1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Frame Relay printer */
23
24 #include <config.h>
25
26 #include "netdissect-stdinc.h"
27
28 #include <stdio.h>
29 #include <string.h>
30
31 #include "netdissect.h"
32 #include "addrtoname.h"
33 #include "ethertype.h"
34 #include "llc.h"
35 #include "nlpid.h"
36 #include "extract.h"
37
38 static void frf15_print(netdissect_options *ndo, const u_char *, u_int);
39
40 /*
41 * the frame relay header has a variable length
42 *
43 * the EA bit determines if there is another byte
44 * in the header
45 *
46 * minimum header length is 2 bytes
47 * maximum header length is 4 bytes
48 *
49 * 7 6 5 4 3 2 1 0
50 * +----+----+----+----+----+----+----+----+
51 * | DLCI (6 bits) | CR | EA |
52 * +----+----+----+----+----+----+----+----+
53 * | DLCI (4 bits) |FECN|BECN| DE | EA |
54 * +----+----+----+----+----+----+----+----+
55 * | DLCI (7 bits) | EA |
56 * +----+----+----+----+----+----+----+----+
57 * | DLCI (6 bits) |SDLC| EA |
58 * +----+----+----+----+----+----+----+----+
59 */
60
61 #define FR_EA_BIT 0x01
62
63 #define FR_CR_BIT 0x02000000
64 #define FR_DE_BIT 0x00020000
65 #define FR_BECN_BIT 0x00040000
66 #define FR_FECN_BIT 0x00080000
67 #define FR_SDLC_BIT 0x00000002
68
69
70 static const struct tok fr_header_flag_values[] = {
71 { FR_CR_BIT, "C!" },
72 { FR_DE_BIT, "DE" },
73 { FR_BECN_BIT, "BECN" },
74 { FR_FECN_BIT, "FECN" },
75 { FR_SDLC_BIT, "sdlcore" },
76 { 0, NULL }
77 };
78
79 /* FRF.15 / FRF.16 */
80 #define MFR_B_BIT 0x80
81 #define MFR_E_BIT 0x40
82 #define MFR_C_BIT 0x20
83 #define MFR_BEC_MASK (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT)
84 #define MFR_CTRL_FRAME (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT)
85 #define MFR_FRAG_FRAME (MFR_B_BIT | MFR_E_BIT )
86
87 static const struct tok frf_flag_values[] = {
88 { MFR_B_BIT, "Begin" },
89 { MFR_E_BIT, "End" },
90 { MFR_C_BIT, "Control" },
91 { 0, NULL }
92 };
93
94 /* Finds out Q.922 address length, DLCI and flags. Returns 1 on success,
95 * 0 on invalid address, -1 on truncated packet
96 * save the flags dep. on address length
97 */
parse_q922_header(netdissect_options * ndo,const u_char * p,u_int * dlci,u_int * addr_len,uint32_t * flags,u_int length)98 static int parse_q922_header(netdissect_options *ndo,
99 const u_char *p, u_int *dlci,
100 u_int *addr_len, uint32_t *flags, u_int length)
101 {
102 if (!ND_TTEST_1(p) || length < 1)
103 return -1;
104 if ((GET_U_1(p) & FR_EA_BIT))
105 return 0;
106
107 if (!ND_TTEST_1(p + 1) || length < 2)
108 return -1;
109 *addr_len = 2;
110 *dlci = ((GET_U_1(p) & 0xFC) << 2) | ((GET_U_1(p + 1) & 0xF0) >> 4);
111
112 *flags = ((GET_U_1(p) & 0x02) << 24) | /* CR flag */
113 ((GET_U_1(p + 1) & 0x0e) << 16); /* FECN,BECN,DE flags */
114
115 if (GET_U_1(p + 1) & FR_EA_BIT)
116 return 1; /* 2-byte Q.922 address */
117
118 p += 2;
119 length -= 2;
120 if (!ND_TTEST_1(p) || length < 1)
121 return -1;
122 (*addr_len)++; /* 3- or 4-byte Q.922 address */
123 if ((GET_U_1(p) & FR_EA_BIT) == 0) {
124 *dlci = (*dlci << 7) | (GET_U_1(p) >> 1);
125 (*addr_len)++; /* 4-byte Q.922 address */
126 p++;
127 length--;
128 }
129
130 if (!ND_TTEST_1(p) || length < 1)
131 return -1;
132 if ((GET_U_1(p) & FR_EA_BIT) == 0)
133 return 0; /* more than 4 bytes of Q.922 address? */
134
135 *flags = *flags | (GET_U_1(p) & 0x02); /* SDLC flag */
136
137 *dlci = (*dlci << 6) | (GET_U_1(p) >> 2);
138
139 return 1;
140 }
141
142 const char *
q922_string(netdissect_options * ndo,const u_char * p,u_int length)143 q922_string(netdissect_options *ndo, const u_char *p, u_int length)
144 {
145
146 static u_int dlci, addr_len;
147 static uint32_t flags;
148 static char buffer[sizeof("parse_q922_header() returned XXXXXXXXXXX")];
149 int ret;
150 memset(buffer, 0, sizeof(buffer));
151
152 ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length);
153 if (ret == 1) {
154 snprintf(buffer, sizeof(buffer), "DLCI %u", dlci);
155 return buffer;
156 } else if (ret == 0) {
157 return "<Invalid DLCI>";
158 } else if (ret == -1) {
159 return "<Truncated>";
160 } else {
161 snprintf(buffer, sizeof(buffer), "parse_q922_header() returned %d", ret);
162 return buffer;
163 }
164 }
165
166
167 /* Frame Relay packet structure, with flags and CRC removed
168
169 +---------------------------+
170 | Q.922 Address* |
171 +-- --+
172 | |
173 +---------------------------+
174 | Control (UI = 0x03) |
175 +---------------------------+
176 | Optional Pad (0x00) |
177 +---------------------------+
178 | NLPID |
179 +---------------------------+
180 | . |
181 | . |
182 | . |
183 | Data |
184 | . |
185 | . |
186 +---------------------------+
187
188 * Q.922 addresses, as presently defined, are two octets and
189 contain a 10-bit DLCI. In some networks Q.922 addresses
190 may optionally be increased to three or four octets.
