1 /* $KAME: ping6.c,v 1.169 2003/07/25 06:01:47 itojun Exp $ */
4 * SPDX-License-Identifier: BSD-3-Clause
6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the project nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 /* BSDI ping.c,v 2.3 1996/01/21 17:56:50 jch Exp */
37 * Copyright (c) 1989, 1993
38 * The Regents of the University of California. All rights reserved.
40 * This code is derived from software contributed to Berkeley by
43 * Redistribution and use in source and binary forms, with or without
44 * modification, are permitted provided that the following conditions
46 * 1. Redistributions of source code must retain the above copyright
47 * notice, this list of conditions and the following disclaimer.
48 * 2. Redistributions in binary form must reproduce the above copyright
49 * notice, this list of conditions and the following disclaimer in the
50 * documentation and/or other materials provided with the distribution.
51 * 3. Neither the name of the University nor the names of its contributors
52 * may be used to endorse or promote products derived from this software
53 * without specific prior written permission.
55 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
56 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
57 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
58 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
59 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
60 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
61 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
62 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
63 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
64 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
70 static const char copyright[] =
71 "@(#) Copyright (c) 1989, 1993\n\
72 The Regents of the University of California. All rights reserved.\n";
76 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93";
80 #include <sys/cdefs.h>
81 __FBSDID("$FreeBSD$");
84 * Using the InterNet Control Message Protocol (ICMP) "ECHO" facility,
85 * measure round-trip-delays and packet loss across network paths.
89 * U. S. Army Ballistic Research Laboratory
93 * Public Domain. Distribution Unlimited.
95 * More statistics could always be gathered.
96 * This program has to run SUID to ROOT to access the ICMP socket.
100 * USE_SIN6_SCOPE_ID assumes that sin6_scope_id has the same semantics
101 * as IPV6_PKTINFO. Some people object it (sin6_scope_id specifies *link*
102 * while IPV6_PKTINFO specifies *interface*. Link is defined as collection of
103 * network attached to 1 or more interfaces)
106 #include <sys/param.h>
107 #include <sys/capsicum.h>
109 #include <sys/socket.h>
112 #include <net/route.h>
114 #include <netinet/in.h>
115 #include <netinet/ip6.h>
116 #include <netinet/icmp6.h>
117 #include <arpa/inet.h>
118 #include <arpa/nameser.h>
121 #include <capsicum_helpers.h>
122 #include <casper/cap_dns.h>
123 #include <libcasper.h>
134 #include <sysexits.h>
139 #include <netipsec/ah.h>
140 #include <netipsec/ipsec.h>
150 #define MAXPACKETLEN 131072
152 #define ICMP6ECHOLEN 8 /* icmp echo header len excluding time */
153 #define ICMP6ECHOTMLEN sizeof(struct tv32)
154 #define ICMP6_NIQLEN (ICMP6ECHOLEN + 8)
155 # define CONTROLLEN 10240 /* ancillary data buffer size RFC3542 20.1 */
156 /* FQDN case, 64 bits of nonce + 32 bits ttl */
157 #define ICMP6_NIRLEN (ICMP6ECHOLEN + 12)
158 #define EXTRA 256 /* for AH and various other headers. weird. */
159 #define DEFDATALEN ICMP6ECHOTMLEN
160 #define MAXDATALEN MAXPACKETLEN - IP6LEN - ICMP6ECHOLEN
161 #define NROUTES 9 /* number of record route slots */
162 #define MAXWAIT 10000 /* max ms to wait for response */
163 #define MAXALARM (60 * 60) /* max seconds for alarm timeout */
165 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */
166 #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */
167 #define SET(bit) (A(bit) |= B(bit))
168 #define CLR(bit) (A(bit) &= (~B(bit)))
169 #define TST(bit) (A(bit) & B(bit))
171 #define F_FLOOD 0x0001
172 #define F_INTERVAL 0x0002
173 #define F_PINGFILLED 0x0008
174 #define F_QUIET 0x0010
175 #define F_RROUTE 0x0020
176 #define F_SO_DEBUG 0x0040
177 #define F_VERBOSE 0x0100
179 #ifdef IPSEC_POLICY_IPSEC
180 #define F_POLICY 0x0400
182 #define F_AUTHHDR 0x0200
183 #define F_ENCRYPT 0x0400
184 #endif /*IPSEC_POLICY_IPSEC*/
186 #define F_NODEADDR 0x0800
187 #define F_FQDN 0x1000
188 #define F_INTERFACE 0x2000
189 #define F_SRCADDR 0x4000
190 #define F_HOSTNAME 0x10000
191 #define F_FQDNOLD 0x20000
192 #define F_NIGROUP 0x40000
193 #define F_SUPTYPES 0x80000
194 #define F_NOMINMTU 0x100000
195 #define F_ONCE 0x200000
196 #define F_AUDIBLE 0x400000
197 #define F_MISSED 0x800000
198 #define F_DONTFRAG 0x1000000
199 #define F_NOUSERDATA (F_NODEADDR | F_FQDN | F_FQDNOLD | F_SUPTYPES)
200 #define F_WAITTIME 0x2000000
201 static u_int options;
203 #define IN6LEN sizeof(struct in6_addr)
204 #define SA6LEN sizeof(struct sockaddr_in6)
205 #define DUMMY_PORT 10101
207 #define SIN6(s) ((struct sockaddr_in6 *)(s))
210 * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum
211 * number of received sequence numbers we can keep track of. Change 128
212 * to 8192 for complete accuracy...
214 #define MAX_DUP_CHK (8 * 8192)
215 static int mx_dup_ck = MAX_DUP_CHK;
216 static char rcvd_tbl[MAX_DUP_CHK / 8];
218 static struct sockaddr_in6 dst; /* who to ping6 */
219 static struct sockaddr_in6 src; /* src addr of this packet */
220 static socklen_t srclen;
221 static size_t datalen = DEFDATALEN;
222 static int ssend; /* send socket file descriptor */
223 static int srecv; /* receive socket file descriptor */
224 static u_char outpack[MAXPACKETLEN];
225 static char BSPACE = '\b'; /* characters written for flood */
226 static char BBELL = '\a'; /* characters written for AUDIBLE */
227 static char DOT = '.';
228 static char *hostname;
229 static int ident; /* process id to identify our packets */
230 static u_int8_t nonce[8]; /* nonce field for node information */
231 static int hoplimit = -1; /* hoplimit */
232 static int tclass = -1; /* traffic class */
233 static int pcp = -2; /* vlan priority code point */
234 static u_char *packet = NULL;
235 static cap_channel_t *capdns;
238 static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */
239 static long npackets; /* max packets to transmit */
240 static long nreceived; /* # of packets we got back */
241 static long nrepeats; /* number of duplicates */
242 static long ntransmitted; /* sequence # for outbound packets = #sent */
243 static long ntransmitfailures; /* number of transmit failures */
244 static int interval = 1000; /* interval between packets in ms */
245 static int waittime = MAXWAIT; /* timeout for each packet */
246 static long nrcvtimeout = 0; /* # of packets we got back after waittime */
249 static int timing; /* flag to do timing */
250 static double tmin = 999999999.0; /* minimum round trip time */
251 static double tmax = 0.0; /* maximum round trip time */
252 static double tsum = 0.0; /* sum of all times, for doing average */
253 static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */
255 /* for node addresses */
256 static u_short naflags;
258 /* for ancillary data(advanced API) */
259 static struct msghdr smsghdr;
260 static struct iovec smsgiov;
261 static char *scmsg = 0;
263 static volatile sig_atomic_t seenint;
265 static volatile sig_atomic_t seeninfo;
268 int main(int, char *[]);
269 static cap_channel_t *capdns_setup(void);
270 static void fill(char *, char *);
271 static int get_hoplim(struct msghdr *);
272 static int get_pathmtu(struct msghdr *);
273 static struct in6_pktinfo *get_rcvpktinfo(struct msghdr *);
274 static void onsignal(int);
275 static void onint(int);
276 static size_t pingerlen(void);
277 static int pinger(void);
278 static const char *pr_addr(struct sockaddr *, int);
279 static void pr_icmph(struct icmp6_hdr *, u_char *);
280 static void pr_iph(struct ip6_hdr *);
281 static void pr_suptypes(struct icmp6_nodeinfo *, size_t);
282 static void pr_nodeaddr(struct icmp6_nodeinfo *, int);
283 static int myechoreply(const struct icmp6_hdr *);
284 static int mynireply(const struct icmp6_nodeinfo *);
285 static const char *dnsdecode(const u_char *, const u_char *, const u_char *,
287 static void pr_pack(u_char *, int, struct msghdr *);
288 static void pr_exthdrs(struct msghdr *);
