]> The Tcpdump Group git mirrors - tcpdump/blob - print-ppp.c
projects / tcpdump / blob


10ce9abc598850a2e2684930ee26386e1f9fb373
[tcpdump] / print-ppp.c
1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22 * complete PPP support.
23 */
24
25 /*
26 * TODO:
27 * o resolve XXX as much as possible
28 * o MP support
29 * o BAP support
30 */
31
32 #ifndef lint
33 static const char rcsid[] =
34 "@(#) $Header: /tcpdump/master/tcpdump/print-ppp.c,v 1.84 2003-05-22 12:02:24 hannes Exp $ (LBL)";
35 #endif
36
37 #ifdef HAVE_CONFIG_H
38 #include "config.h"
39 #endif
40
41 #include <tcpdump-stdinc.h>
42
43 #ifdef __bsdi__
44 #include <net/slcompress.h>
45 #include <net/if_ppp.h>
46 #endif
47
48 #include <pcap.h>
49 #include <stdio.h>
50
51 #include "interface.h"
52 #include "extract.h"
53 #include "addrtoname.h"
54 #include "ppp.h"
55 #include "chdlc.h"
56 #include "ethertype.h"
57
58 /*
59 * The following constatns are defined by IANA. Please refer to
60 * http://www.isi.edu/in-notes/iana/assignments/ppp-numbers
61 * for the up-to-date information.
62 */
63
64 /* Protocol Codes defined in ppp.h */
65
66 struct tok ppptype2str[] = {
67 { PPP_IP, "IP" },
68 { PPP_OSI, "OSI" },
69 { PPP_NS, "NS" },
70 { PPP_DECNET, "DECNET" },
71 { PPP_APPLE, "APPLE" },
72 { PPP_IPX, "IPX" },
73 { PPP_VJC, "VJC" },
74 { PPP_VJNC, "VJNC" },
75 { PPP_BRPDU, "BRPDU" },
76 { PPP_STII, "STII" },
77 { PPP_VINES, "VINES" },
78 { PPP_MPLS_UCAST, "MPLS" },
79 { PPP_MPLS_MCAST, "MPLS" },
80
81 { PPP_HELLO, "HELLO" },
82 { PPP_LUXCOM, "LUXCOM" },
83 { PPP_SNS, "SNS" },
84 { PPP_IPCP, "IPCP" },
85 { PPP_OSICP, "OSICP" },
86 { PPP_NSCP, "NSCP" },
87 { PPP_DECNETCP, "DECNETCP" },
88 { PPP_APPLECP, "APPLECP" },
89 { PPP_IPXCP, "IPXCP" },
90 { PPP_STIICP, "STIICP" },
91 { PPP_VINESCP, "VINESCP" },
92 { PPP_MPLSCP, "MPLSCP" },
93
94 { PPP_LCP, "LCP" },
95 { PPP_PAP, "PAP" },
96 { PPP_LQM, "LQM" },
97 { PPP_CHAP, "CHAP" },
98 { PPP_BACP, "BACP" },
99 { PPP_BAP, "BAP" },
100 { PPP_MP, "ML" },
101 { 0, NULL }
102 };
103
104 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
105
106 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
107 #define CPCODES_CONF_REQ 1 /* Configure-Request */
108 #define CPCODES_CONF_ACK 2 /* Configure-Ack */
109 #define CPCODES_CONF_NAK 3 /* Configure-Nak */
110 #define CPCODES_CONF_REJ 4 /* Configure-Reject */
111 #define CPCODES_TERM_REQ 5 /* Terminate-Request */
112 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */
113 #define CPCODES_CODE_REJ 7 /* Code-Reject */
114 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
115 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
116 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
117 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
118 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
119 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
120 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
121 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
122
123 struct tok cpcodes[] = {
124 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
125 {CPCODES_CONF_REQ, "Conf-Request"},
126 {CPCODES_CONF_ACK, "Conf-Ack"},
127 {CPCODES_CONF_NAK, "Conf-Nack"},
128 {CPCODES_CONF_REJ, "Conf-Reject"},
129 {CPCODES_TERM_REQ, "Term-Request"},
130 {CPCODES_TERM_ACK, "Term-Ack"},
131 {CPCODES_CODE_REJ, "Code-Reject"},
132 {CPCODES_PROT_REJ, "Prot-Reject"},
133 {CPCODES_ECHO_REQ, "Echo-Request"},
134 {CPCODES_ECHO_RPL, "Echo-Reply"},
135 {CPCODES_DISC_REQ, "Disc-Req"},
136 {CPCODES_ID, "Ident"}, /* RFC1570 */
137 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
138 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
139 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
140 {0, NULL}
141 };
142
143 /* LCP Config Options */
144
145 #define LCPOPT_VEXT 0
146 #define LCPOPT_MRU 1
147 #define LCPOPT_ACCM 2
148 #define LCPOPT_AP 3
149 #define LCPOPT_QP 4
150 #define LCPOPT_MN 5
151 #define LCPOPT_DEP6 6
152 #define LCPOPT_PFC 7
153 #define LCPOPT_ACFC 8
154 #define LCPOPT_FCSALT 9
155 #define LCPOPT_SDP 10
