diff options
| -rw-r--r-- | FILES | 1 | ||||
| -rw-r--r-- | Makefile.in | 4 | ||||
| -rw-r--r-- | print-eigrp.c | 212 | ||||
| -rw-r--r-- | print-ip.c | 14 | ||||
| -rw-r--r-- | print-ipx.c | 4 |
5 files changed, 222 insertions, 13 deletions
@@ -117,6 +117,7 @@ print-dvmrp.c print-egp.c print-enc.c print-esp.c +print-eigrp.c print-ether.c print-fddi.c print-fr.c diff --git a/Makefile.in b/Makefile.in index 16fceeb8..2f113dcb 100644 --- a/Makefile.in +++ b/Makefile.in @@ -17,7 +17,7 @@ # WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. # -# @(#) $Header: /tcpdump/master/tcpdump/Makefile.in,v 1.285 2004-04-26 17:49:44 hannes Exp $ (LBL) +# @(#) $Header: /tcpdump/master/tcpdump/Makefile.in,v 1.286 2004-04-30 22:22:05 hannes Exp $ (LBL) # # Various configurable paths (remember to edit Makefile.in, not Makefile) @@ -71,7 +71,7 @@ CSRC = addrtoname.c gmpls.c oui.c gmt2local.c ipproto.c machdep.c parsenfsfh.c \ print-beep.c print-bfd.c print-bgp.c print-bootp.c print-cdp.c \ print-chdlc.c print-cip.c print-cnfp.c print-decnet.c \ print-domain.c print-dvmrp.c print-enc.c print-egp.c \ - print-eap.c \ + print-eap.c print-eigrp.c\ print-esp.c print-ether.c print-fddi.c print-fr.c \ print-gre.c print-hsrp.c print-icmp.c print-igmp.c \ print-igrp.c print-ip.c print-ipcomp.c print-ipfc.c \ diff --git a/print-eigrp.c b/print-eigrp.c new file mode 100644 index 00000000..9a6380cc --- /dev/null +++ b/print-eigrp.c @@ -0,0 +1,212 @@ +/* + * Copyright (c) 1998-2004 Hannes Gredler <hannes@tcpdump.org> + * The TCPDUMP project + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that: (1) source code + * distributions retain the above copyright notice and this paragraph + * in its entirety, and (2) distributions including binary code include + * the above copyright notice and this paragraph in its entirety in + * the documentation or other materials provided with the distribution. + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND + * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT + * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE. + */ + +#ifndef lint +static const char rcsid[] _U_ = + "@(#) $Header: /tcpdump/master/tcpdump/print-eigrp.c,v 1.1 2004-04-30 22:22:04 hannes Exp $"; +#endif + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <tcpdump-stdinc.h> + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "interface.h" +#include "extract.h" +#include "addrtoname.h" + +/* + * packet format documented at + * http://www.rhyshaden.com/eigrp.htm + */ + +struct eigrp_common_header { + u_int8_t version; + u_int8_t opcode; + u_int8_t checksum[2]; + u_int8_t flags[4]; + u_int8_t seq[4]; + u_int8_t ack[4]; + u_int8_t asn[4]; +}; + +#define EIGRP_VERSION 2 + +#define EIGRP_OPCODE_UPDATE 1 +#define EIGRP_OPCODE_QUERY 3 +#define EIGRP_OPCODE_REPLY 4 +#define EIGRP_OPCODE_HELLO 5 +#define EIGRP_OPCODE_IPXSAP 6 +#define EIGRP_OPCODE_PROBE 7 + +static const struct tok