PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-23 16:09:02 +00:00
Code Issues Projects Releases Wiki Activity

Whitespace in ippackethdrinfo.

Browse Source
This commit is contained in:
david
2011-06-15 00:22:59 +00:00
parent 8737c0ab72
commit d1aae42962
1 changed files with 518 additions and 511 deletions
Download Patch File Download Diff File Expand all files Collapse all files

293
libnetutil/netutil.cc
View File

@@ -2031,8 +2031,8 @@ const char *ippackethdrinfo(const u8 *packet, u32 len, int detail) {
static char protoinfo[1024] = ""; /* Stores final info string. */ static char protoinfo[1024] = ""; /* Stores final info string. */
char ipinfo[512] = ""; /* Temp info about IP. */ char ipinfo[512] = ""; /* Temp info about IP. */
char icmpinfo[512] = ""; /* Temp info about ICMP. */ char icmpinfo[512] = ""; /* Temp info about ICMP. */
char icmptype[128]=""; /* Temp info about ICMP type & code */ char icmptype[128] = ""; /* Temp info about ICMP type & code */
char icmpfields[256]=""; /* Temp info for various ICMP fields */ char icmpfields[256] = ""; /* Temp info for various ICMP fields */
char fragnfo[64] = ""; /* Temp info about fragmentation. */ char fragnfo[64] = ""; /* Temp info about fragmentation. */
char srchost[INET6_ADDRSTRLEN] = ""; /* Src IP in dot-decimal notation. */ char srchost[INET6_ADDRSTRLEN] = ""; /* Src IP in dot-decimal notation. */
char dsthost[INET6_ADDRSTRLEN] = ""; /* Dst IP in dot-decimal notation. */ char dsthost[INET6_ADDRSTRLEN] = ""; /* Dst IP in dot-decimal notation. */
@@ -2049,11 +2049,11 @@ const char *ippackethdrinfo(const u8 *packet, u32 len, int detail) {
/* Ensure we end up with a valid detail number */ /* Ensure we end up with a valid detail number */
if( detail!=LOW_DETAIL && detail!=MEDIUM_DETAIL && detail!=HIGH_DETAIL) if (detail != LOW_DETAIL && detail != MEDIUM_DETAIL && detail != HIGH_DETAIL)
detail=LOW_DETAIL; detail = LOW_DETAIL;
/* IP INFORMATION ************************************************************/ /* IP INFORMATION ************************************************************/
if (hdr.version == 4) { /* IPv4 */ if (hdr.version == 4) { /* IPv4 */
const struct ip *ip; const struct ip *ip;
const struct sockaddr_in *sin; const struct sockaddr_in *sin;
@@ -2077,21 +2077,21 @@ if (hdr.version == 4) { /* IPv4 */
} }
/* Create a string with information relevant to the specified level of detail */ /* Create a string with information relevant to the specified level of detail */
if( detail == LOW_DETAIL ){ if (detail == LOW_DETAIL) {
Snprintf(ipinfo, sizeof(ipinfo), "ttl=%d id=%d iplen=%d%s %s%s%s", Snprintf(ipinfo, sizeof(ipinfo), "ttl=%d id=%d iplen=%d%s %s%s%s",
ip->ip_ttl, ntohs(ip->ip_id), ntohs(ip->ip_len), fragnfo, ip->ip_ttl, ntohs(ip->ip_id), ntohs(ip->ip_len), fragnfo,
ip->ip_hl==5?"":"ipopts={", ip->ip_hl==5?"":"ipopts={",
ip->ip_hl==5?"":format_ip_options((u8*)ip + sizeof(struct ip), MIN((unsigned)(ip->ip_hl-5)*4,len-sizeof(struct ip))), ip->ip_hl==5?"":format_ip_options((u8*) ip + sizeof(struct ip), MIN((unsigned)(ip->ip_hl-5)*4,len-sizeof(struct ip))),
ip->ip_hl==5?"":"}"); ip->ip_hl==5?"":"}");
}else if( detail == MEDIUM_DETAIL ){ } else if (detail == MEDIUM_DETAIL) {
Snprintf(ipinfo, sizeof(ipinfo), "ttl=%d id=%d proto=%d csum=0x%04x iplen=%d%s %s%s%s", Snprintf(ipinfo, sizeof(ipinfo), "ttl=%d id=%d proto=%d csum=0x%04x iplen=%d%s %s%s%s",
ip->ip_ttl, ntohs(ip->ip_id), ip->ip_ttl, ntohs(ip->ip_id),
ip->ip_p, ntohs(ip->ip_sum), ip->ip_p, ntohs(ip->ip_sum),
ntohs(ip->ip_len), fragnfo, ntohs(ip->ip_len), fragnfo,
ip->ip_hl==5?"":"ipopts={", ip->ip_hl==5?"":"ipopts={",
ip->ip_hl==5?"":format_ip_options((u8*)ip + sizeof(struct ip), MIN((unsigned)(ip->ip_hl-5)*4,len-sizeof(struct ip))), ip->ip_hl==5?"":format_ip_options((u8*) ip + sizeof(struct ip), MIN((unsigned)(ip->ip_hl-5)*4,len-sizeof(struct ip))),
ip->ip_hl==5?"":"}"); ip->ip_hl==5?"":"}");
}else if( detail==HIGH_DETAIL ){ } else if (detail == HIGH_DETAIL) {
Snprintf(ipinfo, sizeof(ipinfo), "ver=%d ihl=%d tos=0x%02x iplen=%d id=%d%s%s%s%s foff=%d%s ttl=%d proto=%d csum=0x%04x%s%s%s", Snprintf(ipinfo, sizeof(ipinfo), "ver=%d ihl=%d tos=0x%02x iplen=%d id=%d%s%s%s%s foff=%d%s ttl=%d proto=%d csum=0x%04x%s%s%s",
