1 /* $NetBSD: traceroute6.c,v 1.52 2021/02/03 06:42:50 roy Exp $ */
2 /* $KAME: traceroute6.c,v 1.67 2004/01/25 03:24:39 itojun Exp $ */
3
4 /*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 /*-
34 * Copyright (c) 1990, 1993
35 * The Regents of the University of California. All rights reserved.
36 *
37 * This code is derived from software contributed to Berkeley by
38 * Van Jacobson.
39 *
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
42 * are met:
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. Neither the name of the University nor the names of its contributors
49 * may be used to endorse or promote products derived from this software
50 * without specific prior written permission.
51 *
52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62 * SUCH DAMAGE.
63 */
64
65 #if 0
66 #ifndef lint
67 static char copyright[] =
68 "@(#) Copyright (c) 1990, 1993\n\
69 The Regents of the University of California. All rights reserved.\n";
70 #endif /* not lint */
71
72 #ifndef lint
73 static char sccsid[] = "@(#)traceroute.c 8.1 (Berkeley) 6/6/93";
74 #endif /* not lint */
75 #else
76 #include <sys/cdefs.h>
77 #ifndef lint
78 __RCSID("$NetBSD: traceroute6.c,v 1.52 2021/02/03 06:42:50 roy Exp $");
79 #endif
80 #endif
81
82 /*
83 * traceroute host - trace the route ip packets follow going to "host".
84 *
85 * Attempt to trace the route an ip packet would follow to some
86 * internet host. We find out intermediate hops by launching probe
87 * packets with a small ttl (time to live) then listening for an
88 * icmp "time exceeded" reply from a gateway. We start our probes
89 * with a ttl of one and increase by one until we get an icmp "port
90 * unreachable" (which means we got to "host") or hit a max (which
91 * defaults to 30 hops & can be changed with the -m flag). Three
92 * probes (change with -q flag) are sent at each ttl setting and a
93 * line is printed showing the ttl, address of the gateway and
94 * round trip time of each probe. If the probe answers come from
95 * different gateways, the address of each responding system will
96 * be printed. If there is no response within a 5 sec. timeout
97 * interval (changed with the -w flag), a "*" is printed for that
98 * probe.
99 *
100 * Probe packets are UDP format. We don't want the destination
101 * host to process them so the destination port is set to an
102 * unlikely value (if some clod on the destination is using that
103 * value, it can be changed with the -p flag).
104 *
105 * A sample use might be:
106 *
107 * [yak 71]% traceroute nis.nsf.net.
108 * traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 56 byte packet
109 * 1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms
110 * 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
111 * 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
112 * 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms
113 * 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms
114 * 6 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms
115 * 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms
116 * 8 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms
117 * 9 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms
118 * 10 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms
119 * 11 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms
120 *
121 * Note that lines 2 & 3 are the same. This is due to a buggy
122 * kernel on the 2nd hop system -- lbl-csam.arpa -- that forwards
123 * packets with a zero ttl.
124 *
125 * A more interesting example is:
126 *
127 * [yak 72]% traceroute allspice.lcs.mit.edu.
128 * traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max
129 * 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
130 * 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms
131 * 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms
132 * 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms
133 * 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms
134 * 6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms
135 * 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms
136 * 8 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms
137 * 9 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms
138 * 10 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms
139 * 11 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms
140 * 12 * * *
141 * 13 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms
142 * 14 * * *
143 * 15 * * *
144 * 16 * * *
145 * 17 * * *
146 * 18 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms
147 *
148 * (I start to see why I'm having so much trouble with mail to
149 * MIT.) Note that the gateways 12, 14, 15, 16 & 17 hops away
150 * either don't send ICMP "time exceeded" messages or send them
151 * with a ttl too small to reach us. 14 - 17 are running the
152 * MIT C Gateway code that doesn't send "time exceeded"s. God
153 * only knows what's going on with 12.
154 *
155 * The silent gateway 12 in the above may be the result of a bug in
156 * the 4.[23]BSD network code (and its derivatives): 4.x (x <= 3)
157 * sends an unreachable message using whatever ttl remains in the
158 * original datagram. Since, for gateways, the remaining ttl is
159 * zero, the icmp "time exceeded" is guaranteed to not make it back
160 * to us. The behavior of this bug is slightly more interesting
161 * when it appears on the destination system:
162 *
163 * 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
164 * 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 39 ms
165 * 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 39 ms 19 ms
166 * 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 19 ms
167 * 5 ccn-nerif35.Berkeley.EDU (128.32.168.35) 39 ms 39 ms 39 ms
168 * 6 csgw.Berkeley.EDU (128.32.133.254) 39 ms 59 ms 39 ms
169 * 7 * * *
170 * 8 * * *
171 * 9 * * *
172 * 10 * * *
173 * 11 * * *
174 * 12 * * *
175 * 13 rip.Berkeley.EDU (128.32.131.22) 59 ms ! 39 ms ! 39 ms !
176 *
177 * Notice that there are 12 "gateways" (13 is the final
178 * destination) and exactly the last half of them are "missing".
