xref: /freebsd/contrib/tcpdump/print-ppp.c (revision 0572ccaa4543b0abef8ef81e384c1d04de9f3da1)
1 /*
2  * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  *
21  * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22  * complete PPP support.
23  *
24  * $FreeBSD$
25  */
26 
27 /*
28  * TODO:
29  * o resolve XXX as much as possible
30  * o MP support
31  * o BAP support
32  */
33 
34 #ifndef lint
35 static const char rcsid[] _U_ =
36     "@(#) $Header: /tcpdump/master/tcpdump/print-ppp.c,v 1.114 2005-12-05 11:35:58 hannes Exp $ (LBL)";
37 #endif
38 
39 #ifdef HAVE_CONFIG_H
40 #include "config.h"
41 #endif
42 
43 #include <tcpdump-stdinc.h>
44 
45 #ifdef __bsdi__
46 #include <net/slcompress.h>
47 #include <net/if_ppp.h>
48 #endif
49 
50 #include <pcap.h>
51 #include <stdio.h>
52 #include <stdlib.h>
53 
54 #include "interface.h"
55 #include "extract.h"
56 #include "addrtoname.h"
57 #include "ppp.h"
58 #include "chdlc.h"
59 #include "ethertype.h"
60 #include "oui.h"
61 
62 /*
63  * The following constatns are defined by IANA. Please refer to
64  *    http://www.isi.edu/in-notes/iana/assignments/ppp-numbers
65  * for the up-to-date information.
66  */
67 
68 /* Protocol Codes defined in ppp.h */
69 
70 struct tok ppptype2str[] = {
71         { PPP_IP,	  "IP" },
72         { PPP_OSI,	  "OSI" },
73         { PPP_NS,	  "NS" },
74         { PPP_DECNET,	  "DECNET" },
75         { PPP_APPLE,	  "APPLE" },
76 	{ PPP_IPX,	  "IPX" },
77 	{ PPP_VJC,	  "VJC IP" },
78 	{ PPP_VJNC,	  "VJNC IP" },
79 	{ PPP_BRPDU,	  "BRPDU" },
80 	{ PPP_STII,	  "STII" },
81 	{ PPP_VINES,	  "VINES" },
82 	{ PPP_MPLS_UCAST, "MPLS" },
83 	{ PPP_MPLS_MCAST, "MPLS" },
84         { PPP_COMP,       "Compressed"},
85         { PPP_ML,         "MLPPP"},
86         { PPP_IPV6,       "IP6"},
87 
88 	{ PPP_HELLO,	  "HELLO" },
89 	{ PPP_LUXCOM,	  "LUXCOM" },
90 	{ PPP_SNS,	  "SNS" },
91 	{ PPP_IPCP,	  "IPCP" },
92 	{ PPP_OSICP,	  "OSICP" },
93 	{ PPP_NSCP,	  "NSCP" },
94 	{ PPP_DECNETCP,   "DECNETCP" },
95 	{ PPP_APPLECP,	  "APPLECP" },
96 	{ PPP_IPXCP,	  "IPXCP" },
97 	{ PPP_STIICP,	  "STIICP" },
98 	{ PPP_VINESCP,	  "VINESCP" },
99         { PPP_IPV6CP,     "IP6CP" },
100 	{ PPP_MPLSCP,	  "MPLSCP" },
101 
102 	{ PPP_LCP,	  "LCP" },
103 	{ PPP_PAP,	  "PAP" },
104 	{ PPP_LQM,	  "LQM" },
105 	{ PPP_CHAP,	  "CHAP" },
106 	{ PPP_EAP,	  "EAP" },
107 	{ PPP_SPAP,	  "SPAP" },
108 	{ PPP_SPAP_OLD,	  "Old-SPAP" },
109 	{ PPP_BACP,	  "BACP" },
110 	{ PPP_BAP,	  "BAP" },
111 	{ PPP_MPCP,	  "MLPPP-CP" },
112 	{ 0,		  NULL }
113 };
114 
115 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
116 
117 #define CPCODES_VEXT		0	/* Vendor-Specific (RFC2153) */
118 #define CPCODES_CONF_REQ	1	/* Configure-Request */
119 #define CPCODES_CONF_ACK	2	/* Configure-Ack */
120 #define CPCODES_CONF_NAK	3	/* Configure-Nak */
121 #define CPCODES_CONF_REJ	4	/* Configure-Reject */
122 #define CPCODES_TERM_REQ	5	/* Terminate-Request */
123 #define CPCODES_TERM_ACK	6	/* Terminate-Ack */
124 #define CPCODES_CODE_REJ	7	/* Code-Reject */
125 #define CPCODES_PROT_REJ	8	/* Protocol-Reject (LCP only) */
126 #define CPCODES_ECHO_REQ	9	/* Echo-Request (LCP only) */
127 #define CPCODES_ECHO_RPL	10	/* Echo-Reply (LCP only) */
128 #define CPCODES_DISC_REQ	11	/* Discard-Request (LCP only) */
129 #define CPCODES_ID		12	/* Identification (LCP only) RFC1570 */
130 #define CPCODES_TIME_REM	13	/* Time-Remaining (LCP only) RFC1570 */
131 #define CPCODES_RESET_REQ	14	/* Reset-Request (CCP only) RFC1962 */
132 #define CPCODES_RESET_REP	15	/* Reset-Reply (CCP only) */
133 
134 struct tok cpcodes[] = {
135 	{CPCODES_VEXT,      "Vendor-Extension"}, /* RFC2153 */
136 	{CPCODES_CONF_REQ,  "Conf-Request"},
137         {CPCODES_CONF_ACK,  "Conf-Ack"},
138 	{CPCODES_CONF_NAK,  "Conf-Nack"},
139 	{CPCODES_CONF_REJ,  "Conf-Reject"},
140 	{CPCODES_TERM_REQ,  "Term-Request"},
141 	{CPCODES_TERM_ACK,  "Term-Ack"},
142 	{CPCODES_CODE_REJ,  "Code-Reject"},
143 	{CPCODES_PROT_REJ,  "Prot-Reject"},
144 	{CPCODES_ECHO_REQ,  "Echo-Request"},
145 	{CPCODES_ECHO_RPL,  "Echo-Reply"},
146 	{CPCODES_DISC_REQ,  "Disc-Req"},
147 	{CPCODES_ID,        "Ident"},            /* RFC1570 */
148 	{CPCODES_TIME_REM,  "Time-Rem"},         /* RFC1570 */
149 	{CPCODES_RESET_REQ, "Reset-Req"},        /* RFC1962 */
150 	{CPCODES_RESET_REP, "Reset-Ack"},        /* RFC1962 */
151         {0,                 NULL}
152 };
153 
154 /* LCP Config Options */
155 
156 #define LCPOPT_VEXT	0
157 #define LCPOPT_MRU	1
158 #define LCPOPT_ACCM	2
159 #define LCPOPT_AP	3
160 #define LCPOPT_QP	4
161 #define LCPOPT_MN	5
162 #define LCPOPT_DEP6	6
163 #define LCPOPT_PFC	7
164 #define LCPOPT_ACFC	8
165 #define LCPOPT_FCSALT	9
166 #define LCPOPT_SDP	10
167 #define LCPOPT_NUMMODE	11
168 #define LCPOPT_DEP12	12
169 #define LCPOPT_CBACK	13
170 #define LCPOPT_DEP14	14
171 #define LCPOPT_DEP15	15
172 #define LCPOPT_DEP16	16
173 #define LCPOPT_MLMRRU	17
174 #define LCPOPT_MLSSNHF	18
175 #define LCPOPT_MLED	19
176 #define LCPOPT_PROP	20
177 #define LCPOPT_DCEID	21
178 #define LCPOPT_MPP	22
179 #define LCPOPT_LD	23
180 #define LCPOPT_LCPAOPT	24
181 #define LCPOPT_COBS	25
