2 * Routines for Layer Two Tunnelling Protocol (L2TP) packet disassembly
3 * John Thomes <john@ensemblecom.com>
5 * Minor changes by: (2000-01-10)
6 * Laurent Cazalet <laurent.cazalet@mailclub.net>
7 * Thomas Parvais <thomas.parvais@advalvas.be>
9 * Wireshark - Network traffic analyzer
10 * By Gerald Combs <gerald@wireshark.org>
11 * Copyright 1998 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
30 * http://tools.ietf.org/html/rfc2661
33 * http://tools.ietf.org/html/rfc3931
35 * Layer Two Tunneling Protocol "L2TP" number assignments:
36 * http://www.iana.org/assignments/l2tp-parameters
40 * RFC 4591 for Frame Relay
41 * http://tools.ietf.org/html/rfc4591
44 * http://tools.ietf.org/html/rfc4454
46 * RFC 4719 for Ethernet
47 * http://tools.ietf.org/html/rfc4719
50 * http://tools.ietf.org/html/rfc4349
52 * XXX - what about LAPD?
57 #include <epan/packet.h>
58 #include <epan/ipproto.h>
59 #include <epan/sminmpec.h>
60 #include <epan/prefs.h>
61 #include <epan/conversation.h>
62 #include <epan/expert.h>
63 #include <epan/decode_as.h>
64 #include <wsutil/md5.h>
65 #include <wsutil/sha1.h>
67 #include "packet-l2tp.h"
69 void proto_register_l2tp(void);
70 void proto_reg_handoff_l2tp(void);
72 static int proto_l2tp = -1;
73 static int hf_l2tp_type = -1;
74 static int hf_l2tp_length_bit = -1;
75 static int hf_l2tp_seq_bit = -1;
76 static int hf_l2tp_offset_bit = -1;
77 static int hf_l2tp_priority = -1;
78 static int hf_l2tp_version = -1;
79 static int hf_l2tp_length = -1;
80 static int hf_l2tp_tunnel = -1;
81 static int hf_l2tp_session = -1;
82 static int hf_l2tp_Ns = -1;
83 static int hf_l2tp_Nr = -1;
84 static int hf_l2tp_offset = -1;
85 static int hf_l2tp_avp_mandatory = -1;
86 static int hf_l2tp_avp_hidden = -1;
87 static int hf_l2tp_avp_length = -1;
88 static int hf_l2tp_avp_vendor_id = -1;
89 static int hf_l2tp_avp_type = -1;
90 static int hf_l2tp_tie_breaker = -1;
91 static int hf_l2tp_sid = -1;
92 static int hf_l2tp_res = -1;
93 static int hf_l2tp_ccid = -1;
94 static int hf_l2tp_cookie = -1;
95 static int hf_l2tp_l2_spec_def = -1;
96 static int hf_l2tp_l2_spec_atm = -1;
97 static int hf_l2tp_l2_spec_docsis_dmpt = -1;
98 static int hf_l2tp_l2_spec_v = -1;
99 static int hf_l2tp_l2_spec_s = -1;
100 static int hf_l2tp_l2_spec_h = -1;
101 static int hf_l2tp_l2_spec_flow_id = -1;
102 static int hf_l2tp_l2_spec_sequence = -1;
103 static int hf_l2tp_l2_spec_t = -1;
104 static int hf_l2tp_l2_spec_g = -1;
105 static int hf_l2tp_l2_spec_c = -1;
106 static int hf_l2tp_l2_spec_u = -1;
107 static int hf_l2tp_cisco_avp_type = -1;
108 static int hf_l2tp_cablelabs_avp_type = -1;
109 static int hf_l2tp_avp_message_type = -1;
110 static int hf_l2tp_avp_assigned_tunnel_id = -1;
111 static int hf_l2tp_avp_assigned_control_conn_id = -1;
112 static int hf_l2tp_avp_assigned_session_id = -1;
113 static int hf_l2tp_avp_remote_session_id = -1;
114 static int hf_l2tp_avp_local_session_id = -1;
115 static int hf_l2tp_avp_called_number = -1;
116 static int hf_l2tp_avp_calling_number = -1;
117 static int hf_l2tp_cisco_tie_breaker = -1;
118 static int hf_l2tp_cablel_avp_l_bit = -1;
119 static int hf_l2tp_cablel_avp_tsid_group_id = -1;
120 static int hf_l2tp_cablel_avp_frequency = -1;
121 static int hf_l2tp_cablel_avp_modulation = -1;
122 static int hf_l2tp_cablel_avp_m = -1;
123 static int hf_l2tp_cablel_avp_n = -1;
125 /* Generated from convert_proto_tree_add_text.pl */
126 static int hf_l2tp_cisco_pw_type = -1;
127 static int hf_l2tp_avp_error_code = -1;
128 static int hf_l2tp_avp_cause_msg = -1;
129 static int hf_l2tp_avp_host_name = -1;
130 static int hf_l2tp_avp_maximum_bps = -1;
131 static int hf_l2tp_avp_pseudowire_type = -1;
132 static int hf_l2tp_avp_minimum_bps = -1;
133 static int hf_l2tp_avp_nonce = -1;
134 static int hf_l2tp_avp_circuit_status = -1;
135 static int hf_l2tp_avp_receive_window_size = -1;
136 static int hf_l2tp_avp_vendor_name = -1;
137 static int hf_l2tp_avp_layer2_specific_sublayer = -1;
138 static int hf_l2tp_avp_disconnect_code = -1;
139 static int hf_l2tp_cisco_circuit_status = -1;
140 static int hf_l2tp_cisco_remote_session_id = -1;
141 static int hf_l2tp_avp_router_id = -1;
142 static int hf_l2tp_avp_send_accm = -1;
143 static int hf_l2tp_avp_last_sent_lcp_confreq = -1;
144 static int hf_l2tp_avp_sync_framing_supported = -1;
145 static int hf_l2tp_cisco_assigned_control_connection_id = -1;
146 static int hf_l2tp_avp_sync_framing_type = -1;
147 static int hf_l2tp_avp_assigned_cookie = -1;
148 static int hf_l2tp_avp_time_out_errors = -1;
149 static int hf_l2tp_avp_sub_address = -1;
150 static int hf_l2tp_avp_connect_speed = -1;
151 static int hf_l2tp_avp_analog_access_supported = -1;
152 static int hf_l2tp_avp_private_group_id = -1;
153 static int hf_l2tp_avp_proxy_authen_response = -1;
154 static int hf_l2tp_avp_chap_challenge = -1;
155 static int hf_l2tp_avp_call_serial_number = -1;
156 static int hf_l2tp_avp_digital_access_supported = -1;
157 static int hf_l2tp_avp_physical_channel = -1;
158 static int hf_l2tp_avp_advisory_msg = -1;
159 static int hf_l2tp_avp_data_sequencing = -1;
160 static int hf_l2tp_avp_control_protocol_number = -1;
161 static int hf_l2tp_avp_error_message = -1;
162 static int hf_l2tp_avp_initial_received_lcp_confreq = -1;
163 static int hf_l2tp_avp_async_framing_supported = -1;
164 static int hf_l2tp_cisco_message_digest = -1;
165 static int hf_l2tp_avp_circuit_type = -1;
166 static int hf_l2tp_cisco_circuit_type = -1;
167 static int hf_l2tp_avp_proxy_authen_challenge = -1;
168 static int hf_l2tp_cisco_assigned_cookie = -1;
169 static int hf_l2tp_avp_receive_accm = -1;
170 static int hf_l2tp_stop_ccn_result_code = -1;
171 static int hf_l2tp_avp_proxy_authen_id = -1;
172 static int hf_l2tp_avp_digital_bearer_type = -1;
173 static int hf_l2tp_avp_rx_connect_speed = -1;
174 static int hf_l2tp_cisco_nonce = -1;
175 static int hf_l2tp_avp_chap_challenge_response = -1;
176 static int hf_l2tp_avp_cause_code = -1;
177 static int hf_l2tp_avp_protocol_revision = -1;
178 static int hf_l2tp_avp_alignment_errors = -1;
179 static int hf_l2tp_avp_last_received_lcp_confreq = -1;
180 static int hf_l2tp_avp_crc_errors = -1;
181 static int hf_l2tp_avp_random_vector = -1;
182 static int hf_l2tp_avp_preferred_language = -1;
183 static int hf_l2tp_cisco_interface_mtu = -1;
184 static int hf_l2tp_avp_async_framing_type = -1;
185 static int hf_l2tp_avp_pw_type = -1;
186 static int hf_l2tp_cisco_local_session_id = -1;
187 static int hf_l2tp_avp_hardware_overruns = -1;
188 static int hf_l2tp_avp_proxy_authen_type = -1;
189 static int hf_l2tp_cisco_draft_avp_version = -1;
190 static int hf_l2tp_avp_protocol_version = -1;
191 static int hf_l2tp_result_code = -1;
192 static int hf_l2tp_avp_buffer_overruns = -1;
193 static int hf_l2tp_avp_remote_end_id = -1;
194 static int hf_l2tp_cisco_pseudowire_type = -1;
195 static int hf_l2tp_avp_message_digest = -1;
196 static int hf_l2tp_avp_proxy_authen_name = -1;
197 static int hf_l2tp_avp_analog_bearer_type = -1;
198 static int hf_l2tp_avp_cause_code_direction = -1;
199 static int hf_l2tp_avp_firmware_revision = -1;
200 static int hf_l2tp_avp_cause_code_message = -1;
201 static int hf_l2tp_avp_framing_errors = -1;
202 static int hf_l2tp_cisco_remote_end_id = -1;
203 static int hf_l2tp_avp_tx_connect_speed_v3 = -1;
204 static int hf_l2tp_avp_rx_connect_speed_v3 = -1;
205 static int hf_l2tp_lapd_info = -1;
206 static int hf_l2tp_session_id = -1;
207 static int hf_l2tp_zero_length_bit_message = -1;
208 static int hf_l2tp_offset_padding = -1;
210 static dissector_table_t l2tp_vendor_avp_dissector_table;
211 static dissector_table_t pw_type_table;
213 #define UDP_PORT_L2TP 1701
215 #define CONTROL_BIT(msg_info) (msg_info & 0x8000) /* Type bit control = 1 data = 0 */
216 #define LENGTH_BIT(msg_info) (msg_info & 0x4000) /* Length bit = 1 */
217 #define RESERVE_BITS(msg_info) (msg_info &0x37F8) /* Reserved bit - usused */
218 #define SEQUENCE_BIT(msg_info) (msg_info & 0x0800) /* SEQUENCE bit = 1 Ns and Nr fields */
219 #define OFFSET_BIT(msg_info) (msg_info & 0x0200) /* Offset */
220 #define PRIORITY_BIT(msg_info) (msg_info & 0x0100) /* Priority */
221 #define L2TP_VERSION(msg_info) (msg_info & 0x000f) /* Version of l2tp */
222 #define MANDATORY_BIT(msg_info) (msg_info & 0x8000) /* Mandatory = 1 */
223 #define HIDDEN_BIT(msg_info) (msg_info & 0x4000) /* Hidden = 1 */
224 #define AVP_LENGTH(msg_info) (msg_info & 0x03ff) /* AVP Length */
225 #define FRAMING_SYNC(msg_info) (msg_info & 0x0001) /* SYNC Framing Type */
226 #define FRAMING_ASYNC(msg_info) (msg_info & 0x0002) /* ASYNC Framing Type */
227 #define BEARER_DIGITAL(msg_info) (msg_info & 0x0001) /* Digital Bearer Type */
228 #define BEARER_ANALOG(msg_info) (msg_info & 0x0002) /* Analog Bearer Type */
229 #define CIRCUIT_STATUS_BIT(msg_info) (msg_info & 0x0001) /* Circuit Status */
230 #define CIRCUIT_TYPE_BIT(msg_info) (msg_info & 0x0001) /* Circuit Condition */
232 /* DOCSIS DMPT Sub-Layer Header definitions */
233 #define FLOW_ID_MASK 0x0E
235 static gint ett_l2tp = -1;
236 static gint ett_l2tp_ctrl = -1;
237 static gint ett_l2tp_avp = -1;
238 static gint ett_l2tp_avp_sub = -1;
239 static gint ett_l2tp_lcp = -1;
240 static gint ett_l2tp_l2_spec = -1;
242 static expert_field ei_l2tp_incorrect_digest = EI_INIT;
243 /* Generated from convert_proto_tree_add_text.pl */
244 static expert_field ei_l2tp_vendor_specific_avp_data = EI_INIT;
245 static expert_field ei_l2tp_avp_length = EI_INIT;
247 static const enum_val_t l2tpv3_cookies[] = {
248 {"detect", "Detect", -1},
249 {"cookie0", "None", 0},
250 {"cookie4", "4 Byte Cookie", 4},
251 {"cookie8", "8 Byte Cookie", 8},
255 #define L2TPv3_COOKIE_DEFAULT 0
256 #define L2TPv3_PROTOCOL_DEFAULT L2TPv3_PROTOCOL_CHDLC
258 #define L2TPv3_L2_SPECIFIC_NONE 0
259 #define L2TPv3_L2_SPECIFIC_DEFAULT 1
260 #define L2TPv3_L2_SPECIFIC_ATM 2
261 #define L2TPv3_L2_SPECIFIC_LAPD 3
262 #define L2TPv3_L2_SPECIFIC_DOCSIS_DMPT 4
263 #define L2TPv3_L2_SPECIFIC_MAX (L2TPv3_L2_SPECIFIC_DOCSIS_DMPT + 1)
265 static const enum_val_t l2tpv3_l2_specifics[] = {
266 {"detect", "Detect", -1},
267 {"none", "None", L2TPv3_L2_SPECIFIC_NONE},
268 {"default", "Default L2-Specific", L2TPv3_L2_SPECIFIC_DEFAULT},
269 {"atm", "ATM-Specific", L2TPv3_L2_SPECIFIC_ATM},
270 {"lapd", "LAPD-Specific", L2TPv3_L2_SPECIFIC_LAPD},
271 {"dmpt", "DOCSIS DMPT-Specific", L2TPv3_L2_SPECIFIC_DOCSIS_DMPT},
275 static gint l2tpv3_cookie = -1;
276 static gint l2tpv3_l2_specific = -1;
278 #define MESSAGE_TYPE_SCCRQ 1
279 #define MESSAGE_TYPE_SCCRP 2
280 #define MESSAGE_TYPE_SCCCN 3
281 #define MESSAGE_TYPE_StopCCN 4
282 #define MESSAGE_TYPE_Reserved_5 5
283 #define MESSAGE_TYPE_HELLO 6
284 #define MESSAGE_TYPE_OCRQ 7
285 #define MESSAGE_TYPE_OCRP 8
286 #define MESSAGE_TYPE_OCCN 9
287 #define MESSAGE_TYPE_ICRQ 10
288 #define MESSAGE_TYPE_ICRP 11
289 #define MESSAGE_TYPE_ICCN 12
290 #define MESSAGE_TYPE_Reserved_13 13
291 #define MESSAGE_TYPE_CDN 14
292 #define MESSAGE_TYPE_WEN 15
293 #define MESSAGE_TYPE_SLI 16
294 #define MESSAGE_TYPE_MDMST 17
295 #define MESSAGE_TYPE_SRRQ 18
296 #define MESSAGE_TYPE_SRRP 19
297 #define MESSAGE_TYPE_ACK 20
298 #define MESSAGE_TYPE_FSQ 21
299 #define MESSAGE_TYPE_FSR 22
300 #define MESSAGE_TYPE_MSRQ 23
301 #define MESSAGE_TYPE_MSRP 24
302 #define MESSAGE_TYPE_MSE 25
303 #define MESSAGE_TYPE_MSI 26
304 #define MESSAGE_TYPE_MSEN 27
306 static const value_string message_type_vals[] = {
307 { MESSAGE_TYPE_SCCRQ, "Start_Control_Request" },
308 { MESSAGE_TYPE_SCCRP, "Start_Control_Reply" },
309 { MESSAGE_TYPE_SCCCN, "Start_Control_Connected" },
310 { MESSAGE_TYPE_StopCCN, "Stop_Control_Notification" },
311 { MESSAGE_TYPE_Reserved_5, "Reserved" },
312 { MESSAGE_TYPE_HELLO, "Hello" },
313 { MESSAGE_TYPE_OCRQ, "Outgoing_Call_Request" },
314 { MESSAGE_TYPE_OCRP, "Outgoing_Call_Reply" },
315 { MESSAGE_TYPE_OCCN, "Outgoing_Call_Connected" },
316 { MESSAGE_TYPE_ICRQ, "Incoming_Call_Request" },
317 { MESSAGE_TYPE_ICRP, "Incoming_Call_Reply" },
318 { MESSAGE_TYPE_ICCN, "Incoming_Call_Connected" },
319 { MESSAGE_TYPE_Reserved_13, "Reserved" },
320 { MESSAGE_TYPE_CDN, "Call_Disconnect_Notification" },
321 { MESSAGE_TYPE_WEN, "WAN_Error_Notify" },
322 { MESSAGE_TYPE_SLI, "Set_Link_Info" },
323 { MESSAGE_TYPE_MDMST, "Modem_Status" },
324 { MESSAGE_TYPE_SRRQ, "Service_Relay_Request_Msg" },
325 { MESSAGE_TYPE_SRRP, "Service_Relay_Reply_Message" },
326 { MESSAGE_TYPE_ACK, "Explicit_Acknowledgement" },
327 /* Fail Over Extensions - RFC4951 */
328 { MESSAGE_TYPE_FSQ, "Failover_Session_Query_Message" },
329 { MESSAGE_TYPE_FSR, "Failover_Session_Response_Message" },
330 /* Multicast Management - RFC4045 */
