1 /* 2 * Copyright (c) 1992, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * Original code by Matt Thomas, Digital Equipment Corporation 22 * 23 * Extensively modified by Hannes Gredler (hannes@juniper.net) for more 24 * complete IS-IS & CLNP support. 25 * 26 * $FreeBSD$ 27 */ 28 29 #define NETDISSECT_REWORKED 30 #ifdef HAVE_CONFIG_H 31 #include "config.h" 32 #endif 33 34 #include <tcpdump-stdinc.h> 35 36 #include <string.h> 37 38 #include "interface.h" 39 #include "addrtoname.h" 40 #include "ether.h" 41 #include "nlpid.h" 42 #include "extract.h" 43 #include "gmpls.h" 44 #include "oui.h" 45 #include "signature.h" 46 47 /* 48 * IS-IS is defined in ISO 10589. Look there for protocol definitions. 49 */ 50 51 #define SYSTEM_ID_LEN ETHER_ADDR_LEN 52 #define NODE_ID_LEN SYSTEM_ID_LEN+1 53 #define LSP_ID_LEN SYSTEM_ID_LEN+2 54 55 #define ISIS_VERSION 1 56 #define ESIS_VERSION 1 57 #define CLNP_VERSION 1 58 59 #define ISIS_PDU_TYPE_MASK 0x1F 60 #define ESIS_PDU_TYPE_MASK 0x1F 61 #define CLNP_PDU_TYPE_MASK 0x1F 62 #define CLNP_FLAG_MASK 0xE0 63 #define ISIS_LAN_PRIORITY_MASK 0x7F 64 65 #define ISIS_PDU_L1_LAN_IIH 15 66 #define ISIS_PDU_L2_LAN_IIH 16 67 #define ISIS_PDU_PTP_IIH 17 68 #define ISIS_PDU_L1_LSP 18 69 #define ISIS_PDU_L2_LSP 20 70 #define ISIS_PDU_L1_CSNP 24 71 #define ISIS_PDU_L2_CSNP 25 72 #define ISIS_PDU_L1_PSNP 26 73 #define ISIS_PDU_L2_PSNP 27 74 75 static const struct tok isis_pdu_values[] = { 76 { ISIS_PDU_L1_LAN_IIH, "L1 Lan IIH"}, 77 { ISIS_PDU_L2_LAN_IIH, "L2 Lan IIH"}, 78 { ISIS_PDU_PTP_IIH, "p2p IIH"}, 79 { ISIS_PDU_L1_LSP, "L1 LSP"}, 80 { ISIS_PDU_L2_LSP, "L2 LSP"}, 81 { ISIS_PDU_L1_CSNP, "L1 CSNP"}, 82 { ISIS_PDU_L2_CSNP, "L2 CSNP"}, 83 { ISIS_PDU_L1_PSNP, "L1 PSNP"}, 84 { ISIS_PDU_L2_PSNP, "L2 PSNP"}, 85 { 0, NULL} 86 }; 87 88 /* 89 * A TLV is a tuple of a type, length and a value and is normally used for 90 * encoding information in all sorts of places. This is an enumeration of 91 * the well known types. 92 * 93 * list taken from rfc3359 plus some memory from veterans ;-) 94 */ 95 96 #define ISIS_TLV_AREA_ADDR 1 /* iso10589 */ 97 #define ISIS_TLV_IS_REACH 2 /* iso10589 */ 98 #define ISIS_TLV_ESNEIGH 3 /* iso10589 */ 99 #define ISIS_TLV_PART_DIS 4 /* iso10589 */ 100 #define ISIS_TLV_PREFIX_NEIGH 5 /* iso10589 */ 101 #define ISIS_TLV_ISNEIGH 6 /* iso10589 */ 102 #define ISIS_TLV_ISNEIGH_VARLEN 7 /* iso10589 */ 103 #define ISIS_TLV_PADDING 8 /* iso10589 */ 104 #define ISIS_TLV_LSP 9 /* iso10589 */ 105 #define ISIS_TLV_AUTH 10 /* iso10589, rfc3567 */ 106 #define ISIS_TLV_CHECKSUM 12 /* rfc3358 */ 107 #define ISIS_TLV_CHECKSUM_MINLEN 2 108 #define ISIS_TLV_LSP_BUFFERSIZE 14 /* iso10589 rev2 */ 109 #define ISIS_TLV_LSP_BUFFERSIZE_MINLEN 2 110 #define ISIS_TLV_EXT_IS_REACH 22 /* draft-ietf-isis-traffic-05 */ 111 #define ISIS_TLV_IS_ALIAS_ID 24 /* draft-ietf-isis-ext-lsp-frags-02 */ 112 #define ISIS_TLV_DECNET_PHASE4 42 113 #define ISIS_TLV_LUCENT_PRIVATE 66 114 #define ISIS_TLV_INT_IP_REACH 128 /* rfc1195, rfc2966 */ 115 #define ISIS_TLV_PROTOCOLS 129 /* rfc1195 */ 116 #define ISIS_TLV_EXT_IP_REACH 130 /* rfc1195, rfc2966 */ 117 #define ISIS_TLV_IDRP_INFO 131 /* rfc1195 */ 118 #define ISIS_TLV_IDRP_INFO_MINLEN 1 119 #define ISIS_TLV_IPADDR 132 /* rfc1195 */ 120 #define ISIS_TLV_IPAUTH 133 /* rfc1195 */ 121 #define ISIS_TLV_TE_ROUTER_ID 134 /* draft-ietf-isis-traffic-05 */ 122 #define ISIS_TLV_EXTD_IP_REACH 135 /* draft-ietf-isis-traffic-05 */ 123 #define ISIS_TLV_HOSTNAME 137 /* rfc2763 */ 124 #define ISIS_TLV_SHARED_RISK_GROUP 138 /* draft-ietf-isis-gmpls-extensions */ 125 #define ISIS_TLV_MT_PORT_CAP 143 /* rfc6165 */ 126 #define ISIS_TLV_MT_CAPABILITY 144 /* rfc6329 */ 127 #define ISIS_TLV_NORTEL_PRIVATE1 176 128 #define ISIS_TLV_NORTEL_PRIVATE2 177 129 #define ISIS_TLV_RESTART_SIGNALING 211 /* rfc3847 */ 130 #define ISIS_TLV_RESTART_SIGNALING_FLAGLEN 1 131 #define ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN 2 132 #define ISIS_TLV_MT_IS_REACH 222 /* draft-ietf-isis-wg-multi-topology-05 */ 133 #define ISIS_TLV_MT_SUPPORTED 229 /* draft-ietf-isis-wg-multi-topology-05 */ 134 #define ISIS_TLV_MT_SUPPORTED_MINLEN 2 135 #define ISIS_TLV_IP6ADDR 232 /* draft-ietf-isis-ipv6-02 */ 136 #define ISIS_TLV_MT_IP_REACH 235 /* draft-ietf-isis-wg-multi-topology-05 */ 137 #define ISIS_TLV_IP6_REACH 236 /* draft-ietf-isis-ipv6-02 */ 138 #define ISIS_TLV_MT_IP6_REACH 237 /* draft-ietf-isis-wg-multi-topology-05 */ 139 #define ISIS_TLV_PTP_ADJ 240 /* rfc3373 */ 140 #define ISIS_TLV_IIH_SEQNR 241 /* draft-shen-isis-iih-sequence-00 */ 141 #define ISIS_TLV_IIH_SEQNR_MINLEN 4 142 #define ISIS_TLV_VENDOR_PRIVATE 250 /* draft-ietf-isis-experimental-tlv-01 */ 143 #define ISIS_TLV_VENDOR_PRIVATE_MINLEN 3 144 145 static const struct tok isis_tlv_values[] = { 146 { ISIS_TLV_AREA_ADDR, "Area address(es)"}, 147 { ISIS_TLV_IS_REACH, "IS Reachability"}, 148 { ISIS_TLV_ESNEIGH, "ES Neighbor(s)"}, 149 { ISIS_TLV_PART_DIS, "Partition DIS"}, 150 { ISIS_TLV_PREFIX_NEIGH, "Prefix Neighbors"}, 151 { ISIS_TLV_ISNEIGH, "IS Neighbor(s)"}, 152 { ISIS_TLV_ISNEIGH_VARLEN, "IS Neighbor(s) (variable length)"}, 153 { ISIS_TLV_PADDING, "Padding"}, 154 { ISIS_TLV_LSP, "LSP entries"}, 155 { ISIS_TLV_AUTH, "Authentication"}, 156 { ISIS_TLV_CHECKSUM, "Checksum"}, 157 { ISIS_TLV_LSP_BUFFERSIZE, "LSP Buffersize"}, 158 { ISIS_TLV_EXT_IS_REACH, "Extended IS Reachability"}, 159 { ISIS_TLV_IS_ALIAS_ID, "IS Alias ID"}, 160 { ISIS_TLV_DECNET_PHASE4, "DECnet Phase IV"}, 161 { ISIS_TLV_LUCENT_PRIVATE, "Lucent Proprietary"}, 162 { ISIS_TLV_INT_IP_REACH, "IPv4 Internal Reachability"}, 163 { ISIS_TLV_PROTOCOLS, "Protocols supported"}, 164 { ISIS_TLV_EXT_IP_REACH, "IPv4 External Reachability"}, 165 { ISIS_TLV_IDRP_INFO, "Inter-Domain Information Type"}, 166 { ISIS_TLV_IPADDR, "IPv4 Interface address(es)"}, 167 { ISIS_TLV_IPAUTH, "IPv4 authentication (deprecated)"}, 168 { ISIS_TLV_TE_ROUTER_ID, "Traffic Engineering Router ID"}, 169 { ISIS_TLV_EXTD_IP_REACH, "Extended IPv4 Reachability"}, 170 { ISIS_TLV_SHARED_RISK_GROUP, "Shared Risk Link Group"}, 171 { ISIS_TLV_MT_PORT_CAP, "Multi-Topology-Aware Port Capability"}, 172 { ISIS_TLV_MT_CAPABILITY, "Multi-Topology Capability"}, 173 { ISIS_TLV_NORTEL_PRIVATE1, "Nortel Proprietary"}, 174 { ISIS_TLV_NORTEL_PRIVATE2, "Nortel Proprietary"}, 175 { ISIS_TLV_HOSTNAME, "Hostname"}, 176 { ISIS_TLV_RESTART_SIGNALING, "Restart Signaling"}, 177 { ISIS_TLV_MT_IS_REACH, "Multi Topology IS Reachability"}, 178 { ISIS_TLV_MT_SUPPORTED, "Multi Topology"}, 179 { ISIS_TLV_IP6ADDR, "IPv6 Interface address(es)"}, 180 { ISIS_TLV_MT_IP_REACH, "Multi-Topology IPv4 Reachability"}, 181 { ISIS_TLV_IP6_REACH, "IPv6 reachability"}, 182 { ISIS_TLV_MT_IP6_REACH, "Multi-Topology IP6 Reachability"}, 183 { ISIS_TLV_PTP_ADJ, "Point-to-point Adjacency State"}, 184 { ISIS_TLV_IIH_SEQNR, "Hello PDU Sequence Number"}, 185 { ISIS_TLV_VENDOR_PRIVATE, "Vendor Private"}, 186 { 0, NULL } 187 }; 188 189 #define ESIS_OPTION_PROTOCOLS 129 190 #define ESIS_OPTION_QOS_MAINTENANCE 195 /* iso9542 */ 191 #define ESIS_OPTION_SECURITY 197 /* iso9542 */ 192 #define ESIS_OPTION_ES_CONF_TIME 198 /* iso9542 */ 193 #define ESIS_OPTION_PRIORITY 205 /* iso9542 */ 194 #define ESIS_OPTION_ADDRESS_MASK 225 /* iso9542 */ 195 #define ESIS_OPTION_SNPA_MASK 226 /* iso9542 */ 196 197 static const struct tok esis_option_values[] = { 198 { ESIS_OPTION_PROTOCOLS, "Protocols supported"}, 199 { ESIS_OPTION_QOS_MAINTENANCE, "QoS Maintenance" }, 200 { ESIS_OPTION_SECURITY, "Security" }, 201 { ESIS_OPTION_ES_CONF_TIME, "ES Configuration Time" }, 202 { ESIS_OPTION_PRIORITY, "Priority" }, 203 { ESIS_OPTION_ADDRESS_MASK, "Addressk Mask" }, 204 { ESIS_OPTION_SNPA_MASK, "SNPA Mask" }, 205 { 0, NULL } 206 }; 207 208 #define CLNP_OPTION_DISCARD_REASON 193 209 #define CLNP_OPTION_QOS_MAINTENANCE 195 /* iso8473 */ 210 #define CLNP_OPTION_SECURITY 197 /* iso8473 */ 211 #define CLNP_OPTION_SOURCE_ROUTING 200 /* iso8473 */ 212 #define CLNP_OPTION_ROUTE_RECORDING 203 /* iso8473 */ 213 #define CLNP_OPTION_PADDING 204 /* iso8473 */ 214 #define CLNP_OPTION_PRIORITY 205 /* iso8473 */ 215 216 static const struct tok clnp_option_values[] = { 217 { CLNP_OPTION_DISCARD_REASON, "Discard Reason"}, 218 { CLNP_OPTION_PRIORITY, "Priority"}, 219 { CLNP_OPTION_QOS_MAINTENANCE, "QoS Maintenance"}, 220 { CLNP_OPTION_SECURITY, "Security"}, 221 { CLNP_OPTION_SOURCE_ROUTING, "Source Routing"}, 222 { CLNP_OPTION_ROUTE_RECORDING, "Route Recording"}, 223 { CLNP_OPTION_PADDING, "Padding"}, 224 { 0, NULL } 225 }; 226 227 static const struct tok clnp_option_rfd_class_values[] = { 228 { 0x0, "General"}, 229 { 0x8, "Address"}, 230 { 0x9, "Source Routeing"}, 231 { 0xa, "Lifetime"}, 232 { 0xb, "PDU Discarded"}, 233 { 0xc, "Reassembly"}, 234 { 0, NULL } 235 }; 236 237 static const struct tok clnp_option_rfd_general_values[] = { 238 { 0x0, "Reason not specified"}, 239 { 0x1, "Protocol procedure error"}, 240 { 0x2, "Incorrect checksum"}, 241 { 0x3, "PDU discarded due to congestion"}, 242 { 0x4, "Header syntax error (cannot be parsed)"}, 243 { 0x5, "Segmentation needed but not permitted"}, 244 { 0x6, "Incomplete PDU received"}, 245 { 0x7, "Duplicate option"}, 246 { 0, NULL } 247 }; 248 249 static const struct tok clnp_option_rfd_address_values[] = { 250 { 0x0, "Destination address unreachable"}, 251 { 0x1, "Destination address unknown"}, 252 { 0, NULL } 253 }; 254 255 static const struct tok clnp_option_rfd_source_routeing_values[] = { 256 { 0x0, "Unspecified source routeing error"}, 257 { 0x1, "Syntax error in source routeing field"}, 258 { 0x2, "Unknown address in source routeing field"}, 259 { 0x3, "Path not acceptable"}, 260 { 0, NULL } 261 }; 262 263 static const struct tok clnp_option_rfd_lifetime_values[] = { 264 { 0x0, "Lifetime expired while data unit in transit"}, 265 { 0x1, "Lifetime expired during reassembly"}, 266 { 0, NULL } 267 }; 268 269 static const struct tok clnp_option_rfd_pdu_discard_values[] = { 270 { 0x0, "Unsupported option not specified"}, 271 { 0x1, "Unsupported protocol version"}, 272 { 0x2, "Unsupported security option"}, 273 { 0x3, "Unsupported source routeing option"}, 274 { 0x4, "Unsupported recording of route option"}, 275 { 0, NULL } 276 }; 277 278 static const struct tok clnp_option_rfd_reassembly_values[] = { 279 { 0x0, "Reassembly interference"}, 280 { 0, NULL } 281 }; 282 283 /* array of 16 error-classes */ 284 static const struct tok *clnp_option_rfd_error_class[] = { 285 clnp_option_rfd_general_values, 286 NULL, 287 NULL, 288 NULL, 289 NULL, 290 NULL, 291 NULL, 292 NULL, 293 clnp_option_rfd_address_values, 294 clnp_option_rfd_source_routeing_values, 295 clnp_option_rfd_lifetime_values, 296 clnp_option_rfd_pdu_discard_values, 297 clnp_option_rfd_reassembly_values, 298 NULL, 299 NULL, 300 NULL 301 }; 302 303 #define CLNP_OPTION_OPTION_QOS_MASK 0x3f 304 #define CLNP_OPTION_SCOPE_MASK 0xc0 305 #define CLNP_OPTION_SCOPE_SA_SPEC 0x40 306 #define CLNP_OPTION_SCOPE_DA_SPEC 0x80 307 #define CLNP_OPTION_SCOPE_GLOBAL 0xc0 308 309 static const struct tok clnp_option_scope_values[] = { 310 { CLNP_OPTION_SCOPE_SA_SPEC, "Source Address Specific"}, 311 { CLNP_OPTION_SCOPE_DA_SPEC, "Destination Address Specific"}, 312 { CLNP_OPTION_SCOPE_GLOBAL, "Globally unique"}, 313 { 0, NULL } 314 }; 315 316 static const struct tok clnp_option_sr_rr_values[] = { 317 { 0x0, "partial"}, 318 { 0x1, "complete"}, 319 { 0, NULL } 320 }; 321 322 static const struct tok clnp_option_sr_rr_string_values[] = { 323 { CLNP_OPTION_SOURCE_ROUTING, "source routing"}, 324 { CLNP_OPTION_ROUTE_RECORDING, "recording of route in progress"}, 325 { 0, NULL } 326 }; 327 328 static const struct tok clnp_option_qos_global_values[] = { 329 { 0x20, "reserved"}, 330 { 0x10, "sequencing vs. delay"}, 331 { 0x08, "congested"}, 332 { 0x04, "delay vs. cost"}, 333 { 0x02, "error vs. delay"}, 334 { 0x01, "error vs. cost"}, 335 { 0, NULL } 336 }; 337 338 #define ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP 3 /* draft-ietf-isis-traffic-05 */ 339 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID 4 /* rfc4205 */ 340 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID 5 /* draft-ietf-isis-traffic-05 */ 341 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR 6 /* draft-ietf-isis-traffic-05 */ 342 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR 8 /* draft-ietf-isis-traffic-05 */ 343 #define ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW 9 /* draft-ietf-isis-traffic-05 */ 344 #define ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW 10 /* draft-ietf-isis-traffic-05 */ 345 #define ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW 11 /* rfc4124 */ 346 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD 12 /* draft-ietf-tewg-diff-te-proto-06 */ 347 #define ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC 18 /* draft-ietf-isis-traffic-05 */ 348 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE 19 /* draft-ietf-isis-link-attr-01 */ 349 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE 20 /* rfc4205 */ 350 #define ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR 21 /* rfc4205 */ 351 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS 22 /* rfc4124 */ 352 353 #define ISIS_SUBTLV_SPB_METRIC 29 /* rfc6329 */ 354 355 static const struct tok isis_ext_is_reach_subtlv_values[] = { 356 { ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP, "Administrative groups" }, 357 { ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID, "Link Local/Remote Identifier" }, 358 { ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID, "Link Remote Identifier" }, 359 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR, "IPv4 interface address" }, 360 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR, "IPv4 neighbor address" }, 361 { ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW, "Maximum link bandwidth" }, 362 { ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW, "Reservable link bandwidth" }, 363 { ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW, "Unreserved bandwidth" }, 364 { ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC, "Traffic Engineering Metric" }, 365 { ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE, "Link Attribute" }, 366 { ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE, "Link Protection Type" }, 367 { ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR, "Interface Switching Capability" }, 368 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD, "Bandwidth Constraints (old)" }, 369 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS, "Bandwidth Constraints" }, 370 { ISIS_SUBTLV_SPB_METRIC, "SPB Metric" }, 371 { 250, "Reserved for cisco specific extensions" }, 372 { 251, "Reserved for cisco specific extensions" }, 373 { 252, "Reserved for cisco specific extensions" }, 374 { 253, "Reserved for cisco specific extensions" }, 375 { 254, "Reserved for cisco specific extensions" }, 376 { 255, "Reserved for future expansion" }, 377 { 0, NULL } 378 }; 379 380 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32 1 /* draft-ietf-isis-admin-tags-01 */ 381 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64 2 /* draft-ietf-isis-admin-tags-01 */ 382 #define ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR 117 /* draft-ietf-isis-wg-multi-topology-05 */ 383 384 static const struct tok isis_ext_ip_reach_subtlv_values[] = { 385 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32, "32-Bit Administrative tag" }, 386 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64, "64-Bit Administrative tag" }, 387 { ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR, "Management Prefix Color" }, 388 { 0, NULL } 389 }; 390 391 static const struct tok isis_subtlv_link_attribute_values[] = { 392 { 0x01, "Local Protection Available" }, 393 { 0x02, "Link excluded from local protection path" }, 394 { 0x04, "Local maintenance required"}, 395 { 0, NULL } 396 }; 397 398 #define ISIS_SUBTLV_AUTH_SIMPLE 1 399 #define ISIS_SUBTLV_AUTH_GENERIC 3 /* rfc 5310 */ 400 #define ISIS_SUBTLV_AUTH_MD5 54 401 #define ISIS_SUBTLV_AUTH_MD5_LEN 16 402 #define ISIS_SUBTLV_AUTH_PRIVATE 255 403 404 static const struct tok isis_subtlv_auth_values[] = { 405 { ISIS_SUBTLV_AUTH_SIMPLE, "simple text password"}, 406 { ISIS_SUBTLV_AUTH_GENERIC, "Generic Crypto key-id"}, 407 { ISIS_SUBTLV_AUTH_MD5, "HMAC-MD5 password"}, 408 { ISIS_SUBTLV_AUTH_PRIVATE, "Routing Domain private password"}, 409 { 0, NULL } 410 }; 411 412 #define ISIS_SUBTLV_IDRP_RES 0 413 #define ISIS_SUBTLV_IDRP_LOCAL 1 414 #define ISIS_SUBTLV_IDRP_ASN 2 415 416 static const struct tok isis_subtlv_idrp_values[] = { 417 { ISIS_SUBTLV_IDRP_RES, "Reserved"}, 418 { ISIS_SUBTLV_IDRP_LOCAL, "Routing-Domain Specific"}, 419 { ISIS_SUBTLV_IDRP_ASN, "AS Number Tag"}, 420 { 0, NULL} 421 }; 422 423 #define ISIS_SUBTLV_SPB_MCID 4 424 #define ISIS_SUBTLV_SPB_DIGEST 5 425 #define ISIS_SUBTLV_SPB_BVID 6 426 427 #define ISIS_SUBTLV_SPB_INSTANCE 1 428 #define ISIS_SUBTLV_SPBM_SI 3 429 430 #define ISIS_SPB_MCID_LEN 51 431 #define ISIS_SUBTLV_SPB_MCID_MIN_LEN 102 432 #define ISIS_SUBTLV_SPB_DIGEST_MIN_LEN 33 433 #define ISIS_SUBTLV_SPB_BVID_MIN_LEN 6 434 #define ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN 19 435 #define ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN 8 436 437 static const struct tok isis_mt_port_cap_subtlv_values[] = { 438 { ISIS_SUBTLV_SPB_MCID, "SPB MCID" }, 439 { ISIS_SUBTLV_SPB_DIGEST, "SPB Digest" }, 440 { ISIS_SUBTLV_SPB_BVID, "SPB BVID" }, 441 { 0, NULL } 442 }; 443 444 static const struct tok isis_mt_capability_subtlv_values[] = { 445 { ISIS_SUBTLV_SPB_INSTANCE, "SPB Instance" }, 446 { ISIS_SUBTLV_SPBM_SI, "SPBM Service Identifier and Unicast Address" }, 447 { 0, NULL } 448 }; 449 450 struct isis_spb_mcid { 451 uint8_t format_id; 452 uint8_t name[32]; 453 uint8_t revision_lvl[2]; 454 uint8_t digest[16]; 455 }; 456 457 struct isis_subtlv_spb_mcid { 458 struct isis_spb_mcid mcid; 459 struct isis_spb_mcid aux_mcid; 460 }; 461 462 struct isis_subtlv_spb_instance { 463 uint8_t cist_root_id[8]; 464 uint8_t cist_external_root_path_cost[4]; 465 uint8_t bridge_priority[2]; 466 uint8_t spsourceid[4]; 467 uint8_t no_of_trees; 468 }; 469 470 #define CLNP_SEGMENT_PART 0x80 471 #define CLNP_MORE_SEGMENTS 0x40 472 #define CLNP_REQUEST_ER 0x20 473 474 static const struct tok clnp_flag_values[] = { 475 { CLNP_SEGMENT_PART, "Segmentation permitted"}, 476 { CLNP_MORE_SEGMENTS, "more Segments"}, 477 { CLNP_REQUEST_ER, "request Error Report"}, 478 { 0, NULL} 479 }; 480 481 #define ISIS_MASK_LSP_OL_BIT(x) ((x)&0x4) 482 #define ISIS_MASK_LSP_ISTYPE_BITS(x) ((x)&0x3) 483 #define ISIS_MASK_LSP_PARTITION_BIT(x) ((x)&0x80) 484 #define ISIS_MASK_LSP_ATT_BITS(x) ((x)&0x78) 485 #define ISIS_MASK_LSP_ATT_ERROR_BIT(x) ((x)&0x40) 486 #define ISIS_MASK_LSP_ATT_EXPENSE_BIT(x) ((x)&0x20) 487 #define ISIS_MASK_LSP_ATT_DELAY_BIT(x) ((x)&0x10) 488 #define ISIS_MASK_LSP_ATT_DEFAULT_BIT(x) ((x)&0x8) 489 490 #define ISIS_MASK_MTID(x) ((x)&0x0fff) 491 #define ISIS_MASK_MTFLAGS(x) ((x)&0xf000) 492 493 static const struct tok isis_mt_flag_values[] = { 494 { 0x4000, "ATT bit set"}, 495 { 0x8000, "Overload bit set"}, 496 { 0, NULL} 497 }; 498 499 #define ISIS_MASK_TLV_EXTD_IP_UPDOWN(x) ((x)&0x80) 500 #define ISIS_MASK_TLV_EXTD_IP_SUBTLV(x) ((x)&0x40) 501 502 #define ISIS_MASK_TLV_EXTD_IP6_IE(x) ((x)&0x40) 503 #define ISIS_MASK_TLV_EXTD_IP6_SUBTLV(x) ((x)&0x20) 504 505 #define ISIS_LSP_TLV_METRIC_SUPPORTED(x) ((x)&0x80) 506 #define ISIS_LSP_TLV_METRIC_IE(x) ((x)&0x40) 507 #define ISIS_LSP_TLV_METRIC_UPDOWN(x) ((x)&0x80) 508 #define ISIS_LSP_TLV_METRIC_VALUE(x) ((x)&0x3f) 509 510 #define ISIS_MASK_TLV_SHARED_RISK_GROUP(x) ((x)&0x1) 511 512 static const struct tok isis_mt_values[] = { 513 { 0, "IPv4 unicast"}, 514 { 1, "In-Band Management"}, 515 { 2, "IPv6 unicast"}, 516 { 3, "Multicast"}, 517 { 4095, "Development, Experimental or Proprietary"}, 518 { 0, NULL } 519 }; 520 521 static const struct tok isis_iih_circuit_type_values[] = { 522 { 1, "Level 1 only"}, 523 { 2, "Level 2 only"}, 524 { 3, "Level 1, Level 2"}, 525 { 0, NULL} 526 }; 527 528 #define ISIS_LSP_TYPE_UNUSED0 0 529 #define ISIS_LSP_TYPE_LEVEL_1 1 530 #define ISIS_LSP_TYPE_UNUSED2 2 531 #define ISIS_LSP_TYPE_LEVEL_2 3 532 533 static const struct tok isis_lsp_istype_values[] = { 534 { ISIS_LSP_TYPE_UNUSED0, "Unused 0x0 (invalid)"}, 535 { ISIS_LSP_TYPE_LEVEL_1, "L1 IS"}, 536 { ISIS_LSP_TYPE_UNUSED2, "Unused 0x2 (invalid)"}, 537 { ISIS_LSP_TYPE_LEVEL_2, "L2 IS"}, 538 { 0, NULL } 539 }; 540 541 /* 542 * Katz's point to point adjacency TLV uses codes to tell us the state of 543 * the remote adjacency. Enumerate them. 544 */ 545 546 #define ISIS_PTP_ADJ_UP 0 547 #define ISIS_PTP_ADJ_INIT 1 548 #define ISIS_PTP_ADJ_DOWN 2 549 550 static const struct tok isis_ptp_adjancey_values[] = { 551 { ISIS_PTP_ADJ_UP, "Up" }, 552 { ISIS_PTP_ADJ_INIT, "Initializing" }, 553 { ISIS_PTP_ADJ_DOWN, "Down" }, 554 { 0, NULL} 555 }; 556 557 struct isis_tlv_ptp_adj { 558 uint8_t adjacency_state; 559 uint8_t extd_local_circuit_id[4]; 560 uint8_t neighbor_sysid[SYSTEM_ID_LEN]; 561 uint8_t neighbor_extd_local_circuit_id[4]; 562 }; 563 564 static void osi_print_cksum(netdissect_options *, const uint8_t *pptr, uint16_t checksum, 565 u_int checksum_offset, u_int length); 566 static int clnp_print(netdissect_options *, const uint8_t *, u_int); 567 static void esis_print(netdissect_options *, const uint8_t *, u_int); 568 static int isis_print(netdissect_options *, const uint8_t *, u_int); 569 570 struct isis_metric_block { 571 uint8_t metric_default; 572 uint8_t metric_delay; 573 uint8_t metric_expense; 574 uint8_t metric_error; 575 }; 576 577 struct isis_tlv_is_reach { 578 struct isis_metric_block isis_metric_block; 579 uint8_t neighbor_nodeid[NODE_ID_LEN]; 580 }; 581 582 struct isis_tlv_es_reach { 583 struct isis_metric_block isis_metric_block; 584 uint8_t neighbor_sysid[SYSTEM_ID_LEN]; 585 }; 586 587 struct isis_tlv_ip_reach { 588 struct isis_metric_block isis_metric_block; 589 uint8_t prefix[4]; 590 uint8_t mask[4]; 591 }; 592 593 static const struct tok isis_is_reach_virtual_values[] = { 594 { 0, "IsNotVirtual"}, 595 { 1, "IsVirtual"}, 596 { 0, NULL } 597 }; 598 599 static const struct tok isis_restart_flag_values[] = { 600 { 0x1, "Restart Request"}, 601 { 0x2, "Restart Acknowledgement"}, 602 { 0x4, "Suppress adjacency advertisement"}, 603 { 0, NULL } 604 }; 605 606 struct isis_common_header { 607 uint8_t nlpid; 608 uint8_t fixed_len; 609 uint8_t version; /* Protocol version */ 610 uint8_t id_length; 611 uint8_t pdu_type; /* 3 MSbits are reserved */ 612 uint8_t pdu_version; /* Packet format version */ 613 uint8_t reserved; 614 uint8_t max_area; 615 }; 616 617 struct isis_iih_lan_header { 618 uint8_t circuit_type; 619 uint8_t source_id[SYSTEM_ID_LEN]; 620 uint8_t holding_time[2]; 621 uint8_t pdu_len[2]; 622 uint8_t priority; 623 uint8_t lan_id[NODE_ID_LEN]; 624 }; 625 626 struct isis_iih_ptp_header { 627 uint8_t circuit_type; 628 uint8_t source_id[SYSTEM_ID_LEN]; 629 uint8_t holding_time[2]; 630 uint8_t pdu_len[2]; 631 uint8_t circuit_id; 632 }; 633 634 struct isis_lsp_header { 635 uint8_t pdu_len[2]; 636 uint8_t remaining_lifetime[2]; 637 uint8_t lsp_id[LSP_ID_LEN]; 638 uint8_t sequence_number[4]; 639 uint8_t checksum[2]; 640 uint8_t typeblock; 641 }; 642 643 struct isis_csnp_header { 644 uint8_t pdu_len[2]; 645 uint8_t source_id[NODE_ID_LEN]; 646 uint8_t start_lsp_id[LSP_ID_LEN]; 647 uint8_t end_lsp_id[LSP_ID_LEN]; 648 }; 649 650 struct isis_psnp_header { 651 uint8_t pdu_len[2]; 652 uint8_t source_id[NODE_ID_LEN]; 653 }; 654 655 struct isis_tlv_lsp { 656 uint8_t remaining_lifetime[2]; 657 uint8_t lsp_id[LSP_ID_LEN]; 658 uint8_t sequence_number[4]; 659 uint8_t checksum[2]; 660 }; 661 662 #define ISIS_COMMON_HEADER_SIZE (sizeof(struct isis_common_header)) 663 #define ISIS_IIH_LAN_HEADER_SIZE (sizeof(struct isis_iih_lan_header)) 664 #define ISIS_IIH_PTP_HEADER_SIZE (sizeof(struct isis_iih_ptp_header)) 665 #define ISIS_LSP_HEADER_SIZE (sizeof(struct isis_lsp_header)) 666 #define ISIS_CSNP_HEADER_SIZE (sizeof(struct isis_csnp_header)) 667 #define ISIS_PSNP_HEADER_SIZE (sizeof(struct isis_psnp_header)) 668 669 void isoclns_print(netdissect_options *ndo, 