Ethereal-dev: [ethereal-dev] RADIUS source code
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Feyaerts Johan <Johan.Feyaerts@xxxxxxxxxxxxxxx>
Date: Thu, 24 Jun 1999 17:23:28 +0200
Hi,
Here's the source code for the RADIUS decoders. (packet-radius.c and
packet-radius.h).
I started from the released 0.6.2 sources (unpatched). Hope somebody of you
can put it in the development tree.
I've done a modification to packet-udp.c so that is calls dissect_radius
whenever it sees one of the
standard radius ports in the source or destination ports of the udp packet.
A better approach would
probably be to match responses to requests (I don't know if all radius
servers use a standard port as the source port for their responses, taking
the minimum of source and destination port doesn't work in all cases so i
didn't put the call in the switch), but I don't know how to do this, guess
that's something for real ethereal guru's.
Some enhancements that could be made to the code in the future:
1) Provide a means to read and parse a dictionary file so that vendor
specific attributes can be decoded and visualized better.
2) Provide a means to enter shared secrets so that the password field could
be decoded.
3) check correctness of the authenticator
I don't know if anything special has to be done for filtering on radius.
Unfortunately I don' t have the time now to find this out myself.
A kind of a guideline how to implement new protocols in ethereal would be a
nice thing to have.
I've tested the stuff on SUSE linux with tricom total control radius server
and linux radiusd.
It would be great if somebody could do some tests with other equipment. I
can only generate a limited set of testcases.
In the makefile the packet-radius.c, packet-radius.o and packet-radius.h
have to be added.
Sources:
****************************************************************************
****************
packet-radius.c
****************************************************************************
****************
/* packet-radius.c
* Routines for RADIUS packet disassembly
*
* $Id: packet-radius.c,v 1.16 1999/05/12 05:56:42 gram Exp $
*
* Ethereal - Network traffic analyzer
* By Johan Feyaerts
* Copyright 1999 Johan Feyaerts
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#include <glib.h>
#include "packet.h"
#include "resolv.h"
#include "packet-radius.h"
static value_string radius_vals[] = {
{RADIUS_ACCESS_REQUEST, "Access Request"},
{RADIUS_ACCESS_ACCEPT, "Access Accept"},
{RADIUS_ACCESS_REJECT, "Access Reject"},
{RADIUS_ACCOUNTING_REQUEST, "Accounting Request"},
{RADIUS_ACCOUNTING_RESPONSE, "Accounting Response"},
{RADIUS_ACCESS_CHALLENGE, "Accounting challenge"},
{RADIUS_STATUS_SERVER, "StatusServer"},
{RADIUS_STATUS_CLIENT, "StatusClient"},
{RADIUS_RESERVED, "Reserved"},
{0, NULL}};
static value_string radius_service_type_vals[]=
{{1, "Login"},
{2, "Framed"},
{3, "Callback Login"},
{4, "Callback Framed"},
{5, "Outbound"},
{6, "Administrative"},
{7, "NAS Prompt"},
{8, "Authenticate Only"},
{9, "Callback NAS Prompt"},
{10, "Call Check"},
{0,NULL}};
static value_string radius_framed_protocol_vals[]=
{{1, "PPP"},
{2, "SLIP"},
{3, "Appletalk Remote Access Protocol (ARAP)"},
{4, "Gandalf proprietary Singlelink/Multilink Protocol"},
{5, "Xylogics proprietary IPX/SLIP"},
{6, "X.75 Synchronous"},
{0,NULL}};
static value_string radius_framed_routing_vals[]=
{{1, "Send Routing Packets"},
{2, "Listen for routing packets"},
{3, "Send and Listen"},
{0,"None"},
{0,NULL}};
static value_string radius_framed_compression_vals[]=
{{1, "VJ TCP/IP Header Compression"},
{2, "IPX Header Compression"},
{3, "Stac-LZS compression"},
{0, "None"},
{0,NULL}};
static value_string radius_login_service_vals[]=
{{1, "Rlogin"},
{2, "TCP Clear"},
{3, "Portmaster"},
{4, "LAT"},
{5, "X.25-PAD"},
{6, "X.25T3POS"},
{8, "TCP Clear Quit"},
{0, "Telnet"},
{0,NULL}};
static value_string radius_terminating_action_vals[]=
{{1, "RADIUS-Request"},
{0, "Default"},
{0,NULL}};
static value_string radius_accounting_status_type_vals[]=
{{1, "Start"},
{2, "Stop"},
{7,"Accounting-On"},
{8,"Accounting-Off"},
{0,NULL}};
static value_string radius_accounting_authentication_vals[]=
{{1, "Radius"},
{2, "Local"},
{7,"Remote"},
{0,NULL}};
static value_string radius_acct_terminate_cause_vals[]=
{{1, "User Request"},
{2, "Lost Carrier"},
{3,"Lost Service"},
{4, "Idle Timeout"},
{5,"Session Timeout"},
{6, "Admin Reset"},
{7, "Admin Reboot"},
{8, "Port Error"},
{9, "NAS Error"},
{10, "NAS Request"},
{11,"NAS Reboot"},
{12, "Port Unneeded"},
{13, "Port Preempted"},
{14,"Port Suspended"},
{15,"Service Unavailable"},
{16,"Callback"},
{17, "User Error"},
{18,"Host Request"},
{0,NULL}};
static value_string radius_nas_port_type_vals[]=
{{0, "Async"},
{1, "Sync"},
{2,"ISDN Sync"},
{3, "ISDN Async V.120"},
