本文整理汇总了C++中check_col函数的典型用法代码示例。如果您正苦于以下问题:C++ check_col函数的具体用法?C++ check_col怎么用?C++ check_col使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了check_col函数的19个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: dissect_pflog
static void
dissect_pflog(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
#define MAX_RULE_STR 128
struct pfloghdr pflogh;
static char rulestr[MAX_RULE_STR];
tvbuff_t *next_tvb;
proto_tree *pflog_tree;
proto_item *ti;
int hdrlen;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "PFLOG");
/* Copy out the pflog header to insure alignment */
tvb_memcpy(tvb, (guint8 *)&pflogh, 0, sizeof(pflogh));
/* Byteswap the header now */
pflogh.rulenr = g_ntohl(pflogh.rulenr);
pflogh.subrulenr = g_ntohl(pflogh.subrulenr);
hdrlen = BPF_WORDALIGN(pflogh.length);
if (pflogh.subrulenr == (guint32) -1)
g_snprintf(rulestr, sizeof(rulestr), "%u",
pflogh.rulenr);
else
g_snprintf(rulestr, sizeof(rulestr), "%u.%s.%u",
pflogh.rulenr, pflogh.ruleset, pflogh.subrulenr);
if (hdrlen < MIN_PFLOG_HDRLEN) {
if (tree) {
ti = proto_tree_add_protocol_format(tree, proto_pflog, tvb, 0,
hdrlen, "PF Log invalid header length (%u)", hdrlen);
}
if (check_col(pinfo->cinfo, COL_INFO)) {
col_prepend_fstr(pinfo->cinfo, COL_INFO, "Invalid header length %u",
hdrlen);
}
return;
}
if (tree) {
ti = proto_tree_add_protocol_format(tree, proto_pflog, tvb, 0,
hdrlen,
"PF Log %s %s on %s by rule %s",
val_to_str(pflogh.af, af_vals, "unknown (%u)"),
val_to_str(pflogh.action, action_vals, "unknown (%u)"),
pflogh.ifname,
rulestr);
pflog_tree = proto_item_add_subtree(ti, ett_pflog);
proto_tree_add_uint(pflog_tree, hf_pflog_length, tvb,
offsetof(struct pfloghdr, length), sizeof(pflogh.length),
pflogh.length);
proto_tree_add_uint(pflog_tree, hf_pflog_af, tvb,
offsetof(struct pfloghdr, af), sizeof(pflogh.af),
pflogh.af);
proto_tree_add_uint(pflog_tree, hf_pflog_action, tvb,
offsetof(struct pfloghdr, action), sizeof(pflogh.action),
pflogh.action);
proto_tree_add_uint(pflog_tree, hf_pflog_reason, tvb,
offsetof(struct pfloghdr, reason), sizeof(pflogh.reason),
pflogh.reason);
proto_tree_add_string(pflog_tree, hf_pflog_ifname, tvb,
offsetof(struct pfloghdr, ifname), sizeof(pflogh.ifname),
pflogh.ifname);
proto_tree_add_string(pflog_tree, hf_pflog_ruleset, tvb,
offsetof(struct pfloghdr, ruleset), sizeof(pflogh.ruleset),
pflogh.ruleset);
proto_tree_add_int(pflog_tree, hf_pflog_rulenr, tvb,
offsetof(struct pfloghdr, rulenr), sizeof(pflogh.rulenr),
pflogh.rulenr);
proto_tree_add_int(pflog_tree, hf_pflog_subrulenr, tvb,
offsetof(struct pfloghdr, subrulenr), sizeof(pflogh.subrulenr),
pflogh.subrulenr);
proto_tree_add_uint(pflog_tree, hf_pflog_dir, tvb,
offsetof(struct pfloghdr, dir), sizeof(pflogh.dir),
pflogh.dir);
}
/* Set the tvbuff for the payload after the header */
next_tvb = tvb_new_subset_remaining(tvb, hdrlen);
switch (pflogh.af) {
case BSD_PF_INET:
call_dissector(ip_handle, next_tvb, pinfo, tree);
break;
case BSD_PF_INET6:
call_dissector(ipv6_handle, next_tvb, pinfo, tree);
break;
default:
call_dissector(data_handle, next_tvb, pinfo, tree);
break;
}
if (check_col(pinfo->cinfo, COL_INFO)) {
col_prepend_fstr(pinfo->cinfo, COL_INFO, "[%s %s/%s] ",
//.........这里部分代码省略.........
开发者ID:RazZziel,项目名称:wireshark-dplay,代码行数:101,代码来源:packet-pflog.c
示例2: dissect_tr
static void
dissect_tr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree *tr_tree, *bf_tree;
proto_item *ti, *hidden_item;
guint8 rcf1, rcf2;
tvbuff_t *next_tvb;
volatile int frame_type;
volatile int fixoffset = 0;
volatile int source_routed = 0;
volatile guint8 trn_rif_bytes;
volatile guint8 actual_rif_bytes;
volatile guint8 c1_nonsr;
volatile guint8 c2_nonsr;
volatile guint16 first2_sr;
tvbuff_t *volatile tr_tvb;
static tr_hdr trh_arr[4];
static int trh_current=0;
tr_hdr *volatile trh;
/* non-source-routed version of source addr */
static guint8 trn_shost_nonsr[6]; /* has to be static due to SET_ADDRESS */
int x;
/* Token-Ring Strings */
const char *fc[] = { "MAC", "LLC", "Reserved", "Unknown" };
trh_current++;
if(trh_current==4){
trh_current=0;
}
trh=&trh_arr[trh_current];
col_set_str(pinfo->cinfo, COL_PROTOCOL, "TR");
if (fix_linux_botches)
x = check_for_old_linux_tvb((tvbuff_t*) tvb);
else
x = 0;
if (x != 0) {
/* Actually packet starts x bytes into what we have got but with all
source routing compressed. See comment above */
tr_tvb = tvb_new_subset_remaining((tvbuff_t*) tvb, x);
}
else {
tr_tvb = tvb;
}
/* Get the data */
trh->fc = tvb_get_guint8(tr_tvb, 1);
SET_ADDRESS(&trh->src, AT_ETHER, 6, tvb_get_ptr(tr_tvb, 8, 6));
SET_ADDRESS(&trh->dst, AT_ETHER, 6, tvb_get_ptr(tr_tvb, 2, 6));
/* if the high bit on the first byte of src hwaddr is 1, then
this packet is source-routed */
memcpy(trn_shost_nonsr, trh->src.data, 6);
source_routed = trn_shost_nonsr[0] & 128;
trn_shost_nonsr[0] &= 127;
frame_type = (trh->fc & 192) >> 6;
if (check_col(pinfo->cinfo, COL_INFO))
col_add_fstr(pinfo->cinfo, COL_INFO, "Token-Ring %s", fc[frame_type]);
trn_rif_bytes = tvb_get_guint8(tr_tvb, 14) & 31;
if (fix_linux_botches) {
/* the Linux 2.0 TR code strips source-route bits in
* order to test for SR. This can be removed from most
* packets with oltr, but not all. So, I try to figure out
* which packets should have been SR here. I'll check to
* see if there's a SNAP or IPX field right after
* my RIF fields.
