]> The Tcpdump Group git mirrors - tcpdump/blob - print.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Retire BSD/OS support.
[tcpdump] / print.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Support for splitting captures into multiple files with a maximum
22 * file size:
23 *
24 * Copyright (c) 2001
25 * Seth Webster <swebster@sst.ll.mit.edu>
26 */
27
28 #ifdef HAVE_CONFIG_H
29 #include <config.h>
30 #endif
31
32 #include <stdlib.h>
33 #include <string.h>
34 #include <setjmp.h>
35
36 #include "netdissect-stdinc.h"
37
38 #include "netdissect.h"
39 #include "addrtoname.h"
40 #include "print.h"
41 #include "netdissect-alloc.h"
42
43 #include "pcap-missing.h"
44
45 struct printer {
46 if_printer f;
47 int type;
48 };
49
50 static const struct printer printers[] = {
51 #ifdef DLT_APPLE_IP_OVER_IEEE1394
52 { ap1394_if_print, DLT_APPLE_IP_OVER_IEEE1394 },
53 #endif
54 { arcnet_if_print, DLT_ARCNET },
55 #ifdef DLT_ARCNET_LINUX
56 { arcnet_linux_if_print, DLT_ARCNET_LINUX },
57 #endif
58 { atm_if_print, DLT_ATM_RFC1483 },
59 #ifdef DLT_DSA_TAG_BRCM
60 { brcm_tag_if_print, DLT_DSA_TAG_BRCM },
61 #endif
62 #ifdef DLT_DSA_TAG_BRCM_PREPEND
63 { brcm_tag_prepend_if_print, DLT_DSA_TAG_BRCM_PREPEND },
64 #endif
65 #ifdef DLT_BLUETOOTH_HCI_H4_WITH_PHDR
66 { bt_if_print, DLT_BLUETOOTH_HCI_H4_WITH_PHDR},
67 #endif
68 #ifdef DLT_C_HDLC
69 { chdlc_if_print, DLT_C_HDLC },
70 #endif
71 #ifdef DLT_HDLC
72 { chdlc_if_print, DLT_HDLC },
73 #endif
74 #ifdef DLT_ATM_CLIP
75 { cip_if_print, DLT_ATM_CLIP },
76 #endif
77 #ifdef DLT_CIP
78 { cip_if_print, DLT_CIP },
79 #endif
80 #ifdef DLT_DSA_TAG_DSA
81 { dsa_if_print, DLT_DSA_TAG_DSA },
82 #endif
83 #ifdef DLT_DSA_TAG_EDSA
84 { edsa_if_print, DLT_DSA_TAG_EDSA },
85 #endif
86 #ifdef DLT_ENC
87 { enc_if_print, DLT_ENC },
88 #endif
89 { ether_if_print, DLT_EN10MB },
90 { fddi_if_print, DLT_FDDI },
91 #ifdef DLT_FR
92 { fr_if_print, DLT_FR },
93 #endif
94 #ifdef DLT_FRELAY
95 { fr_if_print, DLT_FRELAY },
96 #endif
97 #ifdef DLT_IEEE802_11
98 { ieee802_11_if_print, DLT_IEEE802_11},
99 #endif
100 #ifdef DLT_IEEE802_11_RADIO_AVS
101 { ieee802_11_radio_avs_if_print, DLT_IEEE802_11_RADIO_AVS },
102 #endif
103 #ifdef DLT_IEEE802_11_RADIO
104 { ieee802_11_radio_if_print, DLT_IEEE802_11_RADIO },
105 #endif
106 #ifdef DLT_IEEE802_15_4
107 { ieee802_15_4_if_print, DLT_IEEE802_15_4 },
108 #endif
109 #ifdef DLT_IEEE802_15_4_NOFCS
110 { ieee802_15_4_if_print, DLT_IEEE802_15_4_NOFCS },
111 #endif
112 #ifdef DLT_IEEE802_15_4_TAP
113 { ieee802_15_4_tap_if_print, DLT_IEEE802_15_4_TAP },
114 #endif
115 #ifdef DLT_IP_OVER_FC
116 { ipfc_if_print, DLT_IP_OVER_FC },
117 #endif
118 #ifdef DLT_IPNET
119 { ipnet_if_print, DLT_IPNET },
120 #endif
121 #ifdef DLT_IPOIB
122 { ipoib_if_print, DLT_IPOIB },
123 #endif
124 #ifdef DLT_JUNIPER_ATM1
125 { juniper_atm1_if_print, DLT_JUNIPER_ATM1 },
126 #endif
127 #ifdef DLT_JUNIPER_ATM2
