/* Reads a field from the proto_tree and loads the fvalues into a register,
* if that field has not already been read. */
static gboolean
read_tree(dfilter_t *df, proto_tree *tree, header_field_info *hfinfo, int reg)
{
GPtrArray *finfos;
field_info *finfo;
int i, len;
GList *fvalues = NULL;
gboolean found_something = FALSE;
/* Already loaded in this run of the dfilter? */
if (df->attempted_load[reg]) {
if (df->registers[reg]) {
return TRUE;
}
else {
return FALSE;
}
}
df->attempted_load[reg] = TRUE;
while (hfinfo) {
finfos = proto_get_finfo_ptr_array(tree, hfinfo->id);
if (!finfos) {
hfinfo = hfinfo->same_name_next;
continue;
}
else if (g_ptr_array_len(finfos) == 0) {
hfinfo = hfinfo->same_name_next;
continue;
}
else {
found_something = TRUE;
}
len = finfos->len;
for (i = 0; i < len; i++) {
finfo = g_ptr_array_index(finfos, i);
fvalues = g_list_prepend(fvalues, &finfo->value);
}
hfinfo = hfinfo->same_name_next;
}
if (!found_something) {
return FALSE;
}
df->registers[reg] = fvalues;
return TRUE;
}
static void get_pdu_fields(gpointer k, gpointer v, gpointer p) {
int hfid = *((int*) k);
gchar* name = (gchar*) v;
tmp_pdu_data* data = (tmp_pdu_data*) p;
GPtrArray* fis;
field_info* fi;
guint i,j;
mate_range* curr_range;
guint start;
guint end;
AVP* avp;
gchar* s;
fis = proto_get_finfo_ptr_array(data->tree, hfid);
if (fis) {
for (i = 0; i < fis->len; i++) {
fi = (field_info*) g_ptr_array_index(fis,i);
start = fi->start;
end = fi->start + fi->length;
dbg_print(dbg_pdu,5,dbg_facility,"get_pdu_fields: found field %i-%i",start,end);
for (j = 0; j < data->ranges->len; j++) {
curr_range = (mate_range*) g_ptr_array_index(data->ranges,j);
if (curr_range->end >= end && curr_range->start <= start) {
avp = new_avp_from_finfo(name, fi);
if (*dbg_pdu > 4) {
s = avp_to_str(avp);
dbg_print(dbg_pdu,0,dbg_facility,"get_pdu_fields: got %s",s);
g_free(s);
}
if (! insert_avp(data->pdu->avpl,avp) ) {
delete_avp(avp);
}
}
}
}
}
}
extern void mate_analyze_frame(packet_info *pinfo, proto_tree* tree) {
mate_cfg_pdu* cfg;
GPtrArray* protos;
field_info* proto;
guint i,j;
AVPL* criterium_match;
mate_pdu* pdu = NULL;
mate_pdu* last = NULL;
rd->now = (float) nstime_to_sec(&pinfo->fd->rel_ts);
if ( proto_tracking_interesting_fields(tree)
&& rd->highest_analyzed_frame < pinfo->fd->num ) {
for ( i = 0; i < mc->pducfglist->len; i++ ) {
cfg = g_ptr_array_index(mc->pducfglist,i);
dbg_print (dbg_pdu,4,dbg_facility,"mate_analyze_frame: trying to extract: %s",cfg->name);
protos = proto_get_finfo_ptr_array(tree, cfg->hfid_proto);
if (protos) {
pdu = NULL;
for (j = 0; j < protos->len; j++) {
dbg_print (dbg_pdu,3,dbg_facility,"mate_analyze_frame: found matching proto, extracting: %s",cfg->name);
proto = (field_info*) g_ptr_array_index(protos,j);
pdu = new_pdu(cfg, pinfo->fd->num, proto, tree);
if (cfg->criterium) {
criterium_match = new_avpl_from_match(cfg->criterium_match_mode,"",pdu->avpl,cfg->criterium,FALSE);
if (criterium_match) {
delete_avpl(criterium_match,FALSE);
}
if ( (criterium_match && cfg->criterium_accept_mode == REJECT_MODE )
|| ( ! criterium_match && cfg->criterium_accept_mode == ACCEPT_MODE )) {
delete_avpl(pdu->avpl,TRUE);
g_slice_free(mate_max_size,(mate_max_size*)pdu);
pdu = NULL;
continue;
}
}
analyze_pdu(pdu);
if ( ! pdu->gop && cfg->drop_unassigned) {
delete_avpl(pdu->avpl,TRUE);
g_slice_free(mate_max_size,(mate_max_size*)pdu);
pdu = NULL;
continue;
}
if ( cfg->discard ) {
delete_avpl(pdu->avpl,TRUE);
pdu->avpl = NULL;
}
if (!last) {
g_hash_table_insert(rd->frames,GINT_TO_POINTER(pinfo->fd->num),pdu);
last = pdu;
} else {
last->next_in_frame = pdu;
last = pdu;
}
}
if ( pdu && cfg->last_extracted ) break;
}
}
rd->highest_analyzed_frame = pinfo->fd->num;
}
}
static mate_pdu* new_pdu(mate_cfg_pdu* cfg, guint32 framenum, field_info* proto, proto_tree* tree) {
mate_pdu* pdu = (mate_pdu*)g_slice_new(mate_max_size);
field_info* cfi;
GPtrArray* ptrs;
