diff options
author | Guy Harris <guy@alum.mit.edu> | 1999-04-05 21:54:41 +0000 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 1999-04-05 21:54:41 +0000 |
commit | ee80616a8cd2f45731e0cebc1ef83265f469e7e4 (patch) | |
tree | cb9c2f6f810dab1546d1ce33ac726629495b6dd3 | |
parent | acecc4edf50036d0d24a45613725e287589a30ac (diff) |
FTP, POP, and Telnet support from Richard Sharpe.
svn path=/trunk/; revision=237
-rw-r--r-- | AUTHORS | 4 | ||||
-rw-r--r-- | Makefile.am | 3 | ||||
-rw-r--r-- | Makefile.in | 33 | ||||
-rw-r--r-- | ethereal.c | 5 | ||||
-rw-r--r-- | packet-ftp.c | 144 | ||||
-rw-r--r-- | packet-ip.c | 3 | ||||
-rw-r--r-- | packet-pop.c | 111 | ||||
-rw-r--r-- | packet-tcp.c | 48 | ||||
-rw-r--r-- | packet-telnet.c | 384 | ||||
-rw-r--r-- | packet.h | 18 |
10 files changed, 726 insertions, 27 deletions
@@ -76,6 +76,10 @@ Jun-ichiro itojun Hagino <itojun@iijlab.net> { IPv6 support } +Richard Sharpe <sharpe@ns.aus.com> { + TFTP, FTP, POP, Telnet support + Infrastructure changes for the benefit of TFTP +} Alain Magloire <alainm@rcsm.ece.mcgill.ca> was kind enough to give his permission to use his version of snprintf.c. diff --git a/Makefile.am b/Makefile.am index 07423d8a45..8387062205 100644 --- a/Makefile.am +++ b/Makefile.am @@ -23,6 +23,7 @@ ethereal_SOURCES = \ packet-data.c \ packet-dns.c \ packet-eth.c \ + packet-ftp.c \ packet-fddi.c \ packet-giop.c \ packet-http.c \ @@ -39,10 +40,12 @@ ethereal_SOURCES = \ packet-null.c \ packet-osi.c \ packet-ospf.c \ + packet-pop.c \ packet-ppp.c \ packet-raw.c \ packet-rip.c \ packet-tcp.c \ + packet-telnet.c \ packet-tftp.c \ packet-tr.c \ packet-trmac.c \ diff --git a/Makefile.in b/Makefile.in index 3a60edb9c5..1af69935fd 100644 --- a/Makefile.in +++ b/Makefile.in @@ -97,6 +97,7 @@ ethereal_SOURCES = \ packet-data.c \ packet-dns.c \ packet-eth.c \ + packet-ftp.c \ packet-fddi.c \ packet-giop.c \ packet-http.c \ @@ -113,10 +114,12 @@ ethereal_SOURCES = \ packet-null.c \ packet-osi.c \ packet-ospf.c \ + packet-pop.c \ packet-ppp.c \ packet-raw.c \ packet-rip.c \ packet-tcp.c \ + packet-telnet.c \ packet-tftp.c \ packet-tr.c \ packet-trmac.c \ @@ -189,12 +192,13 @@ LIBS = @LIBS@ ethereal_OBJECTS = capture.o column.o ethereal.o ethertype.o file.o \ filter.o follow.o gtkpacket.o menu.o packet.o packet-aarp.o \ packet-arp.o packet-atalk.o packet-bootp.o packet-cdp.o packet-data.o \ -packet-dns.o packet-eth.o packet-fddi.o packet-giop.o packet-http.o \ -packet-ip.o packet-icmpv6.o packet-ipsec.o packet-ipv6.o packet-ipx.o \ -packet-llc.o packet-lpd.o packet-nbipx.o packet-nbns.o packet-ncp.o \ -packet-null.o packet-osi.o packet-ospf.o packet-ppp.o packet-raw.o \ -packet-rip.o packet-tcp.o packet-tftp.o packet-tr.o packet-trmac.o \ -packet-udp.o packet-vines.o prefs.o print.o ps.o resolv.o util.o +packet-dns.o packet-eth.o packet-ftp.o packet-fddi.o packet-giop.o \ +packet-http.o packet-ip.o packet-icmpv6.o packet-ipsec.o packet-ipv6.o \ +packet-ipx.o packet-llc.o packet-lpd.o packet-nbipx.o packet-nbns.o \ +packet-ncp.o packet-null.o packet-osi.o packet-ospf.o packet-pop.o \ +packet-ppp.o packet-raw.o packet-rip.o packet-tcp.o packet-telnet.o \ +packet-tftp.o packet-tr.o packet-trmac.o packet-udp.o packet-vines.o \ +prefs.o print.o ps.o resolv.o util.o ethereal_LDFLAGS = CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) @@ -213,20 +217,21 @@ mkinstalldirs stamp-h.in DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar +TAR = gtar GZIP = --best DEP_FILES = .deps/capture.P .deps/column.P .deps/ethereal.P \ .deps/ethertype.P .deps/file.P .deps/filter.P .deps/follow.P \ .deps/gtkpacket.P .deps/menu.P .deps/packet-aarp.P .deps/packet-arp.P \ .deps/packet-atalk.P .deps/packet-bootp.P .deps/packet-cdp.P \ .deps/packet-data.P .deps/packet-dns.P .deps/packet-eth.P \ -.deps/packet-fddi.P .deps/packet-giop.P .deps/packet-http.P \ -.deps/packet-icmpv6.P .deps/packet-ip.P .deps/packet-ipsec.P \ -.deps/packet-ipv6.P .deps/packet-ipx.P .deps/packet-llc.P \ -.deps/packet-lpd.P .deps/packet-nbipx.P .deps/packet-nbns.P \ -.deps/packet-ncp.P .deps/packet-null.P .deps/packet-osi.P \ -.deps/packet-ospf.P .deps/packet-ppp.P .deps/packet-raw.P \ -.deps/packet-rip.P .deps/packet-tcp.P .deps/packet-tftp.P \ +.deps/packet-fddi.P .deps/packet-ftp.P .deps/packet-giop.P \ +.deps/packet-http.P .deps/packet-icmpv6.P .deps/packet-ip.P \ +.deps/packet-ipsec.P .deps/packet-ipv6.P .deps/packet-ipx.P \ +.deps/packet-llc.P .deps/packet-lpd.P .deps/packet-nbipx.P \ +.deps/packet-nbns.P .deps/packet-ncp.P .deps/packet-null.P \ +.deps/packet-osi.P .deps/packet-ospf.P .deps/packet-pop.P \ +.deps/packet-ppp.P .deps/packet-raw.P .deps/packet-rip.P \ +.deps/packet-tcp.P .deps/packet-telnet.P .deps/packet-tftp.P \ .deps/packet-tr.P .deps/packet-trmac.P .deps/packet-udp.P \ .deps/packet-vines.P .deps/packet.P .deps/prefs.P .deps/print.P \ .deps/ps.P .deps/resolv.P .deps/snprintf.P .deps/util.P diff --git a/ethereal.c b/ethereal.c index 16a47553df..03546d5d6b 100644 --- a/ethereal.c +++ b/ethereal.c @@ -1,6 +1,6 @@ /* ethereal.c * - * $Id: ethereal.c,v 1.27 1999/04/04 02:49:23 guy Exp $ + * $Id: ethereal.c,v 1.28 1999/04/05 21:54:39 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -116,7 +116,8 @@ about_ethereal( GtkWidget *w, gpointer data ) { "Joerg Mayer <jmayer@telemation.de>\n" "Martin Maciaszek <fastjack@i-s-o.net>\n" "Didier Jorand <Didier.Jorand@alcatel.fr>\n" - "Jun-ichiro itojun Hagino <itojun@iijlab.net>\n\n" + "Jun-ichiro itojun Hagino <itojun@iijlab.net>\n" + "Richard Sharpe <sharpe@ns.aus.com>\n\n" "See http://ethereal.zing.org for more information", VERSION, comp_info_str); } diff --git a/packet-ftp.c b/packet-ftp.c new file mode 100644 index 0000000000..57ef540080 --- /dev/null +++ b/packet-ftp.c @@ -0,0 +1,144 @@ +/* packet-ftp.c + * Routines for ftp packet dissection + * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> + * + * + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@unicom.net> + * Copyright 1998 Gerald Combs + * + * Copied from packet-pop.c + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <stdio.h> + +#ifdef HAVE_SYS_TYPES_H +# include <sys/types.h> +#endif + +#ifdef HAVE_NETINET_IN_H +# include <netinet/in.h> +#endif + +#include <arpa/tftp.h> +#include <string.h> +#include <glib.h> +#include "packet.h" +#include "etypes.h" + +extern packet_info pi; + +void +dissect_ftp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int max_data) +{ + proto_tree *ftp_tree, *ti; + gchar rr[50], rd[1500]; + int i1 = (u_char *)strchr(pd + offset, ' ') - (pd + offset); /* Where is that space */ + int i2; + + memset(rr, '\0', sizeof(rr)); + memset(rd, '\0', sizeof(rd)); + + if (i1 > 0) { + + /* Hmmm, check if there was no space in there ... */ + + if (i1 > max_data) { + + i1 = max_data; /* Make