void
raw_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
u_int length = h->len;
u_int caplen = h->caplen;
ts_print(&h->ts);
/*
* Some printers want to get back at the link level addresses,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
packetp = p;
snapend = p + caplen;
if (eflag)
printf("ip: ");
ip_print(p, length);
if (xflag)
default_print(p, caplen);
putchar('\n');
}
u_int
cip_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
u_short extracted_ethertype;
if (memcmp(rfcllc, p, sizeof(rfcllc))==0 && caplen < RFC1483LLC_LEN) {
printf("[|cip]");
return (0);
}
if (eflag)
cip_print(length);
if (memcmp(rfcllc, p, sizeof(rfcllc)) == 0) {
if (llc_print(p, length, caplen, NULL, NULL,
&extracted_ethertype) == 0) {
if (!eflag)
cip_print(length);
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!suppress_default_print)
default_print(p, caplen);
}
} else {
ip_print(gndo, p, length);
}
return (0);
}
/*
* This is the top level routine of the printer. 'p' points
* to the ether header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
ap1394_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int length = h->len;
u_int caplen = h->caplen;
struct firewire_header *fp;
u_short ether_type;
if (caplen < FIREWIRE_HDRLEN) {
printf("[|ap1394]");
return FIREWIRE_HDRLEN;
}
if (eflag)
ap1394_hdr_print(p, length);
length -= FIREWIRE_HDRLEN;
caplen -= FIREWIRE_HDRLEN;
fp = (struct firewire_header *)p;
p += FIREWIRE_HDRLEN;
ether_type = EXTRACT_16BITS(&fp->firewire_type);
if (ethertype_print(ether_type, p, length, caplen) == 0) {
/* ether_type not known, print raw packet */
if (!eflag)
ap1394_hdr_print((u_char *)fp, length + FIREWIRE_HDRLEN);
if (!suppress_default_print)
default_print(p, caplen);
}
return FIREWIRE_HDRLEN;
}
void
sl_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
register u_int caplen = h->caplen;
register u_int length = h->len;
register const struct ip *ip;
ts_print(&h->ts);
if (caplen < SLIP_HDRLEN) {
printf("[|slip]");
goto out;
}
/*
* Some printers want to get back at the link level addresses,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
packetp = p;
snapend = p + caplen;
length -= SLIP_HDRLEN;
ip = (struct ip *)(p + SLIP_HDRLEN);
if (eflag)
sliplink_print(p, ip, length);
ip_print((u_char *)ip, length);
if (xflag)
default_print((u_char *)ip, caplen - SLIP_HDRLEN);
out:
putchar('\n');
}
/*
* This is the top level routine of the printer. 'p' points
* to the ether header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
symantec_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int length = h->len;
u_int caplen = h->caplen;
struct symantec_header *sp;
u_short ether_type;
if (caplen < sizeof (struct symantec_header)) {
printf("[|symantec]");
return caplen;
}
if (eflag)
symantec_hdr_print(p, length);
length -= sizeof (struct symantec_header);
caplen -= sizeof (struct symantec_header);
sp = (struct symantec_header *)p;
p += sizeof (struct symantec_header);
ether_type = EXTRACT_16BITS(&sp->ether_type);
if (ether_type <= ETHERMTU) {
/* ether_type not known, print raw packet */
if (!eflag)
symantec_hdr_print((u_char *)sp, length + sizeof (struct symantec_header));
if (!suppress_default_print)
default_print(p, caplen);
} else if (ethertype_print(gndo, ether_type, p, length, caplen) == 0) {
/* ether_type not known, print raw packet */
if (!eflag)
symantec_hdr_print((u_char *)sp, length + sizeof (struct symantec_header));
if (!suppress_default_print)
default_print(p, caplen);
}
return (sizeof (struct symantec_header));
}
/*
* This is the top level routine of the printer. 'p' points
* to the ARCNET header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured. It is quite similar
* to the non-Linux style printer except that Linux doesn't ever
* supply packets that look like exception frames, it always supplies
* reassembled packets rather than raw frames, and headers have an
* extra "offset" field between the src/dest and packet type.
*/
u_int
arcnet_linux_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
const struct arc_linux_header *ap;
int archdrlen = 0;
u_char arc_type;
if (caplen < ARC_LINUX_HDRLEN) {
printf("[|arcnet]");
return (caplen);
}
ap = (const struct arc_linux_header *)p;
arc_type = ap->arc_type;
switch (arc_type) {
default:
archdrlen = ARC_LINUX_HDRNEWLEN;
if (caplen < ARC_LINUX_HDRNEWLEN) {
printf("[|arcnet]");
return (caplen);
}
break;
case ARCTYPE_IP_OLD:
case ARCTYPE_ARP_OLD:
case ARCTYPE_DIAGNOSE:
archdrlen = ARC_LINUX_HDRLEN;
break;
}
if (eflag)
arcnet_print(p, length, 0, 0, 0);
/*
* Go past the ARCNET header.
*/
length -= archdrlen;
caplen -= archdrlen;
p += archdrlen;
if (!arcnet_encap_print(arc_type, p, length, caplen))
default_print(p, caplen);
return (archdrlen);
}
/*
* Print an RFC 1483 LLC-encapsulated ATM frame.
*/
static void
atm_llc_print(const u_char *p, int length, int caplen)
{
u_short extracted_ethertype;
if (!llc_print(p, length, caplen, NULL, NULL,
&extracted_ethertype)) {
/* ether_type not known, print raw packet */
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!suppress_default_print)
default_print(p, caplen);
}
}
/*
* This is the top level routine of the printer. 'p' points
* to the LLC/SNAP or raw header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
cip_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
u_short extracted_ethertype;
if (memcmp(rfcllc, p, sizeof(rfcllc))==0 && caplen < RFC1483LLC_LEN) {
printf("[|cip]");
return (0);
}
if (eflag)
cip_print(length);
if (memcmp(rfcllc, p, sizeof(rfcllc)) == 0) {
/*
* LLC header is present. Try to print it & higher layers.
*/
if (llc_print(p, length, caplen, NULL, NULL,
&extracted_ethertype) == 0) {
/* ether_type not known, print raw packet */
if (!eflag)
cip_print(length);
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!suppress_default_print)
default_print(p, caplen);
}
} else {
/*
* LLC header is absent; treat it as just IP.
*/
ip_print(gndo, p, length);
}
return (0);
}
void
pfsync_if_print(u_char *user, const struct pcap_pkthdr *h,
packetbody_t p)
{
u_int caplen = h->caplen;
ts_print(&h->ts);
if (caplen < PFSYNC_HDRLEN) {
printf("[|pfsync]");
goto out;
}
pfsync_print((struct pfsync_header *)p,
p + sizeof(struct pfsync_header),
caplen - sizeof(struct pfsync_header));
out:
if (xflag) {
default_print((const u_char *)p, caplen);
}
putchar('\n');
}
u_int
pfsync_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
ts_print(ndo, &h->ts);
if (caplen < PFSYNC_HDRLEN) {
ND_PRINT((ndo, "[|pfsync]"));
goto out;
}
pfsync_print((struct pfsync_header *)p,
caplen - sizeof(struct pfsync_header));
out:
if (xflag) {
default_print((const u_char *)h, caplen);
}
//putchar('\n');
return 0;
}
void
pfsync_if_print(u_char *user, const struct pcap_pkthdr *h,
register const u_char *p)
{
u_int caplen = h->caplen;
ts_print(&h->ts);
if (caplen < PFSYNC_HDRLEN) {
ND_PRINT((ndo, "[|pfsync]"));
goto out;
}
pfsync_print((struct pfsync_header *)p,
p + sizeof(struct pfsync_header),
caplen - sizeof(struct pfsync_header));
out:
if (xflag) {
default_print((const u_char *)p, caplen);
}
safeputchar(ndo, '\n');
}
/*
* This is the top level routine of the printer. 'p' points
* to the bluetooth header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
bt_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int length = h->len;
