diff options
author | Guy Harris <guy@alum.mit.edu> | 1999-10-18 01:51:34 +0000 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 1999-10-18 01:51:34 +0000 |
commit | dbd1955d62538097dcad85350f60f40849402190 (patch) | |
tree | 8a47a962a70fa20b6a2bc6460536ebe8f06f4003 /wiretap | |
parent | a0120ff1826a31acfa7f7bd22fb774d2626cac4f (diff) |
Olivier Abad's patches to add:
more display filters for X.25;
no LCN in X.25 RESTART / DIAGNOSTIC / REGISTRATION packets;
support for nettl file format (nettl is a trace tool for HP-UX).
For now, it only supports traces for X.25 interfaces (tested
with HP-UX 10.20).
svn path=/trunk/; revision=879
Diffstat (limited to 'wiretap')
-rw-r--r-- | wiretap/Makefile.am | 4 | ||||
-rw-r--r-- | wiretap/file.c | 6 | ||||
-rw-r--r-- | wiretap/nettl.c | 147 | ||||
-rw-r--r-- | wiretap/nettl.h | 22 | ||||
-rw-r--r-- | wiretap/wtap.c | 9 | ||||
-rw-r--r-- | wiretap/wtap.h | 10 |
6 files changed, 192 insertions, 6 deletions
diff --git a/wiretap/Makefile.am b/wiretap/Makefile.am index 84d811dc5c..37a628408e 100644 --- a/wiretap/Makefile.am +++ b/wiretap/Makefile.am @@ -1,7 +1,7 @@ # Makefile.am # Automake file for Wiretap # -# $Id: Makefile.am,v 1.22 1999/10/08 07:41:31 guy Exp $ +# $Id: Makefile.am,v 1.23 1999/10/18 01:51:32 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs <gerald@zing.org> @@ -48,6 +48,8 @@ libwiretap_a_SOURCES = \ libpcap.h \ netmon.c \ netmon.h \ + nettl.c \ + nettl.h \ netxray.c \ netxray.h \ ngsniffer.c \ diff --git a/wiretap/file.c b/wiretap/file.c index 7a24ab3a05..dc95eec2a4 100644 --- a/wiretap/file.c +++ b/wiretap/file.c @@ -1,6 +1,6 @@ /* file.c * - * $Id: file.c,v 1.25 1999/10/05 07:06:05 guy Exp $ + * $Id: file.c,v 1.26 1999/10/18 01:51:34 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -36,6 +36,7 @@ #include "ngsniffer.h" #include "radcom.h" #include "ascend.h" +#include "nettl.h" #include "libpcap.h" #include "snoop.h" #include "iptrace.h" @@ -68,7 +69,8 @@ static int (*open_routines[])(wtap *, int *) = { netmon_open, netxray_open, radcom_open, - ascend_open + ascend_open, + nettl_open }; int wtap_def_seek_read (FILE *fh, int seek_off, guint8 *pd, int len) diff --git a/wiretap/nettl.c b/wiretap/nettl.c new file mode 100644 index 0000000000..e2cf17f88b --- /dev/null +++ b/wiretap/nettl.c @@ -0,0 +1,147 @@ +/* nettl.c + * + * Wiretap Library + * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <stdlib.h> +#include <errno.h> +#include <time.h> +#include "wtap.h" +#include "file.h" +#include "buffer.h" +#include "nettl.h" + +static char nettl_magic[5] = { + 0x54, 0x52, 0x00, 0x64, 0x00 +}; + +/* HP nettl record header - The FCS is not included in the file. */ +struct nettlrec_hdr { + char xxa[12]; + char from_dce; + char xxb[55]; + guint16 length; + guint16 length2; /* don't know which one is captured length / real length */ + char xxc[4]; + char sec[4]; + char usec[4]; + char xxd[4]; +}; + +/* header is followed by data and once again the total length (2 bytes) ! */ + +static int nettl_read(wtap *wth, int *err); + +int nettl_open(wtap *wth, int *err) +{ + char magic[5]; + int bytes_read; + + /* Read in the string that should be at the start of a HP file */ + file_seek(wth->fh, 0, SEEK_SET); + errno = WTAP_ERR_CANT_READ; + bytes_read = file_read(magic, 1, 5, wth->fh); + if (bytes_read != 5) { + if (file_error(wth->fh)) { + *err = errno; + return -1; + } + return 0; + } + + if (memcmp(magic, nettl_magic, 5)) { + return 0; + } + + file_seek(wth->fh, 0x80, SEEK_SET); + wth->data_offset = 0x80; + + /* This is an nettl file */ + wth->file_type = WTAP_FILE_NETTL; + wth->capture.nettl = g_malloc(sizeof(nettl_t)); + wth->subtype_read = nettl_read; + wth->snapshot_length = 16384; /* not available in header, only in frame */ + + wth->capture.nettl->start = 0; + + wth->file_encap = WTAP_ENCAP_LAPB; + + return 1; +} + +/* Read the next packet */ +static int nettl_read(wtap *wth, int *err) +{ + int bytes_read; + struct nettlrec_hdr hdr; + guint16 length; + int data_offset; + + /* Read record header. */ + errno = WTAP_ERR_CANT_READ; + bytes_read = file_read(&hdr, 1, sizeof hdr, wth->fh); + if (bytes_read != sizeof hdr) { + if (file_error(wth->fh)) { + *err = errno; + return -1; + } + if (bytes_read != 0) { + *err = WTAP_ERR_SHORT_READ; + return -1; + } + return 0; + } + wth->data_offset += sizeof hdr; + length = pntohs(&hdr.length); + if (length <= 0) return 0; + + wth->phdr.len = length; + wth->phdr.caplen = length; + + wth->phdr.ts.tv_sec = pntohl(&hdr.sec); + wth->phdr.ts.tv_usec = pntohl(&hdr.usec); + if (wth->capture.nettl->start == 0) + wth->capture.nettl->start = wth->phdr.ts.tv_sec; + wth->phdr.pseudo_header.x25.flags = (hdr.from_dce & 0x20 ? 0x80 : 0x00); + + /* + * Read the packet data. + */ + buffer_assure_space(wth->frame_buffer, length); + data_offset = wth->data_offset; + errno = WTAP_ERR_CANT_READ; + bytes_read = file_read(buffer_start_ptr(wth->frame_buffer), 1, + length, wth->fh); + + if (bytes_read != length) { + if (file_error(wth->fh)) + *err = errno; + else + *err = WTAP_ERR_SHORT_READ; + return -1; + } + wth->data_offset += length; + + wth->phdr.pkt_encap = wth->file_encap; + + return data_offset; +} diff --git a/wiretap/nettl.h b/wiretap/nettl.h new file mode 100644 index 0000000000..9fea9dfc26 --- /dev/null +++ b/wiretap/nettl.h @@ -0,0 +1,22 @@ +/* nettl.h + * + * Wiretap Library + * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +int nettl_open(wtap *wth, int *err); diff --git a/wiretap/wtap.c b/wiretap/wtap.c index bc293567af..6f4f67b849 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -1,6 +1,6 @@ /* wtap.c * - * $Id: wtap.c,v 1.25 1999/10/06 03:29:35 guy Exp $ + * $Id: wtap.c,v 1.26 1999/10/18 01:51:32 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -98,6 +98,9 @@ const char *wtap_file_type_string(wtap *wth) case WTAP_FILE_ASCEND: return "Lucent/Ascend access server trace"; + case WTAP_FILE_NETTL: + return "HP-UX nettl traces"; + default: g_error("Unknown capture file type %d", wth->file_type); return NULL; @@ -184,6 +187,10 @@ void wtap_close(wtap *wth) g_free(wth->capture.ascend); break; + case WTAP_FILE_NETTL: + g_free(wth->capture.nettl); + break; + /* default: nothing */ } diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 5ca5d8edfb..06b78d8f95 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.43 1999/10/06 03:29:36 guy Exp $ + * $Id: wtap.h,v 1.44 1999/10/18 01:51:33 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -93,7 +93,7 @@ #define WTAP_ENCAP_ASCEND 14 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 15 +#define WTAP_NUM_ENCAP_TYPES 16 /* File types that can be read by wiretap. We may eventually support writing some or all of these file types, @@ -112,6 +112,7 @@ #define WTAP_FILE_NETXRAY_2_001 12 #define WTAP_FILE_RADCOM 13 #define WTAP_FILE_ASCEND 14 +#define WTAP_FILE_NETTL 15 /* * Maximum packet size we'll support. @@ -150,6 +151,10 @@ typedef struct { typedef struct { time_t start; +} nettl_t; + +typedef struct { + time_t start; } lanalyzer_t; typedef struct { @@ -305,6 +310,7 @@ typedef struct wtap { lanalyzer_t *lanalyzer; ngsniffer_t *ngsniffer; radcom_t *radcom; + nettl_t *nettl; netmon_t *netmon; netxray_t *netxray; ascend_t *ascend; |