diff options
author | Guy Harris <gharris@sonic.net> | 2021-08-20 02:17:14 -0700 |
---|---|---|
committer | Guy Harris <gharris@sonic.net> | 2021-08-20 02:18:19 -0700 |
commit | 4e80643cc01454e3f7bef64e30cf6bf784c6b7d3 (patch) | |
tree | 880565cf997e84977cf50637537c44f1a8fcbac6 | |
parent | ebf5da61c6c42724535687ccb69189e7cb4df387 (diff) |
Move LINKTYPE_WIRESHARK_UPPER_PDU definitions to a separate header.
Have wsutil/exported_pdu_tlvs.h define the LINKTYPE_WIRESHARK_UPPER_PDU
TLV type and length values, as well as the port type values written to
files in EXP_PDU_TAG_PORT_TYPE TLVs.
Update the comment that describes the LINKTYPE_WIRESHARK_UPPER_PDU TLVs
to more completely and correctly reflect reality (it was moved from
epan/exported_pdu.h to wsutil/exported_pdu_tlvs.h).
Rename those port type values from OLD_PT_ to EXP_PDU_PT_; there is
nothing "old" about them - yes, they originally had the same numerical
values as the PT_ enum values in libwireshark, but that's no longer the
case, and the two are now defined independently. Rename routines that
map between libwireshark PT_ values and EXP_PDU_PT_ values to remove
"old" from the name while we're at it.
Don't include epan/exported_pdu.h if we only need the
LINKTYPE_WIRESHARK_UPPER_PDU definitions - just include
wsutil/exported_pdu_tlvs.h.
In extcap/udpdump.c, include wsutil/exported_pdu_tlvs.h rather than
defining the TLV types ourselves.
-rw-r--r-- | epan/dissectors/packet-exported_pdu.c | 72 | ||||
-rw-r--r-- | epan/exported_pdu.c | 30 | ||||
-rw-r--r-- | epan/exported_pdu.h | 155 | ||||
-rw-r--r-- | extcap/udpdump.c | 8 | ||||
-rw-r--r-- | wiretap/busmaster.c | 2 | ||||
-rw-r--r-- | wiretap/candump.c | 2 | ||||
-rw-r--r-- | wiretap/nettrace_3gpp_32_423.c | 12 | ||||
-rw-r--r-- | wsutil/CMakeLists.txt | 1 | ||||
-rw-r--r-- | wsutil/exported_pdu_tlvs.h | 166 |
9 files changed, 244 insertions, 204 deletions
diff --git a/epan/dissectors/packet-exported_pdu.c b/epan/dissectors/packet-exported_pdu.c index 7ce14c0c87..d9c948759e 100644 --- a/epan/dissectors/packet-exported_pdu.c +++ b/epan/dissectors/packet-exported_pdu.c @@ -101,23 +101,23 @@ static const value_string exported_pdu_tag_vals[] = { }; static const value_string exported_pdu_port_type_vals[] = { - { OLD_PT_NONE, "NONE" }, - { OLD_PT_SCTP, "SCTP" }, - { OLD_PT_TCP, "TCP" }, - { OLD_PT_UDP, "UDP" }, - { OLD_PT_DCCP, "DCCP" }, - { OLD_PT_IPX, "IPX" }, - { OLD_PT_NCP, "NCP" }, - { OLD_PT_EXCHG, "FC EXCHG" }, - { OLD_PT_DDP, "DDP" }, - { OLD_PT_SBCCS, "FICON SBCCS" }, - { OLD_PT_IDP, "IDP" }, - { OLD_PT_TIPC, "TIPC" }, - { OLD_PT_USB, "USB" }, - { OLD_PT_I2C, "I2C" }, - { OLD_PT_IBQP, "IBQP" }, - { OLD_PT_BLUETOOTH,"BLUETOOTH" }, - { OLD_PT_TDMOP, "TDMOP" }, + { EXP_PDU_PT_NONE, "NONE" }, + { EXP_PDU_PT_SCTP, "SCTP" }, + { EXP_PDU_PT_TCP, "TCP" }, + { EXP_PDU_PT_UDP, "UDP" }, + { EXP_PDU_PT_DCCP, "DCCP" }, + { EXP_PDU_PT_IPX, "IPX" }, + { EXP_PDU_PT_NCP, "NCP" }, + { EXP_PDU_PT_EXCHG, "FC EXCHG" }, + { EXP_PDU_PT_DDP, "DDP" }, + { EXP_PDU_PT_SBCCS, "FICON SBCCS" }, + { EXP_PDU_PT_IDP, "IDP" }, + { EXP_PDU_PT_TIPC, "TIPC" }, + { EXP_PDU_PT_USB, "USB" }, + { EXP_PDU_PT_I2C, "I2C" }, + { EXP_PDU_PT_IBQP, "IBQP" }, + { EXP_PDU_PT_BLUETOOTH,"BLUETOOTH" }, + { EXP_PDU_PT_TDMOP, "TDMOP" }, { 0, NULL } }; @@ -129,39 +129,39 @@ static const value_string exported_pdu_p2p_dir_vals[] = { { 0, NULL } }; -static port_type exp_pdu_old_to_new_port_type(guint type) +static port_type exp_pdu_port_type_to_ws_port_type(guint type) { switch (type) { - case OLD_PT_NONE: + case EXP_PDU_PT_NONE: return PT_NONE; - case OLD_PT_SCTP: + case EXP_PDU_PT_SCTP: return PT_SCTP; - case OLD_PT_TCP: + case EXP_PDU_PT_TCP: return PT_TCP; - case OLD_PT_UDP: + case EXP_PDU_PT_UDP: return PT_UDP; - case OLD_PT_DCCP: + case EXP_PDU_PT_DCCP: return PT_DCCP; - case OLD_PT_IPX: + case EXP_PDU_PT_IPX: return PT_IPX; - case OLD_PT_DDP: + case EXP_PDU_PT_DDP: return PT_DDP; - case OLD_PT_IDP: + case EXP_PDU_PT_IDP: return PT_IDP; - case OLD_PT_USB: + case EXP_PDU_PT_USB: return PT_USB; - case OLD_PT_I2C: + case EXP_PDU_PT_I2C: return PT_I2C; - case OLD_PT_IBQP: + case EXP_PDU_PT_IBQP: return PT_IBQP; - case OLD_PT_BLUETOOTH: + case EXP_PDU_PT_BLUETOOTH: return PT_BLUETOOTH; - case OLD_PT_EXCHG: - case OLD_PT_TIPC: - case OLD_PT_TDMOP: - case OLD_PT_NCP: - case OLD_PT_SBCCS: + case EXP_PDU_PT_EXCHG: + case EXP_PDU_PT_TIPC: + case EXP_PDU_PT_TDMOP: + case EXP_PDU_PT_NCP: + case EXP_PDU_PT_SBCCS: //no longer supported break; } @@ -262,7 +262,7 @@ dissect_exported_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* copy_address_shallow(&pinfo->dst, &pinfo->net_dst); break; case EXP_PDU_TAG_PORT_TYPE: - pinfo->ptype = exp_pdu_old_to_new_port_type(tvb_get_ntohl(tvb, offset)); + pinfo->ptype = exp_pdu_port_type_to_ws_port_type(tvb_get_ntohl(tvb, offset)); proto_tree_add_item(tag_tree, hf_exported_pdu_port_type, tvb, offset, 4, ENC_BIG_ENDIAN); break; case EXP_PDU_TAG_SRC_PORT: diff --git a/epan/exported_pdu.c b/epan/exported_pdu.c index 114a99a953..789d165962 100644 --- a/epan/exported_pdu.c +++ b/epan/exported_pdu.c @@ -82,38 +82,38 @@ static int exp_pdu_data_port_type_size(packet_info *pinfo _U_, void* data _U_) return EXP_PDU_TAG_PORT_LEN + 4; } -static guint exp_pdu_new_to_old_port_type(port_type pt) +static guint exp_pdu_ws_port_type_to_exp_pdu_port_type(port_type pt) { switch (pt) { case PT_NONE: - return OLD_PT_NONE; + return EXP_PDU_PT_NONE; case PT_SCTP: - return OLD_PT_SCTP; + return EXP_PDU_PT_SCTP; case PT_TCP: - return OLD_PT_TCP; + return EXP_PDU_PT_TCP; case PT_UDP: - return OLD_PT_UDP; + return EXP_PDU_PT_UDP; case PT_DCCP: - return OLD_PT_DCCP; + return EXP_PDU_PT_DCCP; case PT_IPX: - return OLD_PT_IPX; + return EXP_PDU_PT_IPX; case PT_DDP: - return OLD_PT_DDP; + return EXP_PDU_PT_DDP; case PT_IDP: - return OLD_PT_IDP; + return EXP_PDU_PT_IDP; case PT_USB: - return OLD_PT_USB; + return EXP_PDU_PT_USB; case PT_I2C: - return OLD_PT_I2C; + return EXP_PDU_PT_I2C; case PT_IBQP: - return OLD_PT_IBQP; + return EXP_PDU_PT_IBQP; case PT_BLUETOOTH: - return OLD_PT_BLUETOOTH; + return EXP_PDU_PT_BLUETOOTH; } DISSECTOR_ASSERT(FALSE); - return OLD_PT_NONE; + return EXP_PDU_PT_NONE; } static int exp_pdu_data_port_type_populate_data(packet_info *pinfo, void* data, guint8 *tlv_buffer, guint32 buffer_size _U_) @@ -122,7 +122,7 @@ static int exp_pdu_data_port_type_populate_data(packet_info *pinfo, void* data, phton16(tlv_buffer+0, EXP_PDU_TAG_PORT_TYPE); phton16(tlv_buffer+2, EXP_PDU_TAG_PORT_TYPE_LEN); /* tag length */ - pt = exp_pdu_new_to_old_port_type(pinfo->ptype); + pt = exp_pdu_ws_port_type_to_exp_pdu_port_type(pinfo->ptype); phton32(tlv_buffer+4, pt); return exp_pdu_data_port_type_size(pinfo, data); diff --git a/epan/exported_pdu.h b/epan/exported_pdu.h index 85162b061b..9c89333286 100644 --- a/epan/exported_pdu.h +++ b/epan/exported_pdu.h @@ -21,6 +21,8 @@ #include <epan/tvbuff.h> #include <epan/packet_info.h> +#include <wsutil/exported_pdu_tlvs.h> + #ifdef __cplusplus extern "C" { #endif /* __cplusplus */ @@ -39,144 +41,6 @@ extern "C" { WS_DLL_PUBLIC gint register_export_pdu_tap(const char *name); WS_DLL_PUBLIC GSList *get_export_pdu_tap_list(void); -/** - * This struct is used as the data part of tap_queue_packet() and contains a - * buffer with metadata of the protocol PDU included in the tvb in the struct. - * the meta data is in TLV form, at least one tag MUST indicate what protocol is - * in the PDU. - * Buffer layout: - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | Option Code | Option Length | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * / Option Value / - * / variable length, aligned to 32 bits / - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * / / - * / . . . other options . . . / - * / / - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | Option Code == opt_endofopt | Option Length == 0 | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - */ - -/* Tag values - * - * Do NOT add new values to this list without asking - * wireshark-dev[AT]wireshark.org for a value. Otherwise, you run the risk of - * using a value that's already being used for some other purpose, and of - * having tools that read exported_pdu captures not being able to handle - * captures with your new tag value, with no hope that they will ever be - * changed to do so (as that would destroy their ability to read captures - * using that value for that other purpose). - */ -#define EXP_PDU_TAG_END_OF_OPT 0 /**< End-of-options Tag. */ -/* 1 - 9 reserved */ -#define EXP_PDU_TAG_OPTIONS_LENGTH 10 /**< Total length of the options excluding this TLV */ -#define EXP_PDU_TAG_LINKTYPE 11 /**< Deprecated - do not use */ -#define EXP_PDU_TAG_PROTO_NAME 12 /**< The value part should be an ASCII non NULL terminated string - * of the registered dissector used by Wireshark e.g "sip" - * Will be used to call the next dissector. - */ -#define EXP_PDU_TAG_HEUR_PROTO_NAME 13 /**< The value part should be an ASCII non NULL terminated string - * containing the heuristic unique short protocol name given - * during registration, e.g "sip_udp" - * Will be used to call the next dissector. - */ -#define EXP_PDU_TAG_DISSECTOR_TABLE_NAME 14 /**< The value part should be an ASCII non NULL terminated string - * containing the dissector table name given - * during registration, e.g "gsm_map.v3.arg.opcode" - * Will be used to call the next dissector. - */ - -/* Add protocol type related tags here. - * NOTE Only one protocol type tag may be present in a packet, the first one - * found will be used*/ -/* 13 - 19 reserved */ -#define EXP_PDU_TAG_IPV4_SRC 20 -#define EXP_PDU_TAG_IPV4_DST 21 -#define EXP_PDU_TAG_IPV6_SRC 22 -#define EXP_PDU_TAG_IPV6_DST 23 - -#define EXP_PDU_TAG_PORT_TYPE 24 /**< value part is port_type enum from epan/address.h */ -#define EXP_PDU_TAG_SRC_PORT 25 -#define