diff --git a/Makefile.am b/Makefile.am index d25e3341c6..5f7b73867f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -21,6 +21,7 @@ ethereal_SOURCES = \ packet-ip.c \ packet-ipv6.c \ packet-ipx.c \ + packet-ncp.c \ packet-osi.c \ packet-ospf.c \ packet-ppp.c \ diff --git a/packet-bootp.c b/packet-bootp.c index 357bda9059..364bd37a4a 100644 --- a/packet-bootp.c +++ b/packet-bootp.c @@ -2,7 +2,7 @@ * Routines for BOOTP/DHCP packet disassembly * Gilbert Ramirez * - * $Id: packet-bootp.c,v 1.4 1998/09/22 18:59:53 gram Exp $ + * $Id: packet-bootp.c,v 1.5 1998/09/23 05:25:08 gram Exp $ * * The information used comes from: * RFC 2132: DHCP Options and BOOTP Vendor Extensions @@ -404,7 +404,7 @@ dissect_bootp(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) } if (tree) { - ti = add_item_to_tree(GTK_WIDGET(tree), offset, fd->cap_len - offset, + ti = add_item_to_tree(GTK_WIDGET(tree), offset, END_OF_FRAME, "Bootstrap Protocol"); bp_tree = gtk_tree_new(); add_subtree(ti, bp_tree, ETT_BOOTP); diff --git a/packet-data.c b/packet-data.c index 06b9a90c97..6a8accae7a 100644 --- a/packet-data.c +++ b/packet-data.c @@ -2,7 +2,7 @@ * Routines for raw data (default case) * Gilbert Ramirez * - * $Id: packet-data.c,v 1.2 1998/09/16 03:22:02 gerald Exp $ + * $Id: packet-data.c,v 1.3 1998/09/23 05:25:08 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -45,7 +45,7 @@ void dissect_data(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { if (fd->cap_len > offset && tree) { - (void) add_item_to_tree(GTK_WIDGET(tree), offset, fd->cap_len - offset, + (void) add_item_to_tree(GTK_WIDGET(tree), offset, END_OF_FRAME, "Data"); } } diff --git a/packet-ipx.c b/packet-ipx.c index 14110224b5..8f1d554b48 100644 --- a/packet-ipx.c +++ b/packet-ipx.c @@ -2,7 +2,7 @@ * Routines for NetWare's IPX * Gilbert Ramirez * - * $Id: packet-ipx.c,v 1.2 1998/09/16 03:22:06 gerald Exp $ + * $Id: packet-ipx.c,v 1.3 1998/09/23 05:25:09 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -43,6 +43,7 @@ #include "ethereal.h" #include "packet.h" +#include "packet-ipx.h" /* The information in this module (IPX, SPX, NCP) comes from: NetWare LAN Analysis, Second Edition @@ -50,45 +51,44 @@ (c) 1994 Novell, Inc. Novell Press, San Jose. ISBN: 0-7821-1362-1 + + And from the ncpfs source code by Volker Lendecke + */ static void dissect_spx(const u_char *pd, int offset, frame_data *fd, GtkTree *tree); -static void -dissect_ncp(const u_char *pd, int offset, frame_data *fd, GtkTree *tree); +static void +dissect_ipxrip(const u_char *pd, int offset, frame_data *fd, GtkTree *tree); struct port_info { - u_short port; + guint16 port; + void (*func) (const u_char *, int, frame_data *, GtkTree *); char *text; }; struct conn_info { - u_char ctrl; - char *text; -}; - -struct req_info { - u_short req; + guint8 ctrl; char *text; }; /* ================================================================= */ /* IPX */ /* ================================================================= */ -static char* -port_text(u_short port) { - int i=0; +static struct port_info ports[] = { + { 0x0451, dissect_ncp, "NCP" }, + { 0x0452, NULL, "SAP" }, + { 0x0453, dissect_ipxrip, "RIP" }, + { 0x0455, NULL, "NetBIOS" }, + { 0x0456, NULL, "Diagnostic" }, + { 0x0457, NULL, "Serialization" }, + { 0x0000, NULL, NULL } +}; - static struct port_info ports[] = { - { 0x0451, "NCP" }, - { 0x0452, "SAP" }, - { 0x0453, "RIP" }, - { 0x0455, "NetBIOS" }, - { 