]> The Tcpdump Group git mirrors - tcpdump/blob - print-icmp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
CI: Add warning exemptions for Sun C (suncc-5.14) on Solaris 10
[tcpdump] / print-icmp.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Internet Control Message Protocol (ICMP) printer */
23
24 #include <config.h>
25
26 #include "netdissect-stdinc.h"
27
28 #include <stdio.h>
29 #include <string.h>
30
31 #define ND_LONGJMP_FROM_TCHECK
32 #include "netdissect.h"
33 #include "addrtoname.h"
34 #include "extract.h"
35
36 #include "ip.h"
37 #include "icmp.h"
38 #include "udp.h"
39 #include "ipproto.h"
40 #include "mpls.h"
41
42 /*
43 * Interface Control Message Protocol Definitions.
44 * Per RFC 792, September 1981.
45 */
46
47 /*
48 * Structure of an icmp header.
49 */
50 struct icmp {
51 nd_uint8_t icmp_type; /* type of message, see below */
52 nd_uint8_t icmp_code; /* type sub code */
53 nd_uint16_t icmp_cksum; /* ones complement cksum of struct */
54 union {
55 nd_uint8_t ih_pptr; /* ICMP_PARAMPROB */
56 nd_ipv4 ih_gwaddr; /* ICMP_REDIRECT */
57 struct ih_idseq {
58 nd_uint16_t icd_id;
59 nd_uint16_t icd_seq;
60 } ih_idseq;
61 struct ih_idseqx { /* RFC8335 */
62 nd_uint16_t icdx_id;
63 nd_uint8_t icdx_seq;
64 nd_uint8_t icdx_info;
65 } ih_idseqx;
66 nd_uint32_t ih_void;
67 } icmp_hun;
68 #define icmp_pptr icmp_hun.ih_pptr
69 #define icmp_gwaddr icmp_hun.ih_gwaddr
70 #define icmp_id icmp_hun.ih_idseq.icd_id
71 #define icmp_seq icmp_hun.ih_idseq.icd_seq
72 #define icmp_xseq icmp_hun.ih_idseqx.icdx_seq
73 #define icmp_xinfo icmp_hun.ih_idseqx.icdx_info
74 #define icmp_void icmp_hun.ih_void
75 union {
76 struct id_ts {
77 nd_uint32_t its_otime;
78 nd_uint32_t its_rtime;
79 nd_uint32_t its_ttime;
80 } id_ts;
81 struct id_ip {
82 struct ip idi_ip;
83 /* options and then 64 bits of data */
84 } id_ip;
85 nd_uint32_t id_mask;
86 nd_byte id_data[1];
87 } icmp_dun;
88 #define icmp_otime icmp_dun.id_ts.its_otime
89 #define icmp_rtime icmp_dun.id_ts.its_rtime
90 #define icmp_ttime icmp_dun.id_ts.its_ttime
91 #define icmp_ip icmp_dun.id_ip.idi_ip
92 #define icmp_mask icmp_dun.id_mask
93 #define icmp_data icmp_dun.id_data
94 };
95
96 /*
97 * Lower bounds on packet lengths for various types.
98 * For the error advice packets must first insure that the
99 * packet is large enough to contain the returned ip header.
100 * Only then can we do the check to see if 64 bits of packet
101 * data have been returned, since we need to check the returned
102 * ip header length.
103 */
104 #define ICMP_MINLEN 8 /* abs minimum */
105 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip)) /* draft-bonica-internet-icmp-08 */
106 #define ICMP_TSLEN (8 + 3 * sizeof (uint32_t)) /* timestamp */
107 #define ICMP_MASKLEN 12 /* address mask */
108 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */
109 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8)
110 /* N.B.: must separately check that ip_hl >= 5 */
111
112 /*
113 * Definition of type and code field values.
