diff options
| author | Guy Harris <guy@alum.mit.edu> | 2004-10-01 09:13:33 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2004-10-01 09:13:33 +0000 |
| commit | ac43a4c8c85e1268e000416504143e61141634d3 (patch) | |
| tree | 6ea75fe6e92e089ec31784f5846ad40ce311fbdb | |
| parent | 92ee993e820d91225a6c97490eea0de189b10d34 (diff) | |
| download | wireshark-ac43a4c8c85e1268e000416504143e61141634d3.tar.gz wireshark-ac43a4c8c85e1268e000416504143e61141634d3.tar.bz2 wireshark-ac43a4c8c85e1268e000416504143e61141634d3.zip | |
From Francisco Alcoba: handle H.323 conversations over UDP and SCTP.
svn path=/trunk/; revision=12169
| -rw-r--r-- | gtk/h323_analysis.c | 15 | ||||
| -rw-r--r-- | gtk/h323_analysis.h | 3 | ||||
| -rw-r--r-- | gtk/h323_conversations.c | 10 | ||||
| -rw-r--r-- | gtk/h323_conversations.h | 30 | ||||
| -rw-r--r-- | gtk/h323_conversations_dlg.c | 14 |
5 files changed, 63 insertions, 9 deletions
diff --git a/gtk/h323_analysis.c b/gtk/h323_analysis.c index dacb25b31f..c3b30ebfec 100644 --- a/gtk/h323_analysis.c +++ b/gtk/h323_analysis.c @@ -69,6 +69,7 @@ typedef struct _user_data_t { guint16 port_dst; guint32 ip_src_h245; guint16 port_src_h245; + guint16 transport; GtkWidget *window; GtkCList *clist1; @@ -352,14 +353,18 @@ static void on_refresh_bt_clicked(GtkWidget *bt _U_, user_data_t *user_data _U_) /* try to compile the filter for h225 */ g_snprintf(filter_text_h225,sizeof(filter_text_h225), - "h225 && (( ip.src==%s && tcp.srcport==%u && ip.dst==%s && tcp.dstport==%u ) || ( ip.src==%s && tcp.srcport==%u && ip.dst==%s && tcp.dstport==%u ))", + "h225 && (( ip.src==%s && %s.srcport==%u && ip.dst==%s && %s.dstport==%u ) || ( ip.src==%s && %s.srcport==%u && ip.dst==%s && %s.dstport==%u ))", ip_to_str((ip_addr_p)&(user_data->ip_src)), + transport_prot_name[user_data->transport], user_data->port_src, ip_to_str((ip_addr_p)&(user_data->ip_dst)), + transport_prot_name[user_data->transport], user_data->port_dst, ip_to_str((ip_addr_p)&(user_data->ip_dst)), + transport_prot_name[user_data->transport], user_data->port_dst, ip_to_str((ip_addr_p)&(user_data->ip_src)), + transport_prot_name[user_data->transport], user_data->port_src ); @@ -370,10 +375,12 @@ static void on_refresh_bt_clicked(GtkWidget *bt _U_, user_data_t *user_data _U_) /* try to compile the filter for h245 */ g_snprintf(filter_text_h245,sizeof(filter_text_h245), - "h245 && (( ip.src==%s && tcp.srcport==%u ) || ( ip.dst==%s && tcp.dstport==%u ))", + "h245 && (( ip.src==%s && %s.srcport==%u ) || ( ip.dst==%s && %s.dstport==%u ))", ip_to_str((ip_addr_p)&(user_data->ip_src_h245)), + transport_prot_name[user_data->transport], user_data->port_src_h245, ip_to_str((ip_addr_p)&(user_data->ip_src_h245)), + transport_prot_name[user_data->transport], user_data->port_src_h245 ); @@ -530,7 +537,8 @@ void h323_analysis( guint32 ip_dst, guint16 port_dst, guint32 ip_src_h245, - guint16 port_src_h245 + guint16 port_src_h245, + guint16 transport ) { user_data_t *user_data; @@ -544,6 +552,7 @@ void h323_analysis( user_data->port_dst = port_dst; user_data->ip_src_h245 = ip_src_h245; user_data->port_src_h245 = port_src_h245; + user_data->transport = transport; /* create the dialog box */ create_h225_dialog(user_data); diff --git a/gtk/h323_analysis.h b/gtk/h323_analysis.h index c03dca4fbb..92138ddf3b 