/*
* Handles one Auto-RP map entry. Returns the new offset.
*/
static int do_auto_rp_map(tvbuff_t *tvb, int offset, proto_tree *auto_rp_tree)
{
proto_item *ti;
proto_tree *map_tree;
guint8 group_count;
guint32 rp_addr; /* In network byte order */
int i;
rp_addr = tvb_get_ipv4(tvb, offset);
group_count = tvb_get_guint8(tvb, offset + 5);
/* sizeof map header + n * sizeof encoded group addresses */
ti = proto_tree_add_text(auto_rp_tree, tvb, offset, 6 + group_count * 6,
"RP %s: %u group%s", ip_to_str((void *)&rp_addr),
group_count, plurality(group_count, "", "s"));
map_tree = proto_item_add_subtree(ti, ett_auto_rp_map);
proto_tree_add_ipv4(map_tree, hf_auto_rp_rp_addr, tvb, offset, 4, rp_addr);
offset += 4;
proto_tree_add_uint(map_tree, hf_auto_rp_pim_ver, tvb, offset, 1, tvb_get_guint8(tvb, offset));
offset++;
proto_tree_add_text(map_tree, tvb, offset, 1, "Number of groups this RP maps to: %u", group_count);
offset++;
for (i = 0; i < group_count; i++) {
proto_item *gi;
proto_tree *grp_tree;
guint8 sign, mask_len;
guint32 group_addr; /* In network byte order */
sign = tvb_get_guint8(tvb, offset);
mask_len = tvb_get_guint8(tvb, offset + 1);
group_addr = tvb_get_ipv4(tvb, offset + 2);
gi = proto_tree_add_text(map_tree, tvb, offset, 6, "Group %s/%u (%s)",
ip_to_str((void *)&group_addr), mask_len,
val_to_str(sign&AUTO_RP_SIGN_MASK, auto_rp_mask_sign_vals, ""));
grp_tree = proto_item_add_subtree(gi, ett_auto_rp_group);
proto_tree_add_uint(grp_tree, hf_auto_rp_prefix_sgn, tvb, offset, 1, sign);
offset++;
proto_tree_add_uint(grp_tree, hf_auto_rp_mask_len, tvb, offset, 1, mask_len);
offset++;
proto_tree_add_ipv4(grp_tree, hf_auto_rp_group_prefix, tvb, offset, 4, group_addr);
offset += 4;
}
return offset;
}
WSLUA_METHOD TvbRange_le_ipv4(lua_State* L) {
/* Get an Little Endian IPv4 Address from a TvbRange. */
TvbRange tvbr = checkTvbRange(L,1);
Address addr;
guint32* ip_addr;
if ( !(tvbr && tvbr->tvb)) return 0;
if (tvbr->tvb->expired) {
luaL_error(L,"expired tvb");
return 0;
}
if (tvbr->len != 4)
WSLUA_ERROR(TvbRange_ipv4,"The range must be 4 octets long");
addr = (address *)g_malloc(sizeof(address));
ip_addr = (guint32 *)g_malloc(sizeof(guint32));
*ip_addr = tvb_get_ipv4(tvbr->tvb->ws_tvb,tvbr->offset);
*((guint32 *)ip_addr) = GUINT32_SWAP_LE_BE(*((guint32 *)ip_addr));
SET_ADDRESS(addr, AT_IPv4, 4, ip_addr);
pushAddress(L,addr);
WSLUA_RETURN(1); /* The IPv4 Address */
}
static void dissect_request_connect(tvbuff_t *tvb, int offset,
proto_tree *tree, hash_entry_t *conv_info) {
/* decode the connect request, display */
conv_info->proto = PT_TCP;
offset += 20;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_dstport, tvb, offset, 2,
ENC_BIG_ENDIAN);
conv_info->dst_port = tvb_get_ntohs( tvb, offset);
offset += 2;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_dstaddr, tvb, offset, 4,
ENC_BIG_ENDIAN);
conv_info->dst_addr = tvb_get_ipv4( tvb, offset);
offset += 12;
conv_info->clnt_port = tvb_get_ntohs( tvb, offset);
if ( tree){
proto_tree_add_uint( tree, hf_msproxy_clntport, tvb, offset, 2,
conv_info->clnt_port);
offset += 84;
display_application_name( tvb, offset, tree);
}
}
static void
decode_iei_ip_address(nsip_ie_t *ie, build_info_t *bi, int ie_start_offset) {
guint8 addr_type;
guint32 ip4_addr;
struct e_in6_addr ip6_addr;
addr_type = tvb_get_guint8(bi->tvb, bi->offset);
proto_tree_add_item(bi->nsip_tree, hf_nsip_ip_address_type,
bi->tvb, bi->offset, 1, ENC_BIG_ENDIAN);
switch (addr_type) {
case NSIP_IP_ADDRESS_TYPE_IPV4:
ie->total_length = 2 + ipv4_element.address_length;
ip4_addr = tvb_get_ipv4(bi->tvb, bi->offset+1);
proto_tree_add_ipv4(bi->nsip_tree, hf_nsip_ip_address_ipv4,
bi->tvb, ie_start_offset, ie->total_length,
ip4_addr);
break;
case NSIP_IP_ADDRESS_TYPE_IPV6:
ie->total_length = 2 + ipv6_element.address_length;
tvb_get_ipv6(bi->tvb, bi->offset+1, &ip6_addr);
proto_tree_add_ipv6(bi->nsip_tree, hf_nsip_ip_address_ipv4,
bi->tvb, ie_start_offset, ie->total_length,
(guint8 *)&ip6_addr);
break;
default:
return; /* error */
}
bi->offset += ie->value_length;
}
WSLUA_METHOD TvbRange_ipv4(lua_State* L) {
/* Get an IPv4 Address from a `TvbRange`, as an `Address` object. */
TvbRange tvbr = checkTvbRange(L,1);
Address addr;
guint32* ip_addr;
if ( !(tvbr && tvbr->tvb)) return 0;
if (tvbr->tvb->expired) {
luaL_error(L,"expired tvb");
return 0;
}
if (tvbr->len != 4) {
WSLUA_ERROR(TvbRange_ipv4,"The range must be 4 octets long");
return 0;
}
addr = (address *)g_malloc(sizeof(address));
ip_addr = (guint32 *)g_malloc(sizeof(guint32));
*ip_addr = tvb_get_ipv4(tvbr->tvb->ws_tvb,tvbr->offset);
set_address(addr, AT_IPv4, 4, ip_addr);
pushAddress(L,addr);
WSLUA_RETURN(1); /* The IPv4 `Address` object. */
}
static t_nid
get_nid(tvbuff_t *tvb, gint offset)
{
t_nid nid ;
nid.addr = g_htonl(tvb_get_ipv4(tvb, offset));
nid.interface = tvb_get_letohs(tvb, offset + 4);
nid.proto = tvb_get_letohs(tvb, offset + 6);
return nid ;
}
static int
dissect_msnip_gm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int offset)
{
guint8 count;
/* group count */
count = tvb_get_guint8(tvb, offset);
proto_tree_add_uint(parent_tree, hf_count, tvb, offset, 1, count);
offset += 1;
/* checksum */
igmp_checksum(parent_tree, tvb, hf_checksum, hf_checksum_bad, pinfo, 0);
offset += 2;
/* holdtime */
proto_tree_add_uint(parent_tree, hf_holdtime, tvb, offset, 4, count);
offset += 4;
while (count--) {
proto_tree *tree;
proto_item *item;
guint32 maddr;
guint8 masklen;
int old_offset = offset;
item = proto_tree_add_item(parent_tree, hf_groups,
tvb, offset, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_groups);
/* multicast group */
maddr = tvb_get_ipv4(tvb, offset);
proto_tree_add_ipv4(tree, hf_maddr, tvb, offset, 4,
maddr);
offset += 4;
/* mask length */
masklen = tvb_get_guint8(tvb, offset);
proto_tree_add_uint(tree, hf_mask, tvb,
offset, 1, masklen);
offset += 1;
/* skip 3 unused bytes */
offset += 3;
if (item) {
proto_item_set_text(item,"Group: %s/%d",
ip_to_str((guint8 *)&maddr), masklen);
proto_item_set_len(item, offset-old_offset);
}
}
return offset;
}
static void
decode_ipv4_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
{
guint32 ip_address;
if (length < 8) {
expert_add_info(pinfo, item, &ei_opsi_short_attribute);
return;
}
ip_address = tvb_get_ipv4(tvb, offset+4);
proto_tree_add_ipv4(tree, *hfValue, tvb, offset+4, 4, ip_address);
}
/* Note: updates *offset */
static void add_notification_data_ipv4addr(tvbuff_t *tvb, proto_tree *tree, int *offset, const char *addrtype)
{
guint32 ipaddr;
proto_tree_add_item(tree, hf_msdp_not_res, tvb, *offset, 3, ENC_BIG_ENDIAN);
*offset += 3;
ipaddr = tvb_get_ipv4(tvb, *offset);
proto_tree_add_ipv4_format(tree, hf_msdp_not_ipv4, tvb, *offset, 4, ipaddr,
"%s: %s", addrtype, ip_to_str((guint8 *)&ipaddr));
*offset += 4;
return;
}
static int
dissect_msnip_rmr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int offset)
{
guint8 count;
/* group count */
count = tvb_get_guint8(tvb, offset);
proto_tree_add_uint(parent_tree, hf_count, tvb, offset, 1, count);
offset += 1;
/* checksum */
igmp_checksum(parent_tree, tvb, hf_checksum, hf_checksum_bad, pinfo, 0);
offset += 2;
while (count--) {
proto_tree *tree;
proto_item *item;
guint8 rec_type;
guint32 maddr;
int old_offset = offset;
item = proto_tree_add_item(parent_tree, hf_groups,
tvb, offset, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_groups);
/* record type */
rec_type = tvb_get_guint8(tvb, offset);
proto_tree_add_uint(tree, hf_rec_type, tvb, offset, 1, rec_type);
offset += 1;
/* skip 3 unused bytes */
offset += 3;
/* multicast group */
maddr = tvb_get_ipv4(tvb, offset);
proto_tree_add_ipv4(tree, hf_maddr, tvb, offset, 4,
maddr);
offset += 4;
if (item) {
proto_item_set_text(item,"Group: %s %s",
ip_to_str((guint8 *)&maddr),
val_to_str(rec_type, msnip_rec_types,
"Unknown Type:0x%02x"));
proto_item_set_len(item, offset-old_offset);
}
}
return offset;
}
/*
* dissect the description of link in roofnet
*/
static void dissect_roofnet_link(proto_tree *tree, tvbuff_t *tvb, guint *offset, guint link)
{
proto_item *it= NULL;
proto_tree *subtree= NULL;
ptvcursor_t *cursor= NULL;
guint32 addr_src= 0;
guint32 addr_dst= 0;
addr_src= tvb_get_ipv4(tvb, *offset + ROOFNET_LINK_OFFSET_SRC);
addr_dst= tvb_get_ipv4(tvb, *offset + ROOFNET_LINK_OFFSET_DST);
it = proto_tree_add_text(tree, tvb, *offset, ROOFNET_LINK_LEN,
"link: %u, src: %s, dst: %s",
link,
(char*)get_hostname(addr_src),
(char*)get_hostname(addr_dst));
subtree= proto_item_add_subtree(it, ett_roofnet_link);
proto_tree_add_ipv4(subtree, hf_roofnet_link_src, tvb, *offset, 4, addr_src);
*offset += 4;
cursor = ptvcursor_new(subtree, tvb, *offset);
ptvcursor_add(cursor, hf_roofnet_link_forward, 4, FALSE);
ptvcursor_add(cursor, hf_roofnet_link_rev, 4, FALSE);
ptvcursor_add(cursor, hf_roofnet_link_seq, 4, FALSE);
ptvcursor_add(cursor, hf_roofnet_link_age, 4, FALSE);
ptvcursor_free(cursor);
*offset = ptvcursor_current_offset(cursor);
proto_tree_add_ipv4(subtree, hf_roofnet_link_dst, tvb, *offset, 4, addr_dst);
/* don't increment offset here because the dst of this link is the src of the next one */
}
static int
parse_teredo_orig(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
int offset, e_teredohdr *teredoh)
{
proto_item *ti = NULL;
col_append_sep_str (pinfo->cinfo, COL_INFO, ", ",
"Origin indication");
if (tree) {
ti = proto_tree_add_item(tree, hf_teredo_orig, tvb, offset,
8, ENC_NA);
tree = proto_item_add_subtree(ti, ett_teredo_orig);
}
offset += 2;
teredoh->th_orgport = tvb_get_ntohs(tvb, offset);
if (tree) {
/*
* The "usual arithmetic conversions" will convert
* "teredoh->th_orgport" to an "int" (because all
* "unsigned short" values will fit in an "int"),
* which will zero-extend it. This means that
* complementing it will turn all the zeroes in
* the upper 16 bits into ones; we just want the
* lower 16 bits (containing the port number)
* complemented, with the result zero-extended.