182 #define LCPOPT_PE	26
183 #define LCPOPT_MLHF	27
184 #define LCPOPT_I18N	28
185 #define LCPOPT_SDLOS	29
186 #define LCPOPT_PPPMUX	30
187 
188 #define LCPOPT_MIN LCPOPT_VEXT
189 #define LCPOPT_MAX LCPOPT_PPPMUX
190 
191 static const char *lcpconfopts[] = {
192 	"Vend-Ext",		/* (0) */
193 	"MRU",			/* (1) */
194 	"ACCM",			/* (2) */
195 	"Auth-Prot",		/* (3) */
196 	"Qual-Prot",		/* (4) */
197 	"Magic-Num",		/* (5) */
198 	"deprecated(6)",	/* used to be a Quality Protocol */
199 	"PFC",			/* (7) */
200 	"ACFC",			/* (8) */
201 	"FCS-Alt",		/* (9) */
202 	"SDP",			/* (10) */
203 	"Num-Mode",		/* (11) */
204 	"deprecated(12)",	/* used to be a Multi-Link-Procedure*/
205 	"Call-Back",		/* (13) */
206 	"deprecated(14)",	/* used to be a Connect-Time */
207 	"deprecated(15)",	/* used to be a Compund-Frames */
208 	"deprecated(16)",	/* used to be a Nominal-Data-Encap */
209 	"MRRU",			/* (17) */
210 	"12-Bit seq #",		/* (18) */
211 	"End-Disc",		/* (19) */
212 	"Proprietary",		/* (20) */
213 	"DCE-Id",		/* (21) */
214 	"MP+",			/* (22) */
215 	"Link-Disc",		/* (23) */
216 	"LCP-Auth-Opt",		/* (24) */
217 	"COBS",			/* (25) */
218 	"Prefix-elision",	/* (26) */
219 	"Multilink-header-Form",/* (27) */
220 	"I18N",			/* (28) */
221 	"SDL-over-SONET/SDH",	/* (29) */
222 	"PPP-Muxing",		/* (30) */
223 };
224 
225 /* ECP - to be supported */
226 
227 /* CCP Config Options */
228 
229 #define CCPOPT_OUI	0	/* RFC1962 */
230 #define CCPOPT_PRED1	1	/* RFC1962 */
231 #define CCPOPT_PRED2	2	/* RFC1962 */
232 #define CCPOPT_PJUMP	3	/* RFC1962 */
233 /* 4-15 unassigned */
234 #define CCPOPT_HPPPC	16	/* RFC1962 */
235 #define CCPOPT_STACLZS	17	/* RFC1974 */
236 #define CCPOPT_MPPC	18	/* RFC2118 */
237 #define CCPOPT_GFZA	19	/* RFC1962 */
238 #define CCPOPT_V42BIS	20	/* RFC1962 */
239 #define CCPOPT_BSDCOMP	21	/* RFC1977 */
240 /* 22 unassigned */
241 #define CCPOPT_LZSDCP	23	/* RFC1967 */
242 #define CCPOPT_MVRCA	24	/* RFC1975 */
243 #define CCPOPT_DEC	25	/* RFC1976 */
244 #define CCPOPT_DEFLATE	26	/* RFC1979 */
245 /* 27-254 unassigned */
246 #define CCPOPT_RESV	255	/* RFC1962 */
247 
248 const struct tok ccpconfopts_values[] = {
249         { CCPOPT_OUI, "OUI" },
250         { CCPOPT_PRED1, "Pred-1" },
251         { CCPOPT_PRED2, "Pred-2" },
252         { CCPOPT_PJUMP, "Puddle" },
253         { CCPOPT_HPPPC, "HP-PPC" },
254         { CCPOPT_STACLZS, "Stac-LZS" },
255         { CCPOPT_MPPC, "MPPC" },
256         { CCPOPT_GFZA, "Gand-FZA" },
257         { CCPOPT_V42BIS, "V.42bis" },
258         { CCPOPT_BSDCOMP, "BSD-Comp" },
259         { CCPOPT_LZSDCP, "LZS-DCP" },
260         { CCPOPT_MVRCA, "MVRCA" },
261         { CCPOPT_DEC, "DEC" },
262         { CCPOPT_DEFLATE, "Deflate" },
263         { CCPOPT_RESV, "Reserved"},
264         {0,                 NULL}
265 };
266 
267 /* BACP Config Options */
268 
269 #define BACPOPT_FPEER	1	/* RFC2125 */
270 
271 const struct tok bacconfopts_values[] = {
272         { BACPOPT_FPEER, "Favored-Peer" },
273         {0,                 NULL}
274 };
275 
276 
277 /* SDCP - to be supported */
278 
279 /* IPCP Config Options */
280 #define IPCPOPT_2ADDR	1	/* RFC1172, RFC1332 (deprecated) */
281 #define IPCPOPT_IPCOMP	2	/* RFC1332 */
282 #define IPCPOPT_ADDR	3	/* RFC1332 */
283 #define IPCPOPT_MOBILE4	4	/* RFC2290 */
284 #define IPCPOPT_PRIDNS	129	/* RFC1877 */
285 #define IPCPOPT_PRINBNS	130	/* RFC1877 */
286 #define IPCPOPT_SECDNS	131	/* RFC1877 */
287 #define IPCPOPT_SECNBNS	132	/* RFC1877 */
288 
289 struct tok ipcpopt_values[] = {
290         { IPCPOPT_2ADDR, "IP-Addrs" },
291         { IPCPOPT_IPCOMP, "IP-Comp" },
292         { IPCPOPT_ADDR, "IP-Addr" },
293         { IPCPOPT_MOBILE4, "Home-Addr" },
294         { IPCPOPT_PRIDNS, "Pri-DNS" },
295         { IPCPOPT_PRINBNS, "Pri-NBNS" },
296         { IPCPOPT_SECDNS, "Sec-DNS" },
297         { IPCPOPT_SECNBNS, "Sec-NBNS" },
298 	{ 0,		  NULL }
299 };
300 
301 #define IPCPOPT_IPCOMP_HDRCOMP 0x61  /* rfc3544 */
302 #define IPCPOPT_IPCOMP_MINLEN    14
303 
304 struct tok ipcpopt_compproto_values[] = {
305         { PPP_VJC, "VJ-Comp" },
306         { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
307 	{ 0,		  NULL }
308 };
309 
310 struct tok ipcpopt_compproto_subopt_values[] = {
311         { 1, "RTP-Compression" },
312         { 2, "Enhanced RTP-Compression" },
313 	{ 0,		  NULL }
314 };
315 
316 /* IP6CP Config Options */
317 #define IP6CP_IFID      1
318 
319 struct tok ip6cpopt_values[] = {
320         { IP6CP_IFID, "Interface-ID" },
321 	{ 0,		  NULL }
322 };
323 
324 /* ATCP - to be supported */
325 /* OSINLCP - to be supported */
326 /* BVCP - to be supported */
327 /* BCP - to be supported */
328 /* IPXCP - to be supported */
329 /* MPLSCP - to be supported */
330 
331 /* Auth Algorithms */
332 
333 /* 0-4 Reserved (RFC1994) */
334 #define AUTHALG_CHAPMD5	5	/* RFC1994 */
335 #define AUTHALG_MSCHAP1	128	/* RFC2433 */
336 #define AUTHALG_MSCHAP2	129	/* RFC2795 */
337 
338 struct tok authalg_values[] = {
339         { AUTHALG_CHAPMD5, "MD5" },
340         { AUTHALG_MSCHAP1, "MS-CHAPv1" },
341         { AUTHALG_MSCHAP2, "MS-CHAPv2" },
