From 266720f258d96234610c25de7b6407e5cf5ef3b2 Mon Sep 17 00:00:00 2001 From: Herwin Weststrate Date: Wed, 22 Jul 2015 17:03:56 +0200 Subject: [PATCH] Translate UDP/1700 as RADIUS Used for Cisco CoA/Disconnect, as shown on https://supportforums.cisco.com/discussion/11719766/ise-112-change-authorization-avaya-switches-5520. The RFC says port 3799, but Cisco does this otherwise, which means this is not an officially reserved port for RADIUS. --- print-udp.c | 1 + tests/RADIUS-port1700.pcap | Bin 0 -> 107 bytes tests/TESTLIST | 1 + tests/radius-port1700-v.out | 4 ++++ udp.h | 3 +++ 5 files changed, 9 insertions(+) create mode 100644 tests/RADIUS-port1700.pcap create mode 100644 tests/radius-port1700-v.out diff --git a/print-udp.c b/print-udp.c index 313a332c..37679eb1 100644 --- a/print-udp.c +++ b/print-udp.c @@ -613,6 +613,7 @@ udp_print(netdissect_options *ndo, register const u_char *bp, u_int length, IS_SRC_OR_DST_PORT(RADIUS_NEW_PORT) || IS_SRC_OR_DST_PORT(RADIUS_ACCOUNTING_PORT) || IS_SRC_OR_DST_PORT(RADIUS_NEW_ACCOUNTING_PORT) || + IS_SRC_OR_DST_PORT(RADIUS_CISCO_COA_PORT) || IS_SRC_OR_DST_PORT(RADIUS_COA_PORT) ) radius_print(ndo, (const u_char *)(up+1), length); else if (dport == HSRP_PORT) diff --git a/tests/RADIUS-port1700.pcap b/tests/RADIUS-port1700.pcap new file mode 100644 index 0000000000000000000000000000000000000000..aa7b24e6e2975cb7bee4430a61b67a2e76dcdb2f GIT binary patch literal 107 zcmca|c+)~A1{MYcU}0bca<2OqgzcEez~BsIgD^7SU~pw%FkQcifx$uWEOR{r10x78 m*~7MkLGkQ)?PUy-_4}EQrD;b_Xzq&3GnTghz{r}Ep9BE@;TM7c literal 0 HcmV?d00001 diff --git a/tests/TESTLIST b/tests/TESTLIST index 97cd83b8..33d5697c 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -249,6 +249,7 @@ decnet DECnet_Phone.pcap decnet.out -t radius-v RADIUS.pcap radius-v.out -t -v radius-rfc4675 RADIUS-RFC4675.pcap radius-rfc4675-v.out -t -v radius-rfc5176 RADIUS-RFC5176.pcap radius-rfc5176-v.out -t -v +radius-port1700 RADIUS-port1700.pcap radius-port1700-v.out -t -v # link-level protocols dtp-v DTP.pcap dtp-v.out -t -v diff --git a/tests/radius-port1700-v.out b/tests/radius-port1700-v.out new file mode 100644 index 00000000..389c7630 --- /dev/null +++ b/tests/radius-port1700-v.out @@ -0,0 +1,4 @@ +IP (tos 0x0, ttl 64, id 44978, offset 0, flags [none], proto UDP (17), length 53) + 127.0.0.1.42172 > 127.0.0.1.1700: RADIUS, length: 25 + CoA-Request (43), id: 0xa6, Authenticator: 7fbf02c6662b5990838a5e6e331b3ff0 + User-Name Attribute (1), length: 5, Value: bob diff --git a/udp.h b/udp.h index 0927c6b8..0e7cf970 100644 --- a/udp.h +++ b/udp.h @@ -200,6 +200,9 @@ struct udphdr { #ifndef RADIUS_ACCOUNTING_PORT #define RADIUS_ACCOUNTING_PORT 1646 #endif +#ifndef RADIUS_CISCO_COA_PORT +#define RADIUS_CISCO_COA_PORT 1700 +#endif #ifndef L2TP_PORT #define L2TP_PORT 1701 /*XXX*/ #endif -- 2.39.5