epan/dissectors/pidl/ C99 drsuapi
[wireshark-sm.git] / epan / dissectors / packet-peekremote.c
blob8ef7ac1c15fadf3229ba5675978c0c0f06bf6e57
1 /* packet-peekremote.c
3 * Routines for the disassembly of packets sent from Cisco WLAN
4 * Controllers, possibly other Cisco access points, and possibly
5 * other devices such as Aruba access points. See
7 * https://web.archive.org/web/20130117041444/http://www.wildpackets.com/elements/omnipeek/OmniPeek_UserGuide.pdf
9 * which speaks of Aruba access points supporting remote capture and
10 * defaulting to port 5000 for this, and also speaks of Cisco access
11 * points supporting remote capture without any reference to a port
12 * number. The two types of remote capture are described separately;
13 * there's no indication of whether they use the same protocol for
14 * streaming packets but perhaps other protocols for, for example,
15 * discovery and setup, or whether they use different protocols
16 * for streaming packets.
18 * A later manual at
20 * https://community.liveaction.com/wp-content/uploads/2020/02/Omnipeek-UserGuide-2-20.pdf
22 * speaks of Aruba and Cisco access points together, mentioning port 5000.
24 * Apparently Aruba supports several protocols, including Peek remote.
25 * See the packet-aruba-erm dissector.
27 * Tested with frames captured from a Cisco WCS.
29 * Copyright 2007 Joerg Mayer (see AUTHORS file)
31 * Wireshark - Network traffic analyzer
32 * By Gerald Combs <gerald@wireshark.org>
33 * Copyright 1998 Gerald Combs
35 * SPDX-License-Identifier: GPL-2.0-or-later
39 * TODO: Decode meta information.
40 * Check on fillup bytes in capture (fcs sometimes wrong)
41 * From:
42 * http://www.cisco.com/univercd/cc/td/doc/product/wireless/pahcont/oweb.pdf
43 * "It will include information on timestamp, signal strength, packet size
44 * and so on"
46 #include "config.h"
48 #include <wiretap/wtap.h>
50 #include <epan/packet.h>
51 #include <epan/expert.h>
52 #include <epan/tfs.h>
53 #include <wsutil/array.h>
54 #include <wsutil/802_11-utils.h>
55 #include <packet-ieee80211-radiotap-defs.h>
57 #define IS_ARUBA 0x01
59 #define PEEKREMOTE_PORT 5000 /* Not IANA registered */
61 #define PEEKREMOTE_V3 3
62 #define PEEKRMEOTE_NEW_BASE_LEN 9
63 #define PEEKREMOTE_V3_HDR_LEN 13
65 #define PEEKREMOTE_V0_6GHZ_BAND_VALID 0x08
66 #define PEEKREMOTE_V0_IS_6GHZ_BAND 0x10
69 void proto_register_peekremote(void);
70 void proto_reg_handoff_peekremote(void);
72 static int proto_peekremote;
73 static dissector_handle_t peekremote_handle;
76 * XXX - we don't have all the MCS index values here.
77 * We should probably just show the MCS index as a number (those
78 * numbers are used in 802.11), and have separate items for the
79 * number of spatial streams, the modulation type, and the coding rate.
80 * Note that some modes with more than one spatial stream use *different*
81 * modulation types for the different streams. See section 20.6
82 * "Parameters for HT MCSs" in 802.11-2012.
84 static const value_string peekremote_mcs_index_vals[] = {
85 { 0, "Spatial streams: 1, Modulation type: BPSK, Codingrate: 1/2" },
86 { 1, "Spatial streams: 1, Modulation type: QPSK, Codingrate: 1/2" },
87 { 2, "Spatial streams: 1, Modulation type: QPSK, Codingrate: 3/4" },
88 { 3, "Spatial streams: 1, Modulation type: 16-QAM, Codingrate: 1/2" },
89 { 4, "Spatial streams: 1, Modulation type: 16-QAM, Codingrate: 3/4" },
90 { 5, "Spatial streams: 1, Modulation type: 64-QAM, Codingrate: 2/3" },
91 { 6, "Spatial streams: 1, Modulation type: 64-QAM, Codingrate: 3/4" },
92 { 7, "Spatial streams: 1, Modulation type: 64-QAM, Codingrate: 5/6" },
93 { 8, "Spatial streams: 2, Modulation type: BPSK, Codingrate: 1/2" },
94 { 9, "Spatial streams: 2, Modulation type: QPSK, Codingrate: 1/2" },
95 { 10, "Spatial streams: 2, Modulation type: QPSK, Codingrate: 3/4" },
96 { 11, "Spatial streams: 2, Modulation type: 16-QAM, Codingrate: 1/2" },
97 { 12, "Spatial streams: 2, Modulation type: 16-QAM, Codingrate: 3/4" },
98 { 13, "Spatial streams: 2, Modulation type: 64-QAM, Codingrate: 2/3" },
99 { 14, "Spatial streams: 2, Modulation type: 64-QAM, Codingrate: 3/4" },
100 { 15, "Spatial streams: 2, Modulation type: 64-QAM, Codingrate: 5/6" },
101 { 16, "Spatial streams: 3, Modulation type: BPSK, Codingrate: 1/2" },
102 { 17, "Spatial streams: 3, Modulation type: QPSK, Codingrate: 1/2" },
103 { 18, "Spatial streams: 3, Modulation type: QPSK, Codingrate: 3/4" },
104 { 19, "Spatial streams: 3, Modulation type: 16-QAM, Codingrate: 1/2" },
105 { 20, "Spatial streams: 3, Modulation type: 16-QAM, Codingrate: 3/4" },
106 { 21, "Spatial streams: 3, Modulation type: 64-QAM, Codingrate: 2/3" },
107 { 22, "Spatial streams: 3, Modulation type: 64-QAM, Codingrate: 3/4" },
108 { 23, "Spatial streams: 3, Modulation type: 64-QAM, Codingrate: 5/6" },
109 { 24, "Spatial streams: 4, Modulation type: BPSK, Codingrate: 1/2" },
110 { 25, "Spatial streams: 4, Modulation type: QPSK, Codingrate: 1/2" },
111 { 26, "Spatial streams: 4, Modulation type: QPSK, Codingrate: 3/4" },
112 { 27, "Spatial streams: 4, Modulation type: 16-QAM, Codingrate: 1/2" },
113 { 28, "Spatial streams: 4, Modulation type: 16-QAM, Codingrate: 3/4" },
114 { 29, "Spatial streams: 4, Modulation type: 64-QAM, Codingrate: 2/3" },
115 { 30, "Spatial streams: 4, Modulation type: 64-QAM, Codingrate: 3/4" },
116 { 31, "Spatial streams: 4, Modulation type: 64-QAM, Codingrate: 5/6" },
