1f869b0aa57085ba49ec479e08da3142d9bf489b
[obnox/wireshark/wip.git] / epan / dissectors / packet-3com-njack.c
1 /* packet-3com-njack.c
2  * Routines for the disassembly of the 3com NetworkJack management protocol
3  *
4  * $Id$
5  *
6  * Copyright 2005 Joerg Mayer (see AUTHORS file)
7  *
8  * Wireshark - Network traffic analyzer
9  * By Gerald Combs <gerald@wireshark.org>
10  * Copyright 1998 Gerald Combs
11  *
12  * This program is free software; you can redistribute it and/or
13  * modify it under the terms of the GNU General Public License
14  * as published by the Free Software Foundation; either version 2
15  * of the License, or (at your option) any later version.
16  *
17  * This program is distributed in the hope that it will be useful,
18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
20  * GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with this program; if not, write to the Free Software
24  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
25  */
26
27 /*
28   TODO:
29   - Find out lots more values :-)
30   - Support for other 3com devices that use the same protocol
31   - Do any devices use TCP or different ports?
32   - Sanity checks for tlv_length depending on tlv_type
33   - Search and fix XXX comments in the code
34   - Proper descriptions in hf_ fields
35
36 Specs:
37         No specs available. All knowledge gained by looking at traffic dumps
38         Packets to Managementstation: PORT_NJACK_PC (5264)
39         Packets to Switch: PORT_NJACK_SWITCH (5265)
40
41         Type 0x00? (localquery):          M -> BC, Magic, type, 'LOCALQUERY'?
42         Type 0x01 (query):                M -> S, Magic, type, 'QUERY'
43         Type 0x02 (query resp):           S -> M, Magic, type, tlv-list (end: ffxx)
44         Type 0x04 ??? (after query resp): M -> S, Magic, type, 0x43AAD406
45         Type 0x07 (set):                  M -> S, Magic, type, length (16 bit be)
46         Type 0x08 (set resp):             S -> M, Magic, type, net length (8 bit), result status
47         Type 0x0b (get):                  M -> S, Magic, type, 00 00 63 ff
48         Type 0x0c (get resp):             S -> M, Magic, type, T(8 bit) L(8 bit) V(L bytes)
49         Type 0x0d (dhcpinfo):             S -> M, Magic, type, tlv, t=00 = last (no length)
50         Type 0x10 (clear counters):       M -> S, Magic, type, 0400
51         Type 0x10 (clear counters resp):  M -> S, Magic, type, 00
52  */
53
54 #ifdef HAVE_CONFIG_H
55 #  include "config.h"
56 #endif
57
58 #include <glib.h>
59 #include <epan/packet.h>
60 #include <epan/emem.h>
61
62
63 /* protocol handles */
64 static int proto_njack = -1;
65
66 /* ett handles */
67 static int ett_njack = -1;
68 static int ett_njack_tlv_header = -1;
69
70 /* hf elements */
71 static int hf_njack_magic = -1;
72 static int hf_njack_type = -1;
73 /* type set/get response */
74 static int hf_njack_tlv_length = -1;
75 static int hf_njack_tlv_data = -1;
76 static int hf_njack_tlv_version = -1;
77 static int hf_njack_tlv_type = -1;
78 static int hf_njack_tlv_typeip = -1;
79 static int hf_njack_tlv_devicemac = -1;
80 static int hf_njack_tlv_snmpwrite = -1;
81 static int hf_njack_tlv_dhcpcontrol = -1;
82 static int hf_njack_tlv_typestring = -1;
83 /* 1st TAB */
84 static int hf_njack_tlv_countermode = -1;
85 static int hf_njack_tlv_scheduling = -1;
86 static int hf_njack_tlv_addtagscheme = -1;
87 static int hf_njack_tlv_portingressmode = -1;
88 static int hf_njack_tlv_maxframesize = -1;
89 static int hf_njack_tlv_powerforwarding = -1;
90 /* type 07: set */
91 static int hf_njack_set_length = -1;
92 static int hf_njack_set_salt = -1;
93 static int hf_njack_set_authdata = -1;
94 /* type 08: set result */
95 static int hf_njack_setresult = -1;
96 /* type 0b: get */
97 /* type 0c: get response */
98 static int hf_njack_getresp_unknown1 = -1;
99
100 #define PROTO_SHORT_NAME "NJACK"
101 #define PROTO_LONG_NAME "3com Network Jack"
102
103 #define PORT_NJACK_PC   5264
104 #define PORT_NJACK_SWITCH       5265
105
106 typedef enum {
107         NJACK_TYPE_QUERY        = 0x01,
108         NJACK_TYPE_QUERYRESP    = 0x02,
109         /* type 0x04 exists - see specs sections */
110         NJACK_TYPE_SET          = 0x07,
111         NJACK_TYPE_SETRESULT    = 0x08,
112
