static int
usbip_dissect_op(packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree,
int offset)
{
proto_item *ti = NULL;
guint32 operation;
gint32 status;
proto_tree_add_item(tree, hf_usbip_version, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item_ret_uint(tree, hf_usbip_operation, tvb, offset, 2,
ENC_BIG_ENDIAN, &operation);
offset += 2;
proto_tree_add_item_ret_int(tree, hf_usbip_status, tvb, offset, 4, ENC_BIG_ENDIAN, &status);
offset += 4;
switch (operation) {
case OP_REQ_IMPORT:
offset = dissect_import_request(pinfo, tree, tvb, offset);
break;
case OP_REP_IMPORT:
offset = dissect_import_response(pinfo, tree, tvb, offset, status);
break;
case OP_REQ_DEVLIST:
offset = dissect_device_list_request(pinfo);
break;
case OP_REP_DEVLIST:
offset = dissect_device_list_response(pinfo, tree, tvb, offset);
break;
default:
proto_tree_add_item(tree, hf_usbip_urb_data, tvb, offset, -1, ENC_NA);
offset = tvb_reported_length_remaining(tvb, offset);
expert_add_info_format(
pinfo, ti, &ei_usbip,
"Dissector for USBIP Operation"
" (%x) code not implemented, Contact"
" Wireshark developers if you want this supported",
operation);
proto_item_append_text(ti, ": Undecoded");
break;
}
return offset;
}
static void dissect_pgsql_fe_msg(guchar type, guint length, tvbuff_t *tvb,
gint n, proto_tree *tree,
pgsql_conn_data_t *conv_data)
{
guchar c;
gint i, siz;
char *s;
proto_tree *shrub;
gint32 data_length;
switch (type) {
/* Password, SASL or GSSAPI Response, depending on context */
case 'p':
switch(conv_data->auth_state) {
case PGSQL_AUTH_SASL_REQUESTED:
/* SASLInitResponse */
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_sasl_auth_mech, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
proto_tree_add_item_ret_int(tree, hf_sasl_auth_data_length, tvb, n, 4, ENC_BIG_ENDIAN, &data_length);
n += 4;
if (data_length) {
proto_tree_add_item(tree, hf_sasl_auth_data, tvb, n, data_length, ENC_NA);
n += data_length;
}
break;
case PGSQL_AUTH_SASL_CONTINUE:
proto_tree_add_item(tree, hf_sasl_auth_data, tvb, n, length-4, ENC_NA);
break;
case PGSQL_AUTH_GSSAPI_SSPI_DATA:
proto_tree_add_item(tree, hf_gssapi_sspi_data, tvb, n, length-4, ENC_NA);
break;
default:
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_passwd, tvb, n, siz, ENC_ASCII|ENC_NA);
break;
}
break;
/* Simple query */
case 'Q':
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_query, tvb, n, siz, ENC_ASCII|ENC_NA);
break;
/* Parse */
case 'P':
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_statement, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_query, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Parameters: %d", i);
n += 2;
while (i-- > 0) {
proto_tree_add_item(shrub, hf_typeoid, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
}
break;
/* Bind */
case 'B':
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_portal, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_statement, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Parameter formats: %d", i);
n += 2;
while (i-- > 0) {
proto_tree_add_item(shrub, hf_format, tvb, n, 2, ENC_BIG_ENDIAN);
n += 2;
}
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Parameter values: %d", i);
