Re: [Wireshark-dev] Patch to support decoding LANforge packets.
Ben Greear wrote: Abhik Sarkar wrote: Hello Ben, Please follow the instructions here (http://www.wireshark.org/docs/wsdg_html_chunked/ChSrcContribute.html#ChSrcSend) to make sure that your contribution is tracked properly and not lost. Done: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2770 Thanks, Ben Any update as to if/when this patch will be accepted into wireshark? If changes or additional information is needed, please let me know. Thanks, Ben -- Ben Greear [EMAIL PROTECTED] Candela Technologies Inc http://www.candelatech.com ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Patch to support decoding LANforge packets.
Abhik Sarkar wrote: Hello Ben, Please follow the instructions here (http://www.wireshark.org/docs/wsdg_html_chunked/ChSrcContribute.html#ChSrcSend) to make sure that your contribution is tracked properly and not lost. Done: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2770 Thanks, Ben -- Ben Greear [EMAIL PROTECTED] Candela Technologies Inc http://www.candelatech.com ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Patch to support decoding LANforge packets.
LANforge is a network traffic generator that my company sells. Part of
our feature set
is UDP and TCP traffic generation. We have a small header followed by a
payload. The
payload is normally just filler and of no special interest to users.
Attached is a patch to decode the LANforge header. Please consider
adding this to Wireshark, and let me know if there are any suggestions
for improvement.
Thanks,
Ben
--
Ben Greear [EMAIL PROTECTED]
Candela Technologies Inc http://www.candelatech.com
Index: epan/dissectors/Makefile.common
===
--- epan/dissectors/Makefile.common (revision 25831)
+++ epan/dissectors/Makefile.common (working copy)
@@ -518,6 +518,7 @@
packet-kismet.c \
packet-kpasswd.c \
packet-l2tp.c \
+ packet-lanforge.c \
packet-lapb.c \
packet-lapbether.c \
packet-lapd.c \
Index: epan/dissectors/packet-lanforge.c
===
--- epan/dissectors/packet-lanforge.c (revision 0)
+++ epan/dissectors/packet-lanforge.c (revision 0)
@@ -0,0 +1,275 @@
+/* packet-lanforge.c
+ * Routines for LANforge traffic generator IP protocol dissection
+ * Copyright 2008
+ * Ben Greear [EMAIL PROTECTED]
+ *
+ * Based on pktgen dissectory by:
+ * Francesco Fondelli francesco dot fondelli, gmail dot com
+ *
+ * $Id: packet-lanforge.c 23412 2007-11-09 06:01:18Z etxrab $
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs [EMAIL PROTECTED]
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+/* LANforge generates network traffic for load performance testing.
+ * See http://www.candelatech.com for more info.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include config.h
+#endif
+
+#if 0
+#include stdio.h
+#include stdlib.h
+#include string.h
+#endif
+
+#include glib.h
+
+#include epan/packet.h
+#include epan/emem.h
+
+/* magic num used for heuristic */
+static const guint8 lanforge_magic[] = { 0x1a, 0x2b, 0x3c, 0x4d };
+
+/* Initialize the protocol and registered fields */
+static int proto_lanforge = -1;
+
+/* lanforge header */
+static int hf_lanforge_crc = -1;
+static int hf_lanforge_magic = -1;
+static int hf_lanforge_src_session = -1;
+static int hf_lanforge_dst_session = -1;
+static int hf_lanforge_pld_len = -1;
+static int hf_lanforge_pld_pattern = -1;
+static int hf_lanforge_seq = -1;
+static int hf_lanforge_tx_time_s = -1;
+static int hf_lanforge_tx_time_ns = -1;
+static int hf_lanforge_timestamp = -1;
+
+/* Initialize the subtree pointer */
+static gint ett_lanforge = -1;
+
+/* data dissector handle */
+static dissector_handle_t data_handle = NULL;
+
+/* entry point */
+static gboolean dissect_lanforge(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+{
+proto_item *ti = NULL;
+proto_item *tmp = NULL;
+proto_tree *lanforge_tree = NULL;
+guint32 offset = 0;
+nstime_t tstamp;
+guint32 tss;
+
+/* check for min size */
+if(tvb_length(tvb) 28) { /* Not a LANforge packet. */
+ return FALSE;
+}
+
+/* check for magic number */
