static void
expert_set_info_vformat(packet_info *pinfo, proto_item *pi, int group, int severity, const char *format, va_list ap)
{
char formatted[ITEM_LABEL_LENGTH];
int tap;
expert_info_t *ei;
proto_tree *tree;
proto_item *ti;
/* if this packet isn't loaded because of a read filter, don't output anything */
if (pinfo == NULL || PINFO_FD_NUM(pinfo) == 0) {
return;
}
if (severity > highest_severity) {
highest_severity = severity;
}
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
expert_set_item_flags(pi, group, severity);
}
col_add_str(pinfo->cinfo, COL_EXPERT, val_to_str(severity, expert_severity_vals, "Unknown (%u)"));
g_vsnprintf(formatted, ITEM_LABEL_LENGTH, format, ap);
tree = expert_create_tree(pi, group, severity, formatted);
ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_uint_format_value(tree, hf_expert_severity, NULL, 0, 0, severity,
"%s", val_to_str_const(severity, expert_severity_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_uint_format_value(tree, hf_expert_group, NULL, 0, 0, group,
"%s", val_to_str_const(group, expert_group_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
tap = have_tap_listener(expert_tap);
if (!tap)
return;
ei = ep_alloc(sizeof(expert_info_t));
ei->packet_num = PINFO_FD_NUM(pinfo);
ei->group = group;
ei->severity = severity;
ei->protocol = pinfo->current_proto;
ei->summary = ep_strdup(formatted);
/* if we have a proto_item (not a faked item), set expert attributes to it */
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
ei->pitem = pi;
} else {
ei->pitem = NULL;
}
tap_queue_packet(expert_tap, pinfo, ei);
}
static void export_pdu(tvbuff_t *tvb, packet_info* pinfo, char *proto_name)
{
if (have_tap_listener(exported_pdu_tap)) {
static const exp_pdu_data_item_t *user_encap_exp_pdu_items[] = {
&exp_pdu_data_orig_frame_num,
NULL
};
exp_pdu_data_t *exp_pdu_data = export_pdu_create_tags(pinfo, proto_name, EXP_PDU_TAG_PROTO_NAME, user_encap_exp_pdu_items);
exp_pdu_data->tvb_captured_length = tvb_captured_length(tvb);
exp_pdu_data->tvb_reported_length = tvb_reported_length(tvb);
exp_pdu_data->pdu_tvb = tvb;
tap_queue_packet(exported_pdu_tap, pinfo, exp_pdu_data);
}
}
static void dissect_tftp_message(tftp_conv_info_t *tftp_info,
tvbuff_t *tvb, packet_info *pinfo,
proto_tree *tree)
{
proto_tree *tftp_tree;
proto_item *ti;
gint offset = 0;
guint16 opcode;
guint16 bytes;
guint16 blocknum;
guint i1;
guint16 error;
tvbuff_t *data_tvb = NULL;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "TFTP");
/* Protocol root */
ti = proto_tree_add_item(tree, proto_tftp, tvb, offset, -1, ENC_NA);
tftp_tree = proto_item_add_subtree(ti, ett_tftp);
/* Opcode */
opcode = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(tftp_tree, hf_tftp_opcode, tvb, offset, 2, opcode);
col_add_str(pinfo->cinfo, COL_INFO,
val_to_str(opcode, tftp_opcode_vals, "Unknown (0x%04x)"));
offset += 2;
/* read and write requests contain file names
for other messages, we add the filenames from the conversation */
if (opcode!=TFTP_RRQ && opcode!=TFTP_WRQ) {
if (tftp_info->source_file) {
ti = proto_tree_add_string(tftp_tree, hf_tftp_source_file, tvb,
0, 0, tftp_info->source_file);
PROTO_ITEM_SET_GENERATED(ti);
}
if (tftp_info->destination_file) {
ti = proto_tree_add_string(tftp_tree, hf_tftp_destination_file, tvb,
0, 0, tftp_info->destination_file);
PROTO_ITEM_SET_GENERATED(ti);
}
}
switch (opcode) {
case TFTP_RRQ:
i1 = tvb_strsize(tvb, offset);
proto_tree_add_item(tftp_tree, hf_tftp_source_file,
tvb, offset, i1, ENC_ASCII|ENC_NA);