n += 2;
while (i-- > 0) {
siz = tvb_get_ntohl(tvb, n);
proto_tree_add_int(shrub, hf_val_length, tvb, n, 4, siz);
n += 4;
if (siz > 0) {
proto_tree_add_item(shrub, hf_val_data, tvb, n, siz, ENC_NA);
n += siz;
}
}
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Result formats: %d", i);
n += 2;
while (i-- > 0) {
proto_tree_add_item(shrub, hf_format, tvb, n, 2, ENC_BIG_ENDIAN);
n += 2;
}
break;
/* Execute */
case 'E':
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_portal, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
i = tvb_get_ntohl(tvb, n);
if (i == 0)
proto_tree_add_uint_format_value(tree, hf_return, tvb, n, 4, i, "all rows");
else
proto_tree_add_uint_format_value(tree, hf_return, tvb, n, 4, i, "%d rows", i);
break;
/* Describe, Close */
case 'D':
case 'C':
c = tvb_get_guint8(tvb, n);
if (c == 'P')
i = hf_portal;
else
i = hf_statement;
n += 1;
s = tvb_get_stringz_enc(wmem_packet_scope(), tvb, n, &siz, ENC_ASCII);
proto_tree_add_string(tree, i, tvb, n, siz, s);
break;
/* Messages without a type identifier */
case '\0':
i = tvb_get_ntohl(tvb, n);
n += 4;
length -= n;
switch (i) {
/* Startup message */
case 196608:
proto_tree_add_item(tree, hf_version_major, tvb, n-4, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(tree, hf_version_minor, tvb, n-2, 2, ENC_BIG_ENDIAN);
while ((signed)length > 0) {
siz = tvb_strsize(tvb, n);
length -= siz;
if ((signed)length <= 0) {
break;
}
proto_tree_add_item(tree, hf_parameter_name, tvb, n, siz, ENC_ASCII|ENC_NA);
i = tvb_strsize(tvb, n+siz);
proto_tree_add_item(tree, hf_parameter_value, tvb, n + siz, i, ENC_ASCII|ENC_NA);
length -= i;
n += siz+i;
if (length == 1 && tvb_get_guint8(tvb, n) == 0)
break;
}
break;
/* SSL request */
case 80877103:
/* Next reply will be a single byte. */
conv_data->ssl_requested = TRUE;
break;
/* Cancellation request */
case 80877102:
proto_tree_add_item(tree, hf_pid, tvb, n, 4, ENC_BIG_ENDIAN);
proto_tree_add_item(tree, hf_key, tvb, n+4, 4, ENC_BIG_ENDIAN);
break;
}
break;
/* Copy data */
case 'd':
proto_tree_add_item(tree, hf_copydata, tvb, n, length-n+1, ENC_NA);
break;
/* Copy failure */
case 'f':
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_error, tvb, n, siz, ENC_ASCII|ENC_NA);
break;
/* Function call */
case 'F':
proto_tree_add_item(tree, hf_oid, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Parameter formats: %d", i);
n += 2;
while (i-- > 0) {
proto_tree_add_item(shrub, hf_format, tvb, n, 2, ENC_BIG_ENDIAN);
n += 2;
}
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Parameter values: %d", i);
n += 2;
while (i-- > 0) {
siz = tvb_get_ntohl(tvb, n);
proto_tree_add_item(shrub, hf_val_length, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
if (siz > 0) {
proto_tree_add_item(shrub, hf_val_data, tvb, n, siz, ENC_NA);
n += siz;
}
}
proto_tree_add_item(tree, hf_format, tvb, n, 2, ENC_BIG_ENDIAN);
break;
}
}
static void dissect_pgsql_be_msg(guchar type, guint length, tvbuff_t *tvb,
gint n, proto_tree *tree,
pgsql_conn_data_t *conv_data)
{
guchar c;
gint i, siz;
char *s, *t;
gint32 num_nonsupported_options;
proto_item *ti;
proto_tree *shrub;
guint32 auth_type;
switch (type) {
