Ethereal-dev: [Ethereal-dev] New dissector for Realtek layer 2 protocols
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: kroni@xxxxxxxx
Date: Sun, 5 Sep 2004 23:55:20 +0200
Hi,
New dissector for Realtek layer 2 protocols. Supports RRCP (Realtek Remote
Control Protocol), REP (Realtek Echo Protocol) and RLDP (Realtek Loop
Detection Protocol.) Currently dumps register address/data in RRCP GET/SET
frames simply as hex-values. Support for interpreting these fields in a more
sophisticated way will be added in the next few weeks.
Added definition of ETHERTYPE_REALTEK (0x8899) to etypes.h and
epan/dissectors/packet-ethertype.c
Cheers
HK.
/* packet-realtek.c
* Routines for Realtek layer 2 protocols dissection
* Copyright 2004, Horst Kronstorfer <hkronsto@xxxxxxxxxxxxxx>
*
* $Id$
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@xxxxxxxxxxxx>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include <string.h>
#include <epan/packet.h>
#include <etypes.h>
/* Protocol numbers that are defined for the Realtek ethertype (0x8899) */
enum {
REALTEK_PROTO_RRCP = 1 /* Remote control protocol */
,REALTEK_PROTO_REP /* Echo protocol */
,REALTEK_PROTO_RLDP /* Loop detection protocol */
#define REALTEK_PROTO_COUNT 3
};
#define REALTEK_PROTO_FIELD_OFFSET 0
#define REALTEK_PROTO_FIELD_LENGTH 1
static const value_string realtek_protocol_names[] = {
{REALTEK_PROTO_RRCP, "RRCP"},
{REALTEK_PROTO_REP, "REP"},
{REALTEK_PROTO_RLDP, "RLDP"},
{0, NULL}
};
static const value_string realtek_protocol_long_names[] = {
{REALTEK_PROTO_RRCP, "Realtek Remote Control Protocol"},
{REALTEK_PROTO_REP, "Realtek Echo Protocol"},
{REALTEK_PROTO_RLDP, "Realtek Loop Detection Protocol"},
{0, NULL}
};
enum {
RRCP_OPCODE_HELLO = 0
,RRCP_OPCODE_GET
,RRCP_OPCODE_SET
#define RRCP_OPCODE_COUNT 3
#define RRCP_OPCODE_FIRST RRCP_OPCODE_HELLO
#define RRCP_OPCODE_LAST RRCP_OPCODE_SET
};
/* HELLO, HELLO_REPLY, GET, GET_REPLY, SET */
#define RRCP_OPCODE_FIELD_OFFSET 1
#define RRCP_OPCODE_FIELD_LENGTH 1
#define RRCP_REPLY_FIELD_OFFSET RRCP_OPCODE_FIELD_OFFSET
#define RRCP_REPLY_FIELD_LENGTH RRCP_OPCODE_FIELD_LENGTH
#define RRCP_REPLY_MASK 0x80
#define RRCP_REPLY_BIT_POS 7
#define RRCP_OPCODE_MASK 0x7f
#define RRCP_AUTHKEY_FIELD_OFFSET 2
#define RRCP_AUTHKEY_FIELD_LENGTH 2
/* GET, GET_REPLY, SET */
#define RRCP_REGADDR_FIELD_OFFSET 4
#define RRCP_REGADDR_FIELD_LENGTH 2
/* GET_REPLY, SET */
#define RRCP_REGDATA_FIELD_OFFSET 6
#define RRCP_REGDATA_FIELD_LENGTH 2
/* HELLO_REPLY */
#define RRCP_DLPORT_FIELD_OFFSET 4
#define RRCP_DLPORT_FIELD_LENGTH 1
#define RRCP_ULPORT_FIELD_OFFSET 5
#define RRCP_ULPORT_FIELD_LENGTH 1
#define RRCP_ULMAC_FIELD_OFFSET 6
#define RRCP_ULMAC_FIELD_LENGTH 6
#define RRCP_CHIPID_FIELD_OFFSET 12
