void xmpp_jingle_session_track(packet_info *pinfo, xmpp_element_t *packet, xmpp_conv_info_t *xmpp_info) { xmpp_element_t *jingle_packet; GList *jingle_packet_l; jingle_packet_l = xmpp_find_element_by_name(packet,"jingle"); jingle_packet = jingle_packet_l?jingle_packet_l->data:NULL; if (jingle_packet && !pinfo->fd->flags.visited) { xmpp_attr_t *attr_id; xmpp_attr_t *attr_sid; char *se_id; char *se_sid; attr_id = xmpp_get_attr(packet, "id"); if (!attr_id) { return; } attr_sid = xmpp_get_attr(jingle_packet, "sid"); if (!attr_sid) { return; } se_id = se_strdup(attr_id->value); se_sid = se_strdup(attr_sid->value); se_tree_insert_string(xmpp_info->jingle_sessions, se_id, (void*) se_sid, EMEM_TREE_STRING_NOCASE); } }
/* XXX - We depend on the UDP dissector finding the conversation first */ void add_udp_process_info(guint32 frame_num, address *local_addr, address *remote_addr, guint16 local_port, guint16 remote_port, guint32 uid, guint32 pid, gchar *username, gchar *command) { conversation_t *conv; struct udp_analysis *udpd; udp_flow_t *flow = NULL; if (!udp_process_info) { return; } conv = find_conversation(frame_num, local_addr, remote_addr, PT_UDP, local_port, remote_port, 0); if (!conv) { return; } udpd = (struct udp_analysis *)conversation_get_proto_data(conv, proto_udp); if (!udpd) { return; } if (CMP_ADDRESS(local_addr, &conv->key_ptr->addr1) == 0 && local_port == conv->key_ptr->port1) { flow = &udpd->flow1; } else if (CMP_ADDRESS(remote_addr, &conv->key_ptr->addr1) == 0 && remote_port == conv->key_ptr->port1) { flow = &udpd->flow2; } if (!flow || flow->command) { return; } flow->process_uid = uid; flow->process_pid = pid; flow->username = se_strdup(username); flow->command = se_strdup(command); }
void xmpp_ibb_session_track(packet_info *pinfo, xmpp_element_t *packet, xmpp_conv_info_t *xmpp_info) { xmpp_element_t *ibb_packet = NULL; GList *ibb_packet_l; if(strcmp(packet->name, "message") == 0) { ibb_packet_l = xmpp_find_element_by_name(packet,"data"); ibb_packet = (xmpp_element_t *)(ibb_packet_l?ibb_packet_l->data:NULL); } else if(strcmp(packet->name, "iq") == 0) { ibb_packet_l = xmpp_find_element_by_name(packet,"open"); if(!ibb_packet_l) ibb_packet_l = xmpp_find_element_by_name(packet,"close"); if(!ibb_packet_l) ibb_packet_l = xmpp_find_element_by_name(packet,"data"); ibb_packet = (xmpp_element_t *)(ibb_packet_l?ibb_packet_l->data:NULL); } if (ibb_packet && !pinfo->fd->flags.visited) { xmpp_attr_t *attr_id; xmpp_attr_t *attr_sid; char *se_id; char *se_sid; attr_id = xmpp_get_attr(packet, "id"); attr_sid = xmpp_get_attr(ibb_packet, "sid"); if(attr_id && attr_sid) { se_id = se_strdup(attr_id->value); se_sid = se_strdup(attr_sid->value); se_tree_insert_string(xmpp_info->ibb_sessions, se_id, (void*) se_sid, EMEM_TREE_STRING_NOCASE); } } }
void xmpp_gtalk_session_track(packet_info *pinfo, xmpp_element_t *packet, xmpp_conv_info_t *xmpp_info) { xmpp_element_t *gtalk_packet; GList *gtalk_packet_l; gtalk_packet_l = xmpp_find_element_by_name(packet,"session"); gtalk_packet = (xmpp_element_t *)(gtalk_packet_l?gtalk_packet_l->data:NULL); if (gtalk_packet && !pinfo->fd->flags.visited) { xmpp_attr_t *attr_id; xmpp_attr_t *attr_sid; char *se_id; char *se_sid; xmpp_attr_t *xmlns = xmpp_get_attr(gtalk_packet, "xmlns"); if(xmlns && strcmp(xmlns->value,"http://www.google.com/session") != 0) return; attr_id = xmpp_get_attr(packet, "id"); if (!attr_id) { return; } attr_sid = xmpp_get_attr(gtalk_packet, "id"); if (!attr_sid) { return; } se_id = se_strdup(attr_id->value); se_sid = se_strdup(attr_sid->value); se_tree_insert_string(xmpp_info->gtalk_sessions, se_id, (void*) se_sid, EMEM_TREE_STRING_NOCASE); } }
