]> The Tcpdump Group git mirrors - tcpdump/blob - print-icmp.c
projects / tcpdump / blob


a4564b53587b8f8e5cac1292df6dbfdba86a80c6
[tcpdump] / print-icmp.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Internet Control Message Protocol (ICMP) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #define ND_LONGJMP_FROM_TCHECK
34 #include "netdissect.h"
35 #include "addrtoname.h"
36 #include "extract.h"
37
38 #include "ip.h"
39 #include "udp.h"
40 #include "ipproto.h"
41 #include "mpls.h"
42
43 /*
44 * Interface Control Message Protocol Definitions.
45 * Per RFC 792, September 1981.
46 */
47
48 /*
49 * Structure of an icmp header.
50 */
51 struct icmp {
52 nd_uint8_t icmp_type; /* type of message, see below */
53 nd_uint8_t icmp_code; /* type sub code */
54 nd_uint16_t icmp_cksum; /* ones complement cksum of struct */
55 union {
56 nd_uint8_t ih_pptr; /* ICMP_PARAMPROB */
57 nd_ipv4 ih_gwaddr; /* ICMP_REDIRECT */
58 struct ih_idseq {
59 nd_uint16_t icd_id;
60 nd_uint16_t icd_seq;
61 } ih_idseq;
62 nd_uint32_t ih_void;
63 } icmp_hun;
64 #define icmp_pptr icmp_hun.ih_pptr
65 #define icmp_gwaddr icmp_hun.ih_gwaddr
66 #define icmp_id icmp_hun.ih_idseq.icd_id
67 #define icmp_seq icmp_hun.ih_idseq.icd_seq
68 #define icmp_void icmp_hun.ih_void
69 union {
70 struct id_ts {
71 nd_uint32_t its_otime;
72 nd_uint32_t its_rtime;
73 nd_uint32_t its_ttime;
74 } id_ts;
75 struct id_ip {
76 struct ip idi_ip;
77 /* options and then 64 bits of data */
78 } id_ip;
79 nd_uint32_t id_mask;
80 nd_byte id_data[1];
81 } icmp_dun;
82 #define icmp_otime icmp_dun.id_ts.its_otime
83 #define icmp_rtime icmp_dun.id_ts.its_rtime
84 #define icmp_ttime icmp_dun.id_ts.its_ttime
85 #define icmp_ip icmp_dun.id_ip.idi_ip
86 #define icmp_mask icmp_dun.id_mask
87 #define icmp_data icmp_dun.id_data
88 };
89
90 /*
91 * Lower bounds on packet lengths for various types.
92 * For the error advice packets must first insure that the
93 * packet is large enough to contain the returned ip header.
94 * Only then can we do the check to see if 64 bits of packet
95 * data have been returned, since we need to check the returned
96 * ip header length.
97 */
98 #define ICMP_MINLEN 8 /* abs minimum */
99 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip)) /* draft-bonica-internet-icmp-08 */
100 #define ICMP_TSLEN (8 + 3 * sizeof (uint32_t)) /* timestamp */
101 #define ICMP_MASKLEN 12 /* address mask */
102 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */
103 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8)
104 /* N.B.: must separately check that ip_hl >= 5 */
105
106 /*
107 * Definition of type and code field values.
