netdissect.h revision 241235
143412Snewton/* 243412Snewton * Copyright (c) 1988-1997 343412Snewton * The Regents of the University of California. All rights reserved. 443412Snewton * 543412Snewton * Copyright (c) 1998-2004 Michael Richardson <mcr@tcpdump.org> 643412Snewton * The TCPDUMP project 743412Snewton * 843412Snewton * Redistribution and use in source and binary forms, with or without 943412Snewton * modification, are permitted provided that: (1) source code distributions 1043412Snewton * retain the above copyright notice and this paragraph in its entirety, (2) 1143412Snewton * distributions including binary code include the above copyright notice and 1243412Snewton * this paragraph in its entirety in the documentation or other materials 1343412Snewton * provided with the distribution, and (3) all advertising materials mentioning 1443412Snewton * features or use of this software display the following acknowledgement: 1543412Snewton * ``This product includes software developed by the University of California, 1643412Snewton * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 1743412Snewton * the University nor the names of its contributors may be used to endorse 1843412Snewton * or promote products derived from this software without specific prior 1943412Snewton * written permission. 2043412Snewton * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 2143412Snewton * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 2243412Snewton * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 2343412Snewton * 2443412Snewton * @(#) $Header: /tcpdump/master/tcpdump/netdissect.h,v 1.27 2008-08-16 11:36:20 hannes Exp $ (LBL) 2543412Snewton */ 2643412Snewton 2749270Snewton#ifndef netdissect_h 2850477Speter#define netdissect_h 2943412Snewton 3043412Snewton#ifdef HAVE_OS_PROTO_H 3143412Snewton#include "os-proto.h" 3243412Snewton#endif 3343412Snewton#include <sys/types.h> 3443412Snewton 3555484Snewton#ifndef HAVE___ATTRIBUTE__ 3643412Snewton#define __attribute__(x) 3743412Snewton#endif 3843412Snewton 3943412Snewton/* snprintf et al */ 4043412Snewton 4143412Snewton#include <stdarg.h> 4243412Snewton 4343412Snewton#if !defined(HAVE_SNPRINTF) 4443412Snewtonint snprintf (char *str, size_t sz, const char *format, ...) 4543412Snewton __attribute__ ((format (printf, 3, 4))); 4643412Snewton#endif 4743412Snewton 4843412Snewton#if !defined(HAVE_VSNPRINTF) 4943412Snewtonint vsnprintf (char *str, size_t sz, const char *format, va_list ap) 5043412Snewton __attribute__((format (printf, 3, 0))); 5143412Snewton#endif 5243412Snewton 5343412Snewton#ifndef HAVE_STRLCAT 5443412Snewtonextern size_t strlcat (char *, const char *, size_t); 5543412Snewton#endif 5643412Snewton#ifndef HAVE_STRLCPY 5743412Snewtonextern size_t strlcpy (char *, const char *, size_t); 5843412Snewton#endif 5943412Snewton 6043412Snewton#ifndef HAVE_STRDUP 6143412Snewtonextern char *strdup (const char *str); 6243412Snewton#endif 6343412Snewton 6443412Snewton#ifndef HAVE_STRSEP 6543412Snewtonextern char *strsep(char **, const char *); 6643412Snewton#endif 6743412Snewton 6843412Snewtonstruct tok { 6943412Snewton int v; /* value */ 7043412Snewton const char *s; /* string */ 7143412Snewton}; 7243412Snewton 7343412Snewton#define TOKBUFSIZE 128 7443412Snewtonextern const char *tok2strbuf(const struct tok *, const char *, int, 7543412Snewton char *buf, size_t bufsize); 7643412Snewton 7751793Smarcel/* tok2str is deprecated */ 7843412Snewtonextern const char *tok2str(const struct tok *, const char *, int); 7943412Snewtonextern char *bittok2str(const struct tok *, const char *, int); 8043412Snewtonextern char *bittok2str_nosep(const struct tok *, const char *, int); 8143412Snewton 8243412Snewton 8343412Snewtontypedef