0x0456, "Diagnostic" }, - { 0x0457, "Serialization" }, - { 0x0000, NULL } - }; +static char* +port_text(guint16 port) { + int i=0; while (ports[i].text != NULL) { if (ports[i].port == port) { @@ -99,6 +99,19 @@ port_text(u_short port) { return "Unknown"; } +static void* +port_func(guint16 port) { + int i=0; + + while (ports[i].text != NULL) { + if (ports[i].port == port) { + return ports[i].func; + } + i++; + } + return dissect_data; +} + char * ipx_packet_type(u_char val) { @@ -148,6 +161,7 @@ dissect_ipx(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { char *dnet, *snet; guint16 dsocket, ssocket; + void (*dissect) (const u_char *, int, frame_data *, GtkTree *); /* Calculate here for use in win_info[] and in tree */ dnet = network_to_string((guint8*)&pd[offset+6]); @@ -156,7 +170,6 @@ dissect_ipx(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { if (fd->win_info[0]) { strcpy(fd->win_info[3], "IPX"); - /*sprintf(fd->win_info[4], "Network %s --> %s", snet, dnet);*/ sprintf(fd->win_info[4], "%s (0x%04X)", port_text(dsocket), dsocket); } @@ -194,20 +207,30 @@ dissect_ipx(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { switch (ipx_type) { case 0: /* IPX */ - dissect_data(pd, offset, fd, tree); /* the IPX payload */ + dissect_data(pd, offset, fd, tree); break; + case 5: /* SPX */ dissect_spx(pd, offset, fd, tree); break; + case 17: /* NCP */ dissect_ncp(pd, offset, fd, tree); break; + case 20: /* NetBIOS */ - dissect_data(pd, offset, fd, tree); /* until implemented */ - break; - default: dissect_data(pd, offset, fd, tree); break; + + default: + dissect = port_func(dsocket); + if (dissect) { + dissect(pd, offset, fd, tree); + } + else { + dissect_data(pd, offset, fd, tree); + } + break; } } @@ -294,201 +317,54 @@ dissect_spx(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { } /* ================================================================= */ -/* NCP */ +/* IPX RIP */ /* ================================================================= */ -static char* -req_text(u_short req) { - int i=0; - - static struct req_info reqs[] = { - { 0x1111, "Create a service connection" }, - { 0x2222, "Service request" }, - { 0x3333, "Service reply" }, - { 0x5555, "Destroy service connection" }, - { 0x7777, "Burst mode transfer" }, - { 0x9999, "Request being processed" }, - { 0x0000, NULL } - }; - - while (reqs[i].text != NULL) { - if (reqs[i].req == req) { - return reqs[i].text; - } - i++; - } - return "Unknown"; -} - -static char* -ncp2222_func(u_short func) { - int i=0; - - static struct req_info ncp[] = { - { 17, "Print and Queue Services" }, - { 21, "Message Services" }, - { 22, "File and Directory Services" }, - { 23, "Binding and Rights Services" }, - { 34, "Transaction Tacking Services" }, - { 35, "Apple File Services" }, - { 86, "Extended Attributes Services" }, - { 87, "File and Directory Services" }, - { 88, "Auditing Services" }, - { 104, "Netware Directory Services" }, - { 123, "Netware 4.x Statistical Information Services" }, - { 0, NULL } - }; - - while (ncp[i].text != NULL) { - if (ncp[i].req == func) { - return ncp[i].text; - } - i++; - } - return "Unknown"; -} - -static char* -ncp2222_subfunc(u_short func, u_short subfunc) { - int i=0; - struct req_info *info_ptr = NULL; - - /* Accounting Services */ - static struct req_info ncp_23[] = { - { 150, "Get Current Account Status" }, - { 151, "Submit Account Charge" }, - { 152, "Submit Account Hold" }, - { 153, "Submit