670 const uint8_t *p, u_int length, u_int caplen) 671 { 672 if (caplen <= 1) { /* enough bytes on the wire ? */ 673 ND_PRINT((ndo, "|OSI")); 674 return; 675 } 676 677 if (ndo->ndo_eflag) 678 ND_PRINT((ndo, "OSI NLPID %s (0x%02x): ", tok2str(nlpid_values, "Unknown", *p), *p)); 679 680 switch (*p) { 681 682 case NLPID_CLNP: 683 if (!clnp_print(ndo, p, length)) 684 print_unknown_data(ndo, p, "\n\t", caplen); 685 break; 686 687 case NLPID_ESIS: 688 esis_print(ndo, p, length); 689 return; 690 691 case NLPID_ISIS: 692 if (!isis_print(ndo, p, length)) 693 print_unknown_data(ndo, p, "\n\t", caplen); 694 break; 695 696 case NLPID_NULLNS: 697 ND_PRINT((ndo, "%slength: %u", ndo->ndo_eflag ? "" : ", ", length)); 698 break; 699 700 case NLPID_Q933: 701 q933_print(ndo, p + 1, length - 1); 702 break; 703 704 case NLPID_IP: 705 ip_print(ndo, p + 1, length - 1); 706 break; 707 708 case NLPID_IP6: 709 ip6_print(ndo, p + 1, length - 1); 710 break; 711 712 case NLPID_PPP: 713 ppp_print(ndo, p + 1, length - 1); 714 break; 715 716 default: 717 if (!ndo->ndo_eflag) 718 ND_PRINT((ndo, "OSI NLPID 0x%02x unknown", *p)); 719 ND_PRINT((ndo, "%slength: %u", ndo->ndo_eflag ? "" : ", ", length)); 720 if (caplen > 1) 721 print_unknown_data(ndo, p, "\n\t", caplen); 722 break; 723 } 724 } 725 726 #define CLNP_PDU_ER 1 727 #define CLNP_PDU_DT 28 728 #define CLNP_PDU_MD 29 729 #define CLNP_PDU_ERQ 30 730 #define CLNP_PDU_ERP 31 731 732 static const struct tok clnp_pdu_values[] = { 733 { CLNP_PDU_ER, "Error Report"}, 734 { CLNP_PDU_MD, "MD"}, 735 { CLNP_PDU_DT, "Data"}, 736 { CLNP_PDU_ERQ, "Echo Request"}, 737 { CLNP_PDU_ERP, "Echo Response"}, 738 { 0, NULL } 739 }; 740 741 struct clnp_header_t { 742 uint8_t nlpid; 743 uint8_t length_indicator; 744 uint8_t version; 745 uint8_t lifetime; /* units of 500ms */ 746 uint8_t type; 747 uint8_t segment_length[2]; 748 uint8_t cksum[2]; 749 }; 750 751 struct clnp_segment_header_t { 752 uint8_t data_unit_id[2]; 753 uint8_t segment_offset[2]; 754 uint8_t total_length[2]; 755 }; 756 757 /* 758 * clnp_print 759 * Decode CLNP packets. Return 0 on error. 760 */ 761 762 static int 763 clnp_print(netdissect_options *ndo, 764 const uint8_t *pptr, u_int length) 765 { 766 const uint8_t *optr,*source_address,*dest_address; 767 u_int li,tlen,nsap_offset,source_address_length,dest_address_length, clnp_pdu_type, clnp_flags; 768 const struct clnp_header_t *clnp_header; 769 const struct clnp_segment_header_t *clnp_segment_header; 770 uint8_t rfd_error_major,rfd_error_minor; 771 772 clnp_header = (const struct clnp_header_t *) pptr; 773 ND_TCHECK(*clnp_header); 774 775 li = clnp_header->length_indicator; 776 optr = pptr; 777 778 if (!ndo->ndo_eflag) 779 ND_PRINT((ndo, "CLNP")); 780 781 /* 782 * Sanity checking of the header. 783 */ 784 785 if (clnp_header->version != CLNP_VERSION) { 786 ND_PRINT((ndo, "version %d packet not supported", clnp_header->version)); 787 return (0); 788 } 789 790 /* FIXME further header sanity checking */ 791 792 clnp_pdu_type = clnp_header->type & CLNP_PDU_TYPE_MASK; 793 clnp_flags = clnp_header->type & CLNP_FLAG_MASK; 794 795 pptr += sizeof(struct clnp_header_t); 796 li -= sizeof(struct clnp_header_t); 797 dest_address_length = *pptr; 798 dest_address = pptr + 1; 799 800 pptr += (1 + dest_address_length); 801 li -= (1 + dest_address_length); 802 source_address_length = *pptr; 803 source_address = pptr +1; 804 805 pptr += (1 + source_address_length); 806 li -= (1 + source_address_length); 807 808 if (ndo->ndo_vflag < 1) { 809 ND_PRINT((ndo, "%s%s > %s, %s, length %u", 810 ndo->ndo_eflag ? "" : ", ", 811 isonsap_string(source_address, source_address_length), 812 isonsap_string(dest_address, dest_address_length), 813 tok2str(clnp_pdu_values,"unknown (%u)",clnp_pdu_type), 814 length)); 815 return (1); 816 } 817 ND_PRINT((ndo, "%slength %u", ndo->ndo_eflag ? "" : ", ", length)); 818 819 ND_PRINT((ndo, "\n\t%s PDU, hlen: %u, v: %u, lifetime: %u.%us, Segment PDU length: %u, checksum: 0x%04x", 820 tok2str(clnp_pdu_values, "unknown (%u)",clnp_pdu_type), 821 clnp_header->length_indicator, 822 clnp_header->version, 823 clnp_header->lifetime/2, 824 (clnp_header->lifetime%2)*5, 825 EXTRACT_16BITS(clnp_header->segment_length), 826 EXTRACT_16BITS(clnp_header->cksum))); 827 828 osi_print_cksum(ndo, optr, EXTRACT_16BITS(clnp_header->cksum), 7, 829 clnp_header->length_indicator); 830 831 ND_PRINT((ndo, "\n\tFlags [%s]", 832 bittok2str(clnp_flag_values, "none", clnp_flags))); 833 834 ND_PRINT((ndo, "\n\tsource address (length %u): %s\n\tdest address (length %u): %s", 835 source_address_length, 836 isonsap_string(source_address, source_address_length), 837 dest_address_length, 838 isonsap_string(dest_address, dest_address_length))); 839 840 if (clnp_flags & CLNP_SEGMENT_PART) { 841 clnp_segment_header = (const struct clnp_segment_header_t *) pptr; 842 ND_TCHECK(*clnp_segment_header); 843 ND_PRINT((ndo, "\n\tData Unit ID: 0x%04x, Segment Offset: %u, Total PDU Length: %u", 844 EXTRACT_16BITS(clnp_segment_header->data_unit_id), 845 EXTRACT_16BITS(clnp_segment_header->segment_offset), 846 EXTRACT_16BITS(clnp_segment_header->total_length))); 847 pptr+=sizeof(const struct clnp_segment_header_t); 848 li-=sizeof(const struct clnp_segment_header_t); 849 } 850 851 /* now walk the options */ 852 while (li >= 2) { 853 u_int op, opli; 854 const uint8_t *tptr; 855 856 ND_TCHECK2(*pptr, 2); 857 if (li < 2) { 858 ND_PRINT((ndo, ", bad opts/li")); 859 return (0); 860 } 861 op = *pptr++; 862 opli = *pptr++; 863 li -= 2; 864 ND_TCHECK2(*pptr, opli); 865 if (opli > li) { 866 ND_PRINT((ndo, ", opt (%d) too long", op)); 867 return (0); 868 } 869 li -= opli; 870 tptr = pptr; 871 tlen = opli; 872 873 ND_PRINT((ndo, "\n\t %s Option #%u, length %u, value: ", 874 tok2str(clnp_option_values,"Unknown",op), 875 op, 876 opli)); 877 878 switch (op) { 879 880 881 case CLNP_OPTION_ROUTE_RECORDING: /* those two options share the format */ 882 case CLNP_OPTION_SOURCE_ROUTING: 883 ND_PRINT((ndo, "%s %s", 884 tok2str(clnp_option_sr_rr_values,"Unknown",*tptr), 885 tok2str(clnp_option_sr_rr_string_values, "Unknown Option %u", op))); 886 nsap_offset=*(tptr+1); 887 if (nsap_offset == 0) { 888 ND_PRINT((ndo, " Bad NSAP offset (0)")); 889 break; 890 } 891 nsap_offset-=1; /* offset to nsap list */ 892 if (nsap_offset > tlen) { 893 ND_PRINT((ndo, " Bad NSAP offset (past end of option)")); 894 break; 895 } 896 tptr+=nsap_offset; 897 tlen-=nsap_offset; 898 while (tlen > 0) { 899 source_address_length=*tptr; 900 if (tlen < source_address_length+1) { 901 ND_PRINT((ndo, "\n\t NSAP address goes past end of option")); 902 break; 903 } 904 if (source_address_length > 0) { 905 source_address=(tptr+1); 906 ND_TCHECK2(*source_address, source_address_length); 907 ND_PRINT((ndo, "\n\t NSAP address (length %u): %s", 908 source_address_length, 909 isonsap_string(source_address, source_address_length))); 910 } 911 tlen-=source_address_length+1; 912 } 913 break; 914 915 case CLNP_OPTION_PRIORITY: 916 ND_PRINT((ndo, "0x%1x", *tptr&0x0f)); 917 break; 918 919 case CLNP_OPTION_QOS_MAINTENANCE: 920 ND_PRINT((ndo, "\n\t Format Code: %s", 921 tok2str(clnp_option_scope_values, "Reserved", *tptr&CLNP_OPTION_SCOPE_MASK))); 922 923 if ((*tptr&CLNP_OPTION_SCOPE_MASK) == CLNP_OPTION_SCOPE_GLOBAL) 924 ND_PRINT((ndo, "\n\t QoS Flags [%s]", 925 bittok2str(clnp_option_qos_global_values, 926 "none", 927 *tptr&CLNP_OPTION_OPTION_QOS_MASK))); 928 break; 929 930 case CLNP_OPTION_SECURITY: 931 ND_PRINT((ndo, "\n\t Format Code: %s, Security-Level %u", 932 tok2str(clnp_option_scope_values,"Reserved",*tptr&CLNP_OPTION_SCOPE_MASK), 933 *(tptr+1))); 934 break; 935 936 case CLNP_OPTION_DISCARD_REASON: 937 rfd_error_major = (*tptr&0xf0) >> 4; 938 rfd_error_minor = *tptr&0x0f; 939 ND_PRINT((ndo, "\n\t Class: %s Error (0x%01x), %s (0x%01x)", 940 tok2str(clnp_option_rfd_class_values,"Unknown",rfd_error_major), 941 rfd_error_major, 942 tok2str(clnp_option_rfd_error_class[rfd_error_major],"Unknown",rfd_error_minor), 943 rfd_error_minor)); 944 break; 945 946 case CLNP_OPTION_PADDING: 947 ND_PRINT((ndo, "padding data")); 948 break; 949 950 /* 951 * FIXME those are the defined Options that lack a decoder 952 * you are welcome to contribute code ;-) 953 */ 954 955 default: 956 print_unknown_data(ndo, tptr, "\n\t ", opli); 957 break; 958 } 959 if (ndo->ndo_vflag > 1) 960 print_unknown_data(ndo, pptr, "\n\t ", opli); 961 pptr += opli; 962 } 963 964 switch (clnp_pdu_type) { 965 966 case CLNP_PDU_ER: /* fall through */ 967 case CLNP_PDU_ERP: 968 ND_TCHECK(*pptr); 969 if (*(pptr) == NLPID_CLNP) { 970 ND_PRINT((ndo, "\n\t-----original packet-----\n\t")); 971 /* FIXME recursion protection */ 972 clnp_print(ndo, pptr, length - clnp_header->length_indicator); 973 break; 974 } 975 976 case CLNP_PDU_DT: 977 case CLNP_PDU_MD: 978 case CLNP_PDU_ERQ: 979 980 default: 981 /* dump the PDU specific data */ 982 if (length-(pptr-optr) > 0) { 983 ND_PRINT((ndo, "\n\t undecoded non-header data, length %u", length-clnp_header->length_indicator)); 984 print_unknown_data(ndo, pptr, "\n\t ", length - (pptr - optr)); 985 } 986 } 987 988 return (1); 989 990 trunc: 991 ND_PRINT((ndo, "[|clnp]")); 992 return (1); 993 994 } 995 996 997 #define ESIS_PDU_REDIRECT 6 998 #define ESIS_PDU_ESH 2 999 #define ESIS_PDU_ISH 4 1000 1001 static const struct tok esis_pdu_values[] = { 1002 { ESIS_PDU_REDIRECT, "redirect"}, 1003 { ESIS_PDU_ESH, "ESH"}, 1004 { ESIS_PDU_ISH, "ISH"}, 1005 { 0, NULL } 1006 }; 1007 1008 struct esis_header_t { 1009 uint8_t nlpid; 1010 uint8_t length_indicator; 1011 uint8_t version; 1012 uint8_t reserved; 1013 uint8_t type; 1014 uint8_t holdtime[2]; 1015 uint8_t cksum[2]; 1016 }; 1017 1018 static void 1019 esis_print(netdissect_options *ndo, 1020 const uint8_t *pptr, u_int length) 1021 { 1022 const uint8_t *optr; 1023 u_int li,esis_pdu_type,source_address_length, source_address_number; 1024 const struct esis_header_t *esis_header; 1025 1026 if (!ndo->ndo_eflag) 1027 ND_PRINT((ndo, "ES-IS")); 1028 1029 if (length <= 2) { 1030 ND_PRINT((ndo, ndo->ndo_qflag ? "bad pkt!" : "no header at all!")); 1031 return; 1032 } 1033 1034 esis_header = (const struct esis_header_t *) pptr; 1035 ND_TCHECK(*esis_header); 1036 li = esis_header->length_indicator; 1037 optr = pptr; 1038 1039 /* 1040 * Sanity checking of the header. 