diff options
| -rw-r--r-- | ipproto.c | 3 | ||||
| -rw-r--r-- | packet-ip.c | 7 | ||||
| -rw-r--r-- | packet-ip.h | 3 | ||||
| -rw-r--r-- | packet-ipsec.c | 109 | ||||
| -rw-r--r-- | packet-ipv6.c | 5 | ||||
| -rw-r--r-- | packet.h | 4 |
6 files changed, 115 insertions, 16 deletions
@@ -1,7 +1,7 @@ /* ipproto.c * Routines for converting IPv4 protocol/v6 nxthdr field into string * - * $Id: ipproto.c,v 1.1 1999/10/14 03:50:27 itojun Exp $ + * $Id: ipproto.c,v 1.2 1999/10/15 05:30:35 itojun Exp $ * * Gilbert Ramirez <gram@verdict.uthscsa.edu> * @@ -87,6 +87,7 @@ static const value_string ipproto_val[] = { { IP_PROTO_OSPF, "OSPF" }, { IP_PROTO_ENCAP, "ENCAP" }, { IP_PROTO_PIM, "PIM" }, + { IP_PROTO_IPCOMP, "IPComp" }, { 0, NULL }, }; diff --git a/packet-ip.c b/packet-ip.c index db8c6fb5e2..2c1fc03bbf 100644 --- a/packet-ip.c +++ b/packet-ip.c @@ -1,7 +1,7 @@ /* packet-ip.c * Routines for IP and miscellaneous IP protocol packet disassembly * - * $Id: packet-ip.c,v 1.54 1999/10/14 16:46:55 itojun Exp $ + * $Id: packet-ip.c,v 1.55 1999/10/15 05:30:35 itojun Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -881,6 +881,9 @@ again: case IP_PROTO_PIM: dissect_pim(pd, offset, fd, tree); break; + case IP_PROTO_IPCOMP: + dissect_ipcomp(pd, offset, fd, tree); + break; default: dissect_data(pd, offset, fd, tree); break; @@ -1282,7 +1285,7 @@ proto_register_ip(void) "" }}, { &hf_ip_proto, - { "Protocol", "ip.proto", FT_UINT8, BASE_HEX, VALS(proto_vals), 0x0, + { "Protocol", "ip.proto", FT_UINT8, BASE_HEX, NULL, 0x0, "" }}, { &hf_ip_checksum, diff --git a/packet-ip.h b/packet-ip.h index 4abde3cbd8..2f122624cd 100644 --- a/packet-ip.h +++ b/packet-ip.h @@ -1,7 +1,7 @@ /* packet-ip.h * Definitions for IP packet disassembly structures and routines * - * $Id: packet-ip.h,v 1.5 1999/08/28 08:31:27 guy Exp $ + * $Id: packet-ip.h,v 1.6 1999/10/15 05:30:39 itojun Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -60,6 +60,7 @@ #define IP_PROTO_OSPF 89 #define IP_PROTO_ENCAP 98 /* encapsulation header */ #define IP_PROTO_PIM 103 /* Protocol Independent Mcast */ +#define IP_PROTO_IPCOMP 108 /* IP payload compression */ typedef enum { NO_LENGTH, /* option has no data, hence no length */ diff --git a/packet-ipsec.c b/packet-ipsec.c index 9d9bef8fd9..e6654e0a09 100644 --- a/packet-ipsec.c +++ b/packet-ipsec.c @@ -1,7 +1,7 @@ /* packet-ipsec.c - * Routines for IPsec packet disassembly + * Routines for IPsec/IPComp packet disassembly * - * $Id: packet-ipsec.c,v 1.6 1999/10/14 03:50:29 itojun Exp $ + * $Id: packet-ipsec.c,v 1.7 1999/10/15 05:30:40 itojun Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -47,6 +47,8 @@ static int hf_ah_sequence = -1; static int proto_esp = -1; static int hf_esp_spi = -1; static int hf_esp_sequence = -1; +static int proto_ipcomp = -1; +static int hf_ipcomp_cpi = -1; struct newah { guint8 ah_nxt; /* Next Header */ @@ -68,6 +70,25 @@ struct newesp { /*variable size, 32bit bound*/ /* Authentication data */ }; +struct ipcomp { + guint8 comp_nxt; /* Next Header */ + guint8 comp_flags; /* Must be zero */ + guint16 comp_cpi; /* Compression parameter index */ +}; + +/* well-known algorithm