128 { juniper_atm2_if_print, DLT_JUNIPER_ATM2 },
129 #endif
130 #ifdef DLT_JUNIPER_CHDLC
131 { juniper_chdlc_if_print, DLT_JUNIPER_CHDLC },
132 #endif
133 #ifdef DLT_JUNIPER_ES
134 { juniper_es_if_print, DLT_JUNIPER_ES },
135 #endif
136 #ifdef DLT_JUNIPER_ETHER
137 { juniper_ether_if_print, DLT_JUNIPER_ETHER },
138 #endif
139 #ifdef DLT_JUNIPER_FRELAY
140 { juniper_frelay_if_print, DLT_JUNIPER_FRELAY },
141 #endif
142 #ifdef DLT_JUNIPER_GGSN
143 { juniper_ggsn_if_print, DLT_JUNIPER_GGSN },
144 #endif
145 #ifdef DLT_JUNIPER_MFR
146 { juniper_mfr_if_print, DLT_JUNIPER_MFR },
147 #endif
148 #ifdef DLT_JUNIPER_MLFR
149 { juniper_mlfr_if_print, DLT_JUNIPER_MLFR },
150 #endif
151 #ifdef DLT_JUNIPER_MLPPP
152 { juniper_mlppp_if_print, DLT_JUNIPER_MLPPP },
153 #endif
154 #ifdef DLT_JUNIPER_MONITOR
155 { juniper_monitor_if_print, DLT_JUNIPER_MONITOR },
156 #endif
157 #ifdef DLT_JUNIPER_PPP
158 { juniper_ppp_if_print, DLT_JUNIPER_PPP },
159 #endif
160 #ifdef DLT_JUNIPER_PPPOE_ATM
161 { juniper_pppoe_atm_if_print, DLT_JUNIPER_PPPOE_ATM },
162 #endif
163 #ifdef DLT_JUNIPER_PPPOE
164 { juniper_pppoe_if_print, DLT_JUNIPER_PPPOE },
165 #endif
166 #ifdef DLT_JUNIPER_SERVICES
167 { juniper_services_if_print, DLT_JUNIPER_SERVICES },
168 #endif
169 #ifdef DLT_LTALK
170 { ltalk_if_print, DLT_LTALK },
171 #endif
172 #ifdef DLT_MFR
173 { mfr_if_print, DLT_MFR },
174 #endif
175 #ifdef DLT_NETANALYZER
176 { netanalyzer_if_print, DLT_NETANALYZER },
177 #endif
178 #ifdef DLT_NETANALYZER_TRANSPARENT
179 { netanalyzer_transparent_if_print, DLT_NETANALYZER_TRANSPARENT },
180 #endif
181 #ifdef DLT_NFLOG
182 { nflog_if_print, DLT_NFLOG},
183 #endif
184 { null_if_print, DLT_NULL },
185 #ifdef DLT_LOOP
186 { null_if_print, DLT_LOOP },
187 #endif
188 #ifdef DLT_PFLOG
189 { pflog_if_print, DLT_PFLOG },
190 #endif
191 #ifdef DLT_PKTAP
192 { pktap_if_print, DLT_PKTAP },
193 #endif
194 #ifdef DLT_PPI
195 { ppi_if_print, DLT_PPI },
196 #endif
197 #ifdef DLT_PPP_SERIAL
198 { ppp_hdlc_if_print, DLT_PPP_SERIAL },
199 #endif
200 { ppp_if_print, DLT_PPP },
201 #ifdef DLT_PPP_PPPD
202 { ppp_if_print, DLT_PPP_PPPD },
203 #endif
204 #ifdef DLT_PPP_ETHER
205 { pppoe_if_print, DLT_PPP_ETHER },
206 #endif
207 #ifdef DLT_PRISM_HEADER
208 { prism_if_print, DLT_PRISM_HEADER },
209 #endif
210 { raw_if_print, DLT_RAW },
211 #ifdef DLT_IPV4
212 { raw_if_print, DLT_IPV4 },
213 #endif
214 #ifdef DLT_IPV6
215 { raw_if_print, DLT_IPV6 },
216 #endif
217 #ifdef DLT_SLIP_BSDOS
218 { sl_bsdos_if_print, DLT_SLIP_BSDOS },
219 #endif
220 { sl_if_print, DLT_SLIP },
221 #ifdef DLT_LINUX_SLL
222 { sll_if_print, DLT_LINUX_SLL },
223 #endif
224 #ifdef DLT_LINUX_SLL2
225 { sll2_if_print, DLT_LINUX_SLL2 },
226 #endif
227 #ifdef DLT_SUNATM
228 { sunatm_if_print, DLT_SUNATM },
229 #endif
230 #ifdef DLT_SYMANTEC_FIREWALL
231 { symantec_if_print, DLT_SYMANTEC_FIREWALL },
232 #endif
