X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/4c6bada75863c064314bc52daf899e37cc8b39e3..f64a4a5f49bcbcb996820b566d7ffe9f7cefe4f3:/print-gre.c diff --git a/print-gre.c b/print-gre.c index aa05dc58..30bb6c21 100644 --- a/print-gre.c +++ b/print-gre.c @@ -1,175 +1,548 @@ +/* $OpenBSD: print-gre.c,v 1.6 2002/10/30 03:04:04 fgsch Exp $ */ + /* - * Copyright (c) 1996 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that the above copyright notice and this paragraph are - * duplicated in all such forms and that any documentation, - * advertising materials, and other materials related to such - * distribution and use acknowledge that the software was developed - * by the University of California, Lawrence Berkeley Laboratory, - * Berkeley, CA. The name of the University may not be used to - * endorse or promote products derived from this software without - * specific prior written permission. - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * Copyright (c) 2002 Jason L. Wright (jason@thought.net) + * All rights reserved. * - * Initial contribution from John Hawkinson + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * This module implements support for decoding GRE (Generic Routing - * Encapsulation) tunnels; they're documented in RFC1701 and RFC1702. - * This code only supports the IP encapsulation thereof. + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ -#ifndef lint -static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/print-gre.c,v 1.14 2002-06-01 23:50:31 guy Exp $"; -#endif +/* \summary: Generic Routing Encapsulation (GRE) printer */ + +/* + * netdissect printer for GRE - Generic Routing Encapsulation + * RFC 1701 (GRE), RFC 1702 (GRE IPv4), RFC 2637 (PPTP, which + * has an extended form of GRE), RFC 2784 (revised GRE, with + * R, K, S, and s bits and Recur and Offset fields now reserved + * in the header, and no optional Key or Sequence number in the + * header), and RFC 2890 (proposal to add back the K and S bits + * and the optional Key and Sequence number). + * + * The RFC 2637 PPTP GRE repurposes the Key field to hold a + * 16-bit Payload Length and a 16-bit Call ID. + * + * RFC 7637 (NVGRE) repurposes the Key field to hold a 24-bit + * Virtual Subnet ID (VSID) and an 8-bit FlowID. + */ #ifdef HAVE_CONFIG_H -#include "config.h" +#include #endif -#include -#include -#include +#include "netdissect-stdinc.h" -#include +#define ND_LONGJMP_FROM_TCHECK +#include "netdissect.h" +#include "addrtostr.h" +#include "extract.h" +#include "ethertype.h" -#include -#include -#include "interface.h" -#include "addrtoname.h" -#include "extract.h" /* must come after interface.h */ +#define GRE_CP 0x8000 /* checksum present */ +#define GRE_RP 0x4000 /* routing present */ +#define GRE_KP 0x2000 /* key present */ +#define GRE_SP 0x1000 /* sequence# present */ +#define GRE_sP 0x0800 /* source routing */ +#define GRE_AP 0x0080 /* acknowledgment# present */ -struct gre { - u_int16_t flags; - u_int16_t proto; +static const struct tok gre_flag_values[] = { + { GRE_CP, "checksum present"}, + { GRE_RP, "routing present"}, + { GRE_KP, "key present"}, + { GRE_SP, "sequence# present"}, + { GRE_sP, "source routing present"}, + { GRE_AP, "ack