1041 */ 1042 1043 if (esis_header->nlpid != NLPID_ESIS) { 1044 ND_PRINT((ndo, " nlpid 0x%02x packet not supported", esis_header->nlpid)); 1045 return; 1046 } 1047 1048 if (esis_header->version != ESIS_VERSION) { 1049 ND_PRINT((ndo, " version %d packet not supported", esis_header->version)); 1050 return; 1051 } 1052 1053 if (li > length) { 1054 ND_PRINT((ndo, " length indicator(%d) > PDU size (%d)!", li, length)); 1055 return; 1056 } 1057 1058 if (li < sizeof(struct esis_header_t) + 2) { 1059 ND_PRINT((ndo, " length indicator < min PDU size %d:", li)); 1060 while (pptr < ndo->ndo_snapend) 1061 ND_PRINT((ndo, "%02X", *pptr++)); 1062 return; 1063 } 1064 1065 esis_pdu_type = esis_header->type & ESIS_PDU_TYPE_MASK; 1066 1067 if (ndo->ndo_vflag < 1) { 1068 ND_PRINT((ndo, "%s%s, length %u", 1069 ndo->ndo_eflag ? "" : ", ", 1070 tok2str(esis_pdu_values,"unknown type (%u)",esis_pdu_type), 1071 length)); 1072 return; 1073 } else 1074 ND_PRINT((ndo, "%slength %u\n\t%s (%u)", 1075 ndo->ndo_eflag ? "" : ", ", 1076 length, 1077 tok2str(esis_pdu_values,"unknown type: %u", esis_pdu_type), 1078 esis_pdu_type)); 1079 1080 ND_PRINT((ndo, ", v: %u%s", esis_header->version, esis_header->version == ESIS_VERSION ? "" : "unsupported" )); 1081 ND_PRINT((ndo, ", checksum: 0x%04x", EXTRACT_16BITS(esis_header->cksum))); 1082 1083 osi_print_cksum(ndo, pptr, EXTRACT_16BITS(esis_header->cksum), 7, li); 1084 1085 ND_PRINT((ndo, ", holding time: %us, length indicator: %u", 1086 EXTRACT_16BITS(esis_header->holdtime), li)); 1087 1088 if (ndo->ndo_vflag > 1) 1089 print_unknown_data(ndo, optr, "\n\t", sizeof(struct esis_header_t)); 1090 1091 pptr += sizeof(struct esis_header_t); 1092 li -= sizeof(struct esis_header_t); 1093 1094 switch (esis_pdu_type) { 1095 case ESIS_PDU_REDIRECT: { 1096 const uint8_t *dst, *snpa, *neta; 1097 u_int dstl, snpal, netal; 1098 1099 ND_TCHECK(*pptr); 1100 if (li < 1) { 1101 ND_PRINT((ndo, ", bad redirect/li")); 1102 return; 1103 } 1104 dstl = *pptr; 1105 pptr++; 1106 li--; 1107 ND_TCHECK2(*pptr, dstl); 1108 if (li < dstl) { 1109 ND_PRINT((ndo, ", bad redirect/li")); 1110 return; 1111 } 1112 dst = pptr; 1113 pptr += dstl; 1114 li -= dstl; 1115 ND_PRINT((ndo, "\n\t %s", isonsap_string(dst, dstl))); 1116 1117 ND_TCHECK(*pptr); 1118 if (li < 1) { 1119 ND_PRINT((ndo, ", bad redirect/li")); 1120 return; 1121 } 1122 snpal = *pptr; 1123 pptr++; 1124 li--; 1125 ND_TCHECK2(*pptr, snpal); 1126 if (li < snpal) { 1127 ND_PRINT((ndo, ", bad redirect/li")); 1128 return; 1129 } 1130 snpa = pptr; 1131 pptr += snpal; 1132 li -= snpal; 1133 ND_TCHECK(*pptr); 1134 if (li < 1) { 1135 ND_PRINT((ndo, ", bad redirect/li")); 1136 return; 1137 } 1138 netal = *pptr; 1139 pptr++; 1140 ND_TCHECK2(*pptr, netal); 1141 if (li < netal) { 1142 ND_PRINT((ndo, ", bad redirect/li")); 1143 return; 1144 } 1145 neta = pptr; 1146 pptr += netal; 1147 li -= netal; 1148 1149 if (netal == 0) 1150 ND_PRINT((ndo, "\n\t %s", etheraddr_string(ndo, snpa))); 1151 else 1152 ND_PRINT((ndo, "\n\t %s", isonsap_string(neta, netal))); 1153 break; 1154 } 1155 1156 case ESIS_PDU_ESH: 1157 ND_TCHECK(*pptr); 1158 if (li < 1) { 1159 ND_PRINT((ndo, ", bad esh/li")); 1160 return; 1161 } 1162 source_address_number = *pptr; 1163 pptr++; 1164 li--; 1165 1166 ND_PRINT((ndo, "\n\t Number of Source Addresses: %u", source_address_number)); 1167 1168 while (source_address_number > 0) { 1169 ND_TCHECK(*pptr); 1170 if (li < 1) { 1171 ND_PRINT((ndo, ", bad esh/li")); 1172 return; 1173 } 1174 source_address_length = *pptr; 1175 pptr++; 1176 li--; 1177 1178 ND_TCHECK2(*pptr, source_address_length); 1179 if (li < source_address_length) { 1180 ND_PRINT((ndo, ", bad esh/li")); 1181 return; 1182 } 1183 ND_PRINT((ndo, "\n\t NET (length: %u): %s", 1184 source_address_length, 1185 isonsap_string(pptr, source_address_length))); 1186 pptr += source_address_length; 1187 li -= source_address_length; 1188 source_address_number--; 1189 } 1190 1191 break; 1192 1193 case ESIS_PDU_ISH: { 1194 ND_TCHECK(*pptr); 1195 if (li < 1) { 1196 ND_PRINT((ndo, ", bad ish/li")); 1197 return; 1198 } 1199 source_address_length = *pptr; 1200 pptr++; 1201 li--; 1202 ND_TCHECK2(*pptr, source_address_length); 1203 if (li < source_address_length) { 1204 ND_PRINT((ndo, ", bad ish/li")); 1205 return; 1206 } 1207 ND_PRINT((ndo, "\n\t NET (length: %u): %s", source_address_length, isonsap_string(pptr, source_address_length))); 1208 pptr += source_address_length; 1209 li -= source_address_length; 1210 break; 1211 } 1212 1213 default: 1214 if (ndo->ndo_vflag <= 1) { 1215 if (pptr < ndo->ndo_snapend) 1216 print_unknown_data(ndo, pptr, "\n\t ", ndo->ndo_snapend - pptr); 1217 } 1218 return; 1219 } 1220 1221 /* now walk the options */ 1222 while (li != 0) { 1223 u_int op, opli; 1224 const uint8_t *tptr; 1225 1226 if (li < 2) { 1227 ND_PRINT((ndo, ", bad opts/li")); 1228 return; 1229 } 1230 ND_TCHECK2(*pptr, 2); 1231 op = *pptr++; 1232 opli = *pptr++; 1233 li -= 2; 1234 if (opli > li) { 1235 ND_PRINT((ndo, ", opt (%d) too long", op)); 1236 return; 1237 } 1238 li -= opli; 1239 tptr = pptr; 1240 1241 ND_PRINT((ndo, "\n\t %s Option #%u, length %u, value: ", 1242 tok2str(esis_option_values,"Unknown",op), 1243 op, 1244 opli)); 1245 1246 switch (op) { 1247 1248 case ESIS_OPTION_ES_CONF_TIME: 1249 if (opli == 2) { 1250 ND_TCHECK2(*pptr, 2); 1251 ND_PRINT((ndo, "%us", EXTRACT_16BITS(tptr))); 1252 } else 1253 ND_PRINT((ndo, "(bad length)")); 1254 break; 1255 1256 case ESIS_OPTION_PROTOCOLS: 1257 while (opli>0) { 1258 ND_TCHECK(*pptr); 1259 ND_PRINT((ndo, "%s (0x%02x)", 1260 tok2str(nlpid_values, 1261 "unknown", 1262 *tptr), 1263 *tptr)); 1264 if (opli>1) /* further NPLIDs ? - put comma */ 1265 ND_PRINT((ndo, ", ")); 1266 tptr++; 1267 opli--; 1268 } 1269 break; 1270 1271 /* 1272 * FIXME those are the defined Options that lack a decoder 1273 * you are welcome to contribute code ;-) 1274 */ 1275 1276 case ESIS_OPTION_QOS_MAINTENANCE: 1277 case ESIS_OPTION_SECURITY: 1278 case ESIS_OPTION_PRIORITY: 1279 case ESIS_OPTION_ADDRESS_MASK: 1280 case ESIS_OPTION_SNPA_MASK: 1281 1282 default: 1283 print_unknown_data(ndo, tptr, "\n\t ", opli); 1284 break; 1285 } 1286 if (ndo->ndo_vflag > 1) 1287 print_unknown_data(ndo, pptr, "\n\t ", opli); 1288 pptr += opli; 1289 } 1290 trunc: 1291 return; 1292 } 1293 1294 static void 1295 isis_print_mcid(netdissect_options *ndo, 1296 const struct isis_spb_mcid *mcid) 1297 { 1298 int i; 1299 1300 ND_PRINT((ndo, "ID: %d, Name: ", mcid->format_id)); 1301 1302 for(i=0; i<32; i++) 1303 { 1304 ND_PRINT((ndo, "%c", mcid->name[i])); 1305 if(mcid->name[i] == '\0') 1306 break; 1307 } 1308 1309 ND_PRINT((ndo, "\n\t Lvl: %d", EXTRACT_16BITS(mcid->revision_lvl))); 1310 1311 ND_PRINT((ndo, ", Digest: ")); 1312 1313 for(i=0;i<16;i++) 1314 ND_PRINT((ndo, "%.2x ", mcid->digest[i])); 1315 } 1316 1317 static int 1318 isis_print_mt_port_cap_subtlv(netdissect_options *ndo, 1319 const uint8_t *tptr, int len) 1320 { 1321 int stlv_type, stlv_len; 1322 const struct isis_subtlv_spb_mcid *subtlv_spb_mcid; 1323 int i; 1324 1325 while (len > 0) 1326 { 1327 stlv_type = *(tptr++); 1328 stlv_len = *(tptr++); 1329 1330 /* first lets see if we know the subTLVs name*/ 1331 ND_PRINT((ndo, "\n\t %s subTLV #%u, length: %u", 1332 tok2str(isis_mt_port_cap_subtlv_values, "unknown", stlv_type), 1333 stlv_type, 1334 stlv_len)); 1335 1336 /*len -= TLV_TYPE_LEN_OFFSET;*/ 1337 len = len -2; 1338 1339 switch (stlv_type) 1340 { 1341 case ISIS_SUBTLV_SPB_MCID: 1342 { 1343 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_MCID_MIN_LEN)) 1344 goto trunctlv; 1345 1346 subtlv_spb_mcid = (struct isis_subtlv_spb_mcid *)tptr; 1347 1348 ND_PRINT((ndo, "\n\t MCID: ")); 1349 isis_print_mcid(ndo, &(subtlv_spb_mcid->mcid)); 1350 1351 /*tptr += SPB_MCID_MIN_LEN; 1352 len -= SPB_MCID_MIN_LEN; */ 1353 1354 ND_PRINT((ndo, "\n\t AUX-MCID: ")); 1355 isis_print_mcid(ndo, &(subtlv_spb_mcid->aux_mcid)); 1356 1357 /*tptr += SPB_MCID_MIN_LEN; 1358 len -= SPB_MCID_MIN_LEN; */ 1359 tptr = tptr + sizeof(struct isis_subtlv_spb_mcid); 1360 len = len - sizeof(struct isis_subtlv_spb_mcid); 1361 1362 break; 1363 } 1364 1365 case ISIS_SUBTLV_SPB_DIGEST: 1366 { 1367 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_DIGEST_MIN_LEN)) 1368 goto trunctlv; 1369 1370 ND_PRINT((ndo, "\n\t RES: %d V: %d A: %d D: %d", 1371 (*(tptr) >> 5), (((*tptr)>> 4) & 0x01), 1372 ((*(tptr) >> 2) & 0x03), ((*tptr) & 0x03))); 1373 1374 tptr++; 1375 1376 ND_PRINT((ndo, "\n\t Digest: ")); 1377 1378 for(i=1;i<=8; i++) 1379 { 1380 ND_PRINT((ndo, "%08x ", EXTRACT_32BITS(tptr))); 1381 if (i%4 == 0 && i != 8) 1382 ND_PRINT((ndo, "\n\t ")); 1383 tptr = tptr + 4; 1384 } 1385 1386 len = len - ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; 1387 1388 break; 1389 } 1390 1391 case ISIS_SUBTLV_SPB_BVID: 1392 { 1393 if (!ND_TTEST2(*(tptr), stlv_len)) 1394 goto trunctlv; 1395 1396 while (len) 1397 { 1398 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_BVID_MIN_LEN)) 1399 goto trunctlv; 1400 1401 ND_PRINT((ndo, "\n\t ECT: %08x", 1402 EXTRACT_32BITS(tptr))); 1403 1404 tptr = tptr+4; 1405 1406 ND_PRINT((ndo, " BVID: %d, U:%01x M:%01x ", 1407 (EXTRACT_16BITS (tptr) >> 4) , 1408 (EXTRACT_16BITS (tptr) >> 3) & 0x01, 1409 (EXTRACT_16BITS (tptr) >> 2) & 0x01)); 1410 1411 tptr = tptr + 2; 1412 len = len - ISIS_SUBTLV_SPB_BVID_MIN_LEN; 1413 } 1414 1415 break; 1416 } 1417 1418 default: 1419 break; 1420 } 1421 } 1422 1423 return 0; 1424 1425 trunctlv: 1426 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); 1427 return(1); 1428 } 1429 1430 static int 1431 isis_print_mt_capability_subtlv(netdissect_options *ndo, 1432 const uint8_t *tptr, int len) 1433 { 1434 int stlv_type, stlv_len, tmp; 1435 1436 while (len > 0) 1437 { 1438 stlv_type = *(tptr++); 1439 stlv_len = *(tptr++); 1440 1441 /* first lets see if we know the subTLVs name*/ 1442 ND_PRINT((ndo, "\n\t %s subTLV #%u, length: %u", 1443 tok2str(isis_mt_capability_subtlv_values, "unknown", stlv_type), 1444 stlv_type, 1445 stlv_len)); 1446 1447 len = len - 2; 1448 1449 switch (stlv_type) 1450 { 1451 case ISIS_SUBTLV_SPB_INSTANCE: 1452 1453 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN)) 1454 goto trunctlv; 1455 1456 ND_PRINT((ndo, "\n\t CIST Root-ID: %08x", EXTRACT_32BITS(tptr))); 1457 tptr = tptr+4; 1458 ND_PRINT((ndo, " %08x", EXTRACT_32BITS(tptr))); 1459 tptr = tptr+4; 1460 ND_PRINT((ndo, ", Path Cost: %08x", EXTRACT_32BITS(tptr))); 1461 tptr = tptr+4; 1462 ND_PRINT((ndo, ", Prio: %d", EXTRACT_16BITS(tptr))); 1463 tptr = tptr + 2; 1464 ND_PRINT((ndo, "\n\t RES: %d", 1465 EXTRACT_16BITS(tptr) >> 5)); 1466 ND_PRINT((ndo, ", V: %d", 1467 (EXTRACT_16BITS(tptr) >> 4) & 0x0001)); 1468 ND_PRINT((ndo, ", SPSource-ID: %d", 1469 (EXTRACT_32BITS(tptr) & 0x000fffff))); 1470 tptr = tptr+4; 1471 ND_PRINT((ndo, ", No of Trees: %x", *(tptr))); 1472 1473 tmp = *(tptr++); 1474 1475 len = len - ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; 1476 1477 while (tmp) 1478 { 1479 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN)) 1480 goto trunctlv; 1481 1482 ND_PRINT((ndo, "\n\t U:%d, M:%d, A:%d, RES:%d", 1483 *(tptr) >> 7, (*(tptr) >> 6) & 0x01, 1484 (*(tptr) >> 5) & 0x01, (*(tptr) & 0x1f))); 1485 1486 tptr++; 1487 1488 ND_PRINT((ndo, ", ECT: %08x", EXTRACT_32BITS(tptr))); 1489 1490 tptr = tptr + 4; 1491 1492 ND_PRINT((ndo, ", BVID: %d, SPVID: %d", 1493 (EXTRACT_24BITS(tptr) >> 12) & 0x000fff, 1494 EXTRACT_24BITS(tptr) & 0x000fff)); 1495 1496 tptr = tptr + 3; 1497 len = len - ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; 1498 tmp--; 1499 } 1500 1501 break; 1502 1503 case ISIS_SUBTLV_SPBM_SI: 1504 1505 if (!ND_TTEST2(*(tptr), 6)) 1506 goto trunctlv; 1507 1508 ND_PRINT((ndo, "\n\t BMAC: %08x", EXTRACT_32BITS(tptr))); 1509 tptr = tptr+4; 1510 ND_PRINT((ndo, "%04x", EXTRACT_16BITS(tptr))); 1511 tptr = tptr+2; 1512 1513 ND_PRINT((ndo, ", RES: %d, VID: %d", EXTRACT_16BITS(tptr) >> 12, 1514 (EXTRACT_16BITS(tptr)) & 0x0fff)); 1515 1516 tptr = tptr+2; 1517 len = len - 8; 1518 stlv_len = stlv_len - 8; 1519 1520 while (stlv_len) 1521 { 1522 ND_PRINT((ndo, "\n\t T: %d, R: %d, RES: %d, ISID: %d", 1523 (EXTRACT_32BITS(tptr) >> 31), 1524 (EXTRACT_32BITS(tptr) >> 30) & 0x01, 1525 (EXTRACT_32BITS(tptr) >> 24) & 0x03f, 1526 (EXTRACT_32BITS(tptr)) & 0x0ffffff)); 1527 1528 tptr = tptr + 4; 1529 len = len - 4; 1530 stlv_len = stlv_len - 4; 1531 } 1532 1533 break; 1534 1535 default: 1536 break; 1537 } 1538 } 1539 return 0; 1540 1541 trunctlv: 1542 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); 1543 return(1); 1544 } 1545 1546 /* shared routine for printing system, node and lsp-ids */ 1547 static char * 1548 isis_print_id(const uint8_t *cp, int id_len) 1549 { 1550 int i; 1551 static char id[sizeof("xxxx.xxxx.xxxx.yy-zz")]; 1552 char *pos = id; 1553 1554 for (i = 1; i <= SYSTEM_ID_LEN; i++) { 1555 snprintf(pos, sizeof(id) - (pos - id), "%02x", *cp++); 1556 pos += strlen(pos); 1557 if (i == 2 || i == 4) 1558 *pos++ = '.'; 1559 } 1560 if (id_len >= NODE_ID_LEN) { 1561 snprintf(pos, sizeof(id) - (pos - id), ".