/src/wireshark/epan/dissectors/packet-tzsp.c
Line | Count | Source |
1 | | /* packet-tzsp.c |
2 | | * |
3 | | * Copyright 2002, Tazmen Technologies Inc |
4 | | * |
5 | | * Tazmen Sniffer Protocol for encapsulating the packets across a network |
6 | | * from a remote packet sniffer. TZSP can encapsulate any other protocol. |
7 | | * |
8 | | * Wireshark - Network traffic analyzer |
9 | | * By Gerald Combs <gerald@wireshark.org> |
10 | | * Copyright 1998 Gerald Combs |
11 | | * |
12 | | * SPDX-License-Identifier: GPL-2.0-or-later |
13 | | */ |
14 | | |
15 | | #include "config.h" |
16 | | |
17 | | #include <epan/packet.h> |
18 | | #include <epan/tfs.h> |
19 | | #include <wsutil/array.h> |
20 | | #include <wiretap/wtap.h> |
21 | | |
22 | | /* |
23 | | * See |
24 | | * |
25 | | * http://web.archive.org/web/20050404125022/http://www.networkchemistry.com/support/appnotes/an001_tzsp.html |
26 | | * |
27 | | * for a description of the protocol. |
28 | | */ |
29 | | |
30 | 15 | #define UDP_PORT_TZSP 0x9090 /* Not IANA registered */ |
31 | | |
32 | | void proto_register_tzsp(void); |
33 | | void proto_reg_handoff_tzsp(void); |
34 | | |
35 | | static int proto_tzsp; |
36 | | static int hf_tzsp_version; |
37 | | static int hf_tzsp_type; |
38 | | static int hf_tzsp_encap; |
39 | | |
40 | | static dissector_table_t tzsp_encap_table; |
41 | | |
42 | | static dissector_handle_t tzsp_handle; |
43 | | |
44 | | /* |
45 | | * Packet types. |
46 | | */ |
47 | | #define TZSP_RX_PACKET 0 /* Packet received from the sensor */ |
48 | | #define TZSP_TX_PACKET 1 /* Packet for the sensor to transmit */ |
49 | | #define TZSP_CONFIG 3 /* Configuration information for the sensor */ |
50 | 407 | #define TZSP_NULL 4 /* Null frame, used as a keepalive */ |
51 | 406 | #define TZSP_PORT 5 /* Port opener - opens a NAT tunnel */ |
52 | | |
53 | | static const value_string tzsp_type[] = { |
54 | | {TZSP_RX_PACKET, "Received packet"}, |
55 | | {TZSP_TX_PACKET, "Packet for transmit"}, |
56 | | {TZSP_CONFIG, "Configuration"}, |
57 | | {TZSP_NULL, "Keepalive"}, |
58 | | {TZSP_PORT, "Port opener"}, |
59 | | {0, NULL} |
60 | | }; |
61 | | |
62 | | /* ************************************************************************* */ |
63 | | /* Encapsulation type values */ |
64 | | /* Note that these are not all the same as DLT_ values */ |
65 | | /* ************************************************************************* */ |
66 | | |
67 | 15 | #define TZSP_ENCAP_ETHERNET 1 |
68 | 15 | #define TZSP_ENCAP_TOKEN_RING 2 |
69 | | #define TZSP_ENCAP_SLIP 3 |
70 | 15 | #define TZSP_ENCAP_PPP 4 |
71 | 15 | #define TZSP_ENCAP_FDDI 5 |
72 | 15 | #define TZSP_ENCAP_RAW 7 /* "Raw UO", presumably meaning "Raw IP" */ |
73 | 15 | #define TZSP_ENCAP_IEEE_802_11 18 |
74 | 15 | #define TZSP_ENCAP_IEEE_802_11_PRISM 119 |
75 | 15 | #define TZSP_ENCAP_IEEE_802_11_RADIOTAP 126 |
76 | 15 | #define TZSP_ENCAP_IEEE_802_11_AVS 127 |
77 | | |
78 | | /* |
79 | | * Packet encapsulations. |
80 | | */ |
81 | | static const value_string tzsp_encapsulation[] = { |
82 | | {TZSP_ENCAP_ETHERNET, "Ethernet"}, |
83 | | {TZSP_ENCAP_TOKEN_RING, "Token Ring"}, |
84 | | {TZSP_ENCAP_SLIP, "SLIP"}, |
85 | | {TZSP_ENCAP_PPP, "PPP"}, |
86 | | {TZSP_ENCAP_FDDI, "FDDI"}, |
87 | | {TZSP_ENCAP_RAW, "Raw IP"}, |
88 | | {TZSP_ENCAP_IEEE_802_11, "IEEE 802.11"}, |
89 | | {TZSP_ENCAP_IEEE_802_11_PRISM, "IEEE 802.11 with Prism headers"}, |