233 { token_if_print, DLT_IEEE802 },
234 #ifdef DLT_USB_LINUX
235 { usb_linux_48_byte_if_print, DLT_USB_LINUX},
236 #endif /* DLT_USB_LINUX */
237 #ifdef DLT_USB_LINUX_MMAPPED
238 { usb_linux_64_byte_if_print, DLT_USB_LINUX_MMAPPED},
239 #endif /* DLT_USB_LINUX_MMAPPED */
240 #ifdef DLT_VSOCK
241 { vsock_if_print, DLT_VSOCK },
242 #endif
243 { NULL, 0 },
244 };
245
246 void
247 init_print(netdissect_options *ndo, uint32_t localnet, uint32_t mask)
248 {
249 init_addrtoname(ndo, localnet, mask);
250 }
251
252 if_printer
253 lookup_printer(int type)
254 {
255 const struct printer *p;
256
257 for (p = printers; p->f; ++p)
258 if (type == p->type)
259 return p->f;
260
261 #if defined(DLT_USER2) && defined(DLT_PKTAP)
262 /*
263 * Apple incorrectly chose to use DLT_USER2 for their PKTAP
264 * header.
265 *
266 * We map DLT_PKTAP, whether it's DLT_USER2 as it is on Darwin-
267 * based OSes or the same value as LINKTYPE_PKTAP as it is on
268 * other OSes, to LINKTYPE_PKTAP, so files written with
269 * this version of libpcap for a DLT_PKTAP capture have a link-
270 * layer header type of LINKTYPE_PKTAP.
271 *
272 * However, files written on OS X Mavericks for a DLT_PKTAP
273 * capture have a link-layer header type of LINKTYPE_USER2.
274 * If we don't have a printer for DLT_USER2, and type is
275 * DLT_USER2, we look up the printer for DLT_PKTAP and use
276 * that.
277 */
278 if (type == DLT_USER2) {
279 for (p = printers; p->f; ++p)
280 if (DLT_PKTAP == p->type)
281 return p->f;
282 }
283 #endif
284
285 return NULL;
286 /* NOTREACHED */
287 }
288
289 int
290 has_printer(int type)
291 {
292 return (lookup_printer(type) != NULL);
293 }
294
295 if_printer
296 get_if_printer(int type)
297 {
298 if_printer printer;
299
300 printer = lookup_printer(type);
301 if (printer == NULL)
302 printer = unsupported_if_print;
303 return printer;
304 }
305
306 #ifdef ENABLE_INSTRUMENT_FUNCTIONS
307 extern int profile_func_level;
308 static int pretty_print_packet_level = -1;
309 #endif
310
311 void
312 pretty_print_packet(netdissect_options *ndo, const struct pcap_pkthdr *h,
313 const u_char *sp, u_int packets_captured)
314 {
315 u_int hdrlen = 0;
316 int invalid_header = 0;
317
318 if (ndo->ndo_print_sampling && packets_captured % ndo->ndo_print_sampling != 0)
319 return;
320
321 #ifdef ENABLE_INSTRUMENT_FUNCTIONS
322 if (pretty_print_packet_level == -1)
323 pretty_print_packet_level = profile_func_level;
324 #endif
325
326 if (ndo->ndo_packet_number)
327 ND_PRINT("%5u ", packets_captured);
328
329 if (ndo->ndo_lengths)
330 ND_PRINT("caplen %u len %u ", h->caplen, h->len);
331
332 /* Sanity checks on packet length / capture length */
333 if (h->caplen == 0) {
334 invalid_header = 1;
335 ND_PRINT("[Invalid header: caplen==0");
336 }
337 if (h->len == 0) {
338 if (!invalid_header) {
339 invalid_header = 1;
340 ND_PRINT("[Invalid header:");
341 } else
342 ND_PRINT(",");
