diff options
author | Guy Harris <guy@alum.mit.edu> | 1999-08-24 03:19:34 +0000 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 1999-08-24 03:19:34 +0000 |
commit | 678b5fd6ffcb9b6fad1cd9769e393fe580cf28fa (patch) | |
tree | 04bfdca69dd647e2f67813f7bcd4642cfe5ea826 /wiretap | |
parent | 9fc0d3aefe081a52867b60cea82bb124dbb50cf5 (diff) |
Add a new Wiretap encapsulation type WTAP_ENCAP_FDDI_BITSWAPPED, meaning
"FDDI with the MAC addresses bit-swapped"; whether the MAC addresses are
bit-swapped is a property of the machine on which the capture was taken,
not of the machine on which the capture is being read - right now, none
of the capture file formats we read indicate whether FDDI MAC addresses
are bit-swapped, but this does let us treat non-"libpcap" captures as
being bit-swapped or not bit-swapped independent of the machine on which
they're being read (and of the machine on which they were captured, but
I have the impression they're bit-swapped on most platforms), and allows
us to, if, as, and when we implement packet capture in Wiretap, mark
packets in a capture file written in Wiretap-native format based on the
machine on which they are captured (assuming the rule "Ultrix, Alpha,
and BSD/OS are the only platforms that don't bit-swap", or some other
compile-time rule, gets the right answer, or that some platform has
drivers that can tell us whether the addresses are bit-swapped).
(NOTE: if, for any of the capture file formats used only on one
platform, FDDI MAC addresses aren't bit-swapped, the code to read that
capture file format should be fixed to flag them as not bit-swapped.)
Use the encapsulation type to decide whether to bit-swap addresses in
"dissect_fddi()".
svn path=/trunk/; revision=557
Diffstat (limited to 'wiretap')
-rw-r--r-- | wiretap/iptrace.c | 4 | ||||
-rw-r--r-- | wiretap/libpcap.c | 12 | ||||
-rw-r--r-- | wiretap/netmon.c | 4 | ||||
-rw-r--r-- | wiretap/netxray.c | 4 | ||||
-rw-r--r-- | wiretap/ngsniffer.c | 4 | ||||
-rw-r--r-- | wiretap/snoop.c | 4 | ||||
-rw-r--r-- | wiretap/wtap.h | 34 |
7 files changed, 46 insertions, 20 deletions
diff --git a/wiretap/iptrace.c b/wiretap/iptrace.c index 0d6e98d119..5b3652dc86 100644 --- a/wiretap/iptrace.c +++ b/wiretap/iptrace.c @@ -1,6 +1,6 @@ /* iptrace.c * - * $Id: iptrace.c,v 1.8 1999/08/22 02:29:40 guy Exp $ + * $Id: iptrace.c,v 1.9 1999/08/24 03:19:34 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -116,7 +116,7 @@ static int iptrace_read(wtap *wth, int *err) wth->phdr.pkt_encap = WTAP_ENCAP_ETHERNET; } else if (if_name1 == 'f' && if_name2 == 'd') { - wth->phdr.pkt_encap = WTAP_ENCAP_FDDI; + wth->phdr.pkt_encap = WTAP_ENCAP_FDDI_BITSWAPPED; } else if (if_name1 == 'l' && if_name2 == 'o') { /* loopback */ wth->phdr.pkt_encap = WTAP_ENCAP_RAW_IP; diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index fc67af9876..50a1689c41 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -1,6 +1,6 @@ /* libpcap.c * - * $Id: libpcap.c,v 1.14 1999/08/22 19:08:40 guy Exp $ + * $Id: libpcap.c,v 1.15 1999/08/24 03:19:34 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -52,6 +52,11 @@ ((((x)&0xFF00)>>8) | \ (((x)&0x00FF)<<8)) +/* On some systems, the FDDI MAC addresses are bit-swapped. */ +#if !defined(ultrix) && !defined(__alpha) && !defined(__bsdi) +#define BIT_SWAPPED_MAC_ADDRS +#endif + /* "libpcap" file header (minus magic number). */ struct pcap_hdr { guint16 version_major; /* major version number */ @@ -108,7 +113,11 @@ static const int pcap_encap[] = { WTAP_ENCAP_ARCNET, WTAP_ENCAP_SLIP, WTAP_ENCAP_PPP, +#ifdef BIT_SWAPPED_MAC_ADDRS + WTAP_ENCAP_FDDI_BITSWAPPED, +#else WTAP_ENCAP_FDDI, +#endif WTAP_ENCAP_ATM_RFC1483, /* or, on BSD/OS, Frame Relay */ WTAP_ENCAP_RAW_IP, /* or, on OpenBSD, DLT_LOOP, and on BSD/OS, Cisco HDLC */ @@ -307,6 +316,7 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err) 8, /* WTAP_ENCAP_SLIP -> DLT_SLIP */ 9, /* WTAP_ENCAP_PPP -> DLT_PPP */ 10, /* WTAP_ENCAP_FDDI -> DLT_FDDI */ + 10, /* WTAP_ENCAP_FDDI_BITSWAPPED -> DLT_FDDI */ 12, /* WTAP_ENCAP_RAW_IP -> DLT_RAW */ 7, /* WTAP_ENCAP_ARCNET -> DLT_ARCNET */ 11, /* WTAP_ENCAP_ATM_RFC1483 -> DLT_ATM_RFC1483 */ diff --git a/wiretap/netmon.c b/wiretap/netmon.c index cf6567e01d..57c967f6de 100644 --- a/wiretap/netmon.c +++ b/wiretap/netmon.c @@ -1,6 +1,6 @@ /* netmon.c * - * $Id: netmon.c,v 1.11 1999/08/22 02:29:40 guy Exp $ + * $Id: netmon.c,v 1.12 1999/08/24 03:19:33 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -102,7 +102,7 @@ int netmon_open(wtap *wth, int *err) WTAP_ENCAP_UNKNOWN, WTAP_ENCAP_ETHERNET, WTAP_ENCAP_TR, - WTAP_ENCAP_FDDI, + WTAP_ENCAP_FDDI_BITSWAPPED, WTAP_ENCAP_UNKNOWN, /* WAN */ WTAP_ENCAP_UNKNOWN, /* LocalTalk */ WTAP_ENCAP_UNKNOWN, /* "DIX" - should not occur */ diff --git a/wiretap/netxray.c b/wiretap/netxray.c index e3cd643089..673c229c4e 100644 --- a/wiretap/netxray.c +++ b/wiretap/netxray.c @@ -1,6 +1,6 @@ /* netxray.c * - * $Id: netxray.c,v 1.11 1999/08/22 02:29:39 guy Exp $ + * $Id: netxray.c,v 1.12 1999/08/24 03:19:33 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -101,7 +101,7 @@ int netxray_open(wtap *wth, int *err) static const int netxray_encap[] = { WTAP_ENCAP_ETHERNET, WTAP_ENCAP_TR, - WTAP_ENCAP_FDDI, + WTAP_ENCAP_FDDI_BITSWAPPED, WTAP_ENCAP_UNKNOWN, /* WAN */ WTAP_ENCAP_UNKNOWN, /* LocalTalk */ WTAP_ENCAP_UNKNOWN, /* "DIX" - should not occur */ diff --git a/wiretap/ngsniffer.c b/wiretap/ngsniffer.c index 53066089d8..c2ed78d151 100644 --- a/wiretap/ngsniffer.c +++ b/wiretap/ngsniffer.c @@ -1,6 +1,6 @@ /* ngsniffer.c * - * $Id: ngsniffer.c,v 1.19 1999/08/22 02:29:39 guy Exp $ + * $Id: ngsniffer.c,v 1.20 1999/08/24 03:19:32 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -261,7 +261,7 @@ int ngsniffer_open(wtap *wth, int *err) WTAP_ENCAP_UNKNOWN, /* Znet */ WTAP_ENCAP_LAPB, /* Internetwork analyzer */ WTAP_ENCAP_UNKNOWN, /* type 8 not defined in Sniffer */ - WTAP_ENCAP_FDDI, + WTAP_ENCAP_FDDI_BITSWAPPED, WTAP_ENCAP_ATM_SNIFFER /* ATM */ }; #define NUM_NGSNIFF_ENCAPS (sizeof