]> The Tcpdump Group git mirrors - tcpdump/blob - print-fr.c
projects / tcpdump / blob


bdabc999d2e6820781be17edd6bc14bbfd36e737
[tcpdump] / print-fr.c
1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Frame Relay printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "ethertype.h"
36 #include "llc.h"
37 #include "nlpid.h"
38 #include "extract.h"
39
40 static void frf15_print(netdissect_options *ndo, const u_char *, u_int);
41
42 /*
43 * the frame relay header has a variable length
44 *
45 * the EA bit determines if there is another byte
46 * in the header
47 *
48 * minimum header length is 2 bytes
49 * maximum header length is 4 bytes
50 *
51 * 7 6 5 4 3 2 1 0
52 * +----+----+----+----+----+----+----+----+
53 * | DLCI (6 bits) | CR | EA |
54 * +----+----+----+----+----+----+----+----+
55 * | DLCI (4 bits) |FECN|BECN| DE | EA |
56 * +----+----+----+----+----+----+----+----+
57 * | DLCI (7 bits) | EA |
58 * +----+----+----+----+----+----+----+----+
59 * | DLCI (6 bits) |SDLC| EA |
60 * +----+----+----+----+----+----+----+----+
61 */
62
63 #define FR_EA_BIT 0x01
64
65 #define FR_CR_BIT 0x02000000
66 #define FR_DE_BIT 0x00020000
67 #define FR_BECN_BIT 0x00040000
68 #define FR_FECN_BIT 0x00080000
69 #define FR_SDLC_BIT 0x00000002
70
71
72 static const struct tok fr_header_flag_values[] = {
73 { FR_CR_BIT, "C!" },
74 { FR_DE_BIT, "DE" },
75 { FR_BECN_BIT, "BECN" },
76 { FR_FECN_BIT, "FECN" },
77 { FR_SDLC_BIT, "sdlcore" },
78 { 0, NULL }
79 };
80
81 /* FRF.15 / FRF.16 */
82 #define MFR_B_BIT 0x80
83 #define MFR_E_BIT 0x40
84 #define MFR_C_BIT 0x20
85 #define MFR_BEC_MASK (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT)
86 #define MFR_CTRL_FRAME (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT)
87 #define MFR_FRAG_FRAME (MFR_B_BIT | MFR_E_BIT )
88
89 static const struct tok frf_flag_values[] = {
90 { MFR_B_BIT, "Begin" },
91 { MFR_E_BIT, "End" },
92 { MFR_C_BIT, "Control" },
93 { 0, NULL }
94 };
95
96 /* Finds out Q.922 address length, DLCI and flags. Returns 1 on success,
97 * 0 on invalid address, -1 on truncated packet
98 * save the flags dep. on address length
99 */
100 static int parse_q922_header(netdissect_options *ndo,
101 const u_char *p, u_int *dlci,
102 u_int *addr_len, uint32_t *flags, u_int length)
103 {
104 if (!ND_TTEST_1(p) || length < 1)
105 return -1;
106 if ((GET_U_1(p) & FR_EA_BIT))
107 return 0;
108
109 if (!ND_TTEST_1(p + 1) || length < 2)
110 return -1;
111 *addr_len = 2;
112 *dlci = ((GET_U_1(p) & 0xFC) << 2) | ((GET_U_1(p + 1) & 0xF0) >> 4);
113
114 *flags = ((GET_U_1(p) & 0x02) << 24) | /* CR flag */
115 ((GET_U_1(p + 1) & 0x0e) << 16); /* FECN,BECN,DE flags */
116
117 if (GET_U_1(p + 1) & FR_EA_BIT)
118 return 1; /* 2-byte Q.922 address */
119
120 p += 2;
121 length -= 2;
122 if (!ND_TTEST_1(p) || length < 1)
123 return -1;
124 (*addr_len)++; /* 3- or 4-byte Q.922 address */
125 if ((GET_U_1(p) & FR_EA_BIT) == 0) {
126 *dlci = (*dlci << 7) | (GET_U_1(p) >> 1);
127 (*addr_len)++; /* 4-byte Q.922 address */
128 p++;
129 length--;
130 }
131
132 if (!ND_TTEST_1(p) || length < 1)
133 return -1;
134 if ((GET_U_1(p) & FR_EA_BIT) == 0)
135 return 0; /* more than 4 bytes of Q.922 address? */
136
137 *flags = *flags | (GET_U_1(p) & 0x02); /* SDLC flag */
138
139 *dlci = (*dlci << 6) | (GET_U_1(p) >> 2);
140
141 return 1;
142 }
143
144 const char *
145 q922_string(netdissect_options *ndo, const u_char *p, u_int length)
146 {
147
148 static u_int dlci, addr_len;
149 static uint32_t flags;
150 static char buffer[sizeof("DLCI xxxxxxxxxx")];
151 memset(buffer, 0, sizeof(buffer));
152
153 if (parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length) == 1){
154 snprintf(buffer, sizeof(buffer), "DLCI %u", dlci);
155 }
156
157 return buffer;
158 }
159
160
161 /* Frame Relay packet structure, with flags and CRC removed
162
163 +---------------------------+
164 | Q.922 Address* |
165 +-- --+
166 | |
167 +---------------------------+
168 | Control (UI = 0x03) |
169 +---------------------------+
170 | Optional Pad (0x00) |
171 +---------------------------+
172 | NLPID |
173 +---------------------------+
174 | . |
175 | . |
176 | . |
177 | Data |
178 | . |
179 | . |
180 +---------------------------+
181
182 * Q.922 addresses, as presently defined, are two octets and
183 contain a 10-bit DLCI. In some networks Q.922 addresses
184 may optionally be increased to three or four octets.