struct netdissect_options netdissect_options; 8443412Snewton 8543412Snewtonstruct netdissect_options { 8643412Snewton int ndo_aflag; /* translate network and broadcast addresses */ 8743412Snewton int ndo_bflag; /* print 4 byte ASes in ASDOT notation */ 8843412Snewton int ndo_eflag; /* print ethernet header */ 8943412Snewton int ndo_fflag; /* don't translate "foreign" IP address */ 9043412Snewton int ndo_Kflag; /* don't check TCP checksums */ 9143412Snewton int ndo_nflag; /* leave addresses as numbers */ 9243412Snewton int ndo_Nflag; /* remove domains from printed host names */ 9343412Snewton int ndo_qflag; /* quick (shorter) output */ 9443412Snewton int ndo_Rflag; /* print sequence # field in AH/ESP*/ 9543412Snewton int ndo_sflag; /* use the libsmi to translate OIDs */ 9643412Snewton int ndo_Sflag; /* print raw TCP sequence numbers */ 9743412Snewton int ndo_tflag; /* print packet arrival time */ 9843412Snewton int ndo_Uflag; /* "unbuffered" output of dump files */ 9943412Snewton int ndo_uflag; /* Print undecoded NFS handles */ 10043412Snewton int ndo_vflag; /* verbose */ 10143412Snewton int ndo_xflag; /* print packet in hex */ 10243412Snewton int ndo_Xflag; /* print packet in hex/ascii */ 10343412Snewton int ndo_Aflag; /* print packet only in ascii observing TAB, 10443412Snewton * LF, CR and SPACE as graphical chars 10543412Snewton */ 10643412Snewton int ndo_Bflag; /* buffer size */ 10743412Snewton int ndo_Iflag; /* rfmon (monitor) mode */ 10843412Snewton int ndo_Oflag; /* run filter code optimizer */ 10943412Snewton int ndo_dlt; /* if != -1, ask libpcap for the DLT it names*/ 11043412Snewton int ndo_jflag; /* packet time stamp source */ 11143412Snewton int ndo_pflag; /* don't go promiscuous */ 11243412Snewton 11343412Snewton int ndo_Cflag; /* rotate dump files after this many bytes */ 11443412Snewton int ndo_Cflag_count; /* Keep track of which file number we're writing */ 11543412Snewton int ndo_Gflag; /* rotate dump files after this many seconds */ 11643412Snewton int ndo_Gflag_count; /* number of files created with Gflag rotation */ 11743412Snewton time_t ndo_Gflag_time; /* The last time_t the dump file was rotated. */ 11843412Snewton int ndo_Wflag; /* recycle output files after this number of files */ 11943412Snewton int ndo_WflagChars; 12043412Snewton int ndo_Hflag; /* dissect 802.11s draft mesh standard */ 121 int ndo_suppress_default_print; /* don't use default_print() for unknown packet types */ 122 const char *ndo_dltname; 123 124 char *ndo_espsecret; 125 struct sa_list *ndo_sa_list_head; /* used by print-esp.c */ 126 struct sa_list *ndo_sa_default; 127 128 char *ndo_sigsecret; /* Signature verification secret key */ 129 130 struct esp_algorithm *ndo_espsecret_xform; /* cache of decoded */ 131 char *ndo_espsecret_key; 132 133 int ndo_packettype; /* as specified by -T */ 134 135 char *ndo_program_name; /*used to generate self-identifying messages */ 136 137 int32_t ndo_thiszone; /* seconds offset from gmt to local time */ 138 139 int ndo_snaplen; 140 141 /*global pointers to beginning and end of current packet (during printing) */ 142 const u_char *ndo_packetp; 143 const u_char *ndo_snapend; 144 145 /* bookkeeping for ^T output */ 146 int ndo_infodelay; 147 148 /* pointer to void function to output stuff */ 149 void (*ndo_default_print)(netdissect_options *, 150 register const u_char *bp, register u_int length); 151 void (*ndo_info)(netdissect_options *, int verbose); 152 153 int (*ndo_printf)(netdissect_options *, 154 const char *fmt, ...) 155#ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 156 __attribute__ ((format (printf, 2, 3))) 157#endif 158 ; 159 void (*ndo_error)(netdissect_options *, 160 const char *fmt, ...) 