]> The Tcpdump Group git mirrors - tcpdump/blob - print-icmp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix a typo
[tcpdump] / print-icmp.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Internet Control Message Protocol (ICMP) printer */
23
24 #include <config.h>
25
26 #include "netdissect-stdinc.h"
27
28 #include <stdio.h>
29 #include <string.h>
30
31 #define ND_LONGJMP_FROM_TCHECK
32 #include "netdissect.h"
33 #include "addrtoname.h"
34 #include "extract.h"
35
36 #include "ip.h"
37 #include "udp.h"
38 #include "ipproto.h"
39 #include "mpls.h"
40
41 /*
42 * Interface Control Message Protocol Definitions.
43 * Per RFC 792, September 1981.
44 */
45
46 /*
47 * Structure of an icmp header.
48 */
49 struct icmp {
50 nd_uint8_t icmp_type; /* type of message, see below */
51 nd_uint8_t icmp_code; /* type sub code */
52 nd_uint16_t icmp_cksum; /* ones complement cksum of struct */
53 union {
54 nd_uint8_t ih_pptr; /* ICMP_PARAMPROB */
55 nd_ipv4 ih_gwaddr; /* ICMP_REDIRECT */
56 struct ih_idseq {
57 nd_uint16_t icd_id;
58 nd_uint16_t icd_seq;
59 } ih_idseq;
60 struct ih_idseqx { /* RFC8335 */
61 nd_uint16_t icdx_id;
62 nd_uint8_t icdx_seq;
63 nd_uint8_t icdx_info;
64 } ih_idseqx;
65 nd_uint32_t ih_void;
66 } icmp_hun;
67 #define icmp_pptr icmp_hun.ih_pptr
68 #define icmp_gwaddr icmp_hun.ih_gwaddr
69 #define icmp_id icmp_hun.ih_idseq.icd_id
70 #define icmp_seq icmp_hun.ih_idseq.icd_seq
71 #define icmp_xseq icmp_hun.ih_idseqx.icdx_seq
72 #define icmp_xinfo icmp_hun.ih_idseqx.icdx_info
73 #define icmp_void icmp_hun.ih_void
74 union {
75 struct id_ts {
76 nd_uint32_t its_otime;
77 nd_uint32_t its_rtime;
78 nd_uint32_t its_ttime;
79 } id_ts;
80 struct id_ip {
81 struct ip idi_ip;
82 /* options and then 64 bits of data */
83 } id_ip;
84 nd_uint32_t id_mask;
85 nd_byte id_data[1];
86 } icmp_dun;
87 #define icmp_otime icmp_dun.id_ts.its_otime
88 #define icmp_rtime icmp_dun.id_ts.its_rtime
89 #define icmp_ttime icmp_dun.id_ts.its_ttime
90 #define icmp_ip icmp_dun.id_ip.idi_ip
91 #define icmp_mask icmp_dun.id_mask
92 #define icmp_data icmp_dun.id_data
93 };
94
95 /*
96 * Lower bounds on packet lengths for various types.
97 * For the error advice packets must first insure that the
98 * packet is large enough to contain the returned ip header.
99 * Only then can we do the check to see if 64 bits of packet
100 * data have been returned, since we need to check the returned
101 * ip header length.
102 */
103 #define ICMP_MINLEN 8 /* abs minimum */
104 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip)) /* draft-bonica-internet-icmp-08 */
105 #define ICMP_TSLEN (8 + 3 * sizeof (uint32_t)) /* timestamp */
106 #define ICMP_MASKLEN 12 /* address mask */
107 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */
108 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8)
109 /* N.B.: must separately check that ip_hl >= 5 */
110
111 /*
112 * Definition of type and code field values.