117 { 0, NULL }
120 static value_string_ext peekremote_mcs_index_vals_ext = VALUE_STRING_EXT_INIT(peekremote_mcs_index_vals);
121 /* There is no reason to define a separate set of constants for HE(11ax) as it only adds a MCS 10 and 11. MCS0-9 stay the same. We could even imagine an 11ac implementation with MCS10 and 11 (nonstandard)
122 * Also defining mcs rates for 11be in the same table. */
123 static const value_string peekremote_mcs_index_vals_ac[] = {
124 { 0, "Modulation type: BPSK, Codingrate: 1/2" },
125 { 1, "Modulation type: QPSK, Codingrate: 1/2" },
126 { 2, "Modulation type: QPSK, Codingrate: 3/4" },
127 { 3, "Modulation type: 16-QAM, Codingrate: 1/2" },
128 { 4, "Modulation type: 16-QAM, Codingrate: 3/4" },
129 { 5, "Modulation type: 64-QAM, Codingrate: 2/3" },
130 { 6, "Modulation type: 64-QAM, Codingrate: 3/4" },
131 { 7, "Modulation type: 64-QAM, Codingrate: 5/6" },
132 { 8, "Modulation type: 256-QAM, Codingrate: 3/4" },
133 { 9, "Modulation type: 256-QAM, Codingrate: 5/6" },
134 { 10, "Modulation type: 1024-QAM, Codingrate: 3/4" },
135 { 11, "Modulation type: 1024-QAM, Codingrate: 5/6" },
136 { 12, "Modulation type: 4096-QAM, Codingrate: 3/4" },
137 { 13, "Modulation type: 4096-QAM, Codingrate: 5/6" },
138 { 14, "Modulation type: BPSK-DCM-DUP, Codingrate: 1/2" },
139 { 15, "Modulation type: BPSK-DCM, Codingrate: 1/2" },
140 { 0, NULL}
144 static const value_string spatialstreams_vals[] = {
145 { 0, "1" },
146 { 1, "2" },
147 { 2, "3" },
148 { 3, "4" },
149 { 4, "5" },
150 { 5, "6" },
151 { 6, "7" },
152 { 7, "8" },
153 { 0, NULL }
156 static const value_string peekremote_type_vals[] = {
157 { 6, "kMediaSpecificHdrType_Wireless3" },
158 { 0, NULL }
162 * Extended flags.
164 * Some determined from bug 10637, some determined from bug 9586,
165 * and the ones present in both agree, so we're assuming that
166 * the "remote Peek" protocol and the "Peek tagged" file format
167 * use the same bits (which wouldn't be too surprising, as they
168 * both come from Wildpackets).
170 #define EXT_FLAG_20_MHZ_LOWER 0x00000001
171 #define EXT_FLAG_20_MHZ_UPPER 0x00000002
172 #define EXT_FLAG_40_MHZ 0x00000004
173 #define EXT_FLAGS_BANDWIDTH 0x00000007
174 #define EXT_FLAG_HALF_GI 0x00000008
175 #define EXT_FLAG_FULL_GI 0x00000010
176 #define EXT_FLAGS_GI 0x00200018
177 #define EXT_FLAG_AMPDU 0x00000020
178 #define EXT_FLAG_AMSDU 0x00000040
179 #define EXT_FLAG_802_11ac 0x00000080
180 #define EXT_FLAG_MCS_INDEX_USED 0x00000100
181 #define EXT_FLAG_80MHZ 0x00000200
182 #define EXT_FLAG_SHORTPREAMBLE 0x00000400
183 #define EXT_FLAG_SPATIALSTREAMS 0x0001C000
184 #define EXT_FLAG_HEFLAG 0x00020000
185 #define EXT_FLAG_160MHZ 0x00040000
186 #define EXT_FLAG_EHTFLAG 0x00080000
187 #define EXT_FLAG_320MHZ 0x00100000
188 #define EXT_FLAG_QUARTER_GI 0x00200000
189 #define EXT_FLAGS_RESERVED 0xFFC00000
191 #define EXT_FLAG_SPATIALSTREAMS_SHIFT 14
193 static int hf_peekremote_band;
194 static int hf_peekremote_channel;
195 static int hf_peekremote_extflags;
196 static int hf_peekremote_extflags_11ac;
197 static int hf_peekremote_extflags_160mhz;
198 static int hf_peekremote_extflags_320mhz;
199 static int hf_peekremote_extflags_20mhz_lower;
200 static int hf_peekremote_extflags_20mhz_upper;
201 static int hf_peekremote_extflags_40mhz;
202 static int hf_peekremote_extflags_80mhz;
203 static int hf_peekremote_extflags_ampdu;
204 static int hf_peekremote_extflags_amsdu;
205 static int hf_peekremote_extflags_full_gi;
206 static int hf_peekremote_extflags_future_use;
207 static int hf_peekremote_extflags_half_gi;
208 static int hf_peekremote_extflags_heflag;
209 static int hf_peekremote_extflags_ehtflag;
210 static int hf_peekremote_extflags_quarter_gi;
211 static int hf_peekremote_extflags_reserved;
212 static int hf_peekremote_extflags_shortpreamble;
213 static int hf_peekremote_extflags_spatialstreams;
214 static int hf_peekremote_flags;
215 static int hf_peekremote_flags_control_frame;
216 static int hf_peekremote_flags_crc_error;
217 static int hf_peekremote_flags_frame_error;
218 static int hf_peekremote_flags_6ghz_band_valid;
219 static int hf_peekremote_flags_6ghz;
220 static int hf_peekremote_flags_reserved;
221 static int hf_peekremote_frequency;
222 static int hf_peekremote_header_size;
223 static int hf_peekremote_header_version;
224 static int hf_peekremote_magic_number;
225 static int hf_peekremote_mcs_index;
226 static int hf_peekremote_mcs_index_ac;
227 static int hf_peekremote_noise_1_dbm;
228 static int hf_peekremote_noise_2_dbm;
229 static int hf_peekremote_noise_3_dbm;
230 static int hf_peekremote_noise_4_dbm;
231 static int hf_peekremote_noise_dbm;
232 static int hf_peekremote_noise_percent;
233 static int hf_peekremote_packetlength;
234 static int hf_peekremote_signal_1_dbm;
235 static int hf_peekremote_signal_2_dbm;
236 static int hf_peekremote_signal_3_dbm;
237 static int hf_peekremote_signal_4_dbm;
238 static int hf_peekremote_signal_dbm;
239 static int hf_peekremote_signal_percent;
240 static int hf_peekremote_slicelength;
241 static int hf_peekremote_speed;
242 static int hf_peekremote_status;
243 static int hf_peekremote_status_protected;
244 static int hf_peekremote_status_reserved;
245 static int hf_peekremote_status_with_decrypt_error;
246 static int hf_peekremote_status_with_short_preamble;
247 static int hf_peekremote_timestamp;
248 static int hf_peekremote_type;
