1 /* 2 * Copyright (c) 1992, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * Original code by Matt Thomas, Digital Equipment Corporation 22 * 23 * Extensively modified by Hannes Gredler (hannes@juniper.net) for more 24 * complete IS-IS & CLNP support. 25 */ 26 27 #include <sys/cdefs.h> 28 #ifndef lint 29 __RCSID("$NetBSD: print-isoclns.c,v 1.8 2017/02/05 04:05:05 spz Exp $"); 30 #endif 31 32 /* \summary: ISO CLNS, ESIS, and ISIS printer */ 33 34 #ifdef HAVE_CONFIG_H 35 #include "config.h" 36 #endif 37 38 #include <netdissect-stdinc.h> 39 40 #include <string.h> 41 42 #include "netdissect.h" 43 #include "addrtoname.h" 44 #include "ether.h" 45 #include "nlpid.h" 46 #include "extract.h" 47 #include "gmpls.h" 48 #include "oui.h" 49 #include "signature.h" 50 51 static const char tstr[] = " [|isis]"; 52 53 /* 54 * IS-IS is defined in ISO 10589. Look there for protocol definitions. 55 */ 56 57 #define SYSTEM_ID_LEN ETHER_ADDR_LEN 58 #define NODE_ID_LEN SYSTEM_ID_LEN+1 59 #define LSP_ID_LEN SYSTEM_ID_LEN+2 60 61 #define ISIS_VERSION 1 62 #define ESIS_VERSION 1 63 #define CLNP_VERSION 1 64 65 #define ISIS_PDU_TYPE_MASK 0x1F 66 #define ESIS_PDU_TYPE_MASK 0x1F 67 #define CLNP_PDU_TYPE_MASK 0x1F 68 #define CLNP_FLAG_MASK 0xE0 69 #define ISIS_LAN_PRIORITY_MASK 0x7F 70 71 #define ISIS_PDU_L1_LAN_IIH 15 72 #define ISIS_PDU_L2_LAN_IIH 16 73 #define ISIS_PDU_PTP_IIH 17 74 #define ISIS_PDU_L1_LSP 18 75 #define ISIS_PDU_L2_LSP 20 76 #define ISIS_PDU_L1_CSNP 24 77 #define ISIS_PDU_L2_CSNP 25 78 #define ISIS_PDU_L1_PSNP 26 79 #define ISIS_PDU_L2_PSNP 27 80 81 static const struct tok isis_pdu_values[] = { 82 { ISIS_PDU_L1_LAN_IIH, "L1 Lan IIH"}, 83 { ISIS_PDU_L2_LAN_IIH, "L2 Lan IIH"}, 84 { ISIS_PDU_PTP_IIH, "p2p IIH"}, 85 { ISIS_PDU_L1_LSP, "L1 LSP"}, 86 { ISIS_PDU_L2_LSP, "L2 LSP"}, 87 { ISIS_PDU_L1_CSNP, "L1 CSNP"}, 88 { ISIS_PDU_L2_CSNP, "L2 CSNP"}, 89 { ISIS_PDU_L1_PSNP, "L1 PSNP"}, 90 { ISIS_PDU_L2_PSNP, "L2 PSNP"}, 91 { 0, NULL} 92 }; 93 94 /* 95 * A TLV is a tuple of a type, length and a value and is normally used for 96 * encoding information in all sorts of places. This is an enumeration of 97 * the well known types. 98 * 99 * list taken from rfc3359 plus some memory from veterans ;-) 100 */ 101 102 #define ISIS_TLV_AREA_ADDR 1 /* iso10589 */ 103 #define ISIS_TLV_IS_REACH 2 /* iso10589 */ 104 #define ISIS_TLV_ESNEIGH 3 /* iso10589 */ 105 #define ISIS_TLV_PART_DIS 4 /* iso10589 */ 106 #define ISIS_TLV_PREFIX_NEIGH 5 /* iso10589 */ 107 #define ISIS_TLV_ISNEIGH 6 /* iso10589 */ 108 #define ISIS_TLV_ISNEIGH_VARLEN 7 /* iso10589 */ 109 #define ISIS_TLV_PADDING 8 /* iso10589 */ 110 #define ISIS_TLV_LSP 9 /* iso10589 */ 111 #define ISIS_TLV_AUTH 10 /* iso10589, rfc3567 */ 112 #define ISIS_TLV_CHECKSUM 12 /* rfc3358 */ 113 #define ISIS_TLV_CHECKSUM_MINLEN 2 114 #define ISIS_TLV_POI 13 /* rfc6232 */ 115 #define ISIS_TLV_LSP_BUFFERSIZE 14 /* iso10589 rev2 */ 116 #define ISIS_TLV_LSP_BUFFERSIZE_MINLEN 2 117 #define ISIS_TLV_EXT_IS_REACH 22 /* draft-ietf-isis-traffic-05 */ 118 #define ISIS_TLV_IS_ALIAS_ID 24 /* draft-ietf-isis-ext-lsp-frags-02 */ 119 #define ISIS_TLV_DECNET_PHASE4 42 120 #define ISIS_TLV_LUCENT_PRIVATE 66 121 #define ISIS_TLV_INT_IP_REACH 128 /* rfc1195, rfc2966 */ 122 #define ISIS_TLV_PROTOCOLS 129 /* rfc1195 */ 123 #define ISIS_TLV_EXT_IP_REACH 130 /* rfc1195, rfc2966 */ 124 #define ISIS_TLV_IDRP_INFO 131 /* rfc1195 */ 125 #define ISIS_TLV_IDRP_INFO_MINLEN 1 126 #define ISIS_TLV_IPADDR 132 /* rfc1195 */ 127 #define ISIS_TLV_IPAUTH 133 /* rfc1195 */ 128 #define ISIS_TLV_TE_ROUTER_ID 134 /* draft-ietf-isis-traffic-05 */ 129 #define ISIS_TLV_EXTD_IP_REACH 135 /* draft-ietf-isis-traffic-05 */ 130 #define ISIS_TLV_HOSTNAME 137 /* rfc2763 */ 131 #define ISIS_TLV_SHARED_RISK_GROUP 138 /* draft-ietf-isis-gmpls-extensions */ 132 #define ISIS_TLV_MT_PORT_CAP 143 /* rfc6165 */ 133 #define ISIS_TLV_MT_CAPABILITY 144 /* rfc6329 */ 134 #define ISIS_TLV_NORTEL_PRIVATE1 176 135 #define ISIS_TLV_NORTEL_PRIVATE2 177 136 #define ISIS_TLV_RESTART_SIGNALING 211 /* rfc3847 */ 137 #define ISIS_TLV_RESTART_SIGNALING_FLAGLEN 1 138 #define ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN 2 139 #define ISIS_TLV_MT_IS_REACH 222 /* draft-ietf-isis-wg-multi-topology-05 */ 140 #define ISIS_TLV_MT_SUPPORTED 229 /* draft-ietf-isis-wg-multi-topology-05 */ 141 #define ISIS_TLV_MT_SUPPORTED_MINLEN 2 142 #define ISIS_TLV_IP6ADDR 232 /* draft-ietf-isis-ipv6-02 */ 143 #define ISIS_TLV_MT_IP_REACH 235 /* draft-ietf-isis-wg-multi-topology-05 */ 144 #define ISIS_TLV_IP6_REACH 236 /* draft-ietf-isis-ipv6-02 */ 145 #define ISIS_TLV_MT_IP6_REACH 237 /* draft-ietf-isis-wg-multi-topology-05 */ 146 #define ISIS_TLV_PTP_ADJ 240 /* rfc3373 */ 147 #define ISIS_TLV_IIH_SEQNR 241 /* draft-shen-isis-iih-sequence-00 */ 148 #define ISIS_TLV_IIH_SEQNR_MINLEN 4 149 #define ISIS_TLV_VENDOR_PRIVATE 250 /* draft-ietf-isis-experimental-tlv-01 */ 150 #define ISIS_TLV_VENDOR_PRIVATE_MINLEN 3 151 152 static const struct tok isis_tlv_values[] = { 153 { ISIS_TLV_AREA_ADDR, "Area address(es)"}, 154 { ISIS_TLV_IS_REACH, "IS Reachability"}, 155 { ISIS_TLV_ESNEIGH, "ES Neighbor(s)"}, 156 { ISIS_TLV_PART_DIS, "Partition DIS"}, 157 { ISIS_TLV_PREFIX_NEIGH, "Prefix Neighbors"}, 158 { ISIS_TLV_ISNEIGH, "IS Neighbor(s)"}, 159 { ISIS_TLV_ISNEIGH_VARLEN, "IS Neighbor(s) (variable length)"}, 160 { ISIS_TLV_PADDING, "Padding"}, 161 { ISIS_TLV_LSP, "LSP entries"}, 162 { ISIS_TLV_AUTH, "Authentication"}, 163 { ISIS_TLV_CHECKSUM, "Checksum"}, 164 { ISIS_TLV_POI, "Purge Originator Identifier"}, 165 { ISIS_TLV_LSP_BUFFERSIZE, "LSP Buffersize"}, 166 { ISIS_TLV_EXT_IS_REACH, "Extended IS Reachability"}, 167 { ISIS_TLV_IS_ALIAS_ID, "IS Alias ID"}, 168 { ISIS_TLV_DECNET_PHASE4, "DECnet Phase IV"}, 169 { ISIS_TLV_LUCENT_PRIVATE, "Lucent Proprietary"}, 170 { ISIS_TLV_INT_IP_REACH, "IPv4 Internal Reachability"}, 171 { ISIS_TLV_PROTOCOLS, "Protocols supported"}, 172 { ISIS_TLV_EXT_IP_REACH, "IPv4 External Reachability"}, 173 { ISIS_TLV_IDRP_INFO, "Inter-Domain Information Type"}, 174 { ISIS_TLV_IPADDR, "IPv4 Interface address(es)"}, 175 { ISIS_TLV_IPAUTH, "IPv4 authentication (deprecated)"}, 176 { ISIS_TLV_TE_ROUTER_ID, "Traffic Engineering Router ID"}, 177 { ISIS_TLV_EXTD_IP_REACH, "Extended IPv4 Reachability"}, 178 { ISIS_TLV_SHARED_RISK_GROUP, "Shared Risk Link Group"}, 179 { ISIS_TLV_MT_PORT_CAP, "Multi-Topology-Aware Port Capability"}, 180 { ISIS_TLV_MT_CAPABILITY, "Multi-Topology Capability"}, 181 { ISIS_TLV_NORTEL_PRIVATE1, "Nortel Proprietary"}, 182 { ISIS_TLV_NORTEL_PRIVATE2, "Nortel Proprietary"}, 183 { ISIS_TLV_HOSTNAME, "Hostname"}, 184 { ISIS_TLV_RESTART_SIGNALING, "Restart Signaling"}, 185 { ISIS_TLV_MT_IS_REACH, "Multi Topology IS Reachability"}, 186 { ISIS_TLV_MT_SUPPORTED, "Multi Topology"}, 187 { ISIS_TLV_IP6ADDR, "IPv6 Interface address(es)"}, 188 { ISIS_TLV_MT_IP_REACH, "Multi-Topology IPv4 Reachability"}, 189 { ISIS_TLV_IP6_REACH, "IPv6 reachability"}, 190 { ISIS_TLV_MT_IP6_REACH, "Multi-Topology IP6 Reachability"}, 191 { ISIS_TLV_PTP_ADJ, "Point-to-point Adjacency State"}, 192 { ISIS_TLV_IIH_SEQNR, "Hello PDU Sequence Number"}, 193 { ISIS_TLV_VENDOR_PRIVATE, "Vendor Private"}, 194 { 0, NULL } 195 }; 196 197 #define ESIS_OPTION_PROTOCOLS 129 198 #define ESIS_OPTION_QOS_MAINTENANCE 195 /* iso9542 */ 199 #define ESIS_OPTION_SECURITY 197 /* iso9542 */ 200 #define ESIS_OPTION_ES_CONF_TIME 198 /* iso9542 */ 201 #define ESIS_OPTION_PRIORITY 205 /* iso9542 */ 202 #define ESIS_OPTION_ADDRESS_MASK 225 /* iso9542 */ 203 #define ESIS_OPTION_SNPA_MASK 226 /* iso9542 */ 204 205 static const struct tok esis_option_values[] = { 206 { ESIS_OPTION_PROTOCOLS, "Protocols supported"}, 207 { ESIS_OPTION_QOS_MAINTENANCE, "QoS Maintenance" }, 208 { ESIS_OPTION_SECURITY, "Security" }, 209 { ESIS_OPTION_ES_CONF_TIME, "ES Configuration Time" }, 210 { ESIS_OPTION_PRIORITY, "Priority" }, 211 { ESIS_OPTION_ADDRESS_MASK, "Addressk Mask" }, 212 { ESIS_OPTION_SNPA_MASK, "SNPA Mask" }, 213 { 0, NULL } 214 }; 215 216 #define CLNP_OPTION_DISCARD_REASON 193 217 #define CLNP_OPTION_QOS_MAINTENANCE 195 /* iso8473 */ 218 #define CLNP_OPTION_SECURITY 197 /* iso8473 */ 219 #define CLNP_OPTION_SOURCE_ROUTING 200 /* iso8473 */ 220 #define CLNP_OPTION_ROUTE_RECORDING 203 /* iso8473 */ 221 #define CLNP_OPTION_PADDING 204 /* iso8473 */ 222 #define CLNP_OPTION_PRIORITY 205 /* iso8473 */ 223 224 static const struct tok clnp_option_values[] = { 225 { CLNP_OPTION_DISCARD_REASON, "Discard Reason"}, 226 { CLNP_OPTION_PRIORITY, "Priority"}, 227 { CLNP_OPTION_QOS_MAINTENANCE, "QoS Maintenance"}, 228 { CLNP_OPTION_SECURITY, "Security"}, 229 { CLNP_OPTION_SOURCE_ROUTING, "Source Routing"}, 230 { CLNP_OPTION_ROUTE_RECORDING, "Route Recording"}, 231 { CLNP_OPTION_PADDING, "Padding"}, 232 { 0, NULL } 233 }; 234 235 static const struct tok clnp_option_rfd_class_values[] = { 236 { 0x0, "General"}, 237 { 0x8, "Address"}, 238 { 0x9, "Source Routeing"}, 239 { 0xa, "Lifetime"}, 240 { 0xb, "PDU Discarded"}, 241 { 0xc, "Reassembly"}, 242 { 0, NULL } 243 }; 244 245 static const struct tok clnp_option_rfd_general_values[] = { 246 { 0x0, "Reason not specified"}, 247 { 0x1, "Protocol procedure error"}, 248 { 0x2, "Incorrect checksum"}, 249 { 0x3, "PDU discarded due to congestion"}, 250 { 0x4, "Header syntax error (cannot be parsed)"}, 251 { 0x5, "Segmentation needed but not permitted"}, 252 { 0x6, "Incomplete PDU received"}, 253 { 0x7, "Duplicate option"}, 254 { 0, NULL } 255 }; 256 257 static const struct tok clnp_option_rfd_address_values[] = { 258 { 0x0, "Destination address unreachable"}, 259 { 0x1, "Destination address unknown"}, 260 { 0, NULL } 261 }; 262 263 static const struct tok clnp_option_rfd_source_routeing_values[] = { 264 { 0x0, "Unspecified source routeing error"}, 265 { 0x1, "Syntax error in source routeing field"}, 266 { 0x2, "Unknown address in source routeing field"}, 267 { 0x3, "Path not acceptable"}, 268 { 0, NULL } 269 }; 270 271 static const struct tok clnp_option_rfd_lifetime_values[] = { 272 { 0x0, "Lifetime expired while data unit in transit"}, 273 { 0x1, "Lifetime expired during reassembly"}, 274 { 0, NULL } 275 }; 276 277 static const struct tok clnp_option_rfd_pdu_discard_values[] = { 278 { 0x0, "Unsupported option not specified"}, 279 { 0x1, "Unsupported protocol version"}, 280 { 0x2, "Unsupported security option"}, 281 { 0x3, "Unsupported source routeing option"}, 282 { 0x4, "Unsupported recording of route option"}, 283 { 0, NULL } 284 }; 285 286 static const struct tok clnp_option_rfd_reassembly_values[] = { 287 { 0x0, "Reassembly interference"}, 288 { 0, NULL } 289 }; 290 291 /* array of 16 error-classes */ 292 static const struct tok *clnp_option_rfd_error_class[] = { 293 clnp_option_rfd_general_values, 294 NULL, 295 NULL, 296 NULL, 297 NULL, 298 NULL, 299 NULL, 300 NULL, 301 clnp_option_rfd_address_values, 302 clnp_option_rfd_source_routeing_values, 303 clnp_option_rfd_lifetime_values, 304 clnp_option_rfd_pdu_discard_values, 305 clnp_option_rfd_reassembly_values, 306 NULL, 307 NULL, 308 NULL 309 }; 310 311 #define CLNP_OPTION_OPTION_QOS_MASK 0x3f 312 #define CLNP_OPTION_SCOPE_MASK 0xc0 313 #define CLNP_OPTION_SCOPE_SA_SPEC 0x40 314 #define CLNP_OPTION_SCOPE_DA_SPEC 0x80 315 #define CLNP_OPTION_SCOPE_GLOBAL 0xc0 316 317 static const struct tok clnp_option_scope_values[] = { 318 { CLNP_OPTION_SCOPE_SA_SPEC, "Source Address Specific"}, 319 { CLNP_OPTION_SCOPE_DA_SPEC, "Destination Address Specific"}, 320 { CLNP_OPTION_SCOPE_GLOBAL, "Globally unique"}, 321 { 0, NULL } 322 }; 323 324 static const struct tok clnp_option_sr_rr_values[] = { 325 { 0x0, "partial"}, 326 { 0x1, "complete"}, 327 { 0, NULL } 328 }; 329 330 static const struct tok clnp_option_sr_rr_string_values[] = { 331 { CLNP_OPTION_SOURCE_ROUTING, "source routing"}, 332 { CLNP_OPTION_ROUTE_RECORDING, "recording of route in progress"}, 333 { 0, NULL } 334 }; 335 336 static const struct tok clnp_option_qos_global_values[] = { 337 { 0x20, "reserved"}, 338 { 0x10, "sequencing vs. delay"}, 339 { 0x08, "congested"}, 340 { 0x04, "delay vs. cost"}, 341 { 0x02, "error vs. delay"}, 342 { 0x01, "error vs. cost"}, 343 { 0, NULL } 344 }; 345 346 #define ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP 3 /* draft-ietf-isis-traffic-05 */ 347 