*
* That's what the cast is for.
*/
proto_tree_add_uint(tree, hf_teredo_orig_port, tvb,
offset, 2,
(guint16)~teredoh->th_orgport);
}
offset += 2;
teredoh->th_iporgaddr = tvb_get_ipv4(tvb, offset);
if (tree) {
proto_tree_add_ipv4(tree, hf_teredo_orig_addr, tvb,
offset, 4, ~teredoh->th_iporgaddr);
}
offset += 4;
return offset;
}
static gint
dissect_rpcap_ifaddr (tvbuff_t *tvb, packet_info *pinfo,
proto_tree *parent_tree, gint offset, int hf_id,
proto_item *parent_item)
{
proto_tree *tree;
proto_item *ti;
gchar ipaddr[MAX_ADDR_STR_LEN];
guint32 ipv4;
guint16 af;
ti = proto_tree_add_item (parent_tree, hf_id, tvb, offset, 128, ENC_BIG_ENDIAN);
tree = proto_item_add_subtree (ti, ett_ifaddr);
af = tvb_get_ntohs (tvb, offset);
proto_tree_add_item (tree, hf_if_af, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
if (af == COMMON_AF_INET) {
proto_tree_add_item (tree, hf_if_port, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
ipv4 = tvb_get_ipv4 (tvb, offset);
ip_to_str_buf((guint8 *)&ipv4, ipaddr, MAX_ADDR_STR_LEN);
proto_item_append_text (ti, ": %s", ipaddr);
if (parent_item) {
proto_item_append_text (parent_item, ": %s", ipaddr);
}
proto_tree_add_item (tree, hf_if_ip, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item (tree, hf_if_padding, tvb, offset, 120, ENC_NA);
offset += 120;
} else {
ti = proto_tree_add_item (tree, hf_if_unknown, tvb, offset, 126, ENC_NA);
if (af != COMMON_AF_UNSPEC) {
expert_add_info_format(pinfo, ti, &ei_if_unknown,
"Unknown address family: %d", af);
}
offset += 126;
}
return offset;
}
static int get_address_v5(tvbuff_t *tvb, int offset,
socks_hash_entry_t *hash_info) {
/* decode the v5 address and return offset of next byte */
/*XXX this needs to handle IPV6 and domain name addresses */
int a_type = tvb_get_guint8(tvb, offset++);
if ( a_type == 1){ /* IPv4 address */
if ( hash_info)
hash_info->dst_addr = tvb_get_ipv4(tvb, offset);
offset += 4;
}
else if ( a_type == 4) /* IPv6 address */
offset += 16;
else if ( a_type == 3) /* domain name address */
offset += tvb_get_guint8(tvb, offset) + 1;
return offset;
}
WSLUA_METHOD TvbRange_le_ipv4(lua_State* L) {
/* Get an Little Endian IPv4 Address from a `TvbRange`, as an `Address` object. */
TvbRange tvbr = checkTvbRange(L,1);
Address addr;
guint32 ip_addr;
if ( !(tvbr && tvbr->tvb)) return 0;
if (tvbr->tvb->expired) {
luaL_error(L,"expired tvb");
return 0;
}
if (tvbr->len != 4) {
WSLUA_ERROR(TvbRange_ipv4,"The range must be 4 octets long");
return 0;
}
addr = g_new(address,1);
ip_addr = GUINT32_SWAP_LE_BE(tvb_get_ipv4(tvbr->tvb->ws_tvb,tvbr->offset));
alloc_address_wmem(NULL, addr, AT_IPv4, sizeof(ip_addr), &ip_addr);
pushAddress(L,addr);
WSLUA_RETURN(1); /* The IPv4 `Address` object. */
}
static proto_item *
decode_ip_element(nsip_ip_element_info_t *element, build_info_t *bi, proto_tree * element_tree) {
guint16 udp_port;
guint32 ip4_addr;
struct e_in6_addr ip6_addr;
proto_item *tf = NULL;
proto_tree *field_tree = NULL;
if (bi->nsip_tree) {
tf = proto_tree_add_text(element_tree, bi->tvb, bi->offset,
element->total_length, "IP Element");
field_tree = proto_item_add_subtree(tf, ett_nsip_ip_element);
/* IP address */
switch (element->version) {
case NSIP_IP_VERSION_4:
ip4_addr = tvb_get_ipv4(bi->tvb, bi->offset);
proto_tree_add_item(field_tree, hf_nsip_ip_address_ipv4,
bi->tvb, bi->offset, element->address_length,
ENC_BIG_ENDIAN);
proto_item_append_text(tf, ": IP address: %s",
ip_to_str((guint8 *)&ip4_addr));
break;
case NSIP_IP_VERSION_6:
tvb_get_ipv6(bi->tvb, bi->offset, &ip6_addr);
proto_tree_add_item(field_tree, hf_nsip_ip_address_ipv6, bi->tvb,
bi->offset, element->address_length,
ENC_NA);
proto_item_append_text(tf, ": IP address: %s",
ip6_to_str((struct e_in6_addr *)&ip6_addr));
break;
default:
;
}
}
bi->offset += element->address_length;
if (bi->nsip_tree) {
/* UDP port value */
udp_port = tvb_get_ntohs(bi->tvb, bi->offset);
proto_tree_add_item(field_tree, hf_nsip_ip_element_udp_port,
bi->tvb, bi->offset, 2, ENC_BIG_ENDIAN);
proto_item_append_text(tf, ", UDP Port: %u", udp_port);
}
bi->offset += 2;
if (bi->nsip_tree) {
/* Signalling weight */
proto_tree_add_item(field_tree, hf_nsip_ip_element_signalling_weight,
bi->tvb, bi->offset, 1, ENC_BIG_ENDIAN);
}
bi->offset++;
if (bi->nsip_tree) {
/* Data weight */
proto_tree_add_item(field_tree, hf_nsip_ip_element_data_weight,
bi->tvb, bi->offset, 1, ENC_BIG_ENDIAN);
}
bi->offset++;
return tf;
}
static int
dissect_mpls_y1711(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree *mpls_y1711_tree = NULL;
struct mplsinfo *mplsinfo = pinfo->private_data;
proto_item *ti = NULL;
int functype = -1;
int offset = 0;
const guint8 allone[] = { 0xff, 0xff };
const guint8 allzero[] = { 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00 };
/*
* if called with main tree == null just set col info with func type
* string and return
*/
if (!tree) {
if (check_col(pinfo->cinfo, COL_INFO)) {
if (tvb_bytes_exist(tvb, offset, 1)) {
functype = tvb_get_guint8(tvb, offset);
col_append_fstr(pinfo->cinfo, COL_INFO, " (Y.1711: %s)",
(functype == 0x01) ? "CV" :
(functype == 0x02) ? "FDI" :
(functype == 0x03) ? "BDI" :
(functype == 0x07) ? "FDD" :
"reserved/unknown");
}
}
return 0;
}
/* sanity checks */
if (!tvb_bytes_exist(tvb, offset, 44)) {
/*
* ITU-T Y.1711, 5.3: PDUs must have a minimum payload length of
* 44 bytes
*/
proto_tree_add_text(tree, tvb, offset, -1,
"Error: must have a minimum payload "
"length of 44 bytes");
return 0;
}
ti = proto_tree_add_text(tree, tvb, offset, 44, "Y.1711 OAM");
mpls_y1711_tree = proto_item_add_subtree(ti, ett_mpls_y1711);
if (!mpls_y1711_tree)
return 0;
/* checks for exp, bos and ttl encoding */
if (mplsinfo->label != LABEL_OAM_ALERT)
proto_tree_add_text(mpls_y1711_tree, tvb, offset - 4, 3,
"Warning: Y.1711 but no OAM alert label (%d) ?!",
LABEL_OAM_ALERT);
if (mplsinfo->exp != 0)
proto_tree_add_text(mpls_y1711_tree, tvb, offset - 2, 1,
"Warning: Exp bits should be 0 for Y.1711");
if (mplsinfo->bos != 1)
proto_tree_add_text(mpls_y1711_tree, tvb, offset - 2, 1,
"Warning: S bit should be 1 for Y.1711");
if (mplsinfo->ttl != 1)
proto_tree_add_text(mpls_y1711_tree, tvb, offset - 1, 1,
"Warning: TTL should be 1 for Y.1711");
/* starting dissection */
functype = tvb_get_guint8(tvb, offset);
proto_tree_add_item(mpls_y1711_tree, hf_mpls_y1711_function_type, tvb,
offset, 1,
ENC_LITTLE_ENDIAN);
offset++;
switch (functype) {
case 0x01: /* CV */
{
guint32 lsrid_ipv4addr;
/* 3 octets reserved (all 0x00) */
if (tvb_memeql(tvb, offset, allzero, 3) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 3,
"Error: these bytes are reserved and "
"must be 0x00");
}
offset += 3;
/* ttsi (ipv4 flavor as in RFC 2373) */
if (tvb_memeql(tvb, offset, allzero, 10) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 10,
"Error: these bytes are padding "
"and must be 0x00");
}
offset += 10;
if (tvb_memeql(tvb, offset, allone, 2) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 2,
"Error: these bytes are padding "
"and must be 0xFF");
}
offset += 2;
lsrid_ipv4addr = tvb_get_ipv4(tvb, offset);
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 4, "LSR ID: %s",
ip_to_str((guint8 *) &lsrid_ipv4addr));
offset += 4;
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 4, "LSP ID: %d",
tvb_get_ntohl(tvb, offset));
offset += 4;
/* 18 octets of padding (all 0x00) */
if (tvb_memeql(tvb, offset, allzero, 18) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 18,
"Error: these bytes are padding "
"and must be 0x00");
}
offset += 18;
}
break;
case 0x02: /* FDI */
