1 /* 2 * Copyright (c) 1992, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * Original code by Matt Thomas, Digital Equipment Corporation 22 * 23 * Extensively modified by Hannes Gredler (hannes@juniper.net) for more 24 * complete IS-IS & CLNP support. 25 */ 26 27 #include <sys/cdefs.h> 28 #ifndef lint 29 __RCSID("$NetBSD: print-isoclns.c,v 1.6 2015/03/31 21:59:35 christos Exp $"); 30 #endif 31 32 #define NETDISSECT_REWORKED 33 #ifdef HAVE_CONFIG_H 34 #include "config.h" 35 #endif 36 37 #include <tcpdump-stdinc.h> 38 39 #include <string.h> 40 41 #include "interface.h" 42 #include "addrtoname.h" 43 #include "ether.h" 44 #include "nlpid.h" 45 #include "extract.h" 46 #include "gmpls.h" 47 #include "oui.h" 48 #include "signature.h" 49 50 /* 51 * IS-IS is defined in ISO 10589. Look there for protocol definitions. 52 */ 53 54 #define SYSTEM_ID_LEN ETHER_ADDR_LEN 55 #define NODE_ID_LEN SYSTEM_ID_LEN+1 56 #define LSP_ID_LEN SYSTEM_ID_LEN+2 57 58 #define ISIS_VERSION 1 59 #define ESIS_VERSION 1 60 #define CLNP_VERSION 1 61 62 #define ISIS_PDU_TYPE_MASK 0x1F 63 #define ESIS_PDU_TYPE_MASK 0x1F 64 #define CLNP_PDU_TYPE_MASK 0x1F 65 #define CLNP_FLAG_MASK 0xE0 66 #define ISIS_LAN_PRIORITY_MASK 0x7F 67 68 #define ISIS_PDU_L1_LAN_IIH 15 69 #define ISIS_PDU_L2_LAN_IIH 16 70 #define ISIS_PDU_PTP_IIH 17 71 #define ISIS_PDU_L1_LSP 18 72 #define ISIS_PDU_L2_LSP 20 73 #define ISIS_PDU_L1_CSNP 24 74 #define ISIS_PDU_L2_CSNP 25 75 #define ISIS_PDU_L1_PSNP 26 76 #define ISIS_PDU_L2_PSNP 27 77 78 static const struct tok isis_pdu_values[] = { 79 { ISIS_PDU_L1_LAN_IIH, "L1 Lan IIH"}, 80 { ISIS_PDU_L2_LAN_IIH, "L2 Lan IIH"}, 81 { ISIS_PDU_PTP_IIH, "p2p IIH"}, 82 { ISIS_PDU_L1_LSP, "L1 LSP"}, 83 { ISIS_PDU_L2_LSP, "L2 LSP"}, 84 { ISIS_PDU_L1_CSNP, "L1 CSNP"}, 85 { ISIS_PDU_L2_CSNP, "L2 CSNP"}, 86 { ISIS_PDU_L1_PSNP, "L1 PSNP"}, 87 { ISIS_PDU_L2_PSNP, "L2 PSNP"}, 88 { 0, NULL} 89 }; 90 91 /* 92 * A TLV is a tuple of a type, length and a value and is normally used for 93 * encoding information in all sorts of places. This is an enumeration of 94 * the well known types. 95 * 96 * list taken from rfc3359 plus some memory from veterans ;-) 97 */ 98 99 #define ISIS_TLV_AREA_ADDR 1 /* iso10589 */ 100 #define ISIS_TLV_IS_REACH 2 /* iso10589 */ 101 #define ISIS_TLV_ESNEIGH 3 /* iso10589 */ 102 #define ISIS_TLV_PART_DIS 4 /* iso10589 */ 103 #define ISIS_TLV_PREFIX_NEIGH 5 /* iso10589 */ 104 #define ISIS_TLV_ISNEIGH 6 /* iso10589 */ 105 #define ISIS_TLV_ISNEIGH_VARLEN 7 /* iso10589 */ 106 #define ISIS_TLV_PADDING 8 /* iso10589 */ 107 #define ISIS_TLV_LSP 9 /* iso10589 */ 108 #define ISIS_TLV_AUTH 10 /* iso10589, rfc3567 */ 109 #define ISIS_TLV_CHECKSUM 12 /* rfc3358 */ 110 #define ISIS_TLV_CHECKSUM_MINLEN 2 111 #define ISIS_TLV_LSP_BUFFERSIZE 14 /* iso10589 rev2 */ 112 #define ISIS_TLV_LSP_BUFFERSIZE_MINLEN 2 113 #define ISIS_TLV_EXT_IS_REACH 22 /* draft-ietf-isis-traffic-05 */ 114 #define ISIS_TLV_IS_ALIAS_ID 24 /* draft-ietf-isis-ext-lsp-frags-02 */ 115 #define ISIS_TLV_DECNET_PHASE4 42 116 #define ISIS_TLV_LUCENT_PRIVATE 66 117 #define ISIS_TLV_INT_IP_REACH 128 /* rfc1195, rfc2966 */ 118 #define ISIS_TLV_PROTOCOLS 129 /* rfc1195 */ 119 #define ISIS_TLV_EXT_IP_REACH 130 /* rfc1195, rfc2966 */ 120 #define ISIS_TLV_IDRP_INFO 131 /* rfc1195 */ 121 #define ISIS_TLV_IDRP_INFO_MINLEN 1 122 #define ISIS_TLV_IPADDR 132 /* rfc1195 */ 123 #define ISIS_TLV_IPAUTH 133 /* rfc1195 */ 124 #define ISIS_TLV_TE_ROUTER_ID 134 /* draft-ietf-isis-traffic-05 */ 125 #define ISIS_TLV_EXTD_IP_REACH 135 /* draft-ietf-isis-traffic-05 */ 126 #define ISIS_TLV_HOSTNAME 137 /* rfc2763 */ 127 #define ISIS_TLV_SHARED_RISK_GROUP 138 /* draft-ietf-isis-gmpls-extensions */ 128 #define ISIS_TLV_MT_PORT_CAP 143 /* rfc6165 */ 129 #define ISIS_TLV_MT_CAPABILITY 144 /* rfc6329 */ 130 #define ISIS_TLV_NORTEL_PRIVATE1 176 131 #define ISIS_TLV_NORTEL_PRIVATE2 177 132 #define ISIS_TLV_RESTART_SIGNALING 211 /* rfc3847 */ 133 #define ISIS_TLV_RESTART_SIGNALING_FLAGLEN 1 134 #define ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN 2 135 #define ISIS_TLV_MT_IS_REACH 222 /* draft-ietf-isis-wg-multi-topology-05 */ 136 #define ISIS_TLV_MT_SUPPORTED 229 /* draft-ietf-isis-wg-multi-topology-05 */ 137 #define ISIS_TLV_MT_SUPPORTED_MINLEN 2 138 #define ISIS_TLV_IP6ADDR 232 /* draft-ietf-isis-ipv6-02 */ 139 #define ISIS_TLV_MT_IP_REACH 235 /* draft-ietf-isis-wg-multi-topology-05 */ 140 #define ISIS_TLV_IP6_REACH 236 /* draft-ietf-isis-ipv6-02 */ 141 #define ISIS_TLV_MT_IP6_REACH 237 /* draft-ietf-isis-wg-multi-topology-05 */ 142 #define ISIS_TLV_PTP_ADJ 240 /* rfc3373 */ 143 #define ISIS_TLV_IIH_SEQNR 241 /* draft-shen-isis-iih-sequence-00 */ 144 #define ISIS_TLV_IIH_SEQNR_MINLEN 4 145 #define ISIS_TLV_VENDOR_PRIVATE 250 /* draft-ietf-isis-experimental-tlv-01 */ 146 #define ISIS_TLV_VENDOR_PRIVATE_MINLEN 3 147 148 static const struct tok isis_tlv_values[] = { 149 { ISIS_TLV_AREA_ADDR, "Area address(es)"}, 150 { ISIS_TLV_IS_REACH, "IS Reachability"}, 151 { ISIS_TLV_ESNEIGH, "ES Neighbor(s)"}, 152 { ISIS_TLV_PART_DIS, "Partition DIS"}, 153 { ISIS_TLV_PREFIX_NEIGH, "Prefix Neighbors"}, 154 { ISIS_TLV_ISNEIGH, "IS Neighbor(s)"}, 155 { ISIS_TLV_ISNEIGH_VARLEN, "IS Neighbor(s) (variable length)"}, 156 { ISIS_TLV_PADDING, "Padding"}, 157 { ISIS_TLV_LSP, "LSP entries"}, 158 { ISIS_TLV_AUTH, "Authentication"}, 159 { ISIS_TLV_CHECKSUM, "Checksum"}, 160 { ISIS_TLV_LSP_BUFFERSIZE, "LSP Buffersize"}, 161 { ISIS_TLV_EXT_IS_REACH, "Extended IS Reachability"}, 162 { ISIS_TLV_IS_ALIAS_ID, "IS Alias ID"}, 163 { ISIS_TLV_DECNET_PHASE4, "DECnet Phase IV"}, 164 { ISIS_TLV_LUCENT_PRIVATE, "Lucent Proprietary"}, 165 { ISIS_TLV_INT_IP_REACH, "IPv4 Internal Reachability"}, 166 { ISIS_TLV_PROTOCOLS, "Protocols supported"}, 167 { ISIS_TLV_EXT_IP_REACH, "IPv4 External Reachability"}, 168 { ISIS_TLV_IDRP_INFO, "Inter-Domain Information Type"}, 169 { ISIS_TLV_IPADDR, "IPv4 Interface address(es)"}, 170 { ISIS_TLV_IPAUTH, "IPv4 authentication (deprecated)"}, 171 { ISIS_TLV_TE_ROUTER_ID, "Traffic Engineering Router ID"}, 172 { ISIS_TLV_EXTD_IP_REACH, "Extended IPv4 Reachability"}, 173 { ISIS_TLV_SHARED_RISK_GROUP, "Shared Risk Link Group"}, 174 { ISIS_TLV_MT_PORT_CAP, "Multi-Topology-Aware Port Capability"}, 175 { ISIS_TLV_MT_CAPABILITY, "Multi-Topology Capability"}, 176 { ISIS_TLV_NORTEL_PRIVATE1, "Nortel Proprietary"}, 177 { ISIS_TLV_NORTEL_PRIVATE2, "Nortel Proprietary"}, 178 { ISIS_TLV_HOSTNAME, "Hostname"}, 179 { ISIS_TLV_RESTART_SIGNALING, "Restart Signaling"}, 180 { ISIS_TLV_MT_IS_REACH, "Multi Topology IS Reachability"}, 181 { ISIS_TLV_MT_SUPPORTED, "Multi Topology"}, 182 { ISIS_TLV_IP6ADDR, "IPv6 Interface address(es)"}, 183 { ISIS_TLV_MT_IP_REACH, "Multi-Topology IPv4 Reachability"}, 184 { ISIS_TLV_IP6_REACH, "IPv6 reachability"}, 185 { ISIS_TLV_MT_IP6_REACH, "Multi-Topology IP6 Reachability"}, 186 { ISIS_TLV_PTP_ADJ, "Point-to-point Adjacency State"}, 187 { ISIS_TLV_IIH_SEQNR, "Hello PDU Sequence Number"}, 188 { ISIS_TLV_VENDOR_PRIVATE, "Vendor Private"}, 189 { 0, NULL } 190 }; 191 192 #define ESIS_OPTION_PROTOCOLS 129 193 #define ESIS_OPTION_QOS_MAINTENANCE 195 /* iso9542 */ 194 #define ESIS_OPTION_SECURITY 197 /* iso9542 */ 195 #define ESIS_OPTION_ES_CONF_TIME 198 /* iso9542 */ 196 #define ESIS_OPTION_PRIORITY 205 /* iso9542 */ 197 #define ESIS_OPTION_ADDRESS_MASK 225 /* iso9542 */ 198 #define ESIS_OPTION_SNPA_MASK 226 /* iso9542 */ 199 200 static const struct tok esis_option_values[] = { 201 { ESIS_OPTION_PROTOCOLS, "Protocols supported"}, 202 { ESIS_OPTION_QOS_MAINTENANCE, "QoS Maintenance" }, 203 { ESIS_OPTION_SECURITY, "Security" }, 204 { ESIS_OPTION_ES_CONF_TIME, "ES Configuration Time" }, 205 { ESIS_OPTION_PRIORITY, "Priority" }, 206 { ESIS_OPTION_ADDRESS_MASK, "Addressk Mask" }, 207 { ESIS_OPTION_SNPA_MASK, "SNPA Mask" }, 208 { 0, NULL } 209 }; 210 211 #define CLNP_OPTION_DISCARD_REASON 193 212 #define CLNP_OPTION_QOS_MAINTENANCE 195 /* iso8473 */ 213 #define CLNP_OPTION_SECURITY 197 /* iso8473 */ 214 #define CLNP_OPTION_SOURCE_ROUTING 200 /* iso8473 */ 215 #define CLNP_OPTION_ROUTE_RECORDING 203 /* iso8473 */ 216 #define CLNP_OPTION_PADDING 204 /* iso8473 */ 217 #define CLNP_OPTION_PRIORITY 205 /* iso8473 */ 218 219 static const struct tok clnp_option_values[] = { 220 { CLNP_OPTION_DISCARD_REASON, "Discard Reason"}, 221 { CLNP_OPTION_PRIORITY, "Priority"}, 222 { CLNP_OPTION_QOS_MAINTENANCE, "QoS Maintenance"}, 223 { CLNP_OPTION_SECURITY, "Security"}, 224 { CLNP_OPTION_SOURCE_ROUTING, "Source Routing"}, 225 { CLNP_OPTION_ROUTE_RECORDING, "Route Recording"}, 226 { CLNP_OPTION_PADDING, "Padding"}, 227 { 0, NULL } 228 }; 229 230 static const struct tok clnp_option_rfd_class_values[] = { 231 { 0x0, "General"}, 232 { 0x8, "Address"}, 233 { 0x9, "Source Routeing"}, 234 { 0xa, "Lifetime"}, 235 { 0xb, "PDU Discarded"}, 236 { 0xc, "Reassembly"}, 237 { 0, NULL } 238 }; 239 240 static const struct tok clnp_option_rfd_general_values[] = { 241 { 0x0, "Reason not specified"}, 242 { 0x1, "Protocol procedure error"}, 243 { 0x2, "Incorrect checksum"}, 244 { 0x3, "PDU discarded due to congestion"}, 245 { 0x4, "Header syntax error (cannot be parsed)"}, 246 { 0x5, "Segmentation needed but not permitted"}, 247 { 0x6, "Incomplete PDU received"}, 248 { 0x7, "Duplicate option"}, 249 { 0, NULL } 250 }; 251 252 static const struct tok clnp_option_rfd_address_values[] = { 253 { 0x0, "Destination address unreachable"}, 254 { 0x1, "Destination address unknown"}, 255 { 0, NULL } 256 }; 257 258 static const struct tok clnp_option_rfd_source_routeing_values[] = { 259 { 0x0, "Unspecified source routeing error"}, 260 { 0x1, "Syntax error in source routeing field"}, 261 { 0x2, "Unknown address in source routeing field"}, 262 { 0x3, "Path not acceptable"}, 263 { 0, NULL } 264 }; 265 266 static const struct tok clnp_option_rfd_lifetime_values[] = { 267 { 0x0, "Lifetime expired while data unit in transit"}, 268 { 0x1, "Lifetime expired during reassembly"}, 269 { 0, NULL } 270 }; 271 272 static const struct tok clnp_option_rfd_pdu_discard_values[] = { 273 { 0x0, "Unsupported option not specified"}, 274 { 0x1, "Unsupported protocol version"}, 275 { 0x2, "Unsupported security option"}, 276 { 0x3, "Unsupported source routeing option"}, 277 { 0x4, "Unsupported recording of route option"}, 278 { 0, NULL } 279 }; 280 281 static const struct tok clnp_option_rfd_reassembly_values[] = { 282 { 0x0, "Reassembly interference"}, 283 { 0, NULL } 284 }; 285 286 /* array of 16 error-classes */ 287 static const struct tok *clnp_option_rfd_error_class[] = { 288 clnp_option_rfd_general_values, 289 NULL, 290 NULL, 291 NULL, 292 NULL, 293 NULL, 294 NULL, 295 NULL, 296 clnp_option_rfd_address_values, 297 clnp_option_rfd_source_routeing_values, 298 clnp_option_rfd_lifetime_values, 299 clnp_option_rfd_pdu_discard_values, 300 clnp_option_rfd_reassembly_values, 301 NULL, 302 NULL, 303 NULL 304 }; 305 306 #define CLNP_OPTION_OPTION_QOS_MASK 0x3f 307 #define CLNP_OPTION_SCOPE_MASK 0xc0 308 #define CLNP_OPTION_SCOPE_SA_SPEC 0x40 309 #define CLNP_OPTION_SCOPE_DA_SPEC 0x80 310 #define CLNP_OPTION_SCOPE_GLOBAL 0xc0 311 312 static const struct tok clnp_option_scope_values[] = { 313 { CLNP_OPTION_SCOPE_SA_SPEC, "Source Address Specific"}, 314 { CLNP_OPTION_SCOPE_DA_SPEC, "Destination Address Specific"}, 315 { CLNP_OPTION_SCOPE_GLOBAL, "Globally unique"}, 316 { 0, NULL } 317 }; 318 319 static const struct tok clnp_option_sr_rr_values[] = { 320 { 0x0, "partial"}, 321 { 0x1, "complete"}, 322 { 0, NULL } 323 }; 324 325 static const struct tok clnp_option_sr_rr_string_values[] = { 326 { CLNP_OPTION_SOURCE_ROUTING, "source routing"}, 327 { CLNP_OPTION_ROUTE_RECORDING, "recording of route in progress"}, 328 { 0, NULL } 329 }; 330 331 static const struct tok clnp_option_qos_global_values[] = { 332 { 0x20, "reserved"}, 333 { 0x10, "sequencing vs. delay"}, 334 { 0x08, "congested"}, 335 { 0x04, "delay vs. cost"}, 336 { 0x02, "error vs. delay"}, 337 { 0x01, "error vs. cost"}, 338 { 0, NULL } 339 }; 340 341 #define ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP 3 /* draft-ietf-isis-traffic-05 */ 342 