2 * Routines for MTP2 dissection
3 * It is hopefully (needs testing) compliant to
4 * ITU-T Q.703 and Q.703 Annex A.
6 * Copyright 2001, 2004 Michael Tuexen <tuexen [AT] fh-muenster.de>
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * Copied from packet-m2pa.c
14 * This program is free software; you can redistribute it and/or
15 * modify it under the terms of the GNU General Public License
16 * as published by the Free Software Foundation; either version 2
17 * of the License, or (at your option) any later version.
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
31 #include <epan/packet.h>
32 #include <epan/prefs.h>
33 #include <epan/crc16-tvb.h>
34 #include <epan/expert.h>
35 #include <wiretap/wtap.h>
37 void proto_register_mtp2(void);
38 void proto_reg_handoff_mtp2(void);
40 static dissector_handle_t mtp2_handle;
42 /* Initialize the protocol and registered fields */
43 static int proto_mtp2 = -1;
44 static int hf_mtp2_bsn = -1;
45 static int hf_mtp2_ext_bsn = -1;
46 static int hf_mtp2_ext_res = -1;
47 static int hf_mtp2_bib = -1;
48 static int hf_mtp2_ext_bib = -1;
49 static int hf_mtp2_fsn = -1;
50 static int hf_mtp2_ext_fsn = -1;
51 static int hf_mtp2_fib = -1;
52 static int hf_mtp2_ext_fib = -1;
53 static int hf_mtp2_li = -1;
54 static int hf_mtp2_ext_li = -1;
55 static int hf_mtp2_spare = -1;
56 static int hf_mtp2_ext_spare = -1;
57 static int hf_mtp2_sf = -1;
58 static int hf_mtp2_sf_extra = -1;
59 static int hf_mtp2_fcs_16 = -1;
61 static expert_field ei_mtp2_checksum_error = EI_INIT;
63 /* Initialize the subtree pointers */
64 static gint ett_mtp2 = -1;
66 static dissector_handle_t mtp3_handle;
67 static gboolean use_extended_sequence_numbers_default = FALSE;
69 #define BSN_BIB_LENGTH 1
70 #define FSN_FIB_LENGTH 1
72 #define HEADER_LENGTH (BSN_BIB_LENGTH + FSN_FIB_LENGTH + LI_LENGTH)
74 #define EXTENDED_BSN_BIB_LENGTH 2
75 #define EXTENDED_FSN_FIB_LENGTH 2
76 #define EXTENDED_LI_LENGTH 2
77 #define EXTENDED_HEADER_LENGTH (EXTENDED_BSN_BIB_LENGTH + EXTENDED_FSN_FIB_LENGTH + EXTENDED_LI_LENGTH)
79 #define BSN_BIB_OFFSET 0
80 #define FSN_FIB_OFFSET (BSN_BIB_OFFSET + BSN_BIB_LENGTH)
81 #define LI_OFFSET (FSN_FIB_OFFSET + FSN_FIB_LENGTH)
82 #define SIO_OFFSET (LI_OFFSET + LI_LENGTH)
84 #define EXTENDED_BSN_BIB_OFFSET 0
85 #define EXTENDED_FSN_FIB_OFFSET (EXTENDED_BSN_BIB_OFFSET + EXTENDED_BSN_BIB_LENGTH)
86 #define EXTENDED_LI_OFFSET (EXTENDED_FSN_FIB_OFFSET + EXTENDED_FSN_FIB_LENGTH)
87 #define EXTENDED_SIO_OFFSET (EXTENDED_LI_OFFSET + EXTENDED_LI_LENGTH)
94 #define SPARE_MASK 0xc0
96 #define EXTENDED_BSN_MASK 0x0fff
97 #define EXTENDED_RES_MASK 0x7000
98 #define EXTENDED_BIB_MASK 0x8000
99 #define EXTENDED_FSN_MASK 0x0fff
100 #define EXTENDED_FIB_MASK 0x8000
101 #define EXTENDED_LI_MASK 0x01ff
102 #define EXTENDED_SPARE_MASK 0xfe00
105 dissect_mtp2_header(tvbuff_t *su_tvb, proto_item *mtp2_tree, gboolean use_extended_sequence_numbers)
108 if (use_extended_sequence_numbers) {
109 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_bsn, su_tvb, EXTENDED_BSN_BIB_OFFSET, EXTENDED_BSN_BIB_LENGTH, ENC_LITTLE_ENDIAN);
110 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_res, su_tvb, EXTENDED_BSN_BIB_OFFSET, EXTENDED_BSN_BIB_LENGTH, ENC_LITTLE_ENDIAN);
