Add support for raw IP nettl captures.
Update the nettl section in wiretap/README, and give sample commands to make captures on HP-UX. svn path=/trunk/; revision=1642
This commit is contained in:
Olivier Abad
parent
9f0954f198
commit
2d0cbfff6b
|
|
@ -1,4 +1,4 @@
|
|||
$Id: README,v 1.19 1999/11/26 20:49:28 gram Exp $
|
||||
$Id: README,v 1.20 2000/02/17 21:08:14 oabad Exp $
|
||||
|
||||
Wiretap is a library that is being developed as a future replacement for
|
||||
libpcap, the current standard Unix library for packet capturing. Libpcap
|
||||
|
|
@ -99,7 +99,17 @@ Gerald
|
|||
|
||||
HP-UX nettl
|
||||
-----------
|
||||
Olivier
|
||||
nettl is used on HP-UX to trace various streams based subsystems. Wiretap
|
||||
can read nettl files containing IP frames (NS_LS_IP subsystem) and LAPB
|
||||
frames (SX25L2 subsystem). It has been tested with files generated on
|
||||
HP-UX 9.04 and 10.20.
|
||||
Use the following commands to generate a trace :
|
||||
# IP capture. 0x30000000 means PDU in and PDU out :
|
||||
nettl -tn 0x30000000 -e NS_LS_IP -f tracefile
|
||||
# X25 capture. You must specify an interface :
|
||||
nettl -tn 0x30000000 -e SX25l2 -d /dev/x25_0 -f tracefile
|
||||
# stop capture. subsystem is NS_LS_IP or SX25L2 :
|
||||
nettl -tf -e subsystem
|
||||
|
||||
Toshiba ISDN Router
|
||||
-------------------
|
||||
|
|
|
|||
155
wiretap/nettl.c
155
wiretap/nettl.c
|
|
@ -1,6 +1,6 @@
|
|||
/* nettl.c
|
||||
*
|
||||
* $Id: nettl.c,v 1.5 2000/01/22 06:22:40 guy Exp $
|
||||
* $Id: nettl.c,v 1.6 2000/02/17 21:08:15 oabad Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
|
||||
|
|
@ -39,17 +39,27 @@ static char nettl_magic_hpux10[12] = {
|
|||
0x54, 0x52, 0x00, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80
|
||||
};
|
||||
|
||||
/* HP nettl record header - The FCS is not included in the file. */
|
||||
struct nettlrec_hdr {
|
||||
char xxa[12];
|
||||
char from_dce;
|
||||
char xxb[55];
|
||||
guint16 length;
|
||||
guint16 length2; /* don't know which one is captured length / real length */
|
||||
char xxc[4];
|
||||
char sec[4];
|
||||
char usec[4];
|
||||
char xxd[4];
|
||||
/* HP nettl record header for the SX25L2 subsystem - The FCS is not included in the file. */
|
||||
struct nettlrec_sx25l2_hdr {
|
||||
guint8 xxa[8];
|
||||
guint8 from_dce;
|
||||
guint8 xxb[55];
|
||||
guint8 length[2];
|
||||
guint8 length2[2]; /* don't know which one is captured length / real length */
|
||||
guint8 xxc[4];
|
||||
guint8 sec[4];
|
||||
guint8 usec[4];
|
||||
guint8 xxd[4];
|
||||
};
|
||||
|
||||
/* HP nettl record header for the NS_LS_IP subsystem */
|
||||
struct nettlrec_ns_ls_ip_hdr {
|
||||
guint8 xxa[28];
|
||||
guint8 length[4];
|
||||
guint8 length2[4]; /* don't know which one is captured length / real length */
|
||||
guint8 sec[4];
|
||||
guint8 usec[4];
|
||||
guint8 xxb[16];
|
||||
};
|
||||
|
||||
/* header is followed by data and once again the total length (2 bytes) ! */
|
||||
|
|
@ -88,8 +98,6 @@ int nettl_open(wtap *wth, int *err)
|
|||
|
||||
wth->capture.nettl->start = 0;
|
||||
|
||||
wth->file_encap = WTAP_ENCAP_LAPB;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
@ -97,14 +105,16 @@ int nettl_open(wtap *wth, int *err)
|
|||
static int nettl_read(wtap *wth, int *err)
|
||||
{
|
||||
int bytes_read;
|
||||
struct nettlrec_hdr hdr;
|
||||
struct nettlrec_sx25l2_hdr lapb_hdr;
|
||||
struct nettlrec_ns_ls_ip_hdr ip_hdr;
|
||||
guint16 length;
|
||||
int data_offset;
|
||||
guint8 encap[4];
|
||||
|
||||
/* Read record header. */
