From a66d50bbf201d5992e364c27446b71d935158f52 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Tue, 29 Jan 2002 09:45:58 +0000 Subject: [PATCH] Untested support for AiroPeek captures. svn path=/trunk/; revision=4619 --- Makefile.am | 3 +- Makefile.nmake | 3 +- README | 4 +- doc/editcap.pod | 25 ++++---- doc/ethereal.pod.template | 2 +- doc/mergecap.pod | 25 ++++---- doc/tethereal.pod.template | 26 ++++---- packet-airopeek.c | 125 +++++++++++++++++++++++++++++++++++++ wiretap/etherpeek.c | 11 ++-- wiretap/wtap.c | 5 +- wiretap/wtap.h | 5 +- 11 files changed, 182 insertions(+), 52 deletions(-) create mode 100644 packet-airopeek.c diff --git a/Makefile.am b/Makefile.am index d3ce39e4d5..94cc5e1346 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ # Makefile.am # Automake file for Ethereal # -# $Id: Makefile.am,v 1.406 2002/01/29 08:44:45 guy Exp $ +# $Id: Makefile.am,v 1.407 2002/01/29 09:45:55 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs @@ -75,6 +75,7 @@ DISSECTOR_SRC = \ packet-aarp.c \ packet-afs.c \ packet-aim.c \ + packet-airopeek.c \ packet-arp.c \ packet-ascend.c\ packet-atalk.c \ diff --git a/Makefile.nmake b/Makefile.nmake index ab82296a1d..cc8a456e9c 100644 --- a/Makefile.nmake +++ b/Makefile.nmake @@ -1,7 +1,7 @@ ## Makefile for building ethereal.exe with Microsoft C and nmake ## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake # -# $Id: Makefile.nmake,v 1.166 2002/01/29 08:44:46 guy Exp $ +# $Id: Makefile.nmake,v 1.167 2002/01/29 09:45:55 guy Exp $ include config.nmake include @@ -26,6 +26,7 @@ DISSECTOR_SRC = \ packet-aarp.c \ packet-afs.c \ packet-aim.c \ + packet-airopeek.c \ packet-arp.c \ packet-ascend.c\ packet-atalk.c \ diff --git a/README b/README index c3445bdbdf..ffa344be5d 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -$Id: README,v 1.53 2002/01/22 22:38:02 guy Exp $ +$Id: README,v 1.54 2002/01/29 09:45:55 guy Exp $ General Information ------- ----------- @@ -96,7 +96,7 @@ Microsoft Network Monitor AIX's iptrace Cinco Networks NetXRray Network Associates Windows-based Sniffer -AG Group/WildPackets EtherPeek/TokenPeek +AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek RADCOM's WAN/LAN Analyzer Lucent/Ascend access products HP-UX's nettl diff --git a/doc/editcap.pod b/doc/editcap.pod index e2bb90102c..8c3d23dde1 100644 --- a/doc/editcap.pod +++ b/doc/editcap.pod @@ -28,18 +28,19 @@ and B, Shomiti/Finisar B, Novell B, Network General/Network Associates DOS-based B (compressed or uncompressed), Microsoft B, AIX's B, Cinco Networks B, Network Associates Windows-based B, AG -Group/WildPackets B and B, B's WAN/LAN -analyzer, B router debug output, HP-UX's B, the -dump output from B ISDN routers, the output from B -from the ISDN4BSD project, the output in B format from the Cisco -Secure Intrusion Detection System, B (pppdump format), the -output from VMS's B utility, the text output from the B VMS utility, and traffic capture files from Visual Networks' -Visual UpTime. There is no need to tell B what type of file -you are reading; it will determine the file type by itself. B -is also capable of reading any of these file formats if they are -compressed using gzip. B recognizes this directly from the -file; the '.gz' extension is not required for this purpose. +Group/WildPackets B/B/B, B's +WAN/LAN analyzer, B router debug output, HP-UX's +B, the dump output from B ISDN routers, the output +from B from the ISDN4BSD project, the output in B +format from the Cisco Secure Intrusion Detection System, B +(pppdump format), the output from VMS's B utility, the text +output from the B VMS utility, and traffic capture files +from Visual Networks' Visual UpTime. There is no need to tell +B what type of file you are reading; it will determine the file +type by itself. B is also capable of reading any of these file +formats if they are compressed using gzip. B recognizes this +directly from the file; the '.gz' extension is not required for this +purpose. By default, it writes the capture file in B format, and writes all of the packets in the capture file to the output file. The B<-F> diff --git a/doc/ethereal.pod.template b/doc/ethereal.pod.template index c234739fd8..28e54260da 100644 --- a/doc/ethereal.pod.template +++ b/doc/ethereal.pod.template @@ -43,7 +43,7 @@ from B and B, Shomiti/Finisar B, Novell B, Network General/Network Associates DOS-based B (compressed or uncompressed), Microsoft B, AIX's B, Cinco Networks B, Network Associates Windows-based -B, AG Group/WildPackets B and B, +B, AG Group/WildPackets B/B/B, B's WAN/LAN analyzer, B router debug