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID 4 /* rfc4205 */ 343 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID 5 /* draft-ietf-isis-traffic-05 */ 344 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR 6 /* draft-ietf-isis-traffic-05 */ 345 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR 8 /* draft-ietf-isis-traffic-05 */ 346 #define ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW 9 /* draft-ietf-isis-traffic-05 */ 347 #define ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW 10 /* draft-ietf-isis-traffic-05 */ 348 #define ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW 11 /* rfc4124 */ 349 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD 12 /* draft-ietf-tewg-diff-te-proto-06 */ 350 #define ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC 18 /* draft-ietf-isis-traffic-05 */ 351 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE 19 /* draft-ietf-isis-link-attr-01 */ 352 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE 20 /* rfc4205 */ 353 #define ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR 21 /* rfc4205 */ 354 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS 22 /* rfc4124 */ 355 356 #define ISIS_SUBTLV_SPB_METRIC 29 /* rfc6329 */ 357 358 static const struct tok isis_ext_is_reach_subtlv_values[] = { 359 { ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP, "Administrative groups" }, 360 { ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID, "Link Local/Remote Identifier" }, 361 { ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID, "Link Remote Identifier" }, 362 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR, "IPv4 interface address" }, 363 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR, "IPv4 neighbor address" }, 364 { ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW, "Maximum link bandwidth" }, 365 { ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW, "Reservable link bandwidth" }, 366 { ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW, "Unreserved bandwidth" }, 367 { ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC, "Traffic Engineering Metric" }, 368 { ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE, "Link Attribute" }, 369 { ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE, "Link Protection Type" }, 370 { ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR, "Interface Switching Capability" }, 371 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD, "Bandwidth Constraints (old)" }, 372 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS, "Bandwidth Constraints" }, 373 { ISIS_SUBTLV_SPB_METRIC, "SPB Metric" }, 374 { 250, "Reserved for cisco specific extensions" }, 375 { 251, "Reserved for cisco specific extensions" }, 376 { 252, "Reserved for cisco specific extensions" }, 377 { 253, "Reserved for cisco specific extensions" }, 378 { 254, "Reserved for cisco specific extensions" }, 379 { 255, "Reserved for future expansion" }, 380 { 0, NULL } 381 }; 382 383 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32 1 /* draft-ietf-isis-admin-tags-01 */ 384 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64 2 /* draft-ietf-isis-admin-tags-01 */ 385 #define ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR 117 /* draft-ietf-isis-wg-multi-topology-05 */ 386 387 static const struct tok isis_ext_ip_reach_subtlv_values[] = { 388 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32, "32-Bit Administrative tag" }, 389 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64, "64-Bit Administrative tag" }, 390 { ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR, "Management Prefix Color" }, 391 { 0, NULL } 392 }; 393 394 static const struct tok isis_subtlv_link_attribute_values[] = { 395 { 0x01, "Local Protection Available" }, 396 { 0x02, "Link excluded from local protection path" }, 397 { 0x04, "Local maintenance required"}, 398 { 0, NULL } 399 }; 400 401 #define ISIS_SUBTLV_AUTH_SIMPLE 1 402 #define ISIS_SUBTLV_AUTH_GENERIC 3 /* rfc 5310 */ 403 #define ISIS_SUBTLV_AUTH_MD5 54 404 #define ISIS_SUBTLV_AUTH_MD5_LEN 16 405 #define ISIS_SUBTLV_AUTH_PRIVATE 255 406 407 static const struct tok isis_subtlv_auth_values[] = { 408 { ISIS_SUBTLV_AUTH_SIMPLE, "simple text password"}, 409 { ISIS_SUBTLV_AUTH_GENERIC, "Generic Crypto key-id"}, 410 { ISIS_SUBTLV_AUTH_MD5, "HMAC-MD5 password"}, 411 { ISIS_SUBTLV_AUTH_PRIVATE, "Routing Domain private password"}, 412 { 0, NULL } 413 }; 414 415 #define ISIS_SUBTLV_IDRP_RES 0 416 #define ISIS_SUBTLV_IDRP_LOCAL 1 417 #define ISIS_SUBTLV_IDRP_ASN 2 418 419 static const struct tok isis_subtlv_idrp_values[] = { 420 { ISIS_SUBTLV_IDRP_RES, "Reserved"}, 421 { ISIS_SUBTLV_IDRP_LOCAL, "Routing-Domain Specific"}, 422 { ISIS_SUBTLV_IDRP_ASN, "AS Number Tag"}, 423 { 0, NULL} 424 }; 425 426 #define ISIS_SUBTLV_SPB_MCID 4 427 #define ISIS_SUBTLV_SPB_DIGEST 5 428 #define ISIS_SUBTLV_SPB_BVID 6 429 430 #define ISIS_SUBTLV_SPB_INSTANCE 1 431 #define ISIS_SUBTLV_SPBM_SI 3 432 433 #define ISIS_SPB_MCID_LEN 51 434 #define ISIS_SUBTLV_SPB_MCID_MIN_LEN 102 435 #define ISIS_SUBTLV_SPB_DIGEST_MIN_LEN 33 436 #define ISIS_SUBTLV_SPB_BVID_MIN_LEN 6 437 #define ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN 19 438 #define ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN 8 439 440 static const struct tok isis_mt_port_cap_subtlv_values[] = { 441 { ISIS_SUBTLV_SPB_MCID, "SPB MCID" }, 442 { ISIS_SUBTLV_SPB_DIGEST, "SPB Digest" }, 443 { ISIS_SUBTLV_SPB_BVID, "SPB BVID" }, 444 { 0, NULL } 445 }; 446 447 static const struct tok isis_mt_capability_subtlv_values[] = { 448 { ISIS_SUBTLV_SPB_INSTANCE, "SPB Instance" }, 449 { ISIS_SUBTLV_SPBM_SI, "SPBM Service Identifier and Unicast Address" }, 450 { 0, NULL } 451 }; 452 453 struct isis_spb_mcid { 454 uint8_t format_id; 455 uint8_t name[32]; 456 uint8_t revision_lvl[2]; 457 uint8_t digest[16]; 458 }; 459 460 struct isis_subtlv_spb_mcid { 461 struct isis_spb_mcid mcid; 462 struct isis_spb_mcid aux_mcid; 463 }; 464 465 struct isis_subtlv_spb_instance { 466 uint8_t cist_root_id[8]; 467 uint8_t cist_external_root_path_cost[4]; 468 uint8_t bridge_priority[2]; 469 uint8_t spsourceid[4]; 470 uint8_t no_of_trees; 471 }; 472 473 #define CLNP_SEGMENT_PART 0x80 474 #define CLNP_MORE_SEGMENTS 0x40 475 #define CLNP_REQUEST_ER 0x20 476 477 static const struct tok clnp_flag_values[] = { 478 { CLNP_SEGMENT_PART, "Segmentation permitted"}, 479 { CLNP_MORE_SEGMENTS, "more Segments"}, 480 { CLNP_REQUEST_ER, "request Error Report"}, 481 { 0, NULL} 482 }; 483 484 #define ISIS_MASK_LSP_OL_BIT(x) ((x)&0x4) 485 #define ISIS_MASK_LSP_ISTYPE_BITS(x) ((x)&0x3) 486 #define ISIS_MASK_LSP_PARTITION_BIT(x) ((x)&0x80) 487 #define ISIS_MASK_LSP_ATT_BITS(x) ((x)&0x78) 488 #define ISIS_MASK_LSP_ATT_ERROR_BIT(x) ((x)&0x40) 489 #define ISIS_MASK_LSP_ATT_EXPENSE_BIT(x) ((x)&0x20) 490 #define ISIS_MASK_LSP_ATT_DELAY_BIT(x) ((x)&0x10) 491 #define ISIS_MASK_LSP_ATT_DEFAULT_BIT(x) ((x)&0x8) 492 493 #define ISIS_MASK_MTID(x) ((x)&0x0fff) 494 #define ISIS_MASK_MTFLAGS(x) ((x)&0xf000) 495 496 static const struct tok isis_mt_flag_values[] = { 497 { 0x4000, "ATT bit set"}, 498 { 0x8000, "Overload bit set"}, 499 { 0, NULL} 500 }; 501 502 #define ISIS_MASK_TLV_EXTD_IP_UPDOWN(x) ((x)&0x80) 503 #define ISIS_MASK_TLV_EXTD_IP_SUBTLV(x) ((x)&0x40) 504 505 #define ISIS_MASK_TLV_EXTD_IP6_IE(x) ((x)&0x40) 506 #define ISIS_MASK_TLV_EXTD_IP6_SUBTLV(x) ((x)&0x20) 507 508 #define ISIS_LSP_TLV_METRIC_SUPPORTED(x) ((x)&0x80) 509 #define ISIS_LSP_TLV_METRIC_IE(x) ((x)&0x40) 510 #define ISIS_LSP_TLV_METRIC_UPDOWN(x) ((x)&0x80) 511 #define ISIS_LSP_TLV_METRIC_VALUE(x) ((x)&0x3f) 512 513 #define ISIS_MASK_TLV_SHARED_RISK_GROUP(x) ((x)&0x1) 514 515 static const struct tok isis_mt_values[] = { 516 { 0, "IPv4 unicast"}, 517 { 1, "In-Band Management"}, 518 { 2, "IPv6 unicast"}, 519 { 3, "Multicast"}, 520 { 4095, "Development, Experimental or Proprietary"}, 521 { 0, NULL } 522 }; 523 524 static const struct tok isis_iih_circuit_type_values[] = { 525 { 1, "Level 1 only"}, 526 { 2, "Level 2 only"}, 527 { 3, "Level 1, Level 2"}, 528 { 0, NULL} 529 }; 530 531 #define ISIS_LSP_TYPE_UNUSED0 0 532 #define ISIS_LSP_TYPE_LEVEL_1 1 533 #define ISIS_LSP_TYPE_UNUSED2 2 534 #define ISIS_LSP_TYPE_LEVEL_2 3 535 536 static const struct tok isis_lsp_istype_values[] = { 537 { ISIS_LSP_TYPE_UNUSED0, "Unused 0x0 (invalid)"}, 538 { ISIS_LSP_TYPE_LEVEL_1, "L1 IS"}, 539 { ISIS_LSP_TYPE_UNUSED2, "Unused 0x2 (invalid)"}, 540 { ISIS_LSP_TYPE_LEVEL_2, "L2 IS"}, 541 { 0, NULL } 542 }; 543 544 /* 545 * Katz's point to point adjacency TLV uses codes to tell us the state of 546 * the remote adjacency. Enumerate them. 547 */ 548 549 #define ISIS_PTP_ADJ_UP 0 550 #define ISIS_PTP_ADJ_INIT 1 551 #define ISIS_PTP_ADJ_DOWN 2 552 553 static const struct tok isis_ptp_adjancey_values[] = { 554 { ISIS_PTP_ADJ_UP, "Up" }, 555 { ISIS_PTP_ADJ_INIT, "Initializing" }, 556 { ISIS_PTP_ADJ_DOWN, "Down" }, 557 { 0, NULL} 558 }; 559 560 struct isis_tlv_ptp_adj { 561 uint8_t adjacency_state; 562 uint8_t extd_local_circuit_id[4]; 563 uint8_t neighbor_sysid[SYSTEM_ID_LEN]; 564 uint8_t neighbor_extd_local_circuit_id[4]; 565 }; 566 567 static void osi_print_cksum(netdissect_options *, const uint8_t *pptr, uint16_t checksum, 568 u_int checksum_offset, u_int length); 569 static int clnp_print(netdissect_options *, const uint8_t *, u_int); 570 static void esis_print(netdissect_options *, const uint8_t *, u_int); 571 static int isis_print(netdissect_options *, const uint8_t *, u_int); 572 573 struct isis_metric_block { 574 uint8_t metric_default; 575 uint8_t metric_delay; 576 uint8_t metric_expense; 577 uint8_t metric_error; 578 }; 579 580 struct isis_tlv_is_reach { 581 struct isis_metric_block isis_metric_block; 582 uint8_t neighbor_nodeid[NODE_ID_LEN]; 583 }; 584 585 struct isis_tlv_es_reach { 586 struct isis_metric_block isis_metric_block; 587 uint8_t neighbor_sysid[SYSTEM_ID_LEN]; 588 }; 589 590 struct isis_tlv_ip_reach { 591 struct isis_metric_block isis_metric_block; 592 uint8_t prefix[4]; 593 uint8_t mask[4]; 594 }; 595 596 static const struct tok isis_is_reach_virtual_values[] = { 597 { 0, "IsNotVirtual"}, 598 { 1, "IsVirtual"}, 599 { 0, NULL } 600 }; 601 602 static const struct tok isis_restart_flag_values[] = { 603 { 0x1, "Restart Request"}, 604 { 0x2, "Restart Acknowledgement"}, 605 { 0x4, "Suppress adjacency advertisement"}, 606 { 0, NULL } 607 }; 608 609 struct isis_common_header { 610 uint8_t nlpid; 611 uint8_t fixed_len; 612 uint8_t version; /* Protocol version */ 613 uint8_t id_length; 614 uint8_t pdu_type; /* 3 MSbits are reserved */ 615 uint8_t pdu_version; /* Packet format version */ 616 uint8_t reserved; 617 uint8_t max_area; 618 }; 619 620 struct isis_iih_lan_header { 621 uint8_t circuit_type; 622 uint8_t source_id[SYSTEM_ID_LEN]; 623 uint8_t holding_time[2]; 624 uint8_t pdu_len[2]; 625 uint8_t priority; 626 uint8_t lan_id[NODE_ID_LEN]; 627 }; 628 629 struct isis_iih_ptp_header { 630 uint8_t circuit_type; 631 uint8_t source_id[SYSTEM_ID_LEN]; 632 uint8_t holding_time[2]; 633 uint8_t pdu_len[2]; 634 uint8_t circuit_id; 635 }; 636 637 struct isis_lsp_header { 638 uint8_t pdu_len[2]; 639 uint8_t remaining_lifetime[2]; 640 uint8_t lsp_id[LSP_ID_LEN]; 641 uint8_t sequence_number[4]; 642 uint8_t checksum[2]; 643 uint8_t typeblock; 644 }; 645 646 struct isis_csnp_header { 647 uint8_t pdu_len[2]; 648 uint8_t source_id[NODE_ID_LEN]; 649 uint8_t start_lsp_id[LSP_ID_LEN]; 650 uint8_t end_lsp_id[LSP_ID_LEN]; 651 }; 652 653 struct isis_psnp_header { 654 uint8_t pdu_len[2]; 655 uint8_t source_id[NODE_ID_LEN]; 656 }; 657 658 struct isis_tlv_lsp { 659 uint8_t remaining_lifetime[2]; 660 uint8_t lsp_id[LSP_ID_LEN]; 661 uint8_t sequence_number[4]; 662 uint8_t checksum[2]; 663 }; 664 665 #define ISIS_COMMON_HEADER_SIZE (sizeof(struct isis_common_header)) 666 #define ISIS_IIH_LAN_HEADER_SIZE (sizeof(struct isis_iih_lan_header)) 667 #define ISIS_IIH_PTP_HEADER_SIZE (sizeof(struct isis_iih_ptp_header)) 668 #define ISIS_LSP_HEADER_SIZE (sizeof(struct isis_lsp_header)) 669 #define ISIS_CSNP_HEADER_SIZE (sizeof(struct isis_csnp_header)) 670 #define