]> The Tcpdump Group git mirrors - tcpdump/blob - print-802_11.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add cisco prop. eigrp related, extd. communities
[tcpdump] / print-802_11.c
1 /*
2 * Copyright (c) 2001
3 * Fortress Technologies, Inc. All rights reserved.
4 * Charlie Lenahan (clenahan@fortresstech.com)
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that: (1) source code distributions
8 * retain the above copyright notice and this paragraph in its entirety, (2)
9 * distributions including binary code include the above copyright notice and
10 * this paragraph in its entirety in the documentation or other materials
11 * provided with the distribution, and (3) all advertising materials mentioning
12 * features or use of this software display the following acknowledgement:
13 * ``This product includes software developed by the University of California,
14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
15 * the University nor the names of its contributors may be used to endorse
16 * or promote products derived from this software without specific prior
17 * written permission.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 */
22
23 #ifndef lint
24 static const char rcsid[] _U_ =
25 "@(#) $Header: /tcpdump/master/tcpdump/print-802_11.c,v 1.37 2005-10-17 07:58:57 guy Exp $ (LBL)";
26 #endif
27
28 #ifdef HAVE_CONFIG_H
29 #include "config.h"
30 #endif
31
32 #include <tcpdump-stdinc.h>
33
34 #include <stdio.h>
35 #include <pcap.h>
36 #include <string.h>
37
38 #include "interface.h"
39 #include "addrtoname.h"
40 #include "ethertype.h"
41
42 #include "extract.h"
43
44 #include "cpack.h"
45
46 #include "ieee802_11.h"
47 #include "ieee802_11_radio.h"
48
49 #define PRINT_RATE(_sep, _r, _suf) \
50 printf("%s%2.1f%s", _sep, (.5 * ((_r) & 0x7f)), _suf)
51 #define PRINT_RATES(p) \
52 do { \
53 int z; \
54 const char *sep = " ["; \
55 for (z = 0; z < p.rates.length ; z++) { \
56 PRINT_RATE(sep, p.rates.rate[z], \
57 (p.rates.rate[z] & 0x80 ? "*" : "")); \
58 sep = " "; \
59 } \
60 if (p.rates.length != 0) \
61 printf(" Mbit]"); \
62 } while (0)
63
64 static const char *auth_alg_text[]={"Open System","Shared Key","EAP"};
65 #define NUM_AUTH_ALGS (sizeof auth_alg_text / sizeof auth_alg_text[0])
66
67 static const char *status_text[] = {
68 "Succesful", /* 0 */
69 "Unspecified failure", /* 1 */
70 "Reserved", /* 2 */
71 "Reserved", /* 3 */
72 "Reserved", /* 4 */
73 "Reserved", /* 5 */
74 "Reserved", /* 6 */
75 "Reserved", /* 7 */
76 "Reserved", /* 8 */
77 "Reserved", /* 9 */
78 "Cannot Support all requested capabilities in the Capability Information field", /* 10 */
79 "Reassociation denied due to inability to confirm that association exists", /* 11 */
80 "Association denied due to reason outside the scope of the standard", /* 12 */
81 "Responding station does not support the specified authentication algorithm ", /* 13 */
82 "Received an Authentication frame with authentication transaction " \
83 "sequence number out of expected sequence", /* 14 */
84 "Authentication rejected because of challenge failure", /* 15 */
85 "Authentication rejected due to timeout waiting for next frame in sequence", /* 16 */
86 "Association denied because AP is unable to handle additional associated stations", /* 17 */
87 "Association denied due to requesting station not supporting all of the " \
88 "data rates in BSSBasicRateSet parameter", /* 18 */
89 };
90 #define NUM_STATUSES (sizeof status_text / sizeof status_text[0])
91
92 static const char *reason_text[] = {
93 "Reserved", /* 0 */
94 "Unspecified reason", /* 1 */
95 "Previous authentication no longer valid", /* 2 */
96 "Deauthenticated because sending station is leaving (or has left) IBSS or ESS", /* 3 */
97 "Disassociated due to inactivity", /* 4 */
98 "Disassociated because AP is unable to handle all currently associated stations", /* 5 */
99 "Class 2 frame received from nonauthenticated station", /* 6 */
100 "Class 3 frame received from nonassociated station", /* 7 */
101 "Disassociated because sending station is leaving (or has left) BSS", /* 8 */
102 "Station requesting (re)association is not authenticated with responding station", /* 9 */
103 };
104 #define NUM_REASONS (sizeof reason_text / sizeof reason_text[0])
105
106 static int
107 wep_print(const u_char *p)
108 {
109 u_int32_t iv;
110
111 if (!TTEST2(*p, IEEE802_11_IV_LEN + IEEE802_11_KID_LEN))
112 return 0;
113 iv = EXTRACT_LE_32BITS(p);
114
