1 /* $OpenBSD: print-udp.c,v 1.30 2007/10/07 16:41:05 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that: (1) source code distributions 9 * retain the above copyright notice and this paragraph in its entirety, (2) 10 * distributions including binary code include the above copyright notice and 11 * this paragraph in its entirety in the documentation or other materials 12 * provided with the distribution, and (3) all advertising materials mentioning 13 * features or use of this software display the following acknowledgement: 14 * ``This product includes software developed by the University of California, 15 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 16 * the University nor the names of its contributors may be used to endorse 17 * or promote products derived from this software without specific prior 18 * written permission. 19 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 20 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 22 */ 23 24 #ifndef lint 25 static const char rcsid[] = 26 "@(#) $Id: print-udp.c,v 1.30 2007/10/07 16:41:05 deraadt Exp $ (LBL)"; 27 #endif 28 29 #include <sys/param.h> 30 #include <sys/time.h> 31 #include <sys/socket.h> 32 33 #include <netinet/in.h> 34 #include <netinet/in_systm.h> 35 #include <netinet/ip.h> 36 #include <netinet/ip_var.h> 37 #include <netinet/udp.h> 38 #include <netinet/udp_var.h> 39 40 #include <net80211/ieee80211.h> 41 42 #ifdef NOERROR 43 #undef NOERROR /* Solaris sucks */ 44 #endif 45 #ifdef T_UNSPEC 46 #undef T_UNSPEC /* SINIX does too */ 47 #endif 48 #include <arpa/nameser.h> 49 #ifdef SEGSIZE 50 #undef SEGSIZE 51 #endif 52 #include <arpa/tftp.h> 53 54 #include <rpc/rpc.h> 55 56 #include <stdio.h> 57 #include <string.h> 58 59 #ifdef INET6 60 #include <netinet/ip6.h> 61 #endif 62 63 #include "interface.h" 64 #include "addrtoname.h" 65 #include "appletalk.h" 66 67 #include "nfsv2.h" 68 #include "bootp.h" 69 #include "iapp.h" 70 71 struct rtcphdr { 72 u_short rh_flags; /* T:2 P:1 CNT:5 PT:8 */ 73 u_short rh_len; /* length of message (in words) */ 74 u_int rh_ssrc; /* synchronization src id */ 75 }; 76 77 typedef struct { 78 u_int upper; /* more significant 32 bits */ 79 u_int lower; /* less significant 32 bits */ 80 } ntp64; 81 82 /* 83 * Sender report. 84 */ 85 struct rtcp_sr { 86 ntp64 sr_ntp; /* 64-bit ntp timestamp */ 87 u_int sr_ts; /* reference media timestamp */ 88 u_int sr_np; /* no. packets sent */ 89 u_int sr_nb; /* no. bytes sent */ 90 }; 91 92 /* 93 * Receiver report. 94 * Time stamps are middle 32-bits of ntp timestamp. 