case 0x03: /* BDI */
{
guint32 lsrid_ipv4addr;
/* 1 octets reserved (all 0x00) */
if (tvb_memeql(tvb, offset, allzero, 1) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 3,
"Error: this byte is reserved "
"and must be 0x00");
}
offset++;
proto_tree_add_item(mpls_y1711_tree, hf_mpls_y1711_defect_type, tvb,
offset, 2,
ENC_LITTLE_ENDIAN);
offset += 2;
/*
* ttsi (ipv4 flavor as in RFC 2373) is optional if not used must
* be set to all 0x00
*/
if (tvb_memeql(tvb, offset, allzero, 20) == 0) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 20,
"TTSI not preset (optional for FDI/BDI)");
offset += 20;
} else {
if (tvb_memeql(tvb, offset, allzero, 10) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 10,
"Error: these bytes are padding and "
"must be 0x00");
}
offset += 10;
if (tvb_memeql(tvb, offset, allone, 2) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 2,
"Error: these bytes are padding and "
"must be 0xFF");
}
offset += 2;
lsrid_ipv4addr = tvb_get_ipv4(tvb, offset);
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 4, "LSR ID: %s",
ip_to_str((guint8 *) &lsrid_ipv4addr));
offset += 4;
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 4, "LSP ID: %d",
tvb_get_ntohl(tvb, offset));
offset += 4;
}
/* defect location */
proto_tree_add_item(mpls_y1711_tree, hf_mpls_y1711_defect_location, tvb,
offset, 4,
ENC_LITTLE_ENDIAN);
offset += 4;
/* 14 octets of padding (all 0x00) */
if (tvb_memeql(tvb, offset, allzero, 14) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 14,
"Error: these bytes are padding "
"and must be 0x00");
}
offset += 14;
}
break;
case 0x07: /* FDD */
{
guint32 lsrid_ipv4addr;
/* 3 octets reserved (all 0x00) */
if (tvb_memeql(tvb, offset, allzero, 3) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 3,
"Error: these bytes are "
"reserved and must be 0x00");
}
offset += 3;
/* ttsi (ipv4 flavor as in RFC 2373) */
if (tvb_memeql(tvb, offset, allzero, 10) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 10,
"Error: these bytes are padding and "
"must be 0x00");
}
offset += 10;
if (tvb_memeql(tvb, offset, allone, 2) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 2,
"Error: these bytes are padding and "
"must be 0xFF");
}
offset += 2;
lsrid_ipv4addr = tvb_get_ipv4(tvb, offset);
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 4, "LSR ID: %s",
ip_to_str((guint8 *)&lsrid_ipv4addr));
offset += 4;
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 4, "LSP ID: %d",
tvb_get_ntohl(tvb,offset));
offset += 4;
proto_tree_add_item(mpls_y1711_tree, hf_mpls_y1711_frequency, tvb,
offset, 1,
ENC_LITTLE_ENDIAN);
offset++;
/* 17 octets of padding (all 0x00) */
if (tvb_memeql(tvb, offset, allzero, 17) == -1) {
proto_tree_add_text(mpls_y1711_tree, tvb, offset, 17,
"Error: these bytes are padding and "
"must be 0x00");
}
offset += 17;
}
break;
default:
proto_tree_add_text(mpls_y1711_tree, tvb, offset - 1, -1,
"Unknown MPLS Y.1711 PDU");
return offset;
}
/* BIP16 */
proto_tree_add_item(mpls_y1711_tree, hf_mpls_y1711_bip16, tvb, offset, 2,
ENC_LITTLE_ENDIAN);
offset += 2;
return offset;
}
static int
dissect_skype_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_item *ti;
proto_tree *skype_tree = NULL;
guint32 offset = 0;
guint32 packet_length;
guint8 packet_type, packet_unk;
conversation_t *conversation = NULL;
skype_udp_conv_info_t *skype_udp_info;
/* look up the conversation */
conversation = find_or_create_conversation(pinfo);
/* if conversation found get the data pointer that you stored */
skype_udp_info = (skype_udp_conv_info_t *)conversation_get_proto_data(conversation, proto_skype);
if (!skype_udp_info) {
/* new conversation create local data structure */
skype_udp_info = wmem_new(wmem_file_scope(), skype_udp_conv_info_t);
skype_udp_info->global_src_ip = 0;
skype_udp_info->global_dst_ip = 0;
conversation_add_proto_data(conversation, proto_skype,
skype_udp_info);
}
/* at this point the conversation data is ready */
packet_type = tvb_get_guint8(tvb, 2) & SKYPE_SOM_TYPE_MASK;
packet_unk = (tvb_get_guint8(tvb, 2) & SKYPE_SOM_UNK_MASK) >> 4;
packet_length = tvb_length(tvb);
col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_SHORT_NAME);
col_add_str(pinfo->cinfo, COL_INFO, val_to_str(packet_type,
skype_type_vals, "Type 0x%1x"));
if (packet_unk) {
col_append_fstr(pinfo->cinfo, COL_INFO, " Unk: %1x", packet_unk);
}
if (tree) {
/* Start of message dissection */
ti = proto_tree_add_item(tree, proto_skype, tvb, offset, -1,
ENC_NA);
skype_tree = proto_item_add_subtree(ti, ett_skype);
proto_tree_add_item(skype_tree, hf_skype_som_id, tvb, offset, 2,
ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(skype_tree, hf_skype_som_unk, tvb, offset, 1,
ENC_NA);
proto_tree_add_item(skype_tree, hf_skype_som_type, tvb, offset, 1,
ENC_NA);
offset += 1;
/* Body dissection */
switch (packet_type) {
case SKYPE_TYPE_UNKNOWN_0:
proto_tree_add_item(skype_tree, hf_skype_unknown_0_unk1, tvb, offset, -1,
ENC_NA);
offset = packet_length;
break;
case SKYPE_TYPE_PAYLOAD:
proto_tree_add_item(skype_tree, hf_skype_payload_iv, tvb, offset, 4,
ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(skype_tree, hf_skype_payload_crc, tvb, offset, 4,
ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(skype_tree, hf_skype_payload_enc_data, tvb, offset, -1,
ENC_NA);
offset = packet_length;
break;
case SKYPE_TYPE_FFR:
proto_tree_add_item(skype_tree, hf_skype_ffr_num, tvb, offset, 1,
ENC_NA);
offset += 1;
proto_tree_add_item(skype_tree, hf_skype_ffr_unk1, tvb, offset, 4,
ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(skype_tree, hf_skype_ffr_iv, tvb, offset, 4,
ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(skype_tree, hf_skype_ffr_crc, tvb, offset, 4,
ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(skype_tree, hf_skype_ffr_enc_data, tvb, offset, -1,
ENC_NA);
offset = packet_length;
break;
case SKYPE_TYPE_NAT_INFO:
proto_tree_add_item(skype_tree, hf_skype_natinfo_srcip, tvb, offset, 4,
ENC_BIG_ENDIAN);
skype_udp_info->global_src_ip = tvb_get_ipv4(tvb, offset);
offset += 4;
proto_tree_add_item(skype_tree, hf_skype_natinfo_dstip, tvb, offset, 4,
ENC_BIG_ENDIAN);
skype_udp_info->global_dst_ip = tvb_get_ipv4(tvb, offset);
offset += 4;
break;
case SKYPE_TYPE_NAT_REPEAT:
proto_tree_add_item(skype_tree, hf_skype_natrequest_srcip, tvb, offset, 4,
ENC_BIG_ENDIAN);
skype_udp_info->global_src_ip = tvb_get_ipv4(tvb, offset);
offset += 4;
proto_tree_add_item(skype_tree, hf_skype_natrequest_dstip, tvb, offset, 4,
ENC_BIG_ENDIAN);
skype_udp_info->global_dst_ip = tvb_get_ipv4(tvb, offset);
offset += 4;
break;
case SKYPE_TYPE_AUDIO:
proto_tree_add_item(skype_tree, hf_skype_audio_unk1, tvb, offset, -1,
ENC_NA);
offset = packet_length;
break;
case SKYPE_TYPE_UNKNOWN_F:
proto_tree_add_item(skype_tree, hf_skype_unknown_f_unk1, tvb, offset, -1,
ENC_NA);
offset = packet_length;
break;
default:
proto_tree_add_item(skype_tree, hf_skype_unknown_packet, tvb, offset, -1,
ENC_NA);
offset = packet_length;
break;
}
}
return offset;
}
static void
dissect_arp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guint16 ar_hrd;
guint16 ar_pro;
guint8 ar_hln;
guint8 ar_pln;
guint16 ar_op;
int tot_len;
proto_tree *arp_tree = NULL;
proto_item *ti, *item;
const gchar *op_str;
int sha_offset, spa_offset, tha_offset, tpa_offset;
const guint8 *spa_val, *tpa_val;
gboolean is_gratuitous;
gboolean duplicate_detected = FALSE;
guint32 duplicate_ip = 0;
/* Call it ARP, for now, so that if we throw an exception before
we decide whether it's ARP or RARP or IARP or ATMARP, it shows
up in the packet list as ARP.
