search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-cisco-erspan.c
blobd46404ac4ce85611a36d63ae52e2d7f62c54cb1f
1 /* packet-erspan.c
2 * Routines for the disassembly of Cisco's ERSPAN protocol
3 *
4 * Copyright 2005 Joerg Mayer (see AUTHORS file)
5 * Updates for newer versions by Jason Masker <jason at masker.net>
6 * Updates to support ERSPAN3 by Peter Membrey <peter@membrey.hk>
7 *
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
11 *
12 * SPDX-License-Identifier: GPL-2.0-or-later
13 *
14 * Protocol Spec:
15 * https://tools.ietf.org/html/draft-foschiano-erspan-03
16 *
17 * For ERSPAN packets, the "protocol type" field value in the GRE header
18 * is 0x88BE (types I and II) or 0x22EB (type III).
19 *
20 * For 0x88BE, if the GRE header doesn't have the "sequence number present"
21 * flag set, it's type I, with no ERSPAN header, otherwise it has an
22 * ERSPAN header (it's supposed to be type II, but we look at the version
23 * in the ERSPAN header; should we report an error if it's not version 1?).
24 *
25 * For 0x22EB, it always has an ERSPAN header (it's supposed to be type III,
26 * but we look at the version in the ERSPAN header; should we report an
27 * error if it's not version 2?).
28 */
29
30 #include "config.h"
31
32 #include <epan/packet.h>
33 #include <epan/expert.h>
34 #include <epan/tfs.h>
35 #include "packet-gre.h"
36
37 void proto_register_erspan(void);
38 void proto_reg_handoff_erspan(void);
39
40 static int proto_erspan;
41
42 static int ett_erspan;
43
44 static int hf_erspan_version;
45 static int hf_erspan_vlan;
46 static int hf_erspan_cos;
47 static int hf_erspan_encap;
48 static int hf_erspan_truncated;
49 static int hf_erspan_spanid;
50 static int hf_erspan_reserved;
51 static int hf_erspan_index;
52 static int hf_erspan_timestamp;
53 static int hf_erspan_direction;
54
55 static int hf_erspan_bso;
56 static int hf_erspan_sgt;
57 static int hf_erspan_p;
58 static int hf_erspan_ft;
59 static int hf_erspan_hw;
60 static int hf_erspan_gra;
61 static int hf_erspan_o;
62
63 /* Optional Sub-header */
64 static int hf_erspan_platid;
65 /* Platform ID = 1 */
66 static int hf_erspan_pid1_rsvd1;
67 static int hf_erspan_pid1_domain_id;
68 static int hf_erspan_pid1_port_index;
69 /* Platform ID = 3 */
70 static int hf_erspan_pid3_rsvd1;
71 static int hf_erspan_pid3_port_index;
72 static int hf_erspan_pid3_timestamp;
73 /* Platform ID = 4 */
74 static int hf_erspan_pid4_rsvd1;
75 static int hf_erspan_pid4_rsvd2;
76 static int hf_erspan_pid4_rsvd3;
77 /* Platform ID = 5 or 6 */
78 static int hf_erspan_pid5_switchid;
79 static int hf_erspan_pid5_port_index;
80 static int hf_erspan_pid5_timestamp;
81 /* Platform ID = 7 (or 0) */
82 static int hf_erspan_pid7_rsvd1;
83 static int hf_erspan_pid7_source_index;
84 static int hf_erspan_pid7_timestamp;
85 /* ID: 0x0, 0x2, 0x8-0x63 are reserved. */
86 static int hf_erspan_pid_rsvd;
87
88 static expert_field ei_erspan_version_unknown;
89
90 #define PROTO_SHORT_NAME "ERSPAN"
91 #define PROTO_LONG_NAME "Encapsulated Remote Switch Packet ANalysis"
92
93 static const true_false_string tfs_direction = { "Egress", "Ingress" };
94