250 static expert_field ei_peekremote_unknown_header_version;
251 static expert_field ei_peekremote_invalid_header_size;
253 static int ett_peekremote;
254 static int ett_peekremote_flags;
255 static int ett_peekremote_status;
256 static int ett_peekremote_extflags;
258 static dissector_handle_t wlan_radio_handle;
259 static dissector_handle_t radiotap_handle;
261 static int
262 dissect_peekremote_extflags(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset)
264 proto_tree *extflags_tree;
265 proto_item *ti_extflags, *item=NULL;
267 uint32_t extflags = tvb_get_ntohl(tvb, offset);
269 ti_extflags = proto_tree_add_item(tree, hf_peekremote_extflags, tvb, offset, 4, ENC_BIG_ENDIAN);
270 extflags_tree = proto_item_add_subtree(ti_extflags, ett_peekremote_extflags);
271 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_20mhz_lower, tvb, offset, 4, ENC_BIG_ENDIAN);
272 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_20mhz_upper, tvb, offset, 4, ENC_BIG_ENDIAN);
273 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_40mhz, tvb, offset, 4, ENC_BIG_ENDIAN);
274 item = proto_tree_add_item(extflags_tree, hf_peekremote_extflags_half_gi, tvb, offset, 4, ENC_BIG_ENDIAN);
275 if ((extflags & EXT_FLAG_HEFLAG) || (extflags & EXT_FLAG_EHTFLAG)) {
276 proto_item_append_text(item, " (1.6uS)");
277 } else {
278 proto_item_append_text(item, " (0.4uS)");
280 item = proto_tree_add_item(extflags_tree, hf_peekremote_extflags_full_gi, tvb, offset, 4, ENC_BIG_ENDIAN);
281 if ((extflags & EXT_FLAG_HEFLAG) || (extflags & EXT_FLAG_EHTFLAG)) {
282 proto_item_append_text(item, " (3.2uS)");
283 } else {
284 proto_item_append_text(item, " (0.8uS)");
286 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_ampdu, tvb, offset, 4, ENC_BIG_ENDIAN);
287 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_amsdu, tvb, offset, 4, ENC_BIG_ENDIAN);
288 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_11ac, tvb, offset, 4, ENC_BIG_ENDIAN);
289 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_future_use, tvb, offset, 4, ENC_BIG_ENDIAN);
290 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_80mhz, tvb, offset, 4, ENC_BIG_ENDIAN);
291 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_shortpreamble, tvb, offset, 4, ENC_BIG_ENDIAN);
292 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_spatialstreams, tvb, offset, 4, ENC_BIG_ENDIAN);
293 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_heflag, tvb, offset, 4, ENC_BIG_ENDIAN);
294 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_160mhz, tvb, offset, 4, ENC_BIG_ENDIAN);
295 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_ehtflag, tvb, offset, 4, ENC_BIG_ENDIAN);
296 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_320mhz, tvb, offset, 4, ENC_BIG_ENDIAN);
297 if ((extflags & EXT_FLAG_HEFLAG) || (extflags & EXT_FLAG_EHTFLAG)) {
298 item = proto_tree_add_item(extflags_tree, hf_peekremote_extflags_quarter_gi, tvb, offset, 4, ENC_BIG_ENDIAN);
299 proto_item_append_text(item, " (0.8uS)");
301 proto_tree_add_item(extflags_tree, hf_peekremote_extflags_reserved, tvb, offset, 4, ENC_BIG_ENDIAN);
303 return 4;
306 static int
307 dissect_peekremote_flags(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset)
309 proto_tree *flags_tree;
310 proto_item *ti_flags;
312 ti_flags = proto_tree_add_item(tree, hf_peekremote_flags, tvb, offset, 1, ENC_NA);
313 flags_tree = proto_item_add_subtree(ti_flags, ett_peekremote_flags);
314 proto_tree_add_item(flags_tree, hf_peekremote_flags_control_frame, tvb, offset, 1, ENC_NA);
315 proto_tree_add_item(flags_tree, hf_peekremote_flags_crc_error, tvb, offset, 1, ENC_NA);
316 proto_tree_add_item(flags_tree, hf_peekremote_flags_frame_error, tvb, offset, 1, ENC_NA);
317 proto_tree_add_item(flags_tree, hf_peekremote_flags_6ghz_band_valid, tvb, offset, 1, ENC_NA);
318 proto_tree_add_item(flags_tree, hf_peekremote_flags_6ghz, tvb, offset, 1, ENC_NA);
319 proto_tree_add_item(flags_tree, hf_peekremote_flags_reserved, tvb, offset, 1, ENC_NA);
321 return 1;
324 static int
325 dissect_peekremote_status(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset)
327 proto_tree *status_tree;
328 proto_item *ti_status;
330 ti_status = proto_tree_add_item(tree, hf_peekremote_status, tvb, offset, 1, ENC_NA);
331 status_tree = proto_item_add_subtree(ti_status, ett_peekremote_status);
332 proto_tree_add_item(status_tree, hf_peekremote_status_protected, tvb, offset, 1, ENC_NA);
333 proto_tree_add_item(status_tree, hf_peekremote_status_with_decrypt_error, tvb, offset, 1, ENC_NA);
334 proto_tree_add_item(status_tree, hf_peekremote_status_with_short_preamble, tvb, offset, 1, ENC_NA);
335 proto_tree_add_item(status_tree, hf_peekremote_status_reserved, tvb, offset, 1, ENC_NA);
337 return 1;
340 static bool
341 dissect_peekremote_new(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *u _U_)
343 static const uint8_t magic[4] = { 0x00, 0xFF, 0xAB, 0xCD };
344 int offset = 0;
345 proto_tree *peekremote_tree = NULL;
346 proto_item *ti = NULL;
347 proto_item *ti_header_version, *ti_header_size;
348 uint8_t header_version;
349 int header_size;
350 struct ieee_802_11_phdr phdr;
351 uint32_t extflags;
352 uint16_t frequency;
353 uint16_t mcs_index;
354 uint8_t nss;
355 tvbuff_t *next_tvb;
357 if (tvb_memeql(tvb, 0, magic, 4) == -1) {
359 * Not big enough to hold the magic number, or doesn't start
360 * with the magic number.
