Ethereal-dev: [ethereal-dev] prelim support for NTP
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Nathan Neulinger <nneul@xxxxxxx>
Date: Wed, 13 Oct 1999 23:42:08 -0500
This adds initial dissector support for NTP. Still need to add a bitfield for the flags, and possibly further process the floating point fields, but this is a start. At the moment, everything is just split into bytes. A patch and two files are attached. -- Nathan ------------------------------------------------------------ Nathan Neulinger EMail: nneul@xxxxxxx University of Missouri - Rolla Phone: (573) 341-4841 Computing Services Fax: (573) 341-4216
Index: AUTHORS
===================================================================
RCS file: /cvsroot/ethereal/AUTHORS,v
retrieving revision 1.39
diff -u -r1.39 AUTHORS
--- AUTHORS 1999/10/14 01:28:30 1.39
+++ AUTHORS 1999/10/14 04:25:12
@@ -140,6 +140,7 @@
Nathan Neulinger <nneul@xxxxxxx> {
Yahoo messenger and pager protocol support
+ NTP (Network Time Protocol) support
}
Alain Magloire <alainm@xxxxxxxxxxxxxxxxxx> was kind enough to
Index: Makefile.am
===================================================================
RCS file: /cvsroot/ethereal/Makefile.am,v
retrieving revision 1.83
diff -u -r1.83 Makefile.am
--- Makefile.am 1999/10/14 01:28:27 1.83
+++ Makefile.am 1999/10/14 04:25:12
@@ -92,6 +92,8 @@
packet-netbios.c \
packet-netbios.h \
packet-nntp.c \
+ packet-ntp.c \
+ packet-ntp.h \
packet-null.c \
packet-osi.c \
packet-ospf.c \
Index: packet-tcp.c
===================================================================
RCS file: /cvsroot/ethereal/packet-tcp.c,v
retrieving revision 1.35
diff -u -r1.35 packet-tcp.c
--- packet-tcp.c 1999/10/14 01:28:26 1.35
+++ packet-tcp.c 1999/10/14 04:25:17
@@ -76,6 +76,7 @@
#define TCP_PORT_HTTP 80
#define TCP_PORT_POP 110
#define TCP_PORT_NNTP 119
+#define TCP_PORT_NTP 123
#define TCP_PORT_NBSS 139
#define TCP_PORT_PRINTER 515
#define TCP_ALT_PORT_HTTP 8080
@@ -485,8 +486,10 @@
pi.match_port = TCP_PORT_POP;
dissect_pop(pd, offset, fd, tree);
} else if (PORT_IS(TCP_PORT_NNTP)) {
- pi.match_port = TCP_PORT_NNTP;
dissect_nntp(pd, offset, fd, tree);
+ } else if (PORT_IS(TCP_PORT_NTP)) {
+ pi.match_port = TCP_PORT_NTP;
+ dissect_ntp(pd, offset, fd, tree);
} else if (PORT_IS(TCP_PORT_PPTP)) {
pi.match_port = TCP_PORT_PPTP;
dissect_pptp(pd, offset, fd, tree);
Index: packet-udp.c
===================================================================
RCS file: /cvsroot/ethereal/packet-udp.c,v
retrieving revision 1.27
diff -u -r1.27 packet-udp.c
--- packet-udp.c 1999/10/12 23:12:03 1.27
+++ packet-udp.c 1999/10/14 04:25:17
@@ -66,6 +66,7 @@
#define UDP_PORT_BOOTPS 67
#define UDP_PORT_TFTP 69
#define UDP_PORT_IPX 213
+#define UDP_PORT_NTP 123
#define UDP_PORT_NBNS 137
#define UDP_PORT_NBDGM 138
#define UDP_PORT_SNMP 161
@@ -238,6 +239,8 @@
dissect_nbns(pd, offset, fd, tree);
else if (PORT_IS(UDP_PORT_NBDGM))
dissect_nbdgm(pd, offset, fd, tree);
+ else if (PORT_IS(UDP_PORT_NTP))
+ dissect_ntp(pd, offset, fd, tree);
else if (PORT_IS(UDP_PORT_IPX)) /* RFC 1234 */
dissect_ipx(pd, offset, fd, tree);
#if defined(HAVE_UCD_SNMP_SNMP_H) || defined(HAVE_SNMP_SNMP_H)
Index: packet.h
===================================================================
RCS file: /cvsroot/ethereal/packet.h,v
retrieving revision 1.107
diff -u -r1.107 packet.h
--- packet.h 1999/10/14 01:28:28 1.107
+++ packet.h 1999/10/14 04:25:22
@@ -270,6 +270,8 @@
ETT_TELNET,
ETT_TELNET_SUBOPT,
ETT_NNTP,
+ ETT_NTP,
+ ETT_NTP_FLAGS,
ETT_SNMP,
ETT_NBSS,
ETT_NBSS_FLAGS,
Index: proto.c
===================================================================
