1998-09-16 02:39:15 +00:00
|
|
|
/* ethertype.c
|
|
|
|
* Routines for calling the right protocol for the ethertype.
|
|
|
|
*
|
2000-08-09 22:10:23 +00:00
|
|
|
* $Id: packet-ethertype.c,v 1.7 2000/08/09 22:10:23 deniel Exp $
|
1998-09-16 03:22:19 +00:00
|
|
|
*
|
2000-01-22 06:22:44 +00:00
|
|
|
* Gilbert Ramirez <gram@xiexie.org>
|
1998-09-16 02:39:15 +00:00
|
|
|
*
|
|
|
|
* Ethereal - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@zing.org>
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
# include "config.h"
|
|
|
|
#endif
|
|
|
|
|
1998-10-10 03:32:20 +00:00
|
|
|
#ifdef HAVE_SYS_TYPES_H
|
|
|
|
# include <sys/types.h>
|
|
|
|
#endif
|
|
|
|
|
1999-03-23 03:14:46 +00:00
|
|
|
#include <glib.h>
|
1998-09-27 22:12:47 +00:00
|
|
|
#include "packet.h"
|
2000-04-13 19:38:55 +00:00
|
|
|
#include "packet-ip.h"
|
|
|
|
#include "packet-ipx.h"
|
|
|
|
#include "packet-vlan.h"
|
|
|
|
#include "packet-vines.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
#include "etypes.h"
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
|
|
|
|
static dissector_table_t ethertype_dissector_table;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1999-07-07 22:52:57 +00:00
|
|
|
const value_string etype_vals[] = {
|
2000-08-09 22:10:23 +00:00
|
|
|
{ETHERTYPE_IP, "IP" },
|
|
|
|
{ETHERTYPE_IPv6, "IPv6" },
|
|
|
|
{ETHERTYPE_X25L3, "X.25 Layer 3" },
|
|
|
|
{ETHERTYPE_ARP, "ARP" },
|
|
|
|
{ETHERTYPE_REVARP, "RARP" },
|
|
|
|
{ETHERTYPE_DEC_LB, "DEC LanBridge" },
|
|
|
|
{ETHERTYPE_ATALK, "Appletalk" },
|
|
|
|
{ETHERTYPE_AARP, "AARP" },
|
|
|
|
{ETHERTYPE_IPX, "Netware IPX/SPX" },
|
|
|
|
{ETHERTYPE_VINES, "Vines" },
|
|
|
|
{ETHERTYPE_TRAIN, "Netmon Train" },
|
|
|
|
{ETHERTYPE_LOOP, "Loopback" }, /* Ethernet Loopback */
|
|
|
|
{ETHERTYPE_PPPOED, "PPPoE Discovery" },
|
|
|
|
{ETHERTYPE_PPPOES, "PPPoE Session" },
|
|
|
|
{ETHERTYPE_VLAN, "802.1Q Virtual LAN" },
|
|
|
|
{ETHERTYPE_MPLS, "MPLS label switched packet" },
|
|
|
|
{ETHERTYPE_MPLS_MULTI, "MPLS multicast label switched packet" },
|
|
|
|
{ETHERTYPE_3C_NBP_DGRAM, "3Com NBP Datagram" },
|
|
|
|
{ETHERTYPE_DEC, "DEC proto" },
|
|
|
|
{ETHERTYPE_DNA_DL, "DEC DNA Dump/Load" },
|
|
|
|
{ETHERTYPE_DNA_RC, "DEC DNA Remote Console" },
|
|
|
|
{ETHERTYPE_DNA_RT, "DEC DNA Routing" },
|
|
|
|
{ETHERTYPE_LAT, "DEC LAT" },
|
|
|
|
{ETHERTYPE_DEC_DIAG, "DEC Diagnostics" },
|
|
|
|
{ETHERTYPE_DEC_CUST, "DEC Customer use" },
|
|
|
|
{ETHERTYPE_DEC_SCA, "DEC LAVC/SCA" },
|
|
|
|
{0, NULL } };
|
1998-11-03 07:45:10 +00:00
|
|
|
|
1999-02-09 00:35:38 +00:00
|
|
|
void
|
|
|
|
capture_ethertype(guint16 etype, int offset,
|
2000-01-23 08:55:37 +00:00
|
|
|
const u_char *pd, packet_counts *ld)
|
1999-02-09 00:35:38 +00:00
|
|
|
{
|
|
|
|
switch (etype) {
|
|
|
|
case ETHERTYPE_IP:
|
2000-01-23 08:55:37 +00:00
|
|
|
capture_ip(pd, offset, ld);
|
1999-02-09 00:35:38 +00:00
|
|
|