156 #define LCPOPT_NUMMODE 11
157 #define LCPOPT_DEP12 12
158 #define LCPOPT_CBACK 13
159 #define LCPOPT_DEP14 14
160 #define LCPOPT_DEP15 15
161 #define LCPOPT_DEP16 16
162 #define LCPOPT_MLMRRU 17
163 #define LCPOPT_MLSSNHF 18
164 #define LCPOPT_MLED 19
165 #define LCPOPT_PROP 20
166 #define LCPOPT_DCEID 21
167 #define LCPOPT_MPP 22
168 #define LCPOPT_LD 23
169 #define LCPOPT_LCPAOPT 24
170 #define LCPOPT_COBS 25
171 #define LCPOPT_PE 26
172 #define LCPOPT_MLHF 27
173 #define LCPOPT_I18N 28
174 #define LCPOPT_SDLOS 29
175 #define LCPOPT_PPPMUX 30
176
177 #define LCPOPT_MIN LCPOPT_VEXT
178 #define LCPOPT_MAX LCPOPT_PPPMUX
179
180 static const char *lcpconfopts[] = {
181 "Vend-Ext", /* (0) */
182 "MRU", /* (1) */
183 "ACCM", /* (2) */
184 "Auth-Prot", /* (3) */
185 "Qual-Prot", /* (4) */
186 "Magic-Num", /* (5) */
187 "deprecated(6)", /* used to be a Quality Protocol */
188 "PFC", /* (7) */
189 "ACFC", /* (8) */
190 "FCS-Alt", /* (9) */
191 "SDP", /* (10) */
192 "Num-Mode", /* (11) */
193 "deprecated(12)", /* used to be a Multi-Link-Procedure*/
194 "Call-Back", /* (13) */
195 "deprecated(14)", /* used to be a Connect-Time */
196 "deprecated(15)", /* used to be a Compund-Frames */
197 "deprecated(16)", /* used to be a Nominal-Data-Encap */
198 "MRRU", /* (17) */
199 "SSNHF", /* (18) */
200 "End-Disc", /* (19) */
201 "Proprietary", /* (20) */
202 "DCE-Id", /* (21) */
203 "MP+", /* (22) */
204 "Link-Disc", /* (23) */
205 "LCP-Auth-Opt", /* (24) */
206 "COBS", /* (25) */
207 "Prefix-elision", /* (26) */
208 "Multilink-header-Form",/* (27) */
209 "I18N", /* (28) */
210 "SDL-over-SONET/SDH", /* (29) */
211 "PPP-Muxing", /* (30) */
212 };
213
214 /* IPV6CP - to be supported */
215 /* ECP - to be supported */
216
217 /* CCP Config Options */
218
219 #define CCPOPT_OUI 0 /* RFC1962 */
220 #define CCPOPT_PRED1 1 /* RFC1962 */
221 #define CCPOPT_PRED2 2 /* RFC1962 */
222 #define CCPOPT_PJUMP 3 /* RFC1962 */
223 /* 4-15 unassigned */
224 #define CCPOPT_HPPPC 16 /* RFC1962 */
225 #define CCPOPT_STACLZS 17 /* RFC1974 */
226 #define CCPOPT_MPPC 18 /* RFC2118 */
227 #define CCPOPT_GFZA 19 /* RFC1962 */
228 #define CCPOPT_V42BIS 20 /* RFC1962 */
229 #define CCPOPT_BSDCOMP 21 /* RFC1977 */
230 /* 22 unassigned */
231 #define CCPOPT_LZSDCP 23 /* RFC1967 */
232 #define CCPOPT_MVRCA 24 /* RFC1975 */
233 #define CCPOPT_DEC 25 /* RFC1976 */
234 #define CCPOPT_DEFLATE 26 /* RFC1979 */
235 /* 27-254 unassigned */
236 #define CCPOPT_RESV 255 /* RFC1962 */
237
238 #define CCPOPT_MIN CCPOPT_OUI
239 #define CCPOPT_MAX CCPOPT_DEFLATE /* XXX: should be CCPOPT_RESV but... */
240
241 static const char *ccpconfopts[] = {
242 "OUI", /* (0) */
243 "Pred-1", /* (1) */
244 "Pred-2", /* (2) */
245 "Puddle", /* (3) */
246 "unassigned(4)", /* (4) */
247 "unassigned(5)", /* (5) */
248 "unassigned(6)", /* (6) */
249 "unassigned(7)", /* (7) */
250 "unassigned(8)", /* (8) */
251 "unassigned(9)", /* (9) */
252 "unassigned(10)", /* (10) */
253 "unassigned(11)", /* (11) */
254 "unassigned(12)", /* (12) */
255 "unassigned(13)", /* (13) */
256 "unassigned(14)", /* (14) */
257 "unassigned(15)", /* (15) */
258 "HP-PPC", /* (16) */
259 "Stac-LZS", /* (17) */
260 "MPPC", /* (18) */
261 "Gand-FZA", /* (19) */
262 "V.42bis", /* (20) */
263 "BSD-Comp", /* (21) */
264 "unassigned(22)", /* (22) */
265 "LZS-DCP", /* (23) */
266 "MVRCA", /* (24) */
267 "DEC", /* (25) */
268 "Deflate", /* (26) */
269 };
270
271 /* BACP Config Options */
272
273 #define BACPOPT_FPEER 1 /* RFC2125 */
274
275 /* SDCP - to be supported */
276
277 /* IPCP Config Options */
278
279 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
280 #define IPCPOPT_IPCOMP 2 /* RFC1332 */
281 #define IPCPOPT_ADDR 3 /* RFC1332 */
282 #define IPCPOPT_MOBILE4 4 /* RFC2290 */
283
284 #define IPCPOPT_PRIDNS 129 /* RFC1877 */
285 #define IPCPOPT_PRINBNS 130 /* RFC1877 */
286 #define IPCPOPT_SECDNS 131 /* RFC1877 */
287 #define IPCPOPT_SECNBNS 132 /* RFC1877 */
288
289 /* ATCP - to be supported */
290 /* OSINLCP - to be supported */
291 /* BVCP - to be supported */
