*
* $Id$
*
- * Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@ethereal.com>
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
# include "config.h"
#endif
-#include <stdio.h>
#include <string.h>
#include <glib.h>
#include <epan/packet.h>
#include <epan/addr_resolv.h>
#include <epan/conversation.h>
+#include <epan/emem.h>
#include "packet-tcp.h"
#include "packet-udp.h"
/************** conversation hash stuff ***************/
-#define hash_init_count 20
-#define hash_val_length (sizeof(hash_entry_t))
-
-static GMemChunk *vals = NULL;
-
typedef struct {
guint32 remote_addr;
guint32 clnt_port;
/************** negotiated conversation hash stuff ***************/
-#define redirect_init_count 20
-#define redirect_val_length (sizeof(redirect_entry_t))
-
-static GMemChunk *redirect_vals = NULL;
-
static guint32 last_row= 0; /* used to see if packet is new */
redirect_info = conversation_get_proto_data(conversation,
proto_msproxy);
- if (check_col(pinfo->cinfo, COL_PROTOCOL))
- col_set_str(pinfo->cinfo, COL_PROTOCOL, "MS Proxy");
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "MS Proxy");
if (check_col(pinfo->cinfo, COL_INFO))
col_set_str(pinfo->cinfo, COL_INFO,
if ( tree) {
ti = proto_tree_add_item( tree, proto_msproxy, tvb, 0, 0,
- FALSE );
+ ENC_NA );
msp_tree = proto_item_add_subtree(ti, ett_msproxy);
if ( redirect_info->proto == PT_TCP)
decode_tcp_ports( tvb, 0, pinfo, tree, pinfo->srcport,
- pinfo->destport);
+ pinfo->destport, NULL);
else
decode_udp_ports( tvb, 0, pinfo, tree, pinfo->srcport,
pinfo->destport, -1);
}
conversation_set_dissector(conversation, msproxy_sub_handle);
- new_conv_info = g_mem_chunk_alloc(redirect_vals);
+ new_conv_info = se_alloc(sizeof(redirect_entry_t));
new_conv_info->remote_addr = hash_info->dst_addr;
new_conv_info->clnt_port = hash_info->clnt_port;
length = tvb_strnlen( tvb, offset, 255);
proto_tree_add_text( tree, tvb, offset, length, "Application: %.*s",
- length, tvb_get_ptr( tvb, offset, length));
+ length, tvb_get_ephemeral_string( tvb, offset, length));
return length;
}
-static char *get_msproxy_cmd_name( int cmd, int direction) {
+static const char *get_msproxy_cmd_name( int cmd, int direction) {
/* return the command name string for cmd */
return;
proto_tree_add_text( tree, tvb, offset, length + 1,
"User name: %.*s", length,
- tvb_get_ptr( tvb, offset, length));
+ tvb_get_ephemeral_string( tvb, offset, length));
offset += length + 2;
length = tvb_strnlen( tvb, offset, 255);
return;
proto_tree_add_text( tree, tvb, offset, length + 1,
"Application name: %.*s", length,
- tvb_get_ptr( tvb, offset, length));
+ tvb_get_ephemeral_string( tvb, offset, length));
offset += length + 1;
length = tvb_strnlen( tvb, offset, 255);
return;
proto_tree_add_text( tree, tvb, offset, length + 1,
"Client computer name: %.*s", length,
- tvb_get_ptr( tvb, offset, length));
+ tvb_get_ephemeral_string( tvb, offset, length));
}
}
if ( tree)
proto_tree_add_item( tree, hf_msproxy_bindaddr, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 4;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_bindport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 6;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_clntport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 2;
conv_info->clnt_port = tvb_get_ntohs( tvb, offset);
if ( tree){
proto_tree_add_item( tree, hf_msproxy_boundport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 82;
display_application_name( tvb, offset, tree);
offset += 134;
proto_tree_add_text( tree, tvb, offset, 7, "NTLMSSP signature: %.7s",
- tvb_get_ptr( tvb, offset, 7));
+ tvb_get_ephemeral_string( tvb, offset, 7));
offset += 7;
}
}
offset += 6;
proto_tree_add_item( tree, hf_msproxy_bind_id, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 16;
proto_tree_add_item( tree, hf_msproxy_boundport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 96;
display_application_name( tvb, offset, tree);
if ( tree)
proto_tree_add_item( tree, hf_msproxy_dstport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
conv_info->dst_port = tvb_get_ntohs( tvb, offset);
offset += 2;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_dstaddr, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
- tvb_memcpy( tvb, (guint8 *)&conv_info->dst_addr, offset, sizeof( guint32));
+ conv_info->dst_addr = tvb_get_ipv4( tvb, offset);
offset += 12;
offset += 6;
proto_tree_add_item( tree, hf_msproxy_bind_id, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 14;
