From Martin Warnes: support for VMS UCX$TRACE output in wiretap.

svn path=/trunk/; revision=7692

7 files changed, 80 insertions, 40 deletions

diff --git a/AUTHORS b/AUTHORS
index b99e4ef55e..8dda12253b 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -1700,6 +1700,10 @@ Can Erkin Acar <canacar [AT] eee.metu.edu.tr> {
 	Support for new DLT_PFLOG format
 }
 
+Martin Warnes <martin.warnes [AT] ntlworld.com> {
+	Support for VMS UCX$TRACE output in wiretap
+}
+
 And assorted fixes and enhancements by the people listed above and by:
 
 	Pavel Roskin <proski [AT] gnu.org>
diff --git a/doc/editcap.pod b/doc/editcap.pod
index f8cf7ec97f..a3cbf5ffa9 100644
--- a/doc/editcap.pod
+++ b/doc/editcap.pod
@@ -33,14 +33,14 @@ WAN/LAN analyzer, B<Lucent/Ascend> router debug output, HP-UX's
 B<nettl>, the dump output from B<Toshiba's> ISDN routers, the output
 from B<i4btrace> from the ISDN4BSD project, the output in B<IPLog>
 format from the Cisco Secure Intrusion Detection System, B<pppd logs>
-(pppdump format), the output from VMS's B<TCPIPtrace> utility, the text
-output from the B<DBS Etherwatch> VMS utility, traffic capture files
-from Visual Networks' Visual UpTime and the output from B<CoSine> L2 
-debug. There is no need to tell B<Editcap> what type of file you are 
-reading; it will determine the file type by itself.  B<Editcap> is also 
-capable of reading any of these file formats if they are compressed 
-using gzip.  B<Editcap> recognizes this directly from the file; the 
-'.gz' extension is not required for this purpose.
+(pppdump format), the output from VMS's B<TCPIPtrace> and B<UCX$TRACE>
+utilities, the text output from the B<DBS Etherwatch> VMS utility,
+traffic capture files from Visual Networks' Visual UpTime and the output
+from B<CoSine> L2 debug.  There is no need to tell B<Editcap> what type
+of file you are reading; it will determine the file type by itself. 
+B<Editcap> is also capable of reading any of these file formats if they
+are compressed using gzip.  B<Editcap> recognizes this directly from the
+file; the '.gz' extension is not required for this purpose.
 
 By default, it writes the capture file in B<libpcap> format, and writes
 all of the packets in the capture file to the output file.  The B<-F>
diff --git a/doc/ethereal.pod.template b/doc/ethereal.pod.template
index 545cb45e07..cf1eed198a 100644
--- a/doc/ethereal.pod.template
+++ b/doc/ethereal.pod.template
@@ -49,14 +49,15 @@ B<RADCOM>'s WAN/LAN analyzer, B<Lucent/Ascend> router debug output,
 HP-UX's B<nettl>, the dump output from B<Toshiba's> ISDN routers, the
 output from B<i4btrace> from the ISDN4BSD project, the output in
 B<IPLog> format from the Cisco Secure Intrusion Detection System, B<pppd
-logs> (pppdump format), the output from VMS's B<TCPIPtrace> utility, the
-text output from the B<DBS Etherwatch> VMS utility, traffic capture
-files from Visual Networks' Visual UpTime, and the output from B<CoSine> 
-L2 debug.  There is no need to tell B<Ethereal> what type of file you 
-are reading; it will determine the file type by itself.  B<Ethereal> 
-is also capable of reading any of these file formats if they are 
-compressed using gzip.  B<Ethereal> recognizes this directly from the 
-file; the '.gz' extension is not required for this purpose.
+logs> (pppdump format), the output from VMS's B<TCPIPtrace> and
+B<UCX$TRACE> utilities, the text output from the B<DBS Etherwatch> VMS
+utility, traffic capture files from Visual Networks' Visual UpTime, and
+the output from B<CoSine> L2 debug.  There is no need to tell
+B<Ethereal> what type of file you are reading; it will determine the
+file type by itself.  B<Ethereal> is also capable of reading any of
+these file formats if they are compressed using gzip.  B<Ethereal>
+recognizes this directly from the file; the '.gz' extension is not
+required for this purpose.
 
