+/* $OpenBSD: print-gre.c,v 1.6 2002/10/30 03:04:04 fgsch Exp $ */
+
/*
- * Copyright (c) 1996
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms are permitted
- * provided that the above copyright notice and this paragraph are
- * duplicated in all such forms and that any documentation,
- * advertising materials, and other materials related to such
- * distribution and use acknowledge that the software was developed
- * by the University of California, Lawrence Berkeley Laboratory,
- * Berkeley, CA. The name of the University may not be used to
- * endorse or promote products derived from this software without
- * specific prior written permission.
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * All rights reserved.
*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Jason L. Wright
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
*
- * This module implements support for decoding GRE (Generic Routing
- * Encapsulation) tunnels; they're documented in RFC1701 and RFC1702.
- * This code only supports the IP encapsulation thereof.
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef lint
-static const char rcsid[] =
- "@(#) $Header: /tcpdump/master/tcpdump/print-gre.c,v 1.13 2001-06-15 22:17:31 fenner Exp $";
-#endif
+/* \summary: Generic Routing Encapsulation (GRE) printer */
+
+/*
+ * netdissect printer for GRE - Generic Routing Encapsulation
+ * RFC1701 (GRE), RFC1702 (GRE IPv4), and RFC2637 (Enhanced GRE)
+ */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#include <sys/param.h>
-#include <sys/time.h>
-#include <sys/uio.h>
-#include <sys/socket.h>
+#include <netdissect-stdinc.h>
-#include <netinet/in.h>
+#include <string.h>
-#include <netdb.h>
-#include <stdio.h>
+#include "netdissect.h"
+#include "addrtostr.h"
+#include "extract.h"
+#include "ethertype.h"
-#include "interface.h"
-#include "addrtoname.h"
-#include "extract.h" /* must come after interface.h */
+static const char tstr[] = "[|gre]";
-struct gre {
- u_int16_t flags;
- u_int16_t proto;
+#define GRE_CP 0x8000 /* checksum present */
+#define GRE_RP 0x4000 /* routing present */
+#define GRE_KP 0x2000 /* key present */
+#define GRE_SP 0x1000 /* sequence# present */
+#define GRE_sP 0x0800 /* source routing */
+#define GRE_RECRS 0x0700 /* recursion count */
+#define GRE_AP 0x0080 /* acknowledgment# present */
+
+static const struct tok gre_flag_values[] = {
+ { GRE_CP, "checksum present"},
+ { GRE_RP, "routing present"},
+ { GRE_KP, "key present"},
+ { GRE_SP, "sequence# present"},
+ { GRE_sP, "source routing present"},
+ { GRE_RECRS, "recursion count"},
+ { GRE_AP, "ack present"},
+ { 0, NULL }
};
-/* RFC 2784 - GRE */
-#define GRE_CP 0x8000 /* Checksum Present */
-#define GRE_VER_MASK 0x0007 /* Version */
+#define GRE_VERS_MASK 0x0007 /* protocol version */
-/* RFC 2890 - Key and Sequence extensions to GRE */
-#define GRE_KP 0x2000 /* Key Present */
-#define GRE_SP 0x1000 /* Sequence Present */
+/* source route entry types */
+#define GRESRE_IP 0x0800 /* IP */
+#define GRESRE_ASN 0xfffe /* ASN */
