这篇教程C++ tap_queue_packet函数代码示例写得很实用,希望能帮到您。
本文整理汇总了C++中tap_queue_packet函数的典型用法代码示例。如果您正苦于以下问题:C++ tap_queue_packet函数的具体用法?C++ tap_queue_packet怎么用?C++ tap_queue_packet使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。 在下文中一共展示了tap_queue_packet函数的27个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。 示例1: dissect_h225_h225_RasMessagestatic intdissect_h225_h225_RasMessage(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){ proto_item *it; proto_tree *tr; guint32 offset=0; pi_current++; if(pi_current==5){ pi_current=0; } h225_pi=&pi_arr[pi_current]; /* Init struct for collecting h225_packet_info */ reset_h225_packet_info(h225_pi); h225_pi->msg_type = H225_RAS; col_set_str(pinfo->cinfo, COL_PROTOCOL, PSNAME); it=proto_tree_add_protocol_format(tree, proto_h225, tvb, offset, tvb_length(tvb), PSNAME" RAS"); tr=proto_item_add_subtree(it, ett_h225); offset = dissect_RasMessage_PDU(tvb, pinfo, tr); ras_call_matching(tvb, pinfo, tr, h225_pi); tap_queue_packet(h225_tap, pinfo, h225_pi); return offset;}
开发者ID:AkhilaAG,项目名称:gluster-wireshark-1.4,代码行数:29,
示例2: export_pdustatic void export_pdu(tvbuff_t *tvb, packet_info* pinfo, char *proto_name){ if (have_tap_listener(exported_pdu_tap)) { static const exp_pdu_data_item_t *user_encap_exp_pdu_items[] = { &exp_pdu_data_orig_frame_num, NULL }; exp_pdu_data_t *exp_pdu_data = export_pdu_create_tags(pinfo, proto_name, EXP_PDU_TAG_PROTO_NAME, user_encap_exp_pdu_items); exp_pdu_data->tvb_captured_length = tvb_captured_length(tvb); exp_pdu_data->tvb_reported_length = tvb_reported_length(tvb); exp_pdu_data->pdu_tvb = tvb; tap_queue_packet(exported_pdu_tap, pinfo, exp_pdu_data); }}
开发者ID:acaceres2176,项目名称:wireshark,代码行数:16,
示例3: dissect_teredostatic voiddissect_teredo(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){ proto_tree *teredo_tree; proto_item *ti; int offset = 0; static e_teredohdr teredohstruct[4], *teredoh; static int teredoh_count = 0; teredoh_count++; if(teredoh_count>=4){ teredoh_count=0; } teredoh = &teredohstruct[teredoh_count]; col_set_str(pinfo->cinfo, COL_PROTOCOL, "Teredo"); col_clear(pinfo->cinfo, COL_INFO); if (tree) { ti = proto_tree_add_item(tree, proto_teredo, tvb, 0, -1, ENC_NA); teredo_tree = proto_item_add_subtree(ti, ett_teredo); } else teredo_tree = NULL; teredoh->th_header = tvb_get_ntohs(tvb, offset); if (teredoh->th_header == 1) { offset = parse_teredo_auth(tvb, pinfo, teredo_tree, offset, teredoh); teredoh->th_header = tvb_get_ntohs(tvb, offset); } else teredoh->th_indtyp = 0; if ( teredoh->th_header == 0 ) { offset = parse_teredo_orig(tvb, pinfo, teredo_tree, offset, teredoh); } teredoh->th_ip_v_hl = tvb_get_guint8(tvb, offset); decode_teredo_ports(tvb, offset, pinfo, tree, teredoh->th_header /* , teredoh->th_orgport*/); tap_queue_packet(teredo_tap, pinfo, teredoh);}
开发者ID:danielwhite84,项目名称:wireshark,代码行数:45,
示例4: dissect_actrace_isdn/* Dissect an individual actrace ISDN message */static void dissect_actrace_isdn(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_tree *actrace_tree){ /* Declare variables */ gint len; gint32 value, trunk; tvbuff_t *next_tvb; int offset = 0; len = tvb_get_ntohs(tvb, 44); value = tvb_get_ntohl(tvb, offset+4); proto_tree_add_int(actrace_tree, hf_actrace_isdn_direction, tvb, offset+4, 4, value); offset += 8; trunk = tvb_get_ntohs(tvb, offset); proto_tree_add_int(actrace_tree, hf_actrace_isdn_trunk, tvb, offset, 2, trunk); offset = 44; proto_tree_add_int(actrace_tree, hf_actrace_isdn_length, tvb, offset, 2, len); /* if it is a q931 packet (we don't want LAPD packets for Voip Graph) add tap info */ if (len > 4) { /* Initialise packet info for passing to tap */ actrace_pi = ep_new(actrace_info_t); actrace_pi->type = ACTRACE_ISDN; actrace_pi->direction = (value==PSTN_TO_BLADE?1:0); actrace_pi->trunk = trunk; /* Report this packet to the tap */ tap_queue_packet(actrace_tap, pinfo, actrace_pi); } /* Dissect lapd payload */ offset += 2 ; next_tvb = tvb_new_subset(tvb, offset, len, len); call_dissector(lapd_handle, next_tvb, pinfo, tree); col_set_str(pinfo->cinfo, COL_PROTOCOL, "AC_ISDN"); col_prepend_fstr(pinfo->cinfo, COL_INFO, "Trunk:%d Blade %s PSTN " , trunk, value==PSTN_TO_BLADE?"<--":"-->");}
开发者ID:hubolo,项目名称:wireshark-1.8.0,代码行数:45,
示例5: dissect_sv/** Dissect SV PDUs inside a PPDU.*/static voiddissect_sv(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree){ int offset = 0; int old_offset; proto_item *item; proto_tree *tree; asn1_ctx_t asn1_ctx; asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); item = proto_tree_add_item(parent_tree, proto_sv, tvb, 0, -1, ENC_NA); tree = proto_item_add_subtree(item, ett_sv); col_set_str(pinfo->cinfo, COL_PROTOCOL, PNAME); col_clear(pinfo->cinfo, COL_INFO); /* APPID */ proto_tree_add_item(tree, hf_sv_appid, tvb, offset, 2, ENC_BIG_ENDIAN); /* Length */ proto_tree_add_item(tree, hf_sv_length, tvb, offset + 2, 2, ENC_BIG_ENDIAN); /* Reserved 1 */ proto_tree_add_item(tree, hf_sv_reserve1, tvb, offset + 4, 2, ENC_BIG_ENDIAN); /* Reserved 2 */ proto_tree_add_item(tree, hf_sv_reserve2, tvb, offset + 6, 2, ENC_BIG_ENDIAN); offset = 8; while (tvb_reported_length_remaining(tvb, offset) > 0){ old_offset = offset; offset = dissect_sv_SampledValues(FALSE, tvb, offset, &asn1_ctx , tree, -1); if (offset == old_offset) { proto_tree_add_expert(tree, pinfo, &ei_sv_zero_pdu, tvb, offset, -1); break; } } if(tree) tap_queue_packet(sv_tap, pinfo, &sv_data);}
开发者ID:Nicholas1126,项目名称:wireshark-ex,代码行数:45,
示例6: dissect_h225_H323UserInformationstatic intdissect_h225_H323UserInformation(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){ proto_item *it; proto_tree *tr; int offset = 0; pi_current++; if(pi_current==5){ pi_current=0; } h225_pi=&pi_arr[pi_current]; /* Init struct for collecting h225_packet_info */ reset_h225_packet_info(h225_pi); h225_pi->msg_type = H225_CS; next_tvb_init(&h245_list); next_tvb_init(&tp_list); col_set_str(pinfo->cinfo, COL_PROTOCOL, PSNAME); col_clear(pinfo->cinfo, COL_INFO); it=proto_tree_add_protocol_format(tree, proto_h225, tvb, 0, tvb_length(tvb), PSNAME" CS"); tr=proto_item_add_subtree(it, ett_h225); offset = dissect_H323_UserInformation_PDU(tvb, pinfo, tr); if (h245_list.count){ col_append_str(pinfo->cinfo, COL_PROTOCOL, "/"); col_set_fence(pinfo->cinfo, COL_PROTOCOL); } next_tvb_call(&h245_list, pinfo, tree, h245dg_handle, data_handle); next_tvb_call(&tp_list, pinfo, tree, NULL, data_handle); tap_queue_packet(h225_tap, pinfo, h225_pi); return offset;}
开发者ID:AkhilaAG,项目名称:gluster-wireshark-1.4,代码行数:40,
示例7: _dissect_uasip//.........这里部分代码省略......... if ((length >= 1) && (length <= 4)) { proto_tree_add_item(connect_tree, hf_uasip_qos_8021_vlid, tvb, offset, length, ENC_BIG_ENDIAN); } else { expert_add_info_format(pinfo, tlv_len_item, &ei_uasip_tlv_length, "Invalid length %d", length); } break; case UAUDP_CONNECT_QOS_8021_PRI: if ((length >= 1) && (length <= 4)) { proto_tree_add_item(connect_tree, hf_uasip_qos_8021_pri, tvb, offset, length, ENC_BIG_ENDIAN); } else { expert_add_info_format(pinfo, tlv_len_item, &ei_uasip_tlv_length, "Invalid length %d", length); } break; default: break; } offset += length; } } break; case UAUDP_NACK: { proto_tree_add_item_ret_uint(uasip_tree, hf_uasip_expseq, tvb, offset, 2, ENC_BIG_ENDIAN, &ua_tap_info.expseq); /*offset += 2;*/ if (noesip_enabled) { col_add_fstr(pinfo->cinfo, COL_INFO, "NACK"); } else { col_add_fstr(pinfo->cinfo, COL_INFO, "NACK exp:%d", ua_tap_info.expseq); } } break; case UAUDP_DATA: { int datalen; proto_tree_add_item_ret_uint(uasip_tree, hf_uasip_expseq, tvb, offset+0, 2, ENC_BIG_ENDIAN, &ua_tap_info.expseq); proto_tree_add_item_ret_uint(uasip_tree, hf_uasip_sntseq, tvb, offset+2, 2, ENC_BIG_ENDIAN, &ua_tap_info.sntseq); offset += 4; datalen = tvb_reported_length_remaining(tvb, offset); if (noesip_enabled) { if (datalen > 0) { if (direction == SYS_TO_TERM) { call_dissector(ua_sys_to_term_handle, tvb_new_subset_length(tvb, offset, datalen), pinfo, tree); } else if (direction == TERM_TO_SYS) { call_dissector(ua_term_to_sys_handle, tvb_new_subset_length(tvb, offset, datalen), pinfo, tree); } else { col_add_str(pinfo->cinfo, COL_INFO, "DATA - Couldn't resolve direction."); } } else { col_add_str(pinfo->cinfo, COL_INFO, "ACK"); } } else { if (datalen > 0) { col_add_fstr(pinfo->cinfo, COL_INFO, "DATA exp:%d", ua_tap_info.expseq); col_append_fstr(pinfo->cinfo, COL_INFO, " snt:%d", ua_tap_info.sntseq); } else { col_add_fstr(pinfo->cinfo, COL_INFO, "ACK exp:%d", ua_tap_info.expseq); col_append_fstr(pinfo->cinfo, COL_INFO, " snt:%d", ua_tap_info.sntseq); } } } break; default: break; }#if 0 tap_queue_packet(uasip_tap, pinfo, &ua_tap_info);#endif}