342 	{ 0,		  NULL }
343 };
344 
345 /* FCS Alternatives - to be supported */
346 
347 /* Multilink Endpoint Discriminator (RFC1717) */
348 #define MEDCLASS_NULL	0	/* Null Class */
349 #define MEDCLASS_LOCAL	1	/* Locally Assigned */
350 #define MEDCLASS_IPV4	2	/* Internet Protocol (IPv4) */
351 #define MEDCLASS_MAC	3	/* IEEE 802.1 global MAC address */
352 #define MEDCLASS_MNB	4	/* PPP Magic Number Block */
353 #define MEDCLASS_PSNDN	5	/* Public Switched Network Director Number */
354 
355 /* PPP LCP Callback */
356 #define CALLBACK_AUTH	0	/* Location determined by user auth */
357 #define CALLBACK_DSTR	1	/* Dialing string */
358 #define CALLBACK_LID	2	/* Location identifier */
359 #define CALLBACK_E164	3	/* E.164 number */
360 #define CALLBACK_X500	4	/* X.500 distinguished name */
361 #define CALLBACK_CBCP	6	/* Location is determined during CBCP nego */
362 
363 struct tok ppp_callback_values[] = {
364         { CALLBACK_AUTH, "UserAuth" },
365         { CALLBACK_DSTR, "DialString" },
366         { CALLBACK_LID, "LocalID" },
367         { CALLBACK_E164, "E.164" },
368         { CALLBACK_X500, "X.500" },
369         { CALLBACK_CBCP, "CBCP" },
370 	{ 0,		  NULL }
371 };
372 
373 /* CHAP */
374 
375 #define CHAP_CHAL	1
376 #define CHAP_RESP	2
377 #define CHAP_SUCC	3
378 #define CHAP_FAIL	4
379 
380 struct tok chapcode_values[] = {
381 	{ CHAP_CHAL, "Challenge" },
382 	{ CHAP_RESP, "Response" },
383 	{ CHAP_SUCC, "Success" },
384 	{ CHAP_FAIL, "Fail" },
385         { 0, NULL}
386 };
387 
388 /* PAP */
389 
390 #define PAP_AREQ	1
391 #define PAP_AACK	2
392 #define PAP_ANAK	3
393 
394 struct tok papcode_values[] = {
395         { PAP_AREQ, "Auth-Req" },
396         { PAP_AACK, "Auth-ACK" },
397         { PAP_ANAK, "Auth-NACK" },
398         { 0, NULL }
399 };
400 
401 /* BAP */
402 #define BAP_CALLREQ	1
403 #define BAP_CALLRES	2
404 #define BAP_CBREQ	3
405 #define BAP_CBRES	4
406 #define BAP_LDQREQ	5
407 #define BAP_LDQRES	6
408 #define BAP_CSIND	7
409 #define BAP_CSRES	8
410 
411 static void handle_ctrl_proto (u_int proto,const u_char *p, int length);
412 static void handle_chap (const u_char *p, int length);
413 static void handle_pap (const u_char *p, int length);
414 static void handle_bap (const u_char *p, int length);
415 static void handle_mlppp(const u_char *p, int length);
416 static int print_lcp_config_options (const u_char *p, int);
417 static int print_ipcp_config_options (const u_char *p, int);
418 static int print_ip6cp_config_options (const u_char *p, int);
419 static int print_ccp_config_options (const u_char *p, int);
420 static int print_bacp_config_options (const u_char *p, int);
421 static void handle_ppp (u_int proto, const u_char *p, int length);
422 static void ppp_hdlc(const u_char *p, int length);
423 
424 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
425 static void
426 handle_ctrl_proto(u_int proto, const u_char *pptr, int length)
427 {
428 	const char *typestr;
429 	u_int code, len;
430 	int (*pfunc)(const u_char *, int);
431 	int x, j;
432         const u_char *tptr;
433 
434         tptr=pptr;
435 
436         typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
437         printf("%s, ",typestr);
438 
439 	if (length < 4) /* FIXME weak boundary checking */
440 		goto trunc;
441 	TCHECK2(*tptr, 2);
442 
443 	code = *tptr++;
444 
445         printf("%s (0x%02x), id %u, length %u",
446                tok2str(cpcodes, "Unknown Opcode",code),
447                code,
448                *tptr++, /* ID */
449                length+2);
450 
451         if (!vflag)
452                 return;
453 
454 	if (length <= 4)
455 		return;    /* there may be a NULL confreq etc. */
456 
457 	TCHECK2(*tptr, 2);
458 	len = EXTRACT_16BITS(tptr);
459 	tptr += 2;
460 
461         printf("\n\tencoded length %u (=Option(s) length %u)",len,len-4);
462 
463         if (vflag>1)
464             print_unknown_data(pptr-2,"\n\t",6);
465 
466 
467 	switch (code) {
468 	case CPCODES_VEXT:
469 		if (length < 11)
470 			break;
471 		TCHECK2(*tptr, 4);
472 		printf("\n\t  Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
473 		tptr += 4;
474 		TCHECK2(*tptr, 3);
475 		printf(" Vendor: %s (%u)",
476                        tok2str(oui_values,"Unknown",EXTRACT_24BITS(tptr)),
477                        EXTRACT_24BITS(tptr));
478 		/* XXX: need to decode Kind and Value(s)? */
479 		break;
480 	case CPCODES_CONF_REQ:
481 	case CPCODES_CONF_ACK:
482 	case CPCODES_CONF_NAK:
483 	case CPCODES_CONF_REJ:
484 		x = len - 4;	/* Code(1), Identifier(1) and Length(2) */
485 		do {
486 			switch (proto) {
487 			case PPP_LCP:
488 				pfunc = print_lcp_config_options;
489 				break;
490 			case PPP_IPCP:
491 				pfunc = print_ipcp_config_options;
492 				break;
493 			case PPP_IPV6CP:
494 				pfunc = print_ip6cp_config_options;
495 				break;
496 			case PPP_CCP:
497 				pfunc = print_ccp_config_options;
498 				break;
499 			case PPP_BACP:
500 				pfunc = print_bacp_config_options;
501 				break;
502 			default:
503 				/*
504 				 * No print routine for the options for
505 				 * this protocol.
