Merge tcpdump 3.5

This commit is contained in:
fenner 2000-01-30 01:05:24 +00:00
parent 107d567bf3
commit c780ea93f3
31 changed files with 1764 additions and 1132 deletions

View File

@ -1,505 +0,0 @@
dnl @(#) $Header: acsite.m4,v 1.41 96/11/29 15:30:40 leres Exp $ (LBL)
dnl
dnl Copyright (c) 1995, 1996
dnl The Regents of the University of California. All rights reserved.
dnl
dnl Redistribution and use in source and binary forms, with or without
dnl modification, are permitted provided that: (1) source code distributions
dnl retain the above copyright notice and this paragraph in its entirety, (2)
dnl distributions including binary code include the above copyright notice and
dnl this paragraph in its entirety in the documentation or other materials
dnl provided with the distribution, and (3) all advertising materials mentioning
dnl features or use of this software display the following acknowledgement:
dnl ``This product includes software developed by the University of California,
dnl Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
dnl the University nor the names of its contributors may be used to endorse
dnl or promote products derived from this software without specific prior
dnl written permission.
dnl THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
dnl WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
dnl MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
dnl
dnl LBL autoconf macros
dnl
dnl
dnl Determine which compiler we're using (cc or gcc)
dnl If using gcc, determine the version number
dnl If using cc, require that it support ansi prototypes
dnl If using gcc, use -O2 (otherwise use -O)
dnl If using cc, explicitly specify /usr/local/include
dnl
dnl usage:
dnl
dnl AC_LBL_C_INIT(copt, incls)
dnl
dnl results:
dnl
dnl $1 (copt set)
dnl $2 (incls set)
dnl CC
dnl ac_cv_gcc_vers
dnl LBL_CFLAGS
dnl
dnl XXX need to add test to make sure ac_prog_cc hasn't been called
AC_DEFUN(AC_LBL_C_INIT,
[AC_PREREQ(2.12)
$1=-O
$2=""
if test "${CFLAGS+set}" = set; then
LBL_CFLAGS="$CFLAGS"
fi
if test -z "$CC" ; then
case "$target_os" in
bsdi*)
AC_CHECK_PROG(SHLICC2, shlicc2, yes, no)
if test $SHLICC2 = yes ; then
CC=shlicc2
export CC
fi
;;
esac
fi
AC_PROG_CC
if test $ac_cv_prog_gcc = yes ; then
if test "$SHLICC2" = yes ; then
ac_cv_gcc_vers=2
$1=-O2
else
AC_MSG_CHECKING(gcc version)
AC_CACHE_VAL(ac_cv_gcc_vers,
ac_cv_gcc_vers=`$CC -v 2>&1 | \
sed -n -e '$s/.* //' -e '$s/\..*//p'`)
AC_MSG_RESULT($ac_cv_gcc_vers)
if test $ac_cv_gcc_vers -gt 1 ; then
$1=-O2
fi
fi
else
AC_MSG_CHECKING(that $CC handles ansi prototypes)
AC_CACHE_VAL(ac_cv_cc_ansi_prototypes,
AC_TRY_COMPILE(
[#include <sys/types.h>],
[int frob(int, char *)],
ac_cv_cc_ansi_prototypes=yes,
ac_cv_cc_ansi_prototypes=no))
AC_MSG_RESULT($ac_cv_cc_ansi_prototypes)
if test $ac_cv_cc_ansi_prototypes = no ; then
case "$target_os" in
hpux*)
AC_MSG_CHECKING(for HP-UX ansi compiler ($CC -Aa -D_HPUX_SOURCE))
savedcflags="$CFLAGS"
CFLAGS="-Aa -D_HPUX_SOURCE $CFLAGS"
AC_CACHE_VAL(ac_cv_cc_hpux_cc_aa,
AC_TRY_COMPILE(
[#include <sys/types.h>],
[int frob(int, char *)],
ac_cv_cc_hpux_cc_aa=yes,
ac_cv_cc_hpux_cc_aa=no))
AC_MSG_RESULT($ac_cv_cc_hpux_cc_aa)
if test $ac_cv_cc_hpux_cc_aa = no ; then
AC_MSG_ERROR(see the INSTALL for more info)
fi
CFLAGS="$savedcflags"
V_CCOPT="-Aa $V_CCOPT"
AC_DEFINE(_HPUX_SOURCE)
;;
*)
AC_MSG_ERROR(see the INSTALL for more info)
;;
esac
fi
$2=-I/usr/local/include
case "$target_os" in
irix*)
V_CCOPT="$V_CCOPT -xansi -signed -g3"
;;
osf*)
V_CCOPT="$V_CCOPT -g3"
;;
ultrix*)
AC_MSG_CHECKING(that Ultrix $CC hacks const in prototypes)
AC_CACHE_VAL(ac_cv_cc_const_proto,
AC_TRY_COMPILE(
[#include <sys/types.h>],
[struct a { int b; };
void c(const struct a *)],
ac_cv_cc_const_proto=yes,
ac_cv_cc_const_proto=no))
AC_MSG_RESULT($ac_cv_cc_const_proto)
if test $ac_cv_cc_const_proto = no ; then
AC_DEFINE(const,)
fi
;;
esac
fi
])
dnl
dnl Use pfopen.c if available and pfopen() not in standard libraries
dnl Require libpcap
dnl Look for libpcap in ..
dnl Use the installed libpcap if there is no local version
dnl
dnl usage:
dnl
dnl AC_LBL_LIBPCAP(pcapdep, incls)
dnl
dnl results:
dnl
dnl $1 (pcapdep set)
dnl $2 (incls appended)
dnl LIBS
dnl
AC_DEFUN(AC_LBL_LIBPCAP,
[pfopen=/usr/examples/packetfilter/pfopen.c
if test -f $pfopen ; then
AC_CHECK_FUNCS(pfopen)
if test $ac_cv_func_pfopen = "no" ; then
AC_MSG_RESULT(Using $pfopen)
LIBS="$LIBS $pfopen"
fi
fi
AC_MSG_CHECKING(for local pcap library)
libpcap=FAIL
lastdir=FAIL
places=`ls .. | sed -e 's,/$,,' -e 's,^,../,' | \
egrep '/libpcap-[[0-9]]*\.[[0-9]]*(\.[[0-9]]*)?([[ab]][[0-9]]*)?$'`
for dir in $places ../libpcap libpcap ; do
basedir=`echo $dir | sed -e 's/[[ab]][[0-9]]*$//'`
if test $lastdir = $basedir ; then
dnl skip alphas when an actual release is present
continue;
fi
lastdir=$dir
if test -r $dir/pcap.c ; then
libpcap=$dir/libpcap.a
d=$dir
dnl continue and select the last one that exists
fi
done
if test $libpcap = FAIL ; then
AC_MSG_RESULT(not found)
AC_CHECK_LIB(pcap, main, libpcap="-lpcap")
if test $libpcap = FAIL ; then
AC_MSG_ERROR(see the INSTALL doc for more info)
fi
else
$1=$libpcap
$2="-I$d $$2"
AC_MSG_RESULT($libpcap)
fi
LIBS="$libpcap $LIBS"])
dnl
dnl Define RETSIGTYPE and RETSIGVAL
dnl
dnl usage:
dnl
dnl AC_LBL_TYPE_SIGNAL
dnl
dnl results:
dnl
dnl RETSIGTYPE (defined)
dnl RETSIGVAL (defined)
dnl
AC_DEFUN(AC_LBL_TYPE_SIGNAL,
[AC_TYPE_SIGNAL
if test "$ac_cv_type_signal" = void ; then
AC_DEFINE(RETSIGVAL,)
else
AC_DEFINE(RETSIGVAL,(0))
fi
case "$target_os" in
irix*)
AC_DEFINE(_BSD_SIGNALS)
;;
*)
AC_CHECK_FUNCS(sigset)
if test $ac_cv_func_sigset = yes ; then
AC_DEFINE(signal, sigset)
fi
;;
esac])
dnl
dnl If using gcc, see if fixincludes should be run
dnl
dnl usage:
dnl
dnl AC_LBL_FIXINCLUDES
dnl
AC_DEFUN(AC_LBL_FIXINCLUDES,
[if test $ac_cv_prog_gcc = yes ; then
AC_MSG_CHECKING(if fixincludes is needed)
AC_CACHE_VAL(ac_cv_gcc_fixincludes,
AC_TRY_COMPILE(
[/*
* This generates a "duplicate case value" when fixincludes
* has not be run.
*/
# include <sys/types.h>
# include <sys/time.h>
# include <sys/ioctl.h>
# ifdef HAVE_SYS_IOCCOM_H
# include <sys/ioccom.h>
# endif],
[switch (0) {
case _IO('A', 1):;
case _IO('B', 1):;
}],
ac_cv_gcc_fixincludes=yes,
ac_cv_gcc_fixincludes=no))
AC_MSG_RESULT($ac_cv_gcc_fixincludes)
if test $ac_cv_gcc_fixincludes = no ; then
# Don't cache failure
unset ac_cv_gcc_fixincludes
AC_MSG_ERROR(see the INSTALL for more info)
fi
fi])
dnl
dnl Check for flex, default to lex
dnl Require flex 2.4 or higher
dnl Check for bison, default to yacc
dnl Default to lex/yacc if both flex and bison are not available
dnl Define the yy prefix string if using flex and bison
dnl
dnl usage:
dnl
dnl AC_LBL_LEX_AND_YACC(lex, yacc, yyprefix)
dnl
dnl results:
dnl
dnl $1 (lex set)
dnl $2 (yacc appended)
dnl $3 (optional flex and bison -P prefix)
dnl
AC_DEFUN(AC_LBL_LEX_AND_YACC,
[AC_CHECK_PROGS($1, flex, lex)
if test "$$1" = flex ; then
# The -V flag was added in 2.4
AC_MSG_CHECKING(for flex 2.4 or higher)
AC_CACHE_VAL(ac_cv_flex_v24,
if flex -V >/dev/null 2>&1; then
ac_cv_flex_v24=yes
else
ac_cv_flex_v24=no
fi)
AC_MSG_RESULT($ac_cv_flex_v24)
if test $ac_cv_flex_v24 = no ; then
s="2.4 or higher required"
AC_MSG_WARN(ignoring obsolete flex executable ($s))
$1=lex
fi
fi
AC_CHECK_PROGS($2, bison, yacc)
if test "$$2" = bison ; then
$2="$$2 -y"
fi
if test "$$1" != lex -a "$$2" = yacc -o "$$1" = lex -a "$$2" != yacc ; then
AC_MSG_WARN(don't have both flex and bison; reverting to lex/yacc)
$1=lex
$2=yacc
fi
if test "$$1" = flex -a -n "$3" ; then
$1="$$1 -P$3"
$2="$$2 -p $3"
fi])
dnl
dnl Checks to see if union wait is used with WEXITSTATUS()
dnl
dnl usage:
dnl
dnl AC_LBL_UNION_WAIT
dnl
dnl results:
dnl
dnl DECLWAITSTATUS (defined)
dnl
AC_DEFUN(AC_LBL_UNION_WAIT,
[AC_MSG_CHECKING(if union wait is used)
AC_CACHE_VAL(ac_cv_union_wait,
AC_TRY_COMPILE([
# include <sys/types.h>
# include <sys/wait.h>],
[int status;
u_int i = WEXITSTATUS(status);
u_int j = waitpid(0, &status, 0);],
ac_cv_union_wait=no,
ac_cv_union_wait=yes))
AC_MSG_RESULT($ac_cv_union_wait)
if test $ac_cv_union_wait = yes ; then
AC_DEFINE(DECLWAITSTATUS,union wait)
else
AC_DEFINE(DECLWAITSTATUS,int)
fi])
dnl
dnl Checks to see if the sockaddr struct has the 4.4 BSD sa_len member
dnl
dnl usage:
dnl
dnl AC_LBL_SOCKADDR_SA_LEN
dnl
dnl results:
dnl
dnl HAVE_SOCKADDR_SA_LEN (defined)
dnl
AC_DEFUN(AC_LBL_SOCKADDR_SA_LEN,
[AC_MSG_CHECKING(if sockaddr struct has sa_len member)
AC_CACHE_VAL(ac_cv_sockaddr_has_sa_len,
AC_TRY_COMPILE([
# include <sys/types.h>
# include <sys/socket.h>],
[u_int i = sizeof(((struct sockaddr *)0)->sa_len)],
ac_cv_sockaddr_has_sa_len=yes,
ac_cv_sockaddr_has_sa_len=no))
AC_MSG_RESULT($ac_cv_sockaddr_has_sa_len)
if test $ac_cv_sockaddr_has_sa_len = yes ; then
AC_DEFINE(HAVE_SOCKADDR_SA_LEN)
fi])
dnl
dnl Checks to see if -R is used
dnl
dnl usage:
dnl
dnl AC_LBL_HAVE_RUN_PATH
dnl
dnl results:
dnl
dnl ac_cv_have_run_path (yes or no)
dnl
AC_DEFUN(AC_LBL_HAVE_RUN_PATH,
[AC_MSG_CHECKING(for ${CC-cc} -R)
AC_CACHE_VAL(ac_cv_have_run_path,
[echo 'main(){}' > conftest.c
${CC-cc} -o conftest conftest.c -R/a1/b2/c3 >conftest.out 2>&1
if test ! -s conftest.out ; then
ac_cv_have_run_path=yes
else
ac_cv_have_run_path=no
fi
rm -f conftest*])
AC_MSG_RESULT($ac_cv_have_run_path)
])
dnl
dnl Checks to see if unaligned memory accesses fail
dnl
dnl usage:
dnl
dnl AC_LBL_UNALIGNED_ACCESS
dnl
dnl results:
dnl
dnl LBL_ALIGN (DEFINED)
dnl
AC_DEFUN(AC_LBL_UNALIGNED_ACCESS,
[AC_MSG_CHECKING(if unaligned accesses fail)
AC_CACHE_VAL(ac_cv_unaligned_fail,
[case "$target_cpu" in
alpha|hp*|mips|sparc)
ac_cv_unaligned_fail=yes
;;
*)
cat >conftest.c <<EOF
# include <sys/types.h>
# include <sys/wait.h>
# include <stdio.h>
unsigned char a[[5]] = { 1, 2, 3, 4, 5 };
main() {
unsigned int i;
pid_t pid;
int status;
/* avoid "core dumped" message */
pid = fork();
if (pid < 0)
exit(2);
if (pid > 0) {
/* parent */
pid = waitpid(pid, &status, 0);
if (pid < 0)
exit(3);
exit(!WIFEXITED(status));
}
/* child */
i = *(unsigned int *)&a[[1]];
printf("%d\n", i);
exit(0);
}
EOF
${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS \
conftest.c $LIBS >/dev/null 2>&1
if test ! -x conftest ; then
dnl failed to compile for some reason
ac_cv_unaligned_fail=yes
else
./conftest >conftest.out
if test ! -s conftest.out ; then
ac_cv_unaligned_fail=yes
else
ac_cv_unaligned_fail=no
fi
fi
rm -f conftest* core core.conftest
;;
esac])
AC_MSG_RESULT($ac_cv_unaligned_fail)
if test $ac_cv_unaligned_fail = yes ; then
AC_DEFINE(LBL_ALIGN)
fi])
dnl
dnl If using gcc and the file .devel exists:
dnl Compile with -g (if supported) and -Wall
dnl If using gcc 2, do extra prototype checking
dnl If an os prototype include exists, symlink os-proto.h to it
dnl
dnl usage:
dnl
dnl AC_LBL_DEVEL(copt)
dnl
dnl results:
dnl
dnl $1 (copt appended)
dnl HAVE_OS_PROTO_H (defined)
dnl os-proto.h (symlinked)
dnl
AC_DEFUN(AC_LBL_DEVEL,
[rm -f os-proto.h
if test "${LBL_CFLAGS+set}" = set; then
$1="$$1 ${LBL_CFLAGS}"
fi
if test $ac_cv_prog_gcc = yes -a -f .devel ; then
if test "${LBL_CFLAGS+set}" != set; then
if test "$ac_cv_prog_cc_g" = yes ; then
$1="-g $$1"
fi
$1="$$1 -Wall"
if test $ac_cv_gcc_vers -gt 1 ; then
$1="$$1 -Wmissing-prototypes -Wstrict-prototypes"
fi
fi
os=`echo $target_os | sed -e 's/\([[0-9]][[0-9]]*\)[[^0-9]].*$/\1/'`
name="lbl/os-$os.h"
if test -f $name ; then
ln -s $name os-proto.h
AC_DEFINE(HAVE_OS_PROTO_H)
else
AC_MSG_WARN(can't find $name)
fi
fi])

