/* skip over a domain name */
static const u_char *
ns_nskip(netdissect_options *ndo,
register const u_char *cp)
{
register u_char i;
if (!ND_TTEST2(*cp, 1))
return (NULL);
i = *cp++;
while (i) {
if ((i & INDIR_MASK) == INDIR_MASK)
return (cp + 1);
if ((i & INDIR_MASK) == EDNS0_MASK) {
int bitlen, bytelen;
if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL)
return(NULL); /* unknown ELT */
if (!ND_TTEST2(*cp, 1))
return (NULL);
if ((bitlen = *cp++) == 0)
bitlen = 256;
bytelen = (bitlen + 7) / 8;
cp += bytelen;
} else
cp += i;
if (!ND_TTEST2(*cp, 1))
return (NULL);
i = *cp++;
}
return (cp);
}
/* print a <domain-name> */
static const u_char *
blabel_print(netdissect_options *ndo,
const u_char *cp)
{
int bitlen, slen, b;
const u_char *bitp, *lim;
char tc;
if (!ND_TTEST2(*cp, 1))
return(NULL);
if ((bitlen = *cp) == 0)
bitlen = 256;
slen = (bitlen + 3) / 4;
lim = cp + 1 + slen;
/* print the bit string as a hex string */
ND_PRINT((ndo, "\\[x"));
for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++) {
ND_TCHECK(*bitp);
ND_PRINT((ndo, "%02x", *bitp));
}
if (b > 4) {
ND_TCHECK(*bitp);
tc = *bitp++;
ND_PRINT((ndo, "%02x", tc & (0xff << (8 - b))));
} else if (b > 0) {
ND_TCHECK(*bitp);
tc = *bitp++;
ND_PRINT((ndo, "%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b))));
}
void
lwapp_data_print(netdissect_options *ndo,
const u_char *pptr, u_int len) {
const struct lwapp_transport_header *lwapp_trans_header;
const u_char *tptr;
int tlen;
tptr=pptr;
/* check if enough bytes for AP identity */
if (!ND_TTEST2(*tptr, 6))
goto trunc;
lwapp_trans_header = (const struct lwapp_transport_header *)pptr;
ND_TCHECK(*lwapp_trans_header);
/*
* Sanity checking of the header.
*/
if (LWAPP_EXTRACT_VERSION(lwapp_trans_header->version) != LWAPP_VERSION) {
ND_PRINT((ndo, "LWAPP version %u packet not supported",
LWAPP_EXTRACT_VERSION(lwapp_trans_header->version)));
return;
}
/* non-verbose */
if (ndo->ndo_vflag < 1) {
ND_PRINT((ndo, "LWAPPv%u, %s frame, Flags [%s], length %u",
LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
len));
return;
}
/* ok they seem to want to know everything - lets fully decode it */
tlen=EXTRACT_16BITS(lwapp_trans_header->length);
ND_PRINT((ndo, "LWAPPv%u, %s frame, Radio-id %u, Flags [%s], Frag-id %u, length %u",
LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
LWAPP_EXTRACT_RID(lwapp_trans_header->version),
bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
lwapp_trans_header->frag_id,
tlen));
tptr+=sizeof(const struct lwapp_transport_header);
tlen-=sizeof(const struct lwapp_transport_header);
/* FIX - An IEEE 802.11 frame follows - hexdump for now */
print_unknown_data(ndo, tptr, "\n\t", tlen);
return;
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
}
static int
print_long_pos_vector(netdissect_options *ndo,
const u_char *bp)
{
uint32_t lat, lon;
ND_PRINT((ndo, "GN_ADDR:%s ", linkaddr_string (ndo, bp, 0, GEONET_ADDR_LEN)));
if (!ND_TTEST2(*(bp+12), 8))
return (-1);
lat = EXTRACT_32BITS(bp+12);
ND_PRINT((ndo, "lat:%d ", lat));
lon = EXTRACT_32BITS(bp+16);
ND_PRINT((ndo, "lon:%d", lon));
return (0);
}
static int
wb_id(netdissect_options *ndo,
const struct pkt_id *id, u_int len)
{
int i;
const char *cp;
const struct id_off *io;
char c;
int nid;
ND_PRINT((ndo, " wb-id:"));
if (len < sizeof(*id) || !ND_TTEST(*id))
return (-1);
len -= sizeof(*id);
ND_PRINT((ndo, " %u/%s:%u (max %u/%s:%u) ",
EXTRACT_32BITS(&id->pi_ps.slot),
ipaddr_string(ndo, &id->pi_ps.page.p_sid),
EXTRACT_32BITS(&id->pi_ps.page.p_uid),
EXTRACT_32BITS(&id->pi_mslot),
ipaddr_string(ndo, &id->pi_mpage.p_sid),
EXTRACT_32BITS(&id->pi_mpage.p_uid)));
nid = EXTRACT_16BITS(&id->pi_ps.nid);
len -= sizeof(*io) * nid;
io = (const struct id_off *)(id + 1);
cp = (const char *)(io + nid);
if (ND_TTEST2(cp, len)) {
ND_PRINT((ndo, "\""));
fn_print(ndo, (const u_char *)cp, (const u_char *)cp + len);
ND_PRINT((ndo, "\""));
}
c = '<';
for (i = 0; i < nid && ND_TTEST(*io); ++io, ++i) {
ND_PRINT((ndo, "%c%s:%u",
c, ipaddr_string(ndo, &io->id), EXTRACT_32BITS(&io->off)));
c = ',';
}
if (i >= nid) {
ND_PRINT((ndo, ">"));
return (0);
}
return (-1);
}
/*
* Print out an NFS file handle and return a pointer to following word.
* If packet was truncated, return 0.
*/
static const uint32_t *
parsefh(netdissect_options *ndo,
register const uint32_t *dp, int v3)
{
u_int len;
if (v3) {
ND_TCHECK(dp[0]);
len = EXTRACT_32BITS(dp) / 4;
dp++;
} else
len = NFSX_V2FH / 4;
if (ND_TTEST2(*dp, len * sizeof(*dp))) {
nfs_printfh(ndo, dp, len);
return (dp + len);
}
trunc:
return (NULL);
}
void
carp_print(netdissect_options *ndo, register const u_char *bp, register u_int len, int ttl)
{
int version, type;
const char *type_s;
ND_TCHECK(bp[0]);
version = (bp[0] & 0xf0) >> 4;
type = bp[0] & 0x0f;
if (type == 1)
type_s = "advertise";
else
type_s = "unknown";
ND_PRINT((ndo, "CARPv%d-%s %d: ", version, type_s, len));
if (ttl != 255)
ND_PRINT((ndo, "[ttl=%d!] ", ttl));
if (version != 2 || type != 1)
return;
ND_TCHECK(bp[2]);
ND_TCHECK(bp[5]);
ND_PRINT((ndo, "vhid=%d advbase=%d advskew=%d authlen=%d ",
bp[1], bp[5], bp[2], bp[3]));
if (ndo->ndo_vflag) {
struct cksum_vec vec[1];
vec[0].ptr = (const uint8_t *)bp;
vec[0].len = len;
if (ND_TTEST2(bp[0], len) && in_cksum(vec, 1))
ND_PRINT((ndo, " (bad carp cksum %x!)",
EXTRACT_16BITS(&bp[6])));
}
ND_PRINT((ndo, "counter=%" PRIu64, EXTRACT_64BITS(&bp[8])));
return;
trunc:
ND_PRINT((ndo, "[|carp]"));
}
void
arp_print(netdissect_options *ndo,
const u_char *bp, u_int length, u_int caplen)
{
const struct arp_pkthdr *ap;
u_short pro, hrd, op, linkaddr;
ap = (const struct arp_pkthdr *)bp;
ND_TCHECK(*ap);
hrd = HRD(ap);
pro = PRO(ap);
op = OP(ap);
/* if its ATM then call the ATM ARP printer
for Frame-relay ARP most of the fields
are similar to Ethernet so overload the Ethernet Printer
and set the linkaddr type for linkaddr_string() accordingly */
switch(hrd) {
case ARPHRD_ATM2225:
atmarp_print(ndo, bp, length, caplen);
return;
case ARPHRD_FRELAY:
linkaddr = LINKADDR_FRELAY;
break;
default:
linkaddr = LINKADDR_ETHER;
break;
}
if (!ND_TTEST2(*ar_tpa(ap), PROTO_LEN(ap))) {
ND_PRINT((ndo, "[|ARP]"));
ND_DEFAULTPRINT((const u_char *)ap, length);
return;
}
if (!ndo->ndo_eflag) {
ND_PRINT((ndo, "ARP, "));
}
/* print hardware type/len and proto type/len */
if ((pro != ETHERTYPE_IP && pro != ETHERTYPE_TRAIL) ||
PROTO_LEN(ap) != 4 ||
HRD_LEN(ap) == 0 ||
ndo->ndo_vflag) {
ND_PRINT((ndo, "%s (len %u), %s (len %u)",
tok2str(arphrd_values, "Unknown Hardware (%u)", hrd),
HRD_LEN(ap),
tok2str(ethertype_values, "Unknown Protocol (0x%04x)", pro),
PROTO_LEN(ap)));
/* don't know know about the address formats */
if (!ndo->ndo_vflag) {
goto out;
}
}
/* print operation */
printf("%s%s ",
ndo->ndo_vflag ? ", " : "",
tok2str(arpop_values, "Unknown (%u)", op));
switch (op) {
case ARPOP_REQUEST:
ND_PRINT((ndo, "who-has %s", ipaddr_string(TPA(ap))));
if (memcmp((const char *)ezero, (const char *)THA(ap), HRD_LEN(ap)) != 0)
ND_PRINT((ndo, " (%s)",
linkaddr_string(THA(ap), linkaddr, HRD_LEN(ap))));
ND_PRINT((ndo, " tell %s", ipaddr_string(SPA(ap))));
break;
case ARPOP_REPLY:
ND_PRINT((ndo, "%s is-at %s",
ipaddr_string(SPA(ap)),
linkaddr_string(SHA(ap), linkaddr, HRD_LEN(ap))));
break;
case ARPOP_REVREQUEST:
ND_PRINT((ndo, "who-is %s tell %s",
linkaddr_string(THA(ap), linkaddr, HRD_LEN(ap)),
linkaddr_string(SHA(ap), linkaddr, HRD_LEN(ap))));
break;
case ARPOP_REVREPLY:
ND_PRINT((ndo, "%s at %s",
linkaddr_string(THA(ap), linkaddr, HRD_LEN(ap)),
ipaddr_string(TPA(ap))));
break;
case ARPOP_INVREQUEST:
ND_PRINT((ndo, "who-is %s tell %s",
linkaddr_string(THA(ap), linkaddr, HRD_LEN(ap)),
linkaddr_string(SHA(ap), linkaddr, HRD_LEN(ap))));
break;
case ARPOP_INVREPLY:
ND_PRINT((ndo,"%s at %s",
linkaddr_string(THA(ap), linkaddr, HRD_LEN(ap)),
ipaddr_string(TPA(ap))));
break;
default:
ND_DEFAULTPRINT((const u_char *)ap, caplen);
return;
}
out:
ND_PRINT((ndo, ", length %u", length));
return;
trunc:
ND_PRINT((ndo, "[|ARP]"));
}
static void
atmarp_print(netdissect_options *ndo,
const u_char *bp, u_int length, u_int caplen)
{
const struct atmarp_pkthdr *ap;
u_short pro, hrd, op;
ap = (const struct atmarp_pkthdr *)bp;
ND_TCHECK(*ap);
hrd = ATMHRD(ap);
pro = ATMPRO(ap);
op = ATMOP(ap);
if (!ND_TTEST2(*aar_tpa(ap), ATMTPROTO_LEN(ap))) {
ND_PRINT((ndo, "[|ARP]"));
ND_DEFAULTPRINT((const u_char *)ap, length);
return;
}
if (!ndo->ndo_eflag) {
ND_PRINT((ndo, "ARP, "));
}
if ((pro != ETHERTYPE_IP && pro != ETHERTYPE_TRAIL) ||
ATMSPROTO_LEN(ap) != 4 ||
ATMTPROTO_LEN(ap) != 4 ||
ndo->ndo_vflag) {
ND_PRINT((ndo, "%s, %s (len %u/%u)",
tok2str(arphrd_values, "Unknown Hardware (%u)", hrd),
tok2str(ethertype_values, "Unknown Protocol (0x%04x)", pro),
ATMSPROTO_LEN(ap),
ATMTPROTO_LEN(ap)));
/* don't know know about the address formats */
if (!ndo->ndo_vflag) {
goto out;
}
}
/* print operation */
printf("%s%s ",
ndo->ndo_vflag ? ", " : "",
tok2str(arpop_values, "Unknown (%u)", op));
switch (op) {
case ARPOP_REQUEST:
ND_PRINT((ndo, "who-has %s", ipaddr_string(ATMTPA(ap))));
if (ATMTHRD_LEN(ap) != 0) {
ND_PRINT((ndo, " ("));
atmarp_addr_print(ndo, ATMTHA(ap), ATMTHRD_LEN(ap),
ATMTSA(ap), ATMTSLN(ap));
ND_PRINT((ndo, ")"));
}
ND_PRINT((ndo, "tell %s", ipaddr_string(ATMSPA(ap))));
break;
case ARPOP_REPLY:
ND_PRINT((ndo, "%s is-at ", ipaddr_string(ATMSPA(ap))));
atmarp_addr_print(ndo, ATMSHA(ap), ATMSHRD_LEN(ap), ATMSSA(ap),
ATMSSLN(ap));
break;
case ARPOP_INVREQUEST:
ND_PRINT((ndo, "who-is "));
atmarp_addr_print(ndo, ATMTHA(ap), ATMTHRD_LEN(ap), ATMTSA(ap),
ATMTSLN(ap));
ND_PRINT((ndo, " tell "));
atmarp_addr_print(ndo, ATMSHA(ap), ATMSHRD_LEN(ap), ATMSSA(ap),
ATMSSLN(ap));
break;
case ARPOP_INVREPLY:
atmarp_addr_print(ndo, ATMSHA(ap), ATMSHRD_LEN(ap), ATMSSA(ap),
ATMSSLN(ap));
ND_PRINT((ndo, "at %s", ipaddr_string(ATMSPA(ap))));
break;
case ARPOP_NAK:
ND_PRINT((ndo, "for %s", ipaddr_string(ATMSPA(ap))));
break;
default:
ND_DEFAULTPRINT((const u_char *)ap, caplen);
return;
}
out:
ND_PRINT((ndo, ", length %u", length));
return;
trunc:
ND_PRINT((ndo, "[|ARP]"));
}
USES_APPLE_RST
/*
* Verify a cryptographic signature of the packet.