90 | | {TZSP_ENCAP_IEEE_802_11_RADIOTAP, "IEEE 802.11 with radiotap headers"}, |
91 | | {TZSP_ENCAP_IEEE_802_11_AVS, "IEEE 802.11 with AVS headers"}, |
92 | | {0, NULL} |
93 | | }; |
94 | | |
95 | | static int ett_tzsp; |
96 | | static int ett_tag; |
97 | | |
98 | | /* ************************************************************************* */ |
99 | | /* WLAN radio header fields */ |
100 | | /* ************************************************************************* */ |
101 | | |
102 | | static int hf_option_tag; |
103 | | static int hf_option_length; |
104 | | /* static int hf_status_field; */ |
105 | | static int hf_status_msg_type; |
106 | | static int hf_status_pcf; |
107 | | /* static int hf_status_mac_port; */ |
108 | | static int hf_status_undecrypted; |
109 | | static int hf_status_fcs_error; |
110 | | |
111 | | static int hf_time; |
112 | | static int hf_silence; |
113 | | static int hf_signal; |
114 | | static int hf_rate; |
115 | | static int hf_channel; |
116 | | static int hf_unknown; |
117 | | static int hf_original_length; |
118 | | static int hf_sensormac; |
119 | | |
120 | | static int hf_device_name; |
121 | | static int hf_capture_location; |
122 | | static int hf_capture_info; |
123 | | static int hf_capture_id; |
124 | | static int hf_time_stamp; |
125 | | static int hf_packet_id; |
126 | | |
127 | | |
128 | | |
129 | | /* ************************************************************************* */ |
130 | | /* Generic header options */ |
131 | | /* ************************************************************************* */ |
132 | | |
133 | 8.46k | #define TZSP_HDR_PAD 0 /* Pad. */ |
134 | 2.33k | #define TZSP_HDR_END 1 /* End of the list. */ |
135 | | #define TZSP_WLAN_STA 30 /* Station statistics */ |
136 | | #define TZSP_WLAN_PKT 31 /* Packet statistics */ |
137 | 8 | #define TZSP_PACKET_ID 40 /* Unique ID of the packet */ |
138 | 3 | #define TZSP_HDR_ORIGINAL_LENGTH 41 /* Length of the packet before slicing. 2 bytes. */ |
139 | 3 | #define TZSP_HDR_SENSOR 60 /* Sensor MAC address packet was received on, 6 byte ethernet address.*/ |
140 | | |
141 | 7 | #define TZSP_DEVICE_NAME 80 |
142 | 9 | #define TZSP_CAPTURE_LOCATION 81 |
143 | 8 | #define TZSP_TIME_STAMP 82 |
144 | 7 | #define TZSP_INFO 83 /* Addition TZSP Information; String type*/ |
145 | 11 | #define TZSP_CAPTURE_ID 84 /* Capture Instance ID; 32 bits unsigned integer */ |
146 | | |
147 | | |
148 | | |
149 | | |
150 | | /* ************************************************************************* */ |
151 | | /* Options for 802.11 radios */ |
152 | | /* ************************************************************************* */ |
153 | | |
154 | 12 | #define WLAN_RADIO_HDR_SIGNAL 10 /* Signal strength in dBm, signed byte. */ |
155 | 17 | #define WLAN_RADIO_HDR_NOISE 11 /* Noise level in dBm, signed byte. */ |
156 | 21 | #define WLAN_RADIO_HDR_RATE 12 /* Data rate, unsigned byte. */ |
157 | 37 | #define WLAN_RADIO_HDR_TIMESTAMP 13 /* Timestamp in us, unsigned 32-bits network byte order. */ |
158 | 20 | #define WLAN_RADIO_HDR_MSG_TYPE 14 /* Packet type, unsigned byte. */ |
159 | 20 | #define WLAN_RADIO_HDR_CF 15 /* Whether packet arrived during CF period, unsigned byte. */ |
160 | 31 | #define WLAN_RADIO_HDR_UN_DECR 16 /* Whether packet could not be decrypted by MAC, unsigned byte. */ |