ip->ip_v, ip->ip_hl, ip->ip_v, ip->ip_hl,
ip->ip_tos, ntohs(ip->ip_len), ip->ip_tos, ntohs(ip->ip_len),
@@ -2104,11 +2104,10 @@ if (hdr.version == 4) { /* IPv4 */
ip->ip_ttl, ip->ip_p, ip->ip_ttl, ip->ip_p,
ntohs(ip->ip_sum), ntohs(ip->ip_sum),
ip->ip_hl==5?"":" ipopts={", ip->ip_hl==5?"":" ipopts={",
ip->ip_hl==5?"":format_ip_options((u8*)ip + sizeof(struct ip), MIN((unsigned)(ip->ip_hl-5)*4,len-sizeof(struct ip))), ip->ip_hl==5?"":format_ip_options((u8*) ip + sizeof(struct ip), MIN((unsigned)(ip->ip_hl-5)*4,len-sizeof(struct ip))),
ip->ip_hl==5?"":"}"); ip->ip_hl==5?"":"}");
} }
} else { /* IPv6 */
}else{ /* IPv6 */
const struct ip6_hdr *ip6; const struct ip6_hdr *ip6;
const struct sockaddr_in6 *sin6; const struct sockaddr_in6 *sin6;
@@ -2126,25 +2125,21 @@ if (hdr.version == 4) { /* IPv4 */
u32 ip6_tc = (flow & 0x0ff00000) >> 20; u32 ip6_tc = (flow & 0x0ff00000) >> 20;
/* Create a string with information relevant to the specified level of detail */ /* Create a string with information relevant to the specified level of detail */
if( detail == LOW_DETAIL ){ if (detail == LOW_DETAIL) {
Snprintf(ipinfo, sizeof(ipinfo), "hopl=%d flow=%x payloadlen=%d", Snprintf(ipinfo, sizeof(ipinfo), "hopl=%d flow=%x payloadlen=%d",
ip6->ip6_hlim, ip6_fl, ntohs(ip6->ip6_plen) ip6->ip6_hlim, ip6_fl, ntohs(ip6->ip6_plen));
); } else if (detail == MEDIUM_DETAIL) {
}else if( detail == MEDIUM_DETAIL ){
Snprintf(ipinfo, sizeof(ipinfo), "hopl=%d tclass=%d flow=%x payloadlen=%d", Snprintf(ipinfo, sizeof(ipinfo), "hopl=%d tclass=%d flow=%x payloadlen=%d",
ip6->ip6_hlim, ip6_tc, ip6_fl, ntohs(ip6->ip6_plen) ip6->ip6_hlim, ip6_tc, ip6_fl, ntohs(ip6->ip6_plen));
); } else if (detail==HIGH_DETAIL) {
}else if( detail==HIGH_DETAIL ){
Snprintf(ipinfo, sizeof(ipinfo), "ver=6, tclass=%x flow=%x payloadlen=%d nh=%s hopl=%d ", Snprintf(ipinfo, sizeof(ipinfo), "ver=6, tclass=%x flow=%x payloadlen=%d nh=%s hopl=%d ",
ip6_tc, ip6_fl, ntohs(ip6->ip6_plen), ip6_tc, ip6_fl, ntohs(ip6->ip6_plen),
nexthdrtoa(ip6->ip6_nxt, 1), ip6->ip6_hlim nexthdrtoa(ip6->ip6_nxt, 1), ip6->ip6_hlim);
); }
} }
}
/* TCP INFORMATION ***********************************************************/
/* TCP INFORMATION ***********************************************************/
if (hdr.proto == IPPROTO_TCP) { if (hdr.proto == IPPROTO_TCP) {
char tflags[10]; char tflags[10];
char tcpinfo[64] = ""; char tcpinfo[64] = "";
@@ -2152,7 +2147,6 @@ if (hdr.version == 4) { /* IPv4 */
char tcpoptinfo[256] = ""; char tcpoptinfo[256] = "";
tcp = (struct tcp_hdr *) data; tcp = (struct tcp_hdr *) data;
/* Let's parse the TCP header. The following code is very ugly because we /* Let's parse the TCP header. The following code is very ugly because we
* have to deal with a lot of different situations. We don't want to * have to deal with a lot of different situations. We don't want to
* segfault so we have to check every length and every bound to ensure we * segfault so we have to check every length and every bound to ensure we
@@ -2174,7 +2168,6 @@ if (hdr.version == 4) { /* IPv4 */
* byte TCP header. * byte TCP header.
*/ */
/* CASE 1: where we don't have the first 8 bytes of the TCP header because /* CASE 1: where we don't have the first 8 bytes of the TCP header because
* either the fragment belongs to somewhere past that or the IP contains * either the fragment belongs to somewhere past that or the IP contains
* less than 8 bytes. This also includes empty IP packets that say they * less than 8 bytes. This also includes empty IP packets that say they
@@ -2188,27 +2181,34 @@ if (hdr.version == 4) { /* IPv4 */
* have, at least, the next 8 bytes so we can see the ACK number, the * have, at least, the next 8 bytes so we can see the ACK number, the
* flags and window size. */ * flags and window size. */
else if (frag_off == 8 && datalen >= 8) { else if (frag_off == 8 && datalen >= 8) {
tcp = (struct tcp_hdr *)((u8 *) tcp - frag_off); // ugly? tcp = (struct tcp_hdr *)((u8 *) tcp - frag_off); // ugly?
