]> The Tcpdump Group git mirrors - tcpdump/blob - print-fr.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
The third argument to linkaddr_string is one of the LINKADDR_ enums.
[tcpdump] / print-fr.c
1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Frame Relay printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "ethertype.h"
36 #include "llc.h"
37 #include "nlpid.h"
38 #include "extract.h"
39 #include "oui.h"
40
41 static void frf15_print(netdissect_options *ndo, const u_char *, u_int);
42
43 /*
44 * the frame relay header has a variable length
45 *
46 * the EA bit determines if there is another byte
47 * in the header
48 *
49 * minimum header length is 2 bytes
50 * maximum header length is 4 bytes
51 *
52 * 7 6 5 4 3 2 1 0
53 * +----+----+----+----+----+----+----+----+
54 * | DLCI (6 bits) | CR | EA |
55 * +----+----+----+----+----+----+----+----+
56 * | DLCI (4 bits) |FECN|BECN| DE | EA |
57 * +----+----+----+----+----+----+----+----+
58 * | DLCI (7 bits) | EA |
59 * +----+----+----+----+----+----+----+----+
60 * | DLCI (6 bits) |SDLC| EA |
61 * +----+----+----+----+----+----+----+----+
62 */
63
64 #define FR_EA_BIT 0x01
65
66 #define FR_CR_BIT 0x02000000
67 #define FR_DE_BIT 0x00020000
68 #define FR_BECN_BIT 0x00040000
69 #define FR_FECN_BIT 0x00080000
70 #define FR_SDLC_BIT 0x00000002
71
72
73 static const struct tok fr_header_flag_values[] = {
74 { FR_CR_BIT, "C!" },
75 { FR_DE_BIT, "DE" },
76 { FR_BECN_BIT, "BECN" },
77 { FR_FECN_BIT, "FECN" },
78 { FR_SDLC_BIT, "sdlcore" },
79 { 0, NULL }
80 };
81
82 /* FRF.15 / FRF.16 */
83 #define MFR_B_BIT 0x80
84 #define MFR_E_BIT 0x40
85 #define MFR_C_BIT 0x20
86 #define MFR_BEC_MASK (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT)
87 #define MFR_CTRL_FRAME (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT)
88 #define MFR_FRAG_FRAME (MFR_B_BIT | MFR_E_BIT )
89
90 static const struct tok frf_flag_values[] = {
91 { MFR_B_BIT, "Begin" },
92 { MFR_E_BIT, "End" },
93 { MFR_C_BIT, "Control" },
94 { 0, NULL }
95 };
96
97 /* Finds out Q.922 address length, DLCI and flags. Returns 1 on success,
98 * 0 on invalid address, -1 on truncated packet
99 * save the flags dep. on address length
100 */
101 static int parse_q922_header(netdissect_options *ndo,
102 const u_char *p, u_int *dlci,
103 u_int *addr_len, uint32_t *flags, u_int length)
104 {
105 if (!ND_TTEST_1(p) || length < 1)
106 return -1;
107 if ((GET_U_1(p) & FR_EA_BIT))
108 return 0;
109
110 if (!ND_TTEST_1(p + 1) || length < 2)
111 return -1;
112 *addr_len = 2;
113 *dlci = ((GET_U_1(p) & 0xFC) << 2) | ((GET_U_1(p + 1) & 0xF0) >> 4);
114
115 *flags = ((GET_U_1(p) & 0x02) << 24) | /* CR flag */
116 ((GET_U_1(p + 1) & 0x0e) << 16); /* FECN,BECN,DE flags */
117
118 if (GET_U_1(p + 1) & FR_EA_BIT)
119 return 1; /* 2-byte Q.922 address */
120
121 p += 2;
122 length -= 2;
123 if (!ND_TTEST_1(p) || length < 1)
124 return -1;
125 (*addr_len)++; /* 3- or 4-byte Q.922 address */
126 if ((GET_U_1(p) & FR_EA_BIT) == 0) {
127 *dlci = (*dlci << 7) | (GET_U_1(p) >> 1);
128 (*addr_len)++; /* 4-byte Q.922 address */
129 p++;
130 length--;
131 }
132
133 if (!ND_TTEST_1(p) || length < 1)
134 return -1;
135 if ((GET_U_1(p) & FR_EA_BIT) == 0)
136 return 0; /* more than 4 bytes of Q.922 address? */
137
138 *flags = *flags | (GET_U_1(p) & 0x02); /* SDLC flag */
139
140 *dlci = (*dlci << 6) | (GET_U_1(p) >> 2);
141
142 return 1;
143 }
144
145 const char *
146 q922_string(netdissect_options *ndo, const u_char *p, u_int length)
147 {
148
149 static u_int dlci, addr_len;
150 static uint32_t flags;
151 static char buffer[sizeof("DLCI xxxxxxxxxx")];
152 memset(buffer, 0, sizeof(buffer));
153
154 if (parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length) == 1){
155 snprintf(buffer, sizeof(buffer), "DLCI %u", dlci);
156 }
157
158 return buffer;
159 }
160
161
162 /* Frame Relay packet structure, with flags and CRC removed
163
164 +---------------------------+
165 | Q.922 Address* |
166 +-- --+
167 | |
168 +---------------------------+
169 | Control (UI = 0x03) |
170 +---------------------------+
171 | Optional Pad (0x00) |
172 +---------------------------+
173 | NLPID |
174 +---------------------------+
175 | . |
176 | . |
177 | . |
178 | Data |
179 | . |
180 | . |
181 +---------------------------+
182
183 * Q.922 addresses, as presently defined, are two octets and
184 contain a 10-bit DLCI. In some networks Q.922 addresses
185 may optionally be increased to three or four octets.