161 | 13 | #define WLAN_RADIO_HDR_FCS_ERR 17 /* Whether packet contains an FCS error, unsigned byte. */ |
162 | 8 | #define WLAN_RADIO_HDR_CHANNEL 18 /* Channel number packet was received on, unsigned byte.*/ |
163 | | |
164 | | static const value_string option_tag_vals[] = { |
165 | | {TZSP_HDR_PAD, "Pad"}, |
166 | | {TZSP_HDR_END, "End"}, |
167 | | {TZSP_PACKET_ID, "packet ID"}, |
168 | | {TZSP_HDR_ORIGINAL_LENGTH, "Original Length"}, |
169 | | {TZSP_DEVICE_NAME, "Device Name"}, |
170 | | {TZSP_CAPTURE_LOCATION, "Capture Location"}, |
171 | | {TZSP_TIME_STAMP, "Time Stamp"}, |
172 | | {TZSP_INFO, "Information"}, |
173 | | {TZSP_CAPTURE_ID, "Capture ID"}, |
174 | | {WLAN_RADIO_HDR_SIGNAL, "Signal"}, |
175 | | {WLAN_RADIO_HDR_NOISE, "Silence"}, |
176 | | {WLAN_RADIO_HDR_RATE, "Rate"}, |
177 | | {WLAN_RADIO_HDR_TIMESTAMP, "Time"}, |
178 | | {WLAN_RADIO_HDR_MSG_TYPE, "Message Type"}, |
179 | | {WLAN_RADIO_HDR_CF, "Point Coordination Function"}, |
180 | | {WLAN_RADIO_HDR_UN_DECR, "Undecrypted"}, |
181 | | {WLAN_RADIO_HDR_FCS_ERR, "Frame check sequence"}, |
182 | | {WLAN_RADIO_HDR_CHANNEL, "Channel"}, |
183 | | {TZSP_HDR_SENSOR, "Sensor MAC"}, |
184 | | {0, NULL} |
185 | | }; |
186 | | |
187 | | |
188 | | /* ************************************************************************* */ |
189 | | /* Add option information to the display */ |
190 | | /* ************************************************************************* */ |
191 | | |
192 | | static int |
193 | | add_option_info(tvbuff_t *tvb, int pos, proto_tree *tree, proto_item *ti) |
194 | 406 | { |
195 | 406 | uint8_t tag, length, fcs_err = 0, encr = 0, seen_fcs_err = 0; |
196 | 406 | proto_tree *tag_tree; |
197 | | |
198 | | /* |
199 | | * Read all option tags in an endless loop. If the packet is malformed this |
200 | | * loop might be a problem. |
201 | | */ |
202 | 3.15k | while (true) { |
203 | 3.15k | tag = tvb_get_uint8(tvb, pos); |
204 | 3.15k | if ((tag != TZSP_HDR_PAD) && (tag != TZSP_HDR_END)) { |
205 | 644 | length = tvb_get_uint8(tvb, pos+1); |
206 | 644 | tag_tree = proto_tree_add_subtree(tree, tvb, pos, 2+length, ett_tag, NULL, val_to_str_const(tag, option_tag_vals, "Unknown")); |
207 | 2.51k | } else { |
208 | 2.51k | tag_tree = proto_tree_add_subtree(tree, tvb, pos, 1, ett_tag, NULL, val_to_str_const(tag, option_tag_vals, "Unknown")); |
209 | 2.51k | length = 0; |
210 | 2.51k | } |
211 | | |
212 | 3.15k | proto_tree_add_item(tag_tree, hf_option_tag, tvb, pos, 1, ENC_BIG_ENDIAN); |
213 | 3.15k | pos++; |
214 | 3.15k | if ((tag != TZSP_HDR_PAD) && (tag != TZSP_HDR_END)) { |
215 | 642 | proto_tree_add_item(tag_tree, hf_option_length, tvb, pos, 1, ENC_BIG_ENDIAN); |
216 | 642 | pos++; |
217 | 642 | } |
218 | | |
219 | 3.15k | switch (tag) { |
220 | 2.15k | case TZSP_HDR_PAD: |
221 | 2.15k | break; |
222 | | |
223 | 350 | case TZSP_HDR_END: |
224 | | /* Fill in header with information from other tags. */ |
225 | 350 | if (seen_fcs_err) { |
226 | 1 | proto_item_append_text(ti,"%s", fcs_err?"FCS Error":(encr?"Encrypted":"Good")); |
227 | 1 | } |
228 | 350 | return pos; |
229 | | |
230 | 8 | case TZSP_PACKET_ID: |
231 | 8 | proto_tree_add_item(tag_tree, hf_packet_id, tvb, pos, 4, ENC_BIG_ENDIAN); |
232 | 8 | break; |
233 | | |
234 | 3 | case TZSP_HDR_ORIGINAL_LENGTH: |
235 | 3 | proto_tree_add_item(tag_tree, hf_original_length, tvb, pos, 2, ENC_BIG_ENDIAN); |
236 | 3 | break; |
237 | | |
