Ethereal-dev: [Ethereal-dev] Re: Kismet protocol dissector
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: "Krzysztof Burghardt" <krzysztof@xxxxxxxxxxxx>
Date: Thu, 13 Jul 2006 10:30:14 +0200 (CEST)
> However, port 2501 is registered for the rtsclient protocol and unless > kismet is the same as rtsclient > it would be incorrect to refer to this as a well-known port for kismet. > further down on the page the port is referred to as the default port? So this is probably not a registered port. I think it was assigned by Kismet's author. > if it is a default port you should add the port as a preference setting > which defaults to 2501 but can be changed by the user. Yes, users can change port. I made it a preference. > Kismet is an ASCII based protocol? Yes, it is. > If so you may check that the first 8 bytes of the tvb (if there are 8 > bytes or more) are actual ascii values >32 <128 ? Done. > You have a lot of > offset += next_token - line; linelen -= next_token - line; line = next_token; > can you break these up to one assignment/statement per row and add a blank All done. Patch attached. Regards, -- Krzysztof Burghardt <krzysztof@xxxxxxxxxxxx> http://www.burghardt.pl/
Index: epan/dissectors/packet-kismet.c
===================================================================
--- epan/dissectors/packet-kismet.c (revision 0)
+++ epan/dissectors/packet-kismet.c (revision 0)
@@ -0,0 +1,361 @@
+/* packet-kismet.c
+ * Routines for kismet packet dissection
+ * Copyright 2006, Krzysztof Burghardt <krzysztof@xxxxxxxxxxxx>
+ *
+ * $Id$
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@xxxxxxxxxxxx>
+ * Copyright 1998 Gerald Combs
+ *
+ * Copied from packet-pop.c
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdio.h>
+
+#include <string.h>
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/strutil.h>
+#include <epan/prefs.h>
+
+static int proto_kismet = -1;
+static int hf_kismet_response = -1;
+static int hf_kismet_request = -1;
+
+static gint ett_kismet = -1;
+static gint ett_kismet_reqresp = -1;
+
+static dissector_handle_t data_handle;
+
+#define TCP_PORT_KISMET 2501
+
+static guint global_kismet_tcp_port = TCP_PORT_KISMET;
+static guint tcp_port = 0;
+
+static gboolean response_is_continuation (const guchar * data);
+void proto_reg_handoff_kismet (void);
+void proto_register_kismet (void);
+
+static gboolean
+dissect_kismet (tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree)
+{
+ gboolean is_request;
+ gboolean is_continuation;
+ proto_tree *kismet_tree, *reqresp_tree;
+ proto_item *ti;
+ proto_item *tmp_item;
+ gint offset = 0;
+ const guchar *line;
+ gint next_offset;
+ int linelen;
+ int tokenlen;
+ int i;
+ const guchar *next_token;
+
+ if (check_col (pinfo->cinfo, COL_PROTOCOL))
+ col_set_str (pinfo->cinfo, COL_PROTOCOL, "kismet");
+
+ /*
+ * Find the end of the first line.
+ *
+ * Note that "tvb_find_line_end()" will return a value that is
+ * not longer than what's in the buffer, so the "tvb_get_ptr()"
+ * call won't throw an exception.
+ */
+ linelen = tvb_find_line_end (tvb, offset, -1, &next_offset, FALSE);
+ line = tvb_get_ptr (tvb, offset, linelen);
+
+ /*
+ * Check if it is an ASCII based protocol with reasonable length
+ * packets, if not return, and try annother dissector.
