2 * Routines for light weight reslover (lwres, part of BIND9) packet disassembly
6 * Copyright (c) 2003 by Oleg Terletsky <oleg.terletsky@comverse.com>
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1999 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
37 #include <epan/packet.h>
38 #include <epan/prefs.h>
39 #include "packet-dns.h"
41 #define LWRES_LWPACKET_LENGTH (4 * 5 + 2 * 4)
42 #define LWRES_LWPACKETFLAG_RESPONSE 0x0001U /* if set, pkt is a response */
43 #define LWRES_LWPACKETVERSION_0 0
45 #define LW_LENGTH_OFFSET 0
46 #define LW_VERSION_OFFSET 4
47 #define LW_PKTFLASG_OFFSET 6
48 #define LW_SERIAL_OFFSET 8
49 #define LW_OPCODE_OFFSET 12
50 #define LW_RESULT_OFFSET 16
51 #define LW_RECVLEN_OFFSET 20
52 #define LW_AUTHTYPE_OFFSET 24
53 #define LW_AUTHLEN_OFFSET 26
55 #define LWRES_OPCODE_NOOP 0x00000000U
56 #define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U
57 #define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U
58 #define LWRES_OPCODE_GETRDATABYNAME 0x00010003U
60 static const value_string opcode_values[] = {
61 { LWRES_OPCODE_NOOP, "Noop" },
62 { LWRES_OPCODE_GETADDRSBYNAME, "getaddrbyname" },
63 { LWRES_OPCODE_GETNAMEBYADDR, "getnamebyaddr" },
64 { LWRES_OPCODE_GETRDATABYNAME, "getrdatabyname" },
69 #define LWRES_R_SUCCESS 0
70 #define LWRES_R_NOMEMORY 1
71 #define LWRES_R_TIMEOUT 2
72 #define LWRES_R_NOTFOUND 3
73 #define LWRES_R_UNEXPECTEDEND 4 /* unexpected end of input */
74 #define LWRES_R_FAILURE 5 /* generic failure */
75 #define LWRES_R_IOERROR 6
76 #define LWRES_R_NOTIMPLEMENTED 7
77 #define LWRES_R_UNEXPECTED 8
78 #define LWRES_R_TRAILINGDATA 9
79 #define LWRES_R_INCOMPLETE 10
80 #define LWRES_R_RETRY 11
81 #define LWRES_R_TYPENOTFOUND 12
82 #define LWRES_R_TOOLARGE 13
90 static const value_string t_types[] = {
101 static const value_string result_values[] = {
102 { LWRES_R_SUCCESS, "Success" },
103 { LWRES_R_NOMEMORY, "No memory" },
104 { LWRES_R_TIMEOUT, "Timeout" },
105 { LWRES_R_NOTFOUND, "Not found" },
106 { LWRES_R_UNEXPECTEDEND, "Unexpected end of input" },
107 { LWRES_R_FAILURE, "Generic failure" },
108 { LWRES_R_IOERROR, "I/O Error" },
109 { LWRES_R_UNEXPECTED, "Unexpected" },
110 { LWRES_R_TRAILINGDATA, "Trailing data" },
111 { LWRES_R_INCOMPLETE, "Incomplete" },
112 { LWRES_R_RETRY, "Retry" },
113 { LWRES_R_TYPENOTFOUND, "Type not found" },
114 { LWRES_R_TOOLARGE, "Too large" },
118 static int hf_length = -1;
119 static int hf_version = -1;
120 static int hf_flags = -1;
121 static int hf_serial = -1;
122 static int hf_opcode = -1;
123 static int hf_result = -1;
124 static int hf_recvlen = -1;
125 static int hf_authtype = -1;
126 static int hf_authlen = -1;
128 static int hf_rflags = -1;
129 static int hf_rdclass = -1;
130 static int hf_rdtype = -1;
131 static int hf_namelen = -1;
132 static int hf_req_name = -1;
134 static int hf_ttl = -1;
135 static int hf_nrdatas = -1;
136 static int hf_nsigs = -1;
137 static int hf_realnamelen = -1;
