1 /* $OpenBSD: print-udp.c,v 1.31 2009/10/27 23:59:57 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that: (1) source code distributions 9 * retain the above copyright notice and this paragraph in its entirety, (2) 10 * distributions including binary code include the above copyright notice and 11 * this paragraph in its entirety in the documentation or other materials 12 * provided with the distribution, and (3) all advertising materials mentioning 13 * features or use of this software display the following acknowledgement: 14 * ``This product includes software developed by the University of California, 15 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 16 * the University nor the names of its contributors may be used to endorse 17 * or promote products derived from this software without specific prior 18 * written permission. 19 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 20 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 22 */ 23 24 #include <sys/param.h> 25 #include <sys/time.h> 26 #include <sys/socket.h> 27 28 #include <netinet/in.h> 29 #include <netinet/in_systm.h> 30 #include <netinet/ip.h> 31 #include <netinet/ip_var.h> 32 #include <netinet/udp.h> 33 #include <netinet/udp_var.h> 34 35 #include <net80211/ieee80211.h> 36 37 #ifdef NOERROR 38 #undef NOERROR /* Solaris sucks */ 39 #endif 40 #ifdef T_UNSPEC 41 #undef T_UNSPEC /* SINIX does too */ 42 #endif 43 #include <arpa/nameser.h> 44 #ifdef SEGSIZE 45 #undef SEGSIZE 46 #endif 47 #include <arpa/tftp.h> 48 49 #include <rpc/rpc.h> 50 51 #include <stdio.h> 52 #include <string.h> 53 54 #ifdef INET6 55 #include <netinet/ip6.h> 56 #endif 57 58 #include "interface.h" 59 #include "addrtoname.h" 60 #include "appletalk.h" 61 62 #include "nfsv2.h" 63 #include "bootp.h" 64 #include "iapp.h" 65 66 struct rtcphdr { 67 u_short rh_flags; /* T:2 P:1 CNT:5 PT:8 */ 68 u_short rh_len; /* length of message (in words) */ 69 u_int rh_ssrc; /* synchronization src id */ 70 }; 71 72 typedef struct { 73 u_int upper; /* more significant 32 bits */ 74 u_int lower; /* less significant 32 bits */ 75 } ntp64; 76 77 /* 78 * Sender report. 79 */ 80 struct rtcp_sr { 81 ntp64 sr_ntp; /* 64-bit ntp timestamp */ 82 u_int sr_ts; /* reference media timestamp */ 83 u_int sr_np; /* no. packets sent */ 84 u_int sr_nb; /* no. bytes sent */ 85 }; 86 87 /* 88 * Receiver report. 89 * Time stamps are middle 32-bits of ntp timestamp. 90 */ 91 struct rtcp_rr { 92 u_int rr_srcid; /* sender being reported */ 93 u_int rr_nl; /* no. packets lost */ 94 u_int rr_ls; /* extended last seq number received */ 95 u_int rr_dv; /* jitter (delay variance) */ 96 u_int rr_lsr; /* orig. ts from last rr from this src */ 97 u_int rr_dlsr; /* time from recpt of last rr to xmit time */ 98 }; 99 100 /*XXX*/ 101 #define RTCP_PT_SR 200 102 #define RTCP_PT_RR 201 103 #define RTCP_PT_SDES 202 104 #define RTCP_SDES_CNAME 