2 * Routines for Frame Relay dissection
4 * Copyright 2001, Paul Ionescu <paul@acorp.ro>
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 * http://www.protocols.com/pbook/frame.htm
29 * http://www.mplsforum.org/frame/Approved/FRF.3/FRF.3.2.pdf
30 * ITU Recommendations Q.922 and Q.933
34 * http://www.trillium.com/assets/legacyframe/white_paper/8771019.pdf
47 #include <epan/packet.h>
48 #include <epan/prefs.h>
49 #include "packet-llc.h"
50 #include "packet-chdlc.h"
51 #include "packet-eth.h"
52 #include "packet-ip.h"
53 #include "packet-ipv6.h"
54 #include "packet-ppp.h"
55 #include "packet-fr.h"
56 #include <epan/xdlc.h>
57 #include <epan/etypes.h>
59 #include <epan/nlpid.h>
60 #include <epan/greproto.h>
63 * Bits in the address field.
65 #define FRELAY_EA 0x01 /* Address field extension bit */
67 #define FRELAY_UPPER_DLCI 0xFC /* Upper DLCI */
68 #define FRELAY_CR 0x02 /* Command/response bit in first octet */
70 #define FRELAY_SECOND_DLCI 0xF0 /* DLCI bits in FECN/BECN/DE octet */
71 #define FRELAY_FECN 0x08 /* Forward Explicit Congestion Notification */
72 #define FRELAY_BECN 0x04 /* Backward Explicit Congestion Notification */
73 #define FRELAY_DE 0x02 /* Discard Eligibility */
75 #define FRELAY_THIRD_DLCI 0xFE /* DLCI bits in third octet, if any */
77 #define FRELAY_LOWER_DLCI 0xFC /* Lower DLCI */
78 #define FRELAY_DC 0x02 /* DLCI or DL-CORE control indicator in last octet */
80 #define FROM_DCE 0x80 /* for direction setting */
82 static gint proto_fr = -1;
83 static gint ett_fr = -1;
84 static gint ett_fr_address = -1;
85 static gint ett_fr_control = -1;
86 static gint hf_fr_ea = -1;
87 static gint hf_fr_upper_dlci = -1;
88 static gint hf_fr_cr = -1;
89 static gint hf_fr_second_dlci = -1;
90 static gint hf_fr_fecn = -1;
91 static gint hf_fr_becn = -1;
92 static gint hf_fr_de = -1;
93 static gint hf_fr_third_dlci = -1;
94 static gint hf_fr_dlcore_control = -1;
95 static gint hf_fr_lower_dlci = -1;
96 static gint hf_fr_dc = -1;
97 static gint hf_fr_dlci = -1;
98 static gint hf_fr_control = -1;
99 static gint hf_fr_n_r = -1;
100 static gint hf_fr_n_s = -1;
101 static gint hf_fr_p = -1;
102 static gint hf_fr_p_ext = -1;
103 static gint hf_fr_f = -1;
104 static gint hf_fr_f_ext = -1;
105 static gint hf_fr_s_ftype = -1;
106 static gint hf_fr_u_modifier_cmd = -1;
107 static gint hf_fr_u_modifier_resp = -1;
108 static gint hf_fr_ftype_i = -1;
109 static gint hf_fr_ftype_s_u = -1;
110 static gint hf_fr_ftype_s_u_ext = -1;
111 static gint hf_fr_nlpid = -1;
112 static gint hf_fr_oui = -1;
113 static gint hf_fr_pid = -1;
114 static gint hf_fr_snaptype = -1;
115 static gint hf_fr_chdlctype = -1;
117 static dissector_handle_t eth_withfcs_handle;
118 static dissector_handle_t gprs_ns_handle;
119 static dissector_handle_t data_handle;
121 static dissector_table_t osinl_subdissector_table;
124 * Encapsulation type.
125 * XXX - this should be per-DLCI as well.