186 */
187
188 static void
189 fr_hdr_print(netdissect_options *ndo, int length, u_int addr_len,
190 u_int dlci, uint32_t flags, uint16_t nlpid)
191 {
192 if (ndo->ndo_qflag) {
193 ND_PRINT("Q.922, DLCI %u, length %u: ",
194 dlci,
195 length);
196 } else {
197 if (nlpid <= 0xff) /* if its smaller than 256 then its a NLPID */
198 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], NLPID %s (0x%02x), length %u: ",
199 addr_len,
200 dlci,
201 bittok2str(fr_header_flag_values, "none", flags),
202 tok2str(nlpid_values,"unknown", nlpid),
203 nlpid,
204 length);
205 else /* must be an ethertype */
206 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], cisco-ethertype %s (0x%04x), length %u: ",
207 addr_len,
208 dlci,
209 bittok2str(fr_header_flag_values, "none", flags),
210 tok2str(ethertype_values, "unknown", nlpid),
211 nlpid,
212 length);
213 }
214 }
215
216 u_int
217 fr_if_print(netdissect_options *ndo,
218 const struct pcap_pkthdr *h, const u_char *p)
219 {
220 u_int length = h->len;
221 u_int caplen = h->caplen;
222
223 ndo->ndo_protocol = "fr_if";
224 ND_TCHECK_4(p); /* minimum frame header length */
225
226 if ((length = fr_print(ndo, p, length)) == 0)
227 return (0);
228 else
229 return length;
230 trunc:
231 nd_print_trunc(ndo);
232 return caplen;
233 }
234
235 u_int
236 fr_print(netdissect_options *ndo,
237 const u_char *p, u_int length)
238 {
239 int ret;
240 uint16_t extracted_ethertype;
241 u_int dlci;
242 u_int addr_len;
243 uint16_t nlpid;
244 u_int hdr_len;
245 uint32_t flags;
246
247 ndo->ndo_protocol = "fr";
248 ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length);
249 if (ret == -1)
250 goto trunc;
251 if (ret == 0) {
252 ND_PRINT("Q.922, invalid address");
253 return 0;
254 }
255
256 ND_TCHECK_1(p + addr_len);
257 if (length < addr_len + 1)
258 goto trunc;
259
260 if (GET_U_1(p + addr_len) != LLC_UI && dlci != 0) {
261 /*
262 * Let's figure out if we have Cisco-style encapsulation,
263 * with an Ethernet type (Cisco HDLC type?) following the
264 * address.
265 */
266 if (!ND_TTEST_2(p + addr_len) || length < addr_len + 2) {
267 /* no Ethertype */
268 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len));
269 } else {
270 extracted_ethertype = GET_BE_U_2(p + addr_len);
271
272 if (ndo->ndo_eflag)
273 fr_hdr_print(ndo, length, addr_len, dlci,
274 flags, extracted_ethertype);
275
276 if (ethertype_print(ndo, extracted_ethertype,
277 p+addr_len+ETHERTYPE_LEN,
278 length-addr_len-ETHERTYPE_LEN,
279 ND_BYTES_AVAILABLE_AFTER(p)-addr_len-ETHERTYPE_LEN,
280 NULL, NULL) == 0)
281 /* ether_type not known, probably it wasn't one */
282 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len));
283 else
284 return addr_len + 2;
285 }
286 }
287
288 ND_TCHECK_1(p + addr_len + 1);
289 if (length < addr_len + 2)
290 goto trunc;
291
292 if (GET_U_1(p + addr_len + 1) == 0) {
293 /*
294 * Assume a pad byte after the control (UI) byte.
295 * A pad byte should only be used with 3-byte Q.922.
296 */
297 if (addr_len != 3)
298 ND_PRINT("Pad! ");
299 hdr_len = addr_len + 1 /* UI */ + 1 /* pad */ + 1 /* NLPID */;
300 } else {
301 /*
302 * Not a pad byte.
303 * A pad byte should be used with 3-byte Q.922.