95 */ 96 struct rtcp_rr { 97 u_int rr_srcid; /* sender being reported */ 98 u_int rr_nl; /* no. packets lost */ 99 u_int rr_ls; /* extended last seq number received */ 100 u_int rr_dv; /* jitter (delay variance) */ 101 u_int rr_lsr; /* orig. ts from last rr from this src */ 102 u_int rr_dlsr; /* time from recpt of last rr to xmit time */ 103 }; 104 105 /*XXX*/ 106 #define RTCP_PT_SR 200 107 #define RTCP_PT_RR 201 108 #define RTCP_PT_SDES 202 109 #define RTCP_SDES_CNAME 1 110 #define RTCP_SDES_NAME 2 111 #define RTCP_SDES_EMAIL 3 112 #define RTCP_SDES_PHONE 4 113 #define RTCP_SDES_LOC 5 114 #define RTCP_SDES_TOOL 6 115 #define RTCP_SDES_NOTE 7 116 #define RTCP_SDES_PRIV 8 117 #define RTCP_PT_BYE 203 118 #define RTCP_PT_APP 204 119 120 static void 121 vat_print(const void *hdr, u_int len, register const struct udphdr *up) 122 { 123 /* vat/vt audio */ 124 u_int ts = *(u_short *)hdr; 125 if ((ts & 0xf060) != 0) { 126 /* probably vt */ 127 (void)printf(" udp/vt %u %d / %d", 128 (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up)), 129 ts & 0x3ff, ts >> 10); 130 } else { 131 /* probably vat */ 132 u_int i0 = ntohl(((u_int *)hdr)[0]); 133 u_int i1 = ntohl(((u_int *)hdr)[1]); 134 printf(" udp/vat %u c%d %u%s", 135 (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up) - 8), 136 i0 & 0xffff, 137 i1, i0 & 0x800000? "*" : ""); 138 /* audio format */ 139 if (i0 & 0x1f0000) 140 printf(" f%d", (i0 >> 16) & 0x1f); 141 if (i0 & 0x3f000000) 142 printf(" s%d", (i0 >> 24) & 0x3f); 143 } 144 } 145 146 static void 147 rtp_print(const void *hdr, u_int len, register const struct udphdr *up) 148 { 149 /* rtp v1 or v2 */ 150 u_int *ip = (u_int *)hdr; 151 u_int hasopt, hasext, contype, hasmarker; 152 u_int i0 = ntohl(((u_int *)hdr)[0]); 153 u_int i1 = ntohl(((u_int *)hdr)[1]); 154 u_int dlen = ntohs(up->uh_ulen) - sizeof(*up) - 8; 155 const char * ptype; 156 157 ip += 2; 158 len >>= 2; 159 len -= 2; 160 hasopt = 0; 161 hasext = 0; 162 if ((i0 >> 30) == 1) { 163 /* rtp v1 */ 164 hasopt = i0 & 0x800000; 165 contype = (i0 >> 16) & 0x3f; 166 hasmarker = i0 & 0x400000; 167 ptype = "rtpv1"; 168 } else { 169 /* rtp v2 */ 170 hasext = i0 & 0x10000000; 171 contype = (i0 >> 16) & 0x7f; 172 hasmarker = i0 & 0x800000; 173 dlen -= 4; 174 ptype = "rtp"; 175 ip += 1; 176 len -= 1; 177 } 178 printf(" udp/%s %d c%d %s%s %d %u", 179 ptype, 180 dlen, 181 contype, 182 (hasopt || hasext)? "+" : "", 183 hasmarker? "*" : "", 184 i0 & 0xffff, 185 i1); 186 if (vflag) { 187 printf(" %u", i1); 188 if (hasopt) { 189 u_int i2, optlen; 190 do { 191 i2 = ip[0]; 192 optlen = (i2 >> 16) & 0xff; 193 if (optlen == 0 || optlen > len) { 194 printf(" !opt"); 195 return; 196 } 197 ip += optlen; 198 len -= optlen; 199 } while ((int)i2 >= 0); 200 } 201 if (hasext) { 202 u_int i2, extlen; 203 i2 = ip[0]; 204 extlen = (i2 & 0xffff) + 1; 205 if (extlen > len) { 206 printf(" !ext"); 207 return; 208 } 209 ip += extlen; 210 } 211 if (contype == 0x1f) /*XXX H.261 */ 212 printf(" 0x%04x", ip[0] >> 16); 213 } 214 } 215 216 static const u_char * 217 rtcp_print(const u_char *hdr, const u_char *ep) 218 { 219 /* rtp v2 control (rtcp) */ 220 struct rtcp_rr *rr = 0; 221 struct rtcp_sr *sr; 222 struct rtcphdr *rh = (struct rtcphdr *)hdr; 223 u_int len; 224 u_short flags; 225 