tftp_info->source_file = tvb_get_string_enc(wmem_file_scope(), tvb, offset, i1, ENC_ASCII);
/* we either have a source file name (for read requests) or a
destination file name (for write requests)
when we set one of the names, we clear the other */
tftp_info->destination_file = NULL;
col_append_fstr(pinfo->cinfo, COL_INFO, ", File: %s",
tvb_format_stringzpad(tvb, offset, i1));
offset += i1;
i1 = tvb_strsize(tvb, offset);
proto_tree_add_item(tftp_tree, hf_tftp_transfer_type,
tvb, offset, i1, ENC_ASCII|ENC_NA);
col_append_fstr(pinfo->cinfo, COL_INFO, ", Transfer type: %s",
tvb_format_stringzpad(tvb, offset, i1));
offset += i1;
tftp_dissect_options(tvb, pinfo, offset, tftp_tree,
opcode, tftp_info);
break;
case TFTP_WRQ:
i1 = tvb_strsize(tvb, offset);
proto_tree_add_item(tftp_tree, hf_tftp_destination_file,
tvb, offset, i1, ENC_ASCII|ENC_NA);
tftp_info->destination_file =
tvb_get_string_enc(wmem_file_scope(), tvb, offset, i1, ENC_ASCII);
tftp_info->source_file = NULL; /* see above */
col_append_fstr(pinfo->cinfo, COL_INFO, ", File: %s",
tvb_format_stringzpad(tvb, offset, i1));
offset += i1;
i1 = tvb_strsize(tvb, offset);
proto_tree_add_item(tftp_tree, hf_tftp_transfer_type,
tvb, offset, i1, ENC_ASCII|ENC_NA);
col_append_fstr(pinfo->cinfo, COL_INFO, ", Transfer type: %s",
tvb_format_stringzpad(tvb, offset, i1));
offset += i1;
tftp_dissect_options(tvb, pinfo, offset, tftp_tree,
opcode, tftp_info);
break;
case TFTP_INFO:
tftp_dissect_options(tvb, pinfo, offset, tftp_tree,
opcode, tftp_info);
break;
case TFTP_DATA:
blocknum = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(tftp_tree, hf_tftp_blocknum, tvb, offset, 2,
blocknum);
/* Sequence analysis on blocknums (first pass only) */
if (!pinfo->fd->flags.visited) {
if (blocknum > tftp_info->next_block_num) {
/* There is a gap. Don't try to recover from this. */
tftp_info->next_block_num = blocknum + 1;
tftp_info->blocks_missing = TRUE;
/* TODO: add info to a result table for showing expert info in later passes */
}
else if (blocknum == tftp_info->next_block_num) {
/* OK, inc what we expect next */
tftp_info->next_block_num++;
}
}
offset += 2;
/* Show number of bytes in this block, and whether it is the end of the file */
bytes = tvb_reported_length_remaining(tvb, offset);
col_append_fstr(pinfo->cinfo, COL_INFO, ", Block: %i%s",
blocknum,
(bytes < tftp_info->blocksize)?" (last)":"" );
/* Show data in tree */
if (bytes > 0) {
data_tvb = tvb_new_subset(tvb, offset, -1, bytes);
call_dissector(data_handle, data_tvb, pinfo, tree);
}
/* If Export Object tap is listening, need to accumulate blocks info list
to send to tap. But if already know there are blocks missing, there is no
point in trying. */
if (have_tap_listener(tftp_eo_tap) && !tftp_info->blocks_missing) {
file_block_t *block;
if (blocknum == 1) {
/* Reset data for this conversation, freeing any accumulated blocks! */
cleanup_tftp_blocks(tftp_info);
tftp_info->next_tap_block_num = 1;
}
if (blocknum != tftp_info->next_tap_block_num) {
/* Ignore. Could be missing frames, or just clicking previous frame */
return;
}
if (bytes > 0) {
/* Create a block for this block */
block = (file_block_t*)g_malloc(sizeof(file_block_t));
block->length = bytes;
block->data = tvb_memdup(NULL, data_tvb, 0, bytes);
/* Add to the end of the list (does involve traversing whole list..) */
tftp_info->block_list = g_slist_append(tftp_info->block_list, block);
tftp_info->file_length += bytes;
/* Look for next blocknum next time */
tftp_info->next_tap_block_num++;
}
