Ethereal-dev: Re: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Date: Thu, 30 Oct 2003 02:50:53 -0000
Hi Guy, > >> 2. Make ethereal read capture files made with hcidump -w. > > > > This should be the way to go, because live capturing is not always what > > you want. > > Yes, but that doesn't *exclude* support for libpcap-based live > capturing; a Wiretap module to read "hcidump -w" files would be useful, > but if that's added you might still want support for libpcap-based > capturing. here is my patch that adds a Wiretap module for reading files created with "hcidump -w". Regards Marcel
diff -urN ethereal/wiretap/AUTHORS ethereal-mh/wiretap/AUTHORS
--- ethereal/wiretap/AUTHORS Tue Aug 26 09:10:38 2003
+++ ethereal-mh/wiretap/AUTHORS Thu Oct 30 03:46:02 2003
@@ -18,5 +18,6 @@
Mark C. Brown <mbrown[AT]nosila.net>
Martin Warnes <martin.warnes[AT]ntlworld.com>
Thierry Martin <thierry.martin[AT]accellent-group.com>
-Jesper Peterson <jesper [AT] endace.com>
+Jesper Peterson <jesper[AT]endace.com>
+Marcel Holtmann <marcel[AT]holtmann.org>
diff -urN ethereal/wiretap/Makefile.am ethereal-mh/wiretap/Makefile.am
--- ethereal/wiretap/Makefile.am Tue Aug 26 09:10:38 2003
+++ ethereal-mh/wiretap/Makefile.am Thu Oct 30 03:38:06 2003
@@ -54,6 +54,8 @@
file_access.c \
file_wrappers.c \
file_wrappers.h \
+ hcidump.c \
+ hcidump.h \
i4btrace.c \
i4btrace.h \
i4b_trace.h \
diff -urN ethereal/wiretap/file_access.c ethereal-mh/wiretap/file_access.c
--- ethereal/wiretap/file_access.c Tue Oct 21 10:03:13 2003
+++ ethereal-mh/wiretap/file_access.c Thu Oct 30 03:38:25 2003
@@ -70,6 +70,7 @@
#include "cosine.h"
#include "5views.h"
#include "erf.h"
+#include "hcidump.h"
/* The open_file_* routines should return:
*
@@ -120,6 +121,7 @@
dbs_etherwatch_open,
cosine_open,
erf_open,
+ hcidump_open,
};
#define N_FILE_TYPES (sizeof open_routines / sizeof open_routines[0])
@@ -434,6 +436,10 @@
/* WTAP_FILE_ERF */
{ "Endace DAG capture", "erf",
+ NULL, NULL },
+
+ /* WTAP_FILE_HCIDUMP */
+ { "Bluetooth HCI dump", "hcidump",
NULL, NULL },
};
diff -urN ethereal/wiretap/hcidump.c ethereal-mh/wiretap/hcidump.c
--- ethereal/wiretap/hcidump.c Thu Jan 1 01:00:00 1970
+++ ethereal-mh/wiretap/hcidump.c Thu Oct 30 03:38:12 2003
@@ -0,0 +1,175 @@
+/* hcidump.c
+ *
+ * $Id: hcidump.c,v 1.24 2002/08/28 20:30:45 holtmann Exp $
+ *
+ * Copyright (c) 2003 by Marcel Holtmann <marcel@xxxxxxxxxxxx>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "wtap-int.h"
+#include "file_wrappers.h"
+#include "buffer.h"
+#include "hcidump.h"
+
+#include <endian.h>
+#include <byteswap.h>
+
+/* Byte order conversions */
+#if __BYTE_ORDER == __LITTLE_ENDIAN
+#define htobs(d) (d)
+#define htobl(d) (d)
+#define btohs(d) (d)
+#define btohl(d) (d)
+#elif __BYTE_ORDER == __BIG_ENDIAN
+#define htobs(d) bswap_16(d)
+#define htobl(d) bswap_32(d)
+#define btohs(d) bswap_16(d)
