2 * Routines for RX packet dissection
3 * Copyright 1999, Nathan Neulinger <nneul@umr.edu>
4 * Based on routines from tcpdump patches by
5 * Ken Hornstein <kenh@cmf.nrl.navy.mil>
7 * $Id: packet-rx.c,v 1.28 2001/12/03 03:59:39 guy Exp $
9 * Ethereal - Network traffic analyzer
10 * By Gerald Combs <gerald@ethereal.com>
11 * Copyright 1998 Gerald Combs
13 * Copied from packet-tftp.c
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version 2
18 * of the License, or (at your option) any later version.
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
36 #ifdef HAVE_SYS_TYPES_H
37 # include <sys/types.h>
40 #ifdef HAVE_NETINET_IN_H
41 # include <netinet/in.h>
47 #include "packet-rx.h"
50 #define UDP_PORT_RX_LOW 7000
51 #define UDP_PORT_RX_HIGH 7009
52 #define UDP_PORT_RX_AFS_BACKUPS 7021
54 static const value_string rx_types[] = {
55 { RX_PACKET_TYPE_DATA, "data" },
56 { RX_PACKET_TYPE_ACK, "ack" },
57 { RX_PACKET_TYPE_BUSY, "busy" },
58 { RX_PACKET_TYPE_ABORT, "abort" },
59 { RX_PACKET_TYPE_ACKALL, "ackall" },
60 { RX_PACKET_TYPE_CHALLENGE, "challenge" },
61 { RX_PACKET_TYPE_RESPONSE, "response" },
62 { RX_PACKET_TYPE_DEBUG, "debug" },
63 { RX_PACKET_TYPE_PARAMS, "params" },
64 { RX_PACKET_TYPE_VERSION, "version" },
68 static const value_string rx_flags[] = {
69 { RX_CLIENT_INITIATED, "client-init" },
70 { RX_REQUEST_ACK, "req-ack" },
71 { RX_LAST_PACKET, "last-pckt" },
72 { RX_MORE_PACKETS, "more-pckts" },
73 { RX_FREE_PACKET, "free-pckt" },
77 static const value_string rx_reason[] = {
78 { RX_ACK_REQUESTED, "Ack Requested" },
79 { RX_ACK_DUPLICATE, "Duplicate Packet" },
80 { RX_ACK_OUT_OF_SEQUENCE, "Out Of Sequence" },
81 { RX_ACK_EXEEDS_WINDOW, "Exceeds Window" },
82 { RX_ACK_NOSPACE, "No Space" },
83 { RX_ACK_PING, "Ping" },
84 { RX_ACK_PING_RESPONSE, "Ping Response" },
85 { RX_ACK_DELAY, "Delay" },
89 static const value_string rx_ack_type[] = {
90 { RX_ACK_TYPE_NACK, "NACK" },
91 { RX_ACK_TYPE_ACK, "ACK" },
95 static int proto_rx = -1;
96 static int hf_rx_epoch = -1;
97 static int hf_rx_cid = -1;
98 static int hf_rx_seq = -1;
99 static int hf_rx_serial = -1;
100 static int hf_rx_callnumber = -1;
101 static int hf_rx_type = -1;
102 static int hf_rx_flags = -1;
103 static int hf_rx_flags_clientinit = -1;
104 static int hf_rx_flags_request_ack = -1;
105 static int hf_rx_flags_last_packet = -1;
106 static int hf_rx_flags_more_packets = -1;
107 static int hf_rx_flags_free_packet = -1;
108 static int hf_rx_userstatus = -1;
109 static int hf_rx_securityindex = -1;
110 static int hf_rx_spare = -1;
111 static int hf_rx_serviceid = -1;
112 static int hf_rx_bufferspace = -1;
113 static int hf_rx_maxskew = -1;
114 static int hf_rx_first_packet = -1;
