]> The Tcpdump Group git mirrors - tcpdump/blob - print-ip.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
compilable AH/ESP patches
[tcpdump] / print-ip.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.69 1999-10-17 22:18:01 mcr Exp $ (LBL)";
25 #endif
26
27 #include <sys/param.h>
28 #include <sys/time.h>
29 #include <sys/socket.h>
30
31 #include <netinet/in.h>
32 #include <netinet/in_systm.h>
33 #include <netinet/ip.h>
34 #include <netinet/udp.h>
35 #include <netinet/tcp.h>
36
37 #ifdef HAVE_MALLOC_H
38 #include <malloc.h>
39 #endif
40 #include <stdio.h>
41 #include <stdlib.h>
42 #include <string.h>
43 #include <unistd.h>
44
45 #include "addrtoname.h"
46 #include "interface.h"
47 #include "extract.h" /* must come after interface.h */
48
49 /* Compatibility */
50 #ifndef IPPROTO_ND
51 #define IPPROTO_ND 77
52 #endif
53
54 #ifndef IN_CLASSD
55 #define IN_CLASSD(i) (((int32_t)(i) & 0xf0000000) == 0xe0000000)
56 #endif
57
58 /* (following from ipmulti/mrouted/prune.h) */
59
60 /*
61 * The packet format for a traceroute request.
62 */
63 struct tr_query {
64 u_int tr_src; /* traceroute source */
65 u_int tr_dst; /* traceroute destination */
66 u_int tr_raddr; /* traceroute response address */
67 #ifdef WORDS_BIGENDIAN
68 struct {
69 u_int ttl : 8; /* traceroute response ttl */
70 u_int qid : 24; /* traceroute query id */
71 } q;
72 #else
73 struct {
74 u_int qid : 24; /* traceroute query id */
75 u_int ttl : 8; /* traceroute response ttl */
76 } q;
77 #endif
78 };
79
80 #define tr_rttl q.ttl
81 #define tr_qid q.qid
82
83 /*
84 * Traceroute response format. A traceroute response has a tr_query at the
85 * beginning, followed by one tr_resp for each hop taken.
86 */
87 struct tr_resp {
88 u_int tr_qarr; /* query arrival time */
89 u_int tr_inaddr; /* incoming interface address */
90 u_int tr_outaddr; /* outgoing interface address */
91 u_int tr_rmtaddr; /* parent address in source tree */
92 u_int tr_vifin; /* input packet count on interface */
93 u_int tr_vifout; /* output packet count on interface */
94 u_int tr_pktcnt; /* total incoming packets for src-grp */
95 u_char tr_rproto; /* routing proto deployed on router */
96 u_char tr_fttl; /* ttl required to forward on outvif */
97 u_char tr_smask; /* subnet mask for src addr */
98 u_char tr_rflags; /* forwarding error codes */
99 };
100
101 /* defs within mtrace */
102 #define TR_QUERY 1
103 #define TR_RESP 2
104
105 /* fields for tr_rflags (forwarding error codes) */
106 #define TR_NO_ERR 0
107 #define TR_WRONG_IF 1
108 #define TR_PRUNED 2
109 #define TR_OPRUNED 3
110 #define TR_SCOPED 4
111 #define TR_NO_RTE 5
112 #define TR_NO_FWD 7
113 #define TR_NO_SPACE 0x81
114 #define TR_OLD_ROUTER 0x82
115
116 /* fields for tr_rproto (routing protocol) */
117 #define TR_PROTO_DVMRP 1
118 #define TR_PROTO_MOSPF 2
119 #define TR_PROTO_PIM 3
120 #define TR_PROTO_CBT 4
121
122 static void print_mtrace(register const u_char *bp, register u_int len)
123 {
124 register struct tr_query *tr = (struct tr_query *)(bp + 8);
125
126 printf("mtrace %d: %s to %s reply-to %s", tr->tr_qid,
