X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/11b62366cb1b48b596ecf4fb3f4e817f70378d00..refs/heads/master:/print-gre.c diff --git a/print-gre.c b/print-gre.c index 40496ca7..1d545b3f 100644 --- a/print-gre.c +++ b/print-gre.c @@ -44,9 +44,7 @@ * Virtual Subnet ID (VSID) and an 8-bit FlowID. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "netdissect-stdinc.h" @@ -55,14 +53,7 @@ #include "addrtostr.h" #include "extract.h" #include "ethertype.h" - - -#define GRE_CP 0x8000 /* checksum present */ -#define GRE_RP 0x4000 /* routing present */ -#define GRE_KP 0x2000 /* key present */ -#define GRE_SP 0x1000 /* sequence# present */ -#define GRE_sP 0x0800 /* source routing */ -#define GRE_AP 0x0080 /* acknowledgment# present */ +#include "gre.h" static const struct tok gre_flag_values[] = { { GRE_CP, "checksum present"}, @@ -85,7 +76,11 @@ static const struct tok gre_flag_values[] = { * Ethertype values used for GRE (but not elsewhere?). */ #define GRE_CDP 0x2000 /* Cisco Discovery Protocol */ +#define GRE_NHRP 0x2001 /* Next Hop Resolution Protocol */ +#define GRE_MIKROTIK_EOIP 0x6400 /* MikroTik RouterBoard Ethernet over IP (EoIP) */ +#define GRE_ERSPAN_III 0x22eb #define GRE_WCCP 0x883e /* Web Cache C* Protocol */ +#define GRE_ERSPAN_I_II 0x88be struct wccp_redirect { nd_uint8_t flags; @@ -235,7 +230,7 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length) * use it for keep-alives; see, for example, * https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html#anc1 */ - printf("keep-alive"); + ND_PRINT("keep-alive"); break; case GRE_WCCP: /* @@ -279,7 +274,7 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length) bp += sizeof(*wccp); len -= sizeof(*wccp); - printf(": "); + ND_PRINT(": "); } /* FALLTHROUGH */ case ETHERTYPE_IP: @@ -307,9 +302,18 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length) case ETHERTYPE_NSH: nsh_print(ndo, bp, len); break; + case GRE_ERSPAN_I_II: + erspan_i_ii_print(ndo, flags, bp, len); + break; + case GRE_ERSPAN_III: + erspan_iii_print(ndo, bp, len); + break; case GRE_CDP: cdp_print(ndo, bp, len); break; + case GRE_NHRP: + nhrp_print(ndo, bp, len); + break; default: ND_PRINT("gre-proto-0x%x", prot); } @@ -339,16 +343,48 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length) len -= 2; bp += 2; + /* + * This version is used for two purposes: + * + * RFC 2637 PPTP; + * Some Mikrotik Ethernet-over-IP hack. + */ + switch (prot) { + case GRE_MIKROTIK_EOIP: + /* + * The MikroTik hack uses only the key field, and uses it + * for its own purposes. If anything other than the version + * and K bit are set, report an error and give up. + */ + if ((flags & ~GRE_VERS_MASK) != GRE_KP) { + ND_PRINT(" unknown-eoip-flags-%04x!", flags); + return; + } + break; + default: + /* + * XXX - what should we do if it's not ETHERTYPE_PPP? + */ + break; + } if (flags & GRE_KP) { - uint32_t k; + /* Skip payload length? */ + ND_ICHECK_U(len, <, 2); + ND_TCHECK_2(bp); + len -= 2; + bp += 2; - ND_ICHECK_U(len, <, 4); - k = GET_BE_U_4(bp); - ND_PRINT(", call %u", k & 0xffff); - len -= 4; - bp += 4; - } + ND_ICHECK_U(len, <, 2); + if (prot == GRE_MIKROTIK_EOIP) { + /* Non-standard */ + ND_PRINT(", tunnel-id %u", GET_BE_U_2(bp)); + } else + ND_PRINT(", call %u", GET_BE_U_2(bp)); + len -= 2; + bp += 2; + } else + ND_PRINT(", (ERROR: K flag not set)"); if (flags & GRE_SP) { ND_ICHECK_U(len, <, 4); @@ -364,7 +400,10 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length) len -= 4; } - if ((flags & GRE_SP) == 0) + /* + * More non-standard EoIP behavior. + */ + if (prot != GRE_MIKROTIK_EOIP && (flags & GRE_SP) == 0) ND_PRINT(", no-payload"); if (ndo->ndo_eflag) @@ -373,7 +412,10 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length) ND_PRINT(", length %u",length); - if ((flags & GRE_SP) == 0) + /* + * More non-standard EoIP behavior. + */ + if (prot != GRE_MIKROTIK_EOIP && (flags & GRE_SP) == 0) return; if (ndo->ndo_vflag < 1) @@ -385,6 +427,13 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length) case ETHERTYPE_PPP: ppp_print(ndo, bp, len); break; + case GRE_MIKROTIK_EOIP: + /* MikroTik RouterBoard Ethernet over IP (EoIP) */ + if (len == 0) + ND_PRINT("keepalive"); + else + ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL); + break; default: ND_PRINT("gre-proto-0x%x", prot); break;