{4,"ISDN Async V.110"},
{5, "Virtual"},
{6, "PIAFS"},
{7, "HDLC Clear Channel"},
{8, "X.25"},
{9,"X.75"},
{10, "G.3 Fax"},
{11,"SDSL"},
{12, "ADSL-CAP"},
{13, "ADSL-DMT"},
{14,"IDSL - ISDN"},
{0,NULL}};
static value_value_pair radius_printinfo[] = {
{ RD_TP_USER_NAME, RADIUS_STRING },
{ RD_TP_USER_PASSWORD,RADIUS_BINSTRING },
{ RD_TP_CHAP_PASSWORD, RADIUS_BINSTRING },
{ RD_TP_NAS_IP_ADDRESS, RADIUS_IP_ADDRESS },
{ RD_TP_NAS_PORT, RADIUS_INTEGER4},
{ RD_TP_SERVICE_TYPE, RADIUS_SERVICE_TYPE},
{ RD_TP_FRAMED_PROTOCOL, RADIUS_FRAMED_PROTOCOL},
{ RD_TP_FRAMED_IP_ADDRESS, RADIUS_IP_ADDRESS},
{ RD_TP_FRAMED_IP_NETMASK, RADIUS_IP_ADDRESS},
{ RD_TP_FRAMED_ROUTING, RADIUS_FRAMED_ROUTING},
{ RD_TP_FILTER_ID, RADIUS_STRING},
{ RD_TP_FRAMED_MTU, RADIUS_INTEGER4},
{ RD_TP_FRAMED_COMPRESSION, RADIUS_FRAMED_COMPRESSION},
{ RD_TP_LOGIN_IP_HOST, RADIUS_IP_ADDRESS},
{ RD_TP_LOGIN_SERVICE, RADIUS_LOGIN_SERVICE},
{ RD_TP_LOGIN_TCP_PORT, RADIUS_INTEGER4},
{ RD_TP_UNASSIGNED, RADIUS_UNKNOWN},
{ RD_TP_REPLY_MESSAGE, RADIUS_STRING},
{ RD_TP_CALLBACK_NUMBER, RADIUS_BINSTRING},
{ RD_TP_CALLBACK_ID, RADIUS_BINSTRING},
{ RD_TP_UNASSIGNED2, RADIUS_UNKNOWN},
{ RD_TP_FRAMED_ROUTE, RADIUS_STRING},
{ RD_TP_FRAMED_IPX_NETWORK, RADIUS_IPX_ADDRESS},
{ RD_TP_STATE, RADIUS_BINSTRING},
{ RD_TP_CLASS, RADIUS_BINSTRING},
{ RD_TP_VENDOR_SPECIFIC, RADIUS_BINSTRING},
{ RD_TP_SESSION_TIMEOUT, RADIUS_INTEGER4},
{ RD_TP_IDLE_TIMEOUT, RADIUS_INTEGER4},
{ RD_TP_TERMINATING_ACTION, RADIUS_TERMINATING_ACTION},
{ RD_TP_CALLED_STATION_ID, RADIUS_BINSTRING},
{ RD_TP_CALLING_STATION_ID, RADIUS_BINSTRING},
{ RD_TP_NAS_IDENTIFIER, RADIUS_BINSTRING},
{ RD_TP_PROXY_STATE, RADIUS_BINSTRING},
{ RD_TP_LOGIN_LAT_SERVICE, RADIUS_BINSTRING},
{ RD_TP_LOGIN_LAT_NODE, RADIUS_BINSTRING},
{ RD_TP_LOGIN_LAT_GROUP, RADIUS_BINSTRING},
{ RD_TP_FRAMED_APPLETALK_LINK, RADIUS_INTEGER4},
{ RD_TP_FRAMED_APPLETALK_NETWORK, RADIUS_INTEGER4},
{ RD_TP_FRAMED_APPLETALK_ZONE, RADIUS_BINSTRING},
{ RD_TP_ACCT_STATUS_TYPE, RADIUS_ACCOUNTING_STATUS_TYPE},
{ RD_TP_ACCT_DELAY_TIME, RADIUS_INTEGER4},
{ RD_TP_ACCT_INPUT_OCTETS, RADIUS_INTEGER4},
{ RD_TP_ACCT_OUTPUT_OCTETS, RADIUS_INTEGER4},
{ RD_TP_ACCT_SESSION_ID, RADIUS_STRING},
{ RD_TP_ACCT_AUTHENTIC, RADIUS_ACCT_AUTHENTIC},
{ RD_TP_ACCT_SESSION_TIME, RADIUS_INTEGER4},
{ RD_TP_ACCT_INPUT_PACKETS, RADIUS_INTEGER4},
{ RD_TP_ACCT_OUTPUT_PACKETS, RADIUS_INTEGER4},
{ RD_TP_ACCT_TERMINATE_CAUSE, RADIUS_ACCT_TERMINATE_CAUSE},
{ RD_TP_ACCT_MULTI_SESSION_ID, RADIUS_STRING},
{ RD_TP_ACCT_LINK_COUNT, RADIUS_INTEGER4},
{ RD_TP_CHAP_CHALLENGE, RADIUS_BINSTRING},
{ RD_TP_NAS_PORT_TYPE, RADIUS_NAS_PORT_TYPE},
{ RD_TP_PORT_LIMIT, RADIUS_INTEGER4},
{ RD_TP_LOGIN_LAT_PORT, RADIUS_BINSTRING},
{0,0},
};
static value_string radius_attrib_type_vals[] = {
{ RD_TP_USER_NAME, "User Name"},
{ RD_TP_USER_PASSWORD, "User Password"},
{ RD_TP_CHAP_PASSWORD, "Chap Password"},
{ RD_TP_NAS_IP_ADDRESS, "NAS IP Address"},
{ RD_TP_NAS_PORT, "NAS Port"},
{ RD_TP_SERVICE_TYPE, "Service Type"},
{ RD_TP_FRAMED_PROTOCOL, "Framed Protocol"},
{ RD_TP_FRAMED_IP_ADDRESS, "Framed IP Address"},
{ RD_TP_FRAMED_IP_NETMASK, "Framed IP Netmask"},
{ RD_TP_FRAMED_ROUTING, "Framed Routing"},
{ RD_TP_FILTER_ID, "Filter Id"},
{ RD_TP_FRAMED_MTU, "Framed MTU"},
{ RD_TP_FRAMED_COMPRESSION, "Framed Compression"},
{ RD_TP_LOGIN_IP_HOST, "Login IP Host"},
{ RD_TP_LOGIN_SERVICE, "Login Service"},
{ RD_TP_LOGIN_TCP_PORT, "Login TCP Port"},
{ RD_TP_UNASSIGNED, "Unassigned"},
{ RD_TP_REPLY_MESSAGE, "Reply Message"},
{ RD_TP_CALLBACK_NUMBER, "Callback Number"},
{ RD_TP_CALLBACK_ID, "Callback Id"},
{ RD_TP_UNASSIGNED2, "Unassigned"},
{ RD_TP_FRAMED_ROUTE, "Framed Route"},
{ RD_TP_FRAMED_IPX_NETWORK, "Framed IPX network"},
{ RD_TP_STATE, "State"},
{ RD_TP_CLASS, "Class"},
{ RD_TP_VENDOR_SPECIFIC, "Vendor Specific" },
{ RD_TP_SESSION_TIMEOUT, "Session Timeout"},
{ RD_TP_IDLE_TIMEOUT, "Idle Timeout"},
{ RD_TP_TERMINATING_ACTION, "Terminating Action"},
{ RD_TP_CALLED_STATION_ID, "Called Station Id"},
{ RD_TP_CALLING_STATION_ID, "Calling Station Id"},
{ RD_TP_NAS_IDENTIFIER, "NAS identifier"},
{ RD_TP_PROXY_STATE, "Proxy State"},
{ RD_TP_LOGIN_LAT_SERVICE, "Login LAT Service"},
{ RD_TP_LOGIN_LAT_NODE, "Login LAT Node"},
{ RD_TP_LOGIN_LAT_GROUP, "Login LAT Group"},
{ RD_TP_FRAMED_APPLETALK_LINK, "Framed Appletalk Link"},
{ RD_TP_FRAMED_APPLETALK_NETWORK, "Framed Appletalk Network"},
{ RD_TP_FRAMED_APPLETALK_ZONE, "Framed Appletalk Zone"},
{ RD_TP_ACCT_STATUS_TYPE, "Acct Status Type"},
{ RD_TP_ACCT_DELAY_TIME, "Acct Delay Time"},
{ RD_TP_ACCT_INPUT_OCTETS, "Acct Input Octets"},
{ RD_TP_ACCT_OUTPUT_OCTETS, "Acct Output Octets"},
{ RD_TP_ACCT_SESSION_ID, "Acct Session Id"},
{ RD_TP_ACCT_AUTHENTIC, "Acct Authentic"},
{ RD_TP_ACCT_SESSION_TIME, "Acct Session Time"},
{ RD_TP_ACCT_INPUT_PACKETS, "Acct Input Packets"},
