]> The Tcpdump Group git mirrors - tcpdump/blob - print-gre.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
gre: recognize (Cisco?) GRE keepalives.
[tcpdump] / print-gre.c
1 /* $OpenBSD: print-gre.c,v 1.6 2002/10/30 03:04:04 fgsch Exp $ */
2
3 /*
4 * Copyright (c) 2002 Jason L. Wright (jason@thought.net)
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
24 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
25 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 /* \summary: Generic Routing Encapsulation (GRE) printer */
30
31 /*
32 * netdissect printer for GRE - Generic Routing Encapsulation
33 * RFC 1701 (GRE), RFC 1702 (GRE IPv4), RFC 2637 (PPTP, which
34 * has an extended form of GRE), RFC 2784 (revised GRE, with
35 * R, K, S, and s bits and Recur and Offset fields now reserved
36 * in the header, and no optional Key or Sequence number in the
37 * header), and RFC 2890 (proposal to add back the K and S bits
38 * and the optional Key and Sequence number).
39 *
40 * The RFC 2637 PPTP GRE repurposes the Key field to hold a
41 * 16-bit Payload Length and a 16-bit Call ID.
42 *
43 * RFC 7637 (NVGRE) repurposes the Key field to hold a 24-bit
44 * Virtual Subnet ID (VSID) and an 8-bit FlowID.
45 */
46
47 #ifdef HAVE_CONFIG_H
48 #include <config.h>
49 #endif
50
51 #include "netdissect-stdinc.h"
52
53 #define ND_LONGJMP_FROM_TCHECK
54 #include "netdissect.h"
55 #include "addrtostr.h"
56 #include "extract.h"
57 #include "ethertype.h"
58
59
60 #define GRE_CP 0x8000 /* checksum present */
61 #define GRE_RP 0x4000 /* routing present */
62 #define GRE_KP 0x2000 /* key present */
63 #define GRE_SP 0x1000 /* sequence# present */
64 #define GRE_sP 0x0800 /* source routing */
65 #define GRE_AP 0x0080 /* acknowledgment# present */
66
67 static const struct tok gre_flag_values[] = {
68 { GRE_CP, "checksum present"},
69 { GRE_RP, "routing present"},
70 { GRE_KP, "key present"},
71 { GRE_SP, "sequence# present"},
72 { GRE_sP, "source routing present"},
73 { GRE_AP, "ack present"},
74 { 0, NULL }
75 };
76
77 #define GRE_RECRS_MASK 0x0700 /* recursion count */
78 #define GRE_VERS_MASK 0x0007 /* protocol version */
79
80 /* source route entry types */
81 #define GRESRE_IP 0x0800 /* IP */
82 #define GRESRE_ASN 0xfffe /* ASN */
83
84 static void gre_print_0(netdissect_options *, const u_char *, u_int);
85 static void gre_print_1(netdissect_options *, const u_char *, u_int);
86 static int gre_sre_print(netdissect_options *, uint16_t, uint8_t, uint8_t, const u_char *, u_int);
87 static int gre_sre_ip_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
88 static int gre_sre_asn_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
89
90 void
91 gre_print(netdissect_options *ndo, const u_char *bp, u_int length)
92 {
93 u_int vers;
94
95 ndo->ndo_protocol = "gre";
96 nd_print_protocol_caps(ndo);
97 ND_ICHECK_U(length, <, 2);
98 vers = GET_BE_U_2(bp) & GRE_VERS_MASK;
99 ND_PRINT("v%u",vers);
100
101 switch(vers) {
102 case 0:
103 gre_print_0(ndo, bp, length);
104 break;
105 case 1:
106 gre_print_1(ndo, bp, length);
107 break;
108 default:
109 ND_PRINT(" ERROR: unknown-version");
110 break;
111 }
112 return;
113
114 invalid:
115 nd_print_invalid(ndo);
116 }
117
118 static void
119 gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
120 {
121 u_int len = length;
122 uint16_t flags, prot;
123
124 ND_ICHECK_U(len, <, 2);
125 flags = GET_BE_U_2(bp);
126 if (ndo->ndo_vflag)
127 ND_PRINT(", Flags [%s]",
128 bittok2str(gre_flag_values,"none",flags));
129
130 len -= 2;
131 bp += 2;
132
133 ND_ICHECK_U(len, <, 2);
134 prot = GET_BE_U_2(bp);
135 len -= 2;
136 bp += 2;
137
138 if ((flags & GRE_CP) | (flags & GRE_RP)) {
139 uint16_t sum;
140
141 ND_ICHECK_U(len, <, 2);
142 sum = GET_BE_U_2(bp);
143 if (ndo->ndo_vflag)
144 ND_PRINT(", sum 0x%x", sum);
145 bp += 2;
146 len -= 2;
147
148 ND_ICHECK_U(len, <, 2);
149 ND_PRINT(", off 0x%x", GET_BE_U_2(bp));
150 bp += 2;
151 len -= 2;
152 }
153
154 if (flags & GRE_KP) {
155 uint32_t key;
156
157 ND_ICHECK_U(len, <, 4);
158 key = GET_BE_U_4(bp);
159 bp += 4;
160 len -= 4;
161
162 /*
163 * OpenBSD shows this as both a 32-bit
164 * (decimal) key value and a VSID+FlowID
165 * pair, with the VSID in decimal and
166 * the FlowID in hex, as key=<Key>|<VSID>+<FlowID>,
167 * in case this is NVGRE.
