2 * Routines for Frame Relay dissection
4 * Copyright 2001, Paul Ionescu <paul@acorp.ro>
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 * http://www.protocols.com/pbook/frame.htm
29 * http://www.mplsforum.org/frame/Approved/FRF.3/FRF.3.2.pdf
30 * ITU Recommendations Q.922 and Q.933
34 * http://www.trillium.com/assets/legacyframe/white_paper/8771019.pdf
47 #include <epan/packet.h>
48 #include <epan/prefs.h>
49 #include "packet-llc.h"
50 #include "packet-chdlc.h"
51 #include "packet-eth.h"
52 #include "packet-ip.h"
53 #include "packet-ipv6.h"
54 #include "packet-ppp.h"
55 #include "packet-fr.h"
56 #include <epan/xdlc.h>
57 #include <epan/etypes.h>
59 #include <epan/nlpid.h>
60 #include <epan/greproto.h>
63 * Bits in the address field.
65 #define FRELAY_EA 0x01 /* Address field extension bit */
67 #define FRELAY_UPPER_DLCI 0xFC /* Upper DLCI */
68 #define FRELAY_CR 0x02 /* Command/response bit in first octet */
70 #define FRELAY_SECOND_DLCI 0xF0 /* DLCI bits in FECN/BECN/DE octet */
71 #define FRELAY_FECN 0x08 /* Forward Explicit Congestion Notification */
72 #define FRELAY_BECN 0x04 /* Backward Explicit Congestion Notification */
73 #define FRELAY_DE 0x02 /* Discard Eligibility */
75 #define FRELAY_THIRD_DLCI 0xFE /* DLCI bits in third octet, if any */
77 #define FRELAY_LOWER_DLCI 0xFC /* Lower DLCI */
78 #define FRELAY_DC 0x02 /* DLCI or DL-CORE control indicator in last octet */
80 #define FROM_DCE 0x80 /* for direction setting */
82 static gint proto_fr = -1;
83 static gint ett_fr = -1;
84 static gint ett_fr_address = -1;
85 static gint ett_fr_control = -1;
86 static gint hf_fr_ea = -1;
87 static gint hf_fr_upper_dlci = -1;
88 static gint hf_fr_cr = -1;
89 static gint hf_fr_second_dlci = -1;
90 static gint hf_fr_fecn = -1;
91 static gint hf_fr_becn = -1;
92 static gint hf_fr_de = -1;
93 static gint hf_fr_third_dlci = -1;
94 static gint hf_fr_dlcore_control = -1;
95 static gint hf_fr_lower_dlci = -1;
96 static gint hf_fr_dc = -1;
97 static gint hf_fr_dlci = -1;
98 static gint hf_fr_control = -1;
99 static gint hf_fr_n_r = -1;
100 static gint hf_fr_n_s = -1;
101 static gint hf_fr_p = -1;
102 static gint hf_fr_p_ext = -1;
103 static gint hf_fr_f = -1;
104 static gint hf_fr_f_ext = -1;
105 static gint hf_fr_s_ftype = -1;
106 static gint hf_fr_u_modifier_cmd = -1;
107 static gint hf_fr_u_modifier_resp = -1;
108 static gint hf_fr_ftype_i = -1;
109 static gint hf_fr_ftype_s_u = -1;
110 static gint hf_fr_ftype_s_u_ext = -1;
111 static gint hf_fr_nlpid = -1;
112 static gint hf_fr_oui = -1;
113 static gint hf_fr_pid = -1;
114 static gint hf_fr_snaptype = -1;
115 static gint hf_fr_chdlctype = -1;
117 static dissector_handle_t eth_withfcs_handle;
118 static dissector_handle_t gprs_ns_handle;
119 static dissector_handle_t data_handle;
121 static dissector_table_t osinl_subdissector_table;
124 * Encapsulation type.
125 * XXX - this should be per-DLCI as well.