EXP_PDU_TAG_DST_PORT 26 - -#define EXP_PDU_TAG_SS7_OPC 28 -#define EXP_PDU_TAG_SS7_DPC 29 - -#define EXP_PDU_TAG_ORIG_FNO 30 - -#define EXP_PDU_TAG_DVBCI_EVT 31 - -#define EXP_PDU_TAG_DISSECTOR_TABLE_NAME_NUM_VAL 32 /**< value part is the numeric value to be used calling the dissector table - * given with tag EXP_PDU_TAG_DISSECTOR_TABLE_NAME, must follow immediately after the table tag. - */ - -#define EXP_PDU_TAG_COL_PROT_TEXT 33 /**< Text string to put in COL_PROTOCOL, one use case is in conjunction with dissector tables where - * COL_PROTOCOL might not be filled in. - */ - -/**< value part is structure passed into TCP subdissectors. Format is: - guint16 version Export PDU version of structure (for backwards/forwards compatibility) - guint32 seq Sequence number of first byte in the data - guint32 nxtseq Sequence number of first byte after data - guint32 lastackseq Sequence number of last ack - guint8 is_reassembled This is reassembled data. - guint16 flags TCP flags - guint16 urgent_pointer Urgent pointer value for the current packet. -*/ -#define EXP_PDU_TAG_TCP_INFO_DATA 34 - -#define EXP_PDU_TAG_P2P_DIRECTION 35 /**< The packet direction (P2P_DIR_SENT, P2P_DIR_RECV). */ - -typedef struct _exp_pdu_data_t { - guint tlv_buffer_len; - guint8 *tlv_buffer; - guint tvb_captured_length; - guint tvb_reported_length; - tvbuff_t *pdu_tvb; -} exp_pdu_data_t; - -#define EXP_PDU_TAG_IPV4_LEN 4 -#define EXP_PDU_TAG_IPV6_LEN 16 - -#define EXP_PDU_TAG_PORT_TYPE_LEN 4 -#define EXP_PDU_TAG_PORT_LEN 4 - -#define EXP_PDU_TAG_SS7_OPC_LEN 8 /* 4 bytes PC, 2 bytes standard type, 1 byte NI, 1 byte padding */ -#define EXP_PDU_TAG_SS7_DPC_LEN 8 /* 4 bytes PC, 2 bytes standard type, 1 byte NI, 1 byte padding */ - -#define EXP_PDU_TAG_ORIG_FNO_LEN 4 - -#define EXP_PDU_TAG_DVBCI_EVT_LEN 1 - -#define EXP_PDU_TAG_DISSECTOR_TABLE_NUM_VAL_LEN 4 - -/* Port types are no longer used for conversation/endpoints so - many of the enumerated values have been eliminated - Since export PDU functionality is serializing them, - keep the old values around for conversion */ -#define OLD_PT_NONE 0 -#define OLD_PT_SCTP 1 -#define OLD_PT_TCP 2 -#define OLD_PT_UDP 3 -#define OLD_PT_DCCP 4 -#define OLD_PT_IPX 5 -#define OLD_PT_NCP 6 -#define OLD_PT_EXCHG 7 -#define OLD_PT_DDP 8 -#define OLD_PT_SBCCS 9 -#define OLD_PT_IDP 10 -#define OLD_PT_TIPC 11 -#define OLD_PT_USB 12 -#define OLD_PT_I2C 13 -#define OLD_PT_IBQP 14 -#define OLD_PT_BLUETOOTH 15 -#define OLD_PT_TDMOP 16 - - /** Compute the size (in bytes) of a pdu item * @param pinfo Packet info that may contain data for the pdu item @@ -202,6 +66,21 @@ typedef struct exp_pdu_data_item void* data; } exp_pdu_data_item_t; +/* + * This struct is used as the data part of tap_queue_packet() and contains a + * buffer with metadata of the protocol PDU included in the tvb in the struct. + * + * The metadata is a sequence of TLVs in the format for the header of + * LINKTYPE_WIRESHARK_UPPER_PDU packets in pcap pcapng files. + */ +typedef struct _exp_pdu_data_t { + guint tlv_buffer_len; + guint8 *tlv_buffer; + guint tvb_captured_length; + guint tvb_reported_length; + tvbuff_t *pdu_tvb; +} exp_pdu_data_t; + /** Allocates and fills the exp_pdu_data_t struct according to the list of items diff --git a/extcap/udpdump.c