Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] PATCH: Update LANforge protocol dissector.

From: Ben Greear <greearb@xxxxxxxxxxxxxxx>
Date: Wed, 06 Jan 2010 17:09:05 -0800
I changed our LANforge protocol slightly..stealing 1 byte from the 'pattern' field
to support larger payload-length.

Attached is a patch against the latest wireshark svn to let wireshark decode this
properly.

Thanks,
Ben

--
Ben Greear <greearb@xxxxxxxxxxxxxxx>
Candela Technologies Inc  http://www.candelatech.com

Index: epan/dissectors/packet-lanforge.c
===================================================================
--- epan/dissectors/packet-lanforge.c	(revision 31458)
+++ epan/dissectors/packet-lanforge.c	(working copy)
@@ -56,6 +56,8 @@
 static int hf_lanforge_magic = -1;
 static int hf_lanforge_src_session = -1;
 static int hf_lanforge_dst_session = -1;
+static int hf_lanforge_pld_len_l = -1;
+static int hf_lanforge_pld_len_h = -1;
 static int hf_lanforge_pld_len = -1;
 static int hf_lanforge_pld_pattern = -1;
 static int hf_lanforge_seq = -1;
@@ -78,6 +80,8 @@
     guint32 offset = 0;
     nstime_t tstamp;
     guint32 tss;
+    guint32 tmpi;
+    guint32 pld_len = 0;
 
     /* check for min size */
     if(tvb_length(tvb) < 28) { 	/* Not a LANforge packet. */
@@ -119,12 +123,22 @@
 	proto_tree_add_item(lanforge_tree, hf_lanforge_dst_session, tvb, offset, 2, FALSE);
 	offset+=2;
 
-        proto_tree_add_item(lanforge_tree, hf_lanforge_pld_len, tvb, offset, 2, FALSE);
+        pld_len = tvb_get_ntohs(tvb, offset);
+        tmp = proto_tree_add_item(lanforge_tree, hf_lanforge_pld_len_l, tvb, offset, 2, FALSE);
+        PROTO_ITEM_SET_GENERATED(tmp);
         offset+=2;
 
-        proto_tree_add_item(lanforge_tree, hf_lanforge_pld_pattern, tvb, offset, 2, FALSE);
-        offset+=2;
+        tmpi = tvb_get_guint8(tvb, offset);
+        tmp = proto_tree_add_item(lanforge_tree, hf_lanforge_pld_len_h, tvb, offset, 1, FALSE);
+        PROTO_ITEM_SET_GENERATED(tmp);
+        offset+=1;
+        pld_len |= (tmpi << 16);
 
+        proto_tree_add_uint(lanforge_tree, hf_lanforge_pld_len, tvb, offset-3, 3, pld_len);
+
+        proto_tree_add_item(lanforge_tree, hf_lanforge_pld_pattern, tvb, offset, 1, FALSE);
+        offset+=1;
+
         proto_tree_add_item(lanforge_tree, hf_lanforge_seq, tvb, offset, 4, FALSE);
 	offset+=4;
 
@@ -196,14 +210,30 @@
 	  }
 	},
         
-	{ &hf_lanforge_pld_len,
+	{ &hf_lanforge_pld_len_l,
 	  { 
-	      "Payload Length", "LANforge.pld-length", 
+	      "Payload Length(L)", "LANforge.pld-len-L", 
 	      FT_UINT16, BASE_DEC, NULL, 0x0, 
-	      "The LANforge payload length", HFILL
+	      "The LANforge payload length (low bytes)", HFILL
 	  }
 	},
 
+        { &hf_lanforge_pld_len_h,
+          {
+              "Payload Length(H)", "LANforge.pld-len-H",
+              FT_UINT8, BASE_DEC, NULL, 0x0,
+              "The LANforge payload length (high byte)", HFILL
+          }
+        },
+
+        { &hf_lanforge_pld_len,
+          {
+              "Payload Length", "LANforge.pld-length",
+              FT_UINT32, BASE_DEC, NULL, 0x0,
+              "The LANforge payload length", HFILL
+          }
+        },
+
         { &hf_lanforge_pld_pattern,
 	  { 
 	      "Payload Pattern", "LANforge.pld-pattern",