* Currently only MD5 is supported.
*/
int
signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
const u_char *sig_ptr, void (*clear_rtn)(void *),
const void *clear_arg)
{
uint8_t *packet_copy, *sig_copy;
uint8_t sig[16];
unsigned int i;
if (!ndo->ndo_sigsecret) {
return (CANT_CHECK_SIGNATURE);
}
/*
* Do we have all the packet data to be checked?
*/
if (!ND_TTEST2(pptr, plen)) {
/* No. */
return (CANT_CHECK_SIGNATURE);
}
/*
* Do we have the entire signature to check?
*/
if (!ND_TTEST2(sig_ptr, sizeof(sig))) {
/* No. */
return (CANT_CHECK_SIGNATURE);
}
if (sig_ptr + sizeof(sig) > pptr + plen) {
/* No. */
return (CANT_CHECK_SIGNATURE);
}
/*
* Make a copy of the packet, so we don't overwrite the original.
*/
packet_copy = malloc(plen);
if (packet_copy == NULL) {
return (CANT_ALLOCATE_COPY);
}
memcpy(packet_copy, pptr, plen);
/*
* Clear the signature in the copy.
*/
sig_copy = packet_copy + (sig_ptr - pptr);
memset(sig_copy, 0, sizeof(sig));
/*
* Clear anything else that needs to be cleared in the copy.
* Our caller is assumed to have vetted the clear_arg pointer.
*/
(*clear_rtn)((void *)(packet_copy + ((const uint8_t *)clear_arg - pptr)));
/*
* Compute the signature.
*/
signature_compute_hmac_md5(packet_copy, plen,
(unsigned char *)ndo->ndo_sigsecret,
strlen(ndo->ndo_sigsecret), sig);
/*
* Free the copy.
*/
free(packet_copy);
/*
* Does the computed signature match the signature in the packet?
*/
if (memcmp(sig_ptr, sig, sizeof(sig)) == 0) {
/* Yes. */
return (SIGNATURE_VALID);
} else {
/* No - print the computed signature. */
for (i = 0; i < sizeof(sig); ++i) {
ND_PRINT((ndo, "%02x", sig[i]));
}
return (SIGNATURE_INVALID);
}
}
/**
* dccp_print - show dccp packet
* @bp - beginning of dccp packet
* @data2 - beginning of enclosing
* @len - lenght of ip packet
*/
void dccp_print(netdissect_options *ndo, const u_char *bp, const u_char *data2,
u_int len)
{
const struct dccp_hdr *dh;
const struct ip *ip;
#ifdef INET6
const struct ip6_hdr *ip6;
#endif
const u_char *cp;
u_short sport, dport;
u_int hlen;
u_int fixed_hdrlen;
dh = (const struct dccp_hdr *)bp;
ip = (struct ip *)data2;
#ifdef INET6
if (IP_V(ip) == 6)
ip6 = (const struct ip6_hdr *)data2;
else
ip6 = NULL;
#endif /*INET6*/
/* make sure we have enough data to look at the X bit */
cp = (const u_char *)(dh + 1);
if (cp > ndo->ndo_snapend) {
ND_PRINT((ndo, "[Invalid packet|dccp]"));
return;
}
if (len < sizeof(struct dccp_hdr)) {
ND_PRINT((ndo, "truncated-dccp - %u bytes missing!",
len - (u_int)sizeof(struct dccp_hdr)));
return;
}
/* get the length of the generic header */
fixed_hdrlen = dccp_basic_hdr_len(dh);
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_TCHECK2(*dh, fixed_hdrlen);
sport = EXTRACT_16BITS(&dh->dccph_sport);
dport = EXTRACT_16BITS(&dh->dccph_dport);
hlen = dh->dccph_doff * 4;
#ifdef INET6
if (ip6) {
ND_PRINT((ndo, "%s.%d > %s.%d: ",
ip6addr_string(ndo, &ip6->ip6_src), sport,
ip6addr_string(ndo, &ip6->ip6_dst), dport));
} else
#endif /*INET6*/
{
ND_PRINT((ndo, "%s.%d > %s.%d: ",
ipaddr_string(ndo, &ip->ip_src), sport,
ipaddr_string(ndo, &ip->ip_dst), dport));
}
if (ndo->ndo_qflag) {
ND_PRINT((ndo, " %d", len - hlen));
if (hlen > len) {
ND_PRINT((ndo, "dccp [bad hdr length %u - too long, > %u]",
hlen, len));
}
return;
}
/* other variables in generic header */
if (ndo->ndo_vflag) {
ND_PRINT((ndo, "CCVal %d, CsCov %d, ", DCCPH_CCVAL(dh), DCCPH_CSCOV(dh)));
}
/* checksum calculation */
if (ndo->ndo_vflag && ND_TTEST2(bp[0], len)) {
u_int16_t sum = 0, dccp_sum;
dccp_sum = EXTRACT_16BITS(&dh->dccph_checksum);
ND_PRINT((ndo, "cksum 0x%04x ", dccp_sum));
if (IP_V(ip) == 4)
sum = dccp_cksum(ndo, ip, dh, len);
#ifdef INET6
else if (IP_V(ip) == 6)
sum = dccp6_cksum(ip6, dh, len);
#endif
if (sum != 0)
ND_PRINT((ndo, "(incorrect -> 0x%04x), ",in_cksum_shouldbe(dccp_sum, sum)));
else
ND_PRINT((ndo, "(correct), "));
}
switch (DCCPH_TYPE(dh)) {
case DCCP_PKT_REQUEST: {
struct dccp_hdr_request *dhr =
(struct dccp_hdr_request *)(bp + fixed_hdrlen);
fixed_hdrlen += 4;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp request - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_TCHECK(*dhr);
ND_PRINT((ndo, "request (service=%d) ",
EXTRACT_32BITS(&dhr->dccph_req_service)));
break;
}
case DCCP_PKT_RESPONSE: {
struct dccp_hdr_response *dhr =
(struct dccp_hdr_response *)(bp + fixed_hdrlen);
fixed_hdrlen += 12;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp response - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_TCHECK(*dhr);
ND_PRINT((ndo, "response (service=%d) ",
EXTRACT_32BITS(&dhr->dccph_resp_service)));
break;
}
case DCCP_PKT_DATA:
ND_PRINT((ndo, "data "));
break;
case DCCP_PKT_ACK: {
fixed_hdrlen += 8;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp ack - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_PRINT((ndo, "ack "));
break;
}
case DCCP_PKT_DATAACK: {
fixed_hdrlen += 8;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp dataack - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_PRINT((ndo, "dataack "));
break;
}
case DCCP_PKT_CLOSEREQ:
fixed_hdrlen += 8;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp closereq - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_PRINT((ndo, "closereq "));
break;
case DCCP_PKT_CLOSE:
fixed_hdrlen += 8;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp close - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_PRINT((ndo, "close "));
break;
case DCCP_PKT_RESET: {
struct dccp_hdr_reset *dhr =
(struct dccp_hdr_reset *)(bp + fixed_hdrlen);
fixed_hdrlen += 12;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp reset - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_TCHECK(*dhr);
ND_PRINT((ndo, "reset (code=%s) ",
dccp_reset_code(dhr->dccph_reset_code)));
break;
}
case DCCP_PKT_SYNC:
fixed_hdrlen += 8;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp sync - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_PRINT((ndo, "sync "));
break;
case DCCP_PKT_SYNCACK:
fixed_hdrlen += 8;
if (len < fixed_hdrlen) {
ND_PRINT((ndo, "truncated-dccp syncack - %u bytes missing!",
len - fixed_hdrlen));
return;
}
ND_PRINT((ndo, "syncack "));
break;
default:
ND_PRINT((ndo, "invalid "));
break;
}
if ((DCCPH_TYPE(dh) != DCCP_PKT_DATA) &&
(DCCPH_TYPE(dh) != DCCP_PKT_REQUEST))
dccp_print_ack_no(ndo, bp);
if (ndo->ndo_vflag < 2)
return;
ND_PRINT((ndo, "seq %" PRIu64, dccp_seqno(bp)));
/* process options */
if (hlen > fixed_hdrlen){
const u_char *cp;
u_int optlen;
cp = bp + fixed_hdrlen;
ND_PRINT((ndo, " <"));
hlen -= fixed_hdrlen;
while(1){
optlen = dccp_print_option(ndo, cp, hlen);
if (!optlen)
break;
if (hlen <= optlen)
break;
hlen -= optlen;
cp += optlen;
ND_PRINT((ndo, ", "));
}
ND_PRINT((ndo, ">"));
}
return;
trunc:
ND_PRINT((ndo, "%s", tstr));
return;
}
void
vrrp_print(netdissect_options *ndo,
register const u_char *bp, register u_int len,
register const u_char *bp2, int ttl)
{
int version, type, auth_type = VRRP_AUTH_NONE; /* keep compiler happy */
const char *type_s;
ND_TCHECK(bp[0]);
version = (bp[0] & 0xf0) >> 4;
type = bp[0] & 0x0f;
type_s = tok2str(type2str, "unknown type (%u)", type);
ND_PRINT((ndo, "VRRPv%u, %s", version, type_s));
if (ttl != 255)
ND_PRINT((ndo, ", (ttl %u)", ttl));
if (version < 2 || version > 3 || type != VRRP_TYPE_ADVERTISEMENT)
return;
ND_TCHECK(bp[2]);
ND_PRINT((ndo, ", vrid %u, prio %u", bp[1], bp[2]));
ND_TCHECK(bp[5]);
if (version == 2) {
auth_type = bp[4];
ND_PRINT((ndo, ", authtype %s", tok2str(auth2str, NULL, auth_type)));
ND_PRINT((ndo, ", intvl %us, length %u", bp[5], len));
} else { /* version == 3 */
uint16_t intvl = (bp[4] & 0x0f) << 8 | bp[5];
ND_PRINT((ndo, ", intvl %ucs, length %u", intvl, len));
}
if (ndo->ndo_vflag) {
int naddrs = bp[3];
int i;
char c;
if (version == 2 && ND_TTEST2(bp[0], len)) {
struct cksum_vec vec[1];
vec[0].ptr = bp;
vec[0].len = len;
if (in_cksum(vec, 1))
ND_PRINT((ndo, ", (bad vrrp cksum %x)",
EXTRACT_16BITS(&bp[6])));
}
if (version == 3 && ND_TTEST2(bp[0], len)) {
uint16_t cksum = nextproto4_cksum(ndo, (struct ip *)bp2, bp,
len, len, IPPROTO_VRRP);
if (cksum)
ND_PRINT((ndo, ", (bad vrrp cksum %x)",
EXTRACT_16BITS(&bp[6])));
}
ND_PRINT((ndo, ", addrs"));
if (naddrs > 1)
ND_PRINT((ndo, "(%d)", naddrs));
ND_PRINT((ndo, ":"));
c = ' ';
bp += 8;
for (i = 0; i < naddrs; i++) {
ND_TCHECK(bp[3]);
ND_PRINT((ndo, "%c%s", c, ipaddr_string(ndo, bp)));
c = ',';
bp += 4;
}
if (version == 2 && auth_type == VRRP_AUTH_SIMPLE) { /* simple text password */
ND_TCHECK(bp[7]);
ND_PRINT((ndo, " auth \""));
if (fn_printn(ndo, bp, 8, ndo->ndo_snapend)) {
ND_PRINT((ndo, "\""));
goto trunc;
}
ND_PRINT((ndo, "\""));
}
}
return;
trunc:
ND_PRINT((ndo, "[|vrrp]"));
}
void
vtp_print (netdissect_options *ndo,
const u_char *pptr, u_int length)
{
int type, len, tlv_len, tlv_value;
const u_char *tptr;
const struct vtp_vlan_ *vtp_vlan;
if (length < VTP_HEADER_LEN)
goto trunc;
tptr = pptr;
if (!ND_TTEST2(*tptr, VTP_HEADER_LEN))
goto trunc;
type = *(tptr+1);
ND_PRINT((ndo, "VTPv%u, Message %s (0x%02x), length %u",
*tptr,
tok2str(vtp_message_type_values,"Unknown message type", type),
*(tptr+1),
length));
/* In non-verbose mode, just print version and message type */
if (ndo->ndo_vflag < 1) {
return;
}
/* verbose mode print all fields */
ND_PRINT((ndo, "\n\tDomain name: %s, %s: %u",
(tptr+4),
tok2str(vtp_header_values,"Unknown",*(tptr+1)),
*(tptr+2)));
tptr += VTP_HEADER_LEN;
switch (type) {
case VTP_SUMMARY_ADV:
/*
* SUMMARY ADVERTISEMENT
*
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Version | Code | Followers | MmgtD Len |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Management Domain Name |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Configuration revision number |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Updater Identity IP address |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Update Timestamp (12 bytes) |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | MD5 digest (16 bytes) |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
ND_PRINT((ndo, "\n\t Config Rev %x, Updater %s",
EXTRACT_32BITS(tptr),
ipaddr_string(tptr+4)));
tptr += 8;
ND_PRINT((ndo, ", Timestamp 0x%08x 0x%08x 0x%08x",
EXTRACT_32BITS(tptr),
EXTRACT_32BITS(tptr + 4),
EXTRACT_32BITS(tptr + 8)));
tptr += VTP_UPDATE_TIMESTAMP_LEN;
ND_PRINT((ndo, ", MD5 digest: %08x%08x%08x%08x",
EXTRACT_32BITS(tptr),
EXTRACT_32BITS(tptr + 4),
EXTRACT_32BITS(tptr + 8),
EXTRACT_32BITS(tptr + 12)));
tptr += VTP_MD5_DIGEST_LEN;
break;
case VTP_SUBSET_ADV:
/*
* SUBSET ADVERTISEMENT
*
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Version | Code | Seq number | MmgtD Len |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Management Domain Name |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Configuration revision number |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | VLAN info field 1 |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | ................ |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | VLAN info field N |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
ND_PRINT((ndo, ", Config Rev %x", EXTRACT_32BITS(tptr)));
/*
* VLAN INFORMATION
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | V info len | Status | VLAN type | VLAN name len |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | ISL vlan id | MTU size |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | 802.10 index (SAID) |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | VLAN name |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
tptr += 4;
while (tptr < (pptr+length)) {
len = *tptr;
if (len == 0)
break;
if (!ND_TTEST2(*tptr, len))
goto trunc;
vtp_vlan = (struct vtp_vlan_*)tptr;
ND_PRINT((ndo, "\n\tVLAN info status %s, type %s, VLAN-id %u, MTU %u, SAID 0x%08x, Name %s",
tok2str(vtp_vlan_status,"Unknown",vtp_vlan->status),
tok2str(vtp_vlan_type_values,"Unknown",vtp_vlan->type),
EXTRACT_16BITS(&vtp_vlan->vlanid),
EXTRACT_16BITS(&vtp_vlan->mtu),
EXTRACT_32BITS(&vtp_vlan->index),
(tptr + VTP_VLAN_INFO_OFFSET)));
/*
* Vlan names are aligned to 32-bit boundaries.
