1685295f4SBill Fenner /*
2685295f4SBill Fenner * Copyright (c) 2000 William C. Fenner.
3685295f4SBill Fenner * All rights reserved.
4685295f4SBill Fenner *
5685295f4SBill Fenner * Kevin Steves <ks@hp.se> July 2000
6685295f4SBill Fenner * Modified to:
7685295f4SBill Fenner * - print version, type string and packet length
8685295f4SBill Fenner * - print IP address count if > 1 (-v)
9685295f4SBill Fenner * - verify checksum (-v)
10685295f4SBill Fenner * - print authentication string (-v)
11685295f4SBill Fenner *
12685295f4SBill Fenner * Redistribution and use in source and binary forms, with or without
13685295f4SBill Fenner * modification, are permitted provided that: (1) source code
14685295f4SBill Fenner * distributions retain the above copyright notice and this paragraph
15685295f4SBill Fenner * in its entirety, and (2) distributions including binary code include
16685295f4SBill Fenner * the above copyright notice and this paragraph in its entirety in
17685295f4SBill Fenner * the documentation or other materials provided with the distribution.
18685295f4SBill Fenner * The name of William C. Fenner may not be used to endorse or
19685295f4SBill Fenner * promote products derived from this software without specific prior
20685295f4SBill Fenner * written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND
21685295f4SBill Fenner * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
22685295f4SBill Fenner * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23685295f4SBill Fenner * FOR A PARTICULAR PURPOSE.
24685295f4SBill Fenner */
25685295f4SBill Fenner
263340d773SGleb Smirnoff /* \summary: Virtual Router Redundancy Protocol (VRRP) printer */
273340d773SGleb Smirnoff
28*ee67461eSJoseph Mingrone #include <config.h>
29685295f4SBill Fenner
30*ee67461eSJoseph Mingrone #include "netdissect-stdinc.h"
315b0fe478SBruce M Simpson
323340d773SGleb Smirnoff #include "netdissect.h"
33685295f4SBill Fenner #include "extract.h"
34685295f4SBill Fenner #include "addrtoname.h"
35685295f4SBill Fenner
363c602fabSXin LI #include "ip.h"
373c602fabSXin LI #include "ipproto.h"
38685295f4SBill Fenner /*
393c602fabSXin LI * RFC 2338 (VRRP v2):
403c602fabSXin LI *
41685295f4SBill Fenner * 0 1 2 3
42685295f4SBill Fenner * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
43685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
44685295f4SBill Fenner * |Version| Type | Virtual Rtr ID| Priority | Count IP Addrs|
45685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
46685295f4SBill Fenner * | Auth Type | Adver Int | Checksum |
47685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
48685295f4SBill Fenner * | IP Address (1) |
49685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
50685295f4SBill Fenner * | . |
51685295f4SBill Fenner * | . |
52685295f4SBill Fenner * | . |
53685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
54685295f4SBill Fenner * | IP Address (n) |
55685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
56685295f4SBill Fenner * | Authentication Data (1) |
57685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
58685295f4SBill Fenner * | Authentication Data (2) |
59685295f4SBill Fenner * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
603c602fabSXin LI *
613c602fabSXin LI *
623c602fabSXin LI * RFC 5798 (VRRP v3):
633c602fabSXin LI *
643c602fabSXin LI * 0 1 2 3
653c602fabSXin LI * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
663c602fabSXin LI * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
673c602fabSXin LI * | IPv4 Fields or IPv6 Fields |
683c602fabSXin LI * ... ...