292 /* BCP - to be supported */
293 /* IPXCP - to be supported */
294 /* MPLSCP - to be supported */
295
296 /* Auth Algorithms */
297
298 /* 0-4 Reserved (RFC1994) */
299 #define AUTHALG_CHAPMD5 5 /* RFC1994 */
300 #define AUTHALG_MSCHAP1 128 /* RFC2433 */
301 #define AUTHALG_MSCHAP2 129 /* RFC2795 */
302
303 /* FCS Alternatives - to be supported */
304
305 /* Multilink Endpoint Discriminator (RFC1717) */
306 #define MEDCLASS_NULL 0 /* Null Class */
307 #define MEDCLASS_LOCAL 1 /* Locally Assigned */
308 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
309 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
310 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */
311 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
312
313 /* PPP LCP Callback */
314 #define CALLBACK_AUTH 0 /* Location determined by user auth */
315 #define CALLBACK_DSTR 1 /* Dialing string */
316 #define CALLBACK_LID 2 /* Location identifier */
317 #define CALLBACK_E164 3 /* E.164 number */
318 #define CALLBACK_X500 4 /* X.500 distinguished name */
319 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
320
321 /* CHAP */
322
323 #define CHAP_CHAL 1
324 #define CHAP_RESP 2
325 #define CHAP_SUCC 3
326 #define CHAP_FAIL 4
327
328 #define CHAP_CODEMIN CHAP_CHAL
329 #define CHAP_CODEMAX CHAP_FAIL
330
331 static const char *chapcode[] = {
332 "Chal", /* (1) */
333 "Resp", /* (2) */
334 "Succ", /* (3) */
335 "Fail", /* (4) */
336 };
337
338 /* PAP */
339
340 #define PAP_AREQ 1
341 #define PAP_AACK 2
342 #define PAP_ANAK 3
343
344 #define PAP_CODEMIN PAP_AREQ
345 #define PAP_CODEMAX PAP_ANAK
346
347 static const char *papcode[] = {
348 "Auth-Req", /* (1) */
349 "Auth-Ack", /* (2) */
350 "Auth-Nak", /* (3) */
351 };
352
353 /* BAP */
354 #define BAP_CALLREQ 1
355 #define BAP_CALLRES 2
356 #define BAP_CBREQ 3
357 #define BAP_CBRES 4
358 #define BAP_LDQREQ 5
359 #define BAP_LDQRES 6
360 #define BAP_CSIND 7
361 #define BAP_CSRES 8
362
363 static void handle_ctrl_proto (u_int proto,const u_char *p, int length);
364 static void handle_chap (const u_char *p, int length);
365 static void handle_pap (const u_char *p, int length);
366 static void handle_bap (const u_char *p, int length);
367 static int print_lcp_config_options (const u_char *p, int);
368 static int print_ipcp_config_options (const u_char *p, int);
369 static int print_ccp_config_options (const u_char *p, int);
370 static int print_bacp_config_options (const u_char *p, int);
371 static void handle_ppp (u_int proto, const u_char *p, int length);
372
373 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
374 static void
375 handle_ctrl_proto(u_int proto, const u_char *pptr, int length)
376 {
377 u_int code, len;
378 int (*pfunc)(const u_char *, int);
379 int x, j;
380 const u_char *tptr;
381
382 tptr=pptr;
383
384 printf("%s, ",tok2str(ppptype2str, "unknown", proto));
385
386 if (length < 4) /* FIXME weak boundary checking */
387 return;
388
389 code = *tptr++;
390
391 printf("%s, id %u",
392 tok2str(cpcodes, "Unknown Opcode 0x%02x",code),
393 *tptr++); /* ID */
394
395 len = EXTRACT_16BITS(tptr);
396 tptr += 2;
397
398 if (length <= 4)
399 return; /* there may be a NULL confreq etc. */
400
401 switch (code) {
402 case CPCODES_VEXT:
403 if (length < 11)
404 break;
405 printf(", Magic-Num=%08x", EXTRACT_32BITS(tptr));
406 tptr += 4;
407 printf(" OUI=%02x%02x%02x", tptr[0], tptr[1], tptr[2]);
408 /* XXX: need to decode Kind and Value(s)? */
409 break;
410 case CPCODES_CONF_REQ:
411 case CPCODES_CONF_ACK:
412 case CPCODES_CONF_NAK:
413 case CPCODES_CONF_REJ:
414 x = len - 4; /* Code(1), Identifier(1) and Length(2) */
415 do {
416 switch (proto) {
417 case PPP_LCP:
418 pfunc = print_lcp_config_options;
419 break;
420 case PPP_IPCP:
421 pfunc = print_ipcp_config_options;
422 break;
423 case PPP_CCP:
424 pfunc = print_ccp_config_options;
425 break;
426 case PPP_BACP:
427 pfunc = print_bacp_config_options;
428 break;
429 default:
430 /*
431 * This should never happen, but we set
432 * "pfunc" to squelch uninitialized
433 * variable warnings from compilers.