127 #define FRF_3_2 0 /* FRF 3.2 or Cisco HDLC */
128 #define GPRS_NS 1 /* GPRS Network Services (3GPP TS 08.16) */
129 #define RAW_ETHER 2 /* Raw Ethernet */
131 static gint fr_encap = FRF_3_2;
133 static const true_false_string cmd_string = {
137 static const true_false_string ctrl_string = {
141 static const true_false_string ea_string = {
147 * This isn't the same as "nlpid_vals[]"; 0x08 is Q.933, not Q.931,
148 * and 0x09 is LMI, not Q.2931, and we assume that it's an initial
149 * protocol identifier, so 0x01 is T.70, not X.29.
151 static const value_string fr_nlpid_vals[] = {
152 { NLPID_NULL, "NULL" },
153 { NLPID_IPI_T_70, "T.70" }, /* XXX - IPI, or SPI? */
154 { NLPID_X_633, "X.633" },
155 { NLPID_Q_931, "Q.933" },
156 { NLPID_LMI, "LMI" },
157 { NLPID_Q_2119, "Q.2119" },
158 { NLPID_SNAP, "SNAP" },
159 { NLPID_ISO8473_CLNP, "CLNP" },
160 { NLPID_ISO9542_ESIS, "ESIS" },
161 { NLPID_ISO10589_ISIS, "ISIS" },
162 { NLPID_ISO10747_IDRP, "IDRP" },
163 { NLPID_ISO9542X25_ESIS, "ESIS (X.25)" },
164 { NLPID_ISO10030, "ISO 10030" },
165 { NLPID_ISO11577, "ISO 11577" },
166 { NLPID_COMPRESSED, "Data compression protocol" },
168 { NLPID_IP6, "IPv6" },
169 { NLPID_PPP, "PPP" },
173 static dissector_table_t fr_subdissector_table;
174 static dissector_table_t fr_osinl_subdissector_table;
176 static void dissect_fr_nlpid(tvbuff_t *tvb, int offset, packet_info *pinfo,
177 proto_tree *tree, proto_item *ti,
178 proto_tree *fr_tree, guint8 fr_ctrl);
179 static void dissect_lapf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
180 static void dissect_fr_xid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
182 /* Used only for U frames */
183 static const xdlc_cf_items fr_cf_items = {
189 &hf_fr_u_modifier_cmd,
190 &hf_fr_u_modifier_resp,
195 /* Used only for I and S frames */
196 static const xdlc_cf_items fr_cf_items_ext = {
209 capture_fr(const guchar *pd, int offset, int len, packet_counts *ld)
217 * OK, fetch the address field - keep going until we get an EA bit.
219 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
223 fr_octet = pd[offset];
224 if (fr_octet & FRELAY_EA) {
226 * Bogus! There should be at least 2 octets.
227 * XXX - is this FRF.12 frame relay fragmentation? If so, can
234 * The first octet contains the upper 6 bits of the DLCI, as well
237 address = (fr_octet & FRELAY_UPPER_DLCI) >> 2;
241 * The second octet contains 4 more bits of DLCI, as well as FECN,
244 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
248 fr_octet = pd[offset];
249 address = (address << 4) | ((fr_octet & FRELAY_SECOND_DLCI) >> 4);
252 if (!(fr_octet & FRELAY_EA)) {
254 * We have 3 or more address octets.
256 * The third octet contains 7 more bits of DLCI if EA isn't set,
257 * and lower DLCI or DL-CORE control plus the DLCI or DL-CORE
258 * control indicator flag if EA is set.
260 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
264 fr_octet = pd[offset];
265 if (!(fr_octet & FRELAY_EA)) {
267 * 7 more bits of DLCI.
269 address = (address << 7) | ((fr_octet & FRELAY_THIRD_DLCI) >> 1);
271 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
275 fr_octet = pd[offset];
276 while (!(fr_octet & FRELAY_EA)) {
278 * Bogus! More than 4 octets of address.
281 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
285 fr_octet = pd[offset];
290 * Last octet - contains lower DLCI or DL-CORE control, DLCI or
291 * DL-CORE control indicator flag.
293 if (fr_octet & FRELAY_DC) {
299 * Last 6 bits of DLCI.
