diff options
Diffstat (limited to '')
-rw-r--r-- | print-fr.c | 1157 |
1 files changed, 1157 insertions, 0 deletions
diff --git a/print-fr.c b/print-fr.c new file mode 100644 index 0000000..f0d7fbe --- /dev/null +++ b/print-fr.c @@ -0,0 +1,1157 @@ +/* + * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that: (1) source code distributions + * retain the above copyright notice and this paragraph in its entirety, (2) + * distributions including binary code include the above copyright notice and + * this paragraph in its entirety in the documentation or other materials + * provided with the distribution, and (3) all advertising materials mentioning + * features or use of this software display the following acknowledgement: + * ``This product includes software developed by the University of California, + * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of + * the University nor the names of its contributors may be used to endorse + * or promote products derived from this software without specific prior + * written permission. + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +/* \summary: Frame Relay printer */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include "netdissect-stdinc.h" + +#include <stdio.h> +#include <string.h> + +#include "netdissect.h" +#include "addrtoname.h" +#include "ethertype.h" +#include "llc.h" +#include "nlpid.h" +#include "extract.h" + +static void frf15_print(netdissect_options *ndo, const u_char *, u_int); + +/* + * the frame relay header has a variable length + * + * the EA bit determines if there is another byte + * in the header + * + * minimum header length is 2 bytes + * maximum header length is 4 bytes + * + * 7 6 5 4 3 2 1 0 + * +----+----+----+----+----+----+----+----+ + * | DLCI (6 bits) | CR | EA | + * +----+----+----+----+----+----+----+----+ + * | DLCI (4 bits) |FECN|BECN| DE | EA | + * +----+----+----+----+----+----+----+----+ + * | DLCI (7 bits) | EA | + * +----+----+----+----+----+----+----+----+ + * | DLCI (6 bits) |SDLC| EA | + * +----+----+----+----+----+----+----+----+ + */ + +#define FR_EA_BIT 0x01 + +#define FR_CR_BIT 0x02000000 +#define FR_DE_BIT 0x00020000 +#define FR_BECN_BIT 0x00040000 +#define FR_FECN_BIT 0x00080000 +#define FR_SDLC_BIT 0x00000002 + + +static const struct tok fr_header_flag_values[] = { + { FR_CR_BIT, "C!" }, + { FR_DE_BIT, "DE" }, + { FR_BECN_BIT, "BECN" }, + { FR_FECN_BIT, "FECN" }, + { FR_SDLC_BIT, "sdlcore" }, + { 0, NULL } +}; + +/* FRF.15 / FRF.16 */ +#define MFR_B_BIT 0x80 +#define MFR_E_BIT 0x40 +#define MFR_C_BIT 0x20 +#define MFR_BEC_MASK (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT) +#define MFR_CTRL_FRAME (MFR_B_BIT | MFR_E_BIT | MFR_C_BIT) +#define MFR_FRAG_FRAME (MFR_B_BIT | MFR_E_BIT ) + +static const struct tok frf_flag_values[] = { + { MFR_B_BIT, "Begin" }, + { MFR_E_BIT, "End" }, + { MFR_C_BIT, "Control" }, + { 0, NULL } +}; + +/* Finds out Q.922 address length, DLCI and flags. Returns 1 on success, + * 0 on invalid address, -1 on truncated packet + * save the flags dep. on address length + */ +static int parse_q922_header(netdissect_options *ndo, + const u_char *p, u_int *dlci, + u_int *addr_len, uint32_t *flags, u_int length) +{ + if (!ND_TTEST_1(p) || length < 1) + return -1; + if ((GET_U_1(p) & FR_EA_BIT)) + return 0; + + if (!ND_TTEST_1(p + 1) || length < 2) + return -1; + *addr_len = 2; + *dlci = ((GET_U_1(p) & 0xFC) << 2) | ((GET_U_1(p + 1) & 0xF0) >> 4); + + *flags = ((GET_U_1(p) & 0x02) << 24) | /* CR flag */ + ((GET_U_1(p + 1) & 0x0e) << 16); /* FECN,BECN,DE