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
bytes_read = file_read(&hdr, 1, sizeof hdr, wth->fh);
|
||||
if (bytes_read != sizeof hdr) {
|
||||
bytes_read = file_read(&encap, 1, 4, wth->fh);
|
||||
if (bytes_read != 4) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err != 0)
|
||||
return -1;
|
||||
|
|
@ -114,37 +124,96 @@ static int nettl_read(wtap *wth, int *err)
|
|||
}
|
||||
return 0;
|
||||
}
|
||||
wth->data_offset += sizeof hdr;
|
||||
length = pntohs(&hdr.length);
|
||||
if (length <= 0) return 0;
|
||||
wth->data_offset += 4;
|
||||
switch (encap[3]) {
|
||||
case NETTL_SUBSYS_NS_LS_IP :
|
||||
wth->phdr.pkt_encap = WTAP_ENCAP_RAW_IP;
|
||||
bytes_read = file_read(&ip_hdr, 1, sizeof ip_hdr, wth->fh);
|
||||
if (bytes_read != sizeof ip_hdr) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err != 0)
|
||||
return -1;
|
||||
if (bytes_read != 0) {
|
||||
*err = WTAP_ERR_SHORT_READ;
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
wth->data_offset += sizeof ip_hdr;
|
||||
|
||||
wth->phdr.len = length;
|
||||
wth->phdr.caplen = length;
|
||||
length = pntohl(&ip_hdr.length);
|
||||
if (length <= 0) return 0;
|
||||
wth->phdr.len = length;
|
||||
wth->phdr.caplen = length;
|
||||
|
||||
wth->phdr.ts.tv_sec = pntohl(&hdr.sec);
|
||||
wth->phdr.ts.tv_usec = pntohl(&hdr.usec);
|
||||
if (wth->capture.nettl->start == 0)
|
||||
wth->capture.nettl->start = wth->phdr.ts.tv_sec;
|
||||
wth->phdr.pseudo_header.x25.flags = (hdr.from_dce & 0x20 ? 0x80 : 0x00);
|
||||
wth->phdr.ts.tv_sec = pntohl(&ip_hdr.sec);
|
||||
wth->phdr.ts.tv_usec = pntohl(&ip_hdr.usec);
|
||||
if (wth->capture.nettl->start == 0)
|
||||
wth->capture.nettl->start = wth->phdr.ts.tv_sec;
|
||||
|
||||
/*
|
||||
* Read the packet data.
|
||||
*/
|
||||
buffer_assure_space(wth->frame_buffer, length);
|
||||
data_offset = wth->data_offset;
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
bytes_read = file_read(buffer_start_ptr(wth->frame_buffer), 1,
|
||||
length, wth->fh);
|
||||
/*
|
||||
* Read the packet data.
|
||||
*/
|
||||
buffer_assure_space(wth->frame_buffer, length);
|
||||
data_offset = wth->data_offset;
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
bytes_read = file_read(buffer_start_ptr(wth->frame_buffer), 1,
|
||||
length, wth->fh);
|
||||
|
||||
if (bytes_read != length) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err == 0)
|
||||
*err = WTAP_ERR_SHORT_READ;
|
||||
if (bytes_read != length) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err == 0)
|
||||
*err = WTAP_ERR_SHORT_READ;
|
||||
return -1;
|
||||
}
|
||||
wth->data_offset += length;
|
||||
break;
|
||||
case NETTL_SUBSYS_SX25L2 :
|
||||
wth->phdr.pkt_encap = WTAP_ENCAP_LAPB;
|
||||
bytes_read = file_read(&lapb_hdr, 1, sizeof lapb_hdr, wth->fh);
|
||||
if (bytes_read != sizeof lapb_hdr) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err != 0)
|
||||
return -1;
|
||||
if (bytes_read != 0) {
|
||||
*err = WTAP_ERR_SHORT_READ;
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
wth->data_offset += sizeof lapb_hdr;
|
||||
|
||||
length = pntohs(&lapb_hdr.length);
|
||||
if (length <= 0) return 0;
|
||||
wth->phdr.len = length;
|
||||
wth->phdr.caplen = length;
|
||||
|
||||
wth->phdr.ts.tv_sec = pntohl(&lapb_hdr.sec);
|
||||
wth->phdr.ts.tv_usec = pntohl(&lapb_hdr.usec);
|
||||
if (wth->capture.nettl->start == 0)
|
||||
wth->capture.nettl->start = wth->phdr.ts.tv_sec;
|
||||
wth->phdr.pseudo_header.x25.flags = (lapb_hdr.from_dce & 0x20 ? 0x80 : 0x00);
|
||||
|
||||
/*
|
||||
* Read the packet data.