RCS file: /cvsroot/ethereal/proto.c,v
retrieving revision 1.41
diff -u -r1.41 proto.c
--- proto.c 1999/10/14 01:28:29 1.41
+++ proto.c 1999/10/14 04:25:28
@@ -138,6 +138,7 @@
void proto_register_ncp(void);
void proto_register_netbios(void);
void proto_register_nntp(void);
+void proto_register_ntp(void);
void proto_register_null(void);
void proto_register_ospf(void);
void proto_register_pim(void);
@@ -256,6 +257,7 @@
proto_register_ncp();
proto_register_netbios();
proto_register_nntp();
+ proto_register_ntp();
proto_register_null();
proto_register_ospf();
proto_register_pim();
/* packet-ntp.c
* Routines for NTP packet dissection
* Copyright 1999, Nathan Neulinger <nneul@xxxxxxx>
*
* $Id: packet-ntp.c,v 1.1 1999/10/14 01:28:25 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@xxxxxxxxxx>
* Copyright 1998 Gerald Combs
*
* Copied from packet-tftp.c
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#include <string.h>
#include <glib.h>
#include "packet.h"
#include "packet-ntp.h"
static int proto_ntp = -1;
static int hf_ntp_flags = -1;
static int hf_ntp_stratum = -1;
static int hf_ntp_ppoll = -1;
static int hf_ntp_precision = -1;
static int hf_ntp_rootdelay = -1;
static int hf_ntp_rootdispersion = -1;
static int hf_ntp_refid = -1;
static int hf_ntp_reftime = -1;
static int hf_ntp_org = -1;
static int hf_ntp_rec = -1;
static int hf_ntp_xmt = -1;
static int hf_ntp_keyid = -1;
static int hf_ntp_mac = -1;
void
dissect_ntp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
{
proto_tree *ntp_tree, *ti;
struct ntp_packet *pkt;
/* get at least a full packet structure */
if ( !BYTES_ARE_IN_FRAME(offset, 48) ) /* 48 without keyid or mac */
return;
pkt = (struct ntp_packet *) &pd[offset];
if (check_col(fd, COL_PROTOCOL))
col_add_str(fd, COL_PROTOCOL, "NTP");
if (check_col(fd, COL_INFO))
col_add_str(fd, COL_INFO, "NTP");
if (tree) {
ti = proto_tree_add_item(tree, proto_ntp, offset, END_OF_FRAME, NULL);
ntp_tree = proto_item_add_subtree(ti, ETT_NTP);
proto_tree_add_item(ntp_tree, hf_ntp_flags, offset, 1, pkt->flags);
proto_tree_add_item(ntp_tree, hf_ntp_stratum, offset+1, 1, pkt->stratum);
proto_tree_add_item(ntp_tree, hf_ntp_ppoll, offset+2, 1, pkt->ppoll);
proto_tree_add_item(ntp_tree, hf_ntp_precision, offset+3, 1, pkt->precision);
proto_tree_add_item(ntp_tree, hf_ntp_rootdelay, offset+4, 4, pkt->rootdelay);
proto_tree_add_item(ntp_tree, hf_ntp_rootdispersion, offset+8, 4, pkt->rootdispersion);
proto_tree_add_item(ntp_tree, hf_ntp_refid, offset+12, 4, pkt->refid);
proto_tree_add_item(ntp_tree, hf_ntp_reftime, offset+16, 8, pkt->reftime);
proto_tree_add_item(ntp_tree, hf_ntp_org, offset+24, 8, pkt->org);
proto_tree_add_item(ntp_tree, hf_ntp_rec, offset+32, 8, pkt->rec);
proto_tree_add_item(ntp_tree, hf_ntp_xmt, offset+40, 8, pkt->xmt);
if ( BYTES_ARE_IN_FRAME(offset, 50) )
proto_tree_add_item(ntp_tree, hf_ntp_keyid, offset+48, 4, pkt->keyid);
if ( BYTES_ARE_IN_FRAME(offset, 53) )
proto_tree_add_item(ntp_tree, hf_ntp_mac, offset+52, END_OF_FRAME, pkt->mac);
}
}
void
proto_register_ntp(void)
{
static hf_register_info hf[] = {
{ &hf_ntp_flags, {
"Flags", "ntp.flags", FT_BYTES, BASE_HEX,
NULL, 0, "Flags (Leap/Version/Mode)" }},
{ &hf_ntp_stratum, {
"Peer Clock Stratum", "ntp.stratum", FT_BYTES, BASE_HEX,
NULL, 0, "Peer Clock Stratum" }},
{ &hf_ntp_ppoll, {
"Peer Polling Interval", "ntp.ppoll", FT_BYTES, BASE_HEX,
NULL, 0, "Peer Polling Interval" }},
{ &hf_ntp_precision, {
"Peer Clock Precision", "ntp.precision", FT_BYTES, BASE_HEX,
NULL, 0, "Peer Clock Precision" }},
{ &hf_ntp_rootdelay, {
"Distance to Primary", "ntp.rootdelay", FT_BYTES, BASE_HEX,
NULL, 0, "Distance to Primary" }},