+ */
+ if (linelen < 8)
+ {
+ /*
+ * Packet is too short
+ */
+ return FALSE;
+ }
+ else
+ {
+ for (i = 0; i < 8; ++i)
+ {
+ /*
+ * Packet contains non-ASCII data
+ */
+ if (line[i] < 32 || line[i] > 128)
+ return FALSE;
+ }
+ }
+
+ if (pinfo->match_port == pinfo->destport)
+ {
+ is_request = TRUE;
+ is_continuation = FALSE;
+ }
+ else
+ {
+ is_request = FALSE;
+ is_continuation = response_is_continuation (line);
+ }
+
+ if (check_col (pinfo->cinfo, COL_INFO))
+ {
+ /*
+ * Put the first line from the buffer into the summary
+ * if it's a kismet request or reply (but leave out the
+ * line terminator).
+ * Otherwise, just call it a continuation.
+ */
+ if (is_continuation)
+ col_set_str (pinfo->cinfo, COL_INFO, "Continuation");
+ else
+ col_add_fstr (pinfo->cinfo, COL_INFO, "%s: %s",
+ is_request ? "Request" : "Response",
+ format_text (line, linelen));
+ }
+
+ if (tree)
+ {
+ ti = proto_tree_add_item (tree, proto_kismet, tvb, offset, -1, FALSE);
+ kismet_tree = proto_item_add_subtree (ti, ett_kismet);
+
+ if (is_continuation)
+ {
+ /*
+ * Put the whole packet into the tree as data.
+ */
+ call_dissector (data_handle, tvb, pinfo, kismet_tree);
+ return TRUE;
+ }
+
+ if (is_request)
+ {
+ tmp_item = proto_tree_add_boolean (kismet_tree,
+ hf_kismet_request, tvb, 0, 0, TRUE);
+ }
+ else
+ {
+ tmp_item = proto_tree_add_boolean (kismet_tree,
+ hf_kismet_response, tvb, 0, 0, TRUE);
+ }
+ PROTO_ITEM_SET_GENERATED(tmp_item);
+
+ while (tvb_offset_exists (tvb, offset))
+ {
+ /*
+ * Find the end of the line.
+ */
+ linelen = tvb_find_line_end (tvb, offset, -1, &next_offset, FALSE);
+
+ if (linelen)
+ {
+ /*
+ * Put this line.
+ */
+ ti = proto_tree_add_text (kismet_tree, tvb, offset,
+ next_offset - offset, "%s",
+ tvb_format_text (tvb, offset,
+ next_offset -
+ offset - 1));
+ reqresp_tree = proto_item_add_subtree (ti, ett_kismet_reqresp);
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ if (tokenlen != 0)
+ {
+ guint8 *reqresp;
+ reqresp = tvb_get_ephemeral_string (tvb, offset, tokenlen);
+ if (is_request)
+ {
+ /*
+ * No request dissection
+ */
+ }
+ else
+ {
+ /*
+ * *KISMET: {Version} {Start time} \001{Server name}\001 {Build Revision}
+ * two fields left undocumented: {???} {?ExtendedVersion?}
+ */
+ if (strncmp (reqresp, "*KISMET", strlen ("*KISMET")) == 0)
+ {
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Kismet version: %s",
+ format_text (line, tokenlen));
+
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Start time: %s",
+ format_text (line, tokenlen));
+
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Server name: %s",
+ format_text (line + 1, tokenlen - 2));
+
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Build revision: %s",
+ format_text (line, tokenlen));
+
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Unknown field: %s",
+ format_text (line, tokenlen));
+
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Extended version string: %s",
+ format_text (line, tokenlen));
+ }
+ /*
+ * *TIME: {Time}
+ */
+ if (strncmp (reqresp, "*TIME", strlen ("*TIME")) == 0)
+ {
+ time_t t;
+ char *ptr;
+
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ tokenlen = get_token_len (line, line + linelen, &next_token);
+
+ /*
+ * Convert form ascii to time_t
+ */
+ t = atoi (format_text (line, tokenlen));
+
+ /*
+ * Format ascii representation of time