168 */
169 ND_PRINT(", key=0x%x", key);
170 }
171
172 if (flags & GRE_SP) {
173 ND_ICHECK_U(len, <, 4);
174 ND_PRINT(", seq %u", GET_BE_U_4(bp));
175 bp += 4;
176 len -= 4;
177 }
178
179 if (flags & GRE_RP) {
180 for (;;) {
181 uint16_t af;
182 uint8_t sreoff;
183 uint8_t srelen;
184
185 ND_ICHECK_U(len, <, 4);
186 af = GET_BE_U_2(bp);
187 sreoff = GET_U_1(bp + 2);
188 srelen = GET_U_1(bp + 3);
189 bp += 4;
190 len -= 4;
191
192 if (af == 0 && srelen == 0)
193 break;
194
195 if (!gre_sre_print(ndo, af, sreoff, srelen, bp, len))
196 goto invalid;
197
198 ND_ICHECK_U(len, <, srelen);
199 bp += srelen;
200 len -= srelen;
201 }
202 }
203
204 if (ndo->ndo_eflag)
205 ND_PRINT(", proto %s (0x%04x)",
206 tok2str(ethertype_values,"unknown",prot), prot);
207
208 ND_PRINT(", length %u",length);
209
210 if (ndo->ndo_vflag < 1)
211 ND_PRINT(": "); /* put in a colon as protocol demarc */
212 else
213 ND_PRINT("\n\t"); /* if verbose go multiline */
214
215 switch (prot) {
216 case 0x0000:
217 /*
218 * 0x0000 is reserved, but Cisco, at least, appears to
219 * use it for keep-alives; see, for example,
220 * https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html#anc1
221 */
222 printf("keep-alive");
223 break;
224 case ETHERTYPE_IP:
225 ip_print(ndo, bp, len);
226 break;
227 case ETHERTYPE_IPV6:
228 ip6_print(ndo, bp, len);
229 break;
230 case ETHERTYPE_MPLS:
231 mpls_print(ndo, bp, len);
232 break;
233 case ETHERTYPE_IPX:
234 ipx_print(ndo, bp, len);
235 break;
236 case ETHERTYPE_ATALK:
237 atalk_print(ndo, bp, len);
238 break;
239 case ETHERTYPE_GRE_ISO:
240 isoclns_print(ndo, bp, len);
241 break;
242 case ETHERTYPE_TEB:
243 ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL);
244 break;
245 default:
246 ND_PRINT("gre-proto-0x%x", prot);
247 }
248 return;
249
250 invalid:
251 nd_print_invalid(ndo);
252 }
253
254 static void
255 gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
256 {
257 u_int len = length;
258 uint16_t flags, prot;
259
260 ND_ICHECK_U(len, <, 2);
261 flags = GET_BE_U_2(bp);
262 len -= 2;
263 bp += 2;
264
265 if (ndo->ndo_vflag)
266 ND_PRINT(", Flags [%s]",
267 bittok2str(gre_flag_values,"none",flags));
268
269 ND_ICHECK_U(len, <, 2);
270 prot = GET_BE_U_2(bp);
271 len -= 2;
272 bp += 2;
273
274
275 if (flags & GRE_KP) {
276 uint32_t k;
277
278 ND_ICHECK_U(len, <, 4);
279 k = GET_BE_U_4(bp);
280 ND_PRINT(", call %u", k & 0xffff);
281 len -= 4;
282 bp += 4;
283 }
284
285 if (flags & GRE_SP) {
286 ND_ICHECK_U(len, <, 4);
287 ND_PRINT(", seq %u", GET_BE_U_4(bp));
288 bp += 4;
289 len -= 4;
290 }
291
292 if (flags & GRE_AP) {
293 ND_ICHECK_U(len, <, 4);
294 ND_PRINT(", ack %u", GET_BE_U_4(bp));
295 bp += 4;
296 len -= 4;
