]> The Tcpdump Group git mirrors - tcpdump/blob - print-icmp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
gre: add support for MikroTik Ethernet-over-IP hack.
[tcpdump] / print-icmp.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Internet Control Message Protocol (ICMP) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "extract.h"
36
37 #include "ip.h"
38 #include "udp.h"
39 #include "ipproto.h"
40 #include "mpls.h"
41
42 /*
43 * Interface Control Message Protocol Definitions.
44 * Per RFC 792, September 1981.
45 */
46
47 /*
48 * Structure of an icmp header.
49 */
50 struct icmp {
51 nd_uint8_t icmp_type; /* type of message, see below */
52 nd_uint8_t icmp_code; /* type sub code */
53 nd_uint16_t icmp_cksum; /* ones complement cksum of struct */
54 union {
55 nd_uint8_t ih_pptr; /* ICMP_PARAMPROB */
56 nd_ipv4 ih_gwaddr; /* ICMP_REDIRECT */
57 struct ih_idseq {
58 nd_uint16_t icd_id;
59 nd_uint16_t icd_seq;
60 } ih_idseq;
61 nd_uint32_t ih_void;
62 } icmp_hun;
63 #define icmp_pptr icmp_hun.ih_pptr
64 #define icmp_gwaddr icmp_hun.ih_gwaddr
65 #define icmp_id icmp_hun.ih_idseq.icd_id
66 #define icmp_seq icmp_hun.ih_idseq.icd_seq
67 #define icmp_void icmp_hun.ih_void
68 union {
69 struct id_ts {
70 nd_uint32_t its_otime;
71 nd_uint32_t its_rtime;
72 nd_uint32_t its_ttime;
73 } id_ts;
74 struct id_ip {
75 struct ip idi_ip;
76 /* options and then 64 bits of data */
77 } id_ip;
78 nd_uint32_t id_mask;
79 nd_byte id_data[1];
80 } icmp_dun;
81 #define icmp_otime icmp_dun.id_ts.its_otime
82 #define icmp_rtime icmp_dun.id_ts.its_rtime
83 #define icmp_ttime icmp_dun.id_ts.its_ttime
84 #define icmp_ip icmp_dun.id_ip.idi_ip
85 #define icmp_mask icmp_dun.id_mask
86 #define icmp_data icmp_dun.id_data
87 };
88
89 /*
90 * Lower bounds on packet lengths for various types.
91 * For the error advice packets must first insure that the
92 * packet is large enough to contain the returned ip header.
93 * Only then can we do the check to see if 64 bits of packet
94 * data have been returned, since we need to check the returned
95 * ip header length.
96 */
97 #define ICMP_MINLEN 8 /* abs minimum */
98 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip)) /* draft-bonica-internet-icmp-08 */
99 #define ICMP_TSLEN (8 + 3 * sizeof (uint32_t)) /* timestamp */
100 #define ICMP_MASKLEN 12 /* address mask */
101 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */
102 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8)
103 /* N.B.: must separately check that ip_hl >= 5 */
104
105 /*
106 * Definition of type and code field values.