434 */
435 pfunc = NULL;
436 break;
437 }
438 if ((j = (*pfunc)(tptr, len)) == 0)
439 break;
440 x -= j;
441 tptr += j;
442 } while (x > 0);
443 break;
444
445 case CPCODES_TERM_REQ:
446 case CPCODES_TERM_ACK:
447 /* XXX: need to decode Data? */
448 break;
449 case CPCODES_CODE_REJ:
450 /* XXX: need to decode Rejected-Packet? */
451 break;
452 case CPCODES_PROT_REJ:
453 if (length < 6)
454 break;
455 printf(", Rejected %s Protocol (0x%04x)",
456 tok2str(ppptype2str,"unknown", EXTRACT_16BITS(tptr)),
457 EXTRACT_16BITS(tptr));
458 /* XXX: need to decode Rejected-Information? */
459 break;
460 case CPCODES_ECHO_REQ:
461 case CPCODES_ECHO_RPL:
462 case CPCODES_DISC_REQ:
463 case CPCODES_ID:
464 if (length < 8)
465 break;
466 printf(", Magic-Num=%08x", EXTRACT_32BITS(tptr));
467 /* XXX: need to decode Data? */
468 break;
469 case CPCODES_TIME_REM:
470 if (length < 12)
471 break;
472 printf(", Magic-Num=%08x", EXTRACT_32BITS(tptr));
473 printf(" Seconds-Remaining=%u", EXTRACT_32BITS(tptr + 4));
474 /* XXX: need to decode Message? */
475 break;
476 default:
477 /* XXX this is dirty but we do not get the
478 * original pointer passed to the begin
479 * the PPP packet */
480 if (vflag <= 1)
481 print_unknown_data(pptr-2,"\n\t",length+2);
482 break;
483 }
484
485 if (vflag >1)
486 print_unknown_data(pptr-2,"\n\t",length+2);
487 }
488
489 /* LCP config options */
490 static int
491 print_lcp_config_options(const u_char *p, int length)
492 {
493 int len, opt;
494
495 if (length < 2)
496 return 0;
497 len = p[1];
498 opt = p[0];
499 if (length < len)
500 return 0;
501 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
502 printf(", %s ", lcpconfopts[opt]);
503 else {
504 printf(", unknown LCP option 0x%02x", opt);
505 return len;
506 }
507
508 switch (opt) {
509 case LCPOPT_VEXT:
510 if (len >= 6) {
511 printf(" OUI=%02x%02x%02x", p[2], p[3], p[4]);
512 #if 0
513 printf(" kind=%02x", p[5]);
514 printf(" val=")
515 for (i = 0; i < len - 6; i++) {
516 printf("%02x", p[6 + i]);
517 }
518 #endif
519 }
520 break;
521 case LCPOPT_MRU:
522 if (len == 4)
523 printf("=%u", EXTRACT_16BITS(p + 2));
524 break;
525 case LCPOPT_ACCM:
526 if (len == 6)
527 printf("=%08x", EXTRACT_32BITS(p + 2));
528 break;
529 case LCPOPT_AP:
530 if (len >= 4) {
531 if (p[2] == 0xc0 && p[3] == 0x23)
532 printf(" PAP");
533 else if (p[2] == 0xc2 && p[3] == 0x23) {
534 printf(" CHAP/");
535 switch (p[4]) {
536 default:
537 printf("unknown-algorithm-%u", p[4]);
538 break;
539 case AUTHALG_CHAPMD5:
540 printf("MD5");
541 break;
542 case AUTHALG_MSCHAP1:
543 printf("MSCHAPv1");
544 break;
545 case AUTHALG_MSCHAP2:
546 printf("MSCHAPv2");
547 break;
548 }
549 }
550 else if (p[2] == 0xc2 && p[3] == 0x27)
551 printf(" EAP");
552 else if (p[2] == 0xc0 && p[3] == 0x27)
553 printf(" SPAP");
554 else if (p[2] == 0xc1 && p[3] == 0x23)
555 printf(" Old-SPAP");
556 else
557 printf("unknown");
558 }
559 break;
560 case LCPOPT_QP:
561 if (len >= 4) {
562 if (p[2] == 0xc0 && p[3] == 0x25)
563 printf(" LQR");
564 else
565 printf(" unknown");
566 }
567 break;
568 case LCPOPT_MN:
569 if (len == 6)
570 printf("=%08x", EXTRACT_32BITS(p + 2));
571 break;
572 case LCPOPT_PFC:
573 break;
574 case LCPOPT_ACFC:
575 break;
576 case LCPOPT_LD:
577 if (len == 4)
578 printf("=%04x", EXTRACT_16BITS(p + 2));
579 break;
580 case LCPOPT_CBACK:
581 if (len < 3)
582 break;
583 switch (p[2]) { /* Operation */
584 case CALLBACK_AUTH:
585 printf(" UserAuth");
586 break;
587 case CALLBACK_DSTR:
588 printf(" DialString");
589 break;
590 case CALLBACK_LID:
591 printf(" LocalID");
592 break;
593 case CALLBACK_E164:
594 printf(" E.164");
595 break;
596 case CALLBACK_X500:
597 printf(" X.500");
598 break;
599 case CALLBACK_CBCP:
600 printf(" CBCP");
601 break;
602 default:
603 printf(" unknown-operation=%u", p[2]);
604 break;
605 }
606 break;
607 case LCPOPT_MLMRRU:
608 if (len == 4)
609 printf("=%u", EXTRACT_16BITS(p + 2));
610 break;
611 case LCPOPT_MLED:
612 if (len < 3)
613 break;
614 switch (p[2]) { /* class */
615 case MEDCLASS_NULL:
616 printf(" Null");
617 break;
618 case MEDCLASS_LOCAL:
619 printf(" Local"); /* XXX */
620 break;
621 case MEDCLASS_IPV4:
