1 /* 2 * Copyright (c) 1988-1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Copyright (c) 1998-2012 Michael Richardson <mcr@tcpdump.org> 6 * The TCPDUMP project 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that: (1) source code distributions 10 * retain the above copyright notice and this paragraph in its entirety, (2) 11 * distributions including binary code include the above copyright notice and 12 * this paragraph in its entirety in the documentation or other materials 13 * provided with the distribution, and (3) all advertising materials mentioning 14 * features or use of this software display the following acknowledgement: 15 * ``This product includes software developed by the University of California, 16 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 17 * the University nor the names of its contributors may be used to endorse 18 * or promote products derived from this software without specific prior 19 * written permission. 20 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 21 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 22 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 23 * 24 * @(#) $Header: /tcpdump/master/tcpdump/netdissect.h,v 1.27 2008-08-16 11:36:20 hannes Exp $ (LBL) 25 */ 26 27 #ifndef netdissect_h 28 #define netdissect_h 29 30 #ifdef HAVE_OS_PROTO_H 31 #include "os-proto.h" 32 #endif 33 #include <sys/types.h> 34 35 #ifndef HAVE___ATTRIBUTE__ 36 #define __attribute__(x) 37 #endif 38 39 /* snprintf et al */ 40 41 #include <stdarg.h> 42 43 #if !defined(HAVE_SNPRINTF) 44 int snprintf (char *str, size_t sz, const char *format, ...) 45 __attribute__ ((format (printf, 3, 4))); 46 #endif 47 48 #if !defined(HAVE_VSNPRINTF) 49 int vsnprintf (char *str, size_t sz, const char *format, va_list ap) 50 __attribute__((format (printf, 3, 0))); 51 #endif 52 53 #ifndef HAVE_STRLCAT 54 extern size_t strlcat (char *, const char *, size_t); 55 #endif 56 #ifndef HAVE_STRLCPY 57 extern size_t strlcpy (char *, const char *, size_t); 58 #endif 59 60 #ifndef HAVE_STRDUP 61 extern char *strdup (const char *str); 62 #endif 63 64 #ifndef HAVE_STRSEP 65 extern char *strsep(char **, const char *); 66 #endif 67 68 struct tok { 69 int v; /* value */ 70 const char *s; /* string */ 71 }; 72 73 #define TOKBUFSIZE 128 74 extern const char *tok2strbuf(const struct tok *, const char *, int, 75 char *buf, size_t bufsize); 76 77 /* tok2str is deprecated */ 78 extern const char *tok2str(const struct tok *, const char *, int); 79 extern char *bittok2str(const struct tok *, const char *, int); 80 extern char *bittok2str_nosep(const struct tok *, const char *, int); 81 82 83 typedef struct netdissect_options netdissect_options; 84 85 struct netdissect_options { 86 int ndo_aflag; /* translate network and broadcast addresses */ 87 int ndo_bflag; /* print 4 byte ASes in ASDOT notation */ 88 int ndo_eflag; /* print ethernet header */ 89 int ndo_fflag; /* don't translate "foreign" IP address */ 90 int ndo_Kflag; /* don't check TCP checksums */ 91 int ndo_nflag; /* leave addresses as numbers */ 92 int ndo_Nflag; /* remove domains from printed host names */ 93 int ndo_qflag; /* quick (shorter) output */ 94 int ndo_Rflag; /* print sequence # field in AH/ESP*/ 95 int ndo_sflag; /* use the libsmi to translate OIDs */ 96 int ndo_Sflag; /* print raw TCP sequence numbers */ 97 int ndo_tflag; /* print packet arrival time */ 98 int ndo_Uflag; /* "unbuffered" output of dump files */ 99 int ndo_uflag; /* Print undecoded NFS handles */ 100 int ndo_vflag; /* verbose */ 101 int ndo_xflag; /* print packet in hex */ 102 int