*
* The Linux 2.4.18 code, at least appears to do the
* same thing, from a capture I got from somebody running
* 2.4.18 (RH 7.1, so perhaps this is a Red Hat
* "improvement").
*/
if (frame_type == 1 && !source_routed && trn_rif_bytes > 0) {
TRY {
c1_nonsr = tvb_get_guint8(tr_tvb, 14);
c2_nonsr = tvb_get_guint8(tr_tvb, 15);
if (c1_nonsr != c2_nonsr) {
first2_sr = tvb_get_ntohs(tr_tvb, trn_rif_bytes + 0x0e);
if ( ( first2_sr == 0xaaaa &&
tvb_get_guint8(tr_tvb, trn_rif_bytes + 0x10) == 0x03) ||
first2_sr == 0xe0e0 ||
first2_sr == 0xe0aa ) {
source_routed = 1;
}
//.........这里部分代码省略.........
开发者ID:dogphilly,项目名称:wireshark,代码行数:101,代码来源:packet-tr.c
示例3: dissect_sebek
/* dissect_sebek - dissects sebek packet data
* tvb - tvbuff for packet data (IN)
* pinfo - packet info
* proto_tree - resolved protocol tree
*/
static void
dissect_sebek(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree *sebek_tree;
proto_item *ti;
int offset = 0;
int datalen = 0;
nstime_t ts;
int sebek_ver = 0;
int sebek_type = 0;
int cmd_len = 0;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "SEBEK");
if (check_col(pinfo->cinfo, COL_INFO))
{
col_set_str(pinfo->cinfo, COL_INFO, "SEBEK - ");
if (tvb->length<6)
sebek_ver = 0;
else
sebek_ver = tvb_get_ntohs(tvb, 4);
switch (sebek_ver) {
case 2: col_append_fstr(pinfo->cinfo, COL_INFO, " pid(%d)", tvb_get_ntohl(tvb, 20));
col_append_fstr(pinfo->cinfo, COL_INFO, " uid(%d)", tvb_get_ntohl(tvb, 24));
col_append_fstr(pinfo->cinfo, COL_INFO, " fd(%d)", tvb_get_ntohl(tvb, 28));
col_append_fstr(pinfo->cinfo, COL_INFO, " cmd: %s", tvb_format_text(tvb, 32, 12));
break;
case 3: col_append_fstr(pinfo->cinfo, COL_INFO, " pid(%d)", tvb_get_ntohl(tvb, 24));
col_append_fstr(pinfo->cinfo, COL_INFO, " uid(%d)", tvb_get_ntohl(tvb, 28));
col_append_fstr(pinfo->cinfo, COL_INFO, " fd(%d)", tvb_get_ntohl(tvb, 32));
cmd_len = tvb_strnlen(tvb, 40, 12);
if (cmd_len<0)
cmd_len = 0;
col_append_fstr(pinfo->cinfo, COL_INFO, " cmd: %s", tvb_format_text(tvb, 40, cmd_len));
break;
default:
break;
}
}
if (tree) {
/* Adding Sebek item and subtree */
ti = proto_tree_add_item(tree, proto_sebek, tvb, 0, -1, FALSE);
sebek_tree = proto_item_add_subtree(ti, ett_sebek);
/* check for minimum length before deciding where to go*/
if (tvb->length<6)
sebek_ver = 0;
else
sebek_ver = tvb_get_ntohs(tvb, 4);
switch (sebek_ver) {
case 2: proto_tree_add_item(sebek_tree, hf_sebek_magic, tvb, offset, 4, FALSE);
offset += 4;
proto_tree_add_item(sebek_tree, hf_sebek_version, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(sebek_tree, hf_sebek_type, tvb, offset, 2, FALSE);
offset += 2;
proto_tree_add_item(sebek_tree, hf_sebek_counter, tvb, offset, 4, FALSE);
offset += 4;
ts.secs = tvb_get_ntohl(tvb, offset);
ts.nsecs = tvb_get_ntohl(tvb, offset+4);
proto_tree_add_time(sebek_tree, hf_sebek_time, tvb, offset, 8, &ts);
offset += 8;
proto_tree_add_item(sebek_tree, hf_sebek_pid, tvb, offset, 4, FALSE);
offset += 4;
proto_tree_add_item(sebek_tree, hf_sebek_uid, tvb, offset, 4, FALSE);
offset += 4;
proto_tree_add_item(sebek_tree, hf_sebek_fd, tvb, offset, 4, FALSE);
offset += 4;
proto_tree_add_item(sebek_tree, hf_sebek_cmd, tvb, offset, 12, FALSE);
offset += 12;
datalen = tvb_get_letohl(tvb, offset);
proto_tree_add_item(sebek_tree, hf_sebek_len, tvb, offset, 4, FALSE);
offset += 4;
proto_tree_add_item(sebek_tree, hf_sebek_data, tvb, offset, -1, FALSE);
break;
case 3: proto_tree_add_item(sebek_tree, hf_sebek_magic, tvb, offset, 4, FALSE);
offset += 4;
//.........这里部分代码省略.........
