search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HACK: pinfo->private_data points to smb_info again
[wireshark-wip.git] / epan / dissectors / packet-tr.c
blob5e61797bacc1f6b1af3aca280c490be87ebb8a5a
1 /* packet-tr.c
2 * Routines for Token-Ring packet disassembly
3 * Gilbert Ramirez <gram@alumni.rice.edu>
4 *
5 * $Id$
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
10 *
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25
26 #include "config.h"
27
28 #include <string.h>
29 #include <glib.h>
30 #include <epan/packet.h>
31 #include <epan/exceptions.h>
32 #include <wsutil/pint.h>
33 #include "packet-tr.h"
34 #include "packet-llc.h"
35 #include <epan/prefs.h>
36 #include <epan/tap.h>
37 #include <epan/wmem/wmem.h>
38
39 static int proto_tr = -1;
40 static int hf_tr_dst = -1;
41 static int hf_tr_src = -1;
42 static int hf_tr_addr = -1;
43 static int hf_tr_sr = -1;
44 static int hf_tr_ac = -1;
45 static int hf_tr_priority = -1;
46 static int hf_tr_frame = -1;
47 static int hf_tr_monitor_cnt = -1;
48 static int hf_tr_priority_reservation = -1;
49 static int hf_tr_fc = -1;
50 static int hf_tr_fc_type = -1;
51 static int hf_tr_fc_pcf = -1;
52 static int hf_tr_rif_bytes = -1;
53 static int hf_tr_broadcast = -1;
54 static int hf_tr_max_frame_size = -1;
55 static int hf_tr_direction = -1;
56 static int hf_tr_rif = -1;
57 static int hf_tr_rif_ring = -1;
58 static int hf_tr_rif_bridge = -1;
59
60 static gint ett_token_ring = -1;
61 static gint ett_token_ring_ac = -1;
62 static gint ett_token_ring_fc = -1;
63
64 static int tr_tap = -1;
65
66 /*
67 * Check for and attempt to fix Linux link-layer header mangling.
68 */
69 static gboolean fix_linux_botches = FALSE;
70
71 #define TR_MIN_HEADER_LEN 14
72 #define TR_MAX_HEADER_LEN 32
73
74 static const true_false_string ac_truth = { "Frame", "Token" };
75
76 static const value_string pcf_vals[] = {
77 { 0, "Normal buffer" },
78 { 1, "Express buffer" },
79 { 2, "Purge" },
80 { 3, "Claim Token" },
81 { 4, "Beacon" },
82 { 5, "Active Monitor Present" },
83 { 6, "Standby Monitor Present" },
84 { 0, NULL },
85 };
86
87 static const value_string frame_vals[] = {
88 { 0, "MAC" },
89 { 1, "LLC" },
90 { 2, "Reserved" },
91 { 0, NULL },
92 };
93
94 static const value_string broadcast_vals[] = {
95 { 0 << 5, "Non-broadcast" },
96 { 1 << 5, "Non-broadcast" },
97 { 2 << 5, "Non-broadcast" },
98 { 3 << 5, "Non-broadcast" },
99 { 4 << 5, "All-routes broadcast" },
100 { 5 << 5, "All-routes broadcast" },
101 { 6 << 5, "Single-route broadcast" },
102 { 7 << 5, "Single-route broadcast" },
103 { 0, NULL }
104 };
105
106 static const value_string max_frame_size_vals[] = {
107 { 0 << 4, "516" },
108 { 1 << 4, "1500" },
109 { 2 << 4, "2052" },
110 { 3 << 4, "4472" },
111 { 4 << 4, "8144" },
112 { 5 << 4, "11407" },
113 { 6 << 4, "17800" },
114 { 7 << 4, "65535" },
115 { 0, NULL }
116 };
117
118 static const value_string direction_vals[] = {
119 { 0, "From originating station (-->)" },
120 { 128, "To originating station (<--)" },
121 { 0, NULL }
122 };
123
124 static dissector_handle_t trmac_handle;
125 static dissector_handle_t llc_handle;
126 static dissector_handle_t data_handle;
127
128 /*
129 * DODGY LINUX HACK DODGY LINUX HACK
130 * Linux 2.0.x always passes frames to the Token Ring driver for transmission with
131 * 18 bytes padding for source routing information. Some drivers copy the first
132 * (18 - srlen) bytes up the frame (18 - srlen) bytes thus removing the padding.