115 printf("Data IV:%3x Pad %x KeyID %x", IV_IV(iv), IV_PAD(iv),
116 IV_KEYID(iv));
117
118 return 1;
119 }
120
121 static int
122 parse_elements(struct mgmt_body_t *pbody, const u_char *p, int offset)
123 {
124 for (;;) {
125 if (!TTEST2(*(p + offset), 1))
126 return 1;
127 switch (*(p + offset)) {
128 case E_SSID:
129 if (!TTEST2(*(p + offset), 2))
130 return 0;
131 memcpy(&pbody->ssid, p + offset, 2);
132 offset += 2;
133 if (pbody->ssid.length <= 0)
134 break;
135 if (pbody->ssid.length > 32)
136 return 0;
137 if (!TTEST2(*(p + offset), pbody->ssid.length))
138 return 0;
139 memcpy(&pbody->ssid.ssid, p + offset,
140 pbody->ssid.length);
141 offset += pbody->ssid.length;
142 pbody->ssid.ssid[pbody->ssid.length] = '\0';
143 break;
144 case E_CHALLENGE:
145 if (!TTEST2(*(p + offset), 2))
146 return 0;
147 memcpy(&pbody->challenge, p + offset, 2);
148 offset += 2;
149 if (pbody->challenge.length <= 0)
150 break;
151 if (pbody->challenge.length > 253)
152 return 0;
153 if (!TTEST2(*(p + offset), pbody->challenge.length))
154 return 0;
155 memcpy(&pbody->challenge.text, p + offset,
156 pbody->challenge.length);
157 offset += pbody->challenge.length;
158 pbody->challenge.text[pbody->challenge.length] = '\0';
159 break;
160 case E_RATES:
161 if (!TTEST2(*(p + offset), 2))
162 return 0;
163 memcpy(&(pbody->rates), p + offset, 2);
164 offset += 2;
165 if (pbody->rates.length <= 0)
166 break;
167 if (pbody->rates.length > 8)
168 return 0;
169 if (!TTEST2(*(p + offset), pbody->rates.length))
170 return 0;
171 memcpy(&pbody->rates.rate, p + offset,
172 pbody->rates.length);
173 offset += pbody->rates.length;
174 break;
175 case E_DS:
176 if (!TTEST2(*(p + offset), 3))
177 return 0;
178 memcpy(&pbody->ds, p + offset, 3);
179 offset += 3;
180 break;
181 case E_CF:
182 if (!TTEST2(*(p + offset), 8))
183 return 0;
184 memcpy(&pbody->cf, p + offset, 8);
185 offset += 8;
186 break;
187 case E_TIM:
188 if (!TTEST2(*(p + offset), 2))
189 return 0;
190 memcpy(&pbody->tim, p + offset, 2);
191 offset += 2;
192 if (!TTEST2(*(p + offset), 3))
193 return 0;
194 memcpy(&pbody->tim.count, p + offset, 3);
195 offset += 3;
196
197 if (pbody->tim.length <= 3)
198 break;
199 if (pbody->rates.length > 251)
200 return 0;
201 if (!TTEST2(*(p + offset), pbody->tim.length - 3))
202 return 0;
203 memcpy(pbody->tim.bitmap, p + (pbody->tim.length - 3),
204 (pbody->tim.length - 3));
205 offset += pbody->tim.length - 3;
206 break;
207 default:
208 #if 0
209 printf("(1) unhandled element_id (%d) ",
210 *(p + offset) );
211 #endif
212 offset += *(p + offset + 1) + 2;
213 break;
214 }
215 }
216 return 1;
217 }
218
219 /*********************************************************************************
220 * Print Handle functions for the management frame types
221 *********************************************************************************/
222
223 static int
224 handle_beacon(const u_char *p)
225 {
226 struct mgmt_body_t pbody;
227 int offset = 0;
228
229 memset(&pbody, 0, sizeof(pbody));
230
231 if (!TTEST2(*p, IEEE802_11_TSTAMP_LEN + IEEE802_11_BCNINT_LEN +
232 IEEE802_11_CAPINFO_LEN))
233 return 0;
234 memcpy(&pbody.timestamp, p, IEEE802_11_TSTAMP_LEN);
235 offset += IEEE802_11_TSTAMP_LEN;
236 pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset);
237 offset += IEEE802_11_BCNINT_LEN;
238 pbody.capability_info = EXTRACT_LE_16BITS(p+offset);
239 offset += IEEE802_11_CAPINFO_LEN;
240
241 if (!parse_elements(&pbody, p, offset))
242 return 0;
243
244 printf(" (");
245 fn_print(pbody.ssid.ssid, NULL);
246 printf(")");
247 PRINT_RATES(pbody);
248 printf(" %s CH: %u%s",
249 CAPABILITY_ESS(pbody.capability_info) ? "ESS" : "IBSS",
250 pbody.ds.channel,
251 CAPABILITY_PRIVACY(pbody.capability_info) ? ", PRIVACY" : "" );
252
253 return 1;
254 }
255
256 static int
257 handle_assoc_request(const u_char *p)
258 {
259 struct mgmt_body_t pbody;
260 int offset = 0;
261
262 memset(&pbody, 0, sizeof(pbody));
263
264 if (!TTEST2(*p, IEEE802_11_CAPINFO_LEN + IEEE802_11_LISTENINT_LEN))
265 return 0;
266 pbody.capability_info = EXTRACT_LE_16BITS(p);
267 offset += IEEE802_11_CAPINFO_LEN;
268 pbody.listen_interval = EXTRACT_LE_16BITS(p+offset);
269 offset += IEEE802_11_LISTENINT_LEN;
270
271 if (!parse_elements(&pbody, p, offset))
272 return 0;
273
274 printf(" (");
275 fn_print(pbody.ssid.ssid, NULL);
276 printf(")");
277 PRINT_RATES(pbody);
278 return 1;
279 }
280
281 static int
282 handle_assoc_response(const u_char *p)