开发者ID:alagoutte,项目名称:wireshark,代码行数:101,
示例8: _dissect_uaudp//.........这里部分代码省略......... rV(uaudp_tree, &hf_uaudp_window_size , tvb, offset, L); break; case UAUDP_CONNECT_MTU: rV(uaudp_tree, &hf_uaudp_mtu , tvb, offset, L); break; case UAUDP_CONNECT_UDP_LOST: rV(uaudp_tree, &hf_uaudp_udp_lost , tvb, offset, L); break; case UAUDP_CONNECT_UDP_LOST_REINIT: rV(uaudp_tree, &hf_uaudp_udp_lost_reinit, tvb, offset, L); break; case UAUDP_CONNECT_KEEPALIVE: rV(uaudp_tree, &hf_uaudp_keepalive , tvb, offset, L); break; case UAUDP_CONNECT_QOS_IP_TOS: rV(uaudp_tree, &hf_uaudp_qos_ip_tos , tvb, offset, L); break; case UAUDP_CONNECT_QOS_8021_VLID: rV(uaudp_tree, &hf_uaudp_qos_8021_vlid , tvb, offset, L); break; case UAUDP_CONNECT_QOS_8021_PRI: rV(uaudp_tree, &hf_uaudp_qos_8021_pri , tvb, offset, L); break; } offset += (2 + L); } break; } case UAUDP_NACK: { proto_tree_add_uint(uaudp_tree, hf_uaudp_expseq, tvb, offset, 2, tvb_get_ntohs(tvb, offset)); break; } case UAUDP_DATA: { int datalen; proto_tree_add_uint(uaudp_tree, hf_uaudp_expseq, tvb, offset+0, 2, tvb_get_ntohs(tvb, offset+0)); proto_tree_add_uint(uaudp_tree, hf_uaudp_sntseq, tvb, offset+2, 2, tvb_get_ntohs(tvb, offset+2)); ua_tap_info.expseq = hf_uaudp_expseq; ua_tap_info.sntseq = hf_uaudp_sntseq; offset += 4; datalen = tvb_reported_length(tvb) - offset; /* if there is remaining data, call the UA dissector */ if (datalen > 0) { if (direction == SYS_TO_TERM) call_dissector(ua_sys_to_term_handle, tvb_new_subset(tvb, offset, datalen, datalen), pinfo, tree); else if (direction == TERM_TO_SYS) call_dissector(ua_term_to_sys_handle, tvb_new_subset(tvb, offset, datalen, datalen), pinfo, tree); else { /* XXX: expert ?? */ col_set_str(pinfo->cinfo, COL_INFO, "Data - Couldn't resolve direction. Check UAUDP Preferences."); } ua_tap_info.expseq = hf_uaudp_expseq; } else { /* print in "INFO" column */ col_set_str(pinfo->cinfo, COL_INFO, "Data ACK"); } break; } default: break; }#if 0 tap_queue_packet(uaudp_tap, pinfo, &ua_tap_info);#endif}
开发者ID:huzhiren,项目名称:wireshark,代码行数:101,
示例9: dissect_file_record//.........这里部分代码省略......... CATCH_BOUNDS_AND_DISSECTOR_ERRORS { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; if(proto_field_is_referenced(tree, hf_file_protocols)) { wmem_strbuf_t *val = wmem_strbuf_new(wmem_packet_scope(), ""); wmem_list_frame_t *frame; /* skip the first entry, it's always the "frame" protocol */ frame = wmem_list_frame_next(wmem_list_head(pinfo->layers)); if (frame) { wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame)))); frame = wmem_list_frame_next(frame); } while (frame) { wmem_strbuf_append_c(val, ':'); wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame)))); frame = wmem_list_frame_next(frame); } ti = proto_tree_add_string(fh_tree, hf_file_protocols, tvb, 0, 0, wmem_strbuf_get_str(val)); PROTO_ITEM_SET_GENERATED(ti); } /* Call postdissectors if we have any (while trying to avoid another * TRY/CATCH) */ if (have_postdissector()) { TRY {#ifdef _MSC_VER /* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions like memory access violations */ /* (a running debugger will be called before the except part below) */ /* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling) stack in an inconsistent state thus causing a crash at some point in the handling of the exception. See: https://www.wireshark.org/lists/wireshark-dev/200704/msg00243.html */ __try {#endif call_all_postdissectors(tvb, pinfo, parent_tree);#ifdef _MSC_VER } __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) { switch(GetExceptionCode()) { case(STATUS_ACCESS_VIOLATION): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address"); break; case(STATUS_INTEGER_DIVIDE_BY_ZERO): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero"); break; case(STATUS_STACK_OVERFLOW): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)"); /* XXX - this will have probably corrupted the stack, which makes problems later in the exception code */ break; /* XXX - add other hardware exception codes as required */ default: show_exception(tvb, pinfo, parent_tree, DissectorError, g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode())); } }#endif } CATCH_BOUNDS_AND_DISSECTOR_ERRORS { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; } /* Attempt to (re-)calculate color filters (if any). */ if (pinfo->fd->flags.need_colorize) { color_filter = color_filters_colorize_packet(file_data->color_edt); pinfo->fd->color_filter = color_filter; pinfo->fd->flags.need_colorize = 0; } else { color_filter = pinfo->fd->color_filter; } if (color_filter) { pinfo->fd->color_filter = color_filter; item = proto_tree_add_string(fh_tree, hf_file_color_filter_name, tvb, 0, 0, color_filter->filter_name); PROTO_ITEM_SET_GENERATED(item); item = proto_tree_add_string(fh_tree, hf_file_color_filter_text, tvb, 0, 0, color_filter->filter_text); PROTO_ITEM_SET_GENERATED(item); } tap_queue_packet(file_tap, pinfo, NULL); if (pinfo->frame_end_routines) { g_slist_foreach(pinfo->frame_end_routines, &call_file_record_end_routine, NULL); g_slist_free(pinfo->frame_end_routines); pinfo->frame_end_routines = NULL; } return tvb_captured_length(tvb);}
开发者ID:DHODoS,项目名称:wireshark,代码行数:101,
示例10: dissect_ncp_common//.........这里部分代码省略......... if (conversation != NULL) { /* find the record telling us the * request made that caused this * reply */ request_value = mncp_hash_lookup(conversation, nw_connection, header.task); /* if for some reason we have no * conversation in our hash, create * one */ if (request_value == NULL) { mncp_hash_insert(conversation, nw_connection, header.task, pinfo); } } else { /* It's not part of any conversation * - create a new one. */ conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_NCP, (guint32) pinfo->srcport, (guint32) pinfo->destport, 0); mncp_hash_insert(conversation, nw_connection, header.task, pinfo); } /* find the record telling us the request * made that caused this reply */ } else { request_value = mncp_hash_lookup(conversation, nw_connection, header.task); if (request_value) { if ((request_value->session_start_packet_num == pinfo->fd->num) && ncp_echo_conn) { expert_add_info_format(pinfo, NULL, &ei_ncp_new_server_session, "Detected New Server Session. Connection %d, Task %d", nw_connection, header.task); } } } } tap_queue_packet(ncp_tap.hdr, pinfo, ncp_hdr); col_add_str(pinfo->cinfo, COL_INFO, val_to_str(header.type, ncp_type_vals, "Unknown type (0x%04x)")); /* * Process the packet-type-specific header. */ switch (header.type) { case NCP_BROADCAST_SLOT: /* Server Broadcast */ proto_tree_add_uint(ncp_tree, hf_ncp_seq, tvb, commhdr + 2, 1, header.sequence); proto_tree_add_uint(ncp_tree, hf_ncp_connection,tvb, commhdr + 3, 3, nw_connection); proto_tree_add_item(ncp_tree, hf_ncp_task, tvb, commhdr + 4, 1, ENC_BIG_ENDIAN); proto_tree_add_item(ncp_tree, hf_ncp_oplock_flag, tvb, commhdr + 9, 1, tvb_get_guint8(tvb, commhdr+9)); proto_tree_add_item(ncp_tree, hf_ncp_oplock_handle, tvb, commhdr + 10, 4, ENC_BIG_ENDIAN); if ((tvb_get_guint8(tvb, commhdr+9)==0x24) && ncp_echo_file) { expert_add_info_format(pinfo, NULL, &ei_ncp_oplock_handle, "Server requesting station to clear oplock on handle - %08x", tvb_get_ntohl(tvb, commhdr+10)); } break; case NCP_LIP_ECHO: /* Lip Echo Packet */ proto_tree_add_item(ncp_tree, hf_lip_echo, tvb, commhdr, 13, ENC_ASCII|ENC_NA); break; case NCP_BURST_MODE_XFER: /* Packet Burst Packet */ /* * XXX - we should keep track of whether there's a burst * outstanding on a connection and, if not, treat the * beginning of the data as a burst header. * * The burst header contains: *
开发者ID:hashbrowncipher,项目名称:wireshark,代码行数:67,
