Use WTAP_ENCAP_IEEE_802_11_WITH_RADIO for AiroPeek files, rather than
having a special encapsulation type for AiroPeek files. svn path=/trunk/; revision=5123
This commit is contained in:
parent
939b3c8e0a
commit
b2c46086c3
|
@ -1,7 +1,7 @@
|
|||
# Makefile.am
|
||||
# Automake file for Ethereal
|
||||
#
|
||||
# $Id: Makefile.am,v 1.416 2002/03/16 02:25:48 guy Exp $
|
||||
# $Id: Makefile.am,v 1.417 2002/04/08 09:44:40 guy Exp $
|
||||
#
|
||||
# Ethereal - Network traffic analyzer
|
||||
# By Gerald Combs <gerald@ethereal.com>
|
||||
|
@ -75,7 +75,6 @@ DISSECTOR_SRC = \
|
|||
packet-aarp.c \
|
||||
packet-afs.c \
|
||||
packet-aim.c \
|
||||
packet-airopeek.c \
|
||||
packet-arp.c \
|
||||
packet-ascend.c\
|
||||
packet-atalk.c \
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
## Makefile for building ethereal.exe with Microsoft C and nmake
|
||||
## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
|
||||
#
|
||||
# $Id: Makefile.nmake,v 1.175 2002/03/16 02:25:48 guy Exp $
|
||||
# $Id: Makefile.nmake,v 1.176 2002/04/08 09:44:40 guy Exp $
|
||||
|
||||
include config.nmake
|
||||
include <win32.mak>
|
||||
|
@ -26,7 +26,6 @@ DISSECTOR_SRC = \
|
|||
packet-aarp.c \
|
||||
packet-afs.c \
|
||||
packet-aim.c \
|
||||
packet-airopeek.c \
|
||||
packet-arp.c \
|
||||
packet-ascend.c\
|
||||
packet-atalk.c \
|
||||
|
|
|
@ -1,137 +0,0 @@
|
|||
/* packet-airopeek.c
|
||||
* Routines for AiroPeek capture file dissection
|
||||
*
|
||||
* $Id: packet-airopeek.c,v 1.4 2002/04/08 09:09:47 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
* Copyright 1998 Gerald Combs
|
||||
*
|
||||
* Copied from README.developer
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; either version 2
|
||||
* of the License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
# include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SYS_TYPES_H
|
||||
# include <sys/types.h>
|
||||
#endif
|
||||
|
||||
#include <glib.h>
|
||||
|
||||
#include <epan/packet.h>
|
||||
#include "packet-ieee80211.h"
|
||||
|
||||
/* protocol */
|
||||
static int proto_airopeek = -1;
|
||||
|
||||
/* header fields */
|
||||
static int hf_airopeek_data_rate = -1;
|
||||
static int hf_airopeek_channel = -1;
|
||||
static int hf_airopeek_signal_strength = -1;
|
||||
|
||||
static gint ett_airopeek = -1;
|
||||
|
||||
static dissector_handle_t ieee80211_handle;
|
||||
|
||||
static void
|
||||
dissect_airopeek(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
||||
{
|
||||
proto_tree *airopeek_tree;
|
||||
proto_item *ti;
|
||||
guint8 data_rate;
|
||||
guint8 signal_strength;
|
||||
tvbuff_t *next_tvb;
|
||||
gint length, reported_length;
|
||||
|
||||
if (check_col(pinfo->cinfo, COL_PROTOCOL))
|
||||
col_set_str(pinfo->cinfo, COL_PROTOCOL, "AiroPeek");
|
||||
if (check_col(pinfo->cinfo, COL_INFO))
|
||||
col_clear(pinfo->cinfo, COL_INFO);
|
||||
|
||||
if (tree) {
|
||||
ti = proto_tree_add_protocol_format(tree, proto_airopeek,
|
||||
tvb, 0, 3, "AiroPeek Radio Information");
|
||||
airopeek_tree = proto_item_add_subtree(ti, ett_airopeek);
|
||||
|
||||
data_rate = tvb_get_guint8(tvb, 0);
|
||||
proto_tree_add_uint_format(airopeek_tree, hf_airopeek_data_rate,
|
||||
tvb, 0, 1, data_rate,
|
||||
"Data Rate: %g mb/s", .5*data_rate);
|
||||
|
||||
proto_tree_add_item(airopeek_tree, hf_airopeek_channel,
|
||||
tvb, 1, 1, FALSE);
|
||||
|
||||
signal_strength = tvb_get_guint8(tvb, 2);
|
||||
proto_tree_add_uint_format(airopeek_tree, hf_airopeek_signal_strength,
|
||||
tvb, 2, 1, signal_strength,
|
||||
"Signal Strength: %u%%", signal_strength);
|
||||
}
|
||||
|
||||
/*
|
||||
* Dissect the 802.11 header and data.