int cnt; 226 double ts, dts; 227 if ((u_char *)(rh + 1) > ep) { 228 printf(" [|rtcp]"); 229 return (ep); 230 } 231 len = (ntohs(rh->rh_len) + 1) * 4; 232 flags = ntohs(rh->rh_flags); 233 cnt = (flags >> 8) & 0x1f; 234 switch (flags & 0xff) { 235 case RTCP_PT_SR: 236 sr = (struct rtcp_sr *)(rh + 1); 237 printf(" sr"); 238 if (len != cnt * sizeof(*rr) + sizeof(*sr) + sizeof(*rh)) 239 printf(" [%d]", len); 240 if (vflag) 241 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 242 if ((u_char *)(sr + 1) > ep) { 243 printf(" [|rtcp]"); 244 return (ep); 245 } 246 ts = (double)((u_int32_t)ntohl(sr->sr_ntp.upper)) + 247 ((double)((u_int32_t)ntohl(sr->sr_ntp.lower)) / 248 4294967296.0); 249 printf(" @%.2f %u %up %ub", ts, (u_int32_t)ntohl(sr->sr_ts), 250 (u_int32_t)ntohl(sr->sr_np), (u_int32_t)ntohl(sr->sr_nb)); 251 rr = (struct rtcp_rr *)(sr + 1); 252 break; 253 case RTCP_PT_RR: 254 printf(" rr"); 255 if (len != cnt * sizeof(*rr) + sizeof(*rh)) 256 printf(" [%d]", len); 257 rr = (struct rtcp_rr *)(rh + 1); 258 if (vflag) 259 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 260 break; 261 case RTCP_PT_SDES: 262 printf(" sdes %d", len); 263 if (vflag) 264 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 265 cnt = 0; 266 break; 267 case RTCP_PT_BYE: 268 printf(" bye %d", len); 269 if (vflag) 270 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc)); 271 cnt = 0; 272 break; 273 default: 274 printf(" type-0x%x %d", flags & 0xff, len); 275 cnt = 0; 276 break; 277 } 278 if (cnt > 1) 279 printf(" c%d", cnt); 280 while (--cnt >= 0) { 281 if ((u_char *)(rr + 1) > ep) { 282 printf(" [|rtcp]"); 283 return (ep); 284 } 285 if (vflag) 286 printf(" %u", (u_int32_t)ntohl(rr->rr_srcid)); 287 ts = (double)((u_int32_t)ntohl(rr->rr_lsr)) / 65536.; 288 dts = (double)((u_int32_t)ntohl(rr->rr_dlsr)) / 65536.; 289 printf(" %ul %us %uj @%.2f+%.2f", 290 (u_int32_t)ntohl(rr->rr_nl) & 0x00ffffff, 291 (u_int32_t)ntohl(rr->rr_ls), 292 (u_int32_t)ntohl(rr->rr_dv), ts, dts); 293 } 294 return (hdr + len); 295 } 296 297 static int udp_cksum(register const struct ip *ip, 298 register const struct udphdr *up, 299 register int len) 300 { 301 int i, tlen; 302 union phu { 303 struct phdr { 304 u_int32_t src; 305 u_int32_t dst; 306 u_char mbz; 307 u_char proto; 308 u_int16_t len; 309 } ph; 310 u_int16_t pa[6]; 311 } phu; 312 register const u_int16_t *sp; 313 u_int32_t sum; 314 tlen = ntohs(ip->ip_len) - ((const char *)up-(const char*)ip); 315 316 /* pseudo-header.. */ 317 phu.ph.len = htons(tlen); 318 phu.ph.mbz = 0; 319 phu.ph.proto = ip->ip_p; 320 memcpy(&phu.ph.src, &ip->ip_src.s_addr, sizeof(u_int32_t)); 321 memcpy(&phu.ph.dst, &ip->ip_dst.s_addr, sizeof(u_int32_t)); 322 323 sp = &phu.pa[0]; 324 sum = sp[0]+sp[1]+sp[2]+sp[3]+sp[4]+sp[5]; 325 326 sp = (const u_int16_t *)up; 327 328 for (i=0; i<(tlen&~1); i+= 2) 329 sum += *sp++; 330 331 if (tlen & 1) { 332 sum += htons( (*(const char *)sp) << 8); 333 } 334 335 while (sum > 0xffff) 336 sum = (sum & 0xffff) + (sum >> 16); 337 sum = ~sum & 0xffff; 338 339 return (sum); 340 } 341 342 343 344 /* XXX probably should use getservbyname() and cache answers */ 345 #define TFTP_PORT 69 /*XXX*/ 346 #define KERBEROS_PORT 88 /*XXX*/ 347 #define SUNRPC_PORT 111 /*XXX*/ 348 #define SNMP_PORT 161 /*XXX*/ 349 #define NTP_PORT 123 /*XXX*/ 350 #define SNMPTRAP_PORT 162 /*XXX*/ 351 #define RIP_PORT 520 /*XXX*/ 352 #define KERBEROS_SEC_PORT 750 /*XXX*/ 353 #define L2TP_PORT 1701 /*XXX*/ 354 #define ISAKMP_PORT 500 /*XXX*/ 355 #define UDPENCAP_PORT 4500 /*XXX*/ 356 #define TIMED_PORT 525 /*XXX*/ 357 #define NETBIOS_NS_PORT 137 /*XXX*/ 358 #define NETBIOS_DGRAM_PORT 138 /*XXX*/ 359 #define OLD_RADIUS_AUTH_PORT 1645 360 #define OLD_RADIUS_ACCT_PORT 1646 361 #define RADIUS_AUTH_PORT 1812 362 #define RADIUS_ACCT_PORT 1813 363 #define HSRP_PORT 1985 /*XXX*/ 364 #define VQP_PORT 1589 365 #define LWRES_PORT 921 366 #define MULTICASTDNS_PORT 5353 367 368 #ifdef INET6 369 #define RIPNG_PORT 521 /*XXX*/ 370 #define DHCP6_PORT1 546 /*XXX*/ 371 #define DHCP6_PORT2 547 /*XXX*/ 372 #endif 373 374 void 375 udp_print(register const u_char *bp, u_int length, register const u_char *bp2) 376 { 377 register const struct udphdr *up; 378 register const struct ip *ip; 379 register const u_char *cp; 380 register const u_char *ep = bp + length; 381 u_int16_t sport, dport, ulen; 382 #ifdef INET6 383 register const struct ip6_hdr *ip6; 384 #endif 385 386 if (ep > snapend) 387 ep = snapend; 388 up = (struct udphdr *)bp; 389 ip = (struct ip *)bp2; 390 #ifdef INET6 391 if (ip->ip_v == 6) 392 ip6 = (struct ip6_hdr *)bp2; 393 else 394 ip6 = NULL; 395 #endif /*INET6*/ 396 cp = (u_char *)(up + 1); 397 if (cp > snapend) { 398 printf("[|udp]"); 399 return; 400 } 401 if (length < sizeof(struct udphdr)) { 402 (void)printf(" truncated-udp %d", length); 403 return; 404 } 405 length -= sizeof(struct udphdr); 406 407 sport = ntohs(up->uh_sport); 408 dport = ntohs(up->uh_dport); 409 ulen = ntohs(up->uh_ulen); 410 if (packettype) { 411 register struct rpc_msg *rp; 412 enum msg_type direction; 413 414 switch (packettype) { 415 416 case PT_VAT: 417 (void)printf("%s.%s > %s.%s:", 418 ipaddr_string(&ip->ip_src), 419 udpport_string(sport), 420 ipaddr_string(&ip->ip_dst), 421 udpport_string(dport)); 422 vat_print((void *)(up + 1), length, up); 423 break; 424 425 case PT_WB: 426 (void)printf("%s.%s > %s.%s:", 427 ipaddr_string(&ip->ip_src), 428 udpport_string(sport), 429 ipaddr_string(&ip->ip_dst), 430 udpport_string(dport)); 431 wb_print((void *)(up + 1), length); 432 break; 433 434 case PT_RPC: 435 (void)printf("%s.%s > %s.%s: ", 436 ipaddr_string(&ip->ip_src), 437 udpport_string(sport), 438 ipaddr_string(&ip->ip_dst), 439 udpport_string(dport)); 440 rp = (struct rpc_msg *)(up + 1); 441 direction = (enum msg_type)ntohl(rp->rm_direction); 442 if (direction == CALL) 443 sunrpcrequest_print((u_char *)rp, length, 444 (u_char *)ip); 445 else 446 nfsreply_print((u_char *)rp, length, 447 (u_char *)ip); /*XXX*/ 448 break; 449 450 case PT_RTP: 451 (void)printf("%s.