304 */
305 if (addr_len == 3)
306 ND_PRINT("No pad! ");
307 hdr_len = addr_len + 1 /* UI */ + 1 /* NLPID */;
308 }
309
310 ND_TCHECK_1(p + hdr_len - 1);
311 if (length < hdr_len)
312 goto trunc;
313 nlpid = GET_U_1(p + hdr_len - 1);
314
315 if (ndo->ndo_eflag)
316 fr_hdr_print(ndo, length, addr_len, dlci, flags, nlpid);
317 p += hdr_len;
318 length -= hdr_len;
319
320 switch (nlpid) {
321 case NLPID_IP:
322 ip_print(ndo, p, length);
323 break;
324
325 case NLPID_IP6:
326 ip6_print(ndo, p, length);
327 break;
328
329 case NLPID_CLNP:
330 case NLPID_ESIS:
331 case NLPID_ISIS:
332 isoclns_print(ndo, p - 1, length + 1); /* OSI printers need the NLPID field */
333 break;
334
335 case NLPID_SNAP:
336 if (snap_print(ndo, p, length, ND_BYTES_AVAILABLE_AFTER(p), NULL, NULL, 0) == 0) {
337 /* ether_type not known, print raw packet */
338 if (!ndo->ndo_eflag)
339 fr_hdr_print(ndo, length + hdr_len, hdr_len,
340 dlci, flags, nlpid);
341 if (!ndo->ndo_suppress_default_print)
342 ND_DEFAULTPRINT(p - hdr_len, length + hdr_len);
343 }
344 break;
345
346 case NLPID_Q933:
347 q933_print(ndo, p, length);
348 break;
349
350 case NLPID_MFR:
351 frf15_print(ndo, p, length);
352 break;
353
354 case NLPID_PPP:
355 ppp_print(ndo, p, length);
356 break;
357
358 default:
359 if (!ndo->ndo_eflag)
360 fr_hdr_print(ndo, length + hdr_len, addr_len,
361 dlci, flags, nlpid);
362 if (!ndo->ndo_xflag)
363 ND_DEFAULTPRINT(p, length);
364 }
365
366 return hdr_len;
367
368 trunc:
369 nd_print_trunc(ndo);
370 return 0;
371
372 }
373
374 u_int
375 mfr_if_print(netdissect_options *ndo,
376 const struct pcap_pkthdr *h, const u_char *p)
377 {
378 u_int length = h->len;
379 u_int caplen = h->caplen;
380
381 ndo->ndo_protocol = "mfr_if";
382 ND_TCHECK_2(p); /* minimum frame header length */
383
384 if ((length = mfr_print(ndo, p, length)) == 0)
385 return (0);
386 else
387 return length;
388 trunc:
389 nd_print_trunc(ndo);
390 return caplen;
391 }
392
393
394 #define MFR_CTRL_MSG_ADD_LINK 1
395 #define MFR_CTRL_MSG_ADD_LINK_ACK 2
396 #define MFR_CTRL_MSG_ADD_LINK_REJ 3
397 #define MFR_CTRL_MSG_HELLO 4
398 #define MFR_CTRL_MSG_HELLO_ACK 5
399 #define MFR_CTRL_MSG_REMOVE_LINK 6
400 #define MFR_CTRL_MSG_REMOVE_LINK_ACK 7
401
402 static const struct tok mfr_ctrl_msg_values[] = {
403 { MFR_CTRL_MSG_ADD_LINK, "Add Link" },
404 { MFR_CTRL_MSG_ADD_LINK_ACK, "Add Link ACK" },
405 { MFR_CTRL_MSG_ADD_LINK_REJ, "Add Link Reject" },
406 { MFR_CTRL_MSG_HELLO, "Hello" },
407 { MFR_CTRL_MSG_HELLO_ACK, "Hello ACK" },
408 { MFR_CTRL_MSG_REMOVE_LINK, "Remove Link" },
409 { MFR_CTRL_MSG_REMOVE_LINK_ACK, "Remove Link ACK" },
410 { 0, NULL }
411 };
412
413 #define MFR_CTRL_IE_BUNDLE_ID 1
414 #define MFR_CTRL_IE_LINK_ID 2
415 #define MFR_CTRL_IE_MAGIC_NUM 3
416 #define MFR_CTRL_IE_TIMESTAMP 5
417 #define MFR_CTRL_IE_VENDOR_EXT 6
418 #define MFR_CTRL_IE_CAUSE 7
419
420 static const struct tok mfr_ctrl_ie_values[] = {
421 { MFR_CTRL_IE_BUNDLE_ID, "Bundle ID"},
422 { MFR_CTRL_IE_LINK_ID, "Link ID"},
423 { MFR_CTRL_IE_MAGIC_NUM, "Magic Number"},
424 { MFR_CTRL_IE_TIMESTAMP, "Timestamp"},
425 { MFR_CTRL_IE_VENDOR_EXT, "Vendor Extension"},
426 { MFR_CTRL_IE_CAUSE, "Cause"},
427 { 0, NULL }
428 };
429
430 #define MFR_ID_STRING_MAXLEN 50
431
432 struct ie_tlv_header_t {
433 uint8_t ie_type;
434 uint8_t ie_len;
435 };
436
437 u_int
438 mfr_print(netdissect_options *ndo,
439 const u_char *p, u_int length)
440 {
441 u_int tlen,idx,hdr_len = 0;
442 uint16_t sequence_num;
443 uint8_t ie_type,ie_len;
444 const uint8_t *tptr;
445
446
447 /*
448 * FRF.16 Link Integrity Control Frame
449 *
450 * 7 6 5 4 3 2 1 0
451 * +----+----+----+----+----+----+----+----+
452 * | B | E | C=1| 0 0 0 0 | EA |
453 * +----+----+----+----+----+----+----+----+
454 * | 0 0 0 0 0 0 0 0 |