/* TCP Flags */ /* TCP Flags */
p = tflags; p = tflags;
/* These are basically in tcpdump order */ /* These are basically in tcpdump order */
if (tcp->th_flags & TH_SYN) *p++ = 'S'; if (tcp->th_flags & TH_SYN)
if (tcp->th_flags & TH_FIN) *p++ = 'F'; *p++ = 'S';
if (tcp->th_flags & TH_RST) *p++ = 'R'; if (tcp->th_flags & TH_FIN)
if (tcp->th_flags & TH_PUSH) *p++ = 'P'; *p++ = 'F';
if (tcp->th_flags & TH_ACK){ *p++ = 'A'; if (tcp->th_flags & TH_RST)
*p++ = 'R';
if (tcp->th_flags & TH_PUSH)
*p++ = 'P';
if (tcp->th_flags & TH_ACK) {
*p++ = 'A';
Snprintf(tcpinfo, sizeof(tcpinfo), " ack=%lu", Snprintf(tcpinfo, sizeof(tcpinfo), " ack=%lu",
(unsigned long) ntohl(tcp->th_ack)); (unsigned long) ntohl(tcp->th_ack));
} }
if (tcp->th_flags & TH_URG) *p++ = 'U'; if (tcp->th_flags & TH_URG)
if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */ *p++ = 'U';
if (tcp->th_flags & TH_CWR) *p++ = 'C'; /* rfc 2481/3168 */ if (tcp->th_flags & TH_ECE)
*p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR)
*p++ = 'C'; /* rfc 2481/3168 */
*p++ = '\0'; *p++ = '\0';
/* TCP Options */ /* TCP Options */
if((u32) tcp->th_off * 4 > sizeof(struct tcp_hdr)) { if ((u32) tcp->th_off * 4 > sizeof(struct tcp_hdr)) {
if (datalen < (u32) tcp->th_off * 4 - frag_off) { if (datalen < (u32) tcp->th_off * 4 - frag_off) {
Snprintf(tcpoptinfo, sizeof(tcpoptinfo), "option incomplete"); Snprintf(tcpoptinfo, sizeof(tcpoptinfo), "option incomplete");
} else { } else {
@@ -2219,15 +2219,15 @@ if (hdr.version == 4) { /* IPv4 */
} }
/* Create a string with TCP information relevant to the specified level of detail */ /* Create a string with TCP information relevant to the specified level of detail */
if( detail == LOW_DETAIL ){ if (detail == LOW_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? %s %s %s %s", Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? %s %s %s %s",
srchost, dsthost, tflags, ipinfo, tcpinfo, tcpoptinfo); srchost, dsthost, tflags, ipinfo, tcpinfo, tcpoptinfo);
}else if( detail == MEDIUM_DETAIL ){ } else if (detail == MEDIUM_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? %s ack=%ul win=%hu %s IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? %s ack=%ul win=%hu %s IP [%s]",
srchost, dsthost, tflags, srchost, dsthost, tflags,
ntohl(tcp->th_ack), ntohs(tcp->th_win), ntohl(tcp->th_ack), ntohs(tcp->th_win),
tcpoptinfo, ipinfo); tcpoptinfo, ipinfo);
}else if( detail==HIGH_DETAIL ){ } else if (detail == HIGH_DETAIL) {
if (datalen >= 12) { /* We have at least bytes 8-20 */ if (datalen >= 12) { /* We have at least bytes 8-20 */
Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:?? > %s:?? %s seq=%lu ack=%lu off=%d res=%d win=%hu csum=0x%04X urp=%d%s%s] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:?? > %s:?? %s seq=%lu ack=%lu off=%d res=%d win=%hu csum=0x%04X urp=%d%s%s] IP [%s]",
srchost, dsthost, tflags, srchost, dsthost, tflags,
@@ -2236,21 +2236,19 @@ if (hdr.version == 4) { /* IPv4 */
(u8)tcp->th_off, (u8)tcp->th_x2, ntohs(tcp->th_win), (u8)tcp->th_off, (u8)tcp->th_x2, ntohs(tcp->th_win),
ntohs(tcp->th_sum), ntohs(tcp->th_urp), ntohs(tcp->th_sum), ntohs(tcp->th_urp),
(tcpoptinfo[0]!='\0') ? " " : "", (tcpoptinfo[0]!='\0') ? " " : "",
tcpoptinfo, ipinfo ); tcpoptinfo, ipinfo);
}else{ /* We only have bytes 8-16 */ } else { /* We only have bytes 8-16 */
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? %s ack=%ul win=%hu %s IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? %s ack=%ul win=%hu %s IP [%s]",
srchost, dsthost, tflags, srchost, dsthost, tflags,
ntohl(tcp->th_ack), ntohs(tcp->th_win), ntohl(tcp->th_ack), ntohs(tcp->th_win),
tcpoptinfo, ipinfo); tcpoptinfo, ipinfo);
} }
} }
} }
/* CASE 3: where the IP packet is not a fragment but for some reason, we /* CASE 3: where the IP packet is not a fragment but for some reason, we
* don't have the entire TCP header, just part of it.*/ * don't have the entire TCP header, just part of it.*/
else if (datalen > 0 && datalen < 20) { else if (datalen > 0 && datalen < 20) {
/* We only have the first 32 bits: source and dst port */ /* We only have the first 32 bits: source and dst port */
if (datalen >= 4 && datalen < 8) { if (datalen >= 4 && datalen < 8) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:%d > %s:%d ?? (incomplete) %s", Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:%d > %s:%d ?? (incomplete) %s",
@@ -2266,11 +2264,11 @@ if (hdr.version == 4) { /* IPv4 */
/* We only have the first 96 bits: ports, seq and ack number */ /* We only have the first 96 bits: ports, seq and ack number */
if (datalen >= 12 && datalen < 16) { if (datalen >= 12 && datalen < 16) {
if(detail == LOW_DETAIL){ /* We don't print ACK in low detail */ if (detail == LOW_DETAIL) { /* We don't print ACK in low detail */
Snprintf(tcpinfo, sizeof(tcpinfo), "TCP %s:%d > %s:%d seq=%lu (incomplete), %s", Snprintf(tcpinfo, sizeof(tcpinfo), "TCP %s:%d > %s:%d seq=%lu (incomplete), %s",
srchost, ntohs(tcp->th_sport), dsthost, srchost, ntohs(tcp->th_sport), dsthost,
ntohs(tcp->th_dport), (unsigned long) ntohl(tcp->th_seq), ipinfo); ntohs(tcp->th_dport), (unsigned long) ntohl(tcp->th_seq), ipinfo);
}else{ } else {
