1 /* 2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * $FreeBSD$ 22 */ 23 24 #define NETDISSECT_REWORKED 25 #ifdef HAVE_CONFIG_H 26 #include "config.h" 27 #endif 28 29 #include <tcpdump-stdinc.h> 30 31 #include <stdio.h> 32 #include <string.h> 33 34 #include "interface.h" 35 #include "addrtoname.h" 36 #include "extract.h" /* must come after interface.h */ 37 38 #include "ip.h" 39 #include "udp.h" 40 #include "ipproto.h" 41 #include "mpls.h" 42 43 /* 44 * Interface Control Message Protocol Definitions. 45 * Per RFC 792, September 1981. 46 */ 47 48 /* 49 * Structure of an icmp header. 50 */ 51 struct icmp { 52 uint8_t icmp_type; /* type of message, see below */ 53 uint8_t icmp_code; /* type sub code */ 54 uint16_t icmp_cksum; /* ones complement cksum of struct */ 55 union { 56 uint8_t ih_pptr; /* ICMP_PARAMPROB */ 57 struct in_addr ih_gwaddr; /* ICMP_REDIRECT */ 58 struct ih_idseq { 59 uint16_t icd_id; 60 uint16_t icd_seq; 61 } ih_idseq; 62 uint32_t ih_void; 63 } icmp_hun; 64 #define icmp_pptr icmp_hun.ih_pptr 65 #define icmp_gwaddr icmp_hun.ih_gwaddr 66 #define icmp_id icmp_hun.ih_idseq.icd_id 67 #define icmp_seq icmp_hun.ih_idseq.icd_seq 68 #define icmp_void icmp_hun.ih_void 69 union { 70 struct id_ts { 71 uint32_t its_otime; 72 uint32_t its_rtime; 73 uint32_t its_ttime; 74 } id_ts; 75 struct id_ip { 76 struct ip idi_ip; 77 /* options and then 64 bits of data */ 78 } id_ip; 79 uint32_t id_mask; 80 uint8_t id_data[1]; 81 } icmp_dun; 82 #define icmp_otime icmp_dun.id_ts.its_otime 83 #define icmp_rtime icmp_dun.id_ts.its_rtime 84 #define icmp_ttime icmp_dun.id_ts.its_ttime 85 #define icmp_ip icmp_dun.id_ip.idi_ip 86 #define icmp_mask icmp_dun.id_mask 87 #define icmp_data icmp_dun.id_data 88 }; 89 90 #define ICMP_MPLS_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4) 91 #define ICMP_MPLS_EXT_VERSION 2 92 93 /* 94 * Lower bounds on packet lengths for various types. 95 * For the error advice packets must first insure that the 96 * packet is large enought to contain the returned ip header. 97 * Only then can we do the check to see if 64 bits of packet 98 * data have been returned, since we need to check the returned 99 * ip header length. 100 */ 101 #define ICMP_MINLEN 8 /* abs minimum */ 102 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip)) /* draft-bonica-internet-icmp-08 */ 103 #define ICMP_TSLEN (8 + 3 * sizeof (uint32_t)) /* timestamp */ 104 #define ICMP_MASKLEN 12 /* address mask */ 105 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */ 106 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8) 107 /* N.B.: must separately check that ip_hl >= 5 */ 108 109 /* 110 * Definition of type and code field values. 111 */ 112 #define ICMP_ECHOREPLY 0 /* echo reply */ 113 #define ICMP_UNREACH 3 /* dest unreachable, codes: */ 114 #define ICMP_UNREACH_NET 0 /* bad net */ 115 #define ICMP_UNREACH_HOST 1 /* bad host */ 116 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */ 117 #define ICMP_UNREACH_PORT 3 /* bad port */ 118 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */ 119 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */ 120 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */ 121 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */ 122 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */ 123 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */ 124 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */ 125 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */ 126 