(ep_pkt, sizeof(ep_pkt), wth->fh, err); wth->data_offset += sizeof(ep_pkt); @@ -364,6 +382,33 @@ static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset) if (sliceLength % 2) /* packets are padded to an even length */ sliceLength++; + if (wth->file_encap == WTAP_ENCAP_IEEE_802_11_WITH_RADIO) { + /* + * The first 4 bytes of the packet data are radio + * information (including a reserved byte). + */ + if (sliceLength < 4) { + /* + * We don't *have* 4 bytes of packet data. + */ + *err = WTAP_ERR_BAD_RECORD; + return FALSE; + } + wtap_file_read_expected_bytes(&radio_hdr, 4, wth->fh, err); + + /* + * We don't treat the radio information as packet data. + */ + sliceLength -= 4; + wth->phdr.len -= 4; + wth->phdr.caplen -= 4; + wth->data_offset += 4; + + wth->pseudo_header.ieee_802_11.channel = radio_hdr.channel; + wth->pseudo_header.ieee_802_11.data_rate = radio_hdr.data_rate; + wth->pseudo_header.ieee_802_11.signal_level = radio_hdr.signal_level; + } + /* read the frame data */ buffer_assure_space(wth->frame_buffer, sliceLength); wtap_file_read_expected_bytes(buffer_start_ptr(wth->frame_buffer), @@ -378,10 +423,67 @@ static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset) wth->phdr.ts.tv_usec = (guint32) (t - (double) wth->phdr.ts.tv_sec * 1000000.0); + if (wth->file_encap == WTAP_ENCAP_IEEE_802_11_WITH_RADIO) { + /* + * The last 4 bytes appear to be random data - the length + * might include the FCS - so we reduce the length by 4. + * + * Or maybe this is just the same kind of random 4 bytes + * of junk at the end you get in Wireless Sniffer + * captures. + */ + wth->phdr.len -= 4; + wth->phdr.caplen -= 4; + } + wth->phdr.pkt_encap = wth->file_encap; return TRUE; } +static gboolean +etherpeek_seek_read_v7(wtap *wth, long seek_off, + union wtap_pseudo_header *pseudo_header, u_char *pd, int length, int *err) +{ + airopeek_radio_hdr_t radio_hdr; + + if (file_seek(wth->random_fh, seek_off, SEEK_SET) == -1) { + *err = file_error(wth->random_fh); + return FALSE; + } + + if (wth->file_encap == WTAP_ENCAP_IEEE_802_11_WITH_RADIO) { + /* + * The first 4 bytes of the packet data are radio + * information (including a reserved byte). + */ + if (length < 4) { + /* + * We don't *have* 4 bytes of packet data. + */ + *err = WTAP_ERR_BAD_RECORD; + return FALSE; + } + wtap_file_read_expected_bytes(&radio_hdr, 4, wth->random_fh, + err); + + /* + * We don't treat the radio information as packet data. + */ + length -= 4; + + pseudo_header->ieee_802_11.channel = radio_hdr.channel; + pseudo_header->ieee_802_11.data_rate = radio_hdr.data_rate; + pseudo_header->ieee_802_11.signal_level = radio_hdr.signal_level; + } + + /* + * XXX - should "errno" be set in "wtap_file_read_expected_bytes()"? + */ + errno = WTAP_ERR_CANT_READ; + wtap_file_read_expected_bytes(pd, length, wth->random_fh, err); + return TRUE; +} + static gboolean etherpeek_read_v56(wtap *wth, int *err, long *data_offset) { guchar ep_pkt[ETHERPEEK_V56_PKT_SIZE]; diff --git a/wiretap/wtap.c b/wiretap/wtap.c index f6d82b3518..ec71287323 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -1,6 +1,6 @@ /* wtap.c * - * $Id: wtap.c,v 1.64 2002/04/08 09:09:49 guy Exp $ + * $Id: wtap.c,v 1.65 2002/04/08 09:44:42 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -140,9 +140,6 @@ static const struct encap_type_info { /* WTAP_ENCAP_PFLOG */ { "OpenBSD PF Firewall logs", "pflog" }, - /* WTAP_ENCAP_AIROPEEK */ - { "IEEE 802.11 plus AiroPeek header", "airopeek" }, - /* WTAP_ENCAP_HHDLC */ { "HiPath HDLC", "hhdlc" }, }; diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 830afcd3bf..1aa567f210 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.108 2002/04/08 09:09:49 guy Exp $ + * $Id: wtap.h,v 1.109 2002/04/08 09:44:42 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -106,11 +106,10 @@ #define WTAP_ENCAP_LOCALTALK 24 #define WTAP_ENCAP_PRISM_HEADER 25 #define WTAP_ENCAP_PFLOG 26 -#define WTAP_ENCAP_AIROPEEK 27 -#define WTAP_ENCAP_HHDLC 28 +#define WTAP_ENCAP_HHDLC 27 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 29 +#define WTAP_NUM_ENCAP_TYPES 28 /* File types that can be read by wiretap. We support writing some many of these file types, too, so we