X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/edb0e92cdcaf06168a38e632847b8fd2c0a62a2d..61fdd1dc2d7b48b87c7122c6e01a4fd90f426bf9:/print-smb.c diff --git a/print-smb.c b/print-smb.c index 058bf0e6..74d58b38 100644 --- a/print-smb.c +++ b/print-smb.c @@ -11,8 +11,8 @@ #endif #ifndef lint -static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.26 2002-09-05 00:00:20 guy Exp $"; +static const char rcsid[] _U_ = + "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.32 2004-05-31 02:08:27 guy Exp $"; #endif #include @@ -169,7 +169,7 @@ struct smbfnsint trans2_fns[] = { static void -print_trans2(const u_char *words, const u_char *dat, const u_char *buf, const u_char *maxbuf) +print_trans2(const u_char *words, const u_char *dat _U_, const u_char *buf, const u_char *maxbuf) { static struct smbfnsint *fn = &trans2_fns[0]; const u_char *data, *param; @@ -382,7 +382,7 @@ trunc: static void -print_negprot(const u_char *words, const u_char *data, const u_char *buf, const u_char *maxbuf) +print_negprot(const u_char *words, const u_char *data, const u_char *buf _U_, const u_char *maxbuf) { u_int wcnt; const char *f1 = NULL, *f2 = NULL; @@ -417,7 +417,7 @@ trunc: } static void -print_sesssetup(const u_char *words, const u_char *data, const u_char *buf, const u_char *maxbuf) +print_sesssetup(const u_char *words, const u_char *data, const u_char *buf _U_, const u_char *maxbuf) { u_int wcnt; const char *f1 = NULL, *f2 = NULL; @@ -846,52 +846,93 @@ void nbt_tcp_print(const u_char *data, int length) { const u_char *maxbuf = data + length; - int flags; + int type; u_int nbt_len; TCHECK2(data[2], 2); - flags = data[0]; + type = data[0]; nbt_len = EXTRACT_16BITS(data + 2); startbuf = data; if (maxbuf <= data) return; - if (vflag > 1) - printf ("\n>>>"); + if (vflag < 2) { + printf(" NBT Session Packet: "); + switch (type) { + case 0x00: + printf("Session Message"); + break; - printf(" NBT Packet"); + case 0x81: + printf("Session Request"); + break; - if (vflag < 2) - return; + case 0x82: + printf("Session Granted"); + break; - printf("\n"); + case 0x83: + { + int ecode; + + TCHECK(data[4]); + ecode = data[4]; + + printf("Session Reject, "); + switch (ecode) { + case 0x80: + printf("Not listening on called name"); + break; + case 0x81: + printf("Not listening for calling name"); + break; + case 0x82: + printf("Called name not present"); + break; + case 0x83: + printf("Called name present, but insufficient resources"); + break; + default: + printf("Unspecified error 0x%X", ecode); + break; + } + } + break; + + case 0x85: + printf("Session Keepalive"); + break; - switch (flags) { - case 1: - printf("flags=0x%x\n", flags); - case 0: - data = smb_fdata(data, "NBT Session Packet\nFlags=[rw]\nLength=[rd]\n", - data + 4); - if (data == NULL) + default: + data = smb_fdata(data, "Unknown packet type [rB]", maxbuf); + break; + } + } else { + printf ("\n>>> NBT Session Packet\n"); + switch (type) { + case 0x00: + data = smb_fdata(data, "[P1]NBT Session Message\nFlags=[B]\nLength=[rd]\n", + data + 4); + if (data == NULL) + break; + if (memcmp(data,"\377SMB",4) == 0) { + if (nbt_len > PTR_DIFF(maxbuf, data)) + printf("WARNING: Short packet. Try increasing the snap length (%lu)\n", + (unsigned long)PTR_DIFF(maxbuf, data)); + print_smb(data, maxbuf > data + nbt_len ? data + nbt_len : maxbuf); + } else + printf("Session packet:(raw data?)\n"); break; - if (memcmp(data,"\377SMB",4) == 0) { - if (nbt_len > PTR_DIFF(maxbuf, data)) - printf("WARNING: Short packet. Try increasing the snap length (%lu)\n", - (unsigned long)PTR_DIFF(maxbuf, data)); - print_smb(data, maxbuf > data + nbt_len ? data + nbt_len : maxbuf); - } else - printf("Session packet:(raw data?)