diff --git a/contrib/tcpdump/acsite.m4 b/contrib/tcpdump/acsite.m4 deleted file mode 100644 index 746faf1e1a4f..000000000000 --- a/contrib/tcpdump/acsite.m4 +++ /dev/null @@ -1,505 +0,0 @@ -dnl @(#) $Header: acsite.m4,v 1.41 96/11/29 15:30:40 leres Exp $ (LBL) -dnl -dnl Copyright (c) 1995, 1996 -dnl The Regents of the University of California. All rights reserved. -dnl -dnl Redistribution and use in source and binary forms, with or without -dnl modification, are permitted provided that: (1) source code distributions -dnl retain the above copyright notice and this paragraph in its entirety, (2) -dnl distributions including binary code include the above copyright notice and -dnl this paragraph in its entirety in the documentation or other materials -dnl provided with the distribution, and (3) all advertising materials mentioning -dnl features or use of this software display the following acknowledgement: -dnl ``This product includes software developed by the University of California, -dnl Lawrence Berkeley Laboratory and its contributors.'' Neither the name of -dnl the University nor the names of its contributors may be used to endorse -dnl or promote products derived from this software without specific prior -dnl written permission. -dnl THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED -dnl WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF -dnl MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -dnl -dnl LBL autoconf macros -dnl - -dnl -dnl Determine which compiler we're using (cc or gcc) -dnl If using gcc, determine the version number -dnl If using cc, require that it support ansi prototypes -dnl If using gcc, use -O2 (otherwise use -O) -dnl If using cc, explicitly specify /usr/local/include -dnl -dnl usage: -dnl -dnl AC_LBL_C_INIT(copt, incls) -dnl -dnl results: -dnl -dnl $1 (copt set) -dnl $2 (incls set) -dnl CC -dnl ac_cv_gcc_vers -dnl LBL_CFLAGS -dnl -dnl XXX need to add test to make sure ac_prog_cc hasn't been called -AC_DEFUN(AC_LBL_C_INIT, - [AC_PREREQ(2.12) - $1=-O - $2="" - if test "${CFLAGS+set}" = set; then - LBL_CFLAGS="$CFLAGS" - fi - if test -z "$CC" ; then - case "$target_os" in - - bsdi*) - AC_CHECK_PROG(SHLICC2, shlicc2, yes, no) - if test $SHLICC2 = yes ; then - CC=shlicc2 - export CC - fi - ;; - esac - fi - AC_PROG_CC - if test $ac_cv_prog_gcc = yes ; then - if test "$SHLICC2" = yes ; then - ac_cv_gcc_vers=2 - $1=-O2 - else - AC_MSG_CHECKING(gcc version) - AC_CACHE_VAL(ac_cv_gcc_vers, - ac_cv_gcc_vers=`$CC -v 2>&1 | \ - sed -n -e '$s/.* //' -e '$s/\..*//p'`) - AC_MSG_RESULT($ac_cv_gcc_vers) - if test $ac_cv_gcc_vers -gt 1 ; then - $1=-O2 - fi - fi - else - AC_MSG_CHECKING(that $CC handles ansi prototypes) - AC_CACHE_VAL(ac_cv_cc_ansi_prototypes, - AC_TRY_COMPILE( - [#include ], - [int frob(int, char *)], - ac_cv_cc_ansi_prototypes=yes, - ac_cv_cc_ansi_prototypes=no)) - AC_MSG_RESULT($ac_cv_cc_ansi_prototypes) - if test $ac_cv_cc_ansi_prototypes = no ; then - case "$target_os" in - - hpux*) - AC_MSG_CHECKING(for HP-UX ansi compiler ($CC -Aa -D_HPUX_SOURCE)) - savedcflags="$CFLAGS" - CFLAGS="-Aa -D_HPUX_SOURCE $CFLAGS" - AC_CACHE_VAL(ac_cv_cc_hpux_cc_aa, - AC_TRY_COMPILE( - [#include ], - [int frob(int, char *)], - ac_cv_cc_hpux_cc_aa=yes, - ac_cv_cc_hpux_cc_aa=no)) - AC_MSG_RESULT($ac_cv_cc_hpux_cc_aa) - if test $ac_cv_cc_hpux_cc_aa = no ; then - AC_MSG_ERROR(see the INSTALL for more info) - fi - CFLAGS="$savedcflags" - V_CCOPT="-Aa $V_CCOPT" - AC_DEFINE(_HPUX_SOURCE) - ;; - - *) - AC_MSG_ERROR(see the INSTALL for more info) - ;; - esac - fi - $2=-I/usr/local/include - - case "$target_os" in - - irix*) - V_CCOPT="$V_CCOPT -xansi -signed -g3" - ;; - - osf*) - V_CCOPT="$V_CCOPT -g3" - ;; - - ultrix*) - AC_MSG_CHECKING(that Ultrix $CC hacks const in prototypes) - AC_CACHE_VAL(ac_cv_cc_const_proto, - AC_TRY_COMPILE( - [#include ], - [struct a { int b; }; - void c(const struct a *)], - ac_cv_cc_const_proto=yes, - ac_cv_cc_const_proto=no)) - AC_MSG_RESULT($ac_cv_cc_const_proto) - if test $ac_cv_cc_const_proto = no ; then - AC_DEFINE(const,) - fi - ;; - esac - fi -]) - -dnl -dnl Use pfopen.c if available and pfopen() not in standard libraries -dnl Require libpcap -dnl Look for libpcap in .. -dnl Use the installed libpcap if there is no local version -dnl -dnl usage: -dnl -dnl AC_LBL_LIBPCAP(pcapdep, incls) -dnl -dnl results: -dnl -dnl $1 (pcapdep set) -dnl $2 (incls appended) -dnl LIBS -dnl -AC_DEFUN(AC_LBL_LIBPCAP, - [pfopen=/usr/examples/packetfilter/pfopen.c - if test -f $pfopen ; then - AC_CHECK_FUNCS(pfopen) - if test $ac_cv_func_pfopen = "no" ; then - AC_MSG_RESULT(Using $pfopen) - LIBS="$LIBS $pfopen" - fi - fi - AC_MSG_CHECKING(for local pcap library) - libpcap=FAIL - lastdir=FAIL - places=`ls .. | sed -e 's,/$,,' -e 's,^,../,' | \ - egrep '/libpcap-[[0-9]]*\.[[0-9]]*(\.[[0-9]]*)?([[ab]][[0-9]]*)?$'` - for dir in $places ../libpcap libpcap ; do - basedir=`echo $dir | sed -e 's/[[ab]][[0-9]]*$//'` - if test $lastdir = $basedir ; then - dnl skip alphas when an actual release is present - continue; - fi - lastdir=$dir - if test -r $dir/pcap.c ; then - libpcap=$dir/libpcap.a - d=$dir - dnl continue and select the last one that exists - fi - done - if test $libpcap = FAIL ; then - AC_MSG_RESULT(not found) - AC_CHECK_LIB(pcap, main, libpcap="-lpcap") - if test $libpcap = FAIL ; then - AC_MSG_ERROR(see the INSTALL doc for more info) - fi - else - $1=$libpcap - $2="-I$d $$2" - AC_MSG_RESULT($libpcap) - fi - LIBS="$libpcap $LIBS"]) - -dnl -dnl Define RETSIGTYPE and RETSIGVAL -dnl -dnl usage: -dnl -dnl AC_LBL_TYPE_SIGNAL -dnl -dnl results: -dnl -dnl RETSIGTYPE (defined) -dnl RETSIGVAL (defined) -dnl -AC_DEFUN(AC_LBL_TYPE_SIGNAL, - [AC_TYPE_SIGNAL - if test "$ac_cv_type_signal" = void ; then - AC_DEFINE(RETSIGVAL,) - else - AC_DEFINE(RETSIGVAL,(0)) - fi - case "$target_os" in - - irix*) - AC_DEFINE(_BSD_SIGNALS) - ;; - - *) - AC_CHECK_FUNCS(sigset) - if test $ac_cv_func_sigset = yes ; then - AC_DEFINE(signal, sigset) - fi - ;; - esac]) - -dnl -dnl If using gcc, see if fixincludes should be run -dnl -dnl usage: -dnl -dnl AC_LBL_FIXINCLUDES -dnl -AC_DEFUN(AC_LBL_FIXINCLUDES, - [if test $ac_cv_prog_gcc = yes ; then - AC_MSG_CHECKING(if fixincludes is needed) - AC_CACHE_VAL(ac_cv_gcc_fixincludes, - AC_TRY_COMPILE( - [/* - * This generates a "duplicate case value" when fixincludes - * has not be run. - */ -# include -# include -# include -# ifdef HAVE_SYS_IOCCOM_H -# include -# endif], - [switch (0) { - case _IO('A', 1):; - case _IO('B', 1):; - }], - ac_cv_gcc_fixincludes=yes, - ac_cv_gcc_fixincludes=no)) - AC_MSG_RESULT($ac_cv_gcc_fixincludes) - if test $ac_cv_gcc_fixincludes = no ; then - # Don't cache failure - unset ac_cv_gcc_fixincludes - AC_MSG_ERROR(see the INSTALL for more info) - fi - fi]) - -dnl -dnl Check for flex, default to lex -dnl Require flex 2.4 or higher -dnl Check for bison, default to yacc -dnl Default to lex/yacc if both flex and bison are not available -dnl Define the yy prefix string if using flex and bison -dnl -dnl usage: -dnl -dnl AC_LBL_LEX_AND_YACC(lex, yacc, yyprefix) -dnl -dnl results: -dnl -dnl $1 (lex set) -dnl $2 (yacc appended) -dnl $3 (optional flex and bison -P prefix) -dnl -AC_DEFUN(AC_LBL_LEX_AND_YACC, - [AC_CHECK_PROGS($1, flex, lex) - if test "$$1" = flex ; then - # The -V flag was added in 2.4 - AC_MSG_CHECKING(for flex 2.4 or higher) - AC_CACHE_VAL(ac_cv_flex_v24, - if flex -V >/dev/null 2>&1; then - ac_cv_flex_v24=yes - else - ac_cv_flex_v24=no - fi) - AC_MSG_RESULT($ac_cv_flex_v24) - if test $ac_cv_flex_v24 = no ; then - s="2.4 or higher required" - AC_MSG_WARN(ignoring obsolete flex executable ($s)) - $1=lex - fi - fi - AC_CHECK_PROGS($2, bison, yacc) - if test "$$2" = bison ; then - $2="$$2 -y" - fi - if test "$$1" != lex -a "$$2" = yacc -o "$$1" = lex -a "$$2" != yacc ; then - AC_MSG_WARN(don't have both flex and bison; reverting to lex/yacc) - $1=lex - $2=yacc - fi - if test "$$1" = flex -a -n "$3" ; then - $1="$$1 -P$3" - $2="$$2 -p $3" - fi]) - -dnl -dnl Checks to see if union wait is used with WEXITSTATUS() -dnl -dnl usage: -dnl -dnl AC_LBL_UNION_WAIT -dnl -dnl results: -dnl -dnl DECLWAITSTATUS (defined) -dnl -AC_DEFUN(AC_LBL_UNION_WAIT, - [AC_MSG_CHECKING(if union wait is used) - AC_CACHE_VAL(ac_cv_union_wait, - AC_TRY_COMPILE([ -# include -# include ], - [int status; - u_int i = WEXITSTATUS(status); - u_int j = waitpid(0, &status, 0);], - ac_cv_union_wait=no, - ac_cv_union_wait=yes)) - AC_MSG_RESULT($ac_cv_union_wait) - if test $ac_cv_union_wait = yes ; then - AC_DEFINE(DECLWAITSTATUS,union wait) - else - AC_DEFINE(DECLWAITSTATUS,int) - fi]) - -dnl -dnl Checks to see if the sockaddr struct has the 4.4 BSD sa_len member -dnl -dnl usage: -dnl -dnl AC_LBL_SOCKADDR_SA_LEN -dnl -dnl results: -dnl -dnl HAVE_SOCKADDR_SA_LEN (defined) -dnl -AC_DEFUN(AC_LBL_SOCKADDR_SA_LEN, - [AC_MSG_CHECKING(if sockaddr struct has sa_len member) - AC_CACHE_VAL(ac_cv_sockaddr_has_sa_len, - AC_TRY_COMPILE([ -# include -# include ], - [u_int i = sizeof(((struct sockaddr *)0)->sa_len)], - ac_cv_sockaddr_has_sa_len=yes, - ac_cv_sockaddr_has_sa_len=no)) - AC_MSG_RESULT($ac_cv_sockaddr_has_sa_len) - if test $ac_cv_sockaddr_has_sa_len = yes ; then - AC_DEFINE(HAVE_SOCKADDR_SA_LEN) - fi]) - -dnl -dnl Checks to see if -R is used -dnl -dnl usage: -dnl -dnl AC_LBL_HAVE_RUN_PATH -dnl -dnl results: -dnl -dnl ac_cv_have_run_path (yes or no) -dnl -AC_DEFUN(AC_LBL_HAVE_RUN_PATH, - [AC_MSG_CHECKING(for ${CC-cc} -R) - AC_CACHE_VAL(ac_cv_have_run_path, - [echo 'main(){}' > conftest.c - ${CC-cc} -o conftest conftest.c -R/a1/b2/c3 >conftest.out 2>&1 - if test ! -s conftest.out ; then - ac_cv_have_run_path=yes - else - ac_cv_have_run_path=no - fi - rm -f conftest*]) - AC_MSG_RESULT($ac_cv_have_run_path) - ]) - -dnl -dnl Checks to see if unaligned memory accesses fail -dnl -dnl usage: -dnl -dnl AC_LBL_UNALIGNED_ACCESS -dnl -dnl results: -dnl -dnl LBL_ALIGN (DEFINED) -dnl -AC_DEFUN(AC_LBL_UNALIGNED_ACCESS, - [AC_MSG_CHECKING(if unaligned accesses fail) - AC_CACHE_VAL(ac_cv_unaligned_fail, - [case "$target_cpu" in - - alpha|hp*|mips|sparc) - ac_cv_unaligned_fail=yes - ;; - - *) - cat >conftest.c < -# include -# include - unsigned char a[[5]] = { 1, 2, 3, 4, 5 }; - main() { - unsigned int i; - pid_t pid; - int status; - /* avoid "core dumped" message */ - pid = fork(); - if (pid < 0) - exit(2); - if (pid > 0) { - /* parent */ - pid = waitpid(pid, &status, 0); - if (pid < 0) - exit(3); - exit(!WIFEXITED(status)); - } - /* child */ - i = *(unsigned int *)&a[[1]]; - printf("%d\n", i); - exit(0); - } -EOF - ${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS \ - conftest.c $LIBS >/dev/null 2>&1 - if test ! -x conftest ; then - dnl failed to compile for some reason - ac_cv_unaligned_fail=yes - else - ./conftest >conftest.out - if test ! -s conftest.out ; then - ac_cv_unaligned_fail=yes - else - ac_cv_unaligned_fail=no - fi - fi - rm -f conftest* core core.conftest - ;; - esac]) - AC_MSG_RESULT($ac_cv_unaligned_fail) - if test $ac_cv_unaligned_fail = yes ; then - AC_DEFINE(LBL_ALIGN) - fi]) - -dnl -dnl If using gcc and the file .devel exists: -dnl Compile with -g (if supported) and -Wall -dnl If using gcc 2, do extra prototype checking -dnl If an os prototype include exists, symlink os-proto.h to it -dnl -dnl usage: -dnl -dnl AC_LBL_DEVEL(copt) -dnl -dnl results: -dnl -dnl $1 (copt appended) -dnl HAVE_OS_PROTO_H (defined) -dnl os-proto.h (symlinked) -dnl -AC_DEFUN(AC_LBL_DEVEL, - [rm -f os-proto.h - if test "${LBL_CFLAGS+set}" = set; then - $1="$$1 ${LBL_CFLAGS}" - fi - if test $ac_cv_prog_gcc = yes -a -f .devel ; then - if test "${LBL_CFLAGS+set}" != set; then - if test "$ac_cv_prog_cc_g" = yes ; then - $1="-g $$1" - fi - $1="$$1 -Wall" - if test $ac_cv_gcc_vers -gt 1 ; then - $1="$$1 -Wmissing-prototypes -Wstrict-prototypes" - fi - fi - os=`echo $target_os | sed -e 's/\([[0-9]][[0-9]]*\)[[^0-9]].*$/\1/'` - name="lbl/os-$os.h" - if test -f $name ; then - ln -s $name os-proto.h - AC_DEFINE(HAVE_OS_PROTO_H) - else - AC_MSG_WARN(can't find $name) - fi - fi]) diff --git a/contrib/tcpdump/addrtoname.c b/contrib/tcpdump/addrtoname.c index 4067f9654e3c..4ed24fc3f829 100644 --- a/contrib/tcpdump/addrtoname.c +++ b/contrib/tcpdump/addrtoname.c @@ -20,10 +20,16 @@ * * Internet, ethernet, port, and protocol string to address * and address to string conversion routines + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: addrtoname.c,v 1.61 97/06/15 13:20:18 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/addrtoname.c,v 1.64 1999/11/21 09:36:44 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -39,6 +45,10 @@ struct rtentry; #include #include +#ifdef INET6 +#include +#endif + #include #include @@ -85,6 +95,16 @@ struct hnamemem eprototable[HASHNAMESIZE]; struct hnamemem dnaddrtable[HASHNAMESIZE]; struct hnamemem llcsaptable[HASHNAMESIZE]; +#ifdef INET6 +struct h6namemem { + struct in6_addr addr; + char *name; + struct h6namemem *nxt; +}; + +struct h6namemem h6nametable[HASHNAMESIZE]; +#endif /* INET6 */ + struct enamemem { u_short e_addr0; u_short e_addr1; @@ -171,39 +191,7 @@ getname(const u_char *ap) #ifndef LBL_ALIGN addr = *(const u_int32_t *)ap; #else - /* - * Extract 32 bits in network order, dealing with alignment. - */ - switch ((long)ap & 3) { - - case 0: - addr = *(u_int32_t *)ap; - break; - - case 2: -#ifdef WORDS_BIGENDIAN - addr = ((u_int32_t)*(u_short *)ap << 16) | - (u_int32_t)*(u_short *)(ap + 2); -#else - addr = ((u_int32_t)*(u_short *)(ap + 2) << 16) | - (u_int32_t)*(u_short *)ap; -#endif - break; - - default: -#ifdef WORDS_BIGENDIAN - addr = ((u_int32_t)ap[0] << 24) | - ((u_int32_t)ap[1] << 16) | - ((u_int32_t)ap[2] << 8) | - (u_int32_t)ap[3]; -#else - addr = ((u_int32_t)ap[3] << 24) | - ((u_int32_t)ap[2] << 16) | - ((u_int32_t)ap[1] << 8) | - (u_int32_t)ap[0]; -#endif - break; - } + memcpy(&addr, ap, sizeof(addr)); #endif p = &hnametable[addr & (HASHNAMESIZE-1)]; for (; p->nxt; p = p->nxt) { @@ -249,6 +237,71 @@ getname(const u_char *ap) return (p->name); } +#ifdef INET6 +/* + * Return a name for the IP6 address pointed to by ap. This address + * is assumed to be in network byte order. + */ +char * +getname6(const u_char *ap) +{ + register struct hostent *hp; + struct in6_addr addr; + static struct h6namemem *p; /* static for longjmp() */ + register char *cp; + char ntop_buf[INET6_ADDRSTRLEN]; + + memcpy(&addr, ap, sizeof(addr)); + p = &h6nametable[*(u_int16_t *)&addr.s6_addr[14] & (HASHNAMESIZE-1)]; + for (; p->nxt; p = p->nxt) { + if (memcmp(&p->addr, &addr, sizeof(addr)) == 0) + return (p->name); + } + p->addr = addr; + p->nxt = newh6namemem(); + + /* + * Only print names when: + * (1) -n was not given. + * (2) Address is foreign and -f was given. (If -f was not + * give, f_netmask and f_local are 0 and the test + * evaluates to true) + * (3) -a was given or the host portion is not all ones + * nor all zeros (i.e. not a network or broadcast address) + */ + if (!nflag +#if 0 + && + (addr & f_netmask) == f_localnet && + (aflag || + !