{ &hf_ntp_rootdispersion, {
"Clock Dispersion", "ntp.rootdispersion", FT_BYTES, BASE_HEX,
NULL, 0, "Clock Dispersion" }},
{ &hf_ntp_refid, {
"Reference Clock ID", "ntp.refid", FT_BYTES, BASE_HEX,
NULL, 0, "Reference Clock ID" }},
{ &hf_ntp_reftime, {
"Reference Clock Update Time", "ntp.reftime", FT_BYTES, BASE_HEX,
NULL, 0, "Reference Clock Update Time" }},
{ &hf_ntp_org, {
"Originate Time Stamp", "ntp.org", FT_BYTES, BASE_HEX,
NULL, 0, "Originate Time Stamp" }},
{ &hf_ntp_rec, {
"Receive Time Stamp", "ntp.rec", FT_BYTES, BASE_HEX,
NULL, 0, "Receive Time Stamp" }},
{ &hf_ntp_xmt, {
"Transmit Time Stamp", "ntp.xmt", FT_BYTES, BASE_HEX,
NULL, 0, "Transmit Time Stamp" }},
{ &hf_ntp_keyid, {
"Key ID", "ntp.keyid", FT_BYTES, BASE_HEX,
NULL, 0, "Key ID" }},
{ &hf_ntp_mac, {
"Message Authentication Code", "ntp.mac", FT_BYTES, BASE_HEX,
NULL, 0, "Message Authentication Code" }},
};
proto_ntp = proto_register_protocol("Network Time Protocol", "ntp");
proto_register_field_array(proto_ntp, hf, array_length(hf));
}
/* packet-ntp.h
* Definitions for packet disassembly structures and routines
*
* $Id$
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@xxxxxxxx>
* Copyright 1998 Gerald Combs
* Joerg Mayer <jmayer@xxxxxxxxxxxxx>
*
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* This is from yahoolib.h from gtkyahoo */
#ifndef PACKET_NTP_H
#define PACKET_NTP_H
/* packet structure based on one in xntp package */
/* to satisfy it's requirements, even though the code isn't copied
directly: */
/***********************************************************************
* *
* Copyright (c) David L. Mills 1992, 1993, 1994, 1995, 1996 *
* *
* Permission to use, copy, modify, and distribute this software and *
* its documentation for any purpose and without fee is hereby *
* granted, provided that the above copyright notice appears in all *
* copies and that both the copyright notice and this permission *
* notice appear in supporting documentation, and that the name *
* University of Delaware not be used in advertising or publicity *
* pertaining to distribution of the software without specific, *
* written prior permission. The University of Delaware makes no *
* representations about the suitability this software for any *
* purpose. It is provided "as is" without express or implied *
* warranty. *
**********************************************************************/
struct ntp_packet
{
unsigned char flags[1]; /* leap indicator, version and mode */ /* 0 */
unsigned char stratum[1]; /* peer's stratum */
unsigned char ppoll[1]; /* the peer polling interval */
char precision[1]; /* peer clock precision */
unsigned char rootdelay[4]; /* distance to primary clock */ /* 4 */
unsigned char rootdispersion[4]; /* clock dispersion */ /* 8 */
unsigned char refid[4]; /* reference clock ID */ /* 12-15 */
unsigned char reftime[8]; /* time peer clock was last updated */ /* 16-23 */
unsigned char org[8]; /* originate time stamp */ /* 24 */
unsigned char rec[8]; /* receive time stamp */ /* 32 */
unsigned char xmt[8]; /* transmit time stamp */
unsigned char keyid[4]; /* key identification */ /* 48 */
unsigned char mac[16]; /* message-authentication code */ /* 52 - 60 */
/* can also be 16, if MD5 instead of DES */
};
#endif
- Follow-Ups:
- Re: [ethereal-dev] prelim support for NTP
- From: Guy Harris
- Re: [ethereal-dev] prelim support for NTP
- Prev by Date: Re: [ethereal-dev] inet_pton() and AF_INET6
- Next by Date: Re: [ethereal-dev] prelim support for NTP
- Previous by thread: Re: [ethereal-dev] inet_pton() and AF_INET6
- Next by thread: Re: [ethereal-dev] prelim support for NTP
- Index(es):