{ RD_TP_ACCT_OUTPUT_PACKETS, "Acct Output Packets"},
{ RD_TP_ACCT_TERMINATE_CAUSE, "Acct Terminate Cause"},
{ RD_TP_ACCT_MULTI_SESSION_ID, "Acct Multi Session Id"},
{ RD_TP_ACCT_LINK_COUNT, "Acct Link Count"},
{ RD_TP_CHAP_CHALLENGE, "Chap Challenge"},
{ RD_TP_NAS_PORT_TYPE, "NAS Port Type"},
{ RD_TP_PORT_LIMIT, "Port Limit"},
{ RD_TP_LOGIN_LAT_PORT, "Login LAT Port"},
{0,NULL},
};
guint32 match_numval(guint32 val, const value_value_pair *vs)
{
guint32 i = 0;
while (vs[i].val1) {
if (vs[i].val1 == val)
return(vs[i].val2);
i++;
}
return(0);
}
static gchar textbuffer[2000];
gchar *rdconvertbufftostr(guint8 length,const guint8 *pd)
{
/*converts the raw buffer into printable text */
guint32 i;
guint32 totlen=0;
textbuffer[0]='"';
textbuffer[1]=0;
totlen=1;
for (i=0; i < (guint32)length; i++)
{
if( isalnum((int)pd[i])||ispunct((int)pd[i])
||((int)pd[i]==' ')) {
textbuffer[totlen]=(gchar)pd[i];
totlen++;
}
else
{
sprintf(&(textbuffer[totlen]), "\\%03u", pd[i]);
totlen=totlen+strlen(&(textbuffer[totlen]));
}
}
textbuffer[totlen]='"';
textbuffer[totlen+1]=0;
return textbuffer;
}
gchar *rd_value_to_str(e_avphdr *avph,const u_char *pd, int offset)
{
int print_type;
gchar *result;
guint32 intval;
value_string *valstrarr;
/* prints the values of the attribute value pairs into a text buffer */
print_type=match_numval(avph->avp_type,radius_printinfo);
intval=pntohl(&(pd[offset+2]));
switch(print_type)
{
case( RADIUS_STRING ):
case( RADIUS_BINSTRING ):
result=rdconvertbufftostr(avph->avp_length-2,&(pd[offset+2]));
break;
case( RADIUS_INTEGER4 ):
sprintf(textbuffer,"%u", intval);
result=textbuffer;
break;
case( RADIUS_IP_ADDRESS ):
sprintf(textbuffer,"%u.%u.%u.%u",(guint8)pd[offset+2],
(guint8)pd[offset+3],(guint8)pd[offset+4],
(guint8)pd[offset+5]);
result=textbuffer;
break;
case( RADIUS_SERVICE_TYPE ):
valstrarr=radius_service_type_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_FRAMED_PROTOCOL ):
valstrarr= radius_framed_protocol_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_FRAMED_ROUTING ):
valstrarr=radius_framed_routing_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_FRAMED_COMPRESSION ):
valstrarr=radius_framed_compression_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_LOGIN_SERVICE ):
valstrarr=radius_login_service_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_IPX_ADDRESS ):
sprintf(textbuffer,"%u:%u:%u:%u",(guint8)pd[offset+2],
(guint8)pd[offset+3],(guint8)pd[offset+4],
(guint8)pd[offset+5]);
result=textbuffer;
case( RADIUS_TERMINATING_ACTION ):
valstrarr=radius_terminating_action_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_ACCOUNTING_STATUS_TYPE ):
valstrarr=radius_accounting_status_type_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_ACCT_AUTHENTIC ):
valstrarr=radius_accounting_authentication_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_ACCT_TERMINATE_CAUSE ):
valstrarr=radius_acct_terminate_cause_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_NAS_PORT_TYPE ):
valstrarr=radius_nas_port_type_vals;
result=match_strval(intval,valstrarr);
break;
case( RADIUS_UNKNOWN ):
default:
result="Unknown Value Type";
break;
}
if (result == NULL) result="Unknown Value";
return result;
}
void dissect_attribute_value_pairs(const u_char *pd, int offset, frame_data
*fd, proto_tree *tree, int avplength)
{
/* adds the attribute value pairs to the tree */
e_avphdr avph;
gchar *avptpstrval;
gchar *valstr;
if (avplength==0)
{
proto_tree_add_item(tree,offset,0,"No Attribute Value Pairs Found");
return;
}
while (avplength > 0 )
{
memcpy(&avph,&pd[offset],sizeof(e_avphdr));
avplength=avplength-avph.avp_length;
avptpstrval=match_strval(avph.avp_type, radius_attrib_type_vals);
if (avptpstrval == NULL) avptpstrval="Unknown Type";
valstr=rd_value_to_str(&avph, pd, offset);
proto_tree_add_item(tree,offset,avph.avp_length,
"t:%s(%d) l:%d, value:%s",
avptpstrval,avph.avp_type,avph.avp_length,valstr);
offset=offset+avph.avp_length;
}
}
void dissect_radius(const u_char *pd, int offset, frame_data *fd, proto_tree
*tree)
{
proto_tree *radius_tree,*avptree;
proto_item *ti,*avptf;
int rhlength;
int rhcode;
int rhident;
int avplength,hdrlength, offsetavp;
e_radiushdr rh;
gchar *codestrval;
memcpy(&rh,&pd[offset],sizeof(e_radiushdr));
rhcode= (int)rh.rh_code;
rhident= (int)rh.rh_ident;
rhlength= (int)ntohs(rh.rh_pktlength);
codestrval= match_strval(rhcode,radius_vals);
if (check_col(fd, COL_PROTOCOL))
col_add_str(fd, COL_PROTOCOL, "RADIUS");
if (check_col(fd, COL_INFO) && codestrval !=NULL)
{
col_add_fstr(fd,COL_INFO,codestrval);
}
if (tree)
{
ti = proto_tree_add_item(tree, offset, rhlength, "RADIUS");
radius_tree = proto_tree_new();
proto_item_add_subtree(ti, radius_tree, ETT_RADIUS);
proto_tree_add_item(radius_tree, offset, 1,
"Packet code:0x%01x (%s)",rhcode, codestrval);