111 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_bib, su_tvb, EXTENDED_BSN_BIB_OFFSET, EXTENDED_BSN_BIB_LENGTH, ENC_LITTLE_ENDIAN);
112 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_fsn, su_tvb, EXTENDED_FSN_FIB_OFFSET, EXTENDED_FSN_FIB_LENGTH, ENC_LITTLE_ENDIAN);
113 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_res, su_tvb, EXTENDED_BSN_BIB_OFFSET, EXTENDED_BSN_BIB_LENGTH, ENC_LITTLE_ENDIAN);
114 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_fib, su_tvb, EXTENDED_FSN_FIB_OFFSET, EXTENDED_FSN_FIB_LENGTH, ENC_LITTLE_ENDIAN);
115 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_li, su_tvb, EXTENDED_LI_OFFSET, EXTENDED_LI_LENGTH, ENC_LITTLE_ENDIAN);
116 proto_tree_add_item(mtp2_tree, hf_mtp2_ext_spare, su_tvb, EXTENDED_LI_OFFSET, EXTENDED_LI_LENGTH, ENC_LITTLE_ENDIAN);
118 proto_tree_add_item(mtp2_tree, hf_mtp2_bsn, su_tvb, BSN_BIB_OFFSET, BSN_BIB_LENGTH, ENC_LITTLE_ENDIAN);
119 proto_tree_add_item(mtp2_tree, hf_mtp2_bib, su_tvb, BSN_BIB_OFFSET, BSN_BIB_LENGTH, ENC_LITTLE_ENDIAN);
120 proto_tree_add_item(mtp2_tree, hf_mtp2_fsn, su_tvb, FSN_FIB_OFFSET, FSN_FIB_LENGTH, ENC_LITTLE_ENDIAN);
121 proto_tree_add_item(mtp2_tree, hf_mtp2_fib, su_tvb, FSN_FIB_OFFSET, FSN_FIB_LENGTH, ENC_LITTLE_ENDIAN);
122 proto_tree_add_item(mtp2_tree, hf_mtp2_li, su_tvb, LI_OFFSET, LI_LENGTH, ENC_LITTLE_ENDIAN);
123 proto_tree_add_item(mtp2_tree, hf_mtp2_spare, su_tvb, LI_OFFSET, LI_LENGTH, ENC_LITTLE_ENDIAN);
128 *******************************************************************************
129 * DETAILS : Calculate a new FCS-16 given the current FCS-16 and the new data.
130 *******************************************************************************
133 mtp2_fcs16(tvbuff_t * tvbuff)
135 guint len = tvb_reported_length(tvbuff)-2;
137 /* Check for Invalid Length */
140 return crc16_ccitt_tvb(tvbuff, len);
144 * This function for CRC16 only is based on the decode_fcs of packet_ppp.c
147 mtp2_decode_crc16(tvbuff_t *tvb, proto_tree *fh_tree, packet_info *pinfo)
150 gint len, reported_len;
158 * Do we have the entire packet, and does it include a 2-byte FCS?
160 len = tvb_reported_length_remaining(tvb, proto_offset);
161 reported_len = tvb_reported_length_remaining(tvb, proto_offset);
162 if (reported_len < 2 || len < 0) {
164 * The packet is claimed not to even have enough data for a 2-byte FCS,
165 * or we're already past the end of the captured data.
166 * Don't slice anything off.
168 next_tvb = tvb_new_subset_remaining(tvb, proto_offset);
169 } else if (len < reported_len) {
171 * The packet is claimed to have enough data for a 2-byte FCS, but
172 * we didn't capture all of the packet.
173 * Slice off the 2-byte FCS from the reported length, and trim the
174 * captured length so it's no more than the reported length; that
175 * will slice off what of the FCS, if any, is in the captured
179 if (len > reported_len)
181 next_tvb = tvb_new_subset(tvb, proto_offset, len, reported_len);
184 * We have the entire packet, and it includes a 2-byte FCS.
189 next_tvb = tvb_new_subset(tvb, proto_offset, len, reported_len);
192 * Compute the FCS and put it into the tree.