138 static int hf_realname = -1;
141 static int hf_a_record = -1;
142 static int hf_a_rec_len = -1;
143 static int hf_srv_prio = -1;
144 static int hf_srv_weight = -1;
145 static int hf_srv_port = -1;
147 static int hf_adn_flags = -1;
148 static int hf_adn_addrtype = -1;
149 static int hf_adn_namelen = -1;
150 static int hf_adn_name = -1;
152 static int hf_adn_realname = -1;
153 static int hf_adn_aliasname = -1;
155 static int hf_adn_naddrs = -1;
156 static int hf_adn_naliases = -1;
157 static int hf_adn_family = -1;
158 static int hf_adn_addr_len = -1;
159 static int hf_adn_addr_addr = -1;
162 static int ett_lwres = -1;
163 static int ett_rdata_req = -1;
164 static int ett_rdata_resp = -1;
165 static int ett_a_rec = -1;
166 static int ett_a_rec_addr = -1;
167 static int ett_srv_rec = -1;
168 static int ett_srv_rec_item = -1;
169 static int ett_adn_request = -1;
170 static int ett_adn_resp = -1;
171 static int ett_adn_alias = -1;
172 static int ett_adn_addr = -1;
173 static int ett_nba_request = -1;
174 static int ett_nba_resp = -1;
175 static int ett_noop = -1;
177 static int ett_mx_rec = -1;
178 static int ett_mx_rec_item = -1;
180 static int ett_ns_rec = -1;
181 static int ett_ns_rec_item = -1;
185 #define LWRES_UDP_PORT 921
187 static guint global_lwres_port = LWRES_UDP_PORT;
189 void proto_reg_handoff_lwres(void);
192 /* Define the lwres proto */
193 static int proto_lwres = -1;
196 /* Define many many headers for mgcp */
198 static const value_string message_types_values[] = {
204 static void dissect_getnamebyaddr_request(tvbuff_t* tvb, proto_tree* lwres_tree)
206 guint32 flags,family;
207 guint16 addrlen, slen;
210 proto_item* nba_request_item;
211 proto_tree* nba_request_tree;
213 flags = tvb_get_ntohl(tvb, LWRES_LWPACKET_LENGTH);
214 family = tvb_get_ntohl(tvb, LWRES_LWPACKET_LENGTH + 4);
215 addrlen = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH + 8);
216 addr = tvb_get_ptr(tvb, LWRES_LWPACKET_LENGTH + 10, 4);
217 slen = (int)strlen(ip_to_str(addr));
221 nba_request_item = proto_tree_add_text(lwres_tree,tvb,LWRES_LWPACKET_LENGTH,LWRES_LWPACKET_LENGTH+14,"getnamebyaddr parameters");
222 nba_request_tree = proto_item_add_subtree(nba_request_item, ett_nba_request);
226 proto_tree_add_uint(nba_request_tree,
229 LWRES_LWPACKET_LENGTH,
233 proto_tree_add_uint(nba_request_tree,
236 LWRES_LWPACKET_LENGTH + 4,
240 proto_tree_add_uint(nba_request_tree,
243 LWRES_LWPACKET_LENGTH + 8,
247 proto_tree_add_string(nba_request_tree,
250 LWRES_LWPACKET_LENGTH + 10,
256 static void dissect_getnamebyaddr_response(tvbuff_t* tvb, proto_tree* lwres_tree)
259 guint16 naliases,realnamelen,aliaslen;
263 proto_item* nba_resp_item;
264 proto_tree* nba_resp_tree;
266 proto_item* alias_item;
267 proto_tree* alias_tree;
271 nba_resp_item = proto_tree_add_text(lwres_tree, tvb, LWRES_LWPACKET_LENGTH, 10,"getnamebyaddr records");
272 nba_resp_tree = proto_item_add_subtree(nba_resp_item, ett_nba_resp);
