diff options
| author | Ulf Lamping <ulf.lamping@web.de> | 2009-02-04 01:02:59 +0000 |
|---|---|---|
| committer | Ulf Lamping <ulf.lamping@web.de> | 2009-02-04 01:02:59 +0000 |
| commit | d5d3e1fa9220a9e0da2fd4b5a428dd248d55672d (patch) | |
| tree | 72a1b662da782f7f64a954a7cd19c80d5c9f8390 | |
| parent | 52c567e2b285f7f66b2e0e39964f4d1c1e2ebaba (diff) | |
| download | wireshark-d5d3e1fa9220a9e0da2fd4b5a428dd248d55672d.tar.gz | |
add display of GeoIP latitude/longitude
This is a crude hack, as the current Wireshark interface to GeoIP is not really suitable for reading several values of a single GeoIP database :-(
svn path=/trunk/; revision=27365
| -rw-r--r-- | epan/dissectors/packet-ip.c | 38 | ||||
| -rw-r--r-- | epan/geoip_db.c | 73 | ||||
| -rw-r--r-- | epan/geoip_db.h | 7 | ||||
| -rw-r--r-- | gtk/hostlist_table.h | 2 |
4 files changed, 116 insertions, 4 deletions
diff --git a/epan/dissectors/packet-ip.c b/epan/dissectors/packet-ip.c index cf1434e6b6..b60678ea70 100644 --- a/epan/dissectors/packet-ip.c +++ b/epan/dissectors/packet-ip.c @@ -142,16 +142,22 @@ static int hf_geoip_city = -1; static int hf_geoip_org = -1; static int hf_geoip_isp = -1; static int hf_geoip_asnum = -1; +static int hf_geoip_lat = -1; +static int hf_geoip_lon = -1; static int hf_geoip_src_country = -1; static int hf_geoip_src_city = -1; static int hf_geoip_src_org = -1; static int hf_geoip_src_isp = -1; static int hf_geoip_src_asnum = -1; +static int hf_geoip_src_lat = -1; +static int hf_geoip_src_lon = -1; static int hf_geoip_dst_country = -1; static int hf_geoip_dst_city = -1; static int hf_geoip_dst_org = -1; static int hf_geoip_dst_isp = -1; static int hf_geoip_dst_asnum = -1; +static int hf_geoip_dst_lat = -1; +static int hf_geoip_dst_lon = -1; #endif /* HAVE_GEOIP */ static gint ett_ip = -1; @@ -1536,6 +1542,16 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) geoip_src_hf = hf_geoip_src_asnum; geoip_dst_hf = hf_geoip_dst_asnum; break; + case WS_LAT_FAKE_EDITION: + geoip_hf = hf_geoip_lat; + geoip_src_hf = hf_geoip_src_lat; + geoip_dst_hf = hf_geoip_dst_lat; + break; + case WS_LON_FAKE_EDITION: + geoip_hf = hf_geoip_lon; + geoip_src_hf = hf_geoip_src_lon; + geoip_dst_hf = hf_geoip_dst_lon; + break; default: continue; break; @@ -1560,8 +1576,8 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) PROTO_ITEM_SET_GENERATED(item); PROTO_ITEM_SET_HIDDEN(item); } - } - } + } /* for */ + } /* switch */ #endif /* HAVE_GEOIP */ if (tree) { @@ -2539,6 +2555,12 @@ proto_register_ip(void) { &hf_geoip_asnum, { "Source or Destination GeoIP AS Number", "ip.geoip.asnum", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }}, + { &hf_geoip_lat, + { "Source or Destination GeoIP Latitude", "ip.geoip.lat", FT_STRING, BASE_NONE, NULL, 0x0, + "", HFILL }}, + { &hf_geoip_lon, + { "Source or Destination GeoIP Longitude", "ip.geoip.lon", FT_STRING, BASE_NONE, NULL, 0x0, + "", HFILL }}, { &hf_geoip_src_country, { "Source GeoIP Country", "ip.geoip.src_country", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }}, @@ -2554,6 +2576,12 @@ proto_register_ip(void) { &hf_geoip_src_asnum, { "Source GeoIP AS Number", "ip.geoip.src_asnum", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }}, + { &hf_geoip_src_lat, + { "Source GeoIP Latitude", "ip.geoip.src_lat", FT_STRING, BASE_NONE, NULL, 0x0, + "", HFILL }}, + { &hf_geoip_src_lon, + { "Source GeoIP Longitude", "ip.geoip.src_lon", FT_STRING, BASE_NONE, NULL, 0x0, + "", HFILL }}, { &hf_geoip_dst_country, { "Destination GeoIP Country", "ip.geoip.dst_country", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }}, @@ -2569,6 +2597,12 @@ proto_register_ip(void) { &hf_geoip_dst_asnum, { "Destination