179 * What's really happening is that rip (a Sun-3 running Sun OS3.5)
180 * is using the ttl from our arriving datagram as the ttl in its
181 * icmp reply. So, the reply will time out on the return path
182 * (with no notice sent to anyone since icmp's aren't sent for
183 * icmp's) until we probe with a ttl that's at least twice the path
184 * length. I.e., rip is really only 7 hops away. A reply that
185 * returns with a ttl of 1 is a clue this problem exists.
186 * Traceroute prints a "!" after the time if the ttl is <= 1.
187 * Since vendors ship a lot of obsolete (DEC's Ultrix, Sun 3.x) or
188 * non-standard (HPUX) software, expect to see this problem
189 * frequently and/or take care picking the target host of your
190 * probes.
191 *
192 * Other possible annotations after the time are !H, !N, !P (got a host,
193 * network or protocol unreachable, respectively), !S or !F (source
194 * route failed or fragmentation needed -- neither of these should
195 * ever occur and the associated gateway is busted if you see one). If
196 * almost all the probes result in some kind of unreachable, traceroute
197 * will give up and exit.
198 *
199 * Notes
200 * -----
201 * This program must be run by root or be setuid. (I suggest that
202 * you *don't* make it setuid -- casual use could result in a lot
203 * of unnecessary traffic on our poor, congested nets.)
204 *
205 * This program requires a kernel mod that does not appear in any
206 * system available from Berkeley: A raw ip socket using proto
207 * IPPROTO_RAW must interpret the data sent as an ip datagram (as
208 * opposed to data to be wrapped in a ip datagram). See the README
209 * file that came with the source to this program for a description
210 * of the mods I made to /sys/netinet/raw_ip.c. Your mileage may
211 * vary. But, again, ANY 4.x (x < 4) BSD KERNEL WILL HAVE TO BE
212 * MODIFIED TO RUN THIS PROGRAM.
213 *
214 * The udp port usage may appear bizarre (well, ok, it is bizarre).
215 * The problem is that an icmp message only contains 8 bytes of
216 * data from the original datagram. 8 bytes is the size of a udp
217 * header so, if we want to associate replies with the original
218 * datagram, the necessary information must be encoded into the
219 * udp header (the ip id could be used but there's no way to
220 * interlock with the kernel's assignment of ip id's and, anyway,
221 * it would have taken a lot more kernel hacking to allow this
222 * code to set the ip id). So, to allow two or more users to
223 * use traceroute simultaneously, we use this task's pid as the
224 * source port (the high bit is set to move the port number out
225 * of the "likely" range). To keep track of which probe is being
226 * replied to (so times and/or hop counts don't get confused by a
227 * reply that was delayed in transit), we increment the destination
228 * port number before each probe.
229 *
230 * Don't use this as a coding example. I was trying to find a
231 * routing problem and this code sort-of popped out after 48 hours
232 * without sleep. I was amazed it ever compiled, much less ran.
233 *
234 * I stole the idea for this program from Steve Deering. Since
235 * the first release, I've learned that had I attended the right
236 * IETF working group meetings, I also could have stolen it from Guy
237 * Almes or Matt Mathis. I don't know (or care) who came up with
238 * the idea first. I envy the originators' perspicacity and I'm
239 * glad they didn't keep the idea a secret.
240 *
241 * Tim Seaver, Ken Adelman and C. Philip Wood provided bug fixes and/or
242 * enhancements to the original distribution.
243 *
244 * I've hacked up a round-trip-route version of this that works by
245 * sending a loose-source-routed udp datagram through the destination
246 * back to yourself. Unfortunately, SO many gateways botch source
247 * routing, the thing is almost worthless. Maybe one day...
248 *
249 * -- Van Jacobson (van@helios.ee.lbl.gov)
250 * Tue Dec 20 03:50:13 PST 1988
251 */
252
253 #include <sys/param.h>
254 #include <sys/time.h>
255 #include <sys/socket.h>
256 #include <sys/uio.h>
257 #include <sys/file.h>
258 #include <sys/ioctl.h>
259 #include <sys/sysctl.h>
260
261 #include <netinet/in.h>
262
263 #include <arpa/inet.h>
264
265 #include <netdb.h>
266 #include <stdio.h>
267 #include <err.h>
268 #ifdef HAVE_POLL
269 #include <poll.h>
270 #endif
271 #include <errno.h>
272 #include <stdlib.h>
273 #include <string.h>
274 #include <unistd.h>
275
276 #include <netinet/ip6.h>
277 #include <netinet/icmp6.h>
278 #include <netinet/udp.h>
279
280 #ifdef IPSEC
281 #include <net/route.h>
282 #include <netipsec/ipsec.h>
283 #endif
284
285 #include "as.h"
286
287 #define DUMMY_PORT 10010
288
289 #define MAXPACKET 65535 /* max ip packet size */
290
291 #ifndef HAVE_GETIPNODEBYNAME
292 #define getipnodebyname(x, y, z, u) gethostbyname2((x), (y))
293 #define freehostent(x)
294 #endif
295
296 /*
297 * format of a (udp) probe packet.
