osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
wireshark/epan/dissectors/packet-redback.c

259 lines
7.8 KiB
C
Raw Blame History

/* packet-redback.c
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
*
* Ericsson SmartEdge tcpdump trace disassembly
* Copyright 2005-2014 Florian Lohoff <f@zz.de>
*
* SPDX-License-Identifier: GPL-2.0-or-later
*/
#include "config.h"
#include <epan/packet.h>
#include <epan/expert.h>
#include <wiretap/wtap.h>
void proto_register_redback(void);
void proto_reg_handoff_redback(void);
static dissector_handle_t redback_handle;
static gint ett_redback = -1;
static dissector_table_t osinl_incl_subdissector_table;
static dissector_table_t osinl_excl_subdissector_table;
static dissector_handle_t ipv4_handle;
static dissector_handle_t ipv6_handle;
static dissector_handle_t ethnofcs_handle;
static dissector_handle_t clnp_handle;
static dissector_handle_t arp_handle;
static dissector_handle_t ppp_handle;
static dissector_handle_t ppphdlc_handle;
static int proto_redback = -1;
static int hf_redback_circuit = -1;
static int hf_redback_context = -1;
static int hf_redback_dataoffset = -1;
static int hf_redback_flags = -1;
static int hf_redback_l3offset = -1;
static int hf_redback_length = -1;
static int hf_redback_padding = -1;
static int hf_redback_protocol = -1;
static int hf_redback_unknown = -1;
static expert_field ei_redback_protocol = EI_INIT;
static int
dissect_redback(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
{
guint16 l3off, dataoff, proto;
proto_item *ti, *protocol_item;
proto_tree *rbtree = NULL;
tvbuff_t *next_tvb;
col_set_str(pinfo->cinfo,COL_PROTOCOL,"RBN");
dataoff = tvb_get_ntohs(tvb, 20);
l3off = tvb_get_ntohs(tvb, 22);
ti = proto_tree_add_item(tree, proto_redback, tvb, 0, -1, ENC_NA);
rbtree = proto_item_add_subtree(ti, ett_redback);
proto_tree_add_item(rbtree, hf_redback_context, tvb, 0, 4, ENC_BIG_ENDIAN);
proto_tree_add_item(rbtree, hf_redback_flags, tvb, 4, 4, ENC_BIG_ENDIAN);
proto_tree_add_item(rbtree, hf_redback_circuit, tvb, 8, 8, ENC_BIG_ENDIAN);
proto_tree_add_item(rbtree, hf_redback_length, tvb, 16, 2, ENC_BIG_ENDIAN);
protocol_item = proto_tree_add_item(rbtree, hf_redback_protocol, tvb, 18, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(rbtree, hf_redback_dataoffset, tvb, 20, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(rbtree, hf_redback_l3offset, tvb, 22, 2, ENC_BIG_ENDIAN);
if (dataoff > 24) {
proto_tree_add_item(rbtree, hf_redback_padding, tvb, 24, dataoff-24, ENC_NA);
}
proto = tvb_get_ntohs(tvb, 18);
switch(proto) {
case 0x01:
/*
* IP on Ethernet - Incoming data points to an ethernet header
* outgoing we have a pure IPv4 Packet
*/
next_tvb = tvb_new_subset_remaining(tvb, dataoff);
if (dataoff == l3off)
call_dissector(ipv4_handle, next_tvb, pinfo, tree);
else if (dataoff+2 == l3off)
call_dissector(ppp_handle, next_tvb, pinfo, tree);
else if (dataoff+4 == l3off)
call_dissector(ppphdlc_handle, next_tvb, pinfo, tree);
else
call_dissector(ethnofcs_handle, next_tvb, pinfo, tree);
break;
case 0x02:
/*
* This is ISIS - Either incoming with ethernet FCS
* and CLNP - passed to the eth dissector or in case
* of outgoing it's pure ISIS and the linecard attaches
* the ethernet and CLNP headers ...
*
*/
next_tvb = tvb_new_subset_remaining(tvb, dataoff);
if (l3off > dataoff) {
call_dissector(ethnofcs_handle, next_tvb, pinfo, tree);
} else {
guint8 nlpid = tvb_get_guint8(tvb, dataoff);
if(dissector_try_uint(osinl_incl_subdissector_table, nlpid, next_tvb, pinfo, tree))
break;
next_tvb = tvb_new_subset_remaining(tvb, dataoff+1);
if(dissector_try_uint(osinl_excl_subdissector_table, nlpid, next_tvb, pinfo, tree))
break;
next_tvb = tvb_new_subset_remaining(tvb, dataoff);
call_data_dissector(next_tvb, pinfo, tree);
}
break;
case 0x06: {
/*
* PPP Messages e.g. LCP, IPCP etc - possibly on ethernet in case of PPPoE.