161#ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 162 __attribute__ ((noreturn, format (printf, 2, 3))) 163#endif 164 ; 165 void (*ndo_warning)(netdissect_options *, 166 const char *fmt, ...) 167#ifdef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 168 __attribute__ ((format (printf, 2, 3))) 169#endif 170 ; 171}; 172 173#define PT_VAT 1 /* Visual Audio Tool */ 174#define PT_WB 2 /* distributed White Board */ 175#define PT_RPC 3 /* Remote Procedure Call */ 176#define PT_RTP 4 /* Real-Time Applications protocol */ 177#define PT_RTCP 5 /* Real-Time Applications control protocol */ 178#define PT_SNMP 6 /* Simple Network Management Protocol */ 179#define PT_CNFP 7 /* Cisco NetFlow protocol */ 180 181#ifndef min 182#define min(a,b) ((a)>(b)?(b):(a)) 183#endif 184#ifndef max 185#define max(a,b) ((b)>(a)?(b):(a)) 186#endif 187 188/* 189 * Maximum snapshot length. This should be enough to capture the full 190 * packet on most network interfaces. 191 * 192 * XXX - could it be larger? If so, should it? Some applications might 193 * use the snapshot length in a savefile header to control the size of 194 * the buffer they allocate, so a size of, say, 2^31-1 might not work 195 * well. 196 */ 197#define MAXIMUM_SNAPLEN 65535 198 199/* 200 * The default snapshot length is the maximum. 201 */ 202#define DEFAULT_SNAPLEN MAXIMUM_SNAPLEN 203 204#define ESRC(ep) ((ep)->ether_shost) 205#define EDST(ep) ((ep)->ether_dhost) 206 207#ifndef NTOHL 208#define NTOHL(x) (x) = ntohl(x) 209#define NTOHS(x) (x) = ntohs(x) 210#define HTONL(x) (x) = htonl(x) 211#define HTONS(x) (x) = htons(x) 212#endif 213 214/* 215 * True if "l" bytes of "var" were captured. 216 * 217 * The "ndo->ndo_snapend - (l) <= ndo->ndo_snapend" checks to make sure 218 * "l" isn't so large that "ndo->ndo_snapend - (l)" underflows. 219 * 220 * The check is for <= rather than < because "l" might be 0. 221 */ 222#define ND_TTEST2(var, l) (ndo->ndo_snapend - (l) <= ndo->ndo_snapend && \ 223 (const u_char *)&(var) <= ndo->ndo_snapend - (l)) 224 225/* True if "var" was captured */ 226#define ND_TTEST(var) ND_TTEST2(var, sizeof(var)) 227 228/* Bail if "l" bytes of "var" were not captured */ 229#define ND_TCHECK2(var, l) if (!ND_TTEST2(var, l)) goto trunc 230 231/* Bail if "var" was not captured */ 232#define ND_TCHECK(var) ND_TCHECK2(var, sizeof(var)) 233 234#define ND_PRINT(STUFF) (*ndo->ndo_printf)STUFF 235#define ND_DEFAULTPRINT(ap, length) (*ndo->ndo_default_print)(ndo, ap, length) 236 237#if 0 238extern void ts_print(netdissect_options *ipdo, 239 const struct timeval *); 240extern void relts_print(int); 241#endif 242 243extern int fn_print(const u_char *, const u_char *); 244extern int fn_printn(const u_char *, u_int, const u_char *); 245extern const char *tok2str(const struct tok *, const char *, int); 246 247extern void wrapup(int); 248 249#if 0 250extern char *read_infile(netdissect_options *, char *); 251extern char *copy_argv(netdissect_options *, char **); 252#endif 253 254extern void safeputchar(int); 255extern void safeputs(const char *, int); 256 257#define PLURAL_SUFFIX(n) \ 258 (((n) != 1) ? "s" : "") 259 260#if 0 261extern const char *isonsap_string(netdissect_options *, const u_char *); 262extern const char *protoid_string(netdissect_options *, const u_char *); 263extern const char *dnname_string(netdissect_options *, u_short); 264extern const char *dnnum_string(netdissect_options *, u_short); 265#endif 266 267/* The printer routines. */ 268 269#include <pcap.h> 270 271typedef u_int (*if_ndo_printer)(struct netdissect_options *ndo, 272 const struct pcap_pkthdr *, const u_char *); 273typedef u_int (*if_printer)(const struct pcap_pkthdr *, const u_char *); 274 275extern if_ndo_printer lookup_ndo_printer(int); 276extern