283 {
284 struct mgmt_body_t pbody;
285 int offset = 0;
286
287 memset(&pbody, 0, sizeof(pbody));
288
289 if (!TTEST2(*p, IEEE802_11_CAPINFO_LEN + IEEE802_11_STATUS_LEN +
290 IEEE802_11_AID_LEN))
291 return 0;
292 pbody.capability_info = EXTRACT_LE_16BITS(p);
293 offset += IEEE802_11_CAPINFO_LEN;
294 pbody.status_code = EXTRACT_LE_16BITS(p+offset);
295 offset += IEEE802_11_STATUS_LEN;
296 pbody.aid = EXTRACT_LE_16BITS(p+offset);
297 offset += IEEE802_11_AID_LEN;
298
299 if (!parse_elements(&pbody, p, offset))
300 return 0;
301
302 printf(" AID(%x) :%s: %s", ((u_int16_t)(pbody.aid << 2 )) >> 2 ,
303 CAPABILITY_PRIVACY(pbody.capability_info) ? " PRIVACY " : "",
304 (pbody.status_code < NUM_STATUSES
305 ? status_text[pbody.status_code]
306 : "n/a"));
307
308 return 1;
309 }
310
311 static int
312 handle_reassoc_request(const u_char *p)
313 {
314 struct mgmt_body_t pbody;
315 int offset = 0;
316
317 memset(&pbody, 0, sizeof(pbody));
318
319 if (!TTEST2(*p, IEEE802_11_CAPINFO_LEN + IEEE802_11_LISTENINT_LEN +
320 IEEE802_11_AP_LEN))
321 return 0;
322 pbody.capability_info = EXTRACT_LE_16BITS(p);
323 offset += IEEE802_11_CAPINFO_LEN;
324 pbody.listen_interval = EXTRACT_LE_16BITS(p+offset);
325 offset += IEEE802_11_LISTENINT_LEN;
326 memcpy(&pbody.ap, p+offset, IEEE802_11_AP_LEN);
327 offset += IEEE802_11_AP_LEN;
328
329 if (!parse_elements(&pbody, p, offset))
330 return 0;
331
332 printf(" (");
333 fn_print(pbody.ssid.ssid, NULL);
334 printf(") AP : %s", etheraddr_string( pbody.ap ));
335
336 return 1;
337 }
338
339 static int
340 handle_reassoc_response(const u_char *p)
341 {
342 /* Same as a Association Reponse */
343 return handle_assoc_response(p);
344 }
345
346 static int
347 handle_probe_request(const u_char *p)
348 {
349 struct mgmt_body_t pbody;
350 int offset = 0;
351
352 memset(&pbody, 0, sizeof(pbody));
353
354 if (!parse_elements(&pbody, p, offset))
355 return 0;
356
357 printf(" (");
358 fn_print(pbody.ssid.ssid, NULL);
359 printf(")");
360 PRINT_RATES(pbody);
361
362 return 1;
363 }
364
365 static int
366 handle_probe_response(const u_char *p)
367 {
368 struct mgmt_body_t pbody;
369 int offset = 0;
370
371 memset(&pbody, 0, sizeof(pbody));
372
373 if (!TTEST2(*p, IEEE802_11_TSTAMP_LEN + IEEE802_11_BCNINT_LEN +
374 IEEE802_11_CAPINFO_LEN))
375 return 0;
376
377 memcpy(&pbody.timestamp, p, IEEE802_11_TSTAMP_LEN);
378 offset += IEEE802_11_TSTAMP_LEN;
379 pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset);
380 offset += IEEE802_11_BCNINT_LEN;
381 pbody.capability_info = EXTRACT_LE_16BITS(p+offset);
382 offset += IEEE802_11_CAPINFO_LEN;
383
384 if (!parse_elements(&pbody, p, offset))
385 return 0;
386
387 printf(" (");
388 fn_print(pbody.ssid.ssid, NULL);
389 printf(") ");
390 PRINT_RATES(pbody);
391 printf(" CH: %u%s", pbody.ds.channel,
392 CAPABILITY_PRIVACY(pbody.capability_info) ? ", PRIVACY" : "" );
393
394 return 1;
395 }
396
397 static int
398 handle_atim(void)
399 {
400 /* the frame body for ATIM is null. */
401 return 1;
402 }
403
404 static int
405 handle_disassoc(const u_char *p)
406 {
407 struct mgmt_body_t pbody;
408
409 memset(&pbody, 0, sizeof(pbody));
410
411 if (!TTEST2(*p, IEEE802_11_REASON_LEN))
412 return 0;
413 pbody.reason_code = EXTRACT_LE_16BITS(p);
414
415 printf(": %s",
416 (pbody.reason_code < NUM_REASONS)
417 ? reason_text[pbody.reason_code]
418 : "Reserved" );
419
420 return 1;
421 }
422
423 static int
424 handle_auth(const u_char *p)
425 {
426 struct mgmt_body_t pbody;
427 int offset = 0;
428
429 memset(&pbody, 0, sizeof(pbody));
430
431 if (!TTEST2(*p, 6))
432 return 0;
433 pbody.auth_alg = EXTRACT_LE_16BITS(p);
434 offset += 2;
435 pbody.auth_trans_seq_num = EXTRACT_LE_16BITS(p + offset);
436 offset += 2;
437 pbody.status_code = EXTRACT_LE_16BITS(p + offset);
438 offset += 2;
439
440 if (!parse_elements(&pbody, p, offset))
441 return 0;
442
443 if ((pbody.auth_alg == 1) &&
444 ((pbody.auth_trans_seq_num == 2) ||
445 (pbody.auth_trans_seq_num == 3))) {
446 printf(" (%s)-%x [Challenge Text] %s",
447 (pbody.auth_alg < NUM_AUTH_ALGS)
448 ? auth_alg_text[pbody.auth_alg]
449 : "Reserved",
450 pbody.auth_trans_seq_num,
451 ((pbody.auth_trans_seq_num % 2)
452 ? ((pbody.status_code < NUM_STATUSES)
453 ? status_text[pbody.status_code]
454 : "n/a") : ""));
455 return 1;
456 }
457 printf(" (%s)-%x: %s",
458 (pbody.auth_alg < NUM_AUTH_ALGS)
459 ? auth_alg_text[pbody.auth_alg]
460 : "Reserved",
