search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-ismp.c
blob7a0062ee8996f1da1686b2aee47e57f1b98a3752
1 /* packet-ismp.c
2 * Routines for ISMP dissection
3 * Enterasys Networks Home: http://www.enterasys.com/
4 * Copyright 2003, Joshua Craig Douglas <jdouglas@enterasys.com>
5 *
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
9 *
10 * SPDX-License-Identifier: GPL-2.0-or-later
11 */
12
13 #include "config.h"
14
15 #include <epan/packet.h>
16 #include <epan/expert.h>
17 #include <epan/to_str.h>
18 #include <epan/etypes.h>
19 #include <epan/addr_resolv.h>
20 #include <epan/tfs.h>
21 #include <wsutil/array.h>
22
23 void proto_register_ismp(void);
24 void proto_reg_handoff_ismp(void);
25
26 static dissector_handle_t ismp_handle;
27
28 /* Initialize the protocol and registered fields */
29 static int proto_ismp;
30 static int hf_ismp_version;
31 static int hf_ismp_message_type;
32 static int hf_ismp_seq_num;
33 static int hf_ismp_code_length;
34 static int hf_ismp_auth_data;
35
36 /* Enterasys/Cabletron Discovery Protocol fields*/
37 static int hf_ismp_edp;
38 static int hf_ismp_edp_version;
39 static int hf_ismp_edp_module_ip;
40 static int hf_ismp_edp_module_mac;
41 static int hf_ismp_edp_module_port;
42 static int hf_ismp_edp_chassis_mac;
43 static int hf_ismp_edp_chassis_ip;
44 static int hf_ismp_edp_device_type;
45 static int hf_ismp_edp_module_rev;
46 static int hf_ismp_edp_options;
47 static int hf_ismp_edp_sfs_option_unused1;
48 static int hf_ismp_edp_sfs_option_sfssup;
49 static int hf_ismp_edp_sfs_option_lsp;
50 static int hf_ismp_edp_sfs_option_flood;
51 static int hf_ismp_edp_sfs_option_resolve;
52 static int hf_ismp_edp_sfs_option_unused2;
53 static int hf_ismp_edp_sfs_option_tagflood;
54 static int hf_ismp_edp_sfs_option_calltap;
55 static int hf_ismp_edp_sfs_option_conmsg;
56 static int hf_ismp_edp_sfs_option_redun;
57 static int hf_ismp_edp_sfs_option_isolated;
58 static int hf_ismp_edp_sfs_option_uplink_switch;
59 static int hf_ismp_edp_sfs_option_uplink_core;
60 static int hf_ismp_edp_sfs_option_uplink_port;
61 static int hf_ismp_edp_sfs_option_uplink_flood;
62 static int hf_ismp_edp_rtr_option_ssr;
63 static int hf_ismp_edp_rtr_option_igmp;
64 static int hf_ismp_edp_rtr_option_rip;
65 static int hf_ismp_edp_rtr_option_bgp;
66 static int hf_ismp_edp_rtr_option_ospf;
67 static int hf_ismp_edp_rtr_option_dvmrp;
68 static int hf_ismp_edp_rtr_option_8021q;
69 static int hf_ismp_edp_rtr_option_gvrp;
70 static int hf_ismp_edp_rtr_option_gmrp;
71 static int hf_ismp_edp_rtr_option_igmp_snoop;
72 static int hf_ismp_edp_rtr_option_route;
73 static int hf_ismp_edp_rtr_option_trans;
74 static int hf_ismp_edp_rtr_option_level1;
75 static int hf_ismp_edp_switch_option_8021q;
76 static int hf_ismp_edp_switch_option_gvrp;
77 static int hf_ismp_edp_switch_option_gmrp;
78 static int hf_ismp_edp_switch_option_igmp;
79 static int hf_ismp_edp_switch_option_route;
80 static int hf_ismp_edp_switch_option_trans;
81 static int hf_ismp_edp_switch_option_level1;
82 static int hf_ismp_edp_end_station_option_dhcp;
83 static int hf_ismp_edp_end_station_option_dns;
84 static int hf_ismp_edp_end_station_option_ad;
85 static int hf_ismp_edp_num_neighbors;
86 static int hf_ismp_edp_neighbors;
87 static int hf_ismp_edp_num_tuples;
88 static int hf_ismp_edp_tuples;
89 /* Generated from convert_proto_tree_add_text.pl */
90 static int hf_ismp_assigned_neighbor_state;
91 static int hf_ismp_hold_time;
92 static int hf_ismp_interface_name;
93 static int hf_ismp_tuple_length;
94 static int hf_ismp_neighborhood_mac_address;
95 static int hf_ismp_unknown_tuple_data;
96 static int hf_ismp_tuple_type;
97 static int hf_ismp_system_description;
98 static int hf_ismp_interface_ipx_address;
99
100
