]> The Tcpdump Group git mirrors - tcpdump/blob - print-gre.c
projects / tcpdump / blob


25c6ac2f5566e684c57a6e88a4b726e1cf207923
[tcpdump] / print-gre.c
1 /* $OpenBSD: print-gre.c,v 1.6 2002/10/30 03:04:04 fgsch Exp $ */
2
3 /*
4 * Copyright (c) 2002 Jason L. Wright (jason@thought.net)
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
24 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
25 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 /* \summary: Generic Routing Encapsulation (GRE) printer */
30
31 /*
32 * netdissect printer for GRE - Generic Routing Encapsulation
33 * RFC 1701 (GRE), RFC 1702 (GRE IPv4), RFC 2637 (PPTP, which
34 * has an extended form of GRE), RFC 2784 (revised GRE, with
35 * R, K, S, and s bits and Recur and Offset fields now reserved
36 * in the header, and no optional Key or Sequence number in the
37 * header), and RFC 2890 (proposal to add back the K and S bits
38 * and the optional Key and Sequence number).
39 *
40 * The RFC 2637 PPTP GRE repurposes the Key field to hold a
41 * 16-bit Payload Length and a 16-bit Call ID.
42 *
43 * RFC 7637 (NVGRE) repurposes the Key field to hold a 24-bit
44 * Virtual Subnet ID (VSID) and an 8-bit FlowID.
45 */
46
47 #ifdef HAVE_CONFIG_H
48 #include <config.h>
49 #endif
50
51 #include "netdissect-stdinc.h"
52
53 #define ND_LONGJMP_FROM_TCHECK
54 #include "netdissect.h"
55 #include "addrtostr.h"
56 #include "extract.h"
57 #include "ethertype.h"
58
59
60 #define GRE_CP 0x8000 /* checksum present */
61 #define GRE_RP 0x4000 /* routing present */
62 #define GRE_KP 0x2000 /* key present */
63 #define GRE_SP 0x1000 /* sequence# present */
64 #define GRE_sP 0x0800 /* source routing */
65 #define GRE_AP 0x0080 /* acknowledgment# present */
66
67 static const struct tok gre_flag_values[] = {
68 { GRE_CP, "checksum present"},
69 { GRE_RP, "routing present"},
70 { GRE_KP, "key present"},
71 { GRE_SP, "sequence# present"},
72 { GRE_sP, "source routing present"},
73 { GRE_AP, "ack present"},
74 { 0, NULL }
75 };
76
77 #define GRE_RECRS_MASK 0x0700 /* recursion count */
78 #define GRE_VERS_MASK 0x0007 /* protocol version */
79
80 /* source route entry types */
81 #define GRESRE_IP 0x0800 /* IP */
82 #define GRESRE_ASN 0xfffe /* ASN */
83
84 /*
85 * Ethertype values used for GRE (but not elsewhere?).