107 */
108 #define ICMP_ECHOREPLY 0 /* echo reply */
109 #define ICMP_UNREACH 3 /* dest unreachable, codes: */
110 #define ICMP_UNREACH_NET 0 /* bad net */
111 #define ICMP_UNREACH_HOST 1 /* bad host */
112 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */
113 #define ICMP_UNREACH_PORT 3 /* bad port */
114 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */
115 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */
116 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */
117 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */
118 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */
119 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */
120 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */
121 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */
122 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */
123 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */
124 #define ICMP_REDIRECT 5 /* shorter route, codes: */
125 #define ICMP_REDIRECT_NET 0 /* for network */
126 #define ICMP_REDIRECT_HOST 1 /* for host */
127 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */
128 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */
129 #define ICMP_ECHO 8 /* echo service */
130 #define ICMP_ROUTERADVERT 9 /* router advertisement */
131 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */
132 #define ICMP_TIMXCEED 11 /* time exceeded, code: */
133 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */
134 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */
135 #define ICMP_PARAMPROB 12 /* ip header bad */
136 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */
137 #define ICMP_TSTAMP 13 /* timestamp request */
138 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */
139 #define ICMP_IREQ 15 /* information request */
140 #define ICMP_IREQREPLY 16 /* information reply */
141 #define ICMP_MASKREQ 17 /* address mask request */
142 #define ICMP_MASKREPLY 18 /* address mask reply */
143
144 #define ICMP_MAXTYPE 18
145
146 #define ICMP_ERRTYPE(type) \
147 ((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \
148 (type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \
149 (type) == ICMP_PARAMPROB)
150 #define ICMP_MULTIPART_EXT_TYPE(type) \
151 ((type) == ICMP_UNREACH || \
152 (type) == ICMP_TIMXCEED || \
153 (type) == ICMP_PARAMPROB)
154 /* rfc1700 */
155 #ifndef ICMP_UNREACH_NET_UNKNOWN
156 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */
157 #endif
158 #ifndef ICMP_UNREACH_HOST_UNKNOWN
159 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */
160 #endif
161 #ifndef ICMP_UNREACH_ISOLATED
162 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */
163 #endif
164 #ifndef ICMP_UNREACH_NET_PROHIB
165 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */
166 #endif
167 #ifndef ICMP_UNREACH_HOST_PROHIB
168 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */
169 #endif
170 #ifndef ICMP_UNREACH_TOSNET
171 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */
172 #endif
173 #ifndef ICMP_UNREACH_TOSHOST
174 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */
175 #endif
176
177 /* rfc1716 */
178 #ifndef ICMP_UNREACH_FILTER_PROHIB
179 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */
180 #endif
181 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
182 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */
183 #endif
184 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
185 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
186 #endif
187
188 /* Most of the icmp types */
189 static const struct tok icmp2str[] = {
190 { ICMP_ECHOREPLY, "echo reply" },
191 { ICMP_SOURCEQUENCH, "source quench" },
192 { ICMP_ECHO, "echo request" },
193 { ICMP_ROUTERSOLICIT, "router solicitation" },
194 { ICMP_TSTAMP, "time stamp request" },
195 { ICMP_TSTAMPREPLY, "time stamp reply" },
196 { ICMP_IREQ, "information request" },
197 { ICMP_IREQREPLY, "information reply" },
198 { ICMP_MASKREQ, "address mask request" },
199 { 0, NULL }
200 };
201
202 /* rfc1191 */
203 struct mtu_discovery {
204 nd_uint16_t unused;
205 nd_uint16_t nexthopmtu;
206 };
207
208 /* rfc1256 */
209 struct ih_rdiscovery {
210 nd_uint8_t ird_addrnum;
211 nd_uint8_t ird_addrsiz;
212 nd_uint16_t ird_lifetime;
213 };
214
215 struct id_rdiscovery {
216 nd_uint32_t ird_addr;
217 nd_uint32_t ird_pref;
218 };
219
220 /*
221 * RFC 4884 - Extended ICMP to Support Multi-Part Messages
222 *
223 * This is a general extension mechanism, based on the mechanism
224 * in draft-bonica-icmp-mpls-02 ICMP Extensions for MultiProtocol
225 * Label Switching.
226 *
227 * The Destination Unreachable, Time Exceeded
228 * and Parameter Problem messages are slightly changed as per
229 * the above RFC. A new Length field gets added to give
230 * the caller an idea about the length of the piggybacked
231 * IP packet before the extension header starts.
232 *
233 * The Length field represents length of the padded "original datagram"
234 * field measured in 32-bit words.