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID 4 /* rfc4205 */ 348 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID 5 /* draft-ietf-isis-traffic-05 */ 349 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR 6 /* draft-ietf-isis-traffic-05 */ 350 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR 8 /* draft-ietf-isis-traffic-05 */ 351 #define ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW 9 /* draft-ietf-isis-traffic-05 */ 352 #define ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW 10 /* draft-ietf-isis-traffic-05 */ 353 #define ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW 11 /* rfc4124 */ 354 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD 12 /* draft-ietf-tewg-diff-te-proto-06 */ 355 #define ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC 18 /* draft-ietf-isis-traffic-05 */ 356 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE 19 /* draft-ietf-isis-link-attr-01 */ 357 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE 20 /* rfc4205 */ 358 #define ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR 21 /* rfc4205 */ 359 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS 22 /* rfc4124 */ 360 361 #define ISIS_SUBTLV_SPB_METRIC 29 /* rfc6329 */ 362 363 static const struct tok isis_ext_is_reach_subtlv_values[] = { 364 { ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP, "Administrative groups" }, 365 { ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID, "Link Local/Remote Identifier" }, 366 { ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID, "Link Remote Identifier" }, 367 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR, "IPv4 interface address" }, 368 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR, "IPv4 neighbor address" }, 369 { ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW, "Maximum link bandwidth" }, 370 { ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW, "Reservable link bandwidth" }, 371 { ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW, "Unreserved bandwidth" }, 372 { ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC, "Traffic Engineering Metric" }, 373 { ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE, "Link Attribute" }, 374 { ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE, "Link Protection Type" }, 375 { ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR, "Interface Switching Capability" }, 376 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD, "Bandwidth Constraints (old)" }, 377 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS, "Bandwidth Constraints" }, 378 { ISIS_SUBTLV_SPB_METRIC, "SPB Metric" }, 379 { 250, "Reserved for cisco specific extensions" }, 380 { 251, "Reserved for cisco specific extensions" }, 381 { 252, "Reserved for cisco specific extensions" }, 382 { 253, "Reserved for cisco specific extensions" }, 383 { 254, "Reserved for cisco specific extensions" }, 384 { 255, "Reserved for future expansion" }, 385 { 0, NULL } 386 }; 387 388 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32 1 /* draft-ietf-isis-admin-tags-01 */ 389 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64 2 /* draft-ietf-isis-admin-tags-01 */ 390 #define ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR 117 /* draft-ietf-isis-wg-multi-topology-05 */ 391 392 static const struct tok isis_ext_ip_reach_subtlv_values[] = { 393 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32, "32-Bit Administrative tag" }, 394 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64, "64-Bit Administrative tag" }, 395 { ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR, "Management Prefix Color" }, 396 { 0, NULL } 397 }; 398 399 static const struct tok isis_subtlv_link_attribute_values[] = { 400 { 0x01, "Local Protection Available" }, 401 { 0x02, "Link excluded from local protection path" }, 402 { 0x04, "Local maintenance required"}, 403 { 0, NULL } 404 }; 405 406 #define ISIS_SUBTLV_AUTH_SIMPLE 1 407 #define ISIS_SUBTLV_AUTH_GENERIC 3 /* rfc 5310 */ 408 #define ISIS_SUBTLV_AUTH_MD5 54 409 #define ISIS_SUBTLV_AUTH_MD5_LEN 16 410 #define ISIS_SUBTLV_AUTH_PRIVATE 255 411 412 static const struct tok isis_subtlv_auth_values[] = { 413 { ISIS_SUBTLV_AUTH_SIMPLE, "simple text password"}, 414 { ISIS_SUBTLV_AUTH_GENERIC, "Generic Crypto key-id"}, 415 { ISIS_SUBTLV_AUTH_MD5, "HMAC-MD5 password"}, 416 { ISIS_SUBTLV_AUTH_PRIVATE, "Routing Domain private password"}, 417 { 0, NULL } 418 }; 419 420 #define ISIS_SUBTLV_IDRP_RES 0 421 #define ISIS_SUBTLV_IDRP_LOCAL 1 422 #define ISIS_SUBTLV_IDRP_ASN 2 423 424 static const struct tok isis_subtlv_idrp_values[] = { 425 { ISIS_SUBTLV_IDRP_RES, "Reserved"}, 426 { ISIS_SUBTLV_IDRP_LOCAL, "Routing-Domain Specific"}, 427 { ISIS_SUBTLV_IDRP_ASN, "AS Number Tag"}, 428 { 0, NULL} 429 }; 430 431 #define ISIS_SUBTLV_SPB_MCID 4 432 #define ISIS_SUBTLV_SPB_DIGEST 5 433 #define ISIS_SUBTLV_SPB_BVID 6 434 435 #define ISIS_SUBTLV_SPB_INSTANCE 1 436 #define ISIS_SUBTLV_SPBM_SI 3 437 438 #define ISIS_SPB_MCID_LEN 51 439 #define ISIS_SUBTLV_SPB_MCID_MIN_LEN 102 440 #define ISIS_SUBTLV_SPB_DIGEST_MIN_LEN 33 441 #define ISIS_SUBTLV_SPB_BVID_MIN_LEN 6 442 #define ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN 19 443 #define ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN 8 444 445 static const struct tok isis_mt_port_cap_subtlv_values[] = { 446 { ISIS_SUBTLV_SPB_MCID, "SPB MCID" }, 447 { ISIS_SUBTLV_SPB_DIGEST, "SPB Digest" }, 448 { ISIS_SUBTLV_SPB_BVID, "SPB BVID" }, 449 { 0, NULL } 450 }; 451 452 static const struct tok isis_mt_capability_subtlv_values[] = { 453 { ISIS_SUBTLV_SPB_INSTANCE, "SPB Instance" }, 454 { ISIS_SUBTLV_SPBM_SI, "SPBM Service Identifier and Unicast Address" }, 455 { 0, NULL } 456 }; 457 458 struct isis_spb_mcid { 459 uint8_t format_id; 460 uint8_t name[32]; 461 uint8_t revision_lvl[2]; 462 uint8_t digest[16]; 463 }; 464 465 struct isis_subtlv_spb_mcid { 466 struct isis_spb_mcid mcid; 467 struct isis_spb_mcid aux_mcid; 468 }; 469 470 struct isis_subtlv_spb_instance { 471 uint8_t cist_root_id[8]; 472 uint8_t cist_external_root_path_cost[4]; 473 uint8_t bridge_priority[2]; 474 uint8_t spsourceid[4]; 475 uint8_t no_of_trees; 476 }; 477 478 #define CLNP_SEGMENT_PART 0x80 479 #define CLNP_MORE_SEGMENTS 0x40 480 #define CLNP_REQUEST_ER 0x20 481 482 static const struct tok clnp_flag_values[] = { 483 { CLNP_SEGMENT_PART, "Segmentation permitted"}, 484 { CLNP_MORE_SEGMENTS, "more Segments"}, 485 { CLNP_REQUEST_ER, "request Error Report"}, 486 { 0, NULL} 487 }; 488 489 #define ISIS_MASK_LSP_OL_BIT(x) ((x)&0x4) 490 #define ISIS_MASK_LSP_ISTYPE_BITS(x) ((x)&0x3) 491 #define ISIS_MASK_LSP_PARTITION_BIT(x) ((x)&0x80) 492 #define ISIS_MASK_LSP_ATT_BITS(x) ((x)&0x78) 493 #define ISIS_MASK_LSP_ATT_ERROR_BIT(x) ((x)&0x40) 494 #define ISIS_MASK_LSP_ATT_EXPENSE_BIT(x) ((x)&0x20) 495 #define ISIS_MASK_LSP_ATT_DELAY_BIT(x) ((x)&0x10) 496 #define ISIS_MASK_LSP_ATT_DEFAULT_BIT(x) ((x)&0x8) 497 498 #define ISIS_MASK_MTID(x) ((x)&0x0fff) 499 #define ISIS_MASK_MTFLAGS(x) ((x)&0xf000) 500 501 static const struct tok isis_mt_flag_values[] = { 502 { 0x4000, "ATT bit set"}, 503 { 0x8000, "Overload bit set"}, 504 { 0, NULL} 505 }; 506 507 #define ISIS_MASK_TLV_EXTD_IP_UPDOWN(x) ((x)&0x80) 508 #define ISIS_MASK_TLV_EXTD_IP_SUBTLV(x) ((x)&0x40) 509 510 #define ISIS_MASK_TLV_EXTD_IP6_IE(x) ((x)&0x40) 511 #define ISIS_MASK_TLV_EXTD_IP6_SUBTLV(x) ((x)&0x20) 512 513 #define ISIS_LSP_TLV_METRIC_SUPPORTED(x) ((x)&0x80) 514 #define ISIS_LSP_TLV_METRIC_IE(x) ((x)&0x40) 515 #define ISIS_LSP_TLV_METRIC_UPDOWN(x) ((x)&0x80) 516 #define ISIS_LSP_TLV_METRIC_VALUE(x) ((x)&0x3f) 517 518 #define ISIS_MASK_TLV_SHARED_RISK_GROUP(x) ((x)&0x1) 519 520 static const struct tok isis_mt_values[] = { 521 { 0, "IPv4 unicast"}, 522 { 1, "In-Band Management"}, 523 { 2, "IPv6 unicast"}, 524 { 3, "Multicast"}, 525 { 4095, "Development, Experimental or Proprietary"}, 526 { 0, NULL } 527 }; 528 529 static const struct tok isis_iih_circuit_type_values[] = { 530 { 1, "Level 1 only"}, 531 { 2, "Level 2 only"}, 532 { 3, "Level 1, Level 2"}, 533 { 0, NULL} 534 }; 535 536 #define ISIS_LSP_TYPE_UNUSED0 0 537 #define ISIS_LSP_TYPE_LEVEL_1 1 538 #define ISIS_LSP_TYPE_UNUSED2 2 539 #define ISIS_LSP_TYPE_LEVEL_2 3 540 541 static const struct tok isis_lsp_istype_values[] = { 542 { ISIS_LSP_TYPE_UNUSED0, "Unused 0x0 (invalid)"}, 543 { ISIS_LSP_TYPE_LEVEL_1, "L1 IS"}, 544 { ISIS_LSP_TYPE_UNUSED2, "Unused 0x2 (invalid)"}, 545 { ISIS_LSP_TYPE_LEVEL_2, "L2 IS"}, 546 { 0, NULL } 547 }; 548 549 /* 550 * Katz's point to point adjacency TLV uses codes to tell us the state of 551 * the remote adjacency. Enumerate them. 552 */ 553 554 #define ISIS_PTP_ADJ_UP 0 555 #define ISIS_PTP_ADJ_INIT 1 556 #define ISIS_PTP_ADJ_DOWN 2 557 558 static const struct tok isis_ptp_adjancey_values[] = { 559 { ISIS_PTP_ADJ_UP, "Up" }, 560 { ISIS_PTP_ADJ_INIT, "Initializing" }, 561 { ISIS_PTP_ADJ_DOWN, "Down" }, 562 { 0, NULL} 563 }; 564 565 struct isis_tlv_ptp_adj { 566 uint8_t adjacency_state; 567 uint8_t extd_local_circuit_id[4]; 568 uint8_t neighbor_sysid[SYSTEM_ID_LEN]; 569 uint8_t neighbor_extd_local_circuit_id[4]; 570 }; 571 572 static int osi_print_cksum(netdissect_options *, const uint8_t *pptr, 573 uint16_t checksum, int checksum_offset, int length); 574 static int clnp_print(netdissect_options *, const uint8_t *, u_int); 575 static void esis_print(netdissect_options *, const uint8_t *, u_int); 576 static int isis_print(netdissect_options *, const uint8_t *, u_int); 577 578 struct isis_metric_block { 579 uint8_t metric_default; 580 uint8_t metric_delay; 581 uint8_t metric_expense; 582 uint8_t metric_error; 583 }; 584 585 struct isis_tlv_is_reach { 586 struct isis_metric_block isis_metric_block; 587 uint8_t neighbor_nodeid[NODE_ID_LEN]; 588 }; 589 590 struct isis_tlv_es_reach { 591 struct isis_metric_block isis_metric_block; 592 uint8_t neighbor_sysid[SYSTEM_ID_LEN]; 593 }; 594 595 struct isis_tlv_ip_reach { 596 struct isis_metric_block isis_metric_block; 597 uint8_t prefix[4]; 598 uint8_t mask[4]; 599 }; 600 601 static const struct tok isis_is_reach_virtual_values[] = { 602 { 0, "IsNotVirtual"}, 603 { 1, "IsVirtual"}, 604 { 0, NULL } 605 }; 606 607 static const struct tok isis_restart_flag_values[] = { 608 { 0x1, "Restart Request"}, 609 { 0x2, "Restart Acknowledgement"}, 610 { 0x4, "Suppress adjacency advertisement"}, 611 { 0, NULL } 612 }; 613 614 struct isis_common_header { 615 uint8_t nlpid; 616 uint8_t fixed_len; 617 uint8_t version; /* Protocol version */ 618 uint8_t id_length; 619 uint8_t pdu_type; /* 3 MSbits are reserved */ 620 uint8_t pdu_version; /* Packet format version */ 621 uint8_t reserved; 622 uint8_t max_area; 623 }; 624 625 struct isis_iih_lan_header { 626 uint8_t circuit_type; 627 uint8_t source_id[SYSTEM_ID_LEN]; 628 uint8_t holding_time[2]; 629 uint8_t pdu_len[2]; 630 uint8_t priority; 631 uint8_t lan_id[NODE_ID_LEN]; 632 }; 633 634 struct isis_iih_ptp_header { 635 uint8_t circuit_type; 636 uint8_t source_id[SYSTEM_ID_LEN]; 637 uint8_t holding_time[2]; 638 uint8_t pdu_len[2]; 639 uint8_t circuit_id; 640 }; 641 642 struct isis_lsp_header { 643 uint8_t pdu_len[2]; 644 uint8_t remaining_lifetime[2]; 645 uint8_t lsp_id[LSP_ID_LEN]; 646 uint8_t sequence_number[4]; 647 uint8_t checksum[2]; 648 uint8_t typeblock; 649 }; 650 651 struct isis_csnp_header { 652 uint8_t pdu_len[2]; 653 uint8_t source_id[NODE_ID_LEN]; 654 uint8_t start_lsp_id[LSP_ID_LEN]; 655 uint8_t end_lsp_id[LSP_ID_LEN]; 656 }; 657 658 struct isis_psnp_header { 659 uint8_t pdu_len[2]; 660 uint8_t source_id[NODE_ID_LEN]; 661 }; 662 663 struct isis_tlv_lsp { 664 uint8_t remaining_lifetime[2]; 665 uint8_t lsp_id[LSP_ID_LEN]; 666 uint8_t sequence_number[4]; 667 uint8_t checksum[2]; 668 }; 669 670 #define ISIS_COMMON_HEADER_SIZE (sizeof(struct isis_common_header)) 671 #define ISIS_IIH_LAN_HEADER_SIZE (sizeof(struct isis_iih_lan_header)) 672 #define ISIS_IIH_PTP_HEADER_SIZE (sizeof(struct isis_iih_ptp_header)) 673 #define ISIS_LSP_HEADER_SIZE (sizeof(struct isis_lsp_header)) 674 #define ISIS_CSNP_HEADER_SIZE (sizeof(struct isis_csnp_header)) 675 #define ISIS_PSNP_HEADER_SIZE (sizeof(struct isis_psnp_header)) 676 677 void 678 isoclns_print(netdissect_options *ndo, 679 const uint8_t *p, u_int length, u_int caplen) 680 { 681 if (caplen <= 1) { /* enough bytes on the wire ? */ 682 ND_PRINT((ndo, "|OSI")); 683 return; 684 } 685 686 if (ndo->ndo_eflag) 687 ND_PRINT((ndo, "OSI NLPID %s (0x%02x): ", tok2str(nlpid_values, "Unknown", *p), *p)); 688 689 switch (*p) { 690 691 case NLPID_CLNP: 692 if (!clnp_print(ndo, p, length)) 693 print_unknown_data(ndo, p, "\n\t", caplen); 694 break; 695 696 case NLPID_ESIS: 697 esis_print(ndo, p, length); 698 return; 699 700 case NLPID_ISIS: 701 if (!isis_print(ndo, p, length)) 702 print_unknown_data(ndo, p, "\n\t", caplen); 703 break; 704 705 case NLPID_NULLNS: 706 ND_PRINT((ndo, "%slength: %u", ndo->ndo_eflag ? "" : ", ", length)); 707 break; 708 709 case NLPID_Q933: 710 q933_print(ndo, p + 1, length - 1); 711 break; 712 713 case NLPID_IP: 714 ip_print(ndo, p + 1, length - 1); 715 break; 716 717 case NLPID_IP6: 718 ip6_print(ndo, p + 1, length - 1); 719 break; 720 721 case NLPID_PPP: 722 ppp_print(ndo, p + 1, length - 1); 723 break; 724 725 default: 726 if (!ndo->ndo_eflag) 727 ND_PRINT((ndo, "OSI NLPID 0x%02x unknown", *p)); 728 ND_PRINT((ndo, "%slength: %u", ndo->ndo_eflag ? "" : ", ", length)); 729 if (caplen > 1) 730 print_unknown_data(ndo, p, "\n\t", caplen); 731 break; 732 } 733 } 734 735 #define CLNP_PDU_ER 1 736 #define CLNP_PDU_DT 28 737 #define CLNP_PDU_MD 29 738 #define CLNP_PDU_ERQ 30 739 #define CLNP_PDU_ERP 31 740 741 static const struct tok clnp_pdu_values[] = { 742 { CLNP_PDU_ER, "Error Report"}, 743 { CLNP_PDU_MD, "MD"}, 744 { CLNP_PDU_DT, "Data"}, 745 { CLNP_PDU_ERQ, "Echo Request"}, 746 { CLNP_PDU_ERP, "Echo Response"}, 747 { 0, NULL } 748 }; 749 750 struct clnp_header_t { 751 uint8_t nlpid; 752 uint8_t length_indicator; 753 uint8_t version; 754 uint8_t lifetime; /* units of 500ms */ 755 uint8_t type; 756 uint8_t segment_length[2]; 757 uint8_t cksum[2]; 758 }; 759 760 struct clnp_segment_header_t { 761 uint8_t data_unit_id[2]; 762 uint8_t segment_offset[2]; 763 uint8_t total_length[2]; 764 }; 765 766 /* 767 * clnp_print 768 * Decode CLNP packets. Return 0 on error. 769 */ 770 771 static int 772 clnp_print(netdissect_options *ndo, 773 const uint8_t *pptr, u_int length) 774 { 775 const uint8_t *optr,*source_address,*dest_address; 776 u_int li,tlen,nsap_offset,source_address_length,dest_address_length, clnp_pdu_type, clnp_flags; 777 const struct clnp_header_t *clnp_header; 778 const struct clnp_segment_header_t *clnp_segment_header; 779 uint8_t rfd_error_major,rfd_error_minor; 780 781 clnp_header = (const struct clnp_header_t *) pptr; 782 ND_TCHECK(*clnp_header); 783 784 li = clnp_header->length_indicator; 785 optr = pptr; 786 787 if (!ndo->ndo_eflag) 788 ND_PRINT((ndo, "CLNP")); 789 790 /* 791 * Sanity checking of the header. 792 */ 793 794 if (clnp_header->version != CLNP_VERSION) { 795 ND_PRINT((ndo, "version %d packet not supported", clnp_header->version)); 796 return (0); 797 } 798 799 if (li > length) { 800 ND_PRINT((ndo, " length indicator(%u) > PDU size (%u)!", li, length)); 801 return (0); 802 } 803 804 if (li < sizeof(struct clnp_header_t)) { 805 ND_PRINT((ndo, " length indicator %u < min PDU size:", li)); 806 while (pptr < ndo->ndo_snapend) 807 ND_PRINT((ndo, "%02X", *pptr++)); 808 return (0); 809 } 810 811 /* FIXME further header sanity checking */ 812 813 clnp_pdu_type = clnp_header->type & CLNP_PDU_TYPE_MASK; 814 clnp_flags = clnp_header->type & CLNP_FLAG_MASK; 815 816 pptr += sizeof(struct clnp_header_t); 817 li -= sizeof(struct clnp_header_t); 818 819 if (li < 1) { 820 ND_PRINT((ndo, "li < size of fixed part of CLNP header and addresses")); 821 return (0); 822 } 823 ND_TCHECK(*pptr); 824 dest_address_length = *pptr; 825 pptr += 1; 826 li -= 1; 827 if (li < dest_address_length) { 828 ND_PRINT((ndo, "li < size of fixed part of CLNP header and addresses")); 829 return (0); 830 } 831 ND_TCHECK2(*pptr, dest_address_length); 832 dest_address = pptr; 833 pptr += dest_address_length; 834 li -= dest_address_length; 835 836 if (li < 1) { 837 ND_PRINT((ndo, "li < size of fixed part of CLNP header and addresses")); 838 return (0); 839 } 840 ND_TCHECK(*pptr); 841 source_address_length = *pptr; 842 pptr += 1; 843 li -= 1; 844 if (li < source_address_length) { 845 ND_PRINT((ndo, "li < size of fixed part of CLNP header and addresses")); 846 return (0); 847 } 848 ND_TCHECK2(*pptr, source_address_length); 849 source_address = pptr; 850 pptr += source_address_length; 851 li -= source_address_length; 852 853 if (ndo->ndo_vflag < 1) { 854 ND_PRINT((ndo, "%s%s > %s, %s, length %u", 855 ndo->ndo_eflag ? "" : ", ", 856 isonsap_string(ndo, source_address, source_address_length), 857 isonsap_string(ndo, dest_address, dest_address_length), 858 tok2str(clnp_pdu_values,"unknown (%u)",clnp_pdu_type), 859 length)); 860 return (1); 861 } 862 ND_PRINT((ndo, "%slength %u", ndo->ndo_eflag ? "" : ", ", length)); 863 864 ND_PRINT((ndo, "\n\t%s PDU, hlen: %u, v: %u, lifetime: %u.%us, Segment PDU length: %u, checksum: 0x%04x", 865 tok2str(clnp_pdu_values, "unknown (%u)",clnp_pdu_type), 866 clnp_header->length_indicator, 867 clnp_header->version, 868 clnp_header->lifetime/2, 869 (clnp_header->lifetime%2)*5, 870 EXTRACT_16BITS(clnp_header->segment_length), 871 EXTRACT_16BITS(clnp_header->cksum))); 872 873 if (osi_print_cksum(ndo, optr, EXTRACT_16BITS(clnp_header->cksum), 7, 874 clnp_header->length_indicator) == 0) 875 goto trunc; 876 877 ND_PRINT((ndo, "\n\tFlags [%s]", 878 bittok2str(clnp_flag_values, "none", clnp_flags))); 879 880 ND_PRINT((ndo, "\n\tsource address (length %u): %s\n\tdest address (length %u): %s", 881 source_address_length, 882 isonsap_string(ndo, source_address, source_address_length), 883 dest_address_length, 884 isonsap_string(ndo, dest_address, dest_address_length))); 885 886 if (clnp_flags & CLNP_SEGMENT_PART) { 887 if (li < sizeof(const struct clnp_segment_header_t)) { 888 ND_PRINT((ndo, "li < size of fixed part of CLNP header, addresses, and segment part")); 889 return (0); 890 } 891 clnp_segment_header = (const struct clnp_segment_header_t *) pptr; 892 ND_TCHECK(*clnp_segment_header); 893 ND_PRINT((ndo, "\n\tData Unit ID: 0x%04x, Segment Offset: %u, Total PDU Length: %u", 894 EXTRACT_16BITS(clnp_segment_header->data_unit_id), 895 EXTRACT_16BITS(clnp_segment_header->segment_offset), 896 EXTRACT_16BITS(clnp_segment_header->total_length))); 897 pptr+=sizeof(const struct clnp_segment_header_t); 898 li-=sizeof(const struct clnp_segment_header_t); 899 } 900 901 /* now walk the options */ 902 while (li >= 2) { 903 u_int op, opli; 904 const uint8_t *tptr; 905 906 if (li < 2) { 907 ND_PRINT((ndo, ", bad opts/li")); 908 return (0); 909 } 910 ND_TCHECK2(*pptr, 2); 911 op = *pptr++; 912 opli = *pptr++; 913 li -= 2; 914 if (opli > li) { 915 ND_PRINT((ndo, ", opt (%d) too long", op)); 916 return (0); 917 } 918 ND_TCHECK2(*pptr, opli); 919 li -= opli; 920 tptr = pptr; 921 tlen = opli; 922 923 ND_PRINT((ndo, "\n\t %s Option #%u, length %u, value: ", 924 tok2str(clnp_option_values,"Unknown",op), 925 op, 926 opli)); 927 928 /* 929 * We've already checked that the entire option is present 930 * in the captured packet with the ND_TCHECK2() call. 931 * Therefore, we don't need to do ND_TCHECK()/ND_TCHECK2() 932 * checks. 933 * We do, however, need to check tlen, to make sure we 934 * don't run past the end of the option. 935 */ 936 switch (op) { 937 938 939 case CLNP_OPTION_ROUTE_RECORDING: /* those two options share the format */ 940 case CLNP_OPTION_SOURCE_ROUTING: 941 if (tlen < 2) { 942 ND_PRINT((ndo, ", bad opt len")); 943 return (0); 944 } 945 ND_PRINT((ndo, "%s %s", 946 tok2str(clnp_option_sr_rr_values,"Unknown",*tptr), 947 tok2str(clnp_option_sr_rr_string_values, "Unknown Option %u", op))); 948 nsap_offset=*(tptr+1); 949 if (nsap_offset == 0) { 950 ND_PRINT((ndo, " Bad NSAP offset (0)")); 951 break; 952 } 953 nsap_offset-=1; /* offset to nsap list */ 954 if (nsap_offset > tlen) { 955 ND_PRINT((ndo, " Bad NSAP offset (past end of option)")); 956 break; 957 } 958 tptr+=nsap_offset; 959 tlen-=nsap_offset; 960 while (tlen > 0) { 961 source_address_length=*tptr; 962 if (tlen < source_address_length+1) { 963 ND_PRINT((ndo, "\n\t NSAP address goes past end of option")); 964 break; 965 } 966 if (source_address_length > 0) { 967 source_address=(tptr+1); 968 ND_TCHECK2(*source_address, source_address_length); 969 ND_PRINT((ndo, "\n\t NSAP address (length %u): %s", 970 source_address_length, 971 isonsap_string(ndo, source_address, source_address_length))); 972 } 973 tlen-=source_address_length+1; 974 } 975 break; 976 977 case CLNP_OPTION_PRIORITY: 978 if (tlen < 1) { 979 ND_PRINT((ndo, ", bad opt len")); 980 return (0); 981 } 982 ND_PRINT((ndo, "0x%1x", *tptr&0x0f)); 983 break; 984 985 case CLNP_OPTION_QOS_MAINTENANCE: 986 if (tlen < 1) { 987 ND_PRINT((ndo, ", bad opt len")); 988 return (0); 989 } 990 ND_PRINT((ndo, "\n\t Format Code: %s", 991 tok2str(clnp_option_scope_values, "Reserved", *tptr&CLNP_OPTION_SCOPE_MASK))); 992 993 if ((*tptr&CLNP_OPTION_SCOPE_MASK) == CLNP_OPTION_SCOPE_GLOBAL) 994 ND_PRINT((ndo, "\n\t QoS Flags [%s]", 995 bittok2str(clnp_option_qos_global_values, 996 "none", 997 *tptr&CLNP_OPTION_OPTION_QOS_MASK))); 998 break; 999 1000 case CLNP_OPTION_SECURITY: 1001 if (tlen < 2) { 1002 ND_PRINT((ndo, ", bad opt len")); 1003 return (0); 1004 } 1005 ND_PRINT((ndo, "\n\t Format Code: %s, Security-Level %u", 1006 tok2str(clnp_option_scope_values,"Reserved",*tptr&CLNP_OPTION_SCOPE_MASK), 1007 *(tptr+1))); 1008 break; 1009 1010 case CLNP_OPTION_DISCARD_REASON: 1011 if (tlen < 1) { 1012 ND_PRINT((ndo, ", bad opt len")); 1013 return (0); 1014 } 1015 rfd_error_major = (*tptr&0xf0) >> 4; 1016 rfd_error_minor = *tptr&0x0f; 1017 ND_PRINT((ndo, "\n\t Class: %s Error (0x%01x), %s (0x%01x)", 1018 tok2str(clnp_option_rfd_class_values,"Unknown",rfd_error_major), 1019 rfd_error_major, 1020 tok2str(clnp_option_rfd_error_class[rfd_error_major],"Unknown",rfd_error_minor), 1021 rfd_error_minor)); 1022 break; 1023 1024 case CLNP_OPTION_PADDING: 1025 ND_PRINT((ndo, "padding data")); 1026 break; 1027 1028 /* 1029 * FIXME those are the defined Options that lack a decoder 1030 * you are welcome to contribute code ;-) 1031 */ 1032 1033 default: 1034 print_unknown_data(ndo, tptr, "\n\t ", opli); 1035 break; 1036 } 1037 if (ndo->ndo_vflag > 1) 1038 print_unknown_data(ndo, pptr, "\n\t ", opli); 1039 pptr += opli; 1040 } 1041 1042 switch (clnp_pdu_type) { 1043 1044 case CLNP_PDU_ER: /* fall through */ 1045 case CLNP_PDU_ERP: 1046 ND_TCHECK(*pptr); 1047 if (*(pptr) == NLPID_CLNP) { 1048 ND_PRINT((ndo, "\n\t-----original packet-----\n\t")); 1049 /* FIXME recursion protection */ 1050 clnp_print(ndo, pptr, length - clnp_header->length_indicator); 1051 break; 1052 } 1053 1054 case CLNP_PDU_DT: 1055 case CLNP_PDU_MD: 1056 case CLNP_PDU_ERQ: 1057 1058 default: 1059 /* dump the PDU specific data */ 1060 if (length-(pptr-optr) > 0) { 1061 ND_PRINT((ndo, "\n\t undecoded non-header data, length %u", length-clnp_header->length_indicator)); 1062 print_unknown_data(ndo, pptr, "\n\t ", length - (pptr - optr)); 1063 } 1064 } 1065 1066 return (1); 1067 1068 trunc: 1069 ND_PRINT((ndo, "[|clnp]")); 1070 return (1); 1071 1072 } 1073 1074 1075 #define ESIS_PDU_REDIRECT 6 1076 #define ESIS_PDU_ESH 2 1077 #define ESIS_PDU_ISH 4 1078 1079 static const struct tok esis_pdu_values[] = { 1080 { ESIS_PDU_REDIRECT, "redirect"}, 1081 { ESIS_PDU_ESH, "ESH"}, 1082 { ESIS_PDU_ISH, "ISH"}, 1083 { 0, NULL } 1084 }; 1085 1086 struct esis_header_t { 1087 uint8_t nlpid; 1088 uint8_t length_indicator; 1089 uint8_t version; 1090 uint8_t reserved; 1091 uint8_t type; 1092 uint8_t holdtime[2]; 1093 uint8_t cksum[2]; 1094 }; 1095 1096 static void 1097 esis_print(netdissect_options *ndo, 1098 const uint8_t *pptr, u_int length) 1099 { 1100 const uint8_t *optr; 1101 u_int li,esis_pdu_type,source_address_length, source_address_number; 1102 const struct esis_header_t *esis_header; 1103 1104 if (!ndo->ndo_eflag) 1105 ND_PRINT((ndo, "ES-IS")); 1106 1107 if (length <= 2) { 1108 ND_PRINT((ndo, ndo->ndo_qflag ? "bad pkt!" : "no header at all!")); 1109 return; 1110 } 1111 1112 esis_header = (const struct esis_header_t *) pptr; 1113 ND_TCHECK(*esis_header); 1114 li = esis_header->length_indicator; 1115 optr = pptr; 1116 1117 /* 1118 * Sanity checking of the header. 