1 /* 2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 */ 21 22 /* \summary: IPv6 Internet Control Message Protocol (ICMPv6) printer */ 23 24 #ifdef HAVE_CONFIG_H 25 #include <config.h> 26 #endif 27 28 #include "netdissect-stdinc.h" 29 30 #include <stdio.h> 31 #include <string.h> 32 33 #include "netdissect.h" 34 #include "addrtoname.h" 35 #include "addrtostr.h" 36 #include "extract.h" 37 38 #include "ip6.h" 39 #include "ipproto.h" 40 41 #include "udp.h" 42 #include "ah.h" 43 44 /* NetBSD: icmp6.h,v 1.13 2000/08/03 16:30:37 itojun Exp */ 45 /* $KAME: icmp6.h,v 1.22 2000/08/03 15:25:16 jinmei Exp $ */ 46 47 /* 48 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 49 * All rights reserved. 50 * 51 * Redistribution and use in source and binary forms, with or without 52 * modification, are permitted provided that the following conditions 53 * are met: 54 * 1. Redistributions of source code must retain the above copyright 55 * notice, this list of conditions and the following disclaimer. 56 * 2. Redistributions in binary form must reproduce the above copyright 57 * notice, this list of conditions and the following disclaimer in the 58 * documentation and/or other materials provided with the distribution. 59 * 3. Neither the name of the project nor the names of its contributors 60 * may be used to endorse or promote products derived from this software 61 * without specific prior written permission. 62 * 63 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 64 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 65 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 66 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 67 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 68 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 69 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 70 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 71 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 72 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 73 * SUCH DAMAGE. 74 */ 75 76 struct icmp6_hdr { 77 nd_uint8_t icmp6_type; /* type field */ 78 nd_uint8_t icmp6_code; /* code field */ 79 nd_uint16_t icmp6_cksum; /* checksum field */ 80 union { 81 nd_uint32_t icmp6_un_data32[1]; /* type-specific field */ 82 nd_uint16_t icmp6_un_data16[2]; /* type-specific field */ 83 nd_uint8_t icmp6_un_data8[4]; /* type-specific field */ 84 nd_byte icmp6_un_data[1]; /* type-specific field */ 85 } icmp6_dataun; 86 }; 87 88 #define icmp6_data32 icmp6_dataun.icmp6_un_data32 89 #define icmp6_data16 icmp6_dataun.icmp6_un_data16 90 #define icmp6_data8 icmp6_dataun.icmp6_un_data8 91 #define icmp6_data icmp6_dataun.icmp6_un_data 92 #define icmp6_pptr icmp6_data32[0] /* parameter prob */ 93 #define icmp6_mtu icmp6_data32[0] /* packet too big */ 94 #define icmp6_id icmp6_data16[0] /* echo request/reply */ 95 #define icmp6_seq icmp6_data16[1] /* echo request/reply */ 96 #define icmp6_maxdelay icmp6_data16[0] /* mcast group membership */ 97 98 #define ICMP6_DST_UNREACH 1 /* dest unreachable, codes: */ 99 #define ICMP6_PACKET_TOO_BIG 2 /* packet too big */ 100 #define ICMP6_TIME_EXCEEDED 3 /* time exceeded, code: */ 101 #define ICMP6_PARAM_PROB 4 /* ip6 header bad */ 102 103 #define ICMP6_ECHO_REQUEST 128 /* echo service */ 104 #define ICMP6_ECHO_REPLY 129 /* echo reply */ 105 #define ICMP6_MEMBERSHIP_QUERY 130 /* group membership query */ 106 #define MLD6_LISTENER_QUERY 130 /* multicast listener query */ 107 #define ICMP6_MEMBERSHIP_REPORT 131 /* group membership report */ 108 #define MLD6_LISTENER_REPORT 131 /* multicast listener report */ 109 #define ICMP6_MEMBERSHIP_REDUCTION 132 /* group membership termination */ 110 #define MLD6_LISTENER_DONE 132 /* multicast listener done */ 111 112 #define ND_ROUTER_SOLICIT 133 /* router solicitation */ 113 #define ND_ROUTER_ADVERT 134 /* router advertisement */ 114 #define ND_NEIGHBOR_SOLICIT 135 /* neighbor solicitation */ 115 #define ND_NEIGHBOR_ADVERT 136 /* neighbor advertisement */ 116 #define ND_REDIRECT 137 /* redirect */ 117 118 #define ICMP6_ROUTER_RENUMBERING 138 /* router renumbering */ 119 120 #define ICMP6_WRUREQUEST 139 /* who are you request */ 121 #define ICMP6_WRUREPLY 140 /* who are you reply */ 122 #define ICMP6_FQDN_QUERY 139 /* FQDN query */ 123 #define ICMP6_FQDN_REPLY 140 /* FQDN reply */ 124 #define ICMP6_NI_QUERY 139 /* node information request - RFC 4620 */ 125 #define ICMP6_NI_REPLY 140 /* node information reply - RFC 4620 */ 126 #define IND_SOLICIT 141 /* inverse neighbor solicitation */ 127 #define IND_ADVERT 142 /* inverse neighbor advertisement */ 128 129 #define ICMP6_V2_MEMBERSHIP_REPORT 143 /* v2 membership report */ 130 #define MLDV2_LISTENER_REPORT 143 /* v2 multicast listener report */ 131 #define ICMP6_HADISCOV_REQUEST 144 132 #define ICMP6_HADISCOV_REPLY 145 133 #define ICMP6_MOBILEPREFIX_SOLICIT 146 134 #define ICMP6_MOBILEPREFIX_ADVERT 147 135 136 #define MLD6_MTRACE_RESP 200 /* mtrace response(to sender) */ 137 #define MLD6_MTRACE 201 /* mtrace messages */ 138 139 #define ICMP6_MAXTYPE 201 140 141 #define ICMP6_DST_UNREACH_NOROUTE 0 /* no route to destination */ 142 #define ICMP6_DST_UNREACH_ADMIN 1 /* administratively prohibited */ 143 #define ICMP6_DST_UNREACH_NOTNEIGHBOR 2 /* not a neighbor(obsolete) */ 144 #define ICMP6_DST_UNREACH_BEYONDSCOPE 2 /* beyond scope of source address */ 145 #define ICMP6_DST_UNREACH_ADDR 3 /* address unreachable */ 146 #define ICMP6_DST_UNREACH_NOPORT 4 /* port unreachable */ 147 148 #define ICMP6_TIME_EXCEED_TRANSIT 0 /* ttl==0 in transit */ 149 #define ICMP6_TIME_EXCEED_REASSEMBLY 1 /* ttl==0 in reass */ 150 151 #define ICMP6_PARAMPROB_HEADER 0 /* erroneous header field */ 152 #define ICMP6_PARAMPROB_NEXTHEADER 1 /* unrecognized next header */ 153 #define ICMP6_PARAMPROB_OPTION 2 /* unrecognized option */ 154 #define ICMP6_PARAMPROB_FRAGHDRCHAIN 3 /* incomplete header chain */ 155 156 #define ICMP6_INFOMSG_MASK 0x80 /* all informational messages */ 157 158 #define ICMP6_NI_SUBJ_IPV6 0 /* Query Subject is an IPv6 address */ 159 #define ICMP6_NI_SUBJ_FQDN 1 /* Query Subject is a Domain name */ 160 #define ICMP6_NI_SUBJ_IPV4 2 /* Query Subject is an IPv4 address */ 161 162 #define ICMP6_NI_SUCCESS 0 /* node information successful reply */ 163 #define ICMP6_NI_REFUSED 1 /* node information request is refused */ 164 #define ICMP6_NI_UNKNOWN 2 /* unknown Qtype */ 165 166 #define ICMP6_ROUTER_RENUMBERING_COMMAND 0 /* rr command */ 167 #define ICMP6_ROUTER_RENUMBERING_RESULT 1 /* rr result */ 168 #define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255 /* rr seq num reset */ 169 170 /* Used in kernel only */ 171 #define ND_REDIRECT_ONLINK 0 /* redirect to an on-link node */ 172 #define ND_REDIRECT_ROUTER 1 /* redirect to a better router */ 173 174 /* 175 * Multicast Listener Discovery 176 */ 177 struct mld6_hdr { 178 struct icmp6_hdr mld6_hdr; 179 nd_ipv6 mld6_addr; /* multicast address */ 180 }; 181 182 #define mld6_type mld6_hdr.icmp6_type 183 #define mld6_code mld6_hdr.icmp6_code 184 #define mld6_cksum mld6_hdr.icmp6_cksum 185 #define mld6_maxdelay mld6_hdr.icmp6_data16[0] 186 #define mld6_reserved mld6_hdr.icmp6_data16[1] 187 188 #define MLD_MINLEN 24 189 #define MLDV2_MINLEN 28 190 191 /* 192 * Neighbor Discovery 193 */ 194 195 struct nd_router_solicit { /* router solicitation */ 196 struct icmp6_hdr nd_rs_hdr; 197 /* could be followed by options */ 198 }; 199 200 #define nd_rs_type nd_rs_hdr.icmp6_type 201 #define nd_rs_code nd_rs_hdr.icmp6_code 202 #define nd_rs_cksum nd_rs_hdr.icmp6_cksum 203 #define nd_rs_reserved nd_rs_hdr.icmp6_data32[0] 204 205 struct nd_router_advert { /* router advertisement */ 206 struct icmp6_hdr nd_ra_hdr; 207 nd_uint32_t nd_ra_reachable; /* reachable time */ 208 nd_uint32_t nd_ra_retransmit; /* retransmit timer */ 209 /* could be followed by options */ 210 }; 211 212 #define nd_ra_type nd_ra_hdr.icmp6_type 213 #define nd_ra_code nd_ra_hdr.icmp6_code 214 #define nd_ra_cksum nd_ra_hdr.icmp6_cksum 215 #define nd_ra_curhoplimit nd_ra_hdr.icmp6_data8[0] 216 #define nd_ra_flags_reserved nd_ra_hdr.icmp6_data8[1] 217 #define ND_RA_FLAG_MANAGED 0x80 218 #define ND_RA_FLAG_OTHER 0x40 219 #define ND_RA_FLAG_HOME_AGENT 0x20 220 #define ND_RA_FLAG_IPV6ONLY 0x02 221 222 /* 223 * Router preference values based on draft-draves-ipngwg-router-selection-01. 