194 rx_fcs_offset = proto_offset + len;
195 rx_fcs_exp = mtp2_fcs16(tvb);
196 rx_fcs_got = tvb_get_letohs(tvb, rx_fcs_offset);
197 cause=proto_tree_add_item(fh_tree, hf_mtp2_fcs_16, tvb, rx_fcs_offset, 2, ENC_LITTLE_ENDIAN);
198 if (rx_fcs_got != rx_fcs_exp) {
199 proto_item_append_text(cause, " [incorrect, should be 0x%04x]", rx_fcs_exp);
200 expert_add_info(pinfo, cause, &ei_mtp2_checksum_error);
202 proto_item_append_text(cause, " [correct]");
210 dissect_mtp2_fisu(packet_info *pinfo)
212 col_set_str(pinfo->cinfo, COL_INFO, "FISU ");
215 static const value_string status_field_vals[] = {
216 { 0x0, "Status Indication O" },
217 { 0x1, "Status Indication N" },
218 { 0x2, "Status Indication E" },
219 { 0x3, "Status Indication OS" },
220 { 0x4, "Status Indication PO" },
221 { 0x5, "Status Indication B" },
225 /* Same as above but in acronym form (for the Info column) */
226 static const value_string status_field_acro_vals[] = {
236 #define SF_OFFSET (LI_OFFSET + LI_LENGTH)
237 #define EXTENDED_SF_OFFSET (EXTENDED_LI_OFFSET + EXTENDED_LI_LENGTH)
240 #define SF_EXTRA_OFFSET (SF_OFFSET + SF_LENGTH)
241 #define EXTENDED_SF_EXTRA_OFFSET (EXTENDED_SF_OFFSET + SF_LENGTH)
242 #define SF_EXTRA_LENGTH 1
245 dissect_mtp2_lssu(tvbuff_t *su_tvb, packet_info *pinfo, proto_item *mtp2_tree,
246 gboolean use_extended_sequence_numbers)
249 guint8 sf_offset, sf_extra_offset;
251 if (use_extended_sequence_numbers) {
252 sf_offset = EXTENDED_SF_OFFSET;
253 sf_extra_offset = EXTENDED_SF_EXTRA_OFFSET;
255 sf_offset = SF_OFFSET;
256 sf_extra_offset = SF_EXTRA_OFFSET;
259 proto_tree_add_item(mtp2_tree, hf_mtp2_sf, su_tvb, sf_offset, SF_LENGTH, ENC_LITTLE_ENDIAN);
260 sf = tvb_get_guint8(su_tvb, SF_OFFSET);
262 /* If the LI is 2 then there is an extra octet following the standard SF
263 * field but it is not defined what this octet is.
264 * (In any case the first byte of the SF always has the same meaning.)
266 if ((tvb_get_guint8(su_tvb, LI_OFFSET) & LI_MASK) == 2)
267 proto_tree_add_item(mtp2_tree, hf_mtp2_sf_extra, su_tvb, sf_extra_offset, SF_EXTRA_LENGTH, ENC_LITTLE_ENDIAN);
269 col_set_str(pinfo->cinfo, COL_INFO, val_to_str_const(sf, status_field_acro_vals, "Unknown"));
273 dissect_mtp2_msu(tvbuff_t *su_tvb, packet_info *pinfo, proto_item *mtp2_item,
274 proto_item *tree, gboolean use_extended_sequence_numbers)
277 tvbuff_t *sif_sio_tvb;
279 col_set_str(pinfo->cinfo, COL_INFO, "MSU ");
281 if (use_extended_sequence_numbers) {
282 sif_sio_length = tvb_reported_length(su_tvb) - EXTENDED_HEADER_LENGTH;
283 sif_sio_tvb = tvb_new_subset_length(su_tvb, EXTENDED_SIO_OFFSET, sif_sio_length);
285 sif_sio_length = tvb_reported_length(su_tvb) - HEADER_LENGTH;
286 sif_sio_tvb = tvb_new_subset_length(su_tvb, SIO_OFFSET, sif_sio_length);
288 call_dissector(mtp3_handle, sif_sio_tvb, pinfo, tree);
291 if (use_extended_sequence_numbers)
292 proto_item_set_len(mtp2_item, EXTENDED_HEADER_LENGTH);
294 proto_item_set_len(mtp2_item, HEADER_LENGTH);
299 dissect_mtp2_su(tvbuff_t *su_tvb, packet_info *pinfo, proto_item *mtp2_item,
