osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

From Mark C. Brown: 

HP-UX 11.31 will add a new nettl trace subsystem, NS_LS_TELNET (ID=267).
NS_LS_TELNET is just raw telnet data.  There is no layer 2/3/4 headers, so
there's just the HP-UX nettl record header followed directly by the TCP payload
for a telnet connection.  Thus the need for a new wiretap encapsulation type...

svn path=/trunk/; revision=20253
This commit is contained in:
Jaap Keuter 2007-01-01 14:48:18 +00:00
parent 33310e87b6
commit 224a21ecfe
5 changed files with 75 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
epan/dissectors/packet-nettl.c
View File

@ -24,7 +24,7 @@
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/ */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
@ -38,7 +38,7 @@
#include <epan/ipproto.h> #include <epan/ipproto.h>
#include <wiretap/nettl.h> #include <wiretap/nettl.h>
/* Initialise the protocol and registered fields */ /* Initialize the protocol and registered fields */
static int proto_nettl = -1; static int proto_nettl = -1;
@ -55,8 +55,11 @@ static dissector_handle_t x25_handle;
static dissector_handle_t data_handle; static dissector_handle_t data_handle;
static dissector_table_t wtap_dissector_table; static dissector_table_t wtap_dissector_table;
static dissector_table_t ip_proto_dissector_table; static dissector_table_t ip_proto_dissector_table;
static dissector_table_t tcp_subdissector_table;
/* Initialise the subtree pointers */ #define TCP_PORT_TELNET 23
/* Initialize the subtree pointers */
static gint ett_nettl = -1; static gint ett_nettl = -1;
@ -161,6 +164,7 @@ static const value_string subsystem[] = {
{ 252, "IGELAN" }, { 252, "IGELAN" },
{ 253, "IETHER" }, { 253, "IETHER" },
{ 265, "IXGBE" }, { 265, "IXGBE" },
{ 267, "NS_LS_TELNET" },
{ 513, "KL_VM" }, { 513, "KL_VM" },
{ 514, "KL_PKM" }, { 514, "KL_PKM" },
{ 515, "KL_DLKM" }, { 515, "KL_DLKM" },
@ -256,6 +260,11 @@ dissect_nettl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
else else
call_dissector(x25_handle, tvb, pinfo, tree); call_dissector(x25_handle, tvb, pinfo, tree);
break; break;
case WTAP_ENCAP_NETTL_RAW_TELNET:
if (!dissector_try_port(tcp_subdissector_table,
TCP_PORT_TELNET, tvb, pinfo, tree))
call_dissector(data_handle, tvb, pinfo, tree);
break;
default: default:
if (check_col(pinfo->cinfo, COL_PROTOCOL)) if (check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN"); col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN");
@ -296,14 +305,14 @@ proto_register_nettl(void)
