osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
wireshark/epan/dissectors/packet-rudp.c

230 lines
6.0 KiB
C
Raw Blame History

/* packet-rudp.c
* Routines for Reliable UDP Protocol.
* Copyright 2004, Duncan Sargeant <dunc-ethereal@rcpt.to>
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* Copied from packet-data.c, README.developer, and various other files.
*
* SPDX-License-Identifier: GPL-2.0-or-later
* Reliable UDP is a lightweight protocol for providing TCP-like flow
* control over UDP. Cisco published an PFC a long time ago, and
* their actual implementation is slightly different, having no
* checksum field.
*
* I've cheated here - RUDP could be used for anything, but I've only
* seen it used to switched telephony calls, so we just call the Cisco SM
* dissector from here.
*
* Here are some links:
*
* http://www.watersprings.org/pub/id/draft-ietf-sigtran-reliable-udp-00.txt
* http://www.javvin.com/protocolRUDP.html
* http://www.cisco.com/univercd/cc/td/doc/product/access/sc/rel7/omts/omts_apb.htm#30052
*/
#include "config.h"
#include <epan/packet.h>
void proto_register_rudp(void);
void proto_reg_handoff_rudp(void);
static int proto_rudp = -1;
static int hf_rudp_flags = -1;
static int hf_rudp_flags_syn = -1;
static int hf_rudp_flags_ack = -1;
static int hf_rudp_flags_eak = -1;
static int hf_rudp_flags_rst = -1;
static int hf_rudp_flags_nul = -1;
static int hf_rudp_flags_chk = -1;
static int hf_rudp_flags_tcs = -1;
static int hf_rudp_flags_0 = -1;
static int hf_rudp_hlen = -1;
static int hf_rudp_seq = -1;
static int hf_rudp_ack = -1;
static int hf_rudp_cksum = -1;
static gint ett_rudp = -1;
static gint ett_rudp_flags = -1;
static dissector_handle_t sm_handle = NULL;
static int
dissect_rudp(tvbuff_t *tvb, packet_info *pinfo _U_ , proto_tree *tree, void* data _U_)
{
tvbuff_t * next_tvb;
proto_tree *rudp_tree;
proto_item *ti;
guint8 hlen;
static int * const flags[] = {
&hf_rudp_flags_syn,
&hf_rudp_flags_ack,
&hf_rudp_flags_eak,
&hf_rudp_flags_rst,
&hf_rudp_flags_nul,
&hf_rudp_flags_chk,
&hf_rudp_flags_tcs,
&hf_rudp_flags_0,
NULL
};
hlen = tvb_get_guint8(tvb, 1);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "RUDP");
col_clear(pinfo->cinfo, COL_INFO);
ti = proto_tree_add_item(tree, proto_rudp, tvb, 0, hlen, ENC_NA);
rudp_tree = proto_item_add_subtree(ti, ett_rudp);
proto_tree_add_bitmask(rudp_tree, tvb, 0, hf_rudp_flags, ett_rudp_flags, flags, ENC_BIG_ENDIAN);
proto_tree_add_item(rudp_tree, hf_rudp_hlen, tvb, 1, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(rudp_tree, hf_rudp_seq, tvb, 2, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(rudp_tree, hf_rudp_ack, tvb, 3, 1, ENC_BIG_ENDIAN);
/* If the header is more than 4 bytes the next 2 bytes are the checksum */
if (hlen > 4) {
proto_tree_add_checksum(rudp_tree, tvb, 4, hf_rudp_cksum, -1, NULL, pinfo, 0, ENC_BIG_ENDIAN, PROTO_CHECKSUM_NO_FLAGS);
}
/* If we have even more bytes their meaning is unknown - we have seen this