185 */
186
187 static void
188 fr_hdr_print(netdissect_options *ndo, int length, u_int addr_len,
189 u_int dlci, uint32_t flags, uint16_t nlpid)
190 {
191 if (ndo->ndo_qflag) {
192 ND_PRINT("Q.922, DLCI %u, length %u: ",
193 dlci,
194 length);
195 } else {
196 if (nlpid <= 0xff) /* if its smaller than 256 then its a NLPID */
197 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], NLPID %s (0x%02x), length %u: ",
198 addr_len,
199 dlci,
200 bittok2str(fr_header_flag_values, "none", flags),
201 tok2str(nlpid_values,"unknown", nlpid),
202 nlpid,
203 length);
204 else /* must be an ethertype */
205 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], cisco-ethertype %s (0x%04x), length %u: ",
206 addr_len,
207 dlci,
208 bittok2str(fr_header_flag_values, "none", flags),
209 tok2str(ethertype_values, "unknown", nlpid),
210 nlpid,
211 length);
212 }
213 }
214
215 /* Frame Relay */
216 void
217 fr_if_print(netdissect_options *ndo,
218 const struct pcap_pkthdr *h, const u_char *p)
219 {
220 u_int length = h->len;
221 u_int caplen = h->caplen;
222
223 ndo->ndo_protocol = "fr";
224 if (caplen < 4) { /* minimum frame header length */
225 nd_print_trunc(ndo);
226 ndo->ndo_ll_hdr_len += caplen;
227 return;
228 }
229
230 ndo->ndo_ll_hdr_len += fr_print(ndo, p, length);
231 }
232
233 u_int
234 fr_print(netdissect_options *ndo,
235 const u_char *p, u_int length)
236 {
237 int ret;
238 uint16_t extracted_ethertype;
239 u_int dlci;
240 u_int addr_len;
241 uint16_t nlpid;
242 u_int hdr_len;
243 uint32_t flags;
244
245 ndo->ndo_protocol = "fr";
246 ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length);
247 if (ret == -1)
248 goto trunc;
249 if (ret == 0) {
250 ND_PRINT("Q.922, invalid address");
251 return 0;
252 }
253
254 ND_TCHECK_1(p + addr_len);
255 if (length < addr_len + 1)
256 goto trunc;
257
258 if (GET_U_1(p + addr_len) != LLC_UI && dlci != 0) {
259 /*
260 * Let's figure out if we have Cisco-style encapsulation,
261 * with an Ethernet type (Cisco HDLC type?) following the
262 * address.
263 */
264 if (!ND_TTEST_2(p + addr_len) || length < addr_len + 2) {
265 /* no Ethertype */
266 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len));
267 } else {
268 extracted_ethertype = GET_BE_U_2(p + addr_len);
269
270 if (ndo->ndo_eflag)
271 fr_hdr_print(ndo, length, addr_len, dlci,
272 flags, extracted_ethertype);
273
274 if (ethertype_print(ndo, extracted_ethertype,
275 p+addr_len+ETHERTYPE_LEN,
276 length-addr_len-ETHERTYPE_LEN,
277 ND_BYTES_AVAILABLE_AFTER(p)-addr_len-ETHERTYPE_LEN,
278 NULL, NULL) == 0)
279 /* ether_type not known, probably it wasn't one */
280 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len));
281 else
282 return addr_len + 2;
283 }
284 }
285
286 ND_TCHECK_1(p + addr_len + 1);
287 if (length < addr_len + 2)
288 goto trunc;
289
290 if (GET_U_1(p + addr_len + 1) == 0) {
291 /*
292 * Assume a pad byte after the control (UI) byte.
293 * A pad byte should only be used with 3-byte Q.922.
294 */
295 if (addr_len != 3)
296 ND_PRINT("Pad! ");
297 hdr_len = addr_len + 1 /* UI */ + 1 /* pad */ + 1 /* NLPID */;
298 } else {
299 /*
300 * Not a pad byte.
301 * A pad byte should be used with 3-byte Q.922.
