2002-07-31 19:27:57 +00:00
|
|
|
/* cosine.c
|
|
|
|
*
|
|
|
|
* CoSine IPNOS L2 debug output parsing
|
2011-04-18 02:16:36 +00:00
|
|
|
* Copyright (c) 2002 by Motonori Shindo <motonori@shin.do>
|
2002-07-31 19:27:57 +00:00
|
|
|
*
|
|
|
|
* Wiretap Library
|
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
2002-08-28 20:30:45 +00:00
|
|
|
*
|
2018-02-07 11:26:45 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
2002-07-31 19:27:57 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "config.h"
|
|
|
|
#include "wtap-int.h"
|
|
|
|
#include "cosine.h"
|
|
|
|
#include "file_wrappers.h"
|
|
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
IPNOS: CONFIG VPN(100) VR(1.1.1.1)# diags
|
|
|
|
ipnos diags: Control (1/0) :: layer-2 ?
|
|
|
|
Registered commands for area "layer-2"
|
|
|
|
apply-pkt-log-profile Configure packet logging on an interface
|
|
|
|
create-pkt-log-profile Set packet-log-profile to be used for packet logging (see layer-2 pkt-log)
|
|
|
|
detail Get Layer 2 low-level details
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
ipnos diags: Control (1/0) :: layer-2 create ?
|
2002-07-31 19:27:57 +00:00
|
|
|
create-pkt-log-profile <pkt-log-profile-id ctl-tx-trace-length ctl-rx-trace-length data-tx-trace-length data-rx-trace-length pe-logging-or-control-blade>
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
ipnos diags: Control (1/0) :: layer-2 create 1 32 32 0 0 0
|
|
|
|
ipnos diags: Control (1/0) :: layer-2 create 2 32 32 100 100 0
|
|
|
|
ipnos diags: Control (1/0) :: layer-2 apply ?
|
|
|
|
apply-pkt-log-profile <slot port channel subif pkt-log-profile-id>
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 1
|
|
|
|
Successfully applied packet-log-profile on LI
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
-- Note that only the control packets are logged because the data packet size parameters are 0 in profile 1
|
|
|
|
IPNOS: CONFIG VPN(200) VR(3.3.3.3)# ping 20.20.20.43
|
|
|
|
vpn 200 : [max tries 4, timeout 5 seconds, data length 64 bytes, ttl 255]
|
|
|
|
ping #1 ok, RTT 0.000 seconds
|
|
|
|
ping #2 ok, RTT 0.000 seconds
|
|
|
|
ping #3 ok, RTT 0.000 seconds
|
|
|
|
ping #4 ok, RTT 0.000 seconds
|
|
|
|
[finished]
|
2002-07-31 19:27:57 +00:00
|
|
|
|
|
|
|
IPNOS: CONFIG VPN(200) VR(3.3.3.3)# 2000-2-1,18:19:46.8: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
|
|
|
|
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
2000-2-1,18:19:46.8: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
|
|
|
|
|
|
|
|
2000-2-1,18:19:46.8: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
|
|
|
|
|
|
|
|
2000-2-1,18:19:46.8: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x8030000]
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 0
|
|
|
|
Successfully applied packet-log-profile on LI
|
|
|
|
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 2
|
|
|
|
Successfully applied packet-log-profile on LI
|
|
|
|
|
|
|
|
-- Note that both control and data packets are logged because the data packet size parameter is 100 in profile 2
|
2002-07-31 19:27:57 +00:00
|
|
|
Please ignore the event-log messages getting mixed up with the ping command
|
|
|
|
ping 20.20.20.43 cou2000-2-1,18:20:17.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
