osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
wireshark/epan/dissectors/packet-ipvs-syncd.c

486 lines
14 KiB
C
Raw Blame History

/* packet-ipvs-syncd.c 2001 Ronnie Sahlberg <See AUTHORS for email>
* Routines for IGMP packet disassembly
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* SPDX-License-Identifier: GPL-2.0-or-later
*/
#include "config.h"
#include <epan/packet.h>
void proto_register_ipvs_syncd(void);
void proto_reg_handoff_ipvs_syncd(void);
static int proto_ipvs_syncd = -1;
static int hf_conn_count = -1;
static int hf_syncid = -1;
static int hf_size = -1;
static int hf_resv = -1;
static int hf_version = -1;
static int hf_proto = -1;
static int hf_cport = -1;
static int hf_vport = -1;
static int hf_dport = -1;
static int hf_caddr = -1;
static int hf_vaddr = -1;
static int hf_daddr = -1;
static int hf_flags = -1;
static int hf_flags_conn_type = -1;
static int hf_flags_hashed_entry = -1;
static int hf_flags_no_output_packets = -1;
static int hf_flags_conn_not_established = -1;
static int hf_flags_adjust_output_seq = -1;
static int hf_flags_adjust_input_seq = -1;
static int hf_flags_no_client_port_set = -1;
static int hf_state = -1;
static int hf_in_seq_init = -1;
static int hf_in_seq_delta = -1;
static int hf_in_seq_pdelta = -1;
static int hf_out_seq_init = -1;
static int hf_out_seq_delta = -1;
static int hf_out_seq_pdelta = -1;
/* Payload v1 */
static int hf_type = -1;
static int hf_ver = -1;
static int hf_size_v1 = -1;
static int hf_flags_v1 = -1;
static int hf_fwmark = -1;
static int hf_timeout = -1;
static int hf_caddr6 = -1;
static int hf_vaddr6 = -1;
static int hf_daddr6 = -1;
static int ett_ipvs_syncd = -1;
static int ett_conn = -1;
static int ett_flags = -1;
#define IPVS_SYNCD_MC_GROUP "224.0.0.18"
#define IPVS_SYNCD_PORT 8848 /* Not IANA registered */
static const value_string proto_strings[] = {
{0x06, "TCP"},
{0x11, "UDP"},
{0x00, NULL},
};
static const value_string state_strings[] = {
{0x00, "Input"},
{0x04, "Output"},
{0x08, "Input Only"},
{0x00, NULL},
};
static const value_string type_strings[] = {
{0x0, "IPv4"},
{0x2, "IPv6"},
{0x00, NULL},
};
/*
* IPVS Connection Flags
* Pulled from include/net/ip_vs.h in linux kernel source
*/
#define IP_VS_CONN_F_FWD_MASK 0x0007 /* mask for the fwd methods */
#define IP_VS_CONN_F_MASQ 0x0000 /* masquerading */
#define IP_VS_CONN_F_LOCALNODE 0x0001 /* local node */
#define IP_VS_CONN_F_TUNNEL 0x0002 /* tunneling */
#define IP_VS_CONN_F_DROUTE 0x0003 /* direct routing */
#define IP_VS_CONN_F_BYPASS 0x0004 /* cache bypass */
#define IP_VS_CONN_F_HASHED 0x0040 /* hashed entry */
#define IP_VS_CONN_F_NOOUTPUT 0x0080 /* no output packets */
#define IP_VS_CONN_F_INACTIVE 0x0100 /* not established */
#define IP_VS_CONN_F_OUT_SEQ 0x0200 /* must do output seq adjust */
#define IP_VS_CONN_F_IN_SEQ 0x0400 /* must do input seq adjust */
#define IP_VS_CONN_F_SEQ_MASK 0x0600 /* in/out sequence mask */
#define IP_VS_CONN_F_NO_CPORT 0x0800 /* no client port set yet */
static const value_string connection_type_strings[] = {
{IP_VS_CONN_F_MASQ, "Masquerade"},
{IP_VS_CONN_F_LOCALNODE, "Local Node"},
{IP_VS_CONN_F_TUNNEL, "Tunnel"},
{IP_VS_CONN_F_DROUTE, "Direct Routing"},
{0x00, NULL},
};
static int
dissect_ipvs_syncd(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data _U_)
{