301 address = (address << 6) | ((fr_octet & FRELAY_LOWER_DLCI) >> 2);
308 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
312 fr_ctrl = pd[offset];
313 if (fr_ctrl == XDLC_U) {
317 * XXX - treat DLCI 0 specially? On DLCI 0, an NLPID of 0x08
318 * means Q.933, but on other circuits it could be the "for
319 * protocols which do not have an NLPID assigned or do not
320 * have a SNAP encapsulation" stuff from RFC 2427.
322 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
326 fr_nlpid = pd[offset];
329 if (!BYTES_ARE_IN_FRAME(offset, len, 1)) {
333 fr_nlpid = pd[offset];
339 capture_ip(pd, offset, len, ld);
343 capture_ipv6(pd, offset, len, ld);
347 capture_ppp_hdlc(pd, offset, len, ld);
351 capture_snap(pd, offset, len, ld);
361 * This must be some sort of LAPF on DLCI 0 for SVC
362 * because DLCI 0 is reserved for LMI and SVC signaling
363 * encapsulated in LAPF, and LMI is transmitted in
364 * unnumbered information (03), so this must be LAPF
367 * XXX - but what is it? Is Q.933 carried inside UI
368 * frames or other types of frames or both?
373 if (fr_ctrl == (XDLC_U|XDLC_XID)) {
382 * If the data does not start with unnumbered information (03) and
383 * the DLCI# is not 0, then there may be Cisco Frame Relay encapsulation.
385 capture_chdlc(pd, offset, len, ld);
395 capture_eth(pd, offset, len, ld);
403 dissect_fr_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
404 gboolean has_direction)
407 proto_item *ti = NULL;
408 proto_tree *fr_tree = NULL;
409 proto_item *octet_item = NULL;
410 proto_tree *octet_tree = NULL;
412 int is_response = FALSE;
418 if (check_col(pinfo->cinfo, COL_PROTOCOL))
419 col_set_str(pinfo->cinfo, COL_PROTOCOL, "FR");
420 if (check_col(pinfo->cinfo, COL_INFO))
421 col_clear(pinfo->cinfo, COL_INFO);
424 if (pinfo->pseudo_header->x25.flags & FROM_DCE) {
425 if (check_col(pinfo->cinfo, COL_RES_DL_DST))
426 col_set_str(pinfo->cinfo, COL_RES_DL_DST, "DTE");
427 if (check_col(pinfo->cinfo, COL_RES_DL_SRC))
428 col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "DCE");
430 if (check_col(pinfo->cinfo, COL_RES_DL_DST))
431 col_set_str(pinfo->cinfo, COL_RES_DL_DST, "DCE");
432 if (check_col(pinfo->cinfo, COL_RES_DL_SRC))
433 col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "DTE");
438 * OK, fetch the address field - keep going until we get an EA bit.
440 fr_octet = tvb_get_guint8(tvb, offset);
442 ti = proto_tree_add_protocol_format(tree, proto_fr, tvb, 0, -1, "Frame Relay");
443 fr_tree = proto_item_add_subtree(ti, ett_fr);
445 if (fr_octet & FRELAY_EA) {
447 * Bogus! There should be at least 2 octets.
448 * XXX - is this FRF.12 frame relay fragmentation? If so, we
449 * should dissect it as such, if possible.