00 D0 D8 D2 FF 03 C0 21 09 29 00 08 6B 60 84 AA
|
|
|
|
|
|
|
|
2000-2-1,18:20:17.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
|
|
|
|
00 D0 D8 D2 FF 03 C0 21 09 29 00 08 6D FE FA AA
|
|
|
|
|
|
|
|
2000-2-1,18:20:17.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
|
|
|
|
00 D0 D8 D2 FF 03 C0 21 0A 29 00 08 6B 60 84 AA
|
|
|
|
|
|
|
|
2000-2-1,18:20:17.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x8030000]
|
|
|
|
00 D0 D8 D2 FF 03 C0 21 0A 29 00 08 6D FE FA AA
|
|
|
|
|
|
|
|
nt 1 length 500
|
|
|
|
vpn 200 : [max tries 1, timeout 5 seconds, data length 500 bytes, ttl 255]
|
|
|
|
2000-2-1,18:20:24.1: l2-tx (PPP:3/7/1:100), Length:536, Pro:1, Off:8, Pri:7, RM:0, Err:0 [0x4070, 0x801]
|
|
|
|
00 D0 D8 D2 FF 03 00 21 45 00 02 10 00 27 00 00
|
|
|
|
FF 01 69 51 14 14 14 22 14 14 14 2B 08 00 AD B8
|
|
|
|
00 03 00 01 10 11 12 13 14 15 16 17 18 19 1A 1B
|
|
|
|
1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B
|
|
|
|
2C 2D 2E 2F 30 31 32 33 34 35 36 37 38 39 3A 3B
|
|
|
|
3C 3D 3E 3F 40 41 42 43 44 45 46 47 48 49 4A 4B
|
|
|
|
4C 4D 4E 4F
|
|
|
|
|
|
|
|
ping #1 ok, RTT 0.010 seconds
|
|
|
|
2000-2-1,18:20:24.1: l2-rx (PPP:3/7/1:100), Length:536, Pro:1, Off:8, Pri:7, RM:0, Err:0 [0x4071, 0x30801]
|
|
|
|
00 D0 D8 D2 FF 03 00 21 45 00 02 10 00 23 00 00
|
|
|
|
FF 01 69 55 14 14 14 2B 14 14 14 22 00 00 B5 B8
|
|
|
|
00 03 00 01 10 11 12 13 14 15 16 17 18 19 1A 1B
|
|
|
|
1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B
|
|
|
|
2C 2D 2E 2F 30 31 32 33 34 35 36 37 38 39 3A 3B
|
|
|
|
3C 3D 3E 3F 40 41 42 43 44 45 46 47 48 49 4A 4B
|
|
|
|
4C 4D 4E 4F
|
|
|
|
|
|
|
|
[finished]
|
2002-07-31 19:27:57 +00:00
|
|
|
|
|
|
|
IPNOS: CONFIG VPN(200) VR(3.3.3.3)# 2000-2-1,18:20:27.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
00 D0 D8 D2 FF 03 C0 21 09 2A 00 08 6B 60 84 AA
|
|
|
|
|
|
|
|
2000-2-1,18:20:27.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
|
|
|
|
00 D0 D8 D2 FF 03 C0 21 09 2A 00 08 6D FE FA AA
|
|
|
|
|
|
|
|
2000-2-1,18:20:27.0: l2-tx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
|
|
|
|
00 D0 D8 D2 FF 03 C0 21 0A 2A 00 08 6B 60 84 AA
|
|
|
|
|
|
|
|
2000-2-1,18:20:27.0: l2-rx (PPP:3/7/1:100), Length:16, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4001, 0x30000]
|
|
|
|
00 D0 D8 D2 FF 03 C0 21 0A 2A 00 08 6D FE FA AA
|
|
|
|
|
|
|
|
|
|
|
|
ipnos diags: Control (1/0) :: layer-2 apply 3 0x0701 100 0 0
|
|
|
|
Successfully applied packet-log-profile on LI
|
|
|
|
ipnos diags: Control (1/0) ::
|
2002-07-31 19:27:57 +00:00
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* XXX TODO:
|
|
|
|
|
|
|
|
o Handle a case where an empty line doesn't exists as a delimiter of
|
|
|
|
each packet. If the output is sent to a control blade and
|
|
|
|
displayed as an event log, there's always an empty line between
|
|
|
|
each packet output, but it may not be true when it is an PE
|
|
|
|
output.
|
|
|
|
|
|
|
|
o Some telnet client on Windows may put in a line break at 80
|
|
|
|
columns when it save the session to a text file ("CRT" is such an
|
|
|
|
example). I don't think it's a good idea for the telnet client to
|
|
|
|
do so, but CRT is widely used in Windows community, I should
|
|
|
|
take care of that in the future.
