1 /* $OpenBSD: print-icmp.c,v 1.18 2007/10/07 16:41:05 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that: (1) source code distributions 9 * retain the above copyright notice and this paragraph in its entirety, (2) 10 * distributions including binary code include the above copyright notice and 11 * this paragraph in its entirety in the documentation or other materials 12 * provided with the distribution, and (3) all advertising materials mentioning 13 * features or use of this software display the following acknowledgement: 14 * ``This product includes software developed by the University of California, 15 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 16 * the University nor the names of its contributors may be used to endorse 17 * or promote products derived from this software without specific prior 18 * written permission. 19 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 20 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 22 */ 23 24 #ifndef lint 25 static const char rcsid[] = 26 "@(#) $Id: print-icmp.c,v 1.18 2007/10/07 16:41:05 deraadt Exp $ (LBL)"; 27 #endif 28 29 #include <sys/param.h> 30 #include <sys/time.h> 31 #include <sys/socket.h> 32 33 struct mbuf; 34 struct rtentry; 35 #include <net/if.h> 36 37 #include <netinet/in.h> 38 #include <netinet/if_ether.h> 39 #include <netinet/in_systm.h> 40 #include <netinet/ip.h> 41 #include <netinet/ip_icmp.h> 42 #include <netinet/ip_var.h> 43 #include <netinet/udp.h> 44 #include <netinet/udp_var.h> 45 #include <netinet/tcp.h> 46 #include <netinet/tcpip.h> 47 48 #include <stdio.h> 49 #include <string.h> 50 51 #include "interface.h" 52 #include "addrtoname.h" 53 #include "extract.h" /* must come after interface.h */ 54 55 /* rfc1700 */ 56 #ifndef ICMP_UNREACH_NET_UNKNOWN 57 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */ 58 #endif 59 #ifndef ICMP_UNREACH_HOST_UNKNOWN 60 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */ 61 #endif 62 #ifndef ICMP_UNREACH_ISOLATED 63 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */ 64 #endif 65 #ifndef ICMP_UNREACH_NET_PROHIB 66 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */ 67 #endif 68 #ifndef ICMP_UNREACH_HOST_PROHIB 69 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */ 70 #endif 71 #ifndef ICMP_UNREACH_TOSNET 72 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */ 73 #endif 74 #ifndef ICMP_UNREACH_TOSHOST 75 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */ 76 #endif 77 78 /* rfc1716 */ 79 #ifndef ICMP_UNREACH_FILTER_PROHIB 80 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */ 81 #endif 82 #ifndef ICMP_UNREACH_HOST_PRECEDENCE 83 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */ 84 #endif 85 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 86 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */ 87 #endif 88 89 /* rfc1256 */ 90 #ifndef ICMP_ROUTERADVERT 91 #define ICMP_ROUTERADVERT 9 /* router advertisement */ 92 #endif 93 #ifndef ICMP_ROUTERSOLICIT 94 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */ 95 #endif 96 97 #define ICMP_INFOTYPE(type) \ 98 ((type) == ICMP_ECHOREPLY || (type) == ICMP_ECHO || \ 99 (type) == ICMP_ROUTERADVERT || (type) == ICMP_ROUTERSOLICIT || \ 100 (type) == ICMP_TSTAMP || (type) == ICMP_TSTAMPREPLY || \ 101 (type) == ICMP_IREQ || (type) == ICMP_IREQREPLY || \ 102 (type) == ICMP_MASKREQ || (type) == ICMP_MASKREPLY) 103 104 /* Most of the icmp types */ 105 static struct tok icmp2str[] = { 106 { ICMP_ECHOREPLY, "echo reply" }, 107 { ICMP_SOURCEQUENCH, "source quench" }, 108 { ICMP_ECHO, "echo request" }, 109 { ICMP_ROUTERSOLICIT, "router solicitation" }, 110 { ICMP_TSTAMP, "time stamp request" }, 111 { ICMP_TSTAMPREPLY, "time stamp reply" }, 112 { ICMP_IREQ, "information