]> The Tcpdump Group git mirrors - tcpdump/blob - print-ppp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
VJC: NDOize
[tcpdump] / print-ppp.c
1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22 * complete PPP support.
23 */
24
25 /*
26 * TODO:
27 * o resolve XXX as much as possible
28 * o MP support
29 * o BAP support
30 */
31
32 #ifdef HAVE_CONFIG_H
33 #include "config.h"
34 #endif
35
36 #include <tcpdump-stdinc.h>
37
38 #ifdef __bsdi__
39 #include <net/slcompress.h>
40 #include <net/if_ppp.h>
41 #endif
42
43 #include <stdio.h>
44 #include <stdlib.h>
45
46 #include "interface.h"
47 #include "extract.h"
48 #include "addrtoname.h"
49 #include "ppp.h"
50 #include "chdlc.h"
51 #include "ethertype.h"
52 #include "oui.h"
53
54 /*
55 * The following constatns are defined by IANA. Please refer to
56 * http://www.isi.edu/in-notes/iana/assignments/ppp-numbers
57 * for the up-to-date information.
58 */
59
60 /* Protocol Codes defined in ppp.h */
61
62 static const struct tok ppptype2str[] = {
63 { PPP_IP, "IP" },
64 { PPP_OSI, "OSI" },
65 { PPP_NS, "NS" },
66 { PPP_DECNET, "DECNET" },
67 { PPP_APPLE, "APPLE" },
68 { PPP_IPX, "IPX" },
69 { PPP_VJC, "VJC IP" },
70 { PPP_VJNC, "VJNC IP" },
71 { PPP_BRPDU, "BRPDU" },
72 { PPP_STII, "STII" },
73 { PPP_VINES, "VINES" },
74 { PPP_MPLS_UCAST, "MPLS" },
75 { PPP_MPLS_MCAST, "MPLS" },
76 { PPP_COMP, "Compressed"},
77 { PPP_ML, "MLPPP"},
78 { PPP_IPV6, "IP6"},
79
80 { PPP_HELLO, "HELLO" },
81 { PPP_LUXCOM, "LUXCOM" },
82 { PPP_SNS, "SNS" },
83 { PPP_IPCP, "IPCP" },
84 { PPP_OSICP, "OSICP" },
85 { PPP_NSCP, "NSCP" },
86 { PPP_DECNETCP, "DECNETCP" },
87 { PPP_APPLECP, "APPLECP" },
88 { PPP_IPXCP, "IPXCP" },
89 { PPP_STIICP, "STIICP" },
90 { PPP_VINESCP, "VINESCP" },
91 { PPP_IPV6CP, "IP6CP" },
92 { PPP_MPLSCP, "MPLSCP" },
93
94 { PPP_LCP, "LCP" },
95 { PPP_PAP, "PAP" },
96 { PPP_LQM, "LQM" },
97 { PPP_CHAP, "CHAP" },
98 { PPP_EAP, "EAP" },
99 { PPP_SPAP, "SPAP" },
100 { PPP_SPAP_OLD, "Old-SPAP" },
101 { PPP_BACP, "BACP" },
102 { PPP_BAP, "BAP" },
103 { PPP_MPCP, "MLPPP-CP" },
104 { PPP_CCP, "CCP" },
105 { 0, NULL }
106 };
107
108 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
109
110 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
111 #define CPCODES_CONF_REQ 1 /* Configure-Request */
112 #define CPCODES_CONF_ACK 2 /* Configure-Ack */
113 #define CPCODES_CONF_NAK 3 /* Configure-Nak */
114 #define CPCODES_CONF_REJ 4 /* Configure-Reject */
115 #define CPCODES_TERM_REQ 5 /* Terminate-Request */
116 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */
117 #define CPCODES_CODE_REJ 7 /* Code-Reject */
118 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
119 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
120 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
121 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
122 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
123 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
124 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
125 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
126
127 static const struct tok cpcodes[] = {
128 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
129 {CPCODES_CONF_REQ, "Conf-Request"},
130 {CPCODES_CONF_ACK, "Conf-Ack"},
131 {CPCODES_CONF_NAK, "Conf-Nack"},
132 {CPCODES_CONF_REJ, "Conf-Reject"},
133 {CPCODES_TERM_REQ, "Term-Request"},
134 {CPCODES_TERM_ACK, "Term-Ack"},
135 {CPCODES_CODE_REJ, "Code-Reject"},
136 {CPCODES_PROT_REJ, "Prot-Reject"},
137 {CPCODES_ECHO_REQ, "Echo-Request"},
138 {CPCODES_ECHO_RPL, "Echo-Reply"},
139 {CPCODES_DISC_REQ, "Disc-Req"},
140 {CPCODES_ID, "Ident"}, /* RFC1570 */
141 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
142 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
143 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
144 {0, NULL}
145 };
146
147 /* LCP Config Options */
148
149 #define LCPOPT_VEXT 0
150 #define LCPOPT_MRU 1
151 #define LCPOPT_ACCM 2
152 #define LCPOPT_AP 3
153 #define LCPOPT_QP 4
154 #define LCPOPT_MN 5
155 #define LCPOPT_DEP6 6
156 #define LCPOPT_PFC 7
157 #define LCPOPT_ACFC 8
158 #define LCPOPT_FCSALT 9
159 #define LCPOPT_SDP 10
160 #define LCPOPT_NUMMODE 11
161 #define LCPOPT_DEP12 12
162 #define LCPOPT_CBACK 13
163 #define LCPOPT_DEP14 14
164 #define LCPOPT_DEP15 15
165 #define LCPOPT_DEP16 16
166 #define LCPOPT_MLMRRU 17
167 #define LCPOPT_MLSSNHF 18
168 #define LCPOPT_MLED 19
169 #define LCPOPT_PROP 20
170 #define LCPOPT_DCEID 21
171 #define LCPOPT_MPP 22
172 #define LCPOPT_LD 23
173 #define LCPOPT_LCPAOPT 24
174 #define LCPOPT_COBS 25
175 #define LCPOPT_PE 26
176 #define LCPOPT_MLHF 27
177 #define LCPOPT_I18N 28
178 #define LCPOPT_SDLOS 29
179 #define LCPOPT_PPPMUX 30
180
181 #define LCPOPT_MIN LCPOPT_VEXT
182 #define LCPOPT_MAX LCPOPT_PPPMUX
183
184 static const char *lcpconfopts[] = {
185 "Vend-Ext", /* (0) */
186 "MRU", /* (1) */
187 "ACCM", /* (2) */
188 "Auth-Prot", /* (3) */
189 "Qual-Prot", /* (4) */
190 "Magic-Num", /* (5) */
191 "deprecated(6)", /* used to be a Quality Protocol */
192 "PFC", /* (7) */
193 "ACFC", /* (8) */
194 "FCS-Alt", /* (9) */
195 "SDP", /* (10) */
196 "Num-Mode", /* (11) */
197 "deprecated(12)", /* used to be a Multi-Link-Procedure*/
198 "Call-Back", /* (13) */
199 "deprecated(14)", /* used to be a Connect-Time */
200 "deprecated(15)", /* used to be a Compund-Frames */
201 "deprecated(16)", /* used to be a Nominal-Data-Encap */
202 "MRRU", /* (17) */
203 "12-Bit seq #", /* (18) */
204 "End-Disc", /* (19) */
205 "Proprietary", /* (20) */
206 "DCE-Id", /* (21) */
207 "MP+", /* (22) */
208 "Link-Disc", /* (23) */
209 "LCP-Auth-Opt", /* (24) */
210 "COBS", /* (25) */