%s > %s.%s:", 452 ipaddr_string(&ip->ip_src), 453 udpport_string(sport), 454 ipaddr_string(&ip->ip_dst), 455 udpport_string(dport)); 456 rtp_print((void *)(up + 1), length, up); 457 break; 458 459 case PT_RTCP: 460 (void)printf("%s.%s > %s.%s:", 461 ipaddr_string(&ip->ip_src), 462 udpport_string(sport), 463 ipaddr_string(&ip->ip_dst), 464 udpport_string(dport)); 465 while (cp < ep) 466 cp = rtcp_print(cp, ep); 467 break; 468 case PT_CNFP: 469 cnfp_print(cp, length, (u_char *)ip); 470 break; 471 } 472 return; 473 } 474 475 if (!qflag) { 476 register struct rpc_msg *rp; 477 enum msg_type direction; 478 479 rp = (struct rpc_msg *)(up + 1); 480 if (TTEST(rp->rm_direction)) { 481 direction = (enum msg_type)ntohl(rp->rm_direction); 482 if (dport == NFS_PORT && direction == CALL) { 483 (void)printf("%s.%s > %s.%s: ", 484 ipaddr_string(&ip->ip_src), 485 udpport_string(sport), 486 ipaddr_string(&ip->ip_dst), 487 udpport_string(dport)); 488 nfsreq_print((u_char *)rp, length, 489 (u_char *)ip); 490 return; 491 } 492 if (sport == NFS_PORT && direction == REPLY) { 493 (void)printf("%s.%s > %s.%s: ", 494 ipaddr_string(&ip->ip_src), 495 udpport_string(sport), 496 ipaddr_string(&ip->ip_dst), 497 udpport_string(dport)); 498 nfsreply_print((u_char *)rp, length, 499 (u_char *)ip); 500 return; 501 } 502 #ifdef notdef 503 if (dport == SUNRPC_PORT && direction == CALL) { 504 (void)printf("%s.%s > %s.%s: ", 505 ipaddr_string(&ip->ip_src), 506 udpport_string(sport), 507 ipaddr_string(&ip->ip_dst), 508 udpport_string(dport)); 509 sunrpcrequest_print((u_char *)rp, length, (u_char *)ip); 510 return; 511 } 512 #endif 513 } 514 if (TTEST(((struct LAP *)cp)->type) && 515 ((struct LAP *)cp)->type == lapDDP && 516 (atalk_port(sport) || atalk_port(dport))) { 517 if (vflag) 518 fputs("kip ", stdout); 519 atalk_print_llap(cp, length); 520 return; 521 } 522 } 523 #if 0 524 (void)printf("%s.%s > %s.%s:", 525 ipaddr_string(&ip->ip_src), udpport_string(sport), 526 ipaddr_string(&ip->ip_dst), udpport_string(dport)); 527 #else 528 #ifdef INET6 529 if (ip6) { 530 if (ip6->ip6_nxt == IPPROTO_UDP) { 531 (void)printf("%s.%s > %s.%s:", 532 ip6addr_string(&ip6->ip6_src), 533 udpport_string(sport), 534 ip6addr_string(&ip6->ip6_dst), 535 udpport_string(dport)); 536 } else { 537 (void)printf("%s > %s: ", 538 udpport_string(sport), udpport_string(dport)); 539 } 540 } else 541 #endif /*INET6*/ 542 { 543 if (ip->ip_p == IPPROTO_UDP) { 544 (void)printf("%s.%s > %s.