proto_tree_add_item(radius_tree, offset+1, 1,
"Packet identifier: 0x%01x (%d)", rhident, rhident);
proto_tree_add_item(radius_tree, offset+2, 2,
"Packet length: 0x%02x (%d)", rhlength,rhlength);
proto_tree_add_item(radius_tree, offset+4, AUTHENTICATOR_LENGTH,
"Authenticator");
hdrlength=RD_HDR_LENGTH+AUTHENTICATOR_LENGTH;
avplength= rhlength - hdrlength;
offsetavp=offset+hdrlength;
/* list the attribute value pairs */
avptf = proto_tree_add_item(radius_tree,
offset+hdrlength,avplength,
"Attribute value pairs");
avptree = proto_tree_new();
proto_item_add_subtree(avptf,avptree,ETT_RADIUS_AVP);
if (avptree !=NULL)
{
dissect_attribute_value_pairs( pd,
offsetavp,fd,avptree,avplength);
}
}
}
****************************************************************************
**************
end of packet-radius.c
start of packet-radius.h
****************************************************************************
**************
/* packet-radius.h
* Routines for RADIUS packet disassembly
*
* $Id: packet-radius.h,v 1.16 1999/05/12 05:56:42 gram Exp $
*
* Ethereal - Network traffic analyzer
* By Johan Feyaerts
* Copyright 1999 Johan Feyaerts
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA.
*/
#ifndef PACKET_RADIUS_H
#define PACKET_RADIUS_H
typedef struct _e_radiushdr {
guint8 rh_code;
guint8 rh_ident;
guint16 rh_pktlength;
} e_radiushdr;
typedef struct _e_avphdr {
guint8 avp_type;
guint8 avp_length;
} e_avphdr;
typedef struct _value_value_pair {
guint16 val1;
guint16 val2;
} value_value_pair;
#define RADIUS_ACCESS_REQUEST 1
#define RADIUS_ACCESS_ACCEPT 2
#define RADIUS_ACCESS_REJECT 3
#define RADIUS_ACCOUNTING_REQUEST 4
#define RADIUS_ACCOUNTING_RESPONSE 5
#define RADIUS_ACCESS_CHALLENGE 11
#define RADIUS_STATUS_SERVER 12
#define RADIUS_STATUS_CLIENT 13
#define RADIUS_RESERVED 255
#define RD_TP_USER_NAME 1
#define RD_TP_USER_PASSWORD 2
#define RD_TP_CHAP_PASSWORD 3
#define RD_TP_NAS_IP_ADDRESS 4
#define RD_TP_NAS_PORT 5
#define RD_TP_SERVICE_TYPE 6
#define RD_TP_FRAMED_PROTOCOL 7
#define RD_TP_FRAMED_IP_ADDRESS 8
#define RD_TP_FRAMED_IP_NETMASK 9
#define RD_TP_FRAMED_ROUTING 10
#define RD_TP_FILTER_ID 11
#define RD_TP_FRAMED_MTU 12
#define RD_TP_FRAMED_COMPRESSION 13
#define RD_TP_LOGIN_IP_HOST 14
#define RD_TP_LOGIN_SERVICE 15
#define RD_TP_LOGIN_TCP_PORT 16
#define RD_TP_UNASSIGNED 17
#define RD_TP_REPLY_MESSAGE 18
#define RD_TP_CALLBACK_NUMBER 19
#define RD_TP_CALLBACK_ID 20
#define RD_TP_UNASSIGNED2 21
#define RD_TP_FRAMED_ROUTE 22
#define RD_TP_FRAMED_IPX_NETWORK 23
#define RD_TP_STATE 24
#define RD_TP_CLASS 25
#define RD_TP_VENDOR_SPECIFIC 26
#define RD_TP_SESSION_TIMEOUT 27
#define RD_TP_IDLE_TIMEOUT 28
#define RD_TP_TERMINATING_ACTION 29
#define RD_TP_CALLED_STATION_ID 30
#define RD_TP_CALLING_STATION_ID 31
#define RD_TP_NAS_IDENTIFIER 32
#define RD_TP_PROXY_STATE 33
#define RD_TP_LOGIN_LAT_SERVICE 34
#define RD_TP_LOGIN_LAT_NODE 35
#define RD_TP_LOGIN_LAT_GROUP 36
#define RD_TP_FRAMED_APPLETALK_LINK 37
#define RD_TP_FRAMED_APPLETALK_NETWORK 38
#define RD_TP_FRAMED_APPLETALK_ZONE 39
#define RD_TP_ACCT_STATUS_TYPE 40
#define RD_TP_ACCT_DELAY_TIME 41
#define RD_TP_ACCT_INPUT_OCTETS 42
#define RD_TP_ACCT_OUTPUT_OCTETS 43
#define RD_TP_ACCT_SESSION_ID 44
#define RD_TP_ACCT_AUTHENTIC 45
#define RD_TP_ACCT_SESSION_TIME 46
#define RD_TP_ACCT_INPUT_PACKETS 47
#define RD_TP_ACCT_OUTPUT_PACKETS 48
#define RD_TP_ACCT_TERMINATE_CAUSE 49
#define RD_TP_ACCT_MULTI_SESSION_ID 50
#define RD_TP_ACCT_LINK_COUNT 51
#define RD_TP_CHAP_CHALLENGE 60
#define RD_TP_NAS_PORT_TYPE 61
#define RD_TP_PORT_LIMIT 62
#define RD_TP_LOGIN_LAT_PORT 63
#define AUTHENTICATOR_LENGTH 16
#define RD_HDR_LENGTH 4
#define RADIUS_STRING 1
#define RADIUS_BINSTRING 2
#define RADIUS_INTEGER4 3
#define RADIUS_IP_ADDRESS 4
#define RADIUS_SERVICE_TYPE 5
#define RADIUS_FRAMED_PROTOCOL 6
#define RADIUS_FRAMED_ROUTING 7
#define RADIUS_FRAMED_COMPRESSION 8
#define RADIUS_LOGIN_SERVICE 9
#define RADIUS_UNKNOWN 10
#define RADIUS_IPX_ADDRESS 11
#define RADIUS_TERMINATING_ACTION 12
#define RADIUS_ACCOUNTING_STATUS_TYPE 13
#define RADIUS_ACCT_AUTHENTIC 14
#define RADIUS_ACCT_TERMINATE_CAUSE 15
#define RADIUS_NAS_PORT_TYPE 16
#endif
****************************************************************************
*************************************
end of packet-radius.h
begin of packet-udp.c
****************************************************************************
*************************************
/* packet-udp.c
* Routines for UDP packet disassembly
*
* $Id: packet-udp.c,v 1.16 1999/05/12 05:56:42 gram Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@xxxxxxxx>
* Copyright 1998 Gerald Combs
*
* Richard Sharpe, 13-Feb-1999, added dispatch table support and
* support for tftp.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA.
