static gint
dissect_bd_addr(gint hf_bd_addr, proto_tree *tree, tvbuff_t *tvb, gint offset)
{
guint8 bd_addr[6];
bd_addr[5] = tvb_get_guint8(tvb, offset);
bd_addr[4] = tvb_get_guint8(tvb, offset + 1);
bd_addr[3] = tvb_get_guint8(tvb, offset + 2);
bd_addr[2] = tvb_get_guint8(tvb, offset + 3);
bd_addr[1] = tvb_get_guint8(tvb, offset + 4);
bd_addr[0] = tvb_get_guint8(tvb, offset + 5);
proto_tree_add_ether(tree, hf_bd_addr, tvb, offset, 6, bd_addr);
offset += 6;
return offset;
}
static int dissect_pbb_addressblock(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint offset, guint maxoffset,
guint8 addressType, guint8 addressSize) {
guint8 addr[MAX_ADDR_SIZE];
guint8 numAddr;
guint8 address_flags;
guint8 head_length = 0, tail_length = 0;
guint block_length = 0, midSize = 0;
guint block_index = 0, head_index = 0, tail_index = 0, mid_index = 0, prefix_index = 0;
proto_tree *addr_tree = NULL;
proto_tree *addrFlags_tree = NULL;
proto_tree *addrValue_tree = NULL;
proto_item *addr_item = NULL;
proto_item *addrFlags_item = NULL;
proto_item *addrValue_item = NULL;
int i = 0;
if (maxoffset - offset < 2) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"Not enough octets for minimal addressblock header");
return tvb_reported_length(tvb);
}
DISSECTOR_ASSERT(addressSize <= MAX_ADDR_SIZE);
memset(addr, 0, addressSize);
block_length = 2;
block_index = offset;
midSize = addressSize;
numAddr = tvb_get_guint8(tvb, offset++);
address_flags = tvb_get_guint8(tvb, offset++);
if ((address_flags & ADDR_HASHEAD) != 0) {
head_index = offset;
if (maxoffset - offset <= 0) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"Not enough octets for addressblock head");
return tvb_reported_length(tvb);
}
head_length = tvb_get_guint8(tvb, offset++);
if (head_length > addressSize-1) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"address head length is too long");
return tvb_reported_length(tvb);
}
if (maxoffset - offset < head_length) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"Not enough octets for addressblock head");
return tvb_reported_length(tvb);
}
tvb_memcpy(tvb, addr, offset, head_length);
midSize -= head_length;
block_length += (head_length+1);
offset += head_length;
}
if ((address_flags & ADDR_HASZEROTAIL) != 0) {
tail_index = offset;
if (maxoffset - offset <= 0) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"Not enough octets for addressblock tail");
return tvb_reported_length(tvb);
}
tail_length = tvb_get_guint8(tvb, offset++);
if (tail_length > addressSize-1-head_length) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"address tail length is too long");
return tvb_reported_length(tvb);
}
midSize -= tail_length;
block_length++;
}
else if ((address_flags & ADDR_HASFULLTAIL) != 0) {
tail_index = offset;
if (maxoffset - offset <= 0) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"Not enough octets for addressblock tail");
return tvb_reported_length(tvb);
}
tail_length = tvb_get_guint8(tvb, offset++);
if (tail_length > addressSize-1-head_length) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"address tail length is too long");
return tvb_reported_length(tvb);
}
if (maxoffset - offset < tail_length) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"Not enough octets for addressblock tail");
return tvb_reported_length(tvb);
}
tvb_memcpy(tvb, &addr[addressSize - tail_length], offset, tail_length);
midSize -= tail_length;
block_length += (tail_length+1);
offset += tail_length;
}
mid_index = offset;
block_length += numAddr * midSize;
offset += numAddr * midSize;
if ((address_flags & ADDR_HASSINGLEPRELEN) != 0) {
prefix_index = offset;
block_length++;
}
else if ((address_flags & ADDR_HASMULTIPRELEN) != 0) {
prefix_index = offset;
block_length += numAddr;
}
if (maxoffset < block_index + block_length) {
proto_tree_add_expert_format(tree, pinfo, &ei_packetbb_error, tvb, offset, maxoffset - offset,
"Not enough octets for address block");
return maxoffset;
}
/* add address tree */
addr_item = proto_tree_add_item(tree, hf_packetbb_addr, tvb, block_index, block_length, ENC_NA);
addr_tree = proto_item_add_subtree(addr_item, ett_packetbb_addr);
proto_item_append_text(addr_item, " (%d addresses)", numAddr);
/* add num-addr */
proto_tree_add_item(addr_tree, hf_packetbb_addr_num, tvb, block_index, 1, ENC_BIG_ENDIAN);
/* add flags */
addrFlags_item = proto_tree_add_item(addr_tree, hf_packetbb_addr_flags, tvb, block_index+1, 1, ENC_BIG_ENDIAN);
addrFlags_tree = proto_item_add_subtree(addrFlags_item, ett_packetbb_addr_flags);
proto_tree_add_item(addrFlags_tree, hf_packetbb_addr_flags_hashead, tvb, block_index+1, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(addrFlags_tree, hf_packetbb_addr_flags_hasfulltail, tvb, block_index+1, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(addrFlags_tree, hf_packetbb_addr_flags_haszerotail, tvb, block_index+1, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(addrFlags_tree, hf_packetbb_addr_flags_hassingleprelen, tvb, block_index+1, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(addrFlags_tree, hf_packetbb_addr_flags_hasmultiprelen, tvb, block_index+1, 1, ENC_BIG_ENDIAN);
if ((address_flags & ADDR_HASHEAD) != 0) {
/* add head */
proto_tree_add_item(addr_tree, hf_packetbb_addr_head, tvb, head_index, head_length+1, ENC_NA);
}
if ((address_flags & ADDR_HASFULLTAIL) != 0) {
/* add full tail */
proto_tree_add_item(addr_tree, hf_packetbb_addr_tail, tvb, tail_index, tail_length+1, ENC_NA);
}
else if ((address_flags & ADDR_HASZEROTAIL) != 0) {
/* add zero tail */
proto_tree_add_item(addr_tree, hf_packetbb_addr_tail, tvb, tail_index, 1, ENC_NA);
}
for (i=0; i<numAddr; i++) {
guint32 ipv4 = 0;
guint8 prefix = addressSize * 8;
tvb_memcpy(tvb, &addr[head_length], mid_index + midSize*i, midSize);
ipv4 = (addr[3] << 24) + (addr[2] << 16) + (addr[1] << 8) + addr[0];
switch (addressType) {
case 0:
addrValue_item = proto_tree_add_ipv4(addr_tree, hf_packetbb_addr_value[addressType],
tvb, mid_index, block_index + block_length - mid_index, ipv4);
break;
case 1:
addrValue_item = proto_tree_add_ipv6(addr_tree, hf_packetbb_addr_value[addressType],
tvb, mid_index, block_index + block_length - mid_index, (struct e_in6_addr *)addr);
break;
case 2:
addrValue_item = proto_tree_add_ether(addr_tree, hf_packetbb_addr_value[addressType],
tvb, mid_index, block_index + block_length - mid_index, addr);
break;
case 3:
addrValue_item = proto_tree_add_bytes(addr_tree, hf_packetbb_addr_value[addressType],
tvb, mid_index, block_index + block_length - mid_index, addr);
break;
default:
break;
}
addrValue_tree = proto_item_add_subtree(addrValue_item, ett_packetbb_addr_value);
proto_tree_add_item(addrValue_tree, hf_packetbb_addr_value_mid, tvb,
mid_index + midSize*i, midSize, ENC_NA);
if ((address_flags & ADDR_HASSINGLEPRELEN) != 0) {
prefix = tvb_get_guint8(tvb, prefix_index);
proto_tree_add_item(addrValue_tree, hf_packetbb_addr_value_prefix, tvb, prefix_index, 1, ENC_BIG_ENDIAN);
}
else if ((address_flags & ADDR_HASMULTIPRELEN) != 0) {
prefix = tvb_get_guint8(tvb, prefix_index + i);
proto_tree_add_item(addrValue_tree, hf_packetbb_addr_value_prefix, tvb, prefix_index + i, 1, ENC_BIG_ENDIAN);
}
proto_item_append_text(addrValue_item, "/%d", prefix);
}
offset = dissect_pbb_tlvblock(tvb, pinfo, addr_tree, block_index + block_length, maxoffset, numAddr);
return offset;
}
/* Sub-vectors */
static int
sv_text(tvbuff_t *tvb, int svoff, proto_tree *tree)
{
int sv_length = tvb_get_guint8(tvb, svoff+0);
guint16 beacon_type, ring;
const char *beacon[] = {
"Recovery mode set", "Signal loss error",
"Streaming signal not Claim Token MAC frame",
"Streaming signal, Claim Token MAC frame"
};
proto_tree *sv_tree;
proto_item *ti, *hidden_item;
guchar errors[6]; /* isolating or non-isolating */
/* Check the SV length.
