freebsd-skq/contrib/tcpdump/print-symantec.c

115 lines
3.8 KiB
C
Raw Normal View History

/*
* Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that: (1) source code distributions
* retain the above copyright notice and this paragraph in its entirety, (2)
* distributions including binary code include the above copyright notice and
* this paragraph in its entirety in the documentation or other materials
* provided with the distribution, and (3) all advertising materials mentioning
* features or use of this software display the following acknowledgement:
* ``This product includes software developed by the University of California,
* Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
* the University nor the names of its contributors may be used to endorse
* or promote products derived from this software without specific prior
* written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
2017-01-31 19:17:06 +00:00
/* \summary: Symantec Enterprise Firewall printer */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
2017-01-31 19:17:06 +00:00
#include <netdissect-stdinc.h>
2017-01-31 19:17:06 +00:00
#include "netdissect.h"
Update tcpdump to 4.1.1. Changes: Thu. April 1, 2010. guy@alum.mit.edu. Summary for 4.1.1 tcpdump release Fix build on systems with PF, such as FreeBSD and OpenBSD. Don't blow up if a zero-length link-layer address is passed to linkaddr_string(). Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu. Summary for 4.1.0 tcpdump release Fix printing of MAC addresses for VLAN frames with a length field Add some additional bounds checks and use the EXTRACT_ macros more Add a -b flag to print the AS number in BGP packets in ASDOT notation rather than ASPLAIN notation Add ICMPv6 RFC 5006 support Decode the access flags in NFS access requests Handle the new DLT_ for memory-mapped USB captures on Linux Make the default snapshot (-s) the maximum Print name of device (when -L is used) Support for OpenSolaris (and SXCE build 125 and later) Print new TCP flags Add support for RPL DIO Add support for TCP User Timeout (UTO) Add support for non-standard Ethertypes used by 3com PPPoE gear Add support for 802.11n and 802.11s Add support for Transparent Ethernet Bridge ethertype in GRE Add 4 byte AS support for BGP printer Add support for the MDT SAFI 66 BG printer Add basic IPv6 support to print-olsr Add USB printer Add printer for ForCES Handle frames with an FCS Handle 802.11n Control Wrapper, Block Acq Req and Block Ack frames Fix TCP sequence number printing Report 802.2 packets as 802.2 instead of 802.3 Don't include -L/usr/lib in LDFLAGS On x86_64 Linux, look in lib64 directory too Lots of code clean ups Autoconf clean ups Update testcases to make output changes Fix compiling with/out smi (--with{,out}-smi) Fix compiling without IPv6 support (--disable-ipv6)
2010-10-28 16:23:25 +00:00
#include "extract.h"
#include "ethertype.h"
#include "ether.h"
struct symantec_header {
2015-01-06 19:03:11 +00:00
uint8_t stuff1[6];
uint16_t ether_type;
uint8_t stuff2[36];
};
static inline void
2015-01-06 19:03:11 +00:00
symantec_hdr_print(netdissect_options *ndo, register const u_char *bp, u_int length)
{
register const struct symantec_header *sp;
2015-01-06 19:03:11 +00:00
uint16_t etype;
sp = (const struct symantec_header *)bp;
Update tcpdump to 4.1.1. Changes: Thu. April 1, 2010. guy@alum.mit.edu. Summary for 4.1.1 tcpdump release Fix build on systems with PF, such as FreeBSD and OpenBSD. Don't blow up if a zero-length link-layer address is passed to linkaddr_string(). Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu. Summary for 4.1.0 tcpdump release Fix printing of MAC addresses for VLAN frames with a length field Add some additional bounds checks and use the EXTRACT_ macros more Add a -b flag to print the AS number in BGP packets in ASDOT notation rather than ASPLAIN notation Add ICMPv6 RFC 5006 support Decode the access flags in NFS access requests Handle the new DLT_ for memory-mapped USB captures on Linux Make the default snapshot (-s) the maximum Print name of device (when -L is used) Support for OpenSolaris (and SXCE build 125 and later) Print new TCP flags Add support for RPL DIO Add support for TCP User Timeout (UTO) Add support for non-standard Ethertypes used by 3com PPPoE gear Add support for 802.11n and 802.11s Add support for Transparent Ethernet Bridge ethertype in GRE Add 4 byte AS support for BGP printer Add support for the MDT SAFI 66 BG printer Add basic IPv6 support to print-olsr Add USB printer Add printer for ForCES Handle frames with an FCS Handle 802.11n Control Wrapper, Block Acq Req and Block Ack frames Fix TCP sequence number printing Report 802.2 packets as 802.2 instead of 802.3 Don't include -L/usr/lib in LDFLAGS On x86_64 Linux, look in lib64 directory too Lots of code clean ups Autoconf clean ups Update testcases to make output changes Fix compiling with/out smi (--with{,out}-smi) Fix compiling without IPv6 support (--disable-ipv6)