示例11: dissect_eth_espstatic void dissect_eth_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){ e_eth_esphdr *eth_esph; tvbuff_t *next_tvb; guint length_remaining; int offset = 0; guint len; gchar *flags = "<None>"; const gchar *fstr[] = {"SYN", "ACK", "FIN", "RST", "RRQ", "TXS", "TXF", "XXX" }; gint i; guint bpos; size_t fpos = 0, returned_length; eth_esph = ep_alloc(sizeof(e_eth_esphdr)); eth_esph->eh_dport = tvb_get_ntohs(tvb, 0); eth_esph->eh_sport = tvb_get_ntohs(tvb, 2); eth_esph->eh_pkt_seq = tvb_get_ntohs(tvb, 4); eth_esph->eh_ack_seq = tvb_get_ntohs(tvb, 6); eth_esph->eh_len = tvb_get_ntohs(tvb, 8); eth_esph->eh_flags = tvb_get_guint8(tvb, 10); /* set protocol name */ if (check_col(pinfo->cinfo, COL_PROTOCOL)) { col_set_str(pinfo->cinfo, COL_PROTOCOL, "ETH_ESP"); } /* Set info column */ if (check_col(pinfo->cinfo, COL_INFO)) { col_clear(pinfo->cinfo, COL_INFO); col_append_fstr(pinfo->cinfo, COL_INFO, "%u > %u", eth_esph->eh_sport, eth_esph->eh_dport); } /* Set tree info */ if (tree) { proto_item *ti = NULL, *tf; proto_tree *eth_esp_tree = NULL, *field_tree = NULL; ti = proto_tree_add_item(tree, proto_eth_esp_plugin, tvb, 0, ETH_ESP_PACKET_SIZE, FALSE); eth_esp_tree = proto_item_add_subtree(ti, ett_eth_esp); /* items */ proto_tree_add_item(eth_esp_tree, hf_eth_esp_dstport, tvb, offset, 2, FALSE); offset += 2; proto_tree_add_item(eth_esp_tree, hf_eth_esp_srcport, tvb, offset, 2, FALSE); offset += 2; proto_tree_add_item(eth_esp_tree, hf_eth_esp_pkt_seq, tvb, offset, 2, FALSE); offset += 2; proto_tree_add_item(eth_esp_tree, hf_eth_esp_ack_seq, tvb, offset, 2, FALSE); offset += 2; proto_tree_add_item(eth_esp_tree, hf_eth_esp_len, tvb, offset, 2, FALSE); offset += 2; tf = proto_tree_add_item(eth_esp_tree, hf_eth_esp_flags, tvb, offset, 1, FALSE); field_tree = proto_item_add_subtree(tf, ett_eth_esp_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_syn, tvb, offset, 1, eth_esph->eh_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_ack, tvb, offset, 1, eth_esph->eh_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_fin, tvb, offset, 1, eth_esph->eh_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_rst, tvb, offset, 1, eth_esph->eh_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_rrq, tvb, offset, 1, eth_esph->eh_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_txs, tvb, offset, 1, eth_esph->eh_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_txf, tvb, offset, 1, eth_esph->eh_flags); proto_tree_add_boolean(field_tree, hf_eth_esp_flags_xxx, tvb, offset, 1, eth_esph->eh_flags); offset += 1; } if (check_col(pinfo->cinfo, COL_INFO) || tree) {#define MAX_FLAGS_LEN 64 flags = ep_alloc(MAX_FLAGS_LEN); flags[0] = 0; for (i = 0; i < 8; i++) { bpos = 1 << i; if (eth_esph->eh_flags & bpos) { returned_length = g_snprintf(&flags[fpos], MAX_FLAGS_LEN - fpos, "%s%s", fpos ? ", " : "", fstr[i]); fpos += MIN(returned_length, MAX_FLAGS_LEN - fpos); } } } if (check_col(pinfo->cinfo, COL_INFO)) { col_append_fstr(pinfo->cinfo, COL_INFO, "[%s] Seq=%u Ack=%u", flags, eth_esph->eh_pkt_seq, eth_esph->eh_ack_seq); } pinfo->srcport = eth_esph->eh_sport; pinfo->destport = eth_esph->eh_dport; tap_queue_packet(eth_esp_tap, pinfo, eth_esph); length_remaining = tvb_length_remaining(tvb, offset); len = length_remaining; if (length_remaining != eth_esph->eh_len) { len = length_remaining; } else {//.........这里部分代码省略.........
开发者ID:ecsv,项目名称:wireshark-esp,代码行数:101,
示例12: _dissect_uasip//.........这里部分代码省略......... break; case UAUDP_CONNECT_KEEPALIVE: rTLV(uasip_tree, &hf_uasip_keepalive, tvb, offset, L); break; case UAUDP_CONNECT_QOS_IP_TOS: rTLV(uasip_tree, &hf_uasip_qos_ip_tos, tvb, offset, L); break; case UAUDP_CONNECT_QOS_8021_VLID: rTLV(uasip_tree, &hf_uasip_qos_8021_vlid, tvb, offset, L); break; case UAUDP_CONNECT_QOS_8021_PRI: rTLV(uasip_tree, &hf_uasip_qos_8021_pri, tvb, offset, L); break; default: break; } offset += (2 + L); } } break; case UAUDP_NACK: { proto_tree_add_uint(uasip_tree, hf_uasip_expseq, tvb, offset, 2, tvb_get_ntohs(tvb, offset)); ua_tap_info.expseq = tvb_get_ntohs(tvb, offset+0); /*offset += 2;*/ if (noesip_enabled) { col_add_fstr(pinfo->cinfo, COL_INFO, "NACK"); } else { col_add_fstr(pinfo->cinfo, COL_INFO, "NACK exp:%d", ua_tap_info.expseq); } } break; case UAUDP_DATA: { int datalen; proto_tree_add_uint(uasip_tree, hf_uasip_expseq, tvb, offset+0, 2, tvb_get_ntohs(tvb, offset+0)); proto_tree_add_uint(uasip_tree, hf_uasip_sntseq, tvb, offset+2, 2, tvb_get_ntohs(tvb, offset+2)); ua_tap_info.expseq = tvb_get_ntohs(tvb, offset+0); ua_tap_info.sntseq = tvb_get_ntohs(tvb, offset+2); offset += 4; datalen = (tvb_length(tvb) - offset); if (noesip_enabled) { if (datalen > 0) { if (direction == SYS_TO_TERM) { call_dissector(ua_sys_to_term_handle, tvb_new_subset(tvb, offset, datalen, datalen), pinfo, tree); } else if (direction == TERM_TO_SYS) { call_dissector(ua_term_to_sys_handle, tvb_new_subset(tvb, offset, datalen, datalen), pinfo, tree); } else { col_add_str(pinfo->cinfo, COL_INFO, "DATA - Couldn't resolve direction."); } } else { col_add_str(pinfo->cinfo, COL_INFO, "ACK"); } } else { if (datalen > 0) { col_add_fstr(pinfo->cinfo, COL_INFO, "DATA exp:%d", ua_tap_info.expseq); col_append_fstr(pinfo->cinfo, COL_INFO, " snt:%d", ua_tap_info.sntseq); } else { col_add_fstr(pinfo->cinfo, COL_INFO, "ACK exp:%d", ua_tap_info.expseq); col_append_fstr(pinfo->cinfo, COL_INFO, " snt:%d", ua_tap_info.sntseq); } } } break; default: break; }#if 0 tap_queue_packet(uasip_tap, pinfo, &ua_tap_info);#endif}
开发者ID:hashbrowncipher,项目名称:wireshark,代码行数:101,
示例13: dissect_bat_batman_v5static void dissect_bat_batman_v5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){ struct batman_packet_v5 *batman_packeth; const guint8 *old_orig_addr, *orig_addr; guint32 old_orig, orig; gint i; tvbuff_t *next_tvb; guint length_remaining; int offset = 0; batman_packeth = ep_alloc(sizeof(struct batman_packet_v5)); batman_packeth->version = tvb_get_guint8(tvb, 0); batman_packeth->flags = tvb_get_guint8(tvb, 1); batman_packeth->ttl = tvb_get_guint8(tvb, 2); batman_packeth->gwflags = tvb_get_guint8(tvb, 3); batman_packeth->seqno = tvb_get_ntohs(tvb, 4); batman_packeth->gwport = tvb_get_ntohs(tvb, 6); orig_addr = tvb_get_ptr(tvb, 8, 4); orig = tvb_get_ipv4(tvb, 8); SET_ADDRESS(&batman_packeth->orig, AT_IPv4, 4, orig_addr); old_orig_addr = tvb_get_ptr(tvb, 12, 4); old_orig = tvb_get_ipv4(tvb, 12); SET_ADDRESS(&batman_packeth->old_orig, AT_IPv4, 4, old_orig_addr); batman_packeth->tq = tvb_get_guint8(tvb, 16); batman_packeth->hna_len = tvb_get_guint8(tvb, 17); /* Set info column */ if (check_col(pinfo->cinfo, COL_INFO)) col_add_fstr(pinfo->cinfo, COL_INFO, "Seq=%u", batman_packeth->seqno); /* Set tree info */ if (tree) { proto_item *ti = NULL, *tf, *tgw; proto_tree *bat_batman_tree = NULL, *flag_tree = NULL; if (PTREE_DATA(tree)->visible) { ti = proto_tree_add_protocol_format(tree, proto_bat_plugin, tvb, 0, BATMAN_PACKET_V5_SIZE, "B.A.T.M.A.N., Orig: %s (%s)", get_hostname(orig), ip_to_str(batman_packeth->orig.data)); } else { ti = proto_tree_add_item(tree, proto_bat_plugin, tvb, 0, BATMAN_PACKET_V5_SIZE, FALSE); } bat_batman_tree = proto_item_add_subtree(ti, ett_bat_batman); /* items */ proto_tree_add_item(bat_batman_tree, hf_bat_batman_version, tvb, offset, 1, FALSE); offset += 1; tf = proto_tree_add_item(bat_batman_tree, hf_bat_batman_flags, tvb, offset, 1, FALSE); /* <flags> */ flag_tree = proto_item_add_subtree(tf, ett_bat_batman_flags); proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_unidirectional, tvb, offset, 1, batman_packeth->flags); proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_directlink, tvb, offset, 1, batman_packeth->flags); /* </flags> */ offset += 1; proto_tree_add_item(bat_batman_tree, hf_bat_batman_ttl, tvb, offset, 1, FALSE); offset += 1; tgw = proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwflags, tvb, offset, 1, FALSE); dissect_bat_gwflags(tvb, batman_packeth->gwflags, offset, tgw); offset += 1; proto_tree_add_item(bat_batman_tree, hf_bat_batman_seqno, tvb, offset, 2, FALSE); offset += 2; proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwport, tvb, offset, 2, FALSE); offset += 2; proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_orig, tvb, offset, 4, orig); offset += 4; proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_old_orig, tvb, offset, 4, old_orig); offset += 4; proto_tree_add_item(bat_batman_tree, hf_bat_batman_tq, tvb, offset, 1, FALSE); offset += 1; proto_tree_add_item(bat_batman_tree, hf_bat_batman_hna_len, tvb, offset, 1, FALSE); offset += 1; tap_queue_packet(bat_tap, pinfo, batman_packeth); for (i = 0; i < batman_packeth->hna_len; i++) { next_tvb = tvb_new_subset(tvb, offset, 5, 5); if (have_tap_listener(bat_follow_tap)) { tap_queue_packet(bat_follow_tap, pinfo, next_tvb); } dissect_bat_hna(next_tvb, pinfo, bat_batman_tree); offset += 5; } } length_remaining = tvb_reported_length_remaining(tvb, offset); if (length_remaining != 0) { next_tvb = tvb_new_subset_remaining(tvb, offset);//.........这里部分代码省略.........
