]> The Tcpdump Group git mirrors - tcpdump/blob - print-ip.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Have all Internet-checksum computing routines return a uint16_t.
[tcpdump] / print-ip.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: IP printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <string.h>
31
32 #include "netdissect.h"
33 #include "addrtoname.h"
34 #include "extract.h"
35
36 #include "ip.h"
37 #include "ipproto.h"
38
39
40 static const struct tok ip_option_values[] = {
41 { IPOPT_EOL, "EOL" },
42 { IPOPT_NOP, "NOP" },
43 { IPOPT_TS, "timestamp" },
44 { IPOPT_SECURITY, "security" },
45 { IPOPT_RR, "RR" },
46 { IPOPT_SSRR, "SSRR" },
47 { IPOPT_LSRR, "LSRR" },
48 { IPOPT_RA, "RA" },
49 { IPOPT_RFC1393, "traceroute" },
50 { 0, NULL }
51 };
52
53 /*
54 * print the recorded route in an IP RR, LSRR or SSRR option.
55 */
56 static int
57 ip_printroute(netdissect_options *ndo,
58 const u_char *cp, u_int length)
59 {
60 u_int ptr;
61 u_int len;
62
63 if (length < 3) {
64 ND_PRINT(" [bad length %u]", length);
65 return (0);
66 }
67 if ((length + 1) & 3)
68 ND_PRINT(" [bad length %u]", length);
69 ND_TCHECK_1(cp + 2);
70 ptr = EXTRACT_U_1(cp + 2) - 1;
71 if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1)
72 ND_PRINT(" [bad ptr %u]", EXTRACT_U_1(cp + 2));
73
74 for (len = 3; len < length; len += 4) {
75 ND_TCHECK_4(cp + len);
76 ND_PRINT(" %s", ipaddr_string(ndo, cp + len));
77 if (ptr > len)
78 ND_PRINT(",");
79 }
80 return (0);
81
82 trunc:
83 return (-1);
84 }
85
86 /*
87 * If source-routing is present and valid, return the final destination.
88 * Otherwise, return IP destination.
89 *
90 * This is used for UDP and TCP pseudo-header in the checksum
91 * calculation.
92 */
93 static uint32_t
94 ip_finddst(netdissect_options *ndo,
95 const struct ip *ip)
96 {
97 u_int length;
98 u_int len;
99 const u_char *cp;
100
101 cp = (const u_char *)(ip + 1);
102 length = IP_HL(ip) * 4;
103 if (length < sizeof(struct ip))
104 goto trunc;
105 length -= sizeof(struct ip);
106
107 for (; length != 0; cp += len, length -= len) {
108 int tt;
109
110 ND_TCHECK_1(cp);
111 tt = EXTRACT_U_1(cp);
112 if (tt == IPOPT_EOL)
113 break;
114 else if (tt == IPOPT_NOP)
115 len = 1;
116 else {
117 ND_TCHECK_1(cp + 1);
118 len = EXTRACT_U_1(cp + 1);
119 if (len < 2)
120 break;
121 }
122 if (length < len)
123 goto trunc;
124 ND_TCHECK_LEN(cp, len);
125 switch (tt) {
126
127 case IPOPT_SSRR:
128 case IPOPT_LSRR:
129 if (len < 7)
130 break;
131 return (EXTRACT_IPV4_TO_NETWORK_ORDER(cp + len - 4));
132 }
133 }
134 trunc:
135 return (EXTRACT_IPV4_TO_NETWORK_ORDER(ip->ip_dst));
136 }
137
138 /*
139 * Compute a V4-style checksum by building a pseudoheader.
