X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/d30c649a92a31221f69912dd399acbebaf0f41ad..refs/heads/tcpdump-3.9:/print-ip.c diff --git a/print-ip.c b/print-ip.c index 34be5c82..19648959 100644 --- a/print-ip.c +++ b/print-ip.c @@ -20,232 +20,135 @@ */ #ifndef lint -static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.77 1999-11-23 08:31:10 fenner Exp $ (LBL)"; +static const char rcsid[] _U_ = + "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.149.2.9 2007-09-14 01:30:02 guy Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H #include "config.h" #endif -#include -#include -#include +#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef HAVE_MALLOC_H -#include -#endif #include #include #include -#include #include "addrtoname.h" #include "interface.h" #include "extract.h" /* must come after interface.h */ -/* Compatibility */ -#ifndef IPPROTO_ND -#define IPPROTO_ND 77 -#endif - -#ifndef IN_CLASSD -#define IN_CLASSD(i) (((int32_t)(i) & 0xf0000000) == 0xe0000000) -#endif - -/* (following from ipmulti/mrouted/prune.h) */ - -/* - * The packet format for a traceroute request. - */ -struct tr_query { - u_int tr_src; /* traceroute source */ - u_int tr_dst; /* traceroute destination */ - u_int tr_raddr; /* traceroute response address */ - u_int tr_rttlqid; /* response ttl and qid */ +#include "ip.h" +#include "ipproto.h" + +struct tok ip_option_values[] = { + { IPOPT_EOL, "EOL" }, + { IPOPT_NOP, "NOP" }, + { IPOPT_TS, "timestamp" }, + { IPOPT_SECURITY, "security" }, + { IPOPT_RR, "RR" }, + { IPOPT_SSRR, "SSRR" }, + { IPOPT_LSRR, "LSRR" }, + { IPOPT_RA, "RA" }, + { IPOPT_RFC1393, "traceroute" }, + { 0, NULL } }; -#define TR_GETTTL(x) (((x) >> 24) & 0xff) -#define TR_GETQID(x) ((x) & 0x00ffffff) - /* - * Traceroute response format. A traceroute response has a tr_query at the - * beginning, followed by one tr_resp for each hop taken. + * print the recorded route in an IP RR, LSRR or SSRR option. */ -struct tr_resp { - u_int tr_qarr; /* query arrival time */ - u_int tr_inaddr; /* incoming interface address */ - u_int tr_outaddr; /* outgoing interface address */ - u_int tr_rmtaddr; /* parent address in source tree */ - u_int tr_vifin; /* input packet count on interface */ - u_int tr_vifout; /* output packet count on interface */ - u_int tr_pktcnt; /* total incoming packets for src-grp */ - u_char tr_rproto; /* routing proto deployed on router */ - u_char tr_fttl; /* ttl required to forward on outvif */ - u_char tr_smask; /* subnet mask for src addr */ - u_char tr_rflags; /* forwarding error codes */ -}; - -/* defs within mtrace */ -#define TR_QUERY 1 -#define TR_RESP 2 - -/* fields for tr_rflags (forwarding error codes) */ -#define TR_NO_ERR 0 -#define TR_WRONG_IF 1 -#define TR_PRUNED 2 -#define TR_OPRUNED 3 -#define TR_SCOPED 4 -#define TR_NO_RTE 5 -#define TR_NO_FWD 7 -#define TR_NO_SPACE 0x81 -#define TR_OLD_ROUTER 0x82 - -/* fields for tr_rproto (routing protocol) */ -#define TR_PROTO_DVMRP 1 -#define TR_PROTO_MOSPF 2 -#define TR_PROTO_PIM 3 -#define TR_PROTO_CBT 4 - -static void print_mtrace(register const u_char *bp, register u_int len) -{ - register struct tr_query *tr = (struct tr_query *)(bp + 8); - - printf("mtrace %d: %s to %s reply-to %s", - TR_GETQID(ntohl(tr->tr_rttlqid)), - ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst), - ipaddr_string(&tr->tr_raddr)); - if (IN_CLASSD(ntohl(tr->tr_raddr))) - printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid))); -} - -static