From 24623bdff3727c98d9662d6ef183883b8b114be9 Mon Sep 17 00:00:00 2001 From: Pascal Quantin Date: Mon, 17 Jun 2013 21:54:21 +0000 Subject: More PDU export work: - add automatic export of port type when exporting a source / destination port - add export of SCTP PPID (usefulness to be checked) - fix some field size svn path=/trunk/; revision=49989 --- epan/dissectors/packet-exported_pdu.c | 33 +++++++-- epan/exported_pdu.c | 128 ++++++++++++++++++++++++++-------- epan/exported_pdu.h | 24 ++++--- epan/to_str.c | 22 ++++++ epan/to_str.h | 2 + plugins/stats_tree/pinfo_stats_tree.c | 18 +---- 6 files changed, 167 insertions(+), 60 deletions(-) diff --git a/epan/dissectors/packet-exported_pdu.c b/epan/dissectors/packet-exported_pdu.c index 3a883f1975..fd6a000147 100644 --- a/epan/dissectors/packet-exported_pdu.c +++ b/epan/dissectors/packet-exported_pdu.c @@ -43,8 +43,10 @@ static int hf_exported_pdu_ipv4_src = -1; static int hf_exported_pdu_ipv4_dst = -1; static int hf_exported_pdu_ipv6_src = -1; static int hf_exported_pdu_ipv6_dst = -1; +static int hf_exported_pdu_port_type = -1; static int hf_exported_pdu_src_port = -1; static int hf_exported_pdu_dst_port = -1; +static int hf_exported_pdu_sctp_ppid = -1; static int hf_exported_pdu_orig_fno = -1; @@ -66,6 +68,7 @@ static const value_string exported_pdu_tag_vals[] = { { EXP_PDU_TAG_IPV6_SRC, "IPv6 Source Address" }, { EXP_PDU_TAG_IPV6_DST, "IPv6 Destination Address" }, + { EXP_PDU_TAG_PORT_TYPE, "Port Type" }, { EXP_PDU_TAG_SRC_PORT, "Source Port" }, { EXP_PDU_TAG_DST_PORT, "Destination Port" }, @@ -87,6 +90,7 @@ dissect_exported_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) proto_tree *exported_pdu_tree, *tag_tree; tvbuff_t * payload_tvb = NULL; int offset = 0; + guint number_of_ppids = 0; guint16 tag; int tag_len; int next_proto_type = -1; @@ -139,6 +143,11 @@ dissect_exported_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) SET_ADDRESS(&pinfo->net_dst, AT_IPv6, 16, dst_addr); SET_ADDRESS(&pinfo->dst, AT_IPv6, 16, dst_addr); break; + case EXP_PDU_TAG_PORT_TYPE: + pinfo->ptype = (port_type)tvb_get_ntohl(tvb,offset); + proto_tree_add_uint_format_value(tag_tree, hf_exported_pdu_port_type, tvb, offset, 4, pinfo->ptype, + "%s (%u)", port_type_to_str(pinfo->ptype), pinfo->ptype); + break; case EXP_PDU_TAG_SRC_PORT: proto_tree_add_item(tag_tree, hf_exported_pdu_src_port, tvb, offset, 4, ENC_BIG_ENDIAN); pinfo->srcport = tvb_get_ntohl(tvb,offset); @@ -147,7 +156,13 @@ dissect_exported_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) proto_tree_add_item(tag_tree, hf_exported_pdu_dst_port, tvb, offset, 4, ENC_BIG_ENDIAN); pinfo->destport = tvb_get_ntohl(tvb,offset); break; - case EXP_PDU_TAG_ORIG_FNO: + case EXP_PDU_TAG_SCTP_PPID: + proto_tree_add_item(tag_tree, hf_exported_pdu_sctp_ppid, tvb, offset, 4, ENC_BIG_ENDIAN); + if (number_of_ppids < MAX_NUMBER_OF_PPIDS) { + pinfo->ppids[number_of_ppids++] = tvb_get_ntohl(tvb,offset); + } + break; + case EXP_PDU_TAG_ORIG_FNO: proto_tree_add_item(tag_tree, hf_exported_pdu_orig_fno, tvb, offset, 4, ENC_BIG_ENDIAN); break; default: @@ -223,19 +238,29 @@ proto_register_exported_pdu(void) FT_IPv6, BASE_NONE, NULL, 0, NULL, HFILL } }, + { &hf_exported_pdu_port_type, + { "Port Type", "exported_pdu.port_type", + FT_UINT32, BASE_DEC, NULL, 0, + NULL, HFILL } + }, { &hf_exported_pdu_src_port, { "Src Port", "exported_pdu.src_port", - FT_UINT16, BASE_DEC, NULL, 0, + FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL } }, { &hf_exported_pdu_dst_port, { "Dst Port", "exported_pdu.dst_port", - FT_UINT16, BASE_DEC, NULL, 0, + FT_UINT32, BASE_DEC, NULL, 0, + NULL, HFILL } + }, + { &hf_exported_pdu_sctp_ppid, + { "Original SCTP PPID", "exported_pdu.sctp_ppid", + FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL } }, { &hf_exported_pdu_orig_fno, { "Original Frame Number", "exported_pdu.orig_fno", - FT_INT32, BASE_DEC, NULL, 0, + FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL } }, }; diff --git a/epan/exported_pdu.c b/epan/exported_pdu.c index 191014d6c7..8908a575d4 100644 --- a/epan/exported_pdu.c +++ b/epan/exported_pdu.c @@ -41,7 +41,8 @@ load_export_pdu_tags(packet_info *pinfo, const char* proto_name, int wtap_encap int tag_buf_size = 0; int str_len = 0; int tag_str_len = 0; - int i = 0; + int i = 0, j; + gboolean port_type_defined = FALSE; exp_pdu_data = (exp_pdu_data_t *)g_malloc(sizeof(exp_pdu_data_t)); @@ -76,13 +77,30 @@ load_export_pdu_tags(packet_info *pinfo, const char* proto_name, int wtap_encap } if((tags_bit_field & EXP_PDU_TAG_SRC_PORT_BIT) == EXP_PDU_TAG_SRC_PORT_BIT){ + if (!port_type_defined) { + tag_buf_size= tag_buf_size + EXP_PDU_TAG_PORT_TYPE_LEN + 4; + port_type_defined = TRUE; + } tag_buf_size= tag_buf_size + EXP_PDU_TAG_SRC_PORT_LEN + 4; } if((tags_bit_field & EXP_PDU_TAG_DST_PORT_BIT) == EXP_PDU_TAG_DST_PORT_BIT){ + if (!port_type_defined) { + tag_buf_size= tag_buf_size + EXP_PDU_TAG_PORT_TYPE_LEN + 4; + } tag_buf_size= tag_buf_size + EXP_PDU_TAG_DST_PORT_LEN + 4; } + if((tags_bit_field & EXP_PDU_TAG_SCTP_PPID_BIT) == EXP_PDU_TAG_SCTP_PPID_BIT){ + for(j = 0; j < MAX_NUMBER_OF_PPIDS; j++) { + if (pinfo->ppids[j] != LAST_PPID) { + tag_buf_size= tag_buf_size + EXP_PDU_TAG_SCTP_PPID_LEN + 4; + } else { + break; + } + } + } + if((tags_bit_field & EXP_PDU_TAG_ORIG_FNO_BIT) == EXP_PDU_TAG_ORIG_FNO_BIT){ tag_buf_size= tag_buf_size + EXP_PDU_TAG_ORIG_FNO_LEN + 4; } @@ -92,6 +110,7 @@ load_export_pdu_tags(packet_info *pinfo, const char* proto_name, int wtap_encap exp_pdu_data->tlv_buffer = (guint8 *)g_malloc0(tag_buf_size); exp_pdu_data->tlv_buffer_len = tag_buf_size; + port_type_defined = FALSE; if(proto_name){ exp_pdu_data->tlv_buffer[i] = 0; @@ -158,51 +177,104 @@ load_export_pdu_tags(packet_info *pinfo, const char* proto_name, int wtap_encap } if((tags_bit_field & EXP_PDU_TAG_SRC_PORT_BIT) == EXP_PDU_TAG_SRC_PORT_BIT){ + if (!port_type_defined) { exp_pdu_data->tlv_buffer[i] = 0; i++; - exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_SRC_PORT; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_PORT_TYPE; i++; exp_pdu_data->tlv_buffer[i] = 