From: mcr Date: Sun, 17 Oct 1999 21:56:53 +0000 (+0000) Subject: ASCII patches for tcpdump. X-Git-Tag: tcpdump-3.5.1~543 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/2d86b23ecde8e2e815ace35e5060856fa61a7e36 ASCII patches for tcpdump. AH/ESP printing. --- diff --git a/Makefile.in b/Makefile.in index 14d241dd..a129aeba 100644 --- a/Makefile.in +++ b/Makefile.in @@ -17,7 +17,7 @@ # WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. # -# @(#) $Header: /tcpdump/master/tcpdump/Makefile.in,v 1.208 1999-10-09 23:57:19 mcr Exp $ (LBL) +# @(#) $Header: /tcpdump/master/tcpdump/Makefile.in,v 1.209 1999-10-17 21:56:53 mcr Exp $ (LBL) # # Various configurable paths (remember to edit Makefile.in, not Makefile) @@ -66,7 +66,8 @@ INSTALL = @INSTALL@ CSRC = tcpdump.c \ print-arp.c print-atalk.c print-atm.c print-bootp.c \ print-decnet.c print-domain.c print-dvmrp.c print-egp.c \ - print-ether.c print-fddi.c print-gre.c print-icmp.c \ + print-ether.c print-fddi.c print-isakmp.c print-ah.c print-esp.c \ + print-gre.c print-icmp.c \ print-igrp.c print-ip.c print-ipx.c print-isoclns.c print-krb.c \ print-llc.c print-nfs.c print-ntp.c print-null.c print-ospf.c \ print-pim.c print-ppp.c print-raw.c print-rip.c print-sl.c \ diff --git a/interface.h b/interface.h index 6c6e0bba..efe98e98 100644 --- a/interface.h +++ b/interface.h @@ -1,5 +1,7 @@ +/* $NetBSD: interface.h,v 1.2 1995/03/06 19:10:18 mycroft Exp $ */ + /* - * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 + * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -18,26 +20,33 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.106 1999-10-17 21:37:10 mcr Exp $ (LBL) + * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.107 1999-10-17 21:56:53 mcr Exp $ (LBL) */ -#ifndef tcpdump_interface_h -#define tcpdump_interface_h +#ifdef __GNUC__ +#define inline __inline +#ifndef __dead +#define __dead volatile +#endif +#else +#define inline +#define __dead +#endif + +#include "os.h" /* operating system stuff */ +#include "md.h" /* machine dependent stuff */ -#include "gnuc.h" -#ifdef HAVE_OS_PROTO_H -#include "os-proto.h" +#ifndef SIGRET +#define SIGRET void /* default */ #endif -struct tok { +struct token { int v; /* value */ char *s; /* string */ }; -extern int aflag; /* translate network and broadcast addresses */ extern int dflag; /* print filter code */ extern int eflag; /* print ethernet header */ -extern int fflag; /* don't translate "foreign" IP address */ extern int nflag; /* leave addresses as numbers */ extern int Nflag; /* remove domains from printed host names */ extern int qflag; /* quick (shorter) output */ @@ -109,47 +118,38 @@ extern int packettype; /* as specified by -T */ extern char *program_name; /* used to generate self-identifying messages */ -extern int32_t thiszone; /* seconds offset from gmt to local time */ - extern int snaplen; /* global pointers to beginning and end of current packet (during printing) */ extern const u_char *packetp; extern const u_char *snapend; -/* True if "l" bytes of "var" were captured */ -#define TTEST2(var, l) ((u_char *)&(var) <= snapend - (l)) - -/* True if "var" was captured */ -#define TTEST(var) TTEST2(var, sizeof(var)) - -/* Bail if "l" bytes of "var" were not captured */ -#define TCHECK2(var, l) if (!TTEST2(var, l)) goto trunc +extern int fddipad; /* alignment offset for FDDI headers, in bytes */ -/* Bail if "var" was not captured */ -#define TCHECK(var) TCHECK2(var, sizeof(var)) - -#ifdef __STDC__ +/* Eliminate some bogus warnings. */ struct timeval; -#endif + +typedef void (*printfunc)(u_char *, struct timeval *, int, int); extern void ts_print(const struct timeval *); +extern int clock_sigfigs(void); +int gmt2local(void); extern int fn_print(const u_char *, const u_char *); extern int fn_printn(const u_char *, u_int, const u_char *); -extern const char *tok2str(const struct tok *, const char *, int); +extern const char *tok2str(const struct token *, const char *, int); extern char *dnaddr_string(u_short); +extern char *savestr(const char *); +extern int initdevice(char *, int, int *); extern void wrapup(int); -#if __STDC__ -extern __dead void error(const char *, ...) - __attribute__((volatile, format (printf, 1, 2))); -extern void warning(const char *, ...) __attribute__ ((format (printf, 1, 2))); -#endif +extern __dead void error(char *, ...); +extern void warning(char *, ...); extern char *read_infile(char *); extern char *copy_argv(char **); +extern void usage(void); extern char *isonsap_string(const u_char *); extern char *llcsap_string(u_char); extern char *protoid_string(const u_char *); @@ -158,52 +158,57 @@ extern char *dnnum_string(u_short); /* The printer routines. */ -#ifdef __STDC__ struct pcap_pkthdr; -#endif -extern int ether_encap_print(u_short, const u_char *, u_int, u_int); -extern int llc_print(const u_char *, u_int, u_int, const u_char *, - const u_char *); -extern void aarp_print(const u_char *, u_int); -extern void arp_print(const u_char *, u_int, u_int); -extern void atalk_print(const u_char *, u_int); -extern void atm_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); -extern void bootp_print(const u_char *, u_int, u_short, u_short); -extern void decnet_print(const u_char *, u_int, u_int); -extern void default_print(const u_char *, u_int); -extern void default_print_unaligned(const u_char *, u_int); -extern void dvmrp_print(const u_char *, u_int); -extern void egp_print(const u_char *, u_int, const u_char *); extern void ether_if_print(u_char *, const struct pcap_pkthdr *, - const u_char *); -extern void fddi_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); -extern void gre_print(const u_char *, u_int); -extern void icmp_print(const u_char *, const u_char *); -extern void igrp_print(const u_char *, u_int, const u_char *); -extern void ip_print(const u_char *, u_int); -extern void ipx_print(const u_char *, u_int); -extern void isoclns_print(const u_char *, u_int, u_int, const u_char *, - const u_char *); -extern void krb_print(const u_char *, u_int); -extern void nfsreply_print(const u_char *, u_int, const u_char *); -extern void nfsreq_print(const u_char *, u_int, const u_char *); -extern void ns_print(const u_char *, u_int); -extern void ntp_print(const u_char *, u_int); -extern void null_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); -extern void ospf_print(const u_char *, u_int, const u_char *); -extern void pim_print(const u_char *, u_int); + const u_char *); +extern void fddi_if_print(u_char *, const struct pcap_pkthdr *, const u_char*); +extern void null_if_print(u_char *, const struct pcap_pkthdr *, const u_char*); extern void ppp_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); -extern void ppp_bsdos_if_print(u_char *, const struct pcap_pkthdr *, - const u_char *); -extern void raw_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); -extern void rip_print(const u_char *, u_int); extern void sl_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); -extern void sl_bsdos_if_print(u_char *, const struct pcap_pkthdr *, - const u_char *); -extern void snmp_print(const u_char *, u_int); -extern void sunrpcrequest_print(const u_char *, u_int, const u_char *); -extern void tcp_print(const u_char *, u_int, const u_char *); -extern void tftp_print(const u_char *, u_int); -extern void udp_print(const u_char *, u_int, const u_char *); -extern void wb_print(const void *, u_int); + +extern void arp_print(const u_char *, int, int); +extern void ip_print(const u_char *, int); +extern void tcp_print(const u_char *, int, const u_char *); +extern void udp_print(const u_char *, int, const u_char *); +extern void icmp_print(const u_char *, const u_char *); +extern void default_print(const u_char *, int); +extern void default_print_unaligned(const u_char *, int); + +extern void aarp_print(const u_char *, int); +extern void atalk_print(const u_char *, int); +extern void bootp_print(const u_char *, int, u_short, u_short); +extern void decnet_print(const u_char *, int, int); +extern void egp_print(const u_char *, int, const u_char *); +extern int ether_encap_print(u_short, const u_char *, int, int); +extern void ipx_print(const u_char *, int length); +extern void isoclns_print(const u_char *, int, int, + const u_char *, const u_char *); +extern int llc_print(const u_char *, int, int, const u_char *, const u_char *); +extern void nfsreply_print(const u_char *, int, const u_char *); +extern void nfsreq_print(const u_char *, int, const u_char *); +extern void ns_print(const u_char *, int); +extern void ntp_print(const u_char *, int); +extern void ospf_print(const u_char *, int, const u_char *); +extern void rip_print(const u_char *, int); +extern void snmp_print(const u_char *, int); +extern void sunrpcrequest_print(const u_char *, int, const u_char *); +extern void tftp_print(const u_char *, int); +extern void wb_print(const void *, int); +extern void print_ipproto(u_int proto, const struct ip *ip, const u_char *cp, int len); + +#define min(a,b) ((a)>(b)?(b):(a)) +#define max(a,b) ((b)>(a)?(b):(a)) + +/* + * The default snapshot length. This value allows most printers to print + * useful information while keeping the amount of unwanted data down. + * In particular, it allows for an ethernet header, tcp/ip header, and + * 14 bytes of data (assuming no ip options). + */ +#define DEFAULT_SNAPLEN 512 + +#ifndef BIG_ENDIAN +#define BIG_ENDIAN 4321 +#define LITTLE_ENDIAN 1234 +#endif diff --git a/print-ah.c b/print-ah.c new file mode 100644 index 00000000..61bdf91c --- /dev/null +++ b/print-ah.c @@ -0,0 +1,101 @@ +/* $NetBSD: print-ah.c,v 1.4 1996/05/20 00:41:16 fvdl Exp $ */ + +/* + * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that: (1) source code distributions + * retain the above copyright notice and this paragraph in its entirety, (2) + * distributions including binary code include the above copyright notice and + * this paragraph in its entirety in the documentation or other materials + * provided with the distribution, and (3) all advertising materials mentioning + * features or use of this software display the following acknowledgement: + * ``This product includes software developed by the University of California, + * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of + * the University nor the names of its contributors may be used to endorse + * or promote products derived from this software without specific prior + * written permission. + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +#ifndef lint +static char rcsid[] = + "@(#) Header: print-ah.c,v 1.37 94/06/10 17:01:42 mccanne Exp (LBL)"; +#endif + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#undef NOERROR /* Solaris sucks */ +#include +#include + +#ifdef SOLARIS +#include +#endif +#include + +#include +#include + +#include "interface.h" +#include "addrtoname.h" +#include "appletalk.h" + +#include "nfs.h" +#include "bootp.h" + +extern int packettype; + + +void +ah_print(register const u_char *bp, int length, register const u_char *bp2) +{ + register const struct ip *ip; + register const u_char *cp, *nh; + u_short nextheader; + u_short ahlen, authlen; + u_long spi, seqno; + + ip = (struct ip *)bp2; + + (void)printf("AH %s > %s\n\t\t", + ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); + + if (length < 8) { + (void)printf(" [|ah] truncated-ah %d", length); + return; + } + + nextheader = bp[0]; + ahlen = bp[1]; + spi = ntohl(*((u_long *)(bp+4))); + seqno = ntohl(*((u_long *)(bp+8))); + authlen = ahlen - 12; + + nh = bp+ahlen; + + if(authlen > length || authlen == 0) + { + authlen = length; + } + + (void)printf("spi:%08x seqno:%d authlen: %d authdata: ", spi, + seqno, authlen); + (void)default_print_unaligned(bp+12, authlen); + + (void)print_ipproto(nextheader, ip, nh, length-authlen); +} diff --git a/print-esp.c b/print-esp.c new file mode 100644 index 00000000..97ab366e --- /dev/null +++ b/print-esp.c @@ -0,0 +1,91 @@ +/* $NetBSD: print-ah.c,v 1.4 1996/05/20 00:41:16 fvdl Exp $ */ + +/* + * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that: (1) source code distributions + * retain the above copyright notice and this paragraph in its entirety, (2) + * distributions including binary code include the above copyright notice and + * this paragraph in its entirety in the documentation or other materials + * provided with the distribution, and (3) all advertising materials mentioning + * features or use of this software display the following acknowledgement: + * ``This product includes software developed by the University of California, + * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of + * the University nor the names of its contributors may be used to endorse + * or promote products derived from this software without specific prior + * written permission. + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +#ifndef lint +static char rcsid[] = + "@(#) Header: print-ah.c,v 1.37 94/06/10 17:01:42 mccanne Exp (LBL)"; +#endif + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#undef NOERROR /* Solaris sucks */ +#include +#include + +#ifdef SOLARIS +#include +#endif +#include + +#include +#include + +#include "interface.h" +#include "addrtoname.h" +#include "appletalk.h" + +#include "nfs.h" +#include "bootp.h" + +extern int packettype; + + +void +esp_print(register const u_char *bp, int length, register const u_char *bp2) +{ + register const struct ip *ip; + register const u_char *cp, *nh; + u_short ahlen, authlen; + u_long spi, seqno; + + ip = (struct ip *)bp2; + + (void)printf("ESP %s > %s\n\t\t", + ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); + + if (length < 8) { + (void)printf(" [|esp] truncated-esp %d", length); + return; + } + + spi = ntohl(*((u_long *)(bp))); + seqno = ntohl(*((u_long *)(bp+4))); + + nh = bp+ahlen; + + (void)printf("spi:%08x seqno:%d ciphertext: ", spi, seqno); + (void)default_print_unaligned(bp+8, length-8); + + /* XXX it would be nice to decrypt! */ +} diff --git a/print-ip.c b/print-ip.c index 49d9c540..2951875e 100644 --- a/print-ip.c +++ b/print-ip.c @@ -1,5 +1,7 @@ +/* $NetBSD: print-ip.c,v 1.4 1995/04/24 13:27:43 cgd Exp $ */ + /* - * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 + * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -21,11 +23,12 @@ #ifndef lint static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.67 1999-10-17 21:37:13 mcr Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.68 1999-10-17 21:56:54 mcr Exp $ (LBL)"; #endif #include #include +#include #include #include @@ -34,160 +37,49 @@ static const char rcsid[] = #include #include -#ifdef HAVE_MALLOC_H -#include -#endif #include +#ifdef __STDC__ #include -#include +#endif #include -#include "addrtoname.h" #include "interface.h" -#include "extract.h" /* must come after interface.h */ - -/* Compatibility */ -#ifndef IPPROTO_ND -#define IPPROTO_ND 77 -#endif - -#ifndef IN_CLASSD -#define IN_CLASSD(i) (((int32_t)(i) & 0xf0000000) == 0xe0000000) -#endif - -/* (following from ipmulti/mrouted/prune.h) */ - -/* - * The packet format for a traceroute request. - */ -struct tr_query { - u_int tr_src; /* traceroute source */ - u_int tr_dst; /* traceroute destination */ - u_int tr_raddr; /* traceroute response address */ -#ifdef WORDS_BIGENDIAN - struct { - u_int ttl : 8; /* traceroute response ttl */ - u_int qid : 24; /* traceroute query id */ - } q; -#else - struct { - u_int qid : 24; /* traceroute query id */ - u_int ttl : 8; /* traceroute response ttl */ - } q; -#endif -}; - -#define tr_rttl q.ttl -#define tr_qid q.qid - -/* - * Traceroute response format. A traceroute response has a tr_query at the - * beginning, followed by one tr_resp for each hop taken. - */ -struct tr_resp { - u_int tr_qarr; /* query arrival time */ - u_int tr_inaddr; /* incoming interface address */ - u_int tr_outaddr; /* outgoing interface address */ - u_int tr_rmtaddr; /* parent address in source tree */ - u_int tr_vifin; /* input packet count on interface */ - u_int tr_vifout; /* output packet count on interface */ - u_int tr_pktcnt; /* total incoming packets for src-grp */ - u_char tr_rproto; /* routing proto deployed on router */ - u_char tr_fttl; /* ttl required to forward on outvif */ - u_char tr_smask; /* subnet mask for src addr */ - u_char tr_rflags; /* forwarding error codes */ -}; - -/* defs within mtrace */ -#define TR_QUERY 1 -#define TR_RESP 2 - -/* fields for tr_rflags (forwarding error codes) */ -#define TR_NO_ERR 0 -#define TR_WRONG_IF 1 -#define TR_PRUNED 2 -#define TR_OPRUNED 3 -#define TR_SCOPED 4 -#define TR_NO_RTE 5 -#define TR_NO_FWD 7 -#define TR_NO_SPACE 0x81 -#define TR_OLD_ROUTER 0x82 - -/* fields for tr_rproto (routing protocol) */ -#define TR_PROTO_DVMRP 1 -#define TR_PROTO_MOSPF 2 -#define TR_PROTO_PIM 3 -#define TR_PROTO_CBT 4 - -static void print_mtrace(register const u_char *bp, register u_int len) -{ - register struct tr_query *tr = (struct tr_query *)(bp + 8); - - printf("mtrace %d: %s to %s reply-to %s", tr->tr_qid, - ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst), - ipaddr_string(&tr->tr_raddr)); - if (IN_CLASSD(ntohl(tr->tr_raddr))) - printf(" with-ttl %d", tr->tr_rttl); -} - -static void print_mresp(register const u_char *bp, register u_int len) -{ - register struct tr_query *tr = (struct tr_query *)(bp + 8); - - printf("mresp %d: %s to %s reply-to %s", tr->tr_qid, - ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst), - ipaddr_string(&tr->tr_raddr)); - if (IN_CLASSD(ntohl(tr->tr_raddr))) - printf(" with-ttl %d", tr->tr_rttl); -} +#include "addrtoname.h" static void -igmp_print(register const u_char *bp, register u_int len, +igmp_print(register const u_char *bp, register int len, register const u_char *bp2) { register const struct ip *ip; + register const u_char *ep; ip = (const struct ip *)bp2; + ep = (const u_char *)snapend; (void)printf("%s > %s: ", ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); - TCHECK2(bp[0], 8); - switch (bp[0]) { - case 0x11: + if (bp + 7 > ep) { + (void)printf("[|igmp]"); + return; + } + switch (bp[0] & 0xf) { + case 1: (void)printf("igmp query"); if (*(int *)&bp[4]) (void)printf(" [gaddr %s]", ipaddr_string(&bp[4])); if (len != 8) (void)printf(" [len %d]", len); break; - case 0x12: + case 2: (void)printf("igmp report %s", ipaddr_string(&bp[4])); if (len != 8) (void)printf(" [len %d]", len); break; - case 0x16: - (void)printf("igmp nreport %s", ipaddr_string(&bp[4])); - break; - case 0x17: - (void)printf("igmp leave %s", ipaddr_string(&bp[4])); - break; - case 0x13: - (void)printf("igmp dvmrp"); + case 3: + (void)printf("igmp dvmrp %s", ipaddr_string(&bp[4])); if (len < 8) (void)printf(" [len %d]", len); - else - dvmrp_print(bp, len); - break; - case 0x14: - (void)printf("igmp pim"); - pim_print(bp, len); - break; - case 0x1e: - print_mresp(bp, len); - break; - case 0x1f: - print_mtrace(bp, len); break; default: (void)printf("igmp-%d", bp[0] & 0xf); @@ -195,37 +87,18 @@ igmp_print(register const u_char *bp, register u_int len, } if ((bp[0] >> 4) != 1) (void)printf(" [v%d]", bp[0] >> 4); - - TCHECK2(bp[0], len); - if (vflag) { - /* Check the IGMP checksum */ - u_int32_t sum = 0; - int count; - const u_short *sp = (u_short *)bp; - - for (count = len / 2; --count >= 0; ) - sum += *sp++; - if (len & 1) - sum += ntohs(*(u_char *) sp << 8); - while (sum >> 16) - sum = (sum & 0xffff) + (sum >> 16); - sum = 0xffff & ~sum; - if (sum != 0) - printf(" bad igmp cksum %x!", EXTRACT_16BITS(&bp[2])); - } - return; -trunc: - fputs("[|igmp]", stdout); + if (bp[1]) + (void)printf(" [b1=0x%x]", bp[1]); } /* * print the recorded route in an IP RR, LSRR or SSRR option. */ static void -ip_printroute(const char *type, register const u_char *cp, u_int length) +ip_printroute(const char *type, register const u_char *cp, int length) { - register u_int ptr = cp[2] - 1; - register u_int len; + int ptr = cp[2] - 1; + int len; printf(" %s{", type); if ((length + 1) & 3) @@ -237,7 +110,15 @@ ip_printroute(const char *type, register const u_char *cp, u_int length) for (len = 3; len < length; len += 4) { if (ptr == len) type = "#"; +#ifdef TCPDUMP_ALIGN + { + struct in_addr addr; + bcopy((char *)&cp[len], (char *)&addr, sizeof(addr)); + printf("%s%s", type, ipaddr_string(&addr)); + } +#else printf("%s%s", type, ipaddr_string(&cp[len])); +#endif type = " "; } printf("%s}", ptr == len? "#" : ""); @@ -247,18 +128,14 @@ ip_printroute(const char *type, register const u_char *cp, u_int length) * print IP options. */ static void -ip_optprint(register const u_char *cp, u_int length) +ip_optprint(register const u_char *cp, int length) { - register u_int len; + int len; for (; length > 0; cp += len, length -= len) { int tt = *cp; len = (tt == IPOPT_NOP || tt == IPOPT_EOL) ? 1 : cp[1]; - if (len <= 0) { - printf("[|ip op len %d]", len); - return; - } if (&cp[1] >= snapend || cp + len > snapend) { printf("[|ip]"); return; @@ -311,7 +188,7 @@ static int in_cksum(const struct ip *ip) { register const u_short *sp = (u_short *)ip; - register u_int32_t sum = 0; + register u_int32 sum = 0; register int count; /* @@ -326,41 +203,107 @@ in_cksum(const struct ip *ip) return (sum); } + +void +print_ipproto(u_int proto, const struct ip *ip, + const u_char *cp, int len) +{ + switch (proto) { + case IPPROTO_TCP: + tcp_print(cp, len, (const u_char *)ip); + break; + case IPPROTO_UDP: + udp_print(cp, len, (const u_char *)ip); + break; + case IPPROTO_ICMP: + icmp_print(cp, (const u_char *)ip); + break; + case IPPROTO_ND: + (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); + (void)printf(" nd %d", len); + break; + case IPPROTO_EGP: + egp_print(cp, len, (const u_char *)ip); + break; +#ifndef IPPROTO_OSPF +#define IPPROTO_OSPF 89 +#endif + case IPPROTO_OSPF: + ospf_print(cp, len, (const u_char *)ip); + break; +#ifndef IPPROTO_IGMP +#define IPPROTO_IGMP 2 +#endif + case IPPROTO_IGMP: + igmp_print(cp, len, (const u_char *)ip); + break; +#ifndef IPPROTO_ENCAP +#define IPPROTO_ENCAP 4 +#endif + case IPPROTO_ENCAP: + /* ip-in-ip encapsulation */ + if (vflag) + (void)printf("%s > %s: ", + ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); + ip_print(cp, len); + if (! vflag) { + printf(" (encap)"); + return; + } + break; + +#ifndef IPPROTO_ESP +#define IPPROTO_ESP 50 +#endif + case IPPROTO_ESP: + esp_print(cp, len, (const u_char *)ip); + break; + +#ifndef IPPROTO_AH +#define IPPROTO_AH 51 +#endif + case IPPROTO_AH: + ah_print(cp, len, (const u_char *)ip); + break; + + default: + (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); + (void)printf(" ip-proto-%d %d", proto, len); + break; + } +} + /* * print an IP datagram. */ void -ip_print(register const u_char *bp, register u_int length) +ip_print(register const u_char *bp, register int length) { register const struct ip *ip; - register u_int hlen, len, off; + register int hlen; + register int len; + register int off; register const u_char *cp; ip = (const struct ip *)bp; -#ifdef LBL_ALIGN +#ifdef TCPDUMP_ALIGN /* - * If the IP header is not aligned, copy into abuf. + * The IP header is not word aligned, so copy into abuf. * This will never happen with BPF. It does happen raw packet * dumps from -r. */ - if ((long)ip & 3) { - static u_char *abuf = NULL; - static int didwarn = 0; + if ((long)ip & (sizeof(long)-1)) { + static u_char *abuf; - if (abuf == NULL) { + if (abuf == 0) abuf = (u_char *)malloc(snaplen); - if (abuf == NULL) - error("ip_print: malloc"); - } - memcpy((char *)abuf, (char *)ip, min(length, snaplen)); + bcopy((char *)ip, (char *)abuf, min(length, snaplen)); snapend += abuf - (u_char *)ip; packetp = abuf; ip = (struct ip *)abuf; - /* We really want libpcap to give us aligned packets */ - if (!didwarn) { - warning("compensating for unaligned libpcap packets"); - ++didwarn; - } } #endif if ((u_char *)(ip + 1) > snapend) { @@ -386,86 +329,7 @@ ip_print(register const u_char *bp, register u_int length) off = ntohs(ip->ip_off); if ((off & 0x1fff) == 0) { cp = (const u_char *)ip + hlen; - switch (ip->ip_p) { - - case IPPROTO_TCP: - tcp_print(cp, len, (const u_char *)ip); - break; - - case IPPROTO_UDP: - udp_print(cp, len, (const u_char *)ip); - break; - - case IPPROTO_ICMP: - icmp_print(cp, (const u_char *)ip); - break; - -#ifndef IPPROTO_IGRP -#define IPPROTO_IGRP 9 -#endif - case IPPROTO_IGRP: - igrp_print(cp, len, (const u_char *)ip); - break; - - case IPPROTO_ND: - (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); - (void)printf(" nd %d", len); - break; - - case IPPROTO_EGP: - egp_print(cp, len, (const u_char *)ip); - break; - -#ifndef IPPROTO_OSPF -#define IPPROTO_OSPF 89 -#endif - case IPPROTO_OSPF: - ospf_print(cp, len, (const u_char *)ip); - break; - -#ifndef IPPROTO_IGMP -#define IPPROTO_IGMP 2 -#endif - case IPPROTO_IGMP: - igmp_print(cp, len, (const u_char *)ip); - break; - - case 4: - /* DVMRP multicast tunnel (ip-in-ip encapsulation) */ - if (vflag) - (void)printf("%s > %s: ", - ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); - ip_print(cp, len); - if (! vflag) { - printf(" (ipip)"); - return; - } - break; - -#ifndef IPPROTO_GRE -#define IPPROTO_GRE 47 -#endif - case IPPROTO_GRE: - if (vflag) - (void)printf("gre %s > %s: ", - ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); - /* do it */ - gre_print(cp, len); - if (! vflag) { - printf(" (gre encap)"); - return; - } - break; - - default: - (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), - ipaddr_string(&ip->ip_dst)); - (void)printf(" ip-proto-%d %d", ip->ip_p, len); - break; - } + print_ipproto(ip->ip_p, ip, cp, len); } /* * for fragmented datagrams, print id:size@offset. On all @@ -504,13 +368,11 @@ ip_print(register const u_char *bp, register u_int length) (void)printf("%sid %d", sep, (int)ntohs(ip->ip_id)); sep = ", "; } - if ((u_char *)ip + hlen <= snapend) { - sum = in_cksum(ip); - if (sum != 0) { - (void)printf("%sbad cksum %x!", sep, - ntohs(ip->ip_sum)); - sep = ", "; - } + sum = in_cksum(ip); + if (sum != 0) { + (void)printf("%sbad cksum %x!", sep, + ntohs(ip->ip_sum)); + sep = ", "; } if ((hlen -= sizeof(struct ip)) > 0) { (void)printf("%soptlen=%d", sep, hlen); diff --git a/print-udp.c b/print-udp.c index 465e64d3..869f54e9 100644 --- a/print-udp.c +++ b/print-udp.c @@ -21,7 +21,7 @@ #ifndef lint static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/print-udp.c,v 1.61 1999-10-17 21:37:16 mcr Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-udp.c,v 1.62 1999-10-17 21:56:54 mcr Exp $ (LBL)"; #endif #include @@ -294,6 +294,10 @@ rtcp_print(const u_char *hdr, const u_char *ep) #define RIP_PORT 520 /*XXX*/ #define KERBEROS_SEC_PORT 750 /*XXX*/ +#define ISAKMP_PORT 500 +#define ISAKMP_UPORT1 7500 +#define ISAKMP_UPORT2 8500 + void udp_print(register const u_char *bp, u_int length, register const u_char *bp2) { @@ -441,6 +445,11 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2) ntp_print((const u_char *)(up + 1), length); else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT)) krb_print((const void *)(up + 1), length); + else if (ISPORT(ISAKMP_PORT) || + ISPORT(ISAKMP_UPORT1) || + ISPORT(ISAKMP_UPORT2)) { + isakmp_print((const u_char *)(up + 1), length); + } else if (dport == 3456) vat_print((const void *)(up + 1), length, up); /* diff --git a/tcpdump.c b/tcpdump.c index fbc41128..27ceb1d5 100644 --- a/tcpdump.c +++ b/tcpdump.c @@ -24,7 +24,7 @@ static const char copyright[] = "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997\n\ The Regents of the University of California. All rights reserved.\n"; static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.130 1999-10-17 21:37:17 mcr Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.131 1999-10-17 21:56:54 mcr Exp $ (LBL)"; #endif /* @@ -47,6 +47,9 @@ static const char rcsid[] = #include #include +#include +#include + #include "interface.h" #include "addrtoname.h" #include "machdep.h" @@ -387,22 +390,42 @@ cleanup(int signo) void default_print_unaligned(register const u_char *cp, register u_int length) { - register u_int i, s; - register int nshorts; - - nshorts = (u_int) length / sizeof(u_short); - i = 0; - while (--nshorts >= 0) { - if ((i++ % 8) == 0) - (void)printf("\n\t\t\t"); - s = *cp++; - (void)printf(" %02x%02x", s, *cp++); - } - if (length & 1) { - if ((i % 8) == 0) - (void)printf("\n\t\t\t"); - (void)printf(" %02x", *cp); - } + register u_int i, s; + register int nshorts; + + char line[81]; + + nshorts = (u_int) length / sizeof(u_short); + i = 0; + memset(line, ' ', 80); + line[81]='\0'; + + putchar('\n'); + while (nshorts >= 0) { + + snprintf(line+20+i*5, 7, "%02x%02x ", cp[0], cp[1]); + + if(isprint(cp[0])) { + line[62+i*2]=cp[0]; + } else { + line[62+i*2]='.'; + } + if(isprint(cp[1])) { + line[62+i*2+1]=cp[1]; + } else { + line[62+i*2+1]='.'; + } + i++; + if (i == 8) { + line[60]=' '; + line[61]=' '; + line[62+16]='\0'; + puts(line); + i=0; + } + cp += 2; + nshorts--; + } } /* @@ -417,23 +440,7 @@ default_print(register const u_char *bp, register u_int length) register u_int i; register int nshorts; - if ((long)bp & 1) { - default_print_unaligned(bp, length); - return; - } - sp = (u_short *)bp; - nshorts = (u_int) length / sizeof(u_short); - i = 0; - while (--nshorts >= 0) { - if ((i++ % 8) == 0) - (void)printf("\n\t\t\t"); - (void)printf(" %04x", ntohs(*sp++)); - } - if (length & 1) { - if ((i % 8) == 0) - (void)printf("\n\t\t\t"); - (void)printf(" %02x", *(u_char *)sp); - } + default_print_unaligned(bp, length); } __dead void