%02x", *cp++); 1562 pos += strlen(pos); 1563 } 1564 if (id_len == LSP_ID_LEN) 1565 snprintf(pos, sizeof(id) - (pos - id), "-%02x", *cp); 1566 return (id); 1567 } 1568 1569 /* print the 4-byte metric block which is common found in the old-style TLVs */ 1570 static int 1571 isis_print_metric_block(netdissect_options *ndo, 1572 const struct isis_metric_block *isis_metric_block) 1573 { 1574 ND_PRINT((ndo, ", Default Metric: %d, %s", 1575 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_default), 1576 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_default) ? "External" : "Internal")); 1577 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_delay)) 1578 ND_PRINT((ndo, "\n\t\t Delay Metric: %d, %s", 1579 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_delay), 1580 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_delay) ? "External" : "Internal")); 1581 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_expense)) 1582 ND_PRINT((ndo, "\n\t\t Expense Metric: %d, %s", 1583 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_expense), 1584 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_expense) ? "External" : "Internal")); 1585 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_error)) 1586 ND_PRINT((ndo, "\n\t\t Error Metric: %d, %s", 1587 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_error), 1588 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_error) ? "External" : "Internal")); 1589 1590 return(1); /* everything is ok */ 1591 } 1592 1593 static int 1594 isis_print_tlv_ip_reach(netdissect_options *ndo, 1595 const uint8_t *cp, const char *ident, int length) 1596 { 1597 int prefix_len; 1598 const struct isis_tlv_ip_reach *tlv_ip_reach; 1599 1600 tlv_ip_reach = (const struct isis_tlv_ip_reach *)cp; 1601 1602 while (length > 0) { 1603 if ((size_t)length < sizeof(*tlv_ip_reach)) { 1604 ND_PRINT((ndo, "short IPv4 Reachability (%d vs %lu)", 1605 length, 1606 (unsigned long)sizeof(*tlv_ip_reach))); 1607 return (0); 1608 } 1609 1610 if (!ND_TTEST(*tlv_ip_reach)) 1611 return (0); 1612 1613 prefix_len = mask2plen(EXTRACT_32BITS(tlv_ip_reach->mask)); 1614 1615 if (prefix_len == -1) 1616 ND_PRINT((ndo, "%sIPv4 prefix: %s mask %s", 1617 ident, 1618 ipaddr_string(ndo, (tlv_ip_reach->prefix)), 1619 ipaddr_string(ndo, (tlv_ip_reach->mask)))); 1620 else 1621 ND_PRINT((ndo, "%sIPv4 prefix: %15s/%u", 1622 ident, 1623 ipaddr_string(ndo, (tlv_ip_reach->prefix)), 1624 prefix_len)); 1625 1626 ND_PRINT((ndo, ", Distribution: %s, Metric: %u, %s", 1627 ISIS_LSP_TLV_METRIC_UPDOWN(tlv_ip_reach->isis_metric_block.metric_default) ? "down" : "up", 1628 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_default), 1629 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_default) ? "External" : "Internal")); 1630 1631 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_delay)) 1632 ND_PRINT((ndo, "%s Delay Metric: %u, %s", 1633 ident, 1634 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_delay), 1635 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_delay) ? "External" : "Internal")); 1636 1637 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_expense)) 1638 ND_PRINT((ndo, "%s Expense Metric: %u, %s", 1639 ident, 1640 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_expense), 1641 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_expense) ? "External" : "Internal")); 1642 1643 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_error)) 1644 ND_PRINT((ndo, "%s Error Metric: %u, %s", 1645 ident, 1646 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_error), 1647 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_error) ? "External" : "Internal")); 1648 1649 length -= sizeof(struct isis_tlv_ip_reach); 1650 tlv_ip_reach++; 1651 } 1652 return (1); 1653 } 1654 1655 /* 1656 * this is the common IP-REACH subTLV decoder it is called 1657 * from various EXTD-IP REACH TLVs (135,235,236,237) 1658 */ 1659 1660 static int 1661 isis_print_ip_reach_subtlv(netdissect_options *ndo, 1662 const uint8_t *tptr, int subt, int subl, 1663 const char *ident) 1664 { 1665 /* first lets see if we know the subTLVs name*/ 1666 ND_PRINT((ndo, "%s%s subTLV #%u, length: %u", 1667 ident, tok2str(isis_ext_ip_reach_subtlv_values, "unknown", subt), 1668 subt, subl)); 1669 1670 if (!ND_TTEST2(*tptr,subl)) 1671 goto trunctlv; 1672 1673 switch(subt) { 1674 case ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR: /* fall through */ 1675 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32: 1676 while (subl >= 4) { 1677 ND_PRINT((ndo, ", 0x%08x (=%u)", 1678 EXTRACT_32BITS(tptr), 1679 EXTRACT_32BITS(tptr))); 1680 tptr+=4; 1681 subl-=4; 1682 } 1683 break; 1684 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64: 1685 while (subl >= 8) { 1686 ND_PRINT((ndo, ", 0x%08x%08x", 1687 EXTRACT_32BITS(tptr), 1688 EXTRACT_32BITS(tptr+4))); 1689 tptr+=8; 1690 subl-=8; 1691 } 1692 break; 1693 default: 1694 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1695 return(0); 1696 break; 1697 } 1698 return(1); 1699 1700 trunctlv: 1701 ND_PRINT((ndo, "%spacket exceeded snapshot", ident)); 1702 return(0); 1703 } 1704 1705 /* 1706 * this is the common IS-REACH subTLV decoder it is called 1707 * from isis_print_ext_is_reach() 1708 */ 1709 1710 static int 1711 isis_print_is_reach_subtlv(netdissect_options *ndo, 1712 const uint8_t *tptr, u_int subt, u_int subl, 1713 const char *ident) 1714 { 1715 u_int te_class,priority_level,gmpls_switch_cap; 1716 union { /* int to float conversion buffer for several subTLVs */ 1717 float f; 1718 uint32_t i; 1719 } bw; 1720 1721 /* first lets see if we know the subTLVs name*/ 1722 ND_PRINT((ndo, "%s%s subTLV #%u, length: %u", 1723 ident, tok2str(isis_ext_is_reach_subtlv_values, "unknown", subt), 1724 subt, subl)); 1725 1726 if (!ND_TTEST2(*tptr,subl)) 1727 goto trunctlv; 1728 1729 switch(subt) { 1730 case ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP: 1731 case ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID: 1732 case ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID: 1733 if (subl >= 4) { 1734 ND_PRINT((ndo, ", 0x%08x", EXTRACT_32BITS(tptr))); 1735 if (subl == 8) /* rfc4205 */ 1736 ND_PRINT((ndo, ", 0x%08x", EXTRACT_32BITS(tptr+4))); 1737 } 1738 break; 1739 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR: 1740 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR: 1741 if (subl >= sizeof(struct in_addr)) 1742 ND_PRINT((ndo, ", %s", ipaddr_string(ndo, tptr))); 1743 break; 1744 case ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW : 1745 case ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW: 1746 if (subl >= 4) { 1747 bw.i = EXTRACT_32BITS(tptr); 1748 ND_PRINT((ndo, ", %.3f Mbps", bw.f * 8 / 1000000)); 1749 } 1750 break; 1751 case ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW : 1752 if (subl >= 32) { 1753 for (te_class = 0; te_class < 8; te_class++) { 1754 bw.i = EXTRACT_32BITS(tptr); 1755 ND_PRINT((ndo, "%s TE-Class %u: %.3f Mbps", 1756 ident, 1757 te_class, 1758 bw.f * 8 / 1000000)); 1759 tptr+=4; 1760 } 1761 } 1762 break; 1763 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS: /* fall through */ 1764 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD: 1765 ND_PRINT((ndo, "%sBandwidth Constraints Model ID: %s (%u)", 1766 ident, 1767 tok2str(diffserv_te_bc_values, "unknown", *tptr), 1768 *tptr)); 1769 tptr++; 1770 /* decode BCs until the subTLV ends */ 1771 for (te_class = 0; te_class < (subl-1)/4; te_class++) { 1772 bw.i = EXTRACT_32BITS(tptr); 1773 ND_PRINT((ndo, "%s Bandwidth constraint CT%u: %.3f Mbps", 1774 ident, 1775 te_class, 1776 bw.f * 8 / 1000000)); 1777 tptr+=4; 1778 } 1779 break; 1780 case ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC: 1781 if (subl >= 3) 1782 ND_PRINT((ndo, ", %u", EXTRACT_24BITS(tptr))); 1783 break; 1784 case ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE: 1785 if (subl == 2) { 1786 ND_PRINT((ndo, ", [ %s ] (0x%04x)", 1787 bittok2str(isis_subtlv_link_attribute_values, 1788 "Unknown", 1789 EXTRACT_16BITS(tptr)), 1790 EXTRACT_16BITS(tptr))); 1791 } 1792 break; 1793 case ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE: 1794 if (subl >= 2) { 1795 ND_PRINT((ndo, ", %s, Priority %u", 1796 bittok2str(gmpls_link_prot_values, "none", *tptr), 1797 *(tptr+1))); 1798 } 1799 break; 1800 case ISIS_SUBTLV_SPB_METRIC: 1801 if (subl >= 6) { 1802 ND_PRINT((ndo, ", LM: %u", EXTRACT_24BITS(tptr))); 1803 tptr=tptr+3; 1804 ND_PRINT((ndo, ", P: %u", *(tptr))); 1805 tptr++; 1806 ND_PRINT((ndo, ", P-ID: %u", EXTRACT_16BITS(tptr))); 1807 } 1808 break; 1809 case ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR: 1810 if (subl >= 36) { 1811 gmpls_switch_cap = *tptr; 1812 ND_PRINT((ndo, "%s Interface Switching Capability:%s", 1813 ident, 1814 tok2str(gmpls_switch_cap_values, "Unknown", gmpls_switch_cap))); 1815 ND_PRINT((ndo, ", LSP Encoding: %s", 1816 tok2str(gmpls_encoding_values, "Unknown", *(tptr + 1)))); 1817 tptr+=4; 1818 ND_PRINT((ndo, "%s Max LSP Bandwidth:", ident)); 1819 for (priority_level = 0; priority_level < 8; priority_level++) { 1820 bw.i = EXTRACT_32BITS(tptr); 1821 ND_PRINT((ndo, "%s priority level %d: %.3f Mbps", 1822 ident, 1823 priority_level, 1824 bw.f * 8 / 1000000)); 1825 tptr+=4; 1826 } 1827 subl-=36; 1828 switch (gmpls_switch_cap) { 1829 case GMPLS_PSC1: 1830 case GMPLS_PSC2: 1831 case GMPLS_PSC3: 1832 case GMPLS_PSC4: 1833 bw.i = EXTRACT_32BITS(tptr); 1834 ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000)); 1835 ND_PRINT((ndo, "%s Interface MTU: %u", ident, EXTRACT_16BITS(tptr + 4))); 1836 break; 1837 case GMPLS_TSC: 1838 bw.i = EXTRACT_32BITS(tptr); 1839 ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000)); 1840 ND_PRINT((ndo, "%s Indication %s", ident, 1841 tok2str(gmpls_switch_cap_tsc_indication_values, "Unknown (%u)", *(tptr + 4)))); 1842 break; 1843 default: 1844 /* there is some optional stuff left to decode but this is as of yet 1845 not specified so just lets hexdump what is left */ 1846 if(subl>0){ 1847 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1848 return(0); 1849 } 1850 } 1851 } 1852 break; 1853 default: 1854 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1855 return(0); 1856 break; 1857 } 1858 return(1); 1859 1860 trunctlv: 1861 ND_PRINT((ndo, "%spacket exceeded snapshot", ident)); 1862 return(0); 1863 } 1864 1865 1866 /* 1867 * this is the common IS-REACH decoder it is called 1868 * from various EXTD-IS REACH style TLVs (22,24,222) 1869 */ 1870 1871 static int 1872 isis_print_ext_is_reach(netdissect_options *ndo, 1873 const uint8_t *tptr, const char *ident, int tlv_type) 1874 { 1875 char ident_buffer[20]; 1876 int subtlv_type,subtlv_len,subtlv_sum_len; 1877 int proc_bytes = 0; /* how many bytes did we process ? */ 1878 1879 if (!ND_TTEST2(*tptr, NODE_ID_LEN)) 1880 return(0); 1881 1882 ND_PRINT((ndo, "%sIS Neighbor: %s", ident, isis_print_id(tptr, NODE_ID_LEN))); 1883 tptr+=(NODE_ID_LEN); 1884 1885 if (tlv_type != ISIS_TLV_IS_ALIAS_ID) { /* the Alias TLV Metric field is implicit 0 */ 1886 if (!ND_TTEST2(*tptr, 3)) /* and is therefore skipped */ 1887 return(0); 1888 ND_PRINT((ndo, ", Metric: %d", EXTRACT_24BITS(tptr))); 1889 tptr+=3; 1890 } 1891 1892 if (!ND_TTEST2(*tptr, 1)) 1893 return(0); 1894 subtlv_sum_len=*(tptr++); /* read out subTLV length */ 1895 proc_bytes=NODE_ID_LEN+3+1; 1896 ND_PRINT((ndo, ", %ssub-TLVs present",subtlv_sum_len ? "" : "no ")); 1897 if (subtlv_sum_len) { 1898 ND_PRINT((ndo, " (%u)", subtlv_sum_len)); 1899 while (subtlv_sum_len>0) { 1900 if (!ND_TTEST2(*tptr,2)) 1901 return(0); 1902 subtlv_type=*(tptr++); 1903 subtlv_len=*(tptr++); 1904 /* prepend the ident string */ 1905 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 1906 if (!isis_print_is_reach_subtlv(ndo, tptr, subtlv_type, subtlv_len, ident_buffer)) 1907 return(0); 1908 tptr+=subtlv_len; 1909 subtlv_sum_len-=(subtlv_len+2); 1910 proc_bytes+=(subtlv_len+2); 1911 } 1912 } 1913 return(proc_bytes); 1914 } 1915 1916 /* 1917 * this is the common Multi Topology ID decoder 1918 * it is called from various MT-TLVs (222,229,235,237) 1919 */ 1920 1921 static int 1922 isis_print_mtid(netdissect_options *ndo, 1923 const uint8_t *tptr, const char *ident) 1924 { 1925 if (!ND_TTEST2(*tptr, 2)) 1926 return(0); 1927 1928 ND_PRINT((ndo, "%s%s", 1929 ident, 1930 tok2str(isis_mt_values, 1931 "Reserved for IETF Consensus", 1932 ISIS_MASK_MTID(EXTRACT_16BITS(tptr))))); 1933 1934 ND_PRINT((ndo, " Topology (0x%03x), Flags: [%s]", 1935 ISIS_MASK_MTID(EXTRACT_16BITS(tptr)), 1936 bittok2str(isis_mt_flag_values, "none",ISIS_MASK_MTFLAGS(EXTRACT_16BITS(tptr))))); 1937 1938 return(2); 1939 } 1940 1941 /* 1942 * this is the common extended IP reach decoder 1943 * it is called from TLVs (135,235,236,237) 1944 * we process the TLV and optional subTLVs and return 1945 * the amount of processed bytes 1946 */ 1947 1948 static int 1949 isis_print_extd_ip_reach(netdissect_options *ndo, 1950 const uint8_t *tptr, const char *ident, uint16_t afi) 1951 { 1952 char ident_buffer[20]; 1953 #ifdef INET6 1954 uint8_t prefix[sizeof(struct in6_addr)]; /* shared copy buffer for IPv4 and IPv6 prefixes */ 1955 #else 1956 uint8_t prefix[sizeof(struct in_addr)]; /* shared copy buffer for IPv4 prefixes */ 1957 #endif 1958 u_int metric, status_byte, bit_length, byte_length, sublen, processed, subtlvtype, subtlvlen; 1959 1960 if (!ND_TTEST2(*tptr, 4)) 1961 return (0); 1962 metric = EXTRACT_32BITS(tptr); 1963 processed=4; 1964 tptr+=4; 1965 1966 if (afi == AF_INET) { 1967 if (!ND_TTEST2(*tptr, 1)) /* fetch status byte */ 1968 return (0); 1969 status_byte=*(tptr++); 1970 bit_length = status_byte&0x3f; 1971 if (bit_length > 32) { 1972 ND_PRINT((ndo, "%sIPv4 prefix: bad bit length %u", 1973 ident, 1974 bit_length)); 1975 return (0); 1976 } 1977 processed++; 1978 #ifdef INET6 1979 } else if (afi == AF_INET6) { 1980 if (!ND_TTEST2(*tptr, 1)) /* fetch status & prefix_len byte */ 1981 return (0); 1982 status_byte=*(tptr++); 1983 bit_length=*(tptr++); 1984 if (bit_length > 128) { 1985 ND_PRINT((ndo, "%sIPv6 prefix: bad bit length %u", 1986 ident, 1987 bit_length)); 1988 return (0); 1989 } 1990 processed+=2; 1991 #endif 1992 } else 1993 return (0); /* somebody is fooling us */ 1994 1995 byte_length = (bit_length + 7) / 8; /* prefix has variable length encoding */ 1996 1997 if (!ND_TTEST2(*tptr, byte_length)) 1998 return (0); 1999 memset(prefix, 0, sizeof prefix); /* clear the copy buffer */ 2000 memcpy(prefix,tptr,byte_length); /* copy as much as is stored in the TLV */ 2001 tptr+=byte_length; 2002 processed+=byte_length; 2003 2004 if (afi == AF_INET) 2005 ND_PRINT((ndo, "%sIPv4 prefix: %15s/%u", 2006 ident, 2007 ipaddr_string(ndo, prefix), 2008 bit_length)); 2009 #ifdef INET6 2010 if (afi == AF_INET6) 2011 ND_PRINT((ndo, "%sIPv6 prefix: %s/%u", 2012 ident, 2013 ip6addr_string(ndo, prefix), 2014 bit_length)); 2015 #endif 2016 2017 ND_PRINT((ndo, ", Distribution: %s, Metric: %u", 2018 ISIS_MASK_TLV_EXTD_IP_UPDOWN(status_byte) ? "down" : "up", 2019 metric)); 2020 2021 if (afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2022 ND_PRINT((ndo, ", sub-TLVs present")); 2023 #ifdef INET6 2024 if (afi == AF_INET6) 2025 ND_PRINT((ndo, ", %s%s", 2026 ISIS_MASK_TLV_EXTD_IP6_IE(status_byte) ? "External" : "Internal", 2027 ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte) ? ", sub-TLVs present" : "")); 2028 #endif 2029 2030 if ((afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2031 #ifdef INET6 2032 || (afi == AF_INET6 && ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte)) 2033 #endif 2034 ) { 2035 /* assume that one prefix can hold more 2036 than one subTLV - therefore the first byte must reflect 2037 the aggregate bytecount of the subTLVs for this prefix 2038 */ 2039 if (!ND_TTEST2(*tptr, 1)) 2040 return (0); 2041 sublen=*(tptr++); 2042 processed+=sublen+1; 2043 ND_PRINT((ndo, " (%u)", sublen)); /* print out subTLV length */ 2044 2045 while (sublen>0) { 2046 if (!ND_TTEST2(*tptr,2)) 2047 return (0); 2048 subtlvtype=*(tptr++); 2049 subtlvlen=*(tptr++); 2050 /* prepend the ident string */ 2051 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 2052 if (!isis_print_ip_reach_subtlv(ndo, tptr, subtlvtype, subtlvlen, ident_buffer)) 2053 return(0); 2054 tptr+=subtlvlen; 2055 sublen-=(subtlvlen+2); 2056 } 2057 } 2058 return (processed); 2059 } 2060 2061 /* 2062 * isis_print 2063 * Decode IS-IS packets. Return 0 on error. 2064 */ 2065 2066 static int 2067 isis_print(netdissect_options *ndo, 2068 const uint8_t *p, u_int length) 2069 { 2070 const struct isis_common_header *isis_header; 2071 2072 const struct isis_iih_lan_header *header_iih_lan; 2073 const struct isis_iih_ptp_header *header_iih_ptp; 2074 struct isis_lsp_header *header_lsp; 2075 const struct isis_csnp_header *header_csnp; 2076 const struct isis_psnp_header *header_psnp; 2077 2078 const struct isis_tlv_lsp *tlv_lsp; 2079 const struct isis_tlv_ptp_adj *tlv_ptp_adj; 2080 const struct isis_tlv_is_reach *tlv_is_reach; 2081 const struct isis_tlv_es_reach *tlv_es_reach; 2082 2083 uint8_t pdu_type, max_area, id_length, tlv_type, tlv_len, tmp, alen, lan_alen, prefix_len; 2084 uint8_t ext_is_len, ext_ip_len, mt_len; 2085 const uint8_t *optr, *pptr, *tptr; 2086 u_short packet_len,pdu_len, key_id; 2087 u_int i,vendor_id; 2088 int sigcheck; 2089 2090 packet_len=length; 2091 optr = p; /* initialize the _o_riginal pointer to the packet start - 2092 need it for parsing the checksum TLV and authentication 2093 TLV verification */ 2094 isis_header = (const struct isis_common_header *)p; 2095 ND_TCHECK(*isis_header); 2096 pptr = p+(ISIS_COMMON_HEADER_SIZE); 2097 header_iih_lan = (const struct isis_iih_lan_header *)pptr; 2098 header_iih_ptp = (const struct isis_iih_ptp_header *)pptr; 2099 header_lsp = (struct isis_lsp_header *)pptr; 2100 header_csnp = (const struct isis_csnp_header *)pptr; 2101 header_psnp = (const struct isis_psnp_header *)pptr; 2102 2103 if (!ndo->ndo_eflag) 2104 ND_PRINT((ndo, "IS-IS")); 2105 2106 /* 2107 * Sanity checking of the header. 2108 */ 2109 2110 if (isis_header->version != ISIS_VERSION) { 2111 ND_PRINT((ndo, "version %d packet not supported", isis_header->version)); 2112 return (0); 2113 } 2114 2115 if ((isis_header->id_length != SYSTEM_ID_LEN) && (isis_header->id_length != 0)) { 2116 ND_PRINT((ndo, "system ID length of %d is not supported", 2117 isis_header->id_length)); 2118 return (0); 2119 } 2120 2121 if (isis_header->pdu_version != ISIS_VERSION) { 2122 ND_PRINT((ndo, "version %d packet not supported", isis_header->pdu_version)); 2123 return (0); 2124 } 2125 2126 max_area = isis_header->max_area; 2127 switch(max_area) { 2128 case 0: 2129 max_area = 3; /* silly shit */ 2130 break; 2131 case 255: 2132 ND_PRINT((ndo, "bad packet -- 255 areas")); 2133 return (0); 2134 default: 2135 break; 2136 } 2137 2138 id_length = isis_header->id_length; 2139 switch(id_length) { 2140 case 0: 2141 id_length = 6; /* silly shit again */ 2142 break; 2143 case 1: /* 1-8 are valid sys-ID lenghts */ 2144 case 2: 2145 case 3: 2146 case 4: 2147 case 5: 2148 case 6: 2149 case 7: 2150 case 8: 2151 break; 2152 case 255: 2153 id_length = 0; /* entirely useless */ 2154 break; 2155 default: 2156 break; 2157 } 2158 2159 /* toss any non 6-byte sys-ID len PDUs */ 2160 if (id_length != 6 ) { 2161 ND_PRINT((ndo, "bad packet -- illegal sys-ID length (%u)", id_length)); 2162 return (0); 2163 } 2164 2165 pdu_type=isis_header->pdu_type; 2166 2167 /* in non-verbose mode print the basic PDU Type plus PDU specific brief information*/ 2168 if (ndo->ndo_vflag < 1) { 2169 ND_PRINT((ndo, "%s%s", 2170 ndo->ndo_eflag ? "" : ", ", 2171 tok2str(isis_pdu_values, "unknown PDU-Type %u", pdu_type))); 2172 2173 switch (pdu_type) { 2174 2175 case ISIS_PDU_L1_LAN_IIH: 2176 case ISIS_PDU_L2_LAN_IIH: 2177 ND_PRINT((ndo, ", src-id %s", 2178 isis_print_id(header_iih_lan->source_id, SYSTEM_ID_LEN))); 2179 ND_PRINT((ndo, ", lan-id %s, prio %u", 2180 isis_print_id(header_iih_lan->lan_id,NODE_ID_LEN), 2181 header_iih_lan->priority)); 2182 break; 2183 case ISIS_PDU_PTP_IIH: 2184 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_iih_ptp->source_id, SYSTEM_ID_LEN))); 2185 break; 2186 case ISIS_PDU_L1_LSP: 2187 case ISIS_PDU_L2_LSP: 2188 ND_PRINT((ndo, ", lsp-id %s, seq 0x%08x, lifetime %5us", 2189 isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), 2190 EXTRACT_32BITS(header_lsp->sequence_number), 2191 EXTRACT_16BITS(header_lsp->remaining_lifetime))); 2192 break; 2193 case ISIS_PDU_L1_CSNP: 2194 case ISIS_PDU_L2_CSNP: 2195 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_csnp->source_id, NODE_ID_LEN))); 2196 break; 2197 case ISIS_PDU_L1_PSNP: 2198 case ISIS_PDU_L2_PSNP: 2199 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_psnp->source_id, NODE_ID_LEN))); 2200 break; 2201 2202 } 2203 ND_PRINT((ndo, ", length %u", length)); 2204 2205 return(1); 2206 } 2207 2208 /* ok they seem to want to know everything - lets fully decode it */ 2209 ND_PRINT((ndo, "%slength %u", ndo->ndo_eflag ? "" : ", ", length)); 2210 2211 ND_PRINT((ndo, "\n\t%s, hlen: %u, v: %u, pdu-v: %u, sys-id-len: %u (%u), max-area: %u (%u)", 2212 tok2str(isis_pdu_values, 2213 "unknown, type %u", 2214 pdu_type), 2215 isis_header->fixed_len, 2216 isis_header->version, 2217 isis_header->pdu_version, 2218 id_length, 2219 isis_header->id_length, 2220 max_area, 2221 isis_header->max_area)); 2222 2223 if (ndo->ndo_vflag > 1) { 2224 if (!print_unknown_data(ndo, optr, "\n\t", 8)) /* provide the _o_riginal pointer */ 2225 return(0); /* for optionally debugging the common header */ 2226 } 2227 2228 switch (pdu_type) { 2229 2230 case ISIS_PDU_L1_LAN_IIH: 2231 case ISIS_PDU_L2_LAN_IIH: 2232 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)) { 2233 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2234 isis_header->fixed_len, (unsigned long)ISIS_IIH_LAN_HEADER_SIZE)); 2235 return (0); 2236 } 2237 2238 pdu_len=EXTRACT_16BITS(header_iih_lan->pdu_len); 2239 if (packet_len>pdu_len) { 2240 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2241 length=pdu_len; 2242 } 2243 2244 ND_TCHECK(*header_iih_lan); 2245 ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]", 2246 isis_print_id(header_iih_lan->source_id,SYSTEM_ID_LEN), 2247 EXTRACT_16BITS(header_iih_lan->holding_time), 2248 tok2str(isis_iih_circuit_type_values, 2249 "unknown circuit type 0x%02x", 2250 header_iih_lan->circuit_type))); 2251 2252 ND_PRINT((ndo, "\n\t lan-id: %s, Priority: %u, PDU length: %u", 2253 isis_print_id(header_iih_lan->lan_id, NODE_ID_LEN), 2254 (header_iih_lan->priority) & ISIS_LAN_PRIORITY_MASK, 2255 pdu_len)); 2256 2257 if (ndo->ndo_vflag > 1) { 2258 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_LAN_HEADER_SIZE)) 2259 return(0); 2260 } 2261 2262 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2263 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2264 break; 2265 2266 case ISIS_PDU_PTP_IIH: 2267 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)) { 2268 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2269 isis_header->fixed_len, (unsigned long)ISIS_IIH_PTP_HEADER_SIZE)); 2270 return (0); 2271 } 2272 2273 pdu_len=EXTRACT_16BITS(header_iih_ptp->pdu_len); 2274 if (packet_len>pdu_len) { 2275 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2276 length=pdu_len; 2277 } 2278 2279 ND_TCHECK(*header_iih_ptp); 2280 ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]", 2281 isis_print_id(header_iih_ptp->source_id,SYSTEM_ID_LEN), 2282 EXTRACT_16BITS(header_iih_ptp->holding_time), 2283 tok2str(isis_iih_circuit_type_values, 2284 "unknown circuit type 0x%02x", 2285 header_iih_ptp->circuit_type))); 2286 2287 ND_PRINT((ndo, "\n\t circuit-id: 0x%02x, PDU length: %u", 2288 header_iih_ptp->circuit_id, 2289 pdu_len)); 2290 2291 if (ndo->ndo_vflag > 1) { 2292 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_PTP_HEADER_SIZE)) 2293 return(0); 2294 } 2295 2296 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2297 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2298 break; 2299 2300 case ISIS_PDU_L1_LSP: 2301 case ISIS_PDU_L2_LSP: 2302 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE)) { 2303 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2304 isis_header->fixed_len, (unsigned long)ISIS_LSP_HEADER_SIZE)); 2305 return (0); 2306 } 2307 2308 pdu_len=EXTRACT_16BITS(header_lsp->pdu_len); 2309 if (packet_len>pdu_len) { 2310 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2311 length=pdu_len; 2312 } 2313 2314 ND_TCHECK(*header_lsp); 2315 ND_PRINT((ndo, "\n\t lsp-id: %s, seq: 0x%08x, lifetime: %5us\n\t chksum: 0x%04x", 2316 isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), 2317 EXTRACT_32BITS(header_lsp->sequence_number), 2318 EXTRACT_16BITS(header_lsp->remaining_lifetime), 2319 EXTRACT_16BITS(header_lsp->checksum))); 2320 2321 2322 osi_print_cksum(ndo, (uint8_t *)header_lsp->lsp_id, 2323 EXTRACT_16BITS(header_lsp->checksum), 12, length-12); 2324 2325 /* 2326 * Clear checksum and lifetime prior to signature verification. 