((addr & ~netmask) == 0 || (addr | netmask) == 0xffffffff)) +#endif + ) { + if (!setjmp(getname_env)) { + (void)setsignal(SIGALRM, nohostname); + (void)alarm(20); + hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6); + (void)alarm(0); + if (hp) { + char *dotp; + + p->name = savestr(hp->h_name); + if (Nflag) { + /* Remove domain qualifications */ + dotp = strchr(p->name, '.'); + if (dotp) + *dotp = '\0'; + } + return (p->name); + } + } + } + cp = (char *)inet_ntop(AF_INET6, &addr, ntop_buf, sizeof(ntop_buf)); + p->name = savestr(cp); + return (p->name); +} +#endif /* INET6 */ + static char hex[] = "0123456789abcdef"; @@ -765,3 +818,24 @@ newhnamemem(void) p = ptr++; return (p); } + +#ifdef INET6 +/* Return a zero'ed h6namemem struct and cuts down on calloc() overhead */ +struct h6namemem * +newh6namemem(void) +{ + register struct h6namemem *p; + static struct h6namemem *ptr = NULL; + static u_int num = 0; + + if (num <= 0) { + num = 64; + ptr = (struct h6namemem *)calloc(num, sizeof (*ptr)); + if (ptr == NULL) + error("newh6namemem: calloc"); + } + --num; + p = ptr++; + return (p); +} +#endif /* INET6 */ diff --git a/contrib/tcpdump/ethertype.h b/contrib/tcpdump/ethertype.h index 487183a5b9bf..56bfa3c69ed1 100644 --- a/contrib/tcpdump/ethertype.h +++ b/contrib/tcpdump/ethertype.h @@ -18,7 +18,7 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Header: ethertype.h,v 1.6 96/07/14 18:21:49 leres Exp $ (LBL) + * @(#) $Header: /tcpdump/master/tcpdump/ethertype.h,v 1.7.2.1 2000/01/29 22:00:12 fenner Exp $ (LBL) * $FreeBSD$ */ @@ -72,14 +72,20 @@ #ifndef ETHERTYPE_AARP #define ETHERTYPE_AARP 0x80f3 #endif +#ifndef ETHERTYPE_8021Q +#define ETHERTYPE_8021Q 0x8100 +#endif #ifndef ETHERTYPE_IPX #define ETHERTYPE_IPX 0x8137 #endif -#ifndef ETHERTYPE_PPPOE_DISC -#define ETHERTYPE_PPPOE_DISC 0x8863 +#ifndef ETHERTYPE_IPV6 +#define ETHERTYPE_IPV6 0x86dd #endif -#ifndef ETHERTYPE_PPPOE_SESS -#define ETHERTYPE_PPPOE_SESS 0x8864 +#ifndef ETHERTYPE_PPPOED +#define ETHERTYPE_PPPOED 0x8863 +#endif +#ifndef ETHERTYPE_PPPOES +#define ETHERTYPE_PPPOES 0x8864 #endif #ifndef ETHERTYPE_LOOPBACK #define ETHERTYPE_LOOPBACK 0x9000 diff --git a/contrib/tcpdump/interface.h b/contrib/tcpdump/interface.h index 7287a48134ae..f9081bb7f896 100644 --- a/contrib/tcpdump/interface.h +++ b/contrib/tcpdump/interface.h @@ -18,7 +18,7 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Header: interface.h,v 1.105 97/04/26 13:39:58 leres Exp $ (LBL) + * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.118 1999/12/22 15:44:09 itojun Exp $ (LBL) * $FreeBSD$ */ @@ -42,10 +42,16 @@ extern int fflag; /* don't translate "foreign" IP address */ extern int nflag; /* leave addresses as numbers */ extern int Nflag; /* remove domains from printed host names */ extern int qflag; /* quick (shorter) output */ +extern int Rflag; /* print sequence # field in AH/ESP*/ +extern int sflag; /* use the libsmi to translate OIDs */ extern int Sflag; /* print raw TCP sequence numbers */ extern int tflag; /* print packet arrival time */ extern int vflag; /* verbose */ extern int xflag; /* print packet in hex */ +extern int Xflag; /* print packet in hex/ascii */ + +extern char *ahsecret; +extern char *espsecret; extern int packettype; /* as specified by -T */ #define PT_VAT 1 /* Visual Audio Tool */ @@ -53,6 +59,7 @@ extern int packettype; /* as specified by -T */ #define PT_RPC 3 /* Remote Procedure Call */ #define PT_RTP 4 /* Real-Time Applications protocol */ #define PT_RTCP 5 /* Real-Time Applications control protocol */ +#define PT_SNMP 6 /* Simple Network Management Protocol */ #ifndef min #define min(a,b) ((a)>(b)?(b):(a)) @@ -61,6 +68,7 @@ extern int packettype; /* as specified by -T */ #define max(a,b) ((b)>(a)?(b):(a)) #endif +#ifndef INET6 /* * The default snapshot length. This value allows most printers to print * useful information while keeping the amount of unwanted data down. @@ -68,6 +76,9 @@ extern int packettype; /* as specified by -T */ * 14 bytes of data (assuming no ip options). */ #define DEFAULT_SNAPLEN 68 +#else +#define DEFAULT_SNAPLEN 96 +#endif #ifndef BIG_ENDIAN #define BIG_ENDIAN 4321 @@ -133,6 +144,7 @@ struct timeval; #endif extern void ts_print(const struct timeval *); +extern void relts_print(int); extern int fn_print(const u_char *, const u_char *); extern int fn_printn(const u_char *, u_int, const u_char *); @@ -162,6 +174,11 @@ extern char *dnnum_string(u_short); struct pcap_pkthdr; #endif +extern void ascii_print_with_offset(const u_char *, u_int, u_int); +extern void ascii_print(const u_char *, u_int); +extern void hex_print_with_offset(const u_char *, u_int, u_int); +extern void telnet_print(const u_char *, u_int); +extern void hex_print(const u_char *, u_int); extern int ether_encap_print(u_short, const u_char *, u_int, u_int); extern int llc_print(const u_char *, u_int, u_int, const u_char *, const u_char *); @@ -170,6 +187,7 @@ extern void arp_print(const u_char *, u_int, u_int); extern void atalk_print(const u_char *, u_int); extern void atm_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void bootp_print(const u_char *, u_int, u_short, u_short); +extern void bgp_print(const u_char *, int); extern void decnet_print(const u_char *, u_int, u_int); extern void default_print(const u_char *, u_int); extern void default_print_unaligned(const u_char *, u_int); @@ -181,7 +199,7 @@ extern void token_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void fddi_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void gre_print(const u_char *, u_int); -extern void icmp_print(const u_char *, const u_char *); +extern void icmp_print(const u_char *, u_int, const u_char *); extern void igrp_print(const u_char *, u_int, const u_char *); extern void ip_print(const u_char *, u_int); extern void ipx_print(const u_char *, u_int); @@ -194,19 +212,55 @@ extern void ns_print(const u_char *, u_int); extern void ntp_print(const u_char *, u_int); extern void null_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void ospf_print(const u_char *, u_int, const u_char *); +extern void pimv1_print(const u_char *, u_int); +extern void cisco_autorp_print(const u_char *, u_int); +extern void mobile_print(const u_char *, u_int); extern void pim_print(const u_char *, u_int); +extern void pppoe_print(const u_char *, u_int); extern void ppp_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void ppp_bsdos_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); -extern void pppoe_print(const u_char *, u_int); +extern int vjc_print(register const char *, register u_int, u_short); extern void raw_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void rip_print(const u_char *, u_int); extern void sl_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); +extern void lane_if_print(u_char *, const struct pcap_pkthdr *,const u_char *); +extern void cip_if_print(u_char *, const struct pcap_pkthdr *,const u_char *); extern void sl_bsdos_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); +extern void chdlc_if_print(u_char *, const struct pcap_pkthdr *, + const u_char *); extern void snmp_print(const u_char *, u_int); extern void sunrpcrequest_print(const u_char *, u_int, const u_char *); extern void tcp_print(const u_char *, u_int, const u_char *); extern void tftp_print(const u_char *, u_int); extern void udp_print(const u_char *, u_int, const u_char *); extern void wb_print(const void *, u_int); +extern int ah_print(register const u_char *, register const u_char *); +extern int esp_print(register const u_char *, register const u_char *, int *); +extern void isakmp_print(const u_char *, u_int, const u_char *); +extern int ipcomp_print(register const u_char *, register const u_char *, int *); +extern void rx_print(register const u_char *, int, int, int, u_char *); +extern void netbeui_print(const u_char *, const u_char *); +extern void ipx_netbios_print(const u_char *, const u_char *); +extern void nbt_tcp_print(const u_char *, int); +extern void nbt_udp137_print(const u_char *data, int); +extern void nbt_udp138_print(const u_char *data, int); +extern char *smb_errstr(int, int); +extern void print_data(const unsigned char *, int); +extern void l2tp_print(const u_char *, u_int); +extern void lcp_print(const u_char *, u_int); + +#ifdef INET6 +extern void ip6_print(const u_char *, int); +extern void ip6_opt_print(const u_char *, int); +extern int hbhopt_print(const u_char *); +extern int dstopt_print(const u_char *); +extern int frag6_print(const u_char *, const u_char *); +extern void icmp6_print(const u_char *, const u_char *); +extern void ripng_print(const u_char *, int); +extern int rt6_print(const u_char *, const u_char *); +extern void ospf6_print(const u_char *, u_int); +extern void dhcp6_print(const u_char *, u_int, u_short, u_short); +#endif /*INET6*/ +extern u_short in_cksum(const u_short *addr, register int len, u_short csum); diff --git a/contrib/tcpdump/nfs.h b/contrib/tcpdump/nfs.h index 045ebb1e3215..0887148dad13 100644 --- a/contrib/tcpdump/nfs.h +++ b/contrib/tcpdump/nfs.h @@ -35,6 +35,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * + * $FreeBSD$ * @(#)nfsproto.h 8.2 (Berkeley) 3/30/95 */ @@ -285,6 +286,10 @@ struct nfs_uquad { }; typedef struct nfs_uquad nfsuint64; +#if 0 /* XXX - this doesn't seemed to be used and it doesn't work + * with non-gcc, so comment it out for now. + */ + /* * Used to convert between two u_longs and a u_quad_t. */ @@ -294,6 +299,8 @@ union nfs_quadconvert { }; typedef union nfs_quadconvert nfsquad_t; +#endif + /* * NFS Version 3 special file number. */ diff --git a/contrib/tcpdump/nfsfh.h b/contrib/tcpdump/nfsfh.h index b295bc437e02..8a4541ecdc6f 100644 --- a/contrib/tcpdump/nfsfh.h +++ b/contrib/tcpdump/nfsfh.h @@ -1,12 +1,13 @@ /* - * $Header: nfsfh.h,v 1.6 96/12/16 03:40:31 leres Exp $ + * $Header: /tcpdump/master/tcpdump/nfsfh.h,v 1.8 1999/12/15 06:49:05 fenner Exp $ * * nfsfh.h - NFS file handle definitions (for portable use) * * Jeffrey C. Mogul * Digital Equipment Corporation * Western Research Laboratory - */ + * $FreeBSD$ + * $NetBSD: nfsfh.h,v 1.1.1.2 1997/10/03 17:25:13 christos Exp $ */ /* * Internal representation of dev_t, because different NFS servers diff --git a/contrib/tcpdump/parsenfsfh.c b/contrib/tcpdump/parsenfsfh.c index 8a9d78abe949..c59ad6aa317a 100644 --- a/contrib/tcpdump/parsenfsfh.c +++ b/contrib/tcpdump/parsenfsfh.c @@ -5,11 +5,17 @@ * Jeffrey C. Mogul * Digital Equipment Corporation * Western Research Laboratory + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: parsenfsfh.c,v 1.14 97/06/15 13:20:27 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/parsenfsfh.c,v 1.16 1999/11/21 09:36:47 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include diff --git a/contrib/tcpdump/ppp.h b/contrib/tcpdump/ppp.h index 8bf94e3c82be..da79154c7dc7 100644 --- a/contrib/tcpdump/ppp.h +++ b/contrib/tcpdump/ppp.h @@ -1,4 +1,4 @@ -/* @(#) $Header: ppp.h,v 1.7 95/05/04 17:52:46 mccanne Exp $ (LBL) */ +/* @(#) $Header: /tcpdump/master/tcpdump/ppp.h,v 1.8 1999/11/21 03:43:56 assar Exp $ (LBL) */ /* * Point to Point Protocol (PPP) RFC1331 * @@ -56,3 +56,4 @@ #define PPP_PAP 0xc023 /* Password Authentication Protocol */ #define PPP_LQM 0xc025 /* Link Quality Monitoring */ #define PPP_CHAP 0xc223 /* Challenge Handshake Authentication Protocol */ +extern struct tok ppptype2str[]; diff --git a/contrib/tcpdump/print-arp.c b/contrib/tcpdump/print-arp.c index c7578feed2e4..2af4bc1093e7 100644 --- a/contrib/tcpdump/print-arp.c +++ b/contrib/tcpdump/print-arp.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-arp.c,v 1.43 97/06/15 13:20:27 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-arp.c,v 1.44 1999/11/21 09:36:48 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include diff --git a/contrib/tcpdump/print-atalk.c b/contrib/tcpdump/print-atalk.c index ba369d9936d5..869881fa014f 100644 --- a/contrib/tcpdump/print-atalk.c +++ b/contrib/tcpdump/print-atalk.c @@ -19,11 +19,17 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * Format and print AppleTalk packets. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-atalk.c,v 1.48 97/05/28 12:50:58 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-atalk.c,v 1.51 1999/11/21 09:36:48 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -44,7 +50,6 @@ struct rtentry; #include #include #include -#include #include #include diff --git a/contrib/tcpdump/print-atm.c b/contrib/tcpdump/print-atm.c index c4629e22f00d..8fb95e786dc0 100644 --- a/contrib/tcpdump/print-atm.c +++ b/contrib/tcpdump/print-atm.c @@ -17,10 +17,16 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-atm.c,v 1.9 97/05/28 12:52:40 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-atm.c,v 1.12 1999/11/21 09:36:48 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -43,7 +49,6 @@ struct rtentry; #include #include #include -#include #include #include @@ -119,6 +124,12 @@ atm_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p) ip_print(p, length); break; +#ifdef INET6 + case ETHERTYPE_IPV6: + ip6_print(p, length); + break; +#endif /*INET6*/ + /*XXX this probably isn't right */ case ETHERTYPE_ARP: case ETHERTYPE_REVARP: diff --git a/contrib/tcpdump/print-bootp.c b/contrib/tcpdump/print-bootp.c index c9eb72b8f84a..7e15815dfc45 100644 --- a/contrib/tcpdump/print-bootp.c +++ b/contrib/tcpdump/print-bootp.c @@ -19,10 +19,16 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * Format and print bootp packets. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-bootp.c,v 1.46 98/07/18 13:33:58 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-bootp.c,v 1.48 1999/11/21 09:36:49 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -102,6 +108,8 @@ bootp_print(register const u_char *cp, u_int length, printf(" xid:0x%x", (u_int32_t)ntohl(bp->bp_xid)); if (bp->bp_secs) printf(" secs:%d", ntohs(bp->bp_secs)); + if (bp->bp_flags) + printf(" flags:0x%x", ntohs(bp->bp_flags)); /* Client's ip address */ TCHECK(bp->bp_ciaddr); @@ -207,6 +215,63 @@ static struct tok tag2str[] = { { TAG_SWAP_SERVER, "iSS" }, { TAG_ROOTPATH, "aRP" }, { TAG_EXTPATH, "aEP" }, +/* RFC2132 tags */ + { TAG_IP_FORWARD, "BIPF" }, + { TAG_NL_SRCRT, "BSRT" }, + { TAG_PFILTERS, "pPF" }, + { TAG_REASS_SIZE, "sRSZ" }, + { TAG_DEF_TTL, "bTTL" }, + { TAG_MTU_TIMEOUT, "lMA" }, + { TAG_MTU_TABLE, "sMT" }, + { TAG_INT_MTU, "sMTU" }, + { TAG_LOCAL_SUBNETS, "BLSN" }, + { TAG_BROAD_ADDR, "iBR" }, + { TAG_DO_MASK_DISC, "BMD" }, + { TAG_SUPPLY_MASK, "BMS" }, + { TAG_DO_RDISC, "BRD" }, + { TAG_RTR_SOL_ADDR, "iRSA" }, + { TAG_STATIC_ROUTE, "pSR" }, + { TAG_USE_TRAILERS, "BUT" }, + { TAG_ARP_TIMEOUT, "lAT" }, + { TAG_ETH_ENCAP, "BIE" }, + { TAG_TCP_TTL, "bTT" }, + { TAG_TCP_KEEPALIVE, "lKI" }, + { TAG_KEEPALIVE_GO, "BKG" }, + { TAG_NIS_DOMAIN, "aYD" }, + { TAG_NIS_SERVERS, "iYS" }, + { TAG_NTP_SERVERS, "iNTP" }, + { TAG_VENDOR_OPTS, "bVO" }, + { TAG_NETBIOS_NS, "iWNS" }, + { TAG_NETBIOS_DDS, "iWDD" }, + { TAG_NETBIOS_NODE, "bWNT" }, + { TAG_NETBIOS_SCOPE, "aWSC" }, + { TAG_XWIN_FS, "iXFS" }, + { TAG_XWIN_DM, "iXDM" }, + { TAG_NIS_P_DOMAIN, "sN+D" }, + { TAG_NIS_P_SERVERS, "iN+S" }, + { TAG_MOBILE_HOME, "iMH" }, + { TAG_SMPT_SERVER, "iSMTP" }, + { TAG_POP3_SERVER, "iPOP3" }, + { TAG_NNTP_SERVER, "iNNTP" }, + { TAG_WWW_SERVER, "iWWW" }, + { TAG_FINGER_SERVER, "iFG" }, + { TAG_IRC_SERVER, "iIRC" }, + { TAG_STREETTALK_SRVR, "iSTS" }, + { TAG_STREETTALK_STDA, "iSTDA" }, + { TAG_REQUESTED_IP, "iRQ" }, + { TAG_IP_LEASE, "lLT" }, + { TAG_OPT_OVERLOAD, "bOO" }, + { TAG_TFTP_SERVER, "aTFTP" }, + { TAG_BOOTFILENAME, "aBF" }, + { TAG_DHCP_MESSAGE, " DHCP" }, + { TAG_SERVER_ID, "iSID" }, + { TAG_PARM_REQUEST, "bPR" }, + { TAG_MESSAGE, "aMSG" }, + { TAG_MAX_MSG_SIZE, "sMSZ" }, + { TAG_RENEWAL_TIME, "lRN" }, + { TAG_REBIND_TIME, "lRB" }, + { TAG_VENDOR_CLASS, "bVC" }, + { TAG_CLIENT_ID, "bCID" }, { 0, NULL } }; @@ -248,6 +313,35 @@ rfc1048_print(register const u_char *bp, register u_int length) return; } + if (tag == TAG_DHCP_MESSAGE && len == 1) { + c = *bp++; + switch (c) { + case DHCPDISCOVER: printf("DISCOVER"); break; + case DHCPOFFER: printf("OFFER"); break; + case DHCPREQUEST: printf("REQUEST"); break; + case DHCPDECLINE: printf("DECLINE"); break; + case DHCPACK: printf("ACK"); break; + case DHCPNAK: printf("NACK"); break; + case DHCPRELEASE: printf("RELEASE"); break; + case DHCPINFORM: printf("INFORM"); break; + default: printf("%u", c); break; + } + continue; + } + + if (tag == TAG_PARM_REQUEST) { + first = 1; + while (len-- > 0) { + c = *bp++; + cp = tok2str(tag2str, "?%d", c); + if (!first) + putchar('+'); + printf("%s", cp + 1); + first = 0; + } + continue; + } + /* Print data */ size = len; if (c == '?') { @@ -288,6 +382,22 @@ rfc1048_print(register const u_char *bp, register u_int length) } break; + case 'p': + /* IP address pairs */ + while (size >= 2*sizeof(ul)) { + if (!first) + putchar(','); + memcpy((char *)&ul, (char *)bp, sizeof(ul)); + printf("(%s:", ipaddr_string(&ul)); + bp += sizeof(ul); + memcpy((char *)&ul, (char *)bp, sizeof(ul)); + printf("%s)", ipaddr_string(&ul)); + bp += sizeof(ul); + size -= 2*sizeof(ul); + first = 0; + } + break; + case 's': /* shorts */ while (size >= sizeof(us)) { @@ -301,6 +411,28 @@ rfc1048_print(register const u_char *bp, register u_int length) } break; + case 'B': + /* boolean */ + while (size > 0) { + if (!first) + putchar(','); + switch (*bp) { + case 0: + putchar('N'); + break; + case 1: + putchar('Y'); + break; + default: + printf("%d?", *bp); + break; + } + ++bp; + --size; + first = 0; + } + break; + case 'b': default: /* Bytes */ diff --git a/contrib/tcpdump/print-domain.c b/contrib/tcpdump/print-domain.c index 7eb2e0c2803b..50f2ce2b63b5 100644 --- a/contrib/tcpdump/print-domain.c +++ b/contrib/tcpdump/print-domain.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-domain.c,v 1.39 97/06/13 12:56:28 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-domain.c,v 1.42 1999/11/21 09:36:50 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -42,7 +48,6 @@ struct rtentry; #include #include #include -#include #ifdef NOERROR #undef NOERROR /* Solaris sucks */ @@ -53,6 +58,7 @@ struct rtentry; #include #include +#include #include "interface.h" #include "addrtoname.h" @@ -101,6 +107,27 @@ struct rtentry; #ifndef T_LOC #define T_LOC 29 /* Location Information */ #endif +#ifndef T_NXT +#define T_NXT 30 /* Next Valid Name in Zone */ +#endif +#ifndef T_EID +#define T_EID 31 /* Endpoint identifier */ +#endif +#ifndef T_NIMLOC +#define T_NIMLOC 32 /* Nimrod locator */ +#endif +#ifndef T_SRV +#define T_SRV 33 /* Server selection */ +#endif +#ifndef T_ATMA +#define T_ATMA 34 /* ATM Address */ +#endif +#ifndef T_NAPTR +#define T_NAPTR 35 /* Naming Authority PoinTeR */ +#endif +#ifndef T_A6 +#define T_A6 38 /* IP6 address (ipngwg-dns-lookups) */ +#endif #ifndef T_UNSPEC #define T_UNSPEC 103 /* Unspecified format (binary data) */ @@ -219,7 +246,14 @@ static struct tok type2str[] = { { T_PX, "PX" }, { T_GPOS, "GPOS" }, { T_AAAA, "AAAA" }, - { T_LOC , "LOC " }, + { T_LOC, "LOC " }, + { T_NXT, "NXT " }, + { T_EID, "EID " }, + { T_NIMLOC, "NIMLOC " }, + { T_SRV, "SRV " }, + { T_ATMA, "ATMA " }, + { T_NAPTR, "NAPTR " }, + { T_A6, "A6 " }, #ifndef T_UINFO #define T_UINFO 100 #endif @@ -317,6 +351,9 @@ ns_rprint(register const u_char *cp, register const u_char *bp) case T_NS: case T_CNAME: case T_PTR: +#ifdef T_DNAME + case T_DNAME: /*XXX not checked as there's no server support yet*/ +#endif putchar(' '); (void)ns_nprint(cp, bp); break; @@ -332,6 +369,25 @@ ns_rprint(register const u_char *cp, register const u_char *bp) (void)ns_cprint(cp, bp); break; +#ifdef INET6 + case T_AAAA: + printf(" %s", ip6addr_string(cp)); + break; + + case T_A6: /*XXX not checked as there's no server support yet*/ + { + struct in6_addr a; + int pbyte; + + pbyte = (*cp + 7) / 8; + memset(&a, 0, sizeof(a)); + memcpy(&a, cp + 1, pbyte); + printf(" %u %s ", *cp, ip6addr_string(&a)); + (void)ns_nprint(cp + 1 + pbyte, bp); + break; + } +#endif /*INET6*/ + case T_UNSPECA: /* One long string */ printf(" %.*s", len, cp); break; diff --git a/contrib/tcpdump/print-ether.c b/contrib/tcpdump/print-ether.c index 4f267eaa4992..d33028d6fecf 100644 --- a/contrib/tcpdump/print-ether.c +++ b/contrib/tcpdump/print-ether.c @@ -22,7 +22,11 @@ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-ether.c,v 1.44 97/05/26 17:18:13 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ether.c,v 1.48 1999/11/21 09:36:51 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -43,11 +47,14 @@ struct rtentry; #include #include #include -#include #include #include +#ifdef INET6 +#include +#endif + #include "interface.h" #include "addrtoname.h" #include "ethertype.h" @@ -74,10 +81,12 @@ ether_print(register const u_char *bp, u_int length) length); } +static u_short extracted_ethertype; + /* * This is the top level routine of the printer. 'p' is the points - * to the ether header of the packet, 'tvp' is the timestamp, - * 'length' is the length of the packet off the wire, and 'caplen' + * to the ether header of the packet, 'h->tv' is the timestamp, + * 'h->length' is the length of the packet off the wire, and 'h->caplen' * is the number of bytes actually captured. */ void @@ -87,7 +96,6 @@ ether_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p) u_int length = h->len; struct ether_header *ep; u_short ether_type; - extern u_short extracted_ethertype; ts_print(&h->ts); @@ -154,19 +162,11 @@ ether_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p) * that might want to know what it is. */ -u_short extracted_ethertype; - int ether_encap_print(u_short ethertype, const u_char *p, u_int length, u_int caplen) { - if (ethertype == 0x8100) { /* IEEE 802.1Q vlan tagging encapsulation */ - printf ("[vlan %d] ", ntohs(*(u_short *)p) & 0x17ff); - ethertype = ntohs(((u_short *)p)[1]); - p += 4; - length -= 4; - caplen -= 4; - } + recurse: extracted_ethertype = ethertype; switch (ethertype) { @@ -175,6 +175,12 @@ ether_encap_print(u_short ethertype, const u_char *p, ip_print(p, length); return (1); +#ifdef INET6 + case ETHERTYPE_IPV6: + ip6_print(p, length); + return (1); +#endif /*INET6*/ + case ETHERTYPE_ARP: case ETHERTYPE_REVARP: arp_print(p, length, caplen); @@ -198,11 +204,38 @@ ether_encap_print(u_short ethertype, const u_char *p, ipx_print(p, length); return (1); - case ETHERTYPE_PPPOE_DISC: - case ETHERTYPE_PPPOE_SESS: - pppoe_print(p, length); + case ETHERTYPE_8021Q: + printf("802.1Q vlan#%d P%d%s", + ntohs(*(unsigned short*)p)&0xFFF, + ntohs(*(unsigned short*)p)>>13, + (ntohs(*(unsigned short*)p)&0x1000) ? " CFI" : ""); + ethertype = ntohs(*(unsigned short*)(p+2)); + p += 4; + length -= 4; + caplen -= 4; + if (ethertype > ETHERMTU) + goto recurse; + + extracted_ethertype = 0; + + if (llc_print(p, length, caplen, p-18, p-12) == 0) { + /* ether_type not known, print raw packet */ + if (!eflag) + ether_print(p-18, length+4); + if (extracted_ethertype) { + printf("(LLC %s) ", + etherproto_string(htons(extracted_ethertype))); + } + if (!xflag && !qflag) + default_print(p-18, caplen+4); + } return (1); + case ETHERTYPE_PPPOED: + case ETHERTYPE_PPPOES: + pppoe_print(p, length); + return (1); + case ETHERTYPE_LAT: case ETHERTYPE_SCA: case ETHERTYPE_MOPRC: diff --git a/contrib/tcpdump/print-fddi.c b/contrib/tcpdump/print-fddi.c index 1f3dde6a0618..d2526fa7814d 100644 --- a/contrib/tcpdump/print-fddi.c +++ b/contrib/tcpdump/print-fddi.c @@ -17,14 +17,19 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-fddi.c,v 1.36 97/05/26 17:13:35 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-fddi.c,v 1.40 1999/12/14 16:49:02 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif -#ifdef HAVE_FDDI #include #include #include @@ -57,7 +62,7 @@ struct rtentry; /* * Some FDDI interfaces use bit-swapped addresses. */ -#if defined(ultrix) || defined(__alpha) || defined(__bsdi) +#if defined(ultrix) || defined(__alpha) || defined(__bsdi) || defined(__NetBSD__) int fddi_bitswap = 0; #else int fddi_bitswap = 1; @@ -266,8 +271,8 @@ fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h, u_int caplen = h->caplen; u_int length = h->len; const struct fddi_header *fddip = (struct fddi_header *)p; - extern u_short extracted_ethertype; struct ether_header ehdr; + u_short extracted_ethertype; ts_print(&h->ts); @@ -335,19 +340,3 @@ fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h, out: putchar('\n'); } -#else -#include -#include - -#include - -#include "interface.h" -void -fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h, - register const u_char *p) -{ - - error("not configured for fddi"); - /* NOTREACHED */ -} -#endif diff --git a/contrib/tcpdump/print-icmp.c b/contrib/tcpdump/print-icmp.c index 70139e0a6433..ca2bf07afb26 100644 --- a/contrib/tcpdump/print-icmp.c +++ b/contrib/tcpdump/print-icmp.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-icmp.c,v 1.38 96/09/26 23:36:44 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-icmp.c,v 1.43 1999/11/22 04:28:21 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -43,7 +49,6 @@ struct rtentry; #include #include #include -#include #include #include @@ -163,7 +168,7 @@ struct id_rdiscovery { }; void -icmp_print(register const u_char *bp, register const u_char *bp2) +icmp_print(register const u_char *bp, u_int plen, register const u_char *bp2) { register char *cp; register const struct icmp *dp; @@ -178,9 +183,11 @@ icmp_print(register const u_char *bp, register const u_char *bp2) ip = (struct ip *)bp2; str = buf; +#if 0 (void)printf("%s > %s: ", ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); +#endif TCHECK(dp->icmp_code); switch (dp->icmp_type) { @@ -348,6 +355,19 @@ icmp_print(register const u_char *bp, register const u_char *bp2) break; } (void)printf("icmp: %s", str); + if (vflag) { + if (TTEST2(*bp, plen)) { + if (in_cksum((u_short*)dp, plen, 0)) + printf(" (wrong icmp csum)"); + } + } + if (vflag > 1 && !ICMP_INFOTYPE(dp->icmp_type)) { + bp += 8; + (void)printf(" for "); + ip = (struct ip *)bp; + snaplen = snapend - bp; + ip_print(bp, ntohs(ip->ip_len)); + } return; trunc: fputs("[|icmp]", stdout); diff --git a/contrib/tcpdump/print-ip.c b/contrib/tcpdump/print-ip.c index ebe06a5a5033..fe06efd48ee9 100644 --- a/contrib/tcpdump/print-ip.c +++ b/contrib/tcpdump/print-ip.