search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MSWSP: add two more Property Sets
[wireshark-wip.git] / epan / dissectors / packet-enip.c
bloba2c0cdc7263491492f9894ebe79a640fab1b65a9
1 /* packet-enip.c
2 * Routines for EtherNet/IP (Industrial Protocol) dissection
3 * EtherNet/IP Home: www.odva.org
4 *
5 * Copyright 2003-2004
6 * Magnus Hansson <mah@hms.se>
7 * Joakim Wiberg <jow@hms.se>
8 *
9 * Conversation data support for CIP
10 * Jan Bartels, Siempelkamp Maschinen- und Anlagenbau GmbH & Co. KG
11 * Copyright 2007
12 *
13 * Ethernet/IP object support
14 * Michael Mann
15 * Copyright 2011
16 *
17 * $Id$
18 *
19 * Wireshark - Network traffic analyzer
20 * By Gerald Combs <gerald@wireshark.org>
21 * Copyright 1998 Gerald Combs
22 *
23 * This program is free software; you can redistribute it and/or
24 * modify it under the terms of the GNU General Public License
25 * as published by the Free Software Foundation; either version 2
26 * of the License, or (at your option) any later version.
27 *
28 * This program is distributed in the hope that it will be useful,
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
31 * GNU General Public License for more details.
32 *
33 * You should have received a copy of the GNU General Public License
34 * along with this program; if not, write to the Free Software
35 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
36 */
37
38 #include "config.h"
39
40 #include <glib.h>
41
42 #include <epan/packet.h>
43 #include <epan/wmem/wmem.h>
44 #include <epan/conversation.h>
45 #include <epan/prefs.h>
46 #include <epan/etypes.h>
47 #include <epan/ipv6-utils.h>
48 #include <epan/expert.h>
49 #include "packet-tcp.h"
50 #include "packet-cip.h"
51 #include "packet-enip.h"
52 #include "packet-cipsafety.h"
53
54 /* Communication Ports */
55 #define ENIP_ENCAP_PORT 44818 /* EtherNet/IP located on port 44818 */
56 #define ENIP_IO_PORT 2222 /* EtherNet/IP IO located on port 2222 */
57
58 /* EtherNet/IP function codes */
59 #define NOP 0x0000
60 #define LIST_SERVICES 0x0004
61 #define LIST_IDENTITY 0x0063
62 #define LIST_INTERFACES 0x0064
63 #define REGISTER_SESSION 0x0065
64 #define UNREGISTER_SESSION 0x0066
65 #define SEND_RR_DATA 0x006F
66 #define SEND_UNIT_DATA 0x0070
67 #define INDICATE_STATUS 0x0072
68 #define CANCEL 0x0073
69
70 /* EtherNet/IP status codes */
71 #define SUCCESS 0x0000
72 #define INVALID_CMD 0x0001
73 #define NO_RESOURCES 0x0002
74 #define INCORRECT_DATA 0x0003
75 #define INVALID_SESSION 0x0064
76 #define INVALID_LENGTH 0x0065
77 #define UNSUPPORTED_PROT_REV 0x0069
78
79 /* EtherNet/IP Common Data Format Type IDs */
80 #define CDF_NULL 0x0000
81 #define LIST_IDENTITY_RESP 0x000C
82 #define CONNECTION_BASED 0x00A1
83 #define CONNECTION_TRANSPORT 0x00B1
84 #define UNCONNECTED_MSG 0x00B2
85 #define LIST_SERVICES_RESP 0x0100
86 #define SOCK_ADR_INFO_OT 0x8000
87 #define SOCK_ADR_INFO_TO 0x8001
88 #define SEQ_ADDRESS 0x8002
89
90 /* Decoded I/O traffic enumeration */
91 #define ENIP_IO_OFF 0
92 #define ENIP_IO_SAFETY 1
93 #define ENIP_IO_MOTION 2
94
95 /* Initialize the protocol and registered fields */
96 static int proto_enip = -1;
97 static int proto_cipsafety = -1;
98
99 static int hf_enip_command = -1;
100 static int hf_enip_length = -1;
101 static int hf_enip_options = -1;
102 static int hf_enip_sendercontex = -1;
103 static int hf_enip_listid_delay = -1;
104 static int hf_enip_status = -1;
105 static int hf_enip_session = -1;
106 static int hf_enip_encapver = -1;
107 static int hf_enip_sinfamily = -1;
108 static int hf_enip_sinport = -1;
109 static int hf_enip_sinaddr = -1;
110 static int hf_enip_sinzero = -1;
111 static int hf_enip_timeout = -1;
112 static int hf_enip_encap_data = -1;
113
114 static int hf_enip_lir_vendor = -1;
115 static int hf_enip_lir_devtype = -1;
116 static int hf_enip_lir_prodcode = -1;
117 static int hf_enip_lir_revision = -1;
118 static int hf_enip_lir_status = -1;
119 static int hf_enip_lir_serial = -1;
120 static int hf_enip_lir_namelen = -1;
121 static int hf_enip_lir_name = -1;
122 static int hf_enip_lir_state = -1;
123
124 static int hf_enip_lsr_capaflags = -1;
125 static int hf_enip_lsr_tcp = -1;
126 static int hf_enip_lsr_udp = -1;
127 static int hf_enip_lsr_servicename = -1;
128
129 static int hf_enip_rs_version = -1;
130 static int hf_enip_rs_optionflags = -1;
131
132 static int hf_enip_srrd_ifacehnd = -1;
133
134 static int hf_enip_sud_ifacehnd = -1;
135
136 static int hf_enip_cpf_itemcount = -1;
137 static int hf_enip_cpf_typeid = -1;
138 static int hf_enip_cpf_length = -1;
139 static int hf_enip_cpf_cdi_seqcnt = -1;
140 static int hf_enip_cpf_cdi_32bitheader = -1;
141 static int hf_enip_cpf_cdi_32bitheader_roo = -1;
142 static int hf_enip_cpf_cdi_32bitheader_coo = -1;
143 static int hf_enip_cpf_cdi_32bitheader_run_idle = -1;
144 static int hf_enip_cpf_cai_connid = -1;
145 static int hf_enip_cpf_sai_connid = -1;
146 static int hf_enip_cpf_sai_seqnum = -1;
147
148 static int hf_enip_cpf_data = -1;
149
150 static int hf_enip_response_in = -1;
151 static int hf_enip_response_to = -1;
152 static int hf_enip_time = -1;
153 static int hf_enip_connection_transport_data = -1;
154
155 /* Parsed Attributes */
156 static int hf_tcpip_status = -1;
157 static int hf_tcpip_status_interface_config = -1;
158 static int hf_tcpip_status_mcast_pending = -1;
159 static int hf_tcpip_status_interface_config_pending = -1;
160 static int hf_tcpip_status_acd = -1;
161 static int hf_tcpip_status_reserved = -1;
162 static int hf_tcpip_config_cap = -1;
163 static int hf_tcpip_config_cap_bootp = -1;
164 static int hf_tcpip_config_cap_dns = -1;
165 static int hf_tcpip_config_cap_dhcp = -1;
166 static int hf_tcpip_config_cap_dhcp_dns_update = -1;
167 static int hf_tcpip_config_cap_config_settable = -1;
168 static int hf_tcpip_config_cap_hardware_config = -1;
169 static int hf_tcpip_config_cap_interface_reset = -1;
170 static int hf_tcpip_config_cap_acd = -1;
171 static int hf_tcpip_config_cap_reserved = -1;
172 static int hf_tcpip_config_control = -1;
173 static int hf_tcpip_config_control_config = -1;
174 static int hf_tcpip_config_control_dns = -1;
175 static int hf_tcpip_config_control_reserved = -1;
176 static int hf_tcpip_physical_link_size = -1;
177 static int hf_tcpip_ic_ip_addr = -1;
178 static int hf_tcpip_ic_subnet_mask = -1;
179 static int hf_tcpip_ic_gateway = -1;
180 static int hf_tcpip_ic_name_server = -1;
181 static int hf_tcpip_ic_name_server2 = -1;
182 static int hf_tcpip_ic_domain_name = -1;
183 static int hf_tcpip_hostname = -1;
184 static int hf_tcpip_ttl_value = -1;
185 static int hf_tcpip_mcast_alloc = -1;
186 static int hf_tcpip_mcast_reserved = -1;
187 static int hf_tcpip_mcast_num_mcast = -1;
188 static int hf_tcpip_mcast_addr_start = -1;
189 static int hf_tcpip_lcd_acd_activity = -1;
190 static int hf_tcpip_lcd_remote_mac = -1;
191 static int hf_tcpip_lcd_arp_pdu = -1;
192 static int hf_tcpip_select_acd = -1;
193 static int hf_tcpip_quick_connect = -1;
194
195 static int hf_elink_interface_flags = -1;
196 static int hf_elink_iflags_link_status = -1;
197 static int hf_elink_iflags_duplex = -1;
198 static int hf_elink_iflags_neg_status = -1;
199 static int hf_elink_iflags_manual_reset = -1;
200 static int hf_elink_iflags_local_hw_fault = -1;
201 static int hf_elink_iflags_reserved = -1;
202 static int hf_elink_interface_speed = -1;
203 static int hf_elink_physical_address = -1;
204 static int hf_elink_icount_in_octets = -1;
205 static int hf_elink_icount_in_ucast = -1;
206 static int hf_elink_icount_in_nucast = -1;
207 static int hf_elink_icount_in_discards = -1;
208 static int hf_elink_icount_in_errors = -1;
209 static int hf_elink_icount_in_unknown_protos = -1;
210 static int hf_elink_icount_out_octets = -1;
211 static int hf_elink_icount_out_ucast = -1;
212 static int hf_elink_icount_out_nucast = -1;
213 static int hf_elink_icount_out_discards = -1;
214 static int hf_elink_icount_out_errors = -1;
215 static int hf_elink_mcount_alignment_errors = -1;
216 static int hf_elink_mcount_fcs_errors = -1;
217 static int hf_elink_mcount_single_collisions = -1;
218 static int hf_elink_mcount_multiple_collisions = -1;
219 static int hf_elink_mcount_sqe_test_errors = -1;
220 static int hf_elink_mcount_deferred_transmission = -1;
221 static int hf_elink_mcount_late_collisions = -1;
222 static int hf_elink_mcount_excessive_collisions = -1;
223 static int hf_elink_mcount_mac_transmit_errors = -1;
224 static int hf_elink_mcount_carrier_sense_errors = -1;
225 static int hf_elink_mcount_frame_too_long = -1;
226 static int hf_elink_mcount_mac_receive_errors = -1;
227 static int hf_elink_icontrol_control_bits = -1;
228 static int hf_elink_icontrol_control_bits_auto_neg = -1;
229 static int hf_elink_icontrol_control_bits_forced_duplex = -1;
230 static int hf_elink_icontrol_control_bits_reserved = -1;
231 static int hf_elink_icontrol_forced_speed = -1;
232 static int hf_elink_interface_type = -1;
233 static int hf_elink_interface_state = -1;
234 static int hf_elink_admin_state = -1;
235 static int hf_elink_interface_label = -1;
236
237 static int hf_qos_8021q_enable = -1;
238 static int hf_qos_dscp_ptp_event = -1;
239 static int hf_qos_dscp_ptp_general = -1;
240 static int hf_qos_dscp_urgent = -1;
241 static int hf_qos_dscp_scheduled = -1;
242 static int hf_qos_dscp_high = -1;
243 static int hf_qos_dscp_low = -1;
244 static int hf_qos_dscp_explicit = -1;
245
246 static int hf_dlr_network_topology = -1;
247 static int hf_dlr_network_status = -1;
248 static int hf_dlr_ring_supervisor_status = -1;
249 static int hf_dlr_rsc_ring_supervisor_enable = -1;
250 static int hf_dlr_rsc_ring_supervisor_precedence = -1;
251 static int hf_dlr_rsc_beacon_interval = -1;
252 static int hf_dlr_rsc_beacon_timeout = -1;
253 static int hf_dlr_rsc_dlr_vlan_id = -1;
254 static int hf_dlr_ring_faults_count = -1;
255 static int hf_dlr_lanp1_dev_ip_addr = -1;
256 static int hf_dlr_lanp1_dev_physical_address = -1;
257 static int hf_dlr_lanp2_dev_ip_addr = -1;
258 static int hf_dlr_lanp2_dev_physical_address = -1;
259 static int hf_dlr_ring_protocol_participants_count = -1;
260 static int hf_dlr_rppl_dev_ip_addr = -1;
261 static int hf_dlr_rppl_dev_physical_address = -1;
262 static int hf_dlr_asa_supervisor_ip_addr = -1;
263 static int hf_dlr_asa_supervisor_physical_address = -1;
264 static int hf_dlr_active_supervisor_precedence = -1;
265 static int hf_dlr_capability_flags = -1;
266 static int hf_dlr_capflags_announce_base_node = -1;
267 static int hf_dlr_capflags_beacon_base_node = -1;
268 static int hf_dlr_capflags_reserved1 = -1;
269 static int hf_dlr_capflags_supervisor_capable = -1;
270 static int hf_dlr_capflags_reserved2 = -1;
271 static int hf_dlr_capflags_redundant_gateway_capable = -1;
272 static int hf_dlr_capflags_flush_frame_capable = -1;
273 static int hf_dlr_rgc_red_gateway_enable = -1;
274 static int hf_dlr_rgc_gateway_precedence = -1;
275 static int hf_dlr_rgc_advertise_interval = -1;
276 static int hf_dlr_rgc_advertise_timeout = -1;
277 static int hf_dlr_rgc_learning_update_enable = -1;
278 static int hf_dlr_redundant_gateway_status = -1;
279 static int hf_dlr_aga_ip_addr = -1;
280 static int hf_dlr_aga_physical_address = -1;
281 static int hf_dlr_active_gateway_precedence = -1;
282
283 /* Initialize the subtree pointers */
284 static gint ett_enip = -1;
285 static gint ett_count_tree = -1;
286 static gint ett_type_tree = -1;
287 static gint ett_command_tree = -1;
288 static gint ett_sockadd = -1;
289 static gint ett_32bitheader_tree = -1;
290 static gint ett_lsrcf = -1;
291 static gint ett_tcpip_status = -1;
292 static gint ett_tcpip_config_cap = -1;
293 static gint ett_tcpip_config_control = -1;
294 static gint ett_elink_interface_flags = -1;
295 static gint ett_elink_icontrol_bits = -1;
296 static gint ett_dlr_capability_flags = -1;
297 static gint ett_dlr_lnknbrstatus_flags = -1;
298
299 static expert_field ei_mal_tcpip_status = EI_INIT;
300 static expert_field ei_mal_tcpip_config_cap = EI_INIT;
301 static expert_field ei_mal_tcpip_config_control = EI_INIT;
302 static expert_field ei_mal_tcpip_physical_link_size = EI_INIT;
303 static expert_field ei_mal_tcpip_interface_config = EI_INIT;
304 static expert_field ei_mal_tcpip_mcast_config = EI_INIT;
305 static expert_field ei_mal_tcpip_last_conflict = EI_INIT;
306 static expert_field ei_mal_elink_interface_flags = EI_INIT;
307 static expert_field ei_mal_elink_interface_counters = EI_INIT;
308 static expert_field ei_mal_elink_media_counters = EI_INIT;
309 static expert_field ei_mal_elink_interface_control = EI_INIT;
310 static expert_field ei_mal_dlr_ring_supervisor_config = EI_INIT;
311 static expert_field ei_mal_dlr_last_active_node_on_port_1 = EI_INIT;
312 static expert_field ei_mal_dlr_last_active_node_on_port_2 = EI_INIT;
313 static expert_field ei_mal_dlr_ring_protocol_participants_list = EI_INIT;
314 static expert_field ei_mal_dlr_active_supervisor_address = EI_INIT;
315 static expert_field ei_mal_dlr_capability_flags = EI_INIT;
316 static expert_field ei_mal_dlr_redundant_gateway_config = EI_INIT;
317 static expert_field ei_mal_dlr_active_gateway_address = EI_INIT;
318
319 static dissector_table_t subdissector_srrd_table;
320 static dissector_table_t subdissector_sud_table;
321 static dissector_handle_t data_handle;
322 static dissector_handle_t arp_handle;
323 static dissector_handle_t cipsafety_handle;
324 static dissector_handle_t cipmotion_handle;
325
326 static gboolean enip_desegment = TRUE;
327 static gboolean enip_OTrun_idle = TRUE;
328 static gboolean enip_TOrun_idle = FALSE;
329
330 static int proto_dlr = -1;
331
332 static int hf_dlr_ringsubtype = -1;
333 static int hf_dlr_ringprotoversion = -1;
334 static int hf_dlr_frametype = -1;
335 static int hf_dlr_sourceport = -1;
336 static int hf_dlr_sourceip = -1;
337 static int hf_dlr_sequenceid = -1;
338
339 static int hf_dlr_ringstate = -1;
340 static int hf_dlr_supervisorprecedence = -1;
341 static int hf_dlr_beaconinterval = -1;
342 static int hf_dlr_beacontimeout = -1;
343 static int hf_dlr_beaconreserved = -1;
344
345 static int hf_dlr_nreqreserved = -1;
346
347 static int hf_dlr_nressourceport = -1;
348 static int hf_dlr_nresreserved = -1;
349
350 static int hf_dlr_lnknbrstatus = -1;
351 static int hf_dlr_lnknbrstatus_port1 = -1;
352 static int hf_dlr_lnknbrstatus_port2 = -1;
353 static int hf_dlr_lnknbrstatus_reserved = -1;
354 static int hf_dlr_lnknbrstatus_frame_type = -1;
355 static int hf_dlr_lnknbrreserved = -1;
356
357 static int hf_dlr_lfreserved = -1;
358
359 static int hf_dlr_anreserved = -1;
360
361 static int hf_dlr_sonumnodes = -1;
362 static int hf_dlr_somac = -1;
363 static int hf_dlr_soip = -1;
364 static int hf_dlr_soreserved = -1;
365
366 static int hf_dlr_advgatewaystate = -1;
367 static int hf_dlr_advgatewayprecedence = -1;
368 static int hf_dlr_advadvertiseinterval = -1;
369 static int hf_dlr_advadvertisetimeout = -1;
370 static int hf_dlr_advlearningupdateenable = -1;
371 static int hf_dlr_advreserved = -1;
372
373 static int hf_dlr_flushlearningupdateenable = -1;
374 static int hf_dlr_flushreserved = -1;
375
376 static int hf_dlr_learnreserved = -1;
377
378 static gint ett_dlr = -1;
379
380 static const enum_val_t enip_io_dissector_types[] = {
381 { "Off", "Regular Ethernet/IP I/O data", ENIP_IO_OFF},
382 { "CIP Safety", "CIP Safety", ENIP_IO_SAFETY },
383 { "CIP Motion", "CIP Motion", ENIP_IO_MOTION },
384 { NULL, NULL, 0 }
385 };
386
387 /* decode I/O traffic as this type if ForwardOpen isn't captured */
388 static gint default_io_dissector_type = ENIP_IO_OFF;
389
390 /* Translate function to string - Encapsulation commands */
391 static const value_string encap_cmd_vals[] = {
392 { NOP, "NOP" },
393 { LIST_SERVICES, "List Services" },
394 { LIST_IDENTITY, "List Identity" },
395 { LIST_INTERFACES, "List Interfaces" },
396 { REGISTER_SESSION, "Register Session" },
397 { UNREGISTER_SESSION,"Unregister Session" },
398 { SEND_RR_DATA, "Send RR Data" },
399 { SEND_UNIT_DATA, "Send Unit Data" },
400 { INDICATE_STATUS, "Indicate Status" },
401 { CANCEL, "Cancel" },
402
403 { 0, NULL }
404 };
405
406 /* Translate function to string - Encapsulation status */
407 static const value_string encap_status_vals[] = {
408 { SUCCESS, "Success" },
409 { INVALID_CMD, "Invalid Command" },
410 { NO_RESOURCES, "No Memory Resources" },
411 { INCORRECT_DATA, "Incorrect Data" },
412 { INVALID_SESSION, "Invalid Session Handle" },
413 { INVALID_LENGTH, "Invalid Length" },
414 { UNSUPPORTED_PROT_REV, "Unsupported Protocol Revision" },
415
416 { 0, NULL }
417 };
418
419 /* Translate function to Common data format values */
420 static const value_string cdf_type_vals[] = {
421 { CDF_NULL, "Null Address Item" },
422 { LIST_IDENTITY_RESP, "List Identity Response" },
423 { CONNECTION_BASED, "Connected Address Item" },
424 { CONNECTION_TRANSPORT, "Connected Data Item" },
425 { UNCONNECTED_MSG, "Unconnected Data Item" },
426 { LIST_SERVICES_RESP, "List Services Response" },
427 { SOCK_ADR_INFO_OT, "Socket Address Info O->T" },
428 { SOCK_ADR_INFO_TO, "Socket Address Info T->O" },
429 { SEQ_ADDRESS, "Sequenced Address Item" },
430
431 { 0, NULL }
432 };
433
434 /* Translate function to string - Run/Idle */
435 static const value_string enip_run_idle_vals[] = {
436 { 0, "Idle" },
437 { 1, "Run" },
438
439 { 0, NULL }
440 };
441
442 static const value_string enip_tcpip_status_interface_config_vals[] = {
443 { 0, "Not configured" },
444 { 1, "BOOTP/DHCP/NVS" },
445 { 2, "Hardware settings" },
446
447 { 0, NULL }
448 };
449
450 static const value_string enip_tcpip_status_acd_vals[] = {
451 { 0, "No Address Conflict Detected" },
452 { 1, "Address Conflict Detected" },
453
454 { 0, NULL }
455 };
456
457 static const value_string enip_tcpip_config_control_config_vals[] = {
458 { 0, "Static IP" },
459 { 1, "BOOTP" },
460 { 2, "DHCP" },
461
462 { 0, NULL }
463 };
464
465 static const value_string enip_tcpip_mcast_alloc_vals[] = {
466 { 0, "Use default multicast algorithm" },
467 { 1, "Use Num Mcast and Mcast Start Addr" },
468
469 { 0, NULL }
470 };
471
472 static const value_string enip_tcpip_acd_activity_vals[] = {