108 */
109 #define ICMP_ECHOREPLY 0 /* echo reply */
110 #define ICMP_UNREACH 3 /* dest unreachable, codes: */
111 #define ICMP_UNREACH_NET 0 /* bad net */
112 #define ICMP_UNREACH_HOST 1 /* bad host */
113 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */
114 #define ICMP_UNREACH_PORT 3 /* bad port */
115 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */
116 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */
117 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */
118 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */
119 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */
120 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */
121 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */
122 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */
123 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */
124 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */
125 #define ICMP_REDIRECT 5 /* shorter route, codes: */
126 #define ICMP_REDIRECT_NET 0 /* for network */
127 #define ICMP_REDIRECT_HOST 1 /* for host */
128 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */
129 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */
130 #define ICMP_ECHO 8 /* echo service */
131 #define ICMP_ROUTERADVERT 9 /* router advertisement */
132 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */
133 #define ICMP_TIMXCEED 11 /* time exceeded, code: */
134 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */
135 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */
136 #define ICMP_PARAMPROB 12 /* ip header bad */
137 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */
138 #define ICMP_TSTAMP 13 /* timestamp request */
139 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */
140 #define ICMP_IREQ 15 /* information request */
141 #define ICMP_IREQREPLY 16 /* information reply */
142 #define ICMP_MASKREQ 17 /* address mask request */
143 #define ICMP_MASKREPLY 18 /* address mask reply */
144
145 #define ICMP_MAXTYPE 18
146
147 #define ICMP_ERRTYPE(type) \
148 ((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \
149 (type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \
150 (type) == ICMP_PARAMPROB)
151 #define ICMP_MULTIPART_EXT_TYPE(type) \
152 ((type) == ICMP_UNREACH || \
153 (type) == ICMP_TIMXCEED || \
154 (type) == ICMP_PARAMPROB)
155 /* rfc1700 */
156 #ifndef ICMP_UNREACH_NET_UNKNOWN
157 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */
158 #endif
159 #ifndef ICMP_UNREACH_HOST_UNKNOWN
160 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */
161 #endif
162 #ifndef ICMP_UNREACH_ISOLATED
163 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */
164 #endif
165 #ifndef ICMP_UNREACH_NET_PROHIB
166 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */
167 #endif
168 #ifndef ICMP_UNREACH_HOST_PROHIB
169 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */
170 #endif
171 #ifndef ICMP_UNREACH_TOSNET
172 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */
173 #endif
174 #ifndef ICMP_UNREACH_TOSHOST
175 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */
176 #endif
177
178 /* rfc1716 */
179 #ifndef ICMP_UNREACH_FILTER_PROHIB
180 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */
181 #endif
182 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
183 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */
184 #endif
185 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
186 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
187 #endif
188
189 /* Most of the icmp types */
190 static const struct tok icmp2str[] = {
191 { ICMP_ECHOREPLY, "echo reply" },
192 { ICMP_SOURCEQUENCH, "source quench" },
193 { ICMP_ECHO, "echo request" },
194 { ICMP_ROUTERSOLICIT, "router solicitation" },
195 { ICMP_TSTAMP, "time stamp request" },
196 { ICMP_TSTAMPREPLY, "time stamp reply" },
197 { ICMP_IREQ, "information request" },
198 { ICMP_IREQREPLY, "information reply" },
199 { ICMP_MASKREQ, "address mask request" },
200 { 0, NULL }
201 };
202
203 /* rfc1191 */
204 struct mtu_discovery {
205 nd_uint16_t unused;
206 nd_uint16_t nexthopmtu;
207 };
208
209 /* rfc1256 */
210 struct ih_rdiscovery {
211 nd_uint8_t ird_addrnum;
212 nd_uint8_t ird_addrsiz;
213 nd_uint16_t ird_lifetime;
214 };
215
216 struct id_rdiscovery {
217 nd_uint32_t ird_addr;
218 nd_uint32_t ird_pref;
219 };
220
221 /*
222 * RFC 4884 - Extended ICMP to Support Multi-Part Messages
223 *
224 * This is a general extension mechanism, based on the mechanism
225 * in draft-bonica-icmp-mpls-02 ICMP Extensions for MultiProtocol
226 * Label Switching.
227 *
228 * The Destination Unreachable, Time Exceeded
229 * and Parameter Problem messages are slightly changed as per
230 * the above RFC. A new Length field gets added to give
231 * the caller an idea about the length of the piggybacked
232 * IP packet before the extension header starts.
233 *
234 * The Length field represents length of the padded "original datagram"
235 * field measured in 32-bit words.
