xref: /titanic_44/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop.h (revision 9df12a23948bd40cbe37ce88d84e272c3894e675)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 
23 /*
24  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
25  * Use is subject to license terms.
26  */
27 
28 #ifndef	_SNOOP_H
29 #define	_SNOOP_H
30 
31 #pragma ident	"%Z%%M%	%I%	%E% SMI"	/* SunOS	*/
32 
33 #include <rpc/types.h>
34 #include <sys/pfmod.h>
35 #include <sys/time.h>
36 #include <sys/types.h>
37 #include <sys/socket.h>
38 #include <net/if.h>
39 #include <netinet/in.h>
40 #include <netinet/if_ether.h>
41 #include <netinet/in_systm.h>
42 #include <netinet/ip.h>
43 #include <netinet/ip6.h>
44 #include <netinet/ip_icmp.h>
45 #include <netinet/icmp6.h>
46 #include <net/pppoe.h>
47 
48 #ifdef __cplusplus
49 extern "C" {
50 #endif
51 
52 /*
53  * Flags to control packet info display
54  */
55 #define	F_NOW		0x00000001	/* display in realtime */
56 #define	F_SUM		0x00000002	/* display summary line */
57 #define	F_ALLSUM	0x00000004	/* display all summary lines */
58 #define	F_DTAIL		0x00000008	/* display detail lines */
59 #define	F_TIME		0x00000010	/* display time */
60 #define	F_ATIME		0x00000020	/* display absolute time */
61 #define	F_RTIME		0x00000040	/* display relative time */
62 #define	F_DROPS		0x00000080	/* display drops */
63 #define	F_LEN		0x00000100	/* display pkt length */
64 #define	F_NUM		0x00000200	/* display pkt number */
65 #define	F_WHO		0x00000400	/* display src/dst */
66 
67 #define	MAXLINE		(1088)		/* max len of detail line */
68 
69 #define	MAX_HDRTRAILER	(64)		/* max hdr/trailer packet slack */
70 
71 /*
72  * The RPC XID cache structure.
73  * When analyzing RPC protocols we
74  * have to cache the xid of the RPC
75  * request together with the program
76  * number, proc, version etc since this
77  * information is missing in the reply
78  * packet.  Using the xid in the reply
79  * we can lookup this previously stashed
80  * information in the cache.
81  *
82  * For RPCSEC_GSS flavor, some special processing is
83  * needed for the argument interpretation based on its
84  * control procedure and service type.  This information
85  * is stored in the cache table during interpretation of
86  * the rpc header and will be referenced later when the rpc
87  * argument is interpreted.
88  */
89 #define	XID_CACHE_SIZE 256
90 struct cache_struct {
91 	int xid_num;	/* RPC transaction id */
92 	int xid_frame;	/* Packet number */
93 	int xid_prog;	/* RPC program number */
94 	int xid_vers;	/* RPC version number */
95 	int xid_proc;	/* RPC procedure number */
96 	unsigned int xid_gss_proc; /* control procedure */
97 	int xid_gss_service; /* none, integ, priv */
98 } xid_cache[XID_CACHE_SIZE];
99 
100 
101 /*
102  * The following macros advance the pointer passed to them.  They
103  * assume they are given a char *.
104  */
105 #define	GETINT8(v, ptr) { \
106 	(v) = (*(ptr)++); \
107 }
108 
109 #define	GETINT16(v, ptr) { \
110 	(v) = *(ptr)++ << 8; \
111 	(v) |= *(ptr)++; \
112 }
113 
114 #define	GETINT32(v, ptr) { \
115 	(v) = *(ptr)++ << 8; \
116 	(v) |= *(ptr)++; (v) <<= 8; \
117 	(v) |= *(ptr)++; (v) <<= 8; \
118 	(v) |= *(ptr)++; \
119 }
120 
121 /*
122  * Used to print nested protocol layers.  For example, an ip datagram included
123  * in an icmp error, or a PPP packet included in an LCP protocol reject..
124  */
125 extern char *prot_nest_prefix;
126 
127 extern char *get_sum_line(void);
128 extern char *get_detail_line(int, int);
129 extern struct timeval prev_time;
130 extern char *getflag(int, int, char *, char *);
131 extern void show_header(char *, char *, int);
132 extern void xdr_init(char *, int);
133 extern char *get_line(int, int);
134 extern int get_line_remain(void);
135 extern char getxdr_char(void);
136 extern char showxdr_char(char *);
137 extern uchar_t getxdr_u_char(void);
138 extern uchar_t showxdr_u_char(char *);
139 extern short getxdr_short(void);
140 extern short showxdr_short(char *);
141 extern ushort_t getxdr_u_short(void);
142 extern ushort_t showxdr_u_short(char *);
143 extern long getxdr_long(void);
144 extern long showxdr_long(char *);
145 extern ulong_t getxdr_u_long(void);
146 extern ulong_t showxdr_u_long(char *);
147 extern longlong_t getxdr_longlong(void);
148 extern longlong_t showxdr_longlong(char *);
149 extern u_longlong_t getxdr_u_longlong(void);
150 extern u_longlong_t showxdr_u_longlong(char *);
151 extern char *getxdr_opaque(char *, int);
152 extern char *getxdr_string(char *, int);
153 extern char *showxdr_string(int, char *);
154 extern char *getxdr_bytes(uint_t *);
155 extern void xdr_skip(int);
156 extern int getxdr_pos(void);
157 extern void setxdr_pos(int);
158 extern char *getxdr_context(char *, int);
159 extern char *showxdr_context(char *);
160 extern enum_t getxdr_enum(void);
161 extern void show_space(void);
162 extern void show_trailer(void);
163 extern char *getxdr_date(void);
164 extern char *showxdr_date(char *);
165 extern char *getxdr_date_ns(void);
166 char *format_time(int64_t sec, uint32_t nsec);