224 * These are non-standard definitions. 225 */ 226 #define ND_RA_FLAG_RTPREF_MASK 0x18 /* 00011000 */ 227 228 #define ND_RA_FLAG_RTPREF_HIGH 0x08 /* 00001000 */ 229 #define ND_RA_FLAG_RTPREF_MEDIUM 0x00 /* 00000000 */ 230 #define ND_RA_FLAG_RTPREF_LOW 0x18 /* 00011000 */ 231 #define ND_RA_FLAG_RTPREF_RSV 0x10 /* 00010000 */ 232 233 #define nd_ra_router_lifetime nd_ra_hdr.icmp6_data16[1] 234 235 struct nd_neighbor_solicit { /* neighbor solicitation */ 236 struct icmp6_hdr nd_ns_hdr; 237 nd_ipv6 nd_ns_target; /*target address */ 238 /* could be followed by options */ 239 }; 240 241 #define nd_ns_type nd_ns_hdr.icmp6_type 242 #define nd_ns_code nd_ns_hdr.icmp6_code 243 #define nd_ns_cksum nd_ns_hdr.icmp6_cksum 244 #define nd_ns_reserved nd_ns_hdr.icmp6_data32[0] 245 246 struct nd_neighbor_advert { /* neighbor advertisement */ 247 struct icmp6_hdr nd_na_hdr; 248 nd_ipv6 nd_na_target; /* target address */ 249 /* could be followed by options */ 250 }; 251 252 #define nd_na_type nd_na_hdr.icmp6_type 253 #define nd_na_code nd_na_hdr.icmp6_code 254 #define nd_na_cksum nd_na_hdr.icmp6_cksum 255 #define nd_na_flags_reserved nd_na_hdr.icmp6_data32[0] 256 257 #define ND_NA_FLAG_ROUTER 0x80000000 258 #define ND_NA_FLAG_SOLICITED 0x40000000 259 #define ND_NA_FLAG_OVERRIDE 0x20000000 260 261 struct nd_redirect { /* redirect */ 262 struct icmp6_hdr nd_rd_hdr; 263 nd_ipv6 nd_rd_target; /* target address */ 264 nd_ipv6 nd_rd_dst; /* destination address */ 265 /* could be followed by options */ 266 }; 267 268 #define nd_rd_type nd_rd_hdr.icmp6_type 269 #define nd_rd_code nd_rd_hdr.icmp6_code 270 #define nd_rd_cksum nd_rd_hdr.icmp6_cksum 271 #define nd_rd_reserved nd_rd_hdr.icmp6_data32[0] 272 273 struct nd_opt_hdr { /* Neighbor discovery option header */ 274 nd_uint8_t nd_opt_type; 275 nd_uint8_t nd_opt_len; 276 /* followed by option specific data*/ 277 }; 278 279 #define ND_OPT_SOURCE_LINKADDR 1 280 #define ND_OPT_TARGET_LINKADDR 2 281 #define ND_OPT_PREFIX_INFORMATION 3 282 #define ND_OPT_REDIRECTED_HEADER 4 283 #define ND_OPT_MTU 5 284 #define ND_OPT_ADVINTERVAL 7 285 #define ND_OPT_HOMEAGENT_INFO 8 286 #define ND_OPT_ROUTE_INFO 24 /* RFC4191 */ 287 #define ND_OPT_RDNSS 25 288 #define ND_OPT_DNSSL 31 289 290 struct nd_opt_prefix_info { /* prefix information */ 291 nd_uint8_t nd_opt_pi_type; 292 nd_uint8_t nd_opt_pi_len; 293 nd_uint8_t nd_opt_pi_prefix_len; 294 nd_uint8_t nd_opt_pi_flags_reserved; 295 nd_uint32_t nd_opt_pi_valid_time; 296 nd_uint32_t nd_opt_pi_preferred_time; 297 nd_uint32_t nd_opt_pi_reserved2; 298 nd_ipv6 nd_opt_pi_prefix; 299 }; 300 301 #define ND_OPT_PI_FLAG_ONLINK 0x80 302 #define ND_OPT_PI_FLAG_AUTO 0x40 303 #define ND_OPT_PI_FLAG_ROUTER 0x20 /*2292bis*/ 304 305 struct nd_opt_rd_hdr { /* redirected header */ 306 nd_uint8_t nd_opt_rh_type; 307 nd_uint8_t nd_opt_rh_len; 308 nd_uint16_t nd_opt_rh_reserved1; 309 nd_uint32_t nd_opt_rh_reserved2; 310 /* followed by IP header and data */ 311 }; 312 313 struct nd_opt_mtu { /* MTU option */ 314 nd_uint8_t nd_opt_mtu_type; 315 nd_uint8_t nd_opt_mtu_len; 316 nd_uint16_t nd_opt_mtu_reserved; 317 nd_uint32_t nd_opt_mtu_mtu; 318 }; 319 320 struct nd_opt_rdnss { /* RDNSS RFC 6106 5.1 */ 321 nd_uint8_t nd_opt_rdnss_type; 322 nd_uint8_t nd_opt_rdnss_len; 323 nd_uint16_t nd_opt_rdnss_reserved; 324 nd_uint32_t nd_opt_rdnss_lifetime; 325 nd_ipv6 nd_opt_rdnss_addr[1]; /* variable-length */ 326 }; 327 328 struct nd_opt_dnssl { /* DNSSL RFC 6106 5.2 */ 329 nd_uint8_t nd_opt_dnssl_type; 330 nd_uint8_t nd_opt_dnssl_len; 331 nd_uint16_t nd_opt_dnssl_reserved; 332 nd_uint32_t nd_opt_dnssl_lifetime; 333 /* followed by list of DNS search domains, variable-length */ 334 }; 335 336 struct nd_opt_advinterval { /* Advertisement interval option */ 337 nd_uint8_t nd_opt_adv_type; 338 nd_uint8_t nd_opt_adv_len; 339 nd_uint16_t nd_opt_adv_reserved; 340 nd_uint32_t nd_opt_adv_interval; 341 }; 342 343 struct nd_opt_homeagent_info { /* Home Agent info */ 344 nd_uint8_t nd_opt_hai_type; 345 nd_uint8_t nd_opt_hai_len; 346 nd_uint16_t nd_opt_hai_reserved; 347 nd_uint16_t nd_opt_hai_preference; 348 nd_uint16_t nd_opt_hai_lifetime; 349 }; 350 351 struct nd_opt_route_info { /* route info */ 352 nd_uint8_t nd_opt_rti_type; 353 nd_uint8_t nd_opt_rti_len; 354 nd_uint8_t nd_opt_rti_prefixlen; 355 nd_uint8_t nd_opt_rti_flags; 356 nd_uint32_t nd_opt_rti_lifetime; 357 /* prefix follows */ 358 }; 359 360 /* 361 * icmp6 namelookup 362 */ 363 364 struct icmp6_namelookup { 365 struct icmp6_hdr icmp6_nl_hdr; 366 nd_byte icmp6_nl_nonce[8]; 367 nd_int32_t icmp6_nl_ttl; 368 #if 0 369 nd_uint8_t icmp6_nl_len; 370 nd_byte icmp6_nl_name[3]; 371 #endif 372 /* could be followed by options */ 373 }; 374 375 /* 376 * icmp6 node information 377 */ 378 struct icmp6_nodeinfo { 379 struct icmp6_hdr icmp6_ni_hdr; 380 nd_byte icmp6_ni_nonce[8]; 381 /* could be followed by reply data */ 382 }; 383 384 #define ni_type icmp6_ni_hdr.icmp6_type 385 #define ni_code icmp6_ni_hdr.icmp6_code 386 #define ni_cksum icmp6_ni_hdr.icmp6_cksum 387 #define ni_qtype icmp6_ni_hdr.icmp6_data16[0] 388 #define ni_flags icmp6_ni_hdr.icmp6_data16[1] 389 390 #define NI_QTYPE_NOOP 0 /* NOOP */ 391 #define NI_QTYPE_SUPTYPES 1 /* Supported Qtypes (drafts up to 09) */ 392 #define NI_QTYPE_FQDN 2 /* FQDN (draft 04) */ 393 #define NI_QTYPE_DNSNAME 2 /* DNS Name */ 394 #define NI_QTYPE_NODEADDR 3 /* Node Addresses */ 395 #define NI_QTYPE_IPV4ADDR 4 /* IPv4 Addresses */ 396 397 #define NI_NODEADDR_FLAG_TRUNCATE 0x0001 398 #define NI_NODEADDR_FLAG_ALL 0x0002 399 #define NI_NODEADDR_FLAG_COMPAT 0x0004 400 #define NI_NODEADDR_FLAG_LINKLOCAL 0x0008 401 #define NI_NODEADDR_FLAG_SITELOCAL 0x0010 402 #define NI_NODEADDR_FLAG_GLOBAL 0x0020 403 #define NI_NODEADDR_FLAG_ANYCAST 0x0040 /* just experimental. not in spec */ 404 405 struct ni_reply_fqdn { 406 nd_uint32_t ni_fqdn_ttl; /* TTL */ 407 nd_uint8_t ni_fqdn_namelen; /* length in octets of the FQDN */ 408 nd_byte ni_fqdn_name[3]; /* XXX: alignment */ 409 }; 410 411 /* 412 * Router Renumbering. as router-renum-08.txt 413 */ 414 struct icmp6_router_renum { /* router renumbering header */ 415 struct icmp6_hdr rr_hdr; 416 nd_uint8_t rr_segnum; 417 nd_uint8_t rr_flags; 418 nd_uint16_t rr_maxdelay; 419 nd_uint32_t rr_reserved; 420 }; 421 #define ICMP6_RR_FLAGS_TEST 0x80 422 #define ICMP6_RR_FLAGS_REQRESULT 0x40 423 #define ICMP6_RR_FLAGS_FORCEAPPLY 0x20 424 #define ICMP6_RR_FLAGS_SPECSITE 0x10 425 #define ICMP6_RR_FLAGS_PREVDONE 0x08 426 427 #define rr_type rr_hdr.icmp6_type 428 #define rr_code rr_hdr.icmp6_code 429 #define rr_cksum rr_hdr.icmp6_cksum 430 #define rr_seqnum rr_hdr.icmp6_data32[0] 431 432 struct rr_pco_match { /* match prefix part */ 433 nd_uint8_t rpm_code; 434 nd_uint8_t rpm_len; 435 nd_uint8_t rpm_ordinal; 436 nd_uint8_t rpm_matchlen; 437 nd_uint8_t rpm_minlen; 438 nd_uint8_t rpm_maxlen; 439 nd_uint16_t rpm_reserved; 440 nd_ipv6 rpm_prefix; 441 }; 442 443 #define RPM_PCO_ADD 1 444 #define RPM_PCO_CHANGE 2 445 #define RPM_PCO_SETGLOBAL 3 446 #define RPM_PCO_MAX 4 447 448 struct rr_pco_use { /* use prefix part */ 449 nd_uint8_t rpu_uselen; 450 nd_uint8_t rpu_keeplen; 451 nd_uint8_t rpu_ramask; 452 nd_uint8_t rpu_raflags; 453 nd_uint32_t rpu_vltime; 454 nd_uint32_t rpu_pltime; 455 nd_uint32_t