1 /* 2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * $FreeBSD$ 22 */ 23 24 #ifndef lint 25 static const char rcsid[] = 26 "@(#) $Header: /tcpdump/master/tcpdump/print-icmp.c,v 1.62.4.1 2002/06/01 23:51:13 guy Exp $ (LBL)"; 27 #endif 28 29 #ifdef HAVE_CONFIG_H 30 #include "config.h" 31 #endif 32 33 #include <sys/param.h> 34 #include <sys/time.h> 35 #include <sys/socket.h> 36 37 #include <netinet/in.h> 38 39 #include <stdio.h> 40 #include <string.h> 41 #include <netdb.h> /* for MAXHOSTNAMELEN on some platforms */ 42 43 #include "interface.h" 44 #include "addrtoname.h" 45 #include "extract.h" /* must come after interface.h */ 46 47 #include "ip.h" 48 #include "udp.h" 49 50 /* 51 * Interface Control Message Protocol Definitions. 52 * Per RFC 792, September 1981. 53 */ 54 55 /* 56 * Structure of an icmp header. 57 */ 58 struct icmp { 59 u_int8_t icmp_type; /* type of message, see below */ 60 u_int8_t icmp_code; /* type sub code */ 61 u_int16_t icmp_cksum; /* ones complement cksum of struct */ 62 union { 63 u_int8_t ih_pptr; /* ICMP_PARAMPROB */ 64 struct in_addr ih_gwaddr; /* ICMP_REDIRECT */ 65 struct ih_idseq { 66 u_int16_t icd_id; 67 u_int16_t icd_seq; 68 } ih_idseq; 69 u_int32_t ih_void; 70 71 /* ICMP_UNREACH_NEEDFRAG -- Path MTU Discovery (RFC1191) */ 72 struct ih_pmtu { 73 u_int16_t ipm_void; 74 u_int16_t ipm_nextmtu; 75 } ih_pmtu; 76 } icmp_hun; 77 #define icmp_pptr icmp_hun.ih_pptr 78 #define icmp_gwaddr icmp_hun.ih_gwaddr 79 #define icmp_id icmp_hun.ih_idseq.icd_id 80 #define icmp_seq icmp_hun.ih_idseq.icd_seq 81 #define icmp_void icmp_hun.ih_void 82 #define icmp_pmvoid icmp_hun.ih_pmtu.ipm_void 83 #define icmp_nextmtu icmp_hun.ih_pmtu.ipm_nextmtu 84 union { 85 struct id_ts { 86 u_int32_t its_otime; 87 u_int32_t its_rtime; 88 u_int32_t its_ttime; 89 } id_ts; 90 struct id_ip { 91 struct ip idi_ip; 92 /* options and then 64 bits of data */ 93 } id_ip; 94 u_int32_t id_mask; 95 u_int8_t id_data[1]; 96 } icmp_dun; 97 #define icmp_otime icmp_dun.id_ts.its_otime 98 #define icmp_rtime icmp_dun.id_ts.its_rtime 99 #define icmp_ttime icmp_dun.id_ts.its_ttime 100 #define icmp_ip icmp_dun.id_ip.idi_ip 101 #define icmp_mask icmp_dun.id_mask 102 #define icmp_data icmp_dun.id_data 103 }; 104 105 /* 106 * Lower bounds on packet lengths for various types. 107 * For the error advice packets must first insure that the 108 * packet is large enought to contain the returned ip header. 109 * Only then can we do the check to see if 64 bits of packet 110 * data have been returned, since we need to check the returned 111 * ip header length. 112 */ 113 #define ICMP_MINLEN 8 /* abs minimum */ 114 #define ICMP_TSLEN (8 + 3 * sizeof (u_int32_t)) /* timestamp */ 115 #define ICMP_MASKLEN 12 /* address mask */ 116 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */ 117 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8) 118 /* N.B.: must separately check that ip_hl >= 5 */ 119 120 /* 121 * Definition of type and code field values. 122 */ 123 #define ICMP_ECHOREPLY 0 /* echo reply */ 124 #define ICMP_UNREACH 3 /* dest unreachable, codes: */ 125 #define ICMP_UNREACH_NET 0 /* bad net */ 126 #define ICMP_UNREACH_HOST 1 /* bad host */ 127 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */ 128 #define ICMP_UNREACH_PORT 3 /* bad port */ 129 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */ 130 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */ 131 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */ 132 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */ 133 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */ 134 