#define RRCP_CHIPID_FIELD_LENGTH 2
#define RRCP_VENDID_FIELD_OFFSET 14
#define RRCP_VENDID_FIELD_LENGTH 4
#define RRCP_HELLO_PACKET_LENGTH 4
#define RRCP_HELLO_REPLY_PACKET_LENGTH 18
#define RRCP_GET_SET_PACKET_LENGTH 8
static const value_string rrcp_opcode_names[] = {
{RRCP_OPCODE_HELLO, "Hello"},
{RRCP_OPCODE_GET, "Get"},
{RRCP_OPCODE_SET, "Set"},
{0, NULL}
};
static int proto_realtek = -1;
static int hf_realtek_protocol = -1;
static int hf_realtek_reply = -1;
static int hf_realtek_opcode = -1;
static int hf_realtek_authkey = -1;
static int hf_realtek_regaddr = -1;
static int hf_realtek_regdata = -1;
static int hf_realtek_hello_reply_dl_port = -1;
static int hf_realtek_hello_reply_ul_port = -1;
static int hf_realtek_hello_reply_ul_mac = -1;
static int hf_realtek_hello_reply_chip_id = -1;
static int hf_realtek_hello_reply_vendor_id = -1;
static int ett_realtek = -1;
static const guint8 ether_mac_bcast[] = {
0xff, 0xff, 0xff, 0xff, 0xff, 0xff
};
/* Code to actually dissect the Realtek protocols */
static void
dissect_realtek(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_item *ti;
proto_tree *realtek_tree;
gint len = REALTEK_PROTO_FIELD_LENGTH; /* Preset */
const guint8 proto = tvb_get_guint8(tvb, 0);
guint8 bcast = 0, opcode = 0, reply = 0;
const char *tname;
if (check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL, "Realtek");
if (check_col(pinfo->cinfo, COL_INFO))
col_clear(pinfo->cinfo, COL_INFO);
switch (proto) {
case REALTEK_PROTO_RRCP:
opcode = tvb_get_guint8(tvb, RRCP_OPCODE_FIELD_OFFSET) &
RRCP_OPCODE_MASK;
reply = tvb_get_guint8(tvb, RRCP_REPLY_FIELD_OFFSET) >>
RRCP_REPLY_BIT_POS;
if (check_col(pinfo->cinfo, COL_INFO))
col_add_fstr(pinfo->cinfo, COL_INFO, "%s Re%s",
(opcode <= RRCP_OPCODE_LAST) ?
rrcp_opcode_names[opcode].strptr : "*UNKOWN*",
(reply) ? "ply" : "quest");
if (RRCP_OPCODE_HELLO == opcode) {
if (reply)
len = RRCP_HELLO_REPLY_PACKET_LENGTH;
else
len = RRCP_HELLO_PACKET_LENGTH;
} else if ((RRCP_OPCODE_GET == opcode) ||
(RRCP_OPCODE_SET == opcode)) {
len = RRCP_GET_SET_PACKET_LENGTH;
}
break;
case REALTEK_PROTO_REP:
if (check_col(pinfo->cinfo, COL_INFO)) {
bcast = (memcmp(pinfo->dst.data, ether_mac_bcast, 6) == 0) ? 1 : 0;
col_add_fstr(pinfo->cinfo, COL_INFO,
"Echo Re%s", (bcast) ? "quest" : "ply");
}
break;
case REALTEK_PROTO_RLDP:
if (check_col(pinfo->cinfo, COL_INFO))
col_set_str(pinfo->cinfo, COL_INFO, "Network Loop Detection");
break;
default:
if (check_col(pinfo->cinfo, COL_INFO))
col_add_fstr(pinfo->cinfo, COL_INFO, "*UNKNOWN* Protocol (0x%02x)",
proto);
break;
}
/* Let 'packet-eth' provide trailer/pad-bytes info */
tvb_set_reported_length(tvb, len);
if (tree) {
if ((tname = match_strval(proto, realtek_protocol_long_names)))
