/* packet.h
* Definitions for packet disassembly structures and routines
*
- * $Id: packet.h,v 1.125 1999/11/05 07:16:22 guy Exp $
+ * $Id: packet.h,v 1.166 2000/01/20 21:34:14 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
gint ospf;
gint gre;
gint netbios;
+ gint ipx;
+ gint vines;
gint other;
gint total;
} packet_counts;
+/* Types of character encodings */
+typedef enum {
+ CHAR_ASCII, /* ASCII */
+ CHAR_EBCDIC /* EBCDIC */
+} char_enc;
+
/* XXX - some of this stuff is used only while a packet is being dissected;
should we keep around a separate data structure for that, to save
memory?
seek-and-read, so that we don't have to save it for all frames? */
typedef struct _frame_data {
struct _frame_data *next; /* Next element in list */
+ struct _frame_data *prev; /* Previous element in list */
guint32 num; /* Frame number */
guint32 pkt_len; /* Packet length */
guint32 cap_len; /* Amount actually captured */
gint row; /* Row number for this packet in the display */
int lnk_t; /* Per-packet encapsulation/data-link type */
gboolean passed_dfilter; /* TRUE = display, FALSE = no display */
+ char_enc encoding; /* Character encoding (ASCII, EBCDIC...) */
union pseudo_header pseudo_header; /* "pseudo-header" from wiretap */
} frame_data;
int dport;
} tcp_extra_data;
-/* Tree types. Each dissect_* routine should have one for each
- add_subtree() call. */
-
-enum {
- ETT_NONE,
- ETT_FRAME,
- ETT_IEEE8023,
- ETT_ETHER2,
- ETT_LLC,
- ETT_TOKEN_RING,
- ETT_TOKEN_RING_AC,
- ETT_TOKEN_RING_FC,
- ETT_TR_IERR_CNT,
- ETT_TR_NERR_CNT,
- ETT_TR_MAC,
- ETT_PPP,
- ETT_ARP,
- ETT_BPDU,
- ETT_FDDI,
- ETT_NULL,
- ETT_IP,
- ETT_IP_OPTIONS,
- ETT_IP_OPTION_SEC,
- ETT_IP_OPTION_ROUTE,
- ETT_IP_OPTION_TIMESTAMP,
- ETT_IP_TOS,
- ETT_IP_OFF,
- ETT_UDP,
- ETT_TCP,
- ETT_TCP_OPTIONS,
- ETT_TCP_OPTION_SACK,
- ETT_TCP_FLAGS,
- ETT_ICMP,
- ETT_IGMP,
- ETT_IPX,
- ETT_SPX,
- ETT_NCP,
- ETT_NCP_REQUEST_FIELDS,
- ETT_NCP_REPLY_FIELDS,
- ETT_DNS,
- ETT_DNS_FLAGS,
- ETT_DNS_QRY,
- ETT_DNS_QD,
- ETT_DNS_ANS,
- ETT_DNS_RR,
- ETT_EIGRP,
- ETT_CL_ICQ,
- ETT_CL_ICQ_DECODE,
- ETT_ICQ_SUBTREE,
- ETT_SRV_ICQ,
- ETT_ISAKMP,
- ETT_ISAKMP_FLAGS,
- ETT_ISAKMP_PAYLOAD,
- ETT_RIP,
- ETT_RIP_VEC,
- ETT_RIPNG,
- ETT_RIPNG_ADDR,
- ETT_PIM,
- ETT_OSPF,
- ETT_OSPF_HDR,
- ETT_OSPF_HELLO,
- ETT_OSPF_DESC,
- ETT_OSPF_LSR,
- ETT_OSPF_LSA_UPD,
- ETT_OSPF_LSA,
- ETT_LPD,
- ETT_RAW,
- ETT_CLIP,
- ETT_BOOTP,
- ETT_BOOTP_OPTION,
- ETT_IPv6,
- ETT_BGP,
- ETT_CLNP,
- ETT_COTP,
- ETT_VINES_FRP,
- ETT_VINES,
- ETT_VINES_ARP,
- ETT_VINES_ICP,
- ETT_VINES_IPC,
- ETT_VINES_RTP,
- ETT_VINES_SPP,
- ETT_VLAN,
- ETT_IPXRIP,
- ETT_IPXSAP,
- ETT_IPXSAP_SERVER,
- ETT_NBNS,
- ETT_NBNS_FLAGS,
- ETT_NBNS_NB_FLAGS,
- ETT_NBNS_NAME_FLAGS,
- ETT_NBNS_QRY,
- ETT_NBNS_QD,
- ETT_NETB,
- ETT_NETB_FLAGS,
- ETT_NETB_STATUS,
- ETT_NETB_NAME,
- ETT_NBNS_ANS,
- ETT_NBNS_RR,
- ETT_NBIPX,
- ETT_NBIPX_NAME_TYPE_FLAGS,
- ETT_AARP,
- ETT_GIOP,
- ETT_NBDGM,
- ETT_CDP,
- ETT_CDP_TLV,
- ETT_HTTP,
- ETT_TFTP,
- ETT_AH,
- ETT_ESP,
- ETT_IPCOMP,
- ETT_ICMPv6,
- ETT_ICMPv6OPT,
- ETT_ICMPv6FLAG,
- ETT_POP,
- ETT_FTP,
- ETT_TELNET,
- ETT_TELNET_SUBOPT,
- ETT_NNTP,
- ETT_NTP,
- ETT_NTP_FLAGS,
- ETT_SNMP,
- ETT_NBSS,
- ETT_NBSS_FLAGS,
- ETT_RX,
- ETT_RX_FLAGS,
- ETT_AFS,