453 proto_tree_add_text(fr_tree, tvb, offset, 1,
454 "Bogus 1-octet address field");
459 * The first octet contains the upper 6 bits of the DLCI, as well
462 address = (fr_octet & FRELAY_UPPER_DLCI) >> 2;
463 is_response = (fr_octet & FRELAY_CR);
465 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
466 "First address octet: 0x%02x", fr_octet);
467 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
468 proto_tree_add_uint(octet_tree, hf_fr_upper_dlci, tvb, offset, 1, fr_octet);
469 proto_tree_add_boolean(octet_tree, hf_fr_cr, tvb, offset, 1, fr_octet);
470 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
475 * The second octet contains 4 more bits of DLCI, as well as FECN,
478 fr_octet = tvb_get_guint8(tvb, offset);
479 address = (address << 4) | ((fr_octet & FRELAY_SECOND_DLCI) >> 4);
481 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
482 "Second address octet: 0x%02x",
484 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
485 proto_tree_add_uint(octet_tree, hf_fr_second_dlci, tvb, offset, 1, fr_octet);
486 proto_tree_add_boolean(octet_tree, hf_fr_fecn, tvb, 0, offset, fr_octet);
487 proto_tree_add_boolean(octet_tree, hf_fr_becn, tvb, 0, offset, fr_octet);
488 proto_tree_add_boolean(octet_tree, hf_fr_de, tvb, 0, offset, fr_octet);
489 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
493 if (!(fr_octet & FRELAY_EA)) {
495 * We have 3 or more address octets.
497 * The third octet contains 7 more bits of DLCI if EA isn't set,
498 * and lower DLCI or DL-CORE control plus the DLCI or DL-CORE
499 * control indicator flag if EA is set.
501 fr_octet = tvb_get_guint8(tvb, offset);
502 if (!(fr_octet & FRELAY_EA)) {
504 * 7 more bits of DLCI.
506 address = (address << 7) | ((fr_octet & FRELAY_THIRD_DLCI) >> 1);
508 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
509 "Third address octet: 0x%02x",
511 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
512 proto_tree_add_uint(octet_tree, hf_fr_third_dlci, tvb, offset, 1, fr_octet);
513 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
516 fr_octet = tvb_get_guint8(tvb, offset);
517 while (!(fr_octet & FRELAY_EA)) {
519 * Bogus! More than 4 octets of address.
522 proto_tree_add_text(fr_tree, tvb, offset, 1,
523 "Bogus extra address octet");
526 fr_octet = tvb_get_guint8(tvb, offset);
530 octet_item = proto_tree_add_text(fr_tree, tvb, offset, 1,
531 "Final address octet: 0x%02x",
533 octet_tree = proto_item_add_subtree(octet_item, ett_fr_address);
537 * Last octet - contains lower DLCI or DL-CORE control, DLCI or
538 * DL-CORE control indicator flag.
540 if (fr_octet & FRELAY_DC) {
544 proto_tree_add_uint(octet_tree, hf_fr_dlcore_control, tvb, offset, 1, fr_octet);
547 * Last 6 bits of DLCI.
549 address = (address << 6) | ((fr_octet & FRELAY_LOWER_DLCI) >> 2);
550 proto_tree_add_uint(octet_tree, hf_fr_lower_dlci, tvb, offset, 1, fr_octet);
552 proto_tree_add_boolean(octet_tree, hf_fr_dc, tvb, offset, 1, fr_octet);
553 proto_tree_add_boolean(octet_tree, hf_fr_ea, tvb, offset, 1, fr_octet);
557 /* Put the full DLCI into the protocol tree. */
558 proto_tree_add_uint(fr_tree, hf_fr_dlci, tvb, 0, offset, address);
561 pinfo->ctype = CT_DLCI;
562 pinfo->circuit_id = address;
564 if (check_col(pinfo->cinfo, COL_INFO))
565 col_add_fstr(pinfo->cinfo, COL_INFO, "DLCI %u", address);
570 fr_ctrl = tvb_get_guint8(tvb, offset);
571 if (fr_ctrl == XDLC_U) {
572 dissect_xdlc_control(tvb, offset, pinfo, fr_tree, hf_fr_control,
573 ett_fr_control, &fr_cf_items, &fr_cf_items_ext,
574 NULL, NULL, is_response, TRUE, TRUE);
578 * XXX - treat DLCI 0 specially? On DLCI 0, an NLPID of 0x08
579 * means Q.933, but on other circuits it could be the "for
580 * protocols which do not have an NLPID assigned or do not
581 * have a SNAP encapsulation" stuff from RFC 2427.