|
||||
* The last 4 bytes appear to be random data - the length might
|
||||
* include the FCS - so we reduce the length by 4.
|
||||
*/
|
||||
length = tvb_ensure_length_remaining(tvb, 4);
|
||||
reported_length = tvb_reported_length_remaining(tvb, 4);
|
||||
if (reported_length < 4)
|
||||
THROW(ReportedBoundsError);
|
||||
reported_length -= 4;
|
||||
if (length > reported_length)
|
||||
length = reported_length;
|
||||
next_tvb = tvb_new_subset(tvb, 4, length, reported_length);
|
||||
call_dissector(ieee80211_handle, next_tvb, pinfo, tree);
|
||||
}
|
||||
|
||||
void
|
||||
proto_register_airopeek(void)
|
||||
{
|
||||
static hf_register_info hf[] = {
|
||||
{ &hf_airopeek_data_rate,
|
||||
{ "Data Rate", "airopeek.data_rate", FT_UINT8, BASE_DEC, NULL,
|
||||
0x0, "", HFILL}},
|
||||
{ &hf_airopeek_channel,
|
||||
{ "Channel", "airopeek.channel", FT_UINT8, BASE_DEC, NULL,
|
||||
0x0, "", HFILL}},
|
||||
{ &hf_airopeek_signal_strength,
|
||||
{ "Signal Strength", "airopeek.signal_strength", FT_UINT8, BASE_DEC, NULL,
|
||||
0x0, "", HFILL}},
|
||||
};
|
||||
static gint *ett[] = {
|
||||
&ett_airopeek
|
||||
};
|
||||
|
||||
proto_airopeek = proto_register_protocol("AiroPeek radio information",
|
||||
"AiroPeek", "airopeek");
|
||||
proto_register_field_array(proto_airopeek, hf, array_length(hf));
|
||||
proto_register_subtree_array(ett, array_length(ett));
|
||||
}
|
||||
|
||||
void
|
||||
proto_reg_handoff_airopeek(void)
|
||||
{
|
||||
dissector_handle_t airopeek_handle;
|
||||
|
||||
/* handle for 802.11 dissector */
|
||||
ieee80211_handle = find_dissector("wlan");
|
||||
|
||||
airopeek_handle = create_dissector_handle(dissect_airopeek,
|
||||
proto_airopeek);
|
||||
dissector_add("wtap_encap", WTAP_ENCAP_AIROPEEK, airopeek_handle);
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
* Routines for opening EtherPeek (and TokenPeek?) files
|
||||
* Copyright (c) 2001, Daniel Thompson <d.thompson@gmx.net>
|
||||
*
|
||||
* $Id: etherpeek.c,v 1.17 2002/02/27 08:57:24 guy Exp $
|
||||
* $Id: etherpeek.c,v 1.18 2002/04/08 09:44:42 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -118,6 +118,16 @@ typedef struct etherpeek_utime {
|
|||
#define ETHERPEEK_V7_TIMESTAMP_LOWER_OFFSET 12
|
||||
#define ETHERPEEK_V7_PKT_SIZE 16
|
||||
|
||||
/*
|
||||
* AiroPeek radio information, at the beginning of every packet.
