Wireshark-dev: Re: [Wireshark-dev] [PATCH] new dissector for ip.access GSM A-bis over IP

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Sat, 4 Jul 2009 13:55:56 +0200
Hi Haralt,

Could file it in bugs.wireshark.org ?
Thats the way we track patches.

Thanx,
Jaap

Sent from my iPhone

On 4 jul 2009, at 04:22, Harald Welte <laforge@xxxxxxxxxxxx> wrote:

Hi!

I've written the following wireshark dissector for the GSM A-bis over IP protocol as it is used with ip.access nanoBTS products. The code was written
while developing OpenBSC (see http://openbsc.gnumonks.org/).

I'd like to request its inclusion into the wireshark mainline tree. Please
review and let me know if there are any issues.

I'm also in the process of writing a generic GSM 12.21 (A-bis OML) dissector, as well as extending the packet-rsl.c with ip.access nanoBTS vendor extensions. I'm not sure when those will be finished, but I expect to post them within the
next couple of weeks.

Regards,
   Harald

Index: epan/dissectors/Makefile.common
===================================================================
--- epan/dissectors/Makefile.common.orig 2009-07-03 22:19:54.000000000 +0200 +++ epan/dissectors/Makefile.common 2009-07-03 22:20:16.000000000 +0200
@@ -471,6 +471,7 @@
   packet-gsm_a_gm.c        \
   packet-gsm_a_rp.c        \
   packet-gsm_a_rr.c    \
+    packet-gsm_abis_ip.c    \
   packet-gsm_bsslap.c        \
   packet-gsm_bssmap_le.c    \
   packet-gsm_sms.c    \
Index: epan/dissectors/packet-rsl.c
===================================================================
--- epan/dissectors/packet-rsl.c.orig 2009-07-03 22:19:54.000000000 +0200 +++ epan/dissectors/packet-rsl.c 2009-07-03 22:20:16.000000000 +0200
@@ -3950,6 +3950,7 @@
   proto_register_field_array(proto_rsl, hf, array_length(hf));
   proto_register_subtree_array(ett, array_length(ett));

+    register_dissector("gsm_abis_rsl", dissect_rsl, proto_rsl);

