2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22 * complete PPP support.
25 /* \summary: Point to Point Protocol (PPP) printer */
29 * o resolve XXX as much as possible
38 #include <netdissect-stdinc.h>
41 #include <net/slcompress.h>
42 #include <net/if_ppp.h>
47 #include "netdissect.h"
49 #include "addrtoname.h"
52 #include "ethertype.h"
56 * The following constatns are defined by IANA. Please refer to
57 * http://www.isi.edu/in-notes/iana/assignments/ppp-numbers
58 * for the up-to-date information.
61 /* Protocol Codes defined in ppp.h */
63 static const struct tok ppptype2str[] = {
67 { PPP_DECNET, "DECNET" },
68 { PPP_APPLE, "APPLE" },
70 { PPP_VJC, "VJC IP" },
71 { PPP_VJNC, "VJNC IP" },
72 { PPP_BRPDU, "BRPDU" },
74 { PPP_VINES, "VINES" },
75 { PPP_MPLS_UCAST, "MPLS" },
76 { PPP_MPLS_MCAST, "MPLS" },
77 { PPP_COMP, "Compressed"},
81 { PPP_HELLO, "HELLO" },
82 { PPP_LUXCOM, "LUXCOM" },
85 { PPP_OSICP, "OSICP" },
87 { PPP_DECNETCP, "DECNETCP" },
88 { PPP_APPLECP, "APPLECP" },
89 { PPP_IPXCP, "IPXCP" },
90 { PPP_STIICP, "STIICP" },
91 { PPP_VINESCP, "VINESCP" },
92 { PPP_IPV6CP, "IP6CP" },
93 { PPP_MPLSCP, "MPLSCP" },
100 { PPP_SPAP, "SPAP" },
101 { PPP_SPAP_OLD, "Old-SPAP" },
102 { PPP_BACP, "BACP" },
104 { PPP_MPCP, "MLPPP-CP" },
109 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
111 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
112 #define CPCODES_CONF_REQ 1 /* Configure-Request */
113 #define CPCODES_CONF_ACK 2 /* Configure-Ack */
114 #define CPCODES_CONF_NAK 3 /* Configure-Nak */
115 #define CPCODES_CONF_REJ 4 /* Configure-Reject */
116 #define CPCODES_TERM_REQ 5 /* Terminate-Request */
117 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */
118 #define CPCODES_CODE_REJ 7 /* Code-Reject */
119 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
120 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
121 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
122 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
123 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
124 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
125 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
126 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
128 static const struct tok cpcodes[] = {
129 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
130 {CPCODES_CONF_REQ, "Conf-Request"},
131 {CPCODES_CONF_ACK, "Conf-Ack"},
132 {CPCODES_CONF_NAK, "Conf-Nack"},
133 {CPCODES_CONF_REJ, "Conf-Reject"},
134 {CPCODES_TERM_REQ, "Term-Request"},
135 {CPCODES_TERM_ACK, "Term-Ack"},
136 {CPCODES_CODE_REJ, "Code-Reject"},
137 {CPCODES_PROT_REJ, "Prot-Reject"},
138 {CPCODES_ECHO_REQ, "Echo-Request"},
139 {CPCODES_ECHO_RPL, "Echo-Reply"},
140 {CPCODES_DISC_REQ, "Disc-Req"},
141 {CPCODES_ID, "Ident"}, /* RFC1570 */
142 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
143 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
144 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
148 /* LCP Config Options */
150 #define LCPOPT_VEXT 0
152 #define LCPOPT_ACCM 2
156 #define LCPOPT_DEP6 6
158 #define LCPOPT_ACFC 8
159 #define LCPOPT_FCSALT 9
160 #define LCPOPT_SDP 10
161 #define LCPOPT_NUMMODE 11
162 #define LCPOPT_DEP12 12
163 #define LCPOPT_CBACK 13
164 #define LCPOPT_DEP14 14
165 #define LCPOPT_DEP15 15
166 #define LCPOPT_DEP16 16
167 #define LCPOPT_MLMRRU 17
168 #define LCPOPT_MLSSNHF 18
169 #define LCPOPT_MLED 19
170 #define LCPOPT_PROP 20
171 #define LCPOPT_DCEID 21
172 #define LCPOPT_MPP 22
174 #define LCPOPT_LCPAOPT 24
175 #define LCPOPT_COBS 25
177 #define LCPOPT_MLHF 27
178 #define LCPOPT_I18N 28
179 #define LCPOPT_SDLOS 29
180 #define LCPOPT_PPPMUX 30
182 #define LCPOPT_MIN LCPOPT_VEXT
183 #define LCPOPT_MAX LCPOPT_PPPMUX
185 static const char *lcpconfopts[] = {
186 "Vend-Ext", /* (0) */
189 "Auth-Prot", /* (3) */
190 "Qual-Prot", /* (4) */
191 "Magic-Num", /* (5) */
192 "deprecated(6)", /* used to be a Quality Protocol */
197 "Num-Mode", /* (11) */
198 "deprecated(12)", /* used to be a Multi-Link-Procedure*/