622 if (len != 7)
623 break;
624 printf(" IPv4=%s", ipaddr_string(p + 3));
625 break;
626 case MEDCLASS_MAC:
627 if (len != 9)
628 break;
629 printf(" MAC=%02x:%02x:%02x:%02x:%02x:%02x",
630 p[3], p[4], p[5], p[6], p[7], p[8]);
631 break;
632 case MEDCLASS_MNB:
633 printf(" Magic-Num-Block"); /* XXX */
634 break;
635 case MEDCLASS_PSNDN:
636 printf(" PSNDN"); /* XXX */
637 break;
638 }
639 break;
640
641 /* XXX: to be supported */
642 #if 0
643 case LCPOPT_DEP6:
644 case LCPOPT_FCSALT:
645 case LCPOPT_SDP:
646 case LCPOPT_NUMMODE:
647 case LCPOPT_DEP12:
648 case LCPOPT_DEP14:
649 case LCPOPT_DEP15:
650 case LCPOPT_DEP16:
651 case LCPOPT_MLSSNHF:
652 case LCPOPT_PROP:
653 case LCPOPT_DCEID:
654 case LCPOPT_MPP:
655 case LCPOPT_LCPAOPT:
656 case LCPOPT_COBS:
657 case LCPOPT_PE:
658 case LCPOPT_MLHF:
659 case LCPOPT_I18N:
660 case LCPOPT_SDLOS:
661 case LCPOPT_PPPMUX:
662 break;
663 #endif
664 }
665 return len;
666 }
667
668 /* CHAP */
669 static void
670 handle_chap(const u_char *p, int length)
671 {
672 u_int code, len;
673 int val_size, name_size, msg_size;
674 const u_char *p0;
675 int i;
676
677 p0 = p;
678 if (length < 1) {
679 printf("[|chap]");
680 return;
681 } else if (length < 4) {
682 printf("[|chap 0x%02x]", *p);
683 return;
684 }
685
686 code = *p;
687 if ((code >= CHAP_CODEMIN) && (code <= CHAP_CODEMAX))
688 printf("%s", chapcode[code - 1]);
689 else {
690 printf("0x%02x", code);
691 return;
692 }
693 p++;
694
695 printf("(%u)", *p); /* ID */
696 p++;
697
698 len = EXTRACT_16BITS(p);
699 p += 2;
700
701 /*
702 * Note that this is a generic CHAP decoding routine. Since we
703 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
704 * MS-CHAPv2) is used at this point, we can't decode packet
705 * specifically to each algorithms. Instead, we simply decode
706 * the GCD (Gratest Common Denominator) for all algorithms.
707 */
708 switch (code) {
709 case CHAP_CHAL:
710 case CHAP_RESP:
711 if (length - (p - p0) < 1)
712 return;
713 val_size = *p; /* value size */
714 p++;
715 if (length - (p - p0) < val_size)
716 return;
717 printf(", Value=");
718 for (i = 0; i < val_size; i++)
719 printf("%02x", *p++);
720 name_size = len - (p - p0);
721 printf(", Name=");
722 for (i = 0; i < name_size; i++)
723 safeputchar(*p++);
724 break;
725 case CHAP_SUCC:
726 case CHAP_FAIL:
727 msg_size = len - (p - p0);
728 printf(", Msg=");
729 for (i = 0; i< msg_size; i++)
730 safeputchar(*p++);
731 break;
732 }
733 }
734
735 /* PAP (see RFC 1334) */
736 static void
737 handle_pap(const u_char *p, int length)
738 {
739 u_int code, len;
740 int peerid_len, passwd_len, msg_len;
741 const u_char *p0;
742 int i;
743
744 p0 = p;
745 if (length < 1) {
746 printf("[|pap]");
747 return;
748 } else if (length < 4) {
749 printf("[|pap 0x%02x]", *p);
750 return;
751 }
752
753 code = *p;
754 if ((code >= PAP_CODEMIN) && (code <= PAP_CODEMAX))
755 printf("%s", papcode[code - 1]);
756 else {
757 printf("0x%02x", code);
758 return;
759 }
760 p++;
761
762 printf("(%u)", *p); /* ID */
763 p++;
764
765 len = EXTRACT_16BITS(p);
766 p += 2;
767
768 switch (code) {
769 case PAP_AREQ:
770 if (length - (p - p0) < 1)
771 return;
772 peerid_len = *p; /* Peer-ID Length */
773 p++;
774 if (length - (p - p0) < peerid_len)
775 return;
776 printf(", Peer=");
777 for (i = 0; i < peerid_len; i++)
778 safeputchar(*p++);
779
780 if (length - (p - p0) < 1)
781 return;
782 passwd_len = *p; /* Password Length */
783 p++;
784 if (length - (p - p0) < passwd_len)
785 return;
786 printf(", Name=");
787 for (i = 0; i < passwd_len; i++)
788 safeputchar(*p++);
789 break;
790 case PAP_AACK:
791 case PAP_ANAK:
792 if (length - (p - p0) < 1)
793 return;
794 msg_len = *p; /* Msg-Length */
795 p++;
796 if (length - (p - p0) < msg_len)
797 return;
798 printf(", Msg=");
799 for (i = 0; i< msg_len; i++)
800 safeputchar(*p++);
801 break;
802 }
803 return;
804 }
805
806 /* BAP */
807 static void
808 handle_bap(const u_char *p _U_, int length _U_)
809 {
810 /* XXX: to be supported!! */
811 }
812
813
814 /* IPCP config options */
815 static int
816 print_ipcp_config_options(const u_char *p, int length)
817 {
818 int len, opt;