191 */
192
193 static void
fr_hdr_print(netdissect_options * ndo,int length,u_int addr_len,u_int dlci,uint32_t flags,uint16_t nlpid)194 fr_hdr_print(netdissect_options *ndo, int length, u_int addr_len,
195 u_int dlci, uint32_t flags, uint16_t nlpid)
196 {
197 if (ndo->ndo_qflag) {
198 ND_PRINT("Q.922, DLCI %u, length %u: ",
199 dlci,
200 length);
201 } else {
202 if (nlpid <= 0xff) /* if its smaller than 256 then its a NLPID */
203 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], NLPID %s (0x%02x), length %u: ",
204 addr_len,
205 dlci,
206 bittok2str(fr_header_flag_values, "none", flags),
207 tok2str(nlpid_values,"unknown", nlpid),
208 nlpid,
209 length);
210 else /* must be an ethertype */
211 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], cisco-ethertype %s (0x%04x), length %u: ",
212 addr_len,
213 dlci,
214 bittok2str(fr_header_flag_values, "none", flags),
215 tok2str(ethertype_values, "unknown", nlpid),
216 nlpid,
217 length);
218 }
219 }
220
221 /* Frame Relay */
222 void
fr_if_print(netdissect_options * ndo,const struct pcap_pkthdr * h,const u_char * p)223 fr_if_print(netdissect_options *ndo,
224 const struct pcap_pkthdr *h, const u_char *p)
225 {
226 u_int length = h->len;
227 u_int caplen = h->caplen;
228
229 ndo->ndo_protocol = "fr";
230 if (caplen < 4) { /* minimum frame header length */
231 nd_print_trunc(ndo);
232 ndo->ndo_ll_hdr_len += caplen;
233 return;
234 }
235
236 ndo->ndo_ll_hdr_len += fr_print(ndo, p, length);
237 }
238
239 u_int
fr_print(netdissect_options * ndo,const u_char * p,u_int length)240 fr_print(netdissect_options *ndo,
241 const u_char *p, u_int length)
242 {
243 int ret;
244 uint16_t extracted_ethertype;
245 u_int dlci;
246 u_int addr_len;
247 uint16_t nlpid;
248 u_int hdr_len;
249 uint32_t flags;
250
251 ndo->ndo_protocol = "fr";
252 ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length);
253 if (ret == -1)
254 goto trunc;
255 if (ret == 0) {
256 ND_PRINT("Q.922, invalid address");
257 return 0;
258 }
259
260 ND_TCHECK_1(p + addr_len);
261 if (length < addr_len + 1)
262 goto trunc;
263
264 if (GET_U_1(p + addr_len) != LLC_UI && dlci != 0) {
265 /*
266 * Let's figure out if we have Cisco-style encapsulation,
267 * with an Ethernet type (Cisco HDLC type?) following the
268 * address.
269 */
270 if (!ND_TTEST_2(p + addr_len) || length < addr_len + 2) {
271 /* no Ethertype */
272 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len));
273 } else {
274 extracted_ethertype = GET_BE_U_2(p + addr_len);
275
276 if (ndo->ndo_eflag)
277 fr_hdr_print(ndo, length, addr_len, dlci,
278 flags, extracted_ethertype);
279
280 if (ethertype_print(ndo, extracted_ethertype,
281 p+addr_len+ETHERTYPE_LEN,
282 length-addr_len-ETHERTYPE_LEN,
283 ND_BYTES_AVAILABLE_AFTER(p)-addr_len-ETHERTYPE_LEN,
284 NULL, NULL) == 0)
285 /* ether_type not known, probably it wasn't one */
286 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len));
287 else
288 return addr_len + 2;
289 }
290 }
291
292 ND_TCHECK_1(p + addr_len + 1);
293 if (length < addr_len + 2)
294 goto trunc;
295
296 if (GET_U_1(p + addr_len + 1) == 0) {
297 /*
298 * Assume a pad byte after the control (UI) byte.
299 * A pad byte should only be used with 3-byte Q.922.
300 */
301 if (addr_len != 3)
302 ND_PRINT("Pad! ");
303 hdr_len = addr_len + 1 /* UI */ + 1 /* pad */ + 1 /* NLPID */;
304 } else {
305 /*
306 * Not a pad byte.
307 * A pad byte should be used with 3-byte Q.922.