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <glib.h>
#include "packet.h"
#include "resolv.h"
extern packet_info pi;
/* UDP structs and definitions */
typedef struct _e_udphdr {
guint16 uh_sport;
guint16 uh_dport;
guint16 uh_ulen;
guint16 uh_sum;
} e_udphdr;
/* UDP Ports -> should go in packet-udp.h */
#define UDP_PORT_DNS 53
#define UDP_PORT_BOOTPS 67
#define UDP_PORT_TFTP 69
#define UDP_PORT_IPX 213
#define UDP_PORT_NBNS 137
#define UDP_PORT_NBDGM 138
#define UDP_PORT_SNMP 161
#define UDP_PORT_RIP 520
#define UDP_PORT_VINES 573
#define UDP_PORT_RADIUS 1645
#define UDP_PORT_RADIUS_NEW 1812
#define UDP_PORT_RADACCT 1646
#define UDP_PORT_RADACCT_NEW 1813
struct hash_struct {
guint16 proto;
void (*dissect)(const u_char *, int, frame_data *, proto_tree *);
struct hash_struct *next;
};
struct hash_struct *hash_table[256];
/*
* These routines are for UDP, will be generalized soon: RJS
*
* XXX - note that they should probably check the IP address as well as
* the port number, so that we don't mistakenly identify packets as, say,
* TFTP, merely because they have a source or destination port number
* equal to the port being used by a TFTP daemon on some machine other
* than the one they're going to or from.
*/
struct hash_struct *udp_find_hash_ent(guint16 proto) {
int idx = proto % 256;
struct hash_struct *hash_ent = hash_table[idx];
while (hash_ent != NULL) {
if (hash_ent -> proto == proto)
return hash_ent;
hash_ent = hash_ent -> next;
}
return NULL;
}
void udp_hash_add(guint16 proto,
void (*dissect)(const u_char *, int, frame_data *, proto_tree *)) {
int idx = proto % 256; /* Simply take the remainder, hope for no
collisions */
struct hash_struct *hash_ent = (struct hash_struct *)malloc(sizeof(struct
hash_struct));
struct hash_struct *hash_ent2;
hash_ent -> proto = proto;
hash_ent -> dissect = dissect;
hash_ent -> next = NULL;
if (hash_ent == NULL) {
fprintf(stderr, "Could not allocate space for hash structure in
dissect_udp\n");
exit(1);
}
if (hash_table[idx]) { /* Something, add on end */
hash_ent2 = hash_table[idx];
while (hash_ent2 -> next != NULL)
hash_ent2 = hash_ent2 -> next;
hash_ent2 -> next = hash_ent; /* Bad in pathalogical cases */
}
else {
hash_table[idx] = hash_ent;
}
}
void init_dissect_udp(void) {
int i;
for (i = 0; i < 256; i++) {
hash_table[i] = NULL;
}
/* Now add the protocols we know about */
udp_hash_add(UDP_PORT_BOOTPS, dissect_bootp);
udp_hash_add(UDP_PORT_TFTP, dissect_tftp);
}
void
dissect_udp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
{
e_udphdr uh;
guint16 uh_sport, uh_dport, uh_ulen, uh_sum;
struct hash_struct *dissect_routine = NULL;
proto_tree *udp_tree;
proto_item *ti;
guint payload;
/* To do: Check for {cap len,pkt len} < struct len */
/* Avoids alignment problems on many architectures. */
memcpy(&uh, &pd[offset], sizeof(e_udphdr));
uh_sport = ntohs(uh.uh_sport);
uh_dport = ntohs(uh.uh_dport);
uh_ulen = ntohs(uh.uh_ulen);
uh_sum = ntohs(uh.uh_sum);
payload = pi.payload - sizeof(e_udphdr);
if (check_col(fd, COL_PROTOCOL))
col_add_str(fd, COL_PROTOCOL, "UDP");
if (check_col(fd, COL_INFO))
col_add_fstr(fd, COL_INFO, "Source port: %s Destination port: %s",
get_udp_port(uh_sport), get_udp_port(uh_dport));
if (check_col(fd, COL_RES_SRC_PORT))
col_add_str(fd, COL_RES_SRC_PORT, get_udp_port(uh_sport));
if (check_col(fd, COL_UNRES_SRC_PORT))
col_add_fstr(fd, COL_UNRES_SRC_PORT, "%u", uh_sport);
if (check_col(fd, COL_RES_DST_PORT))
col_add_str(fd, COL_RES_DST_PORT, get_udp_port(uh_dport));
if (check_col(fd, COL_UNRES_DST_PORT))
col_add_fstr(fd, COL_UNRES_DST_PORT, "%u", uh_dport);
if (tree) {
ti = proto_tree_add_item(tree, offset, 8, "User Datagram Protocol");
udp_tree = proto_tree_new();
proto_item_add_subtree(ti, udp_tree, ETT_UDP);
proto_tree_add_item(udp_tree, offset, 2, "Source port: %s (%u)",
get_udp_port(uh_sport), uh_sport);
