]> The Tcpdump Group git mirrors - tcpdump/blob - print-gre.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
GRE: Refine the WCCP header commit. [skip ci]
[tcpdump] / print-gre.c
1 /* $OpenBSD: print-gre.c,v 1.6 2002/10/30 03:04:04 fgsch Exp $ */
2
3 /*
4 * Copyright (c) 2002 Jason L. Wright (jason@thought.net)
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
24 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
25 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 /* \summary: Generic Routing Encapsulation (GRE) printer */
30
31 /*
32 * netdissect printer for GRE - Generic Routing Encapsulation
33 * RFC 1701 (GRE), RFC 1702 (GRE IPv4), RFC 2637 (PPTP, which
34 * has an extended form of GRE), RFC 2784 (revised GRE, with
35 * R, K, S, and s bits and Recur and Offset fields now reserved
36 * in the header, and no optional Key or Sequence number in the
37 * header), and RFC 2890 (proposal to add back the K and S bits
38 * and the optional Key and Sequence number).
39 *
40 * The RFC 2637 PPTP GRE repurposes the Key field to hold a
41 * 16-bit Payload Length and a 16-bit Call ID.
42 *
43 * RFC 7637 (NVGRE) repurposes the Key field to hold a 24-bit
44 * Virtual Subnet ID (VSID) and an 8-bit FlowID.
45 */
46
47 #ifdef HAVE_CONFIG_H
48 #include <config.h>
49 #endif
50
51 #include "netdissect-stdinc.h"
52
53 #define ND_LONGJMP_FROM_TCHECK
54 #include "netdissect.h"
55 #include "addrtostr.h"
56 #include "extract.h"
57 #include "ethertype.h"
58
59
60 #define GRE_CP 0x8000 /* checksum present */
61 #define GRE_RP 0x4000 /* routing present */
62 #define GRE_KP 0x2000 /* key present */
63 #define GRE_SP 0x1000 /* sequence# present */
64 #define GRE_sP 0x0800 /* source routing */
65 #define GRE_AP 0x0080 /* acknowledgment# present */
66
67 static const struct tok gre_flag_values[] = {
68 { GRE_CP, "checksum present"},
69 { GRE_RP, "routing present"},
70 { GRE_KP, "key present"},
71 { GRE_SP, "sequence# present"},
72 { GRE_sP, "source routing present"},
73 { GRE_AP, "ack present"},
74 { 0, NULL }
75 };
76
77 #define GRE_RECRS_MASK 0x0700 /* recursion count */
78 #define GRE_VERS_MASK 0x0007 /* protocol version */
79
80 /* source route entry types */
81 #define GRESRE_IP 0x0800 /* IP */
82 #define GRESRE_ASN 0xfffe /* ASN */
83
84 /*
85 * Ethertype values used for GRE (but not elsewhere?).