238 | 7 | case TZSP_DEVICE_NAME: |
239 | 7 | proto_tree_add_item(tag_tree, hf_device_name, tvb, pos, length, ENC_ASCII); |
240 | 7 | break; |
241 | | |
242 | 9 | case TZSP_CAPTURE_LOCATION: |
243 | 9 | proto_tree_add_item(tag_tree, hf_capture_location, tvb, pos, length, ENC_ASCII); |
244 | 9 | break; |
245 | | |
246 | 7 | case TZSP_INFO: |
247 | 7 | proto_tree_add_item(tag_tree, hf_capture_info, tvb, pos, length, ENC_ASCII); |
248 | 7 | break; |
249 | | |
250 | 11 | case TZSP_CAPTURE_ID: |
251 | 11 | proto_tree_add_item(tag_tree, hf_capture_id, tvb, pos, 4, ENC_BIG_ENDIAN); |
252 | 11 | break; |
253 | | |
254 | 8 | case TZSP_TIME_STAMP: |
255 | 8 | proto_tree_add_item(tag_tree, hf_time_stamp, tvb, pos, length, ENC_TIME_SECS_NSECS|ENC_BIG_ENDIAN); |
256 | 8 | break; |
257 | | |
258 | | |
259 | 12 | case WLAN_RADIO_HDR_SIGNAL: |
260 | 12 | proto_tree_add_item(tag_tree, hf_signal, tvb, pos, 1, ENC_BIG_ENDIAN); |
261 | 12 | break; |
262 | | |
263 | 17 | case WLAN_RADIO_HDR_NOISE: |
264 | 17 | proto_tree_add_item(tag_tree, hf_silence, tvb, pos, 1, ENC_BIG_ENDIAN); |
265 | 17 | break; |
266 | | |
267 | 21 | case WLAN_RADIO_HDR_RATE: |
268 | 21 | proto_tree_add_item(tag_tree, hf_rate, tvb, pos, 1, ENC_BIG_ENDIAN); |
269 | 21 | break; |
270 | | |
271 | 37 | case WLAN_RADIO_HDR_TIMESTAMP: |
272 | 37 | proto_tree_add_item(tag_tree, hf_time, tvb, pos, 4, ENC_BIG_ENDIAN); |
273 | 37 | break; |
274 | | |
275 | 20 | case WLAN_RADIO_HDR_MSG_TYPE: |
276 | 20 | proto_tree_add_item(tag_tree, hf_status_msg_type, tvb, pos, 1, ENC_BIG_ENDIAN); |
277 | 20 | break; |
278 | | |
279 | 20 | case WLAN_RADIO_HDR_CF: |
280 | 20 | proto_tree_add_item(tag_tree, hf_status_pcf, tvb, pos, 1, ENC_NA); |
281 | 20 | break; |
282 | | |
283 | 31 | case WLAN_RADIO_HDR_UN_DECR: |
284 | 31 | proto_tree_add_item(tag_tree, hf_status_undecrypted, tvb, pos, 1, ENC_NA); |
285 | 31 | encr = tvb_get_uint8(tvb, pos); |
286 | 31 | break; |
287 | | |
288 | 13 | case WLAN_RADIO_HDR_FCS_ERR: |
289 | 13 | seen_fcs_err = 1; |
290 | 13 | proto_tree_add_item(tag_tree, hf_status_fcs_error, tvb, pos, 1, ENC_NA); |
291 | 13 | fcs_err = tvb_get_uint8(tvb, pos); |
292 | 13 | break; |
293 | | |
294 | 8 | case WLAN_RADIO_HDR_CHANNEL: |
295 | 8 | proto_tree_add_item(tag_tree, hf_channel, tvb, pos, length, ENC_BIG_ENDIAN); |
296 | 8 | break; |
297 | | |
298 | 3 | case TZSP_HDR_SENSOR: |
299 | 3 | proto_tree_add_item(tag_tree, hf_sensormac, tvb, pos, 6, ENC_NA); |
300 | 3 | break; |
301 | | |
302 | 407 | default: |
303 | 407 | proto_tree_add_item(tag_tree, hf_unknown, tvb, pos, length, ENC_NA); |
304 | 407 | break; |
305 | 3.15k | } |
306 | | |
307 | 2.75k | pos += length; |
308 | 2.75k | } |
309 | 406 | } |
310 | | |
311 | | /* ************************************************************************* */ |
312 | | /* Dissect a TZSP packet */ |
313 | | /* ************************************************************************* */ |
314 | | |
315 | | static int |
316 | | dissect_tzsp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) |
317 | 407 | { |
318 | 407 | proto_tree *tzsp_tree = NULL; |
319 | 407 | proto_item *ti = NULL; |
320 | 407 | int pos = 0; |
321 | 407 | tvbuff_t *next_tvb; |
322 | 407 | uint32_t encapsulation = 0; |
323 | 407 | const char *info; |
324 | 407 | uint32_t type; |
325 | | |
326 | 407 | col_set_str(pinfo->cinfo, COL_PROTOCOL, "TZSP"); |
327 | 407 | col_clear(pinfo->cinfo, COL_INFO); |
