AppleTalk support
}
+Joerg Mayer <jmayer@telemation.de> {
+ Banyan Vines support
+}
+
Alain Magloire <alainm@rcsm.ece.mcgill.ca> was kind enough to
give his permission to use his version of snprintf.c.
+Overview of changes in Ethereal 0.5.1:
+* Updated Vines support (Joerg Mayer)
+* Bitfield decoding (Guy)
+* GTK+ 1.1/1.2 support (Gilbert, Gerald)
+* Make TCP info more verbose (Gerald)
+* Fix resize problems w/main window (Gerald)
+
+Overview of changes in Ethereal 0.5.0:
+* Initial release of wiretap library (Gilbert)
+* Sun C compiler fixes (Laurent)
+* Enhanced PPP support (Guy)
+* OMG CORBA GIOP/IIOP support (Laurent)
+* Configurable columns (Gerald)
+* Lots of other fixes and enhancements
+
Overview of changes in Ethereal 0.4.1:
* Copious amount of fixes (Guy)
* Minor fixes to the filter prefs dialog (Gerald)
/* capture.c
* Routines for packet capture windows
*
- * $Id: capture.c,v 1.15 1998/12/22 07:07:08 gram Exp $
+ * $Id: capture.c,v 1.16 1998/12/29 04:05:32 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <time.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <net/if.h>
/* column.c
* Routines for handling column preferences
*
- * $Id: column.c,v 1.6 1998/12/22 07:07:09 gram Exp $
+ * $Id: column.c,v 1.7 1998/12/29 04:05:33 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
string */
static gchar *
col_format_to_string(gint fmt) {
- gchar *slist[] = { "%m", "%t", "%t", "%t", "%s", "%rs", "%us", "%hs",
- "%rhs", "%uhs", "%ns", "%rns", "%uns", "%d", "%rd",
- "%ud", "%hd", "%rhd", "%uhd", "%nd", "%rnd", "%und",
- "%S", "%rS", "%uS", "%D", "%rD", "%uD", "%p", "%i" };
+ gchar *slist[] = { "%m", "%t", "%Rt", "%At", "%Tt", "%s", "%rs", "%us",
+ "%hs", "%rhs", "%uhs", "%ns", "%rns", "%uns", "%d",
+ "%rd", "%ud", "%hd", "%rhd", "%uhd", "%nd", "%rnd",
+ "%und", "%S", "%rS", "%uS", "%D", "%rD", "%uD", "%p",
+ "%i" };
if (fmt < 0 || fmt > NUM_COL_FMTS)
return NULL;
description */
static gchar *
col_format_desc(gint fmt) {
- gchar *dlist[] = { "Number", "Relative time", "Absolute time",
+ gchar *dlist[] = { "Number", "Time", "Relative time", "Absolute time",
"Delta time", "Source address", "Src addr (resolved)",
"Src addr (unresolved)", "Hardware src addr",
"Hw src addr (resolved)", "Hw src addr (unresolved)",
fmt_list[i] = TRUE;
/* Get any formats lower down on the chain */
switch (format) {
+ case COL_CLS_TIME:
+ switch (timestamp_type) {
+ case ABSOLUTE:
+ fmt_list[COL_ABS_TIME] = TRUE;
+ break;
+ case DELTA:
+ fmt_list[COL_DELTA_TIME] = TRUE;
+ break;
+ default:
+ fmt_list[COL_REL_TIME] = TRUE;
+ break;
+ }
+ break;
case COL_DEF_SRC:
fmt_list[COL_RES_DL_SRC] = TRUE;
fmt_list[COL_RES_NET_SRC] = TRUE;
case COL_NUMBER:
return (gdk_string_width(font, "0") * 7);
break;
+ case COL_CLS_TIME:
+ if (timestamp_type == COL_ABS_TIME)
+ return (gdk_string_width(font, "00:00:00.000000"));
+ else
+ return (gdk_string_width(font, "0000.000000"));
+ break;
case COL_ABS_TIME:
return (gdk_string_width(font, "00:00:00.000000"));
break;
break;
}
}
-
+
+#define TIME_DEF 0
+#define TIME_REL 1
+#define TIME_ABS 2
+#define TIME_DEL 3
+
#define RES_DEF 0
#define RES_DO 1
#define RES_DONT 2
static gint
get_column_format_from_str(gchar *str) {
gchar *cptr = str;
- gint res_off = RES_DEF, addr_off = ADDR_DEF;
+ gint res_off = RES_DEF, addr_off = ADDR_DEF, time_off = TIME_DEF;
/* To do: Make this parse %-formatted strings "for real" */
while (*cptr != '\0') {
switch (*cptr) {
case 't': /* To do: fix for absolute and delta */
- return COL_REL_TIME;
+ return COL_CLS_TIME + time_off;
break;
case 'm':
return COL_NUMBER;
case 'n':
addr_off = ADDR_NET;
break;
+ case 'R':
+ time_off = TIME_REL;
+ break;
+ case 'A':
+ time_off = TIME_ABS;
+ break;
+ case 'T':
+ time_off = TIME_DEL;
+ break;
}
cptr++;
}
PACKAGE=ethereal
-VERSION=0.5.0
+VERSION=0.5.1
if test "`cd $srcdir && pwd`" != "`pwd`" && test -f $srcdir/config.status; then
{ echo "configure: error: source directory already configured; run "make distclean" there first" 1>&2; exit 1; }
-# $Id: configure.in,v 1.17 1998/11/18 04:02:17 gerald Exp $
+# $Id: configure.in,v 1.18 1998/12/29 04:05:34 gerald Exp $
dnl Process this file with autoconf to produce a configure script.
AC_INIT(etypes.h)
-AM_INIT_AUTOMAKE(ethereal, 0.5.0)
+AM_INIT_AUTOMAKE(ethereal, 0.5.1)
dnl Check for CPU / vendor / OS
AC_CANONICAL_HOST
=item -t
Sets the format of the packet timestamp displayed in the packet list
-window.
+window. The format can be one of 'r' (relative), 'a' (absolute), or 'd'
+(delta). The relative time is the time elapsed between the first packet
+and the current packet. The absolute time is the actual date and time the
+packet was captured. The delta time is the time since the previous packet
+was captured. The default is relative.
=item -v
to. Additinally, you can select the I<File:> button to browse the file
system for a particular save file.
-=item Filters
+=item Filter Preferences
The I<Filters> page lets you create and modify filters, and set the
default filter to use when capturing data or opening a capture file.
actually describes the filtering action to take, as described above.The
dialog buttons perform the following actions:
-=over 8
+=over 6
=item New
=back
+=item Column Preferences
+
+The I<Columns> page lets you specify the number, title, and format
+of each column in the packet list.
+
+The I<Column title> entry is used to specify the title of the column
+displayed at the top of the packet list. The type of data that the column
+displays can be specified using the I<Column format> option menu. The row
+of buttons on the left perform the following actions:
+
+=over 6
+
+=item New
+
+Adds a new column to the list.
+
+=item Change
+
+Modifies the currently selected list item.
+
+=item Delete
+
+Deletes the currently selected list item.
+
+=item Up / Down
+
+Moves the selected list item up or down one position.
+
+=item OK
+
+Currently has no effect.
+
+=item Save
+
+Saves the current column format as the default.
+
+=item Cancel
+
+Closes the dialog without making any changes.
+
+=back
+
=back
=item Capture Preferences
.rn '' }`
-''' $RCSfile: ethereal.1,v $$Revision: 1.4 $$Date: 1998/10/13 02:10:53 $
+''' $RCSfile: ethereal.1,v $$Revision: 1.5 $$Date: 1998/12/29 04:05:34 $
'''
''' $Log: ethereal.1,v $
-''' Revision 1.4 1998/10/13 02:10:53 gerald
-''' * Pod page update
-''' * Minor tweaks to the filter prefs
+''' Revision 1.5 1998/12/29 04:05:34 gerald
+''' * Added Joerg Mayer's Vines patch
+''' * Added Joerg to the AUTHORS file
+''' * Added Guy's bitfield decode patch
+''' * Fixed time output
'''
'''
.de Sh
.nr % 0
.rr F
.\}
-.TH ETHEREAL 1 "0.4.0" "12/Oct/98" "The Ethereal Network Analyzer"
+.TH ETHEREAL 1 "0.5.0" "18/Nov/98" "The Ethereal Network Analyzer"
.UC
.if n .hy 0
.if n .na
.Ip "File:Print Packet" 4
Print a description of each protocol header found in the packet, followed
by the packet data itself. Printing options can be set with the
-\fIEdit:Menu Options\fR menu item.