rpu_flags; 456 nd_ipv6 rpu_prefix; 457 }; 458 #define ICMP6_RR_PCOUSE_RAFLAGS_ONLINK 0x80 459 #define ICMP6_RR_PCOUSE_RAFLAGS_AUTO 0x40 460 461 /* network endian */ 462 #define ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME ((uint32_t)htonl(0x80000000)) 463 #define ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME ((uint32_t)htonl(0x40000000)) 464 465 struct rr_result { /* router renumbering result message */ 466 nd_uint16_t rrr_flags; 467 nd_uint8_t rrr_ordinal; 468 nd_uint8_t rrr_matchedlen; 469 nd_uint32_t rrr_ifid; 470 nd_ipv6 rrr_prefix; 471 }; 472 /* network endian */ 473 #define ICMP6_RR_RESULT_FLAGS_OOB ((uint16_t)htons(0x0002)) 474 #define ICMP6_RR_RESULT_FLAGS_FORBIDDEN ((uint16_t)htons(0x0001)) 475 476 static const char *get_rtpref(u_int); 477 static const char *get_lifetime(uint32_t); 478 static void print_lladdr(netdissect_options *ndo, const u_char *, size_t); 479 static int icmp6_opt_print(netdissect_options *ndo, const u_char *, int); 480 static void mld6_print(netdissect_options *ndo, const u_char *); 481 static void mldv2_report_print(netdissect_options *ndo, const u_char *, u_int); 482 static void mldv2_query_print(netdissect_options *ndo, const u_char *, u_int); 483 static const struct udphdr *get_upperlayer(netdissect_options *ndo, const u_char *, u_int *); 484 static void dnsname_print(netdissect_options *ndo, const u_char *, const u_char *); 485 static void icmp6_nodeinfo_print(netdissect_options *ndo, u_int, const u_char *, const u_char *); 486 static void icmp6_rrenum_print(netdissect_options *ndo, const u_char *, const u_char *); 487 488 /* 489 * DIO: Updated to RFC6550, as published in 2012: section 6. (page 30) 490 */ 491 492 #define ND_RPL_MESSAGE 155 /* 0x9B */ 493 494 enum ND_RPL_CODE { 495 ND_RPL_DAG_IS=0x00, 496 ND_RPL_DAG_IO=0x01, 497 ND_RPL_DAO =0x02, 498 ND_RPL_DAO_ACK=0x03, 499 ND_RPL_SEC_DAG_IS = 0x80, 500 ND_RPL_SEC_DAG_IO = 0x81, 501 ND_RPL_SEC_DAG = 0x82, 502 ND_RPL_SEC_DAG_ACK= 0x83, 503 ND_RPL_SEC_CONSIST= 0x8A 504 }; 505 506 enum ND_RPL_DIO_FLAGS { 507 ND_RPL_DIO_GROUNDED = 0x80, 508 ND_RPL_DIO_DATRIG = 0x40, 509 ND_RPL_DIO_DASUPPORT= 0x20, 510 ND_RPL_DIO_RES4 = 0x10, 511 ND_RPL_DIO_RES3 = 0x08, 512 ND_RPL_DIO_PRF_MASK = 0x07 /* 3-bit preference */ 513 }; 514 515 #define DAGID_LEN 16 516 517 /* section 6 of draft-ietf-roll-rpl-19 */ 518 struct nd_rpl_security { 519 nd_uint8_t rpl_sec_t_reserved; /* bit 7 is T-bit */ 520 nd_uint8_t rpl_sec_algo; 521 nd_uint16_t rpl_sec_kim_lvl_flags; /* bit 15/14, KIM */ 522 /* bit 10-8, LVL, bit 7-0 flags */ 523 nd_uint32_t rpl_sec_counter; 524 #if 0 525 nd_byte rpl_sec_ki[0]; /* depends upon kim */ 526 #endif 527 }; 528 529 /* section 6.2.1, DODAG Information Solication (DIS_IS) */ 530 struct nd_rpl_dis_is { 531 nd_uint8_t rpl_dis_flags; 532 nd_uint8_t rpl_dis_reserved; 533 #if 0 534 nd_byte rpl_dis_options[0]; 535 #endif 536 }; 537 538 /* section 6.3.1, DODAG Information Object (DIO) */ 539 struct nd_rpl_dio { 540 nd_uint8_t rpl_instanceid; 541 nd_uint8_t rpl_version; 542 nd_uint16_t rpl_dagrank; 543 nd_uint8_t rpl_mopprf; /* bit 7=G, 5-3=MOP, 2-0=PRF */ 544 nd_uint8_t rpl_dtsn; /* Dest. Advertisement Trigger Sequence Number */ 545 nd_uint8_t rpl_flags; /* no flags defined yet */ 546 nd_uint8_t rpl_resv1; 547 nd_byte rpl_dagid[DAGID_LEN]; 548 }; 549 #define RPL_DIO_GROUND_FLAG 0x80 550 #define RPL_DIO_MOP_SHIFT 3 551 #define RPL_DIO_MOP_MASK (7 << RPL_DIO_MOP_SHIFT) 552 #define RPL_DIO_PRF_SHIFT 0 553 #define RPL_DIO_PRF_MASK (7 << RPL_DIO_PRF_SHIFT) 554 #define RPL_DIO_GROUNDED(X) ((X)&RPL_DIO_GROUND_FLAG) 555 #define RPL_DIO_MOP(X) (enum RPL_DIO_MOP)(((X)&RPL_DIO_MOP_MASK) >> RPL_DIO_MOP_SHIFT) 556 #define RPL_DIO_PRF(X) (((X)&RPL_DIO_PRF_MASK) >> RPL_DIO_PRF_SHIFT) 557 558 enum RPL_DIO_MOP { 559 RPL_DIO_NONSTORING= 0x0, 560 RPL_DIO_STORING = 0x1, 561 RPL_DIO_NONSTORING_MULTICAST = 0x2, 562 RPL_DIO_STORING_MULTICAST = 0x3 563 }; 564 565 enum RPL_SUBOPT { 566 RPL_OPT_PAD1 = 0, 567 RPL_OPT_PADN = 1, 568 RPL_DIO_METRICS = 2, 569 RPL_DIO_ROUTINGINFO = 3, 570 RPL_DIO_CONFIG = 4, 571 RPL_DAO_RPLTARGET = 5, 572 RPL_DAO_TRANSITINFO = 6, 573 RPL_DIO_DESTPREFIX = 8, 574 RPL_DAO_RPLTARGET_DESC=9 575 }; 576 577 struct rpl_genoption { 578 nd_uint8_t rpl_dio_type; 579 nd_uint8_t rpl_dio_len; /* suboption length, not including type/len */ 580 }; 581 #define RPL_GENOPTION_LEN 2 582 583 #define RPL_DIO_LIFETIME_INFINITE 0xffffffff 584 #define RPL_DIO_LIFETIME_DISCONNECT 0 585 586 struct rpl_dio_destprefix { 587 nd_uint8_t rpl_dio_type; 588 nd_uint8_t rpl_dio_len; 589 nd_uint8_t rpl_dio_prefixlen; /* in bits */ 590 nd_uint8_t rpl_dio_prf; /* flags, including Route Preference */ 591 nd_uint32_t rpl_dio_prefixlifetime; /* in seconds */ 592 #if 0 593 nd_byte rpl_dio_prefix[0]; /* variable number of bytes */ 594 #endif 595 }; 596 597 /* section 6.4.1, DODAG Information Object (DIO) */ 598 struct nd_rpl_dao { 599 nd_uint8_t rpl_instanceid; 600 nd_uint8_t rpl_flags; /* bit 7=K, 6=D */ 601 nd_uint8_t rpl_resv; 602 nd_uint8_t rpl_daoseq; 603 nd_byte rpl_dagid[DAGID_LEN]; /* present when D set. */ 604 }; 605 #define ND_RPL_DAO_MIN_LEN 4 /* length without DAGID */ 606 607 /* indicates if this DAO is to be acK'ed */ 608 #define RPL_DAO_K_SHIFT 7 609 #define RPL_DAO_K_MASK (1 << RPL_DAO_K_SHIFT) 610 #define RPL_DAO_K(X) (((X)&RPL_DAO_K_MASK) >> RPL_DAO_K_SHIFT) 611 612 /* indicates if the DAGID is present */ 613 #define RPL_DAO_D_SHIFT 6 614 #define RPL_DAO_D_MASK (1 << RPL_DAO_D_SHIFT) 615 #define RPL_DAO_D(X) (((X)&RPL_DAO_D_MASK) >> RPL_DAO_D_SHIFT) 616 617 struct rpl_dao_target { 618 nd_uint8_t rpl_dao_type; 619 nd_uint8_t rpl_dao_len; 620 nd_uint8_t rpl_dao_flags; /* unused */ 621 nd_uint8_t rpl_dao_prefixlen; /* in bits */ 622 #if 0 623 nd_byte rpl_dao_prefix[0]; /* variable number of bytes */ 624 #endif 625 }; 626 627 /* section 6.5.1, Destination Advertisement Object Acknowledgement (DAO-ACK) */ 628 struct nd_rpl_daoack { 629 nd_uint8_t rpl_instanceid; 630 nd_uint8_t rpl_flags; /* bit 7=D */ 631 nd_uint8_t rpl_daoseq; 632 nd_uint8_t rpl_status; 633 nd_byte rpl_dagid[DAGID_LEN]; /* present when D set. */ 634 }; 635 #define ND_RPL_DAOACK_MIN_LEN 4 /* length without DAGID */ 636 /* indicates if the DAGID is present */ 637 #define RPL_DAOACK_D_SHIFT 7 638 #define RPL_DAOACK_D_MASK (1 << RPL_DAOACK_D_SHIFT) 639 #define RPL_DAOACK_D(X) (((X)&RPL_DAOACK_D_MASK) >> RPL_DAOACK_D_SHIFT) 640 641 static const struct tok icmp6_type_values[] = { 642 { ICMP6_DST_UNREACH, "destination unreachable"}, 643 { ICMP6_PACKET_TOO_BIG, "packet too big"}, 644 { ICMP6_TIME_EXCEEDED, "time exceeded in-transit"}, 645 { ICMP6_PARAM_PROB, "parameter problem"}, 646 { ICMP6_ECHO_REQUEST, "echo request"}, 647 { ICMP6_ECHO_REPLY, "echo reply"}, 648 { MLD6_LISTENER_QUERY, "multicast listener query"}, 649 { MLD6_LISTENER_REPORT, "multicast listener report"}, 650 { MLD6_LISTENER_DONE, "multicast listener done"}, 651 { ND_ROUTER_SOLICIT, "router solicitation"}, 652 { ND_ROUTER_ADVERT, "router advertisement"}, 653 { ND_NEIGHBOR_SOLICIT, "neighbor solicitation"}, 654 { ND_NEIGHBOR_ADVERT, "neighbor advertisement"}, 655 { ND_REDIRECT, "redirect"}, 656 { ICMP6_ROUTER_RENUMBERING, "router renumbering"}, 657 { IND_SOLICIT, "inverse neighbor solicitation"}, 658 { IND_ADVERT, "inverse neighbor advertisement"}, 659 { MLDV2_LISTENER_REPORT, "multicast listener report v2"}, 660 { ICMP6_HADISCOV_REQUEST, "ha discovery request"}, 661 { ICMP6_HADISCOV_REPLY, "ha discovery reply"}, 662 { ICMP6_MOBILEPREFIX_SOLICIT, "mobile router solicitation"}, 663 { ICMP6_MOBILEPREFIX_ADVERT, "mobile router advertisement"}, 664 { ICMP6_WRUREQUEST, "who-are-you request"}, 665 { ICMP6_WRUREPLY, "who-are-you reply"}, 666 { ICMP6_NI_QUERY, "node information query"}, 667 { ICMP6_NI_REPLY, "node information reply"}, 668 { MLD6_MTRACE, "mtrace message"}, 669 { MLD6_MTRACE_RESP, "mtrace response"}, 670 { ND_RPL_MESSAGE, "RPL"}, 671 { 0, NULL } 672 }; 673 674 static const struct tok icmp6_dst_unreach_code_values[] = { 675 { ICMP6_DST_UNREACH_NOROUTE, "unreachable route" }, 676 { ICMP6_DST_UNREACH_ADMIN, " unreachable prohibited"}, 677 { ICMP6_DST_UNREACH_BEYONDSCOPE, "beyond scope"}, 678 { ICMP6_DST_UNREACH_ADDR, "unreachable address"}, 679 { ICMP6_DST_UNREACH_NOPORT, "unreachable port"}, 680 { 0, NULL } 681 }; 682 683 static const struct tok icmp6_opt_pi_flag_values[] = { 684 { ND_OPT_PI_FLAG_ONLINK, "onlink" }, 685 { ND_OPT_PI_FLAG_AUTO, "auto" }, 686 { ND_OPT_PI_FLAG_ROUTER, "router" }, 687 { 0, NULL } 688 }; 689 690 static const struct tok icmp6_opt_ra_flag_values[] = { 691 { ND_RA_FLAG_MANAGED, "managed" }, 692 { ND_RA_FLAG_OTHER, "other stateful"}, 693 { ND_RA_FLAG_HOME_AGENT, "home agent"}, 694 { ND_RA_FLAG_IPV6ONLY, "ipv6 only"}, 695 { 0, NULL } 696 }; 697 698 static const struct tok icmp6_nd_na_flag_values[] = { 699 { ND_NA_FLAG_ROUTER, "router" }, 700 { ND_NA_FLAG_SOLICITED, "solicited" }, 701 { ND_NA_FLAG_OVERRIDE, "override" }, 702 { 0, NULL } 703 }; 704 705 static const struct tok icmp6_opt_values[] = { 706 { ND_OPT_SOURCE_LINKADDR, "source link-address"}, 707 { ND_OPT_TARGET_LINKADDR, "destination link-address"}, 708 { ND_OPT_PREFIX_INFORMATION, "prefix info"}, 709 { ND_OPT_REDIRECTED_HEADER, "redirected header"}, 710 { ND_OPT_MTU, "mtu"}, 711 { ND_OPT_RDNSS, "rdnss"}, 712 { ND_OPT_DNSSL, "dnssl"}, 713 { ND_OPT_ADVINTERVAL, "advertisement interval"}, 714 { ND_OPT_HOMEAGENT_INFO, "homeagent information"}, 715 { ND_OPT_ROUTE_INFO, "route info"}, 716 { 0, NULL } 717 }; 718 719 /* mldv2 report types */ 720 static const struct tok mldv2report2str[] = { 721 { 1, "is_in" }, 722 { 2, "is_ex" }, 723 { 3, "to_in" }, 724 { 4, "to_ex" }, 725 { 5, "allow" }, 726 { 6, "block" }, 727 { 0, NULL } 728 }; 729 730 static const char * 731 get_rtpref(u_int v) 732 { 733 static const char *rtpref_str[] = { 734 "medium", /* 00 */ 735 "high", /* 01 */ 736 "rsv", /* 10 */ 737 "low" /* 11 */ 738 }; 739 740 return rtpref_str[((v & ND_RA_FLAG_RTPREF_MASK) >> 3) & 0xff]; 741 } 742 743 static const char * 744 get_lifetime(uint32_t v) 745 { 746 static char buf[20]; 747 748 if (v == (uint32_t)~0UL) 749 return "infinity"; 750 else { 751 snprintf(buf, sizeof(buf), "%us", v); 752 return buf; 753 } 754 } 755 756 static void 757 print_lladdr(netdissect_options *ndo, const uint8_t *p, size_t l) 758 { 759 const uint8_t *ep, *q; 760 761 q = p; 762 ep = p + l; 763 while (l > 0 && q < ep) { 764 if (q > p) 765 ND_PRINT(":"); 766 ND_PRINT("%02x", GET_U_1(q)); 767 q++; 768 l--; 769 } 770 } 771 772 static uint16_t icmp6_cksum(netdissect_options *ndo, const struct ip6_hdr *ip6, 773 const struct icmp6_hdr *icp, u_int len) 774 { 775 return nextproto6_cksum(ndo, ip6, (const uint8_t *)(const void *)icp, len, len, 776 IPPROTO_ICMPV6); 777 } 778 779 static const struct tok rpl_mop_values[] = { 780 { RPL_DIO_NONSTORING, "nonstoring"}, 781 { RPL_DIO_STORING, "storing"}, 782 { RPL_DIO_NONSTORING_MULTICAST, "nonstoring-multicast"}, 783 { RPL_DIO_STORING_MULTICAST, "storing-multicast"}, 784 { 0, NULL}, 785 }; 786 787 static const struct tok rpl_subopt_values[] = { 788 { RPL_OPT_PAD1, "pad1"}, 789 { RPL_OPT_PADN, "padN"}, 790 { RPL_DIO_METRICS, "metrics"}, 791 { RPL_DIO_ROUTINGINFO, "routinginfo"}, 792 { RPL_DIO_CONFIG, "config"}, 793 { RPL_DAO_RPLTARGET, "rpltarget"}, 794 { RPL_DAO_TRANSITINFO, "transitinfo"}, 795 { RPL_DIO_DESTPREFIX, "destprefix"}, 796 { RPL_DAO_RPLTARGET_DESC, "rpltargetdesc"}, 797 { 0, NULL}, 798 }; 799 800 static void 801 rpl_printopts(netdissect_options *ndo, const uint8_t *opts, u_int length) 802 { 803 const struct rpl_genoption *opt; 804 uint8_t dio_type; 805 u_int optlen; 806 807 while (length != 0) { 808 opt = (const struct rpl_genoption *)opts; 809 dio_type = GET_U_1(opt->rpl_dio_type); 810 if (dio_type == RPL_OPT_PAD1) { 811 optlen = 1; 812 ND_PRINT(" opt:pad1"); 813 } else { 814 if (length < RPL_GENOPTION_LEN) 815 goto trunc; 816 optlen = GET_U_1(opt->rpl_dio_len)+RPL_GENOPTION_LEN; 817 ND_PRINT(" opt:%s len:%u ", 818 tok2str(rpl_subopt_values, "subopt:%u", dio_type), 819 optlen); 820 ND_TCHECK_LEN(opt, optlen); 821 if (length < optlen) 822 goto trunc; 823 if (ndo->ndo_vflag > 2) { 824 hex_print(ndo, 825 " ", 826 opts + RPL_GENOPTION_LEN, /* content of DIO option */ 827 optlen - RPL_GENOPTION_LEN); 828 } 829 } 830 opts += optlen; 831 length -= optlen; 832 } 833 return; 834 trunc: 835 nd_print_trunc(ndo); 836 } 837 838 static void 839 rpl_dio_print(netdissect_options *ndo, 840 const u_char *bp, u_int length) 841 { 842 const struct nd_rpl_dio *dio = (const struct nd_rpl_dio *)bp; 843 844 ND_LCHECK_ZU(length, sizeof(struct nd_rpl_dio)); 845 ND_PRINT(" [dagid:%s,seq:%u,instance:%u,rank:%u,%smop:%s,prf:%u]", 846 GET_IP6ADDR_STRING(dio->rpl_dagid), 847 GET_U_1(dio->rpl_dtsn), 848 GET_U_1(dio->rpl_instanceid), 849 GET_BE_U_2(dio->rpl_dagrank), 850 RPL_DIO_GROUNDED(GET_U_1(dio->rpl_mopprf)) ? "grounded,":"", 851 tok2str(rpl_mop_values, "mop%u", 852 RPL_DIO_MOP(GET_U_1(dio->rpl_mopprf))), 853 RPL_DIO_PRF(GET_U_1(dio->rpl_mopprf))); 854 855 if(ndo->ndo_vflag > 1) { 856 rpl_printopts(ndo, bp + sizeof(struct nd_rpl_dio), 857 length - sizeof(struct nd_rpl_dio)); 858 } 859 return; 860 invalid: 861 nd_print_invalid(ndo); 862 } 863 864 static void 865 rpl_dao_print(netdissect_options *ndo, 866 const u_char *bp, u_int length) 867 { 868 const struct nd_rpl_dao *dao = (const struct nd_rpl_dao *)bp; 869 const char *dagid_str = "<elided>"; 870 uint8_t rpl_flags; 871 872 ND_TCHECK_SIZE(dao); 873 if (length < ND_RPL_DAO_MIN_LEN) 874 goto tooshort; 875 876 bp += ND_RPL_DAO_MIN_LEN; 877 length -= ND_RPL_DAO_MIN_LEN; 878 rpl_flags = GET_U_1(dao->rpl_flags); 879 if(RPL_DAO_D(rpl_flags)) { 880 ND_TCHECK_LEN(dao->rpl_dagid, DAGID_LEN); 881 if (length < DAGID_LEN) 882 goto tooshort; 883 dagid_str = ip6addr_string (ndo, dao->rpl_dagid); 884 bp += DAGID_LEN; 885 length -= DAGID_LEN; 886 } 887 888 ND_PRINT(" [dagid:%s,seq:%u,instance:%u%s%s,flags:%02x]", 889 dagid_str, 890 GET_U_1(dao->rpl_daoseq), 891 GET_U_1(dao->rpl_instanceid), 892 RPL_DAO_K(rpl_flags) ? ",acK":"", 893 RPL_DAO_D(rpl_flags) ? ",Dagid":"", 894 rpl_flags); 895 896 if(ndo->ndo_vflag > 1) { 897 rpl_printopts(ndo, bp, length); 898 } 899 return; 900 901 trunc: 902 nd_print_trunc(ndo); 903 return; 904 905 tooshort: 906 ND_PRINT(" [|length too short]"); 907 } 908 909 static void 910 rpl_daoack_print(netdissect_options *ndo, 911 const u_char *bp, u_int length) 912 { 913 const struct nd_rpl_daoack *daoack = (const struct nd_rpl_daoack *)bp; 914 const char *dagid_str = "<elided>"; 915 916 ND_TCHECK_LEN(daoack, ND_RPL_DAOACK_MIN_LEN); 917 if (length < ND_RPL_DAOACK_MIN_LEN) 918 goto tooshort; 919 920 bp += ND_RPL_DAOACK_MIN_LEN; 921 length -= ND_RPL_DAOACK_MIN_LEN; 922 if(RPL_DAOACK_D(GET_U_1(daoack->rpl_flags))) { 923 ND_TCHECK_LEN(daoack->rpl_dagid, DAGID_LEN); 924 if (length < DAGID_LEN) 925 goto tooshort; 926 dagid_str = ip6addr_string (ndo, daoack->rpl_dagid); 927 bp += DAGID_LEN; 928 length -= DAGID_LEN; 929 } 930 931 ND_PRINT(" [dagid:%s,seq:%u,instance:%u,status:%u]", 932 dagid_str, 933 GET_U_1(daoack->rpl_daoseq), 934 GET_U_1(daoack->rpl_instanceid), 935 GET_U_1(daoack->rpl_status)); 936 937 /* no officially defined options for DAOACK, but print any we find */ 938 if(ndo->ndo_vflag > 1) { 939 rpl_printopts(ndo, bp, length); 940 } 941 return; 942 943 trunc: 944 nd_print_trunc(ndo); 945 return; 946 947 tooshort: 948 ND_PRINT(" [|dao-length too short]"); 949 } 950 951 static void 952 rpl_print(netdissect_options *ndo, 953 uint8_t icmp6_code, 954 const u_char *bp, u_int length) 955 { 956 int secured = icmp6_code & 0x80; 957 int basecode= icmp6_code & 0x7f; 958 959 if(secured) { 960 ND_PRINT(", (SEC) [worktodo]"); 961 /* XXX 962 * the next header pointer needs to move forward to 963 * skip the secure part. 964 */ 965 return; 966 } else { 967 ND_PRINT(", (CLR)"); 968 } 969 970 switch(basecode) { 971 case ND_RPL_DAG_IS: 972 ND_PRINT("DODAG Information Solicitation"); 973 if(ndo->ndo_vflag) { 974 } 975 break; 976 case ND_RPL_DAG_IO: 977 ND_PRINT("DODAG Information Object"); 978 if(ndo->ndo_vflag) { 979 rpl_dio_print(ndo, bp, length); 980 } 981 break; 982 case ND_RPL_DAO: 983 ND_PRINT("Destination Advertisement Object"); 984 if(ndo->ndo_vflag) { 985 rpl_dao_print(ndo, bp, length); 986 } 987 break; 988 case ND_RPL_DAO_ACK: 989 ND_PRINT("Destination Advertisement Object Ack"); 990 if(ndo->ndo_vflag) { 991 rpl_daoack_print(ndo, bp, length); 992 } 993 break; 994 default: 995 ND_PRINT("RPL message, unknown code %u",icmp6_code); 996 break; 997 } 998 return; 999 1000 #if 0 1001 trunc: 1002 nd_print_trunc(ndo); 1003 return; 1004 #endif 1005 1006 } 1007 1008 void 1009 icmp6_print(netdissect_options *ndo, 1010 const u_char *bp, u_int length, const u_char *bp2, int fragmented) 1011 { 1012 const struct icmp6_hdr *dp; 1013 uint8_t icmp6_type, icmp6_code; 1014 const struct ip6_hdr *ip; 1015 const struct ip6_hdr *oip; 1016 const struct udphdr *ouh; 1017 uint16_t dport; 1018 const u_char *ep; 1019 u_int prot; 1020 1021 ndo->ndo_protocol = "icmp6"; 1022 dp = (const struct icmp6_hdr *)bp; 1023 ip = (const struct ip6_hdr *)bp2; 1024 oip = (const struct ip6_hdr *)(dp + 1); 1025 /* 'ep' points to the end of available data. */ 1026 ep = ndo->ndo_snapend; 1027 if (length == 0) { 1028 ND_PRINT("ICMP6, length 0"); 1029 nd_print_invalid(ndo); 1030 return; 1031 } 1032 1033 if (ndo->ndo_vflag && !fragmented) { 1034 uint16_t sum, udp_sum; 1035 1036 if (ND_TTEST_LEN(bp, length)) { 1037 udp_sum = GET_BE_U_2(dp->icmp6_cksum); 1038 sum = icmp6_cksum(ndo, ip, dp, length); 1039 if (sum != 0) 1040 ND_PRINT("[bad icmp6 cksum 0x%04x -> 0x%04x!] ", 1041 udp_sum, 1042 in_cksum_shouldbe(udp_sum, sum)); 1043 else 1044 ND_PRINT("[icmp6 sum ok] "); 1045 } 1046 } 1047 1048 icmp6_type = GET_U_1(dp->icmp6_type); 1049 ND_PRINT("ICMP6, %s", tok2str(icmp6_type_values,"unknown icmp6 type (%u)",icmp6_type)); 1050 1051 /* display cosmetics: print the packet length for printer that use the vflag now */ 1052 if (ndo->ndo_vflag && (icmp6_type == ND_ROUTER_SOLICIT || 1053 icmp6_type == ND_ROUTER_ADVERT || 1054 icmp6_type == ND_NEIGHBOR_ADVERT || 1055 icmp6_type == ND_NEIGHBOR_SOLICIT || 1056 icmp6_type == ND_REDIRECT || 1057 icmp6_type == ICMP6_HADISCOV_REPLY || 1058 icmp6_type == ICMP6_MOBILEPREFIX_ADVERT )) 1059 ND_PRINT(", length %u", length); 1060 1061 icmp6_code = GET_U_1(dp->icmp6_code); 1062 1063 switch (icmp6_type) { 1064 case ICMP6_DST_UNREACH: 1065 ND_PRINT(", %s", tok2str(icmp6_dst_unreach_code_values,"unknown unreach code (%u)",icmp6_code)); 1066 switch (icmp6_code) { 1067 1068 case ICMP6_DST_UNREACH_NOROUTE: /* fall through */ 1069 case ICMP6_DST_UNREACH_ADMIN: 1070 case ICMP6_DST_UNREACH_ADDR: 1071 ND_PRINT(" %s",GET_IP6ADDR_STRING(oip->ip6_dst)); 1072 break; 1073 case ICMP6_DST_UNREACH_BEYONDSCOPE: 1074 ND_PRINT(" %s, source address %s", 1075 GET_IP6ADDR_STRING(oip->ip6_dst), 1076 GET_IP6ADDR_STRING(oip->ip6_src)); 1077 break; 1078 case ICMP6_DST_UNREACH_NOPORT: 1079 if ((ouh = get_upperlayer(ndo, (const u_char *)oip, &prot)) 1080 == NULL) 1081 goto trunc; 1082 1083 dport = GET_BE_U_2(ouh->uh_dport); 1084 switch (prot) { 1085 case IPPROTO_TCP: 1086 ND_PRINT(", %s tcp port %s", 1087 GET_IP6ADDR_STRING(oip->ip6_dst), 1088 tcpport_string(ndo, dport)); 1089 break; 1090 case IPPROTO_UDP: 1091 ND_PRINT(", %s udp port %s", 1092 GET_IP6ADDR_STRING(oip->ip6_dst), 1093 udpport_string(ndo, dport)); 1094 break; 1095 default: 1096 ND_PRINT(", %s protocol %u port %u unreachable", 1097 GET_IP6ADDR_STRING(oip->ip6_dst), 1098 prot, dport); 1099 break; 1100 } 1101 break; 1102 default: 1103 if (ndo->ndo_vflag <= 1) { 1104 print_unknown_data(ndo, bp,"\n\t",length); 1105 return; 1106 } 1107 break; 1108 } 1109 break; 1110 case ICMP6_PACKET_TOO_BIG: 1111 ND_PRINT(", mtu %u", GET_BE_U_4(dp->icmp6_mtu)); 1112 break; 1113 case ICMP6_TIME_EXCEEDED: 1114 switch (icmp6_code) { 1115 case ICMP6_TIME_EXCEED_TRANSIT: 1116 ND_PRINT(" for %s", 1117 GET_IP6ADDR_STRING(oip->ip6_dst)); 1118 break; 1119 case ICMP6_TIME_EXCEED_REASSEMBLY: 1120 ND_PRINT(" (reassembly)"); 1121 break; 1122 default: 1123 ND_PRINT(", unknown code (%u)", icmp6_code); 1124 break; 1125 } 1126 break; 1127 case ICMP6_PARAM_PROB: 1128 ND_TCHECK_16(oip->ip6_dst); 1129 switch (icmp6_code) { 1130 case ICMP6_PARAMPROB_HEADER: 1131 ND_PRINT(", erroneous - octet %u", 1132 GET_BE_U_4(dp->icmp6_pptr)); 1133 break; 1134 case ICMP6_PARAMPROB_NEXTHEADER: 1135 ND_PRINT(", next header - octet %u", 1136 GET_BE_U_4(dp->icmp6_pptr)); 1137 break; 1138 case ICMP6_PARAMPROB_OPTION: 1139 ND_PRINT(", option - octet %u", 1140 GET_BE_U_4(dp->icmp6_pptr)); 1141 break; 1142 case ICMP6_PARAMPROB_FRAGHDRCHAIN: 1143 ND_PRINT(", incomplete header chain - octet %u", 1144 GET_BE_U_4(dp->icmp6_pptr)); 1145 break; 1146 default: 1147 ND_PRINT(", code-#%u", 1148 icmp6_code); 1149 break; 1150 } 1151 break; 1152 case ICMP6_ECHO_REQUEST: 1153 case ICMP6_ECHO_REPLY: 1154 ND_PRINT(", id %u, seq %u", GET_BE_U_2(dp->icmp6_id), 1155 GET_BE_U_2(dp->icmp6_seq)); 1156 break; 1157 case ICMP6_MEMBERSHIP_QUERY: 1158 if (length == MLD_MINLEN) { 1159 mld6_print(ndo, (const u_char *)dp); 1160 } else if (length >= MLDV2_MINLEN) { 1161 ND_PRINT(" v2"); 1162 mldv2_query_print(ndo, (const u_char *)dp, length); 1163 } else { 1164 ND_PRINT(" unknown-version (len %u) ", length); 1165 } 1166 break; 1167 case ICMP6_MEMBERSHIP_REPORT: 1168 mld6_print(ndo, (const u_char *)dp); 1169 break; 1170 case ICMP6_MEMBERSHIP_REDUCTION: 1171 mld6_print(ndo, (const u_char *)dp); 1172 break; 1173 case ND_ROUTER_SOLICIT: 1174 #define RTSOLLEN 8 1175 if (ndo->ndo_vflag) { 1176 if (icmp6_opt_print(ndo, (const u_char *)dp + RTSOLLEN, 1177 length - RTSOLLEN) == -1) 1178 goto trunc; 1179 } 1180 break; 1181 case ND_ROUTER_ADVERT: 1182 #define RTADVLEN 16 1183 if (ndo->ndo_vflag) { 1184 const struct nd_router_advert *p; 1185 1186 p = (const struct nd_router_advert *)dp; 1187 ND_PRINT("\n\thop limit %u, Flags [%s]" 1188 ", pref %s, router lifetime %us, reachable time %ums, retrans timer %ums", 1189 GET_U_1(p->nd_ra_curhoplimit), 1190 bittok2str(icmp6_opt_ra_flag_values,"none",GET_U_1(p->nd_ra_flags_reserved)), 1191 get_rtpref(GET_U_1(p->nd_ra_flags_reserved)), 1192 GET_BE_U_2(p->nd_ra_router_lifetime), 1193 GET_BE_U_4(p->nd_ra_reachable), 1194 GET_BE_U_4(p->nd_ra_retransmit)); 1195 1196 if (icmp6_opt_print(ndo, (const u_char *)dp + RTADVLEN, 1197 length - RTADVLEN) == -1) 1198 goto trunc; 1199 } 1200 break; 1201 case ND_NEIGHBOR_SOLICIT: 1202 { 1203 const struct nd_neighbor_solicit *p; 1204 p = (const struct nd_neighbor_solicit *)dp; 1205 ND_PRINT(", who has %s", GET_IP6ADDR_STRING(p->nd_ns_target)); 1206 if (ndo->ndo_vflag) { 1207 #define NDSOLLEN 24 1208 if (icmp6_opt_print(ndo, (const u_char *)dp + NDSOLLEN, 1209 length - NDSOLLEN) == -1) 1210 goto trunc; 1211 } 1212 } 1213 break; 1214 case ND_NEIGHBOR_ADVERT: 1215 { 1216 const struct nd_neighbor_advert *p; 1217 1218 p = (const struct nd_neighbor_advert *)dp; 1219 ND_PRINT(", tgt is %s", 1220 GET_IP6ADDR_STRING(p->nd_na_target)); 1221 if (ndo->ndo_vflag) { 1222 ND_PRINT(", Flags [%s]", 1223 bittok2str(icmp6_nd_na_flag_values, 1224 "none", 1225 GET_BE_U_4(p->nd_na_flags_reserved))); 1226 #define NDADVLEN 24 1227 if (icmp6_opt_print(ndo, (const u_char *)dp + NDADVLEN, 1228 length - NDADVLEN) == -1) 1229 goto trunc; 1230 #undef NDADVLEN 1231 } 1232 } 1233 break; 1234 case ND_REDIRECT: 1235 { 1236 const struct nd_redirect *p; 1237 1238 p = (const struct nd_redirect *)dp; 1239 ND_PRINT(", %s", GET_IP6ADDR_STRING(p->nd_rd_dst)); 1240 ND_PRINT(" to %s", GET_IP6ADDR_STRING(p->nd_rd_target)); 1241 #define REDIRECTLEN 40 1242 if (ndo->ndo_vflag) { 1243 if (icmp6_opt_print(ndo, (const u_char *)dp + REDIRECTLEN, 1244 length - REDIRECTLEN) == -1) 1245 goto trunc; 1246 #undef REDIRECTLEN 1247 } 1248 } 1249 break; 1250 case ICMP6_ROUTER_RENUMBERING: 1251 icmp6_rrenum_print(ndo, bp, ep); 1252 break; 1253 case ICMP6_NI_QUERY: 1254 case ICMP6_NI_REPLY: 1255 icmp6_nodeinfo_print(ndo, length, bp, ep); 1256 break; 1257 case IND_SOLICIT: 1258 case IND_ADVERT: 1259 break; 1260 case ICMP6_V2_MEMBERSHIP_REPORT: 1261 mldv2_report_print(ndo, (const u_char *) dp, length); 1262 break; 1263 case ICMP6_MOBILEPREFIX_SOLICIT: /* fall through */ 1264 case ICMP6_HADISCOV_REQUEST: 1265 ND_PRINT(", id 0x%04x", GET_BE_U_2(dp->icmp6_data16[0])); 1266 break; 1267 case ICMP6_HADISCOV_REPLY: 1268 if (ndo->ndo_vflag) { 1269 const u_char *cp; 1270 const u_char *p; 1271 1272 ND_PRINT(", id 0x%04x", 1273 GET_BE_U_2(dp->icmp6_data16[0])); 1274 cp = (const u_char *)dp + length; 1275 p = (const u_char *)(dp + 1); 1276 while (p < cp) { 1277 ND_PRINT(", %s", GET_IP6ADDR_STRING(p)); 1278 p += 16; 1279 } 1280 } 1281 break; 1282 case ICMP6_MOBILEPREFIX_ADVERT: 1283 if (ndo->ndo_vflag) { 1284 uint16_t flags; 1285 1286 ND_PRINT(", id 0x%04x", 1287 GET_BE_U_2(dp->icmp6_data16[0])); 1288 flags = GET_BE_U_2(dp->icmp6_data16[1]); 1289 if (flags & 0xc000) 1290 ND_PRINT(" "); 1291 if (flags & 0x8000) 1292 ND_PRINT("M"); 1293 if (flags & 0x4000) 1294 ND_PRINT("O"); 1295 #define MPADVLEN 8 1296 if (icmp6_opt_print(ndo, (const u_char *)dp + MPADVLEN, 1297 length - MPADVLEN) == -1) 1298 goto trunc; 1299 } 1300 break; 1301 case ND_RPL_MESSAGE: 1302 /* plus 4, because struct icmp6_hdr contains 4 bytes of icmp payload */ 1303 rpl_print(ndo, icmp6_code, dp->icmp6_data, length-sizeof(struct icmp6_hdr)+4); 1304 break; 1305 default: 1306 ND_PRINT(", length %u", length); 1307 if (ndo->ndo_vflag <= 1) 1308 print_unknown_data(ndo, bp,"\n\t", length); 1309 return; 1310 } 1311 if (!ndo->ndo_vflag) 1312 ND_PRINT(", length %u", length); 1313 return; 1314 trunc: 1315 nd_print_trunc(ndo); 1316 } 1317 1318 static const struct udphdr * 1319 get_upperlayer(netdissect_options *ndo, const u_char *bp, u_int *prot) 1320 { 1321 const u_char *ep; 1322 const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp; 1323 const struct udphdr *uh; 1324 const struct ip6_hbh *hbh; 1325 const struct ip6_frag *fragh; 1326 const struct ah *ah; 1327 u_int nh; 1328 int hlen; 1329 1330 /* 'ep' points to the end of available data. */ 1331 ep = ndo->ndo_snapend; 1332 1333 if (!ND_TTEST_1(ip6->ip6_nxt)) 1334 return NULL; 1335 1336 nh = GET_U_1(ip6->ip6_nxt); 1337 hlen = sizeof(struct ip6_hdr); 1338 1339 while (bp < ep) { 1340 bp += hlen; 1341 1342 switch(nh) { 1343 case IPPROTO_UDP: 1344 case IPPROTO_TCP: 1345 uh = (const struct udphdr *)bp; 1346 if (ND_TTEST_2(uh->uh_dport)) { 1347 *prot = nh; 1348 return(uh); 1349 } 1350 else 1351 return(NULL); 1352 /* NOTREACHED */ 1353 1354 case IPPROTO_HOPOPTS: 1355 case IPPROTO_DSTOPTS: 1356 case IPPROTO_ROUTING: 1357 hbh = (const struct ip6_hbh *)bp; 1358 if (!ND_TTEST_1(hbh->ip6h_len)) 1359 return(NULL); 1360 nh = GET_U_1(hbh->ip6h_nxt); 1361 hlen = (GET_U_1(hbh->ip6h_len) + 1) << 3; 1362 break; 1363 1364 case IPPROTO_FRAGMENT: /* this should be odd, but try anyway */ 1365 fragh = (const struct ip6_frag *)bp; 1366 if (!ND_TTEST_2(fragh->ip6f_offlg)) 1367 return(NULL); 1368 /* fragments with non-zero offset are meaningless */ 1369 if ((GET_BE_U_2(fragh->ip6f_offlg) & IP6F_OFF_MASK) != 0) 1370 return(NULL); 1371 nh = GET_U_1(fragh->ip6f_nxt); 1372 hlen = sizeof(struct ip6_frag); 1373 break; 1374 1375 case IPPROTO_AH: 1376 ah = (const struct ah *)bp; 1377 if (!ND_TTEST_1(ah->ah_len)) 1378 return(NULL); 1379 nh = GET_U_1(ah->ah_nxt); 1380 hlen = (GET_U_1(ah->ah_len) + 2) << 2; 1381 break; 1382 1383 default: /* unknown or undecodable header */ 1384 *prot = nh; /* meaningless, but set here anyway */ 1385 return(NULL); 1386 } 1387 } 1388 1389 return(NULL); /* should be notreached, though */ 1390 } 1391 1392 static int 1393 icmp6_opt_print(netdissect_options *ndo, const u_char *bp, int resid) 1394 { 1395 const struct nd_opt_hdr *op; 1396 uint8_t opt_type; 1397 u_int opt_len; 1398 const struct nd_opt_prefix_info *opp; 1399 const struct nd_opt_mtu *opm; 1400 const struct nd_opt_rdnss *oprd; 1401 const struct nd_opt_dnssl *opds; 1402 const struct nd_opt_advinterval *opa; 1403 const struct nd_opt_homeagent_info *oph; 1404 const struct nd_opt_route_info *opri; 1405 const u_char *cp, *ep, *domp; 1406 nd_ipv6 in6; 1407 size_t l; 1408 u_int i; 1409 1410 cp = bp; 1411 /* 'ep' points to the end of available data. */ 1412 ep = ndo->ndo_snapend; 1413 1414 while (cp < ep) { 1415 op = (const struct nd_opt_hdr *)cp; 1416 1417 ND_TCHECK_1(op->nd_opt_len); 1418 if (resid <= 0) 1419 return 0; 1420 opt_type = GET_U_1(op->nd_opt_type); 1421 opt_len = GET_U_1(op->nd_opt_len); 1422 if (opt_len == 0) 1423 goto trunc; 1424 if (cp + (opt_len << 3) > ep) 1425 goto trunc; 1426 1427 ND_PRINT("\n\t %s option (%u), length %u (%u): ", 1428 tok2str(icmp6_opt_values, "unknown", opt_type), 1429 opt_type, 1430 opt_len << 3, 1431 opt_len); 1432 1433 switch (opt_type) { 1434 case ND_OPT_SOURCE_LINKADDR: 1435 l = (opt_len << 3) - 2; 1436 print_lladdr(ndo, cp + 2, l); 1437 break; 1438 case ND_OPT_TARGET_LINKADDR: 1439 l = (opt_len << 3) - 2; 1440 print_lladdr(ndo, cp + 2, l); 1441 break; 1442 case ND_OPT_PREFIX_INFORMATION: 1443 opp = (const struct nd_opt_prefix_info *)op; 1444 ND_PRINT("%s/%u%s, Flags [%s], valid time %s", 1445 GET_IP6ADDR_STRING(opp->nd_opt_pi_prefix), 1446 GET_U_1(opp->nd_opt_pi_prefix_len), 1447 (opt_len != 4) ? "badlen" : "", 1448 bittok2str(icmp6_opt_pi_flag_values, "none", GET_U_1(opp->nd_opt_pi_flags_reserved)), 1449 get_lifetime(GET_BE_U_4(opp->nd_opt_pi_valid_time))); 1450 ND_PRINT(", pref. time %s", 1451 get_lifetime(GET_BE_U_4(opp->nd_opt_pi_preferred_time))); 1452 break; 1453 case ND_OPT_REDIRECTED_HEADER: 1454 print_unknown_data(ndo, bp,"\n\t ",opt_len<<3); 1455 /* xxx */ 1456 break; 1457 case ND_OPT_MTU: 1458 opm = (const struct nd_opt_mtu *)op; 1459 ND_PRINT(" %u%s", 1460 GET_BE_U_4(opm->nd_opt_mtu_mtu), 1461 (opt_len != 1) ? "bad option length" : "" ); 1462 break; 1463 case ND_OPT_RDNSS: 1464 oprd = (const struct nd_opt_rdnss *)op; 1465 l = (opt_len - 1) / 2; 1466 ND_PRINT(" lifetime %us,", 1467 GET_BE_U_4(oprd->nd_opt_rdnss_lifetime)); 1468 for (i = 0; i < l; i++) { 1469 ND_PRINT(" addr: %s", 1470 GET_IP6ADDR_STRING(oprd->nd_opt_rdnss_addr[i])); 1471 } 1472 break; 1473 case ND_OPT_DNSSL: 1474 opds = (const struct nd_opt_dnssl *)op; 1475 ND_PRINT(" lifetime %us, domain(s):", 1476 GET_BE_U_4(opds->nd_opt_dnssl_lifetime)); 1477 domp = cp + 8; /* domain names, variable-sized, RFC1035-encoded */ 1478 while (domp < cp + (opt_len << 3) && GET_U_1(domp) != '\0') 1479 { 1480 ND_PRINT(" "); 1481 if ((domp = fqdn_print(ndo, domp, bp)) == NULL) 1482 goto trunc; 1483 } 1484 break; 1485 case ND_OPT_ADVINTERVAL: 1486 opa = (const struct nd_opt_advinterval *)op; 1487 ND_PRINT(" %ums", 1488 GET_BE_U_4(opa->nd_opt_adv_interval)); 1489 break; 1490 case ND_OPT_HOMEAGENT_INFO: 1491 oph = (const struct nd_opt_homeagent_info *)op; 1492 ND_PRINT(" preference %u, lifetime %u", 1493 GET_BE_U_2(oph->nd_opt_hai_preference), 1494 GET_BE_U_2(oph->nd_opt_hai_lifetime)); 1495 break; 1496 case ND_OPT_ROUTE_INFO: 1497 opri = (const struct nd_opt_route_info *)op; 1498 ND_TCHECK_4(opri->nd_opt_rti_lifetime); 1499 memset(&in6, 0, sizeof(in6)); 1500 switch (opt_len) { 1501 case 1: 1502 break; 1503 case 2: 1504 GET_CPY_BYTES(&in6, opri + 1, 8); 1505 break; 1506 case 