2 * Copyright (c) 1988, 1989, 1991, 1994, 1995, 1996, 1997, 1998, 1999, 2000
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
23 * traceroute host - trace the route ip packets follow going to "host".
25 * Attempt to trace the route an ip packet would follow to some
26 * internet host. We find out intermediate hops by launching probe
27 * packets with a small ttl (time to live) then listening for an
28 * icmp "time exceeded" reply from a gateway. We start our probes
29 * with a ttl of one and increase by one until we get an icmp "port
30 * unreachable" (which means we got to "host") or hit a max (which
31 * defaults to net.inet.ip.ttl hops & can be changed with the -m flag).
32 * Three probes (change with -q flag) are sent at each ttl setting and
33 * a line is printed showing the ttl, address of the gateway and
34 * round trip time of each probe. If the probe answers come from
35 * different gateways, the address of each responding system will
36 * be printed. If there is no response within a 5 sec. timeout
37 * interval (changed with the -w flag), a "*" is printed for that
40 * Probe packets are UDP format. We don't want the destination
41 * host to process them so the destination port is set to an
42 * unlikely value (if some clod on the destination is using that
43 * value, it can be changed with the -p flag).
45 * A sample use might be:
47 * [yak 71]% traceroute nis.nsf.net.
48 * traceroute to nis.nsf.net (35.1.1.48), 64 hops max, 40 byte packets
49 * 1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms
50 * 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
51 * 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
52 * 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms
53 * 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms
54 * 6 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms
55 * 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms
56 * 8 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms
57 * 9 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms
58 * 10 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms
59 * 11 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms
61 * Note that lines 2 & 3 are the same. This is due to a buggy
62 * kernel on the 2nd hop system -- lbl-csam.arpa -- that forwards
63 * packets with a zero ttl.
65 * A more interesting example is:
67 * [yak 72]% traceroute allspice.lcs.mit.edu.
68 * traceroute to allspice.lcs.mit.edu (18.26.0.115), 64 hops max, 40 byte packets
69 * 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
70 * 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms
71 * 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms
72 * 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms
73 * 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms
74 * 6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms
75 * 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms
76 * 8 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms
77 * 9 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms
78 * 10 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms
79 * 11 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms
81 * 13 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms
86 * 18 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms
88 * (I start to see why I'm having so much trouble with mail to
89 * MIT.) Note that the gateways 12, 14, 15, 16 & 17 hops away
90 * either don't send ICMP "time exceeded" messages or send them
91 * with a ttl too small to reach us. 14 - 17 are running the
92 * MIT C Gateway code that doesn't send "time exceeded"s. God
93 * only knows what's going on with 12.
95 * The silent gateway 12 in the above may be the result of a bug in
96 * the 4.[23]BSD network code (and its derivatives): 4.x (x <= 3)
97 * sends an unreachable message using whatever ttl remains in the
98 * original datagram. Since, for gateways, the remaining ttl is
99 * zero, the icmp "time exceeded" is guaranteed to not make it back
100 * to us. The behavior of this bug is slightly more interesting
101 * when it appears on the destination system:
103 * 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
104 * 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 39 ms
105 * 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 39 ms 19 ms
106 * 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 19 ms
107 * 5 ccn-nerif35.Berkeley.EDU (128.32.168.35) 39 ms 39 ms 39 ms
108 * 6 csgw.Berkeley.EDU (128.32.133.254) 39 ms 59 ms 39 ms
115 * 13 rip.Berkeley.EDU (128.32.131.22) 59 ms ! 39 ms ! 39 ms !
117 * Notice that there are 12 "gateways" (13 is the final
118 * destination) and exactly the last half of them are "missing".
119 * What's really happening is that rip (a Sun-3 running Sun OS3.5)
120 * is using the ttl from our arriving datagram as the ttl in its
121 * icmp reply. So, the reply will time out on the return path
122 * (with no notice sent to anyone since icmp's aren't sent for
123 * icmp's) until we probe with a ttl that's at least twice the path
124 * length. I.e., rip is really only 7 hops away. A reply that
125 * returns with a ttl of 1 is a clue this problem exists.
126 * Traceroute prints a "!" after the time if the ttl is <= 1.
127 * Since vendors ship a lot of obsolete (DEC's Ultrix, Sun 3.x) or
128 * non-standard (HPUX) software, expect to see this problem
129 * frequently and/or take care picking the target host of your
132 * Other possible annotations after the time are !H, !N, !P (got a host,
133 * network or protocol unreachable, respectively), !S or !F (source
134 * route failed or fragmentation needed -- neither of these should
135 * ever occur and the associated gateway is busted if you see one). If
136 * almost all the probes result in some kind of unreachable, traceroute
137 * will give up and exit.
141 * This program must be run by root or be setuid. (I suggest that
142 * you *don't* make it setuid -- casual use could result in a lot
143 * of unnecessary traffic on our poor, congested nets.)
145 * This program requires a kernel mod that does not appear in any
146 * system available from Berkeley: A raw ip socket using proto
147 * IPPROTO_RAW must interpret the data sent as an ip datagram (as
148 * opposed to data to be wrapped in an ip datagram). See the README
149 * file that came with the source to this program for a description
150 * of the mods I made to /sys/netinet/raw_ip.c. Your mileage may
151 * vary. But, again, ANY 4.x (x < 4) BSD KERNEL WILL HAVE TO BE
152 * MODIFIED TO RUN THIS PROGRAM.
154 * The udp port usage may appear bizarre (well, ok, it is bizarre).
155 * The problem is that an icmp message only contains 8 bytes of
156 * data from the original datagram. 8 bytes is the size of a udp
157 * header so, if we want to associate replies with the original
158 * datagram, the necessary information must be encoded into the
159 * udp header (the ip id could be used but there's no way to
160 * interlock with the kernel's assignment of ip id's and, anyway,
161 * it would have taken a lot more kernel hacking to allow this
162 * code to set the ip id). So, to allow two or more users to
163 * use traceroute simultaneously, we use this task's pid as the
164 * source port (the high bit is set to move the port number out
165 * of the "likely" range). To keep track of which probe is being
166 * replied to (so times and/or hop counts don't get confused by a
167 * reply that was delayed in transit), we increment the destination
168 * port number before each probe.
170 * Don't use this as a coding example. I was trying to find a
171 * routing problem and this code sort-of popped out after 48 hours
172 * without sleep. I was amazed it ever compiled, much less ran.
174 * I stole the idea for this program from Steve Deering. Since
175 * the first release, I've learned that had I attended the right
176 * IETF working group meetings, I also could have stolen it from Guy
177 * Almes or Matt Mathis. I don't know (or care) who came up with
178 * the idea first. I envy the originators' perspicacity and I'm
179 * glad they didn't keep the idea a secret.
181 * Tim Seaver, Ken Adelman and C. Philip Wood provided bug fixes and/or
182 * enhancements to the original distribution.
184 * I've hacked up a round-trip-route version of this that works by
185 * sending a loose-source-routed udp datagram through the destination
186 * back to yourself. Unfortunately, SO many gateways botch source
187 * routing, the thing is almost worthless. Maybe one day...
