diff options
author | Michal Labedzki <michal.labedzki@tieto.com> | 2014-12-12 11:24:44 +0100 |
---|---|---|
committer | Michal Labedzki <michal.labedzki@tieto.com> | 2014-12-18 11:03:05 +0000 |
commit | f5cd21543d332f6c14da88ebd50730750f791dd4 (patch) | |
tree | b10694bfabdbdb3d20bb0c011fe9c489676d59e6 /epan/dissectors/packet-bluetooth.h | |
parent | 4a467ff609f1b5ee99cbc1aaccdc7b78d3cbecbc (diff) |
Bluetooth: Add generic Bluetooth dissector
Bluetooth dissector is used to add ability to filter all bluetooth
payload from capture files (there are many transport like:
hci_h4, hci_h1, hci_usb, hci_mon, btle). Also it is used to placeholder for
all data tree used to store additional informations like bd_addrs, names, etc.
Finally it is used to be one point for Bluetooth
Endpoints/Conversation filtering what is enabled now.
Also add Master/Slave Role and Connection Mode tracking.
Change-Id: I67048080fb8ee16fa0f4ec429c1257de81ddd737
Reviewed-on: https://code.wireshark.org/review/5771
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Diffstat (limited to 'epan/dissectors/packet-bluetooth.h')
-rw-r--r-- | epan/dissectors/packet-bluetooth.h | 202 |
1 files changed, 202 insertions, 0 deletions
diff --git a/epan/dissectors/packet-bluetooth.h b/epan/dissectors/packet-bluetooth.h new file mode 100644 index 0000000000..9e664e4caf --- /dev/null +++ b/epan/dissectors/packet-bluetooth.h @@ -0,0 +1,202 @@ +/* packet-bluetooth.h + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef __PACKET_BLUETOOTH_H__ +#define __PACKET_BLUETOOTH_H__ + +#include <epan/wmem/wmem.h> + +#include <packet-usb.h> +#include <packet-ubertooth.h> + +#define BLUETOOTH_DATA_SRC 0 +#define BLUETOOTH_DATA_DST 1 + +#define HCI_H4_TYPE_CMD 0x01 +#define HCI_H4_TYPE_ACL 0x02 +#define HCI_H4_TYPE_SCO 0x03 +#define HCI_H4_TYPE_EVT 0x04 + +#define HCI_OGF_LINK_CONTROL 0x01 +#define HCI_OGF_LINK_POLICY 0x02 +#define HCI_OGF_HOST_CONTROLLER 0x03 +#define HCI_OGF_INFORMATIONAL 0x04 +#define HCI_OGF_STATUS 0x05 +#define HCI_OGF_TESTING 0x06 +#define HCI_OGF_LOW_ENERGY 0x08 +#define HCI_OGF_LOGO_TESTING 0x3e +#define HCI_OGF_VENDOR_SPECIFIC 0x3f + +#define HCI_VENDOR_DEFAULT 0 + +#define DID_VENDOR_ID_SOURCE_BLUETOOTH_SIG 1 +#define DID_VENDOR_ID_SOURCE_USB_FORUM 2 + +#define ACCESS_ADDRESS_ADVERTISING 0x8e89bed6 + +extern int proto_bluetooth; + +extern value_string_ext bthci_cmd_opcode_vals_ext; +extern value_string_ext bthci_ogf_vals_ext; +extern value_string_ext bthci_cmd_ocf_link_control_vals_ext; +extern value_string_ext bthci_cmd_ocf_link_policy_vals_ext; +extern value_string_ext bthci_cmd_ocf_host_controller_and_baseband_vals_ext; +extern value_string_ext bthci_cmd_ocf_informational_vals_ext; +extern value_string_ext bthci_cmd_ocf_status_vals_ext; +extern value_string_ext bthci_cmd_ocf_testing_vals_ext; +extern value_string_ext bthci_cmd_ocf_low_energy_vals_ext; + +extern value_string_ext bthci_cmd_input_coding_vals_ext; +extern value_string_ext bthci_cmd_input_data_format_vals_ext; +extern value_string_ext bthci_cmd_input_sample_size_vals_ext; +extern value_string_ext bthci_cmd_air_coding_format_vals_ext; +extern value_string_ext bthci_cmd_status_vals_ext; +extern value_string_ext bthci_cmd_eir_data_type_vals_ext; +extern value_string_ext bthci_cmd_auth_req_vals_ext; +extern value_string_ext bthci_cmd_appearance_vals_ext; + +extern const value_string bthci_cmd_io_capability_vals[]; +extern const value_string bthci_cmd_oob_data_present_vals[]; +extern const value_string bthci_cmd_address_types_vals[]; +extern const value_string bthci_cmd_scan_enable_values[]; +extern const value_string bthci_cmd_page_scan_modes[]; +extern const value_string bthci_cmd_page_scan_repetition_modes[]; +extern