Wireshark-commits: [Wireshark-commits] master 3db7b1e: ERF: Add dissection and wiretap support for

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 1 Apr 2016 12:50:55 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3db7b1ed04e0f627c97a0c2d961bfea79429a24d
Submitter: Michael Mann (mmann78@xxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

3db7b1e by Anthony Coddington (anthony.coddington@xxxxxxxxxx):

    ERF: Add dissection and wiretap support for ERF_TYPE_META.
    
    ERF Dissector:
    Add dissection for ERF_TYPE_META, Host ID and Flow ID extension headers.
    Rename ERF extension header defines to ERF_EXT_HDR* and put in erf.h.
    
    The Flow ID extension header has an improved 32-bit Flow Hash with a Hash Type
    field describing what the hash was computed over. The Host ID extension header
    contains a 48-bit organizationally unique Host Identifier. Both extension
    headers contain the same 8-bit Source ID used for distinguishing records from
    multiple sources in the same file and for metadata linking to ERF_TYPE_META
    records. Host ID is used to identify the capturing host and can also be used to
    distinguish records from multiple hosts in the same file.
    
    ERF_TYPE_META records have a payload consisting of TLV metadata, divided into
    sections which define the context of the TLV tag. The dissector registers
    a field for each tag for each section type based on a template.
    ERF_TYPE_META records generally have a Host ID extension header used to link
    metadata to packet records with the same Host ID and Source ID. The associated
    Host ID can either be explicit on all records, or implicit where the Host ID
    extension header is only present on MetaERF records and other records are
    associated using only the Source ID in the Flow ID extension header.
    
    Includes per-record generated Source summary and frame linking. These have the
    'correct' Host ID and Source IDs from either extension header, including
    applying the Implicit Host ID, and links to the most recent ERF_TYPE_META
    record. Relies on Wireshark doing more than one pass to associate the correct
    implicit Host ID tree items for records before the first ERF_TYPE_META record.
    The metadata is technically not associated at that point anyway.
    
    ERF Wiretap:
    Add per-HostID/per-SourceID wtap interfaces and basic ERF_TYPE_META support.
    
    Adds read support for displaying some fields of the 'first'
    ERF_TYPE_META record in the Capture File Properties screen. Concatenates
    and merges some summary fields to provide more useful information and
    attempt to combine ERF sources, streams and interfaces into wtap interfaces.
    
    Interface naming gracefully degrades when Host ID and Source ID are not present
    and is intended to be parseable for use by DAG software.
    Supports Implicit Host ID, but assumes it does not change.
    NOTE: Now only ERF interfaces that are present in the file are added.
    Only works with native ERF files for now. Written such that it is easily
    adapted for use by pcap dissector.
    
    Some support for setting REC_TYPE_FT_SPECIFIC_REPORT on MetaERF records.
    Disabled for now as this breaks pcapng_dump saving of ERF_TYPE_META
    and ft_specific_record_phdr clashes with erf_mc_phdr.
    Only when native ERF file (as uses wth->file_type_subtype).
    Register packet-erf as a dissector of WTAP_FILE_TYPE_SUBTYPE_ERF.
    
    Bug: 12303
    Change-Id: I6a697cdc851319595da2852f3a977cef8a42431d
    Reviewed-on: https://code.wireshark.org/review/14510
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    Tested-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
    

Actions performed:

    from  5ca557c   support for IP-over-Infiniband - pcap encapsulation
    adds  3db7b1e   ERF: Add dissection and wiretap support for ERF_TYPE_META.


Summary of changes:
 epan/dissectors/packet-erf.c | 1143 ++++++++++++++++++++++++++++++++++++++++-
 wiretap/erf.c                | 1149 +++++++++++++++++++++++++++++++++++++++++-
 wiretap/erf.h                |  184 +++++++
 3 files changed, 2440 insertions(+), 36 deletions(-)