95 #define ERSPAN_ENCAP_00 0
96 #define ERSPAN_ENCAP_01 1
97 #define ERSPAN_ENCAP_10 2
98 #define ERSPAN_ENCAP_11 3
99 static const value_string erspan_encap_vals[] = {
100 {ERSPAN_ENCAP_00, "Originally without VLAN tag"},
101 {ERSPAN_ENCAP_01, "Originally ISL encapsulated"},
102 {ERSPAN_ENCAP_10, "Originally 802.1Q encapsulated"},
103 {ERSPAN_ENCAP_11, "VLAN tag preserved in frame"},
104
105 {0, NULL}
106 };
107
108 static const value_string erspan_bso_vals[] = {
109 {0, "Good or unknown integrity"},
110 {1, "Short frame"},
111 {2, "Oversized frame"},
112 {3, "CRC or alignment error"},
113
114 {0, NULL},
115 };
116
117 static const value_string erspan_truncated_vals[] = {
118 {0, "Not truncated"},
119 {1, "Truncated"},
120
121 {0, NULL},
122 };
123
124 #define ERSPAN_FT_ETHERNET 0
125 #define ERSPAN_FT_IP 2
126
127 static const value_string erspan_ft_vals[] = {
128 {ERSPAN_FT_ETHERNET, "Ethernet"},
129 {ERSPAN_FT_IP, "IP"},
130
131 {0, NULL},
132 };
133
134 static const value_string erspan_version_vals[] = {
135 {1, "Type II"},
136 {2, "Type III"},
137
138 {0, NULL},
139 };
140
141 static const value_string erspan_granularity_vals[] = {
142 {0, "100 microseconds"},
143 {1, "100 nanoseconds"},
144 {2, "IEEE 1588"},
145 {3, "Custom granularity"},
146
147 {0, NULL}
148 };
149
150 static dissector_handle_t ethnofcs_handle;
151
152 static int
153 dissect_erspan(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
154 {
155 proto_item *ti;
156 proto_tree *erspan_tree = NULL;
157 tvbuff_t *frame_tvb;
158 uint32_t offset = 0;
159 uint32_t version;
160 uint32_t frame_type = ERSPAN_FT_ETHERNET;
161
162 ti = proto_tree_add_item(tree, proto_erspan, tvb, offset, -1,
163 ENC_NA);
164 erspan_tree = proto_item_add_subtree(ti, ett_erspan);
165
166 col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_SHORT_NAME);
167 col_set_str(pinfo->cinfo, COL_INFO, PROTO_SHORT_NAME ":");
168
169 /*
170 * Dissect the version field, which is present in all versions
171 * of the header.
172 */
173 proto_tree_add_item_ret_uint(erspan_tree, hf_erspan_version, tvb,
174 offset, 2, ENC_BIG_ENDIAN, &version);
175
176 /* Put the version in the header. */
177 proto_item_append_text(ti, " %s", val_to_str_const(version, erspan_version_vals, "Unknown"));
178
179 /*
180 * Now dissect the rest of the header, based on the version.
181 */
182 switch (version) {
183 case 1: {
184 uint32_t vlan, vlan_encap;
185
186 proto_tree_add_item_ret_uint(erspan_tree, hf_erspan_vlan, tvb, offset, 2,
187 ENC_BIG_ENDIAN, &vlan);
188 offset += 2;
189
190 proto_tree_add_item(erspan_tree, hf_erspan_cos, tvb, offset, 2,
191 ENC_BIG_ENDIAN);
192 proto_tree_add_item_ret_uint(erspan_tree, hf_erspan_encap, tvb,
193 offset, 2, ENC_BIG_ENDIAN, &vlan_encap);
194 if (pinfo->vlan_id == 0 && vlan_encap != ERSPAN_ENCAP_11) {
195 pinfo->vlan_id = vlan;
196 }
197 proto_tree_add_item(erspan_tree, hf_erspan_truncated, tvb, offset, 2,
198 ENC_BIG_ENDIAN);
199 proto_tree_add_item(erspan_tree, hf_erspan_spanid, tvb, offset, 2,
200 ENC_BIG_ENDIAN);
201 offset += 2;
202
203 proto_tree_add_item(erspan_tree, hf_erspan_reserved, tvb,
204 offset, 4, ENC_BIG_ENDIAN);