133 * Other drivers just make a copy of the entire frame and then hack about with it
134 * so the frame the sniffer gets is fine (just has extra sr routing).
135 * In the first instance (driver hacking frame in situ) the sniffer gets a garbled
136 * frame.
137 * This function trys to detect this and returns the offset of where
138 * the frame really starts.
139 * This only detects frames that we have sent ourselves so if we are packet sniffing
140 * on the machine we are watching this is useful.
141 * Compare offset 0 with offset x+1 for a length of x bytes for all value of x = 1 to 18
142 * if match then Linux driver has done in situ source route compression of the crappy
143 * Linux 2.0.x frame so the beginning of the real frame is x bytes in.
144 * (And this real frame x bytes in looks like a proper TR frame that goes on the wire
145 * with none of the Linux idiosyncrasies).
146 *
147 * XXX - there should perhaps be a preference setting to turn this off,
148 * as sometimes it can, and does, get a false hit.
149 */
150 static
151 int check_for_old_linux_tvb(tvbuff_t *tvb)
152 {
153 const guint8 *data;
154 int x, bytes;
155
156 /* Restrict our looping to the boundaries of the frame */
157 bytes = tvb_length(tvb);
158 if (bytes > 19) {
159 bytes = 19;
160 }
161
162 data = tvb_get_ptr(tvb, 0, bytes);
163
164 for(x = 1; x <= bytes-1 ;x++)
165 {
166 if (memcmp(&data[0], &data[x], x) == 0)
167 {
168 return x;
169 }
170 }
171 return 0;
172 }
173
174 static
175 int check_for_old_linux(const guchar * pd)
176 {
177 int x;
178 for(x=1;x<=18;x++)
179 {
180 if (memcmp(&pd[0],&pd[x],x) == 0)
181 {
182 return x;
183 }
184 }
185 return 0;
186 }
187
188
189 static void
190 add_ring_bridge_pairs(int rcf_len, tvbuff_t*, proto_tree *tree);
191
192 void
193 capture_tr(const guchar *pd, int offset, int len, packet_counts *ld) {
194
195 int source_routed = 0;
196 int frame_type;
197 int x;
198 guint8 trn_rif_bytes;
199 guint8 actual_rif_bytes;
200 guint16 first2_sr;
201
202 /* The trn_hdr struct, as separate variables */
203 guint8 trn_fc; /* field control field */
204 const guint8 *trn_shost; /* source host */
205
206 if (!BYTES_ARE_IN_FRAME(offset, len, TR_MIN_HEADER_LEN)) {
207 ld->other++;
208 return;
209 }
210
211 if ((x = check_for_old_linux(pd)))
212 {
213 /* Actually packet starts x bytes into what we have got but with all
214 source routing compressed
215 */
216 /* pd = &pd[x]; */ offset+=x;
217 }
218
219 /* get the data */
220 trn_fc = pd[offset + 1];
221 trn_shost = &pd[offset + 8];
222
223 frame_type = (trn_fc & 192) >> 6;
224
225 /* if the high bit on the first byte of src hwaddr is 1, then
226 this packet is source-routed */
227 source_routed = trn_shost[0] & 128;
228
229 trn_rif_bytes = pd[offset + 14] & 31;
230
231 if (fix_linux_botches) {
232 /* the Linux 2.0 TR code strips source-route bits in
233 * order to test for SR. This can be removed from most
234 * packets with oltr, but not all. So, I try to figure out
235 * which packets should have been SR here. I'll check to
236 * see if there's a SNAP or IPX field right after
237 * my RIF fields.
238 *
239 * The Linux 2.4.18 code, at least appears to do the
240 * same thing, from a capture I got from somebody running
241 * 2.4.18 (RH 7.1, so perhaps this is a Red Hat
242 * "improvement").