693c602fabSXin LI * | |
703c602fabSXin LI * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
713c602fabSXin LI * |Version| Type | Virtual Rtr ID| Priority |Count IPvX Addr|
723c602fabSXin LI * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
733c602fabSXin LI * |(rsvd) | Max Adver Int | Checksum |
743c602fabSXin LI * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
753c602fabSXin LI * | |
763c602fabSXin LI * + +
773c602fabSXin LI * | IPvX Address(es) |
783c602fabSXin LI * + +
793c602fabSXin LI * | |
803c602fabSXin LI * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
81685295f4SBill Fenner */
82a90e161bSBill Fenner
83a90e161bSBill Fenner /* Type */
84a90e161bSBill Fenner #define VRRP_TYPE_ADVERTISEMENT 1
85a90e161bSBill Fenner
86a90e161bSBill Fenner static const struct tok type2str[] = {
875b0fe478SBruce M Simpson { VRRP_TYPE_ADVERTISEMENT, "Advertisement" },
88a90e161bSBill Fenner { 0, NULL }
89a90e161bSBill Fenner };
90a90e161bSBill Fenner
91a90e161bSBill Fenner /* Auth Type */
92a90e161bSBill Fenner #define VRRP_AUTH_NONE 0
93a90e161bSBill Fenner #define VRRP_AUTH_SIMPLE 1
94a90e161bSBill Fenner #define VRRP_AUTH_AH 2
95a90e161bSBill Fenner
96a90e161bSBill Fenner static const struct tok auth2str[] = {
97a90e161bSBill Fenner { VRRP_AUTH_NONE, "none" },
98a90e161bSBill Fenner { VRRP_AUTH_SIMPLE, "simple" },
99a90e161bSBill Fenner { VRRP_AUTH_AH, "ah" },
100a90e161bSBill Fenner { 0, NULL }
101a90e161bSBill Fenner };
102a90e161bSBill Fenner
103685295f4SBill Fenner void
vrrp_print(netdissect_options * ndo,const u_char * bp,u_int len,const u_char * bp2,int ttl,int ver)1043c602fabSXin LI vrrp_print(netdissect_options *ndo,
105*ee67461eSJoseph Mingrone const u_char *bp, u_int len,
106*ee67461eSJoseph Mingrone const u_char *bp2, int ttl,
107*ee67461eSJoseph Mingrone int ver)
108685295f4SBill Fenner {
1093c602fabSXin LI int version, type, auth_type = VRRP_AUTH_NONE; /* keep compiler happy */
110a90e161bSBill Fenner const char *type_s;
111685295f4SBill Fenner
112*ee67461eSJoseph Mingrone ndo->ndo_protocol = "vrrp";
113*ee67461eSJoseph Mingrone nd_print_protocol_caps(ndo);
114*ee67461eSJoseph Mingrone version = (GET_U_1(bp) & 0xf0) >> 4;
115*ee67461eSJoseph Mingrone type = GET_U_1(bp) & 0x0f;
1165b0fe478SBruce M Simpson type_s = tok2str(type2str, "unknown type (%u)", type);
117*ee67461eSJoseph Mingrone ND_PRINT("v%u, %s", version, type_s);
118685295f4SBill Fenner if (ttl != 255)
119*ee67461eSJoseph Mingrone ND_PRINT(", (ttl %u)", ttl);
1203c602fabSXin LI if (version < 2 || version > 3 || type != VRRP_TYPE_ADVERTISEMENT)
121685295f4SBill Fenner return;
122*ee67461eSJoseph Mingrone ND_PRINT(", vrid %u, prio %u", GET_U_1(bp + 1), GET_U_1(bp + 2));
1233c602fabSXin LI
1243c602fabSXin LI if (version == 2) {
125*ee67461eSJoseph Mingrone auth_type = GET_U_1(bp + 4);
126*ee67461eSJoseph Mingrone ND_PRINT(", authtype %s", tok2str(auth2str, NULL, auth_type));