开发者ID:flaub,项目名称:HotFuzz,代码行数:101,
示例14: message//.........这里部分代码省略......... } /* add message type */ col_append_str(pinfo->cinfo, COL_INFO, val_to_str(message_type, messagetypenames, "0x%04x")); col_append_str(pinfo->cinfo, COL_INFO, " "); /* message type statistic */ sinfo = ep_new(struct SametimeTap); sinfo->message_type = message_type; sinfo->send_type = -1; sinfo->user_status = -1; /* packet detail tree */ ti = proto_tree_add_item(tree, proto_sametime, tvb, offset, -1, ENC_NA); sametime_tree = proto_item_add_subtree(ti, ett_sametime); proto_item_append_text(sametime_tree, ", %s", val_to_str(message_type, messagetypenames, "0x%04x")); /* dissect message */ if (message_type == SAMETIME_MESSAGETYPE_HEARTBEAT) { proto_tree_add_item(sametime_tree, hf_sametime_heartbeat, tvb, offset, 1, ENC_BIG_ENDIAN); } else if (message_type != -1) { proto_tree *options_tree; proto_item *op; /* first 4 bytes gives the length of the sametime message */ if (global_sametime_show_length) { proto_tree_add_item(sametime_tree, hf_sametime_message_length, tvb, offset, 4, ENC_BIG_ENDIAN); } offset += 4; /* next 2 bytes gives the message type */ proto_tree_add_item(sametime_tree, hf_sametime_message_type, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* next 2 bytes are the message options */ op = proto_tree_add_item(sametime_tree, hf_sametime_message_options, tvb, offset, 2, ENC_BIG_ENDIAN); options_tree = proto_item_add_subtree(op, ett_sametime_options); proto_tree_add_item(options_tree, hf_sametime_message_options_attribute, tvb, offset, 2, ENC_BIG_ENDIAN); proto_tree_add_item(options_tree, hf_sametime_message_options_encrypted, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* next 4 bytes contains the channel id */ proto_tree_add_item(sametime_tree, hf_sametime_message_channel, tvb, offset, 4, ENC_BIG_ENDIAN); offset += 4; switch (message_type) { case SAMETIME_MESSAGETYPE_HANDSHAKE: dissect_handshake(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_HANDSHAKE_ACK: dissect_handshake_ack(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_HANDSHAKE_SYN: break; case SAMETIME_MESSAGETYPE_LOGIN: dissect_login(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_LOGIN_REDIRECT: dissect_login_redirect(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_LOGIN_ACK: dissect_login_ack(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_CHANNEL_CREATE: dissect_channel_create(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_CHANNEL_SEND: sinfo->send_type = dissect_channel_send(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_CHANNEL_ACCEPT: dissect_channel_accept(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_SET_USER_STATUS: sinfo->user_status = dissect_set_user_status(tvb, sametime_tree, offset); break; case SAMETIME_MESSAGETYPE_SENSE_SERVICE: dissect_sense_service(tvb, sametime_tree, offset); break; default: /* do not fill the statistics with useless data from encrypted packages */ sinfo->message_type = -1; break; } } tap_queue_packet(sametime_tap, pinfo, sinfo);}
开发者ID:CTSRD-CHERI,项目名称:wireshark,代码行数:101,
示例15: dissect_actrace_cas//.........这里部分代码省略......... proto_tree_add_text(actrace_tree, tvb, offset, 4, "Parameter 0: %s", val_to_str(par0, actrace_cas_collect_type_vals, "Unknown (%d)")); col_append_fstr(pinfo->cinfo, COL_INFO, "%s|", val_to_str(par0, actrace_cas_collect_type_vals, "%d")); break; case SEND_MF: case SEND_DEST_NUM: proto_tree_add_text(actrace_tree, tvb, offset, 4, "Parameter 0: %s", val_to_str(par0, actrace_cas_send_type_vals, "Unknown (%d)")); col_append_fstr(pinfo->cinfo, COL_INFO, "%s|", val_to_str(par0, actrace_cas_send_type_vals, "%d")); break; default: proto_tree_add_int(actrace_tree, hf_actrace_cas_par0, tvb, offset, 4, par0); col_append_fstr(pinfo->cinfo, COL_INFO, "%d|", par0); } offset += 4; par1 = tvb_get_ntohl(tvb, offset); if (function == SEND_EVENT) { proto_tree_add_text(actrace_tree, tvb, offset, 4, "Parameter 1: %s", val_to_str_ext(par1, &actrace_cas_cause_vals_ext, "Unknown (%d)")); col_append_fstr(pinfo->cinfo, COL_INFO, "%s|", val_to_str_ext(par1, &actrace_cas_cause_vals_ext, "%d")); } else { proto_tree_add_int(actrace_tree, hf_actrace_cas_par1, tvb, offset, 4, par1); col_append_fstr(pinfo->cinfo, COL_INFO, "%d|", par1); } offset += 4; par2 = tvb_get_ntohl(tvb, offset); proto_tree_add_int(actrace_tree, hf_actrace_cas_par2, tvb, offset, 4, par2); col_append_fstr(pinfo->cinfo, COL_INFO, "%d|", par2); offset += 4; trunk = tvb_get_ntohl(tvb, offset); proto_tree_add_int(actrace_tree, hf_actrace_cas_trunk, tvb, offset, 4, trunk); offset += 4; bchannel = tvb_get_ntohl(tvb, offset); proto_tree_add_int(actrace_tree, hf_actrace_cas_bchannel, tvb, offset, 4, bchannel); offset += 4; col_prepend_fstr(pinfo->cinfo, COL_INFO, "t%db%d|", trunk, bchannel); value = tvb_get_ntohl(tvb, offset); proto_tree_add_int(actrace_tree, hf_actrace_cas_connection_id, tvb, offset, 4, value); /* Add tap info for the Voip Graph */ if (source == ACTRACE_CAS_SOURCE_DSP) { direction = 1; if ( (event >= ACTRACE_CAS_EV_11) && (event <= ACTRACE_CAS_EV_00 ) ) { frame_label = ep_strdup_printf("AB: %s", val_to_str_const(event, actrace_cas_event_ab_vals, "ERROR") ); } else if ( (event >= 32) && (event <= 46 ) ) { /* is an MF tone */ frame_label = ep_strdup_printf("MF: %s", val_to_str_ext_const(event, &actrace_cas_mf_vals_ext, "ERROR") ); } else if ( (event == ACTRACE_CAS_EV_DTMF ) || (event == ACTRACE_CAS_EV_FIRST_DIGIT ) ) { /* DTMF digit */ frame_label = ep_strdup_printf("DTMF: %u", par0 ); } } else if (source == ACTRACE_CAS_SOURCE_TABLE) { direction = 0; if (function == SEND_MF) { if (par0 == SEND_TYPE_SPECIFIC ) { frame_label = ep_strdup_printf("MF: %u", par1); } else if (par0 == SEND_TYPE_ADDRESS ) { frame_label = ep_strdup("MF: DNIS digit"); } else if (par0 == SEND_TYPE_ANI ) { frame_label = ep_strdup("MF: ANI digit"); } else if (par0 == SEND_TYPE_SOURCE_CATEGORY ) { frame_label = ep_strdup("MF: src_category"); } else if (par0 == SEND_TYPE_TRANSFER_CAPABILITY ) { frame_label = ep_strdup("MF: trf_capability"); } else if (par0 == SEND_TYPE_INTER_EXCHANGE_SWITCH ) { frame_label = ep_strdup("MF: inter_exch_sw"); } } else if (function == SEND_CAS) { frame_label = ep_strdup_printf("AB: %s", val_to_str_const(ACTRACE_CAS_EV_00-par0, actrace_cas_event_ab_vals, "ERROR")); } else if (function == SEND_DEST_NUM) { if (par0 == SEND_TYPE_ADDRESS ) { frame_label = ep_strdup("DTMF/MF: sending DNIS"); } else if (par0 == SEND_TYPE_ANI ) { frame_label = ep_strdup("DTMF/MF: sending ANI"); } } } if (frame_label != NULL) { /* Initialise packet info for passing to tap */ actrace_pi = ep_new(actrace_info_t); actrace_pi->type = ACTRACE_CAS; actrace_pi->direction = direction; actrace_pi->trunk = trunk; actrace_pi->cas_bchannel = bchannel; actrace_pi->cas_frame_label = frame_label; /* Report this packet to the tap */ tap_queue_packet(actrace_tap, pinfo, actrace_pi); }}
开发者ID:hubolo,项目名称:wireshark-1.8.0,代码行数:101,
示例16: dissect_radiotap//.........这里部分代码省略......... tvb, offset+0, 4, flags); flags_tree = proto_item_add_subtree(it, ett_radiotap_xchannel_flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_turbo, tvb, offset+0, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_cck, tvb, offset+0, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_ofdm, tvb, offset+0, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_2ghz, tvb, offset+0, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_5ghz, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_passive, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_dynamic, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_gfsk, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_gsm, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_sturbo, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_half, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_quarter, tvb, offset+1, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_ht20, tvb, offset+2, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_ht40u, tvb, offset+2, 1, flags); proto_tree_add_boolean(flags_tree, hf_radiotap_xchannel_flags_ht40d, tvb, offset+2, 1, flags);#if 0 proto_tree_add_uint(radiotap_tree, hf_radiotap_xchannel_maxpower, tvb, offset+7, 1, maxpower);#endif } offset+=8 /* flags + freq + ieee + maxregpower */; length_remaining-=8; break; } default: /* * This indicates a field whose size we do not * know, so we cannot proceed. */ next_present = 0; continue; } } /* This handles the case of an FCS exiting at the end of the frame. */ if (rflags & IEEE80211_RADIOTAP_F_FCS) pinfo->pseudo_header->ieee_802_11.fcs_len = 4; else pinfo->pseudo_header->ieee_802_11.fcs_len = 0; /* Grab the rest of the frame. */ next_tvb = tvb_new_subset_remaining(tvb, length); /* If we had an in-header FCS, check it. * This can only happen if the backward-compat configuration option * is chosen by the user. */ if (hdr_fcs_ti) { /* It would be very strange for the header to have an FCS for the * frame *and* the frame to have the FCS at the end, but it's possible, so * take that into account by using the FCS length recorded in pinfo. */ /* Watch out for [erroneously] short frames */ if (tvb_length(next_tvb) > (unsigned int) pinfo->pseudo_header->ieee_802_11.fcs_len) { calc_fcs = crc32_802_tvb(next_tvb, tvb_length(next_tvb) - pinfo->pseudo_header->ieee_802_11.fcs_len); /* By virtue of hdr_fcs_ti being set, we know that 'tree' is set, * so there's no need to check it here. */ if (calc_fcs == sent_fcs) { proto_item_append_text(hdr_fcs_ti, " [correct]"); } else { proto_item_append_text(hdr_fcs_ti, " [incorrect, should be 0x%08x]", calc_fcs); hidden_item = proto_tree_add_boolean(radiotap_tree, hf_radiotap_fcs_bad, tvb, hdr_fcs_offset, 4, TRUE); PROTO_ITEM_SET_HIDDEN(hidden_item); } } else { proto_item_append_text(hdr_fcs_ti, " [cannot verify - not enough data]"); } } /* dissect the 802.11 header next */ call_dissector((rflags & IEEE80211_RADIOTAP_F_DATAPAD) ? ieee80211_datapad_handle : ieee80211_handle, next_tvb, pinfo, tree); tap_queue_packet(radiotap_tap, pinfo, radiotap_info);}
