diff options
-rw-r--r-- | epan/dissectors/packet-frame.c | 19 | ||||
-rw-r--r-- | epan/dissectors/packet-mtp2.c | 15 | ||||
-rw-r--r-- | epan/packet.c | 33 | ||||
-rw-r--r-- | epan/packet_info.h | 6 | ||||
-rw-r--r-- | wiretap/libpcap.c | 114 | ||||
-rw-r--r-- | wiretap/wtap.c | 3 | ||||
-rw-r--r-- | wiretap/wtap.h | 15 |
7 files changed, 180 insertions, 25 deletions
diff --git a/epan/dissectors/packet-frame.c b/epan/dissectors/packet-frame.c index 3630d8aa43..a64491fe09 100644 --- a/epan/dissectors/packet-frame.c +++ b/epan/dissectors/packet-frame.c @@ -46,6 +46,7 @@ static int hf_frame_p2p_dir = -1; static int hf_frame_file_off = -1; static int hf_frame_marked = -1; static int hf_frame_ref_time = -1; +static int hf_link_number = -1; static int hf_frame_protocols = -1; static int proto_short = -1; @@ -107,6 +108,14 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) pinfo->p2p_dir = pinfo->pseudo_header->isdn.uton ? P2P_DIR_SENT : P2P_DIR_RECV; break; + case WTAP_ENCAP_MTP2_WITH_PHDR: + pinfo->p2p_dir = pinfo->pseudo_header->mtp2.sent ? + P2P_DIR_SENT : P2P_DIR_RECV; + pinfo->link_number = pinfo->pseudo_header->mtp2.link_number; + pinfo->annex_a_used = pinfo->pseudo_header->mtp2.annex_a_used ? + MTP2_ANNEX_A_USED : MTP2_ANNEX_A_NOT_USED; + break; + } } @@ -191,6 +200,12 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) 0, 0, pinfo->p2p_dir); } + /* Check for existences of MTP2 link number */ + if ((pinfo->pseudo_header != NULL ) && (pinfo->fd->lnk_t == WTAP_ENCAP_MTP2_WITH_PHDR)) { + proto_tree_add_uint(fh_tree, hf_link_number, tvb, + 0, 0, pinfo->link_number); + } + if (show_file_off) { proto_tree_add_int_format(fh_tree, hf_frame_file_off, tvb, 0, 0, pinfo->fd->file_off, @@ -326,6 +341,10 @@ proto_register_frame(void) { "Point-to-Point Direction", "frame.p2p_dir", FT_UINT8, BASE_DEC, VALS(p2p_dirs), 0x0, "", HFILL }}, + { &hf_link_number, + { "Link Number", "frame.link_nr", FT_UINT16, BASE_DEC, NULL, 0x0, + "", HFILL }}, + { &hf_frame_file_off, { "File Offset", "frame.file_off", FT_INT32, BASE_DEC, NULL, 0x0, "", HFILL }}, diff --git a/epan/dissectors/packet-mtp2.c b/epan/dissectors/packet-mtp2.c index e643f60dfa..7d4618be15 100644 --- a/epan/dissectors/packet-mtp2.c +++ b/epan/dissectors/packet-mtp2.c @@ -61,7 +61,8 @@ static gint ett_mtp2 = -1; static dissector_handle_t mtp3_handle; static int mtp3_proto_id; -static gboolean use_extended_sequence_numbers = FALSE; +static gboolean use_extended_sequence_numbers_default = FALSE; +static gboolean use_extended_sequence_numbers = FALSE; #define BSN_BIB_LENGTH 1 #define FSN_FIB_LENGTH 1 @@ -222,9 +223,14 @@ dissect_mtp2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) proto_item *mtp2_item = NULL; proto_tree *mtp2_tree = NULL; + if (pinfo->annex_a_used == MTP2_ANNEX_A_USED_UNKNOWN) + use_extended_sequence_numbers = use_extended_sequence_numbers_default; + else + use_extended_sequence_numbers = (pinfo->annex_a_used == MTP2_ANNEX_A_USED); + if (check_col(pinfo->cinfo, COL_PROTOCOL)) col_set_str(pinfo->cinfo, COL_PROTOCOL, "MTP2"); - + if (tree) { mtp2_item = proto_tree_add_item(tree, proto_mtp2, tvb, 0, -1, FALSE); mtp2_tree = proto_item_add_subtree(mtp2_item, ett_mtp2); @@ -271,8 +277,8 @@ proto_register_mtp2(void) prefs_register_bool_preference(mtp2_module, "use_extended_sequence_numbers", "Use