236 *
237 * 0 1 2 3
238 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
239 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
240 * | Type | Code | Checksum |
241 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
242 * | unused | Length | unused |
243 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
244 * | Internet Header + leading octets of original datagram |
245 * | |
246 * | // |
247 * | |
248 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
249 */
250
251 struct icmp_ext_t {
252 nd_uint8_t icmp_type;
253 nd_uint8_t icmp_code;
254 nd_uint16_t icmp_checksum;
255 nd_byte icmp_reserved;
256 nd_uint8_t icmp_length;
257 nd_byte icmp_reserved2[2];
258 nd_byte icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */
259 nd_byte icmp_ext_version_res[2];
260 nd_uint16_t icmp_ext_checksum;
261 nd_byte icmp_ext_data[1];
262 };
263
264 /*
265 * Extract version from the first octet of icmp_ext_version_res.
266 */
267 #define ICMP_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
268
269 /*
270 * Current version.
271 */
272 #define ICMP_EXT_VERSION 2
273
274 /*
275 * Extension object class numbers.
276 *
277 * Class 1 dates back to draft-bonica-icmp-mpls-02.
278 *
279 * Class 2 was used for an "Extended Payload Object Class", which
280 * contained bytes of the payload beyond the first 128 bytes, in
281 * draft-bonica-icmp-mpls-02; it was reassigned to an "Interface
282 * Information Object" in RFC 5837.
283 */
284
285 /* rfc4950 */
286 #define MPLS_STACK_ENTRY_OBJECT_CLASS 1
287 /* rfc5837 */
288 #define INTERFACE_INFORMATION_OBJECT_CLASS 2
289
290 struct icmp_multipart_ext_object_header_t {
291 nd_uint16_t length;
292 nd_uint8_t class_num;
293 nd_uint8_t ctype;
294 };
295
296 static const struct tok icmp_multipart_ext_obj_values[] = {
297 { 1, "MPLS Stack Entry Object" },
298 { 2, "Interface Information Object" },
299 { 0, NULL}
300 };
301
302 /* rfc5837 */
303 static const struct tok icmp_interface_information_role_values[] = {
304 { 0, "Incoming IP Interface"},
305 { 1, "Sub-IP Component of Incoming IP Interface"},
306 { 2, "Outgoing IP Interface"},
307 { 3, "IP Next hop"},
308 { 0, NULL }
309 };
310
311 /*
312 Interface IP Address Sub-Object
313 0 31
314 +-------+-------+-------+-------+
315 | AFI | Reserved |
316 +-------+-------+-------+-------+
317 | IP Address ....
318 */
319 struct icmp_interface_information_ipaddr_subobject_t {
320 nd_uint16_t afi;
321 nd_uint16_t reserved;
322 nd_uint32_t ip_addr;
323 };
324
325 /*
326 Interface Name Sub-Object
327 octet 0 1 63
328 +--------+-----------................-----------------+
329 | length | interface name octets 1-63 |
330 +--------+-----------................-----------------+
331 */
332 struct icmp_interface_information_ifname_subobject_t {
333 nd_uint8_t length;
334 nd_byte if_name[63];
335 };
336
337 /* prototypes */
338 const char *icmp_tstamp_print(u_int);
339
340 /* print the milliseconds since midnight UTC */
341 const char *
342 icmp_tstamp_print(u_int tstamp)
343 {
344 u_int msec,sec,min,hrs;
345
346 static char buf[64];
347
348 msec = tstamp % 1000;
349 sec = tstamp / 1000;
350 min = sec / 60; sec -= min * 60;
351 hrs = min / 60; min -= hrs * 60;
352 snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
353 return buf;
354 }
355
356 static int
357 print_icmp_multipart_ext_object(netdissect_options *ndo, const uint8_t *obj_tptr)
358 {
359 u_int obj_tlen, obj_class_num, obj_ctype;
