]> The Tcpdump Group git mirrors - tcpdump/blob - print-ip.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add "tcp.h" and "udp.h" headers, to declare the TCP and UDP stuff needed
[tcpdump] / print-ip.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.86 2000-09-23 08:26:34 guy Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <sys/param.h>
32 #include <sys/time.h>
33 #include <sys/socket.h>
34
35 #include <netinet/in.h>
36 #include <netinet/in_systm.h>
37 #include <netinet/ip.h>
38 #include <netinet/ip_var.h>
39
40 #include <stdio.h>
41 #include <stdlib.h>
42 #include <string.h>
43 #include <unistd.h>
44
45 #include "addrtoname.h"
46 #include "interface.h"
47 #include "extract.h" /* must come after interface.h */
48
49 /* Compatibility */
50 #ifndef IPPROTO_ND
51 #define IPPROTO_ND 77
52 #endif
53
54 #ifndef IN_CLASSD
55 #define IN_CLASSD(i) (((int32_t)(i) & 0xf0000000) == 0xe0000000)
56 #endif
57
58 /* (following from ipmulti/mrouted/prune.h) */
59
60 /*
61 * The packet format for a traceroute request.
62 */
63 struct tr_query {
64 u_int tr_src; /* traceroute source */
65 u_int tr_dst; /* traceroute destination */
66 u_int tr_raddr; /* traceroute response address */
67 u_int tr_rttlqid; /* response ttl and qid */
68 };
69
70 #define TR_GETTTL(x) (int)(((x) >> 24) & 0xff)
71 #define TR_GETQID(x) ((x) & 0x00ffffff)
72
73 /*
74 * Traceroute response format. A traceroute response has a tr_query at the
75 * beginning, followed by one tr_resp for each hop taken.
76 */
77 struct tr_resp {
78 u_int tr_qarr; /* query arrival time */
79 u_int tr_inaddr; /* incoming interface address */
80 u_int tr_outaddr; /* outgoing interface address */
81 u_int tr_rmtaddr; /* parent address in source tree */
82 u_int tr_vifin; /* input packet count on interface */
83 u_int tr_vifout; /* output packet count on interface */
84 u_int tr_pktcnt; /* total incoming packets for src-grp */
85 u_char tr_rproto; /* routing proto deployed on router */
86 u_char tr_fttl; /* ttl required to forward on outvif */
87 u_char tr_smask; /* subnet mask for src addr */
88 u_char tr_rflags; /* forwarding error codes */
89 };
90
91 /* defs within mtrace */
92 #define TR_QUERY 1
93 #define TR_RESP 2
94
95 /* fields for tr_rflags (forwarding error codes) */
96 #define TR_NO_ERR 0
97 #define TR_WRONG_IF 1
98 #define TR_PRUNED 2
99 #define TR_OPRUNED 3
100 #define TR_SCOPED 4
101 #define TR_NO_RTE 5
102 #define TR_NO_FWD 7
103 #define TR_NO_SPACE 0x81
104 #define TR_OLD_ROUTER 0x82
105
106 /* fields for tr_rproto (routing protocol) */
107 #define TR_PROTO_DVMRP 1
108 #define TR_PROTO_MOSPF 2
109 #define TR_PROTO_PIM 3
110 #define TR_PROTO_CBT 4
111
112 static void print_mtrace(register const u_char *bp, register u_int len)
113 {
114 register struct tr_query *tr = (struct tr_query *)(bp + 8);
115
116 printf("mtrace %lu: %s to %s reply-to %s",
117 (u_long)TR_GETQID(ntohl(tr->tr_rttlqid)),
118 ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
119 ipaddr_string(&tr->tr_raddr));
120 if (IN_CLASSD(ntohl(tr->tr_raddr)))
121 printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid)));
122 }
123
124 static void print_mresp(register const u_char *bp, register u_int len)
125 {
126 register struct tr_query *tr = (struct tr_query *)(bp + 8);
127
128 printf("mresp %lu: %s to %s reply-to %s",
129 (u_long)TR_GETQID(ntohl(tr->tr_rttlqid)),
130 ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
131 ipaddr_string(&tr->tr_raddr));
132 if (IN_CLASSD(ntohl(tr->tr_raddr)))
133 printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid)));
134 }
135
136 static void