113 */
114 #define ICMP_ECHOREPLY 0 /* echo reply */
115 #define ICMP_UNREACH 3 /* dest unreachable, codes: */
116 #define ICMP_UNREACH_NET 0 /* bad net */
117 #define ICMP_UNREACH_HOST 1 /* bad host */
118 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */
119 #define ICMP_UNREACH_PORT 3 /* bad port */
120 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */
121 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */
122 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */
123 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */
124 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */
125 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */
126 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */
127 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */
128 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */
129 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */
130 #define ICMP_REDIRECT 5 /* shorter route, codes: */
131 #define ICMP_REDIRECT_NET 0 /* for network */
132 #define ICMP_REDIRECT_HOST 1 /* for host */
133 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */
134 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */
135 #define ICMP_ECHO 8 /* echo service */
136 #define ICMP_ROUTERADVERT 9 /* router advertisement */
137 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */
138 #define ICMP_TIMXCEED 11 /* time exceeded, code: */
139 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */
140 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */
141 #define ICMP_PARAMPROB 12 /* ip header bad */
142 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */
143 #define ICMP_TSTAMP 13 /* timestamp request */
144 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */
145 #define ICMP_IREQ 15 /* information request */
146 #define ICMP_IREQREPLY 16 /* information reply */
147 #define ICMP_MASKREQ 17 /* address mask request */
148 #define ICMP_MASKREPLY 18 /* address mask reply */
149
150 #define ICMP_EXTENDED_ECHO_REQUEST 42 /* extended echo request */
151 #define ICMP_EXTENDED_ECHO_REPLY 43 /* extended echo reply */
152 #define ICMP_ECHO_X_MALFORMED_QUERY 1 /* malformed query */
153 #define ICMP_ECHO_X_NO_SUCH_INTERFACE 2 /* no such interface */
154 #define ICMP_ECHO_X_NO_SUCH_TABLE_ENTRY 3 /* no such table entry */
155 #define ICMP_ECHO_X_MULTIPLE_INTERFACES 4 /* multiple interfaces satisfy query */
156
157 #define ICMP_ERRTYPE(type) \
158 ((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \
159 (type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \
160 (type) == ICMP_PARAMPROB)
161 #define ICMP_MULTIPART_EXT_TYPE(type) \
162 ((type) == ICMP_UNREACH || \
163 (type) == ICMP_TIMXCEED || \
164 (type) == ICMP_PARAMPROB)
165 #define ICMP_EXTENDED_ECHO_TYPE(type) \
166 ((type) == ICMP_EXTENDED_ECHO_REQUEST || \
167 (type) == ICMP_EXTENDED_ECHO_REPLY)
168 /* rfc1700 */
169 #ifndef ICMP_UNREACH_NET_UNKNOWN
170 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */
171 #endif
172 #ifndef ICMP_UNREACH_HOST_UNKNOWN
173 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */
174 #endif
175 #ifndef ICMP_UNREACH_ISOLATED
176 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */
177 #endif
178 #ifndef ICMP_UNREACH_NET_PROHIB
179 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */
180 #endif
181 #ifndef ICMP_UNREACH_HOST_PROHIB
182 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */
183 #endif
184 #ifndef ICMP_UNREACH_TOSNET
185 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */
186 #endif
187 #ifndef ICMP_UNREACH_TOSHOST
188 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */
189 #endif
190
191 /* rfc1716 */
192 #ifndef ICMP_UNREACH_FILTER_PROHIB
193 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */
194 #endif
195 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
196 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */
197 #endif
198 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
199 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
200 #endif
201
202 /* Most of the icmp types */
203 static const struct tok icmp2str[] = {
204 { ICMP_ECHOREPLY, "echo reply" },
205 { ICMP_SOURCEQUENCH, "source quench" },
206 { ICMP_ECHO, "echo request" },
207 { ICMP_ROUTERSOLICIT, "router solicitation" },
208 { ICMP_TSTAMP, "time stamp request" },
209 { ICMP_TSTAMPREPLY, "time stamp reply" },
210 { ICMP_IREQ, "information request" },
211 { ICMP_IREQREPLY, "information reply" },
212 { ICMP_MASKREQ, "address mask request" },
213 { ICMP_EXTENDED_ECHO_REQUEST, "extended echo request" },
214 { ICMP_EXTENDED_ECHO_REPLY, "extended echo reply" },
215 { 0, NULL }
216 };
217
218 static const struct tok icmp_extended_echo_reply_code_str[] = {
219 { 0, "No error" },
220 { ICMP_ECHO_X_MALFORMED_QUERY, "Malformed Query" },
221 { ICMP_ECHO_X_NO_SUCH_INTERFACE, "No Such Interface" },
222 { ICMP_ECHO_X_NO_SUCH_TABLE_ENTRY, "No Such Table Entry" },
223 { ICMP_ECHO_X_MULTIPLE_INTERFACES, "Multiple Interfaces Satisfy Query" },
224 { 0, NULL }
225 };
226
227 static const struct tok icmp_extended_echo_reply_state_str[] = {
228 { 0, "Reserved" },
229 { 1, "Incomplete" },
230 { 2, "Reachable" },
231 { 3, "Stale" },
232 { 4, "Delay" },
233 { 5, "Probe" },
234 { 6, "Failed" },
235 { 0, NULL }
236 };
237
238 /* rfc1191 */
239 struct mtu_discovery {
240 nd_uint16_t unused;
241 nd_uint16_t nexthopmtu;
242 };
243
244 /* rfc1256 */
245 struct ih_rdiscovery {
246 nd_uint8_t ird_addrnum;
247 nd_uint8_t ird_addrsiz;
248 nd_uint16_t ird_lifetime;
249 };
250
251 struct id_rdiscovery {
252 nd_uint32_t ird_addr;
253 nd_uint32_t ird_pref;
254 };
255
256 /*
257 * RFC 4884 - Extended ICMP to Support Multi-Part Messages
258 *
259 * This is a general extension mechanism, based on the mechanism
260 * in draft-bonica-icmp-mpls-02 ICMP Extensions for MultiProtocol
261 * Label Switching.
