diff options
author | Anders Broman <anders.broman@ericsson.com> | 2004-09-29 22:23:37 +0000 |
---|---|---|
committer | Anders Broman <anders.broman@ericsson.com> | 2004-09-29 22:23:37 +0000 |
commit | b9f8796c1c718b101e0ead8c919dd95340dc98ac (patch) | |
tree | df0e32536cb4722be22dea49149e157c6397c93f /epan | |
parent | 3dc86aaf55e946f3feff9816cebd1dea4a855ec9 (diff) |
From Miha Jemec: I implemented a H323 call decoder. Using the TAP system, it keeps track of each call, number of packets, setting filter and a more detailed analysis of each call.
svn path=/trunk/; revision=12142
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-h225.c | 29 | ||||
-rw-r--r-- | epan/dissectors/packet-h225.h | 15 | ||||
-rw-r--r-- | epan/dissectors/packet-h245.c | 51 | ||||
-rw-r--r-- | epan/dissectors/packet-h245.h | 23 |
4 files changed, 116 insertions, 2 deletions
diff --git a/epan/dissectors/packet-h225.c b/epan/dissectors/packet-h225.c index 1d848267d6..ae2474d1d8 100644 --- a/epan/dissectors/packet-h225.c +++ b/epan/dissectors/packet-h225.c @@ -53,7 +53,7 @@ static void reset_h225_packet_info(h225_packet_info *pi); static void ras_call_matching(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, h225_packet_info *pi); -static h225_packet_info h225_pi; +static h225_packet_info h225_pi; static dissector_handle_t h225ras_handle; static dissector_handle_t H323UserInformation_handle; @@ -2809,6 +2809,11 @@ dissect_h225_h245Address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr offset=dissect_per_choice(tvb, offset, pinfo, tree, hf_h225_h245Address, ett_h225_TransportAddress, TransportAddress_choice, "h245Address", NULL); + /* we need this info for TAPing */ + h225_pi.is_h245 = TRUE; + h225_pi.h245_address = ipv4_address; + h225_pi.h245_port = ipv4_port; + if((!pinfo->fd->flags.visited) && ipv4_address!=0 && ipv4_port!=0 && h245_handle){ address src_addr; conversation_t *conv=NULL; @@ -5223,8 +5228,8 @@ dissect_h225_fastStart_item(tvbuff_t *tvb, int offset, packet_info *pinfo, proto PER dissectors, but the item length is in octets */ offset=dissect_h245_OpenLogicalChannel(tvb, offset, pinfo, tree); - contains_faststart = TRUE; + h225_pi.is_faststart = TRUE; return newoffset; } @@ -5638,6 +5643,9 @@ static int dissect_h225_CallProceedingUUIE(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree) { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h225_CallProceedingUUIE, ett_h225_CallProceedingUUIE, CallProceedingUUIE_sequence); + + h225_pi.cs_type = H225_CALL_PROCEDING; + return offset; } @@ -6915,6 +6923,9 @@ static int dissect_h225_AlertingUUIE(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree) { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h225_AlertingUUIE, ett_h225_AlertingUUIE, AlertingUUIE_sequence); + + h225_pi.cs_type = H225_ALERTING; + return offset; } @@ -6955,6 +6966,9 @@ static int dissect_h225_ReleaseCompleteUUIE(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree) { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h225_ReleaseCompleteUUIE, ett_h225_ReleaseCompleteUUIE, ReleaseCompleteUUIE_sequence); + + h225_pi.cs_type = H225_RELEASE_COMPLET; + return offset; } @@ -7243,6 +7257,9 @@ dissect_h225_SetupUUIE(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree { contains_faststart = FALSE; offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h225_SetupUUIE, ett_h225_SetupUUIE, SetupUUIE_sequence); + + h225_pi.cs_type = H225_SETUP; + return offset; } @@ -7299,6 +7316,9 @@ static int dissect_h225_ConnectUUIE(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree) { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h225_ConnectUUIE, ett_h225_ConnectUUIE, ConnectUUIE_sequence); + + h225_pi.cs_type = H225_CONNECT; + return offset; } @@ -10549,12 +10569,17 @@ static void reset_h225_packet_info(h225_packet_info *pi) } pi->msg_type = H225_OTHERS; + pi->cs_type = H225_OTHER; pi->msg_tag = -1; pi->reason = -1; pi->requestSeqNum = 0; memset(pi->guid,0,16); pi->is_duplicate = FALSE; pi->request_available = FALSE; + pi->is_faststart = FALSE; + pi->is_h245 = FALSE; + pi->h245_address = 0; + pi->h245_port = 0; } /* diff --git a/epan/dissectors/packet-h225.h b/epan/dissectors/packet-h225.h