Account Note" }, - { 0, NULL } - }; - - /* Apple File Services */ - static struct req_info ncp_35[] = { - { 1, "AFP Create Directory" }, - { 2, "AFP Create File" }, - { 3, "AFP Delete" }, - { 4, "AFP Get Entry ID from Name" }, - { 5, "AFP Get File Information" }, - { 6, "AFP Get Entry ID From NetWare Handle" }, - { 7, "AFP Rename" }, - { 8, "AFP Open File Fork" }, - { 9, "AFP Set File Information" }, - { 10, "AFP Scan File Information" }, - { 11, "AFP 2.0 Alloc Temporary Directory Handle" }, - { 12, "AFP Get Entry ID from Name Path" }, - { 13, "AFP 2.0 Create Directory" }, - { 14, "AFP 2.0 Create File" }, -/* ??? { 15, "AFP 2.0 Delete File" }, just guessing */ - { 16, "AFP 2.0 Set File Information" }, - { 17, "AFP 2.0 Scan File Information" }, - { 18, "AFP Get DOS Name from Entry ID" }, - { 19, "AFP Get Macintosh Info on Deleted File" }, - { 0, NULL } - }; - - /* Auditing Services */ - static struct req_info ncp_88[] = { - { 1, "Query Volume Audit Status" }, - { 2, "Add Audit Property" }, - { 3, "Add Auditor Access" }, - - { 0, NULL } - }; - - switch (func) { - case 23: - info_ptr = ncp_23; - break; - case 35: - info_ptr = ncp_35; - break; - case 88: - info_ptr = ncp_88; - break; - default: - return "Unkown function"; - } - - - while (info_ptr[i].text != NULL) { - if (info_ptr[i].req == subfunc) { - printf("subfunc=%s\n", info_ptr[i].text); - return info_ptr[i].text; - } - i++; - } - return "Unknown"; -} - - static void -dissect_ncp(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { +dissect_ipxrip(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { - GtkWidget *ncp_tree, *ti; - guint16 ncp_type; - int ncp_hdr; + GtkWidget *rip_tree, *ti; + guint16 operation; + struct ipx_rt_def route; + int cursor; + + char *rip_type[2] = { "Request", "Response" }; + + operation = pntohs(&pd[offset]) - 1; if (fd->win_info[0]) { - strcpy(fd->win_info[3], "NCP"); - strcpy(fd->win_info[4], "NCP"); - } - - ncp_type = pntohs(&pd[offset]); - - if (ncp_type == 0x1111 || ncp_type == 0x2222 || ncp_type == 0x5555 || - ncp_type == 0x7777) { - ncp_hdr = 6; - } - else if (ncp_type == 0x3333 || ncp_type == 0x9999) { - ncp_hdr = 8; - } - else { - ncp_hdr = 1; /* ? */ + strcpy(fd->win_info[3], "IPX RIP"); + if (operation < 2) { + sprintf(fd->win_info[4], "RIP %s", rip_type[operation]); + } + else { + strcpy(fd->win_info[4], "IPX RIP"); + } } if (tree) { - ti = add_item_to_tree(GTK_WIDGET(tree), offset, ncp_hdr, - "NetWare Core Protocol"); - ncp_tree = gtk_tree_new(); - add_subtree(ti, ncp_tree, ETT_NCP); + ti = add_item_to_tree(GTK_WIDGET(tree), offset, END_OF_FRAME, + "IPX Routing Information Protocol"); + rip_tree = gtk_tree_new(); + add_subtree(ti, rip_tree, ETT_IPXRIP); - add_item_to_tree(ncp_tree, offset, 2, - "Type: %s", req_text( pntohs( &pd[offset] ) ) ); - - add_item_to_tree(ncp_tree, offset+2, 1, - "Sequence Number: %d", pd[offset+2]); - - add_item_to_tree(ncp_tree, offset+3, 1, - "Connection Number Low: %d", pd[offset+3]); - - add_item_to_tree(ncp_tree, offset+4, 1, - "Task Number: %d", pd[offset+4]); - - add_item_to_tree(ncp_tree, offset+5, 1, - "Connection Number High: %d", pd[offset+5]); - - if (ncp_hdr == 8) { - add_item_to_tree(ncp_tree, offset+6, 1, - "Completion Code: %d", pd[offset+6]); - - add_item_to_tree(ncp_tree, offset+7, 1, - "Connection Status: %d", pd[offset+7]); + if (operation < 2) { + add_item_to_tree(rip_tree, offset, 2, + "RIP packet type: %s", rip_type[operation]); + } + else { + add_item_to_tree(rip_tree, offset, 2, "Unknown RIP packet type"); } - offset += ncp_hdr; + for (cursor = offset + 2; cursor < fd->cap_len; cursor += 8) { + memcpy(&route.network, &pd[cursor], 4); + route.hops = pntohs(&pd[cursor+4]); + route.ticks = pntohs(&pd[cursor+6]); - if (ncp_type == 0x2222) { - /* my offset is different now */ - add_item_to_tree(ncp_tree, offset, 1, - "Function Code: %s (%d)", - ncp2222_func(pd[offset]), pd[offset]); - - add_item_to_tree(ncp_tree, offset+2, 1, - "Subfunction Code: %s (%d)", - ncp2222_subfunc(pd[offset], pd[offset+2]), pd[offset+2]); - - offset += 3; + add_item_to_tree(rip_tree, cursor, 8, + "Route Vector: %s, %d hop%s, %d tick%s", + network_to_string((guint8*)&route.network), + route.hops, route.hops == 1 ? "" : "s", + route.ticks, route.ticks == 1 ? "" : "s"); } - - dissect_data(pd, offset, fd, tree); } } diff --git a/packet-ipx.h b/packet-ipx.h new file mode 100644 index 0000000000..e2ddefa522 --- /dev/null +++ b/packet-ipx.h @@ -0,0 +1,93 @@ +/* packet-ipx.h + * Routines for NetWare's IPX + * Gilbert Ramirez + * + * $Id: packet-ipx.h,v 1.1 1998/09/23 05:25:10 gram Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +/* + * ipxlib.h + * + * Copyright (C) 1995 by Volker Lendecke + * + */ + +#define IPX_NODE_LEN 6 + +typedef guint32 IPXNet; +typedef guint16 IPXPort; +typedef guint8 IPXNode[IPX_NODE_LEN]; +typedef const guint8 CIPXNode[IPX_NODE_LEN]; + +#define IPX_USER_PTYPE (0x00) +#define IPX_RIP_PTYPE (0x01) +#define IPX_SAP_PTYPE (0x04) +#define IPX_AUTO_PORT (0x0000) +#define IPX_SAP_PORT (0x0452) +#define IPX_RIP_PORT (0x0453) + +#define IPX_SAP_GENERAL_QUERY (0x0001) +#define IPX_SAP_GENERAL_RESPONSE (0x0002) +#define IPX_SAP_NEAREST_QUERY (0x0003) +#define IPX_SAP_NEAREST_RESPONSE (0x0004) + +#define IPX_SAP_FILE_SERVER (0x0004) + +struct sap_query +{ + guint16 query_type; /* net order */ + guint16 server_type; /* net order */ +}; + +struct sap_server_ident +{ + guint16 server_type ; + char server_name[48] ; + IPXNet server_network ; + IPXNode server_node ; + IPXPort server_port ; + guint16 intermediate_network ; +}; + +#define IPX_RIP_REQUEST (0x1) +#define IPX_RIP_RESPONSE (0x2) + +struct ipx_rip_packet +{ + guint16 operation ; + struct ipx_rt_def + { + guint32 network ; + guint16 hops ; + guint16 ticks ; + } + rt[1] ; +}; + +#define IPX_BROADCAST_NODE ("\xff\xff\xff\xff\xff\xff") +#define IPX_THIS_NODE ("\0\0\0\0\0\0") +#define IPX_THIS_NET (0) + +#ifndef IPX_NODE_LEN +#define IPX_NODE_LEN (6) +#endif + diff --git a/packet-llc.c b/packet-llc.c index d3cfe2d628..a02f8e4872 100644 --- a/packet-llc.c +++ b/packet-llc.c @@ -2,7 +2,7 @@ * Routines for IEEE 802.2 LLC layer * Gilbert Ramirez * - * $Id: packet-llc.c,v 1.5 1998/09/17 21:30:58 gram Exp $ + * $Id: packet-llc.c,v 1.6 1998/09/23 05:25:10 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -39,7 +39,7 @@ #include "etypes.h" struct sap_info { - u_char sap; + guint8 sap; void (*func) (const u_char *, int, frame_data *, GtkTree *); char *text; }; diff --git a/packet-ncp.c b/packet-ncp.c new file mode 100644 index 0000000000..b8a6a1c714 --- /dev/null +++ b/packet-ncp.c @@ -0,0 +1,262 @@ +/* packet-ncp.c + * Routines for NetWare Core Protocol + * Gilbert Ramirez + * + * $Id: packet-ncp.c,v 1.1 1998/09/23 05:25:11 gram Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include + +#include + +#ifdef HAVE_SYS_TYPES_H +# include +#endif + +#ifdef HAVE_NETINET_IN_H +# include +#endif + +#include "ethereal.h" +#include "packet.h" + +/* The information in this module comes from: + NetWare LAN Analysis, Second Edition + Laura A. Chappell and Dan E. Hakes + (c) 1994 Novell, Inc. + Novell Press, San Jose. + ISBN: 0-7821-1362-1 + + And from the ncpfs source code by Volker Lendecke +*/ + + +struct req_info { + u_short req; + char *text; +}; + + +/* ================================================================= */ +/* NCP */ +/* ================================================================= */ +static char* +req_text(u_short req) { + int i=0; + + static struct req_info reqs[] = { + { 0x1111, "Create a service connection" }, + { 0x2222, "Service request" }, + { 0x3333, "Service reply" }, + { 0x5555, "Destroy service connection" }, + { 0x7777, "Burst mode transfer" }, + { 0x9999, "Request being processed" }, + { 0x0000, NULL } + }; + + while (reqs[i].text != NULL) { + if (reqs[i].req == req) { + return reqs[i].text; + } + i++; + } + return "Unknown"; +} + +static char* +ncp2222_func(u_short func) { + int i=0; + + static struct req_info ncp[] = { + { 17, "Print and Queue Services" }, + { 21, "Message Services" }, + { 22, "File and Directory Services" }, + { 23, "Binding and Rights Services" }, + { 34, "Transaction Tacking Services" }, + { 35, "Apple File Services" }, + { 86, "Extended Attributes Services" }, + { 87, "File and Directory Services" }, + { 88, "Auditing Services" }, + { 104, "Netware Directory Services" }, + { 123, "Netware 4.x Statistical Information Services" }, + { 0, NULL } + }; + + while (ncp[i].text != NULL) { + if (ncp[i].req == func) { + return ncp[i].text; + } + i++; + } + return "Unknown"; +} + +static char* +ncp2222_subfunc(u_short func, u_short subfunc) { + int i=0; + struct req_info *info_ptr = NULL; + + /* Accounting Services */ + static struct req_info ncp_23[] = { + { 150, "Get Current Account Status" }, + { 151, "Submit Account Charge" }, + { 152, "Submit Account Hold" }, + { 153, "Submit Account Note" }, + { 0, NULL } + }; + + /* Apple File Services */ + static struct req_info ncp_35[] = { + { 1, "AFP Create Directory" }, + { 2, "AFP Create File" }, + { 3, "AFP Delete" }, + { 4, "AFP Get Entry ID from Name" }, + { 5, "AFP Get File Information" }, + { 6, "AFP Get Entry ID From NetWare Handle" }, + { 7, "AFP Rename" }, + { 8, "AFP Open File Fork" }, + { 9, "AFP Set File Information" }, + { 10, "AFP Scan File Information" }, + { 11, "AFP 2.0 Alloc Temporary Directory Handle" }, + { 12, "AFP Get Entry ID from Name Path" }, + { 13, "AFP 2.0 Create Directory" }, + { 14, "AFP 2.0 Create File" }, +/* ??? { 15, "AFP 2.0 Delete File" }, just guessing */ + { 16, "AFP 2.0 Set File Information" }, + { 17, "AFP 2.0 Scan File Information" }, + { 18, "AFP Get DOS Name from Entry ID" }, + { 19, "AFP Get Macintosh Info on Deleted File" }, + { 0, NULL } + }; + + /* Auditing Services */ + static struct req_info ncp_88[] = { + { 1, "Query Volume Audit Status" }, + { 2, "Add Audit Property" }, + { 3, "Add Auditor Access" }, + + { 0, NULL } + }; + + switch (func) { + case 23: + info_ptr = ncp_23; + break; + case 35: + info_ptr = ncp_35; + break; + case 88: + info_ptr = ncp_88; + break; + default: + return "Unkown function"; + } + + + while (info_ptr[i].text != NULL) { + if (info_ptr[i].req == subfunc) { + printf("subfunc=%s\n", info_ptr[i].text); + return info_ptr[i].text; + } + i++; + } + return "Unknown"; +} + + +void +dissect_ncp(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) { + + GtkWidget *ncp_tree, *ti; + guint16 ncp_type; + int ncp_hdr; + + if (fd->win_info[0]) { + strcpy(fd->win_info[3], "NCP"); + strcpy(fd->win_info[4], "NCP"); + } + + ncp_type = pntohs(&pd[offset]); + + if (ncp_type == 0x1111 || ncp_type == 0x2222 || ncp_type == 0x5555 || + ncp_type == 0x7777) { + ncp_hdr = 6; + } + else if (ncp_type == 0x3333 || ncp_type == 0x9999) { + ncp_hdr = 8; + } + else { + ncp_hdr = 1; /* ? */ + } + + if (tree) { + ti = add_item_to_tree(GTK_WIDGET(tree), offset, ncp_hdr, + "NetWare Core Protocol"); + ncp_tree = gtk_tree_new(); + add_subtree(ti, ncp_tree, ETT_NCP); + + add_item_to_tree(ncp_tree, offset, 2, + "Type: %s", req_text( pntohs( &pd[offset] ) ) ); + + add_item_to_tree(ncp_tree, offset+2, 1, + "Sequence Number: %d", pd[offset+2]); + + add_item_to_tree(ncp_tree, offset+3, 1, + "Connection Number Low: %d", pd[offset+3]); + + add_item_to_tree(ncp_tree, offset+4, 1, + "Task Number: %d", pd[offset+4]); + + add_item_to_tree(ncp_tree, offset+5, 1, + "Connection Number High: %d", pd[offset+5]); + + if (ncp_hdr == 8) { + add_item_to_tree(ncp_tree, offset+6, 1, + "Completion Code: %d", pd[offset+6]); + + add_item_to_tree(ncp_tree, offset+7, 1, + "Connection Status: %d", pd[offset+7]); + } + + offset += ncp_hdr; + + if (ncp_type == 0x2222) { + /* my offset is different now */ + add_item_to_tree(ncp_tree, offset, 1, + "Function Code: %s (%d)", + ncp2222_func(pd[offset]), pd[offset]); + + add_item_to_tree(ncp_tree, offset+2, 1, + "Subfunction Code: %s (%d)", + ncp2222_subfunc(pd[offset], pd[offset+2]), pd[offset+2]); + + offset += 3; + } + + dissect_data(pd, offset, fd, tree); + } +} diff --git a/packet-ncp.h b/packet-ncp.h new file mode 100644 index 0000000000..92020c97be --- /dev/null +++ b/packet-ncp.h @@ -0,0 +1,323 @@ +/* packet-ncp.h + * Routines for NetWare Core Protocol + * Gilbert Ramirez + * + * $Id: packet-ncp.h,v 1.1 1998/09/23 05:25:11 gram Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +/* + * ncp.h + * + * Copyright (C) 1995 by Volker Lendecke + * + */ + +#define NCP_PTYPE (0x11) +#define NCP_PORT (0x0451) + +#define NCP_ALLOC_SLOT_REQUEST (0x1111) +#define NCP_REQUEST (0x2222) +#define NCP_DEALLOC_SLOT_REQUEST (0x5555) + +struct ncp_request_header { + guint16 type ; + guint8 sequence ; + guint8 conn_low ; + guint8 task ; + guint8 conn_high ; + guint8 function ; + guint8 data[0] ; +}; + +#define NCP_REPLY (0x3333) +#define NCP_POSITIVE_ACK (0x9999) + +struct ncp_reply_header { + guint16 type ; + guint8 sequence ; + guint8 conn_low ; + guint8 task ; + guint8 conn_high ; + guint8 completion_code ; + guint8 connection_state ; + guint8 data[0] ; +}; + + +#define NCP_BINDERY_USER (0x0001) +#define NCP_BINDERY_UGROUP (0x0002) +#define NCP_BINDERY_PQUEUE (0x0003) +#define NCP_BINDERY_FSERVER (0x0004) +#define NCP_BINDERY_NAME_LEN (48) +struct ncp_bindery_object { + guint32 object_id; + guint16 object_type; + guint8 object_name[NCP_BINDERY_NAME_LEN]; + guint8 object_flags; + guint8 object_security; + guint8 object_has_prop; +}; + +struct nw_property { + guint8 value[128]; + guint8 more_flag; + guint8 property_flag; +}; + +struct prop_net_address { + guint32 network ; + guint8 node[IPX_NODE_LEN] ; + guint16 port ; +}; + +#define NCP_VOLNAME_LEN (16) +#define NCP_NUMBER_OF_VOLUMES (64) +struct ncp_volume_info { + guint32 total_blocks; + guint32 free_blocks; + guint32 