+#define btohl(d) bswap_32(d)
+#else
+#error "Unknown byte order"
+#endif
+
+struct dump_hdr {
+ guint16 len;
+ guint8 in;
+ guint8 pad;
+ guint32 ts_sec;
+ guint32 ts_usec;
+} __attribute__ ((packed));
+
+#define DUMP_HDR_SIZE (sizeof(struct dump_hdr))
+
+static gboolean hcidump_read(wtap *wth, int *err, long *data_offset)
+{
+ struct dump_hdr dh;
+ guint8 *buf;
+ int bytes_read, packet_size;
+
+ *data_offset = wth->data_offset;
+
+ bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->fh);
+ if (bytes_read != DUMP_HDR_SIZE) {
+ *err = file_error(wth->fh);
+ if (*err == 0 && bytes_read != 0)
+ *err = WTAP_ERR_SHORT_READ;
+ return FALSE;
+ }
+ wth->data_offset += DUMP_HDR_SIZE;
+
+ packet_size = btohs(dh.len);
+ if (packet_size > WTAP_MAX_PACKET_SIZE) {
+ /*
+ * Probably a corrupt capture file; don't blow up trying
+ * to allocate space for an immensely-large packet.
+ */
+ g_message("hcidump: File has %u-byte packet, bigger than maximum of %u",
+ packet_size, WTAP_MAX_PACKET_SIZE);
+ *err = WTAP_ERR_BAD_RECORD;
+ return FALSE;
+ }
+
+ buffer_assure_space(wth->frame_buffer, packet_size);
+ buf = buffer_start_ptr(wth->frame_buffer);
+
+ bytes_read = file_read(buf, 1, packet_size, wth->fh);
+ if (bytes_read != packet_size) {
+ *err = file_error(wth->fh);
+ if (*err == 0)
+ *err = WTAP_ERR_SHORT_READ;
+ return FALSE;
+ }
+ wth->data_offset += packet_size;
+
+ wth->phdr.ts.tv_sec = btohl(dh.ts_sec);
+ wth->phdr.ts.tv_usec = btohl(dh.ts_usec);
+ wth->phdr.caplen = packet_size;
+ wth->phdr.len = packet_size;
+ wth->phdr.pkt_encap = WTAP_ENCAP_BLUETOOTH_H4;
+
+ wth->pseudo_header.p2p.sent = (dh.in ? FALSE : TRUE);
+
+ return TRUE;
+}
+
+static gboolean hcidump_seek_read(wtap *wth, long seek_off, union wtap_pseudo_header *pseudo_header, guint8 *pd, int length, int *err)
+{
+ struct dump_hdr dh;
+ int bytes_read;
+
+ if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
+ return FALSE;
+
+ bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->random_fh);
+ if (bytes_read != DUMP_HDR_SIZE) {
+ *err = file_error(wth->random_fh);
+ if (*err == 0 && bytes_read != 0)
+ *err = WTAP_ERR_SHORT_READ;
+ return FALSE;
+ }
+
+ bytes_read = file_read(pd, 1, length, wth->random_fh);
+ if (bytes_read != length) {
+ *err = file_error(wth->random_fh);
+ if (*err == 0)
+ *err = WTAP_ERR_SHORT_READ;
+ return FALSE;
+ }
+
+ pseudo_header->p2p.sent = (dh.in ? FALSE : TRUE);
+
+ return TRUE;
+}
+
+int hcidump_open(wtap *wth, int *err)
+{
+ struct dump_hdr dh;
+ guint8 type;
+ int bytes_read;
+
+ bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->fh);
+ if (bytes_read != DUMP_HDR_SIZE) {
+ *err = file_error(wth->fh);
+ return (*err != 0) ? -1 : 0;
+ }
+
+ if (dh.in != 0 && dh.in != 1 && dh.pad != 0 && btohs(dh.len) < 1)
+ return 0;
+
+ bytes_read = file_read(&type, 1, 1, wth->fh);
+ if (bytes_read != 1) {
+ *err = file_error(wth->fh);
