1 /*
2 * packet-ppi.c
3 * Routines for PPI Packet Header dissection
4 *
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 2007 Gerald Combs
8 *
9 * Copyright (c) 2006 CACE Technologies, Davis (California)
10 * All rights reserved.
11 *
12 * SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0-only)
13 *
14 *
15 * Dustin Johnson - Dustin@Dustinj.us, Dustin.Johnson@cacetech.com
16 * May 7, 2008 - Added 'Aggregation Extension' and '802.3 Extension'
17 */
18
19
20 #include "config.h"
21
22 #include <epan/packet.h>
23 #include <epan/capture_dissectors.h>
24 #include <epan/exceptions.h>
25 #include <epan/ptvcursor.h>
26 #include <epan/prefs.h>
27 #include <epan/expert.h>
28 #include <epan/reassemble.h>
29 #include <wsutil/802_11-utils.h>
30 #include <wsutil/pint.h>
31 #include <wsutil/str_util.h>
32
33 /*
34 * Per-Packet Information (PPI) header.
35 * See the PPI Packet Header documentation at
36 *
37 * https://wayback.archive.org/web/20120525190041/https://www.cacetech.com/documents/PPI%20Header%20format%201.0.10.pdf
38 *
39 * for details.
40 */
41
42 /*
43 * PPI headers have the following format:
44 *
45 * ,---------------------------------------------------------.
46 * | PPH | PFH 1 | Field data 1 | PFH 2 | Field data 2 | ... |
47 * `---------------------------------------------------------'
48 *
49 * The PPH struct has the following format:
50 *
51 * typedef struct ppi_packetheader {
52 * guint8 pph_version; // Version. Currently 0
53 * guint8 pph_flags; // Flags.
54 * guint16 pph_len; // Length of entire message, including this header and TLV payload.
55 * guint32 pph_dlt; // libpcap Data Link Type of the captured packet data.
56 * } ppi_packetheader_t;
57 *
58 * The PFH struct has the following format:
59 *
60 * typedef struct ppi_fieldheader {
61 * guint16 pfh_type; // Type
62 * guint16 pfh_datalen; // Length of data
63 * } ppi_fieldheader_t;
64 *
65 * Anyone looking to add their own PPI dissector would probably do well to imitate the GPS
66 * ones separation into a distinct file. Here is a step by step guide:
67 * 1) add the number you received to the enum ppi_field_type declaration.
68 * 2) Add a value string for your number into vs_ppi_field_type
69 * 3) declare a dissector handle by the ppi_gps_handle, and initialize it inside proto_reg_handoff
70 * 4) add case inside dissect_ppi to call your new handle.
71 * 5) Write your parser, and get it loaded.
72 * Following these steps will result in less churn inside the ppi proper parser, and avoid namespace issues.
73 */
74
75
76 #define PPI_PADDED (1 << 0)
77
78 #define PPI_V0_HEADER_LEN 8
79 #define PPI_80211_COMMON_LEN 20
80 #define PPI_80211N_MAC_LEN 12
81 #define PPI_80211N_MAC_PHY_OFF 9
82 #define PPI_80211N_MAC_PHY_LEN 48
83 #define PPI_AGGREGATION_EXTENSION_LEN 4
84 #define PPI_8023_EXTENSION_LEN 8
85
86 #define PPI_FLAG_ALIGN 0x01
87 #define IS_PPI_FLAG_ALIGN(x) ((x) & PPI_FLAG_ALIGN)
88
89 #define DOT11_FLAG_HAVE_FCS 0x0001
90 #define DOT11_FLAG_TSF_TIMER_MS 0x0002
91 #define DOT11_FLAG_FCS_INVALID 0x0004
92 #define DOT11_FLAG_PHY_ERROR 0x0008
93
94 #define DOT11N_FLAG_GREENFIELD 0x0001
95 #define DOT11N_FLAG_HT40 0x0002
96 #define DOT11N_FLAG_SHORT_GI 0x0004
97 #define DOT11N_FLAG_DUPLICATE_RX 0x0008
98 #define DOT11N_FLAG_IS_AGGREGATE 0x0010
99 #define DOT11N_FLAG_MORE_AGGREGATES 0x0020
100 #define DOT11N_FLAG_AGG_CRC_ERROR 0x0040
101
102 #define DOT11N_IS_AGGREGATE(flags) (flags & DOT11N_FLAG_IS_AGGREGATE)
103 #define DOT11N_MORE_AGGREGATES(flags) ( \
104 (flags & DOT11N_FLAG_MORE_AGGREGATES) && \
105 !(flags & DOT11N_FLAG_AGG_CRC_ERROR))
106 #define AGGREGATE_MAX 65535
107 #define AMPDU_MAX 16383
108
109 /* XXX - Start - Copied from packet-radiotap.c */
110 /* Channel flags. */
111 #define IEEE80211_CHAN_TURBO 0x0010 /* Turbo channel */
112 #define IEEE80211_CHAN_CCK 0x0020 /* CCK channel */
113 #define IEEE80211_CHAN_OFDM 0x0040 /* OFDM channel */
114 #define IEEE80211_CHAN_2GHZ 0x0080 /* 2 GHz spectrum channel. */
115 #define IEEE80211_CHAN_5GHZ 0x0100 /* 5 GHz spectrum channel */
116 #define IEEE80211_CHAN_PASSIVE 0x0200 /* Only passive scan allowed */
117 #define IEEE80211_CHAN_DYN 0x0400 /* Dynamic CCK-OFDM channel */
118 #define IEEE80211_CHAN_GFSK 0x0800 /* GFSK channel (FHSS PHY) */
119
120 #define IEEE80211_CHAN_ALL \
121 (IEEE80211_CHAN_2GHZ | IEEE80211_CHAN_5GHZ | IEEE80211_CHAN_GFSK | \
122 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | IEEE80211_CHAN_DYN)
123 #define IEEE80211_CHAN_ALLTURBO \
124 (IEEE80211_CHAN_ALL | IEEE80211_CHAN_TURBO)
125
126 /*
127 * Useful combinations of channel characteristics.
128 */
129 #define IEEE80211_CHAN_FHSS \
130 (IEEE80211_CHAN_2GHZ | IEEE80211_CHAN_GFSK)
131 #define IEEE80211_CHAN_DSSS \
132 (IEEE80211_CHAN_2GHZ)
133 #define IEEE80211_CHAN_A \
134 (IEEE80211_CHAN_5GHZ | IEEE80211_CHAN_OFDM)
135 #define IEEE80211_CHAN_B \
136 (IEEE80211_CHAN_2GHZ | IEEE80211_CHAN_CCK)
137 #define IEEE80211_CHAN_PUREG \
138 (IEEE80211_CHAN_2GHZ | IEEE80211_CHAN_OFDM)
139 #define IEEE80211_CHAN_G \
140 (IEEE80211_CHAN_2GHZ | IEEE80211_CHAN_DYN)
141 #define IEEE80211_CHAN_108A \
142 (IEEE80211_CHAN_A | IEEE80211_CHAN_TURBO)
143 #define IEEE80211_CHAN_108G \
144 (IEEE80211_CHAN_G | IEEE80211_CHAN_TURBO)
145 #define IEEE80211_CHAN_108PUREG \
146 (IEEE80211_CHAN_PUREG | IEEE80211_CHAN_TURBO)
147 /* XXX - End - Copied from packet-radiotap.c */
148
149 void proto_register_ppi(void);
150 void proto_reg_handoff_ppi(void);
151
152 typedef enum {
153 /* 0 - 29999: Public types */
154 PPI_80211_COMMON = 2,
155 PPI_80211N_MAC = 3,
156 PPI_80211N_MAC_PHY = 4,
157 PPI_SPECTRUM_MAP = 5,
158 PPI_PROCESS_INFO = 6,
159 PPI_CAPTURE_INFO = 7,
160 PPI_AGGREGATION_EXTENSION = 8,
161 PPI_8023_EXTENSION = 9,
162 /* 11 - 29999: RESERVED */
163
164 /* 30000 - 65535: Private types */
165 INTEL_CORP_PRIVATE = 30000,
166 MOHAMED_THAGA_PRIVATE = 30001,
167 PPI_GPS_INFO = 30002, /* 30002 - 30005 described in PPI-GEOLOCATION specifcation */
168 PPI_VECTOR_INFO = 30003, /* currently available in draft from. jellch@harris.com */
169 PPI_SENSOR_INFO = 30004,
170 PPI_ANTENNA_INFO = 30005,
171 FNET_PRIVATE = 0xC017,
172 CACE_PRIVATE = 0xCACE
173 /* All others RESERVED. Contact the WinPcap team for an assignment */
174 } ppi_field_type;
175
176 /* Protocol */
177 static int proto_ppi = -1;
178
179 /* Packet header */
180 static int hf_ppi_head_version = -1;
181 static int hf_ppi_head_flags = -1;
182 static int hf_ppi_head_flag_alignment = -1;
183 static int hf_ppi_head_flag_reserved = -1;
184 static int hf_ppi_head_len = -1;
185 static int hf_ppi_head_dlt = -1;
186
187 /* Field header */
188 static int hf_ppi_field_type = -1;
189 static int hf_ppi_field_len = -1;
190
191 /* 802.11 Common */
192 static int hf_80211_common_tsft = -1;
193 static int hf_80211_common_flags = -1;
194 static int hf_80211_common_flags_fcs = -1;
195 static int hf_80211_common_flags_tsft = -1;
196 static int hf_80211_common_flags_fcs_valid = -1;
197 static int hf_80211_common_flags_phy_err = -1;
198 static int hf_80211_common_rate = -1;
199 static int hf_80211_common_chan_freq = -1;
200 static int hf_80211_common_chan_flags = -1;
201
202 static int hf_80211_common_chan_flags_turbo = -1;
203 static int hf_80211_common_chan_flags_cck = -1;
204 static int hf_80211_common_chan_flags_ofdm = -1;
205 static int hf_80211_common_chan_flags_2ghz = -1;
206 static int hf_80211_common_chan_flags_5ghz = -1;
207 static int hf_80211_common_chan_flags_passive = -1;
208 static int hf_80211_common_chan_flags_dynamic = -1;
209 static int hf_80211_common_chan_flags_gfsk = -1;
210
211 static int hf_80211_common_fhss_hopset = -1;
212 static int hf_80211_common_fhss_pattern = -1;