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Magic text to check for CoSine L2 debug output */
|
|
|
|
#define COSINE_HDR_MAGIC_STR1 "l2-tx"
|
|
|
|
#define COSINE_HDR_MAGIC_STR2 "l2-rx"
|
|
|
|
|
|
|
|
/* Magic text for start of packet */
|
2002-08-28 20:30:45 +00:00
|
|
|
#define COSINE_REC_MAGIC_STR1 COSINE_HDR_MAGIC_STR1
|
2002-07-31 19:27:57 +00:00
|
|
|
#define COSINE_REC_MAGIC_STR2 COSINE_HDR_MAGIC_STR2
|
|
|
|
|
|
|
|
#define COSINE_HEADER_LINES_TO_CHECK 200
|
2014-10-07 05:01:12 +00:00
|
|
|
#define COSINE_LINE_LENGTH 240
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2004-01-24 16:48:12 +00:00
|
|
|
static gboolean empty_line(const gchar *line);
|
2014-05-09 05:18:49 +00:00
|
|
|
static gint64 cosine_seek_next_packet(wtap *wth, int *err, gchar **err_info,
|
2011-04-21 09:41:52 +00:00
|
|
|
char *hdr);
|
2014-05-09 05:18:49 +00:00
|
|
|
static gboolean cosine_check_file_type(wtap *wth, int *err, gchar **err_info);
|
2019-04-05 01:56:27 +00:00
|
|
|
static gboolean cosine_read(wtap *wth, wtap_rec *rec, Buffer *buf,
|
|
|
|
int *err, gchar **err_info, gint64 *data_offset);
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean cosine_seek_read(wtap *wth, gint64 seek_off,
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *rec, Buffer *buf, int *err, gchar **err_info);
|
|
|
|
static int parse_cosine_packet(FILE_T fh, wtap_rec *rec, Buffer* buf,
|
2016-04-29 22:46:58 +00:00
|
|
|
char *line, int *err, gchar **err_info);
|
2002-07-31 19:27:57 +00:00
|
|
|
static int parse_single_hex_dump_line(char* rec, guint8 *buf,
|
|
|
|
guint byte_offset);
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
/* Returns TRUE if the line appears to be an empty line. Otherwise it
|
2002-07-31 19:27:57 +00:00
|
|
|
returns FALSE. */
|
2004-01-24 16:48:12 +00:00
|
|
|
static gboolean empty_line(const gchar *line)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
|
|
|
while (*line) {
|
2014-10-17 20:37:11 +00:00
|
|
|
if (g_ascii_isspace(*line)) {
|
2002-07-31 19:27:57 +00:00
|
|
|
line++;
|
|
|
|
continue;
|
|
|
|
} else {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (*line == '\0')
|
|
|
|
return TRUE;
|
2002-08-28 20:30:45 +00:00
|
|
|
else
|
2002-07-31 19:27:57 +00:00
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Seeks to the beginning of the next packet, and returns the
|
2002-08-28 20:30:45 +00:00
|
|
|
byte offset. Copy the header line to hdr. Returns -1 on failure,
|
2012-12-27 22:59:39 +00:00
|
|
|
and sets "*err" to the error and sets "*err_info" to null or an
|
|
|
|
additional error string. */
|
2014-05-09 05:18:49 +00:00
|
|
|
static gint64 cosine_seek_next_packet(wtap *wth, int *err, gchar **err_info,
|
2011-04-21 09:41:52 +00:00
|
|
|
char *hdr)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
2006-11-05 22:46:44 +00:00
|
|
|
gint64 cur_off;
|
2002-07-31 19:27:57 +00:00
|
|
|
char buf[COSINE_LINE_LENGTH];
|
|
|
|
|
|
|
|
while (1) {
|
2014-05-09 05:18:49 +00:00
|
|
|
cur_off = file_tell(wth->fh);
|
2002-07-31 19:27:57 +00:00
|
|
|
if (cur_off == -1) {
|
|
|
|
/* Error */
|
2014-05-09 05:18:49 +00:00
|
|
|
*err = file_error(wth->fh, err_info);
|
2002-07-31 19:27:57 +00:00
|
|
|
return -1;
|
|
|
|
}
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_gets(buf, sizeof(buf), wth->fh) == NULL) {
|
|
|
|
*err = file_error(wth->fh, err_info);
|
2012-12-27 22:59:39 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if (strstr(buf, COSINE_REC_MAGIC_STR1) ||
|
|
|
|
strstr(buf, COSINE_REC_MAGIC_STR2)) {
|
|
|
|
g_strlcpy(hdr, buf, COSINE_LINE_LENGTH);
|
|
|
|
return cur_off;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Look through the first part of a file to see if this is
|
2002-08-28 20:30:45 +00:00
|
|
|
* a CoSine L2 debug output.
