- struct _gtp_hdr gtp_hdr;
- proto_tree *gtp_tree, *flags_tree, *ext_tree;
- proto_item *ti, *tf, *item;
- int i, offset, length, gtp_prime, checked_field, mandatory;
- int seq_no=0, flow_label=0;
- guint8 pdu_no, next_hdr = 0, ext_hdr_val, noOfExtHdrs = 0, ext_hdr_length;
- gchar *tid_str;
- guint32 teid = 0;
- tvbuff_t *next_tvb;
- guint8 sub_proto, acfield_len = 0, control_field;
- gtp_msg_hash_t *gcrp=NULL;
- conversation_t *conversation=NULL;
- gtp_conv_info_t *gtp_info;
- void* pd_save;
-
-
- col_set_str(pinfo->cinfo, COL_PROTOCOL, "GTP");
- col_clear(pinfo->cinfo, COL_INFO);
-
- /*
- * Do we have a conversation for this connection?
- */
- conversation = find_or_create_conversation(pinfo);
-
- /*
- * Do we already know this conversation?
- */
- gtp_info = conversation_get_proto_data(conversation, proto_gtp);
- if (gtp_info == NULL) {
- /* No. Attach that information to the conversation, and add
- * it to the list of information structures.
- */
- gtp_info = g_malloc(sizeof(gtp_conv_info_t));
- /*Request/response matching tables*/
- gtp_info->matched = g_hash_table_new(gtp_sn_hash, gtp_sn_equal_matched);
- gtp_info->unmatched = g_hash_table_new(gtp_sn_hash, gtp_sn_equal_unmatched);
-
- conversation_add_proto_data(conversation, proto_gtp, gtp_info);
-
- gtp_info->next = gtp_info_items;
- gtp_info_items = gtp_info;
- }
- pd_save = pinfo->private_data;
- pinfo->private_data = gtp_info;
-
- tvb_memcpy(tvb, (guint8 *) & gtp_hdr, 0, 4);
-
- if (!(gtp_hdr.flags & 0x10))
- gtp_prime = 1;
- else
- gtp_prime = 0;
-
- switch ((gtp_hdr.flags >> 5) & 0x07) {
- case 0:
- gtp_version = 0;
- break;
- case 1:
- gtp_version = 1;
- break;
- default:
- gtp_version = 1;
- break;
- }
-
- col_add_str(pinfo->cinfo, COL_INFO, val_to_str_ext_const(gtp_hdr.message, >p_message_type_ext, "Unknown"));
-
- if (tree) {
- ti = proto_tree_add_item(tree, proto_gtp, tvb, 0, -1, ENC_NA);
- gtp_tree = proto_item_add_subtree(ti, ett_gtp);
-
- tf = proto_tree_add_uint(gtp_tree, hf_gtp_flags, tvb, 0, 1, gtp_hdr.flags);
- flags_tree = proto_item_add_subtree(tf, ett_gtp_flags);
-
- if(gtp_prime==0){
- proto_tree_add_uint(flags_tree, hf_gtp_flags_ver, tvb, 0, 1, gtp_hdr.flags);
- }else{
- proto_tree_add_uint(flags_tree, hf_gtp_prime_flags_ver, tvb, 0, 1, gtp_hdr.flags);
- }
-
- proto_tree_add_uint(flags_tree, hf_gtp_flags_pt, tvb, 0, 1, gtp_hdr.flags);
-
- if((gtp_prime==1)||(gtp_version==0)){
- proto_tree_add_uint(flags_tree, hf_gtp_flags_spare1, tvb, 0, 1, gtp_hdr.flags);
- proto_tree_add_boolean(flags_tree, hf_gtp_flags_snn, tvb, 0, 1, gtp_hdr.flags);
- }else{
- proto_tree_add_uint(flags_tree, hf_gtp_flags_spare2, tvb, 0, 1, gtp_hdr.flags);
- proto_tree_add_boolean(flags_tree, hf_gtp_flags_e, tvb, 0, 1, gtp_hdr.flags);