331 { MESSAGE_TYPE_MSRQ, "Multicast-Session-Request" },
332 { MESSAGE_TYPE_MSRP, "Multicast-Session-Response" },
333 { MESSAGE_TYPE_MSE, "Multicast-Session-Establishment" },
334 { MESSAGE_TYPE_MSI, "Multicast-Session-Information" },
335 { MESSAGE_TYPE_MSEN, "Multicast-Session-End-Notify" },
338 static value_string_ext message_type_vals_ext = VALUE_STRING_EXT_INIT(message_type_vals);
340 static const value_string l2tp_message_type_short_str_vals[] = {
341 { MESSAGE_TYPE_SCCRQ, "SCCRQ" },
342 { MESSAGE_TYPE_SCCRP, "SCCRP" },
343 { MESSAGE_TYPE_SCCCN, "SCCCN" },
344 { MESSAGE_TYPE_StopCCN, "StopCCN" },
346 { MESSAGE_TYPE_HELLO, "Hello" },
347 { MESSAGE_TYPE_OCRQ, "OCRQ" },
348 { MESSAGE_TYPE_OCRP, "OCRP" },
349 { MESSAGE_TYPE_OCCN, "OCCN" },
350 { MESSAGE_TYPE_ICRQ, "ICRQ" },
351 { MESSAGE_TYPE_ICRP, "ICRP" },
352 { MESSAGE_TYPE_ICCN, "ICCN" },
354 { MESSAGE_TYPE_CDN, "CDN" },
355 { MESSAGE_TYPE_WEN, "WEN" },
356 { MESSAGE_TYPE_SLI, "SLI" },
357 { MESSAGE_TYPE_MDMST, "MDMST" },
358 { MESSAGE_TYPE_SRRQ, "SRRQ" },
359 { MESSAGE_TYPE_SRRP, "SRRP" },
360 { MESSAGE_TYPE_ACK, "ACK" },
361 /* Fail Over Extensions - RFC4951 */
362 { MESSAGE_TYPE_FSQ, "FSQ" },
363 { MESSAGE_TYPE_FSR, "FSR" },
364 /* Multicast Management - RFC4045 */
365 { MESSAGE_TYPE_MSRQ, "MSRQ" },
366 { MESSAGE_TYPE_MSRP, "MSRP" },
367 { MESSAGE_TYPE_MSE, "MSE" },
368 { MESSAGE_TYPE_MSI, "MSI" },
369 { MESSAGE_TYPE_MSEN, "MSEN" },
372 static value_string_ext l2tp_message_type_short_str_vals_ext = VALUE_STRING_EXT_INIT(l2tp_message_type_short_str_vals);
375 static const char *control_msg = "Control Message";
376 static const char *data_msg = "Data Message";
377 static const value_string l2tp_type_vals[] = {
378 { 0, "Data Message" },
379 { 1, "Control Message" },
383 static const value_string cause_code_direction_vals[] = {
384 { 0, "global error" },
390 static const true_false_string l2tp_length_bit_truth =
391 { "Length field is present", "Length field is not present" };
393 static const true_false_string l2tp_seq_bit_truth =
394 { "Ns and Nr fields are present", "Ns and Nr fields are not present" };
396 static const true_false_string l2tp_offset_bit_truth =
397 { "Offset Size field is present", "Offset size field is not present" };
399 static const true_false_string l2tp_priority_truth =
400 { "This data message has priority", "No priority" };
402 static const value_string authen_type_vals[] = {
404 { 1, "Textual username/password exchange" },
407 { 4, "No Authentication" },
408 { 5, "Microsoft CHAP Version 1" },
414 static const value_string data_sequencing_vals[] = {
415 { 0, "No incoming data packets require sequencing" },
416 { 1, "Only non-IP data packets require sequencing" },
417 { 2, "All incoming data packets require sequencing" },
421 static const value_string l2_sublayer_vals[] = {
422 { 0, "No L2-Specific Sublayer" },
423 { 1, "Default L2-Specific Sublayer present" },
424 { 2, "ATM-Specific Sublayer present" },
425 { 3, "MPT-Specific Sublayer" },
426 { 4, "PSP-Specific Sublayer" },
430 /* Result Code values for the StopCCN message */
431 static const value_string result_code_stopccn_vals[] = {
433 { 1, "General request to clear control connection", },
434 { 2, "General error, Error Code indicates the problem", },
435 { 3, "Control connection already exists", },
436 { 4, "Requester is not authorized to establish a control connection", },
437 { 5, "The protocol version of the requester is not supported", },
438 { 6, "Requester is being shut down", },
439 { 7, "Finite state machine error or timeout", },
440 { 8, "Control connection due to mismatching CCDS value", }, /* [RFC3308] */
444 /* Result Code values for the CDN message */
445 static const value_string result_code_cdn_vals[] = {
447 { 1, "Session disconnected due to loss of carrier or circuit disconnect", },
448 { 2, "Session disconnected for the reason indicated in Error Code", },
449 { 3, "Session disconnected for administrative reasons", },
450 { 4, "Appropriate facilities unavailable (temporary condition)", },
451 { 5, "Appropriate facilities unavailable (permanent condition)", },
452 { 6, "Invalid destination", },
453 { 7, "Call failed due to no carrier detected", },
454 { 8, "Call failed due to detection of a busy signal", },
455 { 9, "Call failed due to lack of a dial tone", },
456 { 10, "Call was not established within time allotted by LAC", },
457 { 11, "Call was connected but no appropriate framing was detected", },
458 { 12, "Disconnecting call due to mismatching SDS value", },
459 { 13, "Session not established due to losing tie breaker", },
460 { 14, "Session not established due to unsupported PW type", },
461 { 15, "Session not established, sequencing required without valid L2-Specific Sublayer", },
462 { 16, "Finite state machine error or timeout", },
463 { 17, "FR PVC was deleted permanently (no longer provisioned) ", }, /* [RFC4591] */
464 { 18, "FR PVC has been INACTIVE for an extended period of time", }, /* [RFC4591] */
465 { 19, "Mismatched FR Header Length", }, /* [RFC4591] */
466 { 20, "HDLC Link was deleted permanently (no longer provisioned)", }, /* [RFC4349] */
467 { 21, "HDLC Link has been INACTIVE for an extended period of time", }, /* [RFC4349] */
468 { 22, "Session not established due to other LCCE can not support the OAM Cell Emulation", }, /* [RFC4454] */
469 { 23, "Mismatching interface MTU", }, /* [RFC4667] */
470 { 24, "Attempt to connect to non-existent forwarder", }, /* [RFC4667] */
471 { 25, "Attempt to connect to unauthorized forwarder", }, /* [RFC4667] */
472 { 26, "Loop Detected", }, /* [draft-ietf-l2tpext-tunnel-switching-06.txt] */
473 { 27, "Attachment Circuit bound to different PE", }, /* [RFC6074] */
474 { 28, "Attachment Circuit bound to different remote Attachment Circuit", }, /* [RFC6074] */
475 { 29, "Unassigned", },
476 { 30, "Return code to indicate connection was refused because of TDM PW parameters. The error code indicates the problem.", }, /* [RFC5611] */
477 { 31, "Sequencing not supported", }, /* [RFC6073] */
480 static value_string_ext result_code_cdn_vals_ext = VALUE_STRING_EXT_INIT(result_code_cdn_vals);
483 static const value_string error_code_vals[] = {
484 { 0, "No General Error", },
485 { 1, "No control connection exists yet for this pair of LCCEs", },
486 { 2, "Length is wrong", },
487 { 3, "One of the field values was out of range", },
488 { 4, "Insufficient resources to handle this operation now", },
489 { 5, "Invalid Session ID", },
490 { 6, "A generic vendor-specific error occurred", },
491 { 7, "Try another", },
492 { 8, "Receipt of an unknown AVP with the M bit set", },
493 { 9, "Try another directed", },
494 { 10, "Next hop unreachable", },
495 { 11, "Next hop busy", },
500 #define CONTROL_MESSAGE 0
501 #define RESULT_ERROR_CODE 1
502 #define PROTOCOL_VERSION 2
503 #define FRAMING_CAPABILITIES 3
504 #define BEARER_CAPABILITIES 4
505 #define TIE_BREAKER 5
506 #define FIRMWARE_REVISION 6
508 #define VENDOR_NAME 8
509 #define ASSIGNED_TUNNEL_ID 9
510 #define RECEIVE_WINDOW_SIZE 10
512 #define CAUSE_CODE 12
513 #define CHALLENGE_RESPONSE 13
514 #define ASSIGNED_SESSION 14
515 #define CALL_SERIAL_NUMBER 15
516 #define MINIMUM_BPS 16
517 #define MAXIMUM_BPS 17
518 #define BEARER_TYPE 18
519 #define FRAMING_TYPE 19
520 #define CALLED_NUMBER 21
521 #define CALLING_NUMBER 22
522 #define SUB_ADDRESS 23
523 #define TX_CONNECT_SPEED 24
524 #define PHYSICAL_CHANNEL 25
525 #define INITIAL_RECEIVED_LCP_CONFREQ 26
526 #define LAST_SENT_LCP_CONFREQ 27
527 #define LAST_RECEIVED_LCP_CONFREQ 28
528 #define PROXY_AUTHEN_TYPE 29
529 #define PROXY_AUTHEN_NAME 30
530 #define PROXY_AUTHEN_CHALLENGE 31
531 #define PROXY_AUTHEN_ID 32
532 #define PROXY_AUTHEN_RESPONSE 33
533 #define CALL_STATUS_AVPS 34
535 #define RANDOM_VECTOR 36
536 #define PRIVATE_GROUP_ID 37
537 #define RX_CONNECT_SPEED 38
538 #define SEQUENCING_REQUIRED 39
539 #define PPP_DISCONNECT_CAUSE_CODE 46 /* RFC 3145 */
540 #define EXTENDED_VENDOR_ID 58
541 #define MESSAGE_DIGEST 59
543 #define ASSIGNED_CONTROL_CONN_ID 61
544 #define PW_CAPABILITY_LIST 62
545 #define LOCAL_SESSION_ID 63
546 #define REMOTE_SESSION_ID 64
547 #define ASSIGNED_COOKIE 65
548 #define REMOTE_END_ID 66
550 #define L2_SPECIFIC_SUBLAYER 69
551 #define DATA_SEQUENCING 70
552 #define CIRCUIT_STATUS 71
553 #define PREFERRED_LANGUAGE 72
554 #define CTL_MSG_AUTH_NONCE 73
555 #define TX_CONNECT_SPEED_V3 74
556 #define RX_CONNECT_SPEED_V3 75
558 /* http://www.iana.org/assignments/l2tp-parameters/l2tp-parameters.xhtml */
559 #define NUM_AVP_TYPES 102
560 static const value_string avp_type_vals[] = {
561 { CONTROL_MESSAGE, "Control Message" },
562 { RESULT_ERROR_CODE, "Result-Error Code" },
563 { PROTOCOL_VERSION, "Protocol Version" },
564 { FRAMING_CAPABILITIES, "Framing Capabilities" },
565 { BEARER_CAPABILITIES, "Bearer Capabilities" },
566 { TIE_BREAKER, "Tie Breaker" },
567 { FIRMWARE_REVISION, "Firmware Revision" },
568 { HOST_NAME, "Host Name" },
569 { VENDOR_NAME, "Vendor Name" },
570 { ASSIGNED_TUNNEL_ID, "Assigned Tunnel ID" },
571 { RECEIVE_WINDOW_SIZE, "Receive Window Size" },
572 { CHALLENGE, "Challenge" },
573 { CAUSE_CODE, "Cause Code" },
574 { CHALLENGE_RESPONSE, "Challenge Response" },
575 { ASSIGNED_SESSION, "Assigned Session" },
576 { CALL_SERIAL_NUMBER, "Call Serial Number" },
577 { MINIMUM_BPS, "Minimum BPS" },
578 { MAXIMUM_BPS, "Maximum BPS" },
579 { BEARER_TYPE, "Bearer Type" },
580 { FRAMING_TYPE, "Framing Type" },
582 { CALLED_NUMBER, "Called Number" },
583 { CALLING_NUMBER, "Calling Number" },
584 { SUB_ADDRESS, "Sub-Address" },
585 { TX_CONNECT_SPEED, "Connect Speed" },
586 { PHYSICAL_CHANNEL, "Physical Channel" },
587 { INITIAL_RECEIVED_LCP_CONFREQ, "Initial Received LCP CONFREQ" },
588 { LAST_SENT_LCP_CONFREQ, "Last Sent LCP CONFREQ" },
589 { LAST_RECEIVED_LCP_CONFREQ, "Last Received LCP CONFREQ" },
590 { PROXY_AUTHEN_TYPE, "Proxy Authen Type" },
591 { PROXY_AUTHEN_NAME, "Proxy Authen Name" },
592 { PROXY_AUTHEN_CHALLENGE, "Proxy Authen Challenge" },
593 { PROXY_AUTHEN_ID, "Proxy Authen ID" },
594 { PROXY_AUTHEN_RESPONSE, "Proxy Authen Response" },
595 { CALL_STATUS_AVPS, "Call status AVPs" },
597 { RANDOM_VECTOR, "Random Vector" },
598 { PRIVATE_GROUP_ID, "Private group ID" },
599 { RX_CONNECT_SPEED, "RxConnect Speed" },
600 { SEQUENCING_REQUIRED, "Sequencing Required" },
601 { PPP_DISCONNECT_CAUSE_CODE, "PPP Disconnect Cause Code" },
602 { EXTENDED_VENDOR_ID, "Extended Vendor ID" },
603 { MESSAGE_DIGEST, "Message Digest" },
604 { ROUTER_ID, "Router ID" },
605 { ASSIGNED_CONTROL_CONN_ID, "Assigned Control Connection ID" },
606 { PW_CAPABILITY_LIST, "Pseudowire Capability List" },
607 { LOCAL_SESSION_ID, "Local Session ID" },
608 { REMOTE_SESSION_ID, "Remote Session ID" },
609 { ASSIGNED_COOKIE, "Assigned Cookie" },
610 { REMOTE_END_ID, "Remote End ID" },
611 { PW_TYPE, "Pseudowire Type" },
612 { L2_SPECIFIC_SUBLAYER, "Layer2 Specific Sublayer" },
613 { DATA_SEQUENCING, "Data Sequencing" },
614 { CIRCUIT_STATUS, "Circuit Status" },
615 { PREFERRED_LANGUAGE, "Preferred Language" },
616 { CTL_MSG_AUTH_NONCE, "Control Message Authentication Nonce" },
617 { TX_CONNECT_SPEED_V3, "Tx Connect Speed Version 3" },
618 { RX_CONNECT_SPEED_V3, "Rx Connect Speed Version 3" },
619 { 76, "Failover Capability" }, /*[RFC4951] */
620 { 77, "Tunnel Recovery" }, /*[RFC4951] */
621 { 78, "Suggested Control Sequence" }, /*[RFC4951] */
622 { 79, "Failover Session State" }, /*[RFC4951] */
623 { 80, "Multicast Capability" }, /*[RFC4045] */
624 { 81, "New Outgoing Sessions" }, /*[RFC4045] */
625 { 82, "New Outgoing Sessions Acknowledgement" }, /*[RFC4045] */
626 { 83, "Withdraw Outgoing Sessions" }, /*[RFC4045] */
627 { 84, "Multicast Packets Priority" }, /*[RFC4045] */
628 { 85, "Frame-Relay Header Length" }, /*[RFC4591] */
629 { 86, "ATM Maximum Concatenated Cells" }, /*[RFC4454] */
630 { 87, "OAM Emulation Required" }, /*[RFC4454] */
631 { 88, "ATM Alarm Status" }, /*[RFC4454] */
632 /* Also, see ATM Alarm Status AVP Values below */
633 { 89, "Attachment Group Identifier" }, /*[RFC4667] */
634 { 90, "Local End Identifier" }, /*[RFC4667] */
635 { 91, "Interface Maximum Transmission Unit" }, /*[RFC4667] */
636 { 92, "FCS Retention" }, /*[RFC4720] */
637 { 93, "Tunnel Switching Aggregator ID" }, /*[draft-ietf-l2tpext-tunnel-switching-06.txt] */
638 { 94, "Maximum Receive Unit (MRU)" }, /*[RFC4623] */
639 { 95, "Maximum Reassembled Receive Unit (MRRU)" }, /*[RFC4623] */
640 { 96, "VCCV Capability" }, /*[RFC5085] */
641 { 97, "Connect Speed Update" }, /*[RFC5515] */
642 { 98, "Connect Speed Update Enable" }, /*[RFC5515] */
643 { 99, "TDM Pseudowire" }, /*[RFC5611] */
644 { 100, "RTP AVP" }, /*[RFC5611] */