* PPPoE messages are Protocol 8 ...
*/
guint32 flags;
flags = tvb_get_ntohl(tvb, 4);
if (flags & 0x04000000) {
next_tvb = tvb_new_subset_remaining(tvb, dataoff);
} else {
if (tree)
proto_tree_add_item(rbtree, hf_redback_unknown, tvb, dataoff, 4, ENC_NA);
next_tvb = tvb_new_subset_remaining(tvb, dataoff+4);
}
if (l3off == dataoff) {
call_dissector(ppp_handle, next_tvb, pinfo, tree);
} else {
call_dissector(ethnofcs_handle, next_tvb, pinfo, tree);
}
break;
}
case 0x03: /* Unicast Ethernet tx - Seen with PPPoE PADO */
case 0x04: /* Unicast Ethernet rx - Seen with ARP */
case 0x08: /* Broadcast Ethernet rx - Seen with PPPoE PADI */
next_tvb = tvb_new_subset_remaining(tvb, dataoff);
call_dissector(ethnofcs_handle, next_tvb, pinfo, tree);
break;
case 0x09: /* IPv6 either encapsulated as ethernet or native ip */
next_tvb = tvb_new_subset_remaining(tvb, dataoff);
if (dataoff == l3off)
call_dissector(ipv6_handle, next_tvb, pinfo, tree);
else
call_dissector(ethnofcs_handle, next_tvb, pinfo, tree);
break;
default:
expert_add_info(pinfo, protocol_item, &ei_redback_protocol);
break;
}
return tvb_captured_length(tvb);
}
void
proto_register_redback(void)
{
static hf_register_info hf[] = {
{ &hf_redback_context,
{ "Context", "redback.context",
FT_UINT32, BASE_HEX, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_flags,
{ "Flags", "redback.flags",
FT_UINT32, BASE_HEX, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_circuit,
{ "Circuit", "redback.circuit",
FT_UINT64, BASE_HEX, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_length,
{ "Length", "redback.length",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_protocol,
{ "Protocol", "redback.protocol",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_l3offset,
{ "Layer 3 Offset", "redback.l3offset",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_dataoffset,
{ "Data Offset", "redback.dataoffset",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_padding,
{ "Padding", "redback.padding",
FT_BYTES, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_redback_unknown,
{ "Unknown", "redback.unknown",
FT_BYTES, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
};
static gint *ett[] = {
&ett_redback
};
static ei_register_info ei[] = {
{ &ei_redback_protocol, { "redback.protocol.unknown", PI_PROTOCOL, PI_WARN, "Unknown Protocol Data", EXPFILL }},
};
expert_module_t* expert_redback;
proto_redback = proto_register_protocol("Redback", "Redback", "redback");
proto_register_field_array(proto_redback, hf, array_length(hf));
redback_handle = register_dissector("redback", dissect_redback, proto_redback);
proto_register_subtree_array(ett, array_length(ett));
expert_redback = expert_register_protocol(proto_redback);
expert_register_field_array(expert_redback, ei, array_length(ei));
}
void
proto_reg_handoff_redback(void)
{
osinl_incl_subdissector_table = find_dissector_table("osinl.incl");
osinl_excl_subdissector_table = find_dissector_table("osinl.excl");
ipv4_handle = find_dissector_add_dependency("ip", proto_redback);
ipv6_handle = find_dissector_add_dependency("ipv6", proto_redback);
ethnofcs_handle = find_dissector_add_dependency("eth_withoutfcs", proto_redback);
clnp_handle = find_dissector_add_dependency("clnp", proto_redback);
arp_handle = find_dissector_add_dependency("arp", proto_redback);
ppp_handle = find_dissector_add_dependency("ppp", proto_redback);
ppphdlc_handle = find_dissector_add_dependency("ppp_hdlc", proto_redback);
dissector_add_uint("wtap_encap", WTAP_ENCAP_REDBACK, redback_handle);
}
/*
* Editor modelines - https://www.wireshark.org/tools/modelines.html
*
* Local variables:
* c-basic-offset: 8
* tab-width: 8
* indent-tabs-mode: t
* End:
*
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
* :indentSize=8:tabSize=8:noTabs=false:
*/
Reference in New Issue View Git Blame Copy Permalink