189 * -- Van Jacobson (van@ee.lbl.gov)
190 * Tue Dec 20 03:50:13 PST 1988
193 #include <sys/param.h>
194 #include <sys/capsicum.h>
195 #include <sys/file.h>
196 #include <sys/ioctl.h>
197 #include <sys/select.h>
198 #include <sys/socket.h>
199 #include <sys/sysctl.h>
200 #include <sys/time.h>
202 #include <netinet/in_systm.h>
203 #include <netinet/in.h>
204 #include <netinet/ip.h>
205 #include <netinet/ip_var.h>
206 #include <netinet/ip_icmp.h>
207 #include <netinet/sctp.h>
208 #include <netinet/sctp_header.h>
209 #include <netinet/udp.h>
210 #include <netinet/tcp.h>
211 #include <netinet/tcpip.h>
213 #include <arpa/inet.h>
216 #include <libcasper.h>
217 #include <casper/cap_dns.h>
221 #include <net/route.h>
222 #include <netipsec/ipsec.h> /* XXX */
226 #include <capsicum_helpers.h>
239 #ifndef ICMP_UNREACH_FILTER_PROHIB
240 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */
242 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
243 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */
245 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
246 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
249 #include "findsaddr.h"
250 #include "ifaddrlist.h"
252 #include "traceroute.h"
254 /* Maximum number of gateways (include room for one noop) */
255 #define NGATEWAYS ((int)((MAX_IPOPTLEN - IPOPT_MINOFF - 1) / sizeof(u_int32_t)))
257 #ifndef MAXHOSTNAMELEN
258 #define MAXHOSTNAMELEN 64
261 #define Fprintf (void)fprintf
262 #define Printf (void)printf
264 /* What a GRE packet header looks like */
268 u_int16_t length; /* PPTP version of these fields */
272 #define IPPROTO_GRE 47
275 /* For GRE, we prepare what looks like a PPTP packet */
276 #define GRE_PPTP_PROTO 0x880b
278 /* Host name and address list */
285 /* Data section of the probe packet */
287 u_char seq; /* sequence number of this packet */
288 u_char ttl; /* ttl packet left with */
289 struct timeval tv; /* time packet left */
292 u_char packet[512]; /* last inbound (icmp) packet */
294 struct ip *outip; /* last output ip packet */
295 u_char *outp; /* last output inner protocol packet */
297 struct ip *hip = NULL; /* Quoted IP header */
300 /* loose source route gateway list (including room for final destination) */
301 u_int32_t gwlist[NGATEWAYS + 1];
303 int s; /* receive (icmp) socket file descriptor */
304 int sndsock; /* send (udp) socket file descriptor */
306 struct sockaddr whereto; /* Who to try to reach */
307 struct sockaddr wherefrom; /* Who we are */
308 int packlen; /* total length of packet */
309 int protlen; /* length of protocol part of packet */
310 int minpacket; /* min ip packet size */
311 int maxpacket = 32 * 1024; /* max ip packet size */
312 int pmtu; /* Path MTU Discovery (RFC1191) */
319 static const char devnull[] = "/dev/null";
325 u_short port; /* protocol specific base "port" */
327 int options; /* socket options */
329 int waittime = 5; /* time to wait for response (in seconds) */
330 int nflag; /* print addresses numerically */
331 int as_path; /* print as numbers for each hop */
332 char *as_server = NULL;
334 #ifdef CANT_HACK_IPCKSUM
335 int doipcksum = 0; /* don't calculate ip checksums by default */
337 int doipcksum = 1; /* calculate ip checksums by default */
339 int optlen; /* length of ip options */
340 int fixedPort = 0; /* Use fixed destination port for TCP and UDP */
341 int printdiff = 0; /* Print the difference between sent and quoted */
342 int ecnflag = 0; /* ECN bleaching detection flag */
349 static cap_channel_t *capdns;
353 double deltaT(struct timeval *, struct timeval *);
354 void freehostinfo(struct hostinfo *);
355 void getaddr(u_int32_t *, char *);
356 struct hostinfo *gethostinfo(char *);
357 u_short in_cksum(u_short *, int);
358 u_int32_t sctp_crc32c(const void *, u_int32_t);
359 char *inetname(struct in_addr);
360 int main(int, char **);
361 u_short p_cksum(struct ip *, u_short *, int, int);
362 int packet_ok(u_char *, int, struct sockaddr_in *, int);
363 char *pr_type(u_char);
364 void print(u_char *, int, struct sockaddr_in *);
366 int setpolicy(int so, char *policy);
368 void send_probe(int, int);
369 struct outproto *setproto(char *);
370 int str2val(const char *, const char *, int, int);
371 void tvsub(struct timeval *, struct timeval *);
373 int wait_for_reply(int, struct sockaddr_in *, const struct timeval *);
374 void pkt_compare(const u_char *, int, const u_char *, int);
376 void udp_prep(struct outdata *);
377 int udp_check(const u_char *, int);
378 void udplite_prep(struct outdata *);
379 int udplite_check(const u_char *, int);
380 void tcp_prep(struct outdata *);
381 int tcp_check(const u_char *, int);
382 void sctp_prep(struct outdata *);
383 int sctp_check(const u_char *, int);
384 void gre_prep(struct outdata *);
385 int gre_check(const u_char *, int);
386 void gen_prep(struct outdata *);
387 int gen_check(const u_char *, int);
388 void icmp_prep(struct outdata *);
389 int icmp_check(const u_char *, int);
391 /* Descriptor structure for each outgoing protocol we support */
393 char *name; /* name of protocol */
394 const char *key; /* An ascii key for the bytes of the header */
395 u_char num; /* IP protocol number */
396 u_short hdrlen; /* max size of protocol header */
397 u_short port; /* default base protocol-specific "port" */
398 void (*prepare)(struct outdata *);
399 /* finish preparing an outgoing packet */
400 int (*check)(const u_char *, int);
401 /* check an incoming packet */
404 /* List of supported protocols. The first one is the default. The last
405 one is the handler for generic protocols not explicitly listed. */
406 struct outproto protos[] = {
411 sizeof(struct udphdr),
420 sizeof(struct udphdr),
427 "spt dpt seq ack xxflwin sum urp",
429 sizeof(struct tcphdr),
436 "spt dpt vtag crc tyfllen tyfllen ",
438 sizeof(struct sctphdr),
447 sizeof(struct grehdr),
471 struct outproto *proto = &protos[0];
473 const char *ip_hdr_key = "vhtslen id off tlprsum srcip dstip opts";
476 main(int argc, char **argv)
478 register int op, code, n;
480 register const char *err;
481 register u_int32_t *ap;
482 register struct sockaddr_in *from = (struct sockaddr_in *)&wherefrom;
483 register struct sockaddr_in *to = (struct sockaddr_in *)&whereto;
484 register struct hostinfo *hi;
486 register struct protoent *pe;
487 register int ttl, probe, i;
488 register int seq = 0;
489 int tos = 0, settos = 0;
490 register int lsrr = 0;
491 register u_short off = 0;
492 struct ifaddrlist *al;
494 int requestPort = -1;
498 const char *types[] = { "NAME2ADDR", "ADDR2NAME" };
500 cap_channel_t *casper;
505 /* Insure the socket fds won't be 0, 1 or 2 */
506 if (open(devnull, O_RDONLY) < 0 ||
507 open(devnull, O_RDONLY) < 0 ||
508 open(devnull, O_RDONLY) < 0) {
509 Fprintf(stderr, "%s: open \"%s\": %s\n",
510 prog, devnull, strerror(errno));
514 * Do the setuid-required stuff first, then lose privileges ASAP.