302 */
303 if (addr_len == 3)
304 ND_PRINT("No pad! ");
305 hdr_len = addr_len + 1 /* UI */ + 1 /* NLPID */;
306 }
307
308 ND_TCHECK_1(p + hdr_len - 1);
309 if (length < hdr_len)
310 goto trunc;
311 nlpid = GET_U_1(p + hdr_len - 1);
312
313 if (ndo->ndo_eflag)
314 fr_hdr_print(ndo, length, addr_len, dlci, flags, nlpid);
315 p += hdr_len;
316 length -= hdr_len;
317
318 switch (nlpid) {
319 case NLPID_IP:
320 ip_print(ndo, p, length);
321 break;
322
323 case NLPID_IP6:
324 ip6_print(ndo, p, length);
325 break;
326
327 case NLPID_CLNP:
328 case NLPID_ESIS:
329 case NLPID_ISIS:
330 isoclns_print(ndo, p - 1, length + 1); /* OSI printers need the NLPID field */
331 break;
332
333 case NLPID_SNAP:
334 if (snap_print(ndo, p, length, ND_BYTES_AVAILABLE_AFTER(p), NULL, NULL, 0) == 0) {
335 /* ether_type not known, print raw packet */
336 if (!ndo->ndo_eflag)
337 fr_hdr_print(ndo, length + hdr_len, hdr_len,
338 dlci, flags, nlpid);
339 if (!ndo->ndo_suppress_default_print)
340 ND_DEFAULTPRINT(p - hdr_len, length + hdr_len);
341 }
342 break;
343
344 case NLPID_Q933:
345 q933_print(ndo, p, length);
346 break;
347
348 case NLPID_MFR:
349 frf15_print(ndo, p, length);
350 break;
351
352 case NLPID_PPP:
353 ppp_print(ndo, p, length);
354 break;
355
356 default:
357 if (!ndo->ndo_eflag)
358 fr_hdr_print(ndo, length + hdr_len, addr_len,
359 dlci, flags, nlpid);
360 if (!ndo->ndo_xflag)
361 ND_DEFAULTPRINT(p, length);
362 }
363
364 return hdr_len;
365
366 trunc:
367 nd_print_trunc(ndo);
368 return 0;
369
370 }
371
372 /* Multi Link Frame Relay (FRF.16) */
373 void
374 mfr_if_print(netdissect_options *ndo,
375 const struct pcap_pkthdr *h, const u_char *p)
376 {
377 u_int length = h->len;
378 u_int caplen = h->caplen;
379
380 ndo->ndo_protocol = "mfr";
381 if (caplen < 2) { /* minimum frame header length */
382 nd_print_trunc(ndo);
383 ndo->ndo_ll_hdr_len += caplen;
384 return;
385 }
386
387 ndo->ndo_ll_hdr_len += mfr_print(ndo, p, length);
388 }
389
390
391 #define MFR_CTRL_MSG_ADD_LINK 1
392 #define MFR_CTRL_MSG_ADD_LINK_ACK 2
393 #define MFR_CTRL_MSG_ADD_LINK_REJ 3
394 #define MFR_CTRL_MSG_HELLO 4
395 #define MFR_CTRL_MSG_HELLO_ACK 5
396 #define MFR_CTRL_MSG_REMOVE_LINK 6
397 #define MFR_CTRL_MSG_REMOVE_LINK_ACK 7
398
399 static const struct tok mfr_ctrl_msg_values[] = {
400 { MFR_CTRL_MSG_ADD_LINK, "Add Link" },
401 { MFR_CTRL_MSG_ADD_LINK_ACK, "Add Link ACK" },
402 { MFR_CTRL_MSG_ADD_LINK_REJ, "Add Link Reject" },
403 { MFR_CTRL_MSG_HELLO, "Hello" },
404 { MFR_CTRL_MSG_HELLO_ACK, "Hello ACK" },
405 { MFR_CTRL_MSG_REMOVE_LINK, "Remove Link" },
406 { MFR_CTRL_MSG_REMOVE_LINK_ACK, "Remove Link ACK" },
407 { 0, NULL }
408 };
409
410 #define MFR_CTRL_IE_BUNDLE_ID 1
411 #define MFR_CTRL_IE_LINK_ID 2
412 #define MFR_CTRL_IE_MAGIC_NUM 3
413 #define MFR_CTRL_IE_TIMESTAMP 5
414 #define MFR_CTRL_IE_VENDOR_EXT 6
415 #define MFR_CTRL_IE_CAUSE 7
416
417 static const struct tok mfr_ctrl_ie_values[] = {
418 { MFR_CTRL_IE_BUNDLE_ID, "Bundle ID"},
419 { MFR_CTRL_IE_LINK_ID, "Link ID"},
420 { MFR_CTRL_IE_MAGIC_NUM, "Magic Number"},
421 { MFR_CTRL_IE_TIMESTAMP, "Timestamp"},
422 { MFR_CTRL_IE_VENDOR_EXT, "Vendor Extension"},
423 { MFR_CTRL_IE_CAUSE, "Cause"},
424 { 0, NULL }
425 };
426
427 #define MFR_ID_STRING_MAXLEN 50
428
429 struct ie_tlv_header_t {
430 uint8_t ie_type;
431 uint8_t ie_len;
432 };
433
434 u_int
435 mfr_print(netdissect_options *ndo,
436 const u_char *p, u_int length)
437 {
438 u_int tlen,idx,hdr_len = 0;
439 uint16_t sequence_num;
440 uint8_t ie_type,ie_len;
441 const uint8_t *tptr;
442
443
444 /*
445 * FRF.16 Link Integrity Control Frame
446 *
447 * 7 6 5 4 3 2 1 0
448 * +----+----+----+----+----+----+----+----+
449 * | B | E | C=1| 0 0 0 0 | EA |
450 * +----+----+----+----+----+----+----+----+
451 * | 0 0 0 0 0 0 0 0 |
