* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
+/* \summary: IP printer */
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
#include <string.h>
-#include "interface.h"
+#include "netdissect.h"
#include "addrtoname.h"
-#include "extract.h" /* must come after interface.h */
+#include "extract.h"
#include "ip.h"
#include "ipproto.h"
/*
* print the recorded route in an IP RR, LSRR or SSRR option.
*/
-static void
+static int
ip_printroute(netdissect_options *ndo,
register const u_char *cp, u_int length)
{
if (length < 3) {
ND_PRINT((ndo, " [bad length %u]", length));
- return;
+ return (0);
}
if ((length + 1) & 3)
ND_PRINT((ndo, " [bad length %u]", length));
- ptr = cp[2] - 1;
+ ND_TCHECK_1(cp + 2);
+ ptr = EXTRACT_U_1(cp + 2) - 1;
if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1)
- ND_PRINT((ndo, " [bad ptr %u]", cp[2]));
+ ND_PRINT((ndo, " [bad ptr %u]", EXTRACT_U_1(cp + 2)));
for (len = 3; len < length; len += 4) {
- ND_PRINT((ndo, " %s", ipaddr_string(ndo, &cp[len])));
+ ND_TCHECK_4(cp + len);
+ ND_PRINT((ndo, " %s", ipaddr_string(ndo, cp + len)));
if (ptr > len)
ND_PRINT((ndo, ","));
}
+ return (0);
+
+trunc:
+ return (-1);
}
/*
for (; length > 0; cp += len, length -= len) {
int tt;
- ND_TCHECK(*cp);
- tt = *cp;
+ ND_TCHECK_1(cp);
+ tt = EXTRACT_U_1(cp);
if (tt == IPOPT_EOL)
break;
else if (tt == IPOPT_NOP)
len = 1;
else {
- ND_TCHECK(cp[1]);
- len = cp[1];
+ ND_TCHECK_1(cp + 1);
+ len = EXTRACT_U_1(cp + 1);
if (len < 2)
break;
}
}
}
trunc:
- UNALIGNED_MEMCPY(&retval, &ip->ip_dst.s_addr, sizeof(uint32_t));
+ UNALIGNED_MEMCPY(&retval, &ip->ip_dst, sizeof(uint32_t));
return retval;
}
ph.len = htons((uint16_t)len);
ph.mbz = 0;
ph.proto = next_proto;
- UNALIGNED_MEMCPY(&ph.src, &ip->ip_src.s_addr, sizeof(uint32_t));
+ UNALIGNED_MEMCPY(&ph.src, &ip->ip_src, sizeof(uint32_t));
if (IP_HL(ip) == 5)
- UNALIGNED_MEMCPY(&ph.dst, &ip->ip_dst.s_addr, sizeof(uint32_t));
+ UNALIGNED_MEMCPY(&ph.dst, &ip->ip_dst, sizeof(uint32_t));
else
ph.dst = ip_finddst(ndo, ip);
return (in_cksum(vec, 2));
}
-static void
+static int
ip_printts(netdissect_options *ndo,
register const u_char *cp, u_int length)
{
if (length < 4) {
ND_PRINT((ndo, "[bad length %u]", length));
- return;
+ return (0);
}
ND_PRINT((ndo, " TS{"));
- hoplen = ((cp[3]&0xF) != IPOPT_TS_TSONLY) ? 8 : 4;
+ ND_TCHECK_1(cp + 3);
+ hoplen = ((EXTRACT_U_1(cp + 3) & 0xF) != IPOPT_TS_TSONLY) ? 8 : 4;
if ((length - 4) & (hoplen-1))
ND_PRINT((ndo, "[bad length %u]", length));
- ptr = cp[2] - 1;
+ ND_TCHECK_1(cp + 2);
+ ptr = EXTRACT_U_1(cp + 2) - 1;
len = 0;
if (ptr < 4 || ((ptr - 4) & (hoplen-1)) || ptr > length + 1)
- ND_PRINT((ndo, "[bad ptr %u]", cp[2]));
- switch (cp[3]&0xF) {
+ ND_PRINT((ndo, "[bad ptr %u]", EXTRACT_U_1(cp + 2)));
+ ND_TCHECK_1(cp + 3);
+ switch (EXTRACT_U_1(cp + 3)&0xF) {
case IPOPT_TS_TSONLY:
ND_PRINT((ndo, "TSONLY"));
break;
ND_PRINT((ndo, "PRESPEC"));