645 { 101, "PW Switching Point" }, /*[RFC6073] */
649 static value_string_ext avp_type_vals_ext = VALUE_STRING_EXT_INIT(avp_type_vals);
651 #define CISCO_ASSIGNED_CONNECTION_ID 1
652 #define CISCO_PW_CAPABILITY_LIST 2
653 #define CISCO_LOCAL_SESSION_ID 3
654 #define CISCO_REMOTE_SESSION_ID 4
655 #define CISCO_ASSIGNED_COOKIE 5
656 #define CISCO_REMOTE_END_ID 6
657 #define CISCO_PW_TYPE 7
658 #define CISCO_CIRCUIT_STATUS 8
659 #define CISCO_SESSION_TIE_BREAKER 9
660 #define CISCO_DRAFT_AVP_VERSION 10
661 #define CISCO_MESSAGE_DIGEST 12
662 #define CISCO_AUTH_NONCE 13
663 #define CISCO_INTERFACE_MTU 14
665 static const value_string cisco_avp_type_vals[] = {
666 { CISCO_ASSIGNED_CONNECTION_ID, "Assigned Connection ID" },
667 { CISCO_PW_CAPABILITY_LIST, "Pseudowire Capabilities List" },
668 { CISCO_LOCAL_SESSION_ID, "Local Session ID" },
669 { CISCO_REMOTE_SESSION_ID, "Remote Session ID" },
670 { CISCO_ASSIGNED_COOKIE, "Assigned Cookie" },
671 { CISCO_REMOTE_END_ID, "Remote End ID" },
672 { CISCO_PW_TYPE, "Pseudowire Type" },
673 { CISCO_CIRCUIT_STATUS, "Circuit Status" },
674 { CISCO_SESSION_TIE_BREAKER, "Session Tie Breaker" },
675 { CISCO_DRAFT_AVP_VERSION, "Draft AVP Version" },
676 { CISCO_MESSAGE_DIGEST, "Message Digest" },
677 { CISCO_AUTH_NONCE, "Control Message Authentication Nonce" },
678 { CISCO_INTERFACE_MTU, "Interface MTU" },
682 static const value_string cablelabs_avp_type_vals[] = {
683 /* 7.5.2 DEPI Specific AVPs */
685 { 1, "DEPI Result Code" },
686 { 2, "DEPI Resource Allocation Request" },
687 { 3, "DEPI Resource Allocation Reply" },
688 { 4, "DEPI Local MTU" },
689 { 5, "DOCSIS SYNC Control" },
690 { 6, "EQAM Capability Bits" },
691 { 7, "DEPI Remote MTU" },
692 { 8, "DEPI Local UDP Port" },
693 { 9, "DPR Session Type" },
694 { 10, "DPR Session Status" },
695 /* 7.5.3 QAM Channel PHY AVPs */
696 { 100, "Downstream QAM Channel TSID Group" },
697 { 101, "Downstream QAM Channel Frequency" },
698 { 102, "Downstream QAM Channel Power" },
699 { 103, "Downstream QAM Channel Modulation" },
700 { 104, "Downstream QAM Channel J.83 Annex" },
701 { 105, "Downstream QAM Channel Symbol Rate" },
702 { 106, "Downstream QAM Channel Interleaver Depth" },
703 { 107, "Downstream QAM Channel RF Block Muting53" },
704 /* 7.5.4 DEPI Redundancy Capabilities AVPs */
705 { 200, "DEPI Redundancy Capabilities" },
709 static const value_string l2tp_cablel_modulation_vals[] = {
715 static const value_string pw_types_vals[] = {
716 { 0x0001, "Frame Relay DLCI" },
717 { 0x0002, "ATM AAL5 SDU VCC transport" },
718 { 0x0003, "ATM Cell transparent Port Mode" },
719 { 0x0004, "Ethernet VLAN" },
720 { 0x0005, "Ethernet" },
723 { 0x0009, "ATM Cell transport VCC Mode" },
724 { 0x000A, "ATM Cell transport VPC Mode" },
725 { 0x000B, "IP Transport" },
726 { 0x000C, "MPEG-TS Payload Type (MPTPW)" },
727 { 0x000D, "Packet Streaming Protocol (PSPPW)" },
728 /* 0x000E-0x0010 Unassigned */
729 { 0x0011, "Structure-agnostic E1 circuit" }, /* [RFC5611] */
730 { 0x0012, "Structure-agnostic T1 (DS1) circuit" }, /* [RFC5611] */
731 { 0x0013, "Structure-agnostic E3 circuit" }, /* [RFC5611] */
732 { 0x0014, "Structure-agnostic T3 (DS3) circuit" }, /* [RFC5611] */
733 { 0x0015, "CESoPSN basic mode" }, /* [RFC5611] */
734 { 0x0016, "Unassigned" },
735 { 0x0017, "CESoPSN TDM with CAS" }, /* [RFC5611] */
740 static const true_false_string tfs_up_down = { "Up", "Down" };
741 static const true_false_string tfs_new_existing = { "New", "Existing" };
743 static dissector_handle_t ppp_hdlc_handle;
744 static dissector_handle_t ppp_lcp_options_handle;
746 static dissector_handle_t atm_oam_handle;
747 static dissector_handle_t llc_handle;
748 static dissector_handle_t data_handle;
750 static dissector_handle_t l2tp_udp_handle;
751 static dissector_handle_t l2tp_ip_handle;
753 #define L2TP_HMAC_MD5 0
754 #define L2TP_HMAC_SHA1 1
755 #define L2TP_HMAC_MD5_KEY_LEN 16
756 #define L2TP_HMAC_MD5_DIGEST_LEN 16
758 typedef struct l2tpv3_conversation {
764 struct l2tpv3_tunnel *tunnel;
765 } l2tpv3_conversation_t;
767 typedef struct l2tpv3_tunnel {
768 l2tpv3_conversation_t *conv;
773 gint lcce1_nonce_len;
778 gint lcce2_nonce_len;
780 gchar *shared_key_secret;
781 guint8 shared_key[L2TP_HMAC_MD5_KEY_LEN];
786 typedef struct lcce_settings {
792 typedef struct l2tpv3_session {
793 lcce_settings_t lcce1;
794 lcce_settings_t lcce2;
799 static const gchar* shared_secret = "";
801 static GSList *list_heads = NULL;
803 static void update_shared_key(l2tpv3_tunnel_t *tunnel)
805 const gchar *secret = "";
807 /* There is at least one nonce in the packet, so we can do authentication,
808 otherwise it's just a plain digest without nonces. */
809 if (tunnel->lcce1_nonce != NULL || tunnel->lcce2_nonce != NULL) {
810 secret = shared_secret;
813 /* If there's no shared key in the conversation context, or the secret has been changed */
814 if (tunnel->shared_key_secret == NULL || strcmp(secret, tunnel->shared_key_secret) != 0) {
815 /* For secret specification, see RFC 3931 pg 37 */
817 md5_hmac(&data, 1, secret, strlen(secret), tunnel->shared_key);
818 tunnel->shared_key_secret = wmem_strdup(wmem_file_scope(), secret);
822 static void md5_hmac_digest(l2tpv3_tunnel_t *tunnel,
831 guint8 zero[L2TP_HMAC_MD5_DIGEST_LEN];
836 if (tunnel->conv->pt == PT_NONE) /* IP encapsulated L2TPv3 */
839 md5_hmac_init(&ms, tunnel->shared_key, L2TP_HMAC_MD5_KEY_LEN);
841 if (msg_type != MESSAGE_TYPE_SCCRQ) {
842 if (tunnel->lcce1_nonce != NULL && tunnel->lcce2_nonce != NULL) {
843 if (addresses_equal(&tunnel->lcce1, &pinfo->src)) {
844 md5_hmac_append(&ms, tunnel->lcce1_nonce, tunnel->lcce1_nonce_len);
845 md5_hmac_append(&ms, tunnel->lcce2_nonce, tunnel->lcce2_nonce_len);
847 md5_hmac_append(&ms, tunnel->lcce2_nonce, tunnel->lcce2_nonce_len);
848 md5_hmac_append(&ms, tunnel->lcce1_nonce, tunnel->lcce1_nonce_len);
853 md5_hmac_append(&ms, tvb_get_ptr(tvb, offset, idx + 1 - offset), idx + 1 - offset);
854 /* Message digest is calculated with an empty message digest field */
855 memset(zero, 0, L2TP_HMAC_MD5_DIGEST_LEN);
856 md5_hmac_append(&ms, zero, avp_len - 1);
857 remainder = length - (idx + avp_len);
858 md5_hmac_append(&ms, tvb_get_ptr(tvb, idx + avp_len, remainder), remainder);
859 md5_hmac_finish(&ms, digest);
862 static void sha1_hmac_digest(l2tpv3_tunnel_t *tunnel,
871 guint8 zero[SHA1_DIGEST_LEN];
872 sha1_hmac_context ms;
876 if (tunnel->conv->pt == PT_NONE) /* IP encapsulated L2TPv3 */
879 sha1_hmac_starts(&ms, tunnel->shared_key, L2TP_HMAC_MD5_KEY_LEN);
881 if (msg_type != MESSAGE_TYPE_SCCRQ) {
882 if (tunnel->lcce1_nonce != NULL && tunnel->lcce2_nonce != NULL) {
883 if (addresses_equal(&tunnel->lcce1, &pinfo->src)) {
884 sha1_hmac_update(&ms, tunnel->lcce1_nonce, tunnel->lcce1_nonce_len);
885 sha1_hmac_update(&ms, tunnel->lcce2_nonce, tunnel->lcce2_nonce_len);
887 sha1_hmac_update(&ms, tunnel->lcce2_nonce, tunnel->lcce2_nonce_len);
888 sha1_hmac_update(&ms, tunnel->lcce1_nonce, tunnel->lcce1_nonce_len);
893 sha1_hmac_update(&ms, tvb_get_ptr(tvb, 0, idx + 1 - offset), idx + 1 - offset);
894 /* Message digest is calculated with an empty message digest field */
895 memset(zero, 0, SHA1_DIGEST_LEN);
896 sha1_hmac_update(&ms, zero, avp_len - 1);
897 remainder = length - (idx + avp_len);
898 sha1_hmac_update(&ms, tvb_get_ptr(tvb, idx + avp_len, remainder), remainder);
899 sha1_hmac_finish(&ms, digest);
902 static int check_control_digest(l2tpv3_tunnel_t *tunnel,
910 guint8 digest[SHA1_DIGEST_LEN];
915 update_shared_key(tunnel);
917 switch (tvb_get_guint8(tvb, idx)) {
919 if ((avp_len - 1) != L2TP_HMAC_MD5_DIGEST_LEN)
921 md5_hmac_digest(tunnel, tvb, length, idx, avp_len, msg_type, pinfo, digest);
924 if ((avp_len - 1) != SHA1_DIGEST_LEN)
926 sha1_hmac_digest(tunnel, tvb, length, idx, avp_len, msg_type, pinfo, digest);
933 return tvb_memeql(tvb, idx + 1, digest, avp_len - 1);
936 static void store_cma_nonce(l2tpv3_tunnel_t *tunnel,
942 guint8 *nonce = NULL;
948 case MESSAGE_TYPE_SCCRQ:
949 if (!tunnel->lcce1_nonce) {
950 tunnel->lcce1_nonce = (guint8 *)wmem_alloc(wmem_file_scope(), length);
951 tunnel->lcce1_nonce_len = length;
952 nonce = tunnel->lcce1_nonce;
955 case MESSAGE_TYPE_SCCRP:
956 if (!tunnel->lcce2_nonce) {
957 tunnel->lcce2_nonce = (guint8 *)wmem_alloc(wmem_file_scope(), length);
958 tunnel->lcce2_nonce_len = length;
959 nonce = tunnel->lcce2_nonce;
967 tvb_memcpy(tvb, (void *)nonce, offset, length);
972 static void store_ccid(l2tpv3_tunnel_t *tunnel,
981 case MESSAGE_TYPE_SCCRQ:
982 tunnel->lcce1_id = tvb_get_ntohl(tvb, offset);
984 case MESSAGE_TYPE_SCCRP:
985 tunnel->lcce2_id = tvb_get_ntohl(tvb, offset);
994 static l2tpv3_session_t *find_session(l2tpv3_tunnel_t *tunnel,
998 l2tpv3_session_t *session = NULL;
1001 iterator = tunnel->sessions;
1003 session = (l2tpv3_session_t *)iterator->data;
1005 if ((session->lcce1.id == lcce1_id) ||
1006 (session->lcce2.id == lcce2_id)) {
1010 iterator = g_slist_next(iterator);
1016 static void init_session(l2tpv3_session_t *session)
1018 session->lcce1.cookie_len = session->lcce2.cookie_len = -1;
1019 session->lcce1.l2_specific = session->lcce2.l2_specific = -1;
1020 session->pw_type = -1;
1023 static l2tpv3_session_t *alloc_session(void)
1025 l2tpv3_session_t *session = wmem_new0(wmem_packet_scope(), l2tpv3_session_t);
1026 init_session(session);
1031 static l2tpv3_session_t *store_lsession_id(l2tpv3_session_t *_session,
1036 l2tpv3_session_t *session = _session;
1039 case MESSAGE_TYPE_ICRQ:
1040 case MESSAGE_TYPE_OCRQ:
1041 case MESSAGE_TYPE_ICRP:
1042 case MESSAGE_TYPE_OCRP:
1048 if (session == NULL)
1049 session = alloc_session();
1052 case MESSAGE_TYPE_ICRQ:
1053 case MESSAGE_TYPE_OCRQ:
1054 session->lcce1.id = tvb_get_ntohl(tvb, offset);
1056 case MESSAGE_TYPE_ICRP:
1057 case MESSAGE_TYPE_OCRP:
1058 session->lcce2.id = tvb_get_ntohl(tvb, offset);
1065 static l2tpv3_session_t *store_rsession_id(l2tpv3_session_t *_session,
1070 l2tpv3_session_t *session = _session;
1073 case MESSAGE_TYPE_ICRP:
1074 case MESSAGE_TYPE_OCRP:
1080 if (session == NULL)
1081 session = alloc_session();
1083 session->lcce1.id = tvb_get_ntohl(tvb, offset);
1088 static l2tpv3_session_t *store_cookie_len(l2tpv3_session_t *_session,
1092 l2tpv3_session_t *session = _session;
1095 case MESSAGE_TYPE_ICRQ:
1096 case MESSAGE_TYPE_OCRQ:
1097 case MESSAGE_TYPE_ICRP:
1098 case MESSAGE_TYPE_OCRP:
1104 if (session == NULL)
1105 session = alloc_session();
1108 case MESSAGE_TYPE_ICRQ:
1109 case MESSAGE_TYPE_OCRQ:
1110 session->lcce1.cookie_len = len;
1112 case MESSAGE_TYPE_ICRP:
1113 case MESSAGE_TYPE_OCRP:
1114 session->lcce2.cookie_len = len;
1121 static l2tpv3_session_t *store_pw_type(l2tpv3_session_t *_session,
1126 l2tpv3_session_t *session = _session;
1131 case MESSAGE_TYPE_ICRQ:
1132 case MESSAGE_TYPE_OCRQ:
1138 if (session == NULL)
1139 session = alloc_session();
1141 pw_type = tvb_get_ntohs(tvb, offset);
1144 result = L2TPv3_PROTOCOL_PPP; break;
1146 result = L2TPv3_PROTOCOL_ETH; break;
1148 result = L2TPv3_PROTOCOL_CHDLC; break;
1150 result = L2TPv3_PROTOCOL_AAL5; break;
1152 result = L2TPv3_PROTOCOL_FR; break;
1157 session->pw_type = result;
1162 static l2tpv3_session_t *store_l2_sublayer(l2tpv3_session_t *_session,
1167 l2tpv3_session_t *session = _session;
1168 gint result = l2tpv3_l2_specific;
1169 guint16 l2_sublayer;
1172 case MESSAGE_TYPE_ICRQ:
1173 case MESSAGE_TYPE_OCRQ:
1174 case MESSAGE_TYPE_ICCN:
1175 case MESSAGE_TYPE_OCCN:
1176 case MESSAGE_TYPE_ICRP:
1177 case MESSAGE_TYPE_OCRP:
1183 if (session == NULL)
1184 session = alloc_session();
1186 l2_sublayer = tvb_get_ntohs(tvb, offset);
1187 switch (l2_sublayer) {
1189 result = L2TPv3_L2_SPECIFIC_NONE; break;
1191 result = L2TPv3_L2_SPECIFIC_DEFAULT; break;
1193 result = L2TPv3_L2_SPECIFIC_ATM; break;
1195 result = L2TPv3_L2_SPECIFIC_DOCSIS_DMPT; break;
1201 case MESSAGE_TYPE_ICRQ:
1202 case MESSAGE_TYPE_OCRQ:
1203 case MESSAGE_TYPE_ICCN:
1204 case MESSAGE_TYPE_OCCN:
1205 session->lcce1.l2_specific = result;
1206 case MESSAGE_TYPE_ICRP:
1207 case MESSAGE_TYPE_OCRP:
1208 session->lcce2.l2_specific = result;
1215 static void update_session(l2tpv3_tunnel_t *tunnel, l2tpv3_session_t *session)
1217 l2tpv3_session_t *existing = NULL;
1219 if (tunnel == NULL || session == NULL)
1222 if (session->lcce1.id == 0 && session->lcce2.id == 0)
1225 existing = find_session(tunnel, session->lcce1.id, session->lcce2.id);
1227 existing = wmem_new0(wmem_file_scope(), l2tpv3_session_t);
1228 init_session(existing);
1231 if (session->lcce1.id != 0)
1232 existing->lcce1.id = session->lcce1.id;
1234 if (session->lcce2.id != 0)
1235 existing->lcce2.id = session->lcce2.id;
1237 if (session->lcce1.cookie_len != -1)
1238 existing->lcce1.cookie_len = session->lcce1.cookie_len;
