static int
p_seprintrc4(Msg *m)
{
Rc4KeyDesc *h;
int len;
if(m->pe - m->ps < RC4KEYDESC)
return -1;
h = (Rc4KeyDesc*)m->ps;
m->ps += RC4KEYDESC;
m->pr = nil;
len = m->pe - m->ps;
m->p = seprint(m->p, m->e, "keylen=%1d replay=%1d iv=%1d idx=%1d md=%1d",
NetS(h->ln), NetS(h->replay), NetS(h->iv), h->idx, NetS(h->md));
m->p = seprint(m->p, m->e, " dataln=%d", len);
if (len > 0)
m->p = seprint(m->p, m->e, " data=%.*H", len, m->ps);
return 0;
}
static int
p_seprint(Msg *m)
{
int len;
Hdr *h;
if(m->pe - m->ps < IP6HDR)
return -1;
h = (Hdr*)m->ps;
demux(p_mux, h->proto, h->proto, m, &dump);
/* truncate the message if there's extra */
len = NetS(h->length) + IP6HDR;
if(len < m->pe - m->ps)
m->pe = m->ps + len;
m->p = seprint(m->p, m->e, "s=%I d=%I ttl=%3d pr=%d ln=%d",
h->src, h->dst, h->ttl, h->proto, NetS(h->length));
v6hdr_seprint(m);
return 0;
}
static int
p_seprint(Msg *m)
{
Hdr *h;
int dport, sport;
if(m->pe - m->ps < ILLEN)
return -1;
h = (Hdr*)m->ps;
m->ps += ILLEN;
dport = NetS(h->dport);
sport = NetS(h->sport);
demux(p_mux, sport, dport, m, &dump);
m->p = seprint(m->p, m->e, "s=%d d=%d t=%s id=%lud ack=%lud spec=%d ck=%4.4ux ln=%d",
sport, dport, pkttype(h->type),
(ulong)NetL(h->id), (ulong)NetL(h->ack),
h->spec,
NetS(h->sum), NetS(h->len));
return 0;
}
static int
p_seprint(Msg *m)
{
Hdr *h;
int dport, sport;
if(m->pe - m->ps < UDPLEN)
return -1;
h = (Hdr*)m->ps;
m->ps += UDPLEN;
/* next protocol */
sport = NetS(h->sport);
dport = NetS(h->dport);
demux(p_mux, sport, dport, m, defproto);
defproto = &dump;
m->p = seprint(m->p, m->e, "s=%d d=%d ck=%4.4ux ln=%4d",
NetS(h->sport), dport,
NetS(h->cksum), NetS(h->len));
return 0;
}
static int
p_seprintchap(Msg *m)
{
Lcppkt *lcp;
char *p, *e;
int len;
if(m->pe-m->ps < 4)
return -1;
p = m->p;
e = m->e;
m->pr = nil;
/* resize packet */
lcp = (Lcppkt*)m->ps;
len = NetS(lcp->len);
if(m->ps+len < m->pe)
m->pe = m->ps+len;
else if(m->ps+len > m->pe)
return -1;
p = seprint(p, e, "id=%d code=%d", lcp->id, lcp->code);
switch(lcp->code) {
default:
p = seprint(p, e, " data=%.*H", len>64?64:len, lcp->data);
break;
case 1:
case 2:
if(lcp->data[0] > len-4){
p = seprint(p, e, "%.*H", len-4, lcp->data);
} else {
p = seprint(p, e, " %s=", lcp->code==1?"challenge ":"response ");
p = seprint(p, e, "%.*H", lcp->data[0], lcp->data+1);
p = seprint(p, e, " name=");
p = seprint(p, e, "%.*H", len-4-lcp->data[0]-1, lcp->data+lcp->data[0]+1);
}
break;
case 3:
case 4:
if(len > 64)
len = 64;
p = seprint(p, e, " %s=%.*H", lcp->code==3?"success ":"failure",
len>64?64:len, lcp->data);
break;
}
m->p = seprint(p, e, " len=%d", len);
return 0;
}
static int
p_seprintlcp(Msg *m)
{
Lcppkt *lcp;
char *p, *e;
int len;
if(m->pe-m->ps < 4)
return -1;
p = m->p;
e = m->e;
m->pr = nil;
lcp = (Lcppkt*)m->ps;
len = NetS(lcp->len);
if(m->ps+len < m->pe)
m->pe = m->ps+len;
else if(m->ps+len > m->pe)
return -1;
p = seprint(p, e, "id=%d code=%d", lcp->id, lcp->code);
switch(lcp->code) {
default:
p = seprint(p, e, " data=%.*H", len>64?64:len, lcp->data);
break;
case Lconfreq:
case Lconfack:
case Lconfnak:
case Lconfrej:
p = seprint(p, e, "=%s", lcpcode[lcp->code]);
p = seprintlcpopt(p, e, lcp->data, len-4);
break;
case Ltermreq:
case Ltermack:
case Lcoderej:
