search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-hp-erm.c
bloba504834bf99ccd765ff3fc4edf4d106031b701fc
1 /* packet-hp-erm.c
2 * Routines for the disassembly of HP ProCurve encapsulated remote mirroring frames
3 * (Adapted from packet-cisco-erspan.c and packet-vlan.c)
4 *
5 * Copyright 2010 2012 William Meier <wmeier [AT] newsguy.com>,
6 * Zdravko Velinov <z.velinov [AT] vkv5.com>
7 *
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
11 *
12 * SPDX-License-Identifier: GPL-2.0-or-later
13 */
14
15 /*
16 * For some information on HP Procurve encapsulated remote mirroring see
17 * "Traffic Mirroring" in Appendix B of the HP manual
18 * "Management and Configuration Guide for the ProCurve Series
19 * 3500, 3500yl, 5400zl, 6200yl, 6600, and 8200zl Switches (September 2009)"
20 *
21 * Format:
22 * The above manual indicates that the encapsulatedmirrored frame is transmitted
23 * on the network as a [UDP] packet which has 54 bytes preceding the mirrored frame.
24 * Examining a sample capture shows that this means that the data payload
25 * of the UDP packet consists of a 12 byte "header" followed by the
26 * bytes of the mirrored frame.
27 *
28 * After some additional tests, which involved injecting 802.1Q frames with
29 * different priorities and VLAN identifiers. It was determined that the HP
30 * ERM header has a part inside its header that closely resembles the 802.1Q
31 * header. The only difference is the priority numbering.
32 */
33
34 #include "config.h"
35
36 #include <epan/packet.h>
37 #include <epan/tfs.h>
38 #include <wsutil/array.h>
39
40 void proto_register_hp_erm(void);
41 void proto_reg_handoff_hp_erm(void);
42
43 static dissector_handle_t hp_erm_handle;
44
45 #define PROTO_SHORT_NAME "HP_ERM"
46 #define PROTO_LONG_NAME "HP encapsulated remote mirroring"
47
48 static int proto_hp_erm;
49 static int ett_hp_erm;
50 static int hf_hp_erm_unknown1;
51 static int hf_hp_erm_unknown2;
52 static int hf_hp_erm_unknown3;
53 static int hf_hp_erm_priority;
54 static int hf_hp_erm_cfi;
55 static int hf_hp_erm_vlan;
56 static int hf_hp_erm_is_tagged;
57
58 static const value_string hp_erm_pri_vals[] = {
59 { 0, "Background" },
60 { 1, "Spare" },
61 { 2, "Best Effort (default)" },
62 { 3, "Excellent Effort" },
63 { 4, "Controlled Load" },
64 { 5, "Video, < 100ms latency and jitter" },
65 { 6, "Voice, < 10ms latency and jitter" },
66 { 7, "Network Control" },
67 { 0, NULL }
68 };
69
70 static const true_false_string hp_erm_canonical = { "Non-canonical", "Canonical" };
71
72 static dissector_handle_t eth_withoutfcs_handle;
73
74 static int
75 dissect_hp_erm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
76 {
77 proto_item *ti;
78 proto_tree *hp_erm_tree;
79 tvbuff_t *eth_tvb;
80 int offset = 0;
81 static int * const flags[] = {
82 &hf_hp_erm_unknown2,
83 &hf_hp_erm_priority,
84 &hf_hp_erm_cfi,
85 &hf_hp_erm_vlan,
86 &hf_hp_erm_is_tagged,
87 &hf_hp_erm_unknown3,
88 NULL
89 };
90
91 col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_SHORT_NAME);
92 col_set_str(pinfo->cinfo, COL_INFO, PROTO_SHORT_NAME ":");
93
94 ti = proto_tree_add_item(tree, proto_hp_erm, tvb, 0, -1, ENC_NA);
95 hp_erm_tree = proto_item_add_subtree(ti, ett_hp_erm);
96
97 proto_tree_add_item(hp_erm_tree, hf_hp_erm_unknown1, tvb, offset, 8, ENC_NA);
98 offset += 8;
99
100 proto_tree_add_bitmask_list(hp_erm_tree, tvb, offset, 4, flags, ENC_BIG_ENDIAN);
101 offset += 4;
102
103 eth_tvb = tvb_new_subset_remaining(tvb, offset);
104 call_dissector(eth_withoutfcs_handle, eth_tvb, pinfo, tree);
105 return tvb_captured_length(tvb);
106 }
107
108 void
109 proto_register_hp_erm(void)
110 {
111 static hf_register_info hf[] = {
112
113 { &hf_hp_erm_unknown1,
114 { "Unknown1", "hp_erm.unknown1", FT_BYTES, BASE_NONE, NULL,
115 0x0, NULL, HFILL }},
116
117 { &hf_hp_erm_unknown2,
118 { "Unknown2", "hp_erm.unknown2", FT_UINT32, BASE_DEC, NULL,
119 0xFF000000, NULL, HFILL }},
120
121 { &hf_hp_erm_priority,
122 { "Priority", "hp_erm.priority", FT_UINT32, BASE_DEC, VALS(hp_erm_pri_vals),
123 0x00E00000, NULL, HFILL }},
124
125 { &hf_hp_erm_cfi,
126 { "CFI", "hp_erm.cfi", FT_BOOLEAN, 32, TFS(&hp_erm_canonical),
127 0x00100000, NULL, HFILL }},
128
129 { &hf_hp_erm_vlan,
130 { "Vlan", "hp_erm.vlan", FT_UINT32, BASE_DEC, NULL,
131 0x000FFF00, NULL, HFILL }},
132
133 { &hf_hp_erm_is_tagged,
134 { "Is_Tagged", "hp_erm.is_tagged", FT_BOOLEAN, 32, TFS(&tfs_yes_no),
135 0x00000080, NULL, HFILL }},
136
137 { &hf_hp_erm_unknown3,
138 { "Unknown3", "hp_erm.unknown3", FT_UINT32, BASE_DEC, NULL,
139 0x0000007F, NULL, HFILL }}
140 };
141
142 static int *ett[] = {
143 &ett_hp_erm,
144 };
145
146 proto_hp_erm = proto_register_protocol(PROTO_LONG_NAME, PROTO_SHORT_NAME, "hp_erm");
147
148 proto_register_field_array(proto_hp_erm, hf, array_length(hf));
149 proto_register_subtree_array(ett, array_length(ett));
150
151 hp_erm_handle = register_dissector("hp_erm", dissect_hp_erm, proto_hp_erm);
152 }
153
154 void
155 proto_reg_handoff_hp_erm(void)
156 {
157 eth_withoutfcs_handle = find_dissector_add_dependency("eth_withoutfcs", proto_hp_erm);
158 dissector_add_for_decode_as_with_preference("udp.port", hp_erm_handle);
159 }
160 /*
161 * Editor modelines
162 *
163 * Local Variables:
164 * c-basic-offset: 4
165 * tab-width: 8
166 * indent-tabs-mode: nil
167 * End:
168 *
169 * ex: set shiftwidth=4 tabstop=8 expandtab:
170 * :indentSize=4:tabSize=8:noTabs=true:
171 */
Metzes wireshark repo