开发者ID:AkhilaAG,项目名称:gluster-wireshark-1.4,代码行数:101,代码来源:packet-sebek.c
示例4: state_machine_v5
static void
state_machine_v5( socks_hash_entry_t *hash_info, tvbuff_t *tvb,
int offset, packet_info *pinfo) {
/* Decode V5 protocol. This is done on the first pass through the */
/* list. Based upon the current state, decode the packet and determine */
/* what the next state should be. If we had per packet information, */
/* this would be the place to load them up. */
int temp;
if ( hash_info->state == None) {
col_append_str(pinfo->cinfo, COL_INFO, " Connect to server request");
hash_info->state = Connecting; /* change state */
hash_info->connect_row = get_packet_ptr;
temp = tvb_get_guint8(tvb, offset + 1);
/* skip past auth methods */
offset = hash_info->connect_offset = offset + 1 + temp;
}
else if ( hash_info->state == Connecting){
guint AuthMethod = tvb_get_guint8(tvb, offset + 1);
col_append_str(pinfo->cinfo, COL_INFO, " Connect to server response");
hash_info->auth_method_row = get_packet_ptr;
if ( AuthMethod == NO_AUTHENTICATION)
hash_info->state = V5Command;
else if ( AuthMethod == USER_NAME_AUTHENTICATION)
hash_info->state = UserNameAuth;
else if ( AuthMethod == GSS_API_AUTHENTICATION)
hash_info->state = GssApiAuth;
else hash_info->state = Done; /*Auth failed or error*/
}
else if ( hash_info->state == V5Command) { /* Handle V5 Command */
/** ?? guint temp; **/
hash_info->command = tvb_get_guint8(tvb, offset + 1); /* get command */
if (check_col(pinfo->cinfo, COL_INFO))
col_append_fstr(pinfo->cinfo, COL_INFO, " Command Request - %s",
get_command_name(hash_info->command));
hash_info->state = V5Reply;
hash_info->command_row = get_packet_ptr;
offset += 3; /* skip to address type */
offset = get_address_v5(tvb, offset, hash_info);
/** temp = tvb_get_guint8(tvb, offset); XX: what was this for ? **/
if (( hash_info->command == CONNECT_COMMAND) ||
( hash_info->command == UDP_ASSOCIATE_COMMAND))
/* get remote port */
hash_info->port = tvb_get_ntohs(tvb, offset);
}
else if ( hash_info->state == V5Reply) { /* V5 Command Reply */
if (check_col(pinfo->cinfo, COL_INFO))
col_append_fstr(pinfo->cinfo, COL_INFO, " Command Response - %s",
get_command_name(hash_info->command));
hash_info->cmd_reply_row = get_packet_ptr;
if (( hash_info->command == CONNECT_COMMAND) ||
(hash_info->command == PING_COMMAND) ||
(hash_info->command == TRACERT_COMMAND))
hash_info->state = Done;
else if ( hash_info->command == BIND_COMMAND)
hash_info->state = V5BindReply;
else if ( hash_info->command == UDP_ASSOCIATE_COMMAND){
offset += 3; /* skip to address type */
offset = get_address_v5(tvb, offset, hash_info);
/* save server udp port and create udp conversation */
hash_info->udp_port = tvb_get_ntohs(tvb, offset);
if (!pinfo->fd->flags.visited)
new_udp_conversation( hash_info, pinfo);
/*XXX may need else statement to handle unknowns and generate error message */
}
}
//.........这里部分代码省略.........
开发者ID:AkhilaAG,项目名称:gluster-wireshark-1.4,代码行数:101,代码来源:packet-socks.c
示例5: dissect_rs_pgo_query_key_t
static int
dissect_rs_pgo_query_key_t (tvbuff_t * tvb, int offset,
packet_info * pinfo, proto_tree * parent_tree,
guint8 * drep)
{
typedef enum
{
rs_pgo_query_name,
rs_pgo_query_id,
rs_pgo_query_unix_num,
rs_pgo_query_next,
rs_pgo_query_none
} rs_pgo_query_t;
/*
typedef union switch (rs_pgo_query_t query) tagged_union {
case rs_pgo_query_name:
sec_rgy_name_t name;
case rs_pgo_query_id:
rs_pgo_id_key_t id_key;
case rs_pgo_query_unix_num:
rs_pgo_unix_num_key_t unix_num_key;
case rs_pgo_query_next:
sec_rgy_name_t scope;
default:
; * empty branch of union *
} rs_pgo_query_key_t;
*/
proto_item *item = NULL;
proto_tree *tree = NULL;
int old_offset = offset;
dcerpc_info *di;
guint16 query_t;
di = pinfo->private_data;
if (di->conformant_run)
{
return offset;
}
if (parent_tree)
{
item =
proto_tree_add_text (parent_tree, tvb, offset, -1,
"rs_pgo_query_key_t ");
tree = proto_item_add_subtree (item, ett_rs_pgo_query_key_t);
}
offset =
dissect_ndr_uint16 (tvb, offset, pinfo, tree, drep, hf_rs_pgo_query_key_t,
&query_t);
col_append_str (pinfo->cinfo, COL_INFO, " rs_pgo_query_key_t:");
offset += 4;
switch (query_t)
{
case rs_pgo_query_name:
col_append_str (pinfo->cinfo, COL_INFO, "NAME");
offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
break;
case rs_pgo_query_id:
col_append_str (pinfo->cinfo, COL_INFO, "ID");
offset = dissect_rs_pgo_id_key_t (tvb, offset, pinfo, tree, drep);
break;
case rs_pgo_query_unix_num:
col_append_str (pinfo->cinfo, COL_INFO, "UNIX_NUM");
offset = dissect_rs_pgo_unix_num_key_t (tvb, offset, pinfo, tree, drep);
break;
case rs_pgo_query_next:
col_append_str (pinfo->cinfo, COL_INFO, "NEXT");
offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
break;
case rs_pgo_query_none:
col_append_str (pinfo->cinfo, COL_INFO, "NONE");
break;
default:
if (check_col (pinfo->cinfo, COL_INFO))
col_append_fstr (pinfo->cinfo, COL_INFO, " unknown:%u", query_t);
;
}
proto_item_set_len (item, offset - old_offset);
return offset;
}
开发者ID:giuliano108,项目名称:wireshark-rtpmon,代码行数:91,代码来源:packet-dcerpc-rs_pgo.c
示例6: dissect_sita
static void
dissect_sita(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_item *ti;
guchar flags, signals, errors1, errors2, proto;