b/extcap/udpdump.c index aff4a9170a..cedc2ed932 100644 --- a/extcap/udpdump.c +++ b/extcap/udpdump.c @@ -45,6 +45,7 @@ #include <wsutil/please_report_bug.h> #include <wsutil/wslog.h> #include <wsutil/pint.h> +#include <wsutil/exported_pdu_tlvs.h> #include <cli_main.h> @@ -61,13 +62,6 @@ #define UDPDUMP_EXPORT_HEADER_LEN 40 -/* Tags (from exported_pdu.h) */ -#define EXP_PDU_TAG_PROTO_NAME 12 -#define EXP_PDU_TAG_IPV4_SRC 20 -#define EXP_PDU_TAG_IPV4_DST 21 -#define EXP_PDU_TAG_SRC_PORT 25 -#define EXP_PDU_TAG_DST_PORT 26 - static gboolean run_loop = TRUE; enum { diff --git a/wiretap/busmaster.c b/wiretap/busmaster.c index f5686df7f6..eacfb12efb 100644 --- a/wiretap/busmaster.c +++ b/wiretap/busmaster.c @@ -12,8 +12,8 @@ #include "config.h" #include <wtap-int.h> #include <file_wrappers.h> -#include <epan/exported_pdu.h> #include <epan/dissectors/packet-socketcan.h> +#include <wsutil/exported_pdu_tlvs.h> #include "busmaster.h" #include "busmaster_priv.h" #include <inttypes.h> diff --git a/wiretap/candump.c b/wiretap/candump.c index 031996f59f..572dbc8c1a 100644 --- a/wiretap/candump.c +++ b/wiretap/candump.c @@ -12,7 +12,7 @@ #include <config.h> #include <wtap-int.h> #include <file_wrappers.h> -#include <epan/exported_pdu.h> +#include <wsutil/exported_pdu_tlvs.h> #include <string.h> #include <inttypes.h> #include <errno.h> diff --git a/wiretap/nettrace_3gpp_32_423.c b/wiretap/nettrace_3gpp_32_423.c index ac50976565..2793620b91 100644 --- a/wiretap/nettrace_3gpp_32_423.c +++ b/wiretap/nettrace_3gpp_32_423.c @@ -24,7 +24,7 @@ #include "wtap-int.h" #include "file_wrappers.h" -#include <epan/exported_pdu.h> +#include <wsutil/exported_pdu_tlvs.h> #include <wsutil/buffer.h> #include "wsutil/tempfile.h" #include "wsutil/os_version_info.h" @@ -196,15 +196,15 @@ nettrace_parse_address(char* curr_pos, char* next_pos, gboolean is_src_addr, exp scan_found = sscanf(curr_pos, ", %*s %*s %5u, %*s %*s %4s", &port, transp_str); if (scan_found == 2) { /* Only add port_type once */ - if (exported_pdu_info->ptype == OLD_PT_NONE) { + if (exported_pdu_info->ptype == EXP_PDU_PT_NONE) { if (g_ascii_strncasecmp(transp_str, "udp", 3) == 0) { - exported_pdu_info->ptype = OLD_PT_UDP; + exported_pdu_info->ptype = EXP_PDU_PT_UDP; } else if (g_ascii_strncasecmp(transp_str, "tcp", 3) == 0) { - exported_pdu_info->ptype = OLD_PT_TCP; + exported_pdu_info->ptype = EXP_PDU_PT_TCP; } else if (g_ascii_strncasecmp(transp_str, "sctp", 4) == 0) { - exported_pdu_info->ptype = OLD_PT_SCTP; + exported_pdu_info->ptype = EXP_PDU_PT_SCTP; } } if (is_src_addr) { @@ -262,7 +262,7 @@ nettrace_msg_to_packet(nettrace_3gpp_32_423_file_info_t *file_info, wtap_rec *re /* Clear for each iteration */ exported_pdu_info.presence_flags = 0; - exported_pdu_info.ptype = OLD_PT_NONE; + exported_pdu_info.ptype = EXP_PDU_PT_NONE; prev_pos = curr_pos = curr_pos + 4; /* Look for the end of the tag first */ diff --git a/wsutil/CMakeLists.txt b/wsutil/CMakeLists.txt index 67be67c403..c26ff8c4c8 100644 --- a/wsutil/CMakeLists.txt +++ b/wsutil/CMakeLists.txt @@ -38,6 +38,7 @@ set(WSUTIL_PUBLIC_HEADERS curve25519.h eax.h epochs.h + exported_pdu_tlvs.h filesystem.h g711.h inet_addr.h diff --git a/wsutil/exported_pdu_tlvs.h b/wsutil/exported_pdu_tlvs.h new file mode 100644 index 