http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=29833
User: morriss
Date: 2009/09/09 07:40 PM
Log:
From Chris Maynard via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3950 :
The attached patch improves NHRP dissection and encompasses the following
changes:
1) Now displays Request ID and CIE Reply code or Error code in Info column.
2) Added support for RFC 2520 and RFC 2735 extensions and error codes.
References:
-> http://www.ietf.org/rfc/rfc2520.txt?number=2520
-> http://www.ietf.org/rfc/rfc2735.txt?number=2735
Note: Cisco's NAT Address Extension conflicts with RFC 2735's published
Device Capabilities Extension. Both are assigned type 9. As such, I have had
to add some heuristics to differentiate between them. It should be reliable
though since the former carries a CIE with length > 8 bytes, and the latter a
fixed-length payload of 8 bytes.
3) A few fields previously not filterable now are: hf_nhrp_hdr_op_type,
hf_nhrp_hdr_version and hf_nhrp_error_code.
4) Added support for authentication and vendor-private extension header decode.
NOTE: The authentication extension has been added according to RFC 2332. In
practice, it seems that at least with certain Cisco equipment (I tested with
cisco 2851 IOS version 12.4(15)T), they use their own non-standard
authentication extension format. Because of this, Cisco's version of the
extension will likely either be displayed a little differently than one may
expect or be indicated as being mal-formed ... because in reality, it is.
5) Utilizes expert info in a couple more places to indicate mal-formed packets.
Cisco's Error Indication packet, for example, violates RFC 2332 Section 5.2.7
by including extensions in the Error Indication packet as well as by including
erroneous data following the End Extension. Both cases are reported via expert
info now. Previously, at least with the case of the erroneous data following
the End Extension, the packet would almost certainly have been marked
mal-formed anyway. I now just prevent Wireshark from even attempting to decode
the non-sensical mess.
Directory: /trunk/epan/dissectors/
Changes Path Action
+267 -88 packet-nhrp.c Modified