308 */
309 if (addr_len == 3)
310 ND_PRINT("No pad! ");
311 hdr_len = addr_len + 1 /* UI */ + 1 /* NLPID */;
312 }
313
314 ND_TCHECK_1(p + hdr_len - 1);
315 if (length < hdr_len)
316 goto trunc;
317 nlpid = GET_U_1(p + hdr_len - 1);
318
319 if (ndo->ndo_eflag)
320 fr_hdr_print(ndo, length, addr_len, dlci, flags, nlpid);
321 p += hdr_len;
322 length -= hdr_len;
323
324 switch (nlpid) {
325 case NLPID_IP:
326 ip_print(ndo, p, length);
327 break;
328
329 case NLPID_IP6:
330 ip6_print(ndo, p, length);
331 break;
332
333 case NLPID_CLNP:
334 case NLPID_ESIS:
335 case NLPID_ISIS:
336 isoclns_print(ndo, p - 1, length + 1); /* OSI printers need the NLPID field */
337 break;
338
339 case NLPID_SNAP:
340 if (snap_print(ndo, p, length, ND_BYTES_AVAILABLE_AFTER(p), NULL, NULL, 0) == 0) {
341 /* ether_type not known, print raw packet */
342 if (!ndo->ndo_eflag)
343 fr_hdr_print(ndo, length + hdr_len, hdr_len,
344 dlci, flags, nlpid);
345 if (!ndo->ndo_suppress_default_print)
346 ND_DEFAULTPRINT(p - hdr_len, length + hdr_len);
347 }
348 break;
349
350 case NLPID_Q933:
351 q933_print(ndo, p, length);
352 break;
353
354 case NLPID_MFR:
355 frf15_print(ndo, p, length);
356 break;
357
358 case NLPID_PPP:
359 ppp_print(ndo, p, length);
360 break;
361
362 default:
363 if (!ndo->ndo_eflag)
364 fr_hdr_print(ndo, length + hdr_len, addr_len,
365 dlci, flags, nlpid);
366 if (!ndo->ndo_xflag)
367 ND_DEFAULTPRINT(p, length);
368 }
369
370 return hdr_len;
371
372 trunc:
373 nd_print_trunc(ndo);
374 return 0;
375
376 }
377
378 /* Multi Link Frame Relay (FRF.16) */
379 void
mfr_if_print(netdissect_options * ndo,const struct pcap_pkthdr * h,const u_char * p)380 mfr_if_print(netdissect_options *ndo,
381 const struct pcap_pkthdr *h, const u_char *p)
382 {
383 u_int length = h->len;
384 u_int caplen = h->caplen;
385
386 ndo->ndo_protocol = "mfr";
387 if (caplen < 2) { /* minimum frame header length */
388 nd_print_trunc(ndo);
389 ndo->ndo_ll_hdr_len += caplen;
390 return;
391 }
392
393 ndo->ndo_ll_hdr_len += mfr_print(ndo, p, length);
394 }
395
396
397 #define MFR_CTRL_MSG_ADD_LINK 1
398 #define MFR_CTRL_MSG_ADD_LINK_ACK 2
399 #define MFR_CTRL_MSG_ADD_LINK_REJ 3
400 #define MFR_CTRL_MSG_HELLO 4
401 #define MFR_CTRL_MSG_HELLO_ACK 5
402 #define MFR_CTRL_MSG_REMOVE_LINK 6
403 #define MFR_CTRL_MSG_REMOVE_LINK_ACK 7
404
405 static const struct tok mfr_ctrl_msg_values[] = {
406 { MFR_CTRL_MSG_ADD_LINK, "Add Link" },
407 { MFR_CTRL_MSG_ADD_LINK_ACK, "Add Link ACK" },
408 { MFR_CTRL_MSG_ADD_LINK_REJ, "Add Link Reject" },
409 { MFR_CTRL_MSG_HELLO, "Hello" },
410 { MFR_CTRL_MSG_HELLO_ACK, "Hello ACK" },
411 { MFR_CTRL_MSG_REMOVE_LINK, "Remove Link" },
412 { MFR_CTRL_MSG_REMOVE_LINK_ACK, "Remove Link ACK" },
413 { 0, NULL }
414 };
415
416 #define MFR_CTRL_IE_BUNDLE_ID 1
417 #define MFR_CTRL_IE_LINK_ID 2
418 #define MFR_CTRL_IE_MAGIC_NUM 3
419 #define MFR_CTRL_IE_TIMESTAMP 5
420 #define MFR_CTRL_IE_VENDOR_EXT 6
421 #define MFR_CTRL_IE_CAUSE 7
422
423 static const struct tok mfr_ctrl_ie_values[] = {
424 { MFR_CTRL_IE_BUNDLE_ID, "Bundle ID"},
425 { MFR_CTRL_IE_LINK_ID, "Link ID"},
426 { MFR_CTRL_IE_MAGIC_NUM, "Magic Number"},
427 { MFR_CTRL_IE_TIMESTAMP, "Timestamp"},
428 { MFR_CTRL_IE_VENDOR_EXT, "Vendor Extension"},
429 { MFR_CTRL_IE_CAUSE, "Cause"},
430 { 0, NULL }
431 };
432
433 #define MFR_ID_STRING_MAXLEN 50
434
435 struct ie_tlv_header_t {
436 uint8_t ie_type;
437 uint8_t ie_len;
438 };
439
440 u_int
mfr_print(netdissect_options * ndo,const u_char * p,u_int length)441 mfr_print(netdissect_options *ndo,
442 const u_char *p, u_int length)
443 {
444 u_int tlen,idx,hdr_len = 0;
445 uint16_t sequence_num;
446 uint8_t ie_type,ie_len;
447 const uint8_t *tptr;
448
449
450 /*
451 * FRF.16 Link Integrity Control Frame
452 *
453 * 7 6 5 4 3 2 1 0
454 * +----+----+----+----+----+----+----+----+
