diff options
| author | Harald Welte <laforge@gnumonks.org> | 2016-12-02 22:29:36 +0100 |
|---|---|---|
| committer | Pascal Quantin <pascal.quantin@gmail.com> | 2016-12-16 17:14:36 +0000 |
| commit | 70c4a0347ca02f5b8f7ed82d33e340e86d0bd533 (patch) | |
| tree | 5fd4b27ab8530f904a7622b2542bf5052715da2e | |
| parent | 0572fbb3cf2b7faff75f3d095565af947d7ef41a (diff) | |
Add GSMTAP logging sub-dissector
Applications can also use GSMTAP framing to convey log messages
which would traditionally be printed on stderr or on log files. This
allows the ordered/interspersed display of protocol messages with log
lines from the applications that send or received those messages.
The osmocom logging framework (part of libosmocore) implements this in
libosmocore.git Change-Id I9a7e72b8c9c6f6f2d76d1ea2332dcdee12394625
Change-Id: I0de723445e5b5ce0199a4081808111240a9ed047
Reviewed-on: https://code.wireshark.org/review/19183
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
| -rw-r--r-- | docbook/release-notes.asciidoc | 1 | ||||
| -rw-r--r-- | epan/dissectors/.editorconfig | 4 | ||||
| -rw-r--r-- | epan/dissectors/CMakeLists.txt | 1 | ||||
| -rw-r--r-- | epan/dissectors/Makefile.am | 1 | ||||
| -rw-r--r-- | epan/dissectors/packet-gsmtap.c | 1 | ||||
| -rw-r--r-- | epan/dissectors/packet-gsmtap.h | 1 | ||||
| -rw-r--r-- | epan/dissectors/packet-gsmtap_log.c | 147 |
7 files changed, 156 insertions, 0 deletions
diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc index 6a17064295..ec2fbe0a10 100644 --- a/docbook/release-notes.asciidoc +++ b/docbook/release-notes.asciidoc @@ -72,6 +72,7 @@ Snort Post-dissector Unified Diagnostic Services (UDS) vSocket Windows Cluster Management API (clusapi) +GSMTAP based logging --sort-and-group-- === Updated Protocol Support diff --git a/epan/dissectors/.editorconfig b/epan/dissectors/.editorconfig index 3ab2b2a04b..f0e6798899 100644 --- a/epan/dissectors/.editorconfig +++ b/epan/dissectors/.editorconfig @@ -945,6 +945,10 @@ indent_size = tab indent_style = tab indent_size = tab +[packet-gsmtap_log.[ch]] +indent_style = tab +indent_size = tab + [packet-gssapi.[ch]] indent_style = tab indent_size = tab diff --git a/epan/dissectors/CMakeLists.txt b/epan/dissectors/CMakeLists.txt index ca0bbd70e8..6385afa0a5 100644 --- a/epan/dissectors/CMakeLists.txt +++ b/epan/dissectors/CMakeLists.txt @@ -663,6 +663,7 @@ set(DISSECTOR_SRC packet-gsm_sms_ud.c packet-gsm_um.c packet-gsmtap.c + packet-gsmtap_log.c packet-gssapi.c packet-gtp.c packet-gtpv2.c diff --git a/epan/dissectors/Makefile.am b/epan/dissectors/Makefile.am index 4257b133ff..e021776f6c 100644 --- a/epan/dissectors/Makefile.am +++ b/epan/dissectors/Makefile.am @@ -685,6 +685,7 @@ DISSECTOR_SRC = \ packet-gsm_sms_ud.c \ packet-gsm_um.c \ packet-gsmtap.c \ + packet-gsmtap_log.c \ packet-gssapi.c \ packet-gtp.c \ packet-gtpv2.c \ diff --git a/epan/dissectors/packet-gsmtap.c b/epan/dissectors/packet-gsmtap.c index dcd1fc41b8..c5ddd0539a 100644 --- a/epan/dissectors/packet-gsmtap.c +++ b/epan/dissectors/packet-gsmtap.c @@ -290,6 +290,7 @@ static const value_string gsmtap_types[] = { { GSMTAP_TYPE_GMR1_UM, "GMR-1 air interfeace (MES-MS<->GTS)" }, { GSMTAP_TYPE_UMTS_RLC_MAC, "UMTS RLC/MAC" }, { GSMTAP_TYPE_UMTS_RRC, "UMTS RRC" }, + { GSMTAP_TYPE_OSMOCORE_LOG, "libosmocore logging" }, { 0, NULL }, }; diff --git a/epan/dissectors/packet-gsmtap.h b/epan/dissectors/packet-gsmtap.h index dced24940a..d22d89396d 100644 --- a/epan/dissectors/packet-gsmtap.h +++ b/epan/dissectors/packet-gsmtap.h @@ -46,6 +46,7 @@ #define GSMTAP_TYPE_GMR1_UM 0x0a /* GMR-1 L2 packets */ #define GSMTAP_TYPE_UMTS_RLC_MAC 0x0b #define GSMTAP_TYPE_UMTS_RRC 0x0c +#define GSMTAP_TYPE_OSMOCORE_LOG 0x10 /* libosmocore logging */ /* ====== DO NOT MAKE UNAPPROVED MODIFICATIONS HERE ===== */ #define GSMTAP_BURST_UNKNOWN 0x00 diff --git a/epan/dissectors/packet-gsmtap_log.c b/epan/dissectors/packet-gsmtap_log.c new file mode 100644 index 0000000000..2958f2512a --- /dev/null +++ b/epan/dissectors/packet-gsmtap_log.c @@ -0,0 +1,147 @@ +/* packet-gsmtap-log.c + * Routines for GSMTAP logging packets + * + * (C) 2016 by Harald Welte <laforge@gnumonks.org> + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include <epan/packet.h> +#include "packet-gsmtap.h" + +static