+\fIEdit:Preferences\fR menu item.
.Ip "File:Quit" 4
Exits the application.
.Ip "Edit:Preferences" 4
\fIFile:\fR entry box lets you enter the name of the file you wish to save
to. Additinally, you can select the \fIFile:\fR button to browse the file
system for a particular save file.
-.Ip "Filters" 10
+.Ip "Filter Preferences" 10
The \fIFilters\fR page lets you create and modify filters, and set the
default filter to use when capturing data or opening a capture file.
.Sp
\fBWeb and \s-1DNS\s0 traffic\fR. The \fIFilter string\fR entry is the text that
actually describes the filtering action to take, as described above.The
dialog buttons perform the following actions:
-.Ip "New" 18
+.Ip "New" 16
If there is text in the two entry boxes, it creates a new associated list
item.
-.Ip "Change" 18
+.Ip "Change" 16
Modifies the currently selected list item to match what's in the entry
boxes.
-.Ip "Copy" 18
+.Ip "Copy" 16
Makes a copy of the currently selected list item.
-.Ip "Delete" 18
+.Ip "Delete" 16
Deletes the currently selected list item.
-.Ip "\s-1OK\s0" 18
+.Ip "\s-1OK\s0" 16
Sets the currently selected list item as the active filter. If nothing
is selected, turns filtering off.
-.Ip "Save" 18
+.Ip "Save" 16
Saves the current filter list in \fI$\s-1HOME\s0/.ethereal/filters\fR.
-.Ip "Cancel" 18
+.Ip "Cancel" 16
+Closes the dialog without making any changes.
+.Ip "Column Preferences" 10
+The \fIColumns\fR page lets you specify the number, title, and format
+of each column in the packet list.
+.Sp
+The \fIColumn title\fR entry is used to specify the title of the column
+displayed at the top of the packet list. The type of data that the column
+displays can be specified using the \fIColumn format\fR option menu. The row
+of buttons on the left perform the following actions:
+.Ip "New" 16
+Adds a new column to the list.
+.Ip "Change" 16
+Modifies the currently selected list item.
+.Ip "Delete" 16
+Deletes the currently selected list item.
+.Ip "Up / Down" 16
+Moves the selected list item up or down one position.
+.Ip "\s-1OK\s0" 16
+Currently has no effect.
+.Ip "Save" 16
+Saves the current column format as the default.
+.Ip "Cancel" 16
Closes the dialog without making any changes.
.Ip "Capture Preferences" 4
The \fICapture Preferences\fR dialog lets you specify various parameters for
.IX Item "Printing Preferences"
-.IX Item "Filters"
+.IX Item "Filter Preferences"
.IX Item "New"
.IX Item "Cancel"
+.IX Item "Column Preferences"
+
+.IX Item "New"
+
+.IX Item "Change"
+
+.IX Item "Delete"
+
+.IX Item "Up / Down"
+
+.IX Item "\s-1OK\s0"
+
+.IX Item "Save"
+
+.IX Item "Cancel"
+
.IX Item "Capture Preferences"
.IX Header "SEE ALSO"
/* ethereal.c
*
- * $Id: ethereal.c,v 1.18 1998/12/27 20:47:53 gerald Exp $
+ * $Id: ethereal.c,v 1.19 1998/12/29 04:05:34 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
ts_type timestamp_type = RELATIVE;
+GtkStyle *item_style;
+
#define E_DFILTER_TE_KEY "display_filter_te"
/* About Ethereal window */
"Laurent Deniel <deniel@worldnet.fr>\n"
"Don Lafontaine <lafont02@cn.ca>\n"
"Guy Harris <guy@netapp.com>\n"
- "Simon Wilkinson <sxw@dcs.ed.ac.uk>\n\n"
+ "Simon Wilkinson <sxw@dcs.ed.ac.uk>\n"
+ "Joerg Mayer <jmayer@telemation.de>\n\n"
"See http://ethereal.zing.org for more information",
VERSION, comp_info_str);
}
fd = (frame_data *) l->data;
fseek(cf.fh, fd->file_off, SEEK_SET);
fread(cf.pd, sizeof(guint8), fd->cap_len, cf.fh);
- dissect_packet(cf.pd, 0, 0, fd, GTK_TREE(tree_view));
+ dissect_packet(cf.pd, fd, GTK_TREE(tree_view));
packet_hex_print(GTK_TEXT(byte_view), cf.pd, fd->cap_len, -1, -1);
}
gtk_text_thaw(GTK_TEXT(byte_view));
cf.cinfo.col_data = (gchar **) g_malloc(sizeof(gchar *) *
cf.cinfo.num_cols);
- col_fmt = (gint *) g_malloc(sizeof(gint) * cf.cinfo.num_cols);
- col_title = (gchar **) g_malloc(sizeof(gchar *) * cf.cinfo.num_cols);
-
- for (i = 0; i < cf.cinfo.num_cols; i++) {
- col_fmt[i] = get_column_format(i);
- col_title[i] = g_strdup(get_column_title(i));
- cf.cinfo.fmt_matx[i] = (gboolean *) g_malloc0(sizeof(gboolean) *
- NUM_COL_FMTS);
- get_column_format_matches(cf.cinfo.fmt_matx[i], col_fmt[i]);
- cf.cinfo.col_data[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
- }
-
/* Assemble the compile-time options */
snprintf(comp_info_str, 256,
#ifdef GTK_MAJOR_VERSION
break;
}
}
+
+ /* Build the column format array */
+ col_fmt = (gint *) g_malloc(sizeof(gint) * cf.cinfo.num_cols);
+ col_title = (gchar **) g_malloc(sizeof(gchar *) * cf.cinfo.num_cols);
+ for (i = 0; i < cf.cinfo.num_cols; i++) {
+ col_fmt[i] = get_column_format(i);
+ col_title[i] = g_strdup(get_column_title(i));
+ cf.cinfo.fmt_matx[i] = (gboolean *) g_malloc0(sizeof(gboolean) *
+ NUM_COL_FMTS);
+ get_column_format_matches(cf.cinfo.fmt_matx[i], col_fmt[i]);
+ cf.cinfo.col_data[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
+ }
+
if (cf.snap < 1)
cf.snap = 4096;
else if (cf.snap < 68)
GTK_SIGNAL_FUNC(tree_view_cb), NULL);
gtk_widget_show(tree_view);
+ item_style = gtk_style_new();
+ gdk_font_unref(item_style->font);
+ item_style->font = m_r_font;
+
/* Byte view */
bv_table = gtk_table_new (2, 2, FALSE);
gtk_paned_add2(GTK_PANED(l_pane), bv_table);
/* ethereal.h
* Global defines, etc.