473 { 0, "No Conflict Detected" },
474 { 1, "Probe IPv4 Address" },
475 { 2, "Ongoing Detection" },
476 { 3, "Semi Active Probe" },
477
478 { 0, NULL }
479 };
480
481 static const value_string enip_elink_duplex_vals[] = {
482 { 0, "Half Duplex" },
483 { 1, "Full Duplex" },
484
485 { 0, NULL }
486 };
487
488 static const value_string enip_elink_iflags_neg_status_vals[] = {
489 { 0, "Auto-negotiation in progress" },
490 { 1, "Auto-negotiation and speed detection failed" },
491 { 2, "Auto-negotiation failed but detected speed" },
492 { 3, "Successfully negotiatied speed and duplex" },
493 { 4, "Auto-negotiation not attempted. Forced speed and duplex" },
494
495 { 0, NULL }
496 };
497
498 static const value_string enip_elink_iflags_reset_vals[] = {
499 { 0, "Activate change automatically" },
500 { 1, "Device requires Reset service for change" },
501
502 { 0, NULL }
503 };
504
505 static const value_string enip_elink_iflags_hw_fault_vals[] = {
506 { 0, "No local hardware fault" },
507 { 1, "Local hardware fault detected" },
508
509 { 0, NULL }
510 };
511
512 static const value_string enip_elink_interface_type_vals[] = {
513 { 0, "Unknown type" },
514 { 1, "Internal" },
515 { 2, "Twisted-pair" },
516 { 3, "Optical fiber" },
517
518 { 0, NULL }
519 };
520
521 static const value_string enip_elink_interface_state_vals[] = {
522 { 0, "Unknown state" },
523 { 1, "Enabled" },
524 { 2, "Disabled" },
525 { 3, "Testing" },
526
527 { 0, NULL }
528 };
529
530 static const value_string enip_elink_admin_state_vals[] = {
531 { 1, "Enabled" },
532 { 2, "Disabled" },
533
534 { 0, NULL }
535 };
536
537 static const value_string enip_dlr_network_topology_vals[] = {
538 { 0, "Linear" },
539 { 1, "Ring" },
540
541 { 0, NULL }
542 };
543
544 static const value_string enip_dlr_network_status_vals[] = {
545 { 0, "Normal" },
546 { 1, "Ring Fault" },
547 { 2, "Unexpected Loop Detected" },
548 { 3, "Partial Network Failure" },
549 { 4, "Rapid Fault/Restore Cycle" },
550
551 { 0, NULL }
552 };
553
554 static const value_string enip_dlr_ring_supervisor_status_vals[] = {
555 { 0, "Backup Ring Supervisor" },
556 { 1, "Active Ring Supervisor" },
557 { 2, "Ring Node" },
558 { 3, "Non-DLR Topology" },
559 { 4, "Cannot Support Parameters" },
560
561 { 0, NULL }
562 };
563
564 static const value_string enip_dlr_redundant_gateway_status_vals[] = {
565 { 0, "Non-Gateway DLR node" },
566 { 1, "Backup Gateway" },
567 { 2, "Active Gateway" },
568 { 3, "Gateway Fault" },
569 { 4, "Cannot Support Parameters" },
570 { 5, "Partitial Network Fault" },
571
572 { 0, NULL }
573 };
574
575 /* Translate interface handle to string */
576 static const value_string enip_interface_handle_vals[] = {
577 { 0, "CIP" },
578
579 { 0, NULL }
580 };
581
582 /* Translate function to DLR Frame Type values */
583 static const value_string dlr_frame_type_vals[] = {
584 { DLR_FT_BEACON, "Beacon" },
585 { DLR_FT_NEIGHBOR_REQ, "Neighbor_Check_Request" },
586 { DLR_FT_NEIGHBOR_RES, "Neighbor_Check_Response" },
587 { DLR_FT_LINK_STAT, "Link_Status / Neighbor_Status" },
588 { DLR_FT_LOCATE_FLT, "Locate_Fault" },
589 { DLR_FT_ANNOUNCE, "Announce" },
590 { DLR_FT_SIGN_ON, "Sign_On" },
591 { DLR_FT_ADVERTISE, "Advertise" },
592 { DLR_FT_FLUSH_TABLES, "Flush_Tables" },
593 { DLR_FT_LEARNING_UPDATE, "Learning_Update" },
594
595 { 0, NULL }
596 };
597
598 /* Translate function to DLR Source Port values */
599 static const value_string dlr_source_port_vals[] = {
600 { 0, "Port 1 or Port 2" },
601 { 1, "Port 1" },
602 { 2, "Port 2" },
603
604 { 0, NULL }
605 };
606
607 /* Translate function to DLR Ring State values */
608 static const value_string dlr_ring_state_vals[] = {
609 { 1, "RING_NORMAL_STATE" },
610 { 2, "RING_FAULT_STATE" },
611
612 { 0, NULL }
613 };
614
615 /* Translate function to DLR Advertise State values */
616 static const value_string dlr_adv_state_vals[] = {
617 { 0x01, "ACTIVE_LISTEN_STATE" },
618 { 0x02, "ACTIVE_NORMAL_STATE" },
619 { 0x03, "FAULT_STATE" },
620
621 { 0, NULL }
622 };
623
624 /* Translate function to DLR Learning Update values */
625 static const value_string dlr_adv_learning_update_vals[] = {
626 { 0, "Disabled" },
627 { 1, "Enabled" },
628
629 { 0, NULL }
630 };
631
632 /* Translate function to DLR Flush Learning Update values */
633 static const value_string dlr_flush_learning_update_vals[] = {
634 { 0, "Disabled" },
635 { 1, "Enabled" },
636
637 { 0, NULL }
638 };
639
640 static const true_false_string dlr_lnknbrstatus_frame_type_vals = {
641 "Neighbor_Status Frame",
642 "Link_Status Frame"
643 };
644
645 static GHashTable *enip_request_hashtable = NULL;
646
647 /* Return codes of function classifying packets as query/response */
648 enum enip_packet_type {ENIP_REQUEST_PACKET, ENIP_RESPONSE_PACKET, ENIP_CANNOT_CLASSIFY};
649 enum enip_packet_data_type { EPDT_UNKNOWN, EPDT_CONNECTED_TRANSPORT, EPDT_UNCONNECTED };
650
651 typedef struct enip_request_key {
652 enum enip_packet_type requesttype;
653 enum enip_packet_data_type type;
654 guint32 session_handle;
655 guint64 sender_context;
656 guint32 conversation;
657 union {
658 struct {
659 guint32 connid;
660 guint16 sequence;
661 } connected_transport;
662 } data;
663 } enip_request_key_t;
664
665 typedef struct enip_request_val {
666 wmem_tree_t *frames;
667 } enip_request_val_t;
668
669 /*
670 * Hash Functions
671 */
672 static gint
673 enip_request_equal(gconstpointer v, gconstpointer w)
674 {
675 const enip_request_key_t *v1 = (const enip_request_key_t *)v;
676 const enip_request_key_t *v2 = (const enip_request_key_t *)w;
677
678 if ( v1->conversation == v2->conversation
679 && v1->session_handle == v2->session_handle
680 && v1->type == v2->type
681 && ( ( v1->sender_context == v2->sender_context /* heuristic approach */
682 && v1->type == EPDT_UNCONNECTED
683 )
684 ||
685 ( v1->data.connected_transport.connid == v2->data.connected_transport.connid
686 && v1->data.connected_transport.sequence == v2->data.connected_transport.sequence
687 && v1->type == EPDT_CONNECTED_TRANSPORT
688 )
689 )
690 )
691 return 1;
692
693 return 0;
694 }
695
696 static void
697 enip_fmt_lir_revision( gchar *result, guint32 revision )
698 {
699 g_snprintf( result, ITEM_LABEL_LENGTH, "%d.%02d", (guint8)(( revision & 0xFF00 ) >> 8), (guint8)(revision & 0xFF) );
700 }
701
702 static guint
703 enip_request_hash (gconstpointer v)
704 {
705 const enip_request_key_t *key = (const enip_request_key_t *)v;
706 guint val;
707
708 val = (guint)(key->conversation * 37 + key->session_handle * 93 + key->type * 765);
709
710 if (key->type == EPDT_UNCONNECTED)
711 {
712 val += ((guint)(key->sender_context * 23));
713 }
714 else if (key->type == EPDT_CONNECTED_TRANSPORT)
715 {
716 val += ((guint)(key->data.connected_transport.connid * 87 + key->data.connected_transport.sequence * 834));
717 }
718
719 return val;
720 }
721
722 static enip_request_info_t *
723 enip_match_request( packet_info *pinfo, proto_tree *tree, enip_request_key_t *prequest_key )
724 {
725 enip_request_key_t *new_request_key;
726 enip_request_val_t *request_val;
727 enip_request_info_t *request_info;
728
729 request_info = NULL;
730 request_val = (enip_request_val_t *)g_hash_table_lookup( enip_request_hashtable, prequest_key );
731 if(!pinfo->fd->flags.visited)
732 {
733 if ( prequest_key && prequest_key->requesttype == ENIP_REQUEST_PACKET )
734 {
735 if ( request_val == NULL )
736 {
737 new_request_key = (enip_request_key_t *)wmem_memdup(wmem_file_scope(), prequest_key, sizeof(enip_request_key_t));
738
739 request_val = wmem_new(wmem_file_scope(), enip_request_val_t);
740 request_val->frames = wmem_tree_new(wmem_file_scope());
741
742 g_hash_table_insert(enip_request_hashtable, new_request_key, request_val );
743 }
744
745 request_info = wmem_new(wmem_file_scope(), enip_request_info_t);
746 request_info->req_num = pinfo->fd->num;
747 request_info->rep_num = 0;
748 request_info->req_time = pinfo->fd->abs_ts;
749 request_info->cip_info = NULL;
750 wmem_tree_insert32(request_val->frames, pinfo->fd->num, (void *)request_info);
751 }
752 if( request_val && prequest_key && prequest_key->requesttype == ENIP_RESPONSE_PACKET )
753 {
754 request_info = (enip_request_info_t*)wmem_tree_lookup32_le( request_val->frames, pinfo->fd->num );
755 if ( request_info )
756 {
757 request_info->rep_num = pinfo->fd->num;
758 }
759 }
760 }
761 else
762 {
763 if ( request_val )
764 request_info = (enip_request_info_t*)wmem_tree_lookup32_le( request_val->frames, pinfo->fd->num );
765 }
766
767 if ( tree && request_info )
768 {
769 /* print state tracking in the tree */
770 if ( prequest_key && prequest_key->requesttype == ENIP_REQUEST_PACKET )
771 {
772 /* This is a request */
773 if (request_info->rep_num)
774 {
775 proto_item *it;
776
777 it = proto_tree_add_uint(tree, hf_enip_response_in,
778 NULL, 0, 0, request_info->rep_num);
779 PROTO_ITEM_SET_GENERATED(it);
780 }
781 }
782 else
783 {
784 if ( prequest_key && prequest_key->requesttype == ENIP_RESPONSE_PACKET )
785 {
786 /* This is a reply */
787 if (request_info->req_num)
788 {
789 proto_item *it;
790 nstime_t ns;
791
792 it = proto_tree_add_uint(tree, hf_enip_response_to,
793 NULL, 0, 0, request_info->req_num);
794 PROTO_ITEM_SET_GENERATED(it);
795
796 nstime_delta(&ns, &pinfo->fd->abs_ts, &request_info->req_time);
797 it = proto_tree_add_time(tree, hf_enip_time, NULL, 0, 0, &ns);
798 PROTO_ITEM_SET_GENERATED(it);
799 }
800 }
801 }
802 }
803 return request_info;
804 }
805
806 /*
807 * Connection management
808 */
809
810 typedef struct enip_conn_key {
811 guint16 ConnSerialNumber;
812 guint16 VendorID;
813 guint32 DeviceSerialNumber;
814 guint32 O2TConnID;
815 guint32 T2OConnID;
816 } enip_conn_key_t;
817
818 typedef struct enip_conn_val {
819 guint16 ConnSerialNumber;
820 guint16 VendorID;
821 guint32 DeviceSerialNumber;
822 guint32 O2TConnID;
823 guint32 T2OConnID;
824 guint8 TransportClass_trigger;
825 guint32 openframe;
826 guint32 closeframe;
827 guint32 connid;
828 cip_safety_epath_info_t safety;
829 gboolean motion;
830 } enip_conn_val_t;
831
832 typedef struct _enip_conv_info_t {
833 wmem_tree_t *O2TConnIDs;
834 wmem_tree_t *T2OConnIDs;
835 } enip_conv_info_t;
836
837 static GHashTable *enip_conn_hashtable = NULL;
838 static guint32 enip_unique_connid = 1;
839
840 static gint
841 enip_conn_equal(gconstpointer v, gconstpointer w)
842 {
843 const enip_conn_key_t *v1 = (const enip_conn_key_t *)v;
844 const enip_conn_key_t *v2 = (const enip_conn_key_t *)w;
845
846 if ((v1->ConnSerialNumber == v2->ConnSerialNumber) &&
847 (v1->VendorID == v2->VendorID) &&
848 (v1->DeviceSerialNumber == v2->DeviceSerialNumber) &&
849 ((v1->O2TConnID == 0) || (v2->O2TConnID == 0) || (v1->O2TConnID == v2->O2TConnID)) &&
850 ((v1->T2OConnID == 0) || (v2->T2OConnID == 0) || (v1->T2OConnID == v2->T2OConnID)))
851 return 1;
852
853 return 0;
854 }
855
856 static guint
857 enip_conn_hash (gconstpointer v)
858 {
859 const enip_conn_key_t *key = (const enip_conn_key_t *)v;
860 guint val;
861
862 val = (guint)( key->ConnSerialNumber + key->VendorID + key->DeviceSerialNumber );
863
864 return val;
865 }
866
867 void
868 enip_open_cip_connection( packet_info *pinfo, cip_conn_info_t* connInfo)
869 {
870 enip_conn_key_t *conn_key;
871 enip_conn_val_t *conn_val;
872 conversation_t *conversation, *conversationTO;
873 enip_conv_info_t *enip_info;
874 address dest_address;
875 struct e_in6_addr ipv6_zero;
876
877 if (pinfo->fd->flags.visited)
878 return;
879
880 conn_key = wmem_new(wmem_file_scope(), enip_conn_key_t);
881 conn_key->ConnSerialNumber = connInfo->ConnSerialNumber;
882 conn_key->VendorID = connInfo->VendorID;
883 conn_key->DeviceSerialNumber = connInfo->DeviceSerialNumber;
884 conn_key->O2TConnID = connInfo->O2T.connID;
885 conn_key->T2OConnID = connInfo->T2O.connID;
886
887 conn_val = (enip_conn_val_t *)g_hash_table_lookup( enip_conn_hashtable, conn_key );
888 if ( conn_val == NULL )
889 {
890 conn_val = wmem_new(wmem_file_scope(), enip_conn_val_t);
891
892 conn_val->ConnSerialNumber = connInfo->ConnSerialNumber;
893 conn_val->VendorID = connInfo->VendorID;
894 conn_val->DeviceSerialNumber = connInfo->DeviceSerialNumber;
895 conn_val->O2TConnID = connInfo->O2T.connID;
896 conn_val->T2OConnID = connInfo->T2O.connID;
897 conn_val->TransportClass_trigger = connInfo->TransportClass_trigger;
898 conn_val->safety = connInfo->safety;
899 conn_val->motion = connInfo->motion;
900 conn_val->openframe = pinfo->fd->num;
901 conn_val->closeframe = 0;
902 conn_val->connid = enip_unique_connid++;
903
904 g_hash_table_insert(enip_conn_hashtable, conn_key, conn_val );
905
906 /* I/O connection */
907 if (((connInfo->TransportClass_trigger & CI_TRANSPORT_CLASS_MASK) == 0) ||
908 ((connInfo->TransportClass_trigger & CI_TRANSPORT_CLASS_MASK) == 1))
909 {
910 /* zero out the ipv6 structure for comparison */
911 memset(&ipv6_zero, 0, sizeof(ipv6_zero));
912
913 /* default some information if not included */
914 if ((connInfo->O2T.port == 0) || (connInfo->O2T.type == CONN_TYPE_MULTICAST))
915 connInfo->O2T.port = ENIP_IO_PORT;
916 if ((connInfo->O2T.ipaddress.type == AT_NONE) ||
917 ((connInfo->O2T.ipaddress.type == AT_IPv4) && ((*(guint32*)connInfo->O2T.ipaddress.data)) == 0) ||
918 ((connInfo->O2T.ipaddress.type == AT_IPv6) && (memcmp(connInfo->O2T.ipaddress.data, &ipv6_zero, sizeof(ipv6_zero)) == 0)) ||
919 (connInfo->O2T.type != CONN_TYPE_MULTICAST))
920 connInfo->O2T.ipaddress = pinfo->src;
921 if ((connInfo->T2O.port == 0) || (connInfo->T2O.type == CONN_TYPE_MULTICAST))
922 connInfo->T2O.port = ENIP_IO_PORT;
923 if ((connInfo->T2O.ipaddress.type == AT_NONE) ||
924 ((connInfo->T2O.ipaddress.type == AT_IPv4) && ((*(guint32*)connInfo->T2O.ipaddress.data)) == 0) ||
925 ((connInfo->T2O.ipaddress.type == AT_IPv6) && (memcmp(connInfo->T2O.ipaddress.data, &ipv6_zero, sizeof(ipv6_zero)) == 0)) ||
926 (connInfo->T2O.type != CONN_TYPE_MULTICAST))
927 connInfo->T2O.ipaddress = pinfo->dst;
928
929 if (connInfo->O2T.ipaddress.type == AT_IPv6)
930 {
931 dest_address.type = AT_IPv6;
932 dest_address.len = 16;
933 }
934 else
935 {
936 dest_address.type = AT_IPv4;
937 dest_address.len = 4;
938 }
939 dest_address.data = connInfo->O2T.ipaddress.data;
940
941 /* check for O->T conversation */
942 /* similar logic to find_or_create_conversation(), but since I/O traffic
943 is on UDP, the pinfo parameter doesn't have the correct information */
944 if((conversation = find_conversation(pinfo->fd->num, &pinfo->dst, &dest_address,
945 PT_UDP, connInfo->O2T.port, 0, NO_PORT_B)) == NULL) {
946
947 conversation = conversation_new(pinfo->fd->num, &pinfo->dst, &dest_address,
948 PT_UDP, connInfo->O2T.port, 0, NO_PORT2);
949 }
950
951 enip_info = (enip_conv_info_t *)conversation_get_proto_data(conversation, proto_enip);
952 if (enip_info == NULL)
953 {
954 enip_info = wmem_new(wmem_file_scope(), enip_conv_info_t);
955 enip_info->O2TConnIDs = wmem_tree_new(wmem_file_scope());
956 enip_info->T2OConnIDs = wmem_tree_new(wmem_file_scope());
957
958 conversation_add_proto_data(conversation, proto_enip, enip_info);
959 }
960 wmem_tree_insert32(enip_info->O2TConnIDs, connInfo->O2T.connID, (void *)conn_val);
961
962 /* Check if separate T->O conversation is necessary. If either side is multicast
963 or ports aren't equal, a separate conversation must be generated */
964 dest_address.data = &connInfo->T2O.ipaddress;
965 if((conversationTO = find_conversation(pinfo->fd->num, &pinfo->src, &dest_address,
966 PT_UDP, connInfo->T2O.port, 0, NO_PORT_B)) == NULL) {
967
968 conversationTO = conversation_new(pinfo->fd->num, &pinfo->src,
969 &dest_address, PT_UDP,
970 connInfo->T2O.port, 0, NO_PORT2);
971 }
972
973 enip_info = (enip_conv_info_t *)conversation_get_proto_data(conversationTO, proto_enip);
974 if (enip_info == NULL)
975 {
976 enip_info = wmem_new(wmem_file_scope(), enip_conv_info_t);
977 enip_info->O2TConnIDs = wmem_tree_new(wmem_file_scope());
978 enip_info->T2OConnIDs = wmem_tree_new(wmem_file_scope());
979 conversation_add_proto_data(conversationTO, proto_enip, enip_info);
980 }
981 wmem_tree_insert32(enip_info->T2OConnIDs, connInfo->T2O.connID, (void *)conn_val);
982 }
983 else
984 {
985 /* explicit message connection */
986 conversation = find_or_create_conversation(pinfo);
987
988 /* Do we already have a state structure for this conv */
989 enip_info = (enip_conv_info_t *)conversation_get_proto_data(conversation, proto_enip);
990 if (!enip_info)
991 {
992 /*
993 * No. Attach that information to the conversation, and add
994 * it to the list of information structures.
995 */
996 enip_info = wmem_new(wmem_file_scope(), enip_conv_info_t);
997 enip_info->O2TConnIDs = wmem_tree_new(wmem_file_scope());
998 enip_info->T2OConnIDs = wmem_tree_new(wmem_file_scope());
999
1000 conversation_add_proto_data(conversation, proto_enip, enip_info);
1001 }
1002 wmem_tree_insert32(enip_info->O2TConnIDs, connInfo->O2T.connID, (void *)conn_val);
1003 wmem_tree_insert32(enip_info->T2OConnIDs, connInfo->T2O.connID, (void *)conn_val);
1004 }
1005 }
1006 }
1007
1008 void
1009 enip_close_cip_connection(packet_info *pinfo, guint16 ConnSerialNumber,
1010 guint16 VendorID, guint32 DeviceSerialNumber )
1011 {
1012 enip_conn_key_t conn_key;
1013 enip_conn_val_t *conn_val;
1014
1015 if (pinfo->fd->flags.visited)
1016 return;
1017
1018 conn_key.ConnSerialNumber = ConnSerialNumber;
1019 conn_key.VendorID = VendorID;
1020 conn_key.DeviceSerialNumber = DeviceSerialNumber;
1021 conn_key.O2TConnID = 0;
1022 conn_key.T2OConnID = 0;
1023
1024 conn_val = (enip_conn_val_t *)g_hash_table_lookup( enip_conn_hashtable, &conn_key );
1025 if ( conn_val )
1026 {
1027 conn_val->closeframe = pinfo->fd->num;
1028 }
1029 }
1030
1031 static guint32
1032 enip_get_explicit_connid(packet_info *pinfo, enip_request_key_t *prequest_key, guint32 connid)
1033 {
1034 conversation_t *conversation;
1035 enip_conv_info_t *enip_info;
1036 enip_conn_val_t *conn_val;
1037
1038 if ( prequest_key == NULL
1039 || ( prequest_key->requesttype != ENIP_REQUEST_PACKET && prequest_key->requesttype != ENIP_RESPONSE_PACKET )
1040 )
1041 return 0;
1042
1043 /*
1044 * Do we have a conversation for this connection?