proto_tree *tree;
proto_item *item;
int offset = 0;
guint8 cnt = 0;
guint8 version = 0;
int conn = 0;
item = proto_tree_add_item(parent_tree, proto_ipvs_syncd, tvb, offset, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_ipvs_syncd);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "IPVS");
col_clear(pinfo->cinfo, COL_INFO);
cnt = tvb_get_guint8(tvb, offset);
if(cnt == 0) { //Version 1 (or after...) first byte is reserved
proto_tree_add_item(tree, hf_resv, tvb, offset, 1, ENC_NA);
col_set_str(pinfo->cinfo, COL_INFO, "v1");
} else {
proto_tree_add_item(tree, hf_conn_count, tvb, offset, 1, ENC_BIG_ENDIAN);
col_set_str(pinfo->cinfo, COL_INFO, "v0");
}
offset += 1;
proto_tree_add_item(tree, hf_syncid, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(tree, hf_size, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
if(cnt == 0) { //Version 1 (or after...)
cnt = tvb_get_guint8(tvb, offset);
proto_tree_add_item(tree, hf_conn_count, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
version = tvb_get_guint8(tvb, offset);
proto_tree_add_item(tree, hf_version, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(tree, hf_resv, tvb, offset, 2, ENC_NA);
offset += 2;
}
col_append_fstr(pinfo->cinfo, COL_INFO, " %u Connection(s)", cnt);
for (conn = 0; conn < cnt; conn++)
{
if(version) {
proto_tree *ctree;
guint8 type;
guint16 size;
ctree = proto_tree_add_subtree_format(tree, tvb, offset, 36, ett_conn, NULL,
"Connection #%d", conn+1);
type = tvb_get_guint8(tvb, offset);
proto_tree_add_item(ctree, hf_type, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(ctree, hf_proto, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
size = (tvb_get_ntohs(tvb, offset) & 0x1FFF);
proto_item_set_len(ctree, size);
proto_tree_add_item(ctree, hf_ver, tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(ctree, hf_size_v1, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_flags_v1, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_state, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_cport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_vport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_dport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_fwmark, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_timeout, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
if(type == 0){ /* IPv4 */
proto_tree_add_item(ctree, hf_caddr, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_vaddr, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_daddr, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
} else { /* IPv6 */
proto_tree_add_item(ctree, hf_caddr6, tvb, offset, 16, ENC_NA);
offset += 16;
proto_tree_add_item(ctree, hf_vaddr6, tvb, offset, 16, ENC_NA);
offset += 16;
proto_tree_add_item(ctree, hf_daddr6, tvb, offset, 16, ENC_NA);
offset += 16;
}
} else {
proto_tree *ctree;
proto_tree *ftree, *fi;
guint16 flags;
ctree = proto_tree_add_subtree_format(tree, tvb, offset, 24, ett_conn, NULL,
"Connection #%d", conn+1);
proto_tree_add_item(ctree, hf_resv, tvb, offset, 1, ENC_NA);
offset += 1;
proto_tree_add_item(ctree, hf_proto, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(ctree, hf_cport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_vport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_dport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_caddr, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_vaddr, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_daddr, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