proto_tree_add_item( tree, hf_msproxy_dstport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item( tree, hf_msproxy_dstaddr, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 12;
proto_tree_add_item( tree, hf_msproxy_server_int_port, tvb,
- offset, 2, FALSE);
+ offset, 2, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item( tree, hf_msproxy_server_ext_port, tvb,
- offset, 2, FALSE);
+ offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item( tree, hf_msproxy_server_ext_addr, tvb,
- offset, 4, FALSE);
+ offset, 4, ENC_BIG_ENDIAN);
offset += 78;
display_application_name( tvb, offset, tree);
if ( tree){
ti = proto_tree_add_text(tree, tvb, offset, length + 1,
"Host Name: %.*s", length,
- tvb_get_ptr( tvb, offset + 18, length));
+ tvb_get_ephemeral_string( tvb, offset + 18, length));
name_tree = proto_item_add_subtree(ti, ett_msproxy_name);
offset += 17;
proto_tree_add_text( name_tree, tvb, offset, length, "String: %s",
- tvb_get_ptr( tvb, offset, length));
+ tvb_get_ephemeral_string( tvb, offset, length));
}
}
if ( tree)
proto_tree_add_item( tree, hf_msproxy_bind_id, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 12;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_dstport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 2;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_dstaddr, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 96;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_clntport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
conv_info->clnt_port = tvb_get_ntohs( tvb, offset);
offset += 8;
proto_tree_add_text( tree, tvb, offset, 4, "RWSP signature: %.4s",
- tvb_get_ptr( tvb, offset, 4));
+ tvb_get_ephemeral_string( tvb, offset, 4));
offset += 12;
}
else /* no tree */
if ( tree) {
proto_tree_add_item( tree, hf_msproxy_serverport, tvb, offset, 2,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item( tree, hf_msproxy_serveraddr, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 4;
}
}
if ( tree) {
proto_tree_add_item( tree, hf_msproxy_bind_id, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 14;
proto_tree_add_item( tree, hf_msproxy_server_ext_port, tvb,
- offset, 2, FALSE);
+ offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item( tree, hf_msproxy_server_ext_addr, tvb,
- offset, 4, FALSE);
+ offset, 4, ENC_BIG_ENDIAN);
offset += 96;
display_application_name( tvb, offset, tree);
offset += 134;
if ( tree) {
proto_tree_add_text( tree, tvb, offset, 7, "NTLMSSP signature: %.7s",
- tvb_get_ptr( tvb, offset, 7));
+ tvb_get_ephemeral_string( tvb, offset, 7));
offset += 48;
/* XXX - always 255? */
proto_tree_add_text( tree, tvb, offset, 255, "NT domain: %.255s",
- tvb_get_ptr( tvb, offset, 255));
+ tvb_get_ephemeral_string( tvb, offset, 255));
}
}
if ( tree)
proto_tree_add_item( tree, hf_msproxy_server_int_port, tvb,
- offset, 2, FALSE);
+ offset, 2, ENC_BIG_ENDIAN);
conv_info->proto = PT_TCP;
if ( tree){
proto_tree_add_item( tree, hf_msproxy_server_int_addr, tvb,
- offset, 4, FALSE);
+ offset, 4, ENC_BIG_ENDIAN);
offset += 14;
proto_tree_add_item( tree, hf_msproxy_server_ext_port, tvb,
- offset, 2, FALSE);
+ offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item( tree, hf_msproxy_server_ext_addr, tvb,
- offset, 4, FALSE);
+ offset, 4, ENC_BIG_ENDIAN);
offset += 80;
display_application_name( tvb, offset, tree);
offset += 6;
proto_tree_add_item( tree, hf_msproxy_bind_id, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 16;
proto_tree_add_uint( tree, hf_msproxy_server_int_port, tvb,
offset += 6;
proto_tree_add_item( tree, hf_msproxy_server_ext_port, tvb,
- offset, 2, FALSE);
+ offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item( tree, hf_msproxy_server_ext_addr, tvb,
- offset, 4, FALSE);
+ offset, 4, ENC_BIG_ENDIAN);
offset += 88;
if ( tree)
proto_tree_add_item( tree, hf_msproxy_bind_id, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 14;
conv_info->dst_port);
offset += 2;
- tvb_memcpy( tvb, (guint8 *)&conv_info->dst_addr, offset, sizeof( guint32));
+ conv_info->dst_addr = tvb_get_ipv4( tvb, offset);
if ( tree)
proto_tree_add_item( tree, hf_msproxy_dstaddr, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
offset += 12;
conv_info->server_int_port = tvb_get_ntohs( tvb, offset);
if ( tree) {
proto_tree_add_item( tree, hf_msproxy_server_ext_port, tvb,
- offset, 2, FALSE);
+ offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item( tree, hf_msproxy_server_ext_addr, tvb,
