diff options
| author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2007-09-28 07:25:50 +0000 |
|---|---|---|
| committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2007-09-28 07:25:50 +0000 |
| commit | 651d8082c912c3aec2949ac855c0224528a4174e (patch) | |
| tree | 47dafa91b54cf80ad67785e507172be20cec50c4 | |
| parent | 1efa9bd6b645003ed1da5d5d5af3121b048f4783 (diff) | |
add a function to test if a packet is ndmp or not
svn path=/trunk/; revision=23007
| -rw-r--r-- | epan/dissectors/packet-ndmp.c | 30 | ||||
| -rw-r--r-- | epan/dissectors/packet-ndmp.h | 32 |
2 files changed, 54 insertions, 8 deletions
diff --git a/epan/dissectors/packet-ndmp.c b/epan/dissectors/packet-ndmp.c index f6175f5d48..fcbf8f3822 100644 --- a/epan/dissectors/packet-ndmp.c +++ b/epan/dissectors/packet-ndmp.c @@ -42,6 +42,7 @@ #include <epan/conversation.h> #include <epan/emem.h> #include "packet-rpc.h" +#include "packet-ndmp.h" #include "packet-tcp.h" #include "packet-scsi.h" #include "packet-frame.h" @@ -3026,15 +3027,15 @@ get_ndmp_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset) return len+4; } -static int -dissect_ndmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +gboolean +check_if_ndmp(tvbuff_t *tvb, packet_info *pinfo) { guint len; guint32 tmp; /* verify that the tcp port is 10000, ndmp always runs on port 10000*/ if ((pinfo->srcport!=TCP_PORT_NDMP)&&(pinfo->destport!=TCP_PORT_NDMP)) { - return 0; + return FALSE; } /* check that the header looks sane */ @@ -3045,40 +3046,53 @@ dissect_ndmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) if(len>=4){ tmp=(tvb_get_ntohl(tvb, 0)&RPC_RM_FRAGLEN); if( (tmp<24)||(tmp>1000000) ){ - return 0; + return FALSE; } } + /* check the timestamp, timestamps are valid if they * (arbitrary) lie between 1980-jan-1 and 2030-jan-1 */ if(len>=12){ tmp=tvb_get_ntohl(tvb, 8); if( (tmp<0x12ceec50)||(tmp>0x70dc1ed0) ){ - return 0; + return FALSE; } } + /* check the type */ if(len>=16){ tmp=tvb_get_ntohl(tvb, 12); if( tmp>1 ){ - return 0; + return FALSE; } } + /* check message */ if(len>=20){ tmp=tvb_get_ntohl(tvb, 16); if( (tmp>0xa09) || (tmp==0) ){ - return 0; + return FALSE; } } + /* check error */ if(len>=28){ tmp=tvb_get_ntohl(tvb, 24); if( (tmp>0x17) ){ - return 0; + return FALSE; } } + return TRUE; +} + +static int +dissect_ndmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + if(!check_if_ndmp(tvb, pinfo)) { + return 0; + } tcp_dissect_pdus(tvb, pinfo, tree, ndmp_desegment, 28, get_ndmp_pdu_len, dissect_ndmp_message); diff --git a/epan/dissectors/packet-ndmp.h b/epan/dissectors/packet-ndmp.h new file mode 100644 index 0000000000..e152820179 --- /dev/null +++ b/epan/dissectors/packet-ndmp.h @@ -0,0 +1,32 @@ +/* packet-ndmp.h + * + * $Id$ + * + * (c) 2007 Ronnie Sahlberg + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef __PACKET_NDMP_H__ +#define __PACKET_NDMP_H__ + +extern gboolean check_if_ndmp(tvbuff_t *tvb, packet_info *pinfo); + +#endif /* packet-ndmp.h */ + |