开发者ID:AkhilaAG,项目名称:gluster-wireshark-1.4,代码行数:101,
示例17: expert_set_info_vformatstatic voidexpert_set_info_vformat(packet_info *pinfo, proto_item *pi, int group, int severity, int hf_index, gboolean use_vaformat, const char *format, va_list ap){ char formatted[ITEM_LABEL_LENGTH]; int tap; expert_info_t *ei; proto_tree *tree; proto_item *ti; if (pinfo == NULL && pi && pi->tree_data) { pinfo = PTREE_DATA(pi)->pinfo; } /* if this packet isn't loaded because of a read filter, don't output anything */ if (pinfo == NULL || pinfo->num == 0) { return; } if (severity > highest_severity) { highest_severity = severity; } /* XXX: can we get rid of these checks and make them programming errors instead now? */ if (pi != NULL && PITEM_FINFO(pi) != NULL) { expert_set_item_flags(pi, group, severity); } if ((pi == NULL) || (PITEM_FINFO(pi) == NULL) || ((guint)severity >= FI_GET_FLAG(PITEM_FINFO(pi), PI_SEVERITY_MASK))) { col_add_str(pinfo->cinfo, COL_EXPERT, val_to_str(severity, expert_severity_vals, "Unknown (%u)")); } if (use_vaformat) { g_vsnprintf(formatted, ITEM_LABEL_LENGTH, format, ap); } else { g_strlcpy(formatted, format, ITEM_LABEL_LENGTH); } tree = expert_create_tree(pi, group, severity, formatted); if (hf_index == -1) { /* If no filterable expert info, just add the message */ ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted); PROTO_ITEM_SET_GENERATED(ti); } else { /* If filterable expert info, hide the "generic" form of the message, and generate the formatted filterable expert info */ ti = proto_tree_add_none_format(tree, hf_index, NULL, 0, 0, "%s", formatted); PROTO_ITEM_SET_GENERATED(ti); ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted); PROTO_ITEM_SET_HIDDEN(ti); } ti = proto_tree_add_uint_format_value(tree, hf_expert_severity, NULL, 0, 0, severity, "%s", val_to_str_const(severity, expert_severity_vals, "Unknown")); PROTO_ITEM_SET_GENERATED(ti); ti = proto_tree_add_uint_format_value(tree, hf_expert_group, NULL, 0, 0, group, "%s", val_to_str_const(group, expert_group_vals, "Unknown")); PROTO_ITEM_SET_GENERATED(ti); tap = have_tap_listener(expert_tap); if (!tap) return; ei = wmem_new(wmem_packet_scope(), expert_info_t); ei->packet_num = pinfo->num; ei->group = group; ei->severity = severity; ei->hf_index = hf_index; ei->protocol = pinfo->current_proto; ei->summary = wmem_strdup(wmem_packet_scope(), formatted); /* if we have a proto_item (not a faked item), set expert attributes to it */ if (pi != NULL && PITEM_FINFO(pi) != NULL) { ei->pitem = pi; } /* XXX: remove this because we don't have an internal-only function now? */ else { ei->pitem = NULL; } tap_queue_packet(expert_tap, pinfo, ei);}
开发者ID:DuLerWeil,项目名称:wireshark,代码行数:86,
示例18: dissect_frame//.........这里部分代码省略......... if (!dissector_try_port(wtap_encap_dissector_table, pinfo->fd->lnk_t, tvb, pinfo, parent_tree)) { col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN"); col_add_fstr(pinfo->cinfo, COL_INFO, "WTAP_ENCAP = %u", pinfo->fd->lnk_t); call_dissector(data_handle,tvb, pinfo, parent_tree); } }#ifdef _MSC_VER } __except(TRUE /* handle all exceptions */) { switch(GetExceptionCode()) { case(STATUS_ACCESS_VIOLATION): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address"); break; case(STATUS_INTEGER_DIVIDE_BY_ZERO): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero"); break; case(STATUS_STACK_OVERFLOW): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)"); /* XXX - this will have probably corrupted the stack, which makes problems later in the exception code */ break; /* XXX - add other hardware exception codes as required */ default: show_exception(tvb, pinfo, parent_tree, DissectorError, g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode())); } }#endif } CATCH(OutOfMemoryError) { RETHROW; } CATCH_ALL { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; if (tree && pinfo->layer_names) { proto_item_append_string(ti, pinfo->layer_names->str); g_string_free(pinfo->layer_names, TRUE); pinfo->layer_names = NULL; } /* Call postdissectors if we have any (while trying to avoid another * TRY/CATCH) */ if (have_postdissector()) { TRY {#ifdef _MSC_VER /* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions like memory access violations */ /* (a running debugger will be called before the except part below) */ __try {#endif call_all_postdissectors(tvb, pinfo, parent_tree);#ifdef _MSC_VER } __except(TRUE /* handle all exceptions */) { switch(GetExceptionCode()) { case(STATUS_ACCESS_VIOLATION): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address"); break; case(STATUS_INTEGER_DIVIDE_BY_ZERO): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero"); break; case(STATUS_STACK_OVERFLOW): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)"); /* XXX - this will have probably corrupted the stack, which makes problems later in the exception code */ break; /* XXX - add other hardware exception codes as required */ default: show_exception(tvb, pinfo, parent_tree, DissectorError, g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode())); } }#endif } CATCH(OutOfMemoryError) { RETHROW; } CATCH_ALL { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; } tap_queue_packet(frame_tap, pinfo, NULL); if (frame_end_routines) { g_slist_foreach(frame_end_routines, &call_frame_end_routine, NULL); g_slist_free(frame_end_routines); frame_end_routines = NULL; }}
开发者ID:RazZziel,项目名称:wireshark-dplay,代码行数:101,
示例19: dissect_rtp_eventsstatic voiddissect_rtp_events( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree ){ proto_item *ti = NULL; proto_tree *rtp_events_tree = NULL; unsigned int offset = 0; struct _rtp_conversation_info *p_conv_data = NULL; guint8 rtp_evt; guint8 octet; col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTP EVENT"); col_clear(pinfo->cinfo, COL_INFO); /* Get event fields */ rtp_evt = tvb_get_guint8(tvb, offset ); /* get tap info */ rtp_event_info.info_rtp_evt = rtp_evt; p_conv_data = (struct _rtp_conversation_info *)p_get_proto_data(wmem_file_scope(), pinfo, proto_get_id_by_filter_name("rtp"), 0); if (p_conv_data) rtp_event_info.info_setup_frame_num = p_conv_data->frame_number; else rtp_event_info.info_setup_frame_num = 0; col_add_fstr( pinfo->cinfo, COL_INFO, "Payload type=RTP Event, %s", val_to_str( rtp_evt, rtp_event_type_values, "Unknown (%u)" )); ti = proto_tree_add_item( tree, proto_rtp_events, tvb, offset, -1, ENC_NA ); rtp_events_tree = proto_item_add_subtree( ti, ett_rtp_events ); proto_tree_add_uint ( rtp_events_tree, hf_rtp_events_event, tvb, offset, 1, rtp_evt); offset++; octet = tvb_get_guint8(tvb, offset); proto_tree_add_boolean (rtp_events_tree, hf_rtp_events_end, tvb, offset, 1, octet); proto_tree_add_boolean (rtp_events_tree, hf_rtp_events_reserved, tvb, offset, 1, octet); proto_tree_add_uint ( rtp_events_tree, hf_rtp_events_volume, tvb, offset, 1, octet); offset++; /* The duration field indicates the duration of the event or segment * being reported, in timestamp units. */ rtp_event_info.info_duration = tvb_get_ntohs(tvb, offset); proto_tree_add_item ( rtp_events_tree, hf_rtp_events_duration, tvb, offset, 2, ENC_BIG_ENDIAN); /* set the end info for the tap */ if (octet & 0x80) { rtp_event_info.info_end = TRUE; } else { rtp_event_info.info_end = FALSE; } /* Make end-of-event packets obvious in the info column */ if ((octet & 0x80)) { col_append_str(pinfo->cinfo, COL_INFO, " (end)"); } tap_queue_packet(rtp_event_tap, pinfo, &rtp_event_info);}
开发者ID:RayHightower,项目名称:wireshark,代码行数:67,