purgeable_blocks; + guint32 not_yet_purgeable_blocks; + guint32 total_dir_entries; + guint32 available_dir_entries; + guint8 sectors_per_block; + char volume_name[NCP_VOLNAME_LEN+1]; +}; + +struct ncp_filesearch_info { + guint8 volume_number; + guint16 directory_id; + guint16 sequence_no; + guint8 access_rights; +}; + +#define NCP_MAX_FILENAME 14 + +/* these define the attribute byte as seen by NCP */ +#define aRONLY (1L<<0) +#define aHIDDEN (1L<<1) +#define aSYSTEM (1L<<2) +#define aEXECUTE (1L<<3) +#define aDIR (1L<<4) +#define aARCH (1L<<5) + +#define AR_READ (0x01) +#define AR_WRITE (0x02) +#define AR_EXCLUSIVE (0x20) + +#define NCP_FILE_ID_LEN 6 +struct ncp_file_info { + guint8 file_id[NCP_FILE_ID_LEN]; + char file_name[NCP_MAX_FILENAME+1]; + guint8 file_attributes; + guint8 file_mode; + guint32 file_length; + guint16 creation_date; + guint16 access_date; + guint16 update_date; + guint16 update_time; +}; + +/* Defines for Name Spaces */ +#define NW_NS_DOS 0 +#define NW_NS_MAC 1 +#define NW_NS_NFS 2 +#define NW_NS_FTAM 3 +#define NW_NS_OS2 4 + +/* Defines for ReturnInformationMask */ +#define RIM_NAME (0x0001L) +#define RIM_SPACE_ALLOCATED (0x0002L) +#define RIM_ATTRIBUTES (0x0004L) +#define RIM_DATA_SIZE (0x0008L) +#define RIM_TOTAL_SIZE (0x0010L) +#define RIM_EXT_ATTR_INFO (0x0020L) +#define RIM_ARCHIVE (0x0040L) +#define RIM_MODIFY (0x0080L) +#define RIM_CREATION (0x0100L) +#define RIM_OWNING_NAMESPACE (0x0200L) +#define RIM_DIRECTORY (0x0400L) +#define RIM_RIGHTS (0x0800L) +#define RIM_ALL (0x0FFFL) +#define RIM_COMPRESSED_INFO (0x80000000L) + +/* open/create modes */ +#define OC_MODE_OPEN 0x01 +#define OC_MODE_TRUNCATE 0x02 +#define OC_MODE_REPLACE 0x02 +#define OC_MODE_CREATE 0x08 + +/* open/create results */ +#define OC_ACTION_NONE 0x00 +#define OC_ACTION_OPEN 0x01 +#define OC_ACTION_CREATE 0x02 +#define OC_ACTION_TRUNCATE 0x04 +#define OC_ACTION_REPLACE 0x04 + +/* access rights attributes */ +#ifndef AR_READ_ONLY +#define AR_READ_ONLY 0x0001 +#define AR_WRITE_ONLY 0x0002 +#define AR_DENY_READ 0x0004 +#define AR_DENY_WRITE 0x0008 +#define AR_COMPATIBILITY 0x0010 +#define AR_WRITE_THROUGH 0x0040 +#define AR_OPEN_COMPRESSED 0x0100 +#endif + +struct nw_info_struct +{ + guint32 spaceAlloc ; + guint32 attributes ; + guint16 flags ; + guint32 dataStreamSize ; + guint32 totalStreamSize ; + guint16 numberOfStreams ; + guint16 creationTime ; + guint16 creationDate ; + guint32 creatorID ; + guint16 modifyTime ; + guint16 modifyDate ; + guint32 modifierID ; + guint16 lastAccessDate ; + guint16 archiveTime ; + guint16 archiveDate ; + guint32 archiverID ; + guint16 inheritedRightsMask ; + guint32 dirEntNum ; + guint32 DosDirNum ; + guint32 volNumber ; + guint32 EADataSize ; + guint32 EAKeyCount ; + guint32 EAKeySize ; + guint32 NSCreator ; + guint8 nameLen ; + guint8 entryName[256] ; +}; + +/* modify mask - use with MODIFY_DOS_INFO structure */ +#define DM_ATTRIBUTES (0x0002L) +#define DM_CREATE_DATE (0x0004L) +#define DM_CREATE_TIME (0x0008L) +#define DM_CREATOR_ID (0x0010L) +#define DM_ARCHIVE_DATE (0x0020L) +#define DM_ARCHIVE_TIME (0x0040L) +#define DM_ARCHIVER_ID (0x0080L) +#define DM_MODIFY_DATE (0x0100L) +#define DM_MODIFY_TIME (0x0200L) +#define DM_MODIFIER_ID (0x0400L) +#define DM_LAST_ACCESS_DATE (0x0800L) +#define DM_INHERITED_RIGHTS_MASK (0x1000L) +#define DM_MAXIMUM_SPACE (0x2000L) + +struct nw_modify_dos_info +{ + guint32 attributes ; + guint16 creationDate ; + guint16 