114 */
115 #define ICMP_ECHOREPLY 0 /* echo reply */
116 #define ICMP_UNREACH 3 /* dest unreachable, codes: */
117 #define ICMP_UNREACH_NET 0 /* bad net */
118 #define ICMP_UNREACH_HOST 1 /* bad host */
119 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */
120 #define ICMP_UNREACH_PORT 3 /* bad port */
121 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */
122 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */
123 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */
124 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */
125 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */
126 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */
127 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */
128 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */
129 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */
130 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */
131 #define ICMP_REDIRECT 5 /* shorter route, codes: */
132 #define ICMP_REDIRECT_NET 0 /* for network */
133 #define ICMP_REDIRECT_HOST 1 /* for host */
134 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */
135 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */
136 #define ICMP_ECHO 8 /* echo service */
137 #define ICMP_ROUTERADVERT 9 /* router advertisement */
138 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */
139 #define ICMP_TIMXCEED 11 /* time exceeded, code: */
140 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */
141 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */
142 #define ICMP_PARAMPROB 12 /* ip header bad */
143 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */
144 #define ICMP_TSTAMP 13 /* timestamp request */
145 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */
146 #define ICMP_IREQ 15 /* information request */
147 #define ICMP_IREQREPLY 16 /* information reply */
148 #define ICMP_MASKREQ 17 /* address mask request */
149 #define ICMP_MASKREPLY 18 /* address mask reply */
150
151 #define ICMP_EXTENDED_ECHO_REQUEST 42 /* extended echo request */
152 #define ICMP_EXTENDED_ECHO_REPLY 43 /* extended echo reply */
153 #define ICMP_ECHO_X_MALFORMED_QUERY 1 /* malformed query */
154 #define ICMP_ECHO_X_NO_SUCH_INTERFACE 2 /* no such interface */
155 #define ICMP_ECHO_X_NO_SUCH_TABLE_ENTRY 3 /* no such table entry */
156 #define ICMP_ECHO_X_MULTIPLE_INTERFACES 4 /* multiple interfaces satisfy query */
157
158 #define ICMP_ERRTYPE(type) \
159 ((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \
160 (type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \
161 (type) == ICMP_PARAMPROB)
162 #define ICMP_MULTIPART_EXT_TYPE(type) \
163 ((type) == ICMP_UNREACH || \
164 (type) == ICMP_TIMXCEED || \
165 (type) == ICMP_PARAMPROB)
166 #define ICMP_EXTENDED_ECHO_TYPE(type) \
167 ((type) == ICMP_EXTENDED_ECHO_REQUEST || \
168 (type) == ICMP_EXTENDED_ECHO_REPLY)
169 /* rfc1700 */
170 #ifndef ICMP_UNREACH_NET_UNKNOWN
171 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */
172 #endif
173 #ifndef ICMP_UNREACH_HOST_UNKNOWN
174 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */
175 #endif
176 #ifndef ICMP_UNREACH_ISOLATED
177 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */
178 #endif
179 #ifndef ICMP_UNREACH_NET_PROHIB
180 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */
181 #endif
182 #ifndef ICMP_UNREACH_HOST_PROHIB
183 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */
184 #endif
185 #ifndef ICMP_UNREACH_TOSNET
186 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */
187 #endif
188 #ifndef ICMP_UNREACH_TOSHOST
189 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */
190 #endif
191
192 /* rfc1716 */
193 #ifndef ICMP_UNREACH_FILTER_PROHIB
194 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */
195 #endif
196 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
197 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */
198 #endif
199 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
200 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
201 #endif
202
203 /* Most of the icmp types */
204 static const struct tok icmp2str[] = {
205 { ICMP_ECHOREPLY, "echo reply" },
206 { ICMP_SOURCEQUENCH, "source quench" },
207 { ICMP_ECHO, "echo request" },
208 { ICMP_ROUTERSOLICIT, "router solicitation" },
209 { ICMP_TSTAMP, "time stamp request" },
210 { ICMP_TSTAMPREPLY, "time stamp reply" },
211 { ICMP_IREQ, "information request" },
212 { ICMP_IREQREPLY, "information reply" },
213 { ICMP_MASKREQ, "address mask request" },
214 { ICMP_EXTENDED_ECHO_REQUEST, "extended echo request" },
215 { ICMP_EXTENDED_ECHO_REPLY, "extended echo reply" },
216 { 0, NULL }
217 };
218
219 static const struct tok icmp_extended_echo_reply_code_str[] = {
220 { 0, "No error" },
221 { ICMP_ECHO_X_MALFORMED_QUERY, "Malformed Query" },
222 { ICMP_ECHO_X_NO_SUCH_INTERFACE, "No Such Interface" },
223 { ICMP_ECHO_X_NO_SUCH_TABLE_ENTRY, "No Such Table Entry" },
224 { ICMP_ECHO_X_MULTIPLE_INTERFACES, "Multiple Interfaces Satisfy Query" },
225 { 0, NULL }
226 };
227
228 static const struct tok icmp_extended_echo_reply_state_str[] = {
229 { 0, "Reserved" },
230 { 1, "Incomplete" },
231 { 2, "Reachable" },
232 { 3, "Stale" },
233 { 4, "Delay" },
234 { 5, "Probe" },
235 { 6, "Failed" },
236 { 0, NULL }
237 };
238
239 /* rfc1191 */
240 struct mtu_discovery {
241 nd_uint16_t unused;
242 nd_uint16_t nexthopmtu;
243 };
244
245 /* rfc1256 */
246 struct ih_rdiscovery {
247 nd_uint8_t ird_addrnum;
248 nd_uint8_t ird_addrsiz;
249 nd_uint16_t ird_lifetime;
250 };
251
252 struct id_rdiscovery {
253 nd_uint32_t ird_addr;
254 nd_uint32_t ird_pref;
255 };
256
257 /*
258 * RFC 4884 - Extended ICMP to Support Multi-Part Messages
259 *
260 * This is a general extension mechanism, based on the mechanism
261 * in draft-bonica-icmp-mpls-02 ICMP Extensions for MultiProtocol
262 * Label Switching.