{ &hf_nettl_uid, { &hf_nettl_uid,
{ "User ID (uid)", "nettl.uid", FT_UINT16, BASE_DEC, NULL, 0x0, { "User ID (uid)", "nettl.uid", FT_UINT16, BASE_DEC, NULL, 0x0,
"HP-UX User ID", HFILL}}, "HP-UX User ID", HFILL}}
}; };
/* Setup protocol subtree array */ /* Setup protocol subtree array */
static gint *ett[] = { static gint *ett[] = {
&ett_nettl, &ett_nettl
}; };
/* Register the protocol name and description */ /* Register the protocol name and description */
@ -323,10 +332,9 @@ proto_reg_handoff_nettl(void)
{ {
dissector_handle_t nettl_handle; dissector_handle_t nettl_handle;
/* /*
* Get handles for the Ethernet, Token Ring, FDDI, and RAW dissectors. * Get handles for the Ethernet, Token Ring, FDDI, and RAW dissectors.
*/ */
eth_withoutfcs_handle = find_dissector("eth_withoutfcs"); eth_withoutfcs_handle = find_dissector("eth_withoutfcs");
tr_handle = find_dissector("tr"); tr_handle = find_dissector("tr");
lapb_handle = find_dissector("lapb"); lapb_handle = find_dissector("lapb");
@ -334,6 +342,7 @@ proto_reg_handoff_nettl(void)
data_handle = find_dissector("data"); data_handle = find_dissector("data");
wtap_dissector_table = find_dissector_table("wtap_encap"); wtap_dissector_table = find_dissector_table("wtap_encap");
ip_proto_dissector_table = find_dissector_table("ip.proto"); ip_proto_dissector_table = find_dissector_table("ip.proto");
tcp_subdissector_table = find_dissector_table("tcp.port");
nettl_handle = create_dissector_handle(dissect_nettl, proto_nettl); nettl_handle = create_dissector_handle(dissect_nettl, proto_nettl);
dissector_add("wtap_encap", WTAP_ENCAP_NETTL_ETHERNET, nettl_handle); dissector_add("wtap_encap", WTAP_ENCAP_NETTL_ETHERNET, nettl_handle);
@ -342,6 +351,7 @@ proto_reg_handoff_nettl(void)
dissector_add("wtap_encap", WTAP_ENCAP_NETTL_RAW_IP, nettl_handle); dissector_add("wtap_encap", WTAP_ENCAP_NETTL_RAW_IP, nettl_handle);
dissector_add("wtap_encap", WTAP_ENCAP_NETTL_RAW_ICMP, nettl_handle); dissector_add("wtap_encap", WTAP_ENCAP_NETTL_RAW_ICMP, nettl_handle);
dissector_add("wtap_encap", WTAP_ENCAP_NETTL_RAW_ICMPV6, nettl_handle); dissector_add("wtap_encap", WTAP_ENCAP_NETTL_RAW_ICMPV6, nettl_handle);
dissector_add("wtap_encap", WTAP_ENCAP_NETTL_RAW_TELNET, nettl_handle);
dissector_add("wtap_encap", WTAP_ENCAP_NETTL_X25, nettl_handle); dissector_add("wtap_encap", WTAP_ENCAP_NETTL_X25, nettl_handle);
dissector_add("wtap_encap", WTAP_ENCAP_NETTL_UNKNOWN, nettl_handle); dissector_add("wtap_encap", WTAP_ENCAP_NETTL_UNKNOWN, nettl_handle);
} }