115 static int hf_rx_prev_packet = -1;
116 static int hf_rx_reason = -1;
117 static int hf_rx_numacks = -1;
118 static int hf_rx_ack_type = -1;
119 static int hf_rx_ack = -1;
120 static int hf_rx_challenge = -1;
121 static int hf_rx_version = -1;
122 static int hf_rx_nonce = -1;
123 static int hf_rx_inc_nonce = -1;
124 static int hf_rx_min_level = -1;
125 static int hf_rx_level = -1;
126 static int hf_rx_response = -1;
127 static int hf_rx_encrypted = -1;
128 static int hf_rx_kvno = -1;
129 static int hf_rx_ticket_len = -1;
130 static int hf_rx_ticket = -1;
131 static int hf_rx_ifmtu = -1;
132 static int hf_rx_maxmtu = -1;
133 static int hf_rx_rwind = -1;
134 static int hf_rx_maxpackets = -1;
136 static gint ett_rx = -1;
137 static gint ett_rx_flags = -1;
138 static gint ett_rx_ack = -1;
139 static gint ett_rx_challenge = -1;
140 static gint ett_rx_response = -1;
141 static gint ett_rx_encrypted = -1;
143 static dissector_handle_t afs_handle;
146 dissect_rx_response_encrypted(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int offset)
150 int old_offset=offset;
154 item = proto_tree_add_item(parent_tree, hf_rx_encrypted, tvb, offset, 0, FALSE);
155 tree = proto_item_add_subtree(item, ett_rx_encrypted);
157 /* epoch : 4 bytes */
160 ts.secs = tvb_get_ntohl(tvb, offset);
163 proto_tree_add_time(tree, hf_rx_epoch, tvb,
169 proto_tree_add_item(tree, hf_rx_cid, tvb, offset, 4, FALSE);
172 /*FIXME dont know how to handle this checksum, skipping it */
175 /* sequrityindex : 1 byte */
176 proto_tree_add_item(tree, hf_rx_securityindex, tvb, offset, 1, FALSE);
179 for (i=0; i<RX_MAXCALLS; i++) {
180 /* callnumber : 4 bytes */
181 callnumber = tvb_get_ntohl(tvb, offset);
182 proto_tree_add_uint(tree, hf_rx_callnumber, tvb,
183 offset, 4, callnumber);
187 /* inc nonce : 4 bytes */
188 proto_tree_add_item(tree, hf_rx_inc_nonce, tvb, offset, 4, FALSE);
191 /* level : 4 bytes */
192 proto_tree_add_item(tree, hf_rx_level, tvb, offset, 4, FALSE);
195 proto_item_set_len(item, offset-old_offset);
201 dissect_rx_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int offset, guint32 seq, guint32 callnumber)
206 int old_offset=offset;
208 if (check_col(pinfo->fd, COL_INFO)) {
209 col_add_fstr(pinfo->fd, COL_INFO,
214 "Destination Port: %s ",
216 (unsigned long)callnumber,
217 get_udp_port(pinfo->srcport),
218 get_udp_port(pinfo->destport)
222 item = proto_tree_add_item(parent_tree, hf_rx_response, tvb, offset, 0, FALSE);
223 tree = proto_item_add_subtree(item, ett_rx_response);
225 version = tvb_get_ntohl(tvb, offset);
226 proto_tree_add_uint(tree, hf_rx_version, tvb,
234 /* encrypted : struct */
235 offset = dissect_rx_response_encrypted(tvb, pinfo, tree, offset);