0; i++; - exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_SRC_PORT_LEN; /* tag length */ + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_PORT_TYPE_LEN; /* tag length */ i++; - exp_pdu_data->tlv_buffer[i] = (pinfo->srcport & 0xff000000) >> 24; - exp_pdu_data->tlv_buffer[i+1] = (pinfo->srcport & 0x00ff0000) >> 16; - exp_pdu_data->tlv_buffer[i+2] = (pinfo->srcport & 0x0000ff00) >> 8; - exp_pdu_data->tlv_buffer[i+3] = (pinfo->srcport & 0x000000ff); - i = i +EXP_PDU_TAG_SRC_PORT_LEN; + exp_pdu_data->tlv_buffer[i] = (pinfo->ptype & 0xff000000) >> 24; + exp_pdu_data->tlv_buffer[i+1] = (pinfo->ptype & 0x00ff0000) >> 16; + exp_pdu_data->tlv_buffer[i+2] = (pinfo->ptype & 0x0000ff00) >> 8; + exp_pdu_data->tlv_buffer[i+3] = (pinfo->ptype & 0x000000ff); + i = i +EXP_PDU_TAG_PORT_TYPE_LEN; + port_type_defined = TRUE; + } + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_SRC_PORT; + i++; + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_SRC_PORT_LEN; /* tag length */ + i++; + exp_pdu_data->tlv_buffer[i] = (pinfo->srcport & 0xff000000) >> 24; + exp_pdu_data->tlv_buffer[i+1] = (pinfo->srcport & 0x00ff0000) >> 16; + exp_pdu_data->tlv_buffer[i+2] = (pinfo->srcport & 0x0000ff00) >> 8; + exp_pdu_data->tlv_buffer[i+3] = (pinfo->srcport & 0x000000ff); + i = i +EXP_PDU_TAG_SRC_PORT_LEN; } if((tags_bit_field & EXP_PDU_TAG_DST_PORT_BIT) == EXP_PDU_TAG_DST_PORT_BIT){ + if (!port_type_defined) { exp_pdu_data->tlv_buffer[i] = 0; i++; - exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_DST_PORT; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_PORT_TYPE; i++; exp_pdu_data->tlv_buffer[i] = 0; i++; - exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_DST_PORT_LEN; /* tag length */ + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_PORT_TYPE_LEN; /* tag length */ i++; - exp_pdu_data->tlv_buffer[i] = (pinfo->destport & 0xff000000) >> 24; - exp_pdu_data->tlv_buffer[i+1] = (pinfo->destport & 0x00ff0000) >> 16; - exp_pdu_data->tlv_buffer[i+2] = (pinfo->destport & 0x0000ff00) >> 8; - exp_pdu_data->tlv_buffer[i+3] = (pinfo->destport & 0x000000ff); - i = i +EXP_PDU_TAG_DST_PORT_LEN; + exp_pdu_data->tlv_buffer[i] = (pinfo->ptype & 0xff000000) >> 24; + exp_pdu_data->tlv_buffer[i+1] = (pinfo->ptype & 0x00ff0000) >> 16; + exp_pdu_data->tlv_buffer[i+2] = (pinfo->ptype & 0x0000ff00) >> 8; + exp_pdu_data->tlv_buffer[i+3] = (pinfo->ptype & 0x000000ff); + i = i +EXP_PDU_TAG_PORT_TYPE_LEN; + } + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_DST_PORT; + i++; + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_DST_PORT_LEN; /* tag length */ + i++; + exp_pdu_data->tlv_buffer[i] = (pinfo->destport & 0xff000000) >> 24; + exp_pdu_data->tlv_buffer[i+1] = (pinfo->destport & 0x00ff0000) >> 16; + exp_pdu_data->tlv_buffer[i+2] = (pinfo->destport & 0x0000ff00) >> 8; + exp_pdu_data->tlv_buffer[i+3] = (pinfo->destport & 0x000000ff); + i = i +EXP_PDU_TAG_DST_PORT_LEN; + } + + if((tags_bit_field & EXP_PDU_TAG_SCTP_PPID_BIT) == EXP_PDU_TAG_SCTP_PPID_BIT){ + for(j = 0; j < MAX_NUMBER_OF_PPIDS; j++) { + if (pinfo->ppids[j] != LAST_PPID) { + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_SCTP_PPID; + i++; + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_SCTP_PPID_LEN; /* tag length */ + i++; + exp_pdu_data->tlv_buffer[i] = (pinfo->ppids[j] & 0xff000000) >> 24; + exp_pdu_data->tlv_buffer[i+1] = (pinfo->ppids[j] & 0x00ff0000) >> 16; + exp_pdu_data->tlv_buffer[i+2] = (pinfo->ppids[j] & 0x0000ff00) >> 8; + exp_pdu_data->tlv_buffer[i+3] = (pinfo->ppids[j] & 0x000000ff); + i = i +EXP_PDU_TAG_SCTP_PPID_LEN; + } else { + break; + } + } } if((tags_bit_field & EXP_PDU_TAG_ORIG_FNO_BIT) == EXP_PDU_TAG_ORIG_FNO_BIT){ - exp_pdu_data->tlv_buffer[i] = 0; - i++; - exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_ORIG_FNO; - i++; - exp_pdu_data->tlv_buffer[i] = 0; - i++; - exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_ORIG_FNO_LEN; /* tag length */ - i++; - exp_pdu_data->tlv_buffer[i] = (pinfo->fd->num & 0xff000000) >> 24; - exp_pdu_data->tlv_buffer[i+1] = (pinfo->fd->num & 0x00ff0000) >> 16; - exp_pdu_data->tlv_buffer[i+2] = (pinfo->fd->num & 0x0000ff00) >> 8; - exp_pdu_data->tlv_buffer[i+3] = (pinfo->fd->num & 0x000000ff); - /*i = i +EXP_PDU_TAG_ORIG_FNO_LEN;*/ + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_ORIG_FNO; + i++; + exp_pdu_data->tlv_buffer[i] = 0; + i++; + exp_pdu_data->tlv_buffer[i] = EXP_PDU_TAG_ORIG_FNO_LEN; /* tag length */ + i++; + exp_pdu_data->tlv_buffer[i] = (pinfo->fd->num & 0xff000000) >> 24; + exp_pdu_data->tlv_buffer[i+1] = (pinfo->fd->num & 0x00ff0000) >> 16; + exp_pdu_data->tlv_buffer[i+2] = (pinfo->fd->num & 0x0000ff00) >> 8; + exp_pdu_data->tlv_buffer[i+3] = (pinfo->fd->num & 0x000000ff); + /*i = i +EXP_PDU_TAG_ORIG_FNO_LEN;*/ } return exp_pdu_data; diff --git a/epan/exported_pdu.h b/epan/exported_pdu.h index 11b55ab3e8..2d5465419c 100644 --- a/epan/exported_pdu.h +++ b/epan/exported_pdu.h @@ -30,7 +30,7 @@ /** * Define different common tap names to extract PDU:s at different layers, otherwise one packet may - * be exported several times at diferent layers if all taps are run. + * be exported several times at different layers if all taps are run. * NOTE if a new tap is added here it needs to be added to export_pdu_dlg.c and packet-exported_pdu.c * TODO: Use an enum_val_t instead? */ @@ -72,22 +72,23 @@ * of the short protocol name used by Wireshark e.g "sip" * Will be used to call the next dissector. */ -/* Add protocol type related tags here NOTE Only one protocol typ tag may be present in a packet, the first one found will be used*/ +/* Add protocol type related tags here NOTE Only one protocol type tag may be present in a packet, the first one found will be used*/ /* 13 - 19 reserved */ #define EXP_PDU_TAG_IPV4_SRC 20 #define EXP_PDU_TAG_IPV4_DST 21 #define EXP_PDU_TAG_IPV6_SRC 22 #define EXP_PDU_TAG_IPV6_DST 23 -#define EXP_PDU_TAG_SRC_PORT 24 -#define EXP_PDU_TAG_DST_PORT 25 +#define EXP_PDU_TAG_PORT_TYPE 24 +#define