- proto_tree_add_boolean(flags_tree, hf_gtp_flags_s, tvb, 0, 1, gtp_hdr.flags);
- proto_tree_add_boolean(flags_tree, hf_gtp_flags_pn, tvb, 0, 1, gtp_hdr.flags);
- }
-
- proto_tree_add_uint(gtp_tree, hf_gtp_message_type, tvb, 1, 1, gtp_hdr.message);
-
- gtp_hdr.length = g_ntohs(gtp_hdr.length);
- proto_tree_add_uint(gtp_tree, hf_gtp_length, tvb, 2, 2, gtp_hdr.length);
-
- offset = 4;
-
- if (gtp_prime) {
- seq_no = tvb_get_ntohs(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_seq_number, tvb, offset, 2, seq_no);
- offset += 2;
- } else
- switch (gtp_version) {
- case 0:
- seq_no = tvb_get_ntohs(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_seq_number, tvb, offset, 2, seq_no);
- offset += 2;
-
- flow_label = tvb_get_ntohs(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_flow_label, tvb, offset, 2, flow_label);
- offset += 2;
-
- pdu_no = tvb_get_guint8(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_sndcp_number, tvb, offset, 1, pdu_no);
- offset += 4;
-
- tid_str = id_to_str(tvb, offset);
- proto_tree_add_string(gtp_tree, hf_gtp_tid, tvb, offset, 8, tid_str);
- offset += 8;
- break;
- case 1:
- teid = tvb_get_ntohl(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_teid, tvb, offset, 4, teid);
- offset += 4;
-
- /* Are sequence number/N-PDU Number/extension header present? */
- if (gtp_hdr.flags & 0x07) {
- seq_no = tvb_get_ntohs(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_seq_number, tvb, offset, 2, seq_no);
- offset += 2;
-
- pdu_no = tvb_get_guint8(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_npdu_number, tvb, offset, 1, pdu_no);
- offset++;
-
- next_hdr = tvb_get_guint8(tvb, offset);
-
- /* Don't add extension header, we'll add a subtree for that */
- /* proto_tree_add_uint(gtp_tree, hf_gtp_next, tvb, offset, 1, next_hdr); */
-
- offset++;
-
- /* Change to while? */
- if (next_hdr) {
-
- /* TODO Add support for more than one extension header */
-
- noOfExtHdrs++;
-
- tf = proto_tree_add_uint(gtp_tree, hf_gtp_ext_hdr, tvb, offset, 4, next_hdr);
- ext_tree = proto_item_add_subtree(tf, ett_gtp_ext_hdr);
-
- /* PDCP PDU
- * 3GPP 29.281 v9.0.0, 5.2.2.2 PDCP PDU Number
- *
- * "This extension header is transmitted, for example in UTRAN, at SRNS relocation time,
- * to provide the PDCP sequence number of not yet acknowledged N-PDUs. It is 4 octets long,
- * and therefore the Length field has value 1.
- *
- * When used between two eNBs at the X2 interface in E-UTRAN, bits 5-8 of octet 2 are spare.
- * The meaning of the spare bits shall be set to zero.
- *
- * Wireshark Note: TS 29.060 does not define bit 5-6 as spare, so no check is possible unless a preference is used.