1 105 #define RTCP_SDES_NAME 2 106 #define RTCP_SDES_EMAIL 3 107 #define RTCP_SDES_PHONE 4 108 #define RTCP_SDES_LOC 5 109 #define RTCP_SDES_TOOL 6 110 #define RTCP_SDES_NOTE 7 111 #define RTCP_SDES_PRIV 8 112 #define RTCP_PT_BYE 203 113 #define RTCP_PT_APP 204 114 115 static void 116 vat_print(const void *hdr, u_int len, register const struct udphdr *up) 117 { 118 /* vat/vt audio */ 119 u_int ts = *(u_short *)hdr; 120 if ((ts & 0xf060) != 0) { 121 /* probably vt */ 122 (void)printf(" udp/vt %u %d / %d", 123 (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up)), 124 ts & 0x3ff, ts >> 10); 125 } else { 126 /* probably vat */ 127 u_int i0 = ntohl(((u_int *)hdr)[0]); 128 u_int i1 = ntohl(((u_int *)hdr)[1]); 129 printf(" udp/vat %u c%d %u%s", 130 (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up) - 8), 131 i0 & 0xffff, 132 i1, i0 & 0x800000? "*" : ""); 133 /* audio format */ 134 if (i0 & 0x1f0000) 135 printf(" f%d", (i0 >> 16) & 0x1f); 136 if (i0 & 0x3f000000) 137 printf(" s%d", (i0 >> 24) & 0x3f); 138 } 139 } 140 141 static void 142 rtp_print(const void *hdr, u_int len, register const struct udphdr *up) 143 { 144 /* rtp v1 or v2 */ 145 u_int *ip = (u_int *)hdr; 146 u_int hasopt, hasext, contype, hasmarker; 147 u_int i0 = ntohl(((u_int *)hdr)[0]); 148 u_int i1 = ntohl(((u_int *)hdr)[1]); 149 u_int dlen = ntohs(up->uh_ulen) - sizeof(*up) - 8; 150 const char * ptype; 151 152 ip += 2; 153 len >>= 2; 154 len -= 2; 155 hasopt = 0; 156 hasext = 0; 157 if ((i0 >> 30) == 1) { 158 /* rtp v1 */ 159 hasopt = i0 & 0x800000; 160 contype = (i0 >> 16) & 0x3f; 161 hasmarker = i0 & 0x400000; 162 ptype = "rtpv1"; 163 } else { 164 /* rtp v2 */ 165 hasext = i0 & 0x10000000; 166 contype = (i0 >> 16) & 0x7f; 167 hasmarker = i0 & 0x800000; 168 dlen -= 4; 169 ptype = "rtp"; 170 ip += 1; 171 len -= 1; 172 } 173 printf(" udp/%s %d c%d %s%s %d %u", 174 ptype, 175 dlen, 176 contype, 177 (hasopt || hasext)? "+" : "", 178 hasmarker? "*" : "", 179 i0 & 0xffff, 180 i1); 181 if (vflag) { 182 printf(" %u", i1); 183 if (hasopt) { 184 u_int i2, optlen; 185 do { 186 i2 = ip[0]; 187 optlen = (i2 >> 16) & 0xff; 188 if (optlen == 0 || optlen > len) { 189 printf(" !opt"); 190 return; 191 } 192 ip += optlen; 193 len -= optlen; 194 } while ((int)i2 >= 0); 195 } 196 if (hasext) { 197 u_int i2, extlen; 198 i2 = ip[0]; 199 extlen = (i2 & 0xffff) + 1; 200 if (extlen > len) { 201 printf(" !ext"); 202 return; 203 } 204 ip += extlen; 205 } 206 if (contype == 0x1f) /*XXX H.261 */ 207 printf(" 0x%04x", ip[0] >> 16); 208 } 209 } 210 211 static const u_char * 212 rtcp_print(const u_char *hdr, const u_char *ep) 213 { 214 /* rtp v2 control (rtcp) */ 215 struct rtcp_rr *rr = 0; 216 struct rtcp_sr *sr; 217 struct rtcphdr *rh = (struct rtcphdr *)hdr; 218 u_int len; 219 u_short flags; 220 int cnt; 221 double ts, dts; 222 if ((u_char *)(rh + 1) > ep) { 223 printf(" [|rtcp]"); 224 