}

Index: epan/dissectors/packet-gsm_abis_ip.c
===================================================================
--- /dev/null    1970-01-01 00:00:00.000000000 +0000
+++ epan/dissectors/packet-gsm_abis_ip.c 2009-07-03 22:20:16.000000000 +0200
@@ -0,0 +1,279 @@
+/* packet-gsm_abis_ip.c
+ * Routines for packet dissection of ip.access A-bis over IP
+ * Copyright 2009 by Harald Welte <laforge@xxxxxxxxxxxx>
+ *
+ * $Id$
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@xxxxxxxxxxxxx>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+
+#include <epan/packet.h>
+#include <epan/emem.h>
+
+/* Initialize the protocol and registered fields */
+static int proto_abisip = -1;
+static int proto_ipaccess = -1;
+
+static int hf_abisip_data_len = -1;
+static int hf_abisip_protocol = -1;
+
+static int hf_ipaccess_msgtype = -1;
+static int hf_ipaccess_attr_tag = -1;
+static int hf_ipaccess_attr_string = -1;
+
+/* Initialize the subtree pointers */
+static gint ett_abisip = -1;
+static gint ett_ipaccess = -1;
+
+enum {
+    SUB_OML,
+    SUB_RSL,
+    SUB_IPACCESS,
+
+    SUB_MAX
+};
+
+static dissector_handle_t sub_handles[SUB_MAX];
+
+#define TCP_PORT_ABISIP_PRIM     3002
+#define TCP_PORT_ABISIP_SEC     3003
+#define TCP_PORT_ABISIP_INST     3006
+
+#define ABISIP_RSL    0x00
+#define ABISIP_IPACCESS    0xfe
+#define ABISIP_OML    0xff
+
+static const value_string abisip_protocol_vals[] = {
+    { 0x00,        "RSL" },
+    { 0xfe,        "IPA" },
+    { 0xff,        "OML" },
+    { 0,        NULL }
+};
+
+static const value_string ipaccess_msgtype_vals[] = {
+    { 0x00,        "PING?" },
+    { 0x01,    "PONG!" },
+    { 0x04,    "IDENTITY REQUEST" },
+    { 0x05,    "IDENTITY RESPONSE" },
+    { 0x06,    "IDENTITY CONF" },
+    { 0,        NULL }
+};
+
+static const value_string ipaccess_idtag_vals[] = {
+    { 0x00,        "Serial Number" },
+    { 0x01,        "Unit Name" },
+    { 0x02,        "Location" },
+    { 0x04,        "Equipment Version" },
+    { 0x05,        "Software Version" },
+    { 0x06,        "IP Address" },
+    { 0x07,        "MAC Address" },
+    { 0x08,        "Unit ID" },
+};
+
+static gint
+dissect_ipa_attr(tvbuff_t *tvb, int base_offs, proto_tree *tree)
+{
+    guint8 len, tag, attr_type;
+
+    int offset = base_offs;
+
+    while (tvb_reported_length_remaining(tvb, offset) != 0) {
+        attr_type = tvb_get_guint8(tvb, offset);
+
+        switch (attr_type) {
+        case 0x00:    /* a string prefixed by its length */
+            len = tvb_get_guint8(tvb, offset+1);
+            tag = tvb_get_guint8(tvb, offset+2);
+            proto_tree_add_item(tree, hf_ipaccess_attr_tag,
+                        tvb, offset+2, 1, FALSE);
+            proto_tree_add_item(tree, hf_ipaccess_attr_string,
+                        tvb, offset+3, len-1, FALSE);
+            break;
+        case 0x01:    /* a single-byte reqest for a certain attr */
+            len = 0;
+            proto_tree_add_item(tree, hf_ipaccess_attr_tag,
+                        tvb, offset+1, 1, FALSE);
+            break;
+        };
+        offset += len + 2;
+    };
+    return offset;
+}
+
+/* Dissect an ip.access specific message */
+static gint
+dissect_ipaccess(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+{
+    proto_item *ti;
+    proto_tree *ipaccess_tree;
+    guint8 msg_type;
+
+    msg_type = tvb_get_guint8(tvb, 0);
+
+    if (check_col(pinfo->cinfo, COL_INFO))
+        col_append_fstr(pinfo->cinfo, COL_INFO, "%s ",
+                val_to_str(msg_type, ipaccess_msgtype_vals,
+                       "unknown 0x%02x"));
+    if (tree) {
+ ti = proto_tree_add_item(tree, proto_ipaccess, tvb, 0, -1, FALSE);
+        ipaccess_tree = proto_item_add_subtree(ti, ett_ipaccess);
+        proto_tree_add_item(ipaccess_tree, hf_ipaccess_msgtype,
+                    tvb, 0, 1, FALSE);
+        switch (msg_type) {
+        case 4:
+        case 5:
+            dissect_ipa_attr(tvb, 1, ipaccess_tree);
+            break;
+        }
+    }
+
+    return 1;
+}
+
+
+/* Code to actually dissect the packets */
+static void
+dissect_abisip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+{
+
+    int offset = 0;
+
+    if (check_col(pinfo->cinfo, COL_PROTOCOL))
+        col_set_str(pinfo->cinfo, COL_PROTOCOL, "Abis/IP");
+    if (check_col(pinfo->cinfo, COL_INFO))
+        col_clear(pinfo->cinfo, COL_INFO);
+