/* Authentication request */
case 'R':
proto_tree_add_item_ret_uint(tree, hf_authtype, tvb, n, 4, ENC_BIG_ENDIAN, &auth_type);
switch (auth_type) {
case PGSQL_AUTH_TYPE_CRYPT:
case PGSQL_AUTH_TYPE_MD5:
n += 4;
siz = (auth_type == PGSQL_AUTH_TYPE_CRYPT ? 2 : 4);
proto_tree_add_item(tree, hf_salt, tvb, n, siz, ENC_NA);
break;
case PGSQL_AUTH_TYPE_GSSAPI_SSPI_CONTINUE:
conv_data->auth_state = PGSQL_AUTH_GSSAPI_SSPI_DATA;
proto_tree_add_item(tree, hf_gssapi_sspi_data, tvb, n, length-8, ENC_NA);
break;
case PGSQL_AUTH_TYPE_SASL:
conv_data->auth_state = PGSQL_AUTH_SASL_REQUESTED;
n += 4;
while ((guint)n < length) {
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_sasl_auth_mech, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
}
break;
case PGSQL_AUTH_TYPE_SASL_CONTINUE:
case PGSQL_AUTH_TYPE_SASL_COMPLETE:
conv_data->auth_state = PGSQL_AUTH_SASL_CONTINUE;
n += 4;
if ((guint)n < length) {
proto_tree_add_item(tree, hf_sasl_auth_data, tvb, n, length-8, ENC_NA);
}
break;
}
break;
/* Key data */
case 'K':
proto_tree_add_item(tree, hf_pid, tvb, n, 4, ENC_BIG_ENDIAN);
proto_tree_add_item(tree, hf_key, tvb, n+4, 4, ENC_BIG_ENDIAN);
break;
/* Parameter status */
case 'S':
s = tvb_get_stringz_enc(wmem_packet_scope(), tvb, n, &siz, ENC_ASCII);
proto_tree_add_string(tree, hf_parameter_name, tvb, n, siz, s);
n += siz;
t = tvb_get_stringz_enc(wmem_packet_scope(), tvb, n, &i, ENC_ASCII);
proto_tree_add_string(tree, hf_parameter_value, tvb, n, i, t);
break;
/* Parameter description */
case 't':
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Parameters: %d", i);
n += 2;
while (i-- > 0) {
proto_tree_add_item(shrub, hf_typeoid, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
}
break;
/* Row description */
case 'T':
i = tvb_get_ntohs(tvb, n);
ti = proto_tree_add_item(tree, hf_field_count, tvb, n, 2, ENC_BIG_ENDIAN);
shrub = proto_item_add_subtree(ti, ett_values);
n += 2;
while (i-- > 0) {
proto_tree *twig;
siz = tvb_strsize(tvb, n);
ti = proto_tree_add_item(shrub, hf_val_name, tvb, n, siz, ENC_ASCII|ENC_NA);
twig = proto_item_add_subtree(ti, ett_values);
n += siz;
proto_tree_add_item(twig, hf_tableoid, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
proto_tree_add_item(twig, hf_val_idx, tvb, n, 2, ENC_BIG_ENDIAN);
n += 2;
proto_tree_add_item(twig, hf_typeoid, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
proto_tree_add_item(twig, hf_val_length, tvb, n, 2, ENC_BIG_ENDIAN);
n += 2;
proto_tree_add_item(twig, hf_val_mod, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
proto_tree_add_item(twig, hf_format, tvb, n, 2, ENC_BIG_ENDIAN);
n += 2;
}
break;
/* Data row */
case 'D':
i = tvb_get_ntohs(tvb, n);
ti = proto_tree_add_item(tree, hf_field_count, tvb, n, 2, ENC_BIG_ENDIAN);
shrub = proto_item_add_subtree(ti, ett_values);
n += 2;
while (i-- > 0) {
siz = tvb_get_ntohl(tvb, n);
proto_tree_add_int(shrub, hf_val_length, tvb, n, 4, siz);
n += 4;
if (siz > 0) {
proto_tree_add_item(shrub, hf_val_data, tvb, n, siz, ENC_NA);
n += siz;
}
}
break;
/* Command completion */
case 'C':
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_tag, tvb, n, siz, ENC_ASCII|ENC_NA);
break;
/* Ready */
case 'Z':