360 const struct icmp_multipart_ext_object_header_t *icmp_multipart_ext_object_header;
361
362 icmp_multipart_ext_object_header = (const struct icmp_multipart_ext_object_header_t *)obj_tptr;
363 obj_tlen = GET_BE_U_2(icmp_multipart_ext_object_header->length);
364 obj_class_num = GET_U_1(icmp_multipart_ext_object_header->class_num);
365 obj_ctype = GET_U_1(icmp_multipart_ext_object_header->ctype);
366 obj_tptr += sizeof(struct icmp_multipart_ext_object_header_t);
367
368 ND_PRINT("\n\t %s (%u), Class-Type: %u, length %u",
369 tok2str(icmp_multipart_ext_obj_values,"unknown",obj_class_num),
370 obj_class_num,
371 obj_ctype,
372 obj_tlen);
373
374 /* infinite loop protection */
375 if ((obj_class_num == 0) ||
376 (obj_tlen < sizeof(struct icmp_multipart_ext_object_header_t))) {
377 return -1;
378 }
379 obj_tlen -= sizeof(struct icmp_multipart_ext_object_header_t);
380
381 switch (obj_class_num) {
382 case MPLS_STACK_ENTRY_OBJECT_CLASS:
383 switch(obj_ctype) {
384 case 1:
385 {
386 uint32_t raw_label;
387
388 raw_label = GET_BE_U_4(obj_tptr);
389 ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
390 if (MPLS_STACK(raw_label))
391 ND_PRINT(", [S]");
392 ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
393 break;
394 }
395 default:
396 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
397 }
398 break;
399
400 case INTERFACE_INFORMATION_OBJECT_CLASS:
401 {
402 /*
403 Ctype in a INTERFACE_INFORMATION_OBJECT_CLASS object:
404
405 Bit 0 1 2 3 4 5 6 7
406 +-------+-------+-------+-------+-------+-------+-------+-------+
407 | Interface Role| Rsvd1 | Rsvd2 |ifIndex| IPAddr| name | MTU |
408 +-------+-------+-------+-------+-------+-------+-------+-------+
409 */
410 const uint8_t *offset;
411 u_int interface_role, if_index_flag, ipaddr_flag, name_flag, mtu_flag;
412
413 interface_role = (obj_ctype & 0xc0) >> 6;
414 if_index_flag = (obj_ctype & 0x8) >> 3;
415 ipaddr_flag = (obj_ctype & 0x4) >> 2;
416 name_flag = (obj_ctype & 0x2) >> 1;
417 mtu_flag = (obj_ctype & 0x1);
418
419 ND_PRINT("\n\t Interface Role: %s",
420 tok2str(icmp_interface_information_role_values,
421 "an unknown interface role",interface_role));
422
423 offset = obj_tptr;
424
425 if (if_index_flag) {
426 ND_PRINT("\n\t Interface Index: %u", GET_BE_U_4(offset));
427 offset += 4;
428 }
429 if (ipaddr_flag) {
430 const struct icmp_interface_information_ipaddr_subobject_t *ipaddr_subobj;
431
432 ND_PRINT("\n\t IP Address sub-object: ");
433 ipaddr_subobj = (const struct icmp_interface_information_ipaddr_subobject_t *) offset;
434 switch (GET_BE_U_2(ipaddr_subobj->afi)) {
435 case 1:
436 ND_PRINT("%s", GET_IPADDR_STRING(ipaddr_subobj->ip_addr));
437 offset += 4;
438 break;
439 case 2:
440 ND_PRINT("%s", GET_IP6ADDR_STRING(ipaddr_subobj->ip_addr));
441 offset += 16;
442 break;
443 default:
444 ND_PRINT("Unknown Address Family Identifier");
445 return -1;
446 }
447 offset += 4;
448 }
449 if (name_flag) {
450 uint8_t inft_name_length_field;
451 const struct icmp_interface_information_ifname_subobject_t *ifname_subobj;
452
453 ifname_subobj = (const struct icmp_interface_information_ifname_subobject_t *) offset;
454 inft_name_length_field = GET_U_1(ifname_subobj->length);
455 ND_PRINT("\n\t Interface Name");
456 if (inft_name_length_field == 0) {
457 ND_PRINT(" [length %u]", inft_name_length_field);
458 nd_print_invalid(ndo);
459 break;
460 }
461 if (inft_name_length_field % 4 != 0) {
462 ND_PRINT(" [length %u != N x 4]", inft_name_length_field);
