Ethereal-dev: [Ethereal-dev] [PATCH] Kismet protocol dissector
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: "Krzysztof Burghardt" <krzysztof@xxxxxxxxxxxx>
Date: Wed, 12 Jul 2006 12:49:12 +0200 (CEST)
Hello, I made Kismet protocol dissector for Ethereal for Client/Server protocol. Kismet Drone/Server protocol still needs separate dissector, because it uses different protocol. Patch for current SVN revision (e.g. 18189) attached. More information, including protocol traces can be found here: http://www.burghardt.pl/wiki/software/kismet_protocol_dissector_for_ethereal Regards, -- Krzysztof Burghardt <krzysztof@xxxxxxxxxxxx> http://www.burghardt.pl/
Index: epan/dissectors/packet-kismet.c
===================================================================
--- epan/dissectors/packet-kismet.c (revision 0)
+++ epan/dissectors/packet-kismet.c (revision 0)
@@ -0,0 +1,281 @@
+/* packet-kismet.c
+ * Routines for kismet packet dissection
+ * Copyright 2006, Krzysztof Burghardt <krzysztof@xxxxxxxxxxxx>
+ *
+ * $Id$
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@xxxxxxxxxxxx>
+ * Copyright 1998 Gerald Combs
+ *
+ * Copied from packet-pop.c
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdio.h>
+
+#include <string.h>
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/strutil.h>
+
+static int proto_kismet = -1;
+static int hf_kismet_response = -1;
+static int hf_kismet_request = -1;
+
+static gint ett_kismet = -1;
+static gint ett_kismet_reqresp = -1;
+
+static dissector_handle_t data_handle;
+
+#define TCP_PORT_KISMET 2501
+
+static gboolean response_is_continuation (const guchar * data);
+
+static void
+dissect_kismet (tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree)
+{
+ gboolean is_request;
+ gboolean is_continuation;
+ proto_tree *kismet_tree, *reqresp_tree;
+ proto_item *ti;
+ gint offset = 0;
+ const guchar *line;
+ gint next_offset;
+ int linelen;
+ int tokenlen;
+ const guchar *next_token;
+
+ if (check_col (pinfo->cinfo, COL_PROTOCOL))
+ col_set_str (pinfo->cinfo, COL_PROTOCOL, "kismet");
+
+ /*
+ * Find the end of the first line.
+ *
+ * Note that "tvb_find_line_end()" will return a value that is
+ * not longer than what's in the buffer, so the "tvb_get_ptr()"
+ * call won't throw an exception.
+ */
+ linelen = tvb_find_line_end (tvb, offset, -1, &next_offset, FALSE);
+ line = tvb_get_ptr (tvb, offset, linelen);
+
+ if (pinfo->match_port == pinfo->destport)
+ {
+ is_request = TRUE;
+ is_continuation = FALSE;
+ }
+ else
+ {
+ is_request = FALSE;
+ is_continuation = response_is_continuation (line);
+ }
+
+ if (check_col (pinfo->cinfo, COL_INFO))
+ {
+ /*
+ * Put the first line from the buffer into the summary
+ * if it's a kismet request or reply (but leave out the
+ * line terminator).
+ * Otherwise, just call it a continuation.
+ */
+ if (is_continuation)
+ col_set_str (pinfo->cinfo, COL_INFO, "Continuation");
+ else
+ col_add_fstr (pinfo->cinfo, COL_INFO, "%s: %s",
+ is_request ? "Request" : "Response",
+ format_text (line, linelen));
+ }
+
+ if (tree)
+ {
+ ti = proto_tree_add_item (tree, proto_kismet, tvb, offset, -1, FALSE);
+ kismet_tree = proto_item_add_subtree (ti, ett_kismet);
+
+ if (is_continuation)
+ {
+ /*
+ * Put the whole packet into the tree as data.
+ */
+ call_dissector (data_handle, tvb, pinfo, kismet_tree);
+ return;
+ }
+
+ if (is_request)
+ {
+ proto_tree_add_boolean_hidden (kismet_tree,
+ hf_kismet_request, tvb, 0, 0, TRUE);
+ }
+ else
+ {
+ proto_tree_add_boolean_hidden (kismet_tree,
+ hf_kismet_response, tvb, 0, 0, TRUE);
+ }
+
+ while (tvb_offset_exists (tvb, offset))
+ {
+ /*
+ * Find the end of the line.
