1 /*
2 * Copyright (c) 1988-1990 The Regents of the University of California.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Format and print bootp packets.
22 *
23 * This file was copied from tcpdump-2.1.1 and modified.
24 * There is an e-mail list for tcpdump: <tcpdump@ee.lbl.gov>
25 *
26 * $FreeBSD: src/libexec/bootpd/tools/bootptest/print-bootp.c,v 1.6.2.1 2001/10/14 21:39:54 iedowse Exp $
27 */
28
29 #include <stdio.h>
30
31 #include <sys/param.h>
32 #include <sys/types.h>
33 #include <sys/socket.h>
34
35 #include <sys/time.h> /* for struct timeval in net/if.h */
36 #include <net/if.h>
37 #include <netinet/in.h>
38
39 #include <string.h>
40 #include <ctype.h>
41
42 #include "bootp.h"
43 #include "bootptest.h"
44
45 /* These decode the vendor data. */
46 extern int printfn();
47 static void rfc1048_print();
48 static void cmu_print();
49 static void other_print();
50 static void dump_hex();
51
52 /*
53 * Print bootp requests
54 */
55 void
bootp_print(struct bootp * bp,int length,u_short sport,u_short dport)56 bootp_print(struct bootp *bp, int length, u_short sport, u_short dport)
57 {
58 static char tstr[] = " [|bootp]";
59 static unsigned char vm_cmu[4] = VM_CMU;
60 static unsigned char vm_rfc1048[4] = VM_RFC1048;
61 u_char *ep;
62 int vdlen;
63
64 #define TCHECK(var, l) if ((u_char *)&(var) > ep - l) goto trunc
65
66 /* Note funny sized packets */
67 if (length != sizeof(struct bootp))
68 (void) printf(" [len=%d]", length);
69
70 /* 'ep' points to the end of avaible data. */
71 ep = (u_char *) snapend;
72
73 switch (bp->bp_op) {
74
75 case BOOTREQUEST:
76 /* Usually, a request goes from a client to a server */
77 if (sport != IPPORT_BOOTPC || dport != IPPORT_BOOTPS)
78 printf(" (request)");
79 break;
80
81 case BOOTREPLY:
82 /* Usually, a reply goes from a server to a client */
83 if (sport != IPPORT_BOOTPS || dport != IPPORT_BOOTPC)
84 printf(" (reply)");
85 break;
86
87 default:
88 printf(" bootp-#%d", bp->bp_op);
89 }
90
91 /* The usual hardware address type is 1 (10Mb Ethernet) */
92 if (bp->bp_htype != 1)
93 printf(" htype:%d", bp->bp_htype);
94
95 /* The usual length for 10Mb Ethernet address is 6 bytes */
96 if (bp->bp_hlen != 6)
97 printf(" hlen:%d", bp->bp_hlen);
98
99 /* Client's Hardware address */
100 if (bp->bp_hlen) {
101 struct ether_header *eh;
102 char *e;
103
104 TCHECK(bp->bp_chaddr[0], 6);
105 eh = (struct ether_header *) packetp;
106 if (bp->bp_op == BOOTREQUEST)
107 e = (char *) ESRC(eh);
108 else if (bp->bp_op == BOOTREPLY)
109 e = (char *) EDST(eh);
110 else
111 e = NULL;
112 if (e == NULL || bcmp((char *) bp->bp_chaddr, e, 6))
113 dump_hex(bp->bp_chaddr, bp->bp_hlen);
114 }
115 /* Only print interesting fields */
116 if (bp->bp_hops)
117 printf(" hops:%d", bp->bp_hops);
118
119 if (bp->bp_xid)
120 printf(" xid:%ld", (long)ntohl(bp->bp_xid));
121
122 if (bp->bp_secs)
123 printf(" secs:%d", ntohs(bp->bp_secs));
124
125 /* Client's ip address */
126 TCHECK(bp->bp_ciaddr, sizeof(bp->bp_ciaddr));
127 if (bp->bp_ciaddr.s_addr)
128 printf(" C:%s", ipaddr_string(&bp->bp_ciaddr));
129