View File

@ -20,10 +20,16 @@
*
* Internet, ethernet, port, and protocol string to address
* and address to string conversion routines
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: addrtoname.c,v 1.61 97/06/15 13:20:18 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/addrtoname.c,v 1.64 1999/11/21 09:36:44 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/types.h>
@ -39,6 +45,10 @@ struct rtentry;
#include <netinet/in.h>
#include <net/ethernet.h>
#ifdef INET6
#include <netinet6/ip6.h>
#endif
#include <arpa/inet.h>
#include <ctype.h>
@ -85,6 +95,16 @@ struct hnamemem eprototable[HASHNAMESIZE];
struct hnamemem dnaddrtable[HASHNAMESIZE];
struct hnamemem llcsaptable[HASHNAMESIZE];
#ifdef INET6
struct h6namemem {
struct in6_addr addr;
char *name;
struct h6namemem *nxt;
};
struct h6namemem h6nametable[HASHNAMESIZE];
#endif /* INET6 */
struct enamemem {
u_short e_addr0;
u_short e_addr1;
@ -171,39 +191,7 @@ getname(const u_char *ap)
#ifndef LBL_ALIGN
addr = *(const u_int32_t *)ap;
#else
/*
* Extract 32 bits in network order, dealing with alignment.
*/
switch ((long)ap & 3) {
case 0:
addr = *(u_int32_t *)ap;
break;
case 2:
#ifdef WORDS_BIGENDIAN
addr = ((u_int32_t)*(u_short *)ap << 16) |
(u_int32_t)*(u_short *)(ap + 2);
#else
addr = ((u_int32_t)*(u_short *)(ap + 2) << 16) |
(u_int32_t)*(u_short *)ap;
#endif
break;
default:
#ifdef WORDS_BIGENDIAN
addr = ((u_int32_t)ap[0] << 24) |
((u_int32_t)ap[1] << 16) |
((u_int32_t)ap[2] << 8) |
(u_int32_t)ap[3];
#else
addr = ((u_int32_t)ap[3] << 24) |
((u_int32_t)ap[2] << 16) |
((u_int32_t)ap[1] << 8) |
(u_int32_t)ap[0];
#endif
break;
}
memcpy(&addr, ap, sizeof(addr));
#endif
p = &hnametable[addr & (HASHNAMESIZE-1)];
for (; p->nxt; p = p->nxt) {
@ -249,6 +237,71 @@ getname(const u_char *ap)
return (p->name);
}
#ifdef INET6
/*
* Return a name for the IP6 address pointed to by ap. This address
* is assumed to be in network byte order.
*/
char *
getname6(const u_char *ap)
{
register struct hostent *hp;
struct in6_addr addr;
static struct h6namemem *p; /* static for longjmp() */
register char *cp;
char ntop_buf[INET6_ADDRSTRLEN];
memcpy(&addr, ap, sizeof(addr));
p = &h6nametable[*(u_int16_t *)&addr.s6_addr[14] & (HASHNAMESIZE-1)];
for (; p->nxt; p = p->nxt) {
if (memcmp(&p->addr, &addr, sizeof(addr)) == 0)
return (p->name);
}
p->addr = addr;
p->nxt = newh6namemem();
/*
* Only print names when:
* (1) -n was not given.
* (2) Address is foreign and -f was given. (If -f was not
* give, f_netmask and f_local are 0 and the test
* evaluates to true)
* (3) -a was given or the host portion is not all ones
* nor all zeros (i.e. not a network or broadcast address)
*/
if (!nflag
#if 0
&&
(addr & f_netmask) == f_localnet &&
(aflag ||
!((addr & ~netmask) == 0 || (addr | netmask) == 0xffffffff))
#endif
) {
if (!setjmp(getname_env)) {
(void)setsignal(SIGALRM, nohostname);
(void)alarm(20);
hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6);
(void)alarm(0);
if (hp) {
char *dotp;
p->name = savestr(hp->h_name);
if (Nflag) {
/* Remove domain qualifications */
dotp = strchr(p->name, '.');
if (dotp)
*dotp = '\0';
}
return (p->name);
}
}
}
cp = (char *)inet_ntop(AF_INET6, &addr, ntop_buf, sizeof(ntop_buf));
p->name = savestr(cp);
return (p->name);
}
#endif /* INET6 */
static char hex[] = "0123456789abcdef";
@ -765,3 +818,24 @@ newhnamemem(void)
p = ptr++;
return (p);
}
#ifdef INET6
/* Return a zero'ed h6namemem struct and cuts down on calloc() overhead */
struct h6namemem *
newh6namemem(void)
{
register struct h6namemem *p;
static struct h6namemem *ptr = NULL;
static u_int num = 0;
if (num <= 0) {
num = 64;
ptr = (struct h6namemem *)calloc(num, sizeof (*ptr));
if (ptr == NULL)
error("newh6namemem: calloc");
}
--num;
p = ptr++;
return (p);
}
#endif /* INET6 */

View File

@ -18,7 +18,7 @@
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* @(#) $Header: ethertype.h,v 1.6 96/07/14 18:21:49 leres Exp $ (LBL)
* @(#) $Header: /tcpdump/master/tcpdump/ethertype.h,v 1.7.2.1 2000/01/29 22:00:12 fenner Exp $ (LBL)
* $FreeBSD$
*/
@ -72,14 +72,20 @@
#ifndef ETHERTYPE_AARP
#define ETHERTYPE_AARP 0x80f3
#endif
#ifndef ETHERTYPE_8021Q
#define ETHERTYPE_8021Q 0x8100
#endif
#ifndef ETHERTYPE_IPX
#define ETHERTYPE_IPX 0x8137
#endif
#ifndef ETHERTYPE_PPPOE_DISC
#define ETHERTYPE_PPPOE_DISC 0x8863
#ifndef ETHERTYPE_IPV6
#define ETHERTYPE_IPV6 0x86dd
#endif
#ifndef ETHERTYPE_PPPOE_SESS
#define ETHERTYPE_PPPOE_SESS 0x8864
#ifndef ETHERTYPE_PPPOED
#define ETHERTYPE_PPPOED 0x8863
#endif
#ifndef ETHERTYPE_PPPOES
#define ETHERTYPE_PPPOES 0x8864
#endif
#ifndef ETHERTYPE_LOOPBACK
#define ETHERTYPE_LOOPBACK 0x9000

View File

@ -18,7 +18,7 @@
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* @(#) $Header: interface.h,v 1.105 97/04/26 13:39:58 leres Exp $ (LBL)
* @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.118 1999/12/22 15:44:09 itojun Exp $ (LBL)
* $FreeBSD$
*/
@ -42,10 +42,16 @@ extern int fflag; /* don't translate "foreign" IP address */
extern int nflag; /* leave addresses as numbers */
extern int Nflag; /* remove domains from printed host names */
extern int qflag; /* quick (shorter) output */
extern int Rflag; /* print sequence # field in AH/ESP*/
extern int sflag; /* use the libsmi to translate OIDs */
extern int Sflag; /* print raw TCP sequence numbers */
extern int tflag; /* print packet arrival time */
extern int vflag; /* verbose */
extern int xflag; /* print packet in hex */
extern int Xflag; /* print packet in hex/ascii */
extern char *ahsecret;
extern char *espsecret;
extern int packettype; /* as specified by -T */
#define PT_VAT 1 /* Visual Audio Tool */
@ -53,6 +59,7 @@ extern int packettype; /* as specified by -T */
#define PT_RPC 3 /* Remote Procedure Call */
#define PT_RTP 4 /* Real-Time Applications protocol */
#define PT_RTCP 5 /* Real-Time Applications control protocol */
#define PT_SNMP 6 /* Simple Network Management Protocol */
#ifndef min
#define min(a,b) ((a)>(b)?(b):(a))
@ -61,6 +68,7 @@ extern int packettype; /* as specified by -T */
#define max(a,b) ((b)>(a)?(b):(a))
#endif
#ifndef INET6
/*
* The default snapshot length. This value allows most printers to print
* useful information while keeping the amount of unwanted data down.
@ -68,6 +76,9 @@ extern int packettype; /* as specified by -T */
* 14 bytes of data (assuming no ip options).
*/
#define DEFAULT_SNAPLEN 68
#else
#define DEFAULT_SNAPLEN 96
#endif
#ifndef BIG_ENDIAN
#define BIG_ENDIAN 4321
@ -133,6 +144,7 @@ struct timeval;
#endif
extern void ts_print(const struct timeval *);
extern void relts_print(int);
extern int fn_print(const u_char *, const u_char *);
extern int fn_printn(const u_char *, u_int, const u_char *);
@ -162,6 +174,11 @@ extern char *dnnum_string(u_short);
struct pcap_pkthdr;
#endif
extern void ascii_print_with_offset(const u_char *, u_int, u_int);
extern void ascii_print(const u_char *, u_int);
extern void hex_print_with_offset(const u_char *, u_int, u_int);
extern void telnet_print(const u_char *, u_int);
extern void hex_print(const u_char *, u_int);
extern int ether_encap_print(u_short, const u_char *, u_int, u_int);
extern int llc_print(const u_char *, u_int, u_int, const u_char *,
const u_char *);
@ -170,6 +187,7 @@ extern void arp_print(const u_char *, u_int, u_int);
extern void atalk_print(const u_char *, u_int);
extern void atm_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
extern void bootp_print(const u_char *, u_int, u_short, u_short);
extern void bgp_print(const u_char *, int);
extern void decnet_print(const u_char *, u_int, u_int);
extern void default_print(const u_char *, u_int);
extern void default_print_unaligned(const u_char *, u_int);
@ -181,7 +199,7 @@ extern void token_if_print(u_char *, const struct pcap_pkthdr *,
const u_char *);
extern void fddi_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
extern void gre_print(const u_char *, u_int);
extern void icmp_print(const u_char *, const u_char *);
extern void icmp_print(const u_char *, u_int, const u_char *);
extern void igrp_print(const u_char *, u_int, const u_char *);
extern void ip_print(const u_char *, u_int);
extern void ipx_print(const u_char *, u_int);
@ -194,19 +212,55 @@ extern void ns_print(const u_char *, u_int);
extern void ntp_print(const u_char *, u_int);
extern void null_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
extern void ospf_print(const u_char *, u_int, const u_char *);
extern void pimv1_print(const u_char *, u_int);
extern void cisco_autorp_print(const u_char *, u_int);
extern void mobile_print(const u_char *, u_int);
extern void pim_print(const u_char *, u_int);
extern void pppoe_print(const u_char *, u_int);
extern void ppp_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
extern void ppp_bsdos_if_print(u_char *, const struct pcap_pkthdr *,
const u_char *);
extern void pppoe_print(const u_char *, u_int);
extern int vjc_print(register const char *, register u_int, u_short);
extern void raw_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
extern void rip_print(const u_char *, u_int);
extern void sl_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
extern void lane_if_print(u_char *, const struct pcap_pkthdr *,const u_char *);
extern void cip_if_print(u_char *, const struct pcap_pkthdr *,const u_char *);
extern void sl_bsdos_if_print(u_char *, const struct pcap_pkthdr *,
const u_char *);
extern void chdlc_if_print(u_char *, const struct pcap_pkthdr *,
const u_char *);
extern void snmp_print(const u_char *, u_int);
extern void sunrpcrequest_print(const u_char *, u_int, const u_char *);
extern void tcp_print(const u_char *, u_int, const u_char *);
extern void tftp_print(const u_char *, u_int);
extern void udp_print(const u_char *, u_int, const u_char *);
extern void wb_print(const void *, u_int);
extern int ah_print(register const u_char *, register const u_char *);
extern int esp_print(register const u_char *, register const u_char *, int *);
extern void isakmp_print(const u_char *, u_int, const u_char *);
extern int ipcomp_print(register const u_char *, register const u_char *, int *);
extern void rx_print(register const u_char *, int, int, int, u_char *);
extern void netbeui_print(const u_char *, const u_char *);
extern void ipx_netbios_print(const u_char *, const u_char *);
extern void nbt_tcp_print(const u_char *, int);
extern void nbt_udp137_print(const u_char *data, int);
extern void nbt_udp138_print(const u_char *data, int);
extern char *smb_errstr(int, int);
extern void print_data(const unsigned char *, int);
extern void l2tp_print(const u_char *, u_int);
extern void lcp_print(const u_char *, u_int);
#ifdef INET6
extern void ip6_print(const u_char *, int);
extern void ip6_opt_print(const u_char *, int);
extern int hbhopt_print(const u_char *);
extern int dstopt_print(const u_char *);
extern int frag6_print(const u_char *, const u_char *);
extern void icmp6_print(const u_char *, const u_char *);
extern void ripng_print(const u_char *, int);
extern int rt6_print(const u_char *, const u_char *);
extern void ospf6_print(const u_char *, u_int);
extern void dhcp6_print(const u_char *, u_int, u_short, u_short);
#endif /*INET6*/
extern u_short in_cksum(const u_short *addr, register int len, u_short csum);

View File

@ -35,6 +35,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
* @(#)nfsproto.h 8.2 (Berkeley) 3/30/95
*/
@ -285,6 +286,10 @@ struct nfs_uquad {
};
typedef struct nfs_uquad nfsuint64;
#if 0 /* XXX - this doesn't seemed to be used and it doesn't work
* with non-gcc, so comment it out for now.
*/
/*
* Used to convert between two u_longs and a u_quad_t.
*/
@ -294,6 +299,8 @@ union nfs_quadconvert {
};
typedef union nfs_quadconvert nfsquad_t;
#endif
/*
* NFS Version 3 special file number.
*/

View File

@ -1,12 +1,13 @@
/*
* $Header: nfsfh.h,v 1.6 96/12/16 03:40:31 leres Exp $
* $Header: /tcpdump/master/tcpdump/nfsfh.h,v 1.8 1999/12/15 06:49:05 fenner Exp $
*
* nfsfh.h - NFS file handle definitions (for portable use)
*
* Jeffrey C. Mogul
* Digital Equipment Corporation
* Western Research Laboratory
*/
* $FreeBSD$
* $NetBSD: nfsfh.h,v 1.1.1.2 1997/10/03 17:25:13 christos Exp $ */
/*
* Internal representation of dev_t, because different NFS servers

View File

@ -5,11 +5,17 @@
* Jeffrey C. Mogul
* Digital Equipment Corporation
* Western Research Laboratory
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: parsenfsfh.c,v 1.14 97/06/15 13:20:27 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/parsenfsfh.c,v 1.16 1999/11/21 09:36:47 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/types.h>

View File

@ -1,4 +1,4 @@
/* @(#) $Header: ppp.h,v 1.7 95/05/04 17:52:46 mccanne Exp $ (LBL) */
/* @(#) $Header: /tcpdump/master/tcpdump/ppp.h,v 1.8 1999/11/21 03:43:56 assar Exp $ (LBL) */
/*
* Point to Point Protocol (PPP) RFC1331
*
@ -56,3 +56,4 @@
#define PPP_PAP 0xc023 /* Password Authentication Protocol */
#define PPP_LQM 0xc025 /* Link Quality Monitoring */
#define PPP_CHAP 0xc223 /* Challenge Handshake Authentication Protocol */
extern struct tok ppptype2str[];