452 * +----+----+----+----+----+----+----+----+
453 * | message type |
454 * +----+----+----+----+----+----+----+----+
455 */
456
457 ndo->ndo_protocol = "mfr";
458
459 if (length < 4) { /* minimum frame header length */
460 ND_PRINT("[length %u < 4]", length);
461 nd_print_invalid(ndo);
462 return length;
463 }
464 ND_TCHECK_4(p);
465
466 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_CTRL_FRAME && GET_U_1(p + 1) == 0) {
467 ND_PRINT("FRF.16 Control, Flags [%s], %s, length %u",
468 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)),
469 tok2str(mfr_ctrl_msg_values,"Unknown Message (0x%02x)",GET_U_1(p + 2)),
470 length);
471 tptr = p + 3;
472 tlen = length -3;
473 hdr_len = 3;
474
475 if (!ndo->ndo_vflag)
476 return hdr_len;
477
478 while (tlen>sizeof(struct ie_tlv_header_t)) {
479 ND_TCHECK_LEN(tptr, sizeof(struct ie_tlv_header_t));
480 ie_type=GET_U_1(tptr);
481 ie_len=GET_U_1(tptr + 1);
482
483 ND_PRINT("\n\tIE %s (%u), length %u: ",
484 tok2str(mfr_ctrl_ie_values,"Unknown",ie_type),
485 ie_type,
486 ie_len);
487
488 /* infinite loop check */
489 if (ie_type == 0 || ie_len <= sizeof(struct ie_tlv_header_t))
490 return hdr_len;
491
492 ND_TCHECK_LEN(tptr, ie_len);
493 tptr+=sizeof(struct ie_tlv_header_t);
494 /* tlv len includes header */
495 ie_len-=sizeof(struct ie_tlv_header_t);
496 tlen-=sizeof(struct ie_tlv_header_t);
497
498 switch (ie_type) {
499
500 case MFR_CTRL_IE_MAGIC_NUM:
501 /* FRF.16.1 Section 3.4.3 Magic Number Information Element */
502 if (ie_len != 4) {
503 ND_PRINT("[IE data length %d != 4]", ie_len);
504 nd_print_invalid(ndo);
505 break;
506 }
507 ND_PRINT("0x%08x", GET_BE_U_4(tptr));
508 break;
509
510 case MFR_CTRL_IE_BUNDLE_ID: /* same message format */
511 case MFR_CTRL_IE_LINK_ID:
512 for (idx = 0; idx < ie_len && idx < MFR_ID_STRING_MAXLEN; idx++) {
513 if (GET_U_1(tptr + idx) != 0) /* don't print null termination */
514 fn_print_char(ndo, GET_U_1(tptr + idx));
515 else
516 break;
517 }
518 break;
519
520 case MFR_CTRL_IE_TIMESTAMP:
521 if (ie_len == sizeof(struct timeval)) {
522 ts_print(ndo, (const struct timeval *)tptr);
523 break;
524 }
525 /* fall through and hexdump if no unix timestamp */
526 ND_FALL_THROUGH;
527
528 /*
529 * FIXME those are the defined IEs that lack a decoder
530 * you are welcome to contribute code ;-)
531 */
532
533 case MFR_CTRL_IE_VENDOR_EXT:
534 case MFR_CTRL_IE_CAUSE:
535
536 default:
537 if (ndo->ndo_vflag <= 1)
538 print_unknown_data(ndo, tptr, "\n\t ", ie_len);
539 break;
540 }
541
542 /* do we want to see a hexdump of the IE ? */
543 if (ndo->ndo_vflag > 1 )
544 print_unknown_data(ndo, tptr, "\n\t ", ie_len);
545
546 tlen-=ie_len;
547 tptr+=ie_len;
548 }
549 return hdr_len;
550 }
551 /*
552 * FRF.16 Fragmentation Frame
553 *
554 * 7 6 5 4 3 2 1 0
555 * +----+----+----+----+----+----+----+----+
556 * | B | E | C=0|seq. (high 4 bits) | EA |
557 * +----+----+----+----+----+----+----+----+
558 * | sequence (low 8 bits) |
559 * +----+----+----+----+----+----+----+----+
560 * | DLCI (6 bits) | CR | EA |
561 * +----+----+----+----+----+----+----+----+
562 * | DLCI (4 bits) |FECN|BECN| DE | EA |
563 * +----+----+----+----+----+----+----+----+
564 */
565
566 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1);
567 /* whole packet or first fragment ? */
568 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_FRAG_FRAME ||
569 (GET_U_1(p) & MFR_BEC_MASK) == MFR_B_BIT) {
570 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s], ",
571 sequence_num,
572 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)));
573 hdr_len = 2;
574 fr_print(ndo, p+hdr_len,length-hdr_len);
575 return hdr_len;
576 }
577
578 /* must be a middle or the last fragment */
579 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s]",
580 sequence_num,
