Wireshark · Ethereal-dev: [Ethereal-dev] New dissector: HP rboot

[Jochen Friedrich <jochen+ethereal@xxxxxxxx>]

Hi,

this adds two more LLC based protocols to ethereal. An example trace of
a HP9000/350 booting NetBSD over Ethernet and a SNMP request (from a PC to a
non-existing HPJet box) is attached.

It's interesting that in the SNMP request SSAP and DSAP are different.
Probably we have to treat 0xc4 special (this seems to be some manager
client SAP used for multiple communication) and dissect by SSAP if this
value is found.

Now back to hack on the SNA dissector...

--jochen

Index: Makefile.am
===================================================================
RCS file: /cvsroot/ethereal/Makefile.am,v
retrieving revision 1.560
diff -u -r1.560 Makefile.am
--- Makefile.am	1 Mar 2003 00:09:00 -0000	1.560
+++ Makefile.am	2 Mar 2003 19:16:41 -0000
@@ -206,6 +206,7 @@
 	packet-h1.c    \
 	packet-h261.c  \
 	packet-hclnfsd.c  \
+	packet-hpext.c \
 	packet-hsrp.c  \
 	packet-http.c  \
 	packet-hyperscsi.c \
@@ -311,6 +312,7 @@
 	packet-radius.c\
 	packet-ranap.c \
 	packet-raw.c   \
+	packet-rmp.c   \
 	packet-rip.c   \
 	packet-ripng.c \
 	packet-rlogin.c \
Index: llcsaps.h
===================================================================
RCS file: /cvsroot/ethereal/llcsaps.h,v
retrieving revision 1.5
diff -u -r1.5 llcsaps.h
--- llcsaps.h	13 Feb 2003 00:47:42 -0000	1.5
+++ llcsaps.h	2 Mar 2003 19:16:41 -0000
@@ -50,9 +50,9 @@
 #define	SAP_NETWARE		0xE0
 #define	SAP_NETBIOS		0xF0
 #define	SAP_IBMNM		0xF4
-#define	SAP_RPL1		0xF8
+#define	SAP_HPEXT		0xF8
 #define	SAP_UB			0xFA
-#define	SAP_RPL2		0xFC
+#define	SAP_RPL			0xFC
 #define	SAP_OSINL		0xFE
 #define	SAP_GLOBAL		0xFF
 
Index: packet-llc.c
===================================================================
RCS file: /cvsroot/ethereal/packet-llc.c,v
retrieving revision 1.107
diff -u -r1.107 packet-llc.c
--- packet-llc.c	13 Feb 2003 00:47:42 -0000	1.107
+++ packet-llc.c	2 Mar 2003 19:16:42 -0000
@@ -133,9 +133,9 @@
 	{ SAP_NETWARE,        "NetWare" },
 	{ SAP_NETBIOS,        "NetBIOS" },
 	{ SAP_IBMNM,          "IBM Net Management" },
-	{ SAP_RPL1,           "Remote Program Load" },
+	{ SAP_HPEXT,          "HP Extended LLC" },
 	{ SAP_UB,             "Ungermann-Bass" },
-	{ SAP_RPL2,           "Remote Program Load" },
+	{ SAP_RPL,            "Remote Program Load" },
 	{ SAP_OSINL,          "ISO Network Layer" },
 	{ SAP_GLOBAL,         "Global LSAP" },
 	{ 0x00,               NULL }
Index: packet-snmp.c
===================================================================
RCS file: /cvsroot/ethereal/packet-snmp.c,v
retrieving revision 1.103
diff -u -r1.103 packet-snmp.c
--- packet-snmp.c	28 Jan 2003 22:53:22 -0000	1.103
+++ packet-snmp.c	2 Mar 2003 19:16:46 -0000
@@ -52,6 +52,7 @@
 #include <epan/conversation.h>
 #include "etypes.h"
 #include "packet-ipx.h"
+#include "packet-hpext.h"
 