|
2002-07-31 19:27:57 +00:00
|
|
|
*
|
|
|
|
* Returns TRUE if it is, FALSE if it isn't or if we get an I/O error;
|
2011-04-21 09:41:52 +00:00
|
|
|
* if we get an I/O error, "*err" will be set to a non-zero value and
|
|
|
|
* "*err_info" will be set to null or an additional error string.
|
2002-07-31 19:27:57 +00:00
|
|
|
*/
|
2014-05-09 05:18:49 +00:00
|
|
|
static gboolean cosine_check_file_type(wtap *wth, int *err, gchar **err_info)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
|
|
|
char buf[COSINE_LINE_LENGTH];
|
2009-03-07 05:11:56 +00:00
|
|
|
gsize reclen;
|
|
|
|
guint line;
|
2002-07-31 19:27:57 +00:00
|
|
|
|
|
|
|
buf[COSINE_LINE_LENGTH-1] = '\0';
|
|
|
|
|
|
|
|
for (line = 0; line < COSINE_HEADER_LINES_TO_CHECK; line++) {
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_gets(buf, COSINE_LINE_LENGTH, wth->fh) == NULL) {
|
2002-07-31 19:27:57 +00:00
|
|
|
/* EOF or error. */
|
2014-05-09 05:18:49 +00:00
|
|
|
*err = file_error(wth->fh, err_info);
|
2002-07-31 19:27:57 +00:00
|
|
|
return FALSE;
|
|
|
|
}
|
Do not call wtap_file_read_unknown_bytes() or
wtap_file_read_expected_bytes() from an open routine - open routines are
supposed to return -1 on error, 0 if the file doesn't appear to be a
file of the specified type, or 1 if the file does appear to be a file of
the specified type, but those macros will cause the caller to return
FALSE on errors (so that, even if there's an I/O error, it reports "the
file isn't a file of the specified type" rather than "we got an error
trying to read the file").
When doing reads in an open routine before we've concluded that the file
is probably of the right type, return 0, rather than -1, if we get
WTAP_ERR_SHORT_READ - if we don't have enough data to check whether a
file is of a given type, we should keep trying other types, not give up.
For reads done *after* we've concluded the file is probably of the right
type, if a read doesn't return the number of bytes we asked for, but
returns an error of 0, return WTAP_ERR_SHORT_READ - the file is
apparently cut short.
For NetMon and NetXRay/Windows Sniffer files, use a #define for the
magic number size, and use that for both magic numbers.
svn path=/trunk/; revision=46803
2012-12-27 12:19:25 +00:00
|
|
|
|
|
|
|
reclen = strlen(buf);
|
2018-05-02 16:43:49 +00:00
|
|
|
if (reclen < MIN(strlen(COSINE_HDR_MAGIC_STR1), strlen(COSINE_HDR_MAGIC_STR2))) {
|
Do not call wtap_file_read_unknown_bytes() or
wtap_file_read_expected_bytes() from an open routine - open routines are
supposed to return -1 on error, 0 if the file doesn't appear to be a
file of the specified type, or 1 if the file does appear to be a file of
the specified type, but those macros will cause the caller to return
FALSE on errors (so that, even if there's an I/O error, it reports "the
file isn't a file of the specified type" rather than "we got an error
trying to read the file").
When doing reads in an open routine before we've concluded that the file
is probably of the right type, return 0, rather than -1, if we get
WTAP_ERR_SHORT_READ - if we don't have enough data to check whether a
file is of a given type, we should keep trying other types, not give up.
For reads done *after* we've concluded the file is probably of the right
type, if a read doesn't return the number of bytes we asked for, but
returns an error of 0, return WTAP_ERR_SHORT_READ - the file is
apparently cut short.