EXP_PDU_TAG_SRC_PORT 25 +#define EXP_PDU_TAG_DST_PORT 26 -#define EXP_PDU_TAG_SCTP_PPID 26 +#define EXP_PDU_TAG_SCTP_PPID 27 -#define EXP_PDU_TAG_SS7_OPC 27 -#define EXP_PDU_TAG_SS7_DPC 28 +#define EXP_PDU_TAG_SS7_OPC 28 +#define EXP_PDU_TAG_SS7_DPC 29 -#define EXP_PDU_TAG_ORIG_FNO 29 +#define EXP_PDU_TAG_ORIG_FNO 30 typedef struct _exp_pdu_data_t { @@ -115,13 +116,14 @@ typedef struct _exp_pdu_data_t { #define EXP_PDU_TAG_IPV6_SRC_LEN 16 #define EXP_PDU_TAG_IPV6_DST_LEN 16 +#define EXP_PDU_TAG_PORT_TYPE_LEN 4 #define EXP_PDU_TAG_SRC_PORT_LEN 4 #define EXP_PDU_TAG_DST_PORT_LEN 4 -#define EXP_PDU_TAG_SCTP_PPID_LEN 2 +#define EXP_PDU_TAG_SCTP_PPID_LEN 4 -#define EXP_PDU_TAG_SS7_OPC_LEN 2 -#define EXP_PDU_TAG_SS7_DPC_LEN 2 +#define EXP_PDU_TAG_SS7_OPC_LEN 4 +#define EXP_PDU_TAG_SS7_DPC_LEN 4 #define EXP_PDU_TAG_ORIG_FNO_LEN 4 diff --git a/epan/to_str.c b/epan/to_str.c index 1c418d3385..9b5696f6cd 100644 --- a/epan/to_str.c +++ b/epan/to_str.c @@ -1103,3 +1103,25 @@ gchar* guid_to_str_buf(const e_guid_t *guid, gchar *buf, int buf_len) { *tempptr = '\0'; return buf; } + +const gchar* port_type_to_str (port_type type) { + switch (type) { + case PT_NONE: return "NONE"; + case PT_SCTP: return "SCTP"; + case PT_TCP: return "TCP"; + case PT_UDP: return "UDP"; + case PT_DCCP: return "DCCP"; + case PT_IPX: return "IPX"; + case PT_NCP: return "NCP"; + case PT_EXCHG: return "FC EXCHG"; + case PT_DDP: return "DDP"; + case PT_SBCCS: return "FICON SBCCS"; + case PT_IDP: return "IDP"; + case PT_TIPC: return "TIPC"; + case PT_USB: return "USB"; + case PT_I2C: return "I2C"; + case PT_IBQP: return "IBQP"; + case PT_BLUETOOTH: return "BLUETOOTH"; + default: return "[Unknown]"; + } +} diff --git a/epan/to_str.h b/epan/to_str.h index cc0f106474..a353304a3d 100644 --- a/epan/to_str.h +++ b/epan/to_str.h @@ -101,4 +101,6 @@ WS_DLL_PUBLIC const char *decode_boolean_bitfield(const guint32 val, const guint WS_DLL_PUBLIC const char *decode_numeric_bitfield(const guint32 val, const guint32 mask, const int width, const char *fmt); +WS_DLL_PUBLIC const gchar* port_type_to_str (port_type type); + #endif /* __TO_STR_H__ */ diff --git a/plugins/stats_tree/pinfo_stats_tree.c b/plugins/stats_tree/pinfo_stats_tree.c index 143daf8d04..6529040d98 100644 --- a/plugins/stats_tree/pinfo_stats_tree.c +++ b/plugins/stats_tree/pinfo_stats_tree.c @@ -30,26 +30,10 @@ #include #include #include +#include #include "pinfo_stats_tree.h" -/* XXX: this belongs to to_str.c */ -static const gchar* port_type_to_str (port_type type) { - switch (type) { - case PT_NONE: return "NONE"; - case PT_SCTP: return "SCTP"; - case PT_TCP: return "TCP"; - case PT_UDP: return "UDP"; - case PT_IPX: return "IPX"; - case PT_NCP: return "NCP"; - case PT_EXCHG: return "FC EXCHG"; - case PT_DDP: return "DDP"; - case PT_SBCCS: return "FICON SBCCS"; - case PT_IDP: return "IDP"; - default: return "[Unknown]"; - } -} - /*------------------------------------- * UAT for Packet Lengths *------------------------------------- -- cgit v1.2.3