506 				 */
507 				pfunc = NULL;
508 				break;
509 			}
510 
511 			if (pfunc == NULL) /* catch the above null pointer if unknown CP */
512 				break;
513 
514 			if ((j = (*pfunc)(tptr, len)) == 0)
515 				break;
516 			x -= j;
517 			tptr += j;
518 		} while (x > 0);
519 		break;
520 
521 	case CPCODES_TERM_REQ:
522 	case CPCODES_TERM_ACK:
523 		/* XXX: need to decode Data? */
524 		break;
525 	case CPCODES_CODE_REJ:
526 		/* XXX: need to decode Rejected-Packet? */
527 		break;
528 	case CPCODES_PROT_REJ:
529 		if (length < 6)
530 			break;
531 		TCHECK2(*tptr, 2);
532 		printf("\n\t  Rejected %s Protocol (0x%04x)",
533 		       tok2str(ppptype2str,"unknown", EXTRACT_16BITS(tptr)),
534 		       EXTRACT_16BITS(tptr));
535 		/* XXX: need to decode Rejected-Information? - hexdump for now */
536                 if (len > 6) {
537                         printf("\n\t  Rejected Packet");
538                         print_unknown_data(tptr+2,"\n\t    ",len-2);
539                 }
540 		break;
541 	case CPCODES_ECHO_REQ:
542 	case CPCODES_ECHO_RPL:
543 	case CPCODES_DISC_REQ:
544 		if (length < 8)
545 			break;
546 		TCHECK2(*tptr, 4);
547 		printf("\n\t  Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
548 		/* XXX: need to decode Data? - hexdump for now */
549                 if (len > 8) {
550                         printf("\n\t  -----trailing data-----");
551                         TCHECK2(tptr[4], len-8);
552                         print_unknown_data(tptr+4,"\n\t  ",len-8);
553                 }
554 		break;
555 	case CPCODES_ID:
556 		if (length < 8)
557 			break;
558 		TCHECK2(*tptr, 4);
559 		printf("\n\t  Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
560 		/* RFC 1661 says this is intended to be human readable */
561                 if (len > 8) {
562                         printf("\n\t  Message\n\t    ");
563                         fn_printn(tptr+4,len-4,snapend);
564                 }
565 		break;
566 	case CPCODES_TIME_REM:
567 		if (length < 12)
568 			break;
569 		TCHECK2(*tptr, 4);
570 		printf("\n\t  Magic-Num 0x%08x", EXTRACT_32BITS(tptr));
571 		TCHECK2(*(tptr + 4), 4);
572 		printf(", Seconds-Remaining %us", EXTRACT_32BITS(tptr + 4));
573 		/* XXX: need to decode Message? */
574 		break;
575 	default:
576             /* XXX this is dirty but we do not get the
577              * original pointer passed to the begin
578              * the PPP packet */
579                 if (vflag <= 1)
580                     print_unknown_data(pptr-2,"\n\t  ",length+2);
581 		break;
582 	}
583 	return;
584 
585 trunc:
586 	printf("[|%s]", typestr);
587 }
588 
589 /* LCP config options */
590 static int
591 print_lcp_config_options(const u_char *p, int length)
592 {
593 	int len, opt;
594 
595 	if (length < 2)
596 		return 0;
597 	TCHECK2(*p, 2);
598 	len = p[1];
599 	opt = p[0];
600 	if (length < len)
601 		return 0;
602 	if (len < 2) {
603 		if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
604 			printf("\n\t  %s Option (0x%02x), length %u (bogus, should be >= 2)", lcpconfopts[opt],opt,len);
605 		else
606 			printf("\n\tunknown LCP option 0x%02x", opt);
607 		return 0;
608 	}
609 	if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
610 		printf("\n\t  %s Option (0x%02x), length %u: ", lcpconfopts[opt],opt,len);
611 	else {
612 		printf("\n\tunknown LCP option 0x%02x", opt);
613 		return len;
614 	}
615 
616 	switch (opt) {
617 	case LCPOPT_VEXT:
618 		if (len >= 6) {
619 			TCHECK2(*(p + 2), 3);
620 			printf("Vendor: %s (%u)",
621                                tok2str(oui_values,"Unknown",EXTRACT_24BITS(p+2)),
622                                EXTRACT_24BITS(p+2));
623 #if 0
624 			TCHECK(p[5]);
625 			printf(", kind: 0x%02x", p[5]);
626 			printf(", Value: 0x")
627 			for (i = 0; i < len - 6; i++) {
628 				TCHECK(p[6 + i]);
629 				printf("%02x", p[6 + i]);
630 			}
631 #endif
632 		}
633 		break;
634 	case LCPOPT_MRU:
635 		if (len == 4) {
636 			TCHECK2(*(p + 2), 2);
637 			printf("%u", EXTRACT_16BITS(p + 2));
638 		}
639 		break;
640 	case LCPOPT_ACCM:
641 		if (len == 6) {
642 			TCHECK2(*(p + 2), 4);
643 			printf("0x%08x", EXTRACT_32BITS(p + 2));
644 		}
645 		break;
646 	case LCPOPT_AP:
647 		if (len >= 4) {
648 		    TCHECK2(*(p + 2), 2);
649                     printf("%s", tok2str(ppptype2str,"Unknown Auth Proto (0x04x)",EXTRACT_16BITS(p+2)));
650 
651 		    switch (EXTRACT_16BITS(p+2)) {
652 		    case PPP_CHAP:
653 		        TCHECK(p[4]);
654                         printf(", %s",tok2str(authalg_values,"Unknown Auth Alg %u",p[4]));
655 			break;
656 		    case PPP_PAP: /* fall through */
657 		    case PPP_EAP:
658 		    case PPP_SPAP:
659 		    case PPP_SPAP_OLD:
660                         break;
661 		    default:
662                         print_unknown_data(p,"\n\t",len);
663 		    }
664 		}
665 		break;
666 	case LCPOPT_QP:
667 		if (len >= 4) {
668 			TCHECK2(*(p + 2), 2);
669 		        if (EXTRACT_16BITS(p+2) == PPP_LQM)
670 				printf(" LQR");
671 			else
672 				printf(" unknown");
673 		}
674 		break;
675 	case LCPOPT_MN:
676 		if (len == 6) {
677 			TCHECK2(*(p + 2), 4);
678 			printf("0x%08x", EXTRACT_32BITS(p + 2));
679 		}
680 		break;
681 	case LCPOPT_PFC:
682 		break;
683 	case LCPOPT_ACFC:
684 		break;
685 	case LCPOPT_LD:
686 		if (len == 4) {
687 			TCHECK2(*(p + 2), 2);
688 			printf("0x%04x", EXTRACT_16BITS(p + 2));
689 		}
690 		break;
691 	case LCPOPT_CBACK:
692 		if (len < 3)
693 			break;
694 		TCHECK(p[2]);
695                 printf("Callback Operation %s (%u)",
696                        tok2str(ppp_callback_values,"Unknown",p[2]),
697                        p[2]);
698 		break;
699 	case LCPOPT_MLMRRU:
700 		if (len == 4) {
701 			TCHECK2(*(p + 2), 2);
702 			printf("%u", EXTRACT_16BITS(p + 2));
703 		}
704 		break;
705 	case LCPOPT_MLED:
706 		if (len < 3)
707 			break;
708 		TCHECK(p[2]);
709 		switch (p[2]) {		/* class */
710 		case MEDCLASS_NULL:
711 			printf("Null");
712 			break;
713 		case MEDCLASS_LOCAL:
714 			printf("Local"); /* XXX */
715 			break;
716 		case MEDCLASS_IPV4:
717 			if (len != 7)
718 				break;
719 			TCHECK2(*(p + 3), 4);
720 			printf("IPv4 %s", ipaddr_string(p + 3));
721 			break;
722 		case MEDCLASS_MAC:
723 			if (len != 9)
724 				break;
725 			TCHECK(p[8]);
726 			printf("MAC %02x:%02x:%02x:%02x:%02x:%02x",
727 			       p[3], p[4], p[5], p[6], p[7], p[8]);
728 			break;
729 		case MEDCLASS_MNB:
730 			printf("Magic-Num-Block"); /* XXX */
731 			break;
732 		case MEDCLASS_PSNDN:
733 			printf("PSNDN"); /* XXX */
734 			break;
735 		}
736 		break;
737 
738 /* XXX: to be supported */
739 #if 0
740 	case LCPOPT_DEP6:
741 	case LCPOPT_FCSALT:
742 	case LCPOPT_SDP:
743 	case LCPOPT_NUMMODE:
744 	case LCPOPT_DEP12:
745 	case LCPOPT_DEP14:
746 	case LCPOPT_DEP15:
747 	case LCPOPT_DEP16:
748         case LCPOPT_MLSSNHF:
749 	case LCPOPT_PROP:
750 	case LCPOPT_DCEID:
751 	case LCPOPT_MPP:
752 	case LCPOPT_LCPAOPT:
753 	case LCPOPT_COBS:
754 	case LCPOPT_PE:
755 	case LCPOPT_MLHF:
756 	case LCPOPT_I18N:
757 	case LCPOPT_SDLOS:
758 	case LCPOPT_PPPMUX:
759 		break;
760 #endif
761         default:
762                 if(vflag<2)
763                         print_unknown_data(&p[2],"\n\t    ",len-2);
764                 break;
765 	}
766 
767         if (vflag>1)
768                 print_unknown_data(&p[2],"\n\t    ",len-2); /* exclude TLV header */
769 
770 	return len;
771 
772 trunc:
773 	printf("[|lcp]");
774 	return 0;
775 }
776 
777 /* ML-PPP*/
778 struct tok ppp_ml_flag_values[] = {
779     { 0x80, "begin" },
780     { 0x40, "end" },
781     { 0, NULL }
782 };
783 
784 static void
785 handle_mlppp(const u_char *p, int length) {
786 
787     if (!eflag)
788         printf("MLPPP, ");
789 
790     printf("seq 0x%03x, Flags [%s], length %u",
791            (EXTRACT_16BITS(p))&0x0fff, /* only support 12-Bit sequence space for now */
792            bittok2str(ppp_ml_flag_values, "none", *p & 0xc0),
793            length);
794 
795     return;
796 }
797 
798 /* CHAP */
799 static void
800 handle_chap(const u_char *p, int length)
801 {
802 	u_int code, len;
803 	int val_size, name_size, msg_size;
804 	const u_char *p0;
805 	int i;
806 
807 	p0 = p;
808 	if (length < 1) {
809 		printf("[|chap]");
810 		return;
811 	} else if (length < 4) {
812 		TCHECK(*p);
813 		printf("[|chap 0x%02x]", *p);
814 		return;
815 	}
816 
817 	TCHECK(*p);
818 	code = *p;
819         printf("CHAP, %s (0x%02x)",
820                tok2str(chapcode_values,"unknown",code),
821                code);
822 	p++;
823 
824 	TCHECK(*p);
825 	printf(", id %u", *p);		/* ID */
826 	p++;
827 
828 	TCHECK2(*p, 2);
829 	len = EXTRACT_16BITS(p);
830 	p += 2;
831 
832 	/*
833 	 * Note that this is a generic CHAP decoding routine. Since we
834 	 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
835 	 * MS-CHAPv2) is used at this point, we can't decode packet
836 	 * specifically to each algorithms. Instead, we simply decode
837 	 * the GCD (Gratest Common Denominator) for all algorithms.
