2 * Routines for MAC-Telnet dissection
3 * Copyright 2010, Haakon Nessjoen <haakon.nessjoen@gmail.com>
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27 * Thanks to "omniflux" for dissecting the protocol by hand before me.
28 * http://www.omniflux.com/devel/mikrotik/Mikrotik_MAC_Telnet_Procotol.txt
38 #include <epan/packet.h>
39 #include <epan/prefs.h>
40 #include <epan/addr_resolv.h>
42 #define PROTO_TAG_MACTELNET "MAC-Telnet"
44 void proto_reg_handoff_mactelnet(void);
46 /* Initialize the protocol and registered fields */
47 static gint proto_mactelnet = -1;
48 static gint hf_mactelnet_control_packet = -1;
49 static gint hf_mactelnet_type = -1;
50 static gint hf_mactelnet_protocolver = -1;
51 static gint hf_mactelnet_source_mac = -1;
52 static gint hf_mactelnet_destination_mac = -1;
53 static gint hf_mactelnet_session_id = -1;
54 static gint hf_mactelnet_client_type = -1;
55 static gint hf_mactelnet_databytes = -1;
56 static gint hf_mactelnet_datatype = -1;
57 static gint hf_mactelnet_control = -1;
58 static gint hf_mactelnet_control_length = -1;
59 static gint hf_mactelnet_control_encryption_key = -1;
60 static gint hf_mactelnet_control_password = -1;
61 static gint hf_mactelnet_control_username = -1;
62 static gint hf_mactelnet_control_terminal = -1;
63 static gint hf_mactelnet_control_width = -1;
64 static gint hf_mactelnet_control_height = -1;
66 /* Global port preference */
67 static guint global_mactelnet_port = 20561;
69 /* Control packet definition */
70 static const guint32 control_packet = 0x563412FF;
72 /* Initialize the subtree pointers */
73 static gint ett_mactelnet = -1;
74 static gint ett_mactelnet_control = -1;
76 static dissector_handle_t data_handle;
79 static const value_string packettypenames[] = {
80 { 0, "Start session" },
83 { 255, "End session" },
87 /* Known client types */
88 static const value_string clienttypenames[] = {
89 { 0x0015, "MAC Telnet" },
94 /* Known control-packet types */
95 static const value_string controlpackettypenames[] = {
96 { 0, "Begin authentication" },
97 { 1, "Encryption key" },
100 { 4, "Terminal type" },
101 { 5, "Terminal width" },
102 { 6, "Terminal height" },
103 { 9, "End authentication" },
109 dissect_mactelnet(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
111 proto_item *mactelnet_item;
112 proto_tree *mactelnet_tree;
113 proto_item *mactelnet_control_item;
114 proto_tree *mactelnet_control_tree;
117 /* Check that there's enough data */
118 if (tvb_length(tvb) < 22)
121 /* Make entries in Protocol column and Info column on summary display */
122 col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_MACTELNET);
124 /* Get the type byte */
125 type = tvb_get_guint8(tvb, 1);
127 col_add_fstr(pinfo->cinfo, COL_INFO, "%s > %s Type: %s",
128 tvb_ether_to_str(tvb, 2),
129 tvb_ether_to_str(tvb, 8),
130 val_to_str(type, packettypenames, "Unknown Type:0x%02x"));
133 guint8 no_ip[4] = {0,0,0,0};
136 /* create display subtree for the protocol */
137 mactelnet_item = proto_tree_add_item(tree, proto_mactelnet, tvb, 0, -1, ENC_NA);
138 mactelnet_tree = proto_item_add_subtree(mactelnet_item, ett_mactelnet);
141 proto_tree_add_item(mactelnet_tree, hf_mactelnet_protocolver, tvb, offset, 1, ENC_NA);
145 proto_tree_add_item(mactelnet_tree, hf_mactelnet_type, tvb, offset, 1, ENC_NA);
