1 /* 2 * Copyright (c) 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * L2TP support contributed by Motonori Shindo (mshindo@mshindo.net) 22 */ 23 24 #include <sys/cdefs.h> 25 #ifndef lint 26 __RCSID("$NetBSD: print-l2tp.c,v 1.10 2023/08/17 20:19:40 christos Exp $"); 27 #endif 28 29 /* \summary: Layer Two Tunneling Protocol (L2TP) printer */ 30 31 /* specification: RFC 2661 */ 32 33 #ifdef HAVE_CONFIG_H 34 #include <config.h> 35 #endif 36 37 #include "netdissect-stdinc.h" 38 39 #include "netdissect.h" 40 #include "extract.h" 41 42 #define L2TP_FLAG_TYPE 0x8000 /* Type (0=Data, 1=Control) */ 43 #define L2TP_FLAG_LENGTH 0x4000 /* Length */ 44 #define L2TP_FLAG_SEQUENCE 0x0800 /* Sequence */ 45 #define L2TP_FLAG_OFFSET 0x0200 /* Offset */ 46 #define L2TP_FLAG_PRIORITY 0x0100 /* Priority */ 47 48 #define L2TP_VERSION_MASK 0x000f /* Version Mask */ 49 #define L2TP_VERSION_L2F 0x0001 /* L2F */ 50 #define L2TP_VERSION_L2TP 0x0002 /* L2TP */ 51 52 #define L2TP_AVP_HDR_FLAG_MANDATORY 0x8000 /* Mandatory Flag */ 53 #define L2TP_AVP_HDR_FLAG_HIDDEN 0x4000 /* Hidden Flag */ 54 #define L2TP_AVP_HDR_LEN_MASK 0x03ff /* Length Mask */ 55 56 #define L2TP_FRAMING_CAP_SYNC_MASK 0x00000001 /* Synchronous */ 57 #define L2TP_FRAMING_CAP_ASYNC_MASK 0x00000002 /* Asynchronous */ 58 59 #define L2TP_FRAMING_TYPE_SYNC_MASK 0x00000001 /* Synchronous */ 60 #define L2TP_FRAMING_TYPE_ASYNC_MASK 0x00000002 /* Asynchronous */ 61 62 #define L2TP_BEARER_CAP_DIGITAL_MASK 0x00000001 /* Digital */ 63 #define L2TP_BEARER_CAP_ANALOG_MASK 0x00000002 /* Analog */ 64 65 #define L2TP_BEARER_TYPE_DIGITAL_MASK 0x00000001 /* Digital */ 66 #define L2TP_BEARER_TYPE_ANALOG_MASK 0x00000002 /* Analog */ 67 68 /* Authen Type */ 69 #define L2TP_AUTHEN_TYPE_RESERVED 0x0000 /* Reserved */ 70 #define L2TP_AUTHEN_TYPE_TEXTUAL 0x0001 /* Textual username/password exchange */ 71 #define L2TP_AUTHEN_TYPE_CHAP 0x0002 /* PPP CHAP */ 72 #define L2TP_AUTHEN_TYPE_PAP 0x0003 /* PPP PAP */ 73 #define L2TP_AUTHEN_TYPE_NO_AUTH 0x0004 /* No Authentication */ 74 #define L2TP_AUTHEN_TYPE_MSCHAPv1 0x0005 /* MSCHAPv1 */ 75 76 #define L2TP_PROXY_AUTH_ID_MASK 0x00ff 77 78 79 #define L2TP_MSGTYPE_SCCRQ 1 /* Start-Control-Connection-Request */ 80 #define L2TP_MSGTYPE_SCCRP 2 /* Start-Control-Connection-Reply */ 81 #define L2TP_MSGTYPE_SCCCN 3 /* Start-Control-Connection-Connected */ 82 #define L2TP_MSGTYPE_STOPCCN 4 /* Stop-Control-Connection-Notification */ 83 #define L2TP_MSGTYPE_HELLO 6 /* Hello */ 84 #define L2TP_MSGTYPE_OCRQ 7 /* Outgoing-Call-Request */ 85 #define L2TP_MSGTYPE_OCRP 8 /* Outgoing-Call-Reply */ 86 #define L2TP_MSGTYPE_OCCN 9 /* Outgoing-Call-Connected */ 87 #define L2TP_MSGTYPE_ICRQ 10 /* Incoming-Call-Request */ 88 #define L2TP_MSGTYPE_ICRP 11 /* Incoming-Call-Reply */ 89 #define L2TP_MSGTYPE_ICCN 12 /* Incoming-Call-Connected */ 90 #define L2TP_MSGTYPE_CDN 14 /* Call-Disconnect-Notify */ 91 #define L2TP_MSGTYPE_WEN 15 /* WAN-Error-Notify */ 92 #define L2TP_MSGTYPE_SLI 16 /* Set-Link-Info */ 93 94 static const struct tok l2tp_msgtype2str[] = { 95 { L2TP_MSGTYPE_SCCRQ, "SCCRQ" }, 96 { L2TP_MSGTYPE_SCCRP, "SCCRP" }, 97 { L2TP_MSGTYPE_SCCCN, "SCCCN" }, 98 { L2TP_MSGTYPE_STOPCCN, "StopCCN" }, 99 { L2TP_MSGTYPE_HELLO, "HELLO" }, 100 { L2TP_MSGTYPE_OCRQ, "OCRQ" }, 101 { L2TP_MSGTYPE_OCRP, "OCRP" }, 102 { L2TP_MSGTYPE_OCCN, "OCCN" }, 103 { L2TP_MSGTYPE_ICRQ, "ICRQ" }, 104 { L2TP_MSGTYPE_ICRP, "ICRP" }, 105 { L2TP_MSGTYPE_ICCN, "ICCN" }, 106 { L2TP_MSGTYPE_CDN, "CDN" }, 107 { L2TP_MSGTYPE_WEN, "WEN" }, 108 { L2TP_MSGTYPE_SLI, "SLI" }, 109 { 0, NULL } 110 }; 111 112 #define L2TP_AVP_MSGTYPE 0 /* Message Type */ 113 #define L2TP_AVP_RESULT_CODE 1 /* Result Code */ 114 #define L2TP_AVP_PROTO_VER 2 /* Protocol Version */ 115 #define L2TP_AVP_FRAMING_CAP 3 /* Framing Capabilities */ 116 #define L2TP_AVP_BEARER_CAP 4 /* Bearer Capabilities */ 117 #define L2TP_AVP_TIE_BREAKER 5 /* Tie Breaker */ 118 #define L2TP_AVP_FIRM_VER 6 /* Firmware Revision */ 119 #define L2TP_AVP_HOST_NAME 7 /* Host Name */ 120 #define L2TP_AVP_VENDOR_NAME 8 /* Vendor Name */ 121 #define L2TP_AVP_ASSND_TUN_ID 9 /* Assigned Tunnel ID */ 122 #define L2TP_AVP_RECV_WIN_SIZE 10 /* Receive Window Size */ 123 #define L2TP_AVP_CHALLENGE 11 /* Challenge */ 124 #define L2TP_AVP_Q931_CC 12 /* Q.931 Cause Code */ 125 #define L2TP_AVP_CHALLENGE_RESP 13 /* Challenge Response */ 126 #define L2TP_AVP_ASSND_SESS_ID 14 /* Assigned Session ID */ 127 #define L2TP_AVP_CALL_SER_NUM 15 /* Call Serial Number */ 128 #define L2TP_AVP_MINIMUM_BPS 16 /* Minimum BPS */ 129 #define L2TP_AVP_MAXIMUM_BPS 17 /* Maximum BPS */ 130 #define L2TP_AVP_BEARER_TYPE 18 /* Bearer Type */ 131 #define L2TP_AVP_FRAMING_TYPE 19 /* Framing Type */ 132 #define L2TP_AVP_PACKET_PROC_DELAY 20 /* Packet Processing Delay (OBSOLETE) */ 133 #define L2TP_AVP_CALLED_NUMBER 21 /* Called Number */ 134 #define L2TP_AVP_CALLING_NUMBER 22 /* Calling Number */ 135 #define L2TP_AVP_SUB_ADDRESS 23 /* Sub-Address */ 136 #define L2TP_AVP_TX_CONN_SPEED 24 /* (Tx) Connect Speed */ 137 #define L2TP_AVP_PHY_CHANNEL_ID 25 /* Physical Channel ID */ 138 #define L2TP_AVP_INI_RECV_LCP 26 /* Initial Received LCP CONFREQ */ 139 #define L2TP_AVP_LAST_SENT_LCP 27 /* Last Sent LCP CONFREQ */ 140 #define L2TP_AVP_LAST_RECV_LCP 28 /* Last Received LCP CONFREQ */ 141 #define L2TP_AVP_PROXY_AUTH_TYPE 29 /* Proxy Authen Type */ 142 #define L2TP_AVP_PROXY_AUTH_NAME 30 /* Proxy Authen Name */ 143 #define L2TP_AVP_PROXY_AUTH_CHAL 31 /* Proxy Authen Challenge */ 144 #define L2TP_AVP_PROXY_AUTH_ID 32 /* Proxy Authen ID */ 145 #define L2TP_AVP_PROXY_AUTH_RESP 33 /* Proxy Authen Response */ 146 #define L2TP_AVP_CALL_ERRORS 34 /* Call Errors */ 147 #define L2TP_AVP_ACCM 35 /* ACCM */ 148 #define L2TP_AVP_RANDOM_VECTOR 36 /* Random Vector */ 149 #define L2TP_AVP_PRIVATE_GRP_ID 37 /* Private Group ID */ 150 #define L2TP_AVP_RX_CONN_SPEED 38 /* (Rx) Connect Speed */ 151 #define L2TP_AVP_SEQ_REQUIRED 39 /* Sequencing Required */ 152 #define L2TP_AVP_PPP_DISCON_CC 46 /* PPP Disconnect Cause Code - RFC 3145 */ 153 154 static const struct tok l2tp_avp2str[] = { 155 { L2TP_AVP_MSGTYPE, "MSGTYPE" }, 