113         NJACK_TYPE_GET          = 0x0b,
114         NJACK_TYPE_GETRESP      = 0x0c,
115
116         NJACK_TYPE_DHCPINFO     = 0x0d,
117
118         NJACK_TYPE_CLEARCOUNTER = 0x10,
119         NJACK_TYPE_COUNTERRESP  = 0x11
120 } njack_type_t;
121
122 static const value_string njack_type_vals[] = {
123         { NJACK_TYPE_SET,               "Set"},
124         { NJACK_TYPE_SETRESULT,         "Set result"},
125         { NJACK_TYPE_QUERY,             "Query (discovery)"},
126         { NJACK_TYPE_QUERYRESP,         "Query response"},
127         { NJACK_TYPE_GET,               "Get"},
128         { NJACK_TYPE_GETRESP,           "Get response"},
129         { NJACK_TYPE_DHCPINFO,          "DHCP info\?\?"},
130         { NJACK_TYPE_CLEARCOUNTER,      "Clear counters\?\?"},
131         { NJACK_TYPE_COUNTERRESP,       "Clear counters response\?\?"},
132
133         { 0,    NULL }
134 };
135
136 typedef enum {
137         NJACK_CMD_STARTOFPARAMS         = 0x00,
138         NJACK_CMD_MACADDRESS            = 0x01,
139         NJACK_CMD_IPADDRESS             = 0x02,
140         NJACK_CMD_NETWORK               = 0x03,
141         NJACK_CMD_MASK                  = 0x04,
142         NJACK_CMD_MAXFRAMESIZE          = 0x05,
143         NJACK_CMD_COUNTERMODE           = 0x06,
144         NJACK_CMD_QUEUEING              = 0x0a,
145         NJACK_CMD_ADDTAGSCHEME          = 0x0b,
146         NJACK_CMD_REMOVETAG             = 0x0c,
147         NJACK_CMD_GROUP                 = 0x0d,
148         NJACK_CMD_LOCATION              = 0x0e,
149         NJACK_CMD_VERSION               = 0x0f,
150         NJACK_CMD_PORT1                 = 0x13,
151         NJACK_CMD_PORT2                 = 0x14,
152         NJACK_CMD_PORT3                 = 0x15,
153         NJACK_CMD_PORT4                 = 0x16,
154         NJACK_CMD_PASSWORD              = 0x19,
155         NJACK_CMD_ENABLESNMPWRITE       = 0x1a,
156         NJACK_CMD_ROCOMMUNITY           = 0x1b,
157         NJACK_CMD_RWCOMMUNITY           = 0x1c,
158         NJACK_CMD_POWERFORWARDING       = 0x1e,
159         NJACK_CMD_DHCPCONTROL           = 0x1f,
160         NJACK_CMD_IPGATEWAY             = 0x20,
161         NJACK_CMD_SNMPTRAP              = 0x23,
162         NJACK_CMD_COLDSTARTTRAP         = 0x26,
163         NJACK_CMD_LINKDOWNTRAP          = 0x27,
164         NJACK_CMD_LINKUPTRAP            = 0x28,
165         NJACK_CMD_AUTHFAILTRAP          = 0x29,
166         NJACK_CMD_PRODUCTNAME           = 0x2a,
167         NJACK_CMD_SERIALNO              = 0x2b,
168         NJACK_CMD_GETALLPARMAMS         = 0x63,
169         NJACK_CMD_ENDOFPACKET           = 0xff
170 } njack_cmd_type_t;
171
172 static const value_string njack_cmd_vals[] = {
173         { NJACK_CMD_STARTOFPARAMS,      "Start of Parameters" },
174         { NJACK_CMD_MACADDRESS,         "MAC address" },
175         { NJACK_CMD_IPADDRESS,          "IP address" },
176         { NJACK_CMD_NETWORK,            "IP network" },
177         { NJACK_CMD_MASK,               "IP netmask" },
178         { NJACK_CMD_MAXFRAMESIZE,       "Max frame size" },
179         { NJACK_CMD_COUNTERMODE,        "Countermode" },
180         { NJACK_CMD_QUEUEING,           "Priority scheduling policy" },
181         { NJACK_CMD_ADDTAGSCHEME,       "Add tag scheme" },
182         { NJACK_CMD_REMOVETAG,          "Remove tag" },
183         { NJACK_CMD_GROUP,              "Device group" },
184         { NJACK_CMD_LOCATION,           "Location" },
185         { NJACK_CMD_VERSION,            "Firmware version" },
186         { NJACK_CMD_PORT1,              "Port 1" },
187         { NJACK_CMD_PORT2,              "Port 2" },
188         { NJACK_CMD_PORT3,              "Port 3" },
189         { NJACK_CMD_PORT4,              "Port 4" },
190         { NJACK_CMD_PASSWORD,           "Device password" },
191         { NJACK_CMD_ENABLESNMPWRITE,    "SNMP write enable" },
192         { NJACK_CMD_ROCOMMUNITY,        "RO community" },
193         { NJACK_CMD_RWCOMMUNITY,        "RW community" },
194         { NJACK_CMD_POWERFORWARDING,    "Port power forwarding" },
195         { NJACK_CMD_DHCPCONTROL,        "DHCP control" },
196         { NJACK_CMD_IPGATEWAY,          "IP gateway" },
197         { NJACK_CMD_SNMPTRAP,           "SNMP trap" },
