From Brian Ginsbach: fix handling of IRIX and UNICOS/mp snoop captures
on loopback interfaces. svn path=/trunk/; revision=8945
This commit is contained in:
parent
97279aa836
commit
f0887775c2
|
@ -1,7 +1,7 @@
|
|||
/* packet-null.c
|
||||
* Routines for null packet disassembly
|
||||
*
|
||||
* $Id: packet-null.c,v 1.60 2003/10/01 07:11:44 guy Exp $
|
||||
* $Id: packet-null.c,v 1.61 2003/11/11 20:49:45 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
@ -179,6 +179,19 @@ capture_null( const guchar *pd, int len, packet_counts *ld )
|
|||
if ((null_header & 0xFFFF0000) != 0) {
|
||||
/* Byte-swap it. */
|
||||
null_header = BSWAP32(null_header);
|
||||
|
||||
/*
|
||||
* It is possible that the AF_ type was only a 16 bit value.
|
||||
* IRIX and UNICOS/mp loopback snoop use a 4 byte header with
|
||||
* AF_ type in the first 2 bytes!
|
||||
* BSD AF_ types will always have the upper 8 bits as 0.
|
||||
*/
|
||||
if ((null_header & 0x0000FF00) != 0) {
|
||||
guint16 aftype;
|
||||
|
||||
memcpy((char *)&aftype, (const char *)&pd[0], sizeof(aftype));
|
||||
null_header = g_ntohl(aftype);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -194,6 +207,7 @@ capture_null( const guchar *pd, int len, packet_counts *ld )
|
|||
if (null_header > IEEE_802_3_MAX_LEN)
|
||||
capture_ethertype(null_header, pd, 4, len, ld);
|
||||
else {
|
||||
|
||||
switch (null_header) {
|
||||
|
||||
case BSD_AF_INET:
|
||||
|
@ -246,6 +260,18 @@ dissect_null(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
if ((null_header & 0xFFFF0000) != 0) {
|
||||
/* Byte-swap it. */
|
||||
null_header = BSWAP32(null_header);
|
||||
/*
|
||||
* It is possible that the AF_ type was only a 16 bit value.
|
||||
* IRIX and UNICOS/mp loopback snoop use a 4 byte header with
|
||||
* AF_ type in the first 2 bytes!
|
||||
* BSD AF_ types will always have the upper 8 bits as 0.
|
||||
*/
|
||||
if ((null_header & 0x0000FF00) != 0) {
|
||||
guint16 aftype;
|
||||
|
||||
tvb_memcpy(tvb, (guint8 *)&aftype, 0, sizeof(aftype));
|
||||
null_header = g_ntohl(aftype);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* snoop.c
|
||||
*
|
||||
* $Id: snoop.c,v 1.64 2003/11/04 22:14:50 guy Exp $
|
||||
* $Id: snoop.c,v 1.65 2003/11/11 20:49:46 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -189,12 +189,12 @@ int snoop_open(wtap *wth, int *err)
|
|||
WTAP_ENCAP_UNKNOWN, /* Character Synchronous, e.g. bisync */
|
||||
WTAP_ENCAP_UNKNOWN, /* IBM Channel-to-Channel */
|
||||
WTAP_ENCAP_FDDI_BITSWAPPED,
|
||||
WTAP_ENCAP_RAW_IP, /* Other */
|
||||
WTAP_ENCAP_NULL, /* Other */
|
||||
WTAP_ENCAP_UNKNOWN, /* Frame Relay LAPF */
|
||||
WTAP_ENCAP_UNKNOWN, /* Multi-protocol over Frame Relay */
|
||||
WTAP_ENCAP_UNKNOWN, /* Character Async (e.g., SLIP and PPP?) */
|
||||
WTAP_ENCAP_UNKNOWN, /* X.25 Classical IP */
|
||||
WTAP_ENCAP_RAW_IP, /* software loopback */
|
||||
WTAP_ENCAP_NULL, /* software loopback */
|
||||
WTAP_ENCAP_UNKNOWN, /* not defined in "dlpi.h" */
|
||||
WTAP_ENCAP_IP_OVER_FC, /* Fibre Channel */
|
||||
WTAP_ENCAP_UNKNOWN, /* ATM */
|
||||
|
|
Loading…
Reference in New Issue