aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Mann <mmann78@netscape.net>2019-09-01 15:38:28 -0400
committerAnders Broman <a.broman58@gmail.com>2019-09-02 03:28:02 +0000
commit8131a4cfa9371c1981484233fdb6c84fd1e4e7e0 (patch)
tree9d740513e728a44a60261548c6c03717dcbcf7db
parentbd049b9cf3d363af36342517ae765bdf44a6b91a (diff)
TCP: Provide display filters for "raw" SEQ/ACK.
Add hf_ fields for "raw" Sequence and Acknowledgment numbers. They will only be visible when "Relative sequence numbers" preference is TRUE. Bug: 15913 Change-Id: Icfbdc435e82723d663dce36c3a5cc513c837bdaf Reviewed-on: https://code.wireshark.org/review/34421 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
-rw-r--r--epan/dissectors/packet-tcp.c21
-rw-r--r--epan/dissectors/packet-tcp.h3
2 files changed, 21 insertions, 3 deletions
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index bef2f2be44..010a090c9c 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -140,8 +140,10 @@ static int hf_tcp_dstport = -1;
static int hf_tcp_port = -1;
static int hf_tcp_stream = -1;
static int hf_tcp_seq = -1;
+static int hf_tcp_seq_abs = -1;
static int hf_tcp_nxtseq = -1;
static int hf_tcp_ack = -1;
+static int hf_tcp_ack_abs = -1;
static int hf_tcp_hdr_len = -1;
static int hf_tcp_flags = -1;
static int hf_tcp_flags_res = -1;
@@ -5986,7 +5988,7 @@ dissect_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
guint32 th_urp;
proto_tree *tcp_tree = NULL, *field_tree = NULL;
proto_item *ti = NULL, *tf, *hidden_item;
- proto_item *options_item;
+ proto_item *options_item, *hide_seqack_abs_item;
proto_tree *options_tree;
int offset = 0;
const char *flags_str, *flags_str_first_letter;
@@ -6070,7 +6072,8 @@ dissect_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
tcph->th_rawseq = tvb_get_ntohl(tvb, offset + 4);
tcph->th_seq = tcph->th_rawseq;
- tcph->th_ack = tvb_get_ntohl(tvb, offset + 8);
+ tcph->th_rawack = tvb_get_ntohl(tvb, offset + 8);
+ tcph->th_ack = tcph->th_rawack;
th_off_x2 = tvb_get_guint8(tvb, offset + 12);
tcpinfo.flags = tcph->th_flags = tvb_get_ntohs(tvb, offset + 12) & TH_MASK;
tcph->th_win = tvb_get_ntohs(tvb, offset + 14);
@@ -6258,8 +6261,11 @@ dissect_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
if (!icmp_ip) {
if(tcp_relative_seq) {
proto_tree_add_uint_format_value(tcp_tree, hf_tcp_seq, tvb, offset + 4, 4, tcph->th_seq, "%u (relative sequence number)", tcph->th_seq);
+ proto_tree_add_uint(tcp_tree, hf_tcp_seq_abs, tvb, offset + 4, 4, tcph->th_rawseq);
} else {
proto_tree_add_uint(tcp_tree, hf_tcp_seq, tvb, offset + 4, 4, tcph->th_seq);
+ hide_seqack_abs_item = proto_tree_add_uint(tcp_tree, hf_tcp_seq_abs, tvb, offset + 4, 4, tcph->th_rawseq);
+ proto_item_set_hidden(hide_seqack_abs_item);
}
}
@@ -6297,9 +6303,12 @@ dissect_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
}
tf = proto_tree_add_uint(tcp_tree, hf_tcp_ack, tvb, offset + 8, 4, tcph->th_ack);
+ hide_seqack_abs_item = proto_tree_add_uint(tcp_tree, hf_tcp_ack_abs, tvb, offset + 8, 4, tcph->th_rawack);
if (tcph->th_flags & TH_ACK) {
if (tcp_relative_seq) {
proto_item_append_text(tf, " (relative ack number)");
+ } else {
+ proto_item_set_hidden(hide_seqack_abs_item);
}
} else {
/* Note if the ACK field is non-zero */
@@ -6822,6 +6831,10 @@ proto_register_tcp(void)
{ "Sequence number", "tcp.seq", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
+ { &hf_tcp_seq_abs,
+ { "Sequence number (raw)", "tcp.seq_raw", FT_UINT32, BASE_DEC, NULL, 0x0,
+ "This shows the raw value of the sequence number", HFILL }},
+
{ &hf_tcp_nxtseq,
{ "Next sequence number", "tcp.nxtseq", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
@@ -6830,6 +6843,10 @@ proto_register_tcp(void)
{ "Acknowledgment number", "tcp.ack", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
+ { &hf_tcp_ack_abs,
+ { "Acknowledgment number (raw)", "tcp.ack_raw", FT_UINT32, BASE_DEC, NULL, 0x0,
+ "This shows the raw value of the acknowledgment number", HFILL } },
+
{ &hf_tcp_hdr_len,
{ "Header Length", "tcp.hdr_len", FT_UINT8, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
diff --git a/epan/dissectors/packet-tcp.h b/epan/dissectors/packet-tcp.h
index d46020f4cb..b009522b1b 100644
--- a/epan/dissectors/packet-tcp.h
+++ b/epan/dissectors/packet-tcp.h
@@ -77,7 +77,8 @@ typedef struct tcpheader {
guint32 th_rawseq; /* raw value */
guint32 th_seq; /* raw or relative value depending on tcp_relative_seq */
- guint32 th_ack;
+ guint32 th_rawack; /* raw value */
+ guint32 th_ack; /* raw or relative value depending on tcp_relative_seq */
gboolean th_have_seglen; /* TRUE if th_seglen is valid */
guint32 th_seglen; /* in bytes */
guint32 th_win; /* make it 32 bits so we can handle some scaling */