|
||||
*/
|
||||
buffer_assure_space(wth->frame_buffer, length);
|
||||
data_offset = wth->data_offset;
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
bytes_read = file_read(buffer_start_ptr(wth->frame_buffer), 1,
|
||||
length, wth->fh);
|
||||
|
||||
if (bytes_read != length) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err == 0)
|
||||
*err = WTAP_ERR_SHORT_READ;
|
||||
return -1;
|
||||
}
|
||||
wth->data_offset += length;
|
||||
break;
|
||||
default:
|
||||
*err = WTAP_ERR_UNSUPPORTED_ENCAP;
|
||||
return -1;
|
||||
}
|
||||
wth->data_offset += length;
|
||||
|
||||
wth->phdr.pkt_encap = wth->file_encap;
|
||||
|
||||
return data_offset;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
/* nettl.h
|
||||
*
|
||||
* $Id: nettl.h,v 1.3 2000/01/22 06:22:40 guy Exp $
|
||||
* $Id: nettl.h,v 1.4 2000/02/17 21:08:15 oabad Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
|
||||
|
|
@ -21,4 +21,48 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#define NETTL_SUBSYS_NS_LS_LOGGING 0x00
|
||||
#define NETTL_SUBSYS_NS_LS_NFT 0x01
|
||||
#define NETTL_SUBSYS_NS_LS_LOOPBACK 0x02
|
||||
#define NETTL_SUBSYS_NS_LS_NI 0x03
|
||||
#define NETTL_SUBSYS_NS_LS_IPC 0x04
|
||||
#define NETTL_SUBSYS_NS_LS_SOCKREGD 0x05
|
||||
#define NETTL_SUBSYS_NS_LS_TCP 0x06
|
||||
#define NETTL_SUBSYS_NS_LS_PXP 0x07
|
||||
#define NETTL_SUBSYS_NS_LS_UDP 0x08
|
||||
#define NETTL_SUBSYS_NS_LS_IP 0x09
|
||||
#define NETTL_SUBSYS_NS_LS_PROBE 0x0A
|
||||
#define NETTL_SUBSYS_NS_LS_DRIVER 0x0B
|
||||
#define NETTL_SUBSYS_NS_LS_RLBD 0x0C
|
||||
#define NETTL_SUBSYS_NS_LS_BUFS 0x0D
|
||||
#define NETTL_SUBSYS_NS_LS_CASE21 0x0E
|
||||
#define NETTL_SUBSYS_NS_LS_ROUTER21 0x0F
|
||||
#define NETTL_SUBSYS_NS_LS_NFS 0x10
|
||||
#define NETTL_SUBSYS_NS_LS_NETISR 0x11
|
||||
#define NETTL_SUBSYS_NS_LS_NSE 0x13
|
||||
#define NETTL_SUBSYS_NS_LS_STRLOG 0x14
|
||||
#define NETTL_SUBSYS_NS_LS_TIRDWR 0x15
|
||||
#define NETTL_SUBSYS_NS_LS_TIMOD 0x16
|
||||
#define NETTL_SUBSYS_NS_LS_ICMP 0x17
|
||||
#define NETTL_SUBSYS_FILTER 0x1A
|
||||
#define NETTL_SUBSYS_NAME 0x1B
|
||||
#define NETTL_SUBSYS_IGMP 0x1D
|
||||
#define NETTL_SUBSYS_SX25L2 0x22
|
||||
#define NETTL_SUBSYS_SX25L3 0x23
|
||||
#define NETTL_SUBSYS_FTAM_INIT 0x40
|
||||
#define NETTL_SUBSYS_FTAM_RESP 0x41
|
||||
#define NETTL_SUBSYS_FTAM_VFS 0x46
|
||||
#define NETTL_SUBSYS_FTAM_USER 0x48
|
||||
#define NETTL_SUBSYS_OTS 0x5A
|
||||
#define NETTL_SUBSYS_NETWORK 0x5B
|
||||
#define NETTL_SUBSYS_TRANSPORT 0x5C
|
||||
#define NETTL_SUBSYS_SESSION 0x5D
|
||||
#define NETTL_SUBSYS_ACSE_PRES 0x5E
|
||||
#define NETTL_SUBSYS_SHM 0x74
|
||||
#define NETTL_SUBSYS_ACSE_US 0x77
|
||||
#define NETTL_SUBSYS_HPS 0x79
|
||||
#define NETTL_SUBSYS_CM 0x7A
|
||||
#define NETTL_SUBSYS_ULA_UTILS 0x7B
|
||||
#define NETTL_SUBSYS_EM 0x7C
|
||||
|
||||
int nettl_open(wtap *wth, int *err);
|
||||
|
|
|
|||
Loading…
Reference in New Issue