262 *
263 * The Destination Unreachable, Time Exceeded
264 * and Parameter Problem messages are slightly changed as per
265 * the above RFC. A new Length field gets added to give
266 * the caller an idea about the length of the piggybacked
267 * IP packet before the extension header starts.
268 *
269 * The Length field represents length of the padded "original datagram"
270 * field measured in 32-bit words.
271 *
272 * 0 1 2 3
273 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
274 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
275 * | Type | Code | Checksum |
276 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
277 * | unused | Length | unused |
278 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
279 * | Internet Header + leading octets of original datagram |
280 * | |
281 * | // |
282 * | |
283 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
284 */
285
286 struct icmp_ext_t {
287 nd_uint8_t icmp_type;
288 nd_uint8_t icmp_code;
289 nd_uint16_t icmp_checksum;
290 nd_byte icmp_reserved;
291 nd_uint8_t icmp_length;
292 nd_byte icmp_reserved2[2];
293 nd_byte icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */
294 nd_byte icmp_ext_version_res[2];
295 nd_uint16_t icmp_ext_checksum;
296 nd_byte icmp_ext_data[1];
297 };
298
299 /*
300 * Extract version from the first octet of icmp_ext_version_res.
301 */
302 #define ICMP_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
303
304 /*
305 * Current version.
306 */
307 #define ICMP_EXT_VERSION 2
308
309 /*
310 * Extension object class numbers.
311 *
312 * Class 1 dates back to draft-bonica-icmp-mpls-02.
313 *
314 * Class 2 was used for an "Extended Payload Object Class", which
315 * contained bytes of the payload beyond the first 128 bytes, in
316 * draft-bonica-icmp-mpls-02; it was reassigned to an "Interface
317 * Information Object" in RFC 5837.
318 *
319 * Class 3 is defined by RFC8335.
320 */
321
322 /* rfc4950 */
323 #define MPLS_STACK_ENTRY_OBJECT_CLASS 1
324 /* rfc5837 */
325 #define INTERFACE_INFORMATION_OBJECT_CLASS 2
326 /* rfc8335 */
327 #define INTERFACE_IDENTIFICATION_OBJECT_CLASS 3
328
329 struct icmp_multipart_ext_object_header_t {
330 nd_uint16_t length;
331 nd_uint8_t class_num;
332 nd_uint8_t ctype;
333 };
334
335 static const struct tok icmp_multipart_ext_obj_values[] = {
336 { MPLS_STACK_ENTRY_OBJECT_CLASS, "MPLS Stack Entry Object" },
337 { INTERFACE_INFORMATION_OBJECT_CLASS, "Interface Information Object" },
338 { INTERFACE_IDENTIFICATION_OBJECT_CLASS, "Interface Identification Object" },
339 { 0, NULL}
340 };
341
342 /* rfc5837 */
343 static const struct tok icmp_interface_information_role_values[] = {
344 { 0, "Incoming IP Interface"},
345 { 1, "Sub-IP Component of Incoming IP Interface"},
346 { 2, "Outgoing IP Interface"},
347 { 3, "IP Next hop"},
348 { 0, NULL }
349 };
350
351 /*
352 Interface IP Address Sub-Object
353 0 31
354 +-------+-------+-------+-------+
355 | AFI | Reserved |
356 +-------+-------+-------+-------+
357 | IP Address ....
358 */
359 struct icmp_interface_information_ipaddr_subobject_t {
360 nd_uint16_t afi;
361 nd_uint16_t reserved;
362 nd_byte ip_addr[1];
363 };
364
365 /*
366 Interface Name Sub-Object
367 octet 0 1 63
368 +--------+-----------................-----------------+
369 | length | interface name octets 1-63 |
370 +--------+-----------................-----------------+
371 */
372 struct icmp_interface_information_ifname_subobject_t {
373 nd_uint8_t length;
374 nd_byte if_name[63];
375 };
376
377 /*
378 * Interface Identification IP Address Sub-Object
379 * 0 1 2 3
380 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
381 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
382 * | AFI | Address Length| Reserved |
383 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
384 * | Address ....