80
wiretap/nettl.c
View File

@ -20,7 +20,7 @@
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/ */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
@ -268,11 +268,14 @@ int nettl_open(wtap *wth, int *err, gchar **err_info _U_)
wth->file_encap = WTAP_ENCAP_NETTL_RAW_ICMP; wth->file_encap = WTAP_ENCAP_NETTL_RAW_ICMP;
break; break;
case NETTL_SUBSYS_NS_LS_ICMPV6 : case NETTL_SUBSYS_NS_LS_ICMPV6 :
wth->file_encap = WTAP_ENCAP_NETTL_RAW_ICMPV6; wth->file_encap = WTAP_ENCAP_NETTL_RAW_ICMPV6;
break; break;
default: case NETTL_SUBSYS_NS_LS_TELNET :
/* If this assumption is bad, the read will catch it */ wth->file_encap = WTAP_ENCAP_NETTL_RAW_TELNET;
wth->file_encap = WTAP_ENCAP_NETTL_ETHERNET; break;
default:
/* If this assumption is bad, the read will catch it */
wth->file_encap = WTAP_ENCAP_NETTL_ETHERNET;
} }
if (file_seek(wth->fh, FILE_HDR_SIZE, SEEK_SET, err) == -1) { if (file_seek(wth->fh, FILE_HDR_SIZE, SEEK_SET, err) == -1) {
@ -433,22 +436,25 @@ nettl_read_rec_header(wtap *wth, FILE_T fh, struct wtap_pkthdr *phdr,
case NETTL_SUBSYS_NS_LS_UDP : case NETTL_SUBSYS_NS_LS_UDP :
case NETTL_SUBSYS_HP_APAPORT : case NETTL_SUBSYS_HP_APAPORT :
case NETTL_SUBSYS_HP_APALACP : case NETTL_SUBSYS_HP_APALACP :
case NETTL_SUBSYS_NS_LS_IPV6 : case NETTL_SUBSYS_NS_LS_IPV6 :
case NETTL_SUBSYS_NS_LS_ICMPV6 : case NETTL_SUBSYS_NS_LS_ICMPV6 :
case NETTL_SUBSYS_NS_LS_ICMP : case NETTL_SUBSYS_NS_LS_ICMP :
if( (subsys == NETTL_SUBSYS_NS_LS_IP) case NETTL_SUBSYS_NS_LS_TELNET :
|| (subsys == NETTL_SUBSYS_NS_LS_LOOPBACK) if( (subsys == NETTL_SUBSYS_NS_LS_IP)
|| (subsys == NETTL_SUBSYS_NS_LS_UDP) || (subsys == NETTL_SUBSYS_NS_LS_LOOPBACK)
|| (subsys == NETTL_SUBSYS_NS_LS_UDP)
|| (subsys == NETTL_SUBSYS_NS_LS_TCP) || (subsys == NETTL_SUBSYS_NS_LS_TCP)
|| (subsys == NETTL_SUBSYS_NS_LS_IPV6)) { || (subsys == NETTL_SUBSYS_NS_LS_IPV6)) {
phdr->pkt_encap = WTAP_ENCAP_NETTL_RAW_IP; phdr->pkt_encap = WTAP_ENCAP_NETTL_RAW_IP;
} else if (subsys == NETTL_SUBSYS_NS_LS_ICMP) { } else if (subsys == NETTL_SUBSYS_NS_LS_ICMP) {
phdr->pkt_encap = WTAP_ENCAP_NETTL_RAW_ICMP; phdr->pkt_encap = WTAP_ENCAP_NETTL_RAW_ICMP;
} else if (subsys == NETTL_SUBSYS_NS_LS_ICMPV6) { } else if (subsys == NETTL_SUBSYS_NS_LS_ICMPV6) {
phdr->pkt_encap = WTAP_ENCAP_NETTL_RAW_ICMPV6; phdr->pkt_encap = WTAP_ENCAP_NETTL_RAW_ICMPV6;
} else if( (subsys == NETTL_SUBSYS_HPPB_FDDI) } else if (subsys == NETTL_SUBSYS_NS_LS_TELNET) {
|| (subsys == NETTL_SUBSYS_EISA_FDDI) phdr->pkt_encap = WTAP_ENCAP_NETTL_RAW_TELNET;
|| (subsys == NETTL_SUBSYS_PCI_FDDI) } else if( (subsys == NETTL_SUBSYS_HPPB_FDDI)
|| (subsys == NETTL_SUBSYS_EISA_FDDI)
|| (subsys == NETTL_SUBSYS_PCI_FDDI)
|| (subsys == NETTL_SUBSYS_HSC_FDDI) ) { || (subsys == NETTL_SUBSYS_HSC_FDDI) ) {
phdr->pkt_encap = WTAP_ENCAP_NETTL_FDDI; phdr->pkt_encap = WTAP_ENCAP_NETTL_FDDI;