101 /* Initialize the subtree pointers */
102 static int ett_ismp;
103 static int ett_ismp_edp;
104 static int ett_ismp_edp_options;
105 static int ett_ismp_edp_neighbors;
106 static int ett_ismp_edp_neighbors_leaf;
107 static int ett_ismp_edp_tuples;
108 static int ett_ismp_edp_tuples_leaf;
109
110 static expert_field ei_ismp_malformed;
111
112 /* ISMP TYPES */
113 #define ISMPTYPE_EDP 2
114
115
116 /* EDP DEVICE TYPES */
117 #define EDP_DEVICE_TYPE_SFS17 1
118 #define EDP_DEVICE_TYPE_SFS18 2
119 #define EDP_DEVICE_TYPE_ROUTER 3
120 #define EDP_DEVICE_TYPE_BRIDGE 4
121 #define EDP_DEVICE_TYPE_VLANMAN 5
122 #define EDP_DEVICE_TYPE_NTSERVER 6
123 #define EDP_DEVICE_TYPE_NTCLIENT 7
124 #define EDP_DEVICE_TYPE_WIN95 8
125 #define EDP_DEVICE_TYPE_WIN98 9
126 #define EDP_DEVICE_TYPE_UNIXSERVER 10
127 #define EDP_DEVICE_TYPE_UNIXCLIENT 11
128 #define EDP_DEVICE_TYPE_ACCESSPOINT 12
129
130
131 static const value_string edp_device_types[] = {
132 { EDP_DEVICE_TYPE_SFS17, "Network Switch running SecureFast version 1.7 or lower" },
133 { EDP_DEVICE_TYPE_SFS18, "Network Switch running SecureFast version 1.8 or greater" },
134 { EDP_DEVICE_TYPE_ROUTER, "Router" },
135 { EDP_DEVICE_TYPE_BRIDGE, "Bridge" },
136 { EDP_DEVICE_TYPE_VLANMAN, "Cabletron VLAN Manager" },
137 { EDP_DEVICE_TYPE_NTSERVER, "Network Server (NT)" },
138 { EDP_DEVICE_TYPE_NTCLIENT, "Network Workstation (NT)" },
139 { EDP_DEVICE_TYPE_WIN95, "Windows95" },
140 { EDP_DEVICE_TYPE_WIN98, "Windows98" },
141 { EDP_DEVICE_TYPE_UNIXSERVER, "UNIX Server" },
142 { EDP_DEVICE_TYPE_UNIXCLIENT, "UNIX Workstation" },
143 { EDP_DEVICE_TYPE_ACCESSPOINT, "Roamabout wireless access point" },
144 { 0, NULL },
145 };
146
147
148 /* EDP SFS Options */
149 #define EDP_SFS_OPTION_UNUSED1 0x00000001
150 #define EDP_SFS_OPTION_SFSSUP 0x00000002
151 #define EDP_SFS_OPTION_LSP 0x00000004
152 #define EDP_SFS_OPTION_FLOOD 0x00000008
153 #define EDP_SFS_OPTION_RESOLVE 0x00000010
154 #define EDP_SFS_OPTION_UNUSED2 0x00000020
155 #define EDP_SFS_OPTION_TAGFLOOD 0x00000040
156 #define EDP_SFS_OPTION_CALLTAP 0x00000080
157 #define EDP_SFS_OPTION_CONMSG 0x00000100
158 #define EDP_SFS_OPTION_REDUN 0x00000200
159 #define EDP_SFS_OPTION_ISOLATED 0x00000400
160 #define EDP_SFS_OPTION_UPLINK_SWITCH 0x00000800
161 #define EDP_SFS_OPTION_UPLINK_CORE 0x00001000
162 #define EDP_SFS_OPTION_UPLINK_PORT 0x00002000
163 #define EDP_SFS_OPTION_UPLINK_FLOOD 0x00004000
164
165 /* EDP Router Options */
166 #define EDP_RTR_OPTION_SSR 0x00000001
167 #define EDP_RTR_OPTION_IGMP 0x00000002
168 #define EDP_RTR_OPTION_RIP 0x00000004
169 #define EDP_RTR_OPTION_BGP 0x00000008
170 #define EDP_RTR_OPTION_OSPF 0x00000010
171 #define EDP_RTR_OPTION_DVMRP 0x00000020
172 #define EDP_RTR_OPTION_8021Q 0x00000040
173 #define EDP_RTR_OPTION_GVRP 0x00000080
174 #define EDP_RTR_OPTION_GMRP 0x00000100
175 #define EDP_RTR_OPTION_IGMP_SNOOP 0x00000200
176 #define EDP_RTR_OPTION_ROUTE 0x00000400
177 #define EDP_RTR_OPTION_TRANS 0x00000800
178 #define EDP_RTR_OPTION_LEVEL1 0x00001000
179
180 /* EDP Switch Options */
181 #define EDP_SWITCH_OPTION_8021Q 0x00000001
182 #define EDP_SWITCH_OPTION_GVRP 0x00000002
183 #define EDP_SWITCH_OPTION_GMRP 0x00000004
184 #define EDP_SWITCH_OPTION_IGMP 0x00000008
185 #define EDP_SWITCH_OPTION_ROUTE 0x00000010
186 #define EDP_SWITCH_OPTION_TRANS 0x00000020
187 #define EDP_SWITCH_OPTION_LEVEL1 0x00000040
188
189 /* EDP End Station and Server Options */
190 #define EDP_END_STATION_OPTION_DHCP 0x1
191 #define EDP_END_STATION_OPTION_DNS 0x2
192 #define EDP_END_STATION_OPTION_AD 0x4
193
194 /* EDP Tuple Types */
195 #define EDP_TUPLE_UNKNOWN 0
196 #define EDP_TUPLE_HOLD 1
197 #define EDP_TUPLE_INT_NAME 2
198 #define EDP_TUPLE_SYS_DESCRIPT 3
199 #define EDP_TUPLE_IPX_ADDR 4
200