211 "Prefix-elision", /* (26) */
212 "Multilink-header-Form",/* (27) */
213 "I18N", /* (28) */
214 "SDL-over-SONET/SDH", /* (29) */
215 "PPP-Muxing", /* (30) */
216 };
217
218 /* ECP - to be supported */
219
220 /* CCP Config Options */
221
222 #define CCPOPT_OUI 0 /* RFC1962 */
223 #define CCPOPT_PRED1 1 /* RFC1962 */
224 #define CCPOPT_PRED2 2 /* RFC1962 */
225 #define CCPOPT_PJUMP 3 /* RFC1962 */
226 /* 4-15 unassigned */
227 #define CCPOPT_HPPPC 16 /* RFC1962 */
228 #define CCPOPT_STACLZS 17 /* RFC1974 */
229 #define CCPOPT_MPPC 18 /* RFC2118 */
230 #define CCPOPT_GFZA 19 /* RFC1962 */
231 #define CCPOPT_V42BIS 20 /* RFC1962 */
232 #define CCPOPT_BSDCOMP 21 /* RFC1977 */
233 /* 22 unassigned */
234 #define CCPOPT_LZSDCP 23 /* RFC1967 */
235 #define CCPOPT_MVRCA 24 /* RFC1975 */
236 #define CCPOPT_DEC 25 /* RFC1976 */
237 #define CCPOPT_DEFLATE 26 /* RFC1979 */
238 /* 27-254 unassigned */
239 #define CCPOPT_RESV 255 /* RFC1962 */
240
241 static const struct tok ccpconfopts_values[] = {
242 { CCPOPT_OUI, "OUI" },
243 { CCPOPT_PRED1, "Pred-1" },
244 { CCPOPT_PRED2, "Pred-2" },
245 { CCPOPT_PJUMP, "Puddle" },
246 { CCPOPT_HPPPC, "HP-PPC" },
247 { CCPOPT_STACLZS, "Stac-LZS" },
248 { CCPOPT_MPPC, "MPPC" },
249 { CCPOPT_GFZA, "Gand-FZA" },
250 { CCPOPT_V42BIS, "V.42bis" },
251 { CCPOPT_BSDCOMP, "BSD-Comp" },
252 { CCPOPT_LZSDCP, "LZS-DCP" },
253 { CCPOPT_MVRCA, "MVRCA" },
254 { CCPOPT_DEC, "DEC" },
255 { CCPOPT_DEFLATE, "Deflate" },
256 { CCPOPT_RESV, "Reserved"},
257 {0, NULL}
258 };
259
260 /* BACP Config Options */
261
262 #define BACPOPT_FPEER 1 /* RFC2125 */
263
264 static const struct tok bacconfopts_values[] = {
265 { BACPOPT_FPEER, "Favored-Peer" },
266 {0, NULL}
267 };
268
269
270 /* SDCP - to be supported */
271
272 /* IPCP Config Options */
273 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
274 #define IPCPOPT_IPCOMP 2 /* RFC1332 */
275 #define IPCPOPT_ADDR 3 /* RFC1332 */
276 #define IPCPOPT_MOBILE4 4 /* RFC2290 */
277 #define IPCPOPT_PRIDNS 129 /* RFC1877 */
278 #define IPCPOPT_PRINBNS 130 /* RFC1877 */
279 #define IPCPOPT_SECDNS 131 /* RFC1877 */
280 #define IPCPOPT_SECNBNS 132 /* RFC1877 */
281
282 static const struct tok ipcpopt_values[] = {
283 { IPCPOPT_2ADDR, "IP-Addrs" },
284 { IPCPOPT_IPCOMP, "IP-Comp" },
285 { IPCPOPT_ADDR, "IP-Addr" },
286 { IPCPOPT_MOBILE4, "Home-Addr" },
287 { IPCPOPT_PRIDNS, "Pri-DNS" },
288 { IPCPOPT_PRINBNS, "Pri-NBNS" },
289 { IPCPOPT_SECDNS, "Sec-DNS" },
290 { IPCPOPT_SECNBNS, "Sec-NBNS" },
291 { 0, NULL }
292 };
293
294 #define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */
295 #define IPCPOPT_IPCOMP_MINLEN 14
296
297 static const struct tok ipcpopt_compproto_values[] = {
298 { PPP_VJC, "VJ-Comp" },
299 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
300 { 0, NULL }
301 };
302
303 static const struct tok ipcpopt_compproto_subopt_values[] = {
304 { 1, "RTP-Compression" },
305 { 2, "Enhanced RTP-Compression" },
306 { 0, NULL }
307 };
308
309 /* IP6CP Config Options */
310 #define IP6CP_IFID 1
311
312 static const struct tok ip6cpopt_values[] = {
313 { IP6CP_IFID, "Interface-ID" },
314 { 0, NULL }
315 };
316
317 /* ATCP - to be supported */
318 /* OSINLCP - to be supported */
319 /* BVCP - to be supported */
320 /* BCP - to be supported */
321 /* IPXCP - to be supported */
322 /* MPLSCP - to be supported */
323
324 /* Auth Algorithms */
325
326 /* 0-4 Reserved (RFC1994) */
327 #define AUTHALG_CHAPMD5 5 /* RFC1994 */
328 #define AUTHALG_MSCHAP1 128 /* RFC2433 */
329 #define AUTHALG_MSCHAP2 129 /* RFC2795 */
330
331 static const struct tok authalg_values[] = {
332 { AUTHALG_CHAPMD5, "MD5" },
333 { AUTHALG_MSCHAP1, "MS-CHAPv1" },
334 { AUTHALG_MSCHAP2, "MS-CHAPv2" },
335 { 0, NULL }
336 };
337
338 /* FCS Alternatives - to be supported */
339
340 /* Multilink Endpoint Discriminator (RFC1717) */
341 #define MEDCLASS_NULL 0 /* Null Class */
342 #define MEDCLASS_LOCAL 1 /* Locally Assigned */
343 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
344 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
345 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */
346 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
347
348 /* PPP LCP Callback */
349 #define CALLBACK_AUTH 0 /* Location determined by user auth */
350 #define CALLBACK_DSTR 1 /* Dialing string */
351 #define CALLBACK_LID 2 /* Location identifier */
352 #define CALLBACK_E164 3 /* E.164 number */
353 #define CALLBACK_X500 4 /* X.500 distinguished name */
354 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
355
356 static const struct tok ppp_callback_values[] = {
357 { CALLBACK_AUTH, "UserAuth" },
358 { CALLBACK_DSTR, "DialString" },
359 { CALLBACK_LID, "LocalID" },
360 { CALLBACK_E164, "E.164" },
361 { CALLBACK_X500, "X.500" },
362 { CALLBACK_CBCP, "CBCP" },
363 { 0, NULL }
364 };
365
366 /* CHAP */
367
368 #define CHAP_CHAL 1
369 #define CHAP_RESP 2
370 #define CHAP_SUCC 3
371 #define CHAP_FAIL 4
372
373 static const struct tok chapcode_values[] = {
374 { CHAP_CHAL, "Challenge" },
375 { CHAP_RESP, "Response" },
376 { CHAP_SUCC, "Success" },
377 { CHAP_FAIL, "Fail" },
378 { 0, NULL}
379 };
380
381 /* PAP */
382
383 #define PAP_AREQ 1
384 #define PAP_AACK 2
385 #define PAP_ANAK 3
386
387 static const struct tok papcode_values[] = {
388 { PAP_AREQ, "Auth-Req" },
389 { PAP_AACK, "Auth-ACK" },
390 { PAP_ANAK, "Auth-NACK" },
391 { 0, NULL }
392 };
393
394 /* BAP */
395 #define BAP_CALLREQ 1
396 #define BAP_CALLRES 2
397 #define BAP_CBREQ 3
398 #define BAP_CBRES 4
399 #define BAP_LDQREQ 5
400 #define BAP_LDQRES 6
401 #define BAP_CSIND 7
402 #define BAP_CSRES 8
403
404 static void handle_ctrl_proto (u_int proto,const u_char *p, int length);