198         { NJACK_CMD_COLDSTARTTRAP,      "Coldstart trap" },
199         { NJACK_CMD_LINKDOWNTRAP,       "Linkdown trap" },
200         { NJACK_CMD_LINKUPTRAP,         "Linkup trap" },
201         { NJACK_CMD_AUTHFAILTRAP,       "Auth fail trap" },
202         { NJACK_CMD_PRODUCTNAME,        "Product name" },
203         { NJACK_CMD_SERIALNO,           "Serial no" },
204         { NJACK_CMD_GETALLPARMAMS,      "Get all parameters" },
205         { NJACK_CMD_ENDOFPACKET,        "End of packet" },
206
207         { 0,    NULL }
208 };
209
210 typedef enum {
211         NJACK_SETRESULT_SUCCESS         = 0x01,
212         NJACK_SETRESULT_FAILAUTH        = 0xFD
213 } njack_setresult_t;
214
215 static const value_string njack_setresult_vals[] = {
216         { NJACK_SETRESULT_SUCCESS,      "Success" },
217         { NJACK_SETRESULT_FAILAUTH,     "Failauth" },
218
219         { 0,    NULL }
220 };
221
222 /* General settings TAB */
223 static const value_string njack_dhcpcontrol[] = {
224         { 0,    "Disable" },
225         { 1,    "Enable" },
226
227         { 0,    NULL }
228 };
229 /* End General settings TAB */
230
231 /* Port settings TAB */
232 #if 0
233 static const true_false_string tfs_port_state = {
234         "Disable",
235         "Enable"
236 };
237
238 static const true_false_string tfs_port_autoneg = {
239         "Manual",
240         "Auto negotiation"
241 };
242
243 static const true_false_string tfs_port_speed = {
244         "10Mbps",
245         "100Mbps"
246 };
247
248 static const true_false_string tfs_port_duplex = {
249         "halfduplex",
250         "duplex"
251 };
252
253 #endif
254 /* End Port settings TAB */
255
256 /* Hardware Settings TAB */
257 static const value_string njack_scheduling[] = {
258         { 0,    "Weighted fair" },
259         { 1,    "Strict priority" },
260
261         { 0,    NULL }
262 };
263
264 static const value_string njack_addtagscheme[] = {
265         { 0,    "Frames transmitted unmodified" },
266         { 1,    "Add tag to untagged frame" },
267
268         { 0,    NULL }
269 };
270
271 static const value_string njack_portingressmode[] = {
272         { 0,    "Receive unmodified" },
273         { 1,    "Remove tag if present" },
274
275         { 0,    NULL }
276 };
277
278 static const value_string njack_maxframesize[] = {
279         { 0,    "1522 tagged, 1518 untagged" },
280         { 1,    "1535" },
281
282         { 0,    NULL }
283 };
284
285 static const value_string njack_countermode[] = {
286         { 0,    "Count Rx, Tx Good frames" },
287         { 1,    "RX errors, TX collisions" },
288
289         { 0,    NULL }
290 };
291
292 static const value_string njack_powerforwarding[] = {
293         { 1,    "OFF" },
294         { 2,    "ON" },
295         /* XXX find out correct value */
296         { 3,    "802.3af" },
297
298         { 0,    NULL }
299 };
300 /* End Hardware Settings TAB */
301
302 /* SNMP TAB */
303 static const value_string njack_snmpwrite[] = {
304         { 0,    "Disable" },
305         { 1,    "Enable" },
306
307         { 0,    NULL }
308 };
309
310 #if 0
311 static const value_string njack_snmptrap[] = {
312         { 0,    "Disable" },
313         { 1,    "Enable" },
314
315         { 0,    NULL }
316 };
317
318 static const value_string njack_coldstarttrap[] = {
319         { 0,    "Disable" },
320         { 1,    "Enable" },
321
322         { 0,    NULL }
323 };
324
325 static const value_string njack_linkdowntrap[] = {
326         { 0,    "Disable" },
327         { 1,    "Enable" },
328
329         { 0,    NULL }
330 };
331
332 static const value_string njack_linkuptrap[] = {
333         { 0,    "Disable" },
334         { 1,    "Enable" },
335
336         { 0,    NULL }
337 };
338
339 static const value_string njack_authfailtrap[] = {
340         { 0,    "Disable" },
341         { 1,    "Enable" },
342
343         { 0,    NULL }
344 };
345 #endif
346 /* End SNMP TAB */
347
348 static int
349 dissect_portsettings(tvbuff_t *tvb, proto_tree *port_tree, guint32 offset)
350 {
351         /* XXX This is still work in progress, the information here
352          *     may be wrong and is obviously incomplete
353          *  Structure: 8 bytes, total 64 bits.
354          *
355          * Bytes 0-1: select feature