break;
default:
- ND_PRINT((ndo, "[bad ts type %d]", cp[3]&0xF));
+ ND_PRINT((ndo, "[bad ts type %d]", EXTRACT_U_1(cp + 3)&0xF));
goto done;
}
for (len = 4; len < length; len += hoplen) {
if (ptr == len)
type = " ^ ";
- ND_PRINT((ndo, "%s%d@%s", type, EXTRACT_32BITS(&cp[len+hoplen-4]),
- hoplen!=8 ? "" : ipaddr_string(ndo, &cp[len])));
+ ND_TCHECK2(cp[len], hoplen);
+ ND_PRINT((ndo, "%s%d@%s", type, EXTRACT_BE_U_4(cp + len + hoplen - 4),
+ hoplen!=8 ? "" : ipaddr_string(ndo, cp + len)));
type = " ";
}
done:
ND_PRINT((ndo, "%s", ptr == len ? " ^ " : ""));
- if (cp[3]>>4)
- ND_PRINT((ndo, " [%d hops not recorded]} ", cp[3]>>4));
+ if (EXTRACT_U_1(cp + 3) >> 4)
+ ND_PRINT((ndo, " [%d hops not recorded]} ", EXTRACT_U_1(cp + 3)>>4));
else
ND_PRINT((ndo, "}"));
+ return (0);
+
+trunc:
+ return (-1);
}
/*
ND_PRINT((ndo, "%s", sep));
sep = ",";
- ND_TCHECK(*cp);
- option_code = *cp;
+ ND_TCHECK_1(cp);
+ option_code = EXTRACT_U_1(cp);
ND_PRINT((ndo, "%s",
tok2str(ip_option_values,"unknown %u",option_code)));
option_len = 1;
else {
- ND_TCHECK(cp[1]);
- option_len = cp[1];
+ ND_TCHECK_1(cp + 1);
+ option_len = EXTRACT_U_1(cp + 1);
if (option_len < 2) {
ND_PRINT((ndo, " [bad length %u]", option_len));
return;
return;
case IPOPT_TS:
- ip_printts(ndo, cp, option_len);
+ if (ip_printts(ndo, cp, option_len) == -1)
+ goto trunc;
break;
case IPOPT_RR: /* fall through */
case IPOPT_SSRR:
case IPOPT_LSRR:
- ip_printroute(ndo, cp, option_len);
+ if (ip_printroute(ndo, cp, option_len) == -1)
+ goto trunc;
break;
case IPOPT_RA:
ND_PRINT((ndo, " [bad length %u]", option_len));
break;
}
- ND_TCHECK(cp[3]);
- if (EXTRACT_16BITS(&cp[2]) != 0)
- ND_PRINT((ndo, " value %u", EXTRACT_16BITS(&cp[2])));
+ ND_TCHECK_1(cp + 3);
+ if (EXTRACT_BE_U_2(cp + 2) != 0)
+ ND_PRINT((ndo, " value %u", EXTRACT_BE_U_2(cp + 2)));
break;
case IPOPT_NOP: /* nothing to print - fall through */
ip_print_demux(netdissect_options *ndo,
struct ip_print_demux_state *ipds)
{
- struct protoent *proto;
- struct cksum_vec vec[1];
+ const char *p_name;
again:
switch (ipds->nh) {
case IPPROTO_AH:
- ipds->nh = *ipds->cp;
+ if (!ND_TTEST(*ipds->cp)) {
+ ND_PRINT((ndo, "[|AH]"));
+ break;
+ }
+ ipds->nh = EXTRACT_U_1(ipds->cp);
ipds->advance = ah_print(ndo, ipds->cp);
if (ipds->advance <= 0)
break;
case IPPROTO_ESP:
{
- int enh, padlen;
+ u_int enh, padlen;
ipds->advance = esp_print(ndo, ipds->cp, ipds->len,
(const u_char *)ipds->ip,
&enh, &padlen);
case IPPROTO_IPCOMP:
{
- int enh;
- ipds->advance = ipcomp_print(ndo, ipds->cp, &enh);
- if (ipds->advance <= 0)
- break;
- ipds->cp += ipds->advance;
- ipds->len -= ipds->advance;
- ipds->nh = enh & 0xff;
- goto again;
+ ipcomp_print(ndo, ipds->cp);
+ /*
+ * Either this has decompressed the payload and
+ * printed it, in which case there's nothing more
+ * to do, or it hasn't, in which case there's
+ * nothing more to do.