1240 if (session->lcce2.cookie_len != -1)
1241 existing->lcce2.cookie_len = session->lcce2.cookie_len;
1243 if (session->lcce1.l2_specific != -1)
1244 existing->lcce1.l2_specific = session->lcce1.l2_specific;
1246 if (session->lcce2.l2_specific != -1)
1247 existing->lcce2.l2_specific = session->lcce2.l2_specific;
1249 if (session->pw_type != -1)
1250 existing->pw_type = session->pw_type;
1252 if (tunnel->sessions == NULL) {
1253 tunnel->sessions = g_slist_append(tunnel->sessions, existing);
1254 list_heads = g_slist_append(list_heads, tunnel->sessions);
1256 tunnel->sessions = g_slist_append(tunnel->sessions, existing);
1260 static void l2tp_prompt(packet_info *pinfo _U_, gchar* result)
1262 g_snprintf(result, MAX_DECODE_AS_PROMPT_LEN, "Decode L2TPv3 packet type 0x%04x as",
1263 GPOINTER_TO_UINT(p_get_proto_data(pinfo->pool, pinfo, proto_l2tp, 0)));
1266 static gpointer l2tp_value(packet_info *pinfo _U_)
1268 return p_get_proto_data(pinfo->pool, pinfo, proto_l2tp, 0);
1272 * Dissect CISCO AVP:s
1274 static int dissect_l2tp_cisco_avps(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree) {
1278 guint32 avp_vendor_id;
1280 guint16 ver_len_hidden;
1281 proto_tree *l2tp_avp_tree, *l2tp_avp_tree_sub;
1283 ver_len_hidden = tvb_get_ntohs(tvb, offset);
1284 avp_len = AVP_LENGTH(ver_len_hidden);
1285 avp_vendor_id = tvb_get_ntohs(tvb, offset + 2);
1286 avp_type = tvb_get_ntohs(tvb, offset + 4);
1288 l2tp_avp_tree = proto_tree_add_subtree_format(tree, tvb, offset,
1289 avp_len, ett_l2tp_avp, NULL, "Vendor %s: %s AVP",
1290 val_to_str_ext(avp_vendor_id, &sminmpec_values_ext, "Unknown (%u)"),
1291 val_to_str(avp_type, cisco_avp_type_vals, "Unknown (%u)"));
1293 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_mandatory, tvb, offset, 2, ENC_BIG_ENDIAN);
1294 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_hidden, tvb, offset, 2, ENC_BIG_ENDIAN);
1295 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_length, tvb, offset, 2, ENC_BIG_ENDIAN);
1297 if (HIDDEN_BIT(ver_len_hidden)) { /* don't try do display hidden */
1305 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_vendor_id, tvb, offset, 2, ENC_BIG_ENDIAN);
1309 proto_tree_add_uint(l2tp_avp_tree, hf_l2tp_cisco_avp_type, tvb, offset, 2, avp_type);
1314 case CISCO_ASSIGNED_CONNECTION_ID:
1315 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_assigned_control_connection_id, tvb, offset, 4, ENC_BIG_ENDIAN);
1318 case CISCO_PW_CAPABILITY_LIST:
1319 l2tp_avp_tree_sub = proto_tree_add_subtree(l2tp_avp_tree, tvb, offset, avp_len,
1320 ett_l2tp_avp_sub, NULL, "Pseudowire Capabilities List");
1321 while (avp_len >= 2) {
1322 proto_tree_add_item(l2tp_avp_tree_sub, hf_l2tp_cisco_pw_type, tvb, offset, 2, ENC_BIG_ENDIAN);
1328 case CISCO_LOCAL_SESSION_ID:
1329 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_local_session_id, tvb, offset, 4, ENC_BIG_ENDIAN);
1331 case CISCO_REMOTE_SESSION_ID:
1332 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_remote_session_id, tvb, offset, 4, ENC_BIG_ENDIAN);
1334 case CISCO_ASSIGNED_COOKIE:
1335 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_assigned_cookie, tvb, offset, avp_len, ENC_NA);
1337 case CISCO_REMOTE_END_ID:
1338 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_remote_end_id, tvb, offset, avp_len, ENC_NA|ENC_ASCII);
1341 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_pseudowire_type, tvb, offset, 2, ENC_BIG_ENDIAN);
1343 case CISCO_CIRCUIT_STATUS:
1344 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_circuit_status, tvb, offset, 2, ENC_BIG_ENDIAN);
1345 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_circuit_type, tvb, offset, 2, ENC_BIG_ENDIAN);
1347 case CISCO_SESSION_TIE_BREAKER:
1348 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_tie_breaker,
1349 tvb, offset, 8, ENC_BIG_ENDIAN);
1351 case CISCO_DRAFT_AVP_VERSION:
1352 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_draft_avp_version, tvb, offset, 2, ENC_BIG_ENDIAN);
1354 case CISCO_MESSAGE_DIGEST:
1355 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_message_digest, tvb, offset, avp_len, ENC_NA);
1357 case CISCO_AUTH_NONCE:
1358 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_nonce, tvb, offset, avp_len, ENC_NA);
1360 case CISCO_INTERFACE_MTU:
1361 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cisco_interface_mtu, tvb, offset, avp_len, ENC_BIG_ENDIAN);
1365 proto_tree_add_expert(l2tp_avp_tree, pinfo, &ei_l2tp_vendor_specific_avp_data, tvb, offset, avp_len-6);
1374 * Ref: http://www.cablelabs.com/specifications/CM-SP-DEPI-I08-100611.pdf
1377 dissect_l2tp_vnd_cablelabs_avps(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void *data _U_)
1381 guint32 avp_vendor_id;
1383 guint16 ver_len_hidden;
1384 proto_tree *l2tp_avp_tree;
1386 ver_len_hidden = tvb_get_ntohs(tvb, offset);
1387 avp_len = AVP_LENGTH(ver_len_hidden);
1388 avp_vendor_id = tvb_get_ntohs(tvb, offset + 2);
1389 avp_type = tvb_get_ntohs(tvb, offset + 4);
1391 l2tp_avp_tree = proto_tree_add_subtree_format(tree, tvb, offset,
1392 avp_len, ett_l2tp_avp, NULL, "Vendor %s: %s AVP",
1393 val_to_str_ext(avp_vendor_id, &sminmpec_values_ext, "Unknown (%u)"),
1394 val_to_str(avp_type, cablelabs_avp_type_vals, "Unknown (%u)"));
1396 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_mandatory, tvb, offset, 2, ENC_BIG_ENDIAN);
1397 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_hidden, tvb, offset, 2, ENC_BIG_ENDIAN);
1398 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_length, tvb, offset, 2, ENC_BIG_ENDIAN);
1400 if (HIDDEN_BIT(ver_len_hidden)) { /* don't try do display hidden */
1408 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_vendor_id, tvb, offset, 2, ENC_BIG_ENDIAN);
1412 proto_tree_add_uint(l2tp_avp_tree, hf_l2tp_cablelabs_avp_type, tvb, offset, 2, avp_type);
1418 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_l_bit, tvb, offset, 2, ENC_BIG_ENDIAN);
1419 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_tsid_group_id, tvb, offset, 2, ENC_BIG_ENDIAN);
1422 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_frequency, tvb, offset, 4, ENC_BIG_ENDIAN);
1427 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_l_bit, tvb, offset, 2, ENC_BIG_ENDIAN);
1428 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_tsid_group_id, tvb, offset, 2, ENC_BIG_ENDIAN);
1429 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_modulation, tvb, offset, 2, ENC_BIG_ENDIAN);
1434 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_l_bit, tvb, offset, 2, ENC_BIG_ENDIAN);
1435 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_tsid_group_id, tvb, offset, 2, ENC_BIG_ENDIAN);
1439 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_m, tvb, offset, 2, ENC_BIG_ENDIAN);
1442 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_cablel_avp_n, tvb, offset, 2, ENC_BIG_ENDIAN);
1448 proto_tree_add_expert(l2tp_avp_tree, pinfo, &ei_l2tp_vendor_specific_avp_data, tvb, offset, avp_len);
1458 * Processes AVPs for Control Messages all versions and transports
1460 static void process_control_avps(tvbuff_t *tvb,
1462 proto_tree *l2tp_tree,
1466 l2tpv3_tunnel_t *tunnel)
1468 proto_tree *l2tp_lcp_avp_tree, *l2tp_avp_tree = NULL, *l2tp_avp_tree_sub;
1469 proto_item *tf, *te;
1472 gboolean isStopCcn = FALSE;
1474 guint32 avp_vendor_id;
1476 guint16 ver_len_hidden;
1477 tvbuff_t *next_tvb, *avp_tvb;
1479 guint16 digest_avp_len = 0;
1480 proto_item *digest_item = NULL;
1481 l2tp_cntrl_data_t *l2tp_cntrl_data = wmem_new0(wmem_packet_scope(), l2tp_cntrl_data_t);
1483 l2tpv3_session_t *session = NULL;
1485 l2tp_cntrl_data->ccid = ccid;
1487 while (idx < length) { /* Process AVP's */
1488 ver_len_hidden = tvb_get_ntohs(tvb, idx);
1489 avp_len = AVP_LENGTH(ver_len_hidden);
1490 avp_vendor_id = tvb_get_ntohs(tvb, idx + 2);
1491 avp_type = tvb_get_ntohs(tvb, idx + 4);
1494 proto_tree_add_expert_format(l2tp_avp_tree ? l2tp_avp_tree : l2tp_tree, pinfo, &ei_l2tp_avp_length, tvb, idx, 2, "AVP length must be >= 6, got %u", avp_len);
1498 if (avp_vendor_id != VENDOR_IETF) {
1500 avp_tvb = tvb_new_subset_length(tvb, idx, avp_len);
1502 if (avp_vendor_id == VENDOR_CISCO) { /* Vendor-Specific AVP */
1504 dissect_l2tp_cisco_avps(avp_tvb, pinfo, l2tp_tree);
1509 /* Vendor-Specific AVP */
1510 if (!dissector_try_uint_new(l2tp_vendor_avp_dissector_table, avp_vendor_id, avp_tvb, pinfo, l2tp_tree, FALSE, l2tp_cntrl_data)){
1511 l2tp_avp_tree = proto_tree_add_subtree_format(l2tp_tree, tvb, idx,
1512 avp_len, ett_l2tp_avp, NULL, "Vendor %s AVP Type %u",
1513 val_to_str_ext(avp_vendor_id, &sminmpec_values_ext, "Unknown (%u)"),
1516 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_mandatory, tvb, idx, 2, ENC_BIG_ENDIAN);
1517 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_hidden, tvb, idx, 2, ENC_BIG_ENDIAN);
1518 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_length, tvb, idx, 2, ENC_BIG_ENDIAN);
1520 if (HIDDEN_BIT(ver_len_hidden)) { /* don't try do display hidden */
1525 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_vendor_id, tvb, idx, 2, ENC_BIG_ENDIAN);
1528 proto_tree_add_uint(l2tp_avp_tree, hf_l2tp_avp_type, tvb, idx, 2, avp_type);
1530 proto_tree_add_expert(l2tp_avp_tree, pinfo, &ei_l2tp_vendor_specific_avp_data, tvb, idx, avp_len-6);
1539 l2tp_avp_tree = proto_tree_add_subtree_format(l2tp_tree, tvb, idx,
1540 avp_len, ett_l2tp_avp, NULL, "%s AVP",
1541 val_to_str_ext(avp_type, &avp_type_vals_ext, "Unknown (%u)"));
1543 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_mandatory, tvb, idx, 2, ENC_BIG_ENDIAN);
1544 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_hidden, tvb, idx, 2, ENC_BIG_ENDIAN);
1545 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_length, tvb, idx, 2, ENC_BIG_ENDIAN);
1547 if (HIDDEN_BIT(ver_len_hidden)) { /* don't try do display hidden */
1555 /* Special Case for handling Extended Vendor Id */
1556 if (avp_type == EXTENDED_VENDOR_ID) {
1558 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_vendor_id,
1559 tvb, idx, 4, ENC_BIG_ENDIAN);
1566 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_vendor_id,
1567 tvb, idx, 2, ENC_BIG_ENDIAN);
1572 proto_tree_add_uint(l2tp_avp_tree, hf_l2tp_avp_type,
1573 tvb, idx, 2, avp_type);
1579 case CONTROL_MESSAGE:
1580 msg_type = tvb_get_ntohs(tvb, idx);
1581 l2tp_cntrl_data->msg_type = msg_type;
1582 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_message_type,
1583 tvb, idx, 2, ENC_BIG_ENDIAN);
1585 if (msg_type == MESSAGE_TYPE_StopCCN) {
1590 case RESULT_ERROR_CODE:
1594 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_stop_ccn_result_code, tvb, idx, 2, ENC_BIG_ENDIAN);
1597 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_result_code, tvb, idx, 2, ENC_BIG_ENDIAN);
1604 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_error_code, tvb, idx, 2, ENC_BIG_ENDIAN);
1610 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_error_message, tvb, idx, avp_len, ENC_ASCII|ENC_NA);
1613 case PROTOCOL_VERSION:
1616 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_protocol_version, tvb, idx, 1, ENC_BIG_ENDIAN);
1620 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_protocol_revision, tvb, idx, 1, ENC_BIG_ENDIAN);
1623 case FRAMING_CAPABILITIES:
1624 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_async_framing_supported, tvb, idx, 4, ENC_BIG_ENDIAN);
1625 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_sync_framing_supported, tvb, idx, 4, ENC_BIG_ENDIAN);
1628 case BEARER_CAPABILITIES:
1629 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_analog_access_supported, tvb, idx, 4, ENC_BIG_ENDIAN);
1630 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_digital_access_supported, tvb, idx, 4, ENC_BIG_ENDIAN);
1634 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_tie_breaker, tvb, idx, 8, ENC_BIG_ENDIAN);
1637 case FIRMWARE_REVISION:
1638 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_firmware_revision, tvb, idx, 2, ENC_BIG_ENDIAN);
1642 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_host_name, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1646 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_vendor_name, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1649 case ASSIGNED_TUNNEL_ID:
1650 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_assigned_tunnel_id, tvb, idx, 2, ENC_BIG_ENDIAN);
1653 case RECEIVE_WINDOW_SIZE:
1654 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_receive_window_size, tvb, idx, 2, ENC_BIG_ENDIAN);
1658 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_chap_challenge, tvb, idx, avp_len, ENC_NA);
1663 * XXX - export stuff from the Q.931 dissector
1664 * to dissect the cause code and cause message,