ISIS_PSNP_HEADER_SIZE (sizeof(struct isis_psnp_header)) 671 672 void isoclns_print(netdissect_options *ndo, 673 const uint8_t *p, u_int length, u_int caplen) 674 { 675 if (caplen <= 1) { /* enough bytes on the wire ? */ 676 ND_PRINT((ndo, "|OSI")); 677 return; 678 } 679 680 if (ndo->ndo_eflag) 681 ND_PRINT((ndo, "OSI NLPID %s (0x%02x): ", tok2str(nlpid_values, "Unknown", *p), *p)); 682 683 switch (*p) { 684 685 case NLPID_CLNP: 686 if (!clnp_print(ndo, p, length)) 687 print_unknown_data(ndo, p, "\n\t", caplen); 688 break; 689 690 case NLPID_ESIS: 691 esis_print(ndo, p, length); 692 return; 693 694 case NLPID_ISIS: 695 if (!isis_print(ndo, p, length)) 696 print_unknown_data(ndo, p, "\n\t", caplen); 697 break; 698 699 case NLPID_NULLNS: 700 ND_PRINT((ndo, "%slength: %u", ndo->ndo_eflag ? "" : ", ", length)); 701 break; 702 703 case NLPID_Q933: 704 q933_print(ndo, p + 1, length - 1); 705 break; 706 707 case NLPID_IP: 708 ip_print(ndo, p + 1, length - 1); 709 break; 710 711 case NLPID_IP6: 712 ip6_print(ndo, p + 1, length - 1); 713 break; 714 715 case NLPID_PPP: 716 ppp_print(ndo, p + 1, length - 1); 717 break; 718 719 default: 720 if (!ndo->ndo_eflag) 721 ND_PRINT((ndo, "OSI NLPID 0x%02x unknown", *p)); 722 ND_PRINT((ndo, "%slength: %u", ndo->ndo_eflag ? "" : ", ", length)); 723 if (caplen > 1) 724 print_unknown_data(ndo, p, "\n\t", caplen); 725 break; 726 } 727 } 728 729 #define CLNP_PDU_ER 1 730 #define CLNP_PDU_DT 28 731 #define CLNP_PDU_MD 29 732 #define CLNP_PDU_ERQ 30 733 #define CLNP_PDU_ERP 31 734 735 static const struct tok clnp_pdu_values[] = { 736 { CLNP_PDU_ER, "Error Report"}, 737 { CLNP_PDU_MD, "MD"}, 738 { CLNP_PDU_DT, "Data"}, 739 { CLNP_PDU_ERQ, "Echo Request"}, 740 { CLNP_PDU_ERP, "Echo Response"}, 741 { 0, NULL } 742 }; 743 744 struct clnp_header_t { 745 uint8_t nlpid; 746 uint8_t length_indicator; 747 uint8_t version; 748 uint8_t lifetime; /* units of 500ms */ 749 uint8_t type; 750 uint8_t segment_length[2]; 751 uint8_t cksum[2]; 752 }; 753 754 struct clnp_segment_header_t { 755 uint8_t data_unit_id[2]; 756 uint8_t segment_offset[2]; 757 uint8_t total_length[2]; 758 }; 759 760 /* 761 * clnp_print 762 * Decode CLNP packets. Return 0 on error. 763 */ 764 765 static int 766 clnp_print(netdissect_options *ndo, 767 const uint8_t *pptr, u_int length) 768 { 769 const uint8_t *optr,*source_address,*dest_address; 770 u_int li,tlen,nsap_offset,source_address_length,dest_address_length, clnp_pdu_type, clnp_flags; 771 const struct clnp_header_t *clnp_header; 772 const struct clnp_segment_header_t *clnp_segment_header; 773 uint8_t rfd_error_major,rfd_error_minor; 774 775 clnp_header = (const struct clnp_header_t *) pptr; 776 ND_TCHECK(*clnp_header); 777 778 li = clnp_header->length_indicator; 779 optr = pptr; 780 781 if (!ndo->ndo_eflag) 782 ND_PRINT((ndo, "CLNP")); 783 784 /* 785 * Sanity checking of the header. 786 */ 787 788 if (clnp_header->version != CLNP_VERSION) { 789 ND_PRINT((ndo, "version %d packet not supported", clnp_header->version)); 790 return (0); 791 } 792 793 /* FIXME further header sanity checking */ 794 795 clnp_pdu_type = clnp_header->type & CLNP_PDU_TYPE_MASK; 796 clnp_flags = clnp_header->type & CLNP_FLAG_MASK; 797 798 pptr += sizeof(struct clnp_header_t); 799 li -= sizeof(struct clnp_header_t); 800 dest_address_length = *pptr; 801 dest_address = pptr + 1; 802 803 pptr += (1 + dest_address_length); 804 li -= (1 + dest_address_length); 805 source_address_length = *pptr; 806 source_address = pptr +1; 807 808 pptr += (1 + source_address_length); 809 li -= (1 + source_address_length); 810 811 if (ndo->ndo_vflag < 1) { 812 ND_PRINT((ndo, "%s%s > %s, %s, length %u", 813 ndo->ndo_eflag ? "" : ", ", 814 isonsap_string(source_address, source_address_length), 815 isonsap_string(dest_address, dest_address_length), 816 tok2str(clnp_pdu_values,"unknown (%u)",clnp_pdu_type), 817 length)); 818 return (1); 819 } 820 ND_PRINT((ndo, "%slength %u", ndo->ndo_eflag ? "" : ", ", length)); 821 822 ND_PRINT((ndo, "\n\t%s PDU, hlen: %u, v: %u, lifetime: %u.%us, Segment PDU length: %u, checksum: 0x%04x", 823 tok2str(clnp_pdu_values, "unknown (%u)",clnp_pdu_type), 824 clnp_header->length_indicator, 825 clnp_header->version, 826 clnp_header->lifetime/2, 827 (clnp_header->lifetime%2)*5, 828 EXTRACT_16BITS(clnp_header->segment_length), 829 EXTRACT_16BITS(clnp_header->cksum))); 830 831 osi_print_cksum(ndo, optr, EXTRACT_16BITS(clnp_header->cksum), 7, 832 clnp_header->length_indicator); 833 834 ND_PRINT((ndo, "\n\tFlags [%s]", 835 bittok2str(clnp_flag_values, "none", clnp_flags))); 836 837 ND_PRINT((ndo, "\n\tsource address (length %u): %s\n\tdest address (length %u): %s", 838 source_address_length, 839 isonsap_string(source_address, source_address_length), 840 dest_address_length, 841 isonsap_string(dest_address, dest_address_length))); 842 843 if (clnp_flags & CLNP_SEGMENT_PART) { 844 clnp_segment_header = (const struct clnp_segment_header_t *) pptr; 845 ND_TCHECK(*clnp_segment_header); 846 ND_PRINT((ndo, "\n\tData Unit ID: 0x%04x, Segment Offset: %u, Total PDU Length: %u", 847 EXTRACT_16BITS(clnp_segment_header->data_unit_id), 848 EXTRACT_16BITS(clnp_segment_header->segment_offset), 849 EXTRACT_16BITS(clnp_segment_header->total_length))); 850 pptr+=sizeof(const struct clnp_segment_header_t); 851 li-=sizeof(const struct clnp_segment_header_t); 852 } 853 854 /* now walk the options */ 855 while (li >= 2) { 856 u_int op, opli; 857 const uint8_t *tptr; 858 859 ND_TCHECK2(*pptr, 2); 860 if (li < 2) { 861 ND_PRINT((ndo, ", bad opts/li")); 862 return (0); 863 } 864 op = *pptr++; 865 opli = *pptr++; 866 li -= 2; 867 ND_TCHECK2(*pptr, opli); 868 if (opli > li) { 869 ND_PRINT((ndo, ", opt (%d) too long", op)); 870 return (0); 871 } 872 li -= opli; 873 tptr = pptr; 874 tlen = opli; 875 876 ND_PRINT((ndo, "\n\t %s Option #%u, length %u, value: ", 877 tok2str(clnp_option_values,"Unknown",op), 878 op, 879 opli)); 880 881 switch (op) { 882 883 884 case CLNP_OPTION_ROUTE_RECORDING: /* those two options share the format */ 885 case CLNP_OPTION_SOURCE_ROUTING: 886 ND_PRINT((ndo, "%s %s", 887 tok2str(clnp_option_sr_rr_values,"Unknown",*tptr), 888 tok2str(clnp_option_sr_rr_string_values, "Unknown Option %u", op))); 889 nsap_offset=*(tptr+1); 890 if (nsap_offset == 0) { 891 ND_PRINT((ndo, " Bad NSAP offset (0)")); 892 break; 893 } 894 nsap_offset-=1; /* offset to nsap list */ 895 if (nsap_offset > tlen) { 896 ND_PRINT((ndo, " Bad NSAP offset (past end of option)")); 897 break; 898 } 899 tptr+=nsap_offset; 900 tlen-=nsap_offset; 901 while (tlen > 0) { 902 source_address_length=*tptr; 903 if (tlen < source_address_length+1) { 904 ND_PRINT((ndo, "\n\t NSAP address goes past end of option")); 905 break; 906 } 907 if (source_address_length > 0) { 908 source_address=(tptr+1); 909 ND_TCHECK2(*source_address, source_address_length); 910 ND_PRINT((ndo, "\n\t NSAP address (length %u): %s", 911 source_address_length, 912 isonsap_string(source_address, source_address_length))); 913 } 914 tlen-=source_address_length+1; 915 } 916 break; 917 918 case CLNP_OPTION_PRIORITY: 919 ND_PRINT((ndo, "0x%1x", *tptr&0x0f)); 920 break; 921 922 case CLNP_OPTION_QOS_MAINTENANCE: 923 ND_PRINT((ndo, "\n\t Format Code: %s", 924 tok2str(clnp_option_scope_values, "Reserved", *tptr&CLNP_OPTION_SCOPE_MASK))); 925 926 if ((*tptr&CLNP_OPTION_SCOPE_MASK) == CLNP_OPTION_SCOPE_GLOBAL) 927 ND_PRINT((ndo, "\n\t QoS Flags [%s]", 928 bittok2str(clnp_option_qos_global_values, 929 "none", 930 *tptr&CLNP_OPTION_OPTION_QOS_MASK))); 931 break; 932 933 case CLNP_OPTION_SECURITY: 934 ND_PRINT((ndo, "\n\t Format Code: %s, Security-Level %u", 935 tok2str(clnp_option_scope_values,"Reserved",*tptr&CLNP_OPTION_SCOPE_MASK), 936 *(tptr+1))); 937 break; 938 939 case CLNP_OPTION_DISCARD_REASON: 940 rfd_error_major = (*tptr&0xf0) >> 4; 941 rfd_error_minor = *tptr&0x0f; 942 ND_PRINT((ndo, "\n\t Class: %s Error (0x%01x), %s (0x%01x)", 943 tok2str(clnp_option_rfd_class_values,"Unknown",rfd_error_major), 944 rfd_error_major, 945 tok2str(clnp_option_rfd_error_class[rfd_error_major],"Unknown",rfd_error_minor), 946 rfd_error_minor)); 947 break; 948 949 case CLNP_OPTION_PADDING: 950 ND_PRINT((ndo, "padding data")); 951 break; 952 953 /* 954 * FIXME those are the defined Options that lack a decoder 955 * you are welcome to contribute code ;-) 956 */ 957 958 default: 959 print_unknown_data(ndo, tptr, "\n\t ", opli); 960 break; 961 } 962 if (ndo->ndo_vflag > 1) 963 print_unknown_data(ndo, pptr, "\n\t ", opli); 964 pptr += opli; 965 } 966 967 switch (clnp_pdu_type) { 968 969 case CLNP_PDU_ER: /* fall through */ 970 case CLNP_PDU_ERP: 971 ND_TCHECK(*pptr); 972 if (*(pptr) == NLPID_CLNP) { 973 ND_PRINT((ndo, "\n\t-----original packet-----\n\t")); 974 /* FIXME recursion protection */ 975 clnp_print(ndo, pptr, length - clnp_header->length_indicator); 976 break; 977 } 978 979 case CLNP_PDU_DT: 980 case CLNP_PDU_MD: 981 case CLNP_PDU_ERQ: 982 983 default: 984 /* dump the PDU specific data */ 985 if (length-(pptr-optr) > 0) { 986 ND_PRINT((ndo, "\n\t undecoded non-header data, length %u", length-clnp_header->length_indicator)); 987 print_unknown_data(ndo, pptr, "\n\t ", length - (pptr - optr)); 988 } 989 } 990 991 return (1); 992 993 trunc: 994 ND_PRINT((ndo, "[|clnp]")); 995 return (1); 996 997 } 998 999 1000 #define ESIS_PDU_REDIRECT 6 1001 #define ESIS_PDU_ESH 2 1002 #define ESIS_PDU_ISH 4 1003 1004 static const struct tok esis_pdu_values[] = { 1005 { ESIS_PDU_REDIRECT, "redirect"}, 1006 { ESIS_PDU_ESH, "ESH"}, 1007 { ESIS_PDU_ISH, "ISH"}, 1008 { 0, NULL } 1009 }; 1010 1011 struct esis_header_t { 1012 uint8_t nlpid; 1013 uint8_t length_indicator; 1014 uint8_t version; 1015 uint8_t reserved; 1016 uint8_t type; 1017 uint8_t holdtime[2]; 1018 uint8_t cksum[2]; 1019 }; 1020 1021 static void 1022 esis_print(netdissect_options *ndo, 1023 const uint8_t *pptr, u_int length) 1024 { 1025 const uint8_t *optr; 1026 u_int li,esis_pdu_type,source_address_length, source_address_number; 1027 const struct esis_header_t *esis_header; 1028 1029 if (!ndo->ndo_eflag) 1030 ND_PRINT((ndo, "ES-IS")); 1031 1032 if (length <= 2) { 1033 ND_PRINT((ndo, ndo->ndo_qflag ? "bad pkt!" : "no header at all!")); 1034 return; 1035 } 1036 1037 esis_header = (const struct esis_header_t *) pptr; 1038 ND_TCHECK(*esis_header); 1039 li = esis_header->length_indicator; 1040 optr = pptr; 1041 1042 /* 1043 * Sanity checking of the header. 