276 naliases = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH + 4);
277 realnamelen = tvb_get_ntohs(tvb,LWRES_LWPACKET_LENGTH + 4 + 2);
279 proto_tree_add_item(nba_resp_tree,
282 LWRES_LWPACKET_LENGTH,
285 proto_tree_add_item(nba_resp_tree,
288 LWRES_LWPACKET_LENGTH + 4,
292 proto_tree_add_item(nba_resp_tree,
295 LWRES_LWPACKET_LENGTH + 6,
299 proto_tree_add_item(nba_resp_tree,
302 LWRES_LWPACKET_LENGTH + 8,
306 offset=LWRES_LWPACKET_LENGTH + 8 + realnamelen;
310 for(i=0; i<naliases; i++)
312 aliaslen = tvb_get_ntohs(tvb, offset);
313 aliasname = tvb_get_ephemeral_string(tvb, offset + 2, aliaslen);
315 alias_item = proto_tree_add_text(nba_resp_tree, tvb, offset, 2 + aliaslen, "Alias %s",aliasname);
316 alias_tree = proto_item_add_subtree(alias_item, ett_adn_alias);
318 proto_tree_add_item(alias_tree,
325 proto_tree_add_item(alias_tree,
332 offset+=(2 + aliaslen + 1);
337 static void dissect_getaddrsbyname_request(tvbuff_t* tvb, proto_tree* lwres_tree)
341 proto_item* adn_request_item;
342 proto_tree* adn_request_tree;
344 namelen = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH + 8);
348 adn_request_item = proto_tree_add_text(lwres_tree,tvb,
349 LWRES_LWPACKET_LENGTH,10+namelen+1,
350 "getaddrbyname parameters");
351 adn_request_tree = proto_item_add_subtree(adn_request_item, ett_adn_request);
357 proto_tree_add_item(adn_request_tree,
360 LWRES_LWPACKET_LENGTH+0,
364 proto_tree_add_item(adn_request_tree,
367 LWRES_LWPACKET_LENGTH+4,
371 proto_tree_add_item(adn_request_tree,
374 LWRES_LWPACKET_LENGTH+8,
378 proto_tree_add_item(adn_request_tree,
381 LWRES_LWPACKET_LENGTH+10,
388 static void dissect_getaddrsbyname_response(tvbuff_t* tvb, proto_tree* lwres_tree)
390 guint32 family ,i, offset;
391 guint16 naliases, naddrs, realnamelen, length, aliaslen;
396 proto_item* adn_resp_item;
397 proto_tree* adn_resp_tree;
398 proto_item* alias_item;
399 proto_tree* alias_tree;
400 proto_item* addr_item;
401 proto_tree* addr_tree;
407 adn_resp_item = proto_tree_add_text(lwres_tree, tvb, LWRES_LWPACKET_LENGTH, 10, "getaddrbyname records");
408 adn_resp_tree = proto_item_add_subtree(adn_resp_item, ett_adn_resp);
412 naliases = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH + 4);
413 naddrs = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH + 6);
414 realnamelen = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH + 8);
417 proto_tree_add_item(adn_resp_tree,
420 LWRES_LWPACKET_LENGTH,
424 proto_tree_add_item(adn_resp_tree,
427 LWRES_LWPACKET_LENGTH + 4,
431 proto_tree_add_item(adn_resp_tree,
434 LWRES_LWPACKET_LENGTH + 6,
438 proto_tree_add_item(adn_resp_tree,
441 LWRES_LWPACKET_LENGTH + 8,
445 proto_tree_add_item(adn_resp_tree,
448 LWRES_LWPACKET_LENGTH + 10,
452 offset = LWRES_LWPACKET_LENGTH + 10 + realnamelen + 1;
456 for(i=0; i<naliases; i++)
458 aliaslen = tvb_get_ntohs(tvb, offset);
459 aliasname = tvb_get_ephemeral_string(tvb, offset + 2, aliaslen);
