Added initial support for SMB plus most of negprot decode ..
svn path=/trunk/; revision=258
This commit is contained in:
Richard Sharpe
parent
1f8cc10010
commit
8b00cf57b3
|
|
@ -45,6 +45,7 @@ ethereal_SOURCES = \
|
|||
packet-ppp.c \
|
||||
packet-raw.c \
|
||||
packet-rip.c \
|
||||
packet-smb.c \
|
||||
packet-tcp.c \
|
||||
packet-telnet.c \
|
||||
packet-tftp.c \
|
||||
|
|
|
|||
116
packet-nbns.c
116
packet-nbns.c
|
|
@ -4,7 +4,7 @@
|
|||
* Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
* Much stuff added by Guy Harris <guy@netapp.com>
|
||||
*
|
||||
* $Id: packet-nbns.c,v 1.15 1999/04/30 03:16:02 guy Exp $
|
||||
* $Id: packet-nbns.c,v 1.16 1999/05/09 04:16:35 sharpe Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@zing.org>
|
||||
|
|
@ -1152,10 +1152,13 @@ static const value_string error_codes[] = {
|
|||
|
||||
/*
|
||||
* Dissect a single NBSS packet (there may be more than one in a given TCP
|
||||
* segment).
|
||||
* segment). Hmmm, in my experience, I have never seen more than one NBSS
|
||||
* in a single segment, since they mostly contain SMBs which are essentially
|
||||
* a request response type protocol (RJS). Also, a single session message
|
||||
* may be split over multiple segments.
|
||||
*/
|
||||
static int
|
||||
dissect_nbss_packet(const u_char *pd, int offset, proto_tree *tree, int max_data)
|
||||
dissect_nbss_packet(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int max_data)
|
||||
{
|
||||
proto_tree *nbss_tree;
|
||||
proto_item *ti;
|
||||
|
|
@ -1173,62 +1176,82 @@ dissect_nbss_packet(const u_char *pd, int offset, proto_tree *tree, int max_data
|
|||
if (flags & NBSS_FLAGS_E)
|
||||
length += 65536;
|
||||
|
||||
ti = proto_tree_add_item(tree, offset, length + 4,
|
||||
"NetBIOS Session Service");
|
||||
nbss_tree = proto_tree_new();
|
||||
proto_item_add_subtree(ti, nbss_tree, ETT_NBSS);
|
||||
if (tree) {
|
||||
ti = proto_tree_add_item(tree, offset, length + 4,
|
||||
"NetBIOS Session Service");
|
||||
nbss_tree = proto_tree_new();
|
||||
proto_item_add_subtree(ti, nbss_tree, ETT_NBSS);
|
||||
|
||||
proto_tree_add_item(nbss_tree, offset, 1, "Message Type: %s",
|
||||
val_to_str(msg_type, message_types, "Unknown (%x)"));
|
||||
}
|
||||
|
||||
proto_tree_add_item(nbss_tree, offset, 1, "Message Type: %s",
|
||||
val_to_str(msg_type, message_types, "Unknown"));
|
||||
offset += 1;
|
||||
|
||||
tf = proto_tree_add_item(nbss_tree, offset, 1, "Flags: 0x%04x", flags);
|
||||
field_tree = proto_tree_new();
|
||||
proto_item_add_subtree(tf, field_tree, ETT_NBSS_FLAGS);
|
||||
proto_tree_add_item(field_tree, offset, 1, "%s",
|
||||
decode_boolean_bitfield(flags, NBSS_FLAGS_E,
|
||||
8, "Add 65536 to length", "Add 0 to length"));
|
||||
if (tree) {
|
||||
tf = proto_tree_add_item(nbss_tree, offset, 1, "Flags: 0x%04x", flags);
|
||||
field_tree = proto_tree_new();
|
||||
proto_item_add_subtree(tf, field_tree, ETT_NBSS_FLAGS);
|
||||
proto_tree_add_item(field_tree, offset, 1, "%s",
|
||||
decode_boolean_bitfield(flags, NBSS_FLAGS_E,
|
||||
8, "Add 65536 to length", "Add 0 to length"));
|
||||
}
|
||||
|
||||
offset += 1;
|
||||
|
||||
proto_tree_add_item(nbss_tree, offset, 2, "Length: %u", length);
|
||||
if (tree) {
|
||||
proto_tree_add_item(nbss_tree, offset, 2, "Length: %u", length);
|
||||
}
|
||||
|
||||
offset += 2;
|
||||
|
||||
switch (msg_type) {
|
||||
|
||||
case SESSION_REQUEST:
|
||||
len = get_nbns_name(&pd[offset], pd, offset, name);
|
||||
proto_tree_add_item(nbss_tree, offset, len,
|
||||
"Called name: %s", name);
|
||||
offset += len;
|
||||
len = get_nbns_name(&pd[offset], pd, offset, name);
|
||||
if (tree)
|
||||
proto_tree_add_item(nbss_tree, offset, len,
|
||||
"Called name: %s", name);
|
||||
offset += len;
|
||||
|
||||
len = get_nbns_name(&pd[offset], pd, offset, name);
|
||||
proto_tree_add_item(nbss_tree, offset, len,
|
||||
"Calling name: %s", name);
|
||||
break;
|
||||