request" }, 113 { ICMP_IREQREPLY, "information reply" }, 114 { ICMP_MASKREQ, "address mask request" }, 115 { 0, NULL } 116 }; 117 118 /* Formats for most of the ICMP_UNREACH codes */ 119 static struct tok unreach2str[] = { 120 { ICMP_UNREACH_NET, "net %s unreachable" }, 121 { ICMP_UNREACH_HOST, "host %s unreachable" }, 122 { ICMP_UNREACH_SRCFAIL, 123 "%s unreachable - source route failed" }, 124 { ICMP_UNREACH_NET_UNKNOWN, "net %s unreachable - unknown" }, 125 { ICMP_UNREACH_HOST_UNKNOWN, "host %s unreachable - unknown" }, 126 { ICMP_UNREACH_ISOLATED, 127 "%s unreachable - source host isolated" }, 128 { ICMP_UNREACH_NET_PROHIB, 129 "net %s unreachable - admin prohibited" }, 130 { ICMP_UNREACH_HOST_PROHIB, 131 "host %s unreachable - admin prohibited" }, 132 { ICMP_UNREACH_TOSNET, 133 "net %s unreachable - tos prohibited" }, 134 { ICMP_UNREACH_TOSHOST, 135 "host %s unreachable - tos prohibited" }, 136 { ICMP_UNREACH_FILTER_PROHIB, 137 "host %s unreachable - admin prohibited filter" }, 138 { ICMP_UNREACH_HOST_PRECEDENCE, 139 "host %s unreachable - host precedence violation" }, 140 { ICMP_UNREACH_PRECEDENCE_CUTOFF, 141 "host %s unreachable - precedence cutoff" }, 142 { 0, NULL } 143 }; 144 145 /* Formats for the ICMP_REDIRECT codes */ 146 static struct tok type2str[] = { 147 { ICMP_REDIRECT_NET, "redirect %s to net %s" }, 148 { ICMP_REDIRECT_HOST, "redirect %s to host %s" }, 149 { ICMP_REDIRECT_TOSNET, "redirect-tos %s to net %s" }, 150 { ICMP_REDIRECT_TOSHOST, "redirect-tos %s to net %s" }, 151 { 0, NULL } 152 }; 153 154 /* rfc1191 */ 155 struct mtu_discovery { 156 short unused; 157 short nexthopmtu; 158 }; 159 160 /* rfc1256 */ 161 struct ih_rdiscovery { 162 u_char ird_addrnum; 163 u_char ird_addrsiz; 164 u_short ird_lifetime; 165 }; 166 167 struct id_rdiscovery { 168 u_int32_t ird_addr; 169 u_int32_t ird_pref; 170 }; 171 172 void 173 icmp_print(const u_char *bp, const u_char *bp2) 174 { 175 const struct icmp *dp; 176 const struct ip *ip; 177 const char *str, *fmt; 178 const struct ip *oip; 179 const struct udphdr *ouh; 180 u_int hlen, dport, mtu; 181 char buf[MAXHOSTNAMELEN+256]; 182 char buf2[MAXHOSTNAMELEN+256]; 183 184 dp = (struct icmp *)bp; 185 ip = (struct ip *)bp2; 186 str = buf; 187 188 (void)printf("%s > %s: ", 189 ipaddr_string(&ip->ip_src), 190 ipaddr_string(&ip->ip_dst)); 191 192 TCHECK(dp->icmp_code); 193 if (qflag) 194 (void) snprintf(buf, sizeof buf, "%u %u", dp->icmp_type, 195 dp->icmp_code); 196 else switch (dp->icmp_type) { 197 198 case ICMP_ECHOREPLY: 199 case ICMP_ECHO: 200 if (vflag) { 201 TCHECK(dp->icmp_seq); 202 (void)snprintf(buf, sizeof buf, 203 "echo %s (id:%04x seq:%u)", 204 (dp->icmp_type == ICMP_ECHO)? 205 "request": "reply", 206 ntohs(dp->icmp_id), 207 ntohs(dp->icmp_seq)); 208 } else 209 str = tok2str(icmp2str, "type-#%u", dp->icmp_type); 210 break; 211 212 case ICMP_UNREACH: 213 TCHECK(dp->icmp_ip.ip_dst); 214 switch (dp->icmp_code) { 215 216 case ICMP_UNREACH_PROTOCOL: 217 TCHECK(dp->icmp_ip.ip_p); 218 (void)snprintf(buf, sizeof buf, 219 "%s protocol %u unreachable", 220 ipaddr_string(&dp->icmp_ip.ip_dst), 221 dp->icmp_ip.ip_p); 222 break; 223 224 case ICMP_UNREACH_PORT: 225 TCHECK(dp->icmp_ip.ip_p); 226 oip = &dp->icmp_ip; 227 hlen = oip->ip_hl * 4; 228 ouh = (struct udphdr *)(((u_char *)oip) + hlen); 229 dport = ntohs(ouh->uh_dport); 230 switch (oip->ip_p) { 231 232 case IPPROTO_TCP: 233 (void)snprintf(buf, sizeof buf, 234 "%s tcp port %s unreachable", 235 ipaddr_string(&oip->ip_dst), 236 tcpport_string(dport)); 237 break; 238 239 case IPPROTO_UDP: 240 (void)snprintf(buf, sizeof buf, 241 "%s udp port %s unreachable", 242 ipaddr_string(&oip->ip_dst), 243 udpport_string(dport)); 244 break; 245 246 default: 247 (void)snprintf(buf, sizeof buf, 248 "%s protocol %u port %u unreachable", 249 ipaddr_string(&oip->ip_dst), 250 oip->ip_p, dport); 251 break; 252 } 253 break; 254 255 case ICMP_UNREACH_NEEDFRAG: 256 { 257 const struct mtu_discovery *mp; 258 259 mp = (struct mtu_discovery *)&dp->icmp_void; 260 mtu = EXTRACT_16BITS(&mp->nexthopmtu); 261 if (mtu) 262 (void)snprintf(buf, sizeof buf, 263 "%s unreachable - need to frag (mtu %u)", 264 ipaddr_string(&dp->icmp_ip.ip_dst), mtu); 265 else 266 (void)snprintf(buf, sizeof buf, 267 "%s unreachable - need to frag", 268 ipaddr_string(&dp->icmp_ip.ip_dst)); 269 } 270 break; 271 272 default: 273 fmt = tok2str(unreach2str, "#%u %%s unreachable", 274 dp->icmp_code); 275 (void)snprintf(buf, sizeof buf, fmt, 276 ipaddr_string(&dp->icmp_ip.ip_dst)); 277 break; 278 } 279 break; 280 281 case ICMP_REDIRECT: 282 TCHECK(dp->icmp_ip.ip_dst); 283 fmt = tok2str(type2str, "redirect-#%u %%s to net %%s", 284 dp->icmp_code); 285 (void)snprintf(buf, sizeof buf, fmt, 286 ipaddr_string(&dp->icmp_ip.ip_dst), 287 ipaddr_string(&dp->icmp_gwaddr)); 288 break; 289 290 case ICMP_ROUTERADVERT: 291 { 292 const struct ih_rdiscovery *ihp; 293 const struct id_rdiscovery *idp; 294 u_int lifetime, num, size; 295 296 (void)strlcpy(buf, "router advertisement", sizeof(buf)); 297 298 ihp = (struct ih_rdiscovery *)&dp->icmp_void; 299 TCHECK(*ihp); 300 (void)strlcat(buf, " lifetime ", sizeof(buf)); 301 lifetime = EXTRACT_16BITS(&ihp->ird_lifetime); 302 if (lifetime < 60) 303 (void)snprintf(buf2, sizeof(buf2), "%u", lifetime); 304 else if (lifetime < 60 * 60) 305 (void)snprintf(buf2, sizeof(buf2), "%u:%02u", 306 lifetime / 60, lifetime % 60); 307 else 308 (void)snprintf(buf2, sizeof(buf2), "%u:%02u:%02u", 309 lifetime / 3600, (lifetime % 3600) / 60, 310 lifetime % 60); 311 strlcat(buf, buf2, sizeof(buf)); 312 313 num = ihp->ird_addrnum; 314 (void)snprintf(buf2, sizeof(buf2), " %u:", num); 315 strlcat(buf, buf2, sizeof(buf)); 316 317 size = ihp->ird_addrsiz; 318 if (size != 2) { 319 (void)snprintf(buf2, sizeof(buf2), " [size %u]", size); 320 strlcat(buf, buf2, sizeof(buf)); 321 break; 322 } 323 idp = (struct id_rdiscovery *)&dp->icmp_data; 324 while (num-- > 0) { 325 TCHECK(*idp); 326 (void)snprintf(buf2, sizeof(buf2), " {%s %u}", 327 ipaddr_string(&idp->ird_addr), 328 EXTRACT_32BITS(&idp->ird_pref)); 329 strlcat(buf, buf2, sizeof(buf)); 330 } 331 } 332 break; 333 334 case ICMP_TIMXCEED: 335 TCHECK(dp->icmp_ip.ip_dst); 336 switch (dp->icmp_code) { 337 338 case ICMP_TIMXCEED_INTRANS: 339 str = "time exceeded in-transit"; 340 break; 341 342 case ICMP_TIMXCEED_REASS: 343 str = "ip reassembly time exceeded"; 344 break; 345 346 default: 347 (void)snprintf(buf, sizeof buf, 348 "time exceeded-#%u", dp->icmp_code); 349 break; 350 } 351 break; 352 353 case ICMP_PARAMPROB: 354 switch (dp->icmp_code) { 355 case ICMP_PARAMPROB_OPTABSENT: 356 str = "requested option absent"; 357 break; 358 case ICMP_PARAMPROB_LENGTH: 359 snprintf(buf, sizeof buf, "bad length %u", dp->icmp_pptr); 360 break; 361 default: 362 TCHECK(dp->icmp_pptr); 363 (void)snprintf(buf, sizeof buf, 364 "parameter problem - octet %u", 365 dp->icmp_pptr); 366 break; 367 } 368 break; 369 370 case ICMP_MASKREPLY: 371 TCHECK(dp->icmp_mask); 372 (void)snprintf(buf, sizeof buf, "address mask is 0x%08x", 373 (u_int32_t)ntohl(dp->icmp_mask)); 374 break; 375 376 default: 377 str = tok2str(icmp2str, "type-#%u", dp->icmp_type); 378 break; 379 } 380 (void)printf("icmp: %s", str); 381 if (vflag > 1 && !ICMP_INFOTYPE(dp->icmp_type) && 382 TTEST(dp->icmp_ip)) { 383 (void)printf(" for "); 384 oip = &dp->icmp_ip; 385 ip_print((u_char *)oip, ntohs(oip->ip_len)); 386 } 387 return; 388 trunc: 389 fputs("[|icmp]", stdout); 390 } 391