455 * +----+----+----+----+----+----+----+----+
456 * | message type |
457 * +----+----+----+----+----+----+----+----+
458 */
459
460 ndo->ndo_protocol = "mfr";
461
462 if (length < 4) { /* minimum frame header length */
463 ND_PRINT("[length %u < 4]", length);
464 nd_print_invalid(ndo);
465 return length;
466 }
467 ND_TCHECK_4(p);
468
469 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_CTRL_FRAME && GET_U_1(p + 1) == 0) {
470 ND_PRINT("FRF.16 Control, Flags [%s], %s, length %u",
471 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)),
472 tok2str(mfr_ctrl_msg_values,"Unknown Message (0x%02x)",GET_U_1(p + 2)),
473 length);
474 tptr = p + 3;
475 tlen = length -3;
476 hdr_len = 3;
477
478 if (!ndo->ndo_vflag)
479 return hdr_len;
480
481 while (tlen>sizeof(struct ie_tlv_header_t)) {
482 ND_TCHECK_LEN(tptr, sizeof(struct ie_tlv_header_t));
483 ie_type=GET_U_1(tptr);
484 ie_len=GET_U_1(tptr + 1);
485
486 ND_PRINT("\n\tIE %s (%u), length %u: ",
487 tok2str(mfr_ctrl_ie_values,"Unknown",ie_type),
488 ie_type,
489 ie_len);
490
491 /* infinite loop check */
492 if (ie_type == 0 || ie_len <= sizeof(struct ie_tlv_header_t))
493 return hdr_len;
494
495 ND_TCHECK_LEN(tptr, ie_len);
496 tptr+=sizeof(struct ie_tlv_header_t);
497 /* tlv len includes header */
498 ie_len-=sizeof(struct ie_tlv_header_t);
499 tlen-=sizeof(struct ie_tlv_header_t);
500
501 switch (ie_type) {
502
503 case MFR_CTRL_IE_MAGIC_NUM:
504 /* FRF.16.1 Section 3.4.3 Magic Number Information Element */
505 if (ie_len != 4) {
506 ND_PRINT("[IE data length %d != 4]", ie_len);
507 nd_print_invalid(ndo);
508 break;
509 }
510 ND_PRINT("0x%08x", GET_BE_U_4(tptr));
511 break;
512
513 case MFR_CTRL_IE_BUNDLE_ID: /* same message format */
514 case MFR_CTRL_IE_LINK_ID:
515 for (idx = 0; idx < ie_len && idx < MFR_ID_STRING_MAXLEN; idx++) {
516 if (GET_U_1(tptr + idx) != 0) /* don't print null termination */
517 fn_print_char(ndo, GET_U_1(tptr + idx));
518 else
519 break;
520 }
521 break;
522
523 case MFR_CTRL_IE_TIMESTAMP:
524 if (ie_len == sizeof(struct timeval)) {
525 ts_print(ndo, (const struct timeval *)tptr);
526 break;
527 }
528 /* fall through and hexdump if no unix timestamp */
529 ND_FALL_THROUGH;
530
531 /*
532 * FIXME those are the defined IEs that lack a decoder
533 * you are welcome to contribute code ;-)
534 */
535
536 case MFR_CTRL_IE_VENDOR_EXT:
537 case MFR_CTRL_IE_CAUSE:
538
539 default:
540 if (ndo->ndo_vflag <= 1)
541 print_unknown_data(ndo, tptr, "\n\t ", ie_len);
542 break;
543 }
544
545 /* do we want to see a hexdump of the IE ? */
546 if (ndo->ndo_vflag > 1 )
547 print_unknown_data(ndo, tptr, "\n\t ", ie_len);
548
549 tlen-=ie_len;
550 tptr+=ie_len;
551 }
552 return hdr_len;
553 }
554 /*
555 * FRF.16 Fragmentation Frame
556 *
557 * 7 6 5 4 3 2 1 0
558 * +----+----+----+----+----+----+----+----+
559 * | B | E | C=0|seq. (high 4 bits) | EA |
560 * +----+----+----+----+----+----+----+----+
561 * | sequence (low 8 bits) |
562 * +----+----+----+----+----+----+----+----+
563 * | DLCI (6 bits) | CR | EA |
564 * +----+----+----+----+----+----+----+----+
565 * | DLCI (4 bits) |FECN|BECN| DE | EA |
566 * +----+----+----+----+----+----+----+----+
567 */
568
569 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1);
570 /* whole packet or first fragment ? */
571 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_FRAG_FRAME ||
572 (GET_U_1(p) & MFR_BEC_MASK) == MFR_B_BIT) {
573 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s], ",
574 sequence_num,
575 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)));
576 hdr_len = 2;
577 fr_print(ndo, p+hdr_len,length-hdr_len);
578 return hdr_len;
579 }
580
581 /* must be a middle or the last fragment */
582 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s]",
583 sequence_num,