1669 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_cause_code, tvb, idx, 2, ENC_BIG_ENDIAN);
1675 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_cause_msg, tvb, idx, 1, ENC_BIG_ENDIAN);
1681 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_advisory_msg, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1684 case CHALLENGE_RESPONSE:
1685 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_chap_challenge_response, tvb, idx, 16, ENC_NA);
1688 case ASSIGNED_SESSION:
1689 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_assigned_session_id, tvb, idx, 2, ENC_BIG_ENDIAN);
1692 case CALL_SERIAL_NUMBER:
1693 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_call_serial_number, tvb, idx, 4, ENC_BIG_ENDIAN);
1697 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_minimum_bps, tvb, idx, 4, ENC_BIG_ENDIAN);
1701 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_maximum_bps, tvb, idx, 4, ENC_BIG_ENDIAN);
1705 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_analog_bearer_type, tvb, idx, 4, ENC_BIG_ENDIAN);
1706 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_digital_bearer_type, tvb, idx, 4, ENC_BIG_ENDIAN);
1710 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_async_framing_type, tvb, idx, 4, ENC_BIG_ENDIAN);
1711 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_sync_framing_type, tvb, idx, 4, ENC_BIG_ENDIAN);
1717 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_called_number,
1718 tvb, idx, avp_len, ENC_ASCII|ENC_NA);
1721 case CALLING_NUMBER:
1724 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_calling_number,
1725 tvb, idx, avp_len, ENC_ASCII|ENC_NA);
1731 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_sub_address, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1734 case TX_CONNECT_SPEED:
1735 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_connect_speed, tvb, idx, 4, ENC_BIG_ENDIAN);
1738 case PHYSICAL_CHANNEL:
1739 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_physical_channel, tvb, idx, 4, ENC_BIG_ENDIAN);
1742 case INITIAL_RECEIVED_LCP_CONFREQ:
1743 te = proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_initial_received_lcp_confreq, tvb, idx, avp_len, ENC_NA);
1744 l2tp_lcp_avp_tree = proto_item_add_subtree(te, ett_l2tp_lcp);
1745 next_tvb = tvb_new_subset_length(tvb, idx, avp_len);
1746 call_dissector(ppp_lcp_options_handle, next_tvb, pinfo, l2tp_lcp_avp_tree );
1749 case LAST_SENT_LCP_CONFREQ:
1750 te = proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_last_sent_lcp_confreq, tvb, idx, avp_len, ENC_NA);
1751 l2tp_lcp_avp_tree = proto_item_add_subtree(te, ett_l2tp_lcp);
1752 next_tvb = tvb_new_subset_length(tvb, idx, avp_len);
1753 call_dissector(ppp_lcp_options_handle, next_tvb, pinfo, l2tp_lcp_avp_tree );
1756 case LAST_RECEIVED_LCP_CONFREQ:
1757 te = proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_last_received_lcp_confreq, tvb, idx, avp_len, ENC_NA);
1758 l2tp_lcp_avp_tree = proto_item_add_subtree(te, ett_l2tp_lcp);
1759 next_tvb = tvb_new_subset_length(tvb, idx, avp_len);
1760 call_dissector(ppp_lcp_options_handle, next_tvb, pinfo, l2tp_lcp_avp_tree );
1763 case PROXY_AUTHEN_TYPE:
1764 msg_type = tvb_get_ntohs(tvb, idx);
1765 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_proxy_authen_type, tvb, idx, 2, ENC_BIG_ENDIAN);
1768 case PROXY_AUTHEN_NAME:
1771 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_proxy_authen_name, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1774 case PROXY_AUTHEN_CHALLENGE:
1775 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_proxy_authen_challenge, tvb, idx, avp_len, ENC_NA);
1778 case PROXY_AUTHEN_ID:
1779 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_proxy_authen_id, tvb, idx + 1, 1, ENC_BIG_ENDIAN);
1782 case PROXY_AUTHEN_RESPONSE:
1783 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_proxy_authen_response, tvb, idx, avp_len, ENC_NA);
1786 case CALL_STATUS_AVPS:
1794 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_crc_errors, tvb, idx, 4, ENC_BIG_ENDIAN);
1800 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_framing_errors, tvb, idx, 4, ENC_BIG_ENDIAN);
1806 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_hardware_overruns, tvb, idx, 4, ENC_BIG_ENDIAN);
1812 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_buffer_overruns, tvb, idx, 4, ENC_BIG_ENDIAN);
1818 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_time_out_errors, tvb, idx, 4, ENC_BIG_ENDIAN);
1824 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_alignment_errors, tvb, idx, 4, ENC_BIG_ENDIAN);
1837 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_send_accm, tvb, idx, 4, ENC_BIG_ENDIAN);
1843 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_receive_accm, tvb, idx, 4, ENC_BIG_ENDIAN);
1849 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_random_vector, tvb, idx, avp_len, ENC_NA);
1852 case PRIVATE_GROUP_ID:
1853 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_private_group_id, tvb, idx, avp_len, ENC_NA);
1856 case RX_CONNECT_SPEED:
1857 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_rx_connect_speed, tvb, idx, 4, ENC_BIG_ENDIAN);
1860 case PPP_DISCONNECT_CAUSE_CODE:
1863 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_disconnect_code, tvb, idx, 2, ENC_BIG_ENDIAN);
1869 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_control_protocol_number, tvb, idx, 2, ENC_BIG_ENDIAN);
1875 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_cause_code_direction, tvb, idx, 1, ENC_BIG_ENDIAN);
1881 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_cause_code_message, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1884 case MESSAGE_DIGEST:
1887 digest_avp_len = avp_len;
1888 digest_item = proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_message_digest, tvb, idx, avp_len, ENC_NA);
1892 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_router_id, tvb, idx, 4, ENC_BIG_ENDIAN);
1894 case ASSIGNED_CONTROL_CONN_ID:
1895 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_assigned_control_conn_id,
1896 tvb, idx, 4, ENC_BIG_ENDIAN);
1897 store_ccid(tunnel, tvb, idx, msg_type);
1899 case PW_CAPABILITY_LIST:
1900 l2tp_avp_tree_sub = proto_tree_add_subtree(l2tp_avp_tree, tvb, idx, avp_len,
1901 ett_l2tp_avp_sub, NULL, "Pseudowire Capabilities List");
1903 while (avp_len >= 2) {
1904 proto_tree_add_item(l2tp_avp_tree_sub, hf_l2tp_avp_pw_type, tvb, idx, 2, ENC_BIG_ENDIAN);
1909 case LOCAL_SESSION_ID:
1910 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_local_session_id,
1911 tvb, idx, 4, ENC_BIG_ENDIAN);
1912 col_append_fstr(pinfo->cinfo,COL_INFO, ", LSID: %2u",
1913 tvb_get_ntohl(tvb, idx));
1914 session = store_lsession_id(session, tvb, idx, msg_type);
1916 case REMOTE_SESSION_ID:
1917 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_remote_session_id,
1918 tvb, idx, 4, ENC_BIG_ENDIAN);
1919 col_append_fstr(pinfo->cinfo,COL_INFO, ", RSID: %2u",
1920 tvb_get_ntohl(tvb, idx));
1921 session = store_rsession_id(session, tvb, idx, msg_type);
1923 case ASSIGNED_COOKIE:
1924 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_assigned_cookie, tvb, idx, avp_len, ENC_NA);
1925 session = store_cookie_len(session, avp_len, msg_type);
1928 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_remote_end_id, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1931 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_pseudowire_type, tvb, idx, 2, ENC_BIG_ENDIAN);
1932 session = store_pw_type(session, tvb, idx, msg_type);
1934 case L2_SPECIFIC_SUBLAYER:
1935 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_layer2_specific_sublayer, tvb, idx, 2, ENC_BIG_ENDIAN);
1936 session = store_l2_sublayer(session, tvb, idx, msg_type);
1938 case DATA_SEQUENCING:
1939 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_data_sequencing, tvb, idx, 2, ENC_BIG_ENDIAN);
1941 case CIRCUIT_STATUS:
1942 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_circuit_status, tvb, idx, 2, ENC_BIG_ENDIAN);
1943 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_circuit_type, tvb, idx, 2, ENC_BIG_ENDIAN);
1945 case PREFERRED_LANGUAGE:
1946 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_preferred_language, tvb, idx, avp_len, ENC_NA|ENC_ASCII);
1948 case CTL_MSG_AUTH_NONCE:
1949 proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_nonce, tvb, idx, avp_len, ENC_NA);
1950 store_cma_nonce(tunnel, tvb, idx, avp_len, msg_type);
1952 case TX_CONNECT_SPEED_V3:
1958 speed = tvb_get_ntoh64(tvb, idx);
1959 tf = proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_tx_connect_speed_v3, tvb, idx, 8, ENC_BIG_ENDIAN);
1961 proto_item_append_text(tf, " (indeterminable or no physical p2p link)");
1965 case RX_CONNECT_SPEED_V3:
1971 speed = tvb_get_ntoh64(tvb, idx);
1972 tf = proto_tree_add_item(l2tp_avp_tree, hf_l2tp_avp_rx_connect_speed_v3, tvb, idx, 8, ENC_BIG_ENDIAN);
1974 proto_item_append_text(tf, " (indeterminable or no physical p2p link)");
1980 proto_tree_add_expert(l2tp_avp_tree, pinfo, &ei_l2tp_vendor_specific_avp_data, tvb, idx, avp_len);
1987 /* SCCRQ digest can only be calculated once we know whether nonces are being used */
1988 if (digest_avp_len) {
1989 if (check_control_digest(tunnel, tvb, length, digest_idx, digest_avp_len, msg_type, pinfo) < 0)
1990 expert_add_info(pinfo, digest_item, &ei_l2tp_incorrect_digest);
1993 update_session(tunnel, session);
1997 * Processes Data Messages for v3 IP and UDP, starting from the Session ID
1998 * (common to IP and UDP). Dissects the L2TPv3 Session header, the (optional)
1999 * L2-Specific sublayer and calls the appropriate dissector for the payload.
2002 process_l2tpv3_data(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
2003 proto_tree *l2tp_tree, proto_item *l2tp_item, int *pIdx,
2004 l2tpv3_tunnel_t *tunnel)
2008 guint32 oam_cell = 0;
2009 proto_tree *l2_specific = NULL;
2010 proto_item *ti = NULL;
2012 gint cookie_len = l2tpv3_cookie;
2013 gint l2_spec = l2tpv3_l2_specific;
2016 lcce_settings_t *lcce = NULL;
2017 l2tpv3_session_t *session = NULL;
2019 /* Get Session ID */
2020 sid = tvb_get_ntohl(tvb, idx);
2024 if (addresses_equal(&tunnel->lcce1, &pinfo->dst)) {
2025 session = find_session(tunnel, sid, 0);
2027 lcce = &session->lcce1;
2029 session = find_session(tunnel, 0, sid);
2031 lcce = &session->lcce2;
2037 l2_spec = lcce->l2_specific;
2038 if (cookie_len == -1)
2039 cookie_len = lcce->cookie_len;
2041 pw_type = session->pw_type;
2045 l2_spec = L2TPv3_L2_SPECIFIC_NONE;
2048 pw_type = L2TPv3_PROTOCOL_DEFAULT;
2050 if (cookie_len == -1)
2051 cookie_len = L2TPv3_COOKIE_DEFAULT;
2053 col_add_fstr(pinfo->cinfo,COL_INFO,
2054 "%s (session id=%u)",
2058 proto_tree_add_item(l2tp_tree, hf_l2tp_sid, tvb, idx-4, 4, ENC_BIG_ENDIAN);
2059 proto_item_set_len(l2tp_item, idx);
2060 if (!(tvb_offset_exists(tvb, idx)))
2062 if (cookie_len != 0)
2063 proto_tree_add_item(l2tp_tree, hf_l2tp_cookie, tvb, idx, cookie_len, ENC_NA);
2067 case L2TPv3_L2_SPECIFIC_DEFAULT:
2069 ti = proto_tree_add_item(tree, hf_l2tp_l2_spec_def,
2070 tvb, idx + cookie_len, 4, ENC_NA);
2071 l2_specific = proto_item_add_subtree(ti, ett_l2tp_l2_spec);
2073 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_s, tvb, idx + cookie_len,
2075 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_sequence, tvb,
2076 idx + cookie_len + 1, 3, ENC_BIG_ENDIAN);
2078 next_tvb = tvb_new_subset_remaining(tvb, idx + cookie_len + 4);
2080 case L2TPv3_L2_SPECIFIC_DOCSIS_DMPT:
2082 ti = proto_tree_add_item(tree, hf_l2tp_l2_spec_docsis_dmpt,
2083 tvb, idx + cookie_len, 4, ENC_NA);
2084 l2_specific = proto_item_add_subtree(ti, ett_l2tp_l2_spec);
2086 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_v, tvb,
2087 idx + cookie_len,1, ENC_BIG_ENDIAN);
2089 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_s, tvb,
2090 idx + cookie_len,1, ENC_BIG_ENDIAN);
2092 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_h, tvb,
2093 idx + cookie_len,1, ENC_BIG_ENDIAN);
2095 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_flow_id, tvb,
2096 idx + cookie_len,1, ENC_BIG_ENDIAN);
2098 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_sequence, tvb,
2099 idx + cookie_len + 2,2, ENC_BIG_ENDIAN);
2101 next_tvb = tvb_new_subset_remaining(tvb, idx + cookie_len + 4);
2103 case L2TPv3_L2_SPECIFIC_ATM:
2105 ti = proto_tree_add_item(tree, hf_l2tp_l2_spec_atm,
2106 tvb, idx + cookie_len, 4, ENC_NA);
2107 l2_specific = proto_item_add_subtree(ti, ett_l2tp_l2_spec);
2109 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_s, tvb, idx + cookie_len,
2111 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_t, tvb, idx + cookie_len,
2114 * As per RFC 4454, the T bit specifies whether
2115 * we're transporting an OAM cell or an AAL5 frame.
