1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1988-1990 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that: 9 * 1. Source code distributions retain the above copyright 10 * notice and this paragraph in its entirety 11 * 2. Distributions including binary code include the above copyright 12 * notice and this paragraph in its entirety in the documentation 13 * or other materials provided with the distribution, and 14 * 3. Neither the name of the University nor the names of its contributors 15 * may be used to endorse or promote products derived from this software 16 * without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 21 * 22 * Format and print bootp packets. 23 * 24 * This file was copied from tcpdump-2.1.1 and modified. 25 * There is an e-mail list for tcpdump: <tcpdump@ee.lbl.gov> 26 * 27 * $FreeBSD$ 28 */ 29 30 #include <stdio.h> 31 32 #include <sys/param.h> 33 #include <sys/types.h> 34 #include <sys/socket.h> 35 36 #include <sys/time.h> /* for struct timeval in net/if.h */ 37 #include <net/if.h> 38 #include <netinet/in.h> 39 40 #include <string.h> 41 #include <ctype.h> 42 43 #include "bootp.h" 44 #include "bootptest.h" 45 46 /* These decode the vendor data. */ 47 static void rfc1048_print(u_char *bp, int length); 48 static void cmu_print(u_char *bp, int length); 49 static void other_print(u_char *bp, int length); 50 static void dump_hex(u_char *bp, int len); 51 52 /* 53 * Print bootp requests 54 */ 55 void 56 bootp_print(bp, length, sport, dport) 57 struct bootp *bp; 58 int length; 59 u_short sport, dport; 60 { 61 static char tstr[] = " [|bootp]"; 62 static unsigned char vm_cmu[4] = VM_CMU; 63 static unsigned char vm_rfc1048[4] = VM_RFC1048; 64 u_char *ep; 65 int vdlen; 66 67 #define TCHECK(var, l) if ((u_char *)&(var) > ep - l) goto trunc 68 69 /* Note funny sized packets */ 70 if (length != sizeof(struct bootp)) 71 (void) printf(" [len=%d]", length); 72 73 /* 'ep' points to the end of avaible data. */ 74 ep = (u_char *) snapend; 75 76 switch (bp->bp_op) { 77 78 case BOOTREQUEST: 79 /* Usually, a request goes from a client to a server */ 80 if (sport != IPPORT_BOOTPC || dport != IPPORT_BOOTPS) 81 printf(" (request)"); 82 break; 83 84 case BOOTREPLY: 85 /* Usually, a reply goes from a server to a client */ 86 if (sport != IPPORT_BOOTPS || dport != IPPORT_BOOTPC) 87 printf(" (reply)"); 88 break; 89 90 default: 91 printf(" bootp-#%d", bp->bp_op); 92 } 93 94 /* The usual hardware address type is 1 (10Mb Ethernet) */ 95 if (bp->bp_htype != 1) 96 printf(" htype:%d", bp->bp_htype); 97 98 /* The usual length for 10Mb Ethernet address is 6 bytes */ 99 if (bp->bp_hlen != 6) 100 printf(" hlen:%d", bp->bp_hlen); 101 102 /* Client's Hardware address */ 103 if (bp->bp_hlen) { 104 struct ether_header *eh; 105 char *e; 106 107 TCHECK(bp->bp_chaddr[0], 6); 108 eh = (struct ether_header *) packetp; 109 if (bp->bp_op == BOOTREQUEST) 110 e = (char *) ESRC(eh); 111 else if (bp->bp_op == BOOTREPLY) 112 e = (char *) EDST(eh); 113 else 114 e = NULL; 115 if (e == NULL || bcmp((char *) bp->bp_chaddr, e, 6)) 116 dump_hex(bp->bp_chaddr, bp->bp_hlen); 117 } 118 /* Only print interesting fields */ 119 if (bp->bp_hops) 120 printf(" hops:%d", bp->bp_hops); 121 122 if (bp->bp_xid) 