263 *
264 * The Destination Unreachable, Time Exceeded
265 * and Parameter Problem messages are slightly changed as per
266 * the above RFC. A new Length field gets added to give
267 * the caller an idea about the length of the piggybacked
268 * IP packet before the extension header starts.
269 *
270 * The Length field represents length of the padded "original datagram"
271 * field measured in 32-bit words.
272 *
273 * 0 1 2 3
274 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
275 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
276 * | Type | Code | Checksum |
277 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
278 * | unused | Length | unused |
279 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
280 * | Internet Header + leading octets of original datagram |
281 * | |
282 * | // |
283 * | |
284 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
285 */
286
287 struct icmp_ext_t {
288 nd_uint8_t icmp_type;
289 nd_uint8_t icmp_code;
290 nd_uint16_t icmp_checksum;
291 nd_byte icmp_reserved;
292 nd_uint8_t icmp_length;
293 nd_byte icmp_reserved2[2];
294 nd_byte icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */
295 nd_byte icmp_ext_version_res[2];
296 nd_uint16_t icmp_ext_checksum;
297 nd_byte icmp_ext_data[1];
298 };
299
300 /*
301 * Extract version from the first octet of icmp_ext_version_res.
302 */
303 #define ICMP_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
304
305 /*
306 * Current version.
307 */
308 #define ICMP_EXT_VERSION 2
309
310 /*
311 * Extension object class numbers.
312 *
313 * Class 1 dates back to draft-bonica-icmp-mpls-02.
314 *
315 * Class 2 was used for an "Extended Payload Object Class", which
316 * contained bytes of the payload beyond the first 128 bytes, in
317 * draft-bonica-icmp-mpls-02; it was reassigned to an "Interface
318 * Information Object" in RFC 5837.
319 *
320 * Class 3 is defined by RFC8335.
321 */
322
323 /* rfc4950 */
324 #define MPLS_STACK_ENTRY_OBJECT_CLASS 1
325 /* rfc5837 */
326 #define INTERFACE_INFORMATION_OBJECT_CLASS 2
327 /* rfc8335 */
328 #define INTERFACE_IDENTIFICATION_OBJECT_CLASS 3
329
330 struct icmp_multipart_ext_object_header_t {
331 nd_uint16_t length;
332 nd_uint8_t class_num;
333 nd_uint8_t ctype;
334 };
335
336 static const struct tok icmp_multipart_ext_obj_values[] = {
337 { MPLS_STACK_ENTRY_OBJECT_CLASS, "MPLS Stack Entry Object" },
338 { INTERFACE_INFORMATION_OBJECT_CLASS, "Interface Information Object" },
339 { INTERFACE_IDENTIFICATION_OBJECT_CLASS, "Interface Identification Object" },
340 { 0, NULL}
341 };
342
343 /* rfc5837 */
344 static const struct tok icmp_interface_information_role_values[] = {
345 { 0, "Incoming IP Interface"},
346 { 1, "Sub-IP Component of Incoming IP Interface"},
347 { 2, "Outgoing IP Interface"},
348 { 3, "IP Next hop"},
349 { 0, NULL }
350 };
351
352 /*
353 Interface IP Address Sub-Object
354 0 31
355 +-------+-------+-------+-------+
356 | AFI | Reserved |
357 +-------+-------+-------+-------+
358 | IP Address ....
359 */
360 struct icmp_interface_information_ipaddr_subobject_t {
361 nd_uint16_t afi;
362 nd_uint16_t reserved;
363 nd_byte ip_addr[1];
364 };
365
366 /*
367 Interface Name Sub-Object
368 octet 0 1 63
369 +--------+-----------................-----------------+
370 | length | interface name octets 1-63 |
371 +--------+-----------................-----------------+
372 */
373 struct icmp_interface_information_ifname_subobject_t {
374 nd_uint8_t length;
375 nd_byte if_name[63];
376 };
377
378 /*
379 * Interface Identification IP Address Sub-Object
380 * 0 1 2 3
381 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
382 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
383 * | AFI | Address Length| Reserved |
384 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
385 * | Address ....