+    while (tvb_reported_length_remaining(tvb, offset) != 0) {
+        proto_item *ti;
+        proto_tree *abisip_tree;
+        guint8 len, msg_type;
+        tvbuff_t *next_tvb;
+
+        len = tvb_get_guint8(tvb, offset+1);
+        msg_type = tvb_get_guint8(tvb, offset+2);
+
+        if (check_col(pinfo->cinfo, COL_INFO))
+            col_append_fstr(pinfo->cinfo, COL_INFO, "%s ",
+                     val_to_str(msg_type, abisip_protocol_vals,
+                           "unknown 0x%02x"));
+
+        if (tree) {
+            ti = proto_tree_add_protocol_format(tree, proto_abisip,
+                    tvb, offset, len+3,
+                    "A-bis/IP protocol ip.access, type: %s",
+                    val_to_str(msg_type, abisip_protocol_vals,
+                           "unknown 0x%02x"));
+            abisip_tree = proto_item_add_subtree(ti, ett_abisip);
+            proto_tree_add_item(abisip_tree, hf_abisip_data_len,
+                        tvb, offset+1, 1, FALSE);
+            proto_tree_add_item(abisip_tree, hf_abisip_protocol,
+                        tvb, offset+2, 1, FALSE);
+        }
+
+        next_tvb = tvb_new_subset(tvb, offset+3, len, len);
+
+        switch (msg_type) {
+        case ABISIP_RSL:
+            /* hand this off to the standard A-bis RSL dissector */
+ call_dissector(sub_handles[SUB_RSL], next_tvb, pinfo, tree);
+            break;
+        case ABISIP_OML:
+            /* hand this off to the standard A-bis OML dissector */
+            if (sub_handles[SUB_OML])
+                call_dissector(sub_handles[SUB_OML], next_tvb,
+                         pinfo, tree);
+            break;
+        case ABISIP_IPACCESS:
+            dissect_ipaccess(next_tvb, pinfo, tree);
+            break;
+        }
+        offset += len + 3;
+    }
+}
+
+void proto_register_abis_ip(void)
+{
+    static hf_register_info hf[] = {
+        {&hf_abisip_data_len,
+         {"DataLen", "abisip.data_len",
+          FT_UINT8, BASE_DEC, NULL, 0x0,
+          "The length of the data (in bytes)", HFILL}
+         },
+        {&hf_abisip_protocol,
+         {"Protocol", "abisip.protocol",
+          FT_UINT8, BASE_HEX, VALS(abisip_protocol_vals), 0x0,
+          "The A-bis/IP Sub-Protocol", HFILL}
+         },
+    };
+    static hf_register_info hf_ipa[] = {
+        {&hf_ipaccess_msgtype,
+         {"MessageType", "ipaccess.msg_type",
+          FT_UINT8, BASE_HEX, VALS(ipaccess_msgtype_vals), 0x0,
+          "Type of ip.access messsage", HFILL}
+         },
+        {&hf_ipaccess_attr_tag,
+         {"Tag", "ipaccess.attr_tag",
+          FT_UINT8, BASE_HEX, VALS(ipaccess_idtag_vals), 0x0,
+          "Attribute Tag", HFILL}
+         },
+        {&hf_ipaccess_attr_string,
+         {"String", "ipaccess.attr_string",
+          FT_STRING, BASE_NONE, NULL, 0x0,
+          "String attribute", HFILL}
+         },
+    };
+
+    static gint *ett[] = {
+        &ett_abisip,
+        &ett_ipaccess,
+    };
+
+    proto_abisip =
+ proto_register_protocol("GSM A-bis/IP protocol as used by ip.access",
+                    "GSM A-bis/IP", "gsm_abis_ip");
+    proto_ipaccess =
+ proto_register_protocol("GSM A-bis/IP ip.access CCM sub- protocol",
+                    "IPA", "ipaccess");
+
+    proto_register_field_array(proto_abisip, hf, array_length(hf));
+ proto_register_field_array(proto_ipaccess, hf_ipa, array_length (hf_ipa));
+    proto_register_subtree_array(ett, array_length(ett));
+
+    register_dissector("gsm_abis_ip", dissect_abisip, proto_abisip);
+}
+
+void proto_reg_handoff_gsm_abis_ip(void)
+{
+    dissector_handle_t abisip_handle;
+
+    sub_handles[SUB_RSL] = find_dissector("gsm_abis_rsl");
+    sub_handles[SUB_OML] = find_dissector("gsm_abis_oml");
+
+ abisip_handle = create_dissector_handle(dissect_abisip, proto_abisip);
+    dissector_add("tcp.port", TCP_PORT_ABISIP_PRIM, abisip_handle);
+    dissector_add("tcp.port", TCP_PORT_ABISIP_SEC, abisip_handle);
+    dissector_add("tcp.port", TCP_PORT_ABISIP_INST, abisip_handle);
+    dissector_add("udp.port", TCP_PORT_ABISIP_INST, abisip_handle);
+}

--
- Harald Welte <laforge@xxxxxxxxxxxx>           http://laforge.gnumonks.org/
=== === ======================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
___________________________________________________________________________


Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx? subject=unsubscribe