*/
len -= VTP_VLAN_INFO_OFFSET + 4*((vtp_vlan->name_len + 3)/4);
tptr += VTP_VLAN_INFO_OFFSET + 4*((vtp_vlan->name_len + 3)/4);
/* TLV information follows */
while (len > 0) {
/*
* Cisco specs says 2 bytes for type + 2 bytes for length, take only 1
* See: http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/frames.htm
*/
type = *tptr;
tlv_len = *(tptr+1);
ND_PRINT((ndo, "\n\t\t%s (0x%04x) TLV",
tok2str(vtp_vlan_tlv_values, "Unknown", type),
type));
/*
* infinite loop check
*/
if (type == 0 || tlv_len == 0) {
return;
}
if (!ND_TTEST2(*tptr, tlv_len*2 +2))
goto trunc;
tlv_value = EXTRACT_16BITS(tptr+2);
switch (type) {
case VTP_VLAN_STE_HOP_COUNT:
ND_PRINT((ndo, ", %u", tlv_value));
break;
case VTP_VLAN_PRUNING:
ND_PRINT((ndo, ", %s (%u)",
tlv_value == 1 ? "Enabled" : "Disabled",
tlv_value));
break;
case VTP_VLAN_STP_TYPE:
ND_PRINT((ndo, ", %s (%u)",
tok2str(vtp_stp_type_values, "Unknown", tlv_value),
tlv_value));
break;
case VTP_VLAN_BRIDGE_TYPE:
ND_PRINT((ndo, ", %s (%u)",
tlv_value == 1 ? "SRB" : "SRT",
tlv_value));
break;
case VTP_VLAN_BACKUP_CRF_MODE:
ND_PRINT((ndo, ", %s (%u)",
tlv_value == 1 ? "Backup" : "Not backup",
tlv_value));
break;
/*
* FIXME those are the defined TLVs that lack a decoder
* you are welcome to contribute code ;-)
*/
case VTP_VLAN_SOURCE_ROUTING_RING_NUMBER:
case VTP_VLAN_SOURCE_ROUTING_BRIDGE_NUMBER:
case VTP_VLAN_PARENT_VLAN:
case VTP_VLAN_TRANS_BRIDGED_VLAN:
case VTP_VLAN_ARP_HOP_COUNT:
default:
print_unknown_data(ndo, tptr, "\n\t\t ", 2 + tlv_len*2);
break;
}
len -= 2 + tlv_len*2;
tptr += 2 + tlv_len*2;
}
}
break;
case VTP_ADV_REQUEST:
/*
* ADVERTISEMENT REQUEST
*
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Version | Code | Reserved | MmgtD Len |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Management Domain Name |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Start value |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
ND_PRINT((ndo, "\n\tStart value: %u", EXTRACT_32BITS(tptr)));
break;
case VTP_JOIN_MESSAGE:
/* FIXME - Could not find message format */
break;
default:
break;
}
return;
trunc:
ND_PRINT((ndo, "[|vtp]"));
}
void
vqp_print(netdissect_options *ndo, register const u_char *pptr, register u_int len)
{
const struct vqp_common_header_t *vqp_common_header;
const struct vqp_obj_tlv_t *vqp_obj_tlv;
const u_char *tptr;
u_int16_t vqp_obj_len;
u_int32_t vqp_obj_type;
int tlen;
u_int8_t nitems;
tptr=pptr;
tlen = len;
vqp_common_header = (const struct vqp_common_header_t *)pptr;
ND_TCHECK(*vqp_common_header);
/*
* Sanity checking of the header.
*/
if (VQP_EXTRACT_VERSION(vqp_common_header->version) != VQP_VERSION) {
ND_PRINT((ndo, "VQP version %u packet not supported",
VQP_EXTRACT_VERSION(vqp_common_header->version)));
return;
}
/* in non-verbose mode just lets print the basic Message Type */
if (ndo->ndo_vflag < 1) {
ND_PRINT((ndo, "VQPv%u %s Message, error-code %s (%u), length %u",
VQP_EXTRACT_VERSION(vqp_common_header->version),
tok2str(vqp_msg_type_values, "unknown (%u)",vqp_common_header->msg_type),
tok2str(vqp_error_code_values, "unknown (%u)",vqp_common_header->error_code),
vqp_common_header->error_code,
len));
return;
}
/* ok they seem to want to know everything - lets fully decode it */
nitems = vqp_common_header->nitems;
ND_PRINT((ndo, "\n\tVQPv%u, %s Message, error-code %s (%u), seq 0x%08x, items %u, length %u",
VQP_EXTRACT_VERSION(vqp_common_header->version),
tok2str(vqp_msg_type_values, "unknown (%u)",vqp_common_header->msg_type),
tok2str(vqp_error_code_values, "unknown (%u)",vqp_common_header->error_code),
vqp_common_header->error_code,
EXTRACT_32BITS(&vqp_common_header->sequence),
nitems,
len));
/* skip VQP Common header */
tptr+=sizeof(const struct vqp_common_header_t);
tlen-=sizeof(const struct vqp_common_header_t);
while (nitems > 0 && tlen > 0) {
vqp_obj_tlv = (const struct vqp_obj_tlv_t *)tptr;
vqp_obj_type = EXTRACT_32BITS(vqp_obj_tlv->obj_type);
vqp_obj_len = EXTRACT_16BITS(vqp_obj_tlv->obj_length);
tptr+=sizeof(struct vqp_obj_tlv_t);
tlen-=sizeof(struct vqp_obj_tlv_t);
ND_PRINT((ndo, "\n\t %s Object (0x%08x), length %u, value: ",
tok2str(vqp_obj_values, "Unknown", vqp_obj_type),
vqp_obj_type, vqp_obj_len));
/* basic sanity check */
if (vqp_obj_type == 0 || vqp_obj_len ==0) {
return;
}
/* did we capture enough for fully decoding the object ? */
if (!ND_TTEST2(*tptr, vqp_obj_len))
goto trunc;
switch(vqp_obj_type) {
case VQP_OBJ_IP_ADDRESS:
ND_PRINT((ndo, "%s (0x%08x)", ipaddr_string(tptr), EXTRACT_32BITS(tptr)));
break;
/* those objects have similar semantics - fall through */
case VQP_OBJ_PORT_NAME:
case VQP_OBJ_VLAN_NAME:
case VQP_OBJ_VTP_DOMAIN:
case VQP_OBJ_ETHERNET_PKT:
safeputs((const char *)tptr, vqp_obj_len);
break;
/* those objects have similar semantics - fall through */
case VQP_OBJ_MAC_ADDRESS:
case VQP_OBJ_MAC_NULL:
ND_PRINT((ndo, "%s", etheraddr_string(tptr)));
break;
default:
if (ndo->ndo_vflag <= 1)
print_unknown_data(ndo,tptr, "\n\t ", vqp_obj_len);
break;
}
tptr += vqp_obj_len;
tlen -= vqp_obj_len;
nitems--;
}
return;
trunc:
ND_PRINT((ndo, "\n\t[|VQP]"));
}
static void
rfc1048_print(netdissect_options *ndo,
register const u_char *bp)
{
register uint16_t tag;
register u_int len;
register const char *cp;
register char c;
int first, idx;
uint32_t ul;
uint16_t us;
uint8_t uc, subopt, suboptlen;
ND_PRINT((ndo, "\n\t Vendor-rfc1048 Extensions"));
/* Step over magic cookie */
ND_PRINT((ndo, "\n\t Magic Cookie 0x%08x", EXTRACT_32BITS(bp)));
bp += sizeof(int32_t);
/* Loop while we there is a tag left in the buffer */
while (ND_TTEST2(*bp, 1)) {
tag = *bp++;
if (tag == TAG_PAD && ndo->ndo_vflag < 3)
continue;
if (tag == TAG_END && ndo->ndo_vflag < 3)
return;
if (tag == TAG_EXTENDED_OPTION) {
ND_TCHECK2(*(bp + 1), 2);
tag = EXTRACT_16BITS(bp + 1);
/* XXX we don't know yet if the IANA will
* preclude overlap of 1-byte and 2-byte spaces.
* If not, we need to offset tag after this step.