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-arp.c,v 1.43 97/06/15 13:20:27 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-arp.c,v 1.44 1999/11/21 09:36:48 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>

View File

@ -19,11 +19,17 @@
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* Format and print AppleTalk packets.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-atalk.c,v 1.48 97/05/28 12:50:58 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-atalk.c,v 1.51 1999/11/21 09:36:48 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -44,7 +50,6 @@ struct rtentry;
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#include <stdio.h>
#include <stdlib.h>

View File

@ -17,10 +17,16 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-atm.c,v 1.9 97/05/28 12:52:40 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-atm.c,v 1.12 1999/11/21 09:36:48 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -43,7 +49,6 @@ struct rtentry;
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#include <stdio.h>
#include <pcap.h>
@ -119,6 +124,12 @@ atm_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
ip_print(p, length);
break;
#ifdef INET6
case ETHERTYPE_IPV6:
ip6_print(p, length);
break;
#endif /*INET6*/
/*XXX this probably isn't right */
case ETHERTYPE_ARP:
case ETHERTYPE_REVARP:

View File

@ -19,10 +19,16 @@
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* Format and print bootp packets.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-bootp.c,v 1.46 98/07/18 13:33:58 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-bootp.c,v 1.48 1999/11/21 09:36:49 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -102,6 +108,8 @@ bootp_print(register const u_char *cp, u_int length,
printf(" xid:0x%x", (u_int32_t)ntohl(bp->bp_xid));
if (bp->bp_secs)
printf(" secs:%d", ntohs(bp->bp_secs));
if (bp->bp_flags)
printf(" flags:0x%x", ntohs(bp->bp_flags));
/* Client's ip address */
TCHECK(bp->bp_ciaddr);
@ -207,6 +215,63 @@ static struct tok tag2str[] = {
{ TAG_SWAP_SERVER, "iSS" },
{ TAG_ROOTPATH, "aRP" },
{ TAG_EXTPATH, "aEP" },
/* RFC2132 tags */
{ TAG_IP_FORWARD, "BIPF" },
{ TAG_NL_SRCRT, "BSRT" },
{ TAG_PFILTERS, "pPF" },
{ TAG_REASS_SIZE, "sRSZ" },
{ TAG_DEF_TTL, "bTTL" },
{ TAG_MTU_TIMEOUT, "lMA" },
{ TAG_MTU_TABLE, "sMT" },
{ TAG_INT_MTU, "sMTU" },
{ TAG_LOCAL_SUBNETS, "BLSN" },
{ TAG_BROAD_ADDR, "iBR" },
{ TAG_DO_MASK_DISC, "BMD" },
{ TAG_SUPPLY_MASK, "BMS" },
{ TAG_DO_RDISC, "BRD" },
{ TAG_RTR_SOL_ADDR, "iRSA" },
{ TAG_STATIC_ROUTE, "pSR" },
{ TAG_USE_TRAILERS, "BUT" },
{ TAG_ARP_TIMEOUT, "lAT" },
{ TAG_ETH_ENCAP, "BIE" },
{ TAG_TCP_TTL, "bTT" },
{ TAG_TCP_KEEPALIVE, "lKI" },
{ TAG_KEEPALIVE_GO, "BKG" },
{ TAG_NIS_DOMAIN, "aYD" },
{ TAG_NIS_SERVERS, "iYS" },
{ TAG_NTP_SERVERS, "iNTP" },
{ TAG_VENDOR_OPTS, "bVO" },
{ TAG_NETBIOS_NS, "iWNS" },
{ TAG_NETBIOS_DDS, "iWDD" },
{ TAG_NETBIOS_NODE, "bWNT" },
{ TAG_NETBIOS_SCOPE, "aWSC" },
{ TAG_XWIN_FS, "iXFS" },
{ TAG_XWIN_DM, "iXDM" },
{ TAG_NIS_P_DOMAIN, "sN+D" },
{ TAG_NIS_P_SERVERS, "iN+S" },
{ TAG_MOBILE_HOME, "iMH" },
{ TAG_SMPT_SERVER, "iSMTP" },
{ TAG_POP3_SERVER, "iPOP3" },
{ TAG_NNTP_SERVER, "iNNTP" },
{ TAG_WWW_SERVER, "iWWW" },
{ TAG_FINGER_SERVER, "iFG" },
{ TAG_IRC_SERVER, "iIRC" },
{ TAG_STREETTALK_SRVR, "iSTS" },
{ TAG_STREETTALK_STDA, "iSTDA" },
{ TAG_REQUESTED_IP, "iRQ" },
{ TAG_IP_LEASE, "lLT" },
{ TAG_OPT_OVERLOAD, "bOO" },
{ TAG_TFTP_SERVER, "aTFTP" },
{ TAG_BOOTFILENAME, "aBF" },
{ TAG_DHCP_MESSAGE, " DHCP" },
{ TAG_SERVER_ID, "iSID" },
{ TAG_PARM_REQUEST, "bPR" },
{ TAG_MESSAGE, "aMSG" },
{ TAG_MAX_MSG_SIZE, "sMSZ" },
{ TAG_RENEWAL_TIME, "lRN" },
{ TAG_REBIND_TIME, "lRB" },
{ TAG_VENDOR_CLASS, "bVC" },
{ TAG_CLIENT_ID, "bCID" },
{ 0, NULL }
};
@ -248,6 +313,35 @@ rfc1048_print(register const u_char *bp, register u_int length)
return;
}
if (tag == TAG_DHCP_MESSAGE && len == 1) {
c = *bp++;
switch (c) {
case DHCPDISCOVER: printf("DISCOVER"); break;
case DHCPOFFER: printf("OFFER"); break;
case DHCPREQUEST: printf("REQUEST"); break;
case DHCPDECLINE: printf("DECLINE"); break;
case DHCPACK: printf("ACK"); break;
case DHCPNAK: printf("NACK"); break;
case DHCPRELEASE: printf("RELEASE"); break;
case DHCPINFORM: printf("INFORM"); break;
default: printf("%u", c); break;
}
continue;
}
if (tag == TAG_PARM_REQUEST) {
first = 1;
while (len-- > 0) {
c = *bp++;
cp = tok2str(tag2str, "?%d", c);
if (!first)
putchar('+');
printf("%s", cp + 1);
first = 0;
}
continue;
}
/* Print data */
size = len;
if (c == '?') {
@ -288,6 +382,22 @@ rfc1048_print(register const u_char *bp, register u_int length)
}
break;
case 'p':
/* IP address pairs */
while (size >= 2*sizeof(ul)) {
if (!first)
putchar(',');
memcpy((char *)&ul, (char *)bp, sizeof(ul));
printf("(%s:", ipaddr_string(&ul));
bp += sizeof(ul);
memcpy((char *)&ul, (char *)bp, sizeof(ul));
printf("%s)", ipaddr_string(&ul));
bp += sizeof(ul);
size -= 2*sizeof(ul);
first = 0;
}
break;
case 's':
/* shorts */
while (size >= sizeof(us)) {
@ -301,6 +411,28 @@ rfc1048_print(register const u_char *bp, register u_int length)
}
break;
case 'B':
/* boolean */
while (size > 0) {
if (!first)
putchar(',');
switch (*bp) {
case 0:
putchar('N');
break;
case 1:
putchar('Y');
break;
default:
printf("%d?", *bp);
break;
}
++bp;
--size;
first = 0;
}
break;
case 'b':
default:
/* Bytes */

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-domain.c,v 1.39 97/06/13 12:56:28 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-domain.c,v 1.42 1999/11/21 09:36:50 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -42,7 +48,6 @@ struct rtentry;
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#ifdef NOERROR
#undef NOERROR /* Solaris sucks */
@ -53,6 +58,7 @@ struct rtentry;
#include <arpa/nameser.h>
#include <stdio.h>
#include <string.h>
#include "interface.h"
#include "addrtoname.h"
@ -101,6 +107,27 @@ struct rtentry;
#ifndef T_LOC
#define T_LOC 29 /* Location Information */
#endif
#ifndef T_NXT
#define T_NXT 30 /* Next Valid Name in Zone */
#endif
#ifndef T_EID
#define T_EID 31 /* Endpoint identifier */
#endif
#ifndef T_NIMLOC
#define T_NIMLOC 32 /* Nimrod locator */
#endif
#ifndef T_SRV
#define T_SRV 33 /* Server selection */
#endif
#ifndef T_ATMA
#define T_ATMA 34 /* ATM Address */
#endif
#ifndef T_NAPTR
#define T_NAPTR 35 /* Naming Authority PoinTeR */
#endif
#ifndef T_A6
#define T_A6 38 /* IP6 address (ipngwg-dns-lookups) */
#endif
#ifndef T_UNSPEC
#define T_UNSPEC 103 /* Unspecified format (binary data) */
@ -219,7 +246,14 @@ static struct tok type2str[] = {
{ T_PX, "PX" },
{ T_GPOS, "GPOS" },
{ T_AAAA, "AAAA" },
{ T_LOC , "LOC " },
{ T_LOC, "LOC " },
{ T_NXT, "NXT " },
{ T_EID, "EID " },
{ T_NIMLOC, "NIMLOC " },
{ T_SRV, "SRV " },
{ T_ATMA, "ATMA " },
{ T_NAPTR, "NAPTR " },
{ T_A6, "A6 " },
#ifndef T_UINFO
#define T_UINFO 100
#endif
@ -317,6 +351,9 @@ ns_rprint(register const u_char *cp, register const u_char *bp)
case T_NS:
case T_CNAME:
case T_PTR:
#ifdef T_DNAME
case T_DNAME: /*XXX not checked as there's no server support yet*/
#endif
putchar(' ');
(void)ns_nprint(cp, bp);
break;
@ -332,6 +369,25 @@ ns_rprint(register const u_char *cp, register const u_char *bp)
(void)ns_cprint(cp, bp);
break;
#ifdef INET6
case T_AAAA:
printf(" %s", ip6addr_string(cp));
break;
case T_A6: /*XXX not checked as there's no server support yet*/
{
struct in6_addr a;
int pbyte;
pbyte = (*cp + 7) / 8;
memset(&a, 0, sizeof(a));
memcpy(&a, cp + 1, pbyte);
printf(" %u %s ", *cp, ip6addr_string(&a));
(void)ns_nprint(cp + 1 + pbyte, bp);
break;
}
#endif /*INET6*/
case T_UNSPECA: /* One long string */
printf(" %.*s", len, cp);
break;

View File

@ -22,7 +22,11 @@
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-ether.c,v 1.44 97/05/26 17:18:13 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-ether.c,v 1.48 1999/11/21 09:36:51 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -43,11 +47,14 @@ struct rtentry;
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#include <stdio.h>
#include <pcap.h>
#ifdef INET6
#include <netinet/ip6.h>
#endif
#include "interface.h"
#include "addrtoname.h"
#include "ethertype.h"
@ -74,10 +81,12 @@ ether_print(register const u_char *bp, u_int length)
length);
}
static u_short extracted_ethertype;
/*
* This is the top level routine of the printer. 'p' is the points
* to the ether header of the packet, 'tvp' is the timestamp,
* 'length' is the length of the packet off the wire, and 'caplen'
* to the ether header of the packet, 'h->tv' is the timestamp,
* 'h->length' is the length of the packet off the wire, and 'h->caplen'
* is the number of bytes actually captured.
*/
void
@ -87,7 +96,6 @@ ether_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
u_int length = h->len;
struct ether_header *ep;
u_short ether_type;
extern u_short extracted_ethertype;
ts_print(&h->ts);
@ -154,19 +162,11 @@ ether_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
* that might want to know what it is.
*/
u_short extracted_ethertype;
int
ether_encap_print(u_short ethertype, const u_char *p,
u_int length, u_int caplen)
{
if (ethertype == 0x8100) { /* IEEE 802.1Q vlan tagging encapsulation */
printf ("[vlan %d] ", ntohs(*(u_short *)p) & 0x17ff);
ethertype = ntohs(((u_short *)p)[1]);
p += 4;
length -= 4;
caplen -= 4;
}
recurse:
extracted_ethertype = ethertype;
switch (ethertype) {
@ -175,6 +175,12 @@ ether_encap_print(u_short ethertype, const u_char *p,
ip_print(p, length);
return (1);
#ifdef INET6
case ETHERTYPE_IPV6:
ip6_print(p, length);
return (1);
#endif /*INET6*/
case ETHERTYPE_ARP:
case ETHERTYPE_REVARP:
arp_print(p, length, caplen);
@ -198,11 +204,38 @@ ether_encap_print(u_short ethertype, const u_char *p,
ipx_print(p, length);
return (1);
case ETHERTYPE_PPPOE_DISC:
case ETHERTYPE_PPPOE_SESS:
pppoe_print(p, length);
case ETHERTYPE_8021Q:
printf("802.1Q vlan#%d P%d%s",
ntohs(*(unsigned short*)p)&0xFFF,
ntohs(*(unsigned short*)p)>>13,
(ntohs(*(unsigned short*)p)&0x1000) ? " CFI" : "");
ethertype = ntohs(*(unsigned short*)(p+2));
p += 4;
length -= 4;
caplen -= 4;
if (ethertype > ETHERMTU)
goto recurse;
extracted_ethertype = 0;
if (llc_print(p, length, caplen, p-18, p-12) == 0) {
/* ether_type not known, print raw packet */
if (!eflag)
ether_print(p-18, length+4);
if (extracted_ethertype) {
printf("(LLC %s) ",
etherproto_string(htons(extracted_ethertype)));
}
if (!xflag && !qflag)
default_print(p-18, caplen+4);
}
return (1);
case ETHERTYPE_PPPOED:
case ETHERTYPE_PPPOES:
pppoe_print(p, length);
return (1);
case ETHERTYPE_LAT:
case ETHERTYPE_SCA:
case ETHERTYPE_MOPRC:

View File

@ -17,14 +17,19 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-fddi.c,v 1.36 97/05/26 17:13:35 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-fddi.c,v 1.40 1999/12/14 16:49:02 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#ifdef HAVE_FDDI
#include <sys/param.h>
#include <sys/time.h>
#include <sys/socket.h>
@ -57,7 +62,7 @@ struct rtentry;
/*
* Some FDDI interfaces use bit-swapped addresses.
*/
#if defined(ultrix) || defined(__alpha) || defined(__bsdi)
#if defined(ultrix) || defined(__alpha) || defined(__bsdi) || defined(__NetBSD__)
int fddi_bitswap = 0;
#else
int fddi_bitswap = 1;
@ -266,8 +271,8 @@ fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h,
u_int caplen = h->caplen;
u_int length = h->len;
const struct fddi_header *fddip = (struct fddi_header *)p;
extern u_short extracted_ethertype;
struct ether_header ehdr;
u_short extracted_ethertype;
ts_print(&h->ts);
@ -335,19 +340,3 @@ fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h,
out:
putchar('\n');
}
#else
#include <sys/types.h>
#include <sys/time.h>
#include <stdio.h>
#include "interface.h"
void
fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h,
register const u_char *p)
{
error("not configured for fddi");
/* NOTREACHED */
}
#endif

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-icmp.c,v 1.38 96/09/26 23:36:44 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-icmp.c,v 1.43 1999/11/22 04:28:21 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -43,7 +49,6 @@ struct rtentry;
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#include <stdio.h>
#include <string.h>
@ -163,7 +168,7 @@ struct id_rdiscovery {
};
void
icmp_print(register const u_char *bp, register const u_char *bp2)
icmp_print(register const u_char *bp, u_int plen, register const u_char *bp2)
{
register char *cp;
register const struct icmp *dp;
@ -178,9 +183,11 @@ icmp_print(register const u_char *bp, register const u_char *bp2)
ip = (struct ip *)bp2;
str = buf;
#if 0
(void)printf("%s > %s: ",
ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
#endif
TCHECK(dp->icmp_code);
switch (dp->icmp_type) {
@ -348,6 +355,19 @@ icmp_print(register const u_char *bp, register const u_char *bp2)
break;
}
(void)printf("icmp: %s", str);
if (vflag) {
if (TTEST2(*bp, plen)) {
if (in_cksum((u_short*)dp, plen, 0))
printf(" (wrong icmp csum)");
}
}
if (vflag > 1 && !ICMP_INFOTYPE(dp->icmp_type)) {
bp += 8;
(void)printf(" for ");
ip = (struct ip *)bp;
snaplen = snapend - bp;
ip_print(bp, ntohs(ip->ip_len));
}
return;
trunc:
fputs("[|icmp]", stdout);