For NetMon and NetXRay/Windows Sniffer files, use a #define for the
magic number size, and use that for both magic numbers.
svn path=/trunk/; revision=46803
2012-12-27 12:19:25 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (strstr(buf, COSINE_HDR_MAGIC_STR1) ||
|
|
|
|
strstr(buf, COSINE_HDR_MAGIC_STR2)) {
|
|
|
|
return TRUE;
|
|
|
|
}
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
*err = 0;
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-10-09 23:44:15 +00:00
|
|
|
wtap_open_return_val cosine_open(wtap *wth, int *err, gchar **err_info)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
|
|
|
/* Look for CoSine header */
|
2014-05-09 05:18:49 +00:00
|
|
|
if (!cosine_check_file_type(wth, err, err_info)) {
|
Do not call wtap_file_read_unknown_bytes() or
wtap_file_read_expected_bytes() from an open routine - open routines are
supposed to return -1 on error, 0 if the file doesn't appear to be a
file of the specified type, or 1 if the file does appear to be a file of
the specified type, but those macros will cause the caller to return
FALSE on errors (so that, even if there's an I/O error, it reports "the
file isn't a file of the specified type" rather than "we got an error
trying to read the file").
When doing reads in an open routine before we've concluded that the file
is probably of the right type, return 0, rather than -1, if we get
WTAP_ERR_SHORT_READ - if we don't have enough data to check whether a
file is of a given type, we should keep trying other types, not give up.
For reads done *after* we've concluded the file is probably of the right
type, if a read doesn't return the number of bytes we asked for, but
returns an error of 0, return WTAP_ERR_SHORT_READ - the file is
apparently cut short.
For NetMon and NetXRay/Windows Sniffer files, use a #define for the
magic number size, and use that for both magic numbers.
svn path=/trunk/; revision=46803
2012-12-27 12:19:25 +00:00
|
|
|
if (*err != 0 && *err != WTAP_ERR_SHORT_READ)
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_ERROR;
|
|
|
|
return WTAP_OPEN_NOT_MINE;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_seek(wth->fh, 0L, SEEK_SET, err) == -1) /* rewind */
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_ERROR;
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
wth->file_encap = WTAP_ENCAP_COSINE;
|
|
|
|
wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_COSINE;
|
|
|
|
wth->snapshot_length = 0; /* not known */
|
|
|
|
wth->subtype_read = cosine_read;
|
|
|
|
wth->subtype_seek_read = cosine_seek_read;
|
2014-09-28 18:37:06 +00:00
|
|
|
wth->file_tsprec = WTAP_TSPREC_CSEC;
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_MINE;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
|
2005-04-03 11:00:49 +00:00
|
|
|
/* Find the next packet and parse it; called from wtap_read(). */
|
2019-04-05 01:56:27 +00:00
|
|
|
static gboolean cosine_read(wtap *wth, wtap_rec *rec, Buffer *buf,
|
|
|
|
int *err, gchar **err_info, gint64 *data_offset)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
2006-11-05 22:46:44 +00:00
|
|
|
gint64 offset;
|
2002-07-31 19:27:57 +00:00
|
|
|
char line[COSINE_LINE_LENGTH];
|
|
|
|
|
|
|
|
/* Find the next packet */
|
2014-05-09 05:18:49 +00:00
|
|
|
offset = cosine_seek_next_packet(wth, err, err_info, line);
|
2002-07-31 19:27:57 +00:00
|
|
|
if (offset < 0)
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2013-06-16 00:20:00 +00:00
|
|
|
*data_offset = offset;
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2016-04-29 22:46:58 +00:00
|
|
|
/* Parse the header and convert the ASCII hex dump to binary data */
|
2019-04-05 01:56:27 +00:00
|
|
|
return parse_cosine_packet(wth->fh, rec, buf, line, err, err_info);
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Used to read packets in random-access fashion */
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
cosine_seek_read(wtap *wth, gint64 seek_off, wtap_rec *rec,
|
2014-01-02 20:47:21 +00:00
|
|
|
Buffer *buf, int *err, gchar **err_info)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
|
|
|