const value_string bthci_cmd_page_scan_period_modes[]; +extern const value_string bthci_cmd_notification_types[]; + + +/* We support Bluetooth over various interfaces, interface_id and adapter_id + is used to decode further payload. Case: there is a host. Host has X + interfaces. Each interface has Y adapter. Each adapter has ACL handle or + L2CAP CID. ACL handle has L2CAP CID and/or L2CAP PSM. L2CAP CID or + L2CAP PSM has RFCOMM channel or other end-protocol like OBEX, AVRCP, HID, + AVDTP, BNEP etc. RFCOMM channel has end-protocol like OBEX, HFP, etc. + Important note: correct payload decoding should store needed data using + key contain interface_id, adapter_id, ..., last_channel_type (for example + RFCOMM channel, transaction_id, frame number etc. ) + + interface_id - interface id provided by Wireshark, see "frame.interface_id", + in case where is only one interface id HCI_INTERFACE_DEFAULT + is used (for example open BTSNOOP file with HCI H4 protocol) + adapter_id - identified Bluetooth device (interface, for example Linux + hci0, hci1, etc.) +*/ +#define HCI_INTERFACE_DEFAULT 0 +#define HCI_ADAPTER_DEFAULT 0 + +/* chandle_sessions: interface_id + adapter_id + connection_handle + frame_number -> connect_in_frame, disconnect_in_frame */ +/* chandle_to_bdaddr: interface_id + adapter_id + connection_handle + frame_number -> bd_addr[6] */ +/* chandle_to_mode: interface_id + adapter_id + connection_handle + frame_number -> mode */ +/* bdaddr_to_name: bd_addr[6] + frame_number -> name */ +/* bdaddr_to_role: bd_addr[6] + frame_number -> role */ +/* localhost_bdaddr: interface_id + adapter_id + frame_number -> bd_addr[6] */ +/* localhost_name: interface_id + adapter_id + frame_number -> name */ +typedef struct _bluetooth_data_t { + guint32 interface_id; + guint32 adapter_id; + guint32 *adapter_disconnect_in_frame; + wmem_tree_t *chandle_sessions; + wmem_tree_t *chandle_to_bdaddr; + wmem_tree_t *chandle_to_mode; + wmem_tree_t *bdaddr_to_name; + wmem_tree_t *bdaddr_to_role; + wmem_tree_t *localhost_bdaddr; + wmem_tree_t *localhost_name; + + union { + void *data; + usb_conv_info_t *usb_conv_info; + ubertooth_data_t *ubertooth_data; + } previous_protocol_data; + +} bluetooth_data_t; + +typedef struct _chandle_session_t { + guint32 connect_in_frame; + guint32 disconnect_in_frame; +} chandle_session_t; + +typedef struct _remote_bdaddr_t { + guint32 interface_id; + guint32 adapter_id; + guint16 chandle; + guint8 bd_addr[6]; +} remote_bdaddr_t; + +typedef struct _device_name_t { + guint32 bd_addr_oui; + guint32 bd_addr_id; + gchar *name; +} device_name_t; + +typedef struct _device_role_t { + guint32 role; + guint32 change_in_frame; +} device_role_t; + +typedef struct _connection_mode_t { + gint32 mode; + guint32 change_in_frame; +} connection_mode_t; + +#define ROLE_UNKNOWN 0 +#define ROLE_MASTER 1 +#define ROLE_SLAVE 2 + +typedef struct _localhost_bdaddr_entry_t { + guint32 interface_id; + guint32 adapter_id; + guint8 bd_addr[6]; +} localhost_bdaddr_entry_t; + +typedef struct _localhost_name_entry_t { + guint32 interface_id; + guint32 adapter_id; + gchar *name; +} localhost_name_entry_t; + +typedef struct _bluetooth_tap_data_t { + guint32 interface_id; + guint32 adapter_id; +} bluetooth_tap_data_t; + + +extern value_string_ext bluetooth_uuid_vals_ext; +extern value_string_ext bluetooth_company_id_vals_ext; +extern guint32 max_disconnect_in_frame; + +extern gint dissect_bd_addr(gint hf_bd_addr, proto_tree *tree, tvbuff_t *tvb, + gint offset, guint8 *bdaddr); + +#endif + +/* + * Editor modelines - http://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * vi: set shiftwidth=4 tabstop=8 expandtab: + * :indentSize=4:tabSize=8:noTabs=true: + */ |