515 * Do error checking for these two calls where they appeared in
519 pe = getprotobyname(cp);
521 if ((s = socket(AF_INET, SOCK_RAW, pe->p_proto)) < 0)
523 else if ((sndsock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0)
527 if (setuid(getuid()) != 0) {
535 errx(1, "unable to create casper process");
536 capdns = cap_service_open(casper, "system.dns");
538 errx(1, "unable to open system.dns service");
539 if (cap_dns_type_limit(capdns, types, 2) < 0)
540 errx(1, "unable to limit access to system.dns service");
541 families[0] = AF_INET;
542 if (cap_dns_family_limit(capdns, families, 1) < 0)
543 errx(1, "unable to limit access to system.dns service");
544 #endif /* WITH_CASPER */
548 int mib[4] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_DEFTTL };
549 size_t sz = sizeof(max_ttl);
551 if (sysctl(mib, 4, &max_ttl, &sz, NULL, 0) == -1) {
552 perror("sysctl(net.inet.ip.ttl)");
556 #else /* !IPCTL_DEFTTL */
566 else if ((cp = strrchr(argv[0], '/')) != NULL)
572 while ((op = getopt(argc, argv, "aA:eEdDFInrSvxf:g:i:M:m:P:p:q:s:t:w:z:")) != EOF)
600 case 'M': /* FreeBSD compat. */
601 first_ttl = str2val(optarg, "first ttl", 1, 255);
609 if (lsrr >= NGATEWAYS) {
611 "%s: No more than %d gateways\n",
615 getaddr(gwlist + lsrr, optarg);
624 proto = setproto("icmp");
628 max_ttl = str2val(optarg, "max ttl", 1, 255);
636 proto = setproto(optarg);
640 requestPort = (u_short)str2val(optarg, "port",
645 nprobes = str2val(optarg, "nprobes", 1, -1);
649 options |= SO_DONTROUTE;
654 * set the ip source address of the outbound
655 * probe (e.g., on a multi-homed host).
665 tos = str2val(optarg, "tos", 0, 255);
674 doipcksum = (doipcksum == 0);
678 waittime = str2val(optarg, "wait time",
683 pausemsecs = str2val(optarg, "pause msecs",
691 /* Set requested port, if any, else default for this protocol */
692 port = (requestPort != -1) ? requestPort : proto->port;
695 nprobes = printdiff ? 1 : 3;
697 if (first_ttl > max_ttl) {
699 "%s: first ttl (%d) may not be greater than max ttl (%d)\n",
700 prog, first_ttl, max_ttl);
705 Fprintf(stderr, "%s: Warning: ip checksums disabled\n", prog);
708 optlen = (lsrr + 1) * sizeof(gwlist[0]);
709 minpacket = sizeof(*outip) + proto->hdrlen + optlen;
715 /* Process destination and optional packet size */
716 switch (argc - optind) {
719 packlen = str2val(argv[optind + 1],
720 "packet length", minpacket, maxpacket);
724 hostname = argv[optind];
725 hi = gethostinfo(hostname);
726 setsin(to, hi->addrs[0]);
729 "%s: Warning: %s has multiple addresses; using %s\n",
730 prog, hostname, inet_ntoa(to->sin_addr));
742 protlen = packlen - sizeof(*outip) - optlen;
743 if ((proto->num == IPPROTO_SCTP) && (packlen & 3)) {
744 Fprintf(stderr, "%s: packet length must be a multiple of 4\n",
749 outip = (struct ip *)malloc((unsigned)packlen);
751 Fprintf(stderr, "%s: malloc: %s\n", prog, strerror(errno));
754 memset((char *)outip, 0, packlen);
756 outip->ip_v = IPVERSION;
760 outip->ip_tos &= ~IPTOS_ECN_MASK;
761 outip->ip_tos |= IPTOS_ECN_ECT1;
763 outip->ip_len = htons(packlen);
764 outip->ip_off = htons(off);
765 outip->ip_p = proto->num;
766 outp = (u_char *)(outip + 1);
768 register u_char *optlist;
774 gwlist[lsrr] = to->sin_addr.s_addr;
776 outip->ip_dst.s_addr = gwlist[0];
778 /* force 4 byte alignment */
779 optlist[0] = IPOPT_NOP;
780 /* loose source route option */
781 optlist[1] = IPOPT_LSRR;
782 i = lsrr * sizeof(gwlist[0]);
784 /* Pointer to LSRR addresses */
785 optlist[3] = IPOPT_MINOFF;
786 memcpy(optlist + 4, gwlist + 1, i);
788 outip->ip_dst = to->sin_addr;
790 outip->ip_hl = (outp - (u_char *)outip) >> 2;
791 ident = (getpid() & 0xffff) | 0x8000;
794 Fprintf(stderr, "%s: unknown protocol %s\n", prog, cp);
799 Fprintf(stderr, "%s: icmp socket: %s\n", prog, strerror(errno));
802 if (options & SO_DEBUG)
803 (void)setsockopt(s, SOL_SOCKET, SO_DEBUG, (char *)&on,
805 if (options & SO_DONTROUTE)
806 (void)setsockopt(s, SOL_SOCKET, SO_DONTROUTE, (char *)&on,
809 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
810 if (setpolicy(s, "in bypass") < 0)
811 errx(1, "%s", ipsec_strerror());
813 if (setpolicy(s, "out bypass") < 0)
814 errx(1, "%s", ipsec_strerror());
815 #endif /* defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) */
819 Fprintf(stderr, "%s: raw socket: %s\n", prog, strerror(errno));
824 if (setsockopt(sndsock, SOL_SOCKET, SO_SNDBUF, (char *)&packlen,
825 sizeof(packlen)) < 0) {
826 Fprintf(stderr, "%s: SO_SNDBUF: %s\n", prog, strerror(errno));
831 if (setsockopt(sndsock, IPPROTO_IP, IP_HDRINCL, (char *)&on,
833 Fprintf(stderr, "%s: IP_HDRINCL: %s\n", prog, strerror(errno));
838 if (settos && setsockopt(sndsock, IPPROTO_IP, IP_TOS,
839 (char *)&tos, sizeof(tos)) < 0) {
840 Fprintf(stderr, "%s: setsockopt tos %d: %s\n",
841 prog, tos, strerror(errno));
846 if (options & SO_DEBUG)
847 (void)setsockopt(sndsock, SOL_SOCKET, SO_DEBUG, (char *)&on,
849 if (options & SO_DONTROUTE)
850 (void)setsockopt(sndsock, SOL_SOCKET, SO_DONTROUTE, (char *)&on,
853 /* Get the interface address list */
854 n = ifaddrlist(&al, errbuf);
856 Fprintf(stderr, "%s: ifaddrlist: %s\n", prog, errbuf);
861 "%s: Can't find any network interfaces\n", prog);
865 /* Look for a specific device */
866 if (device != NULL) {
867 for (i = n; i > 0; --i, ++al)
868 if (strcmp(device, al->device) == 0)
871 Fprintf(stderr, "%s: Can't find interface %.32s\n",
877 /* Determine our source address */
878 if (source == NULL) {
880 * If a device was specified, use the interface address.