示例20: dissect_ipx//.........这里部分代码省略......... proto_tree_add_uint_format(ipx_tree, hf_ipx_hops, tvb, 4, 1, ipx_hops, "Transport Control: %d hops", ipx_hops); proto_tree_add_uint(ipx_tree, hf_ipx_packet_type, tvb, 5, 1, ipxh->ipx_type); /* Destination */ ipx_dnet = tvb_get_ntohl(tvb, 6); proto_tree_add_ipxnet(ipx_tree, hf_ipx_dnet, tvb, 6, 4, ipx_dnet); hidden_item = proto_tree_add_ipxnet(ipx_tree, hf_ipx_net, tvb, 6, 4, ipx_dnet); PROTO_ITEM_SET_HIDDEN(hidden_item); proto_tree_add_item(ipx_tree, hf_ipx_dnode, tvb, 10, 6, ENC_NA); hidden_item = proto_tree_add_item(ipx_tree, hf_ipx_node, tvb, 10, 6, ENC_NA); PROTO_ITEM_SET_HIDDEN(hidden_item); proto_tree_add_uint(ipx_tree, hf_ipx_dsocket, tvb, 16, 2, ipxh->ipx_dsocket); hidden_item = proto_tree_add_uint(ipx_tree, hf_ipx_socket, tvb, 16, 2, ipxh->ipx_dsocket); PROTO_ITEM_SET_HIDDEN(hidden_item); /* Source */ ipx_snet = tvb_get_ntohl(tvb, 18); proto_tree_add_ipxnet(ipx_tree, hf_ipx_snet, tvb, 18, 4, ipx_snet); hidden_item = proto_tree_add_ipxnet(ipx_tree, hf_ipx_net, tvb, 18, 4, ipx_snet); PROTO_ITEM_SET_HIDDEN(hidden_item); proto_tree_add_item(ipx_tree, hf_ipx_snode, tvb, 22, 6, ENC_NA); hidden_item = proto_tree_add_item(ipx_tree, hf_ipx_node, tvb, 22, 6, ENC_NA); PROTO_ITEM_SET_HIDDEN(hidden_item); proto_tree_add_uint(ipx_tree, hf_ipx_ssocket, tvb, 28, 2, ipxh->ipx_ssocket); hidden_item = proto_tree_add_uint(ipx_tree, hf_ipx_socket, tvb, 28, 2, ipxh->ipx_ssocket); PROTO_ITEM_SET_HIDDEN(hidden_item); /* Make the next tvbuff */ next_tvb = tvb_new_subset_remaining(tvb, IPX_HEADER_LEN); /* * Let the subdissector know what type of IPX packet this is. */ pinfo->ipxptype = ipxh->ipx_type; /* * Check the socket numbers before we check the packet type; * we've seen non-NCP packets with a type of NCP and a * destination socket of IPX_SOCKET_IPX_MESSAGE, and SAP * packets with a type of NCP and a destination socket of * IPX_SOCKET_SAP. * * We've seen NCP packets with a type of NCP, a source socket of * IPX_SOCKET_NCP, and a destination socket of IPX_SOCKET_IPX_MESSAGE, * and we've seen NCP packets with a type of NCP, a source socket of * IPX_SOCKET_IPX_MESSAGE, and a destination socket of * IPX_SOCKET_NCP, so testing the destination socket first doesn't * always give the right answer. We've also seen SAP packets with * a source socket of IPX_SOCKET_SAP and a destination socket of * IPX_SOCKET_IPX_MESSAGE. * * Unfortunately, we've also seen packets with a source socket * of IPX_SOCKET_NWLINK_SMB_SERVER and a destination socket * of IPX_SOCKET_NWLINK_SMB_NAMEQUERY that were NMPI packets, * not SMB packets, so testing the lower-valued socket first * also doesn't always give the right answer. * * So we start out assuming we should test the lower-numbered * socket number first, but, if the higher-numbered socket is * IPX_SOCKET_NWLINK_SMB_NAMEQUERY, we assume that it's a * NMPI query, and test only that socket. */ if (ipxh->ipx_ssocket > ipxh->ipx_dsocket) { first_socket = ipxh->ipx_dsocket; second_socket = ipxh->ipx_ssocket; } else { first_socket = ipxh->ipx_ssocket; second_socket = ipxh->ipx_dsocket; } tap_queue_packet(ipx_tap, pinfo, ipxh); if (second_socket != IPX_SOCKET_NWLINK_SMB_NAMEQUERY) { if (dissector_try_uint(ipx_socket_dissector_table, first_socket, next_tvb, pinfo, tree)) return; } if (dissector_try_uint(ipx_socket_dissector_table, second_socket, next_tvb, pinfo, tree)) return; /* * Neither of them are known; try the packet type, which will * at least let us, for example, dissect SPX packets as SPX. */ if (dissector_try_uint(ipx_type_dissector_table, ipxh->ipx_type, next_tvb, pinfo, tree)) return; call_dissector(data_handle,next_tvb, pinfo, tree);}
开发者ID:AnkitKejriwal,项目名称:wireshark,代码行数:101,
示例21: decode_udp_portsvoiddecode_udp_ports(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int uh_sport, int uh_dport, int uh_ulen){ tvbuff_t *next_tvb; int low_port, high_port; gint len, reported_len; len = tvb_length_remaining(tvb, offset); reported_len = tvb_reported_length_remaining(tvb, offset); if (uh_ulen != -1) { /* This is the length from the UDP header; the payload should be cut off at that length. (If our caller passed a value here, they are assumed to have checked that it's >= 8, and hence >= offset.) XXX - what if it's *greater* than the reported length? */ if (uh_ulen - offset < reported_len) reported_len = uh_ulen - offset; if (len > reported_len) len = reported_len; } next_tvb = tvb_new_subset(tvb, offset, len, reported_len); /* If the user has a "Follow UDP Stream" window loading, pass a pointer * to the payload tvb through the tap system. */ if(have_tap_listener(udp_follow_tap)) tap_queue_packet(udp_follow_tap, pinfo, next_tvb);/* determine if this packet is part of a conversation and call dissector *//* for the conversation if available */ if (try_conversation_dissector(&pinfo->dst, &pinfo->src, PT_UDP, uh_dport, uh_sport, next_tvb, pinfo, tree)){ return; } if (try_heuristic_first) { /* do lookup with the heuristic subdissector table */ if (dissector_try_heuristic(heur_subdissector_list, next_tvb, pinfo, tree, NULL)) return; } /* Do lookups with the subdissector table. We try the port number with the lower value first, followed by the port number with the higher value. This means that, for packets where a dissector is registered for *both* port numbers: 1) we pick the same dissector for traffic going in both directions; 2) we prefer the port number that's more likely to be the right one (as that prefers well-known ports to reserved ports); although there is, of course, no guarantee that any such strategy will always pick the right port number. XXX - we ignore port numbers of 0, as some dissectors use a port number of 0 to disable the port, and as RFC 768 says that the source port in UDP datagrams is optional and is 0 if not used. */ if (uh_sport > uh_dport) { low_port = uh_dport; high_port = uh_sport; } else { low_port = uh_sport; high_port = uh_dport; } if (low_port != 0 && dissector_try_uint(udp_dissector_table, low_port, next_tvb, pinfo, tree)) return; if (high_port != 0 && dissector_try_uint(udp_dissector_table, high_port, next_tvb, pinfo, tree)) return; if (!try_heuristic_first) { /* do lookup with the heuristic subdissector table */ if (dissector_try_heuristic(heur_subdissector_list, next_tvb, pinfo, tree, NULL)) return; } call_dissector(data_handle,next_tvb, pinfo, tree);}
开发者ID:drower,项目名称:wireshark-1.10.0,代码行数:81,
示例22: dissect_eth_commonstatic voiddissect_eth_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int fcs_len){ proto_item *ti = NULL; eth_hdr *ehdr; gboolean is_802_2; proto_tree *fh_tree = NULL; const guint8 *src_addr, *dst_addr; static eth_hdr ehdrs[4]; static int ehdr_num=0; proto_tree *tree; proto_item *addr_item; proto_tree *addr_tree=NULL; ehdr_num++; if(ehdr_num>=4){ ehdr_num=0; } ehdr=&ehdrs[ehdr_num]; tree=parent_tree; col_set_str(pinfo->cinfo, COL_PROTOCOL, "Ethernet"); src_addr=tvb_get_ptr(tvb, 6, 6); SET_ADDRESS(&pinfo->dl_src, AT_ETHER, 6, src_addr); SET_ADDRESS(&pinfo->src, AT_ETHER, 6, src_addr); SET_ADDRESS(&ehdr->src, AT_ETHER, 6, src_addr); dst_addr=tvb_get_ptr(tvb, 0, 6); SET_ADDRESS(&pinfo->dl_dst, AT_ETHER, 6, dst_addr); SET_ADDRESS(&pinfo->dst, AT_ETHER, 6, dst_addr); SET_ADDRESS(&ehdr->dst, AT_ETHER, 6, dst_addr); ehdr->type = tvb_get_ntohs(tvb, 12); tap_queue_packet(eth_tap, pinfo, ehdr); /* * In case the packet is a non-Ethernet packet inside * Ethernet framing, allow heuristic dissectors to take * a first look before we assume that it's actually an * Ethernet packet. */ if (dissector_try_heuristic(heur_subdissector_list, tvb, pinfo, parent_tree, NULL)) return; if (ehdr->type <= IEEE_802_3_MAX_LEN) { /* Oh, yuck. Cisco ISL frames require special interpretation of the destination address field; fortunately, they can be recognized by checking the first 5 octets of the destination address, which are 01-00-0C-00-00 for ISL frames. */ if ((tvb_get_guint8(tvb, 0) == 0x01 || tvb_get_guint8(tvb, 0) == 0x0C) && tvb_get_guint8(tvb, 1) == 0x00 && tvb_get_guint8(tvb, 2) == 0x0C && tvb_get_guint8(tvb, 3) == 0x00 && tvb_get_guint8(tvb, 4) == 0x00) { dissect_isl(tvb, pinfo, parent_tree, fcs_len); return; } } /* * If the type/length field is <= the maximum 802.3 length, * and is not zero, this is an 802.3 frame, and it's a length * field; it might be an Novell "raw 802.3" frame, with no * 802.2 LLC header, or it might be a frame with an 802.2 LLC * header. * * If the type/length field is >= the minimum Ethernet II length, * this is an Ethernet II frame, and it's a type field. * * If the type/length field is > maximum 802.3 length and < minimum * Ethernet II length, then this is an invalid packet. * * If the type/length field is zero (ETHERTYPE_UNK), this is * a frame used internally by the Cisco MDS switch to contain * Fibre Channel ("Vegas"). We treat that as an Ethernet II * frame; the dissector for those frames registers itself with * an ethernet type of ETHERTYPE_UNK. */ if (ehdr->type > IEEE_802_3_MAX_LEN && ehdr->type < ETHERNET_II_MIN_LEN) { tvbuff_t *next_tvb; col_add_fstr(pinfo->cinfo, COL_INFO, "Ethernet Unknown: Invalid length/type: 0x%04x (%d)", ehdr->type, ehdr->type); ti = proto_tree_add_protocol_format(tree, proto_eth, tvb, 0, ETH_HEADER_SIZE, "Ethernet Unknown, Src: %s (%s), Dst: %s (%s)", get_ether_name(src_addr), ether_to_str(src_addr), get_ether_name(dst_addr), ether_to_str(dst_addr)); fh_tree = proto_item_add_subtree(ti, ett_ether); addr_item = proto_tree_add_ether(fh_tree, hf_eth_dst, tvb, 0, 6, dst_addr); if (addr_item) addr_tree = proto_item_add_subtree(addr_item, ett_addr); proto_tree_add_ether(addr_tree, hf_eth_addr, tvb, 0, 6, dst_addr); proto_tree_add_item(addr_tree, hf_eth_lg, tvb, 0, 3, ENC_BIG_ENDIAN); proto_tree_add_item(addr_tree, hf_eth_ig, tvb, 0, 3, ENC_BIG_ENDIAN);//.........这里部分代码省略.........