index 0b2eb3f834..b736cf264e 100644 --- a/epan/dissectors/packet-h225.h +++ b/epan/dissectors/packet-h225.h @@ -36,8 +36,18 @@ typedef enum _h225_msg_type { H225_OTHERS } h225_msg_type; +typedef enum _h225_cs_type { + H225_SETUP, + H225_CALL_PROCEDING, + H225_ALERTING, + H225_CONNECT, + H225_RELEASE_COMPLET, + H225_OTHER +} h225_cs_type; + typedef struct _h225_packet_info { h225_msg_type msg_type; /* ras or cs message */ + h225_cs_type cs_type; /* cs message type */ gint msg_tag; /* message tag*/ gint reason; /* reason tag, if available */ guint requestSeqNum; /* request sequence number of ras-message, if available */ @@ -45,6 +55,11 @@ typedef struct _h225_packet_info { gboolean is_duplicate; /* true, if this is a repeated message */ gboolean request_available; /* true, if response matches to a request */ nstime_t delta_time; /* this is the RAS response time delay */ + /* added for h225 conversations analysis */ + gboolean is_faststart; /* true, if faststart field is included */ + gboolean is_h245; + guint32 h245_address; + guint16 h245_port; } h225_packet_info; /* diff --git a/epan/dissectors/packet-h245.c b/epan/dissectors/packet-h245.c index 46f10cf7a2..56165705ff 100644 --- a/epan/dissectors/packet-h245.c +++ b/epan/dissectors/packet-h245.c @@ -39,6 +39,8 @@ #include <string.h> #include <epan/prefs.h> +#include "tap.h" +#include "packet-h245.h" #include "packet-tpkt.h" #include "packet-per.h" #include <epan/t35.h> @@ -51,6 +53,10 @@ static dissector_handle_t rtcp_handle=NULL; static dissector_handle_t h245_handle; static dissector_handle_t MultimediaSystemControlMessage_handle; +static void reset_h245_packet_info(h245_packet_info *pi); +static int h245_tap = -1; +static h245_packet_info h245_pi; + static int proto_h245 = -1; /* h245 over tpkt */ static int hf_h245_rfc_number = -1; static int hf_h245_pdu_type = -1; @@ -1529,6 +1535,8 @@ dissect_h245_MasterSlaveDeterminationAck(tvbuff_t *tvb, int offset, packet_info { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_MasterSlaveDeterminationAck, ett_h245_MasterSlaveDeterminationAck, MasterSlaveDeterminationAck_sequence); + h245_pi.msg_type = H245_MastSlvDetAck; + return offset; } @@ -1562,6 +1570,8 @@ dissect_h245_MasterSlaveDeterminationReject(tvbuff_t *tvb, int offset, packet_in { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_MasterSlaveDeterminationReject, ett_h245_MasterSlaveDeterminationReject, MasterSlaveDeterminationReject_sequence); + h245_pi.msg_type = H245_MastSlvDetRjc; + return offset; } @@ -3327,6 +3337,8 @@ dissect_h245_OpenLogicalChannelReject(tvbuff_t *tvb, int offset, packet_info *pi { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_OpenLogicalChannelReject, ett_h245_OpenLogicalChannelReject, OpenLogicalChannelReject_sequence); + h245_pi.msg_type = H245_OpenLogChnRjc; + return offset; } @@ -3347,6 +3359,8 @@ dissect_h245_CloseLogicalChannel(tvbuff_t *tvb, int offset, packet_info *pinfo, { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_CloseLogicalChannel, ett_h245_CloseLogicalChannel, CloseLogicalChannel_sequence); + h245_pi.msg_type = H245_CloseLogChn; + return offset; } @@ -3363,6 +3377,8 @@ dissect_h245_CloseLogicalChannelAck(tvbuff_t *tvb, int offset, packet_info *pinf { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_CloseLogicalChannelAck, ett_h245_CloseLogicalChannelAck, CloseLogicalChannelAck_sequence); + h245_pi.msg_type = H245_CloseLogChnAck; + return offset; } @@ -3509,6 +3525,8 @@ dissect_h245_OpenLogicalChannelConfirm(tvbuff_t *tvb, int offset, packet_info *p { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_OpenLogicalChannelConfirm, ett_h245_OpenLogicalChannelConfirm, OpenLogicalChannelConfirm_sequence); + h245_pi.msg_type = H245_OpenLogChnCnf; + return offset; } @@ -3524,6 +3542,8 @@ dissect_h245_TerminalCapabilitySetAck(tvbuff_t *tvb, int offset, packet_info *pi { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_TerminalCapabilitySetAck, ett_h245_TerminalCapabilitySetAck, TerminalCapabilitySetAck_sequence); + h245_pi.msg_type = H245_TermCapSetAck; + return offset; } @@ -7638,6 +7658,8 @@ dissect_h245_MasterSlaveDetermination(tvbuff_t *tvb, int offset, packet_info *pi { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_MasterSlaveDetermination, ett_h245_MasterSlaveDetermination, MasterSlaveDetermination_sequence); + h245_pi.msg_type = H245_MastSlvDet; + return offset; } @@ -7720,6 +7742,8 @@ dissect_h245_TerminalCapabilitySetReject(tvbuff_t *tvb, int offset, packet_info { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_TerminalCapabilitySetReject, ett_h245_TerminalCapabilitySetReject, TerminalCapabilitySetReject_sequence); + h245_pi.msg_type = H245_TermCapSetRjc; + return offset; } @@ -12348,6 +12372,8 @@ dissect_h245_MasterSlaveDeterminationRelease(tvbuff_t *tvb, int offset, packet_i { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_MasterSlaveDeterminationRelease, ett_h245_MasterSlaveDeterminationRelease, MasterSlaveDeterminationRelease_sequence); + h245_pi.msg_type = H245_MastSlvDetRls; + return offset; } @@ -17487,6 +17513,8 @@ dissect_h245_TerminalCapabilitySet(tvbuff_t *tvb, int offset, packet_info *pinfo { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_TerminalCapabilitySet, ett_h245_TerminalCapabilitySet, TerminalCapabilitySet_sequence); + h245_pi.msg_type = H245_TermCapSet; + return offset; } @@ -18065,6 +18093,8 @@ dissect_h245_TerminalCapabilitySetRelease(tvbuff_t *tvb, int offset, packet_info { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_TerminalCapabilitySetRelease, ett_h245_TerminalCapabilitySetRelease, TerminalCapabilitySetRelease_sequence); + h245_pi.msg_type = H245_TermCapSetRls; + return offset; } @@ -18204,6 +18234,8 @@ dissect_h245_OpenLogicalChannel(tvbuff_t *tvb, int offset, packet_info *pinfo, p { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_OpenLogicalChannel, ett_h245_OpenLogicalChannel, OpenLogicalChannel_sequence); + h245_pi.msg_type = H245_OpenLogChn; + return offset; } @@ -18228,6 +18260,8 @@ dissect_h245_OpenLogicalChannelAck(tvbuff_t *tvb, int offset, packet_info *pinfo { offset=dissect_per_sequence(tvb, offset, pinfo, tree, hf_h245_OpenLogicalChannelAck, ett_h245_OpenLogicalChannelAck, OpenLogicalChannelAck_sequence); + h245_pi.msg_type = H245_OpenLogChnAck; + return offset; } @@ -19141,7 +19175,12 @@ dissect_h245_MultimediaSystemControlMessage(tvbuff_t *tvb, packet_info *pinfo, p void dissect_h245(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { + reset_h245_packet_info(&(h245_pi)); + h245_pi.msg_type = H245_OTHER; + dissect_tpkt_encap(tvb, pinfo, tree, h245_reassembly, MultimediaSystemControlMessage_handle); + + tap_queue_packet(h245_tap, pinfo, &h245_pi); } void @@ -22444,6 +22483,8 @@ proto_register_h245(void) nsp_object_dissector_table = register_dissector_table("h245.nsp.object", "H.245 NonStandardParameter (object)", FT_STRING, BASE_NONE); nsp_h221_dissector_table = register_dissector_table("h245.nsp.h221", "H.245 NonStandardParameter (h221)", FT_UINT32, BASE_HEX); + + h245_tap = register_tap("h245"); } void @@ -22457,3 +22498,13 @@ proto_reg_handoff_h245(void) MultimediaSystemControlMessage_handle=create_dissector_handle(dissect_h245_MultimediaSystemControlMessage, proto_h245); dissector_add_handle("udp.port", MultimediaSystemControlMessage_handle); } + +static void reset_h245_packet_info(h245_packet_info *pi) +{ + if(pi == NULL) { + return; + } + + pi->msg_type = H245_OTHER; +} + diff --git a/epan/dissectors/packet-h245.h b/epan/dissectors/packet-h245.h index 288e9925f1..ffe1bb3f40 100644 --- a/epan/dissectors/packet-h245.h +++ b/epan/dissectors/packet-h245.h @@ -23,6 +23,29 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ +typedef enum _h245_msg_type { + H245_TermCapSet, + H245_TermCapSetAck, + H245_TermCapSetRjc, + H245_TermCapSetRls, + H245_OpenLogChn, + H245_OpenLogChnCnf, + H245_OpenLogChnAck, + H245_OpenLogChnRjc, + H245_CloseLogChn, + H245_CloseLogChnAck, + H245_MastSlvDet, + H245_MastSlvDetAck, + H245_MastSlvDetRjc, + H245_MastSlvDetRls, + H245_OTHER +} h245_msg_type; + +typedef struct _h245_packet_info { + h245_msg_type msg_type; /* type of message */ +} h245_packet_info; + + extern void dissect_h245_MultimediaSystemControlMessage(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); extern int dissect_h245_OpenLogicalChannel(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree); |