2 * Routines for OSPF packet disassembly
3 * (c) Copyright Hannes R. Boehm <hannes@boehm.org>
5 * $Id: packet-ospf.c,v 1.10 1999/03/23 03:14:42 gram Exp $
7 * At this time, this module is able to analyze OSPF
8 * packets as specified in RFC2328. MOSPF (RFC1584) and other
9 * OSPF Extensions which introduce new Packet types
10 * (e.g the External Atributes LSA) are not supported.
12 * TOS - support is not fully implemented
14 * Ethereal - Network traffic analyzer
15 * By Gerald Combs <gerald@zing.org>
16 * Copyright 1998 Gerald Combs
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version 2
22 * of the License, or (at your option) any later version.
24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with this program; if not, write to the Free Software
31 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
38 #ifdef HAVE_SYS_TYPES_H
39 # include <sys/types.h>
42 #ifdef HAVE_NETINET_IN_H
43 # include <netinet/in.h>
51 #include "packet-ospf.h"
55 dissect_ospf(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
58 proto_tree *ospf_tree = NULL;
60 proto_tree *ospf_header_tree;
63 static value_string pt_vals[] = { {OSPF_HELLO, "Hello Packet" },
64 {OSPF_DB_DESC, "DB Descr." },
65 {OSPF_LS_REQ, "LS Request" },
66 {OSPF_LS_UPD, "LS Update" },
67 {OSPF_LS_ACK, "LS Acknowledge" },
70 memcpy(&ospfh, &pd[offset], sizeof(e_ospfhdr));
72 packet_type = match_strval(ospfh.packet_type, pt_vals);
73 if (check_col(fd, COL_PROTOCOL))
74 col_add_str(fd, COL_PROTOCOL, "OSPF");
75 if (check_col(fd, COL_INFO)) {
76 if (packet_type != NULL)
77 col_add_str(fd, COL_INFO, packet_type);
79 col_add_fstr(fd, COL_INFO, "Unknown (%d)", ospfh.packet_type);
83 ti = proto_tree_add_item(tree, offset, ntohs(ospfh.length), "Open Shortest Path First");
84 ospf_tree = proto_tree_new();
85 proto_item_add_subtree(ti, ospf_tree, ETT_OSPF);
87 ti = proto_tree_add_item(ospf_tree, offset, OSPF_HEADER_LENGTH, "OSPF Header");
88 ospf_header_tree = proto_tree_new();
89 proto_item_add_subtree(ti, ospf_header_tree, ETT_OSPF_HDR);
91 proto_tree_add_item(ospf_header_tree, offset, 1, "OSPF Version: %d", ospfh.version);
92 proto_tree_add_item(ospf_header_tree, offset + 1 , 1, "OSPF Packet Type: %d (%s)",
94 (packet_type != NULL ?
97 proto_tree_add_item(ospf_header_tree, offset + 2 , 2, "Packet Length: %d",
99 proto_tree_add_item(ospf_header_tree, offset + 4 , 4, "Source OSPF Router ID: %s",
101 ip_to_str((guint8 *) &(ospfh.routerid)));
103 proto_tree_add_item(ospf_header_tree, offset + 8 , 4, "Area ID: Backbone");
105 proto_tree_add_item(ospf_header_tree, offset + 8 , 4, "Area ID: %s", ip_to_str((guint8 *) &(ospfh.area)));
107 proto_tree_add_item(ospf_header_tree, offset + 12 , 2, "Packet Checksum: 0x%x",
108 ntohs(ospfh.checksum));
109 switch( ntohs(ospfh.auth_type) ) {
111 proto_tree_add_item(ospf_header_tree, offset + 14 , 2, "Auth Type: none");
112 proto_tree_add_item(ospf_header_tree, offset + 16 , 8, "Auth Data (none)");
114 case OSPF_AUTH_SIMPLE:
115 proto_tree_add_item(ospf_header_tree, offset + 14 , 2, "Auth Type: simple");
116 strncpy(auth_data, (char *) &ospfh.auth_data, 8);
117 proto_tree_add_item(ospf_header_tree, offset + 16 , 8, "Auth Data: %s", auth_data);
119 case OSPF_AUTH_CRYPT:
120 proto_tree_add_item(ospf_header_tree, offset + 14 , 2, "Auth Type: crypt");
121 proto_tree_add_item(ospf_header_tree, offset + 16 , 8, "Auth Data (crypt)");
124 proto_tree_add_item(ospf_header_tree, offset + 14 , 2, "Auth Type (unknown)");
125 proto_tree_add_item(ospf_header_tree, offset + 16 , 8, "Auth Data (unknown)");
130 /* Skip over header */
131 offset += OSPF_HEADER_LENGTH;
132 switch(ospfh.packet_type){
134 dissect_ospf_hello(pd, offset, fd, ospf_tree);
137 dissect_ospf_db_desc(pd, offset, fd, ospf_tree);
140 dissect_ospf_ls_req(pd, offset, fd, ospf_tree);
143 dissect_ospf_ls_upd(pd, offset, fd, ospf_tree);
146 dissect_ospf_ls_ack(pd, offset, fd, ospf_tree);
149 dissect_data(pd, offset, fd, tree);
154 dissect_ospf_hello(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
155 e_ospf_hello ospfhello;
156 guint32 *ospfneighbor;
160 proto_tree *ospf_hello_tree;
163 memcpy(&ospfhello, &pd[offset], sizeof(e_ospf_hello));
166 ti = proto_tree_add_item(tree, offset, (fd->cap_len - offset) , "OSPF Hello Packet");
167 ospf_hello_tree = proto_tree_new();
168 proto_item_add_subtree(ti, ospf_hello_tree, ETT_OSPF_HELLO);
171 proto_tree_add_item(ospf_hello_tree, offset , 4, "Network Mask: %s", ip_to_str((guint8 *) &ospfhello.network_mask));
172 proto_tree_add_item(ospf_hello_tree, offset + 4, 2, "Hello Interval: %d seconds", ntohs(ospfhello.hellointervall));
174 /* ATTENTION !!! no check for length of options string */
176 if(( ospfhello.options & OSPF_OPTIONS_E ) == OSPF_OPTIONS_E){
177 strcpy( (char *)(options + options_offset), "E");
180 if(( ospfhello.options & OSPF_OPTIONS_MC ) == OSPF_OPTIONS_MC){
181 strcpy((char *) (options + options_offset), "/MC");
184 if(( ospfhello.options & OSPF_OPTIONS_NP ) == OSPF_OPTIONS_NP){
185 strcpy((char *) (options + options_offset), "/NP");
188 if(( ospfhello.options & OSPF_OPTIONS_EA ) == OSPF_OPTIONS_EA){
189 strcpy((char *) (options + options_offset) , "/EA");
192 if(( ospfhello.options & OSPF_OPTIONS_DC ) == OSPF_OPTIONS_DC){
193 strcpy((char *) (options + options_offset) , "/DC");
197 proto_tree_add_item(ospf_hello_tree, offset + 6, 1, "Options: %d (%s)", ospfhello.options, options);
198 proto_tree_add_item(ospf_hello_tree, offset + 7, 1, "Router Priority: %d", ospfhello.priority);
199 proto_tree_add_item(ospf_hello_tree, offset + 8, 4, "Router Dead Interval: %ld seconds", (long)ntohl(ospfhello.dead_interval));
200 proto_tree_add_item(ospf_hello_tree, offset + 12, 4, "Designated Router: %s", ip_to_str((guint8 *) &ospfhello.drouter));
201 proto_tree_add_item(ospf_hello_tree, offset + 16, 4, "Backup Designated Router: %s", ip_to_str((guint8 *) &ospfhello.bdrouter));
205 while(((int)(fd->cap_len - offset)) >= 4){
206 printf("%d", fd->cap_len - offset);
207 ospfneighbor=(guint32 *) &pd[offset];