235 *
236 * 0 1 2 3
237 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
238 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
239 * | Type | Code | Checksum |
240 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
241 * | unused | Length | unused |
242 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
243 * | Internet Header + leading octets of original datagram |
244 * | |
245 * | // |
246 * | |
247 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
248 */
249
250 struct icmp_ext_t {
251 nd_uint8_t icmp_type;
252 nd_uint8_t icmp_code;
253 nd_uint16_t icmp_checksum;
254 nd_byte icmp_reserved;
255 nd_uint8_t icmp_length;
256 nd_byte icmp_reserved2[2];
257 nd_byte icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */
258 nd_byte icmp_ext_version_res[2];
259 nd_uint16_t icmp_ext_checksum;
260 nd_byte icmp_ext_data[1];
261 };
262
263 /*
264 * Extract version from the first octet of icmp_ext_version_res.
265 */
266 #define ICMP_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
267
268 /*
269 * Current version.
270 */
271 #define ICMP_EXT_VERSION 2
272
273 /*
274 * Extension object class numbers.
275 *
276 * Class 1 dates back to draft-bonica-icmp-mpls-02.
277 *
278 * Class 2 was used for an "Extended Payload Object Class", which
279 * contained bytes of the payload beyond the first 128 bytes, in
280 * draft-bonica-icmp-mpls-02; it was reassigned to an "Interface
281 * Information Object" in RFC 5837.
282 */
283
284 /* rfc4950 */
285 #define MPLS_STACK_ENTRY_OBJECT_CLASS 1
286 /* rfc5837 */
287 #define INTERFACE_INFORMATION_OBJECT_CLASS 2
288
289 struct icmp_multipart_ext_object_header_t {
290 nd_uint16_t length;
291 nd_uint8_t class_num;
292 nd_uint8_t ctype;
293 };
294
295 static const struct tok icmp_multipart_ext_obj_values[] = {
296 { 1, "MPLS Stack Entry" },
297 { 2, "Interface Identification" },
298 { 0, NULL}
299 };
300
301 /* rfc5837 */
302 static const struct tok icmp_interface_identification_role_values[] = {
303 { 0, "the IP interface upon which a datagram arrived"},
304 { 1, "the sub-IP component of an IP interface upon which a datagram arrived"},
305 { 2, "the IP interface through which the datagram would have been forwarded had it been forwardable"},
306 { 3, "the IP next hop to which the datagram would have been forwarded"},
307 { 0, NULL }
308 };
309
310 /*
311 Interface IP Address Sub-Object
312 0 31
313 +-------+-------+-------+-------+
314 | AFI | Reserved |
315 +-------+-------+-------+-------+
316 | IP Address ....
317 */
318 struct icmp_interface_identification_ipaddr_subobject_t {
319 nd_uint16_t afi;
320 nd_uint16_t reserved;
321 nd_uint32_t ip_addr;
322 };
323
324 /*
325 Interface Name Sub-Object
326 octet 0 1 63
327 +--------+-----------................-----------------+
328 | length | interface name octets 1-63 |
329 +--------+-----------................-----------------+
330 */
331 struct icmp_interface_identification_ifname_subobject_t {
332 nd_uint8_t length;
333 nd_byte if_name[63];
334 };
335
336
337 /* prototypes */
338 const char *icmp_tstamp_print(u_int);
339
340 /* print the milliseconds since midnight UTC */
341 const char *
342 icmp_tstamp_print(u_int tstamp)
343 {
344 u_int msec,sec,min,hrs;
345
346 static char buf[64];
347
348 msec = tstamp % 1000;
349 sec = tstamp / 1000;
350 min = sec / 60; sec -= min * 60;
351 hrs = min / 60; min -= hrs * 60;
352 snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