300 proto_item *mtp2_tree, proto_tree *tree, gboolean validate_crc,
301 gboolean use_extended_sequence_numbers)
304 tvbuff_t *next_tvb = NULL;
306 dissect_mtp2_header(su_tvb, mtp2_tree, use_extended_sequence_numbers);
308 next_tvb = mtp2_decode_crc16(su_tvb, mtp2_tree, pinfo);
310 if (use_extended_sequence_numbers)
311 li = tvb_get_letohs(su_tvb, EXTENDED_LI_OFFSET) & EXTENDED_LI_MASK;
313 li = tvb_get_guint8(su_tvb, LI_OFFSET) & LI_MASK;
316 dissect_mtp2_fisu(pinfo);
321 dissect_mtp2_lssu(next_tvb, pinfo, mtp2_tree, use_extended_sequence_numbers);
323 dissect_mtp2_lssu(su_tvb, pinfo, mtp2_tree, use_extended_sequence_numbers);
326 /* In some capture files (like .rf5), CRC are not present */
327 /* So, to avoid trouble, give the complete buffer if CRC validation is disabled */
329 dissect_mtp2_msu(next_tvb, pinfo, mtp2_item, tree, use_extended_sequence_numbers);
331 dissect_mtp2_msu(su_tvb, pinfo, mtp2_item, tree, use_extended_sequence_numbers);
337 dissect_mtp2_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
338 gboolean validate_crc, gboolean use_extended_sequence_numbers)
340 proto_item *mtp2_item;
341 proto_tree *mtp2_tree;
343 col_set_str(pinfo->cinfo, COL_PROTOCOL, "MTP2");
345 mtp2_item = proto_tree_add_item(tree, proto_mtp2, tvb, 0, -1, ENC_NA);
346 mtp2_tree = proto_item_add_subtree(mtp2_item, ett_mtp2);
348 dissect_mtp2_su(tvb, pinfo, mtp2_item, mtp2_tree, tree, validate_crc,
349 use_extended_sequence_numbers);
352 /* Dissect MTP2 frame without CRC16 and with a pseudo-header */
354 dissect_mtp2_with_phdr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
356 if (pinfo->pseudo_header->mtp2.annex_a_used == MTP2_ANNEX_A_USED_UNKNOWN)
357 dissect_mtp2_common(tvb, pinfo, tree, FALSE, use_extended_sequence_numbers_default);
359 dissect_mtp2_common(tvb, pinfo, tree, FALSE,
360 (pinfo->pseudo_header->mtp2.annex_a_used == MTP2_ANNEX_A_USED));
362 return tvb_captured_length(tvb);
365 /* Dissect MTP2 frame with CRC16 included at end of payload */
367 dissect_mtp2_with_crc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
369 dissect_mtp2_common(tvb, pinfo, tree, TRUE, use_extended_sequence_numbers_default);
370 return tvb_captured_length(tvb);
373 /* Dissect MTP2 frame without CRC16 included at end of payload */
375 dissect_mtp2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
377 dissect_mtp2_common(tvb, pinfo, tree, FALSE, use_extended_sequence_numbers_default);
378 return tvb_captured_length(tvb);
382 proto_register_mtp2(void)
385 static hf_register_info hf[] = {
386 { &hf_mtp2_bsn, { "Backward sequence number", "mtp2.bsn", FT_UINT8, BASE_DEC, NULL, BSN_MASK, NULL, HFILL } },
387 { &hf_mtp2_ext_bsn, { "Backward sequence number", "mtp2.bsn", FT_UINT16, BASE_DEC, NULL, EXTENDED_BSN_MASK, NULL, HFILL } },
388 { &hf_mtp2_ext_res, { "Reserved", "mtp2.res", FT_UINT16, BASE_DEC, NULL, EXTENDED_RES_MASK, NULL, HFILL } },
389 { &hf_mtp2_bib, { "Backward indicator bit", "mtp2.bib", FT_UINT8, BASE_DEC, NULL, BIB_MASK, NULL, HFILL } },