356          *       2-7: feature values
357          *  Feature             Indicator       Valuebit(s)
358          *  ------------------------------------------------------------
359          *  Port Vlan           0x8000          0x0000 0078 0000 (bits: port 4 ... 1)
360          *  Prio (hw queue)     0x4000          0x0000 0006 0000
361          *  MC rate limit       0x1000          0x0000 6000 0000 (0:3, 1:6, 2:12, 3:100%)
362          *  Speed/Duplex        0x0c00          XXX don't know which bit is speed / duplex
363          *                                      0x0000 0800 0000 (duplex 0 half, 1 full)
364          *                                      0x0000 1000 0000 (speed 0 10M, 1 100M)
365          *  Port Ena            0x0100          0x0000 0300 0000 (1 dis, 3 ena)
366          *  Auto neg            0x0008          0x0000 0000 0800 (0 man, 1 auto)
367          *  Vlan number         0x0004          0xff0f 0000 0000 (le)
368          * XXX evaluate the following stuff:
369          *  Flowcontrol         0x0001          0x0000 0000 0200 ???
370          *  Flowcontrol         0x0001          0x0100 83f1 0a00 <- recorded
371          *  Auto Mdi            0x0002          0x0000 0000 0300 (1 man, 2 auto)
372          *  Manual MDI          0x0002          0x0100 8371 0900 <- recorded
373          *  Manual MDI-X        0x0002          0x0100 8371 0800 <- recorded
374          *  Auto MDI-X
375          */
376         proto_tree_add_item(port_tree, hf_njack_tlv_data,
377                 tvb, offset, 8, ENC_NA);
378         return offset;
379 }
380
381 static int
382 dissect_tlvs(tvbuff_t *tvb, proto_tree *njack_tree, guint32 offset)
383 {
384         guint8 tlv_type;
385         guint8 tlv_length;
386         proto_item *tlv_item;
387         proto_item *tlv_tree;
388
389         for (;;) {
390                 tlv_type = tvb_get_guint8(tvb, offset);
391                 /* Special cases that don't have a length field */
392                 if (tlv_type == NJACK_CMD_ENDOFPACKET) {
393                         proto_tree_add_item(njack_tree, hf_njack_tlv_type,
394                                 tvb, offset, 1, ENC_BIG_ENDIAN);
395                         offset += 1;
396                         break;
397                 }
398                 if (tlv_type == NJACK_CMD_GETALLPARMAMS) {
399                         proto_tree_add_item(njack_tree, hf_njack_tlv_type,
400                                 tvb, offset, 1, ENC_BIG_ENDIAN);
401                         offset += 1;
402                         continue;
403                 }
404                 tlv_length = tvb_get_guint8(tvb, offset + 1);
405                 tlv_item = proto_tree_add_text(njack_tree, tvb,
406                         offset, tlv_length + 2,
407                         "T %02x, L %02x: %s",
408                         tlv_type,
409                         tlv_length,
410                         val_to_str(tlv_type, njack_cmd_vals, "Unknown"));
411                 tlv_tree = proto_item_add_subtree(tlv_item,
412                         ett_njack_tlv_header);
413                 proto_tree_add_item(tlv_tree, hf_njack_tlv_type,
414                         tvb, offset, 1, ENC_BIG_ENDIAN);
415                 offset += 1;
416                 proto_tree_add_item(tlv_tree, hf_njack_tlv_length,
417                         tvb, offset, 1, ENC_BIG_ENDIAN);
418                 offset += 1;
419                 switch (tlv_type) {
420                 case NJACK_CMD_STARTOFPARAMS:
421                         break;
422                 case NJACK_CMD_COUNTERMODE:
423                         proto_tree_add_item(tlv_tree, hf_njack_tlv_countermode,
424                                 tvb, offset, 1, ENC_BIG_ENDIAN);
425                         offset += 1;
426                         break;
427                 case NJACK_CMD_QUEUEING:
428                         proto_tree_add_item(tlv_tree, hf_njack_tlv_scheduling,
429                                 tvb, offset, 1, ENC_BIG_ENDIAN);
430                         offset += 1;
431                         break;
432                 case NJACK_CMD_ADDTAGSCHEME:
433                         proto_tree_add_item(tlv_tree, hf_njack_tlv_addtagscheme,