creationTime ; + guint32 creatorID ; + guint16 modifyDate ; + guint16 modifyTime ; + guint32 modifierID ; + guint16 archiveDate ; + guint16 archiveTime ; + guint32 archiverID ; + guint16 lastAccessDate ; + guint16 inheritanceGrantMask ; + guint16 inheritanceRevokeMask ; + guint32 maximumSpace ; +}; + +struct nw_file_info { + struct nw_info_struct i; + int opened; + int access; + guint32 server_file_handle ; + guint8 open_create_action ; + guint8 file_handle[6] ; +}; + +struct nw_search_sequence { + guint8 volNumber ; + guint32 dirBase ; + guint32 sequence ; +}; + +struct nw_queue_job_entry { + guint16 InUse ; + guint32 prev ; + guint32 next ; + guint32 ClientStation ; + guint32 ClientTask ; + guint32 ClientObjectID ; + guint32 TargetServerID ; + guint8 TargetExecTime[6] ; + guint8 JobEntryTime[6] ; + guint32 JobNumber ; + guint16 JobType ; + guint16 JobPosition ; + guint16 JobControlFlags ; + guint8 FileNameLen ; + char JobFileName[13] ; + guint32 JobFileHandle ; + guint32 ServerStation ; + guint32 ServerTaskNumber ; + guint32 ServerObjectID ; + char JobTextDescription[50] ; + char ClientRecordArea[152] ; +}; + +struct queue_job { + struct nw_queue_job_entry j; + guint8 file_handle[6]; +}; + +#define QJE_OPER_HOLD 0x80 +#define QJE_USER_HOLD 0x40 +#define QJE_ENTRYOPEN 0x20 +#define QJE_SERV_RESTART 0x10 +#define QJE_SERV_AUTO 0x08 + +/* ClientRecordArea for print jobs */ + +#define KEEP_ON 0x0400 +#define NO_FORM_FEED 0x0800 +#define NOTIFICATION 0x1000 +#define DELETE_FILE 0x2000 +#define EXPAND_TABS 0x4000 +#define PRINT_BANNER 0x8000 + +struct print_job_record { + guint8 Version ; + guint8 TabSize ; + guint16 Copies ; + guint16 CtrlFlags ; + guint16 Lines ; + guint16 Rows ; + char FormName[16] ; + guint8 Reserved[6] ; + char BannerName[13] ; + char FnameBanner[13] ; + char FnameHeader[14] ; + char Path[80] ; +}; + + diff --git a/packet.h b/packet.h index 3dbb8bfa2c..cd46a8c08d 100644 --- a/packet.h +++ b/packet.h @@ -1,7 +1,7 @@ /* packet.h * Definitions for packet disassembly structures and routines * - * $Id: packet.h,v 1.6 1998/09/21 16:16:00 gram Exp $ + * $Id: packet.h,v 1.7 1998/09/23 05:25:12 gram Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -52,6 +52,12 @@ (guint32)*((guint8 *)p+0)<<0) #endif /* LITTLE_ENDIAN */ +/* Useful when highlighting regions inside a dissect_*() function. With this + * macro, you can highlight from the start of the packet to the end of the + * frame. See dissect_data() for an example. + */ +#define END_OF_FRAME (fd->cap_len - offset) + #define IEEE_802_3_MAX_LEN 1500 #define BYTE_VIEW_WIDTH 16 @@ -298,9 +304,10 @@ typedef struct _e_udphdr { #define ETT_COTP 35 #define ETT_VINES 36 #define ETT_VSPP 37 +#define ETT_IPXRIP 38 /* Should be the last item number plus one */ -#define NUM_TREE_TYPES 38 +#define NUM_TREE_TYPES 39 /* The version of pcap.h that comes with some systems is missing these * #defines. @@ -358,6 +365,7 @@ void dissect_ipv6(const u_char *, int, frame_data *, GtkTree *); void dissect_ipx(const u_char *, int, frame_data *, GtkTree *); void dissect_llc(const u_char *, int, frame_data *, GtkTree *); void dissect_lpd(const u_char *, int, frame_data *, GtkTree *); +void dissect_ncp(const u_char *, int, frame_data *, GtkTree *); void dissect_osi(const u_char *, int, frame_data *, GtkTree *); void dissect_ospf(const u_char *, int, frame_data *, GtkTree *); void dissect_ospf_hello(const u_char *, int, frame_data *, GtkTree *);