838 	 */
839 	switch (code) {
840 	case CHAP_CHAL:
841 	case CHAP_RESP:
842 		if (length - (p - p0) < 1)
843 			return;
844 		TCHECK(*p);
845 		val_size = *p;		/* value size */
846 		p++;
847 		if (length - (p - p0) < val_size)
848 			return;
849 		printf(", Value ");
850 		for (i = 0; i < val_size; i++) {
851 			TCHECK(*p);
852 			printf("%02x", *p++);
853 		}
854 		name_size = len - (p - p0);
855 		printf(", Name ");
856 		for (i = 0; i < name_size; i++) {
857 			TCHECK(*p);
858 			safeputchar(*p++);
859 		}
860 		break;
861 	case CHAP_SUCC:
862 	case CHAP_FAIL:
863 		msg_size = len - (p - p0);
864 		printf(", Msg ");
865 		for (i = 0; i< msg_size; i++) {
866 			TCHECK(*p);
867 			safeputchar(*p++);
868 		}
869 		break;
870 	}
871 	return;
872 
873 trunc:
874 	printf("[|chap]");
875 }
876 
877 /* PAP (see RFC 1334) */
878 static void
879 handle_pap(const u_char *p, int length)
880 {
881 	u_int code, len;
882 	int peerid_len, passwd_len, msg_len;
883 	const u_char *p0;
884 	int i;
885 
886 	p0 = p;
887 	if (length < 1) {
888 		printf("[|pap]");
889 		return;
890 	} else if (length < 4) {
891 		TCHECK(*p);
892 		printf("[|pap 0x%02x]", *p);
893 		return;
894 	}
895 
896 	TCHECK(*p);
897 	code = *p;
898         printf("PAP, %s (0x%02x)",
899                tok2str(papcode_values,"unknown",code),
900                code);
901 	p++;
902 
903 	TCHECK(*p);
904 	printf(", id %u", *p);		/* ID */
905 	p++;
906 
907 	TCHECK2(*p, 2);
908 	len = EXTRACT_16BITS(p);
909 	p += 2;
910 
911 	if ((int)len > length) {
912 		printf(", length %u > packet size", len);
913 		return;
914 	}
915 	length = len;
916 	if (length < (p - p0)) {
917 		printf(", length %u < PAP header length", length);
918 		return;
919 	}
920 
921 	switch (code) {
922 	case PAP_AREQ:
923 		if (length - (p - p0) < 1)
924 			return;
925 		TCHECK(*p);
926 		peerid_len = *p;	/* Peer-ID Length */
927 		p++;
928 		if (length - (p - p0) < peerid_len)
929 			return;
930 		printf(", Peer ");
931 		for (i = 0; i < peerid_len; i++) {
932 			TCHECK(*p);
933 			safeputchar(*p++);
934 		}
935 
936 		if (length - (p - p0) < 1)
937 			return;
938 		TCHECK(*p);
939 		passwd_len = *p;	/* Password Length */
940 		p++;
941 		if (length - (p - p0) < passwd_len)
942 			return;
943 		printf(", Name ");
944 		for (i = 0; i < passwd_len; i++) {
945 			TCHECK(*p);
946 			safeputchar(*p++);
947 		}
948 		break;
949 	case PAP_AACK:
950 	case PAP_ANAK:
951 		if (length - (p - p0) < 1)
952 			return;
953 		TCHECK(*p);
954 		msg_len = *p;		/* Msg-Length */
955 		p++;
956 		if (length - (p - p0) < msg_len)
957 			return;
958 		printf(", Msg ");
959 		for (i = 0; i< msg_len; i++) {
960 			TCHECK(*p);
961 			safeputchar(*p++);
962 		}
963 		break;
964 	}
965 	return;
966 
967 trunc:
968 	printf("[|pap]");
969 }
970 
971 /* BAP */
972 static void
973 handle_bap(const u_char *p _U_, int length _U_)
974 {
975 	/* XXX: to be supported!! */
976 }
977 
978 
979 /* IPCP config options */
980 static int
981 print_ipcp_config_options(const u_char *p, int length)
982 {
983 	int len, opt;
984         u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
985 
986 	if (length < 2)
987 		return 0;
988 	TCHECK2(*p, 2);
989 	len = p[1];
990 	opt = p[0];
991 	if (length < len)
992 		return 0;
993 	if (len < 2) {
994 		printf("\n\t  %s Option (0x%02x), length %u (bogus, should be >= 2)",
995 		       tok2str(ipcpopt_values,"unknown",opt),
996 		       opt,
997         	       len);
998 		return 0;
999 	}
1000 
1001 	printf("\n\t  %s Option (0x%02x), length %u: ",
1002 	       tok2str(ipcpopt_values,"unknown",opt),
1003 	       opt,
1004                len);
1005 
1006 	switch (opt) {
1007 	case IPCPOPT_2ADDR:		/* deprecated */
1008 		if (len != 10)
1009 			goto invlen;
1010 		TCHECK2(*(p + 6), 4);
1011 		printf("src %s, dst %s",
1012 		       ipaddr_string(p + 2),
1013 		       ipaddr_string(p + 6));
1014 		break;
1015 	case IPCPOPT_IPCOMP:
1016 		if (len < 4)
1017 			goto invlen;
1018 		TCHECK2(*(p + 2), 2);
1019                 compproto = EXTRACT_16BITS(p+2);
1020 
1021                 printf("%s (0x%02x):",
1022                        tok2str(ipcpopt_compproto_values,"Unknown",compproto),
1023                        compproto);
1024 
1025 		switch (compproto) {
1026                 case PPP_VJC:
1027 			/* XXX: VJ-Comp parameters should be decoded */
1028                         break;
1029                 case IPCPOPT_IPCOMP_HDRCOMP:
1030                         if (len < IPCPOPT_IPCOMP_MINLEN)
1031                                 goto invlen;
1032 
1033                         TCHECK2(*(p + 2), IPCPOPT_IPCOMP_MINLEN);
1034                         printf("\n\t    TCP Space %u, non-TCP Space %u" \
1035                                ", maxPeriod %u, maxTime %u, maxHdr %u",
1036                                EXTRACT_16BITS(p+4),
1037                                EXTRACT_16BITS(p+6),
1038                                EXTRACT_16BITS(p+8),
1039                                EXTRACT_16BITS(p+10),
1040                                EXTRACT_16BITS(p+12));
1041 
1042                         /* suboptions present ? */
1043                         if (len > IPCPOPT_IPCOMP_MINLEN) {
1044                                 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
1045                                 p += IPCPOPT_IPCOMP_MINLEN;
1046 
1047                                 printf("\n\t      Suboptions, length %u", ipcomp_subopttotallen);
1048 
1049                                 while (ipcomp_subopttotallen >= 2) {
1050                                         TCHECK2(*p, 2);
1051                                         ipcomp_subopt = *p;
1052                                         ipcomp_suboptlen = *(p+1);
1053 
1054                                         /* sanity check */
1055                                         if (ipcomp_subopt == 0 ||
1056                                             ipcomp_suboptlen == 0 )
1057                                                 break;
1058 
1059                                         /* XXX: just display the suboptions for now */