XXX - Should we do this in each case statement below, e.g. to force
an SV length of 6 for the NAUN address? */
if (sv_length < 1) {
proto_tree_add_protocol_format(tree, proto_malformed, tvb, svoff+0, 1,
"Invalid subvector length: %d bytes", sv_length);
return sv_length;
}
/* this just adds to the clutter on the screen...
proto_tree_add_text(tree, tvb, svoff, 1,
"Subvector Length: %d bytes", sv_length);*/
hidden_item = proto_tree_add_uint(tree, hf_trmac_sv, tvb, svoff+1, 1, tvb_get_guint8(tvb, svoff+1));
PROTO_ITEM_SET_HIDDEN(hidden_item);
switch(tvb_get_guint8(tvb, svoff+1)) {
case 0x01: /* Beacon Type */
beacon_type = tvb_get_ntohs(tvb, svoff+2);
if (beacon_type < array_length(beacon)) {
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Beacon Type: %s", beacon[beacon_type] );
} else {
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Beacon Type: Illegal value: %d", beacon_type );
}
break;
case 0x02: /* NAUN */
proto_tree_add_ether(tree, hf_trmac_naun, tvb, svoff+1, sv_length-1,
tvb_get_ptr(tvb, svoff+2, 6));
break;
case 0x03: /* Local Ring Number */
ring = tvb_get_ntohs(tvb, svoff+2);
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Local Ring Number: 0x%04X (%d)", ring, ring);
break;
case 0x04: /* Assign Physical Location */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Assign Physical Location: 0x%08X", tvb_get_ntohl(tvb, svoff+2) );
break;
case 0x05: /* Soft Error Report Value */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Soft Error Report Value: %d ms", 10 * tvb_get_ntohs(tvb, svoff+2) );
break;
case 0x06: /* Enabled Function Classes */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Enabled Function Classes: %04X", tvb_get_ntohs(tvb, svoff+2) );
break;
case 0x07: /* Allowed Access Priority */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Allowed Access Priority: %04X", tvb_get_ntohs(tvb, svoff+2) );
break;
case 0x09: /* Correlator */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Correlator: %04X", tvb_get_ntohs(tvb, svoff+2) );
break;
case 0x0A: /* Address of last neighbor notification */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Address of Last Neighbor Notification: %s",
ether_to_str(tvb_get_ptr(tvb, svoff+2, 6)));
break;
case 0x0B: /* Physical Location */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Physical Location: 0x%08X", tvb_get_ntohl(tvb, svoff+2) );
break;
case 0x20: /* Response Code */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Response Code: 0x%04X 0x%04X", tvb_get_ntohl(tvb, svoff+2),
tvb_get_ntohl(tvb, svoff+4) );
break;
case 0x21: /* Reserved */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Reserved: 0x%04X", tvb_get_ntohs(tvb, svoff+2) );
break;
case 0x22: /* Product Instance ID */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Product Instance ID: ...");
break;
case 0x23: /* Ring Station Microcode Level */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Ring Station Microcode Level: ...");
break;
case 0x26: /* Wrap data */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Wrap Data: ... (%d bytes)", sv_length - 2);
break;
case 0x27: /* Frame Forward */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Frame Forward: ... (%d bytes)", sv_length - 2);
break;
case 0x29: /* Ring Station Status Subvector */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Ring Station Status Subvector: ...");
break;
case 0x2A: /* Transmit Status Code */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Transmit Status Code: %04X", tvb_get_ntohs(tvb, svoff+2) );
break;
case 0x2B: /* Group Address */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Group Address: %08X", tvb_get_ntohl(tvb, svoff+2) );
break;
case 0x2C: /* Functional Address */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Functional Address: %08X", tvb_get_ntohl(tvb, svoff+2) );
break;
case 0x2D: /* Isolating Error Counts */
memcpy(errors, tvb_get_ptr(tvb, svoff+2, 6), 6);
ti = proto_tree_add_uint(tree, hf_trmac_errors_iso, tvb, svoff+1, sv_length-1,
errors[0] + errors[1] + errors[2] + errors[3] + errors[4]);
sv_tree = proto_item_add_subtree(ti, ett_tr_ierr_cnt);
proto_tree_add_uint(sv_tree, hf_trmac_errors_line, tvb, svoff+2, 1, errors[0]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_internal, tvb, svoff+3, 1, errors[1]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_burst, tvb, svoff+4, 1, errors[2]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_ac, tvb, svoff+5, 1, errors[3]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_abort, tvb, svoff+6, 1, errors[4]);
break;
case 0x2E: /* Non-Isolating Error Counts */
memcpy(errors, tvb_get_ptr(tvb, svoff+2, 6), 6);
ti = proto_tree_add_uint(tree, hf_trmac_errors_noniso, tvb, svoff+1, sv_length-1,
errors[0] + errors[1] + errors[2] + errors[3] + errors[4]);
sv_tree = proto_item_add_subtree(ti, ett_tr_nerr_cnt);
proto_tree_add_uint(sv_tree, hf_trmac_errors_lost, tvb, svoff+2, 1, errors[0]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_congestion, tvb, svoff+3, 1, errors[1]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_fc, tvb, svoff+4, 1, errors[2]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_freq, tvb, svoff+5, 1, errors[3]);
proto_tree_add_uint(sv_tree, hf_trmac_errors_token, tvb, svoff+6, 1, errors[4]);
break;
case 0x30: /* Error Code */
proto_tree_add_text(tree, tvb, svoff+1, sv_length-1,
"Error Code: %04X", tvb_get_ntohs(tvb, svoff+2) );
break;
default: /* Unknown */
proto_tree_add_text(tree, tvb, svoff+1, 1,
"Unknown Sub-Vector: 0x%02X", tvb_get_guint8(tvb, svoff+1));
}
return sv_length;
}
static void
dissect_dtp_tlv(tvbuff_t *tvb, int offset, int length,
proto_tree *tree, proto_item *ti, guint8 type)
{
switch (type) {
case TYPE_DOMAIN:
if (length > 0) {
proto_item_set_text(ti, "Domain: %s", tvb_format_text(tvb, offset, length - 1));
proto_tree_add_text(tree, tvb, offset, length, "Domain: %s", tvb_format_text(tvb, offset, length - 1));
} else {
proto_item_set_text(ti, "Domain: Bad length %u", length);
proto_tree_add_text(tree, tvb, offset, length, "Domain: Bad length %u", length);
}
break;
case TYPE_STATUS:
if (length > 0) {
proto_item_set_text(ti,
"Status: 0x%02x",
tvb_get_guint8(tvb, offset));
proto_tree_add_text(tree, tvb, offset, 1,
"Status: 0x%02x",
tvb_get_guint8(tvb, offset));
} else {
proto_item_set_text(ti,
"Status: Bad length %u",
length);
proto_tree_add_text(tree, tvb, offset, length,
"Status: Bad length %u",
length);
}
break;
case TYPE_DTPTYPE:
if (length > 0) {
proto_item_set_text(ti,
"Dtptype: 0x%02x",
tvb_get_guint8(tvb, offset));
proto_tree_add_text(tree, tvb, offset, 1,
"Dtptype: 0x%02x",
tvb_get_guint8(tvb, offset));
} else {
proto_item_set_text(ti,
"Dtptype: Bad length %u",
length);
proto_tree_add_text(tree, tvb, offset, length,
"Dtptype: Bad length %u",
length);
}
break;
case TYPE_NEIGHBOR:
if (length == 6) {
const guint8 *macptr=tvb_get_ptr(tvb,offset,length);
proto_item_set_text(ti, "Neighbor: %s",
ether_to_str(macptr)); /* XXX - resolve? */
proto_tree_add_ether(tree, hf_dtp_some_mac, tvb, offset,length,macptr);
} else {
proto_item_set_text(ti,
"Neighbor: Bad length %u",
length);
proto_tree_add_text(tree, tvb, offset, length,
"Neighbor: Bad length %u",
length);
}
break;
default:
proto_tree_add_text(tree, tvb, offset, length, "Data");
break;
}
}
static void
dissect_eth_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree,
int fcs_len)
{
proto_item *ti = NULL;
eth_hdr *ehdr;
gboolean is_802_2;
proto_tree *fh_tree = NULL;
const guint8 *src_addr, *dst_addr;
static eth_hdr ehdrs[4];
static int ehdr_num=0;
proto_tree *tree;
proto_item *addr_item;
proto_tree *addr_tree=NULL;
ehdr_num++;
if(ehdr_num>=4){
ehdr_num=0;
}
ehdr=&ehdrs[ehdr_num];
tree=parent_tree;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "Ethernet");
src_addr=tvb_get_ptr(tvb, 6, 6);
SET_ADDRESS(&pinfo->dl_src, AT_ETHER, 6, src_addr);
SET_ADDRESS(&pinfo->src, AT_ETHER, 6, src_addr);
SET_ADDRESS(&ehdr->src, AT_ETHER, 6, src_addr);
dst_addr=tvb_get_ptr(tvb, 0, 6);
SET_ADDRESS(&pinfo->dl_dst, AT_ETHER, 6, dst_addr);
SET_ADDRESS(&pinfo->dst, AT_ETHER, 6, dst_addr);
SET_ADDRESS(&ehdr->dst, AT_ETHER, 6, dst_addr);
ehdr->type = tvb_get_ntohs(tvb, 12);
tap_queue_packet(eth_tap, pinfo, ehdr);
/*
* In case the packet is a non-Ethernet packet inside
* Ethernet framing, allow heuristic dissectors to take
* a first look before we assume that it's actually an
* Ethernet packet.