167 extern char *showxdr_date_ns(char *);
168 extern char *getxdr_hex(int);
169 extern char *showxdr_hex(int, char *);
170 extern bool_t getxdr_bool(void);
171 extern bool_t showxdr_bool(char *);
172 extern char *concat_args(char **, int);
173 extern int pf_compile(char *, int);
174 extern void compile(char *, int);
175 extern void load_names(char *);
176 extern void cap_open_read(char *);
177 extern void cap_open_write(char *);
178 extern void cap_read(int, int, int, void (*)(), int);
179 extern void cap_close(void);
180 extern boolean_t check_device(char **, int *);
181 extern void initdevice(char *, ulong_t, ulong_t, struct timeval *,
182     struct Pf_ext_packetfilt *, int);
183 extern void net_read(int, int, void (*)(), int);
184 extern void click(int);
185 extern void show_pktinfo(int, int, char *, char *, struct timeval *,
186 		struct timeval *, int, int);
187 extern void show_line(char *);
188 extern char *getxdr_time(void);
189 extern char *showxdr_time(char *);
190 extern char *addrtoname(int, void *);
191 extern char *show_string(const char *, int, int);
192 extern void pr_err(char *, ...);
193 extern void check_retransmit(char *, ulong_t);
194 extern char *nameof_prog(int);
195 extern char *getproto(int);
196 extern uint8_t print_ipv6_extensions(int, uint8_t **, uint8_t *, int *, int *);
197 extern void protoprint(int, int, ulong_t, int, int, int, char *, int);
198 extern char *getportname(int, in_port_t);
199 
200 extern void interpret_arp(int, struct arphdr *, int);
201 extern void interpret_bparam(int, int, int, int, int, char *, int);
202 extern void interpret_dns(int, int, const uchar_t *, int);
203 extern void interpret_mount(int, int, int, int, int, char *, int);
204 extern void interpret_nfs(int, int, int, int, int, char *, int);
205 extern void interpret_nfs3(int, int, int, int, int, char *, int);
206 extern void interpret_nfs4(int, int, int, int, int, char *, int);
207 extern void interpret_nfs4_cb(int, int, int, int, int, char *, int);
208 extern void interpret_nfs_acl(int, int, int, int, int, char *, int);
209 extern void interpret_nis(int, int, int, int, int, char *, int);
210 extern void interpret_nisbind(int, int, int, int, int, char *, int);
211 extern void interpret_nisp_cb(int, int, int, int, int, char *, int);
212 extern void interpret_nisplus(int, int, int, int, int, char *, int);
213 extern void interpret_nlm(int, int, int, int, int, char *, int);
214 extern void interpret_pmap(int, int, int, int, int, char *, int);
215 extern int interpret_reserved(int, int, in_port_t, in_port_t, char *, int);
216 extern void interpret_rquota(int, int, int, int, int, char *, int);
217 extern void interpret_rstat(int, int, int, int, int, char *, int);
218 extern void interpret_solarnet_fw(int, int, int, int, int, char *, int);
219 extern void interpret_ldap(int, char *, int, int, int);
220 extern void interpret_icmp(int, struct icmp *, int, int);
221 extern void interpret_icmpv6(int, icmp6_t *, int, int);
222 extern int interpret_ip(int, struct ip *, int);
223 extern int interpret_ipv6(int, ip6_t *, int);
224 extern int interpret_ppp(int, uchar_t *, int);
225 extern int interpret_pppoe(int, poep_t *, int);
226 extern void init_ldap(void);
227 extern boolean_t arp_for_ether(char *, struct ether_addr *);
228 extern char *ether_ouiname(uint32_t);
229 char *tohex(char *p, int len);
230 extern char *printether(struct ether_addr *);
231 extern char *print_ethertype(int);
232 
233 /*
234  * Describes characteristics of the Media Access Layer.
235  * The mac_type is one of the supported DLPI media
236  * types (see <sys/dlpi.h>).
237  * The mtu_size is the size of the largest frame.
238  * The header length is returned by a function to
239  * allow for variable header size - for ethernet it's
240  * just a constant 14 octets.
241  * The interpreter is the function that "knows" how
242  * to interpret the frame.
243  */
244 typedef struct interface {
245 	uint_t	mac_type;
246 	uint_t	mtu_size;
247 	uint_t	(*header_len)(char *);
248 	uint_t 	(*interpreter)(int, char *, int, int);
249 	uint_t	mac_hdr_fixed_size;
250 } interface_t;
251 
252 #define	IF_HDR_FIXED	0
253 #define	IF_HDR_VAR	1
254 
255 extern interface_t INTERFACES[], *interface;
256 extern char *device;
257 
258 extern char *dlc_header;
259 
260 /*
261  * Global error recovery routine: used to reset snoop variables after
262  * catastrophic failure.
263  */
264 void snoop_recover(void);
265 
266 /*
267  * Global alarm handler structure for managing multiple alarms within
268  * snoop.
269  */
270 typedef struct snoop_handler {
271 	struct snoop_handler *s_next;		/* next alarm handler */
272 	time_t s_time;				/* time to fire */
273 	void (*s_handler)();			/* alarm handler */
274 } snoop_handler_t;
275 
276 #define	SNOOP_MAXRECOVER	20	/* maxium number of recoveries */
277 #define	SNOOP_ALARM_GRAN	3	/* alarm() timeout multiplier */
278 
279 /*
280  * Global alarm handler management routine.
281  */
282 extern int snoop_alarm(int s_sec, void (*s_handler)());
283 
284 #ifdef __cplusplus
285 }
286 #endif
287 
288 #endif	/* _SNOOP_H */
289