405 static void handle_chap (const u_char *p, int length);
406 static void handle_pap (const u_char *p, int length);
407 static void handle_bap (const u_char *p, int length);
408 static void handle_mlppp(const u_char *p, int length);
409 static int print_lcp_config_options (const u_char *p, int);
410 static int print_ipcp_config_options (const u_char *p, int);
411 static int print_ip6cp_config_options (const u_char *p, int);
412 static int print_ccp_config_options (const u_char *p, int);
413 static int print_bacp_config_options (const u_char *p, int);
414 static void handle_ppp (u_int proto, const u_char *p, int length);
415 static void ppp_hdlc(const u_char *p, int length);
416
417 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
418 static void
419 handle_ctrl_proto(u_int proto, const u_char *pptr, int length)
420 {
421 const char *typestr;
422 u_int code, len;
423 int (*pfunc)(const u_char *, int);
424 int x, j;
425 const u_char *tptr;
426
427 tptr=pptr;
428
429 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
430 printf("%s, ",typestr);
431
432 if (length < 4) /* FIXME weak boundary checking */
433 goto trunc;
434 TCHECK2(*tptr, 2);
435
436 code = *tptr++;
437
438 printf("%s (0x%02x), id %u, length %u",
439 tok2str(cpcodes, "Unknown Opcode",code),
440 code,
441 *tptr++, /* ID */
442 length+2);
443
444 if (!vflag)
445 return;
446
447 if (length <= 4)
448 return; /* there may be a NULL confreq etc. */
449
450 TCHECK2(*tptr, 2);
451 len = EXTRACT_16BITS(tptr);
452 tptr += 2;
453
454 printf("\n\tencoded length %u (=Option(s) length %u)",len,len-4);
455
456 if (vflag>1)
457 print_unknown_data(gndo,pptr-2,"\n\t",6);
458
459
460 switch (code) {
461 case CPCODES_VEXT:
462 if (length < 11)
463 break;
464 TCHECK2(*tptr, 4);
465 printf("\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
466 tptr += 4;
467 TCHECK2(*tptr, 3);
468 printf(" Vendor: %s (%u)",
469 tok2str(oui_values,"Unknown",EXTRACT_24BITS(tptr)),
470 EXTRACT_24BITS(tptr));
471 /* XXX: need to decode Kind and Value(s)? */
472 break;
473 case CPCODES_CONF_REQ:
474 case CPCODES_CONF_ACK:
475 case CPCODES_CONF_NAK:
476 case CPCODES_CONF_REJ:
477 x = len - 4; /* Code(1), Identifier(1) and Length(2) */
478 do {
479 switch (proto) {
480 case PPP_LCP:
481 pfunc = print_lcp_config_options;
482 break;
483 case PPP_IPCP:
484 pfunc = print_ipcp_config_options;
485 break;
486 case PPP_IPV6CP:
487 pfunc = print_ip6cp_config_options;
488 break;
489 case PPP_CCP:
490 pfunc = print_ccp_config_options;
491 break;
492 case PPP_BACP:
493 pfunc = print_bacp_config_options;
494 break;
495 default:
496 /*
497 * No print routine for the options for
498 * this protocol.
499 */
500 pfunc = NULL;
501 break;
502 }
503
504 if (pfunc == NULL) /* catch the above null pointer if unknown CP */
505 break;
506
507 if ((j = (*pfunc)(tptr, len)) == 0)
508 break;
509 x -= j;
510 tptr += j;
511 } while (x > 0);
512 break;
513
514 case CPCODES_TERM_REQ:
515 case CPCODES_TERM_ACK:
516 /* XXX: need to decode Data? */
517 break;
518 case CPCODES_CODE_REJ:
519 /* XXX: need to decode Rejected-Packet? */
520 break;
521 case CPCODES_PROT_REJ:
522 if (length < 6)
523 break;
524 TCHECK2(*tptr, 2);
525 printf("\n\t Rejected %s Protocol (0x%04x)",
526 tok2str(ppptype2str,"unknown", EXTRACT_16BITS(tptr)),
527 EXTRACT_16BITS(tptr));
528 /* XXX: need to decode Rejected-Information? - hexdump for now */
529 if (len > 6) {
530 printf("\n\t Rejected Packet");
531 print_unknown_data(gndo,tptr+2,"\n\t ",len-2);
532 }
533 break;
534 case CPCODES_ECHO_REQ:
535 case CPCODES_ECHO_RPL:
536 case CPCODES_DISC_REQ:
537 if (length < 8)
538 break;
539 TCHECK2(*tptr, 4);
540 printf("\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
541 /* XXX: need to decode Data? - hexdump for now */
542 if (len > 8) {
543 printf("\n\t -----trailing data-----");
544 TCHECK2(tptr[4], len-8);
545 print_unknown_data(gndo,tptr+4,"\n\t ",len-8);
546 }
547 break;
548 case CPCODES_ID:
549 if (length < 8)
550 break;
551 TCHECK2(*tptr, 4);
552 printf("\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
553 /* RFC 1661 says this is intended to be human readable */
554 if (len > 8) {
555 printf("\n\t Message\n\t ");
556 fn_printn(tptr+4,len-4,snapend);
557 }
558 break;
559 case CPCODES_TIME_REM:
560 if (length < 12)
561 break;
562 TCHECK2(*tptr, 4);
563 printf("\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
564 TCHECK2(*(tptr + 4), 4);
565 printf(", Seconds-Remaining %us", EXTRACT_32BITS(tptr + 4));
566 /* XXX: need to decode Message? */
567 break;
568 default:
569 /* XXX this is dirty but we do not get the
570 * original pointer passed to the begin
571 * the PPP packet */
572 if (vflag <= 1)
573 print_unknown_data(gndo,pptr-2,"\n\t ",length+2);
574 break;
575 }
576 return;
577
578 trunc:
579 printf("[|%s]", typestr);
580 }
581
582 /* LCP config options */
583 static int
584 print_lcp_config_options(const u_char *p, int length)
585 {
586 int len, opt;
587
588 if (length < 2)
589 return 0;
590 TCHECK2(*p, 2);
591 len = p[1];
592 opt = p[0];
593 if (length < len)
594 return 0;
595 if (len < 2) {
596 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
597 printf("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", lcpconfopts[opt],opt,len);
598 else
599 printf("\n\tunknown LCP option 0x%02x", opt);
600 return 0;
601 }
602 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
603 printf("\n\t %s Option (0x%02x), length %u", lcpconfopts[opt],opt,len);
604 else {
605 printf("\n\tunknown LCP option 0x%02x", opt);
606 return len;
607 }
608
609 switch (opt) {
610 case LCPOPT_VEXT:
611 if (len < 6) {
612 printf(" (length bogus, should be >= 6)");
613 return len;