289 static void pr_ip6opt(void *, size_t);
290 static void pr_rthdr(void *, size_t);
291 static int pr_bitrange(u_int32_t, int, int);
292 static void pr_retip(struct ip6_hdr *, u_char *);
293 static void summary(void);
294 static int setpolicy(int, char *);
295 static char *nigroup(char *, int);
296 static void usage(void);
299 main(int argc, char *argv[])
301 struct timespec last, intvl;
302 struct sockaddr_in6 from, *sin6;
303 struct addrinfo hints, *res;
304 struct sigaction si_sa;
306 int almost_done, ch, hold, packlen, preload, optval, error;
307 int nig_oldmcprefix = -1;
309 char *e, *target, *ifname = NULL, *gateway = NULL;
311 struct cmsghdr *scmsgp = NULL;
312 /* For control (ancillary) data received from recvmsg() */
313 u_char cm[CONTROLLEN];
314 #if defined(SO_SNDBUF) && defined(SO_RCVBUF)
319 struct in6_pktinfo pktinfo;
320 char *cmsg_pktinfo = NULL;
321 struct ip6_rthdr *rthdr = NULL;
322 #ifdef IPSEC_POLICY_IPSEC
323 char *policy_in = NULL;
324 char *policy_out = NULL;
329 #ifdef IPV6_USE_MIN_MTU
332 cap_rights_t rights_srecv;
333 cap_rights_t rights_ssend;
334 cap_rights_t rights_stdin;
336 /* just to be sure */
337 memset(&smsghdr, 0, sizeof(smsghdr));
338 memset(&smsgiov, 0, sizeof(smsgiov));
339 memset(&pktinfo, 0, sizeof(pktinfo));
341 intvl.tv_sec = interval / 1000;
342 intvl.tv_nsec = interval % 1000 * 1000000;
344 alarmtimeout = preload = 0;
345 datap = &outpack[ICMP6ECHOLEN + ICMP6ECHOTMLEN];
346 capdns = capdns_setup();
350 #ifdef IPSEC_POLICY_IPSEC
354 #endif /*IPSEC_POLICY_IPSEC*/
356 while ((ch = getopt(argc, argv,
357 "k:b:C:c:DdfHe:m:I:i:l:unNop:qaAS:s:OvyYW:t:z:" ADDOPTS)) != -1) {
364 options &= ~F_NOUSERDATA;
365 options |= F_NODEADDR;
366 for (cp = optarg; *cp != '\0'; cp++) {
369 naflags |= NI_NODEADDR_FLAG_ALL;
373 naflags |= NI_NODEADDR_FLAG_COMPAT;
377 naflags |= NI_NODEADDR_FLAG_LINKLOCAL;
381 naflags |= NI_NODEADDR_FLAG_SITELOCAL;
385 naflags |= NI_NODEADDR_FLAG_GLOBAL;
387 case 'A': /* experimental. not in the spec */
388 #ifdef NI_NODEADDR_FLAG_ANYCAST
389 naflags |= NI_NODEADDR_FLAG_ANYCAST;
393 "-a A is not supported on the platform");
404 #if defined(SO_SNDBUF) && defined(SO_RCVBUF)
407 lsockbufsize = strtoul(optarg, &e, 10);
408 sockbufsize = (int)lsockbufsize;
409 if (errno || !*optarg || *e ||
410 lsockbufsize > INT_MAX)
411 errx(1, "invalid socket buffer size");
414 "-b option ignored: SO_SNDBUF/SO_RCVBUF socket options not supported");
417 case 'C': /* vlan priority code point */
418 pcp = strtol(optarg, &e, 10);
419 if (*optarg == '\0' || *e != '\0')
420 errx(1, "illegal vlan pcp %s", optarg);
421 if (7 < pcp || pcp < -1)
422 errx(1, "illegal vlan pcp -- %s", optarg);
425 npackets = strtol(optarg, &e, 10);
426 if (npackets <= 0 || *optarg == '\0' || *e != '\0')
428 "illegal number of packets -- %s", optarg);
431 options |= F_DONTFRAG;
434 options |= F_SO_DEBUG;
439 errx(1, "Must be superuser to flood ping");
442 setbuf(stdout, (char *)NULL);
448 options |= F_HOSTNAME;
450 case 'm': /* hoplimit */
451 hoplimit = strtol(optarg, &e, 10);
452 if (*optarg == '\0' || *e != '\0')
453 errx(1, "illegal hoplimit %s", optarg);
454 if (255 < hoplimit || hoplimit < -1)
456 "illegal hoplimit -- %s", optarg);
460 options |= F_INTERFACE;
461 #ifndef USE_SIN6_SCOPE_ID
465 case 'i': /* wait between sending packets */
466 t = strtod(optarg, &e);
467 if (*optarg == '\0' || *e != '\0')
468 errx(1, "illegal timing interval %s", optarg);
469 if (t < 1 && getuid()) {
470 errx(1, "%s: only root may use interval < 1s",
473 intvl.tv_sec = (time_t)t;
475 (long)((t - intvl.tv_sec) * 1000000000);
476 if (intvl.tv_sec < 0)
477 errx(1, "illegal timing interval %s", optarg);
478 /* less than 1/hz does not make sense */
479 if (intvl.tv_sec == 0 && intvl.tv_nsec < 1000) {
480 warnx("too small interval, raised to .000001");
481 intvl.tv_nsec = 1000;
483 options |= F_INTERVAL;
488 errx(1, "Must be superuser to preload");
490 preload = strtol(optarg, &e, 10);
491 if (preload < 0 || *optarg == '\0' || *e != '\0')
492 errx(1, "illegal preload value -- %s", optarg);
495 #ifdef IPV6_USE_MIN_MTU
499 errx(1, "-%c is not supported on this platform", ch);
503 options &= ~F_HOSTNAME;
506 options |= F_NIGROUP;
512 case 'p': /* fill buffer with user pattern */
513 options |= F_PINGFILLED;
514 fill((char *)datap, optarg);
520 options |= F_AUDIBLE;
526 memset(&hints, 0, sizeof(struct addrinfo));
527 hints.ai_flags = AI_NUMERICHOST; /* allow hostname? */
528 hints.ai_family = AF_INET6;
529 hints.ai_socktype = SOCK_RAW;
530 hints.ai_protocol = IPPROTO_ICMPV6;
532 error = cap_getaddrinfo(capdns, optarg, NULL, &hints, &res);
534 errx(1, "invalid source address: %s",
535 gai_strerror(error));
538 * res->ai_family must be AF_INET6 and res->ai_addrlen
539 * must be sizeof(src).
541 memcpy(&src, res->ai_addr, res->ai_addrlen);
542 srclen = res->ai_addrlen;
544 options |= F_SRCADDR;
546 case 's': /* size of packet to send */
547 datalen = strtol(optarg, &e, 10);
548 if (datalen <= 0 || *optarg == '\0' || *e != '\0')
549 errx(1, "illegal datalen value -- %s", optarg);
550 if (datalen > MAXDATALEN) {
552 "datalen value too large, maximum is %d",
557 options &= ~F_NOUSERDATA;
558 options |= F_SUPTYPES;
561 options |= F_VERBOSE;
564 options &= ~F_NOUSERDATA;
568 options &= ~F_NOUSERDATA;
569 options |= F_FQDNOLD;
572 t = strtod(optarg, &e);
573 if (*e || e == optarg || t > (double)INT_MAX)
574 err(EX_USAGE, "invalid timing interval: `%s'",
576 options |= F_WAITTIME;
580 alarmtimeout = strtoul(optarg, &e, 0);
581 if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX))
582 errx(EX_USAGE, "invalid timeout: `%s'",
584 if (alarmtimeout > MAXALARM)
585 errx(EX_USAGE, "invalid timeout: `%s' > %d",
588 struct itimerval itv;
590 timerclear(&itv.it_interval);
591 timerclear(&itv.it_value);
592 itv.it_value.tv_sec = (time_t)alarmtimeout;
593 if (setitimer(ITIMER_REAL, &itv, NULL) != 0)
597 case 'z': /* traffic class */
598 tclass = strtol(optarg, &e, 10);
599 if (*optarg == '\0' || *e != '\0')
600 errx(1, "illegal traffic class %s", optarg);
601 if (255 < tclass || tclass < -1)
603 "illegal traffic class -- %s", optarg);
606 #ifdef IPSEC_POLICY_IPSEC
609 if (!strncmp("in", optarg, 2)) {
610 if ((policy_in = strdup(optarg)) == NULL)
612 } else if (!strncmp("out", optarg, 3)) {
613 if ((policy_out = strdup(optarg)) == NULL)
616 errx(1, "invalid security policy");
620 options |= F_AUTHHDR;
623 options |= F_ENCRYPT;
625 #endif /*IPSEC_POLICY_IPSEC*/
642 #ifdef IPV6_RECVRTHDR /* 2292bis */
643 rthlen = CMSG_SPACE(inet6_rth_space(IPV6_RTHDR_TYPE_0,
646 rthlen = inet6_rthdr_space(IPV6_RTHDR_TYPE_0, argc - 1);
649 errx(1, "too many intermediate hops");
655 if (options & F_NIGROUP) {
656 target = nigroup(argv[argc - 1], nig_oldmcprefix);
657 if (target == NULL) {
662 target = argv[argc - 1];
664 /* cap_getaddrinfo */
665 memset(&hints, 0, sizeof(struct addrinfo));
666 hints.ai_flags = AI_CANONNAME;
667 hints.ai_family = AF_INET6;
668 hints.ai_socktype = SOCK_RAW;
669 hints.ai_protocol = IPPROTO_ICMPV6;
671 error = cap_getaddrinfo(capdns, target, NULL, &hints, &res);
673 errx(1, "%s", gai_strerror(error));
674 if (res->ai_canonname)
675 hostname = strdup(res->ai_canonname);
680 errx(1, "cap_getaddrinfo failed");
682 (void)memcpy(&dst, res->ai_addr, res->ai_addrlen);
684 if ((ssend = socket(res->ai_family, res->ai_socktype,
685 res->ai_protocol)) < 0)
686 err(1, "socket ssend");
687 if ((srecv = socket(res->ai_family, res->ai_socktype,
688 res->ai_protocol)) < 0)
689 err(1, "socket srecv");
692 /* set the source address if specified. */
693 if ((options & F_SRCADDR) != 0) {
694 /* properly fill sin6_scope_id */
695 if (IN6_IS_ADDR_LINKLOCAL(&src.sin6_addr) && (
696 IN6_IS_ADDR_LINKLOCAL(&dst.sin6_addr) ||
697 IN6_IS_ADDR_MC_LINKLOCAL(&dst.sin6_addr) ||
698 IN6_IS_ADDR_MC_NODELOCAL(&dst.sin6_addr))) {
699 if (src.sin6_scope_id == 0)
700 src.sin6_scope_id = dst.sin6_scope_id;
701 if (dst.sin6_scope_id == 0)
702 dst.sin6_scope_id = src.sin6_scope_id;
704 if (bind(ssend, (struct sockaddr *)&src, srclen) != 0)
707 /* set the gateway (next hop) if specified */
709 memset(&hints, 0, sizeof(hints));
710 hints.ai_family = AF_INET6;
711 hints.ai_socktype = SOCK_RAW;
712 hints.ai_protocol = IPPROTO_ICMPV6;
714 error = cap_getaddrinfo(capdns, gateway, NULL, &hints, &res);
716 errx(1, "cap_getaddrinfo for the gateway %s: %s",
717 gateway, gai_strerror(error));
719 if (res->ai_next && (options & F_VERBOSE))
