gre: recognize (Cisco?) GRE keepalives.

The RFCs don't seem to mention this use, but Cisco, at least, uses
packets with a protocol value of 0x0000 as keepalives.

diff --git a/print-gre.c b/print-gre.c
index 4b301601c418c0b57cc78eff69420d3403381e1b..f1efa0f241b0be8f67e4e335d0707c1ef5179a3e 100644 (file)
--- a/print-gre.c
+++ b/print-gre.c
@@ -213,6 +213,14 @@ gre_print_0(netdissect_options *ndo, const u_char *bp, u_int length)
                ND_PRINT("\n\t"); /* if verbose go multiline */
 
        switch (prot) {
+       case 0x0000:
+               /*
+                * 0x0000 is reserved, but Cisco, at least, appears to
+                * use it for keep-alives; see, for example,
+                * https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html#anc1
+                */
+               printf("keep-alive");
+               break;
        case ETHERTYPE_IP:
                ip_print(ndo, bp, len);
                break;