127 ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
128 ipaddr_string(&tr->tr_raddr));
129 if (IN_CLASSD(ntohl(tr->tr_raddr)))
130 printf(" with-ttl %d", tr->tr_rttl);
131 }
132
133 static void print_mresp(register const u_char *bp, register u_int len)
134 {
135 register struct tr_query *tr = (struct tr_query *)(bp + 8);
136
137 printf("mresp %d: %s to %s reply-to %s", tr->tr_qid,
138 ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
139 ipaddr_string(&tr->tr_raddr));
140 if (IN_CLASSD(ntohl(tr->tr_raddr)))
141 printf(" with-ttl %d", tr->tr_rttl);
142 }
143
144 static void
145 igmp_print(register const u_char *bp, register u_int len,
146 register const u_char *bp2)
147 {
148 register const struct ip *ip;
149
150 ip = (const struct ip *)bp2;
151 (void)printf("%s > %s: ",
152 ipaddr_string(&ip->ip_src),
153 ipaddr_string(&ip->ip_dst));
154
155 TCHECK2(bp[0], 8);
156 switch (bp[0]) {
157 case 0x11:
158 (void)printf("igmp query");
159 if (*(int *)&bp[4])
160 (void)printf(" [gaddr %s]", ipaddr_string(&bp[4]));
161 if (len != 8)
162 (void)printf(" [len %d]", len);
163 break;
164 case 0x12:
165 (void)printf("igmp report %s", ipaddr_string(&bp[4]));
166 if (len != 8)
167 (void)printf(" [len %d]", len);
168 break;
169 case 0x16:
170 (void)printf("igmp nreport %s", ipaddr_string(&bp[4]));
171 break;
172 case 0x17:
173 (void)printf("igmp leave %s", ipaddr_string(&bp[4]));
174 break;
175 case 0x13:
176 (void)printf("igmp dvmrp");
177 if (len < 8)
178 (void)printf(" [len %d]", len);
179 else
180 dvmrp_print(bp, len);
181 break;
182 case 0x14:
183 (void)printf("igmp pim");
184 pim_print(bp, len);
185 break;
186 case 0x1e:
187 print_mresp(bp, len);
188 break;
189 case 0x1f:
190 print_mtrace(bp, len);
191 break;
192 default:
193 (void)printf("igmp-%d", bp[0] & 0xf);
194 break;
195 }
196 if ((bp[0] >> 4) != 1)
197 (void)printf(" [v%d]", bp[0] >> 4);
198
199 TCHECK2(bp[0], len);
200 if (vflag) {
201 /* Check the IGMP checksum */
202 u_int32_t sum = 0;
203 int count;
204 const u_short *sp = (u_short *)bp;
205
206 for (count = len / 2; --count >= 0; )
207 sum += *sp++;
208 if (len & 1)
209 sum += ntohs(*(u_char *) sp << 8);
210 while (sum >> 16)
211 sum = (sum & 0xffff) + (sum >> 16);
212 sum = 0xffff & ~sum;
213 if (sum != 0)
214 printf(" bad igmp cksum %x!", EXTRACT_16BITS(&bp[2]));
215 }
216 return;
217 trunc:
218 fputs("[|igmp]", stdout);
219 }
220
221 /*
222 * print the recorded route in an IP RR, LSRR or SSRR option.
223 */
224 static void
225 ip_printroute(const char *type, register const u_char *cp, u_int length)
226 {
227 register u_int ptr = cp[2] - 1;
228 register u_int len;
229
230 printf(" %s{", type);
231 if ((length + 1) & 3)
232 printf(" [bad length %d]", length);
233 if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1)
234 printf(" [bad ptr %d]", cp[2]);
235
236 type = "";
237 for (len = 3; len < length; len += 4) {
238 if (ptr == len)
239 type = "#";
240 printf("%s%s", type, ipaddr_string(&cp[len]));
241 type = " ";
242 }
243 printf("%s}", ptr == len? "#" : "");
244 }
245
246 /*
247 * print IP options.