298 */
299 struct tv32 {
300 u_int32_t tv32_sec;
301 u_int32_t tv32_usec;
302 };
303
304 struct opacket {
305 u_char seq; /* sequence number of this packet */
306 u_char hops; /* hop limit of the packet */
307 u_char pad[2];
308 struct tv32 tv; /* time packet left */
309 };
310
311 static u_char packet[512]; /* last inbound (icmp) packet */
312 static struct opacket *outpacket; /* last output (udp) packet */
313
314 static ssize_t wait_for_reply(int, struct msghdr *);
315 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
316 static int setpolicy(int, const char *);
317 #endif
318 static void send_probe(int, u_long);
319 static struct udphdr *get_udphdr(struct ip6_hdr *, u_char *);
320 static double deltaT(struct timeval *, struct timeval *);
321 static const char *pr_type(int);
322 static int packet_ok(struct msghdr *, ssize_t, int);
323 static void print(struct msghdr *, int);
324 static const char *inetname(struct sockaddr *);
325 static void usage(void) __attribute__((__noreturn__));
326
327 static int rcvsock; /* receive (icmp) socket file descriptor */
328 static int sndsock; /* send (udp) socket file descriptor */
329
330 static struct msghdr rcvmhdr;
331 static struct iovec rcviov[2];
332 static int rcvhlim;
333 static struct in6_pktinfo *rcvpktinfo;
334
335 static struct sockaddr_in6 Src, Dst, Rcv;
336 static u_long datalen; /* How much data */
337 #define ICMP6ECHOLEN 8
338
339 static char *source;
340 static char *hostname;
341
342 static u_long nprobes = 3;
343 static u_long first_hop = 1;
344 static u_long max_hops = 30;
345 static u_int16_t srcport;
346 static u_int16_t port = 32768+666;/* start udp dest port # for probe packets */
347 static u_int16_t ident;
348 static int options; /* socket options */
349 static int verbose;
350 static int waittime = 5; /* time to wait for response (in seconds) */
351 static int nflag; /* print addresses numerically */
352 static int useicmp;
353 static int lflag; /* print both numerical address & hostname */
354 static int as_path; /* print as numbers for each hop */
355 static char *as_server = NULL;
356 static void *asn;
357
358 int
main(int argc,char * argv[])359 main(int argc, char *argv[])
360 {
361 int mib[4] = { CTL_NET, PF_INET6, IPPROTO_IPV6, IPV6CTL_DEFHLIM };
362 char hbuf[NI_MAXHOST], src0[NI_MAXHOST], *ep;
363 int ch, i, on = 1, seq, rcvcmsglen, error;
364 u_long minlen;
365 struct addrinfo hints, *res;
366 static u_char *rcvcmsgbuf;
367 u_long probe, hops, lport;
368 size_t size;
369
370 /*
371 * Receive ICMP
372 */
373 if ((rcvsock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0)
374 err(5, "socket(ICMPv6)");
375
376 /* revoke privs */
377 seteuid(getuid());
378 setuid(getuid());
379
380 size = sizeof(i);
381 (void) sysctl(mib, sizeof(mib)/sizeof(mib[0]), &i, &size, NULL, 0);
382 max_hops = i;
383
384 /* specify to tell receiving interface */
385 if (setsockopt(rcvsock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on,
386 sizeof(on)) < 0)
387 err(1, "setsockopt(IPV6_RECVPKTINFO)");
388
389 /* specify to tell value of hoplimit field of received IP6 hdr */
390 if (setsockopt(rcvsock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on,
391 sizeof(on)) < 0)
392 err(1, "setsockopt(IPV6_RECVHOPLIMIT)");
393
394 seq = 0;
395
396 while ((ch = getopt(argc, argv, "aA:df:Ilm:np:q:rs:w:v")) != -1)
397 switch (ch) {
398 case 'a':
399 as_path = 1;
400 break;
401 case 'A':
402 as_path = 1;
403 as_server = optarg;
404 break;
405 case 'd':
406 options |= SO_DEBUG;
407 break;
408 case 'f':
409 ep = NULL;
410 errno = 0;
411 first_hop = strtoul(optarg, &ep, 0);
412 if (errno || !*optarg || *ep|| first_hop > 255)
413 errx(1, "Invalid min hoplimit `%s'", optarg);
414 break;
415 case 'I':
416 useicmp++;
417 /* same as ping6 */
418 ident = htons(arc4random() & 0xffff);
419 break;
420 case 'l':
421 lflag++;
422 break;
423 case 'm':
424 ep = NULL;
425 errno = 0;
426 max_hops = strtoul(optarg, &ep, 0);
427 if (errno || !*optarg || *ep || max_hops > 255)
428 errx(1, "Invalid max hoplimit `%s'", optarg);
429 break;
430 case 'n':
431 nflag++;
432 break;
433 case 'p':
434 ep = NULL;
435 errno = 0;
436 lport = strtoul(optarg, &ep, 0);
437 if (errno || !*optarg || *ep)
438 errx(1, "Invalid port `%s'", optarg);
439 if (lport == 0 || lport != (lport & 0xffff))
440 errx(1, "Port `%s' out of range", optarg);
441 port = lport & 0xffff;
442 break;
443 case 'q':
444 ep = NULL;
445 errno = 0;
446 nprobes = strtoul(optarg, &ep, 0);
447 if (errno || !*optarg || *ep)
448 errx(1, "Invalid nprobes `%s'", optarg);
449 if (nprobes < 1)
450 errx(1, "nprobes `%s' must be > 0", optarg);
451 break;
452 case 'r':
453 options |= SO_DONTROUTE;
454 break;
455 case 's':
456 /*
457 * set the ip source address of the outbound
458 * probe (e.g., on a multi-homed host).
