diff --git a/contrib/tcpdump/netdissect.h b/contrib/tcpdump/netdissect.h index 20b5ef63668c..8612e11c3c7e 100644 --- a/contrib/tcpdump/netdissect.h +++ b/contrib/tcpdump/netdissect.h @@ -1,658 +1,659 @@ /* * Copyright (c) 1988-1997 * The Regents of the University of California. All rights reserved. * * Copyright (c) 1998-2012 Michael Richardson * The TCPDUMP project * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that: (1) source code distributions * retain the above copyright notice and this paragraph in its entirety, (2) * distributions including binary code include the above copyright notice and * this paragraph in its entirety in the documentation or other materials * provided with the distribution, and (3) all advertising materials mentioning * features or use of this software display the following acknowledgement: * ``This product includes software developed by the University of California, * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of * the University nor the names of its contributors may be used to endorse * or promote products derived from this software without specific prior * written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ #ifndef netdissect_h #define netdissect_h #ifdef HAVE_OS_PROTO_H #include "os-proto.h" #endif #include #ifndef HAVE___ATTRIBUTE__ #define __attribute__(x) #endif /* * Data types corresponding to multi-byte integral values within data * structures. These are defined as arrays of octets, so that they're * not aligned on their "natural" boundaries, and so that you *must* * use the EXTRACT_ macros to extract them (which you should be doing * *anyway*, so as not to assume a particular byte order or alignment * in your code). */ typedef unsigned char nd_uint16_t[2]; typedef unsigned char nd_uint24_t[3]; typedef unsigned char nd_uint32_t[4]; typedef unsigned char nd_uint40_t[5]; typedef unsigned char nd_uint48_t[6]; typedef unsigned char nd_uint56_t[7]; typedef unsigned char nd_uint64_t[8]; /* * Use this for IPv4 addresses. It's defined as an array of octets, so * that it's not aligned on its "natural" boundary, and it's defined as * a structure in the hopes that this makes it harder to naively use * EXTRACT_32BITS() to extract the value - in many cases you just want * to use UNALIGNED_MEMCPY() to copy its value, so that it remains in * network byte order. */ typedef struct { unsigned char bytes[4]; } nd_ipv4; /* * Data types corresponding to single-byte integral values, for * completeness. */ typedef unsigned char nd_uint8_t; typedef signed char nd_int8_t; /* snprintf et al */ #include #include #include "ip.h" /* struct ip for nextproto4_cksum() */ #include "ip6.h" /* struct ip6 for nextproto6_cksum() */ extern int32_t thiszone; /* seconds offset from gmt to local time */ /* invalid string to print '(invalid)' for malformed or corrupted packets */ extern const char istr[]; #if !defined(HAVE_SNPRINTF) int snprintf (char *str, size_t sz, FORMAT_STRING(const char *format), ...) PRINTFLIKE(3, 4); #endif /* !defined(HAVE_SNPRINTF) */ #if !defined(HAVE_VSNPRINTF) int vsnprintf (char *str, size_t sz, FORMAT_STRING(const char *format), va_list ap) PRINTFLIKE(3, 0); #endif /* !defined(HAVE_VSNPRINTF) */ #ifndef HAVE_STRLCAT extern size_t strlcat (char *, const char *, size_t); #endif #ifndef HAVE_STRLCPY extern size_t strlcpy (char *, const char *, size_t); #endif #ifndef HAVE_STRDUP extern char *strdup (const char *str); #endif #ifndef HAVE_STRSEP extern char *strsep(char **, const char *); #endif struct tok { u_int v; /* value */ const char *s; /* string */ }; extern const char *tok2strbuf(const struct tok *, const char *, u_int, char *buf, size_t bufsize); /* tok2str is deprecated */ extern const char *tok2str(const struct tok *, const char *, u_int); extern char *bittok2str(const struct tok *, const char *, u_int); extern char *bittok2str_nosep(const struct tok *, const char *, u_int); /* Initialize netdissect. */ extern int nd_init(char *, size_t); /* Clean up netdissect. */ extern void nd_cleanup(void); /* Do we have libsmi support? */ extern int nd_have_smi_support(void); /* Load an SMI module. */ extern int nd_load_smi_module(const char *, char *, size_t); /* Flag indicating whether an SMI module has been loaded. */ extern int nd_smi_module_loaded; /* Version number of the SMI library, or NULL if we don't have libsmi support. */ extern const char *nd_smi_version_string(void); typedef struct netdissect_options netdissect_options; #define IF_PRINTER_ARGS (netdissect_options *, const struct pcap_pkthdr *, const u_char *) typedef u_int (*if_printer) IF_PRINTER_ARGS; struct netdissect_options { int ndo_bflag; /* print 4 byte ASes in ASDOT notation */ int ndo_eflag; /* print ethernet header */ int ndo_fflag; /* don't translate "foreign" IP address */ int ndo_Kflag; /* don't check TCP checksums */ int ndo_nflag; /* leave addresses as numbers */ int ndo_Nflag; /* remove domains from printed host names */ int ndo_qflag; /* quick (shorter) output */ int ndo_Sflag; /* print raw TCP sequence numbers */ int ndo_tflag; /* print packet arrival time */ int ndo_uflag; /* Print undecoded NFS handles */ int ndo_vflag; /* verbosity level */ int ndo_xflag; /* print packet in hex */ int ndo_Xflag; /* print packet in hex/ascii */ int ndo_Aflag; /* print packet only in ascii observing TAB, * LF, CR and SPACE as graphical chars */ int ndo_Hflag; /* dissect 802.11s draft mesh standard */ int ndo_packet_number; /* print a packet number in the beginning of line */ int ndo_suppress_default_print; /* don't use default_print() for unknown packet types */ int ndo_tstamp_precision; /* requested time stamp precision */ const char *program_name; /* Name of the program using the library */ char *ndo_espsecret; struct sa_list *ndo_sa_list_head; /* used by print-esp.c */ struct sa_list *ndo_sa_default; char *ndo_sigsecret; /* Signature verification secret key */ int ndo_packettype; /* as specified by -T */ int ndo_snaplen; /*global pointers to beginning and end of current packet (during printing) */ const u_char *ndo_packetp; const u_char *ndo_snapend; /* pointer to the if_printer function */ if_printer ndo_if_printer; /* pointer to void function to output stuff */ void (*ndo_default_print)(netdissect_options *, register const u_char *bp, register u_int length); /* pointer to function to do regular output */ int (*ndo_printf)(netdissect_options *, const char *fmt, ...) #ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS __attribute__ ((format (printf, 2, 3))) #endif ; /* pointer to function to output errors */ void (*ndo_error)(netdissect_options *, const char *fmt, ...) #ifdef __ATTRIBUTE___NORETURN_OK_FOR_FUNCTION_POINTERS __attribute__ ((noreturn)) #endif /* __ATTRIBUTE___NORETURN_OK_FOR_FUNCTION_POINTERS */ #ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS __attribute__ ((format (printf, 2, 3))) #endif /* __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS */ ; /* pointer to function to output warnings */ void (*ndo_warning)(netdissect_options *, const char *fmt, ...) #ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS __attribute__ ((format (printf, 2, 3))) #endif ; }; #define PT_VAT 1 /* Visual Audio Tool */ #define PT_WB 2 /* distributed White Board */ #define PT_RPC 3 /* Remote Procedure Call */ #define PT_RTP 4 /* Real-Time Applications protocol */ #define PT_RTCP 5 /* Real-Time Applications control protocol */ #define PT_SNMP 6 /* Simple Network Management Protocol */ #define PT_CNFP 7 /* Cisco NetFlow protocol */ #define PT_TFTP 8 /* trivial file transfer protocol */ #define PT_AODV 9 /* Ad-hoc On-demand Distance Vector Protocol */ #define PT_CARP 10 /* Common Address Redundancy Protocol */ #define PT_RADIUS 11 /* RADIUS authentication Protocol */ #define PT_ZMTP1 12 /* ZeroMQ Message Transport Protocol 1.0 */ #define PT_VXLAN 13 /* Virtual eXtensible Local Area Network */ #define PT_PGM 14 /* [UDP-encapsulated] Pragmatic General Multicast */ #define PT_PGM_ZMTP1 15 /* ZMTP/1.0 inside PGM (native or UDP-encapsulated) */ #define PT_LMP 16 /* Link Management Protocol */ #define PT_RESP 17 /* RESP */ #ifndef min #define min(a,b) ((a)>(b)?(b):(a)) #endif #ifndef max #define max(a,b) ((b)>(a)?(b):(a)) #endif /* For source or destination ports tests (UDP, TCP, ...) */ #define IS_SRC_OR_DST_PORT(p) (sport == (p) || dport == (p)) /* * Maximum snapshot length. This should be enough to capture the full * packet on most network interfaces. * * * Somewhat arbitrary, but chosen to be: * * 1) big enough for maximum-size Linux loopback packets (65549) * and some USB packets captured with USBPcap: * * http://desowin.org/usbpcap/ * * (> 131072, < 262144) * * and * * 2) small enough not to cause attempts to allocate huge amounts of * memory; some applications might use the snapshot length in a * savefile header to control the size of the buffer they allocate, * so a size of, say, 2^31-1 might not work well. * * XXX - does it need to be bigger still? */ #define MAXIMUM_SNAPLEN 262144 /* * The default snapshot length is the maximum. */ #define DEFAULT_SNAPLEN MAXIMUM_SNAPLEN #define ESRC(ep) ((ep)->ether_shost) #define EDST(ep) ((ep)->ether_dhost) #ifndef NTOHL #define NTOHL(x) (x) = ntohl(x) #define NTOHS(x) (x) = ntohs(x) #define HTONL(x) (x) = htonl(x) #define HTONS(x) (x) = htons(x) #endif /* * True if "l" bytes of "var" were captured. * * The "ndo->ndo_snapend - (l) <= ndo->ndo_snapend" checks to make sure * "l" isn't so large that "ndo->ndo_snapend - (l)" underflows. * * The check is for <= rather than < because "l" might be 0. * * We cast the pointers to uintptr_t to make sure that the compiler * doesn't optimize away any of these tests (which it is allowed to * do, as adding an integer to, or subtracting an integer from, a * pointer assumes that the pointer is a pointer to an element of an * array and that the result of the addition or subtraction yields a * pointer to another member of the array, so that, for example, if * you subtract a positive integer from a pointer, the result is * guaranteed to be less than the original pointer value). See * * http://www.kb.cert.org/vuls/id/162289 */ /* * Test in two parts to avoid these warnings: * comparison of unsigned expression >= 0 is always true [-Wtype-limits], * comparison is always true due to limited range of data type [-Wtype-limits]. */ #define IS_NOT_NEGATIVE(x) (((x) > 0) || ((x) == 0)) #define ND_TTEST2(var, l) \ (IS_NOT_NEGATIVE(l) && \ ((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \ (uintptr_t)&(var) <= (uintptr_t)ndo->ndo_snapend - (l))) /* True if "var" was captured */ #define ND_TTEST(var) ND_TTEST2(var, sizeof(var)) /* Bail if "l" bytes of "var" were not captured */ #define ND_TCHECK2(var, l) if (!ND_TTEST2(var, l)) goto trunc /* Bail if "var" was not captured */ #define ND_TCHECK(var) ND_TCHECK2(var, sizeof(var)) #define ND_PRINT(STUFF) (*ndo->ndo_printf)STUFF #define ND_DEFAULTPRINT(ap, length) (*ndo->ndo_default_print)(ndo, ap, length) extern void ts_print(netdissect_options *, const struct timeval *); extern void signed_relts_print(netdissect_options *, int32_t); extern void unsigned_relts_print(netdissect_options *, uint32_t); extern void fn_print_char(netdissect_options *, u_char); extern int fn_print(netdissect_options *, const u_char *, const u_char *); extern u_int fn_printztn(netdissect_options *ndo, const u_char *, u_int, const u_char *); extern int fn_printn(netdissect_options *, const u_char *, u_int, const u_char *); extern int fn_printzp(netdissect_options *, const u_char *, u_int, const u_char *); /* * Flags for txtproto_print(). */ #define RESP_CODE_SECOND_TOKEN 0x00000001 /* response code is second token in response line */ extern void txtproto_print(netdissect_options *, const u_char *, u_int, const char *, const char **, u_int); /* * Locale-independent macros for testing character properties and * stripping the 8th bit from characters. Assumed to be handed * a value between 0 and 255, i.e. don't hand them a char, as * those might be in the range -128 to 127. */ #define ND_ISASCII(c) (!((c) & 0x80)) /* value is an ASCII code point */ #define ND_ISPRINT(c) ((c) >= 0x20 && (c) <= 0x7E) #define ND_ISGRAPH(c) ((c) > 0x20 && (c) <= 0x7E) #define ND_TOASCII(c) ((c) & 0x7F) extern void safeputchar(netdissect_options *, const u_char); extern void safeputs(netdissect_options *, const u_char *, const u_int); #ifdef LBL_ALIGN /* * The processor doesn't natively handle unaligned loads, * and the compiler might "helpfully" optimize memcpy() * and memcmp(), when handed pointers that would normally * be properly aligned, into sequences that assume proper * alignment. * * Do copies and compares of possibly-unaligned data by * calling routines that wrap memcpy() and memcmp(), to * prevent that optimization. */ extern void unaligned_memcpy(void *, const void *, size_t); extern int unaligned_memcmp(const void *, const void *, size_t); #define UNALIGNED_MEMCPY(p, q, l) unaligned_memcpy((p), (q), (l)) #define UNALIGNED_MEMCMP(p, q, l) unaligned_memcmp((p), (q), (l)) #else /* * The procesor natively handles unaligned loads, so just use memcpy() * and memcmp(), to enable those