[netfilter-cvslog] r4081 - branches/netfilter-ha/linux-2.6/ethereal-plugin/plugins/ctsync

[laforge at netfilter.org]

Author: laforge at netfilter.org
Date: 2005-06-29 11:05:39 +0200 (Wed, 29 Jun 2005)
New Revision: 4081

Modified:
   branches/netfilter-ha/linux-2.6/ethereal-plugin/plugins/ctsync/packet-ctsync.c
Log:
- add nat sequence number parsing
- fix some byteorder issues
- fix 'status' bitmask printing



Modified: branches/netfilter-ha/linux-2.6/ethereal-plugin/plugins/ctsync/packet-ctsync.c
===================================================================
--- branches/netfilter-ha/linux-2.6/ethereal-plugin/plugins/ctsync/packet-ctsync.c	2005-06-29 07:40:25 UTC (rev 4080)
+++ branches/netfilter-ha/linux-2.6/ethereal-plugin/plugins/ctsync/packet-ctsync.c	2005-06-29 09:05:39 UTC (rev 4081)
@@ -44,6 +44,8 @@
 #include <epan/tap.h>
 #include "packet-ctsync.h"
 
+#include <netinet/in.h>
+
 #include <linux/netfilter_ipv4/ip_conntrack.h>
 #include <linux/netfilter_ipv4/ip_nat.h>
 #include <linux/if_ether.h>
@@ -92,6 +94,7 @@
 static int ett_ctsync_flags = -1;
 static int ett_ctsync_msg = -1;
 static int ett_ctsync_msg_upd = -1;
+static int ett_ctsync_msg_upd_status = -1;
 static int ett_ctsync_msg_upd_nat_manip = -1;
 static int ett_conntrack_tuple = -1;
 
@@ -198,6 +201,8 @@
 #define CONNTRACK_HELP_SIZE		sizeof(union ip_conntrack_help)
 #define CONNTRACK_PROTO_SIZE		sizeof(union ip_conntrack_proto)
 #define NAT_INFO_MANIP_SIZE		sizeof(struct ip_nat_info_manip)
+#define NAT_HELP_UNION_SIZE		sizeof(union ip_conntrack_nat_help)
+#define NAT_SEQ_SIZE			sizeof(struct ip_nat_seq)
 
 static void
 dissect_nat_info(int num, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
@@ -253,18 +258,24 @@
 	tvb_memcpy(tvb, (guint8 *)&ip, offset, 4);
 	tvb_memcpy(tvb, (guint8 *)&port, offset+4, 2);
 	proto_tree_add_text(nat_info_manip_tree, tvb, offset, 6, 
-			    "%u.%u.%u.%u:%u", NIPQUAD(ip), port);
+			    "Manip: %u.%u.%u.%u:%u", NIPQUAD(ip), port);
 	offset += 6;
 }
 
 
 static int hf_ctsync_msg_upd_status = -1;
+static int hf_ctsync_msg_upd_status_expected = -1;
+static int hf_ctsync_msg_upd_status_seen_reply = -1;
+static int hf_ctsync_msg_upd_status_assured = -1;
+static int hf_ctsync_msg_upd_status_confirmed = -1;
+#if 0
 static const value_string ctsync_msg_upd_status_vals[] = {
 	{0x01, "IPS_EXPECTED"},
 	{0x02, "IPS_SEEN_REPLY"},
 	{0x04, "IPS_ASSURD"},
 	{0x08, "IPS_CONFIRMED"},
 };
+#endif
 
 static void
 dissect_ctsync_msg_conntrack_update(tvbuff_t *tvb, int offset, packet_info
@@ -272,6 +283,10 @@
 {
 	tvbuff_t *new_tvb;
 	int num_manips, i;
+	char *cthelper, *nathelper;
+	u_int32_t status;
+	proto_item *tf;
+	proto_tree *field_tree;
 