Snprintf(tcpinfo, sizeof(tcpinfo), "TCP [%s:%d > %s:%d seq=%lu ack=%lu (incomplete)] IP [%s]", Snprintf(tcpinfo, sizeof(tcpinfo), "TCP [%s:%d > %s:%d seq=%lu ack=%lu (incomplete)] IP [%s]",
srchost, ntohs(tcp->th_sport), dsthost, srchost, ntohs(tcp->th_sport), dsthost,
ntohs(tcp->th_dport), (unsigned long) ntohl(tcp->th_seq), ntohs(tcp->th_dport), (unsigned long) ntohl(tcp->th_seq),
@@ -2282,43 +2280,50 @@ if (hdr.version == 4) { /* IPv4 */
if (datalen >= 16 && datalen < 20) { if (datalen >= 16 && datalen < 20) {
p = tflags; p = tflags;
/* These are basically in tcpdump order */ /* These are basically in tcpdump order */
if (tcp->th_flags & TH_SYN) *p++ = 'S'; if (tcp->th_flags & TH_SYN)
if (tcp->th_flags & TH_FIN) *p++ = 'F'; *p++ = 'S';
if (tcp->th_flags & TH_RST) *p++ = 'R'; if (tcp->th_flags & TH_FIN)
if (tcp->th_flags & TH_PUSH) *p++ = 'P'; *p++ = 'F';
if (tcp->th_flags & TH_ACK){ *p++ = 'A'; if (tcp->th_flags & TH_RST)
*p++ = 'R';
if (tcp->th_flags & TH_PUSH)
*p++ = 'P';
if (tcp->th_flags & TH_ACK) {
*p++ = 'A';
Snprintf(buf, sizeof(buf), " ack=%lu", Snprintf(buf, sizeof(buf), " ack=%lu",
(unsigned long) ntohl(tcp->th_ack)); (unsigned long) ntohl(tcp->th_ack));
strncat(tcpinfo, buf, sizeof(tcpinfo) - strlen(tcpinfo) - 1); strncat(tcpinfo, buf, sizeof(tcpinfo) - strlen(tcpinfo) - 1);
} }
if (tcp->th_flags & TH_URG) *p++ = 'U'; if (tcp->th_flags & TH_URG)
if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */ *p++ = 'U';
if (tcp->th_flags & TH_CWR) *p++ = 'C'; /* rfc 2481/3168 */ if (tcp->th_flags & TH_ECE)
*p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR)
*p++ = 'C'; /* rfc 2481/3168 */
*p++ = '\0'; *p++ = '\0';
/* Create a string with TCP information relevant to the specified level of detail */ /* Create a string with TCP information relevant to the specified level of detail */
if(detail == LOW_DETAIL){ /* We don't print ACK in low detail */ if (detail == LOW_DETAIL) { /* We don't print ACK in low detail */
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:%d > %s:%d %s %s seq=%lu win=%hu (incomplete)", Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:%d > %s:%d %s %s seq=%lu win=%hu (incomplete)",
srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport), srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport),
tflags, ipinfo, (unsigned long) ntohl(tcp->th_seq), tflags, ipinfo, (unsigned long) ntohl(tcp->th_seq),
ntohs(tcp->th_win)); ntohs(tcp->th_win));
}else if( detail == MEDIUM_DETAIL ){ } else if (detail == MEDIUM_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu ack=%lu win=%hu (incomplete)] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu ack=%lu win=%hu (incomplete)] IP [%s]",
srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport), srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport),
tflags, (unsigned long) ntohl(tcp->th_seq), tflags, (unsigned long) ntohl(tcp->th_seq),
(unsigned long) ntohl(tcp->th_ack), (unsigned long) ntohl(tcp->th_ack),
ntohs(tcp->th_win), ipinfo); ntohs(tcp->th_win), ipinfo);
}else if( detail == HIGH_DETAIL ){ } else if (detail == HIGH_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu ack=%lu off=%d res=%d win=%hu (incomplete)] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu ack=%lu off=%d res=%d win=%hu (incomplete)] IP [%s]",
srchost, ntohs(tcp->th_sport), srchost, ntohs(tcp->th_sport),
dsthost, ntohs(tcp->th_dport), dsthost, ntohs(tcp->th_dport),
tflags, (unsigned long) ntohl(tcp->th_seq), tflags, (unsigned long) ntohl(tcp->th_seq),
(unsigned long) ntohl(tcp->th_ack), (unsigned long) ntohl(tcp->th_ack),
(u8)tcp->th_off, (u8)tcp->th_x2, ntohs(tcp->th_win), (u8)tcp->th_off, (u8)tcp->th_x2, ntohs(tcp->th_win),
ipinfo ); ipinfo);
} }
} }
} }
@@ -2329,26 +2334,32 @@ if (hdr.version == 4) { /* IPv4 */
/* TCP Flags */ /* TCP Flags */
p = tflags; p = tflags;
/* These are basically in tcpdump order */ /* These are basically in tcpdump order */
if (tcp->th_flags & TH_SYN) *p++ = 'S'; if (tcp->th_flags & TH_SYN)
if (tcp->th_flags & TH_FIN) *p++ = 'F'; *p++ = 'S';
if (tcp->th_flags & TH_RST) *p++ = 'R'; if (tcp->th_flags & TH_FIN)
if (tcp->th_flags & TH_PUSH) *p++ = 'P'; *p++ = 'F';
if (tcp->th_flags & TH_ACK){ *p++ = 'A'; if (tcp->th_flags & TH_RST)
*p++ = 'R';
if (tcp->th_flags & TH_PUSH)
*p++ = 'P';
if (tcp->th_flags & TH_ACK) {
*p++ = 'A';
Snprintf(buf, sizeof(buf), " ack=%lu", Snprintf(buf, sizeof(buf), " ack=%lu",
(unsigned long) ntohl(tcp->th_ack)); (unsigned long) ntohl(tcp->th_ack));
strncat(tcpinfo, buf, sizeof(tcpinfo) - strlen(tcpinfo) - 1); strncat(tcpinfo, buf, sizeof(tcpinfo) - strlen(tcpinfo) - 1);
} }
if (tcp->th_flags & TH_URG) *p++ = 'U'; if (tcp->th_flags & TH_URG)
if (tcp->th_flags & TH_ECE) *p++ = 'E'; /* rfc 2481/3168 */ *p++ = 'U';
if (tcp->th_flags & TH_CWR) *p++ = 'C'; /* rfc 2481/3168 */ if (tcp->th_flags & TH_ECE)
*p++ = 'E'; /* rfc 2481/3168 */
if (tcp->th_flags & TH_CWR)
*p++ = 'C'; /* rfc 2481/3168 */
*p++ = '\0'; *p++ = '\0';
/* TCP Options */ /* TCP Options */
if((u32) tcp->th_off * 4 > sizeof(struct tcp_hdr)) { if ((u32) tcp->th_off * 4 > sizeof(struct tcp_hdr)) {
if (datalen < (unsigned int) tcp->th_off * 4) { if (datalen < (unsigned int) tcp->th_off * 4) {