gchar *errors1_string, *errors2_string, *signals_string, *flags_string;
proto_tree *sita_tree = NULL;
proto_tree *sita_flags_tree = NULL;
proto_tree *sita_errors1_tree = NULL;
proto_tree *sita_errors2_tree = NULL;
proto_tree *sita_signals_tree = NULL;
const gchar *rx_errors1_str[] = {"Framing", "Parity", "Collision", "Long-frame", "Short-frame", "", "", "" };
const gchar *rx_errors2_str[] = {"Non-Aligned", "Abort", "CD-lost", "DPLL", "Overrun", "Length", "CRC", "Break" };
/*const gchar *tx_errors1_str[] = {"", "", "", "", "", "", "", "" }; */
const gchar *tx_errors2_str[] = {"Underrun", "CTS-lost", "UART", "ReTx-limit", "", "", "", "" };
const gchar *signals_str[] = {"DSR", "DTR", "CTS", "RTS", "DCD", "", "", "" };
const gchar *flags_str[] = {"", "", "", "", "", "", "", "No-buffers" };
col_clear(pinfo->cinfo, COL_PROTOCOL); /* erase the protocol */
col_clear(pinfo->cinfo, COL_INFO); /* and info columns so that the next decoder can fill them in */
flags = pinfo->pseudo_header->sita.flags;
signals = pinfo->pseudo_header->sita.signals;
errors1 = pinfo->pseudo_header->sita.errors1;
errors2 = pinfo->pseudo_header->sita.errors2;
proto = pinfo->pseudo_header->sita.proto;
if (check_col(pinfo->cinfo, COL_DEF_SRC)) {
if ((flags & SITA_FRAME_DIR) == SITA_FRAME_DIR_TXED) {
col_set_str(pinfo->cinfo, COL_DEF_SRC, IOP); /* set the source (direction) column accordingly */
} else {
col_set_str(pinfo->cinfo, COL_DEF_SRC, REMOTE);
}
}
if (check_col(pinfo->cinfo, COL_INFO))
col_set_str(pinfo->cinfo, COL_INFO, "");
if (tree) {
ti = proto_tree_add_protocol_format(tree, proto_sita, tvb, 0, 0, "Link Layer");
sita_tree = proto_item_add_subtree(ti, ett_sita);
proto_tree_add_uint(sita_tree, hf_proto, tvb, 0, 0, proto);
flags_string = format_flags_string(flags, flags_str);
ti = proto_tree_add_text(sita_tree, tvb, 0, 0, "Flags: 0x%02x (From %s)%s%s",
flags,
((flags & SITA_FRAME_DIR) == SITA_FRAME_DIR_TXED) ? IOP : REMOTE,
strlen(flags_string) ? ", " : "",
flags_string);
sita_flags_tree = proto_item_add_subtree(ti, ett_sita_flags);
proto_tree_add_boolean(sita_flags_tree, hf_droppedframe, tvb, 0, 0, flags);
proto_tree_add_boolean(sita_flags_tree, hf_dir, tvb, 0, 0, flags);
signals_string = format_flags_string(signals, signals_str);
ti = proto_tree_add_text(sita_tree, tvb, 0, 0, "Signals: 0x%02x %s", signals, signals_string);
sita_signals_tree = proto_item_add_subtree(ti, ett_sita_signals);
proto_tree_add_boolean(sita_signals_tree, hf_dcd, tvb, 0, 0, signals);
proto_tree_add_boolean(sita_signals_tree, hf_rts, tvb, 0, 0, signals);
proto_tree_add_boolean(sita_signals_tree, hf_cts, tvb, 0, 0, signals);
proto_tree_add_boolean(sita_signals_tree, hf_dtr, tvb, 0, 0, signals);
proto_tree_add_boolean(sita_signals_tree, hf_dsr, tvb, 0, 0, signals);
if ((flags & SITA_FRAME_DIR) == SITA_FRAME_DIR_RXED) {
errors1_string = format_flags_string(errors1, rx_errors1_str);
ti = proto_tree_add_text(sita_tree, tvb, 0, 0, "Receive Status: 0x%02x %s", errors1, errors1_string);
sita_errors1_tree = proto_item_add_subtree(ti, ett_sita_errors1);
proto_tree_add_boolean(sita_errors1_tree, hf_shortframe, tvb, 0, 0, errors1);
proto_tree_add_boolean(sita_errors1_tree, hf_longframe, tvb, 0, 0, errors1);
proto_tree_add_boolean(sita_errors1_tree, hf_collision, tvb, 0, 0, errors1);
proto_tree_add_boolean(sita_errors1_tree, hf_parity, tvb, 0, 0, errors1);
proto_tree_add_boolean(sita_errors1_tree, hf_framing, tvb, 0, 0, errors1);
errors2_string = format_flags_string(errors2, rx_errors2_str);
ti = proto_tree_add_text(sita_tree, tvb, 0, 0, "Receive Status: 0x%02x %s", errors2, errors2_string);
sita_errors2_tree = proto_item_add_subtree(ti, ett_sita_errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_break, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_crc, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_length, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_overrun, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_rxdpll, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_lostcd, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_abort, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors2_tree, hf_nonaligned, tvb, 0, 0, errors2);
} else {
errors2_string = format_flags_string(errors2, tx_errors2_str);
ti = proto_tree_add_text(sita_tree, tvb, 0, 0, "Transmit Status: 0x%02x %s", errors2, errors2_string);
sita_errors1_tree = proto_item_add_subtree(ti, ett_sita_errors1);
proto_tree_add_boolean(sita_errors1_tree, hf_rtxlimit, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors1_tree, hf_uarterror, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors1_tree, hf_lostcts, tvb, 0, 0, errors2);
proto_tree_add_boolean(sita_errors1_tree, hf_underrun, tvb, 0, 0, errors2);
}
}
if (!dissector_try_port(sita_dissector_table, pinfo->pseudo_header->sita.proto, tvb, pinfo, tree)) { /* try to find and run an applicable dissector */
if (check_col(pinfo->cinfo, COL_PROTOCOL)) /* if one can't be found... tell them we don't */
col_set_str(pinfo->cinfo, COL_PROTOCOL, "UKNOWN"); /* know how to decode this protocol */
if (check_col(pinfo->cinfo, COL_INFO))
col_add_fstr(pinfo->cinfo, COL_INFO, "IOP protocol number: %u", pinfo->pseudo_header->sita.proto); /* and give them the details then */
//.........这里部分代码省略.........