100644 --- a/gtk/h323_analysis.h +++ b/gtk/h323_analysis.h @@ -41,7 +41,8 @@ void h323_analysis( guint32 ip_dst, /* network-order IPv4 address */ guint16 port_dst, guint32 ip_src_h245, /* network-order IPv4 address */ - guint16 port_src_h245 + guint16 port_src_h245, + guint16 transport ); #endif /* H323_ANALYSIS_H_INCLUDED*/ diff --git a/gtk/h323_conversations.c b/gtk/h323_conversations.c index d69e1e3b5f..263bae9b1a 100644 --- a/gtk/h323_conversations.c +++ b/gtk/h323_conversations.c @@ -75,12 +75,14 @@ gint h323_conversations_info_cmp(gconstpointer aa, gconstpointer bb) && (a->src_port == b->src_port) && (a->dest_addr == b->dest_addr) && (a->dest_port == b->dest_port) + && (a->transport == b->transport) ) return 0; else if ((a->src_addr == b->dest_addr) && (a->src_port == b->dest_port) && (a->dest_addr == b->src_addr) && (a->dest_port == b->src_port) + && (a->transport == b->transport) ) return 0; else @@ -146,6 +148,8 @@ int h225conversations_packet(h323conversations_tapinfo_t *tapinfo _U_, packet_in tmp_strinfo.src_port = pinfo->srcport; g_memmove(&(tmp_strinfo.dest_addr), pinfo->dst.data, 4); tmp_strinfo.dest_port = pinfo->destport; + tmp_strinfo.transport = pinfo->ipproto; + /* check wether we already have a conversations with these parameters in the list */ list = g_list_first(tapinfo->strinfo_list); @@ -311,6 +315,7 @@ int h245conversations_packet(h323conversations_tapinfo_t *tapinfo _U_, packet_in struct _h323_conversations_info* a; guint32 src, dst; guint16 srcp, dstp; + guint16 p_transport; /* check wether this packet is a part of any H323 conversation in the list*/ list = g_list_first(tapinfo->strinfo_list); @@ -323,8 +328,9 @@ int h245conversations_packet(h323conversations_tapinfo_t *tapinfo _U_, packet_in //dst = *(pinfo->dst.data); srcp = pinfo->srcport; dstp = pinfo->destport; - if ( ((a->h245address == src) && (a->h245port == srcp) ) || - ( (a->h245address == dst) && (a->h245port == dstp)) ) { + p_transport = pinfo->ipproto; + if ( ((a->h245address == src) && (a->h245port == srcp) && (a->transport == p_transport)) || + ( (a->h245address == dst) && (a->h245port == dstp) && (a->transport == p_transport)) ) { /* in the list? increment packet number */ ++(a->h245packets); break; diff --git a/gtk/h323_conversations.h b/gtk/h323_conversations.h index e54f648e9a..1a02e36a61 100644 --- a/gtk/h323_conversations.h +++ b/gtk/h323_conversations.h @@ -55,6 +55,7 @@ typedef struct _h323_conversations_info { guint8 pt; guint32 npackets; gboolean faststart; + guint32 transport; /* if there are also h245 messages */ gboolean is_h245; guint32 h245packets; @@ -65,6 +66,35 @@ typedef struct _h323_conversations_info { } h323_conversations_info_t; +static char *transport_prot_name[256] ={ + "","","","","","","tcp","","","", /* 0 to 10 */ + "","","","","","","","udp","","", /* 10 to 20 */ + "","","","","","","","","","", /* 20 to 30 */ + "","","","","","","","","","", /* 30 to 40 */ + "","","","","","","","","","", /* 40 to 50 */ + "","","","","","","","","","", /* 50 to 60 */ + "","","","","","","","","","", /* 60 to 70 */ + "","","","","","","","","","", /* 70 to 80 */ + "","","","","","","","","","", /* 80 to 90 */ + "","","","","","","","","","", /* 90 to 100 */ + "","","","","","","","","","", /* 100 to 110 */ + "","","","","","","","","","", /* 