86 */
87 #define GRE_WCCP 0x883e /* Web Cache C* Protocol */
88
89 struct wccp_redirect {
90 nd_uint8_t flags;
91 #define WCCP_T (1 << 7)
92 #define WCCP_A (1 << 6)
93 #define WCCP_U (1 << 5)
94 nd_uint8_t ServiceId;
95 nd_uint8_t AltBucket;
96 nd_uint8_t PriBucket;
97 };
98
99 static void gre_print_0(netdissect_options *, const u_char *, u_int);
100 static void gre_print_1(netdissect_options *, const u_char *, u_int);
101 static int gre_sre_print(netdissect_options *, uint16_t, uint8_t, uint8_t, const u_char *, u_int);
102 static int gre_sre_ip_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
103 static int gre_sre_asn_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
104
105 void
106 gre_print(netdissect_options *ndo, const u_char *bp, u_int length)
107 {
108 u_int vers;
109
110 ndo->ndo_protocol = "gre";
111 nd_print_protocol_caps(ndo);
112 ND_ICHECK_U(length, <, 2);
113 vers = GET_BE_U_2(bp) & GRE_VERS_MASK;
114 ND_PRINT("v%u",vers);
115
116 switch(vers) {
117 case 0:
118 gre_print_0(ndo, bp, length);
119 break;
120 case 1:
121 gre_print_1(ndo, bp, length);
122 break;
123 default:
124 ND_PRINT(" ERROR: unknown-version");
125 break;
126 }
127 return;
128
129 invalid:
130 nd_print_invalid(ndo);
131 }
132
133 static void
134 gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
135 {
136 u_int len = length;
137 uint16_t flags, prot;
138
139 ND_ICHECK_U(len, <, 2);
140 flags = GET_BE_U_2(bp);
141 if (ndo->ndo_vflag)
142 ND_PRINT(", Flags [%s]",
143 bittok2str(gre_flag_values,"none",flags));
144
145 len -= 2;
146 bp += 2;
147
148 ND_ICHECK_U(len, <, 2);
149 prot = GET_BE_U_2(bp);
150 len -= 2;
151 bp += 2;
152
153 if ((flags & GRE_CP) | (flags & GRE_RP)) {
154 uint16_t sum;
155
156 ND_ICHECK_U(len, <, 2);
157 sum = GET_BE_U_2(bp);
158 if (ndo->ndo_vflag)
159 ND_PRINT(", sum 0x%x", sum);
160 bp += 2;
161 len -= 2;
162
163 ND_ICHECK_U(len, <, 2);
164 ND_PRINT(", off 0x%x", GET_BE_U_2(bp));
165 bp += 2;
166 len -= 2;
167 }
168
169 if (flags & GRE_KP) {
170 uint32_t key;
171
172 ND_ICHECK_U(len, <, 4);
173 key = GET_BE_U_4(bp);
174 bp += 4;
175 len -= 4;
176
177 /*
178 * OpenBSD shows this as both a 32-bit
179 * (decimal) key value and a VSID+FlowID
180 * pair, with the VSID in decimal and
181 * the FlowID in hex, as key=<Key>|<VSID>+<FlowID>,
182 * in case this is NVGRE.
183 */
184 ND_PRINT(", key=0x%x", key);
185 }
186
187 if (flags & GRE_SP) {
188 ND_ICHECK_U(len, <, 4);
189 ND_PRINT(", seq %u", GET_BE_U_4(bp));
190 bp += 4;
191 len -= 4;
192 }
193
194 if (flags & GRE_RP) {
195 for (;;) {
196 uint16_t af;
197 uint8_t sreoff;
198 uint8_t srelen;
199
200 ND_ICHECK_U(len, <, 4);
201 af = GET_BE_U_2(bp);
202 sreoff = GET_U_1(bp + 2);
203 srelen = GET_U_1(bp + 3);
204 bp += 4;
205 len -= 4;
206
207 if (af == 0 && srelen == 0)
208 break;
209
210 if (!gre_sre_print(ndo, af, sreoff, srelen, bp, len))
211 goto invalid;
212
213 ND_ICHECK_U(len, <, srelen);
214 bp += srelen;
215 len -= srelen;
216 }
217 }
218
219 if (ndo->ndo_eflag)
220 ND_PRINT(", proto %s (0x%04x)",
221 tok2str(ethertype_values,"unknown",prot), prot);
222
223 ND_PRINT(", length %u",length);
224
225 if (ndo->ndo_vflag < 1)
226 ND_PRINT(": "); /* put in a colon as protocol demarc */
227 else
228 ND_PRINT("\n\t"); /* if verbose go multiline */
229
230 switch (prot) {
231 case 0x0000:
232 /*
233 * 0x0000 is reserved, but Cisco, at least, appears to
234 * use it for keep-alives; see, for example,
235 * https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html#anc1
236 */
237 printf("keep-alive");
238 break;
239 case GRE_WCCP:
240 /*
241 * This is a bit weird.