2117 oam_cell = tvb_get_guint8(tvb, idx + cookie_len) & 0x08;
2118 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_g, tvb, idx + cookie_len,
2120 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_c, tvb, idx + cookie_len,
2122 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_u, tvb, idx + cookie_len,
2124 proto_tree_add_item(l2_specific, hf_l2tp_l2_spec_sequence, tvb,
2125 idx + cookie_len + 1, 3, ENC_BIG_ENDIAN);
2127 next_tvb = tvb_new_subset_remaining(tvb, idx + cookie_len + 4);
2129 case L2TPv3_L2_SPECIFIC_LAPD:
2131 proto_tree_add_item(tree, hf_l2tp_lapd_info, tvb, idx + cookie_len + 4, 3, ENC_NA);
2132 next_tvb = tvb_new_subset_remaining(tvb, idx + cookie_len+4+3);
2134 case L2TPv3_L2_SPECIFIC_NONE:
2136 next_tvb = tvb_new_subset_remaining(tvb, idx + cookie_len);
2140 p_add_proto_data(pinfo->pool, pinfo, proto_l2tp, 0, GUINT_TO_POINTER((guint)pw_type));
2142 if (!dissector_try_uint_new(pw_type_table, pw_type, next_tvb, pinfo, tree, FALSE, GUINT_TO_POINTER(oam_cell)))
2144 call_dissector(data_handle, next_tvb, pinfo, tree);
2148 static const int * l2tp_control_fields[] = {
2150 &hf_l2tp_length_bit,
2157 * Processes v3 data message over UDP, to then call process_l2tpv3_data
2158 * from the common part (Session ID)
2161 process_l2tpv3_data_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
2162 l2tpv3_conversation_t *l2tp_conv)
2164 proto_tree *l2tp_tree, *ctrl_tree;
2165 proto_item *l2tp_item;
2166 int idx = 4; /* skip to sid */
2169 sid = tvb_get_ntohl(tvb, idx);
2171 l2tp_item = proto_tree_add_item(tree, proto_l2tp, tvb, 0, -1, ENC_NA);
2172 l2tp_tree = proto_item_add_subtree(l2tp_item, ett_l2tp);
2175 proto_item_append_text(l2tp_item, " version 3");
2177 ctrl_tree = proto_tree_add_subtree_format(l2tp_tree, tvb, 0, 2,
2178 ett_l2tp_ctrl, NULL, "Packet Type: %s Session Id=%u",
2180 proto_tree_add_bitmask_list(ctrl_tree, tvb, 0, 2, l2tp_control_fields, ENC_BIG_ENDIAN);
2182 /* Data in v3 over UDP has this reserved */
2183 proto_tree_add_item(l2tp_tree, hf_l2tp_res, tvb, 2, 2, ENC_BIG_ENDIAN);
2186 /* Call process_l2tpv3_data from Session ID (offset in idx of 4) */
2187 process_l2tpv3_data(tvb, pinfo, tree, l2tp_tree, l2tp_item, &idx, l2tp_conv->tunnel);
2191 * Processes v3 data message over IP, to then call process_l2tpv3_data
2192 * from the common part (Session ID)
2195 process_l2tpv3_data_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
2196 l2tpv3_conversation_t *l2tp_conv)
2198 proto_tree *l2tp_tree;
2199 proto_item *l2tp_item;
2204 sid = tvb_get_ntohl(tvb, idx);
2206 l2tp_item = proto_tree_add_item(tree, proto_l2tp, tvb, 0, -1, ENC_NA);
2207 l2tp_tree = proto_item_add_subtree(l2tp_item, ett_l2tp);
2208 proto_item_append_text(l2tp_item, " version 3");
2210 proto_tree_add_uint_format(l2tp_tree, hf_l2tp_session_id, tvb, 0, 4, sid, "Packet Type: %s Session Id=%u", data_msg, sid);
2212 /* Call process_l2tpv3_data from Session ID (offset in idx of 0) */
2213 process_l2tpv3_data(tvb, pinfo, tree, l2tp_tree, l2tp_item, &idx, l2tp_conv->tunnel);
2217 * Processes v3 Control Message over IP, that carries NULL Session ID
2218 * to then call process_control_avps after dissecting the control.
2221 process_l2tpv3_control(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int baseIdx,
2222 l2tpv3_conversation_t *l2tp_conv)
2224 proto_tree *l2tp_tree = NULL, *ctrl_tree;
2225 proto_item *l2tp_item = NULL;
2229 guint16 length = 0; /* Length field */
2230 guint32 ccid = 0; /* Control Connection ID */
2231 guint16 vendor_id = 0;
2234 guint16 control = 0;
2236 l2tpv3_tunnel_t *tunnel = NULL;
2237 l2tpv3_tunnel_t tmp_tunnel;
2239 control = tvb_get_ntohs(tvb, idx);
2240 idx += 2; /* skip ahead */
2241 if (LENGTH_BIT(control)) { /* length field included ? */
2242 length = tvb_get_ntohs(tvb, idx);
2246 /* Get Control Channel ID */
2247 ccid = tvb_get_ntohl(tvb, idx);
2252 if ((LENGTH_BIT(control))&&(length==12)) /* ZLB Message */
2253 col_add_fstr(pinfo->cinfo, COL_INFO,
2254 "%s - ZLB (tunnel id=%u)",
2255 control_msg , ccid);
2258 if (SEQUENCE_BIT(control)) {
2264 vendor_id = tvb_get_ntohs(tvb, tmp_idx);
2267 avp_type = tvb_get_ntohs(tvb, tmp_idx);
2270 /* If it's a vendor AVP let the vendor AVP dissector fill in the info column */
2271 if ( vendor_id == VENDOR_IETF ) {
2272 if (avp_type == CONTROL_MESSAGE) {
2273 /* We print message type */
2274 msg_type = tvb_get_ntohs(tvb, tmp_idx);
2275 col_add_fstr(pinfo->cinfo, COL_INFO,
2276 "%s - %s (tunnel id=%u)",
2278 val_to_str_ext(msg_type, &l2tp_message_type_short_str_vals_ext, "Unknown (%u)"),
2283 * This is not a control message.
2284 * We never pass here except in case of bad l2tp packet!
2286 col_add_fstr(pinfo->cinfo, COL_INFO,
2287 "%s (tunnel id=%u)",
2293 if (LENGTH_BIT(control)) {
2295 * Set the length of this tvbuff to be no longer than the length
2298 * XXX - complain if that length is longer than the length of
2299 * the tvbuff? Have "set_actual_length()" return a Boolean
2300 * and have its callers check the result?
2302 set_actual_length(tvb, length+baseIdx);
2306 l2tp_item = proto_tree_add_item(tree, proto_l2tp, tvb, 0, -1, ENC_NA);
2307 l2tp_tree = proto_item_add_subtree(l2tp_item, ett_l2tp);
2308 proto_item_append_text(l2tp_item, " version 3");
2311 proto_tree_add_item(l2tp_tree, hf_l2tp_sid, tvb, 0, 4, ENC_BIG_ENDIAN);
2313 ctrl_tree = proto_tree_add_subtree_format(l2tp_tree, tvb, baseIdx, 2,
2314 ett_l2tp_ctrl, NULL, "Packet Type: %s Control Connection Id=%d",
2315 (CONTROL_BIT(control) ? control_msg : data_msg), ccid);
2316 proto_tree_add_bitmask_list(ctrl_tree, tvb, baseIdx, 2, l2tp_control_fields, ENC_BIG_ENDIAN);
2319 if (LENGTH_BIT(control)) {
2320 proto_tree_add_item(l2tp_tree, hf_l2tp_length, tvb, idx, 2, ENC_BIG_ENDIAN);
2324 proto_tree_add_item(l2tp_tree, hf_l2tp_ccid, tvb, idx, 4, ENC_BIG_ENDIAN);
2327 if (SEQUENCE_BIT(control)) {
2328 proto_tree_add_item(l2tp_tree, hf_l2tp_Ns, tvb, idx, 2, ENC_BIG_ENDIAN);
2330 proto_tree_add_item(l2tp_tree, hf_l2tp_Nr, tvb, idx, 2, ENC_BIG_ENDIAN);
2335 if (tree && (LENGTH_BIT(control))&&(length==12)) {
2336 proto_tree_add_item(l2tp_tree, hf_l2tp_zero_length_bit_message, tvb, 0, 0, ENC_NA);
2338 avp_type = tvb_get_ntohs(tvb, idx + 4);
2339 if (avp_type == CONTROL_MESSAGE) {
2341 msg_type = tvb_get_ntohs(tvb, idx + 6);
2342 if (msg_type == MESSAGE_TYPE_SCCRQ) {
2343 tunnel = &tmp_tunnel;
2344 memset(tunnel, 0, sizeof(l2tpv3_tunnel_t));
2345 tunnel->conv = l2tp_conv;
2346 WMEM_COPY_ADDRESS(wmem_file_scope(), &tunnel->lcce1, &pinfo->src);
2347 WMEM_COPY_ADDRESS(wmem_file_scope(), &tunnel->lcce2, &pinfo->dst);
2352 if (!LENGTH_BIT(control)) {
2356 if (tunnel == NULL) {
2357 tunnel = l2tp_conv->tunnel;
2360 process_control_avps(tvb, pinfo, l2tp_tree, idx, length+baseIdx, ccid, tunnel);
2362 if (tunnel == &tmp_tunnel && l2tp_conv->tunnel == NULL) {
2363 l2tp_conv->tunnel = wmem_new0(wmem_file_scope(), l2tpv3_tunnel_t);
2364 memcpy(l2tp_conv->tunnel, &tmp_tunnel, sizeof(l2tpv3_tunnel_t));
2369 * Dissector for L2TP over UDP. For v2, calls process_control_avps for
2370 * control messages, or the ppp dissector based on the control bit.
2371 * For v3, calls either process_l2tpv3_control or process_l2tpv3_data_udp
2372 * based on the control bit.
2375 dissect_l2tp_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
2377 proto_tree *l2tp_tree, *ctrl_tree;
2378 proto_item *l2tp_item;
2381 guint16 length = 0; /* Length field */
2382 guint16 tid; /* Tunnel ID */
2383 guint16 cid; /* Call ID */
2384 guint16 offset_size; /* Offset size */
2389 conversation_t *conv = NULL;
2390 l2tpv3_conversation_t *l2tp_conv = NULL;
2393 * Don't accept packets that aren't for an L2TP version we know,
2394 * as they might not be L2TP packets even though they happen
2395 * to be coming from or going to the L2TP port.
2397 if (tvb_captured_length(tvb) < 2)
2398 return 0; /* not enough information to check */
2399 control = tvb_get_ntohs(tvb, 0);
2400 switch (L2TP_VERSION(control)) {
2410 conv = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
2411 pinfo->srcport, pinfo->destport, NO_PORT_B);
2414 conv = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
2415 pinfo->srcport, pinfo->destport, 0);
2418 if ((conv == NULL) || (conv->dissector_handle != l2tp_udp_handle)) {
2419 conv = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
2420 pinfo->srcport, 0, NO_PORT2);
2421 conversation_set_dissector(conv, l2tp_udp_handle);
2424 col_set_str(pinfo->cinfo, COL_PROTOCOL, "L2TP");
2425 col_clear(pinfo->cinfo, COL_INFO);
2427 switch (L2TP_VERSION(control)) {
2433 l2tp_conv = (l2tpv3_conversation_t *)conversation_get_proto_data(conv, proto_l2tp);
2435 l2tp_conv = wmem_new0(wmem_file_scope(), l2tpv3_conversation_t);
2436 l2tp_conv->pt = PT_UDP;
2437 conversation_add_proto_data(conv, proto_l2tp, (void *)l2tp_conv);
2440 col_set_str(pinfo->cinfo, COL_PROTOCOL, "L2TPv3");
2441 if (CONTROL_BIT(control)) {
2442 /* Call to process l2tp v3 control message */
2443 process_l2tpv3_control(tvb, pinfo, tree, 0, l2tp_conv);
2446 /* Call to process l2tp v3 data message */
2447 process_l2tpv3_data_udp(tvb, pinfo, tree, l2tp_conv);
2449 return tvb_reported_length(tvb);
2452 if (LENGTH_BIT(control)) { /* length field included ? */
2453 idx += 2; /* skip ahead */
2454 length = tvb_get_ntohs(tvb, idx);
2457 /* collect the tunnel id & call id */
2459 tid = tvb_get_ntohs(tvb, idx);
2461 cid = tvb_get_ntohs(tvb, idx);
2463 if (CONTROL_BIT(control)) {
2464 /* CONTROL MESSAGE */
2467 if ((LENGTH_BIT(control))&&(length==12)) /* ZLB Message */
2468 col_add_fstr(pinfo->cinfo, COL_INFO,
2469 "%s - ZLB (tunnel id=%d, session id=%u)",
2470 control_msg, tid, cid);
2473 if (SEQUENCE_BIT(control)) {
2479 avp_type = tvb_get_ntohs(tvb, (tmp_idx+=2));
2481 if (avp_type == CONTROL_MESSAGE) {
2482 /* We print message type */
2483 msg_type = tvb_get_ntohs(tvb, tmp_idx+2);
2484 col_add_fstr(pinfo->cinfo, COL_INFO,
2485 "%s - %s (tunnel id=%u, session id=%u)",
2487 val_to_str_ext(msg_type, &l2tp_message_type_short_str_vals_ext, "Unknown (%u)"),
2493 * This is not a control message.
2494 * We never pass here except in case of bad l2tp packet!
2496 col_add_fstr(pinfo->cinfo, COL_INFO,
2497 "%s (tunnel id=%u, session id=%u)",
2498 control_msg, tid, cid);
2505 col_add_fstr(pinfo->cinfo, COL_INFO,
2506 "%s (tunnel id=%u, session id=%u)",
2507 data_msg, tid, cid);
2510 if (LENGTH_BIT(control)) {
2512 * Set the length of this tvbuff to be no longer than the length
2515 * XXX - complain if that length is longer than the length of
2516 * the tvbuff? Have "set_actual_length()" return a Boolean
2517 * and have its callers check the result?