0000000000..f5e6bf0e1c --- /dev/null +++ b/wsutil/exported_pdu_tlvs.h @@ -0,0 +1,166 @@ +/* + * exported_pdu_tlvs.h + * Definitions for exported_pdu TLVs + * Copyright 2013, Anders Broman <anders-broman@ericsson.com> + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef EXPORTED_PDU_TLVS_H +#define EXPORTED_PDU_TLVS_H + +/** + * This is the format of the link-layer header of packets of type + * LINKTYPE_WIRESHARK_UPPER_PDU in pcap and pcapng files. + * + * It is a sequence of TLVs; at least one TLV MUST indicate what protocol is + * in the PDU following the TLVs. + * + * Each TLV has the form: + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | TLV type | TLV length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * / TLV value / + * / variable length / + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * The type and length are both big-endian; the length is the length + * of the value, and does not include the length of the type and + * length fields. + * + * The first TLV is of type EXP_PDU_TAG_OPTIONS_LENGTH; its value + * is a 4-byte integer value, giving the length of all TLVs following + * that TLV (i.e., the length does not include the length of the + * EXP_PDU_TAG_OPTIONS_LENGTH TLV). + * + * The last TLV is of type EXP_PDU_TAG_END_OF_OPT; it has a length + * of 0, and the value is zero-length. + * + * XXX - explain the padding/length rules; this requires reading + * all code that writes TLVs, to make sure that the rules don't + * disallow any TLVs that might ever have been written by that code, + * and reading all code that reads TLVs, to make sure it can handle + * all that code, and to make sure the rules don't allow writing TLVs + * that code can't read. + * + * This includes the rules for writing strings. + */ + +/* Tag values + * + * Do NOT add new values to this list without asking + * wireshark-dev[AT]wireshark.org for a value. Otherwise, you run the risk of + * using a value that's already being used for some other purpose, and of + * having tools that read exported_pdu captures not being able to handle + * captures with your new tag value, with no hope that they will ever be + * changed to do so (as that would destroy their ability to read captures + * using that value for that other purpose). + */ +#define EXP_PDU_TAG_END_OF_OPT 0 /**< End-of-options Tag. */ +/* 1 - 9 reserved */ +#define EXP_PDU_TAG_OPTIONS_LENGTH 10 /**< Total length of the options excluding this TLV */ +#define EXP_PDU_TAG_LINKTYPE 11 /**< Deprecated - do not use */ +#define EXP_PDU_TAG_PROTO_NAME 12 /**< The value part should be an ASCII non NULL terminated string + * of the registered dissector used by Wireshark e.g "sip" + * Will be used to call the next dissector. + */ +#define EXP_PDU_TAG_HEUR_PROTO_NAME 13 /**< The value part should be an ASCII non NULL terminated string + * containing the heuristic unique short protocol name given + * during registration, e.g "sip_udp" + * Will be used to call the next dissector. + */ +#define EXP_PDU_TAG_DISSECTOR_TABLE_NAME 14 /**< The value part should be an ASCII non NULL terminated string + * containing the dissector table name given + * during registration, e.g "gsm_map.v3.arg.opcode" + * Will be used to call the next dissector. + */ + +/* Add protocol type related