diff options
author | Michael Mann <mmann78@netscape.net> | 2015-12-13 16:54:16 -0500 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2015-12-14 12:17:49 +0000 |
commit | 0960ac4dfdbfba5a81c56a49cfc6201ecd8f48e3 (patch) | |
tree | 3d88cd321da2fade206b9ccddff22b70ecdfae28 /epan/dissectors/packet-raw.c | |
parent | 9319357f5e27c10f2d29e78fcdf9d323c2af36b0 (diff) |
Create capture dissector tables.
They are modeled after dissection dissector tables, but for the moment, don't have/need the flexibility. They are intended to be much simpler/faster than full dissection.
The two most used/needed are "wtap_encap" and "ethertype", so they were the basis of starting to use and test capture dissector table API. Others may be added in the future.
The "capture dissector" function signature needed a bit of tweeking to handling "claiming" of a packet.
The current application of this is capture functions returning TRUE if they affected a "type" of packet count. Returning FALSE ends up considering the packet an "other" type.
Change-Id: I81d06a6ccb2c03665f087258a46b9d78d513d6cd
Reviewed-on: https://code.wireshark.org/review/12607
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'epan/dissectors/packet-raw.c')
-rw-r--r-- | epan/dissectors/packet-raw.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/epan/dissectors/packet-raw.c b/epan/dissectors/packet-raw.c index f4faf407d9..87655ede01 100644 --- a/epan/dissectors/packet-raw.c +++ b/epan/dissectors/packet-raw.c @@ -43,7 +43,7 @@ static dissector_handle_t ipv6_handle; static dissector_handle_t data_handle; static dissector_handle_t ppp_hdlc_handle; -static void +static gboolean capture_raw(const guchar *pd, int offset _U_, int len, packet_counts *ld, const union wtap_pseudo_header *pseudo_header _U_) { /* So far, the only time we get raw connection types are with Linux and @@ -55,21 +55,21 @@ capture_raw(const guchar *pd, int offset _U_, int len, packet_counts *ld, const * sometimes. This check should be removed when 2.2 is out. */ if (BYTES_ARE_IN_FRAME(0,len,2) && pd[0] == 0xff && pd[1] == 0x03) { - capture_ppp_hdlc(pd, 0, len, ld, pseudo_header); + return capture_ppp_hdlc(pd, 0, len, ld, pseudo_header); } /* The Linux ISDN driver sends a fake MAC address before the PPP header * on its ippp interfaces... */ else if (BYTES_ARE_IN_FRAME(0,len,8) && pd[6] == 0xff && pd[7] == 0x03) { - capture_ppp_hdlc(pd, 6, len, ld, pseudo_header); + return capture_ppp_hdlc(pd, 6, len, ld, pseudo_header); } /* ...except when it just puts out one byte before the PPP header... */ else if (BYTES_ARE_IN_FRAME(0,len,3) && pd[1] == 0xff && pd[2] == 0x03) { - capture_ppp_hdlc(pd, 1, len, ld, pseudo_header); + return capture_ppp_hdlc(pd, 1, len, ld, pseudo_header); } /* ...and if the connection is currently down, it sends 10 bytes of zeroes * instead of a fake MAC address and PPP header. */ else if (BYTES_ARE_IN_FRAME(0,len,10) && memcmp(pd, zeroes, 10) == 0) { - capture_ip(pd, 10, len, ld, pseudo_header); + return capture_ip(pd, 10, len, ld, pseudo_header); } else { /* @@ -80,18 +80,18 @@ capture_raw(const guchar *pd, int offset _U_, int len, packet_counts *ld, const case 0x40: /* IPv4 */ - capture_ip(pd, 0, len, ld, pseudo_header); - break; + return capture_ip(pd, 0, len, ld, pseudo_header); #if 0 case 0x60: /* IPv6 */ - capture_ipv6(pd, 0, len, ld, pseudo_header); - break; + return capture_ipv6(pd, 0, len, ld, pseudo_header); #endif } } } + + return FALSE; } static int @@ -172,8 +172,6 @@ proto_register_raw(void) proto_raw = proto_register_protocol("Raw packet data", "Raw", "raw"); proto_register_subtree_array(ett, array_length(ett)); - - register_capture_dissector(WTAP_ENCAP_RAW_IP, capture_raw, proto_raw); } void @@ -191,6 +189,7 @@ proto_reg_handoff_raw(void) ppp_hdlc_handle = find_dissector("ppp_hdlc"); raw_handle = create_dissector_handle(dissect_raw, proto_raw); dissector_add_uint("wtap_encap", WTAP_ENCAP_RAW_IP, raw_handle); + register_capture_dissector("wtap_encap", WTAP_ENCAP_RAW_IP, capture_raw, proto_raw); } /* |