flags */ + + if (GET_U_1(p + 1) & FR_EA_BIT) + return 1; /* 2-byte Q.922 address */ + + p += 2; + length -= 2; + if (!ND_TTEST_1(p) || length < 1) + return -1; + (*addr_len)++; /* 3- or 4-byte Q.922 address */ + if ((GET_U_1(p) & FR_EA_BIT) == 0) { + *dlci = (*dlci << 7) | (GET_U_1(p) >> 1); + (*addr_len)++; /* 4-byte Q.922 address */ + p++; + length--; + } + + if (!ND_TTEST_1(p) || length < 1) + return -1; + if ((GET_U_1(p) & FR_EA_BIT) == 0) + return 0; /* more than 4 bytes of Q.922 address? */ + + *flags = *flags | (GET_U_1(p) & 0x02); /* SDLC flag */ + + *dlci = (*dlci << 6) | (GET_U_1(p) >> 2); + + return 1; +} + +const char * +q922_string(netdissect_options *ndo, const u_char *p, u_int length) +{ + + static u_int dlci, addr_len; + static uint32_t flags; + static char buffer[sizeof("parse_q922_header() returned XXXXXXXXXXX")]; + int ret; + memset(buffer, 0, sizeof(buffer)); + + ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length); + if (ret == 1) { + snprintf(buffer, sizeof(buffer), "DLCI %u", dlci); + return buffer; + } else if (ret == 0) { + return "<Invalid DLCI>"; + } else if (ret == -1) { + return "<Truncated>"; + } else { + snprintf(buffer, sizeof(buffer), "parse_q922_header() returned %d", ret); + return buffer; + } +} + + +/* Frame Relay packet structure, with flags and CRC removed + + +---------------------------+ + | Q.922 Address* | + +-- --+ + | | + +---------------------------+ + | Control (UI = 0x03) | + +---------------------------+ + | Optional Pad (0x00) | + +---------------------------+ + | NLPID | + +---------------------------+ + | . | + | . | + | . | + | Data | + | . | + | . | + +---------------------------+ + + * Q.922 addresses, as presently defined, are two octets and + contain a 10-bit DLCI. In some networks Q.922 addresses + may optionally be increased to three or four octets. +*/ + +static void +fr_hdr_print(netdissect_options *ndo, int length, u_int addr_len, + u_int dlci, uint32_t flags, uint16_t nlpid) +{ + if (ndo->ndo_qflag) { + ND_PRINT("Q.922, DLCI %u, length %u: ", + dlci, + length); + } else { + if (nlpid <= 0xff) /* if its smaller than 256 then its a NLPID */ + ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], NLPID %s (0x%02x), length %u: ", + addr_len, + dlci, + bittok2str(fr_header_flag_values, "none", flags), + tok2str(nlpid_values,"unknown", nlpid), + nlpid, + length); + else /* must be an ethertype */ + ND_PRINT("Q.922, hdr-len %u, DLCI %u, Flags [%s], cisco-ethertype %s (0x%04x), length %u: ", + addr_len, + dlci, + bittok2str(fr_header_flag_values, "none", flags), + tok2str(ethertype_values, "unknown", nlpid), + nlpid, + length); + } +} + +/* Frame Relay */ +void +fr_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) +{ + u_int length = h->len; + u_int caplen = h->caplen; + + ndo->ndo_protocol = "fr"; + if (caplen < 4) { /* minimum frame header length */ + nd_print_trunc(ndo); + ndo->ndo_ll_hdr_len += caplen; + return; + } + + ndo->ndo_ll_hdr_len += fr_print(ndo, p, length); +} + +u_int +fr_print(netdissect_options *ndo, + const u_char *p, u_int length) +{ + int ret; + uint16_t extracted_ethertype; + u_int dlci; + u_int addr_len; + uint16_t nlpid; + u_int hdr_len; + uint32_t flags; + + ndo->ndo_protocol = "fr"; + ret = parse_q922_header(ndo, p, &dlci, &addr_len, &flags, length); + if (ret == -1) + goto trunc; + if (ret == 0) { + ND_PRINT("Q.922, invalid address"); + return 0; + } + + ND_TCHECK_1(p + addr_len); + if (length < addr_len + 1) + goto trunc; + + if (GET_U_1(p + addr_len) != LLC_UI && dlci != 0) { + /* + * Let's figure out if we have Cisco-style encapsulation, + * with an Ethernet type (Cisco HDLC type?) following the + * address. + */ + if (!ND_TTEST_2(p + addr_len) || length < addr_len + 2) { + /* no Ethertype */ + ND_PRINT("UI %02x! ", GET_U_1(p + addr_len)); + } else { + extracted_ethertype = GET_BE_U_2(p + addr_len); + + if (ndo->ndo_eflag) + fr_hdr_print(ndo, length, addr_len, dlci, + flags, extracted_ethertype); + + if (ethertype_print(ndo, extracted_ethertype, + p+addr_len+ETHERTYPE_LEN, + length-addr_len-ETHERTYPE_LEN, + ND_BYTES_AVAILABLE_AFTER(p)-addr_len-ETHERTYPE_LEN, + NULL, NULL) == 0) + /* ether_type not known, probably it wasn't one */ + ND_PRINT("UI %02x! ", GET_U_1(p + addr_len)); + else + return addr_len + 2; + } + } + + ND_TCHECK_1(p + addr_len + 1); + if (length < addr_len + 2) + goto trunc; + + if (GET_U_1(p + addr_len + 1) == 0) { + /* + * Assume a pad byte after the control (UI) byte. + * A pad byte should only be used with 3-byte Q.922. + */ + if (addr_len != 3) + ND_PRINT("Pad! "); + hdr_len = addr_len + 1 /* UI */ + 1 /* pad */ + 1 /* NLPID */; + } else { + /* + * Not a pad byte. + * A pad byte should be used with 3-byte Q.922. + */ + if (addr_len == 3) + ND_PRINT("No pad! "); + hdr_len = addr_len + 1 /* UI */ + 1 /* NLPID */; + } + + ND_TCHECK_1(p + hdr_len - 1); + if (length < hdr_len) + goto trunc; + nlpid = GET_U_1(p + hdr_len - 1); + + if (ndo->ndo_eflag) + fr_hdr_print(ndo, length, addr_len, dlci, flags, nlpid); + p += hdr_len; + length -= hdr_len; + + switch (nlpid) { + case NLPID_IP: + ip_print(ndo, p, length); + break; + + case NLPID_IP6: + ip6_print(ndo, p, length); + break; + + case NLPID_CLNP: + case NLPID_ESIS: + case NLPID_ISIS: + isoclns_print(ndo, p - 1, length + 1); /* OSI printers need the NLPID field */ + break; + + case NLPID_SNAP: + if (snap_print(ndo, p, length, ND_BYTES_AVAILABLE_AFTER(p), NULL, NULL, 0) == 0) { + /* ether_type not known, print raw packet */ + if (!ndo->ndo_eflag) + fr_hdr_print(ndo, length + hdr_len, hdr_len, + dlci, flags, nlpid); + if (!ndo->ndo_suppress_default_print) + ND_DEFAULTPRINT(p - hdr_len, length + hdr_len); + } + break; + + case NLPID_Q933: + q933_print(ndo, p, length); + break; + + case NLPID_MFR: + frf15_print(ndo, p, length); + break; + + case NLPID_PPP: + ppp_print(ndo, p, length); + break; + + default: + if (!ndo->ndo_eflag) + fr_hdr_print(ndo, length + hdr_len, addr_len, + dlci, flags, nlpid); + if (!ndo->ndo_xflag) + ND_DEFAULTPRINT(p, length); + } + + return hdr_len; + +trunc: + nd_print_trunc(ndo); + return 0; + +} + +/* Multi Link Frame Relay (FRF.16) */ +void +mfr_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) +{ + u_int length = h->len; + u_int caplen = h->caplen; + + ndo->ndo_protocol = "mfr"; + if (caplen < 2) { /* minimum frame header length */ + nd_print_trunc(ndo); + ndo->ndo_ll_hdr_len += caplen; + return; + } + + ndo->ndo_ll_hdr_len += mfr_print(ndo, p, length); +} + + +#define MFR_CTRL_MSG_ADD_LINK 1 +#define MFR_CTRL_MSG_ADD_LINK_ACK 2 +#define MFR_CTRL_MSG_ADD_LINK_REJ 3 +#define MFR_CTRL_MSG_HELLO 4 +#define MFR_CTRL_MSG_HELLO_ACK 5 +#define MFR_CTRL_MSG_REMOVE_LINK 6 +#define MFR_CTRL_MSG_REMOVE_LINK_ACK 7 + +static const struct tok mfr_ctrl_msg_values[] = { + { MFR_CTRL_MSG_ADD_LINK, "Add Link" }, + { MFR_CTRL_MSG_ADD_LINK_ACK, "Add Link ACK" }, + { MFR_CTRL_MSG_ADD_LINK_REJ, "Add Link Reject" }, + { MFR_CTRL_MSG_HELLO, "Hello" }, + { MFR_CTRL_MSG_HELLO_ACK, "Hello ACK" }, + { MFR_CTRL_MSG_REMOVE_LINK, "Remove Link" }, + { MFR_CTRL_MSG_REMOVE_LINK_ACK, "Remove