583 dissect_fr_nlpid(tvb, offset, pinfo, tree, ti, fr_tree, fr_ctrl);
587 * This must be some sort of LAPF on DLCI 0 for SVC
588 * because DLCI 0 is reserved for LMI and SVC signaling
589 * encapsulated in LAPF, and LMI is transmitted in
590 * unnumbered information (03), so this must be LAPF
593 * XXX - but what is it? Is Q.933 carried inside UI
594 * frames or other types of frames or both?
596 dissect_xdlc_control(tvb, offset, pinfo, fr_tree,
597 hf_fr_control, ett_fr_control,
598 &fr_cf_items, &fr_cf_items_ext,
599 NULL, NULL, is_response, TRUE, TRUE);
600 dissect_lapf(tvb_new_subset(tvb,offset,-1,-1),pinfo,tree);
603 if (fr_ctrl == (XDLC_U|XDLC_XID)) {
604 dissect_xdlc_control(tvb, offset, pinfo, fr_tree,
605 hf_fr_control, ett_fr_control,
606 &fr_cf_items, &fr_cf_items_ext,
607 NULL, NULL, is_response, TRUE, TRUE);
608 dissect_fr_xid(tvb_new_subset(tvb,offset,-1,-1),pinfo,tree);
613 * If the data does not start with unnumbered information (03) and
614 * the DLCI# is not 0, then there may be Cisco Frame Relay encapsulation.
616 fr_type = tvb_get_ntohs(tvb, offset);
618 /* Include the Cisco HDLC type in the top-level protocol
620 proto_item_set_end(ti, tvb, offset+2);
622 chdlctype(fr_type, tvb, offset+2, pinfo, tree, fr_tree, hf_fr_chdlctype);
627 next_tvb = tvb_new_subset(tvb, offset, -1, -1);
629 call_dissector(gprs_ns_handle, next_tvb, pinfo, tree);
631 dissect_lapf(next_tvb, pinfo, tree);
635 next_tvb = tvb_new_subset(tvb, offset, -1, -1);
637 call_dissector(eth_withfcs_handle, next_tvb, pinfo, tree);
639 dissect_lapf(next_tvb, pinfo, tree);
645 dissect_fr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
647 dissect_fr_common(tvb, pinfo, tree, FALSE);
651 dissect_fr_phdr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
653 dissect_fr_common(tvb, pinfo, tree, TRUE);
656 static void dissect_fr_uncompressed(tvbuff_t *tvb, packet_info *pinfo,
659 proto_item *ti = NULL;
660 proto_tree *fr_tree = NULL;
662 if (check_col(pinfo->cinfo, COL_PROTOCOL))
663 col_set_str(pinfo->cinfo, COL_PROTOCOL, "FR");
664 if (check_col(pinfo->cinfo, COL_INFO))
665 col_clear(pinfo->cinfo, COL_INFO);
668 ti = proto_tree_add_protocol_format(tree, proto_fr, tvb, 0, -1, "Frame Relay");
669 fr_tree = proto_item_add_subtree(ti, ett_fr);
671 dissect_fr_nlpid(tvb, 0, pinfo, tree, ti, fr_tree, XDLC_U);
674 static void dissect_fr_nlpid(tvbuff_t *tvb, int offset, packet_info *pinfo,
675 proto_tree *tree, proto_item *ti,
676 proto_tree *fr_tree, guint8 fr_ctrl)
682 * Tentatively set the Frame Relay item not to include the NLPID,
683 * as OSI network layer protocols consider it to be part of
686 proto_item_set_end(ti, tvb, offset);
687 fr_nlpid = tvb_get_guint8 (tvb,offset);
690 proto_tree_add_text(fr_tree, tvb, offset, 1, "Padding");
693 /* Include the padding in the top-level protocol tree item. */
694 proto_item_set_end(ti, tvb, offset);
696 fr_nlpid=tvb_get_guint8( tvb,offset);
700 * OSI network layer protocols consider the NLPID to be part
701 * of the frame, so we'll pass it as part of the payload and,
702 * if the protocol is one of those, add it as a hidden item here.