char line[COSINE_LINE_LENGTH];
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
|
2002-07-31 19:27:57 +00:00
|
|
|
return FALSE;
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_gets(line, COSINE_LINE_LENGTH, wth->random_fh) == NULL) {
|
|
|
|
*err = file_error(wth->random_fh, err_info);
|
2002-07-31 19:27:57 +00:00
|
|
|
if (*err == 0) {
|
|
|
|
*err = WTAP_ERR_SHORT_READ;
|
|
|
|
}
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2016-04-29 22:46:58 +00:00
|
|
|
/* Parse the header and convert the ASCII hex dump to binary data */
|
2018-02-09 00:19:12 +00:00
|
|
|
return parse_cosine_packet(wth->random_fh, rec, buf, line, err,
|
2013-06-16 00:20:00 +00:00
|
|
|
err_info);
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Parses a packet record header. There are two possible formats:
|
|
|
|
1) output to a control blade with date and time
|
|
|
|
2002-5-10,20:1:31.4: l2-tx (FR:3/7/1:1), Length:18, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0]
|
|
|
|
2) output to PE without date and time
|
|
|
|
l2-tx (FR:3/7/1:1), Length:18, Pro:0, Off:0, Pri:0, RM:0, Err:0 [0x4000, 0x0] */
|
2016-04-29 22:46:58 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
parse_cosine_packet(FILE_T fh, wtap_rec *rec, Buffer *buf,
|
2016-04-29 22:46:58 +00:00
|
|
|
char *line, int *err, gchar **err_info)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
2018-02-09 00:19:12 +00:00
|
|
|
union wtap_pseudo_header *pseudo_header = &rec->rec_header.packet_header.pseudo_header;
|
2002-07-31 19:27:57 +00:00
|
|
|
int num_items_scanned;
|
2016-05-01 23:22:40 +00:00
|
|
|
int yy, mm, dd, hr, min, sec, csec, pkt_len;
|
2004-01-24 16:48:12 +00:00
|
|
|
int pro, off, pri, rm, error;
|
|
|
|
guint code1, code2;
|
2011-02-16 00:44:12 +00:00
|
|
|
char if_name[COSINE_MAX_IF_NAME_LEN] = "", direction[6] = "";
|
2002-07-31 19:27:57 +00:00
|
|
|
struct tm tm;
|
2016-04-29 22:46:58 +00:00
|
|
|
guint8 *pd;
|
|
|
|
int i, hex_lines, n, caplen = 0;
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2011-04-07 23:16:05 +00:00
|
|
|
if (sscanf(line, "%4d-%2d-%2d,%2d:%2d:%2d.%9d:",
|
2002-07-31 19:27:57 +00:00
|
|
|
&yy, &mm, &dd, &hr, &min, &sec, &csec) == 7) {
|
|
|
|
/* appears to be output to a control blade */
|
2002-08-28 20:30:45 +00:00
|
|
|
num_items_scanned = sscanf(line,
|
2016-05-01 23:22:40 +00:00
|
|
|
"%4d-%2d-%2d,%2d:%2d:%2d.%9d: %5s (%127[A-Za-z0-9/:]), Length:%9d, Pro:%9d, Off:%9d, Pri:%9d, RM:%9d, Err:%9d [%8x, %8x]",
|
2002-07-31 19:27:57 +00:00
|
|
|
&yy, &mm, &dd, &hr, &min, &sec, &csec,
|
2002-08-28 20:30:45 +00:00
|
|
|
direction, if_name, &pkt_len,
|
|
|
|
&pro, &off, &pri, &rm, &error,
|
2002-07-31 19:27:57 +00:00
|
|
|
&code1, &code2);
|
|
|
|
|
|
|
|
if (num_items_scanned != 17) {
|
2011-12-13 09:53:50 +00:00
|
|
|
*err = WTAP_ERR_BAD_FILE;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
*err_info = g_strdup("cosine: purported control blade line doesn't have code values");
|
2016-04-29 22:46:58 +00:00
|
|
|
return FALSE;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/* appears to be output to PE */
|
2002-08-28 20:30:45 +00:00
|
|
|
num_items_scanned = sscanf(line,
|
2016-05-01 23:22:40 +00:00
|
|
|
"%5s (%127[A-Za-z0-9/:]), Length:%9d, Pro:%9d, Off:%9d, Pri:%9d, RM:%9d, Err:%9d [%8x, %8x]",
|
2002-08-28 20:30:45 +00:00
|
|
|
direction, if_name, &pkt_len,
|
|
|
|
&pro, &off, &pri, &rm, &error,
|
2002-07-31 19:27:57 +00:00
|
|
|
&code1, &code2);
|
|
|
|
|
|
|
|
if (num_items_scanned != 10) {
|
2011-12-13 09:53:50 +00:00
|
|
|
*err = WTAP_ERR_BAD_FILE;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
*err_info = g_strdup("cosine: header line is neither control blade nor PE output");
|
2016-04-29 22:46:58 +00:00
|
|
|
return FALSE;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
yy = mm = dd = hr = min = sec = csec = 0;
|
|
|
|
}
|
2016-05-01 23:22:40 +00:00
|
|
|
if (pkt_len < 0) {
|
|
|
|
*err = WTAP_ERR_BAD_FILE;
|
|
|
|
*err_info = g_strdup("cosine: packet header has a negative packet length");
|
|
|
|
return FALSE;
|
|
|
|
}
|
Allow bigger snapshot lengths for D-Bus captures.