*/
cp = tok2str(xtag2str, "?xT%u", tag);
} else
cp = tok2str(tag2str, "?T%u", tag);
c = *cp++;
if (tag == TAG_PAD || tag == TAG_END)
len = 0;
else {
/* Get the length; check for truncation */
ND_TCHECK2(*bp, 1);
len = *bp++;
}
ND_PRINT((ndo, "\n\t %s Option %u, length %u%s", cp, tag, len,
len > 0 ? ": " : ""));
if (tag == TAG_PAD && ndo->ndo_vflag > 2) {
u_int ntag = 1;
while (ND_TTEST2(*bp, 1) && *bp == TAG_PAD) {
bp++;
ntag++;
}
if (ntag > 1)
ND_PRINT((ndo, ", occurs %u", ntag));
}
if (!ND_TTEST2(*bp, len)) {
ND_PRINT((ndo, "[|rfc1048 %u]", len));
return;
}
if (tag == TAG_DHCP_MESSAGE && len == 1) {
uc = *bp++;
ND_PRINT((ndo, "%s", tok2str(dhcp_msg_values, "Unknown (%u)", uc)));
continue;
}
if (tag == TAG_PARM_REQUEST) {
idx = 0;
while (len-- > 0) {
uc = *bp++;
cp = tok2str(tag2str, "?Option %u", uc);
if (idx % 4 == 0)
ND_PRINT((ndo, "\n\t "));
else
ND_PRINT((ndo, ", "));
ND_PRINT((ndo, "%s", cp + 1));
idx++;
}
continue;
}
if (tag == TAG_EXTENDED_REQUEST) {
first = 1;
while (len > 1) {
len -= 2;
us = EXTRACT_16BITS(bp);
bp += 2;
cp = tok2str(xtag2str, "?xT%u", us);
if (!first)
ND_PRINT((ndo, "+"));
ND_PRINT((ndo, "%s", cp + 1));
first = 0;
}
continue;
}
/* Print data */
if (c == '?') {
/* Base default formats for unknown tags on data size */
if (len & 1)
c = 'b';
else if (len & 2)
c = 's';
else
c = 'l';
}
first = 1;
switch (c) {
case 'a':
/* ascii strings */
ND_PRINT((ndo, "\""));
if (fn_printn(ndo, bp, len, ndo->ndo_snapend)) {
ND_PRINT((ndo, "\""));
goto trunc;
}
ND_PRINT((ndo, "\""));
bp += len;
len = 0;
break;
case 'i':
case 'l':
case 'L':
/* ip addresses/32-bit words */
while (len >= sizeof(ul)) {
if (!first)
ND_PRINT((ndo, ","));
ul = EXTRACT_32BITS(bp);
if (c == 'i') {
ul = htonl(ul);
ND_PRINT((ndo, "%s", ipaddr_string(ndo, &ul)));
} else if (c == 'L')
ND_PRINT((ndo, "%d", ul));
else
ND_PRINT((ndo, "%u", ul));
bp += sizeof(ul);
len -= sizeof(ul);
first = 0;
}
break;
case 'p':
/* IP address pairs */
while (len >= 2*sizeof(ul)) {
if (!first)
ND_PRINT((ndo, ","));
memcpy((char *)&ul, (const char *)bp, sizeof(ul));
ND_PRINT((ndo, "(%s:", ipaddr_string(ndo, &ul)));
bp += sizeof(ul);
memcpy((char *)&ul, (const char *)bp, sizeof(ul));
ND_PRINT((ndo, "%s)", ipaddr_string(ndo, &ul)));
bp += sizeof(ul);
len -= 2*sizeof(ul);
first = 0;
}
break;
case 's':
/* shorts */
while (len >= sizeof(us)) {
if (!first)
ND_PRINT((ndo, ","));
us = EXTRACT_16BITS(bp);
ND_PRINT((ndo, "%u", us));
bp += sizeof(us);
len -= sizeof(us);
first = 0;
}
break;
case 'B':
/* boolean */
while (len > 0) {
if (!first)
ND_PRINT((ndo, ","));
switch (*bp) {
case 0:
ND_PRINT((ndo, "N"));
break;
case 1:
ND_PRINT((ndo, "Y"));
break;
default:
ND_PRINT((ndo, "%u?", *bp));
break;
}
++bp;
--len;
first = 0;
}
break;
case 'b':
case 'x':
default:
/* Bytes */
while (len > 0) {
if (!first)
ND_PRINT((ndo, c == 'x' ? ":" : "."));
if (c == 'x')
ND_PRINT((ndo, "%02x", *bp));
else
ND_PRINT((ndo, "%u", *bp));
++bp;
--len;
first = 0;
}
break;
case '$':
/* Guys we can't handle with one of the usual cases */
switch (tag) {
case TAG_NETBIOS_NODE:
/* this option should be at least 1 byte long */
if (len < 1) {
ND_PRINT((ndo, "ERROR: length < 1 bytes"));
break;
}
tag = *bp++;
--len;
ND_PRINT((ndo, "%s", tok2str(nbo2str, NULL, tag)));
break;
case TAG_OPT_OVERLOAD:
/* this option should be at least 1 byte long */
if (len < 1) {
ND_PRINT((ndo, "ERROR: length < 1 bytes"));
break;
}
tag = *bp++;
--len;
ND_PRINT((ndo, "%s", tok2str(oo2str, NULL, tag)));
break;
case TAG_CLIENT_FQDN:
/* this option should be at least 3 bytes long */
if (len < 3) {
ND_PRINT((ndo, "ERROR: length < 3 bytes"));
bp += len;
len = 0;
break;
}
if (*bp)
ND_PRINT((ndo, "[%s] ", client_fqdn_flags(*bp)));
bp++;
if (*bp || *(bp+1))
ND_PRINT((ndo, "%u/%u ", *bp, *(bp+1)));
bp += 2;
ND_PRINT((ndo, "\""));
if (fn_printn(ndo, bp, len - 3, ndo->ndo_snapend)) {
ND_PRINT((ndo, "\""));
goto trunc;
}
ND_PRINT((ndo, "\""));
bp += len - 3;
len = 0;
break;
case TAG_CLIENT_ID:
{
int type;
/* this option should be at least 1 byte long */
if (len < 1) {
ND_PRINT((ndo, "ERROR: length < 1 bytes"));
break;
}
type = *bp++;
len--;
if (type == 0) {
ND_PRINT((ndo, "\""));
if (fn_printn(ndo, bp, len, ndo->ndo_snapend)) {
ND_PRINT((ndo, "\""));
goto trunc;
}
ND_PRINT((ndo, "\""));
bp += len;
len = 0;
break;
} else {
ND_PRINT((ndo, "%s ", tok2str(arp2str, "hardware-type %u,", type)));
while (len > 0) {
if (!first)
ND_PRINT((ndo, ":"));
ND_PRINT((ndo, "%02x", *bp));
++bp;
--len;
first = 0;
}
}
break;
}
case TAG_AGENT_CIRCUIT:
while (len >= 2) {
subopt = *bp++;
suboptlen = *bp++;
len -= 2;
if (suboptlen > len) {
ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: length goes past end of option",
tok2str(agent_suboption_values, "Unknown", subopt),
subopt,
suboptlen));
bp += len;
len = 0;
break;
}
ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: ",
tok2str(agent_suboption_values, "Unknown", subopt),
subopt,
suboptlen));
switch (subopt) {
case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */
case AGENT_SUBOPTION_REMOTE_ID:
case AGENT_SUBOPTION_SUBSCRIBER_ID:
if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend))
goto trunc;
break;
default:
print_unknown_data(ndo, bp, "\n\t\t", suboptlen);
}
len -= suboptlen;
bp += suboptlen;
}
break;
case TAG_CLASSLESS_STATIC_RT:
case TAG_CLASSLESS_STA_RT_MS:
{
u_int mask_width, significant_octets, i;
/* this option should be at least 5 bytes long */
if (len < 5) {
ND_PRINT((ndo, "ERROR: length < 5 bytes"));
bp += len;
len = 0;
break;
}
while (len > 0) {
if (!first)
ND_PRINT((ndo, ","));
mask_width = *bp++;
len--;
/* mask_width <= 32 */
if (mask_width > 32) {
ND_PRINT((ndo, "[ERROR: Mask width (%d) > 32]", mask_width));
bp += len;
len = 0;
break;
}
significant_octets = (mask_width + 7) / 8;
/* significant octets + router(4) */
if (len < significant_octets + 4) {
ND_PRINT((ndo, "[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4));
bp += len;
len = 0;
break;
}
ND_PRINT((ndo, "("));
if (mask_width == 0)
ND_PRINT((ndo, "default"));
else {
for (i = 0; i < significant_octets ; i++) {
if (i > 0)
ND_PRINT((ndo, "."));
ND_PRINT((ndo, "%d", *bp++));
}
for (i = significant_octets ; i < 4 ; i++)
ND_PRINT((ndo, ".0"));
ND_PRINT((ndo, "/%d", mask_width));
}
memcpy((char *)&ul, (const char *)bp, sizeof(ul));
ND_PRINT((ndo, ":%s)", ipaddr_string(ndo, &ul)));
bp += sizeof(ul);
len -= (significant_octets + 4);
first = 0;
}
break;
}
case TAG_USER_CLASS:
{
u_int suboptnumber = 1;
first = 1;
if (len < 2) {
ND_PRINT((ndo, "ERROR: length < 2 bytes"));
bp += len;
len = 0;
break;
}
while (len > 0) {
suboptlen = *bp++;
len--;
ND_PRINT((ndo, "\n\t "));
ND_PRINT((ndo, "instance#%u: ", suboptnumber));
if (suboptlen == 0) {
ND_PRINT((ndo, "ERROR: suboption length must be non-zero"));
bp += len;
len = 0;
break;
}
if (len < suboptlen) {
ND_PRINT((ndo, "ERROR: invalid option"));
bp += len;
len = 0;
break;
}
ND_PRINT((ndo, "\""));
if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) {
ND_PRINT((ndo, "\""));
goto trunc;
}
ND_PRINT((ndo, "\""));
ND_PRINT((ndo, ", length %d", suboptlen));
suboptnumber++;
len -= suboptlen;
bp += suboptlen;
}
break;
}
default:
ND_PRINT((ndo, "[unknown special tag %u, size %u]",
tag, len));
bp += len;
len = 0;
break;
}
break;
}
/* Data left over? */
if (len) {
ND_PRINT((ndo, "\n\t trailing data length %u", len));
bp += len;
}
}
return;
trunc:
ND_PRINT((ndo, "|[rfc1048]"));
}
void
tcp_print(netdissect_options *ndo,
register const u_char *bp, register u_int length,
register const u_char *bp2, int fragmented)
{
register const struct tcphdr *tp;
register const struct ip *ip;
register u_char flags;
register u_int hlen;
register char ch;
uint16_t sport, dport, win, urp;
uint32_t seq, ack, thseq, thack;
u_int utoval;
uint16_t magic;
register int rev;
register const struct ip6_hdr *ip6;
tp = (const struct tcphdr *)bp;
ip = (const struct ip *)bp2;
if (IP_V(ip) == 6)
ip6 = (const struct ip6_hdr *)bp2;
else
ip6 = NULL;
ch = '\0';
if (!ND_TTEST(tp->th_dport)) {
ND_PRINT((ndo, "%s > %s: [|tcp]",
ipaddr_string(ndo, &ip->ip_src),
ipaddr_string(ndo, &ip->ip_dst)));
return;
}
sport = EXTRACT_16BITS(&tp->th_sport);
dport = EXTRACT_16BITS(&tp->th_dport);
hlen = TH_OFF(tp) * 4;
if (ip6) {
if (ip6->ip6_nxt == IPPROTO_TCP) {
ND_PRINT((ndo, "%s.%s > %s.%s: ",
ip6addr_string(ndo, &ip6->ip6_src),
tcpport_string(ndo, sport),
ip6addr_string(ndo, &ip6->ip6_dst),
tcpport_string(ndo, dport)));
} else {
ND_PRINT((ndo, "%s > %s: ",
tcpport_string(ndo, sport), tcpport_string(ndo, dport)));
}
} else {
if (ip->ip_p == IPPROTO_TCP) {
ND_PRINT((ndo, "%s.%s > %s.%s: ",
ipaddr_string(ndo, &ip->ip_src),
tcpport_string(ndo, sport),
ipaddr_string(ndo, &ip->ip_dst),
tcpport_string(ndo, dport)));
} else {
ND_PRINT((ndo, "%s > %s: ",
tcpport_string(ndo, sport), tcpport_string(ndo, dport)));
}
}
if (hlen < sizeof(*tp)) {
ND_PRINT((ndo, " tcp %d [bad hdr length %u - too short, < %lu]",
length - hlen, hlen, (unsigned long)sizeof(*tp)));
return;
}
ND_TCHECK(*tp);
seq = EXTRACT_32BITS(&tp->th_seq);
ack = EXTRACT_32BITS(&tp->th_ack);
win = EXTRACT_16BITS(&tp->th_win);
urp = EXTRACT_16BITS(&tp->th_urp);
if (ndo->ndo_qflag) {
ND_PRINT((ndo, "tcp %d", length - hlen));
if (hlen > length) {
ND_PRINT((ndo, " [bad hdr length %u - too long, > %u]",
hlen, length));
}
return;
}
flags = tp->th_flags;
ND_PRINT((ndo, "Flags [%s]", bittok2str_nosep(tcp_flag_values, "none", flags)));
if (!ndo->ndo_Sflag && (flags & TH_ACK)) {
/*
* Find (or record) the initial sequence numbers for
* this conversation. (we pick an arbitrary
* collating order so there's only one entry for
* both directions).