extended sequence numbers", - "Whether the MTP2 dissector should use extended sequence numbers as described in Q.703, Annex A", - &use_extended_sequence_numbers); + "Whether the MTP2 dissector should use extended sequence numbers as described in Q.703, Annex A as a default.", + &use_extended_sequence_numbers_default); } @@ -285,6 +291,7 @@ proto_reg_handoff_mtp2(void) mtp2_handle = create_dissector_handle(dissect_mtp2, proto_mtp2); dissector_add("wtap_encap", WTAP_ENCAP_MTP2, mtp2_handle); + dissector_add("wtap_encap", WTAP_ENCAP_MTP2_WITH_PHDR, mtp2_handle); mtp3_handle = find_dissector("mtp3"); mtp3_proto_id = proto_get_id_by_filter_name("mtp3"); diff --git a/epan/packet.c b/epan/packet.c index db3f2a7591..9f2ca913fb 100644 --- a/epan/packet.c +++ b/epan/packet.c @@ -305,19 +305,21 @@ dissect_packet(epan_dissect_t *edt, union wtap_pseudo_header *pseudo_header, edt->pi.want_pdu_tracking = 0; edt->pi.p2p_dir = P2P_DIR_UNKNOWN; edt->pi.private_data = NULL; - edt->pi.oxid = 0; - edt->pi.rxid = 0; - edt->pi.r_ctl = 0; - edt->pi.src_idx = 0; - edt->pi.dst_idx = 0; - edt->pi.vsan = 0; - edt->pi.dcectxid = 0; - edt->pi.dcetransporttype = -1; + edt->pi.oxid = 0; + edt->pi.rxid = 0; + edt->pi.r_ctl = 0; + edt->pi.src_idx = 0; + edt->pi.dst_idx = 0; + edt->pi.vsan = 0; + edt->pi.dcectxid = 0; + edt->pi.dcetransporttype = -1; edt->pi.decrypt_gssapi_tvb = 0; edt->pi.gssapi_wrap_tvb = NULL; edt->pi.gssapi_encrypted_tvb = NULL; edt->pi.gssapi_decrypted_tvb = NULL; - edt->pi.layer_names = NULL; + edt->pi.layer_names = NULL; + edt->pi.link_number = 0; + edt->pi.annex_a_used = MTP2_ANNEX_A_USED_UNKNOWN; TRY { edt->tvb = tvb_new_real_data(pd, fd->cap_len, fd->pkt_len); @@ -336,13 +338,12 @@ dissect_packet(epan_dissect_t *edt, union wtap_pseudo_header *pseudo_header, g_assert_not_reached(); } CATCH(ReportedBoundsError) { - if(proto_malformed != -1){ - proto_tree_add_protocol_format(edt->tree, proto_malformed, edt->tvb, 0, 0, - "[Malformed Frame: Packet Length]" ); - } - else { - g_assert_not_reached(); - } + if(proto_malformed != -1){ + proto_tree_add_protocol_format(edt->tree, proto_malformed, edt->tvb, 0, 0, + "[Malformed Frame: Packet Length]" ); + } else { + g_assert_not_reached(); + } } ENDTRY; diff --git a/epan/packet_info.h b/epan/packet_info.h index f71cf15082..da5d17ac2e 100644 --- a/epan/packet_info.h +++ b/epan/packet_info.h @@ -33,6 +33,10 @@ #define P2P_DIR_SENT 0 #define P2P_DIR_RECV 1 +#define MTP2_ANNEX_A_USED_UNKNOWN -1 +#define MTP2_ANNEX_A_NOT_USED 0 +#define MTP2_ANNEX_A_USED 1 + #define PINFO_SOF_FIRST_FRAME 0x1 #define PINFO_SOF_SOFF 0x2 #define PINFO_EOF_LAST_FRAME 0x80 @@ -154,6 +158,8 @@ typedef struct _packet_info { */ void *private_data; /* pointer to data passed from one dissector to another */ GString *layer_names; /* layers of each protocol */ + guint16 link_number; + gchar annex_a_used; } packet_info; #endif /* __PACKET_INFO_H__ */ diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index 33b3bcc53b..25c741b0c9 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -72,6 +72,15 @@ struct irda_sll_hdr { guint16 sll_protocol; /* protocol, should be 0x0017 */ }; +/* + * A header containing additional MTP information. + */ +struct mtp2_hdr { + guint8 sent; + guint8 annex_a_used; + guint16 