459 */
460 source = optarg;
461 break;
462 case 'v':
463 verbose++;
464 break;
465 case 'w':
466 ep = NULL;
467 errno = 0;
468 waittime = strtoul(optarg, &ep, 0);
469 if (errno || !*optarg || *ep)
470 errx(1, "Invalid wait time `%s'", optarg);
471 if (waittime <= 1)
472 errx(1, "Wait `%s' must be > 1 sec", optarg);
473 break;
474 default:
475 usage();
476 }
477 argc -= optind;
478 argv += optind;
479
480 if (max_hops < first_hop)
481 errx(1, "max hoplimit `%lu' must be larger than "
482 "first hoplimit `%lu'", max_hops, first_hop);
483
484 if (argc < 1 || argc > 2)
485 usage();
486
487 #if 1
488 setvbuf(stdout, NULL, _IOLBF, BUFSIZ);
489 #else
490 setlinebuf(stdout);
491 #endif
492
493 memset(&hints, 0, sizeof(hints));
494 hints.ai_family = PF_INET6;
495 hints.ai_socktype = SOCK_RAW;
496 hints.ai_protocol = IPPROTO_ICMPV6;
497 hints.ai_flags = AI_CANONNAME;
498 error = getaddrinfo(*argv, NULL, &hints, &res);
499 if (error)
500 errx(1, "%s", gai_strerror(error));
501 if (res->ai_addrlen != sizeof(Dst))
502 errx(1, "size of sockaddr mismatch");
503 memcpy(&Dst, res->ai_addr, res->ai_addrlen);
504 hostname = res->ai_canonname ? strdup(res->ai_canonname) : *argv;
505 if (!hostname)
506 err(1, NULL);
507 if (res->ai_next) {
508 if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
509 sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
510 strlcpy(hbuf, "?", sizeof(hbuf));
511 warnx("`%s' has multiple addresses; using `%s'",
512 hostname, hbuf);
513 }
514
515 if (*++argv) {
516 ep = NULL;
517 errno = 0;
518 datalen = strtoul(*argv, &ep, 0);
519 if (errno || *ep)
520 errx(1, "Invalid packet length `%s'", *argv);
521 }
522 if (useicmp)
523 minlen = ICMP6ECHOLEN + sizeof(struct tv32);
524 else
525 minlen = sizeof(struct opacket);
526 if (datalen < minlen)
527 datalen = minlen;
528 else if (datalen >= MAXPACKET)
529 errx(1, "Packet size must be %lu <= s < %lu",
530 minlen, (u_long)MAXPACKET);
531 outpacket = (struct opacket *)malloc((unsigned)datalen);
532 if (!outpacket)
533 err(1, NULL);
534 memset(outpacket, 0, datalen);
535
536 /* initialize msghdr for receiving packets */
537 rcviov[0].iov_base = (caddr_t)packet;
538 rcviov[0].iov_len = sizeof(packet);
539 rcvmhdr.msg_name = (caddr_t)&Rcv;
540 rcvmhdr.msg_namelen = sizeof(Rcv);
541 rcvmhdr.msg_iov = rcviov;
542 rcvmhdr.msg_iovlen = 1;
543 rcvcmsglen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
544 CMSG_SPACE(sizeof(int));
545 if ((rcvcmsgbuf = malloc(rcvcmsglen)) == NULL)
546 err(1, NULL);
547 rcvmhdr.msg_control = (caddr_t) rcvcmsgbuf;
548 rcvmhdr.msg_controllen = rcvcmsglen;
549
550 if (options & SO_DEBUG)
551 (void) setsockopt(rcvsock, SOL_SOCKET, SO_DEBUG,
552 (char *)&on, sizeof(on));
553 if (options & SO_DONTROUTE)
554 (void) setsockopt(rcvsock, SOL_SOCKET, SO_DONTROUTE,
555 (char *)&on, sizeof(on));
556
557 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
558 if (setpolicy(rcvsock, "in bypass") < 0)
559 errx(1, "%s", ipsec_strerror());
560 if (setpolicy(rcvsock, "out bypass") < 0)
561 errx(1, "%s", ipsec_strerror());
562 #endif
563
564 /*
565 * Send UDP or ICMP
566 */
567 if (useicmp) {
568 sndsock = rcvsock;
569 } else {
570 if ((sndsock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0)
571 err(5, "socket(SOCK_DGRAM)");
572 }
573
574 i = datalen;
575 if (setsockopt(sndsock, SOL_SOCKET, SO_SNDBUF, (char *)&i,
576 sizeof(i)) < 0)
577 err(6, "setsockopt(SO_SNDBUF)");
578
579 if (options & SO_DEBUG)
580 (void) setsockopt(sndsock, SOL_SOCKET, SO_DEBUG,
581 (char *)&on, sizeof(on));
582 if (options & SO_DONTROUTE)