614 }
615 TCHECK2(*(p + 2), 3);
616 printf(": Vendor: %s (%u)",
617 tok2str(oui_values,"Unknown",EXTRACT_24BITS(p+2)),
618 EXTRACT_24BITS(p+2));
619 #if 0
620 TCHECK(p[5]);
621 printf(", kind: 0x%02x", p[5]);
622 printf(", Value: 0x")
623 for (i = 0; i < len - 6; i++) {
624 TCHECK(p[6 + i]);
625 printf("%02x", p[6 + i]);
626 }
627 #endif
628 break;
629 case LCPOPT_MRU:
630 if (len != 4) {
631 printf(" (length bogus, should be = 4)");
632 return len;
633 }
634 TCHECK2(*(p + 2), 2);
635 printf(": %u", EXTRACT_16BITS(p + 2));
636 break;
637 case LCPOPT_ACCM:
638 if (len != 6) {
639 printf(" (length bogus, should be = 6)");
640 return len;
641 }
642 TCHECK2(*(p + 2), 4);
643 printf(": 0x%08x", EXTRACT_32BITS(p + 2));
644 break;
645 case LCPOPT_AP:
646 if (len < 4) {
647 printf(" (length bogus, should be >= 4)");
648 return len;
649 }
650 TCHECK2(*(p + 2), 2);
651 printf(": %s", tok2str(ppptype2str,"Unknown Auth Proto (0x04x)",EXTRACT_16BITS(p+2)));
652
653 switch (EXTRACT_16BITS(p+2)) {
654 case PPP_CHAP:
655 TCHECK(p[4]);
656 printf(", %s",tok2str(authalg_values,"Unknown Auth Alg %u",p[4]));
657 break;
658 case PPP_PAP: /* fall through */
659 case PPP_EAP:
660 case PPP_SPAP:
661 case PPP_SPAP_OLD:
662 break;
663 default:
664 print_unknown_data(gndo,p,"\n\t",len);
665 }
666 break;
667 case LCPOPT_QP:
668 if (len < 4) {
669 printf(" (length bogus, should be >= 4)");
670 return 0;
671 }
672 TCHECK2(*(p + 2), 2);
673 if (EXTRACT_16BITS(p+2) == PPP_LQM)
674 printf(": LQR");
675 else
676 printf(": unknown");
677 break;
678 case LCPOPT_MN:
679 if (len != 6) {
680 printf(" (length bogus, should be = 6)");
681 return 0;
682 }
683 TCHECK2(*(p + 2), 4);
684 printf(": 0x%08x", EXTRACT_32BITS(p + 2));
685 break;
686 case LCPOPT_PFC:
687 break;
688 case LCPOPT_ACFC:
689 break;
690 case LCPOPT_LD:
691 if (len != 4) {
692 printf(" (length bogus, should be = 4)");
693 return 0;
694 }
695 TCHECK2(*(p + 2), 2);
696 printf(": 0x%04x", EXTRACT_16BITS(p + 2));
697 break;
698 case LCPOPT_CBACK:
699 if (len < 3) {
700 printf(" (length bogus, should be >= 3)");
701 return 0;
702 }
703 printf(": ");
704 TCHECK(p[2]);
705 printf(": Callback Operation %s (%u)",
706 tok2str(ppp_callback_values,"Unknown",p[2]),
707 p[2]);
708 break;
709 case LCPOPT_MLMRRU:
710 if (len != 4) {
711 printf(" (length bogus, should be = 4)");
712 return 0;
713 }
714 TCHECK2(*(p + 2), 2);
715 printf(": %u", EXTRACT_16BITS(p + 2));
716 break;
717 case LCPOPT_MLED:
718 if (len < 3) {
719 printf(" (length bogus, should be >= 3)");
720 return 0;
721 }
722 TCHECK(p[2]);
723 switch (p[2]) { /* class */
724 case MEDCLASS_NULL:
725 printf(": Null");
726 break;
727 case MEDCLASS_LOCAL:
728 printf(": Local"); /* XXX */
729 break;
730 case MEDCLASS_IPV4:
731 if (len != 7) {
732 printf(" (length bogus, should be = 7)");
733 return 0;
734 }
735 TCHECK2(*(p + 3), 4);
736 printf(": IPv4 %s", ipaddr_string(p + 3));
737 break;
738 case MEDCLASS_MAC:
739 if (len != 9) {
740 printf(" (length bogus, should be = 9)");
741 return 0;
742 }
743 TCHECK(p[8]);
744 printf(": MAC %02x:%02x:%02x:%02x:%02x:%02x",
745 p[3], p[4], p[5], p[6], p[7], p[8]);
746 break;
747 case MEDCLASS_MNB:
748 printf(": Magic-Num-Block"); /* XXX */
749 break;
750 case MEDCLASS_PSNDN:
751 printf(": PSNDN"); /* XXX */
752 break;
753 default:
754 printf(": Unknown class %u", p[2]);
755 break;
756 }
757 break;
758
759 /* XXX: to be supported */
760 #if 0
761 case LCPOPT_DEP6:
762 case LCPOPT_FCSALT:
763 case LCPOPT_SDP:
764 case LCPOPT_NUMMODE:
765 case LCPOPT_DEP12:
766 case LCPOPT_DEP14:
767 case LCPOPT_DEP15:
768 case LCPOPT_DEP16:
769 case LCPOPT_MLSSNHF:
770 case LCPOPT_PROP:
771 case LCPOPT_DCEID:
772 case LCPOPT_MPP:
773 case LCPOPT_LCPAOPT:
774 case LCPOPT_COBS:
775 case LCPOPT_PE:
776 case LCPOPT_MLHF:
777 case LCPOPT_I18N:
778 case LCPOPT_SDLOS:
779 case LCPOPT_PPPMUX:
780 break;
781 #endif
782 default:
783 /*
784 * Unknown option; dump it as raw bytes now if we're
785 * not going to do so below.
786 */
787 if(vflag<2)
788 print_unknown_data(gndo,&p[2],"\n\t ",len-2);
789 break;
790 }
791
792 if (vflag>1)
793 print_unknown_data(gndo,&p[2],"\n\t ",len-2); /* exclude TLV header */
794
795 return len;
796
797 trunc:
798 printf("[|lcp]");
799 return 0;
800 }
801
802 /* ML-PPP*/
803 static const struct tok ppp_ml_flag_values[] = {
804 { 0x80, "begin" },
805 { 0x40, "end" },
806 { 0, NULL }
807 };
808
809 static void
810 handle_mlppp(const u_char *p, int length) {
811
812 if (!eflag)
813 printf("MLPPP, ");
814
815 printf("seq 0x%03x, Flags [%s], length %u",
816 (EXTRACT_16BITS(p))&0x0fff, /* only support 12-Bit sequence space for now */
817 bittok2str(ppp_ml_flag_values, "none", *p & 0xc0),
818 length);
819
820 return;
821 }
822
823 /* CHAP */
824 static void
825 handle_chap(const u_char *p, int length)
826 {
827 u_int code, len;
828 int val_size, name_size, msg_size;
829 const u_char *p0;
830 int i;
831
832 p0 = p;
833 if (length < 1) {
834 printf("[|chap]");
835 return;
836 } else if (length < 4) {
837 TCHECK(*p);
838 printf("[|chap 0x%02x]", *p);
839 return;
840 }
841
842 TCHECK(*p);
843 code = *p;
844 printf("CHAP, %s (0x%02x)",
845 tok2str(chapcode_values,"unknown",code),
846 code);
847 p++;
848
849 TCHECK(*p);
850 printf(", id %u", *p); /* ID */
851 p++;
852
853 TCHECK2(*p, 2);
854 len = EXTRACT_16BITS(p);
855 p += 2;
856
857 /*
858 * Note that this is a generic CHAP decoding routine. Since we
859 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
860 * MS-CHAPv2) is used at this point, we can't decode packet
861 * specifically to each algorithms. Instead, we simply decode
862 * the GCD (Gratest Common Denominator) for all algorithms.
