Moved source port equal BCM_LI_PORT to bottom of long if else chain

BCM_LI_SHIM (BCM_LI_PORT) value is set to 49152, therefore when the
source port is 49152, it does not matter what the true destination is,
it defaults to Broadcom. So tcpdump interprets any packet with source
UDP port of 49152 as BCM_LI_SHIM (Broadcom). Ports 49152+, by
definition are ephemeral ports so it's totally reasonable that, for
example, BFD is using that source port for their packets. To prevent,
for example, BFD packets from being wrongly identified as BCM_LI_SHIM
packets, the "else if" statement has been moved to bottom of long chain.

Add a test file.

diff --git a/print-udp.c b/print-udp.c
index bbe5f1cbc6a674ac948a5d39eb79f7492e43b6d4..f1f5b66281bad08be5d50fa169e7a67d380f52a3 100644 (file)
--- a/print-udp.c
+++ b/print-udp.c
@@ -622,8 +622,6 @@ udp_print(netdissect_options *ndo, const u_char *bp, u_int length,
                                        (IP_V(ip) == 6) ? 1 : 0);
                else if (IS_SRC_OR_DST_PORT(MPLS_LSP_PING_PORT))
                        lspping_print(ndo, cp, length);
-               else if (sport == BCM_LI_PORT)
-                       bcm_li_print(ndo, cp, length);
                else if (dport == BFD_CONTROL_PORT ||
                         dport == BFD_MULTIHOP_PORT ||
                         dport == BFD_LAG_PORT ||
@@ -675,6 +673,8 @@ udp_print(netdissect_options *ndo, const u_char *bp, u_int length,
                else if (IS_SRC_OR_DST_PORT(HTTPS_PORT) &&
                         quic_detect(ndo, cp, length))
                        quic_print(ndo, cp, length);
+               else if (sport == BCM_LI_PORT)
+                       bcm_li_print(ndo, cp, length);
                else {
                        if (ulen > length && !fragmented)
                                ND_PRINT("UDP, bad length %u > %u",

diff --git a/tests/TESTLIST b/tests/TESTLIST
index 6aa94a14725550e92d9bbf4e6d0689020e0d5237..a30659051825f46c4e2315a3be8afdfda3fd4fa1 100644 (file)
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -853,6 +853,8 @@ bfd-lag             bfd-lag.pcap            bfd-lag.out
 bfd-lag-v      bfd-lag.pcap            bfd-lag-v.out           -v
 bfd-sbfd       bfd-sbfd.pcap           bfd-sbfd.out
 bfd-sbfd-v     bfd-sbfd.pcap           bfd-sbfd-v.out          -v
+# BFD with source port 49152
+bfd_source_port_49152 bfd_source_port_49152.pcap bfd_source_port_49152.out -v
 
 # Arista Vendor Specific Tests
 arista-ether             arista_ether.pcap        arista_ether.out

diff --git a/tests/bfd_source_port_49152.out b/tests/bfd_source_port_49152.out
new file mode 100644 (file)
index 0000000..f9c3bdd
--- /dev/null
+++ b/tests/bfd_source_port_49152.out
@@ -0,0 +1,8 @@
+    1  09:58:19.559328 IP (tos 0xe0, ttl 255, id 40257, offset 0, flags [DF], proto UDP (17), length 52)
+    11.11.11.2.49152 > 11.11.11.1.3784: BFDv1, length: 24
+       Control, State Up, Flags: [Control Plane Independent], Diagnostic: No Diagnostic (0x00)
+       Detection Timer Multiplier: 3 (300 ms Detection time), BFD Length: 24
+       My Discriminator: 0x80000001, Your Discriminator: 0x80000001
+         Desired min Tx Interval:     100 ms
+         Required min Rx Interval:    100 ms
+         Required min Echo Interval:    0 ms

diff --git a/tests/bfd_source_port_49152.pcap b/tests/bfd_source_port_49152.pcap
new file mode 100644 (file)
index 0000000..bae9da1
Binary files /dev/null and b/tests/bfd_source_port_49152.pcap differ