开发者ID:flaub,项目名称:HotFuzz,代码行数:101,代码来源:packet-sita.c
示例7: dissect_rtmpt
//.........这里部分代码省略.........
else
{
/* must get the command type from the previous entries in the hash table */
/* try to use the current_chunk_data unless it is from a different frame */
if (NULL != current_chunk_data && NULL != initial_chunk_data)
{
/* we have precedent data (we should)*/
if (current_chunk_data->frame_modified != pinfo->fd->num)
{
iCommand = initial_chunk_data->data_type;
iLength = initial_chunk_data->length_remaining;
current_chunk_data->frame_modified = pinfo->fd->num;
current_chunk_data->data_type = iCommand;
current_chunk_data->last_length = iLength;
current_chunk_data->dechunk_buffer = initial_chunk_data->dechunk_buffer;
}
else
{
iCommand = current_chunk_data->data_type;
iLength = current_chunk_data->length_remaining;
}
if (iLength > conversation_data->current_chunk_size)
{
iLength = conversation_data->current_chunk_size;
}
}
}
}
iHeaderLength = rtmpt_header_length_from_type(iHeaderType);
if (check_col(pinfo->cinfo, COL_INFO))
{
col_append_sep_fstr(pinfo->cinfo, COL_INFO, " | ", "%s", val_to_str(iCommand, rtmpt_opcode_vals, "Unknown (0x%01x)"));
col_set_fence(pinfo->cinfo, COL_INFO);
}
if (tree)
{
ti = proto_tree_add_item(tree, proto_rtmpt, tvb, offset, -1, FALSE);
proto_item_append_text(ti, " (%s)", val_to_str(iCommand, rtmpt_opcode_vals, "Unknown (0x%01x)"));
rtmptroot_tree = proto_item_add_subtree(ti, ett_rtmpt);
ti = proto_tree_add_text(rtmptroot_tree, tvb, offset, iHeaderLength, RTMPT_TEXT_RTMP_HEADER);
proto_item_append_text(ti, " (%s)", val_to_str(iCommand, rtmpt_opcode_vals, "Unknown (0x%01x)"));
rtmpt_tree = proto_item_add_subtree(ti, ett_rtmpt_header);
if (iHeaderType <= 3) proto_tree_add_item(rtmpt_tree, hf_rtmpt_header_objid, tvb, offset + 0, 1, FALSE);
if (iHeaderType <= 2) proto_tree_add_item(rtmpt_tree, hf_rtmpt_header_timestamp, tvb, offset + 1, 3, FALSE);
if (iHeaderType <= 1) proto_tree_add_item(rtmpt_tree, hf_rtmpt_header_body_size, tvb, offset + 4, 3, FALSE);
if (iHeaderType <= 1) proto_tree_add_item(rtmpt_tree, hf_rtmpt_header_function, tvb, offset + 7, 1, FALSE);
if (iHeaderType <= 0) proto_tree_add_item(rtmpt_tree, hf_rtmpt_header_source, tvb, offset + 8, 4, TRUE);
if (iCommand == RTMPT_TYPE_HANDSHAKE_1)
{
proto_tree_add_item(rtmpt_tree, hf_rtmpt_handshake_data, tvb, 1, 1536, FALSE);
}
else if (iCommand == RTMPT_TYPE_HANDSHAKE_2)
{
proto_tree_add_item(rtmpt_tree, hf_rtmpt_handshake_data, tvb, 1, 1536, FALSE);
proto_tree_add_item(rtmpt_tree, hf_rtmpt_handshake_data, tvb, 1537, 1536, FALSE);
}
else if (iCommand == RTMPT_TYPE_HANDSHAKE_3)
{
开发者ID:AkhilaAG,项目名称:gluster-wireshark-1.4,代码行数:67,代码来源:packet-rtmpt.c
示例8: dissect_udld
static void
dissect_udld(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_item *ti;
proto_tree *udld_tree = NULL;
int offset = 0;
guint16 type;
guint16 length;
proto_item *tlvi;
proto_tree *tlv_tree;
int real_length;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "UDLD");
col_clear(pinfo->cinfo, COL_INFO);
if (tree) {
proto_item *flags_ti;
proto_tree *flags_tree;
ti = proto_tree_add_item(tree, proto_udld, tvb, offset, -1, FALSE);
udld_tree = proto_item_add_subtree(ti, ett_udld);
/* UDLD header */
proto_tree_add_item(udld_tree, hf_udld_version, tvb, offset, 1, FALSE);
proto_tree_add_item(udld_tree, hf_udld_opcode, tvb, offset, 1, FALSE);
offset += 1;
flags_ti = proto_tree_add_item(udld_tree, hf_udld_flags, tvb, offset, 1, FALSE);
flags_tree = proto_item_add_subtree(flags_ti, ett_udld_flags);
proto_tree_add_item(flags_tree, hf_udld_flags_rt, tvb, offset, 1, FALSE);
proto_tree_add_item(flags_tree, hf_udld_flags_rsy, tvb, offset, 1, FALSE);
offset += 1;
proto_tree_add_item(udld_tree, hf_udld_checksum, tvb, offset, 2, FALSE);
offset += 2;
} else {
offset += 4; /* The version/opcode/flags/checksum fields from above */
}
while (tvb_reported_length_remaining(tvb, offset) != 0) {
type = tvb_get_ntohs(tvb, offset + TLV_TYPE);
length = tvb_get_ntohs(tvb, offset + TLV_LENGTH);
if (length < 4) {
if (tree) {
tlvi = proto_tree_add_text(udld_tree, tvb, offset, 4,