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */ 127 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */ 128 #define ICMP_REDIRECT 5 /* shorter route, codes: */ 129 #define ICMP_REDIRECT_NET 0 /* for network */ 130 #define ICMP_REDIRECT_HOST 1 /* for host */ 131 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */ 132 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */ 133 #define ICMP_ECHO 8 /* echo service */ 134 #define ICMP_ROUTERADVERT 9 /* router advertisement */ 135 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */ 136 #define ICMP_TIMXCEED 11 /* time exceeded, code: */ 137 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */ 138 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */ 139 #define ICMP_PARAMPROB 12 /* ip header bad */ 140 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */ 141 #define ICMP_TSTAMP 13 /* timestamp request */ 142 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */ 143 #define ICMP_IREQ 15 /* information request */ 144 #define ICMP_IREQREPLY 16 /* information reply */ 145 #define ICMP_MASKREQ 17 /* address mask request */ 146 #define ICMP_MASKREPLY 18 /* address mask reply */ 147 148 #define ICMP_MAXTYPE 18 149 150 #define ICMP_ERRTYPE(type) \ 151 ((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \ 152 (type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \ 153 (type) == ICMP_PARAMPROB) 154 #define ICMP_MPLS_EXT_TYPE(type) \ 155 ((type) == ICMP_UNREACH || \ 156 (type) == ICMP_TIMXCEED || \ 157 (type) == ICMP_PARAMPROB) 158 /* rfc1700 */ 159 #ifndef ICMP_UNREACH_NET_UNKNOWN 160 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */ 161 #endif 162 #ifndef ICMP_UNREACH_HOST_UNKNOWN 163 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */ 164 #endif 165 #ifndef ICMP_UNREACH_ISOLATED 166 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */ 167 #endif 168 #ifndef ICMP_UNREACH_NET_PROHIB 169 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */ 170 #endif 171 #ifndef ICMP_UNREACH_HOST_PROHIB 172 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */ 173 #endif 174 #ifndef ICMP_UNREACH_TOSNET 175 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */ 176 #endif 177 #ifndef ICMP_UNREACH_TOSHOST 178 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */ 179 #endif 180 181 /* rfc1716 */ 182 #ifndef ICMP_UNREACH_FILTER_PROHIB 183 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */ 184 #endif 185 #ifndef ICMP_UNREACH_HOST_PRECEDENCE 186 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */ 187 #endif 188 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 189 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */ 190 #endif 191 192 /* Most of the icmp types */ 193 static const struct tok icmp2str[] = { 194 { ICMP_ECHOREPLY, "echo reply" }, 195 { ICMP_SOURCEQUENCH, "source quench" }, 196 { ICMP_ECHO, "echo request" }, 197 { ICMP_ROUTERSOLICIT, "router solicitation" }, 198 { ICMP_TSTAMP, "time stamp request" }, 199 { ICMP_TSTAMPREPLY, "time stamp reply" }, 200 { ICMP_IREQ, "information request" }, 201 { ICMP_IREQREPLY, "information reply" }, 202 { ICMP_MASKREQ, "address mask request" }, 203 { 0, NULL } 204 }; 205 206 /* Formats for most of the ICMP_UNREACH codes */ 207 static const struct tok unreach2str[] = { 208 { ICMP_UNREACH_NET, "net %s unreachable" }, 209 { ICMP_UNREACH_HOST, "host %s unreachable" }, 210 { ICMP_UNREACH_SRCFAIL, 211 "%s unreachable - source route failed" }, 212 { ICMP_UNREACH_NET_UNKNOWN, "net %s unreachable - unknown" }, 213 { ICMP_UNREACH_HOST_UNKNOWN, "host %s unreachable - unknown" }, 214 { ICMP_UNREACH_ISOLATED, 215 "%s unreachable - source host isolated" }, 216 { ICMP_UNREACH_NET_PROHIB, 217 "net %s unreachable - admin prohibited" }, 218 { ICMP_UNREACH_HOST_PROHIB, 219 "host %s unreachable - admin prohibited" }, 220 { ICMP_UNREACH_TOSNET, 221 "net %s unreachable - tos prohibited" }, 222 { ICMP_UNREACH_TOSHOST, 223 "host %s unreachable - tos prohibited" }, 224 { ICMP_UNREACH_FILTER_PROHIB, 225 "host %s unreachable - admin prohibited filter" }, 226 { ICMP_UNREACH_HOST_PRECEDENCE, 227 "host %s unreachable - host precedence violation" }, 228 { ICMP_UNREACH_PRECEDENCE_CUTOFF, 229 "host %s unreachable - precedence cutoff" }, 230 { 0, NULL } 231 }; 232 233 /* Formats for the ICMP_REDIRECT codes */ 234 static const struct tok type2str[] = { 235 { ICMP_REDIRECT_NET, "redirect %s to net %s" }, 236 { ICMP_REDIRECT_HOST, "redirect %s to host %s" }, 237 { ICMP_REDIRECT_TOSNET, "redirect-tos %s to net %s" }, 238 { ICMP_REDIRECT_TOSHOST, "redirect-tos %s to host %s" }, 239 { 0, NULL } 240 }; 241 242 /* rfc1191 */ 243 struct mtu_discovery { 244 uint16_t unused; 245 uint16_t nexthopmtu; 246 }; 247 248 /* rfc1256 */ 249 struct ih_rdiscovery { 250 uint8_t ird_addrnum; 251 uint8_t ird_addrsiz; 252 uint16_t ird_lifetime; 253 }; 254 255 struct id_rdiscovery { 256 uint32_t ird_addr; 257 uint32_t ird_pref; 258 }; 259 260 /* 261 * draft-bonica-internet-icmp-08 262 * 263 * The Destination Unreachable, Time Exceeded 264 * and Parameter Problem messages are slighly changed as per 265 * the above draft. A new Length field gets added to give 266 * the caller an idea about the length of the piggypacked 267 * IP packet before the MPLS extension header starts. 268 * 269 * The Length field represents length of the padded "original datagram" 270 * field measured in 32-bit words. 271 * 272 * 0 1 2 3 273 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 274 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 275 * | Type | Code | Checksum | 276 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 277 * | unused | Length | unused | 278 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 279 * | Internet Header + leading octets of original datagram | 280 * | | 281 * | // | 282 * | | 283 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 284 */ 285 286 struct icmp_ext_t { 287 uint8_t icmp_type; 288 uint8_t icmp_code; 289 uint8_t icmp_checksum[2]; 290 uint8_t icmp_reserved; 291 uint8_t icmp_length; 292 uint8_t icmp_reserved2[2]; 293 uint8_t icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */ 294 uint8_t icmp_ext_version_res[2]; 295 uint8_t icmp_ext_checksum[2]; 296 uint8_t icmp_ext_data[1]; 297 }; 298 299 struct icmp_mpls_ext_object_header_t { 300 uint8_t length[2]; 301 uint8_t class_num; 302 uint8_t ctype; 303 }; 304 305 static const struct tok icmp_mpls_ext_obj_values[] = { 306 { 1, "MPLS Stack Entry" }, 307 { 2, "Extended Payload" }, 308 { 0, NULL} 309 }; 310 311 /* prototypes */ 312 const char *icmp_tstamp_print(u_int); 313 314 /* print the milliseconds since midnight UTC */ 315 const char * 316 icmp_tstamp_print(u_int tstamp) 317 { 318 u_int msec,sec,min,hrs; 319 320 static char buf[64]; 321 322 msec = tstamp % 1000; 323 sec = tstamp / 1000; 324 min = sec / 60; sec -= min * 60; 325 hrs = min / 60; min -= hrs * 60; 326 snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec); 327 return buf; 328 } 329 330 void 331 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *bp2, 332 