199 "Call-Back", /* (13) */
200 "deprecated(14)", /* used to be a Connect-Time */
201 "deprecated(15)", /* used to be a Compund-Frames */
202 "deprecated(16)", /* used to be a Nominal-Data-Encap */
204 "12-Bit seq #", /* (18) */
205 "End-Disc", /* (19) */
206 "Proprietary", /* (20) */
209 "Link-Disc", /* (23) */
210 "LCP-Auth-Opt", /* (24) */
212 "Prefix-elision", /* (26) */
213 "Multilink-header-Form",/* (27) */
215 "SDL-over-SONET/SDH", /* (29) */
216 "PPP-Muxing", /* (30) */
219 /* ECP - to be supported */
221 /* CCP Config Options */
223 #define CCPOPT_OUI 0 /* RFC1962 */
224 #define CCPOPT_PRED1 1 /* RFC1962 */
225 #define CCPOPT_PRED2 2 /* RFC1962 */
226 #define CCPOPT_PJUMP 3 /* RFC1962 */
227 /* 4-15 unassigned */
228 #define CCPOPT_HPPPC 16 /* RFC1962 */
229 #define CCPOPT_STACLZS 17 /* RFC1974 */
230 #define CCPOPT_MPPC 18 /* RFC2118 */
231 #define CCPOPT_GFZA 19 /* RFC1962 */
232 #define CCPOPT_V42BIS 20 /* RFC1962 */
233 #define CCPOPT_BSDCOMP 21 /* RFC1977 */
235 #define CCPOPT_LZSDCP 23 /* RFC1967 */
236 #define CCPOPT_MVRCA 24 /* RFC1975 */
237 #define CCPOPT_DEC 25 /* RFC1976 */
238 #define CCPOPT_DEFLATE 26 /* RFC1979 */
239 /* 27-254 unassigned */
240 #define CCPOPT_RESV 255 /* RFC1962 */
242 static const struct tok ccpconfopts_values[] = {
243 { CCPOPT_OUI, "OUI" },
244 { CCPOPT_PRED1, "Pred-1" },
245 { CCPOPT_PRED2, "Pred-2" },
246 { CCPOPT_PJUMP, "Puddle" },
247 { CCPOPT_HPPPC, "HP-PPC" },
248 { CCPOPT_STACLZS, "Stac-LZS" },
249 { CCPOPT_MPPC, "MPPC" },
250 { CCPOPT_GFZA, "Gand-FZA" },
251 { CCPOPT_V42BIS, "V.42bis" },
252 { CCPOPT_BSDCOMP, "BSD-Comp" },
253 { CCPOPT_LZSDCP, "LZS-DCP" },
254 { CCPOPT_MVRCA, "MVRCA" },
255 { CCPOPT_DEC, "DEC" },
256 { CCPOPT_DEFLATE, "Deflate" },
257 { CCPOPT_RESV, "Reserved"},
261 /* BACP Config Options */
263 #define BACPOPT_FPEER 1 /* RFC2125 */
265 static const struct tok bacconfopts_values[] = {
266 { BACPOPT_FPEER, "Favored-Peer" },
271 /* SDCP - to be supported */
273 /* IPCP Config Options */
274 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
275 #define IPCPOPT_IPCOMP 2 /* RFC1332 */
276 #define IPCPOPT_ADDR 3 /* RFC1332 */
277 #define IPCPOPT_MOBILE4 4 /* RFC2290 */
278 #define IPCPOPT_PRIDNS 129 /* RFC1877 */
279 #define IPCPOPT_PRINBNS 130 /* RFC1877 */
280 #define IPCPOPT_SECDNS 131 /* RFC1877 */
281 #define IPCPOPT_SECNBNS 132 /* RFC1877 */
283 static const struct tok ipcpopt_values[] = {
284 { IPCPOPT_2ADDR, "IP-Addrs" },
285 { IPCPOPT_IPCOMP, "IP-Comp" },
286 { IPCPOPT_ADDR, "IP-Addr" },
287 { IPCPOPT_MOBILE4, "Home-Addr" },
288 { IPCPOPT_PRIDNS, "Pri-DNS" },
289 { IPCPOPT_PRINBNS, "Pri-NBNS" },
290 { IPCPOPT_SECDNS, "Sec-DNS" },
291 { IPCPOPT_SECNBNS, "Sec-NBNS" },
295 #define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */
296 #define IPCPOPT_IPCOMP_MINLEN 14
298 static const struct tok ipcpopt_compproto_values[] = {
299 { PPP_VJC, "VJ-Comp" },
300 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
304 static const struct tok ipcpopt_compproto_subopt_values[] = {
305 { 1, "RTP-Compression" },
306 { 2, "Enhanced RTP-Compression" },
310 /* IP6CP Config Options */
313 static const struct tok ip6cpopt_values[] = {
314 { IP6CP_IFID, "Interface-ID" },
318 /* ATCP - to be supported */
319 /* OSINLCP - to be supported */
320 /* BVCP - to be supported */
321 /* BCP - to be supported */
322 /* IPXCP - to be supported */
323 /* MPLSCP - to be supported */
325 /* Auth Algorithms */
327 /* 0-4 Reserved (RFC1994) */
328 #define AUTHALG_CHAPMD5 5 /* RFC1994 */
329 #define AUTHALG_MSCHAP1 128 /* RFC2433 */
330 #define AUTHALG_MSCHAP2 129 /* RFC2795 */
332 static const struct tok authalg_values[] = {
333 { AUTHALG_CHAPMD5, "MD5" },
334 { AUTHALG_MSCHAP1, "MS-CHAPv1" },
335 { AUTHALG_MSCHAP2, "MS-CHAPv2" },
339 /* FCS Alternatives - to be supported */
341 /* Multilink Endpoint Discriminator (RFC1717) */
342 #define MEDCLASS_NULL 0 /* Null Class */
343 #define MEDCLASS_LOCAL 1 /* Locally Assigned */