583 (void) setsockopt(sndsock, SOL_SOCKET, SO_DONTROUTE,
584 (char *)&on, sizeof(on));
585
586 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
587 if (setpolicy(sndsock, "in bypass") < 0)
588 errx(1, "%s", ipsec_strerror());
589 if (setpolicy(sndsock, "out bypass") < 0)
590 errx(1, "%s", ipsec_strerror());
591 #endif
592
593 /*
594 * Source selection
595 */
596 memset(&Src, 0, sizeof(Src));
597 if (source) {
598 struct addrinfo hints0, *res0;
599 int error0;
600
601 memset(&hints0, 0, sizeof(hints0));
602 hints0.ai_family = AF_INET6;
603 hints0.ai_socktype = SOCK_DGRAM; /*dummy*/
604 hints0.ai_flags = AI_NUMERICHOST;
605 error0 = getaddrinfo(source, "0", &hints0, &res0);
606 if (error0)
607 errx(1, "Cannot get address for `%s' (%s)", source,
608 gai_strerror(error0));
609 if (res0->ai_addrlen > sizeof(Src))
610 errx(1, "Bad incompatible address length");
611 memcpy(&Src, res0->ai_addr, res0->ai_addrlen);
612 freeaddrinfo(res0);
613 } else {
614 struct sockaddr_in6 Nxt;
615 int dummy;
616 socklen_t len;
617
618 Nxt = Dst;
619 Nxt.sin6_port = htons(DUMMY_PORT);
620
621 if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0)
622 err(1, "socket");
623 if (connect(dummy, (struct sockaddr *)&Nxt, Nxt.sin6_len) < 0)
624 err(1, "connect");
625 len = sizeof(Src);
626 if (getsockname(dummy, (struct sockaddr *)&Src, &len) < 0)
627 err(1, "getsockname");
628 if ((error = getnameinfo((struct sockaddr *)&Src, Src.sin6_len,
629 src0, sizeof(src0), NULL, 0, NI_NUMERICHOST)))
630 errx(1, "getnameinfo failed for source (%s)",
631 gai_strerror(error));
632 source = src0;
633 close(dummy);
634 }
635
636 Src.sin6_port = htons(0);
637 if (bind(sndsock, (struct sockaddr *)&Src, Src.sin6_len) < 0)
638 err(1, "bind");
639
640 {
641 socklen_t len;
642
643 len = sizeof(Src);
644 if (getsockname(sndsock, (struct sockaddr *)&Src, &len) < 0)
645 err(1, "bind");
646 srcport = ntohs(Src.sin6_port);
647 }
648
649 if (as_path) {
650 asn = as_setup(as_server);
651 if (asn == NULL) {
652 warnx("as_setup failed, AS# lookups disabled");
653 (void)fflush(stderr);
654 as_path = 0;
655 }
656 }
657
658 /*
659 * Message to users
660 */
661 if (getnameinfo((struct sockaddr *)&Dst, Dst.sin6_len, hbuf,
662 sizeof(hbuf), NULL, 0, NI_NUMERICHOST))
663 strlcpy(hbuf, "(invalid)", sizeof(hbuf));
664 fprintf(stderr, "traceroute6");
665 fprintf(stderr, " to %s (%s)", hostname, hbuf);
666 if (source)
667 fprintf(stderr, " from %s", source);
668 fprintf(stderr, ", %lu hops max, %lu byte packets\n",
669 max_hops, datalen);
670 (void) fflush(stderr);
671
672 if (first_hop > 1)
673 printf("Skipping %lu intermediate hops\n", first_hop - 1);
674
675 /*
676 * Main loop
677 */
678 for (hops = first_hop; hops <= max_hops; ++hops) {
679 struct in6_addr lastaddr;
680 int got_there = 0;
681 u_long unreachable = 0;
682
683 printf("%2lu ", hops);
684 memset(&lastaddr, 0, sizeof(lastaddr));
685 for (probe = 0; probe < nprobes; ++probe) {
686 int cc;
687 struct timeval t1, t2;
688
689 (void) gettimeofday(&t1, NULL);
690 if (!useicmp && htons((in_port_t)(port + seq + 1)) == 0)
691 seq++;
692 send_probe(++seq, hops);
693 while ((cc = wait_for_reply(rcvsock, &rcvmhdr))) {
694 (void) gettimeofday(&t2, NULL);
695 if ((i = packet_ok(&rcvmhdr, cc, seq))) {
696 if (!IN6_ARE_ADDR_EQUAL(&Rcv.sin6_addr,
697 &lastaddr)) {
698 print(&rcvmhdr, cc);
699 lastaddr = Rcv.sin6_addr;
700 }
701 printf(" %g ms", deltaT(&t1, &t2));
702 switch (i - 1) {
703 case ICMP6_DST_UNREACH_NOROUTE:
704 ++unreachable;
705 printf(" !N");
706 break;
707 case ICMP6_DST_UNREACH_ADMIN:
708 ++unreachable;
709 printf(" !X");