201 static const value_string edp_tuple_types[] =
202 {
203 { EDP_TUPLE_UNKNOWN,"Unknown" },
204 { EDP_TUPLE_HOLD,"Hold Time" },
205 { EDP_TUPLE_INT_NAME,"Interface Name" },
206 { EDP_TUPLE_SYS_DESCRIPT,"System Description" },
207 { EDP_TUPLE_IPX_ADDR,"IPX Address" },
208 { 0,NULL }
209 };
210
211 static char*
212 ipx_addr_to_str(wmem_allocator_t *scope, const uint32_t net, const uint8_t *ad)
213 {
214 char *buf;
215 const char *name;
216
217 name = get_ether_name_if_known(ad);
218
219 if (name) {
220 buf = wmem_strdup_printf(scope, "%s.%s",
221 get_ipxnet_name(scope, net),
222 name);
223 }
224 else {
225 buf = wmem_strdup_printf(scope, "%s.%s",
226 get_ipxnet_name(scope, net),
227 bytes_to_str_punct(scope, ad, 6, '\0'));
228 }
229 return buf;
230 }
231
232 /* Function to dissect EDP portion of ISMP message */
233 static void
234 dissect_ismp_edp(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *ismp_tree)
235 {
236 /* local variables used for EDP dissection */
237 int neighbors_count = 0;
238 int tuples_count = 0;
239 uint16_t device_type = 0;
240 uint16_t num_neighbors = 0;
241 uint16_t num_tuples = 0;
242 uint16_t tuple_type = 0;
243 uint32_t tuple_length = 0;
244 char* ipx_addr_str;
245
246 /* Set up structures needed to add the protocol subtree and manage it */
247 proto_item *edp_ti;
248 proto_tree *edp_tree;
249
250 proto_item *edp_neighbors_ti;
251 proto_tree *edp_neighbors_tree;
252
253 proto_tree *edp_neighbors_leaf_tree;
254
255 proto_item *edp_tuples_ti;
256 proto_tree *edp_tuples_tree;
257
258 proto_tree *edp_tuples_leaf_tree;
259
260 /* add column information marking this as EDP (Enterasys Discover Protocol */
261 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ISMP.EDP");
262 col_clear(pinfo->cinfo, COL_INFO);
263
264 /* create display subtree for EDP */
265 edp_ti = proto_tree_add_item(ismp_tree, hf_ismp_edp, tvb, offset, -1, ENC_NA);
266 edp_tree = proto_item_add_subtree(edp_ti, ett_ismp_edp);
267
268 col_add_fstr(pinfo->cinfo, COL_INFO, "MIP %s, MMAC %s, ifIdx %d",
269 tvb_ip_to_str(pinfo->pool, tvb, offset+2),
270 tvb_ether_to_str(pinfo->pool, tvb, offset+6),
271 tvb_get_ntohl(tvb, offset+12));
272
273 proto_tree_add_item(edp_tree, hf_ismp_edp_version, tvb, offset, 2, ENC_BIG_ENDIAN);
274 offset += 2;
275 proto_tree_add_item(edp_tree, hf_ismp_edp_module_ip, tvb, offset, 4, ENC_BIG_ENDIAN);
276 offset += 4;
277 proto_tree_add_item(edp_tree, hf_ismp_edp_module_mac, tvb, offset, 6, ENC_NA);
278 offset += 6;
279 proto_tree_add_item(edp_tree, hf_ismp_edp_module_port, tvb, offset, 4, ENC_BIG_ENDIAN);
280 offset += 4;
281 proto_tree_add_item(edp_tree, hf_ismp_edp_chassis_mac, tvb, offset, 6, ENC_NA);
282 offset += 6;
283 proto_tree_add_item(edp_tree, hf_ismp_edp_chassis_ip, tvb, offset, 4, ENC_BIG_ENDIAN);
284 offset += 4;
285 device_type = tvb_get_ntohs(tvb, offset);
286 proto_tree_add_item(edp_tree, hf_ismp_edp_device_type, tvb, offset, 2, ENC_BIG_ENDIAN);
287 offset += 2;
288 proto_tree_add_uint_format_value(edp_tree, hf_ismp_edp_module_rev, tvb, offset, 4, tvb_get_ntohl(tvb, offset),
289 "%02x.%02x.%02x.%02x", tvb_get_uint8(tvb, offset),
290 tvb_get_uint8(tvb, offset+1), tvb_get_uint8(tvb, offset+2), tvb_get_uint8(tvb, offset+3));
291 offset += 4;
292
293 /* depending on device_type, show the appropriate options */
294 switch (device_type) {
295 case EDP_DEVICE_TYPE_SFS17:
296 case EDP_DEVICE_TYPE_SFS18:
297 {
298 static int * const options[] = {
299 &hf_ismp_edp_sfs_option_uplink_flood,
300 &hf_ismp_edp_sfs_option_uplink_port,
301 &hf_ismp_edp_sfs_option_uplink_core,
302 &hf_ismp_edp_sfs_option_uplink_switch,
303 &hf_ismp_edp_sfs_option_isolated,
304 &hf_ismp_edp_sfs_option_redun,
305 &hf_ismp_edp_sfs_option_conmsg,
306 &hf_ismp_edp_sfs_option_calltap,