461 alias_item = proto_tree_add_text(adn_resp_tree, tvb, offset, 2 + aliaslen, "Alias %s",aliasname);
462 alias_tree = proto_item_add_subtree(alias_item, ett_adn_alias);
464 proto_tree_add_uint(alias_tree,
471 proto_tree_add_item(alias_tree,
478 offset+=(2 + aliaslen + 1);
484 for(i=0; i < naddrs; i++)
486 family = tvb_get_ntohl(tvb, offset);
487 length = tvb_get_ntohs(tvb, offset + 4);
488 addr = (gchar*)tvb_get_ptr(tvb, offset + 6, 4);
489 slen = (int)strlen((char*)ip_to_str((guint8*)addr));
491 addr_item = proto_tree_add_text(adn_resp_tree,tvb, offset, 4+2+4, "Address %s",ip_to_str((guint8*)addr));
492 addr_tree = proto_item_add_subtree(addr_item, ett_adn_addr);
494 proto_tree_add_uint(addr_tree,
501 proto_tree_add_uint(addr_tree,
508 proto_tree_add_string(addr_tree,
513 ip_to_str((guint8*)addr));
522 static void dissect_a_records(tvbuff_t* tvb, proto_tree* tree,guint32 nrec,int offset)
527 proto_item* a_rec_item;
528 proto_tree* a_rec_tree;
529 proto_item* addr_item;
530 proto_tree* addr_tree;
534 a_rec_item = proto_tree_add_text(tree,tvb,offset,
535 ((sizeof(guint32) + sizeof(guint16)) * nrec),"A records");
537 a_rec_tree = proto_item_add_subtree(a_rec_item, ett_a_rec);
542 for(i=0; i<nrec; i++)
545 curr = offset + ((sizeof(guint32)+sizeof(guint16)) * i);
547 len = tvb_get_ntohs(tvb,curr);
548 addr = (gchar*)tvb_get_ptr(tvb,curr+2,4);
552 addr_item = proto_tree_add_text(a_rec_tree,tvb, curr, 6,"IP Address");
553 addr_tree = proto_item_add_subtree(addr_item, ett_a_rec_addr);
554 proto_item_set_text(addr_item,"Address %s",ip_to_str((guint8*)addr));
558 proto_tree_add_uint(addr_tree,
565 proto_tree_add_text(addr_tree,
570 ip_to_str((guint8*)addr));
576 static void dissect_srv_records(tvbuff_t* tvb, proto_tree* tree,guint32 nrec,int offset)
579 guint16 len, priority, weight, port, namelen, dlen;
582 proto_item* srv_rec_item, *rec_item;
583 proto_item* srv_rec_tree, *rec_tree;
587 srv_rec_item = proto_tree_add_text(tree, tvb, offset, offset, "SRV records");
588 srv_rec_tree = proto_item_add_subtree(srv_rec_item, ett_srv_rec);
589 proto_item_set_text(srv_rec_item, "SRV records (%d)", nrec);
595 for(i=0; i < nrec; i++)
597 len = tvb_get_ntohs(tvb, curr);
598 priority = tvb_get_ntohs(tvb, curr + 2);
599 weight = tvb_get_ntohs(tvb, curr + 4);
600 port = tvb_get_ntohs(tvb, curr + 6);
603 dlen = get_dns_name(tvb, curr + 8, 0, curr + 8, &dname);
607 rec_item = proto_tree_add_text(srv_rec_tree, tvb, curr, 6," ");
608 rec_tree = proto_item_add_subtree(rec_item, ett_srv_rec_item);
609 proto_item_set_text(rec_item,
610 "SRV record:pri=%d,w=%d,port=%d,dname=%s",
618 proto_tree_add_uint(rec_tree,
625 proto_tree_add_uint(rec_tree,
632 proto_tree_add_uint(rec_tree,
640 proto_tree_add_text(rec_tree,
646 curr+=((sizeof(short)*4) + dlen);
652 static void dissect_mx_records(tvbuff_t* tvb, proto_tree* tree, guint32 nrec, int offset)
656 guint len, priority, dlen, namelen;
659 proto_item* mx_rec_item, *rec_item;
660 proto_tree* mx_rec_tree, *rec_tree;