static void h245_setup_channels(packet_info *pinfo, channel_info_t *upcoming_channel_lcl) { gint *key; GHashTable *rtp_dyn_payload = NULL; struct srtp_info *dummy_srtp_info = NULL; if (!upcoming_channel_lcl) return; /* T.38 */ if (!strcmp(upcoming_channel_lcl->data_type_str, "t38fax")) { if (upcoming_channel_lcl->media_addr.addr.type!=AT_NONE && upcoming_channel_lcl->media_addr.port!=0 && t38_handle) { t38_add_address(pinfo, &upcoming_channel_lcl->media_addr.addr, upcoming_channel_lcl->media_addr.port, 0, "H245", pinfo->fd->num); } return; } /* (S)RTP, (S)RTCP */ if (upcoming_channel_lcl->rfc2198 > 0) { encoding_name_and_rate_t *encoding_name_and_rate = se_alloc( sizeof(encoding_name_and_rate_t)); rtp_dyn_payload = g_hash_table_new(g_int_hash, g_int_equal); encoding_name_and_rate->encoding_name = se_strdup("red"); encoding_name_and_rate->sample_rate = 8000; key = se_alloc(sizeof(gint)); *key = upcoming_channel_lcl->rfc2198; g_hash_table_insert(rtp_dyn_payload, key, encoding_name_and_rate); } if (upcoming_channel_lcl->srtp_flag) { dummy_srtp_info = se_alloc0(sizeof(struct srtp_info)); } /* DEBUG g_warning("h245_setup_channels media_addr.addr.type %u port %u",upcoming_channel_lcl->media_addr.addr.type, upcoming_channel_lcl->media_addr.port ); */ if (upcoming_channel_lcl->media_addr.addr.type!=AT_NONE && upcoming_channel_lcl->media_addr.port!=0 && rtp_handle) { srtp_add_address(pinfo, &upcoming_channel_lcl->media_addr.addr, upcoming_channel_lcl->media_addr.port, 0, "H245", pinfo->fd->num, upcoming_channel_lcl->is_video , rtp_dyn_payload, dummy_srtp_info); } if (upcoming_channel_lcl->media_control_addr.addr.type!=AT_NONE && upcoming_channel_lcl->media_control_addr.port!=0 && rtcp_handle) { srtcp_add_address(pinfo, &upcoming_channel_lcl->media_control_addr.addr, upcoming_channel_lcl->media_control_addr.port, 0, "H245", pinfo->fd->num, dummy_srtp_info); } }
static gboolean dissect_applemidi_heur( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree ) { guint16 command; conversation_t *p_conv; /*struct _rtp_conversation_info *p_conv_data = NULL;*/ encoding_name_and_rate_t *encoding_name_and_rate = NULL; GHashTable *rtp_dyn_payload = NULL; gint *key; if ( tvb_length( tvb ) < 4) return FALSE; /* not enough bytes to check */ if ( !test_applemidi( tvb, &command, FALSE ) ) { return FALSE; } /* set dynamic payload-type 97 which is used by Apple for their RTP-MIDI implementation for this address/port-tuple to cause RTP-dissector to call the RTP-MIDI-dissector for payload-decoding */ encoding_name_and_rate = se_alloc( sizeof( encoding_name_and_rate_t ) ); rtp_dyn_payload = g_hash_table_new( g_int_hash, g_int_equal ); encoding_name_and_rate->encoding_name = se_strdup( "rtp-midi" ); encoding_name_and_rate->sample_rate = 10000; key = se_alloc( sizeof( gint ) ); *key = 97; g_hash_table_insert( rtp_dyn_payload, key, encoding_name_and_rate ); rtp_add_address( pinfo, &pinfo->src, pinfo->srcport, 0, APPLEMIDI_DISSECTOR_SHORTNAME, pinfo->fd->num, FALSE, rtp_dyn_payload); /* call dissect_applemidi() from now on for UDP packets on this "connection" it is important to do this step after calling rtp_add_address, otherwise all further packets will go directly to the RTP-dissector! */ p_conv = find_or_create_conversation(pinfo); conversation_set_dissector( p_conv, applemidi_handle ); /* punt to actual decoding */ dissect_applemidi_common( tvb, pinfo, tree, command ); return TRUE; }