130 /* 'your' ip address (bootp client) */
131 TCHECK(bp->bp_yiaddr, sizeof(bp->bp_yiaddr));
132 if (bp->bp_yiaddr.s_addr)
133 printf(" Y:%s", ipaddr_string(&bp->bp_yiaddr));
134
135 /* Server's ip address */
136 TCHECK(bp->bp_siaddr, sizeof(bp->bp_siaddr));
137 if (bp->bp_siaddr.s_addr)
138 printf(" S:%s", ipaddr_string(&bp->bp_siaddr));
139
140 /* Gateway's ip address */
141 TCHECK(bp->bp_giaddr, sizeof(bp->bp_giaddr));
142 if (bp->bp_giaddr.s_addr)
143 printf(" G:%s", ipaddr_string(&bp->bp_giaddr));
144
145 TCHECK(bp->bp_sname[0], sizeof(bp->bp_sname));
146 if (*bp->bp_sname) {
147 printf(" sname:");
148 if (printfn(bp->bp_sname, ep)) {
149 fputs(tstr + 1, stdout);
150 return;
151 }
152 }
153 TCHECK(bp->bp_file[0], sizeof(bp->bp_file));
154 if (*bp->bp_file) {
155 printf(" file:");
156 if (printfn(bp->bp_file, ep)) {
157 fputs(tstr + 1, stdout);
158 return;
159 }
160 }
161 /* Don't try to decode the vendor buffer unless we're verbose */
162 if (vflag <= 0)
163 return;
164
165 vdlen = sizeof(bp->bp_vend);
166 /* Vendor data can extend to the end of the packet. */
167 if (vdlen < (ep - bp->bp_vend))
168 vdlen = (ep - bp->bp_vend);
169
170 TCHECK(bp->bp_vend[0], vdlen);
171 printf(" vend");
172 if (!bcmp(bp->bp_vend, vm_rfc1048, sizeof(u_int32)))
173 rfc1048_print(bp->bp_vend, vdlen);
174 else if (!bcmp(bp->bp_vend, vm_cmu, sizeof(u_int32)))
175 cmu_print(bp->bp_vend, vdlen);
176 else
177 other_print(bp->bp_vend, vdlen);
178
179 return;
180 trunc:
181 fputs(tstr, stdout);
182 #undef TCHECK
183 }
184
185 /*
186 * Option description data follows.
187 * These are decribed in: RFC-1048, RFC-1395, RFC-1497, RFC-1533
188 *
189 * The first char of each option string encodes the data format:
190 * ?: unknown
191 * a: ASCII
192 * b: byte (8-bit)
193 * i: inet address
194 * l: int32
195 * s: short (16-bit)
196 */
197 char *
198 rfc1048_opts[] = {
199 /* Originally from RFC-1048: */
200 "?PAD", /* 0: Padding - special, no data. */
201 "iSM", /* 1: subnet mask (RFC950)*/
202 "lTZ", /* 2: time offset, seconds from UTC */
203 "iGW", /* 3: gateways (or routers) */
204 "iTS", /* 4: time servers (RFC868) */
205 "iINS", /* 5: IEN name servers (IEN116) */
206 "iDNS", /* 6: domain name servers (RFC1035)(1034?) */
207 "iLOG", /* 7: MIT log servers */
208 "iCS", /* 8: cookie servers (RFC865) */
209 "iLPR", /* 9: lpr server (RFC1179) */
210 "iIPS", /* 10: impress servers (Imagen) */
211 "iRLP", /* 11: resource location servers (RFC887) */
212 "aHN", /* 12: host name (ASCII) */
213 "sBFS", /* 13: boot file size (in 512 byte blocks) */
214
215 /* Added by RFC-1395: */
216 "aDUMP", /* 14: Merit Dump File */
217 "aDNAM", /* 15: Domain Name (for DNS) */
218 "iSWAP", /* 16: Swap Server */
219 "aROOT", /* 17: Root Path */
220
221 /* Added by RFC-1497: */
222 "aEXTF", /* 18: Extensions Path (more options) */
223
224 /* Added by RFC-1533: (many, many options...) */
225 #if 1 /* These might not be worth recognizing by name. */
226
227 /* IP Layer Parameters, per-host (RFC-1533, sect. 4) */
228 "bIP-forward", /* 19: IP Forwarding flag */
229 "bIP-srcroute", /* 20: IP Source Routing Enable flag */