optimizations. */ #define UNALIGNED_MEMCPY(p, q, l) memcpy((p), (q), (l)) #define UNALIGNED_MEMCMP(p, q, l) memcmp((p), (q), (l)) #endif #define PLURAL_SUFFIX(n) \ (((n) != 1) ? "s" : "") extern const char *tok2strary_internal(const char **, int, const char *, int); #define tok2strary(a,f,i) tok2strary_internal(a, sizeof(a)/sizeof(a[0]),f,i) extern if_printer lookup_printer(int); /* The DLT printer routines */ extern u_int ap1394_if_print IF_PRINTER_ARGS; extern u_int arcnet_if_print IF_PRINTER_ARGS; extern u_int arcnet_linux_if_print IF_PRINTER_ARGS; extern u_int atm_if_print IF_PRINTER_ARGS; extern u_int bt_if_print IF_PRINTER_ARGS; extern u_int chdlc_if_print IF_PRINTER_ARGS; extern u_int cip_if_print IF_PRINTER_ARGS; extern u_int enc_if_print IF_PRINTER_ARGS; extern u_int ether_if_print IF_PRINTER_ARGS; extern u_int fddi_if_print IF_PRINTER_ARGS; extern u_int fr_if_print IF_PRINTER_ARGS; extern u_int ieee802_11_if_print IF_PRINTER_ARGS; extern u_int ieee802_11_radio_avs_if_print IF_PRINTER_ARGS; extern u_int ieee802_11_radio_if_print IF_PRINTER_ARGS; extern u_int ieee802_15_4_if_print IF_PRINTER_ARGS; extern u_int ipfc_if_print IF_PRINTER_ARGS; extern u_int ipnet_if_print IF_PRINTER_ARGS; extern u_int juniper_atm1_print IF_PRINTER_ARGS; extern u_int juniper_atm2_print IF_PRINTER_ARGS; extern u_int juniper_chdlc_print IF_PRINTER_ARGS; extern u_int juniper_es_print IF_PRINTER_ARGS; extern u_int juniper_ether_print IF_PRINTER_ARGS; extern u_int juniper_frelay_print IF_PRINTER_ARGS; extern u_int juniper_ggsn_print IF_PRINTER_ARGS; extern u_int juniper_mfr_print IF_PRINTER_ARGS; extern u_int juniper_mlfr_print IF_PRINTER_ARGS; extern u_int juniper_mlppp_print IF_PRINTER_ARGS; extern u_int juniper_monitor_print IF_PRINTER_ARGS; extern u_int juniper_ppp_print IF_PRINTER_ARGS; extern u_int juniper_pppoe_atm_print IF_PRINTER_ARGS; extern u_int juniper_pppoe_print IF_PRINTER_ARGS; extern u_int juniper_services_print IF_PRINTER_ARGS; extern u_int lane_if_print IF_PRINTER_ARGS; extern u_int ltalk_if_print IF_PRINTER_ARGS; extern u_int mfr_if_print IF_PRINTER_ARGS; extern u_int netanalyzer_if_print IF_PRINTER_ARGS; extern u_int netanalyzer_transparent_if_print IF_PRINTER_ARGS; extern u_int nflog_if_print IF_PRINTER_ARGS; extern u_int null_if_print IF_PRINTER_ARGS; extern u_int pflog_if_print IF_PRINTER_ARGS; extern u_int pktap_if_print IF_PRINTER_ARGS; extern u_int ppi_if_print IF_PRINTER_ARGS; extern u_int ppp_bsdos_if_print IF_PRINTER_ARGS; extern u_int ppp_hdlc_if_print IF_PRINTER_ARGS; extern u_int ppp_if_print IF_PRINTER_ARGS; extern u_int pppoe_if_print IF_PRINTER_ARGS; extern u_int prism_if_print IF_PRINTER_ARGS; extern u_int raw_if_print IF_PRINTER_ARGS; extern u_int sl_bsdos_if_print IF_PRINTER_ARGS; extern u_int sl_if_print IF_PRINTER_ARGS; extern u_int sll_if_print IF_PRINTER_ARGS; extern u_int sunatm_if_print IF_PRINTER_ARGS; extern u_int symantec_if_print IF_PRINTER_ARGS; extern u_int token_if_print IF_PRINTER_ARGS; extern u_int usb_linux_48_byte_print IF_PRINTER_ARGS; extern u_int usb_linux_64_byte_print IF_PRINTER_ARGS; /* * Structure passed to some printers to allow them to print * link-layer address information if ndo_eflag isn't set * (because they are for protocols that don't have their * own addresses, so that we'd want to report link-layer * address information). * * This contains a pointer to an address and a pointer to a routine * to which we pass that pointer in order to get a string. */ struct lladdr_info { const char *(*addr_string)(netdissect_options *, const u_char *); const u_char *addr; }; /* The printer routines. */ extern void aarp_print(netdissect_options *, const u_char *, u_int); extern int ah_print(netdissect_options *, register const u_char *); extern void ahcp_print(netdissect_options *, const u_char *, const u_int); extern void aodv_print(netdissect_options *, const u_char *, u_int, int); extern void aoe_print(netdissect_options *, const u_char *, const u_int); extern void arp_print(netdissect_options *, const u_char *, u_int, u_int); extern void ascii_print(netdissect_options *, const u_char *, u_int); extern void atalk_print(netdissect_options *, const u_char *, u_int); extern void atm_print(netdissect_options *, u_int, u_int, u_int, const u_char *, u_int, u_int); extern void babel_print(netdissect_options *, const u_char *, u_int); extern void beep_print(netdissect_options *, const u_char *, u_int); extern void bfd_print(netdissect_options *, const u_char *, u_int, u_int); extern void bgp_print(netdissect_options *, const u_char *, int); extern char *bgp_vpn_rd_print (netdissect_options *, const u_char *); extern void bootp_print(netdissect_options *, const u_char *, u_int); extern void calm_fast_print(netdissect_options *, const u_char *, u_int, const struct lladdr_info *); extern void carp_print(netdissect_options *, const u_char *, u_int, int); extern void cdp_print(netdissect_options *, const u_char *, u_int, u_int); extern void cfm_print(netdissect_options *, const u_char *, u_int); extern u_int chdlc_print(netdissect_options *, register const u_char *, u_int); extern void cisco_autorp_print(netdissect_options *, const u_char *, u_int); extern void cnfp_print(netdissect_options *, const u_char *); extern void dccp_print(netdissect_options *, const u_char *, const u_char *, u_int); extern void decnet_print(netdissect_options *, const u_char *, u_int, u_int); extern void dhcp6_print(netdissect_options *, const u_char *, u_int); extern int dstopt_print(netdissect_options *, const u_char *); extern void dtp_print(netdissect_options *, const u_char *, u_int); extern void dvmrp_print(netdissect_options *, const u_char *, u_int); extern void eap_print(netdissect_options *, const u_char *, u_int); extern void egp_print(netdissect_options *, const u_char *, u_int); extern void eigrp_print(netdissect_options *, const u_char *, u_int); extern int esp_print(netdissect_options *, const u_char *, const int, const u_char *, int *, int *); extern u_int ether_print(netdissect_options *, const u_char *, u_int, u_int, void (*)(netdissect_options *, const u_char *), const u_char *); extern int ethertype_print(netdissect_options *, u_short, const u_char *, u_int, u_int, const struct lladdr_info *, const struct lladdr_info *); extern u_int fddi_print(netdissect_options *, const u_char *, u_int, u_int); extern void forces_print(netdissect_options *, const u_char *, u_int); extern u_int fr_print(netdissect_options *, register const u_char *, u_int); extern int frag6_print(netdissect_options *, const u_char *, const u_char *); extern