1060                                         printf("\n\t\t%s Suboption #%u, length %u",
1061                                                tok2str(ipcpopt_compproto_subopt_values,
1062                                                        "Unknown",
1063                                                        ipcomp_subopt),
1064                                                ipcomp_subopt,
1065                                                ipcomp_suboptlen);
1066 
1067                                         ipcomp_subopttotallen -= ipcomp_suboptlen;
1068                                         p += ipcomp_suboptlen;
1069                                 }
1070                         }
1071                         break;
1072                 default:
1073                         break;
1074 		}
1075 		break;
1076 
1077 	case IPCPOPT_ADDR:     /* those options share the same format - fall through */
1078 	case IPCPOPT_MOBILE4:
1079 	case IPCPOPT_PRIDNS:
1080 	case IPCPOPT_PRINBNS:
1081 	case IPCPOPT_SECDNS:
1082 	case IPCPOPT_SECNBNS:
1083 		if (len != 6)
1084 			goto invlen;
1085 		TCHECK2(*(p + 2), 4);
1086 		printf("%s", ipaddr_string(p + 2));
1087 		break;
1088 	default:
1089                 if(vflag<2)
1090                         print_unknown_data(&p[2],"\n\t    ",len-2);
1091 		break;
1092 	}
1093         if (vflag>1)
1094                 print_unknown_data(&p[2],"\n\t    ",len-2); /* exclude TLV header */
1095 	return len;
1096 
1097 invlen:
1098 	printf(", invalid-length-%d", opt);
1099 	return 0;
1100 
1101 trunc:
1102 	printf("[|ipcp]");
1103 	return 0;
1104 }
1105 
1106 /* IP6CP config options */
1107 static int
1108 print_ip6cp_config_options(const u_char *p, int length)
1109 {
1110 	int len, opt;
1111 
1112 	if (length < 2)
1113 		return 0;
1114 	TCHECK2(*p, 2);
1115 	len = p[1];
1116 	opt = p[0];
1117 	if (length < len)
1118 		return 0;
1119 	if (len < 2) {
1120 		printf("\n\t  %s Option (0x%02x), length %u (bogus, should be >= 2)",
1121 		       tok2str(ip6cpopt_values,"unknown",opt),
1122 		       opt,
1123 	               len);
1124 	        return 0;
1125 	}
1126 
1127 	printf("\n\t  %s Option (0x%02x), length %u: ",
1128 	       tok2str(ip6cpopt_values,"unknown",opt),
1129 	       opt,
1130                len);
1131 
1132 	switch (opt) {
1133 	case IP6CP_IFID:
1134 		if (len != 10)
1135 			goto invlen;
1136 		TCHECK2(*(p + 2), 8);
1137 		printf("%04x:%04x:%04x:%04x",
1138 		       EXTRACT_16BITS(p + 2),
1139 		       EXTRACT_16BITS(p + 4),
1140 		       EXTRACT_16BITS(p + 6),
1141 		       EXTRACT_16BITS(p + 8));
1142 		break;
1143 	default:
1144                 if(vflag<2)
1145                         print_unknown_data(&p[2],"\n\t    ",len-2);
1146 		break;
1147 	}
1148         if (vflag>1)
1149                 print_unknown_data(&p[2],"\n\t    ",len-2); /* exclude TLV header */
1150 
1151 	return len;
1152 
1153 invlen:
1154 	printf(", invalid-length-%d", opt);
1155 	return 0;
1156 
1157 trunc:
1158 	printf("[|ip6cp]");
1159 	return 0;
1160 }
1161 
1162 
1163 /* CCP config options */
1164 static int
1165 print_ccp_config_options(const u_char *p, int length)
1166 {
1167 	int len, opt;
1168 
1169 	if (length < 2)
1170 		return 0;
1171 	TCHECK2(*p, 2);
1172 	len = p[1];
1173 	opt = p[0];
1174 	if (length < len)
1175 		return 0;
1176 	if (len < 2) {
1177 	        printf("\n\t  %s Option (0x%02x), length %u (bogus, should be >= 2)",
1178         	       tok2str(ccpconfopts_values, "Unknown", opt),
1179 	               opt,
1180         	       len);
1181         	return 0;
1182         }
1183 
1184         printf("\n\t  %s Option (0x%02x), length %u:",
1185                tok2str(ccpconfopts_values, "Unknown", opt),
1186                opt,
1187                len);
1188 
1189 	switch (opt) {
1190                 /* fall through --> default: nothing supported yet */
1191 	case CCPOPT_OUI:
1192 	case CCPOPT_PRED1:
1193 	case CCPOPT_PRED2:
1194 	case CCPOPT_PJUMP:
1195 	case CCPOPT_HPPPC:
1196 	case CCPOPT_STACLZS:
1197 	case CCPOPT_MPPC:
1198 	case CCPOPT_GFZA:
1199 	case CCPOPT_V42BIS:
1200 	case CCPOPT_BSDCOMP:
1201 	case CCPOPT_LZSDCP:
1202 	case CCPOPT_MVRCA:
1203 	case CCPOPT_DEC:
1204 	case CCPOPT_DEFLATE:
1205 	case CCPOPT_RESV:
1206 	default:
1207                 if(vflag<2)
1208                         print_unknown_data(&p[2],"\n\t    ",len-2);
1209 		break;
1210 	}
1211         if (vflag>1)
1212                 print_unknown_data(&p[2],"\n\t    ",len-2); /* exclude TLV header */
1213 
1214 	return len;
1215 
1216 trunc:
1217 	printf("[|ccp]");
1218 	return 0;
1219 }
1220 
1221 /* BACP config options */
1222 static int
1223 print_bacp_config_options(const u_char *p, int length)
1224 {
1225 	int len, opt;
1226 
1227 	if (length < 2)
1228 		return 0;
1229 	TCHECK2(*p, 2);
1230 	len = p[1];
1231 	opt = p[0];
1232 	if (length < len)
1233 		return 0;
1234 	if (len < 2) {
1235 	        printf("\n\t  %s Option (0x%02x), length %u (bogus, should be >= 2)",
1236         	       tok2str(bacconfopts_values, "Unknown", opt),
1237 	               opt,
1238         	       len);
1239         	return 0;
1240         }
1241 
1242         printf("\n\t  %s Option (0x%02x), length %u:",
1243                tok2str(bacconfopts_values, "Unknown", opt),
1244                opt,
1245                len);
1246 
1247 	switch (opt) {
1248 	case BACPOPT_FPEER:
1249 		TCHECK2(*(p + 2), 4);
1250 		printf(", Magic-Num 0x%08x", EXTRACT_32BITS(p + 2));
1251                 break;
1252 	default:
1253                 if(vflag<2)
1254                         print_unknown_data(&p[2],"\n\t    ",len-2);
1255 		break;
1256 	}
1257         if (vflag>1)
1258                 print_unknown_data(&p[2],"\n\t    ",len-2); /* exclude TLV header */
1259 
1260 	return len;
1261 
1262 trunc:
1263 	printf("[|bacp]");
1264 	return 0;
1265 }
1266 
1267 
1268 static void
1269 ppp_hdlc(const u_char *p, int length)
1270 {
1271 	u_char *b, *s, *t, c;
1272 	int i, proto;
1273 	const void *se;
1274 
1275 	b = (u_int8_t *)malloc(length);
1276 	if (b == NULL)
1277 		return;
1278 
1279 	/*
1280 	 * Unescape all the data into a temporary, private, buffer.