581 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)));
582 print_unknown_data(ndo, p, "\n\t", length);
583
584 return hdr_len;
585
586 trunc:
587 nd_print_trunc(ndo);
588 return length;
589 }
590
591 /* an NLPID of 0xb1 indicates a 2-byte
592 * FRF.15 header
593 *
594 * 7 6 5 4 3 2 1 0
595 * +----+----+----+----+----+----+----+----+
596 * ~ Q.922 header ~
597 * +----+----+----+----+----+----+----+----+
598 * | NLPID (8 bits) | NLPID=0xb1
599 * +----+----+----+----+----+----+----+----+
600 * | B | E | C |seq. (high 4 bits) | R |
601 * +----+----+----+----+----+----+----+----+
602 * | sequence (low 8 bits) |
603 * +----+----+----+----+----+----+----+----+
604 */
605
606 #define FR_FRF15_FRAGTYPE 0x01
607
608 static void
609 frf15_print(netdissect_options *ndo,
610 const u_char *p, u_int length)
611 {
612 uint16_t sequence_num, flags;
613
614 if (length < 2)
615 goto trunc;
616 ND_TCHECK_2(p);
617
618 flags = GET_U_1(p)&MFR_BEC_MASK;
619 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1);
620
621 ND_PRINT("FRF.15, seq 0x%03x, Flags [%s],%s Fragmentation, length %u",
622 sequence_num,
623 bittok2str(frf_flag_values,"none",flags),
624 GET_U_1(p)&FR_FRF15_FRAGTYPE ? "Interface" : "End-to-End",
625 length);
626
627 /* TODO:
628 * depending on all permutations of the B, E and C bit
629 * dig as deep as we can - e.g. on the first (B) fragment
630 * there is enough payload to print the IP header
631 * on non (B) fragments it depends if the fragmentation
632 * model is end-to-end or interface based wether we want to print
633 * another Q.922 header
634 */
635 return;
636
637 trunc:
638 nd_print_trunc(ndo);
639 }
640
641 /*
642 * Q.933 decoding portion for framerelay specific.
643 */
644
645 /* Q.933 packet format
646 Format of Other Protocols
647 using Q.933 NLPID
648 +-------------------------------+
649 | Q.922 Address |
650 +---------------+---------------+
651 |Control 0x03 | NLPID 0x08 |
652 +---------------+---------------+
653 | L2 Protocol ID |
654 | octet 1 | octet 2 |
655 +-------------------------------+
656 | L3 Protocol ID |
657 | octet 2 | octet 2 |
658 +-------------------------------+
659 | Protocol Data |
660 +-------------------------------+
661 | FCS |
662 +-------------------------------+
663 */
664
665 /* L2 (Octet 1)- Call Reference Usually is 0x0 */
666
667 /*
668 * L2 (Octet 2)- Message Types definition 1 byte long.
669 */
670 /* Call Establish */
671 #define MSG_TYPE_ESC_TO_NATIONAL 0x00
672 #define MSG_TYPE_ALERT 0x01
673 #define MSG_TYPE_CALL_PROCEEDING 0x02
674 #define MSG_TYPE_CONNECT 0x07
675 #define MSG_TYPE_CONNECT_ACK 0x0F
676 #define MSG_TYPE_PROGRESS 0x03
677 #define MSG_TYPE_SETUP 0x05
678 /* Call Clear */
679 #define MSG_TYPE_DISCONNECT 0x45
680 #define MSG_TYPE_RELEASE 0x4D
681 #define MSG_TYPE_RELEASE_COMPLETE 0x5A
682 #define MSG_TYPE_RESTART 0x46
683 #define MSG_TYPE_RESTART_ACK 0x4E
684 /* Status */
685 #define MSG_TYPE_STATUS 0x7D
686 #define MSG_TYPE_STATUS_ENQ 0x75
687
688 static const struct tok fr_q933_msg_values[] = {
689 { MSG_TYPE_ESC_TO_NATIONAL, "ESC to National" },
690 { MSG_TYPE_ALERT, "Alert" },
691 { MSG_TYPE_CALL_PROCEEDING, "Call proceeding" },
692 { MSG_TYPE_CONNECT, "Connect" },
693 { MSG_TYPE_CONNECT_ACK, "Connect ACK" },
694 { MSG_TYPE_PROGRESS, "Progress" },
695 { MSG_TYPE_SETUP, "Setup" },
696 { MSG_TYPE_DISCONNECT, "Disconnect" },
697 { MSG_TYPE_RELEASE, "Release" },
698 { MSG_TYPE_RELEASE_COMPLETE, "Release Complete" },
699 { MSG_TYPE_RESTART, "Restart" },
700 { MSG_TYPE_RESTART_ACK, "Restart ACK" },
701 { MSG_TYPE_STATUS, "Status Reply" },
702 { MSG_TYPE_STATUS_ENQ, "Status Enquiry" },
703 { 0, NULL }
704 };
705
706 #define IE_IS_SINGLE_OCTET(iecode) ((iecode) & 0x80)
707 #define IE_IS_SHIFT(iecode) (((iecode) & 0xF0) == 0x90)