*/
if (dissector_try_heuristic(heur_subdissector_list, tvb, pinfo, parent_tree, NULL))
return;
if (ehdr->type <= IEEE_802_3_MAX_LEN) {
/* Oh, yuck. Cisco ISL frames require special interpretation of the
destination address field; fortunately, they can be recognized by
checking the first 5 octets of the destination address, which are
01-00-0C-00-00 for ISL frames. */
if ((tvb_get_guint8(tvb, 0) == 0x01 ||
tvb_get_guint8(tvb, 0) == 0x0C) &&
tvb_get_guint8(tvb, 1) == 0x00 &&
tvb_get_guint8(tvb, 2) == 0x0C &&
tvb_get_guint8(tvb, 3) == 0x00 &&
tvb_get_guint8(tvb, 4) == 0x00) {
dissect_isl(tvb, pinfo, parent_tree, fcs_len);
return;
}
}
/*
* If the type/length field is <= the maximum 802.3 length,
* and is not zero, this is an 802.3 frame, and it's a length
* field; it might be an Novell "raw 802.3" frame, with no
* 802.2 LLC header, or it might be a frame with an 802.2 LLC
* header.
*
* If the type/length field is >= the minimum Ethernet II length,
* this is an Ethernet II frame, and it's a type field.
*
* If the type/length field is > maximum 802.3 length and < minimum
* Ethernet II length, then this is an invalid packet.
*
* If the type/length field is zero (ETHERTYPE_UNK), this is
* a frame used internally by the Cisco MDS switch to contain
* Fibre Channel ("Vegas"). We treat that as an Ethernet II
* frame; the dissector for those frames registers itself with
* an ethernet type of ETHERTYPE_UNK.
*/
if (ehdr->type > IEEE_802_3_MAX_LEN && ehdr->type < ETHERNET_II_MIN_LEN) {
tvbuff_t *next_tvb;
col_add_fstr(pinfo->cinfo, COL_INFO,
"Ethernet Unknown: Invalid length/type: 0x%04x (%d)",
ehdr->type, ehdr->type);
ti = proto_tree_add_protocol_format(tree, proto_eth, tvb, 0, ETH_HEADER_SIZE,
"Ethernet Unknown, Src: %s (%s), Dst: %s (%s)",
get_ether_name(src_addr), ether_to_str(src_addr),
get_ether_name(dst_addr), ether_to_str(dst_addr));
fh_tree = proto_item_add_subtree(ti, ett_ether);
addr_item = proto_tree_add_ether(fh_tree, hf_eth_dst, tvb, 0, 6, dst_addr);
if (addr_item)
addr_tree = proto_item_add_subtree(addr_item, ett_addr);
proto_tree_add_ether(addr_tree, hf_eth_addr, tvb, 0, 6, dst_addr);
proto_tree_add_item(addr_tree, hf_eth_lg, tvb, 0, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_eth_ig, tvb, 0, 3, ENC_BIG_ENDIAN);
addr_item = proto_tree_add_ether(fh_tree, hf_eth_src, tvb, 6, 6, src_addr);
if (addr_item)
addr_tree = proto_item_add_subtree(addr_item, ett_addr);
proto_tree_add_ether(addr_tree, hf_eth_addr, tvb, 6, 6, src_addr);
proto_tree_add_item(addr_tree, hf_eth_lg, tvb, 6, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_eth_ig, tvb, 6, 3, ENC_BIG_ENDIAN);
ti = proto_tree_add_item(fh_tree, hf_eth_invalid_lentype, tvb, 12, 2, ENC_BIG_ENDIAN);
expert_add_info_format(pinfo, ti, PI_PROTOCOL, PI_WARN,
"Invalid length/type: 0x%04x (%d)", ehdr->type, ehdr->type);
next_tvb = tvb_new_subset_remaining(tvb, 14);
call_dissector(data_handle, next_tvb, pinfo, parent_tree);
return;
}
if (ehdr->type <= IEEE_802_3_MAX_LEN && ehdr->type != ETHERTYPE_UNK) {
is_802_2 = check_is_802_2(tvb, fcs_len);
col_add_fstr(pinfo->cinfo, COL_INFO, "IEEE 802.3 Ethernet %s",
(is_802_2 ? "" : "Raw "));
if (tree) {
ti = proto_tree_add_protocol_format(tree, proto_eth, tvb, 0, ETH_HEADER_SIZE,
"IEEE 802.3 Ethernet %s", (is_802_2 ? "" : "Raw "));
fh_tree = proto_item_add_subtree(ti, ett_ieee8023);
}
/* if IP is not referenced from any filters we dont need to worry about
generating any tree items. We must do this after we created the actual
protocol above so that proto hier stat still works though.
*/
if(!proto_field_is_referenced(parent_tree, proto_eth)){
tree=NULL;
fh_tree=NULL;
}
addr_item=proto_tree_add_ether(fh_tree, hf_eth_dst, tvb, 0, 6, dst_addr);
if(addr_item){
addr_tree = proto_item_add_subtree(addr_item, ett_addr);
}
proto_tree_add_ether(addr_tree, hf_eth_addr, tvb, 0, 6, dst_addr);
proto_tree_add_item(addr_tree, hf_eth_lg, tvb, 0, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_eth_ig, tvb, 0, 3, ENC_BIG_ENDIAN);
addr_item=proto_tree_add_ether(fh_tree, hf_eth_src, tvb, 6, 6, src_addr);
if(addr_item){
addr_tree = proto_item_add_subtree(addr_item, ett_addr);
}
proto_tree_add_ether(addr_tree, hf_eth_addr, tvb, 6, 6, src_addr);
proto_tree_add_item(addr_tree, hf_eth_lg, tvb, 6, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_eth_ig, tvb, 6, 3, ENC_BIG_ENDIAN);
dissect_802_3(ehdr->type, is_802_2, tvb, ETH_HEADER_SIZE, pinfo,
parent_tree, fh_tree, hf_eth_len, hf_eth_trailer, fcs_len);
} else {
if (eth_interpret_as_fw1_monitor) {
if ((dst_addr[0] == 'i') || (dst_addr[0] == 'I') ||
(dst_addr[0] == 'o') || (dst_addr[0] == 'O')) {
call_dissector(fw1_handle, tvb, pinfo, parent_tree);
return;
}
}
col_set_str(pinfo->cinfo, COL_INFO, "Ethernet II");
if (parent_tree) {
if (PTREE_DATA(parent_tree)->visible) {
ti = proto_tree_add_protocol_format(parent_tree, proto_eth, tvb, 0, ETH_HEADER_SIZE,
"Ethernet II, Src: %s (%s), Dst: %s (%s)",
get_ether_name(src_addr), ether_to_str(src_addr),
get_ether_name(dst_addr), ether_to_str(dst_addr));
}
else {
ti = proto_tree_add_item(parent_tree, proto_eth, tvb, 0, ETH_HEADER_SIZE, ENC_NA);
}
fh_tree = proto_item_add_subtree(ti, ett_ether2);
}
addr_item=proto_tree_add_ether(fh_tree, hf_eth_dst, tvb, 0, 6, dst_addr);
if(addr_item){
addr_tree = proto_item_add_subtree(addr_item, ett_addr);
}
proto_tree_add_ether(addr_tree, hf_eth_addr, tvb, 0, 6, dst_addr);
proto_tree_add_item(addr_tree, hf_eth_lg, tvb, 0, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_eth_ig, tvb, 0, 3, ENC_BIG_ENDIAN);
addr_item=proto_tree_add_ether(fh_tree, hf_eth_src, tvb, 6, 6, src_addr);
if(addr_item){
addr_tree = proto_item_add_subtree(addr_item, ett_addr);
if (tvb_get_guint8(tvb, 6) & 0x01) {
expert_add_info_format(pinfo, addr_item, PI_PROTOCOL, PI_WARN,
"Source MAC must not be a group address: IEEE 802.3-2002, Section 3.2.3(b)");
}
}
proto_tree_add_ether(addr_tree, hf_eth_addr, tvb, 6, 6, src_addr);
proto_tree_add_item(addr_tree, hf_eth_lg, tvb, 6, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_eth_ig, tvb, 6, 3, ENC_BIG_ENDIAN);
ethertype(ehdr->type, tvb, ETH_HEADER_SIZE, pinfo, parent_tree, fh_tree, hf_eth_type,
hf_eth_trailer, fcs_len);
}
}
/* Code to actually dissect the packets */
static int
dissect_wol(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guint len;
gint offset;
guint8 sync[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
guint8 *mac;
const guint8 *passwd;
/* Set up structures needed to add the protocol subtree and manage it */
proto_item *ti;
proto_item *mti;
proto_tree *wol_tree;
proto_tree *mac_tree;
/* First, if at all possible, do some heuristics to check if the packet cannot
* possibly belong to your protocol. This is especially important for
* protocols directly on top of TCP or UDP where port collisions are
* common place (e.g., even though your protocol uses a well known port,
* someone else may set up, for example, a web server on that port which,
* if someone analyzed that web server's traffic in Wireshark, would result