len = get_nbns_name(&pd[offset], pd, offset, name);
|
||||
|
||||
if (tree)
|
||||
proto_tree_add_item(nbss_tree, offset, len,
|
||||
"Calling name: %s", name);
|
||||
|
||||
break;
|
||||
|
||||
case NEGATIVE_SESSION_RESPONSE:
|
||||
proto_tree_add_item(nbss_tree, offset, 1,
|
||||
"Error code: %s",
|
||||
val_to_str(pd[offset], error_codes, "Unknown (%x)"));
|
||||
break;
|
||||
if (tree)
|
||||
proto_tree_add_item(nbss_tree, offset, 1,
|
||||
"Error code: %s",
|
||||
val_to_str(pd[offset], error_codes, "Unknown (%x)"));
|
||||
break;
|
||||
|
||||
case RETARGET_SESSION_RESPONSE:
|
||||
proto_tree_add_item(nbss_tree, offset, 4,
|
||||
"Retarget IP address: %s",
|
||||
ip_to_str((guint8 *)&pd[offset]));
|
||||
offset += 4;
|
||||
if (tree)
|
||||
proto_tree_add_item(nbss_tree, offset, 4,
|
||||
"Retarget IP address: %s",
|
||||
ip_to_str((guint8 *)&pd[offset]));
|
||||
|
||||
offset += 4;
|
||||
|
||||
proto_tree_add_item(nbss_tree, offset, 2,
|
||||
"Retarget port: %u", pntohs(&pd[offset]));
|
||||
break;
|
||||
if (tree)
|
||||
proto_tree_add_item(nbss_tree, offset, 2,
|
||||
"Retarget port: %u", pntohs(&pd[offset]));
|
||||
|
||||
break;
|
||||
|
||||
case SESSION_MESSAGE:
|
||||
/*
|
||||
* Here we can pass the packet off to the next protocol.
|
||||
*/
|
||||
proto_tree_add_item(nbss_tree, offset, length,
|
||||
"Data (%u bytes)", length);
|
||||
break;
|
||||
/*
|
||||
* Here we can pass the packet off to the next protocol.
|
||||
*/
|
||||
|
||||
dissect_smb(pd, offset, fd, tree, max_data - 4);
|
||||
|
||||
break;
|
||||
|
||||
}
|
||||
return length + 4;
|
||||
}
|
||||
|
|
@ -1254,11 +1277,10 @@ dissect_nbss(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int
|
|||
val_to_str(msg_type, message_types, "Unknown (%x)"));
|
||||
}
|
||||
|
||||
if (tree) {
|
||||
while (max_data > 0) {
|
||||
len = dissect_nbss_packet(pd, offset, tree, max_data);
|
||||
offset += len;
|
||||
max_data -= len;
|
||||
}
|
||||
while (max_data > 0) {
|
||||
len = dissect_nbss_packet(pd, offset, fd, tree, max_data);
|
||||
offset += len;
|
||||
max_data -= len;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
12
packet.h
12
packet.h
|
|
@ -1,7 +1,7 @@
|
|||
/* packet.h
|
||||
* Definitions for packet disassembly structures and routines
|
||||
*
|
||||
* $Id: packet.h,v 1.47 1999/04/30 03:16:03 guy Exp $
|
||||
* $Id: packet.h,v 1.48 1999/05/09 04:16:36 sharpe Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@zing.org>
|
||||
|
|
@ -225,6 +225,11 @@ enum {
|
|||
ETT_NNTP,
|
||||
ETT_NBSS,
|
||||
ETT_NBSS_FLAGS,
|
||||
ETT_SMB,
|
||||
ETT_SMB_FLAGS,
|
||||
ETT_SMB_DIALECTS,
|
||||
ETT_SMB_MODE,
|
||||
ETT_SMB_CAPS,
|
||||
NUM_TREE_TYPES /* last item number plus one */
|
||||
};
|
||||
|
||||
|
|
@ -266,10 +271,14 @@ gint check_col(frame_data *, gint);
|
|||
#if __GNUC__ == 2
|
||||
void col_add_fstr(frame_data *, gint, gchar *, ...)
|
||||
__attribute__((format (printf, 3, 4)));
|
||||
void col_append_fstr(frame_data *, gint, gchar *, ...)
|
||||
__attribute__((format (printf, 3, 4)));
|
||||
#else
|
||||
void col_add_fstr(frame_data *, gint, gchar *, ...);
|
||||
void col_append_fstr(frame_data *, gint, gchar *, ...);
|
||||
#endif
|
||||
void col_add_str(frame_data *, gint, gchar *);
|
||||
void col_append_str(frame_data *, gint, gchar *);
|
||||
|
||||
/* Routines in packet.c */
|
||||
|
||||
|
|
@ -376,6 +385,7 @@ void dissect_ftpdata(const u_char *, int, frame_data *, proto_tree *, int);
|
|||
void dissect_nbss(const u_char *, int, frame_data *, proto_tree *, int);
|
||||
void dissect_nntp(const u_char *, int, frame_data *, proto_tree *, int);
|
||||
void dissect_pop(const u_char *, int, frame_data *, proto_tree *, int);
|
||||
void dissect_smb(const u_char *, int, frame_data *, proto_tree *, int);
|
||||
void dissect_telnet(const u_char *, int, frame_data *, proto_tree *, int);
|
||||
|
||||
void init_dissect_udp(void);
|
||||
|
|
|
|||
Loading…
Reference in New Issue