proto_tree_add_item(udp_tree, offset + 2, 2, "Destination port: %s
(%u)",
get_udp_port(uh_dport), uh_dport);
proto_tree_add_item(udp_tree, offset + 4, 2, "Length: %u", uh_ulen);
proto_tree_add_item(udp_tree, offset + 6, 2, "Checksum: 0x%04x",
uh_sum);
}
/* Skip over header */
offset += 8;
/* To do: make sure we aren't screwing ourselves with the MIN call. */
switch (MIN(uh_sport, uh_dport)) {
case UDP_PORT_BOOTPS:
dissect_bootp(pd, offset, fd, tree);
break;
case UDP_PORT_DNS:
dissect_dns(pd, offset, fd, tree);
break;
case UDP_PORT_RIP:
/* we should check the source port too (RIP: UDP src and dst port 520)
*/
dissect_rip(pd, offset, fd, tree);
break;
case UDP_PORT_NBNS:
dissect_nbns(pd, offset, fd, tree);
break;
case UDP_PORT_NBDGM:
dissect_nbdgm(pd, offset, fd, tree, payload);
break;
case UDP_PORT_IPX: /* RFC 1234 */
dissect_ipx(pd, offset, fd, tree);
break;
#if defined(HAVE_UCD_SNMP_SNMP_H) || defined(HAVE_SNMP_SNMP_H)
case UDP_PORT_SNMP:
dissect_snmp(pd, offset, fd, tree);
break;
#endif
case UDP_PORT_VINES:
/* FIXME: AFAIK, src and dst port must be the same */
dissect_vines_frp(pd, offset, fd, tree);
break;
case UDP_PORT_TFTP:
/* This is the first point of call, but it adds a dynamic call */
udp_hash_add(MAX(uh_sport, uh_dport), dissect_tftp); /* Add to table
*/
dissect_tftp(pd, offset, fd, tree);
break;
default:
if ((UDP_PORT_RADIUS==uh_sport)|| (uh_dport==UDP_PORT_RADIUS)||
(UDP_PORT_RADACCT==uh_sport)||(uh_dport==UDP_PORT_RADACCT)||
(UDP_PORT_RADIUS_NEW==uh_sport)||(uh_dport==UDP_PORT_RADIUS_NEW)||
(UDP_PORT_RADACCT_NEW==uh_sport)||(uh_dport==UDP_PORT_RADACCT_NEW))
{
dissect_radius(pd,offset,fd,tree);
return;
}
/* OK, find a routine in the table, else use the default */
if ((dissect_routine = udp_find_hash_ent(uh_sport))) {
struct hash_struct *dr2 = udp_find_hash_ent(uh_dport);
if (dr2 == NULL) { /* Not in the table, add */
udp_hash_add(uh_dport, dissect_tftp);
}
dissect_routine -> dissect(pd, offset, fd, tree);
}
else if ((dissect_routine = udp_find_hash_ent(uh_dport))) {
dissect_routine -> dissect(pd, offset, fd, tree);
}
else {
dissect_data(pd, offset, fd, tree);
}
}
}
****************************************************************************
*******************
end of packet-udp.c
begin of packet.h
****************************************************************************
*******************
/* packet.h
* Definitions for packet disassembly structures and routines
*
* $Id: packet.h,v 1.56 1999/05/13 16:42:43 gram Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@xxxxxxxx>
* Copyright 1998 Gerald Combs
*
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA.
*/
#ifndef __PACKET_H__
#define __PACKET_H__
/* Pointer versions of ntohs and ntohl. Given a pointer to a member of a
* byte array, returns the value of the two or four bytes at the pointer.
* The pletoh[sl] versions return the little-endian representation.
*/
#define pntohs(p) ((guint16) \
((guint16)*((guint8 *)p+0)<<8| \
(guint16)*((guint8 *)p+1)<<0))
#define pntohl(p) ((guint32)*((guint8 *)p+0)<<24| \
(guint32)*((guint8 *)p+1)<<16| \
(guint32)*((guint8 *)p+2)<<8| \
(guint32)*((guint8 *)p+3)<<0)
#define pletohs(p) ((guint16) \
((guint16)*((guint8 *)p+1)<<8| \
(guint16)*((guint8 *)p+0)<<0))
#define pletohl(p) ((guint32)*((guint8 *)p+3)<<24| \
(guint32)*((guint8 *)p+2)<<16| \
(guint32)*((guint8 *)p+1)<<8| \
(guint32)*((guint8 *)p+0)<<0)
#define hi_nibble(b) ((b & 0xf0) >> 4)
#define lo_nibble(b) (b & 0x0f)
/* Byte ordering */
#ifndef BYTE_ORDER
#define LITTLE_ENDIAN 4321
#define BIG_ENDIAN 1234
#ifdef WORDS_BIGENDIAN
#define BYTE_ORDER BIG_ENDIAN
#else
#define BYTE_ORDER LITTLE_ENDIAN
#endif
#endif
/* Useful when highlighting regions inside a dissect_*() function. With this
* macro, you can highlight from an arbitrary offset to the end of the
* frame. See dissect_data() for an example.