\n"); - break; case 0x81: data = smb_fdata(data, - "NBT Session Request\nFlags=[rW]\nDestination=[n1]\nSource=[n1]\n", + "[P1]NBT Session Request\nFlags=[B]\nLength=[rd]\nDestination=[n1]\nSource=[n1]\n", maxbuf); break; case 0x82: - data = smb_fdata(data, "NBT Session Granted\nFlags=[rW]\n", maxbuf); + data = smb_fdata(data, "[P1]NBT Session Granted\nFlags=[B]\nLength=[rd]\n", maxbuf); break; case 0x83: @@ -901,7 +942,7 @@ nbt_tcp_print(const u_char *data, int length) TCHECK(data[4]); ecode = data[4]; - data = smb_fdata(data, "NBT SessionReject\nFlags=[rW]\nReason=[B]\n", + data = smb_fdata(data, "[P1]NBT SessionReject\nFlags=[B]\nLength=[rd]\nReason=[B]\n", maxbuf); switch (ecode) { case 0x80: @@ -924,15 +965,16 @@ nbt_tcp_print(const u_char *data, int length) break; case 0x85: - data = smb_fdata(data, "NBT Session Keepalive\nFlags=[rW]\n", maxbuf); + data = smb_fdata(data, "[P1]NBT Session Keepalive\nFlags=[B]\nLength=[rd]\n", maxbuf); break; default: - printf("flags=0x%x\n", flags); - data = smb_fdata(data, "NBT - Unknown packet type\nType=[rW]\n", maxbuf); + data = smb_fdata(data, "NBT - Unknown packet type\nType=[B]\n", maxbuf); + break; + } + printf("\n"); + fflush(stdout); } - printf("\n"); - fflush(stdout); return; trunc: printf("[|SMB]"); @@ -1140,6 +1182,61 @@ out: /* print netbeui frames */ +struct nbf_strings { + const char *name; + const char *nonverbose; + const char *verbose; +} nbf_strings[0x20] = { + { "Add Group Name Query", ", [P23]Name to add=[n2]#", + "[P5]ResponseCorrelator=[w]\n[P16]Name to add=[n2]\n" }, + { "Add Name Query", ", [P23]Name to add=[n2]#", + "[P5]ResponseCorrelator=[w]\n[P16]Name to add=[n2]\n" }, + { "Name In Conflict", NULL, NULL }, + { "Status Query", NULL, NULL }, + { NULL, NULL, NULL }, /* not used */ + { NULL, NULL, NULL }, /* not used */ + { NULL, NULL, NULL }, /* not used */ + { "Terminate Trace", NULL, NULL }, + { "Datagram", NULL, + "[P7]Destination=[n2]\nSource=[n2]\n" }, + { "Broadcast Datagram", NULL, + "[P7]Destination=[n2]\nSource=[n2]\n" }, + { "Name Query", ", [P7]Name=[n2]#", + "[P1]SessionNumber=[B]\nNameType=[B][P2]\nResponseCorrelator=[w]\nName=[n2]\nName of sender=[n2]\n" }, + { NULL, NULL, NULL }, /* not used */ + { NULL, NULL, NULL }, /* not used */ + { "Add Name Response", ", [P1]GroupName=[w] [P4]Destination=[n2] Source=[n2]#", + "AddNameInProcess=[B]\nGroupName=[w]\nTransmitCorrelator=[w][P2]\nDestination=[n2]\nSource=[n2]\n" }, + { "Name Recognized", NULL, + "[P1]Data2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nDestination=[n2]\nSource=[n2]\n" }, + { "Status Response", NULL, NULL }, + { NULL, NULL, NULL }, /* not used */ + { NULL, NULL, NULL }, /* not used */ + { NULL, NULL, NULL }, /* not used */ + { "Terminate Trace", NULL, NULL }, + { "Data Ack", NULL, + "[P3]TransmitCorrelator=[w][P2]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "Data First/Middle", NULL, + "Flags=[{RECEIVE_CONTINUE|NO_ACK||PIGGYBACK_ACK_INCLUDED|}]\nResyncIndicator=[w][P2]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "Data Only/Last", NULL, + "Flags=[{|NO_ACK|PIGGYBACK_ACK_ALLOWED|PIGGYBACK_ACK_INCLUDED|}]\nResyncIndicator=[w][P2]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "Session Confirm", NULL, + "Data1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "Session End", NULL, + "[P1]Data2=[w][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "Session Initialize", NULL, + "Data1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "No Receive", NULL, + "Flags=[{|SEND_NO_ACK}]\nDataBytesAccepted=[b][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "Receive Outstanding", NULL, + "[P1]DataBytesAccepted=[b][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { "Receive Continue", NULL, + "[P2]TransmitCorrelator=[w]\n[P2]RemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" }, + { NULL, NULL, NULL }, /* not used */ + { NULL, NULL, NULL }, /* not used */ + { "Session Alive", NULL, NULL } +}; + void netbeui_print(u_short control, const u_char *data, int length) { @@ -1163,69 +1260,37 @@ netbeui_print(u_short control, const u_char *data, int length) startbuf = data; if (vflag < 2) { - printf("NetBeui Packet"); - return; + printf("NBF Packet: "); + data = smb_fdata(data, "[P5]#", maxbuf); + } else { + printf("\n>>> NBF Packet\nType=0x%X ", control); + data = smb_fdata(data, "Length=[d] Signature=[w] Command=[B]\n#", maxbuf); } - - printf("\n>>> NetBeui Packet\nType=0x%X ", control); - data = smb_fdata(data, "Length=[d] Signature=[w] Command=[B]\n#", maxbuf); if (data == NULL) goto out; - switch (command) { - case 0xA: - data = smb_fdata(data, "NameQuery:[P1]\nSessionNumber=[B]\nNameType=[B][P2]\nResponseCorrelator=[w]\nDestination=[n2]\nSource=[n2]\n", data2); - break; - - case 0x8: - data = smb_fdata(data, - "NetbiosDataGram:[P7]\nDestination=[n2]\nSource=[n2]\n", data2); - break; - - case 0xE: - data = smb_fdata(data, - "NameRecognise:\n[P1]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nDestination=[n2]\nSource=[n2]\n", - data2); - break; - - case 0x19: - data = smb_fdata(data, - "SessionInitialise:\nData1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n", - data2); - break; - - case 0x17: - data = smb_fdata(data, - "SessionConfirm:\nData1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n", - data2); - break; - - case 0x16: - data = smb_fdata(data, - "NetbiosDataOnlyLast:\nFlags=[{|NO_ACK|PIGGYBACK_ACK_ALLOWED|PIGGYBACK_ACK_INCLUDED|}]\nResyncIndicator=[w][P2]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n", - data2); - break; - - case 0x14: - data = smb_fdata(data, - "NetbiosDataAck:\n[P3]TransmitCorrelator=[w][P2]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n", - data2); - break; - - case 0x18: - data = smb_fdata(data, - "SessionEnd:\n[P1]Data2=[w][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n", - data2); - break; + if (command > 0x1f || nbf_strings[command].name == NULL) { + if (vflag < 2) + data = smb_fdata(data, "Unknown NBF Command#", data2); + else + data = smb_fdata(data, "Unknown NBF Command\n", data2); + } else { + if (vflag < 2) { + printf("%s", nbf_strings[command].name); + if (nbf_strings[command].nonverbose != NULL) + data = smb_fdata(data, nbf_strings[command].nonverbose, data2); + } else { + printf("%s:\n", nbf_strings[command].name); + if (nbf_strings[command].verbose != NULL) + data = smb_fdata(data, nbf_strings[command].verbose, data2); + else + printf("\n"); + } + } - case 0x1f: - data = smb_fdata(data, "SessionAlive\n", data2); - break; + if (vflag < 2) + return; - default: - data = smb_fdata(data, "Unknown Netbios Command ", data2); - break; - } if (data == NULL) goto out; @@ -1234,6 +1299,11 @@ netbeui_print(u_short control, const u_char *data, int length) goto out; } + /* If this isn't a command that would contain an SMB message, quit. */ + if (command != 0x08 && command != 0x09 && command != 0x15 && + command != 0x16) + goto out; + /* If there isn't enough data for "\377SMB", don't look for it. */ if (&data2[3] >= maxbuf) goto out;