205 proto_tree_add_item(erspan_tree, hf_erspan_index, tvb,
206 offset, 4, ENC_BIG_ENDIAN);
207 offset += 4;
208 break;
209 }
210 case 2: {
211 uint32_t subheader = 0;
212 uint32_t vlan;
213
214 proto_tree_add_item_ret_uint(erspan_tree, hf_erspan_vlan, tvb, offset, 2,
215 ENC_BIG_ENDIAN, &vlan);
216 pinfo->vlan_id = vlan;
217 offset += 2;
218
219 proto_tree_add_item(erspan_tree, hf_erspan_cos, tvb, offset, 2,
220 ENC_BIG_ENDIAN);
221 proto_tree_add_item(erspan_tree, hf_erspan_bso, tvb, offset, 2,
222 ENC_BIG_ENDIAN);
223 proto_tree_add_item(erspan_tree, hf_erspan_truncated, tvb, offset, 2,
224 ENC_BIG_ENDIAN);
225 proto_tree_add_item(erspan_tree, hf_erspan_spanid, tvb, offset, 2,
226 ENC_BIG_ENDIAN);
227 offset += 2;
228
229 proto_tree_add_item(erspan_tree, hf_erspan_timestamp, tvb,
230 offset, 4, ENC_BIG_ENDIAN);
231 offset += 4;
232
233 proto_tree_add_item(erspan_tree, hf_erspan_sgt, tvb,
234 offset, 2, ENC_BIG_ENDIAN);
235 offset += 2;
236
237 proto_tree_add_item(erspan_tree, hf_erspan_p, tvb,
238 offset, 2, ENC_BIG_ENDIAN);
239
240 proto_tree_add_item_ret_uint(erspan_tree, hf_erspan_ft, tvb,
241 offset, 2, ENC_BIG_ENDIAN, &frame_type);
242
243 proto_tree_add_item(erspan_tree, hf_erspan_hw, tvb,
244 offset, 2, ENC_BIG_ENDIAN);
245
246 proto_tree_add_item(erspan_tree, hf_erspan_direction, tvb,
247 offset, 2, ENC_BIG_ENDIAN);
248
249 proto_tree_add_item(erspan_tree, hf_erspan_gra, tvb,
250 offset, 2, ENC_BIG_ENDIAN);
251
252 proto_tree_add_item_ret_uint(erspan_tree, hf_erspan_o, tvb,
253 offset, 2, ENC_BIG_ENDIAN, &subheader);
254 offset += 2;
255
256 /* Platform Specific SubHeader, 8 octets, optional */
257 if (subheader) {
258 int32_t platform_id = tvb_get_ntohl(tvb, offset) >> 26;
259
260 proto_tree_add_item(erspan_tree, hf_erspan_platid, tvb,
261 offset, 4, ENC_BIG_ENDIAN);
262
263 switch (platform_id) {
264 case 1:
265 proto_tree_add_item(erspan_tree, hf_erspan_pid1_rsvd1,
266 tvb, offset, 4, ENC_BIG_ENDIAN);
267 proto_tree_add_item(erspan_tree, hf_erspan_pid1_domain_id,
268 tvb, offset, 4, ENC_BIG_ENDIAN);
269 offset += 4;
270
271 proto_tree_add_item(erspan_tree, hf_erspan_pid1_port_index,
272 tvb, offset, 4, ENC_BIG_ENDIAN);
273 offset += 4;
274 break;
275
276 case 3:
277 proto_tree_add_item(erspan_tree, hf_erspan_pid3_rsvd1,
278 tvb, offset, 4, ENC_BIG_ENDIAN);
279 proto_tree_add_item(erspan_tree, hf_erspan_pid3_port_index,
280 tvb, offset, 4, ENC_BIG_ENDIAN);
281 offset += 4;
282
283 proto_tree_add_item(erspan_tree, hf_erspan_pid3_timestamp,
284 tvb, offset, 4, ENC_BIG_ENDIAN);
285 offset += 4;
286 break;
287
288 case 4:
289 proto_tree_add_item(erspan_tree, hf_erspan_pid4_rsvd1, tvb,
290 offset, 4, ENC_BIG_ENDIAN);
291 proto_tree_add_item(erspan_tree, hf_erspan_pid4_rsvd2, tvb,
292 offset, 4, ENC_BIG_ENDIAN);
293 offset += 4;
294
295 proto_tree_add_item(erspan_tree, hf_erspan_pid4_rsvd3, tvb,
296 offset, 4, ENC_BIG_ENDIAN);
297 offset += 4;
298 break;
299
300 case 5:
301 case 6:
302 proto_tree_add_item(erspan_tree, hf_erspan_pid5_switchid,
303 tvb, offset, 4, ENC_BIG_ENDIAN);
304 proto_tree_add_item(erspan_tree, hf_erspan_pid5_port_index,
305 tvb, offset, 4, ENC_BIG_ENDIAN);
306 offset += 4;
307