case Lprotorej:
case Lechoreq:
case Lechoack:
case Ldiscard:
p = seprint(p, e, "=%s", lcpcode[lcp->code]);
break;
}
m->p = seprint(p, e, " len=%d", len);
return 0;
}
static int
p_seprint(Msg *m)
{
Hdr *h;
if(m->pe - m->ps < Hsize)
return 0;
h = (Hdr*)m->ps;
m->ps += Hsize;
demux(p_mux, h->cmd, h->cmd, m, &dump);
m->p = seprint(m->p, m->e, "ver=%d flag=%4b err=%d %d.%d cmd=%ux tag=%ux",
h->verflags >> 4, h->verflags & 0xf, h->error, NetS(h->major),
h->minor, h->cmd, NetL(h->tag));
return 0;
}
static int
p_seprint(Msg *m)
{
Hdr *h;
if(m->pe - m->ps < ARPLEN)
return -1;
h = (Hdr*)m->ps;
m->ps += ARPLEN;
/* no next protocol */
m->pr = nil;
m->p = seprint(m->p, m->e, "op=%1d len=%1d/%1d spa=%V sha=%E tpa=%V tha=%E",
NetS(h->op), h->pln, h->hln,
h->spa, h->sha, h->tpa, h->tha);
return 0;
}
static int
p_filter(Filter *f, Msg *m)
{
Hdr *h;
if(m->pe - m->ps < Hsize)
return 0;
h = (Hdr*)m->ps;
m->ps += Hsize;
switch(f->subop){
case Omajor:
return NetS(h->major) == f->ulv;
case Ominor:
return h->minor == f->ulv;
case Ocmd:
return h->cmd == f->ulv;
}
return 0;
}
static char*
seprintlcpopt(char *p, char *e, void *a, int len)
{
Lcpopt *o;
int proto, x, period;
uchar *cp, *ecp;
cp = a;
ecp = cp+len;
for(; cp < ecp; cp += o->len){
o = (Lcpopt*)cp;
if(cp + o->len > ecp || o->len == 0){
p = seprint(p, e, " bad-opt-len=%d", o->len);
return p;
}
switch(o->type){
default:
p = seprint(p, e, " (type=%d len=%d)", o->type, o->len);
break;
case Omtu:
p = seprint(p, e, " mtu=%d", NetS(o->data));
break;
case Octlmap:
p = seprint(p, e, " ctlmap=%ux", NetL(o->data));
break;
case Oauth:
proto = NetS(o->data);
switch(proto) {
default:
p = seprint(p, e, " auth=%d", proto);
break;
case PPP_passwd:
p = seprint(p, e, " auth=passwd");
break;
case PPP_chap:
p = seprint(p, e, " (auth=chap data=%2.2ux)", o->data[2]);
break;
}
break;
case Oquality:
proto = NetS(o->data);
switch(proto) {
default:
p = seprint(p, e, " qproto=%d", proto);
break;
case PPP_lqm:
x = NetL(o->data+2)*10;
period = (x+(PPP_period-1))/PPP_period;
p = seprint(p, e, " (qproto=lqm period=%d)", period);
break;
}
case Omagic:
p = seprint(p, e, " magic=%ux", NetL(o->data));
break;
case Opc:
p = seprint(p, e, " protocol-compress");
break;
case Oac:
p = seprint(p, e, " addr-compress");
break;
}
}
return p;
}
void
main(int argc, char **argv)
{
uchar *pkt;
char *buf, *file, *p, *e;
int fd, cfd;
int n;
Binit(&out, 1, OWRITE);
fmtinstall('E', eipfmt);
fmtinstall('V', eipfmt);
fmtinstall('I', eipfmt);
fmtinstall('H', encodefmt);
fmtinstall('F', fcallfmt);
pkt = malloc(Pktlen+16);
pkt += 16;
buf = malloc(Blen);
e = buf+Blen-1;
pflag = 1;
Nflag = 32;
sflag = 0;
mkprotograph();
ARGBEGIN{
default:
usage();
case '?':
printusage();
printhelp(ARGF());
exits(0);
break;
case 'M':
p = EARGF(usage());
Mflag = atoi(p);
break;
case 'N':
p = EARGF(usage());
Nflag = atoi(p);
break;
case 'f':
p = EARGF(usage());
yyinit(p);
yyparse();
break;
case 's':
sflag = 1;
break;
case 'h':
p = EARGF(usage());
root = findproto(p);
if(root == nil)
sysfatal("unknown protocol: %s", p);
break;
case 'd':
toflag = 1;
break;
case 'D':
toflag = 1;
pcap = 1;
break;
case 't':
tiflag = 1;
break;
case 'C':
Cflag = 1;
break;
case 'p':
pflag = 0;
break;
}ARGEND;