297 }
298
299 if ((flags & GRE_SP) == 0)
300 ND_PRINT(", no-payload");
301
302 if (ndo->ndo_eflag)
303 ND_PRINT(", proto %s (0x%04x)",
304 tok2str(ethertype_values,"unknown",prot), prot);
305
306 ND_PRINT(", length %u",length);
307
308 if ((flags & GRE_SP) == 0)
309 return;
310
311 if (ndo->ndo_vflag < 1)
312 ND_PRINT(": "); /* put in a colon as protocol demarc */
313 else
314 ND_PRINT("\n\t"); /* if verbose go multiline */
315
316 switch (prot) {
317 case ETHERTYPE_PPP:
318 ppp_print(ndo, bp, len);
319 break;
320 default:
321 ND_PRINT("gre-proto-0x%x", prot);
322 break;
323 }
324 return;
325
326 invalid:
327 nd_print_invalid(ndo);
328 }
329
330 static int
331 gre_sre_print(netdissect_options *ndo, uint16_t af, uint8_t sreoff,
332 uint8_t srelen, const u_char *bp, u_int len)
333 {
334 int ret;
335
336 switch (af) {
337 case GRESRE_IP:
338 ND_PRINT(", (rtaf=ip");
339 ret = gre_sre_ip_print(ndo, sreoff, srelen, bp, len);
340 ND_PRINT(")");
341 break;
342 case GRESRE_ASN:
343 ND_PRINT(", (rtaf=asn");
344 ret = gre_sre_asn_print(ndo, sreoff, srelen, bp, len);
345 ND_PRINT(")");
346 break;
347 default:
348 ND_PRINT(", (rtaf=0x%x)", af);
349 ret = 1;
350 }
351 return (ret);
352 }
353
354 static int
355 gre_sre_ip_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
356 const u_char *bp, u_int len)
357 {
358 const u_char *up = bp;
359 char buf[INET_ADDRSTRLEN];
360
361 if (sreoff & 3) {
362 ND_PRINT(", badoffset=%u", sreoff);
363 goto invalid;
364 }
365 if (srelen & 3) {
366 ND_PRINT(", badlength=%u", srelen);
367 goto invalid;
368 }
369 if (sreoff >= srelen) {
370 ND_PRINT(", badoff/len=%u/%u", sreoff, srelen);
371 goto invalid;
372 }
373
374 while (srelen != 0) {
375 ND_ICHECK_U(len, <, 4);
376
377 ND_TCHECK_LEN(bp, sizeof(nd_ipv4));
378 addrtostr(bp, buf, sizeof(buf));
379 ND_PRINT(" %s%s",
380 ((bp - up) == sreoff) ? "*" : "", buf);
381
382 bp += 4;
383 len -= 4;
384 srelen -= 4;
385 }
386 return 1;
387
388 invalid:
389 return 0;
390 }
391
392 static int
393 gre_sre_asn_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
394 const u_char *bp, u_int len)
395 {
396 const u_char *up = bp;
397
398 if (sreoff & 1) {
399 ND_PRINT(", badoffset=%u", sreoff);
400 goto invalid;
401 }
402 if (srelen & 1) {
403 ND_PRINT(", badlength=%u", srelen);
404 goto invalid;
405 }
406 if (sreoff >= srelen) {
407 ND_PRINT(", badoff/len=%u/%u", sreoff, srelen);
408 goto invalid;
409 }
410
411 while (srelen != 0) {
412 ND_ICHECK_U(len, <, 2);
413
414 ND_PRINT(" %s%x",
415 ((bp - up) == sreoff) ? "*" : "", GET_BE_U_2(bp));
416
417 bp += 2;
418 len -= 2;
419 srelen -= 2;
420 }
421 return 1;
422
423 invalid:
424 return 0;
425 }
[mirror] the TCPdump network dissector