1044 */ 1045 1046 if (esis_header->nlpid != NLPID_ESIS) { 1047 ND_PRINT((ndo, " nlpid 0x%02x packet not supported", esis_header->nlpid)); 1048 return; 1049 } 1050 1051 if (esis_header->version != ESIS_VERSION) { 1052 ND_PRINT((ndo, " version %d packet not supported", esis_header->version)); 1053 return; 1054 } 1055 1056 if (li > length) { 1057 ND_PRINT((ndo, " length indicator(%d) > PDU size (%d)!", li, length)); 1058 return; 1059 } 1060 1061 if (li < sizeof(struct esis_header_t) + 2) { 1062 ND_PRINT((ndo, " length indicator < min PDU size %d:", li)); 1063 while (pptr < ndo->ndo_snapend) 1064 ND_PRINT((ndo, "%02X", *pptr++)); 1065 return; 1066 } 1067 1068 esis_pdu_type = esis_header->type & ESIS_PDU_TYPE_MASK; 1069 1070 if (ndo->ndo_vflag < 1) { 1071 ND_PRINT((ndo, "%s%s, length %u", 1072 ndo->ndo_eflag ? "" : ", ", 1073 tok2str(esis_pdu_values,"unknown type (%u)",esis_pdu_type), 1074 length)); 1075 return; 1076 } else 1077 ND_PRINT((ndo, "%slength %u\n\t%s (%u)", 1078 ndo->ndo_eflag ? "" : ", ", 1079 length, 1080 tok2str(esis_pdu_values,"unknown type: %u", esis_pdu_type), 1081 esis_pdu_type)); 1082 1083 ND_PRINT((ndo, ", v: %u%s", esis_header->version, esis_header->version == ESIS_VERSION ? "" : "unsupported" )); 1084 ND_PRINT((ndo, ", checksum: 0x%04x", EXTRACT_16BITS(esis_header->cksum))); 1085 1086 osi_print_cksum(ndo, pptr, EXTRACT_16BITS(esis_header->cksum), 7, li); 1087 1088 ND_PRINT((ndo, ", holding time: %us, length indicator: %u", 1089 EXTRACT_16BITS(esis_header->holdtime), li)); 1090 1091 if (ndo->ndo_vflag > 1) 1092 print_unknown_data(ndo, optr, "\n\t", sizeof(struct esis_header_t)); 1093 1094 pptr += sizeof(struct esis_header_t); 1095 li -= sizeof(struct esis_header_t); 1096 1097 switch (esis_pdu_type) { 1098 case ESIS_PDU_REDIRECT: { 1099 const uint8_t *dst, *snpa, *neta; 1100 u_int dstl, snpal, netal; 1101 1102 ND_TCHECK(*pptr); 1103 if (li < 1) { 1104 ND_PRINT((ndo, ", bad redirect/li")); 1105 return; 1106 } 1107 dstl = *pptr; 1108 pptr++; 1109 li--; 1110 ND_TCHECK2(*pptr, dstl); 1111 if (li < dstl) { 1112 ND_PRINT((ndo, ", bad redirect/li")); 1113 return; 1114 } 1115 dst = pptr; 1116 pptr += dstl; 1117 li -= dstl; 1118 ND_PRINT((ndo, "\n\t %s", isonsap_string(dst, dstl))); 1119 1120 ND_TCHECK(*pptr); 1121 if (li < 1) { 1122 ND_PRINT((ndo, ", bad redirect/li")); 1123 return; 1124 } 1125 snpal = *pptr; 1126 pptr++; 1127 li--; 1128 ND_TCHECK2(*pptr, snpal); 1129 if (li < snpal) { 1130 ND_PRINT((ndo, ", bad redirect/li")); 1131 return; 1132 } 1133 snpa = pptr; 1134 pptr += snpal; 1135 li -= snpal; 1136 ND_TCHECK(*pptr); 1137 if (li < 1) { 1138 ND_PRINT((ndo, ", bad redirect/li")); 1139 return; 1140 } 1141 netal = *pptr; 1142 pptr++; 1143 ND_TCHECK2(*pptr, netal); 1144 if (li < netal) { 1145 ND_PRINT((ndo, ", bad redirect/li")); 1146 return; 1147 } 1148 neta = pptr; 1149 pptr += netal; 1150 li -= netal; 1151 1152 if (netal == 0) 1153 ND_PRINT((ndo, "\n\t %s", etheraddr_string(ndo, snpa))); 1154 else 1155 ND_PRINT((ndo, "\n\t %s", isonsap_string(neta, netal))); 1156 break; 1157 } 1158 1159 case ESIS_PDU_ESH: 1160 ND_TCHECK(*pptr); 1161 if (li < 1) { 1162 ND_PRINT((ndo, ", bad esh/li")); 1163 return; 1164 } 1165 source_address_number = *pptr; 1166 pptr++; 1167 li--; 1168 1169 ND_PRINT((ndo, "\n\t Number of Source Addresses: %u", source_address_number)); 1170 1171 while (source_address_number > 0) { 1172 ND_TCHECK(*pptr); 1173 if (li < 1) { 1174 ND_PRINT((ndo, ", bad esh/li")); 1175 return; 1176 } 1177 source_address_length = *pptr; 1178 pptr++; 1179 li--; 1180 1181 ND_TCHECK2(*pptr, source_address_length); 1182 if (li < source_address_length) { 1183 ND_PRINT((ndo, ", bad esh/li")); 1184 return; 1185 } 1186 ND_PRINT((ndo, "\n\t NET (length: %u): %s", 1187 source_address_length, 1188 isonsap_string(pptr, source_address_length))); 1189 pptr += source_address_length; 1190 li -= source_address_length; 1191 source_address_number--; 1192 } 1193 1194 break; 1195 1196 case ESIS_PDU_ISH: { 1197 ND_TCHECK(*pptr); 1198 if (li < 1) { 1199 ND_PRINT((ndo, ", bad ish/li")); 1200 return; 1201 } 1202 source_address_length = *pptr; 1203 pptr++; 1204 li--; 1205 ND_TCHECK2(*pptr, source_address_length); 1206 if (li < source_address_length) { 1207 ND_PRINT((ndo, ", bad ish/li")); 1208 return; 1209 } 1210 ND_PRINT((ndo, "\n\t NET (length: %u): %s", source_address_length, isonsap_string(pptr, source_address_length))); 1211 pptr += source_address_length; 1212 li -= source_address_length; 1213 break; 1214 } 1215 1216 default: 1217 if (ndo->ndo_vflag <= 1) { 1218 if (pptr < ndo->ndo_snapend) 1219 print_unknown_data(ndo, pptr, "\n\t ", ndo->ndo_snapend - pptr); 1220 } 1221 return; 1222 } 1223 1224 /* now walk the options */ 1225 while (li != 0) { 1226 u_int op, opli; 1227 const uint8_t *tptr; 1228 1229 if (li < 2) { 1230 ND_PRINT((ndo, ", bad opts/li")); 1231 return; 1232 } 1233 ND_TCHECK2(*pptr, 2); 1234 op = *pptr++; 1235 opli = *pptr++; 1236 li -= 2; 1237 if (opli > li) { 1238 ND_PRINT((ndo, ", opt (%d) too long", op)); 1239 return; 1240 } 1241 li -= opli; 1242 tptr = pptr; 1243 1244 ND_PRINT((ndo, "\n\t %s Option #%u, length %u, value: ", 1245 tok2str(esis_option_values,"Unknown",op), 1246 op, 1247 opli)); 1248 1249 switch (op) { 1250 1251 case ESIS_OPTION_ES_CONF_TIME: 1252 if (opli == 2) { 1253 ND_TCHECK2(*pptr, 2); 1254 ND_PRINT((ndo, "%us", EXTRACT_16BITS(tptr))); 1255 } else 1256 ND_PRINT((ndo, "(bad length)")); 1257 break; 1258 1259 case ESIS_OPTION_PROTOCOLS: 1260 while (opli>0) { 1261 ND_TCHECK(*pptr); 1262 ND_PRINT((ndo, "%s (0x%02x)", 1263 tok2str(nlpid_values, 1264 "unknown", 1265 *tptr), 1266 *tptr)); 1267 if (opli>1) /* further NPLIDs ? - put comma */ 1268 ND_PRINT((ndo, ", ")); 1269 tptr++; 1270 opli--; 1271 } 1272 break; 1273 1274 /* 1275 * FIXME those are the defined Options that lack a decoder 1276 * you are welcome to contribute code ;-) 1277 */ 1278 1279 case ESIS_OPTION_QOS_MAINTENANCE: 1280 case ESIS_OPTION_SECURITY: 1281 case ESIS_OPTION_PRIORITY: 1282 case ESIS_OPTION_ADDRESS_MASK: 1283 case ESIS_OPTION_SNPA_MASK: 1284 1285 default: 1286 print_unknown_data(ndo, tptr, "\n\t ", opli); 1287 break; 1288 } 1289 if (ndo->ndo_vflag > 1) 1290 print_unknown_data(ndo, pptr, "\n\t ", opli); 1291 pptr += opli; 1292 } 1293 trunc: 1294 return; 1295 } 1296 1297 static void 1298 isis_print_mcid(netdissect_options *ndo, 1299 const struct isis_spb_mcid *mcid) 1300 { 1301 int i; 1302 1303 ND_PRINT((ndo, "ID: %d, Name: ", mcid->format_id)); 1304 1305 for(i=0; i<32; i++) 1306 { 1307 ND_PRINT((ndo, "%c", mcid->name[i])); 1308 if(mcid->name[i] == '\0') 1309 break; 1310 } 1311 1312 ND_PRINT((ndo, "\n\t Lvl: %d", EXTRACT_16BITS(mcid->revision_lvl))); 1313 1314 ND_PRINT((ndo, ", Digest: ")); 1315 1316 for(i=0;i<16;i++) 1317 ND_PRINT((ndo, "%.2x ", mcid->digest[i])); 1318 } 1319 1320 static int 1321 isis_print_mt_port_cap_subtlv(netdissect_options *ndo, 1322 const uint8_t *tptr, int len) 1323 { 1324 int stlv_type, stlv_len; 1325 const struct isis_subtlv_spb_mcid *subtlv_spb_mcid; 1326 int i; 1327 1328 while (len > 0) 1329 { 1330 stlv_type = *(tptr++); 1331 stlv_len = *(tptr++); 1332 1333 /* first lets see if we know the subTLVs name*/ 1334 ND_PRINT((ndo, "\n\t %s subTLV #%u, length: %u", 1335 tok2str(isis_mt_port_cap_subtlv_values, "unknown", stlv_type), 1336 stlv_type, 1337 stlv_len)); 1338 1339 /*len -= TLV_TYPE_LEN_OFFSET;*/ 1340 len = len -2; 1341 1342 switch (stlv_type) 1343 { 1344 case ISIS_SUBTLV_SPB_MCID: 1345 { 1346 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_MCID_MIN_LEN)) 1347 goto trunctlv; 1348 1349 subtlv_spb_mcid = (struct isis_subtlv_spb_mcid *)tptr; 1350 1351 ND_PRINT((ndo, "\n\t MCID: ")); 1352 isis_print_mcid(ndo, &(subtlv_spb_mcid->mcid)); 1353 1354 /*tptr += SPB_MCID_MIN_LEN; 1355 len -= SPB_MCID_MIN_LEN; */ 1356 1357 ND_PRINT((ndo, "\n\t AUX-MCID: ")); 1358 isis_print_mcid(ndo, &(subtlv_spb_mcid->aux_mcid)); 1359 1360 /*tptr += SPB_MCID_MIN_LEN; 1361 len -= SPB_MCID_MIN_LEN; */ 1362 tptr = tptr + sizeof(struct isis_subtlv_spb_mcid); 1363 len = len - sizeof(struct isis_subtlv_spb_mcid); 1364 1365 break; 1366 } 1367 1368 case ISIS_SUBTLV_SPB_DIGEST: 1369 { 1370 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_DIGEST_MIN_LEN)) 1371 goto trunctlv; 1372 1373 ND_PRINT((ndo, "\n\t RES: %d V: %d A: %d D: %d", 1374 (*(tptr) >> 5), (((*tptr)>> 4) & 0x01), 1375 ((*(tptr) >> 2) & 0x03), ((*tptr) & 0x03))); 1376 1377 tptr++; 1378 1379 ND_PRINT((ndo, "\n\t Digest: ")); 1380 1381 for(i=1;i<=8; i++) 1382 { 1383 ND_PRINT((ndo, "%08x ", EXTRACT_32BITS(tptr))); 1384 if (i%4 == 0 && i != 8) 1385 ND_PRINT((ndo, "\n\t ")); 1386 tptr = tptr + 4; 1387 } 1388 1389 len = len - ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; 1390 1391 break; 1392 } 1393 1394 case ISIS_SUBTLV_SPB_BVID: 1395 { 1396 if (!ND_TTEST2(*(tptr), stlv_len)) 1397 goto trunctlv; 1398 1399 while (len) 1400 { 1401 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_BVID_MIN_LEN)) 1402 goto trunctlv; 1403 1404 ND_PRINT((ndo, "\n\t ECT: %08x", 1405 EXTRACT_32BITS(tptr))); 1406 1407 tptr = tptr+4; 1408 1409 ND_PRINT((ndo, " BVID: %d, U:%01x M:%01x ", 1410 (EXTRACT_16BITS (tptr) >> 4) , 1411 (EXTRACT_16BITS (tptr) >> 3) & 0x01, 1412 (EXTRACT_16BITS (tptr) >> 2) & 0x01)); 1413 1414 tptr = tptr + 2; 1415 len = len - ISIS_SUBTLV_SPB_BVID_MIN_LEN; 1416 } 1417 1418 break; 1419 } 1420 1421 default: 1422 break; 1423 } 1424 } 1425 1426 return 0; 1427 1428 trunctlv: 1429 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); 1430 return(1); 1431 } 1432 1433 static int 1434 isis_print_mt_capability_subtlv(netdissect_options *ndo, 1435 const uint8_t *tptr, int len) 1436 { 1437 int stlv_type, stlv_len, tmp; 1438 1439 while (len > 0) 1440 { 1441 stlv_type = *(tptr++); 1442 stlv_len = *(tptr++); 1443 1444 /* first lets see if we know the subTLVs name*/ 1445 ND_PRINT((ndo, "\n\t %s subTLV #%u, length: %u", 1446 tok2str(isis_mt_capability_subtlv_values, "unknown", stlv_type), 1447 stlv_type, 1448 stlv_len)); 1449 1450 len = len - 2; 1451 1452 switch (stlv_type) 1453 { 1454 case ISIS_SUBTLV_SPB_INSTANCE: 1455 1456 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN)) 1457 goto trunctlv; 1458 1459 ND_PRINT((ndo, "\n\t CIST Root-ID: %08x", EXTRACT_32BITS(tptr))); 1460 tptr = tptr+4; 1461 ND_PRINT((ndo, " %08x", EXTRACT_32BITS(tptr))); 1462 tptr = tptr+4; 1463 ND_PRINT((ndo, ", Path Cost: %08x", EXTRACT_32BITS(tptr))); 1464 tptr = tptr+4; 1465 ND_PRINT((ndo, ", Prio: %d", EXTRACT_16BITS(tptr))); 1466 tptr = tptr + 2; 1467 ND_PRINT((ndo, "\n\t RES: %d", 1468 EXTRACT_16BITS(tptr) >> 5)); 1469 ND_PRINT((ndo, ", V: %d", 1470 (EXTRACT_16BITS(tptr) >> 4) & 0x0001)); 1471 ND_PRINT((ndo, ", SPSource-ID: %d", 1472 (EXTRACT_32BITS(tptr) & 0x000fffff))); 1473 tptr = tptr+4; 1474 ND_PRINT((ndo, ", No of Trees: %x", *(tptr))); 1475 1476 tmp = *(tptr++); 1477 1478 len = len - ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; 1479 1480 while (tmp) 1481 { 1482 if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN)) 1483 goto trunctlv; 1484 1485 ND_PRINT((ndo, "\n\t U:%d, M:%d, A:%d, RES:%d", 1486 *(tptr) >> 7, (*(tptr) >> 6) & 0x01, 1487 (*(tptr) >> 5) & 0x01, (*(tptr) & 0x1f))); 1488 1489 tptr++; 1490 1491 ND_PRINT((ndo, ", ECT: %08x", EXTRACT_32BITS(tptr))); 1492 1493 tptr = tptr + 4; 1494 1495 ND_PRINT((ndo, ", BVID: %d, SPVID: %d", 1496 (EXTRACT_24BITS(tptr) >> 12) & 0x000fff, 1497 EXTRACT_24BITS(tptr) & 0x000fff)); 1498 1499 tptr = tptr + 3; 1500 len = len - ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; 1501 tmp--; 1502 } 1503 1504 break; 1505 1506 case ISIS_SUBTLV_SPBM_SI: 1507 1508 if (!ND_TTEST2(*(tptr), 6)) 1509 goto trunctlv; 1510 1511 ND_PRINT((ndo, "\n\t BMAC: %08x", EXTRACT_32BITS(tptr))); 1512 tptr = tptr+4; 1513 ND_PRINT((ndo, "%04x", EXTRACT_16BITS(tptr))); 1514 tptr = tptr+2; 1515 1516 ND_PRINT((ndo, ", RES: %d, VID: %d", EXTRACT_16BITS(tptr) >> 12, 1517 (EXTRACT_16BITS(tptr)) & 0x0fff)); 1518 1519 tptr = tptr+2; 1520 len = len - 8; 1521 stlv_len = stlv_len - 8; 1522 1523 while (stlv_len) 1524 { 1525 ND_PRINT((ndo, "\n\t T: %d, R: %d, RES: %d, ISID: %d", 1526 (EXTRACT_32BITS(tptr) >> 31), 1527 (EXTRACT_32BITS(tptr) >> 30) & 0x01, 1528 (EXTRACT_32BITS(tptr) >> 24) & 0x03f, 1529 (EXTRACT_32BITS(tptr)) & 0x0ffffff)); 1530 1531 tptr = tptr + 4; 1532 len = len - 4; 1533 stlv_len = stlv_len - 4; 1534 } 1535 1536 break; 1537 1538 default: 1539 break; 1540 } 1541 } 1542 return 0; 1543 1544 trunctlv: 1545 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); 1546 return(1); 1547 } 1548 1549 /* shared routine for printing system, node and lsp-ids */ 1550 static char * 1551 isis_print_id(const uint8_t *cp, int id_len) 1552 { 1553 int i; 1554 static char id[sizeof("xxxx.xxxx.xxxx.yy-zz")]; 1555 char *pos = id; 1556 1557 for (i = 1; i <= SYSTEM_ID_LEN; i++) { 1558 snprintf(pos, sizeof(id) - (pos - id), "%02x", *cp++); 1559 pos += strlen(pos); 1560 if (i == 2 || i == 4) 1561 *pos++ = '.'; 1562 } 1563 if (id_len >= NODE_ID_LEN) { 1564 snprintf(pos, sizeof(id) - (pos - id), ".