344 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
345 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
346 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */
347 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
349 /* PPP LCP Callback */
350 #define CALLBACK_AUTH 0 /* Location determined by user auth */
351 #define CALLBACK_DSTR 1 /* Dialing string */
352 #define CALLBACK_LID 2 /* Location identifier */
353 #define CALLBACK_E164 3 /* E.164 number */
354 #define CALLBACK_X500 4 /* X.500 distinguished name */
355 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
357 static const struct tok ppp_callback_values[] = {
358 { CALLBACK_AUTH, "UserAuth" },
359 { CALLBACK_DSTR, "DialString" },
360 { CALLBACK_LID, "LocalID" },
361 { CALLBACK_E164, "E.164" },
362 { CALLBACK_X500, "X.500" },
363 { CALLBACK_CBCP, "CBCP" },
374 static const struct tok chapcode_values[] = {
375 { CHAP_CHAL, "Challenge" },
376 { CHAP_RESP, "Response" },
377 { CHAP_SUCC, "Success" },
378 { CHAP_FAIL, "Fail" },
388 static const struct tok papcode_values[] = {
389 { PAP_AREQ, "Auth-Req" },
390 { PAP_AACK, "Auth-ACK" },
391 { PAP_ANAK, "Auth-NACK" },
396 #define BAP_CALLREQ 1
397 #define BAP_CALLRES 2
405 static int print_lcp_config_options(netdissect_options *, const u_char *p, int);
406 static int print_ipcp_config_options(netdissect_options *, const u_char *p, int);
407 static int print_ip6cp_config_options(netdissect_options *, const u_char *p, int);
408 static int print_ccp_config_options(netdissect_options *, const u_char *p, int);
409 static int print_bacp_config_options(netdissect_options *, const u_char *p, int);
410 static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, int length);
412 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
414 handle_ctrl_proto(netdissect_options *ndo,
415 u_int proto, const u_char *pptr, int length)
419 int (*pfunc)(netdissect_options *, const u_char *, int);
425 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
426 ND_PRINT((ndo, "%s, ", typestr));
428 if (length < 4) /* FIXME weak boundary checking */
430 ND_TCHECK2(*tptr, 2);
434 ND_PRINT((ndo, "%s (0x%02x), id %u, length %u",
435 tok2str(cpcodes, "Unknown Opcode",code),
444 return; /* there may be a NULL confreq etc. */
446 ND_TCHECK2(*tptr, 2);
447 len = EXTRACT_16BITS(tptr);
450 ND_PRINT((ndo, "\n\tencoded length %u (=Option(s) length %u)", len, len - 4));
452 if (ndo->ndo_vflag > 1)
453 print_unknown_data(ndo, pptr - 2, "\n\t", 6);
460 ND_TCHECK2(*tptr, 4);
461 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
463 ND_TCHECK2(*tptr, 3);
464 ND_PRINT((ndo, " Vendor: %s (%u)",
465 tok2str(oui_values,"Unknown",EXTRACT_24BITS(tptr)),
466 EXTRACT_24BITS(tptr)));
467 /* XXX: need to decode Kind and Value(s)? */
469 case CPCODES_CONF_REQ:
470 case CPCODES_CONF_ACK:
471 case CPCODES_CONF_NAK:
472 case CPCODES_CONF_REJ:
473 x = len - 4; /* Code(1), Identifier(1) and Length(2) */
477 pfunc = print_lcp_config_options;
480 pfunc = print_ipcp_config_options;
483 pfunc = print_ip6cp_config_options;
486 pfunc = print_ccp_config_options;
489 pfunc = print_bacp_config_options;
493 * No print routine for the options for
500 if (pfunc == NULL) /* catch the above null pointer if unknown CP */
503 if ((j = (*pfunc)(ndo, tptr, len)) == 0)
510 case CPCODES_TERM_REQ:
511 case CPCODES_TERM_ACK:
512 /* XXX: need to decode Data? */
514 case CPCODES_CODE_REJ:
515 /* XXX: need to decode Rejected-Packet? */
517 case CPCODES_PROT_REJ:
520 ND_TCHECK2(*tptr, 2);
521 ND_PRINT((ndo, "\n\t Rejected %s Protocol (0x%04x)",
522 tok2str(ppptype2str,"unknown", EXTRACT_16BITS(tptr)),
523 EXTRACT_16BITS(tptr)));
524 /* XXX: need to decode Rejected-Information? - hexdump for now */
526 ND_PRINT((ndo, "\n\t Rejected Packet"));
527 print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2);
530 case CPCODES_ECHO_REQ:
531 case CPCODES_ECHO_RPL:
532 case CPCODES_DISC_REQ:
535 ND_TCHECK2(*tptr, 4);
536 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