- */
- if (next_hdr == GTP_EXT_HDR_PDCP_SN) {
-
- /* First byte is length (should be 1) */
- ext_hdr_length = tvb_get_guint8(tvb, offset);
- if (ext_hdr_length != 1) {
- expert_add_info_format(pinfo, ext_tree, PI_PROTOCOL, PI_WARN, "The length field for the PDCP SN Extension header should be 1.");
- }
- proto_tree_add_item(ext_tree, hf_gtp_ext_hdr_length, tvb, offset,1, ENC_BIG_ENDIAN);
- offset++;
-
- proto_tree_add_item(ext_tree, hf_gtp_ext_hdr_pdcpsn, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- /* Last is next_hdr */
- next_hdr = tvb_get_guint8(tvb, offset);
- item = proto_tree_add_item(ext_tree, hf_gtp_ext_hdr_next, tvb, offset, 1, ENC_BIG_ENDIAN);
-
- if (next_hdr) {
- expert_add_info_format(pinfo, item, PI_UNDECODED, PI_WARN, "Can't decode more than one extension header.");
- }
- offset++;
- }
- }
- }
- break;
- default:
- break;
- }
-
- if (gtp_hdr.message != GTP_MSG_TPDU) {
- /* TODO: This code should be cleaned up to handle more than one
- * header and possibly display the header content */
- if (next_hdr) {
- offset++;
- switch (next_hdr) {
- case 1:
- /* MBMS support indication */
- proto_tree_add_text(gtp_tree, tvb, offset, 4, "[--- MBMS support indication header ---]");
- offset += 3;
- break;
- case 2:
- /* MS Info Change Reporting support indication */
- proto_tree_add_text(gtp_tree, tvb, offset, 4, "[--- MS Info Change Reporting support indication header ---]");
- offset += 3;
- break;
- case 0xc0:
- /* PDCP PDU number */
- proto_tree_add_text(gtp_tree, tvb, offset, 4, "[--- PDCP PDU number header ---]");
- offset += 3;
- break;
- case 0xc1:
- /* Suspend Request */
- proto_tree_add_text(gtp_tree, tvb, offset, 4, "[--- Suspend Request header ---]");
- offset += 3;
- break;
- case 0xc2:
- /* Suspend Response */
- proto_tree_add_text(gtp_tree, tvb, offset, 4, "[--- Suspend Response header ---]");
- offset += 3;
- break;
- default:
- proto_tree_add_text(gtp_tree, tvb, offset, 4, "[--- Unknown extension header ---]");
- offset += 3;
- break;
- }
- next_hdr = tvb_get_guint8(tvb, offset);
- proto_tree_add_uint(gtp_tree, hf_gtp_next, tvb, offset, 1, next_hdr);
- offset++;
- }
- /* proto_tree_add_text(gtp_tree, tvb, 0, 0, "[--- end of GTP header, beginning of extension headers ---]");*/
- length = tvb_length(tvb);
- mandatory = 0; /* check order of GTP fields against ETSI */
- for (;;) {
- if (offset >= length)
- break;
- if (next_hdr) {
- ext_hdr_val = next_hdr;
- next_hdr = 0;
- } else
- ext_hdr_val = tvb_get_guint8(tvb, offset);
- if (g_gtp_etsi_order) {
- checked_field = check_field_presence(gtp_hdr.message, ext_hdr_val, (int *) &mandatory);
- switch (checked_field) {
- case -2:
- proto_tree_add_text(gtp_tree, tvb, 0, 0, "[WARNING] message not found");
- break;
- case -1:
- proto_tree_add_text(gtp_tree, tvb, 0, 0, "[WARNING] field not present");
- break;
- case 0:
- break;
- default:
- proto_tree_add_text(gtp_tree, tvb, offset, 1, "[WARNING] wrong next field, should be: %s",
- val_to_str_ext_const(checked_field, >p_val_ext, "Unknown extension field"));
- break;
- }
- }
-
- i = -1;
- while (gtpopt[++i].optcode)
- if (gtpopt[i].optcode == ext_hdr_val)
- break;
- offset = offset + (*gtpopt[i].decode) (tvb, offset, pinfo, gtp_tree);
- }
-
- /*Use sequence number to track Req/Resp pairs*/
- if (seq_no) {
- gcrp = gtp_match_response(tvb, pinfo, gtp_tree, seq_no, gtp_hdr.message);
- /*pass packet to tap for response time reporting*/
- if (gcrp) {
- tap_queue_packet(gtp_tap,pinfo,gcrp);
- }
- }
- }
- proto_item_set_len (ti, offset);
- }
-
- if ((gtp_hdr.message == GTP_MSG_TPDU) && g_gtp_tpdu) {
-
- if (gtp_prime)
- offset = 6;
- else if (gtp_version == 1) {
- if (gtp_hdr.flags & 0x07) {
- offset = 11;
- if (tvb_get_guint8(tvb, offset) == 0)
- offset++;
- } else
- offset = 8;
- } else
- offset = 20;
-
- /* Can only handle one extension header type... */
- if (noOfExtHdrs != 0) offset+= 1 + noOfExtHdrs*4;