1 /* 2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * Format and print bootp packets. 22 * 23 * $FreeBSD$ 24 */ 25 #ifndef lint 26 static const char rcsid[] = 27 "@(#) $Header: /tcpdump/master/tcpdump/print-bootp.c,v 1.60.4.2 2002/06/01 23:51:11 guy Exp $ (LBL)"; 28 #endif 29 30 #ifdef HAVE_CONFIG_H 31 #include "config.h" 32 #endif 33 34 #include <sys/param.h> 35 #include <sys/time.h> 36 #include <sys/socket.h> 37 38 #include <netinet/in.h> 39 40 #include <ctype.h> 41 #include <stdio.h> 42 #include <string.h> 43 44 #include "interface.h" 45 #include "addrtoname.h" 46 #include "extract.h" 47 #include "ether.h" 48 #include "bootp.h" 49 50 static void rfc1048_print(const u_char *); 51 static void cmu_print(const u_char *); 52 53 static char tstr[] = " [|bootp]"; 54 55 /* 56 * Print bootp requests 57 */ 58 void 59 bootp_print(register const u_char *cp, u_int length, 60 u_short sport, u_short dport) 61 { 62 register const struct bootp *bp; 63 static const u_char vm_cmu[4] = VM_CMU; 64 static const u_char vm_rfc1048[4] = VM_RFC1048; 65 66 bp = (const struct bootp *)cp; 67 TCHECK(bp->bp_op); 68 switch (bp->bp_op) { 69 70 case BOOTREQUEST: 71 /* Usually, a request goes from a client to a server */ 72 if (sport != IPPORT_BOOTPC || dport != IPPORT_BOOTPS) 73 printf(" (request)"); 74 break; 75 76 case BOOTREPLY: 77 /* Usually, a reply goes from a server to a client */ 78 if (sport != IPPORT_BOOTPS || dport != IPPORT_BOOTPC) 79 printf(" (reply)"); 80 break; 81 82 default: 83 printf(" bootp-#%d", bp->bp_op); 84 } 85 86 TCHECK(bp->bp_secs); 87 88 /* The usual hardware address type is 1 (10Mb Ethernet) */ 89 if (bp->bp_htype != 1) 90 printf(" htype-#%d", bp->bp_htype); 91 92 /* The usual length for 10Mb Ethernet address is 6 bytes */ 93 if (bp->bp_htype != 1 || bp->bp_hlen != 6) 94 printf(" hlen:%d", bp->bp_hlen); 95 96 /* Only print interesting fields */ 97 if (bp->bp_hops) 98 printf(" hops:%d", bp->bp_hops); 99 if (bp->bp_xid) 100 printf(" xid:0x%x", (u_int32_t)ntohl(bp->bp_xid)); 101 if (bp->bp_secs) 102 printf(" secs:%d", ntohs(bp->bp_secs)); 103 if (bp->bp_flags) 104 printf(" flags:0x%x", ntohs(bp->bp_flags)); 105 106 /* Client's ip address */ 107 TCHECK(bp->bp_ciaddr); 108 if (bp->bp_ciaddr.s_addr) 109 printf(" C:%s", ipaddr_string(&bp->bp_ciaddr)); 110 111 /* 'your' ip address (bootp client) */ 112 TCHECK(bp->bp_yiaddr); 113 if (bp->bp_yiaddr.s_addr) 114 printf(" Y:%s", ipaddr_string(&bp->bp_yiaddr)); 115 116 /* Server's ip address */ 117 TCHECK(bp->bp_siaddr); 118 if (bp->bp_siaddr.s_addr) 119 printf(" S:%s", ipaddr_string(&bp->bp_siaddr)); 120 121 /* Gateway's ip address */ 122 TCHECK(bp->bp_giaddr); 