1119 */ 1120 1121 if (esis_header->nlpid != NLPID_ESIS) { 1122 ND_PRINT((ndo, " nlpid 0x%02x packet not supported", esis_header->nlpid)); 1123 return; 1124 } 1125 1126 if (esis_header->version != ESIS_VERSION) { 1127 ND_PRINT((ndo, " version %d packet not supported", esis_header->version)); 1128 return; 1129 } 1130 1131 if (li > length) { 1132 ND_PRINT((ndo, " length indicator(%u) > PDU size (%u)!", li, length)); 1133 return; 1134 } 1135 1136 if (li < sizeof(struct esis_header_t) + 2) { 1137 ND_PRINT((ndo, " length indicator %u < min PDU size:", li)); 1138 while (pptr < ndo->ndo_snapend) 1139 ND_PRINT((ndo, "%02X", *pptr++)); 1140 return; 1141 } 1142 1143 esis_pdu_type = esis_header->type & ESIS_PDU_TYPE_MASK; 1144 1145 if (ndo->ndo_vflag < 1) { 1146 ND_PRINT((ndo, "%s%s, length %u", 1147 ndo->ndo_eflag ? "" : ", ", 1148 tok2str(esis_pdu_values,"unknown type (%u)",esis_pdu_type), 1149 length)); 1150 return; 1151 } else 1152 ND_PRINT((ndo, "%slength %u\n\t%s (%u)", 1153 ndo->ndo_eflag ? "" : ", ", 1154 length, 1155 tok2str(esis_pdu_values,"unknown type: %u", esis_pdu_type), 1156 esis_pdu_type)); 1157 1158 ND_PRINT((ndo, ", v: %u%s", esis_header->version, esis_header->version == ESIS_VERSION ? "" : "unsupported" )); 1159 ND_PRINT((ndo, ", checksum: 0x%04x", EXTRACT_16BITS(esis_header->cksum))); 1160 1161 if (osi_print_cksum(ndo, pptr, EXTRACT_16BITS(esis_header->cksum), 7, li) == 0) 1162 goto trunc; 1163 1164 ND_PRINT((ndo, ", holding time: %us, length indicator: %u", 1165 EXTRACT_16BITS(esis_header->holdtime), li)); 1166 1167 if (ndo->ndo_vflag > 1) 1168 print_unknown_data(ndo, optr, "\n\t", sizeof(struct esis_header_t)); 1169 1170 pptr += sizeof(struct esis_header_t); 1171 li -= sizeof(struct esis_header_t); 1172 1173 switch (esis_pdu_type) { 1174 case ESIS_PDU_REDIRECT: { 1175 const uint8_t *dst, *snpa, *neta; 1176 u_int dstl, snpal, netal; 1177 1178 ND_TCHECK(*pptr); 1179 if (li < 1) { 1180 ND_PRINT((ndo, ", bad redirect/li")); 1181 return; 1182 } 1183 dstl = *pptr; 1184 pptr++; 1185 li--; 1186 ND_TCHECK2(*pptr, dstl); 1187 if (li < dstl) { 1188 ND_PRINT((ndo, ", bad redirect/li")); 1189 return; 1190 } 1191 dst = pptr; 1192 pptr += dstl; 1193 li -= dstl; 1194 ND_PRINT((ndo, "\n\t %s", isonsap_string(ndo, dst, dstl))); 1195 1196 ND_TCHECK(*pptr); 1197 if (li < 1) { 1198 ND_PRINT((ndo, ", bad redirect/li")); 1199 return; 1200 } 1201 snpal = *pptr; 1202 pptr++; 1203 li--; 1204 ND_TCHECK2(*pptr, snpal); 1205 if (li < snpal) { 1206 ND_PRINT((ndo, ", bad redirect/li")); 1207 return; 1208 } 1209 snpa = pptr; 1210 pptr += snpal; 1211 li -= snpal; 1212 ND_TCHECK(*pptr); 1213 if (li < 1) { 1214 ND_PRINT((ndo, ", bad redirect/li")); 1215 return; 1216 } 1217 netal = *pptr; 1218 pptr++; 1219 ND_TCHECK2(*pptr, netal); 1220 if (li < netal) { 1221 ND_PRINT((ndo, ", bad redirect/li")); 1222 return; 1223 } 1224 neta = pptr; 1225 pptr += netal; 1226 li -= netal; 1227 1228 if (netal == 0) 1229 ND_PRINT((ndo, "\n\t %s", etheraddr_string(ndo, snpa))); 1230 else 1231 ND_PRINT((ndo, "\n\t %s", isonsap_string(ndo, neta, netal))); 1232 break; 1233 } 1234 1235 case ESIS_PDU_ESH: 1236 ND_TCHECK(*pptr); 1237 if (li < 1) { 1238 ND_PRINT((ndo, ", bad esh/li")); 1239 return; 1240 } 1241 source_address_number = *pptr; 1242 pptr++; 1243 li--; 1244 1245 ND_PRINT((ndo, "\n\t Number of Source Addresses: %u", source_address_number)); 1246 1247 while (source_address_number > 0) { 1248 ND_TCHECK(*pptr); 1249 if (li < 1) { 1250 ND_PRINT((ndo, ", bad esh/li")); 1251 return; 1252 } 1253 source_address_length = *pptr; 1254 pptr++; 1255 li--; 1256 1257 ND_TCHECK2(*pptr, source_address_length); 1258 if (li < source_address_length) { 1259 ND_PRINT((ndo, ", bad esh/li")); 1260 return; 1261 } 1262 ND_PRINT((ndo, "\n\t NET (length: %u): %s", 1263 source_address_length, 1264 isonsap_string(ndo, pptr, source_address_length))); 1265 pptr += source_address_length; 1266 li -= source_address_length; 1267 source_address_number--; 1268 } 1269 1270 break; 1271 1272 case ESIS_PDU_ISH: { 1273 ND_TCHECK(*pptr); 1274 if (li < 1) { 1275 ND_PRINT((ndo, ", bad ish/li")); 1276 return; 1277 } 1278 source_address_length = *pptr; 1279 pptr++; 1280 li--; 1281 ND_TCHECK2(*pptr, source_address_length); 1282 if (li < source_address_length) { 1283 ND_PRINT((ndo, ", bad ish/li")); 1284 return; 1285 } 1286 ND_PRINT((ndo, "\n\t NET (length: %u): %s", source_address_length, isonsap_string(ndo, pptr, source_address_length))); 1287 pptr += source_address_length; 1288 li -= source_address_length; 1289 break; 1290 } 1291 1292 default: 1293 if (ndo->ndo_vflag <= 1) { 1294 if (pptr < ndo->ndo_snapend) 1295 print_unknown_data(ndo, pptr, "\n\t ", ndo->ndo_snapend - pptr); 1296 } 1297 return; 1298 } 1299 1300 /* now walk the options */ 1301 while (li != 0) { 1302 u_int op, opli; 1303 const uint8_t *tptr; 1304 1305 if (li < 2) { 1306 ND_PRINT((ndo, ", bad opts/li")); 1307 return; 1308 } 1309 ND_TCHECK2(*pptr, 2); 1310 op = *pptr++; 1311 opli = *pptr++; 1312 li -= 2; 1313 if (opli > li) { 1314 ND_PRINT((ndo, ", opt (%d) too long", op)); 1315 return; 1316 } 1317 li -= opli; 1318 tptr = pptr; 1319 1320 ND_PRINT((ndo, "\n\t %s Option #%u, length %u, value: ", 1321 tok2str(esis_option_values,"Unknown",op), 1322 op, 1323 opli)); 1324 1325 switch (op) { 1326 1327 case ESIS_OPTION_ES_CONF_TIME: 1328 if (opli == 2) { 1329 ND_TCHECK2(*pptr, 2); 1330 ND_PRINT((ndo, "%us", EXTRACT_16BITS(tptr))); 1331 } else 1332 ND_PRINT((ndo, "(bad length)")); 1333 break; 1334 1335 case ESIS_OPTION_PROTOCOLS: 1336 while (opli>0) { 1337 ND_TCHECK(*pptr); 1338 ND_PRINT((ndo, "%s (0x%02x)", 1339 tok2str(nlpid_values, 1340 "unknown", 1341 *tptr), 1342 *tptr)); 1343 if (opli>1) /* further NPLIDs ? - put comma */ 1344 ND_PRINT((ndo, ", ")); 1345 tptr++; 1346 opli--; 1347 } 1348 break; 1349 1350 /* 1351 * FIXME those are the defined Options that lack a decoder 1352 * you are welcome to contribute code ;-) 1353 */ 1354 1355 case ESIS_OPTION_QOS_MAINTENANCE: 1356 case ESIS_OPTION_SECURITY: 1357 case ESIS_OPTION_PRIORITY: 1358 case ESIS_OPTION_ADDRESS_MASK: 1359 case ESIS_OPTION_SNPA_MASK: 1360 1361 default: 1362 print_unknown_data(ndo, tptr, "\n\t ", opli); 1363 break; 1364 } 1365 if (ndo->ndo_vflag > 1) 1366 print_unknown_data(ndo, pptr, "\n\t ", opli); 1367 pptr += opli; 1368 } 1369 trunc: 1370 return; 1371 } 1372 1373 static void 1374 isis_print_mcid(netdissect_options *ndo, 1375 const struct isis_spb_mcid *mcid) 1376 { 1377 int i; 1378 1379 ND_TCHECK(*mcid); 1380 ND_PRINT((ndo, "ID: %d, Name: ", mcid->format_id)); 1381 1382 if (fn_printzp(ndo, mcid->name, 32, ndo->ndo_snapend)) 1383 goto trunc; 1384 1385 ND_PRINT((ndo, "\n\t Lvl: %d", EXTRACT_16BITS(mcid->revision_lvl))); 1386 1387 ND_PRINT((ndo, ", Digest: ")); 1388 1389 for(i=0;i<16;i++) 1390 ND_PRINT((ndo, "%.2x ", mcid->digest[i])); 1391 1392 trunc: 1393 ND_PRINT((ndo, "%s", tstr)); 1394 } 1395 1396 static int 1397 isis_print_mt_port_cap_subtlv(netdissect_options *ndo, 1398 const uint8_t *tptr, int len) 1399 { 1400 int stlv_type, stlv_len; 1401 const struct isis_subtlv_spb_mcid *subtlv_spb_mcid; 1402 int i; 1403 1404 while (len > 2) 1405 { 1406 stlv_type = *(tptr++); 1407 stlv_len = *(tptr++); 1408 1409 /* first lets see if we know the subTLVs name*/ 1410 ND_PRINT((ndo, "\n\t %s subTLV #%u, length: %u", 1411 tok2str(isis_mt_port_cap_subtlv_values, "unknown", stlv_type), 1412 stlv_type, 1413 stlv_len)); 1414 1415 /*len -= TLV_TYPE_LEN_OFFSET;*/ 1416 len = len -2; 1417 1418 switch (stlv_type) 1419 { 1420 case ISIS_SUBTLV_SPB_MCID: 1421 { 1422 ND_TCHECK2(*(tptr), ISIS_SUBTLV_SPB_MCID_MIN_LEN); 1423 1424 subtlv_spb_mcid = (const struct isis_subtlv_spb_mcid *)tptr; 1425 1426 ND_PRINT((ndo, "\n\t MCID: ")); 1427 isis_print_mcid(ndo, &(subtlv_spb_mcid->mcid)); 1428 1429 /*tptr += SPB_MCID_MIN_LEN; 1430 len -= SPB_MCID_MIN_LEN; */ 1431 1432 ND_PRINT((ndo, "\n\t AUX-MCID: ")); 1433 isis_print_mcid(ndo, &(subtlv_spb_mcid->aux_mcid)); 1434 1435 /*tptr += SPB_MCID_MIN_LEN; 1436 len -= SPB_MCID_MIN_LEN; */ 1437 tptr = tptr + sizeof(struct isis_subtlv_spb_mcid); 1438 len = len - sizeof(struct isis_subtlv_spb_mcid); 1439 1440 break; 1441 } 1442 1443 case ISIS_SUBTLV_SPB_DIGEST: 1444 { 1445 ND_TCHECK2(*(tptr), ISIS_SUBTLV_SPB_DIGEST_MIN_LEN); 1446 1447 ND_PRINT((ndo, "\n\t RES: %d V: %d A: %d D: %d", 1448 (*(tptr) >> 5), (((*tptr)>> 4) & 0x01), 1449 ((*(tptr) >> 2) & 0x03), ((*tptr) & 0x03))); 1450 1451 tptr++; 1452 1453 ND_PRINT((ndo, "\n\t Digest: ")); 1454 1455 for(i=1;i<=8; i++) 1456 { 1457 ND_PRINT((ndo, "%08x ", EXTRACT_32BITS(tptr))); 1458 if (i%4 == 0 && i != 8) 1459 ND_PRINT((ndo, "\n\t ")); 1460 tptr = tptr + 4; 1461 } 1462 1463 len = len - ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; 1464 1465 break; 1466 } 1467 1468 case ISIS_SUBTLV_SPB_BVID: 1469 { 1470 ND_TCHECK2(*(tptr), stlv_len); 1471 1472 while (len >= ISIS_SUBTLV_SPB_BVID_MIN_LEN) 1473 { 1474 ND_TCHECK2(*(tptr), ISIS_SUBTLV_SPB_BVID_MIN_LEN); 1475 1476 ND_PRINT((ndo, "\n\t ECT: %08x", 1477 EXTRACT_32BITS(tptr))); 1478 1479 tptr = tptr+4; 1480 1481 ND_PRINT((ndo, " BVID: %d, U:%01x M:%01x ", 1482 (EXTRACT_16BITS (tptr) >> 4) , 1483 (EXTRACT_16BITS (tptr) >> 3) & 0x01, 1484 (EXTRACT_16BITS (tptr) >> 2) & 0x01)); 1485 1486 tptr = tptr + 2; 1487 len = len - ISIS_SUBTLV_SPB_BVID_MIN_LEN; 1488 } 1489 1490 break; 1491 } 1492 1493 default: 1494 break; 1495 } 1496 } 1497 1498 return 0; 1499 1500 trunc: 1501 ND_PRINT((ndo, "\n\t\t")); 1502 ND_PRINT((ndo, "%s", tstr)); 1503 return(1); 1504 } 1505 1506 static int 1507 isis_print_mt_capability_subtlv(netdissect_options *ndo, 1508 const uint8_t *tptr, int len) 1509 { 1510 int stlv_type, stlv_len, tmp; 1511 1512 while (len > 2) 1513 { 1514 stlv_type = *(tptr++); 1515 stlv_len = *(tptr++); 1516 1517 /* first lets see if we know the subTLVs name*/ 1518 ND_PRINT((ndo, "\n\t %s subTLV #%u, length: %u", 1519 tok2str(isis_mt_capability_subtlv_values, "unknown", stlv_type), 1520 stlv_type, 1521 stlv_len)); 1522 1523 len = len - 2; 1524 1525 switch (stlv_type) 1526 { 1527 case ISIS_SUBTLV_SPB_INSTANCE: 1528 1529 ND_TCHECK2(*tptr, ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN); 1530 1531 ND_PRINT((ndo, "\n\t CIST Root-ID: %08x", EXTRACT_32BITS(tptr))); 1532 tptr = tptr+4; 1533 ND_PRINT((ndo, " %08x", EXTRACT_32BITS(tptr))); 1534 tptr = tptr+4; 1535 ND_PRINT((ndo, ", Path Cost: %08x", EXTRACT_32BITS(tptr))); 1536 tptr = tptr+4; 1537 ND_PRINT((ndo, ", Prio: %d", EXTRACT_16BITS(tptr))); 1538 tptr = tptr + 2; 1539 ND_PRINT((ndo, "\n\t RES: %d", 1540 EXTRACT_16BITS(tptr) >> 5)); 1541 ND_PRINT((ndo, ", V: %d", 1542 (EXTRACT_16BITS(tptr) >> 4) & 0x0001)); 1543 ND_PRINT((ndo, ", SPSource-ID: %d", 1544 (EXTRACT_32BITS(tptr) & 0x000fffff))); 1545 tptr = tptr+4; 1546 ND_PRINT((ndo, ", No of Trees: %x", *(tptr))); 1547 1548 tmp = *(tptr++); 1549 1550 len = len - ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; 1551 1552 while (tmp) 1553 { 1554 ND_TCHECK2(*tptr, ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN); 1555 1556 ND_PRINT((ndo, "\n\t U:%d, M:%d, A:%d, RES:%d", 1557 *(tptr) >> 7, (*(tptr) >> 6) & 0x01, 1558 (*(tptr) >> 5) & 0x01, (*(tptr) & 0x1f))); 1559 1560 tptr++; 1561 1562 ND_PRINT((ndo, ", ECT: %08x", EXTRACT_32BITS(tptr))); 1563 1564 tptr = tptr + 4; 1565 1566 ND_PRINT((ndo, ", BVID: %d, SPVID: %d", 1567 (EXTRACT_24BITS(tptr) >> 12) & 0x000fff, 1568 EXTRACT_24BITS(tptr) & 0x000fff)); 1569 1570 tptr = tptr + 3; 1571 len = len - ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; 1572 tmp--; 1573 } 1574 1575 break; 1576 1577 case ISIS_SUBTLV_SPBM_SI: 1578 1579 ND_TCHECK2(*tptr, 8); 1580 1581 ND_PRINT((ndo, "\n\t BMAC: %08x", EXTRACT_32BITS(tptr))); 1582 tptr = tptr+4; 1583 ND_PRINT((ndo, "%04x", EXTRACT_16BITS(tptr))); 1584 tptr = tptr+2; 1585 1586 ND_PRINT((ndo, ", RES: %d, VID: %d", EXTRACT_16BITS(tptr) >> 12, 1587 (EXTRACT_16BITS(tptr)) & 0x0fff)); 1588 1589 tptr = tptr+2; 1590 len = len - 8; 1591 stlv_len = stlv_len - 8; 1592 1593 while (stlv_len >= 4) { 1594 ND_TCHECK2(*tptr, 4); 1595 ND_PRINT((ndo, "\n\t T: %d, R: %d, RES: %d, ISID: %d", 1596 (EXTRACT_32BITS(tptr) >> 31), 1597 (EXTRACT_32BITS(tptr) >> 30) & 0x01, 1598 (EXTRACT_32BITS(tptr) >> 24) & 0x03f, 1599 (EXTRACT_32BITS(tptr)) & 0x0ffffff)); 1600 1601 tptr = tptr + 4; 1602 len = len - 4; 1603 stlv_len = stlv_len - 4; 1604 } 1605 1606 break; 1607 1608 default: 1609 break; 1610 } 1611 } 1612 return 0; 1613 1614 trunc: 1615 ND_PRINT((ndo, "\n\t\t")); 1616 ND_PRINT((ndo, "%s", tstr)); 1617 return(1); 1618 } 1619 1620 /* shared routine for printing system, node and lsp-ids */ 1621 static char * 1622 isis_print_id(const uint8_t *cp, int id_len) 1623 { 1624 int i; 1625 static char id[sizeof("xxxx.xxxx.xxxx.yy-zz")]; 1626 char *pos = id; 1627 1628 for (i = 1; i <= SYSTEM_ID_LEN; i++) { 1629 snprintf(pos, sizeof(id) - (pos - id), "%02x", *cp++); 1630 pos += strlen(pos); 1631 if (i == 2 || i == 4) 1632 *pos++ = '.'; 1633 } 1634 if (id_len >= NODE_ID_LEN) { 1635 snprintf(pos, sizeof(id) - (pos - id), ".