break;
|
1999-11-30 23:56:37 +00:00
|
|
|
case ETHERTYPE_IPX:
|
2000-01-23 08:55:37 +00:00
|
|
|
capture_ipx(pd, offset, ld);
|
1999-11-30 23:56:37 +00:00
|
|
|
break;
|
1999-12-05 20:05:45 +00:00
|
|
|
case ETHERTYPE_VLAN:
|
2000-01-23 08:55:37 +00:00
|
|
|
capture_vlan(pd, offset, ld);
|
1999-12-05 20:05:45 +00:00
|
|
|
break;
|
2000-01-20 21:34:16 +00:00
|
|
|
case ETHERTYPE_VINES:
|
2000-01-23 08:55:37 +00:00
|
|
|
capture_vines(pd, offset, ld);
|
2000-01-20 21:34:16 +00:00
|
|
|
break;
|
1999-02-09 00:35:38 +00:00
|
|
|
default:
|
|
|
|
ld->other++;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
void
|
2000-05-19 04:54:36 +00:00
|
|
|
ethertype(guint16 etype, tvbuff_t *tvb, int offset_after_etype, packet_info *pinfo,
|
|
|
|
proto_tree *tree, proto_tree *fh_tree, int item_id)
|
1998-09-16 02:39:15 +00:00
|
|
|
{
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
char *description;
|
2000-05-19 04:54:36 +00:00
|
|
|
tvbuff_t *next_tvb;
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
|
|
|
|
/* Add to proto_tree */
|
|
|
|
if (tree) {
|
2000-05-31 05:09:07 +00:00
|
|
|
proto_tree_add_uint(fh_tree, item_id, tvb, offset_after_etype - 2, 2, etype);
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
}
|
|
|
|
|
2000-05-19 04:54:36 +00:00
|
|
|
next_tvb = tvb_new_subset(tvb, offset_after_etype, -1, -1);
|
|
|
|
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
/* Look for sub-dissector */
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
if (!dissector_try_port(ethertype_dissector_table, etype,
|
|
|
|
next_tvb, pinfo, tree)) {
|
|
|
|
/* No sub-dissector found.
|
|
|
|
Label rest of packet as "Data" */
|
|
|
|
dissect_data(next_tvb, pinfo, tree);
|
1999-06-22 22:02:39 +00:00
|
|
|
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
/* Label protocol */
|
|
|
|
switch(etype) {
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
|
|
|
|
case ETHERTYPE_LOOP:
|
|
|
|
if (check_col(pinfo->fd, COL_PROTOCOL)) {
|
|
|
|
col_add_fstr(pinfo->fd, COL_PROTOCOL, "LOOP");
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
if (check_col(pinfo->fd, COL_PROTOCOL)) {
|
|
|
|
col_add_fstr(pinfo->fd, COL_PROTOCOL, "0x%04x", etype);
|
|
|
|
}
|
|
|
|
break;
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
}
|
2000-05-19 04:54:36 +00:00
|
|
|
if (check_col(pinfo->fd, COL_INFO)) {
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
description = match_strval(etype, etype_vals);
|
|
|
|
if (description) {
|
2000-05-19 04:54:36 +00:00
|
|
|
col_add_fstr(pinfo->fd, COL_INFO, "%s", description);
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
1999-06-22 22:02:39 +00:00
|
|
|
|
|
|
|
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
void
|
|
|
|
proto_register_ethertype(void)
|
|
|
|
{
|
|
|
|
/* subdissector code */
|
|
|
|
ethertype_dissector_table = register_dissector_table("ethertype");
|
|
|
|
}
|