Read eNode-B raw logs

2021-09-30 07:27:08 +02:00 · 2021-09-30 07:27:08 +02:00 · eb9ae2ffd5
parent 5bc06b9042
commit eb9ae2ffd5
6 changed files with 193 additions and 0 deletions
--- a/wiretap/CMakeLists.txt
+++ b/wiretap/CMakeLists.txt
@ -49,6 +49,7 @@ set(WIRETAP_C_MODULE_FILES
 	${CMAKE_CURRENT_SOURCE_DIR}/dpa400.c
 	${CMAKE_CURRENT_SOURCE_DIR}/dct3trace.c
 	${CMAKE_CURRENT_SOURCE_DIR}/erf.c
+	${CMAKE_CURRENT_SOURCE_DIR}/eri_enb_log.c
 	${CMAKE_CURRENT_SOURCE_DIR}/eyesdn.c
 	${CMAKE_CURRENT_SOURCE_DIR}/hcidump.c
 	${CMAKE_CURRENT_SOURCE_DIR}/i4btrace.c
--- a/wiretap/eri_enb_log.c
+++ b/wiretap/eri_enb_log.c
@ -0,0 +1,168 @@
+/* eri_enb_log.c
+ *
+ * Ericsson eNode-B raw log file format decoder for the Wiretap library.
+ *
+ * Wiretap Library
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "eri_enb_log.h"
+
+#include <string.h>
+
+#include "file_wrappers.h"
+#include "wtap-int.h"
+
+static const char eri_enb_log_magic[] = "com_ericsson";
+
+static int eri_enb_log_file_type_subtype = -1;
+
+void register_eri_enb_log(void);
+
+#define MAX_LINE_LENGTH            131072
+
+static gboolean eri_enb_log_get_packet(FILE_T fh, wtap_rec* rec,
+	Buffer* buf, int* err _U_, gchar** err_info _U_)
+{
+	static char line[MAX_LINE_LENGTH];
+	/* Read in a line */
+	gint64 pos_before = file_tell(fh);
+
+	while (file_gets(line, sizeof(line), fh) != NULL)
+	{
+		nstime_t packet_time;
+		gint length;
+		/* Set length (avoiding strlen()) and offset.. */
+		length = (gint)(file_tell(fh) - pos_before);
+
+		/* ...but don't want to include newline in line length */
+		if (length > 0 && line[length - 1] == '\n') {
+			line[length - 1] = '\0';
+			length = length - 1;
+		}
+		/* Nor do we want '\r' (as will be written when log is created on windows) */
+		if (length > 0 && line[length - 1] == '\r') {
+			line[length - 1] = '\0';
+			length = length - 1;
+		}
+
+		if (0 < iso8601_to_nstime(&packet_time, line+1)) {
+			rec->ts.secs = packet_time.secs;
+			rec->ts.nsecs = packet_time.nsecs;
+			rec->presence_flags |= WTAP_HAS_TS;
+		} else {
+			rec->ts.secs = 0;
+			rec->ts.nsecs = 0;
+			rec->presence_flags = 0; /* no time stamp, no separate "on the wire" length */
+		}
+		/* We've got a full packet! */
+		rec->rec_type = REC_TYPE_PACKET;
+		rec->block = wtap_block_create(WTAP_BLOCK_PACKET);
+		rec->rec_header.packet_header.caplen = length;
+		rec->rec_header.packet_header.len = length;
+
+		*err = 0;
+
+		/* Make sure we have enough room for the packet */
+		ws_buffer_assure_space(buf, rec->rec_header.packet_header.caplen);
+		memcpy(ws_buffer_start_ptr(buf), line, rec->rec_header.packet_header.caplen);
+
+		return TRUE;
+
+	}
+	return FALSE;
+}
+
+/* Find the next packet and parse it; called from wtap_read(). */
+static gboolean eri_enb_log_read(wtap* wth, wtap_rec* rec, Buffer* buf,
+	int* err, gchar** err_info, gint64* data_offset)
+{
+	*data_offset = file_tell(wth->fh);
+
+	return eri_enb_log_get_packet(wth->fh, rec, buf, err, err_info);
+}
+
+/* Used to read packets in random-access fashion */
+static gboolean eri_enb_log_seek_read(wtap* wth, gint64 seek_off,
+	wtap_rec* rec, Buffer* buf, int* err, gchar** err_info)
+{
+	if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
+	{
+		return FALSE;
+	}
+
+	return eri_enb_log_get_packet(wth->random_fh, rec, buf, err, err_info);
+}
+
+wtap_open_return_val
+eri_enb_log_open(wtap *wth, int *err, gchar **err_info)
+{
+	char line1[64];
+
+	/* Look for Gammu DCT3 trace header */
+	if (file_gets(line1, sizeof(line1), wth->fh) == NULL)
+	{
+		*err = file_error(wth->fh, err_info);
+		if (*err != 0 && *err != WTAP_ERR_SHORT_READ)
+			return WTAP_OPEN_ERROR;
+		return WTAP_OPEN_NOT_MINE;
+	}
+
+	if (g_strstr_len(line1, strlen(eri_enb_log_magic), eri_enb_log_magic) != 0 )
+	{
+		return WTAP_OPEN_NOT_MINE;
+	}
+
+	if (file_seek(wth->fh, 0, SEEK_SET, err) == -1)
+		return WTAP_OPEN_ERROR;
+
+	wth->file_type_subtype = eri_enb_log_file_type_subtype;
+	wth->file_encap = WTAP_ENCAP_ERI_ENB_LOG;
+	wth->file_tsprec = WTAP_TSPREC_NSEC;
+	wth->subtype_read = eri_enb_log_read;
+	wth->subtype_seek_read = eri_enb_log_seek_read;
+	wth->snapshot_length = 0;
+
+	return WTAP_OPEN_MINE;
+}
+
+static const struct supported_block_type eri_enb_log_blocks_supported[] = {
+	/*
+	 * This is a file format that we dissect, so we provide
+	 * only one "packet" with the file's contents, and don't
+	 * support any options.
+	 */
+	{ WTAP_BLOCK_PACKET, MULTIPLE_BLOCKS_SUPPORTED, NO_OPTIONS_SUPPORTED }
+};
+
+static const struct file_type_subtype_info eri_enb_log_info = {
+	"Ericsson eNode-B raw log", "eri_enb_log", "eri_enb_log", NULL,
+	FALSE, BLOCKS_SUPPORTED(eri_enb_log_blocks_supported),
+	NULL, NULL, NULL
+};
+
+void register_eri_enb_log(void)
+{
+	eri_enb_log_file_type_subtype = wtap_register_file_type_subtype(&eri_enb_log_info);
+
+	/*
+	 * Register name for backwards compatibility with the
+	 * wtap_filetypes table in Lua.
+	 */
+	//wtap_register_backwards_compatibility_lua_name("MP4",
+	//    eri_enb_log_file_type_subtype);
+}
+
+/*
+ * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
+ *
+ * Local variables:
+ * c-basic-offset: 8
+ * tab-width: 8
+ * indent-tabs-mode: t
+ * End:
+ *
+ * vi: set shiftwidth=8 tabstop=8 noexpandtab:
+ * :indentSize=8:tabSize=8:noTabs=false:
+ */
--- a/wiretap/eri_enb_log.h
+++ b/wiretap/eri_enb_log.h
@ -0,0 +1,16 @@
+/* eri_enb_log.h
+ *
+ * Ericsson eNode-B raw log file format decoder for the Wiretap library.
+ *
+ * Wiretap Library
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef __W_ERI_ENB_LOG_H__
+#define __W_ERI_ENB_LOG_H__
+
+#include "wtap.h"
+
+wtap_open_return_val eri_enb_log_open(wtap *wth, int *err, gchar **err_info);
+
+#endif /* __W_ERI_ENB_LOG_H__*/
--- a/wiretap/file_access.c
+++ b/wiretap/file_access.c
@ -89,6 +89,7 @@
 #include "candump.h"
 #include "busmaster.h"
 #include "blf.h"
+#include "eri_enb_log.h"