int proto_gsmtap_log = -1; + +static int hf_log_ident = -1; +static int hf_log_subsys = -1; +static int hf_log_file_name = -1; +static int hf_log_file_line = -1; +static int hf_log_ts = -1; +static int hf_log_pid = -1; +static int hf_log_level = -1; +static int hf_log_string = -1; + +static int ett_gsmtap_log = -1; + +/* from libosmocore include/osmocom/core/logging.h */ +static const value_string gsmtap_log_levels[] = { + { 1, "DEBUG" }, + { 3, "INFO" }, + { 5, "NOTICE" }, + { 7, "ERROR" }, + { 8, "FATAL" }, + { 0, NULL } +}; + +/* dissect a GSMTAP header and hand payload off to respective dissector */ +static int +dissect_gsmtap_log(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void * data _U_) +{ + proto_item *ti; + proto_tree *log_tree; + gint offset = 0; + gint log_str_len; + guint log_pid, log_level, log_src_line; + const char *log_str; + const guint8 *log_ident, *log_subsys, *log_src_fname; + + ti = proto_tree_add_item(tree, proto_gsmtap_log, tvb, 0, -1, ENC_NA); + log_tree = proto_item_add_subtree(ti, ett_gsmtap_log); + + proto_tree_add_item(log_tree, hf_log_ts, tvb, offset, 8, ENC_TIME_NTP_BASE_ZERO|ENC_BIG_ENDIAN); + offset += 8; + proto_tree_add_item_ret_string(log_tree, hf_log_ident, tvb, offset, 16, ENC_NA, wmem_packet_scope(), &log_ident); + offset += 16; + proto_tree_add_item_ret_uint(log_tree, hf_log_pid, tvb, offset, 4, ENC_BIG_ENDIAN, &log_pid); + offset += 4; + proto_tree_add_item_ret_uint(log_tree, hf_log_level, tvb, offset++, 1, ENC_NA, &log_level); + offset += 3; /* pad octets */ + proto_tree_add_item_ret_string(log_tree, hf_log_subsys, tvb, offset, 16, ENC_NA, wmem_packet_scope(), &log_subsys); + offset += 16; + proto_tree_add_item_ret_string(log_tree, hf_log_file_name, tvb, offset, 32, ENC_NA, wmem_packet_scope(), &log_src_fname); + offset += 32; + proto_tree_add_item_ret_uint(log_tree, hf_log_file_line, tvb, offset, 4, ENC_BIG_ENDIAN, &log_src_line); + offset += 4; + + /* actual log message */ + log_str_len = tvb_captured_length_remaining(tvb, offset); + proto_tree_add_item(log_tree, hf_log_string, tvb, offset, log_str_len, ENC_ASCII|ENC_NA); + + log_str = tvb_format_stringzpad_wsp(tvb, offset, log_str_len); + col_append_str(pinfo->cinfo, COL_INFO, log_str); + + proto_item_append_text(ti, " %s(%u): %s/%d: %s:%u %s", + log_ident, log_pid, log_subsys, log_level, + log_src_fname, log_src_line, log_str); + return tvb_captured_length(tvb); +} + +void +proto_register_gsmtap_log(void) +{ + static hf_register_info hf[] = { + { &hf_log_ident, { "Application", "gsmtap_log.ident", + FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL } }, + { &hf_log_subsys, { "Subsystem", "gsmtap_log.subsys", + FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL } }, + { &hf_log_file_name, { "Source File Name", "gsmtap_log.src_file.name", + FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL } }, + { &hf_log_file_line, { "Source File Line Number", "gsmtap_log.src_file.line_nr", + FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL } }, + { &hf_log_ts, { "Timestamp", "gsmtap_log.timestamp", + FT_ABSOLUTE_TIME, ABSOLUTE_TIME_UTC, NULL, 0, NULL, HFILL } }, + { &hf_log_pid, { "Process ID", "gsmtap_log.pid", + FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL } }, + { &hf_log_level, { "Log Level", "gsmtap_log.level", + FT_UINT8, BASE_DEC, VALS(gsmtap_log_levels), 0, NULL, HFILL } }, + { &hf_log_string, { "String", "gsmtap_log.string", + FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL } }, + }; + + static gint *ett[] = { + &ett_gsmtap_log, + }; + + proto_gsmtap_log = proto_register_protocol("GSMTAP libosmocore logging", "GSMTAP-LOG", "gsmtap_log"); + proto_register_field_array(proto_gsmtap_log, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); +} + +void +proto_reg_handoff_gsmtap_log(void) +{ + dissector_handle_t gsmtap_log_handle; + + gsmtap_log_handle = create_dissector_handle(dissect_gsmtap_log, proto_gsmtap_log); + dissector_add_uint("gsmtap.type", GSMTAP_TYPE_OSMOCORE_LOG, gsmtap_log_handle); +} + +/* + * Editor modelines - http://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 8 + * tab-width: 8 + * indent-tabs-mode: t + * End: + * + * vi: set shiftwidth=8 tabstop=8 noexpandtab: + * :indentSize=8:tabSize=8:noTabs=false: + */ |