*/
rev = 0;
if (ip6) {
register struct tcp_seq_hash6 *th;
struct tcp_seq_hash6 *tcp_seq_hash;
const struct in6_addr *src, *dst;
struct tha6 tha;
tcp_seq_hash = tcp_seq_hash6;
src = &ip6->ip6_src;
dst = &ip6->ip6_dst;
if (sport > dport)
rev = 1;
else if (sport == dport) {
if (UNALIGNED_MEMCMP(src, dst, sizeof ip6->ip6_dst) > 0)
rev = 1;
}
if (rev) {
UNALIGNED_MEMCPY(&tha.src, dst, sizeof ip6->ip6_dst);
UNALIGNED_MEMCPY(&tha.dst, src, sizeof ip6->ip6_src);
tha.port = dport << 16 | sport;
} else {
UNALIGNED_MEMCPY(&tha.dst, dst, sizeof ip6->ip6_dst);
UNALIGNED_MEMCPY(&tha.src, src, sizeof ip6->ip6_src);
tha.port = sport << 16 | dport;
}
for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
th->nxt; th = th->nxt)
if (memcmp((char *)&tha, (char *)&th->addr,
sizeof(th->addr)) == 0)
break;
if (!th->nxt || (flags & TH_SYN)) {
/* didn't find it or new conversation */
if (th->nxt == NULL) {
th->nxt = (struct tcp_seq_hash6 *)
calloc(1, sizeof(*th));
if (th->nxt == NULL)
(*ndo->ndo_error)(ndo,
"tcp_print: calloc");
}
th->addr = tha;
if (rev)
th->ack = seq, th->seq = ack - 1;
else
th->seq = seq, th->ack = ack - 1;
} else {
if (rev)
seq -= th->ack, ack -= th->seq;
else
seq -= th->seq, ack -= th->ack;
}
thseq = th->seq;
thack = th->ack;
} else {
register struct tcp_seq_hash *th;
struct tcp_seq_hash *tcp_seq_hash;
struct tha tha;
tcp_seq_hash = tcp_seq_hash4;
if (sport > dport)
rev = 1;
else if (sport == dport) {
if (UNALIGNED_MEMCMP(&ip->ip_src, &ip->ip_dst, sizeof ip->ip_dst) > 0)
rev = 1;
}
if (rev) {
UNALIGNED_MEMCPY(&tha.src, &ip->ip_dst, sizeof ip->ip_dst);
UNALIGNED_MEMCPY(&tha.dst, &ip->ip_src, sizeof ip->ip_src);
tha.port = dport << 16 | sport;
} else {
UNALIGNED_MEMCPY(&tha.dst, &ip->ip_dst, sizeof ip->ip_dst);
UNALIGNED_MEMCPY(&tha.src, &ip->ip_src, sizeof ip->ip_src);
tha.port = sport << 16 | dport;
}
for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
th->nxt; th = th->nxt)
if (memcmp((char *)&tha, (char *)&th->addr,
sizeof(th->addr)) == 0)
break;
if (!th->nxt || (flags & TH_SYN)) {
/* didn't find it or new conversation */
if (th->nxt == NULL) {
th->nxt = (struct tcp_seq_hash *)
calloc(1, sizeof(*th));
if (th->nxt == NULL)
(*ndo->ndo_error)(ndo,
"tcp_print: calloc");
}
th->addr = tha;
if (rev)
th->ack = seq, th->seq = ack - 1;
else
th->seq = seq, th->ack = ack - 1;
} else {
if (rev)
seq -= th->ack, ack -= th->seq;
else
seq -= th->seq, ack -= th->ack;
}
thseq = th->seq;
thack = th->ack;
}
} else {
/*fool gcc*/
thseq = thack = rev = 0;
}
if (hlen > length) {
ND_PRINT((ndo, " [bad hdr length %u - too long, > %u]",
hlen, length));
return;
}
if (ndo->ndo_vflag && !ndo->ndo_Kflag && !fragmented) {
/* Check the checksum, if possible. */
uint16_t sum, tcp_sum;
if (IP_V(ip) == 4) {
if (ND_TTEST2(tp->th_sport, length)) {
sum = tcp_cksum(ndo, ip, tp, length);
tcp_sum = EXTRACT_16BITS(&tp->th_sum);
ND_PRINT((ndo, ", cksum 0x%04x", tcp_sum));
if (sum != 0)
ND_PRINT((ndo, " (incorrect -> 0x%04x)",
in_cksum_shouldbe(tcp_sum, sum)));
else
ND_PRINT((ndo, " (correct)"));
}
} else if (IP_V(ip) == 6 && ip6->ip6_plen) {
if (ND_TTEST2(tp->th_sport, length)) {
sum = nextproto6_cksum(ip6, (const uint8_t *)tp,
length, length, IPPROTO_TCP);
tcp_sum = EXTRACT_16BITS(&tp->th_sum);
ND_PRINT((ndo, ", cksum 0x%04x", tcp_sum));
if (sum != 0)
ND_PRINT((ndo, " (incorrect -> 0x%04x)",
in_cksum_shouldbe(tcp_sum, sum)));
else
ND_PRINT((ndo, " (correct)"));
}
}
}
length -= hlen;
if (ndo->ndo_vflag > 1 || length > 0 || flags & (TH_SYN | TH_FIN | TH_RST)) {
ND_PRINT((ndo, ", seq %u", seq));
if (length > 0) {
ND_PRINT((ndo, ":%u", seq + length));
}
}
if (flags & TH_ACK) {
ND_PRINT((ndo, ", ack %u", ack));
}
ND_PRINT((ndo, ", win %d", win));
if (flags & TH_URG)
ND_PRINT((ndo, ", urg %d", urp));
/*
* Handle any options.
*/
if (hlen > sizeof(*tp)) {
register const u_char *cp;
register u_int i, opt, datalen;
register u_int len;
hlen -= sizeof(*tp);
cp = (const u_char *)tp + sizeof(*tp);
ND_PRINT((ndo, ", options ["));
while (hlen > 0) {
if (ch != '\0')
ND_PRINT((ndo, "%c", ch));
ND_TCHECK(*cp);
opt = *cp++;
if (ZEROLENOPT(opt))
len = 1;
else {
ND_TCHECK(*cp);
len = *cp++; /* total including type, len */
if (len < 2 || len > hlen)
goto bad;
--hlen; /* account for length byte */
}
--hlen; /* account for type byte */
datalen = 0;
/* Bail if "l" bytes of data are not left or were not captured */
#define LENCHECK(l) { if ((l) > hlen) goto bad; ND_TCHECK2(*cp, l); }
ND_PRINT((ndo, "%s", tok2str(tcp_option_values, "unknown-%u", opt)));
switch (opt) {
case TCPOPT_MAXSEG:
datalen = 2;
LENCHECK(datalen);
ND_PRINT((ndo, " %u", EXTRACT_16BITS(cp)));
break;
case TCPOPT_WSCALE:
datalen = 1;
LENCHECK(datalen);
ND_PRINT((ndo, " %u", *cp));
break;
case TCPOPT_SACK:
datalen = len - 2;
if (datalen % 8 != 0) {
ND_PRINT((ndo, "invalid sack"));
} else {
uint32_t s, e;
ND_PRINT((ndo, " %d ", datalen / 8));
for (i = 0; i < datalen; i += 8) {
LENCHECK(i + 4);
s = EXTRACT_32BITS(cp + i);
LENCHECK(i + 8);
e = EXTRACT_32BITS(cp + i + 4);
if (rev) {
s -= thseq;
e -= thseq;
} else {
s -= thack;
e -= thack;
}
ND_PRINT((ndo, "{%u:%u}", s, e));
}
}
break;
case TCPOPT_CC:
case TCPOPT_CCNEW:
case TCPOPT_CCECHO:
case TCPOPT_ECHO:
case TCPOPT_ECHOREPLY:
/*
* those options share their semantics.
* fall through
*/
datalen = 4;
LENCHECK(datalen);
ND_PRINT((ndo, " %u", EXTRACT_32BITS(cp)));
break;
case TCPOPT_TIMESTAMP:
datalen = 8;
LENCHECK(datalen);
ND_PRINT((ndo, " val %u ecr %u",
EXTRACT_32BITS(cp),
EXTRACT_32BITS(cp + 4)));
break;
case TCPOPT_SIGNATURE:
datalen = TCP_SIGLEN;
LENCHECK(datalen);
#ifdef HAVE_LIBCRYPTO
switch (tcp_verify_signature(ndo, ip, tp,
bp + TH_OFF(tp) * 4, length, cp)) {
case SIGNATURE_VALID:
ND_PRINT((ndo, "valid"));
break;
case SIGNATURE_INVALID:
ND_PRINT((ndo, "invalid"));
break;
case CANT_CHECK_SIGNATURE:
ND_PRINT((ndo, "can't check - "));
for (i = 0; i < TCP_SIGLEN; ++i)
ND_PRINT((ndo, "%02x", cp[i]));
break;
}
#else
for (i = 0; i < TCP_SIGLEN; ++i)
ND_PRINT((ndo, "%02x", cp[i]));
#endif
break;
case TCPOPT_AUTH:
ND_PRINT((ndo, "keyid %d", *cp++));
datalen = len - 3;
for (i = 0; i < datalen; ++i) {
LENCHECK(i);
ND_PRINT((ndo, "%02x", cp[i]));
}
break;
case TCPOPT_EOL:
case TCPOPT_NOP:
case TCPOPT_SACKOK:
/*
* Nothing interesting.
* fall through
*/
break;
case TCPOPT_UTO:
datalen = 2;
LENCHECK(datalen);
utoval = EXTRACT_16BITS(cp);
ND_PRINT((ndo, "0x%x", utoval));
if (utoval & 0x0001)
utoval = (utoval >> 1) * 60;
else
utoval >>= 1;
ND_PRINT((ndo, " %u", utoval));
break;
case TCPOPT_MPTCP:
datalen = len - 2;
LENCHECK(datalen);
if (!mptcp_print(ndo, cp-2, len, flags))
goto bad;
break;
case TCPOPT_FASTOPEN:
datalen = len - 2;
LENCHECK(datalen);
print_tcp_fastopen_option(ndo, cp, datalen, FALSE);
break;
case TCPOPT_EXPERIMENT2:
datalen = len - 2;
LENCHECK(datalen);
if (datalen < 2)
goto bad;
/* RFC6994 */
magic = EXTRACT_16BITS(cp);
ND_PRINT((ndo, "-"));
switch(magic) {
case 0xf989: /* TCP Fast Open RFC 7413 */
print_tcp_fastopen_option(ndo, cp + 2, datalen - 2, TRUE);
break;
default:
/* Unknown magic number */
ND_PRINT((ndo, "%04x", magic));
break;
}
break;
default:
datalen = len - 2;
if (datalen)
ND_PRINT((ndo, " 0x"));
for (i = 0; i < datalen; ++i) {
LENCHECK(i);
ND_PRINT((ndo, "%02x", cp[i]));
}
break;
}
/* Account for data printed */
cp += datalen;
hlen -= datalen;
/* Check specification against observed length */
++datalen; /* option octet */
if (!ZEROLENOPT(opt))
++datalen; /* size octet */
if (datalen != len)
ND_PRINT((ndo, "[len %d]", len));
ch = ',';
if (opt == TCPOPT_EOL)
break;
}
ND_PRINT((ndo, "]"));
}
/*
* Print EAP requests / responses
*/
void
eap_print(netdissect_options *ndo,
register const u_char *cp,
u_int length _U_)
{
const struct eap_frame_t *eap;
const u_char *tptr;
u_int tlen, type, subtype;
int count=0, len;
tptr = cp;
tlen = length;
eap = (const struct eap_frame_t *)cp;
ND_TCHECK(*eap);
/* in non-verbose mode just lets print the basic info */
if (ndo->ndo_vflag < 1) {
ND_PRINT((ndo, "%s (%u) v%u, len %u",
tok2str(eap_frame_type_values, "unknown", eap->type),
eap->type,
eap->version,
EXTRACT_16BITS(eap->length)));
return;
}
ND_PRINT((ndo, "%s (%u) v%u, len %u",
tok2str(eap_frame_type_values, "unknown", eap->type),
eap->type,
eap->version,
EXTRACT_16BITS(eap->length)));
tptr += sizeof(const struct eap_frame_t);
tlen -= sizeof(const struct eap_frame_t);
switch (eap->type) {
case EAP_FRAME_TYPE_PACKET:
type = *(tptr);
len = EXTRACT_16BITS(tptr+2);
ND_PRINT((ndo, ", %s (%u), id %u, len %u",
tok2str(eap_code_values, "unknown", type),
type,
*(tptr+1),
len));
if (!ND_TTEST2(*tptr, len))
goto trunc;
if (type <= 2) { /* For EAP_REQUEST and EAP_RESPONSE only */
subtype = *(tptr+4);
ND_PRINT((ndo, "\n\t\t Type %s (%u)",
tok2str(eap_type_values, "unknown", *(tptr+4)),
*(tptr + 4)));
switch (subtype) {
case EAP_TYPE_IDENTITY:
if (len - 5 > 0) {
ND_PRINT((ndo, ", Identity: "));
safeputs(ndo, tptr + 5, len - 5);
}
break;
case EAP_TYPE_NOTIFICATION:
if (len - 5 > 0) {
ND_PRINT((ndo, ", Notification: "));
safeputs(ndo, tptr + 5, len - 5);
}
break;
case EAP_TYPE_NAK:
count = 5;
/*
* one or more octets indicating
* the desired authentication
* type one octet per type
*/
while (count < len) {
ND_PRINT((ndo, " %s (%u),",
tok2str(eap_type_values, "unknown", *(tptr+count)),
*(tptr + count)));
count++;
}
break;
case EAP_TYPE_TTLS:
ND_PRINT((ndo, " TTLSv%u",
EAP_TTLS_VERSION(*(tptr + 5)))); /* fall through */
case EAP_TYPE_TLS:
ND_PRINT((ndo, " flags [%s] 0x%02x,",
bittok2str(eap_tls_flags_values, "none", *(tptr+5)),
*(tptr + 5)));
if (EAP_TLS_EXTRACT_BIT_L(*(tptr+5))) {
ND_PRINT((ndo, " len %u", EXTRACT_32BITS(tptr + 6)));
}
break;