703 * We check both the generic OSI NLPID dissector table and
704 * the Frame Relay OSI NLPID dissector table - the latter is for
705 * NLPID's such as 0x08, which is Q.933 in Frame Relay but
706 * other protocols (e.g., Q.931) on other network layers.
708 * "OSI network layer protocols" includes Q.933.
710 * XXX - note that an NLPID of 0x08 for Q.933 could either be a
711 * Q.933 signaling message or a message for a protocol
712 * identified by a 2-octet layer 2 protocol type and a
713 * 2-octet layer 3 protocol type, those protocol type
714 * octets having the values from octets 6, 6a, 7, and 7a
715 * of a Q.931 low layer compatibility information element
716 * (section 4.5.19 of Q.931; Q.933 says they have the values
717 * from a Q.933 low layer compatibility information element,
718 * but Q.933 low layer compatibility information elements
719 * don't have protocol values in them).
721 * Assuming that, as Q.933 seems to imply, that Q.933 messages
722 * look just like Q.931 messages except where it explicitly
723 * says they differ, then the octet after the NLPID would,
724 * in a Q.933 message, have its upper 4 bits zero (that's
725 * the length of the call reference value, in Q.931, and
726 * is limited to 15 or fewer octets). As appears to be the case,
727 * octet 6 of a Q.931 low layer compatibility element has the
728 * 0x40 bit set, so you can distinguish between a Q.933
729 * message and an encapsulated packet by checking whether
730 * the upper 4 bits of the octet after the NLPID are zero.
732 * Either that, or it's Q.933 iff the DLCI is 0.
734 next_tvb = tvb_new_subset(tvb,offset,-1,-1);
735 if (dissector_try_port(osinl_subdissector_table, fr_nlpid, next_tvb,
737 dissector_try_port(fr_osinl_subdissector_table, fr_nlpid, next_tvb,
740 * Yes, we got a match. Add the NLPID as a hidden item,
741 * so you can, at least, filter on it.
744 proto_tree_add_uint_hidden(fr_tree, hf_fr_nlpid,
745 tvb, offset, 1, fr_nlpid );
750 * All other protocols don't.
752 * XXX - what about Cisco/Gang-of-Four LMI? Is the 0x09 considered
753 * to be part of the LMI PDU?
756 proto_tree_add_uint(fr_tree, hf_fr_nlpid, tvb, offset, 1, fr_nlpid );
763 /* Include the NLPID and SNAP header in the top-level
764 protocol tree item. */
765 proto_item_set_end(ti, tvb, offset+5);
767 dissect_snap(tvb, offset, pinfo, tree, fr_tree, fr_ctrl,
768 hf_fr_oui, hf_fr_snaptype, hf_fr_pid, 0);
773 /* Include the NLPID in the top-level protocol tree item. */
774 proto_item_set_end(ti, tvb, offset);
776 next_tvb = tvb_new_subset(tvb,offset,-1,-1);
777 if (!dissector_try_port(fr_subdissector_table,fr_nlpid,
778 next_tvb, pinfo, tree))
779 call_dissector(data_handle,next_tvb, pinfo, tree);
784 static void dissect_lapf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
786 proto_tree_add_text(tree, tvb, 0, 0, "Frame relay lapf not yet implemented");
787 call_dissector(data_handle,tvb_new_subset(tvb,0,-1,-1),pinfo,tree);
789 static void dissect_fr_xid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