2327 */ 2328 header_lsp->checksum[0] = 0; 2329 header_lsp->checksum[1] = 0; 2330 header_lsp->remaining_lifetime[0] = 0; 2331 header_lsp->remaining_lifetime[1] = 0; 2332 2333 2334 ND_PRINT((ndo, ", PDU length: %u, Flags: [ %s", 2335 pdu_len, 2336 ISIS_MASK_LSP_OL_BIT(header_lsp->typeblock) ? "Overload bit set, " : "")); 2337 2338 if (ISIS_MASK_LSP_ATT_BITS(header_lsp->typeblock)) { 2339 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_DEFAULT_BIT(header_lsp->typeblock) ? "default " : "")); 2340 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_DELAY_BIT(header_lsp->typeblock) ? "delay " : "")); 2341 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_EXPENSE_BIT(header_lsp->typeblock) ? "expense " : "")); 2342 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_ERROR_BIT(header_lsp->typeblock) ? "error " : "")); 2343 ND_PRINT((ndo, "ATT bit set, ")); 2344 } 2345 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_PARTITION_BIT(header_lsp->typeblock) ? "P bit set, " : "")); 2346 ND_PRINT((ndo, "%s ]", tok2str(isis_lsp_istype_values, "Unknown(0x%x)", 2347 ISIS_MASK_LSP_ISTYPE_BITS(header_lsp->typeblock)))); 2348 2349 if (ndo->ndo_vflag > 1) { 2350 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_LSP_HEADER_SIZE)) 2351 return(0); 2352 } 2353 2354 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2355 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2356 break; 2357 2358 case ISIS_PDU_L1_CSNP: 2359 case ISIS_PDU_L2_CSNP: 2360 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)) { 2361 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2362 isis_header->fixed_len, (unsigned long)ISIS_CSNP_HEADER_SIZE)); 2363 return (0); 2364 } 2365 2366 pdu_len=EXTRACT_16BITS(header_csnp->pdu_len); 2367 if (packet_len>pdu_len) { 2368 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2369 length=pdu_len; 2370 } 2371 2372 ND_TCHECK(*header_csnp); 2373 ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u", 2374 isis_print_id(header_csnp->source_id, NODE_ID_LEN), 2375 pdu_len)); 2376 ND_PRINT((ndo, "\n\t start lsp-id: %s", 2377 isis_print_id(header_csnp->start_lsp_id, LSP_ID_LEN))); 2378 ND_PRINT((ndo, "\n\t end lsp-id: %s", 2379 isis_print_id(header_csnp->end_lsp_id, LSP_ID_LEN))); 2380 2381 if (ndo->ndo_vflag > 1) { 2382 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_CSNP_HEADER_SIZE)) 2383 return(0); 2384 } 2385 2386 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2387 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2388 break; 2389 2390 case ISIS_PDU_L1_PSNP: 2391 case ISIS_PDU_L2_PSNP: 2392 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)) { 2393 ND_PRINT((ndo, "- bogus fixed header length %u should be %lu", 2394 isis_header->fixed_len, (unsigned long)ISIS_PSNP_HEADER_SIZE)); 2395 return (0); 2396 } 2397 2398 pdu_len=EXTRACT_16BITS(header_psnp->pdu_len); 2399 if (packet_len>pdu_len) { 2400 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2401 length=pdu_len; 2402 } 2403 2404 ND_TCHECK(*header_psnp); 2405 ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u", 2406 isis_print_id(header_psnp->source_id, NODE_ID_LEN), 2407 pdu_len)); 2408 2409 if (ndo->ndo_vflag > 1) { 2410 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_PSNP_HEADER_SIZE)) 2411 return(0); 2412 } 2413 2414 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2415 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2416 break; 2417 2418 default: 2419 (void)print_unknown_data(ndo, pptr, "\n\t ", length); 2420 return (0); 2421 } 2422 2423 /* 2424 * Now print the TLV's. 2425 */ 2426 2427 while (packet_len >= 2) { 2428 if (pptr == ndo->ndo_snapend) { 2429 return (1); 2430 } 2431 2432 if (!ND_TTEST2(*pptr, 2)) { 2433 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot (%ld) bytes", 2434 (long)(pptr - ndo->ndo_snapend))); 2435 return (1); 2436 } 2437 tlv_type = *pptr++; 2438 tlv_len = *pptr++; 2439 tmp =tlv_len; /* copy temporary len & pointer to packet data */ 2440 tptr = pptr; 2441 packet_len -= 2; 2442 if (tlv_len > packet_len) { 2443 break; 2444 } 2445 2446 /* first lets see if we know the TLVs name*/ 2447 ND_PRINT((ndo, "\n\t %s TLV #%u, length: %u", 2448 tok2str(isis_tlv_values, 2449 "unknown", 2450 tlv_type), 2451 tlv_type, 2452 tlv_len)); 2453 2454 if (tlv_len == 0) /* something is malformed */ 2455 continue; 2456 2457 /* now check if we have a decoder otherwise do a hexdump at the end*/ 2458 switch (tlv_type) { 2459 case ISIS_TLV_AREA_ADDR: 2460 if (!ND_TTEST2(*tptr, 1)) 2461 goto trunctlv; 2462 alen = *tptr++; 2463 while (tmp && alen < tmp) { 2464 ND_PRINT((ndo, "\n\t Area address (length: %u): %s", 2465 alen, 2466 isonsap_string(tptr, alen))); 2467 tptr += alen; 2468 tmp -= alen + 1; 2469 if (tmp==0) /* if this is the last area address do not attemt a boundary check */ 2470 break; 2471 if (!ND_TTEST2(*tptr, 1)) 2472 goto trunctlv; 2473 alen = *tptr++; 2474 } 2475 break; 2476 case ISIS_TLV_ISNEIGH: 2477 while (tmp >= ETHER_ADDR_LEN) { 2478 if (!ND_TTEST2(*tptr, ETHER_ADDR_LEN)) 2479 goto trunctlv; 2480 ND_PRINT((ndo, "\n\t SNPA: %s", isis_print_id(tptr, ETHER_ADDR_LEN))); 2481 tmp -= ETHER_ADDR_LEN; 2482 tptr += ETHER_ADDR_LEN; 2483 } 2484 break; 2485 2486 case ISIS_TLV_ISNEIGH_VARLEN: 2487 if (!ND_TTEST2(*tptr, 1) || tmp < 3) /* min. TLV length */ 2488 goto trunctlv; 2489 lan_alen = *tptr++; /* LAN address length */ 2490 if (lan_alen == 0) { 2491 ND_PRINT((ndo, "\n\t LAN address length 0 bytes (invalid)")); 2492 break; 2493 } 2494 tmp --; 2495 ND_PRINT((ndo, "\n\t LAN address length %u bytes ", lan_alen)); 2496 while (tmp >= lan_alen) { 2497 if (!ND_TTEST2(*tptr, lan_alen)) 2498 goto trunctlv; 2499 ND_PRINT((ndo, "\n\t\tIS Neighbor: %s", isis_print_id(tptr, lan_alen))); 2500 tmp -= lan_alen; 2501 tptr +=lan_alen; 2502 } 2503 break; 2504 2505 case ISIS_TLV_PADDING: 2506 break; 2507 2508 case ISIS_TLV_MT_IS_REACH: 2509 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2510 if (mt_len == 0) /* did something go wrong ? */ 2511 goto trunctlv; 2512 tptr+=mt_len; 2513 tmp-=mt_len; 2514 while (tmp >= 2+NODE_ID_LEN+3+1) { 2515 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2516 if (ext_is_len == 0) /* did something go wrong ? */ 2517 goto trunctlv; 2518 2519 tmp-=ext_is_len; 2520 tptr+=ext_is_len; 2521 } 2522 break; 2523 2524 case ISIS_TLV_IS_ALIAS_ID: 2525 while (tmp >= NODE_ID_LEN+1) { /* is it worth attempting a decode ? */ 2526 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2527 if (ext_is_len == 0) /* did something go wrong ? */ 2528 goto trunctlv; 2529 tmp-=ext_is_len; 2530 tptr+=ext_is_len; 2531 } 2532 break; 2533 2534 case ISIS_TLV_EXT_IS_REACH: 2535 while (tmp >= NODE_ID_LEN+3+1) { /* is it worth attempting a decode ? */ 2536 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2537 if (ext_is_len == 0) /* did something go wrong ? */ 2538 goto trunctlv; 2539 tmp-=ext_is_len; 2540 tptr+=ext_is_len; 2541 } 2542 break; 2543 case ISIS_TLV_IS_REACH: 2544 if (!ND_TTEST2(*tptr,1)) /* check if there is one byte left to read out the virtual flag */ 2545 goto trunctlv; 2546 ND_PRINT((ndo, "\n\t %s", 2547 tok2str(isis_is_reach_virtual_values, 2548 "bogus virtual flag 0x%02x", 2549 *tptr++))); 2550 tlv_is_reach = (const struct isis_tlv_is_reach *)tptr; 2551 while (tmp >= sizeof(struct isis_tlv_is_reach)) { 2552 if (!ND_TTEST(*tlv_is_reach)) 2553 goto trunctlv; 2554 ND_PRINT((ndo, "\n\t IS Neighbor: %s", 2555 isis_print_id(tlv_is_reach->neighbor_nodeid, NODE_ID_LEN))); 2556 isis_print_metric_block(ndo, &tlv_is_reach->isis_metric_block); 2557 tmp -= sizeof(struct isis_tlv_is_reach); 2558 tlv_is_reach++; 2559 } 2560 break; 2561 2562 case ISIS_TLV_ESNEIGH: 2563 tlv_es_reach = (const struct isis_tlv_es_reach *)tptr; 2564 while (tmp >= sizeof(struct isis_tlv_es_reach)) { 2565 if (!ND_TTEST(*tlv_es_reach)) 2566 goto trunctlv; 2567 ND_PRINT((ndo, "\n\t ES Neighbor: %s", 2568 isis_print_id(tlv_es_reach->neighbor_sysid, SYSTEM_ID_LEN))); 2569 isis_print_metric_block(ndo, &tlv_es_reach->isis_metric_block); 2570 tmp -= sizeof(struct isis_tlv_es_reach); 2571 tlv_es_reach++; 2572 } 2573 break; 2574 2575 /* those two TLVs share the same format */ 2576 case ISIS_TLV_INT_IP_REACH: 2577 case ISIS_TLV_EXT_IP_REACH: 2578 if (!isis_print_tlv_ip_reach(ndo, pptr, "\n\t ", tlv_len)) 2579 return (1); 2580 break; 2581 2582 case ISIS_TLV_EXTD_IP_REACH: 2583 while (tmp>0) { 2584 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 2585 if (ext_ip_len == 0) /* did something go wrong ? */ 2586 goto trunctlv; 2587 tptr+=ext_ip_len; 2588 tmp-=ext_ip_len; 2589 } 2590 break; 2591 2592 case ISIS_TLV_MT_IP_REACH: 2593 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2594 if (mt_len == 0) { /* did something go wrong ? */ 2595 goto trunctlv; 2596 } 2597 tptr+=mt_len; 2598 tmp-=mt_len; 2599 2600 while (tmp>0) { 2601 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 2602 if (ext_ip_len == 0) /* did something go wrong ? */ 2603 goto trunctlv; 2604 tptr+=ext_ip_len; 2605 tmp-=ext_ip_len; 2606 } 2607 break; 2608 2609 #ifdef INET6 2610 case ISIS_TLV_IP6_REACH: 2611 while (tmp>0) { 2612 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 2613 if (ext_ip_len == 0) /* did something go wrong ? */ 2614 goto trunctlv; 2615 tptr+=ext_ip_len; 2616 tmp-=ext_ip_len; 2617 } 2618 break; 2619 2620 case ISIS_TLV_MT_IP6_REACH: 2621 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2622 if (mt_len == 0) { /* did something go wrong ? */ 2623 goto trunctlv; 2624 } 2625 tptr+=mt_len; 2626 tmp-=mt_len; 2627 2628 while (tmp>0) { 2629 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 2630 if (ext_ip_len == 0) /* did something go wrong ? */ 2631 goto trunctlv; 2632 tptr+=ext_ip_len; 2633 tmp-=ext_ip_len; 2634 } 2635 break; 2636 2637 case ISIS_TLV_IP6ADDR: 2638 while (tmp>=sizeof(struct in6_addr)) { 2639 if (!ND_TTEST2(*tptr, sizeof(struct in6_addr))) 2640 goto trunctlv; 2641 2642 ND_PRINT((ndo, "\n\t IPv6 interface address: %s", 2643 ip6addr_string(ndo, tptr))); 2644 2645 tptr += sizeof(struct in6_addr); 2646 tmp -= sizeof(struct in6_addr); 2647 } 2648 break; 2649 #endif 2650 case ISIS_TLV_AUTH: 2651 if (!ND_TTEST2(*tptr, 1)) 2652 goto trunctlv; 2653 2654 ND_PRINT((ndo, "\n\t %s: ", 2655 tok2str(isis_subtlv_auth_values, 2656 "unknown Authentication type 0x%02x", 2657 *tptr))); 2658 2659 switch (*tptr) { 2660 case ISIS_SUBTLV_AUTH_SIMPLE: 2661 for(i=1;i<tlv_len;i++) { 2662 if (!ND_TTEST2(*(tptr + i), 1)) 2663 goto trunctlv; 2664 ND_PRINT((ndo, "%c", *(tptr + i))); 2665 } 2666 break; 2667 case ISIS_SUBTLV_AUTH_MD5: 2668 for(i=1;i<tlv_len;i++) { 2669 if (!ND_TTEST2(*(tptr + i), 1)) 2670 goto trunctlv; 2671 ND_PRINT((ndo, "%02x", *(tptr + i))); 2672 } 2673 if (tlv_len != ISIS_SUBTLV_AUTH_MD5_LEN+1) 2674 ND_PRINT((ndo, ", (malformed subTLV) ")); 2675 2676 #ifdef HAVE_LIBCRYPTO 2677 sigcheck = signature_verify(ndo, optr, length, 2678 (unsigned char *)tptr + 1); 2679 #else 2680 sigcheck = CANT_CHECK_SIGNATURE; 2681 #endif 2682 ND_PRINT((ndo, " (%s)", tok2str(signature_check_values, "Unknown", sigcheck))); 2683 2684 break; 2685 case ISIS_SUBTLV_AUTH_GENERIC: 2686 key_id = EXTRACT_16BITS((tptr+1)); 2687 ND_PRINT((ndo, "%u, password: ", key_id)); 2688 for(i=1 + sizeof(uint16_t);i<tlv_len;i++) { 2689 if (!ND_TTEST2(*(tptr + i), 1)) 2690 goto trunctlv; 2691 ND_PRINT((ndo, "%02x", *(tptr + i))); 2692 } 2693 break; 2694 case ISIS_SUBTLV_AUTH_PRIVATE: 2695 default: 2696 if (!print_unknown_data(ndo, tptr + 1, "\n\t\t ", tlv_len - 1)) 2697 return(0); 2698 break; 2699 } 2700 break; 2701 2702 case ISIS_TLV_PTP_ADJ: 2703 tlv_ptp_adj = (const struct isis_tlv_ptp_adj *)tptr; 2704 if(tmp>=1) { 2705 if (!ND_TTEST2(*tptr, 1)) 2706 goto trunctlv; 2707 ND_PRINT((ndo, "\n\t Adjacency State: %s (%u)", 2708 tok2str(isis_ptp_adjancey_values, "unknown", *tptr), 2709 *tptr)); 2710 tmp--; 2711 } 2712 if(tmp>sizeof(tlv_ptp_adj->extd_local_circuit_id)) { 2713 if (!ND_TTEST2(tlv_ptp_adj->extd_local_circuit_id, 2714 sizeof(tlv_ptp_adj->extd_local_circuit_id))) 2715 goto trunctlv; 2716 ND_PRINT((ndo, "\n\t Extended Local circuit-ID: 0x%08x", 2717 EXTRACT_32BITS(tlv_ptp_adj->extd_local_circuit_id))); 2718 tmp-=sizeof(tlv_ptp_adj->extd_local_circuit_id); 