127*ee67461eSJoseph Mingrone ND_PRINT(", intvl %us, length %u", GET_U_1(bp + 5), len);
1283c602fabSXin LI } else { /* version == 3 */
129*ee67461eSJoseph Mingrone uint16_t intvl = (GET_U_1(bp + 4) & 0x0f) << 8 | GET_U_1(bp + 5);
130*ee67461eSJoseph Mingrone ND_PRINT(", intvl %ucs, length %u", intvl, len);
1313c602fabSXin LI }
1323c602fabSXin LI
1333c602fabSXin LI if (ndo->ndo_vflag) {
134*ee67461eSJoseph Mingrone u_int naddrs = GET_U_1(bp + 3);
135*ee67461eSJoseph Mingrone u_int i;
136685295f4SBill Fenner char c;
137685295f4SBill Fenner
138*ee67461eSJoseph Mingrone if (version == 2 && ND_TTEST_LEN(bp, len)) {
139cac3dcd5SXin LI struct cksum_vec vec[1];
140cac3dcd5SXin LI
141cac3dcd5SXin LI vec[0].ptr = bp;
142cac3dcd5SXin LI vec[0].len = len;
143*ee67461eSJoseph Mingrone if (in_cksum(vec, 1))
144*ee67461eSJoseph Mingrone ND_PRINT(", (bad vrrp cksum %x)",
145*ee67461eSJoseph Mingrone GET_BE_U_2(bp + 6));
14639e421e8SCy Schubert }
1473c602fabSXin LI
148*ee67461eSJoseph Mingrone if (version == 3 && ND_TTEST_LEN(bp, len)) {
149*ee67461eSJoseph Mingrone uint16_t cksum;
150*ee67461eSJoseph Mingrone
151*ee67461eSJoseph Mingrone if (ver == 4)
152*ee67461eSJoseph Mingrone cksum = nextproto4_cksum(ndo, (const struct ip *)bp2, bp,
1533c602fabSXin LI len, len, IPPROTO_VRRP);
154*ee67461eSJoseph Mingrone else
155*ee67461eSJoseph Mingrone cksum = nextproto6_cksum(ndo, (const struct ip6_hdr *)bp2, bp,
156*ee67461eSJoseph Mingrone len, len, IPPROTO_VRRP);
157*ee67461eSJoseph Mingrone if (cksum)
158*ee67461eSJoseph Mingrone ND_PRINT(", (bad vrrp cksum %x)",
159*ee67461eSJoseph Mingrone GET_BE_U_2(bp + 6));
16039e421e8SCy Schubert }
1613c602fabSXin LI
162*ee67461eSJoseph Mingrone ND_PRINT(", addrs");
163685295f4SBill Fenner if (naddrs > 1)
164*ee67461eSJoseph Mingrone ND_PRINT("(%u)", naddrs);
165*ee67461eSJoseph Mingrone ND_PRINT(":");
166685295f4SBill Fenner c = ' ';
167685295f4SBill Fenner bp += 8;
168685295f4SBill Fenner for (i = 0; i < naddrs; i++) {
169*ee67461eSJoseph Mingrone if (ver == 4) {
170*ee67461eSJoseph Mingrone ND_PRINT("%c%s", c, GET_IPADDR_STRING(bp));
171685295f4SBill Fenner bp += 4;
172*ee67461eSJoseph Mingrone } else {
173*ee67461eSJoseph Mingrone ND_PRINT("%c%s", c, GET_IP6ADDR_STRING(bp));
174*ee67461eSJoseph Mingrone bp += 16;
175*ee67461eSJoseph Mingrone }
176*ee67461eSJoseph Mingrone c = ',';
177685295f4SBill Fenner }
1783c602fabSXin LI if (version == 2 && auth_type == VRRP_AUTH_SIMPLE) { /* simple text password */
179*ee67461eSJoseph Mingrone ND_PRINT(" auth \"");
180*ee67461eSJoseph Mingrone /*
181*ee67461eSJoseph Mingrone * RFC 2338 Section 5.3.10: "If the configured authentication string
182*ee67461eSJoseph Mingrone * is shorter than 8 bytes, the remaining space MUST be zero-filled.
183*ee67461eSJoseph Mingrone */
184*ee67461eSJoseph Mingrone nd_printjnp(ndo, bp, 8);
185*ee67461eSJoseph Mingrone ND_PRINT("\"");
186685295f4SBill Fenner }
187685295f4SBill Fenner }
188685295f4SBill Fenner }
189