863 */
864 switch (code) {
865 case CHAP_CHAL:
866 case CHAP_RESP:
867 if (length - (p - p0) < 1)
868 return;
869 TCHECK(*p);
870 val_size = *p; /* value size */
871 p++;
872 if (length - (p - p0) < val_size)
873 return;
874 printf(", Value ");
875 for (i = 0; i < val_size; i++) {
876 TCHECK(*p);
877 printf("%02x", *p++);
878 }
879 name_size = len - (p - p0);
880 printf(", Name ");
881 for (i = 0; i < name_size; i++) {
882 TCHECK(*p);
883 safeputchar(*p++);
884 }
885 break;
886 case CHAP_SUCC:
887 case CHAP_FAIL:
888 msg_size = len - (p - p0);
889 printf(", Msg ");
890 for (i = 0; i< msg_size; i++) {
891 TCHECK(*p);
892 safeputchar(*p++);
893 }
894 break;
895 }
896 return;
897
898 trunc:
899 printf("[|chap]");
900 }
901
902 /* PAP (see RFC 1334) */
903 static void
904 handle_pap(const u_char *p, int length)
905 {
906 u_int code, len;
907 int peerid_len, passwd_len, msg_len;
908 const u_char *p0;
909 int i;
910
911 p0 = p;
912 if (length < 1) {
913 printf("[|pap]");
914 return;
915 } else if (length < 4) {
916 TCHECK(*p);
917 printf("[|pap 0x%02x]", *p);
918 return;
919 }
920
921 TCHECK(*p);
922 code = *p;
923 printf("PAP, %s (0x%02x)",
924 tok2str(papcode_values,"unknown",code),
925 code);
926 p++;
927
928 TCHECK(*p);
929 printf(", id %u", *p); /* ID */
930 p++;
931
932 TCHECK2(*p, 2);
933 len = EXTRACT_16BITS(p);
934 p += 2;
935
936 if ((int)len > length) {
937 printf(", length %u > packet size", len);
938 return;
939 }
940 length = len;
941 if (length < (p - p0)) {
942 printf(", length %u < PAP header length", length);
943 return;
944 }
945
946 switch (code) {
947 case PAP_AREQ:
948 if (length - (p - p0) < 1)
949 return;
950 TCHECK(*p);
951 peerid_len = *p; /* Peer-ID Length */
952 p++;
953 if (length - (p - p0) < peerid_len)
954 return;
955 printf(", Peer ");
956 for (i = 0; i < peerid_len; i++) {
957 TCHECK(*p);
958 safeputchar(*p++);
959 }
960
961 if (length - (p - p0) < 1)
962 return;
963 TCHECK(*p);
964 passwd_len = *p; /* Password Length */
965 p++;
966 if (length - (p - p0) < passwd_len)
967 return;
968 printf(", Name ");
969 for (i = 0; i < passwd_len; i++) {
970 TCHECK(*p);
971 safeputchar(*p++);
972 }
973 break;
974 case PAP_AACK:
975 case PAP_ANAK:
976 if (length - (p - p0) < 1)
977 return;
978 TCHECK(*p);
979 msg_len = *p; /* Msg-Length */
980 p++;
981 if (length - (p - p0) < msg_len)
982 return;
983 printf(", Msg ");
984 for (i = 0; i< msg_len; i++) {
985 TCHECK(*p);
986 safeputchar(*p++);
987 }
988 break;
989 }
990 return;
991
992 trunc:
993 printf("[|pap]");
994 }
995
996 /* BAP */
997 static void
998 handle_bap(const u_char *p _U_, int length _U_)
999 {
1000 /* XXX: to be supported!! */
1001 }
1002
1003
1004 /* IPCP config options */
1005 static int
1006 print_ipcp_config_options(const u_char *p, int length)
1007 {
1008 int len, opt;
1009 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
1010
1011 if (length < 2)
1012 return 0;
1013 TCHECK2(*p, 2);
1014 len = p[1];
1015 opt = p[0];
1016 if (length < len)
1017 return 0;
1018 if (len < 2) {
1019 printf("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1020 tok2str(ipcpopt_values,"unknown",opt),
1021 opt,
1022 len);
1023 return 0;
1024 }
1025
1026 printf("\n\t %s Option (0x%02x), length %u",
1027 tok2str(ipcpopt_values,"unknown",opt),
1028 opt,
1029 len);
1030
1031 switch (opt) {
1032 case IPCPOPT_2ADDR: /* deprecated */
1033 if (len != 10) {
1034 printf(" (length bogus, should be = 10)");
1035 return len;
1036 }
1037 TCHECK2(*(p + 6), 4);
1038 printf(": src %s, dst %s",
1039 ipaddr_string(p + 2),
1040 ipaddr_string(p + 6));
1041 break;
1042 case IPCPOPT_IPCOMP:
1043 if (len < 4) {
1044 printf(" (length bogus, should be >= 4)");
1045 return 0;
1046 }
1047 TCHECK2(*(p + 2), 2);
1048 compproto = EXTRACT_16BITS(p+2);
1049
1050 printf(": %s (0x%02x):",
1051 tok2str(ipcpopt_compproto_values,"Unknown",compproto),
1052 compproto);
1053
1054 switch (compproto) {
1055 case PPP_VJC:
1056 /* XXX: VJ-Comp parameters should be decoded */
1057 break;
1058 case IPCPOPT_IPCOMP_HDRCOMP:
1059 if (len < IPCPOPT_IPCOMP_MINLEN) {
1060 printf(" (length bogus, should be >= %u)",
1061 IPCPOPT_IPCOMP_MINLEN);
1062 return 0;
1063 }
1064
1065 TCHECK2(*(p + 2), IPCPOPT_IPCOMP_MINLEN);
1066 printf("\n\t TCP Space %u, non-TCP Space %u" \
1067 ", maxPeriod %u, maxTime %u, maxHdr %u",
1068 EXTRACT_16BITS(p+4),
1069 EXTRACT_16BITS(p+6),
1070 EXTRACT_16BITS(p+8),
1071 EXTRACT_16BITS(p+10),
1072 EXTRACT_16BITS(p+12));
1073
1074 /* suboptions present ? */
1075 if (len > IPCPOPT_IPCOMP_MINLEN) {
1076 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
1077 p += IPCPOPT_IPCOMP_MINLEN;
1078
1079 printf("\n\t Suboptions, length %u", ipcomp_subopttotallen);
1080
1081 while (ipcomp_subopttotallen >= 2) {
1082 TCHECK2(*p, 2);
1083 ipcomp_subopt = *p;
1084 ipcomp_suboptlen = *(p+1);
1085
1086 /* sanity check */
1087 if (ipcomp_subopt == 0 ||
1088 ipcomp_suboptlen == 0 )
1089 break;
1090
1091 /* XXX: just display the suboptions for now */
1092 printf("\n\t\t%s Suboption #%u, length %u",
1093 tok2str(ipcpopt_compproto_subopt_values,
1094 "Unknown",
1095 ipcomp_subopt),
1096 ipcomp_subopt,
1097 ipcomp_suboptlen);
1098
1099 ipcomp_subopttotallen -= ipcomp_suboptlen;
1100 p += ipcomp_suboptlen;
1101 }
1102 }
1103 break;
1104 default:
1105 break;
1106 }
1107 break;
1108
1109 case IPCPOPT_ADDR: /* those options share the same format - fall through */
1110 case IPCPOPT_MOBILE4:
1111 case IPCPOPT_PRIDNS:
1112 case IPCPOPT_PRINBNS:
1113 case IPCPOPT_SECDNS:
1114 case IPCPOPT_SECNBNS:
1115 if (len != 6) {
1116 printf(" (length bogus, should be = 6)");
1117 return 0;
1118 }
1119 TCHECK2(*(p + 2), 4);
1120 printf(": %s", ipaddr_string(p + 2));
1121 break;
1122 default:
1123 /*
1124 * Unknown option; dump it as raw bytes now if we're
1125 * not going to do so below.