386 */
387 struct icmp_interface_identification_ipaddr_subobject_t {
388 nd_uint16_t afi;
389 nd_uint8_t addrlen;
390 nd_uint8_t reserved;
391 nd_byte ip_addr[1];
392 };
393
394 /* prototypes */
395 const char *icmp_tstamp_print(u_int);
396
397 /* print the milliseconds since midnight UTC */
398 const char *
399 icmp_tstamp_print(u_int tstamp)
400 {
401 u_int msec,sec,min,hrs;
402
403 static char buf[64];
404
405 msec = tstamp % 1000;
406 sec = tstamp / 1000;
407 min = sec / 60; sec -= min * 60;
408 hrs = min / 60; min -= hrs * 60;
409 snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
410 return buf;
411 }
412
413 static int
414 print_icmp_multipart_ext_object(netdissect_options *ndo, const uint8_t *obj_tptr)
415 {
416 u_int obj_tlen, obj_class_num, obj_ctype;
417 const struct icmp_multipart_ext_object_header_t *icmp_multipart_ext_object_header;
418
419 icmp_multipart_ext_object_header = (const struct icmp_multipart_ext_object_header_t *)obj_tptr;
420 obj_tlen = GET_BE_U_2(icmp_multipart_ext_object_header->length);
421 obj_class_num = GET_U_1(icmp_multipart_ext_object_header->class_num);
422 obj_ctype = GET_U_1(icmp_multipart_ext_object_header->ctype);
423 obj_tptr += sizeof(struct icmp_multipart_ext_object_header_t);
424
425 ND_PRINT("\n\t %s (%u), Class-Type: %u, length %u",
426 tok2str(icmp_multipart_ext_obj_values,"unknown",obj_class_num),
427 obj_class_num,
428 obj_ctype,
429 obj_tlen);
430
431 /* infinite loop protection */
432 if ((obj_class_num == 0) ||
433 (obj_tlen < sizeof(struct icmp_multipart_ext_object_header_t))) {
434 return -1;
435 }
436 obj_tlen -= sizeof(struct icmp_multipart_ext_object_header_t);
437
438 switch (obj_class_num) {
439 case MPLS_STACK_ENTRY_OBJECT_CLASS:
440 switch(obj_ctype) {
441 case 1:
442 {
443 uint32_t raw_label;
444
445 raw_label = GET_BE_U_4(obj_tptr);
446 ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
447 if (MPLS_STACK(raw_label))
448 ND_PRINT(", [S]");
449 ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
450 break;
451 }
452 default:
453 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
454 }
455 break;
456
457 case INTERFACE_INFORMATION_OBJECT_CLASS:
458 {
459 /*
460 Ctype in a INTERFACE_INFORMATION_OBJECT_CLASS object:
461
462 Bit 0 1 2 3 4 5 6 7
463 +-------+-------+-------+-------+-------+-------+-------+-------+
464 | Interface Role| Rsvd1 | Rsvd2 |ifIndex| IPAddr| name | MTU |
465 +-------+-------+-------+-------+-------+-------+-------+-------+
466 */
467 const uint8_t *offset;
468 u_int interface_role, if_index_flag, ipaddr_flag, name_flag, mtu_flag;
469
470 interface_role = (obj_ctype & 0xc0) >> 6;
471 if_index_flag = (obj_ctype & 0x8) >> 3;
472 ipaddr_flag = (obj_ctype & 0x4) >> 2;
473 name_flag = (obj_ctype & 0x2) >> 1;
474 mtu_flag = (obj_ctype & 0x1);
475
476 ND_PRINT("\n\t Interface Role: %s",
477 tok2str(icmp_interface_information_role_values,
478 "an unknown interface role",interface_role));
479
480 offset = obj_tptr;
481
482 if (if_index_flag) {
483 ND_PRINT("\n\t Interface Index: %u", GET_BE_U_4(offset));
484 offset += 4;
485 }
486 if (ipaddr_flag) {
487 const struct icmp_interface_information_ipaddr_subobject_t *ipaddr_subobj;
488
489 ND_PRINT("\n\t IP Address sub-object: ");
490 ipaddr_subobj = (const struct icmp_interface_information_ipaddr_subobject_t *) offset;
491 switch (GET_BE_U_2(ipaddr_subobj->afi)) {
492 case 1:
493 ND_PRINT("%s", GET_IPADDR_STRING(ipaddr_subobj->ip_addr));
494 offset += 4;
495 break;
496 case 2:
497 ND_PRINT("%s", GET_IP6ADDR_STRING(ipaddr_subobj->ip_addr));
498 offset += 16;
499 break;
500 default:
501 ND_PRINT("Unknown Address Family Identifier");
502 return -1;
503 }
504 offset += 4;
505 }
506 if (name_flag) {
507 uint8_t inft_name_length_field;
508 const struct icmp_interface_information_ifname_subobject_t *ifname_subobj;
509
510 ifname_subobj = (const struct icmp_interface_information_ifname_subobject_t *) offset;
511 inft_name_length_field = GET_U_1(ifname_subobj->length);
512 ND_PRINT("\n\t Interface Name");
513 if (inft_name_length_field == 0) {
514 ND_PRINT(" [length %u]", inft_name_length_field);