881 * Otherwise, try to determine our source address.
884 setsin(from, al->addr);
885 else if ((err = findsaddr(to, from)) != NULL) {
886 Fprintf(stderr, "%s: findsaddr: %s\n",
891 hi = gethostinfo(source);
895 * If the device was specified make sure it
896 * corresponds to the source address specified.
897 * Otherwise, use the first address (and warn if
898 * there are more than one).
900 if (device != NULL) {
901 for (i = hi->n, ap = hi->addrs; i > 0; --i, ++ap)
906 "%s: %s is not on interface %.32s\n",
907 prog, source, device);
912 setsin(from, hi->addrs[0]);
915 "%s: Warning: %s has multiple addresses; using %s\n",
916 prog, source, inet_ntoa(from->sin_addr));
921 outip->ip_src = from->sin_addr;
923 /* Check the source address (-s), if any, is valid */
924 if (bind(sndsock, (struct sockaddr *)from, sizeof(*from)) < 0) {
925 Fprintf(stderr, "%s: bind: %s\n",
926 prog, strerror(errno));
931 asn = as_setup(as_server);
933 Fprintf(stderr, "%s: as_setup failed, AS# lookups"
934 " disabled\n", prog);
935 (void)fflush(stderr);
940 if (connect(sndsock, (struct sockaddr *)&whereto,
941 sizeof(whereto)) != 0) {
942 Fprintf(stderr, "%s: connect: %s\n", prog, strerror(errno));
955 caph_cache_catpages();
958 * Here we enter capability mode. Further down access to global
959 * namespaces (e.g filesystem) is restricted (see capsicum(4)).
960 * We must connect(2) our socket before this point.
962 if (cansandbox && cap_enter() < 0) {
963 if (errno != ENOSYS) {
964 Fprintf(stderr, "%s: cap_enter: %s\n", prog,
972 cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT);
973 if (cansandbox && cap_rights_limit(sndsock, &rights) < 0) {
974 Fprintf(stderr, "%s: cap_rights_limit sndsock: %s\n", prog,
979 cap_rights_init(&rights, CAP_RECV, CAP_EVENT);
980 if (cansandbox && cap_rights_limit(s, &rights) < 0) {
981 Fprintf(stderr, "%s: cap_rights_limit s: %s\n", prog,
986 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
987 if (setpolicy(sndsock, "in bypass") < 0)
988 errx(1, "%s", ipsec_strerror());
990 if (setpolicy(sndsock, "out bypass") < 0)
991 errx(1, "%s", ipsec_strerror());
992 #endif /* defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) */
994 Fprintf(stderr, "%s to %s (%s)",
995 prog, hostname, inet_ntoa(to->sin_addr));
997 Fprintf(stderr, " from %s", source);
998 Fprintf(stderr, ", %d hops max, %d byte packets\n", max_ttl, packlen);
999 (void)fflush(stderr);
1001 for (ttl = first_ttl; ttl <= max_ttl; ++ttl) {
1002 u_int32_t lastaddr = 0;
1003 int gotlastaddr = 0;
1005 int unreachable = 0;
1009 Printf("%2d ", ttl);
1010 for (probe = 0, loss = 0; probe < nprobes; ++probe) {
1012 struct timeval t1, t2;
1013 register struct ip *ip;
1014 struct outdata outdata;
1016 if (sentfirst && pausemsecs > 0)
1017 usleep(pausemsecs * 1000);
1018 /* Prepare outgoing data */
1019 outdata.seq = ++seq;
1022 /* Avoid alignment problems by copying bytewise: */
1023 (void)gettimeofday(&t1, NULL);
1024 memcpy(&outdata.tv, &t1, sizeof(outdata.tv));
1026 /* Finalize and send packet */
1027 (*proto->prepare)(&outdata);
1028 send_probe(seq, ttl);
1031 /* Wait for a reply */
1032 while ((cc = wait_for_reply(s, from, &t1)) != 0) {
1036 (void)gettimeofday(&t2, NULL);
1037 i = packet_ok(packet, cc, from, seq);
1038 /* Skip short packet */
1042 from->sin_addr.s_addr != lastaddr) {
1045 print(packet, cc, from);
1046 lastaddr = from->sin_addr.s_addr;
1049 T = deltaT(&t1, &t2);
1050 #ifdef SANE_PRECISION
1053 else if (T >= 100.0)
1060 Printf(" %.*f ms", precis, T);
1062 u_char ecn = hip->ip_tos & IPTOS_ECN_MASK;
1064 case IPTOS_ECN_ECT1:
1065 Printf(" (ecn=passed)");
1067 case IPTOS_ECN_NOTECT:
1068 Printf(" (ecn=bleached)");
1071 Printf(" (ecn=congested)");
1074 Printf(" (ecn=mangled)");
1081 -(outip->ip_hl << 3),
1085 pkt_compare((void *)outip, packlen,
1086 (void *)hip, hiplen);
1090 ip = (struct ip *)packet;
1091 if (ip->ip_ttl <= 1)
1097 /* time exceeded in transit */
1103 case ICMP_UNREACH_PORT:
1105 ip = (struct ip *)packet;
1106 if (ip->ip_ttl <= 1)
1112 case ICMP_UNREACH_NET:
1117 case ICMP_UNREACH_HOST:
1122 case ICMP_UNREACH_PROTOCOL:
1127 case ICMP_UNREACH_NEEDFRAG:
1129 Printf(" !F-%d", pmtu);
1132 case ICMP_UNREACH_SRCFAIL:
1137 case ICMP_UNREACH_NET_UNKNOWN:
1142 case ICMP_UNREACH_HOST_UNKNOWN:
1147 case ICMP_UNREACH_ISOLATED:
1152 case ICMP_UNREACH_NET_PROHIB:
1157 case ICMP_UNREACH_HOST_PROHIB:
1162 case ICMP_UNREACH_TOSNET:
1167 case ICMP_UNREACH_TOSHOST:
1172 case ICMP_UNREACH_FILTER_PROHIB:
1177 case ICMP_UNREACH_HOST_PRECEDENCE:
1182 case ICMP_UNREACH_PRECEDENCE_CUTOFF:
1189 Printf(" !<%d>", code);
1198 (void)fflush(stdout);
1201 Printf(" (%d%% loss)", (loss * 100) / nprobes);
1205 (unreachable > 0 && unreachable >= nprobes - 1))
1214 wait_for_reply(register int sock, register struct sockaddr_in *fromp,
1215 register const struct timeval *tp)
1219 struct timeval now, wait;
1220 register int cc = 0;
1222 int fromlen = sizeof(*fromp);
1224 nfds = howmany(sock + 1, NFDBITS);
1225 if ((fdsp = malloc(nfds * sizeof(fd_mask))) == NULL)