Link ACK" }, + { 0, NULL } +}; + +#define MFR_CTRL_IE_BUNDLE_ID 1 +#define MFR_CTRL_IE_LINK_ID 2 +#define MFR_CTRL_IE_MAGIC_NUM 3 +#define MFR_CTRL_IE_TIMESTAMP 5 +#define MFR_CTRL_IE_VENDOR_EXT 6 +#define MFR_CTRL_IE_CAUSE 7 + +static const struct tok mfr_ctrl_ie_values[] = { + { MFR_CTRL_IE_BUNDLE_ID, "Bundle ID"}, + { MFR_CTRL_IE_LINK_ID, "Link ID"}, + { MFR_CTRL_IE_MAGIC_NUM, "Magic Number"}, + { MFR_CTRL_IE_TIMESTAMP, "Timestamp"}, + { MFR_CTRL_IE_VENDOR_EXT, "Vendor Extension"}, + { MFR_CTRL_IE_CAUSE, "Cause"}, + { 0, NULL } +}; + +#define MFR_ID_STRING_MAXLEN 50 + +struct ie_tlv_header_t { + uint8_t ie_type; + uint8_t ie_len; +}; + +u_int +mfr_print(netdissect_options *ndo, + const u_char *p, u_int length) +{ + u_int tlen,idx,hdr_len = 0; + uint16_t sequence_num; + uint8_t ie_type,ie_len; + const uint8_t *tptr; + + +/* + * FRF.16 Link Integrity Control Frame + * + * 7 6 5 4 3 2 1 0 + * +----+----+----+----+----+----+----+----+ + * | B | E | C=1| 0 0 0 0 | EA | + * +----+----+----+----+----+----+----+----+ + * | 0 0 0 0 0 0 0 0 | + * +----+----+----+----+----+----+----+----+ + * | message type | + * +----+----+----+----+----+----+----+----+ + */ + + ndo->ndo_protocol = "mfr"; + + if (length < 4) { /* minimum frame header length */ + ND_PRINT("[length %u < 4]", length); + nd_print_invalid(ndo); + return length; + } + ND_TCHECK_4(p); + + if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_CTRL_FRAME && GET_U_1(p + 1) == 0) { + ND_PRINT("FRF.16 Control, Flags [%s], %s, length %u", + bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK)), + tok2str(mfr_ctrl_msg_values,"Unknown Message (0x%02x)",GET_U_1(p + 2)), + length); + tptr = p + 3; + tlen = length -3; + hdr_len = 3; + + if (!ndo->ndo_vflag) + return hdr_len; + + while (tlen>sizeof(struct ie_tlv_header_t)) { + ND_TCHECK_LEN(tptr, sizeof(struct ie_tlv_header_t)); + ie_type=GET_U_1(tptr); + ie_len=GET_U_1(tptr + 1); + + ND_PRINT("\n\tIE %s (%u), length %u: ", + tok2str(mfr_ctrl_ie_values,"Unknown",ie_type), + ie_type, + ie_len); + + /* infinite loop check */ + if (ie_type == 0 || ie_len <= sizeof(struct ie_tlv_header_t)) + return hdr_len; + + ND_TCHECK_LEN(tptr, ie_len); + tptr+=sizeof(struct ie_tlv_header_t); + /* tlv len includes header */ + ie_len-=sizeof(struct ie_tlv_header_t); + tlen-=sizeof(struct ie_tlv_header_t); + + switch (ie_type) { + + case MFR_CTRL_IE_MAGIC_NUM: + /* FRF.16.1 Section 3.4.3 Magic Number Information Element */ + if (ie_len != 4) { + ND_PRINT("[IE data length %d != 4]", ie_len); + nd_print_invalid(ndo); + break; + } + ND_PRINT("0x%08x", GET_BE_U_4(tptr)); + break; + + case MFR_CTRL_IE_BUNDLE_ID: /* same message format */ + case MFR_CTRL_IE_LINK_ID: + for (idx = 0; idx < ie_len && idx < MFR_ID_STRING_MAXLEN; idx++) { + if (GET_U_1(tptr + idx) != 0) /* don't print null termination */ + fn_print_char(ndo, GET_U_1(tptr + idx)); + else + break; + } + break; + + case MFR_CTRL_IE_TIMESTAMP: + if (ie_len == sizeof(struct timeval)) { + ts_print(ndo, (const struct timeval *)tptr); + break; + } + /* fall through and hexdump if no unix timestamp */ + ND_FALL_THROUGH; + + /* + * FIXME those are the defined IEs that lack a decoder + * you are welcome to contribute code ;-) + */ + + case MFR_CTRL_IE_VENDOR_EXT: + case MFR_CTRL_IE_CAUSE: + + default: + if (ndo->ndo_vflag <= 1) + print_unknown_data(ndo, tptr, "\n\t ", ie_len); + break; + } + + /* do we want to see a hexdump of the IE ? */ + if (ndo->ndo_vflag > 1 ) + print_unknown_data(ndo, tptr, "\n\t ", ie_len); + + tlen-=ie_len; + tptr+=ie_len; + } + return