791 proto_tree_add_text(tree, tvb, 0, 0, "Frame relay xid not yet implemented");
792 call_dissector(data_handle,tvb_new_subset(tvb,0,-1,-1),pinfo,tree);
795 /* Register the protocol with Wireshark */
796 void proto_register_fr(void)
798 static hf_register_info hf[] = {
800 "EA", "fr.ea", FT_BOOLEAN, 8, TFS(&ea_string),
801 FRELAY_EA, "Extended Address", HFILL }},
802 { &hf_fr_upper_dlci, {
803 "Upper DLCI", "fr.upper_dlci", FT_UINT8, BASE_HEX,
804 NULL, FRELAY_UPPER_DLCI, "Upper bits of DLCI", HFILL }},
806 "CR", "fr.cr", FT_BOOLEAN, 8, TFS(&cmd_string),
807 FRELAY_CR, "Command/Response", HFILL }},
808 { &hf_fr_second_dlci, {
809 "Second DLCI", "fr.second_dlci", FT_UINT8, BASE_HEX,
810 NULL, FRELAY_SECOND_DLCI, "Bits below upper bits of DLCI", HFILL }},
812 "FECN", "fr.fecn", FT_BOOLEAN, 8,
813 NULL, FRELAY_FECN, "Forward Explicit Congestion Notification", HFILL }},
815 "BECN", "fr.becn", FT_BOOLEAN, 8,
816 NULL, FRELAY_BECN, "Backward Explicit Congestion Notification", HFILL }},
818 "DE", "fr.de", FT_BOOLEAN, 8,
819 NULL, FRELAY_DE, "Discard Eligibility", HFILL }},
820 { &hf_fr_third_dlci, {
821 "Third DLCI", "fr.third_dlci", FT_UINT8, BASE_HEX,
822 NULL, FRELAY_THIRD_DLCI, "Additional bits of DLCI", HFILL }},
823 { &hf_fr_dlcore_control, {
824 "DL-CORE Control", "fr.dlcore_control", FT_UINT8, BASE_HEX,
825 NULL, FRELAY_LOWER_DLCI, "DL-Core control bits", HFILL }},
826 { &hf_fr_lower_dlci, {
827 "Lower DLCI", "fr.lower_dlci", FT_UINT8, BASE_HEX,
828 NULL, FRELAY_LOWER_DLCI, "Lower bits of DLCI", HFILL }},
830 "DC", "fr.dc", FT_BOOLEAN, 16, TFS(&ctrl_string),
831 FRELAY_CR, "Address/Control", HFILL }},
833 "DLCI", "fr.dlci", FT_UINT32, BASE_DEC,
834 NULL, 0x0, "Data-Link Connection Identifier", HFILL }},
836 "Control Field", "fr.control", FT_UINT8, BASE_HEX,
837 NULL, 0x0, "Control field", HFILL }},
839 "N(R)", "fr.control.n_r", FT_UINT16, BASE_DEC,
840 NULL, XDLC_N_R_EXT_MASK, "", HFILL }},
842 "N(S)", "fr.control.n_s", FT_UINT16, BASE_DEC,
843 NULL, XDLC_N_S_EXT_MASK, "", HFILL }},
845 "Poll", "fr.control.p", FT_BOOLEAN, 8,
846 TFS(&flags_set_truth), XDLC_P_F, "", HFILL }},
848 "Poll", "fr.control.p", FT_BOOLEAN, 16,
849 TFS(&flags_set_truth), XDLC_P_F_EXT, "", HFILL }},
851 "Final", "fr.control.f", FT_BOOLEAN, 8,
852 TFS(&flags_set_truth), XDLC_P_F, "", HFILL }},
854 "Final", "fr.control.f", FT_BOOLEAN, 16,
855 TFS(&flags_set_truth), XDLC_P_F_EXT, "", HFILL }},
857 "Supervisory frame type", "fr.control.s_ftype", FT_UINT16, BASE_HEX,
858 VALS(stype_vals), XDLC_S_FTYPE_MASK, "", HFILL }},
859 { &hf_fr_u_modifier_cmd, {
860 "Command", "lapd.control.u_modifier_cmd", FT_UINT8, BASE_HEX,
861 VALS(modifier_vals_cmd), XDLC_U_MODIFIER_MASK, "", HFILL }},
862 { &hf_fr_u_modifier_resp, {
863 "Response", "lapd.control.u_modifier_resp", FT_UINT8, BASE_HEX,
864 VALS(modifier_vals_resp), XDLC_U_MODIFIER_MASK, "", HFILL }},
866 "Frame type", "fr.control.ftype", FT_UINT16, BASE_HEX,