1126 */
1127 if(vflag<2)
1128 print_unknown_data(gndo,&p[2],"\n\t ",len-2);
1129 break;
1130 }
1131 if (vflag>1)
1132 print_unknown_data(gndo,&p[2],"\n\t ",len-2); /* exclude TLV header */
1133 return len;
1134
1135 trunc:
1136 printf("[|ipcp]");
1137 return 0;
1138 }
1139
1140 /* IP6CP config options */
1141 static int
1142 print_ip6cp_config_options(const u_char *p, int length)
1143 {
1144 int len, opt;
1145
1146 if (length < 2)
1147 return 0;
1148 TCHECK2(*p, 2);
1149 len = p[1];
1150 opt = p[0];
1151 if (length < len)
1152 return 0;
1153 if (len < 2) {
1154 printf("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1155 tok2str(ip6cpopt_values,"unknown",opt),
1156 opt,
1157 len);
1158 return 0;
1159 }
1160
1161 printf("\n\t %s Option (0x%02x), length %u",
1162 tok2str(ip6cpopt_values,"unknown",opt),
1163 opt,
1164 len);
1165
1166 switch (opt) {
1167 case IP6CP_IFID:
1168 if (len != 10) {
1169 printf(" (length bogus, should be = 10)");
1170 return len;
1171 }
1172 TCHECK2(*(p + 2), 8);
1173 printf(": %04x:%04x:%04x:%04x",
1174 EXTRACT_16BITS(p + 2),
1175 EXTRACT_16BITS(p + 4),
1176 EXTRACT_16BITS(p + 6),
1177 EXTRACT_16BITS(p + 8));
1178 break;
1179 default:
1180 /*
1181 * Unknown option; dump it as raw bytes now if we're
1182 * not going to do so below.
1183 */
1184 if(vflag<2)
1185 print_unknown_data(gndo,&p[2],"\n\t ",len-2);
1186 break;
1187 }
1188 if (vflag>1)
1189 print_unknown_data(gndo,&p[2],"\n\t ",len-2); /* exclude TLV header */
1190
1191 return len;
1192
1193 trunc:
1194 printf("[|ip6cp]");
1195 return 0;
1196 }
1197
1198
1199 /* CCP config options */
1200 static int
1201 print_ccp_config_options(const u_char *p, int length)
1202 {
1203 int len, opt;
1204
1205 if (length < 2)
1206 return 0;
1207 TCHECK2(*p, 2);
1208 len = p[1];
1209 opt = p[0];
1210 if (length < len)
1211 return 0;
1212 if (len < 2) {
1213 printf("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1214 tok2str(ccpconfopts_values, "Unknown", opt),
1215 opt,
1216 len);
1217 return 0;
1218 }
1219
1220 printf("\n\t %s Option (0x%02x), length %u",
1221 tok2str(ccpconfopts_values, "Unknown", opt),
1222 opt,
1223 len);
1224
1225 switch (opt) {
1226 case CCPOPT_BSDCOMP:
1227 if (len < 3) {
1228 printf(" (length bogus, should be >= 3)");
1229 return len;
1230 }
1231 TCHECK2(*(p + 2), 1);
1232 printf(": Version: %u, Dictionary Bits: %u",
1233 p[2] >> 5, p[2] & 0x1f);
1234 break;
1235 case CCPOPT_MVRCA:
1236 if (len < 4) {
1237 printf(" (length bogus, should be >= 4)");
1238 return len;
1239 }
1240 TCHECK2(*(p + 2), 1);
1241 printf(": Features: %u, PxP: %s, History: %u, #CTX-ID: %u",
1242 (p[2] & 0xc0) >> 5,
1243 (p[2] & 0x200) ? "Enabled" : "Disabled",
1244 p[2] & 0x1f, p[3]);
1245 break;
1246 case CCPOPT_DEFLATE:
1247 if (len < 4) {
1248 printf(" (length bogus, should be >= 4)");
1249 return len;
1250 }
1251 TCHECK2(*(p + 2), 1);
1252 printf(": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u",
1253 (p[2] & 0xf0) >> 4,
1254 ((p[2] & 0x0f) == 8) ? "zlib" : "unkown",
1255 p[2] & 0x0f, (p[3] & 0xfc) >> 2, p[3] & 0x03);
1256 break;
1257
1258 /* XXX: to be supported */
1259 #if 0
1260 case CCPOPT_OUI:
1261 case CCPOPT_PRED1:
1262 case CCPOPT_PRED2:
1263 case CCPOPT_PJUMP:
1264 case CCPOPT_HPPPC:
1265 case CCPOPT_STACLZS:
1266 case CCPOPT_MPPC:
1267 case CCPOPT_GFZA:
1268 case CCPOPT_V42BIS:
1269 case CCPOPT_LZSDCP:
1270 case CCPOPT_DEC:
1271 case CCPOPT_RESV:
1272 break;
1273 #endif
1274 default:
1275 /*
1276 * Unknown option; dump it as raw bytes now if we're
1277 * not going to do so below.
1278 */
1279 if(vflag<2)
1280 print_unknown_data(gndo,&p[2],"\n\t ",len-2);
1281 break;
1282 }
1283 if (vflag>1)
1284 print_unknown_data(gndo,&p[2],"\n\t ",len-2); /* exclude TLV header */
1285
1286 return len;
1287
1288 trunc:
1289 printf("[|ccp]");
1290 return 0;
1291 }
1292
1293 /* BACP config options */
1294 static int
1295 print_bacp_config_options(const u_char *p, int length)
1296 {
1297 int len, opt;
1298
1299 if (length < 2)
1300 return 0;
1301 TCHECK2(*p, 2);
1302 len = p[1];
1303 opt = p[0];
1304 if (length < len)
1305 return 0;
1306 if (len < 2) {
1307 printf("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1308 tok2str(bacconfopts_values, "Unknown", opt),
1309 opt,
1310 len);
1311 return 0;
1312 }
1313
1314 printf("\n\t %s Option (0x%02x), length %u",
1315 tok2str(bacconfopts_values, "Unknown", opt),
1316 opt,
1317 len);
1318
1319 switch (opt) {
1320 case BACPOPT_FPEER:
1321 if (len != 6) {
1322 printf(" (length bogus, should be = 6)");
1323 return len;
1324 }
1325 TCHECK2(*(p + 2), 4);
1326 printf(": Magic-Num 0x%08x", EXTRACT_32BITS(p + 2));
1327 break;
1328 default:
1329 /*
1330 * Unknown option; dump it as raw bytes now if we're
1331 * not going to do so below.
1332 */
1333 if(vflag<2)
1334 print_unknown_data(gndo,&p[2],"\n\t ",len-2);
1335 break;
1336 }
1337 if (vflag>1)
1338 print_unknown_data(gndo,&p[2],"\n\t ",len-2); /* exclude TLV header */
1339
1340 return len;
1341
1342 trunc:
1343 printf("[|bacp]");
1344 return 0;
1345 }
1346
1347
1348 static void
1349 ppp_hdlc(const u_char *p, int length)
1350 {
1351 u_char *b, *s, *t, c;
1352 int i, proto;
1353 const void *se;
1354
1355 if (length <= 0)
1356 return;
1357
1358 b = (u_int8_t *)malloc(length);
1359 if (b == NULL)
1360 return;
1361
1362 /*
1363 * Unescape all the data into a temporary, private, buffer.