+ */
+ break;
}
case IPPROTO_SCTP:
break;
case IPPROTO_PIM:
- vec[0].ptr = ipds->cp;
- vec[0].len = ipds->len;
- pim_print(ndo, ipds->cp, ipds->len, in_cksum(vec, 1));
+ pim_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip);
break;
case IPPROTO_VRRP:
ND_PRINT((ndo, "carp %s > %s: ",
ipaddr_string(ndo, &ipds->ip->ip_src),
ipaddr_string(ndo, &ipds->ip->ip_dst)));
- carp_print(ndo, ipds->cp, ipds->len, ipds->ip->ip_ttl);
+ carp_print(ndo, ipds->cp, ipds->len,
+ EXTRACT_U_1(ipds->ip->ip_ttl));
} else {
if (ndo->ndo_vflag)
ND_PRINT((ndo, "vrrp %s > %s: ",
ipaddr_string(ndo, &ipds->ip->ip_src),
ipaddr_string(ndo, &ipds->ip->ip_dst)));
vrrp_print(ndo, ipds->cp, ipds->len,
- (const u_char *)ipds->ip, ipds->ip->ip_ttl);
+ (const u_char *)ipds->ip,
+ EXTRACT_U_1(ipds->ip->ip_ttl));
}
break;
break;
default:
- if (ndo->ndo_nflag==0 && (proto = getprotobynumber(ipds->nh)) != NULL)
- ND_PRINT((ndo, " %s", proto->p_name));
+ if (ndo->ndo_nflag==0 && (p_name = netdb_protoname(ipds->nh)) != NULL)
+ ND_PRINT((ndo, " %s", p_name));
else
ND_PRINT((ndo, " ip-proto-%d", ipds->nh));
ND_PRINT((ndo, " %d", ipds->len));
const u_char *ipend;
u_int hlen;
struct cksum_vec vec[1];
+ uint8_t ip_tos, ip_ttl, ip_proto;
uint16_t sum, ip_sum;
- struct protoent *proto;
+ const char *p_name;
ipds->ip = (const struct ip *)bp;
ND_TCHECK(ipds->ip->ip_vhl);
- if (IP_V(ipds->ip) != 4) { /* print version if != 4 */
+ if (IP_V(ipds->ip) != 4) { /* print version and fail if != 4 */
if (IP_V(ipds->ip) == 6)
ND_PRINT((ndo, "IP6, wrong link-layer encapsulation "));
else
ND_PRINT((ndo, "IP%u ", IP_V(ipds->ip)));
+ return;
}
- else if (!ndo->ndo_eflag)
+ if (!ndo->ndo_eflag)
ND_PRINT((ndo, "IP "));
ND_TCHECK(*ipds->ip);
return;
}
- ipds->len = EXTRACT_16BITS(&ipds->ip->ip_len);
+ ipds->len = EXTRACT_BE_U_2(&ipds->ip->ip_len);
if (length < ipds->len)
ND_PRINT((ndo, "truncated-ip - %u bytes missing! ",
ipds->len - length));
ipds->len -= hlen;
- ipds->off = EXTRACT_16BITS(&ipds->ip->ip_off);
+ ipds->off = EXTRACT_BE_U_2(&ipds->ip->ip_off);
+
+ ip_proto = EXTRACT_U_1(ipds->ip->ip_p);
if (ndo->ndo_vflag) {
- ND_PRINT((ndo, "(tos 0x%x", (int)ipds->ip->ip_tos));
+ ip_tos = EXTRACT_U_1(ipds->ip->ip_tos);
+ ND_PRINT((ndo, "(tos 0x%x", ip_tos));
/* ECN bits */
- if (ipds->ip->ip_tos & 0x03) {
- switch (ipds->ip->ip_tos & 0x03) {
- case 1:
- ND_PRINT((ndo, ",ECT(1)"));
- break;
- case 2:
- ND_PRINT((ndo, ",ECT(0)"));
- break;
- case 3:
- ND_PRINT((ndo, ",CE"));
- }
+ switch (ip_tos & 0x03) {
+
+ case 0:
+ break;
+
+ case 1:
+ ND_PRINT((ndo, ",ECT(1)"));
+ break;
+
+ case 2:
+ ND_PRINT((ndo, ",ECT(0)"));
+ break;
+
+ case 3:
+ ND_PRINT((ndo, ",CE"));
+ break;
}
- if (ipds->ip->ip_ttl >= 1)
- ND_PRINT((ndo, ", ttl %u", ipds->ip->ip_ttl));
+ ip_ttl = EXTRACT_U_1(ipds->ip->ip_ttl);
+ if (ip_ttl >= 1)
+ ND_PRINT((ndo, ", ttl %u", ip_ttl));
/*
* for the firewall guys, print id, offset.
* On all but the last stick a "+" in the flags portion.
* For unfragmented datagrams, note the don't fragment flag.