if(pcap)
pcaphdr();
if(argc == 0){
file = "/net/ether0";
if(root != nil)
root = ðer;
} else
file = argv[0];
if((!tiflag) && strstr(file, "ether")){
if(root == nil)
root = ðer;
snprint(buf, Blen, "%s!-1", file);
fd = dial(buf, 0, 0, &cfd);
if(fd < 0)
sysfatal("dialing %s: %r", buf);
if(pflag && fprint(cfd, prom, strlen(prom)) < 0)
sysfatal("setting %s", prom);
} else if((!tiflag) && strstr(file, "ipifc")){
if(root == nil)
root = &ip;
snprint(buf, Blen, "%s/snoop", file);
fd = open(buf, OREAD);
if(fd < 0)
sysfatal("opening %s: %r", buf);
} else {
if(root == nil)
root = ðer;
fd = open(file, OREAD);
if(fd < 0)
sysfatal("opening %s: %r", file);
}
filter = compile(filter);
if(tiflag){
/* read a trace file */
for(;;){
n = read(fd, pkt, 10);
if(n != 10)
break;
pkttime = NetL(pkt+2);
pkttime = (pkttime<<32) | NetL(pkt+6);
if(starttime == 0LL)
starttime = pkttime;
n = NetS(pkt);
if(readn(fd, pkt, n) != n)
break;
if(filterpkt(filter, pkt, pkt+n, root, 1))
if(toflag)
tracepkt(pkt, n);
else
printpkt(buf, e, pkt, pkt+n);
}
} else {
/* read a real time stream */
starttime = nsec();
for(;;){
n = root->framer(fd, pkt, Pktlen);
if(n <= 0)
break;
pkttime = nsec();
if(filterpkt(filter, pkt, pkt+n, root, 1))
if(toflag)
tracepkt(pkt, n);
else
printpkt(buf, e, pkt, pkt+n);
}
}
}
void
main(int argc, char *argv[])
{
Etherpkt e;
Ippkt *ip;
long n;
int fd, cfd;
int ts, len, t;
long start;
int delta;
uchar target[6];
char buf[256];
ulong samples;
samples = -1;
ARGBEGIN{
case 'd':
debug++;
break;
case 's':
samples = atoi(ARGF());
break;
}ARGEND;
if(argc < 2){
fprint(2, "usage: %s device ip-addr [minutes-per-sample]\n", argv0);
exits("usage");
}
if(argc > 2)
delta = atoi(argv[2])*60*1000;
else
delta = 5*60*1000;
parseether(target, argv[1]);
fmtinstall('E', eipfmt);
fmtinstall('I', eipfmt);
snprint(buf, sizeof(buf), "%s!-2", argv[0]);
fd = dial(buf, 0, 0, &cfd);
if(fd < 0)
error("opening ether data");
if(write(cfd, "promiscuous", sizeof("promiscuous")-1) <= 0)
error("connecting");
start = 0;
fd = -1;
for(;;){
if(fd < 0){
fd = dial(buf, 0, 0, &cfd);
if(fd < 0)
error("opening ether data");
if(write(cfd, "promiscuous", sizeof("promiscuous")-1) <= 0)
error("connecting");
close(cfd);
}
n = read(fd, &e, sizeof(e));
if(n <= 0)
break;
ts = NetL(&e.d[60]);
n = NetS(&e.d[58]) - ETHERHDRSIZE;
if(n < 0)
continue;
if(start == 0)
start = ts;
t = NetS(e.type);
if(t == 0x0800 || (t&0xFF00) == 0x1000){
ip = (Ippkt*)e.data;
len = NetS(ip->length);
if(len > n)
len = n;
if(debug)
fprint(2, "%I -> %I %d\n", ip->src, ip->dst, len);
if(memcmp(e.s, target, 6) == 0){
protopin[0]++;
protoin[0] += len;
if(ip->proto){
protopin[ip->proto]++;
protoin[ip->proto] += len;
}
}
if(memcmp(e.d, target, 6) == 0){
protopout[0]++;
protoout[0] += len;
if(ip->proto){
protopout[ip->proto]++;
protoout[ip->proto] += len;
}
}
}
if(ts - start >= delta){
print("%8.8ld %ld", time(0), ts - start);
printproto(0);
printproto(IP_MBONEPROTO);
printproto(IP_UDPPROTO);
printproto(IP_TCPPROTO);
print("\n");
start = 0;
memset(protoin, 0, sizeof(protoin));
memset(protoout, 0, sizeof(protoout));
memset(protopin, 0, sizeof(protopin));
memset(protopout, 0, sizeof(protopout));
close(fd);
fd = -1;
if(--samples == 0)
break;
}
}
exits(0);
}
