From f4ac555e907bffcc8ae769cc9d12feaedd8a0e5d Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Tue, 14 Sep 1999 08:06:47 +0000 Subject: Peter Torvals' Internet Cache Protocol dissector. svn path=/trunk/; revision=677 --- AUTHORS | 4 + Makefile.am | 3 +- doc/ethereal.pod.template | 1 + gtk/main.c | 3 +- packet-icp.c | 273 ++++++++++++++++++++++++++++++++++++++++++++++ packet-udp.c | 6 +- packet.h | 5 +- proto.c | 4 +- 8 files changed, 293 insertions(+), 6 deletions(-) create mode 100644 packet-icp.c diff --git a/AUTHORS b/AUTHORS index 4fa2237610..b684785698 100644 --- a/AUTHORS +++ b/AUTHORS @@ -128,6 +128,10 @@ Jeff Foster { original NetBIOS encapsulation) } +Peter Torvals { + Internet Cache Protocol support +} + Alain Magloire was kind enough to give his permission to use his version of snprintf.c. diff --git a/Makefile.am b/Makefile.am index fa5492a044..5f748d6c2c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ # Makefile.am # Automake file for Ethereal # -# $Id: Makefile.am,v 1.71 1999/09/11 04:50:34 gerald Exp $ +# $Id: Makefile.am,v 1.72 1999/09/14 08:06:22 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs @@ -71,6 +71,7 @@ ethereal_SOURCES = \ packet-gre.c \ packet-http.c \ packet-icmpv6.c\ + packet-icp.c \ packet-ip.c \ packet-ip.h \ packet-ipsec.c \ diff --git a/doc/ethereal.pod.template b/doc/ethereal.pod.template index 2354cee22e..e7ae94cfc0 100644 --- a/doc/ethereal.pod.template +++ b/doc/ethereal.pod.template @@ -579,6 +579,7 @@ B. Olivier Abad Thierry Andry Jeff Foster + Peter Torvals Alain Magloire was kind enough to give his permission to use his version of snprintf.c. diff --git a/gtk/main.c b/gtk/main.c index 07af23a40d..b895f01571 100644 --- a/gtk/main.c +++ b/gtk/main.c @@ -1,6 +1,6 @@ /* main.c * - * $Id: main.c,v 1.4 1999/09/12 06:11:50 guy Exp $ + * $Id: main.c,v 1.5 1999/09/14 08:06:33 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -158,6 +158,7 @@ about_ethereal( GtkWidget *w, gpointer data ) { "Olivier Abad \n" "Thierry Andry \n" "Jeff Foster \n" + "Peter Torvals \n" "\nSee http://ethereal.zing.org for more information", VERSION, comp_info_str); diff --git a/packet-icp.c b/packet-icp.c new file mode 100644 index 0000000000..41a39c1f6b --- /dev/null +++ b/packet-icp.c @@ -0,0 +1,273 @@ +/* packet-icp.c + * Routines for ICP (internet cache protocol) packet disassembly RFC 2186 && RFC 2187 + * + * + * $Id: packet-icp.c,v 1.1 1999/09/14 08:06:24 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Peter Torvals + * Copyright 1999 Peter Torvals + + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +int proto_icp=-1; +int hf_icp_length=-1; +int hf_icp_opcode=-1; +int hf_icp_version=-1; +int hf_icp_request_nr=-1; + + +#define MAX_TEXTBUF_LENGTH 600 +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#ifdef HAVE_SYS_TYPES_H +# include +#endif + +#ifdef HAVE_NETINET_IN_H +#include +#endif + +#include +#include +#include +#include "packet.h" +#include "resolv.h" + +#define CODE_ICP_OP_QUERY 1 +#define CODE_ICP_OP_INVALID 0 +#define