308 proto_tree_add_item(erspan_tree, hf_erspan_pid5_timestamp,
309 tvb, offset, 4, ENC_BIG_ENDIAN);
310 offset += 4;
311 break;
312
313 case 7:
314 case 0: /* In some implementations it is used as an alias to 0x07. */
315 proto_tree_add_item(erspan_tree, hf_erspan_pid7_rsvd1,
316 tvb, offset, 4, ENC_BIG_ENDIAN);
317 proto_tree_add_item(erspan_tree, hf_erspan_pid7_source_index,
318 tvb, offset, 4, ENC_BIG_ENDIAN);
319 offset += 4;
320
321 proto_tree_add_item(erspan_tree, hf_erspan_pid7_timestamp,
322 tvb, offset, 4, ENC_BIG_ENDIAN);
323 offset += 4;
324 break;
325 default:
326 /* ID: 0x0, 0x2, 0x8-0x63 are reserved. */
327 proto_tree_add_item(erspan_tree, hf_erspan_pid_rsvd,
328 tvb, offset, 8, ENC_BIG_ENDIAN);
329 offset += 8;
330 break;
331
332 }
333 }
334 break;
335 }
336 default: {
337 proto_item *ti_ver;
338
339 ti_ver = proto_tree_add_item(erspan_tree, hf_erspan_version, tvb, offset, 2,
340 ENC_BIG_ENDIAN);
341 expert_add_info(pinfo, ti_ver, &ei_erspan_version_unknown);
342 return 2;
343 }
344 }
345
346 frame_tvb = tvb_new_subset_remaining(tvb, offset);
347 switch (frame_type) {
348
349 case ERSPAN_FT_ETHERNET:
350 call_dissector(ethnofcs_handle, frame_tvb, pinfo, tree);
351 break;
352
353 default:
354 call_data_dissector(frame_tvb, pinfo, tree);
355 break;
356 }
357 return tvb_captured_length(tvb);
358 }
359
360 static int
361 dissect_erspan_88BE(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
362 {
363 bool has_erspan_header;
364
365 /*
366 * Frames with a GRE type of 0x88BE have an ERSPAN header iff
367 * the "sequence number present" flag is set in the GRE header.
368 */
369 if (data == NULL) {
370 /*
371 * We weren't handed the GRE flags or version.
372 *
373 * This can happen if a Linux cooked capture is done and
374 * we get a packet from an "ipgre" interface.
375 *
376 * For now, we just assume this is Type I, with no
377 * header.
378 */
379 has_erspan_header = false;
380 } else {
381 gre_hdr_info_t *gre_hdr_info = (gre_hdr_info_t *)data;
382
383 if (gre_hdr_info->flags_and_ver & GRE_SEQUENCE) {
384 /*
385 * "sequence number present" set, so it has a
386 * header.
387 */
388 has_erspan_header = true;
389 } else {
390 /*
391 * Not present, so no header.
392 */
393 has_erspan_header = false;
394 }
395 }
396
397 if (has_erspan_header) {
398 /*
399 * We have a header, so dissect it, and then handle
400 * the payload.
401 */
402 return dissect_erspan(tvb, pinfo, tree, data);
403 } else {
404 /*
405 * No header, so just hand the payload off to the
406 * Ethernet dissector. Put in a placeholder for
407 * ERSPAN.
408 */
409 proto_item *ti;
410
411 ti = proto_tree_add_item(tree, proto_erspan, tvb, 0, 0,
412 ENC_NA);
413 proto_item_append_text(ti, " Type I");
414
415 col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_SHORT_NAME);
416 col_set_str(pinfo->cinfo, COL_INFO, PROTO_SHORT_NAME ":");
417
418 call_dissector(ethnofcs_handle, tvb, pinfo, tree);
419 return tvb_captured_length(tvb);
420 }
421 }
422
423 static int
424 dissect_erspan_22EB(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
425 {
426 /*
427 * Frames with a GRE type of 0x22EB always have an ERSPAN
428 * header.
