We have to set "x25.flags" in the Wiretap pseudo-header if the capture

is WTAP_ENCAP_LAPB *or* WTAP_ENCAP_V120, and we have to set "p2p.sent"
in the capture file for *all* WTAP_ENCAP_LAPD captures; fix the
i4btrace and Sniffer capture file readers to do so.

(XXX - should we eliminate "x25.flags", and use "p2p.sent" instead?  The
directions for X.25 are DTE->DCE and DCE->DTE, not "sent" and
"received", but I suspect that "sent" and "received" should be thought
of from the point of view of the DTE, so DTE->DCE is "sent" and DCE->DTE
is "received"; the directions for ISDN are user->network and
network->user, but I suspect that "sent" and "received" should be
thought of from the standpoint of the user equipment, so user->network
is "sent" and network->user is "received".)

svn path=/trunk/; revision=2606

2 files changed, 123 insertions, 26 deletions

diff --git a/wiretap/i4btrace.c b/wiretap/i4btrace.c
index 52e487ff08..163b99e649 100644
--- a/wiretap/i4btrace.c
+++ b/wiretap/i4btrace.c
@@ -1,6 +1,6 @@
 /* i4btrace.c
  *
- * $Id: i4btrace.c,v 1.10 2000/09/07 05:34:08 gram Exp $
+ * $Id: i4btrace.c,v 1.11 2000/11/11 06:36:09 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1999 by Bert Driehuis <driehuis@playbeing.org>
@@ -37,6 +37,8 @@ static int i4btrace_seek_read(wtap *wth, int seek_off,
 static int i4b_read_rec_header(FILE_T fh, i4b_trace_hdr_t *hdr, int *err);
 static void i4b_byte_swap_header(wtap *wth, i4b_trace_hdr_t *hdr);
 static int i4b_read_rec_data(FILE_T fh, u_char *pd, int length, int *err);
+static void i4b_set_pseudo_header(wtap *wth, i4b_trace_hdr_t *hdr,
+    union wtap_pseudo_header *pseudo_header);
 
 /*
  * Test some fields in the header to see if they make sense.
@@ -116,6 +118,7 @@ static gboolean i4btrace_read(wtap *wth, int *err, int *data_offset)
 	i4b_trace_hdr_t hdr;
 	guint16 length;
 	void *bufp;
+	int channel;
 
 	/* Read record header. */
 	*data_offset = wth->data_offset;
@@ -136,8 +139,6 @@ static gboolean i4btrace_read(wtap *wth, int *err, int *data_offset)
 	wth->phdr.ts.tv_sec = hdr.time.tv_sec;
 	wth->phdr.ts.tv_usec = hdr.time.tv_usec;
 
-	wth->pseudo_header.x25.flags = (hdr.dir == FROM_TE) ? 0x00 : 0x80;
-
 	/*
 	 * Read the packet data.
 	 */
@@ -147,37 +148,71 @@ static gboolean i4btrace_read(wtap *wth, int *err, int *data_offset)
 		return FALSE;	/* Read error */
 	wth->data_offset += length;
 
-	/*
-	 * This heuristic tries to figure out whether the datastream is
-	 * V.120 or not. We cannot glean this from the Q.931 SETUP message,
-	 * because no commercial V.120 implementation I've seen actually
-	 * sets the V.120 protocol discriminator (that, or I'm misreading
-	 * the spec badly).
-	 * TODO: reset the flag to -1 (unknown) after a close on the B
-	 * channel is detected.
-	 */
-	if (hdr.type == TRC_CH_B1 || hdr.type == TRC_CH_B2) {
-		int channel = hdr.type - TRC_CH_B1;
+	switch (hdr.type) {
+
+	case TRC_CH_I:
+		/*
+		 * XXX - what is it?  It's probably not WTAP_ENCAP_NULL,
+		 * as that means it has a 4-byte AF_ type as the
+		 * encapsulation header.
+		 */
+		wth->phdr.pkt_encap = WTAP_ENCAP_NULL;
+		break;
+
+	case TRC_CH_D:
+		/*
+		 * D channel, so it's LAPD.
+		 */
+		wth->phdr.pkt_encap = WTAP_ENCAP_LAPD;
+		break;
+
+	case TRC_CH_B1:
+	case TRC_CH_B2:
+		/*
+		 * B channel, so it could be any of a number of things.
+		 */
+		channel = hdr.type - TRC_CH_B1;
+
 		if (wth->capture.i4btrace->bchannel_prot[channel] == -1) {
+			/*
+			 * We don't know yet whether the datastream is
+			 * V.120 or not; this heuristic tries to figure
+			 * that out.
+			 *
+			 * We cannot glean this from the Q.931 SETUP message,
+			 * because no commercial V.120 implementation I've
+			 * seen actually sets the V.120 protocol discriminator
+			 * (that, or I'm misreading the spec badly).
+			 *
+			 * TODO: reset the flag to -1 (unknown) after a close
+			 * on the B channel is detected.
+			 */
 			if (memcmp(bufp, V120SABME, 3) == 0)
 			    wth->capture.i4btrace->bchannel_prot[channel] = 1;
 			else
 			    wth->capture.i4btrace->bchannel_prot[channel] = 0;
 		}
-	}
-
-	if (hdr.type == TRC_CH_I) {
-		wth->phdr.pkt_encap = WTAP_ENCAP_NULL;
-	} else if (hdr.type == TRC_CH_D) {
-		wth->phdr.pkt_encap = WTAP_ENCAP_LAPD;
-	} else {
-		int channel = hdr.type - TRC_CH_B1;
-		if (wth->capture.i4btrace->bchannel_prot[channel] == 1)
+		if (wth->capture.i4btrace->bchannel_prot[channel] == 1) {
+			/*
+			 * V.120.
+			 */
 			wth->phdr.pkt_encap = WTAP_ENCAP_V120;
-		else
+		} else {
+			/*
+			 * Not V.120.
+			 *
+			 * XXX - what is it?  It's probably not
+			 * WTAP_ENCAP_NULL, as that means it has a
+			 * 4-byte AF_ type as the encapsulation header.
+			 * If it's PPP, we should use WTAP_ENCAP_PPP here.
+			 */
 			wth->phdr.pkt_encap = WTAP_ENCAP_NULL;
+		}
+		break;
 	}
 