515 nd_print_invalid(ndo);
516 break;
517 }
518 if (inft_name_length_field % 4 != 0) {
519 ND_PRINT(" [length %u != N x 4]", inft_name_length_field);
520 nd_print_invalid(ndo);
521 offset += inft_name_length_field;
522 break;
523 }
524 if (inft_name_length_field > 64) {
525 ND_PRINT(" [length %u > 64]", inft_name_length_field);
526 nd_print_invalid(ndo);
527 offset += inft_name_length_field;
528 break;
529 }
530 ND_PRINT(", length %u: ", inft_name_length_field);
531 nd_printjnp(ndo, ifname_subobj->if_name,
532 inft_name_length_field - 1);
533 offset += inft_name_length_field;
534 }
535 if (mtu_flag) {
536 ND_PRINT("\n\t MTU: %u", GET_BE_U_4(offset));
537 offset += 4;
538 }
539 break;
540 }
541
542 case INTERFACE_IDENTIFICATION_OBJECT_CLASS:
543 switch (obj_ctype) {
544 case 1:
545 ND_PRINT("\n\t Interface Name, length %d: ", obj_tlen);
546 nd_printjnp(ndo, obj_tptr, obj_tlen);
547 break;
548 case 2:
549 ND_PRINT("\n\t Interface Index: %u", GET_BE_U_4(obj_tptr));
550 break;
551 case 3:
552 {
553 const struct icmp_interface_identification_ipaddr_subobject_t *id_ipaddr_subobj;
554 ND_PRINT("\n\t IP Address sub-object: ");
555 id_ipaddr_subobj = (const struct icmp_interface_identification_ipaddr_subobject_t *) obj_tptr;
556 switch (GET_BE_U_2(id_ipaddr_subobj->afi)) {
557 case 1:
558 if (GET_U_1(id_ipaddr_subobj->addrlen) != 4) {
559 ND_PRINT("[length %d != 4] ", GET_U_1(id_ipaddr_subobj->addrlen));
560 }
561 ND_PRINT("%s", GET_IPADDR_STRING(id_ipaddr_subobj->ip_addr));
562 break;
563 case 2:
564 if (GET_U_1(id_ipaddr_subobj->addrlen) != 16) {
565 ND_PRINT("[length %d != 16] ", GET_U_1(id_ipaddr_subobj->addrlen));
566 }
567 ND_PRINT("%s", GET_IP6ADDR_STRING(id_ipaddr_subobj->ip_addr));
568 break;
569 default:
570 ND_PRINT("Unknown Address Family Identifier");
571 return -1;
572 }
573 break;
574 }
575 default:
576 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
577 break;
578 }
579 break;
580
581 default:
582 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
583 break;
584 }
585 return obj_tlen + sizeof(struct icmp_multipart_ext_object_header_t);
586 }
587
588 void
589 print_icmp_rfc8335(netdissect_options *ndo, uint8_t xinfo, int isrequest, uint8_t icmp_code, const uint8_t *data) {
590 struct cksum_vec vec[1];
591
592 if (isrequest) {
593 ND_PRINT("\n\t%s Interface", xinfo & 1 ? "Local" : "Remote");
594 if (ICMP_EXT_EXTRACT_VERSION(GET_U_1(data)) != ICMP_EXT_VERSION) {
595 nd_print_invalid(ndo);
596 } else {
597 // A single extended object. The extended header is not
598 // located at offset 128 in this case, so we can not use
599 // icmp_ext_checksum.
600 uint16_t sum = GET_BE_U_2(data + 2);
601 uint16_t len = GET_BE_U_2(data + 4);
602 // The checksum is over the extended header and the single
603 // object
604 len += 4;
605 vec[0].ptr = data;
606 vec[0].len = len;
607 if (ND_TTEST_LEN(vec[0].ptr, vec[0].len)) {
608 ND_PRINT(", checksum 0x%04x (%scorrect), length %u",
609 sum,
610 in_cksum(vec, 1) ? "in" : "",
611 len);
612 }
613 print_icmp_multipart_ext_object(ndo, data + 4);
614 }
615 } else {
616 int state = ( xinfo & 0xe0 ) >> 5;
617 ND_PRINT("\n\tCode %d (%s), State %d (%s), active %d ipv4 %d ipv6 %d",
618 icmp_code, tok2str(icmp_extended_echo_reply_code_str, "Unknown", icmp_code),
619 state, tok2str(icmp_extended_echo_reply_state_str, "Unknown", state),
620 xinfo & 4 ? 1 : 0,
621 xinfo & 2 ? 1 : 0,
622 xinfo & 1 ? 1 : 0);
623 }
624 }
625
626 void
627 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen,
628 int fragmented)
629 {
630 const struct icmp *dp;
631 uint8_t icmp_type, icmp_code;
632 const struct icmp_ext_t *ext_dp;
633 const char *str;
634 const uint8_t *obj_tptr;
635 u_int hlen;
636 char buf[512];
637 struct cksum_vec vec[1];
638
639 ndo->ndo_protocol = "icmp";
640 dp = (const struct icmp *)bp;
641 ext_dp = (const struct icmp_ext_t *)bp;
642 str = buf;
643
644 icmp_type = GET_U_1(dp->icmp_type);
645 icmp_code = GET_U_1(dp->icmp_code);
646 switch (icmp_type) {
647
648 case ICMP_ECHO:
649 case ICMP_ECHOREPLY:
650 (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
651 icmp_type == ICMP_ECHO ?
