diff options
| -rw-r--r-- | colorfilters | 2 | ||||
| -rw-r--r-- | epan/dissectors/packet-extreme.c | 72 |
2 files changed, 63 insertions, 11 deletions
diff --git a/colorfilters b/colorfilters index b1244284ce..bc5733f982 100644 --- a/colorfilters +++ b/colorfilters @@ -8,7 +8,7 @@ @ICMP@icmp@[49680,49737,65535][0,0,0] @TCP RST@tcp.flags.reset eq 1@[37008,0,0][65535,63121,32911] @Low TTL@ip.ttl < 5@[37008,0,0][65535,65535,65535] -@Checksum Errors@ip.checksum_bad==1 || tcp.checksum_bad || udp.checksum_bad@[0,0,0][65535,24383,24383] +@Checksum Errors@edp.checksum_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad || udp.checksum_bad@[0,0,0][65535,24383,24383] @SMB@smb || nbss || nbns || nbipx || ipxsap || netbios@[65534,64008,39339][0,0,0] @HTTP@http || tcp.port == 80@[36107,65535,32590][0,0,0] @IPX@ipx || stp@[65534,58325,58808][0,0,0] diff --git a/epan/dissectors/packet-extreme.c b/epan/dissectors/packet-extreme.c index 2e5c133ab1..dd5082346e 100644 --- a/epan/dissectors/packet-extreme.c +++ b/epan/dissectors/packet-extreme.c @@ -29,13 +29,13 @@ TODO: EAPS v2 is not supported (no spec) Some stuff in the EDP Info field (no spec) - Flags in the EDP Vlan field + Flags in the EDP Vlan field (value 0x01) Meaning of speical MAC adresses: - ExtremeN:00:00:01 ExtremeN:00:00:06 - TLV type 0x0e (XOS only?) + TLV type 0x0e (XOS only?) (EAPSv2?) TLV type 0x15 (XOS only?) - EAPS type 0x10 + EAPS type 0x10 (EAPSv2?) + ESRP state 0x03 Specs: @@ -148,6 +148,7 @@ These are the structures you will see most often in EDP frames. #include <glib.h> #include <epan/packet.h> #include <epan/strutil.h> +#include <epan/in_cksum.h> #include "packet-llc.h" #include "oui.h" @@ -158,7 +159,10 @@ static int proto_edp = -1; static int hf_edp_version = -1; static int hf_edp_reserved = -1; static int hf_edp_length = -1; -static int hf_edp_chksum = -1; +static int hf_edp_checksum = -1; +static int hf_edp_checksum_good = -1; +static int hf_edp_checksum_bad = -1; + static int hf_edp_seqno = -1; static int hf_edp_midtype = -1; static int hf_edp_midmac = -1; @@ -222,6 +226,7 @@ static int hf_edp_unknown = -1; static int hf_edp_null = -1; static gint ett_edp = -1; +static gint ett_edp_checksum = -1; static gint ett_edp_tlv_header = -1; static gint ett_edp_display = -1; static gint ett_edp_info = -1; @@ -700,11 +705,16 @@ dissect_edp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) proto_item *ti; proto_item *tlvi; proto_tree *edp_tree = NULL; + proto_item *checksum_item; + proto_tree *checksum_tree; guint32 offset = 0; + guint16 packet_checksum, computed_checksum; + gboolean checksum_good, checksum_bad; gboolean last = FALSE; guint8 tlv_type; guint16 tlv_length; guint16 data_length; + vec_t cksum_vec[1]; if (check_col(pinfo->cinfo, COL_PROTOCOL)) col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_SHORT_NAME); @@ -729,8 +739,41 @@ dissect_edp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) data_length); offset += 2; - proto_tree_add_item(edp_tree, hf_edp_chksum, tvb, offset, 2, - FALSE); + packet_checksum = tvb_get_ntohs(tvb, offset); + /* + * If we have the entire ESP packet available, check the checksum. + */ + if (tvb_bytes_exist(tvb, 0, data_length)) { + /* Checksum from version to null tlv */ + cksum_vec[0].ptr = tvb_get_ptr(tvb, 0, data_length); + cksum_vec[0].len = data_length; + computed_checksum = in_cksum(&cksum_vec[0], 1); + checksum_good = (computed_checksum == 0); + checksum_bad = !checksum_good; + if (checksum_good) { + checksum_item = proto_tree_add_uint_format(edp_tree, + hf_edp_checksum, tvb, offset, 2, packet_checksum, + "Cchecksum: 0x%04x [correct]", + packet_checksum); + } else { + checksum_item = proto_tree_add_uint_format(edp_tree, + hf_edp_checksum, tvb, offset, 2, packet_checksum, + "Checksum: 0x%04x [incorrect, should be 0x%04x]", + packet_checksum, + in_cksum_shouldbe(packet_checksum, computed_checksum)); + } + } else { + checksum_good = checksum_bad = FALSE; + checksum_item = proto_tree_add_uint(edp_tree, hf_edp_checksum, + tvb, offset, 2, packet_checksum); + } + checksum_tree = proto_item_add_subtree(checksum_item, ett_edp_checksum); + checksum_item = proto_tree_add_boolean(checksum_tree, hf_edp_checksum_good, + tvb, offset, 2, checksum_good); + PROTO_ITEM_SET_GENERATED(checksum_item); + checksum_item = proto_tree_add_boolean(checksum_tree, hf_edp_checksum_bad, + tvb, offset, 2, checksum_bad); + PROTO_ITEM_SET_GENERATED(checksum_item); offset += 2; proto_tree_add_item(edp_tree, hf_edp_seqno, tvb, offset, 2, @@ -817,9 +860,17 @@ proto_register_edp(void) { "Data length", "edp.length", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }}, - { &hf_edp_chksum, - { "Checksum", "edp.checksum", FT_UINT16, BASE_HEX, NULL, - 0x0, "", HFILL }}, + { &hf_edp_checksum, + { "EDP checksum", "edp.checksum", FT_UINT16, BASE_HEX, NULL, 0x0, + "", HFILL }}, + + { &hf_edp_checksum_good, + { "Good", "edp.checksum_good", FT_BOOLEAN, BASE_NONE, NULL, 0x0, + "True: checksum matches packet content; False: doesn't match content or not checked", HFILL }}, + + { &hf_edp_checksum_bad, + { "Bad ", "edp.checksum_bad", FT_BOOLEAN, BASE_NONE, NULL, 0x0, + "True: checksum doesn't match packet content; False: matches content or not checked", HFILL }}, { &hf_edp_seqno, { "Sequence number", "edp.seqno", FT_UINT16, BASE_DEC, NULL, @@ -1043,6 +1094,7 @@ proto_register_edp(void) }; static gint *ett[] = { &ett_edp, + &ett_edp_checksum, &ett_edp_tlv_header, &ett_edp_vlan_flags, &ett_edp_display, |