CODE_ICP_OP_HIT 2 +#define CODE_ICP_OP_MISS 3 +#define CODE_ICP_OP_ERR 4 +#define CODE_ICP_OP_SEND 5 +#define CODE_ICP_OP_SENDA 6 +#define CODE_ICP_OP_DATABEG 7 +#define CODE_ICP_OP_DATA 8 +#define CODE_ICP_OP_DATAEND 9 +#define CODE_ICP_OP_SECHO 10 +#define CODE_ICP_OP_DECHO 11 +#define CODE_ICP_OP_MISS_NOFETCH 21 +#define CODE_ICP_OP_DENIED 22 +#define CODE_ICP_OP_HIT_OBJ 23 + +static value_string opcode_vals[] = { +{ CODE_ICP_OP_INVALID , "ICP_INVALID" }, +{ CODE_ICP_OP_QUERY , "ICP_QUERY" }, +{ CODE_ICP_OP_HIT , "ICP_HIT" }, +{ CODE_ICP_OP_MISS , "ICP_MISS" }, +{ CODE_ICP_OP_ERR , "ICP_ERR" }, +{ CODE_ICP_OP_SEND, "ICP_SEND" }, +{ CODE_ICP_OP_SENDA, "ICP_SENDA"}, +{ CODE_ICP_OP_DATABEG, "ICP_DATABEG"}, +{ CODE_ICP_OP_DATA, "ICP_DATA"}, +{ CODE_ICP_OP_DATAEND, "ICP_DATA_END"}, +{ CODE_ICP_OP_SECHO , "ICP_SECHO"}, +{ CODE_ICP_OP_DECHO , "ICP_DECHO"}, +{ CODE_ICP_OP_MISS_NOFETCH , "ICP_MISS_NOFETCH"}, +{ CODE_ICP_OP_DENIED , "ICP_DENIED"}, +{ CODE_ICP_OP_HIT_OBJ , "ICP_HIT_OBJ"}, +{ 0, NULL} +}; + + + +typedef struct _e_icphdr +{ + guint8 opcode; + guint8 version; + guint16 message_length; + guint32 request_number; + guint32 options; + guint32 option_data; + gchar sender_address[4]; +} e_icphdr; + +static gchar textbuf[MAX_TEXTBUF_LENGTH]; +void dissect_icp_payload( const u_char *pd, int offset, + frame_data *fd,proto_tree *pload_tree, e_icphdr *icph) +{ +/* To Be Done take care of fragmentation*/ +guint32 maxlength=fd->pkt_len-offset; +guint32 i; +guint16 objectlength; + switch(icph->opcode) + { + case CODE_ICP_OP_QUERY: + /* 4 byte requester host address */ + proto_tree_add_text(pload_tree,offset,4, + "Requester Host Address %u.%u.%u.%u", + (guint8)pd[offset], + (guint8)pd[offset+1], + (guint8)pd[offset+2], + (guint8)pd[offset+3]); + + /* null terminated URL */ + for (i=0; i < maxlength && + pd[offset+4+i] != 0 && i<(MAX_TEXTBUF_LENGTH-1);i++) + { + textbuf[i]=pd[offset+4+i]; + } + textbuf[i]=0; + i++; + proto_tree_add_text(pload_tree, offset+4,i, + "URL: %s", textbuf); + break; + case CODE_ICP_OP_HIT_OBJ: + /* null terminated url */ + for (i=0; i < maxlength && + pd[offset+i] != 0 && i<(MAX_TEXTBUF_LENGTH-1);i++) + { + textbuf[i]=pd[offset+i]; + } + textbuf[i]=0; + i++; + proto_tree_add_text(pload_tree, offset,i, + "URL: %s", textbuf); + /* 2 byte object size */ + /* object data not recommended by standard*/ + objectlength=pntohs(&pd[offset]); + proto_tree_add_text(pload_tree,offset,2,"object length: %u", objectlength); + /* object data not recommended by standard*/ + proto_tree_add_text(pload_tree,offset+2, maxlength-2,"object data"); + if (objectlength > maxlength-2) + { + proto_tree_add_text(pload_tree,offset,0, + "Packet is fragmented, rest of object is in next udp packet"); + } + case CODE_ICP_OP_MISS: + case CODE_ICP_OP_HIT: + for (i=0; i < maxlength && + pd[offset+i] != 0 && i<(MAX_TEXTBUF_LENGTH-1);i++) + { + textbuf[i]=pd[offset+i]; + } + textbuf[i]=0; + i++; + proto_tree_add_text(pload_tree, offset,i, + "URL: %s", textbuf); + default: + /* check for