 /*
@ -435,6 +436,8 @@ static const struct open_info open_info_base[] = {
 	{ "Android Logcat Text formats",            OPEN_INFO_HEURISTIC, logcat_text_open,         "txt",      NULL, NULL },
 	{ "Candump log",                            OPEN_INFO_HEURISTIC, candump_open,             NULL,       NULL, NULL },
 	{ "Busmaster log",                          OPEN_INFO_HEURISTIC, busmaster_open,           NULL,       NULL, NULL },
+	{ "Ericsson eNode-B raw log",               OPEN_INFO_MAGIC,     eri_enb_log_open,         NULL,       NULL, NULL },
+
 	/* ASCII trace files from Telnet sessions. */
 	{ "Lucent/Ascend access server trace",      OPEN_INFO_HEURISTIC, ascend_open,              "txt",      NULL, NULL },
 	{ "Toshiba Compact ISDN Router snoop",      OPEN_INFO_HEURISTIC, toshiba_open,             "txt",      NULL, NULL },
--- a/wiretap/wtap.c
+++ b/wiretap/wtap.c
@ -1173,6 +1173,10 @@ static struct encap_type_info encap_table_base[] = {

 	/* WTAP_ENCAP_ETW */
 	{ "etw", "Event Tracing for Windows messages" },
+
+	/* WTAP_ENCAP_ERI_ENB_LOG */
+	{ "eri_enb_log", "Ericsson eNode-B raw log" },
+
 };

 WS_DLL_LOCAL
--- a/wiretap/wtap.h
+++ b/wiretap/wtap.h
@ -290,6 +290,7 @@ extern "C" {
 #define WTAP_ENCAP_SLL2                         210
 #define WTAP_ENCAP_ZWAVE_SERIAL                 211
 #define WTAP_ENCAP_ETW                          212
+#define WTAP_ENCAP_ERI_ENB_LOG                  213

 /* After adding new item here, please also add new item to encap_table_base array */