455 * | B | E | C=1| 0 0 0 0 | EA |
456 * +----+----+----+----+----+----+----+----+
457 * | 0 0 0 0 0 0 0 0 |
458 * +----+----+----+----+----+----+----+----+
459 * | message type |
460 * +----+----+----+----+----+----+----+----+
461 */
462
463 ndo->ndo_protocol = "mfr";
464
465 if (length < 4) { /* minimum frame header length */
466 ND_PRINT("[length %u < 4]", length);
467 nd_print_invalid(ndo);
468 return length;
469 }
470 ND_TCHECK_4(p);
471
472 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_CTRL_FRAME && GET_U_1(p + 1) == 0) {
473 ND_PRINT("FRF.16 Control, Flags [%s], %s, length %u",
474 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)),
475 tok2str(mfr_ctrl_msg_values,"Unknown Message (0x%02x)",GET_U_1(p + 2)),
476 length);
477 tptr = p + 3;
478 tlen = length -3;
479 hdr_len = 3;
480
481 if (!ndo->ndo_vflag)
482 return hdr_len;
483
484 while (tlen>sizeof(struct ie_tlv_header_t)) {
485 ND_TCHECK_LEN(tptr, sizeof(struct ie_tlv_header_t));
486 ie_type=GET_U_1(tptr);
487 ie_len=GET_U_1(tptr + 1);
488
489 ND_PRINT("\n\tIE %s (%u), length %u: ",
490 tok2str(mfr_ctrl_ie_values,"Unknown",ie_type),
491 ie_type,
492 ie_len);
493
494 /* infinite loop check */
495 if (ie_type == 0 || ie_len <= sizeof(struct ie_tlv_header_t))
496 return hdr_len;
497
498 ND_TCHECK_LEN(tptr, ie_len);
499 tptr+=sizeof(struct ie_tlv_header_t);
500 /* tlv len includes header */
501 ie_len-=sizeof(struct ie_tlv_header_t);
502 tlen-=sizeof(struct ie_tlv_header_t);
503
504 switch (ie_type) {
505
506 case MFR_CTRL_IE_MAGIC_NUM:
507 /* FRF.16.1 Section 3.4.3 Magic Number Information Element */
508 if (ie_len != 4) {
509 ND_PRINT("[IE data length %d != 4]", ie_len);
510 nd_print_invalid(ndo);
511 break;
512 }
513 ND_PRINT("0x%08x", GET_BE_U_4(tptr));
514 break;
515
516 case MFR_CTRL_IE_BUNDLE_ID: /* same message format */
517 case MFR_CTRL_IE_LINK_ID:
518 for (idx = 0; idx < ie_len && idx < MFR_ID_STRING_MAXLEN; idx++) {
519 if (GET_U_1(tptr + idx) != 0) /* don't print null termination */
520 fn_print_char(ndo, GET_U_1(tptr + idx));
521 else
522 break;
523 }
524 break;
525
526 case MFR_CTRL_IE_TIMESTAMP:
527 /*
528 * FRF.16.1 Section 3.4.4 Timestamp Information Element
529 *
530 * The maximum length is 14 octets. Format is implementation
531 * specific.
532 */
533 if (ie_len > 14) {
534 ND_PRINT("[Timestamp IE length %d > 14]", ie_len);
535 nd_print_invalid(ndo);
536 break;
537 }
538 /* fall through and hexdump */
539 ND_FALL_THROUGH;
540
541 /*
542 * FIXME those are the defined IEs that lack a decoder
543 * you are welcome to contribute code ;-)
544 */
545
546 case MFR_CTRL_IE_VENDOR_EXT:
547 case MFR_CTRL_IE_CAUSE:
548
549 default:
550 if (ndo->ndo_vflag <= 1)
551 print_unknown_data(ndo, tptr, "\n\t ", ie_len);
552 break;
553 }
554
555 /* do we want to see a hexdump of the IE ? */
556 if (ndo->ndo_vflag > 1 )
557 print_unknown_data(ndo, tptr, "\n\t ", ie_len);
558
559 tlen-=ie_len;
560 tptr+=ie_len;
561 }
562 return hdr_len;
563 }
564 /*
565 * FRF.16 Fragmentation Frame
566 *
567 * 7 6 5 4 3 2 1 0
568 * +----+----+----+----+----+----+----+----+
569 * | B | E | C=0|seq. (high 4 bits) | EA |
570 * +----+----+----+----+----+----+----+----+
571 * | sequence (low 8 bits) |
572 * +----+----+----+----+----+----+----+----+
573 * | DLCI (6 bits) | CR | EA |
574 * +----+----+----+----+----+----+----+----+
575 * | DLCI (4 bits) |FECN|BECN| DE | EA |
576 * +----+----+----+----+----+----+----+----+
577 */
578
579 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1);
580 /* whole packet or first fragment ? */
581 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_FRAG_FRAME ||
582 (GET_U_1(p) & MFR_BEC_MASK) == MFR_B_BIT) {
583 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s], ",
584 sequence_num,
585 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)));