things below work */ + strncpy(rr, pd + offset, MIN(max_data - 2, sizeof(rr) - 1)); + + } + else { + + strncpy(rr, pd + offset, MIN(i1, sizeof(rr) - 1)); + i2 = ((u_char *)strchr(pd + offset + i1 + 1, '\r') - (pd + offset)) - i1 - 1; + strncpy(rd, pd + offset + i1 + 1, MIN(i2, sizeof(rd) - 1)); + } + } + else { + + i1 = max_data; + strncpy(rr, pd + offset, MIN(max_data - 2, sizeof(rr) - 1)); /* Lazy, CRLF */ + + } + + if (check_col(fd, COL_PROTOCOL)) + col_add_str(fd, COL_PROTOCOL, "FTP"); + + if (check_col(fd, COL_INFO)) { + + col_add_fstr(fd, COL_INFO, "%s: %s %s", (pi.match_port == pi.destport)? "Request" : "Response", rr, rd); + + } + + if (tree) { + + ti = proto_tree_add_item(tree, offset, END_OF_FRAME, + "File Transfer Protocol"); + ftp_tree = proto_tree_new(); + proto_item_add_subtree(ti, ftp_tree, ETT_FTP); + + if (pi.match_port == pi.destport) { /* Request */ + + proto_tree_add_item(ftp_tree, offset, i1, "Request: %s", rr); + + proto_tree_add_item(ftp_tree, offset + i1 + 1, END_OF_FRAME, "Request Arg: %s", rd); + + } + else { + + proto_tree_add_item(ftp_tree, offset, i1, "Response: %s", rr); + + proto_tree_add_item(ftp_tree, offset + i1 + 1, END_OF_FRAME, "Response Arg: %s", rd); + } + + } +} + +void +dissect_ftpdata(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int max_data) +{ + proto_tree *ti; + + if (check_col(fd, COL_PROTOCOL)) + col_add_str(fd, COL_PROTOCOL, "FTP DATA"); + + if (check_col(fd, COL_INFO)) { + + col_add_fstr(fd, COL_INFO, "FTP Data ..."); + + } + + if (tree) { + + ti = proto_tree_add_item(tree, offset, END_OF_FRAME, + "File Transfer Protocol Data"); + + } +} + + + + + + diff --git a/packet-ip.c b/packet-ip.c index 8915201d9c..eb2933a7f3 100644 --- a/packet-ip.c +++ b/packet-ip.c @@ -1,7 +1,7 @@ /* packet-ip.c * Routines for IP and miscellaneous IP protocol packet disassembly * - * $Id: packet-ip.c,v 1.20 1999/03/30 20:40:12 hannes Exp $ + * $Id: packet-ip.c,v 1.21 1999/04/05 21:54:39 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -703,6 +703,7 @@ dissect_ip(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) { pi.iplen = iph.ip_len; pi.iphdrlen = lo_nibble(iph.ip_v_hl); pi.ip_src = iph.ip_src; + pi.payload = pi.iplen - hlen; offset += hlen; nxt = iph.ip_p; diff --git a/packet-pop.c b/packet-pop.c new file mode 100644 index 0000000000..08bb4fff39 --- /dev/null +++ b/packet-pop.c @@ -0,0 +1,111 @@ +/* packet-pop.c + * Routines for pop packet dissection + * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> + * + * + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@unicom.net> + * Copyright 1998 Gerald Combs + * + * Copied from packet-tftp.c + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <stdio.h> + +#ifdef HAVE_SYS_TYPES_H +# include <sys/types.h> +#endif + +#ifdef HAVE_NETINET_IN_H +# include <netinet/in.h> +#endif + +#include <arpa/tftp.h> +#include <string.h> +#include <glib.h> +#include "packet.h" +#include "etypes.h" + +extern packet_info pi; + +void +dissect_pop(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int max_data) +{ + proto_tree *pop_tree, *ti; + gchar rr[50], rd[1500]; + int i1 = (u_char *)strchr(pd + offset, ' ') - (pd + offset); /* Where is that space */ + int i2; + + memset(rr, '\0', sizeof(rr)); + memset(rd, '\0', sizeof(rd)); + + if ((i1 > max_data) || (i1 <= 0)) { + + i1 = max_data; + strncpy(rr, pd + offset, MIN(max_data - 