307 &hf_ismp_edp_sfs_option_tagflood,
308 &hf_ismp_edp_sfs_option_unused2,
309 &hf_ismp_edp_sfs_option_resolve,
310 &hf_ismp_edp_sfs_option_flood,
311 &hf_ismp_edp_sfs_option_lsp,
312 &hf_ismp_edp_sfs_option_sfssup,
313 &hf_ismp_edp_sfs_option_unused1,
314 NULL
315 };
316 proto_tree_add_bitmask(edp_tree, tvb, offset, hf_ismp_edp_options, ett_ismp_edp_options, options, ENC_BIG_ENDIAN);
317 }
318 break;
319 case EDP_DEVICE_TYPE_ROUTER:
320 {
321 static int * const options[] = {
322 &hf_ismp_edp_rtr_option_level1,
323 &hf_ismp_edp_rtr_option_trans,
324 &hf_ismp_edp_rtr_option_route,
325 &hf_ismp_edp_rtr_option_igmp_snoop,
326 &hf_ismp_edp_rtr_option_gmrp,
327 &hf_ismp_edp_rtr_option_gvrp,
328 &hf_ismp_edp_rtr_option_8021q,
329 &hf_ismp_edp_rtr_option_dvmrp,
330 &hf_ismp_edp_rtr_option_ospf,
331 &hf_ismp_edp_rtr_option_bgp,
332 &hf_ismp_edp_rtr_option_rip,
333 &hf_ismp_edp_rtr_option_igmp,
334 &hf_ismp_edp_rtr_option_ssr,
335 NULL
336 };
337
338 proto_tree_add_bitmask(edp_tree, tvb, offset, hf_ismp_edp_options, ett_ismp_edp_options, options, ENC_BIG_ENDIAN);
339 }
340 break;
341 case EDP_DEVICE_TYPE_BRIDGE:
342 {
343 static int * const options[] = {
344 &hf_ismp_edp_switch_option_level1,
345 &hf_ismp_edp_switch_option_trans,
346 &hf_ismp_edp_switch_option_route,
347 &hf_ismp_edp_switch_option_igmp,
348 &hf_ismp_edp_switch_option_gmrp,
349 &hf_ismp_edp_switch_option_gvrp,
350 &hf_ismp_edp_switch_option_8021q,
351 NULL
352 };
353
354 proto_tree_add_bitmask(edp_tree, tvb, offset, hf_ismp_edp_options, ett_ismp_edp_options, options, ENC_BIG_ENDIAN);
355 }
356 break;
357 case EDP_DEVICE_TYPE_NTSERVER:
358 case EDP_DEVICE_TYPE_NTCLIENT:
359 case EDP_DEVICE_TYPE_WIN95:
360 case EDP_DEVICE_TYPE_WIN98:
361 case EDP_DEVICE_TYPE_UNIXSERVER:
362 case EDP_DEVICE_TYPE_UNIXCLIENT:
363 {
364 static int * const options[] = {
365 &hf_ismp_edp_end_station_option_ad,
366 &hf_ismp_edp_end_station_option_dns,
367 &hf_ismp_edp_end_station_option_dhcp,
368 NULL
369 };
370
371 proto_tree_add_bitmask(edp_tree, tvb, offset, hf_ismp_edp_options, ett_ismp_edp_options, options, ENC_BIG_ENDIAN);
372 }
373 break;
374 case EDP_DEVICE_TYPE_VLANMAN:
375 case EDP_DEVICE_TYPE_ACCESSPOINT:
376 default:
377 proto_tree_add_item(edp_tree, hf_ismp_edp_options, tvb, offset, 4, ENC_BIG_ENDIAN);
378 break;
379 }
380 offset += 4;
381
382 /* determine the number of neighbors and create EDP neighbors subtree */
383 num_neighbors = tvb_get_ntohs(tvb, offset);
384 proto_tree_add_item(edp_tree, hf_ismp_edp_num_neighbors, tvb, offset, 2, ENC_BIG_ENDIAN);
385 offset += 2;
386 if (num_neighbors > 0)
387 {
388 edp_neighbors_ti = proto_tree_add_item(edp_tree, hf_ismp_edp_neighbors, tvb,
389 offset, num_neighbors*10, ENC_NA);
390 edp_neighbors_tree = proto_item_add_subtree(edp_neighbors_ti, ett_ismp_edp_neighbors);
391 while ( neighbors_count < num_neighbors && tvb_reported_length_remaining(tvb, offset) >= 10)
392 {
393 edp_neighbors_leaf_tree = proto_tree_add_subtree_format(edp_neighbors_tree, tvb, offset, 10,
394 ett_ismp_edp_neighbors_leaf, NULL, "Neighbor%d", (neighbors_count+1));
395
396 proto_tree_add_item(edp_neighbors_leaf_tree, hf_ismp_neighborhood_mac_address, tvb, offset, 6, ENC_NA);
397 proto_tree_add_item(edp_neighbors_leaf_tree, hf_ismp_assigned_neighbor_state, tvb, offset, 4, ENC_BIG_ENDIAN);
398 offset += 10;
399 neighbors_count++;
400 }
401 if (neighbors_count != num_neighbors)
402 {
403 proto_tree_add_expert(edp_tree, pinfo, &ei_ismp_malformed, tvb, offset, -1);
404 return;
405 }
406 }
407
408 /* determine data remains, if so, count tuples
409 and create EDP tuples subtree */
410 if (tvb_reported_length_remaining(tvb, offset) != 0 &&
411 tvb_reported_length_remaining(tvb, offset) >= 2)
412 {
413 num_tuples = tvb_get_ntohs(tvb, offset);