586 hdr_len = 2;
587 fr_print(ndo, p+hdr_len,length-hdr_len);
588 return hdr_len;
589 }
590
591 /* must be a middle or the last fragment */
592 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s]",
593 sequence_num,
594 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)));
595 print_unknown_data(ndo, p, "\n\t", length);
596
597 return hdr_len;
598
599 trunc:
600 nd_print_trunc(ndo);
601 return length;
602 }
603
604 /* an NLPID of 0xb1 indicates a 2-byte
605 * FRF.15 header
606 *
607 * 7 6 5 4 3 2 1 0
608 * +----+----+----+----+----+----+----+----+
609 * ~ Q.922 header ~
610 * +----+----+----+----+----+----+----+----+
611 * | NLPID (8 bits) | NLPID=0xb1
612 * +----+----+----+----+----+----+----+----+
613 * | B | E | C |seq. (high 4 bits) | R |
614 * +----+----+----+----+----+----+----+----+
615 * | sequence (low 8 bits) |
616 * +----+----+----+----+----+----+----+----+
617 */
618
619 #define FR_FRF15_FRAGTYPE 0x01
620
621 static void
frf15_print(netdissect_options * ndo,const u_char * p,u_int length)622 frf15_print(netdissect_options *ndo,
623 const u_char *p, u_int length)
624 {
625 uint16_t sequence_num, flags;
626
627 if (length < 2)
628 goto trunc;
629
630 flags = GET_U_1(p)&MFR_BEC_MASK;
631 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1);
632
633 ND_PRINT("FRF.15, seq 0x%03x, Flags [%s],%s Fragmentation, length %u",
634 sequence_num,
635 bittok2str(frf_flag_values,"none",flags),
636 GET_U_1(p)&FR_FRF15_FRAGTYPE ? "Interface" : "End-to-End",
637 length);
638
639 /* TODO:
640 * depending on all permutations of the B, E and C bit
641 * dig as deep as we can - e.g. on the first (B) fragment
642 * there is enough payload to print the IP header
643 * on non (B) fragments it depends if the fragmentation
644 * model is end-to-end or interface based whether we want to print
645 * another Q.922 header
646 */
647 return;
648
649 trunc:
650 nd_print_trunc(ndo);
651 }
652
653 /*
654 * Q.933 decoding portion for framerelay specific.
655 */
656
657 /* Q.933 packet format
658 Format of Other Protocols
659 using Q.933 NLPID
660 +-------------------------------+
661 | Q.922 Address |
662 +---------------+---------------+
663 |Control 0x03 | NLPID 0x08 |
664 +---------------+---------------+
665 | L2 Protocol ID |
666 | octet 1 | octet 2 |
667 +-------------------------------+
668 | L3 Protocol ID |
669 | octet 2 | octet 2 |
670 +-------------------------------+
671 | Protocol Data |
672 +-------------------------------+
673 | FCS |
674 +-------------------------------+
675 */
676
677 /* L2 (Octet 1)- Call Reference Usually is 0x0 */
678
679 /*
680 * L2 (Octet 2)- Message Types definition 1 byte long.
681 */
682 /* Call Establish */
683 #define MSG_TYPE_ESC_TO_NATIONAL 0x00
684 #define MSG_TYPE_ALERT 0x01
685 #define MSG_TYPE_CALL_PROCEEDING 0x02
686 #define MSG_TYPE_CONNECT 0x07
687 #define MSG_TYPE_CONNECT_ACK 0x0F
688 #define MSG_TYPE_PROGRESS 0x03
689 #define MSG_TYPE_SETUP 0x05
690 /* Call Clear */
691 #define MSG_TYPE_DISCONNECT 0x45
692 #define MSG_TYPE_RELEASE 0x4D
693 #define MSG_TYPE_RELEASE_COMPLETE 0x5A
694 #define MSG_TYPE_RESTART 0x46
695 #define MSG_TYPE_RESTART_ACK 0x4E
696 /* Status */
697 #define MSG_TYPE_STATUS 0x7D
698 #define MSG_TYPE_STATUS_ENQ 0x75
699
700 static const struct tok fr_q933_msg_values[] = {
701 { MSG_TYPE_ESC_TO_NATIONAL, "ESC to National" },
702 { MSG_TYPE_ALERT, "Alert" },
703 { MSG_TYPE_CALL_PROCEEDING, "Call proceeding" },
704 { MSG_TYPE_CONNECT, "Connect" },
705 { MSG_TYPE_CONNECT_ACK, "Connect ACK" },
706 { MSG_TYPE_PROGRESS, "Progress" },
707 { MSG_TYPE_SETUP, "Setup" },
708 { MSG_TYPE_DISCONNECT, "Disconnect" },
709 { MSG_TYPE_RELEASE, "Release" },
710 { MSG_TYPE_RELEASE_COMPLETE, "Release Complete" },
711 { MSG_TYPE_RESTART, "Restart" },
712 { MSG_TYPE_RESTART_ACK, "Restart ACK" },