proto_tree_add_item(tree, hf_status, tvb, n, 1, ENC_BIG_ENDIAN);
break;
/* Error, Notice */
case 'E':
case 'N':
length -= 4;
while ((signed)length > 0) {
c = tvb_get_guint8(tvb, n);
if (c == '\0')
break;
s = tvb_get_stringz_enc(wmem_packet_scope(), tvb, n+1, &siz, ENC_ASCII);
i = hf_text;
switch (c) {
case 'S': i = hf_severity; break;
case 'C': i = hf_code; break;
case 'M': i = hf_message; break;
case 'D': i = hf_detail; break;
case 'H': i = hf_hint; break;
case 'P': i = hf_position; break;
case 'p': i = hf_internal_position; break;
case 'q': i = hf_internal_query; break;
case 'W': i = hf_where; break;
case 's': i = hf_schema_name; break;
case 't': i = hf_table_name; break;
case 'c': i = hf_column_name; break;
case 'd': i = hf_type_name; break;
case 'n': i = hf_constraint_name; break;
case 'F': i = hf_file; break;
case 'L': i = hf_line; break;
case 'R': i = hf_routine; break;
}
proto_tree_add_string(tree, i, tvb, n, siz+1, s);
length -= siz+1;
n += siz+1;
}
break;
/* NOTICE response */
case 'A':
proto_tree_add_item(tree, hf_pid, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_condition, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
siz = tvb_strsize(tvb, n);
if (siz > 1)
proto_tree_add_item(tree, hf_text, tvb, n, siz, ENC_ASCII|ENC_NA);
break;
/* Copy in/out */
case 'G':
case 'H':
proto_tree_add_item(tree, hf_format, tvb, n, 1, ENC_BIG_ENDIAN);
n += 1;
i = tvb_get_ntohs(tvb, n);
shrub = proto_tree_add_subtree_format(tree, tvb, n, 2, ett_values, NULL, "Columns: %d", i);
n += 2;
while (i-- > 2) {
proto_tree_add_item(shrub, hf_format, tvb, n, 2, ENC_BIG_ENDIAN);
n += 2;
}
break;
/* Copy data */
case 'd':
proto_tree_add_item(tree, hf_copydata, tvb, n, length-n+1, ENC_NA);
break;
/* Function call response */
case 'V':
siz = tvb_get_ntohl(tvb, n);
proto_tree_add_int(tree, hf_val_length, tvb, n, 4, siz);
if (siz > 0)
proto_tree_add_item(tree, hf_val_data, tvb, n+4, siz, ENC_NA);
break;
/* Negotiate Protocol Version */
case 'v':
proto_tree_add_item(tree, hf_supported_minor_version, tvb, n, 4, ENC_BIG_ENDIAN);
n += 4;
proto_tree_add_item_ret_int(tree, hf_number_nonsupported_options, tvb, n, 4, ENC_BIG_ENDIAN, &num_nonsupported_options);
n += 4;
while (num_nonsupported_options > 0) {
siz = tvb_strsize(tvb, n);
proto_tree_add_item(tree, hf_nonsupported_option, tvb, n, siz, ENC_ASCII|ENC_NA);
n += siz;
num_nonsupported_options--;
}
break;
}
}
static void
dissect_ath(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
int offset = 0;
/* various lengths as reported in the packet itself */
guint8 hlen = 0;
gint32 clen = 0;
gint32 dlen = 0;
gint32 plen = 0;
/* detect the Tribes (Tomcat) version */
gint tribes_version_mark;
/* store the info */
const gchar *info_srcaddr = "";
const gchar *info_domain = "";
const gchar *info_command = "";
proto_item *ti, *hlen_item;
proto_tree *ath_tree;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ATH");
/* Clear out stuff in the info column */
col_clear(pinfo->cinfo,COL_INFO);
ti = proto_tree_add_item(tree, proto_ath, tvb, 0, -1, ENC_NA);
ath_tree = proto_item_add_subtree(ti, ett_ath);
/* Determine the Tribes version, which means determining the Tomcat version.