flags = tvb_get_ntohs(tvb, offset);
fi = proto_tree_add_item(ctree, hf_flags, tvb, offset, 2, ENC_BIG_ENDIAN);
ftree = proto_item_add_subtree(fi, ett_flags);
proto_tree_add_item(ftree, hf_flags_conn_type, tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(ftree, hf_flags_hashed_entry, tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(ftree, hf_flags_no_output_packets, tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(ftree, hf_flags_conn_not_established, tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(ftree, hf_flags_adjust_output_seq, tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(ftree, hf_flags_adjust_input_seq, tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(ftree, hf_flags_no_client_port_set, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(ctree, hf_state, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
/* we have full connection info */
if ( flags & IP_VS_CONN_F_SEQ_MASK )
{
proto_tree_add_item(ctree, hf_in_seq_init, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_in_seq_delta, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_in_seq_pdelta, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_out_seq_init, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_out_seq_delta, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(ctree, hf_out_seq_pdelta, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
}
}
}
return tvb_captured_length(tvb);
}
void
proto_register_ipvs_syncd(void)
{
static hf_register_info hf[] = {
{ &hf_conn_count,
{ "Connection Count", "ipvs.conncount", FT_UINT8, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_syncid,
{ "Synchronization ID", "ipvs.syncid", FT_UINT8, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_size,
{ "Size", "ipvs.size", FT_UINT16, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_resv,
{ "Reserved", "ipvs.resv", FT_BYTES, BASE_NONE,
NULL, 0, NULL, HFILL }},
{ &hf_version,
{ "Version", "ipvs.version", FT_UINT8, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_proto,
{ "Protocol", "ipvs.proto", FT_UINT8, BASE_HEX,
VALS(proto_strings), 0, NULL, HFILL }},
{ &hf_cport,
{ "Client Port", "ipvs.cport", FT_UINT16, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_vport,
{ "Virtual Port", "ipvs.vport", FT_UINT16, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_dport,
{ "Destination Port", "ipvs.dport", FT_UINT16, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_caddr,
{ "Client Address", "ipvs.caddr", FT_IPv4, BASE_NONE,
NULL, 0, NULL, HFILL }},
{ &hf_vaddr,
{ "Virtual Address", "ipvs.vaddr", FT_IPv4, BASE_NONE,
NULL, 0, NULL, HFILL }},
{ &hf_daddr,
{ "Destination Address", "ipvs.daddr", FT_IPv4, BASE_NONE,
NULL, 0, NULL, HFILL }},
{ &hf_flags,
{ "Flags", "ipvs.flags", FT_UINT16, BASE_HEX,
NULL, 0, NULL, HFILL }},
{ &hf_flags_conn_type,
{ "Connection Type", "ipvs.flags.conn_type", FT_UINT16, BASE_HEX,
VALS(connection_type_strings), 0x0F, NULL, HFILL }},
{ &hf_flags_hashed_entry,
{ "Hashed Entry", "ipvs.flags.hashed_entry", FT_BOOLEAN, 16,
TFS(&tfs_true_false), IP_VS_CONN_F_HASHED, NULL, HFILL }},
{ &hf_flags_no_output_packets,