mate_range* range;
mate_range* proto_range;
tmp_pdu_data data;
guint i,j;
gint min_dist;
field_info* range_fi;
gint32 last_start;
gint32 first_end;
gint32 curr_end;
int hfid;
dbg_print (dbg_pdu,1,dbg_facility,"new_pdu: type=%s framenum=%i",cfg->name,framenum);
pdu->id = ++(cfg->last_id);
pdu->cfg = cfg;
pdu->avpl = new_avpl(cfg->name);
pdu->frame = framenum;
pdu->next_in_frame = NULL;
pdu->rel_time = rd->now;
pdu->gop = NULL;
pdu->next = NULL;
pdu->time_in_gop = -1.0;
pdu->first = FALSE;
pdu->is_start = FALSE;
pdu->is_stop = FALSE;
pdu->after_release = FALSE;
data.ranges = g_ptr_array_new();
data.pdu = pdu;
data.tree = tree;
/* first we create the proto range */
proto_range = g_malloc(sizeof(mate_range));
proto_range->start = proto->start;
proto_range->end = proto->start + proto->length;
g_ptr_array_add(data.ranges,proto_range);
dbg_print(dbg_pdu,3,dbg_facility,"new_pdu: proto range %u-%u",proto_range->start,proto_range->end);
last_start = proto_range->start;
/* we move forward in the tranport */
for (i = cfg->transport_ranges->len; i--; ) {
hfid = *((int*)g_ptr_array_index(cfg->transport_ranges,i));
ptrs = proto_get_finfo_ptr_array(tree, hfid);
min_dist = 99999;
range_fi = NULL;
if (ptrs) {
for (j=0; j < ptrs->len; j++) {
cfi = (field_info*) g_ptr_array_index(ptrs,j);
if (cfi->start < last_start && min_dist >= (last_start - cfi->start) ) {
range_fi = cfi;
min_dist = last_start - cfi->start;
}
}
if ( range_fi ) {
range = g_malloc(sizeof(*range));
range->start = range_fi->start;
range->end = range_fi->start + range_fi->length;
g_ptr_array_add(data.ranges,range);
last_start = range_fi->start;
dbg_print(dbg_pdu,3,dbg_facility,"new_pdu: transport(%i) range %i-%i",hfid,range->start,range->end);
} else {
/* we missed a range */
dbg_print(dbg_pdu,6,dbg_facility,"new_pdu: transport(%i) missed",hfid);
}
}
}
if (cfg->payload_ranges) {
first_end = proto_range->end;
for (i = 0 ; i < cfg->payload_ranges->len; i++) {
hfid = *((int*)g_ptr_array_index(cfg->payload_ranges,i));
ptrs = proto_get_finfo_ptr_array(tree, hfid);
min_dist = 99999;
range_fi = NULL;
if (ptrs) {
for (j=0; j < ptrs->len; j++) {
cfi = (field_info*) g_ptr_array_index(ptrs,j);
curr_end = cfi->start + cfi->length;
if (curr_end > first_end && min_dist >= (curr_end - first_end) ) {
range_fi = cfi;
min_dist = curr_end - first_end;
}
}
if ( range_fi ) {
range = g_malloc(sizeof(*range));
range->start = range_fi->start;
range->end = range_fi->start + range_fi->length;
g_ptr_array_add(data.ranges,range);
last_start = range_fi->start;
dbg_print(dbg_pdu,3,dbg_facility,"new_pdu: payload(%i) range %i-%i",hfid,range->start,range->end);
} else {
/* we missed a range */
dbg_print(dbg_pdu,5,dbg_facility,"new_pdu: payload(%i) missed",hfid);
}
}
}
}
g_hash_table_foreach(cfg->hfids_attr,get_pdu_fields,&data);
apply_transforms(pdu->cfg->transforms,pdu->avpl);
g_ptr_array_free(data.ranges,TRUE);
return pdu;
}
void *old_ctx=NULL;
char *pol_name;
char *sid;
int sid_len;
int num_rids;
int num_names;
GPtrArray *gp;
GPtrArray *gp_rids;
GPtrArray *gp_names;
field_info *fi;
field_info *fi_rid;
field_info *fi_name;
char sid_name[256];
int info_level;
gp=proto_get_finfo_ptr_array(edt->tree, hf_samr_level);
if(!gp || gp->len!=1){
return 0;
}
fi=gp->pdata[0];
info_level=fi->value.value.sinteger;
if(info_level!=1){
return 0;
}
if(!ri){
return 0;
}
if(!ri->call_data){
return 0;
* This field doesn't have an associated value,
* e.g. http
* We return n.a.
*/
printf(" %u=\"n.a.\"", cmd_line_index);
return TRUE;
}
static int
protocolinfo_packet(void *prs, packet_info *pinfo _U_, epan_dissect_t *edt, const void *dummy _U_)
{
pci_t *rs=prs;
GPtrArray *gp;
guint i;
gp=proto_get_finfo_ptr_array(edt->tree, rs->hf_index);
if(!gp){
printf(" n.a.");
return 0;
}
/*
* Print each occurrence of the field
*/
for (i = 0; i < gp->len; i++) {
print_field_value(gp->pdata[i], rs->cmd_line_index);
}
return 0;
}