*
- * $Id: ethereal.h,v 1.9 1998/12/17 05:42:22 gram Exp $
+ * $Id: ethereal.h,v 1.10 1998/12/29 04:05:35 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
*/
enum {
COL_NUMBER, /* Packet list item number */
- COL_REL_TIME, /* Relative time (default) */
+ COL_CLS_TIME, /* Command line-specified time (default relative) */
+ COL_REL_TIME, /* Relative time */
COL_ABS_TIME, /* Absolute time */
COL_DELTA_TIME, /* Delta time */
COL_DEF_SRC, /* Source address */
extern ts_type timestamp_type;
+extern GtkStyle *item_style;
+
void about_ethereal( GtkWidget *, gpointer);
void file_sel_ok_cb(GtkWidget *, GtkFileSelection *);
void blank_packetinfo();
/* file.c
* File I/O routines
*
- * $Id: file.c,v 1.14 1998/12/17 05:42:23 gram Exp $
+ * $Id: file.c,v 1.15 1998/12/29 04:05:35 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
extern GtkWidget *packet_list, *prog_bar, *info_bar, *byte_view, *tree_view;
extern guint file_ctx;
-static guint32 ssec, susec;
+static guint32 firstsec, firstusec;
static guint32 lastsec, lastusec;
#ifdef WITH_WIRETAP
} else {
cf->plist = g_list_first(cf->plist);
}
- ssec = 0, susec = 0;
+ firstsec = 0, firstusec = 0;
lastsec = 0, lastusec = 0;
#ifndef WITH_WIRETAP
cf->snap = pcap_snapshot(cf->pfh);
cf->lnk_t = pcap_datalink(cf->pfh);
} else if (ntohl(magic[0]) == SNOOP_MAGIC_1 && ntohl(magic[1]) == SNOOP_MAGIC_2) {
- /* Snoop file */
simple_dialog(ESD_TYPE_WARN, NULL, "The snoop format is not yet supported.");
return 1;
- /*
- fread(&sfh, sizeof(snoop_file_hdr), 1, cf->fh);
- cf->cd_t = CD_SNOOP;
- cf->vers = ntohl(sfh.vers);
- if (cf->vers < SNOOP_MIN_VERSION || cf->vers > SNOOP_MAX_VERSION) {
- g_warning("ethereal:open_cap_file:%s:bad snoop file version(%d)",
- fname, cf->vers);
- return 1;
- }
- switch (ntohl(sfh.s_lnk_t)) {
- case 4:
- cf->lnk_t = DLT_EN10MB;
- break;
- }
- */
}
if (cf->cd_t == CD_UNKNOWN) {
frame_data *fdata;
gint i, row;
capture_file *cf = (capture_file *) user;
- guint32 tssecs, tsusecs;
while (gtk_events_pending())
gtk_main_iteration();
#else
fdata->file_off = ftell(cf->fh) - phdr->caplen;
#endif
- fdata->secs = phdr->ts.tv_sec;
- fdata->usecs = phdr->ts.tv_usec;
+ fdata->abs_secs = phdr->ts.tv_sec;
+ fdata->abs_usecs = phdr->ts.tv_usec;
/* If we don't have the time stamp of the first packet, it's because this
is the first packet. Save the time stamp of this packet as the time
stamp of the first packet. */
- if (!ssec && !susec) {
- ssec = fdata->secs;
- susec = fdata->usecs;
+ if (!firstsec && !firstusec) {
+ firstsec = fdata->abs_secs;
+ firstusec = fdata->abs_usecs;
}
/* Do the same for the time stamp of the previous packet. */
if (!lastsec && !lastusec) {
- lastsec = fdata->secs;
- lastusec = fdata->usecs;
+ lastsec = fdata->abs_secs;
+ lastusec = fdata->abs_usecs;
}
/* Get the time elapsed between the first packet and this packet. */
- cf->esec = fdata->secs - ssec;
- if (susec <= fdata->usecs) {
- cf->eusec = fdata->usecs - susec;
+ cf->esec = fdata->abs_secs - firstsec;
+ if (firstusec <= fdata->abs_usecs) {
+ cf->eusec = fdata->abs_usecs - firstusec;
} else {
- cf->eusec = (fdata->usecs + 1000000) - susec;
+ cf->eusec = (fdata->abs_usecs + 1000000) - firstusec;
cf->esec--;
}
-
- /* Compute the time stamp. */
- switch (timestamp_type) {
- case RELATIVE: /* Relative to the first packet */
- tssecs = cf->esec;
- tsusecs = cf->eusec;
- break;
- case DELTA: /* Relative to the previous packet */
- tssecs = fdata->secs - lastsec;
- if (lastusec <= fdata->usecs) {
- tsusecs = fdata->usecs - lastusec;
- } else {
- tsusecs = (fdata->usecs + 1000000) - lastusec;
- tssecs--;
- }
- break;
- default: /* Absolute time, or bogus timestamp_type value */
- tssecs = 0; /* Not used */
- tsusecs = 0;
- break;
+ fdata->rel_secs = cf->esec;
+ fdata->rel_usecs = cf->eusec;
+
+ /* Do the same for the previous packet */
+ fdata->del_secs = fdata->abs_secs - lastsec;
+ if (lastusec <= fdata->abs_usecs) {
+ fdata->del_usecs = fdata->abs_usecs - lastusec;
+ } else {
+ fdata->del_usecs = (fdata->abs_usecs + 1000000) - lastusec;
+ fdata->del_secs--;
}
+ lastsec = fdata->abs_secs;
+ lastusec = fdata->abs_usecs;
+
fdata->cinfo = &cf->cinfo;
for (i = 0; i < fdata->cinfo->num_cols; i++) {
fdata->cinfo->col_data[i][0] = '\0';
}
if (check_col(fdata, COL_NUMBER))
col_add_fstr(fdata, COL_NUMBER, "%d", cf->count);
- dissect_packet(buf, tssecs, tsusecs, fdata, NULL);
+ dissect_packet(buf, fdata, NULL);
row = gtk_clist_append(GTK_CLIST(packet_list), fdata->cinfo->col_data);
fdata->cinfo = NULL;
}
cf->plist = cf->plist->next;
}
-
-/* Uncomment when we handle snoop files again.
-
-size_t
-read_frame_header(capture_file *cf) {
- snoop_frame_hdr shdr;
- pcap_frame_hdr phdr;
- gint16 pkt_len, cap_len;
- guint32 secs, usecs;
- frame_data *fdata;
- size_t err;
-
- if ((cf->cd_t == CD_PCAP_BE) || (cf->cd_t == CD_PCAP_LE)) {
- err = fread((char *)&phdr, sizeof(pcap_frame_hdr), 1, cf->fh);
- if (!err) { return err; }
- fdata = (frame_data *) g_malloc(sizeof(frame_data));
- if (cf->swap) {
- pkt_len = SWAP32(phdr.pkt_len);
- cap_len = SWAP32(phdr.cap_len);
- secs = SWAP32(phdr.tm.tv_sec);
- usecs = SWAP32(phdr.tm.tv_usec);
- } else {
- pkt_len = phdr.pkt_len;
- cap_len = phdr.cap_len;
- secs = phdr.tm.tv_sec;
- usecs = phdr.tm.tv_usec;
- }
- } else if (cf->cd_t == CD_SNOOP) {
- err = fread(&shdr, sizeof(snoop_frame_hdr), 1, cf->fh);
- fdata = (frame_data *) g_malloc(sizeof(frame_data));
- if (!err) { return err; }
- pkt_len = ntohl(shdr.inc_len);
- cap_len = ntohl(shdr.pr_len) - 24;
- secs = ntohl(shdr.secs);
- usecs = ntohl(shdr.usecs);
- shdr.drops = ntohl(shdr.drops);
- if (!ssec && !susec) { ssec = secs; susec = usecs; }
- cf->drops = shdr.drops;
- cf->esec = secs - ssec;
- if (susec < shdr.usecs) {
- cf->eusec = usecs - susec;
- } else {
- cf->eusec = susec - usecs;
- cf->esec--;
- }
- }
- cf->cur = fdata;
- fdata->pkt_len = pkt_len;
- fdata->cap_len = cap_len;
- fdata->secs = secs;
- fdata->usecs = usecs;
- g_list_append(cf->plist, (gpointer) fdata);
- if (!ssec && !susec) {
- ssec = secs;
- susec = usecs;
- }
- cf->esec = secs - ssec;
- if (susec < usecs) {
- cf->eusec = usecs - susec;