584 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)));
585 print_unknown_data(ndo, p, "\n\t", length);
586
587 return hdr_len;
588
589 trunc:
590 nd_print_trunc(ndo);
591 return length;
592 }
593
594 /* an NLPID of 0xb1 indicates a 2-byte
595 * FRF.15 header
596 *
597 * 7 6 5 4 3 2 1 0
598 * +----+----+----+----+----+----+----+----+
599 * ~ Q.922 header ~
600 * +----+----+----+----+----+----+----+----+
601 * | NLPID (8 bits) | NLPID=0xb1
602 * +----+----+----+----+----+----+----+----+
603 * | B | E | C |seq. (high 4 bits) | R |
604 * +----+----+----+----+----+----+----+----+
605 * | sequence (low 8 bits) |
606 * +----+----+----+----+----+----+----+----+
607 */
608
609 #define FR_FRF15_FRAGTYPE 0x01
610
611 static void
612 frf15_print(netdissect_options *ndo,
613 const u_char *p, u_int length)
614 {
615 uint16_t sequence_num, flags;
616
617 if (length < 2)
618 goto trunc;
619 ND_TCHECK_2(p);
620
621 flags = GET_U_1(p)&MFR_BEC_MASK;
622 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1);
623
624 ND_PRINT("FRF.15, seq 0x%03x, Flags [%s],%s Fragmentation, length %u",
625 sequence_num,
626 bittok2str(frf_flag_values,"none",flags),
627 GET_U_1(p)&FR_FRF15_FRAGTYPE ? "Interface" : "End-to-End",
628 length);
629
630 /* TODO:
631 * depending on all permutations of the B, E and C bit
632 * dig as deep as we can - e.g. on the first (B) fragment
633 * there is enough payload to print the IP header
634 * on non (B) fragments it depends if the fragmentation
635 * model is end-to-end or interface based wether we want to print
636 * another Q.922 header
637 */
638 return;
639
640 trunc:
641 nd_print_trunc(ndo);
642 }
643
644 /*
645 * Q.933 decoding portion for framerelay specific.
646 */
647
648 /* Q.933 packet format
649 Format of Other Protocols
650 using Q.933 NLPID
651 +-------------------------------+
652 | Q.922 Address |
653 +---------------+---------------+
654 |Control 0x03 | NLPID 0x08 |
655 +---------------+---------------+
656 | L2 Protocol ID |
657 | octet 1 | octet 2 |
658 +-------------------------------+
659 | L3 Protocol ID |
660 | octet 2 | octet 2 |
661 +-------------------------------+
662 | Protocol Data |
663 +-------------------------------+
664 | FCS |
665 +-------------------------------+
666 */
667
668 /* L2 (Octet 1)- Call Reference Usually is 0x0 */
669
670 /*
671 * L2 (Octet 2)- Message Types definition 1 byte long.
672 */
673 /* Call Establish */
674 #define MSG_TYPE_ESC_TO_NATIONAL 0x00
675 #define MSG_TYPE_ALERT 0x01
676 #define MSG_TYPE_CALL_PROCEEDING 0x02
677 #define MSG_TYPE_CONNECT 0x07
678 #define MSG_TYPE_CONNECT_ACK 0x0F
679 #define MSG_TYPE_PROGRESS 0x03
680 #define MSG_TYPE_SETUP 0x05
681 /* Call Clear */
682 #define MSG_TYPE_DISCONNECT 0x45
683 #define MSG_TYPE_RELEASE 0x4D
684 #define MSG_TYPE_RELEASE_COMPLETE 0x5A
685 #define MSG_TYPE_RESTART 0x46
686 #define MSG_TYPE_RESTART_ACK 0x4E
687 /* Status */
688 #define MSG_TYPE_STATUS 0x7D
689 #define MSG_TYPE_STATUS_ENQ 0x75
690
691 static const struct tok fr_q933_msg_values[] = {
692 { MSG_TYPE_ESC_TO_NATIONAL, "ESC to National" },
693 { MSG_TYPE_ALERT, "Alert" },
694 { MSG_TYPE_CALL_PROCEEDING, "Call proceeding" },
695 { MSG_TYPE_CONNECT, "Connect" },
696 { MSG_TYPE_CONNECT_ACK, "Connect ACK" },
697 { MSG_TYPE_PROGRESS, "Progress" },
698 { MSG_TYPE_SETUP, "Setup" },
699 { MSG_TYPE_DISCONNECT, "Disconnect" },
700 { MSG_TYPE_RELEASE, "Release" },
701 { MSG_TYPE_RELEASE_COMPLETE, "Release Complete" },
702 { MSG_TYPE_RESTART, "Restart" },
703 { MSG_TYPE_RESTART_ACK, "Restart ACK" },
704 { MSG_TYPE_STATUS, "Status Reply" },
705 { MSG_TYPE_STATUS_ENQ, "Status Enquiry" },
706 { 0, NULL }
707 };
708
709 #define IE_IS_SINGLE_OCTET(iecode) ((iecode) & 0x80)
710 #define IE_IS_SHIFT(iecode) (((iecode) & 0xF0) == 0x90)