86 */
87 #define GRE_CDP 0x2000 /* Cisco Discovery Protocol */
88 #define GRE_NHRP 0x2001 /* Next Hop Resolution Protocol */
89 #define GRE_WCCP 0x883e /* Web Cache C* Protocol */
90
91 struct wccp_redirect {
92 nd_uint8_t flags;
93 #define WCCP_T (1 << 7)
94 #define WCCP_A (1 << 6)
95 #define WCCP_U (1 << 5)
96 nd_uint8_t ServiceId;
97 nd_uint8_t AltBucket;
98 nd_uint8_t PriBucket;
99 };
100
101 static void gre_print_0(netdissect_options *, const u_char *, u_int);
102 static void gre_print_1(netdissect_options *, const u_char *, u_int);
103 static int gre_sre_print(netdissect_options *, uint16_t, uint8_t, uint8_t, const u_char *, u_int);
104 static int gre_sre_ip_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
105 static int gre_sre_asn_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
106
107 void
108 gre_print(netdissect_options *ndo, const u_char *bp, u_int length)
109 {
110 u_int vers;
111
112 ndo->ndo_protocol = "gre";
113 nd_print_protocol_caps(ndo);
114 ND_ICHECK_U(length, <, 2);
115 vers = GET_BE_U_2(bp) & GRE_VERS_MASK;
116 ND_PRINT("v%u",vers);
117
118 switch(vers) {
119 case 0:
120 gre_print_0(ndo, bp, length);
121 break;
122 case 1:
123 gre_print_1(ndo, bp, length);
124 break;
125 default:
126 ND_PRINT(" ERROR: unknown-version");
127 break;
128 }
129 return;
130
131 invalid:
132 nd_print_invalid(ndo);
133 }
134
135 static void
136 gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
137 {
138 u_int len = length;
139 uint16_t flags, prot;
140
141 ND_ICHECK_U(len, <, 2);
142 flags = GET_BE_U_2(bp);
143 if (ndo->ndo_vflag)
144 ND_PRINT(", Flags [%s]",
145 bittok2str(gre_flag_values,"none",flags));
146
147 len -= 2;
148 bp += 2;
149
150 ND_ICHECK_U(len, <, 2);
151 prot = GET_BE_U_2(bp);
152 len -= 2;
153 bp += 2;
154
155 if ((flags & GRE_CP) | (flags & GRE_RP)) {
156 uint16_t sum;
157
158 ND_ICHECK_U(len, <, 2);
159 sum = GET_BE_U_2(bp);
160 if (ndo->ndo_vflag)
161 ND_PRINT(", sum 0x%x", sum);
162 bp += 2;
163 len -= 2;
164
165 ND_ICHECK_U(len, <, 2);
166 ND_PRINT(", off 0x%x", GET_BE_U_2(bp));
167 bp += 2;
168 len -= 2;
169 }
170
171 if (flags & GRE_KP) {
172 uint32_t key;
173
174 ND_ICHECK_U(len, <, 4);
175 key = GET_BE_U_4(bp);
176 bp += 4;
177 len -= 4;
178
179 /*
180 * OpenBSD shows this as both a 32-bit
181 * (decimal) key value and a VSID+FlowID
182 * pair, with the VSID in decimal and
183 * the FlowID in hex, as key=<Key>|<VSID>+<FlowID>,
184 * in case this is NVGRE.
185 */
186 ND_PRINT(", key=0x%x", key);
187 }
188
189 if (flags & GRE_SP) {
190 ND_ICHECK_U(len, <, 4);
191 ND_PRINT(", seq %u", GET_BE_U_4(bp));
192 bp += 4;
193 len -= 4;
194 }
195
196 if (flags & GRE_RP) {
197 for (;;) {
198 uint16_t af;
199 uint8_t sreoff;
200 uint8_t srelen;
201
202 ND_ICHECK_U(len, <, 4);
203 af = GET_BE_U_2(bp);
204 sreoff = GET_U_1(bp + 2);
205 srelen = GET_U_1(bp + 3);
206 bp += 4;
207 len -= 4;
208
209 if (af == 0 && srelen == 0)
210 break;
211
212 if (!gre_sre_print(ndo, af, sreoff, srelen, bp, len))
213 goto invalid;
214
215 ND_ICHECK_U(len, <, srelen);
216 bp += srelen;
217 len -= srelen;
218 }
219 }
220
221 if (ndo->ndo_eflag)
222 ND_PRINT(", proto %s (0x%04x)",
223 tok2str(ethertype_values,"unknown",prot), prot);
224
225 ND_PRINT(", length %u",length);
226
227 if (ndo->ndo_vflag < 1)
228 ND_PRINT(": "); /* put in a colon as protocol demarc */
229 else
230 ND_PRINT("\n\t"); /* if verbose go multiline */
231
232 switch (prot) {
233 case 0x0000:
234 /*
235 * 0x0000 is reserved, but Cisco, at least, appears to
236 * use it for keep-alives; see, for example,
237 * https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html#anc1
238 */
239 printf("keep-alive");
240 break;
241 case GRE_WCCP:
242 /*
243 * This is a bit weird.