238 proto_tree_add_item(tree, hf_rx_kvno, tvb, offset, 4, FALSE);
242 tl = tvb_get_ntohl(tvb, offset);
243 proto_tree_add_uint(tree, hf_rx_ticket_len, tvb,
247 proto_tree_add_item(tree, hf_rx_ticket, tvb, offset, tl, FALSE);
251 proto_item_set_len(item, offset-old_offset);
256 dissect_rx_challenge(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int offset, guint32 seq, guint32 callnumber)
261 int old_offset=offset;
263 if (check_col(pinfo->fd, COL_INFO)) {
264 col_add_fstr(pinfo->fd, COL_INFO,
269 "Destination Port: %s ",
271 (unsigned long)callnumber,
272 get_udp_port(pinfo->srcport),
273 get_udp_port(pinfo->destport)
277 item = proto_tree_add_item(parent_tree, hf_rx_challenge, tvb, offset, 0, FALSE);
278 tree = proto_item_add_subtree(item, ett_rx_challenge);
280 version = tvb_get_ntohl(tvb, offset);
281 proto_tree_add_uint(tree, hf_rx_version, tvb,
286 proto_tree_add_item(tree, hf_rx_nonce, tvb, offset, 4, FALSE);
289 proto_tree_add_item(tree, hf_rx_min_level, tvb, offset, 4, FALSE);
293 proto_item_set_len(item, offset-old_offset);
298 dissect_rx_acks(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int offset, guint32 seq, guint32 callnumber)
303 int old_offset = offset;
305 if (check_col(pinfo->fd, COL_INFO)) {
306 col_add_fstr(pinfo->fd, COL_INFO,
311 "Destination Port: %s ",
313 (unsigned long)callnumber,
314 get_udp_port(pinfo->srcport),
315 get_udp_port(pinfo->destport)
319 item = proto_tree_add_item(parent_tree, hf_rx_ack, tvb, offset, 0, FALSE);
320 tree = proto_item_add_subtree(item, ett_rx_ack);
323 /* bufferspace: 2 bytes*/
324 proto_tree_add_item(tree, hf_rx_bufferspace, tvb, offset, 2, FALSE);
327 /* maxskew: 2 bytes*/
328 proto_tree_add_item(tree, hf_rx_maxskew, tvb, offset, 2, FALSE);
331 /* first packet: 4 bytes*/
332 proto_tree_add_item(tree, hf_rx_first_packet, tvb, offset, 4, FALSE);
335 /* prev packet: 4 bytes*/
336 proto_tree_add_item(tree, hf_rx_prev_packet, tvb, offset, 4, FALSE);
339 /* serial : 4 bytes */
340 proto_tree_add_item(tree, hf_rx_serial, tvb, offset, 4, FALSE);
343 /* reason : 1 byte */
344 proto_tree_add_item(tree, hf_rx_reason, tvb, offset, 1, FALSE);
348 num = tvb_get_guint8(tvb, offset);
349 proto_tree_add_uint(tree, hf_rx_numacks, tvb, offset, 1, num);
353 proto_tree_add_item(tree, hf_rx_ack_type, tvb, offset, 1,
358 /* Some implementations adds some extra fields.
359 * As far as I can see, these first add 3 padding bytes and then
360 * up to 4 32-bit values. (0,3,4 have been witnessed)
362 * RX as a protocol seems to be completely nondefined and seems to lack
363 * any sort of documentation other than "read the source of any of the
364 * (compatible?) implementations.