%s:", 545 ipaddr_string(&ip->ip_src), 546 udpport_string(sport), 547 ipaddr_string(&ip->ip_dst), 548 udpport_string(dport)); 549 } else { 550 (void)printf("%s > %s:", 551 udpport_string(sport), udpport_string(dport)); 552 } 553 } 554 #endif 555 556 if (ip->ip_v == 4 && vflag) { 557 int sum = up->uh_sum; 558 if (sum == 0) { 559 (void)printf(" [no cksum]"); 560 } else if (TTEST2(cp[0], length)) { 561 sum = udp_cksum(ip, up, length); 562 if (sum != 0) 563 (void)printf(" [bad udp cksum %x!]", sum); 564 else 565 (void)printf(" [udp sum ok]"); 566 } 567 } 568 569 if (!qflag) { 570 #define ISPORT(p) (dport == (p) || sport == (p)) 571 if (ISPORT(NAMESERVER_PORT)) 572 ns_print((const u_char *)(up + 1), length, 0); 573 else if (ISPORT(MULTICASTDNS_PORT)) 574 ns_print((const u_char *)(up + 1), length, 1); 575 else if (ISPORT(LWRES_PORT)) 576 lwres_print((const u_char *)(up + 1), length); 577 else if (ISPORT(TIMED_PORT)) 578 timed_print((const u_char *)(up + 1), length); 579 else if (ISPORT(TFTP_PORT)) 580 tftp_print((const u_char *)(up + 1), length); 581 else if (ISPORT(IPPORT_BOOTPC) || ISPORT(IPPORT_BOOTPS)) 582 bootp_print((const u_char *)(up + 1), length, 583 sport, dport); 584 else if (ISPORT(RIP_PORT)) 585 rip_print((const u_char *)(up + 1), length); 586 else if (ISPORT(SNMP_PORT) || ISPORT(SNMPTRAP_PORT)) 587 snmp_print((const u_char *)(up + 1), length); 588 else if (ISPORT(NTP_PORT)) 589 ntp_print((const u_char *)(up + 1), length); 590 else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT)) 591 krb_print((const void *)(up + 1), length); 592 else if (ISPORT(L2TP_PORT)) 593 l2tp_print((const u_char *)(up + 1), length); 594 else if (ISPORT(UDPENCAP_PORT)) 595 udpencap_print((const u_char *)(up + 1), length, bp2); 596 else if (ISPORT(ISAKMP_PORT)) 597 ike_print((const u_char *)(up + 1), length); 598 #if 0 599 else if (ISPORT(NETBIOS_NS_PORT)) 600 nbt_udp137_print((const u_char *)(up + 1), length); 601 else if (ISPORT(NETBIOS_DGRAM_PORT)) 602 nbt_udp138_print((const u_char *)(up + 1), length); 603 #endif 604 else if (ISPORT(OLD_RADIUS_AUTH_PORT) || 605 ISPORT(OLD_RADIUS_ACCT_PORT) || 606 ISPORT(RADIUS_AUTH_PORT) || 607 ISPORT(RADIUS_ACCT_PORT)) 608 radius_print((const u_char *)(up + 1), length); 609 else if (dport == 3456) 610 vat_print((const void *)(up + 1), length, up); 611 else if (ISPORT(IAPP_PORT) || ISPORT(IAPP_OLD_PORT)) 612 iapp_print((const u_char *)(up + 1), length); 613 else if (ISPORT(VQP_PORT)) 614 vqp_print((const u_char *)(up + 1), length); 615 #ifdef INET6 616 else if (ISPORT(RIPNG_PORT)) 617 ripng_print((const u_char *)(up + 1), length); 618 else if (ISPORT(DHCP6_PORT1) || ISPORT(DHCP6_PORT2)) { 619 dhcp6_print((const u_char *)(up + 1), length, 620 sport, dport); 621 } 622 #endif /*INET6*/ 623 /* 624 * Kludge in test for whiteboard packets. 625 */ 626 else if (dport == 4567) 627 wb_print((const void *)(up + 1), length); 628 else if (dport == HSRP_PORT) 629 hsrp_print((const u_char *)(up + 1), length); 630 else 631 (void)printf(" udp %u", 632 (u_int32_t)(ulen - sizeof(*up))); 633 #undef ISPORT 634 } else 635 (void)printf(" udp %u", (u_int32_t)(ulen - sizeof(*up))); 636 } 637