int fragmented) 333 { 334 char *cp; 335 const struct icmp *dp; 336 const struct icmp_ext_t *ext_dp; 337 const struct ip *ip; 338 const char *str, *fmt; 339 const struct ip *oip; 340 const struct udphdr *ouh; 341 const uint8_t *obj_tptr; 342 uint32_t raw_label; 343 const u_char *snapend_save; 344 const struct icmp_mpls_ext_object_header_t *icmp_mpls_ext_object_header; 345 u_int hlen, dport, mtu, obj_tlen, obj_class_num, obj_ctype; 346 char buf[MAXHOSTNAMELEN + 100]; 347 struct cksum_vec vec[1]; 348 349 dp = (struct icmp *)bp; 350 ext_dp = (struct icmp_ext_t *)bp; 351 ip = (struct ip *)bp2; 352 str = buf; 353 354 ND_TCHECK(dp->icmp_code); 355 switch (dp->icmp_type) { 356 357 case ICMP_ECHO: 358 case ICMP_ECHOREPLY: 359 ND_TCHECK(dp->icmp_seq); 360 (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u", 361 dp->icmp_type == ICMP_ECHO ? 362 "request" : "reply", 363 EXTRACT_16BITS(&dp->icmp_id), 364 EXTRACT_16BITS(&dp->icmp_seq)); 365 break; 366 367 case ICMP_UNREACH: 368 ND_TCHECK(dp->icmp_ip.ip_dst); 369 switch (dp->icmp_code) { 370 371 case ICMP_UNREACH_PROTOCOL: 372 ND_TCHECK(dp->icmp_ip.ip_p); 373 (void)snprintf(buf, sizeof(buf), 374 "%s protocol %d unreachable", 375 ipaddr_string(ndo, &dp->icmp_ip.ip_dst), 376 dp->icmp_ip.ip_p); 377 break; 378 379 case ICMP_UNREACH_PORT: 380 ND_TCHECK(dp->icmp_ip.ip_p); 381 oip = &dp->icmp_ip; 382 hlen = IP_HL(oip) * 4; 383 ouh = (struct udphdr *)(((u_char *)oip) + hlen); 384 ND_TCHECK(ouh->uh_dport); 385 dport = EXTRACT_16BITS(&ouh->uh_dport); 386 switch (oip->ip_p) { 387 388 case IPPROTO_TCP: 389 (void)snprintf(buf, sizeof(buf), 390 "%s tcp port %s unreachable", 391 ipaddr_string(ndo, &oip->ip_dst), 392 tcpport_string(dport)); 393 break; 394 395 case IPPROTO_UDP: 396 (void)snprintf(buf, sizeof(buf), 397 "%s udp port %s unreachable", 398 ipaddr_string(ndo, &oip->ip_dst), 399 udpport_string(dport)); 400 break; 401 402 default: 403 (void)snprintf(buf, sizeof(buf), 404 "%s protocol %d port %d unreachable", 405 ipaddr_string(ndo, &oip->ip_dst), 406 oip->ip_p, dport); 407 break; 408 } 409 break; 410 411 case ICMP_UNREACH_NEEDFRAG: 412 { 413 register const struct mtu_discovery *mp; 414 mp = (struct mtu_discovery *)(u_char *)&dp->icmp_void; 415 mtu = EXTRACT_16BITS(&mp->nexthopmtu); 416 if (mtu) { 417 (void)snprintf(buf, sizeof(buf), 418 "%s unreachable - need to frag (mtu %d)", 419 ipaddr_string(ndo, &dp->icmp_ip.ip_dst), mtu); 420 } else { 421 (void)snprintf(buf, sizeof(buf), 422 "%s unreachable - need to frag", 423 ipaddr_string(ndo, &dp->icmp_ip.ip_dst)); 424 } 425 } 426 break; 427 428 default: 429 fmt = tok2str(unreach2str, "#%d %%s unreachable", 430 dp->icmp_code); 431 (void)snprintf(buf, sizeof(buf), fmt, 432 ipaddr_string(ndo, &dp->icmp_ip.ip_dst)); 433 break; 434 } 435 break; 436 437 case ICMP_REDIRECT: 438 ND_TCHECK(dp->icmp_ip.ip_dst); 439 fmt = tok2str(type2str, "redirect-#%d %%s to net %%s", 440 dp->icmp_code); 441 (void)snprintf(buf, sizeof(buf), fmt, 442 ipaddr_string(ndo, &dp->icmp_ip.ip_dst), 443 ipaddr_string(ndo, &dp->icmp_gwaddr)); 444 break; 445 446 case ICMP_ROUTERADVERT: 447 { 448 register const struct ih_rdiscovery *ihp; 449 register const struct id_rdiscovery *idp; 450 u_int lifetime, num, size; 451 452 (void)snprintf(buf, sizeof(buf), "router advertisement"); 453 cp = buf + strlen(buf); 454 455 ihp = (struct ih_rdiscovery *)&dp->icmp_void; 456 ND_TCHECK(*ihp); 457 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf)); 458 cp = buf + strlen(buf); 459 lifetime = EXTRACT_16BITS(&ihp->ird_lifetime); 460 if (lifetime < 60) { 461 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u", 462 lifetime); 463 } else if (lifetime < 60 * 60) { 464 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u", 465 lifetime / 60, lifetime % 60); 466 } else { 467 (void)snprintf(cp, sizeof(buf) - (cp - buf), 468 "%u:%02u:%02u", 469 lifetime / 3600, 470 (lifetime % 3600) / 60, 471 lifetime % 60); 472 } 473 cp = buf + strlen(buf); 474 475 num = ihp->ird_addrnum; 476 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %d:", num); 477 cp = buf + strlen(buf); 478 479 size = ihp->ird_addrsiz; 480 if (size != 2) { 481 (void)snprintf(cp, sizeof(buf) - (cp - buf), 482 " [size %d]", size); 483 break; 484 } 485 idp = (struct id_rdiscovery *)&dp->icmp_data; 486 while (num-- > 0) { 487 ND_TCHECK(*idp); 488 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}", 489 ipaddr_string(ndo, &idp->ird_addr), 490 EXTRACT_32BITS(&idp->ird_pref)); 491 cp = buf + strlen(buf); 492 ++idp; 493 } 494 } 495 break; 496 497 case ICMP_TIMXCEED: 498 ND_TCHECK(dp->icmp_ip.ip_dst); 499 switch (dp->icmp_code) { 500 501 case ICMP_TIMXCEED_INTRANS: 502 str = "time exceeded in-transit"; 503 break; 504 505 case ICMP_TIMXCEED_REASS: 506 str = "ip reassembly time exceeded"; 507 break; 508 509 default: 510 (void)snprintf(buf, sizeof(buf), "time exceeded-#%d", 511 dp->icmp_code); 512 break; 513 } 514 break; 515 516 case ICMP_PARAMPROB: 517 if (dp->icmp_code) 518 (void)snprintf(buf, sizeof(buf), 519 "parameter problem - code %d", dp->icmp_code); 520 else { 521 ND_TCHECK(dp->icmp_pptr); 522 (void)snprintf(buf, sizeof(buf), 523 "parameter problem - octet %d", dp->icmp_pptr); 524 } 525 break; 526 527 case ICMP_MASKREPLY: 528 ND_TCHECK(dp->icmp_mask); 529 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x", 530 EXTRACT_32BITS(&dp->icmp_mask)); 531 break; 532 533 case ICMP_TSTAMP: 534 ND_TCHECK(dp->icmp_seq); 535 (void)snprintf(buf, sizeof(buf), 536 "time stamp query id %u seq %u", 537 EXTRACT_16BITS(&dp->icmp_id), 538 EXTRACT_16BITS(&dp->icmp_seq)); 539 break; 540 541 case ICMP_TSTAMPREPLY: 542 ND_TCHECK(dp->icmp_ttime); 543 (void)snprintf(buf, sizeof(buf), 544 "time stamp reply id %u seq %u: org %s", 545 EXTRACT_16BITS(&dp->icmp_id), 546 EXTRACT_16BITS(&dp->icmp_seq), 547 icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_otime))); 548 549 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s", 550 icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_rtime))); 551 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s", 552 icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_ttime))); 553 break; 554 555 default: 556 str = tok2str(icmp2str, "type-#%d", dp->icmp_type); 557 break; 558 } 559 ND_PRINT((ndo, "ICMP %s, length %u", str, plen)); 560 if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */ 561 uint16_t sum, icmp_sum; 562 struct cksum_vec vec[1]; 563 if (ND_TTEST2(*bp, plen)) { 564 vec[0].ptr = (const uint8_t *)(void *)dp; 565 vec[0].len = plen; 566 sum = in_cksum(vec, 1); 567 if (sum != 0) { 568 icmp_sum = EXTRACT_16BITS(&dp->icmp_cksum); 569 ND_PRINT((ndo, " (wrong icmp cksum %x (->%x)!)", 570 icmp_sum, 571 in_cksum_shouldbe(icmp_sum, sum))); 572 } 573 } 574 } 575 576 /* 577 * print the remnants of the IP packet. 578 * save the snaplength as this may get overidden in the IP printer. 