3: 1507 GET_CPY_BYTES(&in6, opri + 1, 16); 1508 break; 1509 default: 1510 goto trunc; 1511 } 1512 ND_PRINT(" %s/%u", ip6addr_string(ndo, (const u_char *)&in6), /* local buffer, not packet data; don't use GET_IP6ADDR_STRING() */ 1513 GET_U_1(opri->nd_opt_rti_prefixlen)); 1514 ND_PRINT(", pref=%s", 1515 get_rtpref(GET_U_1(opri->nd_opt_rti_flags))); 1516 ND_PRINT(", lifetime=%s", 1517 get_lifetime(GET_BE_U_4(opri->nd_opt_rti_lifetime))); 1518 break; 1519 default: 1520 if (ndo->ndo_vflag <= 1) { 1521 print_unknown_data(ndo,cp+2,"\n\t ", (opt_len << 3) - 2); /* skip option header */ 1522 return 0; 1523 } 1524 break; 1525 } 1526 /* do we want to see an additional hexdump ? */ 1527 if (ndo->ndo_vflag> 1) 1528 print_unknown_data(ndo, cp+2,"\n\t ", (opt_len << 3) - 2); /* skip option header */ 1529 1530 cp += opt_len << 3; 1531 resid -= opt_len << 3; 1532 } 1533 return 0; 1534 1535 trunc: 1536 return -1; 1537 } 1538 1539 static void 1540 mld6_print(netdissect_options *ndo, const u_char *bp) 1541 { 1542 const struct mld6_hdr *mp = (const struct mld6_hdr *)bp; 1543 const u_char *ep; 1544 1545 /* 'ep' points to the end of available data. */ 1546 ep = ndo->ndo_snapend; 1547 1548 if ((const u_char *)mp + sizeof(*mp) > ep) 1549 return; 1550 1551 ND_PRINT("max resp delay: %u ", GET_BE_U_2(mp->mld6_maxdelay)); 1552 ND_PRINT("addr: %s", GET_IP6ADDR_STRING(mp->mld6_addr)); 1553 } 1554 1555 static void 1556 mldv2_report_print(netdissect_options *ndo, const u_char *bp, u_int len) 1557 { 1558 const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp; 1559 u_int group, nsrcs, ngroups; 1560 u_int i, j; 1561 1562 /* Minimum len is 8 */ 1563 if (len < 8) { 1564 ND_PRINT(" [invalid len %u]", len); 1565 return; 1566 } 1567 1568 ngroups = GET_BE_U_2(icp->icmp6_data16[1]); 1569 ND_PRINT(", %u group record(s)", ngroups); 1570 if (ndo->ndo_vflag > 0) { 1571 /* Print the group records */ 1572 group = 8; 1573 for (i = 0; i < ngroups; i++) { 1574 /* type(1) + auxlen(1) + numsrc(2) + grp(16) */ 1575 if (len < group + 20) { 1576 ND_PRINT(" [invalid number of groups]"); 1577 return; 1578 } 1579 ND_PRINT(" [gaddr %s", GET_IP6ADDR_STRING(bp + group + 4)); 1580 ND_PRINT(" %s", tok2str(mldv2report2str, " [v2-report-#%u]", 1581 GET_U_1(bp + group))); 1582 nsrcs = GET_BE_U_2(bp + group + 2); 1583 /* Check the number of sources and print them */ 1584 if (len < group + 20 + (nsrcs * sizeof(nd_ipv6))) { 1585 ND_PRINT(" [invalid number of sources %u]", nsrcs); 1586 return; 1587 } 1588 if (ndo->ndo_vflag == 1) 1589 ND_PRINT(", %u source(s)", nsrcs); 1590 else { 1591 /* Print the sources */ 1592 ND_PRINT(" {"); 1593 for (j = 0; j < nsrcs; j++) { 1594 ND_PRINT(" %s", GET_IP6ADDR_STRING(bp + group + 20 + (j * sizeof(nd_ipv6)))); 1595 } 1596 ND_PRINT(" }"); 1597 } 1598 /* Next group record */ 1599 group += 20 + nsrcs * sizeof(nd_ipv6); 1600 ND_PRINT("]"); 1601 } 1602 } 1603 } 1604 1605 static void 1606 mldv2_query_print(netdissect_options *ndo, const u_char *bp, u_int len) 1607 { 1608 const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp; 1609 u_int mrc; 1610 u_int mrt, qqi; 1611 u_int nsrcs; 1612 u_int i; 1613 1614 /* Minimum len is 28 */ 1615 if (len < 28) { 1616 ND_PRINT(" [invalid len %u]", len); 1617 return; 1618 } 1619 mrc = GET_BE_U_2(icp->icmp6_data16[0]); 1620 if (mrc < 32768) { 1621 mrt = mrc; 1622 } else { 1623 mrt = ((mrc & 0x0fff) | 0x1000) << (((mrc & 0x7000) >> 12) + 3); 1624 } 1625 if (ndo->ndo_vflag) { 1626 ND_PRINT(" [max resp delay=%u]", mrt); 1627 } 1628 ND_PRINT(" [gaddr %s", GET_IP6ADDR_STRING(bp + 8)); 1629 1630 if (ndo->ndo_vflag) { 1631 if (GET_U_1(bp + 24) & 0x08) { 1632 ND_PRINT(" sflag"); 1633 } 1634 if (GET_U_1(bp + 24) & 0x07) { 1635 ND_PRINT(" robustness=%u", GET_U_1(bp + 24) & 0x07); 1636 } 1637 if (GET_U_1(bp + 25) < 128) { 1638 qqi = GET_U_1(bp + 25); 1639 } else { 1640 qqi = ((GET_U_1(bp + 25) & 0x0f) | 0x10) << 1641 (((GET_U_1(bp + 25) & 0x70) >> 4) + 3); 1642 } 1643 ND_PRINT(" qqi=%u", qqi); 1644 } 1645 1646 nsrcs = GET_BE_U_2(bp + 26); 1647 if (nsrcs > 0) { 1648 if (len < 28 + nsrcs * sizeof(nd_ipv6)) 1649 ND_PRINT(" [invalid number of sources]"); 1650 else if (ndo->ndo_vflag > 1) { 1651 ND_PRINT(" {"); 1652 for (i = 0; i < nsrcs; i++) { 1653 ND_PRINT(" %s", GET_IP6ADDR_STRING(bp + 28 + (i * sizeof(nd_ipv6)))); 1654 } 1655 ND_PRINT(" }"); 1656 } else 1657 ND_PRINT(", %u source(s)", nsrcs); 1658 } 1659 ND_PRINT("]"); 1660 } 1661 1662 static void 1663 dnsname_print(netdissect_options *ndo, const u_char *cp, const u_char *ep) 1664 { 1665 int i; 1666 1667 /* DNS name decoding - no decompression */ 1668 ND_PRINT(", \""); 1669 while (cp < ep) { 1670 i = GET_U_1(cp); 1671 cp++; 1672 if (i) { 1673 if (i > ep - cp) { 1674 ND_PRINT("???"); 1675 break; 1676 } 1677 while (i-- && cp < ep) { 1678 fn_print_char(ndo, GET_U_1(cp)); 1679 cp++; 1680 } 1681 if (cp + 1 < ep && GET_U_1(cp)) 1682 ND_PRINT("."); 1683 } else { 1684 if (cp == ep) { 1685 /* FQDN */ 1686 ND_PRINT("."); 1687 } else if (cp + 1 == ep && GET_U_1(cp) == '\0') { 1688 /* truncated */ 1689 } else { 1690 /* invalid */ 1691 ND_PRINT("???"); 1692 } 1693 break; 1694 } 1695 } 1696 ND_PRINT("\""); 1697 } 1698 1699 static void 1700 icmp6_nodeinfo_print(netdissect_options *ndo, u_int icmp6len, const u_char *bp, const u_char *ep) 1701 { 1702 const struct icmp6_nodeinfo *ni6; 1703 const struct icmp6_hdr *dp; 1704 const u_char *cp; 1705 size_t siz, i; 1706 int needcomma; 1707 1708 if (ep < bp) 1709 return; 1710 dp = (const struct icmp6_hdr *)bp; 1711 ni6 = (const struct icmp6_nodeinfo *)bp; 1712 siz = ep - bp; 1713 1714 switch (GET_U_1(ni6->ni_type)) { 1715 case ICMP6_NI_QUERY: 1716 if (siz == sizeof(*dp) + 4) { 1717 /* KAME who-are-you */ 1718 ND_PRINT(" who-are-you request"); 1719 break; 1720 } 1721 ND_PRINT(" node information query"); 1722 1723 ND_TCHECK_LEN(dp, sizeof(*ni6)); 1724 ni6 = (const struct icmp6_nodeinfo *)dp; 1725 ND_PRINT(" ("); /*)*/ 1726 switch (GET_BE_U_2(ni6->ni_qtype)) { 1727 case NI_QTYPE_NOOP: 1728 ND_PRINT("noop"); 1729 break; 1730 case NI_QTYPE_SUPTYPES: 1731 ND_PRINT("supported qtypes"); 1732 i = GET_BE_U_2(ni6->ni_flags); 1733 if (i) 1734 ND_PRINT(" [%s]", (i & 0x01) ? "C" : ""); 1735 break; 1736 case NI_QTYPE_FQDN: 1737 ND_PRINT("DNS name"); 1738 break; 1739 case NI_QTYPE_NODEADDR: 1740 ND_PRINT("node addresses"); 1741 i = GET_BE_U_2(ni6->ni_flags); 1742 if (!i) 1743 break; 1744 /* NI_NODEADDR_FLAG_TRUNCATE undefined for query */ 1745 ND_PRINT(" [%s%s%s%s%s%s]", 1746 (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "", 1747 (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "", 1748 (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "", 1749 (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "", 1750 (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "", 1751 (i & NI_NODEADDR_FLAG_ALL) ? "A" : ""); 1752 break; 1753 default: 1754 ND_PRINT("unknown"); 1755 break; 1756 } 1757 1758 if (GET_BE_U_2(ni6->ni_qtype) == NI_QTYPE_NOOP || 1759 GET_BE_U_2(ni6->ni_qtype) == NI_QTYPE_SUPTYPES) { 1760 if (siz != sizeof(*ni6)) 1761 if (ndo->ndo_vflag) 1762 ND_PRINT(", invalid len"); 1763 /*(*/ 1764 ND_PRINT(")"); 1765 break; 1766 } 1767 1768 /* XXX backward compat, icmp-name-lookup-03 */ 1769 if (siz == sizeof(*ni6)) { 1770 ND_PRINT(", 03 draft"); 1771 /*(*/ 1772 ND_PRINT(")"); 1773 break; 1774 } 1775 1776 cp = (const u_char *)(ni6 + 1); 1777 switch (GET_U_1(ni6->ni_code)) { 1778 case ICMP6_NI_SUBJ_IPV6: 1779 if (!ND_TTEST_LEN(dp, sizeof(*ni6) + sizeof(nd_ipv6))) 1780 break; 1781 if (siz != sizeof(*ni6) + sizeof(nd_ipv6)) { 1782 if (ndo->ndo_vflag) 1783 ND_PRINT(", invalid subject len"); 1784 break; 1785 } 1786 ND_PRINT(", subject=%s", 1787 GET_IP6ADDR_STRING(cp)); 1788 break; 1789 case ICMP6_NI_SUBJ_FQDN: 1790 ND_PRINT(", subject=DNS name"); 1791 if (GET_U_1(cp) == ep - cp - 1) { 1792 /* icmp-name-lookup-03, pascal string */ 1793 if (ndo->ndo_vflag) 1794 ND_PRINT(", 03 draft"); 1795 cp++; 1796 ND_PRINT(", \""); 1797 while (cp < ep) { 1798 fn_print_char(ndo, GET_U_1(cp)); 1799 cp++; 1800 } 1801 ND_PRINT("\""); 1802 } else 1803 dnsname_print(ndo, cp, ep); 1804 break; 1805 case ICMP6_NI_SUBJ_IPV4: 1806 if (!ND_TTEST_LEN(dp, sizeof(*ni6) + sizeof(nd_ipv4))) 1807 break; 1808 if (siz != sizeof(*ni6) + sizeof(nd_ipv4)) { 1809 if (ndo->ndo_vflag) 1810 ND_PRINT(", invalid subject len"); 1811 break; 1812 } 1813 ND_PRINT(", subject=%s", 1814 GET_IPADDR_STRING(cp)); 1815 break; 1816 default: 1817 ND_PRINT(", unknown subject"); 1818 break; 1819 } 1820 1821 /*(*/ 1822 ND_PRINT(")"); 1823 break; 1824 1825 case ICMP6_NI_REPLY: 1826 if (icmp6len > siz) 1827 goto trunc; 1828 1829 needcomma = 0; 1830 1831 ND_TCHECK_LEN(dp, sizeof(*ni6)); 1832 ni6 = (const struct icmp6_nodeinfo *)dp; 1833 ND_PRINT(" node information reply"); 1834 ND_PRINT(" ("); /*)*/ 1835 switch (GET_U_1(ni6->ni_code)) { 1836 case ICMP6_NI_SUCCESS: 1837 if (ndo->ndo_vflag) { 1838 ND_PRINT("success"); 1839 needcomma++; 1840 } 1841 break; 1842 case ICMP6_NI_REFUSED: 1843 ND_PRINT("refused"); 1844 needcomma++; 1845 if (siz != sizeof(*ni6)) 1846 if (ndo->ndo_vflag) 1847 ND_PRINT(", invalid length"); 1848 break; 1849 case ICMP6_NI_UNKNOWN: 1850 ND_PRINT("unknown"); 1851 needcomma++; 1852 if (siz != sizeof(*ni6)) 1853 if (ndo->ndo_vflag) 1854 ND_PRINT(", invalid length"); 1855 break; 1856 } 1857 1858 if (GET_U_1(ni6->ni_code) != ICMP6_NI_SUCCESS) { 1859 /*(*/ 1860 ND_PRINT(")"); 1861 break; 1862 } 1863 1864 switch (GET_BE_U_2(ni6->ni_qtype)) { 1865 case NI_QTYPE_NOOP: 1866 if (needcomma) 1867 ND_PRINT(", "); 1868 ND_PRINT("noop"); 1869 if (siz != sizeof(*ni6)) 1870 if (ndo->ndo_vflag) 1871 ND_PRINT(", invalid length"); 1872 break; 1873 case NI_QTYPE_SUPTYPES: 1874 if (needcomma) 1875 ND_PRINT(", "); 1876 ND_PRINT("supported qtypes"); 1877 i = GET_BE_U_2(ni6->ni_flags); 1878 if (i) 1879 ND_PRINT(" [%s]", (i & 0x01) ? "C" : ""); 1880 break; 1881 case NI_QTYPE_FQDN: 1882 if (needcomma) 1883 ND_PRINT(", "); 1884 ND_PRINT("DNS name"); 1885 cp = (const u_char *)(ni6 + 1) + 4; 1886 if (GET_U_1(cp) == ep - cp - 1) { 1887 /* icmp-name-lookup-03, pascal string */ 1888 if (ndo->ndo_vflag) 1889 ND_PRINT(", 03 draft"); 1890 cp++; 1891 ND_PRINT(", \""); 1892 while (cp < ep) { 1893 fn_print_char(ndo, GET_U_1(cp)); 1894 cp++; 1895 } 1896 ND_PRINT("\""); 1897 } else 1898 dnsname_print(ndo, cp, ep); 1899 if ((GET_BE_U_2(ni6->ni_flags) & 0x01) != 0) 1900 ND_PRINT(" [TTL=%u]", GET_BE_U_4(ni6 + 1)); 1901 break; 1902 case NI_QTYPE_NODEADDR: 1903 if (needcomma) 1904 ND_PRINT(", "); 1905 ND_PRINT("node addresses"); 1906 i = sizeof(*ni6); 1907 while (i < siz) { 1908 if (i + sizeof(uint32_t) + sizeof(nd_ipv6) > siz) 1909 break; 1910 ND_PRINT(" %s(%u)", 1911 GET_IP6ADDR_STRING(bp + i + sizeof(uint32_t)), 1912 GET_BE_U_4(bp + i)); 1913 i += sizeof(uint32_t) + sizeof(nd_ipv6); 1914 } 1915 i = GET_BE_U_2(ni6->ni_flags); 1916 if (!i) 1917 break; 1918 ND_PRINT(" [%s%s%s%s%s%s%s]", 1919 (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "", 1920 (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "", 1921 (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "", 1922 (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "", 1923 (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "", 1924 (i & NI_NODEADDR_FLAG_ALL) ? "A" : "", 1925 (i & NI_NODEADDR_FLAG_TRUNCATE) ? "T" : ""); 1926 break; 1927 default: 1928 if (needcomma) 1929 ND_PRINT(", "); 1930 ND_PRINT("unknown"); 1931 break; 1932 } 1933 1934 /*(*/ 1935 ND_PRINT(")"); 1936 break; 1937 } 1938 return; 1939 1940 trunc: 1941 nd_print_trunc(ndo); 1942 } 1943 1944 static void 1945 icmp6_rrenum_print(netdissect_options *ndo, const u_char *bp, const u_char *ep) 1946 { 1947 const struct icmp6_router_renum *rr6; 1948 const char *cp; 1949 const struct rr_pco_match *match; 1950 const struct rr_pco_use *use; 1951 char hbuf[NI_MAXHOST]; 1952 int n; 1953 1954 if (ep < bp) 1955 return; 1956 rr6 = (const struct icmp6_router_renum *)bp; 1957 cp = (const char *)(rr6 + 1); 1958 1959 ND_TCHECK_4(rr6->rr_reserved); 1960 switch (GET_U_1(rr6->rr_code)) { 1961 case ICMP6_ROUTER_RENUMBERING_COMMAND: 1962 ND_PRINT(", command"); 1963 break; 1964 case ICMP6_ROUTER_RENUMBERING_RESULT: 1965 ND_PRINT(", result"); 1966 break; 1967 case ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET: 1968 ND_PRINT(", sequence number reset"); 1969 break; 1970 default: 1971 ND_PRINT(", code-#%u", GET_U_1(rr6->rr_code)); 1972 break; 1973 } 1974 1975 ND_PRINT(", seq=%u", GET_BE_U_4(rr6->rr_seqnum)); 1976 1977 if (ndo->ndo_vflag) { 1978 uint8_t rr_flags = GET_U_1(rr6->rr_flags); 1979 #define F(x, y) (rr_flags & (x) ? (y) : "") 1980 ND_PRINT("["); /*]*/ 1981 if (rr_flags) { 1982 ND_PRINT("%s%s%s%s%s,", F(ICMP6_RR_FLAGS_TEST, "T"), 1983 F(ICMP6_RR_FLAGS_REQRESULT, "R"), 1984 F(ICMP6_RR_FLAGS_FORCEAPPLY, "A"), 1985 F(ICMP6_RR_FLAGS_SPECSITE, "S"), 1986 F(ICMP6_RR_FLAGS_PREVDONE, "P")); 1987 } 1988 ND_PRINT("seg=%u,", GET_U_1(rr6->rr_segnum)); 1989 ND_PRINT("maxdelay=%u", GET_BE_U_2(rr6->rr_maxdelay)); 1990 if (GET_BE_U_4(rr6->rr_reserved)) 1991 ND_PRINT("rsvd=0x%x", GET_BE_U_4(rr6->rr_reserved)); 1992 /*[*/ 1993 ND_PRINT("]"); 1994 #undef F 1995 } 1996 1997 if (GET_U_1(rr6->rr_code) == ICMP6_ROUTER_RENUMBERING_COMMAND) { 1998 match = (const struct rr_pco_match *)cp; 1999 cp = (const char *)(match + 1); 2000 2001 ND_TCHECK_16(match->rpm_prefix); 2002 2003 if (ndo->ndo_vflag > 1) 2004 ND_PRINT("\n\t"); 2005 else 2006 ND_PRINT(" "); 2007 ND_PRINT("match("); /*)*/ 2008 switch (GET_U_1(match->rpm_code)) { 2009 case RPM_PCO_ADD: ND_PRINT("add"); break; 2010 case RPM_PCO_CHANGE: ND_PRINT("change"); break; 2011 case RPM_PCO_SETGLOBAL: ND_PRINT("setglobal"); break; 2012 default: ND_PRINT("#%u", 2013 GET_U_1(match->rpm_code)); break; 2014 } 2015 2016 if (ndo->ndo_vflag) { 2017 ND_PRINT(",ord=%u", GET_U_1(match->rpm_ordinal)); 2018 ND_PRINT(",min=%u", GET_U_1(match->rpm_minlen)); 2019 ND_PRINT(",max=%u", GET_U_1(match->rpm_maxlen)); 2020 } 2021 if (addrtostr6(match->rpm_prefix, hbuf, sizeof(hbuf))) 2022 ND_PRINT(",%s/%u", hbuf, GET_U_1(match->rpm_matchlen)); 2023 else 2024 ND_PRINT(",?/%u", GET_U_1(match->rpm_matchlen)); 2025 /*(*/ 2026 ND_PRINT(")"); 2027 2028 n = GET_U_1(match->rpm_len) - 3; 2029 if (n % 4) 2030 goto trunc; 2031 n /= 4; 2032 while (n-- > 0) { 2033 use = (const struct rr_pco_use *)cp; 2034 cp = (const char *)(use + 1); 2035 2036 ND_TCHECK_16(use->rpu_prefix); 2037 2038 if (ndo->ndo_vflag > 1) 2039 ND_PRINT("\n\t"); 2040 else 2041 ND_PRINT(" "); 2042 ND_PRINT("use("); /*)*/ 2043 if (GET_U_1(use->rpu_flags)) { 2044 #define F(x, y) (GET_U_1(use->rpu_flags) & (x) ? (y) : "") 2045 ND_PRINT("%s%s,", 2046 F(ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME, "V"), 2047 F(ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME, "P")); 2048 #undef F 2049 } 2050 if (ndo->ndo_vflag) { 2051 ND_PRINT("mask=0x%x,", 2052 GET_U_1(use->rpu_ramask)); 2053 ND_PRINT("raflags=0x%x,", 2054 GET_U_1(use->rpu_raflags)); 2055 if (GET_BE_U_4(use->rpu_vltime) == 0xffffffff) 2056 ND_PRINT("vltime=infty,"); 2057 else 2058 ND_PRINT("vltime=%u,", 2059 GET_BE_U_4(use->rpu_vltime)); 2060 if (GET_BE_U_4(use->rpu_pltime) == 0xffffffff) 2061 ND_PRINT("pltime=infty,"); 2062 else 2063 ND_PRINT("pltime=%u,", 2064 GET_BE_U_4(use->rpu_pltime)); 2065 } 2066 if (addrtostr6(use->rpu_prefix, hbuf, sizeof(hbuf))) 2067 ND_PRINT("%s/%u/%u", hbuf, 2068 GET_U_1(use->rpu_uselen), 2069 GET_U_1(use->rpu_keeplen)); 2070 else 2071 ND_PRINT("?/%u/%u", GET_U_1(use->rpu_uselen), 2072 GET_U_1(use->rpu_keeplen)); 2073 /*(*/ 2074 ND_PRINT(")"); 2075 } 2076 } 2077 2078 return; 2079 2080 trunc: 2081 nd_print_trunc(ndo); 2082 } 2083