diff options
author | Michael Mann <mmann78@netscape.net> | 2015-12-13 16:54:16 -0500 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2015-12-14 12:17:49 +0000 |
commit | 0960ac4dfdbfba5a81c56a49cfc6201ecd8f48e3 (patch) | |
tree | 3d88cd321da2fade206b9ccddff22b70ecdfae28 /epan/dissectors/packet-eth.c | |
parent | 9319357f5e27c10f2d29e78fcdf9d323c2af36b0 (diff) |
Create capture dissector tables.
They are modeled after dissection dissector tables, but for the moment, don't have/need the flexibility. They are intended to be much simpler/faster than full dissection.
The two most used/needed are "wtap_encap" and "ethertype", so they were the basis of starting to use and test capture dissector table API. Others may be added in the future.
The "capture dissector" function signature needed a bit of tweeking to handling "claiming" of a packet.
The current application of this is capture functions returning TRUE if they affected a "type" of packet count. Returning FALSE ends up considering the packet an "other" type.
Change-Id: I81d06a6ccb2c03665f087258a46b9d78d513d6cd
Reviewed-on: https://code.wireshark.org/review/12607
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'epan/dissectors/packet-eth.c')
-rw-r--r-- | epan/dissectors/packet-eth.c | 31 |
1 files changed, 13 insertions, 18 deletions
diff --git a/epan/dissectors/packet-eth.c b/epan/dissectors/packet-eth.c index 6b0be85f56..390bb0b783 100644 --- a/epan/dissectors/packet-eth.c +++ b/epan/dissectors/packet-eth.c @@ -191,16 +191,14 @@ eth_build_filter(packet_info *pinfo) #define ETHERNET_802_3 2 #define ETHERNET_SNAP 3 -void +gboolean capture_eth(const guchar *pd, int offset, int len, packet_counts *ld, const union wtap_pseudo_header *pseudo_header _U_) { guint16 etype, length; int ethhdr_type; /* the type of ethernet frame */ - if (!BYTES_ARE_IN_FRAME(offset, len, ETH_HEADER_SIZE)) { - ld->other++; - return; - } + if (!BYTES_ARE_IN_FRAME(offset, len, ETH_HEADER_SIZE)) + return FALSE; etype = pntoh16(&pd[offset+12]); @@ -212,8 +210,7 @@ capture_eth(const guchar *pd, int offset, int len, packet_counts *ld, const unio if ((pd[offset] == 0x01 || pd[offset] == 0x0C) && pd[offset+1] == 0x00 && pd[offset+2] == 0x0C && pd[offset+3] == 0x00 && pd[offset+4] == 0x00) { - capture_isl(pd, offset, len, ld, pseudo_header); - return; + return capture_isl(pd, offset, len, ld, pseudo_header); } } @@ -236,10 +233,8 @@ capture_eth(const guchar *pd, int offset, int len, packet_counts *ld, const unio * frame; the dissector for those frames registers itself with * an ethernet type of ETHERTYPE_UNK. */ - if (etype > IEEE_802_3_MAX_LEN && etype < ETHERNET_II_MIN_LEN) { - ld->other++; - return; - } + if (etype > IEEE_802_3_MAX_LEN && etype < ETHERNET_II_MIN_LEN) + return FALSE; if (etype <= IEEE_802_3_MAX_LEN && etype != ETHERTYPE_UNK) { length = etype; @@ -272,15 +267,14 @@ capture_eth(const guchar *pd, int offset, int len, packet_counts *ld, const unio switch (ethhdr_type) { case ETHERNET_802_3: - capture_ipx(pd, offset, len, ld, pseudo_header); - break; + return capture_ipx(pd, offset, len, ld, pseudo_header); case ETHERNET_802_2: - capture_llc(pd, offset, len, ld, pseudo_header); - break; + return capture_llc(pd, offset, len, ld, pseudo_header); case ETHERNET_II: - capture_ethertype(etype, pd, offset, len, ld, pseudo_header); - break; + return try_capture_dissector("ethertype", etype, pd, offset, len, ld, pseudo_header); } + + return FALSE; } static gboolean check_is_802_2(tvbuff_t *tvb, int fcs_len); @@ -1014,7 +1008,6 @@ proto_register_eth(void) register_dissector("eth_withoutfcs", dissect_eth_withoutfcs, proto_eth); register_dissector("eth_withfcs", dissect_eth_withfcs, proto_eth); register_dissector("eth", dissect_eth_maybefcs, proto_eth); - register_capture_dissector(WTAP_ENCAP_ETHERNET, capture_eth, proto_eth); eth_tap = register_tap("eth"); register_conversation_table(proto_eth, TRUE, eth_conversation_packet, eth_hostlist_packet); @@ -1057,6 +1050,8 @@ proto_reg_handoff_eth(void) dissector_add_for_decode_as("udp.port", eth_withoutfcs_handle); dissector_add_for_decode_as("pcli.payload", eth_withoutfcs_handle); + + register_capture_dissector("wtap_encap", WTAP_ENCAP_ETHERNET, capture_eth, proto_eth); } /* |