429 */
430 return dissect_erspan(tvb, pinfo, tree, data);
431 }
432
433 void
434 proto_register_erspan(void)
435 {
436 expert_module_t* expert_erspan;
437
438 static hf_register_info hf[] = {
439
440 { &hf_erspan_version,
441 { "Version", "erspan.version", FT_UINT16, BASE_DEC, VALS(erspan_version_vals),
442 0xf000, NULL, HFILL }},
443
444 { &hf_erspan_vlan,
445 { "Vlan", "erspan.vlan", FT_UINT16, BASE_DEC, NULL,
446 0x0fff, NULL, HFILL }},
447
448 { &hf_erspan_cos,
449 { "COS", "erspan.cos", FT_UINT16, BASE_DEC, NULL,
450 0xe000, NULL, HFILL }},
451
452 { &hf_erspan_encap,
453 { "Encap", "erspan.encap", FT_UINT16, BASE_DEC, VALS(erspan_encap_vals),
454 0x1800, NULL, HFILL }},
455
456 { &hf_erspan_bso,
457 { "Bad/Short/Oversized", "erspan.bso", FT_UINT16, BASE_DEC, VALS(erspan_bso_vals),
458 0x1800, NULL, HFILL }},
459
460
461 { &hf_erspan_truncated,
462 { "Truncated", "erspan.truncated", FT_UINT16, BASE_DEC, VALS(erspan_truncated_vals),
463 0x0400, "ERSPAN packet exceeded the MTU size", HFILL }},
464
465 { &hf_erspan_spanid,
466 { "SpanID", "erspan.spanid", FT_UINT16, BASE_DEC, NULL,
467 0x03ff, NULL, HFILL }},
468
469 { &hf_erspan_reserved,
470 { "Reserved", "erspan.reserved", FT_UINT32, BASE_DEC, NULL,
471 0xfff00000, NULL, HFILL }},
472
473 { &hf_erspan_index,
474 { "Index", "erspan.index", FT_UINT32, BASE_DEC, NULL,
475 0x000fffff, NULL, HFILL }},
476
477 { &hf_erspan_timestamp,
478 { "Timestamp", "erspan.timestamp", FT_UINT32, BASE_DEC, NULL,
479 0x0, NULL, HFILL }},
480
481
482 { &hf_erspan_sgt,
483 { "Security Group Tag", "erspan.sgt", FT_UINT16, BASE_DEC, NULL,
484 0x0, NULL, HFILL }},
485
486 { &hf_erspan_p,
487 { "Has Ethernet PDU", "erspan.p", FT_UINT16, BASE_DEC, NULL,
488 0x8000, NULL, HFILL }},
489
490
491 { &hf_erspan_ft,
492 { "Frame Type", "erspan.ft", FT_UINT16, BASE_DEC, VALS(erspan_ft_vals),
493 0x7C00, NULL, HFILL }},
494
495 { &hf_erspan_hw,
496 { "Hardware ID", "erspan.hw", FT_UINT16, BASE_DEC, NULL,
497 0x03f0, NULL, HFILL }},
498
499 { &hf_erspan_gra,
500 { "Timestamp granularity", "erspan.gra", FT_UINT16, BASE_DEC, VALS(erspan_granularity_vals),
501 0x0006, NULL, HFILL }},
502
503 { &hf_erspan_direction,
504 { "Direction", "erspan.direction", FT_BOOLEAN, 16, TFS(&tfs_direction),
505 0x0008, NULL, HFILL }},
506
507 { &hf_erspan_o,
508 { "Optional Sub headers", "erspan.o", FT_UINT16, BASE_DEC, NULL,
509 0x0001, NULL, HFILL }},
510
511 /* Sub-header Fields, optional */
512 { &hf_erspan_platid,
513 { "Platform ID", "erspan.platid", FT_UINT32, BASE_DEC, NULL,
514 0xfc000000, NULL, HFILL }},
515
516 /* ID = 1 */
517 { &hf_erspan_pid1_rsvd1,
518 { "Reserved", "erspan.pid1.rsvd1", FT_UINT32, BASE_DEC, NULL,
519 0x03fff000, NULL, HFILL }},
520
521 { &hf_erspan_pid1_domain_id,
522 { "VSM Domain ID", "erspan.pid1.vsmid", FT_UINT32, BASE_DEC, NULL,
523 0x00000fff, NULL, HFILL }},
524
525 { &hf_erspan_pid1_port_index,
526 { "Port ID/Index", "erspan.pid1.port_index", FT_UINT32, BASE_DEC, NULL,
527 0x0, NULL, HFILL }},
528
529 /* ID = 3 */
530 { &hf_erspan_pid3_rsvd1,
531 { "Reserved", "erspan.pid3.rsvd1", FT_UINT32, BASE_DEC, NULL,
532 0x03ffc000, NULL, HFILL }},
533
534 { &hf_erspan_pid3_port_index,
535 { "Port ID/Index", "erspan.pid3.port_index", FT_UINT32, BASE_DEC, NULL,
