print-rt6.c
print-rx.c
print-sl.c
+print-sll.c
print-smb.c
print-snmp.c
print-stp.c
setsignal.h
slip.h
slcompress.h
+sll.h
smb.h
smbutil.c
stime.awk
# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
-# @(#) $Header: /tcpdump/master/tcpdump/Makefile.in,v 1.243 2000-11-02 02:18:28 fenner Exp $ (LBL)
+# @(#) $Header: /tcpdump/master/tcpdump/Makefile.in,v 1.244 2000-12-21 10:43:20 guy Exp $ (LBL)
#
# Various configurable paths (remember to edit Makefile.in, not Makefile)
print-lane.c print-cip.c print-pppoe.c print-lcp.c \
print-smb.c smbutil.c print-ascii.c print-telnet.c print-cnfp.c \
print-vrrp.c print-cdp.c print-token.c print-bxxp.c print-timed.c \
- print-radius.c
+ print-radius.c print-sll.c
LOCALSRC = @LOCALSRC@
GENSRC = version.c
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.147 2000-12-18 05:41:58 guy Exp $ (LBL)
+ * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.148 2000-12-21 10:43:21 guy Exp $ (LBL)
*/
#ifndef tcpdump_interface_h
const u_char *);
extern void chdlc_if_print(u_char *, const struct pcap_pkthdr *,
const u_char *);
+extern void sll_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
extern void snmp_print(const u_char *, u_int);
extern void sunrpcrequest_print(const u_char *, u_int, const u_char *);
extern void tcp_print(const u_char *, u_int, const u_char *, int);
--- /dev/null
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+#ifndef lint
+static const char rcsid[] =
+ "@(#) $Header: /tcpdump/master/tcpdump/print-sll.c,v 1.1 2000-12-21 10:43:22 guy Exp $ (LBL)";
+#endif
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+struct mbuf;
+struct rtentry;
+
+#include <netinet/in.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <pcap.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "ethertype.h"
+
+#include "ether.h"
+#include "sll.h"
+
+const u_char *packetp;
+const u_char *snapend;
+
+static inline void
+sll_print(register const u_char *bp, u_int length)
+{
+ register const struct sll_header *sllp;
+ u_short halen;
+
+ sllp = (const struct sll_header *)bp;
+
+ switch (ntohs(sllp->sll_pkttype)) {
+
+ case LINUX_SLL_HOST:
+ (void)printf("< ");
+ break;
+
+ case LINUX_SLL_BROADCAST:
+ (void)printf("B ");
+ break;
+
+ case LINUX_SLL_MULTICAST:
+ (void)printf("M ");
+ break;
+
+ case LINUX_SLL_OTHERHOST:
+ (void)printf("P ");
+ break;
+
+ case LINUX_SLL_OUTGOING:
+ (void)printf("> ");
+ break;
+
+ default:
+ (void)printf("? ");
+ break;
+ }
+
+ /*
+ * XXX - check the link-layer address type value?
+ * For now, we just assume 6 means Ethernet.
+ * XXX - print others as strings of hex?
+ */
+ halen = ntohs(sllp->sll_halen);
+ if (halen == 6)
+ (void)printf("%s ", etheraddr_string(sllp->sll_addr));
+
+ if (!qflag)
+ (void)printf("%s ", etherproto_string(sllp->sll_protocol));
+ (void)printf("%d: ", length);
+}
+
+/*
+ * This is the top level routine of the printer. 'p' is the points
+ * to the ether header of the packet, 'h->tv' is the timestamp,
+ * 'h->length' is the length of the packet off the wire, and 'h->caplen'
+ * is the number of bytes actually captured.
+ */
+void
+sll_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+{
+ u_int caplen = h->caplen;
+ u_int length = h->len;
+ register const struct sll_header *sllp;
+ u_short pkttype;
+ struct ether_header ehdr;
+ u_short ether_type;
+ u_short extracted_ethertype;
+
+ ts_print(&h->ts);
+
+ if (caplen < SLL_HDR_LEN) {
+ /*
+ * XXX - this "can't happen" because "pcap-linux.c" always
+ * adds this many bytes of header to every packet in a
+ * cooked socket capture.
+ */
+ printf("[|sll]");
+ goto out;
+ }
+
+ sllp = (const struct sll_header *)p;
+
+ /*
+ * Fake up an Ethernet header for the benefit of printers that
+ * insist on "packetp" pointing to an Ethernet header.
+ */
+ pkttype = ntohs(sllp->sll_pkttype);
+
+ /* The source address is in the packet header */
+ memcpy(ehdr.ether_shost, sllp->sll_addr, ETHER_ADDR_LEN);
+
+ if (pkttype != LINUX_SLL_OUTGOING) {
+ /*
+ * We received this packet.
+ *
+ * We don't know the destination address, so
+ * we fake it - all 0's except that the
+ * bottommost bit of the bottommost octet
+ * is set for a unicast packet, all 0's except
+ * that the bottommost bit of the uppermost
+ * octet is set for a multicast packet, all
+ * 1's for a broadcast packet.
+ */
+ if (pkttype == LINUX_SLL_BROADCAST)
+ memset(ehdr.ether_dhost, 0xFF, ETHER_ADDR_LEN);
+ else {
+ memset(ehdr.ether_dhost, 0, ETHER_ADDR_LEN);
+ if (pkttype == LINUX_SLL_MULTICAST)
+ ehdr.ether_dhost[0] = 1;
+ else
+ ehdr.ether_dhost[ETHER_ADDR_LEN-1] = 1;
+ }
+ } else {
+ /*
+ * We sent this packet; we don't know whether it's
+ * broadcast, multicast, or unicast, so just make
+ * the destination address all 0's.
+ */
+ memset(ehdr.ether_dhost, 0, ETHER_ADDR_LEN);
+ }
+
+ if (eflag)
+ sll_print(p, length);
+
+ /*
+ * Some printers want to get back at the ethernet addresses,
+ * and/or check that they're not walking off the end of the packet.
+ * Rather than pass them all the way down, we set these globals.
+ */
+ packetp = p;
+ snapend = p + caplen;
+
+ length -= SLL_HDR_LEN;
+ caplen -= SLL_HDR_LEN;
+ p += SLL_HDR_LEN;
+
+ ether_type = ntohs(sllp->sll_protocol);
+
+ /*
+ * Is it (gag) an 802.3 encapsulation?
+ */
+ extracted_ethertype = 0;
+ if (ether_type <= ETHERMTU) {
+ /* Try to print the LLC-layer header & higher layers */
+ if (llc_print(p, length, caplen, ESRC(&ehdr), EDST(&ehdr),
+ &extracted_ethertype) == 0) {
+ /* ether_type not known, print raw packet */
+ if (!eflag)
+ sll_print(packetp, length);
+ if (extracted_ethertype) {
+ printf("(LLC %s) ",
+ etherproto_string(htons(extracted_ethertype)));
+ }
+ if (!xflag && !qflag)
+ default_print(p, caplen);
+ }
+ } else if (ether_encap_print(ether_type, p, length, caplen,
+ &extracted_ethertype) == 0) {
+ /* ether_type not known, print raw packet */
+ if (!eflag)
+ sll_print(p - SLL_HDR_LEN, length + SLL_HDR_LEN);
+ if (!xflag && !qflag)
+ default_print(p, caplen);
+ }
+ if (xflag)
+ default_print(p, caplen);
+ out:
+ putchar('\n');
+}
--- /dev/null
+/*-
+ * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from the Stanford/CMU enet packet filter,
+ * (net/enet.c) distributed as part of 4.3BSD, and code contributed
+ * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
+ * Berkeley Laboratory.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#) $Header: /tcpdump/master/tcpdump/sll.h,v 1.1 2000-12-21 10:43:23 guy Exp $ (LBL)
+ */
+
+/*
+ * For captures on Linux cooked sockets, we construct a fake header
+ * that includes:
+ *
+ * a 2-byte "packet type" which is one of:
+ *
+ * LINUX_SLL_HOST packet was sent to us
+ * LINUX_SLL_BROADCAST packet was broadcast
+ * LINUX_SLL_MULTICAST packet was multicast
+ * LINUX_SLL_OTHERHOST packet was sent to somebody else
+ * LINUX_SLL_OUTGOING packet was sent *by* us;
+ *
+ * a 2-byte Ethernet protocol field;
+ *
+ * a 2-byte link-layer type;
+ *
+ * a 2-byte link-layer address length;
+ *
+ * an 8-byte source link-layer address, whose actual length is
+ * specified by the previous value.
+ *
+ * All fields except for the link-layer address are in network byte order.
+ */
+
+/*
+ * A DLT_LINUX_SLL fake link-layer header.
+ */
+#define SLL_HDR_LEN 16 /* total header length */
+#define SLL_ADDRLEN 8 /* length of address field */
+
+struct sll_header {
+ u_int16_t sll_pkttype; /* packet type */
+ u_int16_t sll_protocol; /* protocol */
+ u_int16_t sll_hatype; /* link-layer address type */
+ u_int16_t sll_halen; /* link-layer address length */
+ u_int8_t sll_addr[SLL_ADDRLEN]; /* link-layer address */
+};
+
+/*
+ * The LINUX_SLL_ values; they are defined here so that they're available
+ * even on systems other than Linux, but they should be given the same
+ * values as the corresponding PACKET_ values on Linux. (Let's hope
+ * those values never change.)
+ */
+#define LINUX_SLL_HOST 0
+#define LINUX_SLL_BROADCAST 1
+#define LINUX_SLL_MULTICAST 2
+#define LINUX_SLL_OTHERHOST 3
+#define LINUX_SLL_OUTGOING 4
"@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997\n\
The Regents of the University of California. All rights reserved.\n";
static const char rcsid[] =
- "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.157 2000-12-16 22:00:50 guy Exp $ (LBL)";
+ "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.158 2000-12-21 10:43:24 guy Exp $ (LBL)";
#endif
/*
#endif
#ifdef DLT_PPP_SERIAL
{ ppp_hdlc_if_print, DLT_PPP_SERIAL },
+#endif
+#ifdef DLT_LINUX_SLL
+ { sll_if_print, DLT_LINUX_SLL },
#endif
{ NULL, 0 },
};
projects / tcpdump / commitdiff