 #ifdef HAVE_SOME_SNMP
 
@@ -2144,5 +2145,6 @@
 	dissector_add("ethertype", ETHERTYPE_SNMP, snmp_handle);
 	dissector_add("ipx.socket", IPX_SOCKET_SNMP_AGENT, snmp_handle);
 	dissector_add("ipx.socket", IPX_SOCKET_SNMP_SINK, snmp_handle);
+	dissector_add("hpext.dxsap", HPEXT_SNMP, snmp_handle);
 	data_handle = find_dissector("data");
 }
Index: packet-rpl.c
===================================================================
RCS file: /cvsroot/ethereal/packet-rpl.c,v
retrieving revision 1.4
diff -u -r1.4 packet-rpl.c
--- packet-rpl.c	18 Feb 2003 21:47:01 -0000	1.4
+++ packet-rpl.c	2 Mar 2003 19:16:46 -0000
@@ -402,5 +402,5 @@
 
 	data_handle = find_dissector("data");
 	rpl_handle = find_dissector("rpl");
-	dissector_add("llc.dsap", SAP_RPL2, rpl_handle);
+	dissector_add("llc.dsap", SAP_RPL, rpl_handle);
 }
--- traces/packet-hpext.c	1970-01-01 01:00:00.000000000 +0100
+++ packet-hpext.c	2003-03-01 10:42:40.000000000 +0100
@@ -0,0 +1,132 @@
+/* packet-hpext.c
+ * Routines for HP extended IEEE 802.2 LLC layer
+ * Jochen Friedrich <jochen@xxxxxxxx>
+ *
+ * $Id: $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@xxxxxxxxxxxx>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include "xdlc.h"
+#include "etypes.h"
+#include "llcsaps.h"
+#include "packet-hpext.h"
+
+static dissector_table_t subdissector_table;
+
+static dissector_handle_t data_handle;
+
+static int proto_hpext = -1;
+
+static int hf_hpext_dxsap = -1;
+static int hf_hpext_sxsap = -1;
+
+static gint ett_hpext = -1;
+
+const value_string xsap_vals[] = {
+	{ HPEXT_DXSAP,  "RBOOT Destination Service Access Point" },
+	{ HPEXT_SXSAP,  "RBOOT Source Service Access Point" },
+	{ HPEXT_SNMP,   "SNMP" },
+	{ 0x00,         NULL }
+};
+
+static void
+dissect_hpext(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+{
+	proto_tree	*hpext_tree = NULL;
+	proto_item	*ti = NULL;
+	guint16		dxsap, sxsap;
+	tvbuff_t	*next_tvb;
+
+	if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
+		col_set_str(pinfo->cinfo, COL_PROTOCOL, "HPEXT");
+	}
+
+	dxsap = tvb_get_ntohs(tvb, 3);
+	sxsap = tvb_get_ntohs(tvb, 5);
+
+	if (tree) {
+		ti = proto_tree_add_item(tree, proto_hpext, tvb, 0, 7, FALSE);
+		hpext_tree = proto_item_add_subtree(ti, ett_hpext);
+		proto_tree_add_text(hpext_tree, tvb, 0, 3, "Reserved");
+		proto_tree_add_uint(hpext_tree, hf_hpext_dxsap, tvb, 3,
+			2, dxsap);
+		proto_tree_add_uint(hpext_tree, hf_hpext_sxsap, tvb, 5,
+			2, sxsap);
+	}
+
+	if (check_col(pinfo->cinfo, COL_INFO))
+		col_append_fstr(pinfo->cinfo, COL_INFO,
+		    "; HPEXT; DXSAP %s, SXSAP %s",
+		    val_to_str(dxsap, xsap_vals, "%04x"),
+		    val_to_str(sxsap, xsap_vals, "%04x"));
+
+	if (tvb_length_remaining(tvb, 7) > 0) {
+		next_tvb = tvb_new_subset(tvb, 7, -1, -1);
+		if (!dissector_try_port(subdissector_table,
+		    dxsap, next_tvb, pinfo, tree)) {
+			call_dissector(data_handle, next_tvb, pinfo, tree);
+		}
+	}
+}
+
+void
+proto_register_hpext(void)
+{
+	static hf_register_info hf[] = {
+		{ &hf_hpext_dxsap,
+		{ "DXSAP",	"hpext.dxsap", FT_UINT16, BASE_HEX,
+			VALS(xsap_vals), 0x0, "", HFILL }},