"TLV with invalid length %u (< 4)",
length);
tlv_tree = proto_item_add_subtree(tlvi, ett_udld_tlv);
proto_tree_add_uint(tlv_tree, hf_udld_tlvtype, tvb,
offset + TLV_TYPE, 2, type);
proto_tree_add_uint(tlv_tree, hf_udld_tlvlength, tvb,
offset + TLV_LENGTH, 2, length);
}
offset += 4;
break;
}
switch (type) {
case TYPE_DEVICE_ID:
/* Device ID */
if (check_col(pinfo->cinfo, COL_INFO))
col_append_fstr(pinfo->cinfo, COL_INFO,
"Device ID: %s ",
tvb_format_stringzpad(tvb, offset + 4,
length - 4));
if (tree) {
tlvi = proto_tree_add_text(udld_tree, tvb, offset,
length, "Device ID: %s",
tvb_format_stringzpad(tvb, offset + 4, length - 4));
tlv_tree = proto_item_add_subtree(tlvi, ett_udld_tlv);
proto_tree_add_uint(tlv_tree, hf_udld_tlvtype, tvb,
offset + TLV_TYPE, 2, type);
proto_tree_add_uint(tlv_tree, hf_udld_tlvlength, tvb,
offset + TLV_LENGTH, 2, length);
proto_tree_add_text(tlv_tree, tvb, offset + 4,
length - 4, "Device ID: %s",
tvb_format_stringzpad(tvb, offset + 4, length - 4));
}
offset += length;
break;
case TYPE_PORT_ID:
real_length = length;
if (tvb_get_guint8(tvb, offset + real_length) != 0x00) {
/* The length in the TLV doesn't appear to be the
length of the TLV, as the byte just past it
isn't the first byte of a 2-byte big-endian
small integer; make the length of the TLV the length
in the TLV, plus 4 bytes for the TLV type and length,
minus 1 because that's what makes one capture work. */
real_length = length + 3;
}
if (check_col(pinfo->cinfo, COL_INFO))
col_append_fstr(pinfo->cinfo, COL_INFO,
"Port ID: %s ",
tvb_format_stringzpad(tvb, offset + 4, length - 4));
if (tree) {
//.........这里部分代码省略.........
开发者ID:AkhilaAG,项目名称:gluster-wireshark-1.4,代码行数:101,代码来源:packet-udld.c
示例9: _dissect_uaudp
/* UA/UDP DISSECTOR */
static void _dissect_uaudp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
e_ua_direction direction)
{
gint offset = 0;
guint8 opcode;
proto_item *uaudp_item;
proto_tree *uaudp_tree;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "UAUDP");
/* get the identifier; it means operation code */
opcode = tvb_get_guint8(tvb, offset);
offset += 1;
ua_tap_info.opcode = opcode;
ua_tap_info.expseq = 0;
ua_tap_info.sntseq = 0;
/* print in "INFO" column the type of UAUDP message */
if (check_col(pinfo->cinfo, COL_INFO))
col_add_fstr(pinfo->cinfo,
COL_INFO,
"%s",
val_to_str_ext(opcode, &uaudp_opcode_str_ext, "unknown (0x%02x)"));
uaudp_item = proto_tree_add_protocol_format(tree, proto_uaudp, tvb, 0, 5,
"Universal Alcatel/UDP Encapsulation Protocol, %s",
val_to_str_ext(opcode, &uaudp_opcode_str_ext, "unknown (0x%02x)"));
uaudp_tree = proto_item_add_subtree(uaudp_item, ett_uaudp);
/* print the identifier */
proto_tree_add_uint(uaudp_tree, hf_uaudp_opcode, tvb, 0, 1, opcode);
switch(opcode)
{
case UAUDP_CONNECT:
{
if (!tree)
break;
while (tvb_offset_exists(tvb, offset))
{
guint8 T = tvb_get_guint8(tvb, offset+0);
guint8 L = tvb_get_guint8(tvb, offset+1);
switch(T)
{
case UAUDP_CONNECT_VERSION:
rV(uaudp_tree, &hf_uaudp_version , tvb, offset, L);
break;
case UAUDP_CONNECT_WINDOW_SIZE:
rV(uaudp_tree, &hf_uaudp_window_size , tvb, offset, L);
break;
case UAUDP_CONNECT_MTU:
rV(uaudp_tree, &hf_uaudp_mtu , tvb, offset, L);
break;
case UAUDP_CONNECT_UDP_LOST:
rV(uaudp_tree, &hf_uaudp_udp_lost , tvb, offset, L);
break;
case UAUDP_CONNECT_UDP_LOST_REINIT:
rV(uaudp_tree, &hf_uaudp_udp_lost_reinit, tvb, offset, L);
break;
case UAUDP_CONNECT_KEEPALIVE:
rV(uaudp_tree, &hf_uaudp_keepalive , tvb, offset, L);
break;
case UAUDP_CONNECT_QOS_IP_TOS:
rV(uaudp_tree, &hf_uaudp_qos_ip_tos , tvb, offset, L);
break;
case UAUDP_CONNECT_QOS_8021_VLID:
rV(uaudp_tree, &hf_uaudp_qos_8021_vlid , tvb, offset, L);
break;
case UAUDP_CONNECT_QOS_8021_PRI:
rV(uaudp_tree, &hf_uaudp_qos_8021_pri , tvb, offset, L);
break;
}
offset += (2 + L);
}
break;
}
case UAUDP_NACK:
{
proto_tree_add_uint(uaudp_tree,
hf_uaudp_expseq,
tvb,
offset,
2,
tvb_get_ntohs(tvb, offset));
break;
}
case UAUDP_DATA:
{
int datalen;
proto_tree_add_uint(uaudp_tree,
hf_uaudp_expseq,
tvb,
offset+0,
//.........这里部分代码省略.........