Snprintf(tcpoptinfo, sizeof(tcpoptinfo), "option incomplete"); Snprintf(tcpoptinfo, sizeof(tcpoptinfo), "option incomplete");
} else { } else {
tcppacketoptinfo((u8*) tcp + sizeof(struct tcp_hdr), tcppacketoptinfo((u8*) tcp + sizeof(struct tcp_hdr),
tcp->th_off*4 - sizeof(struct tcp_hdr), tcp->th_off*4 - sizeof(struct tcp_hdr),
@@ -2357,19 +2368,19 @@ if (hdr.version == 4) { /* IPv4 */
} }
/* Rest of header fields */ /* Rest of header fields */
if( detail == LOW_DETAIL ){ if (detail == LOW_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:%d > %s:%d %s %s seq=%lu win=%hu %s", Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:%d > %s:%d %s %s seq=%lu win=%hu %s",
srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport), srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport),
tflags, ipinfo, (unsigned long) ntohl(tcp->th_seq), tflags, ipinfo, (unsigned long) ntohl(tcp->th_seq),
ntohs(tcp->th_win), tcpoptinfo); ntohs(tcp->th_win), tcpoptinfo);
}else if( detail == MEDIUM_DETAIL ){ } else if (detail == MEDIUM_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu win=%hu csum=0x%04X%s%s] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu win=%hu csum=0x%04X%s%s] IP [%s]",
srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport), srchost, ntohs(tcp->th_sport), dsthost, ntohs(tcp->th_dport),
tflags, (unsigned long) ntohl(tcp->th_seq), tflags, (unsigned long) ntohl(tcp->th_seq),
ntohs(tcp->th_win), ntohs(tcp->th_sum), ntohs(tcp->th_win), ntohs(tcp->th_sum),
(tcpoptinfo[0]!='\0') ? " " : "", (tcpoptinfo[0]!='\0') ? " " : "",
tcpoptinfo, ipinfo ); tcpoptinfo, ipinfo);
}else if( detail==HIGH_DETAIL ){ } else if (detail == HIGH_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu ack=%lu off=%d res=%d win=%hu csum=0x%04X urp=%d%s%s] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "TCP [%s:%d > %s:%d %s seq=%lu ack=%lu off=%d res=%d win=%hu csum=0x%04X urp=%d%s%s] IP [%s]",
srchost, ntohs(tcp->th_sport), srchost, ntohs(tcp->th_sport),
dsthost, ntohs(tcp->th_dport), dsthost, ntohs(tcp->th_dport),
@@ -2378,71 +2389,68 @@ if (hdr.version == 4) { /* IPv4 */
(u8)tcp->th_off, (u8)tcp->th_x2, ntohs(tcp->th_win), (u8)tcp->th_off, (u8)tcp->th_x2, ntohs(tcp->th_win),
ntohs(tcp->th_sum), ntohs(tcp->th_urp), ntohs(tcp->th_sum), ntohs(tcp->th_urp),
(tcpoptinfo[0]!='\0') ? " " : "", (tcpoptinfo[0]!='\0') ? " " : "",
tcpoptinfo, ipinfo ); tcpoptinfo, ipinfo);
} }
} } else{
else{
/* If the packet does not fall into any other category, then we have a /* If the packet does not fall into any other category, then we have a
* really screwed up packet. */ really screwed-up packet. */
Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? ?? %s (invalid TCP)", Snprintf(protoinfo, sizeof(protoinfo), "TCP %s:?? > %s:?? ?? %s (invalid TCP)",
srchost, dsthost, ipinfo); srchost, dsthost, ipinfo);
} }
/* UDP INFORMATION ***********************************************************/
/* UDP INFORMATION ***********************************************************/
} else if (hdr.proto == IPPROTO_UDP && frag_off) { } else if (hdr.proto == IPPROTO_UDP && frag_off) {
Snprintf(protoinfo, sizeof(protoinfo), "UDP %s:?? > %s:?? fragment %s (incomplete)", srchost, dsthost, ipinfo); Snprintf(protoinfo, sizeof(protoinfo), "UDP %s:?? > %s:?? fragment %s (incomplete)",
srchost, dsthost, ipinfo);
} else if (hdr.proto == IPPROTO_UDP) { } else if (hdr.proto == IPPROTO_UDP) {
udp = (struct udp_hdr *) data; udp = (struct udp_hdr *) data;
/* TODO: See if we can segfault if we receive a fragmented packet whose IP packet does not say a thing about fragmentation */ /* TODO: See if we can segfault if we receive a fragmented packet whose IP packet does not say a thing about fragmentation */
if (detail == LOW_DETAIL) {
if( detail == LOW_DETAIL ){
Snprintf(protoinfo, sizeof(protoinfo), "UDP %s:%d > %s:%d %s", Snprintf(protoinfo, sizeof(protoinfo), "UDP %s:%d > %s:%d %s",
srchost, ntohs(udp->uh_sport), dsthost, ntohs(udp->uh_dport), srchost, ntohs(udp->uh_sport), dsthost, ntohs(udp->uh_dport),
ipinfo); ipinfo);
}else if( detail == MEDIUM_DETAIL ){ } else if (detail == MEDIUM_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "UDP [%s:%d > %s:%d csum=0x%04X] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "UDP [%s:%d > %s:%d csum=0x%04X] IP [%s]",
srchost, ntohs(udp->uh_sport), dsthost, ntohs(udp->uh_dport), ntohs(udp->uh_sum), srchost, ntohs(udp->uh_sport), dsthost, ntohs(udp->uh_dport), ntohs(udp->uh_sum),
ipinfo); ipinfo);
}else if( detail==HIGH_DETAIL ){ } else if (detail == HIGH_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "UDP [%s:%d > %s:%d len=%d csum=0x%04X] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "UDP [%s:%d > %s:%d len=%d csum=0x%04X] IP [%s]",
srchost, ntohs(udp->uh_sport), dsthost, ntohs(udp->uh_dport), srchost, ntohs(udp->uh_sport), dsthost, ntohs(udp->uh_dport),
ntohs(udp->uh_ulen), ntohs(udp->uh_sum), ntohs(udp->uh_ulen), ntohs(udp->uh_sum),
ipinfo); ipinfo);
} }
/* SCTP INFORMATION **********************************************************/
/* SCTP INFORMATION **********************************************************/