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-ip.c,v 1.66 97/05/28 12:51:43 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.79 1999/12/22 06:27:21 itojun Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -35,7 +41,6 @@ static const char rcsid[] = #include #include #include -#include #ifdef HAVE_MALLOC_H #include @@ -67,21 +72,11 @@ struct tr_query { u_int tr_src; /* traceroute source */ u_int tr_dst; /* traceroute destination */ u_int tr_raddr; /* traceroute response address */ -#ifdef WORDS_BIGENDIAN - struct { - u_int ttl : 8; /* traceroute response ttl */ - u_int qid : 24; /* traceroute query id */ - } q; -#else - struct { - u_int qid : 24; /* traceroute query id */ - u_int ttl : 8; /* traceroute response ttl */ - } q; -#endif + u_int tr_rttlqid; /* response ttl and qid */ }; -#define tr_rttl q.ttl -#define tr_qid q.qid +#define TR_GETTTL(x) (int)(((x) >> 24) & 0xff) +#define TR_GETQID(x) ((x) & 0x00ffffff) /* * Traceroute response format. A traceroute response has a tr_query at the @@ -126,22 +121,24 @@ static void print_mtrace(register const u_char *bp, register u_int len) { register struct tr_query *tr = (struct tr_query *)(bp + 8); - printf("mtrace %d: %s to %s reply-to %s", tr->tr_qid, + printf("mtrace %lu: %s to %s reply-to %s", + (u_long)TR_GETQID(ntohl(tr->tr_rttlqid)), ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst), ipaddr_string(&tr->tr_raddr)); if (IN_CLASSD(ntohl(tr->tr_raddr))) - printf(" with-ttl %d", tr->tr_rttl); + printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid))); } static void print_mresp(register const u_char *bp, register u_int len) { register struct tr_query *tr = (struct tr_query *)(bp + 8); - printf("mresp %d: %s to %s reply-to %s", tr->tr_qid, + printf("mresp %lu: %s to %s reply-to %s", + (u_long)TR_GETQID(ntohl(tr->tr_rttlqid)), ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst), ipaddr_string(&tr->tr_raddr)); if (IN_CLASSD(ntohl(tr->tr_raddr))) - printf(" with-ttl %d", tr->tr_rttl); + printf(" with-ttl %d", TR_GETTTL(ntohl(tr->tr_rttlqid))); } static void @@ -155,13 +152,19 @@ igmp_print(register const u_char *bp, register u_int len, ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); + if (qflag) { + (void)printf("igmp"); + return; + } + TCHECK2(bp[0], 8); switch (bp[0]) { case 0x11: (void)printf("igmp %s query", bp[1] ? "v2" : "v1"); if (bp[1] && bp[1] != 100) (void)printf(" [intvl %d]", bp[1]); - if (*(int *)&bp[4]) + (void)printf("igmp query"); + if (EXTRACT_32BITS(&bp[4])) (void)printf(" [gaddr %s]", ipaddr_string(&bp[4])); if (len != 8) (void)printf(" [len %d]", len); @@ -191,8 +194,8 @@ igmp_print(register const u_char *bp, register u_int len, dvmrp_print(bp, len); break; case 0x14: - (void)printf("igmp pim"); - pim_print(bp, len); + (void)printf("igmp pimv1"); + pimv1_print(bp, len); break; case 0x1e: print_mresp(bp, len); @@ -207,21 +210,9 @@ igmp_print(register const u_char *bp, register u_int len, break; } - TCHECK2(bp[0], len); - if (vflag) { + if (vflag && TTEST2(bp[0], len)) { /* Check the IGMP checksum */ - u_int32_t sum = 0; - int count; - const u_short *sp = (u_short *)bp; - - for (count = len / 2; --count >= 0; ) - sum += *sp++; - if (len & 1) - sum += ntohs(*(u_char *) sp << 8); - while (sum >> 16) - sum = (sum & 0xffff) + (sum >> 16); - sum = 0xffff & ~sum; - if (sum != 0) + if (in_cksum((const u_short*)bp, len, 0)) printf(" bad igmp cksum %x!", EXTRACT_16BITS(&bp[2])); } return; @@ -254,6 +245,62 @@ ip_printroute(const char *type, register const u_char *cp, u_int length) printf("%s}", ptr == len? "#" : ""); } +static void +ip_printts(register const u_char *cp, u_int length) +{ + register u_int ptr = cp[2] - 1; + register u_int len = 0; + int hoplen; + char *type; + + printf(" TS{"); + hoplen = ((cp[3]&0xF) != IPOPT_TS_TSONLY) ? 8 : 4; + if ((length - 4) & (hoplen-1)) + printf("[bad length %d]", length); + if (ptr < 4 || ((ptr - 4) & (hoplen-1)) || ptr > length + 1) + printf("[bad ptr %d]", cp[2]); + switch (cp[3]&0xF) { + case IPOPT_TS_TSONLY: + printf("TSONLY"); + break; + case IPOPT_TS_TSANDADDR: + printf("TS+ADDR"); + break; + /* + * prespecified should really be 3, but some ones might send 2 + * instead, and the IPOPT_TS_PRESPEC constant can apparently + * have both values, so we have to hard-code it here. + */ + + case 2: + printf("PRESPEC2.0"); + break; + case 3: /* IPOPT_TS_PRESPEC */ + printf("PRESPEC"); + break; + default: + printf("[bad ts type %d]", cp[3]&0xF); + goto done; + } + + type = " "; + for (len = 4; len < length; len += hoplen) { + if (ptr == len) + type = " ^ "; + printf("%s%d@%s", type, EXTRACT_32BITS(&cp[len+hoplen-4]), + hoplen!=8 ? "" : ipaddr_string(&cp[len])); + type = " "; + } + +done: + printf("%s", ptr == len ? " ^ " : ""); + + if (cp[3]>>4) + printf(" [%d hops not recorded]} ", cp[3]>>4); + else + printf("}"); +} + /* * print IP options. */ @@ -287,15 +334,17 @@ ip_optprint(register const u_char *cp, u_int length) break; case IPOPT_TS: - printf(" TS{%d}", len); + ip_printts(cp, len); break; +#ifndef IPOPT_SECURITY +#define IPOPT_SECURITY 130 +#endif /* IPOPT_SECURITY */ case IPOPT_SECURITY: printf(" SECURITY{%d}", len); break; case IPOPT_RR: - printf(" RR{%d}=", len); ip_printroute("RR", cp, len); break; @@ -307,11 +356,16 @@ ip_optprint(register const u_char *cp, u_int length) ip_printroute("LSRR", cp, len); break; +#ifndef IPOPT_RA +#define IPOPT_RA 148 /* router alert */ +#endif case IPOPT_RA: - printf(" RA{%d}", len); - if (cp[2] != 0 || cp[3] != 0) - printf(" [b23=0x04%x]", cp[2] << 8 | cp[3]); - break; + printf(" RA"); + if (len != 4) + printf("{%d}", len); + else if (cp[2] || cp[3]) + printf("%d.%d", cp[2], cp[3]); + break; default: printf(" IPOPT-%d{%d}", cp[0], len); @@ -324,23 +378,34 @@ ip_optprint(register const u_char *cp, u_int length) * compute an IP header checksum. * don't modifiy the packet. */ -static int -in_cksum(const struct ip *ip) +u_short +in_cksum(const u_short *addr, register int len, u_short csum) { - register const u_short *sp = (u_short *)ip; - register u_int32_t sum = 0; - register int count; + int nleft = len; + const u_short *w = addr; + u_short answer; + int sum = csum; + + /* + * Our algorithm is simple, using a 32 bit accumulator (sum), + * we add sequential 16 bit words to it, and at the end, fold + * back all the carry bits from the top 16 bits into the lower + * 16 bits. + */ + while (nleft > 1) { + sum += *w++; + nleft -= 2; + } + if (nleft == 1) + sum += htons(*(u_char *)w<<8); /* - * No need for endian conversions. + * add back carry outs from top 16 bits to low 16 bits */ - for (count = ip->ip_hl * 2; --count >= 0; ) - sum += *sp++; - while (sum > 0xffff) - sum = (sum & 0xffff) + (sum >> 16); - sum = ~sum & 0xffff; - - return (sum); + sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ + sum += (sum >> 16); /* add carry */ + answer = ~sum; /* truncate to 16 bits */ + return (answer); } /* @@ -350,8 +415,10 @@ void ip_print(register const u_char *bp, register u_int length) { register const struct ip *ip; - register u_int hlen, len, off; + register u_int hlen, len, len0, off; register const u_char *cp; + u_char nh; + int advance; ip = (const struct ip *)bp; #ifdef LBL_ALIGN @@ -395,6 +462,7 @@ ip_print(register const u_char *bp, register u_int length) (void)printf("truncated-ip - %d bytes missing!", len - length); len -= hlen; + len0 = len; /* * If this is fragment zero, hand it to the next higher @@ -403,7 +471,54 @@ ip_print(register const u_char *bp, register u_int length) off = ntohs(ip->ip_off); if ((off & 0x1fff) == 0) { cp = (const u_char *)ip + hlen; - switch (ip->ip_p) { + nh = ip->ip_p; + + if (nh != IPPROTO_TCP && nh != IPPROTO_UDP) { + (void)printf("%s > %s: ", ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); + } +again: + switch (nh) { + +#ifndef IPPROTO_AH +#define IPPROTO_AH 51 +#endif + case IPPROTO_AH: + nh = *cp; + advance = ah_print(cp, (const u_char *)ip); + cp += advance; + len -= advance; + goto again; + +#ifndef IPPROTO_ESP +#define IPPROTO_ESP 50 +#endif + case IPPROTO_ESP: + { + int enh; + advance = esp_print(cp, (const u_char *)ip, &enh); + cp += advance; + len -= advance; + if (enh < 0) + break; + nh = enh & 0xff; + goto again; + } + +#ifndef IPPROTO_IPCOMP +#define IPPROTO_IPCOMP 108 +#endif + case IPPROTO_IPCOMP: + { + int enh; + advance = ipcomp_print(cp, (const u_char *)ip, &enh); + cp += advance; + len -= advance; + if (enh < 0) + break; + nh = enh & 0xff; + goto again; + } case IPPROTO_TCP: tcp_print(cp, len, (const u_char *)ip); @@ -414,7 +529,7 @@ ip_print(register const u_char *bp, register u_int length) break; case IPPROTO_ICMP: - icmp_print(cp, (const u_char *)ip); + icmp_print(cp, len, (const u_char *)ip); break; #ifndef IPPROTO_IGRP @@ -425,8 +540,10 @@ ip_print(register const u_char *bp, register u_int length) break; case IPPROTO_ND: +#if 0 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); +#endif (void)printf(" nd %d", len); break; @@ -450,10 +567,12 @@ ip_print(register const u_char *bp, register u_int length) case 4: /* DVMRP multicast tunnel (ip-in-ip encapsulation) */ +#if 0 if (vflag) (void)printf("%s > %s: ", ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); +#endif ip_print(cp, len); if (! vflag) { printf(" (ipip)"); @@ -461,6 +580,27 @@ ip_print(register const u_char *bp, register u_int length) } break; +#ifdef INET6 +#ifndef IP6PROTO_ENCAP +#define IP6PROTO_ENCAP 41 +#endif + case IP6PROTO_ENCAP: + /* ip6-in-ip encapsulation */ +#if 0 + if (vflag) + (void)printf("%s > %s: ", + ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); +#endif + ip6_print(cp, len); + if (! vflag) { + printf(" (encap)"); + return; + } + break; +#endif /*INET6*/ + + #ifndef IPPROTO_GRE #define IPPROTO_GRE 47 #endif @@ -477,18 +617,49 @@ ip_print(register const u_char *bp, register u_int length) } break; +#ifndef IPPROTO_MOBILE +#define IPPROTO_MOBILE 55 +#endif + case IPPROTO_MOBILE: + if (vflag) + (void)printf("mobile %s > %s: ", + ipaddr_string(&ip->ip_src), + ipaddr_string(&ip->ip_dst)); + mobile_print(cp, len); + if (! vflag) { + printf(" (mobile encap)"); + return; + } + break; + +#ifndef IPPROTO_PIM +#define IPPROTO_PIM 103 +#endif + case IPPROTO_PIM: + pim_print(cp, len); + break; + default: +#if 0 (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); - (void)printf(" ip-proto-%d %d", ip->ip_p, len); +#endif + (void)printf(" ip-proto-%d %d", nh, len); break; } } + + /* Ultra quiet now means that all this stuff should be suppressed */ + /* res 3-Nov-98 */ + if (qflag > 1) return; + + /* * for fragmented datagrams, print id:size@offset. On all * but the last stick a "+". For unfragmented datagrams, note * the don't fragment flag. */ + len = len0; /* get the original length */ if (off & 0x3fff) { /* * if this isn't the first frag, we're missing the @@ -497,14 +668,30 @@ ip_print(register const u_char *bp, register u_int length) if (off & 0x1fff) (void)printf("%s > %s:", ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); - (void)printf(" (frag %d:%d@%d%s)", ntohs(ip->ip_id), len, +#ifndef IP_MF +#define IP_MF 0x2000 +#endif /* IP_MF */ +#ifndef IP_DF +#define IP_DF 0x4000 +#endif /* IP_DF */ + (void)printf(" (frag %d:%u@%d%s)", ntohs(ip->ip_id), len, (off & 0x1fff) * 8, (off & IP_MF)? "+" : ""); + } else if (off & IP_DF) (void)printf(" (DF)"); - if (ip->ip_tos) - (void)printf(" [tos 0x%x]", (int)ip->ip_tos); + if (ip->ip_tos) { + (void)printf(" [tos 0x%x", (int)ip->ip_tos); + /* ECN bits */ + if (ip->ip_tos&0x02) { + (void)printf(",ECT"); + if (ip->ip_tos&0x01) + (void)printf(",CE"); + } + (void)printf("] "); + } + if (ip->ip_ttl <= 1) (void)printf(" [ttl %d]", (int)ip->ip_ttl); @@ -522,7 +709,7 @@ ip_print(register const u_char *bp, register u_int length) sep = ", "; } if ((u_char *)ip + hlen <= snapend) { - sum = in_cksum(ip); + sum = in_cksum((const u_short *)ip, hlen, 0); if (sum != 0) { (void)printf("%sbad cksum %x!", sep, ntohs(ip->ip_sum)); diff --git a/contrib/tcpdump/print-ipx.c b/contrib/tcpdump/print-ipx.c index d49bcb70471f..c17812387848 100644 --- a/contrib/tcpdump/print-ipx.c +++ b/contrib/tcpdump/print-ipx.c @@ -20,11 +20,17 @@ * * Format and print Novell IPX packets. * Contributed by Brad Parker (brad@fcr.com). + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-ipx.c,v 1.19 96/12/10 23:23:52 leres Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ipx.c,v 1.22 1999/11/21 09:36:54 fenner Exp $"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -38,7 +44,6 @@ static const char rcsid[] = #include #include #include -#include #ifdef __STDC__ #include diff --git a/contrib/tcpdump/print-isoclns.c b/contrib/tcpdump/print-isoclns.c index 7af4f8f8a836..399ec8b81d99 100644 --- a/contrib/tcpdump/print-isoclns.c +++ b/contrib/tcpdump/print-isoclns.c @@ -19,11 +19,17 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * Original code by Matt Thomas, Digital Equipment Corporation + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-isoclns.c,v 1.15 96/12/31 21:27:41 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-isoclns.c,v 1.16 1999/11/21 09:36:55 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include diff --git a/contrib/tcpdump/print-llc.c b/contrib/tcpdump/print-llc.c index 183c357cd88b..3216f4d6c148 100644 --- a/contrib/tcpdump/print-llc.c +++ b/contrib/tcpdump/print-llc.c @@ -20,11 +20,17 @@ * * Code by Matt Thomas, Digital Equipment Corporation * with an awful lot of hacking by Jeffrey Mogul, DECWRL + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-llc.c,v 1.24 97/01/01 20:56:48 leres Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/print-llc.c,v 