243 */
244 if (!source_routed && trn_rif_bytes > 0) {
245 if (pd[offset + 0x0e] != pd[offset + 0x0f]) {
246 first2_sr = pntohs(&pd[offset + 0xe0 + trn_rif_bytes]);
247 if (
248 (first2_sr == 0xaaaa &&
249 pd[offset + 0x10 + trn_rif_bytes] == 0x03) ||
250
251 first2_sr == 0xe0e0 ||
252 first2_sr == 0xe0aa ) {
253
254 source_routed = 1;
255 }
256 }
257 }
258 }
259
260 if (source_routed) {
261 actual_rif_bytes = trn_rif_bytes;
262 }
263 else {
264 trn_rif_bytes = 0;
265 actual_rif_bytes = 0;
266 }
267
268 if (fix_linux_botches) {
269 /* this is a silly hack for Linux 2.0.x. Read the comment
270 * below about LLC headers. If we're sniffing our own NIC,
271 * we get a full RIF, sometimes with garbage
272 */
273 if ((source_routed && trn_rif_bytes == 2 && frame_type == 1) ||
274 (!source_routed && frame_type == 1)) {
275 /* look for SNAP or IPX only */
276 if ( (pd[offset + 0x20] == 0xaa && pd[offset + 0x21] == 0xaa && pd[offset + 0x22] == 03) ||
277 (pd[offset + 0x20] == 0xe0 && pd[offset + 0x21] == 0xe0) ) {
278 actual_rif_bytes = 18;
279 } else if (
280 pd[offset + 0x23] == 0 &&
281 pd[offset + 0x24] == 0 &&
282 pd[offset + 0x25] == 0 &&
283 pd[offset + 0x26] == 0x00 &&
284 pd[offset + 0x27] == 0x11) {
285
286 actual_rif_bytes = 18;
287
288 /* Linux 2.0.x also requires drivers pass up
289 * a fake SNAP and LLC header before the
290 * real LLC hdr for all Token Ring frames
291 * that arrive with DSAP and SSAP != 0xAA
292 * (i.e. for non SNAP frames e.g. for Netware
293 * frames) the fake SNAP header has the
294 * ETH_P_TR_802_2 ether type (0x0011) and the protocol id
295 * bytes as zero frame looks like :-
296 * TR Header | Fake LLC | Fake SNAP | Wire LLC | Rest of data
297 */
298 offset += 8; /* Skip fake LLC and SNAP */
299 }
300 }
301 }
302
303 offset += actual_rif_bytes + TR_MIN_HEADER_LEN;
304
305 /* The package is either MAC or LLC */
306 switch (frame_type) {
307 /* MAC */
308 case 0:
309 ld->other++;
310 break;
311 case 1:
312 capture_llc(pd, offset, len, ld);
313 break;
314 default:
315 /* non-MAC, non-LLC, i.e., "Reserved" */
316 ld->other++;
317 break;
318 }
319 }
320
321
322 static void
323 dissect_tr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
324 {
325 proto_tree *tr_tree, *bf_tree;
326 proto_item *ti, *hidden_item;
327 guint8 rcf1, rcf2;
328 tvbuff_t *next_tvb;
329
330 volatile int frame_type;
331 volatile int fixoffset = 0;
332 volatile int source_routed = 0;
333 volatile guint8 trn_rif_bytes;
334 volatile guint8 actual_rif_bytes;
335 volatile guint8 c1_nonsr;
336 volatile guint8 c2_nonsr;
337 volatile guint16 first2_sr;
338 tvbuff_t *volatile tr_tvb;
339
340 static tr_hdr trh_arr[4];
341 static int trh_current=0;
342 tr_hdr *volatile trh;
343
344 /* non-source-routed version of source addr */
345 static guint8 trn_shost_nonsr[6]; /* has to be static due to SET_ADDRESS */