- } else {
- cf->eusec = susec - usecs;
- cf->esec--;
- }
- return err;
-}
-*/
/* packet-ip.c
* Routines for IP and miscellaneous IP protocol packet disassembly
*
- * $Id: packet-ip.c,v 1.12 1998/11/17 04:28:54 gerald Exp $
+ * $Id: packet-ip.c,v 1.13 1998/12/29 04:05:35 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
#include "packet.h"
#include "etypes.h"
#include "resolv.h"
+#include "util.h"
extern packet_info pi;
{IP_PROTO_UDP, "UDP" },
{IP_PROTO_OSPF, "OSPF"},
{0, NULL } };
-
+ static const value_string precedence_vals[] = {
+ { IPTOS_PREC_ROUTINE, "routine" },
+ { IPTOS_PREC_PRIORITY, "priority" },
+ { IPTOS_PREC_IMMEDIATE, "immediate" },
+ { IPTOS_PREC_FLASH, "flash" },
+ { IPTOS_PREC_FLASHOVERRIDE, "flash override" },
+ { IPTOS_PREC_CRITIC_ECP, "CRITIC/ECP" },
+ { IPTOS_PREC_INTERNETCONTROL, "internetwork control" },
+ { IPTOS_PREC_NETCONTROL, "network control" },
+ { 0, NULL } };
/* To do: check for runts, errs, etc. */
/* Avoids alignment problems on many architectures. */
add_subtree(ti, ip_tree, ETT_IP);
add_item_to_tree(ip_tree, offset, 1, "Version: %d", iph.ip_v);
add_item_to_tree(ip_tree, offset, 1, "Header length: %d bytes", hlen);
- add_item_to_tree(ip_tree, offset + 1, 1, "Type of service: 0x%02x (%s)",
+ tf = add_item_to_tree(ip_tree, offset + 1, 1, "Type of service: 0x%02x (%s)",
iph.ip_tos, tos_str);
+ field_tree = gtk_tree_new();
+ add_subtree(tf, field_tree, ETT_IP_TOS);
+ add_item_to_tree(field_tree, offset + 1, 1, "%s",
+ decode_enumerated_bitfield(iph.ip_tos, IPTOS_PREC_MASK,
+ sizeof (iph.ip_tos)*8, precedence_vals,
+ "%s precedence"));
+ add_item_to_tree(field_tree, offset + 1, 1, "%s",
+ decode_boolean_bitfield(iph.ip_tos, IPTOS_LOWDELAY,
+ sizeof (iph.ip_tos)*8, "low delay", "normal delay"));
+ add_item_to_tree(field_tree, offset + 1, 1, "%s",
+ decode_boolean_bitfield(iph.ip_tos, IPTOS_THROUGHPUT,
+ sizeof (iph.ip_tos)*8, "high throughput", "normal throughput"));
+ add_item_to_tree(field_tree, offset + 1, 1, "%s",
+ decode_boolean_bitfield(iph.ip_tos, IPTOS_RELIABILITY,
+ sizeof (iph.ip_tos)*8, "high reliability", "normal reliability"));
+ add_item_to_tree(field_tree, offset + 1, 1, "%s",
+ decode_boolean_bitfield(iph.ip_tos, IPTOS_LOWCOST,
+ sizeof (iph.ip_tos)*8, "low cost", "normal cost"));
add_item_to_tree(ip_tree, offset + 2, 2, "Total length: %d", iph.ip_len);
add_item_to_tree(ip_tree, offset + 4, 2, "Identification: 0x%04x",
iph.ip_id);
- /* To do: add flags */
+ tf = add_item_to_tree(ip_tree, offset + 6, 2, "Flags: 0x%x",
+ (iph.ip_off & (IP_DF|IP_MF)) >> 12);
+ field_tree = gtk_tree_new();
+ add_subtree(tf, field_tree, ETT_IP_OFF);
+ add_item_to_tree(field_tree, offset + 6, 2, "%s",
+ decode_boolean_bitfield(iph.ip_off >> 8, IP_DF >> 8, 8, "don't fragment",
+ "may fragment"));
+ add_item_to_tree(field_tree, offset + 6, 2, "%s",
+ decode_boolean_bitfield(iph.ip_off >> 8, IP_MF >> 8, 8, "more fragments",
+ "last fragment"));
add_item_to_tree(ip_tree, offset + 6, 2, "Fragment offset: %d",
iph.ip_off & IP_OFFSET);
add_item_to_tree(ip_tree, offset + 8, 1, "Time to live: %d",
/* packet-tcp.c
* Routines for TCP packet disassembly
*
- * $Id: packet-tcp.c,v 1.11 1998/12/21 03:58:00 gerald Exp $
+ * $Id: packet-tcp.c,v 1.12 1998/12/29 04:05:35 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
#include "packet.h"
#include "resolv.h"
#include "follow.h"
+#include "util.h"
extern FILE* data_out_file;
extern packet_info pi;
add_item_to_tree(tcp_tree, offset + 8, 4, "Acknowledgement number: %u",
th.th_ack);
add_item_to_tree(tcp_tree, offset + 12, 1, "Header length: %u bytes", hlen);
- add_item_to_tree(tcp_tree, offset + 13, 1, "Flags: %s", flags);
+ tf = add_item_to_tree(tcp_tree, offset + 13, 1, "Flags: 0x%x", th.th_flags);
+ field_tree = gtk_tree_new();
+ add_subtree(tf, field_tree, ETT_TCP_FLAGS);
+ add_item_to_tree(field_tree, offset + 13, 1, "%s",
+ decode_boolean_bitfield(th.th_flags, TH_URG, sizeof (th.th_flags)*8,
+ "Urgent pointer", "No urgent pointer"));
+ add_item_to_tree(field_tree, offset + 13, 1, "%s",
+ decode_boolean_bitfield(th.th_flags, TH_ACK, sizeof (th.th_flags)*8,
+ "Acknowledgment", "No acknowledgment"));
+ add_item_to_tree(field_tree, offset + 13, 1, "%s",
+ decode_boolean_bitfield(th.th_flags, TH_PUSH, sizeof (th.th_flags)*8,
+ "Push", "No push"));
+ add_item_to_tree(field_tree, offset + 13, 1, "%s",
+ decode_boolean_bitfield(th.th_flags, TH_RST, sizeof (th.th_flags)*8,
+ "Reset", "No reset"));
+ add_item_to_tree(field_tree, offset + 13, 1, "%s",
+ decode_boolean_bitfield(th.th_flags, TH_SYN, sizeof (th.th_flags)*8,
+ "Syn", "No Syn"));
+ add_item_to_tree(field_tree, offset + 13, 1, "%s",
+ decode_boolean_bitfield(th.th_flags, TH_FIN, sizeof (th.th_flags)*8,
+ "Fin", "No Fin"));
add_item_to_tree(tcp_tree, offset + 14, 2, "Window size: %u", th.th_win);
add_item_to_tree(tcp_tree, offset + 16, 2, "Checksum: 0x%04x", th.th_sum);
if (th.th_flags & TH_URG)
/* packet-udp.c
* Routines for UDP packet disassembly
*
- * $Id: packet-udp.c,v 1.10 1998/12/21 03:42:22 gerald Exp $
+ * $Id: packet-udp.c,v 1.11 1998/12/29 04:05:36 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
case UDP_PORT_IPX: /* RFC 1234 */
dissect_ipx(pd, offset, fd, tree);
break;
+ case UDP_PORT_VINES:
+ /* FIXME: AFAIK, src and dst port must be the same */
+ dissect_vines_frp(pd, offset, fd, tree);
+ break;
default:
dissect_data(pd, offset, fd, tree);
}
/* packet-vines.c
* Routines for Banyan VINES protocol packet disassembly
*
- * $Id: packet-vines.c,v 1.4 1998/11/17 04:29:08 gerald Exp $
+ * $Id: packet-vines.c,v 1.5 1998/12/29 04:05:36 gerald Exp $
*
* Don Lafontaine <lafont02@cn.ca>
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
* Copyright 1998 Gerald Combs
+ * Joerg Mayer <jmayer@telemation.de>
*
*
* This program is free software; you can redistribute it and/or
#include "etypes.h"
#include "packet-vines.h"
-#define VINES_VSPP 2
-#define VINES_DATA 1
+
+/* AFAIK Vines FRP (Fragmentation Protocol) is used on all media except Ethernet
+ * and TR (and probably FDDI) - Fragmentation on these media types is not possible
+ * FIXME: Do we need to use this header with PPP too?
