diff options
| author | Gerald Combs <gerald@wireshark.org> | 2010-08-28 19:46:20 +0000 |
|---|---|---|
| committer | Gerald Combs <gerald@wireshark.org> | 2010-08-28 19:46:20 +0000 |
| commit | 5fb37af39a7a79e667ef2b8e694e106187bab7b1 (patch) | |
| tree | 965245f93e0b225f1500f627dbd17ebcb943d308 | |
| parent | a96e6b2047cce1c671f476ae26c81ee8afb7ca12 (diff) | |
De-obfuscate the Teredo client address and add a de-obfuscated port.
svn path=/trunk/; revision=33982
| -rw-r--r-- | epan/dissectors/packet-ipv6.c | 51 |
1 files changed, 43 insertions, 8 deletions
diff --git a/epan/dissectors/packet-ipv6.c b/epan/dissectors/packet-ipv6.c index 7f41a41a24..eca90b3910 100644 --- a/epan/dissectors/packet-ipv6.c +++ b/epan/dissectors/packet-ipv6.c @@ -103,18 +103,21 @@ static int hf_ipv6_src_host = -1; static int hf_ipv6_src_sa_mac = -1; static int hf_ipv6_src_isatap_ipv4 = -1; static int hf_ipv6_src_teredo_server_ipv4 = -1; +static int hf_ipv6_src_teredo_port = -1; static int hf_ipv6_src_teredo_client_ipv4 = -1; static int hf_ipv6_dst = -1; static int hf_ipv6_dst_host = -1; static int hf_ipv6_dst_sa_mac = -1; static int hf_ipv6_dst_isatap_ipv4 = -1; static int hf_ipv6_dst_teredo_server_ipv4 = -1; +static int hf_ipv6_dst_teredo_port = -1; static int hf_ipv6_dst_teredo_client_ipv4 = -1; static int hf_ipv6_addr = -1; static int hf_ipv6_host = -1; static int hf_ipv6_sa_mac = -1; static int hf_ipv6_isatap_ipv4 = -1; static int hf_ipv6_teredo_server_ipv4 = -1; +static int hf_ipv6_teredo_port = -1; static int hf_ipv6_teredo_client_ipv4 = -1; static int hf_ipv6_opt_pad1 = -1; static int hf_ipv6_opt_padn = -1; @@ -1454,18 +1457,28 @@ dissect_ipv6(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) PROTO_ITEM_SET_GENERATED(ti); PROTO_ITEM_SET_HIDDEN(ti); } else if (tvb_get_ntohl(tvb, offset + IP6H_SRC) == 0x20010000) { /* RFC 4380 section 4 */ + guint16 mapped_port = tvb_get_ntohs(tvb, offset + IP6H_SRC + 10) ^ 0xffff; + guint32 client_v4 = tvb_get_ipv4(tvb, offset + IP6H_SRC + 12) ^ 0xffffffff; + ti = proto_tree_add_item(ipv6_tree, hf_ipv6_src_teredo_server_ipv4, tvb, offset + IP6H_SRC + 4, 4, FALSE); PROTO_ITEM_SET_GENERATED(ti); - ti = proto_tree_add_item(ipv6_tree, hf_ipv6_src_teredo_client_ipv4, tvb, - offset + IP6H_SRC + 12, 4, FALSE); + ti = proto_tree_add_uint(ipv6_tree, hf_ipv6_src_teredo_port, tvb, + offset + IP6H_SRC + 10, 2, mapped_port); + PROTO_ITEM_SET_GENERATED(ti); + ti = proto_tree_add_ipv4(ipv6_tree, hf_ipv6_src_teredo_client_ipv4, tvb, + offset + IP6H_SRC + 12, 4, client_v4); PROTO_ITEM_SET_GENERATED(ti); ti = proto_tree_add_item(ipv6_tree, hf_ipv6_teredo_server_ipv4, tvb, offset + IP6H_SRC + 4, 4, FALSE); PROTO_ITEM_SET_GENERATED(ti); PROTO_ITEM_SET_HIDDEN(ti); - ti = proto_tree_add_item(ipv6_tree, hf_ipv6_teredo_client_ipv4, tvb, - offset + IP6H_SRC + 12, 4, FALSE); + ti = proto_tree_add_uint(ipv6_tree, hf_ipv6_teredo_port, tvb, + offset + IP6H_SRC + 10, 2, mapped_port); + PROTO_ITEM_SET_GENERATED(ti); + PROTO_ITEM_SET_HIDDEN(ti); + ti = proto_tree_add_ipv4(ipv6_tree, hf_ipv6_teredo_client_ipv4, tvb, + offset + IP6H_SRC + 12, 4, client_v4); PROTO_ITEM_SET_GENERATED(ti); PROTO_ITEM_SET_HIDDEN(ti); } @@ -1512,18 +1525,28 @@ dissect_ipv6(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) PROTO_ITEM_SET_GENERATED(ti); PROTO_ITEM_SET_HIDDEN(ti); } else if (tvb_get_ntohl(tvb, offset + IP6H_DST) == 0x20010000) { /* RFC 4380 section 4 */ + guint16 mapped_port = tvb_get_ntohs(tvb, offset + IP6H_DST + 10) ^ 0xffff; + guint32 client_v4 = tvb_get_ipv4(tvb, offset + IP6H_DST + 12) ^ 0xffffffff; + ti = proto_tree_add_item(ipv6_tree, hf_ipv6_dst_teredo_server_ipv4, tvb, offset + IP6H_DST + 4, 4, FALSE); PROTO_ITEM_SET_GENERATED(ti); - ti = proto_tree_add_item(ipv6_tree, hf_ipv6_dst_teredo_client_ipv4, tvb, - offset + IP6H_DST + 12, 4, FALSE); + ti = proto_tree_add_uint(ipv6_tree, hf_ipv6_dst_teredo_port, tvb, + offset + IP6H_DST + 10, 2, mapped_port); + PROTO_ITEM_SET_GENERATED(ti); + ti = proto_tree_add_ipv4(ipv6_tree, hf_ipv6_dst_teredo_client_ipv4, tvb, + offset + IP6H_DST + 12, 4, client_v4); PROTO_ITEM_SET_GENERATED(ti); ti = proto_tree_add_item(ipv6_tree, hf_ipv6_teredo_server_ipv4, tvb, offset + IP6H_DST + 4, 4, FALSE); PROTO_ITEM_SET_GENERATED(ti); PROTO_ITEM_SET_HIDDEN(ti); - ti = proto_tree_add_item(ipv6_tree, hf_ipv6_teredo_client_ipv4, tvb, - offset + IP6H_DST + 12, 4, FALSE); + ti = proto_tree_add_uint(ipv6_tree, hf_ipv6_teredo_port, tvb, + offset + IP6H_DST + 10, 2, mapped_port); + PROTO_ITEM_SET_GENERATED(ti); + PROTO_ITEM_SET_HIDDEN(ti); + ti = proto_tree_add_ipv4(ipv6_tree, hf_ipv6_teredo_client_ipv4, tvb, + offset + IP6H_DST + 12, 4, client_v4); PROTO_ITEM_SET_GENERATED(ti); PROTO_ITEM_SET_HIDDEN(ti); } @@ -1770,6 +1793,10 @@ proto_register_ipv6(void) { "Source Teredo Server IPv4", "ipv6.src_ts_ipv4", FT_IPv4, BASE_NONE, NULL, 0x0, "Source IPv6 Teredo Server Encapsulated IPv4 Address", HFILL }}, + { &hf_ipv6_src_teredo_port, + { "Source Teredo Port", "ipv6.src_tc_port", + FT_UINT16, BASE_DEC, NULL, 0x0, + "Source IPv6 Teredo Client Mapped Port", HFILL }}, { &hf_ipv6_src_teredo_client_ipv4, { "Source Teredo Client IPv4", "ipv6.src_tc_ipv4", FT_IPv4, BASE_NONE, NULL, 0x0, @@ -1794,6 +1821,10 @@ proto_register_ipv6(void) { "Destination Teredo Server IPv4", "ipv6.dst_ts_ipv4", FT_IPv4, BASE_NONE, NULL, 0x0, "Destination IPv6 Teredo Server Encapsulated IPv4 Address", HFILL }}, + { &hf_ipv6_dst_teredo_port, + { "Destination Teredo Port", "ipv6.dst_tc_port", + FT_UINT16, BASE_DEC, NULL, 0x0, + "Destination IPv6 Teredo Client Mapped Port", HFILL }}, { &hf_ipv6_dst_teredo_client_ipv4, { "Destination Teredo Client IPv4", "ipv6.dst_tc_ipv4", FT_IPv4, BASE_NONE, NULL, 0x0, @@ -1819,6 +1850,10 @@ proto_register_ipv6(void) { "Teredo Server IPv4", "ipv6.ts_ipv4", FT_IPv4, BASE_NONE, NULL, 0x0, "IPv6 Teredo Server Encapsulated IPv4 Address", HFILL }}, + { &hf_ipv6_teredo_port, + { "Teredo Port", "ipv6.tc_port", + FT_UINT16, BASE_DEC, NULL, 0x0, + "IPv6 Teredo Client Mapped Port", HFILL }}, { &hf_ipv6_teredo_client_ipv4, { "Teredo Client IPv4", "ipv6.tc_ipv4", FT_IPv4, BASE_NONE, NULL, 0x0, |