1281 	 * Do this so that we dont overwrite the original packet
1282 	 * contents.
1283 	 */
1284 	for (s = (u_char *)p, t = b, i = length; i > 0; i--) {
1285 		c = *s++;
1286 		if (c == 0x7d) {
1287 			if (i > 1) {
1288 				i--;
1289 				c = *s++ ^ 0x20;
1290 			} else
1291 				continue;
1292 		}
1293 		*t++ = c;
1294 	}
1295 
1296 	se = snapend;
1297 	snapend = t;
1298 
1299         /* now lets guess about the payload codepoint format */
1300         proto = *b; /* start with a one-octet codepoint guess */
1301 
1302         switch (proto) {
1303         case PPP_IP:
1304 		ip_print(gndo, b+1, t - b - 1);
1305 		goto cleanup;
1306 #ifdef INET6
1307         case PPP_IPV6:
1308 		ip6_print(gndo, b+1, t - b - 1);
1309 		goto cleanup;
1310 #endif
1311         default: /* no luck - try next guess */
1312 		break;
1313         }
1314 
1315         proto = EXTRACT_16BITS(b); /* next guess - load two octets */
1316 
1317         switch (proto) {
1318         case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
1319             proto = EXTRACT_16BITS(b+2); /* load the PPP proto-id */
1320             handle_ppp(proto, b+4, t - b - 4);
1321             break;
1322         default: /* last guess - proto must be a PPP proto-id */
1323             handle_ppp(proto, b+2, t - b - 2);
1324             break;
1325         }
1326 
1327 cleanup:
1328         snapend = se;
1329 	free(b);
1330         return;
1331 }
1332 
1333 
1334 /* PPP */
1335 static void
1336 handle_ppp(u_int proto, const u_char *p, int length)
1337 {
1338         if ((proto & 0xff00) == 0x7e00) {/* is this an escape code ? */
1339             ppp_hdlc(p-1, length);
1340             return;
1341         }
1342 
1343 	switch (proto) {
1344 	case PPP_LCP: /* fall through */
1345 	case PPP_IPCP:
1346 	case PPP_OSICP:
1347 	case PPP_MPLSCP:
1348 	case PPP_IPV6CP:
1349 	case PPP_CCP:
1350 	case PPP_BACP:
1351 		handle_ctrl_proto(proto, p, length);
1352 		break;
1353         case PPP_ML:
1354                 handle_mlppp(p, length);
1355                 break;
1356 	case PPP_CHAP:
1357 		handle_chap(p, length);
1358 		break;
1359 	case PPP_PAP:
1360 		handle_pap(p, length);
1361 		break;
1362 	case PPP_BAP:		/* XXX: not yet completed */
1363 		handle_bap(p, length);
1364 		break;
1365 	case ETHERTYPE_IP:	/*XXX*/
1366         case PPP_VJNC:
1367 	case PPP_IP:
1368 		ip_print(gndo, p, length);
1369 		break;
1370 #ifdef INET6
1371 	case ETHERTYPE_IPV6:	/*XXX*/
1372 	case PPP_IPV6:
1373 		ip6_print(gndo, p, length);
1374 		break;
1375 #endif
1376 	case ETHERTYPE_IPX:	/*XXX*/
1377 	case PPP_IPX:
1378 		ipx_print(p, length);
1379 		break;
1380 	case PPP_OSI:
1381 	        isoclns_print(p, length, length);
1382 	        break;
1383 	case PPP_MPLS_UCAST:
1384 	case PPP_MPLS_MCAST:
1385 		mpls_print(p, length);
1386 		break;
1387 	case PPP_COMP:
1388 		printf("compressed PPP data");
1389 		break;
1390 	default:
1391 		printf("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
1392 		print_unknown_data(p,"\n\t",length);
1393 		break;
1394 	}
1395 }
1396 
1397 /* Standard PPP printer */
1398 u_int
1399 ppp_print(register const u_char *p, u_int length)
1400 {
1401 	u_int proto,ppp_header;
1402         u_int olen = length; /* _o_riginal length */
1403 	u_int hdr_len = 0;
1404 
1405 	/*
1406 	 * Here, we assume that p points to the Address and Control
1407 	 * field (if they present).
1408 	 */
1409 	if (length < 2)
1410 		goto trunc;
1411 	TCHECK2(*p, 2);
1412         ppp_header = EXTRACT_16BITS(p);
1413 
1414         switch(ppp_header) {
1415         case (PPP_WITHDIRECTION_IN  << 8 | PPP_CONTROL):
1416             if (eflag) printf("In  ");
1417             p += 2;
1418             length -= 2;
1419             hdr_len += 2;
1420             break;
1421         case (PPP_WITHDIRECTION_OUT << 8 | PPP_CONTROL):
1422             if (eflag) printf("Out ");
1423             p += 2;
1424             length -= 2;
1425             hdr_len += 2;
1426             break;
1427         case (PPP_ADDRESS << 8 | PPP_CONTROL):
1428             p += 2;			/* ACFC not used */
1429             length -= 2;
1430             hdr_len += 2;
1431             break;
1432 
1433         default:
1434             break;
1435         }
1436 
1437 	if (length < 2)
1438 		goto trunc;
1439 	TCHECK(*p);
1440 	if (*p % 2) {
1441 		proto = *p;		/* PFC is used */
1442 		p++;
1443 		length--;
1444 		hdr_len++;
1445 	} else {
1446 		TCHECK2(*p, 2);
1447 		proto = EXTRACT_16BITS(p);
1448 		p += 2;
1449 		length -= 2;
1450 		hdr_len += 2;
1451 	}
1452 
1453         if (eflag)
1454             printf("%s (0x%04x), length %u: ",
1455                    tok2str(ppptype2str, "unknown", proto),
1456                    proto,
1457                    olen);
1458 
1459 	handle_ppp(proto, p, length);
1460 	return (hdr_len);
1461 trunc:
1462 	printf("[|ppp]");
1463 	return (0);
1464 }
1465 
1466 
1467 /* PPP I/F printer */
1468 u_int
1469 ppp_if_print(const struct pcap_pkthdr *h, register const u_char *p)
1470 {
1471 	register u_int length = h->len;
1472 	register u_int caplen = h->caplen;
1473 
1474 	if (caplen < PPP_HDRLEN) {
1475 		printf("[|ppp]");
1476 		return (caplen);
1477 	}
1478 
1479 #if 0
1480 	/*
1481 	 * XXX: seems to assume that there are 2 octets prepended to an
1482 	 * actual PPP frame. The 1st octet looks like Input/Output flag
1483 	 * while 2nd octet is unknown, at least to me
1484 	 * (mshindo@mshindo.net).
1485 	 *
1486 	 * That was what the original tcpdump code did.
1487 	 *
1488 	 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1489 	 * packets and 0 for inbound packets - but only if the
1490 	 * protocol field has the 0x8000 bit set (i.e., it's a network
1491 	 * control protocol); it does so before running the packet through
1492 	 * "bpf_filter" to see if it should be discarded, and to see
1493 	 * if we should update the time we sent the most recent packet...
1494 	 *
1495 	 * ...but it puts the original address field back after doing
1496 	 * so.
1497 	 *
1498 	 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1499 	 *
1500 	 * I don't know if any PPP implementation handed up to a BPF
1501 	 * device packets with the first octet being 1 for outbound and
1502 	 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1503 	 * whether that ever needs to be checked or not.
1504 	 *
1505 	 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1506 	 * and its tcpdump appears to assume that the frame always
1507 	 * begins with an address field and a control field, and that
1508 	 * the address field might be 0x0f or 0x8f, for Cisco
1509 	 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1510 	 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1511 	 * RFC 1662.
