From e7cc0279ab9a11319de521dfdf25057d1ff7ab7f Mon Sep 17 00:00:00 2001 From: Michael Mann Date: Fri, 22 Sep 2017 21:57:50 -0400 Subject: Have sequence analysis properly use filters from taps. Sequence analysis has its own "filtering" system that required its tap functions to look for some "filter flags". register_tap_listener() already comes with a filter argument, so use that to simplify logic of tap functions in dissectors. Also have Qt GUI for Flow Graph look like other dialogs that have a "Limit to display filter" checkbox. Change-Id: I91d9d9599309786892f5b50c98692e52651e7174 Reviewed-on: https://code.wireshark.org/review/23659 Petri-Dish: Michael Mann Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann --- epan/dissectors/packet-frame.c | 27 +++---- epan/dissectors/packet-icmp.c | 39 +++++----- epan/dissectors/packet-icmpv6.c | 39 +++++----- epan/dissectors/packet-lbmc.c | 167 ++++++++++++++++++++-------------------- epan/dissectors/packet-tcp.c | 49 ++++++------ epan/sequence_analysis.h | 1 - 6 files changed, 153 insertions(+), 169 deletions(-) (limited to 'epan') diff --git a/epan/dissectors/packet-frame.c b/epan/dissectors/packet-frame.c index 4312af585b..9310bf7c72 100644 --- a/epan/dissectors/packet-frame.c +++ b/epan/dissectors/packet-frame.c @@ -168,28 +168,25 @@ static gboolean frame_seq_analysis_packet( void *ptr, packet_info *pinfo, epan_dissect_t *edt _U_, const void *dummy _U_) { seq_analysis_info_t *sainfo = (seq_analysis_info_t *) ptr; + seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - if ((sainfo->all_packets) || (pinfo->fd->flags.passed_dfilter == 1)) { + if (!sai) + return FALSE; - seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - if (!sai) - return FALSE; + sai->frame_number = pinfo->num; - sai->frame_number = pinfo->num; + sequence_analysis_use_color_filter(pinfo, sai); - sequence_analysis_use_color_filter(pinfo, sai); + sai->port_src=pinfo->srcport; + sai->port_dst=pinfo->destport; - sai->port_src=pinfo->srcport; - sai->port_dst=pinfo->destport; + sequence_analysis_use_col_info_as_label_comment(pinfo, sai); - sequence_analysis_use_col_info_as_label_comment(pinfo, sai); + sai->line_style = 1; + sai->conv_num = 0; + sai->display = TRUE; - sai->line_style = 1; - sai->conv_num = 0; - sai->display = TRUE; - - g_queue_push_tail(sainfo->items, sai); - } + g_queue_push_tail(sainfo->items, sai); return TRUE; } diff --git a/epan/dissectors/packet-icmp.c b/epan/dissectors/packet-icmp.c index 5988da0b8b..bddf5cf1d2 100644 --- a/epan/dissectors/packet-icmp.c +++ b/epan/dissectors/packet-icmp.c @@ -380,37 +380,34 @@ static gboolean icmp_seq_analysis_packet( void *ptr, packet_info *pinfo, epan_dissect_t *edt _U_, const void *dummy _U_) { seq_analysis_info_t *sainfo = (seq_analysis_info_t *) ptr; + seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - if ((sainfo->all_packets) || (pinfo->fd->flags.passed_dfilter == 1)) { + if (!sai) + return FALSE; - seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - if (!sai) - return FALSE; - - sai->frame_number = pinfo->num; + sai->frame_number = pinfo->num; - sequence_analysis_use_color_filter(pinfo, sai); + sequence_analysis_use_color_filter(pinfo, sai); - sai->port_src=pinfo->srcport; - sai->port_dst=pinfo->destport; + sai->port_src=pinfo->srcport; + sai->port_dst=pinfo->destport; - sequence_analysis_use_col_info_as_label_comment(pinfo, sai); + sequence_analysis_use_col_info_as_label_comment(pinfo, sai); - if (pinfo->ptype == PT_NONE) { - icmp_info_t *p_icmp_info = (icmp_info_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_icmp, 0); + if (pinfo->ptype == PT_NONE) { + icmp_info_t *p_icmp_info = (icmp_info_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_icmp, 