213 static int hf_80211_common_dbm_antsignal = -1;
214 static int hf_80211_common_dbm_antnoise = -1;
215
216 /* 802.11n MAC */
217 static int hf_80211n_mac_flags = -1;
218 static int hf_80211n_mac_flags_greenfield = -1;
219 static int hf_80211n_mac_flags_ht20_40 = -1;
220 static int hf_80211n_mac_flags_rx_guard_interval = -1;
221 static int hf_80211n_mac_flags_duplicate_rx = -1;
222 static int hf_80211n_mac_flags_more_aggregates = -1;
223 static int hf_80211n_mac_flags_aggregate = -1;
224 static int hf_80211n_mac_flags_delimiter_crc_after = -1;
225 static int hf_80211n_mac_ampdu_id = -1;
226 static int hf_80211n_mac_num_delimiters = -1;
227 static int hf_80211n_mac_reserved = -1;
228
229 /* 802.11n MAC+PHY */
230 static int hf_80211n_mac_phy_mcs = -1;
231 static int hf_80211n_mac_phy_num_streams = -1;
232 static int hf_80211n_mac_phy_rssi_combined = -1;
233 static int hf_80211n_mac_phy_rssi_ant0_ctl = -1;
234 static int hf_80211n_mac_phy_rssi_ant1_ctl = -1;
235 static int hf_80211n_mac_phy_rssi_ant2_ctl = -1;
236 static int hf_80211n_mac_phy_rssi_ant3_ctl = -1;
237 static int hf_80211n_mac_phy_rssi_ant0_ext = -1;
238 static int hf_80211n_mac_phy_rssi_ant1_ext = -1;
239 static int hf_80211n_mac_phy_rssi_ant2_ext = -1;
240 static int hf_80211n_mac_phy_rssi_ant3_ext = -1;
241 static int hf_80211n_mac_phy_ext_chan_freq = -1;
242 static int hf_80211n_mac_phy_ext_chan_flags = -1;
243 static int hf_80211n_mac_phy_ext_chan_flags_turbo = -1;
244 static int hf_80211n_mac_phy_ext_chan_flags_cck = -1;
245 static int hf_80211n_mac_phy_ext_chan_flags_ofdm = -1;
246 static int hf_80211n_mac_phy_ext_chan_flags_2ghz = -1;
247 static int hf_80211n_mac_phy_ext_chan_flags_5ghz = -1;
248 static int hf_80211n_mac_phy_ext_chan_flags_passive = -1;
249 static int hf_80211n_mac_phy_ext_chan_flags_dynamic = -1;
250 static int hf_80211n_mac_phy_ext_chan_flags_gfsk = -1;
251 static int hf_80211n_mac_phy_dbm_ant0signal = -1;
252 static int hf_80211n_mac_phy_dbm_ant0noise = -1;
253 static int hf_80211n_mac_phy_dbm_ant1signal = -1;
254 static int hf_80211n_mac_phy_dbm_ant1noise = -1;
255 static int hf_80211n_mac_phy_dbm_ant2signal = -1;
256 static int hf_80211n_mac_phy_dbm_ant2noise = -1;
257 static int hf_80211n_mac_phy_dbm_ant3signal = -1;
258 static int hf_80211n_mac_phy_dbm_ant3noise = -1;
259 static int hf_80211n_mac_phy_evm0 = -1;
260 static int hf_80211n_mac_phy_evm1 = -1;
261 static int hf_80211n_mac_phy_evm2 = -1;
262 static int hf_80211n_mac_phy_evm3 = -1;
263
264 /* 802.11n-Extensions A-MPDU fragments */
265 static int hf_ampdu_reassembled_in = -1;
266 /* static int hf_ampdu_segments = -1; */
267 static int hf_ampdu_segment = -1;
268 static int hf_ampdu_count = -1;
269
270 /* Spectrum-Map */
271 static int hf_spectrum_map = -1;
272
273 /* Process-Info */
274 static int hf_process_info = -1;
275
276 /* Capture-Info */
277 static int hf_capture_info = -1;
278
279 /* Aggregation Extension */
280 static int hf_aggregation_extension_interface_id = -1;
281
282 /* 802.3 Extension */
283 static int hf_8023_extension_flags = -1;
284 static int hf_8023_extension_flags_fcs_present = -1;
285 static int hf_8023_extension_errors = -1;
286 static int hf_8023_extension_errors_fcs = -1;
287 static int hf_8023_extension_errors_sequence = -1;
288 static int hf_8023_extension_errors_symbol = -1;
289 static int hf_8023_extension_errors_data = -1;
290
291 /* Generated from convert_proto_tree_add_text.pl */
292 static int hf_ppi_antenna = -1;
293 static int hf_ppi_harris = -1;
294 static int hf_ppi_reserved = -1;
295 static int hf_ppi_vector = -1;
296 static int hf_ppi_fnet = -1;
297 static int hf_ppi_gps = -1;
298
299 static gint ett_ppi_pph = -1;
300 static gint ett_ppi_flags = -1;
301 static gint ett_dot11_common = -1;
302 static gint ett_dot11_common_flags = -1;
303 static gint ett_dot11_common_channel_flags = -1;
304 static gint ett_dot11n_mac = -1;
305 static gint ett_dot11n_mac_flags = -1;
306 static gint ett_dot11n_mac_phy = -1;
307 static gint ett_dot11n_mac_phy_ext_channel_flags = -1;
308 static gint ett_ampdu_segments = -1;
309 static gint ett_ampdu = -1;
310 static gint ett_ampdu_segment = -1;
311 static gint ett_aggregation_extension = -1;
312 static gint ett_8023_extension = -1;
313 static gint ett_8023_extension_flags = -1;
314 static gint ett_8023_extension_errors = -1;
315
316 /* Generated from convert_proto_tree_add_text.pl */
317 static expert_field ei_ppi_invalid_length = EI_INIT;
318
319 static dissector_handle_t ppi_handle;
320
321 static dissector_handle_t ieee80211_radio_handle;
322 static dissector_handle_t pcap_pktdata_handle;
323 static dissector_handle_t ppi_gps_handle, ppi_vector_handle, ppi_sensor_handle, ppi_antenna_handle;
324 static dissector_handle_t ppi_fnet_handle;
325
326 static const true_false_string tfs_ppi_head_flag_alignment = { "32-bit aligned", "Not aligned" };
327 static const true_false_string tfs_tsft_ms = { "milliseconds", "microseconds" };
328 static const true_false_string tfs_ht20_40 = { "HT40", "HT20" };
329 static const true_false_string tfs_phy_error = { "PHY error", "No errors"};
330
331 static const value_string vs_ppi_field_type[] = {
332 {PPI_80211_COMMON, "802.11-Common"},
333 {PPI_80211N_MAC, "802.11n MAC Extensions"},
334 {PPI_80211N_MAC_PHY, "802.11n MAC+PHY Extensions"},
335 {PPI_SPECTRUM_MAP, "Spectrum-Map"},
336 {PPI_PROCESS_INFO, "Process-Info"},
337 {PPI_CAPTURE_INFO, "Capture-Info"},
338 {PPI_AGGREGATION_EXTENSION, "Aggregation Extension"},
339 {PPI_8023_EXTENSION, "802.3 Extension"},
340
341 {INTEL_CORP_PRIVATE, "Intel Corporation (private)"},
342 {MOHAMED_THAGA_PRIVATE, "Mohamed Thaga (private)"},
343 {PPI_GPS_INFO, "GPS Tagging"},
344 {PPI_VECTOR_INFO, "Vector Tagging"},
345 {PPI_SENSOR_INFO, "Sensor tagging"},
346 {PPI_ANTENNA_INFO, "Antenna Tagging"},
347 {FNET_PRIVATE, "FlukeNetworks (private)"},
348 {CACE_PRIVATE, "CACE Technologies (private)"},
349 {0, NULL}
350 };
351
352 /* Table for A-MPDU reassembly */
353 static reassembly_table ampdu_reassembly_table;
354
355 /* Reassemble A-MPDUs? */
356 static gboolean ppi_ampdu_reassemble = TRUE;
357
358
359 static gboolean
capture_ppi(const guchar * pd,int offset _U_,int len,capture_packet_info_t * cpinfo,const union wtap_pseudo_header * pseudo_header _U_)360 capture_ppi(const guchar *pd, int offset _U_, int len, capture_packet_info_t *cpinfo, const union wtap_pseudo_header *pseudo_header _U_)
361 {
362 guint32 dlt;
363 guint ppi_len;
364
365 ppi_len = pletoh16(pd+2);
366 if(ppi_len < PPI_V0_HEADER_LEN || !BYTES_ARE_IN_FRAME(0, len, ppi_len))
367 return FALSE;
368
369 dlt = pletoh32(pd+4);
370
371 return try_capture_dissector("ppi", dlt, pd, ppi_len, len, cpinfo, pseudo_header);
372 }
373
374 static void
ptvcursor_add_invalid_check(ptvcursor_t * csr,int hf,gint len,guint64 invalid_val)375 ptvcursor_add_invalid_check(ptvcursor_t *csr, int hf, gint len, guint64 invalid_val) {
376 proto_item *ti;
377 guint64 val = invalid_val;
378
379 switch (len) {
380 case 8:
381 val = tvb_get_letoh64(ptvcursor_tvbuff(csr),
382 ptvcursor_current_offset(csr));
383 break;
384 case 4:
385 val = tvb_get_letohl(ptvcursor_tvbuff(csr),
386 ptvcursor_current_offset(csr));
387 break;
388 case 2:
389 val = tvb_get_letohs(ptvcursor_tvbuff(csr),
390 ptvcursor_current_offset(csr));
391 break;
392 case 1:
393 val = tvb_get_guint8(ptvcursor_tvbuff(csr),
394 ptvcursor_current_offset(csr));
395 break;
396 default:
397 DISSECTOR_ASSERT_NOT_REACHED();
398 }
399
400 ti = ptvcursor_add(csr, hf, len, ENC_LITTLE_ENDIAN);
401 if (val == invalid_val)
402 proto_item_append_text(ti, " [invalid]");
403 }
404
405 static void