 	/* orig tuple */
 	new_tvb = tvb_new_subset(tvb, offset, CONNTRACK_TUPLE_SIZE_ALIGNED, 
@@ -286,19 +301,31 @@
 	offset += CONNTRACK_TUPLE_SIZE_ALIGNED;
 
 	/* status */
-	proto_tree_add_item(tree, hf_ctsync_msg_upd_status, tvb,
-			    offset, 4, TRUE);
+	tf = proto_tree_add_item(tree, hf_ctsync_msg_upd_status, tvb,
+				 offset, 4, TRUE);
+	field_tree = proto_item_add_subtree(tf, ett_ctsync_msg_upd_status);
+	proto_tree_add_item(field_tree, hf_ctsync_msg_upd_status_expected,
+			    tvb, offset, 4, TRUE);
+	proto_tree_add_item(field_tree, hf_ctsync_msg_upd_status_seen_reply,
+			    tvb, offset, 4, TRUE);
+	proto_tree_add_item(field_tree, hf_ctsync_msg_upd_status_assured,
+			    tvb, offset, 4, TRUE);
+	proto_tree_add_item(field_tree, hf_ctsync_msg_upd_status_confirmed,
+			    tvb, offset, 4, TRUE);
 	offset += 4;
 
 	/* expires */
 	proto_tree_add_text(tree, tvb, offset, 4,
-			   "Expires: 0x%08x", tvb_get_ntohl(tvb, offset));
+			   "Expires: %d", 
+			   htonl(tvb_get_ntohl(tvb, offset)));
 	offset += 4;
 
 	/* helper */
-	proto_tree_add_text(tree, tvb, offset, CT_SYNC_CTHELPERSIZE,
-			    "Helper: %s", tvb_get_string(tvb, offset, 
-				    			 CT_SYNC_CTHELPERSIZE));
+	cthelper = tvb_get_string(tvb, offset, CT_SYNC_CTHELPERSIZE);
+	if (cthelper && strlen(cthelper))
+		proto_tree_add_text(tree, tvb, offset, CT_SYNC_CTHELPERSIZE,
+				    "Conntrack Helper: %s", cthelper);
+
 	offset += CT_SYNC_CTHELPERSIZE;
 
 	/* helper_info */
@@ -306,7 +333,8 @@
 
 	/* expecting */
 	proto_tree_add_text(tree, tvb, offset, 4,
-			    "Expecting: %02d", tvb_get_ntohl(tvb, offset));
+			    "Expecting: %d", 
+			    htonl(tvb_get_ntohl(tvb, offset)));
 	offset += 4;
 
 	/* master_ct_tuple */
@@ -325,8 +353,7 @@
 	tvb_memcpy(tvb, (guint8 *)&num_manips, offset, 2);
 
 	proto_tree_add_text(tree, tvb, offset, 2,
-			    "NAT Number of Manipulations: 0x%04x",
-			    tvb_get_ntohs(tvb, offset));
+			    "NAT Number of Manipulations: %d", num_manips);
 	offset += 4;
 
