diff options
Diffstat (limited to 'print-vrrp.c')
| -rw-r--r-- | print-vrrp.c | 187 |
1 files changed, 187 insertions, 0 deletions
diff --git a/print-vrrp.c b/print-vrrp.c new file mode 100644 index 000000000000..a39766767e40 --- /dev/null +++ b/print-vrrp.c @@ -0,0 +1,187 @@ +/* + * Copyright (c) 2000 William C. Fenner. + * All rights reserved. + * + * Kevin Steves <ks@hp.se> July 2000 + * Modified to: + * - print version, type string and packet length + * - print IP address count if > 1 (-v) + * - verify checksum (-v) + * - print authentication string (-v) + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that: (1) source code + * distributions retain the above copyright notice and this paragraph + * in its entirety, and (2) distributions including binary code include + * the above copyright notice and this paragraph in its entirety in + * the documentation or other materials provided with the distribution. + * The name of William C. Fenner may not be used to endorse or + * promote products derived from this software without specific prior + * written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND + * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT + * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE. + */ + +/* \summary: Virtual Router Redundancy Protocol (VRRP) printer */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <netdissect-stdinc.h> + +#include "netdissect.h" +#include "extract.h" +#include "addrtoname.h" + +#include "ip.h" +#include "ipproto.h" +/* + * RFC 2338 (VRRP v2): + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |Version| Type | Virtual Rtr ID| Priority | Count IP Addrs| + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Auth Type | Adver Int | Checksum | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | IP Address (1) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | . | + * | . | + * | . | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | IP Address (n) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Authentication Data (1) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Authentication Data (2) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * + * RFC 5798 (VRRP v3): + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | IPv4 Fields or IPv6 Fields | + * ... ... + * | | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |Version| Type | Virtual Rtr ID| Priority |Count IPvX Addr| + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |(rsvd) | Max Adver Int | Checksum | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | | + * + + + * | IPvX Address(es) | + * + + + * | | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + */ + +/* Type */ +#define VRRP_TYPE_ADVERTISEMENT 1 + +static const struct tok type2str[] = { + { VRRP_TYPE_ADVERTISEMENT, "Advertisement" }, + { 0, NULL } +}; + +/* Auth Type */ +#define VRRP_AUTH_NONE 0 +#define VRRP_AUTH_SIMPLE 1 +#define VRRP_AUTH_AH 2 + +static const struct tok auth2str[] = { + { VRRP_AUTH_NONE, "none" }, + { VRRP_AUTH_SIMPLE, "simple" }, + { VRRP_AUTH_AH, "ah" }, + { 0, NULL } +}; + +void +vrrp_print(netdissect_options *ndo, + register const u_char *bp, register u_int len, + register const u_char *bp2, int ttl) +{ + int version, type, auth_type = VRRP_AUTH_NONE; /* keep compiler happy */ + const char *type_s; + + ND_TCHECK(bp[0]); + version = (bp[0] & 0xf0) >> 4; + type = bp[0] & 0x0f; + type_s = tok2str(type2str, "unknown type (%u)", type); + ND_PRINT((ndo, "VRRPv%u, %s", version, type_s)); + if (ttl != 255) + ND_PRINT((ndo, ", (ttl %u)", ttl)); + if (version < 2 || version > 3 || type != VRRP_TYPE_ADVERTISEMENT) + return; + ND_TCHECK(bp[2]); + ND_PRINT((ndo, ", vrid %u, prio %u", bp[1], bp[2])); + ND_TCHECK(bp[5]); + + if (version == 2) { + auth_type = bp[4]; + ND_PRINT((ndo, ", authtype %s", tok2str(auth2str, NULL, auth_type))); + ND_PRINT((ndo, ", intvl %us, length %u", bp[5], len)); + } else { /* version == 3 */ + uint16_t intvl = (bp[4] & 0x0f) << 8 | bp[5]; + ND_PRINT((ndo, ", intvl %ucs, length %u", intvl, len)); + } + + if (ndo->ndo_vflag) { + int naddrs = bp[3]; + int i; + char c; + + if (version == 2 && ND_TTEST2(bp[0], len)) { + struct cksum_vec vec[1]; + + vec[0].ptr = bp; + vec[0].len = len; + if (in_cksum(vec, 1)) { + ND_TCHECK_16BITS(&bp[6]); + ND_PRINT((ndo, ", (bad vrrp cksum %x)", + EXTRACT_16BITS(&bp[6]))); + } + } + + if (version == 3 && ND_TTEST2(bp[0], len)) { + uint16_t cksum = nextproto4_cksum(ndo, (const struct ip *)bp2, bp, + len, len, IPPROTO_VRRP); + if (cksum) { + ND_TCHECK_16BITS(&bp[6]); + ND_PRINT((ndo, ", (bad vrrp cksum %x)", + EXTRACT_16BITS(&bp[6]))); + } + } + + ND_PRINT((ndo, ", addrs")); + if (naddrs > 1) + ND_PRINT((ndo, "(%d)", naddrs)); + ND_PRINT((ndo, ":")); + c = ' '; + bp += 8; + for (i = 0; i < naddrs; i++) { + ND_TCHECK(bp[3]); + ND_PRINT((ndo, "%c%s", c, ipaddr_string(ndo, bp))); + c = ','; + bp += 4; + } + if (version == 2 && auth_type == VRRP_AUTH_SIMPLE) { /* simple text password */ + ND_TCHECK(bp[7]); + ND_PRINT((ndo, " auth \"")); + if (fn_printn(ndo, bp, 8, ndo->ndo_snapend)) { + ND_PRINT((ndo, "\"")); + goto trunc; + } + ND_PRINT((ndo, "\"")); + } + } + return; +trunc: + ND_PRINT((ndo, "[|vrrp]")); +} |