652 "request" : "reply",
653 GET_BE_U_2(dp->icmp_id),
654 GET_BE_U_2(dp->icmp_seq));
655 break;
656
657 case ICMP_UNREACH:
658 switch (icmp_code) {
659
660 case ICMP_UNREACH_NET:
661 (void)snprintf(buf, sizeof(buf),
662 "net %s unreachable",
663 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
664 break;
665
666 case ICMP_UNREACH_HOST:
667 (void)snprintf(buf, sizeof(buf),
668 "host %s unreachable",
669 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
670 break;
671
672 case ICMP_UNREACH_PROTOCOL:
673 (void)snprintf(buf, sizeof(buf),
674 "%s protocol %u unreachable",
675 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
676 GET_U_1(dp->icmp_ip.ip_p));
677 break;
678
679 case ICMP_UNREACH_PORT:
680 {
681 const struct ip *oip;
682 const struct udphdr *ouh;
683 uint8_t ip_proto;
684 uint16_t dport;
685
686 oip = &dp->icmp_ip;
687 hlen = IP_HL(oip) * 4;
688 ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
689 dport = GET_BE_U_2(ouh->uh_dport);
690 ip_proto = GET_U_1(oip->ip_p);
691 switch (ip_proto) {
692
693 case IPPROTO_TCP:
694 (void)snprintf(buf, sizeof(buf),
695 "%s tcp port %s unreachable",
696 GET_IPADDR_STRING(oip->ip_dst),
697 tcpport_string(ndo, dport));
698 break;
699
700 case IPPROTO_UDP:
701 (void)snprintf(buf, sizeof(buf),
702 "%s udp port %s unreachable",
703 GET_IPADDR_STRING(oip->ip_dst),
704 udpport_string(ndo, dport));
705 break;
706
707 default:
708 (void)snprintf(buf, sizeof(buf),
709 "%s protocol %u port %u unreachable",
710 GET_IPADDR_STRING(oip->ip_dst),
711 ip_proto, dport);
712 break;
713 }
714 break;
715 }
716
717 case ICMP_UNREACH_NEEDFRAG:
718 {
719 const struct mtu_discovery *mp;
720 u_int mtu;
721
722 mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
723 mtu = GET_BE_U_2(mp->nexthopmtu);
724 if (mtu) {
725 (void)snprintf(buf, sizeof(buf),
726 "%s unreachable - need to frag (mtu %u)",
727 GET_IPADDR_STRING(dp->icmp_ip.ip_dst), mtu);
728 } else {
729 (void)snprintf(buf, sizeof(buf),
730 "%s unreachable - need to frag",
731 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
732 }
733 }
734 break;
735
736 case ICMP_UNREACH_SRCFAIL:
737 (void)snprintf(buf, sizeof(buf),
738 "%s unreachable - source route failed",
739 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
740 break;
741
742 case ICMP_UNREACH_NET_UNKNOWN:
743 (void)snprintf(buf, sizeof(buf),
744 "net %s unreachable - unknown",
745 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
746 break;
747
748 case ICMP_UNREACH_HOST_UNKNOWN:
749 (void)snprintf(buf, sizeof(buf),
750 "host %s unreachable - unknown",
751 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
752 break;
753
754 case ICMP_UNREACH_ISOLATED:
755 (void)snprintf(buf, sizeof(buf),
756 "%s unreachable - source host isolated",
757 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
758 break;
759
760 case ICMP_UNREACH_NET_PROHIB:
761 (void)snprintf(buf, sizeof(buf),
762 "net %s unreachable - admin prohibited",
763 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
764 break;
765
766 case ICMP_UNREACH_HOST_PROHIB:
767 (void)snprintf(buf, sizeof(buf),
768 "host %s unreachable - admin prohibited",
769 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
770 break;
771
772 case ICMP_UNREACH_TOSNET:
773 (void)snprintf(buf, sizeof(buf),
774 "net %s unreachable - tos prohibited",
775 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
776 break;
777
778 case ICMP_UNREACH_TOSHOST:
779 (void)snprintf(buf, sizeof(buf),
780 "host %s unreachable - tos prohibited",
781 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
782 break;
783
784 case ICMP_UNREACH_FILTER_PROHIB:
785 (void)snprintf(buf, sizeof(buf),
786 "host %s unreachable - admin prohibited filter",
787 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
788 break;
789
790 case ICMP_UNREACH_HOST_PRECEDENCE:
791 (void)snprintf(buf, sizeof(buf),
792 "host %s unreachable - host precedence violation",
793 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
794 break;
795
796 case ICMP_UNREACH_PRECEDENCE_CUTOFF:
797 (void)snprintf(buf, sizeof(buf),
798 "host %s unreachable - precedence cutoff",
799 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
800 break;
801
802 default:
803 (void)snprintf(buf, sizeof(buf),
804 "%s unreachable - #%u",
805 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