+
+		{ &hf_hpext_sxsap,
+		{ "SXSAP", "hpext.sxsap", FT_UINT16, BASE_HEX,
+			VALS(xsap_vals), 0x0, "", HFILL }},
+	};
+	static gint *ett[] = {
+		&ett_hpext,
+	};
+
+	proto_hpext = proto_register_protocol(
+	    "HP Extended Local-Link Control", "HPEXT", "hpext");
+	proto_register_field_array(proto_hpext, hf, array_length(hf));
+	proto_register_subtree_array(ett, array_length(ett));
+
+/* subdissector code */
+	subdissector_table = register_dissector_table("hpext.dxsap",
+	  "HPEXT XSAP", FT_UINT16, BASE_HEX);
+
+	register_dissector("hpext", dissect_hpext, proto_hpext);
+}
+
+void
+proto_reg_handoff_hpext(void)
+{
+	dissector_handle_t hpext_handle;
+
+	data_handle = find_dissector("data");
+
+	hpext_handle = find_dissector("hpext");
+	dissector_add("llc.dsap", SAP_HPEXT, hpext_handle);
+}
--- traces/packet-hpext.h	1970-01-01 01:00:00.000000000 +0100
+++ packet-hpext.h	2003-02-28 22:38:41.000000000 +0100
@@ -0,0 +1,28 @@
+/* packet-hpext.h
+ * Routines for HP extended IEEE 802.2 LLC layer
+ * Jochen Friedrich <jochen@xxxxxxxx>
+ *
+ * $Id: $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@xxxxxxxxxxxx>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#define HPEXT_DXSAP     0x608
+#define HPEXT_SXSAP     0x609
+#define HPEXT_SNMP      0x165A
--- traces/packet-rmp.c	1970-01-01 01:00:00.000000000 +0100
+++ packet-rmp.c	2003-03-02 19:54:47.000000000 +0100
@@ -0,0 +1,270 @@
+/* packet-rmp.c
+ * Routines for HP remote management protocol
+ * Gilbert Ramirez <jochen@xxxxxxxx>
+ *
+ * $Id: $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@xxxxxxxxxxxx>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include "etypes.h"
+
+#include "packet-hpext.h"
+
+static dissector_handle_t data_handle;
+
+static int proto_rmp = -1;
+
+static int hf_rmp_type = -1;
+static int hf_rmp_retcode = -1;
+static int hf_rmp_seqnum = -1;
+static int hf_rmp_sessionid = -1;
+static int hf_rmp_version = -1;
+static int hf_rmp_machtype = -1;
+static int hf_rmp_filename = -1;
+static int hf_rmp_offset = -1;
+static int hf_rmp_size = -1;
+
+static gint ett_rmp = -1;
+
+/*
+ *  Possible values for "rmp_type" fields.
+ */
+
+#define RMP_BOOT_REQ    1       /* boot request packet */
+#define RMP_BOOT_REPL   129     /* boot reply packet */
+#define RMP_READ_REQ    2       /* read request packet */
+#define RMP_READ_REPL   130     /* read reply packet */
+#define RMP_BOOT_DONE   3       /* boot complete packet */
+
+/*
+ *  RMP error codes
+ */
+
+#define RMP_E_OKAY      0
+#define RMP_E_EOF       2       /* read reply: returned end of file */
+#define RMP_E_ABORT     3       /* abort operation */
+#define RMP_E_BUSY      4       /* boot reply: server busy */
+#define RMP_E_TIMEOUT   5       /* lengthen time out (not implemented) */
+#define RMP_E_NOFILE    16      /* boot reply: file does not exist */
+#define RMP_E_OPENFILE  17      /* boot reply: file open failed */
+#define RMP_E_NODFLT    18      /* boot reply: default file does not exist */
+#define RMP_E_OPENDFLT  19      /* boot reply: default file open failed */