2719 } 2720 if(tmp>=SYSTEM_ID_LEN) { 2721 if (!ND_TTEST2(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN)) 2722 goto trunctlv; 2723 ND_PRINT((ndo, "\n\t Neighbor System-ID: %s", 2724 isis_print_id(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN))); 2725 tmp-=SYSTEM_ID_LEN; 2726 } 2727 if(tmp>=sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id)) { 2728 if (!ND_TTEST2(tlv_ptp_adj->neighbor_extd_local_circuit_id, 2729 sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id))) 2730 goto trunctlv; 2731 ND_PRINT((ndo, "\n\t Neighbor Extended Local circuit-ID: 0x%08x", 2732 EXTRACT_32BITS(tlv_ptp_adj->neighbor_extd_local_circuit_id))); 2733 } 2734 break; 2735 2736 case ISIS_TLV_PROTOCOLS: 2737 ND_PRINT((ndo, "\n\t NLPID(s): ")); 2738 while (tmp>0) { 2739 if (!ND_TTEST2(*(tptr), 1)) 2740 goto trunctlv; 2741 ND_PRINT((ndo, "%s (0x%02x)", 2742 tok2str(nlpid_values, 2743 "unknown", 2744 *tptr), 2745 *tptr)); 2746 if (tmp>1) /* further NPLIDs ? - put comma */ 2747 ND_PRINT((ndo, ", ")); 2748 tptr++; 2749 tmp--; 2750 } 2751 break; 2752 2753 case ISIS_TLV_MT_PORT_CAP: 2754 { 2755 if (!ND_TTEST2(*(tptr), 2)) 2756 goto trunctlv; 2757 2758 ND_PRINT((ndo, "\n\t RES: %d, MTID(s): %d", 2759 (EXTRACT_16BITS (tptr) >> 12), 2760 (EXTRACT_16BITS (tptr) & 0x0fff))); 2761 2762 tmp = tmp-2; 2763 tptr = tptr+2; 2764 2765 if (tmp) 2766 isis_print_mt_port_cap_subtlv(ndo, tptr, tmp); 2767 2768 break; 2769 } 2770 2771 case ISIS_TLV_MT_CAPABILITY: 2772 2773 if (!ND_TTEST2(*(tptr), 2)) 2774 goto trunctlv; 2775 2776 ND_PRINT((ndo, "\n\t O: %d, RES: %d, MTID(s): %d", 2777 (EXTRACT_16BITS(tptr) >> 15) & 0x01, 2778 (EXTRACT_16BITS(tptr) >> 12) & 0x07, 2779 EXTRACT_16BITS(tptr) & 0x0fff)); 2780 2781 tmp = tmp-2; 2782 tptr = tptr+2; 2783 2784 if (tmp) 2785 isis_print_mt_capability_subtlv(ndo, tptr, tmp); 2786 2787 break; 2788 2789 case ISIS_TLV_TE_ROUTER_ID: 2790 if (!ND_TTEST2(*pptr, sizeof(struct in_addr))) 2791 goto trunctlv; 2792 ND_PRINT((ndo, "\n\t Traffic Engineering Router ID: %s", ipaddr_string(ndo, pptr))); 2793 break; 2794 2795 case ISIS_TLV_IPADDR: 2796 while (tmp>=sizeof(struct in_addr)) { 2797 if (!ND_TTEST2(*tptr, sizeof(struct in_addr))) 2798 goto trunctlv; 2799 ND_PRINT((ndo, "\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr))); 2800 tptr += sizeof(struct in_addr); 2801 tmp -= sizeof(struct in_addr); 2802 } 2803 break; 2804 2805 case ISIS_TLV_HOSTNAME: 2806 ND_PRINT((ndo, "\n\t Hostname: ")); 2807 while (tmp>0) { 2808 if (!ND_TTEST2(*tptr, 1)) 2809 goto trunctlv; 2810 ND_PRINT((ndo, "%c", *tptr++)); 2811 tmp--; 2812 } 2813 break; 2814 2815 case ISIS_TLV_SHARED_RISK_GROUP: 2816 if (tmp < NODE_ID_LEN) 2817 break; 2818 if (!ND_TTEST2(*tptr, NODE_ID_LEN)) 2819 goto trunctlv; 2820 ND_PRINT((ndo, "\n\t IS Neighbor: %s", isis_print_id(tptr, NODE_ID_LEN))); 2821 tptr+=(NODE_ID_LEN); 2822 tmp-=(NODE_ID_LEN); 2823 2824 if (tmp < 1) 2825 break; 2826 if (!ND_TTEST2(*tptr, 1)) 2827 goto trunctlv; 2828 ND_PRINT((ndo, ", Flags: [%s]", ISIS_MASK_TLV_SHARED_RISK_GROUP(*tptr++) ? "numbered" : "unnumbered")); 2829 tmp--; 2830 2831 if (tmp < sizeof(struct in_addr)) 2832 break; 2833 if (!ND_TTEST2(*tptr, sizeof(struct in_addr))) 2834 goto trunctlv; 2835 ND_PRINT((ndo, "\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr))); 2836 tptr+=sizeof(struct in_addr); 2837 tmp-=sizeof(struct in_addr); 2838 2839 if (tmp < sizeof(struct in_addr)) 2840 break; 2841 if (!ND_TTEST2(*tptr, sizeof(struct in_addr))) 2842 goto trunctlv; 2843 ND_PRINT((ndo, "\n\t IPv4 neighbor address: %s", ipaddr_string(ndo, tptr))); 2844 tptr+=sizeof(struct in_addr); 2845 tmp-=sizeof(struct in_addr); 2846 2847 while (tmp>=4) { 2848 if (!ND_TTEST2(*tptr, 4)) 2849 goto trunctlv; 2850 ND_PRINT((ndo, "\n\t Link-ID: 0x%08x", EXTRACT_32BITS(tptr))); 2851 tptr+=4; 2852 tmp-=4; 2853 } 2854 break; 2855 2856 case ISIS_TLV_LSP: 2857 tlv_lsp = (const struct isis_tlv_lsp *)tptr; 2858 while(tmp>=sizeof(struct isis_tlv_lsp)) { 2859 if (!ND_TTEST((tlv_lsp->lsp_id)[LSP_ID_LEN-1])) 2860 goto trunctlv; 2861 ND_PRINT((ndo, "\n\t lsp-id: %s", 2862 isis_print_id(tlv_lsp->lsp_id, LSP_ID_LEN))); 2863 if (!ND_TTEST2(tlv_lsp->sequence_number, 4)) 2864 goto trunctlv; 2865 ND_PRINT((ndo, ", seq: 0x%08x", EXTRACT_32BITS(tlv_lsp->sequence_number))); 2866 if (!ND_TTEST2(tlv_lsp->remaining_lifetime, 2)) 2867 goto trunctlv; 2868 ND_PRINT((ndo, ", lifetime: %5ds", EXTRACT_16BITS(tlv_lsp->remaining_lifetime))); 2869 if (!ND_TTEST2(tlv_lsp->checksum, 2)) 2870 goto trunctlv; 2871 ND_PRINT((ndo, ", chksum: 0x%04x", EXTRACT_16BITS(tlv_lsp->checksum))); 2872 tmp-=sizeof(struct isis_tlv_lsp); 2873 tlv_lsp++; 2874 } 2875 break; 2876 2877 case ISIS_TLV_CHECKSUM: 2878 if (tmp < ISIS_TLV_CHECKSUM_MINLEN) 2879 break; 2880 if (!ND_TTEST2(*tptr, ISIS_TLV_CHECKSUM_MINLEN)) 2881 goto trunctlv; 2882 ND_PRINT((ndo, "\n\t checksum: 0x%04x ", EXTRACT_16BITS(tptr))); 2883 /* do not attempt to verify the checksum if it is zero 2884 * most likely a HMAC-MD5 TLV is also present and 2885 * to avoid conflicts the checksum TLV is zeroed. 2886 * see rfc3358 for details 2887 */ 2888 osi_print_cksum(ndo, optr, EXTRACT_16BITS(tptr), tptr-optr, length); 2889 break; 2890 2891 case ISIS_TLV_MT_SUPPORTED: 2892 if (tmp < ISIS_TLV_MT_SUPPORTED_MINLEN) 2893 break; 2894 while (tmp>1) { 2895 /* length can only be a multiple of 2, otherwise there is 2896 something broken -> so decode down until length is 1 */ 2897 if (tmp!=1) { 2898 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2899 if (mt_len == 0) /* did something go wrong ? */ 2900 goto trunctlv; 2901 tptr+=mt_len; 2902 tmp-=mt_len; 2903 } else { 2904 ND_PRINT((ndo, "\n\t malformed MT-ID")); 2905 break; 2906 } 2907 } 2908 break; 2909 2910 case ISIS_TLV_RESTART_SIGNALING: 2911 /* first attempt to decode the flags */ 2912 if (tmp < ISIS_TLV_RESTART_SIGNALING_FLAGLEN) 2913 break; 2914 if (!ND_TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_FLAGLEN)) 2915 goto trunctlv; 2916 ND_PRINT((ndo, "\n\t Flags [%s]", 2917 bittok2str(isis_restart_flag_values, "none", *tptr))); 2918 tptr+=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 2919 tmp-=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 2920 2921 /* is there anything other than the flags field? */ 2922 if (tmp == 0) 2923 break; 2924 2925 if (tmp < ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN) 2926 break; 2927 if (!ND_TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN)) 2928 goto trunctlv; 2929 2930 ND_PRINT((ndo, ", Remaining holding time %us", EXTRACT_16BITS(tptr))); 2931 tptr+=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 2932 tmp-=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 2933 2934 /* is there an additional sysid field present ?*/ 2935 if (tmp == SYSTEM_ID_LEN) { 2936 if (!ND_TTEST2(*tptr, SYSTEM_ID_LEN)) 2937 goto trunctlv; 2938 ND_PRINT((ndo, ", for %s", isis_print_id(tptr,SYSTEM_ID_LEN))); 2939 } 2940 break; 2941 2942 case ISIS_TLV_IDRP_INFO: 2943 if (tmp < ISIS_TLV_IDRP_INFO_MINLEN) 2944 break; 2945 if (!ND_TTEST2(*tptr, ISIS_TLV_IDRP_INFO_MINLEN)) 2946 goto trunctlv; 2947 ND_PRINT((ndo, "\n\t Inter-Domain Information Type: %s", 2948 tok2str(isis_subtlv_idrp_values, 2949 "Unknown (0x%02x)", 2950 *tptr))); 2951 switch (*tptr++) { 2952 case ISIS_SUBTLV_IDRP_ASN: 2953 if (!ND_TTEST2(*tptr, 2)) /* fetch AS number */ 2954 goto trunctlv; 2955 ND_PRINT((ndo, "AS Number: %u", EXTRACT_16BITS(tptr))); 2956 break; 2957 case ISIS_SUBTLV_IDRP_LOCAL: 2958 case ISIS_SUBTLV_IDRP_RES: 2959 default: 2960 if (!print_unknown_data(ndo, tptr, "\n\t ", tlv_len - 1)) 2961 return(0); 2962 break; 2963 } 2964 break; 2965 2966 case ISIS_TLV_LSP_BUFFERSIZE: 2967 if (tmp < ISIS_TLV_LSP_BUFFERSIZE_MINLEN) 2968 break; 2969 if (!ND_TTEST2(*tptr, ISIS_TLV_LSP_BUFFERSIZE_MINLEN)) 2970 goto trunctlv; 2971 ND_PRINT((ndo, "\n\t LSP Buffersize: %u", EXTRACT_16BITS(tptr))); 2972 break; 2973 2974 case ISIS_TLV_PART_DIS: 2975 while (tmp >= SYSTEM_ID_LEN) { 2976 if (!ND_TTEST2(*tptr, SYSTEM_ID_LEN)) 2977 goto trunctlv; 2978 ND_PRINT((ndo, "\n\t %s", isis_print_id(tptr, SYSTEM_ID_LEN))); 2979 tptr+=SYSTEM_ID_LEN; 2980 tmp-=SYSTEM_ID_LEN; 2981 } 2982 break; 2983 2984 case ISIS_TLV_PREFIX_NEIGH: 2985 if (tmp < sizeof(struct isis_metric_block)) 2986 break; 2987 if (!ND_TTEST2(*tptr, sizeof(struct isis_metric_block))) 2988 goto trunctlv; 2989 ND_PRINT((ndo, "\n\t Metric Block")); 2990 isis_print_metric_block(ndo, (const struct isis_metric_block *)tptr); 2991 tptr+=sizeof(struct isis_metric_block); 2992 tmp-=sizeof(struct isis_metric_block); 2993 2994 while(tmp>0) { 2995 if (!ND_TTEST2(*tptr, 1)) 2996 goto trunctlv; 2997 prefix_len=*tptr++; /* read out prefix length in semioctets*/ 2998 if (prefix_len < 2) { 2999 ND_PRINT((ndo, "\n\t\tAddress: prefix length %u < 2", prefix_len)); 3000 break; 3001 } 3002 tmp--; 3003 if (tmp < prefix_len/2) 3004 break; 3005 if (!ND_TTEST2(*tptr, prefix_len / 2)) 3006 goto trunctlv; 3007 ND_PRINT((ndo, "\n\t\tAddress: %s/%u", 3008 isonsap_string(tptr, prefix_len / 2), prefix_len * 4)); 3009 tptr+=prefix_len/2; 3010 tmp-=prefix_len/2; 3011 } 3012 break; 3013 3014 case ISIS_TLV_IIH_SEQNR: 3015 if (tmp < ISIS_TLV_IIH_SEQNR_MINLEN) 3016 break; 3017 if (!ND_TTEST2(*tptr, ISIS_TLV_IIH_SEQNR_MINLEN)) /* check if four bytes are on the wire */ 3018 goto trunctlv; 3019 ND_PRINT((ndo, "\n\t Sequence number: %u", EXTRACT_32BITS(tptr))); 3020 break; 3021 3022 case ISIS_TLV_VENDOR_PRIVATE: 3023 if (tmp < ISIS_TLV_VENDOR_PRIVATE_MINLEN) 3024 break; 3025 if (!ND_TTEST2(*tptr, ISIS_TLV_VENDOR_PRIVATE_MINLEN)) /* check if enough byte for a full oui */ 3026 goto trunctlv; 3027 vendor_id = EXTRACT_24BITS(tptr); 3028 ND_PRINT((ndo, "\n\t Vendor: %s (%u)", 3029 tok2str(oui_values, "Unknown", vendor_id), 3030 vendor_id)); 3031 tptr+=3; 3032 tmp-=3; 3033 if (tmp > 0) /* hexdump the rest */ 3034 if (!print_unknown_data(ndo, tptr, "\n\t\t", tmp)) 3035 return(0); 3036 break; 3037 /* 3038 * FIXME those are the defined TLVs that lack a decoder 3039 * you are welcome to contribute code ;-) 3040 */ 3041 3042 case ISIS_TLV_DECNET_PHASE4: 3043 case ISIS_TLV_LUCENT_PRIVATE: 3044 case ISIS_TLV_IPAUTH: 3045 case ISIS_TLV_NORTEL_PRIVATE1: 3046 case ISIS_TLV_NORTEL_PRIVATE2: 3047 3048 default: 3049 if (ndo->ndo_vflag <= 1) { 3050 if (!print_unknown_data(ndo, pptr, "\n\t\t", tlv_len)) 3051 return(0); 3052 } 3053 break; 3054 } 3055 /* do we want to see an additionally hexdump ? */ 3056 if (ndo->ndo_vflag> 1) { 3057 if (!print_unknown_data(ndo, pptr, "\n\t ", tlv_len)) 3058 return(0); 3059 } 3060 3061 pptr += tlv_len; 3062 packet_len -= tlv_len; 3063 } 3064 3065 if (packet_len != 0) { 3066 ND_PRINT((ndo, "\n\t %u straggler bytes", packet_len)); 3067 } 3068 return (1); 3069 3070 trunc: 3071 ND_PRINT((ndo, "[|isis]")); 3072 return (1); 3073 3074 trunctlv: 3075 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); 3076 return(1); 3077 } 3078 3079 static void 3080 osi_print_cksum(netdissect_options *ndo, 3081 const uint8_t *pptr, uint16_t checksum, 3082 u_int checksum_offset, u_int length) 3083 { 3084 uint16_t calculated_checksum; 3085 3086 /* do not attempt to verify the checksum if it is zero, 3087 * if the total length is nonsense, 3088 * if the offset is nonsense, 3089 * or the base pointer is not sane 3090 */ 3091 if (!checksum 3092 || length > (u_int)ndo->ndo_snaplen 3093 || checksum_offset > (uint)ndo->ndo_snaplen 3094 || checksum_offset > length) { 3095 ND_PRINT((ndo, "(unverified)")); 3096 } else { 3097 unsigned char *truncated = "trunc"; 3098 #if 0 3099 printf("\nosi_print_cksum: %p %u %u %u\n", pptr, checksum_offset, length, ndo->ndo_snaplen); 3100 ND_TCHECK2(pptr, checksum_offset+length); 3101 #endif 3102 calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); 3103 if (checksum == calculated_checksum) { 3104 ND_PRINT((ndo, " (correct)")); 3105 } else { 3106 truncated = "incorrect"; 3107 #if 0 3108 trunc: 3109 #endif 3110 ND_PRINT((ndo, " (%s should be 0x%04x)", truncated, calculated_checksum)); 3111 } 3112 } 3113 } 3114 3115 /* 3116 * Local Variables: 3117 * c-style: whitesmith 3118 * c-basic-offset: 8 3119 * End: 3120 */ 3121