242 *
243 * This may either just mean "IPv4" or it may mean
244 * "IPv4 preceded by a WCCP redirect header". We
245 * check to see if the first octet looks like the
246 * beginning of an IPv4 header and, if not, dissect
247 * it "IPv4 preceded by a WCCP redirect header",
248 * otherwise we dissect it as just IPv4.
249 *
250 * See "Packet redirection" in draft-forster-wrec-wccp-v1-00,
251 * section 4.12 "Traffic Forwarding" in
252 * draft-wilson-wrec-wccp-v2-01, and section 3.12.1
253 * "Forwarding using GRE Encapsulation" in
254 * draft-param-wccp-v2rev1-01.
255 */
256 ND_PRINT("wccp ");
257
258 ND_ICHECK_U(len, <, 1);
259 if (GET_U_1(bp) >> 4 != 4) {
260 /*
261 * First octet isn't 0x4*, so it's not IPv4.
262 */
263 const struct wccp_redirect *wccp;
264 uint8_t wccp_flags;
265
266 ND_ICHECK_ZU(len, <, sizeof(*wccp));
267 wccp = (const struct wccp_redirect *)bp;
268 wccp_flags = GET_U_1(wccp->flags);
269
270 ND_PRINT("T:%c A:%c U:%c SId:%u Alt:%u Pri:%u",
271 (wccp_flags & WCCP_T) ? '1' : '0',
272 (wccp_flags & WCCP_A) ? '1' : '0',
273 (wccp_flags & WCCP_U) ? '1' : '0',
274 GET_U_1(wccp->ServiceId),
275 GET_U_1(wccp->AltBucket),
276 GET_U_1(wccp->PriBucket));
277
278 bp += sizeof(*wccp);
279 len -= sizeof(*wccp);
280
281 printf(": ");
282 }
283 /* FALLTHROUGH */
284 case ETHERTYPE_IP:
285 ip_print(ndo, bp, len);
286 break;
287 case ETHERTYPE_IPV6:
288 ip6_print(ndo, bp, len);
289 break;
290 case ETHERTYPE_MPLS:
291 case ETHERTYPE_MPLS_MULTI:
292 mpls_print(ndo, bp, len);
293 break;
294 case ETHERTYPE_IPX:
295 ipx_print(ndo, bp, len);
296 break;
297 case ETHERTYPE_ATALK:
298 atalk_print(ndo, bp, len);
299 break;
300 case ETHERTYPE_GRE_ISO:
301 isoclns_print(ndo, bp, len);
302 break;
303 case ETHERTYPE_TEB:
304 ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL);
305 break;
306 case ETHERTYPE_NSH:
307 nsh_print(ndo, bp, len);
308 break;
309 default:
310 ND_PRINT("gre-proto-0x%x", prot);
311 }
312 return;
313
314 invalid:
315 nd_print_invalid(ndo);
316 }
317
318 static void
319 gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
320 {
321 u_int len = length;
322 uint16_t flags, prot;
323
324 ND_ICHECK_U(len, <, 2);
325 flags = GET_BE_U_2(bp);
326 len -= 2;
327 bp += 2;
328
329 if (ndo->ndo_vflag)
330 ND_PRINT(", Flags [%s]",
331 bittok2str(gre_flag_values,"none",flags));
332
333 ND_ICHECK_U(len, <, 2);
334 prot = GET_BE_U_2(bp);
335 len -= 2;
336 bp += 2;
337
338
339 if (flags & GRE_KP) {
340 uint32_t k;
341
342 ND_ICHECK_U(len, <, 4);
343 k = GET_BE_U_4(bp);
344 ND_PRINT(", call %u", k & 0xffff);
345 len -= 4;
346 bp += 4;
347 }
348
349 if (flags & GRE_SP) {
350 ND_ICHECK_U(len, <, 4);
351 ND_PRINT(", seq %u", GET_BE_U_4(bp));
352 bp += 4;
353 len -= 4;
354 }
355
356 if (flags & GRE_AP) {
357 ND_ICHECK_U(len, <, 4);