-/* Legacy from RFC 1700 */
-#define GRE_RP 0x4000 /* Routing Present */
-#define GRE_sP 0x0800 /* strict source route present */
-#define GRE_RECUR_MASK 0x0700 /* Recursion Control */
-#define GRE_RECUR_SHIFT 8
+static void gre_print_0(netdissect_options *, const u_char *, u_int);
+static void gre_print_1(netdissect_options *, const u_char *, u_int);
+static int gre_sre_print(netdissect_options *, uint16_t, uint8_t, uint8_t, const u_char *, u_int);
+static int gre_sre_ip_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
+static int gre_sre_asn_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int);
-#define GRE_COP (GRE_RP|GRE_CP) /* Checksum & Offset Present */
+void
+gre_print(netdissect_options *ndo, const u_char *bp, u_int length)
+{
+ u_int len = length, vers;
-/* "Enhanced GRE" from RFC2637 - PPTP */
-#define GRE_AP 0x0080 /* Ack present */
+ ND_TCHECK2(*bp, 2);
+ if (len < 2)
+ goto trunc;
+ vers = EXTRACT_16BITS(bp) & GRE_VERS_MASK;
+ ND_PRINT((ndo, "GREv%u",vers));
-#define GRE_MBZ_MASK 0x0078 /* not defined */
+ switch(vers) {
+ case 0:
+ gre_print_0(ndo, bp, len);
+ break;
+ case 1:
+ gre_print_1(ndo, bp, len);
+ break;
+ default:
+ ND_PRINT((ndo, " ERROR: unknown-version"));
+ break;
+ }
+ return;
-/*
- * Deencapsulate and print a GRE-tunneled IP datagram
- */
-void
-gre_print(const u_char *bp, u_int length)
+trunc:
+ ND_PRINT((ndo, "%s", tstr));
+ return;
+}
+
+static void
+gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
{
- const u_char *cp = bp + 4;
- const struct gre *gre;
- u_int16_t flags, proto;
- u_short ver=0;
- u_short extracted_ethertype;
-
- gre = (const struct gre *)bp;
-
- TCHECK(gre->proto);
- flags = EXTRACT_16BITS(&gre->flags);
- proto = EXTRACT_16BITS(&gre->proto);
- (void)printf("gre ");
-
- if (flags) {
- /* Decode the flags */
- putchar('[');
- if (flags & GRE_CP)
- putchar('C');
- if (flags & GRE_RP)
- putchar('R');
- if (flags & GRE_KP)
- putchar('K');
- if (flags & GRE_SP)
- putchar('S');
- if (flags & GRE_sP)
- putchar('s');
- if (flags & GRE_AP)
- putchar('A');
- if (flags & GRE_RECUR_MASK)
- printf("R%x", (flags & GRE_RECUR_MASK) >> GRE_RECUR_SHIFT);
- ver = flags & GRE_VER_MASK;
- printf("v%u", ver);
-
- if (flags & GRE_MBZ_MASK)
- printf("!%x", flags & GRE_MBZ_MASK);
- fputs("] ", stdout);
- }
-
- if (flags & GRE_COP) {
- int checksum, offset;
-
- TCHECK2(*cp, 4);
- checksum = EXTRACT_16BITS(cp);
- offset = EXTRACT_16BITS(cp + 2);
-
- if (flags & GRE_CP) {
- /* Checksum present */
-
- /* todo: check checksum */
- if (vflag > 1)
- printf("C:%04x ", checksum);
- }
- if (flags & GRE_RP) {
- /* Offset present */
+ u_int len = length;
+ uint16_t flags, prot;
- if (vflag > 1)
- printf("O:%04x ", offset);
- }
- cp += 4; /* skip checksum and offset */
+ flags = EXTRACT_16BITS(bp);
+ if (ndo->ndo_vflag)
+ ND_PRINT((ndo, ", Flags [%s]",
+ bittok2str(gre_flag_values,"none",flags)));
+
+ len -= 2;
+ bp += 2;
+
+ ND_TCHECK2(*bp, 2);
+ if (len < 2)
+ goto trunc;
+ prot = EXTRACT_16BITS(bp);
+ len -= 2;
+ bp += 2;
+
+ if ((flags & GRE_CP) | (flags & GRE_RP)) {