127 #define FRF_3_2 0 /* FRF 3.2 or Cisco HDLC */
128 #define GPRS_NS 1 /* GPRS Network Services (3GPP TS 08.16) */
129 #define RAW_ETHER 2 /* Raw Ethernet */
131 static gint fr_encap = FRF_3_2;
133 static const true_false_string cmd_string = {
137 static const true_false_string ctrl_string = {
141 static const true_false_string ea_string = {
147 * This isn't the same as "nlpid_vals[]"; 0x08 is Q.933, not Q.931,
148 * and 0x09 is LMI, not Q.2931, and we assume that it's an initial
149 * protocol identifier, so 0x01 is T.70, not X.29.
151 static const value_string fr_nlpid_vals[] = {
152 { NLPID_NULL, "NULL" },
153 { NLPID_IPI_T_70, "T.70" }, /* XXX - IPI, or SPI? */
154 { NLPID_X_633, "X.633" },
155 { NLPID_Q_931, "Q.933" },
156 { NLPID_LMI, "LMI" },
157 { NLPID_Q_2119, "Q.2119" },
158 { NLPID_SNAP, "SNAP" },
159 { NLPID_ISO8473_CLNP, "CLNP" },
160 { NLPID_ISO9542_ESIS, "ESIS" },
161 { NLPID_ISO10589_ISIS, "ISIS" },
162 { NLPID_ISO10747_IDRP, "IDRP" },
163 { NLPID_ISO9542X25_ESIS, "ESIS (X.25)" },
164 { NLPID_ISO10030, "ISO 10030" },
165 { NLPID_ISO11577, "ISO 11577" },
166 { NLPID_COMPRESSED, "Data compression protocol" },
168 { NLPID_IP6, "IPv6" },
169 { NLPID_PPP, "PPP" },
173 static dissector_table_t fr_subdissector_table;
174 static dissector_table_t fr_osinl_subdissector_table;
176 static void dissect_fr_nlpid(tvbuff_t *tvb, int offset, packet_info *pinfo,
177 proto_tree *tree, proto_item *ti,
178 proto_tree *fr_tree, guint8 fr_ctrl);
179 static void dissect_lapf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
180 static void dissect_fr_xid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
182 /* Used only for U frames */
183 static const xdlc_cf_items fr_cf_items = {
189 &hf_fr_u_modifier_cmd,
190 &hf_fr_u_modifier_resp,
195 /* Used only for I and S frames */
196 static const xdlc_cf_items fr_cf_items_ext = {
209 capture_fr(const guchar *pd, int offset, int len, packet_counts *ld)
217 * OK, fetch the address field - keep going until we get an EA bit.
219 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
223 fr_octet = pd[offset];
224 if (fr_octet & FRELAY_EA) {
226 * Bogus! There should be at least 2 octets.
227 * XXX - is this FRF.12 frame relay fragmentation? If so, can
234 * The first octet contains the upper 6 bits of the DLCI, as well
237 addr = (fr_octet & FRELAY_UPPER_DLCI) >> 2;
241 * The second octet contains 4 more bits of DLCI, as well as FECN,
244 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
248 fr_octet = pd[offset];
249 addr = (addr << 4) | ((fr_octet & FRELAY_SECOND_DLCI) >> 4);
252 if (!(fr_octet & FRELAY_EA)) {
254 * We have 3 or more address octets.
256 * The third octet contains 7 more bits of DLCI if EA isn't set,
257 * and lower DLCI or DL-CORE control plus the DLCI or DL-CORE
258 * control indicator flag if EA is set.
260 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
264 fr_octet = pd[offset];
265 if (!(fr_octet & FRELAY_EA)) {
267 * 7 more bits of DLCI.
269 addr = (addr << 7) | ((fr_octet & FRELAY_THIRD_DLCI) >> 1);
271 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
275 fr_octet = pd[offset];
276 while (!(fr_octet & FRELAY_EA)) {
278 * Bogus! More than 4 octets of address.
281 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
285 fr_octet = pd[offset];
290 * Last octet - contains lower DLCI or DL-CORE control, DLCI or
291 * DL-CORE control indicator flag.
293 if (fr_octet & FRELAY_DC) {
299 * Last 6 bits of DLCI.