362 return false;
365 /* We don't have any 802.11 metadata yet. */
366 memset(&phdr, 0, sizeof(phdr));
367 phdr.fcs_len = 4; /* has an FCS */
368 phdr.decrypted = false;
369 phdr.datapad = false;
370 phdr.phy = PHDR_802_11_PHY_UNKNOWN;
372 col_set_str(pinfo->cinfo, COL_PROTOCOL, "PEEKREMOTE");
373 col_clear(pinfo->cinfo, COL_INFO);
375 ti = proto_tree_add_item(tree, proto_peekremote, tvb, 0, -1, ENC_NA);
376 peekremote_tree = proto_item_add_subtree(ti, ett_peekremote);
378 proto_tree_add_item(peekremote_tree, hf_peekremote_magic_number, tvb, offset, 4, ENC_BIG_ENDIAN);
379 offset += 4;
380 header_version = tvb_get_uint8(tvb, offset);
381 ti_header_version = proto_tree_add_uint(peekremote_tree, hf_peekremote_header_version, tvb, offset, 1, header_version);
382 offset += 1;
383 header_size = tvb_get_ntohl(tvb, offset);
384 ti_header_size = proto_tree_add_uint(peekremote_tree, hf_peekremote_header_size, tvb, offset, 4, header_size);
385 offset += 4;
386 switch (header_version) {
388 case 2:
389 if (header_size != 55) {
390 expert_add_info(pinfo, ti_header_size, &ei_peekremote_invalid_header_size);
391 if (header_size > 9)
392 offset += (header_size - 9);
393 } else {
394 /* Initialize bandwidth as 20Mhz, overwrite later based on extflags, if needed*/
395 int bandwidth_vht = IEEE80211_RADIOTAP_VHT_BW_20;
396 int bandwidth_he = IEEE80211_RADIOTAP_HE_DATA_BANDWIDTH_RU_20;
397 int bandwidth_eht = IEEE80211_RADIOTAP_USIG_BW_20;
399 proto_tree_add_item(peekremote_tree, hf_peekremote_type, tvb, offset, 4, ENC_BIG_ENDIAN);
400 offset += 4;
401 mcs_index = tvb_get_ntohs(tvb, offset);
402 extflags = tvb_get_ntohl(tvb, offset+12);
403 /* Encoded value is NSS - 1 */
404 nss = ((extflags & EXT_FLAG_SPATIALSTREAMS) >> EXT_FLAG_SPATIALSTREAMS_SHIFT) + 1;
406 if (extflags & EXT_FLAG_40_MHZ) {
407 bandwidth_vht = IEEE80211_RADIOTAP_VHT_BW_40;
408 bandwidth_he = IEEE80211_RADIOTAP_HE_DATA_BANDWIDTH_RU_40;
409 bandwidth_eht = IEEE80211_RADIOTAP_USIG_BW_40;
410 } else if (extflags & EXT_FLAG_80MHZ) {
411 bandwidth_vht = IEEE80211_RADIOTAP_VHT_BW_80;
412 bandwidth_he = IEEE80211_RADIOTAP_HE_DATA_BANDWIDTH_RU_80;
413 bandwidth_eht = IEEE80211_RADIOTAP_USIG_BW_80;
414 } else if (extflags & EXT_FLAG_160MHZ) {
415 bandwidth_vht = IEEE80211_RADIOTAP_VHT_BW_160;
416 bandwidth_he = IEEE80211_RADIOTAP_HE_DATA_BANDWIDTH_RU_160;
417 bandwidth_eht = IEEE80211_RADIOTAP_USIG_BW_160;
418 } else if (extflags & EXT_FLAG_320MHZ) {
419 bandwidth_eht = IEEE80211_RADIOTAP_USIG_BW_320_1;
422 if (extflags & EXT_FLAG_EHTFLAG) {
423 proto_tree_add_item(peekremote_tree, hf_peekremote_mcs_index_ac, tvb, offset, 2, ENC_BIG_ENDIAN);
424 phdr.phy = PHDR_802_11_PHY_11BE;
425 if (extflags & EXT_FLAGS_GI) {
426 /* Quarter GI : 0.8uS
427 Half GI : 1.6uS
428 Full GI : 3.2uS */
429 phdr.phy_info.info_11be.has_gi = true;
430 phdr.phy_info.info_11be.gi = ((extflags & EXT_FLAG_FULL_GI) != 0) ? 2 :
431 ((extflags & EXT_FLAG_HALF_GI) != 0) ? 1 :
434 phdr.phy_info.info_11be.has_bandwidth = true;
435 phdr.phy_info.info_11be.bandwidth = bandwidth_eht;
436 /* Peekremote does not have per-user fields, so fill data as if it is SU and for user0 */
437 phdr.phy_info.info_11be.num_users = 1;
438 phdr.phy_info.info_11be.user[0].mcs_known = true;
439 phdr.phy_info.info_11be.user[0].mcs = mcs_index;
440 phdr.phy_info.info_11be.user[0].nsts_known = true;
441 phdr.phy_info.info_11be.user[0].nsts = nss;
443 } else if (extflags & EXT_FLAG_HEFLAG) {
444 proto_tree_add_item(peekremote_tree, hf_peekremote_mcs_index_ac, tvb, offset, 2, ENC_BIG_ENDIAN);
445 phdr.phy = PHDR_802_11_PHY_11AX;
446 if (extflags & EXT_FLAGS_GI) {
447 /* Quarter GI : 0.8uS
448 Half GI : 1.6uS
449 Full GI : 3.2uS */
450 phdr.phy_info.info_11ax.has_gi = true;
451 phdr.phy_info.info_11ax.gi = ((extflags & EXT_FLAG_FULL_GI) != 0) ? 2 :
452 ((extflags & EXT_FLAG_HALF_GI) != 0) ? 1 :
455 phdr.phy_info.info_11ax.has_bwru = true;
456 phdr.phy_info.info_11ax.bwru = bandwidth_he;
457 phdr.phy_info.info_11ax.has_mcs_index = true;
458 phdr.phy_info.info_11ax.mcs = (uint8_t)mcs_index;
459 phdr.phy_info.info_11ax.nsts = nss;
461 } else {
462 if (extflags & EXT_FLAG_802_11ac) {
463 proto_tree_add_item(peekremote_tree, hf_peekremote_mcs_index_ac, tvb, offset, 2, ENC_BIG_ENDIAN);
464 phdr.phy = PHDR_802_11_PHY_11AC;
465 if (extflags & EXT_FLAGS_GI) {
466 /* Half GI : 0.4uS
467 Full GI : 0.8uS */
468 phdr.phy_info.info_11ac.has_short_gi = true;
469 phdr.phy_info.info_11ac.short_gi = ((extflags & EXT_FLAG_HALF_GI) != 0);
472 phdr.phy_info.info_11ac.has_bandwidth = true;
473 phdr.phy_info.info_11ac.bandwidth = bandwidth_vht;
474 /* Set FEC/ STBC to defaults to suppress warnings in 80211-radio dissector */
475 phdr.phy_info.info_11ac.has_fec = true;
476 phdr.phy_info.info_11ac.fec = 0;
477 phdr.phy_info.info_11ac.has_stbc = true;
478 phdr.phy_info.info_11ac.stbc = 0;
479 /* Peekremote does not have per-user fields, so fill data as if it is SU and for user0 */
480 phdr.phy_info.info_11ac.mcs[0] = (uint8_t)mcs_index;
481 phdr.phy_info.info_11ac.nss[0] = nss;
483 } else { /* 11n */
484 proto_tree_add_item(peekremote_tree, hf_peekremote_mcs_index, tvb, offset, 2, ENC_BIG_ENDIAN);
485 phdr.phy = PHDR_802_11_PHY_11N;
486 if (extflags & EXT_FLAGS_GI) {
487 /* Half GI : 0.4uS
488 Full GI : 0.8uS */
