X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/0b0686d0d953cb733d0ba664885bbb382f6ac64a..refs/heads/master:/print-gre.c

diff --git a/print-gre.c b/print-gre.c
index db6ebfac..1d545b3f 100644
--- a/print-gre.c
+++ b/print-gre.c
@@ -44,9 +44,7 @@
  * Virtual Subnet ID (VSID) and an 8-bit FlowID.
  */
 
-#ifdef HAVE_CONFIG_H
 #include <config.h>
-#endif
 
 #include "netdissect-stdinc.h"
 
@@ -55,14 +53,7 @@
 #include "addrtostr.h"
 #include "extract.h"
 #include "ethertype.h"
-
-
-#define	GRE_CP		0x8000		/* checksum present */
-#define	GRE_RP		0x4000		/* routing present */
-#define	GRE_KP		0x2000		/* key present */
-#define	GRE_SP		0x1000		/* sequence# present */
-#define	GRE_sP		0x0800		/* source routing */
-#define	GRE_AP		0x0080		/* acknowledgment# present */
+#include "gre.h"
 
 static const struct tok gre_flag_values[] = {
     { GRE_CP, "checksum present"},
@@ -84,7 +75,12 @@ static const struct tok gre_flag_values[] = {
 /*
  * Ethertype values used for GRE (but not elsewhere?).
  */
+#define GRE_CDP			0x2000	/* Cisco Discovery Protocol */
+#define GRE_NHRP		0x2001	/* Next Hop Resolution Protocol */
+#define GRE_MIKROTIK_EOIP	0x6400	/* MikroTik RouterBoard Ethernet over IP (EoIP) */
+#define GRE_ERSPAN_III		0x22eb
 #define GRE_WCCP		0x883e	/* Web Cache C* Protocol */
+#define GRE_ERSPAN_I_II		0x88be
 
 struct wccp_redirect {
 	nd_uint8_t	flags;
@@ -234,7 +230,7 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
 		 * use it for keep-alives; see, for example,
 		 * https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html#anc1
 		 */
-		printf("keep-alive");
+		ND_PRINT("keep-alive");
 		break;
 	case GRE_WCCP:
 		/*
@@ -242,13 +238,13 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
 		 *
 		 * This may either just mean "IPv4" or it may mean
 		 * "IPv4 preceded by a WCCP redirect header".  We
-		 * check to seeif the first octet looks like the
+		 * check to see if the first octet looks like the
 		 * beginning of an IPv4 header and, if not, dissect
 		 * it "IPv4 preceded by a WCCP redirect header",
 		 * otherwise we dissect it as just IPv4.
 		 *
 		 * See "Packet redirection" in draft-forster-wrec-wccp-v1-00,
-		 * scetion 4.12 "Traffic Forwarding" in
+		 * section 4.12 "Traffic Forwarding" in
 		 * draft-wilson-wrec-wccp-v2-01, and section 3.12.1
 		 * "Forwarding using GRE Encapsulation" in
 		 * draft-param-wccp-v2rev1-01.
@@ -278,10 +274,9 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
 			bp += sizeof(*wccp);
 			len -= sizeof(*wccp);
 
-			printf(": ");
+			ND_PRINT(": ");
 		}
 		/* FALLTHROUGH */
-		break;
 	case ETHERTYPE_IP:
 		ip_print(ndo, bp, len);
 		break;
@@ -307,6 +302,18 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
 	case ETHERTYPE_NSH:
 		nsh_print(ndo, bp, len);
 		break;
+	case GRE_ERSPAN_I_II:
+		erspan_i_ii_print(ndo, flags, bp, len);
+		break;
+	case GRE_ERSPAN_III:
+		erspan_iii_print(ndo, bp, len);
+		break;
+	case GRE_CDP:
+		cdp_print(ndo, bp, len);
+		break;
+	case GRE_NHRP:
+		nhrp_print(ndo, bp, len);
+		break;
 	default:
 		ND_PRINT("gre-proto-0x%x", prot);
 	}
@@ -336,16 +343,48 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
 	len -= 2;
 	bp += 2;
 
+	/*
+	 * This version is used for two purposes:
+	 *
+	 *  RFC 2637 PPTP;
+	 *  Some Mikrotik Ethernet-over-IP hack.
+	 */
+	switch (prot) {
+	case GRE_MIKROTIK_EOIP:
+		/*
+		 * The MikroTik hack uses only the key field, and uses it
+		 * for its own purposes.  If anything other than the version
+		 * and K bit are set, report an error and give up.
+		 */
+		if ((flags & ~GRE_VERS_MASK) != GRE_KP) {
+			ND_PRINT(" unknown-eoip-flags-%04x!", flags);
+			return;
+		}
+		break;
+	default:
+		/*
+		 * XXX - what should we do if it's not ETHERTYPE_PPP?
+		 */
+		break;
+	}
 
 	if (flags & GRE_KP) {
-		uint32_t k;
+		/* Skip payload length? */
+		ND_ICHECK_U(len, <, 2);
+		ND_TCHECK_2(bp);
+		len -= 2;
+		bp += 2;
 
-		ND_ICHECK_U(len, <, 4);
-		k = GET_BE_U_4(bp);
-		ND_PRINT(", call %u", k & 0xffff);
-		len -= 4;
-		bp += 4;
-	}
+		ND_ICHECK_U(len, <, 2);
+		if (prot == GRE_MIKROTIK_EOIP) {
+			/* Non-standard */
+			ND_PRINT(", tunnel-id %u", GET_BE_U_2(bp));
+		} else
+			ND_PRINT(", call %u", GET_BE_U_2(bp));
+		len -= 2;
+		bp += 2;
+	} else
+		ND_PRINT(", (ERROR: K flag not set)");
 
 	if (flags & GRE_SP) {
 		ND_ICHECK_U(len, <, 4);
@@ -361,7 +400,10 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
 		len -= 4;
 	}
 
-	if ((flags & GRE_SP) == 0)
+	/*
+	 * More non-standard EoIP behavior.
+	 */
+	if (prot != GRE_MIKROTIK_EOIP && (flags & GRE_SP) == 0)
 		ND_PRINT(", no-payload");
 
 	if (ndo->ndo_eflag)
@@ -370,7 +412,10 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
 
 	ND_PRINT(", length %u",length);
 
-	if ((flags & GRE_SP) == 0)
+	/*
+	 * More non-standard EoIP behavior.
+	 */
+	if (prot != GRE_MIKROTIK_EOIP && (flags & GRE_SP) == 0)
 		return;
 
 	if (ndo->ndo_vflag < 1)
@@ -382,6 +427,13 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
 	case ETHERTYPE_PPP:
 		ppp_print(ndo, bp, len);
 		break;
+	case GRE_MIKROTIK_EOIP:
+		/* MikroTik RouterBoard Ethernet over IP (EoIP) */
+		if (len == 0)
+			ND_PRINT("keepalive");
+		else
+			ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL);
+		break;
 	default:
 		ND_PRINT("gre-proto-0x%x", prot);
 		break;