u_int caplen = h->caplen;
const pcap_bluetooth_h4_header* hdr = (const pcap_bluetooth_h4_header*)p;
if (caplen < BT_HDRLEN) {
printf("[|bt]");
return (BT_HDRLEN);
}
caplen -= BT_HDRLEN;
length -= BT_HDRLEN;
p += BT_HDRLEN;
if (eflag)
(void)printf("hci length %d, direction %s, ", length, (ntohl(hdr->direction)&0x1)?"in":"out");
if (!suppress_default_print)
default_print(p, caplen);
return (BT_HDRLEN);
}
/* Standard PPP printer */
void
ppp_if_print(u_char *user, const struct pcap_pkthdr *h,
register const u_char *p)
{
register u_int length = h->len;
register u_int caplen = h->caplen;
const struct ip *ip;
ts_print(&h->ts);
if (caplen < PPP_HDRLEN) {
printf("[|ppp]");
goto out;
}
/*
* Some printers want to get back at the link level addresses,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
packetp = p;
snapend = p + caplen;
if (eflag)
printf("%c %4d %02x %04x: ", p[0] ? 'O' : 'I', length,
p[1], ntohs(*(u_short *)&p[2]));
length -= PPP_HDRLEN;
ip = (struct ip *)(p + PPP_HDRLEN);
ip_print((const u_char *)ip, length);
if (xflag)
default_print((const u_char *)ip, caplen - PPP_HDRLEN);
out:
putchar('\n');
}
u_int
pflog_if_print(const struct pcap_pkthdr *h, register const u_char *p)
{
u_int length = h->len;
u_int hdrlen;
u_int caplen = h->caplen;
const struct pfloghdr *hdr;
u_int8_t af;
/* check length */
if (caplen < sizeof(u_int8_t)) {
printf("[|pflog]");
return (caplen);
}
#define MIN_PFLOG_HDRLEN 45
hdr = (struct pfloghdr *)p;
if (hdr->length < MIN_PFLOG_HDRLEN) {
printf("[pflog: invalid header length!]");
return (hdr->length); /* XXX: not really */
}
hdrlen = BPF_WORDALIGN(hdr->length);
if (caplen < hdrlen) {
printf("[|pflog]");
return (hdrlen); /* XXX: true? */
}
/* print what we know */
hdr = (struct pfloghdr *)p;
TCHECK(*hdr);
if (eflag)
pflog_print(hdr);
/* skip to the real packet */
af = hdr->af;
length -= hdrlen;
caplen -= hdrlen;
p += hdrlen;
switch (af) {
case AF_INET:
#if OPENBSD_AF_INET != AF_INET
case OPENBSD_AF_INET: /* XXX: read pcap files */
#endif
ip_print(gndo, p, length);
break;
#ifdef INET6
case AF_INET6:
#if OPENBSD_AF_INET6 != AF_INET6
case OPENBSD_AF_INET6: /* XXX: read pcap files */
#endif
ip6_print(gndo, p, length);
break;
#endif
default:
/* address family not handled, print raw packet */
if (!eflag)
pflog_print(hdr);
if (!suppress_default_print)
default_print(p, caplen);
}
return (hdrlen);
trunc:
printf("[|pflog]");
return (hdrlen);
}
void
pflog_if_print(u_char *user, const struct pcap_pkthdr *h,
const u_char *p)
{
u_int length = h->len;
u_int hdrlen;
u_int caplen = h->caplen;
const struct ip *ip;
#ifdef INET6
const struct ip6_hdr *ip6;
#endif
const struct pfloghdr *hdr;
u_int8_t af;
ts_print(&h->ts);
/* check length */
if (caplen < sizeof(u_int8_t)) {
printf("[|pflog]");
goto out;
}
#define MIN_PFLOG_HDRLEN 45
hdr = (struct pfloghdr *)p;
if (hdr->length < MIN_PFLOG_HDRLEN) {
printf("[pflog: invalid header length!]");
goto out;
}
hdrlen = (hdr->length + 3) & 0xfc;
if (caplen < hdrlen) {
printf("[|pflog]");
goto out;
}
/*
* Some printers want to get back at the link level addresses,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
packetp = p;
snapend = p + caplen;
hdr = (struct pfloghdr *)p;
if (eflag) {
printf("rule ");
if (ntohl(hdr->rulenr) == (u_int32_t) -1)
printf("def");
else {
printf("%u", ntohl(hdr->rulenr));
if (hdr->ruleset[0]) {
printf(".%s", hdr->ruleset);
if (ntohl(hdr->subrulenr) == (u_int32_t) -1)
printf(".def");
else
printf(".%u", ntohl(hdr->subrulenr));
}
}
if (hdr->reason < PFRES_MAX)
printf("/(%s) ", pf_reasons[hdr->reason]);
else
printf("/(unkn %u) ", (unsigned)hdr->reason);
if (vflag)
printf("[uid %u, pid %u] ", (unsigned)hdr->rule_uid,
(unsigned)hdr->rule_pid);
switch (hdr->action) {
case PF_MATCH:
printf("match");
break;
case PF_SCRUB:
printf("scrub");
break;
case PF_PASS:
printf("pass");
break;
case PF_DROP:
printf("block");
break;
case PF_NAT:
case PF_NONAT:
printf("nat");
break;
case PF_BINAT:
case PF_NOBINAT:
printf("binat");
break;
case PF_RDR:
case PF_NORDR:
printf("rdr");
break;
}
printf(" %s on %s: ",
hdr->dir == PF_OUT ? "out" : "in",
hdr->ifname);
if (vflag && hdr->pid != NO_PID)
printf("[uid %u, pid %u] ", (unsigned)hdr->uid,
(unsigned)hdr->pid);
if (vflag && hdr->rewritten) {
char buf[48];
if (inet_ntop(hdr->af, &hdr->saddr.v4, buf,
sizeof(buf)) == NULL)
printf("[orig src ?, ");
else
printf("[orig src %s:%u, ", buf,
ntohs(hdr->sport));
if (inet_ntop(hdr->af, &hdr->daddr.v4, buf,
sizeof(buf)) == NULL)
printf("dst ?] ");
else
printf("dst %s:%u] ", buf,
ntohs(hdr->dport));
}
}
af = hdr->naf;
length -= hdrlen;
if (af == AF_INET) {
ip = (struct ip *)(p + hdrlen);
ip_print((const u_char *)ip, length);
if (xflag)
default_print((const u_char *)ip,
caplen - hdrlen);
} else {
#ifdef INET6
ip6 = (struct ip6_hdr *)(p + hdrlen);
ip6_print((const u_char *)ip6, length);
if (xflag)
default_print((const u_char *)ip6,
caplen - hdrlen);
#endif
}
out:
putchar('\n');
}
/*
* RFC3032: MPLS label stack encoding
*/
void
mpls_print(const u_char *bp, u_int length)
{
const u_char *p;
u_int32_t label_entry;
u_int16_t label_stack_depth = 0;
enum mpls_packet_type pt = PT_UNKNOWN;
p = bp;
printf("MPLS");
do {
TCHECK2(*p, sizeof(label_entry));
label_entry = EXTRACT_32BITS(p);
printf("%s(label %u",
(label_stack_depth && vflag) ? "\n\t" : " ",
MPLS_LABEL(label_entry));
label_stack_depth++;
if (vflag &&
MPLS_LABEL(label_entry) < sizeof(mpls_labelname) / sizeof(mpls_labelname[0]))
printf(" (%s)", mpls_labelname[MPLS_LABEL(label_entry)]);
printf(", exp %u", MPLS_EXP(label_entry));
if (MPLS_STACK(label_entry))
printf(", [S]");
printf(", ttl %u)", MPLS_TTL(label_entry));
p += sizeof(label_entry);
} while (!MPLS_STACK(label_entry));
/*
* Try to figure out the packet type.
*/
switch (MPLS_LABEL(label_entry)) {
case 0: /* IPv4 explicit NULL label */
case 3: /* IPv4 implicit NULL label */
pt = PT_IPV4;
break;
case 2: /* IPv6 explicit NULL label */
pt = PT_IPV6;
break;
default:
/*
* Generally there's no indication of protocol in MPLS label
* encoding.
*
* However, draft-hsmit-isis-aal5mux-00.txt describes a
* technique for encapsulating IS-IS and IP traffic on the
* same ATM virtual circuit; you look at the first payload
* byte to determine the network layer protocol, based on
* the fact that
*
* 1) the first byte of an IP header is 0x45-0x4f
* for IPv4 and 0x60-0x6f for IPv6;
*
* 2) the first byte of an OSI CLNP packet is 0x81,
* the first byte of an OSI ES-IS packet is 0x82,
* and the first byte of an OSI IS-IS packet is
* 0x83;
*
* so the network layer protocol can be inferred from the
* first byte of the packet, if the protocol is one of the
* ones listed above.
*
* Cisco sends control-plane traffic MPLS-encapsulated in
* this fashion.
*/
switch(*p) {
case 0x45:
case 0x46:
case 0x47:
case 0x48:
case 0x49:
case 0x4a:
case 0x4b:
case 0x4c:
case 0x4d:
case 0x4e:
case 0x4f:
pt = PT_IPV4;
break;
case 0x60:
case 0x61:
case 0x62:
case 0x63:
case 0x64:
case 0x65:
case 0x66:
case 0x67:
case 0x68:
case 0x69:
case 0x6a:
case 0x6b:
case 0x6c:
case 0x6d:
case 0x6e:
case 0x6f:
pt = PT_IPV6;
break;
case 0x81:
case 0x82:
case 0x83:
pt = PT_OSI;
break;
default:
/* ok bail out - we did not figure out what it is*/
break;
}
}
/*
* Print the payload.
*/
if (pt == PT_UNKNOWN) {
if (!suppress_default_print)
default_print(p, length - (p - bp));
return;
}
if (vflag)
printf("\n\t");
else
printf(" ");
switch (pt) {
case PT_IPV4:
ip_print(gndo, p, length - (p - bp));
break;
case PT_IPV6:
#ifdef INET6
ip6_print(gndo, p, length - (p - bp));
#else
printf("IPv6, length: %u", length);
#endif
break;
case PT_OSI:
isoclns_print(p, length - (p - bp), length - (p - bp));
break;
default:
break;
}
return;
trunc:
printf("[|MPLS]");
}
void sctp_print(const u_char *bp,
const u_char *bp2,
u_int sctpPacketLength)
{
const struct sctpHeader *sctpPktHdr;
const struct ip *ip;
#ifdef INET6
const struct ip6_hdr *ip6;
#endif
const void *endPacketPtr;
u_short sourcePort, destPort;
int chunkCount;
const struct sctpChunkDesc *chunkDescPtr;
const void *nextChunk;
const char *sep;
sctpPktHdr = (const struct sctpHeader*) bp;
endPacketPtr = (const u_char*)sctpPktHdr+sctpPacketLength;
if( (u_long) endPacketPtr > (u_long) snapend)
endPacketPtr = (const void *) snapend;
ip = (struct ip *)bp2;
#ifdef INET6
if (IP_V(ip) == 6)
ip6 = (const struct ip6_hdr *)bp2;
else
ip6 = NULL;
#endif
TCHECK(*sctpPktHdr);
if (sctpPacketLength < sizeof(struct sctpHeader))
{
(void)printf("truncated-sctp - %ld bytes missing!",
(long)sctpPacketLength-sizeof(struct sctpHeader));
return;
}
sourcePort = EXTRACT_16BITS(&sctpPktHdr->source);
destPort = EXTRACT_16BITS(&sctpPktHdr->destination);
#ifdef INET6
if (ip6) {
(void)printf("%s.%d > %s.%d: sctp",
ip6addr_string(&ip6->ip6_src),
sourcePort,
ip6addr_string(&ip6->ip6_dst),
destPort);
} else
#endif
{
(void)printf("%s.%d > %s.%d: sctp",
ipaddr_string(&ip->ip_src),
sourcePort,
ipaddr_string(&ip->ip_dst),
destPort);
}
fflush(stdout);
if (vflag >= 2)
sep = "\n\t";
else
sep = " (";
for (chunkCount = 0,
chunkDescPtr = (const struct sctpChunkDesc *)
((const u_char*) sctpPktHdr + sizeof(struct sctpHeader));
chunkDescPtr != NULL &&
( (const void *)
((const u_char *) chunkDescPtr + sizeof(struct sctpChunkDesc))
<= endPacketPtr);
chunkDescPtr = (const struct sctpChunkDesc *) nextChunk, chunkCount++)
{
u_int16_t chunkLength;
const u_char *chunkEnd;
u_int16_t align;
TCHECK(*chunkDescPtr);
chunkLength = EXTRACT_16BITS(&chunkDescPtr->chunkLength);
if (chunkLength < sizeof(*chunkDescPtr)) {
printf("%s%d) [Bad chunk length %u]", sep, chunkCount+1, chunkLength);
break;
}
TCHECK2(*((u_int8_t *)chunkDescPtr), chunkLength);
chunkEnd = ((const u_char*)chunkDescPtr + chunkLength);
align=chunkLength % 4;
if (align != 0)
align = 4 - align;
nextChunk = (const void *) (chunkEnd + align);
printf("%s%d) ", sep, chunkCount+1);
switch (chunkDescPtr->chunkID)
{
case SCTP_DATA :
{
const struct sctpDataPart *dataHdrPtr;
printf("[DATA] ");
if ((chunkDescPtr->chunkFlg & SCTP_DATA_UNORDERED)
== SCTP_DATA_UNORDERED)
printf("(U)");
if ((chunkDescPtr->chunkFlg & SCTP_DATA_FIRST_FRAG)
== SCTP_DATA_FIRST_FRAG)
printf("(B)");
if ((chunkDescPtr->chunkFlg & SCTP_DATA_LAST_FRAG)
== SCTP_DATA_LAST_FRAG)
printf("(E)");
if( ((chunkDescPtr->chunkFlg & SCTP_DATA_UNORDERED)
== SCTP_DATA_UNORDERED)
||
((chunkDescPtr->chunkFlg & SCTP_DATA_FIRST_FRAG)
== SCTP_DATA_FIRST_FRAG)
||
((chunkDescPtr->chunkFlg & SCTP_DATA_LAST_FRAG)
== SCTP_DATA_LAST_FRAG) )
printf(" ");
dataHdrPtr=(const struct sctpDataPart*)(chunkDescPtr+1);
printf("[TSN: %u] ", EXTRACT_32BITS(&dataHdrPtr->TSN));
printf("[SID: %u] ", EXTRACT_16BITS(&dataHdrPtr->streamId));
printf("[SSEQ %u] ", EXTRACT_16BITS(&dataHdrPtr->sequence));
printf("[PPID 0x%x] ", EXTRACT_32BITS(&dataHdrPtr->payloadtype));
fflush(stdout);
if (vflag >= 2)
{
const u_char *payloadPtr;
printf("[Payload");
if (!suppress_default_print) {
payloadPtr = (const u_char *) (++dataHdrPtr);
printf(":");
if (htons(chunkDescPtr->chunkLength) <
sizeof(struct sctpDataPart)+
sizeof(struct sctpChunkDesc)+1) {
printf("bogus chunk length %u]",
htons(chunkDescPtr->chunkLength));
return;
}
default_print(payloadPtr,
htons(chunkDescPtr->chunkLength) -
(sizeof(struct sctpDataPart)+
sizeof(struct sctpChunkDesc)));
} else
printf("]");
}
break;
}
case SCTP_INITIATION :
{
const struct sctpInitiation *init;
printf("[INIT] ");
init=(const struct sctpInitiation*)(chunkDescPtr+1);
printf("[init tag: %u] ", EXTRACT_32BITS(&init->initTag));
printf("[rwnd: %u] ", EXTRACT_32BITS(&init->rcvWindowCredit));
printf("[OS: %u] ", EXTRACT_16BITS(&init->NumPreopenStreams));
printf("[MIS: %u] ", EXTRACT_16BITS(&init->MaxInboundStreams));
printf("[init TSN: %u] ", EXTRACT_32BITS(&init->initialTSN));
#if(0)
if( (init+1) < chunkEnd )
printf(" @@@@@ UNFINISHED @@@@@@%s\n",
"Optional params present, but not printed.");
#endif
break;
}
case SCTP_INITIATION_ACK :
{
const struct sctpInitiation *init;
printf("[INIT ACK] ");
init=(const struct sctpInitiation*)(chunkDescPtr+1);
printf("[init tag: %u] ", EXTRACT_32BITS(&init->initTag));
printf("[rwnd: %u] ", EXTRACT_32BITS(&init->rcvWindowCredit));
printf("[OS: %u] ", EXTRACT_16BITS(&init->NumPreopenStreams));
printf("[MIS: %u] ", EXTRACT_16BITS(&init->MaxInboundStreams));
printf("[init TSN: %u] ", EXTRACT_32BITS(&init->initialTSN));
#if(0)
if( (init+1) < chunkEnd )
printf(" @@@@@ UNFINISHED @@@@@@%s\n",
"Optional params present, but not printed.");
#endif
break;
}
case SCTP_SELECTIVE_ACK:
{
const struct sctpSelectiveAck *sack;
const struct sctpSelectiveFrag *frag;
int fragNo, tsnNo;
const u_char *dupTSN;
printf("[SACK] ");
sack=(const struct sctpSelectiveAck*)(chunkDescPtr+1);
printf("[cum ack %u] ", EXTRACT_32BITS(&sack->highestConseqTSN));
printf("[a_rwnd %u] ", EXTRACT_32BITS(&sack->updatedRwnd));
printf("[#gap acks %u] ", EXTRACT_16BITS(&sack->numberOfdesc));
printf("[#dup tsns %u] ", EXTRACT_16BITS(&sack->numDupTsns));
for (frag = ( (const struct sctpSelectiveFrag *)
((const struct sctpSelectiveAck *) sack+1)),
fragNo=0;
(const void *)frag < nextChunk && fragNo < EXTRACT_16BITS(&sack->numberOfdesc);
frag++, fragNo++)
printf("\n\t\t[gap ack block #%d: start = %u, end = %u] ",
fragNo+1,
EXTRACT_32BITS(&sack->highestConseqTSN) + EXTRACT_16BITS(&frag->fragmentStart),
EXTRACT_32BITS(&sack->highestConseqTSN) + EXTRACT_16BITS(&frag->fragmentEnd));
for (dupTSN = (const u_char *)frag, tsnNo=0;
(const void *) dupTSN < nextChunk && tsnNo<EXTRACT_16BITS(&sack->numDupTsns);
dupTSN += 4, tsnNo++)
printf("\n\t\t[dup TSN #%u: %u] ", tsnNo+1,
EXTRACT_32BITS(dupTSN));
break;
}
case SCTP_HEARTBEAT_REQUEST :
{
const struct sctpHBsender *hb;
hb=(const struct sctpHBsender*)chunkDescPtr;
printf("[HB REQ] ");
break;
}
case SCTP_HEARTBEAT_ACK :
printf("[HB ACK] ");
break;
case SCTP_ABORT_ASSOCIATION :
printf("[ABORT] ");
break;
case SCTP_SHUTDOWN :
printf("[SHUTDOWN] ");
break;
case SCTP_SHUTDOWN_ACK :
printf("[SHUTDOWN ACK] ");
break;
case SCTP_OPERATION_ERR :
printf("[OP ERR] ");
break;
case SCTP_COOKIE_ECHO :
printf("[COOKIE ECHO] ");
break;
case SCTP_COOKIE_ACK :
printf("[COOKIE ACK] ");
break;
case SCTP_ECN_ECHO :
printf("[ECN ECHO] ");
break;
case SCTP_ECN_CWR :
printf("[ECN CWR] ");
break;
case SCTP_SHUTDOWN_COMPLETE :
printf("[SHUTDOWN COMPLETE] ");
break;
case SCTP_FORWARD_CUM_TSN :
printf("[FOR CUM TSN] ");
break;
case SCTP_RELIABLE_CNTL :
printf("[REL CTRL] ");
break;
case SCTP_RELIABLE_CNTL_ACK :
printf("[REL CTRL ACK] ");
break;
default :
printf("[Unknown chunk type: 0x%x]", chunkDescPtr->chunkID);
return;
}
if (vflag < 2)
sep = ", (";
}
return;
trunc:
printf("[|sctp]");
return;
}
/*
* This is the top level routine of the printer. 'p' is the points
* to the ether header of the packet, 'tvp' is the timestamp,
* 'length' is the length of the packet off the wire, and 'caplen'
* is the number of bytes actually captured.
*/
void
ether_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
struct ether_header *ep;
u_short ether_type;
extern u_short extracted_ethertype;
ts_print(&h->ts);
if (caplen < sizeof(struct ether_header)) {
printf("[|ether]");
goto out;
}
if (eflag)
ether_print(p, length);
/*
* Some printers want to get back at the ethernet addresses,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
packetp = p;
snapend = p + caplen;
length -= sizeof(struct ether_header);
caplen -= sizeof(struct ether_header);
ep = (struct ether_header *)p;
p += sizeof(struct ether_header);
ether_type = ntohs(ep->ether_type);
/*
* Is it (gag) an 802.3 encapsulation?
*/
extracted_ethertype = 0;
if (ether_type <= ETHERMTU) {
/* Try to print the LLC-layer header & higher layers */
if (llc_print(p, length, caplen, ESRC(ep), EDST(ep)) == 0) {
/* ether_type not known, print raw packet */
if (!eflag)
ether_print((u_char *)ep, length);
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!xflag && !qflag)
default_print(p, caplen);
}
} else if (ether_encap_print(ether_type, p, length, caplen) == 0) {
/* ether_type not known, print raw packet */
if (!eflag)
ether_print((u_char *)ep, length + sizeof(*ep));
if (!xflag && !qflag)
default_print(p, caplen);
}
if (xflag)
default_print(p, caplen);
out:
putchar('\n');
}
static void
esis_print(const u_char *p, u_int length)
{
const u_char *ep;
int li = p[1];
const struct esis_hdr *eh = (const struct esis_hdr *) &p[2];
u_char cksum[2];
u_char off[2];
if (length == 2) {
if (qflag)
printf(" bad pkt!");
else
printf(" no header at all!");
return;
}
ep = p + li;
if (li > length) {
if (qflag)
printf(" bad pkt!");
else
printf(" LI(%d) > PDU size (%d)!", li, length);
return;
}
if (li < sizeof(struct esis_hdr) + 2) {
if (qflag)
printf(" bad pkt!");
else {
printf(" too short for esis header %d:", li);
while (--length != 0)
printf("%02X", *p++);
}
return;
}
switch (eh->type & 0x1f) {
case ESIS_REDIRECT:
printf(" redirect");
break;
case ESIS_ESH:
printf(" esh");
break;
case ESIS_ISH:
printf(" ish");
break;
default:
printf(" type %d", eh->type & 0x1f);
break;
}
off[0] = eh->cksum[0];
off[1] = eh->cksum[1];
if (vflag && osi_cksum(p, li, eh->cksum, cksum, off)) {
printf(" bad cksum (got %02x%02x want %02x%02x)",
eh->cksum[1], eh->cksum[0], cksum[1], cksum[0]);
return;
}
if (eh->version != 1) {
printf(" unsupported version %d", eh->version);
return;
}
p += sizeof(*eh) + 2;
li -= sizeof(*eh) + 2; /* protoid * li */
switch (eh->type & 0x1f) {
case ESIS_REDIRECT: {
const u_char *dst, *snpa, *is;
dst = p; p += *p + 1;
if (p > snapend)
return;
printf(" %s", isonsap_string(dst));
snpa = p; p += *p + 1;
is = p; p += *p + 1;
if (p > snapend)
return;
if (p > ep) {
printf(" [bad li]");
return;
}
if (is[0] == 0)
printf(" > %s", etheraddr_string(&snpa[1]));
else
printf(" > %s", isonsap_string(is));
li = ep - p;
break;
}
case ESIS_ESH: {
const u_char *nsap;
int i, nnsaps;
nnsaps = *p++;
/* print NSAPs */
for (i = 0; i < nnsaps; i++) {
nsap = p;
p += *p + 1;
if (p > ep) {
printf(" [bad li]");
return;
}
if (p > snapend)
return;
printf(" nsap %s", isonsap_string(nsap));
}
li = ep - p;
break;
}
case ESIS_ISH: {
const u_char *is;
is = p; p += *p + 1;
if (p > ep) {
printf(" [bad li]");
return;
}
if (p > snapend)
return;
printf(" net %s", isonsap_string(is));
li = ep - p;
break;
}
default:
(void)printf(" len=%d", length);
if (length && p < snapend) {
length = snapend - p;
default_print(p, length);
}
return;
}
if (vflag)
while (p < ep && li) {
int op, opli;
const u_char *q;
if (snapend - p < 2)
return;
if (li < 2) {
printf(" bad opts/li");
return;
}
op = *p++;
opli = *p++;
li -= 2;
if (opli > li) {
printf(" opt (%d) too long", op);
return;
}
li -= opli;
q = p;
p += opli;
if (snapend < p)
return;
if (op == 198 && opli == 2) {
printf(" tmo=%d", q[0] * 256 + q[1]);
continue;
}
printf (" %d:<", op);
while (--opli >= 0)
printf("%02x", *q++);
printf (">");
}
}
/*
* This is the top level routine of the printer. 'p' points
* to the ARCNET header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
arcnet_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
const struct arc_header *ap;
int phds, flag = 0, archdrlen = 0;
u_int seqid = 0;
u_char arc_type;
if (caplen < ARC_HDRLEN) {
printf("[|arcnet]");
return (caplen);
}
ap = (const struct arc_header *)p;
arc_type = ap->arc_type;
switch (arc_type) {
default:
phds = 1;
break;
case ARCTYPE_IP_OLD:
case ARCTYPE_ARP_OLD:
case ARCTYPE_DIAGNOSE:
phds = 0;
archdrlen = ARC_HDRLEN;
break;
}
if (phds) {
if (caplen < ARC_HDRNEWLEN) {
arcnet_print(p, length, 0, 0, 0);
printf("[|phds]");
return (caplen);
}
if (ap->arc_flag == 0xff) {
if (caplen < ARC_HDRNEWLEN_EXC) {
arcnet_print(p, length, 0, 0, 0);
printf("[|phds extended]");
return (caplen);
}
flag = ap->arc_flag2;
seqid = EXTRACT_16BITS(&ap->arc_seqid2);
archdrlen = ARC_HDRNEWLEN_EXC;
} else {
flag = ap->arc_flag;
seqid = EXTRACT_16BITS(&ap->arc_seqid);
archdrlen = ARC_HDRNEWLEN;
}
}
if (eflag)
arcnet_print(p, length, phds, flag, seqid);
/*
* Go past the ARCNET header.
*/
length -= archdrlen;
caplen -= archdrlen;
p += archdrlen;
if (phds && flag && (flag & 1) == 0) {
/*
* This is a middle fragment.
*/
return (archdrlen);
}
if (!arcnet_encap_print(arc_type, p, length, caplen))
default_print(p, caplen);
return (archdrlen);
}
int
llc_print(const u_char *p, u_int length, u_int caplen,
const u_char *esrc, const u_char *edst, u_short *extracted_ethertype)
{
u_int8_t dsap_field, dsap, ssap_field, ssap;
u_int16_t control;
int is_u;
register int ret;
*extracted_ethertype = 0;
if (caplen < 3) {
(void)printf("[|llc]");
default_print((u_char *)p, caplen);
return(0);
}
dsap_field = *p;
ssap_field = *(p + 1);
/*
* OK, what type of LLC frame is this? The length
* of the control field depends on that - I frames
* have a two-byte control field, and U frames have
* a one-byte control field.
*/
control = *(p + 2);
if ((control & LLC_U_FMT) == LLC_U_FMT) {
/*
* U frame.
*/
is_u = 1;
} else {
/*
* The control field in I and S frames is
* 2 bytes...
*/
if (caplen < 4) {
(void)printf("[|llc]");
default_print((u_char *)p, caplen);
return(0);
}
/*
* ...and is little-endian.
*/
control = EXTRACT_LE_16BITS(p + 2);
is_u = 0;
}
if (ssap_field == LLCSAP_GLOBAL && dsap_field == LLCSAP_GLOBAL) {
/*
* This is an Ethernet_802.3 IPX frame; it has an
* 802.3 header (i.e., an Ethernet header where the
* type/length field is <= ETHERMTU, i.e. it's a length
* field, not a type field), but has no 802.2 header -
* the IPX packet starts right after the Ethernet header,
* with a signature of two bytes of 0xFF (which is
* LLCSAP_GLOBAL).
*
* (It might also have been an Ethernet_802.3 IPX at
* one time, but got bridged onto another network,
* such as an 802.11 network; this has appeared in at
* least one capture file.)
*/
if (eflag)
printf("IPX 802.3: ");
ipx_print(p, length);
return (1);
}
dsap = dsap_field & ~LLC_IG;
ssap = ssap_field & ~LLC_GSAP;
if (eflag) {
printf("LLC, dsap %s (0x%02x) %s, ssap %s (0x%02x) %s",
tok2str(llc_values, "Unknown", dsap),
dsap,
tok2str(llc_ig_flag_values, "Unknown", dsap_field & LLC_IG),
tok2str(llc_values, "Unknown", ssap),
ssap,
tok2str(llc_flag_values, "Unknown", ssap_field & LLC_GSAP));
if (is_u) {
printf(", ctrl 0x%02x: ", control);
} else {
printf(", ctrl 0x%04x: ", control);
}
}
if (ssap == LLCSAP_8021D && dsap == LLCSAP_8021D &&
control == LLC_UI) {
stp_print(p+3, length-3);
return (1);
}
if (ssap == LLCSAP_IP && dsap == LLCSAP_IP &&
control == LLC_UI) {
ip_print(gndo, p+4, length-4);
return (1);
}
if (ssap == LLCSAP_IPX && dsap == LLCSAP_IPX &&
control == LLC_UI) {
/*
* This is an Ethernet_802.2 IPX frame, with an 802.3
* header and an 802.2 LLC header with the source and
* destination SAPs being the IPX SAP.
*
* Skip DSAP, LSAP, and control field.
*/
if (eflag)
printf("IPX 802.2: ");
ipx_print(p+3, length-3);
return (1);
}
#ifdef TCPDUMP_DO_SMB
if (ssap == LLCSAP_NETBEUI && dsap == LLCSAP_NETBEUI
&& (!(control & LLC_S_FMT) || control == LLC_U_FMT)) {
/*
* we don't actually have a full netbeui parser yet, but the
* smb parser can handle many smb-in-netbeui packets, which
* is very useful, so we call that
*
* We don't call it for S frames, however, just I frames
* (which are frames that don't have the low-order bit,
* LLC_S_FMT, set in the first byte of the control field)
* and UI frames (whose control field is just 3, LLC_U_FMT).
*/
/*
* Skip the LLC header.
*/
if (is_u) {
p += 3;
length -= 3;
caplen -= 3;
} else {
p += 4;
length -= 4;
caplen -= 4;
}
netbeui_print(control, p, length);
return (1);
}
#endif
if (ssap == LLCSAP_ISONS && dsap == LLCSAP_ISONS
&& control == LLC_UI) {
isoclns_print(p + 3, length - 3, caplen - 3);
return (1);
}
if (ssap == LLCSAP_SNAP && dsap == LLCSAP_SNAP
&& control == LLC_UI) {
/*
* XXX - what *is* the right bridge pad value here?
* Does anybody ever bridge one form of LAN traffic
* over a networking type that uses 802.2 LLC?
*/
ret = snap_print(p+3, length-3, caplen-3, extracted_ethertype,
2);
if (ret)
return (ret);
}
if (!eflag) {
if (ssap == dsap) {
if (esrc == NULL || edst == NULL)
(void)printf("%s ", tok2str(llc_values, "Unknown DSAP 0x%02x", dsap));
else
(void)printf("%s > %s %s ",
etheraddr_string(esrc),
etheraddr_string(edst),
tok2str(llc_values, "Unknown DSAP 0x%02x", dsap));
} else {
if (esrc == NULL || edst == NULL)
(void)printf("%s > %s ",
tok2str(llc_values, "Unknown SSAP 0x%02x", ssap),
tok2str(llc_values, "Unknown DSAP 0x%02x", dsap));
else
(void)printf("%s %s > %s %s ",
etheraddr_string(esrc),
tok2str(llc_values, "Unknown SSAP 0x%02x", ssap),
etheraddr_string(edst),
tok2str(llc_values, "Unknown DSAP 0x%02x", dsap));
}
}
if (is_u) {
printf("Unnumbered, %s, Flags [%s], length %u",
tok2str(llc_cmd_values, "%02x", LLC_U_CMD(control)),
tok2str(llc_flag_values,"?",(ssap_field & LLC_GSAP) | (control & LLC_U_POLL)),
length);
p += 3;
length -= 3;
caplen -= 3;
if ((control & ~LLC_U_POLL) == LLC_XID) {
if (*p == LLC_XID_FI) {
printf(": %02x %02x", p[1], p[2]);
p += 3;
length -= 3;
caplen -= 3;
}
}
} else {
if ((control & LLC_S_FMT) == LLC_S_FMT) {
(void)printf("Supervisory, %s, rcv seq %u, Flags [%s], length %u",
tok2str(llc_supervisory_values,"?",LLC_S_CMD(control)),
LLC_IS_NR(control),
tok2str(llc_flag_values,"?",(ssap_field & LLC_GSAP) | (control & LLC_IS_POLL)),
length);
} else {
(void)printf("Information, send seq %u, rcv seq %u, Flags [%s], length %u",
LLC_I_NS(control),
LLC_IS_NR(control),
tok2str(llc_flag_values,"?",(ssap_field & LLC_GSAP) | (control & LLC_IS_POLL)),
length);
}
p += 4;
length -= 4;
caplen -= 4;
}
return(1);
}
u_int
token_print(const u_char *p, u_int length, u_int caplen)
{
const struct token_header *trp;
u_short extracted_ethertype;
struct ether_header ehdr;
u_int route_len = 0, hdr_len = TOKEN_HDRLEN;
int seg;
trp = (const struct token_header *)p;
if (caplen < TOKEN_HDRLEN) {
printf("[|token-ring]");
return hdr_len;
}
/*
* Get the TR addresses into a canonical form
*/
extract_token_addrs(trp, (char*)ESRC(&ehdr), (char*)EDST(&ehdr));
/* Adjust for source routing information in the MAC header */
if (IS_SOURCE_ROUTED(trp)) {
/* Clear source-routed bit */
*ESRC(&ehdr) &= 0x7f;
if (eflag)
token_hdr_print(trp, length, ESRC(&ehdr), EDST(&ehdr));
if (caplen < TOKEN_HDRLEN + 2) {
printf("[|token-ring]");
return hdr_len;
}
route_len = RIF_LENGTH(trp);
hdr_len += route_len;
if (caplen < hdr_len) {
printf("[|token-ring]");
return hdr_len;
}
if (vflag) {
printf("%s ", broadcast_indicator[BROADCAST(trp)]);
printf("%s", direction[DIRECTION(trp)]);
for (seg = 0; seg < SEGMENT_COUNT(trp); seg++)
printf(" [%d:%d]", RING_NUMBER(trp, seg),
BRIDGE_NUMBER(trp, seg));
} else {
printf("rt = %x", EXTRACT_16BITS(&trp->token_rcf));
for (seg = 0; seg < SEGMENT_COUNT(trp); seg++)
printf(":%x", EXTRACT_16BITS(&trp->token_rseg[seg]));
}
printf(" (%s) ", largest_frame[LARGEST_FRAME(trp)]);
} else {
if (eflag)
token_hdr_print(trp, length, ESRC(&ehdr), EDST(&ehdr));
}
/* Skip over token ring MAC header and routing information */
length -= hdr_len;
p += hdr_len;
caplen -= hdr_len;
/* Frame Control field determines interpretation of packet */
if (FRAME_TYPE(trp) == TOKEN_FC_LLC) {
/* Try to print the LLC-layer header & higher layers */
if (llc_print(p, length, caplen, ESRC(&ehdr), EDST(&ehdr),
&extracted_ethertype) == 0) {
/* ether_type not known, print raw packet */
if (!eflag)
token_hdr_print(trp,
length + TOKEN_HDRLEN + route_len,
ESRC(&ehdr), EDST(&ehdr));
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!suppress_default_print)
default_print(p, caplen);
}
} else {
/* Some kinds of TR packet we cannot handle intelligently */
/* XXX - dissect MAC packets if frame type is 0 */
if (!eflag)
token_hdr_print(trp, length + TOKEN_HDRLEN + route_len,
ESRC(&ehdr), EDST(&ehdr));
if (!suppress_default_print)
default_print(p, caplen);
}
return (hdr_len);
}
/*
* Print an Ethernet frame.
* This might be encapsulated within another frame; we might be passed
* a pointer to a function that can print header information for that
* frame's protocol, and an argument to pass to that function.
*/
void
ether_print(const u_char *p, u_int length, u_int caplen,
void (*print_encap_header)(const u_char *), const u_char *encap_header_arg)
{
struct ether_header *ep;
u_int orig_length;
u_short ether_type;
u_short extracted_ether_type;
if (caplen < ETHER_HDRLEN || length < ETHER_HDRLEN) {
printf("[|ether]");
return;
}
if (eflag) {
if (print_encap_header != NULL)
(*print_encap_header)(encap_header_arg);
ether_hdr_print(p, length);
}
orig_length = length;
length -= ETHER_HDRLEN;
caplen -= ETHER_HDRLEN;
ep = (struct ether_header *)p;
p += ETHER_HDRLEN;
ether_type = EXTRACT_16BITS(&ep->ether_type);
recurse:
/*
* Is it (gag) an 802.3 encapsulation?
*/
if (ether_type <= ETHERMTU) {
/* Try to print the LLC-layer header & higher layers */
if (llc_print(p, length, caplen, ESRC(ep), EDST(ep),
&extracted_ether_type) == 0) {
/* ether_type not known, print raw packet */
if (!eflag) {
if (print_encap_header != NULL)
(*print_encap_header)(encap_header_arg);
ether_hdr_print((u_char *)ep, orig_length);
}
if (!suppress_default_print)
default_print(p, caplen);
}
} else if (ether_type == ETHERTYPE_8021Q) {
/*
* Print VLAN information, and then go back and process
* the enclosed type field.
*/
if (caplen < 4 || length < 4) {
printf("[|vlan]");
return;
}
if (eflag) {
u_int16_t tag = EXTRACT_16BITS(p);
printf("vlan %u, p %u%s, ",
tag & 0xfff,
tag >> 13,
(tag & 0x1000) ? ", CFI" : "");
}
ether_type = EXTRACT_16BITS(p + 2);
if (eflag && ether_type > ETHERMTU)
printf("ethertype %s, ", tok2str(ethertype_values,"0x%04x", ether_type));
p += 4;
length -= 4;
caplen -= 4;
goto recurse;
} else if (ether_type == ETHERTYPE_JUMBO) {
static int
print_decnet_ctlmsg(register const union routehdr *rhp, u_int length,
u_int caplen)
{
int mflags = EXTRACT_LE_8BITS(rhp->rh_short.sh_flags);
register union controlmsg *cmp = (union controlmsg *)rhp;
int src, dst, info, blksize, eco, ueco, hello, other, vers;
etheraddr srcea, rtea;
int priority;
char *rhpx = (char *)rhp;
int ret;
switch (mflags & RMF_CTLMASK) {
case RMF_INIT:
(void)printf("init ");
if (length < sizeof(struct initmsg))
goto trunc;
TCHECK(cmp->cm_init);
src = EXTRACT_LE_16BITS(cmp->cm_init.in_src);
info = EXTRACT_LE_8BITS(cmp->cm_init.in_info);
blksize = EXTRACT_LE_16BITS(cmp->cm_init.in_blksize);
vers = EXTRACT_LE_8BITS(cmp->cm_init.in_vers);
eco = EXTRACT_LE_8BITS(cmp->cm_init.in_eco);
ueco = EXTRACT_LE_8BITS(cmp->cm_init.in_ueco);
hello = EXTRACT_LE_16BITS(cmp->cm_init.in_hello);
print_t_info(info);
(void)printf(
"src %sblksize %d vers %d eco %d ueco %d hello %d",
dnaddr_string(src), blksize, vers, eco, ueco,
hello);
ret = 1;
break;
case RMF_VER:
(void)printf("verification ");
if (length < sizeof(struct verifmsg))
goto trunc;
TCHECK(cmp->cm_ver);
src = EXTRACT_LE_16BITS(cmp->cm_ver.ve_src);
other = EXTRACT_LE_8BITS(cmp->cm_ver.ve_fcnval);
(void)printf("src %s fcnval %o", dnaddr_string(src), other);
ret = 1;
break;
case RMF_TEST:
(void)printf("test ");
if (length < sizeof(struct testmsg))
goto trunc;
TCHECK(cmp->cm_test);
src = EXTRACT_LE_16BITS(cmp->cm_test.te_src);
other = EXTRACT_LE_8BITS(cmp->cm_test.te_data);
(void)printf("src %s data %o", dnaddr_string(src), other);
ret = 1;
break;
case RMF_L1ROUT:
(void)printf("lev-1-routing ");
if (length < sizeof(struct l1rout))
goto trunc;
TCHECK(cmp->cm_l1rou);
src = EXTRACT_LE_16BITS(cmp->cm_l1rou.r1_src);
(void)printf("src %s ", dnaddr_string(src));
ret = print_l1_routes(&(rhpx[sizeof(struct l1rout)]),
length - sizeof(struct l1rout));
break;
case RMF_L2ROUT:
(void)printf("lev-2-routing ");
if (length < sizeof(struct l2rout))
goto trunc;
TCHECK(cmp->cm_l2rout);
src = EXTRACT_LE_16BITS(cmp->cm_l2rout.r2_src);
(void)printf("src %s ", dnaddr_string(src));
ret = print_l2_routes(&(rhpx[sizeof(struct l2rout)]),
length - sizeof(struct l2rout));
break;
case RMF_RHELLO:
(void)printf("router-hello ");
if (length < sizeof(struct rhellomsg))
goto trunc;
TCHECK(cmp->cm_rhello);
vers = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_vers);
eco = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_eco);
ueco = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_ueco);
memcpy((char *)&srcea, (char *)&(cmp->cm_rhello.rh_src),
sizeof(srcea));
src = EXTRACT_LE_16BITS(srcea.dne_remote.dne_nodeaddr);
info = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_info);
blksize = EXTRACT_LE_16BITS(cmp->cm_rhello.rh_blksize);
priority = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_priority);
hello = EXTRACT_LE_16BITS(cmp->cm_rhello.rh_hello);
print_i_info(info);
(void)printf(
"vers %d eco %d ueco %d src %s blksize %d pri %d hello %d",
vers, eco, ueco, dnaddr_string(src),
blksize, priority, hello);
ret = print_elist(&(rhpx[sizeof(struct rhellomsg)]),
length - sizeof(struct rhellomsg));
break;
case RMF_EHELLO:
(void)printf("endnode-hello ");
if (length < sizeof(struct ehellomsg))
goto trunc;
TCHECK(cmp->cm_ehello);
vers = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_vers);
eco = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_eco);
ueco = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_ueco);
memcpy((char *)&srcea, (char *)&(cmp->cm_ehello.eh_src),
sizeof(srcea));
src = EXTRACT_LE_16BITS(srcea.dne_remote.dne_nodeaddr);
info = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_info);
blksize = EXTRACT_LE_16BITS(cmp->cm_ehello.eh_blksize);
/*seed*/
memcpy((char *)&rtea, (char *)&(cmp->cm_ehello.eh_router),
sizeof(rtea));
dst = EXTRACT_LE_16BITS(rtea.dne_remote.dne_nodeaddr);
hello = EXTRACT_LE_16BITS(cmp->cm_ehello.eh_hello);
other = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_data);
print_i_info(info);
(void)printf(
"vers %d eco %d ueco %d src %s blksize %d rtr %s hello %d data %o",
vers, eco, ueco, dnaddr_string(src),
blksize, dnaddr_string(dst), hello, other);
ret = 1;
break;
default:
(void)printf("unknown control message");
default_print((u_char *)rhp, min(length, caplen));
ret = 1;
break;
}
return (ret);
trunc:
return (0);
}
/*
* This is the top level routine of the printer. 'p' is the points
* to the LLC/SNAP header of the packet, 'tvp' is the timestamp,
* 'length' is the length of the packet off the wire, and 'caplen'
* is the number of bytes actually captured.
*/
void
atm_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
u_short ethertype;
ts_print(&h->ts);
if (caplen < 8) {
printf("[|atm]");
goto out;
}
if (p[0] != 0xaa || p[1] != 0xaa || p[2] != 0x03) {
/*XXX assume 802.6 MAC header from fore driver */
if (eflag)
printf("%04x%04x %04x%04x ",
p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3],
p[4] << 24 | p[5] << 16 | p[6] << 8 | p[7],
p[8] << 24 | p[9] << 16 | p[10] << 8 | p[11],
p[12] << 24 | p[13] << 16 | p[14] << 8 | p[15]);
p += 20;
length -= 20;
caplen -= 20;
}
ethertype = p[6] << 8 | p[7];
if (eflag)
printf("%02x %02x %02x %02x-%02x-%02x %04x: ",
p[0], p[1], p[2], /* dsap/ssap/ctrl */
p[3], p[4], p[5], /* manufacturer's code */
ethertype);
/*
* Some printers want to get back at the ethernet addresses,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
packetp = p;
snapend = p + caplen;
length -= 8;
caplen -= 8;
p += 8;
switch (ethertype) {
case ETHERTYPE_IP:
ip_print(p, length);
break;
#ifdef INET6
case ETHERTYPE_IPV6:
ip6_print(p, length);
break;
#endif /*INET6*/
/*XXX this probably isn't right */
case ETHERTYPE_ARP:
case ETHERTYPE_REVARP:
arp_print(p, length, caplen);
break;
#ifdef notyet
case ETHERTYPE_DN:
decnet_print(p, length, caplen);
break;
case ETHERTYPE_ATALK:
if (vflag)
fputs("et1 ", stdout);
atalk_print(p, length);
break;
case ETHERTYPE_AARP:
aarp_print(p, length);
break;
case ETHERTYPE_LAT:
case ETHERTYPE_MOPRC:
case ETHERTYPE_MOPDL:
/* default_print for now */
#endif
default:
/* ether_type not known, print raw packet */
if (!eflag)
printf("%02x %02x %02x %02x-%02x-%02x %04x: ",
p[0], p[1], p[2], /* dsap/ssap/ctrl */
p[3], p[4], p[5], /* manufacturer's code */
ethertype);
if (!xflag && !qflag)
default_print(p, caplen);
}
if (xflag)
default_print(p, caplen);
out:
putchar('\n');
}
void
decnet_print(register const u_char *ap, register u_int length,
register u_int caplen)
{
register const union routehdr *rhp;
register int mflags;
int dst, src, hops;
u_int nsplen, pktlen;
const u_char *nspp;
if (length < sizeof(struct shorthdr)) {
(void)printf("[|decnet]");
return;
}
TCHECK2(*ap, sizeof(short));
pktlen = EXTRACT_LE_16BITS(ap);
if (pktlen < sizeof(struct shorthdr)) {
(void)printf("[|decnet]");
return;
}
if (pktlen > length) {
(void)printf("[|decnet]");
return;
}
length = pktlen;
rhp = (const union routehdr *)&(ap[sizeof(short)]);
TCHECK(rhp->rh_short.sh_flags);
mflags = EXTRACT_LE_8BITS(rhp->rh_short.sh_flags);
if (mflags & RMF_PAD) {
/* pad bytes of some sort in front of message */
u_int padlen = mflags & RMF_PADMASK;
if (vflag)
(void) printf("[pad:%d] ", padlen);
if (length < padlen + 2) {
(void)printf("[|decnet]");
return;
}
TCHECK2(ap[sizeof(short)], padlen);
ap += padlen;
length -= padlen;
caplen -= padlen;
rhp = (const union routehdr *)&(ap[sizeof(short)]);
mflags = EXTRACT_LE_8BITS(rhp->rh_short.sh_flags);
}
if (mflags & RMF_FVER) {
(void) printf("future-version-decnet");
default_print(ap, min(length, caplen));
return;
}
/* is it a control message? */
if (mflags & RMF_CTLMSG) {
if (!print_decnet_ctlmsg(rhp, length, caplen))
goto trunc;
return;
}
switch (mflags & RMF_MASK) {
case RMF_LONG:
if (length < sizeof(struct longhdr)) {
(void)printf("[|decnet]");
return;
}
TCHECK(rhp->rh_long);
dst =
EXTRACT_LE_16BITS(rhp->rh_long.lg_dst.dne_remote.dne_nodeaddr);
src =
EXTRACT_LE_16BITS(rhp->rh_long.lg_src.dne_remote.dne_nodeaddr);
hops = EXTRACT_LE_8BITS(rhp->rh_long.lg_visits);
nspp = &(ap[sizeof(short) + sizeof(struct longhdr)]);
nsplen = length - sizeof(struct longhdr);
break;
case RMF_SHORT:
TCHECK(rhp->rh_short);
dst = EXTRACT_LE_16BITS(rhp->rh_short.sh_dst);
src = EXTRACT_LE_16BITS(rhp->rh_short.sh_src);
hops = (EXTRACT_LE_8BITS(rhp->rh_short.sh_visits) & VIS_MASK)+1;
nspp = &(ap[sizeof(short) + sizeof(struct shorthdr)]);
nsplen = length - sizeof(struct shorthdr);
break;
default:
(void) printf("unknown message flags under mask");
default_print((u_char *)ap, min(length, caplen));
return;
}
(void)printf("%s > %s %d ",
dnaddr_string(src), dnaddr_string(dst), pktlen);
if (vflag) {
if (mflags & RMF_RQR)
(void)printf("RQR ");
if (mflags & RMF_RTS)
(void)printf("RTS ");
if (mflags & RMF_IE)
(void)printf("IE ");
(void)printf("%d hops ", hops);
}
if (!print_nsp(nspp, nsplen))
goto trunc;
return;
trunc:
(void)printf("[|decnet]");
return;
}
/*
* This is the top level routine of the printer. 'sp' is the points
* to the FDDI header of the packet, 'tvp' is the timestamp,
* 'length' is the length of the packet off the wire, and 'caplen'
* is the number of bytes actually captured.
*/
void
fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h,
register const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
const struct fddi_header *fddip = (struct fddi_header *)p;
extern u_short extracted_ethertype;
struct ether_header ehdr;
ts_print(&h->ts);
if (caplen < FDDI_HDRLEN) {
printf("[|fddi]");
goto out;
}
/*
* Get the FDDI addresses into a canonical form
*/
extract_fddi_addrs(fddip, (char *)ESRC(&ehdr), (char *)EDST(&ehdr));
/*
* Some printers want to get back at the link level addresses,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
snapend = p + caplen;
/*
* Actually, the only printer that uses packetp is print-bootp.c,
* and it assumes that packetp points to an Ethernet header. The
* right thing to do is to fix print-bootp.c to know which link
* type is in use when it excavates. XXX
*/
packetp = (u_char *)&ehdr;
if (eflag)
fddi_print(fddip, length, ESRC(&ehdr), EDST(&ehdr));
/* Skip over FDDI MAC header */
length -= FDDI_HDRLEN;
p += FDDI_HDRLEN;
caplen -= FDDI_HDRLEN;
/* Frame Control field determines interpretation of packet */
extracted_ethertype = 0;
if ((fddip->fddi_fc & FDDIFC_CLFF) == FDDIFC_LLC_ASYNC) {
/* Try to print the LLC-layer header & higher layers */
if (llc_print(p, length, caplen, ESRC(&ehdr), EDST(&ehdr))
== 0) {
/*
* Some kinds of LLC packet we cannot
* handle intelligently
*/
if (!eflag)
fddi_print(fddip, length,
ESRC(&ehdr), EDST(&ehdr));
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!xflag && !qflag)
default_print(p, caplen);
}
} else if ((fddip->fddi_fc & FDDIFC_CLFF) == FDDIFC_SMT)
fddi_smt_print(p, caplen);
else {
/* Some kinds of FDDI packet we cannot handle intelligently */
if (!eflag)
fddi_print(fddip, length, ESRC(&ehdr), EDST(&ehdr));
if (!xflag && !qflag)
default_print(p, caplen);
}
if (xflag)
default_print(p, caplen);
out:
putchar('\n');
}
/*
* This is the top level routine of the printer. 'p' points
* to the ether header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
null_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int length = h->len;
u_int caplen = h->caplen;
u_int family;
if (caplen < NULL_HDRLEN) {
printf("[|null]");
return (NULL_HDRLEN);
}
memcpy((char *)&family, (char *)p, sizeof(family));
/*
* This isn't necessarily in our host byte order; if this is
* a DLT_LOOP capture, it's in network byte order, and if
* this is a DLT_NULL capture from a machine with the opposite
* byte-order, it's in the opposite byte order from ours.
*
* If the upper 16 bits aren't all zero, assume it's byte-swapped.
*/
if ((family & 0xFFFF0000) != 0)
family = SWAPLONG(family);
if (eflag)
null_hdr_print(family, length);
length -= NULL_HDRLEN;
caplen -= NULL_HDRLEN;
p += NULL_HDRLEN;
switch (family) {
case BSD_AFNUM_INET:
ip_print(gndo, p, length);
break;
#ifdef INET6
case BSD_AFNUM_INET6_BSD:
case BSD_AFNUM_INET6_FREEBSD:
case BSD_AFNUM_INET6_DARWIN:
ip6_print(gndo, p, length);
break;
#endif
case BSD_AFNUM_ISO:
isoclns_print(p, length, caplen);
break;
case BSD_AFNUM_APPLETALK:
atalk_print(p, length);
break;
case BSD_AFNUM_IPX:
ipx_print(p, length);
break;
default:
/* unknown AF_ value */
if (!eflag)
null_hdr_print(family, length + NULL_HDRLEN);
if (!suppress_default_print)
default_print(p, caplen);
}
return (NULL_HDRLEN);
}
/*
* This is the top level routine of the printer. 'p' points to the
* Linux "cooked capture" header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
sll_if_print(const struct pcap_pkthdr *h, const u_char *p)
{
u_int caplen = h->caplen;
u_int length = h->len;
register const struct sll_header *sllp;
u_short ether_type;
u_short extracted_ethertype;
if (caplen < SLL_HDR_LEN) {
/*
* XXX - this "can't happen" because "pcap-linux.c" always
* adds this many bytes of header to every packet in a
* cooked socket capture.
*/
printf("[|sll]");
return (caplen);
}
sllp = (const struct sll_header *)p;
if (eflag)
sll_print(sllp, length);
/*
* Go past the cooked-mode header.
*/
length -= SLL_HDR_LEN;
caplen -= SLL_HDR_LEN;
p += SLL_HDR_LEN;
ether_type = EXTRACT_16BITS(&sllp->sll_protocol);
recurse:
/*
* Is it (gag) an 802.3 encapsulation, or some non-Ethernet
* packet type?
*/
if (ether_type <= ETHERMTU) {
/*
* Yes - what type is it?
*/
switch (ether_type) {
case LINUX_SLL_P_802_3:
/*
* Ethernet_802.3 IPX frame.
*/
ipx_print(p, length);
break;
case LINUX_SLL_P_802_2:
/*
* 802.2.
* Try to print the LLC-layer header & higher layers.
*/
if (llc_print(p, length, caplen, NULL, NULL,
&extracted_ethertype) == 0)
goto unknown; /* unknown LLC type */
break;
default:
extracted_ethertype = 0;
/*FALLTHROUGH*/
unknown:
/* ether_type not known, print raw packet */
if (!eflag)
sll_print(sllp, length + SLL_HDR_LEN);
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!suppress_default_print)
default_print(p, caplen);
break;
}
} else if (ether_type == ETHERTYPE_8021Q) {
/*
* Print VLAN information, and then go back and process
* the enclosed type field.
*/
if (caplen < 4 || length < 4) {
printf("[|vlan]");
return (SLL_HDR_LEN);
}
if (eflag) {
u_int16_t tag = EXTRACT_16BITS(p);
printf("vlan %u, p %u%s, ",
tag & 0xfff,
tag >> 13,
(tag & 0x1000) ? ", CFI" : "");
}
ether_type = EXTRACT_16BITS(p + 2);
if (ether_type <= ETHERMTU)
ether_type = LINUX_SLL_P_802_2;
if (!qflag) {
(void)printf("ethertype %s, ",
tok2str(ethertype_values, "Unknown", ether_type));
}
p += 4;
length -= 4;
caplen -= 4;
goto recurse;
} else {
if (ethertype_print(gndo, ether_type, p, length, caplen) == 0) {
void sctp_print(const u_char *bp, /* beginning of sctp packet */
const u_char *bp2, /* beginning of enclosing */
u_int sctpPacketLength) /* ip packet */
{
const struct sctpHeader *sctpPktHdr;
const struct ip *ip;
#ifdef INET6
const struct ip6_hdr *ip6;
#endif
const void *endPacketPtr;
u_short sourcePort, destPort;
int chunkCount;
const struct sctpChunkDesc *chunkDescPtr;
const void *nextChunk;
const char *sep;
int isforces = 0;
sctpPktHdr = (const struct sctpHeader*) bp;
endPacketPtr = (const u_char*)sctpPktHdr+sctpPacketLength;
if( (u_long) endPacketPtr > (u_long) snapend)
endPacketPtr = (const void *) snapend;
ip = (struct ip *)bp2;
#ifdef INET6
if (IP_V(ip) == 6)
ip6 = (const struct ip6_hdr *)bp2;
else
ip6 = NULL;
#endif /*INET6*/
TCHECK(*sctpPktHdr);
if (sctpPacketLength < sizeof(struct sctpHeader))
{
(void)printf("truncated-sctp - %ld bytes missing!",
(long)sctpPacketLength-sizeof(struct sctpHeader));
return;
}
/* sctpPacketLength -= sizeof(struct sctpHeader); packet length */
/* is now only as long as the payload */
sourcePort = EXTRACT_16BITS(&sctpPktHdr->source);
destPort = EXTRACT_16BITS(&sctpPktHdr->destination);
#ifdef INET6
if (ip6) {
(void)printf("%s.%d > %s.%d: sctp",
ip6addr_string(&ip6->ip6_src),
sourcePort,
ip6addr_string(&ip6->ip6_dst),
destPort);
} else
#endif /*INET6*/
{
(void)printf("%s.%d > %s.%d: sctp",
ipaddr_string(&ip->ip_src),
sourcePort,
ipaddr_string(&ip->ip_dst),
destPort);
}
fflush(stdout);
if (isForCES_port(sourcePort)) {
printf("[%s]", tok2str(ForCES_channels, NULL, sourcePort));
isforces = 1;
}
if (isForCES_port(destPort)) {
printf("[%s]", tok2str(ForCES_channels, NULL, destPort));
isforces = 1;
}
if (vflag >= 2)
sep = "\n\t";
else
sep = " (";
/* cycle through all chunks, printing information on each one */
for (chunkCount = 0,
chunkDescPtr = (const struct sctpChunkDesc *)
((const u_char*) sctpPktHdr + sizeof(struct sctpHeader));
chunkDescPtr != NULL &&
( (const void *)
((const u_char *) chunkDescPtr + sizeof(struct sctpChunkDesc))
<= endPacketPtr);
chunkDescPtr = (const struct sctpChunkDesc *) nextChunk, chunkCount++)
{
u_int16_t chunkLength;
const u_char *chunkEnd;
u_int16_t align;
TCHECK(*chunkDescPtr);
chunkLength = EXTRACT_16BITS(&chunkDescPtr->chunkLength);
if (chunkLength < sizeof(*chunkDescPtr)) {
printf("%s%d) [Bad chunk length %u]", sep, chunkCount+1, chunkLength);
break;
}
TCHECK2(*((u_int8_t *)chunkDescPtr), chunkLength);
chunkEnd = ((const u_char*)chunkDescPtr + chunkLength);
align=chunkLength % 4;
if (align != 0)
align = 4 - align;
nextChunk = (const void *) (chunkEnd + align);
printf("%s%d) ", sep, chunkCount+1);
switch (chunkDescPtr->chunkID)
{
case SCTP_DATA :
{
const struct sctpDataPart *dataHdrPtr;
printf("[DATA] ");
if ((chunkDescPtr->chunkFlg & SCTP_DATA_UNORDERED)
== SCTP_DATA_UNORDERED)
printf("(U)");
if ((chunkDescPtr->chunkFlg & SCTP_DATA_FIRST_FRAG)
== SCTP_DATA_FIRST_FRAG)
printf("(B)");
if ((chunkDescPtr->chunkFlg & SCTP_DATA_LAST_FRAG)
== SCTP_DATA_LAST_FRAG)
printf("(E)");
if( ((chunkDescPtr->chunkFlg & SCTP_DATA_UNORDERED)
== SCTP_DATA_UNORDERED)
||
((chunkDescPtr->chunkFlg & SCTP_DATA_FIRST_FRAG)
== SCTP_DATA_FIRST_FRAG)
||
((chunkDescPtr->chunkFlg & SCTP_DATA_LAST_FRAG)
== SCTP_DATA_LAST_FRAG) )
printf(" ");
dataHdrPtr=(const struct sctpDataPart*)(chunkDescPtr+1);
u_int32_t ppid = EXTRACT_32BITS(&dataHdrPtr->payloadtype);
printf("[TSN: %u] ", EXTRACT_32BITS(&dataHdrPtr->TSN));
printf("[SID: %u] ", EXTRACT_16BITS(&dataHdrPtr->streamId));
printf("[SSEQ %u] ", EXTRACT_16BITS(&dataHdrPtr->sequence));
printf("[PPID %s] ",
tok2str(PayloadProto_idents, "0x%x", ppid));
fflush(stdout);
if (!isforces) {
isforces = (ppid == SCTP_PPID_FORCES_HP) ||
(ppid == SCTP_PPID_FORCES_MP) ||
(ppid == SCTP_PPID_FORCES_LP);
}
const u_char *payloadPtr = (const u_char *) (dataHdrPtr + 1);
if (EXTRACT_16BITS(&chunkDescPtr->chunkLength) <
sizeof(struct sctpDataPart) + sizeof(struct sctpChunkDesc) + 1) {
printf("bogus chunk length %u]", EXTRACT_16BITS(&chunkDescPtr->chunkLength));
return;
}
u_int payload_size = EXTRACT_16BITS(&chunkDescPtr->chunkLength) -
(sizeof(struct sctpDataPart) + sizeof(struct sctpChunkDesc));
if (isforces) {
forces_print(payloadPtr, payload_size);
} else if (vflag >= 2) { /* if verbose output is specified */
/* at the command line */
switch (ppid) {
case SCTP_PPID_M3UA :
print_m3ua(payloadPtr, payload_size);
break;
default:
printf("[Payload");
if (!suppress_default_print) {
printf(":");
default_print(payloadPtr, payload_size);
}
printf("]");
break;
}
}
break;
}
case SCTP_INITIATION :
{
const struct sctpInitiation *init;
printf("[INIT] ");
init=(const struct sctpInitiation*)(chunkDescPtr+1);
printf("[init tag: %u] ", EXTRACT_32BITS(&init->initTag));
printf("[rwnd: %u] ", EXTRACT_32BITS(&init->rcvWindowCredit));
printf("[OS: %u] ", EXTRACT_16BITS(&init->NumPreopenStreams));
printf("[MIS: %u] ", EXTRACT_16BITS(&init->MaxInboundStreams));
printf("[init TSN: %u] ", EXTRACT_32BITS(&init->initialTSN));
#if(0) /* ALC you can add code for optional params here */
if( (init+1) < chunkEnd )
printf(" @@@@@ UNFINISHED @@@@@@%s\n",
"Optional params present, but not printed.");
#endif
break;
}
case SCTP_INITIATION_ACK :
{
const struct sctpInitiation *init;
printf("[INIT ACK] ");
init=(const struct sctpInitiation*)(chunkDescPtr+1);
printf("[init tag: %u] ", EXTRACT_32BITS(&init->initTag));
printf("[rwnd: %u] ", EXTRACT_32BITS(&init->rcvWindowCredit));
printf("[OS: %u] ", EXTRACT_16BITS(&init->NumPreopenStreams));
printf("[MIS: %u] ", EXTRACT_16BITS(&init->MaxInboundStreams));
printf("[init TSN: %u] ", EXTRACT_32BITS(&init->initialTSN));
#if(0) /* ALC you can add code for optional params here */
if( (init+1) < chunkEnd )
printf(" @@@@@ UNFINISHED @@@@@@%s\n",
"Optional params present, but not printed.");
#endif
break;
}
case SCTP_SELECTIVE_ACK:
{
const struct sctpSelectiveAck *sack;
const struct sctpSelectiveFrag *frag;
int fragNo, tsnNo;
const u_char *dupTSN;
printf("[SACK] ");
sack=(const struct sctpSelectiveAck*)(chunkDescPtr+1);
printf("[cum ack %u] ", EXTRACT_32BITS(&sack->highestConseqTSN));
printf("[a_rwnd %u] ", EXTRACT_32BITS(&sack->updatedRwnd));
printf("[#gap acks %u] ", EXTRACT_16BITS(&sack->numberOfdesc));
printf("[#dup tsns %u] ", EXTRACT_16BITS(&sack->numDupTsns));
/* print gaps */
for (frag = ( (const struct sctpSelectiveFrag *)
((const struct sctpSelectiveAck *) sack+1)),
fragNo=0;
(const void *)frag < nextChunk && fragNo < EXTRACT_16BITS(&sack->numberOfdesc);
frag++, fragNo++)
printf("\n\t\t[gap ack block #%d: start = %u, end = %u] ",
fragNo+1,
EXTRACT_32BITS(&sack->highestConseqTSN) + EXTRACT_16BITS(&frag->fragmentStart),
EXTRACT_32BITS(&sack->highestConseqTSN) + EXTRACT_16BITS(&frag->fragmentEnd));
/* print duplicate TSNs */
for (dupTSN = (const u_char *)frag, tsnNo=0;
(const void *) dupTSN < nextChunk && tsnNo<EXTRACT_16BITS(&sack->numDupTsns);
dupTSN += 4, tsnNo++)
printf("\n\t\t[dup TSN #%u: %u] ", tsnNo+1,
EXTRACT_32BITS(dupTSN));
break;
}
case SCTP_HEARTBEAT_REQUEST :
printf("[HB REQ] ");
break;
case SCTP_HEARTBEAT_ACK :
printf("[HB ACK] ");
break;
case SCTP_ABORT_ASSOCIATION :
printf("[ABORT] ");
break;
case SCTP_SHUTDOWN :
printf("[SHUTDOWN] ");
break;
case SCTP_SHUTDOWN_ACK :
printf("[SHUTDOWN ACK] ");
break;
case SCTP_OPERATION_ERR :
printf("[OP ERR] ");
break;
case SCTP_COOKIE_ECHO :
printf("[COOKIE ECHO] ");
break;
case SCTP_COOKIE_ACK :
printf("[COOKIE ACK] ");
break;
case SCTP_ECN_ECHO :
printf("[ECN ECHO] ");
break;
case SCTP_ECN_CWR :
printf("[ECN CWR] ");
break;
case SCTP_SHUTDOWN_COMPLETE :
printf("[SHUTDOWN COMPLETE] ");
break;
case SCTP_FORWARD_CUM_TSN :
printf("[FOR CUM TSN] ");
break;
case SCTP_RELIABLE_CNTL :
printf("[REL CTRL] ");
break;
case SCTP_RELIABLE_CNTL_ACK :
printf("[REL CTRL ACK] ");
break;
default :
printf("[Unknown chunk type: 0x%x]", chunkDescPtr->chunkID);
return;
}
if (vflag < 2)
sep = ", (";
}
return;
trunc:
printf("[|sctp]");
return;
}