present"}, + { 0, NULL } }; -/* RFC 2784 - GRE */ -#define GRE_CP 0x8000 /* Checksum Present */ -#define GRE_VER_MASK 0x0007 /* Version */ - -/* RFC 2890 - Key and Sequence extensions to GRE */ -#define GRE_KP 0x2000 /* Key Present */ -#define GRE_SP 0x1000 /* Sequence Present */ +#define GRE_RECRS_MASK 0x0700 /* recursion count */ +#define GRE_VERS_MASK 0x0007 /* protocol version */ -/* Legacy from RFC 1700 */ -#define GRE_RP 0x4000 /* Routing Present */ -#define GRE_sP 0x0800 /* strict source route present */ -#define GRE_RECUR_MASK 0x0700 /* Recursion Control */ -#define GRE_RECUR_SHIFT 8 +/* source route entry types */ +#define GRESRE_IP 0x0800 /* IP */ +#define GRESRE_ASN 0xfffe /* ASN */ -#define GRE_COP (GRE_RP|GRE_CP) /* Checksum & Offset Present */ +/* + * Ethertype values used for GRE (but not elsewhere?). + */ +#define GRE_CDP 0x2000 /* Cisco Discovery Protocol */ +#define GRE_NHRP 0x2001 /* Next Hop Resolution Protocol */ +#define GRE_MIKROTIK_EOIP 0x6400 /* MikroTik RouterBoard Ethernet over IP (EoIP) */ +#define GRE_ERSPAN_III 0x22eb +#define GRE_WCCP 0x883e /* Web Cache C* Protocol */ +#define GRE_ERSPAN_I_II 0x88be -/* "Enhanced GRE" from RFC2637 - PPTP */ -#define GRE_AP 0x0080 /* Ack present */ +struct wccp_redirect { + nd_uint8_t flags; +#define WCCP_T (1 << 7) +#define WCCP_A (1 << 6) +#define WCCP_U (1 << 5) + nd_uint8_t ServiceId; + nd_uint8_t AltBucket; + nd_uint8_t PriBucket; +}; -#define GRE_MBZ_MASK 0x0078 /* not defined */ +static void gre_print_0(netdissect_options *, const u_char *, u_int); +static void gre_print_1(netdissect_options *, const u_char *, u_int); +static int gre_sre_print(netdissect_options *, uint16_t, uint8_t, uint8_t, const u_char *, u_int); +static int gre_sre_ip_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int); +static int gre_sre_asn_print(netdissect_options *, uint8_t, uint8_t, const u_char *, u_int); -/* - * Deencapsulate and print a GRE-tunneled IP datagram - */ void -gre_print(const u_char *bp, u_int length) +gre_print(netdissect_options *ndo, const u_char *bp, u_int length) +{ + u_int vers; + + ndo->ndo_protocol = "gre"; + nd_print_protocol_caps(ndo); + ND_ICHECK_U(length, <, 2); + vers = GET_BE_U_2(bp) & GRE_VERS_MASK; + ND_PRINT("v%u",vers); + + switch(vers) { + case 0: + gre_print_0(ndo, bp, length); + break; + case 1: + gre_print_1(ndo, bp, length); + break; + default: + ND_PRINT(" ERROR: unknown-version"); + break; + } + return; + +invalid: + nd_print_invalid(ndo); +} + +static void +gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length) { - const u_char *cp = bp + 4; - const struct gre *gre; - u_int16_t flags, proto; - u_short ver=0; - u_short extracted_ethertype; - - gre = (const struct gre *)bp; - - TCHECK(gre->proto); - flags = EXTRACT_16BITS(&gre->flags); - proto = EXTRACT_16BITS(&gre->proto); - (void)printf("gre "); - - if (flags) { - /* Decode the flags */ - putchar('['); - if (flags & GRE_CP) - putchar('C'); - if (flags & GRE_RP) - putchar('R'); - if (flags & GRE_KP) - putchar('K'); - if (flags & GRE_SP) - putchar('S'); - if (flags & GRE_sP) - putchar('s'); - if (flags & GRE_AP) - putchar('A'); - if (flags & GRE_RECUR_MASK) - printf("R%x", (flags & GRE_RECUR_MASK) >> GRE_RECUR_SHIFT); - ver = flags & GRE_VER_MASK; - printf("v%u", ver); - - if (flags & GRE_MBZ_MASK) - printf("!