sniffer_encap / sizeof sniffer_encap[0]) diff --git a/wiretap/snoop.c b/wiretap/snoop.c index eee3b242fa..d99ad456c7 100644 --- a/wiretap/snoop.c +++ b/wiretap/snoop.c @@ -1,6 +1,6 @@ /* snoop.c * - * $Id: snoop.c,v 1.7 1999/08/22 02:29:38 guy Exp $ + * $Id: snoop.c,v 1.8 1999/08/24 03:19:32 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -70,7 +70,7 @@ int snoop_open(wtap *wth, int *err) WTAP_ENCAP_UNKNOWN, /* HDLC */ WTAP_ENCAP_UNKNOWN, /* Character Synchronous */ WTAP_ENCAP_UNKNOWN, /* IBM Channel-to-Channel */ - WTAP_ENCAP_FDDI, + WTAP_ENCAP_FDDI_BITSWAPPED, WTAP_ENCAP_UNKNOWN /* Other */ }; #define NUM_SNOOP_ENCAPS (sizeof snoop_encap / sizeof snoop_encap[0]) diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 0ed96c0bae..93d791b2b0 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.33 1999/08/22 03:50:30 guy Exp $ + * $Id: wtap.h,v 1.34 1999/08/24 03:19:34 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -35,6 +35,21 @@ * WTAP_ENCAP_UNKNOWN is returned by "wtap_pcap_encap_to_wtap_encap()" * if it's handed an unknown encapsulation. * + * WTAP_ENCAP_FDDI_BITSWAPPED is for FDDI captures on systems where the + * MAC addresses you get from the hardware are bit-swapped. Ideally, + * the driver would tell us that, but I know of none that do, so, for + * now, we base it on the machine on which we're *reading* the + * capture, rather than on the machine on which the capture was taken + * (they're probably likely to be the same). We assume that they're + * bit-swapped on everything except for systems running Ultrix, Alpha + * systems, and BSD/OS systems (that's what "tcpdump" does; I guess + * Digital decided to bit-swap addresses in the hardware or in the + * driver, and I guess BSDI bit-swapped them in the driver, given that + * BSD/OS generally runs on Boring Old PC's). If we create a wiretap + * save file format, we'd use the WTAP_ENCAP values to flag the + * encapsulation of a packet, so there we'd at least be able to base + * it on the machine on which the capture was taken. + * * WTAP_ENCAP_LINUX_ATM_CLIP is the encapsulation you get with the * ATM on Linux code from <http://lrcwww.epfl.ch/linux-atm/>; * that code adds a DLT_ATM_CLIP DLT_ code of 19, and that @@ -65,16 +80,17 @@ #define WTAP_ENCAP_SLIP 3 #define WTAP_ENCAP_PPP 4 #define WTAP_ENCAP_FDDI 5 -#define WTAP_ENCAP_RAW_IP 6 -#define WTAP_ENCAP_ARCNET 7 -#define WTAP_ENCAP_ATM_RFC1483 8 -#define WTAP_ENCAP_LINUX_ATM_CLIP 9 -#define WTAP_ENCAP_LAPB 10 -#define WTAP_ENCAP_ATM_SNIFFER 11 -#define WTAP_ENCAP_NULL 12 +#define WTAP_ENCAP_FDDI_BITSWAPPED 6 +#define WTAP_ENCAP_RAW_IP 7 +#define WTAP_ENCAP_ARCNET 8 +#define WTAP_ENCAP_ATM_RFC1483 9 +#define WTAP_ENCAP_LINUX_ATM_CLIP 10 +#define WTAP_ENCAP_LAPB 11 +#define WTAP_ENCAP_ATM_SNIFFER 12 +#define WTAP_ENCAP_NULL 13 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 12 +#define WTAP_NUM_ENCAP_TYPES 13 /* File types that can be read by wiretap. We may eventually support writing some or all of these file types, |