385 */
386 struct icmp_interface_identification_ipaddr_subobject_t {
387 nd_uint16_t afi;
388 nd_uint8_t addrlen;
389 nd_uint8_t reserved;
390 nd_byte ip_addr[1];
391 };
392
393 /* prototypes */
394 const char *icmp_tstamp_print(u_int);
395
396 /* print the milliseconds since midnight UTC */
397 const char *
398 icmp_tstamp_print(u_int tstamp)
399 {
400 u_int msec,sec,min,hrs;
401
402 static char buf[64];
403
404 msec = tstamp % 1000;
405 sec = tstamp / 1000;
406 min = sec / 60; sec -= min * 60;
407 hrs = min / 60; min -= hrs * 60;
408 snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
409 return buf;
410 }
411
412 static int
413 print_icmp_multipart_ext_object(netdissect_options *ndo, const uint8_t *obj_tptr)
414 {
415 u_int obj_tlen, obj_class_num, obj_ctype;
416 const struct icmp_multipart_ext_object_header_t *icmp_multipart_ext_object_header;
417
418 icmp_multipart_ext_object_header = (const struct icmp_multipart_ext_object_header_t *)obj_tptr;
419 obj_tlen = GET_BE_U_2(icmp_multipart_ext_object_header->length);
420 obj_class_num = GET_U_1(icmp_multipart_ext_object_header->class_num);
421 obj_ctype = GET_U_1(icmp_multipart_ext_object_header->ctype);
422 obj_tptr += sizeof(struct icmp_multipart_ext_object_header_t);
423
424 ND_PRINT("\n\t %s (%u), Class-Type: %u, length %u",
425 tok2str(icmp_multipart_ext_obj_values,"unknown",obj_class_num),
426 obj_class_num,
427 obj_ctype,
428 obj_tlen);
429
430 /* infinite loop protection */
431 if ((obj_class_num == 0) ||
432 (obj_tlen < sizeof(struct icmp_multipart_ext_object_header_t))) {
433 return -1;
434 }
435 obj_tlen -= sizeof(struct icmp_multipart_ext_object_header_t);
436
437 switch (obj_class_num) {
438 case MPLS_STACK_ENTRY_OBJECT_CLASS:
439 switch(obj_ctype) {
440 case 1:
441 {
442 uint32_t raw_label;
443
444 raw_label = GET_BE_U_4(obj_tptr);
445 ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
446 if (MPLS_STACK(raw_label))
447 ND_PRINT(", [S]");
448 ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
449 break;
450 }
451 default:
452 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
453 }
454 break;
455
456 case INTERFACE_INFORMATION_OBJECT_CLASS:
457 {
458 /*
459 Ctype in a INTERFACE_INFORMATION_OBJECT_CLASS object:
460
461 Bit 0 1 2 3 4 5 6 7
462 +-------+-------+-------+-------+-------+-------+-------+-------+
463 | Interface Role| Rsvd1 | Rsvd2 |ifIndex| IPAddr| name | MTU |
464 +-------+-------+-------+-------+-------+-------+-------+-------+
465 */
466 const uint8_t *offset;
467 u_int interface_role, if_index_flag, ipaddr_flag, name_flag, mtu_flag;
468
469 interface_role = (obj_ctype & 0xc0) >> 6;
470 if_index_flag = (obj_ctype & 0x8) >> 3;
471 ipaddr_flag = (obj_ctype & 0x4) >> 2;
472 name_flag = (obj_ctype & 0x2) >> 1;
473 mtu_flag = (obj_ctype & 0x1);
474
475 ND_PRINT("\n\t Interface Role: %s",
476 tok2str(icmp_interface_information_role_values,
477 "an unknown interface role",interface_role));
478
479 offset = obj_tptr;
480
481 if (if_index_flag) {
482 ND_PRINT("\n\t Interface Index: %u", GET_BE_U_4(offset));
483 offset += 4;
484 }
485 if (ipaddr_flag) {
486 const struct icmp_interface_information_ipaddr_subobject_t *ipaddr_subobj;
487
488 ND_PRINT("\n\t IP Address sub-object: ");
489 ipaddr_subobj = (const struct icmp_interface_information_ipaddr_subobject_t *) offset;
490 switch (GET_BE_U_2(ipaddr_subobj->afi)) {
491 case 1:
492 ND_PRINT("%s", GET_IPADDR_STRING(ipaddr_subobj->ip_addr));
493 offset += 4;
494 break;
495 case 2:
496 ND_PRINT("%s", GET_IP6ADDR_STRING(ipaddr_subobj->ip_addr));
497 offset += 16;
498 break;
499 default:
500 ND_PRINT("Unknown Address Family Identifier");
501 return -1;
502 }
503 offset += 4;
504 }
505 if (name_flag) {
506 uint8_t inft_name_length_field;
507 const struct icmp_interface_information_ifname_subobject_t *ifname_subobj;
508
509 ifname_subobj = (const struct icmp_interface_information_ifname_subobject_t *) offset;
510 inft_name_length_field = GET_U_1(ifname_subobj->length);
511 ND_PRINT("\n\t Interface Name");
512 if (inft_name_length_field == 0) {
513 ND_PRINT(" [length %u]", inft_name_length_field);
514 nd_print_invalid(ndo);
515 break;
516 }
517 if (inft_name_length_field % 4 != 0) {