开发者ID:drower,项目名称:wireshark-1.10.0,代码行数:101,代码来源:packet-uaudp.c
示例10: dissect_brp
static int
dissect_brp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_item *brp_item = NULL;
proto_tree *brp_tree = NULL;
gint offset = 0;
guint8 type = 0;
guint8 packet_type = tvb_get_guint8(tvb, 0);
/* If there is a "tree" requested, we handle that request. */
col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_BRP);
if(check_col(pinfo->cinfo,COL_INFO)){
/* We add some snazzy bizness to the info field to quickly ascertain
what type of message was sent to/from the BRS/BRC. */
col_add_fstr(pinfo->cinfo, COL_INFO, "Message Type - %s",
val_to_str(packet_type, brp_packettype_names, "Unknown (0x%02x)"));
}
/* This call adds our tree to the main dissection tree. */
if (tree) { /* we are being asked for details */
/* Here we add our tree/subtree so we can have a collapsible branch. */
brp_item = proto_tree_add_item( tree, proto_brp, tvb, 0, -1, ENC_NA );
brp_tree = proto_item_add_subtree( brp_item, ett_brp);
/* We use tvb_get_guint8 to get our type value out. */
type = tvb_get_guint8(tvb, offset);
offset += 0;
brp_item = proto_tree_add_item( brp_tree, hf_brp_type, tvb, offset, 1, ENC_BIG_ENDIAN );
offset += 1;
/* Now let's break down each packet and display it in the collapsible branch */
switch(type)
{
case 1: /* Setup Request */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
proto_tree_add_item( brp_tree, hf_brp_ver, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
break;
case 2: /* Setup Response */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
proto_tree_add_item( brp_tree, hf_brp_stat, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
break;
case 3: /* Teardown Request */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
break;
case 4: /* Teardown Response */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
break;
case 5: /* Heartbeat Request */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
break;
case 6: /* Heartbeat Response */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
break;
case 7: /* Uni Flow Create Request */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
proto_tree_add_item( brp_tree, hf_brp_srcip, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
proto_tree_add_item( brp_tree, hf_brp_dstip, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
proto_tree_add_item( brp_tree, hf_brp_dstuport, tvb, offset, 2, ENC_BIG_ENDIAN );
offset +=2;
proto_tree_add_item( brp_tree, hf_brp_mbz, tvb, offset, 2, ENC_BIG_ENDIAN );
offset +=2;
proto_tree_add_item( brp_tree, hf_brp_bw, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
proto_tree_add_item( brp_tree, hf_brp_life, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
break;
case 8: /* Flow Create Response */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
offset += 3;
proto_tree_add_item( brp_tree, hf_brp_stat, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
proto_tree_add_item( brp_tree, hf_brp_flid, tvb, offset, 4, ENC_BIG_ENDIAN );
offset +=4;
break;
case 9: /* Flow Delete Request */
proto_tree_add_item( brp_tree, hf_brp_trans, tvb, offset, 3, ENC_BIG_ENDIAN );
//.........这里部分代码省略.........
开发者ID:asriadi,项目名称:wireshark,代码行数:101,代码来源:packet-brp.c
示例11: dissect_rs_cache_data_t
static int
dissect_rs_cache_data_t (tvbuff_t * tvb, int offset,
packet_info * pinfo, proto_tree * parent_tree,
guint8 * drep)
{
/*
typedef struct {
uuid_t site_id;
sec_timeval_sec_t person_dtm;
sec_timeval_sec_t group_dtm;
sec_timeval_sec_t org_dtm;
} rs_cache_data_t;
*/
proto_item *item = NULL;
proto_tree *tree = NULL;
int old_offset = offset;
dcerpc_info *di;
guint32 person_dtm, group_dtm, org_dtm;
e_uuid_t uuid1;
di = pinfo->private_data;
if (di->conformant_run)
{
return offset;
}
if (parent_tree)
{
item =
proto_tree_add_text (parent_tree, tvb, offset, -1, "rs_cache_data_t");
tree = proto_item_add_subtree (item, ett_rs_cache_data_t);
}
offset =
dissect_ndr_uuid_t (tvb, offset, pinfo, tree, drep, hf_rs_uuid1, &uuid1);
offset =
dissect_dcerpc_time_t (tvb, offset, pinfo, tree, drep, hf_rs_timeval,
&person_dtm);
offset =
dissect_dcerpc_time_t (tvb, offset, pinfo, tree, drep, hf_rs_timeval,
&group_dtm);
offset =
dissect_dcerpc_time_t (tvb, offset, pinfo, tree, drep, hf_rs_timeval,
&org_dtm);
if (check_col (pinfo->cinfo, COL_INFO))
col_append_fstr (pinfo->cinfo, COL_INFO,
" siteid %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x person_dtm:%u group_dtm:%u org_dtm:%u",
uuid1.Data1, uuid1.Data2, uuid1.Data3, uuid1.Data4[0],
uuid1.Data4[1], uuid1.Data4[2], uuid1.Data4[3],
uuid1.Data4[4], uuid1.Data4[5], uuid1.Data4[6],
uuid1.Data4[7], person_dtm, group_dtm, org_dtm);
proto_item_set_len (item, offset - old_offset);
return offset;
}
开发者ID:giuliano108,项目名称:wireshark-rtpmon,代码行数:62,代码来源:packet-dcerpc-rs_pgo.c
示例12: dissect_icap
static void
dissect_icap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree *icap_tree = NULL;
proto_item *ti = NULL;
proto_item *hidden_item;
gint offset = 0;
const guchar *line;
gint next_offset;
const guchar *linep, *lineend;
int linelen;
guchar c;
icap_type_t icap_type;
int datalen;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ICAP");
if (check_col(pinfo->cinfo, COL_INFO)) {
/*
* Put the first line from the buffer into the summary
* if it's an ICAP header (but leave out the
* line terminator).
* Otherwise, just call it a continuation.
*
* Note that "tvb_find_line_end()" will return a value that
* is not longer than what's in the buffer, so the
* "tvb_get_ptr()" call won't throw an exception.
*/
linelen = tvb_find_line_end(tvb, offset, -1, &next_offset,
FALSE);
line = tvb_get_ptr(tvb, offset, linelen);
icap_type = ICAP_OTHER; /* type not known yet */
if (is_icap_message(line, linelen, &icap_type))
col_add_str(pinfo->cinfo, COL_INFO,
format_text(line, linelen));
else
col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
}
if (tree) {
ti = proto_tree_add_item(tree, proto_icap, tvb, offset, -1,
ENC_NA);
icap_tree = proto_item_add_subtree(ti, ett_icap);
}
/*
* Process the packet data, a line at a time.