+ ND_TCHECK2(*bp, 2);
+ if (len < 2)
+ goto trunc;
+ if (ndo->ndo_vflag)
+ ND_PRINT((ndo, ", sum 0x%x", EXTRACT_16BITS(bp)));
+ bp += 2;
+ len -= 2;
+
+ ND_TCHECK2(*bp, 2);
+ if (len < 2)
+ goto trunc;
+ ND_PRINT((ndo, ", off 0x%x", EXTRACT_16BITS(bp)));
+ bp += 2;
+ len -= 2;
}
+
if (flags & GRE_KP) {
- TCHECK2(*cp, 4);
- if (ver == 1) { /* PPTP */
- if (vflag > 1)
- printf("PL:%u ", EXTRACT_16BITS(cp));
- printf("ID:%04x ", EXTRACT_16BITS(cp+2));
+ ND_TCHECK2(*bp, 4);
+ if (len < 4)
+ goto trunc;
+ ND_PRINT((ndo, ", key=0x%x", EXTRACT_32BITS(bp)));
+ bp += 4;
+ len -= 4;
+ }
+
+ if (flags & GRE_SP) {
+ ND_TCHECK2(*bp, 4);
+ if (len < 4)
+ goto trunc;
+ ND_PRINT((ndo, ", seq %u", EXTRACT_32BITS(bp)));
+ bp += 4;
+ len -= 4;
+ }
+
+ if (flags & GRE_RP) {
+ for (;;) {
+ uint16_t af;
+ uint8_t sreoff;
+ uint8_t srelen;
+
+ ND_TCHECK2(*bp, 4);
+ if (len < 4)
+ goto trunc;
+ af = EXTRACT_16BITS(bp);
+ sreoff = *(bp + 2);
+ srelen = *(bp + 3);
+ bp += 4;
+ len -= 4;
+
+ if (af == 0 && srelen == 0)
+ break;
+
+ if (!gre_sre_print(ndo, af, sreoff, srelen, bp, len))
+ goto trunc;
+
+ if (len < srelen)
+ goto trunc;
+ bp += srelen;
+ len -= srelen;
}
- else
- printf("K:%08x ", EXTRACT_32BITS(cp));
- cp += 4; /* skip key */
}
+
+ if (ndo->ndo_eflag)
+ ND_PRINT((ndo, ", proto %s (0x%04x)",
+ tok2str(ethertype_values,"unknown",prot),
+ prot));
+
+ ND_PRINT((ndo, ", length %u",length));
+
+ if (ndo->ndo_vflag < 1)
+ ND_PRINT((ndo, ": ")); /* put in a colon as protocol demarc */
+ else
+ ND_PRINT((ndo, "\n\t")); /* if verbose go multiline */
+
+ switch (prot) {
+ case ETHERTYPE_IP:
+ ip_print(ndo, bp, len);
+ break;
+ case ETHERTYPE_IPV6:
+ ip6_print(ndo, bp, len);
+ break;
+ case ETHERTYPE_MPLS:
+ mpls_print(ndo, bp, len);
+ break;
+ case ETHERTYPE_IPX:
+ ipx_print(ndo, bp, len);
+ break;
+ case ETHERTYPE_ATALK:
+ atalk_print(ndo, bp, len);
+ break;
+ case ETHERTYPE_GRE_ISO:
+ isoclns_print(ndo, bp, len, ndo->ndo_snapend - bp);
+ break;
+ case ETHERTYPE_TEB:
+ ether_print(ndo, bp, len, ndo->ndo_snapend - bp, NULL, NULL);
+ break;
+ default:
+ ND_PRINT((ndo, "gre-proto-0x%x", prot));
+ }
+ return;
+
+trunc:
+ ND_PRINT((ndo, "%s", tstr));
+}
+
+static void
+gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
+{
+ u_int len = length;
+ uint16_t flags, prot;
+
+ flags = EXTRACT_16BITS(bp);
+ len -= 2;
+ bp += 2;
+
+ if (ndo->ndo_vflag)
+ ND_PRINT((ndo, ", Flags [%s]",
+ bittok2str(gre_flag_values,"none",flags)));
+
+ ND_TCHECK2(*bp, 2);
+ if (len < 2)
+ goto trunc;
+ prot = EXTRACT_16BITS(bp);
+ len -= 2;
+ bp += 2;
+
+
+ if (flags & GRE_KP) {
+ uint32_t k;
+
+ ND_TCHECK2(*bp, 4);
+ if (len < 4)
+ goto trunc;
+ k = EXTRACT_32BITS(bp);
+ ND_PRINT((ndo, ", call %d", k & 0xffff));
+ len -= 4;
+ bp += 4;
+ }
+
if (flags & GRE_SP) {
- TCHECK2(*cp, 4);
- printf("S:%u ", EXTRACT_32BITS(cp));
- cp += 4; /* skip seq */
+ ND_TCHECK2(*bp, 4);
+ if (len < 4)
+ goto trunc;
+ ND_PRINT((ndo, ", seq %u", EXTRACT_32BITS(bp)));
+ bp += 4;
+ len -= 4;
}
- if (flags & GRE_AP && ver >= 1) {