%02x", *cp++); 1636 pos += strlen(pos); 1637 } 1638 if (id_len == LSP_ID_LEN) 1639 snprintf(pos, sizeof(id) - (pos - id), "-%02x", *cp); 1640 return (id); 1641 } 1642 1643 /* print the 4-byte metric block which is common found in the old-style TLVs */ 1644 static int 1645 isis_print_metric_block(netdissect_options *ndo, 1646 const struct isis_metric_block *isis_metric_block) 1647 { 1648 ND_PRINT((ndo, ", Default Metric: %d, %s", 1649 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_default), 1650 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_default) ? "External" : "Internal")); 1651 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_delay)) 1652 ND_PRINT((ndo, "\n\t\t Delay Metric: %d, %s", 1653 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_delay), 1654 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_delay) ? "External" : "Internal")); 1655 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_expense)) 1656 ND_PRINT((ndo, "\n\t\t Expense Metric: %d, %s", 1657 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_expense), 1658 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_expense) ? "External" : "Internal")); 1659 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_error)) 1660 ND_PRINT((ndo, "\n\t\t Error Metric: %d, %s", 1661 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_error), 1662 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_error) ? "External" : "Internal")); 1663 1664 return(1); /* everything is ok */ 1665 } 1666 1667 static int 1668 isis_print_tlv_ip_reach(netdissect_options *ndo, 1669 const uint8_t *cp, const char *ident, int length) 1670 { 1671 int prefix_len; 1672 const struct isis_tlv_ip_reach *tlv_ip_reach; 1673 1674 tlv_ip_reach = (const struct isis_tlv_ip_reach *)cp; 1675 1676 while (length > 0) { 1677 if ((size_t)length < sizeof(*tlv_ip_reach)) { 1678 ND_PRINT((ndo, "short IPv4 Reachability (%d vs %lu)", 1679 length, 1680 (unsigned long)sizeof(*tlv_ip_reach))); 1681 return (0); 1682 } 1683 1684 if (!ND_TTEST(*tlv_ip_reach)) 1685 return (0); 1686 1687 prefix_len = mask2plen(EXTRACT_32BITS(tlv_ip_reach->mask)); 1688 1689 if (prefix_len == -1) 1690 ND_PRINT((ndo, "%sIPv4 prefix: %s mask %s", 1691 ident, 1692 ipaddr_string(ndo, (tlv_ip_reach->prefix)), 1693 ipaddr_string(ndo, (tlv_ip_reach->mask)))); 1694 else 1695 ND_PRINT((ndo, "%sIPv4 prefix: %15s/%u", 1696 ident, 1697 ipaddr_string(ndo, (tlv_ip_reach->prefix)), 1698 prefix_len)); 1699 1700 ND_PRINT((ndo, ", Distribution: %s, Metric: %u, %s", 1701 ISIS_LSP_TLV_METRIC_UPDOWN(tlv_ip_reach->isis_metric_block.metric_default) ? "down" : "up", 1702 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_default), 1703 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_default) ? "External" : "Internal")); 1704 1705 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_delay)) 1706 ND_PRINT((ndo, "%s Delay Metric: %u, %s", 1707 ident, 1708 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_delay), 1709 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_delay) ? "External" : "Internal")); 1710 1711 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_expense)) 1712 ND_PRINT((ndo, "%s Expense Metric: %u, %s", 1713 ident, 1714 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_expense), 1715 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_expense) ? "External" : "Internal")); 1716 1717 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_error)) 1718 ND_PRINT((ndo, "%s Error Metric: %u, %s", 1719 ident, 1720 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_error), 1721 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_error) ? "External" : "Internal")); 1722 1723 length -= sizeof(struct isis_tlv_ip_reach); 1724 tlv_ip_reach++; 1725 } 1726 return (1); 1727 } 1728 1729 /* 1730 * this is the common IP-REACH subTLV decoder it is called 1731 * from various EXTD-IP REACH TLVs (135,235,236,237) 1732 */ 1733 1734 static int 1735 isis_print_ip_reach_subtlv(netdissect_options *ndo, 1736 const uint8_t *tptr, int subt, int subl, 1737 const char *ident) 1738 { 1739 /* first lets see if we know the subTLVs name*/ 1740 ND_PRINT((ndo, "%s%s subTLV #%u, length: %u", 1741 ident, tok2str(isis_ext_ip_reach_subtlv_values, "unknown", subt), 1742 subt, subl)); 1743 1744 ND_TCHECK2(*tptr,subl); 1745 1746 switch(subt) { 1747 case ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR: /* fall through */ 1748 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32: 1749 while (subl >= 4) { 1750 ND_PRINT((ndo, ", 0x%08x (=%u)", 1751 EXTRACT_32BITS(tptr), 1752 EXTRACT_32BITS(tptr))); 1753 tptr+=4; 1754 subl-=4; 1755 } 1756 break; 1757 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64: 1758 while (subl >= 8) { 1759 ND_PRINT((ndo, ", 0x%08x%08x", 1760 EXTRACT_32BITS(tptr), 1761 EXTRACT_32BITS(tptr+4))); 1762 tptr+=8; 1763 subl-=8; 1764 } 1765 break; 1766 default: 1767 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1768 return(0); 1769 break; 1770 } 1771 return(1); 1772 1773 trunc: 1774 ND_PRINT((ndo, "%s", ident)); 1775 ND_PRINT((ndo, "%s", tstr)); 1776 return(0); 1777 } 1778 1779 /* 1780 * this is the common IS-REACH subTLV decoder it is called 1781 * from isis_print_ext_is_reach() 1782 */ 1783 1784 static int 1785 isis_print_is_reach_subtlv(netdissect_options *ndo, 1786 const uint8_t *tptr, u_int subt, u_int subl, 1787 const char *ident) 1788 { 1789 u_int te_class,priority_level,gmpls_switch_cap; 1790 union { /* int to float conversion buffer for several subTLVs */ 1791 float f; 1792 uint32_t i; 1793 } bw; 1794 1795 /* first lets see if we know the subTLVs name*/ 1796 ND_PRINT((ndo, "%s%s subTLV #%u, length: %u", 1797 ident, tok2str(isis_ext_is_reach_subtlv_values, "unknown", subt), 1798 subt, subl)); 1799 1800 ND_TCHECK2(*tptr, subl); 1801 1802 switch(subt) { 1803 case ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP: 1804 case ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID: 1805 case ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID: 1806 if (subl >= 4) { 1807 ND_PRINT((ndo, ", 0x%08x", EXTRACT_32BITS(tptr))); 1808 if (subl == 8) /* rfc4205 */ 1809 ND_PRINT((ndo, ", 0x%08x", EXTRACT_32BITS(tptr+4))); 1810 } 1811 break; 1812 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR: 1813 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR: 1814 if (subl >= sizeof(struct in_addr)) 1815 ND_PRINT((ndo, ", %s", ipaddr_string(ndo, tptr))); 1816 break; 1817 case ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW : 1818 case ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW: 1819 if (subl >= 4) { 1820 bw.i = EXTRACT_32BITS(tptr); 1821 ND_PRINT((ndo, ", %.3f Mbps", bw.f * 8 / 1000000)); 1822 } 1823 break; 1824 case ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW : 1825 if (subl >= 32) { 1826 for (te_class = 0; te_class < 8; te_class++) { 1827 bw.i = EXTRACT_32BITS(tptr); 1828 ND_PRINT((ndo, "%s TE-Class %u: %.3f Mbps", 1829 ident, 1830 te_class, 1831 bw.f * 8 / 1000000)); 1832 tptr+=4; 1833 } 1834 } 1835 break; 1836 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS: /* fall through */ 1837 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD: 1838 ND_PRINT((ndo, "%sBandwidth Constraints Model ID: %s (%u)", 1839 ident, 1840 tok2str(diffserv_te_bc_values, "unknown", *tptr), 1841 *tptr)); 1842 tptr++; 1843 /* decode BCs until the subTLV ends */ 1844 for (te_class = 0; te_class < (subl-1)/4; te_class++) { 1845 ND_TCHECK2(*tptr, 4); 1846 bw.i = EXTRACT_32BITS(tptr); 1847 ND_PRINT((ndo, "%s Bandwidth constraint CT%u: %.3f Mbps", 1848 ident, 1849 te_class, 1850 bw.f * 8 / 1000000)); 1851 tptr+=4; 1852 } 1853 break; 1854 case ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC: 1855 if (subl >= 3) 1856 ND_PRINT((ndo, ", %u", EXTRACT_24BITS(tptr))); 1857 break; 1858 case ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE: 1859 if (subl == 2) { 1860 ND_PRINT((ndo, ", [ %s ] (0x%04x)", 1861 bittok2str(isis_subtlv_link_attribute_values, 1862 "Unknown", 1863 EXTRACT_16BITS(tptr)), 1864 EXTRACT_16BITS(tptr))); 1865 } 1866 break; 1867 case ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE: 1868 if (subl >= 2) { 1869 ND_PRINT((ndo, ", %s, Priority %u", 1870 bittok2str(gmpls_link_prot_values, "none", *tptr), 1871 *(tptr+1))); 1872 } 1873 break; 1874 case ISIS_SUBTLV_SPB_METRIC: 1875 if (subl >= 6) { 1876 ND_PRINT((ndo, ", LM: %u", EXTRACT_24BITS(tptr))); 1877 tptr=tptr+3; 1878 ND_PRINT((ndo, ", P: %u", *(tptr))); 1879 tptr++; 1880 ND_PRINT((ndo, ", P-ID: %u", EXTRACT_16BITS(tptr))); 1881 } 1882 break; 1883 case ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR: 1884 if (subl >= 36) { 1885 gmpls_switch_cap = *tptr; 1886 ND_PRINT((ndo, "%s Interface Switching Capability:%s", 1887 ident, 1888 tok2str(gmpls_switch_cap_values, "Unknown", gmpls_switch_cap))); 1889 ND_PRINT((ndo, ", LSP Encoding: %s", 1890 tok2str(gmpls_encoding_values, "Unknown", *(tptr + 1)))); 1891 tptr+=4; 1892 ND_PRINT((ndo, "%s Max LSP Bandwidth:", ident)); 1893 for (priority_level = 0; priority_level < 8; priority_level++) { 1894 bw.i = EXTRACT_32BITS(tptr); 1895 ND_PRINT((ndo, "%s priority level %d: %.3f Mbps", 1896 ident, 1897 priority_level, 1898 bw.f * 8 / 1000000)); 1899 tptr+=4; 1900 } 1901 subl-=36; 1902 switch (gmpls_switch_cap) { 1903 case GMPLS_PSC1: 1904 case GMPLS_PSC2: 1905 case GMPLS_PSC3: 1906 case GMPLS_PSC4: 1907 ND_TCHECK2(*tptr, 6); 1908 bw.i = EXTRACT_32BITS(tptr); 1909 ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000)); 1910 ND_PRINT((ndo, "%s Interface MTU: %u", ident, EXTRACT_16BITS(tptr + 4))); 1911 break; 1912 case GMPLS_TSC: 1913 ND_TCHECK2(*tptr, 8); 1914 bw.i = EXTRACT_32BITS(tptr); 1915 ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000)); 1916 ND_PRINT((ndo, "%s Indication %s", ident, 1917 tok2str(gmpls_switch_cap_tsc_indication_values, "Unknown (%u)", *(tptr + 4)))); 1918 break; 1919 default: 1920 /* there is some optional stuff left to decode but this is as of yet 1921 not specified so just lets hexdump what is left */ 1922 if(subl>0){ 1923 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1924 return(0); 1925 } 1926 } 1927 } 1928 break; 1929 default: 1930 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1931 return(0); 1932 break; 1933 } 1934 return(1); 1935 1936 trunc: 1937 return(0); 1938 } 1939 1940 /* 1941 * this is the common IS-REACH decoder it is called 1942 * from various EXTD-IS REACH style TLVs (22,24,222) 1943 */ 1944 1945 static int 1946 isis_print_ext_is_reach(netdissect_options *ndo, 1947 const uint8_t *tptr, const char *ident, int tlv_type) 1948 { 1949 char ident_buffer[20]; 1950 int subtlv_type,subtlv_len,subtlv_sum_len; 1951 int proc_bytes = 0; /* how many bytes did we process ? */ 1952 1953 if (!ND_TTEST2(*tptr, NODE_ID_LEN)) 1954 return(0); 1955 1956 ND_PRINT((ndo, "%sIS Neighbor: %s", ident, isis_print_id(tptr, NODE_ID_LEN))); 1957 tptr+=(NODE_ID_LEN); 1958 1959 if (tlv_type != ISIS_TLV_IS_ALIAS_ID) { /* the Alias TLV Metric field is implicit 0 */ 1960 if (!ND_TTEST2(*tptr, 3)) /* and is therefore skipped */ 1961 return(0); 1962 ND_PRINT((ndo, ", Metric: %d", EXTRACT_24BITS(tptr))); 1963 tptr+=3; 1964 } 1965 1966 if (!ND_TTEST2(*tptr, 1)) 1967 return(0); 1968 subtlv_sum_len=*(tptr++); /* read out subTLV length */ 1969 proc_bytes=NODE_ID_LEN+3+1; 1970 ND_PRINT((ndo, ", %ssub-TLVs present",subtlv_sum_len ? "" : "no ")); 1971 if (subtlv_sum_len) { 1972 ND_PRINT((ndo, " (%u)", subtlv_sum_len)); 1973 while (subtlv_sum_len>0) { 1974 if (!ND_TTEST2(*tptr,2)) 1975 return(0); 1976 subtlv_type=*(tptr++); 1977 