1045 */
1046 conversation = find_conversation(pinfo->fd->num,
1047 &pinfo->src, &pinfo->dst,
1048 pinfo->ptype,
1049 pinfo->srcport, pinfo->destport, 0);
1050 if (conversation == NULL)
1051 return 0;
1052
1053 /*
1054 * Do we already have a state structure for this conv
1055 */
1056 enip_info = (enip_conv_info_t *)conversation_get_proto_data(conversation, proto_enip);
1057 if (!enip_info)
1058 return 0;
1059
1060 conn_val = NULL;
1061 switch ( prequest_key->requesttype )
1062 {
1063 case ENIP_REQUEST_PACKET:
1064 conn_val = (enip_conn_val_t *)wmem_tree_lookup32( enip_info->O2TConnIDs, connid );
1065 if ( conn_val == NULL )
1066 conn_val = (enip_conn_val_t *)wmem_tree_lookup32( enip_info->T2OConnIDs, connid );
1067 break;
1068
1069 case ENIP_RESPONSE_PACKET:
1070 conn_val = (enip_conn_val_t *)wmem_tree_lookup32( enip_info->T2OConnIDs, connid );
1071 if ( conn_val == NULL )
1072 conn_val = (enip_conn_val_t *)wmem_tree_lookup32( enip_info->O2TConnIDs, connid );
1073 break;
1074 case ENIP_CANNOT_CLASSIFY:
1075 /* ignore */
1076 break;
1077 }
1078
1079 if ((conn_val == NULL ) || (conn_val->openframe > pinfo->fd->num))
1080 return 0;
1081
1082 return conn_val->connid;
1083 }
1084
1085 static enip_conn_val_t*
1086 enip_get_io_connid(packet_info *pinfo, guint32 connid, enum enip_connid_type* pconnid_type)
1087 {
1088 conversation_t *conversation;
1089 enip_conv_info_t *enip_info;
1090 enip_conn_val_t *conn_val = NULL;
1091
1092 *pconnid_type = ECIDT_UNKNOWN;
1093
1094 /*
1095 * Do we have a conversation for this connection?
1096 */
1097 conversation = find_conversation(pinfo->fd->num,
1098 &pinfo->src, &pinfo->dst,
1099 pinfo->ptype,
1100 pinfo->destport, 0, NO_PORT_B);
1101
1102 if (conversation == NULL)
1103 return NULL;
1104
1105 /*
1106 * Do we already have a state structure for this conv
1107 */
1108 if ((enip_info = (enip_conv_info_t *)conversation_get_proto_data(conversation, proto_enip)) == NULL)
1109 return NULL;
1110
1111 if (enip_info->O2TConnIDs != NULL)
1112 conn_val = (enip_conn_val_t *)wmem_tree_lookup32( enip_info->O2TConnIDs, connid );
1113
1114 if ( conn_val == NULL )
1115 {
1116 if (enip_info->T2OConnIDs != NULL)
1117 {
1118 if ((conn_val = (enip_conn_val_t *)wmem_tree_lookup32( enip_info->T2OConnIDs, connid)) != NULL)
1119 *pconnid_type = ECIDT_T2O;
1120 }
1121 }
1122 else
1123 {
1124 *pconnid_type = ECIDT_O2T;
1125 }
1126
1127 if ((conn_val == NULL) || ( conn_val->openframe > pinfo->fd->num ))
1128 return NULL;
1129
1130 return conn_val;
1131 }
1132
1133
1134 int dissect_tcpip_status(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1135 int offset, int total_len)
1136
1137 {
1138 proto_item *status_item;
1139 proto_tree *status_tree;
1140
1141 if (total_len < 4)
1142 {
1143 expert_add_info(pinfo, item, &ei_mal_tcpip_status);
1144 return total_len;
1145 }
1146
1147 status_item = proto_tree_add_item(tree, hf_tcpip_status, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1148 status_tree = proto_item_add_subtree(status_item, ett_tcpip_status);
1149
1150 proto_tree_add_item(status_tree, hf_tcpip_status_interface_config, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1151 proto_tree_add_item(status_tree, hf_tcpip_status_mcast_pending, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1152 proto_tree_add_item(status_tree, hf_tcpip_status_interface_config_pending, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1153 proto_tree_add_item(status_tree, hf_tcpip_status_acd, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1154 proto_tree_add_item(status_tree, hf_tcpip_status_reserved, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1155 return 4;
1156 }
1157
1158 int dissect_tcpip_config_cap(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1159 int offset, int total_len)
1160
1161 {
1162 proto_item *cap_item;
1163 proto_tree *cap_tree;
1164
1165 if (total_len < 4)
1166 {
1167 expert_add_info(pinfo, item, &ei_mal_tcpip_config_cap);
1168 return total_len;
1169 }
1170
1171 cap_item = proto_tree_add_item(tree, hf_tcpip_config_cap, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1172 cap_tree = proto_item_add_subtree(cap_item, ett_tcpip_config_cap);
1173
1174 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_bootp, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1175 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_dns, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1176 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_dhcp, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1177 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_dhcp_dns_update, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1178 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_config_settable, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1179 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_hardware_config, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1180 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_interface_reset, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1181 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_acd, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1182 proto_tree_add_item(cap_tree, hf_tcpip_config_cap_reserved, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1183 return 4;
1184 }
1185
1186 int dissect_tcpip_config_control(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1187 int offset, int total_len)
1188
1189 {
1190 proto_item *control_item;
1191 proto_tree *control_tree;
1192
1193 if (total_len < 4)
1194 {
1195 expert_add_info(pinfo, item, &ei_mal_tcpip_config_control);
1196 return total_len;
1197 }
1198
1199 control_item = proto_tree_add_item(tree, hf_tcpip_config_control, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1200 control_tree = proto_item_add_subtree(control_item, ett_tcpip_config_control);
1201
1202 proto_tree_add_item(control_tree, hf_tcpip_config_control_config, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1203 proto_tree_add_item(control_tree, hf_tcpip_config_control_dns, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1204 proto_tree_add_item(control_tree, hf_tcpip_config_control_reserved, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1205 return 4;
1206 }
1207
1208 int dissect_tcpip_physical_link(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1209 int offset, int total_len)
1210
1211 {
1212 guint16 path_size;
1213 proto_item *path_item;
1214
1215 path_size = tvb_get_letohs( tvb, offset)*2;
1216 proto_tree_add_uint_format_value(tree, hf_tcpip_physical_link_size, tvb, offset, 2, path_size / 2, "%d (words)", path_size / 2);
1217
1218 if (total_len < path_size+2)
1219 {
1220 expert_add_info(pinfo, item, &ei_mal_tcpip_physical_link_size);
1221 return total_len;
1222 }
1223
1224 path_item = proto_tree_add_text(tree, tvb, offset+2, path_size, "Path: ");
1225 dissect_epath( tvb, pinfo, path_item, offset+2, path_size, FALSE, FALSE, NULL, NULL);
1226
1227 return path_size+2;
1228 }
1229
1230 int dissect_tcpip_interface_config(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1231 int offset, int total_len)
1232
1233 {
1234 guint16 domain_length;
1235
1236 if (total_len < 22)
1237 {
1238 expert_add_info(pinfo, item, &ei_mal_tcpip_interface_config);
1239 return total_len;
1240 }
1241
1242 proto_tree_add_item(tree, hf_tcpip_ic_ip_addr, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1243 proto_tree_add_item(tree, hf_tcpip_ic_subnet_mask, tvb, offset+4, 4, ENC_LITTLE_ENDIAN);
1244 proto_tree_add_item(tree, hf_tcpip_ic_gateway, tvb, offset+8, 4, ENC_LITTLE_ENDIAN);
1245 proto_tree_add_item(tree, hf_tcpip_ic_name_server, tvb, offset+12, 4, ENC_LITTLE_ENDIAN);
1246 proto_tree_add_item(tree, hf_tcpip_ic_name_server2, tvb, offset+16, 4, ENC_LITTLE_ENDIAN);
1247
1248 domain_length = tvb_get_letohs( tvb, offset+20);
1249 proto_tree_add_item(tree, hf_tcpip_ic_domain_name, tvb, offset+22, domain_length, ENC_ASCII|ENC_NA);
1250
1251 return (22+domain_length);
1252 }
1253
1254 int dissect_tcpip_mcast_config(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1255 int offset, int total_len)
1256
1257 {
1258 if (total_len < 8)
1259 {
1260 expert_add_info(pinfo, item, &ei_mal_tcpip_mcast_config);
1261 return total_len;
1262 }
1263
1264 proto_tree_add_item(tree, hf_tcpip_mcast_alloc, tvb, offset, 1, ENC_LITTLE_ENDIAN);
1265 proto_tree_add_item(tree, hf_tcpip_mcast_reserved, tvb, offset+1, 1, ENC_LITTLE_ENDIAN);
1266 proto_tree_add_item(tree, hf_tcpip_mcast_num_mcast, tvb, offset+2, 2, ENC_LITTLE_ENDIAN);
1267 proto_tree_add_item(tree, hf_tcpip_mcast_addr_start, tvb, offset+4, 4, ENC_LITTLE_ENDIAN);
1268 return 8;
1269 }
1270
1271 int dissect_tcpip_last_conflict(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1272 int offset, int total_len)
1273
1274 {
1275 tvbuff_t *next_tvb;
1276 gboolean save_info;
1277
1278 if (total_len < 35)
1279 {
1280 expert_add_info(pinfo, item, &ei_mal_tcpip_last_conflict);
1281 return total_len;
1282 }
1283
1284 proto_tree_add_item(tree, hf_tcpip_lcd_acd_activity, tvb, offset, 1, ENC_LITTLE_ENDIAN);
1285 proto_tree_add_item(tree, hf_tcpip_lcd_remote_mac, tvb, offset+1, 6, ENC_LITTLE_ENDIAN);
1286
1287 if( tvb_get_guint8(tvb, offset) == 0 )
1288 proto_tree_add_item(tree, hf_tcpip_lcd_arp_pdu, tvb, offset+7, 28, ENC_LITTLE_ENDIAN);
1289 else
1290 {
1291 /* Dissect ARP PDU, but don't have it change column info */
1292 save_info = col_get_writable(pinfo->cinfo);
1293 col_set_writable(pinfo->cinfo, FALSE);
1294
1295 next_tvb = tvb_new_subset(tvb, offset+7, 28, 28);
1296 call_dissector(arp_handle, next_tvb, pinfo, tree);
1297
1298 col_set_writable(pinfo->cinfo, save_info);
1299 }
1300
1301 return 35;
1302 }
1303
1304 int dissect_elink_interface_flags(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1305 int offset, int total_len)
1306
1307 {
1308 proto_item *flag_item;
1309 proto_tree *flag_tree;
1310
1311 if (total_len < 4)
1312 {
1313 expert_add_info(pinfo, item, &ei_mal_elink_interface_flags);
1314 return total_len;
1315 }
1316
1317 flag_item = proto_tree_add_item(tree, hf_elink_interface_flags, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1318 flag_tree = proto_item_add_subtree(flag_item, ett_elink_interface_flags);
1319
1320 proto_tree_add_item(flag_tree, hf_elink_iflags_link_status, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1321 proto_tree_add_item(flag_tree, hf_elink_iflags_duplex, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1322 proto_tree_add_item(flag_tree, hf_elink_iflags_neg_status, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1323 proto_tree_add_item(flag_tree, hf_elink_iflags_manual_reset, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1324 proto_tree_add_item(flag_tree, hf_elink_iflags_local_hw_fault, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1325 proto_tree_add_item(flag_tree, hf_elink_iflags_reserved, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1326 return 4;
1327 }
1328
1329 int dissect_elink_interface_counters(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1330 int offset, int total_len)
1331
1332 {
1333 if (total_len < 44)
1334 {
1335 expert_add_info(pinfo, item, &ei_mal_elink_interface_counters);
1336 return total_len;
1337 }
1338
1339 proto_tree_add_item(tree, hf_elink_icount_in_octets, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1340 proto_tree_add_item(tree, hf_elink_icount_in_ucast, tvb, offset+4, 4, ENC_LITTLE_ENDIAN);
1341 proto_tree_add_item(tree, hf_elink_icount_in_nucast, tvb, offset+8, 4, ENC_LITTLE_ENDIAN);
1342 proto_tree_add_item(tree, hf_elink_icount_in_discards, tvb, offset+12, 4, ENC_LITTLE_ENDIAN);
1343 proto_tree_add_item(tree, hf_elink_icount_in_errors, tvb, offset+16, 4, ENC_LITTLE_ENDIAN);
1344 proto_tree_add_item(tree, hf_elink_icount_in_unknown_protos, tvb, offset+20, 4, ENC_LITTLE_ENDIAN);
1345 proto_tree_add_item(tree, hf_elink_icount_out_octets, tvb, offset+24, 4, ENC_LITTLE_ENDIAN);
1346 proto_tree_add_item(tree, hf_elink_icount_out_ucast, tvb, offset+28, 4, ENC_LITTLE_ENDIAN);
1347 proto_tree_add_item(tree, hf_elink_icount_out_nucast, tvb, offset+32, 4, ENC_LITTLE_ENDIAN);
1348 proto_tree_add_item(tree, hf_elink_icount_out_discards, tvb, offset+36, 4, ENC_LITTLE_ENDIAN);
1349 proto_tree_add_item(tree, hf_elink_icount_out_errors, tvb, offset+40, 4, ENC_LITTLE_ENDIAN);
1350 return 44;
1351 }
1352
1353 int dissect_elink_media_counters(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1354 int offset, int total_len)
1355
1356 {
1357 if (total_len < 48)
1358 {
1359 expert_add_info(pinfo, item, &ei_mal_elink_media_counters);
1360 return total_len;
1361 }
1362
1363 proto_tree_add_item(tree, hf_elink_mcount_alignment_errors, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1364 proto_tree_add_item(tree, hf_elink_mcount_fcs_errors, tvb, offset+4, 4, ENC_LITTLE_ENDIAN);
1365 proto_tree_add_item(tree, hf_elink_mcount_single_collisions, tvb, offset+8, 4, ENC_LITTLE_ENDIAN);
1366 proto_tree_add_item(tree, hf_elink_mcount_multiple_collisions, tvb, offset+12, 4, ENC_LITTLE_ENDIAN);
1367 proto_tree_add_item(tree, hf_elink_mcount_sqe_test_errors, tvb, offset+16, 4, ENC_LITTLE_ENDIAN);
1368 proto_tree_add_item(tree, hf_elink_mcount_deferred_transmission, tvb, offset+20, 4, ENC_LITTLE_ENDIAN);
1369 proto_tree_add_item(tree, hf_elink_mcount_late_collisions, tvb, offset+24, 4, ENC_LITTLE_ENDIAN);
1370 proto_tree_add_item(tree, hf_elink_mcount_excessive_collisions, tvb, offset+28, 4, ENC_LITTLE_ENDIAN);
1371 proto_tree_add_item(tree, hf_elink_mcount_mac_transmit_errors, tvb, offset+32, 4, ENC_LITTLE_ENDIAN);
1372 proto_tree_add_item(tree, hf_elink_mcount_carrier_sense_errors, tvb, offset+36, 4, ENC_LITTLE_ENDIAN);
1373 proto_tree_add_item(tree, hf_elink_mcount_frame_too_long, tvb, offset+40, 4, ENC_LITTLE_ENDIAN);
1374 proto_tree_add_item(tree, hf_elink_mcount_mac_receive_errors, tvb, offset+44, 4, ENC_LITTLE_ENDIAN);
1375 return 48;
1376 }
1377
1378 int dissect_elink_interface_control(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1379 int offset, int total_len)
1380
1381 {
1382 proto_item *control_item;
1383 proto_tree *control_tree;
1384
1385 if (total_len < 4)
1386 {
1387 expert_add_info(pinfo, item, &ei_mal_elink_interface_control);
1388 return total_len;
1389 }
1390
1391 control_item = proto_tree_add_item(tree, hf_elink_icontrol_control_bits, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1392 control_tree = proto_item_add_subtree(control_item, ett_elink_icontrol_bits);
1393 proto_tree_add_item(control_tree, hf_elink_icontrol_control_bits_auto_neg, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1394 proto_tree_add_item(control_tree, hf_elink_icontrol_control_bits_forced_duplex, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1395 proto_tree_add_item(control_tree, hf_elink_icontrol_control_bits_reserved, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1396
1397 proto_tree_add_item(tree, hf_elink_icontrol_forced_speed, tvb, offset+2, 2, ENC_LITTLE_ENDIAN);
1398 return 4;
1399 }
1400
1401 int dissect_dlr_ring_supervisor_config(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1402 int offset, int total_len)
1403
1404 {
1405 if (total_len < 12)
1406 {
1407 expert_add_info(pinfo, item, &ei_mal_dlr_ring_supervisor_config);
1408 return total_len;
1409 }
1410
1411 proto_tree_add_item(tree, hf_dlr_rsc_ring_supervisor_enable, tvb, offset, 1, ENC_LITTLE_ENDIAN);
1412 proto_tree_add_item(tree, hf_dlr_rsc_ring_supervisor_precedence, tvb, offset+1, 1, ENC_LITTLE_ENDIAN);
1413 proto_tree_add_item(tree, hf_dlr_rsc_beacon_interval, tvb, offset+2, 4, ENC_LITTLE_ENDIAN);
1414 proto_tree_add_item(tree, hf_dlr_rsc_beacon_timeout, tvb, offset+6, 4, ENC_LITTLE_ENDIAN);
1415 proto_tree_add_item(tree, hf_dlr_rsc_dlr_vlan_id, tvb, offset+10, 2, ENC_LITTLE_ENDIAN);
1416 return 12;
1417 }
1418
1419 int dissect_dlr_last_active_node_on_port_1(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1420 int offset, int total_len)
1421
1422 {
1423 if (total_len < 10)
1424 {
1425 expert_add_info(pinfo, item, &ei_mal_dlr_last_active_node_on_port_1);
1426 return total_len;
1427 }
1428
1429 proto_tree_add_item(tree, hf_dlr_lanp1_dev_ip_addr, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1430 proto_tree_add_item(tree, hf_dlr_lanp1_dev_physical_address, tvb, offset+4, 6, ENC_LITTLE_ENDIAN);
1431 return 10;
1432 }
1433
1434 int dissect_dlr_last_active_node_on_port_2(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1435 int offset, int total_len)
1436
1437 {
1438 if (total_len < 10)
1439 {
1440 expert_add_info(pinfo, item, &ei_mal_dlr_last_active_node_on_port_2);
1441 return total_len;
1442 }
1443
1444 proto_tree_add_item(tree, hf_dlr_lanp2_dev_ip_addr, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1445 proto_tree_add_item(tree, hf_dlr_lanp2_dev_physical_address, tvb, offset+4, 6, ENC_LITTLE_ENDIAN);
1446 return 10;
1447 }
1448
1449 int dissect_dlr_ring_protocol_participants_list(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1450 int offset, int total_len)
1451
1452 {
1453 int pos;
1454
1455 if (total_len % 10)
1456 {
1457 expert_add_info(pinfo, item, &ei_mal_dlr_ring_protocol_participants_list);
1458 return total_len;
1459 }
1460
1461 pos=0;
1462 while( pos < total_len)
1463 {
1464 proto_tree_add_item(tree, hf_dlr_rppl_dev_ip_addr, tvb, offset+pos, 4, ENC_LITTLE_ENDIAN);
1465 proto_tree_add_item(tree, hf_dlr_rppl_dev_physical_address, tvb, offset+pos+4, 6, ENC_LITTLE_ENDIAN);
1466 pos+=10;
1467 }
1468 return total_len;
1469 }
1470
1471 int dissect_dlr_active_supervisor_address(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1472 int offset, int total_len)
1473
1474 {
1475 if (total_len < 10)
1476 {
1477 expert_add_info(pinfo, item, &ei_mal_dlr_active_supervisor_address);
1478 return total_len;
1479 }
1480
1481 proto_tree_add_item(tree, hf_dlr_asa_supervisor_ip_addr, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1482 proto_tree_add_item(tree, hf_dlr_asa_supervisor_physical_address, tvb, offset+4, 6, ENC_LITTLE_ENDIAN);
1483 return 10;
1484 }
1485
1486 int dissect_dlr_capability_flags(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1487 int offset, int total_len)
1488
1489 {
1490 proto_item* flag_item;
1491 proto_tree* flag_tree;
1492
1493 if (total_len < 4)
1494 {
1495 expert_add_info(pinfo, item, &ei_mal_dlr_capability_flags);
1496 return total_len;
1497 }
1498
1499 flag_item = proto_tree_add_item(tree, hf_dlr_capability_flags, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1500 flag_tree = proto_item_add_subtree(flag_item, ett_dlr_capability_flags);
1501
1502 proto_tree_add_item(flag_tree, hf_dlr_capflags_announce_base_node, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1503 proto_tree_add_item(flag_tree, hf_dlr_capflags_beacon_base_node, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1504 proto_tree_add_item(flag_tree, hf_dlr_capflags_reserved1, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1505 proto_tree_add_item(flag_tree, hf_dlr_capflags_supervisor_capable, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1506 proto_tree_add_item(flag_tree, hf_dlr_capflags_redundant_gateway_capable, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1507 proto_tree_add_item(flag_tree, hf_dlr_capflags_flush_frame_capable, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1508 proto_tree_add_item(flag_tree, hf_dlr_capflags_reserved2, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1509 return 4;
1510 }
1511
1512 int dissect_dlr_redundant_gateway_config(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1513 int offset, int total_len)
1514
1515 {
1516 if (total_len < 11)
1517 {
1518 expert_add_info(pinfo, item, &ei_mal_dlr_redundant_gateway_config);
1519 return total_len;
1520 }
1521
1522 proto_tree_add_item(tree, hf_dlr_rgc_red_gateway_enable, tvb, offset, 1, ENC_LITTLE_ENDIAN);
1523 proto_tree_add_item(tree, hf_dlr_rgc_gateway_precedence, tvb, offset+1, 1, ENC_LITTLE_ENDIAN);
1524 proto_tree_add_item(tree, hf_dlr_rgc_advertise_interval, tvb, offset+2, 4, ENC_LITTLE_ENDIAN);
1525 proto_tree_add_item(tree, hf_dlr_rgc_advertise_timeout, tvb, offset+6, 4, ENC_LITTLE_ENDIAN);