123 printf(" xid:%ld", (long)ntohl(bp->bp_xid)); 124 125 if (bp->bp_secs) 126 printf(" secs:%d", ntohs(bp->bp_secs)); 127 128 /* Client's ip address */ 129 TCHECK(bp->bp_ciaddr, sizeof(bp->bp_ciaddr)); 130 if (bp->bp_ciaddr.s_addr) 131 printf(" C:%s", ipaddr_string(&bp->bp_ciaddr)); 132 133 /* 'your' ip address (bootp client) */ 134 TCHECK(bp->bp_yiaddr, sizeof(bp->bp_yiaddr)); 135 if (bp->bp_yiaddr.s_addr) 136 printf(" Y:%s", ipaddr_string(&bp->bp_yiaddr)); 137 138 /* Server's ip address */ 139 TCHECK(bp->bp_siaddr, sizeof(bp->bp_siaddr)); 140 if (bp->bp_siaddr.s_addr) 141 printf(" S:%s", ipaddr_string(&bp->bp_siaddr)); 142 143 /* Gateway's ip address */ 144 TCHECK(bp->bp_giaddr, sizeof(bp->bp_giaddr)); 145 if (bp->bp_giaddr.s_addr) 146 printf(" G:%s", ipaddr_string(&bp->bp_giaddr)); 147 148 TCHECK(bp->bp_sname[0], sizeof(bp->bp_sname)); 149 if (*bp->bp_sname) { 150 printf(" sname:"); 151 if (printfn(bp->bp_sname, ep)) { 152 fputs(tstr + 1, stdout); 153 return; 154 } 155 } 156 TCHECK(bp->bp_file[0], sizeof(bp->bp_file)); 157 if (*bp->bp_file) { 158 printf(" file:"); 159 if (printfn(bp->bp_file, ep)) { 160 fputs(tstr + 1, stdout); 161 return; 162 } 163 } 164 /* Don't try to decode the vendor buffer unless we're verbose */ 165 if (vflag <= 0) 166 return; 167 168 vdlen = sizeof(bp->bp_vend); 169 /* Vendor data can extend to the end of the packet. */ 170 if (vdlen < (ep - bp->bp_vend)) 171 vdlen = (ep - bp->bp_vend); 172 173 TCHECK(bp->bp_vend[0], vdlen); 174 printf(" vend"); 175 if (!bcmp(bp->bp_vend, vm_rfc1048, sizeof(u_int32))) 176 rfc1048_print(bp->bp_vend, vdlen); 177 else if (!bcmp(bp->bp_vend, vm_cmu, sizeof(u_int32))) 178 cmu_print(bp->bp_vend, vdlen); 179 else 180 other_print(bp->bp_vend, vdlen); 181 182 return; 183 trunc: 184 fputs(tstr, stdout); 185 #undef TCHECK 186 } 187 188 /* 189 * Option description data follows. 190 * These are described in: RFC-1048, RFC-1395, RFC-1497, RFC-1533 191 * 192 * The first char of each option string encodes the data format: 193 * ?: unknown 194 * a: ASCII 195 * b: byte (8-bit) 196 * i: inet address 197 * l: int32 198 * s: short (16-bit) 199 */ 200 char * 201 rfc1048_opts[] = { 202 /* Originally from RFC-1048: */ 203 "?PAD", /* 0: Padding - special, no data. */ 204 "iSM", /* 1: subnet mask (RFC950)*/ 205 "lTZ", /* 2: time offset, seconds from UTC */ 206 "iGW", /* 3: gateways (or routers) */ 207 "iTS", /* 4: time servers (RFC868) */ 208 "iINS", /* 5: IEN name servers (IEN116) */ 209 "iDNS", /* 6: domain name servers (RFC1035)(1034?) */ 210 "iLOG", /* 7: MIT log servers */ 211 "iCS", /* 8: cookie servers (RFC865) */ 212 "iLPR", /* 9: lpr server (RFC1179) */ 213 "iIPS", /* 10: impress servers (Imagen) */ 214 "iRLP", /* 11: resource location servers (RFC887) */ 215 "aHN", /* 12: host name (ASCII) */ 216 "sBFS", /* 13: boot file size (in 512 byte blocks) */ 217 218 /* Added by RFC-1395: */ 219 "aDUMP", /* 14: Merit Dump File */ 220 "aDNAM", /* 15: Domain Name (for DNS) */ 221 "iSWAP", /* 16: Swap Server */ 222 "aROOT", /* 17: Root Path */ 223 224 /* Added by RFC-1497: */ 225 "aEXTF", /* 18: Extensions Path (more options) */ 226 227 /* Added by RFC-1533: (many, many options...) */ 228 #if 1 /* These might not be worth recognizing by name. */ 