void print_mresp(register const u_char *bp, register u_int len) -{ - register struct tr_query *tr = (struct tr_query *)(bp + 8); - - printf("mresp %d: %s to %s reply-to %s", - TR_GETQID(ntohl(tr->tr_rttlqid)), - ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst), - ipaddr_string(&tr->tr_raddr)); - if (IN_CLASSD(ntohl(tr->tr_raddr))) - printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid))); -} - static void -igmp_print(register const u_char *bp, register u_int len, - register const u_char *bp2) +ip_printroute(register const u_char *cp, u_int length) { - register const struct ip *ip; - - ip = (const struct ip *)bp2; - (void)printf("%s > %s: ", - ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); + register u_int ptr; + register u_int len; - if (qflag) { - (void)printf("igmp"); + if (length < 3) { + printf(" [bad length %u]", length); return; } + if ((length + 1) & 3) + printf(" [bad length %u]", length); + ptr = cp[2] - 1; + if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1) + printf(" [bad ptr %u]", cp[2]); - TCHECK2(bp[0], 8); - switch (bp[0]) { - case 0x11: - (void)printf("igmp query"); - if (EXTRACT_32BITS(&bp[4])) - (void)printf(" [gaddr %s]", ipaddr_string(&bp[4])); - if (len != 8) - (void)printf(" [len %d]", len); - break; - case 0x12: - (void)printf("igmp v1 report %s", ipaddr_string(&bp[4])); - if (len != 8) - (void)printf(" [len %d]", len); - break; - case 0x16: - (void)printf("igmp v2 report %s", ipaddr_string(&bp[4])); - break; - case 0x17: - (void)printf("igmp leave %s", ipaddr_string(&bp[4])); - break; - case 0x13: - (void)printf("igmp dvmrp"); - if (len < 8) - (void)printf(" [len %d]", len); - else - dvmrp_print(bp, len); - break; - case 0x14: - (void)printf("igmp pimv1"); - pimv1_print(bp, len); - break; - case 0x1e: - print_mresp(bp, len); - break; - case 0x1f: - print_mtrace(bp, len); - break; - default: - (void)printf("igmp-%d", bp[0]); - break; - } - - if (vflag && TTEST2(bp[0], len)) { - /* Check the IGMP checksum */ - if (in_cksum((const u_short*)bp, len, 0)) - printf(" bad igmp cksum %x!", EXTRACT_16BITS(&bp[2])); + for (len = 3; len < length; len += 4) { + printf(" %s", ipaddr_string(&cp[len])); + if (ptr > len) + printf(","); } - return; -trunc: - fputs("[|igmp]", stdout); } /* - * print the recorded route in an IP RR, LSRR or SSRR option. + * If source-routing is present and valid, return the final destination. + * Otherwise, return IP destination. + * + * This is used for UDP and TCP pseudo-header in the checksum + * calculation. */ -static void -ip_printroute(const char *type, register const u_char *cp, u_int length) +u_int32_t +ip_finddst(const struct ip *ip) { - register u_int ptr = cp[2] - 1; - register u_int len; + int length; + int len; + const u_char *cp; + u_int32_t retval; - printf(" %s{", type); - if ((length + 1) & 3) - printf(" [bad length %d]", length); - if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1) - printf(" [bad ptr %d]", cp[2]); + cp = (const u_char *)(ip + 1); + length = (IP_HL(ip) << 2) - sizeof(struct ip); - type = ""; - for (len = 3; len < length; len += 4) { - if (ptr == len) - type = "#"; - printf("%s%s", type, ipaddr_string(&cp[len])); - type = " "; + for (; length > 0; cp += len, length -= len) { + int tt; + + TCHECK(*cp); + tt = *cp; + if (tt == IPOPT_EOL) + break; + else if (tt == IPOPT_NOP) + len = 1; + else { + TCHECK(cp[1]); + len = cp[1]; + if (len < 2) + break; + } + TCHECK2(*cp, len); + switch (tt) { + + case