346 int x;
347
348 /* Token-Ring Strings */
349 static const char *fc[] = { "MAC", "LLC", "Reserved", "Unknown" };
350
351
352 trh_current++;
353 if(trh_current==4){
354 trh_current=0;
355 }
356 trh=&trh_arr[trh_current];
357
358 col_set_str(pinfo->cinfo, COL_PROTOCOL, "TR");
359
360 if (fix_linux_botches)
361 x = check_for_old_linux_tvb((tvbuff_t*) tvb);
362 else
363 x = 0;
364 if (x != 0) {
365 /* Actually packet starts x bytes into what we have got but with all
366 source routing compressed. See comment above */
367 tr_tvb = tvb_new_subset_remaining((tvbuff_t*) tvb, x);
368 }
369 else {
370 tr_tvb = tvb;
371 }
372
373 /* Get the data */
374 trh->fc = tvb_get_guint8(tr_tvb, 1);
375 TVB_SET_ADDRESS(&trh->src, AT_ETHER, tr_tvb, 8, 6);
376 TVB_SET_ADDRESS(&trh->dst, AT_ETHER, tr_tvb, 2, 6);
377
378 /* if the high bit on the first byte of src hwaddr is 1, then
379 this packet is source-routed */
380 memcpy(trn_shost_nonsr, trh->src.data, 6);
381 source_routed = trn_shost_nonsr[0] & 128;
382 trn_shost_nonsr[0] &= 127;
383
384 frame_type = (trh->fc & 192) >> 6;
385
386 col_add_fstr(pinfo->cinfo, COL_INFO, "Token-Ring %s", fc[frame_type]);
387
388 trn_rif_bytes = tvb_get_guint8(tr_tvb, 14) & 31;
389
390 if (fix_linux_botches) {
391 /* the Linux 2.0 TR code strips source-route bits in
392 * order to test for SR. This can be removed from most
393 * packets with oltr, but not all. So, I try to figure out
394 * which packets should have been SR here. I'll check to
395 * see if there's a SNAP or IPX field right after
396 * my RIF fields.
397 *
398 * The Linux 2.4.18 code, at least appears to do the
399 * same thing, from a capture I got from somebody running
400 * 2.4.18 (RH 7.1, so perhaps this is a Red Hat
401 * "improvement").
402 */
403 if (frame_type == 1 && !source_routed && trn_rif_bytes > 0) {
404 TRY {
405
406 c1_nonsr = tvb_get_guint8(tr_tvb, 14);
407 c2_nonsr = tvb_get_guint8(tr_tvb, 15);
408
409 if (c1_nonsr != c2_nonsr) {
410
411 first2_sr = tvb_get_ntohs(tr_tvb, trn_rif_bytes + 0x0e);
412
413 if ( ( first2_sr == 0xaaaa &&
414 tvb_get_guint8(tr_tvb, trn_rif_bytes + 0x10) == 0x03) ||
415
416 first2_sr == 0xe0e0 ||
417 first2_sr == 0xe0aa ) {
418
419 source_routed = 1;
420 }
421 }
422 }
423 CATCH(BoundsError) {
424 /* We had no information beyond the TR header. Just assume
425 * this is a normal (non-Linux) TR header. */
426 ;
427 }
428 ENDTRY;
429 }
430 }
431
432 if (source_routed) {
433 actual_rif_bytes = trn_rif_bytes;
434 }
435 else {
436 trn_rif_bytes = 0;
437 actual_rif_bytes = 0;
438 }
439
440 if (fix_linux_botches) {
441 /* this is a silly hack for Linux 2.0.x. Read the comment
442 * below about LLC headers. If we're sniffing our own NIC,
443 * we get a full RIF, sometimes with garbage
444 */
445 TRY {
446 if (frame_type == 1 && ( (source_routed && trn_rif_bytes == 2) ||