301 addr = (addr << 6) | ((fr_octet & FRELAY_LOWER_DLCI) >> 2);
308 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
312 fr_ctrl = pd[offset];
313 if (fr_ctrl == XDLC_U) {
317 * XXX - treat DLCI 0 specially? On DLCI 0, an NLPID of 0x08
318 * means Q.933, but on other circuits it could be the "for
319 * protocols which do not have an NLPID assigned or do not
320 * have a SNAP encapsulation" stuff from RFC 2427.
322 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
326 fr_nlpid = pd[offset];
329 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
333 fr_nlpid = pd[offset];
339 capture_ip(pd, offset, len, ld);
343 capture_ipv6(pd, offset, len, ld);
347 capture_ppp_hdlc(pd, offset, len, ld);
351 capture_snap(pd, offset, len, ld);
361 * This must be some sort of LAPF on DLCI 0 for SVC
362 * because DLCI 0 is reserved for LMI and SVC signaling
363 * encapsulated in LAPF, and LMI is transmitted in
364 * unnumbered information (03), so this must be LAPF
367 * XXX - but what is it? Is Q.933 carried inside UI
368 * frames or other types of frames or both?
373 if (fr_ctrl == (XDLC_U|XDLC_XID)) {
382 * If the data does not start with unnumbered information (03) and
383 * the DLCI# is not 0, then there may be Cisco Frame Relay encapsulation.
385 capture_chdlc(pd, offset, len, ld);
395 capture_eth(pd, offset, len, ld);
403 dissect_fr_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
404 gboolean has_direction)
407 proto_item *ti = NULL;
408 proto_tree *fr_tree = NULL;
409 proto_item *octet_item = NULL;
410 proto_tree *octet_tree = NULL;
412 int is_response = FALSE;
418 if (check_col(pinfo->cinfo, COL_PROTOCOL))
419 col_set_str(pinfo->cinfo, COL_PROTOCOL, "FR");
420 if (check_col(pinfo->cinfo, COL_INFO))
421 col_clear(pinfo->cinfo, COL_INFO);
424 if (pinfo->pseudo_header->x25.flags & FROM_DCE) {
425 if (check_col(pinfo->cinfo, COL_RES_DL_DST))
426 col_set_str(pinfo->cinfo, COL_RES_DL_DST, "DTE");
427 if (check_col(pinfo->cinfo, COL_RES_DL_SRC))
428 col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "DCE");
430 if (check_col(pinfo->cinfo, COL_RES_DL_DST))
431 col_set_str(pinfo->cinfo, COL_RES_DL_DST, "DCE");
432 if (check_col(pinfo->cinfo, COL_RES_DL_SRC))
433 col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "DTE");
438 * OK, fetch the address field - keep going until we get an EA bit.
440 fr_octet = tvb_get_guint8(tvb, offset);
442 ti = proto_tree_add_protocol_format(tree, proto_fr, tvb, 0, -1, "Frame Relay");
443 fr_tree = proto_item_add_subtree(ti, ett_fr);
445 if (fr_octet & FRELAY_EA) {
447 * Bogus! There should be at least 2 octets.
448 * XXX - is this FRF.12 frame relay fragmentation? If so, we
449 * should dissect it as such, if possible.