hdr_len; + } +/* + * FRF.16 Fragmentation Frame + * + * 7 6 5 4 3 2 1 0 + * +----+----+----+----+----+----+----+----+ + * | B | E | C=0|seq. (high 4 bits) | EA | + * +----+----+----+----+----+----+----+----+ + * | sequence (low 8 bits) | + * +----+----+----+----+----+----+----+----+ + * | DLCI (6 bits) | CR | EA | + * +----+----+----+----+----+----+----+----+ + * | DLCI (4 bits) |FECN|BECN| DE | EA | + * +----+----+----+----+----+----+----+----+ + */ + + sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1); + /* whole packet or first fragment ? */ + if ((GET_U_1(p) & MFR_BEC_MASK) == MFR_FRAG_FRAME || + (GET_U_1(p) & MFR_BEC_MASK) == MFR_B_BIT) { + ND_PRINT("FRF.16 Frag, seq %u, Flags [%s], ", + sequence_num, + bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK))); + hdr_len = 2; + fr_print(ndo, p+hdr_len,length-hdr_len); + return hdr_len; + } + + /* must be a middle or the last fragment */ + ND_PRINT("FRF.16 Frag, seq %u, Flags [%s]", + sequence_num, + bittok2str(frf_flag_values,"none",(GET_U_1(p) & MFR_BEC_MASK))); + print_unknown_data(ndo, p, "\n\t", length); + + return hdr_len; + +trunc: + nd_print_trunc(ndo); + return length; +} + +/* an NLPID of 0xb1 indicates a 2-byte + * FRF.15 header + * + * 7 6 5 4 3 2 1 0 + * +----+----+----+----+----+----+----+----+ + * ~ Q.922 header ~ + * +----+----+----+----+----+----+----+----+ + * | NLPID (8 bits) | NLPID=0xb1 + * +----+----+----+----+----+----+----+----+ + * | B | E | C |seq. (high 4 bits) | R | + * +----+----+----+----+----+----+----+----+ + * | sequence (low 8 bits) | + * +----+----+----+----+----+----+----+----+ + */ + +#define FR_FRF15_FRAGTYPE 0x01 + +static void +frf15_print(netdissect_options *ndo, + const u_char *p, u_int length) +{ + uint16_t sequence_num, flags; + + if (length < 2) + goto trunc; + + flags = GET_U_1(p)&MFR_BEC_MASK; + sequence_num = (GET_U_1(p)&0x1e)<<7 | GET_U_1(p + 1); + + ND_PRINT("FRF.15, seq 0x%03x, Flags [%s],%s Fragmentation, length %u", + sequence_num, + bittok2str(frf_flag_values,"none",flags), + GET_U_1(p)&FR_FRF15_FRAGTYPE ? "Interface" : "End-to-End", + length); + +/* TODO: + * depending on all permutations of the B, E and C bit + * dig as deep as we can - e.g. on the first (B) fragment + * there is enough payload to print the IP header + * on non (B) fragments it depends if the fragmentation + * model is end-to-end or interface based whether we want to print + * another Q.922 header + */ + return; + +trunc: + nd_print_trunc(ndo); +} + +/* + * Q.933 decoding portion for framerelay specific. + */ + +/* Q.933 packet format + Format of Other Protocols + using Q.933 NLPID + +-------------------------------+ + | Q.922 Address | + +---------------+---------------+ + |Control 0x03 | NLPID 0x08 | + +---------------+---------------+ + | L2 Protocol ID | + | octet 1 | octet 2 | + +-------------------------------+ + | L3 Protocol ID | + | octet 2 | octet 2 | + +-------------------------------+ + | Protocol Data | + +-------------------------------+ + | FCS | + +-------------------------------+ + */ + +/* L2 (Octet 1)- Call Reference Usually is 0x0 */ + +/* + * L2 (Octet 2)- Message Types definition 1 byte long. + */ +/* Call Establish */ +#define MSG_TYPE_ESC_TO_NATIONAL 0x00 +#define MSG_TYPE_ALERT 0x01 +#define MSG_TYPE_CALL_PROCEEDING 0x02 +#define MSG_TYPE_CONNECT 0x07 +#define MSG_TYPE_CONNECT_ACK 0x0F +#define MSG_TYPE_PROGRESS 0x03 +#define MSG_TYPE_SETUP 0x05 +/* Call Clear */ +#define MSG_TYPE_DISCONNECT 0x45 +#define MSG_TYPE_RELEASE 0x4D +#define