713 { MSG_TYPE_STATUS, "Status Reply" },
714 { MSG_TYPE_STATUS_ENQ, "Status Enquiry" },
715 { 0, NULL }
716 };
717
718 #define IE_IS_SINGLE_OCTET(iecode) ((iecode) & 0x80)
719 #define IE_IS_SHIFT(iecode) (((iecode) & 0xF0) == 0x90)
720 #define IE_SHIFT_IS_NON_LOCKING(iecode) ((iecode) & 0x08)
721 #define IE_SHIFT_IS_LOCKING(iecode) (!(IE_SHIFT_IS_NON_LOCKING(iecode)))
722 #define IE_SHIFT_CODESET(iecode) ((iecode) & 0x07)
723
724 #define FR_LMI_ANSI_REPORT_TYPE_IE 0x01
725 #define FR_LMI_ANSI_LINK_VERIFY_IE_91 0x19 /* details? */
726 #define FR_LMI_ANSI_LINK_VERIFY_IE 0x03
727 #define FR_LMI_ANSI_PVC_STATUS_IE 0x07
728
729 #define FR_LMI_CCITT_REPORT_TYPE_IE 0x51
730 #define FR_LMI_CCITT_LINK_VERIFY_IE 0x53
731 #define FR_LMI_CCITT_PVC_STATUS_IE 0x57
732
733 static const struct tok fr_q933_ie_values_codeset_0_5[] = {
734 { FR_LMI_ANSI_REPORT_TYPE_IE, "ANSI Report Type" },
735 { FR_LMI_ANSI_LINK_VERIFY_IE_91, "ANSI Link Verify" },
736 { FR_LMI_ANSI_LINK_VERIFY_IE, "ANSI Link Verify" },
737 { FR_LMI_ANSI_PVC_STATUS_IE, "ANSI PVC Status" },
738 { FR_LMI_CCITT_REPORT_TYPE_IE, "CCITT Report Type" },
739 { FR_LMI_CCITT_LINK_VERIFY_IE, "CCITT Link Verify" },
740 { FR_LMI_CCITT_PVC_STATUS_IE, "CCITT PVC Status" },
741 { 0, NULL }
742 };
743
744 #define FR_LMI_REPORT_TYPE_IE_FULL_STATUS 0
745 #define FR_LMI_REPORT_TYPE_IE_LINK_VERIFY 1
746 #define FR_LMI_REPORT_TYPE_IE_ASYNC_PVC 2
747
748 static const struct tok fr_lmi_report_type_ie_values[] = {
749 { FR_LMI_REPORT_TYPE_IE_FULL_STATUS, "Full Status" },
750 { FR_LMI_REPORT_TYPE_IE_LINK_VERIFY, "Link verify" },
751 { FR_LMI_REPORT_TYPE_IE_ASYNC_PVC, "Async PVC Status" },
752 { 0, NULL }
753 };
754
755 /* array of 16 codesets - currently we only support codepage 0 and 5 */
756 static const struct tok *fr_q933_ie_codesets[] = {
757 fr_q933_ie_values_codeset_0_5,
758 NULL,
759 NULL,
760 NULL,
761 NULL,
762 fr_q933_ie_values_codeset_0_5,
763 NULL,
764 NULL,
765 NULL,
766 NULL,
767 NULL,
768 NULL,
769 NULL,
770 NULL,
771 NULL,
772 NULL
773 };
774
775 static int fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode,
776 u_int ielength, const u_char *p);
777
778 typedef int (*codeset_pr_func_t)(netdissect_options *, u_int iecode,
779 u_int ielength, const u_char *p);
780
781 /* array of 16 codesets - currently we only support codepage 0 and 5 */
782 static const codeset_pr_func_t fr_q933_print_ie_codeset[] = {
783 fr_q933_print_ie_codeset_0_5,
784 NULL,
785 NULL,
786 NULL,
787 NULL,
788 fr_q933_print_ie_codeset_0_5,
789 NULL,
790 NULL,
791 NULL,
792 NULL,
793 NULL,
794 NULL,
795 NULL,
796 NULL,
797 NULL,
798 NULL
799 };
800
801 /*
802 * ITU-T Q.933.
803 *
804 * p points to octet 2, the octet containing the length of the
805 * call reference value, so p[n] is octet n+2 ("octet X" is as
806 * used in Q.931/Q.933).
807 *
808 * XXX - actually used both for Q.931 and Q.933.
809 */
810 void
q933_print(netdissect_options * ndo,const u_char * p,u_int length)811 q933_print(netdissect_options *ndo,
812 const u_char *p, u_int length)
813 {
814 u_int olen;
815 u_int call_ref_length, i;
816 uint8_t call_ref[15]; /* maximum length - length field is 4 bits */
817 u_int msgtype;
818 u_int iecode;
819 u_int ielength;
820 u_int codeset = 0;
821 u_int is_ansi = 0;
822 u_int ie_is_known;
823 u_int non_locking_shift;
824 u_int unshift_codeset;
825
826 ndo->ndo_protocol = "q.933";
827 ND_PRINT("%s", ndo->ndo_eflag ? "" : "Q.933");
828
829 if (length == 0 || !ND_TTEST_1(p)) {
830 if (!ndo->ndo_eflag)
831 ND_PRINT(", ");
832 ND_PRINT("length %u", length);
833 goto trunc;
834 }
835
836 /*
837 * Get the length of the call reference value.
838 */
839 olen = length; /* preserve the original length for display */
840 call_ref_length = GET_U_1(p) & 0x0f;
841 p++;
842 length--;
843
844 /*
845 * Get the call reference value.