void xmpp_iq_reqresp_track(packet_info *pinfo, xmpp_element_t *packet, xmpp_conv_info_t *xmpp_info) { xmpp_transaction_t *xmpp_trans = NULL; xmpp_attr_t *attr_id; char *id; attr_id = xmpp_get_attr(packet, "id"); if (!attr_id) { return; } id = ep_strdup(attr_id->value); if (!pinfo->fd->flags.visited) { xmpp_trans = (xmpp_transaction_t *)se_tree_lookup_string(xmpp_info->req_resp, id, EMEM_TREE_STRING_NOCASE); if (xmpp_trans) { xmpp_trans->resp_frame = pinfo->fd->num; } else { char *se_id = se_strdup(id); xmpp_trans = (xmpp_transaction_t *)se_alloc(sizeof (xmpp_transaction_t)); xmpp_trans->req_frame = pinfo->fd->num; xmpp_trans->resp_frame = 0; se_tree_insert_string(xmpp_info->req_resp, se_id, (void *) xmpp_trans, EMEM_TREE_STRING_NOCASE); } } else { se_tree_lookup_string(xmpp_info->req_resp, id, EMEM_TREE_STRING_NOCASE); } }
gchar* gcp_cmd_to_str(gcp_cmd_t* c, gboolean persistent) { gchar* s; gcp_terms_t* term; if ( !c ) return "-"; switch (c->type) { case GCP_CMD_NONE: return "-"; break; case GCP_CMD_ADD_REQ: s = "AddReq {"; break; case GCP_CMD_MOVE_REQ: s = "MoveReq {"; break; case GCP_CMD_MOD_REQ: s = "ModReq {"; break; case GCP_CMD_SUB_REQ: s = "SubReq {"; break; case GCP_CMD_AUDITCAP_REQ: s = "AuditCapReq {"; break; case GCP_CMD_AUDITVAL_REQ: s = "AuditValReq {"; break; case GCP_CMD_NOTIFY_REQ: s = "NotifyReq {"; break; case GCP_CMD_SVCCHG_REQ: s = "SvcChgReq {"; break; case GCP_CMD_TOPOLOGY_REQ: s = "TopologyReq {"; break; case GCP_CMD_CTX_ATTR_AUDIT_REQ: s = "CtxAttribAuditReq {"; break; case GCP_CMD_ADD_REPLY: s = "AddReply {"; break; case GCP_CMD_MOVE_REPLY: s = "MoveReply {"; break; case GCP_CMD_MOD_REPLY: s = "ModReply {"; break; case GCP_CMD_SUB_REPLY: s = "SubReply {"; break; case GCP_CMD_AUDITCAP_REPLY: s = "AuditCapReply {"; break; case GCP_CMD_AUDITVAL_REPLY: s = "AuditValReply {"; break; case GCP_CMD_NOTIFY_REPLY: s = "NotifyReply {"; break; case GCP_CMD_SVCCHG_REPLY: s = "SvcChgReply {"; break; case GCP_CMD_TOPOLOGY_REPLY: s = "TopologyReply {"; break; case GCP_CMD_REPLY: s = "ActionReply {"; break; case GCP_CMD_OTHER_REQ: s = "Request {"; break; default: s = "-"; break; } for (term = c->terms.next; term; term = term->next) { s = ep_strdup_printf("%s %s",s,term->term->str); } if (c->error) { s = ep_strdup_printf("%s Error=%i",s,c->error); } s = ep_strdup_printf("%s }", s); if (persistent) { if (! c->str) c->str = se_strdup(s); } else { c->str = s; } return s; }
gcp_term_t* gcp_cmd_add_term(gcp_msg_t* m, gcp_trx_t* tr, gcp_cmd_t* c, gcp_term_t* t, gcp_wildcard_t wildcard, gboolean persistent) { gcp_terms_t* ct; gcp_terms_t* ct2; static gcp_term_t all_terms = {"$",(guint8*)"",1,GCP_TERM_TYPE_UNKNOWN,NULL,NULL,NULL}; if ( !c ) return NULL; if ( wildcard == GCP_WILDCARD_CHOOSE) { return &all_terms; } if (persistent) { if ( c->msg->commited ) { if (wildcard == GCP_WILDCARD_ALL) { for (ct = c->ctx->terms.next; ct; ct = ct->next) { /* XXX not handling more wilcards in one msg */ if ( ct->term->start == m ) { return