*/
-
ND_PRINT((ndo, ", id %u, offset %u, flags [%s], proto %s (%u)",
- EXTRACT_16BITS(&ipds->ip->ip_id),
+ EXTRACT_BE_U_2(&ipds->ip->ip_id),
(ipds->off & 0x1fff) * 8,
bittok2str(ip_frag_values, "none", ipds->off&0xe000),
- tok2str(ipproto_values,"unknown",ipds->ip->ip_p),
- ipds->ip->ip_p));
+ tok2str(ipproto_values, "unknown", ip_proto),
+ ip_proto));
- ND_PRINT((ndo, ", length %u", EXTRACT_16BITS(&ipds->ip->ip_len)));
+ ND_PRINT((ndo, ", length %u", EXTRACT_BE_U_2(ipds->ip->ip_len)));
if ((hlen - sizeof(struct ip)) > 0) {
ND_PRINT((ndo, ", options ("));
vec[0].len = hlen;
sum = in_cksum(vec, 1);
if (sum != 0) {
- ip_sum = EXTRACT_16BITS(&ipds->ip->ip_sum);
+ ip_sum = EXTRACT_BE_U_2(ipds->ip->ip_sum);
ND_PRINT((ndo, ", bad cksum %x (->%x)!", ip_sum,
in_cksum_shouldbe(ip_sum, sum)));
}
}
- ND_PRINT((ndo, ")\n "));
+ ND_PRINT((ndo, ")\n "));
}
/*
*/
if ((ipds->off & 0x1fff) == 0) {
ipds->cp = (const u_char *)ipds->ip + hlen;
- ipds->nh = ipds->ip->ip_p;
+ ipds->nh = EXTRACT_U_1(ipds->ip->ip_p);
if (ipds->nh != IPPROTO_TCP && ipds->nh != IPPROTO_UDP &&
ipds->nh != IPPROTO_SCTP && ipds->nh != IPPROTO_DCCP) {
}
ip_print_demux(ndo, ipds);
} else {
- /* Ultra quiet now means that all this stuff should be suppressed */
- if (ndo->ndo_qflag > 1) return;
+ /*
+ * Ultra quiet now means that all this stuff should be
+ * suppressed.
+ */
+ if (ndo->ndo_qflag > 1)
+ return;
- /*
- * if this isn't the first frag, we're missing the
- * next level protocol header. print the ip addr
- * and the protocol.
- */
- if (ipds->off & 0x1fff) {
- ND_PRINT((ndo, "%s > %s:", ipaddr_string(ndo, &ipds->ip->ip_src),
- ipaddr_string(ndo, &ipds->ip->ip_dst)));
- if (!ndo->ndo_nflag && (proto = getprotobynumber(ipds->ip->ip_p)) != NULL)
- ND_PRINT((ndo, " %s", proto->p_name));
- else
- ND_PRINT((ndo, " ip-proto-%d", ipds->ip->ip_p));
- }
+ /*
+ * This isn't the first frag, so we're missing the
+ * next level protocol header. print the ip addr
+ * and the protocol.
+ */
+ ND_PRINT((ndo, "%s > %s:", ipaddr_string(ndo, &ipds->ip->ip_src),
+ ipaddr_string(ndo, &ipds->ip->ip_dst)));
+ if (!ndo->ndo_nflag && (p_name = netdb_protoname(ip_proto)) != NULL)
+ ND_PRINT((ndo, " %s", p_name));
+ else
+ ND_PRINT((ndo, " ip-proto-%u", ip_proto));
}
return;
void
ipN_print(netdissect_options *ndo, register const u_char *bp, register u_int length)
{
- struct ip hdr;
-
- if (length < 4) {
+ if (length < 1) {
ND_PRINT((ndo, "truncated-ip %d", length));
return;
}
- memcpy (&hdr, bp, 4);
- switch (IP_V(&hdr)) {
- case 4:
+
+ ND_TCHECK_1(bp);
+ switch (EXTRACT_U_1(bp) & 0xF0) {
+ case 0x40:
ip_print (ndo, bp, length);
- return;
- case 6:
+ break;
+ case 0x60:
ip6_print (ndo, bp, length);
- return;
+ break;
default:
- ND_PRINT((ndo, "unknown ip %d", IP_V(&hdr)));
- return;
+ ND_PRINT((ndo, "unknown ip %u", (EXTRACT_U_1(bp) & 0xF0) >> 4));
+ break;
}
+ return;
+
+trunc:
+ ND_PRINT((ndo, "%s", tstr));
+ return;
}
/*
projects / tcpdump / blobdiff