461 pbody.auth_trans_seq_num,
462 (pbody.auth_trans_seq_num % 2)
463 ? ((pbody.status_code < NUM_STATUSES)
464 ? status_text[pbody.status_code]
465 : "n/a")
466 : "");
467
468 return 1;
469 }
470
471 static int
472 handle_deauth(const struct mgmt_header_t *pmh, const u_char *p)
473 {
474 struct mgmt_body_t pbody;
475 int offset = 0;
476 const char *reason = NULL;
477
478 memset(&pbody, 0, sizeof(pbody));
479
480 if (!TTEST2(*p, IEEE802_11_REASON_LEN))
481 return 0;
482 pbody.reason_code = EXTRACT_LE_16BITS(p);
483 offset += IEEE802_11_REASON_LEN;
484
485 reason = (pbody.reason_code < NUM_REASONS)
486 ? reason_text[pbody.reason_code]
487 : "Reserved";
488
489 if (eflag) {
490 printf(": %s", reason);
491 } else {
492 printf(" (%s): %s", etheraddr_string(pmh->sa), reason);
493 }
494 return 1;
495 }
496
497
498 /*********************************************************************************
499 * Print Body funcs
500 *********************************************************************************/
501
502
503 static int
504 mgmt_body_print(u_int16_t fc, const struct mgmt_header_t *pmh,
505 const u_char *p)
506 {
507 switch (FC_SUBTYPE(fc)) {
508 case ST_ASSOC_REQUEST:
509 printf("Assoc Request");
510 return handle_assoc_request(p);
511 case ST_ASSOC_RESPONSE:
512 printf("Assoc Response");
513 return handle_assoc_response(p);
514 case ST_REASSOC_REQUEST:
515 printf("ReAssoc Request");
516 return handle_reassoc_request(p);
517 case ST_REASSOC_RESPONSE:
518 printf("ReAssoc Response");
519 return handle_reassoc_response(p);
520 case ST_PROBE_REQUEST:
521 printf("Probe Request");
522 return handle_probe_request(p);
523 case ST_PROBE_RESPONSE:
524 printf("Probe Response");
525 return handle_probe_response(p);
526 case ST_BEACON:
527 printf("Beacon");
528 return handle_beacon(p);
529 case ST_ATIM:
530 printf("ATIM");
531 return handle_atim();
532 case ST_DISASSOC:
533 printf("Disassociation");
534 return handle_disassoc(p);
535 case ST_AUTH:
536 printf("Authentication");
537 if (!TTEST2(*p, 3))
538 return 0;
539 if ((p[0] == 0 ) && (p[1] == 0) && (p[2] == 0)) {
540 printf("Authentication (Shared-Key)-3 ");
541 return wep_print(p);
542 }
543 return handle_auth(p);
544 case ST_DEAUTH:
545 printf("DeAuthentication");
546 return handle_deauth(pmh, p);
547 break;
548 default:
549 printf("Unhandled Management subtype(%x)",
550 FC_SUBTYPE(fc));
551 return 1;
552 }
553 }
554
555
556 /*********************************************************************************
557 * Handles printing all the control frame types
558 *********************************************************************************/
559
560 static int
561 ctrl_body_print(u_int16_t fc, const u_char *p)
562 {
563 switch (FC_SUBTYPE(fc)) {
564 case CTRL_PS_POLL:
565 printf("Power Save-Poll");
566 if (!TTEST2(*p, CTRL_PS_POLL_HDRLEN))
567 return 0;
568 printf(" AID(%x)",
569 EXTRACT_LE_16BITS(&(((const struct ctrl_ps_poll_t *)p)->aid)));
570 break;
571 case CTRL_RTS:
572 printf("Request-To-Send");
573 if (!TTEST2(*p, CTRL_RTS_HDRLEN))
574 return 0;
575 if (!eflag)
576 printf(" TA:%s ",
577 etheraddr_string(((const struct ctrl_rts_t *)p)->ta));
578 break;
579 case CTRL_CTS:
580 printf("Clear-To-Send");
581 if (!TTEST2(*p, CTRL_CTS_HDRLEN))
582 return 0;
583 if (!eflag)
584 printf(" RA:%s ",
585 etheraddr_string(((const struct ctrl_cts_t *)p)->ra));
586 break;
587 case CTRL_ACK:
588 printf("Acknowledgment");
589 if (!TTEST2(*p, CTRL_ACK_HDRLEN))
590 return 0;
591 if (!eflag)
592 printf(" RA:%s ",
593 etheraddr_string(((const struct ctrl_ack_t *)p)->ra));
594 break;
595 case CTRL_CF_END:
596 printf("CF-End");
597 if (!TTEST2(*p, CTRL_END_HDRLEN))
598 return 0;
599 if (!eflag)
600 printf(" RA:%s ",
601 etheraddr_string(((const struct ctrl_end_t *)p)->ra));
602 break;
603 case CTRL_END_ACK:
604 printf("CF-End+CF-Ack");
605 if (!TTEST2(*p, CTRL_END_ACK_HDRLEN))
606 return 0;
607 if (!eflag)
608 printf(" RA:%s ",
609 etheraddr_string(((const struct ctrl_end_ack_t *)p)->ra));
610 break;
611 default:
612 printf("Unknown Ctrl Subtype");
613 }
614 return 1;
615 }
616
617 /*
618 * Print Header funcs
619 */
620
621 /*
622 * Data Frame - Address field contents
623 *
624 * To Ds | From DS | Addr 1 | Addr 2 | Addr 3 | Addr 4
625 * 0 | 0 | DA | SA | BSSID | n/a
626 * 0 | 1 | DA | BSSID | SA | n/a
627 * 1 | 0 | BSSID | SA | DA | n/a
628 * 1 | 1 | RA | TA | DA | SA
629 */
630
631 static void
