diff options
| -rw-r--r-- | Makefile.am | 4 | ||||
| -rw-r--r-- | Makefile.nmake | 3 | ||||
| -rw-r--r-- | capture.c | 8 | ||||
| -rw-r--r-- | packet-aarp.c | 3 | ||||
| -rw-r--r-- | packet-atalk.c | 3 | ||||
| -rw-r--r-- | packet-cdp.c | 4 | ||||
| -rw-r--r-- | packet-chdlc.c | 306 | ||||
| -rw-r--r-- | packet-chdlc.h | 46 | ||||
| -rw-r--r-- | packet-dec-bpdu.c | 4 | ||||
| -rw-r--r-- | packet-fr.c | 29 | ||||
| -rw-r--r-- | packet-ip.c | 4 | ||||
| -rw-r--r-- | packet-ipx.c | 4 | ||||
| -rw-r--r-- | packet-ppp.c | 37 | ||||
| -rw-r--r-- | ppptypes.h | 41 | ||||
| -rw-r--r-- | wiretap/libpcap.c | 22 | ||||
| -rw-r--r-- | wiretap/wtap.c | 5 | ||||
| -rw-r--r-- | wiretap/wtap.h | 5 |
17 files changed, 435 insertions, 93 deletions
diff --git a/Makefile.am b/Makefile.am index 3a4f2ed9ed..4dd24e60df 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ # Makefile.am # Automake file for Ethereal # -# $Id: Makefile.am,v 1.288 2001/03/11 02:08:30 guy Exp $ +# $Id: Makefile.am,v 1.289 2001/03/15 09:11:00 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs <gerald@zing.org> @@ -85,6 +85,7 @@ DISSECTOR_SOURCES = \ packet-bxxp.c \ packet-cdp.c \ packet-cgmp.c \ + packet-chdlc.c \ packet-clip.c \ packet-clnp.c \ packet-cops.c \ @@ -240,6 +241,7 @@ noinst_HEADERS = \ packet-atalk.h \ packet-bgp.h \ packet-bootparams.h \ + packet-chdlc.h \ packet-clip.h \ packet-ddtp.h \ packet-diameter-defs.h \ diff --git a/Makefile.nmake b/Makefile.nmake index d729c314af..1f95afce44 100644 --- a/Makefile.nmake +++ b/Makefile.nmake @@ -1,7 +1,7 @@ ## Makefile for building ethereal.exe with Microsoft C and nmake ## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake # -# $Id: Makefile.nmake,v 1.84 2001/03/11 02:08:30 guy Exp $ +# $Id: Makefile.nmake,v 1.85 2001/03/15 09:11:00 guy Exp $ include config.nmake @@ -35,6 +35,7 @@ DISSECTOR_SOURCES = \ packet-bxxp.c \ packet-cdp.c \ packet-cgmp.c \ + packet-chdlc.c \ packet-clip.c \ packet-clnp.c \ packet-cops.c \ @@ -1,7 +1,7 @@ /* capture.c * Routines for packet capture windows * - * $Id: capture.c,v 1.143 2001/02/14 09:40:20 guy Exp $ + * $Id: capture.c,v 1.144 2001/03/15 09:11:00 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -158,6 +158,7 @@ #include "packet-sll.h" #include "packet-tr.h" #include "packet-ieee80211.h" +#include "packet-chdlc.h" int promisc_mode = TRUE; /* capture in promiscuous mode */ int sync_mode; /* fork a child to do the capture, and sync between them */ @@ -1173,7 +1174,10 @@ pipe_dispatch(int fd, loop_data *ld, struct pcap_hdr *hdr) capture_clip(pd, &ld->counts); break; case WTAP_ENCAP_IEEE_802_11: - capture_ieee80211(pd,0,&ld->counts); + capture_ieee80211(pd, 0, &ld->counts); + break; + case WTAP_ENCAP_CHDLC: + capture_chdlc(pd, 0, &ld->counts); break; /* XXX - FreeBSD may append 4-byte ATM pseudo-header to DLT_ATM_RFC1483, with LLC header following; we should implement it at some diff --git a/packet-aarp.c b/packet-aarp.c index 6935e869aa..0619e746bc 100644 --- a/packet-aarp.c +++ b/packet-aarp.c @@ -1,7 +1,7 @@ /* packet-aarp.c * Routines for Appletalk ARP packet disassembly * - * $Id: packet-aarp.c,v 1.29 2001/03/13 21:34:23 gram Exp $ + * $Id: packet-aarp.c,v 1.30 2001/03/15 09:11:00 guy Exp $ * * Simon Wilkinson <sxw@dcs.ed.ac.uk> * @@ -289,4 +289,5 @@ void proto_reg_handoff_aarp(void) { dissector_add("ethertype", ETHERTYPE_AARP, dissect_aarp, proto_aarp); + dissector_add("chdlctype", ETHERTYPE_AARP, dissect_aarp, proto_aarp); } diff --git a/packet-atalk.c b/packet-atalk.c index d2f239c0ad..139dc0d7bc 100644 --- a/packet-atalk.c +++ b/packet-atalk.c @@ -1,7 +1,7 @@ /* packet-atalk.c * Routines for Appletalk packet disassembly (DDP, currently). * - * $Id: packet-atalk.c,v 1.50 2001/01/22 03:33:45 guy Exp $ + * $Id: packet-atalk.c,v 1.51 2001/03/15 09:11:00 guy Exp $ * * Simon Wilkinson <sxw@dcs.ed.ac.uk> * @@ -576,6 +576,7 @@ void proto_reg_handoff_atalk(void) { dissector_add("ethertype", ETHERTYPE_ATALK, dissect_ddp, proto_ddp); + dissector_add("chdlctype", ETHERTYPE_ATALK, dissect_ddp, proto_ddp); dissector_add("ppp.protocol", PPP_AT, dissect_ddp, proto_ddp); dissector_add("null.type", BSD_AF_APPLETALK, dissect_ddp, proto_ddp); dissector_add("ddp.type", DDP_NBP, dissect_nbp, proto_nbp); diff --git a/packet-cdp.c b/packet-cdp.c index 8c90cd4acb..04b39573a8 100644 --- a/packet-cdp.c +++ b/packet-cdp.c @@ -2,7 +2,7 @@ * Routines for the disassembly of the "Cisco Discovery Protocol" * (c) Copyright Hannes R. Boehm <hannes@boehm.org> * - * $Id: packet-cdp.c,v 1.35 2001/01/25 06:14:13 guy Exp $ + * $Id: packet-cdp.c,v 1.36 2001/03/15 09:11:00 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -574,5 +574,5 @@ void proto_reg_handoff_cdp(void) { dissector_add("llc.cisco_pid", 0x2000, dissect_cdp, proto_cdp); - dissector_add("fr.cisco", 0x2000, dissect_cdp, proto_cdp); + dissector_add("chdlctype", 0x2000, dissect_cdp, proto_cdp); } diff --git a/packet-chdlc.c b/packet-chdlc.c new file mode 100644 index 0000000000..7c5d6d64aa --- /dev/null +++ b/packet-chdlc.c @@ -0,0 +1,306 @@ +/* packet-chdlc.c + * Routines for Cisco HDLC packet disassembly + * + * $Id: packet-chdlc.c,v 1.1 2001/03/15 09:11:00 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@zing.org> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#ifdef HAVE_SYS_TYPES_H +# include <sys/types.h> +#endif + +#include <glib.h> +#include "packet.h" +#include "etypes.h" +#include "resolv.h" +#include "packet-chdlc.h" +#include "packet-ip.h" + +/* + * See section 4.3.1 of RFC 1547, and + * + * http://www.nethelp.no/net/cisco-hdlc.txt + */ + +static int proto_chdlc = -1; +static int hf_chdlc_addr = -1; +static int hf_chdlc_proto = -1; + +static gint ett_chdlc = -1; + +static int proto_slarp = -1; +static int hf_slarp_ptype = -1; +static int hf_slarp_address = -1; +static int hf_slarp_mysequence = -1; +static int hf_slarp_yoursequence = -1; + +static gint ett_slarp = -1; + +/* + * Protocol types for the Cisco HDLC format. + * + * As per the above, according to RFC 1547, these are "standard 16 bit + * Ethernet protocol type code[s]", but 0x8035 is Reverse ARP, and + * that is (at least according to the Linux ISDN code) not the + * same as Cisco SLARP. + * + * In addition, 0x2000 is apparently the Cisco Discovery Protocol, but + * on Ethernet those are encapsulated inside SNAP with an OUI of + * OUI_CISCO, not OUI_ENCAP_ETHER. + * + * Perhaps we should set up a protocol table for those protocols + * that differ between Ethernet and Cisco HDLC, and have the PPP + * code first try that table and, if it finds nothing in that + * table, call "ethertype()". (Unfortunately, that means that - + * assuming we had a Cisco SLARP dissector - said dissector were + * disabled, SLARP packets would be dissected as Reverse ARP + * packets, not as data.) + */ +#define CISCO_SLARP 0x8035 /* Cisco SLARP protocol */ + +static dissector_table_t subdissector_table; + +static const value_string