fragmentation and add message if next part + of payload in next fragment*/ + break; + } +} + +void dissect_icp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) +{ + proto_tree *icp_tree , *payload_tree; + proto_item *ti , *payloadtf; + e_icphdr icph; + + gchar *opcodestrval; + +/* TBD: check if this is a fragment or first part of udp packet */ + icph.opcode=pd[offset]; + icph.version=pd[offset+1]; + icph.message_length=pntohs(&(pd[offset+2])); + icph.request_number=pntohl(&(pd[offset+4])); + memcpy(&icph.options,&pd[offset+8],sizeof(guint32)); + memcpy(&icph.option_data,&pd[offset+12],sizeof(guint32)); + memcpy(icph.sender_address,&pd[offset+16],4); + + + opcodestrval = match_strval(icph.opcode,opcode_vals); + + if (opcodestrval == NULL ) opcodestrval= "UNKNOWN OPCODE"; + + sprintf(textbuf,"opc: %s(%u), Req Nr: %u", opcodestrval, + (guint16)icph.opcode,icph.request_number); + + if (check_col(fd, COL_PROTOCOL)) + col_add_str(fd, COL_PROTOCOL, "ICP"); + + if (check_col(fd, COL_INFO)) + { + col_add_fstr(fd,COL_INFO,textbuf); + } + + if (tree) + { + + ti = proto_tree_add_item(tree,proto_icp ,offset,fd->pkt_len-offset, + NULL); + + icp_tree = proto_item_add_subtree(ti, ETT_ICP); + proto_tree_add_item_format(icp_tree,hf_icp_opcode, offset, 1, + icph.opcode, "Opcode:0x%01x (%s)",icph.opcode, opcodestrval); + + proto_tree_add_item_format(icp_tree,hf_icp_version, offset+1, 1, + icph.version,"Version: 0x%01x (%d)", icph.version, (int)icph.version); + + proto_tree_add_item_format(icp_tree,hf_icp_length, offset+2, 2, + icph.message_length, + "Length: 0x%02x (%d)", icph.message_length,(int)icph.message_length); + proto_tree_add_item_format(icp_tree,hf_icp_request_nr, offset+4, 4, + icph.request_number, + "Request Number: 0x%04x (%u)", icph.request_number,icph.request_number); + + if ( (icph.opcode == CODE_ICP_OP_QUERY) && ((icph.options & 0x80000000 ) != 0) ) + { + proto_tree_add_text(icp_tree,offset+8,4, + "option: ICP_FLAG_HIT_OBJ"); + } + if ( (icph.opcode == CODE_ICP_OP_QUERY)&& ((icph.options & 0x40000000 ) != 0) ) + { + proto_tree_add_text(icp_tree,offset+8,4, + "option:ICP_FLAG_SRC_RTT"); + } + if ((icph.opcode != CODE_ICP_OP_QUERY)&& ((icph.options & 0x40000000 ) != 0)) + { + proto_tree_add_text(icp_tree,offset+8,8, + "option: ICP_FLAG_SCR_RTT RTT=%u", icph.option_data & 0x0000ffff); + } + + proto_tree_add_text(icp_tree,offset+16, 4, + "Sender Host IP address %u.%u.%u.%u", + (guint8)icph.sender_address[0], + (guint8)icph.sender_address[1], + (guint8)icph.sender_address[2], + (guint8)icph.sender_address[3]); + + payloadtf = proto_tree_add_text(icp_tree, + offset+20,icph.message_length - 20, + "Payload"); + payload_tree = proto_item_add_subtree(payloadtf, ETT_ICP_PAYLOAD); + + if (payload_tree !