* in Wireshark handing an HTTP packet to your dissector). For example:
*/
/* Check that there's enough data */
len = tvb_length(tvb);
if ( len < 102 ) /* wol's smallest packet size is 102 */
return (0);
/* Get some values from the packet header, probably using tvb_get_*() */
/* Regardless of what the AMD white paper states, don't search the entire
* tvb for the synchronization stream. My feeling is that this could be
* quite expensive and seriously hinder Wireshark performance. For now,
* unless we need to change it later, just compare the 1st 6 bytes. */
if ( tvb_memeql(tvb, 0, sync, 6) != 0 )
return (0);
/* So far so good. Now get the next 6 bytes, which we'll assume is the
* target's MAC address, and do 15 memory chunk comparisons, since if this
* is a real MagicPacket, the target's MAC will be duplicated 16 times. */
mac = ep_tvb_memdup(tvb, 6, 6);
for ( offset = 12; offset < 102; offset += 6 )
if ( tvb_memeql(tvb, offset, mac, 6) != 0 )
return (0);
/* OK, we're going to assume it's a MagicPacket. If there's a password,
* grab it now, and in case there's any extra bytes after the only 3 valid
* and expected lengths, truncate the length so the extra byte(s) aren't
* included as being part of the WOL payload. */
if ( len >= 106 && len < 108 )
{
len = 106;
passwd = tvb_ip_to_str(tvb, 102);
}
else if ( len >= 108 )
{
len = 108;
passwd = ether_to_str(ep_tvb_memdup(tvb, 102, 6));
}
else
{
len = 102;
passwd = NULL;
}
/* Make entries in Protocol column and Info column on summary display */
col_set_str(pinfo->cinfo, COL_PROTOCOL, "WOL");
/* This field shows up as the "Info" column in the display; you should use
it, if possible, to summarize what's in the packet, so that a user looking
at the list of packets can tell what type of packet it is. See section 1.5
for more information.
Before changing the contents of a column you should make sure the column is
active by calling "check_col(pinfo->cinfo, COL_*)". If it is not active
don't bother setting it.
If you are setting the column to a constant string, use "col_set_str()",
as it's more efficient than the other "col_set_XXX()" calls.
If you're setting it to a string you've constructed, or will be
appending to the column later, use "col_add_str()".
"col_add_fstr()" can be used instead of "col_add_str()"; it takes
"printf()"-like arguments. Don't use "col_add_fstr()" with a format
string of "%s" - just use "col_add_str()" or "col_set_str()", as it's
more efficient than "col_add_fstr()".
If you will be fetching any data from the packet before filling in
the Info column, clear that column first, in case the calls to fetch
data from the packet throw an exception because they're fetching data
past the end of the packet, so that the Info column doesn't have data
left over from the previous dissector; do
col_clear(pinfo->cinfo, COL_INFO);
*/
if ( check_col(pinfo->cinfo, COL_INFO) )
{
col_add_fstr(pinfo->cinfo, COL_INFO, "MagicPacket for %s (%s)",
get_ether_name(mac), ether_to_str(mac));
/* NOTE: ether-wake uses a dotted-decimal format for specifying a
* 4-byte password or an Ethernet mac address format for specifying
* a 6-byte password, so display them in that format, even if the
* password isn't really an IP or MAC address. */
if ( passwd )
col_append_fstr(pinfo->cinfo, COL_INFO, ", password %s", passwd);
}
/* A protocol dissector can be called in 2 different ways:
(a) Operational dissection
In this mode, Wireshark is only interested in the way protocols
interact, protocol conversations are created, packets are
reassembled and handed over to higher-level protocol dissectors.
In this mode Wireshark does not build a so-called "protocol
tree".
(b) Detailed dissection
In this mode, Wireshark is also interested in all details of
a given protocol, so a "protocol tree" is created.
Wireshark distinguishes between the 2 modes with the proto_tree pointer:
(a) <=> tree == NULL
(b) <=> tree != NULL
In the interest of speed, if "tree" is NULL, avoid building a
protocol tree and adding stuff to it, or even looking at any packet
data needed only if you're building the protocol tree, if possible.
Note, however, that you must fill in column information, create
conversations, reassemble packets, build any other persistent state
needed for dissection, and call subdissectors regardless of whether
"tree" is NULL or not. This might be inconvenient to do without
doing most of the dissection work; the routines for adding items to
the protocol tree can be passed a null protocol tree pointer, in
which case they'll return a null item pointer, and
"proto_item_add_subtree()" returns a null tree pointer if passed a
null item pointer, so, if you're careful not to dereference any null
tree or item pointers, you can accomplish this by doing all the
dissection work. This might not be as efficient as skipping that
work if you're not building a protocol tree, but if the code would
have a lot of tests whether "tree" is null if you skipped that work,
you might still be better off just doing all that work regardless of
whether "tree" is null or not. */
if (tree) {
/* NOTE: The offset and length values in the call to
"proto_tree_add_item()" define what data bytes to highlight in the hex
display window when the line in the protocol tree display
corresponding to that item is selected.
Supplying a length of -1 is the way to highlight all data from the
offset to the end of the packet. */
/* create display subtree for the protocol */
ti = proto_tree_add_item(tree, proto_wol, tvb, 0, len, FALSE);
proto_item_append_text(ti, ", MAC: %s (%s)", get_ether_name(mac),
ether_to_str(mac));
if ( passwd )
proto_item_append_text(ti, ", password: %s", passwd);
wol_tree = proto_item_add_subtree(ti, ett_wol);
/* add an item to the subtree, see section 1.6 for more information */
proto_tree_add_item(wol_tree, hf_wol_sync, tvb, 0, 6, FALSE);
/* Continue adding tree items to process the packet here */
mti = proto_tree_add_text(wol_tree, tvb, 6, 96, "MAC: %s (%s)",
get_ether_name(mac), ether_to_str(mac));
mac_tree = proto_item_add_subtree(mti, ett_wol_macblock);
for ( offset = 6; offset < 102; offset += 6 )
proto_tree_add_ether(mac_tree, hf_wol_mac, tvb, offset, 6, mac);
if ( len == 106 )
proto_tree_add_bytes_format(wol_tree, hf_wol_passwd, tvb, offset,
4, passwd, "Password: %s", passwd);
else if ( len == 108 )
proto_tree_add_bytes_format(wol_tree, hf_wol_passwd, tvb, offset,
6, passwd, "Password: %s", passwd);
}
/* If this protocol has a sub-dissector call it here, see section 1.8 */
/* Return the amount of data this dissector was able to dissect */
if ( pinfo->ethertype == ETHERTYPE_WOL )
return (len);
/* Heuristic dissectors return TRUE/FALSE. */
return (TRUE);
}
static void
dissect_vmlab(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree* volatile vmlab_tree;
proto_item* ti;
guint32 offset=0;
const guint8* src_addr;
const guint8* dst_addr;
const guint8* eth_addr;
guint8 attributes;
guint8 portgroup;