case EAP_TYPE_FAST:
ND_PRINT((ndo, " FASTv%u",
EAP_TTLS_VERSION(*(tptr + 5))));
ND_PRINT((ndo, " flags [%s] 0x%02x,",
bittok2str(eap_tls_flags_values, "none", *(tptr+5)),
*(tptr + 5)));
if (EAP_TLS_EXTRACT_BIT_L(*(tptr+5))) {
ND_PRINT((ndo, " len %u", EXTRACT_32BITS(tptr + 6)));
}
/* FIXME - TLV attributes follow */
break;
case EAP_TYPE_AKA:
case EAP_TYPE_SIM:
ND_PRINT((ndo, " subtype [%s] 0x%02x,",
tok2str(eap_aka_subtype_values, "unknown", *(tptr+5)),
*(tptr + 5)));
/* FIXME - TLV attributes follow */
break;
case EAP_TYPE_MD5_CHALLENGE:
case EAP_TYPE_OTP:
case EAP_TYPE_GTC:
case EAP_TYPE_EXPANDED_TYPES:
case EAP_TYPE_EXPERIMENTAL:
default:
break;
}
}
break;
case EAP_FRAME_TYPE_LOGOFF:
case EAP_FRAME_TYPE_ENCAP_ASF_ALERT:
default:
break;
}
return;
trunc:
ND_PRINT((ndo, "\n\t[|EAP]"));
}
void
_egp_print(netdissect_options *ndo,
register const uint8_t *bp, register u_int length)
{
register const struct egp_packet *egp;
register int status;
register int code;
register int type;
egp = (struct egp_packet *)bp;
if (!ND_TTEST2(*egp, length)) {
ND_PRINT((ndo, "[|egp]"));
return;
}
if (!ndo->ndo_vflag) {
ND_PRINT((ndo, "EGPv%u, AS %u, seq %u, length %u",
egp->egp_version,
EXTRACT_16BITS(&egp->egp_as),
EXTRACT_16BITS(&egp->egp_sequence),
length));
return;
} else
ND_PRINT((ndo, "EGPv%u, length %u",
egp->egp_version,
length));
if (egp->egp_version != EGP_VERSION) {
ND_PRINT((ndo, "[version %d]", egp->egp_version));
return;
}
type = egp->egp_type;
code = egp->egp_code;
status = egp->egp_status;
switch (type) {
case EGPT_ACQUIRE:
ND_PRINT((ndo, " acquire"));
switch (code) {
case EGPC_REQUEST:
case EGPC_CONFIRM:
ND_PRINT((ndo, " %s", egp_acquire_codes[code]));
switch (status) {
case EGPS_UNSPEC:
case EGPS_ACTIVE:
case EGPS_PASSIVE:
ND_PRINT((ndo, " %s", egp_acquire_status[status]));
break;
default:
ND_PRINT((ndo, " [status %d]", status));
break;
}
ND_PRINT((ndo, " hello:%d poll:%d",
EXTRACT_16BITS(&egp->egp_hello),
EXTRACT_16BITS(&egp->egp_poll)));
break;
case EGPC_REFUSE:
case EGPC_CEASE:
case EGPC_CEASEACK:
ND_PRINT((ndo, " %s", egp_acquire_codes[code]));
switch (status ) {
case EGPS_UNSPEC:
case EGPS_NORES:
case EGPS_ADMIN:
case EGPS_GODOWN:
case EGPS_PARAM:
case EGPS_PROTO:
ND_PRINT((ndo, " %s", egp_acquire_status[status]));
break;
default:
ND_PRINT((ndo, "[status %d]", status));
break;
}
break;
default:
ND_PRINT((ndo, "[code %d]", code));
break;
}
break;
case EGPT_REACH:
switch (code) {
case EGPC_HELLO:
case EGPC_HEARDU:
ND_PRINT((ndo, " %s", egp_reach_codes[code]));
if (status <= EGPS_DOWN)
ND_PRINT((ndo, " state:%s", egp_status_updown[status]));
else
ND_PRINT((ndo, " [status %d]", status));
break;
default:
ND_PRINT((ndo, "[reach code %d]", code));
break;
}
break;
case EGPT_POLL:
ND_PRINT((ndo, " poll"));
if (egp->egp_status <= EGPS_DOWN)
ND_PRINT((ndo, " state:%s", egp_status_updown[status]));
else
ND_PRINT((ndo, " [status %d]", status));
ND_PRINT((ndo, " net:%s", ipaddr_string(ndo, &egp->egp_sourcenet)));
break;
case EGPT_UPDATE:
ND_PRINT((ndo, " update"));
if (status & EGPS_UNSOL) {
status &= ~EGPS_UNSOL;
ND_PRINT((ndo, " unsolicited"));
}
if (status <= EGPS_DOWN)
ND_PRINT((ndo, " state:%s", egp_status_updown[status]));
else
ND_PRINT((ndo, " [status %d]", status));
ND_PRINT((ndo, " %s int %d ext %d",
ipaddr_string(ndo, &egp->egp_sourcenet),
egp->egp_intgw,
egp->egp_extgw));
if (ndo->ndo_vflag)
egpnrprint(ndo, egp);
break;
case EGPT_ERROR:
ND_PRINT((ndo, " error"));
if (status <= EGPS_DOWN)
ND_PRINT((ndo, " state:%s", egp_status_updown[status]));
else
ND_PRINT((ndo, " [status %d]", status));
if (EXTRACT_16BITS(&egp->egp_reason) <= EGPR_UVERSION)
ND_PRINT((ndo, " %s", egp_reasons[EXTRACT_16BITS(&egp->egp_reason)]));
else
ND_PRINT((ndo, " [reason %d]", EXTRACT_16BITS(&egp->egp_reason)));
break;
default:
ND_PRINT((ndo, "[type %d]", type));
break;
}
}
void
icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *bp2,
int fragmented)
{
char *cp;
const struct icmp *dp;
const struct icmp_ext_t *ext_dp;
const struct ip *ip;
const char *str, *fmt;
const struct ip *oip;
const struct udphdr *ouh;
const uint8_t *obj_tptr;
uint32_t raw_label;
const u_char *snapend_save;
const struct icmp_mpls_ext_object_header_t *icmp_mpls_ext_object_header;
u_int hlen, dport, mtu, obj_tlen, obj_class_num, obj_ctype;
char buf[MAXHOSTNAMELEN + 100];
struct cksum_vec vec[1];
dp = (const struct icmp *)bp;
ext_dp = (const struct icmp_ext_t *)bp;
ip = (const struct ip *)bp2;
str = buf;
ND_TCHECK(dp->icmp_code);
switch (dp->icmp_type) {
case ICMP_ECHO:
case ICMP_ECHOREPLY:
ND_TCHECK(dp->icmp_seq);
(void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
dp->icmp_type == ICMP_ECHO ?
"request" : "reply",
EXTRACT_16BITS(&dp->icmp_id),
EXTRACT_16BITS(&dp->icmp_seq));
break;
case ICMP_UNREACH:
ND_TCHECK(dp->icmp_ip.ip_dst);
switch (dp->icmp_code) {
case ICMP_UNREACH_PROTOCOL:
ND_TCHECK(dp->icmp_ip.ip_p);
(void)snprintf(buf, sizeof(buf),
"%s protocol %d unreachable",
ipaddr_string(ndo, &dp->icmp_ip.ip_dst),
dp->icmp_ip.ip_p);
break;
case ICMP_UNREACH_PORT:
ND_TCHECK(dp->icmp_ip.ip_p);
oip = &dp->icmp_ip;
hlen = IP_HL(oip) * 4;
ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
ND_TCHECK(ouh->uh_dport);
dport = EXTRACT_16BITS(&ouh->uh_dport);
switch (oip->ip_p) {
case IPPROTO_TCP:
(void)snprintf(buf, sizeof(buf),
"%s tcp port %s unreachable",
ipaddr_string(ndo, &oip->ip_dst),
tcpport_string(ndo, dport));
break;
case IPPROTO_UDP:
(void)snprintf(buf, sizeof(buf),
"%s udp port %s unreachable",
ipaddr_string(ndo, &oip->ip_dst),
udpport_string(ndo, dport));
break;
default:
(void)snprintf(buf, sizeof(buf),
"%s protocol %d port %d unreachable",
ipaddr_string(ndo, &oip->ip_dst),
oip->ip_p, dport);
break;
}
break;
case ICMP_UNREACH_NEEDFRAG:
{
register const struct mtu_discovery *mp;
mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
mtu = EXTRACT_16BITS(&mp->nexthopmtu);
if (mtu) {
(void)snprintf(buf, sizeof(buf),
"%s unreachable - need to frag (mtu %d)",
ipaddr_string(ndo, &dp->icmp_ip.ip_dst), mtu);
} else {
(void)snprintf(buf, sizeof(buf),
"%s unreachable - need to frag",
ipaddr_string(ndo, &dp->icmp_ip.ip_dst));
}
}
break;
default:
fmt = tok2str(unreach2str, "#%d %%s unreachable",
dp->icmp_code);
(void)snprintf(buf, sizeof(buf), fmt,
ipaddr_string(ndo, &dp->icmp_ip.ip_dst));
break;
}
break;
case ICMP_REDIRECT:
ND_TCHECK(dp->icmp_ip.ip_dst);
fmt = tok2str(type2str, "redirect-#%d %%s to net %%s",
dp->icmp_code);
(void)snprintf(buf, sizeof(buf), fmt,
ipaddr_string(ndo, &dp->icmp_ip.ip_dst),
ipaddr_string(ndo, &dp->icmp_gwaddr));
break;
case ICMP_ROUTERADVERT:
{
register const struct ih_rdiscovery *ihp;
register const struct id_rdiscovery *idp;
u_int lifetime, num, size;
(void)snprintf(buf, sizeof(buf), "router advertisement");
cp = buf + strlen(buf);
ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
ND_TCHECK(*ihp);
(void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
cp = buf + strlen(buf);
lifetime = EXTRACT_16BITS(&ihp->ird_lifetime);
if (lifetime < 60) {
(void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
lifetime);
} else if (lifetime < 60 * 60) {
(void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
lifetime / 60, lifetime % 60);
} else {
(void)snprintf(cp, sizeof(buf) - (cp - buf),
"%u:%02u:%02u",
lifetime / 3600,
(lifetime % 3600) / 60,
lifetime % 60);
}
cp = buf + strlen(buf);
num = ihp->ird_addrnum;
(void)snprintf(cp, sizeof(buf) - (cp - buf), " %d:", num);
cp = buf + strlen(buf);
size = ihp->ird_addrsiz;
if (size != 2) {
(void)snprintf(cp, sizeof(buf) - (cp - buf),
" [size %d]", size);
break;
}
idp = (const struct id_rdiscovery *)&dp->icmp_data;
while (num-- > 0) {
ND_TCHECK(*idp);
(void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
ipaddr_string(ndo, &idp->ird_addr),
EXTRACT_32BITS(&idp->ird_pref));
cp = buf + strlen(buf);
++idp;
}
}
break;
case ICMP_TIMXCEED:
ND_TCHECK(dp->icmp_ip.ip_dst);
switch (dp->icmp_code) {
case ICMP_TIMXCEED_INTRANS:
str = "time exceeded in-transit";
break;
case ICMP_TIMXCEED_REASS:
str = "ip reassembly time exceeded";
break;
default:
(void)snprintf(buf, sizeof(buf), "time exceeded-#%d",
dp->icmp_code);
break;
}
break;
case ICMP_PARAMPROB:
if (dp->icmp_code)
(void)snprintf(buf, sizeof(buf),
"parameter problem - code %d", dp->icmp_code);
else {
ND_TCHECK(dp->icmp_pptr);
(void)snprintf(buf, sizeof(buf),
"parameter problem - octet %d", dp->icmp_pptr);
}
break;
case ICMP_MASKREPLY:
ND_TCHECK(dp->icmp_mask);
(void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
EXTRACT_32BITS(&dp->icmp_mask));
break;
case ICMP_TSTAMP:
ND_TCHECK(dp->icmp_seq);
(void)snprintf(buf, sizeof(buf),
"time stamp query id %u seq %u",
EXTRACT_16BITS(&dp->icmp_id),
EXTRACT_16BITS(&dp->icmp_seq));
break;
case ICMP_TSTAMPREPLY:
ND_TCHECK(dp->icmp_ttime);
(void)snprintf(buf, sizeof(buf),
"time stamp reply id %u seq %u: org %s",
EXTRACT_16BITS(&dp->icmp_id),
EXTRACT_16BITS(&dp->icmp_seq),
icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_otime)));
(void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_rtime)));
(void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_ttime)));
break;
default:
str = tok2str(icmp2str, "type-#%d", dp->icmp_type);
break;
}
ND_PRINT((ndo, "ICMP %s, length %u", str, plen));
if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
uint16_t sum, icmp_sum;
if (ND_TTEST2(*bp, plen)) {
vec[0].ptr = (const uint8_t *)(const void *)dp;
vec[0].len = plen;
sum = in_cksum(vec, 1);
if (sum != 0) {
icmp_sum = EXTRACT_16BITS(&dp->icmp_cksum);
ND_PRINT((ndo, " (wrong icmp cksum %x (->%x)!)",
icmp_sum,
in_cksum_shouldbe(icmp_sum, sum)));
}
}
}
/*
* print the remnants of the IP packet.