208 proto_tree_add_item(ospf_hello_tree, offset, 4, "Active Neighbor: %s", ip_to_str((guint8 *) ospfneighbor));
215 dissect_ospf_db_desc(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
222 proto_tree *ospf_db_desc_tree=NULL;
225 memcpy(&ospf_dbd, &pd[offset], sizeof(e_ospf_dbd));
228 ti = proto_tree_add_item(tree, offset, (fd->cap_len - offset) , "OSPF DB Description");
229 ospf_db_desc_tree = proto_tree_new();
230 proto_item_add_subtree(ti, ospf_db_desc_tree, ETT_OSPF_DESC);
232 proto_tree_add_item(ospf_db_desc_tree, offset, 2, "Interface MTU: %d", ntohs(ospf_dbd.interface_mtu) );
236 if(( ospf_dbd.options & OSPF_OPTIONS_E ) == OSPF_OPTIONS_E){
237 strcpy( (char *)(options + options_offset), "_E_");
240 if(( ospf_dbd.options & OSPF_OPTIONS_MC ) == OSPF_OPTIONS_MC){
241 strcpy((char *) (options + options_offset), "_MC_");
244 if(( ospf_dbd.options & OSPF_OPTIONS_NP ) == OSPF_OPTIONS_NP){
245 strcpy((char *) (options + options_offset), "_NP_");
248 if(( ospf_dbd.options & OSPF_OPTIONS_EA ) == OSPF_OPTIONS_EA){
249 strcpy((char *) (options + options_offset) , "_EA_");
252 if(( ospf_dbd.options & OSPF_OPTIONS_DC ) == OSPF_OPTIONS_DC){
253 strcpy((char *) (options + options_offset) , "_DC_");
257 proto_tree_add_item(ospf_db_desc_tree, offset + 2 , 1, "Options: %d (%s)", ospf_dbd.options, options );
261 if(( ospf_dbd.flags & OSPF_DBD_FLAG_MS ) == OSPF_DBD_FLAG_MS){
262 strcpy( (char *)(flags + flags_offset), "_I_");
265 if(( ospf_dbd.flags & OSPF_DBD_FLAG_M ) == OSPF_DBD_FLAG_M){
266 strcpy((char *) (flags + flags_offset), "_M_");
269 if(( ospf_dbd.flags & OSPF_DBD_FLAG_I ) == OSPF_DBD_FLAG_I){
270 strcpy((char *) (flags + flags_offset), "_I_");
274 proto_tree_add_item(ospf_db_desc_tree, offset + 3 , 1, "Flags: %d (%s)", ospf_dbd.flags, flags );
275 proto_tree_add_item(ospf_db_desc_tree, offset + 4 , 4, "DD Sequence: %ld", (long)ntohl(ospf_dbd.dd_sequence) );
277 /* LS Headers will be processed here */
278 /* skip to the end of DB-Desc header */
280 while( ((int) (fd->cap_len - offset)) >= OSPF_LSA_HEADER_LENGTH ) {
281 dissect_ospf_lsa(pd, offset, fd, tree, FALSE);
282 offset+=OSPF_LSA_HEADER_LENGTH;
287 dissect_ospf_ls_req(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
288 e_ospf_ls_req ospf_lsr;
290 proto_tree *ospf_lsr_tree;
294 /* zero or more LS requests may be within a LS Request */
295 /* we place every request for a LSA in a single subtree */
297 while( ((int) ( fd->cap_len - offset)) >= OSPF_LS_REQ_LENGTH ){
298 memcpy(&ospf_lsr, &pd[offset], sizeof(e_ospf_ls_req));
299 ti = proto_tree_add_item(tree, offset, OSPF_LS_REQ_LENGTH, "Link State Request");
300 ospf_lsr_tree = proto_tree_new();
301 proto_item_add_subtree(ti, ospf_lsr_tree, ETT_OSPF_LSR);
303 switch( ntohl( ospf_lsr.ls_type ) ){
304 case OSPF_LSTYPE_ROUTER:
305 proto_tree_add_item(ospf_lsr_tree, offset, 4, "LS Type: Router-LSA (%ld)",
306 (long)ntohl( ospf_lsr.ls_type ) );
308 case OSPF_LSTYPE_NETWORK:
309 proto_tree_add_item(ospf_lsr_tree, offset, 4, "LS Type: Network-LSA (%ld)",