447 !source_routed) ) {
448 /* look for SNAP or IPX only */
449 if (
450 (tvb_get_ntohs(tr_tvb, 0x20) == 0xaaaa &&
451 tvb_get_guint8(tr_tvb, 0x22) == 0x03)
452 ||
453 tvb_get_ntohs(tr_tvb, 0x20) == 0xe0e0 ) {
454
455 actual_rif_bytes = 18;
456 }
457 else if (
458 tvb_get_ntohl(tr_tvb, 0x23) == 0 &&
459 tvb_get_guint8(tr_tvb, 0x27) == 0x11) {
460
461 actual_rif_bytes = 18;
462
463 /* Linux 2.0.x also requires drivers
464 * pass up a fake SNAP and LLC header
465 * before the real LLC hdr for all
466 * Token Ring frames that arrive with
467 * DSAP and SSAP != 0xAA
468 * (i.e. for non SNAP frames e.g. for
469 * Netware frames)
470 * the fake SNAP header has the
471 * ETH_P_TR_802_2 ether type (0x0011)
472 * and the protocol id bytes as zero frame looks like :-
473 * TR Header | Fake LLC | Fake SNAP | Wire LLC | Rest of data
474 */
475 fixoffset += 8; /* Skip fake LLC and SNAP */
476 }
477 }
478 }
479 CATCH(BoundsError) {
480 /* We had no information beyond the TR header. Just assume
481 * this is a normal (non-Linux) TR header. */
482 ;
483 }
484 ENDTRY;
485 }
486
487 /* XXX - copy it to some buffer associated with "*pinfo", rather than
488 just making "trn_shost_nonsr" static? */
489 SET_ADDRESS(&pinfo->dl_src, AT_ETHER, 6, trn_shost_nonsr);
490 SET_ADDRESS(&pinfo->src, AT_ETHER, 6, trn_shost_nonsr);
491 SET_ADDRESS(&pinfo->dl_dst, AT_ETHER, 6, trh->dst.data);
492 SET_ADDRESS(&pinfo->dst, AT_ETHER, 6, trh->dst.data);
493
494 /* protocol analysis tree */
495 if (tree) {
496 /* Create Token-Ring Tree */
497 ti = proto_tree_add_item(tree, proto_tr, tr_tvb, 0, TR_MIN_HEADER_LEN + actual_rif_bytes, ENC_NA);
498 tr_tree = proto_item_add_subtree(ti, ett_token_ring);
499
500 /* Create the Access Control bitfield tree */
501 trh->ac = tvb_get_guint8(tr_tvb, 0);
502 ti = proto_tree_add_uint(tr_tree, hf_tr_ac, tr_tvb, 0, 1, trh->ac);
503 bf_tree = proto_item_add_subtree(ti, ett_token_ring_ac);
504
505 proto_tree_add_uint(bf_tree, hf_tr_priority, tr_tvb, 0, 1, trh->ac);
506 proto_tree_add_boolean(bf_tree, hf_tr_frame, tr_tvb, 0, 1, trh->ac);
507 proto_tree_add_uint(bf_tree, hf_tr_monitor_cnt, tr_tvb, 0, 1, trh->ac);
508 proto_tree_add_uint(bf_tree, hf_tr_priority_reservation, tr_tvb, 0, 1, trh->ac);
509
510 /* Create the Frame Control bitfield tree */
511 ti = proto_tree_add_uint(tr_tree, hf_tr_fc, tr_tvb, 1, 1, trh->fc);
512 bf_tree = proto_item_add_subtree(ti, ett_token_ring_fc);
513
514 proto_tree_add_uint(bf_tree, hf_tr_fc_type, tr_tvb, 1, 1, trh->fc);
515 proto_tree_add_uint(bf_tree, hf_tr_fc_pcf, tr_tvb, 1, 1, trh->fc);
516 proto_tree_add_ether(tr_tree, hf_tr_dst, tr_tvb, 2, 6, (guint8 *)trh->dst.data);
517 proto_tree_add_ether(tr_tree, hf_tr_src, tr_tvb, 8, 6, (guint8 *)trh->src.data);
518 hidden_item = proto_tree_add_ether(tr_tree, hf_tr_addr, tr_tvb, 2, 6, (guint8 *)trh->dst.data);