} else if (hdr.proto == IPPROTO_SCTP && frag_off) { } else if (hdr.proto == IPPROTO_SCTP && frag_off) {
Snprintf(protoinfo, sizeof(protoinfo), "SCTP %s:?? > %s:?? fragment %s (incomplete)", srchost, dsthost, ipinfo); Snprintf(protoinfo, sizeof(protoinfo), "SCTP %s:?? > %s:?? fragment %s (incomplete)",
srchost, dsthost, ipinfo);
} else if (hdr.proto == IPPROTO_SCTP) { } else if (hdr.proto == IPPROTO_SCTP) {
sctp = (struct sctp_hdr *) data; sctp = (struct sctp_hdr *) data;
if( detail == LOW_DETAIL ){ if (detail == LOW_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "SCTP %s:%d > %s:%d %s", Snprintf(protoinfo, sizeof(protoinfo), "SCTP %s:%d > %s:%d %s",
srchost, ntohs(sctp->sh_sport), dsthost, ntohs(sctp->sh_dport), srchost, ntohs(sctp->sh_sport), dsthost, ntohs(sctp->sh_dport),
ipinfo); ipinfo);
}else if( detail == MEDIUM_DETAIL ){ } else if (detail == MEDIUM_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "SCTP [%s:%d > %s:%d csum=0x%04x] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "SCTP [%s:%d > %s:%d csum=0x%04x] IP [%s]",
srchost, ntohs(sctp->sh_sport), dsthost, ntohs(sctp->sh_dport), ntohl(sctp->sh_sum), srchost, ntohs(sctp->sh_sport), dsthost, ntohs(sctp->sh_dport), ntohl(sctp->sh_sum),
ipinfo); ipinfo);
}else if( detail==HIGH_DETAIL ){ } else if (detail == HIGH_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "SCTP [%s:%d > %s:%d vtag=%ul csum=0x%08x] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "SCTP [%s:%d > %s:%d vtag=%ul csum=0x%08x] IP [%s]",
srchost, ntohs(sctp->sh_sport), dsthost, ntohs(sctp->sh_dport), srchost, ntohs(sctp->sh_sport), dsthost, ntohs(sctp->sh_dport),
ntohl(sctp->sh_sum), ntohl(sctp->sh_vtag), ntohl(sctp->sh_sum), ntohl(sctp->sh_vtag),
ipinfo); ipinfo);
} }
/* ICMP INFORMATION **********************************************************/
/* ICMP INFORMATION **********************************************************/
} else if (hdr.proto == IPPROTO_ICMP && frag_off) { } else if (hdr.proto == IPPROTO_ICMP && frag_off) {
Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s fragment %s (incomplete)", srchost, dsthost, ipinfo); Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s fragment %s (incomplete)",
srchost, dsthost, ipinfo);
} else if (hdr.proto == IPPROTO_ICMP) { } else if (hdr.proto == IPPROTO_ICMP) {
struct ip *ip2; /* Points to the IP datagram carried by some ICMP messages */ struct ip *ip2; /* Points to the IP datagram carried by some ICMP messages */
char *ip2dst; /* Dest IP in caried IP datagram */ char *ip2dst; /* Dest IP in caried IP datagram */
u16 *nextmtu=NULL; /* Store next hop MTU when ICMP==Frag required */ u16 *nextmtu = NULL; /* Store next hop MTU when ICMP==Frag required */
char auxbuff[128]; /* Aux buffer */ char auxbuff[128]; /* Aux buffer */
struct icmp_packet{ /* Generic ICMP struct */ struct icmp_packet{ /* Generic ICMP struct */
u8 type; u8 type;
@@ -2462,7 +2470,7 @@ if (hdr.version == 4) { /* IPv4 */
u8 code; u8 code;
u16 checksum; u16 checksum;
u32 addr; u32 addr;
} *icmpredir=NULL; } *icmpredir = NULL;
struct icmp_router{ struct icmp_router{
u8 type; u8 type;
u8 code; u8 code;
@@ -2470,7 +2478,7 @@ if (hdr.version == 4) { /* IPv4 */
u8 addrs; u8 addrs;
u8 addrlen; u8 addrlen;
u16 lifetime; u16 lifetime;
} *icmprouter=NULL; } *icmprouter = NULL;
struct icmp_param{ struct icmp_param{
u8 type; u8 type;
u8 code; u8 code;
@@ -2478,7 +2486,7 @@ if (hdr.version == 4) { /* IPv4 */
u8 pnt; u8 pnt;
u8 unused; u8 unused;
u16 unused2; u16 unused2;
} *icmpparam=NULL; } *icmpparam = NULL;
struct icmp_tstamp{ struct icmp_tstamp{
u8 type; u8 type;
u8 code; u8 code;
@@ -2488,7 +2496,7 @@ if (hdr.version == 4) { /* IPv4 */
u32 orig; u32 orig;
u32 recv; u32 recv;
u32 trans; u32 trans;
} *icmptstamp=NULL; } *icmptstamp = NULL;
struct icmp_mask{ struct icmp_mask{
u8 type; u8 type;
u8 code; u8 code;
@@ -2496,7 +2504,7 @@ if (hdr.version == 4) { /* IPv4 */
u16 id; u16 id;
u16 seq; u16 seq;
u32 mask; u32 mask;
} *icmpmask=NULL; } *icmpmask = NULL;
/* Compute the ICMP minimum length. */ /* Compute the ICMP minimum length. */
unsigned pktlen = 8; unsigned pktlen = 8;
@@ -2509,11 +2517,10 @@ if (hdr.version == 4) { /* IPv4 */
icmppkt = (struct icmp_packet *) data; icmppkt = (struct icmp_packet *) data;
switch(icmppkt->type) { switch(icmppkt->type) {
/* Echo Reply **************************/ /* Echo Reply **************************/
case 0: case 0:
strcpy(icmptype, "Echo reply"); strcpy(icmptype, "Echo reply");
Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq) ); Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq));
break; break;
/* Destination Unreachable *************/ /* Destination Unreachable *************/
@@ -2522,14 +2529,15 @@ if (hdr.version == 4) { /* IPv4 */
ip2 = (struct ip *) (data + 8); ip2 = (struct ip *) (data + 8);
/* Check we have a full IP datagram included in the ICMP message */ /* Check we have a full IP datagram included in the ICMP message */
pktlen += MAX( (ip2->ip_hl * 4), 20 ); pktlen += MAX( (ip2->ip_hl * 4), 20);
if (pktlen > datalen) { if (pktlen > datalen) {
if(datalen == 8) if (datalen == 8) {
Snprintf(icmptype, sizeof icmptype, "Destination unreachable%s", Snprintf(icmptype, sizeof icmptype, "Destination unreachable%s",