710 break;
711 case ICMP6_DST_UNREACH_NOTNEIGHBOR:
712 ++unreachable;
713 printf(" !S");
714 break;
715 case ICMP6_DST_UNREACH_ADDR:
716 ++unreachable;
717 printf(" !H");
718 break;
719 case ICMP6_DST_UNREACH_NOPORT:
720 if (rcvhlim >= 0 &&
721 rcvhlim <= 1)
722 printf(" !");
723 ++got_there;
724 break;
725 }
726 break;
727 }
728 }
729 if (cc == 0)
730 printf(" *");
731 (void) fflush(stdout);
732 }
733 putchar('\n');
734 if (got_there ||
735 (unreachable > 0 && unreachable >= ((nprobes + 1) / 2))) {
736 exit(0);
737 }
738 }
739
740 if (as_path)
741 as_shutdown(asn);
742
743 exit(0);
744 }
745
746 static ssize_t
wait_for_reply(int sock,struct msghdr * mhdr)747 wait_for_reply(int sock, struct msghdr *mhdr)
748 {
749 #ifdef HAVE_POLL
750 struct pollfd pfd[1];
751 ssize_t cc = 0;
752
753 pfd[0].fd = sock;
754 pfd[0].events = POLLIN;
755 pfd[0].revents = 0;
756
757 if (poll(pfd, 1, waittime * 1000) > 0)
758 cc = recvmsg(rcvsock, mhdr, 0);
759
760 return cc;
761 #else
762 fd_set *fdsp;
763 struct timeval wait;
764 ssize_t cc = 0;
765 int fdsn;
766
767 fdsn = howmany(sock + 1, NFDBITS) * sizeof(fd_mask);
768 if ((fdsp = (fd_set *)malloc(fdsn)) == NULL)
769 err(1, "malloc");
770 memset(fdsp, 0, fdsn);
771 FD_SET(sock, fdsp);
772 wait.tv_sec = waittime; wait.tv_usec = 0;
773
774 if (select(sock+1, fdsp, (fd_set *)0, (fd_set *)0, &wait) > 0)
775 cc = recvmsg(rcvsock, mhdr, 0);
776
777 free(fdsp);
778 return cc;
779 #endif
780 }
781
782 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
783 static int
setpolicy(int so,const char * policy)784 setpolicy(int so, const char *policy)
785 {
786 char *buf;
787
788 /*
789 * do not raise error even if setsockopt fails, kernel may have ipsec
790 * turned off.
791 */
792 buf = ipsec_set_policy(policy, strlen(policy));
793 if (buf == NULL) {
794 warnx("%s", ipsec_strerror());
795 return -1;
796 }
797 (void)setsockopt(so, IPPROTO_IPV6, IPV6_IPSEC_POLICY,
798 buf, ipsec_get_policylen(buf));
799
800 free(buf);
801
802 return 0;
803 }
804 #endif
805
806 static void
send_probe(int seq,u_long hops)807 send_probe(int seq, u_long hops)
808 {
809 struct timeval tv;
810 struct tv32 tv32;
811 int i;
812
813 i = hops;
814 if (setsockopt(sndsock, IPPROTO_IPV6, IPV6_UNICAST_HOPS,
815 (char *)&i, sizeof(i)) < 0)
816 warn("setsockopt IPV6_UNICAST_HOPS");
817
818 Dst.sin6_port = htons(port + seq);
819 (void) gettimeofday(&tv, NULL);
820 tv32.tv32_sec = htonl(tv.tv_sec);
821 tv32.tv32_usec = htonl(tv.tv_usec);
822
823 if (useicmp) {
824 struct icmp6_hdr *icp = (struct icmp6_hdr *)outpacket;
825
826 icp->icmp6_type = ICMP6_ECHO_REQUEST;
827 icp->icmp6_code = 0;
828 icp->icmp6_cksum = 0;
829 icp->icmp6_id = ident;
830 icp->icmp6_seq = htons(seq);
831 memcpy(((u_int8_t *)outpacket + ICMP6ECHOLEN), &tv32,
832 sizeof(tv32));
833 } else {
834 struct opacket *op = outpacket;
835
836 op->seq = seq;
837 op->hops = hops;
838 memcpy(&op->tv, &tv32, sizeof tv32);
839 }
840
841 i = sendto(sndsock, (char *)outpacket, datalen , 0,
842 (struct sockaddr *)&Dst, Dst.sin6_len);
843 if (i < 0 || i != (int)datalen) {
844 if (i < 0)
845 warnx("sendto");
846 printf("traceroute6: wrote %s %lu chars, ret=%d\n",
847 hostname, datalen, i);
848 (void) fflush(stdout);
849 }
850 }
851
852 static double
deltaT(struct timeval * t1p,struct timeval * t2p)853 deltaT(struct timeval *t1p, struct timeval *t2p)
854 {
855 double dt;
856
857 dt = (double)(t2p->tv_sec - t1p->tv_sec) * 1000.0 +
858 (double)(t2p->tv_usec - t1p->tv_usec) / 1000.0;
859 return dt;
860 }
861
862 /*
863 * Convert an ICMP "type" field to a printable string.