/* Tap export object only when reach end of file */
if (bytes < tftp_info->blocksize) {
tftp_eo_t *eo_info;
/* If don't have a filename, won't tap file info */
if ((tftp_info->source_file == NULL) && (tftp_info->destination_file == NULL)) {
cleanup_tftp_blocks(tftp_info);
return;
}
/* Create the eo_info to pass to the listener */
eo_info = wmem_new(wmem_packet_scope(), tftp_eo_t);
/* Set filename */
if (tftp_info->source_file) {
eo_info->filename = g_strdup(tftp_info->source_file);
}
else if (tftp_info->destination_file) {
eo_info->filename = g_strdup(tftp_info->destination_file);
}
/* Send block list, which will be combined and freed at tap. */
eo_info->payload_len = tftp_info->file_length;
eo_info->pkt_num = blocknum;
eo_info->block_list = tftp_info->block_list;
/* Send to tap */
tap_queue_packet(tftp_eo_tap, pinfo, eo_info);
/* Have sent, so forget list of blocks, and only pay attention if we
get back to the first block again. */
tftp_info->block_list = NULL;
tftp_info->next_tap_block_num = 1;
}
}
break;
case TFTP_ACK:
blocknum = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(tftp_tree, hf_tftp_blocknum, tvb, offset, 2,
blocknum);
col_append_fstr(pinfo->cinfo, COL_INFO, ", Block: %i",
blocknum);
break;
case TFTP_ERROR:
error = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(tftp_tree, hf_tftp_error_code, tvb, offset, 2,
error);
col_append_fstr(pinfo->cinfo, COL_INFO, ", Code: %s",
val_to_str(error, tftp_error_code_vals, "Unknown (%u)"));
offset += 2;
i1 = tvb_strsize(tvb, offset);
proto_tree_add_item(tftp_tree, hf_tftp_error_string, tvb, offset,
i1, ENC_ASCII|ENC_NA);
col_append_fstr(pinfo->cinfo, COL_INFO, ", Message: %s",
tvb_format_stringzpad(tvb, offset, i1));
expert_add_info(pinfo, NULL, &ei_tftp_blocksize_range);
break;
case TFTP_OACK:
tftp_dissect_options(tvb, pinfo, offset, tftp_tree,
opcode, tftp_info);
break;
default:
proto_tree_add_item(tftp_tree, hf_tftp_data, tvb, offset, -1, ENC_NA);
break;
}
}
static void dissect_eth_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
e_eth_esphdr *eth_esph;
tvbuff_t *next_tvb;
guint length_remaining;
int offset = 0;
guint len;
gchar *flags = "<None>";
const gchar *fstr[] = {"SYN", "ACK", "FIN", "RST", "RRQ", "TXS", "TXF", "XXX" };
gint i;
guint bpos;
size_t fpos = 0, returned_length;
eth_esph = ep_alloc(sizeof(e_eth_esphdr));
eth_esph->eh_dport = tvb_get_ntohs(tvb, 0);
eth_esph->eh_sport = tvb_get_ntohs(tvb, 2);
eth_esph->eh_pkt_seq = tvb_get_ntohs(tvb, 4);
eth_esph->eh_ack_seq = tvb_get_ntohs(tvb, 6);
eth_esph->eh_len = tvb_get_ntohs(tvb, 8);
eth_esph->eh_flags = tvb_get_guint8(tvb, 10);
/* set protocol name */
if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ETH_ESP");
}
/* Set info column */
if (check_col(pinfo->cinfo, COL_INFO)) {
col_clear(pinfo->cinfo, COL_INFO);
col_append_fstr(pinfo->cinfo, COL_INFO, "%u > %u", eth_esph->eh_sport, eth_esph->eh_dport);
}
/* Set tree info */
if (tree) {
proto_item *ti = NULL, *tf;
proto_tree *eth_esp_tree = NULL, *field_tree = NULL;
ti = proto_tree_add_item(tree, proto_eth_esp_plugin, tvb, 0, ETH_ESP_PACKET_SIZE, FALSE);
eth_esp_tree = proto_item_add_subtree(ti, ett_eth_esp);
/* items */
proto_tree_add_item(eth_esp_tree, hf_eth_esp_dstport, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(eth_esp_tree, hf_eth_esp_srcport, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(eth_esp_tree, hf_eth_esp_pkt_seq, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(eth_esp_tree, hf_eth_esp_ack_seq, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(eth_esp_tree, hf_eth_esp_len, tvb, offset, 2, FALSE);