volatile guint16 encap_proto;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "VMLAB");
col_clear(pinfo->cinfo, COL_INFO);
ti = proto_tree_add_item(tree, proto_vmlab, tvb, 0, 24, FALSE);
vmlab_tree = proto_item_add_subtree(ti, ett_vmlab);
/* Flags*/
attributes = tvb_get_guint8(tvb, offset);
proto_tree_add_item(vmlab_tree, hf_vmlab_flags_part1, tvb, offset, 1, FALSE);
proto_tree_add_item(vmlab_tree, hf_vmlab_flags_fragment, tvb, offset, 1, FALSE);
proto_tree_add_item(vmlab_tree, hf_vmlab_flags_part2, tvb, offset, 1, FALSE);
if (attributes & 0x04) {
proto_item_append_text(ti, ", Fragment");
}
offset += 1;
/* Portgroup*/
portgroup = tvb_get_guint8(tvb, offset);
proto_tree_add_uint(vmlab_tree, hf_vmlab_portgroup, tvb, offset, 1, portgroup);
proto_item_append_text(ti, ", Portgroup: %d", portgroup);
offset += 1;
/* The next two bytes were always 0x0000 as far as I could tell*/
offset += 2;
/* Not really clear, what the difference between this and the next MAC address is
Both are usually equal*/
eth_addr=tvb_get_ptr(tvb, offset, 6);
proto_tree_add_ether(vmlab_tree, hf_vmlab_eth_addr, tvb, offset, 6, eth_addr);
offset += 6;
dst_addr=tvb_get_ptr(tvb, offset, 6);
proto_tree_add_ether(vmlab_tree, hf_vmlab_eth_dst, tvb, offset, 6, dst_addr);
offset += 6;
/* Source MAC*/
src_addr=tvb_get_ptr(tvb, offset, 6);
proto_tree_add_ether(vmlab_tree, hf_vmlab_eth_src, tvb, offset, 6, src_addr);
offset += 6;
proto_item_append_text(ti, ", Src: %s (%s), Dst: %s (%s)",
get_ether_name(src_addr), ether_to_str(src_addr), get_ether_name(dst_addr), ether_to_str(dst_addr));
/* Encapsulated Ethertype is also part of the block*/
encap_proto = tvb_get_ntohs(tvb, offset);
offset += 2;
/* Now call whatever was encapsulated*/
ethertype(encap_proto, tvb, offset, pinfo, tree, vmlab_tree, hf_vmlab_etype, hf_vmlab_trailer, 0);
}
static void
dissect_fddi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
gboolean bitswapped)
{
proto_tree *fh_tree = NULL;
proto_item *ti, *hidden_item;
const gchar *fc_str;
proto_tree *fc_tree;
static guchar src[6], dst[6];
guchar src_swapped[6], dst_swapped[6];
tvbuff_t *next_tvb;
static fddi_hdr fddihdrs[4];
static int fddihdr_num = 0;
fddi_hdr *fddihdr;
fddihdr_num++;
if (fddihdr_num >= 4) {
fddihdr_num = 0;
}
fddihdr = &fddihdrs[fddihdr_num];
col_set_str(pinfo->cinfo, COL_PROTOCOL, "FDDI");
fddihdr->fc = tvb_get_guint8(tvb, FDDI_P_FC + FDDI_PADDING);
fc_str = fddifc_to_str(fddihdr->fc);
col_add_str(pinfo->cinfo, COL_INFO, fc_str);
if (tree) {
ti = proto_tree_add_protocol_format(tree, proto_fddi, tvb, 0, FDDI_HEADER_SIZE+FDDI_PADDING,
"Fiber Distributed Data Interface, %s", fc_str);
fh_tree = proto_item_add_subtree(ti, ett_fddi);
ti = proto_tree_add_uint_format(fh_tree, hf_fddi_fc, tvb, FDDI_P_FC + FDDI_PADDING, 1, fddihdr->fc,
"Frame Control: 0x%02x (%s)", fddihdr->fc, fc_str);
fc_tree = proto_item_add_subtree(ti, ett_fddi_fc);
proto_tree_add_uint(fc_tree, hf_fddi_fc_clf, tvb, FDDI_P_FC + FDDI_PADDING, 1, fddihdr->fc);
switch ((fddihdr->fc) & FDDI_FC_CLFF) {
case FDDI_FC_SMT:
proto_tree_add_uint(fc_tree, hf_fddi_fc_smt_subtype, tvb, FDDI_P_FC + FDDI_PADDING, 1, fddihdr->fc);
break;
case FDDI_FC_MAC:
if (fddihdr->fc != FDDI_FC_RT)
proto_tree_add_uint(fc_tree, hf_fddi_fc_mac_subtype, tvb, FDDI_P_FC + FDDI_PADDING, 1, fddihdr->fc);
break;
case FDDI_FC_LLC_ASYNC:
if (!((fddihdr->fc) & FDDI_FC_ASYNC_R))
proto_tree_add_uint(fc_tree, hf_fddi_fc_prio, tvb, FDDI_P_FC + FDDI_PADDING, 1, fddihdr->fc);
break;
}
}
/* Extract the destination address, possibly bit-swapping it. */
if (bitswapped)
swap_mac_addr(dst, tvb, FDDI_P_DHOST + FDDI_PADDING);
else
tvb_memcpy(tvb, dst, FDDI_P_DHOST + FDDI_PADDING, sizeof(dst));
swap_mac_addr(dst_swapped, tvb, FDDI_P_DHOST + FDDI_PADDING);
/* XXX - copy them to some buffer associated with "pi", rather than
just making "dst" static? */
SET_ADDRESS(&pinfo->dl_dst, AT_ETHER, 6, &dst[0]);
SET_ADDRESS(&pinfo->dst, AT_ETHER, 6, &dst[0]);
SET_ADDRESS(&fddihdr->dst, AT_ETHER, 6, &dst[0]);
if (fh_tree) {
proto_tree_add_ether(fh_tree, hf_fddi_dst, tvb, FDDI_P_DHOST + FDDI_PADDING, 6, dst);
hidden_item = proto_tree_add_ether(fh_tree, hf_fddi_addr, tvb, FDDI_P_DHOST + FDDI_PADDING, 6, dst);
PROTO_ITEM_SET_HIDDEN(hidden_item);
/* hide some bit-swapped mac address fields in the proto_tree, just in case */
hidden_item = proto_tree_add_ether(fh_tree, hf_fddi_dst, tvb, FDDI_P_DHOST + FDDI_PADDING, 6, dst_swapped);
PROTO_ITEM_SET_HIDDEN(hidden_item);
hidden_item = proto_tree_add_ether(fh_tree, hf_fddi_addr, tvb, FDDI_P_DHOST + FDDI_PADDING, 6, dst_swapped);
PROTO_ITEM_SET_HIDDEN(hidden_item);
}
/* Extract the source address, possibly bit-swapping it. */
if (bitswapped)
swap_mac_addr(src, tvb, FDDI_P_SHOST + FDDI_PADDING);
else
tvb_memcpy(tvb, src, FDDI_P_SHOST + FDDI_PADDING, sizeof(src));
swap_mac_addr(src_swapped, tvb, FDDI_P_SHOST + FDDI_PADDING);
/* XXX - copy them to some buffer associated with "pi", rather than
just making "src" static? */
SET_ADDRESS(&pinfo->dl_src, AT_ETHER, 6, &src[0]);
SET_ADDRESS(&pinfo->src, AT_ETHER, 6, &src[0]);
SET_ADDRESS(&fddihdr->src, AT_ETHER, 6, &src[0]);
if (fh_tree) {
proto_tree_add_ether(fh_tree, hf_fddi_src, tvb, FDDI_P_SHOST + FDDI_PADDING, 6, src);
hidden_item = proto_tree_add_ether(fh_tree, hf_fddi_addr, tvb, FDDI_P_SHOST + FDDI_PADDING, 6, src);
PROTO_ITEM_SET_HIDDEN(hidden_item);
/* hide some bit-swapped mac address fields in the proto_tree, just in case */
hidden_item = proto_tree_add_ether(fh_tree, hf_fddi_src, tvb, FDDI_P_SHOST + FDDI_PADDING, 6, src_swapped);
PROTO_ITEM_SET_HIDDEN(hidden_item);
hidden_item = proto_tree_add_ether(fh_tree, hf_fddi_addr, tvb, FDDI_P_SHOST + FDDI_PADDING, 6, src_swapped);
PROTO_ITEM_SET_HIDDEN(hidden_item);
}
next_tvb = tvb_new_subset_remaining(tvb, FDDI_HEADER_SIZE + FDDI_PADDING);
tap_queue_packet(fddi_tap, pinfo, fddihdr);
switch (fddihdr->fc) {
/* From now, only 802.2 SNAP (Async. LCC frame) is supported */
case FDDI_FC_LLC_ASYNC + 0 :
case FDDI_FC_LLC_ASYNC + 1 :
case FDDI_FC_LLC_ASYNC + 2 :
case FDDI_FC_LLC_ASYNC + 3 :
case FDDI_FC_LLC_ASYNC + 4 :
case FDDI_FC_LLC_ASYNC + 5 :
case FDDI_FC_LLC_ASYNC + 6 :
case FDDI_FC_LLC_ASYNC + 7 :
case FDDI_FC_LLC_ASYNC + 8 :
case FDDI_FC_LLC_ASYNC + 9 :
case FDDI_FC_LLC_ASYNC + 10 :
case FDDI_FC_LLC_ASYNC + 11 :
case FDDI_FC_LLC_ASYNC + 12 :
case FDDI_FC_LLC_ASYNC + 13 :
case FDDI_FC_LLC_ASYNC + 14 :
case FDDI_FC_LLC_ASYNC + 15 :
call_dissector(llc_handle, next_tvb, pinfo, tree);
return;
default :
call_dissector(data_handle,next_tvb, pinfo, tree);
return;
} /* fc */
} /* dissect_fddi */
static void
dissect_sll(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guint16 pkttype;
guint16 protocol;
guint16 hatype, halen;
const guint8 *src;
proto_item *ti;
tvbuff_t *next_tvb;
proto_tree *fh_tree = NULL;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "SLL");
col_clear(pinfo->cinfo, COL_INFO);
pkttype = tvb_get_ntohs(tvb, 0);
/*
* Set "pinfo->p2p_dir" if the packet wasn't received
* promiscuously.