632 data_header_print(u_int16_t fc, const u_char *p, const u_int8_t **srcp,
633 const u_int8_t **dstp)
634 {
635 switch (FC_SUBTYPE(fc)) {
636 case DATA_DATA:
637 case DATA_NODATA:
638 break;
639 case DATA_DATA_CF_ACK:
640 case DATA_NODATA_CF_ACK:
641 printf("CF Ack ");
642 break;
643 case DATA_DATA_CF_POLL:
644 case DATA_NODATA_CF_POLL:
645 printf("CF Poll ");
646 break;
647 case DATA_DATA_CF_ACK_POLL:
648 case DATA_NODATA_CF_ACK_POLL:
649 printf("CF Ack/Poll ");
650 break;
651 }
652
653 #define ADDR1 (p + 4)
654 #define ADDR2 (p + 10)
655 #define ADDR3 (p + 16)
656 #define ADDR4 (p + 24)
657
658 if (!FC_TO_DS(fc) && !FC_FROM_DS(fc)) {
659 if (srcp != NULL)
660 *srcp = ADDR2;
661 if (dstp != NULL)
662 *dstp = ADDR1;
663 if (!eflag)
664 return;
665 printf("DA:%s SA:%s BSSID:%s ",
666 etheraddr_string(ADDR1), etheraddr_string(ADDR2),
667 etheraddr_string(ADDR3));
668 } else if (!FC_TO_DS(fc) && FC_FROM_DS(fc)) {
669 if (srcp != NULL)
670 *srcp = ADDR3;
671 if (dstp != NULL)
672 *dstp = ADDR1;
673 if (!eflag)
674 return;
675 printf("DA:%s BSSID:%s SA:%s ",
676 etheraddr_string(ADDR1), etheraddr_string(ADDR2),
677 etheraddr_string(ADDR3));
678 } else if (FC_TO_DS(fc) && !FC_FROM_DS(fc)) {
679 if (srcp != NULL)
680 *srcp = ADDR2;
681 if (dstp != NULL)
682 *dstp = ADDR3;
683 if (!eflag)
684 return;
685 printf("BSSID:%s SA:%s DA:%s ",
686 etheraddr_string(ADDR1), etheraddr_string(ADDR2),
687 etheraddr_string(ADDR3));
688 } else if (FC_TO_DS(fc) && FC_FROM_DS(fc)) {
689 if (srcp != NULL)
690 *srcp = ADDR4;
691 if (dstp != NULL)
692 *dstp = ADDR3;
693 if (!eflag)
694 return;
695 printf("RA:%s TA:%s DA:%s SA:%s ",
696 etheraddr_string(ADDR1), etheraddr_string(ADDR2),
697 etheraddr_string(ADDR3), etheraddr_string(ADDR4));
698 }
699
700 #undef ADDR1
701 #undef ADDR2
702 #undef ADDR3
703 #undef ADDR4
704 }
705
706 static void
707 mgmt_header_print(const u_char *p, const u_int8_t **srcp,
708 const u_int8_t **dstp)
709 {
710 const struct mgmt_header_t *hp = (const struct mgmt_header_t *) p;
711
712 if (srcp != NULL)
713 *srcp = hp->sa;
714 if (dstp != NULL)
715 *dstp = hp->da;
716 if (!eflag)
717 return;
718
719 printf("BSSID:%s DA:%s SA:%s ",
720 etheraddr_string((hp)->bssid), etheraddr_string((hp)->da),
721 etheraddr_string((hp)->sa));
722 }
723
724 static void
725 ctrl_header_print(u_int16_t fc, const u_char *p, const u_int8_t **srcp,
726 const u_int8_t **dstp)
727 {
728 if (srcp != NULL)
729 *srcp = NULL;
730 if (dstp != NULL)
731 *dstp = NULL;
732 if (!eflag)
733 return;
734
735 switch (FC_SUBTYPE(fc)) {
736 case CTRL_PS_POLL:
737 printf("BSSID:%s TA:%s ",
738 etheraddr_string(((const struct ctrl_ps_poll_t *)p)->bssid),
739 etheraddr_string(((const struct ctrl_ps_poll_t *)p)->ta));
740 break;
741 case CTRL_RTS:
742 printf("RA:%s TA:%s ",
743 etheraddr_string(((const struct ctrl_rts_t *)p)->ra),
744 etheraddr_string(((const struct ctrl_rts_t *)p)->ta));
745 break;
746 case CTRL_CTS:
747 printf("RA:%s ",
748 etheraddr_string(((const struct ctrl_cts_t *)p)->ra));
749 break;
750 case CTRL_ACK:
751 printf("RA:%s ",
752 etheraddr_string(((const struct ctrl_ack_t *)p)->ra));
753 break;
754 case CTRL_CF_END:
755 printf("RA:%s BSSID:%s ",
756 etheraddr_string(((const struct ctrl_end_t *)p)->ra),
757 etheraddr_string(((const struct ctrl_end_t *)p)->bssid));
758 break;
759 case CTRL_END_ACK:
760 printf("RA:%s BSSID:%s ",
761 etheraddr_string(((const struct ctrl_end_ack_t *)p)->ra),
762 etheraddr_string(((const struct ctrl_end_ack_t *)p)->bssid));
763 break;
764 default:
765 printf("(H) Unknown Ctrl Subtype");
766 break;
767 }
768 }
769
770 static int
771 extract_header_length(u_int16_t fc)
772 {
773 switch (FC_TYPE(fc)) {
774 case T_MGMT:
775 return MGMT_HDRLEN;
776 case T_CTRL:
777 switch (FC_SUBTYPE(fc)) {
778 case CTRL_PS_POLL:
779 return CTRL_PS_POLL_HDRLEN;
780 case CTRL_RTS:
781 return CTRL_RTS_HDRLEN;
782 case CTRL_CTS:
783 return CTRL_CTS_HDRLEN;
784 case CTRL_ACK:
785 return CTRL_ACK_HDRLEN;
786 case CTRL_CF_END:
787 return CTRL_END_HDRLEN;
788 case CTRL_END_ACK:
789 return CTRL_END_ACK_HDRLEN;
790 default:
791 return 0;
792 }
793 case T_DATA:
794 return (FC_TO_DS(fc) && FC_FROM_DS(fc)) ? 30 : 24;
795 default:
796 printf("unknown IEEE802.11 frame type (%d)", FC_TYPE(fc));
797 return 0;
798 }
799 }
800
801 /*
802 * Print the 802.11 MAC header if eflag is set, and set "*srcp" and "*dstp"
803 * to point to the source and destination MAC addresses in any case if
804 * "srcp" and "dstp" aren't null.