offset += 2;
tf = proto_tree_add_item(eth_esp_tree, hf_eth_esp_flags, tvb, offset, 1, FALSE);
field_tree = proto_item_add_subtree(tf, ett_eth_esp_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_syn, tvb, offset, 1, eth_esph->eh_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_ack, tvb, offset, 1, eth_esph->eh_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_fin, tvb, offset, 1, eth_esph->eh_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_rst, tvb, offset, 1, eth_esph->eh_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_rrq, tvb, offset, 1, eth_esph->eh_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_txs, tvb, offset, 1, eth_esph->eh_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_txf, tvb, offset, 1, eth_esph->eh_flags);
proto_tree_add_boolean(field_tree, hf_eth_esp_flags_xxx, tvb, offset, 1, eth_esph->eh_flags);
offset += 1;
}
if (check_col(pinfo->cinfo, COL_INFO) || tree) {
#define MAX_FLAGS_LEN 64
flags = ep_alloc(MAX_FLAGS_LEN);
flags[0] = 0;
for (i = 0; i < 8; i++) {
bpos = 1 << i;
if (eth_esph->eh_flags & bpos) {
returned_length = g_snprintf(&flags[fpos], MAX_FLAGS_LEN - fpos, "%s%s",
fpos ? ", " : "",
fstr[i]);
fpos += MIN(returned_length, MAX_FLAGS_LEN - fpos);
}
}
}
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO, "[%s] Seq=%u Ack=%u", flags, eth_esph->eh_pkt_seq, eth_esph->eh_ack_seq);
}
pinfo->srcport = eth_esph->eh_sport;
pinfo->destport = eth_esph->eh_dport;
tap_queue_packet(eth_esp_tap, pinfo, eth_esph);
length_remaining = tvb_length_remaining(tvb, offset);
len = length_remaining;
if (length_remaining != eth_esph->eh_len) {
len = length_remaining;
} else {
len = eth_esph->eh_len;
}
if (len != 0) {
next_tvb = tvb_new_subset(tvb, offset, len, -1);
if (have_tap_listener(eth_esp_follow_tap)) {
tap_queue_packet(eth_esp_follow_tap, pinfo, next_tvb);
}
if (try_heuristic_first) {
/* do lookup with the heuristic subdissector table */
if (dissector_try_heuristic(heur_subdissector_list, next_tvb, pinfo, tree))
return;
}
call_dissector(data_handle, next_tvb, pinfo, tree);
}
}
void
decode_udp_ports(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, int uh_sport, int uh_dport, int uh_ulen)
{
tvbuff_t *next_tvb;
int low_port, high_port;
gint len, reported_len;
len = tvb_length_remaining(tvb, offset);
reported_len = tvb_reported_length_remaining(tvb, offset);
if (uh_ulen != -1) {
/* This is the length from the UDP header; the payload should be cut
off at that length. (If our caller passed a value here, they
are assumed to have checked that it's >= 8, and hence >= offset.)
XXX - what if it's *greater* than the reported length? */
if (uh_ulen - offset < reported_len)
reported_len = uh_ulen - offset;
if (len > reported_len)
len = reported_len;
}
next_tvb = tvb_new_subset(tvb, offset, len, reported_len);
/* If the user has a "Follow UDP Stream" window loading, pass a pointer
* to the payload tvb through the tap system. */
if(have_tap_listener(udp_follow_tap))
tap_queue_packet(udp_follow_tap, pinfo, next_tvb);
/* determine if this packet is part of a conversation and call dissector */
/* for the conversation if available */
if (try_conversation_dissector(&pinfo->dst, &pinfo->src, PT_UDP,
uh_dport, uh_sport, next_tvb, pinfo, tree)){
return;
}
if (try_heuristic_first) {
/* do lookup with the heuristic subdissector table */
if (dissector_try_heuristic(heur_subdissector_list, next_tvb, pinfo, tree, NULL))
return;
}
/* Do lookups with the subdissector table.