if_printer lookup_printer(int); 277 278extern void eap_print(netdissect_options *,const u_char *, u_int); 279extern int esp_print(netdissect_options *, 280 register const u_char *bp, int len, register const u_char *bp2, 281 int *nhdr, int *padlen); 282extern void arp_print(netdissect_options *,const u_char *, u_int, u_int); 283extern void tipc_print(netdissect_options *, const u_char *, u_int, u_int); 284extern void icmp6_print(netdissect_options *ndo, const u_char *, 285 u_int, const u_char *, int); 286extern void isakmp_print(netdissect_options *,const u_char *, 287 u_int, const u_char *); 288extern void isakmp_rfc3948_print(netdissect_options *,const u_char *, 289 u_int, const u_char *); 290extern void ip_print(netdissect_options *,const u_char *, u_int); 291extern void ip_print_inner(netdissect_options *ndo, 292 const u_char *bp, u_int length, u_int nh, 293 const u_char *bp2); 294extern void rrcp_print(netdissect_options *,const u_char *, u_int); 295 296extern void ether_print(netdissect_options *, 297 const u_char *, u_int, u_int, 298 void (*)(netdissect_options *, const u_char *), 299 const u_char *); 300 301extern u_int ether_if_print(netdissect_options *, 302 const struct pcap_pkthdr *,const u_char *); 303extern u_int netanalyzer_if_print(netdissect_options *, 304 const struct pcap_pkthdr *,const u_char *); 305extern u_int netanalyzer_transparent_if_print(netdissect_options *, 306 const struct pcap_pkthdr *, 307 const u_char *); 308 309extern int ethertype_print(netdissect_options *,u_short, const u_char *, 310 u_int, u_int); 311 312/* stuff that has not yet been rototiled */ 313#if 0 314extern void ascii_print(netdissect_options *,u_int); 315extern void hex_and_ascii_print_with_offset(netdissect_options *,const char *, 316 u_int, u_int); 317extern void hex_and_ascii_print(netdissect_options *,const char *, u_int); 318extern void hex_print_with_offset(netdissect_options *,const char *, 319 u_int, u_int); 320extern void hex_print(netdissect_options *,const char *, u_int); 321extern void telnet_print(netdissect_options *,const u_char *, u_int); 322extern int llc_print(netdissect_options *, 323 const u_char *, u_int, u_int, const u_char *, 324 const u_char *, u_short *); 325extern void aarp_print(netdissect_options *,const u_char *, u_int); 326extern void atalk_print(netdissect_options *,const u_char *, u_int); 327extern void atm_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 328extern void bootp_print(netdissect_options *,const u_char *, 329 u_int, u_short, u_short); 330extern void bgp_print(netdissect_options *,const u_char *, int); 331extern void bxxp_print(netdissect_options *,const u_char *, u_int); 332extern void chdlc_if_print(u_char *user, const struct pcap_pkthdr *h, 333 register const u_char *p); 334extern void chdlc_print(netdissect_options *ndo, 335 register const u_char *p, u_int length, u_int caplen); 336extern void cisco_autorp_print(netdissect_options *, 337 const u_char *, u_int); 338extern void cnfp_print(netdissect_options *,const u_char *cp, 339 u_int len, const u_char *bp); 340extern void decnet_print(netdissect_options *,const u_char *, 341 u_int, u_int); 342extern void default_print(netdissect_options *,const u_char *, u_int); 343extern void dvmrp_print(netdissect_options *,const u_char *, u_int); 344extern void egp_print(netdissect_options *,const u_char *, u_int, 345 const u_char *); 346 347extern void arcnet_if_print(u_char*,const struct pcap_pkthdr *,const u_char *); 348extern void token_if_print(u_char *,const struct pcap_pkthdr *,const u_char *); 349extern void fddi_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 350 351extern void gre_print(netdissect_options *,const u_char *, u_int); 352extern void