1 /*
2 * Redistribution and use in source and binary forms, with or without
3 * modification, are permitted provided that: (1) source code
4 * distributions retain the above copyright notice and this paragraph
5 * in its entirety, and (2) distributions including binary code include
6 * the above copyright notice and this paragraph in its entirety in
7 * the documentation or other materials provided with the distribution.
8 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
9 * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
10 * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
11 * FOR A PARTICULAR PURPOSE.
12 *
13 * Original code by Hannes Gredler (hannes@gredler.at)
14 */
15
16 /* \summary: Bidirectional Forwarding Detection (BFD) printer */
17
18 /*
19 * specification: draft-ietf-bfd-base-01 for version 0,
20 * RFC 5880 for version 1, and RFC 5881
21 */
22
23 #include <config.h>
24
25 #include "netdissect-stdinc.h"
26
27 #define ND_LONGJMP_FROM_TCHECK
28 #include "netdissect.h"
29 #include "extract.h"
30
31 #include "udp.h"
32
33 /*
34 * Control packet, BFDv0, draft-ietf-bfd-base-01
35 *
36 * 0 1 2 3
37 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
38 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
39 * |Vers | Diag |H|D|P|F|C|A|Rsv| Detect Mult | Length |
40 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
41 * | My Discriminator |
42 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
43 * | Your Discriminator |
44 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
45 * | Desired Min TX Interval |
46 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
47 * | Required Min RX Interval |
48 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
49 * | Required Min Echo RX Interval |
50 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
51 */
52
53 /*
54 * Control packet, BFDv1, RFC 5880
55 *
56 * 0 1 2 3
57 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
58 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
59 * |Vers | Diag |Sta|P|F|C|A|D|M| Detect Mult | Length |
60 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
61 * | My Discriminator |
62 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
63 * | Your Discriminator |
64 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
65 * | Desired Min TX Interval |
66 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
67 * | Required Min RX Interval |
68 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
69 * | Required Min Echo RX Interval |
70 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
71 */
72
73 struct bfd_header_t {
74 nd_uint8_t version_diag;
75 nd_uint8_t flags;
76 nd_uint8_t detect_time_multiplier;
77 nd_uint8_t length;
78 nd_uint32_t my_discriminator;
79 nd_uint32_t your_discriminator;
80 nd_uint32_t desired_min_tx_interval;
81 nd_uint32_t required_min_rx_interval;
82 nd_uint32_t required_min_echo_interval;
83 };
84
85 /*
86 * An optional Authentication Header may be present
87 *
88 * 0 1 2 3
89 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
90 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
91 * | Auth Type | Auth Len | Authentication Data... |