1526 proto_tree_add_item(tree, hf_dlr_rgc_learning_update_enable, tvb, offset+10, 1, ENC_LITTLE_ENDIAN);
1527 return 11;
1528 }
1529
1530 int dissect_dlr_active_gateway_address(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
1531 int offset, int total_len)
1532
1533 {
1534 if (total_len < 10)
1535 {
1536 expert_add_info(pinfo, item, &ei_mal_dlr_active_gateway_address);
1537 return total_len;
1538 }
1539
1540 proto_tree_add_item(tree, hf_dlr_aga_ip_addr, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1541 proto_tree_add_item(tree, hf_dlr_aga_physical_address, tvb, offset+4, 6, ENC_LITTLE_ENDIAN);
1542 return 10;
1543 }
1544
1545 attribute_info_t enip_attribute_vals[45] = {
1546
1547 /* TCP/IP object */
1548 {0xF5, FALSE, 1, "Status", cip_dissector_func, NULL, dissect_tcpip_status},
1549 {0xF5, FALSE, 2, "Configuration Capability", cip_dissector_func, NULL, dissect_tcpip_config_cap},
1550 {0xF5, FALSE, 3, "Configuration Control", cip_dissector_func, NULL, dissect_tcpip_config_control},
1551 {0xF5, FALSE, 4, "Physical Link Object", cip_dissector_func, NULL, dissect_tcpip_physical_link},
1552 {0xF5, FALSE, 5, "Interface Configuration", cip_dissector_func, NULL, dissect_tcpip_interface_config},
1553 {0xF5, FALSE, 6, "Host Name", cip_string, &hf_tcpip_hostname, NULL},
1554 {0xF5, FALSE, 8, "TTL Value", cip_usint, &hf_tcpip_ttl_value, NULL},
1555 {0xF5, FALSE, 9, "Multicast Configuration", cip_dissector_func, NULL, dissect_tcpip_mcast_config},
1556 {0xF5, FALSE, 10, "Select ACD", cip_bool, &hf_tcpip_select_acd, NULL},
1557 {0xF5, FALSE, 11, "Last Conflict Detected", cip_dissector_func, NULL, dissect_tcpip_last_conflict},
1558 {0xF5, FALSE, 12, "EtherNet/IP Quick Connect", cip_bool, &hf_tcpip_quick_connect, NULL},
1559
1560 /* Ethernet Link object */
1561 {0xF6, FALSE, 1, "Interface Speed", cip_dword, &hf_elink_interface_speed, NULL},
1562 {0xF6, FALSE, 2, "Interface Flags", cip_dissector_func, NULL, dissect_elink_interface_flags},
1563 {0xF6, FALSE, 3, "Physical Address", cip_byte_array, &hf_elink_physical_address, NULL},
1564 {0xF6, FALSE, 4, "Interface Counters", cip_dissector_func, NULL, dissect_elink_interface_counters},
1565 {0xF6, FALSE, 5, "Media Counters", cip_dissector_func, NULL, dissect_elink_media_counters},
1566 {0xF6, FALSE, 6, "Interface Control", cip_dissector_func, NULL, dissect_elink_interface_control},
1567 {0xF6, FALSE, 7, "Interface Type", cip_usint, &hf_elink_interface_type, NULL},
1568 {0xF6, FALSE, 8, "Interface State", cip_usint, &hf_elink_interface_state, NULL},
1569 {0xF6, FALSE, 9, "Admin State", cip_usint, &hf_elink_admin_state, NULL},
1570 {0xF6, FALSE, 10, "Interface Label", cip_short_string, &hf_elink_interface_label, NULL},
1571
1572 /* QoS object */
1573 {0x48, FALSE, 1, "802.1Q Tag Enable", cip_bool, &hf_qos_8021q_enable, NULL},
1574 {0x48, FALSE, 2, "DSCP PTP Event", cip_usint, &hf_qos_dscp_ptp_event, NULL},
1575 {0x48, FALSE, 3, "DSCP PTP General", cip_usint, &hf_qos_dscp_ptp_general, NULL},
1576 {0x48, FALSE, 4, "DSCP Urgent", cip_usint, &hf_qos_dscp_urgent, NULL},
1577 {0x48, FALSE, 5, "DSCP Scheduled", cip_usint, &hf_qos_dscp_scheduled, NULL},
1578 {0x48, FALSE, 6, "DSCP High", cip_usint, &hf_qos_dscp_high, NULL},
1579 {0x48, FALSE, 7, "DSCP Low", cip_usint, &hf_qos_dscp_low, NULL},
1580 {0x48, FALSE, 8, "DSCP Explicit", cip_usint, &hf_qos_dscp_explicit, NULL},
1581
1582 /* DLR object */
1583 {0x47, FALSE, 1, "Network Topology", cip_usint, &hf_dlr_network_topology, NULL},
1584 {0x47, FALSE, 2, "Network Status", cip_usint, &hf_dlr_network_status, NULL},
1585 {0x47, FALSE, 3, "Ring Supervisor Status", cip_usint, &hf_dlr_ring_supervisor_status, NULL},
1586 {0x47, FALSE, 4, "Ring Supervisor Config", cip_dissector_func, NULL, dissect_dlr_ring_supervisor_config},
1587 {0x47, FALSE, 5, "Ring Faults Count", cip_uint, &hf_dlr_ring_faults_count, NULL},
1588 {0x47, FALSE, 6, "Last Active Node on Port 1", cip_dissector_func, NULL, dissect_dlr_last_active_node_on_port_1},
1589 {0x47, FALSE, 7, "Last Active Node on Port 2", cip_dissector_func, NULL, dissect_dlr_last_active_node_on_port_2},
1590 {0x47, FALSE, 8, "Ring Protocol Participants Count", cip_uint, &hf_dlr_ring_protocol_participants_count, NULL},
1591 {0x47, FALSE, 9, "Ring Protocol Participants List", cip_dissector_func, NULL, dissect_dlr_ring_protocol_participants_list},
1592 {0x47, FALSE, 10, "Active Supervisor Address", cip_dissector_func, NULL, dissect_dlr_active_supervisor_address},
1593 {0x47, FALSE, 11, "Active Supervisor Precedence", cip_usint, &hf_dlr_active_supervisor_precedence, NULL},
1594 {0x47, FALSE, 12, "Capability Flags", cip_dissector_func, NULL, dissect_dlr_capability_flags},
1595 {0x47, FALSE, 13, "Redundant Gateway Config", cip_dissector_func, NULL, dissect_dlr_redundant_gateway_config},
1596 {0x47, FALSE, 14, "Redundant Gateway Status", cip_usint, &hf_dlr_redundant_gateway_status, NULL},
1597 {0x47, FALSE, 15, "Active Gateway Address", cip_dissector_func, NULL, dissect_dlr_active_gateway_address},
1598 {0x47, FALSE, 16, "Actice Gateway Precedence", cip_usint, &hf_dlr_active_gateway_precedence, NULL},
1599 };
1600
1601
1602 /*
1603 * Protocol initialization
1604 */
1605 static void
1606 enip_init_protocol(void)
1607 {
1608 if (enip_request_hashtable)
1609 g_hash_table_destroy(enip_request_hashtable);
1610 enip_request_hashtable = g_hash_table_new(enip_request_hash, enip_request_equal);
1611
1612 if (enip_conn_hashtable)
1613 g_hash_table_destroy(enip_conn_hashtable);
1614 enip_conn_hashtable = g_hash_table_new(enip_conn_hash, enip_conn_equal);
1615 }
1616
1617 /* Disssect Common Packet Format */
1618 static void
1619 dissect_cpf(enip_request_key_t *request_key, int command, tvbuff_t *tvb,
1620 packet_info *pinfo, proto_tree *tree, proto_tree *dissector_tree, int offset, guint32 ifacehndl)
1621 {
1622 proto_item *temp_item, *count_item, *type_item, *sockaddr_item, *io_item;
1623 proto_tree *temp_tree, *count_tree, *item_tree, *sockaddr_tree, *io_tree;
1624 int item_count, item_length, item, io_length;
1625 unsigned char name_length;
1626 tvbuff_t *next_tvb;
1627 enip_request_info_t *request_info;
1628 enip_conn_val_t* conn_info = NULL;
1629 gboolean FwdOpen = FALSE;
1630 gboolean FwdOpenReply = FALSE;
1631 enum enip_connid_type connid_type = ECIDT_UNKNOWN;
1632 cip_safety_info_t* cip_safety;
1633
1634 /* Create item count tree */
1635 item_count = tvb_get_letohs( tvb, offset );
1636 count_item = proto_tree_add_item( tree, hf_enip_cpf_itemcount, tvb, offset, 2, ENC_LITTLE_ENDIAN );
1637 count_tree = proto_item_add_subtree( count_item, ett_count_tree );
1638
1639 while( item_count-- )
1640 {
1641 /* Add item type tree to item count tree*/
1642 type_item = proto_tree_add_item( count_tree, hf_enip_cpf_typeid, tvb, offset+2, 2, ENC_LITTLE_ENDIAN );
1643 item_tree = proto_item_add_subtree( type_item, ett_type_tree );
1644
1645 /* Add length field to item type tree */
1646 proto_tree_add_item( item_tree, hf_enip_cpf_length, tvb, offset+4, 2, ENC_LITTLE_ENDIAN );
1647
1648 item = tvb_get_letohs( tvb, offset+2 );
1649 item_length = tvb_get_letohs( tvb, offset+4 );
1650
1651 if( item_length )
1652 {
1653 /* Add item data field */
1654
1655 switch( item )
1656 {
1657 case CONNECTION_BASED:
1658
1659 if ( request_key )
1660 {
1661 request_key->type = EPDT_CONNECTED_TRANSPORT;
1662 request_key->data.connected_transport.connid = enip_get_explicit_connid( pinfo, request_key, tvb_get_letohl( tvb, offset+6 ) );
1663 }
1664 /* Add Connection identifier */
1665 proto_tree_add_item(item_tree, hf_enip_cpf_cai_connid, tvb, offset+6, 4, ENC_LITTLE_ENDIAN );
1666
1667 /* Add Connection ID to Info col */
1668 col_append_fstr(pinfo->cinfo, COL_INFO, ", CONID: 0x%08X", tvb_get_letohl( tvb, offset+6 ) );
1669 break;
1670
1671 case UNCONNECTED_MSG:
1672 request_info = NULL;
1673 if ( request_key )
1674 {
1675 request_key->type = EPDT_UNCONNECTED;
1676 request_info = enip_match_request( pinfo, tree, request_key );
1677 }
1678
1679 /* Call dissector for interface */
1680 next_tvb = tvb_new_subset( tvb, offset+6, item_length, item_length );
1681 p_add_proto_data(pinfo->fd, proto_enip, 0, request_info);
1682 if( tvb_length_remaining(next_tvb, 0) <= 0 || !dissector_try_uint(subdissector_srrd_table, ifacehndl, next_tvb, pinfo, dissector_tree) )
1683 {
1684 /* Show the undissected payload */
1685 if( tvb_length_remaining(tvb, offset) > 0 )
1686 call_dissector( data_handle, next_tvb, pinfo, dissector_tree);
1687 }
1688
1689 /* Check if this is a ForwardOpen packet, because special handling is needed
1690 to handle connection conversations */
1691 if ((request_info != NULL) && (request_info->cip_info != NULL) &&
1692 (request_info->cip_info->connInfo != NULL) &&
1693 (request_key != NULL) &&
1694 (((request_info->cip_info->bService & 0x7F) == SC_CM_FWD_OPEN) ||
1695 ((request_info->cip_info->bService & 0x7F) == SC_CM_LARGE_FWD_OPEN))&&
1696 (request_info->cip_info->dissector == dissector_get_uint_handle( subdissector_class_table, CI_CLS_CM)))
1697 {
1698 if (request_key->requesttype == ENIP_REQUEST_PACKET)
1699 {
1700 FwdOpen = TRUE;
1701 }
1702 else
1703 {
1704 FwdOpenReply = TRUE;
1705 }
1706 }
1707 else
1708 {
1709 p_remove_proto_data(pinfo->fd, proto_enip, 0);
1710 }
1711 break;
1712
1713 case CONNECTION_TRANSPORT:
1714
1715 if( command == SEND_UNIT_DATA )
1716 {
1717 request_info = NULL;
1718
1719 if ( request_key )
1720 {
1721 request_key->type = EPDT_CONNECTED_TRANSPORT;
1722 request_key->data.connected_transport.sequence = tvb_get_letohs( tvb, offset+6 );
1723 request_info = enip_match_request( pinfo, tree, request_key );
1724 }
1725
1726 /*
1727 ** If the encapsulation service is SendUnit Data, this is a
1728 ** encapsulated connected message
1729 */
1730
1731 /* Add sequence count ( Transport Class 1,2,3 ) */
1732 proto_tree_add_item( item_tree, hf_enip_cpf_cdi_seqcnt, tvb, offset+6, 2, ENC_LITTLE_ENDIAN );
1733
1734 /* Call dissector for interface */
1735 next_tvb = tvb_new_subset (tvb, offset+8, item_length-2, item_length-2);
1736 p_add_proto_data(pinfo->fd, proto_enip, 0, request_info);
1737 if( tvb_length_remaining(next_tvb, 0) <= 0 || !dissector_try_uint(subdissector_sud_table, ifacehndl, next_tvb, pinfo, dissector_tree) )
1738 {
1739 /* Show the undissected payload */
1740 if( tvb_length_remaining(tvb, offset) > 0 )
1741 call_dissector( data_handle, next_tvb, pinfo, dissector_tree );
1742 }
1743 p_remove_proto_data(pinfo->fd, proto_enip, 0);
1744 }
1745 else
1746 {
1747 /* Display data */
1748 if (tvb_length_remaining(tvb, offset+6) > 0)
1749 {
1750 next_tvb = tvb_new_subset(tvb, offset+6, item_length, item_length);
1751 if (conn_info != NULL)
1752 {
1753 if (conn_info->safety.safety_seg == TRUE)
1754 {
1755 /* Add any possible safety related data */
1756 cip_safety = wmem_new(wmem_file_scope(), cip_safety_info_t);
1757 cip_safety->conn_type = connid_type;
1758 cip_safety->server_dir = (conn_info->TransportClass_trigger & CI_PRODUCTION_DIR_MASK) ? TRUE : FALSE;
1759 cip_safety->format = conn_info->safety.format;
1760 p_add_proto_data(pinfo->fd, proto_cipsafety, 0, cip_safety);
1761 call_dissector(cipsafety_handle, next_tvb, pinfo, dissector_tree);
1762 }
1763 else if (conn_info->motion == TRUE)
1764 {
1765 call_dissector(cipmotion_handle, next_tvb, pinfo, dissector_tree);
1766 }
1767 else
1768 {
1769 io_length = item_length;
1770
1771 if ((conn_info->TransportClass_trigger & CI_TRANSPORT_CLASS_MASK) == 1)
1772 {
1773 proto_tree_add_item( item_tree, hf_enip_cpf_cdi_seqcnt,
1774 tvb, offset+6+(item_length-io_length), 2, ENC_LITTLE_ENDIAN );
1775 io_length -= 2;
1776 }
1777
1778 if (((connid_type == ECIDT_O2T) && enip_OTrun_idle) ||
1779 ((connid_type == ECIDT_T2O) && enip_TOrun_idle))
1780 {
1781 io_item = proto_tree_add_item( item_tree, hf_enip_cpf_cdi_32bitheader,
1782 tvb, offset+6+(item_length-io_length), 4, ENC_LITTLE_ENDIAN );
1783 io_tree = proto_item_add_subtree( io_item, ett_32bitheader_tree );
1784 proto_tree_add_item(io_tree, hf_enip_cpf_cdi_32bitheader_roo,
1785 tvb, offset+6+(item_length-io_length), 4, ENC_LITTLE_ENDIAN );
1786 proto_tree_add_item(io_tree, hf_enip_cpf_cdi_32bitheader_coo,
1787 tvb, offset+6+(item_length-io_length), 4, ENC_LITTLE_ENDIAN );
1788 proto_tree_add_item(io_tree, hf_enip_cpf_cdi_32bitheader_run_idle,
1789 tvb, offset+6+(item_length-io_length), 4, ENC_LITTLE_ENDIAN );
1790 io_length -= 4;
1791 }
1792
1793 proto_tree_add_item(item_tree, hf_enip_connection_transport_data, tvb, offset+6+(item_length-io_length), io_length, ENC_NA);
1794 }
1795 }
1796 else
1797 {
1798 switch(default_io_dissector_type)
1799 {
1800 case ENIP_IO_SAFETY:
1801 call_dissector(cipsafety_handle, next_tvb, pinfo, dissector_tree);
1802 break;
1803 case ENIP_IO_MOTION:
1804 call_dissector(cipmotion_handle, next_tvb, pinfo, dissector_tree);
1805 break;
1806 default:
1807 proto_tree_add_item(item_tree, hf_enip_connection_transport_data, tvb, offset+6, item_length, ENC_NA);
1808 break;
1809 }
1810 }
1811 }
1812 } /* End of if send unit data */
1813
1814 break;
1815
1816
1817 case LIST_IDENTITY_RESP:
1818
1819 /* Encapsulation version */
1820 proto_tree_add_item( item_tree, hf_enip_encapver, tvb, offset+6, 2, ENC_LITTLE_ENDIAN );
1821
1822 /* Socket Address */
1823 sockaddr_item = proto_tree_add_text( item_tree, tvb, offset+8, 16, "Socket Address");
1824 sockaddr_tree = proto_item_add_subtree( sockaddr_item, ett_sockadd );
1825
1826 /* Socket address struct - sin_family */
1827 proto_tree_add_item(sockaddr_tree, hf_enip_sinfamily,
1828 tvb, offset+8, 2, ENC_BIG_ENDIAN );
1829
1830 /* Socket address struct - sin_port */
1831 proto_tree_add_item(sockaddr_tree, hf_enip_sinport,
1832 tvb, offset+10, 2, ENC_BIG_ENDIAN );
1833
1834 /* Socket address struct - sin_address */
1835 proto_tree_add_item(sockaddr_tree, hf_enip_sinaddr,
1836 tvb, offset+12, 4, ENC_BIG_ENDIAN );
1837
1838 /* Socket address struct - sin_zero */
1839 proto_tree_add_item(sockaddr_tree, hf_enip_sinzero,
1840 tvb, offset+16, 8, ENC_NA );
1841
1842 /* Vendor ID */
1843 proto_tree_add_item(item_tree, hf_enip_lir_vendor,
1844 tvb, offset+24, 2, ENC_LITTLE_ENDIAN );
1845
1846 /* Device Type */
1847 proto_tree_add_item(item_tree, hf_enip_lir_devtype,
1848 tvb, offset+26, 2, ENC_LITTLE_ENDIAN );
1849
1850 /* Product Code */
1851 proto_tree_add_item(item_tree, hf_enip_lir_prodcode,
1852 tvb, offset+28, 2, ENC_LITTLE_ENDIAN );
1853
1854 /* Revision */
1855 proto_tree_add_item(item_tree, hf_enip_lir_revision,
1856 tvb, offset+30, 2, ENC_NA );
1857
1858 /* Status */
1859 proto_tree_add_item(item_tree, hf_enip_lir_status,
1860 tvb, offset+32, 2, ENC_LITTLE_ENDIAN );
1861
1862 /* Serial Number */
1863 proto_tree_add_item(item_tree, hf_enip_lir_serial,
1864 tvb, offset+34, 4, ENC_LITTLE_ENDIAN );
1865
1866 /* Product Name Length */
1867 name_length = tvb_get_guint8( tvb, offset+38 );
1868 proto_tree_add_item( item_tree, hf_enip_lir_namelen,
1869 tvb, offset+38, 1, ENC_LITTLE_ENDIAN );
1870
1871 /* Product Name */
1872 proto_tree_add_item(item_tree, hf_enip_lir_name,
1873 tvb, offset+39, name_length, ENC_ASCII|ENC_NA );
1874
1875 /* Append product name to info column */
1876 col_append_fstr( pinfo->cinfo, COL_INFO, ", %s", tvb_format_text(tvb, offset+39, name_length));
1877
1878 /* State */
1879 proto_tree_add_item(item_tree, hf_enip_lir_state,
1880 tvb, offset+name_length+39, 1, ENC_LITTLE_ENDIAN );
1881 break;
1882
1883
1884 case SOCK_ADR_INFO_OT:
1885 case SOCK_ADR_INFO_TO:
1886
1887 /* Socket address struct - sin_family */
1888 proto_tree_add_item(item_tree, hf_enip_sinfamily,
1889 tvb, offset+6, 2, ENC_BIG_ENDIAN );
1890
1891 /* Socket address struct - sin_port */
1892 proto_tree_add_item(item_tree, hf_enip_sinport,
1893 tvb, offset+8, 2, ENC_BIG_ENDIAN );
1894
1895 /* Socket address struct - sin_address */
1896 proto_tree_add_item(item_tree, hf_enip_sinaddr,
1897 tvb, offset+10, 4, ENC_BIG_ENDIAN );
1898
1899 /* Socket address struct - sin_zero */
1900 proto_tree_add_item( item_tree, hf_enip_sinzero,
1901 tvb, offset+14, 8, ENC_NA );
1902
1903 if ((FwdOpen == TRUE) || (FwdOpenReply == TRUE))
1904 {
1905 request_info = (enip_request_info_t *)p_get_proto_data(pinfo->fd, proto_enip, 0);
1906 if (request_info != NULL)
1907 {
1908 if (item == SOCK_ADR_INFO_OT)
1909 {
1910 request_info->cip_info->connInfo->O2T.port = tvb_get_ntohs(tvb, offset+8);
1911 request_info->cip_info->connInfo->O2T.ipaddress.type = AT_IPv4;
1912 request_info->cip_info->connInfo->O2T.ipaddress.data = wmem_alloc(wmem_file_scope(), sizeof(guint32));
1913 *((guint32*)request_info->cip_info->connInfo->O2T.ipaddress.data) = tvb_get_ipv4(tvb, offset+10);
1914 }
1915 else
1916 {
1917 request_info->cip_info->connInfo->T2O.port = tvb_get_ntohs(tvb, offset+8);
1918 request_info->cip_info->connInfo->T2O.ipaddress.type = AT_IPv4;
1919 request_info->cip_info->connInfo->T2O.ipaddress.data = wmem_alloc(wmem_file_scope(), sizeof(guint32));
1920 *((guint32*)request_info->cip_info->connInfo->T2O.ipaddress.data) = tvb_get_ipv4(tvb, offset+10);
1921 }
1922 }
1923 }
1924 break;
1925
1926
1927 case SEQ_ADDRESS:
1928 conn_info = enip_get_io_connid( pinfo, tvb_get_letohl( tvb, offset+6 ), &connid_type);
1929 proto_tree_add_item(item_tree, hf_enip_cpf_sai_connid, tvb, offset+6, 4, ENC_LITTLE_ENDIAN );
1930 proto_tree_add_item(item_tree, hf_enip_cpf_sai_seqnum, tvb, offset+10, 4, ENC_LITTLE_ENDIAN );
1931
1932 /* Add info to column */
1933 col_add_fstr(pinfo->cinfo, COL_INFO, "Connection: ID=0x%08X, SEQ=%010d",
1934 tvb_get_letohl( tvb, offset+6 ),
1935 tvb_get_letohl( tvb, offset+10 ) );
1936 break;
1937
1938 case LIST_SERVICES_RESP:
1939
1940 /* Encapsulation version */
1941 proto_tree_add_item( item_tree, hf_enip_encapver, tvb, offset+6, 2, ENC_LITTLE_ENDIAN );
1942
1943 /* Capability flags */
1944 temp_item = proto_tree_add_item( item_tree, hf_enip_lsr_capaflags, tvb, offset+8, 2, ENC_LITTLE_ENDIAN );
1945 temp_tree = proto_item_add_subtree( temp_item, ett_lsrcf );
1946
1947 proto_tree_add_item( temp_tree, hf_enip_lsr_tcp, tvb, offset+8, 2, ENC_LITTLE_ENDIAN );
1948 proto_tree_add_item( temp_tree, hf_enip_lsr_udp, tvb, offset+8, 2, ENC_LITTLE_ENDIAN );
1949
1950 /* Name of service */
1951 proto_tree_add_item( item_tree, hf_enip_lsr_servicename, tvb, offset+10, 16, ENC_ASCII|ENC_NA );
1952
1953 /* Append service name to info column */
1954 col_append_fstr( pinfo->cinfo, COL_INFO, ", %s",
1955 tvb_format_stringzpad(tvb, offset+10, 16) );
1956 break;
1957
1958
1959 default:
1960
1961 proto_tree_add_item(item_tree, hf_enip_cpf_data, tvb, offset+6, item_length, ENC_NA);
1962 break;
1963
1964 } /* end of switch( item type ) */
1965
1966 } /* end of if( item length ) */
1967
1968 offset = offset + item_length + 4;
1969
1970 } /* end of while( item count ) */
1971
1972 /* See if there is a CIP connection to establish */
1973 if (FwdOpenReply == TRUE)
1974 {
1975 request_info = (enip_request_info_t *)p_get_proto_data(pinfo->fd, proto_enip, 0);
1976 if (request_info != NULL)
1977 {
1978 enip_open_cip_connection(pinfo, request_info->cip_info->connInfo);
1979 }
1980 p_remove_proto_data(pinfo->fd, proto_enip, 0);
1981 }
1982 else if (FwdOpen == TRUE)
1983 {
1984 p_remove_proto_data(pinfo->fd, proto_enip, 0);
1985 }
1986
1987 } /* end of dissect_cpf() */
1988
1989
1990
1991 static enum enip_packet_type
1992 classify_packet(packet_info *pinfo)
1993 {
1994 /* see if nature of packets can be derived from src/dst ports */
1995 /* if so, return as found */
1996 if ( ( ENIP_ENCAP_PORT == pinfo->srcport && ENIP_ENCAP_PORT != pinfo->destport ) ||
1997 ( ENIP_ENCAP_PORT != pinfo->srcport && ENIP_ENCAP_PORT == pinfo->destport ) ) {
1998 if ( ENIP_ENCAP_PORT == pinfo->srcport )
1999 return ENIP_RESPONSE_PACKET;
2000 else if ( ENIP_ENCAP_PORT == pinfo->destport )
2001 return ENIP_REQUEST_PACKET;
2002 }
2003 /* else, cannot classify */
2004 return ENIP_CANNOT_CLASSIFY;
2005 }
2006
2007 static guint
2008 get_enip_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset)
2009 {
2010 guint16 plen;
2011
2012 /*
2013 * Get the length of the data from the encapsulation header.