开发者ID:mcrotty,项目名称:stack,代码行数:101,
示例23: dissect//.........这里部分代码省略......... offset + 6, 2, FALSE); PROTO_ITEM_SET_GENERATED(item); } else { item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb, offset + 6, 2, udph->uh_sum, "Checksum: 0x%04x [incorrect, should be 0x%04x (maybe caused by /"UDP checksum offload/"?)]", udph->uh_sum, in_cksum_shouldbe(udph->uh_sum, computed_cksum)); checksum_tree = proto_item_add_subtree(item, ett_udp_checksum); item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb, offset + 6, 2, FALSE); PROTO_ITEM_SET_GENERATED(item); item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb, offset + 6, 2, TRUE); PROTO_ITEM_SET_GENERATED(item); expert_add_info_format(pinfo, item, PI_CHECKSUM, PI_ERROR, "Bad checksum"); col_append_fstr(pinfo->cinfo, COL_INFO, " [UDP CHECKSUM INCORRECT]"); } } else { item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb, offset + 6, 2, udph->uh_sum, "Checksum: 0x%04x [validation disabled]", udph->uh_sum); checksum_tree = proto_item_add_subtree(item, ett_udp_checksum); item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb, offset + 6, 2, FALSE); PROTO_ITEM_SET_GENERATED(item); item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb, offset + 6, 2, FALSE); PROTO_ITEM_SET_GENERATED(item); } } else { item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb, offset + 6, 2, udph->uh_sum, "Checksum: 0x%04x [unchecked, not all data available]", udph->uh_sum); checksum_tree = proto_item_add_subtree(item, ett_udp_checksum); item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb, offset + 6, 2, FALSE); PROTO_ITEM_SET_GENERATED(item); item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb, offset + 6, 2, FALSE); PROTO_ITEM_SET_GENERATED(item); } /* Skip over header */ offset += 8; pinfo->ptype = PT_UDP; pinfo->srcport = udph->uh_sport; pinfo->destport = udph->uh_dport; tap_queue_packet(udp_tap, pinfo, udph); /* find(or create if needed) the conversation for this udp session */ if (udp_process_info) { conv=find_or_create_conversation(pinfo); udpd=get_udp_conversation_data(conv,pinfo); } if (udpd && ((udpd->fwd && udpd->fwd->command) || (udpd->rev && udpd->rev->command))) { ti = proto_tree_add_text(udp_tree, tvb, offset, 0, "Process Information"); PROTO_ITEM_SET_GENERATED(ti); process_tree = proto_item_add_subtree(ti, ett_udp_process_info); if (udpd->fwd && udpd->fwd->command) { proto_tree_add_uint_format_value(process_tree, hf_udp_proc_dst_uid, tvb, 0, 0, udpd->fwd->process_uid, "%u", udpd->fwd->process_uid); proto_tree_add_uint_format_value(process_tree, hf_udp_proc_dst_pid, tvb, 0, 0, udpd->fwd->process_pid, "%u", udpd->fwd->process_pid); proto_tree_add_string_format_value(process_tree, hf_udp_proc_dst_uname, tvb, 0, 0, udpd->fwd->username, "%s", udpd->fwd->username); proto_tree_add_string_format_value(process_tree, hf_udp_proc_dst_cmd, tvb, 0, 0, udpd->fwd->command, "%s", udpd->fwd->command); } if (udpd->rev->command) { proto_tree_add_uint_format_value(process_tree, hf_udp_proc_src_uid, tvb, 0, 0, udpd->rev->process_uid, "%u", udpd->rev->process_uid); proto_tree_add_uint_format_value(process_tree, hf_udp_proc_src_pid, tvb, 0, 0, udpd->rev->process_pid, "%u", udpd->rev->process_pid); proto_tree_add_string_format_value(process_tree, hf_udp_proc_src_uname, tvb, 0, 0, udpd->rev->username, "%s", udpd->rev->username); proto_tree_add_string_format_value(process_tree, hf_udp_proc_src_cmd, tvb, 0, 0, udpd->rev->command, "%s", udpd->rev->command); } } /* * Call sub-dissectors. * * XXX - should we do this if this is included in an error packet? * It might be nice to see the details of the packet that caused the * ICMP error, but it might not be nice to have the dissector update * state based on it. * Also, we probably don't want to run UDP taps on those packets. * * We definitely don't want to do it for an error packet if there's * nothing left in the packet. */ if (!pinfo->flags.in_error_pkt || tvb_length_remaining(tvb, offset) > 0) decode_udp_ports(tvb, offset, pinfo, tree, udph->uh_sport, udph->uh_dport, udph->uh_ulen);}
开发者ID:drower,项目名称:wireshark-1.10.0,代码行数:101,
示例24: dissect_tftp_message//.........这里部分代码省略......... cleanup_tftp_blocks(tftp_info); tftp_info->next_tap_block_num = 1; } if (blocknum != tftp_info->next_tap_block_num) { /* Ignore. Could be missing frames, or just clicking previous frame */ return; } if (bytes > 0) { /* Create a block for this block */ block = (file_block_t*)g_malloc(sizeof(file_block_t)); block->length = bytes; block->data = tvb_memdup(NULL, data_tvb, 0, bytes); /* Add to the end of the list (does involve traversing whole list..) */ tftp_info->block_list = g_slist_append(tftp_info->block_list, block); tftp_info->file_length += bytes; /* Look for next blocknum next time */ tftp_info->next_tap_block_num++; } /* Tap export object only when reach end of file */ if (bytes < tftp_info->blocksize) { tftp_eo_t *eo_info; /* If don't have a filename, won't tap file info */ if ((tftp_info->source_file == NULL) && (tftp_info->destination_file == NULL)) { cleanup_tftp_blocks(tftp_info); return; } /* Create the eo_info to pass to the listener */ eo_info = wmem_new(wmem_packet_scope(), tftp_eo_t); /* Set filename */ if (tftp_info->source_file) { eo_info->filename = g_strdup(tftp_info->source_file); } else if (tftp_info->destination_file) { eo_info->filename = g_strdup(tftp_info->destination_file); } /* Send block list, which will be combined and freed at tap. */ eo_info->payload_len = tftp_info->file_length; eo_info->pkt_num = blocknum; eo_info->block_list = tftp_info->block_list; /* Send to tap */ tap_queue_packet(tftp_eo_tap, pinfo, eo_info); /* Have sent, so forget list of blocks, and only pay attention if we get back to the first block again. */ tftp_info->block_list = NULL; tftp_info->next_tap_block_num = 1; } } break; case TFTP_ACK: blocknum = tvb_get_ntohs(tvb, offset); proto_tree_add_uint(tftp_tree, hf_tftp_blocknum, tvb, offset, 2, blocknum); col_append_fstr(pinfo->cinfo, COL_INFO, ", Block: %i", blocknum); break; case TFTP_ERROR: error = tvb_get_ntohs(tvb, offset); proto_tree_add_uint(tftp_tree, hf_tftp_error_code, tvb, offset, 2, error); col_append_fstr(pinfo->cinfo, COL_INFO, ", Code: %s", val_to_str(error, tftp_error_code_vals, "Unknown (%u)")); offset += 2; i1 = tvb_strsize(tvb, offset); proto_tree_add_item(tftp_tree, hf_tftp_error_string, tvb, offset, i1, ENC_ASCII|ENC_NA); col_append_fstr(pinfo->cinfo, COL_INFO, ", Message: %s", tvb_format_stringzpad(tvb, offset, i1)); expert_add_info(pinfo, NULL, &ei_tftp_blocksize_range); break; case TFTP_OACK: tftp_dissect_options(tvb, pinfo, offset, tftp_tree, opcode, tftp_info); break; default: proto_tree_add_item(tftp_tree, hf_tftp_data, tvb, offset, -1, ENC_NA); break; }}
开发者ID:DuLerWeil,项目名称:wireshark,代码行数:101,