156 { L2TP_AVP_RESULT_CODE, "RESULT_CODE" }, 157 { L2TP_AVP_PROTO_VER, "PROTO_VER" }, 158 { L2TP_AVP_FRAMING_CAP, "FRAMING_CAP" }, 159 { L2TP_AVP_BEARER_CAP, "BEARER_CAP" }, 160 { L2TP_AVP_TIE_BREAKER, "TIE_BREAKER" }, 161 { L2TP_AVP_FIRM_VER, "FIRM_VER" }, 162 { L2TP_AVP_HOST_NAME, "HOST_NAME" }, 163 { L2TP_AVP_VENDOR_NAME, "VENDOR_NAME" }, 164 { L2TP_AVP_ASSND_TUN_ID, "ASSND_TUN_ID" }, 165 { L2TP_AVP_RECV_WIN_SIZE, "RECV_WIN_SIZE" }, 166 { L2TP_AVP_CHALLENGE, "CHALLENGE" }, 167 { L2TP_AVP_Q931_CC, "Q931_CC", }, 168 { L2TP_AVP_CHALLENGE_RESP, "CHALLENGE_RESP" }, 169 { L2TP_AVP_ASSND_SESS_ID, "ASSND_SESS_ID" }, 170 { L2TP_AVP_CALL_SER_NUM, "CALL_SER_NUM" }, 171 { L2TP_AVP_MINIMUM_BPS, "MINIMUM_BPS" }, 172 { L2TP_AVP_MAXIMUM_BPS, "MAXIMUM_BPS" }, 173 { L2TP_AVP_BEARER_TYPE, "BEARER_TYPE" }, 174 { L2TP_AVP_FRAMING_TYPE, "FRAMING_TYPE" }, 175 { L2TP_AVP_PACKET_PROC_DELAY, "PACKET_PROC_DELAY" }, 176 { L2TP_AVP_CALLED_NUMBER, "CALLED_NUMBER" }, 177 { L2TP_AVP_CALLING_NUMBER, "CALLING_NUMBER" }, 178 { L2TP_AVP_SUB_ADDRESS, "SUB_ADDRESS" }, 179 { L2TP_AVP_TX_CONN_SPEED, "TX_CONN_SPEED" }, 180 { L2TP_AVP_PHY_CHANNEL_ID, "PHY_CHANNEL_ID" }, 181 { L2TP_AVP_INI_RECV_LCP, "INI_RECV_LCP" }, 182 { L2TP_AVP_LAST_SENT_LCP, "LAST_SENT_LCP" }, 183 { L2TP_AVP_LAST_RECV_LCP, "LAST_RECV_LCP" }, 184 { L2TP_AVP_PROXY_AUTH_TYPE, "PROXY_AUTH_TYPE" }, 185 { L2TP_AVP_PROXY_AUTH_NAME, "PROXY_AUTH_NAME" }, 186 { L2TP_AVP_PROXY_AUTH_CHAL, "PROXY_AUTH_CHAL" }, 187 { L2TP_AVP_PROXY_AUTH_ID, "PROXY_AUTH_ID" }, 188 { L2TP_AVP_PROXY_AUTH_RESP, "PROXY_AUTH_RESP" }, 189 { L2TP_AVP_CALL_ERRORS, "CALL_ERRORS" }, 190 { L2TP_AVP_ACCM, "ACCM" }, 191 { L2TP_AVP_RANDOM_VECTOR, "RANDOM_VECTOR" }, 192 { L2TP_AVP_PRIVATE_GRP_ID, "PRIVATE_GRP_ID" }, 193 { L2TP_AVP_RX_CONN_SPEED, "RX_CONN_SPEED" }, 194 { L2TP_AVP_SEQ_REQUIRED, "SEQ_REQUIRED" }, 195 { L2TP_AVP_PPP_DISCON_CC, "PPP_DISCON_CC" }, 196 { 0, NULL } 197 }; 198 199 static const struct tok l2tp_authentype2str[] = { 200 { L2TP_AUTHEN_TYPE_RESERVED, "Reserved" }, 201 { L2TP_AUTHEN_TYPE_TEXTUAL, "Textual" }, 202 { L2TP_AUTHEN_TYPE_CHAP, "CHAP" }, 203 { L2TP_AUTHEN_TYPE_PAP, "PAP" }, 204 { L2TP_AUTHEN_TYPE_NO_AUTH, "No Auth" }, 205 { L2TP_AUTHEN_TYPE_MSCHAPv1, "MS-CHAPv1" }, 206 { 0, NULL } 207 }; 208 209 #define L2TP_PPP_DISCON_CC_DIRECTION_GLOBAL 0 210 #define L2TP_PPP_DISCON_CC_DIRECTION_AT_PEER 1 211 #define L2TP_PPP_DISCON_CC_DIRECTION_AT_LOCAL 2 212 213 static const struct tok l2tp_cc_direction2str[] = { 214 { L2TP_PPP_DISCON_CC_DIRECTION_GLOBAL, "global error" }, 215 { L2TP_PPP_DISCON_CC_DIRECTION_AT_PEER, "at peer" }, 216 { L2TP_PPP_DISCON_CC_DIRECTION_AT_LOCAL,"at local" }, 217 { 0, NULL } 218 }; 219 220 #if 0 221 static char *l2tp_result_code_StopCCN[] = { 222 "Reserved", 223 "General request to clear control connection", 224 "General error--Error Code indicates the problem", 225 "Control channel already exists", 226 "Requester is not authorized to establish a control channel", 227 "The protocol version of the requester is not supported", 228 "Requester is being shut down", 229 "Finite State