Clear the Info column so that, if we throw an exception, it
shows up as a short or malformed ARP frame. */
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ARP");
col_clear(pinfo->cinfo, COL_INFO);
/* Hardware Address Type */
ar_hrd = tvb_get_ntohs(tvb, AR_HRD);
if (ar_hrd == ARPHRD_ATM2225) {
call_dissector(atmarp_handle, tvb, pinfo, tree);
return;
}
/* Protocol Address Type */
ar_pro = tvb_get_ntohs(tvb, AR_PRO);
/* Hardware Address Size */
ar_hln = tvb_get_guint8(tvb, AR_HLN);
/* Protocol Address Size */
ar_pln = tvb_get_guint8(tvb, AR_PLN);
/* Operation */
ar_op = tvb_get_ntohs(tvb, AR_OP);
tot_len = MIN_ARP_HEADER_SIZE + ar_hln*2 + ar_pln*2;
/* Adjust the length of this tvbuff to include only the ARP datagram.
Our caller may use that to determine how much of its packet
was padding. */
tvb_set_reported_length(tvb, tot_len);
if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
switch (ar_op) {
case ARPOP_REQUEST:
if (global_arp_detect_request_storm)
{
request_seen(pinfo);
}
/* FALLTHRU */
case ARPOP_REPLY:
default:
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ARP");
break;
case ARPOP_RREQUEST:
case ARPOP_RREPLY:
col_set_str(pinfo->cinfo, COL_PROTOCOL, "RARP");
break;
case ARPOP_IREQUEST:
case ARPOP_IREPLY:
col_set_str(pinfo->cinfo, COL_PROTOCOL, "Inverse ARP");
break;
}
}
/* Get the offsets of the addresses. */
/* Source Hardware Address */
sha_offset = MIN_ARP_HEADER_SIZE;
/* Source Protocol Address */
spa_offset = sha_offset + ar_hln;
/* Target Hardware Address */
tha_offset = spa_offset + ar_pln;
/* Target Protocol Address */
tpa_offset = tha_offset + ar_hln;
if ((ar_op == ARPOP_REPLY || ar_op == ARPOP_REQUEST) &&
ARP_HW_IS_ETHER(ar_hrd, ar_hln) &&
ARP_PRO_IS_IPv4(ar_pro, ar_pln)) {
/* inform resolv.c module of the new discovered addresses */
guint32 ip;
const guint8 *mac;
/* Add sender address if sender MAC address is neither a broadcast/
multicast address nor an all-zero address and if sender IP address
isn't all zeroes. */
ip = tvb_get_ipv4(tvb, spa_offset);
mac = tvb_get_ptr(tvb, sha_offset, 6);
if ((mac[0] & 0x01) == 0 && memcmp(mac, mac_allzero, 6) != 0 && ip != 0)
{
add_ether_byip(ip, mac);
if (global_arp_detect_duplicate_ip_addresses)
{
duplicate_detected =
check_for_duplicate_addresses(pinfo, tree, tvb, mac, ip,
&duplicate_ip);
}
}
/* Add target address if target MAC address is neither a broadcast/
multicast address nor an all-zero address and if target IP address
isn't all zeroes. */
/* Do not add target address if the packet is a Request. According to the RFC,
target addresses in requests have no meaning */
ip = tvb_get_ipv4(tvb, tpa_offset);
mac = tvb_get_ptr(tvb, tha_offset, 6);
if ((mac[0] & 0x01) == 0 && memcmp(mac, mac_allzero, 6) != 0 && ip != 0
&& ar_op != ARPOP_REQUEST)
{
add_ether_byip(ip, mac);
if (global_arp_detect_duplicate_ip_addresses)
{
duplicate_detected =
check_for_duplicate_addresses(pinfo, tree, tvb, mac, ip,
&duplicate_ip);
}
}
}
if (!tree && !check_col(pinfo->cinfo, COL_INFO)) {
/* We're not building a protocol tree and we're not setting the Info
column, so we don't have any more work to do. */
return;
}
spa_val = tvb_get_ptr(tvb, spa_offset, ar_pln);
tpa_val = tvb_get_ptr(tvb, tpa_offset, ar_pln);
/* ARP requests/replies with the same sender and target protocol
address are flagged as "gratuitous ARPs", i.e. ARPs sent out as,
in effect, an announcement that the machine has MAC address
XX:XX:XX:XX:XX:XX and IPv4 address YY.YY.YY.YY. Requests are to
provoke complaints if some other machine has the same IPv4 address,
replies are used to announce relocation of network address, like
in failover solutions. */
if (((ar_op == ARPOP_REQUEST) || (ar_op == ARPOP_REPLY)) && (memcmp(spa_val, tpa_val, ar_pln) == 0))
is_gratuitous = TRUE;
else
is_gratuitous = FALSE;
if (check_col(pinfo->cinfo, COL_INFO)) {
switch (ar_op) {
case ARPOP_REQUEST:
if (is_gratuitous)
col_add_fstr(pinfo->cinfo, COL_INFO, "Gratuitous ARP for %s (Request)",
arpproaddr_to_str(tpa_val, ar_pln, ar_pro));
else
col_add_fstr(pinfo->cinfo, COL_INFO, "Who has %s? Tell %s",
arpproaddr_to_str(tpa_val, ar_pln, ar_pro),
arpproaddr_to_str(spa_val, ar_pln, ar_pro));
break;
case ARPOP_REPLY:
if (is_gratuitous)
col_add_fstr(pinfo->cinfo, COL_INFO, "Gratuitous ARP for %s (Reply)",
arpproaddr_to_str(spa_val, ar_pln, ar_pro));
else
col_add_fstr(pinfo->cinfo, COL_INFO, "%s is at %s",
arpproaddr_to_str(spa_val, ar_pln, ar_pro),
tvb_arphrdaddr_to_str(tvb, sha_offset, ar_hln, ar_hrd));
break;
case ARPOP_RREQUEST:
case ARPOP_IREQUEST:
col_add_fstr(pinfo->cinfo, COL_INFO, "Who is %s? Tell %s",
tvb_arphrdaddr_to_str(tvb, tha_offset, ar_hln, ar_hrd),
tvb_arphrdaddr_to_str(tvb, sha_offset, ar_hln, ar_hrd));
break;
case ARPOP_RREPLY:
col_add_fstr(pinfo->cinfo, COL_INFO, "%s is at %s",
tvb_arphrdaddr_to_str(tvb, tha_offset, ar_hln, ar_hrd),
arpproaddr_to_str(tpa_val, ar_pln, ar_pro));
break;
case ARPOP_IREPLY:
col_add_fstr(pinfo->cinfo, COL_INFO, "%s is at %s",
tvb_arphrdaddr_to_str(tvb, sha_offset, ar_hln, ar_hrd),
arpproaddr_to_str(spa_val, ar_pln, ar_pro));
break;
default:
col_add_fstr(pinfo->cinfo, COL_INFO, "Unknown ARP opcode 0x%04x", ar_op);
break;
}
}
if (tree) {
if ((op_str = match_strval(ar_op, op_vals))) {
if (is_gratuitous && (ar_op == ARPOP_REQUEST))
op_str = "request/gratuitous ARP";
if (is_gratuitous && (ar_op == ARPOP_REPLY))
op_str = "reply/gratuitous ARP";
ti = proto_tree_add_protocol_format(tree, proto_arp, tvb, 0, tot_len,
"Address Resolution Protocol (%s)", op_str);
} else
ti = proto_tree_add_protocol_format(tree, proto_arp, tvb, 0, tot_len,
"Address Resolution Protocol (opcode 0x%04x)", ar_op);
arp_tree = proto_item_add_subtree(ti, ett_arp);
proto_tree_add_uint(arp_tree, hf_arp_hard_type, tvb, AR_HRD, 2, ar_hrd);
proto_tree_add_uint(arp_tree, hf_arp_proto_type, tvb, AR_PRO, 2, ar_pro);
proto_tree_add_uint(arp_tree, hf_arp_hard_size, tvb, AR_HLN, 1, ar_hln);
proto_tree_add_uint(arp_tree, hf_arp_proto_size, tvb, AR_PLN, 1, ar_pln);
proto_tree_add_uint(arp_tree, hf_arp_opcode, tvb, AR_OP, 2, ar_op);
item = proto_tree_add_boolean(arp_tree, hf_arp_isgratuitous, tvb, 0, 0, is_gratuitous);
PROTO_ITEM_SET_GENERATED(item);
if (ar_hln != 0) {
proto_tree_add_item(arp_tree,
ARP_HW_IS_ETHER(ar_hrd, ar_hln) ?
hf_arp_src_hw_mac :
hf_arp_src_hw,
tvb, sha_offset, ar_hln, FALSE);
}
if (ar_pln != 0) {
proto_tree_add_item(arp_tree,
ARP_PRO_IS_IPv4(ar_pro, ar_pln) ?
hf_arp_src_proto_ipv4 :
hf_arp_src_proto,
tvb, spa_offset, ar_pln, FALSE);
}
if (ar_hln != 0) {
proto_tree_add_item(arp_tree,
ARP_HW_IS_ETHER(ar_hrd, ar_hln) ?
hf_arp_dst_hw_mac :
hf_arp_dst_hw,
tvb, tha_offset, ar_hln, FALSE);
}
if (ar_pln != 0) {
proto_tree_add_item(arp_tree,
ARP_PRO_IS_IPv4(ar_pro, ar_pln) ?