819
820 if (length < 2)
821 return 0;
822 len = p[1];
823 opt = p[0];
824 if (length < len)
825 return 0;
826 switch (opt) {
827 case IPCPOPT_2ADDR: /* deprecated */
828 if (len != 10)
829 goto invlen;
830 printf(", IP-Addrs src=%s dst=%s",
831 ipaddr_string(p + 2),
832 ipaddr_string(p + 6));
833 break;
834 case IPCPOPT_IPCOMP:
835 if (len < 4)
836 goto invlen;
837 printf(", IP-Comp");
838 if (EXTRACT_16BITS(p + 2) == PPP_VJC) {
839 printf(" VJ-Comp");
840 /* XXX: VJ-Comp parameters should be decoded */
841 } else
842 printf(" unknown-comp-proto=%04x", EXTRACT_16BITS(p + 2));
843 break;
844 case IPCPOPT_ADDR:
845 if (len != 6)
846 goto invlen;
847 printf(", IP-Addr=%s", ipaddr_string(p + 2));
848 break;
849 case IPCPOPT_MOBILE4:
850 if (len != 6)
851 goto invlen;
852 printf(", Home-Addr=%s", ipaddr_string(p + 2));
853 break;
854 case IPCPOPT_PRIDNS:
855 if (len != 6)
856 goto invlen;
857 printf(", Pri-DNS=%s", ipaddr_string(p + 2));
858 break;
859 case IPCPOPT_PRINBNS:
860 if (len != 6)
861 goto invlen;
862 printf(", Pri-NBNS=%s", ipaddr_string(p + 2));
863 break;
864 case IPCPOPT_SECDNS:
865 if (len != 6)
866 goto invlen;
867 printf(", Sec-DNS=%s", ipaddr_string(p + 2));
868 break;
869 case IPCPOPT_SECNBNS:
870 if (len != 6)
871 goto invlen;
872 printf(", Sec-NBNS=%s", ipaddr_string(p + 2));
873 break;
874 default:
875 printf(", unknown-%d", opt);
876 break;
877 }
878 return len;
879
880 invlen:
881 printf(", invalid-length-%d", opt);
882 return 0;
883 }
884
885 /* CCP config options */
886 static int
887 print_ccp_config_options(const u_char *p, int length)
888 {
889 int len, opt;
890
891 if (length < 2)
892 return 0;
893 len = p[1];
894 opt = p[0];
895 if (length < len)
896 return 0;
897 if ((opt >= CCPOPT_MIN) && (opt <= CCPOPT_MAX))
898 printf(", %s", ccpconfopts[opt]);
899 #if 0 /* XXX */
900 switch (opt) {
901 case CCPOPT_OUI:
902 case CCPOPT_PRED1:
903 case CCPOPT_PRED2:
904 case CCPOPT_PJUMP:
905 case CCPOPT_HPPPC:
906 case CCPOPT_STACLZS:
907 case CCPOPT_MPPC:
908 case CCPOPT_GFZA:
909 case CCPOPT_V42BIS:
910 case CCPOPT_BSDCOMP:
911 case CCPOPT_LZSDCP:
912 case CCPOPT_MVRCA:
913 case CCPOPT_DEC:
914 case CCPOPT_DEFLATE:
915 case CCPOPT_RESV:
916 break;
917
918 default:
919 printf(", unknown-%d", opt);
920 break;
921 }
922 #endif
923 return len;
924 }
925
926 /* BACP config options */
927 static int
928 print_bacp_config_options(const u_char *p, int length)
929 {
930 int len, opt;
931
932 if (length < 2)
933 return 0;
934 len = p[1];
935 opt = p[0];
936 if (length < len)
937 return 0;
938 if (opt == BACPOPT_FPEER) {
939 printf(", Favored-Peer");
940 printf(" Magic-Num=%08x", EXTRACT_32BITS(p + 2));
941 } else {
942 printf(", unknown-option-%d", opt);
943 }
944 return len;
945 }
946
947
948 /* PPP */
949 static void
950 handle_ppp(u_int proto, const u_char *p, int length)
951 {
952 switch (proto) {
953 case PPP_LCP:
954 case PPP_IPCP:
955 case PPP_OSICP:
956 case PPP_MPLSCP:
957 case PPP_IPV6CP:
958 case PPP_CCP:
959 case PPP_BACP:
960 handle_ctrl_proto(proto, p, length);
961 break;
962 case PPP_CHAP:
963 handle_chap(p, length);
964 break;
965 case PPP_PAP:
966 handle_pap(p, length);
967 break;
968 case PPP_BAP: /* XXX: not yet completed */
969 handle_bap(p, length);
970 break;
971 case ETHERTYPE_IP: /*XXX*/
972 case PPP_IP:
973 ip_print(p, length);
974 break;
975 #ifdef INET6
976 case ETHERTYPE_IPV6: /*XXX*/
977 case PPP_IPV6:
978 ip6_print(p, length);
979 break;
980 #endif
981 case ETHERTYPE_IPX: /*XXX*/
982 case PPP_IPX:
983 ipx_print(p, length);
984 break;
985 case PPP_OSI:
986 isoclns_print(p, length, length, NULL, NULL);
987 break;
988 case PPP_MPLS_UCAST:
989 case PPP_MPLS_MCAST:
990 mpls_print(p, length);
991 break;
992 default:
993 printf("unknown PPP protocol (0x%04x)", proto);
994 print_unknown_data(p,"\n\t",length);
995 break;
996 }
997 }
998
999 /* Standard PPP printer */
1000 u_int
1001 ppp_print(register const u_char *p, u_int length)
1002 {
1003 u_int proto;
1004 u_int olen = length; /* _o_riginal length */
1005 u_int hdr_len = 0;
1006
1007 /*
1008 * Here, we assume that p points to the Address and Control
1009 * field (if they present).