140 */
141 uint16_t
142 nextproto4_cksum(netdissect_options *ndo,
143 const struct ip *ip, const uint8_t *data,
144 u_int len, u_int covlen, u_int next_proto)
145 {
146 struct phdr {
147 uint32_t src;
148 uint32_t dst;
149 u_char mbz;
150 u_char proto;
151 uint16_t len;
152 } ph;
153 struct cksum_vec vec[2];
154
155 /* pseudo-header.. */
156 ph.len = htons((uint16_t)len);
157 ph.mbz = 0;
158 ph.proto = next_proto;
159 ph.src = EXTRACT_IPV4_TO_NETWORK_ORDER(ip->ip_src);
160 if (IP_HL(ip) == 5)
161 ph.dst = EXTRACT_IPV4_TO_NETWORK_ORDER(ip->ip_dst);
162 else
163 ph.dst = ip_finddst(ndo, ip);
164
165 vec[0].ptr = (const uint8_t *)(void *)&ph;
166 vec[0].len = sizeof(ph);
167 vec[1].ptr = data;
168 vec[1].len = covlen;
169 return (in_cksum(vec, 2));
170 }
171
172 static int
173 ip_printts(netdissect_options *ndo,
174 const u_char *cp, u_int length)
175 {
176 u_int ptr;
177 u_int len;
178 u_int hoplen;
179 const char *type;
180
181 if (length < 4) {
182 ND_PRINT("[bad length %u]", length);
183 return (0);
184 }
185 ND_PRINT(" TS{");
186 ND_TCHECK_1(cp + 3);
187 hoplen = ((EXTRACT_U_1(cp + 3) & 0xF) != IPOPT_TS_TSONLY) ? 8 : 4;
188 if ((length - 4) & (hoplen-1))
189 ND_PRINT("[bad length %u]", length);
190 ND_TCHECK_1(cp + 2);
191 ptr = EXTRACT_U_1(cp + 2) - 1;
192 len = 0;
193 if (ptr < 4 || ((ptr - 4) & (hoplen-1)) || ptr > length + 1)
194 ND_PRINT("[bad ptr %u]", EXTRACT_U_1(cp + 2));
195 ND_TCHECK_1(cp + 3);
196 switch (EXTRACT_U_1(cp + 3)&0xF) {
197 case IPOPT_TS_TSONLY:
198 ND_PRINT("TSONLY");
199 break;
200 case IPOPT_TS_TSANDADDR:
201 ND_PRINT("TS+ADDR");
202 break;
203 /*
204 * prespecified should really be 3, but some ones might send 2
205 * instead, and the IPOPT_TS_PRESPEC constant can apparently
206 * have both values, so we have to hard-code it here.
207 */
208
209 case 2:
210 ND_PRINT("PRESPEC2.0");
211 break;
212 case 3: /* IPOPT_TS_PRESPEC */
213 ND_PRINT("PRESPEC");
214 break;
215 default:
216 ND_PRINT("[bad ts type %u]", EXTRACT_U_1(cp + 3)&0xF);
217 goto done;
218 }
219
220 type = " ";
221 for (len = 4; len < length; len += hoplen) {
222 if (ptr == len)
223 type = " ^ ";
224 ND_TCHECK_LEN(cp + len, hoplen);
225 ND_PRINT("%s%u@%s", type, EXTRACT_BE_U_4(cp + len + hoplen - 4),
226 hoplen!=8 ? "" : ipaddr_string(ndo, cp + len));
227 type = " ";
228 }
229
230 done:
231 ND_PRINT("%s", ptr == len ? " ^ " : "");
232
233 if (EXTRACT_U_1(cp + 3) >> 4)
234 ND_PRINT(" [%u hops not recorded]} ", EXTRACT_U_1(cp + 3)>>4);
235 else
236 ND_PRINT("}");
237 return (0);
238
239 trunc:
240 return (-1);
241 }
242
243 /*
244 * print IP options.