353 return buf;
354 }
355
356 void
357 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *bp2,
358 int fragmented)
359 {
360 char *cp;
361 const struct icmp *dp;
362 uint8_t icmp_type, icmp_code;
363 const struct icmp_ext_t *ext_dp;
364 const struct ip *ip;
365 const char *str;
366 const struct ip *oip;
367 uint8_t ip_proto;
368 const struct udphdr *ouh;
369 const uint8_t *obj_tptr;
370 uint32_t raw_label;
371 const struct icmp_multipart_ext_object_header_t *icmp_multipart_ext_object_header;
372 u_int interface_role, if_index_flag, ipaddr_flag, name_flag, mtu_flag;
373 const uint8_t *offset;
374 const struct icmp_interface_identification_ipaddr_subobject_t *ipaddr_subobj;
375 const struct icmp_interface_identification_ifname_subobject_t *ifname_subobj;
376 u_int hlen, mtu, obj_tlen, obj_class_num, obj_ctype;
377 uint16_t dport;
378 char buf[MAXHOSTNAMELEN + 100];
379 struct cksum_vec vec[1];
380
381 ndo->ndo_protocol = "icmp";
382 dp = (const struct icmp *)bp;
383 ext_dp = (const struct icmp_ext_t *)bp;
384 ip = (const struct ip *)bp2;
385 str = buf;
386
387 icmp_type = GET_U_1(dp->icmp_type);
388 icmp_code = GET_U_1(dp->icmp_code);
389 switch (icmp_type) {
390
391 case ICMP_ECHO:
392 case ICMP_ECHOREPLY:
393 (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
394 icmp_type == ICMP_ECHO ?
395 "request" : "reply",
396 GET_BE_U_2(dp->icmp_id),
397 GET_BE_U_2(dp->icmp_seq));
398 break;
399
400 case ICMP_UNREACH:
401 switch (icmp_code) {
402
403 case ICMP_UNREACH_NET:
404 (void)snprintf(buf, sizeof(buf),
405 "net %s unreachable",
406 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
407 break;
408
409 case ICMP_UNREACH_HOST:
410 (void)snprintf(buf, sizeof(buf),
411 "host %s unreachable",
412 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
413 break;
414
415 case ICMP_UNREACH_PROTOCOL:
416 (void)snprintf(buf, sizeof(buf),
417 "%s protocol %u unreachable",
418 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
419 GET_U_1(dp->icmp_ip.ip_p));
420 break;
421
422 case ICMP_UNREACH_PORT:
423 ND_TCHECK_1(dp->icmp_ip.ip_p);
424 oip = &dp->icmp_ip;
425 hlen = IP_HL(oip) * 4;
426 ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
427 dport = GET_BE_U_2(ouh->uh_dport);
428 ip_proto = GET_U_1(oip->ip_p);
429 switch (ip_proto) {
430
431 case IPPROTO_TCP:
432 (void)snprintf(buf, sizeof(buf),
433 "%s tcp port %s unreachable",
434 GET_IPADDR_STRING(oip->ip_dst),
435 tcpport_string(ndo, dport));
436 break;
437
438 case IPPROTO_UDP:
439 (void)snprintf(buf, sizeof(buf),
440 "%s udp port %s unreachable",
441 GET_IPADDR_STRING(oip->ip_dst),
442 udpport_string(ndo, dport));
443 break;
444
445 default:
446 (void)snprintf(buf, sizeof(buf),
447 "%s protocol %u port %u unreachable",
448 GET_IPADDR_STRING(oip->ip_dst),
449 ip_proto, dport);
450 break;
451 }
452 break;
453
454 case ICMP_UNREACH_NEEDFRAG:
455 {
456 const struct mtu_discovery *mp;
457 mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
458 mtu = GET_BE_U_2(mp->nexthopmtu);
459 if (mtu) {
460 (void)snprintf(buf, sizeof(buf),
461 "%s unreachable - need to frag (mtu %u)",
462 GET_IPADDR_STRING(dp->icmp_ip.ip_dst), mtu);
463 } else {
464 (void)snprintf(buf, sizeof(buf),
465 "%s unreachable - need to frag",
466 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
467 }
468 }
469 break;
470
471 case ICMP_UNREACH_SRCFAIL:
472 (void)snprintf(buf, sizeof(buf),