489 phdr.phy_info.info_11ac.has_short_gi = true;
490 phdr.phy_info.info_11ac.short_gi = ((extflags & EXT_FLAG_HALF_GI) != 0);
492 phdr.phy_info.info_11n.has_bandwidth = true;
493 if (extflags & EXT_FLAG_40_MHZ) {
494 phdr.phy_info.info_11n.bandwidth = IEEE80211_RADIOTAP_MCS_BW_40;
495 } else {
496 phdr.phy_info.info_11n.bandwidth = IEEE80211_RADIOTAP_MCS_BW_20;
498 /* Set FEC/ STBC/ Greenfield to defaults to suppress warnings in 80211-radio dissector */
499 phdr.phy_info.info_11n.has_fec = true;
500 phdr.phy_info.info_11n.fec = 0;
501 phdr.phy_info.info_11n.has_stbc_streams = true;
502 phdr.phy_info.info_11n.stbc_streams = 0;
503 phdr.phy_info.info_11n.has_greenfield = true;
504 phdr.phy_info.info_11n.greenfield = false;
505 phdr.phy_info.info_11n.has_ness = true;
506 phdr.phy_info.info_11n.ness = 0;
508 phdr.phy_info.info_11n.has_mcs_index = true;
509 phdr.phy_info.info_11n.mcs_index = mcs_index;
512 offset += 2;
513 phdr.has_channel = true;
514 phdr.channel = tvb_get_ntohs(tvb, offset);
515 proto_tree_add_item(peekremote_tree, hf_peekremote_channel, tvb, offset, 2, ENC_BIG_ENDIAN);
516 offset += 2;
517 frequency = tvb_get_ntohl(tvb, offset);
518 if (frequency != 0) {
519 phdr.has_frequency = true;
520 phdr.frequency = frequency;
522 proto_tree_add_item(peekremote_tree, hf_peekremote_frequency, tvb, offset, 4, ENC_BIG_ENDIAN);
523 offset += 4;
524 proto_tree_add_item(peekremote_tree, hf_peekremote_band, tvb, offset, 4, ENC_BIG_ENDIAN);
525 offset +=4;
526 offset += dissect_peekremote_extflags(tvb, pinfo, peekremote_tree, offset);
527 phdr.has_signal_percent = true;
528 phdr.signal_percent = tvb_get_uint8(tvb, offset);
529 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_percent, tvb, offset, 1, ENC_NA);
530 offset += 1;
531 phdr.has_noise_percent = true;
532 phdr.noise_percent = tvb_get_uint8(tvb, offset);
533 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_percent, tvb, offset, 1, ENC_NA);
534 offset += 1;
535 phdr.has_signal_dbm = true;
536 phdr.signal_dbm = tvb_get_uint8(tvb, offset);
537 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_dbm, tvb, offset, 1, ENC_NA);
538 offset += 1;
539 phdr.has_noise_dbm = true;
540 phdr.noise_dbm = tvb_get_uint8(tvb, offset);
541 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_dbm, tvb, offset, 1, ENC_NA);
542 offset += 1;
543 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_1_dbm, tvb, offset, 1, ENC_NA);
544 offset += 1;
545 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_2_dbm, tvb, offset, 1, ENC_NA);
546 offset += 1;
547 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_3_dbm, tvb, offset, 1, ENC_NA);
548 offset += 1;
549 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_4_dbm, tvb, offset, 1, ENC_NA);
550 offset += 1;
551 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_1_dbm, tvb, offset, 1, ENC_NA);
552 offset += 1;
553 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_2_dbm, tvb, offset, 1, ENC_NA);
554 offset += 1;
555 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_3_dbm, tvb, offset, 1, ENC_NA);
556 offset += 1;
557 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_4_dbm, tvb, offset, 1, ENC_NA);
558 offset += 1;
559 proto_tree_add_item(peekremote_tree, hf_peekremote_packetlength, tvb, offset, 2, ENC_BIG_ENDIAN);
560 offset += 2;
561 proto_tree_add_item(peekremote_tree, hf_peekremote_slicelength, tvb, offset, 2, ENC_BIG_ENDIAN);
562 offset += 2;
563 offset += dissect_peekremote_flags(tvb, pinfo, peekremote_tree, offset);
564 offset += dissect_peekremote_status(tvb, pinfo, peekremote_tree, offset);
565 proto_tree_add_item(peekremote_tree, hf_peekremote_timestamp, tvb, offset, 8, ENC_BIG_ENDIAN);
566 phdr.has_tsf_timestamp = true;
567 phdr.tsf_timestamp = tvb_get_ntoh64(tvb, offset);
568 offset += 8;
570 break;
571 /* With LiveAction's consent (via Issue #19533) new version Peekremote v3 encapsulation is defined as:
572 * [ UDP [ PEEKREMOTE v3 [ RADIOTAP [ 80211 ]]]]
574 case PEEKREMOTE_V3:
575 if (header_size != PEEKREMOTE_V3_HDR_LEN) {
576 expert_add_info(pinfo, ti_header_size, &ei_peekremote_invalid_header_size);
577 if (header_size > PEEKRMEOTE_NEW_BASE_LEN) {
578 offset += (header_size - PEEKRMEOTE_NEW_BASE_LEN);
580 } else {
581 proto_tree_add_item(peekremote_tree, hf_peekremote_type, tvb, offset, 4, ENC_BIG_ENDIAN);
582 offset += 4;
583 proto_item_set_end(ti, tvb, offset);
584 next_tvb = tvb_new_subset_remaining(tvb, offset);
585 call_dissector(radiotap_handle, next_tvb, pinfo, tree);
586 return true;
588 break;
589 default:
590 expert_add_info(pinfo, ti_header_version, &ei_peekremote_unknown_header_version);
591 if (header_size > 9)
592 offset += (header_size - 9);
593 break;
596 proto_item_set_end(ti, tvb, offset);
597 next_tvb = tvb_new_subset_remaining(tvb, offset);
598 call_dissector_with_data(wlan_radio_handle, next_tvb, pinfo, tree, &phdr);
599 return true;
602 static int
603 dissect_peekremote_legacy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
605 tvbuff_t *next_tvb;
606 proto_tree *peekremote_tree = NULL;
607 proto_item *ti = NULL;
608 struct ieee_802_11_phdr phdr;
609 uint8_t signal_percent;
610 uint8_t flags = 0;
611 bool is_6ghz = false;
612 memset(&phdr, 0, sizeof(phdr));
615 * Check whether this is peekremote-ng, and dissect it as such if it
616 * is.