* save the snaplength as this may get overidden in the IP printer.
*/
if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(dp->icmp_type)) {
bp += 8;
ND_PRINT((ndo, "\n\t"));
ip = (const struct ip *)bp;
ndo->ndo_snaplen = ndo->ndo_snapend - bp;
snapend_save = ndo->ndo_snapend;
ND_TCHECK_16BITS(&ip->ip_len);
ip_print(ndo, bp, EXTRACT_16BITS(&ip->ip_len));
ndo->ndo_snapend = snapend_save;
}
/*
* Attempt to decode the MPLS extensions only for some ICMP types.
*/
if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MPLS_EXT_TYPE(dp->icmp_type)) {
ND_TCHECK(*ext_dp);
/*
* Check first if the mpls extension header shows a non-zero length.
* If the length field is not set then silently verify the checksum
* to check if an extension header is present. This is expedient,
* however not all implementations set the length field proper.
*/
if (!ext_dp->icmp_length &&
ND_TTEST2(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) {
vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
vec[0].len = plen - ICMP_EXTD_MINLEN;
if (in_cksum(vec, 1)) {
return;
}
}
ND_PRINT((ndo, "\n\tMPLS extension v%u",
ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res))));
/*
* Sanity checking of the header.
*/
if (ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
ICMP_MPLS_EXT_VERSION) {
ND_PRINT((ndo, " packet not supported"));
return;
}
hlen = plen - ICMP_EXTD_MINLEN;
if (ND_TTEST2(ext_dp->icmp_ext_version_res, hlen)) {
vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
vec[0].len = hlen;
ND_PRINT((ndo, ", checksum 0x%04x (%scorrect), length %u",
EXTRACT_16BITS(ext_dp->icmp_ext_checksum),
in_cksum(vec, 1) ? "in" : "",
hlen));
}
hlen -= 4; /* subtract common header size */
obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
while (hlen > sizeof(struct icmp_mpls_ext_object_header_t)) {
icmp_mpls_ext_object_header = (const struct icmp_mpls_ext_object_header_t *)obj_tptr;
ND_TCHECK(*icmp_mpls_ext_object_header);
obj_tlen = EXTRACT_16BITS(icmp_mpls_ext_object_header->length);
obj_class_num = icmp_mpls_ext_object_header->class_num;
obj_ctype = icmp_mpls_ext_object_header->ctype;
obj_tptr += sizeof(struct icmp_mpls_ext_object_header_t);
ND_PRINT((ndo, "\n\t %s Object (%u), Class-Type: %u, length %u",
tok2str(icmp_mpls_ext_obj_values,"unknown",obj_class_num),
obj_class_num,
obj_ctype,
obj_tlen));
hlen-=sizeof(struct icmp_mpls_ext_object_header_t); /* length field includes tlv header */
/* infinite loop protection */
if ((obj_class_num == 0) ||
(obj_tlen < sizeof(struct icmp_mpls_ext_object_header_t))) {
return;
}
obj_tlen-=sizeof(struct icmp_mpls_ext_object_header_t);
switch (obj_class_num) {
case 1:
switch(obj_ctype) {
case 1:
ND_TCHECK2(*obj_tptr, 4);
raw_label = EXTRACT_32BITS(obj_tptr);
ND_PRINT((ndo, "\n\t label %u, exp %u", MPLS_LABEL(raw_label), MPLS_EXP(raw_label)));
if (MPLS_STACK(raw_label))
ND_PRINT((ndo, ", [S]"));
ND_PRINT((ndo, ", ttl %u", MPLS_TTL(raw_label)));
break;
default:
print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
}
break;
/*
* FIXME those are the defined objects that lack a decoder
* you are welcome to contribute code ;-)
*/
case 2:
default:
print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
break;
}
if (hlen < obj_tlen)
break;
hlen -= obj_tlen;
obj_tptr += obj_tlen;
}
}
return;
trunc:
ND_PRINT((ndo, "[|icmp]"));
}
void
dtp_print (netdissect_options *ndo, const u_char *pptr, u_int length)
{
int type, len;
const u_char *tptr;
if (length < DTP_HEADER_LEN)
goto trunc;
tptr = pptr;
if (!ND_TTEST2(*tptr, DTP_HEADER_LEN))
goto trunc;
ND_PRINT((ndo, "DTPv%u, length %u",
(*tptr),
length));
/*
* In non-verbose mode, just print version.
*/
if (ndo->ndo_vflag < 1) {
return;
}
tptr += DTP_HEADER_LEN;
while (tptr < (pptr+length)) {
if (!ND_TTEST2(*tptr, 4))
goto trunc;
type = EXTRACT_16BITS(tptr);
len = EXTRACT_16BITS(tptr+2);
/* infinite loop check */
if (type == 0 || len == 0) {
return;
}
ND_PRINT((ndo, "\n\t%s (0x%04x) TLV, length %u",
tok2str(dtp_tlv_values, "Unknown", type),
type, len));
switch (type) {
case DTP_DOMAIN_TLV:
ND_PRINT((ndo, ", %s", tptr+4));
break;
case DTP_STATUS_TLV:
case DTP_DTP_TYPE_TLV:
ND_PRINT((ndo, ", 0x%x", *(tptr+4)));
break;
case DTP_NEIGHBOR_TLV:
ND_PRINT((ndo, ", %s", etheraddr_string(ndo, tptr+4)));
break;
default:
break;
}
tptr += len;
}
return;
trunc:
ND_PRINT((ndo, "[|dtp]"));
}
void
olsr_print(netdissect_options *ndo,
const u_char *pptr, u_int length, int is_ipv6)
{
union {
const struct olsr_common *common;
const struct olsr_msg4 *msg4;
const struct olsr_msg6 *msg6;
const struct olsr_hello *hello;
const struct olsr_hello_link *hello_link;
const struct olsr_tc *tc;
const struct olsr_hna4 *hna;
} ptr;
u_int msg_type, msg_len, msg_tlen, hello_len;
u_int16_t name_entry_type, name_entry_len;
u_int name_entry_padding;
u_int8_t link_type, neighbor_type;
const u_char *tptr, *msg_data;
tptr = pptr;
if (length < sizeof(struct olsr_common)) {
goto trunc;
}
if (!ND_TTEST2(*tptr, sizeof(struct olsr_common))) {
goto trunc;
}
ptr.common = (struct olsr_common *)tptr;
length = min(length, EXTRACT_16BITS(ptr.common->packet_len));
ND_PRINT((ndo, "OLSRv%i, seq 0x%04x, length %u",
(is_ipv6 == 0) ? 4 : 6,
EXTRACT_16BITS(ptr.common->packet_seq),
length));
tptr += sizeof(struct olsr_common);
/*
* In non-verbose mode, just print version.
*/
if (ndo->ndo_vflag < 1) {
return;
}
while (tptr < (pptr+length)) {
union
{
struct olsr_msg4 *v4;
struct olsr_msg6 *v6;
} msgptr;
int msg_len_valid = 0;
if (!ND_TTEST2(*tptr, sizeof(struct olsr_msg4)))
goto trunc;
#if INET6
if (is_ipv6)
{
msgptr.v6 = (struct olsr_msg6 *) tptr;
msg_type = msgptr.v6->msg_type;
msg_len = EXTRACT_16BITS(msgptr.v6->msg_len);
if ((msg_len >= sizeof (struct olsr_msg6))
&& (msg_len <= length))
msg_len_valid = 1;
/* infinite loop check */
if (msg_type == 0 || msg_len == 0) {
return;
}
ND_PRINT((ndo, "\n\t%s Message (%#04x), originator %s, ttl %u, hop %u"
"\n\t vtime %.3lfs, msg-seq 0x%04x, length %u%s",
tok2str(olsr_msg_values, "Unknown", msg_type),
msg_type, ip6addr_string(msgptr.v6->originator),
msgptr.v6->ttl,
msgptr.v6->hopcount,
ME_TO_DOUBLE(msgptr.v6->vtime),
EXTRACT_16BITS(msgptr.v6->msg_seq),
msg_len, (msg_len_valid == 0) ? " (invalid)" : ""));
msg_tlen = msg_len - sizeof(struct olsr_msg6);
msg_data = tptr + sizeof(struct olsr_msg6);
}
else /* (!is_ipv6) */
#endif /* INET6 */
{
msgptr.v4 = (struct olsr_msg4 *) tptr;
msg_type = msgptr.v4->msg_type;
msg_len = EXTRACT_16BITS(msgptr.v4->msg_len);
if ((msg_len >= sizeof (struct olsr_msg4))
&& (msg_len <= length))
msg_len_valid = 1;
/* infinite loop check */
if (msg_type == 0 || msg_len == 0) {
return;
}
ND_PRINT((ndo, "\n\t%s Message (%#04x), originator %s, ttl %u, hop %u"
"\n\t vtime %.3lfs, msg-seq 0x%04x, length %u%s",
tok2str(olsr_msg_values, "Unknown", msg_type),
msg_type, ipaddr_string(msgptr.v4->originator),
msgptr.v4->ttl,
msgptr.v4->hopcount,
ME_TO_DOUBLE(msgptr.v4->vtime),
EXTRACT_16BITS(msgptr.v4->msg_seq),
msg_len, (msg_len_valid == 0) ? " (invalid)" : ""));
msg_tlen = msg_len - sizeof(struct olsr_msg4);
msg_data = tptr + sizeof(struct olsr_msg4);
}
switch (msg_type) {
case OLSR_HELLO_MSG:
case OLSR_HELLO_LQ_MSG:
if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hello)))
goto trunc;
ptr.hello = (struct olsr_hello *)msg_data;
ND_PRINT((ndo, "\n\t hello-time %.3lfs, MPR willingness %u",
ME_TO_DOUBLE(ptr.hello->htime), ptr.hello->will));
msg_data += sizeof(struct olsr_hello);
msg_tlen -= sizeof(struct olsr_hello);
while (msg_tlen >= sizeof(struct olsr_hello_link)) {
int hello_len_valid = 0;
/*
* link-type.