IPOPT_SSRR: + case IPOPT_LSRR: + if (len < 7) + break; + memcpy(&retval, cp + len - 4, 4); + return retval; + } } - printf("%s}", ptr == len? "#" : ""); +trunc: + memcpy(&retval, &ip->ip_dst.s_addr, sizeof(u_int32_t)); + return retval; } static void ip_printts(register const u_char *cp, u_int length) { - register u_int ptr = cp[2] - 1; + register u_int ptr; register u_int len; int hoplen; - char *type; + const char *type; + if (length < 4) { + printf("[bad length %u]", length); + return; + } printf(" TS{"); hoplen = ((cp[3]&0xF) != IPOPT_TS_TSONLY) ? 8 : 4; if ((length - 4) & (hoplen-1)) - printf("[bad length %d]", length); + printf("[bad length %u]", length); + ptr = cp[2] - 1; + len = 0; if (ptr < 4 || ((ptr - 4) & (hoplen-1)) || ptr > length + 1) - printf("[bad ptr %d]", cp[2]); + printf("[bad ptr %u]", cp[2]); switch (cp[3]&0xF) { case IPOPT_TS_TSONLY: printf("TSONLY"); @@ -265,7 +168,7 @@ ip_printts(register const u_char *cp, u_int length) case 3: /* IPOPT_TS_PRESPEC */ printf("PRESPEC"); break; - default: + default: printf("[bad ts type %d]", cp[3]&0xF); goto done; } @@ -274,7 +177,7 @@ ip_printts(register const u_char *cp, u_int length) for (len = 4; len < length; len += hoplen) { if (ptr == len) type = " ^ "; - printf("%s%d@%s", type, ntohl(*(u_int32_t *)&cp[len+hoplen-4]), + printf("%s%d@%s", type, EXTRACT_32BITS(&cp[len+hoplen-4]), hoplen!=8 ? "" : ipaddr_string(&cp[len])); type = " "; } @@ -294,71 +197,75 @@ done: static void ip_optprint(register const u_char *cp, u_int length) { - register u_int len; + register u_int option_len; + const char *sep = ""; - for (; length > 0; cp += len, length -= len) { - int tt = *cp; + for (; length > 0; cp += option_len, length -= option_len) { + u_int option_code; - len = (tt == IPOPT_NOP || tt == IPOPT_EOL) ? 1 : cp[1]; - if (len <= 0) { - printf("[|ip op len %d]", len); - return; + printf("%s", sep); + sep = ","; + + TCHECK(*cp); + option_code = *cp; + + printf("%s", + tok2str(ip_option_values,"unknown %u",option_code)); + + if (option_code == IPOPT_NOP || + option_code == IPOPT_EOL) + option_len = 1; + + else { + TCHECK(cp[1]); + option_len = cp[1]; + if (option_len < 2) { + printf(" [bad length %u]", option_len); + return; + } } - if (&cp[1] >= snapend || cp + len > snapend) { - printf("[|ip]"); + + if (option_len > length) { + printf(" [bad length %u]", option_len); return; } - switch (tt) { + TCHECK2(*cp, option_len); + + switch (option_code) { case IPOPT_EOL: - printf(" EOL"); - if (length > 1) - printf("-%d", length - 1); return; - case IPOPT_NOP: - printf(" NOP"); - break; - case IPOPT_TS: - ip_printts(cp, len); - break; - -#ifndef IPOPT_SECURITY -#define IPOPT_SECURITY 130 -#endif /* IPOPT_SECURITY */ - case IPOPT_SECURITY: - printf(" SECURITY{%d}", len); - break; - - case IPOPT_RR: - ip_printroute("RR", cp, len); + ip_printts(cp, option_len); break; + case IPOPT_RR: /* fall through */ case IPOPT_SSRR: - ip_printroute("SSRR", cp, len); - break; - case IPOPT_LSRR: - ip_printroute("LSRR", cp, len); + ip_printroute(cp, option_len); break; -#ifndef IPOPT_RA -#define IPOPT_RA 148 /* router alert */ -#endif case IPOPT_RA: - printf(" RA"); - if (len != 4) - printf("{%d}", len); - else if (cp[2] || cp[3]) - printf("%d.