665 mx_rec_item = proto_tree_add_text(tree, tvb, offset, offset, "MX records (%d)", nrec);
666 mx_rec_tree = proto_item_add_subtree(mx_rec_item, ett_mx_rec);
672 for(i=0; i < nrec; i++)
674 len = tvb_get_ntohs(tvb, curr);
675 priority = tvb_get_ntohs(tvb, curr + 2);
677 dlen = get_dns_name(tvb, curr + 4, 0, curr + 4, &dname);
680 rec_item = proto_tree_add_text(mx_rec_tree, tvb, curr,6,"MX record: pri=%d,dname=%s",
682 rec_tree = proto_item_add_subtree(rec_item, ett_mx_rec_item);
688 proto_tree_add_uint(rec_tree,
695 proto_tree_add_text(rec_tree,
701 curr+=((sizeof(short)*2) + dlen);
708 static void dissect_ns_records(tvbuff_t* tvb, proto_tree* tree, guint32 nrec, int offset)
711 guint len, dlen, namelen;
714 proto_item* ns_rec_item, *rec_item;
715 proto_tree* ns_rec_tree, *rec_tree;
719 ns_rec_item = proto_tree_add_text(tree, tvb, offset, offset, "NS record (%d)", nrec);
720 ns_rec_tree = proto_item_add_subtree(ns_rec_item, ett_ns_rec);
728 len = tvb_get_ntohs(tvb, curr);
730 dlen = get_dns_name(tvb, curr + 2, 0, curr + 2, &dname);
733 rec_item = proto_tree_add_text(ns_rec_tree, tvb, curr,4, "NS record: dname=%s",dname);
734 rec_tree = proto_item_add_subtree(rec_item, ett_ns_rec_item);
739 proto_tree_add_text(rec_tree,
744 curr+=(sizeof(short) + dlen);
751 static void dissect_rdata_request(tvbuff_t* tvb, proto_tree* lwres_tree)
755 proto_item* rdata_request_item;
756 proto_tree* rdata_request_tree;
758 namelen = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH+8);
763 proto_tree_add_text(lwres_tree,tvb,LWRES_LWPACKET_LENGTH,10+namelen+1,"RDATA request parameters");
764 rdata_request_tree = proto_item_add_subtree(rdata_request_item, ett_rdata_req);
769 proto_tree_add_item(rdata_request_tree,
772 LWRES_LWPACKET_LENGTH+0,
776 proto_tree_add_item(rdata_request_tree,
779 LWRES_LWPACKET_LENGTH+4,
783 proto_tree_add_item(rdata_request_tree,
786 LWRES_LWPACKET_LENGTH+6,
790 proto_tree_add_item(rdata_request_tree,
793 LWRES_LWPACKET_LENGTH+8,
797 proto_tree_add_item(rdata_request_tree,
800 LWRES_LWPACKET_LENGTH+10,
806 static void dissect_rdata_response(tvbuff_t* tvb, proto_tree* lwres_tree)
809 guint rdtype, nrdatas, realnamelen;
811 proto_item* rdata_resp_item;
812 proto_tree* rdata_resp_tree;
814 rdtype = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH+6);
815 nrdatas = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH+12);
816 realnamelen = tvb_get_ntohs(tvb,LWRES_LWPACKET_LENGTH+16);
818 offset = LWRES_LWPACKET_LENGTH + 18 + realnamelen + 1;
822 rdata_resp_item = proto_tree_add_text(lwres_tree,tvb,LWRES_LWPACKET_LENGTH, 18+realnamelen+1,"RDATA response");
823 rdata_resp_tree = proto_item_add_subtree(rdata_resp_item, ett_rdata_resp);
828 proto_tree_add_item(rdata_resp_tree,
831 LWRES_LWPACKET_LENGTH+0,
835 proto_tree_add_item(rdata_resp_tree,
838 LWRES_LWPACKET_LENGTH+4,
842 proto_tree_add_item(rdata_resp_tree,
845 LWRES_LWPACKET_LENGTH+6,
849 proto_tree_add_item(rdata_resp_tree,