*/
if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hello_link)))
goto trunc;
ptr.hello_link = (struct olsr_hello_link *)msg_data;
hello_len = EXTRACT_16BITS(ptr.hello_link->len);
link_type = OLSR_EXTRACT_LINK_TYPE(ptr.hello_link->link_code);
neighbor_type = OLSR_EXTRACT_NEIGHBOR_TYPE(ptr.hello_link->link_code);
if ((hello_len <= msg_tlen)
&& (hello_len >= sizeof(struct olsr_hello_link)))
hello_len_valid = 1;
ND_PRINT((ndo, "\n\t link-type %s, neighbor-type %s, len %u%s",
tok2str(olsr_link_type_values, "Unknown", link_type),
tok2str(olsr_neighbor_type_values, "Unknown", neighbor_type),
hello_len,
(hello_len_valid == 0) ? " (invalid)" : ""));
if (hello_len_valid == 0)
break;
msg_data += sizeof(struct olsr_hello_link);
msg_tlen -= sizeof(struct olsr_hello_link);
hello_len -= sizeof(struct olsr_hello_link);
if (msg_type == OLSR_HELLO_MSG) {
olsr_print_neighbor(ndo, msg_data, hello_len);
} else {
#if INET6
if (is_ipv6)
olsr_print_lq_neighbor6(ndo, msg_data, hello_len);
else
#endif
olsr_print_lq_neighbor4(ndo, msg_data, hello_len);
}
msg_data += hello_len;
msg_tlen -= hello_len;
}
break;
case OLSR_TC_MSG:
case OLSR_TC_LQ_MSG:
if (!ND_TTEST2(*msg_data, sizeof(struct olsr_tc)))
goto trunc;
ptr.tc = (struct olsr_tc *)msg_data;
ND_PRINT((ndo, "\n\t advertised neighbor seq 0x%04x",
EXTRACT_16BITS(ptr.tc->ans_seq)));
msg_data += sizeof(struct olsr_tc);
msg_tlen -= sizeof(struct olsr_tc);
if (msg_type == OLSR_TC_MSG) {
olsr_print_neighbor(ndo, msg_data, msg_tlen);
} else {
#if INET6
if (is_ipv6)
olsr_print_lq_neighbor6(ndo, msg_data, msg_tlen);
else
#endif
olsr_print_lq_neighbor4(ndo, msg_data, msg_tlen);
}
break;
case OLSR_MID_MSG:
{
size_t addr_size = sizeof(struct in_addr);
#if INET6
if (is_ipv6)
addr_size = sizeof(struct in6_addr);
#endif
while (msg_tlen >= addr_size) {
if (!ND_TTEST2(*msg_data, addr_size))
goto trunc;
#if INET6
ND_PRINT((ndo, "\n\t interface address %s",
is_ipv6 ? ip6addr_string(msg_data) :
ipaddr_string(msg_data)));
#else
ND_PRINT((ndo, "\n\t interface address %s",
ipaddr_string(msg_data)));
#endif
msg_data += addr_size;
msg_tlen -= addr_size;
}
break;
}
case OLSR_HNA_MSG:
ND_PRINT((ndo, "\n\t Advertised networks (total %u)",
(unsigned int) (msg_tlen / sizeof(struct olsr_hna6))));
#if INET6
if (is_ipv6)
{
int i = 0;
while (msg_tlen >= sizeof(struct olsr_hna6)) {
struct olsr_hna6 *hna6;
if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hna6)))
goto trunc;
hna6 = (struct olsr_hna6 *)msg_data;
ND_PRINT((ndo, "\n\t #%i: %s/%u",
i, ip6addr_string(hna6->network),
mask62plen (hna6->mask)));
msg_data += sizeof(struct olsr_hna6);
msg_tlen -= sizeof(struct olsr_hna6);
}
}
else
#endif
{
int col = 0;
while (msg_tlen >= sizeof(struct olsr_hna4)) {
if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hna4)))
goto trunc;
ptr.hna = (struct olsr_hna4 *)msg_data;
/* print 4 prefixes per line */
ND_PRINT((ndo, "%s%s/%u",
col == 0 ? "\n\t " : ", ",
ipaddr_string(ptr.hna->network),
mask2plen(EXTRACT_32BITS(ptr.hna->mask))));
msg_data += sizeof(struct olsr_hna4);
msg_tlen -= sizeof(struct olsr_hna4);
col = (col + 1) % 4;
}
}
break;
case OLSR_NAMESERVICE_MSG:
{
u_int name_entries = EXTRACT_16BITS(msg_data+2);
u_int addr_size = 4;
int name_entries_valid = 0;
u_int i;
if (is_ipv6)
addr_size = 16;
if ((name_entries > 0)
&& ((name_entries * (4 + addr_size)) <= msg_tlen))
name_entries_valid = 1;
if (msg_tlen < 4)
goto trunc;
if (!ND_TTEST2(*msg_data, 4))
goto trunc;
ND_PRINT((ndo, "\n\t Version %u, Entries %u%s",
EXTRACT_16BITS(msg_data),
name_entries, (name_entries_valid == 0) ? " (invalid)" : ""));
if (name_entries_valid == 0)
break;
msg_data += 4;
msg_tlen -= 4;
for (i = 0; i < name_entries; i++) {
int name_entry_len_valid = 0;
if (msg_tlen < 4)
break;
if (!ND_TTEST2(*msg_data, 4))
goto trunc;
name_entry_type = EXTRACT_16BITS(msg_data);
name_entry_len = EXTRACT_16BITS(msg_data+2);
msg_data += 4;
msg_tlen -= 4;
if ((name_entry_len > 0) && ((addr_size + name_entry_len) <= msg_tlen))
name_entry_len_valid = 1;
ND_PRINT((ndo, "\n\t #%u: type %#06x, length %u%s",
(unsigned int) i, name_entry_type,
name_entry_len, (name_entry_len_valid == 0) ? " (invalid)" : ""));
if (name_entry_len_valid == 0)
break;
/* 32-bit alignment */
name_entry_padding = 0;
if (name_entry_len%4 != 0)
name_entry_padding = 4-(name_entry_len%4);
if (msg_tlen < addr_size + name_entry_len + name_entry_padding)
goto trunc;
if (!ND_TTEST2(*msg_data, addr_size + name_entry_len + name_entry_padding))
goto trunc;
#if INET6
if (is_ipv6)
ND_PRINT((ndo, ", address %s, name \"",
ip6addr_string(msg_data)));
else
#endif
ND_PRINT((ndo, ", address %s, name \"",
ipaddr_string(msg_data)));
fn_printn(msg_data + addr_size, name_entry_len, NULL);
ND_PRINT((ndo, "\""));
msg_data += addr_size + name_entry_len + name_entry_padding;
msg_tlen -= addr_size + name_entry_len + name_entry_padding;
} /* for (i = 0; i < name_entries; i++) */
break;
} /* case OLSR_NAMESERVICE_MSG */
/*
* FIXME those are the defined messages that lack a decoder
* you are welcome to contribute code ;-)
*/
case OLSR_POWERINFO_MSG:
default:
print_unknown_data(ndo, msg_data, "\n\t ", msg_tlen);
break;
} /* switch (msg_type) */
tptr += msg_len;
} /* while (tptr < (pptr+length)) */
return;
trunc:
ND_PRINT((ndo, "[|olsr]"));
}
static void
chdlc_slarp_print(netdissect_options *ndo, const u_char *cp, u_int length)
{
const struct cisco_slarp *slarp;
u_int sec,min,hrs,days;
ND_PRINT((ndo, "SLARP (length: %u), ",length));
if (length < SLARP_MIN_LEN)
goto trunc;
slarp = (const struct cisco_slarp *)cp;
ND_TCHECK2(*slarp, SLARP_MIN_LEN);
switch (EXTRACT_32BITS(&slarp->code)) {
case SLARP_REQUEST:
ND_PRINT((ndo, "request"));
/*
* At least according to William "Chops" Westfield's
* message in
*
* http://www.nethelp.no/net/cisco-hdlc.txt
*
* the address and mask aren't used in requests -
* they're just zero.
*/
break;
case SLARP_REPLY:
ND_PRINT((ndo, "reply %s/%s",
ipaddr_string(ndo, &slarp->un.addr.addr),
ipaddr_string(ndo, &slarp->un.addr.mask)));
break;
case SLARP_KEEPALIVE:
ND_PRINT((ndo, "keepalive: mineseen=0x%08x, yourseen=0x%08x, reliability=0x%04x",
EXTRACT_32BITS(&slarp->un.keep.myseq),
EXTRACT_32BITS(&slarp->un.keep.yourseq),
EXTRACT_16BITS(&slarp->un.keep.rel)));
if (length >= SLARP_MAX_LEN) { /* uptime-stamp is optional */
cp += SLARP_MIN_LEN;
if (!ND_TTEST2(*cp, 4))
goto trunc;
sec = EXTRACT_32BITS(cp) / 1000;
min = sec / 60; sec -= min * 60;
hrs = min / 60; min -= hrs * 60;
days = hrs / 24; hrs -= days * 24;
ND_PRINT((ndo, ", link uptime=%ud%uh%um%us",days,hrs,min,sec));
}
break;
default:
ND_PRINT((ndo, "0x%02x unknown", EXTRACT_32BITS(&slarp->code)));
if (ndo->ndo_vflag <= 1)
print_unknown_data(ndo,cp+4,"\n\t",length-4);
break;
}
if (SLARP_MAX_LEN < length && ndo->ndo_vflag)
ND_PRINT((ndo, ", (trailing junk: %d bytes)", length - SLARP_MAX_LEN));
if (ndo->ndo_vflag > 1)
print_unknown_data(ndo,cp+4,"\n\t",length-4);
return;
trunc:
ND_PRINT((ndo, "[|slarp]"));
}
void
lwapp_control_print(netdissect_options *ndo,
const u_char *pptr, u_int len, int has_ap_ident) {
const struct lwapp_transport_header *lwapp_trans_header;
const struct lwapp_control_header *lwapp_control_header;
const u_char *tptr;
int tlen;
int msg_tlen;
tptr=pptr;
if (has_ap_ident) {
/* check if enough bytes for AP identity */
if (!ND_TTEST2(*tptr, 6))
goto trunc;
lwapp_trans_header = (const struct lwapp_transport_header *)(pptr+6);
} else {
lwapp_trans_header = (const struct lwapp_transport_header *)pptr;
}
ND_TCHECK(*lwapp_trans_header);
/*
* Sanity checking of the header.
*/
if (LWAPP_EXTRACT_VERSION(lwapp_trans_header->version) != LWAPP_VERSION) {
ND_PRINT((ndo, "LWAPP version %u packet not supported",
LWAPP_EXTRACT_VERSION(lwapp_trans_header->version)));
return;
}
/* non-verbose */
if (ndo->ndo_vflag < 1) {
ND_PRINT((ndo, "LWAPPv%u, %s frame, Flags [%s], length %u",
LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
len));
return;
}
/* ok they seem to want to know everything - lets fully decode it */
tlen=EXTRACT_16BITS(lwapp_trans_header->length);
ND_PRINT((ndo, "LWAPPv%u, %s frame, Radio-id %u, Flags [%s], Frag-id %u, length %u",
LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
LWAPP_EXTRACT_RID(lwapp_trans_header->version),
bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
lwapp_trans_header->frag_id,
tlen));
if (has_ap_ident) {
ND_PRINT((ndo, "\n\tAP identity: %s", etheraddr_string(ndo, tptr)));
tptr+=sizeof(const struct lwapp_transport_header)+6;
} else {
tptr+=sizeof(const struct lwapp_transport_header);
}
while(tlen>0) {
/* did we capture enough for fully decoding the object header ? */
if (!ND_TTEST2(*tptr, sizeof(struct lwapp_control_header)))
goto trunc;
lwapp_control_header = (const struct lwapp_control_header *)tptr;
msg_tlen = EXTRACT_16BITS(lwapp_control_header->len);
/* print message header */
ND_PRINT((ndo, "\n\t Msg type: %s (%u), Seqnum: %u, Msg len: %d, Session: 0x%08x",
tok2str(lwapp_msg_type_values,"Unknown",lwapp_control_header->msg_type),
lwapp_control_header->msg_type,
lwapp_control_header->seq_num,
msg_tlen,
EXTRACT_32BITS(lwapp_control_header->session_id)));
/* did we capture enough for fully decoding the message */
if (!ND_TTEST2(*tptr, msg_tlen))
goto trunc;
/* XXX - Decode sub messages for each message */
switch(lwapp_control_header->msg_type) {
case LWAPP_MSGTYPE_DISCOVERY_REQUEST:
case LWAPP_MSGTYPE_DISCOVERY_RESPONSE:
case LWAPP_MSGTYPE_JOIN_REQUEST:
case LWAPP_MSGTYPE_JOIN_RESPONSE:
case LWAPP_MSGTYPE_JOIN_ACK:
case LWAPP_MSGTYPE_JOIN_CONFIRM:
case LWAPP_MSGTYPE_CONFIGURE_REQUEST:
case LWAPP_MSGTYPE_CONFIGURE_RESPONSE:
case LWAPP_MSGTYPE_CONF_UPDATE_REQUEST:
case LWAPP_MSGTYPE_CONF_UPDATE_RESPONSE:
case LWAPP_MSGTYPE_WTP_EVENT_REQUEST:
case LWAPP_MSGTYPE_WTP_EVENT_RESPONSE:
case LWAPP_MSGTYPE_CHANGE_STATE_EVENT_REQUEST:
case LWAPP_MSGTYPE_CHANGE_STATE_EVENT_RESPONSE:
case LWAPP_MSGTYPE_ECHO_REQUEST:
case LWAPP_MSGTYPE_ECHO_RESPONSE:
case LWAPP_MSGTYPE_IMAGE_DATA_REQUEST:
case LWAPP_MSGTYPE_IMAGE_DATA_RESPONSE:
case LWAPP_MSGTYPE_RESET_REQUEST:
case LWAPP_MSGTYPE_RESET_RESPONSE:
case LWAPP_MSGTYPE_KEY_UPDATE_REQUEST:
case LWAPP_MSGTYPE_KEY_UPDATE_RESPONSE:
case LWAPP_MSGTYPE_PRIMARY_DISCOVERY_REQUEST:
case LWAPP_MSGTYPE_PRIMARY_DISCOVERY_RESPONSE:
case LWAPP_MSGTYPE_DATA_TRANSFER_REQUEST:
case LWAPP_MSGTYPE_DATA_TRANSFER_RESPONSE:
case LWAPP_MSGTYPE_CLEAR_CONFIG_INDICATION:
case LWAPP_MSGTYPE_WLAN_CONFIG_REQUEST:
case LWAPP_MSGTYPE_WLAN_CONFIG_RESPONSE:
case LWAPP_MSGTYPE_MOBILE_CONFIG_REQUEST:
case LWAPP_MSGTYPE_MOBILE_CONFIG_RESPONSE:
default:
break;
}
tptr += sizeof(struct lwapp_control_header) + msg_tlen;
tlen -= sizeof(struct lwapp_control_header) + msg_tlen;
}
return;
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
}