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-ip.c,v 1.66 97/05/28 12:51:43 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.79 1999/12/22 06:27:21 itojun Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -35,7 +41,6 @@ static const char rcsid[] =
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#ifdef HAVE_MALLOC_H
#include <malloc.h>
@ -67,21 +72,11 @@ struct tr_query {
u_int tr_src; /* traceroute source */
u_int tr_dst; /* traceroute destination */
u_int tr_raddr; /* traceroute response address */
#ifdef WORDS_BIGENDIAN
struct {
u_int ttl : 8; /* traceroute response ttl */
u_int qid : 24; /* traceroute query id */
} q;
#else
struct {
u_int qid : 24; /* traceroute query id */
u_int ttl : 8; /* traceroute response ttl */
} q;
#endif
u_int tr_rttlqid; /* response ttl and qid */
};
#define tr_rttl q.ttl
#define tr_qid q.qid
#define TR_GETTTL(x) (int)(((x) >> 24) & 0xff)
#define TR_GETQID(x) ((x) & 0x00ffffff)
/*
* Traceroute response format. A traceroute response has a tr_query at the
@ -126,22 +121,24 @@ static void print_mtrace(register const u_char *bp, register u_int len)
{
register struct tr_query *tr = (struct tr_query *)(bp + 8);
printf("mtrace %d: %s to %s reply-to %s", tr->tr_qid,
printf("mtrace %lu: %s to %s reply-to %s",
(u_long)TR_GETQID(ntohl(tr->tr_rttlqid)),
ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
ipaddr_string(&tr->tr_raddr));
if (IN_CLASSD(ntohl(tr->tr_raddr)))
printf(" with-ttl %d", tr->tr_rttl);
printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid)));
}
static void print_mresp(register const u_char *bp, register u_int len)
{
register struct tr_query *tr = (struct tr_query *)(bp + 8);
printf("mresp %d: %s to %s reply-to %s", tr->tr_qid,
printf("mresp %lu: %s to %s reply-to %s",
(u_long)TR_GETQID(ntohl(tr->tr_rttlqid)),
ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
ipaddr_string(&tr->tr_raddr));
if (IN_CLASSD(ntohl(tr->tr_raddr)))
printf(" with-ttl %d", tr->tr_rttl);
printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid)));
}
static void
@ -155,13 +152,19 @@ igmp_print(register const u_char *bp, register u_int len,
ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
if (qflag) {
(void)printf("igmp");
return;
}
TCHECK2(bp[0], 8);
switch (bp[0]) {
case 0x11:
(void)printf("igmp %s query", bp[1] ? "v2" : "v1");
if (bp[1] && bp[1] != 100)
(void)printf(" [intvl %d]", bp[1]);
if (*(int *)&bp[4])
(void)printf("igmp query");
if (EXTRACT_32BITS(&bp[4]))
(void)printf(" [gaddr %s]", ipaddr_string(&bp[4]));
if (len != 8)
(void)printf(" [len %d]", len);
@ -191,8 +194,8 @@ igmp_print(register const u_char *bp, register u_int len,
dvmrp_print(bp, len);
break;
case 0x14:
(void)printf("igmp pim");
pim_print(bp, len);
(void)printf("igmp pimv1");
pimv1_print(bp, len);
break;
case 0x1e:
print_mresp(bp, len);
@ -207,21 +210,9 @@ igmp_print(register const u_char *bp, register u_int len,
break;
}
TCHECK2(bp[0], len);
if (vflag) {
if (vflag && TTEST2(bp[0], len)) {
/* Check the IGMP checksum */
u_int32_t sum = 0;
int count;
const u_short *sp = (u_short *)bp;
for (count = len / 2; --count >= 0; )
sum += *sp++;
if (len & 1)
sum += ntohs(*(u_char *) sp << 8);
while (sum >> 16)
sum = (sum & 0xffff) + (sum >> 16);
sum = 0xffff & ~sum;
if (sum != 0)
if (in_cksum((const u_short*)bp, len, 0))
printf(" bad igmp cksum %x!", EXTRACT_16BITS(&bp[2]));
}
return;
@ -254,6 +245,62 @@ ip_printroute(const char *type, register const u_char *cp, u_int length)
printf("%s}", ptr == len? "#" : "");
}
static void
ip_printts(register const u_char *cp, u_int length)
{
register u_int ptr = cp[2] - 1;
register u_int len = 0;
int hoplen;
char *type;
printf(" TS{");
hoplen = ((cp[3]&0xF) != IPOPT_TS_TSONLY) ? 8 : 4;
if ((length - 4) & (hoplen-1))
printf("[bad length %d]", length);
if (ptr < 4 || ((ptr - 4) & (hoplen-1)) || ptr > length + 1)
printf("[bad ptr %d]", cp[2]);
switch (cp[3]&0xF) {
case IPOPT_TS_TSONLY:
printf("TSONLY");
break;
case IPOPT_TS_TSANDADDR:
printf("TS+ADDR");
break;
/*
* prespecified should really be 3, but some ones might send 2
* instead, and the IPOPT_TS_PRESPEC constant can apparently
* have both values, so we have to hard-code it here.
*/
case 2:
printf("PRESPEC2.0");
break;
case 3: /* IPOPT_TS_PRESPEC */
printf("PRESPEC");
break;
default:
printf("[bad ts type %d]", cp[3]&0xF);
goto done;
}
type = " ";
for (len = 4; len < length; len += hoplen) {
if (ptr == len)
type = " ^ ";
printf("%s%d@%s", type, EXTRACT_32BITS(&cp[len+hoplen-4]),
hoplen!=8 ? "" : ipaddr_string(&cp[len]));
type = " ";
}
done:
printf("%s", ptr == len ? " ^ " : "");
if (cp[3]>>4)
printf(" [%d hops not recorded]} ", cp[3]>>4);
else
printf("}");
}
/*
* print IP options.
*/
@ -287,15 +334,17 @@ ip_optprint(register const u_char *cp, u_int length)
break;
case IPOPT_TS:
printf(" TS{%d}", len);
ip_printts(cp, len);
break;
#ifndef IPOPT_SECURITY
#define IPOPT_SECURITY 130
#endif /* IPOPT_SECURITY */
case IPOPT_SECURITY:
printf(" SECURITY{%d}", len);
break;
case IPOPT_RR:
printf(" RR{%d}=", len);
ip_printroute("RR", cp, len);
break;
@ -307,11 +356,16 @@ ip_optprint(register const u_char *cp, u_int length)
ip_printroute("LSRR", cp, len);
break;
#ifndef IPOPT_RA
#define IPOPT_RA 148 /* router alert */
#endif
case IPOPT_RA:
printf(" RA{%d}", len);
if (cp[2] != 0 || cp[3] != 0)
printf(" [b23=0x04%x]", cp[2] << 8 | cp[3]);
break;
printf(" RA");
if (len != 4)
printf("{%d}", len);
else if (cp[2] || cp[3])
printf("%d.%d", cp[2], cp[3]);
break;
default:
printf(" IPOPT-%d{%d}", cp[0], len);
@ -324,23 +378,34 @@ ip_optprint(register const u_char *cp, u_int length)
* compute an IP header checksum.
* don't modifiy the packet.
*/
static int
in_cksum(const struct ip *ip)
u_short
in_cksum(const u_short *addr, register int len, u_short csum)
{
register const u_short *sp = (u_short *)ip;
register u_int32_t sum = 0;
register int count;
int nleft = len;
const u_short *w = addr;
u_short answer;
int sum = csum;
/*
* Our algorithm is simple, using a 32 bit accumulator (sum),
* we add sequential 16 bit words to it, and at the end, fold
* back all the carry bits from the top 16 bits into the lower
* 16 bits.
*/
while (nleft > 1) {
sum += *w++;
nleft -= 2;
}
if (nleft == 1)
sum += htons(*(u_char *)w<<8);
/*
* No need for endian conversions.
* add back carry outs from top 16 bits to low 16 bits
*/
for (count = ip->ip_hl * 2; --count >= 0; )
sum += *sp++;
while (sum > 0xffff)
sum = (sum & 0xffff) + (sum >> 16);
sum = ~sum & 0xffff;
return (sum);
sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
sum += (sum >> 16); /* add carry */
answer = ~sum; /* truncate to 16 bits */
return (answer);
}
/*
@ -350,8 +415,10 @@ void
ip_print(register const u_char *bp, register u_int length)
{
register const struct ip *ip;
register u_int hlen, len, off;
register u_int hlen, len, len0, off;
register const u_char *cp;
u_char nh;
int advance;
ip = (const struct ip *)bp;
#ifdef LBL_ALIGN
@ -395,6 +462,7 @@ ip_print(register const u_char *bp, register u_int length)
(void)printf("truncated-ip - %d bytes missing!",
len - length);
len -= hlen;
len0 = len;
/*
* If this is fragment zero, hand it to the next higher
@ -403,7 +471,54 @@ ip_print(register const u_char *bp, register u_int length)
off = ntohs(ip->ip_off);
if ((off & 0x1fff) == 0) {
cp = (const u_char *)ip + hlen;
switch (ip->ip_p) {
nh = ip->ip_p;
if (nh != IPPROTO_TCP && nh != IPPROTO_UDP) {
(void)printf("%s > %s: ", ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
}
again:
switch (nh) {
#ifndef IPPROTO_AH
#define IPPROTO_AH 51
#endif
case IPPROTO_AH:
nh = *cp;
advance = ah_print(cp, (const u_char *)ip);
cp += advance;
len -= advance;
goto again;
#ifndef IPPROTO_ESP
#define IPPROTO_ESP 50
#endif
case IPPROTO_ESP:
{
int enh;
advance = esp_print(cp, (const u_char *)ip, &enh);
cp += advance;
len -= advance;
if (enh < 0)
break;
nh = enh & 0xff;
goto again;
}
#ifndef IPPROTO_IPCOMP
#define IPPROTO_IPCOMP 108
#endif
case IPPROTO_IPCOMP:
{
int enh;
advance = ipcomp_print(cp, (const u_char *)ip, &enh);
cp += advance;
len -= advance;
if (enh < 0)
break;
nh = enh & 0xff;
goto again;
}
case IPPROTO_TCP:
tcp_print(cp, len, (const u_char *)ip);
@ -414,7 +529,7 @@ ip_print(register const u_char *bp, register u_int length)
break;
case IPPROTO_ICMP:
icmp_print(cp, (const u_char *)ip);
icmp_print(cp, len, (const u_char *)ip);
break;
#ifndef IPPROTO_IGRP
@ -425,8 +540,10 @@ ip_print(register const u_char *bp, register u_int length)
break;
case IPPROTO_ND:
#if 0
(void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
#endif
(void)printf(" nd %d", len);
break;
@ -450,10 +567,12 @@ ip_print(register const u_char *bp, register u_int length)
case 4:
/* DVMRP multicast tunnel (ip-in-ip encapsulation) */
#if 0
if (vflag)
(void)printf("%s > %s: ",
ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
#endif
ip_print(cp, len);
if (! vflag) {
printf(" (ipip)");
@ -461,6 +580,27 @@ ip_print(register const u_char *bp, register u_int length)
}
break;
#ifdef INET6
#ifndef IP6PROTO_ENCAP
#define IP6PROTO_ENCAP 41
#endif
case IP6PROTO_ENCAP:
/* ip6-in-ip encapsulation */
#if 0
if (vflag)
(void)printf("%s > %s: ",
ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
#endif
ip6_print(cp, len);
if (! vflag) {
printf(" (encap)");
return;
}
break;
#endif /*INET6*/
#ifndef IPPROTO_GRE
#define IPPROTO_GRE 47
#endif
@ -477,18 +617,49 @@ ip_print(register const u_char *bp, register u_int length)
}
break;
#ifndef IPPROTO_MOBILE
#define IPPROTO_MOBILE 55
#endif
case IPPROTO_MOBILE:
if (vflag)
(void)printf("mobile %s > %s: ",
ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
mobile_print(cp, len);
if (! vflag) {
printf(" (mobile encap)");
return;
}
break;
#ifndef IPPROTO_PIM
#define IPPROTO_PIM 103
#endif
case IPPROTO_PIM:
pim_print(cp, len);
break;
default:
#if 0
(void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
(void)printf(" ip-proto-%d %d", ip->ip_p, len);
#endif
(void)printf(" ip-proto-%d %d", nh, len);
break;
}
}
/* Ultra quiet now means that all this stuff should be suppressed */
/* res 3-Nov-98 */
if (qflag > 1) return;
/*
* for fragmented datagrams, print id:size@offset. On all
* but the last stick a "+". For unfragmented datagrams, note
* the don't fragment flag.
*/
len = len0; /* get the original length */
if (off & 0x3fff) {
/*
* if this isn't the first frag, we're missing the
@ -497,14 +668,30 @@ ip_print(register const u_char *bp, register u_int length)
if (off & 0x1fff)
(void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
ipaddr_string(&ip->ip_dst));
(void)printf(" (frag %d:%d@%d%s)", ntohs(ip->ip_id), len,
#ifndef IP_MF
#define IP_MF 0x2000
#endif /* IP_MF */
#ifndef IP_DF
#define IP_DF 0x4000
#endif /* IP_DF */
(void)printf(" (frag %d:%u@%d%s)", ntohs(ip->ip_id), len,
(off & 0x1fff) * 8,
(off & IP_MF)? "+" : "");
} else if (off & IP_DF)
(void)printf(" (DF)");
if (ip->ip_tos)
(void)printf(" [tos 0x%x]", (int)ip->ip_tos);
if (ip->ip_tos) {
(void)printf(" [tos 0x%x", (int)ip->ip_tos);
/* ECN bits */
if (ip->ip_tos&0x02) {
(void)printf(",ECT");
if (ip->ip_tos&0x01)
(void)printf(",CE");
}
(void)printf("] ");
}
if (ip->ip_ttl <= 1)
(void)printf(" [ttl %d]", (int)ip->ip_ttl);
@ -522,7 +709,7 @@ ip_print(register const u_char *bp, register u_int length)
sep = ", ";
}
if ((u_char *)ip + hlen <= snapend) {
sum = in_cksum(ip);
sum = in_cksum((const u_short *)ip, hlen, 0);
if (sum != 0) {
(void)printf("%sbad cksum %x!", sep,
ntohs(ip->ip_sum));

View File

@ -20,11 +20,17 @@
*
* Format and print Novell IPX packets.
* Contributed by Brad Parker (brad@fcr.com).
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-ipx.c,v 1.19 96/12/10 23:23:52 leres Exp $";
"@(#) $Header: /tcpdump/master/tcpdump/print-ipx.c,v 1.22 1999/11/21 09:36:54 fenner Exp $";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -38,7 +44,6 @@ static const char rcsid[] =
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#ifdef __STDC__
#include <stdlib.h>

View File

@ -19,11 +19,17 @@
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* Original code by Matt Thomas, Digital Equipment Corporation
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-isoclns.c,v 1.15 96/12/31 21:27:41 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-isoclns.c,v 1.16 1999/11/21 09:36:55 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/types.h>

