Get rid of the necessity to use a preference to dissect ERSPAN type I packets.

Change-Id: I52c4c1fa5601bc66396f397ad23a9e53285a5926
Reviewed-on: https://code.wireshark.org/review/25463
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

diff --git a/epan/dissectors/packet-cisco-erspan.c b/epan/dissectors/packet-cisco-erspan.c
index 9bf61c6b99006b3a0473e479af58a59a2a702446..1186e12e1d1ab1daca7b0526137c09aeb7efc1aa 100644 (file)
--- a/epan/dissectors/packet-cisco-erspan.c
+++ b/epan/dissectors/packet-cisco-erspan.c
@@ -24,12 +24,13 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  * Protocol Spec:
- *   https://tools.ietf.org/html/draft-foschiano-erspan-01
+ *   https://tools.ietf.org/html/draft-foschiano-erspan-03
  *
  * For ERSPAN packets, the "protocol type" field value in the GRE header
- * is 0x88BE (version 1) or 0x22EB (version 2).
- *   ERSPAN type II is version 1
- *   ERSPAN type III is version 2
+ * is 0x88BE (types I and II) or 0x22EB (type III).
+ *   ERSPAN type I   has no extra gre header bytes (all flags 0), e.g. Broadcom Trident 2 ASIC
+ *   ERSPAN type II  has version = 1
+ *   ERSPAN type III has version = 2
  */
 
 #include "config.h"
@@ -88,9 +89,6 @@ static expert_field ei_erspan_version_unknown = EI_INIT;
 #define PROTO_SHORT_NAME "ERSPAN"
 #define PROTO_LONG_NAME "Encapsulated Remote Switch Packet ANalysis"
 
-/* Global ERSPAN Preference */
-static gboolean pref_fake_erspan = FALSE;
-
 #define ERSPAN_DIRECTION_INCOMING 0
 #define ERSPAN_DIRECTION_OUTGOING 1
 static const value_string erspan_direction_vals[] = {
@@ -154,7 +152,7 @@ dissect_erspan(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _
                erspan_tree = proto_item_add_subtree(ti, ett_erspan);
        }
 
-       if(pref_fake_erspan) {
+       if(pinfo->flags.in_erspan_i) {
                /* Some vendors don't include ERSPAN Header...*/
                eth_tvb = tvb_new_subset_remaining(tvb, offset);
                call_dissector(ethnofcs_handle, eth_tvb, pinfo, tree);
@@ -304,7 +302,6 @@ dissect_erspan(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _
 void
 proto_register_erspan(void)
 {
-       module_t *erspan_module;
        expert_module_t* expert_erspan;
 
        static hf_register_info hf[] = {
@@ -445,15 +442,6 @@ proto_register_erspan(void)
        proto_register_subtree_array(ett, array_length(ett));
        expert_erspan = expert_register_protocol(proto_erspan);
        expert_register_field_array(expert_erspan, ei, array_length(ei));
-
-       /* register dissection preferences */
-       erspan_module = prefs_register_protocol(proto_erspan, NULL);
-
-       prefs_register_bool_preference(erspan_module, "fake_erspan",
-                               "FORCE to decode fake ERSPAN frame",
-                               "When set, dissector will FORCE to decode directly Ethernet Frame"
-                               "Some vendor use fake ERSPAN frame (with not ERSPAN Header)",
-                               &pref_fake_erspan);
 }
 
 void

diff --git a/epan/dissectors/packet-gre.c b/epan/dissectors/packet-gre.c
index 5d9e58b953577a89a9acd8ec895404c5b1565d20..9fe6aa0016c99de97fd187c07a54858194f1245e 100644 (file)
--- a/epan/dissectors/packet-gre.c
+++ b/epan/dissectors/packet-gre.c
@@ -129,7 +129,7 @@ const value_string gre_typevals[] = {
     { GRE_CISCO_CDP,       "CDP (Cisco)"},
     { GRE_NHRP,            "NHRP"},
     { GRE_ERSPAN_88BE,     "ERSPAN"},
-    { GRE_ERSPAN_22EB,     "ERSPAN"},
+    { GRE_ERSPAN_22EB,     "ERSPAN III"},
     { GRE_MIKROTIK_EOIP,   "MIKROTIK EoIP"},
     { GRE_AIROHIVE,        "AIROHIVE AP AP"},
     { ETHERTYPE_IPX,       "IPX"},
@@ -494,6 +494,9 @@ dissect_gre(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
         if (type == ETHERTYPE_3GPP2) {
             offset = dissect_gre_3gpp2_attribs(tvb, offset, gre_tree);
         }
+        if (type == GRE_ERSPAN_88BE && !(flags_and_ver & GRE_SEQUENCE)) {
+            pinfo->flags.in_erspan_i = TRUE;
+        }
 
         proto_item_set_len(ti, offset);
 

diff --git a/epan/packet_info.h b/epan/packet_info.h
index 5a8a076c6e9689a53f5d34a036166d937d6c792c..b010f3bb5e679aed12f63e2303bf8b2a918d1215 100644 (file)
--- a/epan/packet_info.h
+++ b/epan/packet_info.h
@@ -77,6 +77,7 @@ typedef struct _packet_info {
   struct {
     guint32 in_error_pkt:1;         /**< TRUE if we're inside an {ICMP,CLNP,...} error packet */
     guint32 in_gre_pkt:1;           /**< TRUE if we're encapsulated inside a GRE packet */
+    guint32 in_erspan_i:1;          /**< TRUE if we're encapsulated inside an ERSPAN type I packet */
   } flags;
   port_type ptype;                  /**< type of the following two port numbers */
   guint32 srcport;                  /**< source port */