add_ppi_field_header(tvbuff_t * tvb,proto_tree * tree,int * offset)406 add_ppi_field_header(tvbuff_t *tvb, proto_tree *tree, int *offset)
407 {
408 ptvcursor_t *csr;
409
410 csr = ptvcursor_new(wmem_packet_scope(), tree, tvb, *offset);
411 ptvcursor_add(csr, hf_ppi_field_type, 2, ENC_LITTLE_ENDIAN);
412 ptvcursor_add(csr, hf_ppi_field_len, 2, ENC_LITTLE_ENDIAN);
413 ptvcursor_free(csr);
414 *offset=ptvcursor_current_offset(csr);
415 }
416
417 /* XXX - The main dissection function in the 802.11 dissector has the same name. */
418 static void
dissect_80211_common(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,int offset,int data_len,struct ieee_802_11_phdr * phdr)419 dissect_80211_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, int data_len, struct ieee_802_11_phdr *phdr)
420 {
421 proto_tree *ftree;
422 proto_item *ti;
423 ptvcursor_t *csr;
424 guint64 tsft_raw;
425 guint rate_raw;
426 guint rate_kbps;
427 guint32 common_flags;
428 guint16 common_frequency;
429 guint16 chan_flags;
430 gint8 dbm_value;
431 gchar *chan_str;
432
433 ftree = proto_tree_add_subtree(tree, tvb, offset, data_len, ett_dot11_common, NULL, "802.11-Common");
434 add_ppi_field_header(tvb, ftree, &offset);
435 data_len -= 4; /* Subtract field header length */
436
437 if (data_len != PPI_80211_COMMON_LEN) {
438 proto_tree_add_expert_format(ftree, pinfo, &ei_ppi_invalid_length, tvb, offset, data_len, "Invalid length: %u", data_len);
439 return;
440 }
441
442 common_flags = tvb_get_letohs(tvb, offset + 8);
443 if (common_flags & DOT11_FLAG_HAVE_FCS)
444 phdr->fcs_len = 4;
445 else
446 phdr->fcs_len = 0;
447
448 csr = ptvcursor_new(pinfo->pool, ftree, tvb, offset);
449
450 tsft_raw = tvb_get_letoh64(tvb, offset);
451 if (tsft_raw != 0) {
452 phdr->has_tsf_timestamp = TRUE;
453 if (common_flags & DOT11_FLAG_TSF_TIMER_MS)
454 phdr->tsf_timestamp = tsft_raw * 1000;
455 else
456 phdr->tsf_timestamp = tsft_raw;
457 }
458
459 ptvcursor_add_invalid_check(csr, hf_80211_common_tsft, 8, 0);
460
461 ptvcursor_add_with_subtree(csr, hf_80211_common_flags, 2, ENC_LITTLE_ENDIAN,
462 ett_dot11_common_flags);
463 ptvcursor_add_no_advance(csr, hf_80211_common_flags_fcs, 2, ENC_LITTLE_ENDIAN);
464 ptvcursor_add_no_advance(csr, hf_80211_common_flags_tsft, 2, ENC_LITTLE_ENDIAN);
465 ptvcursor_add_no_advance(csr, hf_80211_common_flags_fcs_valid, 2, ENC_LITTLE_ENDIAN);
466 ptvcursor_add(csr, hf_80211_common_flags_phy_err, 2, ENC_LITTLE_ENDIAN);
467 ptvcursor_pop_subtree(csr);
468
469 rate_raw = tvb_get_letohs(tvb, ptvcursor_current_offset(csr));
470 if (rate_raw != 0) {
471 phdr->has_data_rate = TRUE;
472 phdr->data_rate = rate_raw;
473 }
474 rate_kbps = rate_raw * 500;
475 ti = proto_tree_add_uint_format(ftree, hf_80211_common_rate, tvb,
476 ptvcursor_current_offset(csr), 2, rate_kbps, "Rate: %.1f Mbps",
477 rate_kbps / 1000.0);
478 if (rate_kbps == 0)
479 proto_item_append_text(ti, " [invalid]");
480 col_add_fstr(pinfo->cinfo, COL_TX_RATE, "%.1f Mbps", rate_kbps / 1000.0);
481 ptvcursor_advance(csr, 2);
482
483 common_frequency = tvb_get_letohs(ptvcursor_tvbuff(csr), ptvcursor_current_offset(csr));
484 if (common_frequency != 0) {
485 gint calc_channel;
486
487 phdr->has_frequency = TRUE;
488 phdr->frequency = common_frequency;
489 calc_channel = ieee80211_mhz_to_chan(common_frequency);
490 if (calc_channel != -1) {
491 phdr->has_channel = TRUE;
492 phdr->channel = calc_channel;
493 }
494 }
495 chan_str = ieee80211_mhz_to_str(common_frequency);
496 proto_tree_add_uint_format_value(ptvcursor_tree(csr), hf_80211_common_chan_freq, ptvcursor_tvbuff(csr),
497 ptvcursor_current_offset(csr), 2, common_frequency, "%s", chan_str);
498 col_add_fstr(pinfo->cinfo, COL_FREQ_CHAN, "%s", chan_str);
499 g_free(chan_str);
500 ptvcursor_advance(csr, 2);
501
502 memset(&phdr->phy_info, 0, sizeof(phdr->phy_info));
503 chan_flags = tvb_get_letohs(ptvcursor_tvbuff(csr), ptvcursor_current_offset(csr));
504 switch (chan_flags & IEEE80211_CHAN_ALLTURBO) {
505
506 case IEEE80211_CHAN_FHSS:
507 phdr->phy = PHDR_802_11_PHY_11_FHSS;
508 break;
509
510 case IEEE80211_CHAN_DSSS:
511 phdr->phy = PHDR_802_11_PHY_11_DSSS;
512 break;
513
514 case IEEE80211_CHAN_A:
515 phdr->phy = PHDR_802_11_PHY_11A;
516 phdr->phy_info.info_11a.has_turbo_type = TRUE;
517 phdr->phy_info.info_11a.turbo_type = PHDR_802_11A_TURBO_TYPE_NORMAL;
518 break;
519
520 case IEEE80211_CHAN_B:
521 phdr->phy = PHDR_802_11_PHY_11B;
522 break;
523
524 case IEEE80211_CHAN_PUREG:
525 phdr->phy = PHDR_802_11_PHY_11G;
526 phdr->phy_info.info_11g.has_mode = TRUE;
527 phdr->phy_info.info_11g.mode = PHDR_802_11G_MODE_NORMAL;
528 break;
529
530 case IEEE80211_CHAN_G:
531 phdr->phy = PHDR_802_11_PHY_11G;
532 phdr->phy_info.info_11g.has_mode = TRUE;
533 phdr->phy_info.info_11g.mode = PHDR_802_11G_MODE_NORMAL;
534 break;
535
536 case IEEE80211_CHAN_108A:
537 phdr->phy = PHDR_802_11_PHY_11A;
538 phdr->phy_info.info_11a.has_turbo_type = TRUE;
539 /* We assume non-STURBO is dynamic turbo */
540 phdr->phy_info.info_11a.turbo_type = PHDR_802_11A_TURBO_TYPE_DYNAMIC_TURBO;
541 break;
542
543 case IEEE80211_CHAN_108PUREG:
544 phdr->phy = PHDR_802_11_PHY_11G;
545 phdr->phy_info.info_11g.has_mode = TRUE;
546 phdr->phy_info.info_11g.mode = PHDR_802_11G_MODE_SUPER_G;
547 break;
548 }
549 ptvcursor_add_with_subtree(csr, hf_80211_common_chan_flags, 2, ENC_LITTLE_ENDIAN,
550 ett_dot11_common_channel_flags);
551 ptvcursor_add_no_advance(csr, hf_80211_common_chan_flags_turbo, 2, ENC_LITTLE_ENDIAN);
552 ptvcursor_add_no_advance(csr, hf_80211_common_chan_flags_cck, 2, ENC_LITTLE_ENDIAN);
553 ptvcursor_add_no_advance(csr, hf_80211_common_chan_flags_ofdm, 2, ENC_LITTLE_ENDIAN);
554 ptvcursor_add_no_advance(csr, hf_80211_common_chan_flags_2ghz, 2, ENC_LITTLE_ENDIAN);
555 ptvcursor_add_no_advance(csr, hf_80211_common_chan_flags_5ghz, 2, ENC_LITTLE_ENDIAN);
556 ptvcursor_add_no_advance(csr, hf_80211_common_chan_flags_passive, 2, ENC_LITTLE_ENDIAN);
557 ptvcursor_add_no_advance(csr, hf_80211_common_chan_flags_dynamic, 2, ENC_LITTLE_ENDIAN);
558 ptvcursor_add(csr, hf_80211_common_chan_flags_gfsk, 2, ENC_LITTLE_ENDIAN);
559 ptvcursor_pop_subtree(csr);
560
561
562 if (phdr->phy == PHDR_802_11_PHY_11_FHSS) {
563 phdr->phy_info.info_11_fhss.has_hop_set = TRUE;
564 phdr->phy_info.info_11_fhss.hop_set = tvb_get_guint8(ptvcursor_tvbuff(csr), ptvcursor_current_offset(csr));
565 }
566 ptvcursor_add(csr, hf_80211_common_fhss_hopset, 1, ENC_LITTLE_ENDIAN);
567 if (phdr->phy == PHDR_802_11_PHY_11_FHSS) {
568 phdr->phy_info.info_11_fhss.has_hop_pattern = TRUE;
569 phdr->phy_info.info_11_fhss.hop_pattern = tvb_get_guint8(ptvcursor_tvbuff(csr), ptvcursor_current_offset(csr));
570 }
571 ptvcursor_add(csr, hf_80211_common_fhss_pattern, 1, ENC_LITTLE_ENDIAN);
572
573 dbm_value = tvb_get_gint8(tvb, ptvcursor_current_offset(csr));
574 if (dbm_value != -128 && dbm_value != 0) {
575 /*
576 * XXX - the spec says -128 is invalid, presumably meaning "use
577 * -128 if you don't have the signal strength", but some captures
578 * have 0 for noise, presumably meaning it's incorrectly being
579 * used for "don't have it", so we check for it as well.
580 */
581 col_add_fstr(pinfo->cinfo, COL_RSSI, "%d dBm", dbm_value);
582 phdr->has_signal_dbm = TRUE;
583 phdr->signal_dbm = dbm_value;
584 }
585 ptvcursor_add_invalid_check(csr, hf_80211_common_dbm_antsignal, 1, 0x80); /* -128 */
586
587 dbm_value = tvb_get_gint8(tvb, ptvcursor_current_offset(csr));
588 if (dbm_value != -128 && dbm_value != 0) {
589 /*
590 * XXX - the spec says -128 is invalid, presumably meaning "use
591 * -128 if you don't have the noise level", but some captures
592 * have 0, presumably meaning it's incorrectly being used for
593 * "don't have it", so we check for it as well.