453 proto_tree_add_text(fr_tree, tvb, offset, 1,
454 "Bogus 1-octet address field");
459 * The first octet contains the upper 6 bits of the DLCI, as well
462 addr = (fr_octet & FRELAY_UPPER_DLCI) >> 2;
463 is_response = (fr_octet & FRELAY_CR);
465 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
466 "First address octet: 0x%02x", fr_octet);
467 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
468 proto_tree_add_uint(octet_tree, hf_fr_upper_dlci, tvb, offset, 1, fr_octet);
469 proto_tree_add_boolean(octet_tree, hf_fr_cr, tvb, offset, 1, fr_octet);
470 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
475 * The second octet contains 4 more bits of DLCI, as well as FECN,
478 fr_octet = tvb_get_guint8(tvb, offset);
479 addr = (addr << 4) | ((fr_octet & FRELAY_SECOND_DLCI) >> 4);
481 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
482 "Second address octet: 0x%02x",
484 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
485 proto_tree_add_uint(octet_tree, hf_fr_second_dlci, tvb, offset, 1, fr_octet);
486 proto_tree_add_boolean(octet_tree, hf_fr_fecn, tvb, 0, offset, fr_octet);
487 proto_tree_add_boolean(octet_tree, hf_fr_becn, tvb, 0, offset, fr_octet);
488 proto_tree_add_boolean(octet_tree, hf_fr_de, tvb, 0, offset, fr_octet);
489 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
493 if (!(fr_octet & FRELAY_EA)) {
495 * We have 3 or more address octets.
497 * The third octet contains 7 more bits of DLCI if EA isn't set,
498 * and lower DLCI or DL-CORE control plus the DLCI or DL-CORE
499 * control indicator flag if EA is set.
501 fr_octet = tvb_get_guint8(tvb, offset);
502 if (!(fr_octet & FRELAY_EA)) {
504 * 7 more bits of DLCI.
506 addr = (addr << 7) | ((fr_octet & FRELAY_THIRD_DLCI) >> 1);
508 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
509 "Third address octet: 0x%02x",
511 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
512 proto_tree_add_uint(octet_tree, hf_fr_third_dlci, tvb, offset, 1, fr_octet);
513 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
516 fr_octet = tvb_get_guint8(tvb, offset);
517 while (!(fr_octet & FRELAY_EA)) {
519 * Bogus! More than 4 octets of address.
522 proto_tree_add_text(fr_tree, tvb, offset, 1,
523 "Bogus extra address octet");
526 fr_octet = tvb_get_guint8(tvb, offset);
530 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
531 "Final address octet: 0x%02x",
533 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
537 * Last octet - contains lower DLCI or DL-CORE control, DLCI or
538 * DL-CORE control indicator flag.
540 if (fr_octet & FRELAY_DC) {
544 proto_tree_add_uint(octet_tree, hf_fr_dlcore_control, tvb, offset, 1, fr_octet);
547 * Last 6 bits of DLCI.
549 addr = (addr << 6) | ((fr_octet & FRELAY_LOWER_DLCI) >> 2);
550 proto_tree_add_uint(octet_tree, hf_fr_lower_dlci, tvb, offset, 1, fr_octet);
552 proto_tree_add_boolean(octet_tree, hf_fr_dc, tvb, offset, 1, fr_octet);
553 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
559 /* Put the full DLCI into the protocol tree. */
560 proto_tree_add_uint(fr_tree, hf_fr_dlci, tvb, 0, offset, addr);
563 pinfo->ctype = CT_DLCI;
564 pinfo->circuit_id = addr;
566 /* Add DLCI to a collumn */
567 if ( check_col(pinfo->cinfo, COL_FR_DLCI)) {
568 col_add_fstr(pinfo->cinfo, COL_FR_DLCI, "%u", addr);
571 if (check_col(pinfo->cinfo, COL_INFO))
572 col_add_fstr(pinfo->cinfo, COL_INFO, "DLCI %u", addr);
577 fr_ctrl = tvb_get_guint8(tvb, offset);
578 if (fr_ctrl == XDLC_U) {
579 dissect_xdlc_control(tvb, offset, pinfo, fr_tree, hf_fr_control,
580 ett_fr_control, &fr_cf_items, &fr_cf_items_ext,
581 NULL, NULL, is_response, TRUE, TRUE);
585 * XXX - treat DLCI 0 specially? On DLCI 0, an NLPID of 0x08
586 * means Q.933, but on other circuits it could be the "for
587 * protocols which do not have an NLPID assigned or do not
588 * have a SNAP encapsulation" stuff from RFC 2427.