subtlv_len=*(tptr++); 1978 /* prepend the indent string */ 1979 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 1980 if (!isis_print_is_reach_subtlv(ndo, tptr, subtlv_type, subtlv_len, ident_buffer)) 1981 return(0); 1982 tptr+=subtlv_len; 1983 subtlv_sum_len-=(subtlv_len+2); 1984 proc_bytes+=(subtlv_len+2); 1985 } 1986 } 1987 return(proc_bytes); 1988 } 1989 1990 /* 1991 * this is the common Multi Topology ID decoder 1992 * it is called from various MT-TLVs (222,229,235,237) 1993 */ 1994 1995 static int 1996 isis_print_mtid(netdissect_options *ndo, 1997 const uint8_t *tptr, const char *ident) 1998 { 1999 if (!ND_TTEST2(*tptr, 2)) 2000 return(0); 2001 2002 ND_PRINT((ndo, "%s%s", 2003 ident, 2004 tok2str(isis_mt_values, 2005 "Reserved for IETF Consensus", 2006 ISIS_MASK_MTID(EXTRACT_16BITS(tptr))))); 2007 2008 ND_PRINT((ndo, " Topology (0x%03x), Flags: [%s]", 2009 ISIS_MASK_MTID(EXTRACT_16BITS(tptr)), 2010 bittok2str(isis_mt_flag_values, "none",ISIS_MASK_MTFLAGS(EXTRACT_16BITS(tptr))))); 2011 2012 return(2); 2013 } 2014 2015 /* 2016 * this is the common extended IP reach decoder 2017 * it is called from TLVs (135,235,236,237) 2018 * we process the TLV and optional subTLVs and return 2019 * the amount of processed bytes 2020 */ 2021 2022 static int 2023 isis_print_extd_ip_reach(netdissect_options *ndo, 2024 const uint8_t *tptr, const char *ident, uint16_t afi) 2025 { 2026 char ident_buffer[20]; 2027 uint8_t prefix[sizeof(struct in6_addr)]; /* shared copy buffer for IPv4 and IPv6 prefixes */ 2028 u_int metric, status_byte, bit_length, byte_length, sublen, processed, subtlvtype, subtlvlen; 2029 2030 if (!ND_TTEST2(*tptr, 4)) 2031 return (0); 2032 metric = EXTRACT_32BITS(tptr); 2033 processed=4; 2034 tptr+=4; 2035 2036 if (afi == AF_INET) { 2037 if (!ND_TTEST2(*tptr, 1)) /* fetch status byte */ 2038 return (0); 2039 status_byte=*(tptr++); 2040 bit_length = status_byte&0x3f; 2041 if (bit_length > 32) { 2042 ND_PRINT((ndo, "%sIPv4 prefix: bad bit length %u", 2043 ident, 2044 bit_length)); 2045 return (0); 2046 } 2047 processed++; 2048 } else if (afi == AF_INET6) { 2049 if (!ND_TTEST2(*tptr, 1)) /* fetch status & prefix_len byte */ 2050 return (0); 2051 status_byte=*(tptr++); 2052 bit_length=*(tptr++); 2053 if (bit_length > 128) { 2054 ND_PRINT((ndo, "%sIPv6 prefix: bad bit length %u", 2055 ident, 2056 bit_length)); 2057 return (0); 2058 } 2059 processed+=2; 2060 } else 2061 return (0); /* somebody is fooling us */ 2062 2063 byte_length = (bit_length + 7) / 8; /* prefix has variable length encoding */ 2064 2065 if (!ND_TTEST2(*tptr, byte_length)) 2066 return (0); 2067 memset(prefix, 0, sizeof prefix); /* clear the copy buffer */ 2068 memcpy(prefix,tptr,byte_length); /* copy as much as is stored in the TLV */ 2069 tptr+=byte_length; 2070 processed+=byte_length; 2071 2072 if (afi == AF_INET) 2073 ND_PRINT((ndo, "%sIPv4 prefix: %15s/%u", 2074 ident, 2075 ipaddr_string(ndo, prefix), 2076 bit_length)); 2077 else if (afi == AF_INET6) 2078 ND_PRINT((ndo, "%sIPv6 prefix: %s/%u", 2079 ident, 2080 ip6addr_string(ndo, prefix), 2081 bit_length)); 2082 2083 ND_PRINT((ndo, ", Distribution: %s, Metric: %u", 2084 ISIS_MASK_TLV_EXTD_IP_UPDOWN(status_byte) ? "down" : "up", 2085 metric)); 2086 2087 if (afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2088 ND_PRINT((ndo, ", sub-TLVs present")); 2089 else if (afi == AF_INET6) 2090 ND_PRINT((ndo, ", %s%s", 2091 ISIS_MASK_TLV_EXTD_IP6_IE(status_byte) ? "External" : "Internal", 2092 ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte) ? ", sub-TLVs present" : "")); 2093 2094 if ((afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2095 || (afi == AF_INET6 && ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte)) 2096 ) { 2097 /* assume that one prefix can hold more 2098 than one subTLV - therefore the first byte must reflect 2099 the aggregate bytecount of the subTLVs for this prefix 2100 */ 2101 if (!ND_TTEST2(*tptr, 1)) 2102 return (0); 2103 sublen=*(tptr++); 2104 processed+=sublen+1; 2105 ND_PRINT((ndo, " (%u)", sublen)); /* print out subTLV length */ 2106 2107 while (sublen>0) { 2108 if (!ND_TTEST2(*tptr,2)) 2109 return (0); 2110 subtlvtype=*(tptr++); 2111 subtlvlen=*(tptr++); 2112 /* prepend the indent string */ 2113 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 2114 if (!isis_print_ip_reach_subtlv(ndo, tptr, subtlvtype, subtlvlen, ident_buffer)) 2115 return(0); 2116 tptr+=subtlvlen; 2117 sublen-=(subtlvlen+2); 2118 } 2119 } 2120 return (processed); 2121 } 2122 2123 /* 2124 * Clear checksum and lifetime prior to signature verification. 2125 */ 2126 static void 2127 isis_clear_checksum_lifetime(void *header) 2128 { 2129 struct isis_lsp_header *header_lsp = (struct isis_lsp_header *) header; 2130 2131 header_lsp->checksum[0] = 0; 2132 header_lsp->checksum[1] = 0; 2133 header_lsp->remaining_lifetime[0] = 0; 2134 header_lsp->remaining_lifetime[1] = 0; 2135 } 2136 2137 /* 2138 * isis_print 2139 * Decode IS-IS packets. Return 0 on error. 2140 */ 2141 2142 static int 2143 isis_print(netdissect_options *ndo, 2144 const uint8_t *p, u_int length) 2145 { 2146 const struct isis_common_header *isis_header; 2147 2148 const struct isis_iih_lan_header *header_iih_lan; 2149 const struct isis_iih_ptp_header *header_iih_ptp; 2150 const struct isis_lsp_header *header_lsp; 2151 const struct isis_csnp_header *header_csnp; 2152 const struct isis_psnp_header *header_psnp; 2153 2154 const struct isis_tlv_lsp *tlv_lsp; 2155 const struct isis_tlv_ptp_adj *tlv_ptp_adj; 2156 const struct isis_tlv_is_reach *tlv_is_reach; 2157 const struct isis_tlv_es_reach *tlv_es_reach; 2158 2159 uint8_t pdu_type, max_area, id_length, tlv_type, tlv_len, tmp, alen, lan_alen, prefix_len; 2160 uint8_t ext_is_len, ext_ip_len, mt_len; 2161 const uint8_t *optr, *pptr, *tptr; 2162 u_short packet_len,pdu_len, key_id; 2163 u_int i,vendor_id; 2164 int sigcheck; 2165 2166 packet_len=length; 2167 optr = p; /* initialize the _o_riginal pointer to the packet start - 2168 need it for parsing the checksum TLV and authentication 2169 TLV verification */ 2170 isis_header = (const struct isis_common_header *)p; 2171 ND_TCHECK(*isis_header); 2172 pptr = p+(ISIS_COMMON_HEADER_SIZE); 2173 header_iih_lan = (const struct isis_iih_lan_header *)pptr; 2174 header_iih_ptp = (const struct isis_iih_ptp_header *)pptr; 2175 header_lsp = (const struct isis_lsp_header *)pptr; 2176 header_csnp = (const struct isis_csnp_header *)pptr; 2177 header_psnp = (const struct isis_psnp_header *)pptr; 2178 2179 if (!ndo->ndo_eflag) 2180 ND_PRINT((ndo, "IS-IS")); 2181 2182 /* 2183 * Sanity checking of the header. 2184 */ 2185 2186 if (isis_header->version != ISIS_VERSION) { 2187 ND_PRINT((ndo, "version %d packet not supported", isis_header->version)); 2188 return (0); 2189 } 2190 2191 if ((isis_header->id_length != SYSTEM_ID_LEN) && (isis_header->id_length != 0)) { 2192 ND_PRINT((ndo, "system ID length of %d is not supported", 2193 isis_header->id_length)); 2194 return (0); 2195 } 2196 2197 if (isis_header->pdu_version != ISIS_VERSION) { 2198 ND_PRINT((ndo, "version %d packet not supported", isis_header->pdu_version)); 2199 return (0); 2200 } 2201 2202 max_area = isis_header->max_area; 2203 switch(max_area) { 2204 case 0: 2205 max_area = 3; /* silly shit */ 2206 break; 2207 case 255: 2208 ND_PRINT((ndo, "bad packet -- 255 areas")); 2209 return (0); 2210 default: 2211 break; 2212 } 2213 2214 id_length = isis_header->id_length; 2215 switch(id_length) { 2216 case 0: 2217 id_length = 6; /* silly shit again */ 2218 break; 2219 case 1: /* 1-8 are valid sys-ID lenghts */ 2220 case 2: 2221 case 3: 2222 case 4: 2223 case 5: 2224 case 6: 2225 case 7: 2226 case 8: 2227 break; 2228 case 255: 2229 id_length = 0; /* entirely useless */ 2230 break; 2231 default: 2232 break; 2233 } 2234 2235 /* toss any non 6-byte sys-ID len PDUs */ 2236 if (id_length != 6 ) { 2237 ND_PRINT((ndo, "bad packet -- illegal sys-ID length (%u)", id_length)); 2238 return (0); 2239 } 2240 2241 pdu_type=isis_header->pdu_type; 2242 2243 /* in non-verbose mode print the basic PDU Type plus PDU specific brief information*/ 2244 if (ndo->ndo_vflag < 1) { 2245 ND_PRINT((ndo, "%s%s", 2246 ndo->ndo_eflag ? "" : ", ", 2247 tok2str(isis_pdu_values, "unknown PDU-Type %u", pdu_type))); 2248 2249 switch (pdu_type) { 2250 2251 case ISIS_PDU_L1_LAN_IIH: 2252 case ISIS_PDU_L2_LAN_IIH: 2253 ND_TCHECK(*header_iih_lan); 2254 ND_PRINT((ndo, ", src-id %s", 2255 isis_print_id(header_iih_lan->source_id, SYSTEM_ID_LEN))); 2256 ND_PRINT((ndo, ", lan-id %s, prio %u", 2257 isis_print_id(header_iih_lan->lan_id,NODE_ID_LEN), 2258 header_iih_lan->priority)); 2259 break; 2260 case ISIS_PDU_PTP_IIH: 2261 ND_TCHECK(*header_iih_ptp); 2262 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_iih_ptp->source_id, SYSTEM_ID_LEN))); 2263 break; 2264 case ISIS_PDU_L1_LSP: 2265 case ISIS_PDU_L2_LSP: 2266 ND_TCHECK(*header_lsp); 2267 ND_PRINT((ndo, ", lsp-id %s, seq 0x%08x, lifetime %5us", 2268 isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), 2269 EXTRACT_32BITS(header_lsp->sequence_number), 2270 EXTRACT_16BITS(header_lsp->remaining_lifetime))); 2271 break; 2272 case ISIS_PDU_L1_CSNP: 2273 case ISIS_PDU_L2_CSNP: 2274 ND_TCHECK(*header_csnp); 2275 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_csnp->source_id, NODE_ID_LEN))); 2276 break; 2277 case ISIS_PDU_L1_PSNP: 2278 case ISIS_PDU_L2_PSNP: 2279 ND_TCHECK(*header_psnp); 2280 ND_PRINT((ndo, ", src-id %s", isis_print_id(header_psnp->source_id, NODE_ID_LEN))); 2281 break; 2282 2283 } 2284 ND_PRINT((ndo, ", length %u", length)); 2285 2286 return(1); 2287 } 2288 2289 /* ok they seem to want to know everything - lets fully decode it */ 2290 ND_PRINT((ndo, "%slength %u", ndo->ndo_eflag ? "" : ", ", length)); 2291 2292 ND_PRINT((ndo, "\n\t%s, hlen: %u, v: %u, pdu-v: %u, sys-id-len: %u (%u), max-area: %u (%u)", 2293 tok2str(isis_pdu_values, 2294 "unknown, type %u", 2295 pdu_type), 2296 isis_header->fixed_len, 2297 isis_header->version, 2298 isis_header->pdu_version, 2299 id_length, 2300 isis_header->id_length, 2301 max_area, 2302 isis_header->max_area)); 2303 2304 if (ndo->ndo_vflag > 1) { 2305 if (!print_unknown_data(ndo, optr, "\n\t", 8)) /* provide the _o_riginal pointer */ 2306 return(0); /* for optionally debugging the common header */ 2307 } 2308 2309 switch (pdu_type) { 2310 2311 case ISIS_PDU_L1_LAN_IIH: 2312 case ISIS_PDU_L2_LAN_IIH: 2313 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)) { 2314 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2315 isis_header->fixed_len, (unsigned long)ISIS_IIH_LAN_HEADER_SIZE)); 2316 return (0); 2317 } 2318 2319 ND_TCHECK(*header_iih_lan); 2320 pdu_len=EXTRACT_16BITS(header_iih_lan->pdu_len); 2321 if (packet_len>pdu_len) { 2322 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2323 length=pdu_len; 2324 } 2325 2326 ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]", 2327 isis_print_id(header_iih_lan->source_id,SYSTEM_ID_LEN), 2328 EXTRACT_16BITS(header_iih_lan->holding_time), 2329 tok2str(isis_iih_circuit_type_values, 2330 "unknown circuit type 0x%02x", 2331 header_iih_lan->circuit_type))); 2332 2333 ND_PRINT((ndo, "\n\t lan-id: %s, Priority: %u, PDU length: %u", 2334 isis_print_id(header_iih_lan->lan_id, NODE_ID_LEN), 2335 (header_iih_lan->priority) & ISIS_LAN_PRIORITY_MASK, 2336 pdu_len)); 2337 2338 if (ndo->ndo_vflag > 1) { 2339 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_LAN_HEADER_SIZE)) 2340 return(0); 2341 } 2342 2343 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2344 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2345 break; 2346 2347 case ISIS_PDU_PTP_IIH: 2348 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)) { 2349 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2350 isis_header->fixed_len, (unsigned long)ISIS_IIH_PTP_HEADER_SIZE)); 2351 return (0); 2352 } 2353 2354 ND_TCHECK(*header_iih_ptp); 2355 pdu_len=EXTRACT_16BITS(header_iih_ptp->pdu_len); 2356 if (packet_len>pdu_len) { 2357 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2358 length=pdu_len; 2359 } 2360 2361 ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]", 2362 isis_print_id(header_iih_ptp->source_id,SYSTEM_ID_LEN), 2363 EXTRACT_16BITS(header_iih_ptp->holding_time), 2364 tok2str(isis_iih_circuit_type_values, 