hf_arp_dst_proto_ipv4 :
hf_arp_dst_proto,
tvb, tpa_offset, ar_pln, FALSE);
}
}
if (global_arp_detect_request_storm)
{
check_for_storm_count(tvb, pinfo, arp_tree);
}
if (duplicate_detected)
{
/* Also indicate in info column */
if (check_col(pinfo->cinfo, COL_INFO))
{
col_append_fstr(pinfo->cinfo, COL_INFO, " (duplicate use of %s detected!)",
arpproaddr_to_str((guint8*)&duplicate_ip, 4, ETHERTYPE_IP));
}
}
}
/* dissector of each payload */
static int
dissect_xtp_aseg(tvbuff_t *tvb, proto_tree *tree, guint32 offset) {
guint32 len = tvb_length_remaining(tvb, offset);
guint32 start = offset;
proto_item *ti, *ti2, *top_ti;
proto_tree *xtp_subtree;
struct xtp_ip_addr_seg aseg[1];
int error = 0;
top_ti = proto_tree_add_text(tree, tvb, offset, len, "Address Segment");
xtp_subtree = proto_item_add_subtree(top_ti, ett_xtp_aseg);
if (len < XTP_NULL_ADDR_SEG_LEN) {
proto_item_append_text(top_ti, ", bogus length(%u, must be at least %u)",
len, XTP_NULL_ADDR_SEG_LEN);
return 0;
}
/** parse common fields **/
/* alen(2) */
aseg->alen = tvb_get_ntohs(tvb, offset);
offset += 2;
/* adomain(1) */
aseg->adomain = tvb_get_guint8(tvb, offset);
offset++;
/* aformat(1) */
aseg->aformat = tvb_get_guint8(tvb, offset);
/** display common fields **/
offset = start;
/* alen(2) */
ti = proto_tree_add_uint(xtp_subtree, hf_xtp_aseg_alen,
tvb, offset, 2, aseg->alen);
offset += 2;
if (aseg->alen > len) {
proto_item_append_text(ti, ", bogus length(%u, must be at most %u)",
aseg->alen, len);
error = 1;
}
/* adomain(1) */
proto_tree_add_uint(xtp_subtree, hf_xtp_aseg_adomain,
tvb, offset, 1, aseg->adomain);
offset++;
/* aformat(1) */
ti2 = proto_tree_add_uint(xtp_subtree, hf_xtp_aseg_aformat,
tvb, offset, 1, aseg->aformat);
offset++;
switch (aseg->aformat) {
case 0:
if (aseg->alen != XTP_NULL_ADDR_SEG_LEN) {
proto_item_append_text(ti, ", bogus length(%u, must be %u)",
aseg->alen, XTP_NULL_ADDR_SEG_LEN);
error = 1;
}
break;
case 1:
if (aseg->alen != XTP_IP_ADDR_SEG_LEN) {
proto_item_append_text(ti, ", bogus length(%u, must be %u)",
aseg->alen, XTP_IP_ADDR_SEG_LEN);
error = 1;
}
break;
default:
if (aseg->aformat < 128) {
proto_item_append_text(ti2,
", Unsupported aformat(%u)", aseg->aformat);
error = 1;
}
break;
}
if (error)
return (offset - start);
/** parse and display each address fileds */
switch (aseg->aformat) {
case 0:
/* address(4) */
aseg->dsthost = tvb_get_ntohl(tvb, offset);
proto_tree_add_uint(xtp_subtree, hf_xtp_aseg_address,
tvb, offset, 4, aseg->dsthost);
offset += 4;
break;
case 1:
/* dsthost(4) */
aseg->dsthost = tvb_get_ipv4(tvb, offset);
proto_tree_add_ipv4(xtp_subtree, hf_xtp_aseg_dsthost,
tvb, offset, 4, aseg->dsthost);
offset += 4;
/* srchost(4) */
aseg->srchost = tvb_get_ipv4(tvb, offset);
proto_tree_add_ipv4(xtp_subtree, hf_xtp_aseg_srchost,
tvb, offset, 4, aseg->srchost);
offset += 4;
/* dstport(2) */
aseg->dstport = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(xtp_subtree, hf_xtp_aseg_dstport,
tvb, offset, 2, aseg->dstport);
offset += 2;
/* srcport(2) */
aseg->srcport = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(xtp_subtree, hf_xtp_aseg_srcport,
tvb, offset, 2, aseg->srcport);
offset += 2;
/** add summary **/
proto_item_append_text(top_ti, ", Dst Port: %u", aseg->dstport);
proto_item_append_text(top_ti, ", Src Port: %u", aseg->srcport);
break;
default:
break;
}
return (offset - start);
}
static int
dissect_dtpt_sockaddr(tvbuff_t *tvb, guint offset, proto_tree *tree, int hfindex, int sockaddr_type)
{
guint32 sockaddr_length = 0;
proto_item *sockaddr_item = NULL;
proto_tree *sockaddr_tree = NULL;
guint32 sockaddr_len1 = 0;
guint32 sockaddr_len2 = 0;
switch (sockaddr_type) {
case SOCKADDR_WITH_LEN:
sockaddr_len1=4;
sockaddr_len2=16;
break;
case SOCKADDR_CONNECT:
sockaddr_len1=0;
sockaddr_len2=30;
break;
}
if (sockaddr_type == SOCKADDR_WITH_LEN)
sockaddr_length = tvb_get_letohl(tvb, offset + 0);
if (tree) {
sockaddr_item = proto_tree_add_text(tree,
tvb, offset, sockaddr_len1+sockaddr_len2, "%s", proto_registrar_get_name(hfindex));
if (sockaddr_item)
sockaddr_tree = proto_item_add_subtree(sockaddr_item, ett_dtpt_sockaddr);
if (sockaddr_tree) {
if (sockaddr_type == SOCKADDR_WITH_LEN)
proto_tree_add_uint(sockaddr_tree, hf_dtpt_sockaddr_length,
tvb, offset+0, 4, sockaddr_length);
}
}
offset += sockaddr_len1;
if (sockaddr_tree) {
switch (sockaddr_type) {
case SOCKADDR_WITH_LEN: {
guint16 family;
family = tvb_get_letohs(tvb, offset);
proto_tree_add_uint(sockaddr_tree, hf_dtpt_sockaddr_family,
tvb, offset, 2, family);
switch (family) {
case WINSOCK_AF_INET: {
guint16 port;
guint32 addr;
port = tvb_get_ntohs(tvb,offset+2);
proto_tree_add_uint(sockaddr_tree, hf_dtpt_sockaddr_port,
tvb, offset+2,2,port);
addr = tvb_get_ipv4(tvb,offset+4);
proto_tree_add_ipv4(sockaddr_tree, hf_dtpt_sockaddr_address,
tvb, offset+4,4,addr);
proto_tree_add_text(sockaddr_tree, tvb, offset+8, 8, "Padding");
proto_item_append_text(sockaddr_item, ": %s:%d", ip_to_str((guint8*)&addr), port);
}
break;
}
}
break;
case SOCKADDR_CONNECT: {
guint32 family;
family = tvb_get_letohl(tvb, offset+0);
proto_tree_add_uint(sockaddr_tree, hf_dtpt_sockaddr_family,
tvb, offset+0, 4, family);
switch (family) {
case WINSOCK_AF_INET: {
guint16 port;
guint32 addr;
proto_tree_add_text(sockaddr_tree, tvb, offset+4, 4, "Padding");
port = tvb_get_ntohs(tvb,offset+8);
proto_tree_add_uint(sockaddr_tree, hf_dtpt_sockaddr_port,
tvb, offset+8,2,port);
addr = tvb_get_ipv4(tvb,offset+10);
proto_tree_add_ipv4(sockaddr_tree, hf_dtpt_sockaddr_address,
tvb, offset+10,4,addr);
proto_tree_add_text(sockaddr_tree, tvb, offset+14, 16, "Padding");
proto_item_append_text(sockaddr_item, ": %s:%d", ip_to_str((guint8*)&addr), port);
}
break;
}
}
break;
}
}
offset += sockaddr_len2;
return offset;
}
static void dissect_bat_batman_v5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
struct batman_packet_v5 *batman_packeth;
const guint8 *old_orig_addr, *orig_addr;
guint32 old_orig, orig;
gint i;
tvbuff_t *next_tvb;
guint length_remaining;
int offset = 0;
batman_packeth = ep_alloc(sizeof(struct batman_packet_v5));
batman_packeth->version = tvb_get_guint8(tvb, 0);
batman_packeth->flags = tvb_get_guint8(tvb, 1);
batman_packeth->ttl = tvb_get_guint8(tvb, 2);
batman_packeth->gwflags = tvb_get_guint8(tvb, 3);
batman_packeth->seqno = tvb_get_ntohs(tvb, 4);
batman_packeth->gwport = tvb_get_ntohs(tvb, 6);
orig_addr = tvb_get_ptr(tvb, 8, 4);
orig = tvb_get_ipv4(tvb, 8);
SET_ADDRESS(&batman_packeth->orig, AT_IPv4, 4, orig_addr);
old_orig_addr = tvb_get_ptr(tvb, 12, 4);
old_orig = tvb_get_ipv4(tvb, 12);
SET_ADDRESS(&batman_packeth->old_orig, AT_IPv4, 4, old_orig_addr);
batman_packeth->tq = tvb_get_guint8(tvb, 16);
batman_packeth->hna_len = tvb_get_guint8(tvb, 17);
/* Set info column */
if (check_col(pinfo->cinfo, COL_INFO))
col_add_fstr(pinfo->cinfo, COL_INFO, "Seq=%u", batman_packeth->seqno);
/* Set tree info */
if (tree) {
proto_item *ti = NULL, *tf, *tgw;
proto_tree *bat_batman_tree = NULL, *flag_tree = NULL;
if (PTREE_DATA(tree)->visible) {
ti = proto_tree_add_protocol_format(tree, proto_bat_plugin, tvb, 0, BATMAN_PACKET_V5_SIZE,
"B.A.T.M.A.N., Orig: %s (%s)",
get_hostname(orig), ip_to_str(batman_packeth->orig.data));
} else {
ti = proto_tree_add_item(tree, proto_bat_plugin, tvb, 0, BATMAN_PACKET_V5_SIZE, FALSE);
}
bat_batman_tree = proto_item_add_subtree(ti, ett_bat_batman);
/* items */
proto_tree_add_item(bat_batman_tree, hf_bat_batman_version, tvb, offset, 1, FALSE);
offset += 1;
tf = proto_tree_add_item(bat_batman_tree, hf_bat_batman_flags, tvb, offset, 1, FALSE);
/* <flags> */
flag_tree = proto_item_add_subtree(tf, ett_bat_batman_flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_unidirectional, tvb, offset, 1, batman_packeth->flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_directlink, tvb, offset, 1, batman_packeth->flags);
/* </flags> */
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_ttl, tvb, offset, 1, FALSE);
offset += 1;
tgw = proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwflags, tvb, offset, 1, FALSE);
dissect_bat_gwflags(tvb, batman_packeth->gwflags, offset, tgw);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_seqno, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwport, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_orig, tvb, offset, 4, orig);
offset += 4;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_old_orig, tvb, offset, 4, old_orig);
offset += 4;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_tq, tvb, offset, 1, FALSE);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_hna_len, tvb, offset, 1, FALSE);
offset += 1;
tap_queue_packet(bat_tap, pinfo, batman_packeth);
for (i = 0; i < batman_packeth->hna_len; i++) {
next_tvb = tvb_new_subset(tvb, offset, 5, 5);
if (have_tap_listener(bat_follow_tap)) {
tap_queue_packet(bat_follow_tap, pinfo, next_tvb);
}
dissect_bat_hna(next_tvb, pinfo, bat_batman_tree);
offset += 5;
}
}
length_remaining = tvb_reported_length_remaining(tvb, offset);
if (length_remaining != 0) {
next_tvb = tvb_new_subset_remaining(tvb, offset);
if (have_tap_listener(bat_follow_tap)) {
tap_queue_packet(bat_follow_tap, pinfo, next_tvb);
}
dissect_bat_batman(next_tvb, pinfo, tree);
}
}
static void
dissect_ntp_std(tvbuff_t *tvb, proto_tree *ntp_tree, guint8 flags)
{
proto_tree *flags_tree;
proto_item *tf;
guint8 stratum;
guint8 ppoll;
gint8 precision;
double rootdelay;
double rootdispersion;
const guint8 *refid;
guint32 refid_addr;
const guint8 *reftime;
const guint8 *org;
const guint8 *rec;
const guint8 *xmt;
const gchar *buffc;
gchar *buff;
int i;
int macofs;
gint maclen;
tf = proto_tree_add_uint(ntp_tree, hf_ntp_flags, tvb, 0, 1, flags);
/* Adding flag subtree and items */
flags_tree = proto_item_add_subtree(tf, ett_ntp_flags);
proto_tree_add_uint(flags_tree, hf_ntp_flags_li, tvb, 0, 1, flags);
proto_tree_add_uint(flags_tree, hf_ntp_flags_vn, tvb, 0, 1, flags);
proto_tree_add_uint(flags_tree, hf_ntp_flags_mode, tvb, 0, 1, flags);
/* Stratum, 1byte field represents distance from primary source
*/
stratum = tvb_get_guint8(tvb, 1);
if (stratum == 0) {
buffc="Peer Clock Stratum: unspecified or unavailable (%u)";
} else if (stratum == 1) {
buffc="Peer Clock Stratum: primary reference (%u)";
} else if ((stratum >= 2) && (stratum <= 15)) {
buffc="Peer Clock Stratum: secondary reference (%u)";
} else {
buffc="Peer Clock Stratum: reserved: %u";
}
proto_tree_add_uint_format(ntp_tree, hf_ntp_stratum, tvb, 1, 1,
stratum, buffc, stratum);
/* Poll interval, 1byte field indicating the maximum interval
* between successive messages, in seconds to the nearest
* power of two.