} else if( (subsys == NETTL_SUBSYS_PCI_TR) } else if( (subsys == NETTL_SUBSYS_PCI_TR)
@ -574,17 +580,17 @@ nettl_read_rec_header(wtap *wth, FILE_T fh, struct wtap_pkthdr *phdr,
} }
if (length < padlen) { if (length < padlen) {
*err = WTAP_ERR_BAD_RECORD; *err = WTAP_ERR_BAD_RECORD;
*err_info = g_strdup_printf("nettl: packet length %u in record header too short, less than %u", *err_info = g_strdup_printf("nettl: packet length %u in record header too short, less than %u",
length, padlen); length, padlen);
return -1; return -1;
} }
phdr->len = length - padlen; phdr->len = length - padlen;
if (caplen < padlen) { if (caplen < padlen) {
*err = WTAP_ERR_BAD_RECORD; *err = WTAP_ERR_BAD_RECORD;
*err_info = g_strdup_printf("nettl: captured length %u in record header too short, less than %u", *err_info = g_strdup_printf("nettl: captured length %u in record header too short, less than %u",
caplen, padlen); caplen, padlen);
return -1; return -1;
} }
phdr->caplen = caplen - padlen; phdr->caplen = caplen - padlen;
phdr->ts.secs = pntohl(&rec_hdr.sec); phdr->ts.secs = pntohl(&rec_hdr.sec);
@ -659,11 +665,12 @@ int nettl_dump_can_write_encap(int encap)
case WTAP_ENCAP_NETTL_ETHERNET: case WTAP_ENCAP_NETTL_ETHERNET:
case WTAP_ENCAP_NETTL_FDDI: case WTAP_ENCAP_NETTL_FDDI:
case WTAP_ENCAP_NETTL_TOKEN_RING: case WTAP_ENCAP_NETTL_TOKEN_RING:
case WTAP_ENCAP_NETTL_RAW_IP: case WTAP_ENCAP_NETTL_RAW_IP:
case WTAP_ENCAP_NETTL_RAW_ICMP: case WTAP_ENCAP_NETTL_RAW_ICMP:
case WTAP_ENCAP_NETTL_RAW_ICMPV6: case WTAP_ENCAP_NETTL_RAW_ICMPV6:
case WTAP_ENCAP_NETTL_RAW_TELNET:
/* /*
case WTAP_ENCAP_NETTL_X25: case WTAP_ENCAP_NETTL_X25:
*/ */
case WTAP_ENCAP_PER_PACKET: case WTAP_ENCAP_PER_PACKET:
case WTAP_ENCAP_UNKNOWN: case WTAP_ENCAP_UNKNOWN:
@ -741,12 +748,13 @@ static gboolean nettl_dump(wtap_dumper *wdh,
/* fall through and fill the rest of the fields */ /* fall through and fill the rest of the fields */
case WTAP_ENCAP_NETTL_ETHERNET: case WTAP_ENCAP_NETTL_ETHERNET:
case WTAP_ENCAP_NETTL_TOKEN_RING: case WTAP_ENCAP_NETTL_TOKEN_RING:
case WTAP_ENCAP_NETTL_RAW_IP: case WTAP_ENCAP_NETTL_RAW_IP:
case WTAP_ENCAP_NETTL_RAW_ICMP: case WTAP_ENCAP_NETTL_RAW_ICMP:
case WTAP_ENCAP_NETTL_RAW_ICMPV6: case WTAP_ENCAP_NETTL_RAW_ICMPV6:
case WTAP_ENCAP_NETTL_UNKNOWN: case WTAP_ENCAP_NETTL_RAW_TELNET:
rec_hdr.subsys = g_htons(pseudo_header->nettl.subsys); case WTAP_ENCAP_NETTL_UNKNOWN:
rec_hdr.devid = g_htonl(pseudo_header->nettl.devid); rec_hdr.subsys = g_htons(pseudo_header->nettl.subsys);
rec_hdr.devid = g_htonl(pseudo_header->nettl.devid);
rec_hdr.kind = g_htonl(pseudo_header->nettl.kind); rec_hdr.kind = g_htonl(pseudo_header->nettl.kind);
rec_hdr.pid = g_htonl(pseudo_header->nettl.pid); rec_hdr.pid = g_htonl(pseudo_header->nettl.pid);
rec_hdr.uid = g_htons(pseudo_header->nettl.uid); rec_hdr.uid = g_htons(pseudo_header->nettl.uid);