+#define RMP_E_BADSID    25      /* read reply: bad session ID */
+#define RMP_E_BADPACKET 27      /* Bad packet detected */
+
+const value_string rmp_type_vals[] = {
+	{ RMP_BOOT_REQ,       "Boot Request" },
+	{ RMP_BOOT_REPL,      "Boot Reply" },
+	{ RMP_READ_REQ,       "Read Request" },
+	{ RMP_READ_REPL,      "Read Reply" },
+	{ RMP_BOOT_DONE,      "Boot Done" },
+	{ 0x00,               NULL }
+};
+
+const value_string rmp_error_vals[] = {
+	{ RMP_E_OKAY,         "OK" },
+	{ RMP_E_EOF,          "End Of File" },
+	{ RMP_E_ABORT,        "Abort Operation" },
+	{ RMP_E_BUSY,         "Server Busy" },
+	{ RMP_E_TIMEOUT,      "Lengthen Time Out" },
+	{ RMP_E_NOFILE,       "File Does Not Exist" },
+	{ RMP_E_OPENFILE,     "File Open Failed" },
+	{ RMP_E_NODFLT,       "Default File Does Not Exist" },
+	{ RMP_E_OPENDFLT,     "Default File Open Failed" },
+	{ RMP_E_BADSID,       "Bad Session Id" },
+	{ RMP_E_OPENDFLT,     "Bad Packet Detected" },
+	{ 0x00,               NULL }
+};
+
+static void
+dissect_rmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+{
+	proto_tree	*rmp_tree = NULL;
+	proto_item	*ti = NULL;
+	guint8		type, len;
+
+	if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
+		col_set_str(pinfo->cinfo, COL_PROTOCOL, "RMP");
+	}
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_clear(pinfo->cinfo, COL_INFO);
+	}
+
+	type = tvb_get_guint8(tvb, 0);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_set_str(pinfo->cinfo, COL_INFO,
+		    val_to_str(type, rmp_type_vals, "Unknown Type"));
+	}
+
+	if (tree) {
+		ti = proto_tree_add_item(tree, proto_rmp, tvb, 0, -1, FALSE);
+		rmp_tree = proto_item_add_subtree(ti, ett_rmp);
+		proto_tree_add_uint(rmp_tree, hf_rmp_type, tvb, 0, 1, type);
+
+		switch (type) {
+			case RMP_BOOT_REQ:
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_retcode, tvb, 1, 1, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_seqnum, tvb, 2, 4, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_sessionid, tvb, 6, 2, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_version, tvb, 8, 2, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_machtype, tvb, 10, 20, FALSE);
+				/* The remaining fields are optional */
+				if(!tvb_offset_exists(tvb, 30))
+					return;
+				len = tvb_get_guint8(tvb, 30);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_filename, tvb, 30, 1, FALSE);
+				if(tvb_offset_exists(tvb, len+31))
+					call_dissector(data_handle,
+					    tvb_new_subset(tvb, len+31, -1, -1),
+					    pinfo, tree);
+				break;
+
+			case RMP_BOOT_REPL:
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_retcode, tvb, 1, 1, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_seqnum, tvb, 2, 4, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_sessionid, tvb, 6, 2, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_version, tvb, 8, 2, FALSE);
+				len = tvb_get_guint8(tvb, 10);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_filename, tvb, 10, 1, FALSE);
+				if(tvb_offset_exists(tvb, len+11))
+					call_dissector(data_handle,
+					    tvb_new_subset(tvb, len+11, -1, -1),