eigrp_opcode_values[] = { + { EIGRP_OPCODE_UPDATE, "Update" }, + { EIGRP_OPCODE_QUERY, "Query" }, + { EIGRP_OPCODE_REPLY, "Reply" }, + { EIGRP_OPCODE_HELLO, "Hello" }, + { EIGRP_OPCODE_IPXSAP, "IPX SAP" }, + { EIGRP_OPCODE_PROBE, "Probe" }, + { 0, NULL} +}; + +struct eigrp_tlv_header { + u_int8_t type[2]; + u_int8_t length[2]; +}; + +#define EIGRP_TLV_GENERAL_PARM 0x0001 +#define EIGRP_TLV_SEQ 0x0003 +#define EIGRP_TLV_SW_VERSION 0x0004 +#define EIGRP_TLV_MCAST_SEQ 0x0005 +#define EIGRP_TLV_IP_INT 0x0102 +#define EIGRP_TLV_IP_EXT 0x0103 +#define EIGRP_TLV_AT_INT 0x0202 +#define EIGRP_TLV_AT_EXT 0x0203 +#define EIGRP_TLV_AT_CABLE_SETUP 0x0204 +#define EIGRP_TLV_IPX_INT 0x0302 +#define EIGRP_TLV_IPX_EXT 0x0303 + +static const struct tok eigrp_tlv_values[] = { + { EIGRP_TLV_GENERAL_PARM, "General Parameters"}, + { EIGRP_TLV_SEQ, "Sequence"}, + { EIGRP_TLV_SW_VERSION, "Software Version"}, + { EIGRP_TLV_MCAST_SEQ, "Next Multicast Sequence"}, + { EIGRP_TLV_IP_INT, "IP Internal routes"}, + { EIGRP_TLV_IP_EXT, "IP External routes"}, + { EIGRP_TLV_AT_INT, "AppleTalk Internal routes"}, + { EIGRP_TLV_AT_EXT, "AppleTalk External routes"}, + { EIGRP_TLV_AT_CABLE_SETUP, "AppleTalk Cable setup"}, + { EIGRP_TLV_IPX_INT, "IPX Internal routes"}, + { EIGRP_TLV_IPX_EXT, "IPX External routes"}, + { 0, NULL} +}; + +void +eigrp_print(register const u_char *pptr, register u_int len) { + + const struct eigrp_common_header *eigrp_com_header; + const struct eigrp_tlv_header *eigrp_tlv_header; + const u_char *tptr,*obj_tptr; + int tlen,eigrp_tlv_len,eigrp_tlv_type,obj_tlen; + + tptr=pptr; + eigrp_com_header = (const struct eigrp_common_header *)pptr; + TCHECK(*eigrp_com_header); + + /* + * Sanity checking of the header. + */ + if (eigrp_com_header->version != EIGRP_VERSION) { + printf("EIGRP version %u packet not supported",eigrp_com_header->version); + return; + } + + /* in non-verbose mode just lets print the basic Message Type*/ + if (vflag < 1) { + printf("EIGRP %s, length: %u", + tok2str(eigrp_opcode_values, "unknown (%u)",eigrp_com_header->opcode), + len); + return; + } + + /* ok they seem to want to know everything - lets fully decode it */ + + tlen=len-sizeof(struct eigrp_common_header); + + /* FIXME print other header info */ + printf("\n\tEIGRP v%u, opcode: %s (%u), chksum: 0x%04x, Flags: [0x%08x]\n\tseq: 0x%08x, ack: 0x%08x, AS: %u, length: %u", + eigrp_com_header->version, + tok2str(eigrp_opcode_values, "unknown, type: %u",eigrp_com_header->opcode), + eigrp_com_header->opcode, + EXTRACT_16BITS(&eigrp_com_header->checksum), + EXTRACT_32BITS(&eigrp_com_header->flags), + EXTRACT_32BITS(&eigrp_com_header->seq), + EXTRACT_32BITS(&eigrp_com_header->ack), + EXTRACT_32BITS(&eigrp_com_header->asn), + tlen); + + tptr+=sizeof(const struct eigrp_common_header); + + while(tlen>0) { + /* did we capture enough for fully decoding the object header ? */ + if (!TTEST2(*tptr, sizeof(struct eigrp_tlv_header))) + goto trunc; + + eigrp_tlv_header = (const struct eigrp_tlv_header *)tptr; + eigrp_tlv_len=EXTRACT_16BITS(&eigrp_tlv_header->length); + eigrp_tlv_type=EXTRACT_16BITS(&eigrp_tlv_header->type); + + + if (eigrp_tlv_len == 0 || eigrp_tlv_len > tlen) { + print_unknown_data(tptr+sizeof(sizeof(struct eigrp_tlv_header)),"\n\t ",tlen); + return; + } + + printf("\n\t %s TLV (0x%04x), length: %u", + tok2str(eigrp_tlv_values, + "Unknown", + eigrp_tlv_type), + eigrp_tlv_type, + eigrp_tlv_len); + + obj_tptr=tptr+sizeof(struct eigrp_tlv_header); + obj_tlen=eigrp_tlv_len-sizeof(struct eigrp_tlv_header); + + /* did we capture enough for fully decoding the object ? */ + if (!TTEST2(*tptr, eigrp_tlv_len)) + goto trunc; + + switch(eigrp_tlv_type) { + + /* + * FIXME those are the defined TLVs that lack a decoder + * you are welcome to contribute code ;-) + */ + + case EIGRP_TLV_GENERAL_PARM: + case EIGRP_TLV_SEQ: + case EIGRP_TLV_SW_VERSION: + case EIGRP_TLV_MCAST_SEQ: + case EIGRP_TLV_IP_INT: + case EIGRP_TLV_IP_EXT: + case EIGRP_TLV_AT_INT: + case EIGRP_TLV_AT_EXT: + case EIGRP_TLV_AT_CABLE_SETUP: + case EIGRP_TLV_IPX_INT: + case EIGRP_TLV_IPX_EXT: + + default: + if (vflag <= 1) + print_unknown_data(obj_tptr,"\n\t ",obj_tlen); + break; + } + /* do we want to see an additionally hexdump ? */ + if (vflag > 1) + print_unknown_data(tptr+sizeof(sizeof(struct eigrp_tlv_header)),"\n\t ", + eigrp_tlv_len-sizeof(struct eigrp_tlv_header)); + + tptr+=eigrp_tlv_len; + tlen-=eigrp_tlv_len; + } + return; +trunc: + printf("\n\t\t packet exceeded snapshot"); +} @@ -21,7 +21,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.138 2004-04-28 22:02:23 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.139 2004-04-30 22:22:05 hannes Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -545,7 +545,6 @@ again: break; case IPPROTO_PIGP: - case IPPROTO_EIGRP: /* * XXX - the current IANA protocol number assignments * page lists 9 as "any private interior gateway @@ -558,17 +557,14 @@ again: * IP_PROTO_EIGRP as 88; those names better * match was the current protocol number * assignments say. - * - * XXX - at least according to the Ethereal - * dissectors, Cisco IGRP and Cisco EIGRP are - * *not* the same, so it's not clear that both - * IPPROTO_PIGP and IPPROTO_EIGRP should be - * handed to the same print routine; "igrp_print()" - * appears to be for IGRP, not EIGRP. */ igrp_print(cp, len, (const u_char *)ip); break; + case IPPROTO_EIGRP: + eigrp_print(cp, len); + break; + case IPPROTO_ND: (void)printf(" nd %d", len); break; diff --git a/print-ipx.c b/print-ipx.c index 94f17ddf..16173dec 100644 --- a/print-ipx.c +++ b/print-ipx.c @@ -24,7 +24,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-ipx.c,v 1.36 2003-11-16 09:36:25 guy Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ipx.c,v 1.37 2004-04-30 22:22:05 hannes Exp $"; #endif #ifdef HAVE_CONFIG_H @@ -118,7 +118,7 @@ ipx_decode(const struct ipxHdr *ipx, const u_char *datap, u_int length) #endif break; case IPX_SKT_EIGRP: - (void)printf(" ipx-eigrp %d", length); + eigrp_print(datap,length); break; default: (void)printf(" ipx-#%x %d", dstSkt, length); |