473 "%s unreachable - source route failed",
474 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
475 break;
476
477 case ICMP_UNREACH_NET_UNKNOWN:
478 (void)snprintf(buf, sizeof(buf),
479 "net %s unreachable - unknown",
480 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
481 break;
482
483 case ICMP_UNREACH_HOST_UNKNOWN:
484 (void)snprintf(buf, sizeof(buf),
485 "host %s unreachable - unknown",
486 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
487 break;
488
489 case ICMP_UNREACH_ISOLATED:
490 (void)snprintf(buf, sizeof(buf),
491 "%s unreachable - source host isolated",
492 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
493 break;
494
495 case ICMP_UNREACH_NET_PROHIB:
496 (void)snprintf(buf, sizeof(buf),
497 "net %s unreachable - admin prohibited",
498 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
499 break;
500
501 case ICMP_UNREACH_HOST_PROHIB:
502 (void)snprintf(buf, sizeof(buf),
503 "host %s unreachable - admin prohibited",
504 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
505 break;
506
507 case ICMP_UNREACH_TOSNET:
508 (void)snprintf(buf, sizeof(buf),
509 "net %s unreachable - tos prohibited",
510 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
511 break;
512
513 case ICMP_UNREACH_TOSHOST:
514 (void)snprintf(buf, sizeof(buf),
515 "host %s unreachable - tos prohibited",
516 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
517 break;
518
519 case ICMP_UNREACH_FILTER_PROHIB:
520 (void)snprintf(buf, sizeof(buf),
521 "host %s unreachable - admin prohibited filter",
522 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
523 break;
524
525 case ICMP_UNREACH_HOST_PRECEDENCE:
526 (void)snprintf(buf, sizeof(buf),
527 "host %s unreachable - host precedence violation",
528 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
529 break;
530
531 case ICMP_UNREACH_PRECEDENCE_CUTOFF:
532 (void)snprintf(buf, sizeof(buf),
533 "host %s unreachable - precedence cutoff",
534 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
535 break;
536
537 default:
538 (void)snprintf(buf, sizeof(buf),
539 "%s unreachable - #%u",
540 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
541 icmp_code);
542 break;
543 }
544 break;
545
546 case ICMP_REDIRECT:
547 switch (icmp_code) {
548
549 case ICMP_REDIRECT_NET:
550 (void)snprintf(buf, sizeof(buf),
551 "redirect %s to net %s",
552 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
553 GET_IPADDR_STRING(dp->icmp_gwaddr));
554 break;
555
556 case ICMP_REDIRECT_HOST:
557 (void)snprintf(buf, sizeof(buf),
558 "redirect %s to host %s",
559 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
560 GET_IPADDR_STRING(dp->icmp_gwaddr));
561 break;
562
563 case ICMP_REDIRECT_TOSNET:
564 (void)snprintf(buf, sizeof(buf),
565 "redirect-tos %s to net %s",
566 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
567 GET_IPADDR_STRING(dp->icmp_gwaddr));
568 break;
569
570 case ICMP_REDIRECT_TOSHOST:
571 (void)snprintf(buf, sizeof(buf),
572 "redirect-tos %s to host %s",
573 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
574 GET_IPADDR_STRING(dp->icmp_gwaddr));
575 break;
576
577 default:
578 (void)snprintf(buf, sizeof(buf),
579 "redirect-#%u %s to %s", icmp_code,
580 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
581 GET_IPADDR_STRING(dp->icmp_gwaddr));
582 break;
583 }
584 break;
585
586 case ICMP_ROUTERADVERT:
587 {
588 const struct ih_rdiscovery *ihp;
589 const struct id_rdiscovery *idp;