805 */
806 static inline void
807 ieee_802_11_hdr_print(u_int16_t fc, const u_char *p, const u_int8_t **srcp,
808 const u_int8_t **dstp)
809 {
810 if (vflag) {
811 if (FC_MORE_DATA(fc))
812 printf("More Data ");
813 if (FC_MORE_FLAG(fc))
814 printf("More Fragments ");
815 if (FC_POWER_MGMT(fc))
816 printf("Pwr Mgmt ");
817 if (FC_RETRY(fc))
818 printf("Retry ");
819 if (FC_ORDER(fc))
820 printf("Strictly Ordered ");
821 if (FC_WEP(fc))
822 printf("WEP Encrypted ");
823 if (FC_TYPE(fc) != T_CTRL || FC_SUBTYPE(fc) != CTRL_PS_POLL)
824 printf("%dus ",
825 EXTRACT_LE_16BITS(
826 &((const struct mgmt_header_t *)p)->duration));
827 }
828
829 switch (FC_TYPE(fc)) {
830 case T_MGMT:
831 mgmt_header_print(p, srcp, dstp);
832 break;
833 case T_CTRL:
834 ctrl_header_print(fc, p, srcp, dstp);
835 break;
836 case T_DATA:
837 data_header_print(fc, p, srcp, dstp);
838 break;
839 default:
840 printf("(header) unknown IEEE802.11 frame type (%d)",
841 FC_TYPE(fc));
842 *srcp = NULL;
843 *dstp = NULL;
844 break;
845 }
846 }
847
848 static u_int
849 ieee802_11_print(const u_char *p, u_int length, u_int caplen)
850 {
851 u_int16_t fc;
852 u_int hdrlen;
853 const u_int8_t *src, *dst;
854 u_short extracted_ethertype;
855
856 if (caplen < IEEE802_11_FC_LEN) {
857 printf("[|802.11]");
858 return caplen;
859 }
860
861 fc = EXTRACT_LE_16BITS(p);
862 hdrlen = extract_header_length(fc);
863
864 if (caplen < hdrlen) {
865 printf("[|802.11]");
866 return hdrlen;
867 }
868
869 ieee_802_11_hdr_print(fc, p, &src, &dst);
870
871 /*
872 * Go past the 802.11 header.
873 */
874 length -= hdrlen;
875 caplen -= hdrlen;
876 p += hdrlen;
877
878 switch (FC_TYPE(fc)) {
879 case T_MGMT:
880 if (!mgmt_body_print(fc,
881 (const struct mgmt_header_t *)(p - hdrlen), p)) {
882 printf("[|802.11]");
883 return hdrlen;
884 }
885 break;
886 case T_CTRL:
887 if (!ctrl_body_print(fc, p - hdrlen)) {
888 printf("[|802.11]");
889 return hdrlen;
890 }
891 break;
892 case T_DATA:
893 /* There may be a problem w/ AP not having this bit set */
894 if (FC_WEP(fc)) {
895 if (!wep_print(p)) {
896 printf("[|802.11]");
897 return hdrlen;
898 }
899 } else if (llc_print(p, length, caplen, dst, src,
900 &extracted_ethertype) == 0) {
901 /*
902 * Some kinds of LLC packet we cannot
903 * handle intelligently
904 */
905 if (!eflag)
906 ieee_802_11_hdr_print(fc, p - hdrlen, NULL,
907 NULL);
908 if (extracted_ethertype)
909 printf("(LLC %s) ",
910 etherproto_string(
911 htons(extracted_ethertype)));
912 if (!suppress_default_print)
913 default_print(p, caplen);
914 }
915 break;
916 default:
917 printf("unknown 802.11 frame type (%d)", FC_TYPE(fc));
918 break;
919 }
920
921 return hdrlen;
922 }
923
924 /*
925 * This is the top level routine of the printer. 'p' points
926 * to the 802.11 header of the packet, 'h->ts' is the timestamp,
927 * 'h->len' is the length of the packet off the wire, and 'h->caplen'
928 * is the number of bytes actually captured.