537 /* XXX: need to decode Data? - hexdump for now */
539 ND_PRINT((ndo, "\n\t -----trailing data-----"));
540 ND_TCHECK2(tptr[4], len - 8);
541 print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8);
547 ND_TCHECK2(*tptr, 4);
548 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
549 /* RFC 1661 says this is intended to be human readable */
551 ND_PRINT((ndo, "\n\t Message\n\t "));
552 if (fn_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend))
556 case CPCODES_TIME_REM:
559 ND_TCHECK2(*tptr, 4);
560 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
561 ND_TCHECK2(*(tptr + 4), 4);
562 ND_PRINT((ndo, ", Seconds-Remaining %us", EXTRACT_32BITS(tptr + 4)));
563 /* XXX: need to decode Message? */
566 /* XXX this is dirty but we do not get the
567 * original pointer passed to the begin
569 if (ndo->ndo_vflag <= 1)
570 print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2);
576 ND_PRINT((ndo, "[|%s]", typestr));
579 /* LCP config options */
581 print_lcp_config_options(netdissect_options *ndo,
582 const u_char *p, int length)
594 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
595 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
596 lcpconfopts[opt], opt, len));
598 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
601 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
602 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len));
604 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
611 ND_PRINT((ndo, " (length bogus, should be >= 6)"));
614 ND_TCHECK_24BITS(p + 2);
615 ND_PRINT((ndo, ": Vendor: %s (%u)",
616 tok2str(oui_values,"Unknown",EXTRACT_24BITS(p+2)),
617 EXTRACT_24BITS(p + 2)));
620 ND_PRINT((ndo, ", kind: 0x%02x", p[5]));
621 ND_PRINT((ndo, ", Value: 0x"));
622 for (i = 0; i < len - 6; i++) {
624 ND_PRINT((ndo, "%02x", p[6 + i]));
630 ND_PRINT((ndo, " (length bogus, should be = 4)"));
633 ND_TCHECK_16BITS(p + 2);
634 ND_PRINT((ndo, ": %u", EXTRACT_16BITS(p + 2)));
638 ND_PRINT((ndo, " (length bogus, should be = 6)"));
641 ND_TCHECK_32BITS(p + 2);
642 ND_PRINT((ndo, ": 0x%08x", EXTRACT_32BITS(p + 2)));
646 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
649 ND_TCHECK_16BITS(p + 2);
650 ND_PRINT((ndo, ": %s", tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", EXTRACT_16BITS(p + 2))));
652 switch (EXTRACT_16BITS(p+2)) {
655 ND_PRINT((ndo, ", %s", tok2str(authalg_values, "Unknown Auth Alg %u", p[4])));
657 case PPP_PAP: /* fall through */
663 print_unknown_data(ndo, p, "\n\t", len);
668 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
671 ND_TCHECK_16BITS(p+2);
672 if (EXTRACT_16BITS(p+2) == PPP_LQM)
673 ND_PRINT((ndo, ": LQR"));
675 ND_PRINT((ndo, ": unknown"));
679 ND_PRINT((ndo, " (length bogus, should be = 6)"));
682 ND_TCHECK_32BITS(p + 2);
683 ND_PRINT((ndo, ": 0x%08x", EXTRACT_32BITS(p + 2)));
691 ND_PRINT((ndo, " (length bogus, should be = 4)"));
694 ND_TCHECK_16BITS(p + 2);
695 ND_PRINT((ndo, ": 0x%04x", EXTRACT_16BITS(p + 2)));
699 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
702 ND_PRINT((ndo, ": "));
704 ND_PRINT((ndo, ": Callback Operation %s (%u)",
705 tok2str(ppp_callback_values, "Unknown", p[2]),
710 ND_PRINT((ndo, " (length bogus, should be = 4)"));
713 ND_TCHECK_16BITS(p + 2);
714 ND_PRINT((ndo, ": %u", EXTRACT_16BITS(p + 2)));
718 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
722 switch (p[2]) { /* class */
724 ND_PRINT((ndo, ": Null"));
727 ND_PRINT((ndo, ": Local")); /* XXX */
731 ND_PRINT((ndo, " (length bogus, should be = 7)"));
734 ND_TCHECK2(*(p + 3), 4);
735 ND_PRINT((ndo, ": IPv4 %s", ipaddr_string(ndo, p + 3)));
739 ND_PRINT((ndo, " (length bogus, should be = 9)"));
742 ND_TCHECK2(*(p + 3), 6);
743 ND_PRINT((ndo, ": MAC %s", etheraddr_string(ndo, p + 3)));
746 ND_PRINT((ndo, ": Magic-Num-Block")); /* XXX */
749 ND_PRINT((ndo, ": PSNDN")); /* XXX */
752 ND_PRINT((ndo, ": Unknown class %u", p[2]));
757 /* XXX: to be supported */
782 * Unknown option; dump it as raw bytes now if we're
783 * not going to do so below.