void ftp_print(netdissect_options *, const u_char *, u_int); extern void geneve_print(netdissect_options *, const u_char *, u_int); extern void geonet_print(netdissect_options *, const u_char *, u_int, const struct lladdr_info *); extern void gre_print(netdissect_options *, const u_char *, u_int); extern int hbhopt_print(netdissect_options *, const u_char *); extern void hex_and_ascii_print(netdissect_options *, const char *, const u_char *, u_int); extern void hex_and_ascii_print_with_offset(netdissect_options *, const char *, const u_char *, u_int, u_int); extern void hex_print(netdissect_options *, const char *ident, const u_char *cp, u_int); extern void hex_print_with_offset(netdissect_options *, const char *ident, const u_char *cp, u_int, u_int); extern void hncp_print(netdissect_options *, const u_char *, u_int); extern void hsrp_print(netdissect_options *, const u_char *, u_int); extern void http_print(netdissect_options *, const u_char *, u_int); extern void icmp6_print(netdissect_options *, const u_char *, u_int, const u_char *, int); extern void icmp_print(netdissect_options *, const u_char *, u_int, const u_char *, int); extern u_int ieee802_11_radio_print(netdissect_options *, const u_char *, u_int, u_int); extern void igmp_print(netdissect_options *, const u_char *, u_int); extern void igrp_print(netdissect_options *, const u_char *, u_int); extern void ip6_print(netdissect_options *, const u_char *, u_int); extern void ipN_print(netdissect_options *, const u_char *, u_int); extern void ip_print(netdissect_options *, const u_char *, u_int); extern void ip_print_inner(netdissect_options *, const u_char *, u_int, u_int nh, const u_char *); extern void ipcomp_print(netdissect_options *, register const u_char *); extern void ipx_netbios_print(netdissect_options *, const u_char *, u_int); extern void ipx_print(netdissect_options *, const u_char *, u_int); extern void isakmp_print(netdissect_options *, const u_char *, u_int, const u_char *); extern void isakmp_rfc3948_print(netdissect_options *, const u_char *, u_int, const u_char *); extern void isoclns_print(netdissect_options *, const u_char *, u_int); extern void krb_print(netdissect_options *, const u_char *); extern void l2tp_print(netdissect_options *, const u_char *, u_int); extern void lane_print(netdissect_options *, const u_char *, u_int, u_int); extern void ldp_print(netdissect_options *, const u_char *, u_int); extern void lisp_print(netdissect_options *, const u_char *, u_int); extern u_int llap_print(netdissect_options *, const u_char *, u_int); extern int llc_print(netdissect_options *, const u_char *, u_int, u_int, const struct lladdr_info *, const struct lladdr_info *); extern void lldp_print(netdissect_options *, const u_char *, u_int); extern void lmp_print(netdissect_options *, const u_char *, u_int); extern void loopback_print(netdissect_options *, const u_char *, const u_int); extern void lspping_print(netdissect_options *, const u_char *, u_int); extern void lwapp_control_print(netdissect_options *, const u_char *, u_int, int); extern void lwapp_data_print(netdissect_options *, const u_char *, u_int); extern void lwres_print(netdissect_options *, const u_char *, u_int); extern void m3ua_print(netdissect_options *, const u_char *, const u_int); extern void medsa_print(netdissect_options *, const u_char *, u_int, u_int, const struct lladdr_info *, const struct lladdr_info *); extern u_int mfr_print(netdissect_options *, register const u_char *, u_int); extern void mobile_print(netdissect_options *, const u_char *, u_int); extern int mobility_print(netdissect_options *, const u_char *, const u_char *); extern void mpcp_print(netdissect_options *, const u_char *, u_int); extern void mpls_print(netdissect_options *, const u_char *, u_int); extern int mptcp_print(netdissect_options *, const u_char *, u_int, u_char); extern void msdp_print(netdissect_options *, const u_char *, u_int); extern void msnlb_print(netdissect_options *, const u_char *); extern void nbt_tcp_print(netdissect_options *, const u_char *, int); extern void nbt_udp137_print(netdissect_options *, const u_char *, int); extern void nbt_udp138_print(netdissect_options *, const u_char *, int); extern void netbeui_print(netdissect_options *, u_short, const u_char *, int); extern void nfsreply_print(netdissect_options *, const u_char *, u_int, const u_char *); extern void nfsreply_print_noaddr(netdissect_options *, const u_char *, u_int, const u_char *); extern void nfsreq_print_noaddr(netdissect_options *, const u_char *, u_int, const u_char *); extern const u_char * ns_nprint (netdissect_options *, register const u_char *, register const u_char *); extern void ns_print(netdissect_options *, const u_char *, u_int, int); extern void nsh_print(netdissect_options *ndo, const u_char *bp, u_int len); extern void ntp_print(netdissect_options *, const u_char *, u_int); extern void oam_print(netdissect_options *, const u_char *, u_int, u_int); extern void olsr_print(netdissect_options *, const u_char *, u_int, int); extern void openflow_print(netdissect_options *, const u_char *, const u_int); extern void ospf6_print(netdissect_options *, const u_char *, u_int); extern void ospf_print(netdissect_options *, const u_char *, u_int, const u_char *); extern int ospf_print_grace_lsa(netdissect_options *, const uint8_t *, u_int); extern int ospf_print_te_lsa(netdissect_options *, const uint8_t *, u_int); extern void otv_print(netdissect_options *, const u_char *, u_int); extern void pfsync_ip_print(netdissect_options *, const u_char *, u_int); +extern u_int pfsync_if_print(netdissect_options *, const struct pcap_pkthdr *, const u_char *); extern void pgm_print(netdissect_options *, const u_char *, u_int, const u_char *); extern void pim_print(netdissect_options *, const u_char *, u_int, const u_char *); extern void pimv1_print(netdissect_options *, const u_char *, u_int); extern u_int ppp_print(netdissect_options *, register const u_char *, u_int); extern u_int pppoe_print(netdissect_options *, const u_char *, u_int); extern void pptp_print(netdissect_options *, const u_char *); extern int print_unknown_data(netdissect_options *, const u_char *, const char *, int); extern char *q922_string(netdissect_options *, const u_char *, u_int); extern void q933_print(netdissect_options *, const u_char *, u_int); extern void radius_print(netdissect_options *, const u_char *, u_int); extern void resp_print(netdissect_options *, const u_char *, u_int); extern void rip_print(netdissect_options *, const u_char *, u_int); extern