434                                 tvb, offset, 1, ENC_BIG_ENDIAN);
435                         offset += 1;
436                         break;
437                 case NJACK_CMD_REMOVETAG:
438                         proto_tree_add_item(tlv_tree, hf_njack_tlv_portingressmode,
439                                 tvb, offset, 1, ENC_BIG_ENDIAN);
440                         offset += 1;
441                         break;
442                 case NJACK_CMD_MAXFRAMESIZE:
443                         proto_tree_add_item(tlv_tree, hf_njack_tlv_maxframesize,
444                                 tvb, offset, 1, ENC_BIG_ENDIAN);
445                         offset += 1;
446                         break;
447                 case NJACK_CMD_ENABLESNMPWRITE:
448                         proto_tree_add_item(tlv_tree, hf_njack_tlv_snmpwrite,
449                                 tvb, offset, 1, ENC_BIG_ENDIAN);
450                         offset += 1;
451                         break;
452                 case NJACK_CMD_POWERFORWARDING:
453                         proto_tree_add_item(tlv_tree, hf_njack_tlv_powerforwarding,
454                                 tvb, offset, 1, ENC_BIG_ENDIAN);
455                         offset += 1;
456                         break;
457                 case NJACK_CMD_DHCPCONTROL:
458                         proto_tree_add_item(tlv_tree, hf_njack_tlv_dhcpcontrol,
459                                 tvb, offset, 1, ENC_BIG_ENDIAN);
460                         offset += 1;
461                         break;
462                 case NJACK_CMD_MACADDRESS:
463                         proto_tree_add_item(tlv_tree, hf_njack_tlv_devicemac,
464                                 tvb, offset, 6, ENC_NA);
465                         offset += 6;
466                         break;
467                 case NJACK_CMD_VERSION:
468                         /* XXX Don't misuse ip address printing here */
469                         proto_tree_add_item(tlv_tree, hf_njack_tlv_version,
470                                 tvb, offset, 4, ENC_LITTLE_ENDIAN);
471                         offset += 4;
472                         break;
473                 case NJACK_CMD_IPADDRESS:
474                 case NJACK_CMD_NETWORK:
475                 case NJACK_CMD_MASK:
476                 case NJACK_CMD_IPGATEWAY:
477                         proto_tree_add_item(tlv_tree, hf_njack_tlv_typeip,
478                                 tvb, offset, 4, ENC_BIG_ENDIAN);
479                         offset += 4;
480                         break;
481                 case NJACK_CMD_GROUP:
482                 case NJACK_CMD_LOCATION:
483                 case NJACK_CMD_PASSWORD:
484                 case NJACK_CMD_ROCOMMUNITY:
485                 case NJACK_CMD_RWCOMMUNITY:
486                 case 0x25: /* ? */
487                 case NJACK_CMD_PRODUCTNAME:
488                 case NJACK_CMD_SERIALNO:
489                         proto_tree_add_item(tlv_tree, hf_njack_tlv_typestring,
490                                 tvb, offset, tlv_length, ENC_ASCII|ENC_NA);
491                         offset += tlv_length;
492                         break;
493                 case NJACK_CMD_PORT1:
494                 case NJACK_CMD_PORT2:
495                 case NJACK_CMD_PORT3:
496                 case NJACK_CMD_PORT4:
497                         if (tlv_length == 8) {
498                                 dissect_portsettings(tvb, tlv_tree, offset);
499                         }
500                         offset += tlv_length;
501                         break;
502                 default:
503                         if (tlv_length != 0) {
504                                 proto_tree_add_item(tlv_tree, hf_njack_tlv_data,
505                                         tvb, offset, tlv_length, ENC_NA);
506                                 offset += tlv_length;
507                         }
508                         break;
509                 }
510         }
511         return offset;
512 }
513
514 #if 0
515 #include <epan/crypt/crypt-md5.h>
516
517 static gboolean
518 verify_password(tvbuff_t *tvb, const char *password)
519 {
520         /* 1. pad non-terminated password-string to a length of 32 bytes
521          *    (padding: 0x01, 0x02, 0x03...)