ti = proto_tree_add_protocol_format(tree, proto_realtek, tvb, 0, len,
"%s", tname);
else
ti = proto_tree_add_protocol_format(tree, proto_realtek, tvb, 0, len,
"Realtek *UNKNOWN* protocol (0x%02x)", proto);
realtek_tree = proto_item_add_subtree(ti, ett_realtek);
proto_tree_add_item(realtek_tree, hf_realtek_protocol, tvb,
REALTEK_PROTO_FIELD_OFFSET, REALTEK_PROTO_FIELD_LENGTH, FALSE);
if (REALTEK_PROTO_RRCP == proto) {
proto_tree_add_item(realtek_tree, hf_realtek_reply, tvb,
RRCP_REPLY_FIELD_OFFSET, RRCP_REPLY_FIELD_LENGTH, FALSE);
proto_tree_add_item(realtek_tree, hf_realtek_opcode, tvb,
RRCP_OPCODE_FIELD_OFFSET, RRCP_OPCODE_FIELD_LENGTH, FALSE);
proto_tree_add_item(realtek_tree, hf_realtek_authkey, tvb,
RRCP_AUTHKEY_FIELD_OFFSET, RRCP_AUTHKEY_FIELD_LENGTH, FALSE);
if ((RRCP_OPCODE_GET == opcode) ||
(RRCP_OPCODE_SET == opcode)) {
proto_tree_add_item(realtek_tree, hf_realtek_regaddr, tvb,
RRCP_REGADDR_FIELD_OFFSET, RRCP_REGADDR_FIELD_LENGTH, FALSE);
proto_tree_add_item(realtek_tree, hf_realtek_regdata, tvb,
RRCP_REGDATA_FIELD_OFFSET, RRCP_REGDATA_FIELD_LENGTH, FALSE);
}
else if (reply && (RRCP_OPCODE_HELLO == opcode)) {
proto_tree_add_item(realtek_tree, hf_realtek_hello_reply_dl_port,
tvb, RRCP_DLPORT_FIELD_OFFSET, RRCP_DLPORT_FIELD_LENGTH, FALSE);
proto_tree_add_item(realtek_tree, hf_realtek_hello_reply_ul_port,
tvb, RRCP_ULPORT_FIELD_OFFSET, RRCP_ULPORT_FIELD_LENGTH, FALSE);
proto_tree_add_item(realtek_tree, hf_realtek_hello_reply_ul_mac,
tvb, RRCP_ULMAC_FIELD_OFFSET, RRCP_ULMAC_FIELD_LENGTH, FALSE);
proto_tree_add_item(realtek_tree, hf_realtek_hello_reply_chip_id,
tvb, RRCP_CHIPID_FIELD_OFFSET, RRCP_CHIPID_FIELD_LENGTH, FALSE);
proto_tree_add_item(realtek_tree, hf_realtek_hello_reply_vendor_id,
tvb, RRCP_VENDID_FIELD_OFFSET, RRCP_VENDID_FIELD_LENGTH, FALSE);
}
}
}
}
/* Register the protocol with Ethereal */
void
proto_register_realtek(void)
{
static hf_register_info hf[] = {
{ &hf_realtek_protocol, {
"Protocol type", "realtek.protocol", FT_UINT8, BASE_HEX,
VALS(realtek_protocol_names), 0 ,"Realtek protocol type", HFILL }},
{ &hf_realtek_reply, {
"Reply", "realtek.rrcp.reply", FT_BOOLEAN, 8,
NULL, RRCP_REPLY_MASK, "RRCP reply flag", HFILL}},
{ &hf_realtek_opcode, {
"Opcode", "realtek.rrcp.opcode", FT_UINT8, BASE_HEX,
VALS(rrcp_opcode_names), RRCP_OPCODE_MASK, "RRCP operation code",
HFILL }},
{ &hf_realtek_authkey, {
"Authentication key", "realtek.rrcp.authkey", FT_UINT16, BASE_HEX,
NULL, 0, "RRCP authentication key", HFILL }},
{ &hf_realtek_regaddr, {
"Register address", "realtek.rrcp.regaddr", FT_UINT16, BASE_HEX,
NULL, 0, "RRCP register address", HFILL }},
{ &hf_realtek_regdata, {
"Register data", "realtek.rrcp.regdata", FT_UINT16, BASE_HEX,
NULL, 0, "RRCP register data", HFILL }},
{ &hf_realtek_hello_reply_dl_port, {
"Downlink port number", "realtek.rrcp.hello_reply.downlink_port",
FT_UINT8, BASE_DEC, NULL, 0, "RRCP hello reply downlink port", HFILL }},
{ &hf_realtek_hello_reply_ul_port, {
"Uplink port number", "realtek.rrcp.hello_reply.uplink_port", FT_UINT8,
BASE_DEC, NULL, 0, "RRCP hello reply uplink port", HFILL }},
{ &hf_realtek_hello_reply_ul_mac, {
"Uplink MAC address", "realtek.rrcp.hello_reply.uplink_mac", FT_ETHER,
BASE_HEX, NULL, 0, "RRCP hello reply uplink MAC address", HFILL }},
{ &hf_realtek_hello_reply_chip_id, {
"Chip ID", "realtek.rrcp.hello_reply.chip_id", FT_UINT16,
BASE_HEX, NULL, 0, "RRCP hello reply chip ID", HFILL }},
{ &hf_realtek_hello_reply_vendor_id, {
"Vendor ID", "realtek.rrcp.hello_reply.vendor_id", FT_UINT32, BASE_HEX,
NULL, 0, "RRCP hello reply vendor ID", HFILL }}
};
static gint *ett[] = { &ett_realtek, };
proto_realtek = proto_register_protocol("Realtek Layer 2 Protocols",
"Realtek", "realtek");
proto_register_field_array(proto_realtek, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
}
/* Sub-dissector registration */
void
proto_reg_handoff_realtek(void)
{
dissector_handle_t realtek_handle;
realtek_handle = create_dissector_handle(dissect_realtek, proto_realtek);
dissector_add("ethertype", ETHERTYPE_REALTEK, realtek_handle);
}
diff -urN ethereal-0.10.6.orig/etypes.h ethereal-0.10.6/etypes.h
--- ethereal-0.10.6.orig/etypes.h 2004-08-13 00:41:49.000000000 +0200
+++ ethereal-0.10.6/etypes.h 2004-09-05 23:27:27.765428440 +0200
@@ -241,6 +241,11 @@
#define ETHERTYPE_FCFT 0xFCFC
#endif
+#ifndef ETHERTYPE_REALTEK
+/* Realtek Layer 2 Protocols */
+#define ETHERTYPE_REALTEK 0x8899
+#endif
+
extern const value_string etype_vals[];
#endif /* etypes.h */
diff -urN ethereal-0.10.6.orig/epan/dissectors/packet-ethertype.c ethereal-0.10.6/epan/dissectors/packet-ethertype.c
--- ethereal-0.10.6.orig/epan/dissectors/packet-ethertype.c 2004-08-13 00:41:59.000000000 +0200
+++ ethereal-0.10.6/epan/dissectors/packet-ethertype.c 2004-09-05 23:25:34.003722848 +0200
@@ -89,6 +89,7 @@
{ETHERTYPE_RTNET, "RTNET Protocol" },
{ETHERTYPE_RTCFG, "RTCFG Protocol" },
{ETHERTYPE_PROFINET, "PROFInet" },
+ {ETHERTYPE_REALTEK, "Realtek Protocols" },
/*
* NDISWAN on Windows translates Ethernet frames from higher-level
- Prev by Date: Re: [Ethereal-dev] Bug report: crash in packet-dcerpc-ndr.c
- Next by Date: Re: [Ethereal-dev] Bug report: crash in packet-dcerpc-ndr.c
- Previous by thread: [Ethereal-dev] Running Tethereal forever (bis)
- Next by thread: RE: [Ethereal-dev] Proposed change in the communication with the spawned capture process for Win32
- Index(es):
- Get Wireshark
- Download
- Code of Conduct