463 nd_print_invalid(ndo);
464 offset += inft_name_length_field;
465 break;
466 }
467 if (inft_name_length_field > 64) {
468 ND_PRINT(" [length %u > 64]", inft_name_length_field);
469 nd_print_invalid(ndo);
470 offset += inft_name_length_field;
471 break;
472 }
473 ND_PRINT(", length %u: ", inft_name_length_field);
474 nd_printjnp(ndo, ifname_subobj->if_name,
475 inft_name_length_field - 1);
476 offset += inft_name_length_field;
477 }
478 if (mtu_flag) {
479 ND_PRINT("\n\t MTU: %u", GET_BE_U_4(offset));
480 offset += 4;
481 }
482 break;
483 }
484
485 default:
486 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
487 break;
488 }
489 return obj_tlen + sizeof(struct icmp_multipart_ext_object_header_t);
490 }
491
492 void
493 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen,
494 int fragmented)
495 {
496 const struct icmp *dp;
497 uint8_t icmp_type, icmp_code;
498 const struct icmp_ext_t *ext_dp;
499 const char *str;
500 const uint8_t *obj_tptr;
501 u_int hlen;
502 char buf[512];
503 struct cksum_vec vec[1];
504
505 ndo->ndo_protocol = "icmp";
506 dp = (const struct icmp *)bp;
507 ext_dp = (const struct icmp_ext_t *)bp;
508 str = buf;
509
510 icmp_type = GET_U_1(dp->icmp_type);
511 icmp_code = GET_U_1(dp->icmp_code);
512 switch (icmp_type) {
513
514 case ICMP_ECHO:
515 case ICMP_ECHOREPLY:
516 (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
517 icmp_type == ICMP_ECHO ?
518 "request" : "reply",
519 GET_BE_U_2(dp->icmp_id),
520 GET_BE_U_2(dp->icmp_seq));
521 break;
522
523 case ICMP_UNREACH:
524 switch (icmp_code) {
525
526 case ICMP_UNREACH_NET:
527 (void)snprintf(buf, sizeof(buf),
528 "net %s unreachable",
529 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
530 break;
531
532 case ICMP_UNREACH_HOST:
533 (void)snprintf(buf, sizeof(buf),
534 "host %s unreachable",
535 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
536 break;
537
538 case ICMP_UNREACH_PROTOCOL:
539 (void)snprintf(buf, sizeof(buf),
540 "%s protocol %u unreachable",
541 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
542 GET_U_1(dp->icmp_ip.ip_p));
543 break;
544
545 case ICMP_UNREACH_PORT:
546 {
547 const struct ip *oip;
548 const struct udphdr *ouh;
549 uint8_t ip_proto;
550 uint16_t dport;
551
552 oip = &dp->icmp_ip;
553 hlen = IP_HL(oip) * 4;
554 ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
555 dport = GET_BE_U_2(ouh->uh_dport);
556 ip_proto = GET_U_1(oip->ip_p);
557 switch (ip_proto) {
558
559 case IPPROTO_TCP:
560 (void)snprintf(buf, sizeof(buf),
561 "%s tcp port %s unreachable",
562 GET_IPADDR_STRING(oip->ip_dst),
563 tcpport_string(ndo, dport));
564 break;
565
566 case IPPROTO_UDP:
567 (void)snprintf(buf, sizeof(buf),
568 "%s udp port %s unreachable",
569 GET_IPADDR_STRING(oip->ip_dst),
570 udpport_string(ndo, dport));
571 break;
572
573 default:
574 (void)snprintf(buf, sizeof(buf),
575 "%s protocol %u port %u unreachable",
576 GET_IPADDR_STRING(oip->ip_dst),
577 ip_proto, dport);
578 break;
579 }
580 break;
581 }
582
583 case ICMP_UNREACH_NEEDFRAG:
584 {
585 const struct mtu_discovery *mp;
586 u_int mtu;
587
588 mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
589 mtu = GET_BE_U_2(mp->nexthopmtu);
590 if (mtu) {
591 (void)snprintf(buf, sizeof(buf),
592 "%s unreachable - need to frag (mtu %u)",
593 GET_IPADDR_STRING(dp->icmp_ip.ip_dst), mtu);
594 } else {
595 (void)snprintf(buf, sizeof(buf),
596 "%s unreachable - need to frag",