366 if (tvb_length_remaining(tvb, offset)>3) {
367 offset += 3; /* guess. some implementations adds 3 bytes */
369 if (tvb_reported_length_remaining(tvb, offset) >= 4){
370 proto_tree_add_item(tree, hf_rx_ifmtu, tvb, offset, 4,
374 if (tvb_reported_length_remaining(tvb, offset) >= 4){
375 proto_tree_add_item(tree, hf_rx_maxmtu, tvb, offset, 4,
379 if (tvb_reported_length_remaining(tvb, offset) >= 4){
380 proto_tree_add_item(tree, hf_rx_rwind, tvb, offset, 4,
384 if (tvb_reported_length_remaining(tvb, offset) >= 4){
385 proto_tree_add_item(tree, hf_rx_maxpackets, tvb, offset, 4,
391 proto_item_set_len(item, offset-old_offset);
397 dissect_rx_flags(tvbuff_t *tvb, struct rxinfo *rxinfo, proto_tree *parent_tree, int offset)
403 flags = tvb_get_guint8(tvb, offset);
404 rxinfo->flags = flags;
406 item = proto_tree_add_uint(parent_tree, hf_rx_flags, tvb,
408 tree = proto_item_add_subtree(item, ett_rx_flags);
410 proto_tree_add_uint(tree, hf_rx_flags_free_packet, tvb,
412 proto_tree_add_uint(tree, hf_rx_flags_more_packets, tvb,
414 proto_tree_add_uint(tree, hf_rx_flags_last_packet, tvb,
416 proto_tree_add_uint(tree, hf_rx_flags_request_ack, tvb,
418 proto_tree_add_uint(tree, hf_rx_flags_clientinit, tvb,
426 dissect_rx(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
431 struct rxinfo rxinfo;
433 guint32 seq, callnumber;
436 if (check_col(pinfo->fd, COL_PROTOCOL))
437 col_set_str(pinfo->fd, COL_PROTOCOL, "RX");
438 if (check_col(pinfo->fd, COL_INFO))
439 col_clear(pinfo->fd, COL_INFO);
441 item = proto_tree_add_protocol_format(parent_tree, proto_rx, tvb,
442 offset, 28, "RX Protocol");
443 tree = proto_item_add_subtree(item, ett_rx);
445 /* epoch : 4 bytes */
448 ts.secs = tvb_get_ntohl(tvb, offset);
451 proto_tree_add_time(tree, hf_rx_epoch, tvb,
457 proto_tree_add_item(tree, hf_rx_cid, tvb, offset, 4, FALSE);
460 /* callnumber : 4 bytes */
461 callnumber = tvb_get_ntohl(tvb, offset);
462 proto_tree_add_uint(tree, hf_rx_callnumber, tvb,
463 offset, 4, callnumber);
465 rxinfo.callnumber = callnumber;
468 seq = tvb_get_ntohl(tvb, offset);
469 proto_tree_add_uint(tree, hf_rx_seq, tvb,
474 /* serial : 4 bytes */
475 proto_tree_add_item(tree, hf_rx_serial, tvb, offset, 4, FALSE);
479 type = tvb_get_guint8(tvb, offset);
480 proto_tree_add_uint(tree, hf_rx_type, tvb,
486 offset = dissect_rx_flags(tvb, &rxinfo, tree, offset);
488 /* userstatus : 1 byte */
489 proto_tree_add_item(tree, hf_rx_userstatus, tvb, offset, 1, FALSE);
492 /* sequrityindex : 1 byte */
493 proto_tree_add_item(tree, hf_rx_securityindex, tvb, offset, 1, FALSE);
497 * How clever: even though the AFS header files indicate that the
498 * serviceId is first, it's really encoded _after_ the spare field.
499 * I wasted a day figuring that out!
503 proto_tree_add_item(tree, hf_rx_spare, tvb, offset, 2, FALSE);
506 /* service id : 2 bytes */
507 serviceid = tvb_get_ntohs(tvb, offset);
508 proto_tree_add_uint(tree, hf_rx_serviceid, tvb,