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */ 135 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */ 136 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */ 137 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */ 138 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */ 139 #define ICMP_REDIRECT 5 /* shorter route, codes: */ 140 #define ICMP_REDIRECT_NET 0 /* for network */ 141 #define ICMP_REDIRECT_HOST 1 /* for host */ 142 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */ 143 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */ 144 #define ICMP_ECHO 8 /* echo service */ 145 #define ICMP_ROUTERADVERT 9 /* router advertisement */ 146 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */ 147 #define ICMP_TIMXCEED 11 /* time exceeded, code: */ 148 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */ 149 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */ 150 #define ICMP_PARAMPROB 12 /* ip header bad */ 151 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */ 152 #define ICMP_TSTAMP 13 /* timestamp request */ 153 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */ 154 #define ICMP_IREQ 15 /* information request */ 155 #define ICMP_IREQREPLY 16 /* information reply */ 156 #define ICMP_MASKREQ 17 /* address mask request */ 157 #define ICMP_MASKREPLY 18 /* address mask reply */ 158 159 #define ICMP_MAXTYPE 18 160 161 #define ICMP_INFOTYPE(type) \ 162 ((type) == ICMP_ECHOREPLY || (type) == ICMP_ECHO || \ 163 (type) == ICMP_ROUTERADVERT || (type) == ICMP_ROUTERSOLICIT || \ 164 (type) == ICMP_TSTAMP || (type) == ICMP_TSTAMPREPLY || \ 165 (type) == ICMP_IREQ || (type) == ICMP_IREQREPLY || \ 166 (type) == ICMP_MASKREQ || (type) == ICMP_MASKREPLY) 167 /* rfc1700 */ 168 #ifndef ICMP_UNREACH_NET_UNKNOWN 169 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */ 170 #endif 171 #ifndef ICMP_UNREACH_HOST_UNKNOWN 172 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */ 173 #endif 174 #ifndef ICMP_UNREACH_ISOLATED 175 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */ 176 #endif 177 #ifndef ICMP_UNREACH_NET_PROHIB 178 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */ 179 #endif 180 #ifndef ICMP_UNREACH_HOST_PROHIB 181 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */ 182 #endif 183 #ifndef ICMP_UNREACH_TOSNET 184 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */ 185 #endif 186 #ifndef ICMP_UNREACH_TOSHOST 187 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */ 188 #endif 189 190 /* rfc1716 */ 191 #ifndef ICMP_UNREACH_FILTER_PROHIB 192 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */ 193 #endif 194 #ifndef ICMP_UNREACH_HOST_PRECEDENCE 195 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */ 196 #endif 197 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 198 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */ 199 #endif 200 201 /* Most of the icmp types */ 202 static struct tok icmp2str[] = { 203 { ICMP_ECHOREPLY, "echo reply" }, 204 { ICMP_SOURCEQUENCH, "source quench" }, 205 { ICMP_ECHO, "echo request" }, 206 { ICMP_ROUTERSOLICIT, "router solicitation" }, 207 { ICMP_TSTAMP, "time stamp request" }, 208 { ICMP_TSTAMPREPLY, "time stamp reply" }, 209 { ICMP_IREQ, "information request" }, 210 { ICMP_IREQREPLY, "information reply" }, 211 { ICMP_MASKREQ, "address mask request" }, 212 { 0, NULL } 213 }; 214 215 /* Formats for most of the ICMP_UNREACH codes */ 216 static struct tok unreach2str[] = { 217 { ICMP_UNREACH_NET, "net %s unreachable" }, 218 { ICMP_UNREACH_HOST, "host %s unreachable" }, 219 { ICMP_UNREACH_SRCFAIL, 220 "%s unreachable - source route failed" }, 221 { ICMP_UNREACH_NET_UNKNOWN, "net %s unreachable - unknown" }, 222 { ICMP_UNREACH_HOST_UNKNOWN, "host %s unreachable - unknown" }, 223 { ICMP_UNREACH_ISOLATED, 224 "%s unreachable - source host isolated" }, 225 { ICMP_UNREACH_NET_PROHIB, 226 "net %s unreachable - admin prohibited" }, 227 { ICMP_UNREACH_HOST_PROHIB, 228 "host %s unreachable - admin prohibited" }, 229 { ICMP_UNREACH_TOSNET, 230 "net %s unreachable - tos prohibited" }, 231 { ICMP_UNREACH_TOSHOST, 232 "host %s unreachable - tos prohibited" }, 233 { ICMP_UNREACH_FILTER_PROHIB, 234 "host %s unreachable - admin prohibited filter" }, 235 { ICMP_UNREACH_HOST_PRECEDENCE, 236 "host %s unreachable - host precedence violation" }, 237 { ICMP_UNREACH_PRECEDENCE_CUTOFF, 238 "host %s unreachable - precedence cutoff" }, 239 { 0, NULL } 240 }; 241 242 /* Formats for the ICMP_REDIRECT codes */ 243 static struct tok type2str[] = { 244 { ICMP_REDIRECT_NET, "redirect %s to net %s" }, 245 { ICMP_REDIRECT_HOST, "redirect %s to host %s" }, 246 { ICMP_REDIRECT_TOSNET, "redirect-tos %s to net %s" }, 247 { ICMP_REDIRECT_TOSHOST, "redirect-tos %s to host %s" }, 248 { 0, NULL } 249 }; 250 251 /* rfc1191 */ 252 struct mtu_discovery { 253 u_int16_t unused; 254 u_int16_t nexthopmtu; 255 }; 256 257 /* rfc1256 */ 258 struct ih_rdiscovery { 259 u_int8_t ird_addrnum; 260 u_int8_t ird_addrsiz; 261 u_int16_t ird_lifetime; 262 }; 263 264 struct id_rdiscovery { 265 u_int32_t ird_addr; 266 u_int32_t ird_pref; 267 }; 268 269 void 270 icmp_print(const u_char *bp, u_int plen, const u_char *bp2) 271 { 272 char *cp; 273 const struct icmp *dp; 274 const struct ip *ip; 275 const char *str, *fmt; 276 const struct ip *oip; 277 const struct udphdr *ouh; 278 u_int hlen, dport, mtu; 279 char buf[MAXHOSTNAMELEN + 100]; 280 281 dp = (struct icmp *)bp; 282 ip = (struct ip *)bp2; 283 str = buf; 284 285 TCHECK(dp->icmp_code); 286 switch (dp->icmp_type) { 287 288 case ICMP_UNREACH: 289 TCHECK(dp->icmp_ip.ip_dst); 290 switch (dp->icmp_code) { 291 292 case ICMP_UNREACH_PROTOCOL: 293 TCHECK(dp->icmp_ip.ip_p); 294 (void)snprintf(buf, sizeof(buf), 295 "%s protocol %d unreachable", 296 ipaddr_string(&dp->icmp_ip.ip_dst), 297 dp->icmp_ip.ip_p); 298 break; 299 300 case ICMP_UNREACH_PORT: 301 TCHECK(dp->icmp_ip.ip_p); 302 oip = &dp->icmp_ip; 303 hlen = IP_HL(oip) * 4; 304 ouh = (struct udphdr *)(((u_char *)oip) + hlen); 305 dport = ntohs(ouh->uh_dport); 306 switch (oip->ip_p) { 307 308 case IPPROTO_TCP: 309 (void)snprintf(buf, sizeof(buf), 310 "%s tcp port %s unreachable", 311 ipaddr_string(&oip->ip_dst), 312 tcpport_string(dport)); 313 break; 314 315 case IPPROTO_UDP: 316 (void)snprintf(buf, sizeof(buf), 317 "%s udp port %s unreachable", 318 ipaddr_string(&oip->ip_dst), 319 udpport_string(dport)); 320 break; 321 322 default: 323 (void)snprintf(buf, sizeof(buf), 324 "%s protocol %d port %d unreachable", 325 ipaddr_string(&oip->ip_dst), 326 oip->ip_p, dport); 327 break; 328 } 329 break; 330 331 case ICMP_UNREACH_NEEDFRAG: 332 { 333 register const struct mtu_discovery *mp; 334 mp = (struct mtu_discovery *)&dp->icmp_void; 335 mtu = EXTRACT_16BITS(&mp->nexthopmtu); 336 if (mtu) { 337 (void)snprintf(buf, sizeof(buf), 338 "%s unreachable - need to frag (mtu %d)", 339 ipaddr_string(&dp->icmp_ip.ip_dst), mtu); 340 } else { 341 (void)snprintf(buf, sizeof(buf), 342 "%s unreachable - need to frag", 343 ipaddr_string(&dp->icmp_ip.ip_dst)); 344 } 345 } 346 break; 347 348 default: 349 fmt = tok2str(unreach2str, "#%d %%s unreachable", 350 dp->icmp_code); 351 (void)snprintf(buf, sizeof(buf), fmt, 352 ipaddr_string(&dp->icmp_ip.ip_dst)); 353 break; 354 } 355 break; 356 357 case ICMP_REDIRECT: 