248 */
249 static void
250 ip_optprint(register const u_char *cp, u_int length)
251 {
252 register u_int len;
253
254 for (; length > 0; cp += len, length -= len) {
255 int tt = *cp;
256
257 len = (tt == IPOPT_NOP || tt == IPOPT_EOL) ? 1 : cp[1];
258 if (len <= 0) {
259 printf("[|ip op len %d]", len);
260 return;
261 }
262 if (&cp[1] >= snapend || cp + len > snapend) {
263 printf("[|ip]");
264 return;
265 }
266 switch (tt) {
267
268 case IPOPT_EOL:
269 printf(" EOL");
270 if (length > 1)
271 printf("-%d", length - 1);
272 return;
273
274 case IPOPT_NOP:
275 printf(" NOP");
276 break;
277
278 case IPOPT_TS:
279 printf(" TS{%d}", len);
280 break;
281
282 case IPOPT_SECURITY:
283 printf(" SECURITY{%d}", len);
284 break;
285
286 case IPOPT_RR:
287 printf(" RR{%d}=", len);
288 ip_printroute("RR", cp, len);
289 break;
290
291 case IPOPT_SSRR:
292 ip_printroute("SSRR", cp, len);
293 break;
294
295 case IPOPT_LSRR:
296 ip_printroute("LSRR", cp, len);
297 break;
298
299 default:
300 printf(" IPOPT-%d{%d}", cp[0], len);
301 break;
302 }
303 }
304 }
305
306 /*
307 * compute an IP header checksum.
308 * don't modifiy the packet.
309 */
310 static int
311 in_cksum(const struct ip *ip)
312 {
313 register const u_short *sp = (u_short *)ip;
314 register u_int32_t sum = 0;
315 register int count;
316
317 /*
318 * No need for endian conversions.
319 */
320 for (count = ip->ip_hl * 2; --count >= 0; )
321 sum += *sp++;
322 while (sum > 0xffff)
323 sum = (sum & 0xffff) + (sum >> 16);
324 sum = ~sum & 0xffff;
325
326 return (sum);
327 }
328
329 /*
330 * print an IP datagram.
331 */
332 void
333 ip_print(register const u_char *bp, register u_int length)
334 {
335 register const struct ip *ip;
336 register u_int hlen, len, off;
337 register const u_char *cp;
338
339 ip = (const struct ip *)bp;
340 #ifdef LBL_ALIGN
341 /*
342 * If the IP header is not aligned, copy into abuf.
343 * This will never happen with BPF. It does happen raw packet
344 * dumps from -r.
345 */
346 if ((long)ip & 3) {
347 static u_char *abuf = NULL;
348 static int didwarn = 0;
349
350 if (abuf == NULL) {
351 abuf = (u_char *)malloc(snaplen);
352 if (abuf == NULL)
353 error("ip_print: malloc");
354 }
355 memcpy((char *)abuf, (char *)ip, min(length, snaplen));
356 snapend += abuf - (u_char *)ip;
357 packetp = abuf;
358 ip = (struct ip *)abuf;
359 /* We really want libpcap to give us aligned packets */
360 if (!didwarn) {
361 warning("compensating for unaligned libpcap packets");
362 ++didwarn;
363 }
364 }
365 #endif
366 if ((u_char *)(ip + 1) > snapend) {
367 printf("[|ip]");
368 return;
369 }
370 if (length < sizeof (struct ip)) {
371 (void)printf("truncated-ip %d", length);
372 return;
373 }
374 hlen = ip->ip_hl * 4;
375
376 len = ntohs(ip->ip_len);
377 if (length < len)
378 (void)printf("truncated-ip - %d bytes missing!",
379 len - length);
380 len -= hlen;
381
382 /*
383 * If this is fragment zero, hand it to the next higher
384 * level protocol.