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-05 01:58:40 +00:00
|
|
|
if (pkt_len > WTAP_MAX_PACKET_SIZE_STANDARD) {
|
2016-04-29 22:46:58 +00:00
|
|
|
/*
|
|
|
|
* Probably a corrupt capture file; don't blow up trying
|
|
|
|
* to allocate space for an immensely-large packet.
|
|
|
|
*/
|
|
|
|
*err = WTAP_ERR_BAD_FILE;
|
|
|
|
*err_info = g_strdup_printf("cosine: File has %u-byte packet, bigger than maximum of %u",
|
Allow bigger snapshot lengths for D-Bus captures.
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-05 01:58:40 +00:00
|
|
|
pkt_len, WTAP_MAX_PACKET_SIZE_STANDARD);
|
2016-04-29 22:46:58 +00:00
|
|
|
return FALSE;
|
|
|
|
}
|
2002-07-31 19:27:57 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_type = REC_TYPE_PACKET;
|
|
|
|
rec->presence_flags = WTAP_HAS_TS|WTAP_HAS_CAP_LEN;
|
2013-05-16 23:34:12 +00:00
|
|
|
tm.tm_year = yy - 1900;
|
|
|
|
tm.tm_mon = mm - 1;
|
|
|
|
tm.tm_mday = dd;
|
|
|
|
tm.tm_hour = hr;
|
|
|
|
tm.tm_min = min;
|
|
|
|
tm.tm_sec = sec;
|
|
|
|
tm.tm_isdst = -1;
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->ts.secs = mktime(&tm);
|
|
|
|
rec->ts.nsecs = csec * 10000000;
|
|
|
|
rec->rec_header.packet_header.len = pkt_len;
|
2013-05-16 23:34:12 +00:00
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
/* XXX need to handle other encapsulations like Cisco HDLC,
|
2002-07-31 19:27:57 +00:00
|
|
|
Frame Relay and ATM */
|
|
|
|
if (strncmp(if_name, "TEST:", 5) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_TEST;
|
|
|
|
} else if (strncmp(if_name, "PPoATM:", 7) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_PPoATM;
|
|
|
|
} else if (strncmp(if_name, "PPoFR:", 6) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_PPoFR;
|
|
|
|
} else if (strncmp(if_name, "ATM:", 4) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_ATM;
|
|
|
|
} else if (strncmp(if_name, "FR:", 3) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_FR;
|
|
|
|
} else if (strncmp(if_name, "HDLC:", 5) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_HDLC;
|
|
|
|
} else if (strncmp(if_name, "PPP:", 4) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_PPP;
|
|
|
|
} else if (strncmp(if_name, "ETH:", 4) == 0) {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_ETH;
|
|
|
|
} else {
|
|
|
|
pseudo_header->cosine.encap = COSINE_ENCAP_UNKNOWN;
|
|
|
|
}
|
|
|
|
if (strncmp(direction, "l2-tx", 5) == 0) {
|
|
|
|
pseudo_header->cosine.direction = COSINE_DIR_TX;
|
|
|
|
} else if (strncmp(direction, "l2-rx", 5) == 0) {
|
|
|
|
pseudo_header->cosine.direction = COSINE_DIR_RX;
|
2002-08-28 20:30:45 +00:00
|
|
|
}
|
2008-05-08 05:16:33 +00:00
|
|
|
g_strlcpy(pseudo_header->cosine.if_name, if_name,
|
|
|
|
COSINE_MAX_IF_NAME_LEN);
|
2002-07-31 19:27:57 +00:00
|
|
|
pseudo_header->cosine.pro = pro;
|
|
|
|
pseudo_header->cosine.off = off;
|
|
|
|
pseudo_header->cosine.pri = pri;
|
|
|
|
pseudo_header->cosine.rm = rm;
|
|
|
|
pseudo_header->cosine.err = error;
|
|
|
|
|
2013-06-16 00:20:00 +00:00
|
|
|
/* Make sure we have enough room for the packet */