- offset, 4, FALSE);
+ offset, 4, ENC_BIG_ENDIAN);
offset += 78;
display_application_name( tvb, offset, tree);
offset += addr_offset;
proto_tree_add_item( tree, hf_msproxy_resolvaddr, tvb, offset, 4,
- FALSE);
+ ENC_BIG_ENDIAN);
}
}
offset += 8;
proto_tree_add_text( tree, tvb, offset, 4, "RWSP signature: %.4s",
- tvb_get_ptr( tvb, offset, 4));
+ tvb_get_ephemeral_string( tvb, offset, 4));
offset += 12;
}
hash_entry_t *hash_info;
conversation_t *conversation;
- if (check_col(pinfo->cinfo, COL_PROTOCOL))
- col_set_str(pinfo->cinfo, COL_PROTOCOL, "MSproxy");
- if (check_col(pinfo->cinfo, COL_INFO))
- col_clear(pinfo->cinfo, COL_INFO);
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "MSproxy");
+ col_clear(pinfo->cinfo, COL_INFO);
- conversation = find_conversation( pinfo->fd->num, &pinfo->src, &pinfo->dst,
- pinfo->ptype, pinfo->srcport, pinfo->destport, 0);
+ conversation = find_or_create_conversation(pinfo);
- if ( !conversation) {
- conversation = conversation_new( pinfo->fd->num, &pinfo->src, &pinfo->dst,
- pinfo->ptype, pinfo->srcport, pinfo->destport, 0);
- }
hash_info = conversation_get_proto_data(conversation, proto_msproxy);
if ( !hash_info) {
- hash_info = g_mem_chunk_alloc(vals);
+ hash_info = se_alloc(sizeof(hash_entry_t));
conversation_add_proto_data(conversation, proto_msproxy,
hash_info);
}
if (tree) { /* if proto tree, decode data */
ti = proto_tree_add_item( tree, proto_msproxy, tvb, 0, -1,
- FALSE );
+ ENC_NA );
msproxy_tree = proto_item_add_subtree(ti, ett_msproxy);
}
static void msproxy_reinit( void){
/* Do the cleanup work when a new pass through the packet list is */
-/* performed. Reset the highest row seen counter and re-initialize the */
-/* conversation memory chunks. */
+/* performed. Reset the highest row seen counter */
last_row = 0;
-
- if (vals)
- g_mem_chunk_destroy(vals);
-
- vals = g_mem_chunk_new("msproxy_vals", hash_val_length,
- hash_init_count * hash_val_length,
- G_ALLOC_AND_FREE);
-
- if (redirect_vals)
- g_mem_chunk_destroy(redirect_vals);
-
- redirect_vals = g_mem_chunk_new("msproxy_redirect_vals", redirect_val_length,
- redirect_init_count * redirect_val_length,
- G_ALLOC_AND_FREE);
}
{ &hf_msproxy_cmd,
{ "Command", "msproxy.command", FT_UINT16, BASE_DEC,
- NULL, 0x0, "", HFILL
+ NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_dstaddr,
{ "Destination Address", "msproxy.dstaddr", FT_IPv4, BASE_NONE, NULL,
- 0x0, "", HFILL
+ 0x0, NULL, HFILL
}
},
{ &hf_msproxy_srcport,
{ "Source Port", "msproxy.srcport", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_dstport,
{ "Destination Port", "msproxy.dstport", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_clntport,
{ "Client Port", "msproxy.clntport", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_server_ext_addr,
{ "Server External Address", "msproxy.server_ext_addr", FT_IPv4, BASE_NONE, NULL,
- 0x0, "", HFILL
+ 0x0, NULL, HFILL
}
},
{ &hf_msproxy_server_ext_port,
{ "Server External Port", "msproxy.server_ext_port", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_server_int_addr,
{ "Server Internal Address", "msproxy.server_int_addr", FT_IPv4, BASE_NONE, NULL,
- 0x0, "", HFILL
+ 0x0, NULL, HFILL
}
},
{ &hf_msproxy_server_int_port,
{ "Server Internal Port", "msproxy.server_int_port", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_serverport,
{ "Server Port", "msproxy.serverport", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_bindport,
{ "Bind Port", "msproxy.bindport", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_boundport,
{ "Bound Port", "msproxy.boundport", FT_UINT16,
- BASE_DEC, NULL, 0x0, "", HFILL
+ BASE_DEC, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_serveraddr,
{ "Server Address", "msproxy.serveraddr", FT_IPv4, BASE_NONE, NULL,
- 0x0, "", HFILL
+ 0x0, NULL, HFILL
}
},
{ &hf_msproxy_bindaddr,
{ "Destination", "msproxy.bindaddr", FT_IPv4, BASE_NONE, NULL,
- 0x0, "", HFILL
+ 0x0, NULL, HFILL
}
},
{ &hf_msproxy_bind_id,
{ "Bound Port Id", "msproxy.bindid", FT_UINT32,
- BASE_HEX, NULL, 0x0, "", HFILL
+ BASE_HEX, NULL, 0x0, NULL, HFILL
}
},
{ &hf_msproxy_resolvaddr,
{ "Address", "msproxy.resolvaddr", FT_IPv4, BASE_NONE, NULL,
- 0x0, "", HFILL
+ 0x0, NULL, HFILL
}
}
msproxy_handle = create_dissector_handle(dissect_msproxy,
proto_msproxy);
- dissector_add("udp.port", UDP_PORT_MSPROXY, msproxy_handle);
+ dissector_add_uint("udp.port", UDP_PORT_MSPROXY, msproxy_handle);
}