852 LWRES_LWPACKET_LENGTH+8,
856 proto_tree_add_item(rdata_resp_tree,
859 LWRES_LWPACKET_LENGTH+12,
863 proto_tree_add_item(rdata_resp_tree,
866 LWRES_LWPACKET_LENGTH+14,
870 proto_tree_add_item(rdata_resp_tree,
873 LWRES_LWPACKET_LENGTH+16,
877 proto_tree_add_item(rdata_resp_tree,
880 LWRES_LWPACKET_LENGTH+18,
887 dissect_a_records(tvb,rdata_resp_tree,nrdatas,offset);
891 dissect_srv_records(tvb,rdata_resp_tree,nrdatas, offset);
895 dissect_mx_records(tvb,rdata_resp_tree,nrdatas, offset);
899 dissect_ns_records(tvb,rdata_resp_tree,nrdatas, offset);
905 static void dissect_noop(tvbuff_t* tvb, proto_tree* lwres_tree)
910 proto_item* noop_item;
911 proto_tree* noop_tree;
913 datalen = tvb_get_ntohs(tvb, LWRES_LWPACKET_LENGTH);
914 data = (char*)tvb_get_ptr(tvb, LWRES_LWPACKET_LENGTH, datalen);
918 noop_item = proto_tree_add_text(lwres_tree, tvb, LWRES_LWPACKET_LENGTH, 10, "Noop record");
919 noop_tree = proto_item_add_subtree(noop_item, ett_noop);
924 proto_tree_add_uint(noop_tree,
927 LWRES_LWPACKET_LENGTH,
933 static void dissect_getaddrsbyname(tvbuff_t* tvb, proto_tree* lwres_tree, int type)
936 dissect_getaddrsbyname_request(tvb, lwres_tree);
938 dissect_getaddrsbyname_response(tvb, lwres_tree);
941 static void dissect_getnamebyaddr(tvbuff_t* tvb, proto_tree* lwres_tree, int type)
944 dissect_getnamebyaddr_request(tvb, lwres_tree);
946 dissect_getnamebyaddr_response(tvb, lwres_tree);
949 static void dissect_getrdatabyname(tvbuff_t* tvb, proto_tree* lwres_tree, int type)
952 dissect_rdata_request(tvb, lwres_tree);
954 dissect_rdata_response(tvb, lwres_tree);
958 dissect_lwres(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
960 guint16 version, flags, authtype, authlength ;
961 guint32 length, opcode, result, recvlength, serial;
962 guint32 message_type;
964 proto_item* lwres_item;
965 proto_tree* lwres_tree;
967 col_set_str(pinfo->cinfo, COL_PROTOCOL, "lw_res");
968 length = tvb_get_ntohl(tvb, LW_LENGTH_OFFSET);
969 version = tvb_get_ntohs(tvb, LW_VERSION_OFFSET);
970 flags = tvb_get_ntohs(tvb, LW_PKTFLASG_OFFSET);
971 serial = tvb_get_ntohl(tvb, LW_SERIAL_OFFSET);
972 opcode = tvb_get_ntohl(tvb,LW_OPCODE_OFFSET);
973 result = tvb_get_ntohl(tvb, LW_RESULT_OFFSET);
974 recvlength = tvb_get_ntohl(tvb, LW_RECVLEN_OFFSET);
975 authtype = tvb_get_ntohs(tvb, LW_AUTHTYPE_OFFSET);
976 authlength = tvb_get_ntohs(tvb, LW_AUTHLEN_OFFSET);
978 message_type = (flags & LWRES_LWPACKETFLAG_RESPONSE) ? 2 : 1;
980 if (check_col(pinfo->cinfo, COL_INFO)) {
981 col_clear(pinfo->cinfo, COL_INFO);
983 if(flags & LWRES_LWPACKETFLAG_RESPONSE)
985 col_add_fstr(pinfo->cinfo, COL_INFO,
986 "%s, opcode=%s, serial=0x%x, result=%s",
987 val_to_str((guint32)message_type,message_types_values,"unknown"),
988 val_to_str(opcode, opcode_values, "unknown"),
990 val_to_str(result,result_values,"unknown"));
994 col_add_fstr(pinfo->cinfo, COL_INFO,
995 "%s, opcode=%s, serial=0x%x",
996 val_to_str((guint32)message_type,message_types_values,"unknown"),