522          * 2. Calculate MD5 of padded password and write it to offset 12 of packet
523          * 3. Calculate MD5 of resulting packet and write it to offset 12 of packet
524          */
525
526         gboolean is_valid = TRUE;
527         const guint8    *packetdata;
528         guint32 length;
529         guint8  *workbuffer;
530         guint   i;
531         guint8  byte;
532         md5_state_t md_ctx;
533         md5_byte_t *digest;
534
535         workbuffer=ep_alloc(32);
536         digest=ep_alloc(16);
537
538         length = tvb_get_ntohs(tvb, 6);
539         packetdata = tvb_get_ptr(tvb, 0, length);
540         for (i = 0; i<32 && *password; i++, password++) {
541                 workbuffer[i] = *password;
542         }
543         for (byte = 1; i<32; i++, byte++) {
544                 workbuffer[i] = byte;
545         }
546         md5_init(&md_ctx);
547         md5_append(&md_ctx, workbuffer, 32);
548         md5_finish(&md_ctx, digest);
549         md5_init(&md_ctx);
550         md5_append(&md_ctx, packetdata, 12);
551         md5_append(&md_ctx, digest, 16);
552         md5_append(&md_ctx, packetdata + 28, length - 28);
553         md5_finish(&md_ctx, digest);
554         fprintf(stderr, "Calculated digest: "); /* debugging */
555         for (i = 0; i < 16; i++) {
556                 fprintf(stderr, "%02X", digest[i]); /* debugging */
557                 if (digest[i] != *(packetdata + 12 + i)) {
558                         is_valid = FALSE;
559                         break;
560                 }
561         }
562         fprintf(stderr, " (%d)\n", is_valid); /* debugging */
563
564         return is_valid;
565 }
566 #endif
567
568 static int
569 dissect_njack(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
570 {
571         proto_item *ti;
572         proto_tree *njack_tree = NULL;
573         guint32 offset = 0;
574         guint8 packet_type;
575         guint8 setresult;
576         gint remaining;
577
578         packet_type = tvb_get_guint8(tvb, 5);
579         col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_SHORT_NAME);
580         col_add_str(pinfo->cinfo, COL_INFO, val_to_str(packet_type, njack_type_vals, "Type 0x%02x"));
581
582         if (tree) {
583                 ti = proto_tree_add_item(tree, proto_njack, tvb, offset, -1,
584                     ENC_NA);
585                 njack_tree = proto_item_add_subtree(ti, ett_njack);
586
587                 proto_tree_add_item(njack_tree, hf_njack_magic, tvb, offset, 5,
588                         ENC_ASCII|ENC_NA);
589                 offset += 5;
590
591                 proto_tree_add_item(njack_tree, hf_njack_type, tvb, offset, 1,
592                         ENC_BIG_ENDIAN);
593                 offset += 1;
594                 switch (packet_type) {
595                 case NJACK_TYPE_SET:
596                         /* Type 0x07: S -> M, Magic, type, length (16 bit be) */
597                         proto_tree_add_item(njack_tree, hf_njack_set_length, tvb, offset,
598                                 2, ENC_BIG_ENDIAN);
599                         offset += 2;
600                         proto_tree_add_item(njack_tree, hf_njack_set_salt, tvb, offset,
601                                 4, ENC_LITTLE_ENDIAN);
602                         offset += 4;
603                         proto_tree_add_item(njack_tree, hf_njack_set_authdata, tvb, offset,
604                                 16, ENC_NA);
605                         offset += 16;
606                         offset = dissect_tlvs(tvb, njack_tree, offset);
607                         break;
608                 case NJACK_TYPE_SETRESULT:
609                         /* Type 0x08: M -> S, Magic, type, setresult (8 bit) */
610                         setresult = tvb_get_guint8(tvb, offset);
611                         proto_tree_add_item(njack_tree, hf_njack_setresult, tvb, offset,
612                                 1, ENC_BIG_ENDIAN);
613                         offset += 1;
614                         col_append_fstr(pinfo->cinfo, COL_INFO, ": %s",