92 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
93 */
94
95 struct bfd_auth_header_t {
96 nd_uint8_t auth_type;
97 nd_uint8_t auth_len;
98 nd_uint8_t auth_data;
99 nd_uint8_t dummy; /* minimum 4 bytes */
100 };
101
102 enum auth_type {
103 AUTH_PASSWORD = 1,
104 AUTH_MD5 = 2,
105 AUTH_MET_MD5 = 3,
106 AUTH_SHA1 = 4,
107 AUTH_MET_SHA1 = 5
108 };
109
110 static const struct tok bfd_v1_authentication_values[] = {
111 { AUTH_PASSWORD, "Simple Password" },
112 { AUTH_MD5, "Keyed MD5" },
113 { AUTH_MET_MD5, "Meticulous Keyed MD5" },
114 { AUTH_SHA1, "Keyed SHA1" },
115 { AUTH_MET_SHA1, "Meticulous Keyed SHA1" },
116 { 0, NULL }
117 };
118
119 enum auth_length {
120 AUTH_PASSWORD_FIELD_MIN_LEN = 4, /* header + password min: 3 + 1 */
121 AUTH_PASSWORD_FIELD_MAX_LEN = 19, /* header + password max: 3 + 16 */
122 AUTH_MD5_FIELD_LEN = 24,
123 AUTH_MD5_HASH_LEN = 16,
124 AUTH_SHA1_FIELD_LEN = 28,
125 AUTH_SHA1_HASH_LEN = 20
126 };
127
128 #define BFD_EXTRACT_VERSION(x) (((x)&0xe0)>>5)
129 #define BFD_EXTRACT_DIAG(x) ((x)&0x1f)
130
131 static const struct tok bfd_diag_values[] = {
132 { 0, "No Diagnostic" },
133 { 1, "Control Detection Time Expired" },
134 { 2, "Echo Function Failed" },
135 { 3, "Neighbor Signaled Session Down" },
136 { 4, "Forwarding Plane Reset" },
137 { 5, "Path Down" },
138 { 6, "Concatenated Path Down" },
139 { 7, "Administratively Down" },
140 { 8, "Reverse Concatenated Path Down" },
141 { 0, NULL }
142 };
143
144 static const struct tok bfd_port_values[] = {
145 { BFD_CONTROL_PORT, "Control" },
146 { BFD_MULTIHOP_PORT, "Multihop" },
147 { BFD_LAG_PORT, "Lag" },
148 { 0, NULL }
149 };
150
151 #define BFD_FLAG_AUTH 0x04
152
153 static const struct tok bfd_v0_flag_values[] = {
154 { 0x80, "I Hear You" },
155 { 0x40, "Demand" },
156 { 0x20, "Poll" },
157 { 0x10, "Final" },
158 { 0x08, "Control Plane Independent" },
159 { BFD_FLAG_AUTH, "Authentication Present" },
160 { 0x02, "Reserved" },
161 { 0x01, "Reserved" },
162 { 0, NULL }
163 };
164
165 static const struct tok bfd_v1_flag_values[] = {
166 { 0x20, "Poll" },
167 { 0x10, "Final" },
168 { 0x08, "Control Plane Independent" },
169 { BFD_FLAG_AUTH, "Authentication Present" },
170 { 0x02, "Demand" },
171 { 0x01, "Multipoint" },
172 { 0, NULL }
173 };
174
175 static const struct tok bfd_v1_state_values[] = {
176 { 0, "AdminDown" },
177 { 1, "Down" },
178 { 2, "Init" },
179 { 3, "Up" },
180 { 0, NULL }
181 };
182
183 static void
auth_print(netdissect_options * ndo,const u_char * pptr)184 auth_print(netdissect_options *ndo, const u_char *pptr)
185 {
186 const struct bfd_auth_header_t *bfd_auth_header;
187 uint8_t auth_type, auth_len;
188 int i;
189
190 pptr += sizeof (struct bfd_header_t);
191 bfd_auth_header = (const struct bfd_auth_header_t *)pptr;
192 ND_TCHECK_SIZE(bfd_auth_header);
193 auth_type = GET_U_1(bfd_auth_header->auth_type);
194 auth_len = GET_U_1(bfd_auth_header->auth_len);
195 ND_PRINT("\n\tAuthentication: %s (%u), length: %u",
196 tok2str(bfd_v1_authentication_values,"Unknown",auth_type),
197 auth_type, auth_len);
198 pptr += 2;
199 ND_PRINT("\n\t Auth Key ID: %u", GET_U_1(pptr));
200
201 switch(auth_type) {
202 case AUTH_PASSWORD:
203 /*
204 * Simple Password Authentication Section Format
205 *
206 * 0 1 2 3
207 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
208 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
209 * | Auth Type | Auth Len | Auth Key ID | Password... |
210 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
211 * | ... |
212 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
213 */
214 if (auth_len < AUTH_PASSWORD_FIELD_MIN_LEN ||
215 auth_len > AUTH_PASSWORD_FIELD_MAX_LEN) {
216 ND_PRINT("[invalid length %u]",
217 auth_len);
218 break;
219 }
220 pptr++;
221 ND_PRINT(", Password: ");
222 /* the length is equal to the password length plus three */
223 (void)nd_printn(ndo, pptr, auth_len - 3, NULL);
224 break;
225 case AUTH_MD5:
226 case AUTH_MET_MD5:
227 /*
228 * Keyed MD5 and Meticulous Keyed MD5 Authentication Section Format
229 *
230 * 0 1 2 3
231 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
232 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
233 * | Auth Type | Auth Len | Auth Key ID | Reserved |
234 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
235 * | Sequence Number |
236 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
237 * | Auth Key/Digest... |
238 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
239 * | ... |
240 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
241 */
242 if (auth_len != AUTH_MD5_FIELD_LEN) {
243 ND_PRINT("[invalid length %u]",
244 auth_len);
245 break;
246 }
247 pptr += 2;
248 ND_PRINT(", Sequence Number: 0x%08x", GET_BE_U_4(pptr));
249 pptr += 4;
250 ND_TCHECK_LEN(pptr, AUTH_MD5_HASH_LEN);
251 ND_PRINT("\n\t Digest: ");
252 for(i = 0; i < AUTH_MD5_HASH_LEN; i++)
253 ND_PRINT("%02x", GET_U_1(pptr + i));
254 break;
255 case AUTH_SHA1:
256 case AUTH_MET_SHA1:
257 /*
258 * Keyed SHA1 and Meticulous Keyed SHA1 Authentication Section Format
259 *
260 * 0 1 2 3
261 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
262 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
263 * | Auth Type | Auth Len | Auth Key ID | Reserved |
264 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
265 * | Sequence Number |
266 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
267 * | Auth Key/Hash... |
268 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
269 * | ... |
270 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
271 */
272 if (auth_len != AUTH_SHA1_FIELD_LEN) {
273 ND_PRINT("[invalid length %u]",
274 auth_len);
275 break;
276 }
277 pptr += 2;
278 ND_PRINT(", Sequence Number: 0x%08x", GET_BE_U_4(pptr));
279 pptr += 4;
280 ND_TCHECK_LEN(pptr, AUTH_SHA1_HASH_LEN);
281 ND_PRINT("\n\t Hash: ");
282 for(i = 0; i < AUTH_SHA1_HASH_LEN; i++)
283 ND_PRINT("%02x", GET_U_1(pptr + i));
284 break;
285 }
286 }
287
288 void
bfd_print(netdissect_options * ndo,const u_char * pptr,u_int len,u_int port)289 bfd_print(netdissect_options *ndo, const u_char *pptr,
290 u_int len, u_int port)
291 {
292 ndo->ndo_protocol = "bfd";
293 if (port == BFD_CONTROL_PORT ||
294 port == BFD_MULTIHOP_PORT ||
295 port == BFD_LAG_PORT) {
296 /*
297 * Control packet.
298 */
299 const struct bfd_header_t *bfd_header;
300 uint8_t version_diag;
301 uint8_t version = 0;
302 uint8_t flags;
303
304 bfd_header = (const struct bfd_header_t *)pptr;
305 ND_TCHECK_SIZE(bfd_header);
306 version_diag = GET_U_1(bfd_header->version_diag);
307 version = BFD_EXTRACT_VERSION(version_diag);
308 flags = GET_U_1(bfd_header->flags);
309
310 switch (version) {
311
312 /* BFDv0 */
313 case 0:
314 if (ndo->ndo_vflag < 1) {
315 ND_PRINT("BFDv0, Control, Flags: [%s], length: %u",
316 bittok2str(bfd_v0_flag_values, "none", flags),
317 len);
318 return;
319 }
320
321 ND_PRINT("BFDv0, length: %u\n\tControl, Flags: [%s], Diagnostic: %s (0x%02x)",
322 len,
323 bittok2str(bfd_v0_flag_values, "none", flags),
324 tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
325 BFD_EXTRACT_DIAG(version_diag));
326
327 ND_PRINT("\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
328 GET_U_1(bfd_header->detect_time_multiplier),
329 GET_U_1(bfd_header->detect_time_multiplier) * GET_BE_U_4(bfd_header->desired_min_tx_interval)/1000,
330 GET_U_1(bfd_header->length));
331
332
333 ND_PRINT("\n\tMy Discriminator: 0x%08x",
334 GET_BE_U_4(bfd_header->my_discriminator));
335 ND_PRINT(", Your Discriminator: 0x%08x",
336 GET_BE_U_4(bfd_header->your_discriminator));
337 ND_PRINT("\n\t Desired min Tx Interval: %4u ms",
338 GET_BE_U_4(bfd_header->desired_min_tx_interval)/1000);
339 ND_PRINT("\n\t Required min Rx Interval: %4u ms",
340 GET_BE_U_4(bfd_header->required_min_rx_interval)/1000);
341 ND_PRINT("\n\t Required min Echo Interval: %4u ms",
342 GET_BE_U_4(bfd_header->required_min_echo_interval)/1000);
343
344 if (flags & BFD_FLAG_AUTH) {
345 auth_print(ndo, pptr);
346 }
347 break;
348
349 /* BFDv1 */
350 case 1:
351 if (ndo->ndo_vflag < 1) {
352 ND_PRINT("BFDv1, %s, State %s, Flags: [%s], length: %u",
353 tok2str(bfd_port_values, "unknown (%u)", port),
354 tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
355 bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
356 len);
357 return;
358 }
359
360 ND_PRINT("BFDv1, length: %u\n\t%s, State %s, Flags: [%s], Diagnostic: %s (0x%02x)",
361 len,
362 tok2str(bfd_port_values, "unknown (%u)", port),
363 tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
364 bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
365 tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
366 BFD_EXTRACT_DIAG(version_diag));
367
368 ND_PRINT("\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
369 GET_U_1(bfd_header->detect_time_multiplier),
370 GET_U_1(bfd_header->detect_time_multiplier) * GET_BE_U_4(bfd_header->desired_min_tx_interval)/1000,
371 GET_U_1(bfd_header->length));
372
373
374 ND_PRINT("\n\tMy Discriminator: 0x%08x",
375 GET_BE_U_4(bfd_header->my_discriminator));
376 ND_PRINT(", Your Discriminator: 0x%08x",
377 GET_BE_U_4(bfd_header->your_discriminator));
378 ND_PRINT("\n\t Desired min Tx Interval: %4u ms",
379 GET_BE_U_4(bfd_header->desired_min_tx_interval)/1000);
380 ND_PRINT("\n\t Required min Rx Interval: %4u ms",
381 GET_BE_U_4(bfd_header->required_min_rx_interval)/1000);
382 ND_PRINT("\n\t Required min Echo Interval: %4u ms",
383 GET_BE_U_4(bfd_header->required_min_echo_interval)/1000);
384
385 if (flags & BFD_FLAG_AUTH) {
386 auth_print(ndo, pptr);
387 }
388 break;
389
390 default:
391 ND_PRINT("BFDv%u, Control, length: %u",
392 version,
393 len);
394 if (ndo->ndo_vflag >= 1) {
395 if(!print_unknown_data(ndo, pptr,"\n\t",len))
396 return;
397 }
398 break;
399 }
400 } else if (port == BFD_ECHO_PORT) {
401 /*
402 * Echo packet.
403 */
404 ND_PRINT("BFD, Echo, length: %u",
405 len);
406 if (ndo->ndo_vflag >= 1) {
407 if(!print_unknown_data(ndo, pptr,"\n\t",len))
408 return;
409 }
410 } else {
411 /*
412 * Unknown packet type.
413 */
414 ND_PRINT("BFD, unknown (%u), length: %u",
415 port,
416 len);
417 if (ndo->ndo_vflag >= 1) {
418 if(!print_unknown_data(ndo, pptr,"\n\t",len))
419 return;
420 }
421 }
422 }
423