*/
ppoll = tvb_get_guint8(tvb, 2);
if ((ppoll >= 4) && (ppoll <= 17)) {
proto_tree_add_uint_format(ntp_tree, hf_ntp_ppoll, tvb, 2, 1,
ppoll,
"Peer Polling Interval: %u (%u sec)",
ppoll,
1 << ppoll);
} else {
proto_tree_add_uint_format(ntp_tree, hf_ntp_ppoll, tvb, 2, 1,
ppoll,
"Peer Polling Interval: invalid (%u)",
ppoll);
}
/* Precision, 1byte field indicating the precision of the
* local clock, in seconds to the nearest power of two.
*/
precision = tvb_get_guint8(tvb, 3);
proto_tree_add_int_format(ntp_tree, hf_ntp_precision, tvb, 3, 1,
precision,
"Peer Clock Precision: %8.6f sec",
pow(2, precision));
/* Root Delay is a 32-bit signed fixed-point number indicating
* the total roundtrip delay to the primary reference source,
* in seconds with fraction point between bits 15 and 16.
*/
rootdelay = ((gint16)tvb_get_ntohs(tvb, 4)) +
(tvb_get_ntohs(tvb, 6) / 65536.0);
proto_tree_add_double_format(ntp_tree, hf_ntp_rootdelay, tvb, 4, 4,
rootdelay,
"Root Delay: %9.4f sec",
rootdelay);
/* Root Dispersion, 32-bit unsigned fixed-point number indicating
* the nominal error relative to the primary reference source, in
* seconds with fraction point between bits 15 and 16.
*/
rootdispersion = ((gint16)tvb_get_ntohs(tvb, 8)) +
(tvb_get_ntohs(tvb, 10) / 65536.0);
proto_tree_add_double_format(ntp_tree, hf_ntp_rootdispersion, tvb, 8, 4,
rootdispersion,
"Root Dispersion: %9.4f sec",
rootdispersion);
/* Now, there is a problem with secondary servers. Standards
* asks from stratum-2 - stratum-15 servers to set this to the
* low order 32 bits of the latest transmit timestamp of the
* reference source.
* But, all V3 and V4 servers set this to IP adress of their
* higher level server. My decision was to resolve this address.
*/
refid = tvb_get_ptr(tvb, 12, 4);
buff = ep_alloc(NTP_TS_SIZE);
if (stratum <= 1) {
g_snprintf (buff, NTP_TS_SIZE, "Unidentified reference source '%.4s'",
refid);
for (i = 0; primary_sources[i].id; i++) {
if (memcmp (refid, primary_sources[i].id, 4) == 0) {
g_snprintf(buff, NTP_TS_SIZE, "%s",
primary_sources[i].data);
break;
}
}
} else {
int buffpos;
refid_addr = tvb_get_ipv4(tvb, 12);
buffpos = g_snprintf(buff, NTP_TS_SIZE, "%s", get_hostname (refid_addr));
if (buffpos >= NTP_TS_SIZE) {
buff[NTP_TS_SIZE-4]='.';
buff[NTP_TS_SIZE-3]='.';
buff[NTP_TS_SIZE-2]='.';
buff[NTP_TS_SIZE-1]=0;
}
}
proto_tree_add_bytes_format(ntp_tree, hf_ntp_refid, tvb, 12, 4,
refid,
"Reference Clock ID: %s", buff);
/* Reference Timestamp: This is the time at which the local clock was
* last set or corrected.
*/
reftime = tvb_get_ptr(tvb, 16, 8);
proto_tree_add_bytes_format(ntp_tree, hf_ntp_reftime, tvb, 16, 8,
reftime,
"Reference Clock Update Time: %s",
ntp_fmt_ts(reftime));
/* Originate Timestamp: This is the time at which the request departed
* the client for the server.
*/
org = tvb_get_ptr(tvb, 24, 8);
proto_tree_add_bytes_format(ntp_tree, hf_ntp_org, tvb, 24, 8,
org,
"Originate Time Stamp: %s",
ntp_fmt_ts(org));
/* Receive Timestamp: This is the time at which the request arrived at
* the server.
*/
rec = tvb_get_ptr(tvb, 32, 8);
proto_tree_add_bytes_format(ntp_tree, hf_ntp_rec, tvb, 32, 8,
rec,
"Receive Time Stamp: %s",
ntp_fmt_ts(rec));
/* Transmit Timestamp: This is the time at which the reply departed the
* server for the client.
*/
xmt = tvb_get_ptr(tvb, 40, 8);
proto_tree_add_bytes_format(ntp_tree, hf_ntp_xmt, tvb, 40, 8,
xmt,
"Transmit Time Stamp: %s",
ntp_fmt_ts(xmt));
/* MAX_MAC_LEN is the largest message authentication code
* (MAC) length. If we have more data left in the packet
* after the header than that, the extra data is NTP4
* extensions; parse them as such.
*/
macofs = 48;
while (tvb_reported_length_remaining(tvb, macofs) > (gint)MAX_MAC_LEN)
macofs = dissect_ntp_ext(tvb, ntp_tree, macofs);
/* When the NTP authentication scheme is implemented, the
* Key Identifier and Message Digest fields contain the
* message authentication code (MAC) information defined in
* Appendix C of RFC-1305. Will print this as hex code for now.
*/
if (tvb_reported_length_remaining(tvb, macofs) >= 4)
proto_tree_add_item(ntp_tree, hf_ntp_keyid, tvb, macofs, 4,
FALSE);
macofs += 4;
maclen = tvb_reported_length_remaining(tvb, macofs);
if (maclen > 0)
proto_tree_add_item(ntp_tree, hf_ntp_mac, tvb, macofs,
maclen, FALSE);
}
static int
dissect_ppcap_source_address(tvbuff_t *tvb, packet_info *pinfo, proto_tree * ppcap_tree1, int offset)
{
int key1;
guint16 msg_len;
msg_len = tvb_get_ntohs(tvb, offset);
proto_tree_add_item( ppcap_tree1, hf_ppcap_length, tvb, offset, 2, ENC_BIG_ENDIAN);
offset = offset + 2;
proto_tree_add_item(ppcap_tree1, hf_ppcap_reserved, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
key1 = tvb_get_ntohs(tvb, offset);
proto_tree_add_item(ppcap_tree1, hf_ppcap_address_type, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
if (key1 == 1)
{
proto_tree_add_item(ppcap_tree1, hf_ppcap_ssn, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(ppcap_tree1, hf_ppcap_spc, tvb, offset, 3, ENC_BIG_ENDIAN);
/*src_addr1 = (guint32 )tvb_get_ntoh24(tvb, offset);*/
mtp3_addr_opc = wmem_new0(wmem_packet_scope(), mtp3_addr_pc_t);
mtp3_addr_opc->pc = (guint32 )tvb_get_ntoh24(tvb, offset);
mtp3_addr_opc->type = ITU_STANDARD;
mtp3_addr_opc->ni = 0;
/*SET_ADDRESS(&pinfo->net_src, AT_SS7PC, sizeof(mtp3_addr_pc_t), (guint8 *) mtp3_addr_opc);*/
SET_ADDRESS(&pinfo->src, AT_SS7PC, sizeof(mtp3_addr_pc_t), (guint8 *) mtp3_addr_opc);
if (msg_len%4)
msg_len = msg_len + (4 - (msg_len%4));
offset += msg_len-1;
return offset;
}
else if (key1 == 2)
{
proto_tree_add_item(ppcap_tree1, hf_ppcap_opc, tvb, offset, msg_len, ENC_BIG_ENDIAN);
/*src_addr1 = (guint32 )tvb_get_ntoh24(tvb, offset);*/
mtp3_addr_opc = wmem_new0(wmem_packet_scope(), mtp3_addr_pc_t);
mtp3_addr_opc->pc = tvb_get_ntohl(tvb, offset);
mtp3_addr_opc->type = ITU_STANDARD;
mtp3_addr_opc->ni = 0;
SET_ADDRESS(&pinfo->src, AT_SS7PC, sizeof(mtp3_addr_pc_t), (guint8 *) mtp3_addr_opc);
}
else if (key1 == 3)
{
if (msg_len%16 != 0)
{
proto_tree_add_ipv4(ppcap_tree1, hf_ppcap_source_ip_address1, tvb, offset, msg_len, tvb_get_ipv4(tvb, offset));
TVB_SET_ADDRESS(&pinfo->net_src, AT_IPv4, tvb, offset, 4);
COPY_ADDRESS_SHALLOW(&pinfo->src, &pinfo->net_src);
}
else
{
struct e_in6_addr value;
tvb_get_ipv6(tvb, offset, &value);
proto_tree_add_ipv6(ppcap_tree1, hf_ppcap_source_ip_address2, tvb, offset, msg_len, &value);
TVB_SET_ADDRESS(&pinfo->net_src, AT_IPv6, tvb, offset, 6);
COPY_ADDRESS_SHALLOW(&pinfo->src, &pinfo->net_src);
}
}
else if (key1 == 4)
{
proto_tree_add_item(ppcap_tree1, hf_ppcap_source_nodeid, tvb, offset, msg_len, ENC_ASCII|ENC_NA);
TVB_SET_ADDRESS(&pinfo->net_src, AT_STRINGZ, tvb, offset, msg_len);
COPY_ADDRESS_SHALLOW(&pinfo->src, &pinfo->net_src);
}
if (msg_len%4)
msg_len = msg_len + (4 - (msg_len%4));
offset += msg_len;
return offset;
}
static void
dissect_aodv_rreq(tvbuff_t *tvb, packet_info *pinfo, proto_tree *aodv_tree,
proto_item *ti, gboolean is_ipv6)
{
int offset = 1;
proto_item *tj;
proto_tree *aodv_flags_tree;
guint8 flags;
guint8 hop_count;
guint32 rreq_id;
guint32 dest_addr_v4;
struct e_in6_addr dest_addr_v6;
guint32 dest_seqno;
guint32 orig_addr_v4;
struct e_in6_addr orig_addr_v6;
guint32 orig_seqno;
int extlen;
flags = tvb_get_guint8(tvb, offset);
if (aodv_tree) {
tj = proto_tree_add_text(aodv_tree, tvb, offset, 1, "Flags:");
aodv_flags_tree = proto_item_add_subtree(tj, ett_aodv_flags);
proto_tree_add_boolean(aodv_flags_tree, hf_aodv_flags_rreq_join,
tvb, offset, 1, flags);
proto_tree_add_boolean(aodv_flags_tree, hf_aodv_flags_rreq_repair,
tvb, offset, 1, flags);
proto_tree_add_boolean(aodv_flags_tree, hf_aodv_flags_rreq_gratuitous,
tvb, offset, 1, flags);
proto_tree_add_boolean(aodv_flags_tree, hf_aodv_flags_rreq_destinationonly,
tvb, offset, 1, flags);