1227 memset(fdsp, 0, nfds * sizeof(fd_mask));
1230 wait.tv_sec = tp->tv_sec + waittime;
1231 wait.tv_usec = tp->tv_usec;
1232 (void)gettimeofday(&now, NULL);
1234 if (wait.tv_sec < 0) {
1239 error = select(sock + 1, fdsp, NULL, NULL, &wait);
1240 if (error == -1 && errno == EINVAL) {
1241 Fprintf(stderr, "%s: botched select() args\n", prog);
1245 cc = recvfrom(sock, (char *)packet, sizeof(packet), 0,
1246 (struct sockaddr *)fromp, &fromlen);
1253 send_probe(int seq, int ttl)
1257 outip->ip_ttl = ttl;
1258 outip->ip_id = htons(ident + seq);
1260 /* XXX undocumented debugging hack */
1262 register const u_short *sp;
1263 register int nshorts, i;
1265 sp = (u_short *)outip;
1266 nshorts = (u_int)packlen / sizeof(u_short);
1268 Printf("[ %d bytes", packlen);
1269 while (--nshorts >= 0) {
1272 Printf(" %04x", ntohs(*sp++));
1277 Printf(" %02x", *(u_char *)sp);
1282 #if !defined(IP_HDRINCL) && defined(IP_TTL)
1283 if (setsockopt(sndsock, IPPROTO_IP, IP_TTL,
1284 (char *)&ttl, sizeof(ttl)) < 0) {
1285 Fprintf(stderr, "%s: setsockopt ttl %d: %s\n",
1286 prog, ttl, strerror(errno));
1291 cc = send(sndsock, (char *)outip, packlen, 0);
1292 if (cc < 0 || cc != packlen) {
1294 Fprintf(stderr, "%s: sendto: %s\n",
1295 prog, strerror(errno));
1296 Printf("%s: wrote %s %d chars, ret=%d\n",
1297 prog, hostname, packlen, cc);
1298 (void)fflush(stdout);
1302 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
1304 setpolicy(int so, char *policy)
1308 buf = ipsec_set_policy(policy, strlen(policy));
1310 warnx("%s", ipsec_strerror());
1313 (void)setsockopt(so, IPPROTO_IP, IP_IPSEC_POLICY,
1314 buf, ipsec_get_policylen(buf));
1323 deltaT(struct timeval *t1p, struct timeval *t2p)
1327 dt = (double)(t2p->tv_sec - t1p->tv_sec) * 1000.0 +
1328 (double)(t2p->tv_usec - t1p->tv_usec) / 1000.0;
1333 * Convert an ICMP "type" field to a printable string.
1336 pr_type(register u_char t)
1338 static char *ttab[] = {
1339 "Echo Reply", "ICMP 1", "ICMP 2", "Dest Unreachable",
1340 "Source Quench", "Redirect", "ICMP 6", "ICMP 7",
1341 "Echo", "ICMP 9", "ICMP 10", "Time Exceeded",
1342 "Param Problem", "Timestamp", "Timestamp Reply", "Info Request",
1347 return ("OUT-OF-RANGE");
1353 packet_ok(register u_char *buf, int cc, register struct sockaddr_in *from,
1356 register struct icmp *icp;
1357 register u_char type, code;
1360 register struct ip *ip;
1362 ip = (struct ip *) buf;
1363 hlen = ip->ip_hl << 2;
1364 if (cc < hlen + ICMP_MINLEN) {
1366 Printf("packet too short (%d bytes) from %s\n", cc,
1367 inet_ntoa(from->sin_addr));
1371 icp = (struct icmp *)(buf + hlen);
1373 icp = (struct icmp *)buf;
1375 type = icp->icmp_type;
1376 code = icp->icmp_code;
1377 /* Path MTU Discovery (RFC1191) */
1378 if (code != ICMP_UNREACH_NEEDFRAG)
1381 pmtu = ntohs(icp->icmp_nextmtu);
1383 if (type == ICMP_ECHOREPLY
1384 && proto->num == IPPROTO_ICMP
1385 && (*proto->check)((u_char *)icp, (u_char)seq))
1387 if ((type == ICMP_TIMXCEED && code == ICMP_TIMXCEED_INTRANS) ||
1388 type == ICMP_UNREACH) {
1391 hip = &icp->icmp_ip;
1392 hiplen = ((u_char *)icp + cc) - (u_char *)hip;
1393 hlen = hip->ip_hl << 2;
1394 inner = (u_char *)((u_char *)hip + hlen);
1396 && hip->ip_p == proto->num
1397 && (*proto->check)(inner, (u_char)seq))
1398 return (type == ICMP_TIMXCEED ? -1 : code + 1);
1403 u_int32_t *lp = (u_int32_t *)&icp->icmp_ip;
1405 Printf("\n%d bytes from %s to ", cc, inet_ntoa(from->sin_addr));
1406 Printf("%s: icmp type %d (%s) code %d\n",
1407 inet_ntoa(ip->ip_dst), type, pr_type(type), icp->icmp_code);
1408 for (i = 4; i <= cc - ICMP_MINLEN; i += sizeof(*lp))
1409 Printf("%2d: %8.8x\n", i, ntohl(*lp++));
1416 icmp_prep(struct outdata *outdata)
1418 struct icmp *const icmpheader = (struct icmp *) outp;
1420 icmpheader->icmp_type = ICMP_ECHO;
1421 icmpheader->icmp_id = htons(ident);
1422 icmpheader->icmp_seq = htons(outdata->seq);
1423 icmpheader->icmp_cksum = 0;
1424 icmpheader->icmp_cksum = in_cksum((u_short *)icmpheader, protlen);
1425 if (icmpheader->icmp_cksum == 0)
1426 icmpheader->icmp_cksum = 0xffff;
1430 icmp_check(const u_char *data, int seq)
1432 struct icmp *const icmpheader = (struct icmp *) data;
1434 return (icmpheader->icmp_id == htons(ident)
1435 && icmpheader->icmp_seq == htons(seq));
1439 udp_prep(struct outdata *outdata)
1441 struct udphdr *const outudp = (struct udphdr *) outp;
1443 outudp->uh_sport = htons(ident + (fixedPort ? outdata->seq : 0));
1444 outudp->uh_dport = htons(port + (fixedPort ? 0 : outdata->seq));
1445 outudp->uh_ulen = htons((u_short)protlen);
1448 u_short sum = p_cksum(outip, (u_short *)outudp, protlen, protlen);
1449 outudp->uh_sum = (sum) ? sum : 0xffff;
1456 udp_check(const u_char *data, int seq)
1458 struct udphdr *const udp = (struct udphdr *) data;
1460 return (ntohs(udp->uh_sport) == ident + (fixedPort ? seq : 0) &&
1461 ntohs(udp->uh_dport) == port + (fixedPort ? 0 : seq));
1465 udplite_prep(struct outdata *outdata)
1467 struct udphdr *const outudp = (struct udphdr *) outp;
1469 outudp->uh_sport = htons(ident + (fixedPort ? outdata->seq : 0));