720 warnx("gateway resolves to multiple addresses");
722 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_NEXTHOP,
723 res->ai_addr, res->ai_addrlen)) {
724 err(1, "setsockopt(IPV6_NEXTHOP)");
731 * let the kerel pass extension headers of incoming packets,
732 * for privileged socket options
734 if ((options & F_VERBOSE) != 0) {
737 #ifdef IPV6_RECVHOPOPTS
738 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPOPTS, &opton,
740 err(1, "setsockopt(IPV6_RECVHOPOPTS)");
741 #else /* old adv. API */
742 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPOPTS, &opton,
744 err(1, "setsockopt(IPV6_HOPOPTS)");
746 #ifdef IPV6_RECVDSTOPTS
747 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVDSTOPTS, &opton,
749 err(1, "setsockopt(IPV6_RECVDSTOPTS)");
750 #else /* old adv. API */
751 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_DSTOPTS, &opton,
753 err(1, "setsockopt(IPV6_DSTOPTS)");
755 #ifdef IPV6_RECVRTHDRDSTOPTS
756 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDRDSTOPTS, &opton,
758 err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)");
762 /* revoke root privilege */
763 if (seteuid(getuid()) != 0)
764 err(1, "seteuid() failed");
765 if (setuid(getuid()) != 0)
766 err(1, "setuid() failed");
768 if ((options & F_FLOOD) && (options & F_INTERVAL))
769 errx(1, "-f and -i incompatible options");
771 if ((options & F_NOUSERDATA) == 0) {
772 if (datalen >= sizeof(struct tv32)) {
773 /* we can time transfer */
777 /* in F_VERBOSE case, we may get non-echoreply packets*/
778 if (options & F_VERBOSE)
779 packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA;
781 packlen = datalen + IP6LEN + ICMP6ECHOLEN + EXTRA;
783 /* suppress timing for node information query */
786 packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA;
789 if (!(packet = (u_char *)malloc((u_int)packlen)))
790 err(1, "Unable to allocate packet");
791 if (!(options & F_PINGFILLED))
792 for (i = ICMP6ECHOLEN; i < packlen; ++i)
795 ident = getpid() & 0xFFFF;
796 arc4random_buf(nonce, sizeof(nonce));
798 if (options & F_DONTFRAG)
799 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_DONTFRAG,
800 &optval, sizeof(optval)) == -1)
801 err(1, "IPV6_DONTFRAG");
804 if (options & F_SO_DEBUG) {
805 (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold,
807 (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold,
810 optval = IPV6_DEFHLIM;
811 if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr))
812 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
813 &optval, sizeof(optval)) == -1)
814 err(1, "IPV6_MULTICAST_HOPS");
815 #ifdef IPV6_USE_MIN_MTU
817 optval = mflag > 1 ? 0 : 1;
819 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_USE_MIN_MTU,
820 &optval, sizeof(optval)) == -1)
821 err(1, "setsockopt(IPV6_USE_MIN_MTU)");
823 #ifdef IPV6_RECVPATHMTU
826 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPATHMTU,
827 &optval, sizeof(optval)) == -1)
828 err(1, "setsockopt(IPV6_RECVPATHMTU)");
830 #endif /* IPV6_RECVPATHMTU */
831 #endif /* IPV6_USE_MIN_MTU */
834 #ifdef IPSEC_POLICY_IPSEC
835 if (options & F_POLICY) {
836 if (setpolicy(srecv, policy_in) < 0)
837 errx(1, "%s", ipsec_strerror());
838 if (setpolicy(ssend, policy_out) < 0)
839 errx(1, "%s", ipsec_strerror());
842 if (options & F_AUTHHDR) {
843 optval = IPSEC_LEVEL_REQUIRE;
844 #ifdef IPV6_AUTH_TRANS_LEVEL
845 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL,
846 &optval, sizeof(optval)) == -1)
847 err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)");
848 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL,
849 &optval, sizeof(optval)) == -1)
850 err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)");
852 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_LEVEL,
853 &optval, sizeof(optval)) == -1)
854 err(1, "setsockopt(IPV6_AUTH_LEVEL)");
855 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_LEVEL,
856 &optval, sizeof(optval)) == -1)
857 err(1, "setsockopt(IPV6_AUTH_LEVEL)");
860 if (options & F_ENCRYPT) {
861 optval = IPSEC_LEVEL_REQUIRE;
862 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL,
863 &optval, sizeof(optval)) == -1)
864 err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)");
865 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL,
866 &optval, sizeof(optval)) == -1)
867 err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)");
869 #endif /*IPSEC_POLICY_IPSEC*/
874 struct icmp6_filter filt;
875 if (!(options & F_VERBOSE)) {
876 ICMP6_FILTER_SETBLOCKALL(&filt);
877 if ((options & F_FQDN) || (options & F_FQDNOLD) ||
878 (options & F_NODEADDR) || (options & F_SUPTYPES))
879 ICMP6_FILTER_SETPASS(ICMP6_NI_REPLY, &filt);
881 ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filt);
883 ICMP6_FILTER_SETPASSALL(&filt);
885 if (setsockopt(srecv, IPPROTO_ICMPV6, ICMP6_FILTER, &filt,
887 err(1, "setsockopt(ICMP6_FILTER)");
889 #endif /*ICMP6_FILTER*/
891 /* let the kerel pass extension headers of incoming packets */
892 if ((options & F_VERBOSE) != 0) {
895 #ifdef IPV6_RECVRTHDR
896 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDR, &opton,
898 err(1, "setsockopt(IPV6_RECVRTHDR)");
899 #else /* old adv. API */
900 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RTHDR, &opton,
902 err(1, "setsockopt(IPV6_RTHDR)");
908 if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr))
909 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_LOOP,
910 &optval, sizeof(optval)) == -1)
911 err(1, "IPV6_MULTICAST_LOOP");
914 /* Specify the outgoing interface and/or the source address */
916 ip6optlen += CMSG_SPACE(sizeof(struct in6_pktinfo));
919 ip6optlen += CMSG_SPACE(sizeof(int));
921 /* set IP6 packet options */
923 if ((scmsg = (char *)malloc(ip6optlen)) == NULL)
924 errx(1, "can't allocate enough memory");
925 smsghdr.msg_control = (caddr_t)scmsg;
926 smsghdr.msg_controllen = ip6optlen;
927 scmsgp = CMSG_FIRSTHDR(&smsghdr);
930 cmsg_pktinfo = CMSG_DATA(scmsgp);
931 scmsgp->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
932 scmsgp->cmsg_level = IPPROTO_IPV6;
933 scmsgp->cmsg_type = IPV6_PKTINFO;
934 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp);
937 /* set the outgoing interface */
939 #ifndef USE_SIN6_SCOPE_ID
940 /* pktinfo must have already been allocated */
941 if ((pktinfo.ipi6_ifindex = if_nametoindex(ifname)) == 0)
942 errx(1, "%s: invalid interface name", ifname);
944 if ((dst.sin6_scope_id = if_nametoindex(ifname)) == 0)
945 errx(1, "%s: invalid interface name", ifname);
948 if (hoplimit != -1) {
949 scmsgp->cmsg_len = CMSG_LEN(sizeof(int));
950 scmsgp->cmsg_level = IPPROTO_IPV6;
951 scmsgp->cmsg_type = IPV6_HOPLIMIT;
952 memcpy(CMSG_DATA(scmsgp), &hoplimit, sizeof(hoplimit));
954 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp);
958 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_TCLASS,
959 &tclass, sizeof(tclass)) == -1)
960 err(1, "setsockopt(IPV6_TCLASS)");
964 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_VLAN_PCP,
965 &pcp, sizeof(pcp)) == -1)
966 err(1, "setsockopt(IPV6_VLAN_PCP)");
969 if (argc > 1) { /* some intermediate addrs are specified */
973 rthdrlen = inet6_rth_space(IPV6_RTHDR_TYPE_0, argc - 1);
974 scmsgp->cmsg_len = CMSG_LEN(rthdrlen);
975 scmsgp->cmsg_level = IPPROTO_IPV6;
976 scmsgp->cmsg_type = IPV6_RTHDR;
977 rthdr = (struct ip6_rthdr *)CMSG_DATA(scmsgp);
978 rthdr = inet6_rth_init((void *)rthdr, rthdrlen,
979 IPV6_RTHDR_TYPE_0, argc - 1);
981 errx(1, "can't initialize rthdr");
983 for (hops = 0; hops < argc - 1; hops++) {
984 memset(&hints, 0, sizeof(hints));
985 hints.ai_family = AF_INET6;
987 if ((error = cap_getaddrinfo(capdns, argv[hops], NULL, &hints,
989 errx(1, "%s", gai_strerror(error));
990 if (res->ai_addr->sa_family != AF_INET6)
992 "bad addr family of an intermediate addr");
993 sin6 = (struct sockaddr_in6 *)(void *)res->ai_addr;
994 if (inet6_rth_add(rthdr, &sin6->sin6_addr))
995 errx(1, "can't add an intermediate node");
999 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp);
1002 /* From now on we will use only reverse DNS lookups. */
1004 if (capdns != NULL) {
1005 const char *types[1];
1007 types[0] = "ADDR2NAME";
1008 if (cap_dns_type_limit(capdns, types, nitems(types)) < 0)
1009 err(1, "unable to limit access to system.dns service");
1012 if (!(options & F_SRCADDR)) {
1014 * get the source address. XXX since we revoked the root
1015 * privilege, we cannot use a raw socket for this.