void ripng_print(netdissect_options *, const u_char *, unsigned int); extern void rpki_rtr_print(netdissect_options *, const u_char *, u_int); extern void rrcp_print(netdissect_options *, const u_char *, u_int, const struct lladdr_info *, const struct lladdr_info *); extern void rsvp_print(netdissect_options *, const u_char *, u_int); extern int rt6_print(netdissect_options *, const u_char *, const u_char *); extern void rtsp_print(netdissect_options *, const u_char *, u_int); extern void rx_print(netdissect_options *, register const u_char *, int, int, int, const u_char *); extern void sctp_print(netdissect_options *, const u_char *, const u_char *, u_int); extern void sflow_print(netdissect_options *, const u_char *, u_int); extern void sip_print(netdissect_options *, const u_char *, u_int); extern void slow_print(netdissect_options *, const u_char *, u_int); extern void smb_print_data(netdissect_options *, const unsigned char *, int); extern void smb_tcp_print(netdissect_options *, const u_char *, int); extern void smtp_print(netdissect_options *, const u_char *, u_int); extern int snap_print(netdissect_options *, const u_char *, u_int, u_int, const struct lladdr_info *, const struct lladdr_info *, u_int); extern void snmp_print(netdissect_options *, const u_char *, u_int); extern void stp_print(netdissect_options *, const u_char *, u_int); extern void sunrpcrequest_print(netdissect_options *, const u_char *, u_int, const u_char *); extern void syslog_print(netdissect_options *, const u_char *, u_int); extern void tcp_print(netdissect_options *, const u_char *, u_int, const u_char *, int); extern void telnet_print(netdissect_options *, const u_char *, u_int); extern void tftp_print(netdissect_options *, const u_char *, u_int); extern void timed_print(netdissect_options *, const u_char *); extern void tipc_print(netdissect_options *, const u_char *, u_int, u_int); extern u_int token_print(netdissect_options *, const u_char *, u_int, u_int); extern void udld_print(netdissect_options *, const u_char *, u_int); extern void udp_print(netdissect_options *, const u_char *, u_int, const u_char *, int); extern int vjc_print(netdissect_options *, register const char *, u_short); extern void vqp_print(netdissect_options *, register const u_char *, register u_int); extern void vrrp_print(netdissect_options *, const u_char *, u_int, const u_char *, int); extern void vtp_print(netdissect_options *, const u_char *, u_int); extern void vxlan_gpe_print(netdissect_options *ndo, const u_char *bp, u_int len); extern void vxlan_print(netdissect_options *, const u_char *, u_int); extern void wb_print(netdissect_options *, const void *, u_int); extern void zephyr_print(netdissect_options *, const u_char *, int); extern void zmtp1_print(netdissect_options *, const u_char *, u_int); extern void zmtp1_print_datagram(netdissect_options *, const u_char *, const u_int); /* checksum routines */ extern void init_checksum(void); extern uint16_t verify_crc10_cksum(uint16_t, const u_char *, int); extern uint16_t create_osi_cksum(const uint8_t *, int, int); struct cksum_vec { const uint8_t *ptr; int len; }; extern uint16_t in_cksum(const struct cksum_vec *, int); extern uint16_t in_cksum_shouldbe(uint16_t, uint16_t); extern int nextproto4_cksum(netdissect_options *, const struct ip *, const uint8_t *, u_int, u_int, u_int); /* in print-ip6.c */ extern int nextproto6_cksum(netdissect_options *, const struct ip6_hdr *, const uint8_t *, u_int, u_int, u_int); /* Utilities */ extern int mask2plen(uint32_t); extern int mask62plen(const u_char *); extern const char *dnnum_string(netdissect_options *, u_short); extern char *smb_errstr(int, int); extern const char *nt_errstr(uint32_t); extern int decode_prefix4(netdissect_options *, const u_char *, u_int, char *, u_int); extern int decode_prefix6(netdissect_options *, const u_char *, u_int, char *, u_int); extern void esp_print_decodesecret(netdissect_options *); extern int esp_print_decrypt_buffer_by_ikev2(netdissect_options *, int, u_char spii[8], u_char spir[8], const u_char *, const u_char *); #endif /* netdissect_h */ diff --git a/contrib/tcpdump/print-pfsync.c b/contrib/tcpdump/print-pfsync.c index 62913337e527..dc1cd039f5b0 100644 --- a/contrib/tcpdump/print-pfsync.c +++ b/contrib/tcpdump/print-pfsync.c @@ -1,459 +1,458 @@ /* * Copyright (c) 2012 Gleb Smirnoff * Copyright (c) 2002 Michael Shalayeff * Copyright (c) 2001 Daniel Hartmeier * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF * THE POSSIBILITY OF SUCH DAMAGE. * * $OpenBSD: print-pfsync.c,v 1.38 2012/09/19 13:50:36 mikeb Exp $ * $OpenBSD: pf_print_state.c,v 1.11 2012/07/08 17:48:37 lteo Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifndef HAVE_NET_PFVAR_H #error "No pf headers available" #endif #include #include #include #include #define TCPSTATES #include #include #include #include "netdissect.h" #include "interface.h" #include "addrtoname.h" static void pfsync_print(netdissect_options *, struct pfsync_header *, const u_char *, u_int); static void print_src_dst(netdissect_options *, const struct pfsync_state_peer *, const struct pfsync_state_peer *, uint8_t); static void print_state(netdissect_options *, struct pfsync_state *); -#ifdef notyet -void -pfsync_if_print(u_char *user, const struct pcap_pkthdr *h, +u_int +pfsync_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, register const u_char *p) { u_int caplen = h->caplen; - ts_print(&h->ts); + ts_print(ndo, &h->ts); if (caplen < PFSYNC_HDRLEN) { ND_PRINT((ndo, "[|pfsync]")); goto out; } - pfsync_print((struct pfsync_header *)p, + pfsync_print(ndo, (struct pfsync_header *)p, p + sizeof(struct pfsync_header), caplen - sizeof(struct pfsync_header)); out: - if (xflag) { - default_print((const u_char *)p, caplen); + if (ndo->ndo_xflag) { + hex_print(ndo, "\n\t", p, caplen); } safeputchar(ndo, '\n'); + return (caplen); } -#endif /* notyet */ void pfsync_ip_print(netdissect_options *ndo , const u_char *bp, u_int len) { struct pfsync_header *hdr = (struct pfsync_header *)bp; if (len < PFSYNC_HDRLEN) ND_PRINT((ndo, "[|pfsync]")); else pfsync_print(ndo, hdr, bp + sizeof(struct pfsync_header), len - sizeof(struct pfsync_header)); } struct pfsync_actions { const char *name; size_t len; void (*print)(netdissect_options *, const void *); }; static void pfsync_print_clr(netdissect_options *, const void *); static void pfsync_print_state(netdissect_options *, const void *); static void pfsync_print_ins_ack(netdissect_options *, const void *); static void pfsync_print_upd_c(netdissect_options *, const void *); static