1364 * Do this so that we dont overwrite the original packet
1365 * contents.
1366 */
1367 for (s = (u_char *)p, t = b, i = length; i > 0; i--) {
1368 c = *s++;
1369 if (c == 0x7d) {
1370 if (i > 1) {
1371 i--;
1372 c = *s++ ^ 0x20;
1373 } else
1374 continue;
1375 }
1376 *t++ = c;
1377 }
1378
1379 se = snapend;
1380 snapend = t;
1381 length = t - b;
1382
1383 /* now lets guess about the payload codepoint format */
1384 if (length < 1)
1385 goto trunc;
1386 proto = *b; /* start with a one-octet codepoint guess */
1387
1388 switch (proto) {
1389 case PPP_IP:
1390 ip_print(gndo, b+1, length - 1);
1391 goto cleanup;
1392 #ifdef INET6
1393 case PPP_IPV6:
1394 ip6_print(gndo, b+1, length - 1);
1395 goto cleanup;
1396 #endif
1397 default: /* no luck - try next guess */
1398 break;
1399 }
1400
1401 if (length < 2)
1402 goto trunc;
1403 proto = EXTRACT_16BITS(b); /* next guess - load two octets */
1404
1405 switch (proto) {
1406 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
1407 if (length < 4)
1408 goto trunc;
1409 proto = EXTRACT_16BITS(b+2); /* load the PPP proto-id */
1410 handle_ppp(proto, b+4, length - 4);
1411 break;
1412 default: /* last guess - proto must be a PPP proto-id */
1413 handle_ppp(proto, b+2, length - 2);
1414 break;
1415 }
1416
1417 cleanup:
1418 snapend = se;
1419 free(b);
1420 return;
1421
1422 trunc:
1423 snapend = se;
1424 free(b);
1425 printf("[|ppp]");
1426 return;
1427 }
1428
1429
1430 /* PPP */
1431 static void
1432 handle_ppp(u_int proto, const u_char *p, int length)
1433 {
1434 if ((proto & 0xff00) == 0x7e00) {/* is this an escape code ? */
1435 ppp_hdlc(p-1, length);
1436 return;
1437 }
1438
1439 switch (proto) {
1440 case PPP_LCP: /* fall through */
1441 case PPP_IPCP:
1442 case PPP_OSICP:
1443 case PPP_MPLSCP:
1444 case PPP_IPV6CP:
1445 case PPP_CCP:
1446 case PPP_BACP:
1447 handle_ctrl_proto(proto, p, length);
1448 break;
1449 case PPP_ML:
1450 handle_mlppp(p, length);
1451 break;
1452 case PPP_CHAP:
1453 handle_chap(p, length);
1454 break;
1455 case PPP_PAP:
1456 handle_pap(p, length);
1457 break;
1458 case PPP_BAP: /* XXX: not yet completed */
1459 handle_bap(p, length);
1460 break;
1461 case ETHERTYPE_IP: /*XXX*/
1462 case PPP_VJNC:
1463 case PPP_IP:
1464 ip_print(gndo, p, length);
1465 break;
1466 #ifdef INET6
1467 case ETHERTYPE_IPV6: /*XXX*/
1468 case PPP_IPV6:
1469 ip6_print(gndo, p, length);
1470 break;
1471 #endif
1472 case ETHERTYPE_IPX: /*XXX*/
1473 case PPP_IPX:
1474 ipx_print(p, length);
1475 break;
1476 case PPP_OSI:
1477 isoclns_print(p, length, length);
1478 break;
1479 case PPP_MPLS_UCAST:
1480 case PPP_MPLS_MCAST:
1481 mpls_print(p, length);
1482 break;
1483 case PPP_COMP:
1484 printf("compressed PPP data");
1485 break;
1486 default:
1487 printf("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
1488 print_unknown_data(gndo,p,"\n\t",length);
1489 break;
1490 }
1491 }
1492
1493 /* Standard PPP printer */
1494 u_int
1495 ppp_print(register const u_char *p, u_int length)
1496 {
1497 u_int proto,ppp_header;
1498 u_int olen = length; /* _o_riginal length */
1499 u_int hdr_len = 0;
1500
1501 /*
1502 * Here, we assume that p points to the Address and Control
1503 * field (if they present).
1504 */
1505 if (length < 2)
1506 goto trunc;
1507 TCHECK2(*p, 2);
1508 ppp_header = EXTRACT_16BITS(p);
1509
1510 switch(ppp_header) {
1511 case (PPP_WITHDIRECTION_IN << 8 | PPP_CONTROL):
1512 if (eflag) printf("In ");
1513 p += 2;
1514 length -= 2;
1515 hdr_len += 2;
1516 break;
1517 case (PPP_WITHDIRECTION_OUT << 8 | PPP_CONTROL):
1518 if (eflag) printf("Out ");
1519 p += 2;
1520 length -= 2;
1521 hdr_len += 2;
1522 break;
1523 case (PPP_ADDRESS << 8 | PPP_CONTROL):
1524 p += 2; /* ACFC not used */
1525 length -= 2;
1526 hdr_len += 2;
1527 break;
1528
1529 default:
1530 break;
1531 }
1532
1533 if (length < 2)
1534 goto trunc;
1535 TCHECK(*p);
1536 if (*p % 2) {
1537 proto = *p; /* PFC is used */
1538 p++;
1539 length--;
1540 hdr_len++;
1541 } else {
1542 TCHECK2(*p, 2);
1543 proto = EXTRACT_16BITS(p);
1544 p += 2;
1545 length -= 2;
1546 hdr_len += 2;
1547 }
1548
1549 if (eflag)
1550 printf("%s (0x%04x), length %u: ",
1551 tok2str(ppptype2str, "unknown", proto),
1552 proto,
1553 olen);
1554
1555 handle_ppp(proto, p, length);
1556 return (hdr_len);
1557 trunc:
1558 printf("[|ppp]");
1559 return (0);
1560 }
1561
1562
1563 /* PPP I/F printer */
1564 u_int
1565 ppp_if_print(const struct pcap_pkthdr *h, register const u_char *p)
1566 {
1567 register u_int length = h->len;
1568 register u_int caplen = h->caplen;
1569
1570 if (caplen < PPP_HDRLEN) {
1571 printf("[|ppp]");
1572 return (caplen);
1573 }
1574
1575 #if 0
1576 /*
1577 * XXX: seems to assume that there are 2 octets prepended to an
1578 * actual PPP frame. The 1st octet looks like Input/Output flag
1579 * while 2nd octet is unknown, at least to me
1580 * (mshindo@mshindo.net).
1581 *
1582 * That was what the original tcpdump code did.
1583 *
1584 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1585 * packets and 0 for inbound packets - but only if the
1586 * protocol field has the 0x8000 bit set (i.e., it's a network
1587 * control protocol); it does so before running the packet through
1588 * "bpf_filter" to see if it should be discarded, and to see
1589 * if we should update the time we sent the most recent packet...
1590 *
1591 * ...but it puts the original address field back after doing
1592 * so.
1593 *
1594 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1595 *
1596 * I don't know if any PPP implementation handed up to a BPF
1597 * device packets with the first octet being 1 for outbound and
1598 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1599 * whether that ever needs to be checked or not.
