1 /* 2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 */ 21 22 /* \summary: Frame Relay printer */ 23 24 #include <config.h> 25 26 #include "netdissect-stdinc.h" 27 28 #include <stdio.h> 29 #include <string.h> 30 31 #include "netdissect.h" 32 #include "addrtoname.h" 33 #include "ethertype.h" 34 #include "llc.h" 35 #include "nlpid.h" 36 #include "extract.h" 37 38 static void frf15_print(netdissect_options *ndo, const u_char *, u_int); 39 40 /* 41 * the frame relay header has a variable length 42 * 43 * the EA bit determines if there is another byte 44 * in the header 45 * 46 * minimum header length is 2 bytes 47 * maximum header length is 4 bytes 48 * 49 * 7 6 5 4 3 2 1 0 50 * +----+----+----+----+----+----+----+----+ 51 * | DLCI (6 bits) | CR | EA | 52 * +----+----+----+----+----+----+----+----+ 53 * | DLCI (4 bits) |FECN|BECN| DE | EA | 54 * +----+----+----+----+----+----+----+----+ 55 * | DLCI (7 bits) | EA | 56 * +----+----+----+----+----+----+----+----+ 57 * | DLCI (6 bits) |SDLC| EA | 58 * +----+----+----+----+----+----+----+----+ 59 */ 60 61 #define FR_EA_BIT 0x01 62 63 #define FR_CR_BIT 0x02000000 64 #define FR_DE_BIT 0x00020000 65 #define FR_BECN_BIT 0x00040000 66 #define FR_FECN_BIT 0x00080000 67 #define FR_SDLC_BIT 0x00000002 68 69 70 static const struct tok fr_header_flag_values[] = { 71 { FR_CR_BIT, "C!" }, 72 { FR_DE_BIT, "DE" }, 73 { FR_BECN_BIT, "BECN" }, 74 { FR_FECN_BIT, "FECN" }, 75 { FR_SDLC_BIT, "sdlcore" }, 76 { 0, NULL } 77 }; 78 79 /* FRF.15 / FRF.16 */ 80 #define MFR_B_BIT 0x80 81 #define MFR_E_BIT 0x40 82 #define MFR_C_BIT 0x20 83 #define MFR_BEC_MASK (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT) 84 #define MFR_CTRL_FRAME (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT) 85 #define MFR_FRAG_FRAME (MFR_B_BIT | MFR_E_BIT ) 86 87 static const struct tok frf_flag_values[] = { 88 { MFR_B_BIT, "Begin" }, 89 { MFR_E_BIT, "End" }, 90 { MFR_C_BIT, "Control" }, 91 { 0, NULL } 92 }; 93 94 /* Finds out Q.922 address length, DLCI and flags. Returns 1 on success, 95 * 0 on invalid address, -1 on truncated packet 96 * save the flags dep. on address length 97 */ 98 static int parse_q922_header(netdissect_options *ndo, 99 const u_char *p, u_int *dlci, 100 u_int *addr_len, uint32_t *flags, u_int length) 101 { 102 if (!ND_TTEST_1(p) || length < 1) 103 return -1; 104 if ((GET_U_1(p) & FR_EA_BIT)) 105 return 0; 106 107 if (!ND_TTEST_1(p + 1) || length < 2) 108 return -1; 109 *addr_len = 2; 110 *dlci = ((GET_U_1(p) & 0xFC) << 2) | ((GET_U_1(p + 1) & 0xF0) >> 4); 111 112 *flags = ((GET_U_1(p) & 0x02) << 24) | /* CR flag */ 113 ((GET_U_1(p + 1) & 0x0e) << 16); /* FECN,BECN,DE flags */ 114 115 if (GET_U_1(p + 1) & FR_EA_BIT) 116 return 1; /* 2-byte Q.922 address */ 117 118 p += 2; 119 length -= 2; 120 if (!ND_TTEST_1(p) || length < 1) 121 return -1; 122 (*addr_len)++; /* 3- or 4-byte Q.922 address */ 123 if ((GET_U_1(p) & FR_EA_BIT) == 0) { 124 *dlci = (*dlci << 7) | (GET_U_1(p) >> 1); 125 (*addr_len)++; /* 4-byte Q.922 address */ 126 p++; 127 length--; 128 } 129 130 if (!ND_TTEST_1(p) || length < 1) 131 return -1; 132 if ((GET_U_1(p) & FR_EA_BIT) == 0) 133 return 0; /* more than 4 bytes of Q.922 address? */ 134 135 *flags = *flags | (GET_U_1(p) & 0x02); /* SDLC flag */ 136 137 *dlci = (*dlci << 6) | (GET_U_1(p) >> 2); 138 139 return 1; 140 } 141 142 const char * 143 q922_string(netdissect_options *ndo, const u_char *p, u_int length) 144 { 145 146 static u_int dlci, addr_len; 147 static uint32_t flags; 148 static char buffer[sizeof("parse_q922_header() returned XXXXXXXXXXX")]; 149 int ret; 150 memset(buffer, 0, sizeof(buffer)); 151 152 ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length); 153 if (ret == 1) { 154 snprintf(buffer, sizeof(buffer), "DLCI %u", dlci); 155 return buffer; 156 } else if (ret == 0) { 157 return "<Invalid DLCI>"; 158 } else if (ret == -1) { 159 return "<Truncated>"; 160 } else { 161 snprintf(buffer, sizeof(buffer), "parse_q922_header() returned %d", ret); 162 return buffer; 163 } 164 } 165 166 167 /* Frame Relay packet structure, with flags and CRC removed 168 169 +---------------------------+ 170 | Q.922 Address* | 171 +-- --+ 172 | | 173 +---------------------------+ 174 | Control (UI = 0x03) | 175 +---------------------------+ 176 | Optional Pad (0x00) | 177 +---------------------------+ 178 | NLPID | 179 +---------------------------+ 180 | . | 181 | . | 182 | . | 183 | Data | 184 | . | 185 | . | 186 +---------------------------+ 187 188 * Q.922 addresses, as presently defined, are two octets and 189 contain a 10-bit DLCI. In some networks Q.922 addresses 190 may optionally be increased to three or four octets. 191 */ 192 193 static void 194 fr_hdr_print(netdissect_options *ndo, int length, u_int addr_len, 195 u_int dlci, uint32_t flags, uint16_t nlpid) 196 { 197 if (ndo->ndo_qflag) { 198 ND_PRINT("Q.922, DLCI %u, length %u: ", 199 dlci, 200 length); 201 } else { 202 if (nlpid <= 0xff) /* if its smaller than 256 then its a NLPID */ 203 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], NLPID %s (0x%02x), length %u: ", 204 addr_len, 205 dlci, 206 bittok2str(fr_header_flag_values, "none", flags), 207 tok2str(nlpid_values,"unknown", nlpid), 208 nlpid, 209 length); 210 else /* must be an ethertype */ 211 ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], cisco-ethertype %s (0x%04x), length %u: ", 212 addr_len, 213 dlci, 214 bittok2str(fr_header_flag_values, "none", flags), 215 tok2str(ethertype_values, "unknown", nlpid), 216 nlpid, 217 length); 218 } 219 } 220 221 /* Frame Relay */ 222 void 223 fr_if_print(netdissect_options *ndo, 224 const struct pcap_pkthdr *h, const u_char *p) 225 { 226 u_int length = h->len; 227 u_int caplen = h->caplen; 228 229 ndo->ndo_protocol = "fr"; 230 if (caplen < 4) { /* minimum frame header length */ 231 nd_print_trunc(ndo); 232 ndo->ndo_ll_hdr_len += caplen; 233 return; 234 } 235 236 ndo->ndo_ll_hdr_len += fr_print(ndo, p, length); 237 } 238 239 u_int 240 fr_print(netdissect_options *ndo, 241 const u_char *p, u_int length) 242 { 243 int ret; 244 uint16_t extracted_ethertype; 245 u_int dlci; 246 u_int addr_len; 247 uint16_t nlpid; 248 u_int hdr_len; 249 uint32_t flags; 250 251 ndo->ndo_protocol = "fr"; 252 ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length); 253 if (ret == -1) 254 goto trunc; 255 if (ret == 0) { 256 ND_PRINT("Q.922, invalid address"); 257 return 0; 258 } 259 260 ND_TCHECK_1(p + addr_len); 261 if (length < addr_len + 1) 262 goto trunc; 263 264 if (GET_U_1(p + addr_len) != LLC_UI && dlci != 0) { 265 /* 266 * Let's figure out if we have Cisco-style encapsulation, 267 * with an Ethernet type (Cisco HDLC type?) following the 268 * address. 269 */ 270 if (!ND_TTEST_2(p + addr_len) || length < addr_len + 2) { 271 /* no Ethertype */ 272 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len)); 273 } else { 274 extracted_ethertype = GET_BE_U_2(p + addr_len); 275 276 if (ndo->ndo_eflag) 277 fr_hdr_print(ndo, length, addr_len, dlci, 278 flags, extracted_ethertype); 279 280 if (ethertype_print(ndo, extracted_ethertype, 281 p+addr_len+ETHERTYPE_LEN, 282 length-addr_len-ETHERTYPE_LEN, 283 ND_BYTES_AVAILABLE_AFTER(p)-addr_len-ETHERTYPE_LEN, 284 NULL, NULL) == 0) 285 /* ether_type not known, probably it wasn't one */ 286 ND_PRINT("UI %02x! ", GET_U_1(p + addr_len)); 287 else 288 return addr_len + 2; 289 } 290 } 291 292 ND_TCHECK_1(p + addr_len + 1); 293 if (length < addr_len + 2) 294 goto trunc; 295 296 if (GET_U_1(p + addr_len + 1) == 0) { 297 /* 298 * Assume a pad byte after the control (UI) byte. 299 * A pad byte should only be used with 3-byte Q.922. 300 */ 301 if (addr_len != 3) 302 ND_PRINT("Pad! "); 303 hdr_len = addr_len + 1 /* UI */ + 1 /* pad */ + 1 /* NLPID */; 304 } else { 305 /* 306 * Not a pad byte. 307 * A pad byte should be used with 3-byte Q.922. 308 */ 309 if (addr_len == 3) 310 ND_PRINT("No pad! "); 311 hdr_len = addr_len + 1 /* UI */ + 1 /* NLPID */; 312 } 313 314 ND_TCHECK_1(p + hdr_len - 1); 315 if (length < hdr_len) 316 goto trunc; 317 nlpid = GET_U_1(p + hdr_len - 1); 318 319 if (ndo->ndo_eflag) 320 fr_hdr_print(ndo, length, addr_len, dlci, flags, nlpid); 321 p += hdr_len; 322 length -= hdr_len; 323 324 switch (nlpid) { 325 case NLPID_IP: 326 ip_print(ndo, p, length); 327 break; 328 329 case NLPID_IP6: 330 ip6_print(ndo, p, length); 331 break; 332 333 case NLPID_CLNP: 334 case NLPID_ESIS: 335 case NLPID_ISIS: 336 isoclns_print(ndo, p - 1, length + 1); /* OSI printers need the NLPID field */ 337 break; 338 339 case NLPID_SNAP: 340 if (snap_print(ndo, p, length, ND_BYTES_AVAILABLE_AFTER(p), NULL, NULL, 0) == 0) { 341 /* ether_type not known, print raw packet */ 342 if (!ndo->ndo_eflag) 343 fr_hdr_print(ndo, length + hdr_len, hdr_len, 344 dlci, flags, nlpid); 345 if (!ndo->ndo_suppress_default_print) 346 ND_DEFAULTPRINT(p - hdr_len, length + hdr_len); 347 } 348 break; 349 350 case NLPID_Q933: 351 q933_print(ndo, p, length); 352 break; 353 354 case NLPID_MFR: 355 frf15_print(ndo, p, length); 356 break; 357 358 case NLPID_PPP: 359 ppp_print(ndo, p, length); 360 break; 361 362 default: 363 if (!ndo->ndo_eflag) 364 fr_hdr_print(ndo, length + hdr_len, addr_len, 365 dlci, flags, nlpid); 366 if (!ndo->ndo_xflag) 367 ND_DEFAULTPRINT(p, length); 368 } 369 370 return hdr_len; 371 372 trunc: 373 nd_print_trunc(ndo); 374 return 0; 375 376 } 377 378 /* Multi Link Frame Relay (FRF.16) */ 379 void 380 mfr_if_print(netdissect_options *ndo, 381 const struct pcap_pkthdr *h, const u_char *p) 382 { 383 u_int length = h->len; 384 u_int caplen = h->caplen; 385 386 ndo->ndo_protocol = "mfr"; 387 if (caplen < 2) { /* minimum frame header length */ 388 nd_print_trunc(ndo); 389 ndo->ndo_ll_hdr_len += caplen; 390 return; 391 } 392 393 ndo->ndo_ll_hdr_len += mfr_print(ndo, p, length); 394 } 395 396 397 #define MFR_CTRL_MSG_ADD_LINK 1 398 #define MFR_CTRL_MSG_ADD_LINK_ACK 2 399 #define MFR_CTRL_MSG_ADD_LINK_REJ 3 400 #define MFR_CTRL_MSG_HELLO 4 401 #define MFR_CTRL_MSG_HELLO_ACK 5 402 #define MFR_CTRL_MSG_REMOVE_LINK 6 403 #define MFR_CTRL_MSG_REMOVE_LINK_ACK 7 404 405 static const struct tok mfr_ctrl_msg_values[] = { 406 { MFR_CTRL_MSG_ADD_LINK, "Add Link" }, 407 { MFR_CTRL_MSG_ADD_LINK_ACK, "Add Link ACK" }, 408 { MFR_CTRL_MSG_ADD_LINK_REJ, "Add Link Reject" }, 409 { MFR_CTRL_MSG_HELLO, "Hello" }, 410 { MFR_CTRL_MSG_HELLO_ACK, "Hello ACK" }, 411 { MFR_CTRL_MSG_REMOVE_LINK, "Remove Link" }, 412 { MFR_CTRL_MSG_REMOVE_LINK_ACK, "Remove Link ACK" }, 413 { 0, NULL } 414 }; 415 416 #define MFR_CTRL_IE_BUNDLE_ID 1 417 #define MFR_CTRL_IE_LINK_ID 2 418 #define MFR_CTRL_IE_MAGIC_NUM 3 419 #define MFR_CTRL_IE_TIMESTAMP 5 420 #define MFR_CTRL_IE_VENDOR_EXT 6 421 #define MFR_CTRL_IE_CAUSE 7 422 423 static const struct tok mfr_ctrl_ie_values[] = { 424 { MFR_CTRL_IE_BUNDLE_ID, "Bundle ID"}, 425 { MFR_CTRL_IE_LINK_ID, "Link ID"}, 426 { MFR_CTRL_IE_MAGIC_NUM, "Magic Number"}, 427 { MFR_CTRL_IE_TIMESTAMP, "Timestamp"}, 428 { MFR_CTRL_IE_VENDOR_EXT, "Vendor Extension"}, 429 { MFR_CTRL_IE_CAUSE, "Cause"}, 430 { 0, NULL } 431 }; 432 433 #define MFR_ID_STRING_MAXLEN 50 434 435 struct ie_tlv_header_t { 436 uint8_t ie_type; 437 uint8_t ie_len; 438 }; 439 440 u_int 441 mfr_print(netdissect_options *ndo, 442 const u_char *p, u_int length) 443 { 444 u_int tlen,idx,hdr_len = 0; 445 uint16_t sequence_num; 446 uint8_t ie_type,ie_len; 447 const uint8_t *tptr; 448 449 450 /* 451 * FRF.16 Link Integrity Control Frame 452 * 453 * 7 6 5 4 3 2 1 0 454 * +----+----+----+----+----+----+----+----+ 455 * | B | E | C=1| 0 0 0 0 | EA | 456 * +----+----+----+----+----+----+----+----+ 457 * | 0 0 0 0 0 0 0 0 | 458 * +----+----+----+----+----+----+----+----+ 459 * | message type | 460 * +----+----+----+----+----+----+----+----+ 461 */ 462 463 ndo->ndo_protocol = "mfr"; 464 465 if (length < 4) { /* minimum frame header length */ 466 ND_PRINT("[length %u < 4]", length); 467 nd_print_invalid(ndo); 468 return length; 469 } 470 ND_TCHECK_4(p); 471 472 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_CTRL_FRAME && GET_U_1(p + 1) == 0) { 473 ND_PRINT("FRF.16 Control, Flags [%s], %s, length %u", 474 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)), 475 tok2str(mfr_ctrl_msg_values,"Unknown Message (0x%02x)",GET_U_1(p + 2)), 476 length); 477 tptr = p + 3; 478 tlen = length -3; 479 hdr_len = 3; 480 481 if (!ndo->ndo_vflag) 482 return hdr_len; 483 484 while (tlen>sizeof(struct ie_tlv_header_t)) { 485 ND_TCHECK_LEN(tptr, sizeof(struct ie_tlv_header_t)); 486 ie_type=GET_U_1(tptr); 487 ie_len=GET_U_1(tptr + 1); 488 489 ND_PRINT("\n\tIE %s (%u), length %u: ", 490 tok2str(mfr_ctrl_ie_values,"Unknown",ie_type), 491 ie_type, 492 ie_len); 493 494 /* infinite loop check */ 495 if (ie_type == 0 || ie_len <= sizeof(struct ie_tlv_header_t)) 496 return hdr_len; 497 498 ND_TCHECK_LEN(tptr, ie_len); 499 tptr+=sizeof(struct ie_tlv_header_t); 500 /* tlv len includes header */ 501 ie_len-=sizeof(struct ie_tlv_header_t); 502 tlen-=sizeof(struct ie_tlv_header_t); 503 504 switch (ie_type) { 505 506 case MFR_CTRL_IE_MAGIC_NUM: 507 /* FRF.16.1 Section 3.4.3 Magic Number Information Element */ 508 if (ie_len != 4) { 509 ND_PRINT("[IE data length %d != 4]", ie_len); 510 nd_print_invalid(ndo); 511 break; 512 } 513 ND_PRINT("0x%08x", GET_BE_U_4(tptr)); 514 break; 515 516 case MFR_CTRL_IE_BUNDLE_ID: /* same message format */ 517 case MFR_CTRL_IE_LINK_ID: 518 for (idx = 0; idx < ie_len && idx < MFR_ID_STRING_MAXLEN; idx++) { 519 if (GET_U_1(tptr + idx) != 0) /* don't print null termination */ 520 fn_print_char(ndo, GET_U_1(tptr + idx)); 521 else 522 break; 523 } 524 break; 525 526 case MFR_CTRL_IE_TIMESTAMP: 527 /* 528 * FRF.16.1 Section 3.4.4 Timestamp Information Element 529 * 530 * The maximum length is 14 octets. Format is implementation 531 * specific. 532 */ 533 if (ie_len > 14) { 534 ND_PRINT("[Timestamp IE length %d > 14]", ie_len); 535 nd_print_invalid(ndo); 536 break; 537 } 538 /* fall through and hexdump */ 539 ND_FALL_THROUGH; 540 541 /* 542 * FIXME those are the defined IEs that lack a decoder 543 * you are welcome to contribute code ;-) 544 */ 545 546 case MFR_CTRL_IE_VENDOR_EXT: 547 case MFR_CTRL_IE_CAUSE: 548 549 default: 550 if (ndo->ndo_vflag <= 1) 551 print_unknown_data(ndo, tptr, "\n\t ", ie_len); 552 break; 553 } 554 555 /* do we want to see a hexdump of the IE ? */ 556 if (ndo->ndo_vflag > 1 ) 557 print_unknown_data(ndo, tptr, "\n\t ", ie_len); 558 559 tlen-=ie_len; 560 tptr+=ie_len; 561 } 562 return hdr_len; 563 } 564 /* 565 * FRF.16 Fragmentation Frame 566 * 567 * 7 6 5 4 3 2 1 0 568 * +----+----+----+----+----+----+----+----+ 569 * | B | E | C=0|seq. (high 4 bits) | EA | 570 * +----+----+----+----+----+----+----+----+ 571 * | sequence (low 8 bits) | 572 * +----+----+----+----+----+----+----+----+ 573 * | DLCI (6 bits) | CR | EA | 574 * +----+----+----+----+----+----+----+----+ 575 * | DLCI (4 bits) |FECN|BECN| DE | EA | 576 * +----+----+----+----+----+----+----+----+ 577 */ 578 579 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1); 580 /* whole packet or first fragment ? */ 581 if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_FRAG_FRAME || 582 (GET_U_1(p) & MFR_BEC_MASK) == MFR_B_BIT) { 583 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s], ", 584 sequence_num, 585 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK))); 586 hdr_len = 2; 587 fr_print(ndo, p+hdr_len,length-hdr_len); 588 return hdr_len; 589 } 590 591 /* must be a middle or the last fragment */ 592 ND_PRINT("FRF.16 Frag, seq %u, Flags [%s]", 593 sequence_num, 594 bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK))); 595 print_unknown_data(ndo, p, "\n\t", length); 596 597 return hdr_len; 598 599 trunc: 600 nd_print_trunc(ndo); 601 return length; 602 } 603 604 /* an NLPID of 0xb1 indicates a 2-byte 605 * FRF.15 header 606 * 607 * 7 6 5 4 3 2 1 0 608 * +----+----+----+----+----+----+----+----+ 609 * ~ Q.922 header ~ 610 * +----+----+----+----+----+----+----+----+ 611 * | NLPID (8 bits) | NLPID=0xb1 612 * +----+----+----+----+----+----+----+----+ 613 * | B | E | C |seq. (high 4 bits) | R | 614 * +----+----+----+----+----+----+----+----+ 615 * | sequence (low 8 bits) | 616 * +----+----+----+----+----+----+----+----+ 617 */ 618 619 #define FR_FRF15_FRAGTYPE 0x01 620 621 static void 622 frf15_print(netdissect_options *ndo, 623 const u_char *p, u_int length) 624 { 625 uint16_t sequence_num, flags; 626 627 if (length < 2) 628 goto trunc; 629 630 flags = GET_U_1(p)&MFR_BEC_MASK; 631 sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1); 632 633 ND_PRINT("FRF.15, seq 0x%03x, Flags [%s],%s Fragmentation, length %u", 634 sequence_num, 635 bittok2str(frf_flag_values,"none",flags), 636 GET_U_1(p)&FR_FRF15_FRAGTYPE ? "Interface" : "End-to-End", 637 length); 638 639 /* TODO: 640 * depending on all permutations of the B, E and C bit 641 * dig as deep as we can - e.g. on the first (B) fragment 642 * there is enough payload to print the IP header 643 * on non (B) fragments it depends if the fragmentation 644 * model is end-to-end or interface based whether we want to print 645 * another Q.922 header 646 */ 647 return; 648 649 trunc: 650 nd_print_trunc(ndo); 651 } 652 653 /* 654 * Q.933 decoding portion for framerelay specific. 655 */ 656 657 /* Q.933 packet format 658 Format of Other Protocols 659 using Q.933 NLPID 660 +-------------------------------+ 661 | Q.922 Address | 662 +---------------+---------------+ 663 |Control 0x03 | NLPID 0x08 | 664 +---------------+---------------+ 665 | L2 Protocol ID | 666 | octet 1 | octet 2 | 667 +-------------------------------+ 668 | L3 Protocol ID | 669 | octet 2 | octet 2 | 670 +-------------------------------+ 671 | Protocol Data | 672 +-------------------------------+ 673 | FCS | 674 +-------------------------------+ 675 */ 676 677 /* L2 (Octet 1)- Call Reference Usually is 0x0 */ 678 679 /* 680 * L2 (Octet 2)- Message Types definition 1 byte long. 681 */ 682 /* Call Establish */ 683 #define MSG_TYPE_ESC_TO_NATIONAL 0x00 684 #define MSG_TYPE_ALERT 0x01 685 #define MSG_TYPE_CALL_PROCEEDING 0x02 686 #define MSG_TYPE_CONNECT 0x07 687 #define MSG_TYPE_CONNECT_ACK 0x0F 688 #define MSG_TYPE_PROGRESS 0x03 689 #define MSG_TYPE_SETUP 0x05 690 /* Call Clear */ 691 #define MSG_TYPE_DISCONNECT 0x45 692 #define MSG_TYPE_RELEASE 0x4D 693 #define MSG_TYPE_RELEASE_COMPLETE 0x5A 694 #define MSG_TYPE_RESTART 0x46 695 #define MSG_TYPE_RESTART_ACK 0x4E 696 /* Status */ 697 #define MSG_TYPE_STATUS 0x7D 698 #define MSG_TYPE_STATUS_ENQ 0x75 699 700 static const struct tok fr_q933_msg_values[] = { 701 { MSG_TYPE_ESC_TO_NATIONAL, "ESC to National" }, 702 { MSG_TYPE_ALERT, "Alert" }, 703 { MSG_TYPE_CALL_PROCEEDING, "Call proceeding" }, 704 { MSG_TYPE_CONNECT, "Connect" }, 705 { MSG_TYPE_CONNECT_ACK, "Connect ACK" }, 706 { MSG_TYPE_PROGRESS, "Progress" }, 707 { MSG_TYPE_SETUP, "Setup" }, 708 { MSG_TYPE_DISCONNECT, "Disconnect" }, 709 { MSG_TYPE_RELEASE, "Release" }, 710 { MSG_TYPE_RELEASE_COMPLETE, "Release Complete" }, 711 { MSG_TYPE_RESTART, "Restart" }, 712 { MSG_TYPE_RESTART_ACK, "Restart ACK" }, 713 { MSG_TYPE_STATUS, "Status Reply" }, 714 { MSG_TYPE_STATUS_ENQ, "Status Enquiry" }, 715 { 0, NULL } 716 }; 717 718 #define IE_IS_SINGLE_OCTET(iecode) ((iecode) & 0x80) 719 #define IE_IS_SHIFT(iecode) (((iecode) & 0xF0) == 0x90) 720 #define IE_SHIFT_IS_NON_LOCKING(iecode) ((iecode) & 0x08) 721 #define IE_SHIFT_IS_LOCKING(iecode) (!(IE_SHIFT_IS_NON_LOCKING(iecode))) 722 #define IE_SHIFT_CODESET(iecode) ((iecode) & 0x07) 723 724 #define FR_LMI_ANSI_REPORT_TYPE_IE 0x01 725 #define FR_LMI_ANSI_LINK_VERIFY_IE_91 0x19 /* details? */ 726 #define FR_LMI_ANSI_LINK_VERIFY_IE 0x03 727 #define FR_LMI_ANSI_PVC_STATUS_IE 0x07 728 729 #define FR_LMI_CCITT_REPORT_TYPE_IE 0x51 730 #define FR_LMI_CCITT_LINK_VERIFY_IE 0x53 731 #define FR_LMI_CCITT_PVC_STATUS_IE 0x57 732 733 static const struct tok fr_q933_ie_values_codeset_0_5[] = { 734 { FR_LMI_ANSI_REPORT_TYPE_IE, "ANSI Report Type" }, 735 { FR_LMI_ANSI_LINK_VERIFY_IE_91, "ANSI Link Verify" }, 736 { FR_LMI_ANSI_LINK_VERIFY_IE, "ANSI Link Verify" }, 737 { FR_LMI_ANSI_PVC_STATUS_IE, "ANSI PVC Status" }, 738 { FR_LMI_CCITT_REPORT_TYPE_IE, "CCITT Report Type" }, 739 { FR_LMI_CCITT_LINK_VERIFY_IE, "CCITT Link Verify" }, 740 { FR_LMI_CCITT_PVC_STATUS_IE, "CCITT PVC Status" }, 741 { 0, NULL } 742 }; 743 744 #define FR_LMI_REPORT_TYPE_IE_FULL_STATUS 0 745 #define FR_LMI_REPORT_TYPE_IE_LINK_VERIFY 1 746 #define FR_LMI_REPORT_TYPE_IE_ASYNC_PVC 2 747 748 static const struct tok fr_lmi_report_type_ie_values[] = { 749 { FR_LMI_REPORT_TYPE_IE_FULL_STATUS, "Full Status" }, 750 { FR_LMI_REPORT_TYPE_IE_LINK_VERIFY, "Link verify" }, 751 { FR_LMI_REPORT_TYPE_IE_ASYNC_PVC, "Async PVC Status" }, 752 { 0, NULL } 753 }; 754 755 /* array of 16 codesets - currently we only support codepage 0 and 5 */ 756 static const struct tok *fr_q933_ie_codesets[] = { 757 fr_q933_ie_values_codeset_0_5, 758 NULL, 759 NULL, 760 NULL, 761 NULL, 762 fr_q933_ie_values_codeset_0_5, 763 NULL, 764 NULL, 765 NULL, 766 NULL, 767 NULL, 768 NULL, 769 NULL, 770 NULL, 771 NULL, 772 NULL 773 }; 774 775 static int fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode, 776 u_int ielength, const u_char *p); 777 778 typedef int (*codeset_pr_func_t)(netdissect_options *, u_int iecode, 779 u_int ielength, const u_char *p); 780 781 /* array of 16 codesets - currently we only support codepage 0 and 5 */ 782 static const codeset_pr_func_t fr_q933_print_ie_codeset[] = { 783 fr_q933_print_ie_codeset_0_5, 784 NULL, 785 NULL, 786 NULL, 787 NULL, 788 fr_q933_print_ie_codeset_0_5, 789 NULL, 790 NULL, 791 NULL, 792 NULL, 793 NULL, 794 NULL, 795 NULL, 796 NULL, 797 NULL, 798 NULL 799 }; 800 801 /* 802 * ITU-T Q.933. 803 * 804 * p points to octet 2, the octet containing the length of the 805 * call reference value, so p[n] is octet n+2 ("octet X" is as 806 * used in Q.931/Q.933). 807 * 808 * XXX - actually used both for Q.931 and Q.933. 809 */ 810 void 811 q933_print(netdissect_options *ndo, 812 const u_char *p, u_int length) 813 { 814 u_int olen; 815 u_int call_ref_length, i; 816 uint8_t call_ref[15]; /* maximum length - length field is 4 bits */ 817 u_int msgtype; 818 u_int iecode; 819 u_int ielength; 820 u_int codeset = 0; 821 u_int is_ansi = 0; 822 u_int ie_is_known; 823 u_int non_locking_shift; 824 u_int unshift_codeset; 825 826 ndo->ndo_protocol = "q.933"; 827 ND_PRINT("%s", ndo->ndo_eflag ? "" : "Q.933"); 828 829 if (length == 0 || !ND_TTEST_1(p)) { 830 if (!ndo->ndo_eflag) 831 ND_PRINT(", "); 832 ND_PRINT("length %u", length); 833 goto trunc; 834 } 835 836 /* 837 * Get the length of the call reference value. 838 */ 839 olen = length; /* preserve the original length for display */ 840 call_ref_length = GET_U_1(p) & 0x0f; 841 p++; 842 length--; 843 844 /* 845 * Get the call reference value. 846 */ 847 for (i = 0; i < call_ref_length; i++) { 848 if (length == 0 || !ND_TTEST_1(p)) { 849 if (!ndo->ndo_eflag) 850 ND_PRINT(", "); 851 ND_PRINT("length %u", olen); 852 goto trunc; 853 } 854 call_ref[i] = GET_U_1(p); 855 p++; 856 length--; 857 } 858 859 /* 860 * Get the message type. 861 */ 862 if (length == 0 || !ND_TTEST_1(p)) { 863 if (!ndo->ndo_eflag) 864 ND_PRINT(", "); 865 ND_PRINT("length %u", olen); 866 goto trunc; 867 } 868 msgtype = GET_U_1(p); 869 p++; 870 length--; 871 872 /* 873 * Peek ahead to see if we start with a shift. 874 */ 875 non_locking_shift = 0; 876 unshift_codeset = codeset; 877 if (length != 0) { 878 if (!ND_TTEST_1(p)) { 879 if (!ndo->ndo_eflag) 880 ND_PRINT(", "); 881 ND_PRINT("length %u", olen); 882 goto trunc; 883 } 884 iecode = GET_U_1(p); 885 if (IE_IS_SHIFT(iecode)) { 886 /* 887 * It's a shift. Skip over it. 888 */ 889 p++; 890 length--; 891 892 /* 893 * Get the codeset. 894 */ 895 codeset = IE_SHIFT_CODESET(iecode); 896 897 /* 898 * If it's a locking shift to codeset 5, 899 * mark this as ANSI. (XXX - 5 is actually 900 * for national variants in general, not 901 * the US variant in particular, but maybe 902 * this is more American exceptionalism. :-)) 903 */ 904 if (IE_SHIFT_IS_LOCKING(iecode)) { 905 /* 906 * It's a locking shift. 907 */ 908 if (codeset == 5) { 909 /* 910 * It's a locking shift to 911 * codeset 5, so this is 912 * T1.617 Annex D. 913 */ 914 is_ansi = 1; 915 } 916 } else { 917 /* 918 * It's a non-locking shift. 919 * Remember the current codeset, so we 920 * can revert to it after the next IE. 921 */ 922 non_locking_shift = 1; 923 unshift_codeset = 0; 924 } 925 } 926 } 927 928 /* printing out header part */ 929 if (!ndo->ndo_eflag) 930 ND_PRINT(", "); 931 ND_PRINT("%s, codeset %u", is_ansi ? "ANSI" : "CCITT", codeset); 932 933 if (call_ref_length != 0) { 934 if (call_ref_length > 1 || GET_U_1(p) != 0) { 935 /* 936 * Not a dummy call reference. 937 */ 938 ND_PRINT(", Call Ref: 0x"); 939 for (i = 0; i < call_ref_length; i++) 940 ND_PRINT("%02x", call_ref[i]); 941 } 942 } 943 if (ndo->ndo_vflag) { 944 ND_PRINT(", %s (0x%02x), length %u", 945 tok2str(fr_q933_msg_values, 946 "unknown message", msgtype), 947 msgtype, 948 olen); 949 } else { 950 ND_PRINT(", %s", 951 tok2str(fr_q933_msg_values, 952 "unknown message 0x%02x", msgtype)); 953 } 954 955 /* Loop through the rest of the IEs */ 956 while (length != 0) { 957 /* 958 * What's the state of any non-locking shifts? 959 */ 960 if (non_locking_shift == 1) { 961 /* 962 * There's a non-locking shift in effect for 963 * this IE. Count it, so we reset the codeset 964 * before the next IE. 965 */ 966 non_locking_shift = 2; 967 } else if (non_locking_shift == 2) { 968 /* 969 * Unshift. 970 */ 971 codeset = unshift_codeset; 972 non_locking_shift = 0; 973 } 974 975 /* 976 * Get the first octet of the IE. 977 */ 978 if (!ND_TTEST_1(p)) { 979 if (!ndo->ndo_vflag) { 980 ND_PRINT(", length %u", olen); 981 } 982 goto trunc; 983 } 984 iecode = GET_U_1(p); 985 p++; 986 length--; 987 988 /* Single-octet IE? */ 989 if (IE_IS_SINGLE_OCTET(iecode)) { 990 /* 991 * Yes. Is it a shift? 992 */ 993 if (IE_IS_SHIFT(iecode)) { 994 /* 995 * Yes. Is it locking? 996 */ 997 if (IE_SHIFT_IS_LOCKING(iecode)) { 998 /* 999 * Yes. 1000 */ 1001 non_locking_shift = 0; 1002 } else { 1003 /* 1004 * No. Remember the current 1005 * codeset, so we can revert 1006 * to it after the next IE. 1007 */ 1008 non_locking_shift = 1; 1009 unshift_codeset = codeset; 1010 } 1011 1012 /* 1013 * Get the codeset. 1014 */ 1015 codeset = IE_SHIFT_CODESET(iecode); 1016 } 1017 } else { 1018 /* 1019 * No. Get the IE length. 1020 */ 1021 if (length == 0 || !ND_TTEST_1(p)) { 1022 if (!ndo->ndo_vflag) { 1023 ND_PRINT(", length %u", olen); 1024 } 1025 goto trunc; 1026 } 1027 ielength = GET_U_1(p); 1028 p++; 1029 length--; 1030 1031 /* lets do the full IE parsing only in verbose mode 1032 * however some IEs (DLCI Status, Link Verify) 1033 * are also interesting in non-verbose mode */ 1034 if (ndo->ndo_vflag) { 1035 ND_PRINT("\n\t%s IE (0x%02x), length %u: ", 1036 tok2str(fr_q933_ie_codesets[codeset], 1037 "unknown", iecode), 1038 iecode, 1039 ielength); 1040 } 1041 1042 /* sanity checks */ 1043 if (iecode == 0 || ielength == 0) { 1044 return; 1045 } 1046 if (length < ielength || !ND_TTEST_LEN(p, ielength)) { 1047 if (!ndo->ndo_vflag) { 1048 ND_PRINT(", length %u", olen); 1049 } 1050 goto trunc; 1051 } 1052 1053 ie_is_known = 0; 1054 if (fr_q933_print_ie_codeset[codeset] != NULL) { 1055 ie_is_known = fr_q933_print_ie_codeset[codeset](ndo, iecode, ielength, p); 1056 } 1057 1058 if (ie_is_known) { 1059 /* 1060 * Known IE; do we want to see a hexdump 1061 * of it? 1062 */ 1063 if (ndo->ndo_vflag > 1) { 1064 /* Yes. */ 1065 print_unknown_data(ndo, p, "\n\t ", ielength); 1066 } 1067 } else { 1068 /* 1069 * Unknown IE; if we're printing verbosely, 1070 * print its content in hex. 1071 */ 1072 if (ndo->ndo_vflag >= 1) { 1073 print_unknown_data(ndo, p, "\n\t", ielength); 1074 } 1075 } 1076 1077 length -= ielength; 1078 p += ielength; 1079 } 1080 } 1081 if (!ndo->ndo_vflag) { 1082 ND_PRINT(", length %u", olen); 1083 } 1084 return; 1085 1086 trunc: 1087 nd_print_trunc(ndo); 1088 } 1089 1090 static int 1091 fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode, 1092 u_int ielength, const u_char *p) 1093 { 1094 u_int dlci; 1095 1096 switch (iecode) { 1097 1098 case FR_LMI_ANSI_REPORT_TYPE_IE: /* fall through */ 1099 case FR_LMI_CCITT_REPORT_TYPE_IE: 1100 if (ielength < 1) { 1101 if (!ndo->ndo_vflag) { 1102 ND_PRINT(", "); 1103 } 1104 ND_PRINT("Invalid REPORT TYPE IE"); 1105 return 1; 1106 } 1107 if (ndo->ndo_vflag) { 1108 ND_PRINT("%s (%u)", 1109 tok2str(fr_lmi_report_type_ie_values,"unknown",GET_U_1(p)), 1110 GET_U_1(p)); 1111 } 1112 return 1; 1113 1114 case FR_LMI_ANSI_LINK_VERIFY_IE: /* fall through */ 1115 case FR_LMI_CCITT_LINK_VERIFY_IE: 1116 case FR_LMI_ANSI_LINK_VERIFY_IE_91: 1117 if (!ndo->ndo_vflag) { 1118 ND_PRINT(", "); 1119 } 1120 if (ielength < 2) { 1121 ND_PRINT("Invalid LINK VERIFY IE"); 1122 return 1; 1123 } 1124 ND_PRINT("TX Seq: %3d, RX Seq: %3d", GET_U_1(p), GET_U_1(p + 1)); 1125 return 1; 1126 1127 case FR_LMI_ANSI_PVC_STATUS_IE: /* fall through */ 1128 case FR_LMI_CCITT_PVC_STATUS_IE: 1129 if (!ndo->ndo_vflag) { 1130 ND_PRINT(", "); 1131 } 1132 /* now parse the DLCI information element. */ 1133 if ((ielength < 3) || 1134 (GET_U_1(p) & 0x80) || 1135 ((ielength == 3) && !(GET_U_1(p + 1) & 0x80)) || 1136 ((ielength == 4) && 1137 ((GET_U_1(p + 1) & 0x80) || !(GET_U_1(p + 2) & 0x80))) || 1138 ((ielength == 5) && 1139 ((GET_U_1(p + 1) & 0x80) || (GET_U_1(p + 2) & 0x80) || 1140 !(GET_U_1(p + 3) & 0x80))) || 1141 (ielength > 5) || 1142 !(GET_U_1(p + ielength - 1) & 0x80)) { 1143 ND_PRINT("Invalid DLCI in PVC STATUS IE"); 1144 return 1; 1145 } 1146 1147 dlci = ((GET_U_1(p) & 0x3F) << 4) | ((GET_U_1(p + 1) & 0x78) >> 3); 1148 if (ielength == 4) { 1149 dlci = (dlci << 6) | ((GET_U_1(p + 2) & 0x7E) >> 1); 1150 } else if (ielength == 5) { 1151 dlci = (dlci << 13) | (GET_U_1(p + 2) & 0x7F) | ((GET_U_1(p + 3) & 0x7E) >> 1); 1152 } 1153 1154 ND_PRINT("DLCI %u: status %s%s", dlci, 1155 GET_U_1(p + ielength - 1) & 0x8 ? "New, " : "", 1156 GET_U_1(p + ielength - 1) & 0x2 ? "Active" : "Inactive"); 1157 return 1; 1158 } 1159 1160 return 0; 1161 } 1162