358 TCHECK(dp->icmp_ip.ip_dst); 359 fmt = tok2str(type2str, "redirect-#%d %%s to net %%s", 360 dp->icmp_code); 361 (void)snprintf(buf, sizeof(buf), fmt, 362 ipaddr_string(&dp->icmp_ip.ip_dst), 363 ipaddr_string(&dp->icmp_gwaddr)); 364 break; 365 366 case ICMP_ROUTERADVERT: 367 { 368 register const struct ih_rdiscovery *ihp; 369 register const struct id_rdiscovery *idp; 370 u_int lifetime, num, size; 371 372 (void)snprintf(buf, sizeof(buf), "router advertisement"); 373 cp = buf + strlen(buf); 374 375 ihp = (struct ih_rdiscovery *)&dp->icmp_void; 376 TCHECK(*ihp); 377 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf)); 378 cp = buf + strlen(buf); 379 lifetime = EXTRACT_16BITS(&ihp->ird_lifetime); 380 if (lifetime < 60) { 381 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u", 382 lifetime); 383 } else if (lifetime < 60 * 60) { 384 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u", 385 lifetime / 60, lifetime % 60); 386 } else { 387 (void)snprintf(cp, sizeof(buf) - (cp - buf), 388 "%u:%02u:%02u", 389 lifetime / 3600, 390 (lifetime % 3600) / 60, 391 lifetime % 60); 392 } 393 cp = buf + strlen(buf); 394 395 num = ihp->ird_addrnum; 396 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %d:", num); 397 cp = buf + strlen(buf); 398 399 size = ihp->ird_addrsiz; 400 if (size != 2) { 401 (void)snprintf(cp, sizeof(buf) - (cp - buf), 402 " [size %d]", size); 403 break; 404 } 405 idp = (struct id_rdiscovery *)&dp->icmp_data; 406 while (num-- > 0) { 407 TCHECK(*idp); 408 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}", 409 ipaddr_string(&idp->ird_addr), 410 EXTRACT_32BITS(&idp->ird_pref)); 411 cp = buf + strlen(buf); 412 ++idp; 413 } 414 } 415 break; 416 417 case ICMP_TIMXCEED: 418 TCHECK(dp->icmp_ip.ip_dst); 419 switch (dp->icmp_code) { 420 421 case ICMP_TIMXCEED_INTRANS: 422 str = "time exceeded in-transit"; 423 break; 424 425 case ICMP_TIMXCEED_REASS: 426 str = "ip reassembly time exceeded"; 427 break; 428 429 default: 430 (void)snprintf(buf, sizeof(buf), "time exceeded-#%d", 431 dp->icmp_code); 432 break; 433 } 434 break; 435 436 case ICMP_PARAMPROB: 437 if (dp->icmp_code) 438 (void)snprintf(buf, sizeof(buf), 439 "parameter problem - code %d", dp->icmp_code); 440 else { 441 TCHECK(dp->icmp_pptr); 442 (void)snprintf(buf, sizeof(buf), 443 "parameter problem - octet %d", dp->icmp_pptr); 444 } 445 break; 446 447 case ICMP_MASKREPLY: 448 TCHECK(dp->icmp_mask); 449 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x", 450 (unsigned)ntohl(dp->icmp_mask)); 451 break; 452 453 case ICMP_TSTAMP: 454 TCHECK(dp->icmp_seq); 455 (void)snprintf(buf, sizeof(buf), 456 "time stamp query id %u seq %u", 457 (unsigned)ntohs(dp->icmp_id), 458 (unsigned)ntohs(dp->icmp_seq)); 459 break; 460 461 case ICMP_TSTAMPREPLY: 462 TCHECK(dp->icmp_ttime); 463 (void)snprintf(buf, sizeof(buf), 464 "time stamp reply id %u seq %u : org 0x%lx recv 0x%lx xmit 0x%lx", 465 (unsigned)ntohs(dp->icmp_id), 466 (unsigned)ntohs(dp->icmp_seq), 467 (unsigned long)ntohl(dp->icmp_otime), 468 (unsigned long)ntohl(dp->icmp_rtime), 469 (unsigned long)ntohl(dp->icmp_ttime)); 470 break; 471 472 default: 473 str = tok2str(icmp2str, "type-#%d", dp->icmp_type); 474 break; 475 } 476 (void)printf("icmp: %s", str); 477 if (vflag) { 478 if (TTEST2(*bp, plen)) { 479 if (in_cksum((u_short*)dp, plen, 0)) 480 printf(" (wrong icmp csum)"); 481 } 482 } 483 if (vflag > 1 && !ICMP_INFOTYPE(dp->icmp_type)) { 484 bp += 8; 485 (void)printf(" for "); 486 ip = (struct ip *)bp; 487 snaplen = snapend - bp; 488 ip_print(bp, ntohs(ip->ip_len)); 489 } 490 return; 491 trunc: 492 fputs("[|icmp]", stdout); 493 } 494