2 * Redistribution and use in source and binary forms, with or without
3 * modification, are permitted provided that: (1) source code
4 * distributions retain the above copyright notice and this paragraph
5 * in its entirety, and (2) distributions including binary code include
6 * the above copyright notice and this paragraph in its entirety in
7 * the documentation or other materials provided with the distribution.
8 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
9 * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
10 * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
11 * FOR A PARTICULAR PURPOSE.
13 * Original code by Hannes Gredler (hannes@gredler.at)
16 /* \summary: Bidirectional Forwarding Detection (BFD) printer */
18 /* specification: RFC 5880 (for version 1) and RFC 5881 */
24 #include <netdissect-stdinc.h>
26 #include "netdissect.h"
32 * Control packet, BFDv0, draft-katz-ward-bfd-01.txt
35 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
36 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
37 * |Vers | Diag |H|D|P|F| Rsvd | Detect Mult | Length |
38 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
39 * | My Discriminator |
40 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
41 * | Your Discriminator |
42 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
43 * | Desired Min TX Interval |
44 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
45 * | Required Min RX Interval |
46 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
47 * | Required Min Echo RX Interval |
48 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
52 * Control packet, BFDv1, RFC 5880
55 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
56 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
57 * |Vers | Diag |Sta|P|F|C|A|D|M| Detect Mult | Length |
58 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
59 * | My Discriminator |
60 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
61 * | Your Discriminator |
62 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
63 * | Desired Min TX Interval |
64 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
65 * | Required Min RX Interval |
66 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
67 * | Required Min Echo RX Interval |
68 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
74 uint8_t detect_time_multiplier;
76 uint8_t my_discriminator[4];
77 uint8_t your_discriminator[4];
78 uint8_t desired_min_tx_interval[4];
79 uint8_t required_min_rx_interval[4];
80 uint8_t required_min_echo_interval[4];
84 * An optional Authentication Header may be present
87 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
88 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
89 * | Auth Type | Auth Len | Authentication Data... |
90 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
93 struct bfd_auth_header_t {
97 uint8_t dummy; /* minimun 4 bytes */
108 static const struct tok bfd_v1_authentication_values[] = {
109 { AUTH_PASSWORD, "Simple Password" },
110 { AUTH_MD5, "Keyed MD5" },
111 { AUTH_MET_MD5, "Meticulous Keyed MD5" },
112 { AUTH_SHA1, "Keyed SHA1" },
113 { AUTH_MET_SHA1, "Meticulous Keyed SHA1" },
118 AUTH_PASSWORD_FIELD_MIN_LEN = 4, /* header + password min: 3 + 1 */
119 AUTH_PASSWORD_FIELD_MAX_LEN = 19, /* header + password max: 3 + 16 */
120 AUTH_MD5_FIELD_LEN = 24,
121 AUTH_MD5_HASH_LEN = 16,
122 AUTH_SHA1_FIELD_LEN = 28,
123 AUTH_SHA1_HASH_LEN = 20
126 #define BFD_EXTRACT_VERSION(x) (((x)&0xe0)>>5)
127 #define BFD_EXTRACT_DIAG(x) ((x)&0x1f)
129 static const struct tok bfd_port_values[] = {
130 { BFD_CONTROL_PORT, "Control" },
131 { BFD_ECHO_PORT, "Echo" },
135 static const struct tok bfd_diag_values[] = {
136 { 0, "No Diagnostic" },
137 { 1, "Control Detection Time Expired" },
138 { 2, "Echo Function Failed" },
139 { 3, "Neighbor Signaled Session Down" },
140 { 4, "Forwarding Plane Reset" },
142 { 6, "Concatenated Path Down" },
143 { 7, "Administratively Down" },
144 { 8, "Reverse Concatenated Path Down" },
148 static const struct tok bfd_v0_flag_values[] = {
149 { 0x80, "I Hear You" },
153 { 0x08, "Reserved" },
154 { 0x04, "Reserved" },
155 { 0x02, "Reserved" },
156 { 0x01, "Reserved" },
160 #define BFD_FLAG_AUTH 0x04
162 static const struct tok bfd_v1_flag_values[] = {
165 { 0x08, "Control Plane Independent" },
166 { BFD_FLAG_AUTH, "Authentication Present" },
168 { 0x01, "Multipoint" },
172 static const struct tok bfd_v1_state_values[] = {
181 auth_print(netdissect_options *ndo, register const u_char *pptr)
183 const struct bfd_auth_header_t *bfd_auth_header;
186 pptr += sizeof (const struct bfd_header_t);
187 bfd_auth_header = (const struct bfd_auth_header_t *)pptr;
188 ND_TCHECK(*bfd_auth_header);
189 ND_PRINT((ndo, "\n\tAuthentication: %s (%u), length: %u",
190 tok2str(bfd_v1_authentication_values,"Unknown",bfd_auth_header->auth_type),
191 bfd_auth_header->auth_type,
192 bfd_auth_header->auth_len));
194 ND_PRINT((ndo, "\n\t Auth Key ID: %d", *pptr));
196 switch(bfd_auth_header->auth_type) {
199 * Simple Password Authentication Section Format
202 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
203 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
204 * | Auth Type | Auth Len | Auth Key ID | Password... |
205 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
207 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
209 if (bfd_auth_header->auth_len < AUTH_PASSWORD_FIELD_MIN_LEN ||
210 bfd_auth_header->auth_len > AUTH_PASSWORD_FIELD_MAX_LEN) {
211 ND_PRINT((ndo, "[invalid length %d]",
212 bfd_auth_header->auth_len));
216 ND_PRINT((ndo, ", Password: "));
217 /* the length is equal to the password length plus three */
218 if (fn_printn(ndo, pptr, bfd_auth_header->auth_len - 3,
225 * Keyed MD5 and Meticulous Keyed MD5 Authentication Section Format
228 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
229 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
230 * | Auth Type | Auth Len | Auth Key ID | Reserved |
231 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
232 * | Sequence Number |
233 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
234 * | Auth Key/Digest... |
235 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
237 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
239 if (bfd_auth_header->auth_len != AUTH_MD5_FIELD_LEN) {
240 ND_PRINT((ndo, "[invalid length %d]",
241 bfd_auth_header->auth_len));
245 ND_TCHECK2(*pptr, 4);
246 ND_PRINT((ndo, ", Sequence Number: 0x%08x", EXTRACT_32BITS(pptr)));
248 ND_TCHECK2(*pptr, AUTH_MD5_HASH_LEN);
249 ND_PRINT((ndo, "\n\t Digest: "));
250 for(i = 0; i < AUTH_MD5_HASH_LEN; i++)
251 ND_PRINT((ndo, "%02x", pptr[i]));
256 * Keyed SHA1 and Meticulous Keyed SHA1 Authentication Section Format
259 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
260 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
261 * | Auth Type | Auth Len | Auth Key ID | Reserved |
262 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
263 * | Sequence Number |
264 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
265 * | Auth Key/Hash... |
266 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
268 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
270 if (bfd_auth_header->auth_len != AUTH_SHA1_FIELD_LEN) {
271 ND_PRINT((ndo, "[invalid length %d]",
272 bfd_auth_header->auth_len));
276 ND_TCHECK2(*pptr, 4);
277 ND_PRINT((ndo, ", Sequence Number: 0x%08x", EXTRACT_32BITS(pptr)));
279 ND_TCHECK2(*pptr, AUTH_SHA1_HASH_LEN);
280 ND_PRINT((ndo, "\n\t Hash: "));
281 for(i = 0; i < AUTH_SHA1_HASH_LEN; i++)
282 ND_PRINT((ndo, "%02x", pptr[i]));
292 bfd_print(netdissect_options *ndo, register const u_char *pptr,
293 register u_int len, register u_int port)
295 const struct bfd_header_t *bfd_header;
298 bfd_header = (const struct bfd_header_t *)pptr;
299 if (port == BFD_CONTROL_PORT) {
300 ND_TCHECK(*bfd_header);
301 version = BFD_EXTRACT_VERSION(bfd_header->version_diag);
302 } else if (port == BFD_ECHO_PORT) {
303 /* Echo is BFD v1 only */
306 switch ((port << 8) | version) {
309 case (BFD_CONTROL_PORT << 8):
310 if (ndo->ndo_vflag < 1)
312 ND_PRINT((ndo, "BFDv%u, %s, Flags: [%s], length: %u",
314 tok2str(bfd_port_values, "unknown (%u)", port),
315 bittok2str(bfd_v0_flag_values, "none", bfd_header->flags),
320 ND_PRINT((ndo, "BFDv%u, length: %u\n\t%s, Flags: [%s], Diagnostic: %s (0x%02x)",
323 tok2str(bfd_port_values, "unknown (%u)", port),
324 bittok2str(bfd_v0_flag_values, "none", bfd_header->flags),
325 tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(bfd_header->version_diag)),
326 BFD_EXTRACT_DIAG(bfd_header->version_diag)));
328 ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
329 bfd_header->detect_time_multiplier,
330 bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
331 bfd_header->length));
334 ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
335 ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
336 ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
337 ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
338 ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
342 case (BFD_CONTROL_PORT << 8 | 1):
343 if (ndo->ndo_vflag < 1)
345 ND_PRINT((ndo, "BFDv%u, %s, State %s, Flags: [%s], length: %u",
347 tok2str(bfd_port_values, "unknown (%u)", port),
348 tok2str(bfd_v1_state_values, "unknown (%u)", (bfd_header->flags & 0xc0) >> 6),
349 bittok2str(bfd_v1_flag_values, "none", bfd_header->flags & 0x3f),
354 ND_PRINT((ndo, "BFDv%u, length: %u\n\t%s, State %s, Flags: [%s], Diagnostic: %s (0x%02x)",
357 tok2str(bfd_port_values, "unknown (%u)", port),
358 tok2str(bfd_v1_state_values, "unknown (%u)", (bfd_header->flags & 0xc0) >> 6),
359 bittok2str(bfd_v1_flag_values, "none", bfd_header->flags & 0x3f),
360 tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(bfd_header->version_diag)),
361 BFD_EXTRACT_DIAG(bfd_header->version_diag)));
363 ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
364 bfd_header->detect_time_multiplier,
365 bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
366 bfd_header->length));
369 ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
370 ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
371 ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
372 ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
373 ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
375 if (bfd_header->flags & BFD_FLAG_AUTH) {
376 if (auth_print(ndo, pptr))
382 case (BFD_ECHO_PORT << 8): /* not yet supported - fall through */
384 case (BFD_ECHO_PORT << 8 | 1):
387 ND_PRINT((ndo, "BFD, %s, length: %u",
388 tok2str(bfd_port_values, "unknown (%u)", port),
390 if (ndo->ndo_vflag >= 1) {
391 if(!print_unknown_data(ndo, pptr,"\n\t",len))
399 ND_PRINT((ndo, "[|BFD]"));
403 * c-style: whitesmith
projects / FreeBSD / FreeBSD.git / blob