MSG_TYPE_RELEASE_COMPLETE 0x5A +#define MSG_TYPE_RESTART 0x46 +#define MSG_TYPE_RESTART_ACK 0x4E +/* Status */ +#define MSG_TYPE_STATUS 0x7D +#define MSG_TYPE_STATUS_ENQ 0x75 + +static const struct tok fr_q933_msg_values[] = { + { MSG_TYPE_ESC_TO_NATIONAL, "ESC to National" }, + { MSG_TYPE_ALERT, "Alert" }, + { MSG_TYPE_CALL_PROCEEDING, "Call proceeding" }, + { MSG_TYPE_CONNECT, "Connect" }, + { MSG_TYPE_CONNECT_ACK, "Connect ACK" }, + { MSG_TYPE_PROGRESS, "Progress" }, + { MSG_TYPE_SETUP, "Setup" }, + { MSG_TYPE_DISCONNECT, "Disconnect" }, + { MSG_TYPE_RELEASE, "Release" }, + { MSG_TYPE_RELEASE_COMPLETE, "Release Complete" }, + { MSG_TYPE_RESTART, "Restart" }, + { MSG_TYPE_RESTART_ACK, "Restart ACK" }, + { MSG_TYPE_STATUS, "Status Reply" }, + { MSG_TYPE_STATUS_ENQ, "Status Enquiry" }, + { 0, NULL } +}; + +#define IE_IS_SINGLE_OCTET(iecode) ((iecode) & 0x80) +#define IE_IS_SHIFT(iecode) (((iecode) & 0xF0) == 0x90) +#define IE_SHIFT_IS_NON_LOCKING(iecode) ((iecode) & 0x08) +#define IE_SHIFT_IS_LOCKING(iecode) (!(IE_SHIFT_IS_NON_LOCKING(iecode))) +#define IE_SHIFT_CODESET(iecode) ((iecode) & 0x07) + +#define FR_LMI_ANSI_REPORT_TYPE_IE 0x01 +#define FR_LMI_ANSI_LINK_VERIFY_IE_91 0x19 /* details? */ +#define FR_LMI_ANSI_LINK_VERIFY_IE 0x03 +#define FR_LMI_ANSI_PVC_STATUS_IE 0x07 + +#define FR_LMI_CCITT_REPORT_TYPE_IE 0x51 +#define FR_LMI_CCITT_LINK_VERIFY_IE 0x53 +#define FR_LMI_CCITT_PVC_STATUS_IE 0x57 + +static const struct tok fr_q933_ie_values_codeset_0_5[] = { + { FR_LMI_ANSI_REPORT_TYPE_IE, "ANSI Report Type" }, + { FR_LMI_ANSI_LINK_VERIFY_IE_91, "ANSI Link Verify" }, + { FR_LMI_ANSI_LINK_VERIFY_IE, "ANSI Link Verify" }, + { FR_LMI_ANSI_PVC_STATUS_IE, "ANSI PVC Status" }, + { FR_LMI_CCITT_REPORT_TYPE_IE, "CCITT Report Type" }, + { FR_LMI_CCITT_LINK_VERIFY_IE, "CCITT Link Verify" }, + { FR_LMI_CCITT_PVC_STATUS_IE, "CCITT PVC Status" }, + { 0, NULL } +}; + +#define FR_LMI_REPORT_TYPE_IE_FULL_STATUS 0 +#define FR_LMI_REPORT_TYPE_IE_LINK_VERIFY 1 +#define FR_LMI_REPORT_TYPE_IE_ASYNC_PVC 2 + +static const struct tok fr_lmi_report_type_ie_values[] = { + { FR_LMI_REPORT_TYPE_IE_FULL_STATUS, "Full Status" }, + { FR_LMI_REPORT_TYPE_IE_LINK_VERIFY, "Link verify" }, + { FR_LMI_REPORT_TYPE_IE_ASYNC_PVC, "Async PVC Status" }, + { 0, NULL } +}; + +/* array of 16 codesets - currently we only support codepage 0 and 5 */ +static const struct tok *fr_q933_ie_codesets[] = { + fr_q933_ie_values_codeset_0_5, + NULL, + NULL, + NULL, + NULL, + fr_q933_ie_values_codeset_0_5, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL +}; + +static int fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode, + u_int ielength, const u_char *p); + +typedef int (*codeset_pr_func_t)(netdissect_options *, u_int iecode, + u_int ielength, const u_char *p); + +/* array of 16 codesets - currently we only support codepage 0 and 5 */ +static const codeset_pr_func_t fr_q933_print_ie_codeset[] = { + fr_q933_print_ie_codeset_0_5, + NULL, + NULL, + NULL, + NULL, + fr_q933_print_ie_codeset_0_5, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL +}; + +/* + * ITU-T Q.933. + * + * p points to octet 2, the octet containing the length of the + * call reference value, so p[n] is octet n+2 ("octet X" is as + * used in Q.931/Q.933). + * + * XXX - actually used both for Q.931 and Q.933. + */ +void +q933_print(netdissect_options *ndo, + const u_char *p, u_int length) +{ + u_int olen; + u_int call_ref_length, i; + uint8_t call_ref[15]; /* maximum length - length field is 4 bits */ + u_int msgtype; + u_int iecode; + u_int