244 *
245 * This may either just mean "IPv4" or it may mean
246 * "IPv4 preceded by a WCCP redirect header". We
247 * check to see if the first octet looks like the
248 * beginning of an IPv4 header and, if not, dissect
249 * it "IPv4 preceded by a WCCP redirect header",
250 * otherwise we dissect it as just IPv4.
251 *
252 * See "Packet redirection" in draft-forster-wrec-wccp-v1-00,
253 * section 4.12 "Traffic Forwarding" in
254 * draft-wilson-wrec-wccp-v2-01, and section 3.12.1
255 * "Forwarding using GRE Encapsulation" in
256 * draft-param-wccp-v2rev1-01.
257 */
258 ND_PRINT("wccp ");
259
260 ND_ICHECK_U(len, <, 1);
261 if (GET_U_1(bp) >> 4 != 4) {
262 /*
263 * First octet isn't 0x4*, so it's not IPv4.
264 */
265 const struct wccp_redirect *wccp;
266 uint8_t wccp_flags;
267
268 ND_ICHECK_ZU(len, <, sizeof(*wccp));
269 wccp = (const struct wccp_redirect *)bp;
270 wccp_flags = GET_U_1(wccp->flags);
271
272 ND_PRINT("T:%c A:%c U:%c SId:%u Alt:%u Pri:%u",
273 (wccp_flags & WCCP_T) ? '1' : '0',
274 (wccp_flags & WCCP_A) ? '1' : '0',
275 (wccp_flags & WCCP_U) ? '1' : '0',
276 GET_U_1(wccp->ServiceId),
277 GET_U_1(wccp->AltBucket),
278 GET_U_1(wccp->PriBucket));
279
280 bp += sizeof(*wccp);
281 len -= sizeof(*wccp);
282
283 printf(": ");
284 }
285 /* FALLTHROUGH */
286 case ETHERTYPE_IP:
287 ip_print(ndo, bp, len);
288 break;
289 case ETHERTYPE_IPV6:
290 ip6_print(ndo, bp, len);
291 break;
292 case ETHERTYPE_MPLS:
293 case ETHERTYPE_MPLS_MULTI:
294 mpls_print(ndo, bp, len);
295 break;
296 case ETHERTYPE_IPX:
297 ipx_print(ndo, bp, len);
298 break;
299 case ETHERTYPE_ATALK:
300 atalk_print(ndo, bp, len);
301 break;
302 case ETHERTYPE_GRE_ISO:
303 isoclns_print(ndo, bp, len);
304 break;
305 case ETHERTYPE_TEB:
306 ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL);
307 break;
308 case ETHERTYPE_NSH:
309 nsh_print(ndo, bp, len);
310 break;
311 case GRE_CDP:
312 cdp_print(ndo, bp, len);
313 break;
314 case GRE_NHRP:
315 nhrp_print(ndo, bp, len);
316 break;
317 default:
318 ND_PRINT("gre-proto-0x%x", prot);
319 }
320 return;
321
322 invalid:
323 nd_print_invalid(ndo);
324 }
325
326 static void
327 gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
328 {
329 u_int len = length;
330 uint16_t flags, prot;
331
332 ND_ICHECK_U(len, <, 2);
333 flags = GET_BE_U_2(bp);
334 len -= 2;
335 bp += 2;
336
337 if (ndo->ndo_vflag)
338 ND_PRINT(", Flags [%s]",
339 bittok2str(gre_flag_values,"none",flags));
340
341 ND_ICHECK_U(len, <, 2);
342 prot = GET_BE_U_2(bp);
343 len -= 2;
344 bp += 2;
345
346
347 if (flags & GRE_KP) {
348 uint32_t k;
349
350 ND_ICHECK_U(len, <, 4);
351 k = GET_BE_U_4(bp);
352 ND_PRINT(", call %u", k & 0xffff);
353 len -= 4;
354 bp += 4;
355 }
356
357 if (flags & GRE_SP) {
358 ND_ICHECK_U(len, <, 4);
359 ND_PRINT(", seq %u", GET_BE_U_4(bp));
360 bp += 4;
361 len -= 4;