* There are 2 versions : one for Tomcat 6, and one for Tomcat 7/8
* We know that Tomcat 6 packets end with "-E" (Ox2d 0x45 or 11589 in decimal)
* and Tomcat 7/8 packets end with "Ox01 0x00" (256 in decimal)
* This is why we read these 2 last bytes of the packet
*/
tribes_version_mark = tvb_get_ntohs(tvb, tvb_reported_length(tvb) - 2);
/* dissecting a Tomcat 6 packet
*/
if (tribes_version_mark == 11589) { /* "-E" */
/* BEGIN
*/
proto_tree_add_item(ath_tree, hf_ath_begin, tvb, offset, 8, ENC_ASCII|ENC_NA);
offset += 8;
/* LENGTH
*/
proto_tree_add_item(ath_tree, hf_ath_length, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
/* ALIVE TIME
*/
proto_tree_add_item(ath_tree, hf_ath_alive, tvb, offset, 8, ENC_BIG_ENDIAN);
offset += 8;
/* PORT
*/
proto_tree_add_item(ath_tree, hf_ath_port, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
/* SECURE PORT
*/
proto_tree_add_item(ath_tree, hf_ath_sport, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
/* HOST LENGTH
*/
hlen_item = proto_tree_add_item(ath_tree, hf_ath_hlen, tvb, offset, 1, ENC_BIG_ENDIAN);
hlen = tvb_get_guint8(tvb, offset);
offset += 1;
/* HOST
*/
if (hlen == 4) {
proto_tree_add_item(ath_tree, hf_ath_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
info_srcaddr = tvb_ip_to_str(tvb, offset);
} else if (hlen == 6) {
proto_tree_add_item(ath_tree, hf_ath_ipv6, tvb, offset, 6, ENC_NA);
info_srcaddr = tvb_ip6_to_str(tvb, offset);
} else {
expert_add_info(pinfo, hlen_item, &ei_ath_hlen_invalid);
}
offset += hlen;
/* COMMAND LENGTH
*/
proto_tree_add_item_ret_int(ath_tree, hf_ath_clen, tvb, offset, 4, ENC_BIG_ENDIAN, &clen);
offset += 4;
/* COMMAND
*/
proto_tree_add_item(ath_tree, hf_ath_comm, tvb, offset, clen, ENC_ASCII|ENC_NA);
if (clen != -1)
info_command = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, clen, ENC_ASCII);
offset += clen;
/* DOMAIN LENGTH
*/
proto_tree_add_item_ret_int(ath_tree, hf_ath_dlen, tvb, offset, 4, ENC_BIG_ENDIAN, &dlen);
offset += 4;
/* DOMAIN
*/
proto_tree_add_item(ath_tree, hf_ath_domain, tvb, offset, dlen, ENC_ASCII|ENC_NA);
if (dlen != 0)
info_domain = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, dlen, ENC_ASCII);
offset += dlen;
/* UNIQUEID
*/
proto_tree_add_item(ath_tree, hf_ath_unique, tvb, offset, 16, ENC_NA);
offset += 16;
/* PAYLOAD LENGTH
*/
proto_tree_add_item_ret_int(ath_tree, hf_ath_plen, tvb, offset, 4, ENC_BIG_ENDIAN, &plen);
offset += 4;
/* PAYLOAD
*/
proto_tree_add_item(ath_tree, hf_ath_payload, tvb, offset, plen, ENC_ASCII|ENC_NA);
offset += plen;
/* END
*/
proto_tree_add_item(ath_tree, hf_ath_end, tvb, offset, 8, ENC_ASCII|ENC_NA);
}
/* dissecting a Tomcat 7/8 packet
*/
else if (tribes_version_mark == 256) {
/* BEGIN
*/
proto_tree_add_item(ath_tree, hf_ath_begin, tvb, offset, 8, ENC_ASCII|ENC_NA);
offset += 8;
proto_tree_add_item(ath_tree, hf_ath_padding, tvb, offset, 2, ENC_ASCII|ENC_NA);
offset += 2;
/* LENGTH
*/
proto_tree_add_item(ath_tree, hf_ath_length, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
/* ALIVE TIME
*/
proto_tree_add_item(ath_tree, hf_ath_alive, tvb, offset, 8, ENC_BIG_ENDIAN);
offset += 8;
/* PORT
*/
proto_tree_add_item(ath_tree, hf_ath_port, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
/* SECURE PORT
*/
proto_tree_add_item(ath_tree, hf_ath_sport, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
/* UDP PORT, only in Tomcat 7/8
*/
proto_tree_add_item(ath_tree, hf_ath_uport, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
/* HOST LENGTH
*/
hlen_item = proto_tree_add_item(ath_tree, hf_ath_hlen, tvb, offset, 1, ENC_BIG_ENDIAN);
hlen = tvb_get_guint8(tvb, offset);
offset += 1;
/* HOST
*/
if (hlen == 4) {
proto_tree_add_item(ath_tree, hf_ath_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
info_srcaddr = tvb_ip_to_str(tvb, offset);
} else if (hlen == 6) {
proto_tree_add_item(ath_tree, hf_ath_ipv6, tvb, offset, 6, ENC_NA);
info_srcaddr = tvb_ip6_to_str(tvb, offset);
} else {
expert_add_info(pinfo, hlen_item, &ei_ath_hlen_invalid);
}
offset += hlen;
/* COMMAND LENGTH
*/
proto_tree_add_item_ret_int(ath_tree, hf_ath_clen, tvb, offset, 4, ENC_BIG_ENDIAN, &clen);
offset += 4;
/* COMMAND
*/
proto_tree_add_item(ath_tree, hf_ath_comm, tvb, offset, clen, ENC_ASCII|ENC_NA);
if (clen != -1)
info_command = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, clen, ENC_ASCII);
offset += clen;
/* DOMAIN LENGTH
*/
proto_tree_add_item_ret_int(ath_tree, hf_ath_dlen, tvb, offset, 4, ENC_BIG_ENDIAN, &dlen);
offset += 4;
/* DOMAIN
*/
proto_tree_add_item(ath_tree, hf_ath_domain, tvb, offset, dlen, ENC_ASCII|ENC_NA);
if (dlen != 0)
info_domain = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, dlen, ENC_ASCII);
offset += dlen;
/* UNIQUEID
*/
proto_tree_add_item(ath_tree, hf_ath_unique, tvb, offset, 16, ENC_NA);
offset += 16;
/* PAYLOAD LENGTH
*/
proto_tree_add_item_ret_int(ath_tree, hf_ath_plen, tvb, offset, 4, ENC_BIG_ENDIAN, &plen);
offset += 4;
/* PAYLOAD
*/
proto_tree_add_item(ath_tree, hf_ath_payload, tvb, offset, plen, ENC_ASCII|ENC_NA);
offset += plen;
/* END
*/
proto_tree_add_item(ath_tree, hf_ath_end, tvb, offset, 8, ENC_ASCII|ENC_NA);
} else {
proto_tree_add_expert(tree, pinfo, &ei_ath_hmark_invalid, tvb, offset, -1);
return;
}
/* set the INFO column, and we're done !
*/
if (strcmp(info_command, "") != 0) {
if (strcmp(info_command, "BABY-ALEX") == 0) {
if (strcmp(info_domain, "") != 0) {
col_append_fstr(pinfo->cinfo, COL_INFO, "%s is leaving domain %s", info_srcaddr, info_domain);
} else {
col_append_fstr(pinfo->cinfo, COL_INFO, "%s is leaving default domain", info_srcaddr);
}
} else {
if (strcmp(info_domain, "") != 0) {
col_append_fstr(pinfo->cinfo, COL_INFO, "Heartbeat from %s to domain %s", info_srcaddr, info_domain);
} else {
col_append_fstr(pinfo->cinfo, COL_INFO, "Heartbeat from %s to default domain", info_srcaddr);
}
}
} else {
if (strcmp(info_domain, "") != 0) {
col_append_fstr(pinfo->cinfo, COL_INFO, "Heartbeat from %s to domain %s", info_srcaddr, info_domain);
} else {
col_append_fstr(pinfo->cinfo, COL_INFO, "Heartbeat from %s to default domain", info_srcaddr);
}
}
}