2519 set_actual_length(tvb, length);
2522 l2tp_item = proto_tree_add_item(tree,proto_l2tp, tvb, 0, -1, ENC_NA);
2523 l2tp_tree = proto_item_add_subtree(l2tp_item, ett_l2tp);
2526 static const int * control_fields[] = {
2528 &hf_l2tp_length_bit,
2530 &hf_l2tp_offset_bit,
2536 ctrl_tree = proto_tree_add_subtree_format(l2tp_tree, tvb, 0, 2, ett_l2tp_ctrl, NULL,
2537 "Packet Type: %s Tunnel Id=%d Session Id=%d",
2538 (CONTROL_BIT(control) ? control_msg : data_msg), tid, cid);
2540 proto_tree_add_bitmask_list(ctrl_tree, tvb, 0, 2, control_fields, ENC_BIG_ENDIAN);
2543 if (LENGTH_BIT(control)) {
2545 proto_tree_add_item(l2tp_tree, hf_l2tp_length, tvb, idx, 2, ENC_BIG_ENDIAN);
2551 proto_tree_add_item(l2tp_tree, hf_l2tp_tunnel, tvb, idx, 2, ENC_BIG_ENDIAN);
2555 proto_tree_add_item(l2tp_tree, hf_l2tp_session, tvb, idx, 2, ENC_BIG_ENDIAN);
2559 if (SEQUENCE_BIT(control)) {
2561 proto_tree_add_item(l2tp_tree, hf_l2tp_Ns, tvb, idx, 2, ENC_BIG_ENDIAN);
2565 proto_tree_add_item(l2tp_tree, hf_l2tp_Nr, tvb, idx, 2, ENC_BIG_ENDIAN);
2569 if (OFFSET_BIT(control)) {
2570 offset_size = tvb_get_ntohs(tvb, idx);
2572 proto_tree_add_uint(l2tp_tree, hf_l2tp_offset, tvb, idx, 2,
2576 if (offset_size != 0) {
2578 proto_tree_add_item(l2tp_tree, hf_l2tp_offset_padding, tvb, idx, offset_size, ENC_NA);
2584 if (tree && (LENGTH_BIT(control))&&(length==12)) {
2585 proto_tree_add_item(l2tp_tree, hf_l2tp_zero_length_bit_message, tvb, 0, 0, ENC_NA);
2588 if (!CONTROL_BIT(control)) { /* Data Messages so we are done */
2590 proto_item_set_len(l2tp_item, idx);
2591 /* If we have data, signified by having a length bit, dissect it */
2592 if (tvb_offset_exists(tvb, idx)) {
2593 next_tvb = tvb_new_subset_remaining(tvb, idx);
2594 call_dissector(ppp_hdlc_handle, next_tvb, pinfo, tree);
2596 return tvb_reported_length(tvb);
2599 if (LENGTH_BIT(control))
2600 process_control_avps(tvb, pinfo, l2tp_tree, idx, length, -1, NULL);
2602 return tvb_reported_length(tvb);
2607 * Only L2TPv3 runs directly over IP, and dissect_l2tp_ip starts dissecting
2608 * those packets to call either process_l2tpv3_control for Control Messages
2609 * or process_l2tpv3_data_ip for Data Messages over IP, based on the
2613 dissect_l2tp_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
2616 guint32 sid; /* Session ID */
2618 conversation_t *conv = NULL;
2619 l2tpv3_conversation_t *l2tp_conv = NULL;
2621 conv = find_or_create_conversation(pinfo);
2623 l2tp_conv = (l2tpv3_conversation_t *)conversation_get_proto_data(conv, proto_l2tp);
2625 l2tp_conv = wmem_new0(wmem_file_scope(), l2tpv3_conversation_t);
2626 l2tp_conv->pt = PT_NONE;
2627 conversation_add_proto_data(conv, proto_l2tp, (void *)l2tp_conv);
2630 /* Only L2TPv3 runs directly over IP */
2631 col_set_str(pinfo->cinfo, COL_PROTOCOL, "L2TPv3");
2633 col_clear(pinfo->cinfo, COL_INFO);
2635 sid = tvb_get_ntohl(tvb, idx);
2637 /* This is control message */
2638 /* Call to process l2tp v3 control message */
2639 process_l2tpv3_control(tvb, pinfo, tree, 4, l2tp_conv);
2642 /* Call to process l2tp v3 data message */
2643 process_l2tpv3_data_ip(tvb, pinfo, tree, l2tp_conv);
2649 static int dissect_atm_oam_llc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
2651 guint32 oam_cell = GPOINTER_TO_UINT(data);
2654 call_dissector(atm_oam_handle, tvb, pinfo, tree);
2656 call_dissector(llc_handle, tvb, pinfo, tree);
2659 return tvb_captured_length(tvb);
2662 static void l2tp_cleanup(void)
2664 GSList *iterator = list_heads;
2667 if (iterator->data != NULL)
2668 g_slist_free((GSList *)iterator->data);
2669 iterator = g_slist_next(iterator);
2672 if (list_heads != NULL) {
2673 g_slist_free(list_heads);
2678 /* registration with the filtering engine */
2680 proto_register_l2tp(void)
2682 static hf_register_info hf[] = {
2684 { "Type", "l2tp.type", FT_UINT16, BASE_DEC, VALS(l2tp_type_vals), 0x8000,
2685 "Type bit", HFILL }},
2687 { &hf_l2tp_length_bit,
2688 { "Length Bit", "l2tp.length_bit", FT_BOOLEAN, 16, TFS(&l2tp_length_bit_truth), 0x4000,
2692 { "Sequence Bit", "l2tp.seq_bit", FT_BOOLEAN, 16, TFS(&l2tp_seq_bit_truth), 0x0800,
2695 { &hf_l2tp_offset_bit,
2696 { "Offset bit", "l2tp.offset_bit", FT_BOOLEAN, 16, TFS(&l2tp_offset_bit_truth), 0x0200,
2699 { &hf_l2tp_priority,
2700 { "Priority", "l2tp.priority", FT_BOOLEAN, 16, TFS(&l2tp_priority_truth), 0x0100,
2701 "Priority bit", HFILL }},
2704 { "Version", "l2tp.version", FT_UINT16, BASE_DEC, NULL, 0x000f,
2708 { "Length","l2tp.length", FT_UINT16, BASE_DEC, NULL, 0x0,
2712 { "Tunnel ID","l2tp.tunnel", FT_UINT16, BASE_DEC, NULL, 0x0, /* Probably should be FT_BYTES */
2716 { "Session ID","l2tp.session", FT_UINT16, BASE_DEC, NULL, 0x0, /* Probably should be FT_BYTES */
2720 { "Ns","l2tp.Ns", FT_UINT16, BASE_DEC, NULL, 0x0,
2724 { "Nr","l2tp.Nr", FT_UINT16, BASE_DEC, NULL, 0x0,
2728 { "Offset","l2tp.offset", FT_UINT16, BASE_DEC, NULL, 0x0,
2729 "Number of octest past the L2TP header at which the payload data starts.", HFILL }},
2731 { &hf_l2tp_avp_mandatory,
2732 { "Mandatory", "l2tp.avp.mandatory", FT_BOOLEAN, 16, NULL, 0x8000,
2735 { &hf_l2tp_avp_hidden,
2736 { "Hidden", "l2tp.avp.hidden", FT_BOOLEAN, 16, NULL, 0x4000,
2739 { &hf_l2tp_avp_length,
2740 { "Length", "l2tp.avp.length", FT_UINT16, BASE_DEC, NULL, 0x03ff,
2743 { &hf_l2tp_avp_vendor_id,
2744 { "Vendor ID", "l2tp.avp.vendor_id", FT_UINT16, BASE_DEC|BASE_EXT_STRING, &sminmpec_values_ext, 0,
2745 "AVP Vendor ID", HFILL }},
2747 { &hf_l2tp_avp_type,
2748 { "AVP Type", "l2tp.avp.type", FT_UINT16, BASE_DEC|BASE_EXT_STRING, &avp_type_vals_ext, 0,
2751 { &hf_l2tp_tie_breaker,
2752 { "Tie Breaker", "l2tp.tie_breaker", FT_UINT64, BASE_HEX, NULL, 0,
2756 { "Session ID","l2tp.sid", FT_UINT32, BASE_DEC, NULL, 0x0,
2760 { "Control Connection ID","l2tp.ccid", FT_UINT32, BASE_DEC, NULL, 0x0,
2764 { "Reserved","l2tp.res", FT_UINT16, BASE_HEX, NULL, 0x0,
2768 { "Cookie","l2tp.cookie", FT_BYTES, BASE_NONE, NULL, 0x0,
2771 { &hf_l2tp_l2_spec_def,
2772 { "Default L2-Specific Sublayer","l2tp.l2_spec_def", FT_NONE, BASE_NONE, NULL, 0x0,
2775 { &hf_l2tp_l2_spec_atm,
2776 { "ATM-Specific Sublayer","l2tp.l2_spec_atm", FT_NONE, BASE_NONE, NULL, 0x0,
2779 { &hf_l2tp_l2_spec_docsis_dmpt,
2780 { "DOCSIS DMPT - Specific Sublayer","l2tp.l2_spec_docsis_dmpt", FT_NONE, BASE_NONE, NULL, 0x0,
2783 { &hf_l2tp_l2_spec_v,
2784 { "V-bit","l2tp.l2_spec_v", FT_BOOLEAN, 8, NULL, 0x80,
2785 "VCCV Bit", HFILL }},
2787 { &hf_l2tp_l2_spec_s,
2788 { "S-bit","l2tp.l2_spec_s", FT_BOOLEAN, 8, NULL, 0x40,
2789 "Sequence Bit", HFILL }},
2791 { &hf_l2tp_l2_spec_h,
2792 { "H-bits","l2tp.l2_spec_h", FT_UINT8, BASE_HEX, NULL, 0x30,
2793 "Extended Header Bits", HFILL }},
2795 { &hf_l2tp_l2_spec_t,
2796 { "T-bit","l2tp.l2_spec_t", FT_BOOLEAN, 8, NULL, 0x08,
2797 "Transport Type Bit", HFILL }},
2799 { &hf_l2tp_l2_spec_g,
2800 { "G-bit","l2tp.l2_spec_g", FT_BOOLEAN, 8, NULL, 0x04,
2801 "EFCI Bit", HFILL }},
2803 { &hf_l2tp_l2_spec_c,
2804 { "C-bit","l2tp.l2_spec_c", FT_BOOLEAN, 8, NULL, 0x02,
2805 "CLP Bit", HFILL }},
2807 { &hf_l2tp_l2_spec_u,
2808 { "U-bit","l2tp.l2_spec_u", FT_BOOLEAN, 8, NULL, 0x01,
2809 "C/R Bit", HFILL }},
2811 { &hf_l2tp_l2_spec_flow_id,
2812 { "Flow ID","l2tp.l2_spec_flow_id", FT_UINT8, BASE_HEX, NULL, FLOW_ID_MASK,
2815 { &hf_l2tp_l2_spec_sequence,
2816 { "Sequence Number","l2tp.l2_spec_sequence", FT_UINT24, BASE_DEC, NULL, 0x0,
2819 { &hf_l2tp_cisco_avp_type,
2820 { "Type", "l2tp.avp.ciscotype", FT_UINT16, BASE_DEC, VALS(cisco_avp_type_vals), 0,
2821 "AVP Type", HFILL }},
2823 { &hf_l2tp_cablelabs_avp_type,
2824 { "Type", "l2tp.avp.cablelabstype", FT_UINT16, BASE_DEC, VALS(cablelabs_avp_type_vals), 0,
2825 "AVP Type", HFILL }},
2827 { &hf_l2tp_avp_message_type,
2828 { "Message Type", "l2tp.avp.message_type", FT_UINT16, BASE_DEC|BASE_EXT_STRING, &message_type_vals_ext, 0,
2831 { &hf_l2tp_avp_assigned_tunnel_id,
2832 { "Assigned Tunnel ID", "l2tp.avp.assigned_tunnel_id", FT_UINT16, BASE_DEC, NULL, 0,
2835 { &hf_l2tp_avp_assigned_control_conn_id,
2836 { "Assigned Control Connection ID", "l2tp.avp.assigned_control_conn_id", FT_UINT32, BASE_DEC, NULL, 0,
2839 { &hf_l2tp_avp_assigned_session_id,
2840 { "Assigned Session ID", "l2tp.avp.assigned_session_id", FT_UINT16, BASE_DEC, NULL, 0,
2843 { &hf_l2tp_avp_remote_session_id,
2844 { "Remote Session ID", "l2tp.avp.remote_session_id", FT_UINT32, BASE_DEC, NULL, 0,
2847 { &hf_l2tp_avp_local_session_id,
2848 { "Local Session ID", "l2tp.avp.local_session_id", FT_UINT32, BASE_DEC, NULL, 0,
2851 { &hf_l2tp_avp_called_number,
2852 { "Called Number", "l2tp.avp.called_number", FT_STRING, BASE_NONE, NULL, 0,
2855 { &hf_l2tp_avp_calling_number,
2856 { "Calling Number", "l2tp.avp.calling_number", FT_STRING, BASE_NONE, NULL, 0,
2859 { &hf_l2tp_cisco_tie_breaker,
2860 { "Tie Breaker", "l2tp.cisco.tie_breaker", FT_UINT64, BASE_HEX, NULL, 0,
2863 { &hf_l2tp_cablel_avp_l_bit,
2864 { "L(lock bit)", "l2tp.cablel.l_bit", FT_BOOLEAN, 16, NULL, 0x8000,
2867 { &hf_l2tp_cablel_avp_tsid_group_id,
2868 { "TSID Group ID", "l2tp.cablel.tsid_group_id", FT_UINT16, BASE_DEC, NULL, 0x7f00,
2871 { &hf_l2tp_cablel_avp_frequency,
2872 { "Frequency", "l2tp.cablel.frequency", FT_UINT32, BASE_DEC, NULL, 0,
2875 { &hf_l2tp_cablel_avp_modulation,
2876 { "Modulation", "l2tp.cablel.modulation", FT_UINT16, BASE_DEC, VALS(l2tp_cablel_modulation_vals), 0x000f,
2879 { &hf_l2tp_cablel_avp_m,
2880 { "M", "l2tp.cablel.m", FT_UINT16, BASE_DEC, NULL, 0x0,
2883 { &hf_l2tp_cablel_avp_n,
2884 { "N", "l2tp.cablel.n", FT_UINT16, BASE_DEC, NULL, 0x0,
2887 /* Generated from convert_proto_tree_add_text.pl */
2888 { &hf_l2tp_cisco_assigned_control_connection_id, { "Assigned Control Connection ID", "l2tp.cisco.assigned_control_connection_id", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2889 { &hf_l2tp_cisco_pw_type, { "PW Type", "l2tp.cisco.pw_type", FT_UINT16, BASE_DEC, VALS(pw_types_vals), 0x0, NULL, HFILL }},
2890 { &hf_l2tp_cisco_local_session_id, { "Local Session ID", "l2tp.cisco.local_session_id", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2891 { &hf_l2tp_cisco_remote_session_id, { "Remote Session ID", "l2tp.cisco.remote_session_id", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2892 { &hf_l2tp_cisco_assigned_cookie, { "Assigned Cookie", "l2tp.cisco.assigned_cookie", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2893 { &hf_l2tp_cisco_remote_end_id, { "Remote End ID", "l2tp.cisco.remote_end_id", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2894 { &hf_l2tp_cisco_pseudowire_type, { "Pseudowire Type", "l2tp.cisco.pseudowire_type", FT_UINT16, BASE_DEC, VALS(pw_types_vals), 0x0, NULL, HFILL }},
2895 { &hf_l2tp_cisco_circuit_status, { "Circuit Status", "l2tp.cisco.circuit_status", FT_BOOLEAN, 16, TFS(&tfs_up_down), 0x0001, NULL, HFILL }},
2896 { &hf_l2tp_cisco_circuit_type, { "Circuit Type", "l2tp.cisco.circuit_type", FT_BOOLEAN, 16, TFS(&tfs_new_existing), 0x0001, NULL, HFILL }},
2897 { &hf_l2tp_cisco_draft_avp_version, { "Draft AVP Version", "l2tp.cisco.draft_avp_version", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2898 { &hf_l2tp_cisco_message_digest, { "Message Digest", "l2tp.cisco.message_digest", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2899 { &hf_l2tp_cisco_nonce, { "Nonce", "l2tp.cisco.nonce", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2900 { &hf_l2tp_cisco_interface_mtu, { "Interface MTU", "l2tp.cisco.interface_mtu", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2901 { &hf_l2tp_stop_ccn_result_code, { "Result code", "l2tp.result_code", FT_UINT16, BASE_DEC, VALS(result_code_stopccn_vals), 0x0, NULL, HFILL }},
2902 { &hf_l2tp_result_code, { "Result code", "l2tp.result_code", FT_UINT16, BASE_DEC|BASE_EXT_STRING, &result_code_cdn_vals_ext, 0x0, NULL, HFILL }},
2903 { &hf_l2tp_avp_error_code, { "Error code", "l2tp.avp.error_code", FT_UINT16, BASE_DEC, VALS(error_code_vals), 0x0, NULL, HFILL }},
2904 { &hf_l2tp_avp_error_message, { "Error Message", "l2tp.avp.error_message", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2905 { &hf_l2tp_avp_protocol_version, { "Version", "l2tp.avp.protocol_version", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2906 { &hf_l2tp_avp_protocol_revision, { "Revision", "l2tp.avp.protocol_revision", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2907 { &hf_l2tp_avp_async_framing_supported, { "Async Framing Supported", "l2tp.avp.async_framing_supported", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0002, NULL, HFILL }},