590 dissect_fr_nlpid(tvb, offset, pinfo, tree, ti, fr_tree, fr_ctrl);
594 * This must be some sort of LAPF on DLCI 0 for SVC
595 * because DLCI 0 is reserved for LMI and SVC signaling
596 * encapsulated in LAPF, and LMI is transmitted in
597 * unnumbered information (03), so this must be LAPF
600 * XXX - but what is it? Is Q.933 carried inside UI
601 * frames or other types of frames or both?
603 dissect_xdlc_control(tvb, offset, pinfo, fr_tree,
604 hf_fr_control, ett_fr_control,
605 &fr_cf_items, &fr_cf_items_ext,
606 NULL, NULL, is_response, TRUE, TRUE);
607 dissect_lapf(tvb_new_subset(tvb,offset,-1,-1),pinfo,tree);
610 if (fr_ctrl == (XDLC_U|XDLC_XID)) {
611 dissect_xdlc_control(tvb, offset, pinfo, fr_tree,
612 hf_fr_control, ett_fr_control,
613 &fr_cf_items, &fr_cf_items_ext,
614 NULL, NULL, is_response, TRUE, TRUE);
615 dissect_fr_xid(tvb_new_subset(tvb,offset,-1,-1),pinfo,tree);
620 * If the data does not start with unnumbered information (03) and
621 * the DLCI# is not 0, then there may be Cisco Frame Relay encapsulation.
623 fr_type = tvb_get_ntohs(tvb, offset);
625 /* Include the Cisco HDLC type in the top-level protocol
627 proto_item_set_end(ti, tvb, offset+2);
629 chdlctype(fr_type, tvb, offset+2, pinfo, tree, fr_tree, hf_fr_chdlctype);
634 next_tvb = tvb_new_subset(tvb, offset, -1, -1);
636 call_dissector(gprs_ns_handle, next_tvb, pinfo, tree);
638 dissect_lapf(next_tvb, pinfo, tree);
642 next_tvb = tvb_new_subset(tvb, offset, -1, -1);
644 call_dissector(eth_withfcs_handle, next_tvb, pinfo, tree);
646 dissect_lapf(next_tvb, pinfo, tree);
652 dissect_fr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
654 dissect_fr_common(tvb, pinfo, tree, FALSE);
658 dissect_fr_phdr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
660 dissect_fr_common(tvb, pinfo, tree, TRUE);
663 static void dissect_fr_uncompressed(tvbuff_t *tvb, packet_info *pinfo,
666 proto_item *ti = NULL;
667 proto_tree *fr_tree = NULL;
669 if (check_col(pinfo->cinfo, COL_PROTOCOL))
670 col_set_str(pinfo->cinfo, COL_PROTOCOL, "FR");
671 if (check_col(pinfo->cinfo, COL_INFO))
672 col_clear(pinfo->cinfo, COL_INFO);
675 ti = proto_tree_add_protocol_format(tree, proto_fr, tvb, 0, -1, "Frame Relay");
676 fr_tree = proto_item_add_subtree(ti, ett_fr);
678 dissect_fr_nlpid(tvb, 0, pinfo, tree, ti, fr_tree, XDLC_U);
681 static void dissect_fr_nlpid(tvbuff_t *tvb, int offset, packet_info *pinfo,
682 proto_tree *tree, proto_item *ti,
683 proto_tree *fr_tree, guint8 fr_ctrl)
689 * Tentatively set the Frame Relay item not to include the NLPID,
690 * as OSI network layer protocols consider it to be part of
693 proto_item_set_end(ti, tvb, offset);
694 fr_nlpid = tvb_get_guint8 (tvb,offset);
697 proto_tree_add_text(fr_tree, tvb, offset, 1, "Padding");
700 /* Include the padding in the top-level protocol tree item. */
701 proto_item_set_end(ti, tvb, offset);
703 fr_nlpid=tvb_get_guint8( tvb,offset);
707 * OSI network layer protocols consider the NLPID to be part
708 * of the frame, so we'll pass it as part of the payload and,
709 * if the protocol is one of those, add it as a hidden item here.