output, HP-UX's B, the dump output from B ISDN routers, the output from B from the ISDN4BSD project, the output in diff --git a/doc/mergecap.pod b/doc/mergecap.pod index 57345dea12..afe8e273a7 100644 --- a/doc/mergecap.pod +++ b/doc/mergecap.pod @@ -25,18 +25,19 @@ B, Shomiti/Finisar B, Novell B, Network General/Network Associates DOS-based B (compressed or uncompressed), Microsoft B, AIX's B, Cinco Networks B, Network Associates Windows-based B, AG -Group/WildPackets B and B, B's WAN/LAN -analyzer, B router debug output, HP-UX's B, the -dump output from B ISDN routers, the output from B -from the ISDN4BSD project, the output in B format from the Cisco -Secure Intrusion Detection System, B (pppdump format), the -output from VMS's B utility, the text output from the B VMS utility, and traffic capture files from Visual Networks' -Visual UpTime. There is no need to tell B what type of file -you are reading; it will determine the file type by itself. B -is also capable of reading any of these file formats if they are -compressed using gzip. B recognizes this directly from the -file; the '.gz' extension is not required for this purpose. +Group/WildPackets B/B/B, B's +WAN/LAN analyzer, B router debug output, HP-UX's +B, the dump output from B ISDN routers, the output +from B from the ISDN4BSD project, the output in B +format from the Cisco Secure Intrusion Detection System, B +(pppdump format), the output from VMS's B utility, the text +output from the B VMS utility, and traffic capture files +from Visual Networks' Visual UpTime. There is no need to tell +B what type of file you are reading; it will determine the +file type by itself. B is also capable of reading any of +these file formats if they are compressed using gzip. B +recognizes this directly from the file; the '.gz' extension is not +required for this purpose. By default, it writes the capture file in B format, and writes all of the packets in both input capture files to the output file. The diff --git a/doc/tethereal.pod.template b/doc/tethereal.pod.template index 90d7b26846..8814e260a8 100644 --- a/doc/tethereal.pod.template +++ b/doc/tethereal.pod.template @@ -41,19 +41,19 @@ read capture files from B and B, Shomiti/Finisar B, Novell B, Network General/Network Associates DOS-based B (compressed or uncompressed), Microsoft B, AIX's B, Cinco Networks B, Network -Associates Windows-based B, AG Group/WildPackets B -and B, B's WAN/LAN analyzer, B router -debug output, HP-UX's B, the dump output from B ISDN -routers, the output from B from the ISDN4BSD project, the -output in B format from the Cisco Secure Intrusion Detection -System, B (pppdump format), the output from VMS's -B utility, the text output from the B VMS -utility, and traffic capture files from Visual Networks' Visual UpTime. -There is no need to tell B what type of file you are reading; -it will determine the file type by itself. B is also capable -of reading any of these file formats if they are compressed using gzip. -B recognizes this directly from the file; the '.gz' extension -is not required for this purpose. +Associates Windows-based B, AG Group/WildPackets +B/B/B, B's WAN/LAN analyzer, +B router debug output, HP-UX's B, the dump output +from B ISDN routers, the output from B from the +ISDN4BSD project, the output in B format from the Cisco Secure +Intrusion Detection System, B (pppdump format), the output +from VMS's B utility, the text output from the B VMS utility, and traffic capture files from Visual Networks' +Visual UpTime. There is no need to tell B what type of file +you are reading; it will determine the file type by itself. +B is also capable of reading any of these file formats if +they are compressed using gzip. B recognizes this directly +from the file; the '.gz' extension is not required for this purpose. If the B<-w> flag is not specified, B prints a decoded form of the packets it captures or reads; otherwise, it writes those packets diff --git a/packet-airopeek.c b/packet-airopeek.c new file mode 100644 index 0000000000..2d928811bd --- /dev/null +++ b/packet-airopeek.c @@ -0,0 +1,125 @@ +/* packet-airopeek.c + * Routines for AiroPeek capture file dissection + * + * $Id: packet-airopeek.c,v 1.1 2002/01/29 09:45:55 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * Copied from README.developer + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#ifdef HAVE_SYS_TYPES_H +# include +#endif + +#include + +#include +#include "packet-ieee80211.h" + +/* protocol */ +static int proto_airopeek = -1; + +/* header fields */ +static int hf_airopeek_data_rate = -1; +static