518 ND_PRINT(" [length %u != N x 4]", inft_name_length_field);
519 nd_print_invalid(ndo);
520 offset += inft_name_length_field;
521 break;
522 }
523 if (inft_name_length_field > 64) {
524 ND_PRINT(" [length %u > 64]", inft_name_length_field);
525 nd_print_invalid(ndo);
526 offset += inft_name_length_field;
527 break;
528 }
529 ND_PRINT(", length %u: ", inft_name_length_field);
530 nd_printjnp(ndo, ifname_subobj->if_name,
531 inft_name_length_field - 1);
532 offset += inft_name_length_field;
533 }
534 if (mtu_flag) {
535 ND_PRINT("\n\t MTU: %u", GET_BE_U_4(offset));
536 offset += 4;
537 }
538 break;
539 }
540
541 case INTERFACE_IDENTIFICATION_OBJECT_CLASS:
542 switch (obj_ctype) {
543 case 1:
544 ND_PRINT("\n\t Interface Name, length %d: ", obj_tlen);
545 nd_printjnp(ndo, obj_tptr, obj_tlen);
546 break;
547 case 2:
548 ND_PRINT("\n\t Interface Index: %u", GET_BE_U_4(obj_tptr));
549 break;
550 case 3:
551 {
552 const struct icmp_interface_identification_ipaddr_subobject_t *id_ipaddr_subobj;
553 ND_PRINT("\n\t IP Address sub-object: ");
554 id_ipaddr_subobj = (const struct icmp_interface_identification_ipaddr_subobject_t *) obj_tptr;
555 switch (GET_BE_U_2(id_ipaddr_subobj->afi)) {
556 case 1:
557 if (GET_U_1(id_ipaddr_subobj->addrlen) != 4) {
558 ND_PRINT("[length %d != 4] ", GET_U_1(id_ipaddr_subobj->addrlen));
559 }
560 ND_PRINT("%s", GET_IPADDR_STRING(id_ipaddr_subobj->ip_addr));
561 break;
562 case 2:
563 if (GET_U_1(id_ipaddr_subobj->addrlen) != 16) {
564 ND_PRINT("[length %d != 16] ", GET_U_1(id_ipaddr_subobj->addrlen));
565 }
566 ND_PRINT("%s", GET_IP6ADDR_STRING(id_ipaddr_subobj->ip_addr));
567 break;
568 default:
569 ND_PRINT("Unknown Address Family Identifier");
570 return -1;
571 }
572 break;
573 }
574 default:
575 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
576 break;
577 }
578 break;
579
580 default:
581 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
582 break;
583 }
584 return obj_tlen + sizeof(struct icmp_multipart_ext_object_header_t);
585 }
586
587 void
588 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen,
589 int fragmented)
590 {
591 const struct icmp *dp;
592 uint8_t icmp_type, icmp_code;
593 const struct icmp_ext_t *ext_dp;
594 const char *str;
595 const uint8_t *obj_tptr;
596 u_int hlen;
597 char buf[512];
598 struct cksum_vec vec[1];
599
600 ndo->ndo_protocol = "icmp";
601 dp = (const struct icmp *)bp;
602 ext_dp = (const struct icmp_ext_t *)bp;
603 str = buf;
604
605 icmp_type = GET_U_1(dp->icmp_type);
606 icmp_code = GET_U_1(dp->icmp_code);
607 switch (icmp_type) {
608
609 case ICMP_ECHO:
610 case ICMP_ECHOREPLY:
611 (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
612 icmp_type == ICMP_ECHO ?
613 "request" : "reply",
614 GET_BE_U_2(dp->icmp_id),
615 GET_BE_U_2(dp->icmp_seq));
616 break;
617
618 case ICMP_UNREACH:
619 switch (icmp_code) {
620
621 case ICMP_UNREACH_NET:
622 (void)snprintf(buf, sizeof(buf),
623 "net %s unreachable",
624 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
625 break;
626
627 case ICMP_UNREACH_HOST:
628 (void)snprintf(buf, sizeof(buf),
629 "host %s unreachable",
630 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
631 break;
632
633 case ICMP_UNREACH_PROTOCOL:
634 (void)snprintf(buf, sizeof(buf),
635 "%s protocol %u unreachable",
636 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
637 GET_U_1(dp->icmp_ip.ip_p));
638 break;
639
640 case ICMP_UNREACH_PORT:
641 {
642 const struct ip *oip;
643 const struct udphdr *ouh;
644 uint8_t ip_proto;
645 uint16_t dport;
646
647 oip = &dp->icmp_ip;
648 hlen = IP_HL(oip) * 4;
649 ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
650 dport = GET_BE_U_2(ouh->uh_dport);
651 ip_proto = GET_U_1(oip->ip_p);
652 switch (ip_proto) {
653
654 case IPPROTO_TCP:
655 (void)snprintf(buf, sizeof(buf),
656 "%s tcp port %s unreachable",
657 GET_IPADDR_STRING(oip->ip_dst),
658 tcpport_string(ndo, dport));
659 break;
660
661 case IPPROTO_UDP:
662 (void)snprintf(buf, sizeof(buf),
663 "%s udp port %s unreachable",
664 GET_IPADDR_STRING(oip->ip_dst),
665 udpport_string(ndo, dport));
666 break;
667
668 default:
669 (void)snprintf(buf, sizeof(buf),
670 "%s protocol %u port %u unreachable",