245 If truncated return -1, else 0.
246 */
247 static int
248 ip_optprint(netdissect_options *ndo,
249 const u_char *cp, u_int length)
250 {
251 u_int option_len;
252 const char *sep = "";
253
254 for (; length > 0; cp += option_len, length -= option_len) {
255 u_int option_code;
256
257 ND_PRINT("%s", sep);
258 sep = ",";
259
260 ND_TCHECK_1(cp);
261 option_code = EXTRACT_U_1(cp);
262
263 ND_PRINT("%s",
264 tok2str(ip_option_values,"unknown %u",option_code));
265
266 if (option_code == IPOPT_NOP ||
267 option_code == IPOPT_EOL)
268 option_len = 1;
269
270 else {
271 ND_TCHECK_1(cp + 1);
272 option_len = EXTRACT_U_1(cp + 1);
273 if (option_len < 2) {
274 ND_PRINT(" [bad length %u]", option_len);
275 return 0;
276 }
277 }
278
279 if (option_len > length) {
280 ND_PRINT(" [bad length %u]", option_len);
281 return 0;
282 }
283
284 ND_TCHECK_LEN(cp, option_len);
285
286 switch (option_code) {
287 case IPOPT_EOL:
288 return 0;
289
290 case IPOPT_TS:
291 if (ip_printts(ndo, cp, option_len) == -1)
292 goto trunc;
293 break;
294
295 case IPOPT_RR: /* fall through */
296 case IPOPT_SSRR:
297 case IPOPT_LSRR:
298 if (ip_printroute(ndo, cp, option_len) == -1)
299 goto trunc;
300 break;
301
302 case IPOPT_RA:
303 if (option_len < 4) {
304 ND_PRINT(" [bad length %u]", option_len);
305 break;
306 }
307 ND_TCHECK_1(cp + 3);
308 if (EXTRACT_BE_U_2(cp + 2) != 0)
309 ND_PRINT(" value %u", EXTRACT_BE_U_2(cp + 2));
310 break;
311
312 case IPOPT_NOP: /* nothing to print - fall through */
313 case IPOPT_SECURITY:
314 default:
315 break;
316 }
317 }
318 return 0;
319
320 trunc:
321 return -1;
322 }
323
324 #define IP_RES 0x8000
325
326 static const struct tok ip_frag_values[] = {
327 { IP_MF, "+" },
328 { IP_DF, "DF" },
329 { IP_RES, "rsvd" }, /* The RFC3514 evil ;-) bit */
330 { 0, NULL }
331 };
332
333 struct ip_print_demux_state {
334 const struct ip *ip;
335 const u_char *cp;
336 u_int len, off;
337 u_char nh;
338 int advance;
339 };
340
341 static void
342 ip_print_demux(netdissect_options *ndo,
343 struct ip_print_demux_state *ipds)
344 {
345 const char *p_name;
346
347 again:
348 switch (ipds->nh) {
349
350 case IPPROTO_AH:
351 if (!ND_TTEST_1(ipds->cp)) {
352 ndo->ndo_protocol = "ah";
353 nd_print_trunc(ndo);
354 break;
355 }
356 ipds->nh = EXTRACT_U_1(ipds->cp);
357 ipds->advance = ah_print(ndo, ipds->cp);
358 if (ipds->advance <= 0)
359 break;
360 ipds->cp += ipds->advance;
361 ipds->len -= ipds->advance;
362 goto again;
363
364 case IPPROTO_ESP:
365 {
366 u_int enh, padlen;
367 ipds->advance = esp_print(ndo, ipds->cp, ipds->len,
368 (const u_char *)ipds->ip,
369 &enh, &padlen);
370 if (ipds->advance <= 0)
371 break;
372 ipds->cp += ipds->advance;
373 ipds->len -= ipds->advance + padlen;
374 ipds->nh = enh & 0xff;
375 goto again;
376 }
377
378 case IPPROTO_IPCOMP:
379 {
380 ipcomp_print(ndo, ipds->cp);
381 /*
382 * Either this has decompressed the payload and
383 * printed it, in which case there's nothing more
384 * to do, or it hasn't, in which case there's
385 * nothing more to do.