711 #define IE_SHIFT_IS_NON_LOCKING(iecode) ((iecode) & 0x08)
712 #define IE_SHIFT_IS_LOCKING(iecode) (!(IE_SHIFT_IS_NON_LOCKING(iecode)))
713 #define IE_SHIFT_CODESET(iecode) ((iecode) & 0x07)
714
715 #define FR_LMI_ANSI_REPORT_TYPE_IE 0x01
716 #define FR_LMI_ANSI_LINK_VERIFY_IE_91 0x19 /* details? */
717 #define FR_LMI_ANSI_LINK_VERIFY_IE 0x03
718 #define FR_LMI_ANSI_PVC_STATUS_IE 0x07
719
720 #define FR_LMI_CCITT_REPORT_TYPE_IE 0x51
721 #define FR_LMI_CCITT_LINK_VERIFY_IE 0x53
722 #define FR_LMI_CCITT_PVC_STATUS_IE 0x57
723
724 static const struct tok fr_q933_ie_values_codeset_0_5[] = {
725 { FR_LMI_ANSI_REPORT_TYPE_IE, "ANSI Report Type" },
726 { FR_LMI_ANSI_LINK_VERIFY_IE_91, "ANSI Link Verify" },
727 { FR_LMI_ANSI_LINK_VERIFY_IE, "ANSI Link Verify" },
728 { FR_LMI_ANSI_PVC_STATUS_IE, "ANSI PVC Status" },
729 { FR_LMI_CCITT_REPORT_TYPE_IE, "CCITT Report Type" },
730 { FR_LMI_CCITT_LINK_VERIFY_IE, "CCITT Link Verify" },
731 { FR_LMI_CCITT_PVC_STATUS_IE, "CCITT PVC Status" },
732 { 0, NULL }
733 };
734
735 #define FR_LMI_REPORT_TYPE_IE_FULL_STATUS 0
736 #define FR_LMI_REPORT_TYPE_IE_LINK_VERIFY 1
737 #define FR_LMI_REPORT_TYPE_IE_ASYNC_PVC 2
738
739 static const struct tok fr_lmi_report_type_ie_values[] = {
740 { FR_LMI_REPORT_TYPE_IE_FULL_STATUS, "Full Status" },
741 { FR_LMI_REPORT_TYPE_IE_LINK_VERIFY, "Link verify" },
742 { FR_LMI_REPORT_TYPE_IE_ASYNC_PVC, "Async PVC Status" },
743 { 0, NULL }
744 };
745
746 /* array of 16 codesets - currently we only support codepage 0 and 5 */
747 static const struct tok *fr_q933_ie_codesets[] = {
748 fr_q933_ie_values_codeset_0_5,
749 NULL,
750 NULL,
751 NULL,
752 NULL,
753 fr_q933_ie_values_codeset_0_5,
754 NULL,
755 NULL,
756 NULL,
757 NULL,
758 NULL,
759 NULL,
760 NULL,
761 NULL,
762 NULL,
763 NULL
764 };
765
766 static int fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode,
767 u_int ielength, const u_char *p);
768
769 typedef int (*codeset_pr_func_t)(netdissect_options *, u_int iecode,
770 u_int ielength, const u_char *p);
771
772 /* array of 16 codesets - currently we only support codepage 0 and 5 */
773 static const codeset_pr_func_t fr_q933_print_ie_codeset[] = {
774 fr_q933_print_ie_codeset_0_5,
775 NULL,
776 NULL,
777 NULL,
778 NULL,
779 fr_q933_print_ie_codeset_0_5,
780 NULL,
781 NULL,
782 NULL,
783 NULL,
784 NULL,
785 NULL,
786 NULL,
787 NULL,
788 NULL,
789 NULL
790 };
791
792 /*
793 * ITU-T Q.933.
794 *
795 * p points to octet 2, the octet containing the length of the
796 * call reference value, so p[n] is octet n+2 ("octet X" is as
797 * used in Q.931/Q.933).
798 *
799 * XXX - actually used both for Q.931 and Q.933.
800 */
801 void
802 q933_print(netdissect_options *ndo,
803 const u_char *p, u_int length)
804 {
805 u_int olen;
806 u_int call_ref_length, i;
807 uint8_t call_ref[15]; /* maximum length - length field is 4 bits */
808 u_int msgtype;
809 u_int iecode;
810 u_int ielength;
811 u_int codeset = 0;
812 u_int is_ansi = 0;
813 u_int ie_is_known;
814 u_int non_locking_shift;
815 u_int unshift_codeset;
816
817 ndo->ndo_protocol = "q.933";
818 ND_PRINT("%s", ndo->ndo_eflag ? "" : "Q.933");
819
820 if (length == 0 || !ND_TTEST_1(p)) {
821 if (!ndo->ndo_eflag)
822 ND_PRINT(", ");
823 ND_PRINT("length %u", length);
824 goto trunc;
825 }
826
827 /*
828 * Get the length of the call reference value.
829 */
830 olen = length; /* preserve the original length for display */
831 call_ref_length = GET_U_1(p) & 0x0f;
832 p++;
833 length--;
834
835 /*
836 * Get the call reference value.
837 */
838 for (i = 0; i < call_ref_length; i++) {
839 if (length == 0 || !ND_TTEST_1(p)) {
840 if (!ndo->ndo_eflag)
841 ND_PRINT(", ");
842 ND_PRINT("length %u", olen);
843 goto trunc;
844 }
845 call_ref[i] = GET_U_1(p);
846 p++;
847 length--;
848 }
849
850 /*
851 * Get the message type.