328 | | |
329 | | /* Adding TZSP item and subtree */ |
330 | 407 | ti = proto_tree_add_item(tree, proto_tzsp, tvb, 0, -1, ENC_NA); |
331 | 407 | tzsp_tree = proto_item_add_subtree(ti, ett_tzsp); |
332 | | |
333 | 407 | proto_tree_add_item (tzsp_tree, hf_tzsp_version, tvb, 0, 1, ENC_BIG_ENDIAN); |
334 | 407 | proto_tree_add_item_ret_uint(tzsp_tree, hf_tzsp_type, tvb, 1, 1, ENC_BIG_ENDIAN, &type); |
335 | 407 | proto_tree_add_item_ret_uint(tzsp_tree, hf_tzsp_encap, tvb, 2, 2, ENC_BIG_ENDIAN, &encapsulation); |
336 | 407 | info = val_to_str(pinfo->pool, encapsulation, tzsp_encapsulation, "Unknown (%u)"); |
337 | 407 | proto_item_append_text(ti, ": %s", info); |
338 | | |
339 | 407 | col_add_str(pinfo->cinfo, COL_INFO, info); |
340 | | |
341 | | /* |
342 | | * XXX - what about TZSP_CONFIG frames? |
343 | | * |
344 | | * The MIB at |
345 | | * |
346 | | * http://web.archive.org/web/20021221195733/http://www.networkchemistry.com/support/appnotes/SENSOR-MIB |
347 | | * |
348 | | * seems to indicate that you can configure the probe using SNMP; |
349 | | * does TZSP_CONFIG also support that? An old version of Kismet |
350 | | * included code to control a Network Chemistry WSP100 sensor: |
351 | | * |
352 | | * https://www.kismetwireless.net/code-old/svn/tags/kismet-2004-02-R1/wsp100source.cc |
353 | | * |
354 | | * and it used SNMP to configure the probe. |
355 | | */ |
356 | 407 | if ((type != TZSP_NULL) && (type != TZSP_PORT)) { |
357 | 406 | pos = add_option_info(tvb, 4, tzsp_tree, ti); |
358 | | |
359 | 406 | if (tree) |
360 | 350 | proto_item_set_end(ti, tvb, pos); |
361 | 406 | next_tvb = tvb_new_subset_remaining(tvb, pos); |
362 | 406 | if (dissector_try_uint(tzsp_encap_table, encapsulation, next_tvb, pinfo, tree) == 0) { |
363 | 4 | col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN"); |
364 | 4 | col_add_fstr(pinfo->cinfo, COL_INFO, "TZSP_ENCAP = %u", |
365 | 4 | encapsulation); |
366 | 4 | call_data_dissector(next_tvb, pinfo, tree); |
367 | 4 | } |
368 | 406 | } |
369 | | |
370 | 407 | return tvb_captured_length(tvb); |
371 | 407 | } |
372 | | |
373 | | /* ************************************************************************* */ |
374 | | /* Register the TZSP dissector */ |
375 | | /* ************************************************************************* */ |
376 | | |
377 | | void |
378 | | proto_register_tzsp(void) |
379 | 15 | { |
380 | 15 | static const value_string msg_type[] = { |
381 | 15 | {0, "Normal"}, |
382 | 15 | {1, "RFC1042 encoded"}, |
383 | 15 | {2, "Bridge-tunnel encoded"}, |
384 | 15 | {4, "802.11 management frame"}, |
385 | 15 | {0, NULL} |
386 | 15 | }; |
387 | | |
388 | 15 | static const true_false_string pcf_flag = { |
389 | 15 | "CF: Frame received during CF period", |
390 | 15 | "Not CF" |
391 | 15 | }; |
392 | | |
393 | 15 | static const true_false_string undecr_flag = { |
394 | 15 | "Encrypted frame could not be decrypted", |
395 | 15 | "Unencrypted" |
396 | 15 | }; |
397 | | |
398 | 15 | static const true_false_string fcs_err_flag = { |
399 | 15 | "FCS error, frame is corrupted", |
400 | 15 | "Frame is valid" |
401 | 15 | }; |
402 | | |
403 | 15 | static const value_string channels[] = { |
404 | | /* 802.11b/g */ |
405 | 15 | { 1, "1 (2.412 GHz)"}, |
406 | 15 | { 2, "2 (2.417 GHz)"}, |
407 | 15 | { 3, "3 (2.422 GHz)"}, |
408 | 15 | { 4, "4 (2.427 GHz)"}, |
409 | 15 | { 5, "5 (2.432 GHz)"}, |