710 * We check both the generic OSI NLPID dissector table and
711 * the Frame Relay OSI NLPID dissector table - the latter is for
712 * NLPID's such as 0x08, which is Q.933 in Frame Relay but
713 * other protocols (e.g., Q.931) on other network layers.
715 * "OSI network layer protocols" includes Q.933.
717 * XXX - note that an NLPID of 0x08 for Q.933 could either be a
718 * Q.933 signaling message or a message for a protocol
719 * identified by a 2-octet layer 2 protocol type and a
720 * 2-octet layer 3 protocol type, those protocol type
721 * octets having the values from octets 6, 6a, 7, and 7a
722 * of a Q.931 low layer compatibility information element
723 * (section 4.5.19 of Q.931; Q.933 says they have the values
724 * from a Q.933 low layer compatibility information element,
725 * but Q.933 low layer compatibility information elements
726 * don't have protocol values in them).
728 * Assuming that, as Q.933 seems to imply, that Q.933 messages
729 * look just like Q.931 messages except where it explicitly
730 * says they differ, then the octet after the NLPID would,
731 * in a Q.933 message, have its upper 4 bits zero (that's
732 * the length of the call reference value, in Q.931, and
733 * is limited to 15 or fewer octets). As appears to be the case,
734 * octet 6 of a Q.931 low layer compatibility element has the
735 * 0x40 bit set, so you can distinguish between a Q.933
736 * message and an encapsulated packet by checking whether
737 * the upper 4 bits of the octet after the NLPID are zero.
739 * Either that, or it's Q.933 iff the DLCI is 0.
741 next_tvb = tvb_new_subset(tvb,offset,-1,-1);
742 if (dissector_try_port(osinl_subdissector_table, fr_nlpid, next_tvb,
744 dissector_try_port(fr_osinl_subdissector_table, fr_nlpid, next_tvb,
747 * Yes, we got a match. Add the NLPID as a hidden item,
748 * so you can, at least, filter on it.
751 proto_item *hidden_item;
752 hidden_item = proto_tree_add_uint(fr_tree, hf_fr_nlpid,
753 tvb, offset, 1, fr_nlpid );
754 PROTO_ITEM_SET_HIDDEN(hidden_item);
760 * All other protocols don't.
762 * XXX - what about Cisco/Gang-of-Four LMI? Is the 0x09 considered
763 * to be part of the LMI PDU?
766 proto_tree_add_uint(fr_tree, hf_fr_nlpid, tvb, offset, 1, fr_nlpid );
773 /* Include the NLPID and SNAP header in the top-level
774 protocol tree item. */
775 proto_item_set_end(ti, tvb, offset+5);
777 dissect_snap(tvb, offset, pinfo, tree, fr_tree, fr_ctrl,
778 hf_fr_oui, hf_fr_snaptype, hf_fr_pid, 0);
783 /* Include the NLPID in the top-level protocol tree item. */
784 proto_item_set_end(ti, tvb, offset);
786 next_tvb = tvb_new_subset(tvb,offset,-1,-1);
787 if (!dissector_try_port(fr_subdissector_table,fr_nlpid,
788 next_tvb, pinfo, tree))
789 call_dissector(data_handle,next_tvb, pinfo, tree);
794 static void dissect_lapf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
796 proto_tree_add_text(tree, tvb, 0, 0, "Frame relay lapf not yet implemented");
797 call_dissector(data_handle,tvb_new_subset(tvb,0,-1,-1),pinfo,tree);