ct->term; } } return NULL; } else { for (ct = c->ctx->terms.next; ct; ct = ct->next) { if ( g_str_equal(ct->term->str,t->str) ) { return ct->term; } } return NULL; } } else { for (ct = c->ctx->terms.next; ct; ct = ct->next) { if ( g_str_equal(ct->term->str,t->str) || ct->term->start == m) { break; } } if ( ! ct ) { if (wildcard == GCP_WILDCARD_ALL) { ct = se_alloc(sizeof(gcp_terms_t)); ct->next = NULL; ct->term = se_alloc0(sizeof(gcp_term_t)); ct->term->start = m; ct->term->str = "*"; ct->term->buffer = NULL; ct->term->len = 0; c->terms.last = c->terms.last->next = ct; ct2 = se_alloc0(sizeof(gcp_terms_t)); ct2->term = ct->term; c->ctx->terms.last->next = ct2; c->ctx->terms.last = ct2; return ct->term; } else { for (ct = c->ctx->terms.next; ct; ct = ct->next) { /* XXX not handling more wilcards in one msg */ if ( ct->term->buffer == NULL && tr->cmds->cmd->msg == ct->term->start ) { ct->term->str = se_strdup(t->str); ct->term->buffer = se_memdup(t->buffer,t->len); ct->term->len = t->len; ct2 = se_alloc0(sizeof(gcp_terms_t)); ct2->term = ct->term; c->terms.last = c->terms.last->next = ct2; return ct->term; } if ( g_str_equal(ct->term->str,t->str) ) { ct2 = se_alloc0(sizeof(gcp_terms_t)); ct2->term = ct->term; c->terms.last = c->terms.last->next = ct2; return ct->term; } } ct = se_alloc(sizeof(gcp_terms_t)); ct->next = NULL; ct->term = se_alloc0(sizeof(gcp_term_t)); ct->term->start = m; ct->term->str = se_strdup(t->str); ct->term->buffer = se_memdup(t->buffer,t->len); ct->term->len = t->len; ct2 = se_alloc0(sizeof(gcp_terms_t)); ct2->term = ct->term; c->terms.last = c->terms.last->next = ct2; ct2 = se_alloc0(sizeof(gcp_terms_t)); ct2->term = ct->term; c->ctx->terms.last = c->ctx->terms.last->next = ct2; return ct->term; } } else { ct2 = se_alloc0(sizeof(gcp_terms_t)); ct2->term = ct->term; c->terms.last = c->terms.last->next = ct2; return ct->term; } DISSECTOR_ASSERT_NOT_REACHED(); return NULL; } } else { ct = ep_new(gcp_terms_t); ct->term = t; ct->next = NULL; c->terms.last = c->terms.last->next = ct; return t; } }
static void dissect_exec(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { /* Set up structures needed to add the protocol subtree and manage it */ proto_item *ti; proto_tree *exec_tree=NULL; /* Variables for extracting and displaying data from the packet */ guchar *field_stringz; /* Temporary storage for each field we extract */ gint length; guint offset = 0; conversation_t *conversation; exec_hash_entry_t *hash_info; conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype, pinfo->srcport, pinfo->destport, 0); if(!conversation){ /* Conversation does not exist yet - create it */ conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype, pinfo->srcport, pinfo->destport, 0); } /* Retrieve information from conversation * or add it if it isn't there yet */ hash_info = conversation_get_proto_data(conversation, proto_exec); if(!hash_info){ hash_info = se_alloc(sizeof(exec_hash_entry_t)); hash_info->first_packet_number = pinfo->fd->num; hash_info->second_packet_number = 0; hash_info->third_packet_number = 0; hash_info->fourth_packet_number = 0; hash_info->state = WAIT_FOR_STDERR_PORT; /* The first field we'll see */ /* Start with empty username and command strings */ hash_info->username=NULL; hash_info->command=NULL; /* These will be set on the first pass by the first * four