410 | 15 | { 6, "6 (2.437 GHz)"}, |
411 | 15 | { 7, "7 (2.442 GHz)"}, |
412 | 15 | { 8, "8 (2.447 GHz)"}, |
413 | 15 | { 9, "9 (2.452 GHz)"}, |
414 | 15 | { 10, "10 (2.457 GHz)"}, |
415 | 15 | { 11, "11 (2.462 GHz)"}, |
416 | 15 | { 12, "12 (2.467 GHz)"}, |
417 | 15 | { 13, "13 (2.472 GHz)"}, |
418 | 15 | { 14, "14 (2.484 GHz)"}, |
419 | | /* 802.11a */ |
420 | 15 | { 36, "36 (5.180 GHz)"}, |
421 | 15 | { 40, "40 (5.200 GHz)"}, |
422 | 15 | { 44, "44 (5.220 GHz)"}, |
423 | 15 | { 48, "48 (5.240 GHz)"}, |
424 | 15 | { 52, "52 (5.260 GHz)"}, |
425 | 15 | { 56, "56 (5.280 GHz)"}, |
426 | 15 | { 60, "60 (5.300 GHz)"}, |
427 | 15 | { 64, "64 (5.320 GHz)"}, |
428 | 15 | {149, "149 (5.745 GHz)"}, |
429 | 15 | {153, "153 (5.765 GHz)"}, |
430 | 15 | {157, "157 (5.785 GHz)"}, |
431 | 15 | {161, "161 (5.805 GHz)"}, |
432 | | /* 802.11ax */ |
433 | 15 | {191, "191 (5.955 GHz)"}, |
434 | 15 | {195, "195 (5.975 GHz)"}, |
435 | 15 | {199, "199 (5.995 GHz)"}, |
436 | 15 | {203, "203 (6.015 GHz)"}, |
437 | 15 | {207, "207 (6.035 GHz)"}, |
438 | 15 | {211, "211 (6.055 GHz)"}, |
439 | 15 | {215, "215 (6.075 GHz)"}, |
440 | 15 | {219, "219 (6.095 GHz)"}, |
441 | 15 | {223, "223 (6.115 GHz)"}, |
442 | 15 | {227, "227 (6.135 GHz)"}, |
443 | 15 | {231, "231 (6.155 GHz)"}, |
444 | 15 | {235, "235 (6.175 GHz)"}, |
445 | 15 | {239, "239 (6.195 GHz)"}, |
446 | 15 | {243, "243 (6.215 GHz)"}, |
447 | 15 | {247, "247 (6.235 GHz)"}, |
448 | 15 | {251, "251 (6.255 GHz)"}, |
449 | 15 | {255, "255 (6.275 GHz)"}, |
450 | 15 | {259, "259 (6.295 GHz)"}, |
451 | 15 | {263, "263 (6.315 GHz)"}, |
452 | 15 | {267, "267 (6.335 GHz)"}, |
453 | 15 | {271, "271 (6.355 GHz)"}, |
454 | 15 | {275, "275 (6.375 GHz)"}, |
455 | 15 | {279, "279 (6.395 GHz)"}, |
456 | 15 | {283, "283 (6.415 GHz)"}, |
457 | 15 | {287, "287 (6.435 GHz)"}, |
458 | 15 | {291, "291 (6.455 GHz)"}, |
459 | 15 | {295, "295 (6.475 GHz)"}, |
460 | 15 | {299, "299 (6.495 GHz)"}, |
461 | 15 | {303, "303 (6.515 GHz)"}, |
462 | 15 | {307, "307 (6.535 GHz)"}, |
463 | 15 | {311, "311 (6.555 GHz)"}, |
464 | 15 | {315, "315 (6.575 GHz)"}, |
465 | 15 | {319, "319 (6.595 GHz)"}, |
466 | 15 | {323, "323 (6.615 GHz)"}, |
467 | 15 | {327, "327 (6.635 GHz)"}, |
468 | 15 | {331, "331 (6.655 GHz)"}, |
469 | 15 | {335, "335 (6.675 GHz)"}, |
470 | 15 | {339, "339 (6.695 GHz)"}, |
471 | 15 | {343, "343 (6.715 GHz)"}, |
472 | 15 | {347, "347 (6.735 GHz)"}, |
473 | 15 | {351, "351 (6.755 GHz)"}, |
474 | 15 | {355, "355 (6.775 GHz)"}, |
475 | 15 | {359, "359 (6.795 GHz)"}, |
476 | 15 | {363, "363 (6.815 GHz)"}, |
477 | 15 | {367, "367 (6.835 GHz)"}, |
478 | 15 | {371, "371 (6.855 GHz)"}, |
479 | 15 | {375, "375 (6.875 GHz)"}, |
480 | 15 | {379, "379 (6.895 GHz)"}, |
481 | 15 | {383, "383 (6.915 GHz)"}, |
482 | 15 | {387, "387 (6.935 GHz)"}, |
483 | 15 | {391, "391 (6.955 GHz)"}, |
484 | 15 | {395, "395 (6.975 GHz)"}, |
485 | 15 | {399, "399 (6.995 GHz)"}, |
486 | 15 | {403, "403 (7.015 GHz)"}, |
487 | 15 | {407, "407 (7.035 GHz)"}, |
488 | 15 | {411, "411 (7.055 GHz)"}, |
489 | 15 | {415, "415 (7.075 GHz)"}, |
490 | 15 | {419, "419 (7.095 GHz)"}, |
491 | 15 | {423, "423 (7.115 GHz)"}, |
492 | 15 | {0, NULL} |
493 | 15 | }; |
494 | | |
495 | 15 | static const value_string rates[] = { |
496 | | /* Old PRISM rates */ |
497 | 15 | {0x0A, "1 Mbit/s"}, |
498 | 15 | {0x14, "2 Mbit/s"}, |
499 | 15 | {0x37, "5.5 Mbit/s"}, |