We try the port number with the lower value first, followed by the
port number with the higher value. This means that, for packets
where a dissector is registered for *both* port numbers:
1) we pick the same dissector for traffic going in both directions;
2) we prefer the port number that's more likely to be the right
one (as that prefers well-known ports to reserved ports);
although there is, of course, no guarantee that any such strategy
will always pick the right port number.
XXX - we ignore port numbers of 0, as some dissectors use a port
number of 0 to disable the port, and as RFC 768 says that the source
port in UDP datagrams is optional and is 0 if not used. */
if (uh_sport > uh_dport) {
low_port = uh_dport;
high_port = uh_sport;
} else {
low_port = uh_sport;
high_port = uh_dport;
}
if (low_port != 0 &&
dissector_try_uint(udp_dissector_table, low_port, next_tvb, pinfo, tree))
return;
if (high_port != 0 &&
dissector_try_uint(udp_dissector_table, high_port, next_tvb, pinfo, tree))
return;
if (!try_heuristic_first) {
/* do lookup with the heuristic subdissector table */
if (dissector_try_heuristic(heur_subdissector_list, next_tvb, pinfo, tree, NULL))
return;
}
call_dissector(data_handle,next_tvb, pinfo, tree);
}
static void
expert_set_info_vformat(packet_info *pinfo, proto_item *pi, int group, int severity, int hf_index, gboolean use_vaformat,
const char *format, va_list ap)
{
char formatted[ITEM_LABEL_LENGTH];
int tap;
expert_info_t *ei;
proto_tree *tree;
proto_item *ti;
if (pinfo == NULL && pi && pi->tree_data) {
pinfo = PTREE_DATA(pi)->pinfo;
}
/* if this packet isn't loaded because of a read filter, don't output anything */
if (pinfo == NULL || pinfo->num == 0) {
return;
}
if (severity > highest_severity) {
highest_severity = severity;
}
/* XXX: can we get rid of these checks and make them programming errors instead now? */
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
expert_set_item_flags(pi, group, severity);
}
if ((pi == NULL) || (PITEM_FINFO(pi) == NULL) ||
((guint)severity >= FI_GET_FLAG(PITEM_FINFO(pi), PI_SEVERITY_MASK))) {
col_add_str(pinfo->cinfo, COL_EXPERT, val_to_str(severity, expert_severity_vals, "Unknown (%u)"));
}
if (use_vaformat) {
g_vsnprintf(formatted, ITEM_LABEL_LENGTH, format, ap);
} else {
g_strlcpy(formatted, format, ITEM_LABEL_LENGTH);
}
tree = expert_create_tree(pi, group, severity, formatted);
if (hf_index == -1) {
/* If no filterable expert info, just add the message */
ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
PROTO_ITEM_SET_GENERATED(ti);
} else {
/* If filterable expert info, hide the "generic" form of the message,
and generate the formatted filterable expert info */
ti = proto_tree_add_none_format(tree, hf_index, NULL, 0, 0, "%s", formatted);
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
PROTO_ITEM_SET_HIDDEN(ti);
}
ti = proto_tree_add_uint_format_value(tree, hf_expert_severity, NULL, 0, 0, severity,
"%s", val_to_str_const(severity, expert_severity_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_uint_format_value(tree, hf_expert_group, NULL, 0, 0, group,
"%s", val_to_str_const(group, expert_group_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
tap = have_tap_listener(expert_tap);
if (!tap)
return;
ei = wmem_new(wmem_packet_scope(), expert_info_t);
ei->packet_num = pinfo->num;
ei->group = group;
ei->severity = severity;
ei->hf_index = hf_index;
ei->protocol = pinfo->current_proto;
ei->summary = wmem_strdup(wmem_packet_scope(), formatted);
