Olivier Abad's patches to add:

	more display filters for X.25;

	no LCN in X.25 RESTART / DIAGNOSTIC / REGISTRATION packets;

	support for nettl file format (nettl is a trace tool for HP-UX).
	For now, it only supports traces for X.25 interfaces (tested
	with HP-UX 10.20).

svn path=/trunk/; revision=879

6 files changed, 192 insertions, 6 deletions

diff --git a/wiretap/Makefile.am b/wiretap/Makefile.am
index 84d811dc5c..37a628408e 100644
--- a/wiretap/Makefile.am
+++ b/wiretap/Makefile.am
@@ -1,7 +1,7 @@
 # Makefile.am
 # Automake file for Wiretap
 #
-# $Id: Makefile.am,v 1.22 1999/10/08 07:41:31 guy Exp $
+# $Id: Makefile.am,v 1.23 1999/10/18 01:51:32 guy Exp $
 #
 # Ethereal - Network traffic analyzer
 # By Gerald Combs <gerald@zing.org>
@@ -48,6 +48,8 @@ libwiretap_a_SOURCES = \
 	libpcap.h		\
 	netmon.c		\
 	netmon.h		\
+	nettl.c			\
+	nettl.h			\
 	netxray.c		\
 	netxray.h		\
 	ngsniffer.c		\
diff --git a/wiretap/file.c b/wiretap/file.c
index 7a24ab3a05..dc95eec2a4 100644
--- a/wiretap/file.c
+++ b/wiretap/file.c
@@ -1,6 +1,6 @@
 /* file.c
  *
- * $Id: file.c,v 1.25 1999/10/05 07:06:05 guy Exp $
+ * $Id: file.c,v 1.26 1999/10/18 01:51:34 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -36,6 +36,7 @@
 #include "ngsniffer.h"
 #include "radcom.h"
 #include "ascend.h"
+#include "nettl.h"
 #include "libpcap.h"
 #include "snoop.h"
 #include "iptrace.h"
@@ -68,7 +69,8 @@ static int (*open_routines[])(wtap *, int *) = {
 	netmon_open,
 	netxray_open,
 	radcom_open,
-	ascend_open
+	ascend_open,
+	nettl_open
 };
 