%02x", *cp++); 1565 pos += strlen(pos); 1566 } 1567 if (id_len == LSP_ID_LEN) 1568 snprintf(pos, sizeof(id) - (pos - id), "-%02x", *cp); 1569 return (id); 1570 } 1571 1572 /* print the 4-byte metric block which is common found in the old-style TLVs */ 1573 static int 1574 isis_print_metric_block(netdissect_options *ndo, 1575 const struct isis_metric_block *isis_metric_block) 1576 { 1577 ND_PRINT((ndo, ", Default Metric: %d, %s", 1578 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_default), 1579 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_default) ? "External" : "Internal")); 1580 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_delay)) 1581 ND_PRINT((ndo, "\n\t\t Delay Metric: %d, %s", 1582 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_delay), 1583 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_delay) ? "External" : "Internal")); 1584 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_expense)) 1585 ND_PRINT((ndo, "\n\t\t Expense Metric: %d, %s", 1586 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_expense), 1587 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_expense) ? "External" : "Internal")); 1588 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_error)) 1589 ND_PRINT((ndo, "\n\t\t Error Metric: %d, %s", 1590 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_error), 1591 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_error) ? "External" : "Internal")); 1592 1593 return(1); /* everything is ok */ 1594 } 1595 1596 static int 1597 isis_print_tlv_ip_reach(netdissect_options *ndo, 1598 const uint8_t *cp, const char *ident, int length) 1599 { 1600 int prefix_len; 1601 const struct isis_tlv_ip_reach *tlv_ip_reach; 1602 1603 tlv_ip_reach = (const struct isis_tlv_ip_reach *)cp; 1604 1605 while (length > 0) { 1606 if ((size_t)length < sizeof(*tlv_ip_reach)) { 1607 ND_PRINT((ndo, "short IPv4 Reachability (%d vs %lu)", 1608 length, 1609 (unsigned long)sizeof(*tlv_ip_reach))); 1610 return (0); 1611 } 1612 1613 if (!ND_TTEST(*tlv_ip_reach)) 1614 return (0); 1615 1616 prefix_len = mask2plen(EXTRACT_32BITS(tlv_ip_reach->mask)); 1617 1618 if (prefix_len == -1) 1619 ND_PRINT((ndo, "%sIPv4 prefix: %s mask %s", 1620 ident, 1621 ipaddr_string(ndo, (tlv_ip_reach->prefix)), 1622 ipaddr_string(ndo, (tlv_ip_reach->mask)))); 1623 else 1624 ND_PRINT((ndo, "%sIPv4 prefix: %15s/%u", 1625 ident, 1626 ipaddr_string(ndo, (tlv_ip_reach->prefix)), 1627 prefix_len)); 1628 1629 ND_PRINT((ndo, ", Distribution: %s, Metric: %u, %s", 1630 ISIS_LSP_TLV_METRIC_UPDOWN(tlv_ip_reach->isis_metric_block.metric_default) ? "down" : "up", 1631 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_default), 1632 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_default) ? "External" : "Internal")); 1633 1634 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_delay)) 1635 ND_PRINT((ndo, "%s Delay Metric: %u, %s", 1636 ident, 1637 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_delay), 1638 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_delay) ? "External" : "Internal")); 1639 1640 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_expense)) 1641 ND_PRINT((ndo, "%s Expense Metric: %u, %s", 1642 ident, 1643 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_expense), 1644 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_expense) ? "External" : "Internal")); 1645 1646 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_error)) 1647 ND_PRINT((ndo, "%s Error Metric: %u, %s", 1648 ident, 1649 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_error), 1650 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_error) ? "External" : "Internal")); 1651 1652 length -= sizeof(struct isis_tlv_ip_reach); 1653 tlv_ip_reach++; 1654 } 1655 return (1); 1656 } 1657 1658 /* 1659 * this is the common IP-REACH subTLV decoder it is called 1660 * from various EXTD-IP REACH TLVs (135,235,236,237) 1661 */ 1662 1663 static int 1664 isis_print_ip_reach_subtlv(netdissect_options *ndo, 1665 const uint8_t *tptr, int subt, int subl, 1666 const char *ident) 1667 { 1668 /* first lets see if we know the subTLVs name*/ 1669 ND_PRINT((ndo, "%s%s subTLV #%u, length: %u", 1670 ident, tok2str(isis_ext_ip_reach_subtlv_values, "unknown", subt), 1671 subt, subl)); 1672 1673 if (!ND_TTEST2(*tptr,subl)) 1674 goto trunctlv; 1675 1676 switch(subt) { 1677 case ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR: /* fall through */ 1678 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32: 1679 while (subl >= 4) { 1680 ND_PRINT((ndo, ", 0x%08x (=%u)", 1681 EXTRACT_32BITS(tptr), 1682 EXTRACT_32BITS(tptr))); 1683 tptr+=4; 1684 subl-=4; 1685 } 1686 break; 1687 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64: 1688 while (subl >= 8) { 1689 ND_PRINT((ndo, ", 0x%08x%08x", 1690 EXTRACT_32BITS(tptr), 1691 EXTRACT_32BITS(tptr+4))); 1692 tptr+=8; 1693 subl-=8; 1694 } 1695 break; 1696 default: 1697 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1698 return(0); 1699 break; 1700 } 1701 return(1); 1702 1703 trunctlv: 1704 ND_PRINT((ndo, "%spacket exceeded snapshot", ident)); 1705 return(0); 1706 } 1707 1708 /* 1709 * this is the common IS-REACH subTLV decoder it is called 1710 * from isis_print_ext_is_reach() 1711 */ 1712 1713 static int 1714 isis_print_is_reach_subtlv(netdissect_options *ndo, 1715 const uint8_t *tptr, u_int subt, u_int subl, 1716 const char *ident) 1717 { 1718 u_int te_class,priority_level,gmpls_switch_cap; 1719 union { /* int to float conversion buffer for several subTLVs */ 1720 float f; 1721 uint32_t i; 1722 } bw; 1723 1724 /* first lets see if we know the subTLVs name*/ 1725 ND_PRINT((ndo, "%s%s subTLV #%u, length: %u", 1726 ident, tok2str(isis_ext_is_reach_subtlv_values, "unknown", subt), 1727 subt, subl)); 1728 1729 if (!ND_TTEST2(*tptr,subl)) 1730 goto trunctlv; 1731 1732 switch(subt) { 1733 case ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP: 1734 case ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID: 1735 case ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID: 1736 if (subl >= 4) { 1737 ND_PRINT((ndo, ", 0x%08x", EXTRACT_32BITS(tptr))); 1738 if (subl == 8) /* rfc4205 */ 1739 ND_PRINT((ndo, ", 0x%08x", EXTRACT_32BITS(tptr+4))); 1740 } 1741 break; 1742 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR: 1743 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR: 1744 if (subl >= sizeof(struct in_addr)) 1745 ND_PRINT((ndo, ", %s", ipaddr_string(ndo, tptr))); 1746 break; 1747 case ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW : 1748 case ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW: 1749 if (subl >= 4) { 1750 bw.i = EXTRACT_32BITS(tptr); 1751 ND_PRINT((ndo, ", %.3f Mbps", bw.f * 8 / 1000000)); 1752 } 1753 break; 1754 case ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW : 1755 if (subl >= 32) { 1756 for (te_class = 0; te_class < 8; te_class++) { 1757 bw.i = EXTRACT_32BITS(tptr); 1758 ND_PRINT((ndo, "%s TE-Class %u: %.3f Mbps", 1759 ident, 1760 te_class, 1761 bw.f * 8 / 1000000)); 1762 tptr+=4; 1763 } 1764 } 1765 break; 1766 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS: /* fall through */ 1767 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD: 1768 ND_PRINT((ndo, "%sBandwidth Constraints Model ID: %s (%u)", 1769 ident, 1770 tok2str(diffserv_te_bc_values, "unknown", *tptr), 1771 *tptr)); 1772 tptr++; 1773 /* decode BCs until the subTLV ends */ 1774 for (te_class = 0; te_class < (subl-1)/4; te_class++) { 1775 bw.i = EXTRACT_32BITS(tptr); 1776 ND_PRINT((ndo, "%s Bandwidth constraint CT%u: %.3f Mbps", 1777 ident, 1778 te_class, 1779 bw.f * 8 / 1000000)); 1780 tptr+=4; 1781 } 1782 break; 1783 case ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC: 1784 if (subl >= 3) 1785 ND_PRINT((ndo, ", %u", EXTRACT_24BITS(tptr))); 1786 break; 1787 case ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE: 1788 if (subl == 2) { 1789 ND_PRINT((ndo, ", [ %s ] (0x%04x)", 1790 bittok2str(isis_subtlv_link_attribute_values, 1791 "Unknown", 1792 EXTRACT_16BITS(tptr)), 1793 EXTRACT_16BITS(tptr))); 1794 } 1795 break; 1796 case ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE: 1797 if (subl >= 2) { 1798 ND_PRINT((ndo, ", %s, Priority %u", 1799 bittok2str(gmpls_link_prot_values, "none", *tptr), 1800 *(tptr+1))); 1801 } 1802 break; 1803 case ISIS_SUBTLV_SPB_METRIC: 1804 if (subl >= 6) { 1805 ND_PRINT((ndo, ", LM: %u", EXTRACT_24BITS(tptr))); 1806 tptr=tptr+3; 1807 ND_PRINT((ndo, ", P: %u", *(tptr))); 1808 tptr++; 1809 ND_PRINT((ndo, ", P-ID: %u", EXTRACT_16BITS(tptr))); 1810 } 1811 break; 1812 case ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR: 1813 if (subl >= 36) { 1814 gmpls_switch_cap = *tptr; 1815 ND_PRINT((ndo, "%s Interface Switching Capability:%s", 1816 ident, 1817 tok2str(gmpls_switch_cap_values, "Unknown", gmpls_switch_cap))); 1818 ND_PRINT((ndo, ", LSP Encoding: %s", 1819 tok2str(gmpls_encoding_values, "Unknown", *(tptr + 1)))); 1820 tptr+=4; 1821 ND_PRINT((ndo, "%s Max LSP Bandwidth:", ident)); 1822 for (priority_level = 0; priority_level < 8; priority_level++) { 1823 bw.i = EXTRACT_32BITS(tptr); 1824 ND_PRINT((ndo, "%s priority level %d: %.3f Mbps", 1825 ident, 1826 priority_level, 1827 bw.f * 8 / 1000000)); 1828 tptr+=4; 1829 } 1830 subl-=36; 1831 switch (gmpls_switch_cap) { 1832 case GMPLS_PSC1: 1833 case GMPLS_PSC2: 1834 case GMPLS_PSC3: 1835 case GMPLS_PSC4: 1836 bw.i = EXTRACT_32BITS(tptr); 1837 ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000)); 1838 ND_PRINT((ndo, "%s Interface MTU: %u", ident, EXTRACT_16BITS(tptr + 4))); 1839 break; 1840 case GMPLS_TSC: 1841 bw.i = EXTRACT_32BITS(tptr); 1842 ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000)); 1843 ND_PRINT((ndo, "%s Indication %s", ident, 1844 tok2str(gmpls_switch_cap_tsc_indication_values, "Unknown (%u)", *(tptr + 4)))); 1845 break; 1846 default: 1847 /* there is some optional stuff left to decode but this is as of yet 1848 not specified so just lets hexdump what is left */ 1849 if(subl>0){ 1850 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1851 return(0); 1852 } 1853 } 1854 } 1855 break; 1856 default: 1857 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1858 return(0); 1859 break; 1860 } 1861 return(1); 1862 1863 trunctlv: 1864 ND_PRINT((ndo, "%spacket exceeded snapshot", ident)); 1865 return(0); 1866 } 1867 1868 1869 /* 1870 * this is the common IS-REACH decoder it is called 1871 * from various EXTD-IS REACH style TLVs (22,24,222) 1872 */ 1873 1874 static int 1875 isis_print_ext_is_reach(netdissect_options *ndo, 1876 const uint8_t *tptr, const char *ident, int tlv_type) 1877 { 1878 char ident_buffer[20]; 1879 int subtlv_type,subtlv_len,subtlv_sum_len; 1880 int proc_bytes = 0; /* how many bytes did we process ? */ 1881 1882 if (!ND_TTEST2(*tptr, NODE_ID_LEN)) 1883 return(0); 1884 1885 ND_PRINT((ndo, "%sIS Neighbor: %s", ident, isis_print_id(tptr, NODE_ID_LEN))); 1886 tptr+=(NODE_ID_LEN); 1887 1888 if (tlv_type != ISIS_TLV_IS_ALIAS_ID) { /* the Alias TLV Metric field is implicit 0 */ 1889 if (!ND_TTEST2(*tptr, 3)) /* and is therefore skipped */ 1890 return(0); 1891 ND_PRINT((ndo, ", Metric: %d", EXTRACT_24BITS(tptr))); 1892 tptr+=3; 1893 } 1894 1895 if (!ND_TTEST2(*tptr, 1)) 1896 return(0); 1897 subtlv_sum_len=*(tptr++); /* read out subTLV length */ 1898 proc_bytes=NODE_ID_LEN+3+1; 1899 ND_PRINT((ndo, ", %ssub-TLVs present",subtlv_sum_len ? "" : "no ")); 1900 if (subtlv_sum_len) { 1901 ND_PRINT((ndo, " (%u)", subtlv_sum_len)); 1902 while (subtlv_sum_len>0) { 1903 if (!ND_TTEST2(*tptr,2)) 1904 return(0); 1905 subtlv_type=*(tptr++); 1906 subtlv_len=*(tptr++); 1907 /* prepend the ident string */ 1908 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 1909 if (!isis_print_is_reach_subtlv(ndo, tptr, subtlv_type, subtlv_len, ident_buffer)) 1910 return(0); 1911 tptr+=subtlv_len; 1912 subtlv_sum_len-=(subtlv_len+2); 1913 proc_bytes+=(subtlv_len+2); 1914 } 1915 } 1916 return(proc_bytes); 1917 } 1918 1919 /* 1920 * this is the common Multi Topology ID decoder 1921 * it is called from various MT-TLVs (222,229,235,237) 1922 */ 1923 1924 static int 1925 isis_print_mtid(netdissect_options *ndo, 1926 const uint8_t *tptr, const char *ident) 1927 { 1928 if (!ND_TTEST2(*tptr, 2)) 1929 return(0); 1930 1931 ND_PRINT((ndo, "%s%s", 1932 ident, 1933 tok2str(isis_mt_values, 1934 "Reserved for IETF Consensus", 1935 ISIS_MASK_MTID(EXTRACT_16BITS(tptr))))); 1936 1937 ND_PRINT((ndo, " Topology (0x%03x), Flags: [%s]", 1938 ISIS_MASK_MTID(EXTRACT_16BITS(tptr)), 1939 bittok2str(isis_mt_flag_values, "none",ISIS_MASK_MTFLAGS(EXTRACT_16BITS(tptr))))); 1940 1941 return(2); 1942 } 1943 1944 /* 1945 * this is the common extended IP reach decoder 1946 * it is called from TLVs (135,235,236,237) 1947 * we process the TLV and optional subTLVs and return 1948 * the amount of processed bytes 1949 */ 1950 1951 static int 1952 