Machine error" 230 #define L2TP_MAX_RESULT_CODE_STOPCC_INDEX 8 231 }; 232 #endif 233 234 #if 0 235 static char *l2tp_result_code_CDN[] = { 236 "Reserved", 237 "Call disconnected due to loss of carrier", 238 "Call disconnected for the reason indicated in error code", 239 "Call disconnected for administrative reasons", 240 "Call failed due to lack of appropriate facilities being " 241 "available (temporary condition)", 242 "Call failed due to lack of appropriate facilities being " 243 "available (permanent condition)", 244 "Invalid destination", 245 "Call failed due to no carrier detected", 246 "Call failed due to detection of a busy signal", 247 "Call failed due to lack of a dial tone", 248 "Call was not established within time allotted by LAC", 249 "Call was connected but no appropriate framing was detected" 250 #define L2TP_MAX_RESULT_CODE_CDN_INDEX 12 251 }; 252 #endif 253 254 #if 0 255 static char *l2tp_error_code_general[] = { 256 "No general error", 257 "No control connection exists yet for this LAC-LNS pair", 258 "Length is wrong", 259 "One of the field values was out of range or " 260 "reserved field was non-zero" 261 "Insufficient resources to handle this operation now", 262 "The Session ID is invalid in this context", 263 "A generic vendor-specific error occurred in the LAC", 264 "Try another" 265 #define L2TP_MAX_ERROR_CODE_GENERAL_INDEX 8 266 }; 267 #endif 268 269 /******************************/ 270 /* generic print out routines */ 271 /******************************/ 272 static void 273 print_string(netdissect_options *ndo, const u_char *dat, u_int length) 274 { 275 u_int i; 276 for (i=0; i<length; i++) { 277 fn_print_char(ndo, GET_U_1(dat)); 278 dat++; 279 } 280 } 281 282 static void 283 print_octets(netdissect_options *ndo, const u_char *dat, u_int length) 284 { 285 u_int i; 286 for (i=0; i<length; i++) { 287 ND_PRINT("%02x", GET_U_1(dat)); 288 dat++; 289 } 290 } 291 292 static void 293 print_16bits_val(netdissect_options *ndo, const uint8_t *dat) 294 { 295 ND_PRINT("%u", GET_BE_U_2(dat)); 296 } 297 298 static void 299 print_32bits_val(netdissect_options *ndo, const uint8_t *dat) 300 { 301 ND_PRINT("%u", GET_BE_U_4(dat)); 302 } 303 304 /***********************************/ 305 /* AVP-specific print out routines */ 306 /***********************************/ 307 static void 308 l2tp_msgtype_print(netdissect_options *ndo, const u_char *dat, u_int length) 309 { 310 if (length < 2) { 311 ND_PRINT("AVP too short"); 312 return; 313 } 314 ND_PRINT("%s", tok2str(l2tp_msgtype2str, "MSGTYPE-#%u", 315 GET_BE_U_2(dat))); 316 } 317 318 static void 319 l2tp_result_code_print(netdissect_options *ndo, const u_char *dat, u_int length) 320 { 321 /* Result Code */ 322 if (length < 2) { 323 ND_PRINT("AVP too short"); 324 return; 325 } 326 ND_PRINT("%u", GET_BE_U_2(dat)); 327 dat += 2; 328 length -= 2; 329 330 /* Error Code (opt) */ 331 if (length == 0) 332 return; 333 if (length < 2) { 334 ND_PRINT(" AVP too short"); 335 return; 336 } 337 ND_PRINT("/%u", GET_BE_U_2(dat)); 338 dat += 2; 339 length -= 2; 340 341 /* Error Message (opt) */ 342 if (length == 0) 343 return; 344 ND_PRINT(" "); 345 print_string(ndo, dat, length); 346 } 347 348 static void 349 l2tp_proto_ver_print(netdissect_options *ndo, const u_char *dat, u_int length) 350 { 351 if (length < 2) { 352 ND_PRINT("AVP too short"); 353 return; 354 } 355 ND_PRINT("%u.