Age | Commit message (Collapse) | Author | Files | Lines |
|
Only use proto_tree_add_bytes_item() if you
1) are processing a hex string rather than binary byte array;
2) need the raw byte data.
While we're at it, fix the encoding argument in some calls adding
FT_BYTES fields to be ENC_NA, and, for some cases that could use
FT_UINT_BYTES, use proto_tree_add_item_ret_uint() to handle the length
and add a comment about that.
Change-Id: I6a1baca5c7da3001c0a6669f9c251e9773346c8c
Reviewed-on: https://code.wireshark.org/review/36967
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Kernel can now send a flow action cookie in drop monitor medatada.
Implement support for it.
Change-Id: If486c68bf334f81315d3c3f230bc4932e704e1a8
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
Reviewed-on: https://code.wireshark.org/review/36254
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iafdfdea407112c9e1aa6be61f3624aa7f028f77b
Reviewed-on: https://code.wireshark.org/review/35790
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This change fixes the problem of value retrieval being done:
1. without regard for the declared encoding,
2. multiple times, for addition to other tree items.
The first issue can result in two different representations of the
same field. The second is an optimization, and a way to make sure
a consistent interpretation of the protocol field is made.
Change-Id: Id521f4deafe381322195b1eb998138efcaa51f30
Reviewed-on: https://code.wireshark.org/review/35745
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The new proto tree API uses mapping macros to map calls to the
proto_tree_add_* functions. These were defined for the up til then
in use functions. In the mean time functions have been added and
workarounds for non mapped functions were used.
This change adds the missing mapping macros so that now all
proto_tree_add_* functions taking a hfi address are mapped properly.
Also fix two dissectors that failed the mapping.
Change-Id: I91d800439fe2c4487ca53c00c44d7aa46ce70e1d
Reviewed-on: https://code.wireshark.org/review/35743
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
The underlying netlink dissector sets up a data structure to help maintain
information about the netlink packet. This contains the encoding information
as determined for this packet. Use this value in place of the copy that
every netlink dissector makes in its private data structure.
As a consequence the encoding field can be removed from these private data
structures. Since the encoding field is now directly available from the
data structure setup by the underlying netlink dissector, the private data
structures also do not need to keep a pointer to this underlying netlink
dissector data structure.
This change replaces the use of the local copy of encoding with the
original one. This change, by extension, also removes the encoding field and
the pointer to the underlying netlink dissector data structure as these are
no longer needed. The exception is the generic netlink dissector, which
implements the dynamic netlink famiily subdissector table.
Change-Id: Ida0065379c19ae68caf6d87860828b48766c1998
Reviewed-on: https://code.wireshark.org/review/35698
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The underlying netlink dissector sets up a data structure to help maintain
information about this netlink packet. It gets passed through the familiy
specific netlink dissectors private data structures to reappear when
support funtions of the underlying netlink dissector are needed. In the
mean time a copy of data (the value 'encoding' to be precise) in this
structure is also maintained in these familiy specific netlink dissectors,
adding to the confusion.
This change is to make the underlying netlink dissector data structure
a normal part of the function interfaces, so that it is present without
being dependant on another private data structure.
This change is a first step towards removing the unnessesary copy of the
encoding value.
Change-Id: I69e78a2b15e58e149e82e89c19e519ef041ee6b1
Reviewed-on: https://code.wireshark.org/review/35688
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Changes consist of:
- Addition of new enum values
- Header file references now point to kernel sources
- Dissection of few more fields
- Fixes to some dissections
Change-Id: I4cda045153ab0971b0b09ce59a7363238fe627ee
Reviewed-on: https://code.wireshark.org/review/35571
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The Linux kernel includes a module called drop monitor which -
unsurprisingly - monitors packet drops.
Once enabled, the module will periodically send netlink notifications to
user space over generic netlink. Historically, these notifications only
included the program counter where the drop occurred and the number of
packets that were dropped in this location in the last interval.
Patches in net-next (queued for Linux kernel 5.4) extend drop monitor
with another mode of operation where the dropped packets themselves are
sent to user space along with relevant metadata as netlink
notifications. This allows users to perform a more detailed analysis of
the dropped packets.
This patch adds a dissector for these netlink packets. The dissector is
expected to be invoked by the generic netlink dissector and during its
hand off routine it adds an entry in the 'genl.family' dissector table.
The various netlink attributes are dissected by calling
dissect_netlink_attributes(), in a similar fashion to the rtnetlink
dissector. The dropped packet itself is encoded in the netlink attribute
'NET_DM_ATTR_PAYLOAD' and dissected by invoking a dissector from the
'sll.ltype' dissector table based on the packet's protocol which is
encoded in the 'NET_DM_ATTR_PROTO' attribute.
Bug: 16018
Change-Id: I10bfa4b9c9d8f5e82769c250f929f74693142a23
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/34351
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|