509 offset, 2, serviceid);
511 rxinfo.serviceid = serviceid;
514 case RX_PACKET_TYPE_ACK:
515 /*dissect_rx_acks(tvb, pinfo, parent_tree, offset,
516 cant create it in a parallell tree, then ett seasrch
518 dissect_rx_acks(tvb, pinfo, tree, offset,
521 case RX_PACKET_TYPE_ACKALL:
522 /* does not contain any payload */
523 if (check_col(pinfo->fd, COL_INFO)) {
524 col_add_fstr(pinfo->fd, COL_INFO,
529 "Destination Port: %s ",
531 (unsigned long)callnumber,
532 get_udp_port(pinfo->srcport),
533 get_udp_port(pinfo->destport)
537 case RX_PACKET_TYPE_CHALLENGE:
538 dissect_rx_challenge(tvb, pinfo, tree, offset, seq, callnumber);
540 case RX_PACKET_TYPE_RESPONSE:
541 dissect_rx_response(tvb, pinfo, tree, offset, seq, callnumber);
543 case RX_PACKET_TYPE_DATA: {
545 pinfo->private_data = &rxinfo;
546 next_tvb = tvb_new_subset(tvb, offset, -1, -1);
547 call_dissector(afs_handle, next_tvb, pinfo, parent_tree);
555 proto_register_rx(void)
557 static hf_register_info hf[] = {
559 "Epoch", "rx.epoch", FT_ABSOLUTE_TIME, BASE_DEC,
560 NULL, 0, "Epoch", HFILL }},
563 "CID", "rx.cid", FT_UINT32, BASE_DEC,
564 NULL, 0, "CID", HFILL }},
566 { &hf_rx_callnumber, {
567 "Call Number", "rx.callnumber", FT_UINT32, BASE_DEC,
568 NULL, 0, "Call Number", HFILL }},
571 "Sequence Number", "rx.seq", FT_UINT32, BASE_DEC,
572 NULL, 0, "Sequence Number", HFILL }},
575 "Serial", "rx.serial", FT_UINT32, BASE_DEC,
576 NULL, 0, "Serial", HFILL }},
579 "Type", "rx.type", FT_UINT8, BASE_DEC,
580 VALS(rx_types), 0, "Type", HFILL }},
583 "Flags", "rx.flags", FT_UINT8, BASE_HEX,
584 NULL, 0, "Flags", HFILL }},
586 { &hf_rx_flags_clientinit, {
587 "Client Initiated", "rx.flags.client_init", FT_UINT8, BASE_BIN,
588 NULL, RX_CLIENT_INITIATED, "Client Initiated", HFILL }},
590 { &hf_rx_flags_request_ack, {
591 "Request Ack", "rx.flags.request_ack", FT_UINT8, BASE_BIN,
592 NULL, RX_REQUEST_ACK, "Request Ack", HFILL }},
594 { &hf_rx_flags_last_packet, {
595 "Last Packet", "rx.flags.last_packet", FT_UINT8, BASE_BIN,
596 NULL, RX_LAST_PACKET, "Last Packet", HFILL }},
598 { &hf_rx_flags_more_packets, {
599 "More Packets", "rx.flags.more_packets", FT_UINT8, BASE_BIN,
600 NULL, RX_MORE_PACKETS, "More Packets", HFILL }},
602 { &hf_rx_flags_free_packet, {
603 "Free Packet", "rx.flags.free_packet", FT_UINT8, BASE_BIN,
604 NULL, RX_FREE_PACKET, "Free Packet", HFILL }},
606 { &hf_rx_userstatus, {
607 "User Status", "rx.userstatus", FT_UINT32, BASE_DEC,
608 NULL, 0, "User Status", HFILL }},
610 { &hf_rx_securityindex, {
611 "Security Index", "rx.securityindex", FT_UINT32, BASE_DEC,
612 NULL, 0, "Security Index", HFILL }},
615 "Spare/Checksum", "rx.spare", FT_UINT16, BASE_DEC,
616 NULL, 0, "Spare/Checksum", HFILL }},
618 { &hf_rx_serviceid, {
619 "Service ID", "rx.serviceid", FT_UINT16, BASE_DEC,
620 NULL, 0, "Service ID", HFILL }},
622 { &hf_rx_bufferspace, {
623 "Bufferspace", "rx.bufferspace", FT_UINT16, BASE_DEC,
624 NULL, 0, "Number Of Packets Available", HFILL }},