597 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
598 }
599 }
600 break;
601
602 case ICMP_UNREACH_SRCFAIL:
603 (void)snprintf(buf, sizeof(buf),
604 "%s unreachable - source route failed",
605 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
606 break;
607
608 case ICMP_UNREACH_NET_UNKNOWN:
609 (void)snprintf(buf, sizeof(buf),
610 "net %s unreachable - unknown",
611 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
612 break;
613
614 case ICMP_UNREACH_HOST_UNKNOWN:
615 (void)snprintf(buf, sizeof(buf),
616 "host %s unreachable - unknown",
617 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
618 break;
619
620 case ICMP_UNREACH_ISOLATED:
621 (void)snprintf(buf, sizeof(buf),
622 "%s unreachable - source host isolated",
623 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
624 break;
625
626 case ICMP_UNREACH_NET_PROHIB:
627 (void)snprintf(buf, sizeof(buf),
628 "net %s unreachable - admin prohibited",
629 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
630 break;
631
632 case ICMP_UNREACH_HOST_PROHIB:
633 (void)snprintf(buf, sizeof(buf),
634 "host %s unreachable - admin prohibited",
635 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
636 break;
637
638 case ICMP_UNREACH_TOSNET:
639 (void)snprintf(buf, sizeof(buf),
640 "net %s unreachable - tos prohibited",
641 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
642 break;
643
644 case ICMP_UNREACH_TOSHOST:
645 (void)snprintf(buf, sizeof(buf),
646 "host %s unreachable - tos prohibited",
647 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
648 break;
649
650 case ICMP_UNREACH_FILTER_PROHIB:
651 (void)snprintf(buf, sizeof(buf),
652 "host %s unreachable - admin prohibited filter",
653 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
654 break;
655
656 case ICMP_UNREACH_HOST_PRECEDENCE:
657 (void)snprintf(buf, sizeof(buf),
658 "host %s unreachable - host precedence violation",
659 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
660 break;
661
662 case ICMP_UNREACH_PRECEDENCE_CUTOFF:
663 (void)snprintf(buf, sizeof(buf),
664 "host %s unreachable - precedence cutoff",
665 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
666 break;
667
668 default:
669 (void)snprintf(buf, sizeof(buf),
670 "%s unreachable - #%u",
671 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
672 icmp_code);
673 break;
674 }
675 break;
676
677 case ICMP_REDIRECT:
678 switch (icmp_code) {
679
680 case ICMP_REDIRECT_NET:
681 (void)snprintf(buf, sizeof(buf),
682 "redirect %s to net %s",
683 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
684 GET_IPADDR_STRING(dp->icmp_gwaddr));
685 break;
686
687 case ICMP_REDIRECT_HOST:
688 (void)snprintf(buf, sizeof(buf),
689 "redirect %s to host %s",
690 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
691 GET_IPADDR_STRING(dp->icmp_gwaddr));
692 break;
693
694 case ICMP_REDIRECT_TOSNET:
695 (void)snprintf(buf, sizeof(buf),
696 "redirect-tos %s to net %s",
697 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
698 GET_IPADDR_STRING(dp->icmp_gwaddr));
699 break;
700
701 case ICMP_REDIRECT_TOSHOST:
702 (void)snprintf(buf, sizeof(buf),
703 "redirect-tos %s to host %s",
704 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
705 GET_IPADDR_STRING(dp->icmp_gwaddr));
706 break;
707
708 default:
709 (void)snprintf(buf, sizeof(buf),
710 "redirect-#%u %s to %s", icmp_code,
711 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
712 GET_IPADDR_STRING(dp->icmp_gwaddr));
713 break;
714 }