579 */ 580 if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(dp->icmp_type)) { 581 bp += 8; 582 ND_PRINT((ndo, "\n\t")); 583 ip = (struct ip *)bp; 584 ndo->ndo_snaplen = ndo->ndo_snapend - bp; 585 snapend_save = ndo->ndo_snapend; 586 ip_print(ndo, bp, EXTRACT_16BITS(&ip->ip_len)); 587 ndo->ndo_snapend = snapend_save; 588 } 589 590 /* 591 * Attempt to decode the MPLS extensions only for some ICMP types. 592 */ 593 if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MPLS_EXT_TYPE(dp->icmp_type)) { 594 595 ND_TCHECK(*ext_dp); 596 597 /* 598 * Check first if the mpls extension header shows a non-zero length. 599 * If the length field is not set then silently verify the checksum 600 * to check if an extension header is present. This is expedient, 601 * however not all implementations set the length field proper. 602 */ 603 if (!ext_dp->icmp_length) { 604 vec[0].ptr = (const uint8_t *)(void *)&ext_dp->icmp_ext_version_res; 605 vec[0].len = plen - ICMP_EXTD_MINLEN; 606 if (in_cksum(vec, 1)) { 607 return; 608 } 609 } 610 611 ND_PRINT((ndo, "\n\tMPLS extension v%u", 612 ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)))); 613 614 /* 615 * Sanity checking of the header. 616 */ 617 if (ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) != 618 ICMP_MPLS_EXT_VERSION) { 619 ND_PRINT((ndo, " packet not supported")); 620 return; 621 } 622 623 hlen = plen - ICMP_EXTD_MINLEN; 624 vec[0].ptr = (const uint8_t *)(void *)&ext_dp->icmp_ext_version_res; 625 vec[0].len = hlen; 626 ND_PRINT((ndo, ", checksum 0x%04x (%scorrect), length %u", 627 EXTRACT_16BITS(ext_dp->icmp_ext_checksum), 628 in_cksum(vec, 1) ? "in" : "", 629 hlen)); 630 631 hlen -= 4; /* subtract common header size */ 632 obj_tptr = (uint8_t *)ext_dp->icmp_ext_data; 633 634 while (hlen > sizeof(struct icmp_mpls_ext_object_header_t)) { 635 636 icmp_mpls_ext_object_header = (struct icmp_mpls_ext_object_header_t *)obj_tptr; 637 ND_TCHECK(*icmp_mpls_ext_object_header); 638 obj_tlen = EXTRACT_16BITS(icmp_mpls_ext_object_header->length); 639 obj_class_num = icmp_mpls_ext_object_header->class_num; 640 obj_ctype = icmp_mpls_ext_object_header->ctype; 641 obj_tptr += sizeof(struct icmp_mpls_ext_object_header_t); 642 643 ND_PRINT((ndo, "\n\t %s Object (%u), Class-Type: %u, length %u", 644 tok2str(icmp_mpls_ext_obj_values,"unknown",obj_class_num), 645 obj_class_num, 646 obj_ctype, 647 obj_tlen)); 648 649 hlen-=sizeof(struct icmp_mpls_ext_object_header_t); /* length field includes tlv header */ 650 651 /* infinite loop protection */ 652 if ((obj_class_num == 0) || 653 (obj_tlen < sizeof(struct icmp_mpls_ext_object_header_t))) { 654 return; 655 } 656 obj_tlen-=sizeof(struct icmp_mpls_ext_object_header_t); 657 658 switch (obj_class_num) { 659 case 1: 660 switch(obj_ctype) { 661 case 1: 662 ND_TCHECK2(*obj_tptr, 4); 663 raw_label = EXTRACT_32BITS(obj_tptr); 664 ND_PRINT((ndo, "\n\t label %u, exp %u", MPLS_LABEL(raw_label), MPLS_EXP(raw_label))); 665 if (MPLS_STACK(raw_label)) 666 ND_PRINT((ndo, ", [S]")); 667 ND_PRINT((ndo, ", ttl %u", MPLS_TTL(raw_label))); 668 break; 669 default: 670 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen); 671 } 672 break; 673 674 /* 675 * FIXME those are the defined objects that lack a decoder 676 * you are welcome to contribute code ;-) 677 */ 678 case 2: 679 default: 680 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen); 681 break; 682 } 683 if (hlen < obj_tlen) 684 break; 685 hlen -= obj_tlen; 686 obj_tptr += obj_tlen; 687 } 688 } 689 690 return; 691 trunc: 692 ND_PRINT((ndo, "[|icmp]")); 693 } 694 /* 695 * Local Variables: 696 * c-style: whitesmith 697 * c-basic-offset: 8 698 * End: 699 */ 700