%u", (GET_BE_U_2(dat) >> 8), 356 (GET_BE_U_2(dat) & 0xff)); 357 } 358 359 static void 360 l2tp_framing_cap_print(netdissect_options *ndo, const u_char *dat, u_int length) 361 { 362 if (length < 4) { 363 ND_PRINT("AVP too short"); 364 return; 365 } 366 if (GET_BE_U_4(dat) & L2TP_FRAMING_CAP_ASYNC_MASK) { 367 ND_PRINT("A"); 368 } 369 if (GET_BE_U_4(dat) & L2TP_FRAMING_CAP_SYNC_MASK) { 370 ND_PRINT("S"); 371 } 372 } 373 374 static void 375 l2tp_bearer_cap_print(netdissect_options *ndo, const u_char *dat, u_int length) 376 { 377 if (length < 4) { 378 ND_PRINT("AVP too short"); 379 return; 380 } 381 if (GET_BE_U_4(dat) & L2TP_BEARER_CAP_ANALOG_MASK) { 382 ND_PRINT("A"); 383 } 384 if (GET_BE_U_4(dat) & L2TP_BEARER_CAP_DIGITAL_MASK) { 385 ND_PRINT("D"); 386 } 387 } 388 389 static void 390 l2tp_q931_cc_print(netdissect_options *ndo, const u_char *dat, u_int length) 391 { 392 if (length < 3) { 393 ND_PRINT("AVP too short"); 394 return; 395 } 396 print_16bits_val(ndo, dat); 397 ND_PRINT(", %02x", GET_U_1(dat + 2)); 398 dat += 3; 399 length -= 3; 400 if (length != 0) { 401 ND_PRINT(" "); 402 print_string(ndo, dat, length); 403 } 404 } 405 406 static void 407 l2tp_bearer_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 408 { 409 if (length < 4) { 410 ND_PRINT("AVP too short"); 411 return; 412 } 413 if (GET_BE_U_4(dat) & L2TP_BEARER_TYPE_ANALOG_MASK) { 414 ND_PRINT("A"); 415 } 416 if (GET_BE_U_4(dat) & L2TP_BEARER_TYPE_DIGITAL_MASK) { 417 ND_PRINT("D"); 418 } 419 } 420 421 static void 422 l2tp_framing_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 423 { 424 if (length < 4) { 425 ND_PRINT("AVP too short"); 426 return; 427 } 428 if (GET_BE_U_4(dat) & L2TP_FRAMING_TYPE_ASYNC_MASK) { 429 ND_PRINT("A"); 430 } 431 if (GET_BE_U_4(dat) & L2TP_FRAMING_TYPE_SYNC_MASK) { 432 ND_PRINT("S"); 433 } 434 } 435 436 static void 437 l2tp_packet_proc_delay_print(netdissect_options *ndo) 438 { 439 ND_PRINT("obsolete"); 440 } 441 442 static void 443 l2tp_proxy_auth_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 444 { 445 if (length < 2) { 446 ND_PRINT("AVP too short"); 447 return; 448 } 449 ND_PRINT("%s", tok2str(l2tp_authentype2str, 450 "AuthType-#%u", GET_BE_U_2(dat))); 451 } 452 453 static void 454 l2tp_proxy_auth_id_print(netdissect_options *ndo, const u_char *dat, u_int length) 455 { 456 if (length < 2) { 457 ND_PRINT("AVP too short"); 458 return; 459 } 460 ND_PRINT("%u", GET_BE_U_2(dat) & L2TP_PROXY_AUTH_ID_MASK); 461 } 462 463 static void 464 l2tp_call_errors_print(netdissect_options *ndo, const u_char *dat, u_int length) 465 { 466 uint32_t val; 467 468 if (length < 2) { 469 ND_PRINT("AVP too short"); 470 return; 471 } 472 dat += 2; /* skip "Reserved" */ 473 length -= 2; 474 475 if (length < 4) { 476 