500 | 15 | {0x6E, "11 Mbit/s"}, |
501 | | /* MicroAP rates */ |
502 | 15 | { 2, "1 Mbit/s"}, |
503 | 15 | { 4, "2 Mbit/s"}, |
504 | 15 | { 11, "5.5 Mbit/s"}, |
505 | 15 | { 12, "6 Mbit/s"}, |
506 | 15 | { 18, "9 Mbit/s"}, |
507 | 15 | { 22, "11 Mbit/s"}, |
508 | 15 | { 24, "12 Mbit/s"}, |
509 | 15 | { 36, "18 Mbit/s"}, |
510 | 15 | { 48, "24 Mbit/s"}, |
511 | 15 | { 72, "36 Mbit/s"}, |
512 | 15 | { 96, "48 Mbit/s"}, |
513 | 15 | {108, "54 Mbit/s"}, |
514 | 15 | {0, NULL} |
515 | 15 | }; |
516 | | |
517 | 15 | static hf_register_info hf[] = { |
518 | 15 | { &hf_tzsp_version, { |
519 | 15 | "Version", "tzsp.version", FT_UINT8, BASE_DEC, |
520 | 15 | NULL, 0, NULL, HFILL }}, |
521 | 15 | { &hf_tzsp_type, { |
522 | 15 | "Type", "tzsp.type", FT_UINT8, BASE_DEC, |
523 | 15 | VALS(tzsp_type), 0, NULL, HFILL }}, |
524 | 15 | { &hf_tzsp_encap, { |
525 | 15 | "Encapsulation", "tzsp.encap", FT_UINT16, BASE_DEC, |
526 | 15 | VALS(tzsp_encapsulation), 0, NULL, HFILL }}, |
527 | | |
528 | 15 | { &hf_option_tag, { |
529 | 15 | "Option Tag", "tzsp.option_tag", FT_UINT8, BASE_DEC, |
530 | 15 | VALS(option_tag_vals), 0, NULL, HFILL }}, |
531 | 15 | { &hf_option_length, { |
532 | 15 | "Option Length", "tzsp.option_length", FT_UINT8, BASE_DEC, |
533 | 15 | NULL, 0, NULL, HFILL }}, |
534 | | #if 0 |
535 | | { &hf_status_field, { |
536 | | "Status", "tzsp.wlan.status", FT_UINT16, BASE_HEX, |
537 | | NULL, 0, NULL, HFILL }}, |
538 | | #endif |
539 | 15 | { &hf_status_msg_type, { |
540 | 15 | "Type", "tzsp.wlan.status.msg_type", FT_UINT8, BASE_HEX, |
541 | 15 | VALS(msg_type), 0, "Message type", HFILL }}, |
542 | | #if 0 |
543 | | { &hf_status_mac_port, { |
544 | | "Port", "tzsp.wlan.status.mac_port", FT_UINT8, BASE_DEC, |
545 | | NULL, 0, "MAC port", HFILL }}, |
546 | | #endif |
547 | 15 | { &hf_status_pcf, { |
548 | 15 | "PCF", "tzsp.wlan.status.pcf", FT_BOOLEAN, BASE_NONE, |
549 | 15 | TFS (&pcf_flag), 0x0, "Point Coordination Function", HFILL }}, |
550 | 15 | { &hf_status_undecrypted, { |
551 | 15 | "Undecrypted", "tzsp.wlan.status.undecrypted", FT_BOOLEAN, BASE_NONE, |
552 | 15 | TFS (&undecr_flag), 0x0, NULL, HFILL }}, |
553 | 15 | { &hf_status_fcs_error, { |
554 | 15 | "FCS", "tzsp.wlan.status.fcs_err", FT_BOOLEAN, BASE_NONE, |
555 | 15 | TFS (&fcs_err_flag), 0x0, "Frame check sequence", HFILL }}, |
556 | 15 | { &hf_time, { |
557 | 15 | "Time", "tzsp.wlan.time", FT_UINT32, BASE_HEX, |
558 | 15 | NULL, 0, NULL, HFILL }}, |
559 | 15 | { &hf_silence, { |
560 | 15 | "Silence", "tzsp.wlan.silence", FT_INT8, BASE_DEC, |
561 | 15 | NULL, 0, NULL, HFILL }}, |
562 | 15 | { &hf_original_length, { |
563 | 15 | "Original Length", "tzsp.original_length", FT_INT16, BASE_DEC, |
564 | 15 | NULL, 0, "OrigLength", HFILL }}, |
565 | 15 | { &hf_signal, { |
566 | 15 | "Signal", "tzsp.wlan.signal", FT_INT8, BASE_DEC, |
567 | 15 | NULL, 0, NULL, HFILL }}, |
568 | 15 | { &hf_rate, { |
569 | 15 | "Rate", "tzsp.wlan.rate", FT_UINT8, BASE_DEC, |
570 | 15 | VALS(rates), 0, NULL, HFILL }}, |
571 | 15 | { &hf_channel, { |
572 | 15 | "Channel", "tzsp.wlan.channel", FT_UINT16, BASE_DEC, |
573 | 15 | VALS(channels), 0, NULL, HFILL }}, |
574 | 15 | { &hf_unknown, { |
575 | 15 | "Unknown tag", "tzsp.unknown", FT_BYTES, BASE_NONE, |
576 | 15 | NULL, 0, NULL, HFILL }}, |
577 | 15 | { &hf_sensormac, { |
578 | 15 | "Sensor Address", "tzsp.sensormac", FT_ETHER, BASE_NONE, |