1470 outudp->uh_dport = htons(port + (fixedPort ? 0 : outdata->seq));
1471 outudp->uh_ulen = htons(8);
1474 u_short sum = p_cksum(outip, (u_short *)outudp, protlen, 8);
1475 outudp->uh_sum = (sum) ? sum : 0xffff;
1482 udplite_check(const u_char *data, int seq)
1484 struct udphdr *const udp = (struct udphdr *) data;
1486 return (ntohs(udp->uh_sport) == ident + (fixedPort ? seq : 0) &&
1487 ntohs(udp->uh_dport) == port + (fixedPort ? 0 : seq));
1491 tcp_prep(struct outdata *outdata)
1493 struct tcphdr *const tcp = (struct tcphdr *) outp;
1495 tcp->th_sport = htons(ident);
1496 tcp->th_dport = htons(port + (fixedPort ? 0 : outdata->seq));
1497 tcp->th_seq = (tcp->th_sport << 16) | tcp->th_dport;
1500 tcp->th_flags = TH_SYN;
1504 tcp->th_sum = p_cksum(outip, (u_short *)tcp, protlen, protlen);
1508 tcp_check(const u_char *data, int seq)
1510 struct tcphdr *const tcp = (struct tcphdr *) data;
1512 return (ntohs(tcp->th_sport) == ident
1513 && ntohs(tcp->th_dport) == port + (fixedPort ? 0 : seq)
1514 && tcp->th_seq == (tcp_seq)((tcp->th_sport << 16) | tcp->th_dport));
1518 sctp_prep(struct outdata *outdata)
1520 struct sctphdr *const sctp = (struct sctphdr *) outp;
1521 struct sctp_chunkhdr *chk;
1522 struct sctp_init_chunk *init;
1523 struct sctp_paramhdr *param;
1525 sctp->src_port = htons(ident);
1526 sctp->dest_port = htons(port + (fixedPort ? 0 : outdata->seq));
1527 if (protlen >= (int)(sizeof(struct sctphdr) +
1528 sizeof(struct sctp_init_chunk))) {
1531 sctp->v_tag = (sctp->src_port << 16) | sctp->dest_port;
1533 sctp->checksum = htonl(0);
1534 if (protlen >= (int)(sizeof(struct sctphdr) +
1535 sizeof(struct sctp_init_chunk))) {
1537 * Send a packet containing an INIT chunk. This works
1538 * better in case of firewalls on the path, but
1539 * results in a probe packet containing at least
1540 * 32 bytes of payload. For shorter payloads, use
1541 * SHUTDOWN-ACK chunks.
1543 init = (struct sctp_init_chunk *)(sctp + 1);
1544 init->ch.chunk_type = SCTP_INITIATION;
1545 init->ch.chunk_flags = 0;
1546 init->ch.chunk_length = htons((u_int16_t)(protlen -
1547 sizeof(struct sctphdr)));
1548 init->init.initiate_tag = (sctp->src_port << 16) |
1550 init->init.a_rwnd = htonl(1500);
1551 init->init.num_outbound_streams = htons(1);
1552 init->init.num_inbound_streams = htons(1);
1553 init->init.initial_tsn = htonl(0);
1554 if (protlen >= (int)(sizeof(struct sctphdr) +
1555 sizeof(struct sctp_init_chunk) +
1556 sizeof(struct sctp_paramhdr))) {
1557 param = (struct sctp_paramhdr *)(init + 1);
1558 param->param_type = htons(SCTP_PAD);
1559 param->param_length =
1560 htons((u_int16_t)(protlen -
1561 sizeof(struct sctphdr) -
1562 sizeof(struct sctp_init_chunk)));
1566 * Send a packet containing a SHUTDOWN-ACK chunk,
1567 * possibly followed by a PAD chunk.
1570 (int)(sizeof(struct sctphdr) +
1571 sizeof(struct sctp_chunkhdr))) {
1572 chk = (struct sctp_chunkhdr *)(sctp + 1);
1573 chk->chunk_type = SCTP_SHUTDOWN_ACK;
1574 chk->chunk_flags = 0;
1575 chk->chunk_length = htons(4);
1578 (int)(sizeof(struct sctphdr) +
1579 2 * sizeof(struct sctp_chunkhdr))) {
1581 chk->chunk_type = SCTP_PAD_CHUNK;
1582 chk->chunk_flags = 0;
1583 chk->chunk_length = htons(protlen -
1584 (sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr)));
1588 sctp->checksum = sctp_crc32c(sctp, protlen);
1593 sctp_check(const u_char *data, int seq)
1595 struct sctphdr *const sctp = (struct sctphdr *) data;
1597 if (ntohs(sctp->src_port) != ident ||
1598 ntohs(sctp->dest_port) != port + (fixedPort ? 0 : seq))
1600 if (protlen < (int)(sizeof(struct sctphdr) +
1601 sizeof(struct sctp_init_chunk))) {
1602 return (sctp->v_tag ==
1603 (u_int32_t)((sctp->src_port << 16) | sctp->dest_port));
1606 * Don't verify the initiate_tag, since it is not available,
1609 return (sctp->v_tag == 0);
1614 gre_prep(struct outdata *outdata)
1616 struct grehdr *const gre = (struct grehdr *) outp;
1618 gre->flags = htons(0x2001);
1619 gre->proto = htons(port);
1621 gre->callId = htons(ident + outdata->seq);
1625 gre_check(const u_char *data, int seq)
1627 struct grehdr *const gre = (struct grehdr *) data;
1629 return (ntohs(gre->proto) == port
1630 && ntohs(gre->callId) == ident + seq);
1634 gen_prep(struct outdata *outdata)
1636 u_int16_t *const ptr = (u_int16_t *) outp;
1638 ptr[0] = htons(ident);
1639 ptr[1] = htons(port + outdata->seq);
1643 gen_check(const u_char *data, int seq)
1645 u_int16_t *const ptr = (u_int16_t *) data;
1647 return (ntohs(ptr[0]) == ident
1648 && ntohs(ptr[1]) == port + seq);
1652 print(register u_char *buf, register int cc, register struct sockaddr_in *from)
1654 register struct ip *ip;
1656 char addr[INET_ADDRSTRLEN];
1658 ip = (struct ip *) buf;
1659 hlen = ip->ip_hl << 2;
1662 strlcpy(addr, inet_ntoa(from->sin_addr), sizeof(addr));
1665 Printf(" [AS%u]", as_lookup(asn, addr, AF_INET));
1668 Printf(" %s", addr);
1670 Printf(" %s (%s)", inetname(from->sin_addr), addr);
1673 Printf(" %d bytes to %s", cc, inet_ntoa(ip->ip_dst));
1677 * Checksum routine for UDP and TCP headers.