618 if (dissect_peekremote_new(tvb, pinfo, tree, data)) {
619 /* Yup, it was peekremote-ng, and it's been dissected as such. */
620 return tvb_reported_length(tvb);
623 col_set_str(pinfo->cinfo, COL_PROTOCOL, "PEEKREMOTE");
624 col_clear(pinfo->cinfo, COL_INFO);
626 if (tree) {
627 ti = proto_tree_add_item(tree, proto_peekremote, tvb, 0, -1, ENC_NA);
628 peekremote_tree = proto_item_add_subtree(ti, ett_peekremote);
630 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_dbm, tvb, 0, 1, ENC_NA);
631 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_dbm, tvb, 1, 1, ENC_NA);
632 proto_tree_add_item(peekremote_tree, hf_peekremote_packetlength, tvb, 2, 2, ENC_BIG_ENDIAN);
633 proto_tree_add_item(peekremote_tree, hf_peekremote_slicelength, tvb, 4, 2, ENC_BIG_ENDIAN);
634 dissect_peekremote_flags(tvb, pinfo, peekremote_tree, 6);
635 dissect_peekremote_status(tvb, pinfo, peekremote_tree, 7);
636 proto_tree_add_item(peekremote_tree, hf_peekremote_timestamp, tvb, 8, 8, ENC_BIG_ENDIAN);
637 proto_tree_add_item(peekremote_tree, hf_peekremote_speed, tvb, 16, 1, ENC_NA);
638 proto_tree_add_item(peekremote_tree, hf_peekremote_channel, tvb, 17, 1, ENC_BIG_ENDIAN);
639 proto_tree_add_item(peekremote_tree, hf_peekremote_signal_percent, tvb, 18, 1, ENC_NA);
640 proto_tree_add_item(peekremote_tree, hf_peekremote_noise_percent, tvb, 19, 1, ENC_NA);
642 signal_percent = tvb_get_uint8(tvb, 18);
643 proto_item_set_end(ti, tvb, 20);
644 next_tvb = tvb_new_subset_remaining(tvb, 20);
645 /* When signal = 100 % and coming from ARUBA ERM, it is TX packet and there is no FCS */
646 if (GPOINTER_TO_INT(data) == IS_ARUBA && signal_percent == 100) {
647 phdr.fcs_len = 0; /* TX packet, no FCS */
648 } else {
649 phdr.fcs_len = 4; /* We have an FCS */
651 phdr.decrypted = false;
652 phdr.phy = PHDR_802_11_PHY_UNKNOWN;
653 phdr.has_channel = true;
654 phdr.channel = tvb_get_uint8(tvb, 17);
655 phdr.has_data_rate = true;
656 phdr.data_rate = tvb_get_uint8(tvb, 16);
657 phdr.has_signal_percent = true;
658 phdr.signal_percent = tvb_get_uint8(tvb, 18);
659 phdr.has_noise_percent = true;
660 phdr.noise_percent = tvb_get_uint8(tvb, 18);
661 phdr.has_signal_dbm = true;
662 phdr.signal_dbm = tvb_get_uint8(tvb, 0);
663 phdr.has_noise_dbm = true;
664 phdr.noise_dbm = tvb_get_uint8(tvb, 1);
665 phdr.has_tsf_timestamp = true;
666 phdr.tsf_timestamp = tvb_get_ntoh64(tvb, 8);
668 flags = tvb_get_uint8(tvb, 6);
669 if (flags & PEEKREMOTE_V0_6GHZ_BAND_VALID) {
670 bool is_bg;
671 is_6ghz = flags & PEEKREMOTE_V0_IS_6GHZ_BAND;
672 is_bg = is_6ghz ? false : CHAN_IS_BG(phdr.channel);
673 phdr.has_frequency = true;
674 phdr.frequency = ieee80211_chan_band_to_mhz(phdr.channel, is_bg, is_6ghz);
677 * We don't know they PHY, but we do have the data rate;
678 * try to guess the PHY based on the data rate and channel.