110 to 120 */ + "","","","","","","","","","", /* 120 to 130 */ + "","","sctp","","","","","","","", /* 130 to 140 */ + "","","","","","","","","","", /* 140 to 150 */ + "","","","","","","","","","", /* 150 to 160 */ + "","","","","","","","","","", /* 160 to 170 */ + "","","","","","","","","","", /* 170 to 180 */ + "","","","","","","","","","", /* 180 to 190 */ + "","","","","","","","","","", /* 190 to 200 */ + "","","","","","","","","","", /* 200 to 210 */ + "","","","","","","","","","", /* 210 to 220 */ + "","","","","","","","","","", /* 220 to 230 */ + "","","","","","","","","","", /* 230 to 240 */ + "","","","","","","","","","", /* 240 to 250 */ + "","","","","","" /* 250 to 255 */ + }; + /* structure that holds the information about all detected conversationss */ /* struct holding all information of the tap */ typedef struct _h323conversations_tapinfo { diff --git a/gtk/h323_conversations_dlg.c b/gtk/h323_conversations_dlg.c index 5fc9259dbd..991c0921d9 100644 --- a/gtk/h323_conversations_dlg.c +++ b/gtk/h323_conversations_dlg.c @@ -181,21 +181,26 @@ h323conversations_on_filter (GtkButton *button _U_, /* if also address for h245 packets is known */ else if (selected_conversations_fwd->is_h245) { filter_string_fwd = g_strdup_printf( - "((ip.addr==%s && tcp.port==%u && ip.addr==%s && tcp.port==%u) and h225) or ((ip.addr==%s && tcp.port==%u) and h245)", + "((ip.addr==%s && %s.port==%u && ip.addr==%s && %s.port==%u) and h225) or ((ip.addr==%s && %s.port==%u) and h245)", ip_to_str((const guint8*)&(selected_conversations_fwd->src_addr)), + transport_prot_name[selected_conversations_fwd->transport], selected_conversations_fwd->src_port, ip_to_str((const guint8*)&(selected_conversations_fwd->dest_addr)), + transport_prot_name[selected_conversations_fwd->transport], selected_conversations_fwd->dest_port, ip_to_str((const guint8*)&(selected_conversations_fwd->h245address)), + transport_prot_name[selected_conversations_fwd->transport], selected_conversations_fwd->h245port); } /* else filter only h225 packets */ else { filter_string_fwd = g_strdup_printf( - "(ip.addr==%s && tcp.port==%u && ip.addr==%s && tcp.port==%u) and h225", + "(ip.addr==%s && %s.port==%u && ip.addr==%s && %s.port==%u) and h225", ip_to_str((const guint8*)&(selected_conversations_fwd->src_addr)), + transport_prot_name[selected_conversations_fwd->transport], selected_conversations_fwd->src_port, ip_to_str((const guint8*)&(selected_conversations_fwd->dest_addr)), + transport_prot_name[selected_conversations_fwd->transport], selected_conversations_fwd->dest_port); } @@ -221,6 +226,7 @@ h323conversations_on_analyse (GtkButton *button _U_, guint16 port_dst = 0; guint32 ip_src_h245 = 0; guint16 port_src_h245 = 0; + guint16 transport=0; if (selected_conversations_fwd) { ip_src = selected_conversations_fwd->src_addr; @@ -229,6 +235,7 @@ h323conversations_on_analyse (GtkButton *button _U_, port_dst = selected_conversations_fwd->dest_port; ip_src_h245 = selected_conversations_fwd->h245address; port_src_h245 = selected_conversations_fwd->h245port; + transport = selected_conversations_fwd->transport; } h323_analysis( @@ -237,7 +244,8 @@ h323conversations_on_analyse (GtkButton *button _U_, ip_dst, port_dst, ip_src_h245, - port_src_h245 + port_src_h245, + transport ); } |