715 break;
716
717 case ICMP_ROUTERADVERT:
718 {
719 char *cp;
720 const struct ih_rdiscovery *ihp;
721 const struct id_rdiscovery *idp;
722 u_int lifetime, num, size;
723
724 (void)snprintf(buf, sizeof(buf), "router advertisement");
725 cp = buf + strlen(buf);
726
727 ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
728 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
729 cp = buf + strlen(buf);
730 lifetime = GET_BE_U_2(ihp->ird_lifetime);
731 if (lifetime < 60) {
732 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
733 lifetime);
734 } else if (lifetime < 60 * 60) {
735 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
736 lifetime / 60, lifetime % 60);
737 } else {
738 (void)snprintf(cp, sizeof(buf) - (cp - buf),
739 "%u:%02u:%02u",
740 lifetime / 3600,
741 (lifetime % 3600) / 60,
742 lifetime % 60);
743 }
744 cp = buf + strlen(buf);
745
746 num = GET_U_1(ihp->ird_addrnum);
747 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %u:", num);
748 cp = buf + strlen(buf);
749
750 size = GET_U_1(ihp->ird_addrsiz);
751 if (size != 2) {
752 (void)snprintf(cp, sizeof(buf) - (cp - buf),
753 " [size %u]", size);
754 break;
755 }
756 idp = (const struct id_rdiscovery *)&dp->icmp_data;
757 while (num > 0) {
758 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
759 GET_IPADDR_STRING(idp->ird_addr),
760 GET_BE_U_4(idp->ird_pref));
761 cp = buf + strlen(buf);
762 ++idp;
763 num--;
764 }
765 }
766 break;
767
768 case ICMP_TIMXCEED:
769 ND_TCHECK_4(dp->icmp_ip.ip_dst);
770 switch (icmp_code) {
771
772 case ICMP_TIMXCEED_INTRANS:
773 str = "time exceeded in-transit";
774 break;
775
776 case ICMP_TIMXCEED_REASS:
777 str = "ip reassembly time exceeded";
778 break;
779
780 default:
781 (void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
782 icmp_code);
783 break;
784 }
785 break;
786
787 case ICMP_PARAMPROB:
788 if (icmp_code)
789 (void)snprintf(buf, sizeof(buf),
790 "parameter problem - code %u", icmp_code);
791 else {
792 (void)snprintf(buf, sizeof(buf),
793 "parameter problem - octet %u",
794 GET_U_1(dp->icmp_pptr));
795 }
796 break;
797
798 case ICMP_MASKREPLY:
799 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
800 GET_BE_U_4(dp->icmp_mask));
801 break;
802
803 case ICMP_TSTAMP:
804 (void)snprintf(buf, sizeof(buf),
805 "time stamp query id %u seq %u",
806 GET_BE_U_2(dp->icmp_id),
807 GET_BE_U_2(dp->icmp_seq));
808 break;
809
810 case ICMP_TSTAMPREPLY:
811 (void)snprintf(buf, sizeof(buf),
812 "time stamp reply id %u seq %u: org %s",
813 GET_BE_U_2(dp->icmp_id),
814 GET_BE_U_2(dp->icmp_seq),
815 icmp_tstamp_print(GET_BE_U_4(dp->icmp_otime)));
816
817 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
818 icmp_tstamp_print(GET_BE_U_4(dp->icmp_rtime)));
819 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
820 icmp_tstamp_print(GET_BE_U_4(dp->icmp_ttime)));
821 break;
822
823 default:
824 str = tok2str(icmp2str, "type-#%u", icmp_type);
825 break;
826 }
827 ND_PRINT("ICMP %s, length %u", str, plen);
828 if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
829 if (ND_TTEST_LEN(bp, plen)) {
830 uint16_t sum;
831
832 vec[0].ptr = (const uint8_t *)(const void *)dp;
833 vec[0].len = plen;
834 sum = in_cksum(vec, 1);
835 if (sum != 0) {
836 uint16_t icmp_sum = GET_BE_U_2(dp->icmp_cksum);
837 ND_PRINT(" (wrong icmp cksum %x (->%x)!)",
838 icmp_sum,
839 in_cksum_shouldbe(icmp_sum, sum));
840 }
841 }
842 }
843
844 /*
845 * print the remnants of the IP packet.