%x", flags & GRE_MBZ_MASK); - fputs("] ", stdout); - } - - if (flags & GRE_COP) { - int checksum, offset; - - TCHECK2(*cp, 4); - checksum = EXTRACT_16BITS(cp); - offset = EXTRACT_16BITS(cp + 2); - - if (flags & GRE_CP) { - /* Checksum present */ - - /* todo: check checksum */ - if (vflag > 1) - printf("C:%04x ", checksum); + u_int len = length; + uint16_t flags, prot; + + ND_ICHECK_U(len, <, 2); + flags = GET_BE_U_2(bp); + if (ndo->ndo_vflag) + ND_PRINT(", Flags [%s]", + bittok2str(gre_flag_values,"none",flags)); + + len -= 2; + bp += 2; + + ND_ICHECK_U(len, <, 2); + prot = GET_BE_U_2(bp); + len -= 2; + bp += 2; + + if ((flags & GRE_CP) | (flags & GRE_RP)) { + uint16_t sum; + + ND_ICHECK_U(len, <, 2); + sum = GET_BE_U_2(bp); + if (ndo->ndo_vflag) + ND_PRINT(", sum 0x%x", sum); + bp += 2; + len -= 2; + + ND_ICHECK_U(len, <, 2); + ND_PRINT(", off 0x%x", GET_BE_U_2(bp)); + bp += 2; + len -= 2; + } + + if (flags & GRE_KP) { + uint32_t key; + + ND_ICHECK_U(len, <, 4); + key = GET_BE_U_4(bp); + bp += 4; + len -= 4; + + /* + * OpenBSD shows this as both a 32-bit + * (decimal) key value and a VSID+FlowID + * pair, with the VSID in decimal and + * the FlowID in hex, as key=|+, + * in case this is NVGRE. + */ + ND_PRINT(", key=0x%x", key); + } + + if (flags & GRE_SP) { + ND_ICHECK_U(len, <, 4); + ND_PRINT(", seq %u", GET_BE_U_4(bp)); + bp += 4; + len -= 4; + } + + if (flags & GRE_RP) { + for (;;) { + uint16_t af; + uint8_t sreoff; + uint8_t srelen; + + ND_ICHECK_U(len, <, 4); + af = GET_BE_U_2(bp); + sreoff = GET_U_1(bp + 2); + srelen = GET_U_1(bp + 3); + bp += 4; + len -= 4; + + if (af == 0 && srelen == 0) + break; + + if (!gre_sre_print(ndo, af, sreoff, srelen, bp, len)) + goto invalid; + + ND_ICHECK_U(len, <, srelen); + bp += srelen; + len -= srelen; } - if (flags & GRE_RP) { - /* Offset present */ + } + + if (ndo->ndo_eflag) + ND_PRINT(", proto %s (0x%04x)", + tok2str(ethertype_values,"unknown",prot), prot); + + ND_PRINT(", length %u",length); + + if (ndo->ndo_vflag < 1) + ND_PRINT(": "); /* put in a colon as protocol demarc */ + else + ND_PRINT("\n\t"); /* if verbose go multiline */ + + switch (prot) { + case 0x0000: + /* + * 0x0000 is reserved, but Cisco, at least, appears to + * use it for keep-alives; see, for example, + * https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html#anc1 + */ + printf("keep-alive"); + break; + case GRE_WCCP: + /* + * This is a bit weird. + * + * This may either just mean "IPv4" or it may mean + * "IPv4 preceded by a WCCP redirect header". We + * check to see if the first octet looks like the + * beginning of an IPv4 header and, if not, dissect + * it "IPv4 preceded by a WCCP redirect header", + * otherwise we dissect it as just IPv4. + * + * See "Packet redirection" in draft-forster-wrec-wccp-v1-00, + * section 4.12 "Traffic Forwarding" in + * draft-wilson-wrec-wccp-v2-01, and section 3.12.1 + * "Forwarding using GRE Encapsulation" in + * draft-param-wccp-v2rev1-01. + */ + ND_PRINT("wccp "); + + ND_ICHECK_U(len, <, 1); + if (GET_U_1(bp) >> 4 != 4) { + /* + * First octet isn't 0x4*, so it's not