--- tcpdump/print-fr.c.orig 2003-08-13 04:28:21.000000000 +0200 +++ tcpdump/print-fr.c 2003-10-12 01:40:10.000000000 +0200 @@ -30,41 +30,18 @@ #include -struct mbuf; -struct rtentry; - #include #include #include #include "interface.h" -#include "addrtoname.h" #include "ethertype.h" #include "extract.h" -static void q933_print(const u_char *, int); - -#define FR_CR_BIT 0x02 -#define FR_EA_BIT(p) ((p)&0x01) -#define FR_FECN 0x08 -#define FR_BECN 0x04 -#define FR_DE 0x02 -#define FR_DLCI(b0, b1) ((((b0)&0xFC)<<2)+(((b1)&0xF0)>>4)) - -/* find out how many bytes are there in a frame */ -static u_int -fr_addr_len(const u_char *p) -{ - u_int i=0; - - while (!FR_EA_BIT(p[i]) && i++ && !FR_EA_BIT(p[i+1])) i++; - return (i+1); -} +static void lmi_print(const u_char *, int); -/* the following is for framerelay */ -#define NLPID_LEN 1 /* NLPID is one byte long */ -#define NLPID_Q933 0x08 -#define NLPID_LMI 0x09 +#define NLPID_LMI 0x08 /* ANSI T1.617 Annex D or ITU-T Q.933 Annex A */ +#define NLPID_CISCO_LMI 0x09 /* The original, aka Cisco, aka Gang of Four */ #define NLPID_SNAP 0x80 #define NLPID_CLNP 0x81 #define NLPID_ESIS 0x82 @@ -72,8 +49,62 @@ #define NLPID_CONS 0x84 #define NLPID_IDRP 0x85 #define NLPID_X25_ESIS 0x8a +#define NLPID_IPV6 0x8e #define NLPID_IP 0xcc +#define FR_EA_BIT 0x01 + + +/* Finds out Q.922 address length, DLCI and flags. Returns 0 on success */ +static int parse_q922_addr(const u_char *p, u_int *dlci, u_int *addr_len, + char **flags_ptr) +{ + static char flags[32]; + size_t len; + + if ((p[0] & FR_EA_BIT)) + return -1; + + *flags_ptr = flags; + *addr_len = 2; + *dlci = ((p[0] & 0xFC) << 2) | ((p[1] & 0xF0) >> 4); + + strcpy(flags, (p[0] & 0x02) ? "C!, " : ""); + if (p[1] & 0x08) + strcat(flags, "FECN, "); + if (p[1] & 0x04) + strcat(flags, "BECN, "); + if (p[1] & 0x02) + strcat(flags, "DE, "); + + len = strlen(flags); + if (len > 1) + flags[len - 2] = '\x0'; /* delete trailing comma and space */ + + if (p[1] & FR_EA_BIT) + return 0; /* 2-byte Q.922 address */ + + p += 2; + *addr_len++; /* 3- or 4-byte Q.922 address */ + if (p[0] & FR_EA_BIT == 0) { + *dlci = (*dlci << 7) | (p[0] >> 1); + *addr_len++; /* 4-byte Q.922 address */ + p++; + } + + if (p[0] & FR_EA_BIT == 0) + return -1; /* more than 4 bytes of Q.922 address? */ + + if (p[0] & 0x02) { + len = strlen(flags); + snprintf(flags + len, sizeof(flags) - len, + "%sdlcore %x", len ? ", " : "", p[0] >> 2); + } else + *dlci = (*dlci << 6) | (p[0] >> 2); + + return 0; +} + static const char *fr_nlpids[256]; @@ -86,8 +117,8 @@ if (!fr_nlpid_flag) { for (i=0; i < 256; i++) fr_nlpids[i] = NULL; - fr_nlpids[NLPID_Q933] = "Q.933"; fr_nlpids[NLPID_LMI] = "LMI"; + fr_nlpids[NLPID_CISCO_LMI] = "Cisco LMI"; fr_nlpids[NLPID_SNAP] = "SNAP"; fr_nlpids[NLPID_CLNP] = "CLNP"; fr_nlpids[NLPID_ESIS] = "ESIS"; @@ -100,11 +131,8 @@ fr_nlpid_flag = 1; } -/* Framerelay packet structure */ +/* Frame Relay packet structure, with flags and CRC removed -/* - +---------------------------+ - | flag (7E hexadecimal) | +---------------------------+ | Q.922 Address* | +-- --+ @@ -123,12 +151,6 @@ | . | | . | +---------------------------+ - | Frame Check Sequence | - +-- . --+ - | (two octets) | - +---------------------------+ - | flag (7E hexadecimal) | - +---------------------------+ * Q.922 addresses, as presently defined, are two octets and contain a 10-bit DLCI. In some networks Q.922 addresses @@ -133,52 +155,16 @@ * Q.922 addresses, as presently defined, are two octets and contain a 10-bit DLCI. In some networks Q.922 addresses may optionally be increased to three or four octets. - */ -#define FR_PROTOCOL(p) fr_protocol((p)) - static u_int -fr_hdrlen(const u_char *p) -{ - u_int hlen; - hlen = fr_addr_len(p)+1; /* addr_len + 0x03 + padding */ - if (p[hlen]) - return hlen; - else - return hlen+1; -} - -#define LAYER2_LEN(p) (fr_hdrlen((p))+NLPID_LEN) - -static int -fr_protocol(const u_char *p) +fr_hdrlen(const u_char *p, u_int addr_len, u_int caplen) { - int hlen; - - hlen = fr_addr_len(p) + 1; - if (p[hlen]) /* check for padding */ - return p[hlen]; + if ((caplen > addr_len + 1 /* UI */ + 1 /* pad */) && + !p[addr_len + 1] /* pad exist */) + return addr_len + 1 /* UI */ + 1 /* pad */ + 1 /* NLPID */; else - return p[hlen+1]; -} - -static char * -fr_flags(const u_char *p) -{ - static char flags[1+1+4+1+4+1+2+1]; - - if (p[0] & FR_CR_BIT) - strlcpy(flags, "C", sizeof(flags)); - else - strlcpy(flags, "R", sizeof(flags)); - if (p[1] & FR_FECN) - strlcat(flags, ",FECN", sizeof(flags)); - if (p[1] & FR_BECN) - strlcat(flags, ",BECN", sizeof(flags)); - if (p[1] & FR_DE) - strlcat(flags, ",DE", sizeof(flags)); - return flags; + return addr_len + 1 /* UI */ + 1 /* NLPID */; } static const char * @@ -186,29 +172,26 @@ { static char buf[5+1+2+1]; + init_fr_nlpids(); + if (nflag || fr_nlpids[proto] == NULL) { - snprintf(buf, sizeof(buf), "proto-%02x", proto); + snprintf(buf, sizeof(buf), "proto %02x", proto); return buf; } return fr_nlpids[proto]; } static void -fr_hdr_print(const u_char *p, int length) +fr_hdr_print(const u_char *p, int length, u_int dlci, char *flags, + u_char nlpid) { - u_int8_t proto; - - proto = FR_PROTOCOL(p); - - init_fr_nlpids(); - /* this is kinda kludge since it assumed that DLCI is two bytes. */ if (qflag) - (void)printf("DLCI-%u-%s %d: ", - FR_DLCI(p[0], p[1]), fr_flags(p), length); + (void)printf("DLCI %u, %s%slength %d: ", + dlci, flags, *flags ? ", " : "", length); else - (void)printf("DLCI-%u-%s %s %d: ", - FR_DLCI(p[0], p[1]), fr_flags(p), - fr_protostring(proto), length); + (void)printf("DLCI %u, %s%s%s, length %d: ", + dlci, flags, *flags ? ", " : "", + fr_protostring(nlpid), length); } u_int @@ -216,32 +199,59 @@ { register u_int length = h->len; register u_int caplen = h->caplen; - u_char protocol; - int layer2_len; u_short extracted_ethertype; u_int32_t orgcode; register u_short et; + int dlci, addr_len, cr, fecn, becn, de, dlcore; + u_char nlpid; + u_int hdr_len; + char *flags; - if (caplen < fr_hdrlen(p)) { + if (caplen < 4) { /* minimum frame header length */ printf("[|fr]"); - return (caplen); + return caplen; } - if (eflag) - fr_hdr_print(p, length); + if (parse_q922_addr(p, &dlci, &addr_len, &flags)) { + printf("Invalid Q.922 address"); + return caplen; + } + + hdr_len = fr_hdrlen(p, addr_len, caplen); + + if (caplen < hdr_len) { + printf("[|fr]"); + return