343 ND_PRINT(" len==0");
344 } else if (h->len < h->caplen) {
345 if (!invalid_header) {
346 invalid_header = 1;
347 ND_PRINT("[Invalid header:");
348 } else
349 ND_PRINT(",");
350 ND_PRINT(" len(%u) < caplen(%u)", h->len, h->caplen);
351 }
352 if (h->caplen > MAXIMUM_SNAPLEN) {
353 if (!invalid_header) {
354 invalid_header = 1;
355 ND_PRINT("[Invalid header:");
356 } else
357 ND_PRINT(",");
358 ND_PRINT(" caplen(%u) > %u", h->caplen, MAXIMUM_SNAPLEN);
359 }
360 if (h->len > MAXIMUM_SNAPLEN) {
361 if (!invalid_header) {
362 invalid_header = 1;
363 ND_PRINT("[Invalid header:");
364 } else
365 ND_PRINT(",");
366 ND_PRINT(" len(%u) > %u", h->len, MAXIMUM_SNAPLEN);
367 }
368 if (invalid_header) {
369 ND_PRINT("]\n");
370 return;
371 }
372
373 /*
374 * At this point:
375 * capture length != 0,
376 * packet length != 0,
377 * capture length <= MAXIMUM_SNAPLEN,
378 * packet length <= MAXIMUM_SNAPLEN,
379 * packet length >= capture length.
380 *
381 * Currently, there is no D-Bus printer, thus no need for
382 * bigger lengths.
383 */
384
385 /*
386 * The header /usr/include/pcap/pcap.h in OpenBSD declares h->ts as
387 * struct bpf_timeval, not struct timeval. The former comes from
388 * /usr/include/net/bpf.h and uses 32-bit unsigned types instead of
389 * the types used in struct timeval.
390 */
391 struct timeval tvbuf;
392 tvbuf.tv_sec = h->ts.tv_sec;
393 tvbuf.tv_usec = h->ts.tv_usec;
394 ts_print(ndo, &tvbuf);
395
396 /*
397 * Printers must check that they're not walking off the end of
398 * the packet.
399 * Rather than pass it all the way down, we set this member
400 * of the netdissect_options structure.
401 */
402 ndo->ndo_snapend = sp + h->caplen;
403 ndo->ndo_packetp = sp;
404
405 ndo->ndo_protocol = "";
406 ndo->ndo_ll_hdr_len = 0;
407 switch (setjmp(ndo->ndo_early_end)) {
408 case 0:
409 /* Print the packet. */
410 (ndo->ndo_if_printer)(ndo, h, sp);
411 break;
412 case ND_TRUNCATED:
413 /* A printer quit because the packet was truncated; report it */
414 nd_print_trunc(ndo);
415 /* Print the full packet */
416 ndo->ndo_ll_hdr_len = 0;
417 #ifdef ENABLE_INSTRUMENT_FUNCTIONS
418 /* truncation => reassignment */
419 profile_func_level = pretty_print_packet_level;
420 #endif
421 break;
422 }
423 hdrlen = ndo->ndo_ll_hdr_len;
424
425 /*
426 * Empty the stack of packet information, freeing all pushed buffers;
427 * if we got here by a printer quitting, we need to release anything
428 * that didn't get released because we longjmped out of the code
429 * before it popped the packet information.
430 */
431 nd_pop_all_packet_info(ndo);
432
433 /*
434 * Restore the original snapend, as a printer might have
435 * changed it.
436 */
437 ndo->ndo_snapend = sp + h->caplen;
438 if (ndo->ndo_Xflag) {
439 /*
440 * Print the raw packet data in hex and ASCII.
441 */
442 if (ndo->ndo_Xflag > 1) {
443 /*
444 * Include the link-layer header.
