Added preliminary support for NetBIOS Name Services over IPX and UDP. Note

that these are two very different implementations of NetBIOS name services and
at the protocol level are not similar. I have put the UDP protocol in
packet-nbns.c, since it will be a very big module. I have all of rfc 1002 to
read and implement. I am planning on putting many different NetBIOS over IPX
functions in packet-nbipx.c, however, since there is no RFC or published
standard. I have to hack the protocol, and as such, I do not expect it to be
as full-featured as the IP-world equivalents.

svn path=/trunk/; revision=50

1 files changed, 157 insertions, 0 deletions

diff --git a/packet-nbns.c b/packet-nbns.c
new file mode 100644
index 0000000000..3a69973f08
--- /dev/null
+++ b/packet-nbns.c
@@ -0,0 +1,157 @@
+/* packet-nbns.c
+ * Routines for NetBIOS Name Service packet disassembly
+ * Gilbert Ramirez <gram@verdict.uthscsa.edu>
+ *
+ * $Id: packet-nbns.c,v 1.1 1998/10/14 04:09:11 gram Exp $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@zing.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * 
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <gtk/gtk.h>
+#include <pcap.h>
+
+#include <stdio.h>
+#include <memory.h>
+
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+
+#ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+#endif
+
+#include "ethereal.h"
+#include "packet.h"
+
+/* Packet structure taken from RFC 1002. See also RFC 1001.
+ * The Samba source code, specifically nmblib.c, also helps a lot. */
+
+struct nbns_header {
+
+	guint16		name_tran_id;
+	guint8		r;
+	guint8		opcode;
+	struct {
+		guint8	bcast;
+		guint8	recursion_available;
+		guint8	recursion_desired;
+		guint8	trunc;
+		guint8	authoritative;
+	} nm_flags;
+	guint8		rcode;
+	guint16		qdcount;
+	guint16		ancount;
+	guint16		nscount;
+	guint16		arcount;
+};
+
+void
+dissect_nbns(const u_char *pd, int offset, frame_data *fd, GtkTree *tree)
+{
+	GtkWidget			*nbns_tree, *ti;
+	struct nbns_header	header;
+	int					nm_flags;
+
+	char *opcode[] = {
+		"Query",
+		"Unknown",
+		"Unknown",
+		"Unknown",
+		"Unknown",
+		"Registration",
+		"Release",
+		"Wait and Acknowledge",
+		"Refresh"
+		"Refresh(altcode)"
+		"Unknown",
+		"Unknown",
+		"Unknown",
+		"Unknown",
+		"Unknown",
+		"Multi-Homed Registration",
+	};
+
+	if (fd->win_info[COL_NUM]) {
+			/*strcpy(fd->win_info[COL_PROTOCOL], "NBNS (UDP)");*/
+			strcpy(fd->win_info[COL_PROTOCOL], "NBNS");
+			strcpy(fd->win_info[COL_INFO], "NetBIOS Name Service");
+	}
+
+	if (tree) {
+		ti = add_item_to_tree(GTK_WIDGET(tree), offset, END_OF_FRAME,
+				"NetBIOS Name Service");
+		nbns_tree = gtk_tree_new();
+		add_subtree(ti, nbns_tree, ETT_NBNS);
+
+		/* This is taken from samba/source/nmlib.c, parse_nmb() */
+		header.name_tran_id = pntohs(&pd[offset]);
+		header.opcode = (pd[offset+2] >> 3) & 0xf;
+		header.r = (pd[offset+2] >> 7) & 1;
+
+		nm_flags = ((pd[offset+2] & 0x7) << 4) + (pd[offset+3] >> 4);
+		header.nm_flags.bcast = (nm_flags & 1) ? 1 : 0;
+		header.nm_flags.recursion_available = (nm_flags & 8) ? 1 : 0;
+		header.nm_flags.recursion_desired = (nm_flags & 0x10) ? 1 : 0;
+		header.nm_flags.trunc = (nm_flags & 0x20) ? 1 : 0;
+		header.nm_flags.authoritative = (nm_flags & 0x40) ? 1 : 0;
+
+		header.rcode = pd[offset+3] & 0xf;
+		header.qdcount = pletohs(&pd[offset+4]);
+		header.ancount = pletohs(&pd[offset+6]);
+		header.nscount = pletohs(&pd[offset+8]);
+		header.arcount = pletohs(&pd[offset+10]);
+
+		add_item_to_tree(nbns_tree, offset,		2, "Transaction ID: 0x%04X",
+				header.name_tran_id);
+		add_item_to_tree(nbns_tree, offset + 2,	1,	"Type: %s",
+				header.r == 0 ? "Request" : "Response" );
+		
+		if (header.opcode <= 15) {
+			add_item_to_tree(nbns_tree, offset + 2, 1, "Operation: %s (%d)",
+					opcode[header.opcode], header.opcode);
+		}
+		else {
+			add_item_to_tree(nbns_tree, offset + 2, 1, "Operation: Unknown (%d)",
+					header.opcode);
+		}
+
+/*		add_item_to_tree(nbns_tree, offset+2,	2, */
+	}
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+