Ethereal-users: [Ethereal-users] [PATCH] Fix handling of IP fragment bits
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: nick black <dank@xxxxxxxxxxxxxxxxxx>
Date: Tue, 17 Feb 2004 09:06:55 -0500
Hello there. Currently, Ethereal not only refrains from displaying
whether the reserved bit is explictly set, it also erroneously displays
only mf | df & ~offmask (ie MF + reserved bit shows Flags: 0x02 rather
than 0x0A). Reading the list, there seems to have been some confusion
stemming from ECN and certain kernels' use of IP_CE.
The two bits used for ECN within the IP header come from the
differentiated services/ToS bits in both RFC 2481 and 3168. Linux's
ECN implementation in the IP header is restricted to these bits, but
declares IP_CE in include/net/ip.h with the comment "Congestion".
This is only used in netfilter (the actual testing of IP bits for
ECN is done in include/net/inet_ecn.h, and clearly shows the ToS
bits being used) for a log. FreeBSD knows no IP_CE, only IP_RF.
This patch does away with mentions of CE and congestion in the fragment
bits field, uses the flag binary set for the RF, and fixes the Flags:
display. Please apply.
diff -ur ethereal-0.10.0a-orig/packet-ip.c ethereal-0.10.0a/packet-ip.c
--- ethereal-0.10.0a-orig/packet-ip.c 2004-02-17 07:36:20.000000000 -0500
+++ ethereal-0.10.0a/packet-ip.c 2004-02-17 08:39:11.000000000 -0500
@@ -84,6 +84,7 @@
static int hf_ip_src = -1;
static int hf_ip_addr = -1;
static int hf_ip_flags = -1;
+static int hf_ip_flags_rf = -1;
static int hf_ip_flags_df = -1;
static int hf_ip_flags_mf = -1;
static int hf_ip_frag_offset = -1;
@@ -220,7 +221,7 @@
#define IPH_MIN_LEN 20
/* IP flags. */
-#define IP_CE 0x8000 /* Flag: "Congestion" */
+#define IP_RF 0x8000 /* Flag: "Reserved bit" */
#define IP_DF 0x4000 /* Flag: "Don't Fragment" */
#define IP_MF 0x2000 /* Flag: "More Fragments" */
#define IP_OFFSET 0x1FFF /* "Fragment Offset" part */
@@ -927,9 +928,10 @@
iph->ip_off = tvb_get_ntohs(tvb, offset + 6);
if (tree) {
- flags = (iph->ip_off & (IP_DF|IP_MF)) >> 12;
+ flags = (iph->ip_off & (IP_RF | IP_DF | IP_MF)) >> 12;
tf = proto_tree_add_uint(ip_tree, hf_ip_flags, tvb, offset + 6, 1, flags);
field_tree = proto_item_add_subtree(tf, ett_ip_off);
+ proto_tree_add_boolean(field_tree, hf_ip_flags_rf, tvb, offset + 6, 1, flags),
proto_tree_add_boolean(field_tree, hf_ip_flags_df, tvb, offset + 6, 1, flags),
proto_tree_add_boolean(field_tree, hf_ip_flags_mf, tvb, offset + 6, 1, flags),
@@ -1633,12 +1635,16 @@
{ "Flags", "ip.flags", FT_UINT8, BASE_HEX, NULL, 0x0,
"", HFILL }},
+ { &hf_ip_flags_rf,
+ { "Reserved bit", "ip.flags.rb", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_RF >> 12,
+ "", HFILL }},
+
{ &hf_ip_flags_df,
- { "Don't fragment", "ip.flags.df", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_DF>>12,
+ { "Don't fragment", "ip.flags.df", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_DF >> 12,
"", HFILL }},
{ &hf_ip_flags_mf,
- { "More fragments", "ip.flags.mf", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_MF>>12,
+ { "More fragments", "ip.flags.mf", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_MF >> 12,
"", HFILL }},
{ &hf_ip_frag_offset,
--
nick black <dank@xxxxxxxxxxxxxxxxxx>
"np: nondeterministic polynomial-time
the class of dashed hopes and idle dreams." - the complexity zoo
diff -ur ethereal-0.10.0a-orig/packet-ip.c ethereal-0.10.0a/packet-ip.c
--- ethereal-0.10.0a-orig/packet-ip.c 2004-02-17 07:36:20.000000000 -0500
+++ ethereal-0.10.0a/packet-ip.c 2004-02-17 08:39:11.000000000 -0500
@@ -84,6 +84,7 @@
static int hf_ip_src = -1;
static int hf_ip_addr = -1;
static int hf_ip_flags = -1;
+static int hf_ip_flags_rf = -1;
static int hf_ip_flags_df = -1;
static int hf_ip_flags_mf = -1;
static int hf_ip_frag_offset = -1;
@@ -220,7 +221,7 @@
#define IPH_MIN_LEN 20
/* IP flags. */
-#define IP_CE 0x8000 /* Flag: "Congestion" */
+#define IP_RF 0x8000 /* Flag: "Reserved bit" */
#define IP_DF 0x4000 /* Flag: "Don't Fragment" */
#define IP_MF 0x2000 /* Flag: "More Fragments" */
#define IP_OFFSET 0x1FFF /* "Fragment Offset" part */
@@ -927,9 +928,10 @@
iph->ip_off = tvb_get_ntohs(tvb, offset + 6);
if (tree) {
- flags = (iph->ip_off & (IP_DF|IP_MF)) >> 12;
+ flags = (iph->ip_off & (IP_RF | IP_DF | IP_MF)) >> 12;
tf = proto_tree_add_uint(ip_tree, hf_ip_flags, tvb, offset + 6, 1, flags);
field_tree = proto_item_add_subtree(tf, ett_ip_off);
+ proto_tree_add_boolean(field_tree, hf_ip_flags_rf, tvb, offset + 6, 1, flags),
proto_tree_add_boolean(field_tree, hf_ip_flags_df, tvb, offset + 6, 1, flags),
proto_tree_add_boolean(field_tree, hf_ip_flags_mf, tvb, offset + 6, 1, flags),
@@ -1633,12 +1635,16 @@
{ "Flags", "ip.flags", FT_UINT8, BASE_HEX, NULL, 0x0,
"", HFILL }},
+ { &hf_ip_flags_rf,
+ { "Reserved bit", "ip.flags.rb", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_RF >> 12,
+ "", HFILL }},
+
{ &hf_ip_flags_df,
- { "Don't fragment", "ip.flags.df", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_DF>>12,
+ { "Don't fragment", "ip.flags.df", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_DF >> 12,
"", HFILL }},
{ &hf_ip_flags_mf,
- { "More fragments", "ip.flags.mf", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_MF>>12,
+ { "More fragments", "ip.flags.mf", FT_BOOLEAN, 4, TFS(&flags_set_truth), IP_MF >> 12,
"", HFILL }},
{ &hf_ip_frag_offset,
- Follow-Ups:
- Prev by Date: AW: [Ethereal-users] diplay filter for rtp.payload with 100% silence
- Next by Date: [Ethereal-users] Changing default application font
- Previous by thread: Re: [Ethereal-users] Capturing packet on Switch
- Next by thread: [Ethereal-users] Re: [Ethereal-dev] [PATCH] Fix handling of IP fragment bits
- Index(es):