680 if (RATE_IS_DSSS(phdr.data_rate)) {
681 /* 11b */
682 phdr.phy = PHDR_802_11_PHY_11B;
683 phdr.phy_info.info_11b.has_short_preamble = false;
684 } else if (RATE_IS_OFDM(phdr.data_rate)) {
685 /* 11a or 11g, depending on the band. */
686 if (CHAN_IS_BG(phdr.channel) && !is_6ghz) {
687 /* 11g */
688 phdr.phy = PHDR_802_11_PHY_11G;
689 phdr.phy_info.info_11g.has_mode = false;
690 } else {
691 /* 11a */
692 phdr.phy = PHDR_802_11_PHY_11A;
693 phdr.phy_info.info_11a.has_channel_type = false;
694 phdr.phy_info.info_11a.has_turbo_type = false;
698 return 20 + call_dissector_with_data(wlan_radio_handle, next_tvb, pinfo, tree, &phdr);
701 void
702 proto_register_peekremote(void)
704 static hf_register_info hf[] = {
705 { &hf_peekremote_channel,
706 { "Channel", "peekremote.channel",
707 FT_UINT16, BASE_DEC, NULL, 0x0,
708 NULL, HFILL }
710 { &hf_peekremote_signal_dbm,
711 { "Signal [dBm]", "peekremote.signal_dbm",
712 FT_INT8, BASE_DEC, NULL, 0x0,
713 NULL, HFILL }
715 { &hf_peekremote_noise_dbm,
716 { "Noise [dBm]", "peekremote.noise_dbm",
717 FT_INT8, BASE_DEC, NULL, 0x0,
718 NULL, HFILL }
720 { &hf_peekremote_packetlength,
721 { "Packet length", "peekremote.packetlength",
722 FT_UINT16, BASE_DEC, NULL, 0x0,
723 NULL, HFILL }
725 { &hf_peekremote_slicelength,
726 { "Slice length", "peekremote.slicelength",
727 FT_UINT16, BASE_DEC, NULL, 0x0,
728 NULL, HFILL }
730 { &hf_peekremote_flags,
731 { "Flags", "peekremote.flags",
732 FT_UINT8, BASE_HEX, NULL, 0x0,
733 NULL, HFILL }
735 { &hf_peekremote_flags_control_frame,
736 { "Is a Control frame", "peekremote.flags.control_frame",
737 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x01,
738 NULL, HFILL }
740 { &hf_peekremote_flags_crc_error,
741 { "Has CRC error", "peekremote.flags.has_crc_error",
742 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x02,
743 NULL, HFILL }
745 { &hf_peekremote_flags_frame_error,
746 { "Has frame error", "peekremote.flags.has_frame_error",
747 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x04,
748 NULL, HFILL }
750 { &hf_peekremote_flags_6ghz_band_valid,
751 { "Is 6GHz band flag valid", "peekremote.flags.6ghzband_valid",
752 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x08,
753 NULL, HFILL }
755 { &hf_peekremote_flags_6ghz,
756 { "6GHz band", "peekremote.flags.6ghz",
757 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x10,
758 NULL, HFILL }
760 { &hf_peekremote_flags_reserved,
761 { "Reserved", "peekremote.flags.reserved",
762 FT_UINT8, BASE_HEX, NULL, 0xE0,
763 "Must be zero", HFILL }
765 { &hf_peekremote_status,
766 { "Status", "peekremote.status",
767 FT_UINT8, BASE_HEX, NULL, 0x0,
768 NULL, HFILL }
770 { &hf_peekremote_status_protected,
771 { "Protected", "peekremote.status.protected",
772 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x04,
773 NULL, HFILL }
775 { &hf_peekremote_status_with_decrypt_error,
776 { "With decrypt error", "peekremote.status.with_decrypt_error",
777 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x08,
778 NULL, HFILL }
780 { &hf_peekremote_status_with_short_preamble,
781 { "With short preamble", "peekremote.status.with_short_preamble",
782 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x40,
783 NULL, HFILL }
785 { &hf_peekremote_status_reserved,
786 { "Reserved", "peekremote.status.reserved",
787 FT_UINT8, BASE_HEX, NULL, 0xB3,
788 "Must be zero", HFILL }
790 { &hf_peekremote_timestamp,
791 { "TSF timestamp", "peekremote.timestamp",
792 FT_UINT64, BASE_DEC, NULL, 0x0,
793 NULL, HFILL }
795 { &hf_peekremote_mcs_index,
796 { "MCS index", "peekremote.mcs_index",
797 FT_UINT16, BASE_DEC|BASE_EXT_STRING, &peekremote_mcs_index_vals_ext, 0x0,
798 NULL, HFILL }
800 { &hf_peekremote_mcs_index_ac,
801 { "11ac/11ax/11be MCS index", "peekremote.mcs_index_ac",
802 FT_UINT16, BASE_DEC, VALS(peekremote_mcs_index_vals_ac), 0x0,
803 NULL, HFILL }
805 { &hf_peekremote_signal_percent,
806 { "Signal [percent]", "peekremote.signal_percent",
807 FT_UINT8, BASE_DEC, NULL, 0x0,
808 NULL, HFILL }
810 { &hf_peekremote_noise_percent,
811 { "Noise [percent]", "peekremote.noise_percent",
812 FT_UINT8, BASE_DEC, NULL, 0x0,
813 NULL, HFILL }
815 { &hf_peekremote_speed,
816 { "Data rate [500kHz]", "peekremote.data_rate",
817 FT_UINT8, BASE_DEC, NULL, 0x0,
818 NULL, HFILL }
820 { &hf_peekremote_magic_number,
821 { "Magic number", "peekremote.magic_number",
822 FT_UINT32, BASE_HEX, NULL, 0x0,
823 NULL, HFILL }
825 { &hf_peekremote_header_version,
826 { "Header version", "peekremote.header_version",
827 FT_UINT8, BASE_DEC, NULL, 0x0,
828 NULL, HFILL }
830 { &hf_peekremote_header_size,
831 { "Header size", "peekremote.header_size",
832 FT_UINT32, BASE_DEC, NULL, 0x0,
833 NULL, HFILL }
835 { &hf_peekremote_type,
836 { "Type", "peekremote.type",
837 FT_UINT32, BASE_DEC, VALS(peekremote_type_vals), 0x0,
838 NULL, HFILL }
840 { &hf_peekremote_frequency,
841 { "Frequency [Mhz]", "peekremote.frequency",
842 FT_UINT32, BASE_DEC, NULL, 0x0,
843 NULL, HFILL }
845 { &hf_peekremote_band,
846 { "Band", "peekremote.band",
847 FT_UINT32, BASE_DEC, NULL, 0x0,
848 NULL, HFILL }
850 { &hf_peekremote_extflags,
851 { "Extended flags", "peekremote.extflags",
852 FT_UINT32, BASE_HEX, NULL, 0x0,
853 NULL, HFILL }
855 { &hf_peekremote_extflags_20mhz_lower,
856 { "20 MHz Lower", "peekremote.extflags.20mhz_lower",
857 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_20_MHZ_LOWER,
858 NULL, HFILL }
860 { &hf_peekremote_extflags_20mhz_upper,
861 { "20 MHz Upper", "peekremote.extflags.20mhz_upper",
862 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_20_MHZ_UPPER,
863 NULL, HFILL }
865 { &hf_peekremote_extflags_40mhz,