1.27 1999/12/22 06:27:21 itojun Exp $"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -79,10 +85,15 @@ llc_print(const u_char *p, u_int length, u_int caplen, ipx_print(p, length); return (1); } -#ifdef notyet - else if (p[0] == 0xf0 && p[1] == 0xf0) - netbios_print(p, length); -#endif + if (llc.ssap == 0xf0 && llc.dsap == 0xf0) { + /* + * we don't actually have a full netbeui parser yet, but the + * smb parser can handle many smb-in-netbeui packets, which + * is very useful, so we call that + */ + netbeui_print(p + 2, p + min(caplen, length)); + return (1); + } if (llc.ssap == LLCSAP_ISONS && llc.dsap == LLCSAP_ISONS && llc.llcui == LLC_UI) { isoclns_print(p + 3, length - 3, caplen - 3, esrc, edst); @@ -92,9 +103,9 @@ llc_print(const u_char *p, u_int length, u_int caplen, if (llc.ssap == LLCSAP_SNAP && llc.dsap == LLCSAP_SNAP && llc.llcui == LLC_UI) { if (caplen < sizeof(llc)) { - (void)printf("[|llc-snap]"); - default_print((u_char *)p, caplen); - return (0); + (void)printf("[|llc-snap]"); + default_print((u_char *)p, caplen); + return (0); } if (vflag) (void)printf("snap %s ", protoid_string(llc.llcpi)); @@ -136,11 +147,11 @@ llc_print(const u_char *p, u_int length, u_int caplen, char f; m = tok2str(cmd2str, "%02x", LLC_U_CMD(llc.llcu)); switch ((llc.ssap & LLC_GSAP) | (llc.llcu & LLC_U_POLL)) { - case 0: f = 'C'; break; - case LLC_GSAP: f = 'R'; break; - case LLC_U_POLL: f = 'P'; break; - case LLC_GSAP|LLC_U_POLL: f = 'F'; break; - default: f = '?'; break; + case 0: f = 'C'; break; + case LLC_GSAP: f = 'R'; break; + case LLC_U_POLL: f = 'P'; break; + case LLC_GSAP|LLC_U_POLL: f = 'F'; break; + default: f = '?'; break; } printf("%s/%c", m, f); @@ -150,22 +161,31 @@ llc_print(const u_char *p, u_int length, u_int caplen, caplen -= 3; if ((llc.llcu & ~LLC_U_POLL) == LLC_XID) { - if (*p == LLC_XID_FI) { - printf(": %02x %02x", p[1], p[2]); - p += 3; - length -= 3; - caplen -= 3; - } + if (*p == LLC_XID_FI) { + printf(": %02x %02x", p[1], p[2]); + p += 3; + length -= 3; + caplen -= 3; + } } + + if (!strcmp(m,"ui") && f=='C') { + /* + * we don't have a proper ipx decoder yet, but there + * is a partial one in the smb code + */ + ipx_netbios_print(p,p+min(caplen,length)); + } + } else { char f; llc.llcis = ntohs(llc.llcis); switch ((llc.ssap & LLC_GSAP) | (llc.llcu & LLC_U_POLL)) { - case 0: f = 'C'; break; - case LLC_GSAP: f = 'R'; break; - case LLC_U_POLL: f = 'P'; break; - case LLC_GSAP|LLC_U_POLL: f = 'F'; break; - default: f = '?'; break; + case 0: f = 'C'; break; + case LLC_GSAP: f = 'R'; break; + case LLC_U_POLL: f = 'P'; break; + case LLC_GSAP|LLC_U_POLL: f = 'F'; break; + default: f = '?'; break; } if ((llc.llcu & LLC_S_FMT) == LLC_S_FMT) { diff --git a/contrib/tcpdump/print-ntp.c b/contrib/tcpdump/print-ntp.c index 696bb429b684..1009872ed4b0 100644 --- a/contrib/tcpdump/print-ntp.c +++ b/contrib/tcpdump/print-ntp.c @@ -21,11 +21,17 @@ * Format and print ntp packets. * By Jeffrey Mogul/DECWRL * loosely based on print-bootp.c + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-ntp.c,v 1.26 97/06/13 12:56:37 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ntp.c,v 1.27 1999/11/21 09:36:57 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include diff --git a/contrib/tcpdump/print-null.c b/contrib/tcpdump/print-null.c index f1469ab8006a..64c7df340c05 100644 --- a/contrib/tcpdump/print-null.c +++ b/contrib/tcpdump/print-null.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-null.c,v 1.24 97/05/28 12:52:47 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-null.c,v 1.30 1999/12/22 06:27:21 itojun Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -44,12 +50,15 @@ struct rtentry; #include #include #include -#include #include #include #include +#ifdef INET6 +#include +#endif + #include "interface.h" #include "addrtoname.h" @@ -80,6 +89,12 @@ null_print(const u_char *p, const struct ip *ip, u_int length) printf("ip: "); break; +#ifdef INET6 + case AF_INET6: + printf("ip6: "); + break; +#endif + case AF_NS: printf("ns: "); break; @@ -114,7 +129,19 @@ null_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p) if (eflag) null_print(p, ip, length); - ip_print((const u_char *)ip, length); + switch (ip->ip_v) { + case 4: + ip_print((const u_char *)ip, length); + break; +#ifdef INET6 + case 6: + ip6_print((const u_char *)ip, length); + break; +#endif /* INET6 */ + default: + printf("ip v%d", ip->ip_v); + break; + } if (xflag) default_print((const u_char *)ip, caplen - NULL_HDRLEN); diff --git a/contrib/tcpdump/print-ppp.c b/contrib/tcpdump/print-ppp.c index b5052c7fffe4..3c831d372e1b 100644 --- a/contrib/tcpdump/print-ppp.c +++ b/contrib/tcpdump/print-ppp.c @@ -23,7 +23,11 @@ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-ppp.c,v 1.26 97/06/12 14:21:29 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ppp.c,v 1.33.2.1 2000/01/29 07:31:17 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -41,17 +45,23 @@ struct rtentry; #include #include #include +#include #include #include #include #include +#ifdef __bsdi__ +#include +#include +#endif #include #include "ethertype.h" #include #include "interface.h" +#include "extract.h" #include "addrtoname.h" #include "ppp.h" @@ -191,54 +201,13 @@ static char *papcode[] = { #define IPCP_CP 2 #define IPCP_ADDR 3 -/* PPPoE */ +static void do_ppp_print __P((const u_char *, u_int, u_int)); +static void handle_lcp __P((const u_char *p, int length)); +static int print_lcp_config_options __P((const u_char *p)); +static void handle_chap __P((const u_char *p, int length)); +static void handle_ipcp __P((const u_char *p, int length)); +static void handle_pap __P((const u_char *p, int length)); -struct typenames { - u_short type; - char *name; -}; - -static struct typenames typenames[] = { - /* - * PPPoE type field values - */ - 0x00, "DATA", /* PPPoE Data packet */ - 0x09, "PADI", /* Active Discovery Initiation */ - 0x07, "PADO", /* Active Discovery Offer */ - 0x19, "PADR", /* Active Discovery Request */ - 0x65, "PADS", /* Active Discovery Session-Confirm */ - 0xa7, "PADT", /* Active Discovery Terminate */ -}; - -struct tagnames { - u_short tag; - char *name; - int isascii; -}; - -static struct tagnames tagnames[] = { - /* - * PPPoE tag field values - */ - 0x0000, "End-Of-List", 0, /* Optional last tag (len 0) */ - 0x0101, "Service-Name", 1, /* The (ascii) service */ - 0x0102, "AC-Name", -1, /* Access Concentrator */ - 0x0103, "Host-Uniq", 0, /* Associate PAD[OS] with PAD[IR] */ - 0x0104, "AC-Cookie", 0, /* Optional at PADO time */ - 0x0105, "Vendor-Specific", 0, /* First 4 bytes special (ignore) */ - 0x0110, "Relay-Session-Id", 0, /* Max 12 octets, added by gateway */ - 0x0201, "Service-Name-Error", -1, /* Request not honoured */ - 0x0203, "Generic-Error", 1 /* Access Concentrator error */ -}; - -static int handle_lcp(const u_char *p, int length); -static int print_lcp_config_options(u_char *p); -static int handle_chap(const u_char *p, int length); -static int handle_ipcp(const u_char *p, int length); -static int handle_pap(const u_char *p, int length); -static void do_ppp_print(const u_char *p, u_int length, u_int caplen); - -/* Standard PPP printer */ void ppp_hdlc_print(const u_char *p, int length) { @@ -247,7 +216,7 @@ ppp_hdlc_print(const u_char *p, int length) u_char *ptr; printf("ID-%03d ", *(p+5)); - + for (i = (sizeof(protonames) / sizeof(protonames[0])) - 1; i >= 0; --i) { if (proto == protonames[i].protocol) @@ -279,257 +248,235 @@ ppp_hdlc_print(const u_char *p, int length) } /* print LCP frame */ - -static int +static void handle_lcp(const u_char *p, int length) { int x, j; - u_char *ptr; + const u_char *ptr; - x = *(p+4); + x = p[4]; - if((x >= LCP_MIN) && (x <= LCP_MAX)) - { - printf("%s", lcpcodes[x-1]); - } - else - { + if ((x >= LCP_MIN) && (x <= LCP_MAX)) + printf("%s", lcpcodes[x - 1]); + else { printf("0x%02x", x); return; } length -= 4; - switch(x) - { - case LCP_CONF_REQ: - case LCP_CONF_ACK: - case LCP_CONF_NAK: - case LCP_CONF_REJ: - x = length; - ptr = (u_char *)p+8; - do - { - if((j = print_lcp_config_options(ptr)) == 0) - break; - x -= j; - ptr += j; - } - while(x > 0); - break; + switch (x) { + case LCP_CONF_REQ: + case LCP_CONF_ACK: + case LCP_CONF_NAK: + case LCP_CONF_REJ: + x = length; + ptr = p + 8; + do { + if ((j = print_lcp_config_options(ptr)) == 0) + break; + x -= j; + ptr += j; + } while (x > 0); + break; - case LCP_ECHO_REQ: - case LCP_ECHO_RPL: - printf(", Magic-Number=%d", ((*(p+8) << 24) + (*(p+9) << 16) + (*(p+10) << 8) + (*(p+11)))); - break; - case LCP_TERM_REQ: - case LCP_TERM_ACK: - case LCP_CODE_REJ: - case LCP_PROT_REJ: - case LCP_DISC_REQ: - default: - break; + case LCP_ECHO_REQ: + case LCP_ECHO_RPL: + printf(", Magic-Number=%u", + EXTRACT_32BITS(p+8)); + break; + case LCP_TERM_REQ: + case LCP_TERM_ACK: + case LCP_CODE_REJ: + case LCP_PROT_REJ: + case LCP_DISC_REQ: + default: + break; } } /* LCP config options */ - static int -print_lcp_config_options(u_char *p) +print_lcp_config_options(const u_char *p) { - int len = *(p+1); - int opt = *p; + int len = p[1]; + int opt = p[0]; - if((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX)) + if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX)) printf(", %s", lcpconfopts[opt]); - switch(opt) - { - case LCPOPT_MRU: - if(len == 4) - printf("=%d", (*(p+2) << 8) + *(p+3)); - break; - case LCPOPT_AP: - if(len >= 4) - { - if(*(p+2) == 0xc0 && *(p+3) == 0x23) - { - printf(" PAP"); - } - else if(*(p+2) == 0xc2 && *(p+3) == 0x23) - { - printf(" CHAP/"); - switch(*(p+4)) - { - default: - printf("unknown-algorithm-%d", *(p+4)); - break; - case 5: - printf("MD5"); - break; - case 0x80: - printf("Microsoft"); - break; - } - } - else if(*(p+2) == 0xc2 && *(p+3) == 0x27) - { - printf(" EAP"); - } - else if(*(p+2) == 0xc0 && *(p+3) == 0x27) - { - printf(" SPAP"); - } - else if(*(p+2) == 0xc1 && *(p+3) == 0x23) - { - printf(" Old-SPAP"); - } - else - { - printf("unknown"); + switch (opt) { + case LCPOPT_MRU: + if (len == 4) + printf("=%d", (*(p+2) << 8) + *(p+3)); + break; + case LCPOPT_AP: + if (len >= 4) { + if (p[2] == 0xc0 && p[3] == 0x23) + printf(" PAP"); + else if (p[2] == 0xc2 && p[3] == 0x23) { + printf(" CHAP/"); + switch (p[4]) { + default: + printf("unknown-algorithm-%u", p[4]); + break; + case 5: + printf("MD5"); + break; + case 0x80: + printf("Microsoft"); + break; } } - break; - case LCPOPT_QP: - if(len >= 4) - { - if(*(p+2) == 0xc0 && *(p+3) == 0x25) - printf(" LQR"); - else - printf(" unknown"); - } - break; - case LCPOPT_MN: - if(len == 6) - { - printf("=%d", ((*(p+2) << 24) + (*(p+3) << 16) + (*(p+4) << 8) + (*(p+5)))); - } - break; - case LCPOPT_PFC: - printf(" PFC"); - break; - case LCPOPT_ACFC: - printf(" ACFC"); - break; + else if (p[2] == 0xc2 && p[3] == 0x27) + printf(" EAP"); + else if (p[2] == 0xc0 && p[3] == 0x27) + printf(" SPAP"); + else if (p[2] == 0xc1 && p[3] == 0x23) + printf(" Old-SPAP"); + else + printf("unknown"); + } + break; + case LCPOPT_QP: + if (len >= 4) { + if (p[2] == 0xc0 && p[3] == 0x25) + printf(" LQR"); + else + printf(" unknown"); + } + break; + case LCPOPT_MN: + if (len == 6) + printf("=%u", EXTRACT_32BITS(p+2)); + break; + case LCPOPT_PFC: + printf(" PFC"); + break; + case LCPOPT_ACFC: + printf(" ACFC"); + break; } - return(len); + return len; } /* CHAP */ - -static int +static void handle_chap(const u_char *p, int length) { - int x, j; - u_char *ptr; + int x; + const u_char *ptr; - x = *(p+4); + x = p[4]; - if((x >= CHAP_CODEMIN) && (x <= CHAP_CODEMAX)) - { - printf("%s", chapcode[x-1]); - } - else - { + if ((x >= CHAP_CODEMIN) && (x <= CHAP_CODEMAX)) + printf("%s", chapcode[x - 1]); + else { printf("0x%02x", x); return; } length -= 4; - switch(x) - { - case CHAP_CHAL: - case CHAP_RESP: - printf(", Value="); - x = *(p+8); /* value size */ - ptr = (u_char *)p+9; - while(--x >= 0) - printf("%02x", *ptr++); - x = length - *(p+8) - 1; - printf(", Name="); - while(--x >= 0) - printf("%c", *ptr++); - break; + switch (p[4]) { + case CHAP_CHAL: + case CHAP_RESP: + printf(", Value="); + x = p[8]; /* value size */ + ptr = p + 9; + while (--x >= 0) + printf("%02x", *ptr++); + x = length - p[8] - 1; + printf(", Name="); + while (--x >= 0) { + if (isprint(*ptr)) + printf("%c", *ptr); + else + printf("\\%03o", *ptr); + ptr++; + } + break; } } /* PAP */ - -static int +static void handle_pap(const u_char *p, int length) { - int x, j; - u_char *ptr; + int x; + const u_char *ptr; - x = *(p+4); + x = p[4]; - if((x >= PAP_CODEMIN) && (x <= PAP_CODEMAX)) - { - printf("%s", papcode[x-1]); - } - else - { + if ((x >= PAP_CODEMIN) && (x <= PAP_CODEMAX)) + printf("%s", papcode[x - 1]); + else { printf("0x%02x", x); return; } length -= 4; - switch(x) - { - case PAP_AREQ: - printf(", Peer-Id="); - x = *(p+8); /* peerid size */ - ptr = (u_char *)p+9; - while(--x >= 0) - printf("%c", *ptr++); - x = *ptr++; - printf(", Passwd="); - while(--x >= 0) - printf("%c", *ptr++); - break; - case PAP_AACK: - case PAP_ANAK: - break; + switch (x) { + case PAP_AREQ: + printf(", Peer-Id="); + x = p[8]; /* peerid size */ + ptr = p + 9; + while (--x >= 0) { + if (isprint(*ptr)) + printf("%c", *ptr); + else + printf("\\%03o", *ptr); + ptr++; + } + x = *ptr++; + printf(", Passwd="); + while (--x >= 0) { + if (isprint(*ptr)) + printf("%c", *ptr); + else + printf("\\%03o", *ptr); + ptr++; + } + break; + case PAP_AACK: + case PAP_ANAK: + break; } } /* IPCP */ - -static int +static void handle_ipcp(const u_char *p, int length) { - int x, j; - - x = *(p+8); - length -= 4; - switch(x) - { - case IPCP_2ADDR: - printf("IP-Addresses"); - printf(", Src=%d.%d.%d.%d", *(p+10), *(p+11), *(p+12), *(p+13)); - printf(", Dst=%d.%d.%d.