846 */
847 for (i = 0; i < call_ref_length; i++) {
848 if (length == 0 || !ND_TTEST_1(p)) {
849 if (!ndo->ndo_eflag)
850 ND_PRINT(", ");
851 ND_PRINT("length %u", olen);
852 goto trunc;
853 }
854 call_ref[i] = GET_U_1(p);
855 p++;
856 length--;
857 }
858
859 /*
860 * Get the message type.
861 */
862 if (length == 0 || !ND_TTEST_1(p)) {
863 if (!ndo->ndo_eflag)
864 ND_PRINT(", ");
865 ND_PRINT("length %u", olen);
866 goto trunc;
867 }
868 msgtype = GET_U_1(p);
869 p++;
870 length--;
871
872 /*
873 * Peek ahead to see if we start with a shift.
874 */
875 non_locking_shift = 0;
876 unshift_codeset = codeset;
877 if (length != 0) {
878 if (!ND_TTEST_1(p)) {
879 if (!ndo->ndo_eflag)
880 ND_PRINT(", ");
881 ND_PRINT("length %u", olen);
882 goto trunc;
883 }
884 iecode = GET_U_1(p);
885 if (IE_IS_SHIFT(iecode)) {
886 /*
887 * It's a shift. Skip over it.
888 */
889 p++;
890 length--;
891
892 /*
893 * Get the codeset.
894 */
895 codeset = IE_SHIFT_CODESET(iecode);
896
897 /*
898 * If it's a locking shift to codeset 5,
899 * mark this as ANSI. (XXX - 5 is actually
900 * for national variants in general, not
901 * the US variant in particular, but maybe
902 * this is more American exceptionalism. :-))
903 */
904 if (IE_SHIFT_IS_LOCKING(iecode)) {
905 /*
906 * It's a locking shift.
907 */
908 if (codeset == 5) {
909 /*
910 * It's a locking shift to
911 * codeset 5, so this is
912 * T1.617 Annex D.
913 */
914 is_ansi = 1;
915 }
916 } else {
917 /*
918 * It's a non-locking shift.
919 * Remember the current codeset, so we
920 * can revert to it after the next IE.
921 */
922 non_locking_shift = 1;
923 unshift_codeset = 0;
924 }
925 }
926 }
927
928 /* printing out header part */
929 if (!ndo->ndo_eflag)
930 ND_PRINT(", ");
931 ND_PRINT("%s, codeset %u", is_ansi ? "ANSI" : "CCITT", codeset);
932
933 if (call_ref_length != 0) {
934 if (call_ref_length > 1 || GET_U_1(p) != 0) {
935 /*
936 * Not a dummy call reference.
937 */
938 ND_PRINT(", Call Ref: 0x");
939 for (i = 0; i < call_ref_length; i++)
940 ND_PRINT("%02x", call_ref[i]);
941 }
942 }
943 if (ndo->ndo_vflag) {
944 ND_PRINT(", %s (0x%02x), length %u",
945 tok2str(fr_q933_msg_values,
946 "unknown message", msgtype),
947 msgtype,
948 olen);
949 } else {
950 ND_PRINT(", %s",
951 tok2str(fr_q933_msg_values,
952 "unknown message 0x%02x", msgtype));
953 }
954
955 /* Loop through the rest of the IEs */
956 while (length != 0) {
957 /*
958 * What's the state of any non-locking shifts?
959 */
960 if (non_locking_shift == 1) {
961 /*
962 * There's a non-locking shift in effect for
963 * this IE. Count it, so we reset the codeset
964 * before the next IE.
965 */
966 non_locking_shift = 2;
967 } else if (non_locking_shift == 2) {
968 /*
969 * Unshift.
970 */
971 codeset = unshift_codeset;
972 non_locking_shift = 0;
973 }
974
975 /*
976 * Get the first octet of the IE.
977 */
978 if (!ND_TTEST_1(p)) {
979 if (!ndo->ndo_vflag) {
980 ND_PRINT(", length %u", olen);
981 }
982 goto trunc;
983 }
984 iecode = GET_U_1(p);
985 p++;
986 length--;
987
988 /* Single-octet IE? */
989 if (IE_IS_SINGLE_OCTET(iecode)) {
990 /*
991 * Yes. Is it a shift?
992 */
993 if (IE_IS_SHIFT(iecode)) {
994 /*
995 * Yes. Is it locking?
996 */
997 if (IE_SHIFT_IS_LOCKING(iecode)) {
998 /*
999 * Yes.
1000 */
1001 non_locking_shift = 0;
1002 } else {
1003 /*
1004 * No. Remember the current
1005 * codeset, so we can revert
1006 * to it after the next IE.
1007 */
1008 non_locking_shift = 1;
1009 unshift_codeset = codeset;
1010 }
1011
1012 /*
1013 * Get the codeset.
1014 */
1015 codeset = IE_SHIFT_CODESET(iecode);
1016 }
1017 } else {
1018 /*
1019 * No. Get the IE length.