*/
icap_type = ICAP_OTHER; /* type not known yet */
while (tvb_offset_exists(tvb, offset)) {
gboolean is_icap = FALSE;
gboolean loop_done = FALSE;
/*
* Find the end of the line.
*/
linelen = tvb_find_line_end(tvb, offset, -1, &next_offset,
FALSE);
/*
* Get a buffer that refers to the line.
*/
line = tvb_get_ptr(tvb, offset, linelen);
lineend = line + linelen;
/*
* find header format
*/
if (is_icap_message(line, linelen, &icap_type)) {
goto is_icap_header;
}
/*
* if it looks like a blank line, end of header perhaps?
*/
if (linelen == 0) {
goto is_icap_header;
}
/*
* No. Does it look like a header?
*/
linep = line;
loop_done = FALSE;
while (linep < lineend && (!loop_done)) {
c = *linep++;
/*
* This must be a CHAR to be part of a token; that
* means it must be ASCII.
*/
if (!isascii(c)) {
is_icap = FALSE;
break; /* not ASCII, thus not a CHAR */
}
/*
* This mustn't be a CTL to be part of a token.
*
* XXX - what about leading LWS on continuation
* lines of a header?
//.........这里部分代码省略.........
开发者ID:SayCV,项目名称:wireshark,代码行数:101,代码来源:packet-icap.c
示例13: dissect_sec_rgy_pgo_item_t
static int
dissect_sec_rgy_pgo_item_t (tvbuff_t * tvb, int offset,
packet_info * pinfo, proto_tree * parent_tree,
guint8 * drep)
{
/*
typedef struct {
uuid_t id;
signed32 unix_num;
signed32 quota;
sec_rgy_pgo_flags_t flags;
sec_rgy_pname_t fullname;
} sec_rgy_pgo_item_t;
*/
proto_item *item = NULL;
proto_tree *tree = NULL;
int old_offset = offset;
dcerpc_info *di;
e_uuid_t id;
guint32 unix_num, quota;
di = pinfo->private_data;
if (di->conformant_run)
{
return offset;
}
if (parent_tree)
{
item =
proto_tree_add_text (parent_tree, tvb, offset, -1,
" sec_rgy_pgo_item_t ");
tree = proto_item_add_subtree (item, ett_sec_rgy_pgo_item_t);
}
offset =
dissect_ndr_uuid_t (tvb, offset, pinfo, tree, drep, hf_rs_uuid1, &id);
offset =
dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_rs_sec_rgy_pgo_item_t_unix_num, &unix_num);
offset =
dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_rs_sec_rgy_pgo_item_t_quota, "a);
offset = dissect_sec_rgy_pgo_flags_t (tvb, offset, pinfo, tree, drep);
offset += 4; /* XXX */
offset = dissect_sec_rgy_pname_t (tvb, offset, pinfo, tree, drep);
if (check_col (pinfo->cinfo, COL_INFO))
col_append_fstr (pinfo->cinfo, COL_INFO,
" sec_rgy_pgo_item_t - id %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x unix_num:%u quota:%u",
id.Data1, id.Data2, id.Data3, id.Data4[0],
id.Data4[1], id.Data4[2], id.Data4[3],
id.Data4[4], id.Data4[5], id.Data4[6],
id.Data4[7], unix_num, quota);
proto_item_set_len (item, offset - old_offset);
return offset;
}
开发者ID:giuliano108,项目名称:wireshark-rtpmon,代码行数:62,代码来源:packet-dcerpc-rs_pgo.c
示例14: dissect_kink
/* This function is dissecting the kink header. */
static void
dissect_kink(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){
proto_item *ti = NULL;
proto_tree *kink_tree = NULL;
guint8 type;
guint8 major_version, minor_version, version;
guint32 doi;
guint chsumlen;
guint8 next_payload;
guint8 value_a_and_front_reserved;
guint16 value_a_and_reserved;
guint8 value_a;
guint16 value_reserved;
int offset=0;
type = tvb_get_guint8(tvb,offset);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "KINK");
/* It shows kink type by the type value. */
if(check_col(pinfo->cinfo, COL_INFO)){
col_add_str(pinfo->cinfo, COL_INFO, val_to_str(type, kink_type_vals, "unknown"));
}
/* Make the kink tree */
if(tree){
ti = proto_tree_add_item(tree, proto_kink, tvb, offset, -1, FALSE);
kink_tree = proto_item_add_subtree(ti, ett_kink);
}
proto_tree_add_uint(kink_tree, hf_kink_type, tvb, offset, 1, type);
offset++;
/* This part is the version. Consider less than 1 octet value.
* Major version and minor version is 4bit. Front half of 1octet
* is major version, and second half of 1octet is minor version.
* The calculation of major version is shown below.
* The logical product of the value of 1octet and 0xf0 is performed.
* And It is performed 4bit right shift.
* Secondarily, the calculation of minor version is shown below.
* The logical product of the value of 1octet and 0x0f is performed.
*/
version = tvb_get_guint8(tvb,offset);
major_version = (version & FRONT_FOUR_BIT) >> VERSION_BIT_SHIFT;
minor_version = version & SECOND_FOUR_BIT;
proto_tree_add_text(kink_tree, tvb, offset, 1, "version: %u.%u", major_version, minor_version);
offset++;
proto_tree_add_item(kink_tree, hf_kink_length, tvb, offset, 2, FALSE);
offset += 2;
doi = tvb_get_ntohl(tvb, offset);
if(doi == IPSEC){
proto_tree_add_text(kink_tree, tvb, offset, 4, "Domain Of Interpretation: %s (%u)", "IPsec", doi);
}
else{
proto_tree_add_text(kink_tree, tvb, offset, 4, "Domain Of Interpretation: %s (%u)", "Not IPsec", doi);
}
offset += 4;
proto_tree_add_item(kink_tree, hf_kink_transactionId, tvb, offset, 4,
|
请发表评论