示例25: dissect_framestatic voiddissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree){ guint cap_len = 0, frame_len = 0; const gchar *cap_plurality, *frame_plurality; pinfo->current_proto = "Frame"; if (pinfo->pseudo_header != NULL) { switch (pinfo->fd->lnk_t) { case WTAP_ENCAP_WFLEET_HDLC: case WTAP_ENCAP_CHDLC_WITH_PHDR: case WTAP_ENCAP_PPP_WITH_PHDR: case WTAP_ENCAP_SDLC: case WTAP_ENCAP_BLUETOOTH_H4_WITH_PHDR: pinfo->p2p_dir = pinfo->pseudo_header->p2p.sent ? P2P_DIR_SENT : P2P_DIR_RECV; break; case WTAP_ENCAP_BLUETOOTH_HCI: pinfo->p2p_dir = pinfo->pseudo_header->bthci.sent; break; case WTAP_ENCAP_LAPB: case WTAP_ENCAP_FRELAY_WITH_PHDR: pinfo->p2p_dir = (pinfo->pseudo_header->x25.flags & FROM_DCE) ? P2P_DIR_RECV : P2P_DIR_SENT; break; case WTAP_ENCAP_ISDN: case WTAP_ENCAP_V5_EF: case WTAP_ENCAP_DPNSS: case WTAP_ENCAP_BACNET_MS_TP_WITH_PHDR: pinfo->p2p_dir = pinfo->pseudo_header->isdn.uton ? P2P_DIR_SENT : P2P_DIR_RECV; break; case WTAP_ENCAP_LINUX_LAPD: pinfo->p2p_dir = (pinfo->pseudo_header->lapd.pkttype == 3 || pinfo->pseudo_header->lapd.pkttype == 4) ? P2P_DIR_SENT : P2P_DIR_RECV; break; case WTAP_ENCAP_MTP2_WITH_PHDR: pinfo->p2p_dir = pinfo->pseudo_header->mtp2.sent ? P2P_DIR_SENT : P2P_DIR_RECV; pinfo->link_number = pinfo->pseudo_header->mtp2.link_number; pinfo->annex_a_used = pinfo->pseudo_header->mtp2.annex_a_used; break; case WTAP_ENCAP_GSM_UM: pinfo->p2p_dir = pinfo->pseudo_header->gsm_um.uplink ? P2P_DIR_SENT : P2P_DIR_RECV; break; } } /* Portable Exception Handling to trap Wireshark specific exceptions like BoundsError exceptions */ TRY { if ((force_docsis_encap) && (docsis_handle)) { call_dissector(docsis_handle, tvb, pinfo, parent_tree); } else { if (!dissector_try_uint(wtap_encap_dissector_table, pinfo->fd->lnk_t, tvb, pinfo, parent_tree)) { call_dissector(data_handle,tvb, pinfo, parent_tree); } } } CATCH_BOUNDS_AND_DISSECTOR_ERRORS { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; /* Call postdissectors if we have any (while trying to avoid another * TRY/CATCH) */ if (have_postdissector()) { TRY { call_all_postdissectors(tvb, pinfo, parent_tree); } CATCH_BOUNDS_AND_DISSECTOR_ERRORS { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; } tap_queue_packet(frame_tap, pinfo, NULL); if (pinfo->frame_end_routines) { g_slist_foreach(pinfo->frame_end_routines, &call_frame_end_routine, NULL); g_slist_free(pinfo->frame_end_routines); pinfo->frame_end_routines = NULL; }}
开发者ID:zonquan,项目名称:dumphttp,代码行数:100,
示例26: dissect_frame//.........这里部分代码省略......... show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address"); break; case(STATUS_INTEGER_DIVIDE_BY_ZERO): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero"); break; case(STATUS_STACK_OVERFLOW): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)"); /* XXX - this will have probably corrupted the stack, which makes problems later in the exception code */ break; /* XXX - add other hardware exception codes as required */ default: show_exception(tvb, pinfo, parent_tree, DissectorError, g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode())); } }#endif } CATCH_BOUNDS_AND_DISSECTOR_ERRORS { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; if(proto_field_is_referenced(tree, hf_frame_protocols)) { wmem_strbuf_t *val = wmem_strbuf_sized_new(wmem_packet_scope(), 128, 0); wmem_list_frame_t *frame; /* skip the first entry, it's always the "frame" protocol */ frame = wmem_list_frame_next(wmem_list_head(pinfo->layers)); if (frame) { wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame)))); frame = wmem_list_frame_next(frame); } while (frame) { wmem_strbuf_append_c(val, ':'); wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame)))); frame = wmem_list_frame_next(frame); } proto_item_append_string(ti, wmem_strbuf_get_str(val)); } /* Call postdissectors if we have any (while trying to avoid another * TRY/CATCH) */ if (have_postdissector()) { TRY {#ifdef _MSC_VER /* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions like memory access violations */ /* (a running debugger will be called before the except part below) */ /* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling) stack in an inconsistent state thus causing a crash at some point in the handling of the exception. See: https://www.wireshark.org/lists/wireshark-dev/200704/msg00243.html */ __try {#endif call_all_postdissectors(tvb, pinfo, parent_tree);#ifdef _MSC_VER } __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) { switch(GetExceptionCode()) { case(STATUS_ACCESS_VIOLATION): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address"); break; case(STATUS_INTEGER_DIVIDE_BY_ZERO): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero"); break; case(STATUS_STACK_OVERFLOW): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)"); /* XXX - this will have probably corrupted the stack, which makes problems later in the exception code */ break; /* XXX - add other hardware exception codes as required */ default: show_exception(tvb, pinfo, parent_tree, DissectorError, g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode())); } }#endif } CATCH_BOUNDS_AND_DISSECTOR_ERRORS { show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE); } ENDTRY; } tap_queue_packet(frame_tap, pinfo, NULL); if (pinfo->frame_end_routines) { g_slist_foreach(pinfo->frame_end_routines, &call_frame_end_routine, NULL); g_slist_free(pinfo->frame_end_routines); pinfo->frame_end_routines = NULL; }}
开发者ID:daniel-scs,项目名称:wireshark-tcpcrypt,代码行数:101,
示例27: dissect_bat_batman_v5static int dissect_bat_batman_v5(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree){ proto_item *tf, *tgw; proto_tree *bat_batman_tree = NULL, *flag_tree; struct batman_packet_v5 *batman_packeth; const guint8 *old_orig_addr, *orig_addr; guint32 old_orig, orig; gint i; tvbuff_t *next_tvb; batman_packeth = wmem_new(wmem_packet_scope(), struct batman_packet_v5); batman_packeth->version = tvb_get_guint8(tvb, offset+0); batman_packeth->flags = tvb_get_guint8(tvb, offset+1); batman_packeth->ttl = tvb_get_guint8(tvb, offset+2); batman_packeth->gwflags = tvb_get_guint8(tvb, offset+3); batman_packeth->seqno = tvb_get_ntohs(tvb, offset+4); batman_packeth->gwport = tvb_get_ntohs(tvb, offset+6); orig_addr = tvb_get_ptr(tvb, offset+8, 4); orig = tvb_get_ipv4(tvb, offset+8); SET_ADDRESS(&batman_packeth->orig, AT_IPv4, 4, orig_addr); old_orig_addr = tvb_get_ptr(tvb, offset+12, 4); old_orig = tvb_get_ipv4(tvb, offset+12); SET_ADDRESS(&batman_packeth->old_orig, AT_IPv4, 4, old_orig_addr); batman_packeth->tq = tvb_get_guint8(tvb, offset+16); batman_packeth->hna_len = tvb_get_guint8(tvb, offset+17); /* Set info column */ col_add_fstr(pinfo->cinfo, COL_INFO, "Seq=%u", batman_packeth->seqno); /* Set tree info */ if (tree) { proto_item *ti; if (PTREE_DATA(tree)->visible) { ti = proto_tree_add_protocol_format(tree, proto_bat_plugin, tvb, offset, BATMAN_PACKET_V5_SIZE, "B.A.T.M.A.N., Orig: %s (%s)", get_hostname(orig), ip_to_str((const guint8 *)batman_packeth->orig.data)); } else { ti = proto_tree_add_item(tree, proto_bat_plugin, tvb, offset, BATMAN_PACKET_V5_SIZE, ENC_NA); } bat_batman_tree = proto_item_add_subtree(ti, ett_bat_batman); } /* items */ proto_tree_add_item(bat_batman_tree, hf_bat_batman_version, tvb, offset, 1, ENC_BIG_ENDIAN); offset += 1; tf = proto_tree_add_item(bat_batman_tree, hf_bat_batman_flags, tvb, offset, 1, ENC_BIG_ENDIAN); /* <flags> */ flag_tree = proto_item_add_subtree(tf, ett_bat_batman_flags); proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_unidirectional, tvb, offset, 1, batman_packeth->flags); proto_tree_add_boolean(flag_tree, hf_bat_batman_flags_directlink, tvb, offset, 1, batman_packeth->flags); /* </flags> */ offset += 1; proto_tree_add_item(bat_batman_tree, hf_bat_batman_ttl, tvb, offset, 1, ENC_BIG_ENDIAN); offset += 1; tgw = proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwflags, tvb, offset, 1, ENC_BIG_ENDIAN); dissect_bat_gwflags(tvb, batman_packeth->gwflags, offset, tgw); offset += 1; proto_tree_add_item(bat_batman_tree, hf_bat_batman_seqno, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; proto_tree_add_item(bat_batman_tree, hf_bat_batman_gwport, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_orig, tvb, offset, 4, orig); offset += 4; proto_tree_add_ipv4(bat_batman_tree, hf_bat_batman_old_orig, tvb, offset, 4, old_orig); offset += 4; proto_tree_add_item(bat_batman_tree, hf_bat_batman_tq, tvb, offset, 1, ENC_BIG_ENDIAN); offset += 1; proto_tree_add_item(bat_batman_tree, hf_bat_batman_hna_len, tvb, offset, 1, ENC_BIG_ENDIAN); offset += 1; tap_queue_packet(bat_tap, pinfo, batman_packeth); for (i = 0; i < batman_packeth->hna_len; i++) { next_tvb = tvb_new_subset(tvb, offset, 5, 5); if (have_tap_listener(bat_follow_tap)) { tap_queue_packet(bat_follow_tap, pinfo, next_tvb); } dissect_bat_hna(next_tvb, pinfo, bat_batman_tree); offset += 5; } return offset;}
开发者ID:nehaahir,项目名称:wireshark,代码行数:97,
注:本文中的tap_queue_packet函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。
C++ target函数代码示例
C++ tanh函数代码示例 |