627 "Max Skew", "rx.maxskew", FT_UINT16, BASE_DEC,
628 NULL, 0, "Max Skew", HFILL }},
630 { &hf_rx_first_packet, {
631 "First Packet", "rx.first", FT_UINT32, BASE_DEC,
632 NULL, 0, "First Packet", HFILL }},
634 { &hf_rx_prev_packet, {
635 "Prev Packet", "rx.prev", FT_UINT32, BASE_DEC,
636 NULL, 0, "Previous Packet", HFILL }},
639 "Reason", "rx.reason", FT_UINT8, BASE_DEC,
640 VALS(rx_reason), 0, "Reason For This ACK", HFILL }},
643 "Num ACKs", "rx.num_acks", FT_UINT8, BASE_DEC,
644 NULL, 0, "Number Of ACKs", HFILL }},
647 "ACK Type", "rx.ack_type", FT_UINT8, BASE_DEC,
648 VALS(rx_ack_type), 0, "Type Of ACKs", HFILL }},
651 "ACK Packet", "rx.ack", FT_NONE, BASE_NONE,
652 NULL, 0, "ACK Packet", HFILL }},
654 { &hf_rx_challenge, {
655 "CHALLENGE Packet", "rx.challenge", FT_NONE, BASE_NONE,
656 NULL, 0, "CHALLENGE Packet", HFILL }},
659 "Version", "rx.version", FT_UINT32, BASE_DEC,
660 NULL, 0, "Version Of Challenge/Response", HFILL }},
663 "Nonce", "rx.nonce", FT_UINT32, BASE_HEX,
664 NULL, 0, "Nonce", HFILL }},
666 { &hf_rx_inc_nonce, {
667 "Inc Nonce", "rx.inc_nonce", FT_UINT32, BASE_HEX,
668 NULL, 0, "Incremented Nonce", HFILL }},
670 { &hf_rx_min_level, {
671 "Min Level", "rx.min_level", FT_UINT32, BASE_DEC,
672 NULL, 0, "Min Level", HFILL }},
675 "Level", "rx.level", FT_UINT32, BASE_DEC,
676 NULL, 0, "Level", HFILL }},
679 "RESPONSE Packet", "rx.response", FT_NONE, BASE_NONE,
680 NULL, 0, "RESPONSE Packet", HFILL }},
682 { &hf_rx_encrypted, {
683 "Encrypted", "rx.encrypted", FT_NONE, BASE_NONE,
684 NULL, 0, "Encrypted part of response packet", HFILL }},
687 "kvno", "rx.kvno", FT_UINT32, BASE_DEC,
688 NULL, 0, "kvno", HFILL }},
690 { &hf_rx_ticket_len, {
691 "Ticket len", "rx.ticket_len", FT_UINT32, BASE_DEC,
692 NULL, 0, "Ticket Length", HFILL }},
695 "ticket", "rx.ticket", FT_BYTES, BASE_HEX,
696 NULL, 0, "Ticket", HFILL }},
699 "Interface MTU", "rx.if_mtu", FT_UINT32, BASE_DEC,
700 NULL, 0, "Interface MTU", HFILL }},
703 "Max MTU", "rx.max_mtu", FT_UINT32, BASE_DEC,
704 NULL, 0, "Max MTU", HFILL }},
707 "rwind", "rx.rwind", FT_UINT32, BASE_DEC,
708 NULL, 0, "rwind", HFILL }},
710 { &hf_rx_maxpackets, {
711 "Max Packets", "rx.max_packets", FT_UINT32, BASE_DEC,
712 NULL, 0, "Max Packets", HFILL }},
715 static gint *ett[] = {
724 proto_rx = proto_register_protocol("RX Protocol", "RX", "rx");
725 proto_register_field_array(proto_rx, hf, array_length(hf));
726 proto_register_subtree_array(ett, array_length(ett));
730 proto_reg_handoff_rx(void)
732 dissector_handle_t rx_handle;
737 * Get handle for the AFS dissector.
739 afs_handle = find_dissector("afs");
741 /* Ports in the range UDP_PORT_RX_LOW to UDP_PORT_RX_HIGH
742 are all used for various AFS services. */
743 rx_handle = create_dissector_handle(dissect_rx, proto_rx);
744 for (port = UDP_PORT_RX_LOW; port <= UDP_PORT_RX_HIGH; port++)
745 dissector_add("udp.port", port, rx_handle);
746 dissector_add("udp.port", UDP_PORT_RX_AFS_BACKUPS, rx_handle);