isis_print_extd_ip_reach(netdissect_options *ndo, 1953 const uint8_t *tptr, const char *ident, uint16_t afi) 1954 { 1955 char ident_buffer[20]; 1956 #ifdef INET6 1957 uint8_t prefix[sizeof(struct in6_addr)]; /* shared copy buffer for IPv4 and IPv6 prefixes */ 1958 #else 1959 uint8_t prefix[sizeof(struct in_addr)]; /* shared copy buffer for IPv4 prefixes */ 1960 #endif 1961 u_int metric, status_byte, bit_length, byte_length, sublen, processed, subtlvtype, subtlvlen; 1962 1963 if (!ND_TTEST2(*tptr, 4)) 1964 return (0); 1965 metric = EXTRACT_32BITS(tptr); 1966 processed=4; 1967 tptr+=4; 1968 1969 if (afi == AF_INET) { 1970 if (!ND_TTEST2(*tptr, 1)) /* fetch status byte */ 1971 return (0); 1972 status_byte=*(tptr++); 1973 bit_length = status_byte&0x3f; 1974 if (bit_length > 32) { 1975 ND_PRINT((ndo, "%sIPv4 prefix: bad bit length %u", 1976 ident, 1977 bit_length)); 1978 return (0); 1979 } 1980 processed++; 1981 #ifdef INET6 1982 } else if (afi == AF_INET6) { 1983 if (!ND_TTEST2(*tptr, 1)) /* fetch status & prefix_len byte */ 1984 return (0); 1985 status_byte=*(tptr++); 1986 bit_length=*(tptr++); 1987 if (bit_length > 128) { 1988 ND_PRINT((ndo, "%sIPv6 prefix: bad bit length %u", 1989 ident, 1990 bit_length)); 1991 return (0); 1992 } 1993 processed+=2; 1994 #endif 1995 } else 1996 return (0); /* somebody is fooling us */ 1997 1998 byte_length = (bit_length + 7) / 8; /* prefix has variable length encoding */ 1999 2000 if (!ND_TTEST2(*tptr, byte_length)) 2001 return (0); 2002 memset(prefix, 0, sizeof prefix); /* clear the copy buffer */ 2003 memcpy(prefix,tptr,byte_length); /* copy as much as is stored in the TLV */ 2004 tptr+=byte_length; 2005 processed+=byte_length; 2006 2007 if (afi == AF_INET) 2008 ND_PRINT((ndo, "%sIPv4 prefix: %15s/%u", 2009 ident, 2010 ipaddr_string(ndo, prefix), 2011 bit_length)); 2012 #ifdef INET6 2013 if (afi == AF_INET6) 2014 ND_PRINT((ndo, "%sIPv6 prefix: %s/%u", 2015 ident, 2016 ip6addr_string(ndo, prefix), 2017 bit_length)); 2018 #endif 2019 2020 ND_PRINT((ndo, ", Distribution: %s, Metric: %u", 2021 ISIS_MASK_TLV_EXTD_IP_UPDOWN(status_byte) ? "down" : "up", 2022 metric)); 2023 2024 if (afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2025 ND_PRINT((ndo, ", sub-TLVs present")); 2026 #ifdef INET6 2027 if (afi == AF_INET6) 2028 ND_PRINT((ndo, ", %s%s", 2029 ISIS_MASK_TLV_EXTD_IP6_IE(status_byte) ? "External" : "Internal", 2030 ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte) ? ", sub-TLVs present" : "")); 2031 #endif 2032 2033 if ((afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2034 #ifdef INET6 2035 || (afi == AF_INET6 && ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte)) 2036 #endif 2037 ) { 2038 /* assume that one prefix can hold more 2039 than one subTLV - therefore the first byte must reflect 2040 the aggregate bytecount of the subTLVs for this prefix 2041 */ 2042 if (!ND_TTEST2(*tptr, 1)) 2043 return (0); 2044 sublen=*(tptr++); 2045 processed+=sublen+1; 2046 ND_PRINT((ndo, " (%u)", sublen)); /* print out subTLV length */ 2047 2048 while (sublen>0) { 2049 if (!ND_TTEST2(*tptr,2)) 2050 return (0); 2051 subtlvtype=*(tptr++); 2052 subtlvlen=*(tptr++); 2053 /* prepend the ident string */ 2054 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 2055 if (!isis_print_ip_reach_subtlv(ndo, tptr, subtlvtype, subtlvlen, ident_buffer)) 2056 return(0); 2057 tptr+=subtlvlen; 2058 sublen-=(subtlvlen+2); 2059 } 2060 } 2061 return (processed); 2062 } 2063 2064 /* 2065 * isis_print 2066 * Decode IS-IS packets. Return 0 on error. 2067 */ 2068 2069 static int 2070 isis_print(netdissect_options *ndo, 2071 const uint8_t *p, u_int length) 2072 { 2073 const struct isis_common_header *isis_header; 2074 2075 const struct isis_iih_lan_header *header_iih_lan; 2076 const struct isis_iih_ptp_header *header_iih_ptp; 2077 struct isis_lsp_header *header_lsp; 2078 const struct isis_csnp_header *header_csnp; 2079 const struct isis_psnp_header *header_psnp; 2080 2081 const struct isis_tlv_lsp *tlv_lsp; 2082 const struct isis_tlv_ptp_adj *tlv_ptp_adj; 2083 const struct isis_tlv_is_reach *tlv_is_reach; 2084 const struct isis_tlv_es_reach *tlv_es_reach; 2085 2086 uint8_t pdu_type, max_area, id_length, tlv_type, tlv_len, tmp, alen, lan_alen, prefix_len; 2087 uint8_t ext_is_len, ext_ip_len, mt_len; 2088 const uint8_t *optr, *pptr, *tptr; 2089 u_short packet_len,pdu_len, key_id; 2090 u_int i,vendor_id; 2091 int sigcheck; 2092 2093 packet_len=length; 2094 optr = p; /* initialize the _o_riginal pointer to the packet start - 2095 need it for parsing the checksum TLV and authentication 2096 TLV verification */ 2097 isis_header = (const struct isis_common_header *)p; 2098 ND_TCHECK(*isis_header); 2099 pptr = p+(ISIS_COMMON_HEADER_SIZE); 2100 header_iih_lan = (const struct isis_iih_lan_header *)pptr; 2101 header_iih_ptp = (const struct isis_iih_ptp_header *)pptr; 2102 header_lsp = (struct isis_lsp_header *)pptr; 2103 header_csnp = (const struct isis_csnp_header *)pptr; 2104 header_psnp = (const struct isis_psnp_header *)pptr; 2105 2106 if (!ndo->ndo_eflag) 2107 ND_PRINT((ndo, "IS-IS")); 2108 2109 /* 2110 * Sanity checking of the header. 2111 */ 2112 2113 if (isis_header->version != ISIS_VERSION) { 2114 ND_PRINT((ndo, "version %d packet not supported", isis_header->version)); 2115 return (0); 2116 } 2117 2118 if ((isis_header->id_length != SYSTEM_ID_LEN) && (isis_header->id_length != 0)) { 2119 ND_PRINT((ndo, "system ID length of %d is not supported", 2120 isis_header->id_length)); 2121 return (0); 2122 } 2123 2124 if (isis_header->pdu_version != ISIS_VERSION) { 2125 ND_PRINT((ndo, "version %d packet not supported", isis_header->pdu_version)); 2126 return (0); 2127 } 2128 2129 max_area = isis_header->max_area; 2130 switch(max_area) { 2131 case 0: 2132 max_area = 3; /* silly shit */ 2133 break; 2134 case 255: 2135 ND_PRINT((ndo, "bad packet -- 255 areas")); 2136 return (0); 2137 default: 2138 break; 2139 } 2140 2141 id_length = isis_header->id_length; 2142 switch(id_length) { 2143 case 0: 2144 id_length = 6; /* silly shit again */ 2145 break; 2146 case 1: /* 1-8 are valid sys-ID lenghts */ 2147 case 2: 2148 case 3: 2149 case 4: 2150 case 5: 2151 case 6: 2152 case 7: 2153 case 8: 2154 break; 2155 case 255: 2156 id_length = 0; /* entirely useless */ 2157 break; 2158 default: 2159 break; 2160 } 2161 2162 /* toss any non 6-byte sys-ID len PDUs */ 2163 if (id_length != 6 ) { 2164 ND_PRINT((ndo, "bad packet -- illegal sys-ID length (%u)", id_length)); 2165 return (0); 2166 } 2167 2168 pdu_type=isis_header->pdu_type; 2169 2170 /* in non-verbose mode print the basic PDU Type plus PDU specific brief information*/ 2171 if (ndo->ndo_vflag < 1) { 2172 ND_PRINT((ndo, "%s%s", 2173 ndo->ndo_eflag ? "" : ", ", 2174 tok2str(isis_pdu_values, "unknown PDU-Type %u", pdu_type))); 2175 2176 switch (pdu_type) { 2177 2178 case ISIS_PDU_L1_LAN_IIH: 2179 case ISIS_PDU_L2_LAN_IIH: 2180 ND_PRINT((ndo, ", src-id %s", 2181 isis_print_id(header_iih_lan->source_id, SYSTEM_ID_LEN))); 2182 ND_PRINT((ndo, ", lan-id %s, prio %u", 2183 isis_print_id(header_iih_lan->lan_id,NODE_ID_LEN), 2184 header_iih_lan->priority)); 2185 break; 2186 case ISIS_PDU_PTP_IIH: 2187 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_iih_ptp->source_id, SYSTEM_ID_LEN))); 2188 break; 2189 case ISIS_PDU_L1_LSP: 2190 case ISIS_PDU_L2_LSP: 2191 ND_PRINT((ndo, ", lsp-id %s, seq 0x%08x, lifetime %5us", 2192 isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), 2193 EXTRACT_32BITS(header_lsp->sequence_number), 2194 EXTRACT_16BITS(header_lsp->remaining_lifetime))); 2195 break; 2196 case ISIS_PDU_L1_CSNP: 2197 case ISIS_PDU_L2_CSNP: 2198 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_csnp->source_id, NODE_ID_LEN))); 2199 break; 2200 case ISIS_PDU_L1_PSNP: 2201 case ISIS_PDU_L2_PSNP: 2202 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_psnp->source_id, NODE_ID_LEN))); 2203 break; 2204 2205 } 2206 ND_PRINT((ndo, ", length %u", length)); 2207 2208 return(1); 2209 } 2210 2211 /* ok they seem to want to know everything - lets fully decode it */ 2212 ND_PRINT((ndo, "%slength %u", ndo->ndo_eflag ? "" : ", ", length)); 2213 2214 ND_PRINT((ndo, "\n\t%s, hlen: %u, v: %u, pdu-v: %u, sys-id-len: %u (%u), max-area: %u (%u)", 2215 tok2str(isis_pdu_values, 2216 "unknown, type %u", 2217 pdu_type), 2218 isis_header->fixed_len, 2219 isis_header->version, 2220 isis_header->pdu_version, 2221 id_length, 2222 isis_header->id_length, 2223 max_area, 2224 isis_header->max_area)); 2225 2226 if (ndo->ndo_vflag > 1) { 2227 if (!print_unknown_data(ndo, optr, "\n\t", 8)) /* provide the _o_riginal pointer */ 2228 return(0); /* for optionally debugging the common header */ 2229 } 2230 2231 switch (pdu_type) { 2232 2233 case ISIS_PDU_L1_LAN_IIH: 2234 case ISIS_PDU_L2_LAN_IIH: 2235 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)) { 2236 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2237 isis_header->fixed_len, (unsigned long)ISIS_IIH_LAN_HEADER_SIZE)); 2238 return (0); 2239 } 2240 2241 pdu_len=EXTRACT_16BITS(header_iih_lan->pdu_len); 2242 if (packet_len>pdu_len) { 2243 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2244 length=pdu_len; 2245 } 2246 2247 ND_TCHECK(*header_iih_lan); 2248 ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]", 2249 isis_print_id(header_iih_lan->source_id,SYSTEM_ID_LEN), 2250 EXTRACT_16BITS(header_iih_lan->holding_time), 2251 tok2str(isis_iih_circuit_type_values, 2252 "unknown circuit type 0x%02x", 2253 header_iih_lan->circuit_type))); 2254 2255 ND_PRINT((ndo, "\n\t lan-id: %s, Priority: %u, PDU length: %u", 2256 isis_print_id(header_iih_lan->lan_id, NODE_ID_LEN), 2257 (header_iih_lan->priority) & ISIS_LAN_PRIORITY_MASK, 2258 pdu_len)); 2259 2260 if (ndo->ndo_vflag > 1) { 2261 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_LAN_HEADER_SIZE)) 2262 return(0); 2263 } 2264 2265 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2266 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2267 break; 2268 2269 case ISIS_PDU_PTP_IIH: 2270 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)) { 2271 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2272 isis_header->fixed_len, (unsigned long)ISIS_IIH_PTP_HEADER_SIZE)); 2273 return (0); 2274 } 2275 2276 pdu_len=EXTRACT_16BITS(header_iih_ptp->pdu_len); 2277 if (packet_len>pdu_len) { 2278 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2279 length=pdu_len; 2280 } 2281 2282 ND_TCHECK(*header_iih_ptp); 2283 ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]", 2284 isis_print_id(header_iih_ptp->source_id,SYSTEM_ID_LEN), 2285 EXTRACT_16BITS(header_iih_ptp->holding_time), 2286 tok2str(isis_iih_circuit_type_values, 2287 "unknown circuit type 0x%02x", 2288 header_iih_ptp->circuit_type))); 2289 2290 ND_PRINT((ndo, "\n\t circuit-id: 0x%02x, PDU length: %u", 2291 header_iih_ptp->circuit_id, 2292 pdu_len)); 2293 2294 if (ndo->ndo_vflag > 1) { 2295 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_PTP_HEADER_SIZE)) 2296 return(0); 2297 } 2298 2299 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2300 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2301 break; 2302 2303 case ISIS_PDU_L1_LSP: 2304 case ISIS_PDU_L2_LSP: 2305 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE)) { 2306 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2307 isis_header->fixed_len, (unsigned long)ISIS_LSP_HEADER_SIZE)); 2308 return (0); 2309 } 2310 2311 pdu_len=EXTRACT_16BITS(header_lsp->pdu_len); 2312 if (packet_len>pdu_len) { 2313 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2314 length=pdu_len; 2315 } 2316 2317 ND_TCHECK(*header_lsp); 2318 ND_PRINT((ndo, "\n\t lsp-id: %s, seq: 0x%08x, lifetime: %5us\n\t chksum: 0x%04x", 2319 isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), 2320 EXTRACT_32BITS(header_lsp->sequence_number), 2321 EXTRACT_16BITS(header_lsp->remaining_lifetime), 2322 EXTRACT_16BITS(header_lsp->checksum))); 2323 2324 2325 osi_print_cksum(ndo, (uint8_t *)header_lsp->lsp_id, 2326 EXTRACT_16BITS(header_lsp->checksum), 12, length-12); 2327 2328 /* 2329 * Clear checksum and lifetime prior to signature verification. 