diff options
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-lbm.h | 9 | ||||
-rw-r--r-- | epan/dissectors/packet-lbmc.c | 142 |
2 files changed, 142 insertions, 9 deletions
diff --git a/epan/dissectors/packet-lbm.h b/epan/dissectors/packet-lbm.h index 0b9deb901e..1d99ae05d8 100644 --- a/epan/dissectors/packet-lbm.h +++ b/epan/dissectors/packet-lbm.h @@ -220,15 +220,6 @@ typedef struct typedef struct { guint64 channel; - guint32 sqn; - lbm_uim_stream_endpoint_t endpoint_a; - lbm_uim_stream_endpoint_t endpoint_b; - const gchar * description; -} lbm_uim_stream_info_t; - -typedef struct -{ - guint64 channel; guint32 substream_id; guint32 bytes; lbm_uim_stream_endpoint_t endpoint_a; diff --git a/epan/dissectors/packet-lbmc.c b/epan/dissectors/packet-lbmc.c index 0e35d2c850..888fdeb9cb 100644 --- a/epan/dissectors/packet-lbmc.c +++ b/epan/dissectors/packet-lbmc.c @@ -26,6 +26,8 @@ #include <epan/packet.h> #include <epan/prefs.h> #include <epan/expert.h> +#include <epan/sequence_analysis.h> +#include <epan/to_str.h> #include <epan/tap.h> #include "packet-lbm.h" #include "packet-lbttcp.h" @@ -6060,6 +6062,144 @@ typedef struct } lbmc_tcp_sid_info_t; /*----------------------------------------------------------------------------*/ +/* UIM Flow tap handler */ +/*----------------------------------------------------------------------------*/ +typedef struct +{ + guint64 channel; + guint32 sqn; + lbm_uim_stream_endpoint_t endpoint_a; + lbm_uim_stream_endpoint_t endpoint_b; + const gchar * description; +} lbm_uim_stream_info_t; + +static gboolean +lbm_uim_seq_analysis_packet(void *ptr, packet_info *pinfo, epan_dissect_t *edt _U_, const void *uim_info) +{ + seq_analysis_info_t *sainfo = (seq_analysis_info_t *) ptr; + const lbm_uim_stream_info_t* stream_info = (const lbm_uim_stream_info_t *)uim_info; + lbm_uim_stream_endpoint_t epa; + lbm_uim_stream_endpoint_t epb; + gchar * ctxinst1; + gchar * ctxinst2; + gboolean swap_endpoints = FALSE; + seq_analysis_item_t* sai; + int rc; + + if ((sainfo->all_packets)||(pinfo->fd->flags.passed_dfilter==1)) + { + if (stream_info->endpoint_a.type != stream_info->endpoint_b.type) + { + return (1); + } + if (stream_info->endpoint_a.type == lbm_uim_instance_stream) + { + rc = memcmp((void *)stream_info->endpoint_a.stream_info.ctxinst.ctxinst, + (void *)stream_info->endpoint_b.stream_info.ctxinst.ctxinst, + LBM_CONTEXT_INSTANCE_BLOCK_SZ); + if (rc <= 0) + { + swap_endpoints = FALSE; + } + else + { + swap_endpoints = TRUE; + } + } + else + { + if (stream_info->endpoint_a.stream_info.dest.domain < stream_info->endpoint_b.stream_info.dest.domain) + { + swap_endpoints = FALSE; + } + else if (stream_info->endpoint_a.stream_info.dest.domain > stream_info->endpoint_b.stream_info.dest.domain) + { + swap_endpoints = TRUE; + } + else + { + int compare; + + compare = cmp_address(&(stream_info->endpoint_a.stream_info.dest.addr), &(stream_info->endpoint_b.stream_info.dest.addr)); + if (compare < 0) + { + swap_endpoints = FALSE; + } + else if (compare > 0) + { + swap_endpoints = TRUE; + } + else + { + if (stream_info->endpoint_a.stream_info.dest.port <= stream_info->endpoint_b.stream_info.dest.port) + { + swap_endpoints = FALSE; + } + else + { + swap_endpoints = TRUE; + } + } + } + } + if (swap_endpoints == FALSE) + { + epa = stream_info->endpoint_a; + epb = stream_info->endpoint_b; + } + else + { + epb = stream_info->endpoint_a; + epa = stream_info->endpoint_b; + } + + sai = g_new0(seq_analysis_item_t, 1); + copy_address(&(sai->src_addr), &(pinfo->src)); + copy_address(&(sai->dst_addr), &(pinfo->dst)); + sai->frame_number = pinfo->num; + sai->port_src = pinfo->srcport; + sai->port_dst = pinfo->destport; + + if (stream_info->description == NULL) + { + sai->frame_label = g_strdup_printf("(%" G_GUINT32_FORMAT ")", stream_info->sqn); + } + else + { + sai->frame_label = g_strdup_printf("%s (%" G_GUINT32_FORMAT ")", stream_info->description, stream_info->sqn); + } + if (epa.type == lbm_uim_instance_stream) + { + ctxinst1 = bytes_to_str(pinfo->pool, epa.stream_info.ctxinst.ctxinst, sizeof(epa.stream_info.ctxinst.ctxinst)); + ctxinst2 = bytes_to_str(pinfo->pool, epb.stream_info.ctxinst.ctxinst, sizeof(epb.stream_info.ctxinst.ctxinst)); + sai->comment = g_strdup_printf("%s <-> %s [%" G_GUINT64_FORMAT "]", + ctxinst1, + ctxinst2, + stream_info->channel); + } + else + { + sai->comment = g_strdup_printf("%" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " <-> %" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " [%" G_GUINT64_FORMAT "]", + epa.stream_info.dest.domain, + address_to_str(pinfo->pool, &(epa.stream_info.dest.addr)), + epa.stream_info.dest.port, + epb.stream_info.dest.domain, + address_to_str(pinfo->pool, &(epb.stream_info.dest.addr)), + epb.stream_info.dest.port, + stream_info->channel); + } + sai->conv_num = (guint16)LBM_CHANNEL_ID(stream_info->channel); + sai->display = TRUE; + sai->line_style = 1; + + g_queue_push_tail(sainfo->items, sai); + } + + return TRUE; +} + + +/*----------------------------------------------------------------------------*/ /* Message reassembly. */ /*----------------------------------------------------------------------------*/ #define LBMC_MESSAGE_KEY_ELEMENT_COUNT 5 @@ -14218,6 +14358,8 @@ void proto_register_lbmc(void) &lbmc_dissect_lbmpdm); lbm_stream_init(); lbmc_message_table = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope()); + + register_seq_analysis("lbm_uim", "UIM Flows", proto_lbmc, "lbm_uim", TL_REQUIRES_COLUMNS, lbm_uim_seq_analysis_packet); } /* The registration hand-off routine */ |