1 /* $OpenBSD: print-icmp.c,v 1.20 2009/10/27 23:59:55 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that: (1) source code distributions 9 * retain the above copyright notice and this paragraph in its entirety, (2) 10 * distributions including binary code include the above copyright notice and 11 * this paragraph in its entirety in the documentation or other materials 12 * provided with the distribution, and (3) all advertising materials mentioning 13 * features or use of this software display the following acknowledgement: 14 * ``This product includes software developed by the University of California, 15 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 16 * the University nor the names of its contributors may be used to endorse 17 * or promote products derived from this software without specific prior 18 * written permission. 19 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 20 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 22 */ 23 24 #include <sys/param.h> 25 #include <sys/time.h> 26 #include <sys/socket.h> 27 28 struct mbuf; 29 struct rtentry; 30 #include <net/if.h> 31 32 #include <netinet/in.h> 33 #include <netinet/if_ether.h> 34 #include <netinet/in_systm.h> 35 #include <netinet/ip.h> 36 #include <netinet/ip_icmp.h> 37 #include <netinet/ip_var.h> 38 #include <netinet/udp.h> 39 #include <netinet/udp_var.h> 40 #include <netinet/tcp.h> 41 #include <netinet/tcpip.h> 42 43 #include <stdio.h> 44 #include <string.h> 45 46 #include "interface.h" 47 #include "addrtoname.h" 48 #include "extract.h" /* must come after interface.h */ 49 50 /* rfc1700 */ 51 #ifndef ICMP_UNREACH_NET_UNKNOWN 52 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */ 53 #endif 54 #ifndef ICMP_UNREACH_HOST_UNKNOWN 55 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */ 56 #endif 57 #ifndef ICMP_UNREACH_ISOLATED 58 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */ 59 #endif 60 #ifndef ICMP_UNREACH_NET_PROHIB 61 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */ 62 #endif 63 #ifndef ICMP_UNREACH_HOST_PROHIB 64 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */ 65 #endif 66 #ifndef ICMP_UNREACH_TOSNET 67 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */ 68 #endif 69 #ifndef ICMP_UNREACH_TOSHOST 70 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */ 71 #endif 72 73 /* rfc1716 */ 74 #ifndef ICMP_UNREACH_FILTER_PROHIB 75 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */ 76 #endif 77 #ifndef ICMP_UNREACH_HOST_PRECEDENCE 78 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */ 79 #endif 80 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 81 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */ 82 #endif 83 84 /* rfc1256 */ 85 #ifndef ICMP_ROUTERADVERT 86 #define ICMP_ROUTERADVERT 9 /* router advertisement */ 87 #endif 88 #ifndef ICMP_ROUTERSOLICIT 89 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */ 90 #endif 91 92 #define ICMP_INFOTYPE(type) \ 93 ((type) == ICMP_ECHOREPLY || (type) == ICMP_ECHO || \ 94 (type) == ICMP_ROUTERADVERT || (type) == ICMP_ROUTERSOLICIT || \ 95 (type) == ICMP_TSTAMP || (type) == ICMP_TSTAMPREPLY || \ 96 (type) == ICMP_IREQ || (type) == ICMP_IREQREPLY || \ 97 (type) == ICMP_MASKREQ || (type) == ICMP_MASKREPLY) 98 99 /* Most of the icmp types */ 100 static struct tok icmp2str[] = { 101 { ICMP_ECHOREPLY, "echo reply" }, 102 { ICMP_SOURCEQUENCH, "source quench" }, 103 { ICMP_ECHO, "echo request" }, 104 { ICMP_ROUTERSOLICIT, "router solicitation" }, 105 { ICMP_TSTAMP, "time stamp request" }, 106 { ICMP_TSTAMPREPLY, "time stamp reply" }, 107 { ICMP_IREQ, "information request" }, 108 { ICMP_IREQREPLY, "information reply" }, 109 { ICMP_MASKREQ, "address mask