caplen; + } - protocol = FR_PROTOCOL(p); - layer2_len = LAYER2_LEN(p); - p += layer2_len; - length -= layer2_len; - caplen -= layer2_len; + if (p[addr_len] != 0x03) + printf("UI %02x! ", p[addr_len]); - switch (protocol) { + if (!p[addr_len + 1]) { /* pad byte should be used with 3-byte Q.922 */ + if (addr_len != 3) + printf("Pad! "); + } else if (addr_len == 3) + printf("No pad! "); + nlpid = p[hdr_len - 1]; + + p += hdr_len; + length -= hdr_len; + caplen -= hdr_len; + + if (eflag) + fr_hdr_print(p, length, dlci, flags, nlpid); + + switch (nlpid) { case NLPID_IP: ip_print(p, length); break; +#ifdef INET6 + case NLPID_IPV6: + ip6_print(p, length); + break; +#endif case NLPID_CLNP: case NLPID_ESIS: case NLPID_ISIS: @@ -256,28 +266,30 @@ 0) == 0) { /* ether_type not known, print raw packet */ if (!eflag) - fr_hdr_print(p - layer2_len, length + layer2_len); + fr_hdr_print(p - hdr_len, length + hdr_len, + dlci, flags, nlpid); if (extracted_ethertype) { printf("(SNAP %s) ", etherproto_string(htons(extracted_ethertype))); } if (!xflag && !qflag) - default_print(p - layer2_len, caplen + layer2_len); + default_print(p - hdr_len, caplen + hdr_len); } break; - case NLPID_Q933: - q933_print(p, length); + case NLPID_LMI: + lmi_print(p, length); break; default: if (!eflag) - fr_hdr_print(p - layer2_len, length + layer2_len); + fr_hdr_print(p - hdr_len, length + hdr_len, + dlci, flags, nlpid); if (!xflag) default_print(p, caplen); } - return (layer2_len); + return hdr_len; } /* @@ -327,20 +340,17 @@ #define MSG_TYPE_STATUS 0x7D #define MSG_TYPE_STATUS_ENQ 0x75 -#define ONE_BYTE_IE_MASK 0xF0 - -/* See L2 protocol ID picture above */ -struct q933_header { - u_int8_t call_ref; /* usually is 0 for framerelay PVC */ - u_int8_t msg_type; -}; +#define MSG_ANSI_LOCKING_SHIFT 0x95 +#define ONE_BYTE_IE_MASK 0xF0 /* details? */ -#define REPORT_TYPE_IE 0x01 -#define LINK_VERIFY_IE_91 0x19 -#define LINK_VERIFY_IE_94 0x03 -#define PVC_STATUS_IE 0x07 - -#define MAX_IE_SIZE +#define ANSI_REPORT_TYPE_IE 0x01 +#define ANSI_LINK_VERIFY_IE_91 0x19 /* details? */ +#define ANSI_LINK_VERIFY_IE 0x03 +#define ANSI_PVC_STATUS_IE 0x07 + +#define CCITT_REPORT_TYPE_IE 0x51 +#define CCITT_LINK_VERIFY_IE 0x53 +#define CCITT_PVC_STATUS_IE 0x57 struct common_ie_header { u_int8_t ie_id; @@ -351,47 +361,99 @@ #define LINK_VERIFY 1 #define ASYNC_PVC 2 + +/* Parses DLCI information element. */ +static char * parse_dlci_ie(const u_char *p, u_int ie_len, char *buffer, + size_t buffer_len) +{ + static char flags[32]; + size_t len; + u_int dlci; + + if ((ie_len < 3) || + (p[0] & 0x80) || + ((ie_len == 3) && !(p[1] & 0x80)) || + ((ie_len == 4) && ((p[1] & 0x80) || !(p[2] & 0x80))) || + ((ie_len == 5) && ((p[1] & 0x80) || (p[2] & 0x80) || + !(p[2] & 0x80))) || + (ie_len > 5) || + !