From edcc2f019e3729293d9410e1bb30dae6bc9b790a Mon Sep 17 00:00:00 2001 From: Michael Mann Date: Sat, 23 Jul 2016 21:25:05 -0400 Subject: Add OSI Layer 4 to exported PDU to handle TCP and UDP payloads. This allows for much easier anonymized captures for protocols running atop TCP/UDP. Added support for "TCP dissector data" tag within export PDU (34) so that the tcpinfo struct that TCP dissector normally passes to its subdissectors can be saved. Change-Id: Icd63c049162332e5bcb2720159e5cf8aac893788 Reviewed-on: https://code.wireshark.org/review/16285 Reviewed-by: Michael Mann --- epan/exported_pdu.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'epan/exported_pdu.c') diff --git a/epan/exported_pdu.c b/epan/exported_pdu.c index c17a55a0f2..523770b229 100644 --- a/epan/exported_pdu.c +++ b/epan/exported_pdu.c @@ -162,6 +162,28 @@ static int exp_pdu_data_orig_frame_num_populate_data(packet_info *pinfo, void* d return exp_pdu_data_orig_frame_num_size(pinfo, data); } +WS_DLL_PUBLIC int exp_pdu_data_dissector_table_num_value_size(packet_info *pinfo _U_, void* data _U_) +{ + return EXP_PDU_TAG_DISSECTOR_TABLE_NUM_VAL_LEN + 4; +} + +WS_DLL_PUBLIC int exp_pdu_data_dissector_table_num_value_populate_data(packet_info *pinfo _U_, void* data, guint8 *tlv_buffer, guint32 buffer_size _U_) +{ + guint32 value = GPOINTER_TO_UINT(data); + + tlv_buffer[0] = 0; + tlv_buffer[1] = EXP_PDU_TAG_DISSECTOR_TABLE_NAME_NUM_VAL; + tlv_buffer[2] = 0; + tlv_buffer[3] = EXP_PDU_TAG_DISSECTOR_TABLE_NUM_VAL_LEN; /* tag length */ + tlv_buffer[4] = (value & 0xff000000) >> 24; + tlv_buffer[5] = (value & 0x00ff0000) >> 16; + tlv_buffer[6] = (value & 0x0000ff00) >> 8; + tlv_buffer[7] = (value & 0x000000ff); + + return exp_pdu_data_dissector_table_num_value_size(pinfo, data); +} + + exp_pdu_data_item_t exp_pdu_data_src_ip = {exp_pdu_data_src_ip_size, exp_pdu_data_src_ip_populate_data, NULL}; exp_pdu_data_item_t exp_pdu_data_dst_ip = {exp_pdu_data_dst_ip_size, exp_pdu_data_dst_ip_populate_data, NULL}; exp_pdu_data_item_t exp_pdu_data_port_type = {exp_pdu_data_port_type_size, exp_pdu_data_port_type_populate_data, NULL}; @@ -199,7 +221,7 @@ export_pdu_create_tags(packet_info *pinfo, const char* proto_name, guint16 tag_t guint8* buffer_data; DISSECTOR_ASSERT(proto_name != NULL); - DISSECTOR_ASSERT((tag_type == EXP_PDU_TAG_PROTO_NAME) || (tag_type == EXP_PDU_TAG_HEUR_PROTO_NAME)); + DISSECTOR_ASSERT((tag_type == EXP_PDU_TAG_PROTO_NAME) || (tag_type == EXP_PDU_TAG_HEUR_PROTO_NAME) || (tag_type == EXP_PDU_TAG_DISSECTOR_TABLE_NAME)); exp_pdu_data = (exp_pdu_data_t *)g_malloc(sizeof(exp_pdu_data_t)); -- cgit v1.2.1