View File

@ -20,11 +20,17 @@
*
* Code by Matt Thomas, Digital Equipment Corporation
* with an awful lot of hacking by Jeffrey Mogul, DECWRL
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-llc.c,v 1.24 97/01/01 20:56:48 leres Exp $";
"@(#) $Header: /tcpdump/master/tcpdump/print-llc.c,v 1.27 1999/12/22 06:27:21 itojun Exp $";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -79,10 +85,15 @@ llc_print(const u_char *p, u_int length, u_int caplen,
ipx_print(p, length);
return (1);
}
#ifdef notyet
else if (p[0] == 0xf0 && p[1] == 0xf0)
netbios_print(p, length);
#endif
if (llc.ssap == 0xf0 && llc.dsap == 0xf0) {
/*
* we don't actually have a full netbeui parser yet, but the
* smb parser can handle many smb-in-netbeui packets, which
* is very useful, so we call that
*/
netbeui_print(p + 2, p + min(caplen, length));
return (1);
}
if (llc.ssap == LLCSAP_ISONS && llc.dsap == LLCSAP_ISONS
&& llc.llcui == LLC_UI) {
isoclns_print(p + 3, length - 3, caplen - 3, esrc, edst);
@ -92,9 +103,9 @@ llc_print(const u_char *p, u_int length, u_int caplen,
if (llc.ssap == LLCSAP_SNAP && llc.dsap == LLCSAP_SNAP
&& llc.llcui == LLC_UI) {
if (caplen < sizeof(llc)) {
(void)printf("[|llc-snap]");
default_print((u_char *)p, caplen);
return (0);
(void)printf("[|llc-snap]");
default_print((u_char *)p, caplen);
return (0);
}
if (vflag)
(void)printf("snap %s ", protoid_string(llc.llcpi));
@ -136,11 +147,11 @@ llc_print(const u_char *p, u_int length, u_int caplen,
char f;
m = tok2str(cmd2str, "%02x", LLC_U_CMD(llc.llcu));
switch ((llc.ssap & LLC_GSAP) | (llc.llcu & LLC_U_POLL)) {
case 0: f = 'C'; break;
case LLC_GSAP: f = 'R'; break;
case LLC_U_POLL: f = 'P'; break;
case LLC_GSAP|LLC_U_POLL: f = 'F'; break;
default: f = '?'; break;
case 0: f = 'C'; break;
case LLC_GSAP: f = 'R'; break;
case LLC_U_POLL: f = 'P'; break;
case LLC_GSAP|LLC_U_POLL: f = 'F'; break;
default: f = '?'; break;
}
printf("%s/%c", m, f);
@ -150,22 +161,31 @@ llc_print(const u_char *p, u_int length, u_int caplen,
caplen -= 3;
if ((llc.llcu & ~LLC_U_POLL) == LLC_XID) {
if (*p == LLC_XID_FI) {
printf(": %02x %02x", p[1], p[2]);
p += 3;
length -= 3;
caplen -= 3;
}
if (*p == LLC_XID_FI) {
printf(": %02x %02x", p[1], p[2]);
p += 3;
length -= 3;
caplen -= 3;
}
}
if (!strcmp(m,"ui") && f=='C') {
/*
* we don't have a proper ipx decoder yet, but there
* is a partial one in the smb code
*/
ipx_netbios_print(p,p+min(caplen,length));
}
} else {
char f;
llc.llcis = ntohs(llc.llcis);
switch ((llc.ssap & LLC_GSAP) | (llc.llcu & LLC_U_POLL)) {
case 0: f = 'C'; break;
case LLC_GSAP: f = 'R'; break;
case LLC_U_POLL: f = 'P'; break;
case LLC_GSAP|LLC_U_POLL: f = 'F'; break;
default: f = '?'; break;
case 0: f = 'C'; break;
case LLC_GSAP: f = 'R'; break;
case LLC_U_POLL: f = 'P'; break;
case LLC_GSAP|LLC_U_POLL: f = 'F'; break;
default: f = '?'; break;
}
if ((llc.llcu & LLC_S_FMT) == LLC_S_FMT) {

View File

@ -21,11 +21,17 @@
* Format and print ntp packets.
* By Jeffrey Mogul/DECWRL
* loosely based on print-bootp.c
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-ntp.c,v 1.26 97/06/13 12:56:37 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-ntp.c,v 1.27 1999/11/21 09:36:57 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-null.c,v 1.24 97/05/28 12:52:47 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-null.c,v 1.30 1999/12/22 06:27:21 itojun Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -44,12 +50,15 @@ struct rtentry;
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#include <pcap.h>
#include <stdio.h>
#include <string.h>
#ifdef INET6
#include <netinet/ip6.h>
#endif
#include "interface.h"
#include "addrtoname.h"
@ -80,6 +89,12 @@ null_print(const u_char *p, const struct ip *ip, u_int length)
printf("ip: ");
break;
#ifdef INET6
case AF_INET6:
printf("ip6: ");
break;
#endif
case AF_NS:
printf("ns: ");
break;
@ -114,7 +129,19 @@ null_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
if (eflag)
null_print(p, ip, length);
ip_print((const u_char *)ip, length);
switch (ip->ip_v) {
case 4:
ip_print((const u_char *)ip, length);
break;
#ifdef INET6
case 6:
ip6_print((const u_char *)ip, length);
break;
#endif /* INET6 */
default:
printf("ip v%d", ip->ip_v);
break;
}
if (xflag)
default_print((const u_char *)ip, caplen - NULL_HDRLEN);

View File

@ -23,7 +23,11 @@
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-ppp.c,v 1.26 97/06/12 14:21:29 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-ppp.c,v 1.33.2.1 2000/01/29 07:31:17 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -41,17 +45,23 @@ struct rtentry;
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/if_ether.h>
#include <ctype.h>
#include <netdb.h>
#include <pcap.h>
#include <stdio.h>
#ifdef __bsdi__
#include <net/slcompress.h>
#include <net/if_ppp.h>
#endif
#include <net/ethernet.h>
#include "ethertype.h"
#include <net/ppp_defs.h>
#include "interface.h"
#include "extract.h"
#include "addrtoname.h"
#include "ppp.h"
@ -191,54 +201,13 @@ static char *papcode[] = {
#define IPCP_CP 2
#define IPCP_ADDR 3
/* PPPoE */
static void do_ppp_print __P((const u_char *, u_int, u_int));
static void handle_lcp __P((const u_char *p, int length));
static int print_lcp_config_options __P((const u_char *p));
static void handle_chap __P((const u_char *p, int length));
static void handle_ipcp __P((const u_char *p, int length));
static void handle_pap __P((const u_char *p, int length));
struct typenames {
u_short type;
char *name;
};
static struct typenames typenames[] = {
/*
* PPPoE type field values
*/
0x00, "DATA", /* PPPoE Data packet */
0x09, "PADI", /* Active Discovery Initiation */
0x07, "PADO", /* Active Discovery Offer */
0x19, "PADR", /* Active Discovery Request */
0x65, "PADS", /* Active Discovery Session-Confirm */
0xa7, "PADT", /* Active Discovery Terminate */
};
struct tagnames {
u_short tag;
char *name;
int isascii;
};
static struct tagnames tagnames[] = {
/*
* PPPoE tag field values
*/
0x0000, "End-Of-List", 0, /* Optional last tag (len 0) */
0x0101, "Service-Name", 1, /* The (ascii) service */
0x0102, "AC-Name", -1, /* Access Concentrator */
0x0103, "Host-Uniq", 0, /* Associate PAD[OS] with PAD[IR] */
0x0104, "AC-Cookie", 0, /* Optional at PADO time */
0x0105, "Vendor-Specific", 0, /* First 4 bytes special (ignore) */
0x0110, "Relay-Session-Id", 0, /* Max 12 octets, added by gateway */
0x0201, "Service-Name-Error", -1, /* Request not honoured */
0x0203, "Generic-Error", 1 /* Access Concentrator error */
};
static int handle_lcp(const u_char *p, int length);
static int print_lcp_config_options(u_char *p);
static int handle_chap(const u_char *p, int length);
static int handle_ipcp(const u_char *p, int length);
static int handle_pap(const u_char *p, int length);
static void do_ppp_print(const u_char *p, u_int length, u_int caplen);
/* Standard PPP printer */
void
ppp_hdlc_print(const u_char *p, int length)
{
@ -247,7 +216,7 @@ ppp_hdlc_print(const u_char *p, int length)
u_char *ptr;
printf("ID-%03d ", *(p+5));
for (i = (sizeof(protonames) / sizeof(protonames[0])) - 1; i >= 0; --i)
{
if (proto == protonames[i].protocol)
@ -279,257 +248,235 @@ ppp_hdlc_print(const u_char *p, int length)
}
/* print LCP frame */
static int
static void
handle_lcp(const u_char *p, int length)
{
int x, j;
u_char *ptr;
const u_char *ptr;
x = *(p+4);
x = p[4];
if((x >= LCP_MIN) && (x <= LCP_MAX))
{
printf("%s", lcpcodes[x-1]);
}
else
{
if ((x >= LCP_MIN) && (x <= LCP_MAX))
printf("%s", lcpcodes[x - 1]);
else {
printf("0x%02x", x);
return;
}
length -= 4;
switch(x)
{
case LCP_CONF_REQ:
case LCP_CONF_ACK:
case LCP_CONF_NAK:
case LCP_CONF_REJ:
x = length;
ptr = (u_char *)p+8;
do
{
if((j = print_lcp_config_options(ptr)) == 0)
break;
x -= j;
ptr += j;
}
while(x > 0);
break;
switch (x) {
case LCP_CONF_REQ:
case LCP_CONF_ACK:
case LCP_CONF_NAK:
case LCP_CONF_REJ:
x = length;
ptr = p + 8;
do {
if ((j = print_lcp_config_options(ptr)) == 0)
break;
x -= j;
ptr += j;
} while (x > 0);
break;
case LCP_ECHO_REQ:
case LCP_ECHO_RPL:
printf(", Magic-Number=%d", ((*(p+8) << 24) + (*(p+9) << 16) + (*(p+10) << 8) + (*(p+11))));
break;
case LCP_TERM_REQ:
case LCP_TERM_ACK:
case LCP_CODE_REJ:
case LCP_PROT_REJ:
case LCP_DISC_REQ:
default:
break;
case LCP_ECHO_REQ:
case LCP_ECHO_RPL:
printf(", Magic-Number=%u",
EXTRACT_32BITS(p+8));
break;
case LCP_TERM_REQ:
case LCP_TERM_ACK:
case LCP_CODE_REJ:
case LCP_PROT_REJ:
case LCP_DISC_REQ:
default:
break;
}
}
/* LCP config options */
static int
print_lcp_config_options(u_char *p)
print_lcp_config_options(const u_char *p)
{
int len = *(p+1);
int opt = *p;
int len = p[1];
int opt = p[0];
if((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
printf(", %s", lcpconfopts[opt]);
switch(opt)
{
case LCPOPT_MRU:
if(len == 4)
printf("=%d", (*(p+2) << 8) + *(p+3));
break;
case LCPOPT_AP:
if(len >= 4)
{
if(*(p+2) == 0xc0 && *(p+3) == 0x23)
{
printf(" PAP");
}
else if(*(p+2) == 0xc2 && *(p+3) == 0x23)
{
printf(" CHAP/");
switch(*(p+4))
{
default:
printf("unknown-algorithm-%d", *(p+4));
break;
case 5:
printf("MD5");
break;
case 0x80:
printf("Microsoft");
break;
}
}
else if(*(p+2) == 0xc2 && *(p+3) == 0x27)
{
printf(" EAP");
}
else if(*(p+2) == 0xc0 && *(p+3) == 0x27)
{
printf(" SPAP");
}
else if(*(p+2) == 0xc1 && *(p+3) == 0x23)
{
printf(" Old-SPAP");
}
else
{
printf("unknown");
switch (opt) {
case LCPOPT_MRU:
if (len == 4)
printf("=%d", (*(p+2) << 8) + *(p+3));
break;
case LCPOPT_AP:
if (len >= 4) {
if (p[2] == 0xc0 && p[3] == 0x23)
printf(" PAP");
else if (p[2] == 0xc2 && p[3] == 0x23) {
printf(" CHAP/");
switch (p[4]) {
default:
printf("unknown-algorithm-%u", p[4]);
break;
case 5:
printf("MD5");
break;
case 0x80:
printf("Microsoft");
break;
}
}
break;
case LCPOPT_QP:
if(len >= 4)
{
if(*(p+2) == 0xc0 && *(p+3) == 0x25)
printf(" LQR");
else
printf(" unknown");
}
break;
case LCPOPT_MN:
if(len == 6)
{
printf("=%d", ((*(p+2) << 24) + (*(p+3) << 16) + (*(p+4) << 8) + (*(p+5))));
}
break;
case LCPOPT_PFC:
printf(" PFC");
break;
case LCPOPT_ACFC:
printf(" ACFC");
break;
else if (p[2] == 0xc2 && p[3] == 0x27)
printf(" EAP");
else if (p[2] == 0xc0 && p[3] == 0x27)
printf(" SPAP");
else if (p[2] == 0xc1 && p[3] == 0x23)
printf(" Old-SPAP");
else
printf("unknown");
}
break;
case LCPOPT_QP:
if (len >= 4) {
if (p[2] == 0xc0 && p[3] == 0x25)
printf(" LQR");
else
printf(" unknown");
}
break;
case LCPOPT_MN:
if (len == 6)
printf("=%u", EXTRACT_32BITS(p+2));
break;
case LCPOPT_PFC:
printf(" PFC");
break;
case LCPOPT_ACFC:
printf(" ACFC");
break;
}
return(len);
return len;
}
/* CHAP */
static int
static void
handle_chap(const u_char *p, int length)
{
int x, j;
u_char *ptr;
int x;
const u_char *ptr;
x = *(p+4);
x = p[4];
if((x >= CHAP_CODEMIN) && (x <= CHAP_CODEMAX))
{
printf("%s", chapcode[x-1]);
}
else
{
if ((x >= CHAP_CODEMIN) && (x <= CHAP_CODEMAX))
printf("%s", chapcode[x - 1]);
else {
printf("0x%02x", x);
return;
}
length -= 4;
switch(x)
{
case CHAP_CHAL:
case CHAP_RESP:
printf(", Value=");
x = *(p+8); /* value size */
ptr = (u_char *)p+9;
while(--x >= 0)
printf("%02x", *ptr++);
x = length - *(p+8) - 1;
printf(", Name=");
while(--x >= 0)
printf("%c", *ptr++);
break;
switch (p[4]) {
case CHAP_CHAL:
case CHAP_RESP:
printf(", Value=");
x = p[8]; /* value size */
ptr = p + 9;
while (--x >= 0)
printf("%02x", *ptr++);
x = length - p[8] - 1;
printf(", Name=");
while (--x >= 0) {
if (isprint(*ptr))
printf("%c", *ptr);
else
printf("\\%03o", *ptr);
ptr++;
}
break;
}
}
/* PAP */
static int
static void
handle_pap(const u_char *p, int length)
{
int x, j;
u_char *ptr;
int x;
const u_char *ptr;
x = *(p+4);
x = p[4];
if((x >= PAP_CODEMIN) && (x <= PAP_CODEMAX))
{
printf("%s", papcode[x-1]);
}
else
{
if ((x >= PAP_CODEMIN) && (x <= PAP_CODEMAX))
printf("%s", papcode[x - 1]);
else {
printf("0x%02x", x);
return;
}
length -= 4;
switch(x)
{
case PAP_AREQ:
printf(", Peer-Id=");
x = *(p+8); /* peerid size */
ptr = (u_char *)p+9;
while(--x >= 0)
printf("%c", *ptr++);
x = *ptr++;
printf(", Passwd=");
while(--x >= 0)
printf("%c", *ptr++);
break;
case PAP_AACK:
case PAP_ANAK:
break;
switch (x) {
case PAP_AREQ:
printf(", Peer-Id=");
x = p[8]; /* peerid size */
ptr = p + 9;
while (--x >= 0) {
if (isprint(*ptr))
printf("%c", *ptr);
else
printf("\\%03o", *ptr);
ptr++;
}
x = *ptr++;
printf(", Passwd=");
while (--x >= 0) {
if (isprint(*ptr))
printf("%c", *ptr);
else
printf("\\%03o", *ptr);
ptr++;
}
break;
case PAP_AACK:
case PAP_ANAK:
break;
}
}
/* IPCP */
static int
static void
handle_ipcp(const u_char *p, int length)
{
int x, j;
x = *(p+8);
length -= 4;
switch(x)
{
case IPCP_2ADDR:
printf("IP-Addresses");
printf(", Src=%d.%d.%d.%d", *(p+10), *(p+11), *(p+12), *(p+13));
printf(", Dst=%d.%d.%d.%d", *(p+14), *(p+15), *(p+16), *(p+17));
break;
case IPCP_CP:
printf("IP-Compression-Protocol");
break;
switch (p[8]) {
case IPCP_2ADDR:
printf("IP-Addresses");
printf(", src=%s", ipaddr_string(p + 10));
printf(", drc=%s", ipaddr_string(p + 14));
break;
case IPCP_CP:
printf("IP-Compression-Protocol");
break;
case IPCP_ADDR:
printf("IP-Address=%d.%d.%d.%d", *(p+10), *(p+11), *(p+12), *(p+13));
break;
case IPCP_ADDR:
printf("IP-Address=%s", ipaddr_string(p + 10));
break;
}
}
/* Standard PPP printer */
void
ppp_if_print(u_char *user, const struct pcap_pkthdr *h,
register const u_char *p)
{
register u_int length = h->len;
register u_int caplen = h->caplen;
const struct ip *ip;
u_int proto;
ts_print(&h->ts);
@ -543,113 +490,13 @@ ppp_if_print(u_char *user, const struct pcap_pkthdr *h,
* and/or check that they're not walking off the end of the packet.
* Rather than pass them all the way down, we set these globals.
*/
proto = ntohs(*(u_short *)&p[2]);
packetp = p;
snapend = p + caplen;
do_ppp_print(p, length, caplen);
}
/*
* Print PPPoE discovery & session packets
*/
void
pppoe_print(const u_char *p, u_int length)
{
u_short tag, len, tlen;
u_char type;
int f, asc;
fputs("PPPoE ", stdout);
/*
* A PPPoE header:
*
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | VER | TYPE | CODE | SESSION_ID |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | LENGTH | payload ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
type = p[1];
for (f = sizeof typenames / sizeof typenames[0] - 1; f >= 0; f--)
if (typenames[f].type == type) {
fputs(typenames[f].name, stdout);
break;
}
if (f == -1) {
printf("<0x%02x>\n", type);
}
len = ntohs(*(u_short *)(p + 4));
printf(" v%d, type %d, sess %d len %d", p[0] >> 4, p[0] & 0xf,
ntohs(*(u_short *)(p + 2)), len);
if (type == 0x00) {
/* This is a data packet */
p += 4;
fputs("] ", stdout);
/* If eflag is set, ignore the trailing 2 bytes for LCP... */
do_ppp_print(p, eflag ? len - 2 : len + 2, len + 4);
return;
}
p += 6;
length -= 6;
if (len > length)
len = length; /* puke ! */
/*
* A PPPoE tag:
*
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | TAG_TYPE | TAG_LENGTH |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | TAG_VALUE ... ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
while (len >= 4) {
tag = ntohs(*(u_short *)p);
tlen = ntohs(*(u_short *)(p + 2));
fputs(" [", stdout);
for (f = sizeof tagnames / sizeof tagnames[0] - 1; f >= 0; f--)
if (tagnames[f].tag == tag) {
asc = tagnames[f].isascii;
fputs(tagnames[f].name, stdout);
break;
}
if (f == -1) {
printf("<0x%04x>", tag);
asc = -1;
}
p += 4;
if (tlen > 0) {
if (asc == -1) {
for (f = 0; f < tlen; f++)
if (!isascii(p[f]))
break;
asc = f == tlen;
}
fputc(' ', stdout);
if (asc)
printf("%.*s", (int)tlen, p);
else for (f = 0; f < tlen; f++)
printf("%02x", p[f]);
}
fputc(']', stdout);
p += tlen;
len -= tlen + 4;
}
}
/*
* Actually do the job
*/
@ -670,6 +517,14 @@ do_ppp_print(const u_char *p, u_int length, u_int caplen)
case ETHERTYPE_IPX:
ipx_print((const u_char *)(p + PPP_HDRLEN), length);
break;
#ifdef INET6
case ETHERTYPE_IPV6: /*XXX*/
#ifdef PPP_IPV6
case PPP_IPV6:
#endif
ip6_print((const u_char *)(p + PPP_HDRLEN), length);
break;
#endif
default:
if(!eflag)
@ -686,13 +541,35 @@ do_ppp_print(const u_char *p, u_int length, u_int caplen)
putchar('\n');
}
/* proto type to string mapping */
static struct tok ptype2str[] = {
struct tok ppptype2str[] = {
{ PPP_IP, "IP" },
{ PPP_OSI, "OSI" },
{ PPP_NS, "NS" },
{ PPP_DECNET, "DECNET" },
{ PPP_APPLE, "APPLE" },
{ PPP_IPX, "IPX" },
{ PPP_VJC, "VJC" },
{ PPP_VJNC, "VJNC" },
{ PPP_OSI, "OSI" },
{ PPP_LCP, "LCP" },
{ PPP_BRPDU, "BRPDU" },
{ PPP_STII, "STII" },
{ PPP_VINES, "VINES" },
{ PPP_HELLO, "HELLO" },
{ PPP_LUXCOM, "LUXCOM" },
{ PPP_SNS, "SNS" },
{ PPP_IPCP, "IPCP" },
{ PPP_OSICP, "OSICP" },
{ PPP_NSCP, "NSCP" },
{ PPP_DECNETCP, "DECNETCP" },
{ PPP_APPLECP, "APPLECP" },
{ PPP_IPXCP, "IPXCP" },
{ PPP_STIICP, "STIICP" },
{ PPP_VINESCP, "VINESCP" },
{ PPP_LCP, "LCP" },
{ PPP_PAP, "PAP" },
{ PPP_LQM, "LQM" },
{ PPP_CHAP, "CHAP" },
{ 0, NULL }
};
@ -703,10 +580,13 @@ void
ppp_bsdos_if_print(u_char *user, const struct pcap_pkthdr *h,
register const u_char *p)
{
#ifdef __bsdi__
register u_int length = h->len;
register u_int caplen = h->caplen;
register int hdrlength;
u_short ptype;
const u_char *q;
int i;
ts_print(&h->ts);
@ -724,6 +604,7 @@ ppp_bsdos_if_print(u_char *user, const struct pcap_pkthdr *h,
snapend = p + caplen;
hdrlength = 0;
#if 0
if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) {
if (eflag)
printf("%02x %02x ", p[0], p[1]);
@ -749,16 +630,80 @@ ppp_bsdos_if_print(u_char *user, const struct pcap_pkthdr *h,
p += 2;
hdrlength += 2;
}
#else
ptype = 0; /*XXX*/
if (eflag)
printf("%c ", p[SLC_DIR] ? 'O' : 'I');
if (p[SLC_LLHL]) {
/* link level header */
struct ppp_header *ph;
q = p + SLC_BPFHDRLEN;
ph = (struct ppp_header *)q;
if (ph->phdr_addr == PPP_ADDRESS
&& ph->phdr_ctl == PPP_CONTROL) {
if (eflag)
printf("%02x %02x ", q[0], q[1]);
ptype = ntohs(ph->phdr_type);
if (eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
printf("%s ", tok2str(ppptype2str,
"proto-#%d", ptype));
}
} else {
if (eflag) {
printf("LLH=[");
for (i = 0; i < p[SLC_LLHL]; i++)
printf("%02x", q[i]);
printf("] ");
}
}
if (eflag)
printf("%d ", length);
}
if (p[SLC_CHL]) {
q = p + SLC_BPFHDRLEN + p[SLC_LLHL];
switch (ptype) {
case PPP_VJC:
ptype = vjc_print(q, length - (q - p), ptype);
hdrlength = PPP_BSDI_HDRLEN;
p += hdrlength;
if (ptype == PPP_IP)
ip_print(p, length);
goto printx;
case PPP_VJNC:
ptype = vjc_print(q, length - (q - p), ptype);
hdrlength = PPP_BSDI_HDRLEN;
p += hdrlength;
if (ptype == PPP_IP)
ip_print(p, length);
goto printx;
default:
if (eflag) {
printf("CH=[");
for (i = 0; i < p[SLC_LLHL]; i++)
printf("%02x", q[i]);
printf("] ");
}
break;
}
}
hdrlength = PPP_BSDI_HDRLEN;
#endif
length -= hdrlength;
p += hdrlength;
if (ptype == PPP_IP)
ip_print(p, length);
else
printf("%s ", tok2str(ptype2str, "proto-#%d", ptype));
printf("%s ", tok2str(ppptype2str, "proto-#%d", ptype));
printx:
if (xflag)
default_print((const u_char *)p, caplen - hdrlength);
out:
putchar('\n');
#endif /* __bsdi__ */
}

