Ethereal-dev: Re: [Ethereal-dev] [PATCH] New dissector, yet another 802.11 sniff header
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Solomon Peachy <solomon@xxxxxxxxxxxxxx>
Date: Tue, 5 Nov 2002 15:06:15 -0500
On Mon, Nov 04, 2002 at 09:57:19PM -0800, Guy Harris wrote: > All Ethereal needs is a new DLT_ type. Libpcap needs to know about the > new ARPHRD_ type, but changing it can wait. > What do you want me to call it? I was thinking DLT_IEE80211_WLANCAP. > That's a bit ugly - I'd prefer to just do the new DLT_ type and be done > with it. (If not, I'd at least prefer to have "dissect_prism()" call > the wlancap dissector through a handle, rather than directly - calling > through a handle lets us hide some details of the way dissectors are > called in the Ethereal core code.) Yeah, piggybacking on the DLT_PRISM type is unfortunately necessary for now; until we get an official ARPHRD type, I probably won't be able to get a libpcap DLT type in anyway. Actually, I have some doubts if I'll get an ARPHRD type added to the Linux kernel; I seem to be on David Miller's bad side, especially given that it's not strictly necessary. :) > Also, note that Makefile.nmake's DISSECTOR_SRC macro needs to be changed > as well. Okay, I'll take care of this.. I'll convert dissect_prism() to call the wlancap dissector through a handle as well. Updated patch attached! Note that this one doesn't add a DLT type; I need to grab the libpcap cvs and get 'em to assign me a number. - Pizza -- Solomon Peachy solomon@xxxxxxxxxxxxxx AbsoluteValue Systems http://www.linux-wlan.com 715-D North Drive +1 (321) 259-0737 (office) Melbourne, FL 32934 +1 (321) 259-0286 (fax)
diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/Makefile.am ethereal-de/Makefile.am --- ethereal/Makefile.am Mon Nov 4 07:10:59 2002 +++ ethereal-de/Makefile.am Mon Nov 4 08:27:03 2002 @@ -363,6 +363,7 @@ packet-wccp.c \ packet-wcp.c \ packet-who.c \ + packet-wlancap.c \ packet-wsp.c \ packet-wtls.c \ packet-wtp.c \ diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/Makefile.nmake ethereal-de/Makefile.nmake --- ethereal/Makefile.nmake Mon Nov 4 07:10:59 2002 +++ ethereal-de/Makefile.nmake Tue Nov 5 14:13:22 2002 @@ -306,6 +306,7 @@ packet-wccp.c \ packet-wcp.c \ packet-who.c \ + packet-wlancap.c \ packet-wsp.c \ packet-wtls.c \ packet-wtp.c \ diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/packet-ieee80211.c ethereal-de/packet-ieee80211.c --- ethereal/packet-ieee80211.c Thu Oct 31 15:46:00 2002 +++ ethereal-de/packet-ieee80211.c Fri Nov 1 19:47:53 2002 @@ -1873,7 +1873,7 @@ } void -proto_register_wlan (void) +proto_register_ieee80211 (void) { static const value_string frame_type[] = { {MGT_FRAME, "Management frame"}, @@ -2370,7 +2370,7 @@ } void -proto_reg_handoff_wlan(void) +proto_reg_handoff_ieee80211(void) { dissector_handle_t ieee80211_handle; dissector_handle_t ieee80211_radio_handle; diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/packet-prism.c ethereal-de/packet-prism.c --- ethereal/packet-prism.c Wed Aug 28 17:00:25 2002 +++ ethereal-de/packet-prism.c Tue Nov 5 14:40:58 2002 @@ -41,6 +41,7 @@ #include <epan/packet.h> #include "packet-ieee80211.h" #include "packet-prism.h" +#include "packet-wlancap.h" /* protocol */ static int proto_prism = -1; @@ -80,18 +81,40 @@ static gint ett_prism = -1; static dissector_handle_t ieee80211_handle; +static dissector_handle_t wlancap_handle; void capture_prism(const guchar *pd, int offset, int len, packet_counts *ld) { - if(!BYTES_ARE_IN_FRAME(offset, len, (int)sizeof(struct prism_hdr))) { - ld->other ++; + guint32 cookie = 0; + guint32 length = 0; + if (!BYTES_ARE_IN_FRAME(offset, len, sizeof(guint32) *2 )) { + ld->other++; return; } - offset += sizeof(struct prism_hdr); + + cookie = pntohl(pd); + length = pntohl(pd+sizeof(guint32)); + + /* Handle the new type of capture format */ + if (cookie == WLANCAP_MAGIC_COOKIE_V1) { + if(!BYTES_ARE_IN_FRAME(offset, len, length)) { + ld->other++; + return; + } + offset += length; + } else { + /* We have an old capture format */ + if(!BYTES_ARE_IN_FRAME(offset, len, (int)sizeof(struct prism_hdr))) { + ld->other++; + return; + } + offset += sizeof(struct prism_hdr); + } /* 802.11 header follows */ capture_ieee80211(pd, offset, len, ld); + } /* @@ -119,15 +142,24 @@ proto_item *ti; tvbuff_t *next_tvb; int offset; + guint32 msgcode; + + offset = 0; + + /* handle the new capture type. */ + msgcode = tvb_get_ntohl(tvb, offset); + if (msgcode == WLANCAP_MAGIC_COOKIE_V1) { + call_dissector(wlancap_handle, tvb, pinfo, tree); + return; + } + + tvb_memcpy(tvb, (guint8 *)&hdr, offset, sizeof(hdr)); if(check_col(pinfo->cinfo, COL_PROTOCOL)) col_set_str(pinfo->cinfo, COL_PROTOCOL, "Prism"); if(check_col(pinfo->cinfo, COL_INFO)) col_clear(pinfo->cinfo, COL_INFO); - offset = 0; - tvb_memcpy(tvb, (guint8 *)&hdr, offset, sizeof hdr); - if(check_col(pinfo->cinfo, COL_INFO)) col_add_fstr(pinfo->cinfo, COL_INFO, "Device: %.16s " "Message 0x%x, Length %d", hdr.devname, @@ -202,6 +234,7 @@ /* handle for 802.11 dissector */ ieee80211_handle = find_dissector("wlan"); + wlancap_handle = find_dissector("wlancap"); prism_handle = create_dissector_handle(dissect_prism, proto_prism); dissector_add("wtap_encap", WTAP_ENCAP_PRISM_HEADER, prism_handle); diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/packet-wlancap.c ethereal-de/packet-wlancap.c --- ethereal/packet-wlancap.c Wed Dec 31 19:00:00 1969 +++ ethereal-de/packet-wlancap.c Tue Nov 5 14:39:47 2002 @@ -0,0 +1,277 @@ +/* + * packet-wlan.c + * Decode packets with a AVS-WLAN header + * + * AVS linux-wlan-based products use a new sniff header to replace the + * old prism2-specific one dissected in packet-prism2.c. This one has + * additional fields, is designed to be non-hardware-specific, and more + * importantly, version and length fields so it can be extended later + * without breaking anything. + * + * By Solomon Peachy + * + * $Id: packet-prism.c,v 1.8 2002/08/28 21:00:25 jmayer Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@xxxxxxxxxxxx> + * Copyright 1998 Gerald Combs + * + * Copied from README.developer + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <glib.h> +#include <string.h> + +#include <epan/packet.h> +#include "packet-ieee80211.h" +#include "packet-wlancap.h" + +#define SHORT_STR 256 + +/* protocol */ +static int proto_wlancap = -1; + +/* header attached during wlan monitor mode */ +struct wlan_header_v1 { + guint32 version; + guint32 length; + guint64 mactime; + guint64 hosttime; + guint32 phytype; + guint32 channel; + guint32 datarate; + guint32 antenna; + guint32 priority; + guint32 ssi_type; + gint32 ssi_signal; + gint32 ssi_noise; + gint32 preamble; + gint32 encoding; +}; + +static int hf_wlan_version = -1; +static int hf_wlan_length = -1; +static int hf_wlan_mactime = -1; +static int hf_wlan_hosttime = -1; +static int hf_wlan_phytype = -1; +static int hf_wlan_channel = -1; +static int hf_wlan_datarate = -1; +static int hf_wlan_antenna = -1; +static int hf_wlan_priority = -1; +static int hf_wlan_ssi_type = -1; +static int hf_wlan_ssi_signal = -1; +static int hf_wlan_ssi_noise = -1; +static int hf_wlan_preamble = -1; +static int hf_wlan_encoding = -1; + +static gint ett_wlan = -1; + +static dissector_handle_t ieee80211_handle; + +void +capture_wlancap(const guchar *pd, int offset, int len, packet_counts *ld) +{ + /* XXX eventually add in a version test. */ + if(!BYTES_ARE_IN_FRAME(offset, len, (int)sizeof(struct wlan_header_v1))) { + ld->other ++; + return; + } + offset += sizeof(struct wlan_header_v1); + + /* 802.11 header follows */ + capture_ieee80211(pd, offset, len, ld); +} + +void +proto_register_wlancap(void) +{ + + static const value_string phy_type[] = { + { 0, "Unknown" }, + { 1, "FHSS 802.11 '97" }, + { 2, "DSSS 802.11 '97" }, + { 3, "IR Baseband" }, + { 4, "DSSS 802.11b" }, + { 5, "PBCC 802.11b" }, + { 6, "OFDM 802.11g" }, + { 7, "PBCC 802.11g" }, + { 8, "OFDM 802.11a" }, + }; + + static const value_string encoding_type[] = { + { 0, "Unknown" }, + { 1, "CCK" }, + { 2, "PBCC" }, + { 3, "OFDM" }, + }; + + static const value_string ssi_type[] = { + { 0, "None" }, + { 1, "Normalized RSSI" }, + { 2, "dBm" }, + { 3, "Raw RSSI" }, + }; + + static const value_string preamble_type[] = { + { 0, "Unknown" }, + { 1, "Short" }, + { 2, "Long" }, + }; + + static hf_register_info hf[] = { + { &hf_wlan_version, { "Header revision", "wlancap.version", FT_UINT32, + BASE_DEC, NULL, 0x0, "", HFILL } }, + { &hf_wlan_length, { "Header length", "wlancap.length", FT_UINT32, + BASE_DEC, NULL, 0x0, "", HFILL } }, + { &hf_wlan_mactime, { "MAC timestamp", "wlancap.mactime", FT_UINT64, + BASE_DEC, NULL, 0x0, "", HFILL } }, + { &hf_wlan_hosttime, { "Host timestamp", "wlancap.hosttime", FT_UINT64, + BASE_DEC, NULL, 0x0, "", HFILL } }, + { &hf_wlan_phytype, { "PHY type", "wlancap.phytype", FT_UINT32, BASE_DEC, + VALS(phy_type), 0x0, "", HFILL } }, + { &hf_wlan_channel, { "Channel", "wlancap.channel", FT_UINT32, BASE_DEC, + NULL, 0x0, "", HFILL } }, + { &hf_wlan_datarate, { "Data rate", "wlancap.datarate", FT_UINT32, + BASE_DEC, NULL, 0x0, "", HFILL } }, + { &hf_wlan_antenna, { "Antenna", "wlancap.antenna", FT_UINT32, BASE_DEC, + NULL, 0x0, "", HFILL } }, + { &hf_wlan_priority, { "Priority", "wlancap.priority", FT_UINT32, BASE_DEC, + NULL, 0x0, "", HFILL } }, + { &hf_wlan_ssi_type, { "SSI Type", "wlancap.ssi_type", FT_UINT32, BASE_DEC, + VALS(ssi_type), 0x0, "", HFILL } }, + { &hf_wlan_ssi_signal, { "SSI