+ */
+
+void
+dissect_vines_frp(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) {
+ guint8 vines_frp_ctrl, vines_frp_seqno;
+ GtkWidget *vines_frp_tree, *ti;
+ gchar frp_flags_str[32];
+
+ /* To do: Check for {cap len,pkt len} < struct len */
+ /* Avoids alignment problems on many architectures. */
+ vines_frp_ctrl = pd[offset];
+ vines_frp_seqno = pd[offset+1];
+
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "Vines FRP");
+ /*
+ * 1: first fragment of vines packet
+ * 2: last fragment of vines packet
+ * 4 ... 80: unused
+ */
+ switch (vines_frp_ctrl) {
+ case 0:
+ strcpy(frp_flags_str, "middle");
+ break;
+ case 1:
+ strcpy(frp_flags_str, "first");
+ break;
+ case 2:
+ strcpy(frp_flags_str, "last");
+ break;
+ case 3:
+ strcpy(frp_flags_str, "only");
+ break;
+ default:
+ strcpy(frp_flags_str, "please report: unknown");
+ break;
+ }
+
+ if (tree) {
+ ti = add_item_to_tree(GTK_WIDGET(tree), offset, 2,
+ "Vines Fragmentation Protocol");
+ vines_frp_tree = gtk_tree_new();
+ add_subtree(ti, vines_frp_tree, ETT_VINES_FRP);
+ add_item_to_tree(vines_frp_tree, offset, 1, "Control Flags: 0x%02x = %s fragment", vines_frp_ctrl, frp_flags_str);
+ add_item_to_tree(vines_frp_tree, offset + 1, 1, "Sequence Number: 0x%02x", vines_frp_seqno);
+ }
+
+ /* Skip over header */
+ offset += 2;
+
+ /* Decode the "real" Vines now */
+ dissect_vines(pd, offset, fd, tree);
+}
void
dissect_vines(const u_char *pd, int offset, frame_data *fd, GtkTree *tree)
{
- e_vip iph;
+ e_vip viph;
GtkWidget *vip_tree, *ti;
/* gchar tos_str[32]; */
+ int is_broadcast = 0;
+ int hops = 0;
/* To do: check for runts, errs, etc. */
/* Avoids alignment problems on many architectures. */
- memcpy(&iph, &pd[offset], sizeof(e_vip));
-
- iph.vip_sum = pntohs(&pd[offset]);
- iph.vip_len = pntohs(&pd[offset+2]);
- iph.vip_dnet = pntohl(&pd[offset+6]);
- iph.vip_snet = pntohl(&pd[offset+12]);
- iph.vip_dsub = pntohs(&pd[offset+10]);
- iph.vip_ssub = pntohs(&pd[offset+16]);
-
- switch (iph.vip_proto)
- {
- case VINES_VSPP:
- if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "Vines");
- if (check_col(fd, COL_INFO))
- col_add_fstr(fd, COL_INFO, "VSPP (%02x)", iph.vip_proto);
- break;
- case VINES_DATA:
- if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "Vines IP");
- if (check_col(fd, COL_INFO))
- col_add_fstr(fd, COL_INFO, "DATA (%02x)", iph.vip_proto);
- break;
- default:
- if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "Vines IP");
- if (check_col(fd, COL_INFO))
- col_add_fstr(fd, COL_INFO, "Unknown VIP protocol (%02x)", iph.vip_proto);
- }
+ memcpy(&viph, &pd[offset], sizeof(e_vip));
+
+ viph.vip_chksum = pntohs(&pd[offset]);
+ viph.vip_pktlen = pntohs(&pd[offset+2]);
+ viph.vip_dnet = pntohl(&pd[offset+6]);
+ viph.vip_snet = pntohl(&pd[offset+12]);
+ viph.vip_dsub = pntohs(&pd[offset+10]);
+ viph.vip_ssub = pntohs(&pd[offset+16]);
+
+ switch (viph.vip_proto) {
+ case VIP_PROTO_IPC:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "Vines IPC");
+ if (check_col(fd, COL_INFO))
+ col_add_fstr(fd, COL_INFO, "IPC (%02x)", viph.vip_proto);
+ break;
+ case VIP_PROTO_SPP:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "Vines SPP");
+ if (check_col(fd, COL_INFO))
+ col_add_fstr(fd, COL_INFO, "SPP (%02x)", viph.vip_proto);
+ break;
+ case VIP_PROTO_ARP:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "Vines ARP");
+ if (check_col(fd, COL_INFO))
+ col_add_fstr(fd, COL_INFO, "ARP (%02x)", viph.vip_proto);
+ break;
+ case VIP_PROTO_RTP:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "Vines RTP");
+ if (check_col(fd, COL_INFO))
+ col_add_fstr(fd, COL_INFO, "RTP (%02x)", viph.vip_proto);
+ break;
+ case VIP_PROTO_ICP:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "Vines ICP");
+ if (check_col(fd, COL_INFO))
+ col_add_fstr(fd, COL_INFO, "ICP (%02x)", viph.vip_proto);
+ break;
+ default:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "Vines IP");
+ if (check_col(fd, COL_INFO))
+ col_add_fstr(fd, COL_INFO, "Unknown VIP protocol (%02x)", viph.vip_proto);
+ }
if (check_col(fd, COL_RES_NET_SRC))
- col_add_fstr(fd, COL_RES_NET_SRC, "%08x.%04x", iph.vip_snet, iph.vip_ssub);
+ col_add_fstr(fd, COL_RES_NET_SRC, "%08x.%04x", viph.vip_snet, viph.vip_ssub);
if (check_col(fd, COL_RES_NET_DST))
- col_add_fstr(fd, COL_RES_NET_DST, "%08x.%04x", iph.vip_dnet, iph.vip_dsub);
+ col_add_fstr(fd, COL_RES_NET_DST, "%08x.%04x", viph.vip_dnet, viph.vip_dsub);
+
+ /* helpers to decode flags */
+ /* FIXME: Not used yet */
+ if ((viph.vip_dnet == 0xffffffff) && (viph.vip_dsub == 0xffff)) {
+ is_broadcast = 1;
+ }
+ hops = viph.vip_tctl & 0xf;
+
/*
- iph.ip_tos = IPTOS_TOS(iph.ip_tos);
- switch (iph.ip_tos)
+ viph.ip_tos = IPTOS_TOS(viph.ip_tos);
+ switch (viph.ip_tos)
{
case IPTOS_NONE:
strcpy(tos_str, "None");
*/
if (tree)
{
- ti = add_item_to_tree(GTK_WIDGET(tree), offset, (iph.vip_len),
+ ti = add_item_to_tree(GTK_WIDGET(tree), offset, (viph.vip_pktlen),
"Vines IP");
vip_tree = gtk_tree_new();
add_subtree(ti, vip_tree, ETT_VINES);
- add_item_to_tree(vip_tree, offset, 2, "Header checksum: 0x%04x", iph.vip_sum);
- add_item_to_tree(vip_tree, offset + 2, 2, "Header length: 0x%02x (%d)", iph.vip_len, iph.vip_len);
+ add_item_to_tree(vip_tree, offset, 2, "Packet checksum: 0x%04x", viph.vip_chksum);
+ add_item_to_tree(vip_tree, offset + 2, 2, "Packet length: 0x%04x (%d)", viph.vip_pktlen, viph.vip_pktlen);
add_item_to_tree(vip_tree, offset + 4, 1, "Transport control: 0x%02x",
- iph.vip_tos);
- add_item_to_tree(vip_tree, offset + 5, 1, "Protocol: 0x%02x", iph.vip_proto);
+ viph.vip_tctl);
+ add_item_to_tree(vip_tree, offset + 5, 1, "Protocol: 0x%02x", viph.vip_proto);
}
offset += 18;
- switch (iph.vip_proto)
+ switch (viph.vip_proto)
{
- case VINES_VSPP:
- dissect_vspp(pd, offset, fd, tree);
+ case VIP_PROTO_SPP:
+ dissect_vines_spp(pd, offset, fd, tree);
break;
}
}
#define VINES_VSPP_DATA 1
#define VINES_VSPP_ACK 5
-void dissect_vspp(const u_char *pd, int offset, frame_data *fd, GtkTree *tree)
+void dissect_vines_spp(const u_char *pd, int offset, frame_data *fd, GtkTree *tree)
{
- e_vspp iph;
+ e_vspp viph;
GtkWidget *vspp_tree, *ti;
-/* gchar tos_str[32];*/
/* To do: check for runts, errs, etc. */