386 */
387 break;
388 }
389
390 case IPPROTO_SCTP:
391 sctp_print(ndo, ipds->cp, (const u_char *)ipds->ip, ipds->len);
392 break;
393
394 case IPPROTO_DCCP:
395 dccp_print(ndo, ipds->cp, (const u_char *)ipds->ip, ipds->len);
396 break;
397
398 case IPPROTO_TCP:
399 /* pass on the MF bit plus the offset to detect fragments */
400 tcp_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip,
401 ipds->off & (IP_MF|IP_OFFMASK));
402 break;
403
404 case IPPROTO_UDP:
405 /* pass on the MF bit plus the offset to detect fragments */
406 udp_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip,
407 ipds->off & (IP_MF|IP_OFFMASK));
408 break;
409
410 case IPPROTO_ICMP:
411 /* pass on the MF bit plus the offset to detect fragments */
412 icmp_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip,
413 ipds->off & (IP_MF|IP_OFFMASK));
414 break;
415
416 case IPPROTO_PIGP:
417 /*
418 * XXX - the current IANA protocol number assignments
419 * page lists 9 as "any private interior gateway
420 * (used by Cisco for their IGRP)" and 88 as
421 * "EIGRP" from Cisco.
422 *
423 * Recent BSD <netinet/in.h> headers define
424 * IP_PROTO_PIGP as 9 and IP_PROTO_IGRP as 88.
425 * We define IP_PROTO_PIGP as 9 and
426 * IP_PROTO_EIGRP as 88; those names better
427 * match was the current protocol number
428 * assignments say.
429 */
430 igrp_print(ndo, ipds->cp, ipds->len);
431 break;
432
433 case IPPROTO_EIGRP:
434 eigrp_print(ndo, ipds->cp, ipds->len);
435 break;
436
437 case IPPROTO_ND:
438 ND_PRINT(" nd %u", ipds->len);
439 break;
440
441 case IPPROTO_EGP:
442 egp_print(ndo, ipds->cp, ipds->len);
443 break;
444
445 case IPPROTO_OSPF:
446 ospf_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip);
447 break;
448
449 case IPPROTO_IGMP:
450 igmp_print(ndo, ipds->cp, ipds->len);
451 break;
452
453 case IPPROTO_IPV4:
454 /* DVMRP multicast tunnel (ip-in-ip encapsulation) */
455 ip_print(ndo, ipds->cp, ipds->len);
456 if (! ndo->ndo_vflag) {
457 ND_PRINT(" (ipip-proto-4)");
458 return;
459 }
460 break;
461
462 case IPPROTO_IPV6:
463 /* ip6-in-ip encapsulation */
464 ip6_print(ndo, ipds->cp, ipds->len);
465 break;
466
467 case IPPROTO_RSVP:
468 rsvp_print(ndo, ipds->cp, ipds->len);
469 break;
470
471 case IPPROTO_GRE:
472 /* do it */
473 gre_print(ndo, ipds->cp, ipds->len);
474 break;
475
476 case IPPROTO_MOBILE:
477 mobile_print(ndo, ipds->cp, ipds->len);
478 break;
479
480 case IPPROTO_PIM:
481 pim_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip);
482 break;
483
484 case IPPROTO_VRRP:
485 if (ndo->ndo_packettype == PT_CARP) {
486 if (ndo->ndo_vflag)
487 ND_PRINT("carp %s > %s: ",
488 ipaddr_string(ndo, ipds->ip->ip_src),
489 ipaddr_string(ndo, ipds->ip->ip_dst));
490 carp_print(ndo, ipds->cp, ipds->len,
491 EXTRACT_U_1(ipds->ip->ip_ttl));
492 } else {
493 if (ndo->ndo_vflag)
494 ND_PRINT("vrrp %s > %s: ",
495 ipaddr_string(ndo, ipds->ip->ip_src),
496 ipaddr_string(ndo, ipds->ip->ip_dst));
497 vrrp_print(ndo, ipds->cp, ipds->len,
498 (const u_char *)ipds->ip,
499 EXTRACT_U_1(ipds->ip->ip_ttl));
500 }
501 break;
502
503 case IPPROTO_PGM:
504 pgm_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip);
505 break;
506
507 default:
508 if (ndo->ndo_nflag==0 && (p_name = netdb_protoname(ipds->nh)) != NULL)
509 ND_PRINT(" %s", p_name);
510 else
511 ND_PRINT(" ip-proto-%u", ipds->nh);
512 ND_PRINT(" %u", ipds->len);
513 break;
514 }
515 }
516
517 void
518 ip_inner_print(netdissect_options *ndo,
519 const u_char *bp,
520 u_int length, u_int nh,
521 const u_char *bp2)
522 {
523 struct ip_print_demux_state ipd;
524
525 ipd.ip = (const struct ip *)bp2;
526 ipd.cp = bp;
527 ipd.len = length;
528 ipd.off = 0;
529 ipd.nh = nh;
530 ipd.advance = 0;
531
532 ip_print_demux(ndo, &ipd);
533 }
534
535
536 /*
537 * print an IP datagram.