362 }
363
364 if (flags & GRE_AP) {
365 ND_ICHECK_U(len, <, 4);
366 ND_PRINT(", ack %u", GET_BE_U_4(bp));
367 bp += 4;
368 len -= 4;
369 }
370
371 if ((flags & GRE_SP) == 0)
372 ND_PRINT(", no-payload");
373
374 if (ndo->ndo_eflag)
375 ND_PRINT(", proto %s (0x%04x)",
376 tok2str(ethertype_values,"unknown",prot), prot);
377
378 ND_PRINT(", length %u",length);
379
380 if ((flags & GRE_SP) == 0)
381 return;
382
383 if (ndo->ndo_vflag < 1)
384 ND_PRINT(": "); /* put in a colon as protocol demarc */
385 else
386 ND_PRINT("\n\t"); /* if verbose go multiline */
387
388 switch (prot) {
389 case ETHERTYPE_PPP:
390 ppp_print(ndo, bp, len);
391 break;
392 default:
393 ND_PRINT("gre-proto-0x%x", prot);
394 break;
395 }
396 return;
397
398 invalid:
399 nd_print_invalid(ndo);
400 }
401
402 static int
403 gre_sre_print(netdissect_options *ndo, uint16_t af, uint8_t sreoff,
404 uint8_t srelen, const u_char *bp, u_int len)
405 {
406 int ret;
407
408 switch (af) {
409 case GRESRE_IP:
410 ND_PRINT(", (rtaf=ip");
411 ret = gre_sre_ip_print(ndo, sreoff, srelen, bp, len);
412 ND_PRINT(")");
413 break;
414 case GRESRE_ASN:
415 ND_PRINT(", (rtaf=asn");
416 ret = gre_sre_asn_print(ndo, sreoff, srelen, bp, len);
417 ND_PRINT(")");
418 break;
419 default:
420 ND_PRINT(", (rtaf=0x%x)", af);
421 ret = 1;
422 }
423 return (ret);
424 }
425
426 static int
427 gre_sre_ip_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
428 const u_char *bp, u_int len)
429 {
430 const u_char *up = bp;
431 char buf[INET_ADDRSTRLEN];
432
433 if (sreoff & 3) {
434 ND_PRINT(", badoffset=%u", sreoff);
435 goto invalid;
436 }
437 if (srelen & 3) {
438 ND_PRINT(", badlength=%u", srelen);
439 goto invalid;
440 }
441 if (sreoff >= srelen) {
442 ND_PRINT(", badoff/len=%u/%u", sreoff, srelen);
443 goto invalid;
444 }
445
446 while (srelen != 0) {
447 ND_ICHECK_U(len, <, 4);
448
449 ND_TCHECK_LEN(bp, sizeof(nd_ipv4));
450 addrtostr(bp, buf, sizeof(buf));
451 ND_PRINT(" %s%s",
452 ((bp - up) == sreoff) ? "*" : "", buf);
453
454 bp += 4;
455 len -= 4;
456 srelen -= 4;
457 }
458 return 1;
459
460 invalid:
461 return 0;
462 }
463
464 static int
465 gre_sre_asn_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
466 const u_char *bp, u_int len)
467 {
468 const u_char *up = bp;
469
470 if (sreoff & 1) {
471 ND_PRINT(", badoffset=%u", sreoff);
472 goto invalid;
473 }
474 if (srelen & 1) {
475 ND_PRINT(", badlength=%u", srelen);
476 goto invalid;
477 }
478 if (sreoff >= srelen) {
479 ND_PRINT(", badoff/len=%u/%u", sreoff, srelen);
480 goto invalid;
481 }
482
483 while (srelen != 0) {
484 ND_ICHECK_U(len, <, 2);
485
486 ND_PRINT(" %s%x",
487 ((bp - up) == sreoff) ? "*" : "", GET_BE_U_2(bp));
488
489 bp += 2;
490 len -= 2;
491 srelen -= 2;
492 }
493 return 1;
494
495 invalid:
496 return 0;
497 }
[mirror] the TCPdump network dissector