2365 "unknown circuit type 0x%02x", 2366 header_iih_ptp->circuit_type))); 2367 2368 ND_PRINT((ndo, "\n\t circuit-id: 0x%02x, PDU length: %u", 2369 header_iih_ptp->circuit_id, 2370 pdu_len)); 2371 2372 if (ndo->ndo_vflag > 1) { 2373 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_PTP_HEADER_SIZE)) 2374 return(0); 2375 } 2376 2377 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2378 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2379 break; 2380 2381 case ISIS_PDU_L1_LSP: 2382 case ISIS_PDU_L2_LSP: 2383 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE)) { 2384 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2385 isis_header->fixed_len, (unsigned long)ISIS_LSP_HEADER_SIZE)); 2386 return (0); 2387 } 2388 2389 ND_TCHECK(*header_lsp); 2390 pdu_len=EXTRACT_16BITS(header_lsp->pdu_len); 2391 if (packet_len>pdu_len) { 2392 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2393 length=pdu_len; 2394 } 2395 2396 ND_PRINT((ndo, "\n\t lsp-id: %s, seq: 0x%08x, lifetime: %5us\n\t chksum: 0x%04x", 2397 isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), 2398 EXTRACT_32BITS(header_lsp->sequence_number), 2399 EXTRACT_16BITS(header_lsp->remaining_lifetime), 2400 EXTRACT_16BITS(header_lsp->checksum))); 2401 2402 if (osi_print_cksum(ndo, (const uint8_t *)header_lsp->lsp_id, 2403 EXTRACT_16BITS(header_lsp->checksum), 2404 12, length-12) == 0) 2405 goto trunc; 2406 2407 ND_PRINT((ndo, ", PDU length: %u, Flags: [ %s", 2408 pdu_len, 2409 ISIS_MASK_LSP_OL_BIT(header_lsp->typeblock) ? "Overload bit set, " : "")); 2410 2411 if (ISIS_MASK_LSP_ATT_BITS(header_lsp->typeblock)) { 2412 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_DEFAULT_BIT(header_lsp->typeblock) ? "default " : "")); 2413 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_DELAY_BIT(header_lsp->typeblock) ? "delay " : "")); 2414 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_EXPENSE_BIT(header_lsp->typeblock) ? "expense " : "")); 2415 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_ATT_ERROR_BIT(header_lsp->typeblock) ? "error " : "")); 2416 ND_PRINT((ndo, "ATT bit set, ")); 2417 } 2418 ND_PRINT((ndo, "%s", ISIS_MASK_LSP_PARTITION_BIT(header_lsp->typeblock) ? "P bit set, " : "")); 2419 ND_PRINT((ndo, "%s ]", tok2str(isis_lsp_istype_values, "Unknown(0x%x)", 2420 ISIS_MASK_LSP_ISTYPE_BITS(header_lsp->typeblock)))); 2421 2422 if (ndo->ndo_vflag > 1) { 2423 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_LSP_HEADER_SIZE)) 2424 return(0); 2425 } 2426 2427 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2428 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2429 break; 2430 2431 case ISIS_PDU_L1_CSNP: 2432 case ISIS_PDU_L2_CSNP: 2433 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)) { 2434 ND_PRINT((ndo, ", bogus fixed header length %u should be %lu", 2435 isis_header->fixed_len, (unsigned long)ISIS_CSNP_HEADER_SIZE)); 2436 return (0); 2437 } 2438 2439 ND_TCHECK(*header_csnp); 2440 pdu_len=EXTRACT_16BITS(header_csnp->pdu_len); 2441 if (packet_len>pdu_len) { 2442 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2443 length=pdu_len; 2444 } 2445 2446 ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u", 2447 isis_print_id(header_csnp->source_id, NODE_ID_LEN), 2448 pdu_len)); 2449 ND_PRINT((ndo, "\n\t start lsp-id: %s", 2450 isis_print_id(header_csnp->start_lsp_id, LSP_ID_LEN))); 2451 ND_PRINT((ndo, "\n\t end lsp-id: %s", 2452 isis_print_id(header_csnp->end_lsp_id, LSP_ID_LEN))); 2453 2454 if (ndo->ndo_vflag > 1) { 2455 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_CSNP_HEADER_SIZE)) 2456 return(0); 2457 } 2458 2459 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2460 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2461 break; 2462 2463 case ISIS_PDU_L1_PSNP: 2464 case ISIS_PDU_L2_PSNP: 2465 if (isis_header->fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)) { 2466 ND_PRINT((ndo, "- bogus fixed header length %u should be %lu", 2467 isis_header->fixed_len, (unsigned long)ISIS_PSNP_HEADER_SIZE)); 2468 return (0); 2469 } 2470 2471 ND_TCHECK(*header_psnp); 2472 pdu_len=EXTRACT_16BITS(header_psnp->pdu_len); 2473 if (packet_len>pdu_len) { 2474 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2475 length=pdu_len; 2476 } 2477 2478 ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u", 2479 isis_print_id(header_psnp->source_id, NODE_ID_LEN), 2480 pdu_len)); 2481 2482 if (ndo->ndo_vflag > 1) { 2483 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_PSNP_HEADER_SIZE)) 2484 return(0); 2485 } 2486 2487 packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2488 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2489 break; 2490 2491 default: 2492 (void)print_unknown_data(ndo, pptr, "\n\t ", length); 2493 return (0); 2494 } 2495 2496 /* 2497 * Now print the TLV's. 2498 */ 2499 2500 while (packet_len >= 2) { 2501 if (pptr == ndo->ndo_snapend) { 2502 return (1); 2503 } 2504 2505 ND_TCHECK2(*pptr, 2); 2506 tlv_type = *pptr++; 2507 tlv_len = *pptr++; 2508 tmp =tlv_len; /* copy temporary len & pointer to packet data */ 2509 tptr = pptr; 2510 packet_len -= 2; 2511 if (tlv_len > packet_len) { 2512 break; 2513 } 2514 2515 /* first lets see if we know the TLVs name*/ 2516 ND_PRINT((ndo, "\n\t %s TLV #%u, length: %u", 2517 tok2str(isis_tlv_values, 2518 "unknown", 2519 tlv_type), 2520 tlv_type, 2521 tlv_len)); 2522 2523 if (tlv_len == 0) /* something is invalid */ 2524 continue; 2525 2526 /* now check if we have a decoder otherwise do a hexdump at the end*/ 2527 switch (tlv_type) { 2528 case ISIS_TLV_AREA_ADDR: 2529 ND_TCHECK2(*tptr, 1); 2530 alen = *tptr++; 2531 while (tmp && alen < tmp) { 2532 ND_PRINT((ndo, "\n\t Area address (length: %u): %s", 2533 alen, 2534 isonsap_string(ndo, tptr, alen))); 2535 tptr += alen; 2536 tmp -= alen + 1; 2537 if (tmp==0) /* if this is the last area address do not attemt a boundary check */ 2538 break; 2539 ND_TCHECK2(*tptr, 1); 2540 alen = *tptr++; 2541 } 2542 break; 2543 case ISIS_TLV_ISNEIGH: 2544 while (tmp >= ETHER_ADDR_LEN) { 2545 ND_TCHECK2(*tptr, ETHER_ADDR_LEN); 2546 ND_PRINT((ndo, "\n\t SNPA: %s", isis_print_id(tptr, ETHER_ADDR_LEN))); 2547 tmp -= ETHER_ADDR_LEN; 2548 tptr += ETHER_ADDR_LEN; 2549 } 2550 break; 2551 2552 case ISIS_TLV_ISNEIGH_VARLEN: 2553 if (!ND_TTEST2(*tptr, 1) || tmp < 3) /* min. TLV length */ 2554 goto trunctlv; 2555 lan_alen = *tptr++; /* LAN address length */ 2556 if (lan_alen == 0) { 2557 ND_PRINT((ndo, "\n\t LAN address length 0 bytes (invalid)")); 2558 break; 2559 } 2560 tmp --; 2561 ND_PRINT((ndo, "\n\t LAN address length %u bytes ", lan_alen)); 2562 while (tmp >= lan_alen) { 2563 ND_TCHECK2(*tptr, lan_alen); 2564 ND_PRINT((ndo, "\n\t\tIS Neighbor: %s", isis_print_id(tptr, lan_alen))); 2565 tmp -= lan_alen; 2566 tptr +=lan_alen; 2567 } 2568 break; 2569 2570 case ISIS_TLV_PADDING: 2571 break; 2572 2573 case ISIS_TLV_MT_IS_REACH: 2574 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2575 if (mt_len == 0) /* did something go wrong ? */ 2576 goto trunctlv; 2577 tptr+=mt_len; 2578 tmp-=mt_len; 2579 while (tmp >= 2+NODE_ID_LEN+3+1) { 2580 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2581 if (ext_is_len == 0) /* did something go wrong ? */ 2582 goto trunctlv; 2583 2584 tmp-=ext_is_len; 2585 tptr+=ext_is_len; 2586 } 2587 break; 2588 2589 case ISIS_TLV_IS_ALIAS_ID: 2590 while (tmp >= NODE_ID_LEN+1) { /* is it worth attempting a decode ? */ 2591 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2592 if (ext_is_len == 0) /* did something go wrong ? */ 2593 goto trunctlv; 2594 tmp-=ext_is_len; 2595 tptr+=ext_is_len; 2596 } 2597 break; 2598 2599 case ISIS_TLV_EXT_IS_REACH: 2600 while (tmp >= NODE_ID_LEN+3+1) { /* is it worth attempting a decode ? */ 2601 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type); 2602 if (ext_is_len == 0) /* did something go wrong ? */ 2603 goto trunctlv; 2604 tmp-=ext_is_len; 2605 tptr+=ext_is_len; 2606 } 2607 break; 2608 case ISIS_TLV_IS_REACH: 2609 ND_TCHECK2(*tptr,1); /* check if there is one byte left to read out the virtual flag */ 2610 ND_PRINT((ndo, "\n\t %s", 2611 tok2str(isis_is_reach_virtual_values, 2612 "bogus virtual flag 0x%02x", 2613 *tptr++))); 2614 tlv_is_reach = (const struct isis_tlv_is_reach *)tptr; 2615 while (tmp >= sizeof(struct isis_tlv_is_reach)) { 2616 ND_TCHECK(*tlv_is_reach); 2617 ND_PRINT((ndo, "\n\t IS Neighbor: %s", 2618 isis_print_id(tlv_is_reach->neighbor_nodeid, NODE_ID_LEN))); 2619 isis_print_metric_block(ndo, &tlv_is_reach->isis_metric_block); 2620 tmp -= sizeof(struct isis_tlv_is_reach); 2621 tlv_is_reach++; 2622 } 2623 break; 2624 2625 case ISIS_TLV_ESNEIGH: 2626 tlv_es_reach = (const struct isis_tlv_es_reach *)tptr; 2627 while (tmp >= sizeof(struct isis_tlv_es_reach)) { 2628 ND_TCHECK(*tlv_es_reach); 2629 ND_PRINT((ndo, "\n\t ES Neighbor: %s", 2630 isis_print_id(tlv_es_reach->neighbor_sysid, SYSTEM_ID_LEN))); 2631 isis_print_metric_block(ndo, &tlv_es_reach->isis_metric_block); 2632 tmp -= sizeof(struct isis_tlv_es_reach); 2633 tlv_es_reach++; 2634 } 2635 break; 2636 2637 /* those two TLVs share the same format */ 2638 case ISIS_TLV_INT_IP_REACH: 2639 case ISIS_TLV_EXT_IP_REACH: 2640 if (!isis_print_tlv_ip_reach(ndo, pptr, "\n\t ", tlv_len)) 2641 return (1); 2642 break; 2643 2644 case ISIS_TLV_EXTD_IP_REACH: 2645 while (tmp>0) { 2646 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 2647 if (ext_ip_len == 0) /* did something go wrong ? */ 2648 goto trunctlv; 2649 tptr+=ext_ip_len; 2650 tmp-=ext_ip_len; 2651 } 2652 break; 2653 2654 case ISIS_TLV_MT_IP_REACH: 2655 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2656 if (mt_len == 0) { /* did something go wrong ? */ 2657 goto trunctlv; 2658 } 2659 tptr+=mt_len; 2660 tmp-=mt_len; 2661 2662 while (tmp>0) { 2663 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 2664 if (ext_ip_len == 0) /* did something go wrong ? */ 2665 goto trunctlv; 2666 tptr+=ext_ip_len; 2667 tmp-=ext_ip_len; 2668 } 2669 break; 2670 2671 case ISIS_TLV_IP6_REACH: 2672 while (tmp>0) { 2673 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 2674 if (ext_ip_len == 0) /* did something go wrong ? */ 2675 goto trunctlv; 2676 tptr+=ext_ip_len; 2677 tmp-=ext_ip_len; 2678 } 2679 break; 2680 2681 case ISIS_TLV_MT_IP6_REACH: 2682 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2683 if (mt_len == 0) { /* did something go wrong ? */ 2684 goto trunctlv; 2685 } 2686 tptr+=mt_len; 2687 tmp-=mt_len; 2688 2689 while (tmp>0) { 2690 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 2691 if (ext_ip_len == 0) /* did something go wrong ? */ 2692 goto trunctlv; 2693 tptr+=ext_ip_len; 2694 tmp-=ext_ip_len; 2695 } 2696 break; 2697 2698 case ISIS_TLV_IP6ADDR: 2699 while (tmp>=sizeof(struct in6_addr)) { 2700 ND_TCHECK2(*tptr, sizeof(struct in6_addr)); 2701 2702 ND_PRINT((ndo, "\n\t IPv6 interface address: %s", 2703 ip6addr_string(ndo, tptr))); 2704 2705 tptr += sizeof(struct in6_addr); 2706 tmp -= sizeof(struct in6_addr); 2707 } 2708 break; 2709 case ISIS_TLV_AUTH: 2710 ND_TCHECK2(*tptr, 1); 2711 2712 ND_PRINT((ndo, "\n\t %s: ", 2713 tok2str(isis_subtlv_auth_values, 2714 "unknown Authentication type 0x%02x", 2715 *tptr))); 2716 2717 switch (*tptr) { 2718 case ISIS_SUBTLV_AUTH_SIMPLE: 2719 if (fn_printzp(ndo, tptr + 1, tlv_len - 1, ndo->ndo_snapend)) 2720 goto trunctlv; 2721 break; 2722 case ISIS_SUBTLV_AUTH_MD5: 2723 for(i=1;i<tlv_len;i++) { 2724 ND_TCHECK2(*(tptr + i), 1); 2725 ND_PRINT((ndo, "%02x", *(tptr + i))); 2726 } 2727 if (tlv_len != ISIS_SUBTLV_AUTH_MD5_LEN+1) 2728 ND_PRINT((ndo, ", (invalid subTLV) ")); 2729 2730 sigcheck = signature_verify(ndo, optr, length, tptr + 1, 2731 isis_clear_checksum_lifetime, 2732 header_lsp); 2733 ND_PRINT((ndo, " (%s)", tok2str(signature_check_values, "Unknown", sigcheck))); 2734 2735 break; 2736 case ISIS_SUBTLV_AUTH_GENERIC: 2737 ND_TCHECK2(*(tptr + 1), 2); 2738 key_id = EXTRACT_16BITS((tptr+1)); 2739 ND_PRINT((ndo, "%u, password: ", key_id)); 2740 for(i=1 + sizeof(uint16_t);i<tlv_len;i++) { 2741 ND_TCHECK2(*(tptr + i), 1); 2742 ND_PRINT((ndo, "%02x", *(tptr + i))); 2743 } 2744 break; 2745 case ISIS_SUBTLV_AUTH_PRIVATE: 2746 default: 2747 if (!print_unknown_data(ndo, tptr + 1, "\n\t\t ", tlv_len - 1)) 2748 return(0); 2749 break; 2750 } 2751 break; 2752 2753 case