return (ep); 225 } 226 len = (ntohs(rh->rh_len) + 1) * 4; 227 flags = ntohs(rh->rh_flags); 228 cnt = (flags >> 8) & 0x1f; 229 switch (flags & 0xff) { 230 case RTCP_PT_SR: 231 sr = (struct rtcp_sr *)(rh + 1); 232 printf(" sr"); 233 if (len != cnt * sizeof(*rr) + sizeof(*sr) + sizeof(*rh)) 234 printf(" [%d]", len); 235 if (vflag) 236 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 237 if ((u_char *)(sr + 1) > ep) { 238 printf(" [|rtcp]"); 239 return (ep); 240 } 241 ts = (double)((u_int32_t)ntohl(sr->sr_ntp.upper)) + 242 ((double)((u_int32_t)ntohl(sr->sr_ntp.lower)) / 243 4294967296.0); 244 printf(" @%.2f %u %up %ub", ts, (u_int32_t)ntohl(sr->sr_ts), 245 (u_int32_t)ntohl(sr->sr_np), (u_int32_t)ntohl(sr->sr_nb)); 246 rr = (struct rtcp_rr *)(sr + 1); 247 break; 248 case RTCP_PT_RR: 249 printf(" rr"); 250 if (len != cnt * sizeof(*rr) + sizeof(*rh)) 251 printf(" [%d]", len); 252 rr = (struct rtcp_rr *)(rh + 1); 253 if (vflag) 254 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 255 break; 256 case RTCP_PT_SDES: 257 printf(" sdes %d", len); 258 if (vflag) 259 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 260 cnt = 0; 261 break; 262 case RTCP_PT_BYE: 263 printf(" bye %d", len); 264 if (vflag) 265 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 266 cnt = 0; 267 break; 268 default: 269 printf(" type-0x%x %d", flags & 0xff, len); 270 cnt = 0; 271 break; 272 } 273 if (cnt > 1) 274 printf(" c%d", cnt); 275 while (--cnt >= 0) { 276 if ((u_char *)(rr + 1) > ep) { 277 printf(" [|rtcp]"); 278 return (ep); 279 } 280 if (vflag) 281 printf(" %u", (u_int32_t)ntohl(rr->rr_srcid)); 282 ts = (double)((u_int32_t)ntohl(rr->rr_lsr)) / 65536.; 283 dts = (double)((u_int32_t)ntohl(rr->rr_dlsr)) / 65536.; 284 printf(" %ul %us %uj @%.2f+%.2f", 285 (u_int32_t)ntohl(rr->rr_nl) & 0x00ffffff, 286 (u_int32_t)ntohl(rr->rr_ls), 287 (u_int32_t)ntohl(rr->rr_dv), ts, dts); 288 } 289 return (hdr + len); 290 } 291 292 static int udp_cksum(register const struct ip *ip, 293 register const struct udphdr *up, 294 register int len) 295 { 296 int i, tlen; 297 union phu { 298 struct phdr { 299 u_int32_t src; 300 u_int32_t dst; 301 u_char mbz; 302 u_char proto; 303 u_int16_t len; 304 } ph; 305 u_int16_t pa[6]; 306 } phu; 307 register const u_int16_t *sp; 308 u_int32_t sum; 309 tlen = ntohs(ip->ip_len) - ((const char *)up-(const char*)ip); 310 311 /* pseudo-header.. */ 312 phu.ph.len = htons(tlen); 313 phu.ph.mbz = 0; 314 phu.ph.proto = ip->ip_p; 315 memcpy(&phu.ph.src, &ip->ip_src.s_addr, sizeof(u_int32_t)); 316 memcpy(&phu.ph.dst, &ip->ip_dst.s_addr, sizeof(u_int32_t)); 317 318 sp = &phu.pa[0]; 319 sum = sp[0]+sp[1]+sp[2]+sp[3]+sp[4]+sp[5]; 320 321 sp = (const u_int16_t *)up; 322 323 for (i=0; i<(tlen&~1); i+= 2) 324 sum += *sp++; 325 326 if (tlen & 1) { 327 sum += htons( (*(const char *)sp) << 8); 328 } 329 330 while (sum > 0xffff) 331 sum = (sum & 