538 */
539 void
540 ip_print(netdissect_options *ndo,
541 const u_char *bp,
542 u_int length)
543 {
544 struct ip_print_demux_state ipd;
545 struct ip_print_demux_state *ipds=&ipd;
546 const u_char *ipend;
547 u_int hlen;
548 struct cksum_vec vec[1];
549 uint8_t ip_tos, ip_ttl, ip_proto;
550 uint16_t sum, ip_sum;
551 const char *p_name;
552 int truncated = 0;
553
554 ndo->ndo_protocol = "ip";
555 ipds->ip = (const struct ip *)bp;
556 ND_TCHECK_1(ipds->ip->ip_vhl);
557 if (IP_V(ipds->ip) != 4) { /* print version and fail if != 4 */
558 if (IP_V(ipds->ip) == 6)
559 ND_PRINT("IP6, wrong link-layer encapsulation");
560 else
561 ND_PRINT("IP%u", IP_V(ipds->ip));
562 nd_print_invalid(ndo);
563 return;
564 }
565 if (!ndo->ndo_eflag)
566 ND_PRINT("IP ");
567
568 ND_TCHECK_SIZE(ipds->ip);
569 if (length < sizeof (struct ip)) {
570 ND_PRINT("truncated-ip %u", length);
571 return;
572 }
573 hlen = IP_HL(ipds->ip) * 4;
574 if (hlen < sizeof (struct ip)) {
575 ND_PRINT("bad-hlen %u", hlen);
576 return;
577 }
578
579 ipds->len = EXTRACT_BE_U_2(ipds->ip->ip_len);
580 if (length < ipds->len)
581 ND_PRINT("truncated-ip - %u bytes missing! ",
582 ipds->len - length);
583 if (ipds->len < hlen) {
584 #ifdef GUESS_TSO
585 if (ipds->len) {
586 ND_PRINT("bad-len %u", ipds->len);
587 return;
588 }
589 else {
590 /* we guess that it is a TSO send */
591 ipds->len = length;
592 }
593 #else
594 ND_PRINT("bad-len %u", ipds->len);
595 return;
596 #endif /* GUESS_TSO */
597 }
598
599 /*
600 * Cut off the snapshot length to the end of the IP payload.
601 */
602 ipend = bp + ipds->len;
603 if (ipend < ndo->ndo_snapend)
604 ndo->ndo_snapend = ipend;
605
606 ipds->len -= hlen;
607
608 ipds->off = EXTRACT_BE_U_2(ipds->ip->ip_off);
609
610 ip_proto = EXTRACT_U_1(ipds->ip->ip_p);
611
612 if (ndo->ndo_vflag) {
613 ip_tos = EXTRACT_U_1(ipds->ip->ip_tos);
614 ND_PRINT("(tos 0x%x", ip_tos);
615 /* ECN bits */
616 switch (ip_tos & 0x03) {
617
618 case 0:
619 break;
620
621 case 1:
622 ND_PRINT(",ECT(1)");
623 break;
624
625 case 2:
626 ND_PRINT(",ECT(0)");
627 break;
628
629 case 3:
630 ND_PRINT(",CE");
631 break;
632 }
633
634 ip_ttl = EXTRACT_U_1(ipds->ip->ip_ttl);
635 if (ip_ttl >= 1)
636 ND_PRINT(", ttl %u", ip_ttl);
637
638 /*
639 * for the firewall guys, print id, offset.
640 * On all but the last stick a "+" in the flags portion.
641 * For unfragmented datagrams, note the don't fragment flag.