/* Avoids alignment problems on many architectures. */
- memcpy(&iph, &pd[offset], sizeof(e_vspp));
+ memcpy(&viph, &pd[offset], sizeof(e_vspp));
- iph.vspp_sport = ntohs(iph.vspp_sport);
- iph.vspp_dport = ntohs(iph.vspp_dport);
- iph.vspp_lclid = ntohs(iph.vspp_lclid);
- iph.vspp_rmtid = ntohs(iph.vspp_rmtid);
+ viph.vspp_sport = ntohs(viph.vspp_sport);
+ viph.vspp_dport = ntohs(viph.vspp_dport);
+ viph.vspp_lclid = ntohs(viph.vspp_lclid);
+ viph.vspp_rmtid = ntohs(viph.vspp_rmtid);
- switch (iph.vspp_pkttype)
+ switch (viph.vspp_pkttype)
{
- case VINES_VSPP_DATA:
+ case VSPP_PKTTYPE_DATA:
if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "Vines");
- if (check_col(fd, COL_INFO))
- col_add_fstr(fd, COL_INFO, "VSPP Data Port=%04x(Transient) NS=%04x NR=%04x Window=%04x RID=%04x LID=%04x D=%04x S=%04x",
- iph.vspp_sport, iph.vspp_seq, iph.vspp_ack, iph.vspp_win, iph.vspp_rmtid,
- iph.vspp_lclid, iph.vspp_dport, iph.vspp_sport);
+ col_add_str(fd, COL_PROTOCOL, "VSPP Data");
break;
- case VINES_VSPP_ACK:
+ case VSPP_PKTTYPE_DISC:
if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "Vines");
- if (check_col(fd, COL_INFO))
- col_add_fstr(fd, COL_INFO, "VSPP Ack Port=%04x(Transient) NS=%04x NR=%04x Window=%04x RID=%04x LID=%04x",
- iph.vspp_sport, iph.vspp_seq, iph.vspp_ack, iph.vspp_win, iph.vspp_rmtid,
- iph.vspp_lclid);
-
- break;
+ col_add_str(fd, COL_PROTOCOL, "VSPP Disconnect");
+ break;
+ case VSPP_PKTTYPE_PROBE:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "VSPP Probe");
+ break;
+ case VSPP_PKTTYPE_ACK:
+ if (check_col(fd, COL_PROTOCOL))
+ col_add_str(fd, COL_PROTOCOL, "VSPP Ack");
+ break;
default:
if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "Vines IP");
- if (check_col(fd, COL_INFO))
- col_add_fstr(fd, COL_INFO, "Unknown VSPP packet type (%02x)", iph.vspp_pkttype);
+ col_add_str(fd, COL_PROTOCOL, "VSPP Unknown");
}
+ if (check_col(fd, COL_INFO))
+ col_add_fstr(fd, COL_INFO, "NS=%04x NR=%04x Window=%04x RID=%04x LID=%04x D=%04x S=%04x",
+ viph.vspp_seqno, viph.vspp_ack, viph.vspp_win, viph.vspp_rmtid,
+ viph.vspp_lclid, viph.vspp_dport, viph.vspp_sport);
/*
- iph.ip_tos = IPTOS_TOS(iph.ip_tos);
- switch (iph.ip_tos)
+ iph.ip_tos = IPTOS_TOS(iph.ip_tos);
+ switch (iph.ip_tos)
{
case IPTOS_NONE:
strcpy(tos_str, "None");
*/
if (tree)
{
- ti = add_item_to_tree(GTK_WIDGET(tree), offset, sizeof(iph),
+ ti = add_item_to_tree(GTK_WIDGET(tree), offset, sizeof(viph),
"Vines SPP");
vspp_tree = gtk_tree_new();
- add_subtree(ti, vspp_tree, ETT_VSPP);
- add_item_to_tree(vspp_tree, offset, 2, "Source port: 0x%04x", iph.vspp_sport);
- add_item_to_tree(vspp_tree, offset+2, 2, "Destination port: 0x%04x", iph.vspp_dport);
- add_item_to_tree(vspp_tree, offset+4, 1, "Packet type: 0x%02x", iph.vspp_pkttype);
- add_item_to_tree(vspp_tree, offset+5, 1, "Control: 0x%02x", iph.vspp_tos);
- add_item_to_tree(vspp_tree, offset+6, 2, "Local Connection ID: 0x%04x", iph.vspp_lclid);
- add_item_to_tree(vspp_tree, offset+8, 2, "Remote Connection ID: 0x%04x", iph.vspp_rmtid);
- add_item_to_tree(vspp_tree, offset+10, 2, "Sequence number: 0x%04x", iph.vspp_seq);
- add_item_to_tree(vspp_tree, offset+12, 2, "Ack number: 0x%04x", iph.vspp_ack);
- add_item_to_tree(vspp_tree, offset+14, 2, "Window: 0x%04x", iph.vspp_win);
+ add_subtree(ti, vspp_tree, ETT_VINES_SPP);
+ add_item_to_tree(vspp_tree, offset, 2, "Source port: 0x%04x", viph.vspp_sport);
+ add_item_to_tree(vspp_tree, offset+2, 2, "Destination port: 0x%04x", viph.vspp_dport);
+ add_item_to_tree(vspp_tree, offset+4, 1, "Packet type: 0x%02x", viph.vspp_pkttype);
+ add_item_to_tree(vspp_tree, offset+5, 1, "Control: 0x%02x", viph.vspp_control);
+ add_item_to_tree(vspp_tree, offset+6, 2, "Local Connection ID: 0x%04x", viph.vspp_lclid);
+ add_item_to_tree(vspp_tree, offset+8, 2, "Remote Connection ID: 0x%04x", viph.vspp_rmtid);
+ add_item_to_tree(vspp_tree, offset+10, 2, "Sequence number: 0x%04x", viph.vspp_seqno);
+ add_item_to_tree(vspp_tree, offset+12, 2, "Ack number: 0x%04x", viph.vspp_ack);
+ add_item_to_tree(vspp_tree, offset+14, 2, "Window: 0x%04x", viph.vspp_win);
}
}
/* packet-vines.h
* Definitions for packet disassembly structures and routines
*
- * $Id: packet-vines.h,v 1.1 1998/09/17 02:37:46 gerald Exp $
+ * $Id: packet-vines.h,v 1.2 1998/12/29 04:05:36 gerald Exp $
*
* Don Lafontaine <lafont02@cn.ca>
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
* Copyright 1998 Gerald Combs
+ * Joerg Mayer <jmayer@telemation.de>
*
*
* This program is free software; you can redistribute it and/or
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
+/* Information about VINES can be found in
+ *
+ * VINES Protocol Definition
+ * Order Number: DA254-00
+ * Banyan Systems incorporated
+ * February 1990
+ * Part Number: 092093-000
+ */
#ifndef __PACKETVINES_H__
#define __PACKETVINES_H__
/* VINES IP structs and definitions */
+enum {
+ VIP_PROTO_IPC = 1, /* Interprocess Communications Protocol (IPC) */
+ VIP_PROTO_SPP = 2, /* Sequenced Packet Protcol (SPP) */
+ VIP_PROTO_ARP = 4, /* Address Resolution Protocol (ARP) */
+ VIP_PROTO_RTP = 5, /* Routing Update Protocol (RTP) / SRTP (Sequenced RTP) */
+ VIP_PROTO_ICP = 6 /* Internet Control Protocol (ICP) */
+};
+
typedef struct _e_vip {
- guint16 vip_sum;
- guint16 vip_len;
- guint8 vip_tos;
- guint8 vip_proto; /* 2 = VSPP */
+ guint16 vip_chksum;
+ guint16 vip_pktlen;
+ guint8 vip_tctl; /* Transport Control */
+ guint8 vip_proto;
guint32 vip_dnet;
guint16 vip_dsub;
guint32 vip_snet;
guint16 vip_ssub;
-
} e_vip;
/* VINES SPP structs and definitions */
+enum {
+ VSPP_PKTTYPE_DATA = 1, /* User Data */
+ VSPP_PKTTYPE_DISC = 3, /* Diconnect Request */
+ VSPP_PKTTYPE_PROBE = 4, /* Probe (retransmit) */
+ VSPP_PKTTYPE_ACK = 5 /* Acknowledgement */
+};
+
typedef struct _e_vspp {
guint16 vspp_sport;
guint16 vspp_dport;
- guint8 vspp_pkttype; /* 5=ack 1=data */
- guint8 vspp_tos; /* Unused with type 5 packets */
- guint16 vspp_lclid;
- guint16 vspp_rmtid;
- guint16 vspp_seq;
- guint16 vspp_ack;
+ guint8 vspp_pkttype;
+ guint8 vspp_control;
+ guint16 vspp_lclid; /* Local Connection ID */
+ guint16 vspp_rmtid; /* Remote Connection ID */
+ guint16 vspp_seqno; /* Sequence Number */