+ */
+ linelen = tvb_find_line_end (tvb, offset, -1, &next_offset, FALSE);
+
+ if (linelen)
+ {
+ /*
+ * Put this line.
+ */
+ ti = proto_tree_add_text (kismet_tree, tvb, offset,
+ next_offset - offset, "%s",
+ tvb_format_text (tvb, offset,
+ next_offset -
+ offset - 1));
+ reqresp_tree = proto_item_add_subtree (ti, ett_kismet_reqresp);
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ if (tokenlen != 0)
+ {
+ guint8 *reqresp;
+ reqresp = tvb_get_string (tvb, offset, tokenlen);
+ if (is_request)
+ {
+ /*
+ * No request dissection
+ */
+ }
+ else
+ {
+ /*
+ * *KISMET: {Version} {Start time} \001{Server name}\001 {Build Revision}
+ * two fields left undocumented: {1} {ExtendedVersion}
+ */
+ if (strncmp (reqresp, "*KISMET", strlen ("*KISMET")) == 0)
+ {
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Kismet version: %s",
+ format_text (line, tokenlen));
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Start time: %s",
+ format_text (line, tokenlen));
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Server name: %s",
+ format_text (line + 1, tokenlen - 2));
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Build revision: %s",
+ format_text (line, tokenlen));
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Extended version string: %s",
+ format_text (line, tokenlen));
+ }
+ /*
+ * *TIME: {Time}
+ */
+ if (strncmp (reqresp, "*TIME", strlen ("*TIME")) == 0)
+ {
+ time_t t;
+ char *ptr;
+
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+
+ /*
+ * Convert form ascii to time_t
+ */
+ t = atoi (format_text (line, tokenlen));
+
+ /*
+ * Format ascii representation of time
+ */
+ ptr = ctime (&t);
+ /*
+ * Delete final '\n'
+ */
+ ptr[strlen(ptr) - 1] = 0;
+
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Time: %s", ptr);
+ }
+ g_free(reqresp);
+ }
+ offset += next_token - line; linelen -= next_token - line; line = next_token;
+ }
+ }
+ offset = next_offset;
+ }
+ }
+}
+
+static gboolean
+response_is_continuation (const guchar * data)
+{
+ if (strncmp (data, "*", strlen ("*")) == 0)
+ return FALSE;
+
+ if (strncmp (data, "!", strlen ("!")) == 0)
+ return FALSE;
+
+ return TRUE;
+}
+
+void
+proto_register_kismet (void)
+{
+
+ static hf_register_info hf[] = {
+ {&hf_kismet_response,
+ {"Response", "kismet.response",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "TRUE if kismet response", HFILL}},
+
+ {&hf_kismet_request,
+ {"Request", "kismet.request",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "TRUE if kismet request", HFILL}}
+ };
+ static gint *ett[] = {
+ &ett_kismet,
+ &ett_kismet_reqresp,
+ };
+
+ proto_kismet =
+ proto_register_protocol ("Kismet Client/Server Protocol", "kismet",
+ "kismet");
+ proto_register_field_array (proto_kismet, hf, array_length (hf));
+ proto_register_subtree_array (ett, array_length (ett));
+}
+
+void
+proto_reg_handoff_kismet (void)
+{
+ dissector_handle_t kismet_handle;
+
+ kismet_handle = create_dissector_handle (dissect_kismet, proto_kismet);
+ dissector_add ("tcp.port", TCP_PORT_KISMET, kismet_handle);
+ data_handle = find_dissector ("data");
+}
Index: epan/dissectors/Makefile.common
===================================================================
--- epan/dissectors/Makefile.common (revision 18189)
+++ epan/dissectors/Makefile.common (working copy)
@@ -394,6 +394,7 @@
packet-kerberos4.c \
packet-klm.c \
packet-kink.c \
+ packet-kismet.c \
packet-kpasswd.c \
packet-l2tp.c \
packet-lapb.c \_______________________________________________ Ethereal-dev mailing list Ethereal-dev@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-dev
- Follow-Ups:
- [Ethereal-dev] Re: Kismet protocol dissector
- From: ronnie sahlberg
- [Ethereal-dev] Re: Kismet protocol dissector
- Prev by Date: Re: [Ethereal-dev] ethereal build plugin.c problem
- Next by Date: [Ethereal-dev] Re: Kismet protocol dissector
- Previous by thread: Re: [Ethereal-dev] ethereal build plugin.c problem
- Next by thread: [Ethereal-dev] Re: Kismet protocol dissector
- Index(es):