799 static void dissect_fr_xid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
801 proto_tree_add_text(tree, tvb, 0, 0, "Frame relay xid not yet implemented");
802 call_dissector(data_handle,tvb_new_subset(tvb,0,-1,-1),pinfo,tree);
805 /* Register the protocol with Wireshark */
806 void proto_register_fr(void)
808 static hf_register_info hf[] = {
810 "EA", "fr.ea", FT_BOOLEAN, 8, TFS(&ea_string),
811 FRELAY_EA, "Extended Address", HFILL }},
812 { &hf_fr_upper_dlci, {
813 "Upper DLCI", "fr.upper_dlci", FT_UINT8, BASE_HEX,
814 NULL, FRELAY_UPPER_DLCI, "Upper bits of DLCI", HFILL }},
816 "CR", "fr.cr", FT_BOOLEAN, 8, TFS(&cmd_string),
817 FRELAY_CR, "Command/Response", HFILL }},
818 { &hf_fr_second_dlci, {
819 "Second DLCI", "fr.second_dlci", FT_UINT8, BASE_HEX,
820 NULL, FRELAY_SECOND_DLCI, "Bits below upper bits of DLCI", HFILL }},
822 "FECN", "fr.fecn", FT_BOOLEAN, 8,
823 NULL, FRELAY_FECN, "Forward Explicit Congestion Notification", HFILL }},
825 "BECN", "fr.becn", FT_BOOLEAN, 8,
826 NULL, FRELAY_BECN, "Backward Explicit Congestion Notification", HFILL }},
828 "DE", "fr.de", FT_BOOLEAN, 8,
829 NULL, FRELAY_DE, "Discard Eligibility", HFILL }},
830 { &hf_fr_third_dlci, {
831 "Third DLCI", "fr.third_dlci", FT_UINT8, BASE_HEX,
832 NULL, FRELAY_THIRD_DLCI, "Additional bits of DLCI", HFILL }},
833 { &hf_fr_dlcore_control, {
834 "DL-CORE Control", "fr.dlcore_control", FT_UINT8, BASE_HEX,
835 NULL, FRELAY_LOWER_DLCI, "DL-Core control bits", HFILL }},
836 { &hf_fr_lower_dlci, {
837 "Lower DLCI", "fr.lower_dlci", FT_UINT8, BASE_HEX,
838 NULL, FRELAY_LOWER_DLCI, "Lower bits of DLCI", HFILL }},
840 "DC", "fr.dc", FT_BOOLEAN, 16, TFS(&ctrl_string),
841 FRELAY_CR, "Address/Control", HFILL }},
843 "DLCI", "fr.dlci", FT_UINT32, BASE_DEC,
844 NULL, 0x0, "Data-Link Connection Identifier", HFILL }},
846 "Control Field", "fr.control", FT_UINT8, BASE_HEX,
847 NULL, 0x0, "Control field", HFILL }},
849 "N(R)", "fr.control.n_r", FT_UINT16, BASE_DEC,
850 NULL, XDLC_N_R_EXT_MASK, "", HFILL }},
852 "N(S)", "fr.control.n_s", FT_UINT16, BASE_DEC,
853 NULL, XDLC_N_S_EXT_MASK, "", HFILL }},
855 "Poll", "fr.control.p", FT_BOOLEAN, 8,
856 TFS(&flags_set_truth), XDLC_P_F, "", HFILL }},
858 "Poll", "fr.control.p", FT_BOOLEAN, 16,
859 TFS(&flags_set_truth), XDLC_P_F_EXT, "", HFILL }},
861 "Final", "fr.control.f", FT_BOOLEAN, 8,
862 TFS(&flags_set_truth), XDLC_P_F, "", HFILL }},
864 "Final", "fr.control.f", FT_BOOLEAN, 16,
865 TFS(&flags_set_truth), XDLC_P_F_EXT, "", HFILL }},
867 "Supervisory frame type", "fr.control.s_ftype", FT_UINT16, BASE_HEX,
868 VALS(stype_vals), XDLC_S_FTYPE_MASK, "", HFILL }},
869 { &hf_fr_u_modifier_cmd, {
870 "Command", "fr.control.u_modifier_cmd", FT_UINT8, BASE_HEX,
871 VALS(modifier_vals_cmd), XDLC_U_MODIFIER_MASK, "", HFILL }},
872 { &hf_fr_u_modifier_resp, {
873 "Response", "fr.control.u_modifier_resp", FT_UINT8, BASE_HEX,
874 VALS(modifier_vals_resp), XDLC_U_MODIFIER_MASK, "", HFILL }},
876 "Frame type", "fr.control.ftype", FT_UINT16, BASE_HEX,