*/
switch (pkttype) {
case LINUX_SLL_HOST:
case LINUX_SLL_BROADCAST:
case LINUX_SLL_MULTICAST:
pinfo->p2p_dir = P2P_DIR_RECV;
break;
case LINUX_SLL_OUTGOING:
pinfo->p2p_dir = P2P_DIR_SENT;
break;
}
col_add_str(pinfo->cinfo, COL_INFO,
val_to_str(pkttype, packet_type_vals, "Unknown (%u)"));
if (tree) {
ti = proto_tree_add_protocol_format(tree, proto_sll, tvb, 0,
SLL_HEADER_SIZE, "Linux cooked capture");
fh_tree = proto_item_add_subtree(ti, ett_sll);
proto_tree_add_item(fh_tree, hf_sll_pkttype, tvb, 0, 2, ENC_BIG_ENDIAN);
}
/*
* XXX - check the link-layer address type value?
* For now, we just assume 6 means Ethernet.
*/
hatype = tvb_get_ntohs(tvb, 2);
halen = tvb_get_ntohs(tvb, 4);
if (tree) {
proto_tree_add_uint(fh_tree, hf_sll_hatype, tvb, 2, 2, hatype);
proto_tree_add_uint(fh_tree, hf_sll_halen, tvb, 4, 2, halen);
}
switch (halen) {
case 4:
src = tvb_get_ptr(tvb, 6, 4);
SET_ADDRESS(&pinfo->dl_src, AT_IPv4, 4, src);
SET_ADDRESS(&pinfo->src, AT_IPv4, 4, src);
if (tree) {
proto_tree_add_item(fh_tree, hf_sll_src_ipv4, tvb,
6, 4, ENC_BIG_ENDIAN);
}
break;
case 6:
src = tvb_get_ptr(tvb, 6, 6);
SET_ADDRESS(&pinfo->dl_src, AT_ETHER, 6, src);
SET_ADDRESS(&pinfo->src, AT_ETHER, 6, src);
if (tree) {
proto_tree_add_ether(fh_tree, hf_sll_src_eth, tvb,
6, 6, src);
}
break;
case 0:
break;
default:
if (tree) {
proto_tree_add_item(fh_tree, hf_sll_src_other, tvb,
6, halen > 8 ? 8 : halen, ENC_NA);
}
break;
}
protocol = tvb_get_ntohs(tvb, 14);
next_tvb = tvb_new_subset_remaining(tvb, SLL_HEADER_SIZE);
if (protocol <= 1536) { /* yes, 1536 - that's how Linux does it */
/*
* "proto" is *not* a length field, it's a Linux internal
* protocol type.
* We therefore cannot say how much of the packet will
* be trailer data.
* XXX - do the same thing we do for packets with Ethertypes?
*/
proto_tree_add_uint(fh_tree, hf_sll_ltype, tvb, 14, 2,
protocol);
if(!dissector_try_uint(sll_linux_dissector_table, protocol,
next_tvb, pinfo, tree)) {
call_dissector(data_handle, next_tvb, pinfo, tree);
}
} else {
switch (hatype) {
case ARPHRD_IPGRE:
proto_tree_add_uint(fh_tree, hf_sll_gretype, tvb, 14, 2,
protocol);
dissector_try_uint(gre_dissector_table,
protocol, next_tvb, pinfo, tree);
break;
default:
ethertype(protocol, tvb, SLL_HEADER_SIZE, pinfo, tree,
fh_tree, hf_sll_etype, hf_sll_trailer, 0);
break;
}
}
}
/*
* This dissector dissects the lwapp protocol itself. It assumes an
* lwapp payload in the data, and doesn't care whether the data was
* from a UDP packet, or a Layer 2 one.
*/
static void dissect_lwapp(tvbuff_t *tvb, packet_info *pinfo,
proto_tree *tree)
{
LWAPP_Header header;
guint8 slotId;
guint8 version;
proto_tree *lwapp_tree;
proto_tree *flags_tree;
tvbuff_t *next_client;
guint8 dest_mac[6];
guint8 have_destmac=0;
/* Set up structures needed to add the protocol subtree and manage it */
proto_item *ti;
gint offset=0;
/* Make entries in Protocol column and Info column on summary display */
col_set_str(pinfo->cinfo, COL_PROTOCOL, "LWAPP");
col_set_str(pinfo->cinfo, COL_INFO,
"LWAPP IP or Layer 2");
/* First, set up our dest mac, if we're a control packet with a
* dest of port 12223 */
if (pinfo->destport == 12223 ) {
tvb_memcpy(tvb, dest_mac, offset, 6);
have_destmac = 1;
/* Copy our header */
tvb_memcpy(tvb, (guint8*) &header, offset + 6, sizeof(header));
} else {
/* Copy our header */
tvb_memcpy(tvb, (guint8*) &header, offset, sizeof(header));
}
/*
* Fix the length (network byte ordering), and set our version &
* slot id
*/
header.length = g_ntohs(header.length);
version = (header.flags & 0xc0) >> 6;
slotId = (header.flags & 0x38) >> 3;
if (check_col(pinfo->cinfo, COL_INFO)) {
if ((header.flags & LWAPP_FLAGS_T) != 0)
col_append_str(pinfo->cinfo, COL_INFO,
" Control Packet");
else
col_append_str(pinfo->cinfo, COL_INFO,
" 802.11 Packet");
}
/* In the interest of speed, if "tree" is NULL, don't do any work not
necessary to generate protocol tree items. */
if (tree) {
/* create display subtree for the protocol */
ti = proto_tree_add_item(tree, proto_lwapp, tvb, offset, -1, FALSE);
lwapp_tree = proto_item_add_subtree(ti, ett_lwapp);
if (have_destmac) {
proto_tree_add_ether(lwapp_tree, hf_lwapp_control_mac, tvb, offset,
6, dest_mac);
offset += 6;
}
proto_tree_add_uint(lwapp_tree, hf_lwapp_version,
tvb, offset, 1, version);
proto_tree_add_uint(lwapp_tree, hf_lwapp_slotid,
tvb, offset, 1, slotId);
flags_tree = proto_item_add_subtree(lwapp_tree, ett_lwapp_flags);
proto_tree_add_boolean(flags_tree, hf_lwapp_flags_type,
tvb, offset, 1, header.flags);
proto_tree_add_boolean(flags_tree, hf_lwapp_flags_fragment,
tvb, offset, 1, header.flags);
proto_tree_add_boolean(flags_tree, hf_lwapp_flags_fragment_type,
tvb, offset, 1, header.flags);
offset++;
proto_tree_add_uint(lwapp_tree, hf_lwapp_fragment_id,
tvb, offset, 1, header.fragmentId);
offset++;
proto_tree_add_uint(lwapp_tree, hf_lwapp_length,
tvb, offset, 2, header.length);
offset += 2;
proto_tree_add_uint(lwapp_tree, hf_lwapp_rssi,
tvb, offset, 1, header.rssi);
offset++;
proto_tree_add_uint(lwapp_tree, hf_lwapp_snr,
tvb, offset, 1, header.snr);
offset++;
} /* tree */
next_client = tvb_new_subset(tvb, (have_destmac?6:0) + sizeof(LWAPP_Header), -1, -1);
if ((header.flags & LWAPP_FLAGS_T) == 0) {
call_dissector(swap_frame_control ? wlan_bsfc_handle : wlan_handle,
next_client, pinfo, tree);
} else {
dissect_control(next_client, pinfo, tree);
}
return;
} /* dissect_lwapp*/
static int
add_option_info(tvbuff_t *tvb, int pos, proto_tree *tree, proto_item *ti)
{
guint8 tag, length, fcs_err = 0, encr = 0, seen_fcs_err = 0;
/*
* Read all option tags in an endless loop. If the packet is malformed this
* loop might be a problem.