806 icmp_code);
807 break;
808 }
809 break;
810
811 case ICMP_REDIRECT:
812 switch (icmp_code) {
813
814 case ICMP_REDIRECT_NET:
815 (void)snprintf(buf, sizeof(buf),
816 "redirect %s to net %s",
817 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
818 GET_IPADDR_STRING(dp->icmp_gwaddr));
819 break;
820
821 case ICMP_REDIRECT_HOST:
822 (void)snprintf(buf, sizeof(buf),
823 "redirect %s to host %s",
824 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
825 GET_IPADDR_STRING(dp->icmp_gwaddr));
826 break;
827
828 case ICMP_REDIRECT_TOSNET:
829 (void)snprintf(buf, sizeof(buf),
830 "redirect-tos %s to net %s",
831 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
832 GET_IPADDR_STRING(dp->icmp_gwaddr));
833 break;
834
835 case ICMP_REDIRECT_TOSHOST:
836 (void)snprintf(buf, sizeof(buf),
837 "redirect-tos %s to host %s",
838 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
839 GET_IPADDR_STRING(dp->icmp_gwaddr));
840 break;
841
842 default:
843 (void)snprintf(buf, sizeof(buf),
844 "redirect-#%u %s to %s", icmp_code,
845 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
846 GET_IPADDR_STRING(dp->icmp_gwaddr));
847 break;
848 }
849 break;
850
851 case ICMP_ROUTERADVERT:
852 {
853 char *cp;
854 const struct ih_rdiscovery *ihp;
855 const struct id_rdiscovery *idp;
856 u_int lifetime, num, size;
857
858 (void)snprintf(buf, sizeof(buf), "router advertisement");
859 cp = buf + strlen(buf);
860
861 ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
862 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
863 cp = buf + strlen(buf);
864 lifetime = GET_BE_U_2(ihp->ird_lifetime);
865 if (lifetime < 60) {
866 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
867 lifetime);
868 } else if (lifetime < 60 * 60) {
869 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
870 lifetime / 60, lifetime % 60);
871 } else {
872 (void)snprintf(cp, sizeof(buf) - (cp - buf),
873 "%u:%02u:%02u",
874 lifetime / 3600,
875 (lifetime % 3600) / 60,
876 lifetime % 60);
877 }
878 cp = buf + strlen(buf);
879
880 num = GET_U_1(ihp->ird_addrnum);
881 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %u:", num);
882 cp = buf + strlen(buf);
883
884 size = GET_U_1(ihp->ird_addrsiz);
885 if (size != 2) {
886 (void)snprintf(cp, sizeof(buf) - (cp - buf),
887 " [size %u]", size);
888 break;
889 }
890 idp = (const struct id_rdiscovery *)&dp->icmp_data;
891 while (num != 0) {
892 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
893 GET_IPADDR_STRING(idp->ird_addr),
894 GET_BE_U_4(idp->ird_pref));
895 cp = buf + strlen(buf);
896 ++idp;
897 num--;
898 }
899 }
900 break;
901
902 case ICMP_TIMXCEED:
903 ND_TCHECK_4(dp->icmp_ip.ip_dst);
904 switch (icmp_code) {
905
906 case ICMP_TIMXCEED_INTRANS:
907 str = "time exceeded in-transit";
908 break;
909
910 case ICMP_TIMXCEED_REASS:
911 str = "ip reassembly time exceeded";
912 break;
913
914 default:
915 (void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
916 icmp_code);
917 break;
918 }
919 break;
920
921 case ICMP_PARAMPROB:
922 if (icmp_code)
923 (void)snprintf(buf, sizeof(buf),
924 "parameter problem - code %u", icmp_code);
925 else {
926 (void)snprintf(buf, sizeof(buf),
927 "parameter problem - octet %u",
928 GET_U_1(dp->icmp_pptr));
929 }
930 break;
931
932 case ICMP_MASKREPLY:
933 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
934 GET_BE_U_4(dp->icmp_mask));
935 break;
936
937 case ICMP_TSTAMP:
938 (void)snprintf(buf, sizeof(buf),
939 "time stamp query id %u seq %u",
940 GET_BE_U_2(dp->icmp_id),
941 GET_BE_U_2(dp->icmp_seq));
942 break;
943
944 case ICMP_TSTAMPREPLY:
945 (void)snprintf(buf, sizeof(buf),
946 "time stamp reply id %u seq %u: org %s",
947 GET_BE_U_2(dp->icmp_id),
948 GET_BE_U_2(dp->icmp_seq),
949 icmp_tstamp_print(GET_BE_U_4(dp->icmp_otime)));
950
951 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
952 icmp_tstamp_print(GET_BE_U_4(dp->icmp_rtime)));
953 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
954 icmp_tstamp_print(GET_BE_U_4(dp->icmp_ttime)));
955 break;
956
957 case ICMP_EXTENDED_ECHO_REQUEST:
958 case ICMP_EXTENDED_ECHO_REPLY:
959 /* brief info here due to limited buf; more info below */
960 (void)snprintf(buf, sizeof(buf), "extended echo %s, id %u, seq %u",
961 icmp_type == ICMP_EXTENDED_ECHO_REQUEST ?