GeoIP AS Number", "ip.geoip.dst_asnum", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }}, + { &hf_geoip_dst_lat, + { "Destination GeoIP Latitude", "ip.geoip.dst_lat", FT_STRING, BASE_NONE, NULL, 0x0, + "", HFILL }}, + { &hf_geoip_dst_lon, + { "Destination GeoIP Longitude", "ip.geoip.dst_lon", FT_STRING, BASE_NONE, NULL, 0x0, + "", HFILL }}, #endif /* HAVE_GEOIP */ { &hf_ip_flags, { "Flags", "ip.flags", FT_UINT8, BASE_HEX, NULL, 0x0, diff --git a/epan/geoip_db.c b/epan/geoip_db.c index db4169afe6..4038982844 100644 --- a/epan/geoip_db.c +++ b/epan/geoip_db.c @@ -47,7 +47,7 @@ #include <wsutil/file_util.h> /* This needs to match NUM_GEOIP_COLS in hostlist_table.h */ -#define MAX_GEOIP_DBS 8 +#define MAX_GEOIP_DBS 13 /* Column names for each database type */ value_string geoip_type_name_vals[] = { @@ -62,6 +62,8 @@ value_string geoip_type_name_vals[] = { { GEOIP_ASNUM_EDITION, "AS Number" }, { GEOIP_NETSPEED_EDITION, "Speed" }, { GEOIP_DOMAIN_EDITION, "Domain" }, + { WS_LAT_FAKE_EDITION, "Latitude" }, /* fake database */ + { WS_LON_FAKE_EDITION, "Longitude" }, /* fake database */ { 0, NULL } }; @@ -159,6 +161,18 @@ geoip_db_init(void) { } } + /* add fake databases for latitude and longitude (using "City" in reality) */ + { + GeoIP *gi_lat; + GeoIP *gi_lon; + + gi_lat = g_malloc(sizeof (GeoIP)); + gi_lat->databaseType = WS_LAT_FAKE_EDITION; + g_array_append_val(geoip_dat_arr, gi_lat); + gi_lon = g_malloc(sizeof (GeoIP)); + gi_lon->databaseType = WS_LON_FAKE_EDITION; + g_array_append_val(geoip_dat_arr, gi_lon); + } } guint @@ -188,6 +202,35 @@ geoip_db_type(guint dbnum) { return -1; } +int +geoip_db_lookup_latlon(guint32 addr, float *lat, float *lon) { + GeoIP *gi; + GeoIPRecord *gir; + guint i; + + for (i = 0; i < geoip_db_num_dbs(); i++) { + gi = g_array_index(geoip_dat_arr, GeoIP *, i); + if (gi) { + switch (gi->databaseType) { + case GEOIP_CITY_EDITION_REV0: + case GEOIP_CITY_EDITION_REV1: + gir = GeoIP_record_by_ipnum(gi, addr); + if(gir) { + *lat = gir->latitude; + *lon = gir->longitude; + return 0; + } + return -1; + /*break;*/ + + default: + break; + } + } + } + return -1; +} + #define VAL_STR_LEN 100 const char * geoip_db_lookup_ipv4(guint dbnum, guint32 addr, char *not_found) { @@ -221,6 +264,34 @@ geoip_db_lookup_ipv4(guint dbnum, guint32 addr, char *not_found) { ret = GeoIP_name_by_ipnum(gi, addr); break; + case WS_LAT_FAKE_EDITION: + { + float lat; + float lon; + char *c; + if(geoip_db_lookup_latlon(addr, &lat, &lon) == 0) { + g_snprintf(val, VAL_STR_LEN, "%f", lat); + c = strchr(val, ','); + if (c != NULL) *c = '.'; + ret = val; + } + } + break; + + case WS_LON_FAKE_EDITION: + { + float lat; + float lon; + char *c; + if(geoip_db_lookup_latlon(addr, &lat, &lon) == 0) { + g_snprintf(val, VAL_STR_LEN, "%f", lon); + c = strchr(val, ','); + if (c != NULL) *c = '.'; + ret = val; + } + } + break; + default: break; } diff --git a/epan/geoip_db.h b/epan/geoip_db.h index a9e0cc4729..61a69e4fae 100644 --- a/epan/geoip_db.h +++ b/epan/geoip_db.h @@ -27,6 +27,13 @@ #ifndef __GEOIP_DB_H__ #define __GEOIP_DB_H__ + +/* Fake databases to make lat/lon values available */ +/* XXX - find a better way to interface */ +#define WS_LAT_FAKE_EDITION 12 +#define WS_LON_FAKE_EDITION 13 + + /** * Init function called from epan.h */ diff --git a/gtk/hostlist_table.h b/gtk/hostlist_table.h index 1a0e4ca644..ad3b239ad5 100644 --- a/gtk/hostlist_table.h +++ b/gtk/hostlist_table.h @@ -44,7 +44,7 @@ typedef struct _hostlist_talker_t { #define NUM_BUILTIN_COLS 8 #ifdef HAVE_GEOIP -# define NUM_GEOIP_COLS 8 +# define NUM_GEOIP_COLS 13 #else # define NUM_GEOIP_COLS 0 #endif |