414 proto_tree_add_item(edp_tree, hf_ismp_edp_num_tuples, tvb, offset, 2, ENC_BIG_ENDIAN);
415 offset += 2;
416 }
417 else if (tvb_reported_length_remaining(tvb, offset) > 0) {
418 proto_tree_add_expert(edp_tree, pinfo, &ei_ismp_malformed, tvb, offset, -1);
419 return;
420 }
421 else
422 {
423 return;
424 }
425
426 /* start populating tuple information */
427 if (num_tuples && tvb_reported_length_remaining(tvb, offset) >= 4)
428 {
429 edp_tuples_ti = proto_tree_add_bytes_format(edp_tree, hf_ismp_edp_tuples, tvb,
430 offset, -1, NULL, "Tuples");
431 edp_tuples_tree = proto_item_add_subtree(edp_tuples_ti, ett_ismp_edp_tuples);
432
433 while ( (tuples_count < num_tuples) && (tvb_reported_length_remaining(tvb, offset) >= 4) )
434 {
435
436 edp_tuples_leaf_tree = proto_tree_add_subtree_format(edp_tuples_tree, tvb, offset, 4,
437 ett_ismp_edp_tuples_leaf, NULL, "Tuple%d", tuples_count+1);
438
439 tuple_type = tvb_get_ntohs(tvb, offset);
440 proto_tree_add_item(edp_tuples_leaf_tree, hf_ismp_tuple_type, tvb, offset, 2, ENC_BIG_ENDIAN);
441 offset += 2;
442 proto_tree_add_item_ret_uint(edp_tuples_leaf_tree, hf_ismp_tuple_length, tvb, offset, 2, ENC_BIG_ENDIAN, &tuple_length);
443 if (tuple_length < 4) {
444 proto_tree_add_expert(edp_tree, pinfo, &ei_ismp_malformed, tvb, offset, 2);
445 return;
446 }
447 offset += 2;
448 proto_item_set_len(edp_tuples_leaf_tree, tuple_length);
449 tuple_length -= 4;
450
451 if ((unsigned)tvb_reported_length_remaining(tvb, offset) >= tuple_length)
452 {
453 switch (tuple_type)
454 {
455 case EDP_TUPLE_HOLD:
456 proto_tree_add_item(edp_tuples_leaf_tree, hf_ismp_hold_time, tvb, offset, tuple_length, ENC_BIG_ENDIAN);
457 break;
458 case EDP_TUPLE_INT_NAME:
459 proto_tree_add_item(edp_tuples_leaf_tree, hf_ismp_interface_name, tvb, offset, tuple_length, ENC_NA|ENC_ASCII);
460 col_append_fstr(pinfo->cinfo, COL_INFO, ", ifName %s",
461 tvb_format_text(pinfo->pool, tvb, offset, tuple_length));
462 break;
463 case EDP_TUPLE_SYS_DESCRIPT:
464 proto_tree_add_item(edp_tuples_leaf_tree, hf_ismp_system_description, tvb, offset, tuple_length, ENC_NA|ENC_ASCII);
465 break;
466 case EDP_TUPLE_IPX_ADDR:
467 if (tuple_length != 4+6) {
468 proto_tree_add_expert(edp_tree, pinfo, &ei_ismp_malformed, tvb, offset, tuple_length);
469 return;
470 }
471 ipx_addr_str = ipx_addr_to_str(pinfo->pool, tvb_get_ntohl(tvb, offset), tvb_get_ptr(tvb, offset+4, tuple_length-4));
472 proto_tree_add_string(edp_tuples_leaf_tree, hf_ismp_interface_ipx_address ,tvb, offset, tuple_length, ipx_addr_str);
473 break;
474 case EDP_TUPLE_UNKNOWN:
475 default:
476 proto_tree_add_item(edp_tuples_leaf_tree, hf_ismp_unknown_tuple_data, tvb, offset, tuple_length, ENC_NA|ENC_ASCII);
477 break;
478 }
479 }
480 offset += tuple_length;
481
482 tuples_count++;
483 }
484 if (tuples_count != num_tuples)
485 proto_tree_add_expert(edp_tree, pinfo, &ei_ismp_malformed, tvb, offset, -1);
486
487 return;
488 }
489 }
490
491
492 /* Code to actually dissect the packets */
493 static int
494 dissect_ismp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
495 {
496 int offset = 0;
497 uint16_t message_type = 0;
498 uint8_t code_length = 0;
499 uint8_t weird_stuff[3] = { 0x42, 0x42, 0x03 };
500
501 /* Set up structures needed to add the protocol subtree and manage it */
502 proto_item *ti;
503 proto_tree *ismp_tree;
504
505 /* Make entries in Protocol column and Info column on summary display */
506 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ISMP");
507 col_clear(pinfo->cinfo, COL_INFO);
508
509 /*
510 * XXX - I've seen captures with packets that have the ISMP
511 * Ethernet frame type, but with the payload being 0x42 0x42 0x03
512 * followed by what appears to be an ISMP frame.
513 *
514 * 0x4242 is not a valid ISMP version number.