708 #define IE_SHIFT_IS_NON_LOCKING(iecode) ((iecode) & 0x08)
709 #define IE_SHIFT_IS_LOCKING(iecode) (!(IE_SHIFT_IS_NON_LOCKING(iecode)))
710 #define IE_SHIFT_CODESET(iecode) ((iecode) & 0x07)
711
712 #define FR_LMI_ANSI_REPORT_TYPE_IE 0x01
713 #define FR_LMI_ANSI_LINK_VERIFY_IE_91 0x19 /* details? */
714 #define FR_LMI_ANSI_LINK_VERIFY_IE 0x03
715 #define FR_LMI_ANSI_PVC_STATUS_IE 0x07
716
717 #define FR_LMI_CCITT_REPORT_TYPE_IE 0x51
718 #define FR_LMI_CCITT_LINK_VERIFY_IE 0x53
719 #define FR_LMI_CCITT_PVC_STATUS_IE 0x57
720
721 static const struct tok fr_q933_ie_values_codeset_0_5[] = {
722 { FR_LMI_ANSI_REPORT_TYPE_IE, "ANSI Report Type" },
723 { FR_LMI_ANSI_LINK_VERIFY_IE_91, "ANSI Link Verify" },
724 { FR_LMI_ANSI_LINK_VERIFY_IE, "ANSI Link Verify" },
725 { FR_LMI_ANSI_PVC_STATUS_IE, "ANSI PVC Status" },
726 { FR_LMI_CCITT_REPORT_TYPE_IE, "CCITT Report Type" },
727 { FR_LMI_CCITT_LINK_VERIFY_IE, "CCITT Link Verify" },
728 { FR_LMI_CCITT_PVC_STATUS_IE, "CCITT PVC Status" },
729 { 0, NULL }
730 };
731
732 #define FR_LMI_REPORT_TYPE_IE_FULL_STATUS 0
733 #define FR_LMI_REPORT_TYPE_IE_LINK_VERIFY 1
734 #define FR_LMI_REPORT_TYPE_IE_ASYNC_PVC 2
735
736 static const struct tok fr_lmi_report_type_ie_values[] = {
737 { FR_LMI_REPORT_TYPE_IE_FULL_STATUS, "Full Status" },
738 { FR_LMI_REPORT_TYPE_IE_LINK_VERIFY, "Link verify" },
739 { FR_LMI_REPORT_TYPE_IE_ASYNC_PVC, "Async PVC Status" },
740 { 0, NULL }
741 };
742
743 /* array of 16 codesets - currently we only support codepage 0 and 5 */
744 static const struct tok *fr_q933_ie_codesets[] = {
745 fr_q933_ie_values_codeset_0_5,
746 NULL,
747 NULL,
748 NULL,
749 NULL,
750 fr_q933_ie_values_codeset_0_5,
751 NULL,
752 NULL,
753 NULL,
754 NULL,
755 NULL,
756 NULL,
757 NULL,
758 NULL,
759 NULL,
760 NULL
761 };
762
763 static int fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode,
764 u_int ielength, const u_char *p);
765
766 typedef int (*codeset_pr_func_t)(netdissect_options *, u_int iecode,
767 u_int ielength, const u_char *p);
768
769 /* array of 16 codesets - currently we only support codepage 0 and 5 */
770 static const codeset_pr_func_t fr_q933_print_ie_codeset[] = {
771 fr_q933_print_ie_codeset_0_5,
772 NULL,
773 NULL,
774 NULL,
775 NULL,
776 fr_q933_print_ie_codeset_0_5,
777 NULL,
778 NULL,
779 NULL,
780 NULL,
781 NULL,
782 NULL,
783 NULL,
784 NULL,
785 NULL,
786 NULL
787 };
788
789 /*
790 * ITU-T Q.933.
791 *
792 * p points to octet 2, the octet containing the length of the
793 * call reference value, so p[n] is octet n+2 ("octet X" is as
794 * used in Q.931/Q.933).
795 *
796 * XXX - actually used both for Q.931 and Q.933.
797 */
798 void
799 q933_print(netdissect_options *ndo,
800 const u_char *p, u_int length)
801 {
802 u_int olen;
803 u_int call_ref_length, i;
804 uint8_t call_ref[15]; /* maximum length - length field is 4 bits */
805 u_int msgtype;
806 u_int iecode;
807 u_int ielength;
808 u_int codeset = 0;
809 u_int is_ansi = 0;
810 u_int ie_is_known;
811 u_int non_locking_shift;
812 u_int unshift_codeset;
813
814 ndo->ndo_protocol = "q.933";
815 ND_PRINT("%s", ndo->ndo_eflag ? "" : "Q.933");
816
817 if (length == 0 || !ND_TTEST_1(p)) {
818 if (!ndo->ndo_eflag)
819 ND_PRINT(", ");
820 ND_PRINT("length %u", length);
821 goto trunc;
822 }
823
824 /*
825 * Get the length of the call reference value.
826 */
827 olen = length; /* preserve the original length for display */
828 call_ref_length = GET_U_1(p) & 0x0f;
829 p++;
830 length--;
831
832 /*
833 * Get the call reference value.
834 */
835 for (i = 0; i < call_ref_length; i++) {
836 if (length == 0 || !ND_TTEST_1(p)) {
837 if (!ndo->ndo_eflag)
838 ND_PRINT(", ");
839 ND_PRINT("length %u", olen);
840 goto trunc;
841 }
842 call_ref[i] = GET_U_1(p);
843 p++;
844 length--;
845 }
846
847 /*
848 * Get the message type.