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-sl.c,v 1.42 97/06/12 14:21:35 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-sl.c,v 1.46 1999/11/21 12:38:24 itojun Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#ifdef HAVE_NET_SLIP_H
@ -44,9 +50,7 @@ struct rtentry;
#include <net/ethernet.h>
#include <netinet/ip_var.h>
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#include <net/slcompress.h>
#include <net/slip.h>
@ -104,7 +108,18 @@ sl_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
if (eflag)
sliplink_print(p, ip, length);
ip_print((u_char *)ip, length);
switch (ip->ip_v) {
case 4:
ip_print((u_char *)ip, length);
break;
#ifdef INET6
case 6:
ip6_print((u_char *)ip, length);
break;
#endif
default:
printf ("ip v%d", ip->ip_v);
}
if (xflag)
default_print((u_char *)ip, caplen - SLIP_HDRLEN);

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-sunrpc.c,v 1.26 96/12/31 21:27:43 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-sunrpc.c,v 1.29 1999/11/21 09:37:02 fenner Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>

View File

@ -19,6 +19,8 @@
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* Hacked version of print-ether.c Larry Lile <lile@stdio.com>
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
@ -107,7 +109,7 @@ token_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
u_int length = h->len;
struct token_header *tp;
u_short ether_type;
extern u_short extracted_ethertype;
u_short extracted_ethertype;
u_int route_len = 0, seg;
struct llc *lp;

View File

@ -17,11 +17,17 @@
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $FreeBSD$
*/
#ifndef lint
static const char rcsid[] =
"@(#) $Header: print-udp.c,v 1.60 97/07/27 21:58:48 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/print-udp.c,v 1.70 1999/12/22 06:27:23 itojun Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
@ -51,6 +57,10 @@ static const char rcsid[] =
#include <stdio.h>
#ifdef INET6
#include <netinet/ip6.h>
#endif
#include "interface.h"
#include "addrtoname.h"
#include "appletalk.h"
@ -291,8 +301,23 @@ rtcp_print(const u_char *hdr, const u_char *ep)
#define SNMP_PORT 161 /*XXX*/
#define NTP_PORT 123 /*XXX*/
#define SNMPTRAP_PORT 162 /*XXX*/
#define ISAKMP_PORT 500 /*XXX*/
#define RIP_PORT 520 /*XXX*/
#define KERBEROS_SEC_PORT 750 /*XXX*/
#define L2TP_PORT 1701 /*XXX*/
#define ISAKMP_PORT_USER1 7500 /*??? - nonstandard*/
#define ISAKMP_PORT_USER2 8500 /*??? - nonstandard*/
#define RX_PORT_LOW 7000 /*XXX*/
#define RX_PORT_HIGH 7009 /*XXX*/
#define NETBIOS_NS_PORT 137
#define NETBIOS_DGRAM_PORT 138
#define CISCO_AUTORP_PORT 496 /*XXX*/
#ifdef INET6
#define RIPNG_PORT 521 /*XXX*/
#define DHCP6_SERV_PORT 546 /*XXX*/
#define DHCP6_CLI_PORT 547 /*XXX*/
#endif
void
udp_print(register const u_char *bp, u_int length, register const u_char *bp2)
@ -302,18 +327,30 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2)
register const u_char *cp;
register const u_char *ep = bp + length;
u_short sport, dport, ulen;
#ifdef INET6
register const struct ip6_hdr *ip6;
#endif
if (ep > snapend)
ep = snapend;
up = (struct udphdr *)bp;
ip = (struct ip *)bp2;
#ifdef INET6
if (ip->ip_v == 6)
ip6 = (struct ip6_hdr *)bp2;
else
ip6 = NULL;
#endif /*INET6*/
cp = (u_char *)(up + 1);
if (cp > snapend) {
printf("[|udp]");
(void)printf("%s > %s: [|udp]",
ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst));
return;
}
if (length < sizeof(struct udphdr)) {
(void)printf(" truncated-udp %d", length);
(void)printf("%s > %s: truncated-udp %d",
ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst),
length);
return;
}
length -= sizeof(struct udphdr);
@ -374,6 +411,15 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2)
while (cp < ep)
cp = rtcp_print(cp, ep);
break;
case PT_SNMP:
(void)printf("%s.%s > %s.%s:",
ipaddr_string(&ip->ip_src),
udpport_string(sport),
ipaddr_string(&ip->ip_dst),
udpport_string(dport));
snmp_print((const u_char *)(up + 1), length);
break;
}
return;
}
@ -411,9 +457,38 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2)
return;
}
}
#if 0
(void)printf("%s.%s > %s.%s:",
ipaddr_string(&ip->ip_src), udpport_string(sport),
ipaddr_string(&ip->ip_dst), udpport_string(dport));
#else
#ifdef INET6
if (ip6) {
if (ip6->ip6_nxt == IPPROTO_UDP) {
(void)printf("%s.%s > %s.%s: ",
ip6addr_string(&ip6->ip6_src),
udpport_string(sport),
ip6addr_string(&ip6->ip6_dst),
udpport_string(dport));
} else {
(void)printf("%s > %s: ",
udpport_string(sport), udpport_string(dport));
}
} else
#endif /*INET6*/
{
if (ip->ip_p == IPPROTO_UDP) {
(void)printf("%s.%s > %s.%s: ",
ipaddr_string(&ip->ip_src),
udpport_string(sport),
ipaddr_string(&ip->ip_dst),
udpport_string(dport));
} else {
(void)printf("%s > %s: ",
udpport_string(sport), udpport_string(dport));
}
}
#endif
if (!qflag) {
#define ISPORT(p) (dport == (p) || sport == (p))
@ -426,19 +501,51 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2)
sport, dport);
else if (ISPORT(RIP_PORT))
rip_print((const u_char *)(up + 1), length);
else if (ISPORT(ISAKMP_PORT))
isakmp_print((const u_char *)(up + 1), length, bp2);
#if 1 /*???*/
else if (ISPORT(ISAKMP_PORT_USER1) || ISPORT(ISAKMP_PORT_USER2))
isakmp_print((const u_char *)(up + 1), length, bp2);
#endif
else if (ISPORT(SNMP_PORT) || ISPORT(SNMPTRAP_PORT))
snmp_print((const u_char *)(up + 1), length);
else if (ISPORT(NTP_PORT))
ntp_print((const u_char *)(up + 1), length);
else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT))
krb_print((const void *)(up + 1), length);
else if (ISPORT(L2TP_PORT))
l2tp_print((const u_char *)(up + 1), length);
else if (ISPORT(NETBIOS_NS_PORT)) {
nbt_udp137_print((const u_char *)(up + 1), length);
}
else if (ISPORT(NETBIOS_DGRAM_PORT)) {
nbt_udp138_print((const u_char *)(up + 1), length);
}
else if (dport == 3456)
vat_print((const void *)(up + 1), length, up);
/*
* Since there are 10 possible ports to check, I think
* a <> test would be more efficient
*/
else if ((sport >= RX_PORT_LOW && sport <= RX_PORT_HIGH) ||
(dport >= RX_PORT_LOW && dport <= RX_PORT_HIGH))
rx_print((const void *)(up + 1), length, sport, dport,
(u_char *) ip);
#ifdef INET6
else if (ISPORT(RIPNG_PORT))
ripng_print((const u_char *)(up + 1), length);
else if (ISPORT(DHCP6_SERV_PORT) || ISPORT(DHCP6_CLI_PORT)) {
dhcp6_print((const u_char *)(up + 1), length,
sport, dport);
}
#endif /*INET6*/
/*
* Kludge in test for whiteboard packets.
*/
else if (dport == 4567)
wb_print((const void *)(up + 1), length);
else if (ISPORT(CISCO_AUTORP_PORT))
cisco_autorp_print((const void *)(up + 1), length);
else
(void)printf(" udp %u",
(u_int32_t)(ulen - sizeof(*up)));