519 PROTO_ITEM_SET_HIDDEN(hidden_item);
520 hidden_item = proto_tree_add_ether(tr_tree, hf_tr_addr, tr_tvb, 8, 6, (guint8 *)trh->src.data);
521 PROTO_ITEM_SET_HIDDEN(hidden_item);
522
523 proto_tree_add_boolean(tr_tree, hf_tr_sr, tr_tvb, 8, 1, source_routed);
524
525 /* non-source-routed version of src addr */
526 hidden_item = proto_tree_add_ether(tr_tree, hf_tr_src, tr_tvb, 8, 6, trn_shost_nonsr);
527 PROTO_ITEM_SET_HIDDEN(hidden_item);
528
529 if (source_routed) {
530 /* RCF Byte 1 */
531 rcf1 = tvb_get_guint8(tr_tvb, 14);
532 proto_tree_add_uint(tr_tree, hf_tr_rif_bytes, tr_tvb, 14, 1, trn_rif_bytes);
533 proto_tree_add_uint(tr_tree, hf_tr_broadcast, tr_tvb, 14, 1, rcf1 & 224);
534
535 /* RCF Byte 2 */
536 rcf2 = tvb_get_guint8(tr_tvb, 15);
537 proto_tree_add_uint(tr_tree, hf_tr_max_frame_size, tr_tvb, 15, 1, rcf2 & 112);
538 proto_tree_add_uint(tr_tree, hf_tr_direction, tr_tvb, 15, 1, rcf2 & 128);
539
540 /* if we have more than 2 bytes of RIF, then we have
541 ring/bridge pairs */
542 if (trn_rif_bytes > 2) {
543 add_ring_bridge_pairs(trn_rif_bytes, tr_tvb, tr_tree);
544 }
545 }
546
547 /* Linux 2.0.x has a problem in that the 802.5 code creates
548 an emtpy full (18-byte) RIF area. It's up to the tr driver to
549 either fill it in or remove it before sending the bytes out
550 to the wire. If you run tcpdump on a Linux 2.0.x machine running
551 token-ring, tcpdump will capture these 18 filler bytes. They
552 are filled with garbage. The best way to detect this problem is
553 to know the src hwaddr of the machine from which you were running
554 tcpdump. W/o that, however, I'm guessing that DSAP == SSAP if the
555 frame type is LLC. It's very much a hack. */
556 if (actual_rif_bytes > trn_rif_bytes) {
557 proto_tree_add_text(tr_tree, tr_tvb, TR_MIN_HEADER_LEN + trn_rif_bytes, actual_rif_bytes - trn_rif_bytes,
558 "Empty RIF from Linux 2.0.x driver. The sniffing NIC "
559 "is also running a protocol stack.");
560 }
561 if (fixoffset) {
562 proto_tree_add_text(tr_tree, tr_tvb, TR_MIN_HEADER_LEN + 18,8,"Linux 2.0.x fake LLC and SNAP header");
563 }
564 }
565
566 next_tvb = tvb_new_subset_remaining(tr_tvb, TR_MIN_HEADER_LEN + actual_rif_bytes + fixoffset);
567
568 /* The package is either MAC or LLC */
569 switch (frame_type) {
570 /* MAC */
571 case 0:
572 call_dissector(trmac_handle, next_tvb, pinfo, tree);
573 break;
574 case 1:
575 call_dissector(llc_handle, next_tvb, pinfo, tree);
576 break;
577 default:
578 /* non-MAC, non-LLC, i.e., "Reserved" */
579 call_dissector(data_handle,next_tvb, pinfo, tree);
580 break;
581 }
582
583 tap_queue_packet(tr_tap, pinfo, trh);
584 }
585
586 /* this routine is taken from the Linux net/802/tr.c code, which shows
587 ring-bridge pairs in the /proc/net/tr_rif virtual file. */
588 static void
589 add_ring_bridge_pairs(int rcf_len, tvbuff_t *tvb, proto_tree *tree)
590 {