515 */
516 if (tvb_memeql(tvb, offset, weird_stuff, sizeof weird_stuff) == 0)
517 offset += 3; /* skip the weird stuff, for now */
518
519 /* create display subtree for ismp */
520 ti = proto_tree_add_item(tree, proto_ismp, tvb, offset, -1, ENC_NA);
521 ismp_tree = proto_item_add_subtree(ti, ett_ismp);
522
523 /* add an items to the subtree */
524 proto_tree_add_item(ismp_tree, hf_ismp_version, tvb, offset, 2, ENC_BIG_ENDIAN);
525 offset += 2;
526 message_type = tvb_get_ntohs(tvb, offset);
527 proto_tree_add_item(ismp_tree, hf_ismp_message_type, tvb, offset, 2, ENC_BIG_ENDIAN);
528 offset += 2;
529 proto_tree_add_item(ismp_tree, hf_ismp_seq_num, tvb, offset, 2, ENC_BIG_ENDIAN);
530 offset += 2;
531 code_length = tvb_get_uint8(tvb, offset);
532 proto_tree_add_item(ismp_tree, hf_ismp_code_length, tvb, offset, 1, ENC_BIG_ENDIAN);
533 offset += 1;
534 proto_tree_add_item(ismp_tree, hf_ismp_auth_data, tvb, offset, code_length, ENC_NA);
535 offset += code_length;
536
537 /* if Enterasys Discover Protocol, dissect it */
538 if(message_type == ISMPTYPE_EDP)
539 dissect_ismp_edp(tvb, pinfo, offset, tree);
540
541 return tvb_captured_length(tvb);
542 }
543
544
545 /* Register this protocol with Wireshark */
546 void
547 proto_register_ismp(void)
548 {
549
550 /* Setup list of header fields See Section 1.6.1 for details*/
551 static hf_register_info hf[] = {
552 { &hf_ismp_version,
553 { "Version", "ismp.version",
554 FT_UINT16, BASE_DEC, NULL, 0x0,
555 NULL, HFILL }
556 },
557 { &hf_ismp_message_type,
558 { "Message Type", "ismp.msgtype",
559 FT_UINT16, BASE_DEC, NULL, 0x0,
560 NULL, HFILL }
561 },
562 { &hf_ismp_seq_num,
563 { "Sequence Number", "ismp.seqnum",
564 FT_UINT16, BASE_DEC, NULL, 0x0,
565 NULL, HFILL }
566 },
567 { &hf_ismp_code_length,
568 { "Auth Code Length", "ismp.codelen",
569 FT_UINT8, BASE_DEC, NULL, 0x0,
570 NULL, HFILL }
571 },
572 { &hf_ismp_auth_data,
573 { "Auth Data", "ismp.authdata",
574 FT_BYTES, BASE_NONE, NULL, 0x0,
575 NULL, HFILL }
576 },
577 { &hf_ismp_edp,
578 { "EDP", "ismp.edp",
579 FT_PROTOCOL, BASE_NONE, NULL, 0x0,
580 "Enterasys Discovery Protocol", HFILL }
581 },
582 { &hf_ismp_edp_version,
583 { "Version", "ismp.edp.version",
584 FT_UINT16, BASE_DEC, NULL, 0x0,
585 NULL, HFILL }
586 },
587 { &hf_ismp_edp_module_ip,
588 { "Module IP Address", "ismp.edp.modip",
589 FT_IPv4, BASE_NONE, NULL, 0x0,
590 NULL, HFILL }
591 },
592 { &hf_ismp_edp_module_mac,
593 { "Module MAC Address", "ismp.edp.modmac",
594 FT_ETHER, BASE_NONE, NULL, 0x0,
595 NULL, HFILL }
596 },
597 { &hf_ismp_edp_module_port,
598 { "Module Port (ifIndex num)", "ismp.edp.modport",
599 FT_UINT32, BASE_DEC, NULL, 0x0,
600 NULL, HFILL }
601 },
602 { &hf_ismp_edp_chassis_mac,
603 { "Chassis MAC Address", "ismp.edp.chassismac",
604 FT_ETHER, BASE_NONE, NULL, 0x0,
605 NULL, HFILL }
606 },
607 { &hf_ismp_edp_chassis_ip,
608 { "Chassis IP Address", "ismp.edp.chassisip",
609 FT_IPv4, BASE_NONE, NULL, 0x0,
610 NULL, HFILL }
611 },
612 { &hf_ismp_edp_device_type,
613 { "Device Type", "ismp.edp.devtype",
614 FT_UINT16, BASE_DEC, VALS(edp_device_types), 0x0,
615 NULL, HFILL }
616 },
617 { &hf_ismp_edp_module_rev,
618 { "Module Firmware Revision", "ismp.edp.rev",
619 FT_UINT32, BASE_DEC, NULL, 0x0,
620 NULL, HFILL }
621 },
622 { &hf_ismp_edp_options,
623 { "Device Options", "ismp.edp.options",
624 FT_UINT32, BASE_HEX, NULL, 0x0,
625 NULL, HFILL }
626 },
627 { &hf_ismp_edp_sfs_option_unused1,
628 { "Unused", "ismp.edp.sfs_option_unused1",
629 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_UNUSED1,
630 NULL, HFILL }
631 },
632 { &hf_ismp_edp_sfs_option_sfssup,
633 { "SFS Support", "ismp.edp.sfs_option_sfssup",
634 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_SFSSUP,
635 NULL, HFILL }
636 },
637 { &hf_ismp_edp_sfs_option_lsp,
638 { "LSP Support", "ismp.edp.sfs_option_lsp",
639 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_LSP,
640 NULL, HFILL }
641 },
642 { &hf_ismp_edp_sfs_option_flood,
643 { "Flood Path Support", "ismp.edp.sfs_option_flood",
644 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_FLOOD,
645 NULL, HFILL }
646 },
647 { &hf_ismp_edp_sfs_option_resolve,
648 { "Resolve Support", "ismp.edp.sfs_option_resolve",
649 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_RESOLVE,
650 NULL, HFILL }
651 },
652 { &hf_ismp_edp_sfs_option_unused2,
653 { "Unused", "ismp.edp.sfs_option_unused2",
654 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_UNUSED2,
655 NULL, HFILL }
656 },
657 { &hf_ismp_edp_sfs_option_tagflood,
658 { "Tagged Flood Support", "ismp.edp.sfs_option_tagflood",
659 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_TAGFLOOD,
660 NULL, HFILL }
661 },
662 { &hf_ismp_edp_sfs_option_calltap,