1010 */
1011 if (length < 2)
1012 goto trunc;
1013 if (*p == PPP_ADDRESS && *(p + 1) == PPP_CONTROL) {
1014 p += 2; /* ACFC not used */
1015 length -= 2;
1016 hdr_len += 2;
1017 }
1018
1019 if (length < 2)
1020 goto trunc;
1021 if (*p % 2) {
1022 proto = *p; /* PFC is used */
1023 p++;
1024 length--;
1025 hdr_len++;
1026 } else {
1027 proto = EXTRACT_16BITS(p);
1028 p += 2;
1029 length -= 2;
1030 hdr_len += 2;
1031 }
1032
1033 if (eflag)
1034 printf("PPP-%s (0x%04x) length: %u, ",
1035 tok2str(ppptype2str, "unknown", proto),
1036 proto,
1037 olen);
1038
1039 handle_ppp(proto, p, length);
1040 return (hdr_len);
1041 trunc:
1042 printf("[|ppp]");
1043 return (0);
1044 }
1045
1046
1047 /* PPP I/F printer */
1048 u_int
1049 ppp_if_print(const struct pcap_pkthdr *h, register const u_char *p)
1050 {
1051 register u_int length = h->len;
1052 register u_int caplen = h->caplen;
1053
1054 if (caplen < PPP_HDRLEN) {
1055 printf("[|ppp]");
1056 return (caplen);
1057 }
1058
1059 #if 0
1060 /*
1061 * XXX: seems to assume that there are 2 octets prepended to an
1062 * actual PPP frame. The 1st octet looks like Input/Output flag
1063 * while 2nd octet is unknown, at least to me
1064 * (mshindo@mshindo.net).
1065 *
1066 * That was what the original tcpdump code did.
1067 *
1068 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1069 * packets and 0 for inbound packets - but only if the
1070 * protocol field has the 0x8000 bit set (i.e., it's a network
1071 * control protocol); it does so before running the packet through
1072 * "bpf_filter" to see if it should be discarded, and to see
1073 * if we should update the time we sent the most recent packet...
1074 *
1075 * ...but it puts the original address field back after doing
1076 * so.
1077 *
1078 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1079 *
1080 * I don't know if any PPP implementation handed up to a BPF
1081 * device packets with the first octet being 1 for outbound and
1082 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1083 * whether that ever needs to be checked or not.
1084 *
1085 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1086 * and its tcpdump appears to assume that the frame always
1087 * begins with an address field and a control field, and that
1088 * the address field might be 0x0f or 0x8f, for Cisco
1089 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1090 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1091 * RFC 1662.
1092 *
1093 * (Is the Cisco framing in question what DLT_C_HDLC, in
1094 * BSD/OS, is?)
1095 */
1096 if (eflag)
1097 printf("%c %4d %02x ", p[0] ? 'O' : 'I', length, p[1]);
1098 #endif
1099
1100 ppp_print(p, length);
1101
1102 return (0);
1103 }
1104
1105 /*
1106 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1107 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1108 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1109 * discard them *if* those are the first two octets, and parse the remaining
1110 * packet as a PPP packet, as "ppp_print()" does).
1111 *
1112 * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1113 */
1114 u_int
1115 ppp_hdlc_if_print(const struct pcap_pkthdr *h, register const u_char *p)
1116 {
1117 register u_int length = h->len;
1118 register u_int caplen = h->caplen;
1119 u_int proto;
1120 u_int hdrlen = 0;
1121
1122 if (caplen < 2) {
1123 printf("[|ppp]");
1124 return (caplen);
1125 }
1126
1127 switch (p[0]) {
1128
1129 case PPP_ADDRESS:
1130 if (caplen < 4) {
1131 printf("[|ppp]");
1132 return (caplen);
1133 }
1134
1135 if (eflag)
1136 printf("%02x %02x %d ", p[0], p[1], length);
1137 p += 2;
1138 length -= 2;
1139 hdrlen += 2;
1140
1141 proto = EXTRACT_16BITS(p);
1142 p += 2;
1143 length -= 2;
1144 hdrlen += 2;
1145 printf("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
1146
1147 handle_ppp(proto, p, length);
1148 break;
1149
1150 case CHDLC_UNICAST:
1151 case CHDLC_BCAST:
1152 return (chdlc_if_print(h, p));
1153
1154 default:
1155 if (eflag)
1156 printf("%02x %02x %d ", p[0], p[1], length);
1157 p += 2;
1158 length -= 2;
1159 hdrlen += 2;
1160
1161 /*
1162 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1163 * the next two octets as an Ethernet type; does that
1164 * ever happen?