852 */
853 if (length == 0 || !ND_TTEST_1(p)) {
854 if (!ndo->ndo_eflag)
855 ND_PRINT(", ");
856 ND_PRINT("length %u", olen);
857 goto trunc;
858 }
859 msgtype = GET_U_1(p);
860 p++;
861 length--;
862
863 /*
864 * Peek ahead to see if we start with a shift.
865 */
866 non_locking_shift = 0;
867 unshift_codeset = codeset;
868 if (length != 0) {
869 if (!ND_TTEST_1(p)) {
870 if (!ndo->ndo_eflag)
871 ND_PRINT(", ");
872 ND_PRINT("length %u", olen);
873 goto trunc;
874 }
875 iecode = GET_U_1(p);
876 if (IE_IS_SHIFT(iecode)) {
877 /*
878 * It's a shift. Skip over it.
879 */
880 p++;
881 length--;
882
883 /*
884 * Get the codeset.
885 */
886 codeset = IE_SHIFT_CODESET(iecode);
887
888 /*
889 * If it's a locking shift to codeset 5,
890 * mark this as ANSI. (XXX - 5 is actually
891 * for national variants in general, not
892 * the US variant in particular, but maybe
893 * this is more American exceptionalism. :-))
894 */
895 if (IE_SHIFT_IS_LOCKING(iecode)) {
896 /*
897 * It's a locking shift.
898 */
899 if (codeset == 5) {
900 /*
901 * It's a locking shift to
902 * codeset 5, so this is
903 * T1.617 Annex D.
904 */
905 is_ansi = 1;
906 }
907 } else {
908 /*
909 * It's a non-locking shift.
910 * Remember the current codeset, so we
911 * can revert to it after the next IE.
912 */
913 non_locking_shift = 1;
914 unshift_codeset = 0;
915 }
916 }
917 }
918
919 /* printing out header part */
920 if (!ndo->ndo_eflag)
921 ND_PRINT(", ");
922 ND_PRINT("%s, codeset %u", is_ansi ? "ANSI" : "CCITT", codeset);
923
924 if (call_ref_length != 0) {
925 ND_TCHECK_1(p);
926 if (call_ref_length > 1 || GET_U_1(p) != 0) {
927 /*
928 * Not a dummy call reference.
929 */
930 ND_PRINT(", Call Ref: 0x");
931 for (i = 0; i < call_ref_length; i++)
932 ND_PRINT("%02x", call_ref[i]);
933 }
934 }
935 if (ndo->ndo_vflag) {
936 ND_PRINT(", %s (0x%02x), length %u",
937 tok2str(fr_q933_msg_values,
938 "unknown message", msgtype),
939 msgtype,
940 olen);
941 } else {
942 ND_PRINT(", %s",
943 tok2str(fr_q933_msg_values,
944 "unknown message 0x%02x", msgtype));
945 }
946
947 /* Loop through the rest of the IEs */
948 while (length != 0) {
949 /*
950 * What's the state of any non-locking shifts?
951 */
952 if (non_locking_shift == 1) {
953 /*
954 * There's a non-locking shift in effect for
955 * this IE. Count it, so we reset the codeset
956 * before the next IE.
957 */
958 non_locking_shift = 2;
959 } else if (non_locking_shift == 2) {
960 /*
961 * Unshift.
962 */
963 codeset = unshift_codeset;
964 non_locking_shift = 0;
965 }
966
967 /*
968 * Get the first octet of the IE.
969 */
970 if (!ND_TTEST_1(p)) {
971 if (!ndo->ndo_vflag) {
972 ND_PRINT(", length %u", olen);
973 }
974 goto trunc;
975 }
976 iecode = GET_U_1(p);
977 p++;
978 length--;
979
980 /* Single-octet IE? */
981 if (IE_IS_SINGLE_OCTET(iecode)) {
982 /*
983 * Yes. Is it a shift?
984 */
985 if (IE_IS_SHIFT(iecode)) {
986 /*
987 * Yes. Is it locking?
988 */
989 if (IE_SHIFT_IS_LOCKING(iecode)) {
990 /*
991 * Yes.
992 */
993 non_locking_shift = 0;
994 } else {
995 /*
996 * No. Remember the current
997 * codeset, so we can revert
998 * to it after the next IE.
999 */
1000 non_locking_shift = 1;
1001 unshift_codeset = codeset;
1002 }
1003
1004 /*
1005 * Get the codeset.
1006 */
1007 codeset = IE_SHIFT_CODESET(iecode);
1008 }
1009 } else {
1010 /*
1011 * No. Get the IE length.
