2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
25 static const char rcsid[] _U_ =
26 "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.159 2007-09-14 01:29:28 guy Exp $ (LBL)";
33 #include <tcpdump-stdinc.h>
39 #include "addrtoname.h"
40 #include "interface.h"
41 #include "extract.h" /* must come after interface.h */
46 struct tok ip_option_values[] = {
49 { IPOPT_TS, "timestamp" },
50 { IPOPT_SECURITY, "security" },
52 { IPOPT_SSRR, "SSRR" },
53 { IPOPT_LSRR, "LSRR" },
55 { IPOPT_RFC1393, "traceroute" },
60 * print the recorded route in an IP RR, LSRR or SSRR option.
63 ip_printroute(register const u_char *cp, u_int length)
69 printf(" [bad length %u]", length);
73 printf(" [bad length %u]", length);
75 if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1)
76 printf(" [bad ptr %u]", cp[2]);
78 for (len = 3; len < length; len += 4) {
79 printf(" %s", ipaddr_string(&cp[len]));
86 * If source-routing is present and valid, return the final destination.
87 * Otherwise, return IP destination.
89 * This is used for UDP and TCP pseudo-header in the checksum
93 ip_finddst(const struct ip *ip)
100 cp = (const u_char *)(ip + 1);
101 length = (IP_HL(ip) << 2) - sizeof(struct ip);
103 for (; length > 0; cp += len, length -= len) {
110 else if (tt == IPOPT_NOP)
125 memcpy(&retval, cp + len - 4, 4);
130 memcpy(&retval, &ip->ip_dst.s_addr, sizeof(u_int32_t));
135 * Compute a V4-style checksum by building a pseudoheader.
138 nextproto4_cksum(const struct ip *ip, const u_int8_t *data,
139 u_int len, u_int next_proto)
148 struct cksum_vec vec[2];
150 /* pseudo-header.. */
151 ph.len = htons((u_int16_t)len);
153 ph.proto = next_proto;
154 memcpy(&ph.src, &ip->ip_src.s_addr, sizeof(u_int32_t));
156 memcpy(&ph.dst, &ip->ip_dst.s_addr, sizeof(u_int32_t));
158 ph.dst = ip_finddst(ip);
160 vec[0].ptr = (const u_int8_t *)(void *)&ph;
161 vec[0].len = sizeof(ph);
164 return (in_cksum(vec, 2));
168 ip_printts(register const u_char *cp, u_int length)
176 printf("[bad length %u]", length);
180 hoplen = ((cp[3]&0xF) != IPOPT_TS_TSONLY) ? 8 : 4;
181 if ((length - 4) & (hoplen-1))
182 printf("[bad length %u]", length);
185 if (ptr < 4 || ((ptr - 4) & (hoplen-1)) || ptr > length + 1)
186 printf("[bad ptr %u]", cp[2]);
188 case IPOPT_TS_TSONLY:
191 case IPOPT_TS_TSANDADDR:
195 * prespecified should really be 3, but some ones might send 2
196 * instead, and the IPOPT_TS_PRESPEC constant can apparently
197 * have both values, so we have to hard-code it here.
201 printf("PRESPEC2.0");
203 case 3: /* IPOPT_TS_PRESPEC */
207 printf("[bad ts type %d]", cp[3]&0xF);
212 for (len = 4; len < length; len += hoplen) {
215 printf("%s%d@%s", type, EXTRACT_32BITS(&cp[len+hoplen-4]),
216 hoplen!=8 ? "" : ipaddr_string(&cp[len]));
221 printf("%s", ptr == len ? " ^ " : "");
224 printf(" [%d hops not recorded]} ", cp[3]>>4);
233 ip_optprint(register const u_char *cp, u_int length)
235 register u_int option_len;
236 const char *sep = "";
238 for (; length > 0; cp += option_len, length -= option_len) {
248 tok2str(ip_option_values,"unknown %u",option_code));
250 if (option_code == IPOPT_NOP ||
251 option_code == IPOPT_EOL)
257 if (option_len < 2) {
258 printf(" [bad length %u]", option_len);
263 if (option_len > length) {
264 printf(" [bad length %u]", option_len);
268 TCHECK2(*cp, option_len);
270 switch (option_code) {
275 ip_printts(cp, option_len);
278 case IPOPT_RR: /* fall through */
281 ip_printroute(cp, option_len);
285 if (option_len < 4) {
286 printf(" [bad length %u]", option_len);
290 if (EXTRACT_16BITS(&cp[2]) != 0)