+ return (*err != 0) ? -1 : 0;
+ }
+
+ if (type < 1 || type > 4)
+ return 0;
+
+ if (file_seek(wth->fh, 0, SEEK_SET, err) == -1)
+ return -1;
+
+ wth->file_type = WTAP_FILE_HCIDUMP;
+ wth->file_encap = WTAP_ENCAP_BLUETOOTH_H4;
+ wth->snapshot_length = 0;
+
+ wth->subtype_read = hcidump_read;
+ wth->subtype_seek_read = hcidump_seek_read;
+
+ return 1;
+}
diff -urN ethereal/wiretap/hcidump.h ethereal-mh/wiretap/hcidump.h
--- ethereal/wiretap/hcidump.h Thu Jan 1 01:00:00 1970
+++ ethereal-mh/wiretap/hcidump.h Thu Oct 30 03:38:12 2003
@@ -0,0 +1,28 @@
+/* hcidump.h
+ *
+ * $Id: hcidump.h,v 1.3 2002/08/28 20:30:45 holtmann Exp $
+ *
+ * Copyright (c) 2003 by Marcel Holtmann <marcel@xxxxxxxxxxxx>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+#ifndef __HCIDUMP_H__
+#define __HCIDUMP_H__
+
+int hcidump_open(wtap *wth, int *err);
+
+#endif
diff -urN ethereal/wiretap/wtap.h ethereal-mh/wiretap/wtap.h
--- ethereal/wiretap/wtap.h Wed Oct 29 22:44:11 2003
+++ ethereal-mh/wiretap/wtap.h Thu Oct 30 03:38:19 2003
@@ -129,9 +129,10 @@
#define WTAP_ENCAP_ENC 37
#define WTAP_ENCAP_PFLOG 38
#define WTAP_ENCAP_CHDLC_WITH_PHDR 39
+#define WTAP_ENCAP_BLUETOOTH_H4 40
/* last WTAP_ENCAP_ value + 1 */
-#define WTAP_NUM_ENCAP_TYPES 40
+#define WTAP_NUM_ENCAP_TYPES 41
/* File types that can be read by wiretap.
We support writing some many of these file types, too, so we
@@ -172,9 +173,10 @@
#define WTAP_FILE_COSINE 33
#define WTAP_FILE_5VIEWS 34
#define WTAP_FILE_ERF 35
+#define WTAP_FILE_HCIDUMP 36
/* last WTAP_FILE_ value + 1 */
-#define WTAP_NUM_FILE_TYPES 36
+#define WTAP_NUM_FILE_TYPES 37
/*
* Maximum packet size we'll support.
@@ -350,7 +352,7 @@
struct cosine_phdr {
guint8 encap; /* COSINE_ENCAP_* as defined above */
guint8 direction; /* COSINE_DIR_*, as defined above */
- char if_name[COSINE_MAX_IF_NAME_LEN]; /* Encap & Logical I/F name */
+ char if_name[COSINE_MAX_IF_NAME_LEN]; /* Encap & Logical I/F name */
guint16 pro; /* Protocol */
guint16 off; /* Offset */
guint16 pri; /* Priority */
- Follow-Ups:
- Re: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
- From: Guy Harris
- Re: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
- From: Guy Harris
- Re: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
- References:
- [Ethereal-dev] bluetooth ethereal dissector
- From: Paul Ionescu
- [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
- From: Marcel Holtmann
- Re: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
- From: Guy Harris
- [Ethereal-dev] bluetooth ethereal dissector
- Prev by Date: Re: [Ethereal-dev] Setuid() patch to allow tethereal to run as nobody during capture.
- Next by Date: Re: [Ethereal-dev] new dissectors + corrected FC reassembly code
- Previous by thread: Re: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
- Next by thread: Re: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
- Index(es):