2330 */ 2331 header_lsp->checksum[0] = 0; 2332 header_lsp->checksum[1] = 0; 2333 header_lsp->remaining_lifetime[0] = 0; 2334 header_lsp->remaining_lifetime[1] = 0; 2335 2336 2337 ND_PRINT((ndo, ", PDU length: %u, Flags: [ %s", 2338 pdu_len, 2339 ISIS_MASK_LSP_OL_BIT(header_lsp->typeblock) ? "Overload bit set, " : "")); 2340 2341 if (ISIS_MASK_LSP_ATT_BITS(header_lsp->typeblock)) { 2342 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_DEFAULT_BIT(header_lsp->typeblock) ? "default " : "")); 2343 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_DELAY_BIT(header_lsp->typeblock) ? "delay " : "")); 2344 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_EXPENSE_BIT(header_lsp->typeblock) ? "expense " : "")); 2345 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_ERROR_BIT(header_lsp->typeblock) ? "error " : "")); 2346 ND_PRINT((ndo, "ATT bit set, ")); 2347 } 2348 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_PARTITION_BIT(header_lsp->typeblock) ? "P bit set, " : "")); 2349 ND_PRINT((ndo, "%s ]", tok2str(isis_lsp_istype_values, "Unknown(0x%x)", 2350 ISIS_MASK_LSP_ISTYPE_BITS(header_lsp->typeblock)))); 2351 2352 if (ndo->ndo_vflag > 1) { 2353 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_LSP_HEADER_SIZE)) 2354 return(0); 2355 } 2356 2357 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2358 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2359 break; 2360 2361 case ISIS_PDU_L1_CSNP: 2362 case ISIS_PDU_L2_CSNP: 2363 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)) { 2364 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2365 isis_header->fixed_len, (unsigned long)ISIS_CSNP_HEADER_SIZE)); 2366 return (0); 2367 } 2368 2369 pdu_len=EXTRACT_16BITS(header_csnp->pdu_len); 2370 if (packet_len>pdu_len) { 2371 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2372 length=pdu_len; 2373 } 2374 2375 ND_TCHECK(*header_csnp); 2376 ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u", 2377 isis_print_id(header_csnp->source_id, NODE_ID_LEN), 2378 pdu_len)); 2379 ND_PRINT((ndo, "\n\t start lsp-id: %s", 2380 isis_print_id(header_csnp->start_lsp_id, LSP_ID_LEN))); 2381 ND_PRINT((ndo, "\n\t end lsp-id: %s", 2382 isis_print_id(header_csnp->end_lsp_id, LSP_ID_LEN))); 2383 2384 if (ndo->ndo_vflag > 1) { 2385 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_CSNP_HEADER_SIZE)) 2386 return(0); 2387 } 2388 2389 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2390 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2391 break; 2392 2393 case ISIS_PDU_L1_PSNP: 2394 case ISIS_PDU_L2_PSNP: 2395 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)) { 2396 ND_PRINT((ndo, "- bogus fixed header length %u should be %lu", 2397 isis_header->fixed_len, (unsigned long)ISIS_PSNP_HEADER_SIZE)); 2398 return (0); 2399 } 2400 2401 pdu_len=EXTRACT_16BITS(header_psnp->pdu_len); 2402 if (packet_len>pdu_len) { 2403 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2404 length=pdu_len; 2405 } 2406 2407 ND_TCHECK(*header_psnp); 2408 ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u", 2409 isis_print_id(header_psnp->source_id, NODE_ID_LEN), 2410 pdu_len)); 2411 2412 if (ndo->ndo_vflag > 1) { 2413 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_PSNP_HEADER_SIZE)) 2414 return(0); 2415 } 2416 2417 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2418 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2419 break; 2420 2421 default: 2422 (void)print_unknown_data(ndo, pptr, "\n\t ", length); 2423 return (0); 2424 } 2425 2426 /* 2427 * Now print the TLV's. 2428 */ 2429 2430 while (packet_len >= 2) { 2431 if (pptr == ndo->ndo_snapend) { 2432 return (1); 2433 } 2434 2435 if (!ND_TTEST2(*pptr, 2)) { 2436 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot (%ld) bytes", 2437 (long)(pptr - ndo->ndo_snapend))); 2438 return (1); 2439 } 2440 tlv_type = *pptr++; 2441 tlv_len = *pptr++; 2442 tmp =tlv_len; /* copy temporary len & pointer to packet data */ 2443 tptr = pptr; 2444 packet_len -= 2; 2445 if (tlv_len > packet_len) { 2446 break; 2447 } 2448 2449 /* first lets see if we know the TLVs name*/ 2450 ND_PRINT((ndo, "\n\t %s TLV #%u, length: %u", 2451 tok2str(isis_tlv_values, 2452 "unknown", 2453 tlv_type), 2454 tlv_type, 2455 tlv_len)); 2456 2457 if (tlv_len == 0) /* something is malformed */ 2458 continue; 2459 2460 /* now check if we have a decoder otherwise do a hexdump at the end*/ 2461 switch (tlv_type) { 2462 case ISIS_TLV_AREA_ADDR: 2463 if (!ND_TTEST2(*tptr, 1)) 2464 goto trunctlv; 2465 alen = *tptr++; 2466 while (tmp && alen < tmp) { 2467 ND_PRINT((ndo, "\n\t Area address (length: %u): %s", 2468 alen, 2469 isonsap_string(tptr, alen))); 2470 tptr += alen; 2471 tmp -= alen + 1; 2472 if (tmp==0) /* if this is the last area address do not attemt a boundary check */ 2473 break; 2474 if (!ND_TTEST2(*tptr, 1)) 2475 goto trunctlv; 2476 alen = *tptr++; 2477 } 2478 break; 2479 case ISIS_TLV_ISNEIGH: 2480 while (tmp >= ETHER_ADDR_LEN) { 2481 if (!ND_TTEST2(*tptr, ETHER_ADDR_LEN)) 2482 goto trunctlv; 2483 ND_PRINT((ndo, "\n\t SNPA: %s", isis_print_id(tptr, ETHER_ADDR_LEN))); 2484 tmp -= ETHER_ADDR_LEN; 2485 tptr += ETHER_ADDR_LEN; 2486 } 2487 break; 2488 2489 case ISIS_TLV_ISNEIGH_VARLEN: 2490 if (!ND_TTEST2(*tptr, 1) || tmp < 3) /* min. TLV length */ 2491 goto trunctlv; 2492 lan_alen = *tptr++; /* LAN address length */ 2493 if (lan_alen == 0) { 2494 ND_PRINT((ndo, "\n\t LAN address length 0 bytes (invalid)")); 2495 break; 2496 } 2497 tmp --; 2498 ND_PRINT((ndo, "\n\t LAN address length %u bytes ", lan_alen)); 2499 while (tmp >= lan_alen) { 2500 if (!ND_TTEST2(*tptr, lan_alen)) 2501 goto trunctlv; 2502 ND_PRINT((ndo, "\n\t\tIS Neighbor: %s", isis_print_id(tptr, lan_alen))); 2503 tmp -= lan_alen; 2504 tptr +=lan_alen; 2505 } 2506 break; 2507 2508 case ISIS_TLV_PADDING: 2509 break; 2510 2511 case ISIS_TLV_MT_IS_REACH: 2512 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2513 if (mt_len == 0) /* did something go wrong ? */ 2514 goto trunctlv; 2515 tptr+=mt_len; 2516 tmp-=mt_len; 2517 while (tmp >= 2+NODE_ID_LEN+3+1) { 2518 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2519 if (ext_is_len == 0) /* did something go wrong ? */ 2520 goto trunctlv; 2521 2522 tmp-=ext_is_len; 2523 tptr+=ext_is_len; 2524 } 2525 break; 2526 2527 case ISIS_TLV_IS_ALIAS_ID: 2528 while (tmp >= NODE_ID_LEN+1) { /* is it worth attempting a decode ? */ 2529 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2530 if (ext_is_len == 0) /* did something go wrong ? */ 2531 goto trunctlv; 2532 tmp-=ext_is_len; 2533 tptr+=ext_is_len; 2534 } 2535 break; 2536 2537 case ISIS_TLV_EXT_IS_REACH: 2538 while (tmp >= NODE_ID_LEN+3+1) { /* is it worth attempting a decode ? */ 2539 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2540 if (ext_is_len == 0) /* did something go wrong ? */ 2541 goto trunctlv; 2542 tmp-=ext_is_len; 2543 tptr+=ext_is_len; 2544 } 2545 break; 2546 case ISIS_TLV_IS_REACH: 2547 if (!ND_TTEST2(*tptr,1)) /* check if there is one byte left to read out the virtual flag */ 2548 goto trunctlv; 2549 ND_PRINT((ndo, "\n\t %s", 2550 tok2str(isis_is_reach_virtual_values, 2551 "bogus virtual flag 0x%02x", 2552 *tptr++))); 2553 tlv_is_reach = (const struct isis_tlv_is_reach *)tptr; 2554 while (tmp >= sizeof(struct isis_tlv_is_reach)) { 2555 if (!ND_TTEST(*tlv_is_reach)) 2556 goto trunctlv; 2557 ND_PRINT((ndo, "\n\t IS Neighbor: %s", 2558 isis_print_id(tlv_is_reach->neighbor_nodeid, NODE_ID_LEN))); 2559 isis_print_metric_block(ndo, &tlv_is_reach->isis_metric_block); 2560 tmp -= sizeof(struct isis_tlv_is_reach); 2561 tlv_is_reach++; 2562 } 2563 break; 2564 2565 case ISIS_TLV_ESNEIGH: 2566 tlv_es_reach = (const struct isis_tlv_es_reach *)tptr; 2567 while (tmp >= sizeof(struct isis_tlv_es_reach)) { 2568 if (!ND_TTEST(*tlv_es_reach)) 2569 goto trunctlv; 2570 ND_PRINT((ndo, "\n\t ES Neighbor: %s", 2571 isis_print_id(tlv_es_reach->neighbor_sysid, SYSTEM_ID_LEN))); 2572 isis_print_metric_block(ndo, &tlv_es_reach->isis_metric_block); 2573 tmp -= sizeof(struct isis_tlv_es_reach); 2574 tlv_es_reach++; 2575 } 2576 break; 2577 2578 /* those two TLVs share the same format */ 2579 case ISIS_TLV_INT_IP_REACH: 2580 case ISIS_TLV_EXT_IP_REACH: 2581 if (!isis_print_tlv_ip_reach(ndo, pptr, "\n\t ", tlv_len)) 2582 return (1); 2583 break; 2584 2585 case ISIS_TLV_EXTD_IP_REACH: 2586 while (tmp>0) { 2587 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 2588 if (ext_ip_len == 0) /* did something go wrong ? */ 2589 goto trunctlv; 2590 tptr+=ext_ip_len; 2591 tmp-=ext_ip_len; 2592 } 2593 break; 2594 2595 case ISIS_TLV_MT_IP_REACH: 2596 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2597 if (mt_len == 0) { /* did something go wrong ? */ 2598 goto trunctlv; 2599 } 2600 tptr+=mt_len; 2601 tmp-=mt_len; 2602 2603 while (tmp>0) { 2604 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 2605 if (ext_ip_len == 0) /* did something go wrong ? */ 2606 goto trunctlv; 2607 tptr+=ext_ip_len; 2608 tmp-=ext_ip_len; 2609 } 2610 break; 2611 2612 #ifdef INET6 2613 case ISIS_TLV_IP6_REACH: 2614 while (tmp>0) { 2615 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 2616 if (ext_ip_len == 0) /* did something go wrong ? */ 2617 goto trunctlv; 2618 tptr+=ext_ip_len; 2619 tmp-=ext_ip_len; 2620 } 2621 break; 2622 2623 case ISIS_TLV_MT_IP6_REACH: 2624 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2625 if (mt_len == 0) { /* did something go wrong ? */ 2626 goto trunctlv; 2627 } 2628 tptr+=mt_len; 2629 tmp-=mt_len; 2630 2631 while (tmp>0) { 2632 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 2633 if (ext_ip_len == 0) /* did something go wrong ? */ 2634 goto trunctlv; 2635 tptr+=ext_ip_len; 2636 tmp-=ext_ip_len; 2637 } 2638 break; 2639 2640 case ISIS_TLV_IP6ADDR: 2641 while (tmp>=sizeof(struct in6_addr)) { 2642 if (!ND_TTEST2(*tptr, sizeof(struct in6_addr))) 2643 goto trunctlv; 2644 2645 ND_PRINT((ndo, "\n\t IPv6 interface address: %s", 2646 ip6addr_string(ndo, tptr))); 2647 2648 tptr += sizeof(struct in6_addr); 2649 tmp -= sizeof(struct in6_addr); 2650 } 2651 break; 2652 #endif 2653 case ISIS_TLV_AUTH: 2654 if (!ND_TTEST2(*tptr, 1)) 2655 goto trunctlv; 2656 2657 ND_PRINT((ndo, "\n\t %s: ", 2658 tok2str(isis_subtlv_auth_values, 2659 "unknown Authentication type 0x%02x", 2660 *tptr))); 2661 2662 switch (*tptr) { 2663 case ISIS_SUBTLV_AUTH_SIMPLE: 2664 for(i=1;i<tlv_len;i++) { 2665 if (!ND_TTEST2(*(tptr + i), 1)) 2666 goto trunctlv; 2667 ND_PRINT((ndo, "%c", *(tptr + i))); 2668 } 2669 break; 2670 case ISIS_SUBTLV_AUTH_MD5: 2671 for(i=1;i<tlv_len;i++) { 2672 if (!ND_TTEST2(*(tptr + i), 1)) 2673 goto trunctlv; 2674 ND_PRINT((ndo, "%02x", *(tptr + i))); 2675 } 2676 if (tlv_len != ISIS_SUBTLV_AUTH_MD5_LEN+1) 2677 ND_PRINT((ndo, ", (malformed subTLV) ")); 2678 2679 #ifdef HAVE_LIBCRYPTO 2680 sigcheck = signature_verify(ndo, optr, length, 2681 (unsigned char *)tptr + 1); 2682 #else 2683 sigcheck = CANT_CHECK_SIGNATURE; 2684 #endif 2685 ND_PRINT((ndo, " (%s)", tok2str(signature_check_values, "Unknown", sigcheck))); 2686 2687 break; 2688 case ISIS_SUBTLV_AUTH_GENERIC: 2689 key_id = EXTRACT_16BITS((tptr+1)); 2690 ND_PRINT((ndo, "%u, password: ", key_id)); 2691 for(i=1 + sizeof(uint16_t);i<tlv_len;i++) { 2692 if (!ND_TTEST2(*(tptr + i), 1)) 2693 goto trunctlv; 2694 ND_PRINT((ndo, "%02x", *(tptr + i))); 2695 } 2696 break; 2697 case ISIS_SUBTLV_AUTH_PRIVATE: 2698 default: 2699 if (!print_unknown_data(ndo, tptr + 1, "\n\t\t ", tlv_len - 1)) 2700 return(0); 2701 break; 2702 } 2703 break; 2704 2705 case ISIS_TLV_PTP_ADJ: 2706 tlv_ptp_adj = (const struct isis_tlv_ptp_adj *)tptr; 2707 if(tmp>=1) { 2708 if (!ND_TTEST2(*tptr, 1)) 2709 goto trunctlv; 2710 ND_PRINT((ndo, "\n\t Adjacency State: %s (%u)", 2711 tok2str(isis_ptp_adjancey_values, "unknown", *tptr), 2712 *tptr)); 2713 tmp--; 2714 } 2715 if(tmp>sizeof(tlv_ptp_adj->extd_local_circuit_id)) { 2716 if (!ND_TTEST2(tlv_ptp_adj->extd_local_circuit_id, 2717 sizeof(tlv_ptp_adj->extd_local_circuit_id))) 2718 goto trunctlv; 2719 ND_PRINT((ndo, "\n\t Extended Local circuit-ID: 0x%08x", 2720 EXTRACT_32BITS(tlv_ptp_adj->extd_local_circuit_id))); 