void pfsync_print_upd_req(netdissect_options *, const void *); static void pfsync_print_del_c(netdissect_options *, const void *); static void pfsync_print_bus(netdissect_options *, const void *); static void pfsync_print_tdb(netdissect_options *, const void *); struct pfsync_actions actions[] = { { "clear all", sizeof(struct pfsync_clr), pfsync_print_clr }, { "insert", sizeof(struct pfsync_state), pfsync_print_state }, { "insert ack", sizeof(struct pfsync_ins_ack), pfsync_print_ins_ack }, { "update", sizeof(struct pfsync_ins_ack), pfsync_print_state }, { "update compressed", sizeof(struct pfsync_upd_c), pfsync_print_upd_c }, { "request uncompressed", sizeof(struct pfsync_upd_req), pfsync_print_upd_req }, { "delete", sizeof(struct pfsync_state), pfsync_print_state }, { "delete compressed", sizeof(struct pfsync_del_c), pfsync_print_del_c }, { "frag insert", 0, NULL }, { "frag delete", 0, NULL }, { "bulk update status", sizeof(struct pfsync_bus), pfsync_print_bus }, { "tdb", 0, pfsync_print_tdb }, { "eof", 0, NULL }, }; static void pfsync_print(netdissect_options *ndo, struct pfsync_header *hdr, const u_char *bp, u_int len) { struct pfsync_subheader *subh; int count, plen, i; u_int alen; plen = ntohs(hdr->len); ND_PRINT((ndo, "PFSYNCv%d len %d", hdr->version, plen)); if (hdr->version != PFSYNC_VERSION) return; plen -= sizeof(*hdr); while (plen > 0) { if (len < sizeof(*subh)) break; subh = (struct pfsync_subheader *)bp; bp += sizeof(*subh); len -= sizeof(*subh); plen -= sizeof(*subh); if (subh->action >= PFSYNC_ACT_MAX) { ND_PRINT((ndo, "\n act UNKNOWN id %d", subh->action)); return; } count = ntohs(subh->count); ND_PRINT((ndo, "\n %s count %d", actions[subh->action].name, count)); alen = actions[subh->action].len; if (subh->action == PFSYNC_ACT_EOF) return; if (actions[subh->action].print == NULL) { ND_PRINT((ndo, "\n unimplemented action %hhu", subh->action)); return; } for (i = 0; i < count; i++) { if (len < alen) { len = 0; break; } if (ndo->ndo_vflag) actions[subh->action].print(ndo, bp); bp += alen; len -= alen; plen -= alen; } } if (plen > 0) { ND_PRINT((ndo, "\n ...")); return; } if (plen < 0) { ND_PRINT((ndo, "\n invalid header length")); return; } if (len > 0) ND_PRINT((ndo, "\n invalid packet length")); } static void pfsync_print_clr(netdissect_options *ndo, const void *bp) { const struct pfsync_clr *clr = bp; ND_PRINT((ndo, "\n\tcreatorid: %08x", htonl(clr->creatorid))); if (clr->ifname[0] != '\0') ND_PRINT((ndo, " interface: %s", clr->ifname)); } static void pfsync_print_state(netdissect_options *ndo, const void *bp) { struct pfsync_state *st = (struct pfsync_state *)bp; safeputchar(ndo, '\n'); print_state(ndo, st); } static void pfsync_print_ins_ack(netdissect_options *ndo, const void *bp) { const struct pfsync_ins_ack *iack = bp; ND_PRINT((ndo, "\n\tid: %016jx creatorid: %08x", (uintmax_t)be64toh(iack->id), ntohl(iack->creatorid))); } static void pfsync_print_upd_c(netdissect_options *ndo, const void *bp) { const struct pfsync_upd_c *u = bp; ND_PRINT((ndo, "\n\tid: %016jx creatorid: %08x", (uintmax_t)be64toh(u->id), ntohl(u->creatorid))); if (ndo->ndo_vflag > 2) { ND_PRINT((ndo, "\n\tTCP? :")); print_src_dst(ndo, &u->src, &u->dst, IPPROTO_TCP); } } static void pfsync_print_upd_req(netdissect_options *ndo, const void *bp) { const struct pfsync_upd_req *ur = bp; ND_PRINT((ndo, "\n\tid: %016jx creatorid: %08x", (uintmax_t)be64toh(ur->id), ntohl(ur->creatorid))); } static void pfsync_print_del_c(netdissect_options *ndo, const void *bp) { const struct pfsync_del_c *d = bp; ND_PRINT((ndo, "\n\tid: %016jx creatorid: %08x", (uintmax_t)be64toh(d->id), ntohl(d->creatorid))); } static void pfsync_print_bus(netdissect_options *ndo, const void *bp) { const struct pfsync_bus *b = bp; uint32_t endtime; int min, sec; const char *status; endtime = ntohl(b->endtime); sec = endtime % 60; endtime /= 60; min = endtime % 60; endtime /= 60; switch (b->status) { case PFSYNC_BUS_START: status = "start"; break; case PFSYNC_BUS_END: status = "end"; break; default: status = "UNKNOWN"; break; } ND_PRINT((ndo, "\n\tcreatorid: %08x age: %.2u:%.2u:%.2u status: %s", htonl(b->creatorid), endtime, min, sec, status)); } static void pfsync_print_tdb(netdissect_options *ndo, const void *bp) { const struct pfsync_tdb *t = bp; ND_PRINT((ndo, "\n\tspi: 0x%08x rpl: %ju cur_bytes: %ju", ntohl(t->spi), (uintmax_t )be64toh(t->rpl), (uintmax_t )be64toh(t->cur_bytes))); } static void print_host(netdissect_options *ndo, struct pf_addr *addr, uint16_t port, sa_family_t af, const char *proto) { char buf[48]; if (inet_ntop(af, addr, buf, sizeof(buf)) == NULL) ND_PRINT((ndo, "?")); else ND_PRINT((ndo, "%s", buf)); if (port) ND_PRINT((ndo, ".%hu", ntohs(port))); } static void print_seq(netdissect_options *ndo, const struct pfsync_state_peer *p) { if (p->seqdiff) ND_PRINT((ndo, "[%u + %u](+%u)", ntohl(p->seqlo), ntohl(p->seqhi) - ntohl(p->seqlo), ntohl(p->seqdiff))); else ND_PRINT((ndo, "[%u + %u]", ntohl(p->seqlo), ntohl(p->seqhi) - ntohl(p->seqlo))); } static void print_src_dst(netdissect_options *ndo, const struct pfsync_state_peer *src, const struct pfsync_state_peer *dst, uint8_t proto) { if (proto == IPPROTO_TCP) { if (src->state <= TCPS_TIME_WAIT && dst->state <= TCPS_TIME_WAIT) ND_PRINT((ndo, " %s:%s", tcpstates[src->state], tcpstates[dst->state])); else if (src->state == PF_TCPS_PROXY_SRC || dst->state == PF_TCPS_PROXY_SRC) ND_PRINT((ndo, " PROXY:SRC")); else if (src->state == PF_TCPS_PROXY_DST || dst->state == PF_TCPS_PROXY_DST) ND_PRINT((ndo, " PROXY:DST")); else ND_PRINT((ndo, " ", src->state, dst->state)); if (ndo->ndo_vflag > 1) { ND_PRINT((ndo, "\n\t")); print_seq(ndo, src); if (src->wscale && dst->wscale) ND_PRINT((ndo, " wscale %u", src->wscale & PF_WSCALE_MASK)); ND_PRINT((ndo, " ")); print_seq(ndo, dst); if (src->wscale && dst->wscale) ND_PRINT((ndo, " wscale %u", dst->wscale & PF_WSCALE_MASK)); } } else if (proto == IPPROTO_UDP && src->state < PFUDPS_NSTATES && dst->state < PFUDPS_NSTATES) { const char *states[] = PFUDPS_NAMES; ND_PRINT((ndo, " %s:%s", states[src->state], states[dst->state])); } else if (proto != IPPROTO_ICMP && src->state < PFOTHERS_NSTATES && dst->state < PFOTHERS_NSTATES) { /* XXX ICMP doesn't really have state levels */ const char *states[] = PFOTHERS_NAMES; ND_PRINT((ndo, " %s:%s", states[src->state], states[dst->state])); } else { ND_PRINT((ndo, " %u:%u", src->state, dst->state)); } } static void print_state(netdissect_options *ndo, struct pfsync_state *s) { struct pfsync_state_peer *src, *dst; struct pfsync_state_key *sk, *nk; int min, sec; if (s->direction == PF_OUT) { src = &s->src; dst = &s->dst; sk = &s->key[PF_SK_STACK]; nk = &s->key[PF_SK_WIRE]; if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6) sk->port[0] = nk->port[0]; } else { src = &s->dst; dst = &s->src; sk = &s->key[PF_SK_WIRE]; nk = &s->key[PF_SK_STACK]; if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6) sk->port[1] = nk->port[1]; } ND_PRINT((ndo, "\t%s ", s->ifname)); ND_PRINT((ndo, "proto %u ", s->proto)); print_host(ndo, &nk->addr[1], nk->port[1], s->af, NULL); if (PF_ANEQ(&nk->addr[1], &sk->addr[1], s->af) || nk->port[1] != sk->port[1]) { ND_PRINT((ndo, " (")); print_host(ndo, &sk->addr[1], sk->port[1], s->af, NULL); ND_PRINT((ndo, ")")); } if (s->direction == PF_OUT) ND_PRINT((ndo, " -> ")); else ND_PRINT((ndo, " <- ")); print_host(ndo, &nk->addr[0], nk->port[0], s->af, NULL); if (PF_ANEQ(&nk->addr[0], &sk->addr[0], s->af) || nk->port[0] != sk->port[0]) { ND_PRINT((ndo, " (")); print_host(ndo, &sk->addr[0], sk->port[0], s->af, NULL); ND_PRINT((ndo, ")")); } print_src_dst(ndo, src, dst, s->proto); if (ndo->ndo_vflag > 1) { uint64_t packets[2]; uint64_t bytes[2]; uint32_t creation = ntohl(s->creation); uint32_t expire = ntohl(s->expire); sec = creation % 60; creation /= 60; min = creation % 60; creation /= 60; ND_PRINT((ndo, "\n\tage %.2u:%.2u:%.2u", creation, min, sec)); sec = expire % 60; expire /= 60; min = expire % 60; expire /= 60; ND_PRINT((ndo, ", expires in %.2u:%.2u:%.2u", expire, min, sec)); bcopy(s->packets[0], &packets[0], sizeof(uint64_t)); bcopy(s->packets[1], &packets[1], sizeof(uint64_t)); bcopy(s->bytes[0], &bytes[0], sizeof(uint64_t)); bcopy(s->bytes[1], &bytes[1], sizeof(uint64_t)); ND_PRINT((ndo, ", %ju:%ju pkts, %ju:%ju bytes", be64toh(packets[0]), be64toh(packets[1]), be64toh(bytes[0]), be64toh(bytes[1]))); if (s->anchor != ntohl(-1)) ND_PRINT((ndo, ", anchor %u", ntohl(s->anchor))); if (s->rule != ntohl(-1)) ND_PRINT((ndo, ", rule %u", ntohl(s->rule))); } if (ndo->ndo_vflag > 1) { uint64_t id; bcopy(&s->id, &id, sizeof(uint64_t)); ND_PRINT((ndo, "\n\tid: %016jx creatorid: %08x", (uintmax_t )be64toh(id), ntohl(s->creatorid))); } } diff --git a/contrib/tcpdump/print.c b/contrib/tcpdump/print.c index c76f34411778..e5436f4d738f 100644 --- a/contrib/tcpdump/print.c +++ b/contrib/tcpdump/print.c @@ -1,477 +1,480 @@ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that: (1) source code distributions * retain the above copyright notice and this paragraph in its entirety, (2) * distributions including binary code include the above copyright notice and * this paragraph in its entirety in the documentation or other materials * provided with the distribution, and (3) all advertising materials mentioning * features or use of this software display the following acknowledgement: * ``This product includes software developed by the University of California, * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of * the University nor the names of its contributors may be used to endorse * or promote products derived from this software without specific prior * written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * Support for splitting captures into multiple files with a maximum * file size: * * Copyright (c) 2001 * Seth Webster */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include #include #include #include "netdissect.h" #include "addrtoname.h" #include "print.h" struct printer { if_printer f; int type; }; static const struct printer printers[] = { { ether_if_print, DLT_EN10MB }, #ifdef DLT_IPNET { ipnet_if_print, DLT_IPNET }, #endif #ifdef DLT_IEEE802_15_4 { ieee802_15_4_if_print, DLT_IEEE802_15_4 }, #endif #ifdef DLT_IEEE802_15_4_NOFCS { ieee802_15_4_if_print, DLT_IEEE802_15_4_NOFCS }, #endif #ifdef DLT_PPI { ppi_if_print, DLT_PPI }, #endif #ifdef DLT_NETANALYZER { netanalyzer_if_print, DLT_NETANALYZER }, #endif #ifdef DLT_NETANALYZER_TRANSPARENT { netanalyzer_transparent_if_print, DLT_NETANALYZER_TRANSPARENT }, #endif #if defined(DLT_NFLOG) && defined(HAVE_PCAP_NFLOG_H) { nflog_if_print, DLT_NFLOG}, #endif #ifdef DLT_CIP { cip_if_print, DLT_CIP }, #endif #ifdef DLT_ATM_CLIP { cip_if_print, DLT_ATM_CLIP }, #endif #ifdef DLT_IP_OVER_FC { ipfc_if_print, DLT_IP_OVER_FC }, #endif { null_if_print, DLT_NULL }, #ifdef DLT_LOOP { null_if_print, DLT_LOOP }, #endif #ifdef DLT_APPLE_IP_OVER_IEEE1394 { ap1394_if_print, DLT_APPLE_IP_OVER_IEEE1394 }, #endif #if defined(DLT_BLUETOOTH_HCI_H4_WITH_PHDR) && defined(HAVE_PCAP_BLUETOOTH_H) { bt_if_print, DLT_BLUETOOTH_HCI_H4_WITH_PHDR}, #endif #ifdef DLT_LANE8023 { lane_if_print, DLT_LANE8023 }, #endif { arcnet_if_print, DLT_ARCNET }, #ifdef DLT_ARCNET_LINUX { arcnet_linux_if_print, DLT_ARCNET_LINUX }, #endif { raw_if_print, DLT_RAW }, #ifdef DLT_IPV4 { raw_if_print, DLT_IPV4 }, #endif #ifdef DLT_IPV6 { raw_if_print, DLT_IPV6 }, #endif #ifdef HAVE_PCAP_USB_H #ifdef DLT_USB_LINUX { usb_linux_48_byte_print, DLT_USB_LINUX}, #endif /* DLT_USB_LINUX */ #ifdef DLT_USB_LINUX_MMAPPED { usb_linux_64_byte_print, DLT_USB_LINUX_MMAPPED}, #endif /* DLT_USB_LINUX_MMAPPED */ #endif /* HAVE_PCAP_USB_H */ #ifdef DLT_SYMANTEC_FIREWALL { symantec_if_print, DLT_SYMANTEC_FIREWALL }, #endif #ifdef DLT_C_HDLC { chdlc_if_print, DLT_C_HDLC }, #endif #ifdef DLT_HDLC { chdlc_if_print, DLT_HDLC }, #endif #ifdef DLT_PPP_ETHER { pppoe_if_print, DLT_PPP_ETHER }, #endif #if defined(DLT_PFLOG) && defined(HAVE_NET_IF_PFLOG_H) { pflog_if_print, DLT_PFLOG }, +#endif +#if defined(DLT_PFSYNC) && defined(HAVE_NET_PFVAR_H) + { pfsync_if_print, DLT_PFSYNC}, #endif { token_if_print, DLT_IEEE802 }, { fddi_if_print, DLT_FDDI }, #ifdef DLT_LINUX_SLL { sll_if_print, DLT_LINUX_SLL }, #endif #ifdef DLT_FR { fr_if_print, DLT_FR }, #endif #ifdef DLT_FRELAY { fr_if_print, DLT_FRELAY }, #endif #ifdef DLT_MFR { mfr_if_print, DLT_MFR }, #endif { atm_if_print, DLT_ATM_RFC1483 }, #ifdef DLT_SUNATM { sunatm_if_print, DLT_SUNATM }, #endif #ifdef DLT_ENC { enc_if_print, DLT_ENC }, #endif { sl_if_print, DLT_SLIP }, #ifdef DLT_SLIP_BSDOS { sl_bsdos_if_print, DLT_SLIP_BSDOS }, #endif #ifdef DLT_LTALK { ltalk_if_print, DLT_LTALK }, #endif #ifdef DLT_JUNIPER_ATM1 { juniper_atm1_print, DLT_JUNIPER_ATM1 }, #endif #ifdef DLT_JUNIPER_ATM2 { juniper_atm2_print, DLT_JUNIPER_ATM2 }, #endif #ifdef DLT_JUNIPER_MFR { juniper_mfr_print, DLT_JUNIPER_MFR }, #endif #ifdef DLT_JUNIPER_MLFR { juniper_mlfr_print, DLT_JUNIPER_MLFR }, #endif #ifdef DLT_JUNIPER_MLPPP { juniper_mlppp_print, DLT_JUNIPER_MLPPP }, #endif #ifdef DLT_JUNIPER_PPPOE { juniper_pppoe_print, DLT_JUNIPER_PPPOE }, #endif #ifdef DLT_JUNIPER_PPPOE_ATM { juniper_pppoe_atm_print, DLT_JUNIPER_PPPOE_ATM }, #endif #ifdef DLT_JUNIPER_GGSN { juniper_ggsn_print, DLT_JUNIPER_GGSN }, #endif #ifdef DLT_JUNIPER_ES { juniper_es_print, DLT_JUNIPER_ES }, #endif #ifdef DLT_JUNIPER_MONITOR { juniper_monitor_print, DLT_JUNIPER_MONITOR }, #endif #ifdef DLT_JUNIPER_SERVICES { juniper_services_print, DLT_JUNIPER_SERVICES }, #endif #ifdef DLT_JUNIPER_ETHER { juniper_ether_print, DLT_JUNIPER_ETHER }, #endif #ifdef DLT_JUNIPER_PPP { juniper_ppp_print, DLT_JUNIPER_PPP }, #endif #ifdef DLT_JUNIPER_FRELAY { juniper_frelay_print, DLT_JUNIPER_FRELAY }, #endif #ifdef DLT_JUNIPER_CHDLC { juniper_chdlc_print, DLT_JUNIPER_CHDLC }, #endif #ifdef DLT_PKTAP { pktap_if_print, DLT_PKTAP }, #endif #ifdef DLT_IEEE802_11_RADIO { ieee802_11_radio_if_print, DLT_IEEE802_11_RADIO }, #endif #ifdef DLT_IEEE802_11 { ieee802_11_if_print, DLT_IEEE802_11}, #endif #ifdef DLT_IEEE802_11_RADIO_AVS { ieee802_11_radio_avs_if_print, DLT_IEEE802_11_RADIO_AVS }, #endif #ifdef DLT_PRISM_HEADER { prism_if_print, DLT_PRISM_HEADER }, #endif { ppp_if_print, DLT_PPP }, #ifdef DLT_PPP_WITHDIRECTION { ppp_if_print, DLT_PPP_WITHDIRECTION }, #endif #ifdef DLT_PPP_BSDOS { ppp_bsdos_if_print, DLT_PPP_BSDOS }, #endif #ifdef DLT_PPP_SERIAL { ppp_hdlc_if_print, DLT_PPP_SERIAL }, #endif { NULL, 0 }, }; static void ndo_default_print(netdissect_options *ndo, const u_char *bp, u_int length); static void ndo_error(netdissect_options *ndo, FORMAT_STRING(const char *fmt), ...) NORETURN PRINTFLIKE(2, 3); static void ndo_warning(netdissect_options *ndo, FORMAT_STRING(const char *fmt), ...) PRINTFLIKE(2, 3); static int ndo_printf(netdissect_options *ndo, FORMAT_STRING(const char *fmt), ...) PRINTFLIKE(2, 3); void init_print(netdissect_options *ndo, uint32_t localnet, uint32_t mask, uint32_t timezone_offset) { thiszone = timezone_offset; init_addrtoname(ndo, localnet, mask); init_checksum(); } if_printer lookup_printer(int type) { const struct printer *p; for (p = printers; p->f; ++p) if (type == p->type) return p->f; #if defined(DLT_USER2) && defined(DLT_PKTAP) /* * Apple incorrectly chose to use DLT_USER2 for their PKTAP * header. * * We map DLT_PKTAP, whether it's DLT_USER2 as it is on Darwin- * based OSes or the same value as LINKTYPE_PKTAP as it is on * other OSes, to LINKTYPE_PKTAP, so files written with * this version of libpcap for a DLT_PKTAP capture have a link- * layer header type of LINKTYPE_PKTAP. * * However, files written on OS X Mavericks for a DLT_PKTAP * capture have a link-layer header type of LINKTYPE_USER2. * If we don't have a printer for DLT_USER2, and type is * DLT_USER2, we look up the printer for DLT_PKTAP and use * that. */ if (type == DLT_USER2) { for (p = printers; p->f; ++p) if (DLT_PKTAP == p->type) return p->f; } #endif return NULL; /* NOTREACHED */ } int has_printer(int type) { return (lookup_printer(type) != NULL); } if_printer get_if_printer(netdissect_options *ndo, int type) { const char *dltname; if_printer printer; printer = lookup_printer(type); if (printer == NULL) { dltname = pcap_datalink_val_to_name(type); if (dltname != NULL) (*ndo->ndo_error)(ndo, "packet printing is not supported for link type %s: use -w", dltname); else (*ndo->ndo_error)(ndo, "packet printing is not supported for link type %d: use -w", type); } return printer; } void pretty_print_packet(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *sp, u_int packets_captured) { u_int hdrlen; if(ndo->ndo_packet_number) ND_PRINT((ndo, "%5u ", packets_captured)); ts_print(ndo, &h->ts); /* * Some printers want to check that they're not walking off the * end of the packet. * Rather than pass it all the way down, we set this member * of the netdissect_options structure. */ ndo->ndo_snapend = sp + h->caplen; hdrlen = (ndo->ndo_if_printer)(ndo, h, sp); /* * Restore the original snapend, as a printer might have * changed it. */ ndo->ndo_snapend = sp + h->caplen; if (ndo->ndo_Xflag) { /* * Print the raw packet data in hex and ASCII. */ if (ndo->ndo_Xflag > 1) { /* * Include the link-layer header. */ hex_and_ascii_print(ndo, "\n\t", sp, h->caplen); } else { /* * Don't include the link-layer header - and if * we have nothing past the link-layer header, * print nothing. */ if (h->caplen > hdrlen) hex_and_ascii_print(ndo, "\n\t", sp + hdrlen, h->caplen - hdrlen); } } else if (ndo->ndo_xflag) { /* * Print the raw packet data in hex. */ if (ndo->ndo_xflag > 1) { /* * Include the link-layer header. */ hex_print(ndo, "\n\t", sp, h->caplen); } else { /* * Don't include the link-layer header - and if * we have nothing past the link-layer header, * print nothing. */ if (h->caplen > hdrlen) hex_print(ndo, "\n\t", sp + hdrlen, h->caplen - hdrlen); } } else if (ndo->ndo_Aflag) { /* * Print the raw packet data in ASCII. */ if (ndo->ndo_Aflag > 1) { /* * Include the link-layer header. */ ascii_print(ndo, sp, h->caplen); } else { /* * Don't include the link-layer header - and if * we have nothing past the link-layer header, * print nothing. */ if (h->caplen > hdrlen) ascii_print(ndo, sp + hdrlen, h->caplen - hdrlen); } } ND_PRINT((ndo, "\n")); } /* * By default, print the specified data out in hex and ASCII. */ static void ndo_default_print(netdissect_options *ndo, const u_char *bp, u_int length) { hex_and_ascii_print(ndo, "\n\t", bp, length); /* pass on lf and indentation string */ } /* VARARGS */ static void ndo_error(netdissect_options *ndo, const char *fmt, ...) { va_list ap; if(ndo->program_name) (void)fprintf(stderr, "%s: ", ndo->program_name); va_start(ap, fmt); (void)vfprintf(stderr, fmt, ap); va_end(ap); if (*fmt) { fmt += strlen(fmt); if (fmt[-1] != '\n') (void)fputc('\n', stderr); } nd_cleanup(); exit(1); /* NOTREACHED */ } /* VARARGS */ static void ndo_warning(netdissect_options *ndo, const char *fmt, ...) { va_list ap; if(ndo->program_name) (void)fprintf(stderr, "%s: ", ndo->program_name); (void)fprintf(stderr, "WARNING: "); va_start(ap, fmt); (void)vfprintf(stderr, fmt, ap); va_end(ap); if (*fmt) { fmt += strlen(fmt); if (fmt[-1] != '\n') (void)fputc('\n', stderr); } } static int ndo_printf(netdissect_options *ndo, const char *fmt, ...) { va_list args; int ret; va_start(args, fmt); ret = vfprintf(stdout, fmt, args); va_end(args); if (ret < 0) ndo_error(ndo, "Unable to write output: %s", pcap_strerror(errno)); return (ret); } void ndo_set_function_pointers(netdissect_options *ndo) { ndo->ndo_default_print=ndo_default_print; ndo->ndo_printf=ndo_printf; ndo->ndo_error=ndo_error; ndo->ndo_warning=ndo_warning; } /* * Local Variables: * c-style: whitesmith * c-basic-offset: 8 * End: */