=NULL) + { + dissect_icp_payload( pd, + 20+offset,fd,payload_tree,&icph); + } + } +} +void +proto_register_icp(void) +{ + static hf_register_info hf[] = { + { &hf_icp_opcode, + { "Opcode","icp.opcode", FT_UINT8, NULL }}, + { &hf_icp_version, + { "Version", "icp.version", FT_UINT8, NULL }}, + { &hf_icp_length, + { "Length","icp.length", FT_UINT16, NULL }}, + { &hf_icp_request_nr, + { "Request Number","icp.nr", FT_UINT32, NULL }} }; + + proto_icp = proto_register_protocol ("Internet Cache protocol", "icp"); + proto_register_field_array(proto_icp, hf, array_length(hf)); +} diff --git a/packet-udp.c b/packet-udp.c index 46b5da9fe6..4370715f76 100644 --- a/packet-udp.c +++ b/packet-udp.c @@ -1,7 +1,7 @@ /* packet-udp.c * Routines for UDP packet disassembly * - * $Id: packet-udp.c,v 1.23 1999/08/18 00:57:54 guy Exp $ + * $Id: packet-udp.c,v 1.24 1999/09/14 08:06:23 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -76,7 +76,7 @@ typedef struct _e_udphdr { #define UDP_PORT_RADIUS_NEW 1812 #define UDP_PORT_RADACCT 1646 #define UDP_PORT_RADACCT_NEW 1813 - +#define UDP_PORT_ICP 3130 struct hash_struct { guint16 proto; @@ -249,6 +249,8 @@ dissect_udp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) { PORT_IS(UDP_PORT_RADIUS_NEW) || PORT_IS(UDP_PORT_RADACCT_NEW) ) { dissect_radius(pd, offset, fd, tree); + } else if ( PORT_IS(UDP_PORT_ICP)) { + dissect_icp(pd,offset,fd,tree); } else { /* OK, find a routine in the table, else use the default */ diff --git a/packet.h b/packet.h index daaaa99dcc..52aa468d9a 100644 --- a/packet.h +++ b/packet.h @@ -1,7 +1,7 @@ /* packet.h * Definitions for packet disassembly structures and routines * - * $Id: packet.h,v 1.98 1999/09/12 20:23:33 guy Exp $ + * $Id: packet.h,v 1.99 1999/09/14 08:06:23 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -274,6 +274,8 @@ enum { ETT_PPTP, ETT_GRE, ETT_GRE_FLAGS, + ETT_ICP, + ETT_ICP_PAYLOAD, ETT_PPPOED, ETT_PPPOED_TAGS, ETT_PPPOES, @@ -456,6 +458,7 @@ void dissect_ospf_hello(const u_char *, int, frame_data *, proto_tree *); void dissect_pop(const u_char *, int, frame_data *, proto_tree *); void dissect_pppoed(const u_char *, int, frame_data *, proto_tree *); void dissect_pppoes(const u_char *, int, frame_data *, proto_tree *); +void dissect_icp(const u_char *,int, frame_data *, proto_tree *); void dissect_isakmp(const u_char *, int, frame_data *, proto_tree *); void dissect_radius(const u_char *, int, frame_data *, proto_tree *); void dissect_rip(const u_char *, int, frame_data *, proto_tree *); diff --git a/proto.c b/proto.c index 548a30dcfd..ddb68a09b9 100644 --- a/proto.c +++ b/proto.c @@ -1,7 +1,7 @@ /* proto.c * Routines for protocol tree * - * $Id: proto.c,v 1.25 1999/09/12 14:34:19 deniel Exp $ + * $Id: proto.c,v 1.26 1999/09/14 08:06:22 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -105,6 +105,7 @@ void proto_register_gre(void); void proto_register_http(void); void proto_register_icmp(void); void proto_register_icmpv6(void); +void proto_register_icp(void); void proto_register_igmp(void); void proto_register_ip(void); void proto_register_ipsec(void); @@ -210,6 +211,7 @@ proto_init(void) proto_register_http(); proto_register_icmp(); proto_register_icmpv6(); + proto_register_icp(); proto_register_igmp(); proto_register_ip(); proto_register_ipsec(); -- cgit v1.2.3