1018 socklen_t len = sizeof(src);
1020 if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0)
1021 err(1, "UDP socket");
1023 src.sin6_family = AF_INET6;
1024 src.sin6_addr = dst.sin6_addr;
1025 src.sin6_port = ntohs(DUMMY_PORT);
1026 src.sin6_scope_id = dst.sin6_scope_id;
1029 setsockopt(dummy, IPPROTO_IPV6, IPV6_PKTINFO,
1030 (void *)&pktinfo, sizeof(pktinfo)))
1031 err(1, "UDP setsockopt(IPV6_PKTINFO)");
1033 if (hoplimit != -1 &&
1034 setsockopt(dummy, IPPROTO_IPV6, IPV6_UNICAST_HOPS,
1035 (void *)&hoplimit, sizeof(hoplimit)))
1036 err(1, "UDP setsockopt(IPV6_UNICAST_HOPS)");
1038 if (hoplimit != -1 &&
1039 setsockopt(dummy, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
1040 (void *)&hoplimit, sizeof(hoplimit)))
1041 err(1, "UDP setsockopt(IPV6_MULTICAST_HOPS)");
1044 setsockopt(dummy, IPPROTO_IPV6, IPV6_RTHDR,
1045 (void *)rthdr, (rthdr->ip6r_len + 1) << 3))
1046 err(1, "UDP setsockopt(IPV6_RTHDR)");
1048 if (connect(dummy, (struct sockaddr *)&src, len) < 0)
1049 err(1, "UDP connect");
1051 if (getsockname(dummy, (struct sockaddr *)&src, &len) < 0)
1052 err(1, "getsockname");
1057 /* Save pktinfo in the ancillary data. */
1059 memcpy(cmsg_pktinfo, &pktinfo, sizeof(pktinfo));
1061 if (connect(ssend, (struct sockaddr *)&dst, sizeof(dst)) != 0)
1062 err(1, "connect() ssend");
1064 caph_cache_catpages();
1065 if (caph_enter_casper() < 0)
1066 err(1, "caph_enter_casper");
1068 cap_rights_init(&rights_stdin);
1069 if (caph_rights_limit(STDIN_FILENO, &rights_stdin) < 0)
1070 err(1, "caph_rights_limit stdin");
1071 if (caph_limit_stdout() < 0)
1072 err(1, "caph_limit_stdout");
1073 if (caph_limit_stderr() < 0)
1074 err(1, "caph_limit_stderr");
1076 cap_rights_init(&rights_srecv, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT);
1077 if (caph_rights_limit(srecv, &rights_srecv) < 0)
1078 err(1, "caph_rights_limit srecv");
1079 cap_rights_init(&rights_ssend, CAP_SEND, CAP_SETSOCKOPT);
1080 if (caph_rights_limit(ssend, &rights_ssend) < 0)
1081 err(1, "caph_rights_limit ssend");
1083 #if defined(SO_SNDBUF) && defined(SO_RCVBUF)
1085 if (datalen > (size_t)sockbufsize)
1086 warnx("you need -b to increase socket buffer size");
1087 if (setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, &sockbufsize,
1088 sizeof(sockbufsize)) < 0)
1089 err(1, "setsockopt(SO_SNDBUF)");
1090 if (setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, &sockbufsize,
1091 sizeof(sockbufsize)) < 0)
1092 err(1, "setsockopt(SO_RCVBUF)");
1095 if (datalen > 8 * 1024) /*XXX*/
1096 warnx("you need -b to increase socket buffer size");
1098 * When pinging the broadcast address, you can get a lot of
1099 * answers. Doing something so evil is useful if you are trying
1100 * to stress the ethernet, or just want to fill the arp cache
1101 * to get some stuff for /etc/ethers.
1104 setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold,
1110 #ifndef USE_SIN6_SCOPE_ID
1111 #ifdef IPV6_RECVPKTINFO
1112 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPKTINFO, &optval,
1113 sizeof(optval)) < 0)
1114 warn("setsockopt(IPV6_RECVPKTINFO)"); /* XXX err? */
1115 #else /* old adv. API */
1116 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_PKTINFO, &optval,
1117 sizeof(optval)) < 0)
1118 warn("setsockopt(IPV6_PKTINFO)"); /* XXX err? */
1120 #endif /* USE_SIN6_SCOPE_ID */
1121 #ifdef IPV6_RECVHOPLIMIT
1122 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &optval,
1123 sizeof(optval)) < 0)
1124 warn("setsockopt(IPV6_RECVHOPLIMIT)"); /* XXX err? */
1125 #else /* old adv. API */
1126 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPLIMIT, &optval,
1127 sizeof(optval)) < 0)
1128 warn("setsockopt(IPV6_HOPLIMIT)"); /* XXX err? */
1131 cap_rights_clear(&rights_srecv, CAP_SETSOCKOPT);
1132 if (caph_rights_limit(srecv, &rights_srecv) < 0)
1133 err(1, "caph_rights_limit srecv setsockopt");
1134 cap_rights_clear(&rights_ssend, CAP_SETSOCKOPT);
1135 if (caph_rights_limit(ssend, &rights_ssend) < 0)
1136 err(1, "caph_rights_limit ssend setsockopt");
1138 printf("PING6(%lu=40+8+%lu bytes) ", (unsigned long)(40 + pingerlen()),
1139 (unsigned long)(pingerlen() - 8));
1140 printf("%s --> ", pr_addr((struct sockaddr *)&src, sizeof(src)));
1141 printf("%s\n", pr_addr((struct sockaddr *)&dst, sizeof(dst)));
1146 if (npackets != 0 && preload > npackets)
1151 clock_gettime(CLOCK_MONOTONIC, &last);
1153 sigemptyset(&si_sa.sa_mask);
1155 si_sa.sa_handler = onsignal;
1156 if (sigaction(SIGINT, &si_sa, 0) == -1)
1157 err(EX_OSERR, "sigaction SIGINT");
1160 if (sigaction(SIGINFO, &si_sa, 0) == -1)
1161 err(EX_OSERR, "sigaction SIGINFO");
1164 if (alarmtimeout > 0) {
1165 if (sigaction(SIGALRM, &si_sa, 0) == -1)
1166 err(EX_OSERR, "sigaction SIGALRM");
1168 if (options & F_FLOOD) {
1170 intvl.tv_nsec = 10000000;
1174 while (seenint == 0) {
1175 struct timespec now, timeout;
1177 struct iovec iov[2];
1181 /* signal handling */
1192 FD_SET(srecv, &rfds);
1193 clock_gettime(CLOCK_MONOTONIC, &now);
1194 timespecadd(&last, &intvl, &timeout);
1195 timespecsub(&timeout, &now, &timeout);
1196 if (timeout.tv_sec < 0)
1197 timespecclear(&timeout);
1199 n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL);
1201 continue; /* EINTR */
1203 m.msg_name = (caddr_t)&from;
1204 m.msg_namelen = sizeof(from);
1205 memset(&iov, 0, sizeof(iov));
1206 iov[0].iov_base = (caddr_t)packet;
1207 iov[0].iov_len = packlen;
1210 memset(cm, 0, CONTROLLEN);
1211 m.msg_control = (void *)cm;
1212 m.msg_controllen = CONTROLLEN;
1214 cc = recvmsg(srecv, &m, 0);
1216 if (errno != EINTR) {
1221 } else if (cc == 0) {
1225 * receive control messages only. Process the
1226 * exceptions (currently the only possibility is
1227 * a path MTU notification.)
1229 if ((mtu = get_pathmtu(&m)) > 0) {
1230 if ((options & F_VERBOSE) != 0) {
1231 printf("new path MTU (%d) is "
1238 * an ICMPv6 message (probably an echoreply)
1241 pr_pack(packet, cc, &m);
1243 if (((options & F_ONCE) != 0 && nreceived > 0) ||
1244 (npackets > 0 && nreceived >= npackets))
1247 if (n == 0 || (options & F_FLOOD)) {
1248 if (npackets == 0 || ntransmitted < npackets)
1255 * If we're not transmitting any more packets,
1256 * change the timer to wait two round-trip times
1257 * if we've received any packets or (waittime)
1258 * milliseconds if we haven't.
1262 intvl.tv_sec = 2 * tmax / 1000;
1263 if (intvl.tv_sec == 0)
1266 intvl.tv_sec = waittime / 1000;
1268 waittime % 1000 * 1000000;
1271 clock_gettime(CLOCK_MONOTONIC, &last);
1272 if (ntransmitted - nreceived - 1 > nmissedmax) {
1273 nmissedmax = ntransmitted - nreceived - 1;
1274 if (options & F_MISSED)
1275 (void)write(STDOUT_FILENO, &BBELL, 1);
1279 sigemptyset(&si_sa.sa_mask);
1281 si_sa.sa_handler = SIG_IGN;
1282 sigaction(SIGINT, &si_sa, 0);
1283 sigaction(SIGALRM, &si_sa, 0);
1291 else if (ntransmitted > ntransmitfailures)
1316 * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet
1317 * will be added on by the kernel. The ID field is our UNIX process ID,
1318 * and the sequence number is an ascending integer. The first 8 bytes
1319 * of the data portion are used to hold a UNIX "timespec" struct in VAX
1320 * byte-order, to compute the round-trip time.