+if(tvb_memeql(tvb, 4, lanforge_magic, 4) == -1) { /* Not a LANforge packet. */
+ return FALSE;
+}
+
+/* Make entries in Protocol column and Info column on summary display */
+
+if(check_col(pinfo-cinfo, COL_PROTOCOL))
+ col_set_str(pinfo-cinfo, COL_PROTOCOL, LANforge);
+
+if(check_col(pinfo-cinfo, COL_INFO)) {
+ col_add_fstr(pinfo-cinfo, COL_INFO, Seq: %u, tvb_get_ntohl(tvb, 16));
+}
+
+if(tree) {
+
+ /* create display subtree for the protocol */
+
+ ti = proto_tree_add_item(tree, proto_lanforge, tvb, 0, -1, FALSE);
+
+ lanforge_tree = proto_item_add_subtree(ti, ett_lanforge);
+
+ /* add items to the subtree */
+
+ proto_tree_add_item(lanforge_tree, hf_lanforge_crc, tvb, offset, 4, FALSE);
+ offset+=4;
+
+proto_tree_add_item(lanforge_tree, hf_lanforge_magic, tvb, offset, 4, FALSE);
+ offset+=4;
+
+ proto_tree_add_item(lanforge_tree, hf_lanforge_src_session, tvb, offset, 2, FALSE);
+ offset+=2;
+
+ proto_tree_add_item(lanforge_tree, hf_lanforge_dst_session, tvb, offset, 2, FALSE);
+ offset+=2;
+
+proto_tree_add_item(lanforge_tree, hf_lanforge_pld_len, tvb, offset, 2, FALSE);
+offset+=2;
+
+
Re: [Wireshark-dev] Patch to support decoding LANforge packets.
Hello Ben, Please follow the instructions here (http://www.wireshark.org/docs/wsdg_html_chunked/ChSrcContribute.html#ChSrcSend) to make sure that your contribution is tracked properly and not lost. Thanks! Abhik. On Thu, Jul 31, 2008 at 7:07 AM, Ben Greear [EMAIL PROTECTED] wrote: LANforge is a network traffic generator that my company sells. Part of our feature set is UDP and TCP traffic generation. We have a small header followed by a payload. The payload is normally just filler and of no special interest to users. Attached is a patch to decode the LANforge header. Please consider adding this to Wireshark, and let me know if there are any suggestions for improvement. Thanks, Ben -- Ben Greear [EMAIL PROTECTED] Candela Technologies Inc http://www.candelatech.com ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Patch to support decoding LANforge packets.
Hi Ben, Normally we would request to open a bugreport on https://bugs.wireshark.org and attach the patch there so it won't be forgotten. The dissector itself looks oke, only thing is that it registers for all UDP and TCP ports. Isn't is possible to register them on a port(-range)? Thanx, Jaap Ben Greear wrote: LANforge is a network traffic generator that my company sells. Part of our feature set is UDP and TCP traffic generation. We have a small header followed by a payload. The payload is normally just filler and of no special interest to users. Attached is a patch to decode the LANforge header. Please consider adding this to Wireshark, and let me know if there are any suggestions for improvement. Thanks, Ben ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Patch to support decoding LANforge packets.
Jaap Keuter wrote: Hi Ben, Normally we would request to open a bugreport on https://bugs.wireshark.org and attach the patch there so it won't be forgotten. The dissector itself looks oke, only thing is that it registers for all UDP and TCP ports. Isn't is possible to register them on a port(-range)? No, our tool can be configured to use any port. That is the main reason I added the 'magic' header...to ensure that we could match the packets properly. I can modify the header further if that would be of some service..but can't restrict ports. I'll open a bug report as suggested. Thanks, Ben Thanx, Jaap Ben Greear wrote: LANforge is a network traffic generator that my company sells. Part of our feature set is UDP and TCP traffic generation. We have a small header followed by a payload. The payload is normally just filler and of no special interest to users. Attached is a patch to decode the LANforge header. Please consider adding this to Wireshark, and let me know if there are any suggestions for improvement. Thanks, Ben ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev -- Ben Greear [EMAIL PROTECTED] Candela Technologies Inc http://www.candelatech.com ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