642 */
643 ND_PRINT(", id %u, offset %u, flags [%s], proto %s (%u)",
644 EXTRACT_BE_U_2(ipds->ip->ip_id),
645 (ipds->off & 0x1fff) * 8,
646 bittok2str(ip_frag_values, "none", ipds->off&0xe000),
647 tok2str(ipproto_values, "unknown", ip_proto),
648 ip_proto);
649
650 ND_PRINT(", length %u", EXTRACT_BE_U_2(ipds->ip->ip_len));
651
652 if ((hlen - sizeof(struct ip)) > 0) {
653 ND_PRINT(", options (");
654 if (ip_optprint(ndo, (const u_char *)(ipds->ip + 1),
655 hlen - sizeof(struct ip)) == -1) {
656 ND_PRINT(" [truncated-option]");
657 truncated = 1;
658 }
659 ND_PRINT(")");
660 }
661
662 if (!ndo->ndo_Kflag && (const u_char *)ipds->ip + hlen <= ndo->ndo_snapend) {
663 vec[0].ptr = (const uint8_t *)(const void *)ipds->ip;
664 vec[0].len = hlen;
665 sum = in_cksum(vec, 1);
666 if (sum != 0) {
667 ip_sum = EXTRACT_BE_U_2(ipds->ip->ip_sum);
668 ND_PRINT(", bad cksum %x (->%x)!", ip_sum,
669 in_cksum_shouldbe(ip_sum, sum));
670 }
671 }
672
673 ND_PRINT(")\n ");
674 if (truncated) {
675 ND_PRINT("%s > %s: ",
676 ipaddr_string(ndo, ipds->ip->ip_src),
677 ipaddr_string(ndo, ipds->ip->ip_dst));
678 goto trunc;
679 }
680 }
681
682 /*
683 * If this is fragment zero, hand it to the next higher
684 * level protocol.
685 */
686 if ((ipds->off & 0x1fff) == 0) {
687 ipds->cp = (const u_char *)ipds->ip + hlen;
688 ipds->nh = EXTRACT_U_1(ipds->ip->ip_p);
689
690 if (ipds->nh != IPPROTO_TCP && ipds->nh != IPPROTO_UDP &&
691 ipds->nh != IPPROTO_SCTP && ipds->nh != IPPROTO_DCCP) {
692 ND_PRINT("%s > %s: ",
693 ipaddr_string(ndo, ipds->ip->ip_src),
694 ipaddr_string(ndo, ipds->ip->ip_dst));
695 }
696 ip_print_demux(ndo, ipds);
697 } else {
698 /*
699 * Ultra quiet now means that all this stuff should be
700 * suppressed.
701 */
702 if (ndo->ndo_qflag > 1)
703 return;
704
705 /*
706 * This isn't the first frag, so we're missing the
707 * next level protocol header. print the ip addr
708 * and the protocol.
709 */
710 ND_PRINT("%s > %s:", ipaddr_string(ndo, ipds->ip->ip_src),
711 ipaddr_string(ndo, ipds->ip->ip_dst));
712 if (!ndo->ndo_nflag && (p_name = netdb_protoname(ip_proto)) != NULL)
713 ND_PRINT(" %s", p_name);
714 else
715 ND_PRINT(" ip-proto-%u", ip_proto);
716 }
717 return;
718
719 trunc:
720 nd_print_trunc(ndo);
721 return;
722 }
723
724 void
725 ipN_print(netdissect_options *ndo, const u_char *bp, u_int length)
726 {
727 ndo->ndo_protocol = "ipN";
728 if (length < 1) {
729 ND_PRINT("truncated-ip %u", length);
730 return;
731 }
732
733 ND_TCHECK_1(bp);
734 switch (EXTRACT_U_1(bp) & 0xF0) {
735 case 0x40:
736 ip_print(ndo, bp, length);
737 break;
738 case 0x60:
739 ip6_print(ndo, bp, length);
740 break;
741 default:
742 ND_PRINT("unknown ip %u", (EXTRACT_U_1(bp) & 0xF0) >> 4);
743 break;
744 }
745 return;
746
747 trunc:
748 nd_print_trunc(ndo);
749 return;
750 }
[mirror] the TCPdump network dissector