123 if (bp->bp_giaddr.s_addr) 124 printf(" G:%s", ipaddr_string(&bp->bp_giaddr)); 125 126 /* Client's Ethernet address */ 127 if (bp->bp_htype == 1 && bp->bp_hlen == 6) { 128 register const struct ether_header *eh; 129 register const char *e; 130 131 TCHECK2(bp->bp_chaddr[0], 6); 132 eh = (const struct ether_header *)packetp; 133 if (bp->bp_op == BOOTREQUEST) 134 e = (const char *)ESRC(eh); 135 else if (bp->bp_op == BOOTREPLY) 136 e = (const char *)EDST(eh); 137 else 138 e = 0; 139 if (e == 0 || memcmp((const char *)bp->bp_chaddr, e, 6) != 0) 140 printf(" ether %s", etheraddr_string(bp->bp_chaddr)); 141 } 142 143 TCHECK2(bp->bp_sname[0], 1); /* check first char only */ 144 if (*bp->bp_sname) { 145 printf(" sname \""); 146 if (fn_print(bp->bp_sname, snapend)) { 147 putchar('"'); 148 fputs(tstr + 1, stdout); 149 return; 150 } 151 putchar('"'); 152 } 153 TCHECK2(bp->bp_sname[0], 1); /* check first char only */ 154 if (*bp->bp_file) { 155 printf(" file \""); 156 if (fn_print(bp->bp_file, snapend)) { 157 putchar('"'); 158 fputs(tstr + 1, stdout); 159 return; 160 } 161 putchar('"'); 162 } 163 164 /* Decode the vendor buffer */ 165 TCHECK(bp->bp_vend[0]); 166 if (memcmp((const char *)bp->bp_vend, vm_rfc1048, 167 sizeof(u_int32_t)) == 0) 168 rfc1048_print(bp->bp_vend); 169 else if (memcmp((const char *)bp->bp_vend, vm_cmu, 170 sizeof(u_int32_t)) == 0) 171 cmu_print(bp->bp_vend); 172 else { 173 u_int32_t ul; 174 175 ul = EXTRACT_32BITS(&bp->bp_vend); 176 if (ul != 0) 177 printf("vend-#0x%x", ul); 178 } 179 180 return; 181 trunc: 182 fputs(tstr, stdout); 183 } 184 185 /* 186 * The first character specifies the format to print: 187 * i - ip address (32 bits) 188 * p - ip address pairs (32 bits + 32 bits) 189 * l - long (32 bits) 190 * L - unsigned long (32 bits) 191 * s - short (16 bits) 192 * b - period-seperated decimal bytes (variable length) 193 * x - colon-seperated hex bytes (variable length) 194 * a - ascii string (variable length) 195 * B - on/off (8 bits) 196 * $ - special (explicit code to handle) 197 */ 198 static struct tok tag2str[] = { 199 /* RFC1048 tags */ 200 { TAG_PAD, " PAD" }, 201 { TAG_SUBNET_MASK, "iSM" }, /* subnet mask (RFC950) */ 202 { TAG_TIME_OFFSET, "LTZ" }, /* seconds from UTC */ 203 { TAG_GATEWAY, "iDG" }, /* default gateway */ 204 { TAG_TIME_SERVER, "iTS" }, /* time servers (RFC868) */ 205 { TAG_NAME_SERVER, "iIEN" }, /* IEN name servers (IEN116) */ 206 { TAG_DOMAIN_SERVER, "iNS" }, /* domain name (RFC1035) */ 207 { TAG_LOG_SERVER, "iLOG" }, /* MIT log servers */ 208 { TAG_COOKIE_SERVER, "iCS" }, /* cookie servers (RFC865) */ 209 { TAG_LPR_SERVER, "iLPR" }, /* lpr server (RFC1179) */ 210 { TAG_IMPRESS_SERVER, "iIM" }, /* impress servers (Imagen) */ 211 { TAG_RLP_SERVER, "iRL" }, /* resource location (RFC887) */ 212 { TAG_HOSTNAME, "aHN" }, /* ascii hostname */ 213 { TAG_BOOTSIZE, "sBS" }, /* 512 byte blocks */ 214 { TAG_END, " END" }, 215 /* RFC1497 tags */ 216 { TAG_DUMPPATH, "aDP" }, 217 { TAG_DOMAINNAME, "aDN" }, 218 { TAG_SWAP_SERVER, "iSS" }, 219 { TAG_ROOTPATH, "aRP" }, 220 { TAG_EXTPATH, "aEP" }, 221 /* RFC2132 tags */ 222 { TAG_IP_FORWARD, "BIPF" }, 223 { TAG_NL_SRCRT, "BSRT" }, 224 { TAG_PFILTERS, "pPF" }, 225 { TAG_REASS_SIZE, "sRSZ" }, 226 { TAG_DEF_TTL, "bTTL" }, 227 { TAG_MTU_TIMEOUT, "lMA" }, 228 { TAG_MTU_TABLE, "sMT" }, 229 { TAG_INT_MTU, "sMTU" }, 230 { TAG_LOCAL_SUBNETS, "BLSN" }, 231 { TAG_BROAD_ADDR, "iBR" }, 232 { TAG_DO_MASK_DISC, "BMD" }, 233 { TAG_SUPPLY_MASK, "BMS" }, 234 { TAG_DO_RDISC, "BRD" }, 235 { TAG_RTR_SOL_ADDR, "iRSA" }, 236 { TAG_STATIC_ROUTE, "pSR" }, 237 { TAG_USE_TRAILERS, "BUT" }, 238 { TAG_ARP_TIMEOUT, "lAT" }, 239 { TAG_ETH_ENCAP, "BIE" }, 240 { TAG_TCP_TTL, "bTT" }, 241 { TAG_TCP_KEEPALIVE, "lKI" }, 242 { TAG_KEEPALIVE_GO, "BKG" }, 243 { TAG_NIS_DOMAIN, "aYD" }, 244 { TAG_NIS_SERVERS, "iYS" }, 245 { TAG_NTP_SERVERS, "iNTP" }, 246 { TAG_VENDOR_OPTS, "bVO" }, 247 { TAG_NETBIOS_NS, "iWNS" }, 248 { TAG_NETBIOS_DDS, "iWDD" }, 249 { TAG_NETBIOS_NODE, "$WNT" }, 250 { TAG_NETBIOS_SCOPE, "aWSC" }, 251 { TAG_XWIN_FS, "iXFS" }, 252 { TAG_XWIN_DM, "iXDM" }, 253 { TAG_NIS_P_DOMAIN, "sN+D" }, 254 { TAG_NIS_P_SERVERS, "iN+S" }, 255 { TAG_MOBILE_HOME, "iMH" }, 256 { TAG_SMPT_SERVER, "iSMTP" }, 257 { TAG_POP3_SERVER, "iPOP3" }, 258 { TAG_NNTP_SERVER, "iNNTP" }, 259 { TAG_WWW_SERVER, "iWWW" }, 260 { TAG_FINGER_SERVER, "iFG" }, 261 { TAG_IRC_SERVER, "iIRC" }, 262 { TAG_STREETTALK_SRVR, "iSTS" }, 263 { TAG_STREETTALK_STDA, "iSTDA" }, 264 { TAG_REQUESTED_IP, "iRQ" }, 265 { TAG_IP_LEASE, "lLT" }, 266 { TAG_OPT_OVERLOAD, "$OO" }, 267 { TAG_TFTP_SERVER, "aTFTP" }, 268 { TAG_BOOTFILENAME, "aBF" }, 269 { TAG_DHCP_MESSAGE, " DHCP" }, 270 { TAG_SERVER_ID, "iSID" }, 271 { TAG_PARM_REQUEST, "bPR" }, 272 { TAG_MESSAGE, "aMSG" }, 273 { TAG_MAX_MSG_SIZE, "sMSZ" }, 274 { TAG_RENEWAL_TIME, "lRN" }, 275 { TAG_REBIND_TIME, "lRB" }, 276 { TAG_VENDOR_CLASS, "aVC" }, 277 { TAG_CLIENT_ID, "$CID" }, 278 /* RFC 2485 */ 279 { TAG_OPEN_GROUP_UAP, "aUAP" }, 280 /* RFC 2563 */ 281 { TAG_DISABLE_AUTOCONF, "BNOAUTO" }, 282 /* RFC 2610 */ 283 { TAG_SLP_DA, "bSLP-DA" }, /*"b" is a little wrong */ 284 { TAG_SLP_SCOPE, "bSLP-SCOPE" }, /*"b" is a little wrong */ 285 /* RFC 2937 */ 286 { TAG_NS_SEARCH, "sNSSEARCH" }, /* XXX 's' */ 287 /* RFC 3011 */ 288 { TAG_IP4_SUBNET_SELECT, "iSUBNET" }, 289 /* ftp://ftp.isi.edu/.../assignments/bootp-dhcp-extensions */ 290 { TAG_USER_CLASS, "aCLASS" }, 291 { TAG_SLP_NAMING_AUTH, "aSLP-NA" }, 292 { TAG_CLIENT_FQDN, "$FQDN" }, 293 { TAG_AGENT_CIRCUIT, "bACKT" }, 294 { TAG_AGENT_REMOTE, "bARMT" }, 295 { TAG_AGENT_MASK, "bAMSK" }, 296 { TAG_TZ_STRING, "aTZSTR" }, 297 { TAG_FQDN_OPTION, "bFQDNS" }, /* XXX 'b' */ 298 { TAG_AUTH, "bAUTH" }, /* XXX 'b' */ 299 { TAG_VINES_SERVERS, "iVINES" }, 300 { TAG_SERVER_RANK, "sRANK" }, 301 { TAG_CLIENT_ARCH, "sARCH" }, 302 { TAG_CLIENT_NDI, "bNDI" }, /* XXX 'b' */ 303 { TAG_CLIENT_GUID, "bGUID" }, /* XXX 'b' */ 304 { TAG_LDAP_URL, "aLDAP" }, 305 { TAG_6OVER4, "i6o4" }, 306 { TAG_PRINTER_NAME, "aPRTR" }, 307 { TAG_MDHCP_SERVER, "bMDHCP" }, /* XXX 'b' */ 308 { TAG_IPX_COMPAT, "bIPX" }, /* XXX 'b' */ 309 { TAG_NETINFO_PARENT, "iNI" }, 310 { TAG_NETINFO_PARENT_TAG, "aNITAG" }, 311 { TAG_URL, "aURL" }, 312 { TAG_FAILOVER, "bFAIL" }, /* XXX 'b' */ 313 { 0, NULL } 314 }; 315 /* 2-byte extended tags */ 316 static struct tok xtag2str[] = { 317 { 0, NULL } 318 }; 319 320 /* DHCP "options overload" types */ 321 static struct tok oo2str[] = { 322 { 1, "file" }, 323 { 2, "sname" }, 324 { 3, "file+sname" }, 325 { 0, NULL } 326 }; 327 328 /* NETBIOS over TCP/IP node type options */ 329 static struct tok nbo2str[] = { 330 { 0x1, "b-node" }, 331 { 0x2, "p-node" }, 332 { 0x4, "m-node" }, 333 { 0x8, "h-node" }, 334 { 0, NULL } 335 }; 336 337 /* ARP Hardware types, for Client-ID option */ 338 static struct tok arp2str[] = { 339 { 0x1, "ether" }, 340 { 0x6, "ieee802" }, 341 { 0x7, "arcnet" }, 342 { 0xf, "frelay" }, 343 { 0x17, "strip" }, 344 { 0x18, "ieee1394" }, 345 { 0, NULL } 346 }; 347 348 static void 349 rfc1048_print(register const u_char *bp) 350 { 351 register u_int16_t tag; 352 register u_int len, size; 353 register const char *cp; 354 register char c; 355 int first; 356 u_int32_t ul; 357 u_int16_t us; 358 u_int8_t uc; 359 360 printf(" vend-rfc1048"); 361 362 /* Step over magic cookie */ 363 bp += sizeof(int32_t); 364 365 /* Loop while we there is a tag left in the buffer */ 366 while (bp + 1 < snapend) { 367 tag = *bp++; 368 if (tag == TAG_PAD) 369 continue; 370 if (tag == TAG_END) 371 return; 372 if (tag == TAG_EXTENDED_OPTION) { 373 TCHECK2(*(bp + 1), 2); 374 tag = EXTRACT_16BITS(bp + 1); 375 /* XXX we don't know yet if the IANA will 376 * preclude overlap of 1-byte and 2-byte spaces. 377 * If not, we need to offset tag after this step. 378 */ 379 cp = tok2str(xtag2str, "?xT%u", tag); 380 } else 381 cp = tok2str(tag2str, "?T%u", tag); 382 c = *cp++; 383 printf(" %s:", cp); 384 385 /* Get the length; check for truncation */ 386 if (bp + 1 >= snapend) { 387 fputs(tstr, stdout); 388 return; 389 } 390 len = *bp++; 391 if (bp + len >= snapend) { 392 fputs(tstr, stdout); 393 return; 394 } 395 396 if (tag == TAG_DHCP_MESSAGE && len == 1) { 397 uc = *bp++; 398 switch (uc) { 399 case DHCPDISCOVER: printf("DISCOVER"); break; 400 case DHCPOFFER: printf("OFFER"); break; 401 case DHCPREQUEST: printf("REQUEST"); break; 402 case DHCPDECLINE: printf("DECLINE"); break; 403 case DHCPACK: printf("ACK"); break; 404 case DHCPNAK: printf("NACK"); break; 405 case DHCPRELEASE: printf("RELEASE"); break; 406 case DHCPINFORM: printf("INFORM"); break; 407 default: printf("%u", uc); break; 408 } 409 continue; 410 } 411 412 if (tag == TAG_PARM_REQUEST) { 413 first = 1; 414 while (len-- > 0) { 415 uc = *bp++; 416 cp = tok2str(tag2str, "?T%u", uc); 417 if (!first) 418 putchar('+'); 419 printf("%s", cp + 1); 420 first = 0; 421 } 422 continue; 423 } 424 if (tag == TAG_EXTENDED_REQUEST) { 425 first = 1; 426 while (len > 1) { 427 len -= 2; 428 us = EXTRACT_16BITS(bp); 429 bp += 2; 430 cp = tok2str(xtag2str, "?xT%u", us); 431 if (!first) 432 putchar('+'); 433 printf("%s", cp + 1); 434 first = 0; 435 } 436 continue; 437 } 438 439 /* Print data */ 440 size = len; 441 if (c == '?') { 442 /* Base default formats for unknown tags on data size */ 443 if (size & 1) 444 c = 'b'; 445 else if (size & 2) 446 c = 's'; 447 else 448 c = 'l'; 449 } 450 first = 1; 451 switch (c) { 452 453 case 'a': 454 /* ascii strings */ 455 putchar('"'); 456 (void)fn_printn(bp, size, NULL); 457 putchar('"'); 458 bp += size; 459 size = 0; 460 break; 461 462 case 'i': 463 case 'l': 464 case 'L': 465 /* ip addresses/32-bit words */ 466 while (size >= sizeof(ul)) { 467 if (!first) 468 putchar(','); 469 ul = EXTRACT_32BITS(bp); 470 if (c == 'i') { 471 ul = htonl(ul); 472 printf("%s", ipaddr_string(&ul)); 473 } else if (c == 'L') 474 printf("%d", ul); 475 else 476 printf("%u", ul); 477 bp += sizeof(ul); 478 size -= sizeof(ul); 479 first = 0; 480 } 481 break; 482 483 case 'p': 484 /* IP address pairs */ 485 while (size >= 2*sizeof(ul)) { 486 if (!first) 487 putchar(','); 488 memcpy((char *)&ul, (const char *)bp, sizeof(ul)); 489 printf("(%s:", ipaddr_string(&ul)); 490 bp += sizeof(ul); 491 memcpy((char *)&ul, (const char *)bp, sizeof(ul)); 492 printf("%s)", ipaddr_string(&ul)); 493 bp += sizeof(ul); 494 size -= 2*sizeof(ul); 495 first = 0; 496 } 497 break; 498 499 case 's': 500 /* shorts */ 501 while (size >= sizeof(us)) { 502 if (!first) 503 putchar(','); 504 us = EXTRACT_16BITS(bp); 505 printf("%u", us); 506 bp += sizeof(us); 507 size -= sizeof(us); 508 first = 0; 509 } 510 break; 511 512 case 'B': 513 /* boolean */ 514 while (size > 0) { 515 if (!first) 516 putchar(','); 517 switch (*bp) { 518 case 0: 519 putchar('N'); 520 break; 521 case 1: 522 putchar('Y'); 523 break; 524 default: 525 printf("%u?", *bp); 526 break; 527 } 528 ++bp; 529 --size; 530 first = 0; 531 } 532 break; 533 534 case 'b': 535 case 'x': 536 default: 537 /* Bytes */ 538 while (size > 0) { 539 if (!first) 540 putchar(c == 'x' ? ':' : '.'); 541 if (c == 'x') 542 printf("%02x", *bp); 543 else 544 printf("%u", *bp); 545 ++bp; 546 --size; 547 first = 0; 548 } 549 break; 550 551 case '$': 552 /* Guys we can't handle with one of the usual cases */ 553 switch (tag) { 554 555 case TAG_NETBIOS_NODE: 556 tag = *bp++; 557 --size; 558 fputs(tok2str(nbo2str, NULL, tag), stdout); 559 break; 560 561 case TAG_OPT_OVERLOAD: 562 tag = *bp++; 563 --size; 564 fputs(tok2str(oo2str, NULL, tag), stdout); 565 break; 566 567 case TAG_CLIENT_FQDN: 568 if (*bp++) 569 printf("[svrreg]"); 570 if (*bp) 571 printf("%u/%u/", *bp, *(bp+1)); 572 bp += 2; 573 putchar('"'); 574 (void)fn_printn(bp, size - 3, NULL); 575 putchar('"'); 576 bp += size - 3; 577 size = 0; 578 break; 579 580 case TAG_CLIENT_ID: 581 { int type = *bp++; 582 size--; 583 if (type == 0) { 584 putchar('"'); 585 (void)fn_printn(bp, size, NULL); 586 putchar('"'); 587 break; 588 } else { 589 printf("[%s]", tok2str(arp2str, "type-%d", type)); 590 } 591 while (size > 0) { 592 if (!first) 593 putchar(':'); 594 printf("%02x", *bp); 595 ++bp; 596 --size; 597 first = 0; 598 } 599 break; 600 } 601 602 default: 603 printf("[unknown special tag %u, size %u]", 604 tag, size); 605 bp += size; 606 size = 0; 607 break; 608 } 609 break; 610 } 611 /* Data left over? */ 612 if (size) 613 printf("[len %u]", len); 614 } 615 return; 616 trunc: 617 printf("|[rfc1048]"); 618 } 619 620 static void 621 cmu_print(register const u_char *bp) 622 { 623 register const struct cmu_vend *cmu; 624 625 #define PRINTCMUADDR(m, s) { TCHECK(cmu->m); \ 626 if (cmu->m.s_addr != 0) \ 627 printf(" %s:%s", s, ipaddr_string(&cmu->m.s_addr)); } 628 629 printf(" vend-cmu"); 630 cmu = (const struct cmu_vend *)bp; 631 632 /* Only print if there are unknown bits */ 633 TCHECK(cmu->v_flags); 634 if ((cmu->v_flags & ~(VF_SMASK)) != 0) 635 printf(" F:0x%x", cmu->v_flags); 636 PRINTCMUADDR(v_dgate, "DG"); 637 PRINTCMUADDR(v_smask, cmu->v_flags & VF_SMASK ? "SM" : "SM*"); 638 PRINTCMUADDR(v_dns1, "NS1"); 639 PRINTCMUADDR(v_dns2, "NS2"); 640 PRINTCMUADDR(v_ins1, "IEN1"); 641 PRINTCMUADDR(v_ins2, "IEN2"); 642 PRINTCMUADDR(v_ts1, "TS1"); 643 PRINTCMUADDR(v_ts2, "TS2"); 644 return; 645 646 trunc: 647 fputs(tstr, stdout); 648 #undef PRINTCMUADDR 649 } 650