(detail!=LOW_DETAIL)? " (original datagram missing)" : "" ); (detail!=LOW_DETAIL)? " (original datagram missing)" : "");
else } else {
Snprintf(icmptype, sizeof icmptype, "Destination unreachable%s", Snprintf(icmptype, sizeof icmptype, "Destination unreachable%s",
(detail!=LOW_DETAIL)? " (part of original datagram missing)" : "" ); (detail!=LOW_DETAIL)? " (part of original datagram missing)" : "");
}
goto icmpbad; goto icmpbad;
} }
@@ -2538,11 +2546,10 @@ if (hdr.version == 4) { /* IPv4 */
* see if it validates becuase just checking the version number * see if it validates becuase just checking the version number
* is not enough. On average, if we get random data 1 out of * is not enough. On average, if we get random data 1 out of
* 16 (2^4bits) times we will have value 4. */ * 16 (2^4bits) times we will have value 4. */
if( (ip2->ip_v != (u8)4) || ((ip2->ip_hl * 4)<20) || ((ip2->ip_hl * 4)>60) ){ if ((ip2->ip_v != 4) || ((ip2->ip_hl * 4) < 20) || ((ip2->ip_hl * 4) > 60)) {
Snprintf(icmptype, sizeof icmptype, "Destination unreachable (bogus original datagram)"); Snprintf(icmptype, sizeof icmptype, "Destination unreachable (bogus original datagram)");
goto icmpbad; goto icmpbad;
}else } else {
/* We have the original datagram + the first 8 bytes of the /* We have the original datagram + the first 8 bytes of the
* transport layer header */ * transport layer header */
if (pktlen + 8 < datalen) { if (pktlen + 8 < datalen) {
@@ -2550,6 +2557,7 @@ if (hdr.version == 4) { /* IPv4 */
udp = (struct udp_hdr *) ((char *) ip2 + (ip2->ip_hl * 4)); udp = (struct udp_hdr *) ((char *) ip2 + (ip2->ip_hl * 4));
sctp = (struct sctp_hdr *) ((char *) ip2 + (ip2->ip_hl * 4)); sctp = (struct sctp_hdr *) ((char *) ip2 + (ip2->ip_hl * 4));
} }
}
/* Determine the IP the original datagram was sent to */ /* Determine the IP the original datagram was sent to */
ip2dst = inet_ntoa(ip2->ip_dst); ip2dst = inet_ntoa(ip2->ip_dst);
@@ -2586,7 +2594,7 @@ if (hdr.version == 4) { /* IPv4 */
case 4: case 4:
strcpy(icmptype, "Fragmentation required"); strcpy(icmptype, "Fragmentation required");
nextmtu = (u16 *)(&(icmppkt->data[6])); nextmtu = (u16 *)(&(icmppkt->data[6]));
Snprintf(icmpfields, sizeof(icmpfields), "Next-Hop-MTU=%u", ntohs(*nextmtu) ); Snprintf(icmpfields, sizeof(icmpfields), "Next-Hop-MTU=%u", ntohs(*nextmtu));
break; break;
case 5: case 5:
@@ -2651,29 +2659,30 @@ if (hdr.version == 4) { /* IPv4 */
strcpy(icmptype, "Network redirect"); strcpy(icmptype, "Network redirect");
else if (ping->code == 1) else if (ping->code == 1)
strcpy(icmptype, "Host redirect"); strcpy(icmptype, "Host redirect");
else strcpy(icmptype, "Redirect (unknown code)"); else
icmpredir=(struct icmp_redir *)icmppkt; strcpy(icmptype, "Redirect (unknown code)");
inet_ntop(AF_INET, &icmpredir->addr, auxbuff, sizeof(auxbuff) ); icmpredir = (struct icmp_redir *) icmppkt;
inet_ntop(AF_INET, &icmpredir->addr, auxbuff, sizeof(auxbuff));
Snprintf(icmpfields, sizeof(icmpfields), "addr=%s", auxbuff); Snprintf(icmpfields, sizeof(icmpfields), "addr=%s", auxbuff);
break; break;
/* Echo Request ************************/ /* Echo Request ************************/
case 8: case 8:
strcpy(icmptype, "Echo request"); strcpy(icmptype, "Echo request");
Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq) ); Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq));
break; break;
/* Router Advertisement ****************/ /* Router Advertisement ****************/
case 9: case 9:
if(icmppkt->code==16) if (icmppkt->code == 16)
strcpy(icmptype, "Router advertisement (Mobile Agent Only)"); strcpy(icmptype, "Router advertisement (Mobile Agent Only)");
else else
strcpy(icmptype, "Router advertisement"); strcpy(icmptype, "Router advertisement");
icmprouter=(struct icmp_router *)icmppkt; icmprouter = (struct icmp_router *) icmppkt;
Snprintf(icmpfields, sizeof(icmpfields), "addrs=%u addrlen=%u lifetime=%d", Snprintf(icmpfields, sizeof(icmpfields), "addrs=%u addrlen=%u lifetime=%d",
icmprouter->addrs, icmprouter->addrs,
icmprouter->addrlen, icmprouter->addrlen,
ntohs(icmprouter->lifetime) ); ntohs(icmprouter->lifetime));
break; break;
/* Router Solicitation *****************/ /* Router Solicitation *****************/
@@ -2687,7 +2696,8 @@ if (hdr.version == 4) { /* IPv4 */
strcpy(icmptype, "TTL=0 during transit"); strcpy(icmptype, "TTL=0 during transit");
else if (icmppkt->code == 1) else if (icmppkt->code == 1)
strcpy(icmptype, "TTL=0 during reassembly"); strcpy(icmptype, "TTL=0 during reassembly");
else strcpy(icmptype, "TTL exceeded (unknown code)"); else
strcpy(icmptype, "TTL exceeded (unknown code)");
break; break;
/* Parameter Problem *******************/ /* Parameter Problem *******************/
@@ -2700,40 +2710,40 @@ if (hdr.version == 4) { /* IPv4 */
strcpy(icmptype, "Parameter problem (bad length)"); strcpy(icmptype, "Parameter problem (bad length)");
else else
strcpy(icmptype, "Parameter problem (unknown code)"); strcpy(icmptype, "Parameter problem (unknown code)");
icmpparam=(struct icmp_param *)icmppkt; icmpparam = (struct icmp_param *) icmppkt;
Snprintf(icmpfields, sizeof(icmpfields), "pointer=%d", icmpparam->pnt); Snprintf(icmpfields, sizeof(icmpfields), "pointer=%d", icmpparam->pnt);