1327 if (options & F_FQDN)
1328 l = ICMP6_NIQLEN + sizeof(dst.sin6_addr);
1329 else if (options & F_FQDNOLD)
1331 else if (options & F_NODEADDR)
1332 l = ICMP6_NIQLEN + sizeof(dst.sin6_addr);
1333 else if (options & F_SUPTYPES)
1336 l = ICMP6ECHOLEN + datalen;
1344 struct icmp6_hdr *icp;
1345 struct iovec iov[2];
1347 struct icmp6_nodeinfo *nip;
1350 if (npackets && ntransmitted >= npackets)
1351 return(-1); /* no more transmission */
1353 icp = (struct icmp6_hdr *)outpack;
1354 nip = (struct icmp6_nodeinfo *)outpack;
1355 memset(icp, 0, sizeof(*icp));
1356 icp->icmp6_cksum = 0;
1357 seq = ntransmitted++;
1358 CLR(seq % mx_dup_ck);
1360 if (options & F_FQDN) {
1363 icp->icmp6_type = ICMP6_NI_QUERY;
1364 icp->icmp6_code = ICMP6_NI_SUBJ_IPV6;
1365 nip->ni_qtype = htons(NI_QTYPE_FQDN);
1366 nip->ni_flags = htons(0);
1368 memcpy(nip->icmp6_ni_nonce, nonce,
1369 sizeof(nip->icmp6_ni_nonce));
1371 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s));
1373 memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr,
1374 sizeof(dst.sin6_addr));
1375 cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr);
1377 } else if (options & F_FQDNOLD) {
1379 /* packet format in 03 draft - no Subject data on queries */
1380 icp->icmp6_type = ICMP6_NI_QUERY;
1381 icp->icmp6_code = 0; /* code field is always 0 */
1382 nip->ni_qtype = htons(NI_QTYPE_FQDN);
1383 nip->ni_flags = htons(0);
1385 memcpy(nip->icmp6_ni_nonce, nonce,
1386 sizeof(nip->icmp6_ni_nonce));
1388 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s));
1392 } else if (options & F_NODEADDR) {
1395 icp->icmp6_type = ICMP6_NI_QUERY;
1396 icp->icmp6_code = ICMP6_NI_SUBJ_IPV6;
1397 nip->ni_qtype = htons(NI_QTYPE_NODEADDR);
1398 nip->ni_flags = naflags;
1400 memcpy(nip->icmp6_ni_nonce, nonce,
1401 sizeof(nip->icmp6_ni_nonce));
1403 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s));
1405 memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr,
1406 sizeof(dst.sin6_addr));
1407 cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr);
1409 } else if (options & F_SUPTYPES) {
1412 icp->icmp6_type = ICMP6_NI_QUERY;
1413 icp->icmp6_code = ICMP6_NI_SUBJ_FQDN; /*empty*/
1414 nip->ni_qtype = htons(NI_QTYPE_SUPTYPES);
1415 /* we support compressed bitmap */
1416 nip->ni_flags = NI_SUPTYPE_FLAG_COMPRESS;
1418 memcpy(nip->icmp6_ni_nonce, nonce,
1419 sizeof(nip->icmp6_ni_nonce));
1421 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s));
1426 icp->icmp6_type = ICMP6_ECHO_REQUEST;
1427 icp->icmp6_code = 0;
1428 icp->icmp6_id = htons(ident);
1429 icp->icmp6_seq = htons(seq);
1433 (void)clock_gettime(CLOCK_MONOTONIC, &tv);
1435 * Truncate seconds down to 32 bits in order
1436 * to fit the timestamp within 8 bytes of the
1437 * packet. We're only concerned with
1438 * durations, not absolute times.
1440 tv32.tv32_sec = (uint32_t)htonl(tv.tv_sec);
1441 tv32.tv32_nsec = (uint32_t)htonl(tv.tv_nsec);
1442 memcpy(&outpack[ICMP6ECHOLEN], &tv32, sizeof(tv32));
1444 cc = ICMP6ECHOLEN + datalen;
1448 if (pingerlen() != cc)
1449 errx(1, "internal error; length mismatch");
1452 memset(&iov, 0, sizeof(iov));
1453 iov[0].iov_base = (caddr_t)outpack;
1454 iov[0].iov_len = cc;
1455 smsghdr.msg_iov = iov;
1456 smsghdr.msg_iovlen = 1;
1458 i = sendmsg(ssend, &smsghdr, 0);
1460 if (i < 0 || i != cc) {
1462 ntransmitfailures++;
1465 (void)printf("ping6: wrote %s %d chars, ret=%d\n",
1468 if (!(options & F_QUIET) && options & F_FLOOD)
1469 (void)write(STDOUT_FILENO, &DOT, 1);
1475 myechoreply(const struct icmp6_hdr *icp)
1477 if (ntohs(icp->icmp6_id) == ident)
1484 mynireply(const struct icmp6_nodeinfo *nip)
1486 if (memcmp(nip->icmp6_ni_nonce + sizeof(u_int16_t),
1487 nonce + sizeof(u_int16_t),
1488 sizeof(nonce) - sizeof(u_int16_t)) == 0)
1495 * Decode a name from a DNS message.
1497 * Format of the message is described in RFC 1035 subsection 4.1.4.
1500 * sp - Pointer to a DNS pointer octet or to the first octet of a label
1502 * ep - Pointer to the end of the message (one step past the last octet).
1503 * base - Pointer to the beginning of the message.
1504 * buf - Buffer into which the decoded name will be saved.
1505 * bufsiz - Size of the buffer 'buf'.
1508 * Pointer to an octet immediately following the ending zero octet
1509 * of the decoded label, or NULL if an error occured.
1512 dnsdecode(const u_char *sp, const u_char *ep, const u_char *base, char *buf,
1517 char cresult[MAXDNAME + 1];
1528 if (i == 0 || cp != sp) {
1529 if (strlcat((char *)buf, ".", bufsiz) >= bufsiz)
1530 return NULL; /*result overrun*/
1536 if ((i & 0xc0) == 0xc0 && cp - base > (i & 0x3f)) {
1537 /* DNS compression */
1541 comp = base + (i & 0x3f);
1542 if (dnsdecode(comp, cp, base, cresult,
1543 sizeof(cresult)) == NULL)
1545 if (strlcat(buf, cresult, bufsiz) >= bufsiz)
1546 return NULL; /*result overrun*/
1548 } else if ((i & 0x3f) == i) {
1550 return NULL; /*source overrun*/
1551 while (i-- > 0 && cp < ep) {
1552 l = snprintf(cresult, sizeof(cresult),
1553 isprint(*cp) ? "%c" : "\\%03o", *cp & 0xff);
1554 if ((size_t)l >= sizeof(cresult) || l < 0)
1556 if (strlcat(buf, cresult, bufsiz) >= bufsiz)
1557 return NULL; /*result overrun*/
1561 return NULL; /*invalid label*/
1564 return NULL; /*not terminated*/
1571 * Print out the packet, if it came from us. This logic is necessary
1572 * because ALL readers of the ICMP socket get a copy of ALL ICMP packets
1573 * which arrive ('tis only fair). This permits multiple copies of this
1574 * program to be run without having intermingled output (or statistics!).
1577 pr_pack(u_char *buf, int cc, struct msghdr *mhdr)
1579 #define safeputc(c) printf((isprint((c)) ? "%c" : "\\%03o"), c)
1580 struct icmp6_hdr *icp;
1581 struct icmp6_nodeinfo *ni;
1584 struct sockaddr *from;
1586 const u_char *cp = NULL;
1587 u_char *dp, *end = buf + cc;
1588 struct in6_pktinfo *pktinfo = NULL;
1589 struct timespec tv, tp;
1591 double triptime = 0;
1596 char dnsname[MAXDNAME + 1];
1598 (void)clock_gettime(CLOCK_MONOTONIC, &tv);
1600 if (!mhdr || !mhdr->msg_name ||
1601 mhdr->msg_namelen != sizeof(struct sockaddr_in6) ||
1602 ((struct sockaddr *)mhdr->msg_name)->sa_family != AF_INET6) {
1603 if (options & F_VERBOSE)
1604 warnx("invalid peername");
1607 from = (struct sockaddr *)mhdr->msg_name;
1608 fromlen = mhdr->msg_namelen;
1609 if (cc < (int)sizeof(struct icmp6_hdr)) {
1610 if (options & F_VERBOSE)
1611 warnx("packet too short (%d bytes) from %s", cc,
1612 pr_addr(from, fromlen));
1615 if (((mhdr->msg_flags & MSG_CTRUNC) != 0) &&
1616 (options & F_VERBOSE) != 0)
1617 warnx("some control data discarded, insufficient buffer size");
1618 icp = (struct icmp6_hdr *)buf;
1619 ni = (struct icmp6_nodeinfo *)buf;
1622 if ((hoplim = get_hoplim(mhdr)) == -1) {
1623 warnx("failed to get receiving hop limit");
1626 if ((pktinfo = get_rcvpktinfo(mhdr)) == NULL) {
1627 warnx("failed to get receiving packet information");
1631 if (icp->icmp6_type == ICMP6_ECHO_REPLY && myechoreply(icp)) {
1632 seq = ntohs(icp->icmp6_seq);
1635 memcpy(&tpp, icp + 1, sizeof(tpp));
1636 tp.tv_sec = ntohl(tpp.tv32_sec);
1637 tp.tv_nsec = ntohl(tpp.tv32_nsec);
1638 timespecsub(&tv, &tp, &tv);
1639 triptime = ((double)tv.tv_sec) * 1000.0 +
1640 ((double)tv.tv_nsec) / 1000000.0;
1642 tsumsq += triptime * triptime;
1643 if (triptime < tmin)
1645 if (triptime > tmax)
1649 if (TST(seq % mx_dup_ck)) {
1654 SET(seq % mx_dup_ck);
1658 if (options & F_QUIET)
1661 if (options & F_WAITTIME && triptime > waittime) {
1666 if (options & F_FLOOD)
1667 (void)write(STDOUT_FILENO, &BSPACE, 1);
1669 if (options & F_AUDIBLE)
1670 (void)write(STDOUT_FILENO, &BBELL, 1);
1671 (void)printf("%d bytes from %s, icmp_seq=%u", cc,
1672 pr_addr(from, fromlen), seq);
1673 (void)printf(" hlim=%d", hoplim);
1674 if ((options & F_VERBOSE) != 0) {
1675 struct sockaddr_in6 dstsa;
1677 memset(&dstsa, 0, sizeof(dstsa));
1678 dstsa.sin6_family = AF_INET6;
1679 dstsa.sin6_len = sizeof(dstsa);
1680 dstsa.sin6_scope_id = pktinfo->ipi6_ifindex;
1681 dstsa.sin6_addr = pktinfo->ipi6_addr;
1682 (void)printf(" dst=%s",
1683 pr_addr((struct sockaddr *)&dstsa,
1687 (void)printf(" time=%.3f ms", triptime);
1689 (void)printf("(DUP!)");
1690 /* check the data */
1691 cp = buf + off + ICMP6ECHOLEN + ICMP6ECHOTMLEN;
1692 dp = outpack + ICMP6ECHOLEN + ICMP6ECHOTMLEN;