- TCHECK2(*cp, 4);
- printf("A:%u ", EXTRACT_32BITS(cp));
- cp += 4; /* skip ack */
+
+ if (flags & GRE_AP) {
+ ND_TCHECK2(*bp, 4);
+ if (len < 4)
+ goto trunc;
+ ND_PRINT((ndo, ", ack %u", EXTRACT_32BITS(bp)));
+ bp += 4;
+ len -= 4;
}
- /* We don't support routing fields (variable length) now. Punt. */
- if (flags & GRE_RP)
- return;
- TCHECK(cp[0]);
+ if ((flags & GRE_SP) == 0)
+ ND_PRINT((ndo, ", no-payload"));
- length -= cp - bp;
- if (ether_encap_print(proto, cp, length, length,
- &extracted_ethertype) == 0)
- printf("gre-proto-0x%04X", proto);
+ if (ndo->ndo_eflag)
+ ND_PRINT((ndo, ", proto %s (0x%04x)",
+ tok2str(ethertype_values,"unknown",prot),
+ prot));
+
+ ND_PRINT((ndo, ", length %u",length));
+
+ if ((flags & GRE_SP) == 0)
+ return;
+
+ if (ndo->ndo_vflag < 1)
+ ND_PRINT((ndo, ": ")); /* put in a colon as protocol demarc */
+ else
+ ND_PRINT((ndo, "\n\t")); /* if verbose go multiline */
+
+ switch (prot) {
+ case ETHERTYPE_PPP:
+ ppp_print(ndo, bp, len);
+ break;
+ default:
+ ND_PRINT((ndo, "gre-proto-0x%x", prot));
+ break;
+ }
return;
trunc:
- fputs("[|gre]", stdout);
+ ND_PRINT((ndo, "%s", tstr));
+}
+
+static int
+gre_sre_print(netdissect_options *ndo, uint16_t af, uint8_t sreoff,
+ uint8_t srelen, const u_char *bp, u_int len)
+{
+ int ret;
+
+ switch (af) {
+ case GRESRE_IP:
+ ND_PRINT((ndo, ", (rtaf=ip"));
+ ret = gre_sre_ip_print(ndo, sreoff, srelen, bp, len);
+ ND_PRINT((ndo, ")"));
+ break;
+ case GRESRE_ASN:
+ ND_PRINT((ndo, ", (rtaf=asn"));
+ ret = gre_sre_asn_print(ndo, sreoff, srelen, bp, len);
+ ND_PRINT((ndo, ")"));
+ break;
+ default:
+ ND_PRINT((ndo, ", (rtaf=0x%x)", af));
+ ret = 1;
+ }
+ return (ret);
+}
+
+static int
+gre_sre_ip_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
+ const u_char *bp, u_int len)
+{
+ const u_char *up = bp;
+ char buf[INET_ADDRSTRLEN];
+ if (sreoff & 3) {
+ ND_PRINT((ndo, ", badoffset=%u", sreoff));
+ return (1);
+ }
+ if (srelen & 3) {
+ ND_PRINT((ndo, ", badlength=%u", srelen));
+ return (1);
+ }
+ if (sreoff >= srelen) {
+ ND_PRINT((ndo, ", badoff/len=%u/%u", sreoff, srelen));
+ return (1);
+ }
+
+ while (srelen != 0) {
+ if (!ND_TTEST2(*bp, 4))
+ return (0);
+ if (len < 4)
+ return (0);
+
+ addrtostr(bp, buf, sizeof(buf));
+ ND_PRINT((ndo, " %s%s",
+ ((bp - up) == sreoff) ? "*" : "", buf));
+
+ bp += 4;
+ len -= 4;
+ srelen -= 4;
+ }
+ return (1);
+}
+
+static int
+gre_sre_asn_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen,
+ const u_char *bp, u_int len)
+{
+ const u_char *up = bp;
+
+ if (sreoff & 1) {
+ ND_PRINT((ndo, ", badoffset=%u", sreoff));
+ return (1);
+ }
+ if (srelen & 1) {
+ ND_PRINT((ndo, ", badlength=%u", srelen));
+ return (1);
+ }
+ if (sreoff >= srelen) {
+ ND_PRINT((ndo, ", badoff/len=%u/%u", sreoff, srelen));
+ return (1);
+ }
+
+ while (srelen != 0) {
+ if (!ND_TTEST2(*bp, 2))
+ return (0);
+ if (len < 2)
+ return (0);
+
+ ND_PRINT((ndo, " %s%x",
+ ((bp - up) == sreoff) ? "*" : "",
+ EXTRACT_16BITS(bp)));
+
+ bp += 2;
+ len -= 2;
+ srelen -= 2;
+ }
+ return (1);
}
projects / tcpdump / blobdiff