1165 */
1166 printf("unknown addr %02x; ctrl %02x", p[0], p[1]);
1167 break;
1168 }
1169
1170 return (hdrlen);
1171 }
1172
1173 #define PPP_BSDI_HDRLEN 24
1174
1175 /* BSD/OS specific PPP printer */
1176 u_int
1177 ppp_bsdos_if_print(const struct pcap_pkthdr *h _U_, register const u_char *p _U_)
1178 {
1179 register int hdrlength;
1180 #ifdef __bsdi__
1181 register u_int length = h->len;
1182 register u_int caplen = h->caplen;
1183 u_int16_t ptype;
1184 const u_char *q;
1185 int i;
1186
1187 if (caplen < PPP_BSDI_HDRLEN) {
1188 printf("[|ppp]");
1189 return (caplen)
1190 }
1191
1192 hdrlength = 0;
1193
1194 #if 0
1195 if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) {
1196 if (eflag)
1197 printf("%02x %02x ", p[0], p[1]);
1198 p += 2;
1199 hdrlength = 2;
1200 }
1201
1202 if (eflag)
1203 printf("%d ", length);
1204 /* Retrieve the protocol type */
1205 if (*p & 01) {
1206 /* Compressed protocol field */
1207 ptype = *p;
1208 if (eflag)
1209 printf("%02x ", ptype);
1210 p++;
1211 hdrlength += 1;
1212 } else {
1213 /* Un-compressed protocol field */
1214 ptype = ntohs(*(u_int16_t *)p);
1215 if (eflag)
1216 printf("%04x ", ptype);
1217 p += 2;
1218 hdrlength += 2;
1219 }
1220 #else
1221 ptype = 0; /*XXX*/
1222 if (eflag)
1223 printf("%c ", p[SLC_DIR] ? 'O' : 'I');
1224 if (p[SLC_LLHL]) {
1225 /* link level header */
1226 struct ppp_header *ph;
1227
1228 q = p + SLC_BPFHDRLEN;
1229 ph = (struct ppp_header *)q;
1230 if (ph->phdr_addr == PPP_ADDRESS
1231 && ph->phdr_ctl == PPP_CONTROL) {
1232 if (eflag)
1233 printf("%02x %02x ", q[0], q[1]);
1234 ptype = ntohs(ph->phdr_type);
1235 if (eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1236 printf("%s ", tok2str(ppptype2str,
1237 "proto-#%d", ptype));
1238 }
1239 } else {
1240 if (eflag) {
1241 printf("LLH=[");
1242 for (i = 0; i < p[SLC_LLHL]; i++)
1243 printf("%02x", q[i]);
1244 printf("] ");
1245 }
1246 }
1247 }
1248 if (eflag)
1249 printf("%d ", length);
1250 if (p[SLC_CHL]) {
1251 q = p + SLC_BPFHDRLEN + p[SLC_LLHL];
1252
1253 switch (ptype) {
1254 case PPP_VJC:
1255 ptype = vjc_print(q, ptype);
1256 hdrlength = PPP_BSDI_HDRLEN;
1257 p += hdrlength;
1258 switch (ptype) {
1259 case PPP_IP:
1260 ip_print(p, length);
1261 break;
1262 #ifdef INET6
1263 case PPP_IPV6:
1264 ip6_print(p, length);
1265 break;
1266 #endif
1267 case PPP_MPLS_UCAST:
1268 case PPP_MPLS_MCAST:
1269 mpls_print(p, length);
1270 break;
1271 }
1272 goto printx;
1273 case PPP_VJNC:
1274 ptype = vjc_print(q, ptype);
1275 hdrlength = PPP_BSDI_HDRLEN;
1276 p += hdrlength;
1277 switch (ptype) {
1278 case PPP_IP:
1279 ip_print(p, length);
1280 break;
1281 #ifdef INET6
1282 case PPP_IPV6:
1283 ip6_print(p, length);
1284 break;
1285 #endif
1286 case PPP_MPLS_UCAST:
1287 case PPP_MPLS_MCAST:
1288 mpls_print(p, length);
1289 break;
1290 }
1291 goto printx;
1292 default:
1293 if (eflag) {
1294 printf("CH=[");
1295 for (i = 0; i < p[SLC_LLHL]; i++)
1296 printf("%02x", q[i]);
1297 printf("] ");
1298 }
1299 break;
1300 }
1301 }
1302
1303 hdrlength = PPP_BSDI_HDRLEN;
1304 #endif
1305
1306 length -= hdrlength;
1307 p += hdrlength;
1308
1309 switch (ptype) {
1310 case PPP_IP:
1311 ip_print(p, length);
1312 break;
1313 #ifdef INET6
1314 case PPP_IPV6:
1315 ip6_print(p, length);
1316 break;
1317 #endif
1318 case PPP_MPLS_UCAST:
1319 case PPP_MPLS_MCAST:
1320 mpls_print(p, length);
1321 break;
1322 default:
1323 printf("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype));
1324 }
1325
1326 printx:
1327 #else /* __bsdi */
1328 hdrlength = 0;
1329 #endif /* __bsdi__ */
1330 return (hdrlength);
1331 }
[mirror] the TCPdump network dissector