link_number; +}; + /* See source to the "libpcap" library for information on the "libpcap" file format. */ @@ -106,6 +115,10 @@ static gboolean libpcap_get_irda_pseudoheader(const struct irda_sll_hdr *irda_ph union wtap_pseudo_header *pseudo_header, int *err, gchar **err_info); static gboolean libpcap_read_irda_pseudoheader(FILE_T fh, union wtap_pseudo_header *pseudo_header, int *err, gchar **err_info); +static gboolean libpcap_get_mtp2_pseudoheader(const struct mtp2_hdr *mtp2_hdr, + union wtap_pseudo_header *pseudo_header); +static gboolean libpcap_read_mtp2_pseudoheader(FILE_T fh, + union wtap_pseudo_header *pseudo_header, int *err, gchar **err_info); static gboolean libpcap_read_rec_data(FILE_T fh, guchar *pd, int length, int *err); static void libpcap_close(wtap *wth); @@ -305,8 +318,7 @@ static const struct { { 138, WTAP_ENCAP_APPLE_IP_OVER_IEEE1394 }, /* Apple IP-over-IEEE 1394 */ - /* 139 is reserved for SS7 */ - + { 139, WTAP_ENCAP_MTP2_WITH_PHDR }, { 140, WTAP_ENCAP_MTP2 }, { 141, WTAP_ENCAP_MTP3 }, { 143, WTAP_ENCAP_DOCSIS }, @@ -1214,6 +1226,28 @@ static gboolean libpcap_read(wtap *wth, int *err, gchar **err_info, packet_size -= sizeof (struct irda_sll_hdr); wth->data_offset += sizeof (struct irda_sll_hdr); break; + case WTAP_ENCAP_MTP2_WITH_PHDR: + if (packet_size < sizeof (struct mtp2_hdr)) { + /* + * Uh-oh, the packet isn't big enough to even + * have a pseudo-header. + */ + *err = WTAP_ERR_BAD_RECORD; + *err_info = g_strdup_printf("libpcap: MTP2 file has a %u-byte packet, too small to have even an MTP2 pseudo-header\n", + packet_size); + return FALSE; + } + if (!libpcap_read_mtp2_pseudoheader(wth->fh, &wth->pseudo_header, + err, err_info)) + return FALSE; /* Read error */ + + /* + * Don't count the pseudo-header as part of the packet. + */ + orig_size -= sizeof (struct mtp2_hdr); + packet_size -= sizeof (struct mtp2_hdr); + wth->data_offset += sizeof (struct mtp2_hdr); + break; } buffer_assure_space(wth->frame_buffer, packet_size); @@ -1313,6 +1347,13 @@ libpcap_seek_read(wtap *wth, long seek_off, return FALSE; } break; + case WTAP_ENCAP_MTP2_WITH_PHDR: + if (!libpcap_read_mtp2_pseudoheader(wth->random_fh, pseudo_header, + err, err_info)) { + /* Read error */ + return FALSE; + } + break; } /* @@ -1637,6 +1678,35 @@ libpcap_read_irda_pseudoheader(FILE_T fh, union wtap_pseudo_header *pseudo_heade } static gboolean +libpcap_get_mtp2_pseudoheader(const struct mtp2_hdr *mtp2_hdr, union wtap_pseudo_header *pseudo_header) +{ + pseudo_header->mtp2.sent = mtp2_hdr->sent; + pseudo_header->mtp2.annex_a_used = mtp2_hdr->annex_a_used; + pseudo_header->mtp2.link_number = pntohs(&mtp2_hdr->link_number); + + return TRUE; +} + +static gboolean +libpcap_read_mtp2_pseudoheader(FILE_T fh, union wtap_pseudo_header *pseudo_header, int *err, gchar **err_info _U_) +{ + struct mtp2_hdr mtp2_hdr; + int bytes_read; + + errno = WTAP_ERR_CANT_READ; + bytes_read = file_read(&mtp2_hdr, 1, sizeof (struct mtp2_hdr), fh); + if (bytes_read != sizeof (struct mtp2_hdr)) { + *err = file_error(fh); + if (*err == 0) + *err = WTAP_ERR_SHORT_READ; + return FALSE; + } + + return libpcap_get_mtp2_pseudoheader(&mtp2_hdr, pseudo_header); + +} + +static gboolean libpcap_read_rec_data(FILE_T fh, guchar *pd, int length, int *err) { int bytes_read; @@ -1800,6 +1870,27 @@ wtap_process_pcap_packet(gint linktype, const struct pcap_pkthdr *phdr, whdr->caplen -= sizeof (struct irda_sll_hdr); pd += sizeof (struct irda_sll_hdr); } + else if (linktype == WTAP_ENCAP_MTP2_WITH_PHDR) { + if (whdr->caplen < sizeof (struct mtp2_hdr)) { + /* + * Uh-oh, the packet isn't big enough to even + * have a pseudo-header. + */ + g_message("libpcap: MTP2 capture has a %u-byte packet, too small to have even an MTP2 pseudo-header\n", + whdr->caplen); + *err = WTAP_ERR_BAD_RECORD; + return NULL; + } + if (!libpcap_get_mtp2_pseudoheader((const struct mtp2_hdr *)pd, pseudo_header)) + return NULL; + + /* + * Don't count the pseudo-header as part of the packet. + */ + whdr->len -= sizeof (struct mtp2_hdr); + whdr->caplen -= sizeof (struct mtp2_hdr); + pd += sizeof (struct mtp2_hdr); + } return pd; } #endif @@ -1905,6 +1996,7 @@ static gboolean libpcap_dump(wtap_dumper *wdh, size_t nwritten; struct sunatm_hdr atm_hdr; struct irda_sll_hdr irda_hdr; + struct mtp2_hdr mtp2_hdr; int hdrsize; if (wdh->encap == WTAP_ENCAP_ATM_PDUS) @@ -2049,6 +2141,24 @@ static gboolean libpcap_dump(wtap_dumper *wdh, } wdh->bytes_dumped += sizeof(irda_hdr); } + else if (wdh->encap == WTAP_ENCAP_MTP2_WITH_PHDR) { + /* + * Write the MTP2 header. + */ + memset(&mtp2_hdr, 0, sizeof(mtp2_hdr)); + mtp2_hdr.sent = pseudo_header->mtp2.sent; + mtp2_hdr.annex_a_used = pseudo_header->mtp2.annex_a_used; + mtp2_hdr.link_number = phtons(&pseudo_header->mtp2.link_number); + nwritten = fwrite(&mtp2_hdr, 1, sizeof(mtp2_hdr), wdh->fh); + if (nwritten != sizeof(mtp2_hdr)) { + if (nwritten == 0 && ferror(wdh->fh)) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + wdh->bytes_dumped += sizeof(mtp2_hdr); + } nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh); if (nwritten != phdr->caplen) { diff --git a/wiretap/wtap.c b/wiretap/wtap.c index 9c5ff2042c..77daab6500 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -284,6 +284,9 @@ static const struct encap_type_info { /* WTAP_ENCAP_NETTL_UNKNOWN */ { "Unknown link-layer type with nettl headers", "unknown-nettl" }, + + /* WTAP_ENCAP_MTP2_WITH_PHDR */ + { "MTP2 with pseudoheader", "mtp2-with-phdr" }, }; /* Name that should be somewhat descriptive. */ diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 85b3030a14..4fbc13b499 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -164,9 +164,9 @@ #define WTAP_ENCAP_NETTL_TOKEN_RING 73 #define WTAP_ENCAP_NETTL_FDDI 74 #define WTAP_ENCAP_NETTL_UNKNOWN 75 - +#define WTAP_ENCAP_MTP2_WITH_PHDR 76 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 76 +#define WTAP_NUM_ENCAP_TYPES 77 /* File types that can be read by wiretap. We support writing some many of these file types, too, so we @@ -428,7 +428,7 @@ struct irda_phdr { }; /* Packet "pseudo-header" for nettl (HP-UX) capture files. */ - + struct nettl_phdr { guint16 subsys; guint32 devid; @@ -437,6 +437,14 @@ struct nettl_phdr { gint16 uid; }; +/* Packet "pseudo-header" for MTP2 files. */ + +struct mtp2_phdr { + guint8 sent; + guint8 annex_a_used; + guint16 link_number; +}; + union wtap_pseudo_header { struct eth_phdr eth; struct x25_phdr x25; @@ -448,6 +456,7 @@ union wtap_pseudo_header { struct cosine_phdr cosine; struct irda_phdr irda; struct nettl_phdr nettl; + struct mtp2_phdr mtp2; }; struct wtap_pkthdr { |