request" }, 110 { 0, NULL } 111 }; 112 113 /* Formats for most of the ICMP_UNREACH codes */ 114 static struct tok unreach2str[] = { 115 { ICMP_UNREACH_NET, "net %s unreachable" }, 116 { ICMP_UNREACH_HOST, "host %s unreachable" }, 117 { ICMP_UNREACH_SRCFAIL, 118 "%s unreachable - source route failed" }, 119 { ICMP_UNREACH_NET_UNKNOWN, "net %s unreachable - unknown" }, 120 { ICMP_UNREACH_HOST_UNKNOWN, "host %s unreachable - unknown" }, 121 { ICMP_UNREACH_ISOLATED, 122 "%s unreachable - source host isolated" }, 123 { ICMP_UNREACH_NET_PROHIB, 124 "net %s unreachable - admin prohibited" }, 125 { ICMP_UNREACH_HOST_PROHIB, 126 "host %s unreachable - admin prohibited" }, 127 { ICMP_UNREACH_TOSNET, 128 "net %s unreachable - tos prohibited" }, 129 { ICMP_UNREACH_TOSHOST, 130 "host %s unreachable - tos prohibited" }, 131 { ICMP_UNREACH_FILTER_PROHIB, 132 "host %s unreachable - admin prohibited filter" }, 133 { ICMP_UNREACH_HOST_PRECEDENCE, 134 "host %s unreachable - host precedence violation" }, 135 { ICMP_UNREACH_PRECEDENCE_CUTOFF, 136 "host %s unreachable - precedence cutoff" }, 137 { 0, NULL } 138 }; 139 140 /* Formats for the ICMP_REDIRECT codes */ 141 static struct tok type2str[] = { 142 { ICMP_REDIRECT_NET, "redirect %s to net %s" }, 143 { ICMP_REDIRECT_HOST, "redirect %s to host %s" }, 144 { ICMP_REDIRECT_TOSNET, "redirect-tos %s to net %s" }, 145 { ICMP_REDIRECT_TOSHOST, "redirect-tos %s to net %s" }, 146 { 0, NULL } 147 }; 148 149 /* rfc1191 */ 150 struct mtu_discovery { 151 short unused; 152 short nexthopmtu; 153 }; 154 155 /* rfc1256 */ 156 struct ih_rdiscovery { 157 u_char ird_addrnum; 158 u_char ird_addrsiz; 159 u_short ird_lifetime; 160 }; 161 162 struct id_rdiscovery { 163 u_int32_t ird_addr; 164 u_int32_t ird_pref; 165 }; 166 167 void 168 icmp_print(const u_char *bp, const u_char *bp2) 169 { 170 const struct icmp *dp; 171 const struct ip *ip; 172 const char *str, *fmt; 173 const struct ip *oip; 174 const struct udphdr *ouh; 175 u_int hlen, dport, mtu; 176 char buf[MAXHOSTNAMELEN+256]; 177 char buf2[MAXHOSTNAMELEN+256]; 178 179 dp = (struct icmp *)bp; 180 ip = (struct ip *)bp2; 181 str = buf; 182 183 (void)printf("%s > %s: ", 184 ipaddr_string(&ip->ip_src), 185 ipaddr_string(&ip->ip_dst)); 186 187 TCHECK(dp->icmp_code); 188 if (qflag) 189 (void) snprintf(buf, sizeof buf, "%u %u", dp->icmp_type, 190 dp->icmp_code); 191 else switch (dp->icmp_type) { 192 193 case ICMP_ECHOREPLY: 194 case ICMP_ECHO: 195 if (vflag) { 196 TCHECK(dp->icmp_seq); 197 (void)snprintf(buf, sizeof buf, 198 "echo %s (id:%04x seq:%u)", 199 (dp->icmp_type == ICMP_ECHO)? 200 "request": "reply", 201 ntohs(dp->icmp_id), 202 ntohs(dp->icmp_seq)); 203 } else 204 str = tok2str(icmp2str, "type-#%u", dp->icmp_type); 205 break; 206 207 case ICMP_UNREACH: 208 TCHECK(dp->icmp_ip.ip_dst); 209 switch (dp->icmp_code) { 210 211 case ICMP_UNREACH_PROTOCOL: 212 TCHECK(dp->icmp_ip.ip_p); 213 (void)snprintf(buf, sizeof buf, 214 "%s protocol %u unreachable", 215 ipaddr_string(&dp->icmp_ip.ip_dst), 216 dp->icmp_ip.ip_p); 217 break; 218 219 case ICMP_UNREACH_PORT: 220 TCHECK(dp->icmp_ip.ip_p); 221 oip = &dp->icmp_ip; 222 hlen = oip->ip_hl * 4; 223 ouh = (struct udphdr *)(((u_char *)oip) + hlen); 224 TCHECK(ouh->uh_dport); 225 dport = ntohs(ouh->uh_dport); 226 switch (oip->ip_p) { 227 228 case IPPROTO_TCP: 229 (void)snprintf(buf, sizeof buf, 230 "%s tcp port %s unreachable", 231 ipaddr_string(&oip->ip_dst), 232 tcpport_string(dport)); 233 break; 234 235 case IPPROTO_UDP: 236 (void)snprintf(buf, sizeof buf, 237 "%s udp port %s unreachable", 238 ipaddr_string(&oip->ip_dst), 239 udpport_string(dport)); 240 break; 241 242 default: 243 (void)snprintf(buf, sizeof buf, 244 "%s protocol %u port %u unreachable", 245 ipaddr_string(&oip->ip_dst), 246 oip->ip_p, dport); 247 break; 248 } 249 break; 250 251 case ICMP_UNREACH_NEEDFRAG: 252 { 253 const struct mtu_discovery *mp; 254 255 mp = (struct mtu_discovery *)&dp->icmp_void; 256 mtu = EXTRACT_16BITS(&mp->nexthopmtu); 257 if (mtu) 258 (void)snprintf(buf, sizeof buf, 259 "%s unreachable - need to frag (mtu %u)", 260 ipaddr_string(&dp->icmp_ip.ip_dst), mtu); 261 else 262 (void)snprintf(buf, sizeof buf, 263 "%s unreachable - need to frag", 264 ipaddr_string(&dp->icmp_ip.ip_dst)); 265 } 266 break; 267 268 default: 269 fmt = tok2str(unreach2str, "#%u %%s unreachable", 270 dp->icmp_code); 271 (void)snprintf(buf, sizeof buf, fmt, 272 ipaddr_string(&dp->icmp_ip.ip_dst)); 273 break; 274 } 275 break; 276 277 case ICMP_REDIRECT: 278 TCHECK(dp->icmp_ip.ip_dst); 279 fmt = tok2str(type2str, "redirect-#%u %%s to net %%s", 280 dp->icmp_code); 281 (void)snprintf(buf, sizeof buf, fmt, 282 ipaddr_string(&dp->icmp_ip.ip_dst), 283 ipaddr_string(&dp->icmp_gwaddr)); 284 break; 285 286 case ICMP_ROUTERADVERT: 287 { 288 const struct ih_rdiscovery *ihp; 289 const struct id_rdiscovery *idp; 290 u_int lifetime, num, size; 291 292 (void)strlcpy(buf, "router advertisement", sizeof(buf)); 293 294 ihp = (struct ih_rdiscovery *)&dp->icmp_void; 295 TCHECK(*ihp); 296 (void)strlcat(buf, " lifetime ", sizeof(buf)); 297 lifetime = EXTRACT_16BITS(&ihp->ird_lifetime); 298 if (lifetime < 60) 299 (void)snprintf(buf2, sizeof(buf2), "%u", lifetime); 300 else if (lifetime < 60 * 60) 301 (void)snprintf(buf2, sizeof(buf2), "%u:%02u", 302 lifetime / 60, lifetime % 60); 303 else 304 (void)snprintf(buf2, sizeof(buf2), "%u:%02u:%02u", 305 lifetime / 3600, (lifetime % 3600) / 60, 306 lifetime % 60); 307 strlcat(buf, buf2, sizeof(buf)); 308 309 num = ihp->ird_addrnum; 310 (void)snprintf(buf2, sizeof(buf2), " %u:", num); 311 strlcat(buf, buf2, sizeof(buf)); 312 313 size = ihp->ird_addrsiz; 314 if (size != 2) { 315 (void)snprintf(buf2, sizeof(buf2), " [size %u]", size); 316 strlcat(buf, buf2, sizeof(buf)); 317 break; 318 } 319 idp = (struct id_rdiscovery *)&dp->icmp_data; 320 while (num-- > 0) { 321 TCHECK(*idp); 322 (void)snprintf(buf2, sizeof(buf2), " {%s %u}", 323 ipaddr_string(&idp->ird_addr), 324 EXTRACT_32BITS(&idp->ird_pref)); 325 strlcat(buf, buf2, sizeof(buf)); 326 } 327 } 328 break; 329 330 case ICMP_TIMXCEED: 331 TCHECK(dp->icmp_ip.ip_dst); 332 switch (dp->icmp_code) { 333 334 case ICMP_TIMXCEED_INTRANS: 335 str = "time exceeded in-transit"; 336 break; 337 338 case ICMP_TIMXCEED_REASS: 339 str = "ip reassembly time exceeded"; 340 break; 341 342 default: 343 (void)snprintf(buf, sizeof buf, 344 "time exceeded-#%u", dp->icmp_code); 345 break; 346 } 347 break; 348 349 case ICMP_PARAMPROB: 350 switch (dp->icmp_code) { 351 case ICMP_PARAMPROB_OPTABSENT: 352 str = "requested option absent"; 353 break; 354 case ICMP_PARAMPROB_LENGTH: 355 snprintf(buf, sizeof buf, "bad length %u", dp->icmp_pptr); 356 break; 357 default: 358 TCHECK(dp->icmp_pptr); 359 (void)snprintf(buf, sizeof buf, 360 "parameter problem - octet %u", 361 dp->icmp_pptr); 362 break; 363 } 364 break; 365 366 case ICMP_MASKREPLY: 367 TCHECK(dp->icmp_mask); 368 (void)snprintf(buf, sizeof buf, "address mask is 0x%08x", 369 (u_int32_t)ntohl(dp->icmp_mask)); 370 break; 371 372 default: 373 str = tok2str(icmp2str, "type-#%u", dp->icmp_type); 374 break; 375 } 376 (void)printf("icmp: %s", str); 377 if (vflag > 1 && !ICMP_INFOTYPE(dp->icmp_type) && 378 TTEST(dp->icmp_ip)) { 379 (void)printf(" for "); 380 oip = &dp->icmp_ip; 381 ip_print((u_char *)oip, ntohs(oip->ip_len)); 382 } 383 return; 384 trunc: 385 fputs("[|icmp]", stdout); 386 } 387