1512 	 *
1513 	 * (Is the Cisco framing in question what DLT_C_HDLC, in
1514 	 * BSD/OS, is?)
1515 	 */
1516 	if (eflag)
1517 		printf("%c %4d %02x ", p[0] ? 'O' : 'I', length, p[1]);
1518 #endif
1519 
1520 	ppp_print(p, length);
1521 
1522 	return (0);
1523 }
1524 
1525 /*
1526  * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1527  * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1528  * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1529  * discard them *if* those are the first two octets, and parse the remaining
1530  * packet as a PPP packet, as "ppp_print()" does).
1531  *
1532  * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1533  */
1534 u_int
1535 ppp_hdlc_if_print(const struct pcap_pkthdr *h, register const u_char *p)
1536 {
1537 	register u_int length = h->len;
1538 	register u_int caplen = h->caplen;
1539 	u_int proto;
1540 	u_int hdrlen = 0;
1541 
1542 	if (caplen < 2) {
1543 		printf("[|ppp]");
1544 		return (caplen);
1545 	}
1546 
1547 	switch (p[0]) {
1548 
1549 	case PPP_ADDRESS:
1550 		if (caplen < 4) {
1551 			printf("[|ppp]");
1552 			return (caplen);
1553 		}
1554 
1555 		if (eflag)
1556 			printf("%02x %02x %d ", p[0], p[1], length);
1557 		p += 2;
1558 		length -= 2;
1559 		hdrlen += 2;
1560 
1561 		proto = EXTRACT_16BITS(p);
1562 		p += 2;
1563 		length -= 2;
1564 		hdrlen += 2;
1565 		printf("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
1566 
1567 		handle_ppp(proto, p, length);
1568 		break;
1569 
1570 	case CHDLC_UNICAST:
1571 	case CHDLC_BCAST:
1572 		return (chdlc_if_print(h, p));
1573 
1574 	default:
1575 		if (eflag)
1576 			printf("%02x %02x %d ", p[0], p[1], length);
1577 		p += 2;
1578 		length -= 2;
1579 		hdrlen += 2;
1580 
1581 		/*
1582 		 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1583 		 * the next two octets as an Ethernet type; does that
1584 		 * ever happen?
1585 		 */
1586 		printf("unknown addr %02x; ctrl %02x", p[0], p[1]);
1587 		break;
1588 	}
1589 
1590 	return (hdrlen);
1591 }
1592 
1593 #define PPP_BSDI_HDRLEN 24
1594 
1595 /* BSD/OS specific PPP printer */
1596 u_int
1597 ppp_bsdos_if_print(const struct pcap_pkthdr *h _U_, register const u_char *p _U_)
1598 {
1599 	register int hdrlength;
1600 #ifdef __bsdi__
1601 	register u_int length = h->len;
1602 	register u_int caplen = h->caplen;
1603 	u_int16_t ptype;
1604 	const u_char *q;
1605 	int i;
1606 
1607 	if (caplen < PPP_BSDI_HDRLEN) {
1608 		printf("[|ppp]");
1609 		return (caplen)
1610 	}
1611 
1612 	hdrlength = 0;
1613 
1614 #if 0
1615 	if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) {
1616 		if (eflag)
1617 			printf("%02x %02x ", p[0], p[1]);
1618 		p += 2;
1619 		hdrlength = 2;
1620 	}
1621 
1622 	if (eflag)
1623 		printf("%d ", length);
1624 	/* Retrieve the protocol type */
1625 	if (*p & 01) {
1626 		/* Compressed protocol field */
1627 		ptype = *p;
1628 		if (eflag)
1629 			printf("%02x ", ptype);
1630 		p++;
1631 		hdrlength += 1;
1632 	} else {
1633 		/* Un-compressed protocol field */
1634 		ptype = EXTRACT_16BITS(p);
1635 		if (eflag)
1636 			printf("%04x ", ptype);
1637 		p += 2;
1638 		hdrlength += 2;
1639 	}
1640 #else
1641 	ptype = 0;	/*XXX*/
1642 	if (eflag)
1643 		printf("%c ", p[SLC_DIR] ? 'O' : 'I');
1644 	if (p[SLC_LLHL]) {
1645 		/* link level header */
1646 		struct ppp_header *ph;
1647 
1648 		q = p + SLC_BPFHDRLEN;
1649 		ph = (struct ppp_header *)q;
1650 		if (ph->phdr_addr == PPP_ADDRESS
1651 		 && ph->phdr_ctl == PPP_CONTROL) {
1652 			if (eflag)
1653 				printf("%02x %02x ", q[0], q[1]);
1654 			ptype = EXTRACT_16BITS(&ph->phdr_type);
1655 			if (eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1656 				printf("%s ", tok2str(ppptype2str,
1657 						"proto-#%d", ptype));
1658 			}
1659 		} else {
1660 			if (eflag) {
1661 				printf("LLH=[");
1662 				for (i = 0; i < p[SLC_LLHL]; i++)
1663 					printf("%02x", q[i]);
1664 				printf("] ");
1665 			}
1666 		}
1667 	}
1668 	if (eflag)
1669 		printf("%d ", length);
1670 	if (p[SLC_CHL]) {
1671 		q = p + SLC_BPFHDRLEN + p[SLC_LLHL];
1672 
1673 		switch (ptype) {
1674 		case PPP_VJC:
1675 			ptype = vjc_print(q, ptype);
1676 			hdrlength = PPP_BSDI_HDRLEN;
1677 			p += hdrlength;
1678 			switch (ptype) {
1679 			case PPP_IP:
1680 				ip_print(gndo, p, length);
1681 				break;
1682 #ifdef INET6
1683 			case PPP_IPV6:
1684 				ip6_print(gndo, p, length);
1685 				break;
1686 #endif
1687 			case PPP_MPLS_UCAST:
1688 			case PPP_MPLS_MCAST:
1689 				mpls_print(p, length);
1690 				break;
1691 			}
1692 			goto printx;
1693 		case PPP_VJNC:
1694 			ptype = vjc_print(q, ptype);
1695 			hdrlength = PPP_BSDI_HDRLEN;
1696 			p += hdrlength;
1697 			switch (ptype) {
1698 			case PPP_IP:
1699 				ip_print(gndo, p, length);
1700 				break;
1701 #ifdef INET6
1702 			case PPP_IPV6:
1703 				ip6_print(gndo, p, length);
1704 				break;
1705 #endif
1706 			case PPP_MPLS_UCAST:
1707 			case PPP_MPLS_MCAST:
1708 				mpls_print(p, length);
1709 				break;
1710 			}
1711 			goto printx;
1712 		default:
1713 			if (eflag) {
1714 				printf("CH=[");
1715 				for (i = 0; i < p[SLC_LLHL]; i++)
1716 					printf("%02x", q[i]);
1717 				printf("] ");
1718 			}
1719 			break;
1720 		}
1721 	}
1722 
1723 	hdrlength = PPP_BSDI_HDRLEN;
1724 #endif
1725 
1726 	length -= hdrlength;
1727 	p += hdrlength;
1728 
1729 	switch (ptype) {
1730 	case PPP_IP:
1731 		ip_print(p, length);
1732 		break;
1733 #ifdef INET6
1734 	case PPP_IPV6:
1735 		ip6_print(gndo, p, length);
1736 		break;
1737 #endif
1738         case PPP_MPLS_UCAST:
1739         case PPP_MPLS_MCAST:
1740                 mpls_print(gndo, p, length);
1741                 break;
1742 	default:
1743 		printf("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype));
1744 	}
1745 
1746 printx:
1747 #else /* __bsdi */
1748 	hdrlength = 0;
1749 #endif /* __bsdi__ */
1750 	return (hdrlength);
1751 }
1752 
1753 
1754 /*
1755  * Local Variables:
1756  * c-style: whitesmith
1757  * c-basic-offset: 8
1758  * End:
1759  */
1760