0xffff) + (sum >> 16); 332 sum = ~sum & 0xffff; 333 334 return (sum); 335 } 336 337 338 339 /* XXX probably should use getservbyname() and cache answers */ 340 #define TFTP_PORT 69 /*XXX*/ 341 #define KERBEROS_PORT 88 /*XXX*/ 342 #define SUNRPC_PORT 111 /*XXX*/ 343 #define SNMP_PORT 161 /*XXX*/ 344 #define NTP_PORT 123 /*XXX*/ 345 #define SNMPTRAP_PORT 162 /*XXX*/ 346 #define RIP_PORT 520 /*XXX*/ 347 #define KERBEROS_SEC_PORT 750 /*XXX*/ 348 #define L2TP_PORT 1701 /*XXX*/ 349 #define ISAKMP_PORT 500 /*XXX*/ 350 #define UDPENCAP_PORT 4500 /*XXX*/ 351 #define TIMED_PORT 525 /*XXX*/ 352 #define NETBIOS_NS_PORT 137 /*XXX*/ 353 #define NETBIOS_DGRAM_PORT 138 /*XXX*/ 354 #define OLD_RADIUS_AUTH_PORT 1645 355 #define OLD_RADIUS_ACCT_PORT 1646 356 #define RADIUS_AUTH_PORT 1812 357 #define RADIUS_ACCT_PORT 1813 358 #define HSRP_PORT 1985 /*XXX*/ 359 #define VQP_PORT 1589 360 #define LWRES_PORT 921 361 #define MULTICASTDNS_PORT 5353 362 363 #ifdef INET6 364 #define RIPNG_PORT 521 /*XXX*/ 365 #define DHCP6_PORT1 546 /*XXX*/ 366 #define DHCP6_PORT2 547 /*XXX*/ 367 #endif 368 369 void 370 udp_print(register const u_char *bp, u_int length, register const u_char *bp2) 371 { 372 register const struct udphdr *up; 373 register const struct ip *ip; 374 register const u_char *cp; 375 register const u_char *ep = bp + length; 376 u_int16_t sport, dport, ulen; 377 #ifdef INET6 378 register const struct ip6_hdr *ip6; 379 #endif 380 381 if (ep > snapend) 382 ep = snapend; 383 up = (struct udphdr *)bp; 384 ip = (struct ip *)bp2; 385 #ifdef INET6 386 if (ip->ip_v == 6) 387 ip6 = (struct ip6_hdr *)bp2; 388 else 389 ip6 = NULL; 390 #endif /*INET6*/ 391 cp = (u_char *)(up + 1); 392 if (cp > snapend) { 393 printf("[|udp]"); 394 return; 395 } 396 if (length < sizeof(struct udphdr)) { 397 (void)printf(" truncated-udp %d", length); 398 return; 399 } 400 length -= sizeof(struct udphdr); 401 402 sport = ntohs(up->uh_sport); 403 dport = ntohs(up->uh_dport); 404 ulen = ntohs(up->uh_ulen); 405 if (packettype) { 406 register struct rpc_msg *rp; 407 enum msg_type direction; 408 409 switch (packettype) { 410 411 case PT_VAT: 412 (void)printf("%s.%s > %s.%s:", 413 ipaddr_string(&ip->ip_src), 414 udpport_string(sport), 415 ipaddr_string(&ip->ip_dst), 416 udpport_string(dport)); 417 vat_print((void *)(up + 1), length, up); 418 break; 419 420 case PT_WB: 421 (void)printf("%s.%s > %s.%s:", 422 ipaddr_string(&ip->ip_src), 423 udpport_string(sport), 424 ipaddr_string(&ip->ip_dst), 425 udpport_string(dport)); 426 wb_print((void *)(up + 1), length); 427 break; 428 429 case PT_RPC: 430 (void)printf("%s.%s > %s.%s: ", 431 ipaddr_string(&ip->ip_src), 432 udpport_string(sport), 433 ipaddr_string(&ip->ip_dst), 434 udpport_string(dport)); 435 rp = (struct rpc_msg *)(up + 1); 436 direction = (enum msg_type)ntohl(rp->rm_direction); 437 if (direction == CALL) 438 sunrpcrequest_print((u_char *)rp, length, 439 (u_char *)ip); 440 else 441 nfsreply_print((u_char *)rp, length, 442 (u_char *)ip); /*XXX*/ 443 break; 444 445 case PT_RTP: 446 (void)printf("%s.