671 GET_IPADDR_STRING(oip->ip_dst),
672 ip_proto, dport);
673 break;
674 }
675 break;
676 }
677
678 case ICMP_UNREACH_NEEDFRAG:
679 {
680 const struct mtu_discovery *mp;
681 u_int mtu;
682
683 mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
684 mtu = GET_BE_U_2(mp->nexthopmtu);
685 if (mtu) {
686 (void)snprintf(buf, sizeof(buf),
687 "%s unreachable - need to frag (mtu %u)",
688 GET_IPADDR_STRING(dp->icmp_ip.ip_dst), mtu);
689 } else {
690 (void)snprintf(buf, sizeof(buf),
691 "%s unreachable - need to frag",
692 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
693 }
694 }
695 break;
696
697 case ICMP_UNREACH_SRCFAIL:
698 (void)snprintf(buf, sizeof(buf),
699 "%s unreachable - source route failed",
700 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
701 break;
702
703 case ICMP_UNREACH_NET_UNKNOWN:
704 (void)snprintf(buf, sizeof(buf),
705 "net %s unreachable - unknown",
706 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
707 break;
708
709 case ICMP_UNREACH_HOST_UNKNOWN:
710 (void)snprintf(buf, sizeof(buf),
711 "host %s unreachable - unknown",
712 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
713 break;
714
715 case ICMP_UNREACH_ISOLATED:
716 (void)snprintf(buf, sizeof(buf),
717 "%s unreachable - source host isolated",
718 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
719 break;
720
721 case ICMP_UNREACH_NET_PROHIB:
722 (void)snprintf(buf, sizeof(buf),
723 "net %s unreachable - admin prohibited",
724 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
725 break;
726
727 case ICMP_UNREACH_HOST_PROHIB:
728 (void)snprintf(buf, sizeof(buf),
729 "host %s unreachable - admin prohibited",
730 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
731 break;
732
733 case ICMP_UNREACH_TOSNET:
734 (void)snprintf(buf, sizeof(buf),
735 "net %s unreachable - tos prohibited",
736 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
737 break;
738
739 case ICMP_UNREACH_TOSHOST:
740 (void)snprintf(buf, sizeof(buf),
741 "host %s unreachable - tos prohibited",
742 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
743 break;
744
745 case ICMP_UNREACH_FILTER_PROHIB:
746 (void)snprintf(buf, sizeof(buf),
747 "host %s unreachable - admin prohibited filter",
748 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
749 break;
750
751 case ICMP_UNREACH_HOST_PRECEDENCE:
752 (void)snprintf(buf, sizeof(buf),
753 "host %s unreachable - host precedence violation",
754 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
755 break;
756
757 case ICMP_UNREACH_PRECEDENCE_CUTOFF:
758 (void)snprintf(buf, sizeof(buf),
759 "host %s unreachable - precedence cutoff",
760 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
761 break;
762
763 default:
764 (void)snprintf(buf, sizeof(buf),
765 "%s unreachable - #%u",
766 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
767 icmp_code);
768 break;
769 }
770 break;
771
772 case ICMP_REDIRECT:
773 switch (icmp_code) {
774
775 case ICMP_REDIRECT_NET:
776 (void)snprintf(buf, sizeof(buf),
777 "redirect %s to net %s",
778 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
779 GET_IPADDR_STRING(dp->icmp_gwaddr));
780 break;
781
782 case ICMP_REDIRECT_HOST:
783 (void)snprintf(buf, sizeof(buf),
784 "redirect %s to host %s",
785 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
786 GET_IPADDR_STRING(dp->icmp_gwaddr));
787 break;
788
789 case ICMP_REDIRECT_TOSNET:
790 (void)snprintf(buf, sizeof(buf),
791 "redirect-tos %s to net %s",
792 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
793 GET_IPADDR_STRING(dp->icmp_gwaddr));
794 break;
795
796 case ICMP_REDIRECT_TOSHOST:
797 (void)snprintf(buf, sizeof(buf),
798 "redirect-tos %s to host %s",
799 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
800 GET_IPADDR_STRING(dp->icmp_gwaddr));
801 break;
802
803 default:
804 (void)snprintf(buf, sizeof(buf),
805 "redirect-#%u %s to %s", icmp_code,
806 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
807 GET_IPADDR_STRING(dp->icmp_gwaddr));
808 break;
809 }
810 break;
811
812 case ICMP_ROUTERADVERT:
813 {
814 char *cp;
815 const struct ih_rdiscovery *ihp;
816 const struct id_rdiscovery *idp;
817 u_int lifetime, num, size;
818