int hf_airopeek_channel = -1; +static int hf_airopeek_signal_strength = -1; + +static gint ett_airopeek = -1; + +static dissector_handle_t ieee80211_fixed_handle; + +static void +dissect_airopeek(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + proto_tree *airopeek_tree; + proto_item *ti; + guint8 data_rate; + guint8 signal_strength; + tvbuff_t *next_tvb; + + if (check_col(pinfo->cinfo, COL_PROTOCOL)) + col_set_str(pinfo->cinfo, COL_PROTOCOL, "AiroPeek"); + if (check_col(pinfo->cinfo, COL_INFO)) + col_clear(pinfo->cinfo, COL_INFO); + + if (tree) { + ti = proto_tree_add_protocol_format(tree, proto_airopeek, + tvb, 0, 3, "AiroPeek Radio Information"); + airopeek_tree = proto_item_add_subtree(ti, ett_airopeek); + + data_rate = tvb_get_guint8(tvb, 0); + proto_tree_add_uint_format(airopeek_tree, hf_airopeek_data_rate, + tvb, 0, 1, data_rate, + "Data Rate: %g kb/s", .5*data_rate); + + proto_tree_add_item(airopeek_tree, hf_airopeek_channel, + tvb, 1, 1, FALSE); + + signal_strength = tvb_get_guint8(tvb, 2); + proto_tree_add_uint_format(airopeek_tree, hf_airopeek_data_rate, + tvb, 2, 1, data_rate, + "Signal Strength: %u%%", signal_strength); + } + + /* dissect the 802.11 header next */ + next_tvb = tvb_new_subset(tvb, 4, -1, -1); + call_dissector(ieee80211_fixed_handle, next_tvb, pinfo, tree); +} + +void +proto_register_airopeek(void) +{ + static hf_register_info hf[] = { + { &hf_airopeek_data_rate, + { "Data Rate", "airopeek.data_rate", FT_UINT8, BASE_DEC, NULL, + 0x0, "", HFILL}}, + { &hf_airopeek_channel, + { "Channel", "airopeek.channel", FT_UINT8, BASE_DEC, NULL, + 0x0, "", HFILL}}, + { &hf_airopeek_signal_strength, + { "Signal Strength", "airopeek.signal_strength", FT_UINT8, BASE_DEC, NULL, + 0x0, "", HFILL}}, + }; + static gint *ett[] = { + &ett_airopeek + }; + + proto_airopeek = proto_register_protocol("AiroPeek radio information", + "AiroPeek", "airopeek"); + proto_register_field_array(proto_airopeek, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); +} + +void +proto_reg_handoff_airopeek(void) +{ + dissector_handle_t airopeek_handle; + + /* handle for 802.11 dissector for fixed-length 802.11 headers */ + ieee80211_fixed_handle = find_dissector("wlan_fixed"); + + airopeek_handle = create_dissector_handle(dissect_airopeek, + proto_airopeek); + dissector_add("wtap_encap", WTAP_ENCAP_AIROPEEK, airopeek_handle); +} diff --git a/wiretap/etherpeek.c b/wiretap/etherpeek.c index 8a9c134994..6844e26e3a 100644 --- a/wiretap/etherpeek.c +++ b/wiretap/etherpeek.c @@ -2,7 +2,7 @@ * Routines for opening EtherPeek (and TokenPeek?) files * Copyright (c) 2001, Daniel Thompson * - * $Id: etherpeek.c,v 1.13 2002/01/23 06:32:51 guy Exp $ + * $Id: etherpeek.c,v 1.14 2002/01/29 09:45:58 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -225,12 +225,9 @@ int etherpeek_open(wtap *wth, int *err) * 802.11, with a private header giving * some radio information. Presumably * this is from AiroPeek. - * - * We don't yet support that. */ - g_message("etherpeek: 802.11 captures unsupported"); - *err = WTAP_ERR_UNSUPPORTED_ENCAP; - return -1; + file_encap = WTAP_ENCAP_AIROPEEK; + break; default: /* @@ -283,7 +280,7 @@ int etherpeek_open(wtap *wth, int *err) } /* - * This is an EtherPeek (or TokenPeek?) file. + * This is an EtherPeek (or TokenPeek or AiroPeek?) file. * * At this point we have recognised the file type and have populated * the whole ep_hdr structure in host byte order. diff --git a/wiretap/wtap.c b/wiretap/wtap.c index 253eda2159..e77644057c 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -1,6 +1,6 @@ /* wtap.c * - * $Id: wtap.c,v 1.59 2002/01/29 08:44:53 guy Exp $ + * $Id: wtap.c,v 1.60 2002/01/29 09:45:58 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -136,6 +136,9 @@ static const struct encap_type_info { /* WTAP_ENCAP_PFLOG */ { "OpenBSD PF Firewall logs", "pflog" }, + + /* WTAP_ENCAP_AIROPEEK */ + { "IEEE 802.11 plus AiroPeek header", "airopeek" }, }; /* Name that should be somewhat descriptive. */ diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 74df2e1c70..e80d3863e0 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.102 2002/01/29 08:44:53 guy Exp $ + * $Id: wtap.h,v 1.103 2002/01/29 09:45:58 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -102,9 +102,10 @@ #define WTAP_ENCAP_LOCALTALK 23 #define WTAP_ENCAP_PRISM_HEADER 24 #define WTAP_ENCAP_PFLOG 25 +#define WTAP_ENCAP_AIROPEEK 26 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 26 +#define WTAP_NUM_ENCAP_TYPES 27 /* File types that can be read by wiretap. We support writing some many of these file types, too, so we