+ guint16 vspp_ack; /* Acknowledgement Number */
guint16 vspp_win;
} e_vspp;
/* packet.c
* Routines for packet disassembly
*
- * $Id: packet.c,v 1.14 1998/12/21 03:39:27 gerald Exp $
+ * $Id: packet.c,v 1.15 1998/12/29 04:05:36 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
}
}
+static void
+set_item_style(GtkWidget *widget, gpointer dummy)
+{
+ gtk_widget_set_style(widget, item_style);
+}
+
GtkWidget *
add_item_to_tree(GtkWidget *tree, gint start, gint len,
gchar *format, ...) {
va_start(ap, format);
vsnprintf(label_str, 256, format, ap);
ti = gtk_tree_item_new_with_label(label_str);
+ gtk_container_foreach(GTK_CONTAINER(ti), set_item_style, NULL);
gtk_object_set_data(GTK_OBJECT(ti), E_TREEINFO_START_KEY, (gpointer) start);
gtk_object_set_data(GTK_OBJECT(ti), E_TREEINFO_LEN_KEY, (gpointer) len);
gtk_tree_append(GTK_TREE(tree), ti);
/* this routine checks the frame type from the cf structure */
void
-dissect_packet(const u_char *pd, guint32 ts_secs, guint32 ts_usecs,
- frame_data *fd, GtkTree *tree)
+dissect_packet(const u_char *pd, frame_data *fd, GtkTree *tree)
{
GtkWidget *fh_tree, *ti;
struct tm *tmp;
/* Put in frame header information. */
if (check_col(fd, COL_ABS_TIME)) {
- if (timestamp_type == ABSOLUTE) {
- then = fd->secs;
- tmp = localtime(&then);
- col_add_fstr(fd, COL_ABS_TIME, "%02d:%02d:%02d.%04ld",
- tmp->tm_hour,
- tmp->tm_min,
- tmp->tm_sec,
- (long)fd->usecs/100);
- }
- }
+ then = fd->abs_secs;
+ tmp = localtime(&then);
+ col_add_fstr(fd, COL_ABS_TIME, "%02d:%02d:%02d.%04ld",
+ tmp->tm_hour,
+ tmp->tm_min,
+ tmp->tm_sec,
+ (long)fd->abs_usecs/100);
+ }
if (check_col(fd, COL_REL_TIME)) {
- col_add_fstr(fd, COL_REL_TIME, "%d.%06d", ts_secs, ts_usecs);
+ col_add_fstr(fd, COL_REL_TIME, "%d.%06d", fd->rel_secs, fd->rel_usecs);
+ }
+ if (check_col(fd, COL_DELTA_TIME)) {
+ col_add_fstr(fd, COL_DELTA_TIME, "%d.%06d", fd->del_secs, fd->del_usecs);
}
if (tree) {
fh_tree = gtk_tree_new();
add_subtree(ti, fh_tree, ETT_FRAME);
- then = fd->secs;
+ then = fd->abs_secs;
tmp = localtime(&then);
add_item_to_tree(fh_tree, 0, 0,
"Frame arrived on %s %2d, %d %02d:%02d:%02d.%04ld",
tmp->tm_hour,
tmp->tm_min,
tmp->tm_sec,
- (long)fd->usecs/100);
+ (long)fd->abs_usecs/100);
add_item_to_tree(fh_tree, 0, 0, "Total frame length: %d bytes",
fd->pkt_len);
/* packet.h
* Definitions for packet disassembly structures and routines
*
- * $Id: packet.h,v 1.28 1998/12/19 00:12:23 hannes Exp $
+ * $Id: packet.h,v 1.29 1998/12/29 04:05:36 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
#define COL_MAX_LEN 256
typedef struct _frame_data {
- guint32 pkt_len; /* Packet length */
- guint32 cap_len; /* Amount actually captured */
- guint32 secs; /* Seconds */
- guint32 usecs; /* Microseconds */
- long file_off; /* File offset */
- column_info *cinfo; /* Column formatting information */
+ guint32 pkt_len; /* Packet length */
+ guint32 cap_len; /* Amount actually captured */
+ guint32 rel_secs; /* Relative seconds */
+ guint32 rel_usecs; /* Relative microseconds */
+ guint32 abs_secs; /* Absolute seconds */
+ guint32 abs_usecs; /* Absolute microseconds */
+ guint32 del_secs; /* Delta seconds */
+ guint32 del_usecs; /* Delta microseconds */
+ long file_off; /* File offset */
+ column_info *cinfo; /* Column formatting information */
} frame_data;
typedef struct _packet_info {
#define UDP_PORT_NBNS 137
#define UDP_PORT_NBDGM 138
#define UDP_PORT_RIP 520
+#define UDP_PORT_VINES 573
/* TCP Ports */
ETT_IP_OPTION_SEC,
ETT_IP_OPTION_ROUTE,
ETT_IP_OPTION_TIMESTAMP,
+ ETT_IP_TOS,
+ ETT_IP_OFF,
ETT_UDP,
ETT_TCP,
ETT_TCP_OPTIONS,
ETT_TCP_OPTION_SACK,
+ ETT_TCP_FLAGS,
ETT_ICMP,
ETT_IGMP,
ETT_IPX,
ETT_IPv6,
ETT_CLNP,
ETT_COTP,
+ ETT_VINES_FRP,
ETT_VINES,
- ETT_VSPP,
+ ETT_VINES_ARP,
+ ETT_VINES_ICP,
+ ETT_VINES_IPC,
+ ETT_VINES_RTP,
+ ETT_VINES_SPP,
ETT_IPXRIP,
ETT_IPXSAP,
ETT_IPXSAP_SERVER,
/* Routines in packet.c */
-void dissect_packet(const u_char *, guint32 ts_secs, guint32 ts_usecs,
- frame_data *, GtkTree *);
+void dissect_packet(const u_char *, frame_data *, GtkTree *);
void add_subtree(GtkWidget *, GtkWidget*, gint);
void expand_tree(GtkWidget *, gpointer);
void collapse_tree(GtkWidget *, gpointer);
void dissect_trmac(const u_char *, int, frame_data *, GtkTree *);
void dissect_udp(const u_char *, int, frame_data *, GtkTree *);
void dissect_vines(const u_char *, int, frame_data *, GtkTree *);
-void dissect_vspp(const u_char *, int, frame_data *, GtkTree *);
+void dissect_vines_arp(const u_char *, int, frame_data *, GtkTree *);
+void dissect_vines_frp(const u_char *, int, frame_data *, GtkTree *);
+void dissect_vines_icp(const u_char *, int, frame_data *, GtkTree *);
+void dissect_vines_ipc(const u_char *, int, frame_data *, GtkTree *);
+void dissect_vines_rtp(const u_char *, int, frame_data *, GtkTree *);
+void dissect_vines_spp(const u_char *, int, frame_data *, GtkTree *);
/* These functions are in ethertype.c */
gchar *ethertype_to_str(guint16 etype, const char *fmt);
/* prefs.c
* Routines for handling preferences
*
- * $Id: prefs.c,v 1.14 1998/12/22 07:07:11 gram Exp $
+ * $Id: prefs.c,v 1.15 1998/12/29 04:05:36 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
gtk_notebook_append_page (GTK_NOTEBOOK(prefs_nb), print_pg, label);
/* Filter prefs */
- if (w) {
- filter_te = gtk_object_get_data(GTK_OBJECT(w), E_FILT_TE_PTR_KEY);
- filter_pg = filter_prefs_show(filter_te);
+ if (w)
+ filter_te = gtk_object_get_data(GTK_OBJECT(w), E_FILT_TE_PTR_KEY);
+ filter_pg = filter_prefs_show(filter_te);
#ifdef WITH_WIRETAP
gtk_widget_set_sensitive(filter_pg, FALSE);
#endif
- }
- if (w) {
/* Pass along the entry widget pointer from the calling widget */
gtk_object_set_data(GTK_OBJECT(filter_pg), E_FILT_TE_PTR_KEY, filter_te);
gtk_object_set_data(GTK_OBJECT(prefs_w), E_FILTER_PAGE_KEY, filter_pg);
label = gtk_label_new ("Filters");
gtk_notebook_append_page (GTK_NOTEBOOK(prefs_nb), filter_pg, label);
- }
/* Column prefs */
column_pg = column_prefs_show();
gtk_object_set_data(GTK_OBJECT(prefs_w), E_COLUMN_PAGE_KEY, column_pg);
/vpos tmargin def
% Set the font to 10 point
-/Helvetica findfont 10 scalefont setfont
+/Courier findfont 10 scalefont setfont
% ---- ethereal preamble end ---- %
% Display our output lines.