4
wiretap/nettl.h
View File

@ -20,8 +20,7 @@
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
*/ */
#ifndef __NETTL_H__ #ifndef __NETTL_H__
@ -76,6 +75,7 @@
#define NETTL_SUBSYS_HP_APALACP 190 #define NETTL_SUBSYS_HP_APALACP 190
#define NETTL_SUBSYS_NS_LS_IPV6 244 #define NETTL_SUBSYS_NS_LS_IPV6 244
#define NETTL_SUBSYS_NS_LS_ICMPV6 245 #define NETTL_SUBSYS_NS_LS_ICMPV6 245
#define NETTL_SUBSYS_NS_LS_TELNET 267
/* Ethernet cards */ /* Ethernet cards */
#define NETTL_SUBSYS_100VG 37 #define NETTL_SUBSYS_100VG 37

7
wiretap/wtap.c
View File

@ -17,7 +17,7 @@
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/ */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
@ -369,6 +369,9 @@ static const struct encap_type_info {
/* WTAP_ENCAP_IEEE802_16_MAC_CPS */ /* WTAP_ENCAP_IEEE802_16_MAC_CPS */
{ "IEEE 802.16 MAC Common Part Sublayer", "ieee-802-16-mac-cps" }, { "IEEE 802.16 MAC Common Part Sublayer", "ieee-802-16-mac-cps" },
/* WTAP_ENCAP_NETTL_RAW_TELNET */
{ "Raw telnet with nettl headers", "raw-telnet-nettl" }
}; };
/* Name that should be somewhat descriptive. */ /* Name that should be somewhat descriptive. */
@ -423,7 +426,7 @@ static const char *wtap_errlist[] = {
"Uncompression error: data oddly truncated", "Uncompression error: data oddly truncated",
"Uncompression error: data would overflow buffer", "Uncompression error: data would overflow buffer",
"Uncompression error: bad LZ77 offset", "Uncompression error: bad LZ77 offset",
"The standard input cannot be opened for random access", "The standard input cannot be opened for random access"
}; };
#define WTAP_ERRLIST_SIZE (sizeof wtap_errlist / sizeof wtap_errlist[0]) #define WTAP_ERRLIST_SIZE (sizeof wtap_errlist / sizeof wtap_errlist[0])

13
wiretap/wtap.h
View File

@ -17,7 +17,7 @@
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/ */
#ifndef __WTAP_H__ #ifndef __WTAP_H__
@ -184,9 +184,10 @@
#define WTAP_ENCAP_JUNIPER_VP 91 #define WTAP_ENCAP_JUNIPER_VP 91
#define WTAP_ENCAP_USB 92 #define WTAP_ENCAP_USB 92
#define WTAP_ENCAP_IEEE802_16_MAC_CPS 93 #define WTAP_ENCAP_IEEE802_16_MAC_CPS 93
#define WTAP_ENCAP_NETTL_RAW_TELNET 94
/* last WTAP_ENCAP_ value + 1 */ /* last WTAP_ENCAP_ value + 1 */
#define WTAP_NUM_ENCAP_TYPES 94 #define WTAP_NUM_ENCAP_TYPES 95
/* File types that can be read by wiretap. /* File types that can be read by wiretap.
We support writing some many of these file types, too, so we We support writing some many of these file types, too, so we
@ -475,9 +476,9 @@ struct nettl_phdr {
/* Packet "pseudo-header" for MTP2 files. */ /* Packet "pseudo-header" for MTP2 files. */
struct mtp2_phdr { struct mtp2_phdr {
guint8 sent; guint8 sent;
guint8 annex_a_used; guint8 annex_a_used;
guint16 link_number; guint16 link_number;
}; };
/* Packet "pseudo-header" for K12 files. */ /* Packet "pseudo-header" for K12 files. */
@ -486,7 +487,7 @@ typedef union {
struct { struct {
guint16 vp; guint16 vp;
guint16 vc; guint16 vc;
guint16 cid; guint16 cid;
} atm; } atm;
guint32 ds0mask; guint32 ds0mask;