packets of the conversation */ hash_info->first_packet_state = NONE; hash_info->second_packet_state = NONE; hash_info->third_packet_state = NONE; hash_info->fourth_packet_state = NONE; conversation_add_proto_data(conversation, proto_exec, hash_info); } /* Store the number of the first three packets of this conversation * as we reach them the first time */ if(!hash_info->second_packet_number && pinfo->fd->num > hash_info->first_packet_number){ /* We're on the second packet of the conversation */ hash_info->second_packet_number = pinfo->fd->num; } else if(hash_info->second_packet_number && !hash_info->third_packet_number && pinfo->fd->num > hash_info->second_packet_number) { /* We're on the third packet of the conversation */ hash_info->third_packet_number = pinfo->fd->num; } else if(hash_info->third_packet_number && !hash_info->fourth_packet_number && pinfo->fd->num > hash_info->third_packet_number) { /* We're on the fourth packet of the conversation */ hash_info->fourth_packet_number = pinfo->fd->num; } /* Save this packet's state so we can retrieve it if this packet * is selected again later. If the packet's state was already stored, * then retrieve it */ if(pinfo->fd->num == hash_info->first_packet_number){ if(hash_info->first_packet_state == NONE){ hash_info->first_packet_state = hash_info->state; } else { hash_info->state = hash_info->first_packet_state; } } if(pinfo->fd->num == hash_info->second_packet_number){ if(hash_info->second_packet_state == NONE){ hash_info->second_packet_state = hash_info->state; } else { hash_info->state = hash_info->second_packet_state; } } if(pinfo->fd->num == hash_info->third_packet_number){ if(hash_info->third_packet_state == NONE){ hash_info->third_packet_state = hash_info->state; } else { hash_info->state = hash_info->third_packet_state; } } if(pinfo->fd->num == hash_info->fourth_packet_number){ if(hash_info->fourth_packet_state == NONE){ hash_info->fourth_packet_state = hash_info->state; } else { hash_info->state = hash_info->fourth_packet_state; } } col_set_str(pinfo->cinfo, COL_PROTOCOL, "EXEC"); if(check_col(pinfo->cinfo, COL_INFO)){ /* First, clear the info column */ col_clear(pinfo->cinfo, COL_INFO); /*username */ if(hash_info->username && preference_info_show_username == TRUE){ col_append_fstr(pinfo->cinfo, COL_INFO, "Username:%s ", hash_info->username); } /* Command */ if(hash_info->command && preference_info_show_command == TRUE){ col_append_fstr(pinfo->cinfo, COL_INFO, "Command:%s ", hash_info->command); } } /* create display subtree for the protocol */ ti = proto_tree_add_item(tree, proto_exec, tvb, 0, -1, FALSE); exec_tree = proto_item_add_subtree(ti, ett_exec); /* If this packet doesn't end with a null terminated string, * then it must be session data only and we can skip looking * for the other fields. */ if(tvb_find_guint8(tvb, tvb_length(tvb)-1, 1, '\0') == -1){ hash_info->state = WAIT_FOR_DATA; } if(hash_info->state == WAIT_FOR_STDERR_PORT && tvb_length_remaining(tvb, offset)){ field_stringz = tvb_get_ephemeral_stringz(tvb, offset, &length); /* Check if this looks like the stderr_port field. * It is optional, so it may only be 1 character long * (the NULL) */ if(length == 1 || (exec_isdigit_string(field_stringz) && length <= EXEC_STDERR_PORT_LEN)){ proto_tree_add_string(exec_tree, hf_exec_stderr_port, tvb, offset, length, (gchar*)field_stringz); /* Next