{ "No Output Packets", "ipvs.flags.no_output_packets", FT_BOOLEAN, 16,
TFS(&tfs_true_false), IP_VS_CONN_F_NOOUTPUT, NULL, HFILL }},
{ &hf_flags_conn_not_established,
{ "Connection Not Established", "ipvs.flags.conn_not_established", FT_BOOLEAN, 16,
TFS(&tfs_true_false), IP_VS_CONN_F_INACTIVE, NULL, HFILL }},
{ &hf_flags_adjust_output_seq,
{ "Adjust Output Sequence", "ipvs.flags.adjust_output_seq", FT_BOOLEAN, 16,
TFS(&tfs_true_false), IP_VS_CONN_F_OUT_SEQ, NULL, HFILL }},
{ &hf_flags_adjust_input_seq,
{ "Adjust Input Sequence", "ipvs.flags.adjust_input_seq", FT_BOOLEAN, 16,
TFS(&tfs_true_false), IP_VS_CONN_F_IN_SEQ, NULL, HFILL }},
{ &hf_flags_no_client_port_set,
{ "No Client Port Set", "ipvs.flags.no_client_port_set", FT_BOOLEAN, 16,
TFS(&tfs_true_false), IP_VS_CONN_F_NO_CPORT, NULL, HFILL }},
{ &hf_state,
{ "State", "ipvs.state", FT_UINT16, BASE_HEX,
VALS(state_strings), 0, NULL, HFILL }},
{ &hf_in_seq_init,
{ "Input Sequence (Initial)", "ipvs.in_seq.initial", FT_UINT32,
BASE_HEX, NULL, 0, NULL, HFILL }},
{ &hf_in_seq_delta,
{ "Input Sequence (Delta)", "ipvs.in_seq.delta", FT_UINT32,
BASE_HEX, NULL, 0, NULL, HFILL }},
{ &hf_in_seq_pdelta,
{ "Input Sequence (Previous Delta)", "ipvs.in_seq.pdelta", FT_UINT32,
BASE_HEX, NULL, 0, NULL, HFILL }},
{ &hf_out_seq_init,
{ "Output Sequence (Initial)", "ipvs.out_seq.initial", FT_UINT32,
BASE_HEX, NULL, 0, NULL, HFILL }},
{ &hf_out_seq_delta,
{ "Output Sequence (Delta)", "ipvs.out_seq.delta", FT_UINT32,
BASE_HEX, NULL, 0, NULL, HFILL }},
{ &hf_out_seq_pdelta,
{ "Output Sequence (Previous Delta)", "ipvs.out_seq.pdelta", FT_UINT32,
BASE_HEX, NULL, 0, NULL, HFILL }},
/* v1 payload */
{ &hf_type,
{ "Type", "ipvs.type", FT_UINT8, BASE_DEC,
VALS(type_strings), 0, NULL, HFILL }},
{ &hf_ver,
{ "Version", "ipvs.ver", FT_UINT16, BASE_DEC,
NULL, 0xE000, NULL, HFILL }},
{ &hf_size_v1,
{ "Size", "ipvs.size.v1", FT_UINT16, BASE_DEC,
NULL, 0x1FFF, NULL, HFILL }},
{ &hf_flags_v1,
{ "Flags", "ipvs.flags.v1", FT_UINT32, BASE_HEX,
NULL, 0, NULL, HFILL }},
{ &hf_fwmark,
{ "FWmark", "ipvs.fwmark", FT_UINT32, BASE_HEX,
NULL, 0, NULL, HFILL }},
{ &hf_timeout,
{ "Timeout", "ipvs.timeout", FT_UINT32, BASE_DEC,
NULL, 0, NULL, HFILL }},
{ &hf_caddr6,
{ "Client Address", "ipvs.caddr6", FT_IPv6, BASE_NONE,
NULL, 0, NULL, HFILL }},
{ &hf_vaddr6,
{ "Virtual Address", "ipvs.vaddr6", FT_IPv6, BASE_NONE,
NULL, 0, NULL, HFILL }},
{ &hf_daddr6,
{ "Destination Address", "ipvs.daddr6", FT_IPv6, BASE_NONE,
NULL, 0, NULL, HFILL }},
};
static gint *ett[] = {
&ett_ipvs_syncd,
&ett_conn,
&ett_flags,
};
proto_ipvs_syncd = proto_register_protocol("IP Virtual Services Sync Daemon", "IPVS", "ipvs");
proto_register_field_array(proto_ipvs_syncd, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
}
void
proto_reg_handoff_ipvs_syncd(void)
{
dissector_handle_t ipvs_syncd_handle;
ipvs_syncd_handle = create_dissector_handle(dissect_ipvs_syncd, proto_ipvs_syncd);
dissector_add_uint_with_preference("udp.port", IPVS_SYNCD_PORT, ipvs_syncd_handle);
}
/*
* Editor modelines - https://www.wireshark.org/tools/modelines.html
*
* Local variables:
* c-basic-offset: 8
* tab-width: 8
* indent-tabs-mode: t
* End:
*
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
* :indentSize=8:tabSize=8:noTabs=false:
*/
Reference in New Issue View Git Blame Copy Permalink