137 igmp_print(register const u_char *bp, register u_int len,
138 register const u_char *bp2)
139 {
140 register const struct ip *ip;
141
142 ip = (const struct ip *)bp2;
143 (void)printf("%s > %s: ",
144 ipaddr_string(&ip->ip_src),
145 ipaddr_string(&ip->ip_dst));
146
147 if (qflag) {
148 (void)printf("igmp");
149 return;
150 }
151
152 TCHECK2(bp[0], 8);
153 switch (bp[0]) {
154 case 0x11:
155 (void)printf("igmp query");
156 if (EXTRACT_32BITS(&bp[4]))
157 (void)printf(" [gaddr %s]", ipaddr_string(&bp[4]));
158 if (len != 8)
159 (void)printf(" [len %d]", len);
160 break;
161 case 0x12:
162 (void)printf("igmp v1 report %s", ipaddr_string(&bp[4]));
163 if (len != 8)
164 (void)printf(" [len %d]", len);
165 break;
166 case 0x16:
167 (void)printf("igmp v2 report %s", ipaddr_string(&bp[4]));
168 break;
169 case 0x17:
170 (void)printf("igmp leave %s", ipaddr_string(&bp[4]));
171 break;
172 case 0x13:
173 (void)printf("igmp dvmrp");
174 if (len < 8)
175 (void)printf(" [len %d]", len);
176 else
177 dvmrp_print(bp, len);
178 break;
179 case 0x14:
180 (void)printf("igmp pimv1");
181 pimv1_print(bp, len);
182 break;
183 case 0x1e:
184 print_mresp(bp, len);
185 break;
186 case 0x1f:
187 print_mtrace(bp, len);
188 break;
189 default:
190 (void)printf("igmp-%d", bp[0]);
191 break;
192 }
193
194 if (vflag && TTEST2(bp[0], len)) {
195 /* Check the IGMP checksum */
196 if (in_cksum((const u_short*)bp, len, 0))
197 printf(" bad igmp cksum %x!", EXTRACT_16BITS(&bp[2]));
198 }
199 return;
200 trunc:
201 fputs("[|igmp]", stdout);
202 }
203
204 /*
205 * print the recorded route in an IP RR, LSRR or SSRR option.
206 */
207 static void
208 ip_printroute(const char *type, register const u_char *cp, u_int length)
209 {
210 register u_int ptr = cp[2] - 1;
211 register u_int len;
212
213 printf(" %s{", type);
214 if ((length + 1) & 3)
215 printf(" [bad length %d]", length);
216 if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1)
217 printf(" [bad ptr %d]", cp[2]);
218
219 type = "";
220 for (len = 3; len < length; len += 4) {
221 if (ptr == len)
222 type = "#";
223 printf("%s%s", type, ipaddr_string(&cp[len]));
224 type = " ";
225 }
226 printf("%s}", ptr == len? "#" : "");
227 }
228
229 static void
230 ip_printts(register const u_char *cp, u_int length)
231 {
232 register u_int ptr = cp[2] - 1;
233 register u_int len = 0;
234 int hoplen;
235 char *type;
236
237 printf(" TS{");
238 hoplen = ((cp[3]&0xF) != IPOPT_TS_TSONLY) ? 8 : 4;
239 if ((length - 4) & (hoplen-1))
240 printf("[bad length %d]", length);
241 if (ptr < 4 || ((ptr - 4) & (hoplen-1)) || ptr > length + 1)
242 printf("[bad ptr %d]", cp[2]);
243 switch (cp[3]&0xF) {
244 case IPOPT_TS_TSONLY:
245 printf("TSONLY");
246 break;
247 case IPOPT_TS_TSANDADDR:
248 printf("TS+ADDR");
249 break;
250 /*
251 * prespecified should really be 3, but some ones might send 2
252 * instead, and the IPOPT_TS_PRESPEC constant can apparently
253 * have both values, so we have to hard-code it here.
254 */
255
256 case 2:
257 printf("PRESPEC2.0");
258 break;
259 case 3: /* IPOPT_TS_PRESPEC */
260 printf("PRESPEC");
261 break;
262 default:
263 printf("[bad ts type %d]", cp[3]&0xF);
264 goto done;
265 }
266
267 type = " ";
268 for (len = 4; len < length; len += hoplen) {
269 if (ptr == len)
270 type = " ^ ";
271 printf("%s%d@%s", type, EXTRACT_32BITS(&cp[len+hoplen-4]),
272 hoplen!=8 ? "" : ipaddr_string(&cp[len]));
273 type = " ";
274 }
275
276 done:
277 printf("%s", ptr == len ? " ^ " : "");
278
279 if (cp[3]>>4)
280 printf(" [%d hops not recorded]} ", cp[3]>>4);
281 else
282 printf("}");
283 }
284
285 /*
286 * print IP options.