View File

@ -1,4 +1,4 @@
.\" @(#) $Header: tcpdump.1,v 1.67 97/06/30 16:31:50 leres Exp $ (LBL)
.\" @(#) $Header: /tcpdump/master/tcpdump/tcpdump.1,v 1.72.2.2 2000/01/29 16:42:03 itojun Exp $ (LBL)
.\"
.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
.\" The Regents of the University of California. All rights reserved.
@ -29,7 +29,7 @@ tcpdump \- dump traffic on a network
.na
.B tcpdump
[
.B \-adeflnNOpqStvxX
.B \-adeflnNOpqRStvxX
] [
.B \-c
.I count
@ -42,16 +42,21 @@ tcpdump \- dump traffic on a network
[
.B \-i
.I interface
] [
]
[
.B \-m
.I module
]
[
.B \-r
.I file
]
.br
.ti +8
[
.B \-s
.I snaplen
]
.br
.ti +8
[
.B \-T
.I type
@ -60,6 +65,8 @@ tcpdump \- dump traffic on a network
.B \-w
.I file
]
.br
.ti +8
[
.I expression
]
@ -148,6 +155,10 @@ Don't print domain name qualification of host names. E.g.,
if you give this flag then \fItcpdump\fP will print ``nic''
instead of ``nic.ddn.mil''.
.TP
.B \-m
Load SMI MIB module definitions from file \fImodule\fR. This option
can be used several times to load several MIB modules into tcpdump.
.TP
.B \-O
Do not run the packet-matching code optimizer. This is useful only
if you suspect a bug in the optimizer.
@ -186,10 +197,17 @@ specified \fItype\fR. Currently known types are
\fBrpc\fR (Remote Procedure Call),
\fBrtp\fR (Real-Time Applications protocol),
\fBrtcp\fR (Real-Time Applications control protocol),
\fBsnmp\fR (Simple Network Management Protocol),
\fBvat\fR (Visual Audio Tool),
and
\fBwb\fR (distributed White Board).
.TP
.B \-R
Assume ESP/AH packets to be based on old specification (RFC1825 to RFC1829).
If specified, \fItcpdump\fP will not print replay prevention field.
Since there is no protocol version field in ESP/AH specification,
\fItcpdump\fP cannot deduce the version of ESP/AH protocol.
.TP
.B \-S
Print absolute, rather than relative, TCP sequence numbers.
.TP
@ -207,6 +225,13 @@ and type of service information in an IP packet is printed.
Even more verbose output. For example, additional fields are
printed from NFS reply packets.
.TP
.B \-vvv
Even more verbose output. For example,
telnet \fBSB\fP ... \fBSE\fP options
are printed in full. With
.B \-X
telnet options are printed in hex as well.
.TP
.B \-w
Write the raw packets to \fIfile\fR rather than parsing and printing
them out. They can later be printed with the \-r option.
@ -219,9 +244,14 @@ The smaller of the entire packet or
bytes will be printed.
.TP
.B \-X
Like
When printing hex, print ascii too. Thus if
.B \-x
but dumps the packet in emacs-hexl like format with ASCII decoding.
is also set, the packet is printed in hex/ascii.
This is very handy for analysing new protocols.
Even if
.B \-x
is not also set, some parts of some packets may be printed
in hex/ascii.
.IP "\fI expression\fP"
.RS
selects which packets will be dumped. If no \fIexpression\fP
@ -270,6 +300,7 @@ protos are:
.BR ether ,
.BR fddi ,
.BR ip ,
.BR ip6 ,
.BR arp ,
.BR rarp ,
.BR decnet ,
@ -280,6 +311,8 @@ protos are:
.BR iso ,
.BR esis ,
.BR isis ,
.BR icmp ,
.BR icmp6 ,
.B tcp
and
.BR udp .
@ -317,14 +350,14 @@ To save typing, identical qualifier lists can be omitted. E.g.,
.LP
Allowable primitives are:
.IP "\fBdst host \fIhost\fR"
True if the IP destination field of the packet is \fIhost\fP,
True if the IPv4/v6 destination field of the packet is \fIhost\fP,
which may be either an address or a name.
.IP "\fBsrc host \fIhost\fR"
True if the IP source field of the packet is \fIhost\fP.
True if the IPv4/v6 source field of the packet is \fIhost\fP.
.IP "\fBhost \fIhost\fP
True if either the IP source or destination of the packet is \fIhost\fP.
True if either the IPv4/v6 source or destination of the packet is \fIhost\fP.
Any of the above host expressions can be prepended with the keywords,
\fBip\fP, \fBarp\fP, or \fBrarp\fP as in:
\fBip\fP, \fBarp\fP, \fBrarp\fP, or \fBip6\fP as in:
.in +.5i
.nf
\fBip host \fIhost\fR
@ -359,24 +392,26 @@ expression is
.fi
.in -.5i
which can be used with either names or numbers for \fIhost / ehost\fP.)
This syntax does not work in IPv6-enabled configuration at this moment.
.IP "\fBdst net \fInet\fR"
True if the IP destination address of the packet has a network
True if the IPv4/v6 destination address of the packet has a network
number of \fInet\fP. \fINet\fP may be either a name from /etc/networks
or a network number (see \fInetworks(4)\fP for details).
.IP "\fBsrc net \fInet\fR"
True if the IP source address of the packet has a network
True if the IPv4/v6 source address of the packet has a network
number of \fInet\fP.
.IP "\fBnet \fInet\fR"
True if either the IP source or destination address of the packet has a network
True if either the IPv4/v6 source or destination address of the packet has a network
number of \fInet\fP.
.IP "\fBnet \fInet\fR \fBmask \fImask\fR"
True if the IP address matches \fInet\fR with the specific netmask.
May be qualified with \fBsrc\fR or \fBdst\fR.
Note that this syntax is not valid for IPv6 \fInet\fR.
.IP "\fBnet \fInet\fR/\fIlen\fR"
True if the IP address matches \fInet\fR a netmask \fIlen\fR bits wide.
True if the IPv4/v6 address matches \fInet\fR a netmask \fIlen\fR bits wide.
May be qualified with \fBsrc\fR or \fBdst\fR.
.IP "\fBdst port \fIport\fR"
True if the packet is ip/tcp or ip/udp and has a
True if the packet is ip/tcp, ip/udp, ip6/tcp or ip6/udp and has a
destination port value of \fIport\fP.
The \fIport\fP can be a number or a name used in /etc/services (see
.IR tcp (4P)
@ -423,6 +458,29 @@ of protocol type \fIprotocol\fP.
\fIicmp\fP, \fIigrp\fP, \fIudp\fP, \fInd\fP, or \fItcp\fP.
Note that the identifiers \fItcp\fP, \fIudp\fP, and \fIicmp\fP are also
keywords and must be escaped via backslash (\\), which is \\\\ in the C-shell.
Note that this primitive does not chase protocol header chain.
.IP "\fBip6 proto \fIprotocol\fR"
True if the packet is an IPv6 packet of protocol type \fIprotocol\fP.
Note that this primitive does not chase protocol header chain.
.IP "\fBip6 protochain \fIprotocol\fR"
True if the packet is IPv6 packet,
and contains protocol header with type \fIprotocol\fR
in its protocol header chain.
For example,
.in +.5i
.nf
\fBip6 protochain 6\fR
.fi
.in -.5i
matches any IPv6 packet with TCP protocol header in the protocol header chain.
The packet may contain, for example,
authentication header, routing header, or hop-by-hop option header,
between IPv6 header and TCP header.
The BPF code emitted by this primitive is complex and
cannot be optimized by BPF optimizer code in \fItcpdump\fP,
so this can be somewhat slow.
.IP "\fBip protochain \fIprotocol\fR"
Equivalent to \fBip6 protochain \fIprotocol\fR, but this is for IPv4.
.IP "\fBether broadcast\fR"
True if the packet is an ethernet broadcast packet. The \fIether\fP
keyword is optional.
@ -436,10 +494,12 @@ keyword is optional.
This is shorthand for `\fBether[0] & 1 != 0\fP'.
.IP "\fBip multicast\fR"
True if the packet is an IP multicast packet.
.IP "\fBip6 multicast\fR"
True if the packet is an IPv6 multicast packet.
.IP "\fBether proto \fIprotocol\fR"
True if the packet is of ether type \fIprotocol\fR.
\fIProtocol\fP can be a number or a name like
\fIip\fP, \fIarp\fP, or \fIrarp\fP.
\fIip\fP, \fIip6\fP, \fIarp\fP, or \fIrarp\fP.
Note these identifiers are also keywords
and must be escaped via backslash (\\).
[In the case of FDDI (e.g., `\fBfddi protocol arp\fR'), the
@ -460,7 +520,7 @@ True if the DECNET destination address is
.IP "\fBdecnet host \fIhost\fR"
True if either the DECNET source or destination address is
.IR host .
.IP "\fBip\fR, \fBarp\fR, \fBrarp\fR, \fBdecnet\fR, \fBiso\fR"
.IP "\fBip\fR, \fBip6\fR, \fBarp\fR, \fBrarp\fR, \fBdecnet\fR, \fBiso\fR"
Abbreviations for:
.in +.5i
.nf
@ -482,7 +542,7 @@ Note that
Abbreviations for:
.in +.5i
.nf
\fBip proto \fIp\fR
\fBip proto \fIp\fR\fB or ip6 proto \fIp\fR
.fi
.in -.5i
where \fIp\fR is one of the above protocols.
@ -508,8 +568,10 @@ data inside the packet, use the following syntax:
.fi
.in -.5i
\fIProto\fR is one of \fBether, fddi,
ip, arp, rarp, tcp, udp, \fRor \fBicmp\fR, and
ip, arp, rarp, tcp, udp, icmp\fR or \fBip6\fR, and
indicates the protocol layer for the index operation.
Note that \fItcp, udp\fR and other upper-layer protocol types only
apply to IPv4, not IPv6 (this will be fixed in the future).
The byte offset, relative to the indicated protocol layer, is
given by \fIexpr\fR.
\fISize\fR is optional and indicates the number of bytes in the
@ -946,6 +1008,27 @@ to print. Use the \fB\-s\fP flag to increase the snaplen if you
need to seriously investigate name server traffic. `\fB\-s 128\fP'
has worked well for me.
.HD
SMB/CIFS decoding
.LP
tcpdump now includes fairly extensive SMB/CIFS/NBT decoding for data
on UDP/137, UDP/138 and TCP/139. Some primitive decoding of IPX and
NetBEUI SMB data is also done.
By default a fairly minimal decode is done, with a much more detailed
decode done if -v is used. Be warned that with -v a single SMB packet
may take up a page or more, so only use -v if you really want all the
gory details.
If you are decoding SMB sessions containing unicode strings then you
may wish to set the environment variable USE_UNICODE to 1. A patch to
auto-detect unicode srings would be welcome.
For information on SMB packet formats and what all te fields mean see
www.cifs.org or the pub/samba/specs/ directory on your favourite
samba.org mirror site. The SMB patches were written by Andrew Tridgell
(tridge@samba.org).
.HD
NFS Requests and Replies
.LP
@ -1019,6 +1102,64 @@ NFS reply packets do not explicitly identify the RPC operation. Instead,
\fItcpdump\fP keeps track of ``recent'' requests, and matches them to the
replies using the transaction ID. If a reply does not closely follow the
corresponding request, it might not be parsable.
.HD
AFS Request and Replies
.LP
Transarc AFS (Andrew File System) requests and replies are printed
as:
.HD
.RS
.nf
.sp .5
\fIsrc.sport > dst.dport: rx packet-type\fP
\fIsrc.sport > dst.dport: rx packet-type service call call-name args\fP
\fIsrc.sport > dst.dport: rx packet-type service reply call-name args\fP
.sp .5
\f(CW
elvis.7001 > pike.afsfs:
rx data fs call rename old fid 536876964/1/1 ".newsrc.new"
new fid 536876964/1/1 ".newsrc"
pike.afsfs > elvis.7001: rx data fs reply rename
\fP
.sp .5
.fi
.RE
In the first line, host elvis sends a RX packet to pike. This was
a RX data packet to the fs (fileserver) service, and is the start of
an RPC call. The RPC call was a rename, with the old directory file id
of 536876964/1/1 and an old filename of `.newsrc.new', and a new directory
file id of 536876964/1/1 and a new filename of `.newsrc'. The host pike
responds with a RPC reply to the rename call (which was successful, because
it was a data packet and not an abort packet).
.LP
In general, all AFS RPCs are decoded at least by RPC call name. Most
AFS RPCs have at least some of the arguments decoded (generally only
the `interesting' arguments, for some definition of interesting).
.LP
The format is intended to be self-describing, but it will probably
not be useful to people who are not familiar with the workings of
AFS and RX.
.LP
If the -v (verbose) flag is given twice, additional information is printed,
such as the the RX call ID, call number, sequence number, serial number,
and the RX packet flags.
.LP
If the -v flag is given again, the security index and service id are printed.
.LP
Error codes are printed for abort packets, with the exception of Ubik
beacon packets (because abort packets are used to signify a yes vote
for the Ubik protocol).
.LP
Note that AFS requests are very large and many of the arguments won't
be printed unless \fIsnaplen\fP is increased. Try using `\fB-s 256\fP'
to watch AFS traffic.
.LP
AFS reply packets do not explicitly identify the RPC operation. Instead,
\fItcpdump\fP keeps track of ``recent'' requests, and matches them to the
replies using the call number and service ID. If a reply does not closely
follow the
corresponding request, it might not be parsable.
.HD
KIP Appletalk (DDP in UDP)
.LP
@ -1209,6 +1350,9 @@ The current version is available via anonymous ftp:
.RS
.I ftp://ftp.ee.lbl.gov/tcpdump.tar.Z
.RE
.LP
IPv6/IPsec support is added by WIDE/KAME project.
This program uses Eric Young's SSLeay library, under specific configuration.
.SH BUGS
Please send bug reports to tcpdump@ee.lbl.gov.
.LP
@ -1237,3 +1381,14 @@ packets are encapsulated Ethernet packets. This is true for IP, ARP,
and DECNET Phase IV, but is not true for protocols such as ISO CLNS.
Therefore, the filter may inadvertently accept certain packets that
do not properly match the filter expression.
.LP
.BR "ip6 proto"
should chase header chain, but at this moment it does not.
.BR tcp
or
.BR udp
should chase header chain too.
.LP
Arithmetic expression against transport layer headers, like \fBtcp[0]\fP,
does not work against IPv6 packets.
It only looks at IPv4 packets.