0); - if (p_icmp_info != NULL) { - sai->port_src = 0; - sai->port_dst = p_icmp_info->type * 256 + p_icmp_info->code; - } + if (p_icmp_info != NULL) { + sai->port_src = 0; + sai->port_dst = p_icmp_info->type * 256 + p_icmp_info->code; } + } - sai->line_style = 1; - sai->conv_num = 0; - sai->display = TRUE; + sai->line_style = 1; + sai->conv_num = 0; + sai->display = TRUE; - g_queue_push_tail(sainfo->items, sai); - } + g_queue_push_tail(sainfo->items, sai); return TRUE; } diff --git a/epan/dissectors/packet-icmpv6.c b/epan/dissectors/packet-icmpv6.c index 10ef72d888..5a948727c1 100644 --- a/epan/dissectors/packet-icmpv6.c +++ b/epan/dissectors/packet-icmpv6.c @@ -1309,37 +1309,34 @@ static gboolean icmpv6_seq_analysis_packet( void *ptr, packet_info *pinfo, epan_dissect_t *edt _U_, const void *dummy _U_) { seq_analysis_info_t *sainfo = (seq_analysis_info_t *) ptr; + seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - if ((sainfo->all_packets) || (pinfo->fd->flags.passed_dfilter == 1)) { + if (!sai) + return FALSE; - seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - if (!sai) - return FALSE; + sai->frame_number = pinfo->num; - sai->frame_number = pinfo->num; + sequence_analysis_use_color_filter(pinfo, sai); - sequence_analysis_use_color_filter(pinfo, sai); + sai->port_src=pinfo->srcport; + sai->port_dst=pinfo->destport; - sai->port_src=pinfo->srcport; - sai->port_dst=pinfo->destport; + sequence_analysis_use_col_info_as_label_comment(pinfo, sai); - sequence_analysis_use_col_info_as_label_comment(pinfo, sai); + if (pinfo->ptype == PT_NONE) { + icmp_info_t *p_icmp_info = (icmp_info_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_icmpv6, 0); - if (pinfo->ptype == PT_NONE) { - icmp_info_t *p_icmp_info = (icmp_info_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_icmpv6, 0); - - if (p_icmp_info != NULL) { - sai->port_src = 0; - sai->port_dst = p_icmp_info->type * 256 + p_icmp_info->code; - } + if (p_icmp_info != NULL) { + sai->port_src = 0; + sai->port_dst = p_icmp_info->type * 256 + p_icmp_info->code; } + } - sai->line_style = 1; - sai->conv_num = 0; - sai->display = TRUE; + sai->line_style = 1; + sai->conv_num = 0; + sai->display = TRUE; - g_queue_push_tail(sainfo->items, sai); - } + g_queue_push_tail(sainfo->items, sai); return TRUE; } diff --git a/epan/dissectors/packet-lbmc.c b/epan/dissectors/packet-lbmc.c index bdf5318da2..3aba18cfc1 100644 --- a/epan/dissectors/packet-lbmc.c +++ b/epan/dissectors/packet-lbmc.c @@ -6088,119 +6088,116 @@ lbm_uim_seq_analysis_packet(void *ptr, packet_info *pinfo, epan_dissect_t *edt _ char time_str[COL_MAX_LEN]; int rc; - if ((sainfo->all_packets)||(pinfo->fd->flags.passed_dfilter==1)) + if (stream_info->endpoint_a.type != stream_info->endpoint_b.type) { - if (stream_info->endpoint_a.type != stream_info->endpoint_b.type) + return TRUE; + } + if (stream_info->endpoint_a.type == lbm_uim_instance_stream) + { + rc = memcmp((void *)stream_info->endpoint_a.stream_info.ctxinst.ctxinst, + (void *)stream_info->endpoint_b.stream_info.ctxinst.ctxinst, + LBM_CONTEXT_INSTANCE_BLOCK_SZ); + if (rc <= 0) { - return (1); + swap_endpoints = FALSE; } - if (stream_info->endpoint_a.type == lbm_uim_instance_stream) + else { - rc = memcmp((void *)stream_info->endpoint_a.stream_info.ctxinst.ctxinst, - (void *)stream_info->endpoint_b.stream_info.ctxinst.ctxinst, - LBM_CONTEXT_INSTANCE_BLOCK_SZ); - if (rc <= 0) - { - swap_endpoints = FALSE; - } - else - { - swap_endpoints = TRUE; - } + swap_endpoints = TRUE; + } + } + else + { + if (stream_info->endpoint_a.stream_info.dest.domain < stream_info->endpoint_b.stream_info.dest.domain) + { + swap_endpoints = FALSE; + } + else if (stream_info->endpoint_a.stream_info.dest.domain > stream_info->endpoint_b.stream_info.dest.domain) + { + swap_endpoints = TRUE; } else { - if (stream_info->endpoint_a.stream_info.dest.domain < stream_info->endpoint_b.stream_info.dest.domain) + int compare; + + compare = cmp_address(&(stream_info->endpoint_a.stream_info.dest.addr), &(stream_info->endpoint_b.stream_info.dest.addr)); + if (compare < 0) { swap_endpoints = FALSE; } - else if (stream_info->endpoint_a.stream_info.dest.domain > stream_info->endpoint_b.stream_info.dest.domain) + else if (compare > 0) { swap_endpoints = TRUE; } else { - int compare; - - compare = cmp_address(&(stream_info->endpoint_a.stream_info.dest.addr), &(stream_info->endpoint_b.stream_info.dest.addr)); - if (compare < 0) + if (stream_info->endpoint_a.stream_info.dest.port <= stream_info->endpoint_b.stream_info.dest.port) { swap_endpoints = FALSE; } - else if (compare > 0) - { - swap_endpoints = TRUE; - } else { - if (stream_info->endpoint_a.stream_info.dest.port <= stream_info->endpoint_b.stream_info.dest.port) - { - swap_endpoints = FALSE; - } - else - { - swap_endpoints = TRUE; - } + swap_endpoints = TRUE; } } } - if (swap_endpoints == FALSE) - { - epa = stream_info->endpoint_a; - epb = stream_info->endpoint_b; - } - else - { - epb = stream_info->endpoint_a; - epa = stream_info->endpoint_b; - } + } + if (swap_endpoints == FALSE) + { + epa = stream_info->endpoint_a; + epb = stream_info->endpoint_b; + } + else + { + epb = stream_info->endpoint_a; + epa = stream_info->endpoint_b; + } - sai = g_new0(seq_analysis_item_t, 1); - copy_address(&(sai->src_addr), &(pinfo->src)); - copy_address(&(sai->dst_addr), &(pinfo->dst)); - sai->frame_number = pinfo->num; - sai->port_src = pinfo->srcport; - sai->port_dst = pinfo->destport; + sai = g_new0(seq_analysis_item_t, 1); + copy_address(&(sai->src_addr), &(pinfo->src)); + copy_address(&(sai->dst_addr), &(pinfo->dst)); + sai->frame_number = pinfo->num; + sai->port_src = pinfo->srcport; + sai->port_dst = pinfo->destport; - if (stream_info->description == NULL) - { - sai->frame_label = g_strdup_printf("(%" G_GUINT32_FORMAT ")", stream_info->sqn); - } - else - { - sai->frame_label = g_strdup_printf("%s (%" G_GUINT32_FORMAT ")", stream_info->description, stream_info->sqn); - } - if (epa.type == lbm_uim_instance_stream) - { - ctxinst1 = bytes_to_str(pinfo->pool, epa.stream_info.ctxinst.ctxinst, sizeof(epa.stream_info.ctxinst.ctxinst)); - ctxinst2 = bytes_to_str(pinfo->pool, epb.stream_info.ctxinst.ctxinst, sizeof(epb.stream_info.ctxinst.ctxinst)); - sai->comment = g_strdup_printf("%s <-> %s [%" G_GUINT64_FORMAT "]", - ctxinst1, - ctxinst2, - stream_info->channel); - } - else - { - sai->comment = g_strdup_printf("%" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " <-> %" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " [%" G_GUINT64_FORMAT "]", - epa.stream_info.dest.domain, - address_to_str(pinfo->pool, &(epa.stream_info.dest.addr)), - epa.stream_info.dest.port, - epb.stream_info.dest.domain, - address_to_str(pinfo->pool, &(epb.stream_info.dest.addr)), - epb.stream_info.dest.port, - stream_info->channel); - } + if (stream_info->description == NULL) + { + sai->frame_label = g_strdup_printf("(%" G_GUINT32_FORMAT ")", stream_info->sqn); + } + else + { + sai->frame_label = g_strdup_printf("%s (%" G_GUINT32_FORMAT ")", stream_info->description, stream_info->sqn); + } + if (epa.type == lbm_uim_instance_stream) + { + ctxinst1 = bytes_to_str(pinfo->pool, epa.stream_info.ctxinst.ctxinst, sizeof(epa.stream_info.ctxinst.ctxinst)); + ctxinst2 = bytes_to_str(pinfo->pool, epb.stream_info.ctxinst.ctxinst, sizeof(epb.stream_info.ctxinst.ctxinst)); + sai->comment = g_strdup_printf("%s <-> %s [%" G_GUINT64_FORMAT "]", + ctxinst1, + ctxinst2, + stream_info->channel); + } + else + { + sai->comment = g_strdup_printf("%" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " <-> %" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " [%" G_GUINT64_FORMAT "]", + epa.stream_info.dest.domain, + address_to_str(pinfo->pool, &(epa.stream_info.dest.addr)), + epa.stream_info.dest.port, + epb.stream_info.dest.domain, + address_to_str(pinfo->pool, &(epb.stream_info.dest.addr)), + epb.stream_info.dest.port, + stream_info->channel); + } - /* Fill in the timestamps */ - set_fd_time(pinfo->epan, pinfo->fd, time_str); - sai->time_str = g_strdup(time_str); + /* Fill in the timestamps */ + set_fd_time(pinfo->epan, pinfo->fd, time_str); + sai->time_str = g_strdup(time_str); - sai->conv_num = (guint16)LBM_CHANNEL_ID(stream_info->channel); - sai->display = TRUE; - sai->line_style = 1; + sai->conv_num = (guint16)LBM_CHANNEL_ID(stream_info->channel); + sai->display = TRUE; + sai->line_style = 1; - g_queue_push_tail(sainfo->items, sai); - } + g_queue_push_tail(sainfo->items, sai); return TRUE; } diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c index 4c6bded5ff..42e85b1409 100644 --- a/epan/dissectors/packet-tcp.c +++ b/epan/dissectors/packet-tcp.c @@ -869,41 +869,38 @@ tcp_seq_analysis_packet( void *ptr, packet_info *pinfo, epan_dissect_t *edt _U_, { seq_analysis_info_t *sainfo = (seq_analysis_info_t *) ptr; const struct tcpheader *tcph = (const struct tcpheader *)tcp_info; + const char* flags; + seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - if ((sainfo->all_packets)||(pinfo->fd->flags.passed_dfilter==1)){ - const char* flags; - seq_analysis_item_t *sai = sequence_analysis_create_sai_with_addresses(pinfo, sainfo); - - if (!sai) - return FALSE; + if (!sai) + return FALSE; - sai->frame_number = pinfo->num; + sai->frame_number = pinfo->num; - sai->port_src=pinfo->srcport; - sai->port_dst=pinfo->destport; + sai->port_src=pinfo->srcport; + sai->port_dst=pinfo->destport; - flags = tcp_flags_to_str(NULL, tcph); + flags = tcp_flags_to_str(NULL, tcph); - if ((tcph->th_have_seglen)&&(tcph->th_seglen!=0)){ - sai->frame_label = g_strdup_printf("%s - Len: %u",flags, tcph->th_seglen); - } - else{ - sai->frame_label = g_strdup(flags); - } + if ((tcph->th_have_seglen)&&(tcph->th_seglen!=0)){ + sai->frame_label = g_strdup_printf("%s - Len: %u",flags, tcph->th_seglen); + } + else{ + sai->frame_label = g_strdup(flags); + } - wmem_free(NULL, (void*)flags); + wmem_free(NULL, (void*)flags); - if (tcph->th_flags & TH_ACK) - sai->comment = g_strdup_printf("Seq = %u Ack = %u",tcph->th_seq, tcph->th_ack); - else - sai->comment = g_strdup_printf("Seq = %u",tcph->th_seq); + if (tcph->th_flags & TH_ACK) + sai->comment = g_strdup_printf("Seq = %u Ack = %u",tcph->th_seq, tcph->th_ack); + else + sai->comment = g_strdup_printf("Seq = %u",tcph->th_seq); - sai->line_style = 1; - sai->conv_num = (guint16) tcph->th_stream; - sai->display = TRUE; + sai->line_style = 1; + sai->conv_num = (guint16) tcph->th_stream; + sai->display = TRUE; - g_queue_push_tail(sainfo->items, sai); - } + g_queue_push_tail(sainfo->items, sai); return TRUE; } diff --git a/epan/sequence_analysis.h b/epan/sequence_analysis.h index 64b0a31be3..34d3db7334 100644 --- a/epan/sequence_analysis.h +++ b/epan/sequence_analysis.h @@ -69,7 +69,6 @@ typedef struct _seq_analysis_item { /** defines the graph analysis structure */ typedef struct _seq_analysis_info { const char* name; /**< Name of sequence analysis */ - gboolean all_packets; /**< all packets vs only displayed */ gboolean any_addr; /**< any addr (DL+net) vs net-only */ int nconv; /**< number of conversations in the list */ GQueue* items; /**< list of seq_analysis_info_t */ -- cgit v1.2.3