field we need */ hash_info->state = WAIT_FOR_USERNAME; } else { /* Since the data doesn't match this field, it must be data only */ hash_info->state = WAIT_FOR_DATA; } /* Used if the next field is in the same packet */ offset += length; } if(hash_info->state == WAIT_FOR_USERNAME && tvb_length_remaining(tvb, offset)){ field_stringz = tvb_get_ephemeral_stringz(tvb, offset, &length); /* Check if this looks like the username field */ if(length != 1 && length <= EXEC_USERNAME_LEN && exec_isprint_string(field_stringz)){ proto_tree_add_string(exec_tree, hf_exec_username, tvb, offset, length, (gchar*)field_stringz); /* Store the username so we can display it in the * info column of the entire conversation */ if(!hash_info->username){ hash_info->username=se_strdup((gchar*)field_stringz); } /* Next field we need */ hash_info->state = WAIT_FOR_PASSWORD; } else { /* Since the data doesn't match this field, it must be data only */ hash_info->state = WAIT_FOR_DATA; } /* Used if the next field is in the same packet */ offset += length; } if(hash_info->state == WAIT_FOR_PASSWORD && tvb_length_remaining(tvb, offset)){ field_stringz = tvb_get_ephemeral_stringz(tvb, offset, &length); /* Check if this looks like the password field */ if(length != 1 && length <= EXEC_PASSWORD_LEN && exec_isprint_string(field_stringz)){ proto_tree_add_string(exec_tree, hf_exec_password, tvb, offset, length, (gchar*)field_stringz); /* Next field we need */ hash_info->state = WAIT_FOR_COMMAND; } else { /* Since the data doesn't match this field, it must be data only */ hash_info->state = WAIT_FOR_DATA; } /* Used if the next field is in the same packet */ offset += length; /* Next field we are looking for */ hash_info->state = WAIT_FOR_COMMAND; } if(hash_info->state == WAIT_FOR_COMMAND && tvb_length_remaining(tvb, offset)){ field_stringz = tvb_get_ephemeral_stringz(tvb, offset, &length); /* Check if this looks like the command field */ if(length != 1 && length <= EXEC_COMMAND_LEN && exec_isprint_string(field_stringz)){ proto_tree_add_string(exec_tree, hf_exec_command, tvb, offset, length, (gchar*)field_stringz); /* Store the username so we can display it in the * info column of the entire conversation */ if(!hash_info->command){ hash_info->command=se_strdup((gchar*)field_stringz); } } else { /* Since the data doesn't match this field, it must be data only */ hash_info->state = WAIT_FOR_DATA; } } if(hash_info->state == WAIT_FOR_DATA && tvb_length_remaining(tvb, offset)){ if(pinfo->destport == EXEC_PORT){ /* Packet going to the server */ /* offset = 0 since the whole packet is data */ proto_tree_add_text(exec_tree, tvb, 0, -1, "Client -> Server Data"); if(check_col(pinfo->cinfo, COL_INFO)) col_append_str(pinfo->cinfo, COL_INFO, "Client -> Server data"); } else { /* This packet must be going back to the client */ /* offset = 0 since the whole packet is data */ proto_tree_add_text(exec_tree, tvb, 0, -1, "Server -> Client Data"); if(check_col(pinfo->cinfo, COL_INFO)) col_append_str(pinfo->cinfo, COL_INFO, "Server -> Client Data"); } } /* We haven't seen all of the fields yet */ if(hash_info->state < WAIT_FOR_DATA){ col_set_str(pinfo->cinfo, COL_INFO, "Session Establishment"); } }