*/
while (TRUE) {
tag = tvb_get_guint8(tvb, pos++);
switch (tag) {
case TZSP_HDR_PAD:
length = 0;
break;
case TZSP_HDR_END:
/* Fill in header with information from other tags. */
if (seen_fcs_err) {
if (tree)
proto_item_append_text(ti,"%s", fcs_err?"FCS Error":(encr?"Encrypted":"Good"));
}
return pos;
case TZSP_HDR_ORIGINAL_LENGTH:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_int (tree, hf_original_length, tvb, pos-2, 4,
tvb_get_ntohs(tvb, pos));
pos += length;
break;
case WLAN_RADIO_HDR_SIGNAL:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_int (tree, hf_signal, tvb, pos-2, 3,
(char)tvb_get_guint8(tvb, pos));
pos += length;
break;
case WLAN_RADIO_HDR_NOISE:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_int (tree, hf_silence, tvb, pos-2, 3,
(char)tvb_get_guint8(tvb, pos));
pos += length;
break;
case WLAN_RADIO_HDR_RATE:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_uint (tree, hf_rate, tvb, pos-2, 3,
tvb_get_guint8(tvb, pos));
pos += length;
break;
case WLAN_RADIO_HDR_TIMESTAMP:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_uint (tree, hf_time, tvb, pos-2, 6,
tvb_get_ntohl(tvb, pos));
pos += length;
break;
case WLAN_RADIO_HDR_MSG_TYPE:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_uint (tree, hf_status_msg_type, tvb, pos-2, 3,
tvb_get_guint8(tvb, pos));
pos += length;
break;
case WLAN_RADIO_HDR_CF:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_boolean (tree, hf_status_pcf, tvb, pos-2, 3,
tvb_get_guint8(tvb, pos));
pos += length;
break;
case WLAN_RADIO_HDR_UN_DECR:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_boolean (tree, hf_status_undecrypted, tvb, pos-2, 3,
tvb_get_guint8(tvb, pos));
encr = tvb_get_guint8(tvb, pos);
pos += length;
break;
case WLAN_RADIO_HDR_FCS_ERR:
seen_fcs_err = 1;
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_boolean (tree, hf_status_fcs_error, tvb, pos-2, 3,
tvb_get_guint8(tvb, pos));
fcs_err = tvb_get_guint8(tvb, pos);
pos += length;
break;
case WLAN_RADIO_HDR_CHANNEL:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_uint (tree, hf_channel, tvb, pos-2, 3,
tvb_get_guint8(tvb, pos));
pos += length;
break;
case TZSP_HDR_SENSOR:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_ether(tree, hf_sensormac, tvb, pos-2, 6,
tvb_get_ptr (tvb, pos, 6));
pos += length;
break;
default:
length = tvb_get_guint8(tvb, pos++);
if (tree)
proto_tree_add_bytes(tree, hf_unknown, tvb, pos-2, length+2,
tvb_get_ptr(tvb, pos, length));
pos += length;
break;
}
}
}
static void
dissect_btbnep(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_item *pi;
proto_tree *btbnep_tree;
gint offset = 0;
guint bnep_type;
guint extension_flag;
guint type = 0;
proto_item *addr_item;
proto_tree *addr_tree = NULL;
const guint8 *src_addr;
const guint8 *dst_addr;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "BNEP");
col_clear(pinfo->cinfo, COL_INFO);
switch (pinfo->p2p_dir) {
case P2P_DIR_SENT:
col_add_str(pinfo->cinfo, COL_INFO, "Sent ");
break;
case P2P_DIR_RECV:
col_add_str(pinfo->cinfo, COL_INFO, "Rcvd ");
break;
default:
col_add_fstr(pinfo->cinfo, COL_INFO, "Unknown direction %d ",
pinfo->p2p_dir);
break;
}
pi = proto_tree_add_item(tree, proto_btbnep, tvb, offset, -1, ENC_NA);
btbnep_tree = proto_item_add_subtree(pi, ett_btbnep);
proto_tree_add_item(btbnep_tree, hf_btbnep_extension_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(btbnep_tree, hf_btbnep_bnep_type, tvb, offset, 1, ENC_BIG_ENDIAN);
bnep_type = tvb_get_guint8(tvb, offset);
extension_flag = bnep_type & 0x80;
bnep_type = bnep_type & 0x7F;
offset += 1;
col_append_fstr(pinfo->cinfo, COL_INFO, "%s", val_to_str_const(bnep_type, bnep_type_vals, "Unknown type"));
if (extension_flag) col_append_fstr(pinfo->cinfo, COL_INFO, "+E");
if (bnep_type == BNEP_TYPE_GENERAL_ETHERNET || bnep_type == BNEP_TYPE_COMPRESSED_ETHERNET_DESTINATION_ONLY) {
dst_addr = tvb_get_ptr(tvb, offset, 6);
SET_ADDRESS(&pinfo->dl_dst, AT_ETHER, 6, dst_addr);
SET_ADDRESS(&pinfo->dst, AT_ETHER, 6, dst_addr);
addr_item = proto_tree_add_ether(btbnep_tree, hf_btbnep_dst, tvb, offset, 6, dst_addr);
if (addr_item) addr_tree = proto_item_add_subtree(addr_item, ett_addr);
proto_tree_add_ether(addr_tree, hf_btbnep_addr, tvb, offset, 6, dst_addr);
proto_tree_add_item(addr_tree, hf_btbnep_lg, tvb, offset, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_btbnep_ig, tvb, offset, 3, ENC_BIG_ENDIAN);
offset += 6;
}
if (bnep_type == BNEP_TYPE_GENERAL_ETHERNET || bnep_type == BNEP_TYPE_COMPRESSED_ETHERNET_SOURCE_ONLY) {
src_addr = tvb_get_ptr(tvb, offset, 6);
SET_ADDRESS(&pinfo->dl_src, AT_ETHER, 6, src_addr);
SET_ADDRESS(&pinfo->src, AT_ETHER, 6, src_addr);
addr_item = proto_tree_add_ether(btbnep_tree, hf_btbnep_src, tvb, offset, 6, src_addr);
if (addr_item) {
addr_tree = proto_item_add_subtree(addr_item, ett_addr);
if (tvb_get_guint8(tvb, offset) & 0x01) {
expert_add_info_format(pinfo, addr_item, PI_PROTOCOL, PI_WARN,
"Source MAC must not be a group address: IEEE 802.3-2002, Section 3.2.3(b)");
}
}
proto_tree_add_ether(addr_tree, hf_btbnep_addr, tvb, offset, 6, src_addr);
proto_tree_add_item(addr_tree, hf_btbnep_lg, tvb, offset, 3, ENC_BIG_ENDIAN);
proto_tree_add_item(addr_tree, hf_btbnep_ig, tvb, offset, 3, ENC_BIG_ENDIAN);
offset += 6;
}
if (bnep_type != BNEP_TYPE_CONTROL) {
type = tvb_get_ntohs(tvb, offset);
if (!top_dissect) {
proto_tree_add_item(btbnep_tree, hf_btbnep_type, tvb, offset, 2, ENC_BIG_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, " - Type: %s", val_to_str_const(type, etype_vals, "unknown"));
}
offset += 2;
} else {
offset = dissect_control(tvb, pinfo, btbnep_tree, offset);
}
if (extension_flag) {
offset = dissect_extension(tvb, pinfo, btbnep_tree, offset);
}
if (bnep_type != BNEP_TYPE_CONTROL) {
/* dissect normal network */
if (top_dissect) {
ethertype(type, tvb, offset, pinfo, tree, btbnep_tree,
hf_btbnep_type, 0, 0);
} else {
tvbuff_t *next_tvb;
next_tvb = tvb_new_subset_remaining(tvb, offset);
call_dissector(data_handle, next_tvb, pinfo, tree);
}
}
}
/* Code to actually dissect the PAGP packets */
static void
dissect_pagp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guint32 raw_word;
guint16 raw_half_word;
guint16 num_tlvs;
guint16 tlv;
guint16 len;
guint16 i;
guint16 offset = PAGP_FIRST_TLV;
guint8 raw_octet;
guint8 flags;
struct _address device_id;
const guint8 *p_sys;
guchar *ch;
proto_tree *pagp_tree = NULL;
proto_item *pagp_item;
proto_tree *flags_tree;
proto_item *flags_item;
proto_tree *tlv_tree;
proto_item *tlv_item;
const char *sep;