ielength; + u_int codeset = 0; + u_int is_ansi = 0; + u_int ie_is_known; + u_int non_locking_shift; + u_int unshift_codeset; + + ndo->ndo_protocol = "q.933"; + ND_PRINT("%s", ndo->ndo_eflag ? "" : "Q.933"); + + if (length == 0 || !ND_TTEST_1(p)) { + if (!ndo->ndo_eflag) + ND_PRINT(", "); + ND_PRINT("length %u", length); + goto trunc; + } + + /* + * Get the length of the call reference value. + */ + olen = length; /* preserve the original length for display */ + call_ref_length = GET_U_1(p) & 0x0f; + p++; + length--; + + /* + * Get the call reference value. + */ + for (i = 0; i < call_ref_length; i++) { + if (length == 0 || !ND_TTEST_1(p)) { + if (!ndo->ndo_eflag) + ND_PRINT(", "); + ND_PRINT("length %u", olen); + goto trunc; + } + call_ref[i] = GET_U_1(p); + p++; + length--; + } + + /* + * Get the message type. + */ + if (length == 0 || !ND_TTEST_1(p)) { + if (!ndo->ndo_eflag) + ND_PRINT(", "); + ND_PRINT("length %u", olen); + goto trunc; + } + msgtype = GET_U_1(p); + p++; + length--; + + /* + * Peek ahead to see if we start with a shift. + */ + non_locking_shift = 0; + unshift_codeset = codeset; + if (length != 0) { + if (!ND_TTEST_1(p)) { + if (!ndo->ndo_eflag) + ND_PRINT(", "); + ND_PRINT("length %u", olen); + goto trunc; + } + iecode = GET_U_1(p); + if (IE_IS_SHIFT(iecode)) { + /* + * It's a shift. Skip over it. + */ + p++; + length--; + + /* + * Get the codeset. + */ + codeset = IE_SHIFT_CODESET(iecode); + + /* + * If it's a locking shift to codeset 5, + * mark this as ANSI. (XXX - 5 is actually + * for national variants in general, not + * the US variant in particular, but maybe + * this is more American exceptionalism. :-)) + */ + if (IE_SHIFT_IS_LOCKING(iecode)) { + /* + * It's a locking shift. + */ + if (codeset == 5) { + /* + * It's a locking shift to + * codeset 5, so this is + * T1.617 Annex D. + */ + is_ansi = 1; + } + } else { + /* + * It's a non-locking shift. + * Remember the current codeset, so we + * can revert to it after the next IE. + */ + non_locking_shift = 1; + unshift_codeset = 0; + } + } + } + + /* printing out header part */ + if (!ndo->ndo_eflag) + ND_PRINT(", "); + ND_PRINT("%s, codeset %u", is_ansi ? "ANSI" : "CCITT", codeset); + + if (call_ref_length != 0) { + if (call_ref_length > 1 || GET_U_1(p) != 0) { + /* + * Not a dummy call reference. + */ + ND_PRINT(", Call Ref: 0x"); + for (i = 0; i < call_ref_length; i++) + ND_PRINT("%02x", call_ref[i]); + } + } + if (ndo->ndo_vflag) { + ND_PRINT(", %s (0x%02x), length %u", + tok2str(fr_q933_msg_values, + "unknown message", msgtype), + msgtype, + olen); + } else { + ND_PRINT(", %s", + tok2str(fr_q933_msg_values, + "unknown message 0x%02x", msgtype)); + } + + /* Loop through the rest of the IEs */ + while (length != 0) { + /* + * What's the state of any non-locking shifts? + */ + if (non_locking_shift == 1) { + /* + * There's a non-locking shift in effect for + * this IE. Count it, so we reset the codeset + * before the next IE. + */ + non_locking_shift = 2; + } else if (non_locking_shift == 2) { + /* + * Unshift. + */ + codeset = unshift_codeset; + non_locking_shift = 0; + } + + /* + * Get the first octet of the IE. + */ + if (!ND_TTEST_1(p)) { + if (!ndo->ndo_vflag) { + ND_PRINT(", length %u", olen); + } + goto trunc; + } + iecode = GET_U_1(p); + p++; + length--; + + /* Single-octet IE? */ + if (IE_IS_SINGLE_OCTET(iecode)) { + /* + * Yes. Is it a shift? + */ + if (IE_IS_SHIFT(iecode)) { + /* + * Yes. Is it locking? + */ + if (IE_SHIFT_IS_LOCKING(iecode)) { + /* + * Yes. + */ + non_locking_shift = 0; + } else { + /* + * No. Remember the current + * codeset, so we can revert + * to it after the next IE. + */ + non_locking_shift = 1; + unshift_codeset = codeset; + } + + /* + * Get the codeset. + */ + codeset = IE_SHIFT_CODESET(iecode); + } + } else { + /* + * No. Get the IE length. + */ + if (length == 0 || !ND_TTEST_1(p)) { + if (!ndo->ndo_vflag) { + ND_PRINT(", length %u", olen); + } + goto trunc; + } + ielength = GET_U_1(p); + p++; + length--; + + /* lets do the full IE parsing only in verbose mode + * however some IEs (DLCI Status, Link Verify) + * are also interesting in non-verbose mode */ + if (ndo->ndo_vflag) { + ND_PRINT("\n\t%s IE (0x%02x), length %u: ", + tok2str(fr_q933_ie_codesets[codeset], + "unknown", iecode), + iecode, + ielength); + } + + /* sanity checks */ + if (iecode == 0 || ielength == 0) { + return; + } + if (length < ielength || !ND_TTEST_LEN(p, ielength)) { + if (!ndo->ndo_vflag) { + ND_PRINT(", length %u", olen); + } + goto trunc; + } + + ie_is_known = 0; + if (fr_q933_print_ie_codeset[codeset] != NULL) { + ie_is_known = fr_q933_print_ie_codeset[codeset](ndo, iecode, ielength, p); + } + + if (ie_is_known) { + /* + * Known IE; do we want to see a hexdump + * of it? + */ + if (ndo->ndo_vflag > 1) { + /* Yes. */ + print_unknown_data(ndo, p, "\n\t ", ielength); + } + } else { + /* + * Unknown IE; if we're printing verbosely, + * print its content in hex. + */ + if (ndo->ndo_vflag >= 1) { + print_unknown_data(ndo, p, "\n\t", ielength); + } + } + + length -= ielength; + p += ielength; + } + } + if (!ndo->ndo_vflag) { + ND_PRINT(", length %u", olen); + } + return; + +trunc: + nd_print_trunc(ndo); +} + +static int +fr_q933_print_ie_codeset_0_5(netdissect_options *ndo, u_int iecode, + u_int ielength, const u_char *p) +{ + u_int dlci; + + switch (iecode) { + + case FR_LMI_ANSI_REPORT_TYPE_IE: /* fall through */ + case FR_LMI_CCITT_REPORT_TYPE_IE: + if (ielength < 1) { + if (!ndo->ndo_vflag) { + ND_PRINT(", "); + } + ND_PRINT("Invalid REPORT TYPE IE"); + return 1; + } + if (ndo->ndo_vflag) { + ND_PRINT("%s (%u)", + tok2str(fr_lmi_report_type_ie_values,"unknown",GET_U_1(p)), + GET_U_1(p)); + } + return 1; + + case FR_LMI_ANSI_LINK_VERIFY_IE: /* fall through */ + case FR_LMI_CCITT_LINK_VERIFY_IE: + case FR_LMI_ANSI_LINK_VERIFY_IE_91: + if (!ndo->ndo_vflag) { + ND_PRINT(", "); + } + if (ielength < 2) { + ND_PRINT("Invalid LINK VERIFY IE"); + return 1; + } + ND_PRINT("TX Seq: %3d, RX Seq: %3d", GET_U_1(p), GET_U_1(p + 1)); + return 1; + + case FR_LMI_ANSI_PVC_STATUS_IE: /* fall through */ + case FR_LMI_CCITT_PVC_STATUS_IE: + if (!ndo->ndo_vflag) { + ND_PRINT(", "); + } + /* now parse the DLCI information element. */ + if ((ielength < 3) || + (GET_U_1(p) & 0x80) || + ((ielength == 3) && !(GET_U_1(p + 1) & 0x80)) || + ((ielength == 4) && + ((GET_U_1(p + 1) & 0x80) || !(GET_U_1(p + 2) & 0x80))) || + ((ielength == 5) && + ((GET_U_1(p + 1) & 0x80) || (GET_U_1(p + 2) & 0x80) || + !(GET_U_1(p + 3) & 0x80))) || + (ielength > 5) || + !(GET_U_1(p + ielength - 1) & 0x80)) { + ND_PRINT("Invalid DLCI in PVC STATUS IE"); + return 1; + } + + dlci = ((GET_U_1(p) & 0x3F) << 4) | ((GET_U_1(p + 1) & 0x78) >> 3); + if (ielength == 4) { + dlci = (dlci << 6) | ((GET_U_1(p + 2) & 0x7E) >> 1); + } + else if (ielength == 5) { + dlci = (dlci << 13) | (GET_U_1(p + 2) & 0x7F) | ((GET_U_1(p + 3) & 0x7E) >> 1); + } + + ND_PRINT("DLCI %u: status %s%s", dlci, + GET_U_1(p + ielength - 1) & 0x8 ? "New, " : "", + GET_U_1(p + ielength - 1) & 0x2 ? "Active" : "Inactive"); + return 1; + } + + return 0; +} |