1020 */
1021 if (length == 0 || !ND_TTEST_1(p)) {
1022 if (!ndo->ndo_vflag) {
1023 ND_PRINT(", length %u", olen);
1024 }
1025 goto trunc;
1026 }
1027 ielength = GET_U_1(p);
1028 p++;
1029 length--;
1030
1031 /* lets do the full IE parsing only in verbose mode
1032 * however some IEs (DLCI Status, Link Verify)
1033 * are also interesting in non-verbose mode */
1034 if (ndo->ndo_vflag) {
1035 ND_PRINT("\n\t%s IE (0x%02x), length %u: ",
1036 tok2str(fr_q933_ie_codesets[codeset],
1037 "unknown", iecode),
1038 iecode,
1039 ielength);
1040 }
1041
1042 /* sanity checks */
1043 if (iecode == 0 || ielength == 0) {
1044 return;
1045 }
1046 if (length < ielength || !ND_TTEST_LEN(p, ielength)) {
1047 if (!ndo->ndo_vflag) {
1048 ND_PRINT(", length %u", olen);
1049 }
1050 goto trunc;
1051 }
1052
1053 ie_is_known = 0;
1054 if (fr_q933_print_ie_codeset[codeset] != NULL) {
1055 ie_is_known = fr_q933_print_ie_codeset[codeset](ndo, iecode, ielength, p);
1056 }
1057
1058 if (ie_is_known) {
1059 /*
1060 * Known IE; do we want to see a hexdump
1061 * of it?
1062 */
1063 if (ndo->ndo_vflag > 1) {
1064 /* Yes. */
1065 print_unknown_data(ndo, p, "\n\t ", ielength);
1066 }
1067 } else {
1068 /*
1069 * Unknown IE; if we're printing verbosely,
1070 * print its content in hex.
1071 */
1072 if (ndo->ndo_vflag >= 1) {
1073 print_unknown_data(ndo, p, "\n\t", ielength);
1074 }
1075 }
1076
1077 length -= ielength;
1078 p += ielength;
1079 }
1080 }
1081 if (!ndo->ndo_vflag) {
1082 ND_PRINT(", length %u", olen);
1083 }
1084 return;
1085
1086 trunc:
1087 nd_print_trunc(ndo);
1088 }
1089
1090 static int
fr_q933_print_ie_codeset_0_5(netdissect_options * ndo,u_int iecode,u_int ielength,const u_char * p)1091 fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode,
1092 u_int ielength, const u_char *p)
1093 {
1094 u_int dlci;
1095
1096 switch (iecode) {
1097
1098 case FR_LMI_ANSI_REPORT_TYPE_IE: /* fall through */
1099 case FR_LMI_CCITT_REPORT_TYPE_IE:
1100 if (ielength < 1) {
1101 if (!ndo->ndo_vflag) {
1102 ND_PRINT(", ");
1103 }
1104 ND_PRINT("Invalid REPORT TYPE IE");
1105 return 1;
1106 }
1107 if (ndo->ndo_vflag) {
1108 ND_PRINT("%s (%u)",
1109 tok2str(fr_lmi_report_type_ie_values,"unknown",GET_U_1(p)),
1110 GET_U_1(p));
1111 }
1112 return 1;
1113
1114 case FR_LMI_ANSI_LINK_VERIFY_IE: /* fall through */
1115 case FR_LMI_CCITT_LINK_VERIFY_IE:
1116 case FR_LMI_ANSI_LINK_VERIFY_IE_91:
1117 if (!ndo->ndo_vflag) {
1118 ND_PRINT(", ");
1119 }
1120 if (ielength < 2) {
1121 ND_PRINT("Invalid LINK VERIFY IE");
1122 return 1;
1123 }
1124 ND_PRINT("TX Seq: %3d, RX Seq: %3d", GET_U_1(p), GET_U_1(p + 1));
1125 return 1;
1126
1127 case FR_LMI_ANSI_PVC_STATUS_IE: /* fall through */
1128 case FR_LMI_CCITT_PVC_STATUS_IE:
1129 if (!ndo->ndo_vflag) {
1130 ND_PRINT(", ");
1131 }
1132 /* now parse the DLCI information element. */
1133 if ((ielength < 3) ||
1134 (GET_U_1(p) & 0x80) ||
1135 ((ielength == 3) && !(GET_U_1(p + 1) & 0x80)) ||
1136 ((ielength == 4) &&
1137 ((GET_U_1(p + 1) & 0x80) || !(GET_U_1(p + 2) & 0x80))) ||
1138 ((ielength == 5) &&
1139 ((GET_U_1(p + 1) & 0x80) || (GET_U_1(p + 2) & 0x80) ||
1140 !(GET_U_1(p + 3) & 0x80))) ||
1141 (ielength > 5) ||
1142 !(GET_U_1(p + ielength - 1) & 0x80)) {
1143 ND_PRINT("Invalid DLCI in PVC STATUS IE");
1144 return 1;
1145 }
1146
1147 dlci = ((GET_U_1(p) & 0x3F) << 4) | ((GET_U_1(p + 1) & 0x78) >> 3);
1148 if (ielength == 4) {
1149 dlci = (dlci << 6) | ((GET_U_1(p + 2) & 0x7E) >> 1);
1150 } else if (ielength == 5) {
1151 dlci = (dlci << 13) | (GET_U_1(p + 2) & 0x7F) | ((GET_U_1(p + 3) & 0x7E) >> 1);
1152 }
1153
1154 ND_PRINT("DLCI %u: status %s%s", dlci,
1155 GET_U_1(p + ielength - 1) & 0x8 ? "New, " : "",
1156 GET_U_1(p + ielength - 1) & 0x2 ? "Active" : "Inactive");
1157 return 1;
1158 }
1159
1160 return 0;
1161 }
1162