icmp_print(netdissect_options *,const u_char *, u_int, 353 const u_char *); 354extern void hsrp_print(netdissect_options *ndo, 355 register const u_char *bp, register u_int len); 356extern void ieee802_11_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 357extern void igmp_print(netdissect_options *, 358 register const u_char *, u_int); 359extern void igrp_print(netdissect_options *,const u_char *, u_int, 360 const u_char *); 361extern int nextproto4_cksum(const struct ip *, const u_int8_t *, u_int, u_int); 362extern void ipN_print(netdissect_options *,const u_char *, u_int); 363extern void ipx_print(netdissect_options *,const u_char *, u_int); 364extern void isoclns_print(netdissect_options *,const u_char *, 365 u_int, u_int, const u_char *, const u_char *); 366extern void krb_print(netdissect_options *,const u_char *, u_int); 367extern void llap_print(netdissect_options *,const u_char *, u_int); 368extern const char *linkaddr_string(netdissect_options *ndo, 369 const u_char *ep, const unsigned int len); 370extern void ltalk_if_print(netdissect_options *ndo, 371 u_char *user, const struct pcap_pkthdr *h, 372 const u_char *p); 373extern void mpls_print(netdissect_options *ndo, 374 const u_char *bp, u_int length); 375extern void msdp_print(netdissect_options *ndo, 376 const unsigned char *sp, u_int length); 377extern void nfsreply_print(netdissect_options *,const u_char *, 378 u_int, const u_char *); 379extern void nfsreq_print(netdissect_options *,const u_char *, 380 u_int, const u_char *); 381extern void ns_print(netdissect_options *,const u_char *, u_int); 382extern void ntp_print(netdissect_options *,const u_char *, u_int); 383extern void null_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 384extern void ospf_print(netdissect_options *,const u_char *, 385 u_int, const u_char *); 386extern void pimv1_print(netdissect_options *,const u_char *, u_int); 387extern void mobile_print(netdissect_options *,const u_char *, u_int); 388extern void pim_print(netdissect_options *,const u_char *, u_int, u_int); 389extern void pppoe_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 390extern void pppoe_print(netdissect_options *,const u_char *, u_int); 391extern void ppp_print(netdissect_options *, 392 register const u_char *, u_int); 393 394extern void ppp_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 395extern void ppp_hdlc_if_print(u_char *, 396 const struct pcap_pkthdr *, const u_char *); 397extern void ppp_bsdos_if_print(u_char *, 398 const struct pcap_pkthdr *, const u_char *); 399 400extern int vjc_print(netdissect_options *,register const char *, 401 register u_int, u_short); 402 403extern void raw_if_print(u_char *, 404 const struct pcap_pkthdr *, const u_char *); 405 406extern void rip_print(netdissect_options *,const u_char *, u_int); 407extern void rpki_rtr_print(netdissect_options *,const u_char *, u_int); 408 409extern void sctp_print(netdissect_options *ndo, 410 const u_char *bp, const u_char *bp2, 411 u_int sctpPacketLength); 412 413extern void sl_if_print(u_char *,const struct pcap_pkthdr *, const u_char *); 414 415extern void lane_if_print(u_char *,const struct pcap_pkthdr *,const u_char *); 416extern void cip_if_print(u_char *,const struct pcap_pkthdr *,const u_char *); 417extern void sl_bsdos_if_print(u_char *, 418 const struct pcap_pkthdr *, const u_char *); 419extern void sll_if_print(u_char *, 420 const struct pcap_pkthdr *, const u_char *); 421 422extern void snmp_print(netdissect_options *,const u_char *, u_int); 423extern void sunrpcrequest_print(netdissect_options *,const u_char *, 424 u_int, const u_char *); 425extern void tcp_print(netdissect_options *,const u_char *, u_int, 426 const u_char *, int); 427extern void