149 proto_tree_add_item(mactelnet_tree, hf_mactelnet_source_mac, tvb, offset, 6, ENC_NA);
153 proto_tree_add_item(mactelnet_tree, hf_mactelnet_destination_mac, tvb, offset, 6, ENC_NA);
156 if (memcmp(pinfo->src.data, &no_ip, 4) == 0) {
157 /* Server to client */
160 proto_tree_add_item(mactelnet_tree, hf_mactelnet_session_id, tvb, offset+2, 2, ENC_BIG_ENDIAN);
164 proto_tree_add_item(mactelnet_tree, hf_mactelnet_client_type, tvb, offset-2, 2, ENC_BIG_ENDIAN);
167 /* Client to server */
170 proto_tree_add_item(mactelnet_tree, hf_mactelnet_session_id, tvb, offset, 2, ENC_BIG_ENDIAN);
174 proto_tree_add_item(mactelnet_tree, hf_mactelnet_client_type, tvb, offset, 2, ENC_BIG_ENDIAN);
179 proto_tree_add_item(mactelnet_tree, hf_mactelnet_databytes, tvb, offset, 4, ENC_BIG_ENDIAN);
182 /* Data packets only */
184 while(tvb_reported_length_remaining(tvb, offset) > 0) {
185 if (tvb_reported_length_remaining(tvb, offset) > 4 && tvb_get_ntohl(tvb, offset) == control_packet) {
189 /* Add subtree for control packet */
190 mactelnet_control_item = proto_tree_add_item(mactelnet_tree, hf_mactelnet_control, tvb, offset, -1, ENC_NA);
191 mactelnet_control_tree = proto_item_add_subtree(mactelnet_control_item, ett_mactelnet);
192 /* Control packet magic number (4) */
193 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_packet, tvb, offset, 4, ENC_BIG_ENDIAN);
196 /* Control packet type (1) */
197 datatype = tvb_get_guint8(tvb, offset);
198 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_datatype, tvb, offset, 1, ENC_NA);
201 /* Control packet length (4) */
202 datalength = tvb_get_ntohl(tvb, offset);
203 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_length, tvb, offset, 4, ENC_BIG_ENDIAN);
207 case 1: /* Encryption Key */
208 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_encryption_key, tvb, offset, datalength, ENC_NA);
211 case 2: /* Password */
212 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_password, tvb, offset, datalength, ENC_NA);
215 case 3: /* Username */
216 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_username, tvb, offset, datalength, ENC_NA);
219 case 4: /* Terminal type */
220 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_terminal, tvb, offset, datalength, ENC_NA);
223 case 5: /* Terminal width */
224 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_width, tvb, offset, 2, ENC_LITTLE_ENDIAN);
227 case 6: /* Terminal height */
228 proto_tree_add_item(mactelnet_control_tree, hf_mactelnet_control_height, tvb, offset, 2, ENC_LITTLE_ENDIAN);
231 case 9: /* End authentication (no data) */
234 proto_item_set_len (mactelnet_control_item, datalength + 9);
235 offset += datalength;
237 /* Data packet, let wireshark handle it */
238 tvbuff_t *next_client = tvb_new_subset(tvb, offset, -1, -1);
239 return call_dissector(data_handle, next_client, pinfo, mactelnet_tree);
246 return tvb_reported_length(tvb);
251 proto_register_mactelnet(void)
253 static hf_register_info hf[] = {
254 { &hf_mactelnet_control_packet,
255 { "Control Packet Magic Number", "mactelnet.control_packet", FT_UINT32, BASE_HEX, NULL, 0x0,
257 { &hf_mactelnet_type,
258 { "Type", "mactelnet.type", FT_UINT8, BASE_DEC, VALS(packettypenames), 0x0,
259 "Packet Type", HFILL }},