%s > %s.%s:", 447 ipaddr_string(&ip->ip_src), 448 udpport_string(sport), 449 ipaddr_string(&ip->ip_dst), 450 udpport_string(dport)); 451 rtp_print((void *)(up + 1), length, up); 452 break; 453 454 case PT_RTCP: 455 (void)printf("%s.%s > %s.%s:", 456 ipaddr_string(&ip->ip_src), 457 udpport_string(sport), 458 ipaddr_string(&ip->ip_dst), 459 udpport_string(dport)); 460 while (cp < ep) 461 cp = rtcp_print(cp, ep); 462 break; 463 case PT_CNFP: 464 cnfp_print(cp, length, (u_char *)ip); 465 break; 466 } 467 return; 468 } 469 470 if (!qflag) { 471 register struct rpc_msg *rp; 472 enum msg_type direction; 473 474 rp = (struct rpc_msg *)(up + 1); 475 if (TTEST(rp->rm_direction)) { 476 direction = (enum msg_type)ntohl(rp->rm_direction); 477 if (dport == NFS_PORT && direction == CALL) { 478 (void)printf("%s.%s > %s.%s: ", 479 ipaddr_string(&ip->ip_src), 480 udpport_string(sport), 481 ipaddr_string(&ip->ip_dst), 482 udpport_string(dport)); 483 nfsreq_print((u_char *)rp, length, 484 (u_char *)ip); 485 return; 486 } 487 if (sport == NFS_PORT && direction == REPLY) { 488 (void)printf("%s.%s > %s.%s: ", 489 ipaddr_string(&ip->ip_src), 490 udpport_string(sport), 491 ipaddr_string(&ip->ip_dst), 492 udpport_string(dport)); 493 nfsreply_print((u_char *)rp, length, 494 (u_char *)ip); 495 return; 496 } 497 #ifdef notdef 498 if (dport == SUNRPC_PORT && direction == CALL) { 499 (void)printf("%s.%s > %s.%s: ", 500 ipaddr_string(&ip->ip_src), 501 udpport_string(sport), 502 ipaddr_string(&ip->ip_dst), 503 udpport_string(dport)); 504 sunrpcrequest_print((u_char *)rp, length, (u_char *)ip); 505 return; 506 } 507 #endif 508 } 509 if (TTEST(((struct LAP *)cp)->type) && 510 ((struct LAP *)cp)->type == lapDDP && 511 (atalk_port(sport) || atalk_port(dport))) { 512 if (vflag) 513 fputs("kip ", stdout); 514 atalk_print_llap(cp, length); 515 return; 516 } 517 } 518 #if 0 519 (void)printf("%s.%s > %s.%s:", 520 ipaddr_string(&ip->ip_src), udpport_string(sport), 521 ipaddr_string(&ip->ip_dst), udpport_string(dport)); 522 #else 523 #ifdef INET6 524 if (ip6) { 525 if (ip6->ip6_nxt == IPPROTO_UDP) { 526 (void)printf("%s.%s > %s.%s:", 527 ip6addr_string(&ip6->ip6_src), 528 udpport_string(sport), 529 ip6addr_string(&ip6->ip6_dst), 530 udpport_string(dport)); 531 } else { 532 (void)printf("%s > %s: ", 533 udpport_string(sport), udpport_string(dport)); 534 } 535 } else 536 #endif /*INET6*/ 537 { 538 if (ip->ip_p == IPPROTO_UDP) { 539 (void)printf("%s.%s > %s.