2014 */
2015 plen = tvb_get_letohs(tvb, offset + 2);
2016
2017 /*
2018 * That length doesn't include the encapsulation header itself;
2019 * add that in.
2020 */
2021 return plen + 24;
2022 }
2023
2024 /* Code to actually dissect the packets */
2025 static int
2026 dissect_enip_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
2027 {
2028 enum enip_packet_type packet_type;
2029 guint16 encap_cmd, encap_data_length;
2030 const char *pkt_type_str = "";
2031 guint32 ifacehndl;
2032 enip_request_key_t request_key;
2033 conversation_t *conversation;
2034
2035 /* Set up structures needed to add the protocol subtree and manage it */
2036 proto_item *ti, *encaph, *csf;
2037 proto_tree *enip_tree, *header_tree = NULL, *csftree;
2038
2039 /* Make entries in Protocol column and Info column on summary display */
2040 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ENIP");
2041 col_clear(pinfo->cinfo, COL_INFO);
2042
2043 encap_cmd = tvb_get_letohs( tvb, 0 );
2044
2045 packet_type = classify_packet(pinfo);
2046
2047 switch ( packet_type )
2048 {
2049 case ENIP_REQUEST_PACKET:
2050 pkt_type_str="Req";
2051 break;
2052
2053 case ENIP_RESPONSE_PACKET:
2054 pkt_type_str="Rsp";
2055 break;
2056
2057 case ENIP_CANNOT_CLASSIFY:
2058 default:
2059 pkt_type_str="?";
2060 }
2061
2062 /* Add encapsulation command to info column */
2063 col_append_sep_fstr(pinfo->cinfo, COL_INFO, " | ", "%s (%s)",
2064 val_to_str(encap_cmd, encap_cmd_vals, "Unknown (0x%04x)"),
2065 pkt_type_str );
2066
2067 /*
2068 * We need to track some state for this protocol on a per conversation
2069 * basis so we can do neat things like request/response tracking
2070 */
2071 conversation = find_or_create_conversation(pinfo);
2072
2073 /*
2074 * Attach that information to the conversation, and add
2075 * it to the list of information structures later before dissection.
2076 */
2077 memset( &request_key, 0, sizeof(enip_request_key_t) );
2078 request_key.requesttype = packet_type;
2079 request_key.type = EPDT_UNKNOWN;
2080 request_key.session_handle = tvb_get_letohl( tvb, 4 );
2081 request_key.sender_context = tvb_get_letoh64( tvb, 12 );
2082 request_key.conversation = conversation->index;
2083
2084 encap_data_length = tvb_get_letohs( tvb, 2 );
2085 enip_tree = NULL;
2086
2087 if (tree) {
2088 /* create display subtree for the protocol */
2089 ti = proto_tree_add_item(tree, proto_enip, tvb, 0, -1, ENC_NA );
2090
2091 enip_tree = proto_item_add_subtree(ti, ett_enip);
2092
2093 /* Add encapsulation header tree */
2094 encaph = proto_tree_add_text( enip_tree, tvb, 0, 24, "Encapsulation Header");
2095 header_tree = proto_item_add_subtree(encaph, ett_enip);
2096
2097 /* Add EtherNet/IP encapsulation header */
2098 proto_tree_add_item( header_tree, hf_enip_command, tvb, 0, 2, ENC_LITTLE_ENDIAN );
2099
2100 encap_data_length = tvb_get_letohs( tvb, 2 );
2101 proto_tree_add_item( header_tree, hf_enip_length, tvb, 2, 2, ENC_LITTLE_ENDIAN );
2102 proto_tree_add_item( header_tree, hf_enip_session, tvb, 4, 4, ENC_LITTLE_ENDIAN );
2103 proto_tree_add_item( header_tree, hf_enip_status, tvb, 8, 4, ENC_LITTLE_ENDIAN );
2104 if ((encap_cmd == LIST_IDENTITY) &&
2105 /* Length of 0 probably indicates a request */
2106 ((encap_data_length == 0) || (packet_type == ENIP_REQUEST_PACKET)))
2107 {
2108 proto_tree_add_item( header_tree, hf_enip_listid_delay, tvb, 12, 2, ENC_LITTLE_ENDIAN );
2109 proto_tree_add_item( header_tree, hf_enip_sendercontex, tvb, 14, 6, ENC_NA );
2110 }
2111 else
2112 {
2113 proto_tree_add_item( header_tree, hf_enip_sendercontex, tvb, 12, 8, ENC_NA );
2114 }
2115 proto_tree_add_item( header_tree, hf_enip_options, tvb, 20, 4, ENC_LITTLE_ENDIAN );
2116
2117 /* Append session and command to the protocol tree */
2118 proto_item_append_text( ti, ", Session: 0x%08X, %s", tvb_get_letohl( tvb, 4 ),
2119 val_to_str( encap_cmd, encap_cmd_vals, "Unknown (0x%04x)" ) );
2120
2121 } /* end of tree */
2122
2123 /*
2124 ** For some commands we want to add some info to the info column
2125 */
2126 switch( encap_cmd )
2127 {
2128 case REGISTER_SESSION:
2129 case UNREGISTER_SESSION:
2130 col_append_fstr( pinfo->cinfo, COL_INFO, ", Session: 0x%08X",
2131 tvb_get_letohl( tvb, 4 ) );
2132 break;
2133 }
2134
2135 /* Command specific data - create tree */
2136 if( encap_data_length )
2137 {
2138 /* The packet have some command specific data, buid a sub tree for it */
2139
2140 csf = proto_tree_add_text( enip_tree, tvb, 24, encap_data_length,
2141 "Command Specific Data");
2142
2143 csftree = proto_item_add_subtree(csf, ett_command_tree);
2144
2145 switch( encap_cmd )
2146 {
2147 case NOP:
2148 break;
2149
2150 case LIST_SERVICES:
2151 dissect_cpf( &request_key, encap_cmd, tvb, pinfo, csftree, tree, 24, 0 );
2152 break;
2153
2154 case LIST_IDENTITY:
2155 dissect_cpf( &request_key, encap_cmd, tvb, pinfo, csftree, tree, 24, 0 );
2156 break;
2157
2158 case LIST_INTERFACES:
2159 dissect_cpf( &request_key, encap_cmd, tvb, pinfo, csftree, tree, 24, 0 );
2160 break;
2161
2162 case REGISTER_SESSION:
2163 proto_tree_add_item( csftree, hf_enip_rs_version, tvb, 24, 2, ENC_LITTLE_ENDIAN );
2164 proto_tree_add_item( csftree, hf_enip_rs_optionflags, tvb, 26, 2, ENC_LITTLE_ENDIAN );
2165 break;
2166
2167 case UNREGISTER_SESSION:
2168 break;
2169
2170 case SEND_RR_DATA:
2171 proto_tree_add_item( csftree, hf_enip_srrd_ifacehnd, tvb, 24, 4, ENC_LITTLE_ENDIAN );
2172 proto_tree_add_item( csftree, hf_enip_timeout, tvb, 28, 2, ENC_LITTLE_ENDIAN );
2173
2174 ifacehndl = tvb_get_letohl( tvb, 24 );
2175 dissect_cpf( &request_key, encap_cmd, tvb, pinfo, csftree, tree, 30, ifacehndl );
2176 break;
2177
2178 case SEND_UNIT_DATA:
2179 proto_tree_add_item(csftree, hf_enip_sud_ifacehnd, tvb, 24, 4, ENC_LITTLE_ENDIAN);
2180 proto_tree_add_item( csftree, hf_enip_timeout, tvb, 28, 2, ENC_LITTLE_ENDIAN );
2181
2182 ifacehndl = tvb_get_letohl( tvb, 24 );
2183 dissect_cpf( &request_key, encap_cmd, tvb, pinfo, csftree, tree, 30, ifacehndl );
2184 break;
2185
2186 case INDICATE_STATUS:
2187 case CANCEL:
2188 default:
2189
2190 /* Can not decode - Just show the data */
2191 proto_tree_add_item(header_tree, hf_enip_encap_data, tvb, 24, encap_data_length, ENC_NA);
2192 break;
2193
2194 } /* end of switch() */
2195
2196 } /* end of if( encapsulated data ) */
2197
2198 return tvb_length(tvb);
2199 } /* end of dissect_enip_pdu() */
2200
2201 static int
2202 dissect_enip_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
2203 {
2204 guint16 encap_cmd;
2205
2206 /* An ENIP packet is at least 4 bytes long - we need the command type. */
2207 if (!tvb_bytes_exist(tvb, 0, 4))
2208 return 0;
2209
2210 /* Get the command type and see if it's valid. */
2211 encap_cmd = tvb_get_letohs( tvb, 0 );
2212 if (try_val_to_str(encap_cmd, encap_cmd_vals) == NULL)
2213 return 0; /* not a known command */
2214
2215 return dissect_enip_pdu(tvb, pinfo, tree, data);
2216 }
2217
2218 static int
2219 dissect_enip_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
2220 {
2221 guint16 encap_cmd;
2222
2223 /* An ENIP packet is at least 4 bytes long - we need the command type. */
2224 if (!tvb_bytes_exist(tvb, 0, 4))
2225 return 0;
2226
2227 /* Get the command type and see if it's valid. */
2228 encap_cmd = tvb_get_letohs( tvb, 0 );
2229 if (try_val_to_str(encap_cmd, encap_cmd_vals) == NULL)
2230 return 0; /* not a known command */
2231
2232 tcp_dissect_pdus(tvb, pinfo, tree, enip_desegment, 4, get_enip_pdu_len, dissect_enip_pdu, data);
2233 return tvb_length(tvb);
2234 }
2235
2236 /* Code to actually dissect the io packets*/
2237 static void
2238 dissect_enipio(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
2239 {
2240 /* Set up structures needed to add the protocol subtree and manage it */
2241 proto_item *ti;
2242 proto_tree *enip_tree;
2243
2244 /* Make entries in Protocol column and Info column on summary display */
2245 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ENIP");
2246
2247 /* In the interest of speed, if "tree" is NULL, don't do any work not
2248 necessary to generate protocol tree items. */
2249
2250 /* create display subtree for the protocol */
2251 ti = proto_tree_add_item(tree, proto_enip, tvb, 0, -1, ENC_NA );
2252
2253 enip_tree = proto_item_add_subtree(ti, ett_enip);
2254
2255 dissect_cpf( NULL, 0xFFFF, tvb, pinfo, enip_tree, tree, 0, 0 );
2256
2257 } /* end of dissect_enipio() */
2258
2259
2260 static gboolean
2261 dissect_dlr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
2262 {
2263 proto_item *ti;
2264 proto_tree *dlr_tree = NULL;
2265 guint8 dlr_subtype;
2266 guint8 dlr_protover;
2267 guint8 dlr_frametype;
2268
2269 /* Make entries in Protocol column and Info column on summary display */
2270 col_set_str(pinfo->cinfo, COL_PROTOCOL, "DLR");
2271
2272 col_clear(pinfo->cinfo, COL_INFO);
2273
2274 if( tree )
2275 {
2276 /* Create display subtree for the protocol */
2277 ti = proto_tree_add_item(tree, proto_dlr, tvb, 0, -1, ENC_NA );
2278 dlr_tree = proto_item_add_subtree( ti, ett_dlr );
2279 }
2280
2281 /* Get values for the Common Frame Header Format */
2282 dlr_subtype = tvb_get_guint8(tvb, DLR_CFH_SUB_TYPE);
2283 dlr_protover = tvb_get_guint8(tvb, DLR_CFH_PROTO_VERSION);
2284
2285 /* Dissect the Common Frame Header Format */
2286 proto_tree_add_uint( dlr_tree, hf_dlr_ringsubtype, tvb, DLR_CFH_SUB_TYPE, 1, dlr_subtype );
2287 proto_tree_add_uint( dlr_tree, hf_dlr_ringprotoversion, tvb, DLR_CFH_PROTO_VERSION, 1, dlr_protover );
2288
2289 /* Get values for the DLR Message Payload Fields */
2290 dlr_frametype = tvb_get_guint8(tvb, DLR_MPF_FRAME_TYPE);
2291
2292 /* Dissect the DLR Message Payload Fields */
2293 proto_tree_add_item( dlr_tree, hf_dlr_frametype, tvb, DLR_MPF_FRAME_TYPE, 1, ENC_BIG_ENDIAN );
2294 proto_tree_add_item( dlr_tree, hf_dlr_sourceport, tvb, DLR_MPF_SOURCE_PORT, 1, ENC_BIG_ENDIAN );
2295 proto_tree_add_item( dlr_tree, hf_dlr_sourceip, tvb, DLR_MPF_SOURCE_IP, 4, ENC_BIG_ENDIAN );
2296 proto_tree_add_item( dlr_tree, hf_dlr_sequenceid, tvb, DLR_MPF_SEQUENCE_ID, 4, ENC_BIG_ENDIAN );
2297
2298 /* Add frame type to col info */
2299 col_add_fstr(pinfo->cinfo, COL_INFO, "%s",
2300 val_to_str(dlr_frametype, dlr_frame_type_vals, "Unknown (0x%04x)") );
2301
2302 if( dlr_frametype == DLR_FT_BEACON )
2303 {
2304 /* Beacon */
2305 proto_tree_add_item( dlr_tree, hf_dlr_ringstate, tvb, DLR_BE_RING_STATE, 1, ENC_BIG_ENDIAN );
2306 proto_tree_add_item( dlr_tree, hf_dlr_supervisorprecedence, tvb, DLR_BE_SUPERVISOR_PRECEDENCE, 1, ENC_BIG_ENDIAN );
2307 proto_tree_add_item( dlr_tree, hf_dlr_beaconinterval, tvb, DLR_BE_BEACON_INTERVAL, 4, ENC_BIG_ENDIAN );
2308 proto_tree_add_item( dlr_tree, hf_dlr_beacontimeout, tvb, DLR_BE_BEACON_TIMEOUT, 4, ENC_BIG_ENDIAN );
2309 proto_tree_add_item( dlr_tree, hf_dlr_beaconreserved, tvb, DLR_BE_RESERVED, 20, ENC_BIG_ENDIAN );
2310 }
2311 else if( dlr_frametype == DLR_FT_NEIGHBOR_REQ )
2312 {
2313 /* Neighbor_Check_Request */
2314 proto_tree_add_item( dlr_tree, hf_dlr_nreqreserved, tvb, DLR_NREQ_RESERVED, 30, ENC_NA );
2315 }
2316 else if( dlr_frametype == DLR_FT_NEIGHBOR_RES )
2317 {
2318 /* Neighbor_Check_Response */
2319 proto_tree_add_item( dlr_tree, hf_dlr_nressourceport, tvb, DLR_NRES_SOURCE_PORT, 1, ENC_BIG_ENDIAN );
2320 proto_tree_add_item( dlr_tree, hf_dlr_nresreserved, tvb, DLR_NRES_RESERVED, 29, ENC_NA );
2321 }
2322 else if( dlr_frametype == DLR_FT_LINK_STAT )
2323 {
2324 /* Link_Status/Neighbor_Status */
2325 proto_item* flag_item;
2326 proto_tree* flag_tree;
2327
2328 flag_item = proto_tree_add_item( dlr_tree, hf_dlr_lnknbrstatus, tvb, DLR_LNS_SOURCE_PORT, 1, ENC_BIG_ENDIAN );
2329 flag_tree = proto_item_add_subtree(flag_item, ett_dlr_lnknbrstatus_flags);
2330
2331 proto_tree_add_item(flag_tree, hf_dlr_lnknbrstatus_port1, tvb, DLR_LNS_SOURCE_PORT, 1, ENC_LITTLE_ENDIAN);
2332 proto_tree_add_item(flag_tree, hf_dlr_lnknbrstatus_port2, tvb, DLR_LNS_SOURCE_PORT, 1, ENC_LITTLE_ENDIAN);
2333 proto_tree_add_item(flag_tree, hf_dlr_lnknbrstatus_reserved, tvb, DLR_LNS_SOURCE_PORT, 1, ENC_LITTLE_ENDIAN);
2334 proto_tree_add_item(flag_tree, hf_dlr_lnknbrstatus_frame_type, tvb, DLR_LNS_SOURCE_PORT, 1, ENC_LITTLE_ENDIAN);
2335
2336 proto_tree_add_item( dlr_tree, hf_dlr_lnknbrreserved, tvb, DLR_LNS_RESERVED, 29, ENC_NA );
2337 }
2338 else if( dlr_frametype == DLR_FT_LOCATE_FLT )
2339 {
2340 /* Locate_Fault */
2341 proto_tree_add_item( dlr_tree, hf_dlr_lfreserved, tvb, DLR_LF_RESERVED, 30, ENC_NA );
2342 }
2343 else if( dlr_frametype == DLR_FT_ANNOUNCE )
2344 {
2345 /* Announce */
2346 proto_tree_add_item( dlr_tree, hf_dlr_ringstate, tvb, DLR_AN_RING_STATE, 1, ENC_BIG_ENDIAN );
2347 proto_tree_add_item( dlr_tree, hf_dlr_anreserved, tvb, DLR_AN_RESERVED, 29, ENC_NA );
2348 }
2349 else if( dlr_frametype == DLR_FT_SIGN_ON )
2350 {
2351 guint16 nCnt;
2352 guint16 nNumNodes;
2353 guint16 nOffset;
2354
2355
2356 /* Sign_On */
2357 nNumNodes = tvb_get_ntohs(tvb, DLR_SO_NUM_NODES);
2358
2359 proto_tree_add_uint( dlr_tree, hf_dlr_sonumnodes, tvb, DLR_SO_NUM_NODES, 2, nNumNodes );
2360
2361 /* Add each node in the list */
2362 for( nCnt = 0, nOffset = DLR_SO_NODE_1_MAC; nCnt < nNumNodes; nCnt++ )
2363 {
2364 proto_tree_add_item( dlr_tree, hf_dlr_somac, tvb, nOffset, 6, ENC_NA );
2365 nOffset += 6;
2366 proto_tree_add_item( dlr_tree, hf_dlr_soip, tvb, nOffset, 4, ENC_BIG_ENDIAN );
2367 nOffset += 4;
2368 }
2369
2370 if( nOffset < 42 )
2371 {
2372 proto_tree_add_item( dlr_tree, hf_dlr_soreserved, tvb, nOffset, 42 - nOffset, ENC_NA );
2373 /* nOffset += (42 - nOffset); */
2374 }
2375 }
2376 else if( dlr_frametype == DLR_FT_ADVERTISE )
2377 {
2378 /* Advertise */
2379 proto_tree_add_item( dlr_tree, hf_dlr_advgatewaystate, tvb, DLR_ADV_GATEWAY_STATE, 1, ENC_BIG_ENDIAN );
2380 proto_tree_add_item( dlr_tree, hf_dlr_advgatewayprecedence, tvb, DLR_ADV_GATEWAY_PRECEDENCE, 1, ENC_BIG_ENDIAN );
2381 proto_tree_add_item( dlr_tree, hf_dlr_advadvertiseinterval, tvb, DLR_ADV_ADVERTISE_INTERVAL, 4, ENC_BIG_ENDIAN );
2382 proto_tree_add_item( dlr_tree, hf_dlr_advadvertisetimeout, tvb, DLR_ADV_ADVERTISE_TIMEOUT, 4, ENC_BIG_ENDIAN );
2383 proto_tree_add_item( dlr_tree, hf_dlr_advlearningupdateenable, tvb, DLR_ADV_LEARNING_UPDATE_ENABLE, 1, ENC_BIG_ENDIAN );
2384 proto_tree_add_item( dlr_tree, hf_dlr_advreserved, tvb, DLR_ADV_RESERVED, 19, ENC_NA );
2385 }
2386 else if( dlr_frametype == DLR_FT_FLUSH_TABLES )
2387 {
2388 proto_tree_add_item( dlr_tree, hf_dlr_flushlearningupdateenable, tvb, DLR_FLUSH_LEARNING_UPDATE_ENABLE, 1, ENC_BIG_ENDIAN );
2389 proto_tree_add_item( dlr_tree, hf_dlr_flushreserved, tvb, DLR_FLUSH_RESERVED, 29, ENC_NA );
2390 }
2391 else if( dlr_frametype == DLR_FT_LEARNING_UPDATE )
2392 {
2393 proto_tree_add_item( dlr_tree, hf_dlr_learnreserved, tvb, DLR_LEARN_RESERVED, 34, ENC_NA );
2394 }
2395 else
2396 {
2397 /* Unknown Frame type */
2398 }
2399
2400 return tvb_length(tvb);
2401
2402 } /* end of dissect_dlr() */
2403
2404
2405 /* Register the protocol with Wireshark */
2406
2407 /* this format is require because a script is used to build the C function
2408 that calls all the protocol registration.