ndo_Xflag; /* print packet in hex/ascii */ 103 int ndo_Aflag; /* print packet only in ascii observing TAB, 104 * LF, CR and SPACE as graphical chars 105 */ 106 int ndo_Bflag; /* buffer size */ 107 int ndo_Iflag; /* rfmon (monitor) mode */ 108 int ndo_Oflag; /* run filter code optimizer */ 109 int ndo_dlt; /* if != -1, ask libpcap for the DLT it names*/ 110 int ndo_jflag; /* packet time stamp source */ 111 int ndo_pflag; /* don't go promiscuous */ 112 113 int ndo_Cflag; /* rotate dump files after this many bytes */ 114 int ndo_Cflag_count; /* Keep track of which file number we're writing */ 115 int ndo_Gflag; /* rotate dump files after this many seconds */ 116 int ndo_Gflag_count; /* number of files created with Gflag rotation */ 117 time_t ndo_Gflag_time; /* The last time_t the dump file was rotated. */ 118 int ndo_Wflag; /* recycle output files after this number of files */ 119 int ndo_WflagChars; 120 int ndo_Hflag; /* dissect 802.11s draft mesh standard */ 121 int ndo_suppress_default_print; /* don't use default_print() for unknown packet types */ 122 const char *ndo_dltname; 123 124 char *ndo_espsecret; 125 struct sa_list *ndo_sa_list_head; /* used by print-esp.c */ 126 struct sa_list *ndo_sa_default; 127 128 char *ndo_sigsecret; /* Signature verification secret key */ 129 130 struct esp_algorithm *ndo_espsecret_xform; /* cache of decoded */ 131 char *ndo_espsecret_key; 132 133 int ndo_packettype; /* as specified by -T */ 134 135 char *ndo_program_name; /*used to generate self-identifying messages */ 136 137 int32_t ndo_thiszone; /* seconds offset from gmt to local time */ 138 139 int ndo_snaplen; 140 141 /*global pointers to beginning and end of current packet (during printing) */ 142 const u_char *ndo_packetp; 143 const u_char *ndo_snapend; 144 145 /* bookkeeping for ^T output */ 146 int ndo_infodelay; 147 148 /* pointer to void function to output stuff */ 149 void (*ndo_default_print)(netdissect_options *, 150 register const u_char *bp, register u_int length); 151 void (*ndo_info)(netdissect_options *, int verbose); 152 153 int (*ndo_printf)(netdissect_options *, 154 const char *fmt, ...) 155 #ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 156 __attribute__ ((format (printf, 2, 3))) 157 #endif 158 ; 159 void (*ndo_error)(netdissect_options *, 160 const char *fmt, ...) 161 #ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 162 __attribute__ ((noreturn, format (printf, 2, 3))) 163 #endif 164 ; 165 void (*ndo_warning)(netdissect_options *, 166 const char *fmt, ...) 167 #ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 168 __attribute__ ((format (printf, 2, 3))) 169 #endif 170 ; 171 }; 172 173 #define PT_VAT 1 /* Visual Audio Tool */ 174 #define PT_WB 2 /* distributed White Board */ 175 #define PT_RPC 3 /* Remote Procedure Call */ 176 #define PT_RTP 4 /* Real-Time Applications protocol */ 177 #define PT_RTCP 5 /* Real-Time Applications control protocol */ 178 #define PT_SNMP 6 /* Simple Network Management Protocol */ 179 #define PT_CNFP 7 /* Cisco NetFlow protocol */ 180 #define PT_TFTP 8 /* trivial file transfer protocol */ 181 #define PT_AODV 9 /* Ad-hoc On-demand Distance Vector Protocol */ 182 #define PT_CARP 10 /* Common Address Redundancy Protocol */ 183 #define PT_RADIUS 11 /* RADIUS authentication Protocol */ 184 #define PT_ZMTP1 12 /* ZeroMQ Message Transport Protocol 1.0 */ 185 #define PT_VXLAN 13 /* Virtual eXtensible Local Area Network */ 186 187 #ifndef min 188 #define min(a,b) ((a)>(b)?(b):(a)) 189 #endif 190 #ifndef max 191 #define max(a,b) ((b)>(a)?(b):(a)) 192 #endif 193 194 /* 195 * Maximum snapshot length. This should be enough to capture the full 196 * packet on most network interfaces. 197 * 198 * XXX - could it be larger? If so, should it? Some applications might 199 * use the snapshot length in a savefile header to control the size of 200 * the buffer they allocate, so a size of, say, 2^31-1 might not work 201 * well. 202 */ 203 #define MAXIMUM_SNAPLEN 65535 204 205 /* 206 * The default snapshot length is the maximum. 207 */ 208 #define DEFAULT_SNAPLEN MAXIMUM_SNAPLEN 209 210 #define ESRC(ep) ((ep)->ether_shost) 211 #define EDST(ep) ((ep)->ether_dhost) 212 213 #ifndef NTOHL 214 #define NTOHL(x) (x) = ntohl(x) 215 #define NTOHS(x) (x) = ntohs(x) 216 #define HTONL(x) (x) = htonl(x) 217 #define HTONS(x) (x) = htons(x) 218 #endif 219 220 /* 221 * True if "l" bytes of "var" were captured. 222 * 223 * The "ndo->ndo_snapend - (l) <= ndo->ndo_snapend" checks to make sure 224 * "l" isn't so large that "ndo->ndo_snapend - (l)" underflows. 225 * 226 * The check is for <= rather than < because "l" might be 0. 227 */ 228 #define ND_TTEST2(var, l) (ndo->ndo_snapend - (l) <= ndo->ndo_snapend && \ 229 (const u_char *)&(var) <= ndo->ndo_snapend - (l)) 230 231 /* True if "var" was captured */ 232 #define ND_TTEST(var) ND_TTEST2(var, sizeof(var)) 233 234 /* Bail if "l" bytes of "var" were not captured */ 235 #define ND_TCHECK2(var, l) if (!ND_TTEST2(var, l)) goto trunc 236 237 /* Bail if "var" was not captured */ 238 #define ND_TCHECK(var) ND_TCHECK2(var, sizeof(var)) 239 240 #define ND_PRINT(STUFF) (*ndo->ndo_printf)STUFF 241 #define ND_DEFAULTPRINT(ap, length) (*ndo->ndo_default_print)(ndo, ap, length) 242 243 #if 0 244 extern void ts_print(netdissect_options *ipdo, 245 const struct timeval *); 246 extern void relts_print(int); 247 #endif 248 249 extern int fn_print(const u_char *, const u_char *); 250 extern int fn_printn(const u_char *, u_int, const u_char *); 251 extern const char *tok2str(const struct tok *, const char *, int); 252 253 extern void wrapup(int); 254 255 #if 0 256 extern char *read_infile(netdissect_options *, char *); 257 extern char *copy_argv(netdissect_options *, char **); 258 #endif 259 260 extern void safeputchar(int); 261 extern void safeputs(const char *, int); 262 263 #define PLURAL_SUFFIX(n) \ 264 (((n) != 1) ? "s" : "") 265 266 #if 0 267 extern const char *isonsap_string(netdissect_options *, const u_char *); 268 extern const char *protoid_string(netdissect_options *, const u_char *); 269 extern const char *dnname_string(netdissect_options *, u_short); 270 extern const char *dnnum_string(netdissect_options *, u_short); 271 #endif 272 273 /* The printer routines. */ 274 275 #include <pcap.h> 276 277 typedef u_int (*if_ndo_printer)(struct netdissect_options *ndo, 278 const struct pcap_pkthdr *, const u_char *); 279 typedef u_int (*if_printer)(const struct pcap_pkthdr *, const u_char *); 280 281 extern if_ndo_printer lookup_ndo_printer(int); 282 extern if_printer lookup_printer(int); 283 284 extern void eap_print(netdissect_options *,const u_char *, u_int); 285 extern int esp_print(netdissect_options *, 286 register const u_char *bp, int len, register const u_char *bp2, 287 int *nhdr, int *padlen); 288 extern void arp_print(netdissect_options *,const u_char *, u_int, u_int); 289 extern void tipc_print(netdissect_options *, const u_char *, u_int, u_int); 290 extern void msnlb_print(netdissect_options *, const u_char *, u_int); 291 extern void icmp6_print(netdissect_options *ndo, const u_char *, 292 u_int, const u_char *, int); 293 extern void isakmp_print(netdissect_options *,const u_char *, 294 u_int, const u_char *); 295 extern void isakmp_rfc3948_print(netdissect_options *,const u_char *, 296 u_int, const u_char *); 297 extern void ip_print(netdissect_options *,const u_char *, u_int); 298 extern void ip_print_inner(netdissect_options *ndo, 299 const u_char *bp, u_int length, u_int nh, 300 const u_char *bp2); 301 extern void rrcp_print(netdissect_options *,const u_char *, u_int); 302 303 extern void ether_print(netdissect_options *, 304 const u_char *, u_int, u_int, 305 void (*)(netdissect_options *, const u_char *), 306 const u_char *); 307 308 extern u_int ether_if_print(netdissect_options *, 309 const struct pcap_pkthdr *,const u_char *); 310 extern u_int netanalyzer_if_print(netdissect_options *, 311 const struct pcap_pkthdr *,const u_char *); 312 extern u_int netanalyzer_transparent_if_print(netdissect_options *, 313 const struct pcap_pkthdr *, 314 const u_char *); 315 316 extern int ethertype_print(netdissect_options *,u_short, const u_char *, 317 u_int, u_int); 318 319 /* stuff that has not yet been rototiled */ 320 #if 0 321 extern void ascii_print(netdissect_options *,u_int); 322 extern void hex_and_ascii_print_with_offset(netdissect_options *,const char *, 323 u_int, u_int); 324 extern void hex_and_ascii_print(netdissect_options *,const char *, u_int); 325 extern void hex_print_with_offset(netdissect_options *,const char *, 326 u_int, u_int); 327 extern void hex_print(netdissect_options *,const char *, u_int); 328 extern void telnet_print(netdissect_options *,const u_char *, u_int); 329 extern int llc_print(netdissect_options *, 330 const u_char *, u_int, u_int, const u_char *, 331 const u_char *, u_short *); 332 extern void aarp_print(netdissect_options *,const u_char *, u_int); 333 extern void atalk_print(netdissect_options *,const u_char *, u_int); 334 extern void atm_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 335 extern void bootp_print(netdissect_options *,const u_char *, 336 u_int, u_short, u_short); 337 extern void bgp_print(netdissect_options *,const u_char *, int); 338 extern void bxxp_print(netdissect_options *,const u_char *, u_int); 339 extern void chdlc_if_print(u_char *user, const struct pcap_pkthdr *h, 340 register const u_char *p); 341 extern void chdlc_print(netdissect_options *ndo, 342 register const u_char *p, u_int length, u_int caplen); 343 extern void cisco_autorp_print(netdissect_options *, 344 const u_char *, u_int); 345 extern void cnfp_print(netdissect_options *,const u_char *cp, 346 u_int len, const u_char *bp); 347 extern void decnet_print(netdissect_options *,const u_char *, 348 u_int, u_int); 349 extern void default_print(netdissect_options *,const u_char *, u_int); 350 extern void dvmrp_print(netdissect_options *,const u_char *, u_int); 351 extern void egp_print(netdissect_options *,const u_char *, u_int, 352 const u_char *); 353 354 extern void arcnet_if_print(u_char*,const struct pcap_pkthdr *,const u_char *); 355 extern void token_if_print(u_char *,const struct pcap_pkthdr *,const u_char *); 356 extern void fddi_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 357 358 extern void gre_print(netdissect_options *,const u_char *, u_int); 359 extern void icmp_print(netdissect_options *,const u_char *, u_int, 360 const u_char *); 361 extern void hsrp_print(netdissect_options *ndo, 362 register const u_char *bp, register u_int len); 363 extern void ieee802_11_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 364 extern void igmp_print(netdissect_options *, 365 register const u_char *, u_int); 366 extern void igrp_print(netdissect_options *,const u_char *, u_int, 367 const u_char *); 368 extern int nextproto4_cksum(const struct ip *, const u_int8_t *, u_int, u_int); 369 extern void ipN_print(netdissect_options *,const u_char *, u_int); 370 extern void ipx_print(netdissect_options *,const u_char *, u_int); 371 extern void isoclns_print(netdissect_options *,const u_char *, 372 u_int, u_int, const u_char *, const u_char *); 373 extern void krb_print(netdissect_options *,const u_char *, u_int); 374 extern void llap_print(netdissect_options *,const u_char *, u_int); 375 extern const char *linkaddr_string(netdissect_options *ndo, 376 const u_char *ep, const unsigned int len); 377 extern void ltalk_if_print(netdissect_options *ndo, 378 u_char *user, const struct pcap_pkthdr *h, 379 const u_char *p); 380 extern void mpls_print(netdissect_options *ndo, 381 const u_char *bp, u_int length); 382 extern void msdp_print(netdissect_options *ndo, 383 const unsigned char *sp, u_int length); 384 extern void nfsreply_print(netdissect_options *,const u_char *, 385 u_int, const u_char *); 386 extern void nfsreq_print(netdissect_options *,const u_char *, 387 u_int, const u_char *); 388 extern void ns_print(netdissect_options *,const u_char *, u_int); 389 extern void ntp_print(netdissect_options *,const u_char *, u_int); 390 extern void null_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 391 extern void ospf_print(netdissect_options *,const u_char *, 392 u_int, const u_char *); 393 extern void pimv1_print(netdissect_options *,const u_char *, u_int); 394 extern void mobile_print(netdissect_options *,const u_char *, u_int); 395 extern void pim_print(netdissect_options *,const u_char *, u_int, u_int); 396 extern void pppoe_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 397 extern void pppoe_print(netdissect_options *,const u_char *, u_int); 398 extern void ppp_print(netdissect_options *, 399 register const u_char *, u_int); 400 401 extern void ppp_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 402 extern void ppp_hdlc_if_print(u_char *, 403 const struct pcap_pkthdr *, const u_char *); 404 extern void ppp_bsdos_if_print(u_char *, 405 const struct pcap_pkthdr *, const u_char *); 406 407 extern int vjc_print(netdissect_options *,register const char *, 408 register u_int, u_short); 409 410 extern void raw_if_print(u_char *, 411 const struct pcap_pkthdr *, const u_char *); 412 413 extern void rip_print(netdissect_options *,const u_char *, u_int); 414 extern void rpki_rtr_print(netdissect_options *,const u_char *, u_int); 415 416 extern void sctp_print(netdissect_options *ndo, 417 const u_char *bp, const u_char *bp2, 418 u_int sctpPacketLength); 419 420 extern void sl_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 421 422 extern void lane_if_print(u_char *,const struct pcap_pkthdr *,const u_char *); 423 extern void cip_if_print(u_char *,const struct pcap_pkthdr *,const u_char *); 424 extern void sl_bsdos_if_print(u_char *, 425 const struct pcap_pkthdr *, const u_char *); 426 extern void sll_if_print(u_char *, 427 const struct pcap_pkthdr *, const u_char *); 428 429 extern void snmp_print(netdissect_options *,const u_char *, u_int); 430 extern void sunrpcrequest_print(netdissect_options *,const u_char *, 431 u_int, const u_char *); 432 extern void tcp_print(netdissect_options *,const u_char *, u_int, 433 const u_char *, int); 434 extern void tftp_print(netdissect_options *,const u_char *, u_int); 435 extern void timed_print(netdissect_options *,const u_char *, u_int); 436 extern void udp_print(netdissect_options *,const u_char *, u_int, 437 const u_char *, int); 438 extern void wb_print(netdissect_options *,const void *, u_int); 439 extern int ah_print(netdissect_options *,register const u_char *, 440 register const u_char *); 441 extern void esp_print_decodesecret(netdissect_options *ndo); 442 extern int ipcomp_print(netdissect_options *,register const u_char *, 443 register const u_char *, int *); 444 extern void rx_print(netdissect_options *,register const u_char *, 445 int, int, int, u_char *); 446 extern void netbeui_print(netdissect_options *,u_short, 447 const u_char *, int); 448 extern void ipx_netbios_print(netdissect_options *,const u_char *, u_int); 449 extern void nbt_tcp_print(netdissect_options *,const u_char *, int); 450 extern void nbt_udp137_print(netdissect_options *, 451 const u_char *data, int); 452 extern void nbt_udp138_print(netdissect_options *, 453 const u_char *data, int); 454 extern char *smb_errstr(netdissect_options *,int, int); 455 extern const char *nt_errstr(netdissect_options *, u_int32_t); 456 extern void print_data(netdissect_options *,const unsigned char *, int); 457 extern void l2tp_print(netdissect_options *,const u_char *, u_int); 458 extern void lcp_print(netdissect_options *,const u_char *, u_int); 459 extern void vrrp_print(netdissect_options *,const u_char *bp, 460 u_int len, int ttl); 461 extern void carp_print(netdissect_options *,const u_char *bp, 462 u_int len, int ttl); 463 extern void cdp_print(netdissect_options *,const u_char *, 464 u_int, u_int, const u_char *, const u_char *); 465 extern void stp_print(netdissect_options *,const u_char *p, u_int length); 466 extern void radius_print(netdissect_options *,const u_char *, u_int); 467 extern void lwres_print(netdissect_options *,const u_char *, u_int); 468 extern void pptp_print(netdissect_options *,const u_char *, u_int); 469 #endif 470 471 extern u_int ipnet_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); 472 extern u_int ppi_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); 473 474 extern u_int ieee802_15_4_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); 475 476 #ifdef INET6 477 extern void ip6_print(netdissect_options *,const u_char *, u_int); 478 #if 0 479 extern void ip6_opt_print(netdissect_options *,const u_char *, int); 480 extern int nextproto6_cksum(const struct ip6_hdr *, const u_int8_t *, u_int, u_int); 481 extern int hbhopt_print(netdissect_options *,const u_char *); 482 extern int dstopt_print(netdissect_options *,const u_char *); 483 extern int frag6_print(netdissect_options *,const u_char *, 484 const u_char *); 485 extern void icmp6_print(netdissect_options *,const u_char *, 486 const u_char *); 487 extern void ripng_print(netdissect_options *,const u_char *, int); 488 extern int rt6_print(netdissect_options *,const u_char *, const u_char *); 489 extern void ospf6_print(netdissect_options *,const u_char *, u_int); 490 extern void dhcp6_print(netdissect_options *,const u_char *, 491 u_int, u_int16_t, u_int16_t); 492 493 extern void zephyr_print(netdissect_options * ndo, 494 const u_char *cp, int length); 495 #endif /* 0 */ 496 497 #endif /*INET6*/ 498 499 #if 0 500 struct cksum_vec { 501 const u_int8_t *ptr; 502 int len; 503 }; 504 extern u_int16_t in_cksum(const struct cksum_vec *, int); 505 extern u_int16_t in_cksum_shouldbe(u_int16_t, u_int16_t); 506 #endif 507 508 extern void esp_print_decodesecret(netdissect_options *ndo); 509 extern int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo, 510 int initiator, 511 u_char spii[8], u_char spir[8], 512 u_char *buf, u_char *end); 513 514 515 #endif /* netdissect_h */ 516