615                                         val_to_str(setresult, njack_setresult_vals, "[0x%02x]"));
616                         break;
617                 case NJACK_TYPE_GET:
618                         /* Type 0x0b: S -> M, Magic, type, 00 00 63 ff */
619                         offset = dissect_tlvs(tvb, njack_tree, offset);
620                         break;
621                 case NJACK_TYPE_QUERYRESP:
622                         /* Type 0x02: M -> S, Magic, type, T(8 bit) L(8 bit) V(L bytes) */
623                 case NJACK_TYPE_GETRESP:
624                         /* Type 0x0c: M -> S, Magic, type, T(8 bit) L(8 bit) V(L bytes) */
625                         offset = dissect_tlvs(tvb, njack_tree, offset);
626                         proto_tree_add_item(njack_tree, hf_njack_getresp_unknown1, tvb, offset,
627                                 1, ENC_BIG_ENDIAN);
628                         offset += 1;
629                         break;
630                 case NJACK_TYPE_DHCPINFO: /* not completely understood */
631                 default:
632                         /* Unknown type */
633                         remaining = tvb_reported_length_remaining(tvb, offset);
634                         if (remaining > 0) {
635                                 proto_tree_add_item(njack_tree, hf_njack_tlv_data,
636                                         tvb, offset, remaining, ENC_NA);
637                                 offset += remaining;
638                         }
639                         break;
640                 }
641         }
642         return offset;
643 }
644
645 static gboolean
646 test_njack(tvbuff_t *tvb)
647 {
648         /* We need at least 'NJ200' + 1 Byte packet type */
649         if ( (tvb_length(tvb) < 6) ||
650              (tvb_strncaseeql(tvb, 0, "NJ200", 5) != 0) ) {
651                 return FALSE;
652         }
653         return TRUE;
654 }
655
656 static gboolean
657 dissect_njack_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
658 {
659         if ( !test_njack(tvb) ) {
660                 return FALSE;
661         }
662         dissect_njack(tvb, pinfo, tree);
663         return TRUE;
664 }
665
666 static int
667 dissect_njack_static(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
668 {
669         if ( !test_njack(tvb) ) {
670                 return 0;
671         }
672         return dissect_njack(tvb, pinfo, tree);
673 }
674
675 void
676 proto_register_njack(void)
677 {
678         static hf_register_info hf[] = {
679
680         /* NJACK header */
681                 { &hf_njack_magic,
682                 { "Magic",      "njack.magic", FT_STRING, BASE_NONE, NULL,
683                         0x0, NULL, HFILL }},
684
685                 { &hf_njack_type,
686                 { "Type",       "njack.type", FT_UINT8, BASE_HEX, NULL,
687                         0x0, NULL, HFILL }},
688
689         /* TLV fields */
690                 { &hf_njack_tlv_type,
691                 { "TlvType",    "njack.tlv.type", FT_UINT8, BASE_HEX, VALS(njack_cmd_vals),
692                         0x0, NULL, HFILL }},
693
694                 { &hf_njack_tlv_length,
695                 { "TlvLength",  "njack.tlv.length", FT_UINT8, BASE_HEX, NULL,
696                         0x0, NULL, HFILL }},
697
698                 { &hf_njack_tlv_data,
699                 { "TlvData",   "njack.tlv.data", FT_BYTES, BASE_NONE, NULL,
700                         0x0, NULL, HFILL }},
701
702                 { &hf_njack_tlv_version,
703                 { "TlvFwVersion",   "njack.tlv.version", FT_IPv4, BASE_NONE, NULL,
704                         0x0, NULL, HFILL }},
705
706                 { &hf_njack_tlv_snmpwrite,
707                 { "TlvTypeSnmpwrite",   "njack.tlv.snmpwrite", FT_UINT8, BASE_DEC, VALS(njack_snmpwrite),
708                         0x0, NULL, HFILL }},
709
710                 { &hf_njack_tlv_dhcpcontrol,
711                 { "TlvTypeDhcpControl",   "njack.tlv.dhcpcontrol", FT_UINT8, BASE_DEC, VALS(njack_dhcpcontrol),
712                         0x0, NULL, HFILL }},
713
714                 { &hf_njack_tlv_devicemac,