849 */
850 if (length == 0 || !ND_TTEST_1(p)) {
851 if (!ndo->ndo_eflag)
852 ND_PRINT(", ");
853 ND_PRINT("length %u", olen);
854 goto trunc;
855 }
856 msgtype = GET_U_1(p);
857 p++;
858 length--;
859
860 /*
861 * Peek ahead to see if we start with a shift.
862 */
863 non_locking_shift = 0;
864 unshift_codeset = codeset;
865 if (length != 0) {
866 if (!ND_TTEST_1(p)) {
867 if (!ndo->ndo_eflag)
868 ND_PRINT(", ");
869 ND_PRINT("length %u", olen);
870 goto trunc;
871 }
872 iecode = GET_U_1(p);
873 if (IE_IS_SHIFT(iecode)) {
874 /*
875 * It's a shift. Skip over it.
876 */
877 p++;
878 length--;
879
880 /*
881 * Get the codeset.
882 */
883 codeset = IE_SHIFT_CODESET(iecode);
884
885 /*
886 * If it's a locking shift to codeset 5,
887 * mark this as ANSI. (XXX - 5 is actually
888 * for national variants in general, not
889 * the US variant in particular, but maybe
890 * this is more American exceptionalism. :-))
891 */
892 if (IE_SHIFT_IS_LOCKING(iecode)) {
893 /*
894 * It's a locking shift.
895 */
896 if (codeset == 5) {
897 /*
898 * It's a locking shift to
899 * codeset 5, so this is
900 * T1.617 Annex D.
901 */
902 is_ansi = 1;
903 }
904 } else {
905 /*
906 * It's a non-locking shift.
907 * Remember the current codeset, so we
908 * can revert to it after the next IE.
909 */
910 non_locking_shift = 1;
911 unshift_codeset = 0;
912 }
913 }
914 }
915
916 /* printing out header part */
917 if (!ndo->ndo_eflag)
918 ND_PRINT(", ");
919 ND_PRINT("%s, codeset %u", is_ansi ? "ANSI" : "CCITT", codeset);
920
921 if (call_ref_length != 0) {
922 if (call_ref_length > 1 || GET_U_1(p) != 0) {
923 /*
924 * Not a dummy call reference.
925 */
926 ND_PRINT(", Call Ref: 0x");
927 for (i = 0; i < call_ref_length; i++)
928 ND_PRINT("%02x", call_ref[i]);
929 }
930 }
931 if (ndo->ndo_vflag) {
932 ND_PRINT(", %s (0x%02x), length %u",
933 tok2str(fr_q933_msg_values,
934 "unknown message", msgtype),
935 msgtype,
936 olen);
937 } else {
938 ND_PRINT(", %s",
939 tok2str(fr_q933_msg_values,
940 "unknown message 0x%02x", msgtype));
941 }
942
943 /* Loop through the rest of the IEs */
944 while (length != 0) {
945 /*
946 * What's the state of any non-locking shifts?
947 */
948 if (non_locking_shift == 1) {
949 /*
950 * There's a non-locking shift in effect for
951 * this IE. Count it, so we reset the codeset
952 * before the next IE.
953 */
954 non_locking_shift = 2;
955 } else if (non_locking_shift == 2) {
956 /*
957 * Unshift.
958 */
959 codeset = unshift_codeset;
960 non_locking_shift = 0;
961 }
962
963 /*
964 * Get the first octet of the IE.
965 */
966 if (!ND_TTEST_1(p)) {
967 if (!ndo->ndo_vflag) {
968 ND_PRINT(", length %u", olen);
969 }
970 goto trunc;
971 }
972 iecode = GET_U_1(p);
973 p++;
974 length--;
975
976 /* Single-octet IE? */
977 if (IE_IS_SINGLE_OCTET(iecode)) {
978 /*
979 * Yes. Is it a shift?
980 */
981 if (IE_IS_SHIFT(iecode)) {
982 /*
983 * Yes. Is it locking?
984 */
985 if (IE_SHIFT_IS_LOCKING(iecode)) {
986 /*
987 * Yes.
988 */
989 non_locking_shift = 0;
990 } else {
991 /*
992 * No. Remember the current
993 * codeset, so we can revert
994 * to it after the next IE.
995 */
996 non_locking_shift = 1;
997 unshift_codeset = codeset;
998 }
999
1000 /*
1001 * Get the codeset.
1002 */
1003 codeset = IE_SHIFT_CODESET(iecode);
1004 }
1005 } else {
1006 /*
1007 * No. Get the IE length.