- ETT_AFS_OP,
- ETT_AFS_FID,
- ETT_AFS_ACL,
- ETT_AFS_CALLBACK,
- ETT_AFS_UBIKVER,
- ETT_SMB,
- ETT_SMB_FLAGS,
- ETT_SMB_FLAGS2,
- ETT_SMB_DIALECTS,
- ETT_SMB_MODE,
- ETT_SMB_CAPABILITIES,
- ETT_SMB_RAWMODE,
- ETT_SMB_AFLAGS,
- ETT_SMB_DESIREDACCESS,
- ETT_SMB_SEARCH,
- ETT_SMB_FILE,
- ETT_SMB_OPENFUNCTION,
- ETT_SMB_FILEATTRIBUTES,
- ETT_SMB_FILETYPE,
- ETT_SMB_ACTION,
- ETT_SMB_WRITEMODE,
- ETT_SMB_LOCK_TYPE,
- ETT_PPTP,
- ETT_GRE,
- ETT_GRE_FLAGS,
- ETT_ICP,
- ETT_ICP_PAYLOAD,
- ETT_PPPOED,
- ETT_PPPOED_TAGS,
- ETT_PPPOES,
- ETT_LCP,
- ETT_LCP_OPTIONS,
- ETT_LCP_MRU_OPT,
- ETT_LCP_ASYNC_MAP_OPT,
- ETT_LCP_AUTHPROT_OPT,
- ETT_LCP_QUALPROT_OPT,
- ETT_LCP_MAGICNUM_OPT,
- ETT_LCP_FCS_ALTERNATIVES_OPT,
- ETT_LCP_NUMBERED_MODE_OPT,
- ETT_LCP_CALLBACK_OPT,
- ETT_LCP_MULTILINK_EP_DISC_OPT,
- ETT_LCP_INTERNATIONALIZATION_OPT,
- ETT_IPCP,
- ETT_IPCP_OPTIONS,
- ETT_IPCP_IPADDRS_OPT,
- ETT_IPCP_COMPRESSPROT_OPT,
- ETT_RSVP,
- ETT_RSVP_UNKNOWN_CLASS,
- ETT_RSVP_HDR,
- ETT_RSVP_SESSION,
- ETT_RSVP_SGROUP,
- ETT_RSVP_HOP,
- ETT_RSVP_INTEGRITY,
- ETT_RSVP_TIME_VALUES,
- ETT_RSVP_ERROR,
- ETT_RSVP_SCOPE,
- ETT_RSVP_STYLE,
- ETT_RSVP_FLOWSPEC,
- ETT_RSVP_FILTER_SPEC,
- ETT_RSVP_SENDER_TEMPLATE,
- ETT_RSVP_SENDER_TSPEC,
- ETT_RSVP_ADSPEC,
- ETT_RSVP_POLICY,
- ETT_RSVP_CONFIRM,
- ETT_RSVP_ADSPEC_SUBTREE1,
- ETT_RSVP_ADSPEC_SUBTREE2,
- ETT_RSVP_ADSPEC_SUBTREE3,
- ETT_RTSP,
- ETT_SDP,
- ETT_RADIUS,
- ETT_RADIUS_AVP,
- ETT_LAPB,
- ETT_X25,
- ETT_XDLC_CONTROL,
- ETT_ATM,
- ETT_ATM_LANE,
- ETT_ATM_LANE_LC_FLAGS,
- ETT_ATM_LANE_LC_LAN_DEST,
- ETT_ATM_LANE_LC_LAN_DEST_RD,
- ETT_MP,
- ETT_MP_FLAGS,
- ETT_IPP,
- ETT_IPP_AS,
- ETT_IPP_ATTR,
- ETT_SNA,
- ETT_SNA_TH,
- ETT_SNA_TH_FID,
- ETT_SNA_RH,
- ETT_SNA_RH_0,
- ETT_SNA_RH_1,
- ETT_SNA_RH_2,
- ETT_SNA_RU,
- ETT_YHOO,
- ETT_RPC,
- ETT_RPC_STRING,
- ETT_RPC_CRED,
- ETT_RPC_VERF,
- ETT_RPC_GIDS,
- ETT_NFS,
- ETT_NFS_FHANDLE,
- ETT_NFS_TIMEVAL,
- ETT_NFS_MODE,
- ETT_NFS_FATTR,
- ETT_NFS_MODE3,
- ETT_NFS_SPECDATA3,
- ETT_NFS_FH3,
- ETT_NFS_NFSTIME3,
- ETT_NFS_FATTR3,
- ETT_BOOT,
- ETT_MNT,
- ETT_NLM,
- ETT_PMAP,
- ETT_STAT,
- ETT_YPBIND,
- ETT_YPSERV,
- ETT_DDP,
- NUM_TREE_TYPES /* last item number plus one */
-};
-
-/* TRUE if subtrees of an item of the specified type are to be expanded. */
-extern gboolean tree_is_expanded[NUM_TREE_TYPES];
-
/* Utility routines used by packet*.c */
gchar* ether_to_str(const guint8 *);
+gchar* ether_to_str_punct(const guint8 *, char);
gchar* ip_to_str(const guint8 *);
struct e_in6_addr;
gchar* ip6_to_str(struct e_in6_addr *);
#endif
void col_add_str(frame_data *, gint, const gchar *);
void col_append_str(frame_data *, gint, gchar *);
+void col_set_cls_time(frame_data *, int);
+void fill_in_columns(frame_data *);
void blank_packetinfo(void);
-void afs_init_protocol(void);
-void rpc_init_protocol(void);
-void smb_init_protocol(void);
+/* Allow protocols to register "init" routines, which are called before
+ we make a pass through a capture file and dissect all its packets
+ (e.g., when we read in a new capture file, or run a "filter packets"
+ or "colorize packets" pass over the current capture file). */
+void register_init_routine(void (*func)(void));
+
+/* Call all the registered "init" routines. */