819 (void)snprintf(buf, sizeof(buf), "router advertisement");
820 cp = buf + strlen(buf);
821
822 ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
823 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
824 cp = buf + strlen(buf);
825 lifetime = GET_BE_U_2(ihp->ird_lifetime);
826 if (lifetime < 60) {
827 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
828 lifetime);
829 } else if (lifetime < 60 * 60) {
830 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
831 lifetime / 60, lifetime % 60);
832 } else {
833 (void)snprintf(cp, sizeof(buf) - (cp - buf),
834 "%u:%02u:%02u",
835 lifetime / 3600,
836 (lifetime % 3600) / 60,
837 lifetime % 60);
838 }
839 cp = buf + strlen(buf);
840
841 num = GET_U_1(ihp->ird_addrnum);
842 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %u:", num);
843 cp = buf + strlen(buf);
844
845 size = GET_U_1(ihp->ird_addrsiz);
846 if (size != 2) {
847 (void)snprintf(cp, sizeof(buf) - (cp - buf),
848 " [size %u]", size);
849 break;
850 }
851 idp = (const struct id_rdiscovery *)&dp->icmp_data;
852 while (num != 0) {
853 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
854 GET_IPADDR_STRING(idp->ird_addr),
855 GET_BE_U_4(idp->ird_pref));
856 cp = buf + strlen(buf);
857 ++idp;
858 num--;
859 }
860 }
861 break;
862
863 case ICMP_TIMXCEED:
864 ND_TCHECK_4(dp->icmp_ip.ip_dst);
865 switch (icmp_code) {
866
867 case ICMP_TIMXCEED_INTRANS:
868 str = "time exceeded in-transit";
869 break;
870
871 case ICMP_TIMXCEED_REASS:
872 str = "ip reassembly time exceeded";
873 break;
874
875 default:
876 (void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
877 icmp_code);
878 break;
879 }
880 break;
881
882 case ICMP_PARAMPROB:
883 if (icmp_code)
884 (void)snprintf(buf, sizeof(buf),
885 "parameter problem - code %u", icmp_code);
886 else {
887 (void)snprintf(buf, sizeof(buf),
888 "parameter problem - octet %u",
889 GET_U_1(dp->icmp_pptr));
890 }
891 break;
892
893 case ICMP_MASKREPLY:
894 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
895 GET_BE_U_4(dp->icmp_mask));
896 break;
897
898 case ICMP_TSTAMP:
899 (void)snprintf(buf, sizeof(buf),
900 "time stamp query id %u seq %u",
901 GET_BE_U_2(dp->icmp_id),
902 GET_BE_U_2(dp->icmp_seq));
903 break;
904
905 case ICMP_TSTAMPREPLY:
906 (void)snprintf(buf, sizeof(buf),
907 "time stamp reply id %u seq %u: org %s",
908 GET_BE_U_2(dp->icmp_id),
909 GET_BE_U_2(dp->icmp_seq),
910 icmp_tstamp_print(GET_BE_U_4(dp->icmp_otime)));
911
912 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
913 icmp_tstamp_print(GET_BE_U_4(dp->icmp_rtime)));
914 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
915 icmp_tstamp_print(GET_BE_U_4(dp->icmp_ttime)));
916 break;
917
918 case ICMP_EXTENDED_ECHO_REQUEST:
919 case ICMP_EXTENDED_ECHO_REPLY:
920 /* brief info here due to limited buf; more info below */
921 (void)snprintf(buf, sizeof(buf), "extended echo %s, id %u, seq %u",
922 icmp_type == ICMP_EXTENDED_ECHO_REQUEST ?
923 "request" : "reply",
924 GET_BE_U_2(dp->icmp_id),
925 GET_U_1(dp->icmp_xseq));
926 break;
927
928 default:
929 str = tok2str(icmp2str, "type-#%u", icmp_type);
930 break;
931 }
932 ND_PRINT("ICMP %s, length %u", str, plen);
933 if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
934 if (ND_TTEST_LEN(bp, plen)) {
935 uint16_t sum;
936
937 vec[0].ptr = (const uint8_t *)(const void *)dp;
938 vec[0].len = plen;
939 sum = in_cksum(vec, 1);
940 if (sum != 0) {
941 uint16_t icmp_sum = GET_BE_U_2(dp->icmp_cksum);
942 ND_PRINT(" (wrong icmp cksum %x (->%x)!)",
943 icmp_sum,
944 in_cksum_shouldbe(icmp_sum, sum));
945 }
946 }
947 }
948
949 /*
950 * print the remnants of the IP packet.
951 * save the snaplength as this may get overridden in the IP printer.
952 */
953 if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
954 const struct ip *ip;
955 const u_char *snapend_save;
956
957 bp += 8;
958 ND_PRINT("\n\t");
959 ip = (const struct ip *)bp;
960 snapend_save = ndo->ndo_snapend;
961 /*
962 * Update the snapend because extensions (MPLS, ...) may be
963 * present after the IP packet. In this case the current
964 * (outer) packet's snapend is not what ip_print() needs to
965 * decode an IP packet nested in the middle of an ICMP payload.