+ */
+ ptr = ctime (&t);
+ /*
+ * Delete final '\n'
+ */
+ ptr[strlen(ptr) - 1] = 0;
+
+ proto_tree_add_text (reqresp_tree, tvb, offset,
+ tokenlen, "Time: %s", ptr);
+ }
+ }
+ offset += next_token - line;
+ linelen -= next_token - line;
+ line = next_token;
+ }
+ }
+ offset = next_offset;
+ }
+ }
+ return TRUE;
+}
+
+static gboolean
+response_is_continuation (const guchar * data)
+{
+ if (strncmp (data, "*", strlen ("*")) == 0)
+ return FALSE;
+
+ if (strncmp (data, "!", strlen ("!")) == 0)
+ return FALSE;
+
+ return TRUE;
+}
+
+void
+proto_register_kismet (void)
+{
+
+ static hf_register_info hf[] = {
+ {&hf_kismet_response,
+ {"Response", "kismet.response",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "TRUE if kismet response", HFILL}},
+
+ {&hf_kismet_request,
+ {"Request", "kismet.request",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "TRUE if kismet request", HFILL}}
+ };
+ static gint *ett[] = {
+ &ett_kismet,
+ &ett_kismet_reqresp,
+ };
+ module_t *kismet_module;
+
+ proto_kismet =
+ proto_register_protocol ("Kismet Client/Server Protocol", "Kismet",
+ "kismet");
+ proto_register_field_array (proto_kismet, hf, array_length (hf));
+ proto_register_subtree_array (ett, array_length (ett));
+
+ /* Register our configuration options for Kismet, particularly our port */
+
+ kismet_module = prefs_register_protocol(proto_kismet, proto_reg_handoff_kismet);
+
+ prefs_register_uint_preference(kismet_module, "tcp.port", "Kismet Server TCP Port",
+ "Set the port for Kismet Client/Server messages (if other"
+ " than the default of 2501)",
+ 10, &global_kismet_tcp_port);
+}
+
+void
+proto_reg_handoff_kismet (void)
+{
+ static int kismet_prefs_initialized = FALSE;
+ static dissector_handle_t kismet_handle;
+
+ if (!kismet_prefs_initialized)
+ {
+ kismet_handle = new_create_dissector_handle(dissect_kismet, proto_kismet);
+ kismet_prefs_initialized = TRUE;
+ }
+ else
+ {
+ dissector_delete("tcp.port", tcp_port, kismet_handle);
+ }
+
+ /* Set our port number for future use */
+
+ tcp_port = global_kismet_tcp_port;
+
+ dissector_add("tcp.port", global_kismet_tcp_port, kismet_handle);
+ data_handle = find_dissector ("data");
+}
Index: epan/dissectors/Makefile.common
===================================================================
--- epan/dissectors/Makefile.common (revision 18189)
+++ epan/dissectors/Makefile.common (working copy)
@@ -394,6 +394,7 @@
packet-kerberos4.c \
packet-klm.c \
packet-kink.c \
+ packet-kismet.c \
packet-kpasswd.c \
packet-l2tp.c \
packet-lapb.c \_______________________________________________ Ethereal-dev mailing list Ethereal-dev@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-dev
- References:
- [Ethereal-dev] [PATCH] Kismet protocol dissector
- From: Krzysztof Burghardt
- [Ethereal-dev] Re: Kismet protocol dissector
- From: ronnie sahlberg
- [Ethereal-dev] Re: Kismet protocol dissector
- From: Krzysztof Burghardt
- Re: [Ethereal-dev] Re: Kismet protocol dissector
- From: ronnie sahlberg
- [Ethereal-dev] [PATCH] Kismet protocol dissector
- Prev by Date: Re: [Ethereal-dev] Re: Kismet protocol dissector
- Next by Date: [Ethereal-dev] Re: Kismet protocol dissector
- Previous by thread: Re: [Ethereal-dev] Re: Kismet protocol dissector
- Next by thread: [Ethereal-dev] Re: Kismet protocol dissector
- Index(es):