/* util.c
* Utility routines
*
- * $Id: util.c,v 1.8 1998/12/22 05:52:51 gram Exp $
+ * $Id: util.c,v 1.9 1998/12/29 04:05:37 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
# include "snprintf.h"
#endif
+#include "packet.h"
#include "util.h"
#include "image/icon-excl.xpm"
*btn_mask = ESD_BTN_CANCEL;
gtk_widget_destroy(GTK_WIDGET(win));
}
+
+/* Generate, into "buf", a string showing the bits of a bitfield.
+ Return a pointer to the character after that string. */
+static char *
+decode_bitfield_value(char *buf, guint32 val, guint32 mask, int width)
+{
+ int i;
+ guint32 bit;
+ char *p;
+
+ i = 0;
+ p = buf;
+ bit = 1 << (width - 1);
+ for (;;) {
+ if (mask & bit) {
+ /* This bit is part of the field. Show its value. */
+ if (val & bit)
+ *p++ = '1';
+ else
+ *p++ = '0';
+ } else {
+ /* This bit is not part of the field. */
+ *p++ = '.';
+ }
+ bit >>= 1;
+ i++;
+ if (i >= width)
+ break;
+ if (i % 4 == 0)
+ *p++ = ' ';
+ }
+ strcpy(p, " = ");
+ p += 3;
+ return p;
+}
+
+/* Generate a string describing a Boolean bitfield (a one-bit field that
+ says something is either true of false). */
+const char *
+decode_boolean_bitfield(guint32 val, guint32 mask, int width,
+ const char *truedesc, const char *falsedesc)
+{
+ static char buf[1025];
+ char *p;
+
+ p = decode_bitfield_value(buf, val, mask, width);
+ if (val & mask)
+ strcpy(p, truedesc);
+ else
+ strcpy(p, falsedesc);
+ return buf;
+}
+
+/* Generate a string describing an enumerated bitfield (an N-bit field
+ with various specific values having particular names). */
+const char *
+decode_enumerated_bitfield(guint32 val, guint32 mask, int width,
+ const value_string *tab, const char *fmt)
+{
+ static char buf[1025];
+ char *p;
+
+ p = decode_bitfield_value(buf, val, mask, width);
+ sprintf(p, fmt, val_to_str(val & mask, tab, "Unknown"));
+ return buf;
+}
+
+/* Generate a string describing a numeric bitfield (an N-bit field whose
+ value is just a number). */
+const char *
+decode_numeric_bitfield(guint32 val, guint32 mask, int width,
+ const char *fmt)
+{
+ static char buf[1025];
+ char *p;
+
+ p = decode_bitfield_value(buf, val, mask, width);
+ sprintf(p, fmt, val & mask);
+ return buf;
+}
/* util.h
* Utility definitions
*
- * $Id: util.h,v 1.5 1998/10/16 01:18:35 gerald Exp $
+ * $Id: util.h,v 1.6 1998/12/29 04:05:37 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
void simple_dialog_cancel_cb(GtkWidget *, gpointer);
+const char *decode_boolean_bitfield(guint32 val, guint32 mask, int width,
+ const char *truedesc, const char *falsedesc);
+
+const char *decode_enumerated_bitfield(guint32 val, guint32 mask, int width,
+ const value_string *tab, const char *fmt);
+
+const char *decode_numeric_bitfield(guint32 val, guint32 mask, int width,
+ const char *fmt);
+
#ifdef __cplusplus
}
#endif /* __cplusplus */
libwiretap_a_OBJECTS = buffer.o file.o lanalyzer.o libpcap.o \
ngsniffer.o snoop.o wtap.o
AR = ar
-CFLAGS = -g -O2 -I/usr/lib/glib/include -I/usr/X11R6/include
+CFLAGS = -Wall -g -O2 -I/usr/lib/glib/include -I/usr/X11R6/include
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS)
LINK = $(CC) $(CFLAGS) $(LDFLAGS) -o $@
DIST_COMMON = README AUTHORS COPYING ChangeLog INSTALL Makefile.am \
main ()
{
int major, minor, micro;
- char *tmp_version;
system ("touch conf.gtktest");
- /* HP/UX 9 (%@#!) writes to sscanf strings */
- tmp_version = g_strdup("$min_gtk_version");
- if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) {
+ if (sscanf("$min_gtk_version", "%d.%d.%d", &major, &minor, µ) != 3) {
printf("%s, bad version string\n", "$min_gtk_version");
exit(1);
}
main ()
{
int major, minor, micro;
- char *tmp_version;
system ("touch conf.gtktest");
- /* HP/UX 9 (%@#!) writes to sscanf strings */
- tmp_version = g_strdup("$min_gtk_version");
- if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) {
+ if (sscanf("$min_gtk_version", "%d.%d.%d", &major, &minor, µ) != 3) {
printf("%s, bad version string\n", "$min_gtk_version");
exit(1);
}
}
EOF
-if { (eval echo configure:1155: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:1152: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
:
else
CFLAGS="$CFLAGS $GTK_CFLAGS"
LIBS="$LIBS $GTK_LIBS"
cat > conftest.$ac_ext <<EOF
-#line 1189 "configure"
+#line 1186 "configure"
#include "confdefs.h"
#include <gtk/gtk.h>
return ((gtk_major_version) || (gtk_minor_version) || (gtk_micro_version));
; return 0; }
EOF
-if { (eval echo configure:1199: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:1196: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
echo "*** The test program compiled, but did not run. This usually means"
echo "*** that the run-time linker is not finding GTK or finding the wrong"
echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:1239: checking how to run the C preprocessor" >&5
+echo "configure:1236: checking how to run the C preprocessor" >&5
# On Suns, sometimes $CPP names a directory.
if test -n "$CPP" && test -d "$CPP"; then
CPP=
# On the NeXT, cc -E runs the code through the compiler's parser,
# not just through cpp.
cat > conftest.$ac_ext <<EOF
-#line 1254 "configure"
+#line 1251 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1260: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1257: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
:
rm -rf conftest*
CPP="${CC-cc} -E -traditional-cpp"
cat > conftest.$ac_ext <<EOF
-#line 1271 "configure"
+#line 1268 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1277: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1274: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
:
echo "$ac_t""$CPP" 1>&6
echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
-echo "configure:1300: checking for ANSI C header files" >&5
+echo "configure:1297: checking for ANSI C header files" >&5
if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1305 "configure"
+#line 1302 "configure"
#include "confdefs.h"
#include <stdlib.h>
#include <stdarg.h>
#include <float.h>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1313: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1310: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
if test $ac_cv_header_stdc = yes; then
# SunOS 4.x string.h does not declare mem*, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 1330 "configure"
+#line 1327 "configure"
#include "confdefs.h"
#include <string.h>
EOF
if test $ac_cv_header_stdc = yes; then
# ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 1348 "configure"
+#line 1345 "configure"
#include "confdefs.h"
#include <stdlib.h>
EOF
:
else
cat > conftest.$ac_ext <<EOF
-#line 1369 "configure"
+#line 1366 "configure"
#include "confdefs.h"
#include <ctype.h>
#define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
exit (0); }
EOF
-if { (eval echo configure:1380: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:1377: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
:
else
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1407: checking for $ac_hdr" >&5
+echo "configure:1404: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1412 "configure"
+#line 1409 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1417: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1414: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*