%d", cp[2], cp[3]); - break; + if (option_len < 4) { + printf(" [bad length %u]", option_len); + break; + } + TCHECK(cp[3]); + if (EXTRACT_16BITS(&cp[2]) != 0) + printf(" value %u", EXTRACT_16BITS(&cp[2])); + break; + case IPOPT_NOP: /* nothing to print - fall through */ + case IPOPT_SECURITY: default: - printf(" IPOPT-%d{%d}", cp[0], len); break; } } + return; + +trunc: + printf("[|ip]"); } /* @@ -366,19 +273,19 @@ ip_optprint(register const u_char *cp, u_int length) * don't modifiy the packet. */ u_short -in_cksum(const u_short *addr, register int len, u_short csum) +in_cksum(const u_short *addr, register u_int len, int csum) { int nleft = len; const u_short *w = addr; u_short answer; int sum = csum; - /* + /* * Our algorithm is simple, using a 32 bit accumulator (sum), * we add sequential 16 bit words to it, and at the end, fold * back all the carry bits from the top 16 bits into the lower * 16 bits. - */ + */ while (nleft > 1) { sum += *w++; nleft -= 2; @@ -396,317 +303,438 @@ in_cksum(const u_short *addr, register int len, u_short csum) } /* - * print an IP datagram. + * Given the host-byte-order value of the checksum field in a packet + * header, and the network-byte-order computed checksum of the data + * that the checksum covers (including the checksum itself), compute + * what the checksum field *should* have been. */ -void -ip_print(register const u_char *bp, register u_int length) +u_int16_t +in_cksum_shouldbe(u_int16_t sum, u_int16_t computed_sum) { - register const struct ip *ip; - register u_int hlen, len, len0, off; - register const u_char *cp; - u_char nh; - int advance; - - ip = (const struct ip *)bp; -#ifdef LBL_ALIGN + u_int32_t shouldbe; + /* - * If the IP header is not aligned, copy into abuf. - * This will never happen with BPF. It does happen raw packet - * dumps from -r. + * The value that should have gone into the checksum field + * is the negative of the value gotten by summing up everything + * *but* the checksum field. + * + * We can compute that by subtracting the value of the checksum + * field from the sum of all the data in the packet, and then + * computing the negative of that value. + * + * "sum" is the value of the checksum field, and "computed_sum" + * is the negative of the sum of all the data in the packets, + * so that's -(-computed_sum - sum), or (sum + computed_sum). + * + * All the arithmetic in question is one's complement, so the + * addition must include an end-around carry; we do this by + * doing the arithmetic in 32 bits (with no sign-extension), + * and then adding the upper 16 bits of the sum, which contain + * the carry, to the lower 16 bits of the sum, and then do it + * again in case *that* sum produced a carry. + * + * As RFC 1071 notes, the checksum can be computed without + * byte-swapping the 16-bit words; summing 16-bit words + * on a big-endian machine gives a big-endian checksum, which + * can be directly stuffed into the big-endian checksum fields + * in protocol headers, and summing words on a little-endian + * machine gives a little-endian checksum, which must be + * byte-swapped before being stuffed into a big-endian checksum + * field. + * + * "computed_sum" is a network-byte-order value, so we must put + * it in host byte order before subtracting it from the + * host-byte-order value from the header; the adjusted checksum + * will be in host byte order, which is what we'll return. */ - if ((long)ip & 3) { - static u_char *abuf = NULL; - static int didwarn = 0; - - if (abuf == NULL) { - abuf = (u_char *)malloc(snaplen); - if (abuf == NULL) - error("ip_print: malloc"); - } - memcpy((char *)abuf, (char *)ip, min(length, snaplen)); - snapend += abuf - (u_char *)ip; - packetp = abuf; - ip = (struct ip *)abuf; - /* We really want libpcap to give us aligned packets */ - if (!didwarn) { - warning("compensating for unaligned libpcap packets"); - ++didwarn; - } - } -#endif - if ((u_char *)(ip + 1) > snapend) { - printf("[|ip]"); - return; - } - if (length < sizeof (struct ip)) { - (void)printf("truncated-ip %d", length); - return; - } - hlen = ip->ip_hl * 4; + shouldbe = sum; + shouldbe += ntohs(computed_sum); + shouldbe = (shouldbe & 0xFFFF) + (shouldbe >> 16); + shouldbe = (shouldbe & 0xFFFF) + (shouldbe >> 16); + return shouldbe; +} - len = ntohs(ip->ip_len); - if (length < len) - (void)printf("truncated-ip - %d bytes missing!", - len - length); - len -= hlen; - len0 = len; +#define IP_RES 0x8000 - /* - * If this is fragment zero, hand it to the next higher - * level protocol. - */ - off = ntohs(ip->ip_off); - if ((off & 0x1fff) == 0) { - cp = (const u_char *)ip + hlen; - nh = ip->ip_p; - - if (nh != IPPROTO_TCP && nh != IPPROTO_UDP) { - (void)printf("%s > %s: ", ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); - } -again: - switch (nh) { +static struct tok ip_frag_values[] = { + { IP_MF, "+" }, + { IP_DF, "DF" }, + { IP_RES, "rsvd" }, /* The RFC3514 evil ;-) bit */ + { 0, NULL } +}; -#ifndef IPPROTO_AH -#define IPPROTO_AH 51 -#endif - case IPPROTO_AH: - nh = *cp; - advance = ah_print(cp, (const u_char *)ip); - cp += advance; - len -= advance; - goto again; - -#ifndef IPPROTO_ESP -#define IPPROTO_ESP 50 -#endif - case IPPROTO_ESP: - { - int enh; - advance = esp_print(cp, (const u_char *)ip, &enh); - cp += advance; - len -= advance; - if (enh < 0) - break; - nh = enh & 0xff; - goto again; - } +struct ip_print_demux_state { + const struct ip *ip; + const u_char *cp; + u_int len, off; + u_char nh; + int advance; +}; -#ifndef IPPROTO_IPCOMP -#define IPPROTO_IPCOMP 108 -#endif - case IPPROTO_IPCOMP: - { - int enh; - advance = ipcomp_print(cp, (const u_char *)ip, &enh); - cp += advance; - len -= advance; - if (enh < 0) - break; - nh = enh & 0xff; - goto again; - } +static void +ip_print_demux(netdissect_options *ndo, + struct ip_print_demux_state *ipds) +{ + struct protoent *proto; - case IPPROTO_TCP: - tcp_print(cp, len, (const u_char *)ip); - break; +again: + switch (ipds->nh) { - case IPPROTO_UDP: - udp_print(cp, len, (const u_char *)ip); + case IPPROTO_AH: + ipds->nh = *ipds->cp; + ipds->advance = ah_print(ipds->cp); + if (ipds->advance <= 0) break; - - case IPPROTO_ICMP: - icmp_print(cp, len, (const u_char *)ip); + ipds->cp += ipds->advance; + ipds->len -= ipds->advance; + goto again; + + case IPPROTO_ESP: + { + int enh, padlen; + ipds->advance = esp_print(ndo, ipds->cp, ipds->len, + (const u_char *)ipds->ip, + &enh, &padlen); + if (ipds->advance <= 0) break; - -#ifndef IPPROTO_IGRP -#define IPPROTO_IGRP 9 -#endif - case IPPROTO_IGRP: - igrp_print(cp, len, (const u_char *)ip); + ipds->cp += ipds->advance; + ipds->len -= ipds->advance + padlen; + ipds->nh = enh & 0xff; + goto again; + } + + case IPPROTO_IPCOMP: + { + int enh; + ipds->advance = ipcomp_print(ipds->cp, &enh); + if (ipds->advance <= 0) break; + ipds->cp += ipds->advance; + ipds->len -= ipds->advance; + ipds->nh = enh & 0xff; + goto again; + } - case IPPROTO_ND: -#if 0 - (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); -#endif - (void)printf(" nd %d", len); - break; + case IPPROTO_SCTP: + sctp_print(ipds->cp, (const u_char *)ipds->ip, ipds->len); + break; - case IPPROTO_EGP: - egp_print(cp, len, (const