785 if (ndo->ndo_vflag < 2)
786 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
790 if (ndo->ndo_vflag > 1)
791 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
796 ND_PRINT((ndo, "[|lcp]"));
801 static const struct tok ppp_ml_flag_values[] = {
808 handle_mlppp(netdissect_options *ndo,
809 const u_char *p, int length)
812 ND_PRINT((ndo, "MLPPP, "));
815 ND_PRINT((ndo, "[|mlppp]"));
818 if (!ND_TTEST_16BITS(p)) {
819 ND_PRINT((ndo, "[|mlppp]"));
823 ND_PRINT((ndo, "seq 0x%03x, Flags [%s], length %u",
824 (EXTRACT_16BITS(p))&0x0fff, /* only support 12-Bit sequence space for now */
825 bittok2str(ppp_ml_flag_values, "none", *p & 0xc0),
831 handle_chap(netdissect_options *ndo,
832 const u_char *p, int length)
835 int val_size, name_size, msg_size;
841 ND_PRINT((ndo, "[|chap]"));
843 } else if (length < 4) {
845 ND_PRINT((ndo, "[|chap 0x%02x]", *p));
851 ND_PRINT((ndo, "CHAP, %s (0x%02x)",
852 tok2str(chapcode_values,"unknown",code),
857 ND_PRINT((ndo, ", id %u", *p)); /* ID */
861 len = EXTRACT_16BITS(p);
865 * Note that this is a generic CHAP decoding routine. Since we
866 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
867 * MS-CHAPv2) is used at this point, we can't decode packet
868 * specifically to each algorithms. Instead, we simply decode
869 * the GCD (Gratest Common Denominator) for all algorithms.
874 if (length - (p - p0) < 1)
877 val_size = *p; /* value size */
879 if (length - (p - p0) < val_size)
881 ND_PRINT((ndo, ", Value "));
882 for (i = 0; i < val_size; i++) {
884 ND_PRINT((ndo, "%02x", *p++));
886 name_size = len - (p - p0);
887 ND_PRINT((ndo, ", Name "));
888 for (i = 0; i < name_size; i++) {
890 safeputchar(ndo, *p++);
895 msg_size = len - (p - p0);
896 ND_PRINT((ndo, ", Msg "));
897 for (i = 0; i< msg_size; i++) {
899 safeputchar(ndo, *p++);
906 ND_PRINT((ndo, "[|chap]"));
909 /* PAP (see RFC 1334) */
911 handle_pap(netdissect_options *ndo,
912 const u_char *p, int length)
915 int peerid_len, passwd_len, msg_len;
921 ND_PRINT((ndo, "[|pap]"));
923 } else if (length < 4) {
925 ND_PRINT((ndo, "[|pap 0x%02x]", *p));
931 ND_PRINT((ndo, "PAP, %s (0x%02x)",
932 tok2str(papcode_values, "unknown", code),
937 ND_PRINT((ndo, ", id %u", *p)); /* ID */
941 len = EXTRACT_16BITS(p);
944 if ((int)len > length) {
945 ND_PRINT((ndo, ", length %u > packet size", len));
949 if (length < (p - p0)) {
950 ND_PRINT((ndo, ", length %u < PAP header length", length));
956 /* A valid Authenticate-Request is 6 or more octets long. */
959 if (length - (p - p0) < 1)
962 peerid_len = *p; /* Peer-ID Length */
964 if (length - (p - p0) < peerid_len)
966 ND_PRINT((ndo, ", Peer "));
967 for (i = 0; i < peerid_len; i++) {
969 safeputchar(ndo, *p++);
972 if (length - (p - p0) < 1)
975 passwd_len = *p; /* Password Length */
977 if (length - (p - p0) < passwd_len)
979 ND_PRINT((ndo, ", Name "));
980 for (i = 0; i < passwd_len; i++) {
982 safeputchar(ndo, *p++);
987 /* Although some implementations ignore truncation at
988 * this point and at least one generates a truncated
989 * packet, RFC 1334 section 2.2.2 clearly states that
990 * both AACK and ANAK are at least 5 bytes long.