proto_tree_add_boolean(aodv_flags_tree, hf_aodv_flags_rreq_unknown,
tvb, offset, 1, flags);
if (flags & RREQ_JOIN)
proto_item_append_text(tj, " J");
if (flags & RREQ_REP)
proto_item_append_text(tj, " R");
if (flags & RREQ_GRATRREP)
proto_item_append_text(tj, " G");
if (flags & RREQ_DESTONLY)
proto_item_append_text(tj, " D");
if (flags & RREQ_UNKNSEQ)
proto_item_append_text(tj, " U");
}
offset += 2; /* skip reserved byte */
hop_count = tvb_get_guint8(tvb, offset);
if (aodv_tree)
proto_tree_add_uint(aodv_tree, hf_aodv_hopcount, tvb, offset, 1,
hop_count);
offset += 1;
rreq_id = tvb_get_ntohl(tvb, offset);
if (aodv_tree)
proto_tree_add_uint(aodv_tree, hf_aodv_rreq_id, tvb, offset, 4,
rreq_id);
offset += 4;
if (is_ipv6) {
tvb_get_ipv6(tvb, offset, &dest_addr_v6);
if (aodv_tree) {
proto_tree_add_ipv6(aodv_tree, hf_aodv_dest_ipv6, tvb, offset,
INET6_ADDRLEN, (guint8 *)&dest_addr_v6);
proto_item_append_text(ti, ", Dest IP: %s",
ip6_to_str(&dest_addr_v6));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", D: %s",
ip6_to_str(&dest_addr_v6));
offset += INET6_ADDRLEN;
} else {
dest_addr_v4 = tvb_get_ipv4(tvb, offset);
if (aodv_tree) {
proto_tree_add_ipv4(aodv_tree, hf_aodv_dest_ip, tvb, offset, 4,
dest_addr_v4);
proto_item_append_text(ti, ", Dest IP: %s",
ip_to_str((guint8 *)&dest_addr_v4));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", D: %s",
ip_to_str((guint8 *)&dest_addr_v4));
offset += 4;
}
dest_seqno = tvb_get_ntohl(tvb, offset);
if (aodv_tree)
proto_tree_add_uint(aodv_tree, hf_aodv_dest_seqno, tvb, offset, 4,
dest_seqno);
offset += 4;
if (is_ipv6) {
tvb_get_ipv6(tvb, offset, &orig_addr_v6);
if (aodv_tree) {
proto_tree_add_ipv6(aodv_tree, hf_aodv_orig_ipv6, tvb, offset,
INET6_ADDRLEN, (guint8 *)&orig_addr_v6);
proto_item_append_text(ti, ", Orig IP: %s",
ip6_to_str(&orig_addr_v6));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", O: %s",
ip6_to_str(&orig_addr_v6));
offset += INET6_ADDRLEN;
} else {
orig_addr_v4 = tvb_get_ipv4(tvb, offset);
if (aodv_tree) {
proto_tree_add_ipv4(aodv_tree, hf_aodv_orig_ip, tvb, offset, 4,
orig_addr_v4);
proto_item_append_text(ti, ", Orig IP: %s",
ip_to_str((guint8 *)&orig_addr_v4));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", O: %s",
ip_to_str((guint8 *)&orig_addr_v4));
offset += 4;
}
orig_seqno = tvb_get_ntohl(tvb, offset);
if (aodv_tree)
proto_tree_add_uint(aodv_tree, hf_aodv_orig_seqno, tvb, offset, 4,
orig_seqno);
col_append_fstr(pinfo->cinfo, COL_INFO, " Id=%u Hcnt=%u DSN=%u OSN=%u",
rreq_id,
hop_count,
dest_seqno,
orig_seqno);
offset += 4;
if (aodv_tree) {
extlen = tvb_reported_length_remaining(tvb, offset);
if (extlen > 0)
dissect_aodv_ext(tvb, offset, aodv_tree);
}
}
static int dissect_bat_batman_v5(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree)
{
proto_item *tf, *tgw;
proto_tree *bat_batman_tree = NULL, *flag_tree;
struct batman_packet_v5 *batman_packeth;
const guint8 *old_orig_addr, *orig_addr;
guint32 old_orig, orig;
gint i;
tvbuff_t *next_tvb;
batman_packeth = wmem_new(wmem_packet_scope(), struct batman_packet_v5);
batman_packeth->version = tvb_get_guint8(tvb, offset+0);
batman_packeth->flags = tvb_get_guint8(tvb, offset+1);
batman_packeth->ttl = tvb_get_guint8(tvb, offset+2);
batman_packeth->gwflags = tvb_get_guint8(tvb, offset+3);
batman_packeth->seqno = tvb_get_ntohs(tvb, offset+4);
batman_packeth->gwport = tvb_get_ntohs(tvb, offset+6);
orig_addr = tvb_get_ptr(tvb, offset+8, 4);
orig = tvb_get_ipv4(tvb, offset+8);
SET_ADDRESS(&batman_packeth->orig, AT_IPv4, 4, orig_addr);
old_orig_addr = tvb_get_ptr(tvb, offset+12, 4);
old_orig = tvb_get_ipv4(tvb, offset+12);
SET_ADDRESS(&batman_packeth->old_orig, AT_IPv4, 4, old_orig_addr);
batman_packeth->tq = tvb_get_guint8(tvb, offset+16);
batman_packeth->hna_len = tvb_get_guint8(tvb, offset+17);
/* Set info column */
col_add_fstr(pinfo->cinfo, COL_INFO, "Seq=%u", batman_packeth->seqno);
/* Set tree info */
if (tree) {
proto_item *ti;
if (PTREE_DATA(tree)->visible) {
ti = proto_tree_add_protocol_format(tree, proto_bat_plugin, tvb, offset, BATMAN_PACKET_V5_SIZE,
"B.A.T.M.A.N., Orig: %s (%s)",
get_hostname(orig), ip_to_str((const guint8 *)batman_packeth->orig.data));
} else {
ti = proto_tree_add_item(tree, proto_bat_plugin, tvb, offset, BATMAN_PACKET_V5_SIZE, ENC_NA);
}
bat_batman_tree = proto_item_add_subtree(ti, ett_bat_batman);
}
/* items */
proto_tree_add_item(bat_batman_tree, hf_bat_batman_version, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
tf = proto_tree_add_item(bat_batman_tree, hf_bat_batman_flags, tvb, offset, 1, ENC_BIG_ENDIAN);
/* <flags> */
flag_tree = proto_item_add_subtree(tf, ett_bat_batman_flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_unidirectional, tvb, offset, 1, batman_packeth->flags);
proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_directlink, tvb, offset, 1, batman_packeth->flags);
/* </flags> */
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_ttl, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
tgw = proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwflags, tvb, offset, 1, ENC_BIG_ENDIAN);
dissect_bat_gwflags(tvb, batman_packeth->gwflags, offset, tgw);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_seqno, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwport, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_orig, tvb, offset, 4, orig);
offset += 4;
proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_old_orig, tvb, offset, 4, old_orig);
offset += 4;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_tq, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(bat_batman_tree, hf_bat_batman_hna_len, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
tap_queue_packet(bat_tap, pinfo, batman_packeth);
for (i = 0; i < batman_packeth->hna_len; i++) {
next_tvb = tvb_new_subset(tvb, offset, 5, 5);
if (have_tap_listener(bat_follow_tap)) {
tap_queue_packet(bat_follow_tap, pinfo, next_tvb);
}
dissect_bat_hna(next_tvb, pinfo, bat_batman_tree);
offset += 5;
}
return offset;
}
if (have_tap_listener(bat_follow_tap)) {
tap_queue_packet(bat_follow_tap, pinfo, next_tvb);
}
dissect_bat_batman(next_tvb, pinfo, tree);
}
}
static void dissect_bat_hna(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
{
const guint8 *hna_addr;
guint32 hna;
guint8 hna_netmask;
hna_addr = tvb_get_ptr(tvb, 0, 4);
hna = tvb_get_ipv4(tvb, 0);
hna_netmask = tvb_get_guint8(tvb, 4);
/* Set tree info */
if (tree) {
proto_item *ti = NULL;
proto_tree *bat_batman_hna_tree = NULL;
if (PTREE_DATA(tree)->visible) {
ti = proto_tree_add_protocol_format(tree, proto_bat_plugin, tvb, 0, 5,
"B.A.T.M.A.N. HNA: %s/%d",
ip_to_str(hna_addr), hna_netmask);
} else {
ti = proto_tree_add_item(tree, proto_bat_plugin, tvb, 0, 5, FALSE);
}
static guint
state_machine_v4( socks_hash_entry_t *hash_info, tvbuff_t *tvb,
int offset, packet_info *pinfo) {
/* Decode V4 protocol. This is done on the first pass through the */
/* list. Based upon the current state, decode the packet and determine */
/* what the next state should be. If we had per packet information, */
/* this would be the place to load them up. */
if ( hash_info->state == None) { /* new connection */
col_append_str(pinfo->cinfo, COL_INFO, " Connect to server request");
hash_info->state = Connecting; /* change state */
hash_info->command = tvb_get_guint8(tvb, offset + 1);
/* get remote port */
if ( hash_info->command == CONNECT_COMMAND)
hash_info->port = tvb_get_ntohs(tvb, offset + 2);
/* get remote address */
hash_info->dst_addr = tvb_get_ipv4(tvb, offset + 4);
/* save the packet pointer */
hash_info->connect_row = get_packet_ptr;
/* skip past this stuff */
hash_info->connect_offset = offset + 8;
offset += 8;
if ( !tvb_offset_exists(tvb, offset)) { /* if no user name */
/* change state */
hash_info->state = V4UserNameWait;
/*
* XXX - add 1, or leave it alone?