877 VALS(ftype_vals), XDLC_I_MASK, "", HFILL }},
878 { &hf_fr_ftype_s_u, {
879 "Frame type", "fr.control.ftype", FT_UINT8, BASE_HEX,
880 VALS(ftype_vals), XDLC_S_U_MASK, "", HFILL }},
881 { &hf_fr_ftype_s_u_ext, {
882 "Frame type", "fr.control.ftype", FT_UINT16, BASE_HEX,
883 VALS(ftype_vals), XDLC_S_U_MASK, "", HFILL }},
885 "NLPID", "fr.nlpid", FT_UINT8, BASE_HEX,
886 VALS(fr_nlpid_vals), 0x0, "Frame Relay Encapsulated Protocol NLPID", HFILL }},
888 "Organization Code", "fr.snap.oui", FT_UINT24, BASE_HEX,
889 VALS(oui_vals), 0x0, "", HFILL }},
891 "Protocol ID", "fr.snap.pid", FT_UINT16, BASE_HEX,
892 NULL, 0x0, "", HFILL }},
894 "Type", "fr.snaptype", FT_UINT16, BASE_HEX,
895 VALS(etype_vals), 0x0, "Frame Relay SNAP Encapsulated Protocol", HFILL }},
896 { &hf_fr_chdlctype, {
897 "Type", "fr.chdlctype", FT_UINT16, BASE_HEX,
898 VALS(chdlc_vals), 0x0, "Frame Relay Cisco HDLC Encapsulated Protocol", HFILL }},
901 /* Setup protocol subtree array */
902 static gint *ett[] = {
907 static enum_val_t fr_encap_options[] = {
908 { "frf-3.2", "FRF 3.2/Cisco HDLC", FRF_3_2 },
909 { "gprs-ns", "GPRS Network Service", GPRS_NS },
910 { "ethernet", "Raw Ethernet", RAW_ETHER },
913 module_t *frencap_module;
915 proto_fr = proto_register_protocol("Frame Relay", "FR", "fr");
916 proto_register_field_array(proto_fr, hf, array_length(hf));
917 proto_register_subtree_array(ett, array_length(ett));
919 fr_subdissector_table = register_dissector_table("fr.ietf",
920 "Frame Relay NLPID", FT_UINT8, BASE_HEX);
921 fr_osinl_subdissector_table = register_dissector_table("fr.osinl",
922 "Frame Relay OSI NLPID", FT_UINT8, BASE_HEX);
924 register_dissector("fr_uncompressed", dissect_fr_uncompressed, proto_fr);
925 register_dissector("fr", dissect_fr, proto_fr);
927 frencap_module = prefs_register_protocol(proto_fr, NULL);
929 * XXX - this should really be per-circuit - I've seen at least one
930 * capture where different DLCIs have different encapsulations - but
931 * we don't yet have any support for per-circuit encapsulations.
933 * Even with that, though, we might want a default encapsulation,
934 * so that people dealing with GPRS can make gprs-ns the default.
936 prefs_register_enum_preference(frencap_module, "encap", "Encapsulation",
937 "Encapsulation", &fr_encap,
938 fr_encap_options, FALSE);
941 void proto_reg_handoff_fr(void)
943 dissector_handle_t fr_handle, fr_phdr_handle;
945 fr_handle = create_dissector_handle(dissect_fr, proto_fr);
946 dissector_add("gre.proto", ETHERTYPE_RAW_FR, fr_handle);
947 dissector_add("wtap_encap", WTAP_ENCAP_FRELAY, fr_handle);
949 fr_phdr_handle = create_dissector_handle(dissect_fr_phdr, proto_fr);
950 dissector_add("wtap_encap", WTAP_ENCAP_FRELAY_WITH_PHDR, fr_phdr_handle);
952 eth_withfcs_handle = find_dissector("eth_withfcs");
953 gprs_ns_handle = find_dissector("gprs_ns");
954 data_handle = find_dissector("data");
956 osinl_subdissector_table = find_dissector_table("osinl");
git.samba.org / obnox / wireshark / wip.git / blob