997 val_to_str(opcode, opcode_values, "unknown"),
1004 lwres_item = proto_tree_add_item(tree,proto_lwres, tvb,0, -1, FALSE);
1005 lwres_tree = proto_item_add_subtree(lwres_item, ett_lwres);
1010 proto_tree_add_uint(lwres_tree,
1018 proto_tree_add_uint(lwres_tree,
1028 proto_tree_add_uint(lwres_tree,
1035 proto_tree_add_uint(lwres_tree,
1042 proto_tree_add_uint(lwres_tree,
1049 proto_tree_add_uint(lwres_tree,
1056 proto_tree_add_uint(lwres_tree,
1063 proto_tree_add_uint(lwres_tree,
1070 proto_tree_add_uint(lwres_tree,
1081 case LWRES_OPCODE_NOOP:
1082 dissect_noop(tvb, lwres_tree);
1085 case LWRES_OPCODE_GETADDRSBYNAME:
1086 dissect_getaddrsbyname(tvb, lwres_tree, message_type);
1089 case LWRES_OPCODE_GETNAMEBYADDR:
1090 dissect_getnamebyaddr(tvb, lwres_tree, message_type);
1093 case LWRES_OPCODE_GETRDATABYNAME:
1094 dissect_getrdatabyname(tvb, lwres_tree, message_type);
1102 proto_register_lwres(void)
1104 static hf_register_info hf[] = {
1106 { "Length", "lwres.length", FT_UINT32, BASE_DEC, NULL, 0x0,
1107 "lwres length", HFILL }},
1110 { "Version", "lwres.version", FT_UINT16, BASE_DEC, NULL, 0x0,
1111 "lwres version", HFILL }},
1114 { "Packet Flags", "lwres.flags", FT_UINT16, BASE_HEX, NULL, 0x0,
1115 "lwres flags", HFILL }},
1118 { "Serial", "lwres.serial", FT_UINT32, BASE_HEX, NULL, 0x0,
1119 "lwres serial", HFILL }},
1122 { "Operation code", "lwres.opcode", FT_UINT32, BASE_DEC, VALS(opcode_values), 0x0,
1123 "lwres opcode", HFILL }},
1126 { "Result", "lwres.result", FT_UINT32, BASE_DEC, VALS(result_values), 0x0,
1127 "lwres result", HFILL }},
1130 { "Received length", "lwres.recvlen", FT_UINT32, BASE_DEC, NULL, 0x0,
1131 "lwres recvlen", HFILL }},
1134 { "Auth. type", "lwres.authtype", FT_UINT16, BASE_DEC, NULL, 0x0,
1135 "lwres authtype", HFILL }},
1138 { "Auth. length", "lwres.authlen", FT_UINT16, BASE_DEC, NULL, 0x0,
1139 "lwres authlen", HFILL }},
1142 { "Flags", "lwres.rflags", FT_UINT32, BASE_HEX, NULL, 0x0,
1143 "lwres rflags", HFILL }},
1145 { "Class", "lwres.class", FT_UINT16, BASE_DEC, NULL, 0x0,
1146 "lwres class", HFILL }},
1149 { "Type", "lwres.type", FT_UINT16, BASE_DEC, VALS(t_types), 0x0,
1150 "lwres type", HFILL }},
1153 { "Name length", "lwres.namelen", FT_UINT16, BASE_DEC, NULL, 0x0,
1154 "lwres namelen", HFILL }},
1157 { "Domain name", "lwres.reqdname", FT_STRING, BASE_NONE, NULL, 0x0,
1158 "lwres reqdname", HFILL }},
1161 { "Time To Live", "lwres.ttl", FT_UINT32, BASE_DEC, NULL, 0x0,
1162 "lwres ttl", HFILL }},
1165 { "Number of rdata records", "lwres.nrdatas", FT_UINT16, BASE_DEC, NULL, 0x0,
1166 "lwres nrdatas", HFILL }},
1169 { "Number of signature records", "lwres.nsigs", FT_UINT16, BASE_DEC, NULL, 0x0,
1170 "lwres nsigs", HFILL }},
1173 { "Real name length", "lwres.realnamelen", FT_UINT16, BASE_DEC, NULL, 0x0,
1174 "lwres realnamelen", HFILL }},
1177 { "Real doname name", "lwres.realname", FT_STRING, BASE_NONE, NULL, 0x0,