2409 */
2410
2411 void
2412 proto_register_enip(void)
2413 {
2414 /* Setup list of header fields */
2415 static hf_register_info hf[] = {
2416 { &hf_enip_command,
2417 { "Command", "enip.command",
2418 FT_UINT16, BASE_HEX, VALS(encap_cmd_vals), 0,
2419 "Encapsulation command", HFILL }},
2420
2421 { &hf_enip_length,
2422 { "Length", "enip.length",
2423 FT_UINT16, BASE_DEC, NULL, 0,
2424 "Encapsulation length", HFILL }},
2425
2426 { &hf_enip_session,
2427 { "Session Handle", "enip.session",
2428 FT_UINT32, BASE_HEX, NULL, 0,
2429 "Session identification", HFILL }},
2430
2431 { &hf_enip_status,
2432 { "Status", "enip.status",
2433 FT_UINT32, BASE_HEX, VALS(encap_status_vals), 0,
2434 "Status code", HFILL }},
2435
2436 { &hf_enip_sendercontex,
2437 { "Sender Context", "enip.context",
2438 FT_BYTES, BASE_NONE, NULL, 0,
2439 "Information pertinent to the sender", HFILL }},
2440
2441 { &hf_enip_listid_delay,
2442 { "Max Response Delay", "enip.listid_delay",
2443 FT_UINT16, BASE_DEC, NULL, 0,
2444 "Maximum random delay allowed by target", HFILL }},
2445
2446 { &hf_enip_options,
2447 { "Options", "enip.options",
2448 FT_UINT32, BASE_HEX, NULL, 0,
2449 "Options flags", HFILL }},
2450
2451 { &hf_enip_encapver,
2452 { "Encapsulation Version", "enip.encapver",
2453 FT_UINT16, BASE_DEC, NULL, 0,
2454 NULL, HFILL }},
2455
2456 { &hf_enip_sinfamily,
2457 { "sin_family", "enip.sinfamily",
2458 FT_UINT16, BASE_DEC, NULL, 0,
2459 "Socket Address.Sin Family", HFILL }},
2460
2461 { &hf_enip_sinport,
2462 { "sin_port", "enip.sinport",
2463 FT_UINT16, BASE_DEC, NULL, 0,
2464 "Socket Address.Sin Port", HFILL }},
2465
2466 { &hf_enip_sinaddr,
2467 { "sin_addr", "enip.sinaddr",
2468 FT_IPv4, BASE_NONE, NULL, 0,
2469 "Socket Address.Sin Addr", HFILL }},
2470
2471 { &hf_enip_sinzero,
2472 { "sin_zero", "enip.sinzero",
2473 FT_BYTES, BASE_NONE, NULL, 0,
2474 "Socket Address.Sin Zero", HFILL }},
2475
2476 { &hf_enip_timeout,
2477 { "Timeout", "enip.timeout",
2478 FT_UINT16, BASE_DEC, NULL, 0,
2479 "Encapsulation Timeout", HFILL }},
2480
2481 { &hf_enip_encap_data,
2482 { "Encap Data", "enip.encap_data",
2483 FT_BYTES, BASE_NONE, NULL, 0,
2484 "Encapsulation Data", HFILL }},
2485
2486 /* List Services Reply */
2487 { &hf_enip_lsr_capaflags,
2488 { "Capability Flags", "enip.lsr.capaflags",
2489 FT_UINT16, BASE_HEX, NULL, 0,
2490 "ListServices Reply: Capability Flags", HFILL }},
2491
2492 { &hf_enip_lsr_tcp,
2493 { "Supports CIP Encapsulation via TCP", "enip.lsr.capaflags.tcp",
2494 FT_BOOLEAN, 16, TFS(&tfs_true_false), 0x0020,
2495 "ListServices Reply: Supports CIP Encapsulation via TCP", HFILL }},
2496
2497 { &hf_enip_lsr_udp,
2498 { "Supports CIP Class 0 or 1 via UDP", "enip.lsr.capaflags.udp",
2499 FT_BOOLEAN, 16, TFS(&tfs_true_false), 0x0100,
2500 "ListServices Reply: Supports CIP Class 0 or 1 via UDP", HFILL }},
2501
2502 { &hf_enip_lsr_servicename,
2503 { "Name of Service", "enip.lsr.servicename",
2504 FT_STRING, BASE_NONE, NULL, 0,
2505 "ListServices Reply: Name of Service", HFILL }},
2506
2507 /* Register Session */
2508 { &hf_enip_rs_version,
2509 { "Protocol Version", "enip.rs.version",
2510 FT_UINT16, BASE_DEC, NULL, 0,
2511 "Register Session: Protocol Version", HFILL }},
2512
2513 { &hf_enip_rs_optionflags,
2514 { "Option Flags", "enip.rs.flags",
2515 FT_UINT16, BASE_HEX, NULL, 0,
2516 "Register Session: Option Flags", HFILL }},
2517
2518 /* Send Request/Reply Data */
2519 { &hf_enip_srrd_ifacehnd,
2520 { "Interface Handle", "enip.srrd.iface",
2521 FT_UINT32, BASE_HEX, VALS(enip_interface_handle_vals), 0,
2522 "SendRRData: Interface handle", HFILL }},
2523
2524 /* Send Unit Data */
2525 { &hf_enip_sud_ifacehnd,
2526 { "Interface Handle", "enip.sud.iface",
2527 FT_UINT32, BASE_HEX, VALS(enip_interface_handle_vals), 0,
2528 "SendUnitData: Interface handle", HFILL }},
2529
2530 /* List identity reply */
2531 { &hf_enip_lir_vendor,
2532 { "Vendor ID", "enip.lir.vendor",
2533 FT_UINT16, BASE_HEX|BASE_EXT_STRING, &cip_vendor_vals_ext, 0,
2534 "ListIdentity Reply: Vendor ID", HFILL }},
2535
2536 { &hf_enip_lir_devtype,
2537 { "Device Type", "enip.lir.devtype",
2538 FT_UINT16, BASE_DEC|BASE_EXT_STRING, &cip_devtype_vals_ext, 0,
2539 "ListIdentity Reply: Device Type", HFILL }},
2540
2541 { &hf_enip_lir_prodcode,
2542 { "Product Code", "enip.lir.prodcode",
2543 FT_UINT16, BASE_DEC, NULL, 0,
2544 "ListIdentity Reply: Product Code", HFILL }},
2545
2546 { &hf_enip_lir_revision,
2547 { "Revision", "enip.lir.revision",
2548 FT_UINT16, BASE_CUSTOM, enip_fmt_lir_revision, 0,
2549 "ListIdentity Reply: Revision", HFILL }},
2550
2551 { &hf_enip_lir_status,
2552 { "Status", "enip.lir.status",
2553 FT_UINT16, BASE_HEX, NULL, 0,
2554 "ListIdentity Reply: Status", HFILL }},
2555
2556 { &hf_enip_lir_serial,
2557 { "Serial Number", "enip.lir.serial",
2558 FT_UINT32, BASE_HEX, NULL, 0,
2559 "ListIdentity Reply: Serial Number", HFILL }},
2560
2561 { &hf_enip_lir_namelen,
2562 { "Product Name Length", "enip.lir.namelen",
2563 FT_UINT8, BASE_DEC, NULL, 0,
2564 "ListIdentity Reply: Product Name Length", HFILL }},
2565
2566 { &hf_enip_lir_name,
2567 { "Product Name", "enip.lir.name",
2568 FT_STRING, BASE_NONE, NULL, 0,
2569 "ListIdentity Reply: Product Name", HFILL }},
2570
2571 { &hf_enip_lir_state,
2572 { "State", "enip.lir.state",
2573 FT_UINT8, BASE_HEX, NULL, 0,
2574 "ListIdentity Reply: State", HFILL }},
2575
2576 /* Common Packet Format */
2577 { &hf_enip_cpf_itemcount,
2578 { "Item Count", "enip.cpf.itemcount",
2579 FT_UINT16, BASE_DEC, NULL, 0,
2580 "Common Packet Format: Item Count", HFILL }},
2581
2582 { &hf_enip_cpf_typeid,
2583 { "Type ID", "enip.cpf.typeid",
2584 FT_UINT16, BASE_HEX, VALS(cdf_type_vals), 0,
2585 "Common Packet Format: Type of encapsulated item", HFILL }},
2586
2587 { &hf_enip_cpf_length,
2588 { "Length", "enip.cpf.length",
2589 FT_UINT16, BASE_DEC, NULL, 0,
2590 "Common Packet Format: Length", HFILL }},
2591
2592 /* Connected Data Item */
2593 { &hf_enip_cpf_cdi_seqcnt,
2594 { "Sequence Count", "enip.cpf.cdi.seqcnt",
2595 FT_UINT16, BASE_HEX, NULL, 0,
2596 "Common Packet Format: Connected Data Item, Sequence Count", HFILL }},
2597
2598 { &hf_enip_cpf_cdi_32bitheader,
2599 { "32-bit Header", "enip.cpf.cdi.32bitheader",
2600 FT_UINT32, BASE_HEX, NULL, 0,
2601 "Common Packet Format: Connected Data Item, 32-bit Header", HFILL }},
2602
2603 { &hf_enip_cpf_cdi_32bitheader_roo,
2604 { "ROO", "enip.cpf.cdi.roo",
2605 FT_UINT32, BASE_HEX, NULL, 0xC,
2606 "Common Packet Format: Connected Data Item, Ready for Ownership of Outputs", HFILL }},
2607
2608 { &hf_enip_cpf_cdi_32bitheader_coo,
2609 { "COO", "enip.cpf.cdi.coo",
2610 FT_UINT32, BASE_HEX, NULL, 0x2,
2611 "Common Packet Format: Connected Data Item, Claim Output Ownership", HFILL }},
2612
2613 { &hf_enip_cpf_cdi_32bitheader_run_idle,
2614 { "Run/Idle", "enip.cpf.cdi.run_idle",
2615 FT_UINT32, BASE_HEX, VALS(enip_run_idle_vals), 0x1,
2616 "Common Packet Format: Connected Data Item, Run/Idle", HFILL }},
2617
2618 /* Connection Address Item */
2619 { &hf_enip_cpf_cai_connid,
2620 { "Connection ID", "enip.cpf.cai.connid",
2621 FT_UINT32, BASE_HEX, NULL, 0,
2622 "Common Packet Format: Connection Address Item, Connection Identifier", HFILL }},
2623
2624 /* Sequenced Address Type */
2625 { &hf_enip_cpf_sai_connid,
2626 { "Connection ID", "enip.cpf.sai.connid",
2627 FT_UINT32, BASE_HEX, NULL, 0,
2628 "Common Packet Format: Sequenced Address Item, Connection Identifier", HFILL }},
2629
2630 { &hf_enip_cpf_sai_seqnum,
2631 { "Sequence Number", "enip.cpf.sai.seq",
2632 FT_UINT32, BASE_DEC, NULL, 0,
2633 "Common Packet Format: Sequenced Address Item, Sequence Number", HFILL }},
2634
2635 { &hf_enip_cpf_data,
2636 { "Data", "enip.cpf.data",
2637 FT_BYTES, BASE_NONE, NULL, 0,
2638 "Common Packet Format: Unknown Data", HFILL }},
2639
2640 /* Request/Response Matching */
2641 { &hf_enip_response_in,
2642 { "Response In", "enip.response_in",
2643 FT_FRAMENUM, BASE_NONE, NULL, 0x0,
2644 "The response to this ENIP request is in this frame", HFILL }},
2645
2646 { &hf_enip_response_to,
2647 { "Request In", "enip.response_to",
2648 FT_FRAMENUM, BASE_NONE, NULL, 0x0,
2649 "This is a response to the ENIP request in this frame", HFILL }},
2650
2651 { &hf_enip_time,
2652 { "Time", "enip.time",
2653 FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
2654 "The time between the Call and the Reply", HFILL }},
2655
2656 { &hf_enip_connection_transport_data,
2657 { "Data", "enip.connection_transport_data",
2658 FT_BYTES, BASE_NONE, NULL, 0x0,
2659 "Connection Transport Data", HFILL }},
2660
2661 { &hf_tcpip_status,
2662 { "Status", "cip.tcpip.status",
2663 FT_UINT32, BASE_HEX, NULL, 0,
2664 NULL, HFILL }},
2665
2666 { &hf_tcpip_status_interface_config,
2667 { "Interface Configuration Status", "cip.tcpip.status.interface_config",
2668 FT_UINT32, BASE_DEC, enip_tcpip_status_interface_config_vals, 0x0000000F,
2669 NULL, HFILL }},
2670
2671 { &hf_tcpip_status_mcast_pending,
2672 { "MCast Pending", "cip.tcpip.status.mcast_pending",
2673 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000010,
2674 NULL, HFILL }},
2675
2676 { &hf_tcpip_status_interface_config_pending,
2677 { "Interface Configuration Pending", "cip.tcpip.status.interface_config_pending",
2678 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000020,
2679 NULL, HFILL }},
2680
2681 { &hf_tcpip_status_acd,
2682 { "ACD Status", "cip.tcpip.status.acd",
2683 FT_UINT32, BASE_DEC, enip_tcpip_status_acd_vals, 0x00000040,
2684 NULL, HFILL }},
2685
2686 { &hf_tcpip_status_reserved,
2687 { "Reserved", "cip.tcpip.status.reserved",
2688 FT_UINT32, BASE_HEX, NULL, 0xFFFFFF80,
2689 NULL, HFILL }},
2690
2691 { &hf_tcpip_config_cap,
2692 { "Configuration Capability", "cip.tcpip.config_cap",
2693 FT_UINT32, BASE_HEX, NULL, 0,
2694 NULL, HFILL }},
2695
2696 { &hf_tcpip_config_cap_bootp,
2697 { "BOOTP Client", "cip.tcpip.config_cap.bootp",
2698 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000001,
2699 NULL, HFILL }},
2700
2701 { &hf_tcpip_config_cap_dns,
2702 { "DNS Client", "cip.tcpip.config_cap.dns",
2703 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000002,
2704 NULL, HFILL }},
2705
2706 { &hf_tcpip_config_cap_dhcp,
2707 { "DHCP Client", "cip.tcpip.config_cap.dhcp",
2708 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000004,
2709 NULL, HFILL }},
2710
2711 { &hf_tcpip_config_cap_dhcp_dns_update,
2712 { "DHCP-DNS Update", "cip.tcpip.config_cap.dhcp_dns_update",
2713 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000008,
2714 NULL, HFILL }},
2715
2716 { &hf_tcpip_config_cap_config_settable,
2717 { "Configuration Settable", "cip.tcpip.config_cap.config_settable",
2718 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000010,
2719 NULL, HFILL }},
2720
2721 { &hf_tcpip_config_cap_hardware_config,
2722 { "Hardware Configurable", "cip.tcpip.config_cap.hardware_config",
2723 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000020,
2724 NULL, HFILL }},
2725
2726 { &hf_tcpip_config_cap_interface_reset,
2727 { "Interface Configuration Change Requires Reset", "cip.tcpip.config_cap.interface_reset",
2728 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000040,
2729 NULL, HFILL }},
2730
2731 { &hf_tcpip_config_cap_acd,
2732 { "ACD Capable", "cip.tcpip.config_cap.acd",
2733 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000080,
2734 NULL, HFILL }},
2735
2736 { &hf_tcpip_config_cap_reserved,
2737 { "Reserved", "cip.tcpip.config_cap.reserved",
2738 FT_UINT32, BASE_HEX, NULL, 0xFFFFFF00,
2739 NULL, HFILL }},
2740
2741 { &hf_tcpip_config_control,
2742 { "Configuration Control", "cip.tcpip.config_control",
2743 FT_UINT32, BASE_HEX, NULL, 0,
2744 NULL, HFILL }},
2745
2746 { &hf_tcpip_config_control_config,
2747 { "Configuration Method", "cip.tcpip.config_control.config",
2748 FT_UINT32, BASE_DEC, enip_tcpip_config_control_config_vals, 0x0000000F,
2749 NULL, HFILL }},
2750
2751 { &hf_tcpip_config_control_dns,
2752 { "DNS Enable", "cip.tcpip.config_control.dns",
2753 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000010,
2754 NULL, HFILL }},
2755
2756 { &hf_tcpip_config_control_reserved,
2757 { "Reserved", "cip.tcpip.config_control.reserved",
2758 FT_UINT32, BASE_HEX, NULL, 0xFFFFFFE0,
2759 NULL, HFILL }},
2760
2761 { &hf_tcpip_physical_link_size,
2762 { "Size", "cip.tcpip.physical_link_size",
2763 FT_UINT16, BASE_DEC, NULL, 0,
2764 NULL, HFILL }},
2765
2766 { &hf_tcpip_ic_ip_addr,
2767 { "IP Address", "cip.tcpip.ip_addr",
2768 FT_IPv4, BASE_NONE, NULL, 0,
2769 NULL, HFILL }},
2770
2771 { &hf_tcpip_ic_subnet_mask,
2772 { "Subnet Mask", "cip.tcpip.subnet_mask",
2773 FT_IPv4, BASE_NONE, NULL, 0,
2774 NULL, HFILL }},
2775
2776 { &hf_tcpip_ic_gateway,
2777 { "Gateway", "cip.tcpip.gateway",
2778 FT_IPv4, BASE_NONE, NULL, 0,
2779 NULL, HFILL }},
2780
2781 { &hf_tcpip_ic_name_server,
2782 { "Name Server", "cip.tcpip.name_server",
2783 FT_IPv4, BASE_NONE, NULL, 0,
2784 NULL, HFILL }},
2785
2786 { &hf_tcpip_ic_name_server2,
2787 { "Name Server2", "cip.tcpip.name_server2",
2788 FT_IPv4, BASE_NONE, NULL, 0,
2789 NULL, HFILL }},
2790
2791 { &hf_tcpip_ic_domain_name,
2792 { "Domain Name", "cip.tcpip.domain_name",
2793 FT_STRING, BASE_NONE, NULL, 0,
2794 NULL, HFILL }},
2795
2796 { &hf_tcpip_hostname,
2797 { "Hostname", "cip.tcpip.hostname",
2798 FT_STRING, BASE_NONE, NULL, 0,
2799 NULL, HFILL }},
2800
2801 { &hf_tcpip_ttl_value,
2802 { "TTL Value", "cip.tcpip.ttl_value",
2803 FT_UINT8, BASE_DEC, NULL, 0,
2804 NULL, HFILL }},
2805
2806 { &hf_tcpip_mcast_alloc,
2807 { "Alloc Control", "cip.tcpip.mcast.alloc",
2808 FT_UINT8, BASE_DEC, enip_tcpip_mcast_alloc_vals, 0,
2809 NULL, HFILL }},
2810
2811 { &hf_tcpip_mcast_reserved,
2812 { "Reserved", "cip.tcpip.mcast.reserved",
2813 FT_UINT8, BASE_HEX, NULL, 0,
2814 NULL, HFILL }},
2815
2816 { &hf_tcpip_mcast_num_mcast,
2817 { "Num MCast", "cip.tcpip.mcast.num_mcast",
2818 FT_UINT16, BASE_DEC, NULL, 0,
2819 NULL, HFILL }},
2820
2821 { &hf_tcpip_mcast_addr_start,
2822 { "MCast Start Addr", "cip.tcpip.mcast.addr_start",
2823 FT_IPv4, BASE_NONE, NULL, 0,
2824 NULL, HFILL }},
2825
2826 { &hf_tcpip_select_acd,
2827 { "Select ACD", "cip.tcpip.select_acd",
2828 FT_BOOLEAN, BASE_NONE, TFS(&tfs_enabled_disabled), 0,
2829 NULL, HFILL }},
2830
2831 { &hf_tcpip_lcd_acd_activity,
2832 { "ACD Activity", "cip.tcpip.last_conflict.acd_activity",
2833 FT_UINT8, BASE_DEC, enip_tcpip_acd_activity_vals, 0,
2834 NULL, HFILL }},
2835
2836 { &hf_tcpip_lcd_remote_mac,
2837 { "RemoteMAC", "cip.tcpip.last_conflict.remote_mac",
2838 FT_ETHER, BASE_NONE, NULL, 0,
