diff options
author | Guy Harris <guy@alum.mit.edu> | 2018-02-08 16:19:12 -0800 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2018-02-09 00:29:51 +0000 |
commit | 1f5f63f8ef98bfe9c4d734674cee0df64855555d (patch) | |
tree | 133dd3563cc8d2d29dd85d4d43cd9a4636283192 /epan/dissectors | |
parent | e4c5efafb7da2d25b7d47fe2dac3b1556c0b67b0 (diff) |
Generalize wtap_pkthdr into a structure for packet and non-packet records.
Separate the stuff that any record could have from the stuff that only
particular record types have; put the latter into a union, and put all
that into a wtap_rec structure.
Add some record-type checks as necessary.
Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2
Reviewed-on: https://code.wireshark.org/review/25696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'epan/dissectors')
-rw-r--r-- | epan/dissectors/file-file.c | 8 | ||||
-rw-r--r-- | epan/dissectors/packet-adb.c | 8 | ||||
-rw-r--r-- | epan/dissectors/packet-adb_cs.c | 16 | ||||
-rw-r--r-- | epan/dissectors/packet-bluetooth.c | 10 | ||||
-rw-r--r-- | epan/dissectors/packet-btl2cap.c | 48 | ||||
-rw-r--r-- | epan/dissectors/packet-btle.c | 4 | ||||
-rw-r--r-- | epan/dissectors/packet-frame.c | 116 | ||||
-rw-r--r-- | epan/dissectors/packet-ipoib.c | 4 | ||||
-rw-r--r-- | epan/dissectors/packet-nettl.c | 2 | ||||
-rw-r--r-- | epan/dissectors/packet-pcap_pktdata.c | 12 | ||||
-rw-r--r-- | epan/dissectors/packet-pcapng_block.c | 4 | ||||
-rw-r--r-- | epan/dissectors/packet-snort.c | 20 | ||||
-rw-r--r-- | epan/dissectors/packet-sysdig-event.c | 12 |
13 files changed, 147 insertions, 117 deletions
diff --git a/epan/dissectors/file-file.c b/epan/dissectors/file-file.c index f336494f5c..fb5be48088 100644 --- a/epan/dissectors/file-file.c +++ b/epan/dissectors/file-file.c @@ -121,7 +121,8 @@ dissect_file_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, fh_tree = proto_item_add_subtree(ti, ett_file); - proto_tree_add_int(fh_tree, hf_file_ftap_encap, tvb, 0, 0, pinfo->phdr->pkt_encap); + if (pinfo->rec->rec_type == REC_TYPE_PACKET) + proto_tree_add_int(fh_tree, hf_file_ftap_encap, tvb, 0, 0, pinfo->rec->rec_header.packet_header.pkt_encap); proto_tree_add_uint(fh_tree, hf_file_record_number, tvb, 0, 0, pinfo->num); @@ -177,12 +178,13 @@ dissect_file_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, */ __try { #endif - if (!dissector_try_uint(file_encap_dissector_table, pinfo->phdr->pkt_encap, + if (pinfo->rec->rec_type != REC_TYPE_PACKET || + !dissector_try_uint(file_encap_dissector_table, pinfo->rec->rec_header.packet_header.pkt_encap, tvb, pinfo, parent_tree)) { col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN"); col_add_fstr(pinfo->cinfo, COL_INFO, "FTAP_ENCAP = %d", - pinfo->phdr->pkt_encap); + pinfo->rec->rec_header.packet_header.pkt_encap); call_data_dissector(tvb, pinfo, parent_tree); } #ifdef _MSC_VER diff --git a/epan/dissectors/packet-adb.c b/epan/dissectors/packet-adb.c index cda947ffdb..88c794beb2 100644 --- a/epan/dissectors/packet-adb.c +++ b/epan/dissectors/packet-adb.c @@ -167,8 +167,8 @@ save_command(guint32 cmd, guint32 arg0, guint32 arg1, guint32 data_length, frame_number = pinfo->num; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = 0; @@ -391,8 +391,8 @@ dissect_adb(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) return offset; } - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = 0; diff --git a/epan/dissectors/packet-adb_cs.c b/epan/dissectors/packet-adb_cs.c index b2f3426574..25cecd5b12 100644 --- a/epan/dissectors/packet-adb_cs.c +++ b/epan/dissectors/packet-adb_cs.c @@ -101,8 +101,8 @@ dissect_adb_cs(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ main_item = proto_tree_add_item(tree, proto_adb_cs, tvb, offset, -1, ENC_NA); main_tree = proto_item_add_subtree(main_item, ett_adb_cs); - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - wireshark_interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + wireshark_interface_id = pinfo->rec->rec_header.packet_header.interface_id; if (pinfo->destport == server_port) { /* Client sent to Server */ client_request_t *client_request; @@ -117,8 +117,8 @@ dissect_adb_cs(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ col_add_fstr(pinfo->cinfo, COL_INFO, "Client"); - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - wireshark_interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + wireshark_interface_id = pinfo->rec->rec_header.packet_header.interface_id; key[0].length = 1; key[0].key = &wireshark_interface_id; @@ -182,8 +182,8 @@ dissect_adb_cs(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ } if (!pinfo->fd->flags.visited && length > 0) { /* save Length to client_requests */ - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - wireshark_interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + wireshark_interface_id = pinfo->rec->rec_header.packet_header.interface_id; key[0].length = 1; key[0].key = &wireshark_interface_id; @@ -209,8 +209,8 @@ dissect_adb_cs(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ if (!pinfo->fd->flags.visited && (length == -1 || (client_request && client_request->service_in == -1 && tvb_reported_length_remaining(tvb, offset) > 0))) { /* save Service to client_requests */ if (!client_request) { - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - wireshark_interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + wireshark_interface_id = pinfo->rec->rec_header.packet_header.interface_id; key[0].length = 1; key[0].key = &wireshark_interface_id; diff --git a/epan/dissectors/packet-bluetooth.c b/epan/dissectors/packet-bluetooth.c index 7ca2788747..6b5fc6d664 100644 --- a/epan/dissectors/packet-bluetooth.c +++ b/epan/dissectors/packet-bluetooth.c @@ -2679,8 +2679,8 @@ dissect_bluetooth_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) main_tree = proto_item_add_subtree(main_item, ett_bluetooth); bluetooth_data = (bluetooth_data_t *) wmem_new(wmem_packet_scope(), bluetooth_data_t); - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - bluetooth_data->interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + bluetooth_data->interface_id = pinfo->rec->rec_header.packet_header.interface_id; else bluetooth_data->interface_id = HCI_INTERFACE_DEFAULT; bluetooth_data->adapter_id = HCI_ADAPTER_DEFAULT; @@ -2761,7 +2761,7 @@ dissect_bluetooth(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *dat bluetooth_data->previous_protocol_data_type = BT_PD_NONE; bluetooth_data->previous_protocol_data.none = NULL; - if (!dissector_try_uint_new(bluetooth_table, pinfo->phdr->pkt_encap, tvb, pinfo, tree, TRUE, bluetooth_data)) { + if (!dissector_try_uint_new(bluetooth_table, pinfo->rec->rec_header.packet_header.pkt_encap, tvb, pinfo, tree, TRUE, bluetooth_data)) { call_data_dissector(tvb, pinfo, tree); } @@ -2790,7 +2790,7 @@ dissect_bluetooth_bthci(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi bluetooth_data->previous_protocol_data_type = BT_PD_BTHCI; bluetooth_data->previous_protocol_data.bthci = (struct bthci_phdr *)data; - if (!dissector_try_uint_new(bluetooth_table, pinfo->phdr->pkt_encap, tvb, pinfo, tree, TRUE, bluetooth_data)) { + if (!dissector_try_uint_new(bluetooth_table, pinfo->rec->rec_header.packet_header.pkt_encap, tvb, pinfo, tree, TRUE, bluetooth_data)) { call_data_dissector(tvb, pinfo, tree); } @@ -2818,7 +2818,7 @@ dissect_bluetooth_btmon(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi bluetooth_data->previous_protocol_data_type = BT_PD_BTMON; bluetooth_data->previous_protocol_data.btmon = (struct btmon_phdr *)data; - if (!dissector_try_uint_new(bluetooth_table, pinfo->phdr->pkt_encap, tvb, pinfo, tree, TRUE, bluetooth_data)) { + if (!dissector_try_uint_new(bluetooth_table, pinfo->rec->rec_header.packet_header.pkt_encap, tvb, pinfo, tree, TRUE, bluetooth_data)) { call_data_dissector(tvb, pinfo, tree); } diff --git a/epan/dissectors/packet-btl2cap.c b/epan/dissectors/packet-btl2cap.c index 7174fb6d0d..363a5e41ca 100644 --- a/epan/dissectors/packet-btl2cap.c +++ b/epan/dissectors/packet-btl2cap.c @@ -705,8 +705,8 @@ dissect_connrequest(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 chandle; psm_data_t *psm_data; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -767,8 +767,8 @@ dissect_connrequest(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 adapter_id; guint32 chandle; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -859,8 +859,8 @@ dissect_le_credit_based_connrequest(tvbuff_t *tvb, int offset, packet_info *pinf guint32 chandle; psm_data_t *psm_data; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -920,8 +920,8 @@ dissect_le_credit_based_connrequest(tvbuff_t *tvb, int offset, packet_info *pinf guint32 adapter_id; guint32 chandle; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -1006,8 +1006,8 @@ dissect_le_credit_based_connresponse(tvbuff_t *tvb, int offset, packet_info *pin guint32 chandle; guint32 cid; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -1268,8 +1268,8 @@ dissect_configrequest(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 chandle; guint32 cid; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -1465,8 +1465,8 @@ dissect_configresponse(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 chandle; guint32 cid; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -1556,8 +1556,8 @@ dissect_connresponse(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 chandle; guint32 cid; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -1757,8 +1757,8 @@ dissect_disconnrequestresponse(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 key_scid; guint32 key_dcid; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -1849,8 +1849,8 @@ dissect_disconnrequestresponse(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 chandle; guint32 key_dcid; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; @@ -2435,8 +2435,8 @@ dissect_btl2cap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) l2cap_data = wmem_new(wmem_packet_scope(), btl2cap_data_t); - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - l2cap_data->interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + l2cap_data->interface_id = pinfo->rec->rec_header.packet_header.interface_id; else l2cap_data->interface_id = HCI_INTERFACE_DEFAULT; if (acl_data) { @@ -2712,8 +2712,8 @@ dissect_btl2cap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) guint32 chandle; guint32 key_cid; - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; adapter_id = (acl_data) ? acl_data->adapter_id : HCI_ADAPTER_DEFAULT; diff --git a/epan/dissectors/packet-btle.c b/epan/dissectors/packet-btle.c index b7256a09be..055f55668f 100644 --- a/epan/dissectors/packet-btle.c +++ b/epan/dissectors/packet-btle.c @@ -576,8 +576,8 @@ dissect_btle(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) if (bluetooth_data) interface_id = bluetooth_data->interface_id; - else if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) - interface_id = pinfo->phdr->interface_id; + else if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) + interface_id = pinfo->rec->rec_header.packet_header.interface_id; else interface_id = HCI_INTERFACE_DEFAULT; diff --git a/epan/dissectors/packet-frame.c b/epan/dissectors/packet-frame.c index e9cd5a8f0e..ce6cd531ba 100644 --- a/epan/dissectors/packet-frame.c +++ b/epan/dissectors/packet-frame.c @@ -228,14 +228,14 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* DISSECTOR_ASSERT(fr_data); - switch (pinfo->phdr->rec_type) { + switch (pinfo->rec->rec_type) { case REC_TYPE_PACKET: pinfo->current_proto = "Frame"; - if (pinfo->phdr->presence_flags & WTAP_HAS_PACK_FLAGS) { - if (pinfo->phdr->pack_flags & 0x00000001) + if (pinfo->rec->presence_flags & WTAP_HAS_PACK_FLAGS) { + if (pinfo->rec->rec_header.packet_header.pack_flags & 0x00000001) pinfo->p2p_dir = P2P_DIR_RECV; - if (pinfo->phdr->pack_flags & 0x00000002) + if (pinfo->rec->rec_header.packet_header.pack_flags & 0x00000002) pinfo->p2p_dir = P2P_DIR_SENT; } @@ -245,7 +245,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* * overrides the packet record. */ if (pinfo->pseudo_header != NULL) { - switch (pinfo->phdr->pkt_encap) { + switch (pinfo->rec->rec_header.packet_header.pkt_encap) { case WTAP_ENCAP_WFLEET_HDLC: case WTAP_ENCAP_CHDLC_WITH_PHDR: @@ -340,13 +340,49 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* cap_plurality = plurality(cap_len, "", "s"); frame_plurality = plurality(frame_len, "", "s"); - switch (pinfo->phdr->rec_type) { + switch (pinfo->rec->rec_type) { case REC_TYPE_PACKET: + ti = proto_tree_add_protocol_format(tree, proto_frame, tvb, 0, tvb_captured_length(tvb), + "Frame %u: %u byte%s on wire", + pinfo->num, frame_len, frame_plurality); + if (generate_bits_field) + proto_item_append_text(ti, " (%u bits)", frame_len * 8); + proto_item_append_text(ti, ", %u byte%s captured", + cap_len, cap_plurality); + if (generate_bits_field) { + proto_item_append_text(ti, " (%u bits)", + cap_len * 8); + } + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID) { + proto_item_append_text(ti, " on interface %u", + pinfo->rec->rec_header.packet_header.interface_id); + } + if (pinfo->rec->presence_flags & WTAP_HAS_PACK_FLAGS) { + if (pinfo->rec->rec_header.packet_header.pack_flags & 0x00000001) + proto_item_append_text(ti, " (inbound)"); + if (pinfo->rec->rec_header.packet_header.pack_flags & 0x00000002) + proto_item_append_text(ti, " (outbound)"); + } + break; + case REC_TYPE_FT_SPECIFIC_EVENT: + ti = proto_tree_add_protocol_format(tree, proto_frame, tvb, 0, tvb_captured_length(tvb), + "Event %u: %u byte%s on wire", + pinfo->num, frame_len, frame_plurality); + if (generate_bits_field) + proto_item_append_text(ti, " (%u bits)", frame_len * 8); + proto_item_append_text(ti, ", %u byte%s captured", + cap_len, cap_plurality); + if (generate_bits_field) { + proto_item_append_text(ti, " (%u bits)", + cap_len * 8); + } + break; + case REC_TYPE_FT_SPECIFIC_REPORT: ti = proto_tree_add_protocol_format(tree, proto_frame, tvb, 0, tvb_captured_length(tvb), - "Frame %u: %u byte%s on wire", - pinfo->num, frame_len, frame_plurality); + "Report %u: %u byte%s on wire", + pinfo->num, frame_len, frame_plurality); if (generate_bits_field) proto_item_append_text(ti, " (%u bits)", frame_len * 8); proto_item_append_text(ti, ", %u byte%s captured", @@ -366,39 +402,28 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* * be