chdlc_address_vals[] = { + {CHDLC_ADDR_UNICAST, "Unicast"}, + {CHDLC_ADDR_MULTICAST, "Multicast"}, + {0, NULL} +}; + +const value_string chdlc_vals[] = { + {0x2000, "Cisco Discovery Protocol"}, + {ETHERTYPE_IP, "IP"}, + {CISCO_SLARP, "SLARP"}, + {ETHERTYPE_DEC_LB, "DEC LanBridge"}, + {ETHERTYPE_ATALK, "Appletalk"}, + {ETHERTYPE_AARP, "AARP"}, + {ETHERTYPE_IPX, "Netware IPX/SPX"}, + {0, NULL} +}; + +void +capture_chdlc( const u_char *pd, int offset, packet_counts *ld ) { + switch (pntohs(&pd[offset + 2])) { + case ETHERTYPE_IP: + capture_ip(pd, offset + 4, ld); + break; + default: + ld->other++; + break; + } +} + +void +chdlctype(guint16 chdlctype, tvbuff_t *tvb, int offset_after_chdlctype, + packet_info *pinfo, proto_tree *tree, proto_tree *fh_tree, + int chdlctype_id) +{ + tvbuff_t *next_tvb; + + if (tree) { + proto_tree_add_uint(fh_tree, chdlctype_id, tvb, + offset_after_chdlctype - 2, 2, chdlctype); + } + + next_tvb = tvb_new_subset(tvb, offset_after_chdlctype, -1, -1); + + /* do lookup with the subdissector table */ + if (!dissector_try_port(subdissector_table, chdlctype, next_tvb, pinfo, tree)) { + if (check_col(pinfo->fd, COL_PROTOCOL)) + col_add_fstr(pinfo->fd, COL_PROTOCOL, "0x%04x", chdlctype); + dissect_data(next_tvb, 0, pinfo, tree); + } +} + +static void +dissect_chdlc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + proto_item *ti; + proto_tree *fh_tree = NULL; + guint8 addr; + guint16 proto; + + if (check_col(pinfo->fd, COL_RES_DL_SRC)) + col_set_str(pinfo->fd, COL_RES_DL_SRC, "N/A"); + if (check_col(pinfo->fd, COL_RES_DL_DST)) + col_set_str(pinfo->fd, COL_RES_DL_DST, "N/A"); + if (check_col(pinfo->fd, COL_PROTOCOL)) + col_set_str(pinfo->fd, COL_PROTOCOL, "CHDLC"); + if (check_col(pinfo->fd, COL_INFO)) + col_clear(pinfo->fd, COL_INFO); + + addr = tvb_get_guint8(tvb, 0); + proto = tvb_get_ntohs(tvb, 2); + + if (tree) { + ti = proto_tree_add_item(tree, proto_chdlc, tvb, 0, 4, FALSE); + fh_tree = proto_item_add_subtree(ti, ett_chdlc); + + proto_tree_add_uint(fh_tree, hf_chdlc_addr, tvb, 0, 1, addr); + } + + chdlctype(proto, tvb, 4, pinfo, tree, fh_tree, hf_chdlc_proto); +} + +void +proto_register_chdlc(void) +{ + static hf_register_info hf[] = { + { &hf_chdlc_addr, + { "Address", "chdlc.address", FT_UINT8, BASE_HEX, + VALS(chdlc_address_vals), 0x0, "" }}, + { &hf_chdlc_proto, + { "Protocol", "chdlc.protocol", FT_UINT16, BASE_HEX, + VALS(chdlc_vals), 0x0, "" }}, + }; + static gint *ett[] = { + &ett_chdlc, + }; + + proto_chdlc = proto_register_protocol("Cisco HDLC", "CHDLC", "chdlc"); + proto_register_field_array(proto_chdlc, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + +/* subdissector code */ + subdissector_table = register_dissector_table("chdlctype"); + + register_dissector("chdlc", dissect_chdlc, proto_chdlc); +} + +void +proto_reg_handoff_chdlc(void) +{ + dissector_add("wtap_encap", WTAP_ENCAP_CHDLC, dissect_chdlc, proto_chdlc); +} + +#define SLARP_REQUEST 0 +#define SLARP_REPLY 1 +#define SLARP_LINECHECK 2 + +static const value_string slarp_ptype_vals[] = { + {SLARP_REQUEST, "Request"}, + {SLARP_REPLY, "Reply"}, + {SLARP_LINECHECK, "Line keepalive"}, + {0, NULL} +}; + +static void +dissect_slarp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + proto_item *ti; + proto_tree *slarp_tree = NULL; + guint32 code; + guint32 mysequence; + guint32 yoursequence; + + if (check_col(pinfo->fd, COL_PROTOCOL)) + col_set_str(pinfo->fd, COL_PROTOCOL, "SLARP"); + if (check_col(pinfo->fd, COL_INFO)) + col_clear(pinfo->fd, COL_INFO); + + code = tvb_get_ntohl(tvb, 0); + + if (tree) { + ti = proto_tree_add_item(tree, proto_slarp, tvb, 0, 14, FALSE); + slarp_tree = proto_item_add_subtree(ti, ett_slarp); + } + + switch (code) { + + case SLARP_REQUEST: + case SLARP_REPLY: + if (check_col(pinfo->fd, COL_INFO)) { + col_add_fstr(pinfo->fd, COL_INFO, "%s, from %s, mask %s", + match_strval(code, slarp_ptype_vals), + get_hostname(tvb_get_ntohl(tvb, 4)), + ip_to_str(tvb_get_ptr(tvb, 8, 4))); + } + if (tree) { + proto_tree_add_uint(slarp_tree, hf_slarp_ptype, tvb, 0, 4, code); + proto_tree_add_item(slarp_tree, hf_slarp_address, tvb, 4, 4, FALSE); + proto_tree_add_text(slarp_tree, tvb, 8, 4, + "Netmask: %s", ip_to_str(tvb_get_ptr(tvb, 8, 4))); + } + break; + + case SLARP_LINECHECK: + mysequence = tvb_get_ntohl(tvb, 4); + yoursequence = tvb_get_ntohl(tvb, 8); + if (check_col(pinfo->fd, COL_INFO)) { + col_add_fstr(pinfo->fd, COL_INFO, + "%s, outgoing sequence %u, returned sequence %u", + match_strval(code, slarp_ptype_vals), + mysequence, yoursequence); + } + if (tree) { + proto_tree_add_uint(slarp_tree, hf_slarp_ptype, tvb, 0, 4, code); + proto_tree_add_uint(slarp_tree, hf_slarp_mysequence, tvb, 4, 4, + mysequence); + proto_tree_add_uint(slarp_tree, hf_slarp_mysequence, tvb, 8, 4, + yoursequence); + } + break; + + default: + if (check_col(pinfo->fd, COL_INFO)) + col_add_fstr(pinfo->fd, COL_INFO, "Unknown packet type 0x%08X", code); + if (tree) { + proto_tree_add_uint(slarp_tree, hf_slarp_ptype, tvb, 0, 4, code); + dissect_data(tvb, 4, pinfo, slarp_tree); + } + break; + } +} + +void +proto_register_slarp(void) +{ + static hf_register_info hf[] = { + { &hf_slarp_ptype, + { "Packet type", "slarp.ptype", FT_UINT32, BASE_DEC, + VALS(slarp_ptype_vals), 0x0, "" }}, + { &hf_slarp_address, + { "Address", "slarp.address", FT_IPv4, BASE_NONE, + NULL, 0x0, "" }}, + /* XXX - need an FT_ for netmasks, which is like FT_IPV4 but doesn't + get translated to a host name. */ + { &hf_slarp_mysequence, + { "Outgoing sequence number", "slarp.mysequence", FT_UINT32, BASE_DEC, + NULL, 0x0, "" }}, + { &hf_slarp_yoursequence, + { "Returned sequence number", "slarp.yoursequence", FT_UINT32, BASE_DEC, + NULL, 0x0, "" }}, + }; + static gint *ett[] = { + &ett_chdlc, + }; + + proto_slarp = proto_register_protocol("Cisco SLARP", "SLARP", "slarp"); + proto_register_field_array(proto_slarp, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); +} + +void +proto_reg_handoff_slarp(void) +{ + dissector_add("chdlctype", CISCO_SLARP, dissect_slarp, proto_slarp); +} diff --git a/packet-chdlc.h b/packet-chdlc.h new file mode 100644 index 0000000000..361be8a1b1 --- /dev/null +++ b/packet-chdlc.h @@ -0,0 +1,46 @@ +/* packet-chdlc.h + * + * $Id: packet-chdlc.h,v 1.1 2001/03/15 09:11:00 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@zing.org> + * Copyright 1998 Gerald Combs + * + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef __PACKET_CHDLC_H__ +#define __PACKET_CHDLC_H__ + +/* + * See section 4.3.1 of RFC 1547, and + * + * http://www.nethelp.no/net/cisco-hdlc.txt + */ + +#define CHDLC_ADDR_UNICAST 0x0f +#define CHDLC_ADDR_MULTICAST 0x8f + +void capture_chdlc(const u_char *, int, packet_counts *); + +const value_string chdlc_vals[]; + +void +chdlctype(guint16 chdlctype, tvbuff_t *tvb, int offset_after_chdlctype, + packet_info *pinfo, proto_tree *tree, proto_tree *fh_tree, + int chdlctype_id); + +#endif diff --git