+#include "packet-smb-common.h"
+
struct notify_response {
guint32 length;
guint32 num;
guint32 type;
};
-static gint hf_witness_move_ipaddr_list_flags = -1;
-static gint hf_witness_move_ipaddr_list_flags_ipv4 = -1;
-static gint hf_witness_move_ipaddr_list_flags_ipv6 = -1;
-static gint hf_witness_move_ipaddr_list_ipv4 = -1;
-static gint hf_witness_move_ipaddr_list_ipv6 = -1;
-static gint hf_witness_change_type = -1;
-static gint hf_witness_change_name = -1;
-
static const int* witness_move_ipaddr_list_flags_fields[] = {
&hf_witness_move_ipaddr_list_flags_ipv4,
&hf_witness_move_ipaddr_list_flags_ipv6,
{0, NULL}
};
-static gint ett_witness_move_ipaddr_list_flags = -1;
-static gint ett_witness_move_ipaddr = -1;
-static gint ett_message_buffer = -1;
-static gint ett_message = -1;
-
-/* { &hf_witness_move_ipaddr_list_flags, */
-/* { "IPv4", "witness.move_ipaddr_list.flags", FT_UINT32, BASE_HEX, NULL, 0, NULL, HFILL }}, */
-/* { &hf_witness_move_ipaddr_list_flags_ipv4, */
-/* { "IPv4", "witness.move_ipaddr_list.ipv4", FT_BOOLEAN, 32, TFS(&valid_tfs), 0x01, NULL, HFILL }}, */
-/* { &hf_witness_move_ipaddr_list_flags_ipv6, */
-/* { "IPv6", "witness.move_ipaddr_list.ipv6", FT_BOOLEAN, 32, TFS(&valid_tfs), 0x02, NULL, HFILL }}, */
-/* { &hf_witness_move_ipaddr_list_ipv4, */
-/* { "IPv4", "witness.move_ipaddr_list.ipv4.addr", FT_IPv4, BASE_NONE, NULL, 0, NULL, HFILL }}, */
-/* { &hf_witness_move_ipaddr_list_ipv6, */
-/* { "IPv6", "witness.move_ipaddr_list.ipv6.addr", FT_IPv6, BASE_NONE, NULL, 0, NULL, HFILL }}, */
-/* { &hf_witness_change_type, */
-/* { "Type", "witness.change.type", FT_UINT32, BASE_HEX, VALS(witness_change_type_vals), 0, NULL, HFILL }}, */
-/* { &hf_witness_change_name, */
-/* { "IPv4addr", "witness.change.name", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }}, */
-
-
static int witness_dissect_move_ipaddr(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree)
{
- proto_item *ti = proto_tree_add_text(tree, tvb, offset, -1, "IPAddr");
+ proto_item *ti = proto_tree_add_text(tree, tvb, offset, -1, "IP");
proto_tree *tr = proto_item_add_subtree(ti, ett_witness_move_ipaddr);
guint32 flags = tvb_get_letohl(tvb, offset);
return offset;
}
-
-//XXX dissect_ndr_ucarray
static int
dissect_ndr_ucbuffer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep,
{
dcerpc_info *di = pinfo->private_data;
offset = dissect_ndr_ucbuffer(tvb, offset, pinfo, tree, drep, witness_dissect_notifyResponse_message, di->private_data);
-// offset = dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep, witness_dissect_element_notifyResponse_message_buffer__);
return offset;
}
di->private_data = ep_memdup(&response, sizeof(response));
}
}
-// offset = dissect_ndr_ucbuffer(tvb, offset, pinfo, tree, drep, witness_dissect_notifyResponse_message, &response);
- offset = witness_dissect_element_notifyResponse_message_buffer(tvb, offset, pinfo, tree, drep);
+ offset = witness_dissect_element_notifyResponse_message_buffer(tvb, offset, pinfo, tree, drep);
proto_item_set_len(item, offset-old_offset);
-
if (di->call_data->flags & DCERPC_IS_NDR64) {
ALIGN_TO_5_BYTES;
}
return offset;
}
+
+static int
+witness_dissect_element_interfaceInfo_group_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *parent_tree, guint8 *drep _U_)
+{
+ const gchar *str;
+ int len = 260;
+ guint16 bc = tvb_length_remaining(tvb, offset);
+
+ str = get_unicode_or_ascii_string(tvb, &offset, TRUE, &len, TRUE, TRUE, &bc);
+
+ if (str) {
+ proto_item *pi;
+ pi = proto_tree_add_string(parent_tree, hf_witness_witness_interfaceInfo_group_name, tvb, offset, 2*260, str);
+ proto_item_append_text(pi, " [%d]", len);
+ proto_item_append_text(parent_tree, ": %s", str);
+
+ } else {
+ //proto_tree_add_bytes
+ }
+
+ return offset + 2*260;
+}
+
+static int
+PIDL_dissect_ipv4address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hfindex, guint32 param)
+{
+// guint32 ip = tvb_get_ipv4(tvb,offset); //tvb_get_ntohl(tvb, offset);
+ dcerpc_info *di = pinfo->private_data;
+ if (di->conformant_run) {
+ /* just a run to handle conformant arrays, no scalars to dissect */
+ return offset;
+ }
+
+
+ if (!di->no_align && (offset % 4)) {
+ offset += 4 - (offset % 4);
+ }
+
+ proto_tree_add_item(tree, hfindex, tvb, offset, 4, ENC_BIG_ENDIAN);