864 */
865 static const char *
pr_type(int t0)866 pr_type(int t0)
867 {
868 u_char t = t0 & 0xff;
869 const char *cp;
870
871 switch (t) {
872 case ICMP6_DST_UNREACH:
873 cp = "Destination Unreachable";
874 break;
875 case ICMP6_PACKET_TOO_BIG:
876 cp = "Packet Too Big";
877 break;
878 case ICMP6_TIME_EXCEEDED:
879 cp = "Time Exceeded";
880 break;
881 case ICMP6_PARAM_PROB:
882 cp = "Parameter Problem";
883 break;
884 case ICMP6_ECHO_REQUEST:
885 cp = "Echo Request";
886 break;
887 case ICMP6_ECHO_REPLY:
888 cp = "Echo Reply";
889 break;
890 case ICMP6_MEMBERSHIP_QUERY:
891 cp = "Group Membership Query";
892 break;
893 case ICMP6_MEMBERSHIP_REPORT:
894 cp = "Group Membership Report";
895 break;
896 case ICMP6_MEMBERSHIP_REDUCTION:
897 cp = "Group Membership Reduction";
898 break;
899 case ND_ROUTER_SOLICIT:
900 cp = "Router Solicitation";
901 break;
902 case ND_ROUTER_ADVERT:
903 cp = "Router Advertisement";
904 break;
905 case ND_NEIGHBOR_SOLICIT:
906 cp = "Neighbor Solicitation";
907 break;
908 case ND_NEIGHBOR_ADVERT:
909 cp = "Neighbor Advertisement";
910 break;
911 case ND_REDIRECT:
912 cp = "Redirect";
913 break;
914 default:
915 cp = "Unknown";
916 break;
917 }
918 return cp;
919 }
920
921 static int
packet_ok(struct msghdr * mhdr,ssize_t cc,int seq)922 packet_ok(struct msghdr *mhdr, ssize_t cc, int seq)
923 {
924 struct icmp6_hdr *icp;
925 struct sockaddr_in6 *from = (struct sockaddr_in6 *)mhdr->msg_name;
926 u_char type, code;
927 char *buf = (char *)mhdr->msg_iov[0].iov_base;
928 struct cmsghdr *cm;
929 int *hlimp;
930 char hbuf[NI_MAXHOST];
931
932 if (cc < (ssize_t)sizeof(struct icmp6_hdr)) {
933 if (verbose) {
934 if (getnameinfo((struct sockaddr *)from, from->sin6_len,
935 hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
936 strlcpy(hbuf, "invalid", sizeof(hbuf));
937 printf("data too short (%zd bytes) from %s\n", cc,
938 hbuf);
939 }
940 return 0;
941 }
942 icp = (struct icmp6_hdr *)buf;
943
944 /* get optional information via advanced API */
945 rcvpktinfo = NULL;
946 hlimp = NULL;
947 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm;
948 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) {
949 if (cm->cmsg_level == IPPROTO_IPV6 &&
950 cm->cmsg_type == IPV6_PKTINFO &&
951 cm->cmsg_len ==
952 CMSG_LEN(sizeof(struct in6_pktinfo)))
953 rcvpktinfo = (struct in6_pktinfo *)(CMSG_DATA(cm));
954
955 if (cm->cmsg_level == IPPROTO_IPV6 &&
956 cm->cmsg_type == IPV6_HOPLIMIT &&
957 cm->cmsg_len == CMSG_LEN(sizeof(int)))
958 hlimp = (int *)CMSG_DATA(cm);
959 }
960 if (rcvpktinfo == NULL || hlimp == NULL) {
961 warnx("failed to get received hop limit or packet info");
962 #if 0
963 return 0;
964 #else
965 rcvhlim = 0; /*XXX*/
966 #endif
967 }
968 else
969 rcvhlim = *hlimp;
970
971 type = icp->icmp6_type;
972 code = icp->icmp6_code;
973 if ((type == ICMP6_TIME_EXCEEDED && code == ICMP6_TIME_EXCEED_TRANSIT)
974 || type == ICMP6_DST_UNREACH) {
975 struct ip6_hdr *hip;
976 struct udphdr *up;
977
978 hip = (struct ip6_hdr *)(icp + 1);
979 if ((up = get_udphdr(hip, (u_char *)(buf + cc))) == NULL) {
980 if (verbose)
981 warnx("failed to get upper layer header");
982 return 0;
983 }
984 if (useicmp &&
985 ((struct icmp6_hdr *)up)->icmp6_id == ident &&
986 ((struct icmp6_hdr *)up)->icmp6_seq == htons(seq))
987 return type == ICMP6_TIME_EXCEEDED ? -1 : code + 1;
988 else if (!useicmp &&
989 up->uh_sport == htons(srcport) &&
990 up->uh_dport == htons(port + seq))
991 return type == ICMP6_TIME_EXCEEDED ? -1 : code + 1;
992 } else if (useicmp && type == ICMP6_ECHO_REPLY) {
993 if (icp->icmp6_id == ident &&
994 icp->icmp6_seq == htons(seq))
995 return ICMP6_DST_UNREACH_NOPORT + 1;
996 }
997 if (verbose) {
998 char sbuf[NI_MAXHOST+1], dbuf[INET6_ADDRSTRLEN];
999 u_int8_t *p;
1000 ssize_t i;
1001
1002 if (getnameinfo((struct sockaddr *)from, from->sin6_len,
1003 sbuf, sizeof(sbuf), NULL, 0, NI_NUMERICHOST) != 0)
1004 strlcpy(sbuf, "invalid", sizeof(sbuf));
1005 printf("\n%zd bytes from %s to %s", cc, sbuf,
1006 rcvpktinfo ? inet_ntop(AF_INET6, &rcvpktinfo->ipi6_addr,
1007 dbuf, sizeof(dbuf)) : "?");
1008 printf(": icmp type %d (%s) code %d\n", type, pr_type(type),
1009 icp->icmp6_code);
1010 p = (u_int8_t *)(icp + 1);
1011 #define WIDTH 16
1012 for (i = 0; i < cc; i++) {
1013 if (i % WIDTH == 0)
1014 printf("%04zx:", i);
1015 if (i % 4 == 0)
1016 printf(" ");
1017 printf("%02x", p[i]);
1018 if (i % WIDTH == WIDTH - 1)
1019 printf("\n");
1020 }
1021 if (cc % WIDTH != 0)
1022 printf("\n");
1023 }
1024 return 0;
1025 }
1026
1027 /*
1028 * Increment pointer until find the UDP or ICMP header.