*/
#define END_OF_FRAME (fd->cap_len - offset)
typedef struct _column_info {
gint num_cols; /* Number of columns */
gboolean **fmt_matx; /* Specifies which formats apply to a column */
gchar **col_data; /* Column data */
} column_info;
#define COL_MAX_LEN 256
typedef struct _packet_counts {
gint tcp;
gint udp;
gint ospf;
gint other;
gint total;
} packet_counts;
typedef struct _frame_data {
guint32 pkt_len; /* Packet length */
guint32 cap_len; /* Amount actually captured */
guint32 rel_secs; /* Relative seconds */
guint32 rel_usecs; /* Relative microseconds */
guint32 abs_secs; /* Absolute seconds */
guint32 abs_usecs; /* Absolute microseconds */
guint32 del_secs; /* Delta seconds */
guint32 del_usecs; /* Delta microseconds */
long file_off; /* File offset */
column_info *cinfo; /* Column formatting information */
#ifdef WITH_WIRETAP
int lnk_t; /* Per-packet encapsulation/data-link type */
#endif
} frame_data;
typedef struct _packet_info {
char *srcip;
int ip_src;
char *destip;
int ipproto;
int srcport;
int destport;
int match_port;
int iplen;
int iphdrlen;
int payload;
} packet_info;
/* Struct for the match_strval function */
typedef struct _value_string {
guint32 value;
gchar *strptr;
} value_string;
/* Many of the structs and definitions below and in packet-*.c files
* were taken from include files in the Linux distribution. */
typedef struct tcp_extra_data {
int match_port;
int sport;
int dport;
} tcp_extra_data;
/* Tree types. Each dissect_* routine should have one for each
add_subtree() call. */
enum {
ETT_FRAME,
ETT_IEEE8023,
ETT_ETHER2,
ETT_LLC,
ETT_TOKEN_RING,
ETT_TR_IERR_CNT,
ETT_TR_NERR_CNT,
ETT_TR_MAC,
ETT_PPP,
ETT_ARP,
ETT_FDDI,
ETT_NULL,
ETT_IP,
ETT_IP_OPTIONS,
ETT_IP_OPTION_SEC,
ETT_IP_OPTION_ROUTE,
ETT_IP_OPTION_TIMESTAMP,
ETT_IP_TOS,
ETT_IP_OFF,
ETT_UDP,
ETT_TCP,
ETT_TCP_OPTIONS,
ETT_TCP_OPTION_SACK,
ETT_TCP_FLAGS,
ETT_ICMP,
ETT_IGMP,
ETT_IPX,
ETT_SPX,
ETT_NCP,
ETT_NCP_REQUEST_FIELDS,
ETT_NCP_REPLY_FIELDS,
ETT_DNS,
ETT_DNS_FLAGS,
ETT_DNS_QRY,
ETT_DNS_QD,
ETT_DNS_ANS,
ETT_DNS_RR,
ETT_RIP,
ETT_RIP_VEC,
ETT_OSPF,
ETT_OSPF_HDR,
ETT_OSPF_HELLO,
ETT_OSPF_DESC,
ETT_OSPF_LSR,
ETT_OSPF_LSA_UPD,
ETT_OSPF_LSA,
ETT_LPD,
ETT_RAW,
ETT_BOOTP,
ETT_BOOTP_OPTION,
ETT_IPv6,
ETT_CLNP,
ETT_COTP,
ETT_VINES_FRP,
ETT_VINES,
ETT_VINES_ARP,
ETT_VINES_ICP,
ETT_VINES_IPC,
ETT_VINES_RTP,
ETT_VINES_SPP,
ETT_IPXRIP,
ETT_IPXSAP,
ETT_IPXSAP_SERVER,
ETT_NBNS,
ETT_NBNS_FLAGS,
ETT_NBNS_NB_FLAGS,
ETT_NBNS_NAME_FLAGS,
ETT_NBNS_QRY,
ETT_NBNS_QD,
ETT_NBNS_ANS,
ETT_NBNS_RR,
ETT_NBIPX,
ETT_AARP,
ETT_GIOP,
ETT_NBDGM,
ETT_CDP,
ETT_HTTP,
ETT_TFTP,
ETT_AH,
ETT_ESP,
ETT_ICMPv6,
ETT_ICMPv6OPT,
ETT_ICMPv6FLAG,
ETT_POP,
ETT_FTP,
ETT_TELNET,
ETT_TELNET_SUBOPT,
ETT_NNTP,
ETT_SNMP,
ETT_NBSS,
ETT_NBSS_FLAGS,
ETT_SMB,
ETT_SMB_FLAGS,
ETT_SMB_FLAGS2,
ETT_SMB_DIALECTS,
ETT_SMB_MODE,
ETT_SMB_CAPS,
ETT_SMB_RAWMODE,
ETT_SMB_AFLAGS,
ETT_RADIUS,
ETT_RADIUS_AVP,
NUM_TREE_TYPES /* last item number plus one */
};
/* The version of pcap.h that comes with some systems is missing these
* #defines.
*/
#ifndef DLT_RAW
#define DLT_RAW 12
#endif
#ifndef DLT_SLIP_BSDOS
#define DLT_SLIP_BSDOS 13
#endif
#ifndef DLT_PPP_BSDOS
#define DLT_PPP_BSDOS 14
#endif
/* Utility routines used by packet*.c */
gchar* ether_to_str(const guint8 *);
gchar* ip_to_str(const guint8 *);
gchar* time_secs_to_str(guint32);
gchar* bytes_to_str(const guint8 *, int);
const u_char *find_line_end(const u_char *data, const u_char *dataend,
const u_char **eol);
int get_token_len(const u_char *linep, const u_char *lineend,
const u_char **next_token);
gchar* format_text(const u_char *line, int len);
gchar* val_to_str(guint32, const value_string *, const char *);
gchar* match_strval(guint32, const value_string*);
const char *decode_boolean_bitfield(guint32 val, guint32 mask, int width,
const char *truedesc, const char *falsedesc);
const char *decode_enumerated_bitfield(guint32 val, guint32 mask, int width,
const value_string *tab, const char *fmt);
const char *decode_numeric_bitfield(guint32 val, guint32 mask, int width,
const char *fmt);
gint check_col(frame_data *, gint);
#if __GNUC__ == 2
void col_add_fstr(frame_data *, gint, gchar *, ...)
__attribute__((format (printf, 3, 4)));
void col_append_fstr(frame_data *, gint, gchar *, ...)
__attribute__((format (printf, 3, 4)));
#else
void col_add_fstr(frame_data *, gint, gchar *, ...);
void col_append_fstr(frame_data *, gint, gchar *, ...);
#endif
void col_add_str(frame_data *, gint, gchar *);
void col_append_str(frame_data *, gint, gchar *);
/* Routines in packet.c */
typedef struct GtkWidget proto_tree;
typedef struct GtkWidget proto_item;
struct GtkWidget;
void proto_item_set_len(proto_item *ti, gint len);
proto_tree* proto_tree_new(void);
void proto_item_add_subtree(proto_item *ti, proto_tree *subtree, gint idx);
#if __GNUC__ == 2
proto_item* proto_tree_add_item(proto_tree *tree, gint start, gint len,
gchar *format, ...)
__attribute__((format (printf, 4, 5)));
#else
proto_item* proto_tree_add_item(proto_tree *tree, gint start, gint len,
gchar *format, ...);
#endif
void dissect_packet(const u_char *, frame_data *, proto_tree *);
/*
* Routines in packet-*.c
* Routines should take three args: packet data *, cap_len, packet_counts *
* They should never modify the packet data.
*/
void capture_eth(const u_char *, guint32, packet_counts *);
void capture_fddi(const u_char *, guint32, packet_counts *);
void capture_null(const u_char *, guint32, packet_counts *);
void capture_ppp(const u_char *, guint32, packet_counts *);
void capture_raw(const u_char *, guint32, packet_counts *);
void capture_tr(const u_char *, guint32, packet_counts *);
/*
* Routines in packet-*.c
* Routines should take four args: packet data *, offset, cap_len,
* packet_counts *
* They should never modify the packet data.