230 "iIP-filters", /* 21: IP Policy Filter (addr pairs) */
231 "sIP-maxudp", /* 22: IP Max-UDP reassembly size */
232 "bIP-ttlive", /* 23: IP Time to Live */
233 "lIP-pmtuage", /* 24: IP Path MTU aging timeout */
234 "sIP-pmtutab", /* 25: IP Path MTU plateau table */
235
236 /* IP parameters, per-interface (RFC-1533, sect. 5) */
237 "sIP-mtu-sz", /* 26: IP MTU size */
238 "bIP-mtu-sl", /* 27: IP MTU all subnets local */
239 "bIP-bcast1", /* 28: IP Broadcast Addr ones flag */
240 "bIP-mask-d", /* 29: IP do mask discovery */
241 "bIP-mask-s", /* 30: IP do mask supplier */
242 "bIP-rt-dsc", /* 31: IP do router discovery */
243 "iIP-rt-sa", /* 32: IP router solicitation addr */
244 "iIP-routes", /* 33: IP static routes (dst,router) */
245
246 /* Link Layer parameters, per-interface (RFC-1533, sect. 6) */
247 "bLL-trailer", /* 34: do tralier encapsulation */
248 "lLL-arp-tmo", /* 35: ARP cache timeout */
249 "bLL-ether2", /* 36: Ethernet version 2 (IEEE 802.3) */
250
251 /* TCP parameters (RFC-1533, sect. 7) */
252 "bTCP-def-ttl", /* 37: default time to live */
253 "lTCP-KA-tmo", /* 38: keepalive time interval */
254 "bTCP-KA-junk", /* 39: keepalive sends extra junk */
255
256 /* Application and Service Parameters (RFC-1533, sect. 8) */
257 "aNISDOM", /* 40: NIS Domain (Sun YP) */
258 "iNISSRV", /* 41: NIS Servers */
259 "iNTPSRV", /* 42: NTP (time) Servers (RFC 1129) */
260 "?VSINFO", /* 43: Vendor Specific Info (encapsulated) */
261 "iNBiosNS", /* 44: NetBIOS Name Server (RFC-1001,1..2) */
262 "iNBiosDD", /* 45: NetBIOS Datagram Dist. Server. */
263 "bNBiosNT", /* 46: NetBIOS Note Type */
264 "?NBiosS", /* 47: NetBIOS Scope */
265 "iXW-FS", /* 48: X Window System Font Servers */
266 "iXW-DM", /* 49: X Window System Display Managers */
267
268 /* DHCP extensions (RFC-1533, sect. 9) */
269 #endif
270 };
271 #define KNOWN_OPTIONS NELEM(rfc1048_opts)
272
273 static void
rfc1048_print(u_char * bp,int length)274 rfc1048_print(u_char *bp, int length)
275 {
276 u_char tag;
277 u_char *ep;
278 int len;
279 u_int32 ul;
280 u_short us;
281 struct in_addr ia;
282 char *optstr;
283
284 printf("-rfc1395");
285
286 /* Step over magic cookie */
287 bp += sizeof(int32);
288 /* Setup end pointer */
289 ep = bp + length;
290 while (bp < ep) {
291 tag = *bp++;
292 /* Check for tags with no data first. */
293 if (tag == TAG_PAD)
294 continue;
295 if (tag == TAG_END)
296 return;
297 if (tag < KNOWN_OPTIONS) {
298 optstr = rfc1048_opts[tag];
299 printf(" %s:", optstr + 1);
300 } else {
301 printf(" T%d:", tag);
302 optstr = "?";
303 }
304 /* Now scan the length byte. */
305 len = *bp++;
306 if (bp + len > ep) {
307 /* truncated option */
308 printf(" |(%d>%td)", len, ep - bp);
309 return;
310 }
311 /* Print the option value(s). */
312 switch (optstr[0]) {
313
314 case 'a': /* ASCII string */
315 printfn(bp, bp + len);
316 bp += len;
317 len = 0;
318 break;
319
320 case 's': /* Word formats */
321 while (len >= 2) {
322 bcopy((char *) bp, (char *) &us, 2);
323 printf("%d", ntohs(us));
324 bp += 2;
325 len -= 2;
326 if (len) printf(",");