number (in CPI), from RFC2409 */ +#define IPCOMP_OUI 1 /* vendor specific */ +#define IPCOMP_DEFLATE 2 /* RFC2394 */ +#define IPCOMP_LZS 3 /* RFC2395 */ +#define IPCOMP_MAX 4 + +static const value_string cpi2val[] = { + { IPCOMP_OUI, "OUI" }, + { IPCOMP_DEFLATE, "DEFLATE" }, + { IPCOMP_LZS, "LZS" }, + { 0, NULL }, +}; + #ifndef offsetof #define offsetof(type, member) ((size_t)(&((type *)0)->member)) #endif @@ -86,7 +107,7 @@ dissect_ah(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) if (check_col(fd, COL_PROTOCOL)) col_add_str(fd, COL_PROTOCOL, "AH"); if (check_col(fd, COL_INFO)) { - col_add_fstr(fd, COL_INFO, "AH (SPI=%08x)", + col_add_fstr(fd, COL_INFO, "AH (SPI=0x%08x)", (guint32)ntohl(ah.ah_spi)); } @@ -102,11 +123,12 @@ dissect_ah(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) proto_tree_add_item_format(ah_tree, hf_ah_spi, offset + offsetof(struct newah, ah_spi), 4, (guint32)ntohl(ah.ah_spi), - "SPI: %08x", (guint32)ntohl(ah.ah_spi)); + "SPI: 0x%08x", + (guint32)ntohl(ah.ah_spi)); proto_tree_add_item_format(ah_tree, hf_ah_sequence, offset + offsetof(struct newah, ah_seq), 4, (guint32)ntohl(ah.ah_seq), - "Sequence?: %08x", + "Sequence?: 0x%08x", (guint32)ntohl(ah.ah_seq)); proto_tree_add_text(ah_tree, offset + sizeof(ah), (ah.ah_len - 1) << 2, "ICV"); @@ -132,7 +154,7 @@ dissect_esp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) if (check_col(fd, COL_PROTOCOL)) col_add_str(fd, COL_PROTOCOL, "ESP"); if (check_col(fd, COL_INFO)) { - col_add_fstr(fd, COL_INFO, "ESP (SPI=%08x)", + col_add_fstr(fd, COL_INFO, "ESP (SPI=0x%08x)", (guint32)ntohl(esp.esp_spi)); } @@ -141,18 +163,76 @@ dissect_esp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) * (ie none) */ if(tree) { - ti = proto_tree_add_item(tree, proto_esp, 0, 0, NULL); + ti = proto_tree_add_item(tree, proto_esp, offset, END_OF_FRAME, NULL); esp_tree = proto_item_add_subtree(ti, ETT_ESP); proto_tree_add_item_format(esp_tree, hf_esp_spi, offset + offsetof(struct newesp, esp_spi), 4, (guint32)ntohl(esp.esp_spi), - "SPI: %08x", + "SPI: 0x%08x", (guint32)ntohl(esp.esp_spi)); proto_tree_add_item_format(esp_tree, hf_esp_sequence, offset + offsetof(struct newesp, esp_seq), 4, (guint32)ntohl(esp.esp_seq), - "Sequence?: %08x", + "Sequence?: 0x%08x", (guint32)ntohl(esp.esp_seq)); + dissect_data(pd, offset + sizeof(struct newesp), fd, esp_tree); + } +} + +void +dissect_ipcomp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) +{ + proto_tree *ipcomp_tree; + proto_item *ti; + struct ipcomp ipcomp; + char *p; + + memcpy(&ipcomp, (void *) &pd[offset], sizeof(ipcomp)); + + /* + * load the top pane info. This should be overwritten by + * the next protocol in the stack + */ + if (check_col(fd, COL_PROTOCOL)) + col_add_str(fd, COL_PROTOCOL, "IPComp"); + if (check_col(fd, COL_INFO)) { + p = val_to_str(ntohs(ipcomp.comp_cpi), cpi2val, ""); + if (p[0] == '\0') { + col_add_fstr(fd, COL_INFO, "IPComp (CPI=0x%04x)", + ntohs(ipcomp.comp_cpi)); + } else + col_add_fstr(fd, COL_INFO, "IPComp (CPI=%s)", p); + } + + /* + * populate a tree in the second pane with the status of the link layer + * (ie none) + */ + if (tree) { + ti = proto_tree_add_item(tree, proto_ipcomp, offset, END_OF_FRAME, + NULL); + ipcomp_tree = proto_item_add_subtree(ti, ETT_IPCOMP); + + proto_tree_add_text(ipcomp_tree, + offset + offsetof(struct ipcomp, comp_nxt), 1, + "Next Header: %s (0x%02x)", + ipprotostr(ipcomp.comp_nxt), ipcomp.comp_nxt); + proto_tree_add_text(ipcomp_tree, + offset + offsetof(struct ipcomp, comp_flags), 1, + "Flags: 0x%02x", ipcomp.comp_flags); + p = val_to_str(ntohs(ipcomp.comp_cpi), cpi2val, ""); + if (p[0] == '\0') { + proto_tree_add_item(ipcomp_tree, hf_ipcomp_cpi, + offset + offsetof(struct ipcomp, comp_cpi), 2, + ntohs(ipcomp.comp_cpi)); + } else { + proto_tree_add_item_format(ipcomp_tree, hf_ipcomp_cpi, + offset + offsetof(struct ipcomp, comp_cpi), 2, + ntohs(ipcomp.comp_cpi), + "CPI: %s (0x%04x)", + p, ntohs(ipcomp.comp_cpi)); + } + dissect_data(pd, offset + sizeof(struct ipcomp), fd, ipcomp_tree); } } @@ -178,9 +258,18 @@ proto_register_ipsec(void) "" }} }; + static hf_register_info hf_ipcomp[] = { + { &hf_ipcomp_cpi, + { "CPI", "ipcomp.cpi", FT_UINT16, BASE_HEX, NULL, 0x0, + "" }}, + }; + proto_ah = proto_register_protocol("Authentication Header", "ah"); - proto_esp = proto_register_protocol("Encapsulated Security Payload", "esp"); proto_register_field_array(proto_ah, hf_ah, array_length(hf_ah)); + + proto_esp = proto_register_protocol("Encapsulated Security Payload", "esp"); proto_register_field_array(proto_esp, hf_esp, array_length(hf_esp)); + proto_ipcomp = proto_register_protocol("IP Payload Compression", "ipcomp"); + proto_register_field_array(proto_ipcomp, hf_ipcomp, array_length(hf_ipcomp)); } diff --git a/packet-ipv6.c b/packet-ipv6.c index 2aacc8fc37..62dbf5ac0f 100644 --- a/packet-ipv6.c +++ b/packet-ipv6.c @@ -1,7 +1,7 @@ /* packet-ipv6.c * Routines for IPv6 packet disassembly * - * $Id: packet-ipv6.c,v 1.21 1999/10/15 04:22:48 itojun Exp $ + * $Id: packet-ipv6.c,v 1.22 1999/10/15 05:30:41 itojun Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -393,6 +393,9 @@ again: #endif dissect_pim(pd, offset, fd, tree); break; + case IP_PROTO_IPCOMP: + dissect_ipcomp(pd, offset, fd, tree); + break; default: #ifdef TEST_FINALHDR proto_tree_add_item_hidden(ipv6_tree, hf_ipv6_final, poffset, 1, nxt); @@ -1,7 +1,7 @@ /* packet.h * Definitions for packet disassembly structures and routines * - * $Id: packet.h,v 1.110 1999/10/14 05:41:31 itojun Exp $ + * $Id: packet.h,v 1.111 1999/10/15 05:30:43 itojun Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -262,6 +262,7 @@ enum { ETT_TFTP, ETT_AH, ETT_ESP, + ETT_IPCOMP, ETT_ICMPv6, ETT_ICMPv6OPT, ETT_ICMPv6FLAG, @@ -481,6 +482,7 @@ void dissect_icmp(const u_char *, int, frame_data *, proto_tree *); void dissect_icmpv6(const u_char *, int, frame_data *, proto_tree *); void dissect_igmp(const u_char *, int, frame_data *, proto_tree *); void dissect_ip(const u_char *, int, frame_data *, proto_tree *); +void dissect_ipcomp(const u_char *, int, frame_data *, proto_tree *); void dissect_ipp(const u_char *, int, frame_data *, proto_tree *); void dissect_ipv6(const u_char *, int, frame_data *, proto_tree *); void dissect_ipx(const u_char *, int, frame_data *, proto_tree *); |