*/
void capture_llc(const u_char *, int, guint32, packet_counts *);
void capture_ip(const u_char *, int, guint32, packet_counts *);
/*
* Routines in packet-*.c
* Routines should take three args: packet data *, frame_data *, tree *
* They should never modify the packet data.
*/
void dissect_eth(const u_char *, frame_data *, proto_tree *);
void dissect_fddi(const u_char *, frame_data *, proto_tree *);
void dissect_null(const u_char *, frame_data *, proto_tree *);
void dissect_ppp(const u_char *, frame_data *, proto_tree *);
void dissect_raw(const u_char *, frame_data *, proto_tree *);
void dissect_tr(const u_char *, frame_data *, proto_tree *);
/*
* Routines in packet-*.c
* Routines should take four args: packet data *, offset, frame_data *,
* tree *
* They should never modify the packet data.
*/
int dissect_ah(const u_char *, int, frame_data *, proto_tree *);
void dissect_aarp(const u_char *, int, frame_data *, proto_tree *);
void dissect_arp(const u_char *, int, frame_data *, proto_tree *);
void dissect_bootp(const u_char *, int, frame_data *, proto_tree *);
void dissect_cdp(const u_char *, int, frame_data *, proto_tree *);
void dissect_data(const u_char *, int, frame_data *, proto_tree *);
void dissect_ddp(const u_char *, int, frame_data *, proto_tree *);
void dissect_dns(const u_char *, int, frame_data *, proto_tree *);
void dissect_esp(const u_char *, int, frame_data *, proto_tree *);
void dissect_giop(const u_char *, int, frame_data *, proto_tree *);
void dissect_http(const u_char *, int, frame_data *, proto_tree *);
void dissect_icmp(const u_char *, int, frame_data *, proto_tree *);
void dissect_icmpv6(const u_char *, int, frame_data *, proto_tree *);
void dissect_igmp(const u_char *, int, frame_data *, proto_tree *);
void dissect_ip(const u_char *, int, frame_data *, proto_tree *);
void dissect_ipv6(const u_char *, int, frame_data *, proto_tree *);
void dissect_ipx(const u_char *, int, frame_data *, proto_tree *);
void dissect_llc(const u_char *, int, frame_data *, proto_tree *);
void dissect_lpd(const u_char *, int, frame_data *, proto_tree *);
void dissect_nbdgm(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_nbipx_ns(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_nbns(const u_char *, int, frame_data *, proto_tree *);
void dissect_ncp(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_nwlink_dg(const u_char *, int, frame_data *, proto_tree *,
int);
void dissect_osi(const u_char *, int, frame_data *, proto_tree *);
void dissect_ospf(const u_char *, int, frame_data *, proto_tree *);
void dissect_ospf_hello(const u_char *, int, frame_data *, proto_tree *);
void dissect_rip(const u_char *, int, frame_data *, proto_tree *);
void dissect_snmp(const u_char *, int, frame_data *, proto_tree *);
void dissect_tcp(const u_char *, int, frame_data *, proto_tree *);
void dissect_tftp(const u_char *, int, frame_data *, proto_tree *);
void dissect_trmac(const u_char *, int, frame_data *, proto_tree *);
void dissect_udp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_arp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_frp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_icp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_ipc(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_rtp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_spp(const u_char *, int, frame_data *, proto_tree *);
void dissect_ftp(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_ftpdata(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_nbss(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_nntp(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_pop(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_smb(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_telnet(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_radius(const u_char *, int, frame_data *, proto_tree *);
void init_dissect_udp(void);
/* These functions are in ethertype.c */
gchar *ethertype_to_str(guint16 etype, const char *fmt);
void capture_ethertype(guint16 etype, int offset,
const u_char *pd, guint32 cap_len, packet_counts *ld);
void ethertype(guint16 etype, int offset,
const u_char *pd, frame_data *fd, proto_tree *tree,
proto_tree *fh_tree);
/* These functions are in packet-arp.c */
gchar *arphrdaddr_to_str(guint8 *ad, int ad_len, guint16 type);
gchar *arphrdtype_to_str(guint16 hwtype, const char *fmt);
/*
* All of the possible columns in summary listing.
*
* NOTE: The SRC and DST entries MUST remain in this order, or else you
* need to fix the offset #defines before get_column_format!
*/
enum {
COL_NUMBER, /* Packet list item number */
COL_CLS_TIME, /* Command line-specified time (default relative) */
COL_REL_TIME, /* Relative time */
COL_ABS_TIME, /* Absolute time */
COL_DELTA_TIME, /* Delta time */
COL_DEF_SRC, /* Source address */
COL_RES_SRC, /* Resolved source */
COL_UNRES_SRC, /* Unresolved source */
COL_DEF_DL_SRC, /* Data link layer source address */
COL_RES_DL_SRC, /* Resolved DL source */
COL_UNRES_DL_SRC, /* Unresolved DL source */
COL_DEF_NET_SRC, /* Network layer source address */
COL_RES_NET_SRC, /* Resolved net source */
COL_UNRES_NET_SRC, /* Unresolved net source */
COL_DEF_DST, /* Destination address */
COL_RES_DST, /* Resolved dest */
COL_UNRES_DST, /* Unresolved dest */
COL_DEF_DL_DST, /* Data link layer dest address */
COL_RES_DL_DST, /* Resolved DL dest */
COL_UNRES_DL_DST, /* Unresolved DL dest */
COL_DEF_NET_DST, /* Network layer dest address */
COL_RES_NET_DST, /* Resolved net dest */
COL_UNRES_NET_DST, /* Unresolved net dest */
COL_DEF_SRC_PORT, /* Source port */
COL_RES_SRC_PORT, /* Resolved source port */
COL_UNRES_SRC_PORT, /* Unresolved source port */
COL_DEF_DST_PORT, /* Destination port */
COL_RES_DST_PORT, /* Resolved dest port */
COL_UNRES_DST_PORT, /* Unresolved dest port */
COL_PROTOCOL, /* Protocol */
COL_INFO, /* Description */
NUM_COL_FMTS /* Should always be last */
};
#endif /* packet.h */
****************************************************************************
******************
end of packet.h
Kind Regards,
Johan Feyaerts,
Email: Johan.Feyaerts@xxxxxxxxxxxxx
- Follow-Ups:
- Re: [ethereal-dev] RADIUS source code
- From: Guy Harris
- Re: [ethereal-dev] RADIUS source code
- Prev by Date: Re: [ethereal-dev] ethereal
- Next by Date: [ethereal-dev] Anniversary
- Previous by thread: Re: [ethereal-dev] ethereal
- Next by thread: Re: [ethereal-dev] RADIUS source code
- Index(es):