|
||||
*/
|
||||
typedef struct {
|
||||
guint8 data_rate;
|
||||
guint8 channel;
|
||||
guint8 signal_level;
|
||||
guint8 unused;
|
||||
} airopeek_radio_hdr_t;
|
||||
|
||||
typedef struct etherpeek_encap_lookup {
|
||||
guint16 protoNum;
|
||||
int encap;
|
||||
|
@ -131,6 +141,8 @@ static const etherpeek_encap_lookup_t etherpeek_encap[] = {
|
|||
(sizeof (etherpeek_encap) / sizeof (etherpeek_encap[0]))
|
||||
|
||||
static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset);
|
||||
static gboolean etherpeek_seek_read_v7(wtap *wth, long seek_off,
|
||||
union wtap_pseudo_header *pseudo_header, u_char *pd, int length, int *err);
|
||||
static gboolean etherpeek_read_v56(wtap *wth, int *err, long *data_offset);
|
||||
static void etherpeek_close(wtap *wth);
|
||||
|
||||
|
@ -220,8 +232,13 @@ int etherpeek_open(wtap *wth, int *err)
|
|||
* 802.11, with a private header giving
|
||||
* some radio information. Presumably
|
||||
* this is from AiroPeek.
|
||||
*
|
||||
* We supply the private header as
|
||||
* the WTAP_ENCAP_IEEE_802_11_WITH_RADIO
|
||||
* pseudo-header, rather than as frame
|
||||
* data.
|
||||
*/
|
||||
file_encap = WTAP_ENCAP_AIROPEEK;
|
||||
file_encap = WTAP_ENCAP_IEEE_802_11_WITH_RADIO;
|
||||
break;
|
||||
|
||||
default:
|
||||
|
@ -302,7 +319,7 @@ int etherpeek_open(wtap *wth, int *err)
|
|||
wth->file_type = WTAP_FILE_ETHERPEEK_V7;
|
||||
wth->file_encap = file_encap;
|
||||
wth->subtype_read = etherpeek_read_v7;
|
||||
wth->subtype_seek_read = wtap_def_seek_read;
|
||||
wth->subtype_seek_read = etherpeek_seek_read_v7;
|
||||
break;
|
||||
|
||||
default:
|
||||
|
@ -330,6 +347,7 @@ static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset)
|
|||
guint8 status;
|
||||
etherpeek_utime timestamp;
|
||||
double t;
|
||||
airopeek_radio_hdr_t radio_hdr;
|
||||
|
||||
wtap_file_read_expected_bytes(ep_pkt, sizeof(ep_pkt), wth->fh, err);
|
||||
wth->data_offset += sizeof(ep_pkt);
|
||||
|
@ -364,6 +382,33 @@ static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset)
|
|||
if (sliceLength % 2) /* packets are padded to an even length */
|
||||
sliceLength++;
|
||||
|
||||
if (wth->file_encap == WTAP_ENCAP_IEEE_802_11_WITH_RADIO) {
|
||||
/*
|
||||
* The first 4 bytes of the packet data are radio
|
||||
* information (including a reserved byte).
|
||||
*/
|
||||
if (sliceLength < 4) {
|
||||
/*
|
||||
* We don't *have* 4 bytes of packet data.
|
||||
*/
|
||||
*err = WTAP_ERR_BAD_RECORD;
|
||||
return FALSE;
|
||||
}
|
||||
wtap_file_read_expected_bytes(&radio_hdr, 4, wth->fh, err);
|
||||
|
||||
/*
|
||||
* We don't treat the radio information as packet data.
|
||||
*/
|
||||
sliceLength -= 4;
|
||||
wth->phdr.len -= 4;
|
||||
wth->phdr.caplen -= 4;
|
||||
wth->data_offset += 4;
|
||||
|
||||
wth->pseudo_header.ieee_802_11.channel = radio_hdr.channel;
|
||||
wth->pseudo_header.ieee_802_11.data_rate = radio_hdr.data_rate;
|
||||
wth->pseudo_header.ieee_802_11.signal_level = radio_hdr.signal_level;
|
||||
}
|
||||
|
||||
/* read the frame data */
|
||||
buffer_assure_space(wth->frame_buffer, sliceLength);
|
||||
wtap_file_read_expected_bytes(buffer_start_ptr(wth->frame_buffer),
|
||||
|
@ -378,10 +423,67 @@ static gboolean etherpeek_read_v7(wtap *wth, int *err, long *data_offset)
|
|||
wth->phdr.ts.tv_usec = (guint32) (t - (double) wth->phdr.ts.tv_sec *
|
||||
1000000.0);
|
||||
|
||||
if (wth->file_encap == WTAP_ENCAP_IEEE_802_11_WITH_RADIO) {
|
||||
/*
|
||||
* The last 4 bytes appear to be random data - the length
|
||||
* might include the FCS - so we reduce the length by 4.
