1 /* 2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 */ 21 #include <sys/cdefs.h> 22 #ifndef lint 23 #if 0 24 static const char rcsid[] _U_ = 25 "@(#) Header: /tcpdump/master/tcpdump/print-symantec.c,v 1.5 2005-07-07 01:22:21 guy Exp (LBL)"; 26 #else 27 __RCSID("$NetBSD: print-symantec.c,v 1.3 2013/04/06 19:33:08 christos Exp $"); 28 #endif 29 #endif 30 31 #ifdef HAVE_CONFIG_H 32 #include "config.h" 33 #endif 34 35 #include <tcpdump-stdinc.h> 36 37 #include <stdio.h> 38 #include <pcap.h> 39 40 #include "interface.h" 41 #include "extract.h" 42 #include "addrtoname.h" 43 #include "ethertype.h" 44 45 #include "ether.h" 46 47 struct symantec_header { 48 u_int8_t stuff1[6]; 49 u_int16_t ether_type; 50 u_int8_t stuff2[36]; 51 }; 52 53 static inline void 54 symantec_hdr_print(register const u_char *bp, u_int length) 55 { 56 register const struct symantec_header *sp; 57 u_int16_t etype; 58 59 sp = (const struct symantec_header *)bp; 60 61 etype = EXTRACT_16BITS(&sp->ether_type); 62 if (!qflag) { 63 if (etype <= ETHERMTU) 64 (void)printf("invalid ethertype %u", etype); 65 else 66 (void)printf("ethertype %s (0x%04x)", 67 tok2str(ethertype_values,"Unknown", etype), 68 etype); 69 } else { 70 if (etype <= ETHERMTU) 71 (void)printf("invalid ethertype %u", etype); 72 else 73 (void)printf("%s", tok2str(ethertype_values,"Unknown Ethertype (0x%04x)", etype)); 74 } 75 76 (void)printf(", length %u: ", length); 77 } 78 79 /* 80 * This is the top level routine of the printer. 'p' points 81 * to the ether header of the packet, 'h->ts' is the timestamp, 82 * 'h->len' is the length of the packet off the wire, and 'h->caplen' 83 * is the number of bytes actually captured. 84 */ 85 u_int 86 symantec_if_print(const struct pcap_pkthdr *h, const u_char *p) 87 { 88 u_int length = h->len; 89 u_int caplen = h->caplen; 90 struct symantec_header *sp; 91 u_short ether_type; 92 93 if (caplen < sizeof (struct symantec_header)) { 94 printf("[|symantec]"); 95 return caplen; 96 } 97 98 if (eflag) 99 symantec_hdr_print(p, length); 100 101 length -= sizeof (struct symantec_header); 102 caplen -= sizeof (struct symantec_header); 103 sp = (struct symantec_header *)p; 104 p += sizeof (struct symantec_header); 105 106 ether_type = EXTRACT_16BITS(&sp->ether_type); 107 108 if (ether_type <= ETHERMTU) { 109 /* ether_type not known, print raw packet */ 110 if (!eflag) 111 symantec_hdr_print((u_char *)sp, length + sizeof (struct symantec_header)); 112 113 if (!suppress_default_print) 114 default_print(p, caplen); 115 } else if (ethertype_print(gndo, ether_type, p, length, caplen) == 0) { 116 /* ether_type not known, print raw packet */ 117 if (!eflag) 118 symantec_hdr_print((u_char *)sp, length + sizeof (struct symantec_header)); 119 120 if (!suppress_default_print) 121 default_print(p, caplen); 122 } 123 124 return (sizeof (struct symantec_header)); 125 } 126