385 */
386 off = ntohs(ip->ip_off);
387 if ((off & 0x1fff) == 0) {
388 cp = (const u_char *)ip + hlen;
389 switch (ip->ip_p) {
390
391 case IPPROTO_TCP:
392 tcp_print(cp, len, (const u_char *)ip);
393 break;
394
395 case IPPROTO_UDP:
396 udp_print(cp, len, (const u_char *)ip);
397 break;
398
399 case IPPROTO_ICMP:
400 icmp_print(cp, (const u_char *)ip);
401 break;
402
403 #ifndef IPPROTO_IGRP
404 #define IPPROTO_IGRP 9
405 #endif
406 case IPPROTO_IGRP:
407 igrp_print(cp, len, (const u_char *)ip);
408 break;
409
410 case IPPROTO_ND:
411 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
412 ipaddr_string(&ip->ip_dst));
413 (void)printf(" nd %d", len);
414 break;
415
416 case IPPROTO_EGP:
417 egp_print(cp, len, (const u_char *)ip);
418 break;
419
420 #ifndef IPPROTO_OSPF
421 #define IPPROTO_OSPF 89
422 #endif
423 case IPPROTO_OSPF:
424 ospf_print(cp, len, (const u_char *)ip);
425 break;
426
427 #ifndef IPPROTO_IGMP
428 #define IPPROTO_IGMP 2
429 #endif
430 case IPPROTO_IGMP:
431 igmp_print(cp, len, (const u_char *)ip);
432 break;
433
434 case 4:
435 /* DVMRP multicast tunnel (ip-in-ip encapsulation) */
436 if (vflag)
437 (void)printf("%s > %s: ",
438 ipaddr_string(&ip->ip_src),
439 ipaddr_string(&ip->ip_dst));
440 ip_print(cp, len);
441 if (! vflag) {
442 printf(" (ipip)");
443 return;
444 }
445 break;
446
447 #ifndef IPPROTO_GRE
448 #define IPPROTO_GRE 47
449 #endif
450 case IPPROTO_GRE:
451 if (vflag)
452 (void)printf("gre %s > %s: ",
453 ipaddr_string(&ip->ip_src),
454 ipaddr_string(&ip->ip_dst));
455 /* do it */
456 gre_print(cp, len);
457 if (! vflag) {
458 printf(" (gre encap)");
459 return;
460 }
461 break;
462
463 default:
464 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
465 ipaddr_string(&ip->ip_dst));
466 (void)printf(" ip-proto-%d %d", ip->ip_p, len);
467 break;
468 }
469 }
470 /*
471 * for fragmented datagrams, print id:size@offset. On all
472 * but the last stick a "+". For unfragmented datagrams, note
473 * the don't fragment flag.
474 */
475 if (off & 0x3fff) {
476 /*
477 * if this isn't the first frag, we're missing the
478 * next level protocol header. print the ip addr.
479 */
480 if (off & 0x1fff)
481 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
482 ipaddr_string(&ip->ip_dst));
483 (void)printf(" (frag %d:%d@%d%s)", ntohs(ip->ip_id), len,
484 (off & 0x1fff) * 8,
485 (off & IP_MF)? "+" : "");
486 } else if (off & IP_DF)
487 (void)printf(" (DF)");
488
489 if (ip->ip_tos)
490 (void)printf(" [tos 0x%x]", (int)ip->ip_tos);
491 if (ip->ip_ttl <= 1)
492 (void)printf(" [ttl %d]", (int)ip->ip_ttl);
493
494 if (vflag) {
495 int sum;
496 char *sep = "";
497
498 printf(" (");
499 if (ip->ip_ttl > 1) {
500 (void)printf("%sttl %d", sep, (int)ip->ip_ttl);
501 sep = ", ";
502 }
503 if ((off & 0x3fff) == 0) {
504 (void)printf("%sid %d", sep, (int)ntohs(ip->ip_id));
505 sep = ", ";
506 }
507 if ((u_char *)ip + hlen <= snapend) {
508 sum = in_cksum(ip);
509 if (sum != 0) {
510 (void)printf("%sbad cksum %x!", sep,
511 ntohs(ip->ip_sum));
512 sep = ", ";
513 }
514 }
515 if ((hlen -= sizeof(struct ip)) > 0) {
516 (void)printf("%soptlen=%d", sep, hlen);
517 ip_optprint((u_char *)(ip + 1), hlen);
518 }
519 printf(")");
520 }
521 }
[mirror] the TCPdump network dissector