291 printf(" value %u", EXTRACT_16BITS(&cp[2]));
294 case IPOPT_NOP: /* nothing to print - fall through */
306 #define IP_RES 0x8000
308 static struct tok ip_frag_values[] = {
311 { IP_RES, "rsvd" }, /* The RFC3514 evil ;-) bit */
315 struct ip_print_demux_state {
324 ip_print_demux(netdissect_options *ndo,
325 struct ip_print_demux_state *ipds)
327 struct protoent *proto;
328 struct cksum_vec vec[1];
334 ipds->nh = *ipds->cp;
335 ipds->advance = ah_print(ipds->cp);
336 if (ipds->advance <= 0)
338 ipds->cp += ipds->advance;
339 ipds->len -= ipds->advance;
345 ipds->advance = esp_print(ndo, ipds->cp, ipds->len,
346 (const u_char *)ipds->ip,
348 if (ipds->advance <= 0)
350 ipds->cp += ipds->advance;
351 ipds->len -= ipds->advance + padlen;
352 ipds->nh = enh & 0xff;
359 ipds->advance = ipcomp_print(ipds->cp, &enh);
360 if (ipds->advance <= 0)
362 ipds->cp += ipds->advance;
363 ipds->len -= ipds->advance;
364 ipds->nh = enh & 0xff;
369 sctp_print(ipds->cp, (const u_char *)ipds->ip, ipds->len);
373 dccp_print(ipds->cp, (const u_char *)ipds->ip, ipds->len);
377 /* pass on the MF bit plus the offset to detect fragments */
378 tcp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip,
379 ipds->off & (IP_MF|IP_OFFMASK));
383 /* pass on the MF bit plus the offset to detect fragments */
384 udp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip,
385 ipds->off & (IP_MF|IP_OFFMASK));
389 /* pass on the MF bit plus the offset to detect fragments */
390 icmp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip,
391 ipds->off & (IP_MF|IP_OFFMASK));
396 * XXX - the current IANA protocol number assignments
397 * page lists 9 as "any private interior gateway
398 * (used by Cisco for their IGRP)" and 88 as
399 * "EIGRP" from Cisco.
401 * Recent BSD <netinet/in.h> headers define
402 * IP_PROTO_PIGP as 9 and IP_PROTO_IGRP as 88.
403 * We define IP_PROTO_PIGP as 9 and
404 * IP_PROTO_EIGRP as 88; those names better
405 * match was the current protocol number
408 igrp_print(ipds->cp, ipds->len, (const u_char *)ipds->ip);
412 eigrp_print(ipds->cp, ipds->len);
416 ND_PRINT((ndo, " nd %d", ipds->len));
420 egp_print(ipds->cp, ipds->len);
424 ospf_print(ipds->cp, ipds->len, (const u_char *)ipds->ip);
428 igmp_print(ipds->cp, ipds->len);
432 /* DVMRP multicast tunnel (ip-in-ip encapsulation) */
433 ip_print(ndo, ipds->cp, ipds->len);
435 ND_PRINT((ndo, " (ipip-proto-4)"));
442 /* ip6-in-ip encapsulation */
443 ip6_print(ndo, ipds->cp, ipds->len);
448 rsvp_print(ipds->cp, ipds->len);
453 gre_print(ipds->cp, ipds->len);
457 mobile_print(ipds->cp, ipds->len);
461 vec[0].ptr = ipds->cp;
462 vec[0].len = ipds->len;
463 pim_print(ipds->cp, ipds->len, in_cksum(vec, 1));
467 if (packettype == PT_CARP) {
469 (void)printf("carp %s > %s: ",
470 ipaddr_string(&ipds->ip->ip_src),
471 ipaddr_string(&ipds->ip->ip_dst));
472 carp_print(ipds->cp, ipds->len, ipds->ip->ip_ttl);
475 (void)printf("vrrp %s > %s: ",
476 ipaddr_string(&ipds->ip->ip_src),
477 ipaddr_string(&ipds->ip->ip_dst));
478 vrrp_print(ipds->cp, ipds->len, ipds->ip->ip_ttl);
483 pgm_print(ipds->cp, ipds->len, (const u_char *)ipds->ip);
486 #if defined(HAVE_NET_PFVAR_H)
488 pfsync_ip_print(ipds->cp, ipds->len);
493 if (ndo->ndo_nflag==0 && (proto = getprotobynumber(ipds->nh)) != NULL)
494 ND_PRINT((ndo, " %s", proto->p_name));
496 ND_PRINT((ndo, " ip-proto-%d", ipds->nh));
497 ND_PRINT((ndo, " %d", ipds->len));
503 ip_print_inner(netdissect_options *ndo,
505 u_int length, u_int nh,
508 struct ip_print_demux_state ipd;
510 ipd.ip = (const struct ip *)bp2;
517 ip_print_demux(ndo, &ipd);
522 * print an IP datagram.