229 230 /* IP Layer Parameters, per-host (RFC-1533, sect. 4) */ 231 "bIP-forward", /* 19: IP Forwarding flag */ 232 "bIP-srcroute", /* 20: IP Source Routing Enable flag */ 233 "iIP-filters", /* 21: IP Policy Filter (addr pairs) */ 234 "sIP-maxudp", /* 22: IP Max-UDP reassembly size */ 235 "bIP-ttlive", /* 23: IP Time to Live */ 236 "lIP-pmtuage", /* 24: IP Path MTU aging timeout */ 237 "sIP-pmtutab", /* 25: IP Path MTU plateau table */ 238 239 /* IP parameters, per-interface (RFC-1533, sect. 5) */ 240 "sIP-mtu-sz", /* 26: IP MTU size */ 241 "bIP-mtu-sl", /* 27: IP MTU all subnets local */ 242 "bIP-bcast1", /* 28: IP Broadcast Addr ones flag */ 243 "bIP-mask-d", /* 29: IP do mask discovery */ 244 "bIP-mask-s", /* 30: IP do mask supplier */ 245 "bIP-rt-dsc", /* 31: IP do router discovery */ 246 "iIP-rt-sa", /* 32: IP router solicitation addr */ 247 "iIP-routes", /* 33: IP static routes (dst,router) */ 248 249 /* Link Layer parameters, per-interface (RFC-1533, sect. 6) */ 250 "bLL-trailer", /* 34: do tralier encapsulation */ 251 "lLL-arp-tmo", /* 35: ARP cache timeout */ 252 "bLL-ether2", /* 36: Ethernet version 2 (IEEE 802.3) */ 253 254 /* TCP parameters (RFC-1533, sect. 7) */ 255 "bTCP-def-ttl", /* 37: default time to live */ 256 "lTCP-KA-tmo", /* 38: keepalive time interval */ 257 "bTCP-KA-junk", /* 39: keepalive sends extra junk */ 258 259 /* Application and Service Parameters (RFC-1533, sect. 8) */ 260 "aNISDOM", /* 40: NIS Domain (Sun YP) */ 261 "iNISSRV", /* 41: NIS Servers */ 262 "iNTPSRV", /* 42: NTP (time) Servers (RFC 1129) */ 263 "?VSINFO", /* 43: Vendor Specific Info (encapsulated) */ 264 "iNBiosNS", /* 44: NetBIOS Name Server (RFC-1001,1..2) */ 265 "iNBiosDD", /* 45: NetBIOS Datagram Dist. Server. */ 266 "bNBiosNT", /* 46: NetBIOS Note Type */ 267 "?NBiosS", /* 47: NetBIOS Scope */ 268 "iXW-FS", /* 48: X Window System Font Servers */ 269 "iXW-DM", /* 49: X Window System Display Managers */ 270 271 /* DHCP extensions (RFC-1533, sect. 9) */ 272 #endif 273 }; 274 #define KNOWN_OPTIONS (sizeof(rfc1048_opts) / sizeof(rfc1048_opts[0])) 275 276 static void 277 rfc1048_print(bp, length) 278 u_char *bp; 279 int length; 280 { 281 u_char tag; 282 u_char *ep; 283 int len; 284 u_int32 ul; 285 u_short us; 286 struct in_addr ia; 287 char *optstr; 288 289 printf("-rfc1395"); 290 291 /* Step over magic cookie */ 292 bp += sizeof(int32); 293 /* Setup end pointer */ 294 ep = bp + length; 295 while (bp < ep) { 296 tag = *bp++; 297 /* Check for tags with no data first. */ 298 if (tag == TAG_PAD) 299 continue; 300 if (tag == TAG_END) 301 return; 302 if (tag < KNOWN_OPTIONS) { 303 optstr = rfc1048_opts[tag]; 304 printf(" %s:", optstr + 1); 305 } else { 306 printf(" T%d:", tag); 307 optstr = "?"; 308 } 309 /* Now scan the length byte. */ 310 len = *bp++; 311 if (bp + len > ep) { 312 /* truncated option */ 313 printf(" |(%d>%td)", len, ep - bp); 314 return; 315 } 316 /* Print the option value(s). */ 317 switch (optstr[0]) { 318 319 case 'a': /* ASCII string */ 320 printfn(bp, bp + len); 321 bp += len; 322 len = 0; 323 break; 324 325 case 's': /* Word formats */ 326 while (len >= 2) { 327 bcopy((char *) bp, (char *) &us, 2); 328 printf("%d", ntohs(us)); 329 bp += 2; 330 len -= 2; 331 if (len) printf(","); 332 } 333 if (len) printf("(junk=%d)", len); 334 break; 335 336 case 'l': /* Long words */ 337 while (len >= 4) { 338 bcopy((char *) bp, (char *) &ul, 4); 339 printf("%ld", (long)ntohl(ul)); 340 bp += 4; 341 len -= 4; 342 if (len) printf(","); 343 } 344 if (len) printf("(junk=%d)", len); 345 break; 346 347 case 'i': /* INET addresses */ 348 while (len >= 4) { 349 bcopy((char *) bp, (char *) &ia, 4); 350 printf("%s", ipaddr_string(&ia)); 351 bp += 4; 352 len -= 4; 353 if (len) printf(","); 354 } 355 if (len) printf("(junk=%d)", len); 356 break; 357 358 case 'b': 359 default: 360 break; 361 362 } /* switch */ 363 364 /* Print as characters, if appropriate. */ 365 if (len) { 366 dump_hex(bp, len); 367 if (isascii(*bp) && isprint(*bp)) { 368 printf("("); 369 printfn(bp, bp + len); 370 printf(")"); 371 } 372 bp += len; 373 len = 0; 374 } 375 } /* while bp < ep */ 376 } 377 378 static void 379 cmu_print(bp, length) 380 u_char *bp; 381 int length; 382 { 383 struct cmu_vend *v; 384 385 printf("-cmu"); 386 387 v = (struct cmu_vend *) bp; 388 if (length < sizeof(*v)) { 389 printf(" |L=%d", length); 390 return; 391 } 392 393 /* Subnet mask */ 394 if (v->v_flags & VF_SMASK) { 395 printf(" SM:%s", ipaddr_string(&v->v_smask)); 396 } 397 /* Default gateway */ 398 if (v->v_dgate.s_addr) 399 printf(" GW:%s", ipaddr_string(&v->v_dgate)); 400 401 /* Domain name servers */ 402 if (v->v_dns1.s_addr) 403 printf(" DNS1:%s", ipaddr_string(&v->v_dns1)); 404 if (v->v_dns2.s_addr) 405 printf(" DNS2:%s", ipaddr_string(&v->v_dns2)); 406 407 /* IEN-116 name servers */ 408 if (v->v_ins1.s_addr) 409 printf(" INS1:%s", ipaddr_string(&v->v_ins1)); 410 if (v->v_ins2.s_addr) 411 printf(" INS2:%s", ipaddr_string(&v->v_ins2)); 412 413 /* Time servers */ 414 if (v->v_ts1.s_addr) 415 printf(" TS1:%s", ipaddr_string(&v->v_ts1)); 416 if (v->v_ts2.s_addr) 417 printf(" TS2:%s", ipaddr_string(&v->v_ts2)); 418 419 } 420 421 422 /* 423 * Print out arbitrary, unknown vendor data. 424 */ 425 426 static void 427 other_print(bp, length) 428 u_char *bp; 429 int length; 430 { 431 u_char *ep; /* end pointer */ 432 u_char *zp; /* points one past last non-zero byte */ 433 434 /* Setup end pointer */ 435 ep = bp + length; 436 437 /* Find the last non-zero byte. */ 438 for (zp = ep; zp > bp; zp--) { 439 if (zp[-1] != 0) 440 break; 441 } 442 443 /* Print the all-zero case in a compact representation. */ 444 if (zp == bp) { 445 printf("-all-zero"); 446 return; 447 } 448 printf("-unknown"); 449 450 /* Are there enough trailing zeros to make "00..." worthwhile? */ 451 if (zp + 2 > ep) 452 zp = ep; /* print them all normally */ 453 454 /* Now just print all the non-zero data. */ 455 while (bp < zp) { 456 printf(".%02X", *bp); 457 bp++; 458 } 459 460 if (zp < ep) 461 printf(".00..."); 462 463 return; 464 } 465 466 static void 467 dump_hex(bp, len) 468 u_char *bp; 469 int len; 470 { 471 while (len > 0) { 472 printf("%02X", *bp); 473 bp++; 474 len--; 475 if (len) printf("."); 476 } 477 } 478 479 /* 480 * Local Variables: 481 * tab-width: 4 482 * c-indent-level: 4 483 * c-argdecl-indent: 4 484 * c-continued-statement-offset: 4 485 * c-continued-brace-offset: -4 486 * c-label-offset: -4 487 * c-brace-offset: 0 488 * End: 489 */ 490