867 VALS(ftype_vals), XDLC_I_MASK, "", HFILL }},
868 { &hf_fr_ftype_s_u, {
869 "Frame type", "fr.control.ftype", FT_UINT8, BASE_HEX,
870 VALS(ftype_vals), XDLC_S_U_MASK, "", HFILL }},
871 { &hf_fr_ftype_s_u_ext, {
872 "Frame type", "fr.control.ftype", FT_UINT16, BASE_HEX,
873 VALS(ftype_vals), XDLC_S_U_MASK, "", HFILL }},
875 "NLPID", "fr.nlpid", FT_UINT8, BASE_HEX,
876 VALS(fr_nlpid_vals), 0x0, "Frame Relay Encapsulated Protocol NLPID", HFILL }},
878 "Organization Code", "fr.snap.oui", FT_UINT24, BASE_HEX,
879 VALS(oui_vals), 0x0, "", HFILL }},
881 "Protocol ID", "fr.snap.pid", FT_UINT16, BASE_HEX,
882 NULL, 0x0, "", HFILL }},
884 "Type", "fr.snaptype", FT_UINT16, BASE_HEX,
885 VALS(etype_vals), 0x0, "Frame Relay SNAP Encapsulated Protocol", HFILL }},
886 { &hf_fr_chdlctype, {
887 "Type", "fr.chdlctype", FT_UINT16, BASE_HEX,
888 VALS(chdlc_vals), 0x0, "Frame Relay Cisco HDLC Encapsulated Protocol", HFILL }},
891 /* Setup protocol subtree array */
892 static gint *ett[] = {
897 static enum_val_t fr_encap_options[] = {
898 { "frf-3.2", "FRF 3.2/Cisco HDLC", FRF_3_2 },
899 { "gprs-ns", "GPRS Network Service", GPRS_NS },
900 { "ethernet", "Raw Ethernet", RAW_ETHER },
903 module_t *frencap_module;
905 proto_fr = proto_register_protocol("Frame Relay", "FR", "fr");
906 proto_register_field_array(proto_fr, hf, array_length(hf));
907 proto_register_subtree_array(ett, array_length(ett));
909 fr_subdissector_table = register_dissector_table("fr.ietf",
910 "Frame Relay NLPID", FT_UINT8, BASE_HEX);
911 fr_osinl_subdissector_table = register_dissector_table("fr.osinl",
912 "Frame Relay OSI NLPID", FT_UINT8, BASE_HEX);
914 register_dissector("fr_uncompressed", dissect_fr_uncompressed, proto_fr);
915 register_dissector("fr", dissect_fr, proto_fr);
917 frencap_module = prefs_register_protocol(proto_fr, NULL);
919 * XXX - this should really be per-circuit - I've seen at least one
920 * capture where different DLCIs have different encapsulations - but
921 * we don't yet have any support for per-circuit encapsulations.
923 * Even with that, though, we might want a default encapsulation,
924 * so that people dealing with GPRS can make gprs-ns the default.
926 prefs_register_enum_preference(frencap_module, "encap", "Encapsulation",
927 "Encapsulation", &fr_encap,
928 fr_encap_options, FALSE);
931 void proto_reg_handoff_fr(void)
933 dissector_handle_t fr_handle, fr_phdr_handle;
935 fr_handle = create_dissector_handle(dissect_fr, proto_fr);
936 dissector_add("gre.proto", ETHERTYPE_RAW_FR, fr_handle);
937 dissector_add("wtap_encap", WTAP_ENCAP_FRELAY, fr_handle);
939 fr_phdr_handle = create_dissector_handle(dissect_fr_phdr, proto_fr);
940 dissector_add("wtap_encap", WTAP_ENCAP_FRELAY_WITH_PHDR, fr_phdr_handle);
942 eth_withfcs_handle = find_dissector("eth_withfcs");
943 gprs_ns_handle = find_dissector("gprs_ns");
944 data_handle = find_dissector("data");
946 osinl_subdissector_table = find_dissector_table("osinl");
git.samba.org / obnox / wireshark / wip.git / blob