525 ip_print(netdissect_options *ndo,
529 struct ip_print_demux_state ipd;
530 struct ip_print_demux_state *ipds=&ipd;
533 struct cksum_vec vec[1];
534 u_int16_t sum, ip_sum;
535 struct protoent *proto;
537 ipds->ip = (const struct ip *)bp;
538 if (IP_V(ipds->ip) != 4) { /* print version if != 4 */
539 printf("IP%u ", IP_V(ipds->ip));
540 if (IP_V(ipds->ip) == 6)
541 printf(", wrong link-layer encapsulation");
546 if ((u_char *)(ipds->ip + 1) > ndo->ndo_snapend) {
550 if (length < sizeof (struct ip)) {
551 (void)printf("truncated-ip %u", length);
554 hlen = IP_HL(ipds->ip) * 4;
555 if (hlen < sizeof (struct ip)) {
556 (void)printf("bad-hlen %u", hlen);
560 ipds->len = EXTRACT_16BITS(&ipds->ip->ip_len);
561 if (length < ipds->len)
562 (void)printf("truncated-ip - %u bytes missing! ",
564 if (ipds->len < hlen) {
567 (void)printf("bad-len %u", ipds->len);
571 /* we guess that it is a TSO send */
575 (void)printf("bad-len %u", ipds->len);
577 #endif /* GUESS_TSO */
581 * Cut off the snapshot length to the end of the IP payload.
583 ipend = bp + ipds->len;
584 if (ipend < ndo->ndo_snapend)
585 ndo->ndo_snapend = ipend;
589 ipds->off = EXTRACT_16BITS(&ipds->ip->ip_off);
592 (void)printf("(tos 0x%x", (int)ipds->ip->ip_tos);
594 if (ipds->ip->ip_tos & 0x03) {
595 switch (ipds->ip->ip_tos & 0x03) {
597 (void)printf(",ECT(1)");
600 (void)printf(",ECT(0)");
607 if (ipds->ip->ip_ttl >= 1)
608 (void)printf(", ttl %u", ipds->ip->ip_ttl);
611 * for the firewall guys, print id, offset.
612 * On all but the last stick a "+" in the flags portion.
613 * For unfragmented datagrams, note the don't fragment flag.
616 (void)printf(", id %u, offset %u, flags [%s], proto %s (%u)",
617 EXTRACT_16BITS(&ipds->ip->ip_id),
618 (ipds->off & 0x1fff) * 8,
619 bittok2str(ip_frag_values, "none", ipds->off&0xe000),
620 tok2str(ipproto_values,"unknown",ipds->ip->ip_p),
623 (void)printf(", length %u", EXTRACT_16BITS(&ipds->ip->ip_len));
625 if ((hlen - sizeof(struct ip)) > 0) {
626 printf(", options (");
627 ip_optprint((u_char *)(ipds->ip + 1), hlen - sizeof(struct ip));
631 if (!Kflag && (u_char *)ipds->ip + hlen <= ndo->ndo_snapend) {
632 vec[0].ptr = (const u_int8_t *)(void *)ipds->ip;
634 sum = in_cksum(vec, 1);
636 ip_sum = EXTRACT_16BITS(&ipds->ip->ip_sum);
637 (void)printf(", bad cksum %x (->%x)!", ip_sum,
638 in_cksum_shouldbe(ip_sum, sum));
646 * If this is fragment zero, hand it to the next higher
649 if ((ipds->off & 0x1fff) == 0) {
650 ipds->cp = (const u_char *)ipds->ip + hlen;
651 ipds->nh = ipds->ip->ip_p;
653 if (ipds->nh != IPPROTO_TCP && ipds->nh != IPPROTO_UDP &&
654 ipds->nh != IPPROTO_SCTP && ipds->nh != IPPROTO_DCCP) {
655 (void)printf("%s > %s: ",
656 ipaddr_string(&ipds->ip->ip_src),
657 ipaddr_string(&ipds->ip->ip_dst));
659 ip_print_demux(ndo, ipds);
661 /* Ultra quiet now means that all this stuff should be suppressed */
662 if (qflag > 1) return;
665 * if this isn't the first frag, we're missing the
666 * next level protocol header. print the ip addr
669 if (ipds->off & 0x1fff) {
670 (void)printf("%s > %s:", ipaddr_string(&ipds->ip->ip_src),
671 ipaddr_string(&ipds->ip->ip_dst));
672 if (!ndo->ndo_nflag && (proto = getprotobynumber(ipds->ip->ip_p)) != NULL)
673 (void)printf(" %s", proto->p_name);
675 (void)printf(" ip-proto-%d", ipds->ip->ip_p);
681 ipN_print(register const u_char *bp, register u_int length)
685 ip = (struct ip *)bp;
687 (void)printf("truncated-ip %d", length);
690 memcpy (&hdr, (char *)ip, 4);
691 switch (IP_V(&hdr)) {
693 ip_print (gndo, bp, length);
697 ip6_print (gndo, bp, length);
701 (void)printf("unknown ip %d", IP_V(&hdr));
708 * c-style: whitesmith
projects / FreeBSD / stable / 10.git / blob