594 */
595 phdr->has_noise_dbm = TRUE;
596 phdr->noise_dbm = dbm_value;
597 }
598 ptvcursor_add_invalid_check(csr, hf_80211_common_dbm_antnoise, 1, 0x80);
599
600 ptvcursor_free(csr);
601 }
602
603 static void
dissect_80211n_mac(tvbuff_t * tvb,packet_info * pinfo _U_,proto_tree * tree,int offset,int data_len,gboolean add_subtree,guint32 * n_mac_flags,guint32 * ampdu_id,struct ieee_802_11_phdr * phdr)604 dissect_80211n_mac(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, int data_len, gboolean add_subtree, guint32 *n_mac_flags, guint32 *ampdu_id, struct ieee_802_11_phdr *phdr)
605 {
606 proto_tree *ftree = tree;
607 ptvcursor_t *csr;
608 guint32 flags;
609
610 phdr->phy = PHDR_802_11_PHY_11N;
611
612 if (add_subtree) {
613 ftree = proto_tree_add_subtree(tree, tvb, offset, data_len, ett_dot11n_mac, NULL, "802.11n MAC");
614 add_ppi_field_header(tvb, ftree, &offset);
615 data_len -= 4; /* Subtract field header length */
616 }
617
618 if (data_len != PPI_80211N_MAC_LEN) {
619 proto_tree_add_expert_format(ftree, pinfo, &ei_ppi_invalid_length, tvb, offset, data_len, "Invalid length: %u", data_len);
620 return;
621 }
622
623 csr = ptvcursor_new(pinfo->pool, ftree, tvb, offset);
624
625 flags = tvb_get_letohl(tvb, ptvcursor_current_offset(csr));
626 *n_mac_flags = flags;
627 phdr->phy_info.info_11n.has_bandwidth = TRUE;
628 phdr->phy_info.info_11n.has_short_gi = TRUE;
629 phdr->phy_info.info_11n.has_greenfield = TRUE;
630 phdr->phy_info.info_11n.bandwidth = ((flags & DOT11N_FLAG_HT40) != 0);
631 phdr->phy_info.info_11n.short_gi = ((flags & DOT11N_FLAG_SHORT_GI) != 0);
632 phdr->phy_info.info_11n.greenfield = ((flags & DOT11N_FLAG_GREENFIELD) != 0);
633 if (DOT11N_IS_AGGREGATE(flags)) {
634 phdr->has_aggregate_info = 1;
635 phdr->aggregate_flags = 0;
636 if (!(flags & DOT11N_FLAG_MORE_AGGREGATES))
637 phdr->aggregate_flags |= PHDR_802_11_LAST_PART_OF_A_MPDU;
638 if (flags & DOT11N_FLAG_AGG_CRC_ERROR)
639 phdr->aggregate_flags |= PHDR_802_11_A_MPDU_DELIM_CRC_ERROR;
640 }
641 ptvcursor_add_with_subtree(csr, hf_80211n_mac_flags, 4, ENC_LITTLE_ENDIAN,
642 ett_dot11n_mac_flags);
643 ptvcursor_add_no_advance(csr, hf_80211n_mac_flags_greenfield, 4, ENC_LITTLE_ENDIAN);
644 ptvcursor_add_no_advance(csr, hf_80211n_mac_flags_ht20_40, 4, ENC_LITTLE_ENDIAN);
645 ptvcursor_add_no_advance(csr, hf_80211n_mac_flags_rx_guard_interval, 4, ENC_LITTLE_ENDIAN);
646 ptvcursor_add_no_advance(csr, hf_80211n_mac_flags_duplicate_rx, 4, ENC_LITTLE_ENDIAN);
647 ptvcursor_add_no_advance(csr, hf_80211n_mac_flags_aggregate, 4, ENC_LITTLE_ENDIAN);
648 ptvcursor_add_no_advance(csr, hf_80211n_mac_flags_more_aggregates, 4, ENC_LITTLE_ENDIAN);
649 ptvcursor_add(csr, hf_80211n_mac_flags_delimiter_crc_after, 4, ENC_LITTLE_ENDIAN); /* Last */
650 ptvcursor_pop_subtree(csr);
651
652 if (DOT11N_IS_AGGREGATE(flags)) {
653 *ampdu_id = tvb_get_letohl(tvb, ptvcursor_current_offset(csr));
654 phdr->aggregate_id = *ampdu_id;
655 }
656 ptvcursor_add(csr, hf_80211n_mac_ampdu_id, 4, ENC_LITTLE_ENDIAN);
657 ptvcursor_add(csr, hf_80211n_mac_num_delimiters, 1, ENC_LITTLE_ENDIAN);
658
659 if (add_subtree) {
660 ptvcursor_add(csr, hf_80211n_mac_reserved, 3, ENC_LITTLE_ENDIAN);
661 }
662
663 ptvcursor_free(csr);
664 }
665
666 static void
dissect_80211n_mac_phy(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,int offset,int data_len,guint32 * n_mac_flags,guint32 * ampdu_id,struct ieee_802_11_phdr * phdr)667 dissect_80211n_mac_phy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, int data_len, guint32 *n_mac_flags, guint32 *ampdu_id, struct ieee_802_11_phdr *phdr)
668 {
669 proto_tree *ftree;
670 proto_item *ti;
671 ptvcursor_t *csr;
672 guint8 mcs;
673 guint8 ness;
674 guint16 ext_frequency;
675 gchar *chan_str;
676
677 ftree = proto_tree_add_subtree(tree, tvb, offset, data_len, ett_dot11n_mac_phy, NULL, "802.11n MAC+PHY");
678 add_ppi_field_header(tvb, ftree, &offset);
679 data_len -= 4; /* Subtract field header length */
680
681 if (data_len != PPI_80211N_MAC_PHY_LEN) {
682 proto_tree_add_expert_format(ftree, pinfo, &ei_ppi_invalid_length, tvb, offset, data_len, "Invalid length: %u", data_len);
683 return;
684 }
685
686 dissect_80211n_mac(tvb, pinfo, ftree, offset, PPI_80211N_MAC_LEN,
687 FALSE, n_mac_flags, ampdu_id, phdr);
688 offset += PPI_80211N_MAC_PHY_OFF;
689
690 csr = ptvcursor_new(pinfo->pool, ftree, tvb, offset);
691
692 mcs = tvb_get_guint8(tvb, ptvcursor_current_offset(csr));
693 if (mcs != 255) {
694 phdr->phy_info.info_11n.has_mcs_index = TRUE;
695 phdr->phy_info.info_11n.mcs_index = mcs;
696 }
697 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_mcs, 1, 255);
698
699 ness = tvb_get_guint8(tvb, ptvcursor_current_offset(csr));
700 phdr->phy_info.info_11n.has_ness = TRUE;
701 phdr->phy_info.info_11n.ness = ness;
702 ti = ptvcursor_add(csr, hf_80211n_mac_phy_num_streams, 1, ENC_LITTLE_ENDIAN);
703 if (tvb_get_guint8(tvb, ptvcursor_current_offset(csr) - 1) == 0)
704 proto_item_append_text(ti, " (unknown)");
705 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_combined, 1, 255);
706 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant0_ctl, 1, 255);
707 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant1_ctl, 1, 255);
708 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant2_ctl, 1, 255);
709 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant3_ctl, 1, 255);
710 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant0_ext, 1, 255);
711 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant1_ext, 1, 255);
712 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant2_ext, 1, 255);
713 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_rssi_ant3_ext, 1, 255);
714
715 ext_frequency = tvb_get_letohs(ptvcursor_tvbuff(csr), ptvcursor_current_offset(csr));
716 chan_str = ieee80211_mhz_to_str(ext_frequency);
717 proto_tree_add_uint_format(ptvcursor_tree(csr), hf_80211n_mac_phy_ext_chan_freq, ptvcursor_tvbuff(csr),
718 ptvcursor_current_offset(csr), 2, ext_frequency, "Ext. Channel frequency: %s", chan_str);
719 g_free(chan_str);
720 ptvcursor_advance(csr, 2);
721
722 ptvcursor_add_with_subtree(csr, hf_80211n_mac_phy_ext_chan_flags, 2, ENC_LITTLE_ENDIAN,
723 ett_dot11n_mac_phy_ext_channel_flags);
724 ptvcursor_add_no_advance(csr, hf_80211n_mac_phy_ext_chan_flags_turbo, 2, ENC_LITTLE_ENDIAN);
725 ptvcursor_add_no_advance(csr, hf_80211n_mac_phy_ext_chan_flags_cck, 2, ENC_LITTLE_ENDIAN);
726 ptvcursor_add_no_advance(csr, hf_80211n_mac_phy_ext_chan_flags_ofdm, 2, ENC_LITTLE_ENDIAN);
727 ptvcursor_add_no_advance(csr, hf_80211n_mac_phy_ext_chan_flags_2ghz, 2, ENC_LITTLE_ENDIAN);
728 ptvcursor_add_no_advance(csr, hf_80211n_mac_phy_ext_chan_flags_5ghz, 2, ENC_LITTLE_ENDIAN);
729 ptvcursor_add_no_advance(csr, hf_80211n_mac_phy_ext_chan_flags_passive, 2, ENC_LITTLE_ENDIAN);
730 ptvcursor_add_no_advance(csr, hf_80211n_mac_phy_ext_chan_flags_dynamic, 2, ENC_LITTLE_ENDIAN);
731 ptvcursor_add(csr, hf_80211n_mac_phy_ext_chan_flags_gfsk, 2, ENC_LITTLE_ENDIAN);
732 ptvcursor_pop_subtree(csr);
733
734 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant0signal, 1, 0x80); /* -128 */
735 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant0noise, 1, 0x80);
736 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant1signal, 1, 0x80);
737 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant1noise, 1, 0x80);
738 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant2signal, 1, 0x80);
739 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant2noise, 1, 0x80);
740 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant3signal, 1, 0x80);
741 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_dbm_ant3noise, 1, 0x80);
742 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_evm0, 4, 0);
743 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_evm1, 4, 0);
744 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_evm2, 4, 0);
745 ptvcursor_add_invalid_check(csr, hf_80211n_mac_phy_evm3, 4, 0);
746
747 ptvcursor_free(csr);
748 }
749
750 static void
dissect_aggregation_extension(tvbuff_t * tvb,packet_info * pinfo _U_,proto_tree * tree,int offset,int data_len)751 dissect_aggregation_extension(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, int data_len)
752 {
753 proto_tree *ftree;
754 ptvcursor_t *csr;
755
756 ftree = proto_tree_add_subtree(tree, tvb, offset, data_len, ett_aggregation_extension, NULL, "Aggregation Extension");
757 add_ppi_field_header(tvb, ftree, &offset);
758 data_len -= 4; /* Subtract field header length */
759
760 if (data_len != PPI_AGGREGATION_EXTENSION_LEN) {
761 proto_tree_add_expert_format(ftree, pinfo, &ei_ppi_invalid_length, tvb, offset, data_len, "Invalid length: %u", data_len);
762 return;
763 }
764
765 csr = ptvcursor_new(pinfo->pool, ftree, tvb, offset);
766
767 ptvcursor_add(csr, hf_aggregation_extension_interface_id, 4, ENC_LITTLE_ENDIAN); /* Last */
768 ptvcursor_free(csr);
769 }
770
771 static void
dissect_8023_extension(tvbuff_t * tvb,packet_info * pinfo _U_,proto_tree * tree,int offset,int data_len)772 dissect_8023_extension(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, int data_len)
773 {
774 proto_tree *ftree;
775 ptvcursor_t *csr;
776
777 ftree = proto_tree_add_subtree(tree, tvb, offset, data_len, ett_8023_extension, NULL, "802.3 Extension");
778 add_ppi_field_header(tvb, ftree, &offset);
779 data_len -= 4; /* Subtract field header length */
780
781 if (data_len != PPI_8023_EXTENSION_LEN) {
782 proto_tree_add_expert_format(ftree, pinfo, &ei_ppi_invalid_length, tvb, offset, data_len, "Invalid length: %u", data_len);
783 return;
784 }
785
786 csr = ptvcursor_new(pinfo->pool, ftree, tvb, offset);
787
788 ptvcursor_add_with_subtree(csr, hf_8023_extension_flags, 4, ENC_LITTLE_ENDIAN, ett_8023_extension_flags);
789 ptvcursor_add(csr, hf_8023_extension_flags_fcs_present, 4, ENC_LITTLE_ENDIAN);
790 ptvcursor_pop_subtree(csr);
791
792 ptvcursor_add_with_subtree(csr, hf_8023_extension_errors, 4, ENC_LITTLE_ENDIAN, ett_8023_extension_errors);
793 ptvcursor_add_no_advance(csr, hf_8023_extension_errors_fcs, 4, ENC_LITTLE_ENDIAN);
794 ptvcursor_add_no_advance(csr, hf_8023_extension_errors_sequence, 4, ENC_LITTLE_ENDIAN);
795 ptvcursor_add_no_advance(csr, hf_8023_extension_errors_symbol, 4, ENC_LITTLE_ENDIAN);
796 ptvcursor_add(csr, hf_8023_extension_errors_data, 4, ENC_LITTLE_ENDIAN);
797 ptvcursor_pop_subtree(csr);
798
799 ptvcursor_free(csr);
800 }
801
802
803 #define PADDING4(x) ((((x + 3) >> 2) << 2) - x)
804 #define ADD_BASIC_TAG(hf_tag) \
805 if (tree) \
806 proto_tree_add_item(ppi_tree, hf_tag, tvb, offset, data_len, ENC_NA)
807
808 static int
dissect_ppi(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,void * data _U_)809 dissect_ppi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
810 {
811 proto_tree *ppi_tree = NULL, *ppi_flags_tree = NULL, *seg_tree = NULL, *ampdu_tree = NULL;
812 proto_tree *agg_tree = NULL;
813 proto_item *ti = NULL;
814 tvbuff_t *next_tvb;
815 int offset = 0;
816 guint version, flags;
817 gint tot_len, data_len;
818 guint data_type;
819 guint32 dlt;
820 guint32 n_ext_flags = 0;
821 guint32 ampdu_id = 0;
822 fragment_head *fd_head = NULL;
823 fragment_item *ft_fdh = NULL;
824 gint mpdu_count = 0;
825 gchar *mpdu_str;
826 gboolean first_mpdu = TRUE;
827 guint last_frame = 0;
828 gint len_remain, /*pad_len = 0,*/ ampdu_len = 0;
829 struct ieee_802_11_phdr phdr;
830
831 col_set_str(pinfo->cinfo, COL_PROTOCOL, "PPI");
832 col_clear(pinfo->cinfo, COL_INFO);
833
834 version = tvb_get_guint8(tvb, offset);
835 flags = tvb_get_guint8(tvb, offset + 1);
836
837 tot_len = tvb_get_letohs(tvb, offset+2);
838 dlt = tvb_get_letohl(tvb, offset+4);
839
840 col_add_fstr(pinfo->cinfo, COL_INFO, "PPI version %u, %u bytes",
841 version, tot_len);
842
843 /* Dissect the packet */
844 if (tree) {
845 ti = proto_tree_add_protocol_format(tree, proto_ppi,
846 tvb, 0, tot_len, "PPI version %u, %u bytes", version, tot_len);
847 ppi_tree = proto_item_add_subtree(ti, ett_ppi_pph);
848 proto_tree_add_item(ppi_tree, hf_ppi_head_version,
849 tvb, offset, 1, ENC_LITTLE_ENDIAN);
850
851 ti = proto_tree_add_item(ppi_tree, hf_ppi_head_flags,
852 tvb, offset + 1, 1, ENC_LITTLE_ENDIAN);
853 ppi_flags_tree = proto_item_add_subtree(ti, ett_ppi_flags);
854 proto_tree_add_item(ppi_flags_tree, hf_ppi_head_flag_alignment,
855 tvb, offset + 1, 1, ENC_LITTLE_ENDIAN);
856 proto_tree_add_item(ppi_flags_tree, hf_ppi_head_flag_reserved,
857 tvb, offset + 1, 1, ENC_LITTLE_ENDIAN);
858
859 proto_tree_add_item(ppi_tree, hf_ppi_head_len,
860 tvb, offset + 2, 2, ENC_LITTLE_ENDIAN);
861 proto_tree_add_item(ppi_tree, hf_ppi_head_dlt,
862 tvb, offset + 4, 4, ENC_LITTLE_ENDIAN);
863 }
864
865 tot_len -= PPI_V0_HEADER_LEN;
866 offset += 8;
867
868 /* We don't have any 802.11 metadata yet. */
869 memset(&phdr, 0, sizeof(phdr));
870 phdr.fcs_len = -1;
871 phdr.decrypted = FALSE;
872 phdr.datapad = FALSE;
873 phdr.phy = PHDR_802_11_PHY_UNKNOWN;
874
875 while (tot_len > 0) {
876 data_type = tvb_get_letohs(tvb, offset);
877 data_len = tvb_get_letohs(tvb, offset + 2) + 4;
878 tot_len -= data_len;
879
880 switch (data_type) {
881
882 case PPI_80211_COMMON:
883 dissect_80211_common(tvb, pinfo, ppi_tree, offset, data_len, &phdr);
884 break;
885
886 case PPI_80211N_MAC:
887 dissect_80211n_mac(tvb, pinfo, ppi_tree, offset, data_len,
888 TRUE, &n_ext_flags, &du_id, &phdr);
889 break;
890
891 case PPI_80211N_MAC_PHY:
892 dissect_80211n_mac_phy(tvb, pinfo, ppi_tree, offset,
893 data_len, &n_ext_flags, &du_id, &phdr);
894 break;
895
896 case PPI_SPECTRUM_MAP:
897 ADD_BASIC_TAG(hf_spectrum_map);
898 break;
899
900 case PPI_PROCESS_INFO:
901 ADD_BASIC_TAG(hf_process_info);
902 break;
903
904 case PPI_CAPTURE_INFO:
905 ADD_BASIC_TAG(hf_capture_info);
906 break;
907
908 case PPI_AGGREGATION_EXTENSION:
909 dissect_aggregation_extension(tvb, pinfo, ppi_tree, offset, data_len);
910 break;
911
912 case PPI_8023_EXTENSION:
913 dissect_8023_extension(tvb, pinfo, ppi_tree, offset, data_len);
914 break;
915
916 case PPI_GPS_INFO:
917 if (ppi_gps_handle == NULL)
918 {
919 proto_tree_add_item(ppi_tree, hf_ppi_gps, tvb, offset, data_len, ENC_NA);
920 }
921 else /* we found a suitable dissector */
922 {
923 /* skip over the ppi_fieldheader, and pass it off to the dedicated GPS dissetor */
924 next_tvb = tvb_new_subset_length_caplen(tvb, offset + 4, data_len - 4 , -1);
925 call_dissector(ppi_gps_handle, next_tvb, pinfo, ppi_tree);
926 }
927 break;
928
929 case PPI_VECTOR_INFO:
930 if (ppi_vector_handle == NULL)
931 {
932 proto_tree_add_item(ppi_tree, hf_ppi_vector, tvb, offset, data_len, ENC_NA);
933 }
934 else /* we found a suitable dissector */
935 {
936 /* skip over the ppi_fieldheader, and pass it off to the dedicated VECTOR dissetor */
937 next_tvb = tvb_new_subset_length_caplen(tvb, offset + 4, data_len - 4 , -1);
938 call_dissector(ppi_vector_handle, next_tvb, pinfo, ppi_tree);
939 }
940 break;
941
942 case PPI_SENSOR_INFO:
943 if (ppi_sensor_handle == NULL)
944 {
945 proto_tree_add_item(ppi_tree, hf_ppi_harris, tvb, offset, data_len, ENC_NA);
946 }
947 else /* we found a suitable dissector */
948 {
949 /* skip over the ppi_fieldheader, and pass it off to the dedicated SENSOR dissetor */
950 next_tvb = tvb_new_subset_length_caplen(tvb, offset + 4, data_len - 4 , -1);
951 call_dissector(ppi_sensor_handle, next_tvb, pinfo, ppi_tree);
952 }
953 break;
954
955 case PPI_ANTENNA_INFO:
956 if (ppi_antenna_handle == NULL)
957 {
958 proto_tree_add_item(ppi_tree, hf_ppi_antenna, tvb, offset, data_len, ENC_NA);
959 }
960 else /* we found a suitable dissector */
961 {
962 /* skip over the ppi_fieldheader, and pass it off to the dedicated ANTENNA dissetor */
963 next_tvb = tvb_new_subset_length_caplen(tvb, offset + 4, data_len - 4 , -1);
964 call_dissector(ppi_antenna_handle, next_tvb, pinfo, ppi_tree);
965 }
966 break;
967
968 case FNET_PRIVATE:
969 if (ppi_fnet_handle == NULL)
970 {
971 proto_tree_add_item(ppi_tree, hf_ppi_fnet, tvb, offset, data_len, ENC_NA);
972 }
973 else /* we found a suitable dissector */
974 {
975 /* skip over the ppi_fieldheader, and pass it off to the dedicated FNET dissetor */
976 next_tvb = tvb_new_subset_length_caplen(tvb, offset + 4, data_len - 4 , -1);
977 call_dissector(ppi_fnet_handle, next_tvb, pinfo, ppi_tree);
978 }
979 break;
980
981 default:
982 proto_tree_add_item(ppi_tree, hf_ppi_reserved, tvb, offset, data_len, ENC_NA);
983 }
984
985 offset += data_len;
986 if (IS_PPI_FLAG_ALIGN(flags)){
987 offset += PADDING4(offset);
988 }
989 }
990
991 /*
992 * The Channel-Flags field is described as "Radiotap-formatted
993 * channel flags". The comment in the radiotap.org page about
994 * the suggested xchannel field says:
995 *
996 * As used, this field conflates channel properties (which
997 * need not be stored per packet but are more or less fixed)
998 * with packet properties (like the modulation).
999 *
1000 * The radiotap channel field, in practice, seems to be used,
1001 * in some cases, to indicate channel properties (from which
1002 * the packet modulation cannot be inferred) and, in other
1003 * cases, to indicate the packet's modulation.
1004 *
1005 * The same applies to the Channel-Flags field. There is a capture
1006 * in which the Channel-Flags field indicates that the channel is
1007 * an OFDM-only channel with a center frequency of 2422 MHz, and
1008 * the data rate field indicates a 2 Mb/s rate, which means you can't
1009 * rely on the CCK/OFDM/dynamic CCK/OFDM bits in the channel field
1010 * to indicate anything.
1011 *
1012 * That makes the Channel-Flags field unusable either for determining
1013 * the channel type or for determining the packet modulation,
1014 * as it cannot be determined how it's being used.
1015 *
1016 * Fortunately, there are other ways to determine the packet
1017 * modulation:
1018 *
1019 * if there's an FHSS flag, the packet was transmitted
1020 * using the 802.11 legacy FHSS modulation;
1021 *
1022 * otherwise:
1023 *
1024 * if there's an 802.11n MAC Extension header or an 802.11n
1025 * MAC+PHY Extension header, the packet was transmitted using
1026 * one of the 11n HT PHY's specified modulations;
1027 *
1028 * otherwise:
1029 *
1030 * if the data rate is 1 Mb/s or 2 Mb/s, the packet was
1031 * transmitted using the 802.11 legacy DSSS modulation
1032 * (we ignore the IR PHY - was it ever implemented?);
1033 *
1034 * if the data rate is 5 Mb/s or 11 Mb/s, the packet
1035 * was transmitted using the 802.11b DSSS/CCK modulation
1036 * (or the now-obsolete DSSS/PBCC modulation; *if* we can
1037 * rely on the channel/xchannel field's "CCK channel" and
1038 * "Dynamic CCK-OFDM channel" flags, the absence of either
1039 * flag would presumably indicate DSSS/PBCC);
1040 *
1041 * if the data rate is 22 Mb/s or 33 Mb/s, the packet was
1042 * transmitted using the 802.11b DSSS/PBCC modulation (as
1043 * those speeds aren't supported by DSSS/CCK);
1044 *
1045 * if the data rate is one of the OFDM rates for the 11a
1046 * OFDM PHY and the OFDM part of the 11g ERP PHY, the
1047 * packet was transmitted with the 11g/11a OFDM modulation.
1048 *
1049 * We've already handled the 11n headers, and may have attempted
1050 * to use the Channel-Flags field to guess the modulation. That
1051 * guess might get the wrong answer for 11g "Dynamic CCK-OFDM"
1052 * channels.
1053 *
1054 * If we have the data rate, we use it to:
1055 *
1056 * fix up the 11g channels;
1057 *
1058 * determine the modulation if we haven't been able to
1059 * determine it any other way.
1060 */
1061 if (phdr.has_data_rate) {
1062 if (phdr.phy == PHDR_802_11_PHY_UNKNOWN) {
1063 /*
1064 * We don't know they PHY, but we do have the
1065 * data rate; try to guess it based on the
1066 * data rate and channel/center frequency.
1067 */
1068 if (RATE_IS_DSSS(phdr.data_rate)) {
1069 /* 11b */
1070 phdr.phy = PHDR_802_11_PHY_11B;
1071 } else if (RATE_IS_OFDM(phdr.data_rate)) {
1072 /* 11a or 11g, depending on the band. */
1073 if (phdr.has_frequency) {
1074 if (FREQ_IS_BG(phdr.frequency)) {
1075 /* 11g */
1076 phdr.phy = PHDR_802_11_PHY_11G;
1077 } else {
1078 /* 11a */
1079 phdr.phy = PHDR_802_11_PHY_11A;
1080 }
1081 }
1082 }
1083 } else if (phdr.phy == PHDR_802_11_PHY_11G) {
1084 if (RATE_IS_DSSS(phdr.data_rate)) {
1085 /* DSSS, so 11b. */
1086 phdr.phy = PHDR_802_11_PHY_11B;
1087 }
1088 }
1089 }
1090
1091 /*
1092 * There is no indication, for HR/DSSS (11b/11g), whether
1093 * the packet had a long or short preamble.
1094 */
1095 if (phdr.phy == PHDR_802_11_PHY_11B)
1096 phdr.phy_info.info_11b.has_short_preamble = FALSE;
1097
1098 if (ppi_ampdu_reassemble && DOT11N_IS_AGGREGATE(n_ext_flags)) {
1099 len_remain = tvb_captured_length_remaining(tvb, offset);
1100 #if 0 /* XXX: pad_len never actually used ?? */
1101 if (DOT11N_MORE_AGGREGATES(n_ext_flags)) {
1102 pad_len = PADDING4(len_remain);
1103 }
1104 #endif
1105 pinfo->fragmented = TRUE;
1106
1107 /* Make sure we aren't going to go past AGGREGATE_MAX
1108 * and caclulate our full A-MPDU length */
1109 fd_head = fragment_get(&du_reassembly_table, pinfo, ampdu_id, NULL);
1110 while (fd_head) {
1111 ampdu_len += fd_head->len + PADDING4(fd_head->len) + 4;
1112 fd_head = fd_head->next;
1113 }
1114 if (ampdu_len > AGGREGATE_MAX) {
1115 proto_tree_add_expert_format(ppi_tree, pinfo, &ei_ppi_invalid_length, tvb, offset, -1, "Aggregate length greater than maximum (%u)", AGGREGATE_MAX);
1116 return offset;
1117 }
1118
1119 /*
1120 * Note that we never actually reassemble our A-MPDUs. Doing
1121 * so would require prepending each MPDU with an A-MPDU delimiter
1122 * and appending it with padding, only to hand it off to some
1123 * routine which would un-do the work we just did. We're using
1124 * the reassembly code to track MPDU sizes and frame numbers.
1125 */
1126 /*??fd_head = */fragment_add_seq_next(&du_reassembly_table,
1127 tvb, offset, pinfo, ampdu_id, NULL, len_remain, TRUE);
1128 pinfo->fragmented = TRUE;
1129
1130 /* Do reassembly? */
1131 fd_head = fragment_get(&du_reassembly_table, pinfo, ampdu_id, NULL);
1132
1133 /* Show our fragments */
1134 if (fd_head && tree) {
1135 ft_fdh = fd_head;
1136 /* List our fragments */
1137 seg_tree = proto_tree_add_subtree_format(ppi_tree, tvb, offset, -1,
1138 ett_ampdu_segments, &ti, "A-MPDU (%u bytes w/hdrs):", ampdu_len);
1139 proto_item_set_generated(ti);
1140
1141 while (ft_fdh) {
1142 if (ft_fdh->tvb_data && ft_fdh->len) {
1143 last_frame = ft_fdh->frame;
1144 if (!first_mpdu)
1145 proto_item_append_text(ti, ",");
1146 first_mpdu = FALSE;
1147 proto_item_append_text(ti, " #%u(%u)",
1148 ft_fdh->frame, ft_fdh->len);
1149 proto_tree_add_uint_format(seg_tree, hf_ampdu_segment,
1150 tvb, 0, 0, last_frame,
1151 "Frame: %u (%u byte%s)",
1152 last_frame,
1153 ft_fdh->len,
1154 plurality(ft_fdh->len, "", "s"));
1155 }
1156 ft_fdh = ft_fdh->next;
1157 }
1158 if (last_frame && last_frame != pinfo->num)
1159 proto_tree_add_uint(seg_tree, hf_ampdu_reassembled_in,
1160 tvb, 0, 0, last_frame);
1161 }
1162
1163 if (fd_head && !DOT11N_MORE_AGGREGATES(n_ext_flags)) {
1164 if (tree) {
1165 ti = proto_tree_add_protocol_format(tree,
1166 proto_get_id_by_filter_name("wlan_aggregate"),
1167 tvb, 0, tot_len, "IEEE 802.11 Aggregate MPDU");
1168 agg_tree = proto_item_add_subtree(ti, ett_ampdu);
1169 }
1170
1171 while (fd_head) {
1172 if (fd_head->tvb_data && fd_head->len) {
1173 mpdu_count++;
1174 mpdu_str = wmem_strdup_printf(pinfo->pool, "MPDU #%d", mpdu_count);
1175
1176 next_tvb = tvb_new_chain(tvb, fd_head->tvb_data);
1177 add_new_data_source(pinfo, next_tvb, mpdu_str);
1178
1179 ampdu_tree = proto_tree_add_subtree(agg_tree, next_tvb, 0, -1, ett_ampdu_segment, NULL, mpdu_str);
1180 call_dissector_with_data(ieee80211_radio_handle, next_tvb, pinfo, ampdu_tree, &phdr);
1181 }
1182 fd_head = fd_head->next;
1183 }
1184 proto_tree_add_uint(seg_tree, hf_ampdu_count, tvb, 0, 0, mpdu_count);
1185 pinfo->fragmented=FALSE;
1186 } else {
1187 next_tvb = tvb_new_subset_remaining(tvb, offset);
1188 col_set_str(pinfo->cinfo, COL_PROTOCOL, "IEEE 802.11n");
1189 col_set_str(pinfo->cinfo, COL_INFO, "Unreassembled A-MPDU data");
1190 call_data_dissector(next_tvb, pinfo, tree);
1191 }
1192 return tvb_captured_length(tvb);
1193 }
1194
1195 next_tvb = tvb_new_subset_remaining(tvb, offset);
1196 /*
1197 * Handle LINKTYPE_IEEE802_11, which is 105, specially; call the
1198 * "802.11 with radio information" dissector, and pass it a pointer
1199 * to the struct ieee_802_11_phdr we've constructed from the PPI data,
1200 * so that it can display that information.
1201 *
1202 * Handle everything else with the pcap_pktdata dissector, letting
1203 * it do whatever needs to be done about pseudo-headers.
1204 */
1205 if (dlt == 105) {
1206 /* LINKTYPE_IEEE802_11 */
1207 call_dissector_with_data(ieee80211_radio_handle, next_tvb, pinfo, tree, &phdr);
1208 } else {
1209 /* Everything else. */
1210 call_dissector_with_data(pcap_pktdata_handle, next_tvb, pinfo, tree, &dlt);
1211 }
1212 return tvb_captured_length(tvb);
1213 }
1214
1215 /* Establish our beachead */
1216
1217 void
proto_register_ppi(void)1218 proto_register_ppi(void)
1219 {
1220 static hf_register_info hf[] = {
1221 { &hf_ppi_head_version,
1222 { "Version", "ppi.version",
1223 FT_UINT8, BASE_DEC, NULL, 0x0,
1224 "PPI header format version", HFILL } },
1225 { &hf_ppi_head_flags,
1226 { "Flags", "ppi.flags",
1227 FT_UINT8, BASE_HEX, NULL, 0x0,
1228 "PPI header flags", HFILL } },
1229 { &hf_ppi_head_flag_alignment,
1230 { "Alignment", "ppi.flags.alignment",
1231 FT_BOOLEAN, 8, TFS(&tfs_ppi_head_flag_alignment), 0x01,
1232 "PPI header flags - 32bit Alignment", HFILL } },
1233 { &hf_ppi_head_flag_reserved,
1234 { "Reserved", "ppi.flags.reserved",
1235 FT_UINT8, BASE_HEX, NULL, 0xFE,
1236 "PPI header flags - Reserved Flags", HFILL } },
1237 { &hf_ppi_head_len,
1238 { "Header length", "ppi.length",
1239 FT_UINT16, BASE_DEC, NULL, 0x0,
1240 "Length of header including payload", HFILL } },
1241 { &hf_ppi_head_dlt,
1242 { "DLT", "ppi.dlt",
1243 FT_UINT32, BASE_DEC, NULL, 0x0, "libpcap Data Link Type (DLT) of the payload", HFILL } },
1244
1245 { &hf_ppi_field_type,
1246 { "Field type", "ppi.field_type",
1247 FT_UINT16, BASE_DEC, VALS(vs_ppi_field_type), 0x0, "PPI data field type", HFILL } },
1248 { &hf_ppi_field_len,
1249 { "Field length", "ppi.field_len",
1250 FT_UINT16, BASE_DEC, NULL, 0x0, "PPI data field length", HFILL } },
1251
1252 { &hf_80211_common_tsft,
1253 { "TSFT", "ppi.80211-common.tsft",
1254 FT_UINT64, BASE_DEC, NULL, 0x0, "PPI 802.11-Common Timing Synchronization Function Timer (TSFT)", HFILL } },
1255 { &hf_80211_common_flags,
1256 { "Flags", "ppi.80211-common.flags",
1257 FT_UINT16, BASE_HEX, NULL, 0x0, "PPI 802.11-Common Flags", HFILL } },
1258 { &hf_80211_common_flags_fcs,
1259 { "FCS present flag", "ppi.80211-common.flags.fcs",
1260 FT_BOOLEAN, 16, TFS(&tfs_present_absent), DOT11_FLAG_HAVE_FCS, "PPI 802.11-Common Frame Check Sequence (FCS) Present Flag", HFILL } },
1261 { &hf_80211_common_flags_tsft,
1262 { "TSFT flag", "ppi.80211-common.flags.tsft",
1263 FT_BOOLEAN, 16, TFS(&tfs_tsft_ms), DOT11_FLAG_TSF_TIMER_MS, "PPI 802.11-Common Timing Synchronization Function Timer (TSFT) msec/usec flag", HFILL } },
1264 { &hf_80211_common_flags_fcs_valid,
1265 { "FCS validity", "ppi.80211-common.flags.fcs-invalid",
1266 FT_BOOLEAN, 16, TFS(&tfs_invalid_valid), DOT11_FLAG_FCS_INVALID, "PPI 802.11-Common Frame Check Sequence (FCS) Validity flag", HFILL } },
1267 { &hf_80211_common_flags_phy_err,
1268 { "PHY error flag", "ppi.80211-common.flags.phy-err",
1269 FT_BOOLEAN, 16, TFS(&tfs_phy_error), DOT11_FLAG_PHY_ERROR, "PPI 802.11-Common Physical level (PHY) Error", HFILL } },
1270 { &hf_80211_common_rate,
1271 { "Data rate", "ppi.80211-common.rate",
1272 FT_UINT16, BASE_DEC, NULL, 0x0, "PPI 802.11-Common Data Rate (x 500 Kbps)", HFILL } },
1273 { &hf_80211_common_chan_freq,
1274 { "Channel frequency", "ppi.80211-common.chan.freq",
1275 FT_UINT16, BASE_DEC, NULL, 0x0,
1276 "PPI 802.11-Common Channel Frequency", HFILL } },
1277 { &hf_80211_common_chan_flags,
1278 { "Channel flags", "ppi.80211-common.chan.flags",
1279 FT_UINT16, BASE_HEX, NULL, 0x0, "PPI 802.11-Common Channel Flags", HFILL } },
1280
1281 { &hf_80211_common_chan_flags_turbo,
1282 { "Turbo", "ppi.80211-common.chan.flags.turbo",
1283 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_TURBO, "PPI 802.11-Common Channel Flags Turbo", HFILL } },
1284 { &hf_80211_common_chan_flags_cck,
1285 { "Complementary Code Keying (CCK)", "ppi.80211-common.chan.flags.cck",
1286 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_CCK, "PPI 802.11-Common Channel Flags Complementary Code Keying (CCK) Modulation", HFILL } },
1287 { &hf_80211_common_chan_flags_ofdm,
1288 { "Orthogonal Frequency-Division Multiplexing (OFDM)", "ppi.80211-common.chan.flags.ofdm",
1289 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_OFDM, "PPI 802.11-Common Channel Flags Orthogonal Frequency-Division Multiplexing (OFDM)", HFILL } },
1290 { &hf_80211_common_chan_flags_2ghz,
1291 { "2 GHz spectrum", "ppi.80211-common.chan.flags.2ghz",
1292 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_2GHZ, "PPI 802.11-Common Channel Flags 2 GHz spectrum", HFILL } },
1293 { &hf_80211_common_chan_flags_5ghz,
1294 { "5 GHz spectrum", "ppi.80211-common.chan.flags.5ghz",
1295 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_5GHZ, "PPI 802.11-Common Channel Flags 5 GHz spectrum", HFILL } },
1296 { &hf_80211_common_chan_flags_passive,
1297 { "Passive", "ppi.80211-common.chan.flags.passive",
1298 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_PASSIVE, "PPI 802.11-Common Channel Flags Passive", HFILL } },
1299 { &hf_80211_common_chan_flags_dynamic,
1300 { "Dynamic CCK-OFDM", "ppi.80211-common.chan.flags.dynamic",
1301 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_DYN, "PPI 802.11-Common Channel Flags Dynamic CCK-OFDM Channel", HFILL } },
1302 { &hf_80211_common_chan_flags_gfsk,
1303 { "Gaussian Frequency Shift Keying (GFSK)", "ppi.80211-common.chan.flags.gfsk",
1304 FT_BOOLEAN, 16, NULL, IEEE80211_CHAN_GFSK, "PPI 802.11-Common Channel Flags Gaussian Frequency Shift Keying (GFSK) Modulation", HFILL } },
1305
1306 { &hf_80211_common_fhss_hopset,
1307 { "FHSS hopset", "ppi.80211-common.fhss.hopset",
1308 FT_UINT8, BASE_HEX, NULL, 0x0, "PPI 802.11-Common Frequency-Hopping Spread Spectrum (FHSS) Hopset", HFILL } },
1309 { &hf_80211_common_fhss_pattern,
1310 { "FHSS pattern", "ppi.80211-common.fhss.pattern",
1311 FT_UINT8, BASE_HEX, NULL, 0x0, "PPI 802.11-Common Frequency-Hopping Spread Spectrum (FHSS) Pattern", HFILL } },
1312 { &hf_80211_common_dbm_antsignal,
1313 { "dBm antenna signal", "ppi.80211-common.dbm.antsignal",
1314 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11-Common dBm Antenna Signal", HFILL } },
1315 { &hf_80211_common_dbm_antnoise,
1316 { "dBm antenna noise", "ppi.80211-common.dbm.antnoise",
1317 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11-Common dBm Antenna Noise", HFILL } },
1318
1319 /* 802.11n MAC */
1320 { &hf_80211n_mac_flags,
1321 { "MAC flags", "ppi.80211n-mac.flags",
1322 FT_UINT32, BASE_HEX, NULL, 0x0, "PPI 802.11n MAC flags", HFILL } },
1323 { &hf_80211n_mac_flags_greenfield,
1324 { "Greenfield flag", "ppi.80211n-mac.flags.greenfield",
1325 FT_BOOLEAN, 32, TFS(&tfs_true_false), DOT11N_FLAG_GREENFIELD, "PPI 802.11n MAC Greenfield Flag", HFILL } },
1326 { &hf_80211n_mac_flags_ht20_40,
1327 { "HT20/HT40 flag", "ppi.80211n-mac.flags.ht20_40",
1328 FT_BOOLEAN, 32, TFS(&tfs_ht20_40), DOT11N_FLAG_HT40, "PPI 802.11n MAC HT20/HT40 Flag", HFILL } },
1329 { &hf_80211n_mac_flags_rx_guard_interval,
1330 { "RX Short Guard Interval (SGI) flag", "ppi.80211n-mac.flags.rx.short_guard_interval",
1331 FT_BOOLEAN, 32, TFS(&tfs_true_false), DOT11N_FLAG_SHORT_GI, "PPI 802.11n MAC RX Short Guard Interval (SGI) Flag", HFILL } },
1332 { &hf_80211n_mac_flags_duplicate_rx,
1333 { "Duplicate RX flag", "ppi.80211n-mac.flags.rx.duplicate",
1334 FT_BOOLEAN, 32, TFS(&tfs_true_false), DOT11N_FLAG_DUPLICATE_RX, "PPI 802.11n MAC Duplicate RX Flag", HFILL } },
1335 { &hf_80211n_mac_flags_aggregate,
1336 { "Aggregate flag", "ppi.80211n-mac.flags.agg",
1337 FT_BOOLEAN, 32, TFS(&tfs_true_false), DOT11N_FLAG_IS_AGGREGATE, "PPI 802.11 MAC Aggregate Flag", HFILL } },
1338 { &hf_80211n_mac_flags_more_aggregates,
1339 { "More aggregates flag", "ppi.80211n-mac.flags.more_agg",
1340 FT_BOOLEAN, 32, TFS(&tfs_true_false), DOT11N_FLAG_MORE_AGGREGATES, "PPI 802.11n MAC More Aggregates Flag", HFILL } },
1341 { &hf_80211n_mac_flags_delimiter_crc_after,
1342 { "A-MPDU Delimiter CRC error after this frame flag", "ppi.80211n-mac.flags.delim_crc_error_after",
1343 FT_BOOLEAN, 32, TFS(&tfs_true_false), DOT11N_FLAG_AGG_CRC_ERROR, "PPI 802.11n MAC A-MPDU Delimiter CRC Error After This Frame Flag", HFILL } },
1344 { &hf_80211n_mac_ampdu_id,
1345 { "AMPDU-ID", "ppi.80211n-mac.ampdu_id",
1346 FT_UINT32, BASE_HEX, NULL, 0x0, "PPI 802.11n MAC AMPDU-ID", HFILL } },
1347 { &hf_80211n_mac_num_delimiters,
1348 { "Num-Delimiters", "ppi.80211n-mac.num_delimiters",
1349 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC number of zero-length pad delimiters", HFILL } },
1350 { &hf_80211n_mac_reserved,
1351 { "Reserved", "ppi.80211n-mac.reserved",
1352 FT_UINT24, BASE_HEX, NULL, 0x0, "PPI 802.11n MAC Reserved", HFILL } },
1353
1354
1355 /* 802.11n MAC+PHY */
1356 { &hf_80211n_mac_phy_mcs,
1357 { "MCS", "ppi.80211n-mac-phy.mcs",
1358 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Modulation Coding Scheme (MCS)", HFILL } },
1359 { &hf_80211n_mac_phy_num_streams,
1360 { "Number of spatial streams", "ppi.80211n-mac-phy.num_streams",
1361 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY number of spatial streams", HFILL } },
1362 { &hf_80211n_mac_phy_rssi_combined,
1363 { "RSSI combined", "ppi.80211n-mac-phy.rssi.combined",
1364 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Received Signal Strength Indication (RSSI) Combined", HFILL } },
1365 { &hf_80211n_mac_phy_rssi_ant0_ctl,
1366 { "Antenna 0 control RSSI", "ppi.80211n-mac-phy.rssi.ant0ctl",
1367 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 0 Control Channel Received Signal Strength Indication (RSSI)", HFILL } },
1368 { &hf_80211n_mac_phy_rssi_ant1_ctl,
1369 { "Antenna 1 control RSSI", "ppi.80211n-mac-phy.rssi.ant1ctl",
1370 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 1 Control Channel Received Signal Strength Indication (RSSI)", HFILL } },
1371 { &hf_80211n_mac_phy_rssi_ant2_ctl,
1372 { "Antenna 2 control RSSI", "ppi.80211n-mac-phy.rssi.ant2ctl",
1373 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 2 Control Channel Received Signal Strength Indication (RSSI)", HFILL } },
1374 { &hf_80211n_mac_phy_rssi_ant3_ctl,
1375 { "Antenna 3 control RSSI", "ppi.80211n-mac-phy.rssi.ant3ctl",
1376 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 3 Control Channel Received Signal Strength Indication (RSSI)", HFILL } },
1377 { &hf_80211n_mac_phy_rssi_ant0_ext,
1378 { "Antenna 0 extension RSSI", "ppi.80211n-mac-phy.rssi.ant0ext",
1379 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 0 Extension Channel Received Signal Strength Indication (RSSI)", HFILL } },
1380 { &hf_80211n_mac_phy_rssi_ant1_ext,
1381 { "Antenna 1 extension RSSI", "ppi.80211n-mac-phy.rssi.ant1ext",
1382 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 1 Extension Channel Received Signal Strength Indication (RSSI)", HFILL } },
1383 { &hf_80211n_mac_phy_rssi_ant2_ext,
1384 { "Antenna 2 extension RSSI", "ppi.80211n-mac-phy.rssi.ant2ext",
1385 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 2 Extension Channel Received Signal Strength Indication (RSSI)", HFILL } },
1386 { &hf_80211n_mac_phy_rssi_ant3_ext,
1387 { "Antenna 3 extension RSSI", "ppi.80211n-mac-phy.rssi.ant3ext",
1388 FT_UINT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Antenna 3 Extension Channel Received Signal Strength Indication (RSSI)", HFILL } },
1389 { &hf_80211n_mac_phy_ext_chan_freq,
1390 { "Extended channel frequency", "ppi.80211-mac-phy.ext-chan.freq",
1391 FT_UINT16, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Extended Channel Frequency", HFILL } },
1392 { &hf_80211n_mac_phy_ext_chan_flags,
1393 { "Channel flags", "ppi.80211-mac-phy.ext-chan.flags",
1394 FT_UINT16, BASE_HEX, NULL, 0x0, "PPI 802.11n MAC+PHY Channel Flags", HFILL } },
1395 { &hf_80211n_mac_phy_ext_chan_flags_turbo,
1396 { "Turbo", "ppi.80211-mac-phy.ext-chan.flags.turbo",
1397 FT_BOOLEAN, 16, NULL, 0x0010, "PPI 802.11n MAC+PHY Channel Flags Turbo", HFILL } },
1398 { &hf_80211n_mac_phy_ext_chan_flags_cck,
1399 { "Complementary Code Keying (CCK)", "ppi.80211-mac-phy.ext-chan.flags.cck",
1400 FT_BOOLEAN, 16, NULL, 0x0020, "PPI 802.11n MAC+PHY Channel Flags Complementary Code Keying (CCK) Modulation", HFILL } },
1401 { &hf_80211n_mac_phy_ext_chan_flags_ofdm,
1402 { "Orthogonal Frequency-Division Multiplexing (OFDM)", "ppi.80211-mac-phy.ext-chan.flags.ofdm",
1403 FT_BOOLEAN, 16, NULL, 0x0040, "PPI 802.11n MAC+PHY Channel Flags Orthogonal Frequency-Division Multiplexing (OFDM)", HFILL } },
1404 { &hf_80211n_mac_phy_ext_chan_flags_2ghz,
1405 { "2 GHz spectrum", "ppi.80211-mac-phy.ext-chan.flags.2ghz",
1406 FT_BOOLEAN, 16, NULL, 0x0080, "PPI 802.11n MAC+PHY Channel Flags 2 GHz spectrum", HFILL } },
1407 { &hf_80211n_mac_phy_ext_chan_flags_5ghz,
1408 { "5 GHz spectrum", "ppi.80211-mac-phy.ext-chan.flags.5ghz",
1409 FT_BOOLEAN, 16, NULL, 0x0100, "PPI 802.11n MAC+PHY Channel Flags 5 GHz spectrum", HFILL } },
1410 { &hf_80211n_mac_phy_ext_chan_flags_passive,
1411 { "Passive", "ppi.80211-mac-phy.ext-chan.flags.passive",
1412 FT_BOOLEAN, 16, NULL, 0x0200, "PPI 802.11n MAC+PHY Channel Flags Passive", HFILL } },
1413 { &hf_80211n_mac_phy_ext_chan_flags_dynamic,
1414 { "Dynamic CCK-OFDM", "ppi.80211-mac-phy.ext-chan.flags.dynamic",
1415 FT_BOOLEAN, 16, NULL, 0x0400, "PPI 802.11n MAC+PHY Channel Flags Dynamic CCK-OFDM Channel", HFILL } },
1416 { &hf_80211n_mac_phy_ext_chan_flags_gfsk,
1417 { "Gaussian Frequency Shift Keying (GFSK)", "ppi.80211-mac-phy.ext-chan.flags.gfsk",