%s:", 540 ipaddr_string(&ip->ip_src), 541 udpport_string(sport), 542 ipaddr_string(&ip->ip_dst), 543 udpport_string(dport)); 544 } else { 545 (void)printf("%s > %s:", 546 udpport_string(sport), udpport_string(dport)); 547 } 548 } 549 #endif 550 551 if (ip->ip_v == 4 && vflag) { 552 int sum = up->uh_sum; 553 if (sum == 0) { 554 (void)printf(" [no cksum]"); 555 } else if (TTEST2(cp[0], length)) { 556 sum = udp_cksum(ip, up, length); 557 if (sum != 0) 558 (void)printf(" [bad udp cksum %x!]", sum); 559 else 560 (void)printf(" [udp sum ok]"); 561 } 562 } 563 564 if (!qflag) { 565 #define ISPORT(p) (dport == (p) || sport == (p)) 566 if (ISPORT(NAMESERVER_PORT)) 567 ns_print((const u_char *)(up + 1), length, 0); 568 else if (ISPORT(MULTICASTDNS_PORT)) 569 ns_print((const u_char *)(up + 1), length, 1); 570 else if (ISPORT(LWRES_PORT)) 571 lwres_print((const u_char *)(up + 1), length); 572 else if (ISPORT(TIMED_PORT)) 573 timed_print((const u_char *)(up + 1), length); 574 else if (ISPORT(TFTP_PORT)) 575 tftp_print((const u_char *)(up + 1), length); 576 else if (ISPORT(IPPORT_BOOTPC) || ISPORT(IPPORT_BOOTPS)) 577 bootp_print((const u_char *)(up + 1), length, 578 sport, dport); 579 else if (ISPORT(RIP_PORT)) 580 rip_print((const u_char *)(up + 1), length); 581 else if (ISPORT(SNMP_PORT) || ISPORT(SNMPTRAP_PORT)) 582 snmp_print((const u_char *)(up + 1), length); 583 else if (ISPORT(NTP_PORT)) 584 ntp_print((const u_char *)(up + 1), length); 585 else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT)) 586 krb_print((const void *)(up + 1), length); 587 else if (ISPORT(L2TP_PORT)) 588 l2tp_print((const u_char *)(up + 1), length); 589 else if (ISPORT(UDPENCAP_PORT)) 590 udpencap_print((const u_char *)(up + 1), length, bp2); 591 else if (ISPORT(ISAKMP_PORT)) 592 ike_print((const u_char *)(up + 1), length); 593 #if 0 594 else if (ISPORT(NETBIOS_NS_PORT)) 595 nbt_udp137_print((const u_char *)(up + 1), length); 596 else if (ISPORT(NETBIOS_DGRAM_PORT)) 597 nbt_udp138_print((const u_char *)(up + 1), length); 598 #endif 599 else if (ISPORT(OLD_RADIUS_AUTH_PORT) || 600 ISPORT(OLD_RADIUS_ACCT_PORT) || 601 ISPORT(RADIUS_AUTH_PORT) || 602 ISPORT(RADIUS_ACCT_PORT)) 603 radius_print((const u_char *)(up + 1), length); 604 else if (dport == 3456) 605 vat_print((const void *)(up + 1), length, up); 606 else if (ISPORT(IAPP_PORT) || ISPORT(IAPP_OLD_PORT)) 607 iapp_print((const u_char *)(up + 1), length); 608 else if (ISPORT(VQP_PORT)) 609 vqp_print((const u_char *)(up + 1), length); 610 #ifdef INET6 611 else if (ISPORT(RIPNG_PORT)) 612 ripng_print((const u_char *)(up + 1), length); 613 else if (ISPORT(DHCP6_PORT1) || ISPORT(DHCP6_PORT2)) { 614 dhcp6_print((const u_char *)(up + 1), length, 615 sport, dport); 616 } 617 #endif /*INET6*/ 618 /* 619 * Kludge in test for whiteboard packets. 620 */ 621 else if (dport == 4567) 622 wb_print((const void *)(up + 1), length); 623 else if (dport == HSRP_PORT) 624 hsrp_print((const u_char *)(up + 1), length); 625 else 626 (void)printf(" udp %u", 627 (u_int32_t)(ulen - sizeof(*up))); 628 #undef ISPORT 629 } else 630 (void)printf(" udp %u", (u_int32_t)(ulen - sizeof(*up))); 631 } 632