846 * save the snaplength as this may get overridden in the IP printer.
847 */
848 if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
849 const struct ip *ip;
850 const u_char *snapend_save;
851
852 bp += 8;
853 ND_PRINT("\n\t");
854 ip = (const struct ip *)bp;
855 snapend_save = ndo->ndo_snapend;
856 /*
857 * Update the snapend because extensions (MPLS, ...) may be
858 * present after the IP packet. In this case the current
859 * (outer) packet's snapend is not what ip_print() needs to
860 * decode an IP packet nested in the middle of an ICMP payload.
861 *
862 * This prevents that, in ip_print(), for the nested IP packet,
863 * the remaining length < remaining caplen.
864 */
865 ndo->ndo_snapend = ND_MIN(bp + GET_BE_U_2(ip->ip_len),
866 ndo->ndo_snapend);
867 ip_print(ndo, bp, GET_BE_U_2(ip->ip_len));
868 ndo->ndo_snapend = snapend_save;
869 }
870
871 /* ndo_protocol reassignment after ip_print() call */
872 ndo->ndo_protocol = "icmp";
873
874 /*
875 * Attempt to decode multi-part message extensions (rfc4884) only for some ICMP types.
876 */
877 if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MULTIPART_EXT_TYPE(icmp_type)) {
878 ND_TCHECK_SIZE(ext_dp);
879
880 /*
881 * Check first if the multi-part extension header shows a non-zero length.
882 * If the length field is not set then silently verify the checksum
883 * to check if an extension header is present. This is expedient,
884 * however not all implementations set the length field proper.
885 */
886 if (GET_U_1(ext_dp->icmp_length) == 0 &&
887 ND_TTEST_LEN(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) {
888 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
889 vec[0].len = plen - ICMP_EXTD_MINLEN;
890 if (in_cksum(vec, 1)) {
891 return;
892 }
893 }
894
895 ND_PRINT("\n\tICMP Multi-Part extension v%u",
896 ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)));
897
898 /*
899 * Sanity checking of the header.
900 */
901 if (ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
902 ICMP_EXT_VERSION) {
903 ND_PRINT(" packet not supported");
904 return;
905 }
906
907 hlen = plen - ICMP_EXTD_MINLEN;
908 if (ND_TTEST_LEN(ext_dp->icmp_ext_version_res, hlen)) {
909 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
910 vec[0].len = hlen;
911 ND_PRINT(", checksum 0x%04x (%scorrect), length %u",
912 GET_BE_U_2(ext_dp->icmp_ext_checksum),
913 in_cksum(vec, 1) ? "in" : "",
914 hlen);
915 }
916
917 hlen -= 4; /* subtract common header size */
918 obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
919
920 while (hlen > sizeof(struct icmp_multipart_ext_object_header_t)) {
921 int obj_tlen = print_icmp_multipart_ext_object(ndo, obj_tptr);
922 if (obj_tlen < 0) {
923 /* malformed object */
924 return;
925 }
926 if (hlen < (u_int)obj_tlen)
927 break;
928 hlen -= obj_tlen;
929 obj_tptr += obj_tlen;
930 }
931 }
932 }
[mirror] the TCPdump network dissector