device_id.type = AT_ETHER;
device_id.len = 6;
if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
col_set_str(pinfo->cinfo, COL_PROTOCOL, "PAGP"); /* PAGP Protocol */
}
col_clear(pinfo->cinfo, COL_INFO);
pinfo->current_proto = "PAGP";
raw_octet = tvb_get_guint8(tvb, PAGP_VERSION_NUMBER);
if (tree) {
pagp_item = proto_tree_add_protocol_format(tree, proto_pagp, tvb,
0, -1, "Port Aggregation Protocol");
pagp_tree = proto_item_add_subtree(pagp_item, ett_pagp);
proto_tree_add_uint(pagp_tree, hf_pagp_version_number, tvb,
PAGP_VERSION_NUMBER, 1, raw_octet);
}
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_str(pinfo->cinfo, COL_INFO,
val_to_str(raw_octet, pdu_vers, "Unknown PDU version"));
}
if (raw_octet == PAGP_FLUSH_PDU) {
device_id.data = tvb_get_ptr(tvb, PAGP_FLUSH_LOCAL_DEVICE_ID, 6);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO, "; Local DevID: %s",
address_to_str(&device_id));
}
if (tree) {
proto_tree_add_ether(pagp_tree, hf_pagp_flush_local_device_id, tvb,
PAGP_FLUSH_LOCAL_DEVICE_ID, 6, device_id.data);
}
device_id.data = tvb_get_ptr(tvb, PAGP_FLUSH_PARTNER_DEVICE_ID, 6);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO, ", Partner DevID: %s",
address_to_str(&device_id));
}
if (tree) {
proto_tree_add_ether(pagp_tree, hf_pagp_flush_partner_device_id, tvb,
PAGP_FLUSH_PARTNER_DEVICE_ID, 6, device_id.data);
}
raw_word = tvb_get_ntohl(tvb, PAGP_FLUSH_TRANSACTION_ID);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO,
"; Transaction ID: 0x%x ", raw_word);
}
if (tree) {
proto_tree_add_uint(pagp_tree, hf_pagp_flush_transaction_id, tvb,
PAGP_FLUSH_TRANSACTION_ID, 4, raw_word);
}
return;
}
/* Info PDU */
flags = tvb_get_guint8(tvb, PAGP_FLAGS);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO, "; Flags 0x%x", flags);
}
if (tree) {
flags_item = proto_tree_add_uint(pagp_tree, hf_pagp_flags, tvb,
PAGP_FLAGS, 1, flags);
flags_tree = proto_item_add_subtree(flags_item, ett_pagp_flags);
sep = initial_sep;
APPEND_BOOLEAN_FLAG(flags & PAGP_FLAGS_SLOW_HELLO, flags_item, "%sSlow Hello");
proto_tree_add_boolean(flags_tree, hf_pagp_flags_slow_hello, tvb,
PAGP_FLAGS, 1, flags);
APPEND_BOOLEAN_FLAG(flags & PAGP_FLAGS_AUTO_MODE, flags_item, "%sAuto Mode");
proto_tree_add_boolean(flags_tree, hf_pagp_flags_auto_mode, tvb,
PAGP_FLAGS, 1, flags);
APPEND_BOOLEAN_FLAG(flags & PAGP_FLAGS_CONSISTENT_STATE, flags_item,
"%sConsistent State");
proto_tree_add_boolean(flags_tree, hf_pagp_flags_consistent_state, tvb,
PAGP_FLAGS, 1, flags);
sep = cont_sep;
if (sep != initial_sep) {
/* We put something in; put in the terminating ")" */
proto_item_append_text(flags_item, ")");
}
}
device_id.data = tvb_get_ptr(tvb, PAGP_LOCAL_DEVICE_ID, 6);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO, "; Local DevID: %s",
address_to_str(&device_id));
}
if (tree) {
proto_tree_add_ether(pagp_tree, hf_pagp_local_device_id, tvb,
PAGP_LOCAL_DEVICE_ID, 6, device_id.data);
}
if (tree) {
raw_octet = tvb_get_guint8(tvb, PAGP_LOCAL_LEARN_CAP);
proto_tree_add_uint(pagp_tree, hf_pagp_local_learn_cap, tvb,
PAGP_LOCAL_LEARN_CAP, 1, raw_octet);
raw_octet = tvb_get_guint8(tvb, PAGP_LOCAL_PORT_PRIORITY);
proto_tree_add_uint(pagp_tree, hf_pagp_local_port_priority, tvb,
PAGP_LOCAL_PORT_PRIORITY, 1, raw_octet);
raw_word = tvb_get_ntohl(tvb, PAGP_LOCAL_SENT_PORT_IFINDEX);
proto_tree_add_uint(pagp_tree, hf_pagp_local_sent_port_ifindex, tvb,
PAGP_LOCAL_SENT_PORT_IFINDEX, 4, raw_word);
raw_word = tvb_get_ntohl(tvb, PAGP_LOCAL_GROUP_CAPABILITY);
proto_tree_add_uint(pagp_tree, hf_pagp_local_group_capability, tvb,
PAGP_LOCAL_GROUP_CAPABILITY, 4, raw_word);
raw_word = tvb_get_ntohl(tvb, PAGP_LOCAL_GROUP_IFINDEX);
proto_tree_add_uint(pagp_tree, hf_pagp_local_group_ifindex, tvb,
PAGP_LOCAL_GROUP_IFINDEX, 4, raw_word);
}
device_id.data = tvb_get_ptr(tvb, PAGP_PARTNER_DEVICE_ID, 6);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO, ", Partner DevID: %s",
address_to_str(&device_id));
}
if (tree) {
proto_tree_add_ether(pagp_tree, hf_pagp_partner_device_id, tvb,
PAGP_PARTNER_DEVICE_ID, 6, device_id.data);
}
if (tree) {
raw_octet = tvb_get_guint8(tvb, PAGP_PARTNER_LEARN_CAP);
proto_tree_add_uint(pagp_tree, hf_pagp_partner_learn_cap, tvb,
PAGP_PARTNER_LEARN_CAP, 1, raw_octet);
raw_octet = tvb_get_guint8(tvb, PAGP_PARTNER_PORT_PRIORITY);
proto_tree_add_uint(pagp_tree, hf_pagp_partner_port_priority, tvb,
PAGP_PARTNER_PORT_PRIORITY, 1, raw_octet);
raw_word = tvb_get_ntohl(tvb, PAGP_PARTNER_SENT_PORT_IFINDEX);
proto_tree_add_uint(pagp_tree, hf_pagp_partner_sent_port_ifindex, tvb,
PAGP_PARTNER_SENT_PORT_IFINDEX, 4, raw_word);
raw_word = tvb_get_ntohl(tvb, PAGP_PARTNER_GROUP_CAPABILITY);
proto_tree_add_uint(pagp_tree, hf_pagp_partner_group_capability, tvb,
PAGP_PARTNER_GROUP_CAPABILITY, 4, raw_word);
raw_word = tvb_get_ntohl(tvb, PAGP_PARTNER_GROUP_IFINDEX);
proto_tree_add_uint(pagp_tree, hf_pagp_partner_group_ifindex, tvb,
PAGP_PARTNER_GROUP_IFINDEX, 4, raw_word);
raw_half_word = tvb_get_ntohs(tvb, PAGP_PARTNER_COUNT);
proto_tree_add_uint(pagp_tree, hf_pagp_partner_count, tvb,
PAGP_PARTNER_COUNT, 2, raw_half_word);
num_tlvs = tvb_get_ntohs(tvb, PAGP_NUM_TLVS);
proto_tree_add_uint(pagp_tree, hf_pagp_num_tlvs, tvb,
PAGP_NUM_TLVS, 2, num_tlvs);
/* dump TLV entries */
for ( i = 1; i <= num_tlvs; i++ ) {
tlv = tvb_get_ntohs(tvb, offset);
len = tvb_get_ntohs(tvb, offset + 2);
if ( len == 0 ) {
proto_tree_add_text(pagp_tree, tvb, offset, -1,
"Unknown data - TLV len=0");
return;
}
tlv_item = proto_tree_add_text (pagp_tree, tvb, offset, len,
"TLV Entry #%d", i);
tlv_tree = proto_item_add_subtree (tlv_item, ett_pagp_tlvs);
proto_tree_add_uint_format (tlv_tree, hf_pagp_tlv, tvb,
offset,2,tlv,"Type = %d (%s)", tlv,
val_to_str(tlv,tlv_types, "Unknown")) ;
proto_tree_add_text (tlv_tree, tvb, offset+2, 2,
"Length = %u bytes (includes Type and Length)", len) ;
if ( tvb_reported_length_remaining(tvb, offset) < len ) {
proto_tree_add_text(tlv_tree, tvb, offset, -1,
"TLV length too large");
return;
}
switch (tlv) {
case PAGP_TLV_DEVICE_NAME:
ch = tvb_get_ephemeral_string(tvb, offset+4, len-4);
proto_tree_add_string(tlv_tree, hf_pagp_tlv_device_name,
tvb, offset+4, len-4, ch);
break;
case PAGP_TLV_PORT_NAME:
ch = tvb_get_ephemeral_string(tvb, offset+4, len-4);
proto_tree_add_string(tlv_tree, hf_pagp_tlv_port_name,
tvb, offset+4, len-4, ch);
break;
case PAGP_TLV_AGPORT_MAC:
p_sys = tvb_get_ptr(tvb, offset+4, 6);
proto_tree_add_ether(tlv_tree, hf_pagp_tlv_agport_mac,
tvb, offset+4, 6, p_sys);
break;
case PAGP_TLV_RESERVED:
break;
}
offset += len;
}
}
}