929 */
930 u_int
931 ieee802_11_if_print(const struct pcap_pkthdr *h, const u_char *p)
932 {
933 return ieee802_11_print(p, h->len, h->caplen);
934 }
935
936 static int
937 print_radiotap_field(struct cpack_state *s, u_int32_t bit)
938 {
939 union {
940 int8_t i8;
941 u_int8_t u8;
942 int16_t i16;
943 u_int16_t u16;
944 u_int32_t u32;
945 u_int64_t u64;
946 } u, u2;
947 int rc;
948
949 switch (bit) {
950 case IEEE80211_RADIOTAP_FLAGS:
951 case IEEE80211_RADIOTAP_RATE:
952 case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
953 case IEEE80211_RADIOTAP_DB_ANTNOISE:
954 case IEEE80211_RADIOTAP_ANTENNA:
955 rc = cpack_uint8(s, &u.u8);
956 break;
957 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
958 case IEEE80211_RADIOTAP_DBM_ANTNOISE:
959 rc = cpack_int8(s, &u.i8);
960 break;
961 case IEEE80211_RADIOTAP_CHANNEL:
962 rc = cpack_uint16(s, &u.u16);
963 if (rc != 0)
964 break;
965 rc = cpack_uint16(s, &u2.u16);
966 break;
967 case IEEE80211_RADIOTAP_FHSS:
968 case IEEE80211_RADIOTAP_LOCK_QUALITY:
969 case IEEE80211_RADIOTAP_TX_ATTENUATION:
970 rc = cpack_uint16(s, &u.u16);
971 break;
972 case IEEE80211_RADIOTAP_DB_TX_ATTENUATION:
973 rc = cpack_uint8(s, &u.u8);
974 break;
975 case IEEE80211_RADIOTAP_DBM_TX_POWER:
976 rc = cpack_int8(s, &u.i8);
977 break;
978 case IEEE80211_RADIOTAP_TSFT:
979 rc = cpack_uint64(s, &u.u64);
980 break;
981 default:
982 /* this bit indicates a field whose
983 * size we do not know, so we cannot
984 * proceed.
985 */
986 printf("[0x%08x] ", bit);
987 return -1;
988 }
989
990 if (rc != 0) {
991 printf("[|802.11]");
992 return rc;
993 }
994
995 switch (bit) {
996 case IEEE80211_RADIOTAP_CHANNEL:
997 printf("%u MHz ", u.u16);
998 if (u2.u16 != 0)
999 printf("(0x%04x) ", u2.u16);
1000 break;
1001 case IEEE80211_RADIOTAP_FHSS:
1002 printf("fhset %d fhpat %d ", u.u16 & 0xff, (u.u16 >> 8) & 0xff);
1003 break;
1004 case IEEE80211_RADIOTAP_RATE:
1005 PRINT_RATE("", u.u8, " Mb/s ");
1006 break;
1007 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
1008 printf("%ddB signal ", u.i8);
1009 break;
1010 case IEEE80211_RADIOTAP_DBM_ANTNOISE:
1011 printf("%ddB noise ", u.i8);
1012 break;
1013 case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
1014 printf("%ddB signal ", u.u8);
1015 break;
1016 case IEEE80211_RADIOTAP_DB_ANTNOISE:
1017 printf("%ddB noise ", u.u8);
1018 break;
1019 case IEEE80211_RADIOTAP_LOCK_QUALITY:
1020 printf("%u sq ", u.u16);
1021 break;
1022 case IEEE80211_RADIOTAP_TX_ATTENUATION:
1023 printf("%d tx power ", -(int)u.u16);
1024 break;
1025 case IEEE80211_RADIOTAP_DB_TX_ATTENUATION:
1026 printf("%ddB tx power ", -(int)u.u8);
1027 break;
1028 case IEEE80211_RADIOTAP_DBM_TX_POWER:
1029 printf("%ddBm tx power ", u.i8);
1030 break;
1031 case IEEE80211_RADIOTAP_FLAGS:
1032 if (u.u8 & IEEE80211_RADIOTAP_F_CFP)
1033 printf("cfp ");
1034 if (u.u8 & IEEE80211_RADIOTAP_F_SHORTPRE)
1035 printf("short preamble ");
1036 if (u.u8 & IEEE80211_RADIOTAP_F_WEP)
1037 printf("wep ");
1038 if (u.u8 & IEEE80211_RADIOTAP_F_FRAG)
1039 printf("fragmented ");
1040 break;
1041 case IEEE80211_RADIOTAP_ANTENNA:
1042 printf("antenna %d ", u.u8);
1043 break;
1044 case IEEE80211_RADIOTAP_TSFT:
1045 printf("%" PRIu64 "us tsft ", u.u64);
1046 break;
1047 }
1048 return 0;
1049 }
1050
1051 static u_int
1052 ieee802_11_radio_print(const u_char *p, u_int length, u_int caplen)
1053 {
1054 #define BITNO_32(x) (((x) >> 16) ? 16 + BITNO_16((x) >> 16) : BITNO_16((x)))
1055 #define BITNO_16(x) (((x) >> 8) ? 8 + BITNO_8((x) >> 8) : BITNO_8((x)))
1056 #define BITNO_8(x) (((x) >> 4) ? 4 + BITNO_4((x) >> 4) : BITNO_4((x)))
1057 #define BITNO_4(x) (((x) >> 2) ? 2 + BITNO_2((x) >> 2) : BITNO_2((x)))
1058 #define BITNO_2(x) (((x) & 2) ? 1 : 0)
1059 #define BIT(n) (1 << n)
1060 #define IS_EXTENDED(__p) \
1061 (EXTRACT_LE_32BITS(__p) & BIT(IEEE80211_RADIOTAP_EXT)) != 0
1062
1063 struct cpack_state cpacker;
1064 struct ieee80211_radiotap_header *hdr;
1065 u_int32_t present, next_present;
1066 u_int32_t *presentp, *last_presentp;