590 u_int lifetime, num, size;
591
592 (void)snprintf(buf, sizeof(buf), "router advertisement");
593 cp = buf + strlen(buf);
594
595 ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
596 ND_TCHECK_SIZE(ihp);
597 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
598 cp = buf + strlen(buf);
599 lifetime = GET_BE_U_2(ihp->ird_lifetime);
600 if (lifetime < 60) {
601 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
602 lifetime);
603 } else if (lifetime < 60 * 60) {
604 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
605 lifetime / 60, lifetime % 60);
606 } else {
607 (void)snprintf(cp, sizeof(buf) - (cp - buf),
608 "%u:%02u:%02u",
609 lifetime / 3600,
610 (lifetime % 3600) / 60,
611 lifetime % 60);
612 }
613 cp = buf + strlen(buf);
614
615 num = GET_U_1(ihp->ird_addrnum);
616 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %u:", num);
617 cp = buf + strlen(buf);
618
619 size = GET_U_1(ihp->ird_addrsiz);
620 if (size != 2) {
621 (void)snprintf(cp, sizeof(buf) - (cp - buf),
622 " [size %u]", size);
623 break;
624 }
625 idp = (const struct id_rdiscovery *)&dp->icmp_data;
626 while (num > 0) {
627 ND_TCHECK_SIZE(idp);
628 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
629 GET_IPADDR_STRING(idp->ird_addr),
630 GET_BE_U_4(idp->ird_pref));
631 cp = buf + strlen(buf);
632 ++idp;
633 num--;
634 }
635 }
636 break;
637
638 case ICMP_TIMXCEED:
639 ND_TCHECK_4(dp->icmp_ip.ip_dst);
640 switch (icmp_code) {
641
642 case ICMP_TIMXCEED_INTRANS:
643 str = "time exceeded in-transit";
644 break;
645
646 case ICMP_TIMXCEED_REASS:
647 str = "ip reassembly time exceeded";
648 break;
649
650 default:
651 (void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
652 icmp_code);
653 break;
654 }
655 break;
656
657 case ICMP_PARAMPROB:
658 if (icmp_code)
659 (void)snprintf(buf, sizeof(buf),
660 "parameter problem - code %u", icmp_code);
661 else {
662 (void)snprintf(buf, sizeof(buf),
663 "parameter problem - octet %u",
664 GET_U_1(dp->icmp_pptr));
665 }
666 break;
667
668 case ICMP_MASKREPLY:
669 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
670 GET_BE_U_4(dp->icmp_mask));
671 break;
672
673 case ICMP_TSTAMP:
674 (void)snprintf(buf, sizeof(buf),
675 "time stamp query id %u seq %u",
676 GET_BE_U_2(dp->icmp_id),
677 GET_BE_U_2(dp->icmp_seq));
678 break;
679
680 case ICMP_TSTAMPREPLY:
681 ND_TCHECK_4(dp->icmp_ttime);
682 (void)snprintf(buf, sizeof(buf),
683 "time stamp reply id %u seq %u: org %s",
684 GET_BE_U_2(dp->icmp_id),
685 GET_BE_U_2(dp->icmp_seq),
686 icmp_tstamp_print(GET_BE_U_4(dp->icmp_otime)));
687
688 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
689 icmp_tstamp_print(GET_BE_U_4(dp->icmp_rtime)));
690 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
691 icmp_tstamp_print(GET_BE_U_4(dp->icmp_ttime)));
692 break;
693
694 default:
695 str = tok2str(icmp2str, "type-#%u", icmp_type);
696 break;
697 }
698 ND_PRINT("ICMP %s, length %u", str, plen);
699 if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
700 if (ND_TTEST_LEN(bp, plen)) {
701 uint16_t sum;
702
703 vec[0].ptr = (const uint8_t *)(const void *)dp;
704 vec[0].len = plen;
705 sum = in_cksum(vec, 1);
706 if (sum != 0) {
707 uint16_t icmp_sum = GET_BE_U_2(dp->icmp_cksum);
708 ND_PRINT(" (wrong icmp cksum %x (->%x)!)",
709 icmp_sum,
710 in_cksum_shouldbe(icmp_sum, sum));
711 }
712 }
713 }
714
715 /*
716 * print the remnants of the IP packet.