287 */
288 static void
289 ip_optprint(register const u_char *cp, u_int length)
290 {
291 register u_int len;
292
293 for (; length > 0; cp += len, length -= len) {
294 int tt = *cp;
295
296 if (tt == IPOPT_NOP || tt == IPOPT_EOL)
297 len = 1;
298 else {
299 if (&cp[1] >= snapend) {
300 printf("[|ip]");
301 return;
302 }
303 len = cp[1];
304 }
305 if (len <= 0) {
306 printf("[|ip op len %d]", len);
307 return;
308 }
309 if (&cp[1] >= snapend || cp + len > snapend) {
310 printf("[|ip]");
311 return;
312 }
313 switch (tt) {
314
315 case IPOPT_EOL:
316 printf(" EOL");
317 if (length > 1)
318 printf("-%d", length - 1);
319 return;
320
321 case IPOPT_NOP:
322 printf(" NOP");
323 break;
324
325 case IPOPT_TS:
326 ip_printts(cp, len);
327 break;
328
329 #ifndef IPOPT_SECURITY
330 #define IPOPT_SECURITY 130
331 #endif /* IPOPT_SECURITY */
332 case IPOPT_SECURITY:
333 printf(" SECURITY{%d}", len);
334 break;
335
336 case IPOPT_RR:
337 ip_printroute("RR", cp, len);
338 break;
339
340 case IPOPT_SSRR:
341 ip_printroute("SSRR", cp, len);
342 break;
343
344 case IPOPT_LSRR:
345 ip_printroute("LSRR", cp, len);
346 break;
347
348 #ifndef IPOPT_RA
349 #define IPOPT_RA 148 /* router alert */
350 #endif
351 case IPOPT_RA:
352 printf(" RA");
353 if (len != 4)
354 printf("{%d}", len);
355 else if (cp[2] || cp[3])
356 printf("%d.%d", cp[2], cp[3]);
357 break;
358
359 default:
360 printf(" IPOPT-%d{%d}", cp[0], len);
361 break;
362 }
363 }
364 }
365
366 /*
367 * compute an IP header checksum.
368 * don't modifiy the packet.
369 */
370 u_short
371 in_cksum(const u_short *addr, register int len, u_short csum)
372 {
373 int nleft = len;
374 const u_short *w = addr;
375 u_short answer;
376 int sum = csum;
377
378 /*
379 * Our algorithm is simple, using a 32 bit accumulator (sum),
380 * we add sequential 16 bit words to it, and at the end, fold
381 * back all the carry bits from the top 16 bits into the lower
382 * 16 bits.
383 */
384 while (nleft > 1) {
385 sum += *w++;
386 nleft -= 2;
387 }
388 if (nleft == 1)
389 sum += htons(*(u_char *)w<<8);
390
391 /*
392 * add back carry outs from top 16 bits to low 16 bits
393 */
394 sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
395 sum += (sum >> 16); /* add carry */
396 answer = ~sum; /* truncate to 16 bits */
397 return (answer);
398 }
399
400 /*
401 * print an IP datagram.
402 */
403 void
404 ip_print(register const u_char *bp, register u_int length)
405 {
406 register const struct ip *ip;
407 register u_int hlen, len, len0, off;
408 register const u_char *cp;
409 u_char nh;
410 int advance;
411
412 ip = (const struct ip *)bp;
413 #ifdef LBL_ALIGN
414 /*
415 * If the IP header is not aligned, copy into abuf.
416 * This will never happen with BPF. It does happen raw packet
417 * dumps from -r.
418 */
419 if ((long)ip & 3) {
420 static u_char *abuf = NULL;
421 static int didwarn = 0;
422
423 if (abuf == NULL) {
424 abuf = (u_char *)malloc(snaplen);
425 if (abuf == NULL)
426 error("ip_print: malloc");
427 }
428 memcpy((char *)abuf, (char *)ip, min(length, snaplen));
429 snapend += abuf - (u_char *)ip;
430 packetp = abuf;
431 ip = (struct ip *)abuf;
432 /* We really want libpcap to give us aligned packets */
433 if (!didwarn) {
434 warning("compensating for unaligned libpcap packets");
435 ++didwarn;
436 }
437 }
438 #endif
439 if ((u_char *)(ip + 1) > snapend) {
440 printf("[|ip]");
441 return;
442 }
443 if (length < sizeof (struct ip)) {
444 (void)printf("truncated-ip %d", length);
445 return;
446 }
447 hlen = ip->ip_hl * 4;
448 if (hlen < sizeof (struct ip)) {
449 (void)printf("bad-hlen %d", hlen);
450 return;
451 }
452
453 len = ntohs(ip->ip_len);
454 if (length < len)
455 (void)printf("truncated-ip - %d bytes missing!",
456 len - length);
457 len -= hlen;
458 len0 = len;
459
460 /*
461 * If this is fragment zero, hand it to the next higher
462 * level protocol.