966 *
967 * This prevents that, in ip_print(), for the nested IP packet,
968 * the remaining length < remaining caplen.
969 */
970 ndo->ndo_snapend = ND_MIN(bp + GET_BE_U_2(ip->ip_len),
971 ndo->ndo_snapend);
972 ip_print(ndo, bp, GET_BE_U_2(ip->ip_len));
973 ndo->ndo_snapend = snapend_save;
974 }
975
976 /* ndo_protocol reassignment after ip_print() call */
977 ndo->ndo_protocol = "icmp";
978
979 /*
980 * Attempt to decode multi-part message extensions (rfc4884) only for some ICMP types.
981 */
982 if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MULTIPART_EXT_TYPE(icmp_type)) {
983 ND_TCHECK_SIZE(ext_dp);
984
985 /*
986 * Check first if the multi-part extension header shows a non-zero length.
987 * If the length field is not set then silently verify the checksum
988 * to check if an extension header is present. This is expedient,
989 * however not all implementations set the length field proper.
990 */
991 if (GET_U_1(ext_dp->icmp_length) == 0 &&
992 ND_TTEST_LEN(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) {
993 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
994 vec[0].len = plen - ICMP_EXTD_MINLEN;
995 if (in_cksum(vec, 1)) {
996 return;
997 }
998 }
999
1000 ND_PRINT("\n\tICMP Multi-Part extension v%u",
1001 ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)));
1002
1003 /*
1004 * Sanity checking of the header.
1005 */
1006 if (ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
1007 ICMP_EXT_VERSION) {
1008 ND_PRINT(" packet not supported");
1009 return;
1010 }
1011
1012 hlen = plen - ICMP_EXTD_MINLEN;
1013 if (ND_TTEST_LEN(ext_dp->icmp_ext_version_res, hlen)) {
1014 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
1015 vec[0].len = hlen;
1016 ND_PRINT(", checksum 0x%04x (%scorrect), length %u",
1017 GET_BE_U_2(ext_dp->icmp_ext_checksum),
1018 in_cksum(vec, 1) ? "in" : "",
1019 hlen);
1020 }
1021
1022 hlen -= 4; /* subtract common header size */
1023 obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
1024
1025 while (hlen > sizeof(struct icmp_multipart_ext_object_header_t)) {
1026 int obj_tlen = print_icmp_multipart_ext_object(ndo, obj_tptr);
1027 if (obj_tlen < 0) {
1028 /* malformed object */
1029 return;
1030 }
1031 if (hlen < (u_int)obj_tlen)
1032 break;
1033 hlen -= obj_tlen;
1034 obj_tptr += obj_tlen;
1035 }
1036 }
1037
1038 if (ndo->ndo_vflag >= 1 && ICMP_EXTENDED_ECHO_TYPE(icmp_type)) {
1039 int xinfo = GET_U_1(dp->icmp_xinfo);
1040 switch (icmp_type) {
1041 case ICMP_EXTENDED_ECHO_REQUEST:
1042 ND_PRINT("\n\t%s Interface", xinfo & 1 ? "Local" : "Remote");
1043 if (ICMP_EXT_EXTRACT_VERSION(GET_U_1(dp->icmp_data)) != ICMP_EXT_VERSION) {
1044 nd_print_invalid(ndo);
1045 } else {
1046 // A single extended object. The extended header is not
1047 // located at offset 128 in this case, so we can not use
1048 // icmp_ext_checksum.
1049 uint16_t sum = GET_BE_U_2(dp->icmp_data + 2);
1050 uint16_t len = GET_BE_U_2(dp->icmp_data + 4);
1051 // The checksum is over the extended header and the single
1052 // object
1053 len += 4;
1054 vec[0].ptr = dp->icmp_data;
1055 vec[0].len = len;
1056 if (ND_TTEST_LEN(vec[0].ptr, vec[0].len)) {
1057 ND_PRINT(", checksum 0x%04x (%scorrect), length %u",
1058 sum,
1059 in_cksum(vec, 1) ? "in" : "",
1060 len);
1061 }
1062 print_icmp_multipart_ext_object(ndo, dp->icmp_data + 4);
1063 }
1064 break;
1065 case ICMP_EXTENDED_ECHO_REPLY:
1066 {
1067 int state = ( xinfo & 0xe0 ) >> 5;
1068 ND_PRINT("\n\tCode %d (%s), State %d (%s), active %d ipv4 %d ipv6 %d",
1069 icmp_code, tok2str(icmp_extended_echo_reply_code_str, "Unknown", icmp_code),
1070 state, tok2str(icmp_extended_echo_reply_state_str, "Unknown", state),
1071 xinfo & 4 ? 1 : 0,
1072 xinfo & 2 ? 1 : 0,
1073 xinfo & 1 ? 1 : 0);
1074 }
1075 break;
1076 }
1077 }
1078
1079 return;
1080 }
[mirror] the TCPdump network dissector