994 if (length - (p - p0) < 1)
997 msg_len = *p; /* Msg-Length */
999 if (length - (p - p0) < msg_len)
1001 ND_PRINT((ndo, ", Msg "));
1002 for (i = 0; i< msg_len; i++) {
1004 safeputchar(ndo, *p++);
1011 ND_PRINT((ndo, "[|pap]"));
1016 handle_bap(netdissect_options *ndo _U_,
1017 const u_char *p _U_, int length _U_)
1019 /* XXX: to be supported!! */
1023 /* IPCP config options */
1025 print_ipcp_config_options(netdissect_options *ndo,
1026 const u_char *p, int length)
1029 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
1039 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1040 tok2str(ipcpopt_values,"unknown",opt),
1046 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1047 tok2str(ipcpopt_values,"unknown",opt),
1052 case IPCPOPT_2ADDR: /* deprecated */
1054 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1057 ND_TCHECK2(*(p + 6), 4);
1058 ND_PRINT((ndo, ": src %s, dst %s",
1059 ipaddr_string(ndo, p + 2),
1060 ipaddr_string(ndo, p + 6)));
1062 case IPCPOPT_IPCOMP:
1064 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1067 ND_TCHECK_16BITS(p+2);
1068 compproto = EXTRACT_16BITS(p+2);
1070 ND_PRINT((ndo, ": %s (0x%02x):",
1071 tok2str(ipcpopt_compproto_values, "Unknown", compproto),
1074 switch (compproto) {
1076 /* XXX: VJ-Comp parameters should be decoded */
1078 case IPCPOPT_IPCOMP_HDRCOMP:
1079 if (len < IPCPOPT_IPCOMP_MINLEN) {
1080 ND_PRINT((ndo, " (length bogus, should be >= %u)",
1081 IPCPOPT_IPCOMP_MINLEN));
1085 ND_TCHECK2(*(p + 2), IPCPOPT_IPCOMP_MINLEN);
1086 ND_PRINT((ndo, "\n\t TCP Space %u, non-TCP Space %u" \
1087 ", maxPeriod %u, maxTime %u, maxHdr %u",
1088 EXTRACT_16BITS(p+4),
1089 EXTRACT_16BITS(p+6),
1090 EXTRACT_16BITS(p+8),
1091 EXTRACT_16BITS(p+10),
1092 EXTRACT_16BITS(p+12)));
1094 /* suboptions present ? */
1095 if (len > IPCPOPT_IPCOMP_MINLEN) {
1096 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
1097 p += IPCPOPT_IPCOMP_MINLEN;
1099 ND_PRINT((ndo, "\n\t Suboptions, length %u", ipcomp_subopttotallen));
1101 while (ipcomp_subopttotallen >= 2) {
1104 ipcomp_suboptlen = *(p+1);
1107 if (ipcomp_subopt == 0 ||
1108 ipcomp_suboptlen == 0 )
1111 /* XXX: just display the suboptions for now */
1112 ND_PRINT((ndo, "\n\t\t%s Suboption #%u, length %u",
1113 tok2str(ipcpopt_compproto_subopt_values,
1119 ipcomp_subopttotallen -= ipcomp_suboptlen;
1120 p += ipcomp_suboptlen;
1129 case IPCPOPT_ADDR: /* those options share the same format - fall through */
1130 case IPCPOPT_MOBILE4:
1131 case IPCPOPT_PRIDNS:
1132 case IPCPOPT_PRINBNS:
1133 case IPCPOPT_SECDNS:
1134 case IPCPOPT_SECNBNS:
1136 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1139 ND_TCHECK2(*(p + 2), 4);
1140 ND_PRINT((ndo, ": %s", ipaddr_string(ndo, p + 2)));
1144 * Unknown option; dump it as raw bytes now if we're
1145 * not going to do so below.
1147 if (ndo->ndo_vflag < 2)
1148 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1151 if (ndo->ndo_vflag > 1)
1152 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1156 ND_PRINT((ndo, "[|ipcp]"));
1160 /* IP6CP config options */
1162 print_ip6cp_config_options(netdissect_options *ndo,
1163 const u_char *p, int length)
1175 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1176 tok2str(ip6cpopt_values,"unknown",opt),
1182 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1183 tok2str(ip6cpopt_values,"unknown",opt),
1190 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1193 ND_TCHECK2(*(p + 2), 8);
1194 ND_PRINT((ndo, ": %04x:%04x:%04x:%04x",
1195 EXTRACT_16BITS(p + 2),
1196 EXTRACT_16BITS(p + 4),
1197 EXTRACT_16BITS(p + 6),
1198 EXTRACT_16BITS(p + 8)));
1202 * Unknown option; dump it as raw bytes now if we're
1203 * not going to do so below.
1205 if (ndo->ndo_vflag < 2)
1206 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1209 if (ndo->ndo_vflag > 1)
1210 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1215 ND_PRINT((ndo, "[|ip6cp]"));
1220 /* CCP config options */
1222 print_ccp_config_options(netdissect_options *ndo,
1223 const u_char *p, int length)
1235 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1236 tok2str(ccpconfopts_values, "Unknown", opt),
1242 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1243 tok2str(ccpconfopts_values, "Unknown", opt),
1248 case CCPOPT_BSDCOMP:
1250 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
1254 ND_PRINT((ndo, ": Version: %u, Dictionary Bits: %u",
1255 p[2] >> 5, p[2] & 0x1f));
1259 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1263 ND_PRINT((ndo, ": Features: %u, PxP: %s, History: %u, #CTX-ID: %u",
1265 (p[2] & 0x20) ? "Enabled" : "Disabled",
1266 p[2] & 0x1f, p[3]));
1268 case CCPOPT_DEFLATE:
1270 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1274 ND_PRINT((ndo, ": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u",
1276 ((p[2] & 0x0f) == 8) ? "zlib" : "unknown",
1277 p[2] & 0x0f, (p[3] & 0xfc) >> 2, p[3] & 0x03));
1280 /* XXX: to be supported */
1287 case CCPOPT_STACLZS:
1298 * Unknown option; dump it as raw bytes now if we're
1299 * not going to do so below.
1301 if (ndo->ndo_vflag < 2)
1302 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1305 if (ndo->ndo_vflag > 1)
1306 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1311 ND_PRINT((ndo, "[|ccp]"));
1315 /* BACP config options */
1317 print_bacp_config_options(netdissect_options *ndo,
1318 const u_char *p, int length)
1330 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1331 tok2str(bacconfopts_values, "Unknown", opt),
1337 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1338 tok2str(bacconfopts_values, "Unknown", opt),
1345 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1348 ND_TCHECK_32BITS(p + 2);
1349 ND_PRINT((ndo, ": Magic-Num 0x%08x", EXTRACT_32BITS(p + 2)));
1353 * Unknown option; dump it as raw bytes now if we're
1354 * not going to do so below.