463 */
464 off = ntohs(ip->ip_off);
465 if ((off & 0x1fff) == 0) {
466 cp = (const u_char *)ip + hlen;
467 nh = ip->ip_p;
468
469 if (nh != IPPROTO_TCP && nh != IPPROTO_UDP) {
470 (void)printf("%s > %s: ", ipaddr_string(&ip->ip_src),
471 ipaddr_string(&ip->ip_dst));
472 }
473 again:
474 switch (nh) {
475
476 #ifndef IPPROTO_AH
477 #define IPPROTO_AH 51
478 #endif
479 case IPPROTO_AH:
480 nh = *cp;
481 advance = ah_print(cp, (const u_char *)ip);
482 cp += advance;
483 len -= advance;
484 goto again;
485
486 #ifndef IPPROTO_ESP
487 #define IPPROTO_ESP 50
488 #endif
489 case IPPROTO_ESP:
490 {
491 int enh;
492 advance = esp_print(cp, (const u_char *)ip, &enh);
493 cp += advance;
494 len -= advance;
495 if (enh < 0)
496 break;
497 nh = enh & 0xff;
498 goto again;
499 }
500
501 #ifndef IPPROTO_IPCOMP
502 #define IPPROTO_IPCOMP 108
503 #endif
504 case IPPROTO_IPCOMP:
505 {
506 int enh;
507 advance = ipcomp_print(cp, (const u_char *)ip, &enh);
508 cp += advance;
509 len -= advance;
510 if (enh < 0)
511 break;
512 nh = enh & 0xff;
513 goto again;
514 }
515
516 case IPPROTO_TCP:
517 tcp_print(cp, len, (const u_char *)ip);
518 break;
519
520 case IPPROTO_UDP:
521 udp_print(cp, len, (const u_char *)ip);
522 break;
523
524 case IPPROTO_ICMP:
525 icmp_print(cp, len, (const u_char *)ip);
526 break;
527
528 #ifndef IPPROTO_IGRP
529 #define IPPROTO_IGRP 9
530 #endif
531 case IPPROTO_IGRP:
532 igrp_print(cp, len, (const u_char *)ip);
533 break;
534
535 case IPPROTO_ND:
536 #if 0
537 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
538 ipaddr_string(&ip->ip_dst));
539 #endif
540 (void)printf(" nd %d", len);
541 break;
542
543 case IPPROTO_EGP:
544 egp_print(cp, len, (const u_char *)ip);
545 break;
546
547 #ifndef IPPROTO_OSPF
548 #define IPPROTO_OSPF 89
549 #endif
550 case IPPROTO_OSPF:
551 ospf_print(cp, len, (const u_char *)ip);
552 break;
553
554 #ifndef IPPROTO_IGMP
555 #define IPPROTO_IGMP 2
556 #endif
557 case IPPROTO_IGMP:
558 igmp_print(cp, len, (const u_char *)ip);
559 break;
560
561 case 4:
562 /* DVMRP multicast tunnel (ip-in-ip encapsulation) */
563 #if 0
564 if (vflag)
565 (void)printf("%s > %s: ",
566 ipaddr_string(&ip->ip_src),
567 ipaddr_string(&ip->ip_dst));
568 #endif
569 ip_print(cp, len);
570 if (! vflag) {
571 printf(" (ipip)");
572 return;
573 }
574 break;
575
576 #ifdef INET6
577 #ifndef IP6PROTO_ENCAP
578 #define IP6PROTO_ENCAP 41
579 #endif
580 case IP6PROTO_ENCAP:
581 /* ip6-in-ip encapsulation */
582 #if 0
583 if (vflag)
584 (void)printf("%s > %s: ",
585 ipaddr_string(&ip->ip_src),
586 ipaddr_string(&ip->ip_dst));
587 #endif
588 ip6_print(cp, len);
589 if (! vflag) {
590 printf(" (encap)");
591 return;
592 }
593 break;
594 #endif /*INET6*/
595
596
597 #ifndef IPPROTO_GRE
598 #define IPPROTO_GRE 47
599 #endif
600 case IPPROTO_GRE:
601 if (vflag)
602 (void)printf("gre %s > %s: ",
603 ipaddr_string(&ip->ip_src),
604 ipaddr_string(&ip->ip_dst));
605 /* do it */
606 gre_print(cp, len);
607 if (! vflag) {
608 printf(" (gre encap)");
609 return;
610 }
611 break;
612
613 #ifndef IPPROTO_MOBILE
614 #define IPPROTO_MOBILE 55
615 #endif
616 case IPPROTO_MOBILE:
617 if (vflag)