1012 */
1013 if (length == 0 || !ND_TTEST_1(p)) {
1014 if (!ndo->ndo_vflag) {
1015 ND_PRINT(", length %u", olen);
1016 }
1017 goto trunc;
1018 }
1019 ielength = GET_U_1(p);
1020 p++;
1021 length--;
1022
1023 /* lets do the full IE parsing only in verbose mode
1024 * however some IEs (DLCI Status, Link Verify)
1025 * are also interesting in non-verbose mode */
1026 if (ndo->ndo_vflag) {
1027 ND_PRINT("\n\t%s IE (0x%02x), length %u: ",
1028 tok2str(fr_q933_ie_codesets[codeset],
1029 "unknown", iecode),
1030 iecode,
1031 ielength);
1032 }
1033
1034 /* sanity checks */
1035 if (iecode == 0 || ielength == 0) {
1036 return;
1037 }
1038 if (length < ielength || !ND_TTEST_LEN(p, ielength)) {
1039 if (!ndo->ndo_vflag) {
1040 ND_PRINT(", length %u", olen);
1041 }
1042 goto trunc;
1043 }
1044
1045 ie_is_known = 0;
1046 if (fr_q933_print_ie_codeset[codeset] != NULL) {
1047 ie_is_known = fr_q933_print_ie_codeset[codeset](ndo, iecode, ielength, p);
1048 }
1049
1050 if (ie_is_known) {
1051 /*
1052 * Known IE; do we want to see a hexdump
1053 * of it?
1054 */
1055 if (ndo->ndo_vflag > 1) {
1056 /* Yes. */
1057 print_unknown_data(ndo, p, "\n\t ", ielength);
1058 }
1059 } else {
1060 /*
1061 * Unknown IE; if we're printing verbosely,
1062 * print its content in hex.
1063 */
1064 if (ndo->ndo_vflag >= 1) {
1065 print_unknown_data(ndo, p, "\n\t", ielength);
1066 }
1067 }
1068
1069 length -= ielength;
1070 p += ielength;
1071 }
1072 }
1073 if (!ndo->ndo_vflag) {
1074 ND_PRINT(", length %u", olen);
1075 }
1076 return;
1077
1078 trunc:
1079 nd_print_trunc(ndo);
1080 }
1081
1082 static int
1083 fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode,
1084 u_int ielength, const u_char *p)
1085 {
1086 u_int dlci;
1087
1088 switch (iecode) {
1089
1090 case FR_LMI_ANSI_REPORT_TYPE_IE: /* fall through */
1091 case FR_LMI_CCITT_REPORT_TYPE_IE:
1092 if (ielength < 1) {
1093 if (!ndo->ndo_vflag) {
1094 ND_PRINT(", ");
1095 }
1096 ND_PRINT("Invalid REPORT TYPE IE");
1097 return 1;
1098 }
1099 if (ndo->ndo_vflag) {
1100 ND_PRINT("%s (%u)",
1101 tok2str(fr_lmi_report_type_ie_values,"unknown",GET_U_1(p)),
1102 GET_U_1(p));
1103 }
1104 return 1;
1105
1106 case FR_LMI_ANSI_LINK_VERIFY_IE: /* fall through */
1107 case FR_LMI_CCITT_LINK_VERIFY_IE:
1108 case FR_LMI_ANSI_LINK_VERIFY_IE_91:
1109 if (!ndo->ndo_vflag) {
1110 ND_PRINT(", ");
1111 }
1112 if (ielength < 2) {
1113 ND_PRINT("Invalid LINK VERIFY IE");
1114 return 1;
1115 }
1116 ND_PRINT("TX Seq: %3d, RX Seq: %3d", GET_U_1(p), GET_U_1(p + 1));
1117 return 1;
1118
1119 case FR_LMI_ANSI_PVC_STATUS_IE: /* fall through */
1120 case FR_LMI_CCITT_PVC_STATUS_IE:
1121 if (!ndo->ndo_vflag) {
1122 ND_PRINT(", ");
1123 }
1124 /* now parse the DLCI information element. */
1125 if ((ielength < 3) ||
1126 (GET_U_1(p) & 0x80) ||
1127 ((ielength == 3) && !(GET_U_1(p + 1) & 0x80)) ||
1128 ((ielength == 4) &&
1129 ((GET_U_1(p + 1) & 0x80) || !(GET_U_1(p + 2) & 0x80))) ||
1130 ((ielength == 5) &&
1131 ((GET_U_1(p + 1) & 0x80) || (GET_U_1(p + 2) & 0x80) ||
1132 !(GET_U_1(p + 3) & 0x80))) ||
1133 (ielength > 5) ||
1134 !(GET_U_1(p + ielength - 1) & 0x80)) {
1135 ND_PRINT("Invalid DLCI in PVC STATUS IE");
1136 return 1;
1137 }
1138
1139 dlci = ((GET_U_1(p) & 0x3F) << 4) | ((GET_U_1(p + 1) & 0x78) >> 3);
1140 if (ielength == 4) {
1141 dlci = (dlci << 6) | ((GET_U_1(p + 2) & 0x7E) >> 1);
1142 }
1143 else if (ielength == 5) {
1144 dlci = (dlci << 13) | (GET_U_1(p + 2) & 0x7F) | ((GET_U_1(p + 3) & 0x7E) >> 1);
1145 }
1146
1147 ND_PRINT("DLCI %u: status %s%s", dlci,
1148 GET_U_1(p + ielength - 1) & 0x8 ? "New, " : "",
1149 GET_U_1(p + ielength - 1) & 0x2 ? "Active" : "Inactive");
1150 return 1;
1151 }
1152
1153 return 0;
1154 }
[mirror] the TCPdump network dissector