 	for (i = 0; i < IP_NAT_MAX_MANIPS; i++) {
@@ -338,13 +365,45 @@
 		}
 		offset += NAT_INFO_MANIP_SIZE;
 	}
+
+	/* nat helper */
+	nathelper = tvb_get_string(tvb, offset, CT_SYNC_NATHELPERSIZE);
+	if (nathelper  && strlen(nathelper)) {
+		proto_tree_add_text(tree, tvb, offset, CT_SYNC_NATHELPERSIZE,
+				    "NAT Helper: %s", nathelper);
+	}
+	offset += CT_SYNC_NATHELPERSIZE;
+
+	/* nat union */
+	offset += NAT_HELP_UNION_SIZE;
+
+	/* nat sequence updates */
+	for (i = 0; i < IP_CT_DIR_MAX; i++) {
+		u_int32_t correction_pos;
+		int32_t offset_before, offset_after;
+		tvb_memcpy(tvb, (guint8 *)&correction_pos, offset,
+			   sizeof(correction_pos));
+		tvb_memcpy(tvb, (guint8 *)&offset_before,
+			   offset + sizeof(correction_pos),
+			   sizeof(offset_before));
+		tvb_memcpy(tvb, (guint8 *)&offset_after,
+			   offset+sizeof(correction_pos)+sizeof(offset_before),
+			   sizeof(offset_after));
+		if (correction_pos)
+			proto_tree_add_text(tree, tvb, offset, NAT_SEQ_SIZE,
+				    "Correction Pos: %u, Offset before: %d"
+				    ", Offset after: %d", correction_pos,
+				    offset_before, offset_after);
+		offset += NAT_SEQ_SIZE;
+	}
+
 #if  defined(CONFIG_IP_NF_TARGET_MASQUERADE) || defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
 	{
-		unsigned char masq_iface[IFNAMSIZ+1];
-		tvb_memcpy(tvb, (guint8 *)masq_iface, offset, IFNAMSIZ);
-		masq_iface[IFNAMSIZ] = '\0';
-		proto_tree_add_text(tree, tvb, offset, IFNAMSIZ,
-				    "Masq Device: %s", masq_iface);
+		unsigned char *masq_iface;
+		masq_iface = tvb_get_string(tvb, offset, IFNAMSIZ);
+		if (masq_iface && strlen(masq_iface))
+			proto_tree_add_text(tree, tvb, offset, IFNAMSIZ,
+					    "Masq Device: %s", masq_iface);
 		offset += IFNAMSIZ;
 	}
 #endif
@@ -352,7 +411,7 @@
 
 #ifdef CONFIG_IP_NF_CONNTRACK_MARK
 	{
-		unsigned long mark;
+		unsigned long mark = 0UL;
 
 		tvb_memcpy(tvb, (guint8 *)&mark, offset, CONNTRACK_MARK_SIZE);
 		proto_tree_add_text(tree, tvb, offset, CONNTRACK_MARK_SIZE,
@@ -729,10 +788,30 @@
 
 	static hf_register_info hf_msg_upd[] = {
 		{ &hf_ctsync_msg_upd_status,
-		  { "Status", "ctsync.msg.ct.upd.status", FT_UINT8, BASE_HEX,
-		    VALS(ctsync_msg_upd_status_vals), 0,
+		  { "Status", "ctsync.msg.ct.upd.status", FT_UINT32, BASE_HEX,
+		    0, 0,
 		    "Status bits of connection", HFILL },
 		},
+		{ &hf_ctsync_msg_upd_status_expected,
+		  { "EXPECTED", "ctsync.msg.ct.upd.status.expected", 
+	            FT_BOOLEAN, 32, TFS(&flags_set_truth), IPS_EXPECTED, 
+		    "", HFILL },
+		},
+		{ &hf_ctsync_msg_upd_status_seen_reply,
+		  { "SEEN_REPLY", "ctsync.msg.ct.upd.status.seen_reply",
+		    FT_BOOLEAN, 32, TFS(&flags_set_truth), IPS_SEEN_REPLY, 
+		    "", HFILL },
+		},
+		{ &hf_ctsync_msg_upd_status_assured,
+		  { "ASSURED", "ctsync.msg.ct.upd.status.assured",
+		    FT_BOOLEAN, 32, TFS(&flags_set_truth), IPS_ASSURED, 
+		    "", HFILL },
+		},
+		{ &hf_ctsync_msg_upd_status_confirmed,
+		  { "CONFIRMED", "ctsync.msg.ct.upd.status.confirmed",
+		    FT_BOOLEAN, 32, TFS(&flags_set_truth), IPS_CONFIRMED, 
+		    "", HFILL },
+		},
 	};
 
 	static hf_register_info hf_msg_upd_nat_manip[] = {
@@ -759,6 +838,7 @@
   	};
 	static gint *ett_msg[] = {
 		&ett_ctsync_msg,
+		&ett_ctsync_msg_upd_status,
 	};
 	static gint *ett_conntrack[] = {
 		&ett_conntrack_tuple,