The existing PEAP support does not decode the inner attributes, this
commit adds that support by introducing packet-peap.c which recreates
a 'pseudo' EAP header before looping the TVB back into the EAP dissector.
Adding subdissector support to UDS and allow Signal PDUs for it.
This patch supports:
- ReadDataByIdentifier (RDBI) Reply
- WriteDataByIdentifier (WDBI) Request
- RoutineControl (RC) Request
- RoutineControl (RC) Reply
The Enhanced Trading Interface (ETI) protocol and the Enhanced
Order Book Interface (EOBI) protocol are used by a few European
exchanges such as Eurex, Xetra and Börse Frankfurt.
Basically, a trader uses ETI to communicate with a matching
engine (over TCP), e.g. to add a new order, modify an existing
one, etc. while the matching engine also publicizes the current
state of the order book via EOBI over multicast UDP feeds.
ETI actually consists of two variants, i.e. ETI for derivatives
markets (such as Eurex) and ETI for cash markets (such as Xetra).
A common convention is to abbreviate them as ETI (for
derivatives) and XTI (for cash).
These protocols share the same encoding, i.e. messages start with
a length and a tag field and most messages and fields are fixed
size. See also
https://github.com/gsauthof/python-eti#protocol-introduction for
some more details.
The protocol specifications are openly available (cf.
https://github.com/gsauthof/python-eti#protocol-descriptions for
direct links) in human and machine-readable (XML) formats.
The Wireshark ETI/XTI/EOBI dissectors are code-generated by
`eti2wireshark.py`
(https://github.com/gsauthof/python-eti/blob/master/eti2wireshark.py)
which is GPL licensed. See also
https://github.com/gsauthof/python-eti#wireshark-protocol-dissectors
for usage examples and related work.
This is capable of dissecting UASP traffic on a USB 2.0
bus, provided Wireshark sees the interface descriptor.
Dissecting USB 3.0 traffic won't work properly because we
don't have access to an URB's bulk stream ID, so the data
transfer can't be attributed properly to commands.
The existing dissector only handles the Bulk-Only Transport
protocol but occupies the USB dissector hooks for all mass
storage class traffic.
To facilitate alternative protocols like UASP, direct all
mass storage class traffic to a stub dissector which will
dispatch to the real dissector based on other information,
such as the USB interface protocol.
Heuristic dissectors are still attached directly to the
core USB hooks.
Move dissectors.c to a separate object library so that the rest of the
dissectors don't have to wait for it to be generated. This reduces build
time here by a few seconds when ccache is enabled.
packet-li5g.c used to parse the LI x2/x3 PDU header which defined in ETSI TS 103 221-2
lix2 used to parse the x2 xIRI payload, the ASN.1 defined in 3GPP 33.128.
Add the dissector generated by asnwer
will merge this file in a new request, so, delete it from the 5G LI branch
Add a comment line stating the 3gpp document in lix2.asn
fix the commit warning
This patch adds basic dissection for the egfx channel. It also fixes fragmentation
in the dynamic channel, and also introduces some of the decompressors involved in RDP
traffic.
This patch adds support for the ISO 10681-2 protocol, which is similar
to the ISO 15765-2 protocol (see packet-iso15765.c).
This patch also add support for registering combined FlexRay IDs to
register the new dissector.
This patch adds support to DoIP and ISO15765 to pass the diagnostic
address or addresses to UDS. UDS takes the relevant address into account
for the data identifier and routine identifier name resolution.
The protocol is a continuation of the WOW protocol occuring between the
world server and the client (as opposed to the login server and the
client).
The first two opcodes are unencrypted and perform setup for the
encryption.
The encryption was setup in the WOW protocol through SRP6.
Using the session key for encryption like this is not part of the SRP6
protocol.
All other opcodes are encrypted using the session key, which will need
to be deduced first.
This patch adds support for LIN (Local Interconnect Network) as
well as support for:
- Signal PDUs on LIN
- ISO 15765 (ISO TP) on LIN
- TECMP transported LIN is handle like LIN
LIN is a simple automotive fieldbus to connect for example simple
sensors and actuators to an electronic control unit.
This big patch addresses the following items:
* implement the "message" virtual channel so that multi-transport and bandwidth
PDUs are dissected;
* prepare the identification of static channels to be able to dissect them later;
* fix the compression field in channelPDUHeader.channelFlags;
* implement the drdynvc channel dissector, so now we decode the traffic on this
channel and we're able to track data on dynamic channels and transition to UDP
transport
Added dissectors for RTPS Virtual Transport and RTPS Processed Protocols
RTI Connext DDS can capture RTPS-related traffic by using the Network Capture
Utility. The generated .pcap capture files will follow these protocols,
establishing a format for how information must be saved, and then
parsed. This will improve debuggability by including additional information
obtained from within Connext DDS.
RTPS-VT parses the information related to the transport. It then, calls
the RTPS-PROC dissector, which handles the rest: calling the RTPS
dissector when needed, and parsing additional information such as the
one related to security.
The BT LMP dissector calls btbredr_rf_add_esco_link and
btbredr_rf_remove_esco_link. Move their prototypes and required struct
definitions to a header file.
This patch adds a dissector for PDUs based on signals. On CAN,
FlexRay, etc. data is transported in PDUs that are based on
signals. These signals are typically an arbitrary number of bits.
This dissector allows:
- Parsing configured signals (shortened datatypes too)
- Scaling and moving signals values (compu scale)
- Naming signal values (compu consts)
- Filtering on the scaled and raw value
The dissector supports:
- Signal PDUs over CAN
- Signal PDUs over FlexRay
- Signal PDUs over SOME/IP
- Signal PDUs over PDU-Transport
The Linux kernel includes a module called psample which sends sampled
packets to user-space over generic netlink.
This patch adds a dissector for these netlink packets.
The dissector is expected to be invoked by the generic netlink dissector and
during its hand off routine it adds an entry in the 'genl.family' dissector
table.
The various netlink attributes are dissected by calling
dissect_netlink_attributes(), in a similar fashion to the rtnetlink and
net_dm dissectors. The sampled packet itself is encoded in the netlink
attribute 'PSAMPLE_ATTR_DATA' and dissected by invoking a dissector from the
'sll.ltype' dissector table based on the packet's protocol which is
encoded in the 'PSAMPLE_ATTR_PROTO' attribute.
Signed-off-by: Amit Cohen <amcohen@nvidia.com>
I believe this was the original intention, to use these API restricitons
with dissectors only (not that I necessarily agree with that policy either),
and through copy-paste and lack of clear guidelines it spread to other
parts of the build.
Rename the checkAPI groups to make it very clear that this is dissector-only.
This doesn't mean, of course, that good programming practices shouldn't be
followed everywhere. In particular assertions need to be used properly.
Don't use them to catch runtime errors or validate input data.
This commit will be followed by another removing the various ugly hacks
people have been using to get around the checkAPI hammer.