 int wtap_def_seek_read (FILE *fh, int seek_off, guint8 *pd, int len)
diff --git a/wiretap/nettl.c b/wiretap/nettl.c
new file mode 100644
index 0000000000..e2cf17f88b
--- /dev/null
+++ b/wiretap/nettl.c
@@ -0,0 +1,147 @@
+/* nettl.c
+ *
+ * Wiretap Library
+ * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
+ * 
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ */
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include "wtap.h"
+#include "file.h"
+#include "buffer.h"
+#include "nettl.h"
+
+static char nettl_magic[5] = {
+    0x54, 0x52, 0x00, 0x64, 0x00
+};
+
+/* HP nettl record header - The FCS is not included in the file. */
+struct nettlrec_hdr {
+    char	xxa[12];
+    char	from_dce;
+    char	xxb[55];
+    guint16	length;
+    guint16	length2;    /* don't know which one is captured length / real length */
+    char	xxc[4];
+    char	sec[4];
+    char	usec[4];
+    char	xxd[4];
+};
+
+/* header is followed by data and once again the total length (2 bytes) ! */
+
+static int nettl_read(wtap *wth, int *err);
+
+int nettl_open(wtap *wth, int *err)
+{
+    char magic[5];
+    int bytes_read;
+
+    /* Read in the string that should be at the start of a HP file */
+    file_seek(wth->fh, 0, SEEK_SET);
+    errno = WTAP_ERR_CANT_READ;
+    bytes_read = file_read(magic, 1, 5, wth->fh);
+    if (bytes_read != 5) {
+	if (file_error(wth->fh)) {
+	    *err = errno;
+	    return -1;
+	}
+	return 0;
+    }
+
+    if (memcmp(magic, nettl_magic, 5)) {
+	return 0;
+    }
+
+    file_seek(wth->fh, 0x80, SEEK_SET);
+    wth->data_offset = 0x80;
+
+    /* This is an nettl file */
+    wth->file_type = WTAP_FILE_NETTL;
+    wth->capture.nettl = g_malloc(sizeof(nettl_t));
+    wth->subtype_read = nettl_read;
+    wth->snapshot_length = 16384;	/* not available in header, only in frame */
+
+    wth->capture.nettl->start = 0;
+
+    wth->file_encap = WTAP_ENCAP_LAPB;
+
+    return 1;
+}
+
+/* Read the next packet */
+static int nettl_read(wtap *wth, int *err)
+{
+    int	bytes_read;
+    struct nettlrec_hdr hdr;
+    guint16 length;
+    int	data_offset;
+
+    /* Read record header. */
+    errno = WTAP_ERR_CANT_READ;
+    bytes_read = file_read(&hdr, 1, sizeof hdr, wth->fh);
+    if (bytes_read != sizeof hdr) {
+	if (file_error(wth->fh)) {
+	    *err = errno;
+	    return -1;
+	}
+	if (bytes_read != 0) {
+	    *err = WTAP_ERR_SHORT_READ;
+	    return -1;
+	}
+	return 0;
+    }
+    wth->data_offset += sizeof hdr;
+    length = pntohs(&hdr.length);
+    if (length <= 0) return 0;
+
+    wth->phdr.len = length;
+    wth->phdr.caplen = length;
+
+    wth->phdr.ts.tv_sec = pntohl(&hdr.sec);
+    wth->phdr.ts.tv_usec = pntohl(&hdr.usec);
+    if (wth->capture.nettl->start == 0)
+	wth->capture.nettl->start = wth->phdr.ts.tv_sec;
+    wth->phdr.pseudo_header.x25.flags = (hdr.from_dce & 0x20 ? 0x80 : 0x00);
+
+    /*
+     * Read the packet data.
+     */
+    buffer_assure_space(wth->frame_buffer, length);
+    data_offset = wth->data_offset;
+    errno = WTAP_ERR_CANT_READ;
+    bytes_read = file_read(buffer_start_ptr(wth->frame_buffer), 1,
+	    length, wth->fh);
+
+    if (bytes_read != length) {
+	if (file_error(wth->fh))
+	    *err = errno;
+	else
+	    *err = WTAP_ERR_SHORT_READ;
+	return -1;
+    }
+    wth->data_offset += length;
+
+    wth->phdr.pkt_encap = wth->file_encap;
+
+    return data_offset;
+}
diff --git a/wiretap/nettl.h b/wiretap/nettl.h
new file mode 100644
index 0000000000..9fea9dfc26
--- /dev/null
+++ b/wiretap/nettl.h
@@ -0,0 +1,22 @@
+/* nettl.h
+ *
+ * Wiretap Library
+ * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
+ * 
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ */
+
+int nettl_open(wtap *wth, int *err);
diff --git a/wiretap/wtap.c b/wiretap/wtap.c
index bc293567af..6f4f67b849 100644
--- a/wiretap/wtap.c
+++ b/wiretap/wtap.c
@@ -1,6 +1,6 @@
 /* wtap.c
  *
- * $Id: wtap.c,v 1.25 1999/10/06 03:29:35 guy Exp $
+ * $Id: wtap.c,v 1.26 1999/10/18 01:51:32 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -98,6 +98,9 @@ const char *wtap_file_type_string(wtap *wth)
 		case WTAP_FILE_ASCEND:
 			return "Lucent/Ascend access server trace";
 
+		case WTAP_FILE_NETTL:
+			return "HP-UX nettl traces";
+
 		default:
 			g_error("Unknown capture file type %d", wth->file_type);
 			return NULL;
@@ -184,6 +187,10 @@ void wtap_close(wtap *wth)
 			g_free(wth->capture.ascend);
 			break;
 
+		case WTAP_FILE_NETTL:
+			g_free(wth->capture.nettl);
+			break;
+
 		/* default:
 			 nothing */
 	}
diff --git a/wiretap/wtap.h b/wiretap/wtap.h
index 5ca5d8edfb..06b78d8f95 100644
--- a/wiretap/wtap.h
+++ b/wiretap/wtap.h
@@ -1,6 +1,6 @@
 /* wtap.h
  *
- * $Id: wtap.h,v 1.43 1999/10/06 03:29:36 guy Exp $
+ * $Id: wtap.h,v 1.44 1999/10/18 01:51:33 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -93,7 +93,7 @@
 #define WTAP_ENCAP_ASCEND				14
 
 /* last WTAP_ENCAP_ value + 1 */
-#define WTAP_NUM_ENCAP_TYPES			15
+#define WTAP_NUM_ENCAP_TYPES			16
 
 /* File types that can be read by wiretap.
    We may eventually support writing some or all of these file types,
@@ -112,6 +112,7 @@
 #define WTAP_FILE_NETXRAY_2_001			12
 #define WTAP_FILE_RADCOM			13
 #define WTAP_FILE_ASCEND			14
+#define WTAP_FILE_NETTL				15
 
 /*
  * Maximum packet size we'll support.
@@ -150,6 +151,10 @@ typedef struct {
 
 typedef struct {
 	time_t	start;
+} nettl_t;
+
+typedef struct {
+	time_t	start;
 } lanalyzer_t;
 
 typedef struct {
@@ -305,6 +310,7 @@ typedef struct wtap {
 		lanalyzer_t		*lanalyzer;
 		ngsniffer_t		*ngsniffer;
 		radcom_t		*radcom;
+		nettl_t			*nettl;
 		netmon_t		*netmon;
 		netxray_t		*netxray;
 		ascend_t		*ascend;