+	i4b_set_pseudo_header(wth, &hdr, &wth->pseudo_header);
+
 	return TRUE;
 }
 
@@ -199,7 +234,7 @@ i4btrace_seek_read(wtap *wth, int seek_off,
 	}
 	i4b_byte_swap_header(wth, &hdr);
 
-	pseudo_header->x25.flags = (hdr.dir == FROM_TE) ? 0x00 : 0x80;
+	i4b_set_pseudo_header(wth, &hdr, pseudo_header);
 
 	/*
 	 * Read the packet data.
@@ -261,3 +296,37 @@ i4b_read_rec_data(FILE_T fh, u_char *pd, int length, int *err)
 	}
 	return 0;
 }
+
+static void
+i4b_set_pseudo_header(wtap *wth, i4b_trace_hdr_t *hdr,
+    union wtap_pseudo_header *pseudo_header)
+{
+	int channel;
+
+	switch (hdr->type) {
+
+	case TRC_CH_D:
+		/*
+		 * D channel, so it's LAPD; set "p2p.sent".
+		 */
+		pseudo_header->p2p.sent = (hdr->dir == FROM_TE) ? TRUE : FALSE;
+		break;
+
+	case TRC_CH_B1:
+	case TRC_CH_B2:
+		/*
+		 * B channel, so it could be any of a number of things;
+		 * if it's V.120, set "x25.flags".
+		 */
+		channel = hdr->type - TRC_CH_B1;
+
+		if (wth->capture.i4btrace->bchannel_prot[channel] == 1) {
+			/*
+			 * V.120.
+			 */
+			pseudo_header->x25.flags =
+			    (hdr->dir == FROM_TE) ? 0x00 : 0x80;
+		}
+		break;
+	}
+}
diff --git a/wiretap/ngsniffer.c b/wiretap/ngsniffer.c
index 42b1bc1090..5f8294c36a 100644
--- a/wiretap/ngsniffer.c
+++ b/wiretap/ngsniffer.c
@@ -1,6 +1,6 @@
 /* ngsniffer.c
  *
- * $Id: ngsniffer.c,v 1.53 2000/10/17 18:07:52 gerald Exp $
+ * $Id: ngsniffer.c,v 1.54 2000/11/11 06:36:09 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -294,6 +294,8 @@ static void set_pseudo_header_frame6(union wtap_pseudo_header *pseudo_header,
     struct frame6_rec *frame6);
 static int ngsniffer_read_rec_data(wtap *wth, gboolean is_random, u_char *pd,
     int length, int *err);
+static void fix_pseudo_header(wtap *wth,
+    union wtap_pseudo_header *pseudo_header);
 static void ngsniffer_sequential_close(wtap *wth);
 static void ngsniffer_close(wtap *wth);
 static gboolean ngsniffer_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
@@ -737,6 +739,12 @@ found:
 		}
 	}
 
+	/*
+	 * Fix up the pseudo-header; we may have set "x25.flags",
+	 * but, for some traffic, we should set "p2p.sent" instead.
+	 */
+	fix_pseudo_header(wth, &wth->pseudo_header);
+
 	t = t/1000000.0 * wth->capture.ngsniffer->timeunit; /* t = # of secs */
 	t += wth->capture.ngsniffer->start;
 	wth->phdr.ts.tv_sec = (long)t;
@@ -806,6 +814,12 @@ static int ngsniffer_seek_read(wtap *wth, int seek_off,
 	}
 
 	/*
+	 * Fix up the pseudo-header; we may have set "x25.flags",
+	 * but, for some traffic, we should set "p2p.sent" instead.
+	 */
+	fix_pseudo_header(wth, pseudo_header);
+
+	/*
 	 * Got the pseudo-header (if any), now get the data.
 	 */
 	return ngsniffer_read_rec_data(wth, TRUE, pd, packet_size, &err);
@@ -953,6 +967,20 @@ static int ngsniffer_read_rec_data(wtap *wth, gboolean is_random, u_char *pd,
 	return 0;
 }
 
+static void fix_pseudo_header(wtap *wth,
+    union wtap_pseudo_header *pseudo_header)
+{
+	switch (wth->file_encap) {
+
+	case WTAP_ENCAP_LAPD:
+		if (pseudo_header->x25.flags == 0x00)
+			pseudo_header->p2p.sent = TRUE;
+		else
+			pseudo_header->p2p.sent = FALSE;
+		break;
+	}
+}
+
 /* Throw away the buffers used by the sequential I/O stream, but not
    those used by the random I/O stream. */
 static void ngsniffer_sequential_close(wtap *wth)