+void init_all_protocols(void);
void dissect_packet(const u_char *, frame_data *, proto_tree *);
void capture_netbios(const u_char *, int, guint32, packet_counts *);
void capture_llc(const u_char *, int, guint32, packet_counts *);
void capture_ip(const u_char *, int, guint32, packet_counts *);
+void capture_ipx(const u_char *, int, guint32, packet_counts *);
+void capture_vines(const u_char *, int, guint32, packet_counts *);
+void capture_vlan(const u_char *, int, guint32, packet_counts *);
/*
* Routines in packet-*.c
void dissect_atm(const u_char *, frame_data *, proto_tree *);
void dissect_clip(const u_char *, frame_data *, proto_tree *);
void dissect_lapb(const u_char *, frame_data *, proto_tree *);
+void dissect_lapd(const u_char *, frame_data *, proto_tree *);
void dissect_null(const u_char *, frame_data *, proto_tree *);
void dissect_ppp(const u_char *, frame_data *, proto_tree *);
void dissect_raw(const u_char *, frame_data *, proto_tree *);
+void dissect_v120(const u_char *, frame_data *, proto_tree *);
/*
* Routines in packet-*.c
void dissect_aarp(const u_char *, int, frame_data *, proto_tree *);
void dissect_afs(const u_char *, int, frame_data *, proto_tree *);
void dissect_arp(const u_char *, int, frame_data *, proto_tree *);
+void dissect_auto_rp(const u_char *, int, frame_data *, proto_tree *);
void dissect_bgp(const u_char *, int, frame_data *, proto_tree *);
void dissect_bootp(const u_char *, int, frame_data *, proto_tree *);
void dissect_bpdu(const u_char *, int, frame_data *, proto_tree *);
void dissect_ftp(const u_char *, int, frame_data *, proto_tree *);
void dissect_ftpdata(const u_char *, int, frame_data *, proto_tree *);
void dissect_giop(const u_char *, int, frame_data *, proto_tree *);
+void dissect_hsrp(const u_char *, int, frame_data *, proto_tree *);
void dissect_http(const u_char *, int, frame_data *, proto_tree *);
void dissect_icmp(const u_char *, int, frame_data *, proto_tree *);
void dissect_icmpv6(const u_char *, int, frame_data *, proto_tree *);
void dissect_ipp(const u_char *, int, frame_data *, proto_tree *);
void dissect_ipv6(const u_char *, int, frame_data *, proto_tree *);
void dissect_ipx(const u_char *, int, frame_data *, proto_tree *);
+void dissect_irc(const u_char *, int, frame_data *, proto_tree *);
+void dissect_isis(const u_char *, int, frame_data *, proto_tree *);
+void dissect_ldap(const u_char *, int, frame_data *, proto_tree *);
void dissect_llc(const u_char *, int, frame_data *, proto_tree *);
void dissect_lpd(const u_char *, int, frame_data *, proto_tree *);
+void dissect_mapi(const u_char *, int, frame_data *, proto_tree *);
void dissect_nbdgm(const u_char *, int, frame_data *, proto_tree *);
void dissect_netbios(const u_char *, int, frame_data *, proto_tree *);
void dissect_nbipx(const u_char *, int, frame_data *, proto_tree *);
void dissect_pppoes(const u_char *, int, frame_data *, proto_tree *);
void dissect_icp(const u_char *,int, frame_data *, proto_tree *);
void dissect_icq(const u_char *,int, frame_data *, proto_tree *);
+void dissect_imap(const u_char *,int, frame_data *, proto_tree *);
void dissect_isakmp(const u_char *, int, frame_data *, proto_tree *);
void dissect_pim(const u_char *, int, frame_data *, proto_tree *);