u_char *)ip); - break; + case IPPROTO_DCCP: + dccp_print(ipds->cp, (const u_char *)ipds->ip, ipds->len); + break; + + case IPPROTO_TCP: + /* pass on the MF bit plus the offset to detect fragments */ + tcp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip, + ipds->off & (IP_MF|IP_OFFMASK)); + break; + + case IPPROTO_UDP: + /* pass on the MF bit plus the offset to detect fragments */ + udp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip, + ipds->off & (IP_MF|IP_OFFMASK)); + break; + + case IPPROTO_ICMP: + /* pass on the MF bit plus the offset to detect fragments */ + icmp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip, + ipds->off & (IP_MF|IP_OFFMASK)); + break; + + case IPPROTO_PIGP: + /* + * XXX - the current IANA protocol number assignments + * page lists 9 as "any private interior gateway + * (used by Cisco for their IGRP)" and 88 as + * "EIGRP" from Cisco. + * + * Recent BSD headers define + * IP_PROTO_PIGP as 9 and IP_PROTO_IGRP as 88. + * We define IP_PROTO_PIGP as 9 and + * IP_PROTO_EIGRP as 88; those names better + * match was the current protocol number + * assignments say. + */ + igrp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip); + break; + + case IPPROTO_EIGRP: + eigrp_print(ipds->cp, ipds->len); + break; + + case IPPROTO_ND: + ND_PRINT((ndo, " nd %d", ipds->len)); + break; -#ifndef IPPROTO_OSPF -#define IPPROTO_OSPF 89 -#endif - case IPPROTO_OSPF: - ospf_print(cp, len, (const u_char *)ip); - break; + case IPPROTO_EGP: + egp_print(ipds->cp, ipds->len); + break; -#ifndef IPPROTO_IGMP -#define IPPROTO_IGMP 2 -#endif - case IPPROTO_IGMP: - igmp_print(cp, len, (const u_char *)ip); - break; + case IPPROTO_OSPF: + ospf_print(ipds->cp, ipds->len, (const u_char *)ipds->ip); + break; - case 4: - /* DVMRP multicast tunnel (ip-in-ip encapsulation) */ -#if 0 - if (vflag) - (void)printf("%s > %s: ", - ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); -#endif - ip_print(cp, len); - if (! vflag) { - printf(" (ipip)"); - return; - } - break; + case IPPROTO_IGMP: + igmp_print(ipds->cp, ipds->len); + break; + case IPPROTO_IPV4: + /* DVMRP multicast tunnel (ip-in-ip encapsulation) */ + ip_print(gndo, ipds->cp, ipds->len); + if (! vflag) { + ND_PRINT((ndo, " (ipip-proto-4)")); + return; + } + break; + #ifdef INET6 -#ifndef IP6PROTO_ENCAP -#define IP6PROTO_ENCAP 41 -#endif - case IP6PROTO_ENCAP: - /* ip6-in-ip encapsulation */ -#if 0 - if (vflag) - (void)printf("%s > %s: ", - ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); -#endif - ip6_print(cp, len); - if (! vflag) { - printf(" (encap)"); - return; - } - break; + case IPPROTO_IPV6: + /* ip6-in-ip encapsulation */ + ip6_print(ipds->cp, ipds->len); + break; #endif /*INET6*/ + case IPPROTO_RSVP: + rsvp_print(ipds->cp, ipds->len); + break; -#ifndef IPPROTO_GRE -#define IPPROTO_GRE 47 -#endif - case IPPROTO_GRE: - if (vflag) - (void)printf("gre %s > %s: ", - ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); - /* do it */ - gre_print(cp, len); - if (! vflag) { - printf(" (gre encap)"); - return; - } - break; + case IPPROTO_GRE: + /* do it */ + gre_print(ipds->cp, ipds->len); + break; -#ifndef IPPROTO_MOBILE -#define IPPROTO_MOBILE 55 -#endif - case IPPROTO_MOBILE: - if (vflag) - (void)printf("mobile %s > %s: ", - ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); - mobile_print(cp, len); - if (! vflag) { - printf(" (mobile encap)"); - return; - } - break; + case IPPROTO_MOBILE: + mobile_print(ipds->cp, ipds->len); + break; -#ifndef