2908 { &hf_l2tp_avp_sync_framing_supported, { "Sync Framing Supported", "l2tp.avp.sync_framing_supported", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0001, NULL, HFILL }},
2909 { &hf_l2tp_avp_analog_access_supported, { "Analog Access Supported", "l2tp.avp.analog_access_supported", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0002, NULL, HFILL }},
2910 { &hf_l2tp_avp_digital_access_supported, { "Digital Access Supported", "l2tp.avp.digital_access_supported", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0001, NULL, HFILL }},
2911 { &hf_l2tp_avp_firmware_revision, { "Firmware Revision", "l2tp.avp.firmware_revision", FT_UINT16, BASE_DEC_HEX, NULL, 0x0, NULL, HFILL }},
2912 { &hf_l2tp_avp_host_name, { "Host Name", "l2tp.avp.host_name", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2913 { &hf_l2tp_avp_vendor_name, { "Vendor Name", "l2tp.avp.vendor_name", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2914 { &hf_l2tp_avp_receive_window_size, { "Receive Window Size", "l2tp.avp.receive_window_size", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2915 { &hf_l2tp_avp_chap_challenge, { "CHAP Challenge", "l2tp.avp.chap_challenge", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2916 { &hf_l2tp_avp_cause_code, { "Cause Code", "l2tp.avp.cause_code", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2917 { &hf_l2tp_avp_cause_msg, { "Cause Msg", "l2tp.avp.cause_msg", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2918 { &hf_l2tp_avp_advisory_msg, { "Advisory Msg", "l2tp.avp.advisory_msg", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2919 { &hf_l2tp_avp_chap_challenge_response, { "CHAP Challenge Response", "l2tp.avp.chap_challenge_response", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2920 { &hf_l2tp_avp_call_serial_number, { "Call Serial Number", "l2tp.avp.call_serial_number", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2921 { &hf_l2tp_avp_minimum_bps, { "Minimum BPS", "l2tp.avp.minimum_bps", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2922 { &hf_l2tp_avp_maximum_bps, { "Maximum BPS", "l2tp.avp.maximum_bps", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2923 { &hf_l2tp_avp_analog_bearer_type, { "Analog Bearer Type", "l2tp.avp.analog_bearer_type", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0002, NULL, HFILL }},
2924 { &hf_l2tp_avp_digital_bearer_type, { "Digital Bearer Type", "l2tp.avp.digital_bearer_type", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0001, NULL, HFILL }},
2925 { &hf_l2tp_avp_async_framing_type, { "Async Framing Type", "l2tp.avp.async_framing_type", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0002, NULL, HFILL }},
2926 { &hf_l2tp_avp_sync_framing_type, { "Sync Framing Type", "l2tp.avp.sync_framing_type", FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0001, NULL, HFILL }},
2927 { &hf_l2tp_avp_sub_address, { "Sub-Address", "l2tp.avp.sub_address", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2928 { &hf_l2tp_avp_connect_speed, { "Connect Speed", "l2tp.avp.connect_speed", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2929 { &hf_l2tp_avp_physical_channel, { "Physical Channel", "l2tp.avp.physical_channel", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2930 { &hf_l2tp_avp_initial_received_lcp_confreq, { "Initial Received LCP CONFREQ", "l2tp.avp.initial_received_lcp_confreq", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2931 { &hf_l2tp_avp_last_sent_lcp_confreq, { "Last Sent LCP CONFREQ", "l2tp.avp.last_sent_lcp_confreq", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2932 { &hf_l2tp_avp_last_received_lcp_confreq, { "Last Received LCP CONFREQ", "l2tp.avp.last_received_lcp_confreq", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2933 { &hf_l2tp_avp_proxy_authen_type, { "Proxy Authen Type", "l2tp.avp.proxy_authen_type", FT_UINT16, BASE_DEC, VALS(authen_type_vals), 0x0, NULL, HFILL }},
2934 { &hf_l2tp_avp_proxy_authen_name, { "Proxy Authen Name", "l2tp.avp.proxy_authen_name", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2935 { &hf_l2tp_avp_proxy_authen_challenge, { "Proxy Authen Challenge", "l2tp.avp.proxy_authen_challenge", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2936 { &hf_l2tp_avp_proxy_authen_id, { "Proxy Authen ID", "l2tp.avp.proxy_authen_id", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2937 { &hf_l2tp_avp_proxy_authen_response, { "Proxy Authen Response", "l2tp.avp.proxy_authen_response", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2938 { &hf_l2tp_avp_crc_errors, { "CRC Errors", "l2tp.avp.crc_errors", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2939 { &hf_l2tp_avp_framing_errors, { "Framing Errors", "l2tp.avp.framing_errors", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2940 { &hf_l2tp_avp_hardware_overruns, { "Hardware Overruns", "l2tp.avp.hardware_overruns", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2941 { &hf_l2tp_avp_buffer_overruns, { "Buffer Overruns", "l2tp.avp.buffer_overruns", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2942 { &hf_l2tp_avp_time_out_errors, { "Time-out Errors", "l2tp.avp.time_out_errors", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2943 { &hf_l2tp_avp_alignment_errors, { "Alignment Errors", "l2tp.avp.alignment_errors", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2944 { &hf_l2tp_avp_send_accm, { "Send ACCM", "l2tp.avp.send_accm", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2945 { &hf_l2tp_avp_receive_accm, { "Receive ACCM", "l2tp.avp.receive_accm", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2946 { &hf_l2tp_avp_random_vector, { "Random Vector", "l2tp.avp.random_vector", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2947 { &hf_l2tp_avp_private_group_id, { "Private Group ID", "l2tp.avp.private_group_id", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2948 { &hf_l2tp_avp_rx_connect_speed, { "Rx Connect Speed", "l2tp.avp.rx_connect_speed", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2949 { &hf_l2tp_avp_disconnect_code, { "Disconnect Code", "l2tp.avp.disconnect_code", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2950 { &hf_l2tp_avp_control_protocol_number, { "Control Protocol Number", "l2tp.avp.control_protocol_number", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2951 { &hf_l2tp_avp_cause_code_direction, { "Direction", "l2tp.avp.cause_code_direction", FT_UINT8, BASE_DEC, VALS(cause_code_direction_vals), 0x0, NULL, HFILL }},
2952 { &hf_l2tp_avp_cause_code_message, { "Message", "l2tp.avp.cause_code_message", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2953 { &hf_l2tp_avp_message_digest, { "Message Digest", "l2tp.avp.message_digest", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2954 { &hf_l2tp_avp_router_id, { "Router ID", "l2tp.avp.router_id", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2955 { &hf_l2tp_avp_pw_type, { "PW Type", "l2tp.avp.pw_type", FT_UINT16, BASE_DEC, VALS(pw_types_vals), 0x0, NULL, HFILL }},
2956 { &hf_l2tp_avp_assigned_cookie, { "Assigned Cookie", "l2tp.avp.assigned_cookie", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2957 { &hf_l2tp_avp_remote_end_id, { "Remote End ID", "l2tp.avp.remote_end_id", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2958 { &hf_l2tp_avp_pseudowire_type, { "Pseudowire Type", "l2tp.avp.pseudowire_type", FT_UINT16, BASE_DEC, VALS(pw_types_vals), 0x0, NULL, HFILL }},
2959 { &hf_l2tp_avp_layer2_specific_sublayer, { "Layer2 Specific Sublayer", "l2tp.avp.layer2_specific_sublayer", FT_UINT16, BASE_DEC, VALS(l2_sublayer_vals), 0x0, NULL, HFILL }},
2960 { &hf_l2tp_avp_data_sequencing, { "Data Sequencing", "l2tp.avp.data_sequencing", FT_UINT16, BASE_DEC, VALS(data_sequencing_vals), 0x0, NULL, HFILL }},
2961 { &hf_l2tp_avp_circuit_status, { "Circuit Status", "l2tp.avp.circuit_status", FT_BOOLEAN, 16, TFS(&tfs_up_down), 0x0001, NULL, HFILL }},
2962 { &hf_l2tp_avp_circuit_type, { "Circuit Type", "l2tp.avp.circuit_type", FT_BOOLEAN, 16, TFS(&tfs_new_existing), 0x0002, NULL, HFILL }},
2963 { &hf_l2tp_avp_preferred_language, { "Preferred Language", "l2tp.avp.preferred_language", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2964 { &hf_l2tp_avp_nonce, { "Nonce", "l2tp.avp.nonce", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2965 { &hf_l2tp_avp_tx_connect_speed_v3, { "Tx Connect Speed v3", "l2tp.avp.tx_connect_speed_v3", FT_UINT64, BASE_HEX, NULL, 0x0, NULL, HFILL }},
2966 { &hf_l2tp_avp_rx_connect_speed_v3, { "Rx Connect Speed v3", "l2tp.avp.rx_connect_speed_v3", FT_UINT64, BASE_HEX, NULL, 0x0, NULL, HFILL }},
2967 { &hf_l2tp_lapd_info, { "LAPD info", "l2tp.lapd_info", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2968 { &hf_l2tp_session_id, { "Packet Type", "l2tp.session_id", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
2969 { &hf_l2tp_zero_length_bit_message, { "Zero Length Bit message", "l2tp.zero_length_bit_message", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2970 { &hf_l2tp_offset_padding, { "Offset Padding", "l2tp.offset_padding", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }},
2973 static gint *ett[] = {
2982 static ei_register_info ei[] = {
2983 { &ei_l2tp_incorrect_digest, { "l2tp.incorrect_digest", PI_CHECKSUM, PI_WARN, "Incorrect Digest", EXPFILL }},
2984 /* Generated from convert_proto_tree_add_text.pl */
2985 { &ei_l2tp_vendor_specific_avp_data, { "l2tp.vendor_specific_avp_data", PI_UNDECODED, PI_WARN, "Vendor-Specific AVP data", EXPFILL }},
2986 { &ei_l2tp_avp_length, { "l2tp.avp_length.bad", PI_MALFORMED, PI_ERROR, "Bad AVP length", EXPFILL }},
2989 module_t *l2tp_module;
2990 expert_module_t* expert_l2tp;
2992 /* Decode As handling */
2993 static build_valid_func l2tp_da_build_value[1] = {l2tp_value};
2994 static decode_as_value_t l2tp_da_values = {l2tp_prompt, 1, l2tp_da_build_value};
2995 static decode_as_t l2tp_da = {"l2tp", "L2TPv3 payload", "l2tp.pw_type", 1, 0, &l2tp_da_values, NULL, NULL,
2996 decode_as_default_populate_list, decode_as_default_reset, decode_as_default_change, NULL};
2998 proto_l2tp = proto_register_protocol(
2999 "Layer 2 Tunneling Protocol", "L2TP", "l2tp");
3000 proto_register_field_array(proto_l2tp, hf, array_length(hf));
3001 proto_register_subtree_array(ett, array_length(ett));
3002 expert_l2tp = expert_register_protocol(proto_l2tp);
3003 expert_register_field_array(expert_l2tp, ei, array_length(ei));
3005 l2tp_vendor_avp_dissector_table = register_dissector_table("l2tp.vendor_avp", "L2TP vendor AVP dissector table", FT_UINT32, BASE_DEC);
3006 pw_type_table = register_dissector_table("l2tp.pw_type", "L2TPv3 payload type", FT_UINT32, BASE_DEC);
3008 l2tp_module = prefs_register_protocol(proto_l2tp, NULL);
3010 prefs_register_enum_preference(l2tp_module,
3012 "L2TPv3 Cookie Size",
3013 "L2TPv3 Cookie Size",
3018 prefs_register_enum_preference(l2tp_module,
3020 "L2TPv3 L2-Specific Sublayer",
3021 "L2TPv3 L2-Specific Sublayer",
3022 &l2tpv3_l2_specific,
3023 l2tpv3_l2_specifics,
3026 prefs_register_obsolete_preference(l2tp_module, "protocol");
3028 prefs_register_string_preference(l2tp_module,"shared_secret","Shared Secret",
3029 "Shared secret used for control message digest authentication",
3032 register_cleanup_routine(l2tp_cleanup);
3033 register_decode_as(&l2tp_da);
3037 proto_reg_handoff_l2tp(void)
3039 dissector_handle_t atm_oam_llc_handle;
3041 l2tp_udp_handle = new_create_dissector_handle(dissect_l2tp_udp, proto_l2tp);
3042 dissector_add_uint("udp.port", UDP_PORT_L2TP, l2tp_udp_handle);
3044 l2tp_ip_handle = create_dissector_handle(dissect_l2tp_ip, proto_l2tp);
3045 dissector_add_uint("ip.proto", IP_PROTO_L2TP, l2tp_ip_handle);
3048 * Get a handle for the PPP-in-HDLC-like-framing dissector.
3050 ppp_hdlc_handle = find_dissector("ppp_hdlc");
3051 ppp_lcp_options_handle = find_dissector("ppp_lcp_options");
3053 /* Register vendor AVP dissector(s)*/
3054 dissector_add_uint("l2tp.vendor_avp", VENDOR_CABLELABS, new_create_dissector_handle(dissect_l2tp_vnd_cablelabs_avps, proto_l2tp));
3058 * Get a handle for the dissectors used in v3.
3060 atm_oam_handle = find_dissector("atm_oam_cell");
3061 llc_handle = find_dissector("llc");
3062 data_handle = find_dissector("data");
3064 atm_oam_llc_handle = new_create_dissector_handle( dissect_atm_oam_llc, proto_l2tp );
3065 dissector_add_uint("l2tp.pw_type", L2TPv3_PROTOCOL_AAL5, atm_oam_llc_handle);
3069 * Editor modelines - http://www.wireshark.org/tools/modelines.html
3074 * indent-tabs-mode: nil
3077 * vi: set shiftwidth=4 tabstop=8 expandtab:
3078 * :indentSize=4:tabSize=8:noTabs=true: