diff -u b/epan/dissectors/packet-vsock.c b/epan/dissectors/packet-vsock.c
--- b/epan/dissectors/packet-vsock.c
+++ b/epan/dissectors/packet-vsock.c
@@ -0,0 +1,339 @@
+/* packet-vsock.c
+ * Routines for AF_VSOCK dissection
+ * Copyright 2016, Gerard Garcia <ggarcia@deic.uab.cat>
+ *
+ * Header definition:
+ * https://github.com/GerardGarcia/linux/blob/vsockmon/include/uapi/linux/vsockmon.h
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+/*
+ * The AF_VSOCK socket allows zero-configuration communication between guests
+ * and hypervisors using the standard socket API.
+ */
+
+#include <config.h>
+#include <epan/packet.h>
+#include <epan/pint.h>
+#include <epan/address.h>
+#include <epan/tvbuff.h>
+
+void proto_register_vsock(void);
+
+static int proto_vsock = -1;
+static int vsock_address_type = -1;
+
+/* Generic header related fields */
+static int hf_vsock_src_cid = -1;
+static int hf_vsock_src_port = -1;
+static int hf_vsock_dst_cid = -1;
+static int hf_vsock_dst_port = -1;
+static int hf_vsock_op = -1;
+static int hf_vsock_t = -1;
+static int hf_vsock_t_len = -1;
+static int hf_vsock_reserved = -1;
+static int hf_vsock_payload = -1;
+
+/* Virtio related fields */
+static int hf_virtio_src_cid = -1;
+static int hf_virtio_dst_cid = -1;
+static int hf_virtio_src_port = -1;
+static int hf_virtio_dst_port = -1;
+static int hf_virtio_len = -1;
+static int hf_virtio_type = -1;
+static int hf_virtio_op = -1;
+static int hf_virtio_flags = -1;
+static int hf_virtio_buf_alloc = -1;
+static int hf_virtio_fwd_cnt = -1;
+
+static gint ett_vsock = -1;
+static gint ett_virtio = -1;
+
+static const value_string af_vsockmon_op_names[] = {
+ { 0, "Unknown" },
+ { 1, "Connect" },
+ { 2, "Disconnect" },
+ { 3, "Control" },
+ { 4, "Payload" },
+ { 0, NULL }
+};
+
+enum af_vsockmon_t {
+ AF_VSOCK_T_UNKNOWN = 0,
+ AF_VSOCK_T_NO_INFO = 1,
+ AF_VSOCK_T_VIRTIO = 2
+};
+
+static const value_string af_vsockmon_t_names[] = {
+ { 0, "Unknown" },
+ { 1, "No info" },
+ { 2, "Virtio" },
+ { 0 , NULL }
+};
+
+static const value_string virtio_vsock_type_names[] = {
+ { 1, "Stream"},
+ { 0, NULL }
+};
+
+static const value_string virtio_vsock_op_names[] = {
+ { 0, "Invalid" },
+ { 1, "Request" },
+ { 2, "Response" },
+ { 3, "Rst" },
+ { 4, "Shutdown" },
+ { 5, "RW" },
+ { 6, "Credit update" },
+ { 7, "Credit response" },
+ { 0 , NULL }
+};
+
+#define VSOCK_MIN_LENGTH 32
+
+static int vsock_addr_to_str(const address* addr, gchar *buf, int buf_len)
+{
+ const guint8 *addrp = (const guint8 *)addr->data;
+
+ if(pletoh64(&addrp[0])==2){
+ g_strlcpy(buf, "host", buf_len);
+ } else {
+ g_snprintf(buf, buf_len, "%" G_GINT64_MODIFIER "u", pletoh64(&addrp[0]));
+ }
+
+ return (int)(strlen(buf)+1);
+}
+
+static int vsock_addr_str_len(const address* addr _U_)
+{
+ /* 2^64 unsigned int len */
+ return 19;
+}
+
+static int
+dissect_vsock(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
+ void *data _U_)
+{
+ proto_item *ti, *virtio_ti;
+ proto_tree *vsock_tree = NULL, *virtio_tree = NULL;
+
+ guint32 t_len, payload_len, virtio_buf_alloc, op, type,
+ virtio_fwd_cnt, virtio_op, virtio_type;
+ guint16 payload_offset = 0, offset = 0;
+
+ if (tvb_reported_length(tvb) < VSOCK_MIN_LENGTH)
+ return 0;
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "vSocket");
+ /* Clear column information before start parsing */
+ col_clear(pinfo->cinfo, COL_INFO);
+
+ /* Create top tree */
+ ti = proto_tree_add_item(tree, proto_vsock, tvb, 0, -1, ENC_NA);
+ vsock_tree = proto_item_add_subtree(ti, ett_vsock);
+
+ /* Parse generic header part */
+
+ proto_tree_add_item(vsock_tree, hf_vsock_src_cid, tvb, offset, 8, ENC_LITTLE_ENDIAN);
+ TVB_SET_ADDRESS(&pinfo->src, AT_VSOCK, tvb, offset, 8);
+ offset += 8;
+
+ proto_tree_add_item(vsock_tree, hf_vsock_dst_cid, tvb, offset, 8, ENC_LITTLE_ENDIAN);
+ TVB_SET_ADDRESS(&pinfo->dst, AT_VSOCK, tvb, offset, 8);
+ offset += 8;
+
+ proto_tree_add_item(vsock_tree, hf_vsock_src_port, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ offset += 4;
+
+ proto_tree_add_item(vsock_tree, hf_vsock_dst_port, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ offset += 4;
+
+ op = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(vsock_tree, hf_vsock_op, tvb, offset, 2, ENC_LITTLE_ENDIAN);
+ offset += 2;
+
+ type = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(vsock_tree, hf_vsock_t, tvb, offset, 2, ENC_LITTLE_ENDIAN);
+ offset += 2;
+
+ t_len = tvb_get_letohs(tvb, offset);
+ proto_tree_add_uint(vsock_tree, hf_vsock_t_len, tvb, offset, 2, t_len);
+ offset += 2;
+
+ proto_tree_add_item(vsock_tree, hf_vsock_reserved, tvb, offset, 2, ENC_NA);
+ offset += 2;
+
+ payload_offset = offset + t_len;
+
+
+ /* Append summary information to top tree */
+ proto_item_append_text(ti, ", Op: %s, Transport: %s",
+ val_to_str(op, af_vsockmon_op_names, "Unknown (%d)"),
+ val_to_str(type, af_vsockmon_t_names, "Unknown (%d)"));
+
+ /* Fill columns */
+ col_add_fstr(pinfo->cinfo, COL_INFO, "[%s] %s",
+ val_to_str(op, af_vsockmon_op_names, "Unknown (%d)"),
+ val_to_str(type, af_vsockmon_t_names, "Unknown (%d)"));
+
+ /* Create subtree if there is transport information */
+ switch (type) {
+ case AF_VSOCK_T_UNKNOWN:
+ case AF_VSOCK_T_NO_INFO:
+ break;
+ case AF_VSOCK_T_VIRTIO:
+
+ virtio_ti = proto_tree_add_text(vsock_tree, tvb, offset, 44, "Virtio transport header");
+ virtio_tree = proto_item_add_subtree(virtio_ti, ett_vsock);
+
+ proto_tree_add_item(virtio_tree, hf_virtio_src_cid, tvb, offset, 8, ENC_LITTLE_ENDIAN);
+ offset += 8;
+ proto_tree_add_item(virtio_tree, hf_virtio_dst_cid, tvb, offset, 8, ENC_LITTLE_ENDIAN);
+ offset += 8;
+ proto_tree_add_item(virtio_tree, hf_virtio_src_port, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ offset += 4;
+ proto_tree_add_item(virtio_tree, hf_virtio_dst_port, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ offset += 4;
+ proto_tree_add_item(virtio_tree, hf_virtio_len, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ offset += 4;
+
+ virtio_type = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(virtio_tree, hf_virtio_type, tvb, offset, 2, ENC_LITTLE_ENDIAN);
+ offset += 2;
+
+ virtio_op = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(virtio_tree, hf_virtio_op, tvb, offset, 2, ENC_LITTLE_ENDIAN);
+ offset += 2;
+
+ proto_tree_add_item(virtio_tree, hf_virtio_flags, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ offset += 4;
+
+ virtio_buf_alloc = tvb_get_letohl(tvb, offset);
+ proto_tree_add_item(virtio_tree, hf_virtio_buf_alloc, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ offset += 4;
+
+ virtio_fwd_cnt = tvb_get_letohl(tvb, offset);
+ proto_tree_add_item(virtio_tree, hf_virtio_fwd_cnt, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+
+ /* Append virtio information */
+ col_append_fstr(pinfo->cinfo, COL_INFO, ": %s, Op: %s, Buf alloc: %u, Fwd cnt: %u",
+ val_to_str(virtio_type, virtio_vsock_type_names, "Unknown (%d)"),
+ val_to_str(virtio_op, virtio_vsock_op_names, "Unknown (%d)"),
+ virtio_buf_alloc, virtio_fwd_cnt);
+ break;
+ }
+
+
+ /* Append payload */
+ payload_len = tvb_reported_length_remaining(tvb, payload_offset);
+ if (payload_len)
+ proto_tree_add_bytes_format(vsock_tree, hf_vsock_payload, tvb, payload_offset, payload_len,
+ NULL, "Payload (%uB)", payload_len);
+
+ return tvb_reported_length(tvb);
+}
+
+void
+proto_register_vsock(void)
+{
+ static hf_register_info hf[] = {
+ { &hf_vsock_src_cid,
+ {"Source cid", "vsock.src_cid", FT_UINT64, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_dst_cid,
+ {"Destination cid", "vsock.dst_cid", FT_UINT64, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_src_port,
+ {"Source port", "vsock.src_port", FT_UINT32, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_dst_port,
+ {"Destination port", "vsock.dst_port", FT_UINT32, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_op,
+ {"Operation", "vsock.op", FT_UINT16, BASE_DEC, VALS(af_vsockmon_op_names),
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_t,
+ {"Transport", "vsock.trans", FT_UINT16, BASE_DEC, VALS(af_vsockmon_t_names),
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_reserved,
+ {"Reserved", "vsock.reserved", FT_BYTES, BASE_NONE, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_t_len,
+ {"Transport length", "vsock.trans_len", FT_UINT16, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_vsock_payload,
+ { "Payload", "vsock.payload", FT_BYTES, BASE_NONE, NULL,
+ 0x0, NULL, HFILL}},
+ { &hf_virtio_src_cid,
+ {"Source cid", "vsock.virtio.src_cid", FT_UINT64, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_dst_cid,
+ {"Destination cid", "vsock.virtio.dst_cid", FT_UINT64, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_src_port,
+ {"Source port", "vsock.virtio.src_prot", FT_UINT32, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_dst_port,
+ {"Destination port", "vsock.virtio.dst_prot", FT_UINT32, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_len,
+ {"Length", "vsock.virtio.len", FT_UINT32, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_type,
+ {"Type", "vsock.virtio.type", FT_UINT16, BASE_DEC, VALS(virtio_vsock_type_names),
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_op,
+ {"Operation", "vsock.virtio.op", FT_UINT16, BASE_DEC, VALS(virtio_vsock_op_names),
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_flags,
+ {"Flags", "vsock.virtio.flags", FT_UINT32, BASE_HEX, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_buf_alloc,
+ {"Buf alloc", "vsock.virtio.buf_alloc", FT_UINT32, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }},
+ { &hf_virtio_fwd_cnt,
+ {"Fwd cnt", "vsock.virtio.fwd_cnt", FT_UINT32, BASE_DEC, NULL,
+ 0x0, NULL, HFILL }}
+ };
+ static gint *ett[] = {
+ &ett_vsock,
+ &ett_virtio
+ };
+
+ //vsock_address_type = address_type_dissector_register("AT_VSOCK", "vSocket Address",
+ // vsock_addr_to_str, vsock_addr_str_len, NULL, NULL, NULL, NULL, NULL);
+
+ proto_vsock = proto_register_protocol("vSocket", "vsock", "vsock");
+ proto_register_field_array(proto_vsock, hf, array_length(hf));
+ proto_register_subtree_array(ett, array_length(ett));
+
+ //register_dissector("vsock", dissect_vsock, proto_vsock);
+}
+
+/*
+ * Editor modelines - https://www.wireshark.org/tools/modelines.html
+ *
+ * Local variables:
+ * c-basic-offset: 4
+ * tab-width: 8
+ * indent-tabs-mode: nil
+ * End:
+ *
+ * vi: set shiftwidth=4 tabstop=8 expandtab:
+ * :indentSize=4:tabSize=8:noTabs=true:
+ */
unchanged:
--- a/epan/dissectors/Makefile.common
+++ b/epan/dissectors/Makefile.common
@@ -2700,6 +2700,7 @@ DISSECTOR_SRC = \
packet-vrt.c \
packet-vssmonitoring.c \
packet-vtp.c \
+ packet-vsock.c \
packet-vuze-dht.c \
packet-vxi11.c \
packet-vxlan.c \
diff --git a/epan/dissectors/packet-vsock.c.old b/epan/dissectors/packet-vsock.c
index af8ce38..c13dfc0 100644
--- a/epan/dissectors/packet-vsock.c.old
+++ b/epan/dissectors/packet-vsock.c
@@ -33,11 +33,14 @@
#include <epan/pint.h>
#include <epan/address.h>
#include <epan/tvbuff.h>
+#include <wiretap/wtap.h>
void proto_register_vsock(void);
+void proto_reg_handoff_vsock(void);
static int proto_vsock = -1;
static int vsock_address_type = -1;
+static dissector_handle_t vsock_handle;
/* Generic header related fields */
static int hf_vsock_src_cid = -1;
@@ -310,6 +313,13 @@ proto_register_vsock(void)
//register_dissector("vsock", dissect_vsock, proto_vsock);
}
+void
+proto_reg_handoff_vsock(void)
+{
+ vsock_handle = create_dissector_handle(dissect_vsock, proto_vsock);
+ dissector_add_uint("wtap_encap", WTAP_ENCAP_VSOCK, vsock_handle);
+}
+
/*
* Editor modelines - https://www.wireshark.org/tools/modelines.html
*
diff --git a/wiretap/pcap-common.c.old b/wiretap/pcap-common.c
index 42caadc..87b845d 100644
--- a/wiretap/pcap-common.c.old
+++ b/wiretap/pcap-common.c
@@ -397,6 +397,8 @@ static const struct {
{ 248, WTAP_ENCAP_SCTP},
/* USBPcap */
{ 249, WTAP_ENCAP_USBPCAP},
+ /* Linux vsock */
+ { 271, WTAP_ENCAP_VSOCK },
/*
* To repeat:
diff --git a/wiretap/wtap.c.old b/wiretap/wtap.c
index 69803d6..5be2666 100644
--- a/wiretap/wtap.c.old
+++ b/wiretap/wtap.c
@@ -608,6 +608,9 @@ static struct encap_type_info encap_table_base[] = {
/* WTAP_ENCAP_USBPCAP */
{ "USB packets with USBPcap header", "usb-usbpcap" },
+
+ /* Linux vsock */
+ { "Linux vsock", "vsock" },
};
WS_DLL_LOCAL
diff --git a/wiretap/wtap.h.old b/wiretap/wtap.h
index b49c280..c42d49e 100644
--- a/wiretap/wtap.h.old
+++ b/wiretap/wtap.h
@@ -244,6 +244,7 @@ extern "C" {
#define WTAP_ENCAP_INFINIBAND 151
#define WTAP_ENCAP_JUNIPER_SVCS 152
#define WTAP_ENCAP_USBPCAP 153
+#define WTAP_ENCAP_VSOCK 154
#define WTAP_NUM_ENCAP_TYPES wtap_get_num_encap_types()
diff --git a/epan/address.h.old b/epan/address.h
index 5405075..8471289 100644
--- a/epan/address.h.old
+++ b/epan/address.h
@@ -58,8 +58,9 @@ typedef enum {
AT_USB, /* USB Device address
* (0xffffffff represents the host) */
AT_AX25, /* AX.25 */
- AT_IEEE_802_15_4_SHORT /* IEEE 802.15.4 16-bit short address */
+ AT_IEEE_802_15_4_SHORT,/* IEEE 802.15.4 16-bit short address */
/* (the long addresses are EUI-64's */
+ AT_VSOCK /* VSOCK */
} address_type;
typedef struct _address {
diff --git a/epan/address_to_str.c.old b/epan/address_to_str.c
index f360017..101d33e 100644
--- a/epan/address_to_str.c.old
+++ b/epan/address_to_str.c
@@ -623,6 +623,13 @@ address_to_str_buf(const address *addr, gchar *buf, int buf_len)
else
g_snprintf(buf, buf_len, "0x%04x", ieee_802_15_4_short_addr);
break;
+ case AT_VSOCK:
+ addrdata = (const guint8 *)addr->data;
+ if(pletoh64(&addrdata[0])==2)
+ g_strlcpy(buf, "host", buf_len);
+ else
+ g_snprintf(buf, buf_len, "%" G_GINT64_MODIFIER "u", pletoh64(&addrdata[0]));
+ break;
default:
g_assert_not_reached();
}