715                 { "TlvTypeDeviceMAC",   "njack.tlv.devicemac", FT_ETHER, BASE_NONE, NULL,
716                         0x0, NULL, HFILL }},
717
718                 /* XXX dummy entries, to be replaced */
719                 { &hf_njack_tlv_typeip,
720                 { "TlvTypeIP",   "njack.tlv.typeip", FT_IPv4, BASE_NONE, NULL,
721                         0x0, NULL, HFILL }},
722
723                 { &hf_njack_tlv_typestring,
724                 { "TlvTypeString",   "njack.tlv.typestring", FT_STRING, BASE_NONE, NULL,
725                         0x0, NULL, HFILL }},
726
727                 /* 1st tab */
728                 { &hf_njack_tlv_scheduling,
729                 { "TlvTypeScheduling",   "njack.tlv.scheduling", FT_UINT8, BASE_DEC, VALS(njack_scheduling),
730                         0x0, NULL, HFILL }},
731
732                 { &hf_njack_tlv_addtagscheme,
733                 { "TlvAddTagScheme",   "njack.tlv.addtagscheme", FT_UINT8, BASE_DEC, VALS(njack_addtagscheme),
734                         0x0, NULL, HFILL }},
735
736                 { &hf_njack_tlv_portingressmode,
737                 { "TlvTypePortingressmode",   "njack.tlv.portingressmode", FT_UINT8, BASE_DEC, VALS(njack_portingressmode),
738                         0x0, NULL, HFILL }},
739
740                 { &hf_njack_tlv_maxframesize,
741                 { "TlvTypeMaxframesize",   "njack.tlv.maxframesize", FT_UINT8, BASE_DEC, VALS(njack_maxframesize),
742                         0x0, NULL, HFILL }},
743
744                 { &hf_njack_tlv_countermode,
745                 { "TlvTypeCountermode",   "njack.tlv.countermode", FT_UINT8, BASE_DEC, VALS(njack_countermode),
746                         0x0, NULL, HFILL }},
747
748                 { &hf_njack_tlv_powerforwarding,
749                 { "TlvTypePowerforwarding",   "njack.tlv.powerforwarding", FT_UINT8, BASE_DEC, VALS(njack_powerforwarding),
750                         0x0, NULL, HFILL }},
751
752         /* Type 0x07: set */
753                 { &hf_njack_set_length,
754                 { "SetLength",  "njack.set.length", FT_UINT16, BASE_HEX, NULL,
755                         0x0, NULL, HFILL }},
756
757                 { &hf_njack_set_salt,
758                 { "Salt",       "njack.set.salt", FT_UINT32, BASE_HEX, NULL,
759                         0x0, NULL, HFILL }},
760
761                 { &hf_njack_set_authdata,
762                 { "Authdata",   "njack.tlv.authdata", FT_BYTES, BASE_NONE, NULL,
763                         0x0, NULL, HFILL }},
764
765         /* Type 0x08: set result */
766                 { &hf_njack_setresult,
767                 { "SetResult",   "njack.setresult", FT_UINT8, BASE_HEX, VALS(njack_setresult_vals),
768                         0x0, NULL, HFILL }},
769
770         /* Type 0x0b get */
771
772         /* Type 0x0c get response */
773                 { &hf_njack_getresp_unknown1,
774                 { "Unknown1",   "njack.getresp.unknown1", FT_UINT8, BASE_HEX, NULL,
775                         0x0, NULL, HFILL }},
776
777         };
778         static gint *ett[] = {
779                 &ett_njack,
780                 &ett_njack_tlv_header,
781         };
782
783         proto_njack = proto_register_protocol(PROTO_LONG_NAME, PROTO_SHORT_NAME, "njack");
784         proto_register_field_array(proto_njack, hf, array_length(hf));
785         proto_register_subtree_array(ett, array_length(ett));
786 }
787
788 void
789 proto_reg_handoff_njack(void)
790 {
791         dissector_handle_t njack_handle;
792
793         njack_handle = new_create_dissector_handle(dissect_njack_static, proto_njack);
794         dissector_add_uint("udp.port", PORT_NJACK_PC, njack_handle);
795         /* dissector_add_uint("tcp.port", PORT_NJACK_PC, njack_handle); */
796         dissector_add_uint("udp.port", PORT_NJACK_SWITCH, njack_handle);
797         /* dissector_add_uint("tcp.port", PORT_NJACK_SWITCH, njack_handle); */
798
799         heur_dissector_add("udp", dissect_njack_heur, proto_njack);
800         /* heur_dissector_add("tcp", dissect_njack_heur, proto_njack); */
801 }
802