ND_PRINT("AVP too short"); 477 return; 478 } 479 val = GET_BE_U_4(dat); dat += 4; length -= 4; 480 ND_PRINT("CRCErr=%u ", val); 481 482 if (length < 4) { 483 ND_PRINT("AVP too short"); 484 return; 485 } 486 val = GET_BE_U_4(dat); dat += 4; length -= 4; 487 ND_PRINT("FrameErr=%u ", val); 488 489 if (length < 4) { 490 ND_PRINT("AVP too short"); 491 return; 492 } 493 val = GET_BE_U_4(dat); dat += 4; length -= 4; 494 ND_PRINT("HardOver=%u ", val); 495 496 if (length < 4) { 497 ND_PRINT("AVP too short"); 498 return; 499 } 500 val = GET_BE_U_4(dat); dat += 4; length -= 4; 501 ND_PRINT("BufOver=%u ", val); 502 503 if (length < 4) { 504 ND_PRINT("AVP too short"); 505 return; 506 } 507 val = GET_BE_U_4(dat); dat += 4; length -= 4; 508 ND_PRINT("Timeout=%u ", val); 509 510 if (length < 4) { 511 ND_PRINT("AVP too short"); 512 return; 513 } 514 val = GET_BE_U_4(dat); dat += 4; length -= 4; 515 ND_PRINT("AlignErr=%u ", val); 516 } 517 518 static void 519 l2tp_accm_print(netdissect_options *ndo, const u_char *dat, u_int length) 520 { 521 uint32_t val; 522 523 if (length < 2) { 524 ND_PRINT("AVP too short"); 525 return; 526 } 527 dat += 2; /* skip "Reserved" */ 528 length -= 2; 529 530 if (length < 4) { 531 ND_PRINT("AVP too short"); 532 return; 533 } 534 val = GET_BE_U_4(dat); dat += 4; length -= 4; 535 ND_PRINT("send=%08x ", val); 536 537 if (length < 4) { 538 ND_PRINT("AVP too short"); 539 return; 540 } 541 val = GET_BE_U_4(dat); dat += 4; length -= 4; 542 ND_PRINT("recv=%08x ", val); 543 } 544 545 static void 546 l2tp_ppp_discon_cc_print(netdissect_options *ndo, const u_char *dat, u_int length) 547 { 548 if (length < 5) { 549 ND_PRINT("AVP too short"); 550 return; 551 } 552 /* Disconnect Code */ 553 ND_PRINT("%04x, ", GET_BE_U_2(dat)); 554 dat += 2; 555 length -= 2; 556 /* Control Protocol Number */ 557 ND_PRINT("%04x ", GET_BE_U_2(dat)); 558 dat += 2; 559 length -= 2; 560 /* Direction */ 561 ND_PRINT("%s", tok2str(l2tp_cc_direction2str, 562 "Direction-#%u", GET_U_1(dat))); 563 dat++; 564 length--; 565 566 if (length != 0) { 567 ND_PRINT(" "); 568 print_string(ndo, (const u_char *)dat, length); 569 } 570 } 571 572 static u_int 573 l2tp_avp_print(netdissect_options *ndo, const u_char *dat, u_int length) 574 { 575 u_int len; 576 uint16_t attr_type; 577 int hidden = FALSE; 578 579 ND_PRINT(" "); 580 /* Flags & Length */ 581 len = GET_BE_U_2(dat) & L2TP_AVP_HDR_LEN_MASK; 582 583 /* If it is not long enough to contain the header, we'll give up. */ 584 if (len < 6) 585 goto trunc; 586 587 /* If it goes past the end of the remaining length of the packet, 588 we'll give up. */ 589 if (len > (u_int)length) 590 goto trunc; 591 592 /* If it goes past the end of the remaining length of the captured 593 data, we'll give up. */ 594 ND_TCHECK_LEN(dat, len); 595 596 /* 597 * After this point, we don't need to check whether we go past 598 * the length of the captured data; however, we *do* need to 599 * check whether we go past the end of the AVP. 600 */ 601 602 if (GET_BE_U_2(dat) & L2TP_AVP_HDR_FLAG_MANDATORY) { 603 ND_PRINT("*"); 604 } 605 if (GET_BE_U_2(dat) & L2TP_AVP_HDR_FLAG_HIDDEN) { 606 hidden = TRUE; 607 ND_PRINT("?"); 608 } 609 dat += 2; 610 611 if (GET_BE_U_2(dat)) { 612 /* Vendor Specific Attribute */ 613 ND_PRINT("VENDOR%04x:", GET_BE_U_2(dat)); dat += 2; 614 ND_PRINT("ATTR%04x", GET_BE_U_2(dat)); dat += 2; 615 ND_PRINT("("); 616 print_octets(ndo, dat, len-6); 617 ND_PRINT(")"); 618 } else { 619 /* IETF-defined Attributes */ 620 dat += 2; 621 attr_type = GET_BE_U_2(dat); dat += 2; 622 ND_PRINT("%s", tok2str(l2tp_avp2str, "AVP-#%u", attr_type)); 623 ND_PRINT("("); 624 if (hidden) { 625 ND_PRINT("???"); 626 } else { 627 switch (attr_type) { 628 case L2TP_AVP_MSGTYPE: 629 l2tp_msgtype_print(ndo, dat, len-6); 630 break; 631 case L2TP_AVP_RESULT_CODE: 632 l2tp_result_code_print(ndo, dat, len-6); 633 break; 634 case L2TP_AVP_PROTO_VER: 635 l2tp_proto_ver_print(ndo, dat, len-6); 636 break; 637 case L2TP_AVP_FRAMING_CAP: 638 l2tp_framing_cap_print(ndo, dat, len-6); 639 break; 640 case L2TP_AVP_BEARER_CAP: 641 l2tp_bearer_cap_print(ndo, dat, len-6); 642 break; 643 case L2TP_AVP_TIE_BREAKER: 644 if (len-6 < 8) { 645 ND_PRINT("AVP too short"); 646 break; 647 } 648 print_octets(ndo, dat, 8); 649 break; 650 case L2TP_AVP_FIRM_VER: 651 case L2TP_AVP_ASSND_TUN_ID: 652 case L2TP_AVP_RECV_WIN_SIZE: 653 case L2TP_AVP_ASSND_SESS_ID: 654 if (len-6 < 2) { 655 ND_PRINT("AVP too short"); 656 break; 657 } 658 print_16bits_val(ndo, dat); 659 break; 660 case L2TP_AVP_HOST_NAME: 661 case L2TP_AVP_VENDOR_NAME: 662 case L2TP_AVP_CALLING_NUMBER: 663 case L2TP_AVP_CALLED_NUMBER: 664 case L2TP_AVP_SUB_ADDRESS: 665 case L2TP_AVP_PROXY_AUTH_NAME: 666 case L2TP_AVP_PRIVATE_GRP_ID: 667 print_string(ndo, dat, len-6); 668 break; 669 case L2TP_AVP_CHALLENGE: 670 case L2TP_AVP_INI_RECV_LCP: 671 case L2TP_AVP_LAST_SENT_LCP: 672 case L2TP_AVP_LAST_RECV_LCP: 673 case L2TP_AVP_PROXY_AUTH_CHAL: 674 case L2TP_AVP_PROXY_AUTH_RESP: 675 case L2TP_AVP_RANDOM_VECTOR: 676 print_octets(ndo, dat, len-6); 677 break; 678 case L2TP_AVP_Q931_CC: 679 l2tp_q931_cc_print(ndo, dat, len-6); 680 break; 681 case L2TP_AVP_CHALLENGE_RESP: 682 if (len-6 < 16) { 683 ND_PRINT("AVP too short"); 684 break; 685 } 686 print_octets(ndo, dat, 16); 687 break; 688 case L2TP_AVP_CALL_SER_NUM: 689 case L2TP_AVP_MINIMUM_BPS: 690 case L2TP_AVP_MAXIMUM_BPS: 691 case L2TP_AVP_TX_CONN_SPEED: 692 case L2TP_AVP_PHY_CHANNEL_ID: 693 case L2TP_AVP_RX_CONN_SPEED: 694 if (len-6 < 4) { 695 ND_PRINT("AVP too short"); 696 break; 697 } 698 print_32bits_val(ndo, dat); 699 break; 700 case L2TP_AVP_BEARER_TYPE: 701 l2tp_bearer_type_print(ndo, dat, len-6); 702 break; 703 case L2TP_AVP_FRAMING_TYPE: 704 l2tp_framing_type_print(ndo, dat, len-6); 705 break; 706 case L2TP_AVP_PACKET_PROC_DELAY: 707 l2tp_packet_proc_delay_print(ndo); 708 break; 709 case L2TP_AVP_PROXY_AUTH_TYPE: 710 l2tp_proxy_auth_type_print(ndo, dat, len-6); 711 break; 712 case L2TP_AVP_PROXY_AUTH_ID: 713 l2tp_proxy_auth_id_print(ndo, dat, len-6); 714 break; 715 case L2TP_AVP_CALL_ERRORS: 716 l2tp_call_errors_print(ndo, dat, len-6); 717 break; 718 case