2721 tmp-=sizeof(tlv_ptp_adj->extd_local_circuit_id); 2722 } 2723 if(tmp>=SYSTEM_ID_LEN) { 2724 if (!ND_TTEST2(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN)) 2725 goto trunctlv; 2726 ND_PRINT((ndo, "\n\t Neighbor System-ID: %s", 2727 isis_print_id(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN))); 2728 tmp-=SYSTEM_ID_LEN; 2729 } 2730 if(tmp>=sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id)) { 2731 if (!ND_TTEST2(tlv_ptp_adj->neighbor_extd_local_circuit_id, 2732 sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id))) 2733 goto trunctlv; 2734 ND_PRINT((ndo, "\n\t Neighbor Extended Local circuit-ID: 0x%08x", 2735 EXTRACT_32BITS(tlv_ptp_adj->neighbor_extd_local_circuit_id))); 2736 } 2737 break; 2738 2739 case ISIS_TLV_PROTOCOLS: 2740 ND_PRINT((ndo, "\n\t NLPID(s): ")); 2741 while (tmp>0) { 2742 if (!ND_TTEST2(*(tptr), 1)) 2743 goto trunctlv; 2744 ND_PRINT((ndo, "%s (0x%02x)", 2745 tok2str(nlpid_values, 2746 "unknown", 2747 *tptr), 2748 *tptr)); 2749 if (tmp>1) /* further NPLIDs ? - put comma */ 2750 ND_PRINT((ndo, ", ")); 2751 tptr++; 2752 tmp--; 2753 } 2754 break; 2755 2756 case ISIS_TLV_MT_PORT_CAP: 2757 { 2758 if (!ND_TTEST2(*(tptr), 2)) 2759 goto trunctlv; 2760 2761 ND_PRINT((ndo, "\n\t RES: %d, MTID(s): %d", 2762 (EXTRACT_16BITS (tptr) >> 12), 2763 (EXTRACT_16BITS (tptr) & 0x0fff))); 2764 2765 tmp = tmp-2; 2766 tptr = tptr+2; 2767 2768 if (tmp) 2769 isis_print_mt_port_cap_subtlv(ndo, tptr, tmp); 2770 2771 break; 2772 } 2773 2774 case ISIS_TLV_MT_CAPABILITY: 2775 2776 if (!ND_TTEST2(*(tptr), 2)) 2777 goto trunctlv; 2778 2779 ND_PRINT((ndo, "\n\t O: %d, RES: %d, MTID(s): %d", 2780 (EXTRACT_16BITS(tptr) >> 15) & 0x01, 2781 (EXTRACT_16BITS(tptr) >> 12) & 0x07, 2782 EXTRACT_16BITS(tptr) & 0x0fff)); 2783 2784 tmp = tmp-2; 2785 tptr = tptr+2; 2786 2787 if (tmp) 2788 isis_print_mt_capability_subtlv(ndo, tptr, tmp); 2789 2790 break; 2791 2792 case ISIS_TLV_TE_ROUTER_ID: 2793 if (!ND_TTEST2(*pptr, sizeof(struct in_addr))) 2794 goto trunctlv; 2795 ND_PRINT((ndo, "\n\t Traffic Engineering Router ID: %s", ipaddr_string(ndo, pptr))); 2796 break; 2797 2798 case ISIS_TLV_IPADDR: 2799 while (tmp>=sizeof(struct in_addr)) { 2800 if (!ND_TTEST2(*tptr, sizeof(struct in_addr))) 2801 goto trunctlv; 2802 ND_PRINT((ndo, "\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr))); 2803 tptr += sizeof(struct in_addr); 2804 tmp -= sizeof(struct in_addr); 2805 } 2806 break; 2807 2808 case ISIS_TLV_HOSTNAME: 2809 ND_PRINT((ndo, "\n\t Hostname: ")); 2810 while (tmp>0) { 2811 if (!ND_TTEST2(*tptr, 1)) 2812 goto trunctlv; 2813 ND_PRINT((ndo, "%c", *tptr++)); 2814 tmp--; 2815 } 2816 break; 2817 2818 case ISIS_TLV_SHARED_RISK_GROUP: 2819 if (tmp < NODE_ID_LEN) 2820 break; 2821 if (!ND_TTEST2(*tptr, NODE_ID_LEN)) 2822 goto trunctlv; 2823 ND_PRINT((ndo, "\n\t IS Neighbor: %s", isis_print_id(tptr, NODE_ID_LEN))); 2824 tptr+=(NODE_ID_LEN); 2825 tmp-=(NODE_ID_LEN); 2826 2827 if (tmp < 1) 2828 break; 2829 if (!ND_TTEST2(*tptr, 1)) 2830 goto trunctlv; 2831 ND_PRINT((ndo, ", Flags: [%s]", ISIS_MASK_TLV_SHARED_RISK_GROUP(*tptr++) ? "numbered" : "unnumbered")); 2832 tmp--; 2833 2834 if (tmp < sizeof(struct in_addr)) 2835 break; 2836 if (!ND_TTEST2(*tptr, sizeof(struct in_addr))) 2837 goto trunctlv; 2838 ND_PRINT((ndo, "\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr))); 2839 tptr+=sizeof(struct in_addr); 2840 tmp-=sizeof(struct in_addr); 2841 2842 if (tmp < sizeof(struct in_addr)) 2843 break; 2844 if (!ND_TTEST2(*tptr, sizeof(struct in_addr))) 2845 goto trunctlv; 2846 ND_PRINT((ndo, "\n\t IPv4 neighbor address: %s", ipaddr_string(ndo, tptr))); 2847 tptr+=sizeof(struct in_addr); 2848 tmp-=sizeof(struct in_addr); 2849 2850 while (tmp>=4) { 2851 if (!ND_TTEST2(*tptr, 4)) 2852 goto trunctlv; 2853 ND_PRINT((ndo, "\n\t Link-ID: 0x%08x", EXTRACT_32BITS(tptr))); 2854 tptr+=4; 2855 tmp-=4; 2856 } 2857 break; 2858 2859 case ISIS_TLV_LSP: 2860 tlv_lsp = (const struct isis_tlv_lsp *)tptr; 2861 while(tmp>=sizeof(struct isis_tlv_lsp)) { 2862 if (!ND_TTEST((tlv_lsp->lsp_id)[LSP_ID_LEN-1])) 2863 goto trunctlv; 2864 ND_PRINT((ndo, "\n\t lsp-id: %s", 2865 isis_print_id(tlv_lsp->lsp_id, LSP_ID_LEN))); 2866 if (!ND_TTEST2(tlv_lsp->sequence_number, 4)) 2867 goto trunctlv; 2868 ND_PRINT((ndo, ", seq: 0x%08x", EXTRACT_32BITS(tlv_lsp->sequence_number))); 2869 if (!ND_TTEST2(tlv_lsp->remaining_lifetime, 2)) 2870 goto trunctlv; 2871 ND_PRINT((ndo, ", lifetime: %5ds", EXTRACT_16BITS(tlv_lsp->remaining_lifetime))); 2872 if (!ND_TTEST2(tlv_lsp->checksum, 2)) 2873 goto trunctlv; 2874 ND_PRINT((ndo, ", chksum: 0x%04x", EXTRACT_16BITS(tlv_lsp->checksum))); 2875 tmp-=sizeof(struct isis_tlv_lsp); 2876 tlv_lsp++; 2877 } 2878 break; 2879 2880 case ISIS_TLV_CHECKSUM: 2881 if (tmp < ISIS_TLV_CHECKSUM_MINLEN) 2882 break; 2883 if (!ND_TTEST2(*tptr, ISIS_TLV_CHECKSUM_MINLEN)) 2884 goto trunctlv; 2885 ND_PRINT((ndo, "\n\t checksum: 0x%04x ", EXTRACT_16BITS(tptr))); 2886 /* do not attempt to verify the checksum if it is zero 2887 * most likely a HMAC-MD5 TLV is also present and 2888 * to avoid conflicts the checksum TLV is zeroed. 2889 * see rfc3358 for details 2890 */ 2891 osi_print_cksum(ndo, optr, EXTRACT_16BITS(tptr), tptr-optr, length); 2892 break; 2893 2894 case ISIS_TLV_MT_SUPPORTED: 2895 if (tmp < ISIS_TLV_MT_SUPPORTED_MINLEN) 2896 break; 2897 while (tmp>1) { 2898 /* length can only be a multiple of 2, otherwise there is 2899 something broken -> so decode down until length is 1 */ 2900 if (tmp!=1) { 2901 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2902 if (mt_len == 0) /* did something go wrong ? */ 2903 goto trunctlv; 2904 tptr+=mt_len; 2905 tmp-=mt_len; 2906 } else { 2907 ND_PRINT((ndo, "\n\t malformed MT-ID")); 2908 break; 2909 } 2910 } 2911 break; 2912 2913 case ISIS_TLV_RESTART_SIGNALING: 2914 /* first attempt to decode the flags */ 2915 if (tmp < ISIS_TLV_RESTART_SIGNALING_FLAGLEN) 2916 break; 2917 if (!ND_TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_FLAGLEN)) 2918 goto trunctlv; 2919 ND_PRINT((ndo, "\n\t Flags [%s]", 2920 bittok2str(isis_restart_flag_values, "none", *tptr))); 2921 tptr+=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 2922 tmp-=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 2923 2924 /* is there anything other than the flags field? */ 2925 if (tmp == 0) 2926 break; 2927 2928 if (tmp < ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN) 2929 break; 2930 if (!ND_TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN)) 2931 goto trunctlv; 2932 2933 ND_PRINT((ndo, ", Remaining holding time %us", EXTRACT_16BITS(tptr))); 2934 tptr+=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 2935 tmp-=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 2936 2937 /* is there an additional sysid field present ?*/ 2938 if (tmp == SYSTEM_ID_LEN) { 2939 if (!ND_TTEST2(*tptr, SYSTEM_ID_LEN)) 2940 goto trunctlv; 2941 ND_PRINT((ndo, ", for %s", isis_print_id(tptr,SYSTEM_ID_LEN))); 2942 } 2943 break; 2944 2945 case ISIS_TLV_IDRP_INFO: 2946 if (tmp < ISIS_TLV_IDRP_INFO_MINLEN) 2947 break; 2948 if (!ND_TTEST2(*tptr, ISIS_TLV_IDRP_INFO_MINLEN)) 2949 goto trunctlv; 2950 ND_PRINT((ndo, "\n\t Inter-Domain Information Type: %s", 2951 tok2str(isis_subtlv_idrp_values, 2952 "Unknown (0x%02x)", 2953 *tptr))); 2954 switch (*tptr++) { 2955 case ISIS_SUBTLV_IDRP_ASN: 2956 if (!ND_TTEST2(*tptr, 2)) /* fetch AS number */ 2957 goto trunctlv; 2958 ND_PRINT((ndo, "AS Number: %u", EXTRACT_16BITS(tptr))); 2959 break; 2960 case ISIS_SUBTLV_IDRP_LOCAL: 2961 case ISIS_SUBTLV_IDRP_RES: 2962 default: 2963 if (!print_unknown_data(ndo, tptr, "\n\t ", tlv_len - 1)) 2964 return(0); 2965 break; 2966 } 2967 break; 2968 2969 case ISIS_TLV_LSP_BUFFERSIZE: 2970 if (tmp < ISIS_TLV_LSP_BUFFERSIZE_MINLEN) 2971 break; 2972 if (!ND_TTEST2(*tptr, ISIS_TLV_LSP_BUFFERSIZE_MINLEN)) 2973 goto trunctlv; 2974 ND_PRINT((ndo, "\n\t LSP Buffersize: %u", EXTRACT_16BITS(tptr))); 2975 break; 2976 2977 case ISIS_TLV_PART_DIS: 2978 while (tmp >= SYSTEM_ID_LEN) { 2979 if (!ND_TTEST2(*tptr, SYSTEM_ID_LEN)) 2980 goto trunctlv; 2981 ND_PRINT((ndo, "\n\t %s", isis_print_id(tptr, SYSTEM_ID_LEN))); 2982 tptr+=SYSTEM_ID_LEN; 2983 tmp-=SYSTEM_ID_LEN; 2984 } 2985 break; 2986 2987 case ISIS_TLV_PREFIX_NEIGH: 2988 if (tmp < sizeof(struct isis_metric_block)) 2989 break; 2990 if (!ND_TTEST2(*tptr, sizeof(struct isis_metric_block))) 2991 goto trunctlv; 2992 ND_PRINT((ndo, "\n\t Metric Block")); 2993 isis_print_metric_block(ndo, (const struct isis_metric_block *)tptr); 2994 tptr+=sizeof(struct isis_metric_block); 2995 tmp-=sizeof(struct isis_metric_block); 2996 2997 while(tmp>0) { 2998 if (!ND_TTEST2(*tptr, 1)) 2999 goto trunctlv; 3000 prefix_len=*tptr++; /* read out prefix length in semioctets*/ 3001 if (prefix_len < 2) { 3002 ND_PRINT((ndo, "\n\t\tAddress: prefix length %u < 2", prefix_len)); 3003 break; 3004 } 3005 tmp--; 3006 if (tmp < prefix_len/2) 3007 break; 3008 if (!ND_TTEST2(*tptr, prefix_len / 2)) 3009 goto trunctlv; 3010 ND_PRINT((ndo, "\n\t\tAddress: %s/%u", 3011 isonsap_string(tptr, prefix_len / 2), prefix_len * 4)); 3012 tptr+=prefix_len/2; 3013 tmp-=prefix_len/2; 3014 } 3015 break; 3016 3017 case ISIS_TLV_IIH_SEQNR: 3018 if (tmp < ISIS_TLV_IIH_SEQNR_MINLEN) 3019 break; 3020 if (!ND_TTEST2(*tptr, ISIS_TLV_IIH_SEQNR_MINLEN)) /* check if four bytes are on the wire */ 3021 goto trunctlv; 3022 ND_PRINT((ndo, "\n\t Sequence number: %u", EXTRACT_32BITS(tptr))); 3023 break; 3024 3025 case ISIS_TLV_VENDOR_PRIVATE: 3026 if (tmp < ISIS_TLV_VENDOR_PRIVATE_MINLEN) 3027 break; 3028 if (!ND_TTEST2(*tptr, ISIS_TLV_VENDOR_PRIVATE_MINLEN)) /* check if enough byte for a full oui */ 3029 goto trunctlv; 3030 vendor_id = EXTRACT_24BITS(tptr); 3031 ND_PRINT((ndo, "\n\t Vendor: %s (%u)", 3032 tok2str(oui_values, "Unknown", vendor_id), 3033 vendor_id)); 3034 tptr+=3; 3035 tmp-=3; 3036 if (tmp > 0) /* hexdump the rest */ 3037 if (!print_unknown_data(ndo, tptr, "\n\t\t", tmp)) 3038 return(0); 3039 break; 3040 /* 3041 * FIXME those are the defined TLVs that lack a decoder 3042 * you are welcome to contribute code ;-) 3043 */ 3044 3045 case ISIS_TLV_DECNET_PHASE4: 3046 case ISIS_TLV_LUCENT_PRIVATE: 3047 case ISIS_TLV_IPAUTH: 3048 case ISIS_TLV_NORTEL_PRIVATE1: 3049 case ISIS_TLV_NORTEL_PRIVATE2: 3050 3051 default: 3052 if (ndo->ndo_vflag <= 1) { 3053 if (!print_unknown_data(ndo, pptr, "\n\t\t", tlv_len)) 3054 return(0); 3055 } 3056 break; 3057 } 3058 /* do we want to see an additionally hexdump ? */ 3059 if (ndo->ndo_vflag> 1) { 3060 if (!print_unknown_data(ndo, pptr, "\n\t ", tlv_len)) 3061 return(0); 3062 } 3063 3064 pptr += tlv_len; 3065 packet_len -= tlv_len; 3066 } 3067 3068 if (packet_len != 0) { 3069 ND_PRINT((ndo, "\n\t %u straggler bytes", packet_len)); 3070 } 3071 return (1); 3072 3073 trunc: 3074 ND_PRINT((ndo, "[|isis]")); 3075 return (1); 3076 3077 trunctlv: 3078 ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); 3079 return(1); 3080 } 3081 3082 static void 3083 osi_print_cksum(netdissect_options *ndo, 3084 const uint8_t *pptr, uint16_t checksum, 3085 u_int checksum_offset, u_int length) 3086 { 3087 uint16_t calculated_checksum; 3088 3089 /* do not attempt to verify the checksum if it is zero, 3090 * if the total length is nonsense, 3091 * if the offset is nonsense, 3092 * or the base pointer is not sane 3093 */ 3094 if (!checksum 3095 || length > ndo->ndo_snaplen 3096 || checksum_offset > ndo->ndo_snaplen 3097 || checksum_offset > length) { 3098 ND_PRINT((ndo, "(unverified)")); 3099 } else { 3100 const char *truncated = "trunc"; 3101 //printf("\nosi_print_cksum: %p %u %u %u\n", pptr, checksum_offset, length, ndo->ndo_snaplen); 3102 //ND_TCHECK2(pptr, checksum_offset+length); 3103 calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); 3104 if (checksum == calculated_checksum) { 3105 ND_PRINT((ndo, " (correct)")); 3106 } else { 3107 truncated = "incorrect"; 3108 //trunc: 3109 ND_PRINT((ndo, " (%s should be 0x%04x)", truncated, calculated_checksum)); 3110 } 3111 } 3112 } 3113 3114 /* 3115 * Local Variables: 3116 * c-style: whitesmith 3117 * c-basic-offset: 8 3118 * End: 3119 */ 3120