866 { "40 MHz", "peekremote.extflags.40mhz",
867 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_40_MHZ,
868 NULL, HFILL }
870 { &hf_peekremote_extflags_half_gi,
871 { "Half Guard Interval", "peekremote.extflags.half_gi",
872 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_HALF_GI,
873 NULL, HFILL }
875 { &hf_peekremote_extflags_full_gi,
876 { "Full Guard Interval", "peekremote.extflags.full_gi",
877 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_FULL_GI,
878 NULL, HFILL }
880 { &hf_peekremote_extflags_ampdu,
881 { "AMPDU", "peekremote.extflags.ampdu",
882 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_AMPDU,
883 NULL, HFILL }
885 { &hf_peekremote_extflags_amsdu,
886 { "AMSDU", "peekremote.extflags.amsdu",
887 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_AMSDU,
888 NULL, HFILL }
890 { &hf_peekremote_extflags_11ac,
891 { "802.11ac", "peekremote.extflags.11ac",
892 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_802_11ac,
893 NULL, HFILL }
895 { &hf_peekremote_extflags_future_use,
896 { "MCS index used", "peekremote.extflags.future_use",
897 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_MCS_INDEX_USED,
898 NULL, HFILL }
900 { &hf_peekremote_extflags_80mhz,
901 { "80 Mhz", "peekremote.extflags.80mhz",
902 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_80MHZ,
903 NULL, HFILL }
905 { &hf_peekremote_extflags_shortpreamble,
906 { "Short preamble", "peekremote.extflags.shortpreamble",
907 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_SHORTPREAMBLE,
908 NULL, HFILL }
910 { &hf_peekremote_extflags_spatialstreams,
911 { "Spatial streams", "peekremote.extflags.spatialstreams",
912 FT_UINT32, BASE_DEC, VALS(spatialstreams_vals), EXT_FLAG_SPATIALSTREAMS,
913 NULL, HFILL }
915 { &hf_peekremote_extflags_heflag,
916 { "802.11ax", "peekremote.extflags.11ax",
917 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_HEFLAG,
918 NULL, HFILL }
920 { &hf_peekremote_extflags_160mhz,
921 { "160Mhz", "peekremote.extflags.160mhz",
922 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_160MHZ,
923 NULL, HFILL }
925 { &hf_peekremote_extflags_ehtflag,
926 { "802.11be", "peekremote.extflags.11be",
927 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_EHTFLAG,
928 NULL, HFILL }
930 { &hf_peekremote_extflags_320mhz,
931 { "320Mhz", "peekremote.extflags.320mhz",
932 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_320MHZ,
933 NULL, HFILL }
935 { &hf_peekremote_extflags_quarter_gi,
936 { "Quarter Guard Interval", "peekremote.extflags.quarter_gi",
937 FT_BOOLEAN, 32, TFS(&tfs_yes_no), EXT_FLAG_QUARTER_GI,
938 NULL, HFILL }
940 { &hf_peekremote_extflags_reserved,
941 { "Reserved", "peekremote.extflags.reserved",
942 FT_UINT32, BASE_HEX, NULL, EXT_FLAGS_RESERVED,
943 "Must be zero", HFILL }
945 { &hf_peekremote_signal_1_dbm,
946 { "Signal 1 [dBm]", "peekremote.signal_1_dbm",
947 FT_INT8, BASE_DEC, NULL, 0x0,
948 NULL, HFILL }
950 { &hf_peekremote_signal_2_dbm,
951 { "Signal 2 [dBm]", "peekremote.signal_2_dbm",
952 FT_INT8, BASE_DEC, NULL, 0x0,
953 NULL, HFILL }
955 { &hf_peekremote_signal_3_dbm,
956 { "Signal 3 [dBm]", "peekremote.signal_3_dbm",
957 FT_INT8, BASE_DEC, NULL, 0x0,
958 NULL, HFILL }
960 { &hf_peekremote_signal_4_dbm,
961 { "Signal 4 [dBm]", "peekremote.signal_4_dbm",
962 FT_INT8, BASE_DEC, NULL, 0x0,
963 NULL, HFILL }
965 { &hf_peekremote_noise_1_dbm,
966 { "Noise 1 [dBm]", "peekremote.noise_1_dbm",
967 FT_INT8, BASE_DEC, NULL, 0x0,
968 NULL, HFILL }
970 { &hf_peekremote_noise_2_dbm,
971 { "Noise 2 [dBm]", "peekremote.noise_2_dbm",
972 FT_INT8, BASE_DEC, NULL, 0x0,
973 NULL, HFILL }
975 { &hf_peekremote_noise_3_dbm,
976 { "Noise 3 [dBm]", "peekremote.noise_3_dbm",
977 FT_INT8, BASE_DEC, NULL, 0x0,
978 NULL, HFILL }
980 { &hf_peekremote_noise_4_dbm,
981 { "Noise 4 [dBm]", "peekremote.noise_4_dbm",
982 FT_INT8, BASE_DEC, NULL, 0x0,
983 NULL, HFILL }
986 static int *ett[] = {
987 &ett_peekremote,
988 &ett_peekremote_flags,
989 &ett_peekremote_status,
990 &ett_peekremote_extflags
992 static ei_register_info ei[] = {
993 { &ei_peekremote_unknown_header_version, { "peekremote.unknown_header_version", PI_UNDECODED, PI_ERROR, "Unknown header version", EXPFILL }},
994 { &ei_peekremote_invalid_header_size, { "peekremote.invalid_header_size", PI_UNDECODED, PI_ERROR, "Invalid header size for that header version", EXPFILL }},
996 expert_module_t *expert_peekremote;
998 proto_peekremote = proto_register_protocol("AiroPeek/OmniPeek encapsulated IEEE 802.11", "PEEKREMOTE", "peekremote");
999 proto_register_field_array(proto_peekremote, hf, array_length(hf));
1000 proto_register_subtree_array(ett, array_length(ett));
1001 expert_peekremote = expert_register_protocol(proto_peekremote);
1002 expert_register_field_array(expert_peekremote, ei, array_length(ei));
1004 peekremote_handle = register_dissector("peekremote", dissect_peekremote_legacy, proto_peekremote);
1007 void
1008 proto_reg_handoff_peekremote(void)
1010 /* Peekremote V0/V2 */
1011 wlan_radio_handle = find_dissector_add_dependency("wlan_radio", proto_peekremote);
1012 /* Peekremote V3 */
1013 radiotap_handle = find_dissector_add_dependency("radiotap", proto_peekremote);
1014 dissector_add_uint_with_preference("udp.port", PEEKREMOTE_PORT, peekremote_handle);
1016 heur_dissector_add("udp", dissect_peekremote_new, "OmniPeek Remote over UDP", "peekremote_udp", proto_peekremote, HEURISTIC_ENABLE);
1020 * Editor modelines - https://www.wireshark.org/tools/modelines.html
1022 * Local variables:
1023 * c-basic-offset: 2
1024 * tab-width: 8
1025 * indent-tabs-mode: nil
1026 * End:
1028 * vi: set shiftwidth=2 tabstop=8 expandtab:
1029 * :indentSize=2:tabSize=8:noTabs=true: