1 /* 2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 */ 21 22 /* \summary: Internet Control Message Protocol (ICMP) printer */ 23 24 #ifdef HAVE_CONFIG_H 25 #include "config.h" 26 #endif 27 28 #include <netdissect-stdinc.h> 29 30 #include <stdio.h> 31 #include <string.h> 32 33 #include "netdissect.h" 34 #include "addrtoname.h" 35 #include "extract.h" 36 37 #include "ip.h" 38 #include "udp.h" 39 #include "ipproto.h" 40 #include "mpls.h" 41 42 /* 43 * Interface Control Message Protocol Definitions. 44 * Per RFC 792, September 1981. 45 */ 46 47 /* 48 * Structure of an icmp header. 49 */ 50 struct icmp { 51 uint8_t icmp_type; /* type of message, see below */ 52 uint8_t icmp_code; /* type sub code */ 53 uint16_t icmp_cksum; /* ones complement cksum of struct */ 54 union { 55 uint8_t ih_pptr; /* ICMP_PARAMPROB */ 56 struct in_addr ih_gwaddr; /* ICMP_REDIRECT */ 57 struct ih_idseq { 58 uint16_t icd_id; 59 uint16_t icd_seq; 60 } ih_idseq; 61 uint32_t ih_void; 62 } icmp_hun; 63 #define icmp_pptr icmp_hun.ih_pptr 64 #define icmp_gwaddr icmp_hun.ih_gwaddr 65 #define icmp_id icmp_hun.ih_idseq.icd_id 66 #define icmp_seq icmp_hun.ih_idseq.icd_seq 67 #define icmp_void icmp_hun.ih_void 68 union { 69 struct id_ts { 70 uint32_t its_otime; 71 uint32_t its_rtime; 72 uint32_t its_ttime; 73 } id_ts; 74 struct id_ip { 75 struct ip idi_ip; 76 /* options and then 64 bits of data */ 77 } id_ip; 78 uint32_t id_mask; 79 uint8_t id_data[1]; 80 } icmp_dun; 81 #define icmp_otime icmp_dun.id_ts.its_otime 82 #define icmp_rtime icmp_dun.id_ts.its_rtime 83 #define icmp_ttime icmp_dun.id_ts.its_ttime 84 #define icmp_ip icmp_dun.id_ip.idi_ip 85 #define icmp_mask icmp_dun.id_mask 86 #define icmp_data icmp_dun.id_data 87 }; 88 89 #define ICMP_MPLS_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4) 90 #define ICMP_MPLS_EXT_VERSION 2 91 92 /* 93 * Lower bounds on packet lengths for various types. 94 * For the error advice packets must first insure that the 95 * packet is large enought to contain the returned ip header. 96 * Only then can we do the check to see if 64 bits of packet 97 * data have been returned, since we need to check the returned 98 * ip header length. 99 */ 100 #define ICMP_MINLEN 8 /* abs minimum */ 101 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip)) /* draft-bonica-internet-icmp-08 */ 102 #define ICMP_TSLEN (8 + 3 * sizeof (uint32_t)) /* timestamp */ 103 #define ICMP_MASKLEN 12 /* address mask */ 104 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */ 105 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8) 106 /* N.B.: must separately check that ip_hl >= 5 */ 107 108 /* 109 * Definition of type and code field values. 110 */ 111 #define ICMP_ECHOREPLY 0 /* echo reply */ 112 #define ICMP_UNREACH 3 /* dest unreachable, codes: */ 113 #define ICMP_UNREACH_NET 0 /* bad net */ 114 #define ICMP_UNREACH_HOST 1 /* bad host */ 115 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */ 116 #define ICMP_UNREACH_PORT 3 /* bad port */ 117 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */ 118 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */ 119 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */ 120 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */ 121 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */ 122 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */ 123 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */ 124 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */ 125 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */ 126 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */ 127 #define ICMP_REDIRECT 5 /* shorter route, codes: */ 128 #define ICMP_REDIRECT_NET 0 /* for network */ 129 #define ICMP_REDIRECT_HOST 1 /* for host */ 130 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */ 131 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */ 132 #define ICMP_ECHO 8 /* echo service */ 133 #define ICMP_ROUTERADVERT 9 /* router advertisement */ 134 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */ 135 #define ICMP_TIMXCEED 11 /* time exceeded, code: */ 136 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */ 137 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */ 138 #define ICMP_PARAMPROB 12 /* ip header bad */ 139 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */ 140 #define ICMP_TSTAMP 13 /* timestamp request */ 141 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */ 142 #define ICMP_IREQ 15 /* information request */ 143 #define ICMP_IREQREPLY 16 /* information reply */ 144 #define ICMP_MASKREQ 17 /* address mask request */ 145 #define ICMP_MASKREPLY 18 /* address mask reply */ 146 147 #define ICMP_MAXTYPE 18 148 149 #define ICMP_ERRTYPE(type) \ 150 ((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \ 151 (type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \ 152 (type) == ICMP_PARAMPROB) 153 #define ICMP_MPLS_EXT_TYPE(type) \ 154 ((type) == ICMP_UNREACH || \ 155 (type) == ICMP_TIMXCEED || \ 156 (type) == ICMP_PARAMPROB) 157 /* rfc1700 */ 158 #ifndef ICMP_UNREACH_NET_UNKNOWN 159 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */ 160 #endif 161 #ifndef ICMP_UNREACH_HOST_UNKNOWN 162 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */ 163 #endif 164 #ifndef ICMP_UNREACH_ISOLATED 165 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */ 166 #endif 167 #ifndef ICMP_UNREACH_NET_PROHIB 168 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */ 169 #endif 170 #ifndef ICMP_UNREACH_HOST_PROHIB 171 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */ 172 #endif 173 #ifndef ICMP_UNREACH_TOSNET 174 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */ 175 #endif 176 #ifndef ICMP_UNREACH_TOSHOST 177 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */ 178 #endif 179 180 /* rfc1716 */ 181 #ifndef ICMP_UNREACH_FILTER_PROHIB 182 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */ 183 #endif 184 #ifndef ICMP_UNREACH_HOST_PRECEDENCE 185 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */ 186 #endif 187 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 188 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */ 189 #endif 190 191 /* Most of the icmp types */ 192 static const struct tok icmp2str[] = { 193 { ICMP_ECHOREPLY, "echo reply" }, 194 { ICMP_SOURCEQUENCH, "source quench" }, 195 { ICMP_ECHO, "echo request" }, 196 { ICMP_ROUTERSOLICIT, "router solicitation" }, 197 { ICMP_TSTAMP, "time stamp request" }, 198 { ICMP_TSTAMPREPLY, "time stamp reply" }, 199 { ICMP_IREQ, "information request" }, 200 { ICMP_IREQREPLY, "information reply" }, 201 { ICMP_MASKREQ, "address mask request" }, 202 { 0, NULL } 203 }; 204 205 /* Formats for most of the ICMP_UNREACH codes */ 206 static const struct tok unreach2str[] = { 207 { ICMP_UNREACH_NET, "net %s unreachable" }, 208 { ICMP_UNREACH_HOST, "host %s unreachable" }, 209 { ICMP_UNREACH_SRCFAIL, 210 "%s unreachable - source route failed" }, 211 { ICMP_UNREACH_NET_UNKNOWN, "net %s unreachable - unknown" }, 212 { ICMP_UNREACH_HOST_UNKNOWN, "host %s unreachable - unknown" }, 213 { ICMP_UNREACH_ISOLATED, 214 "%s unreachable - source host isolated" }, 215 { ICMP_UNREACH_NET_PROHIB, 216 "net %s unreachable - admin prohibited" }, 217 { ICMP_UNREACH_HOST_PROHIB, 218 "host %s unreachable - admin prohibited" }, 219 { ICMP_UNREACH_TOSNET, 220 "net %s unreachable - tos prohibited" }, 221 { ICMP_UNREACH_TOSHOST, 222 "host %s unreachable - tos prohibited" }, 223 { ICMP_UNREACH_FILTER_PROHIB, 224 "host %s unreachable - admin prohibited filter" }, 225 { ICMP_UNREACH_HOST_PRECEDENCE, 226 "host %s unreachable - host precedence violation" }, 227 { ICMP_UNREACH_PRECEDENCE_CUTOFF, 228 "host %s unreachable - precedence cutoff" }, 229 { 0, NULL } 230 }; 231 232 /* Formats for the ICMP_REDIRECT codes */ 233 static const struct tok type2str[] = { 234 { ICMP_REDIRECT_NET, "redirect %s to net %s" }, 235 { ICMP_REDIRECT_HOST, "redirect %s to host %s" }, 236 { ICMP_REDIRECT_TOSNET, "redirect-tos %s to net %s" }, 237 { ICMP_REDIRECT_TOSHOST, "redirect-tos %s to host %s" }, 238 { 0, NULL } 239 }; 240 241 /* rfc1191 */ 242 struct mtu_discovery { 243 uint16_t unused; 244 uint16_t nexthopmtu; 245 }; 246 247 /* rfc1256 */ 248 struct ih_rdiscovery { 249 uint8_t ird_addrnum; 250 uint8_t ird_addrsiz; 251 uint16_t ird_lifetime; 252 }; 253 254 struct id_rdiscovery { 255 uint32_t ird_addr; 256 uint32_t ird_pref; 257 }; 258 259 /* 260 * draft-bonica-internet-icmp-08 261 * 262 * The Destination Unreachable, Time Exceeded 263 * and Parameter Problem messages are slighly changed as per 264 * the above draft. A new Length field gets added to give 265 * the caller an idea about the length of the piggypacked 266 * IP packet before the MPLS extension header starts. 267 * 268 * The Length field represents length of the padded "original datagram" 269 * field measured in 32-bit words. 270 * 271 * 0 1 2 3 272 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 273 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 274 * | Type | Code | Checksum | 275 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 276 * | unused | Length | unused | 277 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 278 * | Internet Header + leading octets of original datagram | 279 * | | 280 * | // | 281 * | | 282 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 283 */ 284 285 struct icmp_ext_t { 286 uint8_t icmp_type; 287 uint8_t icmp_code; 288 uint8_t icmp_checksum[2]; 289 uint8_t icmp_reserved; 290 uint8_t icmp_length; 291 uint8_t icmp_reserved2[2]; 292 uint8_t icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */ 293 uint8_t icmp_ext_version_res[2]; 294 uint8_t icmp_ext_checksum[2]; 295 uint8_t icmp_ext_data[1]; 296 }; 297 298 struct icmp_mpls_ext_object_header_t { 299 uint8_t length[2]; 300 uint8_t class_num; 301 uint8_t ctype; 302 }; 303 304 static const struct tok icmp_mpls_ext_obj_values[] = { 305 { 1, "MPLS Stack Entry" }, 306 { 2, "Extended Payload" }, 307 { 0, NULL} 308 }; 309 310 /* prototypes */ 311 const char *icmp_tstamp_print(u_int); 312 313 /* print the milliseconds since midnight UTC */ 314 const char * 315 icmp_tstamp_print(u_int tstamp) 316 { 317 u_int msec,sec,min,hrs; 318 319 static char buf[64]; 320 321 msec = tstamp % 1000; 322 sec = tstamp / 1000; 323 min = sec / 60; sec -= min * 60; 324 hrs = min / 60; min -= hrs * 60; 325 snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec); 326 return buf; 327 } 328 329 void 330 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *bp2, 331 int fragmented) 332 { 333 char *cp; 334 const struct icmp *dp; 335 const struct icmp_ext_t *ext_dp; 336 const struct ip *ip; 337 const char *str, *fmt; 338 const struct ip *oip; 339 const struct udphdr *ouh; 340 const uint8_t *obj_tptr; 341 uint32_t raw_label; 342 const u_char *snapend_save; 343 const struct icmp_mpls_ext_object_header_t *icmp_mpls_ext_object_header; 344 u_int hlen, dport, mtu, obj_tlen, obj_class_num, obj_ctype; 345 char buf[MAXHOSTNAMELEN + 100]; 346 struct cksum_vec vec[1]; 347 348 dp = (const struct icmp *)bp; 349 ext_dp = (const struct icmp_ext_t *)bp; 350 ip = (const struct ip *)bp2; 351 str = buf; 352 353 ND_TCHECK(dp->icmp_code); 354 switch (dp->icmp_type) { 355 356 case ICMP_ECHO: 357 case ICMP_ECHOREPLY: 358 ND_TCHECK(dp->icmp_seq); 359 (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u", 360 dp->icmp_type == ICMP_ECHO ? 361 "request" : "reply", 362 EXTRACT_16BITS(&dp->icmp_id), 363 EXTRACT_16BITS(&dp->icmp_seq)); 364 break; 365 366 case ICMP_UNREACH: 367 ND_TCHECK(dp->icmp_ip.ip_dst); 368 switch (dp->icmp_code) { 369 370 case ICMP_UNREACH_PROTOCOL: 371 ND_TCHECK(dp->icmp_ip.ip_p); 372 (void)snprintf(buf, sizeof(buf), 373 "%s protocol %d unreachable", 374 ipaddr_string(ndo, &dp->icmp_ip.ip_dst), 375 dp->icmp_ip.ip_p); 376 break; 377 378 case ICMP_UNREACH_PORT: 379 ND_TCHECK(dp->icmp_ip.ip_p); 380 oip = &dp->icmp_ip; 381 hlen = IP_HL(oip) * 4; 382 ouh = (const struct udphdr *)(((const u_char *)oip) + hlen); 383 ND_TCHECK(ouh->uh_dport); 384 dport = EXTRACT_16BITS(&ouh->uh_dport); 385 switch (oip->ip_p) { 386 387 case IPPROTO_TCP: 388 (void)snprintf(buf, sizeof(buf), 389 "%s tcp port %s unreachable", 390 ipaddr_string(ndo, &oip->ip_dst), 391 tcpport_string(ndo, dport)); 392 break; 393 394 case IPPROTO_UDP: 395 (void)snprintf(buf, sizeof(buf), 396 "%s udp port %s unreachable", 397 ipaddr_string(ndo, &oip->ip_dst), 398 udpport_string(ndo, dport)); 399 break; 400 401 default: 402 (void)snprintf(buf, sizeof(buf), 403 "%s protocol %d port %d unreachable", 404 ipaddr_string(ndo, &oip->ip_dst), 405 oip->ip_p, dport); 406 break; 407 } 408 break; 409 410 case ICMP_UNREACH_NEEDFRAG: 411 { 412 register const struct mtu_discovery *mp; 413 mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void; 414 mtu = EXTRACT_16BITS(&mp->nexthopmtu); 415 if (mtu) { 416 (void)snprintf(buf, sizeof(buf), 417 "%s unreachable - need to frag (mtu %d)", 418 ipaddr_string(ndo, &dp->icmp_ip.ip_dst), mtu); 419 } else { 420 (void)snprintf(buf, sizeof(buf), 421 "%s unreachable - need to frag", 422 ipaddr_string(ndo, &dp->icmp_ip.ip_dst)); 423 } 424 } 425 break; 426 427 default: 428 fmt = tok2str(unreach2str, "#%d %%s unreachable", 429 dp->icmp_code); 430 (void)snprintf(buf, sizeof(buf), fmt, 431 ipaddr_string(ndo, &dp->icmp_ip.ip_dst)); 432 break; 433 } 434 break; 435 436 case ICMP_REDIRECT: 437 ND_TCHECK(dp->icmp_ip.ip_dst); 438 fmt = tok2str(type2str, "redirect-#%d %%s to net %%s", 439 dp->icmp_code); 440 (void)snprintf(buf, sizeof(buf), fmt, 441 ipaddr_string(ndo, &dp->icmp_ip.ip_dst), 442 ipaddr_string(ndo, &dp->icmp_gwaddr)); 443 break; 444 445 case ICMP_ROUTERADVERT: 446 { 447 register const struct ih_rdiscovery *ihp; 448 register const struct id_rdiscovery *idp; 449 u_int lifetime, num, size; 450 451 (void)snprintf(buf, sizeof(buf), "router advertisement"); 452 cp = buf + strlen(buf); 453 454 ihp = (const struct ih_rdiscovery *)&dp->icmp_void; 455 ND_TCHECK(*ihp); 456 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf)); 457 cp = buf + strlen(buf); 458 lifetime = EXTRACT_16BITS(&ihp->ird_lifetime); 459 if (lifetime < 60) { 460 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u", 461 lifetime); 462 } else if (lifetime < 60 * 60) { 463 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u", 464 lifetime / 60, lifetime % 60); 465 } else { 466 (void)snprintf(cp, sizeof(buf) - (cp - buf), 467 "%u:%02u:%02u", 468 lifetime / 3600, 469 (lifetime % 3600) / 60, 470 lifetime % 60); 471 } 472 cp = buf + strlen(buf); 473 474 num = ihp->ird_addrnum; 475 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %d:", num); 476 cp = buf + strlen(buf); 477 478 size = ihp->ird_addrsiz; 479 if (size != 2) { 480 (void)snprintf(cp, sizeof(buf) - (cp - buf), 481 " [size %d]", size); 482 break; 483 } 484 idp = (const struct id_rdiscovery *)&dp->icmp_data; 485 while (num-- > 0) { 486 ND_TCHECK(*idp); 487 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}", 488 ipaddr_string(ndo, &idp->ird_addr), 489 EXTRACT_32BITS(&idp->ird_pref)); 490 cp = buf + strlen(buf); 491 ++idp; 492 } 493 } 494 break; 495 496 case ICMP_TIMXCEED: 497 ND_TCHECK(dp->icmp_ip.ip_dst); 498 switch (dp->icmp_code) { 499 500 case ICMP_TIMXCEED_INTRANS: 501 str = "time exceeded in-transit"; 502 break; 503 504 case ICMP_TIMXCEED_REASS: 505 str = "ip reassembly time exceeded"; 506 break; 507 508 default: 509 (void)snprintf(buf, sizeof(buf), "time exceeded-#%d", 510 dp->icmp_code); 511 break; 512 } 513 break; 514 515 case ICMP_PARAMPROB: 516 if (dp->icmp_code) 517 (void)snprintf(buf, sizeof(buf), 518 "parameter problem - code %d", dp->icmp_code); 519 else { 520 ND_TCHECK(dp->icmp_pptr); 521 (void)snprintf(buf, sizeof(buf), 522 "parameter problem - octet %d", dp->icmp_pptr); 523 } 524 break; 525 526 case ICMP_MASKREPLY: 527 ND_TCHECK(dp->icmp_mask); 528 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x", 529 EXTRACT_32BITS(&dp->icmp_mask)); 530 break; 531 532 case ICMP_TSTAMP: 533 ND_TCHECK(dp->icmp_seq); 534 (void)snprintf(buf, sizeof(buf), 535 "time stamp query id %u seq %u", 536 EXTRACT_16BITS(&dp->icmp_id), 537 EXTRACT_16BITS(&dp->icmp_seq)); 538 break; 539 540 case ICMP_TSTAMPREPLY: 541 ND_TCHECK(dp->icmp_ttime); 542 (void)snprintf(buf, sizeof(buf), 543 "time stamp reply id %u seq %u: org %s", 544 EXTRACT_16BITS(&dp->icmp_id), 545 EXTRACT_16BITS(&dp->icmp_seq), 546 icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_otime))); 547 548 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s", 549 icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_rtime))); 550 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s", 551 icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_ttime))); 552 break; 553 554 default: 555 str = tok2str(icmp2str, "type-#%d", dp->icmp_type); 556 break; 557 } 558 ND_PRINT((ndo, "ICMP %s, length %u", str, plen)); 559 if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */ 560 uint16_t sum, icmp_sum; 561 562 if (ND_TTEST2(*bp, plen)) { 563 vec[0].ptr = (const uint8_t *)(const void *)dp; 564 vec[0].len = plen; 565 sum = in_cksum(vec, 1); 566 if (sum != 0) { 567 icmp_sum = EXTRACT_16BITS(&dp->icmp_cksum); 568 ND_PRINT((ndo, " (wrong icmp cksum %x (->%x)!)", 569 icmp_sum, 570 in_cksum_shouldbe(icmp_sum, sum))); 571 } 572 } 573 } 574 575 /* 576 * print the remnants of the IP packet. 577 * save the snaplength as this may get overidden in the IP printer. 578 */ 579 if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(dp->icmp_type)) { 580 bp += 8; 581 ND_PRINT((ndo, "\n\t")); 582 ip = (const struct ip *)bp; 583 ndo->ndo_snaplen = ndo->ndo_snapend - bp; 584 snapend_save = ndo->ndo_snapend; 585 ND_TCHECK_16BITS(&ip->ip_len); 586 ip_print(ndo, bp, EXTRACT_16BITS(&ip->ip_len)); 587 ndo->ndo_snapend = snapend_save; 588 } 589 590 /* 591 * Attempt to decode the MPLS extensions only for some ICMP types. 592 */ 593 if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MPLS_EXT_TYPE(dp->icmp_type)) { 594 595 ND_TCHECK(*ext_dp); 596 597 /* 598 * Check first if the mpls extension header shows a non-zero length. 599 * If the length field is not set then silently verify the checksum 600 * to check if an extension header is present. This is expedient, 601 * however not all implementations set the length field proper. 602 */ 603 if (!ext_dp->icmp_length && 604 ND_TTEST2(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) { 605 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res; 606 vec[0].len = plen - ICMP_EXTD_MINLEN; 607 if (in_cksum(vec, 1)) { 608 return; 609 } 610 } 611 612 ND_PRINT((ndo, "\n\tMPLS extension v%u", 613 ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)))); 614 615 /* 616 * Sanity checking of the header. 617 */ 618 if (ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) != 619 ICMP_MPLS_EXT_VERSION) { 620 ND_PRINT((ndo, " packet not supported")); 621 return; 622 } 623 624 hlen = plen - ICMP_EXTD_MINLEN; 625 if (ND_TTEST2(ext_dp->icmp_ext_version_res, hlen)) { 626 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res; 627 vec[0].len = hlen; 628 ND_PRINT((ndo, ", checksum 0x%04x (%scorrect), length %u", 629 EXTRACT_16BITS(ext_dp->icmp_ext_checksum), 630 in_cksum(vec, 1) ? "in" : "", 631 hlen)); 632 } 633 634 hlen -= 4; /* subtract common header size */ 635 obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data; 636 637 while (hlen > sizeof(struct icmp_mpls_ext_object_header_t)) { 638 639 icmp_mpls_ext_object_header = (const struct icmp_mpls_ext_object_header_t *)obj_tptr; 640 ND_TCHECK(*icmp_mpls_ext_object_header); 641 obj_tlen = EXTRACT_16BITS(icmp_mpls_ext_object_header->length); 642 obj_class_num = icmp_mpls_ext_object_header->class_num; 643 obj_ctype = icmp_mpls_ext_object_header->ctype; 644 obj_tptr += sizeof(struct icmp_mpls_ext_object_header_t); 645 646 ND_PRINT((ndo, "\n\t %s Object (%u), Class-Type: %u, length %u", 647 tok2str(icmp_mpls_ext_obj_values,"unknown",obj_class_num), 648 obj_class_num, 649 obj_ctype, 650 obj_tlen)); 651 652 hlen-=sizeof(struct icmp_mpls_ext_object_header_t); /* length field includes tlv header */ 653 654 /* infinite loop protection */ 655 if ((obj_class_num == 0) || 656 (obj_tlen < sizeof(struct icmp_mpls_ext_object_header_t))) { 657 return; 658 } 659 obj_tlen-=sizeof(struct icmp_mpls_ext_object_header_t); 660 661 switch (obj_class_num) { 662 case 1: 663 switch(obj_ctype) { 664 case 1: 665 ND_TCHECK2(*obj_tptr, 4); 666 raw_label = EXTRACT_32BITS(obj_tptr); 667 ND_PRINT((ndo, "\n\t label %u, exp %u", MPLS_LABEL(raw_label), MPLS_EXP(raw_label))); 668 if (MPLS_STACK(raw_label)) 669 ND_PRINT((ndo, ", [S]")); 670 ND_PRINT((ndo, ", ttl %u", MPLS_TTL(raw_label))); 671 break; 672 default: 673 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen); 674 } 675 break; 676 677 /* 678 * FIXME those are the defined objects that lack a decoder 679 * you are welcome to contribute code ;-) 680 */ 681 case 2: 682 default: 683 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen); 684 break; 685 } 686 if (hlen < obj_tlen) 687 break; 688 hlen -= obj_tlen; 689 obj_tptr += obj_tlen; 690 } 691 } 692 693 return; 694 trunc: 695 ND_PRINT((ndo, "[|icmp]")); 696 } 697 /* 698 * Local Variables: 699 * c-style: whitesmith 700 * c-basic-offset: 8 701 * End: 702 */ 703