358 ND_PRINT(", ack %u", GET_BE_U_4(bp));
359 bp += 4;
360 len -= 4;
361 }
362
363 if ((flags & GRE_SP) == 0)
364 ND_PRINT(", no-payload");
365
366 if (ndo->ndo_eflag)
367 ND_PRINT(", proto %s (0x%04x)",
368 tok2str(ethertype_values,"unknown",prot), prot);
369
370 ND_PRINT(", length %u",length);
371
372 if ((flags & GRE_SP) == 0)
373 return;
374
375 if (ndo->ndo_vflag < 1)
376 ND_PRINT(": "); /* put in a colon as protocol demarc */
377 else
378 ND_PRINT("\n\t"); /* if verbose go multiline */
379
380 switch (prot) {
381 case ETHERTYPE_PPP:
382 ppp_print(ndo, bp, len);
383 break;
384 default:
385 ND_PRINT("gre-proto-0x%x", prot);
386 break;
387 }
388 return;
389
390 invalid:
391 nd_print_invalid(ndo);
392 }
393
394 static int
395 gre_sre_print(netdissect_options *ndo, uint16_t af, uint8_t sreoff,
396 uint8_t srelen, const u_char *bp, u_int len)
397 {
398 int ret;
399
400 switch (af) {
401 case GRESRE_IP:
402 ND_PRINT(", (rtaf=ip");
403 ret = gre_sre_ip_print(ndo, sreoff, srelen, bp, len);
404 ND_PRINT(")");
405 break;
406 case GRESRE_ASN:
407 ND_PRINT(", (rtaf=asn");
408 ret = gre_sre_asn_print(ndo, sreoff, srelen, bp, len);
409 ND_PRINT(")");
410 break;
411 default:
412 ND_PRINT(", (rtaf=0x%x)", af);
413 ret = 1;
414 }
415 return (ret);
416 }
417
418 static int
419 gre_sre_ip_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
420 const u_char *bp, u_int len)
421 {
422 const u_char *up = bp;
423 char buf[INET_ADDRSTRLEN];
424
425 if (sreoff & 3) {
426 ND_PRINT(", badoffset=%u", sreoff);
427 goto invalid;
428 }
429 if (srelen & 3) {
430 ND_PRINT(", badlength=%u", srelen);
431 goto invalid;
432 }
433 if (sreoff >= srelen) {
434 ND_PRINT(", badoff/len=%u/%u", sreoff, srelen);
435 goto invalid;
436 }
437
438 while (srelen != 0) {
439 ND_ICHECK_U(len, <, 4);
440
441 ND_TCHECK_LEN(bp, sizeof(nd_ipv4));
442 addrtostr(bp, buf, sizeof(buf));
443 ND_PRINT(" %s%s",
444 ((bp - up) == sreoff) ? "*" : "", buf);
445
446 bp += 4;
447 len -= 4;
448 srelen -= 4;
449 }
450 return 1;
451
452 invalid:
453 return 0;
454 }
455
456 static int
457 gre_sre_asn_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
458 const u_char *bp, u_int len)
459 {
460 const u_char *up = bp;
461
462 if (sreoff & 1) {
463 ND_PRINT(", badoffset=%u", sreoff);
464 goto invalid;
465 }
466 if (srelen & 1) {
467 ND_PRINT(", badlength=%u", srelen);
468 goto invalid;
469 }
470 if (sreoff >= srelen) {
471 ND_PRINT(", badoff/len=%u/%u", sreoff, srelen);
472 goto invalid;
473 }
474
475 while (srelen != 0) {
476 ND_ICHECK_U(len, <, 2);
477
478 ND_PRINT(" %s%x",
479 ((bp - up) == sreoff) ? "*" : "", GET_BE_U_2(bp));
480
481 bp += 2;
482 len -= 2;
483 srelen -= 2;
484 }
485 return 1;
486
487 invalid:
488 return 0;
489 }
[mirror] the TCPdump network dissector