1029 */
1030 static struct udphdr *
get_udphdr(struct ip6_hdr * ip6,u_char * lim)1031 get_udphdr(struct ip6_hdr *ip6, u_char *lim)
1032 {
1033 u_char *cp = (u_char *)ip6, nh;
1034 int hlen;
1035
1036 if (cp + sizeof(*ip6) >= lim)
1037 return NULL;
1038
1039 nh = ip6->ip6_nxt;
1040 cp += sizeof(struct ip6_hdr);
1041
1042 while (lim - cp >= 8) {
1043 switch (nh) {
1044 case IPPROTO_ESP:
1045 case IPPROTO_TCP:
1046 return NULL;
1047 case IPPROTO_ICMPV6:
1048 return useicmp ? (struct udphdr *)cp : NULL;
1049 case IPPROTO_UDP:
1050 return useicmp ? NULL : (struct udphdr *)cp;
1051 case IPPROTO_FRAGMENT:
1052 hlen = sizeof(struct ip6_frag);
1053 nh = ((struct ip6_frag *)cp)->ip6f_nxt;
1054 break;
1055 case IPPROTO_AH:
1056 hlen = (((struct ip6_ext *)cp)->ip6e_len + 2) << 2;
1057 nh = ((struct ip6_ext *)cp)->ip6e_nxt;
1058 break;
1059 default:
1060 hlen = (((struct ip6_ext *)cp)->ip6e_len + 1) << 3;
1061 nh = ((struct ip6_ext *)cp)->ip6e_nxt;
1062 break;
1063 }
1064
1065 cp += hlen;
1066 }
1067
1068 return NULL;
1069 }
1070
1071 static void
print(struct msghdr * mhdr,int cc)1072 print(struct msghdr *mhdr, int cc)
1073 {
1074 struct sockaddr_in6 *from = (struct sockaddr_in6 *)mhdr->msg_name;
1075 char hbuf[NI_MAXHOST];
1076
1077 if (getnameinfo((struct sockaddr *)from, from->sin6_len,
1078 hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
1079 strlcpy(hbuf, "invalid", sizeof(hbuf));
1080 if (as_path)
1081 printf(" [AS%u]", as_lookup(asn, hbuf, AF_INET6));
1082 if (nflag)
1083 printf(" %s", hbuf);
1084 else if (lflag)
1085 printf(" %s (%s)", inetname((struct sockaddr *)from), hbuf);
1086 else
1087 printf(" %s", inetname((struct sockaddr *)from));
1088
1089 if (verbose) {
1090 printf(" %d bytes of data to %s", cc,
1091 rcvpktinfo ? inet_ntop(AF_INET6, &rcvpktinfo->ipi6_addr,
1092 hbuf, sizeof(hbuf)) : "?");
1093 }
1094 }
1095
1096 /*
1097 * Construct an Internet address representation.
1098 * If the nflag has been supplied, give
1099 * numeric value, otherwise try for symbolic name.
1100 */
1101 static const char *
inetname(struct sockaddr * sa)1102 inetname(struct sockaddr *sa)
1103 {
1104 static char line[NI_MAXHOST], domain[MAXHOSTNAMELEN + 1];
1105 static int first = 1;
1106 char *cp;
1107
1108 if (first && !nflag) {
1109 first = 0;
1110 if (gethostname(domain, sizeof(domain)) == 0 &&
1111 (cp = strchr(domain, '.')))
1112 (void) strlcpy(domain, cp + 1, sizeof(domain));
1113 else
1114 domain[0] = 0;
1115 }
1116 cp = NULL;
1117 if (!nflag) {
1118 if (getnameinfo(sa, sa->sa_len, line, sizeof(line), NULL, 0,
1119 NI_NAMEREQD) == 0) {
1120 if ((cp = strchr(line, '.')) &&
1121 !strcmp(cp + 1, domain))
1122 *cp = 0;
1123 cp = line;
1124 }
1125 }
1126 if (cp)
1127 return cp;
1128
1129 if (getnameinfo(sa, sa->sa_len, line, sizeof(line), NULL, 0,
1130 NI_NUMERICHOST) != 0)
1131 strlcpy(line, "invalid", sizeof(line));
1132 return line;
1133 }
1134
1135 static void
usage(void)1136 usage(void)
1137 {
1138
1139 fprintf(stderr,
1140 "Usage: %s [-adIlnrv] [-A as_server] [-f firsthop] [-m hoplimit]\n"
1141 "\t[-p port] [-q probes] [-s src] [-w waittime] target [datalen]\n",
1142 getprogname());
1143 exit(1);
1144 }
1145