445 */
446 hex_and_ascii_print(ndo, "\n\t", sp, h->caplen);
447 } else {
448 /*
449 * Don't include the link-layer header - and if
450 * we have nothing past the link-layer header,
451 * print nothing.
452 */
453 if (h->caplen > hdrlen)
454 hex_and_ascii_print(ndo, "\n\t", sp + hdrlen,
455 h->caplen - hdrlen);
456 }
457 } else if (ndo->ndo_xflag) {
458 /*
459 * Print the raw packet data in hex.
460 */
461 if (ndo->ndo_xflag > 1) {
462 /*
463 * Include the link-layer header.
464 */
465 hex_print(ndo, "\n\t", sp, h->caplen);
466 } else {
467 /*
468 * Don't include the link-layer header - and if
469 * we have nothing past the link-layer header,
470 * print nothing.
471 */
472 if (h->caplen > hdrlen)
473 hex_print(ndo, "\n\t", sp + hdrlen,
474 h->caplen - hdrlen);
475 }
476 } else if (ndo->ndo_Aflag) {
477 /*
478 * Print the raw packet data in ASCII.
479 */
480 if (ndo->ndo_Aflag > 1) {
481 /*
482 * Include the link-layer header.
483 */
484 ascii_print(ndo, sp, h->caplen);
485 } else {
486 /*
487 * Don't include the link-layer header - and if
488 * we have nothing past the link-layer header,
489 * print nothing.
490 */
491 if (h->caplen > hdrlen)
492 ascii_print(ndo, sp + hdrlen, h->caplen - hdrlen);
493 }
494 }
495
496 ND_PRINT("\n");
497 nd_free_all(ndo);
498 }
499
500 /*
501 * By default, print the specified data out in hex and ASCII.
502 */
503 static void
504 ndo_default_print(netdissect_options *ndo, const u_char *bp, u_int length)
505 {
506 hex_and_ascii_print(ndo, "\n\t", bp, length); /* pass on lf and indentation string */
507 }
508
509 /* VARARGS */
510 static void NORETURN PRINTFLIKE(3, 4)
511 ndo_error(netdissect_options *ndo, status_exit_codes_t status,
512 FORMAT_STRING(const char *fmt), ...)
513 {
514 va_list ap;
515
516 if (ndo->program_name)
517 (void)fprintf(stderr, "%s: ", ndo->program_name);
518 va_start(ap, fmt);
519 (void)vfprintf(stderr, fmt, ap);
520 va_end(ap);
521 if (*fmt) {
522 fmt += strlen(fmt);
523 if (fmt[-1] != '\n')
524 (void)fputc('\n', stderr);
525 }
526 nd_cleanup();
527 exit(status);
528 /* NOTREACHED */
529 }
530
531 /* VARARGS */
532 static void PRINTFLIKE(2, 3)
533 ndo_warning(netdissect_options *ndo, FORMAT_STRING(const char *fmt), ...)
534 {
535 va_list ap;
536
537 if (ndo->program_name)
538 (void)fprintf(stderr, "%s: ", ndo->program_name);
539 (void)fprintf(stderr, "WARNING: ");
540 va_start(ap, fmt);
541 (void)vfprintf(stderr, fmt, ap);
542 va_end(ap);
543 if (*fmt) {
544 fmt += strlen(fmt);
545 if (fmt[-1] != '\n')
546 (void)fputc('\n', stderr);
547 }
548 }
549
550 /* VARARGS */
551 static int PRINTFLIKE(2, 3)
552 ndo_printf(netdissect_options *ndo, FORMAT_STRING(const char *fmt), ...)
553 {
554 va_list args;
555 int ret;
556
557 va_start(args, fmt);
558 ret = vfprintf(stdout, fmt, args);
559 va_end(args);
560
561 if (ret < 0)
562 ndo_error(ndo, S_ERR_ND_WRITE_FILE,
563 "Unable to write output: %s", pcap_strerror(errno));
564 return (ret);
565 }
566
567 void
568 ndo_set_function_pointers(netdissect_options *ndo)
569 {
570 ndo->ndo_default_print=ndo_default_print;
571 ndo->ndo_printf=ndo_printf;
572 ndo->ndo_error=ndo_error;
573 ndo->ndo_warning=ndo_warning;
574 }
[mirror] the TCPdump network dissector