390 { &hf_mtp2_ext_bib, { "Backward indicator bit", "mtp2.bib", FT_UINT16, BASE_DEC, NULL, EXTENDED_BIB_MASK, NULL, HFILL } },
391 { &hf_mtp2_fsn, { "Forward sequence number", "mtp2.fsn", FT_UINT8, BASE_DEC, NULL, FSN_MASK, NULL, HFILL } },
392 { &hf_mtp2_ext_fsn, { "Forward sequence number", "mtp2.fsn", FT_UINT16, BASE_DEC, NULL, EXTENDED_FSN_MASK, NULL, HFILL } },
393 { &hf_mtp2_fib, { "Forward indicator bit", "mtp2.fib", FT_UINT8, BASE_DEC, NULL, FIB_MASK, NULL, HFILL } },
394 { &hf_mtp2_ext_fib, { "Forward indicator bit", "mtp2.fib", FT_UINT16, BASE_DEC, NULL, EXTENDED_FIB_MASK, NULL, HFILL } },
395 { &hf_mtp2_li, { "Length Indicator", "mtp2.li", FT_UINT8, BASE_DEC, NULL, LI_MASK, NULL, HFILL } },
396 { &hf_mtp2_ext_li, { "Length Indicator", "mtp2.li", FT_UINT16, BASE_DEC, NULL, EXTENDED_LI_MASK, NULL, HFILL } },
397 { &hf_mtp2_spare, { "Spare", "mtp2.spare", FT_UINT8, BASE_DEC, NULL, SPARE_MASK, NULL, HFILL } },
398 { &hf_mtp2_ext_spare, { "Spare", "mtp2.spare", FT_UINT16, BASE_DEC, NULL, EXTENDED_SPARE_MASK, NULL, HFILL } },
399 { &hf_mtp2_sf, { "Status field", "mtp2.sf", FT_UINT8, BASE_DEC, VALS(status_field_vals), 0x0, NULL, HFILL } },
400 { &hf_mtp2_sf_extra, { "Status field extra octet", "mtp2.sf_extra", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL } },
401 { &hf_mtp2_fcs_16, { "FCS 16", "mtp2.fcs_16", FT_UINT16, BASE_HEX, NULL, 0x0, NULL, HFILL } },
404 static gint *ett[] = {
408 static ei_register_info ei[] = {
409 { &ei_mtp2_checksum_error, { "mtp2.checksum.error", PI_CHECKSUM, PI_WARN, "MTP2 Frame CheckFCS 16 Error", EXPFILL }},
412 module_t *mtp2_module;
413 expert_module_t* expert_mtp2;
415 proto_mtp2 = proto_register_protocol("Message Transfer Part Level 2", "MTP2", "mtp2");
416 mtp2_handle = new_register_dissector("mtp2", dissect_mtp2, proto_mtp2);
417 new_register_dissector("mtp2_with_crc", dissect_mtp2_with_crc, proto_mtp2);
419 proto_register_field_array(proto_mtp2, hf, array_length(hf));
420 proto_register_subtree_array(ett, array_length(ett));
421 expert_mtp2 = expert_register_protocol(proto_mtp2);
422 expert_register_field_array(expert_mtp2, ei, array_length(ei));
424 mtp2_module = prefs_register_protocol(proto_mtp2, NULL);
425 prefs_register_bool_preference(mtp2_module,
426 "use_extended_sequence_numbers",
427 "Use extended sequence numbers",
428 "Whether the MTP2 dissector should use extended sequence numbers as described in Q.703, Annex A as a default.",
429 &use_extended_sequence_numbers_default);
435 proto_reg_handoff_mtp2(void)
437 dissector_handle_t mtp2_with_phdr_handle;
439 dissector_add_uint("wtap_encap", WTAP_ENCAP_MTP2, mtp2_handle);
440 mtp2_with_phdr_handle = new_create_dissector_handle(dissect_mtp2_with_phdr,
442 dissector_add_uint("wtap_encap", WTAP_ENCAP_MTP2_WITH_PHDR,
443 mtp2_with_phdr_handle);
445 mtp3_handle = find_dissector("mtp3");
449 * Editor modelines - http://www.wireshark.org/tools/modelines.html
454 * indent-tabs-mode: nil
457 * ex: set shiftwidth=2 tabstop=8 expandtab:
458 * :indentSize=2:tabSize=8:noTabs=true:
git.samba.org / metze / wireshark / wip.git / blob