1680 p_cksum(struct ip *ip, u_short *data, int len, int cov)
1682 static struct ipovly ipo;
1685 ipo.ih_pr = ip->ip_p;
1686 ipo.ih_len = htons(len);
1687 ipo.ih_src = ip->ip_src;
1688 ipo.ih_dst = ip->ip_dst;
1690 sum[1] = in_cksum((u_short *)&ipo, sizeof(ipo)); /* pseudo ip hdr cksum */
1691 sum[0] = in_cksum(data, cov); /* payload data cksum */
1693 return (~in_cksum(sum, sizeof(sum)));
1697 * Checksum routine for Internet Protocol family headers (C Version)
1700 in_cksum(register u_short *addr, register int len)
1702 register int nleft = len;
1703 register u_short *w = addr;
1704 register u_short answer;
1705 register int sum = 0;
1708 * Our algorithm is simple, using a 32 bit accumulator (sum),
1709 * we add sequential 16 bit words to it, and at the end, fold
1710 * back all the carry bits from the top 16 bits into the lower
1718 /* mop up an odd byte, if necessary */
1720 sum += *(u_char *)w;
1723 * add back carry outs from top 16 bits to low 16 bits
1725 sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
1726 sum += (sum >> 16); /* add carry */
1727 answer = ~sum; /* truncate to 16 bits */
1732 * CRC32C routine for the Stream Control Transmission Protocol
1735 #define CRC32C(c, d) (c = (c >> 8) ^ crc_c[(c ^ (d)) & 0xFF])
1737 static u_int32_t crc_c[256] = {
1738 0x00000000, 0xF26B8303, 0xE13B70F7, 0x1350F3F4,
1739 0xC79A971F, 0x35F1141C, 0x26A1E7E8, 0xD4CA64EB,
1740 0x8AD958CF, 0x78B2DBCC, 0x6BE22838, 0x9989AB3B,
1741 0x4D43CFD0, 0xBF284CD3, 0xAC78BF27, 0x5E133C24,
1742 0x105EC76F, 0xE235446C, 0xF165B798, 0x030E349B,
1743 0xD7C45070, 0x25AFD373, 0x36FF2087, 0xC494A384,
1744 0x9A879FA0, 0x68EC1CA3, 0x7BBCEF57, 0x89D76C54,
1745 0x5D1D08BF, 0xAF768BBC, 0xBC267848, 0x4E4DFB4B,
1746 0x20BD8EDE, 0xD2D60DDD, 0xC186FE29, 0x33ED7D2A,
1747 0xE72719C1, 0x154C9AC2, 0x061C6936, 0xF477EA35,
1748 0xAA64D611, 0x580F5512, 0x4B5FA6E6, 0xB93425E5,
1749 0x6DFE410E, 0x9F95C20D, 0x8CC531F9, 0x7EAEB2FA,
1750 0x30E349B1, 0xC288CAB2, 0xD1D83946, 0x23B3BA45,
1751 0xF779DEAE, 0x05125DAD, 0x1642AE59, 0xE4292D5A,
1752 0xBA3A117E, 0x4851927D, 0x5B016189, 0xA96AE28A,
1753 0x7DA08661, 0x8FCB0562, 0x9C9BF696, 0x6EF07595,
1754 0x417B1DBC, 0xB3109EBF, 0xA0406D4B, 0x522BEE48,
1755 0x86E18AA3, 0x748A09A0, 0x67DAFA54, 0x95B17957,
1756 0xCBA24573, 0x39C9C670, 0x2A993584, 0xD8F2B687,
1757 0x0C38D26C, 0xFE53516F, 0xED03A29B, 0x1F682198,
1758 0x5125DAD3, 0xA34E59D0, 0xB01EAA24, 0x42752927,
1759 0x96BF4DCC, 0x64D4CECF, 0x77843D3B, 0x85EFBE38,
1760 0xDBFC821C, 0x2997011F, 0x3AC7F2EB, 0xC8AC71E8,
1761 0x1C661503, 0xEE0D9600, 0xFD5D65F4, 0x0F36E6F7,
1762 0x61C69362, 0x93AD1061, 0x80FDE395, 0x72966096,
1763 0xA65C047D, 0x5437877E, 0x4767748A, 0xB50CF789,
1764 0xEB1FCBAD, 0x197448AE, 0x0A24BB5A, 0xF84F3859,
1765 0x2C855CB2, 0xDEEEDFB1, 0xCDBE2C45, 0x3FD5AF46,
1766 0x7198540D, 0x83F3D70E, 0x90A324FA, 0x62C8A7F9,
1767 0xB602C312, 0x44694011, 0x5739B3E5, 0xA55230E6,
1768 0xFB410CC2, 0x092A8FC1, 0x1A7A7C35, 0xE811FF36,
1769 0x3CDB9BDD, 0xCEB018DE, 0xDDE0EB2A, 0x2F8B6829,
1770 0x82F63B78, 0x709DB87B, 0x63CD4B8F, 0x91A6C88C,
1771 0x456CAC67, 0xB7072F64, 0xA457DC90, 0x563C5F93,
1772 0x082F63B7, 0xFA44E0B4, 0xE9141340, 0x1B7F9043,
1773 0xCFB5F4A8, 0x3DDE77AB, 0x2E8E845F, 0xDCE5075C,
1774 0x92A8FC17, 0x60C37F14, 0x73938CE0, 0x81F80FE3,
1775 0x55326B08, 0xA759E80B, 0xB4091BFF, 0x466298FC,
1776 0x1871A4D8, 0xEA1A27DB, 0xF94AD42F, 0x0B21572C,
1777 0xDFEB33C7, 0x2D80B0C4, 0x3ED04330, 0xCCBBC033,
1778 0xA24BB5A6, 0x502036A5, 0x4370C551, 0xB11B4652,
1779 0x65D122B9, 0x97BAA1BA, 0x84EA524E, 0x7681D14D,
1780 0x2892ED69, 0xDAF96E6A, 0xC9A99D9E, 0x3BC21E9D,
1781 0xEF087A76, 0x1D63F975, 0x0E330A81, 0xFC588982,
1782 0xB21572C9, 0x407EF1CA, 0x532E023E, 0xA145813D,
1783 0x758FE5D6, 0x87E466D5, 0x94B49521, 0x66DF1622,
1784 0x38CC2A06, 0xCAA7A905, 0xD9F75AF1, 0x2B9CD9F2,
1785 0xFF56BD19, 0x0D3D3E1A, 0x1E6DCDEE, 0xEC064EED,
1786 0xC38D26C4, 0x31E6A5C7, 0x22B65633, 0xD0DDD530,
1787 0x0417B1DB, 0xF67C32D8, 0xE52CC12C, 0x1747422F,
1788 0x49547E0B, 0xBB3FFD08, 0xA86F0EFC, 0x5A048DFF,
1789 0x8ECEE914, 0x7CA56A17, 0x6FF599E3, 0x9D9E1AE0,
1790 0xD3D3E1AB, 0x21B862A8, 0x32E8915C, 0xC083125F,
1791 0x144976B4, 0xE622F5B7, 0xF5720643, 0x07198540,
1792 0x590AB964, 0xAB613A67, 0xB831C993, 0x4A5A4A90,
1793 0x9E902E7B, 0x6CFBAD78, 0x7FAB5E8C, 0x8DC0DD8F,
1794 0xE330A81A, 0x115B2B19, 0x020BD8ED, 0xF0605BEE,
1795 0x24AA3F05, 0xD6C1BC06, 0xC5914FF2, 0x37FACCF1,
1796 0x69E9F0D5, 0x9B8273D6, 0x88D28022, 0x7AB90321,
1797 0xAE7367CA, 0x5C18E4C9, 0x4F48173D, 0xBD23943E,
1798 0xF36E6F75, 0x0105EC76, 0x12551F82, 0xE03E9C81,
1799 0x34F4F86A, 0xC69F7B69, 0xD5CF889D, 0x27A40B9E,
1800 0x79B737BA, 0x8BDCB4B9, 0x988C474D, 0x6AE7C44E,
1801 0xBE2DA0A5, 0x4C4623A6, 0x5F16D052, 0xAD7D5351
1805 sctp_crc32c(const void *packet, u_int32_t len)
1807 u_int32_t i, crc32c;
1808 u_int8_t byte0, byte1, byte2, byte3;
1809 const u_int8_t *buf = (const u_int8_t *)packet;
1812 for (i = 0; i < len; i++)
1813 CRC32C(crc32c, buf[i]);
1815 byte0 = crc32c & 0xff;
1816 byte1 = (crc32c >> 8) & 0xff;
1817 byte2 = (crc32c >> 16) & 0xff;
1818 byte3 = (crc32c >> 24) & 0xff;
1819 crc32c = ((byte0 << 24) | (byte1 << 16) | (byte2 << 8) | byte3);
1820 return (htonl(crc32c));
1824 * Subtract 2 timeval structs: out = out - in.