a/packet-dec-bpdu.c b/packet-dec-bpdu.c index 9bb850f0dc..5a1b0ef7d7 100644 --- a/packet-dec-bpdu.c +++ b/packet-dec-bpdu.c @@ -1,7 +1,7 @@ /* packet-dec-bpdu.c * Routines for DEC BPDU (DEC Spanning Tree Protocol) disassembly * - * $Id: packet-dec-bpdu.c,v 1.6 2001/01/25 06:14:14 guy Exp $ + * $Id: packet-dec-bpdu.c,v 1.7 2001/03/15 09:11:00 guy Exp $ * * Copyright 2001 Paul Ionescu <paul@acorp.ro> * @@ -167,6 +167,8 @@ proto_reg_handoff_dec_bpdu(void) { dissector_add("ethertype", ETHERTYPE_DEC_LB, dissect_dec_bpdu, proto_dec_bpdu); + dissector_add("chdlctype", ETHERTYPE_DEC_LB, dissect_dec_bpdu, + proto_dec_bpdu); dissector_add("ppp.protocol", PPP_DEC_LB, dissect_dec_bpdu, proto_dec_bpdu); } diff --git a/packet-fr.c b/packet-fr.c index 3d0efc7d1d..35705c4119 100644 --- a/packet-fr.c +++ b/packet-fr.c @@ -3,7 +3,7 @@ * * Copyright 2001, Paul Ionescu <paul@acorp.ro> * - * $Id: packet-fr.c,v 1.8 2001/01/25 06:14:14 guy Exp $ + * $Id: packet-fr.c,v 1.9 2001/03/15 09:11:00 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -37,6 +37,7 @@ #include <glib.h> #include "packet.h" #include "packet-llc.h" +#include "packet-chdlc.h" #include "xdlc.h" #include "oui.h" #include "nlpid.h" @@ -50,12 +51,12 @@ static gint hf_fr_becn = -1; static gint hf_fr_fecn = -1; static gint hf_fr_de = -1; static gint hf_fr_nlpid = -1; -static gint hf_fr_oui = -1; -static gint hf_fr_pid = -1; -static gint hf_fr_type = -1; +static gint hf_fr_oui = -1; +static gint hf_fr_pid = -1; +static gint hf_fr_snaptype = -1; +static gint hf_fr_chdlctype = -1; static dissector_table_t fr_subdissector_table; -static dissector_table_t fr_cisco_subdissector_table; static void dissect_lapf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); static void dissect_fr_xid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); @@ -119,7 +120,7 @@ static void dissect_fr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) if (fr_nlpid == NLPID_SNAP) { dissect_snap(tvb, offset, pinfo, tree, fr_tree, fr_ctrl, - hf_fr_oui, hf_fr_type, hf_fr_pid, 0); + hf_fr_oui, hf_fr_snaptype, hf_fr_pid, 0); return; } @@ -165,10 +166,8 @@ static void dissect_fr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) * the DLCI# is not 0, then there may be Cisco Frame Relay encapsulation. */ proto_tree_add_text(fr_tree, tvb, offset, 0, "------- Cisco Encapsulation -------"); - fr_type = tvb_get_ntohs( tvb, offset); - proto_tree_add_uint(fr_tree, hf_fr_type,tvb, offset, 2, fr_type ); - if (!dissector_try_port(fr_cisco_subdissector_table,fr_type, tvb_new_subset(tvb,offset+2,-1,-1), pinfo, tree)) - dissect_data(tvb_new_subset(tvb,offset+2,-1,-1), offset+2, pinfo, tree); + fr_type = tvb_get_ntohs(tvb, offset); + chdlctype(fr_type, tvb, offset+2, pinfo, tree, fr_tree, hf_fr_chdlctype); } } @@ -211,9 +210,12 @@ void proto_register_fr(void) { &hf_fr_pid, { "Protocol ID", "fr.snap.pid", FT_UINT16, BASE_HEX, NULL, 0x0, ""}}, - { &hf_fr_type, { - "Type", "fr.type", FT_UINT16, BASE_HEX, - NULL, 0x0, "FrameRelay SNAP Encapsulated Protocol" }}, + { &hf_fr_snaptype, { + "Type", "fr.snaptype", FT_UINT16, BASE_HEX, + VALS(etype_vals), 0x0, "FrameRelay SNAP Encapsulated Protocol" }}, + { &hf_fr_chdlctype, { + "Type", "fr.chdlctype", FT_UINT16, BASE_HEX, + VALS(chdlc_vals), 0x0, "FrameRelay Cisco HDLC Encapsulated Protocol" }}, }; @@ -227,7 +229,6 @@ void proto_register_fr(void) proto_register_subtree_array(ett, array_length(ett)); fr_subdissector_table = register_dissector_table("fr.ietf"); - fr_cisco_subdissector_table = register_dissector_table("fr.cisco"); } void proto_reg_handoff_fr(void) diff --git a/packet-ip.c b/packet-ip.c index 69d29e1247..299c23a937 100644 --- a/packet-ip.c +++ b/packet-ip.c @@ -1,7 +1,7 @@ /* packet-ip.c * Routines for IP and miscellaneous IP protocol packet disassembly * - * $Id: packet-ip.c,v 1.126 2001/03/05 19:59:01 guy Exp $ + * $Id: packet-ip.c,v 1.127 2001/03/15 09:11:00 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -1486,7 +1486,7 @@ proto_reg_handoff_ip(void) dissector_add("llc.dsap", SAP_IP, dissect_ip, proto_ip); dissector_add("ip.proto", IP_PROTO_IPIP, dissect_ip, proto_ip); dissector_add("null.type", BSD_AF_INET, dissect_ip, proto_ip); - dissector_add("fr.cisco", ETHERTYPE_IP, dissect_ip, proto_ip); + dissector_add("chdlctype", ETHERTYPE_IP, dissect_ip, proto_ip); dissector_add("fr.ietf", NLPID_IP, dissect_ip, proto_ip); } diff --git a/packet-ipx.c b/packet-ipx.c index 79b1540313..d0b651bbbf 100644 --- a/packet-ipx.c +++ b/packet-ipx.c @@ -2,7 +2,7 @@ * Routines for NetWare's IPX * Gilbert Ramirez <gram@xiexie.org> * - * $Id: packet-ipx.c,v 1.79 2001/03/13 21:34:23 gram Exp $ + * $Id: packet-ipx.c,v 1.80 2001/03/15 09:11:01 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -893,7 +893,7 @@ proto_reg_handoff_ipx(void) { dissector_add("udp.port", UDP_PORT_IPX, dissect_ipx, proto_ipx); dissector_add("ethertype", ETHERTYPE_IPX, dissect_ipx, proto_ipx); - dissector_add("fr.cisco", ETHERTYPE_IPX, dissect_ipx, proto_ipx); + dissector_add("chdlctype", ETHERTYPE_IPX, dissect_ipx, proto_ipx); dissector_add("ppp.protocol", PPP_IPX, dissect_ipx, proto_ipx); dissector_add("llc.dsap", SAP_NETWARE, dissect_ipx, proto_ipx); dissector_add("null.type", BSD_AF_IPX, dissect_ipx, proto_ipx); diff --git a/packet-ppp.c b/packet-ppp.c index df70d2675b..4433d8b688 100644 --- a/packet-ppp.c +++ b/packet-ppp.c @@ -1,7 +1,7 @@ /* packet-ppp.c * Routines for ppp packet disassembly * - * $Id: packet-ppp.c,v 1.55 2001/01/21 22:10:22 guy Exp $ + * $Id: packet-ppp.c,v 1.56 2001/03/15 09:11:01 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -39,6 +39,7 @@ #include "ppptypes.h" #include "etypes.h" #include "packet-atalk.h" +#include "packet-chdlc.h" #include "packet-ip.h" #include "packet-ipv6.h" #include "packet-ipx.h" @@ -80,6 +81,7 @@ static int ett_mp = -1; static int ett_mp_flags = -1; static dissector_table_t subdissector_table; +static dissector_handle_t chdlc_handle; /* options */ static gint ppp_fcs_decode = 0; /* 0 = No FCS, 1 = 16 bit FCS, 2 = 32 bit FCS */ @@ -118,8 +120,6 @@ static const value_string ppp_vals[] = { {PPP_LQR, "Link Quality Report protocol" }, {PPP_CHAP, "Cryptographic Handshake Auth. Protocol" }, {PPP_CBCP, "Callback Control Protocol" }, - {ETHERTYPE_IP, "Cisco HDLC IP"}, - {CISCO_SLARP, "Cisco HDLC SLARP"}, {0, NULL } }; @@ -682,9 +682,12 @@ fcs32(guint32 fcs, void capture_ppp( const u_char *pd, int offset, packet_counts *ld ) { + if (pd[0] == CHDLC_ADDR_UNICAST || pd[0] == CHDLC_ADDR_MULTICAST) { + capture_chdlc(pd, offset, ld); + return; + } switch (pntohs(&pd[offset + 2])) { case PPP_IP: - case ETHERTYPE_IP: capture_ip(pd, offset + 4, ld); break; case PPP_IPX: @@ -1303,20 +1306,23 @@ dissect_ppp( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree ) { guint32 rx_fcs_got; byte0 = tvb_get_guint8(tvb, 0); + if (byte0 == CHDLC_ADDR_UNICAST || byte0 == CHDLC_ADDR_MULTICAST) { + /* Cisco HDLC encapsulation */ + call_dissector(chdlc_handle, tvb, pinfo, tree); + } + + /* + * XXX - should we have a routine that always dissects PPP, for use + * when we know the packets are PPP, not CHDLC? + */ + /* PPP HDLC encapsulation */ if (byte0 == 0xff) { ph.ppp_addr = tvb_get_guint8(tvb, 0); ph.ppp_ctl = tvb_get_guint8(tvb, 1); ph.ppp_prot = tvb_get_ntohs(tvb, 2); proto_offset = 2; } - /* Cisco HDLC format */ - else if (byte0 == 0x0f) { - ph.ppp_addr = tvb_get_guint8(tvb, 0); - ph.ppp_ctl = tvb_get_guint8(tvb, 1); - ph.ppp_prot = tvb_get_ntohs(tvb, 2); - proto_offset = 2; - } else { /* address and control are compressed (NULL) */ ph.ppp_prot = tvb_get_ntohs(tvb, 0); @@ -1340,10 +1346,6 @@ dissect_ppp( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree ) { proto_tree_add_text(fh_tree, tvb, 0, 1, "Address: %02x", ph.ppp_addr); proto_tree_add_text(fh_tree, tvb, 1, 1, "Control: %02x", ph.ppp_ctl); } - else if (byte0 == 0x0f) { - proto_tree_add_text(fh_tree, tvb, 0, 1, "Address: %02x", ph.ppp_addr); - proto_tree_add_text(fh_tree, tvb, 1, 1, "Control: %02x", ph.ppp_ctl); - } } next_tvb = tvb_new_subset(tvb, proto_offset, -1, -1); @@ -1421,6 +1423,11 @@ proto_register_ppp(void) void proto_reg_handoff_ppp(void) { + /* + * Get a handle for the CHDLC dissector. + */ + chdlc_handle = find_dissector("chdlc"); + dissector_add("wtap_encap", WTAP_ENCAP_PPP, dissect_ppp, proto_ppp); dissector_add("wtap_encap", WTAP_ENCAP_PPP_WITH_PHDR, dissect_ppp, proto_ppp); dissector_add("fr.ietf", NLPID_PPP, dissect_ppp, proto_ppp); diff --git a/ppptypes.h b/ppptypes.h index 9268a123d2..0e09b7f30b 100644 --- a/ppptypes.h +++ b/ppptypes.h @@ -1,7 +1,7 @@ /* ppptypes.h * Defines PPP packet types. * - * $Id: ppptypes.h,v 1.5 2001/01/14 08:25:14 guy Exp $ + * $Id: ppptypes.h,v 1.6 2001/03/15 09:11:01 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -54,43 +54,4 @@ #define PPP_CHAP 0xc223 /* Cryptographic Handshake Auth. Protocol */ #define PPP_CBCP 0xc029 /* Callback Control Protocol */ -/* - * Address and control field for Cisco HDLC. - * RFC 1547, "Requirements for an Internet Standard Point-to-Point Protocol", - * section 4.3.1 "Cisco Systems point-to-point protocols", says - * - * The Cisco Systems gateway supports both asynchronous links using SLIP - * and synchronous links using either simple HDLC framing, X.25 LAPB or - * full X.25. The HDLC framing procedure includes a four byte header. - * The first octet (address) is either 0x0F (unicast intent) or 0x8F - * (multicast intent). The second octet (control byte) is left zero and - * is not checked on reception. The third and fourth octets contain a - * standard 16 bit Ethernet protocol type code. - * - * This is the first two octets for unicast intent frames. - */ -#define CISCO_HDLC_ADDR_CTRL 0x0F00 /* Internet Protocol */ - -/* - * Protocol types for the Cisco HDLC format. - * - * As per the above, according to RFC 1547, these are "standard 16 bit - * Ethernet protocol type code[s]", but 0x8035 is Reverse ARP, and - * that is (at least according to the Linux ISDN code) not the - * same as Cisco SLARP. - * - * In addition, 0x2000 is apparently the Cisco Discovery Protocol, but - * on Ethernet those are encapsulated inside SNAP with an OUI of - * OUI_CISCO, not OUI_ENCAP_ETHER. - * - * Perhaps we should set up a protocol table for those protocols - * that differ between Ethernet and Cisco HDLC, and have the PPP - * code first try that table and, if it finds nothing in that - * table, call "ethertype()". (Unfortunately, that means that - - * assuming we had a Cisco SLARP dissector - said dissector were - * disabled, SLARP packets would be dissected as Reverse ARP - * packets, not as data. - */ -#define CISCO_SLARP 0x8035 /* Cisco SLARP protocol */ - #endif /* ppptypes.h */ diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index 5f2067ef0a..b85d518e38 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -1,6 +1,6 @@ /* libpcap.c * - * $Id: libpcap.c,v 1.47 2001/03/11 02:51:05 guy Exp $ + * $Id: libpcap.c,v 1.48 2001/03/15 09:11:03 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org> @@ -147,7 +147,11 @@ static const struct { #if defined(DLT_LOOP) && (DLT_LOOP == 12) { 12, WTAP_ENCAP_NULL }, #elif defined(DLT_C_HDLC) && (DLT_C_HDLC == 12) - /* Put entry for Cisco HDLC here */ + /* + * Put entry for Cisco HDLC here. + * XXX - is this just WTAP_ENCAP_CHDLC, i.e. does the frame + * start with a 4-byte Cisco HDLC header? + */ #else { 12, WTAP_ENCAP_RAW_IP }, #endif @@ -220,7 +224,7 @@ static const struct { { 16, WTAP_ENCAP_LINUX_ATM_CLIP }, #endif #if defined(DLT_HDLC) && (DLT_HDLC == 16) - { 16, WTAP_ENCAP_PPP }, + { 16, WTAP_ENCAP_CHDLC }, #endif /* @@ -296,6 +300,11 @@ static const struct { * WTAP_ENCAP_PPP now) and "PPP where there's either HDLC * encapsulation or Cisco PPP" (which is what DLT_PPP_SERIAL * is) at some point. + * + * XXX - NetBSD has DLT_HDLC, which appears to be used for + * Cisco HDLC. Ideally, they should use DLT_PPP_SERIAL + * only for real live HDLC-encapsulated PPP, not for Cisco + * HDLC. */ { 50, WTAP_ENCAP_PPP }, @@ -323,11 +332,8 @@ static const struct { /* * These ones are handled in Ethereal, though. - * (We currently handle Cisco HDLC like PPP; the PPP dissector - * distinguishes between HDLC-encapsulated PPP and Cisco HDLC - * by looking at the address field.) */ - { 104, WTAP_ENCAP_PPP }, /* Cisco HDLC */ + { 104, WTAP_ENCAP_CHDLC }, /* Cisco HDLC */ { 106, WTAP_ENCAP_LINUX_ATM_CLIP }, /* @@ -349,8 +355,8 @@ static const struct { { 109, WTAP_ENCAP_ENC }, /* OpenBSD IPSEC enc */ { 110, WTAP_ENCAP_LANE_802_3 },/* ATM LANE 802.3 */ { 111, WTAP_ENCAP_HIPPI }, /* NetBSD HIPPI */ - { 112, WTAP_ENCAP_HDLC }, /* NetBSD HDLC framing */ #endif + { 112, WTAP_ENCAP_CHDLC }, /* NetBSD HDLC framing */ /* * Linux "cooked mode" captures, used by the current CVS version diff --git a/wiretap/wtap.c b/wiretap/wtap.c index 8ea3ed0916..200d6420a3 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -1,6 +1,6 @@ /* wtap.c * - * $Id: wtap.c,v 1.51 2001/01/08 22:18:22 guy Exp $ + * $Id: wtap.c,v 1.52 2001/03/15 09:11:03 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org> @@ -127,6 +127,9 @@ const static struct encap_type_info { /* WTAP_ENCAP_FRELAY */ { "Frame Relay", "frelay" }, + + /* WTAP_ENCAP_CHDLC */ + { "Cisco HDLC", "chdlc" }, }; /* Name that should be somewhat descriptive. */ diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 16d39eeb25..fe4f302e77 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.85 2001/02/22 22:03:31 guy Exp $ + * $Id: wtap.h,v 1.86 2001/03/15 09:11:03 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org> @@ -97,9 +97,10 @@ #define WTAP_ENCAP_IEEE_802_11 18 #define WTAP_ENCAP_SLL 19 #define WTAP_ENCAP_FRELAY 20 +#define WTAP_ENCAP_CHDLC 21 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 21 +#define WTAP_NUM_ENCAP_TYPES 22 /* File types that can be read by wiretap. We support writing some many of these file types, too, so we |