663 { "Call Tap Support", "ismp.edp.sfs_option_calltap",
664 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_CALLTAP,
665 NULL, HFILL }
666 },
667 { &hf_ismp_edp_sfs_option_conmsg,
668 { "Connection Message Support", "ismp.edp.sfs_option_conmsg",
669 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_CONMSG,
670 NULL, HFILL }
671 },
672 { &hf_ismp_edp_sfs_option_redun,
673 { "Redundant Access Support", "ismp.edp.sfs_option_redun",
674 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_REDUN,
675 NULL, HFILL }
676 },
677 { &hf_ismp_edp_sfs_option_isolated,
678 { "Isolated Switch", "ismp.edp.sfs_option_isolated",
679 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_ISOLATED,
680 NULL, HFILL }
681 },
682 { &hf_ismp_edp_sfs_option_uplink_switch,
683 { "Uplink Switch", "ismp.edp.sfs_option_uplink_switch",
684 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_UPLINK_SWITCH,
685 NULL, HFILL }
686 },
687 { &hf_ismp_edp_sfs_option_uplink_core,
688 { "Uplink Core", "ismp.edp.sfs_option_uplink_core",
689 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_UPLINK_CORE,
690 NULL, HFILL }
691 },
692 { &hf_ismp_edp_sfs_option_uplink_port,
693 { "Uplink Port", "ismp.edp.sfs_option_uplink_port",
694 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_UPLINK_PORT,
695 NULL, HFILL }
696 },
697 { &hf_ismp_edp_sfs_option_uplink_flood,
698 { "Uplink Flood Support", "ismp.edp.sfs_option_uplink_flood",
699 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SFS_OPTION_UPLINK_FLOOD,
700 NULL, HFILL }
701 },
702 { &hf_ismp_edp_rtr_option_ssr,
703 { "SSR Type Device", "ismp.edp.rtr_option_ssr",
704 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_SSR,
705 NULL, HFILL }
706 },
707 { &hf_ismp_edp_rtr_option_igmp,
708 { "IGMP Active", "ismp.edp.rtr_option_igmp",
709 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_IGMP,
710 NULL, HFILL }
711 },
712 { &hf_ismp_edp_rtr_option_rip,
713 { "RIP Active", "ismp.edp.rtr_option_rip",
714 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_RIP,
715 NULL, HFILL }
716 },
717 { &hf_ismp_edp_rtr_option_bgp,
718 { "BGP Active", "ismp.edp.rtr_option_bgp",
719 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_BGP,
720 NULL, HFILL }
721 },
722 { &hf_ismp_edp_rtr_option_ospf,
723 { "OSPF Active", "ismp.edp.rtr_option_ospf",
724 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_OSPF,
725 NULL, HFILL }
726 },
727 { &hf_ismp_edp_rtr_option_dvmrp,
728 { "DVMRP Active", "ismp.edp.rtr_option_dvmrp",
729 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_DVMRP,
730 NULL, HFILL }
731 },
732 { &hf_ismp_edp_rtr_option_8021q,
733 { "802.1Q Support", "ismp.edp.rtr_option_8021q",
734 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_8021Q,
735 NULL, HFILL }
736 },
737 { &hf_ismp_edp_rtr_option_gvrp,
738 { "GVRP Support", "ismp.edp.rtr_option_gvrp",
739 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_GVRP,
740 NULL, HFILL }
741 },
742 { &hf_ismp_edp_rtr_option_gmrp,
743 { "GMRP Support", "ismp.edp.rtr_option_gmrp",
744 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_GMRP,
745 NULL, HFILL }
746 },
747 { &hf_ismp_edp_rtr_option_igmp_snoop,
748 { "IGMP Snooping Support", "ismp.edp.rtr_option_igmp_snoop",
749 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_IGMP_SNOOP,
750 NULL, HFILL }
751 },
752 { &hf_ismp_edp_rtr_option_route,
753 { "Route Bridging", "ismp.edp.rtr_option_route",
754 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_ROUTE,
755 NULL, HFILL }
756 },
757 { &hf_ismp_edp_rtr_option_trans,
758 { "Transparent Bridging", "ismp.edp.rtr_option_trans",
759 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_TRANS,
760 NULL, HFILL }
761 },
762 { &hf_ismp_edp_rtr_option_level1,
763 { "Level 1 Functionality", "ismp.edp.rtr_option_level1",
764 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_RTR_OPTION_LEVEL1,
765 NULL, HFILL }
766 },
767 { &hf_ismp_edp_switch_option_8021q,
768 { "802.1Q Support", "ismp.edp.switch_option_8021q",
769 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SWITCH_OPTION_8021Q,
770 NULL, HFILL }
771 },
772 { &hf_ismp_edp_switch_option_gvrp,
773 { "GVRP Support", "ismp.edp.switch_option_gvrp",
774 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SWITCH_OPTION_GVRP,
775 NULL, HFILL }
776 },
777 { &hf_ismp_edp_switch_option_gmrp,
778 { "GMRP Support", "ismp.edp.switch_option_gmrp",
779 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SWITCH_OPTION_GMRP,
780 NULL, HFILL }
781 },
782 { &hf_ismp_edp_switch_option_igmp,
783 { "IGMP Snooping Support", "ismp.edp.switch_option_igmp",
784 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SWITCH_OPTION_IGMP,
785 NULL, HFILL }
786 },
787 { &hf_ismp_edp_switch_option_route,