591 proto_item *hidden_item;
592 int j, size;
593 int segment, brdgnmb, unprocessed_rif;
594 int buff_offset=0;
595
596 #define RIF_OFFSET 16
597 #define RIF_BYTES_TO_PROCESS 30
598
599 char *buffer;
600 #define MAX_BUF_LEN 3 + (RIF_BYTES_TO_PROCESS / 2) * 6 + 1
601
602 buffer=(char *)wmem_alloc(wmem_packet_scope(), MAX_BUF_LEN);
603 /* Only process so many bytes of RIF, as per TR spec, and not overflow
604 * static buffer above */
605 unprocessed_rif = rcf_len - RIF_BYTES_TO_PROCESS;
606 rcf_len = MIN(rcf_len, RIF_BYTES_TO_PROCESS);
607
608 /* Ignore the 2 RCF bytes, since they don't make up the ring/bride pairs */
609 rcf_len -= 2;
610
611 for(j = 1; j < rcf_len - 1; j += 2) {
612 if (j==1) {
613 segment = tvb_get_ntohs(tvb, RIF_OFFSET) >> 4;
614 size = g_snprintf(buffer, MAX_BUF_LEN, "%03X",segment);
615 size = MIN(size, MAX_BUF_LEN - 1);
616 hidden_item = proto_tree_add_uint(tree, hf_tr_rif_ring, tvb, TR_MIN_HEADER_LEN + 2, 2, segment);
617 PROTO_ITEM_SET_HIDDEN(hidden_item);
618 buff_offset += size;
619 }
620 segment = tvb_get_ntohs(tvb, RIF_OFFSET + 1 + j) >> 4;
621 brdgnmb = tvb_get_guint8(tvb, RIF_OFFSET + j) & 0x0f;
622 size = g_snprintf(buffer+buff_offset, MAX_BUF_LEN-buff_offset, "-%01X-%03X",brdgnmb,segment);
623 size = MIN(size, MAX_BUF_LEN-buff_offset-1);
624 hidden_item = proto_tree_add_uint(tree, hf_tr_rif_ring, tvb, TR_MIN_HEADER_LEN + 3 + j, 2, segment);
625 PROTO_ITEM_SET_HIDDEN(hidden_item);
626 hidden_item = proto_tree_add_uint(tree, hf_tr_rif_bridge, tvb, TR_MIN_HEADER_LEN + 2 + j, 1, brdgnmb);
627 PROTO_ITEM_SET_HIDDEN(hidden_item);
628 buff_offset += size;
629 }
630 proto_tree_add_string(tree, hf_tr_rif, tvb, TR_MIN_HEADER_LEN + 2, rcf_len, buffer);
631
632 if (unprocessed_rif > 0) {
633 proto_tree_add_text(tree, tvb, TR_MIN_HEADER_LEN + RIF_BYTES_TO_PROCESS, unprocessed_rif,
634 "Extra RIF bytes beyond spec: %d", unprocessed_rif);
635 }
636 }
637
638 void
639 proto_register_tr(void)
640 {
641 static hf_register_info hf[] = {
642 { &hf_tr_ac,
643 { "Access Control", "tr.ac", FT_UINT8, BASE_HEX, NULL, 0x0,
644 NULL, HFILL }},
645
646 { &hf_tr_priority,
647 { "Priority", "tr.priority", FT_UINT8, BASE_DEC, NULL, 0xe0,
648 NULL, HFILL }},
649
650 { &hf_tr_frame,
651 { "Frame", "tr.frame", FT_BOOLEAN, 8, TFS(&ac_truth), 0x10,
652 NULL, HFILL }},
653
654 { &hf_tr_monitor_cnt,
655 { "Monitor Count", "tr.monitor_cnt", FT_UINT8, BASE_DEC, NULL, 0x08,
656 NULL, HFILL }},
657
658 { &hf_tr_priority_reservation,
659 { "Priority Reservation","tr.priority_reservation", FT_UINT8, BASE_DEC, NULL, 0x07,
660 NULL, HFILL }},
661
662 { &hf_tr_fc,
663 { "Frame Control", "tr.fc", FT_UINT8, BASE_HEX, NULL, 0x0,
664 NULL, HFILL }},
665
666 { &hf_tr_fc_type,
667 { "Frame Type", "tr.frame_type", FT_UINT8, BASE_DEC, VALS(frame_vals), 0xc0,
668 NULL, HFILL }},
669
670 { &hf_tr_fc_pcf,