1356 if (ndo->ndo_vflag < 2)
1357 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1360 if (ndo->ndo_vflag > 1)
1361 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1366 ND_PRINT((ndo, "[|bacp]"));
1371 ppp_hdlc(netdissect_options *ndo,
1372 const u_char *p, int length)
1382 b = (u_char *)malloc(length);
1387 * Unescape all the data into a temporary, private, buffer.
1388 * Do this so that we dont overwrite the original packet
1391 for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) {
1394 if (i <= 1 || !ND_TTEST(*s))
1402 se = ndo->ndo_snapend;
1403 ndo->ndo_snapend = t;
1406 /* now lets guess about the payload codepoint format */
1409 proto = *b; /* start with a one-octet codepoint guess */
1413 ip_print(ndo, b + 1, length - 1);
1416 ip6_print(ndo, b + 1, length - 1);
1418 default: /* no luck - try next guess */
1424 proto = EXTRACT_16BITS(b); /* next guess - load two octets */
1427 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
1430 proto = EXTRACT_16BITS(b+2); /* load the PPP proto-id */
1431 handle_ppp(ndo, proto, b + 4, length - 4);
1433 default: /* last guess - proto must be a PPP proto-id */
1434 handle_ppp(ndo, proto, b + 2, length - 2);
1439 ndo->ndo_snapend = se;
1444 ndo->ndo_snapend = se;
1446 ND_PRINT((ndo, "[|ppp]"));
1452 handle_ppp(netdissect_options *ndo,
1453 u_int proto, const u_char *p, int length)
1455 if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */
1456 ppp_hdlc(ndo, p - 1, length);
1461 case PPP_LCP: /* fall through */
1468 handle_ctrl_proto(ndo, proto, p, length);
1471 handle_mlppp(ndo, p, length);
1474 handle_chap(ndo, p, length);
1477 handle_pap(ndo, p, length);
1479 case PPP_BAP: /* XXX: not yet completed */
1480 handle_bap(ndo, p, length);
1482 case ETHERTYPE_IP: /*XXX*/
1485 ip_print(ndo, p, length);
1487 case ETHERTYPE_IPV6: /*XXX*/
1489 ip6_print(ndo, p, length);
1491 case ETHERTYPE_IPX: /*XXX*/
1493 ipx_print(ndo, p, length);
1496 isoclns_print(ndo, p, length);
1498 case PPP_MPLS_UCAST:
1499 case PPP_MPLS_MCAST:
1500 mpls_print(ndo, p, length);
1503 ND_PRINT((ndo, "compressed PPP data"));
1506 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1507 print_unknown_data(ndo, p, "\n\t", length);
1512 /* Standard PPP printer */
1514 ppp_print(netdissect_options *ndo,
1515 register const u_char *p, u_int length)
1517 u_int proto,ppp_header;
1518 u_int olen = length; /* _o_riginal length */
1522 * Here, we assume that p points to the Address and Control
1523 * field (if they present).
1528 ppp_header = EXTRACT_16BITS(p);
1530 switch(ppp_header) {
1531 case (PPP_WITHDIRECTION_IN << 8 | PPP_CONTROL):
1532 if (ndo->ndo_eflag) ND_PRINT((ndo, "In "));
1537 case (PPP_WITHDIRECTION_OUT << 8 | PPP_CONTROL):
1538 if (ndo->ndo_eflag) ND_PRINT((ndo, "Out "));
1543 case (PPP_ADDRESS << 8 | PPP_CONTROL):
1544 p += 2; /* ACFC not used */
1557 proto = *p; /* PFC is used */
1563 proto = EXTRACT_16BITS(p);
1570 ND_PRINT((ndo, "%s (0x%04x), length %u: ",
1571 tok2str(ppptype2str, "unknown", proto),
1575 handle_ppp(ndo, proto, p, length);
1578 ND_PRINT((ndo, "[|ppp]"));
1583 /* PPP I/F printer */
1585 ppp_if_print(netdissect_options *ndo,
1586 const struct pcap_pkthdr *h, register const u_char *p)
1588 register u_int length = h->len;
1589 register u_int caplen = h->caplen;
1591 if (caplen < PPP_HDRLEN) {
1592 ND_PRINT((ndo, "[|ppp]"));
1598 * XXX: seems to assume that there are 2 octets prepended to an
1599 * actual PPP frame. The 1st octet looks like Input/Output flag
1600 * while 2nd octet is unknown, at least to me
1601 * (mshindo@mshindo.net).
1603 * That was what the original tcpdump code did.
1605 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1606 * packets and 0 for inbound packets - but only if the
1607 * protocol field has the 0x8000 bit set (i.e., it's a network
1608 * control protocol); it does so before running the packet through
1609 * "bpf_filter" to see if it should be discarded, and to see
1610 * if we should update the time we sent the most recent packet...
1612 * ...but it puts the original address field back after doing
1615 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1617 * I don't know if any PPP implementation handed up to a BPF
1618 * device packets with the first octet being 1 for outbound and
1619 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1620 * whether that ever needs to be checked or not.