IPPROTO_PIM -#define IPPROTO_PIM 103 -#endif - case IPPROTO_PIM: - pim_print(cp, len); - break; + case IPPROTO_PIM: + pim_print(ipds->cp, ipds->len); + break; - default: -#if 0 - (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); -#endif - (void)printf(" ip-proto-%d %d", nh, len); - break; - } + case IPPROTO_VRRP: + vrrp_print(ipds->cp, ipds->len, ipds->ip->ip_ttl); + break; + + case IPPROTO_PGM: + pgm_print(ipds->cp, ipds->len, (const u_char *)ipds->ip); + break; + + default: + if ((proto = getprotobynumber(ipds->nh)) != NULL) + ND_PRINT((ndo, " %s", proto->p_name)); + else + ND_PRINT((ndo, " ip-proto-%d", ipds->nh)); + ND_PRINT((ndo, " %d", ipds->len)); + break; + } +} + +void +ip_print_inner(netdissect_options *ndo, + const u_char *bp, + u_int length, u_int nh, + const u_char *bp2) +{ + struct ip_print_demux_state ipd; + + ipd.ip = (const struct ip *)bp2; + ipd.cp = bp; + ipd.len = length; + ipd.off = 0; + ipd.nh = nh; + ipd.advance = 0; + + ip_print_demux(ndo, &ipd); +} + + +/* + * print an IP datagram. + */ +void +ip_print(netdissect_options *ndo, + const u_char *bp, + u_int length) +{ + struct ip_print_demux_state ipd; + struct ip_print_demux_state *ipds=&ipd; + const u_char *ipend; + u_int hlen; + u_int16_t sum, ip_sum; + struct protoent *proto; + + ipds->ip = (const struct ip *)bp; + if (IP_V(ipds->ip) != 4) { /* print version if != 4 */ + printf("IP%u ", IP_V(ipds->ip)); + if (IP_V(ipds->ip) == 6) + printf(", wrong link-layer encapsulation"); } + else if (!eflag) + printf("IP "); - /* Ultra quiet now means that all this stuff should be suppressed */ - /* res 3-Nov-98 */ - if (qflag > 1) return; + if ((u_char *)(ipds->ip + 1) > snapend) { + printf("[|ip]"); + return; + } + if (length < sizeof (struct ip)) { + (void)printf("truncated-ip %u", length); + return; + } + hlen = IP_HL(ipds->ip) * 4; + if (hlen < sizeof (struct ip)) { + (void)printf("bad-hlen %u", hlen); + return; + } + ipds->len = EXTRACT_16BITS(&ipds->ip->ip_len); + if (length < ipds->len) + (void)printf("truncated-ip - %u bytes missing! ", + ipds->len - length); + if (ipds->len < hlen) { +#ifdef GUESS_TSO + if (ipds->len) { + (void)printf("bad-len %u", ipds->len); + return; + } + else { + /* we guess that it is a TSO send */ + ipds->len = length; + } +#else + (void)printf("bad-len %u", ipds->len); + return; +#endif /* GUESS_TSO */ + } /* - * for fragmented datagrams, print id:size@offset. On all - * but the last stick a "+". For unfragmented datagrams, note - * the don't fragment flag. + * Cut off the snapshot length to the end of the IP payload. */ - len = len0; /* get the original length */ - if (off & 0x3fff) { - /* - * if this isn't the first frag, we're missing the - * next level protocol header. print the ip addr. - */ - if (off & 0x1fff) - (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); -#ifndef IP_MF -#define IP_MF 0x2000 -#endif /* IP_MF */ -#ifndef IP_DF -#define IP_DF 0x4000 -#endif /* IP_DF */ - (void)printf(" (frag %d:%u@%d%s)", ntohs(ip->ip_id), len, - (off & 0x1fff) * 8, - (off & IP_MF)? "+" : ""); - - } else if (off & IP_DF) - (void)printf(" (DF)"); - - if (ip->ip_tos) { - (void)printf(" [tos 0x%x", (int)ip->ip_tos); - /* ECN bits */ - if (ip->ip_tos&0x02) { - (void)printf(",ECT"); - if (ip->ip_tos&0x01) - (void)printf(",CE"); + ipend = bp + ipds->len; + if (ipend < snapend) + snapend = ipend; + + ipds->len -= hlen; + + ipds->off = EXTRACT_16BITS(&ipds->ip->ip_off); + + if (vflag) { + (void)printf("(tos 0x%x", (int)ipds->ip->ip_tos); + /* ECN bits */ + if (ipds->ip->ip_tos & 0x03) { + switch (ipds->ip->ip_tos & 0x03) { + case 1: + (void)printf(",ECT(1)"); + break; + case 2: + (void)printf(",ECT(0)"); + break; + case 3: + (void)printf(",CE"); + } + } + + if (ipds->ip->ip_ttl >= 1) + (void)printf(", ttl %u", ipds->ip->ip_ttl); + + /* + * for the firewall guys, print id, offset. + * On all but the last stick a "+" in the flags portion. + * For unfragmented datagrams, note the don't fragment flag. + */ + + (void)printf(", id %u, offset %u, flags [%s], proto %s (%u)", + EXTRACT_16BITS(&ipds->ip->ip_id), + (ipds->off & 0x1fff) * 8, + bittok2str(ip_frag_values, "none", ipds->off&0xe000), + tok2str(ipproto_values,"unknown",ipds->ip->ip_p), + ipds->ip->ip_p); + + (void)printf(", length %u", EXTRACT_16BITS(&ipds->ip->ip_len)); + + if ((hlen - sizeof(struct ip)) > 0) { + printf(", options ("); + ip_optprint((u_char *)(ipds->ip + 1), hlen - sizeof(struct ip)); + printf(")"); + } + + if ((u_char *)ipds->ip + hlen <= snapend) { + sum = in_cksum((const u_short *)ipds->ip, hlen, 0); + if (sum != 0) { + ip_sum = EXTRACT_16BITS(&ipds->ip->ip_sum); + (void)printf(", bad cksum %x (->%x)!", ip_sum, + in_cksum_shouldbe(ip_sum, sum)); } - (void)printf("] "); + } + + printf(") "); } - if (ip->ip_ttl <= 1) - (void)printf(" [ttl %d]", (int)ip->ip_ttl); + /* + * If this is fragment zero, hand it to the next higher + * level protocol. + */ + if ((ipds->off & 0x1fff) == 0) { + ipds->cp = (const u_char *)ipds->ip + hlen; + ipds->nh = ipds->ip->ip_p; + + if (ipds->nh != IPPROTO_TCP && ipds->nh != IPPROTO_UDP && + ipds->nh != IPPROTO_SCTP && ipds->nh != IPPROTO_DCCP) { + (void)printf("%s > %s: ", + ipaddr_string(&ipds->ip->ip_src), + ipaddr_string(&ipds->ip->ip_dst)); + } + ip_print_demux(ndo, ipds); + } else { + /* Ultra quiet now means that all this stuff should be suppressed */ + if (qflag > 1) return; + + /* + * if this isn't the first frag, we're missing the + * next level protocol header. print the ip addr + * and the protocol. + */ + if (ipds->off & 0x1fff) { + (void)printf("%s > %s:", ipaddr_string(&ipds->ip->ip_src), + ipaddr_string(&ipds->ip->ip_dst)); + if ((proto = getprotobynumber(ipds->ip->ip_p)) != NULL) + (void)printf(" %s", proto->p_name); + else + (void)printf(" ip-proto-%d", ipds->ip->ip_p); + } + } +} - if (vflag) { - int sum; - char *sep = ""; +void +ipN_print(register const u_char *bp, register u_int length) +{ + struct ip *ip, hdr; - printf(" ("); - if (ip->ip_ttl > 1) { - (void)printf("%sttl %d", sep, (int)ip->ip_ttl); - sep = ", "; - } - if ((off & 0x3fff) == 0) { - (void)printf("%sid %d", sep, (int)ntohs(ip->ip_id)); - sep = ", "; - } - if ((u_char *)ip + hlen <= snapend) { - sum = in_cksum((const u_short *)ip, hlen, 0); - if (sum != 0) { - (void)printf("%sbad cksum %x!", sep, - ntohs(ip->ip_sum)); - sep = ", "; - } - } - if ((hlen -= sizeof(struct ip)) > 0) { - (void)printf("%soptlen=%d", sep, hlen); - ip_optprint((u_char *)(ip + 1), hlen); - } - printf(")"); + ip = (struct ip *)bp; + if (length < 4) { + (void)printf("truncated-ip %d", length); + return; + } + memcpy (&hdr, (char *)ip, 4); + switch (IP_V(&hdr)) { + case 4: + ip_print (gndo, bp, length); + return; +#ifdef INET6 + case 6: + ip6_print (bp, length); + return; +#endif + default: + (void)printf("unknown ip %d", IP_V(&hdr)); + return; } } + +/* + * Local Variables: + * c-style: whitesmith + * c-basic-offset: 8 + * End: + */ + +