1825 * Out is assumed to be within about LONG_MAX seconds of in.
1828 tvsub(register struct timeval *out, register struct timeval *in)
1831 if ((out->tv_usec -= in->tv_usec) < 0) {
1833 out->tv_usec += 1000000;
1835 out->tv_sec -= in->tv_sec;
1839 * Construct an Internet address representation.
1840 * If the nflag has been supplied, give
1841 * numeric value, otherwise try for symbolic name.
1844 inetname(struct in_addr in)
1847 register struct hostent *hp;
1848 static int first = 1;
1849 static char domain[MAXHOSTNAMELEN + 1], line[MAXHOSTNAMELEN + 1];
1851 if (first && !nflag) {
1853 if (gethostname(domain, sizeof(domain) - 1) < 0)
1856 cp = strchr(domain, '.');
1860 hp = cap_gethostbyname(capdns, domain);
1863 hp = gethostbyname(domain);
1865 cp = strchr(hp->h_name, '.');
1871 (void)strncpy(domain, cp, sizeof(domain) - 1);
1872 domain[sizeof(domain) - 1] = '\0';
1876 if (!nflag && in.s_addr != INADDR_ANY) {
1879 hp = cap_gethostbyaddr(capdns, (char *)&in, sizeof(in),
1883 hp = gethostbyaddr((char *)&in, sizeof(in), AF_INET);
1885 if ((cp = strchr(hp->h_name, '.')) != NULL &&
1886 strcmp(cp + 1, domain) == 0)
1888 (void)strncpy(line, hp->h_name, sizeof(line) - 1);
1889 line[sizeof(line) - 1] = '\0';
1893 return (inet_ntoa(in));
1897 gethostinfo(register char *hostname)
1900 register struct hostent *hp;
1901 register struct hostinfo *hi;
1903 register u_int32_t addr, *ap;
1905 if (strlen(hostname) >= MAXHOSTNAMELEN) {
1906 Fprintf(stderr, "%s: hostname \"%.32s...\" is too long\n",
1910 hi = calloc(1, sizeof(*hi));
1912 Fprintf(stderr, "%s: calloc %s\n", prog, strerror(errno));
1915 addr = inet_addr(hostname);
1916 if ((int32_t)addr != -1) {
1917 hi->name = strdup(hostname);
1919 hi->addrs = calloc(1, sizeof(hi->addrs[0]));
1920 if (hi->addrs == NULL) {
1921 Fprintf(stderr, "%s: calloc %s\n",
1922 prog, strerror(errno));
1925 hi->addrs[0] = addr;
1931 hp = cap_gethostbyname(capdns, hostname);
1934 hp = gethostbyname(hostname);
1936 Fprintf(stderr, "%s: unknown host %s\n", prog, hostname);
1939 if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
1940 Fprintf(stderr, "%s: bad host %s\n", prog, hostname);
1943 hi->name = strdup(hp->h_name);
1944 for (n = 0, p = hp->h_addr_list; *p != NULL; ++n, ++p)
1947 hi->addrs = calloc(n, sizeof(hi->addrs[0]));
1948 if (hi->addrs == NULL) {
1949 Fprintf(stderr, "%s: calloc %s\n", prog, strerror(errno));
1952 for (ap = hi->addrs, p = hp->h_addr_list; *p != NULL; ++ap, ++p)
1953 memcpy(ap, *p, sizeof(*ap));
1958 freehostinfo(register struct hostinfo *hi)
1960 if (hi->name != NULL) {
1964 free((char *)hi->addrs);
1969 getaddr(register u_int32_t *ap, register char *hostname)
1971 register struct hostinfo *hi;
1973 hi = gethostinfo(hostname);
1979 setsin(register struct sockaddr_in *sin, register u_int32_t addr)
1982 memset(sin, 0, sizeof(*sin));
1983 sin->sin_len = sizeof(*sin);
1984 sin->sin_family = AF_INET;
1985 sin->sin_addr.s_addr = addr;
1988 /* String to value with optional min and max. Handles decimal and hex. */
1990 str2val(register const char *str, register const char *what,
1991 register int mi, register int ma)
1993 register const char *cp;
1997 if (str[0] == '0' && (str[1] == 'x' || str[1] == 'X')) {
1999 val = (int)strtol(cp, &ep, 16);
2001 val = (int)strtol(str, &ep, 10);
2003 Fprintf(stderr, "%s: \"%s\" bad value for %s\n",
2007 if (val < mi && mi >= 0) {
2009 Fprintf(stderr, "%s: %s must be >= %d\n",
2012 Fprintf(stderr, "%s: %s must be > %d\n",
2013 prog, what, mi - 1);
2016 if (val > ma && ma >= 0) {
2017 Fprintf(stderr, "%s: %s must be <= %d\n", prog, what, ma);
2024 setproto(char *pname)
2026 struct outproto *proto;
2029 for (i = 0; protos[i].name != NULL; i++) {
2030 if (strcasecmp(protos[i].name, pname) == 0) {
2035 if (proto->name == NULL) { /* generic handler */
2036 struct protoent *pe;
2039 /* Determine the IP protocol number */
2040 if ((pe = getprotobyname(pname)) != NULL)
2043 pnum = str2val(optarg, "proto number", 1, 255);
2050 pkt_compare(const u_char *a, int la, const u_char *b, int lb) {
2054 for (i = 0; i < la; i++)
2055 Printf("%02x", (unsigned int)a[i]);
2057 l = (la <= lb) ? la : lb;
2058 for (i = 0; i < l; i++)
2062 Printf("%02x", (unsigned int)b[i]);
2064 Printf("%02x", (unsigned int)b[i]);
2073 "Usage: %s [-adDeEFInrSvx] [-A as_server] [-f first_ttl] [-g gateway]\n"
2074 "\t[-i iface] [-m max_ttl] [-M first_ttl] [-p port] [-P proto]\n"
2075 "\t[-q nprobes] [-s src_addr] [-t tos] [-w waittime]\n"
2076 "\t[-z pausemsecs] host [packetlen]\n", prog);