* We were adding "strlen(...) + 1".
*/
hash_info->connect_offset += 1;
} else {
/*
* Add in the length of the user name.
* XXX - what if the user name is split between
* TCP segments?
*/
hash_info->connect_offset += tvb_strsize(tvb, offset);
}
if ( !hash_info->dst_addr){ /* if no dest address */
/* if more data */
if ( tvb_offset_exists(tvb, hash_info->connect_offset)) {
/*XXX copy remote name here ??? */
hash_info->state = Connecting;
}
else
hash_info->state = V4NameWait;
}
/* waiting for V4 user name */
}else if ( hash_info->state == V4UserNameWait){
col_append_str(pinfo->cinfo, COL_INFO, " Connect Request (User name)");
hash_info->v4_user_name_row = get_packet_ptr;
/*XXX may need to check for domain name here */
hash_info->state = Connecting;
}
/* waiting for V4 domain name */
else if ( hash_info->state == V4NameWait){
hash_info->v4_name_row = get_packet_ptr;
hash_info->state = Connecting;
}
else if ( hash_info->state == Connecting){
col_append_str(pinfo->cinfo, COL_INFO, " Connect Response");
/* save packet pointer */
hash_info->cmd_reply_row = get_packet_ptr;
hash_info->state = Done; /* change state */
offset = offset + 8;
}
return offset;
}
static int
dissect_ppcap_destination_address(tvbuff_t *tvb, packet_info * pinfo, proto_tree * ppcap_tree1, int offset)
{
int key2;
guint16 msg_len;
msg_len = tvb_get_ntohs(tvb, offset);
proto_tree_add_item( ppcap_tree1, hf_ppcap_length, tvb, offset, 2, ENC_BIG_ENDIAN);
offset = offset + 2;
proto_tree_add_item(ppcap_tree1, hf_ppcap_destreserved, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
key2 = tvb_get_ntohs(tvb, offset);
proto_tree_add_item(ppcap_tree1, hf_ppcap_address_type, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
if (key2 == 1)
{
ssn = tvb_get_guint8(tvb, offset);
proto_tree_add_item(ppcap_tree1, hf_ppcap_ssn1, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(ppcap_tree1, hf_ppcap_spc1, tvb, offset, 3, ENC_BIG_ENDIAN);
/*dst_addr1 = (guint32 )tvb_get_ntoh24(tvb, offset);*/
mtp3_addr_dpc = wmem_new0(wmem_packet_scope(), mtp3_addr_pc_t);
mtp3_addr_dpc->pc = (guint32)tvb_get_ntoh24(tvb, offset);
mtp3_addr_dpc->type = ITU_STANDARD;
mtp3_addr_dpc->ni = 0;
SET_ADDRESS(&pinfo->dst, AT_SS7PC, sizeof(mtp3_addr_pc_t), (guint8 *) mtp3_addr_dpc);
if (msg_len%4)
msg_len = msg_len + (4 - (msg_len%4));
offset += msg_len-1;
return offset;
}
else if (key2 == 2)
{
proto_tree_add_item(ppcap_tree1, hf_ppcap_dpc, tvb, offset, 4, ENC_BIG_ENDIAN);
/*dst_addr1 = (guint32 )tvb_get_ntoh24(tvb, offset);*/
mtp3_addr_dpc = wmem_new0(wmem_packet_scope(), mtp3_addr_pc_t);
mtp3_addr_dpc->pc = tvb_get_ntohl(tvb, offset);
mtp3_addr_dpc->type = ITU_STANDARD;
mtp3_addr_dpc->ni = 0;
SET_ADDRESS(&pinfo->dst, AT_SS7PC, sizeof(mtp3_addr_pc_t), (guint8 *) mtp3_addr_dpc);
}
else if (key2 == 3)
{
if (msg_len%16 != 0)
{
proto_tree_add_ipv4(ppcap_tree1, hf_ppcap_destination_ip_address1, tvb, offset, msg_len, tvb_get_ipv4(tvb, offset));
TVB_SET_ADDRESS(&pinfo->net_dst, AT_IPv4, tvb, offset, 4);
COPY_ADDRESS_SHALLOW(&pinfo->dst, &pinfo->net_dst);
}
else
{
struct e_in6_addr value;
tvb_get_ipv6(tvb, offset,&value);
proto_tree_add_ipv6(ppcap_tree1, hf_ppcap_destination_ip_address2, tvb, offset, msg_len, &value);
TVB_SET_ADDRESS(&pinfo->net_dst, AT_IPv6, tvb, offset, 6);
COPY_ADDRESS_SHALLOW(&pinfo->dst, &pinfo->net_dst);
}
}
else if (key2 == 4)
{
char *string;
string = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, msg_len, ENC_UTF_8|ENC_NA);
proto_tree_add_string(ppcap_tree1, hf_ppcap_destination_nodeid, tvb, offset, msg_len, string);
TVB_SET_ADDRESS(&pinfo->net_dst, AT_STRINGZ, tvb, offset, msg_len);
COPY_ADDRESS_SHALLOW(&pinfo->dst, &pinfo->net_dst);
}
if (msg_len%4)
msg_len = msg_len+(4-(msg_len%4));
offset += msg_len;
return offset;
}
static void
dissect_aodv_rrep(tvbuff_t *tvb, packet_info *pinfo, proto_tree *aodv_tree,
proto_item *ti, gboolean is_ipv6)
{
int offset = 1;
proto_item *tj;
proto_tree *aodv_flags_tree;
guint8 flags;
guint8 prefix_sz;
guint8 hop_count;
guint32 dest_addr_v4;
struct e_in6_addr dest_addr_v6;
guint32 dest_seqno;
guint32 orig_addr_v4;
struct e_in6_addr orig_addr_v6;
guint32 lifetime;
int extlen;
flags = tvb_get_guint8(tvb, offset);
if (aodv_tree) {
tj = proto_tree_add_text(aodv_tree, tvb, offset, 1, "Flags:");
aodv_flags_tree = proto_item_add_subtree(tj, ett_aodv_flags);
proto_tree_add_boolean(aodv_flags_tree, hf_aodv_flags_rrep_repair,
tvb, offset, 1, flags);
proto_tree_add_boolean(aodv_flags_tree, hf_aodv_flags_rrep_ack, tvb,
offset, 1, flags);
if (flags & RREP_REP)
proto_item_append_text(tj, " R");
if (flags & RREP_ACK_REQ)
proto_item_append_text(tj, " A");
}
offset += 1;
prefix_sz = tvb_get_guint8(tvb, offset) & 0x1F;
if (aodv_tree)
proto_tree_add_uint(aodv_tree, hf_aodv_prefix_sz, tvb, offset, 1,
prefix_sz);
offset += 1;
hop_count = tvb_get_guint8(tvb, offset);
if (aodv_tree)
proto_tree_add_uint(aodv_tree, hf_aodv_hopcount, tvb, offset, 1,
hop_count);
offset += 1;
if (is_ipv6) {
tvb_get_ipv6(tvb, offset, &dest_addr_v6);
if (aodv_tree) {
proto_tree_add_ipv6(aodv_tree, hf_aodv_dest_ipv6, tvb, offset,
INET6_ADDRLEN, (guint8 *)&dest_addr_v6);
proto_item_append_text(ti, ", Dest IP: %s",
ip6_to_str(&dest_addr_v6));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", D: %s",
ip6_to_str(&dest_addr_v6));
offset += INET6_ADDRLEN;
} else {
dest_addr_v4 = tvb_get_ipv4(tvb, offset);
if (aodv_tree) {
proto_tree_add_ipv4(aodv_tree, hf_aodv_dest_ip, tvb, offset, 4,
dest_addr_v4);
proto_item_append_text(ti, ", Dest IP: %s",
ip_to_str((guint8 *)&dest_addr_v4));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", D: %s",
ip_to_str((guint8 *)&dest_addr_v4));
offset += 4;
}
dest_seqno = tvb_get_ntohl(tvb, offset);
if (aodv_tree)
proto_tree_add_uint(aodv_tree, hf_aodv_dest_seqno, tvb, offset, 4,
dest_seqno);
offset += 4;
if (is_ipv6) {
tvb_get_ipv6(tvb, offset, &orig_addr_v6);
if (aodv_tree) {
proto_tree_add_ipv6(aodv_tree, hf_aodv_orig_ipv6, tvb, offset,
INET6_ADDRLEN, (guint8 *)&orig_addr_v6);
proto_item_append_text(ti, ", Orig IP: %s",
ip6_to_str(&orig_addr_v6));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", O: %s",
ip6_to_str(&orig_addr_v6));
offset += INET6_ADDRLEN;
} else {
orig_addr_v4 = tvb_get_ipv4(tvb, offset);
if (aodv_tree) {
proto_tree_add_ipv4(aodv_tree, hf_aodv_orig_ip, tvb, offset, 4,
orig_addr_v4);
proto_item_append_text(ti, ", Orig IP: %s",
ip_to_str((guint8 *)&orig_addr_v4));
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", O: %s",
ip_to_str((guint8 *)&orig_addr_v4));
offset += 4;
}
lifetime = tvb_get_ntohl(tvb, offset);
if (aodv_tree) {
proto_tree_add_uint(aodv_tree, hf_aodv_lifetime, tvb, offset, 4,
lifetime);
proto_item_append_text(ti, ", Lifetime=%u", lifetime);
}
col_append_fstr(pinfo->cinfo, COL_INFO, " Hcnt=%u DSN=%u Lifetime=%u",
hop_count,
dest_seqno,
lifetime);
offset += 4;
if (aodv_tree) {
extlen = tvb_reported_length_remaining(tvb, offset);
if (extlen > 0)
dissect_aodv_ext(tvb, offset, aodv_tree);
}
}