IPv4. + */ + const struct wccp_redirect *wccp; + uint8_t wccp_flags; + + ND_ICHECK_ZU(len, <, sizeof(*wccp)); + wccp = (const struct wccp_redirect *)bp; + wccp_flags = GET_U_1(wccp->flags); + + ND_PRINT("T:%c A:%c U:%c SId:%u Alt:%u Pri:%u", + (wccp_flags & WCCP_T) ? '1' : '0', + (wccp_flags & WCCP_A) ? '1' : '0', + (wccp_flags & WCCP_U) ? '1' : '0', + GET_U_1(wccp->ServiceId), + GET_U_1(wccp->AltBucket), + GET_U_1(wccp->PriBucket)); - if (vflag > 1) - printf("O:%04x ", offset); + bp += sizeof(*wccp); + len -= sizeof(*wccp); + + printf(": "); } - cp += 4; /* skip checksum and offset */ + /* FALLTHROUGH */ + case ETHERTYPE_IP: + ip_print(ndo, bp, len); + break; + case ETHERTYPE_IPV6: + ip6_print(ndo, bp, len); + break; + case ETHERTYPE_MPLS: + case ETHERTYPE_MPLS_MULTI: + mpls_print(ndo, bp, len); + break; + case ETHERTYPE_IPX: + ipx_print(ndo, bp, len); + break; + case ETHERTYPE_ATALK: + atalk_print(ndo, bp, len); + break; + case ETHERTYPE_GRE_ISO: + isoclns_print(ndo, bp, len); + break; + case ETHERTYPE_TEB: + ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL); + break; + case ETHERTYPE_NSH: + nsh_print(ndo, bp, len); + break; + case GRE_ERSPAN_I_II: + erspan_print(ndo, flags, bp, len); + break; + case GRE_CDP: + cdp_print(ndo, bp, len); + break; + case GRE_NHRP: + nhrp_print(ndo, bp, len); + break; + default: + ND_PRINT("gre-proto-0x%x", prot); } - if (flags & GRE_KP) { - TCHECK2(*cp, 4); - if (ver == 1) { /* PPTP */ - if (vflag > 1) - printf("PL:%u ", EXTRACT_16BITS(cp)); - printf("ID:%04x ", EXTRACT_16BITS(cp+2)); + return; + +invalid: + nd_print_invalid(ndo); +} + +static void +gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length) +{ + u_int len = length; + uint16_t flags, prot; + + ND_ICHECK_U(len, <, 2); + flags = GET_BE_U_2(bp); + len -= 2; + bp += 2; + + if (ndo->ndo_vflag) + ND_PRINT(", Flags [%s]", + bittok2str(gre_flag_values,"none",flags)); + + ND_ICHECK_U(len, <, 2); + prot = GET_BE_U_2(bp); + len -= 2; + bp += 2; + + /* + * This version is used for two purposes: + * + * RFC 2637 PPTP; + * Some Mikrotik Ethernet-over-IP hack. + */ + switch (prot) { + case GRE_MIKROTIK_EOIP: + /* + * The MikroTik hack uses only the key field, and uses it + * for its own purposes. If anything other than the version + * and K bit are set, report an error and give up. + */ + if ((flags & ~GRE_VERS_MASK) != GRE_KP) { + ND_PRINT(" unknown-eoip-flags-%04x!", flags); + return; } - else - printf("K:%08x ", EXTRACT_32BITS(cp)); - cp += 4; /* skip key */ + break; + default: + /* + * XXX - what should we do if it's not ETHERTYPE_PPP? + */ + break; } + + if (flags & GRE_KP) { + /* Skip payload length? */ + ND_ICHECK_U(len, <, 2); + ND_TCHECK_LEN(bp, 2); + len -= 2; + bp += 2; + + ND_ICHECK_U(len, <, 2); + if (prot == GRE_MIKROTIK_EOIP) { + /* Non-standard */ + ND_PRINT(", tunnel-id %u", GET_BE_U_2(bp)); + } else + ND_PRINT(", call %u", GET_BE_U_2(bp)); + len -= 2; + bp += 2; + } else + ND_PRINT(", (ERROR: K flag not set)"); + if (flags & GRE_SP) { - TCHECK2(*cp, 4); - printf("S:%u ", EXTRACT_32BITS(cp)); - cp += 4; /* skip seq */ + ND_ICHECK_U(len, <, 4); + ND_PRINT(", seq %u", GET_BE_U_4(bp)); + bp += 4; + len -= 4; } - if (flags & GRE_AP && ver >= 