|
2016-04-29 22:46:58 +00:00
|
|
|
ws_buffer_assure_space(buf, pkt_len);
|
2014-08-02 11:00:48 +00:00
|
|
|
pd = ws_buffer_start_ptr(buf);
|
2013-06-16 00:20:00 +00:00
|
|
|
|
2002-07-31 19:27:57 +00:00
|
|
|
/* Calculate the number of hex dump lines, each
|
|
|
|
* containing 16 bytes of data */
|
|
|
|
hex_lines = pkt_len / 16 + ((pkt_len % 16) ? 1 : 0);
|
|
|
|
|
|
|
|
for (i = 0; i < hex_lines; i++) {
|
|
|
|
if (file_gets(line, COSINE_LINE_LENGTH, fh) == NULL) {
|
2011-04-21 09:41:52 +00:00
|
|
|
*err = file_error(fh, err_info);
|
2002-07-31 19:27:57 +00:00
|
|
|
if (*err == 0) {
|
|
|
|
*err = WTAP_ERR_SHORT_READ;
|
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
if (empty_line(line)) {
|
|
|
|
break;
|
|
|
|
}
|
2013-06-16 00:20:00 +00:00
|
|
|
if ((n = parse_single_hex_dump_line(line, pd, i*16)) == -1) {
|
2011-12-13 09:53:50 +00:00
|
|
|
*err = WTAP_ERR_BAD_FILE;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
*err_info = g_strdup("cosine: hex dump line doesn't have 16 numbers");
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
caplen += n;
|
|
|
|
}
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_header.packet_header.caplen = caplen;
|
2014-05-23 10:50:02 +00:00
|
|
|
return TRUE;
|
2002-07-31 19:27:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Take a string representing one line from a hex dump and converts
|
|
|
|
* the text to binary data. We place the bytes in the buffer at the
|
|
|
|
* specified offset.
|
|
|
|
*
|
|
|
|
* Returns number of bytes successfully read, -1 if bad. */
|
|
|
|
static int
|
2002-08-28 20:30:45 +00:00
|
|
|
parse_single_hex_dump_line(char* rec, guint8 *buf, guint byte_offset)
|
2002-07-31 19:27:57 +00:00
|
|
|
{
|
|
|
|
int num_items_scanned, i;
|
|
|
|
unsigned int bytes[16];
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
num_items_scanned = sscanf(rec, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
|
|
|
|
&bytes[0], &bytes[1], &bytes[2], &bytes[3],
|
2002-07-31 19:27:57 +00:00
|
|
|
&bytes[4], &bytes[5], &bytes[6], &bytes[7],
|
2002-08-28 20:30:45 +00:00
|
|
|
&bytes[8], &bytes[9], &bytes[10], &bytes[11],
|
2002-07-31 19:27:57 +00:00
|
|
|
&bytes[12], &bytes[13], &bytes[14], &bytes[15]);
|
|
|
|
if (num_items_scanned == 0)
|
|
|
|
return -1;
|
|
|
|
|
2002-08-28 20:30:45 +00:00
|
|
|
if (num_items_scanned > 16)
|
2002-07-31 19:27:57 +00:00
|
|
|
num_items_scanned = 16;
|
|
|
|
|
|
|
|
for (i=0; i<num_items_scanned; i++) {
|
|
|
|
buf[byte_offset + i] = (guint8)bytes[i];
|
|
|
|
}
|
|
|
|
|
|
|
|
return num_items_scanned;
|
|
|
|
}
|
2015-01-02 00:45:22 +00:00
|
|
|
|
|
|
|
/*
|
2019-07-26 18:43:17 +00:00
|
|
|
* Editor modelines - https://www.wireshark.org/tools/modelines.html
|
2015-01-02 00:45:22 +00:00
|
|
|
*
|
|
|
|
* Local variables:
|
|
|
|
* c-basic-offset: 8
|
|
|
|
* tab-width: 8
|
|
|
|
* indent-tabs-mode: t
|
|
|
|
* End:
|
|
|
|
*
|
|
|
|
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
|
|
|
|
* :indentSize=8:tabSize=8:noTabs=false:
|
|
|
|
*/
|