tftp_print(netdissect_options *,const u_char *, u_int); 428extern void timed_print(netdissect_options *,const u_char *, u_int); 429extern void udp_print(netdissect_options *,const u_char *, u_int, 430 const u_char *, int); 431extern void wb_print(netdissect_options *,const void *, u_int); 432extern int ah_print(netdissect_options *,register const u_char *, 433 register const u_char *); 434extern void esp_print_decodesecret(netdissect_options *ndo); 435extern int ipcomp_print(netdissect_options *,register const u_char *, 436 register const u_char *, int *); 437extern void rx_print(netdissect_options *,register const u_char *, 438 int, int, int, u_char *); 439extern void netbeui_print(netdissect_options *,u_short, 440 const u_char *, int); 441extern void ipx_netbios_print(netdissect_options *,const u_char *, u_int); 442extern void nbt_tcp_print(netdissect_options *,const u_char *, int); 443extern void nbt_udp137_print(netdissect_options *, 444 const u_char *data, int); 445extern void nbt_udp138_print(netdissect_options *, 446 const u_char *data, int); 447extern char *smb_errstr(netdissect_options *,int, int); 448extern const char *nt_errstr(netdissect_options *, u_int32_t); 449extern void print_data(netdissect_options *,const unsigned char *, int); 450extern void l2tp_print(netdissect_options *,const u_char *, u_int); 451extern void lcp_print(netdissect_options *,const u_char *, u_int); 452extern void vrrp_print(netdissect_options *,const u_char *bp, 453 u_int len, int ttl); 454extern void carp_print(netdissect_options *,const u_char *bp, 455 u_int len, int ttl); 456extern void cdp_print(netdissect_options *,const u_char *, 457 u_int, u_int, const u_char *, const u_char *); 458extern void stp_print(netdissect_options *,const u_char *p, u_int length); 459extern void radius_print(netdissect_options *,const u_char *, u_int); 460extern void lwres_print(netdissect_options *,const u_char *, u_int); 461extern void pptp_print(netdissect_options *,const u_char *, u_int); 462#endif 463 464extern u_int ipnet_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); 465extern u_int ppi_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); 466 467extern u_int ieee802_15_4_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); 468 469#ifdef INET6 470extern void ip6_print(netdissect_options *,const u_char *, u_int); 471#if 0 472extern void ip6_opt_print(netdissect_options *,const u_char *, int); 473extern int nextproto6_cksum(const struct ip6_hdr *, const u_int8_t *, u_int, u_int); 474extern int hbhopt_print(netdissect_options *,const u_char *); 475extern int dstopt_print(netdissect_options *,const u_char *); 476extern int frag6_print(netdissect_options *,const u_char *, 477 const u_char *); 478extern void icmp6_print(netdissect_options *,const u_char *, 479 const u_char *); 480extern void ripng_print(netdissect_options *,const u_char *, int); 481extern int rt6_print(netdissect_options *,const u_char *, const u_char *); 482extern void ospf6_print(netdissect_options *,const u_char *, u_int); 483extern void dhcp6_print(netdissect_options *,const u_char *, 484 u_int, u_int16_t, u_int16_t); 485 486extern void zephyr_print(netdissect_options * ndo, 487 const u_char *cp, int length); 488#endif /* 0 */ 489 490#endif /*INET6*/ 491 492#if 0 493struct cksum_vec { 494 const u_int8_t *ptr; 495 int len; 496}; 497extern u_int16_t in_cksum(const struct cksum_vec *, int); 498extern u_int16_t in_cksum_shouldbe(u_int16_t, u_int16_t); 499#endif 500 501extern void esp_print_decodesecret(netdissect_options *ndo); 502extern int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo, 503 int initiator, 504 u_char spii[8], u_char spir[8], 505 u_char *buf, u_char *end); 506 507 508#endif /* netdissect_h */ 509