Translate UDP/1700 as RADIUS

Used for Cisco CoA/Disconnect, as shown on https://supportforums.cisco.com/discussion/11719766/ise-112-change-authorization-avaya-switches-5520. The RFC says port 3799, but Cisco does this otherwise, which means this is not an officially reserved port for RADIUS.

diff --git a/print-udp.c b/print-udp.c
index 313a332c2d21b4fd8bfe7c45773f339ab8f6d799..37679eb169454e7b814a19dd47e55e9ee55a874e 100644 (file)
--- a/print-udp.c
+++ b/print-udp.c
@@ -613,6 +613,7 @@ udp_print(netdissect_options *ndo, register const u_char *bp, u_int length,
                         IS_SRC_OR_DST_PORT(RADIUS_NEW_PORT) ||
                         IS_SRC_OR_DST_PORT(RADIUS_ACCOUNTING_PORT) ||
                         IS_SRC_OR_DST_PORT(RADIUS_NEW_ACCOUNTING_PORT) ||
+                        IS_SRC_OR_DST_PORT(RADIUS_CISCO_COA_PORT) ||
                         IS_SRC_OR_DST_PORT(RADIUS_COA_PORT) )
                        radius_print(ndo, (const u_char *)(up+1), length);
                else if (dport == HSRP_PORT)

diff --git a/tests/RADIUS-port1700.pcap b/tests/RADIUS-port1700.pcap
new file mode 100644 (file)
index 0000000..aa7b24e
Binary files /dev/null and b/tests/RADIUS-port1700.pcap differ

diff --git a/tests/TESTLIST b/tests/TESTLIST
index 97cd83b89212e7f88b71ee8a32aeabfc7534f2bd..33d5697cd6a0a59c31cefd534280f460cba0307a 100644 (file)
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -249,6 +249,7 @@ decnet              DECnet_Phone.pcap       decnet.out      -t
 radius-v       RADIUS.pcap     radius-v.out    -t -v
 radius-rfc4675 RADIUS-RFC4675.pcap     radius-rfc4675-v.out    -t -v
 radius-rfc5176 RADIUS-RFC5176.pcap     radius-rfc5176-v.out    -t -v
+radius-port1700        RADIUS-port1700.pcap    radius-port1700-v.out   -t -v
 
 # link-level protocols
 dtp-v          DTP.pcap                dtp-v.out               -t -v

diff --git a/tests/radius-port1700-v.out b/tests/radius-port1700-v.out
new file mode 100644 (file)
index 0000000..389c763
--- /dev/null
+++ b/tests/radius-port1700-v.out
@@ -0,0 +1,4 @@
+IP (tos 0x0, ttl 64, id 44978, offset 0, flags [none], proto UDP (17), length 53)
+    127.0.0.1.42172 > 127.0.0.1.1700: RADIUS, length: 25
+       CoA-Request (43), id: 0xa6, Authenticator: 7fbf02c6662b5990838a5e6e331b3ff0
+         User-Name Attribute (1), length: 5, Value: bob

diff --git a/udp.h b/udp.h
index 0927c6b891c37dd431c0eccf5ab81157b266c5c9..0e7cf9702aa1f1752ceb2372e474523089ef0076 100644 (file)
--- a/udp.h
+++ b/udp.h
@@ -200,6 +200,9 @@ struct udphdr {
 #ifndef RADIUS_ACCOUNTING_PORT
 #define RADIUS_ACCOUNTING_PORT         1646
 #endif
+#ifndef RADIUS_CISCO_COA_PORT
+#define RADIUS_CISCO_COA_PORT          1700
+#endif
 #ifndef L2TP_PORT
 #define L2TP_PORT                      1701    /*XXX*/
 #endif