static void dissect_fw1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { /* Set up structures needed to add the protocol subtree and manage it */ proto_item *ti; proto_tree *volatile fh_tree = NULL; char direction; char chain; char *interface_name; guint32 iface_len = 10; guint16 etype; emem_strbuf_t *header; int i; gboolean found; static const char fw1_header[] = "FW1 Monitor"; header = ep_strbuf_new_label(fw1_header); /* Make entries in Protocol column and Info column on summary display */ col_set_str(pinfo->cinfo, COL_PROTOCOL, "FW1"); col_clear(pinfo->cinfo, COL_INFO); /* g_snprintf(header, sizeof(header), fw1_header); */ /* fetch info to local variable */ direction = tvb_get_guint8(tvb, 0); if (!fw1_iflist_with_chain) chain = ' '; else chain = tvb_get_guint8(tvb, 1); if (fw1_with_uuid) iface_len = 6; interface_name=(char *)ep_alloc(iface_len+1); tvb_get_nstringz0(tvb, 2, iface_len+1, interface_name); /* Known interface name - if not, remember it */ found=FALSE; for (i=0; i<interface_anzahl; i++) { if ( strcmp(p_interfaces[i], interface_name) == 0 ) { found=TRUE; break; } } if (!found && interface_anzahl < MAX_INTERFACES) { p_interfaces[interface_anzahl] = se_strdup(interface_name); interface_anzahl++; } /* display all interfaces always in the same order */ for (i=0; i<interface_anzahl; i++) { if ( strcmp(p_interfaces[i], interface_name) == 0 ) { ep_strbuf_append_printf(header, " %c%c %s %c%c", direction == 'i' ? 'i' : (direction == 'O' ? 'O' : ' '), (direction == 'i' || direction == 'O') ? chain : ' ', p_interfaces[i], direction == 'I' ? 'I' : (direction == 'o' ? 'o' : ' '), (direction == 'I' || direction == 'o') ? chain : ' ' ); } else { ep_strbuf_append_printf(header, " %s ", p_interfaces[i]); } } col_add_str(pinfo->cinfo, COL_IF_DIR, header->str + sizeof(fw1_header) + 1); if (tree) { if (!fw1_summary_in_tree) /* Do not show the summary in Protocol Tree */ ti = proto_tree_add_protocol_format(tree, proto_fw1, tvb, 0, ETH_HEADER_SIZE, "%s", fw1_header); else ti = proto_tree_add_protocol_format(tree, proto_fw1, tvb, 0, ETH_HEADER_SIZE, "%s", header->str); /* create display subtree for the protocol */ fh_tree = proto_item_add_subtree(ti, ett_fw1); proto_tree_add_item(fh_tree, hf_fw1_direction, tvb, 0, 1, ENC_ASCII|ENC_NA); if (fw1_iflist_with_chain) proto_tree_add_item(fh_tree, hf_fw1_chain, tvb, 1, 1, ENC_ASCII|ENC_NA); proto_tree_add_item(fh_tree, hf_fw1_interface, tvb, 2, iface_len, ENC_ASCII|ENC_NA); if (fw1_with_uuid) proto_tree_add_item(fh_tree, hf_fw1_uuid, tvb, 8, 4, ENC_BIG_ENDIAN); } etype = tvb_get_ntohs(tvb, 12); ethertype(etype, tvb, ETH_HEADER_SIZE, pinfo, tree, fh_tree, hf_fw1_type, hf_fw1_trailer, 0); }
if( acse_ctx_oid_table ){ g_hash_table_destroy(acse_ctx_oid_table); acse_ctx_oid_table = NULL; } acse_ctx_oid_table = g_hash_table_new(acse_ctx_oid_hash, acse_ctx_oid_equal); } static void register_ctx_id_and_oid(packet_info *pinfo _U_, guint32 idx, char *oid) { acse_ctx_oid_t *aco, *tmpaco; aco=se_alloc(sizeof(acse_ctx_oid_t)); aco->ctx_id=idx; aco->oid=se_strdup(oid); /* if this ctx already exists, remove the old one first */ tmpaco=(acse_ctx_oid_t *)g_hash_table_lookup(acse_ctx_oid_table, aco); if(tmpaco){ g_hash_table_remove(acse_ctx_oid_table, tmpaco); } g_hash_table_insert(acse_ctx_oid_table, aco, aco); } static char * find_oid_by_ctx_id(packet_info *pinfo _U_, guint32 idx) { acse_ctx_oid_t aco, *tmpaco; aco.ctx_id=idx; tmpaco=(acse_ctx_oid_t *)g_hash_table_lookup(acse_ctx_oid_table, &aco); if(tmpaco){