+					    pinfo, tree);
+				break;
+
+			case RMP_READ_REQ:
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_retcode, tvb, 1, 1, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_offset, tvb, 2, 4, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_sessionid, tvb, 6, 2, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_size, tvb, 8, 2, FALSE);
+				if(tvb_offset_exists(tvb, 10))
+					call_dissector(data_handle,
+					    tvb_new_subset(tvb, 10, -1, -1),
+					    pinfo, tree);
+				break;
+
+			case RMP_READ_REPL:
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_retcode, tvb, 1, 1, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_offset, tvb, 2, 4, FALSE);
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_sessionid, tvb, 6, 2, FALSE);
+				call_dissector(data_handle, tvb_new_subset(tvb,
+				    8, -1, -1), pinfo, rmp_tree);
+				break;
+
+			case RMP_BOOT_DONE:
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_retcode, tvb, 1, 1, FALSE);
+				proto_tree_add_text(rmp_tree, 
+				    tvb, 2, 4, "Reserved");
+				proto_tree_add_item(rmp_tree, 
+				    hf_rmp_sessionid, tvb, 6, 2, FALSE);
+				if(tvb_offset_exists(tvb, 8))
+					call_dissector(data_handle,
+					    tvb_new_subset(tvb, 6, -1, -1),
+					    pinfo, tree);
+				break;
+			default:
+				call_dissector(data_handle, tvb_new_subset(tvb,
+				    1, -1, -1), pinfo, tree);
+		}
+	}
+}
+
+void
+proto_register_rmp(void)
+{
+	static hf_register_info hf[] = {
+		{ &hf_rmp_type,
+		{ "Type", "rmp.type", FT_UINT8, BASE_HEX,
+			VALS(rmp_type_vals), 0x0, "", HFILL }},
+		{ &hf_rmp_retcode,
+		{ "Returncode", "rmp.retcode", FT_UINT8, BASE_HEX,
+			VALS(rmp_error_vals), 0x0, "", HFILL }},
+		{ &hf_rmp_seqnum,
+		{ "Sequence Number", "rmp.seqnum", FT_UINT32, BASE_HEX,
+			NULL, 0x0, "", HFILL }},
+		{ &hf_rmp_sessionid,
+		{ "Session ID", "rmp.sessionid", FT_UINT16, BASE_HEX,
+			NULL, 0x0, "", HFILL }},
+		{ &hf_rmp_version,
+		{ "Version", "rmp.version", FT_UINT16, BASE_DEC,
+			NULL, 0x0, "", HFILL }},
+		{ &hf_rmp_machtype,
+		{ "Machine Type", "rmp.machtype", FT_BYTES, BASE_HEX,
+			NULL, 0x0, "", HFILL }},
+		{ &hf_rmp_filename,
+		{ "Filename", "rmp.filename", FT_UINT_STRING, BASE_DEC,
+			NULL, 0x0, "", HFILL }},
+		{ &hf_rmp_offset,
+		{ "Offset", "rmp.offset", FT_UINT32, BASE_HEX,
+			NULL, 0x0, "", HFILL }},
+		{ &hf_rmp_size,
+		{ "Size", "rmp.size", FT_UINT16, BASE_DEC,
+			NULL, 0x0, "", HFILL }},
+	};
+	static gint *ett[] = {
+		&ett_rmp,
+	};
+
+	proto_rmp = proto_register_protocol(
+	    "HP Remote Management Protocol", "RMP", "rmp");
+	proto_register_field_array(proto_rmp, hf, array_length(hf));
+	proto_register_subtree_array(ett, array_length(ett));
+
+	register_dissector("rmp", dissect_rmp, proto_rmp);
+}
+
+void
+proto_reg_handoff_rmp(void)
+{
+	dissector_handle_t rmp_handle;
+
+	data_handle = find_dissector("data");
+
+	rmp_handle = find_dissector("rmp");
+	dissector_add("hpext.dxsap", HPEXT_DXSAP, rmp_handle);
+	dissector_add("hpext.dxsap", HPEXT_SXSAP, rmp_handle);
+}

Attachment: hpext.cap.gz
Description: Binary data