 Like other protocol analyzers, B<Ethereal>'s main window shows 3 views
 of a packet.  It shows a summary line, briefly describing what the
diff --git a/doc/mergecap.pod b/doc/mergecap.pod
index b0ca04e2f1..c104558a37 100644
--- a/doc/mergecap.pod
+++ b/doc/mergecap.pod
@@ -30,14 +30,15 @@ WAN/LAN analyzer, B<Lucent/Ascend> router debug output, HP-UX's
 B<nettl>, the dump output from B<Toshiba's> ISDN routers, the output
 from B<i4btrace> from the ISDN4BSD project, the output in B<IPLog>
 format from the Cisco Secure Intrusion Detection System, B<pppd logs>
-(pppdump format), the output from VMS's B<TCPIPtrace> utility, the text
-output from the B<DBS Etherwatch> VMS utility, traffic capture files
-from Visual Networks' Visual UpTime, and the output from B<CoSine> L2 
-debug.  There is no need to tell B<Mergecap> what type of file you are 
-reading; it will determine the file type by itself.  B<Mergecap> is 
-also capable of reading any of these file formats if they are compressed 
-using gzip.  B<Mergecap> recognizes this directly from the file; the 
-'.gz' extension is not required for this purpose.
+(pppdump format), the output from VMS's B<TCPIPtrace> and B<UCX$TRACE>
+utilities, the text output from the B<DBS Etherwatch> VMS utility,
+traffic capture files from Visual Networks' Visual UpTime, and the
+output from B<CoSine> L2 debug.  There is no need to tell B<Mergecap>
+what type of file you are reading; it will determine the file type by
+itself.  B<Mergecap> is also capable of reading any of these file
+formats if they are compressed using gzip.  B<Mergecap> recognizes this
+directly from the file; the '.gz' extension is not required for this
+purpose.
 
 By default, it writes the capture file in B<libpcap> format, and writes
 all of the packets in both input capture files to the output file.  The
diff --git a/doc/tethereal.pod.template b/doc/tethereal.pod.template
index 6838a7778f..a8384aba08 100644
--- a/doc/tethereal.pod.template
+++ b/doc/tethereal.pod.template
@@ -50,13 +50,13 @@ B<Lucent/Ascend> router debug output, HP-UX's B<nettl>, the dump output
 from B<Toshiba's> ISDN routers, the output from B<i4btrace> from the
 ISDN4BSD project, the output in B<IPLog> format from the Cisco Secure
 Intrusion Detection System, B<pppd logs> (pppdump format), the output
-from VMS's B<TCPIPtrace> utility, the text output from the B<DBS
-Etherwatch> VMS utility, traffic capture files from Visual Networks'
-Visual UpTime, and the output from B<CoSine> L2 debug.  There is no 
-need to tell B<Tethereal> what type of file you are reading; it will 
-determine the file type by itself. B<Tethereal> is also capable of 
-reading any of these file formats if they are compressed using gzip.  
-B<Tethereal> recognizes this directly from the file; the '.gz' extension 
+from VMS's B<TCPIPtrace> and B<UCX$TRACE> utilities, the text output
+from the B<DBS Etherwatch> VMS utility, traffic capture files from
+Visual Networks' Visual UpTime, and the output from B<CoSine> L2 debug. 
+There is no need to tell B<Tethereal> what type of file you are reading;
+it will determine the file type by itself.  B<Tethereal> is also capable
+of reading any of these file formats if they are compressed using gzip. 
+B<Tethereal> recognizes this directly from the file; the '.gz' extension
 is not required for this purpose.
 
 If the B<-w> flag is not specified, B<Tethereal> prints a decoded form
diff --git a/wiretap/AUTHORS b/wiretap/AUTHORS
index 764a51978a..c7269403e7 100644
--- a/wiretap/AUTHORS
+++ b/wiretap/AUTHORS
@@ -16,3 +16,4 @@ Ronnie Sahlberg		<sahlberg[AT]optushome.com.au>
 Motonori Shindo		<mshindo[AT]mshindo.net>
 Markus Steinmann	<ms[AT]seh.de>
 Mark C. Brown		<mbrown[AT]nosila.net>
+Martin Warnes		<martin.warnes[AT]ntlworld.com>
diff --git a/wiretap/vms.c b/wiretap/vms.c
index f8f7d2dd48..898af5197b 100644
--- a/wiretap/vms.c
+++ b/wiretap/vms.c
@@ -1,6 +1,6 @@
 /* vms.c
  *
- * $Id: vms.c,v 1.16 2003/01/17 23:54:19 guy Exp $
+ * $Id: vms.c,v 1.17 2003/05/19 20:58:18 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 2001 by Marc Milgram <ethereal@mmilgram.NOSPAMmail.net>
@@ -40,7 +40,8 @@
 #include <string.h>
 #include <ctype.h>
 
-/* This module reads the output of the 'TCPIPTRACE' command in VMS
+/* This module reads the output of the 'TCPIPTRACE' and 'UCX$TRACE'
+ * commands in VMS.
  * It was initially based on toshiba.c.
  */
 
@@ -65,13 +66,36 @@
    06000000   01000000   A5860100   00000000    0040    ................
                                     00000000    0050    ....
 