+
+
+ if (param & PIDL_SET_COL_INFO) {
+ header_field_info *hf_info = proto_registrar_get_nth(hfindex);
+
+ proto_item_append_text(proto_tree_get_parent(tree), " %s:%s", hf_info->name, tvb_ip_to_str(tvb, offset));
+
+ col_append_fstr(pinfo->cinfo, COL_INFO," %s:%s", hf_info->name, tvb_ip_to_str(tvb, offset));
+ }
+ return offset + 4;
+}
MANUAL witness_dissect_element_interfaceInfo_group_name
MANUAL witness_dissect_element_interfaceInfo_group_name_
+MANUAL witness_dissect_struct_notifyResponse
+MANUAL witness_dissect_element_notifyResponse_message_buffer_
+
#TYPE ipv4address "offset=PIDL_dissect_uint32(tvb, offset, pinfo, tree, drep, @HF@, @PARAM@);" FT_IPv4 BASE_NONE 0 NULL 4
#TYPE ipv4address "offset=PIDL_dissect_ipv4address(tvb, offset, pinfo, tree, drep, @HF@, @PARAM@);" FT_IPv4 BASE_NONE 0 NULL 4
TYPE ipv4address "offset=PIDL_dissect_ipv4address(tvb, offset, pinfo, tree, drep, @HF@, PIDL_SET_COL_INFO);" FT_IPv4 BASE_NONE 0 NULL 4
HF_RENAME hf_witness_witness_interfaceInfo_group_name hf_dummy
HF_FIELD hf_witness_witness_interfaceInfo_group_name "Group Name" "witness.witness_interfaceInfo.group_name" FT_STRING BASE_NONE NULL 0 "" "" ""
+HF_FIELD hf_witness_move_ipaddr_list_flags "Flags" "witness.move_ipaddr.flags" FT_UINT32 BASE_HEX NULL 0 "" "" ""
+HF_FIELD hf_witness_move_ipaddr_list_flags_ipv4 "IPv4" "witness.move_ipaddr.ipv4_valid" FT_BOOLEAN 32 TFS(&valid_tfs) 0x01 "" "" ""
+HF_FIELD hf_witness_move_ipaddr_list_flags_ipv6 "IPv6" "witness.move_ipaddr.ipv6_valid" FT_BOOLEAN 32 TFS(&valid_tfs) 0x02 "" "" ""
+HF_FIELD hf_witness_move_ipaddr_list_ipv4 "IPv4" "witness.move_ipaddr.ipv4" FT_IPv4 BASE_NONE NULL 0 "" "" ""
+HF_FIELD hf_witness_move_ipaddr_list_ipv6 "IPv6" "witness.move_ipaddr.ipv6" FT_IPv6 BASE_NONE NULL 0 "" "" ""
+HF_FIELD hf_witness_change_type "Type" "witness.change.type" FT_UINT32 BASE_HEX VALS(witness_change_type_vals) 0 "" "" ""
+HF_FIELD hf_witness_change_name "Name" "witness.change.name" FT_STRING BASE_NONE NULL 0 "" "" ""
+
+HF_FIELD hf_dcerpc_array_max_count "Max Count" "dcerpc.array.max_count" FT_UINT32 BASE_DEC NULL 0 "" "" "Maximum Count: Number of elements in the array"
+
+ETT_FIELD ett_witness_move_ipaddr_list_flags
+ETT_FIELD ett_witness_move_ipaddr
+ETT_FIELD ett_message_buffer
+
PARAM_VALUE witness_dissect_element_Register_context_handle_ PIDL_POLHND_OPEN
PARAM_VALUE witness_dissect_element_UnRegister_context_handle PIDL_POLHND_CLOSE
HF_FIELD hf_witness_context_handle "Handle" "witness.handle" FT_BYTES BASE_NONE NULL 0 "" "" ""
HF_RENAME hf_witness_witness_Register_context_handle hf_witness_context_handle
CODE START
- #include "packet-smb-common.h"
- #include "packet-dcerpc-witness-cnf.c"
-
-static int
-witness_dissect_element_interfaceInfo_group_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *parent_tree, guint8 *drep _U_)
-{
- const gchar *str;
- int len = 260;
- guint16 bc = tvb_length_remaining(tvb, offset);
-
- str = get_unicode_or_ascii_string(tvb, &offset, TRUE, &len, TRUE, TRUE, &bc);
-
- if (str) {
- proto_item *pi;
- pi = proto_tree_add_string(parent_tree, hf_witness_witness_interfaceInfo_group_name, tvb, offset, 2*260, str);
- proto_item_append_text(pi, " [%d]", len);
- proto_item_append_text(parent_tree, ": %s", str);
-
- } else {
- //proto_tree_add_bytes
- }
-
- return offset + 2*260;
-}
-
-static int
-PIDL_dissect_ipv4address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hfindex, guint32 param)
-{
-// guint32 ip = tvb_get_ipv4(tvb,offset); //tvb_get_ntohl(tvb, offset);
- dcerpc_info *di = pinfo->private_data;
- if (di->conformant_run) {
- /* just a run to handle conformant arrays, no scalars to dissect */
- return offset;
- }
-
-
- if (!di->no_align && (offset % 4)) {
- offset += 4 - (offset % 4);
- }
-
- proto_tree_add_item(tree, hfindex, tvb, offset, 4, ENC_BIG_ENDIAN);
-
-
- if (param & PIDL_SET_COL_INFO) {
- header_field_info *hf_info = proto_registrar_get_nth(hfindex);
-
- proto_item_append_text(proto_tree_get_parent(tree), " %s:%s", hf_info->name, tvb_ip_to_str(tvb, offset));
-
- col_append_fstr(pinfo->cinfo, COL_INFO," %s:%s", hf_info->name, tvb_ip_to_str(tvb, offset));
- }
- return offset + 4;
-}
+ #include "packet-dcerpc-witness-cnf.c"
CODE END
git.samba.org / metze / wireshark / wip.git / commitdiff