1418 FT_BOOLEAN, 16, NULL, 0x0800, "PPI 802.11n MAC+PHY Channel Flags Gaussian Frequency Shift Keying (GFSK) Modulation", HFILL } },
1419 { &hf_80211n_mac_phy_dbm_ant0signal,
1420 { "dBm antenna 0 signal", "ppi.80211n-mac-phy.dbmant0.signal",
1421 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 0 Signal", HFILL } },
1422 { &hf_80211n_mac_phy_dbm_ant0noise,
1423 { "dBm antenna 0 noise", "ppi.80211n-mac-phy.dbmant0.noise",
1424 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 0 Noise", HFILL } },
1425 { &hf_80211n_mac_phy_dbm_ant1signal,
1426 { "dBm antenna 1 signal", "ppi.80211n-mac-phy.dbmant1.signal",
1427 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 1 Signal", HFILL } },
1428 { &hf_80211n_mac_phy_dbm_ant1noise,
1429 { "dBm antenna 1 noise", "ppi.80211n-mac-phy.dbmant1.noise",
1430 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 1 Noise", HFILL } },
1431 { &hf_80211n_mac_phy_dbm_ant2signal,
1432 { "dBm antenna 2 signal", "ppi.80211n-mac-phy.dbmant2.signal",
1433 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 2 Signal", HFILL } },
1434 { &hf_80211n_mac_phy_dbm_ant2noise,
1435 { "dBm antenna 2 noise", "ppi.80211n-mac-phy.dbmant2.noise",
1436 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 2 Noise", HFILL } },
1437 { &hf_80211n_mac_phy_dbm_ant3signal,
1438 { "dBm antenna 3 signal", "ppi.80211n-mac-phy.dbmant3.signal",
1439 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 3 Signal", HFILL } },
1440 { &hf_80211n_mac_phy_dbm_ant3noise,
1441 { "dBm antenna 3 noise", "ppi.80211n-mac-phy.dbmant3.noise",
1442 FT_INT8, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY dBm Antenna 3 Noise", HFILL } },
1443 { &hf_80211n_mac_phy_evm0,
1444 { "EVM-0", "ppi.80211n-mac-phy.evm0",
1445 FT_UINT32, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Error Vector Magnitude (EVM) for chain 0", HFILL } },
1446 { &hf_80211n_mac_phy_evm1,
1447 { "EVM-1", "ppi.80211n-mac-phy.evm1",
1448 FT_UINT32, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Error Vector Magnitude (EVM) for chain 1", HFILL } },
1449 { &hf_80211n_mac_phy_evm2,
1450 { "EVM-2", "ppi.80211n-mac-phy.evm2",
1451 FT_UINT32, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Error Vector Magnitude (EVM) for chain 2", HFILL } },
1452 { &hf_80211n_mac_phy_evm3,
1453 { "EVM-3", "ppi.80211n-mac-phy.evm3",
1454 FT_UINT32, BASE_DEC, NULL, 0x0, "PPI 802.11n MAC+PHY Error Vector Magnitude (EVM) for chain 3", HFILL } },
1455
1456 { &hf_ampdu_segment,
1457 { "A-MPDU", "ppi.80211n-mac.ampdu",
1458 FT_FRAMENUM, BASE_NONE, NULL, 0x0, "802.11n Aggregated MAC Protocol Data Unit (A-MPDU)", HFILL }},
1459 #if 0
1460 { &hf_ampdu_segments,
1461 { "Reassembled A-MPDU", "ppi.80211n-mac.ampdu.reassembled",
1462 FT_NONE, BASE_NONE, NULL, 0x0, "Reassembled Aggregated MAC Protocol Data Unit (A-MPDU)", HFILL }},
1463 #endif
1464 { &hf_ampdu_reassembled_in,
1465 { "Reassembled A-MPDU in frame", "ppi.80211n-mac.ampdu.reassembled_in",
1466 FT_FRAMENUM, BASE_NONE, NULL, 0x0,
1467 "The A-MPDU that doesn't end in this segment is reassembled in this frame",
1468 HFILL }},
1469 { &hf_ampdu_count,
1470 { "MPDU count", "ppi.80211n-mac.ampdu.count",
1471 FT_UINT16, BASE_DEC, NULL, 0x0, "The number of aggregated MAC Protocol Data Units (MPDUs)", HFILL }},
1472
1473 { &hf_spectrum_map,
1474 { "Radio spectrum map", "ppi.spectrum-map",
1475 FT_BYTES, BASE_NONE, NULL, 0x0, "PPI Radio spectrum map", HFILL } },
1476 { &hf_process_info,
1477 { "Process information", "ppi.proc-info",
1478 FT_BYTES, BASE_NONE, NULL, 0x0, "PPI Process information", HFILL } },
1479 { &hf_capture_info,
1480 { "Capture information", "ppi.cap-info",
1481 FT_BYTES, BASE_NONE, NULL, 0x0, "PPI Capture information", HFILL } },
1482
1483 /* Aggregtion Extension */
1484 { &hf_aggregation_extension_interface_id,
1485 { "Interface ID", "ppi.aggregation_extension.interface_id",
1486 FT_UINT32, BASE_DEC, NULL, 0x0, "Zero-based index of the physical interface the packet was captured from", HFILL } },
1487
1488 /* 802.3 Extension */
1489 { &hf_8023_extension_flags,
1490 { "Flags", "ppi.8023_extension.flags",
1491 FT_UINT32, BASE_HEX, NULL, 0x0, "PPI 802.3 Extension Flags", HFILL } },
1492 { &hf_8023_extension_flags_fcs_present,
1493 { "FCS Present Flag", "ppi.8023_extension.flags.fcs_present",
1494 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0001, "FCS (4 bytes) is present at the end of the packet", HFILL } },
1495 { &hf_8023_extension_errors,
1496 { "Errors", "ppi.8023_extension.errors",
1497 FT_UINT32, BASE_HEX, NULL, 0x0, "PPI 802.3 Extension Errors", HFILL } },
1498 { &hf_8023_extension_errors_fcs,
1499 { "FCS Error", "ppi.8023_extension.errors.fcs",
1500 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0001,
1501 "PPI 802.3 Extension FCS Error", HFILL } },
1502 { &hf_8023_extension_errors_sequence,
1503 { "Sequence Error", "ppi.8023_extension.errors.sequence",
1504 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0002,
1505 "PPI 802.3 Extension Sequence Error", HFILL } },
1506 { &hf_8023_extension_errors_symbol,
1507 { "Symbol Error", "ppi.8023_extension.errors.symbol",
1508 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0004,
1509 "PPI 802.3 Extension Symbol Error", HFILL } },
1510 { &hf_8023_extension_errors_data,
1511 { "Data Error", "ppi.8023_extension.errors.data",
1512 FT_BOOLEAN, 32, TFS(&tfs_true_false), 0x0008,
1513 "PPI 802.3 Extension Data Error", HFILL } },
1514
1515 /* Generated from convert_proto_tree_add_text.pl */
1516 { &hf_ppi_gps, { "GPS", "ppi.gps", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
1517 { &hf_ppi_vector, { "VECTOR", "ppi.vector", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
1518 { &hf_ppi_harris, { "HARRIS", "ppi.harris", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
1519 { &hf_ppi_antenna, { "ANTENNA", "ppi.antenna", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
1520 { &hf_ppi_fnet, { "FNET", "ppi.fnet", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
1521 { &hf_ppi_reserved, { "Reserved", "ppi.reserved", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
1522 };
1523
1524 static gint *ett[] = {
1525 &ett_ppi_pph,
1526 &ett_ppi_flags,
1527 &ett_dot11_common,
1528 &ett_dot11_common_flags,
1529 &ett_dot11_common_channel_flags,
1530 &ett_dot11n_mac,
1531 &ett_dot11n_mac_flags,
1532 &ett_dot11n_mac_phy,
1533 &ett_dot11n_mac_phy_ext_channel_flags,
1534 &ett_ampdu_segments,
1535 &ett_ampdu,
1536 &ett_ampdu_segment,
1537 &ett_aggregation_extension,
1538 &ett_8023_extension,
1539 &ett_8023_extension_flags,
1540 &ett_8023_extension_errors
1541 };
1542
1543 static ei_register_info ei[] = {
1544 { &ei_ppi_invalid_length, { "ppi.invalid_length", PI_MALFORMED, PI_ERROR, "Invalid length", EXPFILL }},
1545 };
1546
1547 module_t *ppi_module;
1548 expert_module_t* expert_ppi;
1549
1550 proto_ppi = proto_register_protocol("PPI Packet Header", "PPI", "ppi");
1551 proto_register_field_array(proto_ppi, hf, array_length(hf));
1552 proto_register_subtree_array(ett, array_length(ett));
1553 expert_ppi = expert_register_protocol(proto_ppi);
1554 expert_register_field_array(expert_ppi, ei, array_length(ei));
1555
1556 ppi_handle = register_dissector("ppi", dissect_ppi, proto_ppi);
1557 register_capture_dissector_table("ppi", "PPI");
1558
1559 reassembly_table_register(&du_reassembly_table,
1560 &addresses_reassembly_table_functions);
1561
1562 /* Configuration options */
1563 ppi_module = prefs_register_protocol(proto_ppi, NULL);
1564 prefs_register_bool_preference(ppi_module, "reassemble",
1565 "Reassemble fragmented 802.11 A-MPDUs",
1566 "Whether fragmented 802.11 aggregated MPDUs should be reassembled",
1567 &ppi_ampdu_reassemble);
1568 }
1569
1570 void
proto_reg_handoff_ppi(void)1571 proto_reg_handoff_ppi(void)
1572 {
1573 capture_dissector_handle_t ppi_cap_handle;
1574
1575 ieee80211_radio_handle = find_dissector_add_dependency("wlan_radio", proto_ppi);
1576 pcap_pktdata_handle = find_dissector_add_dependency("pcap_pktdata", proto_ppi);
1577 ppi_gps_handle = find_dissector_add_dependency("ppi_gps", proto_ppi);
1578 ppi_vector_handle = find_dissector_add_dependency("ppi_vector", proto_ppi);
1579 ppi_sensor_handle = find_dissector_add_dependency("ppi_sensor", proto_ppi);
1580 ppi_antenna_handle = find_dissector_add_dependency("ppi_antenna", proto_ppi);
1581 ppi_fnet_handle = find_dissector_add_dependency("ppi_fnet", proto_ppi);
1582
1583 dissector_add_uint("wtap_encap", WTAP_ENCAP_PPI, ppi_handle);
1584 ppi_cap_handle = create_capture_dissector_handle(capture_ppi, proto_ppi);
1585 capture_dissector_add_uint("wtap_encap", WTAP_ENCAP_PPI, ppi_cap_handle);
1586 }
1587
1588 /*
1589 * Editor modelines
1590 *
1591 * Local Variables:
1592 * c-basic-offset: 4
1593 * tab-width: 8
1594 * indent-tabs-mode: nil
1595 * End:
1596 *
1597 * ex: set shiftwidth=4 tabstop=8 expandtab:
1598 * :indentSize=4:tabSize=8:noTabs=true:
1599 */
1600