1178 "lwres realname", HFILL }},
1181 { "IPv4 Address", "lwres.arecord", FT_UINT32, BASE_DEC, NULL, 0x0,
1182 "lwres arecord", HFILL }},
1185 { "Length", "lwres.areclen", FT_UINT16, BASE_DEC, NULL, 0x0,
1186 "lwres areclen", HFILL }},
1189 { "Priority", "lwres.srv.priority", FT_UINT16, BASE_DEC, NULL, 0x0,
1190 "lwres srv prio", HFILL }},
1193 { "Weight", "lwres.srv.weight", FT_UINT16, BASE_DEC, NULL, 0x0,
1194 "lwres srv weight", HFILL }},
1197 { "Port" , "lwres.srv.port", FT_UINT16, BASE_DEC, NULL, 0x0,
1198 "lwres srv port", HFILL }},
1201 { "Flags", "lwres.adn.flags", FT_UINT32, BASE_HEX, NULL, 0x0,
1202 "lwres adn flags", HFILL }},
1205 { "Address type", "lwres.adn.addrtype", FT_UINT32, BASE_DEC, NULL, 0x0,
1206 "lwres adn addrtype", HFILL }},
1209 { "Name length", "lwres.adn.namelen", FT_UINT16, BASE_DEC, NULL, 0x0,
1210 "lwres adn namelen", HFILL }},
1213 { "Name", "lwres.adn.name", FT_STRING, BASE_NONE, NULL, 0x0,
1214 "lwres adn name", HFILL }},
1217 { "Number of aliases", "lwres.adn.naliases", FT_UINT16, BASE_DEC, NULL, 0x0,
1218 "lwres adn naliases", HFILL }},
1221 { "Number of addresses", "lwres.adn.naddrs", FT_UINT16, BASE_DEC, NULL, 0x0,
1222 "lwres adn naddrs", HFILL }},
1225 { "Real name", "lwres.adn.realname", FT_STRING, BASE_NONE, NULL, 0x0,
1226 "lwres adn realname", HFILL }},
1228 { &hf_adn_aliasname,
1229 { "Alias name", "lwres.adn.aliasname", FT_STRING, BASE_NONE, NULL, 0x0,
1230 "lwres adn aliasname", HFILL }},
1233 { "Address family", "lwres.adn.addr.family", FT_UINT32, BASE_DEC, NULL, 0x0,
1234 "lwres adn addr family", HFILL }},
1237 { "Address length", "lwres.adn.addr.length", FT_UINT16, BASE_DEC, NULL, 0x0,
1238 "lwres adn addr length", HFILL }},
1240 { &hf_adn_addr_addr,
1241 { "IP Address", "lwres.adn.addr.addr", FT_STRING, BASE_NONE, NULL, 0x0,
1242 "lwres adn addr addr", HFILL }},
1244 /* Add more fields here */
1247 static gint *ett[] = {
1269 module_t *lwres_module;
1271 proto_lwres = proto_register_protocol("Light Weight DNS RESolver (BIND9)",
1274 proto_register_field_array(proto_lwres, hf, array_length(hf));
1275 proto_register_subtree_array(ett, array_length(ett));
1277 lwres_module = prefs_register_protocol(proto_lwres, proto_reg_handoff_lwres);
1279 prefs_register_uint_preference(lwres_module, "udp.lwres_port",
1280 "lwres listener UDP Port",
1281 "Set the UDP port for lwres daemon"
1282 "(if other than the default of 921)",
1283 10, &global_lwres_port);
1287 /* The registration hand-off routine */
1289 proto_reg_handoff_lwres(void)
1291 static gboolean lwres_prefs_initialized = FALSE;
1292 static dissector_handle_t lwres_handle;
1293 static guint lwres_port;
1295 if(!lwres_prefs_initialized) {
1296 lwres_handle = create_dissector_handle(dissect_lwres, proto_lwres);
1297 lwres_prefs_initialized = TRUE;
1300 dissector_delete("udp.port", lwres_port, lwres_handle);
1303 dissector_add("udp.port", global_lwres_port, lwres_handle);
1304 lwres_port = global_lwres_port;