1) { - TCHECK2(*cp, 4); - printf("A:%u ", EXTRACT_32BITS(cp)); - cp += 4; /* skip ack */ + + if (flags & GRE_AP) { + ND_ICHECK_U(len, <, 4); + ND_PRINT(", ack %u", GET_BE_U_4(bp)); + bp += 4; + len -= 4; } - /* We don't support routing fields (variable length) now. Punt. */ - if (flags & GRE_RP) + + /* + * More non-standard EoIP behavior. + */ + if (prot != GRE_MIKROTIK_EOIP && (flags & GRE_SP) == 0) + ND_PRINT(", no-payload"); + + if (ndo->ndo_eflag) + ND_PRINT(", proto %s (0x%04x)", + tok2str(ethertype_values,"unknown",prot), prot); + + ND_PRINT(", length %u",length); + + /* + * More non-standard EoIP behavior. + */ + if (prot != GRE_MIKROTIK_EOIP && (flags & GRE_SP) == 0) return; - TCHECK(cp[0]); + if (ndo->ndo_vflag < 1) + ND_PRINT(": "); /* put in a colon as protocol demarc */ + else + ND_PRINT("\n\t"); /* if verbose go multiline */ - length -= cp - bp; - if (ether_encap_print(proto, cp, length, length, - &extracted_ethertype) == 0) - printf("gre-proto-0x%04X", proto); + switch (prot) { + case ETHERTYPE_PPP: + ppp_print(ndo, bp, len); + break; + case GRE_MIKROTIK_EOIP: + /* MikroTik RouterBoard Ethernet over IP (EoIP) */ + if (len == 0) + ND_PRINT("keepalive"); + else + ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL); + break; + default: + ND_PRINT("gre-proto-0x%x", prot); + break; + } return; -trunc: - fputs("[|gre]", stdout); +invalid: + nd_print_invalid(ndo); +} + +static int +gre_sre_print(netdissect_options *ndo, uint16_t af, uint8_t sreoff, + uint8_t srelen, const u_char *bp, u_int len) +{ + int ret; + + switch (af) { + case GRESRE_IP: + ND_PRINT(", (rtaf=ip"); + ret = gre_sre_ip_print(ndo, sreoff, srelen, bp, len); + ND_PRINT(")"); + break; + case GRESRE_ASN: + ND_PRINT(", (rtaf=asn"); + ret = gre_sre_asn_print(ndo, sreoff, srelen, bp, len); + ND_PRINT(")"); + break; + default: + ND_PRINT(", (rtaf=0x%x)", af); + ret = 1; + } + return (ret); +} + +static int +gre_sre_ip_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen, + const u_char *bp, u_int len) +{ + const u_char *up = bp; + char buf[INET_ADDRSTRLEN]; + + if (sreoff & 3) { + ND_PRINT(", badoffset=%u", sreoff); + goto invalid; + } + if (srelen & 3) { + ND_PRINT(", badlength=%u", srelen); + goto invalid; + } + if (sreoff >= srelen) { + ND_PRINT(", badoff/len=%u/%u", sreoff, srelen); + goto invalid; + } + + while (srelen != 0) { + ND_ICHECK_U(len, <, 4); + + ND_TCHECK_LEN(bp, sizeof(nd_ipv4)); + addrtostr(bp, buf, sizeof(buf)); + ND_PRINT(" %s%s", + ((bp - up) == sreoff) ? "*" : "", buf); + + bp += 4; + len -= 4; + srelen -= 4; + } + return 1; + +invalid: + return 0; +} + +static int +gre_sre_asn_print(netdissect_options *ndo, uint8_t sreoff, uint8_t srelen, + const u_char *bp, u_int len) +{ + const u_char *up = bp; + + if (sreoff & 1) { + ND_PRINT(", badoffset=%u", sreoff); + goto invalid; + } + if (srelen & 1) { + ND_PRINT(", badlength=%u", srelen); + goto invalid; + } + if (sreoff >= srelen) { + ND_PRINT(", badoff/len=%u/%u", sreoff, srelen); + goto invalid; + } + + while (srelen != 0) { + ND_ICHECK_U(len, <, 2); + + ND_PRINT(" %s%x", + ((bp - up) == sreoff) ? "*" : "", GET_BE_U_2(bp)); + + bp += 2; + len -= 2; + srelen -= 2; + } + return 1; +invalid: + return 0; }