%d", *(p+14), *(p+15), *(p+16), *(p+17)); - break; - - case IPCP_CP: - printf("IP-Compression-Protocol"); - break; + switch (p[8]) { + case IPCP_2ADDR: + printf("IP-Addresses"); + printf(", src=%s", ipaddr_string(p + 10)); + printf(", drc=%s", ipaddr_string(p + 14)); + break; + + case IPCP_CP: + printf("IP-Compression-Protocol"); + break; - case IPCP_ADDR: - printf("IP-Address=%d.%d.%d.%d", *(p+10), *(p+11), *(p+12), *(p+13)); - break; + case IPCP_ADDR: + printf("IP-Address=%s", ipaddr_string(p + 10)); + break; } } +/* Standard PPP printer */ void ppp_if_print(u_char *user, const struct pcap_pkthdr *h, register const u_char *p) { register u_int length = h->len; register u_int caplen = h->caplen; + const struct ip *ip; + u_int proto; ts_print(&h->ts); @@ -543,113 +490,13 @@ ppp_if_print(u_char *user, const struct pcap_pkthdr *h, * and/or check that they're not walking off the end of the packet. * Rather than pass them all the way down, we set these globals. */ + proto = ntohs(*(u_short *)&p[2]); packetp = p; snapend = p + caplen; do_ppp_print(p, length, caplen); } -/* - * Print PPPoE discovery & session packets - */ -void -pppoe_print(const u_char *p, u_int length) -{ - u_short tag, len, tlen; - u_char type; - int f, asc; - - fputs("PPPoE ", stdout); - - /* - * A PPPoE header: - * - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | VER | TYPE | CODE | SESSION_ID | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | LENGTH | payload ~ - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - */ - - type = p[1]; - for (f = sizeof typenames / sizeof typenames[0] - 1; f >= 0; f--) - if (typenames[f].type == type) { - fputs(typenames[f].name, stdout); - break; - } - - if (f == -1) { - printf("<0x%02x>\n", type); - } - - len = ntohs(*(u_short *)(p + 4)); - printf(" v%d, type %d, sess %d len %d", p[0] >> 4, p[0] & 0xf, - ntohs(*(u_short *)(p + 2)), len); - - if (type == 0x00) { - /* This is a data packet */ - p += 4; - fputs("] ", stdout); - /* If eflag is set, ignore the trailing 2 bytes for LCP... */ - do_ppp_print(p, eflag ? len - 2 : len + 2, len + 4); - return; - } - - p += 6; - length -= 6; - if (len > length) - len = length; /* puke ! */ - - /* - * A PPPoE tag: - * - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | TAG_TYPE | TAG_LENGTH | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | TAG_VALUE ... ~ - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - */ - - while (len >= 4) { - tag = ntohs(*(u_short *)p); - tlen = ntohs(*(u_short *)(p + 2)); - - fputs(" [", stdout); - for (f = sizeof tagnames / sizeof tagnames[0] - 1; f >= 0; f--) - if (tagnames[f].tag == tag) { - asc = tagnames[f].isascii; - fputs(tagnames[f].name, stdout); - break; - } - - if (f == -1) { - printf("<0x%04x>", tag); - asc = -1; - } - - p += 4; - if (tlen > 0) { - if (asc == -1) { - for (f = 0; f < tlen; f++) - if (!isascii(p[f])) - break; - asc = f == tlen; - } - fputc(' ', stdout); - if (asc) - printf("%.*s", (int)tlen, p); - else for (f = 0; f < tlen; f++) - printf("%02x", p[f]); - } - fputc(']', stdout); - - p += tlen; - len -= tlen + 4; - } -} - /* * Actually do the job */ @@ -670,6 +517,14 @@ do_ppp_print(const u_char *p, u_int length, u_int caplen) case ETHERTYPE_IPX: ipx_print((const u_char *)(p + PPP_HDRLEN), length); break; +#ifdef INET6 + case ETHERTYPE_IPV6: /*XXX*/ +#ifdef PPP_IPV6 + case PPP_IPV6: +#endif + ip6_print((const u_char *)(p + PPP_HDRLEN), length); + break; +#endif default: if(!eflag) @@ -686,13 +541,35 @@ do_ppp_print(const u_char *p, u_int length, u_int caplen) putchar('\n'); } -/* proto type to string mapping */ -static struct tok ptype2str[] = { +struct tok ppptype2str[] = { + { PPP_IP, "IP" }, + { PPP_OSI, "OSI" }, + { PPP_NS, "NS" }, + { PPP_DECNET, "DECNET" }, + { PPP_APPLE, "APPLE" }, + { PPP_IPX, "IPX" }, { PPP_VJC, "VJC" }, { PPP_VJNC, "VJNC" }, - { PPP_OSI, "OSI" }, - { PPP_LCP, "LCP" }, + { PPP_BRPDU, "BRPDU" }, + { PPP_STII, "STII" }, + { PPP_VINES, "VINES" }, + + { PPP_HELLO, "HELLO" }, + { PPP_LUXCOM, "LUXCOM" }, + { PPP_SNS, "SNS" }, { PPP_IPCP, "IPCP" }, + { PPP_OSICP, "OSICP" }, + { PPP_NSCP, "NSCP" }, + { PPP_DECNETCP, "DECNETCP" }, + { PPP_APPLECP, "APPLECP" }, + { PPP_IPXCP, "IPXCP" }, + { PPP_STIICP, "STIICP" }, + { PPP_VINESCP, "VINESCP" }, + + { PPP_LCP, "LCP" }, + { PPP_PAP, "PAP" }, + { PPP_LQM, "LQM" }, + { PPP_CHAP, "CHAP" }, { 0, NULL } }; @@ -703,10 +580,13 @@ void ppp_bsdos_if_print(u_char *user, const struct pcap_pkthdr *h, register const u_char *p) { +#ifdef __bsdi__ register u_int length = h->len; register u_int caplen = h->caplen; register int hdrlength; u_short ptype; + const u_char *q; + int i; ts_print(&h->ts); @@ -724,6 +604,7 @@ ppp_bsdos_if_print(u_char *user, const struct pcap_pkthdr *h, snapend = p + caplen; hdrlength = 0; +#if 0 if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) { if (eflag) printf("%02x %02x ", p[0], p[1]); @@ -749,16 +630,80 @@ ppp_bsdos_if_print(u_char *user, const struct pcap_pkthdr *h, p += 2; hdrlength += 2; } - +#else + ptype = 0; /*XXX*/ + if (eflag) + printf("%c ", p[SLC_DIR] ? 'O' : 'I'); + if (p[SLC_LLHL]) { + /* link level header */ + struct ppp_header *ph; + + q = p + SLC_BPFHDRLEN; + ph = (struct ppp_header *)q; + if (ph->phdr_addr == PPP_ADDRESS + && ph->phdr_ctl == PPP_CONTROL) { + if (eflag) + printf("%02x %02x ", q[0], q[1]); + ptype = ntohs(ph->phdr_type); + if (eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) { + printf("%s ", tok2str(ppptype2str, + "proto-#%d", ptype)); + } + } else { + if (eflag) { + printf("LLH=["); + for (i = 0; i < p[SLC_LLHL]; i++) + printf("%02x", q[i]); + printf("] "); + } + } + if (eflag) + printf("%d ", length); + } + if (p[SLC_CHL]) { + q = p + SLC_BPFHDRLEN + p[SLC_LLHL]; + + switch (ptype) { + case PPP_VJC: + ptype = vjc_print(q, length - (q - p), ptype); + hdrlength = PPP_BSDI_HDRLEN; + p += hdrlength; + if (ptype == PPP_IP) + ip_print(p, length); + goto printx; + case PPP_VJNC: + ptype = vjc_print(q, length - (q - p), ptype); + hdrlength = PPP_BSDI_HDRLEN; + p += hdrlength; + if (ptype == PPP_IP) + ip_print(p, length); + goto printx; + default: + if (eflag) { + printf("CH=["); + for (i = 0; i < p[SLC_LLHL]; i++) + printf("%02x", q[i]); + printf("] "); + } + break; + } + } + + hdrlength = PPP_BSDI_HDRLEN; +#endif + length -= hdrlength; + p += hdrlength; if (ptype == PPP_IP) ip_print(p, length); else - printf("%s ", tok2str(ptype2str, "proto-#%d", ptype)); + printf("%s ", tok2str(ppptype2str, "proto-#%d", ptype)); +printx: if (xflag) default_print((const u_char *)p, caplen - hdrlength); out: putchar('\n'); +#endif /* __bsdi__ */ } diff --git a/contrib/tcpdump/print-sl.c b/contrib/tcpdump/print-sl.c index 7e523522e9e3..c2f622bde0aa 100644 --- a/contrib/tcpdump/print-sl.c +++ b/contrib/tcpdump/print-sl.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-sl.c,v 1.42 97/06/12 14:21:35 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-sl.c,v 1.46 1999/11/21 12:38:24 itojun Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #ifdef HAVE_NET_SLIP_H @@ -44,9 +50,7 @@ struct rtentry; #include #include #include -#include #include -#include #include #include @@ -104,7 +108,18 @@ sl_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p) if (eflag) sliplink_print(p, ip, length); - ip_print((u_char *)ip, length); + switch (ip->ip_v) { + case 4: + ip_print((u_char *)ip, length); + break; +#ifdef INET6 + case 6: + ip6_print((u_char *)ip, length); + break; +#endif + default: + printf ("ip v%d", ip->ip_v); + } if (xflag) default_print((u_char *)ip, caplen - SLIP_HDRLEN); diff --git a/contrib/tcpdump/print-sunrpc.c b/contrib/tcpdump/print-sunrpc.c index ecc44264203a..54dcf66a2f49 100644 --- a/contrib/tcpdump/print-sunrpc.c +++ b/contrib/tcpdump/print-sunrpc.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-sunrpc.c,v 1.26 96/12/31 21:27:43 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-sunrpc.c,v 1.29 1999/11/21 09:37:02 fenner Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include diff --git a/contrib/tcpdump/print-token.c b/contrib/tcpdump/print-token.c index fed384fb52e2..0edbf2f0f75a 100644 --- a/contrib/tcpdump/print-token.c +++ b/contrib/tcpdump/print-token.c @@ -19,6 +19,8 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * Hacked version of print-ether.c Larry Lile + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = @@ -107,7 +109,7 @@ token_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p) u_int length = h->len; struct token_header *tp; u_short ether_type; - extern u_short extracted_ethertype; + u_short extracted_ethertype; u_int route_len = 0, seg; struct llc *lp; diff --git a/contrib/tcpdump/print-udp.c b/contrib/tcpdump/print-udp.c index c75446f46a8e..9a64fb3da376 100644 --- a/contrib/tcpdump/print-udp.c +++ b/contrib/tcpdump/print-udp.c @@ -17,11 +17,17 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: print-udp.c,v 1.60 97/07/27 21:58:48 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-udp.c,v 1.70 1999/12/22 06:27:23 itojun Exp $ (LBL)"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -51,6 +57,10 @@ static const char rcsid[] = #include +#ifdef INET6 +#include +#endif + #include "interface.h" #include "addrtoname.h" #include "appletalk.h" @@ -291,8 +301,23 @@ rtcp_print(const u_char *hdr, const u_char *ep) #define SNMP_PORT 161 /*XXX*/ #define NTP_PORT 123 /*XXX*/ #define SNMPTRAP_PORT 162 /*XXX*/ +#define ISAKMP_PORT 500 /*XXX*/ #define RIP_PORT 520 /*XXX*/ #define KERBEROS_SEC_PORT 750 /*XXX*/ +#define L2TP_PORT 1701 /*XXX*/ +#define ISAKMP_PORT_USER1 7500 /*??? - nonstandard*/ +#define ISAKMP_PORT_USER2 8500 /*??? - nonstandard*/ +#define RX_PORT_LOW 7000 /*XXX*/ +#define RX_PORT_HIGH 7009 /*XXX*/ +#define NETBIOS_NS_PORT 137 +#define NETBIOS_DGRAM_PORT 138 +#define CISCO_AUTORP_PORT 496 /*XXX*/ + +#ifdef INET6 +#define RIPNG_PORT 521 /*XXX*/ +#define DHCP6_SERV_PORT 546 /*XXX*/ +#define DHCP6_CLI_PORT 547 /*XXX*/ +#endif void udp_print(register const u_char *bp, u_int length, register const u_char *bp2) @@ -302,18 +327,30 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2) register const u_char *cp; register const u_char *ep = bp + length; u_short sport, dport, ulen; +#ifdef INET6 + register const struct ip6_hdr *ip6; +#endif if (ep > snapend) ep = snapend; up = (struct udphdr *)bp; ip = (struct ip *)bp2; +#ifdef INET6 + if (ip->ip_v == 6) + ip6 = (struct ip6_hdr *)bp2; + else + ip6 = NULL; +#endif /*INET6*/ cp = (u_char *)(up + 1); if (cp > snapend) { - printf("[|udp]"); + (void)printf("%s > %s: [|udp]", + ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); return; } if (length < sizeof(struct udphdr)) { - (void)printf(" truncated-udp %d", length); + (void)printf("%s > %s: truncated-udp %d", + ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst), + length); return; } length -= sizeof(struct udphdr); @@ -374,6 +411,15 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2) while (cp < ep) cp = rtcp_print(cp, ep); break; + + case PT_SNMP: + (void)printf("%s.%s > %s.%s:", + ipaddr_string(&ip->ip_src), + udpport_string(sport), + ipaddr_string(&ip->ip_dst), + udpport_string(dport)); + snmp_print((const u_char *)(up + 1), length); + break; } return; } @@ -411,9 +457,38 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2) return; } } +#if 0 (void)printf("%s.%s > %s.%s:", ipaddr_string(&ip->ip_src), udpport_string(sport), ipaddr_string(&ip->ip_dst), udpport_string(dport)); +#else +#ifdef INET6 + if (ip6) { + if (ip6->ip6_nxt == IPPROTO_UDP) { + (void)printf("%s.%s > %s.%s: ", + ip6addr_string(&ip6->ip6_src), + udpport_string(sport), + ip6addr_string(&ip6->ip6_dst), + udpport_string(dport)); + } else { + (void)printf("%s > %s: ", + udpport_string(sport), udpport_string(dport)); + } + } else +#endif /*INET6*/ + { + if (ip->ip_p == IPPROTO_UDP) { + (void)printf("%s.%s > %s.%s: ", + ipaddr_string(&ip->ip_src), + udpport_string(sport), + ipaddr_string(&ip->ip_dst), + udpport_string(dport)); + } else { + (void)printf("%s > %s: ", + udpport_string(sport), udpport_string(dport)); + } + } +#endif if (!qflag) { #define ISPORT(p) (dport == (p) || sport == (p)) @@ -426,19 +501,51 @@ udp_print(register const u_char *bp, u_int length, register const u_char *bp2) sport, dport); else if (ISPORT(RIP_PORT)) rip_print((const u_char *)(up + 1), length); + else if (ISPORT(ISAKMP_PORT)) + isakmp_print((const u_char *)(up + 1), length, bp2); +#if 1 /*???*/ + else if (ISPORT(ISAKMP_PORT_USER1) || ISPORT(ISAKMP_PORT_USER2)) + isakmp_print((const u_char *)(up + 1), length, bp2); +#endif else if (ISPORT(SNMP_PORT) || ISPORT(SNMPTRAP_PORT)) snmp_print((const u_char *)(up + 1), length); else if (ISPORT(NTP_PORT)) ntp_print((const u_char *)(up + 1), length); else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT)) krb_print((const void *)(up + 1), length); + else if (ISPORT(L2TP_PORT)) + l2tp_print((const u_char *)(up + 1), length); + else if (ISPORT(NETBIOS_NS_PORT)) { + nbt_udp137_print((const u_char *)(up + 1), length); + } + else if (ISPORT(NETBIOS_DGRAM_PORT)) { + nbt_udp138_print((const u_char *)(up + 1), length); + } else if (dport == 3456) vat_print((const void *)(up + 1), length, up); + /* + * Since there are 10 possible ports to check, I think + * a <> test would be more efficient + */ + else if ((sport >= RX_PORT_LOW && sport <= RX_PORT_HIGH) || + (dport >= RX_PORT_LOW && dport <= RX_PORT_HIGH)) + rx_print((const void *)(up + 1), length, sport, dport, + (u_char *) ip); +#ifdef INET6 + else if (ISPORT(RIPNG_PORT)) + ripng_print((const u_char *)(up + 1), length); + else if (ISPORT(DHCP6_SERV_PORT) || ISPORT(DHCP6_CLI_PORT)) { + dhcp6_print((const u_char *)(up + 1), length, + sport, dport); + } +#endif /*INET6*/ /* * Kludge in test for whiteboard packets. */ else if (dport == 4567) wb_print((const void *)(up + 1), length); + else if (ISPORT(CISCO_AUTORP_PORT)) + cisco_autorp_print((const void *)(up + 1), length); else (void)printf(" udp %u", (u_int32_t)(ulen - sizeof(*up))); diff --git a/contrib/tcpdump/tcpdump.1 b/contrib/tcpdump/tcpdump.1 index cf0f625f18e3..500bb000c206 100644 --- a/contrib/tcpdump/tcpdump.1 +++ b/contrib/tcpdump/tcpdump.1 @@ -1,4 +1,4 @@ -.