2839 NULL, HFILL }},
2840
2841 { &hf_tcpip_lcd_arp_pdu,
2842 { "Arp PDU", "cip.tcpip.last_conflict.arp_pdu",
2843 FT_BYTES, BASE_NONE, NULL, 0,
2844 NULL, HFILL }},
2845
2846 { &hf_tcpip_quick_connect,
2847 { "Ethernet/IP Quick Connection", "cip.tcpip.quick_connect",
2848 FT_BOOLEAN, 8, TFS(&tfs_enabled_disabled), 0x1,
2849 NULL, HFILL }},
2850
2851
2852 { &hf_elink_interface_speed,
2853 { "Interface Speed", "cip.elink.interface_speed",
2854 FT_UINT32, BASE_DEC, NULL, 0,
2855 NULL, HFILL }},
2856
2857 { &hf_elink_interface_flags,
2858 { "Interface Flags", "cip.elink.iflags",
2859 FT_UINT32, BASE_HEX, NULL, 0,
2860 NULL, HFILL }},
2861
2862 { &hf_elink_iflags_link_status,
2863 { "Link Status", "cip.elink.iflags.link_status",
2864 FT_BOOLEAN, 32, TFS(&tfs_active_inactive), 0x00000001,
2865 NULL, HFILL }},
2866
2867 { &hf_elink_iflags_duplex,
2868 { "Duplex", "cip.elink.iflags.duplex",
2869 FT_UINT32, BASE_DEC, enip_elink_duplex_vals, 0x00000002,
2870 NULL, HFILL }},
2871
2872 { &hf_elink_iflags_neg_status,
2873 { "Negotiation Status", "cip.elink.iflags.neg_status",
2874 FT_UINT32, BASE_DEC, enip_elink_iflags_neg_status_vals, 0x0000001C,
2875 NULL, HFILL }},
2876
2877 { &hf_elink_iflags_manual_reset,
2878 { "Manual Reset Required", "cip.elink.iflags.manual_reset",
2879 FT_UINT32, BASE_DEC, enip_elink_iflags_reset_vals, 0x00000020,
2880 NULL, HFILL }},
2881
2882 { &hf_elink_iflags_local_hw_fault,
2883 { "Local Hardware Fault", "cip.elink.iflags.local_hw_fault",
2884 FT_UINT32, BASE_DEC, enip_elink_iflags_hw_fault_vals, 0x00000040,
2885 NULL, HFILL }},
2886
2887 { &hf_elink_iflags_reserved,
2888 { "Reserved", "cip.elink.iflags.reserved",
2889 FT_UINT32, BASE_HEX, NULL, 0xFFFFFF80,
2890 NULL, HFILL }},
2891
2892 { &hf_elink_physical_address,
2893 { "Physical Addresss", "cip.elink.physical_address",
2894 FT_ETHER, BASE_NONE, NULL, 0,
2895 NULL, HFILL }},
2896
2897 { &hf_elink_icount_in_octets,
2898 { "In Octets", "cip.elink.icount.in_octets",
2899 FT_UINT32, BASE_DEC, NULL, 0,
2900 NULL, HFILL }},
2901
2902 { &hf_elink_icount_in_ucast,
2903 { "In Ucast Packets", "cip.elink.icount.in_ucast",
2904 FT_UINT32, BASE_DEC, NULL, 0,
2905 NULL, HFILL }},
2906
2907 { &hf_elink_icount_in_nucast,
2908 { "In NUcast Packets", "cip.elink.icount.in_nucast",
2909 FT_UINT32, BASE_DEC, NULL, 0,
2910 NULL, HFILL }},
2911
2912 { &hf_elink_icount_in_discards,
2913 { "In Discards", "cip.elink.icount.in_discards",
2914 FT_UINT32, BASE_DEC, NULL, 0,
2915 NULL, HFILL }},
2916
2917 { &hf_elink_icount_in_errors,
2918 { "In Errors", "cip.elink.icount.in_errors",
2919 FT_UINT32, BASE_DEC, NULL, 0,
2920 NULL, HFILL }},
2921
2922 { &hf_elink_icount_in_unknown_protos,
2923 { "In Unknown Protos", "cip.elink.icount.in_unknown_protos",
2924 FT_UINT32, BASE_DEC, NULL, 0,
2925 NULL, HFILL }},
2926
2927 { &hf_elink_icount_out_octets,
2928 { "Out Octets", "cip.elink.icount.out_octets",
2929 FT_UINT32, BASE_DEC, NULL, 0,
2930 NULL, HFILL }},
2931
2932 { &hf_elink_icount_out_ucast,
2933 { "Out Ucast Packets", "cip.elink.icount.out_ucast",
2934 FT_UINT32, BASE_DEC, NULL, 0,
2935 NULL, HFILL }},
2936
2937 { &hf_elink_icount_out_nucast,
2938 { "Out NUcast Packets", "cip.elink.icount.out_nucast",
2939 FT_UINT32, BASE_DEC, NULL, 0,
2940 NULL, HFILL }},
2941
2942 { &hf_elink_icount_out_discards,
2943 { "Out Discards", "cip.elink.icount.out_discards",
2944 FT_UINT32, BASE_DEC, NULL, 0,
2945 NULL, HFILL }},
2946
2947 { &hf_elink_icount_out_errors,
2948 { "Out Errors", "cip.elink.icount.out_errors",
2949 FT_UINT32, BASE_DEC, NULL, 0,
2950 NULL, HFILL }},
2951
2952 { &hf_elink_mcount_alignment_errors,
2953 { "Alignment Errors", "cip.elink.mcount.alignment_errors",
2954 FT_UINT32, BASE_DEC, NULL, 0,
2955 NULL, HFILL }},
2956
2957 { &hf_elink_mcount_fcs_errors,
2958 { "FCS Errors", "cip.elink.mcount.fcs_errors",
2959 FT_UINT32, BASE_DEC, NULL, 0,
2960 NULL, HFILL }},
2961
2962 { &hf_elink_mcount_single_collisions,
2963 { "Single Collisions", "cip.elink.mcount.single_collisions",
2964 FT_UINT32, BASE_DEC, NULL, 0,
2965 NULL, HFILL }},
2966
2967 { &hf_elink_mcount_multiple_collisions,
2968 { "Multiple Collisions", "cip.elink.mcount.multiple_collisions",
2969 FT_UINT32, BASE_DEC, NULL, 0,
2970 NULL, HFILL }},
2971
2972 { &hf_elink_mcount_sqe_test_errors,
2973 { "SQE Test Errors", "cip.elink.mcount.sqe_test_errors",
2974 FT_UINT32, BASE_DEC, NULL, 0,
2975 NULL, HFILL }},
2976
2977 { &hf_elink_mcount_deferred_transmission,
2978 { "Deferred Transmission", "cip.elink.mcount.deferred_transmission",
2979 FT_UINT32, BASE_DEC, NULL, 0,
2980 NULL, HFILL }},
2981
2982 { &hf_elink_mcount_late_collisions,
2983 { "Late Collisions", "cip.elink.mcount.late_collisions",
2984 FT_UINT32, BASE_DEC, NULL, 0,
2985 NULL, HFILL }},
2986
2987 { &hf_elink_mcount_excessive_collisions,
2988 { "Excessive Collisions", "cip.elink.mcount.excessive_collisions",
2989 FT_UINT32, BASE_DEC, NULL, 0,
2990 NULL, HFILL }},
2991
2992 { &hf_elink_mcount_mac_transmit_errors,
2993 { "MAC Transmit Errors", "cip.elink.mcount.mac_transmit_errors",
2994 FT_UINT32, BASE_DEC, NULL, 0,
2995 NULL, HFILL }},
2996
2997 { &hf_elink_mcount_carrier_sense_errors,
2998 { "Carrier Sense Errors", "cip.elink.mcount.carrier_sense_errors",
2999 FT_UINT32, BASE_DEC, NULL, 0,
3000 NULL, HFILL }},
3001
3002 { &hf_elink_mcount_frame_too_long,
3003 { "Frame Too Long", "cip.elink.mcount.frame_too_long",
3004 FT_UINT32, BASE_DEC, NULL, 0,
3005 NULL, HFILL }},
3006
3007 { &hf_elink_mcount_mac_receive_errors,
3008 { "MAC Receive Errors", "cip.elink.mcount.mac_receive_errors",
3009 FT_UINT32, BASE_DEC, NULL, 0,
3010 NULL, HFILL }},
3011
3012 { &hf_elink_icontrol_control_bits,
3013 { "Control Bits", "cip.elink.icontrol.control_bits",
3014 FT_UINT16, BASE_HEX, NULL, 0,
3015 NULL, HFILL }},
3016
3017 { &hf_elink_icontrol_control_bits_auto_neg,
3018 { "Auto-negotiate", "cip.elink.icontrol.control_bits.auto_neg",
3019 FT_BOOLEAN, 16, TFS(&tfs_enabled_disabled), 0x0001,
3020 NULL, HFILL }},
3021
3022 { &hf_elink_icontrol_control_bits_forced_duplex,
3023 { "Forced Duplex Mode", "cip.elink.icontrol.control_bits.forced_duplex",
3024 FT_UINT16, BASE_DEC, enip_elink_duplex_vals, 0x0002,
3025 NULL, HFILL }},
3026
3027 { &hf_elink_icontrol_control_bits_reserved,
3028 { "Reserved", "cip.elink.icontrol.control_bits.reserved",
3029 FT_UINT16, BASE_HEX, NULL, 0xFFFC,
3030 NULL, HFILL }},
3031
3032 { &hf_elink_icontrol_forced_speed,
3033 { "Forced Interface Speed", "cip.elink.icontrol.forced_speed",
3034 FT_UINT16, BASE_DEC, NULL, 0,
3035 NULL, HFILL }},
3036
3037 { &hf_elink_interface_type,
3038 { "Interface Type", "cip.elink.interface_type",
3039 FT_UINT8, BASE_DEC, enip_elink_interface_type_vals, 0,
3040 NULL, HFILL }},
3041
3042 { &hf_elink_interface_state,
3043 { "Interface State", "cip.elink.interface_state",
3044 FT_UINT8, BASE_DEC, enip_elink_interface_state_vals, 0,
3045 NULL, HFILL }},
3046
3047 { &hf_elink_admin_state,
3048 { "Admin State", "cip.elink.admin_state",
3049 FT_UINT8, BASE_DEC, enip_elink_admin_state_vals, 0,
3050 NULL, HFILL }},
3051
3052 { &hf_elink_interface_label,
3053 { "Interface Label", "cip.elink.interface_label",
3054 FT_STRING, BASE_NONE, NULL, 0,
3055 NULL, HFILL }},
3056
3057
3058 { &hf_qos_8021q_enable,
3059 { "802.1Q Tag Enable", "cip.qos.8021q_enable",
3060 FT_BOOLEAN, 8, TFS(&tfs_enabled_disabled), 0x1,
3061 NULL, HFILL }},
3062
3063 { &hf_qos_dscp_ptp_event,
3064 { "DSCP PTP Event", "cip.qos.ptp_event",
3065 FT_UINT8, BASE_DEC, NULL, 0,
3066 NULL, HFILL }},
3067
3068 { &hf_qos_dscp_ptp_general,
3069 { "DSCP PTP General", "cip.qos.ptp_general",
3070 FT_UINT8, BASE_DEC, NULL, 0,
3071 NULL, HFILL }},
3072
3073 { &hf_qos_dscp_urgent,
3074 { "DSCP Urgent", "cip.qos.urgent",
3075 FT_UINT8, BASE_DEC, NULL, 0,
3076 NULL, HFILL }},
3077
3078 { &hf_qos_dscp_scheduled,
3079 { "DSCP Scheduled", "cip.qos.scheduled",
3080 FT_UINT8, BASE_DEC, NULL, 0,
3081 NULL, HFILL }},
3082
3083 { &hf_qos_dscp_high,
3084 { "DSCP High", "cip.qos.high",
3085 FT_UINT8, BASE_DEC, NULL, 0,
3086 NULL, HFILL }},
3087
3088 { &hf_qos_dscp_low,
3089 { "DSCP Low", "cip.qos.low",
3090 FT_UINT8, BASE_DEC, NULL, 0,
3091 NULL, HFILL }},
3092
3093 { &hf_qos_dscp_explicit,
3094 { "DSCP Explicit", "cip.qos.explicit",
3095 FT_UINT8, BASE_DEC, NULL, 0,
3096 NULL, HFILL }},
3097
3098 { &hf_dlr_network_topology,
3099 { "Network Topology", "cip.dlr.network_topology",
3100 FT_UINT8, BASE_DEC, enip_dlr_network_topology_vals, 0,
3101 NULL, HFILL }},
3102
3103 { &hf_dlr_network_status,
3104 { "Network Status", "cip.dlr.network_status",
3105 FT_UINT8, BASE_DEC, enip_dlr_network_status_vals, 0,
3106 NULL, HFILL }},
3107
3108 { &hf_dlr_ring_supervisor_status,
3109 { "Ring Supervisor Status", "cip.dlr.ring_supervisor_status",
3110 FT_UINT8, BASE_DEC, enip_dlr_ring_supervisor_status_vals, 0,
3111 NULL, HFILL }},
3112
3113 { &hf_dlr_rsc_ring_supervisor_enable,
3114 { "Ring Supervisor Enable", "cip.dlr.rscconfig.supervisor_enable",
3115 FT_BOOLEAN, 8, TFS(&tfs_true_false), 0,
3116 NULL, HFILL }},
3117
3118 { &hf_dlr_rsc_ring_supervisor_precedence,
3119 { "Ring Supervisor Precedence", "cip.dlr.rscconfig.supervisor_precedence",
3120 FT_UINT8, BASE_DEC, NULL, 0,
3121 NULL, HFILL }},
3122
3123 { &hf_dlr_rsc_beacon_interval,
3124 { "Beacon Interval", "cip.dlr.rscconfig.beacon_interval",
3125 FT_UINT32, BASE_DEC, NULL, 0,
3126 NULL, HFILL }},
3127
3128 { &hf_dlr_rsc_beacon_timeout,
3129 { "Beacon Timeout", "cip.dlr.rscconfig.beacon_timeout",
3130 FT_UINT32, BASE_DEC, NULL, 0,
3131 NULL, HFILL }},
3132
3133 { &hf_dlr_rsc_dlr_vlan_id,
3134 { "DLR VLAN ID", "cip.dlr.rscconfig.dlr_vlan_id",
3135 FT_UINT16, BASE_DEC, NULL, 0,
3136 NULL, HFILL }},
3137
3138 { &hf_dlr_ring_faults_count,
3139 { "Ring Faults Count", "cip.dlr.ring_faults_count",
3140 FT_UINT16, BASE_DEC, NULL, 0,
3141 NULL, HFILL }},
3142
3143 { &hf_dlr_lanp1_dev_ip_addr,
3144 { "Device IP Address", "cip.dlr.lanp1.ip_addr",
3145 FT_IPv4, BASE_NONE, NULL, 0,
3146 NULL, HFILL }},
3147
3148 { &hf_dlr_lanp1_dev_physical_address,
3149 { "Device Physical Address", "cip.dlr.lanp1.physical_address",
3150 FT_ETHER, BASE_NONE, NULL, 0,
3151 NULL, HFILL }},
3152
3153 { &hf_dlr_lanp2_dev_ip_addr,
3154 { "Device IP Address", "cip.dlr.lanp2.ip_addr",
3155 FT_IPv4, BASE_NONE, NULL, 0,
3156 NULL, HFILL }},
3157
3158 { &hf_dlr_lanp2_dev_physical_address,
3159 { "Device Physical Address", "cip.dlr.lanp2.physical_address",
3160 FT_ETHER, BASE_NONE, NULL, 0,
3161 NULL, HFILL }},
3162
3163 { &hf_dlr_ring_protocol_participants_count,
3164 { "Participants Count", "cip.dlr.participants_count",
3165 FT_UINT16, BASE_DEC, NULL, 0,
3166 NULL, HFILL }},
3167
3168 { &hf_dlr_rppl_dev_ip_addr,
3169 { "Device IP Address", "cip.dlr.rppl.ip_addr",
3170 FT_IPv4, BASE_NONE, NULL, 0,
3171 NULL, HFILL }},
3172
3173 { &hf_dlr_rppl_dev_physical_address,
3174 { "Device Physical Address", "cip.dlr.rppl.physical_address",
3175 FT_ETHER, BASE_NONE, NULL, 0,
3176 NULL, HFILL }},
3177
3178 { &hf_dlr_asa_supervisor_ip_addr,
3179 { "Supervisor IP Address", "cip.dlr.asa.ip_addr",
3180 FT_IPv4, BASE_NONE, NULL, 0,
3181 NULL, HFILL }},
3182
3183 { &hf_dlr_asa_supervisor_physical_address,
3184 { "Supervisor Physical Address", "cip.dlr.asa.physical_address",
3185 FT_ETHER, BASE_NONE, NULL, 0,
3186 NULL, HFILL }},
3187
3188 { &hf_dlr_active_supervisor_precedence,
3189 { "Active Supervisor Precedence", "cip.dlr.supervisor_precedence",
3190 FT_UINT8, BASE_DEC, NULL, 0,
3191 NULL, HFILL }},
3192
3193 { &hf_dlr_capability_flags,
3194 { "Capability Flags", "cip.dlr.capflags",
3195 FT_UINT32, BASE_HEX, NULL, 0,
3196 NULL, HFILL }},
3197
3198 { &hf_dlr_capflags_announce_base_node,
3199 { "Announce-based Ring Node", "cip.dlr.capflags.announce_based",
3200 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000001,
3201 NULL, HFILL }},
3202
3203 { &hf_dlr_capflags_beacon_base_node,
3204 { "Beacon-based Ring Node", "cip.dlr.capflags.beacon_based",
3205 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000002,
3206 NULL, HFILL }},
3207
3208 { &hf_dlr_capflags_reserved1,
3209 { "Reserved", "cip.dlr.capflags.reserved1",
3210 FT_BOOLEAN, 32, NULL, 0x0000001C,
3211 NULL, HFILL }},
3212
3213 { &hf_dlr_capflags_supervisor_capable,
3214 { "Supervisor Capable", "cip.dlr.capflags.supervisor_capable",
3215 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000020,
3216 NULL, HFILL }},
3217
3218 { &hf_dlr_capflags_redundant_gateway_capable,
3219 { "Redundant Gatway Capable", "cip.dlr.capflags.redundant_gateway_capable",
3220 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000040,
3221 NULL, HFILL }},
3222
3223 { &hf_dlr_capflags_flush_frame_capable,
3224 { "Flush_Table Frame Capable", "cip.dlr.capflags.flush_frame_capable",
3225 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x00000080,
3226 NULL, HFILL }},
3227
3228 { &hf_dlr_capflags_reserved2,
3229 { "Reserved", "cip.dlr.capflags.reserved2",
3230 FT_BOOLEAN, 32, NULL, 0xFFFFFF00,
3231 NULL, HFILL }},
3232
3233 { &hf_dlr_rgc_red_gateway_enable,
3234 { "Redundant Gateway Enable", "cip.dlr.rgc.gateway_enable",
3235 FT_BOOLEAN, 8, TFS(&tfs_true_false), 0,
3236 NULL, HFILL }},
3237
3238 { &hf_dlr_rgc_gateway_precedence,
3239 { "Gateway Precedence", "cip.dlr.rgc.gateway_precedence",
3240 FT_UINT8, BASE_DEC, NULL, 0,
3241 NULL, HFILL }},
3242
3243 { &hf_dlr_rgc_advertise_interval,
3244 { "Advertise Interval", "cip.dlr.rgc.advertise_interval",
3245 FT_UINT32, BASE_DEC, NULL, 0,
3246 NULL, HFILL }},
3247
3248 { &hf_dlr_rgc_advertise_timeout,
3249 { "Advertise Timeout", "cip.dlr.rgc.advertise_timeout",
3250 FT_UINT32, BASE_DEC, NULL, 0,
3251 NULL, HFILL }},
3252
3253 { &hf_dlr_rgc_learning_update_enable,
3254 { "Learning Update Enable", "cip.dlr.rgc.learning_update_enable",
3255 FT_BOOLEAN, 8, TFS(&tfs_true_false), 0,
3256 NULL, HFILL }},
3257
3258 { &hf_dlr_redundant_gateway_status,
3259 { "Redundant Gateway Status", "cip.dlr.redundant_gateway_status",
3260 FT_UINT8, BASE_DEC, enip_dlr_redundant_gateway_status_vals, 0,
3261 NULL, HFILL }},
3262
3263 { &hf_dlr_aga_ip_addr,
3264 { "Active Gateway IP Address", "cip.dlr.aga.ip_addr",
3265 FT_IPv4, BASE_NONE, NULL, 0,
3266 NULL, HFILL }},
3267
3268 { &hf_dlr_aga_physical_address,
3269 { "Active Gateway Physical Address", "cip.dlr.aga.physical_address",
3270 FT_ETHER, BASE_NONE, NULL, 0,
3271 NULL, HFILL }},
3272
3273 { &hf_dlr_active_gateway_precedence,
3274 { "Active Gateway Precedence", "cip.dlr.active_gateway_precedence",
3275 FT_UINT8, BASE_DEC, NULL, 0,
3276 NULL, HFILL }}
3277 };
3278
3279
3280 /* Setup protocol subtree array */