View File

@ -24,7 +24,7 @@ static const char copyright[] =
"@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997\n\
The Regents of the University of California. All rights reserved.\n";
static const char rcsid[] =
"@(#) $Header: tcpdump.c,v 1.129 97/06/13 13:10:11 leres Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.138.2.1 2000/01/11 07:34:00 fenner Exp $ (LBL)";
#endif
/* $FreeBSD$ */
@ -37,6 +37,10 @@ static const char rcsid[] =
* combined efforts of Van, Steve McCanne and Craig Leres of LBL.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/types.h>
#include <sys/time.h>
@ -48,6 +52,10 @@ static const char rcsid[] =
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <ctype.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include "interface.h"
#include "addrtoname.h"
@ -64,11 +72,16 @@ int Nflag; /* remove domains from printed host names */
int Oflag = 1; /* run filter code optimizer */
int pflag; /* don't go promiscuous */
int qflag; /* quick (shorter) output */
int Rflag = 1; /* print sequence # field in AH/ESP*/
int sflag = 0; /* use the libsmi to translate OIDs */
int Sflag; /* print raw TCP sequence numbers */
int tflag = 1; /* print packet arrival time */
int vflag; /* verbose */
int xflag; /* print packet in hex */
int Xflag; /* print packet in emacs-hexl style */
int Xflag; /* print packet in ascii as well as hex */
char *ahsecret = NULL; /* AH secret key */
char *espsecret = NULL; /* ESP secret key */
int packettype;
@ -95,6 +108,12 @@ struct printer {
static struct printer printers[] = {
{ ether_if_print, DLT_EN10MB },
{ token_if_print, DLT_IEEE802 },
#ifdef DLT_LANE8023
{ lane_if_print, DLT_LANE8023 },
#endif
#ifdef DLT_CIP
{ cip_if_print, DLT_CIP },
#endif
{ sl_if_print, DLT_SLIP },
{ sl_bsdos_if_print, DLT_SLIP_BSDOS },
{ ppp_if_print, DLT_PPP },
@ -103,6 +122,9 @@ static struct printer printers[] = {
{ null_if_print, DLT_NULL },
{ raw_if_print, DLT_RAW },
{ atm_if_print, DLT_ATM_RFC1483 },
#ifdef DLT_CHDLC
{ chdlc_if_print, DLT_CHDLC },
#endif
{ NULL, 0 },
};
@ -150,15 +172,28 @@ main(int argc, char **argv)
if (abort_on_misalignment(ebuf) < 0)
error("%s", ebuf);
#ifdef LIBSMI
smiInit("tcpdump");
#endif
opterr = 0;
while (
(op = getopt(argc, argv, "ac:defF:i:lnNOpqr:s:StT:vw:xXY")) != EOF)
(op = getopt(argc, argv, "ac:deE:fF:i:lnNm:Opqr:Rs:StT:vw:xXY")) != EOF)
switch (op) {
case 'a':
++aflag;
break;
#if 0
case 'A':
#ifndef CRYPTO
warning("crypto code not compiled in");
#endif
ahsecret = optarg;
break;
#endif
case 'c':
cnt = atoi(optarg);
if (cnt <= 0)
@ -173,6 +208,13 @@ main(int argc, char **argv)
++eflag;
break;
case 'E':
#ifndef CRYPTO
warning("crypto code not compiled in");
#endif
espsecret = optarg;
break;
case 'f':
++fflag;
break;
@ -201,6 +243,18 @@ main(int argc, char **argv)
++Nflag;
break;
case 'm':
#ifdef LIBSMI
if (smiLoadModule(optarg) == 0) {
error("could not load MIB module %s", optarg);
}
sflag = 1;
#else
(void)fprintf(stderr, "%s: ignoring option `-m %s' ",
program_name, optarg);
(void)fprintf(stderr, "(no libsmi support)\n");
#endif
case 'O':
Oflag = 0;
break;
@ -217,6 +271,10 @@ main(int argc, char **argv)
RFileName = optarg;
break;
case 'R':
Rflag = 0;
break;
case 's':
snaplen = atoi(optarg);
if (snaplen <= 0)
@ -242,6 +300,8 @@ main(int argc, char **argv)
packettype = PT_RTP;
else if (strcasecmp(optarg, "rtcp") == 0)
packettype = PT_RTCP;
else if (strcasecmp(optarg, "snmp") == 0)
packettype = PT_SNMP;
else
error("unknown packet type `%s'", optarg);
break;
@ -253,6 +313,16 @@ main(int argc, char **argv)
case 'w':
WFileName = optarg;
break;
case 'x':
++xflag;
break;
case 'X':
++xflag;
++Xflag;
break;
#ifdef YYDEBUG
case 'Y':
{
@ -262,15 +332,6 @@ main(int argc, char **argv)
}
break;
#endif
case 'x':
++xflag;
break;
case 'X':
++Xflag;
if (xflag == 0) ++xflag;
break;
default:
usage();
/* NOTREACHED */
@ -446,61 +507,31 @@ default_print_unaligned(register const u_char *cp, register u_int length)
register int nshorts;
if (Xflag) {
/* dump the buffer in `emacs-hexl' style */
default_print_hexl(cp, length, 0);
} else {
/* dump the buffer in old tcpdump style */
nshorts = (u_int) length / sizeof(u_short);
i = 0;
while (--nshorts >= 0) {
if ((i++ % 8) == 0)
(void)printf("\n\t\t\t");
s = *cp++;
(void)printf(" %02x%02x", s, *cp++);
}
if (length & 1) {
if ((i % 8) == 0)
(void)printf("\n\t\t\t");
(void)printf(" %02x", *cp);
}
ascii_print(cp, length);
return;
}
nshorts = (u_int) length / sizeof(u_short);
i = 0;
while (--nshorts >= 0) {
if ((i++ % 8) == 0)
(void)printf("\n\t\t\t");
s = *cp++;
(void)printf(" %02x%02x", s, *cp++);
}
if (length & 1) {
if ((i % 8) == 0)
(void)printf("\n\t\t\t");
(void)printf(" %02x", *cp);
}
}
/*
* By default, print the packet out in hex.
*
* (BTW, please don't send us patches to print the packet out in ascii)
*/
void
default_print(register const u_char *bp, register u_int length)
{
register const u_short *sp;
register u_int i;
register int nshorts;
if (Xflag) {
/* dump the buffer in `emacs-hexl' style */
default_print_hexl(bp, length, 0);
} else {
/* dump the buffer in old tcpdump style */
if ((long)bp & 1) {
default_print_unaligned(bp, length);
return;
}
sp = (u_short *)bp;
nshorts = (u_int) length / sizeof(u_short);
i = 0;
while (--nshorts >= 0) {
if ((i++ % 8) == 0)
(void)printf("\n\t\t\t");
(void)printf(" %04x", ntohs(*sp++));
}
if (length & 1) {
if ((i % 8) == 0)
(void)printf("\n\t\t\t");
(void)printf(" %02x", *(u_char *)sp);
}
}
default_print_unaligned(bp, length);
}
__dead void

View File

@ -1,22 +1,23 @@
# $FreeBSD$
PROG= tcpdump
CFLAGS+=-DHAVE_FCNTL_H=1 -DHAVE_NET_SLIP_H=1 -DTIME_WITH_SYS_TIME=1 \
-DHAVE_ETHER_NTOHOST=1 -DHAVE_SETLINEBUF=1 -DSTDC_HEADERS=1 \
-DRETSIGTYPE=void -DRETSIGVAL= -DHAVE_SOCKADDR_SA_LEN=1 \
-DHAVE_TM_GMTOFF=1 -DLBL_ALIGN=1 -DPPP -DHAVE_FDDI
CFLAGS+=-DHAVE_CONFIG_H -I${.CURDIR}
MAN1= tcpdump.1
SRCS = version.c tcpdump.c \
print-arp.c print-atalk.c print-atm.c print-fr.c print-bootp.c \
print-decnet.c print-domain.c print-dvmrp.c print-egp.c \
print-ether.c print-fddi.c print-gre.c print-icmp.c \
print-igrp.c print-ip.c print-ipx.c print-isoclns.c print-krb.c \
print-llc.c print-nfs.c print-ntp.c print-null.c print-ospf.c \
print-pim.c print-ppp.c print-raw.c print-rip.c print-sl.c \
print-snmp.c print-sunrpc.c print-tcp.c print-tftp.c print-udp.c \
print-wb.c \
addrtoname.c bpf_dump.c gmt2local.c machdep.c parsenfsfh.c \
setsignal.c savestr.c util.c print-token.c
print-ah.c print-arp.c print-ascii.c print-atalk.c print-atm.c \
print-bgp.c print-bootp.c print-chdlc.c print-cip.c print-decnet.c \
print-dhcp6.c print-domain.c print-dvmrp.c print-egp.c print-esp.c \
print-ether.c print-fddi.c print-frag6.c print-gre.c print-icmp.c \
print-icmp6.c print-igrp.c print-ip.c print-ip6.c print-ip6opts.c \
print-ipcomp.c print-ipx.c print-isakmp.c print-isoclns.c print-krb.c \
print-l2tp.c print-lane.c print-lcp.c print-llc.c print-mobile.c \
print-nfs.c print-ntp.c print-null.c print-ospf.c print-ospf6.c \
print-pim.c print-ppp.c print-pppoe.c print-raw.c print-rip.c \
print-ripng.c print-rt6.c print-rx.c print-sl.c print-smb.c \
print-snmp.c print-sunrpc.c print-tcp.c print-telnet.c print-tftp.c \
print-token.c print-udp.c print-vjc.c print-wb.c \
savestr.c setsignal.c smbutil.c util.c
CLEANFILES+= version.c
DPADD+= ${LIBL} ${LIBPCAP}
LDADD+= -ll -lpcap

View File

@ -0,0 +1,223 @@
/* $FreeBSD$ */
/* config.h. Generated automatically by configure. */
/* config.h.in. Generated automatically from configure.in by autoheader. */
/* "generated automatically" means DO NOT MAKE CHANGES TO config.h.in --
* make them to acconfig.h and rerun autoheader */
/* Define to empty if the keyword does not work. */
/* #undef const */
/* Define as __inline if that's what the C compiler calls it. */
/* #undef inline */
/* Define as the return type of signal handlers (int or void). */
#define RETSIGTYPE void
/* Define if you can safely include both <sys/time.h> and <time.h>. */
#define TIME_WITH_SYS_TIME 1
/* Define if your processor stores words with the most significant
byte first (like Motorola and SPARC, unlike Intel and VAX). */
/* #undef WORDS_BIGENDIAN */
/* Define if you have SSLeay XXX why isn't this HAVE_LIBCRYPTO? */
/* #undef CRYPTO */
/* Define if you have SSLeay 0.9.0b with the buggy cast128. */
/* #undef HAVE_BUGGY_CAST128 */
/* Define both to enable IPv6 support XXX why 2? ENABLE_IPV6 is not used. */
#define ENABLE_IPV6 1
#define INET6 1
/* Define if you enable support for the libsmi. */
/* #undef LIBSMI */
/* Is T_AAAA predefined? */
#define HAVE_AAAA 1
/* Fallback definition if not in headers */
/* XXX why is this not #ifndef HAVE_AAA #define T_AAAA ... ? */
/* XXX or even #ifndef T_AAAA ... */
/* #undef T_AAAA */
/* define if you have struct __res_state_ext */
#define HAVE_RES_STATE_EXT 1
/* define if your struct __res_state has the nsort member */
#define HAVE_NEW_RES_STATE 1
/*
* define if struct ether_header.ether_dhost is a struct with ether_addr_octet
*/
/* #undef ETHER_HEADER_HAS_EA */
/*
* define if struct ether_arp.arp_sha is a struct with ether_addr_octet
*/
/* #undef ETHER_ARP_HAS_EA */
/* define if struct ether_arp contains arp_xsha */
/* #undef ETHER_ARP_HAS_X */
/* define if you have the addrinfo function. */
#define HAVE_ADDRINFO 1
/* define if you need to include missing/addrinfoh.h. */
/* #undef NEED_ADDRINFO_H */
/* define ifyou have the h_errno variable. */
#define HAVE_H_ERRNO 1
/* define if IN6ADDRSZ is defined (XXX not used!) */
#define HAVE_IN6ADDRSZ 1
/* define if INADDRSZ is defined (XXX not used!) */
#define HAVE_INADDRSZ 1
/* define if you have <net/slip.h> */
#define HAVE_NET_SLIP_H 1
/* define if this is a development version, to use additional prototypes. */
/* #undef HAVE_OS_PROTO_H */
/* define if <unistd.h> defines __P() */
#define HAVE_PORTABLE_PROTOTYPE 1
/* define if RES_USE_INET6 is defined */
#define HAVE_RES_USE_INET6 1
/* define if struct sockaddr has the sa_len member */
#define HAVE_SOCKADDR_SA_LEN 1
/* define if you have struct sockaddr_storage */
#define HAVE_SOCKADDR_STORAGE 1
/* define if unaligned memory accesses fail */
/* #undef LBL_ALIGN */
/* The successful return value from signal (?)XXX */
#define RETSIGVAL
/* Define this on IRIX */
/* #undef _BSD_SIGNALS */
/* For HP/UX ANSI compiler? */
/* #undef _HPUX_SOURCE */
/* AIX hack. */
/* #undef _SUN */
/* OSF hack: "Workaround around ip_hl vs. ip_vhl problem in netinet/ip.h" */
/* #undef __STDC__ */
/* Workaround for missing sized types */
/* XXX this should move to the more standard uint*_t */
/* #undef int16_t */
/* #undef int32_t */
/* #undef u_int16_t */
/* #undef u_int32_t */
/* #undef u_int8_t */
/* The number of bytes in a char. */
#define SIZEOF_CHAR 1
/* The number of bytes in a int. */
#define SIZEOF_INT 4
/* The number of bytes in a long. */
#define SIZEOF_LONG 4
/* The number of bytes in a short. */
#define SIZEOF_SHORT 2
/* Define if you have the ether_ntohost function. */
#define HAVE_ETHER_NTOHOST 1
/* Define if you have the getaddrinfo function. */
#define HAVE_GETADDRINFO 1
/* Define if you have the gethostbyname2 function. */
#define HAVE_GETHOSTBYNAME2 1
/* Define if you have the getnameinfo function. */
#define HAVE_GETNAMEINFO 1
/* Define if you have the inet_aton function. */
#define HAVE_INET_ATON 1
/* Define if you have the inet_ntop function. */
#define HAVE_INET_NTOP 1
/* Define if you have the inet_pton function. */
#define HAVE_INET_PTON 1
/* Define if you have the pfopen function. */
/* #undef HAVE_PFOPEN */
/* Define if you have the setlinebuf function. */
#define HAVE_SETLINEBUF 1
/* Define if you have the sigaction function. */
#define HAVE_SIGACTION 1
/* Define if you have the sigset function. */
/* #undef HAVE_SIGSET */
/* Define if you have the strcasecmp function. */
#define HAVE_STRCASECMP 1
/* Define if you have the vfprintf function. */
#define HAVE_VFPRINTF 1
/* Define if you have the <cast.h> header file. */
/* #undef HAVE_CAST_H */
/* Define if you have the <fcntl.h> header file. */
#define HAVE_FCNTL_H 1
/* Define if you have the <malloc.h> header file. */
/* #undef HAVE_MALLOC_H */
/* Define if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define if you have the <net/slip.h> header file. */
#define HAVE_NET_SLIP_H 1
/* Define if you have the <rc5.h> header file. */
/* #undef HAVE_RC5_H */
/* Define if you have the <rpc/rpcent.h> header file. */
/* #undef HAVE_RPC_RPCENT_H */
/* Define if you have the <smi.h> header file. */
/* #undef HAVE_SMI_H */
/* Define if you have the <zlib.h> header file. */
#define HAVE_ZLIB_H 1
/* Define if you have the crypto library (-lcrypto). */
/* #undef HAVE_LIBCRYPTO */
/* Define if you have the dnet library (-ldnet). */
/* #undef HAVE_LIBDNET */
/* Define if you have the resolv library (-lresolv). */
/* #undef HAVE_LIBRESOLV */
/* Define if you have the rpc library (-lrpc). */
/* #undef HAVE_LIBRPC */
/* Define if you have the smi library (-lsmi). */
/* #undef HAVE_LIBSMI */
/* Define if you have the socket library (-lsocket). */
/* #undef HAVE_LIBSOCKET */
/* Define if you have the str library (-lstr). */
/* #undef HAVE_LIBSTR */
/* Define if you have the z library (-lz). */
#define HAVE_LIBZ 1