1008 */
1009 if (length == 0 || !ND_TTEST_1(p)) {
1010 if (!ndo->ndo_vflag) {
1011 ND_PRINT(", length %u", olen);
1012 }
1013 goto trunc;
1014 }
1015 ielength = GET_U_1(p);
1016 p++;
1017 length--;
1018
1019 /* lets do the full IE parsing only in verbose mode
1020 * however some IEs (DLCI Status, Link Verify)
1021 * are also interesting in non-verbose mode */
1022 if (ndo->ndo_vflag) {
1023 ND_PRINT("\n\t%s IE (0x%02x), length %u: ",
1024 tok2str(fr_q933_ie_codesets[codeset],
1025 "unknown", iecode),
1026 iecode,
1027 ielength);
1028 }
1029
1030 /* sanity checks */
1031 if (iecode == 0 || ielength == 0) {
1032 return;
1033 }
1034 if (length < ielength || !ND_TTEST_LEN(p, ielength)) {
1035 if (!ndo->ndo_vflag) {
1036 ND_PRINT(", length %u", olen);
1037 }
1038 goto trunc;
1039 }
1040
1041 ie_is_known = 0;
1042 if (fr_q933_print_ie_codeset[codeset] != NULL) {
1043 ie_is_known = fr_q933_print_ie_codeset[codeset](ndo, iecode, ielength, p);
1044 }
1045
1046 if (ie_is_known) {
1047 /*
1048 * Known IE; do we want to see a hexdump
1049 * of it?
1050 */
1051 if (ndo->ndo_vflag > 1) {
1052 /* Yes. */
1053 print_unknown_data(ndo, p, "\n\t ", ielength);
1054 }
1055 } else {
1056 /*
1057 * Unknown IE; if we're printing verbosely,
1058 * print its content in hex.
1059 */
1060 if (ndo->ndo_vflag >= 1) {
1061 print_unknown_data(ndo, p, "\n\t", ielength);
1062 }
1063 }
1064
1065 length -= ielength;
1066 p += ielength;
1067 }
1068 }
1069 if (!ndo->ndo_vflag) {
1070 ND_PRINT(", length %u", olen);
1071 }
1072 return;
1073
1074 trunc:
1075 nd_print_trunc(ndo);
1076 }
1077
1078 static int
1079 fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode,
1080 u_int ielength, const u_char *p)
1081 {
1082 u_int dlci;
1083
1084 switch (iecode) {
1085
1086 case FR_LMI_ANSI_REPORT_TYPE_IE: /* fall through */
1087 case FR_LMI_CCITT_REPORT_TYPE_IE:
1088 if (ielength < 1) {
1089 if (!ndo->ndo_vflag) {
1090 ND_PRINT(", ");
1091 }
1092 ND_PRINT("Invalid REPORT TYPE IE");
1093 return 1;
1094 }
1095 if (ndo->ndo_vflag) {
1096 ND_PRINT("%s (%u)",
1097 tok2str(fr_lmi_report_type_ie_values,"unknown",GET_U_1(p)),
1098 GET_U_1(p));
1099 }
1100 return 1;
1101
1102 case FR_LMI_ANSI_LINK_VERIFY_IE: /* fall through */
1103 case FR_LMI_CCITT_LINK_VERIFY_IE:
1104 case FR_LMI_ANSI_LINK_VERIFY_IE_91:
1105 if (!ndo->ndo_vflag) {
1106 ND_PRINT(", ");
1107 }
1108 if (ielength < 2) {
1109 ND_PRINT("Invalid LINK VERIFY IE");
1110 return 1;
1111 }
1112 ND_PRINT("TX Seq: %3d, RX Seq: %3d", GET_U_1(p), GET_U_1(p + 1));
1113 return 1;
1114
1115 case FR_LMI_ANSI_PVC_STATUS_IE: /* fall through */
1116 case FR_LMI_CCITT_PVC_STATUS_IE:
1117 if (!ndo->ndo_vflag) {
1118 ND_PRINT(", ");
1119 }
1120 /* now parse the DLCI information element. */
1121 if ((ielength < 3) ||
1122 (GET_U_1(p) & 0x80) ||
1123 ((ielength == 3) && !(GET_U_1(p + 1) & 0x80)) ||
1124 ((ielength == 4) &&
1125 ((GET_U_1(p + 1) & 0x80) || !(GET_U_1(p + 2) & 0x80))) ||
1126 ((ielength == 5) &&
1127 ((GET_U_1(p + 1) & 0x80) || (GET_U_1(p + 2) & 0x80) ||
1128 !(GET_U_1(p + 3) & 0x80))) ||
1129 (ielength > 5) ||
1130 !(GET_U_1(p + ielength - 1) & 0x80)) {
1131 ND_PRINT("Invalid DLCI in PVC STATUS IE");
1132 return 1;
1133 }
1134
1135 dlci = ((GET_U_1(p) & 0x3F) << 4) | ((GET_U_1(p + 1) & 0x78) >> 3);
1136 if (ielength == 4) {
1137 dlci = (dlci << 6) | ((GET_U_1(p + 2) & 0x7E) >> 1);
1138 }
1139 else if (ielength == 5) {
1140 dlci = (dlci << 13) | (GET_U_1(p + 2) & 0x7F) | ((GET_U_1(p + 3) & 0x7E) >> 1);
1141 }
1142
1143 ND_PRINT("DLCI %u: status %s%s", dlci,
1144 GET_U_1(p + ielength - 1) & 0x8 ? "New, " : "",
1145 GET_U_1(p + ielength - 1) & 0x2 ? "Active" : "Inactive");
1146 return 1;
1147 }
1148
1149 return 0;
1150 }
[mirror] the TCPdump network dissector