962 "request" : "reply",
963 GET_BE_U_2(dp->icmp_id),
964 GET_U_1(dp->icmp_xseq));
965 break;
966
967 default:
968 str = tok2str(icmp2str, "type-#%u", icmp_type);
969 break;
970 }
971 ND_PRINT("ICMP %s, length %u", str, plen);
972 if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
973 if (ND_TTEST_LEN(bp, plen)) {
974 uint16_t sum;
975
976 vec[0].ptr = (const uint8_t *)(const void *)dp;
977 vec[0].len = plen;
978 sum = in_cksum(vec, 1);
979 if (sum != 0) {
980 uint16_t icmp_sum = GET_BE_U_2(dp->icmp_cksum);
981 ND_PRINT(" (wrong icmp cksum %x (->%x)!)",
982 icmp_sum,
983 in_cksum_shouldbe(icmp_sum, sum));
984 }
985 }
986 }
987
988 /*
989 * print the remnants of the IP packet.
990 * save the snaplength as this may get overridden in the IP printer.
991 */
992 if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
993 const struct ip *ip;
994 const u_char *snapend_save;
995
996 bp += 8;
997 ND_PRINT("\n\t");
998 ip = (const struct ip *)bp;
999 snapend_save = ndo->ndo_snapend;
1000 /*
1001 * Update the snapend because extensions (MPLS, ...) may be
1002 * present after the IP packet. In this case the current
1003 * (outer) packet's snapend is not what ip_print() needs to
1004 * decode an IP packet nested in the middle of an ICMP payload.
1005 *
1006 * This prevents that, in ip_print(), for the nested IP packet,
1007 * the remaining length < remaining caplen.
1008 */
1009 ndo->ndo_snapend = ND_MIN(bp + GET_BE_U_2(ip->ip_len),
1010 ndo->ndo_snapend);
1011 ip_print(ndo, bp, GET_BE_U_2(ip->ip_len));
1012 ndo->ndo_snapend = snapend_save;
1013 }
1014
1015 /* ndo_protocol reassignment after ip_print() call */
1016 ndo->ndo_protocol = "icmp";
1017
1018 /*
1019 * Attempt to decode multi-part message extensions (rfc4884) only for some ICMP types.
1020 */
1021 if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MULTIPART_EXT_TYPE(icmp_type)) {
1022 ND_TCHECK_SIZE(ext_dp);
1023
1024 /*
1025 * Check first if the multi-part extension header shows a non-zero length.
1026 * If the length field is not set then silently verify the checksum
1027 * to check if an extension header is present. This is expedient,
1028 * however not all implementations set the length field proper.
1029 */
1030 if (GET_U_1(ext_dp->icmp_length) == 0 &&
1031 ND_TTEST_LEN(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) {
1032 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
1033 vec[0].len = plen - ICMP_EXTD_MINLEN;
1034 if (in_cksum(vec, 1)) {
1035 return;
1036 }
1037 }
1038
1039 ND_PRINT("\n\tICMP Multi-Part extension v%u",
1040 ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)));
1041
1042 /*
1043 * Sanity checking of the header.
1044 */
1045 if (ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
1046 ICMP_EXT_VERSION) {
1047 ND_PRINT(" packet not supported");
1048 return;
1049 }
1050
1051 hlen = plen - ICMP_EXTD_MINLEN;
1052 if (ND_TTEST_LEN(ext_dp->icmp_ext_version_res, hlen)) {
1053 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
1054 vec[0].len = hlen;
1055 ND_PRINT(", checksum 0x%04x (%scorrect), length %u",
1056 GET_BE_U_2(ext_dp->icmp_ext_checksum),
1057 in_cksum(vec, 1) ? "in" : "",
1058 hlen);
1059 }
1060
1061 hlen -= 4; /* subtract common header size */
1062 obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
1063
1064 while (hlen > sizeof(struct icmp_multipart_ext_object_header_t)) {
1065 int obj_tlen = print_icmp_multipart_ext_object(ndo, obj_tptr);
1066 if (obj_tlen < 0) {
1067 /* malformed object */
1068 return;
1069 }
1070 if (hlen < (u_int)obj_tlen)
1071 break;
1072 hlen -= obj_tlen;
1073 obj_tptr += obj_tlen;
1074 }
1075 }
1076
1077 if (ndo->ndo_vflag >= 1 && ICMP_EXTENDED_ECHO_TYPE(icmp_type)) {
1078 uint8_t xinfo = GET_U_1(dp->icmp_xinfo);
1079 // RFC8335 printing is shared between ICMP and ICMPv6
1080 print_icmp_rfc8335( ndo, xinfo, icmp_type == ICMP_EXTENDED_ECHO_REQUEST, icmp_code, dp->icmp_data );
1081 }
1082
1083 return;
1084 }
[mirror] the TCPdump network dissector