1067 enum ieee80211_radiotap_type bit;
1068 int bit0;
1069 const u_char *iter;
1070 u_int len;
1071
1072 if (caplen < sizeof(*hdr)) {
1073 printf("[|802.11]");
1074 return caplen;
1075 }
1076
1077 hdr = (struct ieee80211_radiotap_header *)p;
1078
1079 len = EXTRACT_LE_16BITS(&hdr->it_len);
1080
1081 if (caplen < len) {
1082 printf("[|802.11]");
1083 return caplen;
1084 }
1085 for (last_presentp = &hdr->it_present;
1086 IS_EXTENDED(last_presentp) &&
1087 (u_char*)(last_presentp + 1) <= p + len;
1088 last_presentp++);
1089
1090 /* are there more bitmap extensions than bytes in header? */
1091 if (IS_EXTENDED(last_presentp)) {
1092 printf("[|802.11]");
1093 return caplen;
1094 }
1095
1096 iter = (u_char*)(last_presentp + 1);
1097
1098 if (cpack_init(&cpacker, (u_int8_t*)iter, len - (iter - p)) != 0) {
1099 /* XXX */
1100 printf("[|802.11]");
1101 return caplen;
1102 }
1103
1104 for (bit0 = 0, presentp = &hdr->it_present; presentp <= last_presentp;
1105 presentp++, bit0 += 32) {
1106 for (present = EXTRACT_LE_32BITS(presentp); present;
1107 present = next_present) {
1108 /* clear the least significant bit that is set */
1109 next_present = present & (present - 1);
1110
1111 /* extract the least significant bit that is set */
1112 bit = (enum ieee80211_radiotap_type)
1113 (bit0 + BITNO_32(present ^ next_present));
1114
1115 if (print_radiotap_field(&cpacker, bit) != 0)
1116 goto out;
1117 }
1118 }
1119 out:
1120 return len + ieee802_11_print(p + len, length - len, caplen - len);
1121 #undef BITNO_32
1122 #undef BITNO_16
1123 #undef BITNO_8
1124 #undef BITNO_4
1125 #undef BITNO_2
1126 #undef BIT
1127 }
1128
1129 static u_int
1130 ieee802_11_avs_radio_print(const u_char *p, u_int length, u_int caplen)
1131 {
1132 u_int32_t caphdr_len;
1133
1134 caphdr_len = EXTRACT_32BITS(p + 4);
1135 if (caphdr_len < 8) {
1136 /*
1137 * Yow! The capture header length is claimed not
1138 * to be large enough to include even the version
1139 * cookie or capture header length!
1140 */
1141 printf("[|802.11]");
1142 return caplen;
1143 }
1144
1145 if (caplen < caphdr_len) {
1146 printf("[|802.11]");
1147 return caplen;
1148 }
1149
1150 return caphdr_len + ieee802_11_print(p + caphdr_len,
1151 length - caphdr_len, caplen - caphdr_len);
1152 }
1153
1154 #define PRISM_HDR_LEN 144
1155
1156 #define WLANCAP_MAGIC_COOKIE_V1 0x80211001
1157
1158 /*
1159 * For DLT_PRISM_HEADER; like DLT_IEEE802_11, but with an extra header,
1160 * containing information such as radio information, which we
1161 * currently ignore.
1162 *
1163 * If, however, the packet begins with WLANCAP_MAGIC_COOKIE_V1, it's
1164 * really DLT_IEEE802_11_RADIO (currently, on Linux, there's no
1165 * ARPHRD_ type for DLT_IEEE802_11_RADIO, as there is a
1166 * ARPHRD_IEEE80211_PRISM for DLT_PRISM_HEADER, so
1167 * ARPHRD_IEEE80211_PRISM is used for DLT_IEEE802_11_RADIO, and
1168 * the first 4 bytes of the header are used to indicate which it is).
1169 */
1170 u_int
1171 prism_if_print(const struct pcap_pkthdr *h, const u_char *p)
1172 {
1173 u_int caplen = h->caplen;
1174 u_int length = h->len;
1175
1176 if (caplen < 4) {
1177 printf("[|802.11]");
1178 return caplen;
1179 }
1180
1181 if (EXTRACT_32BITS(p) == WLANCAP_MAGIC_COOKIE_V1)
1182 return ieee802_11_avs_radio_print(p, length, caplen);
1183
1184 if (caplen < PRISM_HDR_LEN) {
1185 printf("[|802.11]");
1186 return caplen;
1187 }
1188
1189 return PRISM_HDR_LEN + ieee802_11_print(p + PRISM_HDR_LEN,
1190 length - PRISM_HDR_LEN, caplen - PRISM_HDR_LEN);
1191 }
1192
1193 /*
1194 * For DLT_IEEE802_11_RADIO; like DLT_IEEE802_11, but with an extra
1195 * header, containing information such as radio information, which we
1196 * currently ignore.
1197 */
1198 u_int
1199 ieee802_11_radio_if_print(const struct pcap_pkthdr *h, const u_char *p)
1200 {
1201 u_int caplen = h->caplen;
1202 u_int length = h->len;
1203
1204 if (caplen < 8) {
1205 printf("[|802.11]");
1206 return caplen;
1207 }
1208
1209 return ieee802_11_radio_print(p, length, caplen);
1210 }
[mirror] the TCPdump network dissector