tags here. + * NOTE Only one protocol type tag may be present in a packet, the first one + * found will be used*/ +/* 13 - 19 reserved */ +#define EXP_PDU_TAG_IPV4_SRC 20 /**< IPv4 source address - 4 bytes */ +#define EXP_PDU_TAG_IPV4_DST 21 /**< IPv4 destination address - 4 bytes */ +#define EXP_PDU_TAG_IPV6_SRC 22 /**< IPv6 source address - 16 bytes */ +#define EXP_PDU_TAG_IPV6_DST 23 /**< IPv6 destination address - 16 bytes */ + +/* Port type values for EXP_PDU_TAG_PORT_TYPE; these do not necessarily + * correspond to port type values inside libwireshark. */ +#define EXP_PDU_PT_NONE 0 +#define EXP_PDU_PT_SCTP 1 +#define EXP_PDU_PT_TCP 2 +#define EXP_PDU_PT_UDP 3 +#define EXP_PDU_PT_DCCP 4 +#define EXP_PDU_PT_IPX 5 +#define EXP_PDU_PT_NCP 6 +#define EXP_PDU_PT_EXCHG 7 +#define EXP_PDU_PT_DDP 8 +#define EXP_PDU_PT_SBCCS 9 +#define EXP_PDU_PT_IDP 10 +#define EXP_PDU_PT_TIPC 11 +#define EXP_PDU_PT_USB 12 +#define EXP_PDU_PT_I2C 13 +#define EXP_PDU_PT_IBQP 14 +#define EXP_PDU_PT_BLUETOOTH 15 +#define EXP_PDU_PT_TDMOP 16 + +#define EXP_PDU_TAG_PORT_TYPE 24 /**< part type - 4 bytes, EXP_PDU_PT value */ +#define EXP_PDU_TAG_SRC_PORT 25 /**< source port - 4 bytes (even for protocols with 2-byte ports) */ +#define EXP_PDU_TAG_DST_PORT 26 /**< destination port - 4 bytes (even for protocols with 2-byte ports) */ + +#define EXP_PDU_TAG_SS7_OPC 28 +#define EXP_PDU_TAG_SS7_DPC 29 + +#define EXP_PDU_TAG_ORIG_FNO 30 + +#define EXP_PDU_TAG_DVBCI_EVT 31 + +#define EXP_PDU_TAG_DISSECTOR_TABLE_NAME_NUM_VAL 32 /**< value part is the numeric value to be used calling the dissector table + * given with tag EXP_PDU_TAG_DISSECTOR_TABLE_NAME, must follow immediately after the table tag. + */ + +#define EXP_PDU_TAG_COL_PROT_TEXT 33 /**< Text string to put in COL_PROTOCOL, one use case is in conjunction with dissector tables where + * COL_PROTOCOL might not be filled in. + */ + +/**< value part is structure passed into TCP subdissectors. Format is: + version 2 bytes - xport PDU version of structure (for backwards/forwards compatibility) + seq 4 bytes - Sequence number of first byte in the data + nxtseq 4 bytes - Sequence number of first byte after data + lastackseq 4 bytes - Sequence number of last ack + is_reassembled 1 byte - Non-zero if this is reassembled data + flags 2 bytes - TCP flags + urgent_pointer 2 bytes - Urgent pointer value for the current packet + + All multi-byte values are in big-endian format. There is no alignment + padding between values, so seq. nxtseq, and lastackseq are not aligned + on 4-byte boundaries, andflags and urgent_pointer are not aligned on + 2-byte boundaries. +*/ +#define EXP_PDU_TAG_TCP_INFO_DATA 34 + +#define EXP_PDU_TAG_P2P_DIRECTION 35 /**< The packet direction (P2P_DIR_SENT, P2P_DIR_RECV). */ + +#define EXP_PDU_TAG_IPV4_LEN 4 +#define EXP_PDU_TAG_IPV6_LEN 16 + +#define EXP_PDU_TAG_PORT_TYPE_LEN 4 +#define EXP_PDU_TAG_PORT_LEN 4 + +#define EXP_PDU_TAG_SS7_OPC_LEN 8 /* 4 bytes PC, 2 bytes standard type, 1 byte NI, 1 byte padding */ +#define EXP_PDU_TAG_SS7_DPC_LEN 8 /* 4 bytes PC, 2 bytes standard type, 1 byte NI, 1 byte padding */ + +#define EXP_PDU_TAG_ORIG_FNO_LEN 4 + +#define EXP_PDU_TAG_DVBCI_EVT_LEN 1 + +#define EXP_PDU_TAG_DISSECTOR_TABLE_NUM_VAL_LEN 4 + +#endif /* EXPORTED_PDU_TLVS_H */ |