preferred? */ ti = proto_tree_add_protocol_format(tree, proto_syscall, tvb, 0, tvb_captured_length(tvb), - "System Call %u: %u byte%s", - pinfo->num, frame_len, frame_plurality); + "System Call %u: %u byte%s", + pinfo->num, frame_len, frame_plurality); break; } - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) { - proto_item_append_text(ti, " on interface %u", - pinfo->phdr->interface_id); - } - if (pinfo->phdr->presence_flags & WTAP_HAS_PACK_FLAGS) { - if (pinfo->phdr->pack_flags & 0x00000001) - proto_item_append_text(ti, " (inbound)"); - if (pinfo->phdr->pack_flags & 0x00000002) - proto_item_append_text(ti, " (outbound)"); - } - fh_tree = proto_item_add_subtree(ti, ett_frame); - if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID && + if (pinfo->rec->presence_flags & WTAP_HAS_INTERFACE_ID && (proto_field_is_referenced(tree, hf_frame_interface_id) || proto_field_is_referenced(tree, hf_frame_interface_name) || proto_field_is_referenced(tree, hf_frame_interface_description))) { - const char *interface_name = epan_get_interface_name(pinfo->epan, pinfo->phdr->interface_id); - const char *interface_description = epan_get_interface_description(pinfo->epan, pinfo->phdr->interface_id); + const char *interface_name = epan_get_interface_name(pinfo->epan, pinfo->rec->rec_header.packet_header.interface_id); + const char *interface_description = epan_get_interface_description(pinfo->epan, pinfo->rec->rec_header.packet_header.interface_id); proto_tree *if_tree; proto_item *if_item; if (interface_name) { if_item = proto_tree_add_uint_format_value(fh_tree, hf_frame_interface_id, tvb, 0, 0, - pinfo->phdr->interface_id, "%u (%s)", - pinfo->phdr->interface_id, interface_name); + pinfo->rec->rec_header.packet_header.interface_id, "%u (%s)", + pinfo->rec->rec_header.packet_header.interface_id, interface_name); if_tree = proto_item_add_subtree(if_item, ett_ifname); proto_tree_add_string(if_tree, hf_frame_interface_name, tvb, 0, 0, interface_name); } else { - if_item = proto_tree_add_uint(fh_tree, hf_frame_interface_id, tvb, 0, 0, pinfo->phdr->interface_id); + if_item = proto_tree_add_uint(fh_tree, hf_frame_interface_id, tvb, 0, 0, pinfo->rec->rec_header.packet_header.interface_id); } if (interface_description) { @@ -407,7 +432,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* } } - if (pinfo->phdr->presence_flags & WTAP_HAS_PACK_FLAGS) { + if (pinfo->rec->presence_flags & WTAP_HAS_PACK_FLAGS) { proto_tree *flags_tree; proto_item *flags_item; static const int * flags[] = { @@ -426,13 +451,13 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* NULL }; - flags_item = proto_tree_add_uint(fh_tree, hf_frame_pack_flags, tvb, 0, 0, pinfo->phdr->pack_flags); + flags_item = proto_tree_add_uint(fh_tree, hf_frame_pack_flags, tvb, 0, 0, pinfo->rec->rec_header.packet_header.pack_flags); flags_tree = proto_item_add_subtree(flags_item, ett_flags); - proto_tree_add_bitmask_list_value(flags_tree, tvb, 0, 0, flags, pinfo->phdr->pack_flags); + proto_tree_add_bitmask_list_value(flags_tree, tvb, 0, 0, flags, pinfo->rec->rec_header.packet_header.pack_flags); } - if (pinfo->phdr->rec_type == REC_TYPE_PACKET) - proto_tree_add_int(fh_tree, hf_frame_wtap_encap, tvb, 0, 0, pinfo->phdr->pkt_encap); + if (pinfo->rec->rec_type == REC_TYPE_PACKET) + proto_tree_add_int(fh_tree, hf_frame_wtap_encap, tvb, 0, 0, pinfo->rec->rec_header.packet_header.pkt_encap); if (pinfo->presence_flags & PINFO_HAS_TS) { proto_tree_add_time(fh_tree, hf_frame_arrival_time, tvb, @@ -512,16 +537,19 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* ti = proto_tree_add_boolean(fh_tree, hf_frame_ignored, tvb, 0, 0,pinfo->fd->flags.ignored); PROTO_ITEM_SET_GENERATED(ti); - /* Check for existences of P2P pseudo header */ - if (pinfo->p2p_dir != P2P_DIR_UNKNOWN) { - proto_tree_add_int(fh_tree, hf_frame_p2p_dir, tvb, - 0, 0, pinfo->p2p_dir); - } + if (pinfo->rec->rec_type == REC_TYPE_PACKET) { + /* Check for existences of P2P pseudo header */ + if (pinfo->p2p_dir != P2P_DIR_UNKNOWN) { + proto_tree_add_int(fh_tree, hf_frame_p2p_dir, tvb, + 0, 0, pinfo->p2p_dir); + } - /* Check for existences of MTP2 link number */ - if ((pinfo->pseudo_header != NULL ) && (pinfo->phdr->pkt_encap == WTAP_ENCAP_MTP2_WITH_PHDR)) { - proto_tree_add_uint(fh_tree, hf_link_number, tvb, - 0, 0, pinfo->link_number); + /* Check for existences of MTP2 link number */ + if ((pinfo->pseudo_header != NULL) && + (pinfo->rec->rec_header.packet_header.pkt_encap == WTAP_ENCAP_MTP2_WITH_PHDR)) { + proto_tree_add_uint(fh_tree, hf_link_number, tvb, + 0, 0, pinfo->link_number); + } } if (show_file_off) { @@ -552,7 +580,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* */ __try { #endif - switch (pinfo->phdr->rec_type) { + switch (pinfo->rec->rec_type) { case REC_TYPE_PACKET: if ((force_docsis_encap) && (docsis_handle)) { @@ -561,12 +589,12 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* (void *)pinfo->pseudo_header); } else { if (!dissector_try_uint_new(wtap_encap_dissector_table, - pinfo->phdr->pkt_encap, tvb, pinfo, + pinfo->rec->rec_header.packet_header.pkt_encap, tvb, pinfo, parent_tree, TRUE, (void *)pinfo->pseudo_header)) { col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN"); col_add_fstr(pinfo->cinfo, COL_INFO, "WTAP_ENCAP = %d", - pinfo->phdr->pkt_encap); + pinfo->rec->rec_header.packet_header.pkt_encap); call_data_dissector(tvb, pinfo, parent_tree); } } diff --git a/epan/dissectors/packet-ipoib.c b/epan/dissectors/packet-ipoib.c index 91af43a701..fe0df01f8f 100644 --- a/epan/dissectors/packet-ipoib.c +++ b/epan/dissectors/packet-ipoib.c @@ -60,7 +60,7 @@ dissect_ipoib(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U guint16 type; int grh_size = 0; - if (pinfo->phdr->pkt_encap == WTAP_ENCAP_IP_OVER_IB_PCAP) + if (pinfo->rec->rec_header.packet_header.pkt_encap == WTAP_ENCAP_IP_OVER_IB_PCAP) grh_size = 40; /* load the top pane info. This should be overwritten by @@ -74,7 +74,7 @@ dissect_ipoib(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U fh_tree = proto_item_add_subtree(ti, ett_raw); /* for PCAP data populate subtree with GRH pseudo header data */ - if (pinfo->phdr->pkt_encap == WTAP_ENCAP_IP_OVER_IB_PCAP) { + if (pinfo->rec->rec_header.packet_header.pkt_encap == WTAP_ENCAP_IP_OVER_IB_PCAP) { /* Zero means GRH is not valid (unicast). Only destination address is set. */ diff --git a/epan/dissectors/packet-nettl.c b/epan/dissectors/packet-nettl.c index 13ef003b0f..38ff0ebecc 100644 --- a/epan/dissectors/packet-nettl.c +++ b/epan/dissectors/packet-nettl.c @@ -227,7 +227,7 @@ dissect_nettl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U 0, 0, pinfo->pseudo_header->nettl.uid); } - switch (pinfo->phdr->pkt_encap) { + switch (pinfo->rec->rec_header.packet_header.pkt_encap) { case WTAP_ENCAP_NETTL_ETHERNET: call_dissector(eth_withoutfcs_handle, tvb, pinfo, tree); break; diff --git a/epan/dissectors/packet-pcap_pktdata.c b/epan/dissectors/packet-pcap_pktdata.c index d487c2562a..d1a44eb0af 100644 --- a/epan/dissectors/packet-pcap_pktdata.c +++ b/epan/dissectors/packet-pcap_pktdata.c @@ -268,12 +268,12 @@ dissect_pcap_pktdata(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void * * We're passed a pointer to a LINKTYPE_ value. * Find the Wiretap encapsulation for that value. */ - pinfo->phdr->pkt_encap = wtap_pcap_encap_to_wtap_encap(*link_type); + pinfo->rec->rec_header.packet_header.pkt_encap = wtap_pcap_encap_to_wtap_encap(*link_type); /* * Do we know that type? */ - if (pinfo->phdr->pkt_encap == WTAP_ENCAP_UNKNOWN) { + if (pinfo->rec->rec_header.packet_header.pkt_encap == WTAP_ENCAP_UNKNOWN) { /* * Nothing we know. * Just report that and give up. @@ -297,11 +297,11 @@ dissect_pcap_pktdata(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void * * pseudo-header from the bytes at the beginning of the * packet data. */ - if (wtap_encap_requires_phdr(pinfo->phdr->pkt_encap)) { + if (wtap_encap_requires_phdr(pinfo->rec->rec_header.packet_header.pkt_encap)) { /* * It does. Do we have code to do that? */ - switch (pinfo->phdr->pkt_encap) { + switch (pinfo->rec->rec_header.packet_header.pkt_encap) { case WTAP_ENCAP_BLUETOOTH_H4_WITH_PHDR: pseudoheader_item = proto_tree_add_item(tree, hf_pcap_pktdata_pseudoheader, tvb, offset, 4, ENC_NA); @@ -353,7 +353,7 @@ dissect_pcap_pktdata(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void * * These also require a pseudo-header, but it's not constructed * from packet data. */ - switch (pinfo->phdr->pkt_encap) { + switch (pinfo->rec->rec_header.packet_header.pkt_encap) { case WTAP_ENCAP_ETHERNET: eth.fcs_len = -1; /* Unknown whether we have an FCS */ @@ -368,7 +368,7 @@ dissect_pcap_pktdata(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void * next_tvb = tvb_new_subset_remaining(tvb, offset); - offset = dissector_try_uint_new(wtap_encap_table, pinfo->phdr->pkt_encap, next_tvb, pinfo, tree, TRUE, phdr); + offset = dissector_try_uint_new(wtap_encap_table, pinfo->rec->rec_header.packet_header.pkt_encap, next_tvb, pinfo, tree, TRUE, phdr); return offset; } diff --git a/epan/dissectors/packet-pcapng_block.c b/epan/dissectors/packet-pcapng_block.c index 26e8c50d02..23f051bf76 100644 --- a/epan/dissectors/packet-pcapng_block.c +++ b/epan/dissectors/packet-pcapng_block.c @@ -41,13 +41,13 @@ dissect_pcapng_block(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* * is one. */ if (!dissector_try_uint(pcapng_block_type_dissector_table, - pinfo->pseudo_header->ftsrec.record_type, tvb, pinfo, tree)) { + pinfo->rec->rec_header.ft_specific_header.record_type, tvb, pinfo, tree)) { /* * There isn't one; just do a minimal display. */ col_set_str(pinfo->cinfo, COL_PROTOCOL, "PCAPNG"); col_add_fstr(pinfo->cinfo, COL_INFO, "Pcapng block, type %u", - pinfo->pseudo_header->ftsrec.record_type); + pinfo->rec->rec_header.ft_specific_header.record_type); proto_tree_add_item(tree, proto_pcapng_block, tvb, 0, -1, ENC_NA); } diff --git a/epan/dissectors/packet-snort.c b/epan/dissectors/packet-snort.c index 6da2a4b7e8..953ad7e147 100644 --- a/epan/dissectors/packet-snort.c +++ b/epan/dissectors/packet-snort.c @@ -1158,7 +1158,7 @@ snort_dissector(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data if (!pinfo->fd->flags.visited && current_session.working) { int write_err = 0; gchar *err_info; - struct wtap_pkthdr wtp; + wtap_rec rec; /* First time, open current_session.in to write to for dumping into snort with */ if (!current_session.pdh) { @@ -1177,7 +1177,7 @@ snort_dissector(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data */ current_session.pdh = wtap_dump_fdopen(current_session.in, WTAP_FILE_TYPE_SUBTYPE_PCAP, - pinfo->phdr->pkt_encap, + pinfo->rec->rec_header.packet_header.pkt_encap, WTAP_MAX_PACKET_SIZE_STANDARD, FALSE, /* compressed */ &open_err); @@ -1188,24 +1188,24 @@ snort_dissector(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data } /* Start with all same values... */ - memcpy(&wtp, pinfo->phdr, sizeof(wtp)); + rec = *pinfo->rec; /* Copying packet details into wtp for writing */ - wtp.ts = pinfo->fd->abs_ts; + rec.ts = pinfo->fd->abs_ts; - /* NB: overwriting wtp.ts.nsecs so we can see packet number back if an alert is written for this frame!!!! */ + /* NB: overwriting the time stamp so we can see packet number back if an alert is written for this frame!!!! */ /* TODO: does this seriously affect snort's ability to reason about time? * At least all packets will still be in order... */ - wtp.ts.nsecs = pinfo->fd->num * 1000; /* XXX, max 999'999 frames */ + rec.ts.nsecs = pinfo->fd->num * 1000; /* XXX, max 999'999 frames */ - wtp.caplen = tvb_captured_length(tvb); - wtp.len = tvb_reported_length(tvb); - if (current_session.pdh->encap != wtp.pkt_encap) { + rec.rec_header.packet_header.caplen = tvb_captured_length(tvb); + rec.rec_header.packet_header.len = tvb_reported_length(tvb); + if (current_session.pdh->encap != rec.rec_header.packet_header.pkt_encap) { /* XXX, warning! convert? */ } /* Dump frame into snort's stdin */ - if (!wtap_dump(current_session.pdh, &wtp, tvb_get_ptr(tvb, 0, tvb_reported_length(tvb)), &write_err, &err_info)) { + if (!wtap_dump(current_session.pdh, &rec, tvb_get_ptr(tvb, 0, tvb_reported_length(tvb)), &write_err, &err_info)) { current_session.working = FALSE; return 0; } diff --git a/epan/dissectors/packet-sysdig-event.c b/epan/dissectors/packet-sysdig-event.c index c5e468ff5d..81147059bc 100644 --- a/epan/dissectors/packet-sysdig-event.c +++ b/epan/dissectors/packet-sysdig-event.c @@ -1898,8 +1898,8 @@ dissect_sysdig_event(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, { proto_item *ti; proto_tree *se_tree, *syscall_tree; - guint event_type = pinfo->phdr->pseudo_header.sysdig_event.event_type; - int encoding = pinfo->phdr->pseudo_header.sysdig_event.byte_order == G_BIG_ENDIAN ? ENC_BIG_ENDIAN : ENC_LITTLE_ENDIAN; + guint event_type = pinfo->rec->rec_header.syscall_header.event_type; + int encoding = pinfo->rec->rec_header.syscall_header.byte_order == G_BIG_ENDIAN ? ENC_BIG_ENDIAN : ENC_LITTLE_ENDIAN; const struct _event_col_info *cur_col_info; const struct _event_tree_info *cur_tree_info; @@ -1959,9 +1959,9 @@ dissect_sysdig_event(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, se_tree = proto_item_add_subtree(ti, ett_sysdig_event); - proto_tree_add_uint(se_tree, hf_se_cpu_id, tvb, 0, 0, pinfo->phdr->pseudo_header.sysdig_event.cpu_id); - proto_tree_add_uint64(se_tree, hf_se_thread_id, tvb, 0, 0, pinfo->phdr->pseudo_header.sysdig_event.thread_id); - proto_tree_add_uint(se_tree, hf_se_event_length, tvb, 0, 0, pinfo->phdr->pseudo_header.sysdig_event.event_len); + proto_tree_add_uint(se_tree, hf_se_cpu_id, tvb, 0, 0, pinfo->rec->rec_header.syscall_header.cpu_id); + proto_tree_add_uint64(se_tree, hf_se_thread_id, tvb, 0, 0, pinfo->rec->rec_header.syscall_header.thread_id); + proto_tree_add_uint(se_tree, hf_se_event_length, tvb, 0, 0, pinfo->rec->rec_header.syscall_header.event_len); ti = proto_tree_add_uint(se_tree, hf_se_event_type, tvb, 0, 0, event_type); syscall_tree = proto_item_add_subtree(ti, ett_sysdig_syscall); @@ -1975,7 +1975,7 @@ dissect_sysdig_event(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* XXX */ /* return offset; */ - return pinfo->phdr->pseudo_header.sysdig_event.event_len; + return pinfo->rec->rec_header.syscall_header.event_len; } /* Register the protocol with Wireshark. |