579 | 15 | NULL, 0, "Sensor MAC", HFILL }}, |
580 | | |
581 | 15 | { &hf_device_name, { |
582 | 15 | "Device Name", "tzsp.device_name", FT_STRING, BASE_NONE, |
583 | 15 | NULL, 0, "DeviceName", HFILL }}, |
584 | | |
585 | 15 | { &hf_capture_location, { |
586 | 15 | "Capture Location", "tzsp.capture_location", FT_STRING, BASE_NONE, |
587 | 15 | NULL, 0, "CaptureLocation", HFILL }}, |
588 | | |
589 | 15 | { &hf_capture_info, { |
590 | 15 | "Capture Information", "tzsp.device_info", FT_STRING, BASE_NONE, |
591 | 15 | NULL, 0, "CaptureInformation", HFILL }}, |
592 | | |
593 | 15 | { &hf_capture_id, { |
594 | 15 | "Capture Id", "tzsp.device_id", FT_UINT32, BASE_DEC, |
595 | 15 | NULL, 0, "CaptureID", HFILL }}, |
596 | | |
597 | 15 | {&hf_time_stamp, { |
598 | 15 | "Time Stamp", "tzsp.time_stamp", |
599 | 15 | FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0, |
600 | 15 | "TimeStamp", HFILL}}, |
601 | | |
602 | 15 | { &hf_packet_id, { |
603 | 15 | "Packet Id", "tzsp.packet_id", FT_UINT32, BASE_DEC, |
604 | 15 | NULL, 0, "PacketId", HFILL }} |
605 | 15 | }; |
606 | | |
607 | 15 | static int *ett[] = { |
608 | 15 | &ett_tzsp, |
609 | 15 | &ett_tag |
610 | 15 | }; |
611 | | |
612 | 15 | proto_tzsp = proto_register_protocol("Tazmen Sniffer Protocol", "TZSP", "tzsp"); |
613 | 15 | proto_register_field_array(proto_tzsp, hf, array_length(hf)); |
614 | 15 | proto_register_subtree_array(ett, array_length(ett)); |
615 | | |
616 | 15 | tzsp_handle = register_dissector("tzsp", dissect_tzsp, proto_tzsp); |
617 | | |
618 | 15 | tzsp_encap_table = register_dissector_table("tzsp.encap", "TZSP Encapsulation Type", |
619 | 15 | proto_tzsp, FT_UINT16, BASE_DEC); |
620 | 15 | } |
621 | | |
622 | | void |
623 | | proto_reg_handoff_tzsp(void) |
624 | 15 | { |
625 | 15 | dissector_add_uint_with_preference("udp.port", UDP_PORT_TZSP, tzsp_handle); |
626 | | |
627 | | /* Get the data dissector for handling various encapsulation types. */ |
628 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_ETHERNET, find_dissector("eth_maybefcs")); |
629 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_TOKEN_RING, find_dissector("tr")); |
630 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_PPP, find_dissector("ppp_hdlc")); |
631 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_FDDI, find_dissector("fddi")); |
632 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_RAW, find_dissector("raw_ip")); |
633 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_IEEE_802_11, find_dissector("wlan")); |
634 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_IEEE_802_11_PRISM, find_dissector("prism")); |
635 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_IEEE_802_11_AVS, find_dissector("wlancap")); |
636 | 15 | dissector_add_uint("tzsp.encap", TZSP_ENCAP_IEEE_802_11_RADIOTAP, find_dissector("radiotap")); |
637 | | |
638 | | /* Register this protocol as an encapsulation type. */ |
639 | 15 | dissector_add_uint("wtap_encap", WTAP_ENCAP_TZSP, tzsp_handle); |
640 | 15 | } |
641 | | |
642 | | /* |
643 | | * Editor modelines - https://www.wireshark.org/tools/modelines.html |
644 | | * |
645 | | * Local variables: |
646 | | * c-basic-offset: 4 |
647 | | * tab-width: 8 |
648 | | * indent-tabs-mode: nil |
649 | | * End: |
650 | | * |
651 | | * vi: set shiftwidth=4 tabstop=8 expandtab: |
652 | | * :indentSize=4:tabSize=8:noTabs=true: |
653 | | */ |