1693 for (i = 8; cp < end; ++i, ++cp, ++dp) {
1695 (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp);
1700 } else if (icp->icmp6_type == ICMP6_NI_REPLY && mynireply(ni)) {
1701 memcpy(&seq, ni->icmp6_ni_nonce, sizeof(seq));
1704 if (TST(seq % mx_dup_ck)) {
1709 SET(seq % mx_dup_ck);
1713 if (options & F_QUIET)
1716 (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen));
1718 switch (ntohs(ni->ni_code)) {
1719 case ICMP6_NI_SUCCESS:
1721 case ICMP6_NI_REFUSED:
1722 printf("refused, type 0x%x", ntohs(ni->ni_type));
1724 case ICMP6_NI_UNKNOWN:
1725 printf("unknown, type 0x%x", ntohs(ni->ni_type));
1728 printf("unknown code 0x%x, type 0x%x",
1729 ntohs(ni->ni_code), ntohs(ni->ni_type));
1733 switch (ntohs(ni->ni_qtype)) {
1735 printf("NodeInfo NOOP");
1737 case NI_QTYPE_SUPTYPES:
1738 pr_suptypes(ni, end - (u_char *)ni);
1740 case NI_QTYPE_NODEADDR:
1741 pr_nodeaddr(ni, end - (u_char *)ni);
1744 default: /* XXX: for backward compatibility */
1745 cp = (u_char *)ni + ICMP6_NIRLEN;
1746 if (buf[off + ICMP6_NIRLEN] ==
1747 cc - off - ICMP6_NIRLEN - 1)
1752 cp++; /* skip length */
1754 safeputc(*cp & 0xff);
1760 cp = dnsdecode((const u_char *)cp, end,
1761 (const u_char *)(ni + 1), dnsname,
1768 * name-lookup special handling for
1771 if (cp + 1 <= end && !*cp &&
1772 strlen(dnsname) > 0) {
1773 dnsname[strlen(dnsname) - 1] = '\0';
1776 printf("%s%s", i > 0 ? "," : "",
1780 if (options & F_VERBOSE) {
1785 (void)printf(" ("); /*)*/
1787 switch (ni->ni_code) {
1788 case ICMP6_NI_REFUSED:
1789 (void)printf("refused");
1792 case ICMP6_NI_UNKNOWN:
1793 (void)printf("unknown qtype");
1798 if ((end - (u_char *)ni) < ICMP6_NIRLEN) {
1799 /* case of refusion, unknown */
1804 memcpy(&t, &buf[off+ICMP6ECHOLEN+8], sizeof(t));
1805 ttl = (int32_t)ntohl(t);
1808 if (!(ni->ni_flags & NI_FQDN_FLAG_VALIDTTL)) {
1809 (void)printf("TTL=%d:meaningless",
1813 (void)printf("TTL=%d:invalid",
1816 (void)printf("TTL=%d", ttl);
1826 cp = (u_char *)ni + ICMP6_NIRLEN;
1835 if (buf[off + ICMP6_NIRLEN] !=
1836 cc - off - ICMP6_NIRLEN - 1 && oldfqdn) {
1839 (void)printf("invalid namelen:%d/%lu",
1840 buf[off + ICMP6_NIRLEN],
1841 (u_long)cc - off - ICMP6_NIRLEN - 1);
1851 /* We've got something other than an ECHOREPLY */
1852 if (!(options & F_VERBOSE))
1854 (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen));
1858 if (!(options & F_FLOOD)) {
1859 (void)putchar('\n');
1860 if (options & F_VERBOSE)
1862 (void)fflush(stdout);
1868 pr_exthdrs(struct msghdr *mhdr)
1875 bufp = mhdr->msg_control;
1876 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm;
1877 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) {
1878 if (cm->cmsg_level != IPPROTO_IPV6)
1881 bufsize = CONTROLLEN - ((caddr_t)CMSG_DATA(cm) - (caddr_t)bufp);
1884 switch (cm->cmsg_type) {
1886 printf(" HbH Options: ");
1887 pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize);
1890 #ifdef IPV6_RTHDRDSTOPTS
1891 case IPV6_RTHDRDSTOPTS:
1893 printf(" Dst Options: ");
1894 pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize);
1897 printf(" Routing: ");
1898 pr_rthdr(CMSG_DATA(cm), (size_t)bufsize);
1905 pr_ip6opt(void *extbuf, size_t bufsize)
1907 struct ip6_hbh *ext;
1910 socklen_t extlen, len;
1916 ext = (struct ip6_hbh *)extbuf;
1917 extlen = (ext->ip6h_len + 1) * 8;
1918 printf("nxt %u, len %u (%lu bytes)\n", ext->ip6h_nxt,
1919 (unsigned int)ext->ip6h_len, (unsigned long)extlen);
1922 * Bounds checking on the ancillary data buffer:
1923 * subtract the size of a cmsg structure from the buffer size.
1925 if (bufsize < (extlen + CMSG_SPACE(0))) {
1926 extlen = bufsize - CMSG_SPACE(0);
1927 warnx("options truncated, showing only %u (total=%u)",
1928 (unsigned int)(extlen / 8 - 1),
1929 (unsigned int)(ext->ip6h_len));
1934 currentlen = inet6_opt_next(extbuf, extlen, currentlen,
1935 &type, &len, &databuf);
1936 if (currentlen == -1)
1940 * Note that inet6_opt_next automatically skips any padding
1945 offset = inet6_opt_get_val(databuf, offset,
1946 &value4, sizeof(value4));
1947 printf(" Jumbo Payload Opt: Length %u\n",
1948 (u_int32_t)ntohl(value4));
1950 case IP6OPT_ROUTER_ALERT:
1952 offset = inet6_opt_get_val(databuf, offset,
1953 &value2, sizeof(value2));
1954 printf(" Router Alert Opt: Type %u\n",
1958 printf(" Received Opt %u len %lu\n",
1959 type, (unsigned long)len);
1967 pr_rthdr(void *extbuf, size_t bufsize)
1969 struct in6_addr *in6;
1970 char ntopbuf[INET6_ADDRSTRLEN];
1971 struct ip6_rthdr *rh = (struct ip6_rthdr *)extbuf;
1972 int i, segments, origsegs, rthsize, size0, size1;
1974 /* print fixed part of the header */
1975 printf("nxt %u, len %u (%d bytes), type %u, ", rh->ip6r_nxt,
1976 rh->ip6r_len, (rh->ip6r_len + 1) << 3, rh->ip6r_type);
1977 if ((segments = inet6_rth_segments(extbuf)) >= 0) {
1978 printf("%d segments, ", segments);
1979 printf("%d left\n", rh->ip6r_segleft);
1981 printf("segments unknown, ");
1982 printf("%d left\n", rh->ip6r_segleft);
1987 * Bounds checking on the ancillary data buffer. When calculating
1988 * the number of items to show keep in mind:
1989 * - The size of the cmsg structure
1990 * - The size of one segment (the size of a Type 0 routing header)
1991 * - When dividing add a fudge factor of one in case the
1992 * dividend is not evenly divisible by the divisor
1994 rthsize = (rh->ip6r_len + 1) * 8;
1995 if (bufsize < (rthsize + CMSG_SPACE(0))) {
1996 origsegs = segments;
1997 size0 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 0);
1998 size1 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 1);
1999 segments -= (rthsize - (bufsize - CMSG_SPACE(0))) /
2000 (size1 - size0) + 1;
2001 warnx("segments truncated, showing only %d (total=%d)",
2002 segments, origsegs);
2005 for (i = 0; i < segments; i++) {
2006 in6 = inet6_rth_getaddr(extbuf, i);
2008 printf(" [%d]<NULL>\n", i);
2010 if (!inet_ntop(AF_INET6, in6, ntopbuf,
2012 strlcpy(ntopbuf, "?", sizeof(ntopbuf));
2013 printf(" [%d]%s\n", i, ntopbuf);
2022 pr_bitrange(u_int32_t v, int soff, int ii)
2029 /* shift till we have 0x01 */
2030 if ((v & 0x01) == 0) {
2032 printf("-%u", soff + off - 1);
2043 case 0x04: case 0x0c:
2054 /* we have 0x01 with us */
2055 for (i = 0; i < 32 - off; i++) {
2056 if ((v & (0x01 << i)) == 0)
2060 printf(" %u", soff + off);
2068 pr_suptypes(struct icmp6_nodeinfo *ni, size_t nilen)
2069 /* ni->qtype must be SUPTYPES */
2073 const u_char *cp, *end;
2076 u_int16_t words; /*32bit count*/
2079 #define MAXQTYPES (1 << 16)
2083 cp = (u_char *)(ni + 1);
2084 end = ((u_char *)ni) + nilen;
2088 printf("NodeInfo Supported Qtypes");
2089 if (options & F_VERBOSE) {
2090 if (ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS)
2091 printf(", compressed bitmap");
2093 printf(", raw bitmap");
2097 clen = (size_t)(end - cp);
2098 if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) == 0) {
2099 if (clen == 0 || clen > MAXQTYPES / 8 ||
2105 if (clen < sizeof(cbit) || clen % sizeof(v))
2107 memcpy(&cbit, cp, sizeof(cbit));
2108 if (sizeof(cbit) + ntohs(cbit.words) * sizeof(v) >
2112 clen = ntohs(cbit.words) * sizeof(v);
2113 if (cur + clen * 8 + (u_long)ntohs(cbit.skip) * 32 >
2118 for (off = 0; off < clen; off += sizeof(v)) {
2119 memcpy(&v, cp + off, sizeof(v));
2120 v = (u_int32_t)ntohl(v);
2121 b = pr_bitrange(v, (int)(cur + off * 8), b);
2123 /* flush the remaining bits */
2124 b = pr_bitrange(0, (int)(cur + off * 8), b);
2128 if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) != 0)
2129 cur += ntohs(cbit.skip) * 32;
2134 pr_nodeaddr(struct icmp6_nodeinfo *ni, int nilen)
2135 /* ni->qtype must be NODEADDR */
2137 u_char *cp = (u_char *)(ni + 1);
2138 char ntop_buf[INET6_ADDRSTRLEN];
2141 nilen -= sizeof(struct icmp6_nodeinfo);
2143 if (options & F_VERBOSE) {
2144 switch (ni->ni_code) {
2145 case ICMP6_NI_REFUSED:
2146 (void)printf("refused");
2148 case ICMP6_NI_UNKNOWN:
2149 (void)printf("unknown qtype");
2152 if (ni->ni_flags & NI_NODEADDR_FLAG_TRUNCATE)
2153 (void)printf(" truncated");
2157 printf(" no address\n");
2160 * In icmp-name-lookups 05 and later, TTL of each returned address
2161 * is contained in the resposne. We try to detect the version
2162 * by the length of the data, but note that the detection algorithm
2163 * is incomplete. We assume the latest draft by default.
2165 if (nilen % (sizeof(u_int32_t) + sizeof(struct in6_addr)) == 0)
2173 memcpy(&t, cp, sizeof(t));
2174 ttl = (u_int32_t)ntohl(t);
2175 cp += sizeof(u_int32_t);
2176 nilen -= sizeof(u_int32_t);
2179 if (inet_ntop(AF_INET6, cp, ntop_buf, sizeof(ntop_buf)) ==
2181 strlcpy(ntop_buf, "?", sizeof(ntop_buf));
2182 printf(" %s", ntop_buf);
2184 if (ttl == 0xffffffff) {
2186 * XXX: can this convention be applied to all
2187 * type of TTL (i.e. non-ND TTL)?
2189 printf("(TTL=infty)");
2192 printf("(TTL=%u)", ttl);
2196 nilen -= sizeof(struct in6_addr);
2197 cp += sizeof(struct in6_addr);
2202 get_hoplim(struct msghdr *mhdr)
2206 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm;
2207 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) {
2208 if (cm->cmsg_len == 0)
2211 if (cm->cmsg_level == IPPROTO_IPV6 &&
2212 cm->cmsg_type == IPV6_HOPLIMIT &&
2213 cm->cmsg_len == CMSG_LEN(sizeof(int))) {
2216 memcpy(&r, CMSG_DATA(cm), sizeof(r));
2224 static struct in6_pktinfo *
2225 get_rcvpktinfo(struct msghdr *mhdr)
2227 static struct in6_pktinfo pi;
2230 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm;
2231 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) {
2232 if (cm->cmsg_len == 0)
2235 if (cm->cmsg_level == IPPROTO_IPV6 &&
2236 cm->cmsg_type == IPV6_PKTINFO &&
2237 cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) {
2238 memcpy(&pi, CMSG_DATA(cm), sizeof(pi));
2247 get_pathmtu(struct msghdr *mhdr)
2249 #ifdef IPV6_RECVPATHMTU
2251 struct ip6_mtuinfo mtuctl;
2253 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm;
2254 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) {
2255 if (cm->cmsg_len == 0)
2258 if (cm->cmsg_level == IPPROTO_IPV6 &&
2259 cm->cmsg_type == IPV6_PATHMTU &&
2260 cm->cmsg_len == CMSG_LEN(sizeof(struct ip6_mtuinfo))) {
2261 memcpy(&mtuctl, CMSG_DATA(cm), sizeof(mtuctl));
2264 * If the notified destination is different from
2265 * the one we are pinging, just ignore the info.
2266 * We check the scope ID only when both notified value
2267 * and our own value have non-0 values, because we may
2268 * have used the default scope zone ID for sending,
2269 * in which case the scope ID value is 0.
2271 if (!IN6_ARE_ADDR_EQUAL(&mtuctl.ip6m_addr.sin6_addr,
2273 (mtuctl.ip6m_addr.sin6_scope_id &&
2274 dst.sin6_scope_id &&
2275 mtuctl.ip6m_addr.sin6_scope_id !=
2276 dst.sin6_scope_id)) {
2277 if ((options & F_VERBOSE) != 0) {
2278 printf("path MTU for %s is notified. "
2280 pr_addr((struct sockaddr *)&mtuctl.ip6m_addr,
2281 sizeof(mtuctl.ip6m_addr)));
2287 * Ignore an invalid MTU. XXX: can we just believe
2290 if (mtuctl.ip6m_mtu < IPV6_MMTU)
2293 /* notification for our destination. return the MTU. */
2294 return((int)mtuctl.ip6m_mtu);
2307 onint(int notused __unused)
2310 * When doing reverse DNS lookups, the seenint flag might not
2311 * be noticed for a while. Just exit if we get a second SIGINT.
2313 if ((options & F_HOSTNAME) && seenint != 0)
2314 _exit(nreceived ? 0 : 2);
2319 * Print out statistics.
2325 (void)printf("\n--- %s ping6 statistics ---\n", hostname);
2326 (void)printf("%ld packets transmitted, ", ntransmitted);
2327 (void)printf("%ld packets received, ", nreceived);
2329 (void)printf("+%ld duplicates, ", nrepeats);
2331 if (nreceived > ntransmitted)
2332 (void)printf("-- somebody's duplicating packets!");
2334 (void)printf("%.1f%% packet loss",
2335 ((((double)ntransmitted - nreceived) * 100.0) /
2339 printf(", %ld packets out of wait time", nrcvtimeout);
2340 (void)putchar('\n');
2341 if (nreceived && timing) {
2342 /* Only display average to microseconds */
2343 double num = nreceived + nrepeats;
2344 double avg = tsum / num;
2345 double dev = sqrt(tsumsq / num - avg * avg);
2347 "round-trip min/avg/max/std-dev = %.3f/%.3f/%.3f/%.3f ms\n",
2348 tmin, avg, tmax, dev);
2349 (void)fflush(stdout);
2351 (void)fflush(stdout);
2355 static const char *niqcode[] = {
2357 "DNS label", /*or empty*/
2362 static const char *nircode[] = {
2363 "Success", "Refused", "Unknown",
2369 * Print a descriptive string about an ICMP header.
2372 pr_icmph(struct icmp6_hdr *icp, u_char *end)
2374 char ntop_buf[INET6_ADDRSTRLEN];
2375 struct nd_redirect *red;
2376 struct icmp6_nodeinfo *ni;
2377 char dnsname[MAXDNAME + 1];
2381 switch (icp->icmp6_type) {
2382 case ICMP6_DST_UNREACH:
2383 switch (icp->icmp6_code) {
2384 case ICMP6_DST_UNREACH_NOROUTE:
2385 (void)printf("No Route to Destination\n");
2387 case ICMP6_DST_UNREACH_ADMIN:
2388 (void)printf("Destination Administratively "
2391 case ICMP6_DST_UNREACH_BEYONDSCOPE:
2392 (void)printf("Destination Unreachable Beyond Scope\n");
2394 case ICMP6_DST_UNREACH_ADDR:
2395 (void)printf("Destination Host Unreachable\n");
2397 case ICMP6_DST_UNREACH_NOPORT:
2398 (void)printf("Destination Port Unreachable\n");
2401 (void)printf("Destination Unreachable, Bad Code: %d\n",
2405 /* Print returned IP header information */
2406 pr_retip((struct ip6_hdr *)(icp + 1), end);
2408 case ICMP6_PACKET_TOO_BIG:
2409 (void)printf("Packet too big mtu = %d\n",
2410 (int)ntohl(icp->icmp6_mtu));
2411 pr_retip((struct ip6_hdr *)(icp + 1), end);
2413 case ICMP6_TIME_EXCEEDED:
2414 switch (icp->icmp6_code) {
2415 case ICMP6_TIME_EXCEED_TRANSIT:
2416 (void)printf("Time to live exceeded\n");
2418 case ICMP6_TIME_EXCEED_REASSEMBLY:
2419 (void)printf("Frag reassembly time exceeded\n");
2422 (void)printf("Time exceeded, Bad Code: %d\n",
2426 pr_retip((struct ip6_hdr *)(icp + 1), end);
2428 case ICMP6_PARAM_PROB:
2429 (void)printf("Parameter problem: ");
2430 switch (icp->icmp6_code) {
2431 case ICMP6_PARAMPROB_HEADER:
2432 (void)printf("Erroneous Header ");
2434 case ICMP6_PARAMPROB_NEXTHEADER:
2435 (void)printf("Unknown Nextheader ");
2437 case ICMP6_PARAMPROB_OPTION:
2438 (void)printf("Unrecognized Option ");
2441 (void)printf("Bad code(%d) ", icp->icmp6_code);
2444 (void)printf("pointer = 0x%02x\n",
2445 (u_int32_t)ntohl(icp->icmp6_pptr));
2446 pr_retip((struct ip6_hdr *)(icp + 1), end);
2448 case ICMP6_ECHO_REQUEST:
2449 (void)printf("Echo Request");
2450 /* XXX ID + Seq + Data */
2452 case ICMP6_ECHO_REPLY:
2453 (void)printf("Echo Reply");
2454 /* XXX ID + Seq + Data */
2456 case ICMP6_MEMBERSHIP_QUERY:
2457 (void)printf("Listener Query");
2459 case ICMP6_MEMBERSHIP_REPORT:
2460 (void)printf("Listener Report");
2462 case ICMP6_MEMBERSHIP_REDUCTION:
2463 (void)printf("Listener Done");
2465 case ND_ROUTER_SOLICIT:
2466 (void)printf("Router Solicitation");
2468 case ND_ROUTER_ADVERT:
2469 (void)printf("Router Advertisement");
2471 case ND_NEIGHBOR_SOLICIT:
2472 (void)printf("Neighbor Solicitation");
2474 case ND_NEIGHBOR_ADVERT:
2475 (void)printf("Neighbor Advertisement");
2478 red = (struct nd_redirect *)icp;
2479 (void)printf("Redirect\n");
2480 if (!inet_ntop(AF_INET6, &red->nd_rd_dst, ntop_buf,
2482 strlcpy(ntop_buf, "?", sizeof(ntop_buf));
2483 (void)printf("Destination: %s", ntop_buf);
2484 if (!inet_ntop(AF_INET6, &red->nd_rd_target, ntop_buf,
2486 strlcpy(ntop_buf, "?", sizeof(ntop_buf));
2487 (void)printf(" New Target: %s", ntop_buf);
2489 case ICMP6_NI_QUERY:
2490 (void)printf("Node Information Query");
2491 /* XXX ID + Seq + Data */
2492 ni = (struct icmp6_nodeinfo *)icp;
2493 l = end - (u_char *)(ni + 1);
2495 switch (ntohs(ni->ni_qtype)) {
2497 (void)printf("NOOP");
2499 case NI_QTYPE_SUPTYPES:
2500 (void)printf("Supported qtypes");
2503 (void)printf("DNS name");
2505 case NI_QTYPE_NODEADDR:
2506 (void)printf("nodeaddr");
2508 case NI_QTYPE_IPV4ADDR:
2509 (void)printf("IPv4 nodeaddr");
2512 (void)printf("unknown qtype");
2515 if (options & F_VERBOSE) {
2516 switch (ni->ni_code) {
2517 case ICMP6_NI_SUBJ_IPV6:
2518 if (l == sizeof(struct in6_addr) &&
2519 inet_ntop(AF_INET6, ni + 1, ntop_buf,
2520 sizeof(ntop_buf)) != NULL) {
2521 (void)printf(", subject=%s(%s)",
2522 niqcode[ni->ni_code], ntop_buf);
2525 /* backward compat to -W */
2526 (void)printf(", oldfqdn");
2528 (void)printf(", invalid");
2532 case ICMP6_NI_SUBJ_FQDN:
2533 if (end == (u_char *)(ni + 1)) {
2534 (void)printf(", no subject");
2537 printf(", subject=%s", niqcode[ni->ni_code]);
2538 cp = (const u_char *)(ni + 1);
2539 cp = dnsdecode(cp, end, NULL, dnsname,
2542 printf("(%s)", dnsname);
2544 printf("(invalid)");
2546 case ICMP6_NI_SUBJ_IPV4:
2547 if (l == sizeof(struct in_addr) &&
2548 inet_ntop(AF_INET, ni + 1, ntop_buf,
2549 sizeof(ntop_buf)) != NULL) {
2550 (void)printf(", subject=%s(%s)",
2551 niqcode[ni->ni_code], ntop_buf);
2553 (void)printf(", invalid");
2556 (void)printf(", invalid");
2561 case ICMP6_NI_REPLY:
2562 (void)printf("Node Information Reply");
2563 /* XXX ID + Seq + Data */
2564 ni = (struct icmp6_nodeinfo *)icp;
2566 switch (ntohs(ni->ni_qtype)) {
2568 (void)printf("NOOP");
2570 case NI_QTYPE_SUPTYPES:
2571 (void)printf("Supported qtypes");
2574 (void)printf("DNS name");
2576 case NI_QTYPE_NODEADDR:
2577 (void)printf("nodeaddr");
2579 case NI_QTYPE_IPV4ADDR:
2580 (void)printf("IPv4 nodeaddr");
2583 (void)printf("unknown qtype");
2586 if (options & F_VERBOSE) {
2587 if (ni->ni_code > nitems(nircode))
2588 printf(", invalid");
2590 printf(", %s", nircode[ni->ni_code]);
2594 (void)printf("Bad ICMP type: %d", icp->icmp6_type);
2600 * Print an IP6 header.
