X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/fb75d3cd5ad603bd255d9cdc20aeca674c6f3720..d511b994b9931460771dc56c70b791204178d157:/print-null.c

diff --git a/print-null.c b/print-null.c
index 37adb4f0..e8af2196 100644
--- a/print-null.c
+++ b/print-null.c
@@ -20,121 +20,180 @@
  */
 
 #ifndef lint
-static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-null.c,v 1.37 2000-10-03 02:55:00 itojun Exp $ (LBL)";
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/print-null.c,v 1.51 2003-11-16 09:36:30 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
-#include <sys/param.h>
-#include <sys/time.h>
-#include <sys/socket.h>
-#include <sys/file.h>
-#include <sys/ioctl.h>
-
-struct mbuf;
-struct rtentry;
-
-#include <netinet/in.h>
+#include <tcpdump-stdinc.h>
 
 #include <pcap.h>
 #include <stdio.h>
 #include <string.h>
 
-#ifdef INET6
-#include <netinet/ip6.h>
-#endif
-
 #include "interface.h"
 #include "addrtoname.h"
 
 #include "ip.h"
-
-#ifndef AF_NS
-#define AF_NS		6		/* XEROX NS protocols */
+#ifdef INET6
+#include "ip6.h"
 #endif
 
 /*
- * The DLT_NULL packet header is 4 bytes long. It contains a network
- * order 32 bit integer that specifies the family, e.g. AF_INET
+ * The DLT_NULL packet header is 4 bytes long. It contains a host-byte-order
+ * 32-bit integer that specifies the family, e.g. AF_INET.
+ *
+ * Note here that "host" refers to the host on which the packets were
+ * captured; that isn't necessarily *this* host.
+ *
+ * The OpenBSD DLT_LOOP packet header is the same, except that the integer
+ * is in network byte order.
  */
 #define	NULL_HDRLEN 4
 
+/*
+ * BSD AF_ values.
+ *
+ * Unfortunately, the BSDs don't all use the same value for AF_INET6,
+ * so, because we want to be able to read captures from all of the BSDs,
+ * we check for all of them.
+ */
+#define BSD_AF_INET		2
+#define BSD_AF_NS		6		/* XEROX NS protocols */
+#define BSD_AF_ISO		7
+#define BSD_AF_APPLETALK	16
+#define BSD_AF_IPX		23
+#define BSD_AF_INET6_BSD	24	/* OpenBSD (and probably NetBSD), BSD/OS */
+#define BSD_AF_INET6_FREEBSD	28
+#define BSD_AF_INET6_DARWIN	30
+
 static void
-null_print(const u_char *p, const struct ip *ip, u_int length)
+null_print(u_int family, u_int length)
 {
-	u_int family;
-
-	memcpy((char *)&family, (char *)p, sizeof(family));
-
-	if (nflag) {
-		/* XXX just dump the header */
-		return;
-	}
-	switch (family) {
+	if (nflag)
+		printf("AF %u ", family);
+	else {
+		switch (family) {
 
-	case AF_INET:
-		printf("ip: ");
-		break;
+		case BSD_AF_INET:
+			printf("ip ");
+			break;
 
 #ifdef INET6
-	case AF_INET6:
-		printf("ip6: ");
-		break;
+		case BSD_AF_INET6_BSD:
+		case BSD_AF_INET6_FREEBSD:
+		case BSD_AF_INET6_DARWIN:
+			printf("ip6 ");
+			break;
 #endif
 
-	case AF_NS:
-		printf("ns: ");
-		break;
+		case BSD_AF_NS:
+			printf("ns ");
+			break;
 
-	default:
-		printf("AF %d: ", family);
-		break;
+		case BSD_AF_ISO:
+			printf("osi ");
+			break;
+
+		case BSD_AF_APPLETALK:
+			printf("atalk ");
+			break;
+
+		case BSD_AF_IPX:
+			printf("ipx ");
+			break;
+
+		default:
+			printf("AF %u ", family);
+			break;
+		}
 	}
+	printf("%d: ", length);
 }
 
-void
-null_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+/*
+ * Byte-swap a 32-bit number.
+ * ("htonl()" or "ntohl()" won't work - we want to byte-swap even on
+ * big-endian platforms.)
+ */
+#define	SWAPLONG(y) \
+((((y)&0xff)<<24) | (((y)&0xff00)<<8) | (((y)&0xff0000)>>8) | (((y)>>24)&0xff))
+
+/*
+ * This is the top level routine of the printer.  'p' points
+ * to the ether header of the packet, 'h->ts' is the timestamp,
+ * 'h->length' is the length of the packet off the wire, and 'h->caplen'
+ * is the number of bytes actually captured.
+ */
+u_int
+null_if_print(const struct pcap_pkthdr *h, const u_char *p)
 {
 	u_int length = h->len;
 	u_int caplen = h->caplen;
-	const struct ip *ip;
+	u_int family;
+
+	if (caplen < NULL_HDRLEN) {
+		printf("[|null]");
+		return (NULL_HDRLEN);
+	}
 
-	ts_print(&h->ts);
+	memcpy((char *)&family, (char *)p, sizeof(family));
 
 	/*
-	 * Some printers want to get back at the link level addresses,
-	 * and/or check that they're not walking off the end of the packet.
-	 * Rather than pass them all the way down, we set these globals.
+	 * This isn't necessarily in our host byte order; if this is
+	 * a DLT_LOOP capture, it's in network byte order, and if
+	 * this is a DLT_NULL capture from a machine with the opposite
+	 * byte-order, it's in the opposite byte order from ours.
+	 *
+	 * If the upper 16 bits aren't all zero, assume it's byte-swapped.
 	 */
-	packetp = p;
-	snapend = p + caplen;
+	if ((family & 0xFFFF0000) != 0)
+		family = SWAPLONG(family);
 
 	length -= NULL_HDRLEN;
-
-	ip = (struct ip *)(p + NULL_HDRLEN);
+	caplen -= NULL_HDRLEN;
+	p += NULL_HDRLEN;
 
 	if (eflag)
-		null_print(p, ip, length);
+		null_print(family, length);
 
-	switch (IP_V(ip)) {
-	case 4:
-		ip_print((const u_char *)ip, length);
+	switch (family) {
+
+	case BSD_AF_INET:
+		ip_print(p, length);
 		break;
+
 #ifdef INET6
-	case 6:
-		ip6_print((const u_char *)ip, length);
+	case BSD_AF_INET6_BSD:
+	case BSD_AF_INET6_FREEBSD:
+	case BSD_AF_INET6_DARWIN:
+		ip6_print(p, length);
 		break;
-#endif /* INET6 */
-	default:
-		printf("ip v%d", IP_V(ip));
+#endif
+
+	case BSD_AF_ISO:
+		isoclns_print(p, length, caplen);
 		break;
+
+	case BSD_AF_APPLETALK:
+		atalk_print(p, length);
+		break;
+
+	case BSD_AF_IPX:
+		ipx_print(p, length);
+		break;
+
+	default:
+		/* unknown AF_ value */
+		if (!eflag)
+			null_print(family, length + NULL_HDRLEN);
+		if (!xflag && !qflag)
+			default_print(p, caplen);
 	}
 
-	if (xflag)
-		default_print((const u_char *)ip, caplen - NULL_HDRLEN);
-	putchar('\n');
+	return (NULL_HDRLEN);
 }