\" @(#) $Header: tcpdump.1,v 1.67 97/06/30 16:31:50 leres Exp $ (LBL) +.\" @(#) $Header: /tcpdump/master/tcpdump/tcpdump.1,v 1.72.2.2 2000/01/29 16:42:03 itojun Exp $ (LBL) .\" .\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ tcpdump \- dump traffic on a network .na .B tcpdump [ -.B \-adeflnNOpqStvxX +.B \-adeflnNOpqRStvxX ] [ .B \-c .I count @@ -42,16 +42,21 @@ tcpdump \- dump traffic on a network [ .B \-i .I interface -] [ +] +[ +.B \-m +.I module +] +[ .B \-r .I file ] +.br +.ti +8 [ .B \-s .I snaplen ] -.br -.ti +8 [ .B \-T .I type @@ -60,6 +65,8 @@ tcpdump \- dump traffic on a network .B \-w .I file ] +.br +.ti +8 [ .I expression ] @@ -148,6 +155,10 @@ Don't print domain name qualification of host names. E.g., if you give this flag then \fItcpdump\fP will print ``nic'' instead of ``nic.ddn.mil''. .TP +.B \-m +Load SMI MIB module definitions from file \fImodule\fR. This option +can be used several times to load several MIB modules into tcpdump. +.TP .B \-O Do not run the packet-matching code optimizer. This is useful only if you suspect a bug in the optimizer. @@ -186,10 +197,17 @@ specified \fItype\fR. Currently known types are \fBrpc\fR (Remote Procedure Call), \fBrtp\fR (Real-Time Applications protocol), \fBrtcp\fR (Real-Time Applications control protocol), +\fBsnmp\fR (Simple Network Management Protocol), \fBvat\fR (Visual Audio Tool), and \fBwb\fR (distributed White Board). .TP +.B \-R +Assume ESP/AH packets to be based on old specification (RFC1825 to RFC1829). +If specified, \fItcpdump\fP will not print replay prevention field. +Since there is no protocol version field in ESP/AH specification, +\fItcpdump\fP cannot deduce the version of ESP/AH protocol. +.TP .B \-S Print absolute, rather than relative, TCP sequence numbers. .TP @@ -207,6 +225,13 @@ and type of service information in an IP packet is printed. Even more verbose output. For example, additional fields are printed from NFS reply packets. .TP +.B \-vvv +Even more verbose output. For example, +telnet \fBSB\fP ... \fBSE\fP options +are printed in full. With +.B \-X +telnet options are printed in hex as well. +.TP .B \-w Write the raw packets to \fIfile\fR rather than parsing and printing them out. They can later be printed with the \-r option. @@ -219,9 +244,14 @@ The smaller of the entire packet or bytes will be printed. .TP .B \-X -Like +When printing hex, print ascii too. Thus if .B \-x -but dumps the packet in emacs-hexl like format with ASCII decoding. +is also set, the packet is printed in hex/ascii. +This is very handy for analysing new protocols. +Even if +.B \-x +is not also set, some parts of some packets may be printed +in hex/ascii. .IP "\fI expression\fP" .RS selects which packets will be dumped. If no \fIexpression\fP @@ -270,6 +300,7 @@ protos are: .BR ether , .BR fddi , .BR ip , +.BR ip6 , .BR arp , .BR rarp , .BR decnet , @@ -280,6 +311,8 @@ protos are: .BR iso , .BR esis , .BR isis , +.BR icmp , +.BR icmp6 , .B tcp and .BR udp . @@ -317,14 +350,14 @@ To save typing, identical qualifier lists can be omitted. E.g., .LP Allowable primitives are: .IP "\fBdst host \fIhost\fR" -True if the IP destination field of the packet is \fIhost\fP, +True if the IPv4/v6 destination field of the packet is \fIhost\fP, which may be either an address or a name. .IP "\fBsrc host \fIhost\fR" -True if the IP source field of the packet is \fIhost\fP. +True if the IPv4/v6 source field of the packet is \fIhost\fP. .IP "\fBhost \fIhost\fP -True if either the IP source or destination of the packet is \fIhost\fP. +True if either the IPv4/v6 source or destination of the packet is \fIhost\fP. Any of the above host expressions can be prepended with the keywords, -\fBip\fP, \fBarp\fP, or \fBrarp\fP as in: +\fBip\fP, \fBarp\fP, \fBrarp\fP, or \fBip6\fP as in: .in +.5i .nf \fBip host \fIhost\fR @@ -359,24 +392,26 @@ expression is .fi .in -.5i which can be used with either names or numbers for \fIhost / ehost\fP.) +This syntax does not work in IPv6-enabled configuration at this moment. .IP "\fBdst net \fInet\fR" -True if the IP destination address of the packet has a network +True if the IPv4/v6 destination address of the packet has a network number of \fInet\fP. \fINet\fP may be either a name from /etc/networks or a network number (see \fInetworks(4)\fP for details). .IP "\fBsrc net \fInet\fR" -True if the IP source address of the packet has a network +True if the IPv4/v6 source address of the packet has a network number of \fInet\fP. .IP "\fBnet \fInet\fR" -True if either the IP source or destination address of the packet has a network +True if either the IPv4/v6 source or destination address of the packet has a network number of \fInet\fP. .IP "\fBnet \fInet\fR \fBmask \fImask\fR" True if the IP address matches \fInet\fR with the specific netmask. May be qualified with \fBsrc\fR or \fBdst\fR. +Note that this syntax is not valid for IPv6 \fInet\fR. .IP "\fBnet \fInet\fR/\fIlen\fR" -True if the IP address matches \fInet\fR a netmask \fIlen\fR bits wide. +True if the IPv4/v6 address matches \fInet\fR a netmask \fIlen\fR bits wide. May be qualified with \fBsrc\fR or \fBdst\fR. .IP "\fBdst port \fIport\fR" -True if the packet is ip/tcp or ip/udp and has a +True if the packet is ip/tcp, ip/udp, ip6/tcp or ip6/udp and has a destination port value of \fIport\fP. The \fIport\fP can be a number or a name used in /etc/services (see .IR tcp (4P) @@ -423,6 +458,29 @@ of protocol type \fIprotocol\fP. \fIicmp\fP, \fIigrp\fP, \fIudp\fP, \fInd\fP, or \fItcp\fP. Note that the identifiers \fItcp\fP, \fIudp\fP, and \fIicmp\fP are also keywords and must be escaped via backslash (\\), which is \\\\ in the C-shell. +Note that this primitive does not chase protocol header chain. +.IP "\fBip6 proto \fIprotocol\fR" +True if the packet is an IPv6 packet of protocol type \fIprotocol\fP. +Note that this primitive does not chase protocol header chain. +.IP "\fBip6 protochain \fIprotocol\fR" +True if the packet is IPv6 packet, +and contains protocol header with type \fIprotocol\fR +in its protocol header chain. +For example, +.in +.5i +.nf +\fBip6 protochain 6\fR +.fi +.in -.5i +matches any IPv6 packet with TCP protocol header in the protocol header chain. +The packet may contain, for example, +authentication header, routing header, or hop-by-hop option header, +between IPv6 header and TCP header. +The BPF code emitted by this primitive is complex and +cannot be optimized by BPF optimizer code in \fItcpdump\fP, +so this can be somewhat slow. +.IP "\fBip protochain \fIprotocol\fR" +Equivalent to \fBip6 protochain \fIprotocol\fR, but this is for IPv4. .IP "\fBether broadcast\fR" True if the packet is an ethernet broadcast packet. The \fIether\fP keyword is optional. @@ -436,10 +494,12 @@ keyword is optional. This is shorthand for `\fBether[0] & 1 != 0\fP'. .IP "\fBip multicast\fR" True if the packet is an IP multicast packet. +.IP "\fBip6 multicast\fR" +True if the packet is an IPv6 multicast packet. .IP "\fBether proto \fIprotocol\fR" True if the packet is of ether type \fIprotocol\fR. \fIProtocol\fP can be a number or a name like -\fIip\fP, \fIarp\fP, or \fIrarp\fP. +\fIip\fP, \fIip6\fP, \fIarp\fP, or \fIrarp\fP. Note these identifiers are also keywords and must be escaped via backslash (\\). [In the case of FDDI (e.g., `\fBfddi protocol arp\fR'), the @@ -460,7 +520,7 @@ True if the DECNET destination address is .IP "\fBdecnet host \fIhost\fR" True if either the DECNET source or destination address is .IR host . -.IP "\fBip\fR, \fBarp\fR, \fBrarp\fR, \fBdecnet\fR, \fBiso\fR" +.IP "\fBip\fR, \fBip6\fR, \fBarp\fR, \fBrarp\fR, \fBdecnet\fR, \fBiso\fR" Abbreviations for: .in +.5i .nf @@ -482,7 +542,7 @@ Note that Abbreviations for: .in +.5i .nf -\fBip proto \fIp\fR +\fBip proto \fIp\fR\fB or ip6 proto \fIp\fR .fi .in -.5i where \fIp\fR is one of the above protocols. @@ -508,8 +568,10 @@ data inside the packet, use the following syntax: .fi .in -.5i \fIProto\fR is one of \fBether, fddi, -ip, arp, rarp, tcp, udp, \fRor \fBicmp\fR, and +ip, arp, rarp, tcp, udp, icmp\fR or \fBip6\fR, and indicates the protocol layer for the index operation. +Note that \fItcp, udp\fR and other upper-layer protocol types only +apply to IPv4, not IPv6 (this will be fixed in the future). The byte offset, relative to the indicated protocol layer, is given by \fIexpr\fR. \fISize\fR is optional and indicates the number of bytes in the @@ -946,6 +1008,27 @@ to print. Use the \fB\-s\fP flag to increase the snaplen if you need to seriously investigate name server traffic. `\fB\-s 128\fP' has worked well for me. +.HD +SMB/CIFS decoding +.LP +tcpdump now includes fairly extensive SMB/CIFS/NBT decoding for data +on UDP/137, UDP/138 and TCP/139. Some primitive decoding of IPX and +NetBEUI SMB data is also done. + +By default a fairly minimal decode is done, with a much more detailed +decode done if -v is used. Be warned that with -v a single SMB packet +may take up a page or more, so only use -v if you really want all the +gory details. + +If you are decoding SMB sessions containing unicode strings then you +may wish to set the environment variable USE_UNICODE to 1. A patch to +auto-detect unicode srings would be welcome. + +For information on SMB packet formats and what all te fields mean see +www.cifs.org or the pub/samba/specs/ directory on your favourite +samba.org mirror site. The SMB patches were written by Andrew Tridgell +(tridge@samba.org). + .HD NFS Requests and Replies .LP @@ -1019,6 +1102,64 @@ NFS reply packets do not explicitly identify the RPC operation. Instead, \fItcpdump\fP keeps track of ``recent'' requests, and matches them to the replies using the transaction ID. If a reply does not closely follow the corresponding request, it might not be parsable. +.HD +AFS Request and Replies +.LP +Transarc AFS (Andrew File System) requests and replies are printed +as: +.HD +.RS +.nf +.sp .5 +\fIsrc.sport > dst.dport: rx packet-type\fP +\fIsrc.sport > dst.dport: rx packet-type service call call-name args\fP +\fIsrc.sport > dst.dport: rx packet-type service reply call-name args\fP +.sp .5 +\f(CW +elvis.7001 > pike.afsfs: + rx data fs call rename old fid 536876964/1/1 ".newsrc.new" + new fid 536876964/1/1 ".newsrc" +pike.afsfs > elvis.7001: rx data fs reply rename +\fP +.sp .5 +.fi +.RE +In the first line, host elvis sends a RX packet to pike. This was +a RX data packet to the fs (fileserver) service, and is the start of +an RPC call. The RPC call was a rename, with the old directory file id +of 536876964/1/1 and an old filename of `.newsrc.new', and a new directory +file id of 536876964/1/1 and a new filename of `.newsrc'. The host pike +responds with a RPC reply to the rename call (which was successful, because +it was a data packet and not an abort packet). +.LP +In general, all AFS RPCs are decoded at least by RPC call name. Most +AFS RPCs have at least some of the arguments decoded (generally only +the `interesting' arguments, for some definition of interesting). +.LP +The format is intended to be self-describing, but it will probably +not be useful to people who are not familiar with the workings of +AFS and RX. +.LP +If the -v (verbose) flag is given twice, additional information is printed, +such as the the RX call ID, call number, sequence number, serial number, +and the RX packet flags. +.LP +If the -v flag is given again, the security index and service id are printed. +.LP +Error codes are printed for abort packets, with the exception of Ubik +beacon packets (because abort packets are used to signify a yes vote +for the Ubik protocol). +.LP +Note that AFS requests are very large and many of the arguments won't +be printed unless \fIsnaplen\fP is increased. Try using `\fB-s 256\fP' +to watch AFS traffic. +.LP +AFS reply packets do not explicitly identify the RPC operation. Instead, +\fItcpdump\fP keeps track of ``recent'' requests, and matches them to the +replies using the call number and service ID. If a reply does not closely +follow the +corresponding request, it might not be parsable. + .HD KIP Appletalk (DDP in UDP) .LP @@ -1209,6 +1350,9 @@ The current version is available via anonymous ftp: .RS .I ftp://ftp.ee.lbl.gov/tcpdump.tar.Z .RE +.LP +IPv6/IPsec support is added by WIDE/KAME project. +This program uses Eric Young's SSLeay library, under specific configuration. .SH BUGS Please send bug reports to tcpdump@ee.lbl.gov. .LP @@ -1237,3 +1381,14 @@ packets are encapsulated Ethernet packets. This is true for IP, ARP, and DECNET Phase IV, but is not true for protocols such as ISO CLNS. Therefore, the filter may inadvertently accept certain packets that do not properly match the filter expression. +.LP +.BR "ip6 proto" +should chase header chain, but at this moment it does not. +.BR tcp +or +.BR udp +should chase header chain too. +.LP +Arithmetic expression against transport layer headers, like \fBtcp[0]\fP, +does not work against IPv6 packets. +It only looks at IPv4 packets. diff --git a/contrib/tcpdump/tcpdump.c b/contrib/tcpdump/tcpdump.c index 925f52ab646e..daf95fe28950 100644 --- a/contrib/tcpdump/tcpdump.c +++ b/contrib/tcpdump/tcpdump.c @@ -24,7 +24,7 @@ static const char copyright[] = "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997\n\ The Regents of the University of California. All rights reserved.