1622 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1623 * and its tcpdump appears to assume that the frame always
1624 * begins with an address field and a control field, and that
1625 * the address field might be 0x0f or 0x8f, for Cisco
1626 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1627 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1630 * (Is the Cisco framing in question what DLT_C_HDLC, in
1634 ND_PRINT((ndo, "%c %4d %02x ", p[0] ? 'O' : 'I', length, p[1]));
1637 ppp_print(ndo, p, length);
1643 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1644 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1645 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1646 * discard them *if* those are the first two octets, and parse the remaining
1647 * packet as a PPP packet, as "ppp_print()" does).
1649 * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1652 ppp_hdlc_if_print(netdissect_options *ndo,
1653 const struct pcap_pkthdr *h, register const u_char *p)
1655 register u_int length = h->len;
1656 register u_int caplen = h->caplen;
1661 ND_PRINT((ndo, "[|ppp]"));
1669 ND_PRINT((ndo, "[|ppp]"));
1674 ND_PRINT((ndo, "%02x %02x %d ", p[0], p[1], length));
1679 proto = EXTRACT_16BITS(p);
1683 ND_PRINT((ndo, "%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1685 handle_ppp(ndo, proto, p, length);
1690 return (chdlc_if_print(ndo, h, p));
1694 ND_PRINT((ndo, "[|ppp]"));
1699 ND_PRINT((ndo, "%02x %02x %d ", p[0], p[1], length));
1704 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1705 * the next two octets as an Ethernet type; does that
1708 ND_PRINT((ndo, "unknown addr %02x; ctrl %02x", p[0], p[1]));
1715 #define PPP_BSDI_HDRLEN 24
1717 /* BSD/OS specific PPP printer */
1719 ppp_bsdos_if_print(netdissect_options *ndo _U_,
1720 const struct pcap_pkthdr *h _U_, register const u_char *p _U_)
1722 register int hdrlength;
1724 register u_int length = h->len;
1725 register u_int caplen = h->caplen;
1730 if (caplen < PPP_BSDI_HDRLEN) {
1731 ND_PRINT((ndo, "[|ppp]"));
1738 if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) {
1740 ND_PRINT((ndo, "%02x %02x ", p[0], p[1]));
1746 ND_PRINT((ndo, "%d ", length));
1747 /* Retrieve the protocol type */
1749 /* Compressed protocol field */
1752 ND_PRINT((ndo, "%02x ", ptype));
1756 /* Un-compressed protocol field */
1757 ptype = EXTRACT_16BITS(p);
1759 ND_PRINT((ndo, "%04x ", ptype));
1766 ND_PRINT((ndo, "%c ", p[SLC_DIR] ? 'O' : 'I'));
1768 /* link level header */
1769 struct ppp_header *ph;
1771 q = p + SLC_BPFHDRLEN;
1772 ph = (struct ppp_header *)q;
1773 if (ph->phdr_addr == PPP_ADDRESS
1774 && ph->phdr_ctl == PPP_CONTROL) {
1776 ND_PRINT((ndo, "%02x %02x ", q[0], q[1]));
1777 ptype = EXTRACT_16BITS(&ph->phdr_type);
1778 if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1779 ND_PRINT((ndo, "%s ", tok2str(ppptype2str,
1780 "proto-#%d", ptype)));
1783 if (ndo->ndo_eflag) {
1784 ND_PRINT((ndo, "LLH=["));
1785 for (i = 0; i < p[SLC_LLHL]; i++)
1786 ND_PRINT((ndo, "%02x", q[i]));
1787 ND_PRINT((ndo, "] "));
1792 ND_PRINT((ndo, "%d ", length));
1794 q = p + SLC_BPFHDRLEN + p[SLC_LLHL];
1798 ptype = vjc_print(ndo, q, ptype);
1799 hdrlength = PPP_BSDI_HDRLEN;
1803 ip_print(ndo, p, length);
1806 ip6_print(ndo, p, length);
1808 case PPP_MPLS_UCAST:
1809 case PPP_MPLS_MCAST:
1810 mpls_print(ndo, p, length);
1815 ptype = vjc_print(ndo, q, ptype);
1816 hdrlength = PPP_BSDI_HDRLEN;
1820 ip_print(ndo, p, length);
1823 ip6_print(ndo, p, length);
1825 case PPP_MPLS_UCAST:
1826 case PPP_MPLS_MCAST:
1827 mpls_print(ndo, p, length);
1832 if (ndo->ndo_eflag) {
1833 ND_PRINT((ndo, "CH=["));
1834 for (i = 0; i < p[SLC_LLHL]; i++)
1835 ND_PRINT((ndo, "%02x", q[i]));
1836 ND_PRINT((ndo, "] "));
1842 hdrlength = PPP_BSDI_HDRLEN;
1845 length -= hdrlength;
1850 ip_print(p, length);
1853 ip6_print(ndo, p, length);
1855 case PPP_MPLS_UCAST:
1856 case PPP_MPLS_MCAST:
1857 mpls_print(ndo, p, length);
1860 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype)));
1866 #endif /* __bsdi__ */
1873 * c-style: whitesmith
projects / dragonfly.git / blob