2, sizeof(rr) - 1)); + + } + else { + + strncpy(rr, pd + offset, MIN(i1, sizeof(rr) - 1)); + i2 = ((u_char *)strchr(pd + offset + i1 + 1, '\r') - (pd + offset)) - i1 - 1; + strncpy(rd, pd + offset + i1 + 1, MIN(i2, sizeof(rd) - 1)); + } + + if (check_col(fd, COL_PROTOCOL)) + col_add_str(fd, COL_PROTOCOL, "POP"); + + if (check_col(fd, COL_INFO)) { + + col_add_fstr(fd, COL_INFO, "%s: %s %s", (pi.match_port == pi.destport)? "Request" : "Response", rr, rd); + + } + + if (tree) { + + ti = proto_tree_add_item(tree, offset, END_OF_FRAME, + "Post Office Protocol"); + pop_tree = proto_tree_new(); + proto_item_add_subtree(ti, pop_tree, ETT_POP); + + if (pi.match_port == pi.destport) { /* Request */ + + proto_tree_add_item(pop_tree, offset, i1, "Request: %s", rr); + + proto_tree_add_item(pop_tree, offset + i1 + 1, END_OF_FRAME, "Request Arg: %s", rd); + + } + else { + + proto_tree_add_item(pop_tree, offset, i1, "Response: %s", rr); + + proto_tree_add_item(pop_tree, offset + i1 + 1, END_OF_FRAME, "Response Arg: %s", rd); + } + + } +} + + + + + + diff --git a/packet-tcp.c b/packet-tcp.c index bc450de2f2..aa40d0a8d8 100644 --- a/packet-tcp.c +++ b/packet-tcp.c @@ -1,7 +1,7 @@ /* packet-tcp.c * Routines for TCP packet disassembly * - * $Id: packet-tcp.c,v 1.18 1999/03/23 20:25:50 deniel Exp $ + * $Id: packet-tcp.c,v 1.19 1999/04/05 21:54:40 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -63,7 +63,12 @@ static int info_len; /* TCP Ports */ +#define TCP_PORT_FTPDATA 20 +#define TCP_PORT_FTP 21 +#define TCP_PORT_TELNET 23 +#define TCP_PORT_SMTP 25 #define TCP_PORT_HTTP 80 +#define TCP_PORT_POP 110 #define TCP_PORT_PRINTER 515 #define TCP_ALT_PORT_HTTP 8080 @@ -320,6 +325,8 @@ dissect_tcp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) { guint bpos; guint hlen; guint optlen; + guint packet_max = pi.payload + offset; + guint payload; /* To do: Check for {cap len,pkt len} < struct len */ /* Avoids alignment problems on many architectures. */ @@ -351,6 +358,8 @@ dissect_tcp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) { hlen = hi_nibble(th.th_off_x2) * 4; /* TCP header length, in bytes */ + payload = pi.payload - hlen; + if (check_col(fd, COL_RES_SRC_PORT)) col_add_str(fd, COL_RES_SRC_PORT, get_tcp_port(th.th_sport)); if (check_col(fd, COL_UNRES_SRC_PORT)) @@ -439,13 +448,39 @@ dissect_tcp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) { /* Skip over header + options */ offset += hlen; + pi.srcport = th.th_sport; + pi.destport = th.th_dport; + /* Check the packet length to see if there's more data (it could be an ACK-only packet) */ - if (fd->cap_len > offset) { + if (packet_max > offset) { switch(MIN(th.th_sport, th.th_dport)) { - case TCP_PORT_PRINTER: - dissect_lpd(pd, offset, fd, tree); - break; + + case TCP_PORT_PRINTER: + dissect_lpd(pd, offset, fd, tree); + break; + + case TCP_PORT_TELNET: + pi.match_port = TCP_PORT_TELNET; + dissect_telnet(pd, offset, fd, tree, payload); + break; + + case TCP_PORT_FTPDATA: + pi.match_port = TCP_PORT_FTPDATA; + dissect_ftpdata(pd, offset, fd, tree, payload); + break; + + case TCP_PORT_FTP: + pi.match_port = TCP_PORT_FTP; + dissect_ftp(pd, offset, fd, tree, payload); + break; + + case TCP_PORT_POP: + pi.match_port = TCP_PORT_POP; + dissect_pop(pd, offset, fd, tree, payload); + break; + + case TCP_PORT_HTTP: case TCP_ALT_PORT_HTTP: dissect_http(pd, offset, fd, tree); @@ -462,9 +497,6 @@ dissect_tcp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) { } } - pi.srcport = th.th_sport; - pi.destport = th.th_dport; - if( data_out_file ) { reassemble_tcp( th.th_seq, /* sequence number */ ( pi.iplen -( pi.iphdrlen * 4 )-( hi_nibble(th.th_off_x2) * 4 ) ), /* length */ diff --git a/packet-telnet.c b/packet-telnet.c new file mode 100644 index 0000000000..947f46d8f1 --- /dev/null +++ b/packet-telnet.c @@ -0,0 +1,384 @@ +/* packet-pop.c + * Routines for telnet packet dissection + * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> + * + * + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@unicom.net> + * Copyright 1998 Gerald Combs + * + * Copied from packet-pop.c + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <stdio.h> + +#ifdef HAVE_SYS_TYPES_H +# include <sys/types.h> +#endif + +#ifdef HAVE_NETINET_IN_H +# include <netinet/in.h> +#endif + +#include <string.h> +#include <glib.h> +#include "packet.h" +#include "etypes.h" + +/* Some defines for Telnet */ + +#define TN_IAC 255 +#define TN_DONT 254 +#define TN_DO 253 +#define TN_WONT 252 +#define TN_WILL 251 +#define TN_SB 250 +#define TN_GA 249 +#define TN_EL 248 +#define TN_EC 247 +#define TN_AYT 246 +#define TN_AO 245 +#define TN_IP 244 +#define TN_BRK 243 +#define TN_DM 242 +#define TN_NOP 241 +#define TN_SE 240 +#define TN_EOR 239 +#define TN_ABORT 238 +#define TN_SUSP 237 +#define TN_EOF 236 + +char *options[] = { + "Binary Transmission", + "Echo", + "Reconnection", + "Suppress Go Ahead", + "Approx Message Size Negotiation", + "Status", + "Timing Mark", + "Remote Controlled Trans and Echo", + "Output Line Width", + "Output Page Size", + "Output Carriage-Return Disposition", + "Output Horizontal Tab Stops", + "Output Horizontal Tab Disposition", + "Output Formfeed Disposition", + "Output Vertical Tabstops", + "Output Vertical Tab Disposition", + "Output Linefeed Disposition", + "Extended ASCII", + "Logout", + "Byte Macro", + "Data Entry Terminal", + "SUPDUP", + "SUPDUP Output", + "Send Location", + "Terminal Type", + "End of Record", + "TACACS User Identification", + "Output Marking", + "Terminal Location Number", + "Telnet 3270 Regime", + "X.3 PAD", + "Negotiate About Window Size", + "Terminal Speed", + "Remote Flow Control", + "Linemode", + "X Display Location", + "Environment Option", + "Authentication Option", + "Encryption Option", + "New Environment Option", + "TN3270E" +}; + +extern packet_info pi; + +void telnet_sub_option(proto_tree *telnet_tree, char *rr, int *i, int offset, int max_data) +{ + proto_tree *ti, *option_tree; + int subneg_len, req, si1, not_found = 1; + volatile int i1; + char *opt, sub_opt_data[1500]; + + memset(sub_opt_data, '\0', sizeof(sub_opt_data)); + + /* Figure out the option and type */ + + opt = options[(unsigned int)rr[*i]]; + req = (unsigned int)rr[*i + 1]; + + i1 = *i + 2; si1 = i1; + while ((i1 < max_data) && (not_found)) { + + if ((unsigned char)rr[i1] == (unsigned char)TN_IAC) + not_found = 0; + else + i1++; + + } + + subneg_len = i1 - *i + 2; + + ti = proto_tree_add_item(telnet_tree, offset, subneg_len, "Suboption Begin: %s", opt); + + option_tree = proto_tree_new(); + + proto_item_add_subtree(ti, option_tree, ETT_TELNET_SUBOPT); + + proto_tree_add_item(option_tree, offset + 2, subneg_len - 2, "%s %s", (req ? "Send your" : "Here's my"), opt); + + if (req == 0) { /* Add the value */ + + memcpy(sub_opt_data, rr + *i + 2, subneg_len - 2); + proto_tree_add_item(option_tree, offset + 4, subneg_len - 4, "Value: %s", format_text(sub_opt_data, subneg_len - 4)); + *i += subneg_len - 2; + + } + else { + + *i += subneg_len - 2; + + } +} + +void telnet_command(proto_tree *telnet_tree, char *rr, int *i, int offset, int max_data) +{ + char *opt; + + switch((unsigned char)rr[*i]) { + + case TN_EOF: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: End of File"); + (*i)++; + break; + + case TN_SUSP: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Suspend Current Process"); + (*i)++; + break; + + case TN_ABORT: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Abort Process"); + (*i)++; + break; + + case TN_EOR: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: End of Record"); + (*i)++; + break; + + case TN_SE: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Suboption End"); + (*i)++; + break; + + case TN_NOP: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: No Operation"); + (*i)++; + break; + + case TN_DM: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Data Mark"); + (*i)++; + break; + + case TN_BRK: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Break"); + (*i)++; + break; + + case TN_IP: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Interrupt Process"); + (*i)++; + break; + + case TN_AO: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Abort Output"); + (*i)++; + break; + + case TN_AYT: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Are You There?"); + (*i)++; + break; + + case TN_EC: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Escape Character"); + (*i)++; + break; + + case TN_EL: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Erase Line"); + (*i)++; + break; + + case TN_GA: + + proto_tree_add_item(telnet_tree, offset, 2, "Command: Go Ahead"); + (*i)++; + break; + + case TN_SB: + + (*i)++; + telnet_sub_option(telnet_tree, rr, i, offset, max_data); + break; + + case TN_WILL: + + if (rr[*i + 1] > (sizeof(options)/sizeof(char *))) + opt = "<unknown option>"; + else + opt = options[(unsigned int)rr[*i + 1]]; + + proto_tree_add_item(telnet_tree, offset, 3, "Command: Will %s", opt); + *i += 2; /* skip two chars */ + break; + + case TN_WONT: + + if (rr[*i + 1] > (sizeof(options)/sizeof(char *))) + opt = "<unknown option>"; + else + opt = options[(unsigned int)rr[*i + 1]]; + + proto_tree_add_item(telnet_tree, offset, 3, "Command: Won't %s", opt); + *i += 2; /* skip two chars */ + break; + + case TN_DO: + + if (rr[*i + 1] > (sizeof(options)/sizeof(char *))) + opt = "<unknown option>"; + else + opt = options[(unsigned int)rr[*i + 1]]; + + proto_tree_add_item(telnet_tree, offset, 3, "Command: Do %s", opt); + *i += 2; /* skip two chars */ + break; + + case TN_DONT: + + if (rr[*i + 1] > (sizeof(options)/sizeof(char *))) + opt = "<unknown option>"; + else + opt = options[(unsigned int)rr[*i + 1]]; + + proto_tree_add_item(telnet_tree, offset, 3, "Command: Don't %s", opt); + *i += 2; /* skip two chars */ + break; + + } + +} + +void +dissect_telnet(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int max_data) +{ + proto_tree *telnet_tree, *ti; + gchar rr[1500]; + int i1; + int i2; + + memset(rr, '\0', sizeof(rr)); + + if (check_col(fd, COL_PROTOCOL)) + col_add_str(fd, COL_PROTOCOL, "TELNET"); + + if (check_col(fd, COL_INFO)) { + + col_add_fstr(fd, COL_INFO, "Telnet Data ..."); + + } + + if (tree) { + + char data[1500]; + int i3; + + memset(data, '\0', sizeof(data)); + + memcpy(rr, pd + offset, max_data); + + ti = proto_tree_add_item(tree, offset, END_OF_FRAME, + "Telnet Protocol"); + telnet_tree = proto_tree_new(); + proto_item_add_subtree(ti, telnet_tree, ETT_TELNET); + + i1 = i2 = i3 = 0; + + while (i1 < max_data) { + + if ((unsigned char)rr[i1] == (unsigned char)TN_IAC) { + + if (strlen(data) > 0) { + + proto_tree_add_item(telnet_tree, offset + i2, strlen(data), "Data: %s", format_text(data, strlen(data))); + memset(data, '\0', sizeof(data)); + i3 = 0; + + } + + i1++; + telnet_command(telnet_tree, rr, &i1, offset + i1 - 1, max_data); + i2 = i1; + + } + else { + + data[i3] = rr[i1]; + i3++; + i1++; + + + } + } + + if (strlen(data) > 0) { /* Still some data to add */ + + proto_tree_add_item(telnet_tree, offset + i2, strlen(data), "Data: %s", format_text(data, strlen(data))); + + } + + } + +} + + + + + + @@ -1,7 +1,7 @@ /* packet.h * Definitions for packet disassembly structures and routines * - * $Id: packet.h,v 1.44 1999/03/31 08:20:27 guy Exp $ + * $Id: packet.h,v 1.45 1999/04/05 21:54:41 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -111,8 +111,10 @@ typedef struct _packet_info { int ipproto; int srcport; int destport; + int match_port; int iplen; int iphdrlen; + int payload; } packet_info; /* Struct for the match_strval function */ @@ -125,7 +127,11 @@ typedef struct _value_string { /* Many of the structs and definitions below and in packet-*.c files * were taken from include files in the Linux distribution. */ - +typedef struct tcp_extra_data { + int match_port; + int sport; + int dport; +} tcp_extra_data; /* Tree types. Each dissect_* routine should have one for each add_subtree() call. */ @@ -212,6 +218,10 @@ enum { ETT_ICMPv6, ETT_ICMPv6OPT, ETT_ICMPv6FLAG, + ETT_POP, + ETT_FTP, + ETT_TELNET, + ETT_TELNET_SUBOPT, NUM_TREE_TYPES /* last item number plus one */ }; @@ -327,6 +337,8 @@ void dissect_data(const u_char *, int, frame_data *, proto_tree *); void dissect_ddp(const u_char *, int, frame_data *, proto_tree *); void dissect_dns(const u_char *, int, frame_data *, proto_tree *); void dissect_esp(const u_char *, int, frame_data *, proto_tree *); +void dissect_ftp(const u_char *, int, frame_data *, proto_tree *, int); +void dissect_ftpdata(const u_char *, int, frame_data *, proto_tree *, int); void dissect_giop(const u_char *, int, frame_data *, proto_tree *); void dissect_http(const u_char *, int, frame_data *, proto_tree *); void dissect_icmp(const u_char *, int, frame_data *, proto_tree *); @@ -345,8 +357,10 @@ void dissect_nwlink_dg(const u_char *, int, frame_data *, proto_tree *); void dissect_osi(const u_char *, int, frame_data *, proto_tree *); void dissect_ospf(const u_char *, int, frame_data *, proto_tree *); void dissect_ospf_hello(const u_char *, int, frame_data *, proto_tree *); +void dissect_pop(const u_char *, int, frame_data *, proto_tree *, int); void dissect_rip(const u_char *, int, frame_data *, proto_tree *); void dissect_tcp(const u_char *, int, frame_data *, proto_tree *); +void dissect_telnet(const u_char *, int, frame_data *, proto_tree *, int); void dissect_tftp(const u_char *, int, frame_data *, proto_tree *); void dissect_trmac(const u_char *, int, frame_data *, proto_tree *); void dissect_udp(const u_char *, int, frame_data *, proto_tree *); |