break; break;
/* Timestamp Request/Reply *************/ /* Timestamp Request/Reply *************/
case 13: case 13:
case 14: case 14:
Snprintf(icmptype, sizeof(icmptype), "Timestamp %s", (icmppkt->type==13)? "request" : "reply" ); Snprintf(icmptype, sizeof(icmptype), "Timestamp %s", (icmppkt->type == 13)? "request" : "reply");
icmptstamp=(struct icmp_tstamp *)icmppkt; icmptstamp = (struct icmp_tstamp *) icmppkt;
Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u orig=%lu recv=%lu trans=%lu", Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u orig=%lu recv=%lu trans=%lu",
ntohs(icmptstamp->id), ntohs(icmptstamp->seq), ntohs(icmptstamp->id), ntohs(icmptstamp->seq),
(unsigned long)ntohl(icmptstamp->orig), (unsigned long)ntohl(icmptstamp->orig),
(unsigned long)ntohl(icmptstamp->recv), (unsigned long)ntohl(icmptstamp->recv),
(unsigned long)ntohl(icmptstamp->trans) ); (unsigned long)ntohl(icmptstamp->trans));
break; break;
/* Information Request *****************/ /* Information Request *****************/
case 15: case 15:
strcpy(icmptype, "Information request"); strcpy(icmptype, "Information request");
Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq) ); Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq));
break; break;
/* Information Reply *******************/ /* Information Reply *******************/
case 16: case 16:
strcpy(icmptype, "Information reply"); strcpy(icmptype, "Information reply");
Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq) ); Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u", ntohs(ping->id), ntohs(ping->seq));
break; break;
/* Netmask Request/Reply ***************/ /* Netmask Request/Reply ***************/
case 17: case 17:
case 18: case 18:
Snprintf(icmptype, sizeof(icmptype), "Address mask %s", (icmppkt->type==17)? "request" : "reply" ); Snprintf(icmptype, sizeof(icmptype), "Address mask %s", (icmppkt->type == 17)? "request" : "reply");
icmpmask=(struct icmp_mask *)icmppkt; icmpmask = (struct icmp_mask *) icmppkt;
inet_ntop(AF_INET, &icmpmask->mask, auxbuff, sizeof(auxbuff) ); inet_ntop(AF_INET, &icmpmask->mask, auxbuff, sizeof(auxbuff));
Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u mask=%s", Snprintf(icmpfields, sizeof(icmpfields), "id=%u seq=%u mask=%s",
ntohs(ping->id), ntohs(ping->seq), auxbuff); ntohs(ping->id), ntohs(ping->seq), auxbuff);
break; break;
@@ -2763,9 +2773,8 @@ if (hdr.version == 4) { /* IPv4 */
break; break;
} /* End of ICMP Type switch */ } /* End of ICMP Type switch */
if (pktlen > datalen) { if (pktlen > datalen) {
icmpbad: icmpbad:
if (ping) { if (ping) {
/* We still have this information */ /* We still have this information */
Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s %s (type=%d/code=%d) %s", Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s %s (type=%d/code=%d) %s",
@@ -2775,35 +2784,33 @@ if (hdr.version == 4) { /* IPv4 */
srchost, dsthost, ipinfo); srchost, dsthost, ipinfo);
} }
} else { } else {
if(ping) if (ping)
sprintf(icmpinfo,"type=%d/code=%d", ping->type, ping->code); sprintf(icmpinfo,"type=%d/code=%d", ping->type, ping->code);
else else
strncpy(icmpinfo,"type=?/code=?", sizeof(icmpinfo) ); strncpy(icmpinfo,"type=?/code=?", sizeof(icmpinfo));
if( detail==LOW_DETAIL ){ if (detail == LOW_DETAIL) {
Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s %s (%s) %s", Snprintf(protoinfo, sizeof(protoinfo), "ICMP %s > %s %s (%s) %s",
srchost, dsthost, icmptype, icmpinfo, ipinfo); srchost, dsthost, icmptype, icmpinfo, ipinfo);
}else{ } else {
Snprintf(protoinfo, sizeof(protoinfo), "ICMP [%s > %s %s (%s) %s] IP [%s]", Snprintf(protoinfo, sizeof(protoinfo), "ICMP [%s > %s %s (%s) %s] IP [%s]",
srchost, dsthost, icmptype, icmpinfo, icmpfields, ipinfo); srchost, dsthost, icmptype, icmpinfo, icmpfields, ipinfo);
} }
} }
/* UNKNOWN PROTOCOL **********************************************************/ /* UNKNOWN PROTOCOL **********************************************************/
} else if( hdr.proto == IPPROTO_ICMPV6){ } else if (hdr.proto == IPPROTO_ICMPV6) {
const struct icmpv6_hdr *icmpv6; const struct icmpv6_hdr *icmpv6;
icmpv6 = (struct icmpv6_hdr *) data; icmpv6 = (struct icmpv6_hdr *) data;
Snprintf(protoinfo, sizeof(protoinfo), "ICMPv6 (%d) %s > %s (type=%d/code=%d) %s", Snprintf(protoinfo, sizeof(protoinfo), "ICMPv6 (%d) %s > %s (type=%d/code=%d) %s",
hdr.proto, srchost, dsthost, hdr.proto, srchost, dsthost,
icmpv6->icmpv6_type, icmpv6->icmpv6_code, ipinfo); icmpv6->icmpv6_type, icmpv6->icmpv6_code, ipinfo);
}else{ } else {
if (nexthdrtoa(hdr.proto, 1) == NULL) {
if( nexthdrtoa(hdr.proto, 1) == NULL ){
Snprintf(protoinfo, sizeof(protoinfo), "Unknown protocol (%d) %s > %s: %s", Snprintf(protoinfo, sizeof(protoinfo), "Unknown protocol (%d) %s > %s: %s",
hdr.proto, srchost, dsthost, ipinfo); hdr.proto, srchost, dsthost, ipinfo);
}else{ } else {
Snprintf(protoinfo, sizeof(protoinfo), "%s (%d) %s > %s: %s", Snprintf(protoinfo, sizeof(protoinfo), "%s (%d) %s > %s: %s",
nexthdrtoa(hdr.proto, 1), hdr.proto, srchost, dsthost, ipinfo); nexthdrtoa(hdr.proto, 1), hdr.proto, srchost, dsthost, ipinfo);
} }