327 }
328 if (len) printf("(junk=%d)", len);
329 break;
330
331 case 'l': /* Long words */
332 while (len >= 4) {
333 bcopy((char *) bp, (char *) &ul, 4);
334 printf("%ld", (long)ntohl(ul));
335 bp += 4;
336 len -= 4;
337 if (len) printf(",");
338 }
339 if (len) printf("(junk=%d)", len);
340 break;
341
342 case 'i': /* INET addresses */
343 while (len >= 4) {
344 bcopy((char *) bp, (char *) &ia, 4);
345 printf("%s", ipaddr_string(&ia));
346 bp += 4;
347 len -= 4;
348 if (len) printf(",");
349 }
350 if (len) printf("(junk=%d)", len);
351 break;
352
353 case 'b':
354 default:
355 break;
356
357 } /* switch */
358
359 /* Print as characters, if appropriate. */
360 if (len) {
361 dump_hex(bp, len);
362 if (isascii(*bp) && isprint(*bp)) {
363 printf("(");
364 printfn(bp, bp + len);
365 printf(")");
366 }
367 bp += len;
368 len = 0;
369 }
370 } /* while bp < ep */
371 }
372
373 static void
cmu_print(u_char * bp,int length)374 cmu_print(u_char *bp, int length)
375 {
376 struct cmu_vend *v;
377 u_char *ep;
378
379 printf("-cmu");
380
381 v = (struct cmu_vend *) bp;
382 if (length < sizeof(*v)) {
383 printf(" |L=%d", length);
384 return;
385 }
386 /* Setup end pointer */
387 ep = bp + length;
388
389 /* Subnet mask */
390 if (v->v_flags & VF_SMASK) {
391 printf(" SM:%s", ipaddr_string(&v->v_smask));
392 }
393 /* Default gateway */
394 if (v->v_dgate.s_addr)
395 printf(" GW:%s", ipaddr_string(&v->v_dgate));
396
397 /* Domain name servers */
398 if (v->v_dns1.s_addr)
399 printf(" DNS1:%s", ipaddr_string(&v->v_dns1));
400 if (v->v_dns2.s_addr)
401 printf(" DNS2:%s", ipaddr_string(&v->v_dns2));
402
403 /* IEN-116 name servers */
404 if (v->v_ins1.s_addr)
405 printf(" INS1:%s", ipaddr_string(&v->v_ins1));
406 if (v->v_ins2.s_addr)
407 printf(" INS2:%s", ipaddr_string(&v->v_ins2));
408
409 /* Time servers */
410 if (v->v_ts1.s_addr)
411 printf(" TS1:%s", ipaddr_string(&v->v_ts1));
412 if (v->v_ts2.s_addr)
413 printf(" TS2:%s", ipaddr_string(&v->v_ts2));
414
415 }
416
417
418 /*
419 * Print out arbitrary, unknown vendor data.
420 */
421
422 static void
other_print(u_char * bp,int length)423 other_print(u_char *bp, int length)
424 {
425 u_char *ep; /* end pointer */
426 u_char *zp; /* points one past last non-zero byte */
427
428 /* Setup end pointer */
429 ep = bp + length;
430
431 /* Find the last non-zero byte. */
432 for (zp = ep; zp > bp; zp--) {
433 if (zp[-1] != 0)
434 break;
435 }
436
437 /* Print the all-zero case in a compact representation. */
438 if (zp == bp) {
439 printf("-all-zero");
440 return;
441 }
442 printf("-unknown");
443
444 /* Are there enough trailing zeros to make "00..." worthwhile? */
445 if (zp + 2 > ep)
446 zp = ep; /* print them all normally */
447
448 /* Now just print all the non-zero data. */
449 while (bp < zp) {
450 printf(".%02X", *bp);
451 bp++;
452 }
453
454 if (zp < ep)
455 printf(".00...");
456
457 return;
458 }
459
460 static void
dump_hex(u_char * bp,int len)461 dump_hex(u_char *bp, int len)
462 {
463 while (len > 0) {
464 printf("%02X", *bp);
465 bp++;
466 len--;
467 if (len) printf(".");
468 }
469 }
470