diff options
author | Gilbert Ramirez <gram@alumni.rice.edu> | 1998-10-14 04:09:15 +0000 |
---|---|---|
committer | Gilbert Ramirez <gram@alumni.rice.edu> | 1998-10-14 04:09:15 +0000 |
commit | 4ef47e6cfb53cadbc9b8ccb7dab2177de485a43d (patch) | |
tree | 53103eec0a5de73a861d99f5fbc1e5ea27d07c2a /packet-nbns.c | |
parent | 23ab0b90bdafba629123e4074457641b14a24231 (diff) | |
download | wireshark-4ef47e6cfb53cadbc9b8ccb7dab2177de485a43d.tar.gz wireshark-4ef47e6cfb53cadbc9b8ccb7dab2177de485a43d.tar.bz2 wireshark-4ef47e6cfb53cadbc9b8ccb7dab2177de485a43d.zip |
Added preliminary support for NetBIOS Name Services over IPX and UDP. Note
that these are two very different implementations of NetBIOS name services and
at the protocol level are not similar. I have put the UDP protocol in
packet-nbns.c, since it will be a very big module. I have all of rfc 1002 to
read and implement. I am planning on putting many different NetBIOS over IPX
functions in packet-nbipx.c, however, since there is no RFC or published
standard. I have to hack the protocol, and as such, I do not expect it to be
as full-featured as the IP-world equivalents.
svn path=/trunk/; revision=50
Diffstat (limited to 'packet-nbns.c')
-rw-r--r-- | packet-nbns.c | 157 |
1 files changed, 157 insertions, 0 deletions
diff --git a/packet-nbns.c b/packet-nbns.c new file mode 100644 index 0000000000..3a69973f08 --- /dev/null +++ b/packet-nbns.c @@ -0,0 +1,157 @@ +/* packet-nbns.c + * Routines for NetBIOS Name Service packet disassembly + * Gilbert Ramirez <gram@verdict.uthscsa.edu> + * + * $Id: packet-nbns.c,v 1.1 1998/10/14 04:09:11 gram Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@zing.org> + * Copyright 1998 Gerald Combs + * + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <gtk/gtk.h> +#include <pcap.h> + +#include <stdio.h> +#include <memory.h> + +#ifdef HAVE_SYS_TYPES_H +# include <sys/types.h> +#endif + +#ifdef HAVE_NETINET_IN_H +# include <netinet/in.h> +#endif + +#include "ethereal.h" +#include "packet.h" + +/* Packet structure taken from RFC 1002. See also RFC 1001. + * The Samba source code, specifically nmblib.c, also helps a lot. */ + +struct nbns_header { + + guint16 name_tran_id; + guint8 r; + guint8 opcode; + struct { + guint8 bcast; + guint8 recursion_available; + guint8 recursion_desired; + guint8 trunc; + guint8 authoritative; + } nm_flags; + guint8 rcode; + guint16 qdcount; + guint16 ancount; + guint16 nscount; + guint16 arcount; +}; + +void +dissect_nbns(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) +{ + GtkWidget *nbns_tree, *ti; + struct nbns_header header; + int nm_flags; + + char *opcode[] = { + "Query", + "Unknown", + "Unknown", + "Unknown", + "Unknown", + "Registration", + "Release", + "Wait and Acknowledge", + "Refresh" + "Refresh(altcode)" + "Unknown", + "Unknown", + "Unknown", + "Unknown", + "Unknown", + "Multi-Homed Registration", + }; + + if (fd->win_info[COL_NUM]) { + /*strcpy(fd->win_info[COL_PROTOCOL], "NBNS (UDP)");*/ + strcpy(fd->win_info[COL_PROTOCOL], "NBNS"); + strcpy(fd->win_info[COL_INFO], "NetBIOS Name Service"); + } + + if (tree) { + ti = add_item_to_tree(GTK_WIDGET(tree), offset, END_OF_FRAME, + "NetBIOS Name Service"); + nbns_tree = gtk_tree_new(); + add_subtree(ti, nbns_tree, ETT_NBNS); + + /* This is taken from samba/source/nmlib.c, parse_nmb() */ + header.name_tran_id = pntohs(&pd[offset]); + header.opcode = (pd[offset+2] >> 3) & 0xf; + header.r = (pd[offset+2] >> 7) & 1; + + nm_flags = ((pd[offset+2] & 0x7) << 4) + (pd[offset+3] >> 4); + header.nm_flags.bcast = (nm_flags & 1) ? 1 : 0; + header.nm_flags.recursion_available = (nm_flags & 8) ? 1 : 0; + header.nm_flags.recursion_desired = (nm_flags & 0x10) ? 1 : 0; + header.nm_flags.trunc = (nm_flags & 0x20) ? 1 : 0; + header.nm_flags.authoritative = (nm_flags & 0x40) ? 1 : 0; + + header.rcode = pd[offset+3] & 0xf; + header.qdcount = pletohs(&pd[offset+4]); + header.ancount = pletohs(&pd[offset+6]); + header.nscount = pletohs(&pd[offset+8]); + header.arcount = pletohs(&pd[offset+10]); + + add_item_to_tree(nbns_tree, offset, 2, "Transaction ID: 0x%04X", + header.name_tran_id); + add_item_to_tree(nbns_tree, offset + 2, 1, "Type: %s", + header.r == 0 ? "Request" : "Response" ); + + if (header.opcode <= 15) { + add_item_to_tree(nbns_tree, offset + 2, 1, "Operation: %s (%d)", + opcode[header.opcode], header.opcode); + } + else { + add_item_to_tree(nbns_tree, offset + 2, 1, "Operation: Unknown (%d)", + header.opcode); + } + +/* add_item_to_tree(nbns_tree, offset+2, 2, */ + } +} + + + + + + + + + + + + + + + |