+void dissect_q931(const u_char *, int, frame_data *, proto_tree *);
+void dissect_q2931(const u_char *, int, frame_data *, proto_tree *);
void dissect_radius(const u_char *, int, frame_data *, proto_tree *);
+void dissect_l2tp(const u_char *, int, frame_data *, proto_tree *);
void dissect_rip(const u_char *, int, frame_data *, proto_tree *);
void dissect_ripng(const u_char *, int, frame_data *, proto_tree *);
void dissect_rsvp(const u_char *, int, frame_data *, proto_tree *);
void dissect_rtsp(const u_char *, int, frame_data *, proto_tree *);
void dissect_rx(const u_char *, int, frame_data *, proto_tree *);
+void dissect_sap(const u_char *, int, frame_data *, proto_tree *);
void dissect_sdp(const u_char *, int, frame_data *, proto_tree *);
void dissect_sna(const u_char *, int, frame_data *, proto_tree *);
void dissect_snmp(const u_char *, int, frame_data *, proto_tree *);
+void dissect_sscop(const u_char *, int, frame_data *, proto_tree *);
+void dissect_tacacs(const u_char *, int, frame_data *, proto_tree *);
+void dissect_tacplus(const u_char *, int, frame_data *, proto_tree *);
void dissect_tcp(const u_char *, int, frame_data *, proto_tree *);
void dissect_telnet(const u_char *, int, frame_data *, proto_tree *);
void dissect_tftp(const u_char *, int, frame_data *, proto_tree *);
+void dissect_tns(const u_char *, int, frame_data *, proto_tree *);
void dissect_tr(const u_char *, int, frame_data *, proto_tree *);
void dissect_trmac(const u_char *, int, frame_data *, proto_tree *);
void dissect_udp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_rtp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_spp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vlan(const u_char *, int, frame_data *, proto_tree *);
+void dissect_vrrp(const u_char *, int, frame_data *, proto_tree *);
+void dissect_wccp(const u_char *, int, frame_data *, proto_tree *);
+void dissect_who(const u_char *, int, frame_data *, proto_tree *);
void dissect_payload_ppp(const u_char *, int, frame_data *, proto_tree *);
void dissect_x25(const u_char *, int, frame_data *, proto_tree *);
void dissect_yhoo(const u_char *, int, frame_data *, proto_tree *);
+void dissect_srvloc(const u_char *, int, frame_data *, proto_tree *);
void dissect_smb(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_pptp(const u_char *, int, frame_data *, proto_tree *);
void dissect_gre(const u_char *, int, frame_data *, proto_tree *);
-void dissect_rpc(const u_char *, int, frame_data *, proto_tree *, guint32, void*);
+/*
+ * Routines in packet-*.c
+ * Routines should take four args: packet data *, offset, frame_data *,
+ * tree *
+ * They should never modify the packet data.
+ * They should return TRUE if the packet is of the type the routine would
+ * dissect, FALSE otherwise.
+ */
+gboolean dissect_rpc(const u_char *, int, frame_data *, proto_tree *);
void init_dissect_rpc(void);
void init_dissect_udp(void);
proto_tree *fh_tree, int item_id);
extern const value_string etype_vals[];
-/* These functions are in packet-arp.c */
-gchar *arphrdaddr_to_str(guint8 *ad, int ad_len, guint16 type);
-gchar *arphrdtype_to_str(guint16 hwtype, const char *fmt);
-
/* ipproto.c */
extern const char *ipprotostr(int proto);