Ethereal-dev: Re: [Ethereal-dev] IrDA dissector plugin

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Jean Tourrilhes <jt@xxxxxxxxxxxxxxxxxx>
Date: Wed, 7 Jan 2004 09:28:33 -0800
On Tue, Jan 06, 2004 at 10:25:56PM -0800, Guy Harris wrote:
> On Thu, Dec 18, 2003 at 01:09:24AM +0100, Jan Kiszka wrote:
> > based on the work of Shaun Jackman, I started some months ago a new 
> > approach to implement a dissector plugin which is able to analyze 
> > infrared communication according to the IrDA specification.
> 
> The IrLAP V1.1 specification gives, for the XID command, 0x2F (with the
> P/F bit ORed in); for the XID response, it gives 0xAF (again, with the
> P/F bit ORed in).
> 
> However, that spec says IrLAP is "based on pre-existing standard
> asynchronous HDLC and SDLC half duplex protocols as used on multi-drop
> links (see references)", and one of the references is to ISO 4335
> (HDLC).
> 
> 4335 has been withdrawn and replaced by ISO/IEC 13239:2002, which gives
> as the encoding for XID commands and responses 0xAF (with the P/F bit ORed)
> in.
> 
> Does IrLAP really use a different encoding for XID commands than does
> HDLC?  (0x2F, in HDLC, is SABM.)  Or is that a typo in the spec?  It's
> not mentioned in the IrLAP V1.1 Errata for March 2003.  Were it not for
> that, the IrDA dissector could, I think, use the
> "dissect_xdlc_control()" routine in xdlc.c (the current CVS version,
> that is, which supports named fields for the subfields of the control
> field).

	As far as I can see, the IrDA protocol really uses 0x2F as the
XID command. This is easy to verify, as XID is used for basic
discovery. The log below is my Palm-Pilot discovering my Linux box :
-------------------------------------------------------------
17:23:08.866936 xid:cmd ffffffff < d616546e S=6 s=0 (14) 
        ff 3f 01 6e 54 16 d6 ff ff ff ff 01 00 00 
17:23:08.955917 xid:cmd ffffffff < d616546e S=6 s=1 (14) 
        ff 3f 01 6e 54 16 d6 ff ff ff ff 01 01 00 
17:23:09.034901 xid:cmd ffffffff < d616546e S=6 s=2 (14) 
        ff 3f 01 6e 54 16 d6 ff ff ff ff 01 02 00 
17:23:09.185871 xid:cmd ffffffff < d616546e S=6 s=3 (14) 
        ff 3f 01 6e 54 16 d6 ff ff ff ff 01 03 00 
17:23:09.186239 xid:rsp 36a47307 > d616546e S=6 s=3 lagaffe hint=0400 [ Computer ] (23) 
        fe bf 01 07 73 a4 36 6e 54 16 d6 01 03 00 04 00 
        6c 61 67 61 66 66 65 
17:23:09.266852 xid:cmd ffffffff < d616546e S=6 s=4 (14) 
        ff 3f 01 6e 54 16 d6 ff ff ff ff 01 04 00 
17:23:09.355833 xid:cmd ffffffff < d616546e S=6 s=5 (14) 
        ff 3f 01 6e 54 16 d6 ff ff ff ff 01 05 00 
17:23:09.464810 xid:cmd ffffffff < d616546e S=6 s=* Jean Tourrilhes hint=8220 [ PDA/Palmtop IrOBEX ] (32) 
        ff 3f 01 6e 54 16 d6 ff ff ff ff 01 ff 00 82 20 
        00 4a 65 61 6e 20 54 6f 75 72 72 69 6c 68 65 73 
-------------------------------------------------------------

	With respect to reusing "dissect_xdlc_control()", I can't
comment on that, because I didn't check that code.

	Have fun...

	Jean