|
||||
*
|
||||
* Or maybe this is just the same kind of random 4 bytes
|
||||
* of junk at the end you get in Wireless Sniffer
|
||||
* captures.
|
||||
*/
|
||||
wth->phdr.len -= 4;
|
||||
wth->phdr.caplen -= 4;
|
||||
}
|
||||
|
||||
wth->phdr.pkt_encap = wth->file_encap;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
static gboolean
|
||||
etherpeek_seek_read_v7(wtap *wth, long seek_off,
|
||||
union wtap_pseudo_header *pseudo_header, u_char *pd, int length, int *err)
|
||||
{
|
||||
airopeek_radio_hdr_t radio_hdr;
|
||||
|
||||
if (file_seek(wth->random_fh, seek_off, SEEK_SET) == -1) {
|
||||
*err = file_error(wth->random_fh);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (wth->file_encap == WTAP_ENCAP_IEEE_802_11_WITH_RADIO) {
|
||||
/*
|
||||
* The first 4 bytes of the packet data are radio
|
||||
* information (including a reserved byte).
|
||||
*/
|
||||
if (length < 4) {
|
||||
/*
|
||||
* We don't *have* 4 bytes of packet data.
|
||||
*/
|
||||
*err = WTAP_ERR_BAD_RECORD;
|
||||
return FALSE;
|
||||
}
|
||||
wtap_file_read_expected_bytes(&radio_hdr, 4, wth->random_fh,
|
||||
err);
|
||||
|
||||
/*
|
||||
* We don't treat the radio information as packet data.
|
||||
*/
|
||||
length -= 4;
|
||||
|
||||
pseudo_header->ieee_802_11.channel = radio_hdr.channel;
|
||||
pseudo_header->ieee_802_11.data_rate = radio_hdr.data_rate;
|
||||
pseudo_header->ieee_802_11.signal_level = radio_hdr.signal_level;
|
||||
}
|
||||
|
||||
/*
|
||||
* XXX - should "errno" be set in "wtap_file_read_expected_bytes()"?
|
||||
*/
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
wtap_file_read_expected_bytes(pd, length, wth->random_fh, err);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
static gboolean etherpeek_read_v56(wtap *wth, int *err, long *data_offset)
|
||||
{
|
||||
guchar ep_pkt[ETHERPEEK_V56_PKT_SIZE];
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* wtap.c
|
||||
*
|
||||
* $Id: wtap.c,v 1.64 2002/04/08 09:09:49 guy Exp $
|
||||
* $Id: wtap.c,v 1.65 2002/04/08 09:44:42 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -140,9 +140,6 @@ static const struct encap_type_info {
|
|||
/* WTAP_ENCAP_PFLOG */
|
||||
{ "OpenBSD PF Firewall logs", "pflog" },
|
||||
|
||||
/* WTAP_ENCAP_AIROPEEK */
|
||||
{ "IEEE 802.11 plus AiroPeek header", "airopeek" },
|
||||
|
||||
/* WTAP_ENCAP_HHDLC */
|
||||
{ "HiPath HDLC", "hhdlc" },
|
||||
};
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* wtap.h
|
||||
*
|
||||
* $Id: wtap.h,v 1.108 2002/04/08 09:09:49 guy Exp $
|
||||
* $Id: wtap.h,v 1.109 2002/04/08 09:44:42 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -106,11 +106,10 @@
|
|||
#define WTAP_ENCAP_LOCALTALK 24
|
||||
#define WTAP_ENCAP_PRISM_HEADER 25
|
||||
#define WTAP_ENCAP_PFLOG 26
|
||||
#define WTAP_ENCAP_AIROPEEK 27
|
||||
#define WTAP_ENCAP_HHDLC 28
|
||||
#define WTAP_ENCAP_HHDLC 27
|
||||
|
||||
/* last WTAP_ENCAP_ value + 1 */
|
||||
#define WTAP_NUM_ENCAP_TYPES 29
|
||||
#define WTAP_NUM_ENCAP_TYPES 28
|
||||
|
||||
/* File types that can be read by wiretap.
|
||||
We support writing some many of these file types, too, so we
|
||||
|
|
Loading…
Reference in New Issue