260 { &hf_mactelnet_protocolver,
261 { "Protocol Version", "mactelnet.protocol_version", FT_UINT8, BASE_DEC, NULL, 0x0,
263 { &hf_mactelnet_source_mac,
264 { "Source MAC", "mactelnet.source_mac", FT_ETHER, BASE_NONE, NULL , 0x0,
266 { &hf_mactelnet_destination_mac,
267 { "Destination MAC", "mactelnet.destination_mac", FT_ETHER, BASE_NONE, NULL , 0x0,
269 { &hf_mactelnet_session_id,
270 { "Session ID", "mactelnet.session_id", FT_UINT16, BASE_HEX, NULL , 0x0,
271 "Session ID for this connection", HFILL }},
272 { &hf_mactelnet_client_type,
273 { "Client Type", "mactelnet.client_type", FT_UINT16, BASE_HEX, VALS(clienttypenames) , 0x0,
275 { &hf_mactelnet_databytes,
276 { "Session Data Bytes", "mactelnet.session_bytes", FT_UINT32, BASE_DEC, NULL , 0x0,
277 "Session data bytes received", HFILL }},
278 { &hf_mactelnet_datatype,
279 { "Data Packet Type", "mactelnet.data_type", FT_UINT8, BASE_HEX, VALS(controlpackettypenames) , 0x0,
281 { &hf_mactelnet_control,
282 { "Control Packet", "mactelnet.control", FT_NONE, BASE_NONE, NULL , 0x0,
284 { &hf_mactelnet_control_length,
285 { "Control Data Length", "mactelnet.control_length", FT_UINT32, BASE_DEC, NULL , 0x0,
286 "Control packet length", HFILL }},
287 { &hf_mactelnet_control_encryption_key,
288 { "Encryption Key", "mactelnet.control_encryptionkey", FT_BYTES, BASE_NONE, NULL , 0x0,
289 "Login encryption key", HFILL }},
290 { &hf_mactelnet_control_password,
291 { "Password MD5", "mactelnet.control_password", FT_BYTES, BASE_NONE, NULL , 0x0,
292 "Null padded MD5 password", HFILL }},
293 { &hf_mactelnet_control_username,
294 { "Username", "mactelnet.control_username", FT_STRING, BASE_NONE, NULL , 0x0,
296 { &hf_mactelnet_control_terminal,
297 { "Terminal Type", "mactelnet.control_terminaltype", FT_STRING, BASE_NONE, NULL , 0x0,
299 { &hf_mactelnet_control_width,
300 { "Terminal Width", "mactelnet.control_width", FT_UINT16, BASE_DEC, NULL , 0x0,
302 { &hf_mactelnet_control_height,
303 { "Terminal Height", "mactelnet.control_height", FT_UINT16, BASE_DEC, NULL , 0x0,
307 /* Setup protocol subtree array */
308 static gint *ett[] = {
310 &ett_mactelnet_control,
313 module_t *mactelnet_module;
315 /* Register the protocol name and description */
316 proto_mactelnet = proto_register_protocol ("MikroTik MAC-Telnet Protocol", PROTO_TAG_MACTELNET, "mactelnet");
318 /* Required function calls to register the header fields and subtrees used */
319 proto_register_field_array (proto_mactelnet, hf, array_length (hf));
320 proto_register_subtree_array (ett, array_length (ett));
322 mactelnet_module = prefs_register_protocol(proto_mactelnet, proto_reg_handoff_mactelnet);
324 prefs_register_uint_preference(mactelnet_module, "port", "UDP Port",
325 "MAC-Telnet UDP port if other than the default",
326 10, &global_mactelnet_port);
330 proto_reg_handoff_mactelnet(void)
332 static gboolean initialized = FALSE;
333 static guint current_port;
334 static dissector_handle_t mactelnet_handle;
337 mactelnet_handle = new_create_dissector_handle(dissect_mactelnet, proto_mactelnet);
338 data_handle = find_dissector("data");
341 dissector_delete_uint("udp.port", current_port, mactelnet_handle);
344 current_port = global_mactelnet_port;
345 dissector_add_uint("udp.port", current_port, mactelnet_handle);