* in live captures */
if (hlen > 6) {
next_tvb = tvb_new_subset_length(tvb, 6, hlen-6);
call_data_dissector(next_tvb, pinfo, rudp_tree);
}
next_tvb = tvb_new_subset_remaining(tvb, hlen);
if (tvb_captured_length(next_tvb) && sm_handle)
call_dissector(sm_handle, next_tvb, pinfo, tree);
return tvb_captured_length(tvb);
}
void
proto_register_rudp(void)
{
static hf_register_info hf[] = {
{ &hf_rudp_flags,
{ "RUDP Header flags", "rudp.flags",
FT_UINT8, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_rudp_flags_syn,
{ "Syn", "rudp.flags.syn",
FT_BOOLEAN, 8, NULL, 0x80,
NULL, HFILL }
},
{ &hf_rudp_flags_ack,
{ "Ack", "rudp.flags.ack",
FT_BOOLEAN, 8, NULL, 0x40,
NULL, HFILL }
},
{ &hf_rudp_flags_eak,
{ "Eak", "rudp.flags.eak",
FT_BOOLEAN, 8, NULL, 0x20,
"Extended Ack", HFILL }
},
{ &hf_rudp_flags_rst,
{ "RST", "rudp.flags.rst",
FT_BOOLEAN, 8, NULL, 0x10,
"Reset flag", HFILL }
},
{ &hf_rudp_flags_nul,
{ "NULL", "rudp.flags.nul",
FT_BOOLEAN, 8, NULL, 0x08,
"Null flag", HFILL }
},
{ &hf_rudp_flags_chk,
{ "CHK", "rudp.flags.chk",
FT_BOOLEAN, 8, NULL, 0x04,
"Checksum is on header or body", HFILL }
},
{ &hf_rudp_flags_tcs,
{ "TCS", "rudp.flags.tcs",
FT_BOOLEAN, 8, NULL, 0x02,
"Transfer Connection System", HFILL }
},
{ &hf_rudp_flags_0,
{ "0", "rudp.flags.0",
FT_BOOLEAN, 8, NULL, 0x01,
NULL, HFILL }
},
{ &hf_rudp_hlen,
{ "Header Length", "rudp.hlen",
FT_UINT8, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_rudp_seq,
{ "Seq", "rudp.seq",
FT_UINT8, BASE_DEC, NULL, 0x0,
"Sequence Number", HFILL }
},
{ &hf_rudp_ack,
{ "Ack", "rudp.ack",
FT_UINT8, BASE_DEC, NULL, 0x0,
"Acknowledgement Number", HFILL }
},
{ &hf_rudp_cksum,
{ "Checksum", "rudp.cksum",
FT_UINT16, BASE_HEX, NULL, 0x0,
NULL, HFILL }
},
};
/* Setup protocol subtree array */
static gint *ett[] = {
&ett_rudp,
&ett_rudp_flags,
};
proto_rudp = proto_register_protocol ("Reliable UDP", "RUDP", "rudp");
proto_register_field_array(proto_rudp, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
}
void
proto_reg_handoff_rudp(void) {
dissector_handle_t rudp_handle;
/* Disable rudp by default. The previously hardcoded value of
* 7000 (used by Cisco) collides with afs and as the draft states:
* "RUDP doesn't place any restrictions on which UDP port numbers are used.
* Valid port numbers are ports not defined in RFC 1700."
*/
/* FIXME: The proper solution would be to convert this dissector into
* heuristic dissector, but it isn't complete anyway.
*/
rudp_handle = create_dissector_handle(dissect_rudp, proto_rudp);
dissector_add_for_decode_as_with_preference("udp.port", rudp_handle);
sm_handle = find_dissector_add_dependency("sm", proto_rudp);
}
/*
* Editor modelines - https://www.wireshark.org/tools/modelines.html
*
* Local variables:
* c-basic-offset: 8
* tab-width: 8
* indent-tabs-mode: t
* End:
*
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
* :indentSize=8:tabSize=8:noTabs=false:
*/
Reference in New Issue View Git Blame Copy Permalink