717 * save the snaplength as this may get overridden in the IP printer.
718 */
719 if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
720 const u_char *snapend_save;
721
722 bp += 8;
723 ND_PRINT("\n\t");
724 ip = (const struct ip *)bp;
725 snapend_save = ndo->ndo_snapend;
726 /*
727 * Update the snapend because extensions (MPLS, ...) may be
728 * present after the IP packet. In this case the current
729 * (outer) packet's snapend is not what ip_print() needs to
730 * decode an IP packet nested in the middle of an ICMP payload.
731 *
732 * This prevents that, in ip_print(), for the nested IP packet,
733 * the remaining length < remaining caplen.
734 */
735 ndo->ndo_snapend = ND_MIN(bp + GET_BE_U_2(ip->ip_len),
736 ndo->ndo_snapend);
737 ip_print(ndo, bp, GET_BE_U_2(ip->ip_len));
738 ndo->ndo_snapend = snapend_save;
739 }
740
741 /* ndo_protocol reassignment after ip_print() call */
742 ndo->ndo_protocol = "icmp";
743
744 /*
745 * Attempt to decode multi-part message extensions (rfc4884) only for some ICMP types.
746 */
747 if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MULTIPART_EXT_TYPE(icmp_type)) {
748
749 ND_TCHECK_SIZE(ext_dp);
750
751 /*
752 * Check first if the multi-part extension header shows a non-zero length.
753 * If the length field is not set then silently verify the checksum
754 * to check if an extension header is present. This is expedient,
755 * however not all implementations set the length field proper.
756 */
757 if (GET_U_1(ext_dp->icmp_length) == 0 &&
758 ND_TTEST_LEN(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) {
759 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
760 vec[0].len = plen - ICMP_EXTD_MINLEN;
761 if (in_cksum(vec, 1)) {
762 return;
763 }
764 }
765
766 ND_PRINT("\n\tICMP Multi-Part extension v%u",
767 ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)));
768
769 /*
770 * Sanity checking of the header.
771 */
772 if (ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
773 ICMP_EXT_VERSION) {
774 ND_PRINT(" packet not supported");
775 return;
776 }
777
778 hlen = plen - ICMP_EXTD_MINLEN;
779 if (ND_TTEST_LEN(ext_dp->icmp_ext_version_res, hlen)) {
780 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
781 vec[0].len = hlen;
782 ND_PRINT(", checksum 0x%04x (%scorrect), length %u",
783 GET_BE_U_2(ext_dp->icmp_ext_checksum),
784 in_cksum(vec, 1) ? "in" : "",
785 hlen);
786 }
787
788 hlen -= 4; /* subtract common header size */
789 obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
790
791 while (hlen > sizeof(struct icmp_multipart_ext_object_header_t)) {
792
793 icmp_multipart_ext_object_header = (const struct icmp_multipart_ext_object_header_t *)obj_tptr;
794 ND_TCHECK_SIZE(icmp_multipart_ext_object_header);
795 obj_tlen = GET_BE_U_2(icmp_multipart_ext_object_header->length);
796 obj_class_num = GET_U_1(icmp_multipart_ext_object_header->class_num);
797 obj_ctype = GET_U_1(icmp_multipart_ext_object_header->ctype);
798 obj_tptr += sizeof(struct icmp_multipart_ext_object_header_t);
799
800 ND_PRINT("\n\t %s Object (%u), Class-Type: %u, length %u",
801 tok2str(icmp_multipart_ext_obj_values,"unknown",obj_class_num),
802 obj_class_num,
803 obj_ctype,
804 obj_tlen);
805
806 hlen-=sizeof(struct icmp_multipart_ext_object_header_t); /* length field includes tlv header */