/* if we have a proto_item (not a faked item), set expert attributes to it */
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
ei->pitem = pi;
}
/* XXX: remove this because we don't have an internal-only function now? */
else {
ei->pitem = NULL;
}
tap_queue_packet(expert_tap, pinfo, ei);
}
static void dissect_bat_batman_v5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
struct batman_packet_v5 *batman_packeth;
const guint8 *old_orig_addr, *orig_addr;
guint32 old_orig, orig;
gint i;
tvbuff_t *next_tvb;
guint length_remaining;
int offset = 0;
batman_packeth = ep_alloc(sizeof(struct batman_packet_v5));
batman_packeth->version = tvb_get_guint8(tvb, 0);
batman_packeth->flags = tvb_get_guint8(tvb, 1);
batman_packeth->ttl = tvb_get_guint8(tvb, 2);
batman_packeth->gwflags = tvb_get_guint8(tvb, 3);
batman_packeth->seqno = tvb_get_ntohs(tvb, 4);
batman_packeth->gwport = tvb_get_ntohs(tvb, 6);
orig_addr = tvb_get_ptr(tvb, 8, 4);
orig = tvb_get_ipv4(tvb, 8);
SET_ADDRESS(&batman_packeth->orig, AT_IPv4, 4, orig_addr);
old_orig_addr = tvb_get_ptr(tvb, 12, 4);
old_orig = tvb_get_ipv4(tvb, 12);
SET_ADDRESS(&batman_packeth->old_orig, AT_IPv4, 4, old_orig_addr);
batman_packeth->tq = tvb_get_guint8(tvb, 16);
batman_packeth->hna_len = tvb_get_guint8(tvb, 17);
/* Set info column */
if (check_col(pinfo->cinfo, COL_INFO))
col_add_fstr(pinfo->cinfo, COL_INFO, "Seq=%u", batman_packeth->seqno);
/* Set tree info */
if (tree) {
proto_item *ti = NULL, *tf, *tgw;
proto_tree *bat_batman_tree = NULL, *flag_tree = NULL;
if (PTREE_DATA(tree)->visible) {
ti = proto_tree_add_protocol_format(tree, proto_bat_plugin, tvb, 0, BATMAN_PACKET_V5_SIZE,
"B.A.T.M.A.N., Orig: %s (%s)",
get_hostname(orig), ip_to_str(batman_packeth->orig.data));
} else {
ti = proto_tree_add_item(tree, proto_bat_plugin, tvb, 0, BATMAN_PACKET_V5_SIZE, FALSE);
}
bat_batman_tree = proto_item_add_subtree(ti, ett_bat_batman);
/* items */
proto_tree_add_item(bat_batman_tree, hf_bat_batman_version, tvb, offset, 1, FALSE);
offset += 1;
tf = proto_tree_add_item(bat_batman_tree, hf_bat_batman_flags, tvb, offset, 1, FALSE);
/* <flags> */
flag_tree = proto_item_add_subtree(tf, ett_bat_batman_flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_unidirectional, tvb, offset, 1, batman_packeth->flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_directlink, tvb, offset, 1, batman_packeth->flags);
/* </flags> */
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_ttl, tvb, offset, 1, FALSE);
offset += 1;
tgw = proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwflags, tvb, offset, 1, FALSE);
dissect_bat_gwflags(tvb, batman_packeth->gwflags, offset, tgw);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_seqno, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwport, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_orig, tvb, offset, 4, orig);
offset += 4;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_old_orig, tvb, offset, 4, old_orig);
offset += 4;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_tq, tvb, offset, 1, FALSE);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_hna_len, tvb, offset, 1, FALSE);
offset += 1;
tap_queue_packet(bat_tap, pinfo, batman_packeth);
for (i = 0; i < batman_packeth->hna_len; i++) {
next_tvb = tvb_new_subset(tvb, offset, 5, 5);
if (have_tap_listener(bat_follow_tap)) {
tap_queue_packet(bat_follow_tap, pinfo, next_tvb);
}
dissect_bat_hna(next_tvb, pinfo, bat_batman_tree);
offset += 5;
}
}