3281 static gint *ett[] = {
3282 &ett_enip,
3283 &ett_count_tree,
3284 &ett_type_tree,
3285 &ett_command_tree,
3286 &ett_sockadd,
3287 &ett_32bitheader_tree,
3288 &ett_lsrcf,
3289 &ett_tcpip_status,
3290 &ett_tcpip_config_cap,
3291 &ett_tcpip_config_control,
3292 &ett_elink_interface_flags,
3293 &ett_elink_icontrol_bits,
3294 &ett_dlr_capability_flags,
3295 &ett_dlr_lnknbrstatus_flags
3296 };
3297
3298 static ei_register_info ei[] = {
3299 { &ei_mal_tcpip_status, { "cip.malformed.tcpip.status", PI_MALFORMED, PI_ERROR, "Malformed TCP/IP Status", EXPFILL }},
3300 { &ei_mal_tcpip_config_cap, { "cip.malformed.tcpip.config_cap", PI_MALFORMED, PI_ERROR, "Malformed TCP/IP Configuration Capability", EXPFILL }},
3301 { &ei_mal_tcpip_config_control, { "cip.malformed.tcpip.config_control", PI_MALFORMED, PI_ERROR, "Malformed TCP/IP Configuration Control", EXPFILL }},
3302 { &ei_mal_tcpip_physical_link_size, { "cip.malformed.tcpip.physical_link_size", PI_MALFORMED, PI_ERROR, "Malformed TCP/IP Physical Link Object", EXPFILL }},
3303 { &ei_mal_tcpip_interface_config, { "cip.malformed.tcpip.interface_config", PI_MALFORMED, PI_ERROR, "Malformed TCP/IP Interface Configuration", EXPFILL }},
3304 { &ei_mal_tcpip_mcast_config, { "cip.malformed.tcpip.mcast_config", PI_MALFORMED, PI_ERROR, "Malformed TCP/IP Multicast Config", EXPFILL }},
3305 { &ei_mal_tcpip_last_conflict, { "cip.malformed.tcpip.last_conflict", PI_MALFORMED, PI_ERROR, "Malformed TCP/IP Last Conflict Detected", EXPFILL }},
3306 { &ei_mal_elink_interface_flags, { "cip.malformed.elink.interface_flags", PI_MALFORMED, PI_ERROR, "Malformed Ethernet Link Interface Flags", EXPFILL }},
3307 { &ei_mal_elink_interface_counters, { "cip.malformed.elink.interface_counters", PI_MALFORMED, PI_ERROR, "Malformed Ethernet Link Interface Counters", EXPFILL }},
3308 { &ei_mal_elink_media_counters, { "cip.malformed.elink.media_counters", PI_MALFORMED, PI_ERROR, "Malformed Ethernet Link Media Counters", EXPFILL }},
3309 { &ei_mal_elink_interface_control, { "cip.malformed.elink.interface_control", PI_MALFORMED, PI_ERROR, "Malformed Ethernet Link Interface Control", EXPFILL }},
3310 { &ei_mal_dlr_ring_supervisor_config, { "cip.malformed.dlr.ring_supervisor_config", PI_MALFORMED, PI_ERROR, "Malformed DLR Ring Supervisor Config", EXPFILL }},
3311 { &ei_mal_dlr_last_active_node_on_port_1, { "cip.malformed.dlr.last_active_node_on_port_1", PI_MALFORMED, PI_ERROR, "Malformed DLR Last Active Node on Port 1", EXPFILL }},
3312 { &ei_mal_dlr_last_active_node_on_port_2, { "cip.malformed.dlr.last_active_node_on_port_2", PI_MALFORMED, PI_ERROR, "Malformed DLR Last Active Node on Port 2", EXPFILL }},
3313 { &ei_mal_dlr_ring_protocol_participants_list, { "cip.malformed.dlr.ring_protocol_participants_list", PI_MALFORMED, PI_ERROR, "Malformed DLR Ring Protocol Participants List", EXPFILL }},
3314 { &ei_mal_dlr_active_supervisor_address, { "cip.malformed.dlr.active_supervisor_address", PI_MALFORMED, PI_ERROR, "Malformed DLR Active Supervisor Address", EXPFILL }},
3315 { &ei_mal_dlr_capability_flags, { "cip.malformed.dlr.capability_flags", PI_MALFORMED, PI_ERROR, "Malformed DLR Capability Flag", EXPFILL }},
3316 { &ei_mal_dlr_redundant_gateway_config, { "cip.malformed.dlr.redundant_gateway_config", PI_MALFORMED, PI_ERROR, "Malformed DLR Redundant Gateway Config", EXPFILL }},
3317 { &ei_mal_dlr_active_gateway_address, { "cip.malformed.dlr.active_gateway_address", PI_MALFORMED, PI_ERROR, "Malformed DLR Active Gateway Address", EXPFILL }},
3318 };
3319
3320 /* Setup list of header fields for DLR See Section 1.6.1 for details*/
3321 static hf_register_info hfdlr[] = {
3322 /* Ring Sub-type */
3323 { &hf_dlr_ringsubtype,
3324 { "Ring Sub-Type", "enip.dlr.ringsubtype",
3325 FT_UINT8, BASE_HEX, NULL, 0,
3326 NULL, HFILL }
3327 },
3328 /* Ring Protocol Version */
3329 { &hf_dlr_ringprotoversion,
3330 { "Ring Protocol Version", "enip.dlr.protversion",
3331 FT_UINT8, BASE_DEC, NULL, 0,
3332 NULL, HFILL }
3333 },
3334 /* Frame Type */
3335 { &hf_dlr_frametype,
3336 { "Frame Type", "enip.dlr.frametype",
3337 FT_UINT8, BASE_HEX, VALS(dlr_frame_type_vals), 0,
3338 NULL, HFILL }
3339 },
3340 /* Source Port */
3341 { &hf_dlr_sourceport,
3342 { "Source Port", "enip.dlr.sourceport",
3343 FT_UINT8, BASE_HEX, VALS(dlr_source_port_vals), 0,
3344 NULL, HFILL }
3345 },
3346 /* Source IP Address */
3347 { &hf_dlr_sourceip,
3348 { "Source IP", "enip.dlr.sourceip",
3349 FT_IPv4, BASE_NONE, NULL, 0,
3350 "Source IP Address", HFILL }
3351 },
3352 /* Sequence ID*/
3353 { &hf_dlr_sequenceid,
3354 { "Sequence Id", "enip.dlr.seqid",
3355 FT_UINT32, BASE_HEX, NULL, 0,
3356 NULL, HFILL }
3357 },
3358 /* Ring State */
3359 { &hf_dlr_ringstate,
3360 { "Ring State", "enip.dlr.state",
3361 FT_UINT8, BASE_HEX, VALS(dlr_ring_state_vals), 0,
3362 NULL, HFILL }
3363 },
3364 /* Supervisor Precedence */
3365 { &hf_dlr_supervisorprecedence,
3366 { "Supervisor Precedence", "enip.dlr.supervisorprecedence",
3367 FT_UINT8, BASE_DEC, NULL, 0,
3368 NULL, HFILL }
3369 },
3370 /* Beacon Interval */
3371 { &hf_dlr_beaconinterval,
3372 { "Beacon Interval", "enip.dlr.beaconinterval",
3373 FT_UINT32, BASE_DEC, NULL, 0,
3374 NULL, HFILL }
3375 },
3376 /* Beacon Timeout */
3377 { &hf_dlr_beacontimeout,
3378 { "Beacon Timeout", "enip.dlr.beacontimeout",
3379 FT_UINT32, BASE_DEC, NULL, 0,
3380 NULL, HFILL }
3381 },
3382 /* Beacon Reserved */
3383 { &hf_dlr_beaconreserved,
3384 { "Reserved", "enip.dlr.beaconreserved",
3385 FT_BYTES, BASE_NONE, NULL, 0,
3386 "Beacon Reserved", HFILL }
3387 },
3388 /* Neighbor_Check_Request Reserved */
3389 { &hf_dlr_nreqreserved,
3390 { "Reserved", "enip.dlr.nreqreserved",
3391 FT_BYTES, BASE_NONE, NULL, 0,
3392 "Neighbor_Check_Request Reserved", HFILL }
3393 },
3394 /* Neighbor_Check_Response Source Port */
3395 { &hf_dlr_nressourceport,
3396 { "Request Source Port", "enip.dlr.nressourceport",
3397 FT_UINT8, BASE_HEX, VALS(dlr_source_port_vals), 0,
3398 "Neighbor_Check_Response Source Port", HFILL }
3399 },
3400 /* Neighbor_Check_Response Reserved */
3401 { &hf_dlr_nresreserved,
3402 { "Reserved", "enip.dlr.nresreserved",
3403 FT_BYTES, BASE_NONE, NULL, 0,
3404 "Neighbor_Check_Response Reserved", HFILL }
3405 },
3406 /* Link_Status/Neighbor_Status Status */
3407 { &hf_dlr_lnknbrstatus,
3408 { "Link/Neighbor Status", "enip.dlr.lnknbrstatus",
3409 FT_UINT8, BASE_HEX, NULL, 0,
3410 "Link_Status/Neighbor_Status Status", HFILL }
3411 },
3412 { &hf_dlr_lnknbrstatus_port1,
3413 { "Port 1 Active", "enip.dlr.lnknbrstatus",
3414 FT_BOOLEAN, 8, TFS(&tfs_true_false), 0x01,
3415 NULL, HFILL }
3416 },
3417 { &hf_dlr_lnknbrstatus_port2,
3418 { "Port 2 Active", "enip.dlr.lnknbrstatus",
3419 FT_BOOLEAN, 8, TFS(&tfs_true_false), 0x02,
3420 NULL, HFILL }
3421 },
3422 { &hf_dlr_lnknbrstatus_reserved,
3423 { "Reserved", "enip.dlr.lnknbrstatus.reserved",
3424 FT_BOOLEAN, 8, NULL, 0x7C,
3425 NULL, HFILL }
3426 },
3427 { &hf_dlr_lnknbrstatus_frame_type,
3428 { "Link/Neighbor Status Flag", "enip.dlr.lnknbrstatus",
3429 FT_BOOLEAN, 8, TFS(&dlr_lnknbrstatus_frame_type_vals), 0x80,
3430 NULL, HFILL }
3431 },
3432 /* Link_Status/Neighbor_Status Reserved */
3433 { &hf_dlr_lnknbrreserved,
3434 { "Reserved", "enip.dlr.lnknbrreserved",
3435 FT_BYTES, BASE_NONE, NULL, 0,
3436 "Link_Status/Neighbor_Status Reserved", HFILL }
3437 },
3438 /* Locate_Fault Reserved */
3439 { &hf_dlr_lfreserved,
3440 { "Reserved", "enip.dlr.lfreserved",
3441 FT_BYTES, BASE_NONE, NULL, 0,
3442 "Locate_Fault Reserved", HFILL }
3443 },
3444 /* Announce Reserved */
3445 { &hf_dlr_anreserved,
3446 { "Reserved", "enip.dlr.anreserved",
3447 FT_BYTES, BASE_NONE, NULL, 0,
3448 "Announce Reserved", HFILL }
3449 },
3450 /* Number of Nodes in List */
3451 { &hf_dlr_sonumnodes,
3452 { "Num nodes", "enip.dlr.sonumnodes",
3453 FT_UINT16, BASE_DEC, NULL, 0,
3454 "Number of Nodes in List", HFILL }
3455 },
3456 /* Sign_On Node # MAC Address */
3457 { &hf_dlr_somac,
3458 { "MAC Address", "enip.dlr.somac",
3459 FT_ETHER, BASE_NONE, NULL, 0,
3460 "Sign_On Node MAC Address", HFILL }
3461 },
3462 /* Node # IP Address */
3463 { &hf_dlr_soip,
3464 { "IP Address", "enip.dlr.soip",
3465 FT_IPv4, BASE_NONE, NULL, 0,
3466 "Sign_On Node IP Address", HFILL }
3467 },
3468 /* Sign_On Reserved */
3469 { &hf_dlr_soreserved,
3470 { "Reserved", "enip.dlr.soreserved",
3471 FT_BYTES, BASE_NONE, NULL, 0,
3472 "Sign_On Reserved", HFILL }
3473 },
3474 /* Gateway State */
3475 { &hf_dlr_advgatewaystate,
3476 { "Gateway Status", "enip.dlr.advgatewaystate",
3477 FT_UINT8, BASE_HEX, VALS(dlr_adv_state_vals), 0,
3478 "Gateway State", HFILL }
3479 },
3480 /* Gateway Precedence */
3481 { &hf_dlr_advgatewayprecedence,
3482 { "Gateway Precedence", "enip.dlr.advgatewayprecedence",
3483 FT_UINT8, BASE_DEC, NULL, 0,
3484 NULL, HFILL }
3485 },
3486 /* Advertise Interval */
3487 { &hf_dlr_advadvertiseinterval,
3488 { "Advertise Interval", "enip.dlr.advadvertiseinterval",
3489 FT_UINT32, BASE_DEC, NULL, 0,
3490 NULL, HFILL }
3491 },
3492 /* Advertise Timeout */
3493 { &hf_dlr_advadvertisetimeout,
3494 { "Advertise Interval", "enip.dlr.advadvertisetimeout",
3495 FT_UINT32, BASE_DEC, NULL, 0,
3496 NULL, HFILL }
3497 },
3498 /* Learning Update Enable */
3499 { &hf_dlr_advlearningupdateenable,
3500 { "Learning Update Enable", "enip.dlr.advlearningupdateenable",
3501 FT_UINT8, BASE_HEX, VALS(dlr_adv_learning_update_vals), 0,
3502 "Advertise Learning Update Enable", HFILL }
3503 },
3504 /* Advertise Reserved */
3505 { &hf_dlr_advreserved,
3506 { "Reserved", "enip.dlr.advreserved",
3507 FT_BYTES, BASE_NONE, NULL, 0,
3508 "Advertise Reserved", HFILL }
3509 },
3510 /* Flush_Tables Learning Update Enable */
3511 { &hf_dlr_flushlearningupdateenable,
3512 { "Learning Update Enable", "enip.dlr.flushlearningupdateenable",
3513 FT_UINT8, BASE_HEX, VALS(dlr_flush_learning_update_vals), 0,
3514 "Flush_Tables Learning Update Enable", HFILL }
3515 },
3516 /* Flush Reserved */
3517 { &hf_dlr_flushreserved,
3518 { "Reserved", "enip.dlr.flushreserved",
3519 FT_BYTES, BASE_NONE, NULL, 0,
3520 "Flush_Tables Reserved", HFILL }
3521 },
3522 /* Learning_Update Reserved */
3523 { &hf_dlr_learnreserved,
3524 { "Reserved", "enip.dlr.learnreserved",
3525 FT_BYTES, BASE_NONE, NULL, 0,
3526 "Learning_Update Reserved", HFILL }
3527 }
3528 };
3529
3530 /* Setup protocol subtree array for DLR */
3531 static gint *ettdlr[] = {
3532 &ett_dlr
3533 };
3534
3535 module_t *enip_module;
3536 expert_module_t* expert_enip;
3537
3538 /* Register the protocol name and description */
3539 proto_enip = proto_register_protocol("EtherNet/IP (Industrial Protocol)", "ENIP", "enip");
3540
3541 /* Required function calls to register the header fields and subtrees used */
3542 proto_register_field_array(proto_enip, hf, array_length(hf));
3543 proto_register_subtree_array(ett, array_length(ett));
3544
3545 expert_enip = expert_register_protocol(proto_enip);
3546 expert_register_field_array(expert_enip, ei, array_length(ei));
3547
3548 enip_module = prefs_register_protocol(proto_enip, NULL);
3549 prefs_register_bool_preference(enip_module, "desegment",
3550 "Desegment all EtherNet/IP messages spanning multiple TCP segments",
3551 "Whether the EtherNet/IP dissector should desegment all messages spanning multiple TCP segments",
3552 &enip_desegment);
3553
3554 prefs_register_bool_preference(enip_module, "o2t_run_idle",
3555 "Dissect 32-bit header in the O->T direction",
3556 "Determines whether all I/O connections will assume a 32-bit header in the O->T direction",
3557 &enip_OTrun_idle);
3558
3559 prefs_register_bool_preference(enip_module, "t2o_run_idle",
3560 "Dissect 32-bit header in the T->O direction",
3561 "Determines whether all I/O connections will assume a 32-bit header in the T->O direction",
3562 &enip_TOrun_idle);
3563
3564 prefs_register_enum_preference(enip_module, "default_io_dissector",
3565 "Dissect unidentified I/O traffic as",
3566 "Decode all unidentified I/O traffic as this type",
3567 &default_io_dissector_type,
3568 enip_io_dissector_types,
3569 FALSE);
3570
3571 subdissector_sud_table = register_dissector_table("enip.sud.iface",
3572 "ENIP SendUnitData.Interface Handle", FT_UINT32, BASE_HEX);
3573
3574 subdissector_srrd_table = register_dissector_table("enip.srrd.iface",
3575 "ENIP SendRequestReplyData.Interface Handle", FT_UINT32, BASE_HEX);
3576
3577 register_init_routine(&enip_init_protocol);
3578
3579 /* Register the protocol name and description */
3580 proto_dlr = proto_register_protocol("Device Level Ring", "DLR", "dlr");
3581
3582 /* Required function calls to register the header fields and subtrees used */
3583 proto_register_field_array(proto_dlr, hfdlr, array_length(hfdlr));
3584 proto_register_subtree_array(ettdlr, array_length(ettdlr));
3585
3586 } /* end of proto_register_enip() */
3587
3588
3589 void
3590 proto_reg_handoff_enip(void)
3591 {
3592 dissector_handle_t enip_udp_handle, enip_tcp_handle;
3593 dissector_handle_t enipio_handle;
3594 dissector_handle_t dlr_handle;
3595
3596 /* Register for EtherNet/IP, using TCP */
3597 enip_tcp_handle = new_create_dissector_handle(dissect_enip_tcp, proto_enip);
3598 dissector_add_uint("tcp.port", ENIP_ENCAP_PORT, enip_tcp_handle);
3599
3600 /* Register for EtherNet/IP, using UDP */
3601 enip_udp_handle = new_create_dissector_handle(dissect_enip_udp, proto_enip);
3602 dissector_add_uint("udp.port", ENIP_ENCAP_PORT, enip_udp_handle);
3603
3604 /* Register for EtherNet/IP IO data (UDP) */
3605 enipio_handle = create_dissector_handle(dissect_enipio, proto_enip);
3606 dissector_add_uint("udp.port", ENIP_IO_PORT, enipio_handle);
3607
3608 /* Find dissector for data packet */
3609 data_handle = find_dissector("data");
3610
3611 /* Find ARP dissector for TCP/IP object */
3612 arp_handle = find_dissector("arp");
3613
3614 /* I/O data dissectors */
3615 cipsafety_handle = find_dissector("cipsafety");
3616 cipmotion_handle = find_dissector("cipmotion");
3617
3618 /* Register for EtherNet/IP Device Level Ring protocol */
3619 dlr_handle = new_create_dissector_handle(dissect_dlr, proto_dlr);
3620 dissector_add_uint("ethertype", ETHERTYPE_DLR, dlr_handle);
3621
3622 proto_cipsafety = proto_get_id_by_filter_name( "cipsafety" );
3623
3624 } /* end of proto_reg_handoff_enip() */
3625
3626 /*
3627 * Editor modelines - http://www.wireshark.org/tools/modelines.html
3628 *
3629 * Local variables:
3630 * c-basic-offset: 3
3631 * tab-width: 8
3632 * indent-tabs-mode: nil
3633 * End:
3634 *
3635 * ex: set shiftwidth=3 tabstop=8 expandtab:
3636 * :indentSize=3:tabSize=8:noTabs=true:
3637 */