807
808 /* infinite loop protection */
809 if ((obj_class_num == 0) ||
810 (obj_tlen < sizeof(struct icmp_multipart_ext_object_header_t))) {
811 return;
812 }
813 obj_tlen-=sizeof(struct icmp_multipart_ext_object_header_t);
814
815 switch (obj_class_num) {
816 case MPLS_STACK_ENTRY_OBJECT_CLASS:
817 switch(obj_ctype) {
818 case 1:
819 raw_label = GET_BE_U_4(obj_tptr);
820 ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
821 if (MPLS_STACK(raw_label))
822 ND_PRINT(", [S]");
823 ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
824 break;
825 default:
826 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
827 }
828 break;
829
830 case INTERFACE_INFORMATION_OBJECT_CLASS:
831 /*
832 Ctype in a INTERFACE_INFORMATION_OBJECT_CLASS object:
833
834 Bit 0 1 2 3 4 5 6 7
835 +-------+-------+-------+-------+-------+-------+-------+-------+
836 | Interface Role| Rsvd1 | Rsvd2 |ifIndex| IPAddr| name | MTU |
837 +-------+-------+-------+-------+-------+-------+-------+-------+
838 */
839 interface_role = (obj_ctype & 0xc0) >> 6;
840 if_index_flag = (obj_ctype & 0x8) >> 3;
841 ipaddr_flag = (obj_ctype & 0x4) >> 2;
842 name_flag = (obj_ctype & 0x2) >> 1;
843 mtu_flag = (obj_ctype & 0x1);
844
845 ND_PRINT("\n\t\t This object describes %s",
846 tok2str(icmp_interface_identification_role_values,
847 "an unknown interface role",interface_role));
848
849 offset = obj_tptr;
850
851 if (if_index_flag) {
852 ND_PRINT("\n\t\t Interface Index: %u", GET_BE_U_4(offset));
853 offset += 4;
854 }
855 if (ipaddr_flag) {
856 ND_PRINT("\n\t\t IP Address sub-object: ");
857 ipaddr_subobj = (const struct icmp_interface_identification_ipaddr_subobject_t *) offset;
858 switch (GET_BE_U_2(ipaddr_subobj->afi)) {
859 case 1:
860 ND_PRINT("%s", GET_IPADDR_STRING(ipaddr_subobj->ip_addr));
861 offset += 4;
862 break;
863 case 2:
864 ND_PRINT("%s", GET_IP6ADDR_STRING(ipaddr_subobj->ip_addr));
865 offset += 16;
866 break;
867 default:
868 ND_PRINT("Unknown Address Family Identifier");
869 return;
870 }
871 offset += 4;
872 }
873 if (name_flag) {
874 uint8_t inft_name_length_field;
875
876 ifname_subobj = (const struct icmp_interface_identification_ifname_subobject_t *) offset;
877 inft_name_length_field = GET_U_1(ifname_subobj->length);
878 ND_PRINT("\n\t\t Interface Name");
879 if (inft_name_length_field % 4 != 0) {
880 ND_PRINT(" [length %u != N x 4]", inft_name_length_field);
881 nd_print_invalid(ndo);
882 offset += inft_name_length_field;
883 break;
884 }
885 if (inft_name_length_field > 64) {
886 ND_PRINT(" [length %u > 64]", inft_name_length_field);
887 nd_print_invalid(ndo);
888 offset += inft_name_length_field;
889 break;
890 }
891 ND_PRINT(", length %u: ", inft_name_length_field);
892 nd_printjnp(ndo, ifname_subobj->if_name,
893 inft_name_length_field - 1);
894 offset += inft_name_length_field;
895 }
896 if (mtu_flag) {
897 ND_PRINT("\n\t\t MTU: %u", GET_BE_U_4(offset));
898 offset += 4;
899 }
900 break;
901
902 default:
903 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
904 break;
905 }
906 if (hlen < obj_tlen)
907 break;
908 hlen -= obj_tlen;
909 obj_tptr += obj_tlen;
910 }
911 }
912
913 return;
914 trunc:
915 nd_print_trunc(ndo);
916 }
[mirror] the TCPdump network dissector