(p[ie_len - 1] & 0x80)) + return "Invalid DLCI IE"; + + dlci = ((p[0] & 0x3F) << 4) | ((p[1] & 0x78) >> 3); + if (ie_len == 4) + dlci = (dlci << 6) | ((p[2] & 0x7E) >> 1); + else if (ie_len == 5) + dlci = (dlci << 13) | (p[2] & 0x7F) | ((p[3] & 0x7E) >> 1); + + snprintf(buffer, buffer_len, "DLCI %d: status %s%s", dlci, + p[ie_len - 1] & 0x8 ? "New, " : "", + p[ie_len - 1] & 0x2 ? "Active" : "Inactive"); + + return buffer; +} + + static void -q933_print(const u_char *p, int length) +lmi_print(const u_char *p, int length) { - struct q933_header *header = (struct q933_header *)(p+1); const u_char *ptemp = p; int ie_len; const char *decode_str; char temp_str[255]; struct common_ie_header *ie_p; + int is_ansi = 0; + + if (length < 9) { /* shortest: Q.933a LINK VERIFY */ + printf("[|lmi]"); + return; + } + + if (p[2] == MSG_ANSI_LOCKING_SHIFT) + is_ansi = 1; /* printing out header part */ - printf("Call Ref: %02x, MSG Type: %02x", - header->call_ref, header->msg_type); - switch(header->msg_type) { + printf(is_ansi ? "ANSI" : "CCITT"); + if (p[0]) + printf(" Call Ref: %02x!"); + + switch(p[1]) { case MSG_TYPE_STATUS: - decode_str = "STATUS REPLY"; + printf(" STATUS REPLY\n"); break; case MSG_TYPE_STATUS_ENQ: - decode_str = "STATUS ENQUIRY"; + printf(" STATUS ENQUIRY\n"); break; default: - decode_str = "UNKNOWN MSG Type"; + printf(" UNKNOWN MSG Type %02x\n", p[1]); } - printf(" %s\n", decode_str); - length = length - 3; - ptemp = ptemp + 3; + length = length - 2 - is_ansi; + ptemp = ptemp + 2 + is_ansi; /* Loop through the rest of IE */ - while( length > 0 ) { - if (ptemp[0] & ONE_BYTE_IE_MASK) { - ie_len = 1; + while (length > 0) { + if (is_ansi && (ptemp[0] & ONE_BYTE_IE_MASK)) { + /* not sure what's that - any pointers to + documentation? Is it for ANSI T1.617 annex D only, + isn't it? */ printf("\t\tOne byte IE: %02x, Content %02x\n", - (*ptemp & 0x70)>>4, (*ptemp & 0x0F)); + (*ptemp & 0x70) >> 4, (*ptemp & 0x0F)); length--; ptemp++; + continue; } - else { /* Multi-byte IE */ + + /* Multi-byte IE */ ie_p = (struct common_ie_header *)ptemp; - switch (ie_p->ie_id) { - case REPORT_TYPE_IE: + if (length < sizeof(struct common_ie_header) || + length < sizeof(struct common_ie_header) + ie_p->ie_len) { + printf("[|lmi]"); + return; + } + + if (is_ansi && ie_p->ie_id == ANSI_REPORT_TYPE_IE || + !is_ansi && ie_p->ie_id == CCITT_REPORT_TYPE_IE) switch(ptemp[2]) { case FULL_STATUS: decode_str = "FULL STATUS"; @@ -405,26 +467,25 @@ default: decode_str = "Reserved Value"; } - break; - case LINK_VERIFY_IE_91: - case LINK_VERIFY_IE_94: - snprintf(temp_str, sizeof (temp_str), "TX Seq: %3d, RX Seq: %3d", + + else if (is_ansi && (ie_p->ie_id == ANSI_LINK_VERIFY_IE_91 || + ie_p->ie_id == ANSI_LINK_VERIFY_IE) || + !is_ansi && ie_p->ie_id == CCITT_LINK_VERIFY_IE) { + snprintf(temp_str, sizeof(temp_str), + "TX Seq: %3d, RX Seq: %3d", ptemp[2], ptemp[3]); decode_str = temp_str; - break; - case PVC_STATUS_IE: - snprintf(temp_str, sizeof (temp_str), "DLCI %d: status %s %s", - ((ptemp[2]&0x3f)<<4)+ ((ptemp[3]&0x78)>>3), - ptemp[4] & 0x8 ?"new,":" ", - ptemp[4] & 0x2 ?"Active":"Inactive"); - break; - default: + + } else if (is_ansi && ie_p->ie_id == ANSI_PVC_STATUS_IE || + !is_ansi && ie_p->ie_id == CCITT_PVC_STATUS_IE) + decode_str = parse_dlci_ie(ptemp + 2, ie_p->ie_len, + temp_str, sizeof(temp_str)); + else decode_str = "Non-decoded Value"; - } + printf("\t\tIE: %02X Len: %d, %s\n", ie_p->ie_id, ie_p->ie_len, decode_str); length = length - ie_p->ie_len - 2; ptemp = ptemp + ie_p->ie_len + 2; } - } }