ISIS_TLV_PTP_ADJ: 2754 tlv_ptp_adj = (const struct isis_tlv_ptp_adj *)tptr; 2755 if(tmp>=1) { 2756 ND_TCHECK2(*tptr, 1); 2757 ND_PRINT((ndo, "\n\t Adjacency State: %s (%u)", 2758 tok2str(isis_ptp_adjancey_values, "unknown", *tptr), 2759 *tptr)); 2760 tmp--; 2761 } 2762 if(tmp>sizeof(tlv_ptp_adj->extd_local_circuit_id)) { 2763 ND_TCHECK(tlv_ptp_adj->extd_local_circuit_id); 2764 ND_PRINT((ndo, "\n\t Extended Local circuit-ID: 0x%08x", 2765 EXTRACT_32BITS(tlv_ptp_adj->extd_local_circuit_id))); 2766 tmp-=sizeof(tlv_ptp_adj->extd_local_circuit_id); 2767 } 2768 if(tmp>=SYSTEM_ID_LEN) { 2769 ND_TCHECK2(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN); 2770 ND_PRINT((ndo, "\n\t Neighbor System-ID: %s", 2771 isis_print_id(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN))); 2772 tmp-=SYSTEM_ID_LEN; 2773 } 2774 if(tmp>=sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id)) { 2775 ND_TCHECK(tlv_ptp_adj->neighbor_extd_local_circuit_id); 2776 ND_PRINT((ndo, "\n\t Neighbor Extended Local circuit-ID: 0x%08x", 2777 EXTRACT_32BITS(tlv_ptp_adj->neighbor_extd_local_circuit_id))); 2778 } 2779 break; 2780 2781 case ISIS_TLV_PROTOCOLS: 2782 ND_PRINT((ndo, "\n\t NLPID(s): ")); 2783 while (tmp>0) { 2784 ND_TCHECK2(*(tptr), 1); 2785 ND_PRINT((ndo, "%s (0x%02x)", 2786 tok2str(nlpid_values, 2787 "unknown", 2788 *tptr), 2789 *tptr)); 2790 if (tmp>1) /* further NPLIDs ? - put comma */ 2791 ND_PRINT((ndo, ", ")); 2792 tptr++; 2793 tmp--; 2794 } 2795 break; 2796 2797 case ISIS_TLV_MT_PORT_CAP: 2798 { 2799 ND_TCHECK2(*(tptr), 2); 2800 2801 ND_PRINT((ndo, "\n\t RES: %d, MTID(s): %d", 2802 (EXTRACT_16BITS (tptr) >> 12), 2803 (EXTRACT_16BITS (tptr) & 0x0fff))); 2804 2805 tmp = tmp-2; 2806 tptr = tptr+2; 2807 2808 if (tmp) 2809 isis_print_mt_port_cap_subtlv(ndo, tptr, tmp); 2810 2811 break; 2812 } 2813 2814 case ISIS_TLV_MT_CAPABILITY: 2815 2816 ND_TCHECK2(*(tptr), 2); 2817 2818 ND_PRINT((ndo, "\n\t O: %d, RES: %d, MTID(s): %d", 2819 (EXTRACT_16BITS(tptr) >> 15) & 0x01, 2820 (EXTRACT_16BITS(tptr) >> 12) & 0x07, 2821 EXTRACT_16BITS(tptr) & 0x0fff)); 2822 2823 tmp = tmp-2; 2824 tptr = tptr+2; 2825 2826 if (tmp) 2827 isis_print_mt_capability_subtlv(ndo, tptr, tmp); 2828 2829 break; 2830 2831 case ISIS_TLV_TE_ROUTER_ID: 2832 ND_TCHECK2(*pptr, sizeof(struct in_addr)); 2833 ND_PRINT((ndo, "\n\t Traffic Engineering Router ID: %s", ipaddr_string(ndo, pptr))); 2834 break; 2835 2836 case ISIS_TLV_IPADDR: 2837 while (tmp>=sizeof(struct in_addr)) { 2838 ND_TCHECK2(*tptr, sizeof(struct in_addr)); 2839 ND_PRINT((ndo, "\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr))); 2840 tptr += sizeof(struct in_addr); 2841 tmp -= sizeof(struct in_addr); 2842 } 2843 break; 2844 2845 case ISIS_TLV_HOSTNAME: 2846 ND_PRINT((ndo, "\n\t Hostname: ")); 2847 if (fn_printzp(ndo, tptr, tmp, ndo->ndo_snapend)) 2848 goto trunctlv; 2849 break; 2850 2851 case ISIS_TLV_SHARED_RISK_GROUP: 2852 if (tmp < NODE_ID_LEN) 2853 break; 2854 ND_TCHECK2(*tptr, NODE_ID_LEN); 2855 ND_PRINT((ndo, "\n\t IS Neighbor: %s", isis_print_id(tptr, NODE_ID_LEN))); 2856 tptr+=(NODE_ID_LEN); 2857 tmp-=(NODE_ID_LEN); 2858 2859 if (tmp < 1) 2860 break; 2861 ND_TCHECK2(*tptr, 1); 2862 ND_PRINT((ndo, ", Flags: [%s]", ISIS_MASK_TLV_SHARED_RISK_GROUP(*tptr++) ? "numbered" : "unnumbered")); 2863 tmp--; 2864 2865 if (tmp < sizeof(struct in_addr)) 2866 break; 2867 ND_TCHECK2(*tptr, sizeof(struct in_addr)); 2868 ND_PRINT((ndo, "\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr))); 2869 tptr+=sizeof(struct in_addr); 2870 tmp-=sizeof(struct in_addr); 2871 2872 if (tmp < sizeof(struct in_addr)) 2873 break; 2874 ND_TCHECK2(*tptr, sizeof(struct in_addr)); 2875 ND_PRINT((ndo, "\n\t IPv4 neighbor address: %s", ipaddr_string(ndo, tptr))); 2876 tptr+=sizeof(struct in_addr); 2877 tmp-=sizeof(struct in_addr); 2878 2879 while (tmp>=4) { 2880 ND_TCHECK2(*tptr, 4); 2881 ND_PRINT((ndo, "\n\t Link-ID: 0x%08x", EXTRACT_32BITS(tptr))); 2882 tptr+=4; 2883 tmp-=4; 2884 } 2885 break; 2886 2887 case ISIS_TLV_LSP: 2888 tlv_lsp = (const struct isis_tlv_lsp *)tptr; 2889 while(tmp>=sizeof(struct isis_tlv_lsp)) { 2890 ND_TCHECK((tlv_lsp->lsp_id)[LSP_ID_LEN-1]); 2891 ND_PRINT((ndo, "\n\t lsp-id: %s", 2892 isis_print_id(tlv_lsp->lsp_id, LSP_ID_LEN))); 2893 ND_TCHECK2(tlv_lsp->sequence_number, 4); 2894 ND_PRINT((ndo, ", seq: 0x%08x", EXTRACT_32BITS(tlv_lsp->sequence_number))); 2895 ND_TCHECK2(tlv_lsp->remaining_lifetime, 2); 2896 ND_PRINT((ndo, ", lifetime: %5ds", EXTRACT_16BITS(tlv_lsp->remaining_lifetime))); 2897 ND_TCHECK2(tlv_lsp->checksum, 2); 2898 ND_PRINT((ndo, ", chksum: 0x%04x", EXTRACT_16BITS(tlv_lsp->checksum))); 2899 tmp-=sizeof(struct isis_tlv_lsp); 2900 tlv_lsp++; 2901 } 2902 break; 2903 2904 case ISIS_TLV_CHECKSUM: 2905 if (tmp < ISIS_TLV_CHECKSUM_MINLEN) 2906 break; 2907 ND_TCHECK2(*tptr, ISIS_TLV_CHECKSUM_MINLEN); 2908 ND_PRINT((ndo, "\n\t checksum: 0x%04x ", EXTRACT_16BITS(tptr))); 2909 /* do not attempt to verify the checksum if it is zero 2910 * most likely a HMAC-MD5 TLV is also present and 2911 * to avoid conflicts the checksum TLV is zeroed. 2912 * see rfc3358 for details 2913 */ 2914 if (osi_print_cksum(ndo, optr, EXTRACT_16BITS(tptr), tptr-optr, 2915 length) == 0) 2916 goto trunc; 2917 break; 2918 2919 case ISIS_TLV_POI: 2920 if (tlv_len >= SYSTEM_ID_LEN + 1) { 2921 ND_TCHECK2(*tptr, SYSTEM_ID_LEN + 1); 2922 ND_PRINT((ndo, "\n\t Purge Originator System-ID: %s", 2923 isis_print_id(tptr + 1, SYSTEM_ID_LEN))); 2924 } 2925 2926 if (tlv_len == 2 * SYSTEM_ID_LEN + 1) { 2927 ND_TCHECK2(*tptr, 2 * SYSTEM_ID_LEN + 1); 2928 ND_PRINT((ndo, "\n\t Received from System-ID: %s", 2929 isis_print_id(tptr + SYSTEM_ID_LEN + 1, SYSTEM_ID_LEN))); 2930 } 2931 break; 2932 2933 case ISIS_TLV_MT_SUPPORTED: 2934 if (tmp < ISIS_TLV_MT_SUPPORTED_MINLEN) 2935 break; 2936 while (tmp>1) { 2937 /* length can only be a multiple of 2, otherwise there is 2938 something broken -> so decode down until length is 1 */ 2939 if (tmp!=1) { 2940 mt_len = isis_print_mtid(ndo, tptr, "\n\t "); 2941 if (mt_len == 0) /* did something go wrong ? */ 2942 goto trunctlv; 2943 tptr+=mt_len; 2944 tmp-=mt_len; 2945 } else { 2946 ND_PRINT((ndo, "\n\t invalid MT-ID")); 2947 break; 2948 } 2949 } 2950 break; 2951 2952 case ISIS_TLV_RESTART_SIGNALING: 2953 /* first attempt to decode the flags */ 2954 if (tmp < ISIS_TLV_RESTART_SIGNALING_FLAGLEN) 2955 break; 2956 ND_TCHECK2(*tptr, ISIS_TLV_RESTART_SIGNALING_FLAGLEN); 2957 ND_PRINT((ndo, "\n\t Flags [%s]", 2958 bittok2str(isis_restart_flag_values, "none", *tptr))); 2959 tptr+=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 2960 tmp-=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 2961 2962 /* is there anything other than the flags field? */ 2963 if (tmp == 0) 2964 break; 2965 2966 if (tmp < ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN) 2967 break; 2968 ND_TCHECK2(*tptr, ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN); 2969 2970 ND_PRINT((ndo, ", Remaining holding time %us", EXTRACT_16BITS(tptr))); 2971 tptr+=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 2972 tmp-=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 2973 2974 /* is there an additional sysid field present ?*/ 2975 if (tmp == SYSTEM_ID_LEN) { 2976 ND_TCHECK2(*tptr, SYSTEM_ID_LEN); 2977 ND_PRINT((ndo, ", for %s", isis_print_id(tptr,SYSTEM_ID_LEN))); 2978 } 2979 break; 2980 2981 case ISIS_TLV_IDRP_INFO: 2982 if (tmp < ISIS_TLV_IDRP_INFO_MINLEN) 2983 break; 2984 ND_TCHECK2(*tptr, ISIS_TLV_IDRP_INFO_MINLEN); 2985 ND_PRINT((ndo, "\n\t Inter-Domain Information Type: %s", 2986 tok2str(isis_subtlv_idrp_values, 2987 "Unknown (0x%02x)", 2988 *tptr))); 2989 switch (*tptr++) { 2990 case ISIS_SUBTLV_IDRP_ASN: 2991 ND_TCHECK2(*tptr, 2); /* fetch AS number */ 2992 ND_PRINT((ndo, "AS Number: %u", EXTRACT_16BITS(tptr))); 2993 break; 2994 case ISIS_SUBTLV_IDRP_LOCAL: 2995 case ISIS_SUBTLV_IDRP_RES: 2996 default: 2997 if (!print_unknown_data(ndo, tptr, "\n\t ", tlv_len - 1)) 2998 return(0); 2999 break; 3000 } 3001 break; 3002 3003 case ISIS_TLV_LSP_BUFFERSIZE: 3004 if (tmp < ISIS_TLV_LSP_BUFFERSIZE_MINLEN) 3005 break; 3006 ND_TCHECK2(*tptr, ISIS_TLV_LSP_BUFFERSIZE_MINLEN); 3007 ND_PRINT((ndo, "\n\t LSP Buffersize: %u", EXTRACT_16BITS(tptr))); 3008 break; 3009 3010 case ISIS_TLV_PART_DIS: 3011 while (tmp >= SYSTEM_ID_LEN) { 3012 ND_TCHECK2(*tptr, SYSTEM_ID_LEN); 3013 ND_PRINT((ndo, "\n\t %s", isis_print_id(tptr, SYSTEM_ID_LEN))); 3014 tptr+=SYSTEM_ID_LEN; 3015 tmp-=SYSTEM_ID_LEN; 3016 } 3017 break; 3018 3019 case ISIS_TLV_PREFIX_NEIGH: 3020 if (tmp < sizeof(struct isis_metric_block)) 3021 break; 3022 ND_TCHECK2(*tptr, sizeof(struct isis_metric_block)); 3023 ND_PRINT((ndo, "\n\t Metric Block")); 3024 isis_print_metric_block(ndo, (const struct isis_metric_block *)tptr); 3025 tptr+=sizeof(struct isis_metric_block); 3026 tmp-=sizeof(struct isis_metric_block); 3027 3028 while(tmp>0) { 3029 ND_TCHECK2(*tptr, 1); 3030 prefix_len=*tptr++; /* read out prefix length in semioctets*/ 3031 if (prefix_len < 2) { 3032 ND_PRINT((ndo, "\n\t\tAddress: prefix length %u < 2", prefix_len)); 3033 break; 3034 } 3035 tmp--; 3036 if (tmp < prefix_len/2) 3037 break; 3038 ND_TCHECK2(*tptr, prefix_len / 2); 3039 ND_PRINT((ndo, "\n\t\tAddress: %s/%u", 3040 isonsap_string(ndo, tptr, prefix_len / 2), prefix_len * 4)); 3041 tptr+=prefix_len/2; 3042 tmp-=prefix_len/2; 3043 } 3044 break; 3045 3046 case ISIS_TLV_IIH_SEQNR: 3047 if (tmp < ISIS_TLV_IIH_SEQNR_MINLEN) 3048 break; 3049 ND_TCHECK2(*tptr, ISIS_TLV_IIH_SEQNR_MINLEN); /* check if four bytes are on the wire */ 3050 ND_PRINT((ndo, "\n\t Sequence number: %u", EXTRACT_32BITS(tptr))); 3051 break; 3052 3053 case ISIS_TLV_VENDOR_PRIVATE: 3054 if (tmp < ISIS_TLV_VENDOR_PRIVATE_MINLEN) 3055 break; 3056 ND_TCHECK2(*tptr, ISIS_TLV_VENDOR_PRIVATE_MINLEN); /* check if enough byte for a full oui */ 3057 vendor_id = EXTRACT_24BITS(tptr); 3058 ND_PRINT((ndo, "\n\t Vendor: %s (%u)", 3059 tok2str(oui_values, "Unknown", vendor_id), 3060 vendor_id)); 3061 tptr+=3; 3062 tmp-=3; 3063 if (tmp > 0) /* hexdump the rest */ 3064 if (!print_unknown_data(ndo, tptr, "\n\t\t", tmp)) 3065 return(0); 3066 break; 3067 /* 3068 * FIXME those are the defined TLVs that lack a decoder 3069 * you are welcome to contribute code ;-) 3070 */ 3071 3072 case ISIS_TLV_DECNET_PHASE4: 3073 case ISIS_TLV_LUCENT_PRIVATE: 3074 case ISIS_TLV_IPAUTH: 3075 case ISIS_TLV_NORTEL_PRIVATE1: 3076 case ISIS_TLV_NORTEL_PRIVATE2: 3077 3078 default: 3079 if (ndo->ndo_vflag <= 1) { 3080 if (!print_unknown_data(ndo, pptr, "\n\t\t", tlv_len)) 3081 return(0); 3082 } 3083 break; 3084 } 3085 /* do we want to see an additionally hexdump ? */ 3086 if (ndo->ndo_vflag> 1) { 3087 if (!print_unknown_data(ndo, pptr, "\n\t ", tlv_len)) 3088 return(0); 3089 } 3090 3091 pptr += tlv_len; 3092 packet_len -= tlv_len; 3093 } 3094 3095 if (packet_len != 0) { 3096 ND_PRINT((ndo, "\n\t %u straggler bytes", packet_len)); 3097 } 3098 return (1); 3099 3100 trunc: 3101 ND_PRINT((ndo, "%s", tstr)); 3102 return (1); 3103 3104 trunctlv: 3105 ND_PRINT((ndo, "\n\t\t")); 3106 ND_PRINT((ndo, "%s", tstr)); 3107 return(1); 3108 } 3109 3110 static int 3111 osi_print_cksum(netdissect_options *ndo, const uint8_t *pptr, 3112 uint16_t checksum, int checksum_offset, int length) 3113 { 3114 uint16_t calculated_checksum; 3115 3116 /* do not attempt to verify the checksum if it is zero, 3117 * if the total length is nonsense, 3118 * if the offset is nonsense, 3119 * or the base pointer is not sane 3120 */ 3121 if (!checksum 3122 || length < 0 3123 || checksum_offset < 0 3124 || length > ndo->ndo_snaplen 3125 || checksum_offset > ndo->ndo_snaplen 3126 || checksum_offset > length) { 3127 ND_PRINT((ndo, " (unverified)")); 3128 return 1; 3129 } else { 3130 #if 0 3131 printf("\nosi_print_cksum: %p %u %u %u\n", pptr, checksum_offset, length, ndo->ndo_snaplen); 3132 #endif 3133 ND_TCHECK2(*pptr, length); 3134 calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); 3135 if (checksum == calculated_checksum) { 3136 ND_PRINT((ndo, " (correct)")); 3137 } else { 3138 ND_PRINT((ndo, " (incorrect should be 0x%04x)", calculated_checksum)); 3139 } 3140 return 1; 3141 } 3142 trunc: 3143 return 0; 3144 } 3145 3146 /* 3147 * Local Variables: 3148 * c-style: whitesmith 3149 * c-basic-offset: 8 3150 * End: 3151 */ 3152