2010-10-28 16:23:25 +00:00
etype = EXTRACT_16BITS(&sp->ether_type);
2015-01-06 19:03:11 +00:00
if (!ndo->ndo_qflag) {
if (etype <= ETHERMTU)
2015-01-06 19:03:11 +00:00
ND_PRINT((ndo, "invalid ethertype %u", etype));
else
ND_PRINT((ndo, "ethertype %s (0x%04x)",
tok2str(ethertype_values,"Unknown", etype),
2015-01-06 19:03:11 +00:00
etype));
} else {
if (etype <= ETHERMTU)
2015-01-06 19:03:11 +00:00
ND_PRINT((ndo, "invalid ethertype %u", etype));
else
ND_PRINT((ndo, "%s", tok2str(ethertype_values,"Unknown Ethertype (0x%04x)", etype)));
}
2015-01-06 19:03:11 +00:00
ND_PRINT((ndo, ", length %u: ", length));
}
/*
* This is the top level routine of the printer. 'p' points
* to the ether header of the packet, 'h->ts' is the timestamp,
* 'h->len' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
u_int
2015-01-06 19:03:11 +00:00
symantec_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *p)
{
u_int length = h->len;
u_int caplen = h->caplen;
2017-01-31 19:17:06 +00:00
const struct symantec_header *sp;
u_short ether_type;
if (caplen < sizeof (struct symantec_header)) {
2015-01-06 19:03:11 +00:00
ND_PRINT((ndo, "[|symantec]"));
return caplen;
}
2015-01-06 19:03:11 +00:00
if (ndo->ndo_eflag)
symantec_hdr_print(ndo, p, length);
length -= sizeof (struct symantec_header);
caplen -= sizeof (struct symantec_header);
2017-01-31 19:17:06 +00:00
sp = (const struct symantec_header *)p;
p += sizeof (struct symantec_header);
Update tcpdump to 4.1.1. Changes: Thu. April 1, 2010. guy@alum.mit.edu. Summary for 4.1.1 tcpdump release Fix build on systems with PF, such as FreeBSD and OpenBSD. Don't blow up if a zero-length link-layer address is passed to linkaddr_string(). Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu. Summary for 4.1.0 tcpdump release Fix printing of MAC addresses for VLAN frames with a length field Add some additional bounds checks and use the EXTRACT_ macros more Add a -b flag to print the AS number in BGP packets in ASDOT notation rather than ASPLAIN notation Add ICMPv6 RFC 5006 support Decode the access flags in NFS access requests Handle the new DLT_ for memory-mapped USB captures on Linux Make the default snapshot (-s) the maximum Print name of device (when -L is used) Support for OpenSolaris (and SXCE build 125 and later) Print new TCP flags Add support for RPL DIO Add support for TCP User Timeout (UTO) Add support for non-standard Ethertypes used by 3com PPPoE gear Add support for 802.11n and 802.11s Add support for Transparent Ethernet Bridge ethertype in GRE Add 4 byte AS support for BGP printer Add support for the MDT SAFI 66 BG printer Add basic IPv6 support to print-olsr Add USB printer Add printer for ForCES Handle frames with an FCS Handle 802.11n Control Wrapper, Block Acq Req and Block Ack frames Fix TCP sequence number printing Report 802.2 packets as 802.2 instead of 802.3 Don't include -L/usr/lib in LDFLAGS On x86_64 Linux, look in lib64 directory too Lots of code clean ups Autoconf clean ups Update testcases to make output changes Fix compiling with/out smi (--with{,out}-smi) Fix compiling without IPv6 support (--disable-ipv6)
2010-10-28 16:23:25 +00:00
ether_type = EXTRACT_16BITS(&sp->ether_type);
if (ether_type <= ETHERMTU) {
/* ether_type not known, print raw packet */
2015-01-06 19:03:11 +00:00
if (!ndo->ndo_eflag)
2017-01-31 19:17:06 +00:00
symantec_hdr_print(ndo, (const u_char *)sp, length + sizeof (struct symantec_header));
2015-01-06 19:03:11 +00:00
if (!ndo->ndo_suppress_default_print)
ND_DEFAULTPRINT(p, caplen);
2017-01-31 19:17:06 +00:00
} else if (ethertype_print(ndo, ether_type, p, length, caplen, NULL, NULL) == 0) {
/* ether_type not known, print raw packet */
2015-01-06 19:03:11 +00:00
if (!ndo->ndo_eflag)
2017-01-31 19:17:06 +00:00
symantec_hdr_print(ndo, (const u_char *)sp, length + sizeof (struct symantec_header));
2015-01-06 19:03:11 +00:00
if (!ndo->ndo_suppress_default_print)
ND_DEFAULTPRINT(p, caplen);
}
return (sizeof (struct symantec_header));
}