2603 pr_iph(struct ip6_hdr *ip6)
2605 u_int32_t flow = ip6->ip6_flow & IPV6_FLOWLABEL_MASK;
2607 char ntop_buf[INET6_ADDRSTRLEN];
2609 tc = *(&ip6->ip6_vfc + 1); /* XXX */
2610 tc = (tc >> 4) & 0x0f;
2611 tc |= (ip6->ip6_vfc << 4);
2613 printf("Vr TC Flow Plen Nxt Hlim\n");
2614 printf(" %1x %02x %05x %04x %02x %02x\n",
2615 (ip6->ip6_vfc & IPV6_VERSION_MASK) >> 4, tc, (u_int32_t)ntohl(flow),
2616 ntohs(ip6->ip6_plen), ip6->ip6_nxt, ip6->ip6_hlim);
2617 if (!inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, sizeof(ntop_buf)))
2618 strlcpy(ntop_buf, "?", sizeof(ntop_buf));
2619 printf("%s->", ntop_buf);
2620 if (!inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, sizeof(ntop_buf)))
2621 strlcpy(ntop_buf, "?", sizeof(ntop_buf));
2622 printf("%s\n", ntop_buf);
2627 * Return an ascii host address as a dotted quad and optionally with
2631 pr_addr(struct sockaddr *addr, int addrlen)
2633 static char buf[NI_MAXHOST];
2636 if ((options & F_HOSTNAME) == 0)
2637 flag |= NI_NUMERICHOST;
2639 if (cap_getnameinfo(capdns, addr, addrlen, buf, sizeof(buf), NULL, 0,
2648 * Dump some info on a returned (via ICMPv6) IPv6 packet.
2651 pr_retip(struct ip6_hdr *ip6, u_char *end)
2653 u_char *cp = (u_char *)ip6, nh;
2656 if ((size_t)(end - (u_char *)ip6) < sizeof(*ip6)) {
2661 hlen = sizeof(*ip6);
2665 while (end - cp >= 8) {
2669 case IPPROTO_HOPOPTS:
2671 hlen = (((struct ip6_hbh *)cp)->ip6h_len+1) << 3;
2672 nh = ((struct ip6_hbh *)cp)->ip6h_nxt;
2674 case IPPROTO_DSTOPTS:
2676 hlen = (((struct ip6_dest *)cp)->ip6d_len+1) << 3;
2677 nh = ((struct ip6_dest *)cp)->ip6d_nxt;
2679 case IPPROTO_FRAGMENT:
2681 hlen = sizeof(struct ip6_frag);
2682 nh = ((struct ip6_frag *)cp)->ip6f_nxt;
2684 case IPPROTO_ROUTING:
2686 hlen = (((struct ip6_rthdr *)cp)->ip6r_len+1) << 3;
2687 nh = ((struct ip6_rthdr *)cp)->ip6r_nxt;
2692 memcpy(&ah, cp, sizeof(ah));
2693 hlen = (ah.ah_len+2) << 2;
2697 case IPPROTO_ICMPV6:
2698 printf("ICMP6: type = %d, code = %d\n",
2705 printf("TCP: from port %u, to port %u (decimal)\n",
2706 (*cp * 256 + *(cp + 1)),
2707 (*(cp + 2) * 256 + *(cp + 3)));
2710 printf("UDP: from port %u, to port %u (decimal)\n",
2711 (*cp * 256 + *(cp + 1)),
2712 (*(cp + 2) * 256 + *(cp + 3)));
2715 printf("Unknown Header(%d)\n", nh);
2719 if ((cp += hlen) >= end)
2734 fill(char *bp, char *patp)
2740 for (cp = patp; *cp; cp++)
2742 errx(1, "patterns must be specified as hex digits");
2744 "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x",
2745 &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6],
2746 &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12],
2747 &pat[13], &pat[14], &pat[15]);
2752 (size_t)kk <= MAXDATALEN - 8 + sizeof(struct tv32) + ii;
2754 for (jj = 0; jj < ii; ++jj)
2755 bp[jj + kk] = pat[jj];
2756 if (!(options & F_QUIET)) {
2757 (void)printf("PATTERN: 0x");
2758 for (jj = 0; jj < ii; ++jj)
2759 (void)printf("%02x", bp[jj] & 0xFF);
2765 #ifdef IPSEC_POLICY_IPSEC
2767 setpolicy(int so __unused, char *policy)
2772 return 0; /* ignore */
2774 buf = ipsec_set_policy(policy, strlen(policy));
2776 errx(1, "%s", ipsec_strerror());
2777 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_IPSEC_POLICY, buf,
2778 ipsec_get_policylen(buf)) < 0)
2779 warnx("Unable to set IPsec policy");
2788 nigroup(char *name, int nig_oldmcprefix)
2793 u_int8_t digest[16];
2796 char hbuf[NI_MAXHOST];
2797 struct in6_addr in6;
2800 p = strchr(name, '.');
2802 p = name + strlen(name);
2804 if (l > 63 || l > sizeof(hbuf) - 1)
2805 return NULL; /*label too long*/
2806 strncpy(hbuf, name, l);
2807 hbuf[(int)l] = '\0';
2809 for (q = name; *q; q++) {
2810 if (isupper(*(unsigned char *)q))
2811 *q = tolower(*(unsigned char *)q);
2814 /* generate 16 bytes of pseudo-random value. */
2815 memset(&ctxt, 0, sizeof(ctxt));
2818 MD5Update(&ctxt, &c, sizeof(c));
2819 MD5Update(&ctxt, (unsigned char *)name, l);
2820 MD5Final(digest, &ctxt);
2822 if (nig_oldmcprefix) {
2823 /* draft-ietf-ipngwg-icmp-name-lookup */
2824 valid = inet_pton(AF_INET6, "ff02::2:0000:0000", &in6);
2827 valid = inet_pton(AF_INET6, "ff02::2:ff00:0000", &in6);
2830 return NULL; /*XXX*/
2832 if (nig_oldmcprefix) {
2833 /* draft-ietf-ipngwg-icmp-name-lookup */
2834 bcopy(digest, &in6.s6_addr[12], 4);
2837 bcopy(digest, &in6.s6_addr[13], 3);
2840 if (inet_ntop(AF_INET6, &in6, hbuf, sizeof(hbuf)) == NULL)
2843 return strdup(hbuf);
2849 (void)fprintf(stderr,
2850 #if defined(IPSEC) && !defined(IPSEC_POLICY_IPSEC)
2855 #if defined(IPSEC) && !defined(IPSEC_POLICY_IPSEC)
2859 #ifdef IPV6_USE_MIN_MTU
2863 "[-b bufsiz] [-c count] [-e gateway]\n"
2864 " [-I interface] [-i wait] [-k addrtype] [-l preload] "
2867 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
2870 " [-S sourceaddr] [-s packetsize]\n"
2871 " [-t timeout] [-W waittime] [hops ...] host\n");
2875 static cap_channel_t *
2878 cap_channel_t *capcas, *capdnsloc;
2880 const char *types[2];
2883 capcas = cap_init();
2885 err(1, "unable to create casper process");
2886 capdnsloc = cap_service_open(capcas, "system.dns");
2887 /* Casper capability no longer needed. */
2889 if (capdnsloc == NULL)
2890 err(1, "unable to open system.dns service");
2892 types[0] = "NAME2ADDR";
2893 types[1] = "ADDR2NAME";
2894 if (cap_dns_type_limit(capdnsloc, types, nitems(types)) < 0)
2895 err(1, "unable to limit access to system.dns service");
2896 families[0] = AF_INET6;
2897 if (cap_dns_family_limit(capdnsloc, families, nitems(families)) < 0)
2898 err(1, "unable to limit access to system.dns service");
projects / FreeBSD / FreeBSD.git / blob