788 { "Route Bridging", "ismp.edp.switch_option_route",
789 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SWITCH_OPTION_ROUTE,
790 NULL, HFILL }
791 },
792 { &hf_ismp_edp_switch_option_trans,
793 { "Transparent Bridging", "ismp.edp.switch_option_trans",
794 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SWITCH_OPTION_TRANS,
795 NULL, HFILL }
796 },
797 { &hf_ismp_edp_switch_option_level1,
798 { "Level 1 Functionality", "ismp.edp.switch_option_level1",
799 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_SWITCH_OPTION_LEVEL1,
800 NULL, HFILL }
801 },
802 { &hf_ismp_edp_end_station_option_dhcp,
803 { "DHCP Enabled", "ismp.edp.end_station_option_dhcp",
804 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_END_STATION_OPTION_DHCP,
805 NULL, HFILL }
806 },
807 { &hf_ismp_edp_end_station_option_dns,
808 { "DNS Enabled", "ismp.edp.end_station_option_dns",
809 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_END_STATION_OPTION_DNS,
810 NULL, HFILL }
811 },
812 { &hf_ismp_edp_end_station_option_ad,
813 { "Active Directory Enabled", "ismp.edp.end_station_option_ad",
814 FT_BOOLEAN, 32, TFS(&tfs_set_notset), EDP_END_STATION_OPTION_AD,
815 NULL, HFILL }
816 },
817 { &hf_ismp_edp_num_neighbors,
818 { "Number of Known Neighbors", "ismp.edp.maccount",
819 FT_UINT16, BASE_DEC, NULL, 0x0,
820 NULL, HFILL }
821 },
822 { &hf_ismp_edp_neighbors,
823 { "Neighbors", "ismp.edp.nbrs",
824 FT_BYTES, BASE_NONE, NULL, 0x0,
825 NULL, HFILL }
826 },
827 { &hf_ismp_edp_num_tuples,
828 { "Number of Tuples", "ismp.edp.numtups",
829 FT_UINT16, BASE_DEC, NULL, 0x0,
830 NULL, HFILL }
831 },
832 { &hf_ismp_edp_tuples,
833 { "Number of Tuples", "ismp.edp.tups",
834 FT_BYTES, BASE_NONE, NULL, 0x0,
835 NULL, HFILL }
836 },
837
838 /* Generated from convert_proto_tree_add_text.pl */
839 { &hf_ismp_neighborhood_mac_address, { "MAC Address", "ismp.neighborhood_mac_address", FT_ETHER, BASE_NONE, NULL, 0x0, NULL, HFILL }},
840 { &hf_ismp_assigned_neighbor_state, { "Assigned Neighbor State", "ismp.assigned_neighbor_state", FT_UINT32, BASE_HEX, NULL, 0x0, NULL, HFILL }},
841 { &hf_ismp_tuple_type, { "Tuple Type", "ismp.tuple_type", FT_UINT16, BASE_DEC, VALS(edp_tuple_types), 0x0, NULL, HFILL }},
842 { &hf_ismp_tuple_length, { "Tuple Length", "ismp.tuple_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
843 { &hf_ismp_hold_time, { "Hold Time", "ismp.hold_time", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
844 { &hf_ismp_interface_name, { "Interface Name", "ismp.interface_name", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
845 { &hf_ismp_system_description, { "System Description", "ismp.system_description", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
846 { &hf_ismp_interface_ipx_address, { "Interface IPX_address", "ismp.interface_ipx_address", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
847 { &hf_ismp_unknown_tuple_data, { "Unknown Tuple Data", "ismp.unknown_tuple_data", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
848 };
849
850 /* Setup protocol subtree array */
851 static int *ett[] = {
852 &ett_ismp,
853 &ett_ismp_edp,
854 &ett_ismp_edp_options,
855 &ett_ismp_edp_neighbors,
856 &ett_ismp_edp_neighbors_leaf,
857 &ett_ismp_edp_tuples,
858 &ett_ismp_edp_tuples_leaf,
859 };
860
861 static ei_register_info ei[] = {
862 { &ei_ismp_malformed, { "ismp.malformed", PI_MALFORMED, PI_ERROR, "Malformed packet", EXPFILL }},
863 };
864
865 expert_module_t* expert_ismp;
866
867 /* Register the protocol name and description */
868 proto_ismp = proto_register_protocol("InterSwitch Message Protocol",
869 "ISMP", "ismp");
870
871 /* Required function calls to register the header fields and subtrees used */
872 proto_register_field_array(proto_ismp, hf, array_length(hf));
873 proto_register_subtree_array(ett, array_length(ett));
874 expert_ismp = expert_register_protocol(proto_ismp);
875 expert_register_field_array(expert_ismp, ei, array_length(ei));
876
877 ismp_handle = register_dissector("ismp", dissect_ismp, proto_ismp);
878 }
879
880
881 /* If this dissector uses sub-dissector registration add a registration routine.
882 This format is required because a script is used to find these routines and
883 create the code that calls these routines.
884 */
885 void
886 proto_reg_handoff_ismp(void)
887 {
888 dissector_add_uint("ethertype", ETHERTYPE_ISMP, ismp_handle);
889 }
890
891 /*
892 * Editor modelines - https://www.wireshark.org/tools/modelines.html
893 *
894 * Local variables:
895 * c-basic-offset: 8
896 * tab-width: 8
897 * indent-tabs-mode: t
898 * End:
899 *
900 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
901 * :indentSize=8:tabSize=8:noTabs=false:
902 */
Metzes wireshark repo