671 { "Frame PCF", "tr.frame_pcf", FT_UINT8, BASE_DEC, VALS(pcf_vals), 0x0f,
672 NULL, HFILL }},
673
674 { &hf_tr_dst,
675 { "Destination", "tr.dst", FT_ETHER, BASE_NONE, NULL, 0x0,
676 "Destination Hardware Address", HFILL }},
677
678 { &hf_tr_src,
679 { "Source", "tr.src", FT_ETHER, BASE_NONE, NULL, 0x0,
680 "Source Hardware Address", HFILL }},
681
682 { &hf_tr_addr,
683 { "Source or Destination Address", "tr.addr", FT_ETHER, BASE_NONE, NULL, 0x0,
684 "Source or Destination Hardware Address", HFILL }},
685
686 { &hf_tr_sr,
687 { "Source Routed", "tr.sr", FT_BOOLEAN, BASE_NONE, NULL, 0x0,
688 NULL, HFILL }},
689
690 { &hf_tr_rif_bytes,
691 { "RIF Bytes", "tr.rif_bytes", FT_UINT8, BASE_DEC, NULL, 0x0,
692 "Number of bytes in Routing Information Fields, including the two bytes of Routing Control Field", HFILL }},
693
694 { &hf_tr_broadcast,
695 { "Broadcast Type", "tr.broadcast", FT_UINT8, BASE_DEC, VALS(broadcast_vals), 0x0,
696 "Type of Token-Ring Broadcast", HFILL }},
697
698 { &hf_tr_max_frame_size,
699 { "Maximum Frame Size", "tr.max_frame_size", FT_UINT8, BASE_DEC, VALS(max_frame_size_vals),
700 0x0,
701 NULL, HFILL }},
702
703 { &hf_tr_direction,
704 { "Direction", "tr.direction", FT_UINT8, BASE_DEC, VALS(direction_vals), 0x0,
705 "Direction of RIF", HFILL }},
706
707 { &hf_tr_rif,
708 { "Ring-Bridge Pairs", "tr.rif", FT_STRING, BASE_NONE, NULL, 0x0,
709 "String representing Ring-Bridge Pairs", HFILL }},
710
711 { &hf_tr_rif_ring,
712 { "RIF Ring", "tr.rif.ring", FT_UINT16, BASE_HEX, NULL, 0x0,
713 NULL, HFILL }},
714
715 { &hf_tr_rif_bridge,
716 { "RIF Bridge", "tr.rif.bridge", FT_UINT8, BASE_HEX, NULL, 0x0,
717 NULL, HFILL }},
718 };
719 static gint *ett[] = {
720 &ett_token_ring,
721 &ett_token_ring_ac,
722 &ett_token_ring_fc,
723 };
724 module_t *tr_module;
725
726 proto_tr = proto_register_protocol("Token-Ring", "Token-Ring", "tr");
727 proto_register_field_array(proto_tr, hf, array_length(hf));
728 proto_register_subtree_array(ett, array_length(ett));
729
730 /* Register configuration options */
731 tr_module = prefs_register_protocol(proto_tr, NULL);
732 prefs_register_bool_preference(tr_module, "fix_linux_botches",
733 "Attempt to compensate for Linux mangling of the link-layer header",
734 "Whether Linux mangling of the link-layer header should be checked for and worked around",
735 &fix_linux_botches);
736
737 register_dissector("tr", dissect_tr, proto_tr);
738 tr_tap=register_tap("tr");
739 }
740
741 void
742 proto_reg_handoff_tr(void)
743 {
744 dissector_handle_t tr_handle;
745
746 /*
747 * Get handles for the TR MAC and LLC dissectors.
748 */
749 trmac_handle = find_dissector("trmac");
750 llc_handle = find_dissector("llc");
751 data_handle = find_dissector("data");
752
753 tr_handle = find_dissector("tr");
754 dissector_add_uint("wtap_encap", WTAP_ENCAP_TOKEN_RING, tr_handle);
755 }