\n"; static const char rcsid[] = - "@(#) $Header: tcpdump.c,v 1.129 97/06/13 13:10:11 leres Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.138.2.1 2000/01/11 07:34:00 fenner Exp $ (LBL)"; #endif /* $FreeBSD$ */ @@ -37,6 +37,10 @@ static const char rcsid[] = * combined efforts of Van, Steve McCanne and Craig Leres of LBL. */ +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #include #include @@ -48,6 +52,10 @@ static const char rcsid[] = #include #include #include +#include + +#include +#include #include "interface.h" #include "addrtoname.h" @@ -64,11 +72,16 @@ int Nflag; /* remove domains from printed host names */ int Oflag = 1; /* run filter code optimizer */ int pflag; /* don't go promiscuous */ int qflag; /* quick (shorter) output */ +int Rflag = 1; /* print sequence # field in AH/ESP*/ +int sflag = 0; /* use the libsmi to translate OIDs */ int Sflag; /* print raw TCP sequence numbers */ int tflag = 1; /* print packet arrival time */ int vflag; /* verbose */ int xflag; /* print packet in hex */ -int Xflag; /* print packet in emacs-hexl style */ +int Xflag; /* print packet in ascii as well as hex */ + +char *ahsecret = NULL; /* AH secret key */ +char *espsecret = NULL; /* ESP secret key */ int packettype; @@ -95,6 +108,12 @@ struct printer { static struct printer printers[] = { { ether_if_print, DLT_EN10MB }, { token_if_print, DLT_IEEE802 }, +#ifdef DLT_LANE8023 + { lane_if_print, DLT_LANE8023 }, +#endif +#ifdef DLT_CIP + { cip_if_print, DLT_CIP }, +#endif { sl_if_print, DLT_SLIP }, { sl_bsdos_if_print, DLT_SLIP_BSDOS }, { ppp_if_print, DLT_PPP }, @@ -103,6 +122,9 @@ static struct printer printers[] = { { null_if_print, DLT_NULL }, { raw_if_print, DLT_RAW }, { atm_if_print, DLT_ATM_RFC1483 }, +#ifdef DLT_CHDLC + { chdlc_if_print, DLT_CHDLC }, +#endif { NULL, 0 }, }; @@ -150,15 +172,28 @@ main(int argc, char **argv) if (abort_on_misalignment(ebuf) < 0) error("%s", ebuf); +#ifdef LIBSMI + smiInit("tcpdump"); +#endif + opterr = 0; while ( - (op = getopt(argc, argv, "ac:defF:i:lnNOpqr:s:StT:vw:xXY")) != EOF) + (op = getopt(argc, argv, "ac:deE:fF:i:lnNm:Opqr:Rs:StT:vw:xXY")) != EOF) switch (op) { case 'a': ++aflag; break; +#if 0 + case 'A': +#ifndef CRYPTO + warning("crypto code not compiled in"); +#endif + ahsecret = optarg; + break; +#endif + case 'c': cnt = atoi(optarg); if (cnt <= 0) @@ -173,6 +208,13 @@ main(int argc, char **argv) ++eflag; break; + case 'E': +#ifndef CRYPTO + warning("crypto code not compiled in"); +#endif + espsecret = optarg; + break; + case 'f': ++fflag; break; @@ -201,6 +243,18 @@ main(int argc, char **argv) ++Nflag; break; + case 'm': +#ifdef LIBSMI + if (smiLoadModule(optarg) == 0) { + error("could not load MIB module %s", optarg); + } + sflag = 1; +#else + (void)fprintf(stderr, "%s: ignoring option `-m %s' ", + program_name, optarg); + (void)fprintf(stderr, "(no libsmi support)\n"); +#endif + case 'O': Oflag = 0; break; @@ -217,6 +271,10 @@ main(int argc, char **argv) RFileName = optarg; break; + case 'R': + Rflag = 0; + break; + case 's': snaplen = atoi(optarg); if (snaplen <= 0) @@ -242,6 +300,8 @@ main(int argc, char **argv) packettype = PT_RTP; else if (strcasecmp(optarg, "rtcp") == 0) packettype = PT_RTCP; + else if (strcasecmp(optarg, "snmp") == 0) + packettype = PT_SNMP; else error("unknown packet type `%s'", optarg); break; @@ -253,6 +313,16 @@ main(int argc, char **argv) case 'w': WFileName = optarg; break; + + case 'x': + ++xflag; + break; + + case 'X': + ++xflag; + ++Xflag; + break; + #ifdef YYDEBUG case 'Y': { @@ -262,15 +332,6 @@ main(int argc, char **argv) } break; #endif - case 'x': - ++xflag; - break; - - case 'X': - ++Xflag; - if (xflag == 0) ++xflag; - break; - default: usage(); /* NOTREACHED */ @@ -446,61 +507,31 @@ default_print_unaligned(register const u_char *cp, register u_int length) register int nshorts; if (Xflag) { - /* dump the buffer in `emacs-hexl' style */ - default_print_hexl(cp, length, 0); - } else { - /* dump the buffer in old tcpdump style */ - nshorts = (u_int) length / sizeof(u_short); - i = 0; - while (--nshorts >= 0) { - if ((i++ % 8) == 0) - (void)printf("\n\t\t\t"); - s = *cp++; - (void)printf(" %02x%02x", s, *cp++); - } - if (length & 1) { - if ((i % 8) == 0) - (void)printf("\n\t\t\t"); - (void)printf(" %02x", *cp); - } + ascii_print(cp, length); + return; + } + nshorts = (u_int) length / sizeof(u_short); + i = 0; + while (--nshorts >= 0) { + if ((i++ % 8) == 0) + (void)printf("\n\t\t\t"); + s = *cp++; + (void)printf(" %02x%02x", s, *cp++); + } + if (length & 1) { + if ((i % 8) == 0) + (void)printf("\n\t\t\t"); + (void)printf(" %02x", *cp); } } /* * By default, print the packet out in hex. - * - * (BTW, please don't send us patches to print the packet out in ascii) */ void default_print(register const u_char *bp, register u_int length) { - register const u_short *sp; - register u_int i; - register int nshorts; - - if (Xflag) { - /* dump the buffer in `emacs-hexl' style */ - default_print_hexl(bp, length, 0); - } else { - /* dump the buffer in old tcpdump style */ - if ((long)bp & 1) { - default_print_unaligned(bp, length); - return; - } - sp = (u_short *)bp; - nshorts = (u_int) length / sizeof(u_short); - i = 0; - while (--nshorts >= 0) { - if ((i++ % 8) == 0) - (void)printf("\n\t\t\t"); - (void)printf(" %04x", ntohs(*sp++)); - } - if (length & 1) { - if ((i % 8) == 0) - (void)printf("\n\t\t\t"); - (void)printf(" %02x", *(u_char *)sp); - } - } + default_print_unaligned(bp, length); } __dead void diff --git a/usr.sbin/tcpdump/tcpdump/Makefile b/usr.sbin/tcpdump/tcpdump/Makefile index 145a03c94f95..4d001231cc4b 100644 --- a/usr.sbin/tcpdump/tcpdump/Makefile +++ b/usr.sbin/tcpdump/tcpdump/Makefile @@ -1,22 +1,23 @@ # $FreeBSD$ PROG= tcpdump -CFLAGS+=-DHAVE_FCNTL_H=1 -DHAVE_NET_SLIP_H=1 -DTIME_WITH_SYS_TIME=1 \ - -DHAVE_ETHER_NTOHOST=1 -DHAVE_SETLINEBUF=1 -DSTDC_HEADERS=1 \ - -DRETSIGTYPE=void -DRETSIGVAL= -DHAVE_SOCKADDR_SA_LEN=1 \ - -DHAVE_TM_GMTOFF=1 -DLBL_ALIGN=1 -DPPP -DHAVE_FDDI +CFLAGS+=-DHAVE_CONFIG_H -I${.CURDIR} MAN1= tcpdump.1 SRCS = version.c tcpdump.c \ - print-arp.c print-atalk.c print-atm.c print-fr.c print-bootp.c \ - print-decnet.c print-domain.c print-dvmrp.c print-egp.c \ - print-ether.c print-fddi.c print-gre.c print-icmp.c \ - print-igrp.c print-ip.c print-ipx.c print-isoclns.c print-krb.c \ - print-llc.c print-nfs.c print-ntp.c print-null.c print-ospf.c \ - print-pim.c print-ppp.c print-raw.c print-rip.c print-sl.c \ - print-snmp.c print-sunrpc.c print-tcp.c print-tftp.c print-udp.c \ - print-wb.c \ addrtoname.c bpf_dump.c gmt2local.c machdep.c parsenfsfh.c \ - setsignal.c savestr.c util.c print-token.c + print-ah.c print-arp.c print-ascii.c print-atalk.c print-atm.c \ + print-bgp.c print-bootp.c print-chdlc.c print-cip.c print-decnet.c \ + print-dhcp6.c print-domain.c print-dvmrp.c print-egp.c print-esp.c \ + print-ether.c print-fddi.c print-frag6.c print-gre.c print-icmp.c \ + print-icmp6.c print-igrp.c print-ip.c print-ip6.c print-ip6opts.c \ + print-ipcomp.c print-ipx.c print-isakmp.c print-isoclns.c print-krb.c \ + print-l2tp.c print-lane.c print-lcp.c print-llc.c print-mobile.c \ + print-nfs.c print-ntp.c print-null.c print-ospf.c print-ospf6.c \ + print-pim.c print-ppp.c print-pppoe.c print-raw.c print-rip.c \ + print-ripng.c print-rt6.c print-rx.c print-sl.c print-smb.c \ + print-snmp.c print-sunrpc.c print-tcp.c print-telnet.c print-tftp.c \ + print-token.c print-udp.c print-vjc.c print-wb.c \ + savestr.c setsignal.c smbutil.c util.c CLEANFILES+= version.c DPADD+= ${LIBL} ${LIBPCAP} LDADD+= -ll -lpcap diff --git a/usr.sbin/tcpdump/tcpdump/config.h b/usr.sbin/tcpdump/tcpdump/config.h new file mode 100644 index 000000000000..12eabbb04c35 --- /dev/null +++ b/usr.sbin/tcpdump/tcpdump/config.h @@ -0,0 +1,223 @@ +/* $FreeBSD$ */ + +/* config.h. Generated automatically by configure. */ +/* config.h.in. Generated automatically from configure.in by autoheader. */ +/* "generated automatically" means DO NOT MAKE CHANGES TO config.h.in -- + * make them to acconfig.h and rerun autoheader */ + +/* Define to empty if the keyword does not work. */ +/* #undef const */ + +/* Define as __inline if that's what the C compiler calls it. */ +/* #undef inline */ + +/* Define as the return type of signal handlers (int or void). */ +#define RETSIGTYPE void + +/* Define if you can safely include both and . */ +#define TIME_WITH_SYS_TIME 1 + +/* Define if your processor stores words with the most significant + byte first (like Motorola and SPARC, unlike Intel and VAX). */ +/* #undef WORDS_BIGENDIAN */ + +/* Define if you have SSLeay XXX why isn't this HAVE_LIBCRYPTO? */ +/* #undef CRYPTO */ + +/* Define if you have SSLeay 0.9.0b with the buggy cast128. */ +/* #undef HAVE_BUGGY_CAST128 */ + +/* Define both to enable IPv6 support XXX why 2? ENABLE_IPV6 is not used. */ +#define ENABLE_IPV6 1 +#define INET6 1 + +/* Define if you enable support for the libsmi. */ +/* #undef LIBSMI */ + +/* Is T_AAAA predefined? */ +#define HAVE_AAAA 1 + +/* Fallback definition if not in headers */ +/* XXX why is this not #ifndef HAVE_AAA #define T_AAAA ... ? */ +/* XXX or even #ifndef T_AAAA ... */ +/* #undef T_AAAA */ + +/* define if you have struct __res_state_ext */ +#define HAVE_RES_STATE_EXT 1 + +/* define if your struct __res_state has the nsort member */ +#define HAVE_NEW_RES_STATE 1 + +/* + * define if struct ether_header.ether_dhost is a struct with ether_addr_octet + */ +/* #undef ETHER_HEADER_HAS_EA */ + +/* + * define if struct ether_arp.arp_sha is a struct with ether_addr_octet + */ +/* #undef ETHER_ARP_HAS_EA */ + +/* define if struct ether_arp contains arp_xsha */ +/* #undef ETHER_ARP_HAS_X */ + +/* define if you have the addrinfo function. */ +#define HAVE_ADDRINFO 1 + +/* define if you need to include missing/addrinfoh.h. */ +/* #undef NEED_ADDRINFO_H */ + +/* define ifyou have the h_errno variable. */ +#define HAVE_H_ERRNO 1 + +/* define if IN6ADDRSZ is defined (XXX not used!) */ +#define HAVE_IN6ADDRSZ 1 + +/* define if INADDRSZ is defined (XXX not used!) */ +#define HAVE_INADDRSZ 1 + +/* define if you have */ +#define HAVE_NET_SLIP_H 1 + +/* define if this is a development version, to use additional prototypes. */ +/* #undef HAVE_OS_PROTO_H */ + +/* define if defines __P() */ +#define HAVE_PORTABLE_PROTOTYPE 1 + +/* define if RES_USE_INET6 is defined */ +#define HAVE_RES_USE_INET6 1 + +/* define if struct sockaddr has the sa_len member */ +#define HAVE_SOCKADDR_SA_LEN 1 + +/* define if you have struct sockaddr_storage */ +#define HAVE_SOCKADDR_STORAGE 1 + +/* define if unaligned memory accesses fail */ +/* #undef LBL_ALIGN */ + +/* The successful return value from signal (?)XXX */ +#define RETSIGVAL + +/* Define this on IRIX */ +/* #undef _BSD_SIGNALS */ + +/* For HP/UX ANSI compiler? */ +/* #undef _HPUX_SOURCE */ + +/* AIX hack. */ +/* #undef _SUN */ + +/* OSF hack: "Workaround around ip_hl vs. ip_vhl problem in netinet/ip.h" */ +/* #undef __STDC__ */ + +/* Workaround for missing sized types */ +/* XXX this should move to the more standard uint*_t */ +/* #undef int16_t */ +/* #undef int32_t */ +/* #undef u_int16_t */ +/* #undef u_int32_t */ +/* #undef u_int8_t */ + +/* The number of bytes in a char. */ +#define SIZEOF_CHAR 1 + +/* The number of bytes in a int. */ +#define SIZEOF_INT 4 + +/* The number of bytes in a long. */ +#define SIZEOF_LONG 4 + +/* The number of bytes in a short. */ +#define SIZEOF_SHORT 2 + +/* Define if you have the ether_ntohost function. */ +#define HAVE_ETHER_NTOHOST 1 + +/* Define if you have the getaddrinfo function. */ +#define HAVE_GETADDRINFO 1 + +/* Define if you have the gethostbyname2 function. */ +#define HAVE_GETHOSTBYNAME2 1 + +/* Define if you have the getnameinfo function. */ +#define HAVE_GETNAMEINFO 1 + +/* Define if you have the inet_aton function. */ +#define HAVE_INET_ATON 1 + +/* Define if you have the inet_ntop function. */ +#define HAVE_INET_NTOP 1 + +/* Define if you have the inet_pton function. */ +#define HAVE_INET_PTON 1 + +/* Define if you have the pfopen function. */ +/* #undef HAVE_PFOPEN */ + +/* Define if you have the setlinebuf function. */ +#define HAVE_SETLINEBUF 1 + +/* Define if you have the sigaction function. */ +#define HAVE_SIGACTION 1 + +/* Define if you have the sigset function. */ +/* #undef HAVE_SIGSET */ + +/* Define if you have the strcasecmp function. */ +#define HAVE_STRCASECMP 1 + +/* Define if you have the vfprintf function. */ +#define HAVE_VFPRINTF 1 + +/* Define if you have the header file. */ +/* #undef HAVE_CAST_H */ + +/* Define if you have the header file. */ +#define HAVE_FCNTL_H 1 + +/* Define if you have the header file. */ +/* #undef HAVE_MALLOC_H */ + +/* Define if you have the header file. */ +#define HAVE_MEMORY_H 1 + +/* Define if you have the header file. */ +#define HAVE_NET_SLIP_H 1 + +/* Define if you have the header file. */ +/* #undef HAVE_RC5_H */ + +/* Define if you have the header file. */ +/* #undef HAVE_RPC_RPCENT_H */ + +/* Define if you have the header file. */ +/* #undef HAVE_SMI_H */ + +/* Define if you have the header file. */ +#define HAVE_ZLIB_H 1 + +/* Define if you have the crypto library (-lcrypto). */ +/* #undef HAVE_LIBCRYPTO */ + +/* Define if you have the dnet library (-ldnet). */ +/* #undef HAVE_LIBDNET */ + +/* Define if you have the resolv library (-lresolv). */ +/* #undef HAVE_LIBRESOLV */ + +/* Define if you have the rpc library (-lrpc). */ +/* #undef HAVE_LIBRPC */ + +/* Define if you have the smi library (-lsmi). */ +/* #undef HAVE_LIBSMI */ + +/* Define if you have the socket library (-lsocket). */ +/* #undef HAVE_LIBSOCKET */ + +/* Define if you have the str library (-lstr). */ +/* #undef HAVE_LIBSTR */ + +/* Define if you have the z library (-lz). */ +#define HAVE_LIBZ 1