536 0x00003fff, NULL, HFILL }},
537
538 { &hf_erspan_pid3_timestamp,
539 { "Upper 32-bit Timestamp", "erspan.pid3.timestamp", FT_UINT32, BASE_DEC, NULL,
540 0x0, NULL, HFILL }},
541
542 /* ID = 4 */
543 { &hf_erspan_pid4_rsvd1,
544 { "Reserved", "erspan.pid4.rsvd1", FT_UINT32, BASE_DEC, NULL,
545 0x03ffc000, NULL, HFILL }},
546
547 { &hf_erspan_pid4_rsvd2,
548 { "Reserved", "erspan.pid4.rsvd2", FT_UINT32, BASE_DEC, NULL,
549 0x00003fff, NULL, HFILL }},
550
551 { &hf_erspan_pid4_rsvd3,
552 { "Reserved", "erspan.pid4.rsvd3", FT_UINT32, BASE_DEC, NULL,
553 0xffffffff, NULL, HFILL }},
554
555 /* ID = 5 or 6 */
556 { &hf_erspan_pid5_switchid,
557 { "Switch ID", "erspan.pid5.switchid", FT_UINT32, BASE_DEC, NULL,
558 0x03ff0000, NULL, HFILL }},
559
560 { &hf_erspan_pid5_port_index,
561 { "Port ID/Index", "erspan.pid5.port_index", FT_UINT32, BASE_DEC, NULL,
562 0x0000ffff, NULL, HFILL }},
563
564 { &hf_erspan_pid5_timestamp,
565 { "Timestamp (seconds)", "erspan.pid5.timestamp", FT_UINT32, BASE_DEC, NULL,
566 0x0, NULL, HFILL }},
567
568 /* ID = 7 (or 0) */
569 { &hf_erspan_pid7_rsvd1,
570 { "Reserved", "erspan.pid7.rsvd1", FT_UINT32, BASE_DEC, NULL,
571 0x03f00000, NULL, HFILL }},
572
573 { &hf_erspan_pid7_source_index,
574 { "Source Index", "erspan.pid7.source_index", FT_UINT32, BASE_DEC, NULL,
575 0x000fffff, NULL, HFILL }},
576
577 { &hf_erspan_pid7_timestamp,
578 { "Upper 32-bit Timestamp", "erspan.pid7.timestamp", FT_UINT32, BASE_DEC, NULL,
579 0x0, NULL, HFILL }},
580
581 /* Reserved */
582 { &hf_erspan_pid_rsvd,
583 { "Reserved", "erspan.pid.rsvd", FT_UINT64, BASE_DEC, NULL,
584 0x03ffffff, NULL, HFILL }},
585
586 };
587
588 static int *ett[] = {
589 &ett_erspan,
590 };
591
592 static ei_register_info ei[] = {
593 { &ei_erspan_version_unknown, { "erspan.version.unknown", PI_UNDECODED, PI_WARN, "Unknown version, please report or test to use fake ERSPAN preference", EXPFILL }},
594 };
595
596 proto_erspan = proto_register_protocol(PROTO_LONG_NAME, PROTO_SHORT_NAME, "erspan");
597 proto_register_field_array(proto_erspan, hf, array_length(hf));
598 proto_register_subtree_array(ett, array_length(ett));
599 expert_erspan = expert_register_protocol(proto_erspan);
600 expert_register_field_array(expert_erspan, ei, array_length(ei));
601
602 register_dissector("erspan", dissect_erspan, proto_erspan);
603 }
604
605 void
606 proto_reg_handoff_erspan(void)
607 {
608 dissector_handle_t erspan_88BE_handle;
609 dissector_handle_t erspan_22EB_handle;
610
611 ethnofcs_handle = find_dissector_add_dependency("eth_withoutfcs", proto_erspan);
612
613 erspan_88BE_handle = create_dissector_handle(dissect_erspan_88BE, proto_erspan);
614 dissector_add_uint("gre.proto", GRE_ERSPAN_88BE, erspan_88BE_handle);
615 erspan_22EB_handle = create_dissector_handle(dissect_erspan_22EB, proto_erspan);
616 dissector_add_uint("gre.proto", GRE_ERSPAN_22EB, erspan_22EB_handle);
617
618 }
619
620 /*
621 * Editor modelines - https://www.wireshark.org/tools/modelines.html
622 *
623 * Local variables:
624 * c-basic-offset: 8
625 * tab-width: 8
626 * indent-tabs-mode: t
627 * End:
628 *
629 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
630 * :indentSize=8:tabSize=8:noTabs=false:
631 */
Metzes wireshark repo