618 (void)printf("mobile %s > %s: ",
619 ipaddr_string(&ip->ip_src),
620 ipaddr_string(&ip->ip_dst));
621 mobile_print(cp, len);
622 if (! vflag) {
623 printf(" (mobile encap)");
624 return;
625 }
626 break;
627
628 #ifndef IPPROTO_PIM
629 #define IPPROTO_PIM 103
630 #endif
631 case IPPROTO_PIM:
632 pim_print(cp, len);
633 break;
634
635 #ifndef IPPROTO_VRRP
636 #define IPPROTO_VRRP 112
637 #endif
638 case IPPROTO_VRRP:
639 vrrp_print(cp, len, ip->ip_ttl);
640 break;
641
642 default:
643 #if 0
644 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
645 ipaddr_string(&ip->ip_dst));
646 #endif
647 (void)printf(" ip-proto-%d %d", nh, len);
648 break;
649 }
650 }
651
652 /* Ultra quiet now means that all this stuff should be suppressed */
653 /* res 3-Nov-98 */
654 if (qflag > 1) return;
655
656
657 /*
658 * for fragmented datagrams, print id:size@offset. On all
659 * but the last stick a "+". For unfragmented datagrams, note
660 * the don't fragment flag.
661 */
662 len = len0; /* get the original length */
663 if (off & 0x3fff) {
664 /*
665 * if this isn't the first frag, we're missing the
666 * next level protocol header. print the ip addr.
667 */
668 if (off & 0x1fff)
669 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
670 ipaddr_string(&ip->ip_dst));
671 #ifndef IP_MF
672 #define IP_MF 0x2000
673 #endif /* IP_MF */
674 #ifndef IP_DF
675 #define IP_DF 0x4000
676 #endif /* IP_DF */
677 (void)printf(" (frag %d:%u@%d%s)", ntohs(ip->ip_id), len,
678 (off & 0x1fff) * 8,
679 (off & IP_MF)? "+" : "");
680
681 } else if (off & IP_DF)
682 (void)printf(" (DF)");
683
684 if (ip->ip_tos) {
685 (void)printf(" [tos 0x%x", (int)ip->ip_tos);
686 /* ECN bits */
687 if (ip->ip_tos&0x02) {
688 (void)printf(",ECT");
689 if (ip->ip_tos&0x01)
690 (void)printf(",CE");
691 }
692 (void)printf("] ");
693 }
694
695 if (ip->ip_ttl <= 1)
696 (void)printf(" [ttl %d]", (int)ip->ip_ttl);
697
698 if (vflag) {
699 int sum;
700 char *sep = "";
701
702 printf(" (");
703 if (ip->ip_ttl > 1) {
704 (void)printf("%sttl %d", sep, (int)ip->ip_ttl);
705 sep = ", ";
706 }
707 if ((off & 0x3fff) == 0) {
708 (void)printf("%sid %d", sep, (int)ntohs(ip->ip_id));
709 sep = ", ";
710 }
711 (void)printf("%slen %d", sep, (int)ntohs(ip->ip_len));
712 sep = ", ";
713 if ((u_char *)ip + hlen <= snapend) {
714 sum = in_cksum((const u_short *)ip, hlen, 0);
715 if (sum != 0) {
716 (void)printf("%sbad cksum %x!", sep,
717 ntohs(ip->ip_sum));
718 sep = ", ";
719 }
720 }
721 if ((hlen -= sizeof(struct ip)) > 0) {
722 (void)printf("%soptlen=%d", sep, hlen);
723 ip_optprint((u_char *)(ip + 1), hlen);
724 }
725 printf(")");
726 }
727 }
728
729 void
730 ipN_print(register const u_char *bp, register u_int length)
731 {
732 struct ip *ip, hdr;
733
734 ip = (struct ip *)bp;
735 if (length < 4) {
736 (void)printf("truncated-ip %d", length);
737 return;
738 }
739 memcpy (&hdr, (char *)ip, 4);
740 switch (hdr.ip_v) {
741 case 4:
742 ip_print (bp, length);
743 return;
744 #ifdef INET6
745 case 6:
746 ip6_print (bp, length);
747 return;
748 #endif
749 default:
750 (void)printf("unknown ip %d", hdr.ip_v);
751 return;
752 }
753 }
[mirror] the TCPdump network dissector