Signal", "wlancap.ssi_signal", FT_UINT32, + BASE_DEC, NULL, 0x0, "", HFILL } }, + { &hf_wlan_ssi_noise, { "SSI Noise", "wlancap.ssi_noise", FT_INT32, + BASE_DEC, NULL, 0x0, "", HFILL } }, + { &hf_wlan_preamble, { "Preamble", "wlancap.preamble", FT_UINT32, + BASE_DEC, VALS(preamble_type), 0x0, "", HFILL } }, + { &hf_wlan_encoding, { "Encoding Type", "wlancap.encoding", FT_UINT32, + BASE_DEC, VALS(encoding_type), 0x0, "", HFILL } }, + }; + static gint *ett[] = { + &ett_wlan + }; + + proto_wlancap = proto_register_protocol("AVS WLAN Capture header", "AVS WLANCAP", "wlancap"); + proto_register_field_array(proto_wlancap, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + register_dissector("wlancap", dissect_wlancap, proto_wlancap); + +} + +void +dissect_wlancap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + proto_tree *wlan_tree; + proto_item *ti; + tvbuff_t *next_tvb; + int offset; + guint32 version; + guint32 length; + + if(check_col(pinfo->cinfo, COL_PROTOCOL)) + col_set_str(pinfo->cinfo, COL_PROTOCOL, "WLAN"); + if(check_col(pinfo->cinfo, COL_INFO)) + col_clear(pinfo->cinfo, COL_INFO); + offset = 0; + + version = tvb_get_ntohl(tvb, offset) - WLANCAP_MAGIC_COOKIE_BASE; + length = tvb_get_ntohl(tvb, offset+4); + + if(check_col(pinfo->cinfo, COL_INFO)) + col_add_fstr(pinfo->cinfo, COL_INFO, "AVS WLAN Capture v%x, Length %d",version, length); + + /* Dissect the packet */ + if (tree) { + ti = proto_tree_add_protocol_format(tree, proto_wlancap, + tvb, 0, length, "AVS WLAN Monitoring Header"); + wlan_tree = proto_item_add_subtree(ti, ett_wlan); + proto_tree_add_uint(wlan_tree, hf_wlan_version, tvb, offset, + 4, tvb_get_ntohl(tvb, offset) - WLANCAP_MAGIC_COOKIE_BASE); + offset+=4; + proto_tree_add_uint(wlan_tree, hf_wlan_length, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + proto_tree_add_item(wlan_tree, hf_wlan_mactime, tvb, offset, + 8, FALSE); + offset+=8; + proto_tree_add_item(wlan_tree, hf_wlan_hosttime, tvb, offset, + 8, FALSE); + offset+=8; + + proto_tree_add_uint(wlan_tree, hf_wlan_phytype, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + /* XXX cook channel (fh uses different numbers) */ + proto_tree_add_uint(wlan_tree, hf_wlan_channel, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + + proto_tree_add_uint_format(wlan_tree, hf_wlan_datarate, tvb, offset, + 4, tvb_get_ntohl(tvb, offset) * 100, + "Datarate: %d kbps", + tvb_get_ntohl(tvb, offset) * 100); + offset+=4; + proto_tree_add_uint(wlan_tree, hf_wlan_antenna, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + proto_tree_add_uint(wlan_tree, hf_wlan_priority, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + proto_tree_add_uint(wlan_tree, hf_wlan_ssi_type, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + /* XXX cook ssi_signal (Based on type; ie format) */ + proto_tree_add_uint(wlan_tree, hf_wlan_ssi_signal, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + /* XXX cook ssi_noise (Based on type; ie format) */ + proto_tree_add_int(wlan_tree, hf_wlan_ssi_noise, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + proto_tree_add_uint(wlan_tree, hf_wlan_preamble, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + proto_tree_add_uint(wlan_tree, hf_wlan_encoding, tvb, offset, + 4, tvb_get_ntohl(tvb, offset)); + offset+=4; + } + + if (offset == 0) + offset = length; + + /* dissect the 802.11 header next */ + next_tvb = tvb_new_subset(tvb, offset, -1, -1); + call_dissector(ieee80211_handle, next_tvb, pinfo, tree); +} + +void +proto_reg_handoff_wlancap(void) +{ + dissector_handle_t wlancap_handle; + + /* handle for 802.11 dissector */ + ieee80211_handle = find_dissector("wlan"); + + wlancap_handle = create_dissector_handle(dissect_wlancap, proto_wlancap); + + dissector_add("wtap_encap", WTAP_ENCAP_WLAN_HEADER, wlancap_handle); +} diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/packet-wlancap.h ethereal-de/packet-wlancap.h --- ethereal/packet-wlancap.h Wed Dec 31 19:00:00 1969 +++ ethereal-de/packet-wlancap.h Fri Nov 1 19:47:53 2002 @@ -0,0 +1,34 @@ +/* + * packet-wlan.h + * Declarations for packet-wlan.c + * + * $Id: packet-prism.h,v 1.3 2002/08/28 21:00:25 jmayer Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@xxxxxxxxxxxx> + * Copyright 1998 Gerald Combs + * + * Copied from README.developer + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +void capture_wlancap(const guchar *pd, int offset, int len, packet_counts *ld); +void proto_register_wlancap(void); +void proto_reg_handoff_wlancap(void); +void dissect_wlancap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); + +#define WLANCAP_MAGIC_COOKIE_BASE 0x80211000 +#define WLANCAP_MAGIC_COOKIE_V1 0x80211001 diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/wiretap/wtap.c ethereal-de/wiretap/wtap.c --- ethereal/wiretap/wtap.c Thu Oct 31 02:12:42 2002 +++ ethereal-de/wiretap/wtap.c Fri Nov 1 19:47:53 2002 @@ -148,6 +148,10 @@ /* WTAP_ENCAP_COSINE */ { "CoSine L2 debug log", "cosine" }, + + /* WTAP_ENCAP_WLAN_HEADER */ + { "IEEE 802.11 plus AVS WLAN monitor header", "wlan" }, + }; /* Name that should be somewhat descriptive. */ diff --new-file -aur --exclude Makefile --exclude Makefile.in --exclude CVS ethereal/wiretap/wtap.h ethereal-de/wiretap/wtap.h --- ethereal/wiretap/wtap.h Thu Oct 31 02:12:42 2002 +++ ethereal-de/wiretap/wtap.h Fri Nov 1 19:47:53 2002 @@ -119,9 +119,9 @@ #define WTAP_ENCAP_HHDLC 27 #define WTAP_ENCAP_DOCSIS 28 #define WTAP_ENCAP_COSINE 29 - +#define WTAP_ENCAP_WLAN_HEADER 30 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 30 +#define WTAP_NUM_ENCAP_TYPES 31 /* File types that can be read by wiretap. We support writing some many of these file types, too, so we
Attachment:
pgpesMboTK2kh.pgp
Description: PGP signature
- Follow-Ups:
- References:
- [Ethereal-dev] [PATCH] New dissector, yet another 802.11 sniff header
- From: Solomon Peachy
- Re: [Ethereal-dev] [PATCH] New dissector, yet another 802.11 sniff header
- From: Guy Harris
- [Ethereal-dev] [PATCH] New dissector, yet another 802.11 sniff header
- Prev by Date: [Ethereal-dev] iSCSI sample capture
- Next by Date: [Ethereal-dev] Patch to packet-gtp.c
- Previous by thread: Re: [Ethereal-dev] [PATCH] New dissector, yet another 802.11 sniff header
- Next by thread: Re: [Ethereal-dev] [PATCH] New dissector, yet another 802.11 sniff header
- Index(es):