+   Example UCX INTERnet (UCX$TRACE) output data:
+    UCX INTERnet trace RCV packet seq # = 1 at 14-MAY-2003 11:32:10.93 
+
+   IP Version = 4,  IHL = 5,  TOS = 00,   Total Length = 583 = ^x0247 
+   IP Identifier  = ^x702E,  Flags (0=0,DF=0,MF=0),  
+         Fragment Offset = 0 = ^x0000,   Calculated Offset = 0 = ^x0000 
+   IP TTL = 128 = ^x80,  Protocol = 17 = ^x11,  Header Checksum = ^x70EC 
+   IP Source Address      = 10.20.4.159 
+   IP Destination Address = 10.20.4.255 
+
+   UDP Source Port = 138,   UDP Destination Port = 138 
+   UDP Header and Datagram Length = 563 = ^x0233,   Checksum = ^xB913 
+
+   9F04140A   70EC1180   0000702E   47020045    0000    E..G.p.....p....
+   B1B80E11 | B9133302   8A008A00 | FF04140A    0010    .........3......
+   46484648   45200000   1D028A00   9F04140A    0020    ...........EHFHF
+   43414341   4341434D   454D4546   45454550    0030    PEEEFEMEMCACACAC
+
+The only difference between the 2 Utilities is the Packet header line, primarily
+the utility identifier and the packet sequencing.
+
 --------------------------------------------------------------------------------
 
  */
 
-/* Magic text to check for VMS-ness of file */
+/* Magic text to check for VMS-ness of file, common to both
+ * TCPIPtrace and UCX$TRACE
+ */
 static const char vms_hdr_magic[]  =
-{ 'T', 'C', 'P', 'I', 'P', 't', 'r', 'a', 'c', 'e', ' '};
+{ 'R','C','V',' ','p', 'a', 'c', 'k', 'e', 't',' '};
 #define VMS_HDR_MAGIC_SIZE  (sizeof vms_hdr_magic  / sizeof vms_hdr_magic[0])
 
 /* Magic text for start of packet */
@@ -87,7 +111,6 @@ static gboolean parse_vms_hex_dump(FILE_T fh, int pkt_len, guint8* buf,
     int *err);
 static int parse_vms_rec_hdr(wtap *wth, FILE_T fh, int *err);
 
-
 #ifdef TCPIPTRACE_FRAGMENTS_HAVE_HEADER_LINE
 /* Seeks to the beginning of the next packet, and returns the
    byte offset.  Returns -1 on failure, and sets "*err" to the error. */
@@ -329,12 +352,22 @@ parse_vms_rec_hdr(wtap *wth, FILE_T fh, int *err)
 	if ((csec == 101) && (p = strstr(line, "packet "))
 	    && (! strstr(line, "could not save "))) {
 	    /* Find text in line starting with "packet ". */
-	    num_items_scanned = sscanf(p,
-				       "packet %d at %d-%3s-%d %d:%d:%d.%d",
-				       &pktnum, &time.tm_mday, mon,
+
+	    /* First look for the TCPIPtrace format */
+	    num_items_scanned = sscanf(p,  
+		  		       "packet %d at %d-%3s-%d %d:%d:%d.%d",
+			  	       &pktnum, &time.tm_mday, mon,
 				       &time.tm_year, &time.tm_hour,
 				       &time.tm_min, &time.tm_sec, &csec);
-
+	    /* if not TCPIPtrace then try the UCX$TRACE format */
+	    if (num_items_scanned != 8) {
+	      num_items_scanned = sscanf(p,
+		  		         "packet seq # = %d at %d-%3s-%d %d:%d:%d.%d",
+			  	         &pktnum, &time.tm_mday, mon,
+				         &time.tm_year, &time.tm_hour,
+				         &time.tm_min, &time.tm_sec, &csec);
+	    }
+	    /* if neither then exit with error */
 	    if (num_items_scanned != 8) {
 	        *err = WTAP_ERR_BAD_RECORD;
 		return -1;