L2TP_AVP_ACCM: 719 l2tp_accm_print(ndo, dat, len-6); 720 break; 721 case L2TP_AVP_SEQ_REQUIRED: 722 break; /* No Attribute Value */ 723 case L2TP_AVP_PPP_DISCON_CC: 724 l2tp_ppp_discon_cc_print(ndo, dat, len-6); 725 break; 726 default: 727 break; 728 } 729 } 730 ND_PRINT(")"); 731 } 732 733 return (len); 734 735 trunc: 736 nd_print_trunc(ndo); 737 return (0); 738 } 739 740 741 void 742 l2tp_print(netdissect_options *ndo, const u_char *dat, u_int length) 743 { 744 const u_char *ptr = dat; 745 u_int cnt = 0; /* total octets consumed */ 746 uint16_t pad; 747 int flag_t, flag_l, flag_s, flag_o; 748 uint16_t l2tp_len; 749 750 ndo->ndo_protocol = "l2tp"; 751 flag_t = flag_l = flag_s = flag_o = FALSE; 752 753 if ((GET_BE_U_2(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2TP) { 754 ND_PRINT(" l2tp:"); 755 } else if ((GET_BE_U_2(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2F) { 756 ND_PRINT(" l2f:"); 757 return; /* nothing to do */ 758 } else { 759 ND_PRINT(" Unknown Version, neither L2F(1) nor L2TP(2)"); 760 return; /* nothing we can do */ 761 } 762 763 ND_PRINT("["); 764 if (GET_BE_U_2(ptr) & L2TP_FLAG_TYPE) { 765 flag_t = TRUE; 766 ND_PRINT("T"); 767 } 768 if (GET_BE_U_2(ptr) & L2TP_FLAG_LENGTH) { 769 flag_l = TRUE; 770 ND_PRINT("L"); 771 } 772 if (GET_BE_U_2(ptr) & L2TP_FLAG_SEQUENCE) { 773 flag_s = TRUE; 774 ND_PRINT("S"); 775 } 776 if (GET_BE_U_2(ptr) & L2TP_FLAG_OFFSET) { 777 flag_o = TRUE; 778 ND_PRINT("O"); 779 } 780 if (GET_BE_U_2(ptr) & L2TP_FLAG_PRIORITY) 781 ND_PRINT("P"); 782 ND_PRINT("]"); 783 784 ptr += 2; 785 cnt += 2; 786 787 if (flag_l) { 788 l2tp_len = GET_BE_U_2(ptr); 789 ptr += 2; 790 cnt += 2; 791 } else { 792 l2tp_len = 0; 793 } 794 /* Tunnel ID */ 795 ND_PRINT("(%u/", GET_BE_U_2(ptr)); 796 ptr += 2; 797 cnt += 2; 798 /* Session ID */ 799 ND_PRINT("%u)", GET_BE_U_2(ptr)); 800 ptr += 2; 801 cnt += 2; 802 803 if (flag_s) { 804 ND_PRINT("Ns=%u,", GET_BE_U_2(ptr)); 805 ptr += 2; 806 cnt += 2; 807 ND_PRINT("Nr=%u", GET_BE_U_2(ptr)); 808 ptr += 2; 809 cnt += 2; 810 } 811 812 if (flag_o) { /* Offset Size */ 813 pad = GET_BE_U_2(ptr); 814 /* Offset padding octets in packet buffer? */ 815 ND_TCHECK_LEN(ptr + 2, pad); 816 ptr += (2 + pad); 817 cnt += (2 + pad); 818 } 819 820 if (flag_l) { 821 if (length < l2tp_len) { 822 ND_PRINT(" Length %u larger than packet", l2tp_len); 823 return; 824 } 825 length = l2tp_len; 826 } 827 if (length < cnt) { 828 ND_PRINT(" Length %u smaller than header length", length); 829 return; 830 } 831 if (flag_t) { 832 if (!flag_l) { 833 ND_PRINT(" No length"); 834 return; 835 } 836 if (length - cnt == 0) { 837 ND_PRINT(" ZLB"); 838 } else { 839 /* 840 * Print AVPs. 841 */ 842 while (length - cnt != 0) { 843 u_int avp_length; 844 845 avp_length = l2tp_avp_print(ndo, ptr, length - cnt); 846 if (avp_length == 0) { 847 /* 848 * Truncated. 849 */ 850 break; 851 } 852 cnt += avp_length; 853 ptr += avp_length; 854 } 855 } 856 } else { 857 ND_PRINT(" {"); 858 ppp_print(ndo, ptr, length - cnt); 859 ND_PRINT("}"); 860 } 861 return; 862 trunc: 863 nd_print_trunc(ndo); 864 } 865