1600 *
1601 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1602 * and its tcpdump appears to assume that the frame always
1603 * begins with an address field and a control field, and that
1604 * the address field might be 0x0f or 0x8f, for Cisco
1605 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1606 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1607 * RFC 1662.
1608 *
1609 * (Is the Cisco framing in question what DLT_C_HDLC, in
1610 * BSD/OS, is?)
1611 */
1612 if (eflag)
1613 printf("%c %4d %02x ", p[0] ? 'O' : 'I', length, p[1]);
1614 #endif
1615
1616 ppp_print(p, length);
1617
1618 return (0);
1619 }
1620
1621 /*
1622 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1623 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1624 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1625 * discard them *if* those are the first two octets, and parse the remaining
1626 * packet as a PPP packet, as "ppp_print()" does).
1627 *
1628 * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1629 */
1630 u_int
1631 ppp_hdlc_if_print(const struct pcap_pkthdr *h, register const u_char *p)
1632 {
1633 register u_int length = h->len;
1634 register u_int caplen = h->caplen;
1635 u_int proto;
1636 u_int hdrlen = 0;
1637
1638 if (caplen < 2) {
1639 printf("[|ppp]");
1640 return (caplen);
1641 }
1642
1643 switch (p[0]) {
1644
1645 case PPP_ADDRESS:
1646 if (caplen < 4) {
1647 printf("[|ppp]");
1648 return (caplen);
1649 }
1650
1651 if (eflag)
1652 printf("%02x %02x %d ", p[0], p[1], length);
1653 p += 2;
1654 length -= 2;
1655 hdrlen += 2;
1656
1657 proto = EXTRACT_16BITS(p);
1658 p += 2;
1659 length -= 2;
1660 hdrlen += 2;
1661 printf("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
1662
1663 handle_ppp(proto, p, length);
1664 break;
1665
1666 case CHDLC_UNICAST:
1667 case CHDLC_BCAST:
1668 return (chdlc_if_print(h, p));
1669
1670 default:
1671 if (eflag)
1672 printf("%02x %02x %d ", p[0], p[1], length);
1673 p += 2;
1674 hdrlen += 2;
1675
1676 /*
1677 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1678 * the next two octets as an Ethernet type; does that
1679 * ever happen?
1680 */
1681 printf("unknown addr %02x; ctrl %02x", p[0], p[1]);
1682 break;
1683 }
1684
1685 return (hdrlen);
1686 }
1687
1688 #define PPP_BSDI_HDRLEN 24
1689
1690 /* BSD/OS specific PPP printer */
1691 u_int
1692 ppp_bsdos_if_print(const struct pcap_pkthdr *h _U_, register const u_char *p _U_)
1693 {
1694 register int hdrlength;
1695 #ifdef __bsdi__
1696 register u_int length = h->len;
1697 register u_int caplen = h->caplen;
1698 u_int16_t ptype;
1699 const u_char *q;
1700 int i;
1701
1702 if (caplen < PPP_BSDI_HDRLEN) {
1703 printf("[|ppp]");
1704 return (caplen)
1705 }
1706
1707 hdrlength = 0;
1708
1709 #if 0
1710 if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) {
1711 if (eflag)
1712 printf("%02x %02x ", p[0], p[1]);
1713 p += 2;
1714 hdrlength = 2;
1715 }
1716
1717 if (eflag)
1718 printf("%d ", length);
1719 /* Retrieve the protocol type */
1720 if (*p & 01) {
1721 /* Compressed protocol field */
1722 ptype = *p;
1723 if (eflag)
1724 printf("%02x ", ptype);
1725 p++;
1726 hdrlength += 1;
1727 } else {
1728 /* Un-compressed protocol field */
1729 ptype = EXTRACT_16BITS(p);
1730 if (eflag)
1731 printf("%04x ", ptype);
1732 p += 2;
1733 hdrlength += 2;
1734 }
1735 #else
1736 ptype = 0; /*XXX*/
1737 if (eflag)
1738 printf("%c ", p[SLC_DIR] ? 'O' : 'I');
1739 if (p[SLC_LLHL]) {
1740 /* link level header */
1741 struct ppp_header *ph;
1742
1743 q = p + SLC_BPFHDRLEN;
1744 ph = (struct ppp_header *)q;
1745 if (ph->phdr_addr == PPP_ADDRESS
1746 && ph->phdr_ctl == PPP_CONTROL) {
1747 if (eflag)
1748 printf("%02x %02x ", q[0], q[1]);
1749 ptype = EXTRACT_16BITS(&ph->phdr_type);
1750 if (eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1751 printf("%s ", tok2str(ppptype2str,
1752 "proto-#%d", ptype));
1753 }
1754 } else {
1755 if (eflag) {
1756 printf("LLH=[");
1757 for (i = 0; i < p[SLC_LLHL]; i++)
1758 printf("%02x", q[i]);
1759 printf("] ");
1760 }
1761 }
1762 }
1763 if (eflag)
1764 printf("%d ", length);
1765 if (p[SLC_CHL]) {
1766 q = p + SLC_BPFHDRLEN + p[SLC_LLHL];
1767
1768 switch (ptype) {
1769 case PPP_VJC:
1770 ptype = vjc_print(gndo, q, ptype);
1771 hdrlength = PPP_BSDI_HDRLEN;
1772 p += hdrlength;
1773 switch (ptype) {
1774 case PPP_IP:
1775 ip_print(gndo, p, length);
1776 break;
1777 #ifdef INET6
1778 case PPP_IPV6:
1779 ip6_print(gndo, p, length);
1780 break;
1781 #endif
1782 case PPP_MPLS_UCAST:
1783 case PPP_MPLS_MCAST:
1784 mpls_print(p, length);
1785 break;
1786 }
1787 goto printx;
1788 case PPP_VJNC:
1789 ptype = vjc_print(gndo, q, ptype);
1790 hdrlength = PPP_BSDI_HDRLEN;
1791 p += hdrlength;
1792 switch (ptype) {
1793 case PPP_IP:
1794 ip_print(gndo, p, length);
1795 break;
1796 #ifdef INET6
1797 case PPP_IPV6:
1798 ip6_print(gndo, p, length);
1799 break;
1800 #endif
1801 case PPP_MPLS_UCAST:
1802 case PPP_MPLS_MCAST:
1803 mpls_print(p, length);
1804 break;
1805 }
1806 goto printx;
1807 default:
1808 if (eflag) {
1809 printf("CH=[");
1810 for (i = 0; i < p[SLC_LLHL]; i++)
1811 printf("%02x", q[i]);
1812 printf("] ");
1813 }
1814 break;
1815 }
1816 }
1817
1818 hdrlength = PPP_BSDI_HDRLEN;
1819 #endif
1820
1821 length -= hdrlength;
1822 p += hdrlength;
1823
1824 switch (ptype) {
1825 case PPP_IP:
1826 ip_print(p, length);
1827 break;
1828 #ifdef INET6
1829 case PPP_IPV6:
1830 ip6_print(gndo, p, length);
1831 break;
1832 #endif
1833 case PPP_MPLS_UCAST:
1834 case PPP_MPLS_MCAST:
1835 mpls_print(gndo, p, length);
1836 break;
1837 default:
1838 printf("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype));
1839 }
1840
1841 printx:
1842 #else /* __bsdi */
1843 hdrlength = 0;
1844 #endif /* __bsdi__ */
1845 return (hdrlength);
1846 }
1847
1848
1849 /*
1850 * Local Variables:
1851 * c-style: whitesmith
1852 * c-basic-offset: 8
1853 * End:
1854 */
[mirror] the TCPdump network dissector