length_remaining = tvb_reported_length_remaining(tvb, offset);
if (length_remaining != 0) {
next_tvb = tvb_new_subset_remaining(tvb, offset);
if (have_tap_listener(bat_follow_tap)) {
tap_queue_packet(bat_follow_tap, pinfo, next_tvb);
}
dissect_bat_batman(next_tvb, pinfo, tree);
}
}
static int dissect_bat_batman_v5(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree)
{
proto_item *tf, *tgw;
proto_tree *bat_batman_tree = NULL, *flag_tree;
struct batman_packet_v5 *batman_packeth;
const guint8 *old_orig_addr, *orig_addr;
guint32 old_orig, orig;
gint i;
tvbuff_t *next_tvb;
batman_packeth = wmem_new(wmem_packet_scope(), struct batman_packet_v5);
batman_packeth->version = tvb_get_guint8(tvb, offset+0);
batman_packeth->flags = tvb_get_guint8(tvb, offset+1);
batman_packeth->ttl = tvb_get_guint8(tvb, offset+2);
batman_packeth->gwflags = tvb_get_guint8(tvb, offset+3);
batman_packeth->seqno = tvb_get_ntohs(tvb, offset+4);
batman_packeth->gwport = tvb_get_ntohs(tvb, offset+6);
orig_addr = tvb_get_ptr(tvb, offset+8, 4);
orig = tvb_get_ipv4(tvb, offset+8);
SET_ADDRESS(&batman_packeth->orig, AT_IPv4, 4, orig_addr);
old_orig_addr = tvb_get_ptr(tvb, offset+12, 4);
old_orig = tvb_get_ipv4(tvb, offset+12);
SET_ADDRESS(&batman_packeth->old_orig, AT_IPv4, 4, old_orig_addr);
batman_packeth->tq = tvb_get_guint8(tvb, offset+16);
batman_packeth->hna_len = tvb_get_guint8(tvb, offset+17);
/* Set info column */
col_add_fstr(pinfo->cinfo, COL_INFO, "Seq=%u", batman_packeth->seqno);
/* Set tree info */
if (tree) {
proto_item *ti;
if (PTREE_DATA(tree)->visible) {
ti = proto_tree_add_protocol_format(tree, proto_bat_plugin, tvb, offset, BATMAN_PACKET_V5_SIZE,
"B.A.T.M.A.N., Orig: %s (%s)",
get_hostname(orig), ip_to_str((const guint8 *)batman_packeth->orig.data));
} else {
ti = proto_tree_add_item(tree, proto_bat_plugin, tvb, offset, BATMAN_PACKET_V5_SIZE, ENC_NA);
}
bat_batman_tree = proto_item_add_subtree(ti, ett_bat_batman);
}
/* items */
proto_tree_add_item(bat_batman_tree, hf_bat_batman_version, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
tf = proto_tree_add_item(bat_batman_tree, hf_bat_batman_flags, tvb, offset, 1, ENC_BIG_ENDIAN);
/* <flags> */
flag_tree = proto_item_add_subtree(tf, ett_bat_batman_flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_unidirectional, tvb, offset, 1, batman_packeth->flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_directlink, tvb, offset, 1, batman_packeth->flags);
/* </flags> */
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_ttl, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
tgw = proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwflags, tvb, offset, 1, ENC_BIG_ENDIAN);
dissect_bat_gwflags(tvb, batman_packeth->gwflags, offset, tgw);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_seqno, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_orig, tvb, offset, 4, orig);
offset += 4;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_old_orig, tvb, offset, 4, old_orig);
offset += 4;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_tq, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_hna_len, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
tap_queue_packet(bat_tap, pinfo, batman_packeth);
for (i = 0; i < batman_packeth->hna_len; i++) {
next_tvb = tvb_new_subset(tvb, offset, 5, 5);
if (have_tap_listener(bat_follow_tap)) {
tap_queue_packet(bat_follow_tap, pinfo, next_tvb);
}
dissect_bat_hna(next_tvb, pinfo, bat_batman_tree);
offset += 5;
}
return offset;
}