310 (long)ntohl( ospf_lsr.ls_type ) );
312 case OSPF_LSTYPE_SUMMERY:
313 proto_tree_add_item(ospf_lsr_tree, offset, 4, "LS Type: Summary-LSA (IP network) (%ld)",
314 (long)ntohl( ospf_lsr.ls_type ) );
316 case OSPF_LSTYPE_ASBR:
317 proto_tree_add_item(ospf_lsr_tree, offset, 4, "LS Type: Summary-LSA (ASBR) (%ld)",
318 (long)ntohl( ospf_lsr.ls_type ) );
320 case OSPF_LSTYPE_ASEXT:
321 proto_tree_add_item(ospf_lsr_tree, offset, 4, "LS Type: AS-External-LSA (ASBR) (%ld)",
322 (long)ntohl( ospf_lsr.ls_type ) );
325 proto_tree_add_item(ospf_lsr_tree, offset, 4, "LS Type: %ld (unknown)",
326 (long)ntohl( ospf_lsr.ls_type ) );
329 proto_tree_add_item(ospf_lsr_tree, offset + 4, 4, "Link State ID : %s",
330 ip_to_str((guint8 *) &(ospf_lsr.ls_id)));
331 proto_tree_add_item(ospf_lsr_tree, offset + 8, 4, "Advertising Router : %s",
332 ip_to_str((guint8 *) &(ospf_lsr.adv_router)));
339 dissect_ospf_ls_upd(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
340 e_ospf_lsa_upd_hdr upd_hdr;
343 proto_tree *ospf_lsa_upd_tree=NULL;
346 memcpy(&upd_hdr, &pd[offset], sizeof(e_ospf_lsa_upd_hdr));
349 ti = proto_tree_add_item(tree, offset, (fd->cap_len - offset) , "LS Update Packet");
350 ospf_lsa_upd_tree = proto_tree_new();
351 proto_item_add_subtree(ti, ospf_lsa_upd_tree, ETT_OSPF_LSA_UPD);
353 proto_tree_add_item(ospf_lsa_upd_tree, offset, 4, "Nr oF LSAs: %ld", (long)ntohl(upd_hdr.lsa_nr) );
355 /* skip to the beginning of the first LSA */
356 offset+=4; /* the LS Upd PAcket contains only a 32 bit #LSAs field */
359 while(lsa_counter < ntohl(upd_hdr.lsa_nr)){
360 offset+=dissect_ospf_lsa(pd, offset, fd, ospf_lsa_upd_tree, TRUE);
366 dissect_ospf_ls_ack(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
368 /* the body of a LS Ack packet simply contains zero or more LSA Headers */
369 while( ((int)(fd->cap_len - offset)) >= OSPF_LSA_HEADER_LENGTH ) {
370 dissect_ospf_lsa(pd, offset, fd, tree, FALSE);
371 offset+=OSPF_LSA_HEADER_LENGTH;
377 dissect_ospf_lsa(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int disassemble_body) {
378 e_ospf_lsa_hdr lsa_hdr;
381 /* data strutures for the router LSA */
382 e_ospf_router_lsa router_lsa;
383 e_ospf_router_data router_data;
384 e_ospf_router_metric tos_data;
385 guint16 link_counter;
390 /* data structures for the network lsa */
391 e_ospf_network_lsa network_lsa;
392 guint32 *attached_router;
394 /* data structures for the summary and ASBR LSAs */
395 e_ospf_summary_lsa summary_lsa;
397 /* data structures for the AS-External LSA */
398 e_ospf_asexternal_lsa asext_lsa;
399 guint32 asext_metric;
401 proto_tree *ospf_lsa_tree;
404 memcpy(&lsa_hdr, &pd[offset], sizeof(e_ospf_lsa_hdr));
408 switch(lsa_hdr.ls_type) {
409 case OSPF_LSTYPE_ROUTER:
410 lsa_type="Router LSA";
412 case OSPF_LSTYPE_NETWORK:
413 lsa_type="Network LSA";
415 case OSPF_LSTYPE_SUMMERY:
416 lsa_type="Summery LSA";
418 case OSPF_LSTYPE_ASBR:
421 case OSPF_LSTYPE_ASEXT:
422 lsa_type="AS-external-LSA";
429 if(disassemble_body){
430 ti = proto_tree_add_item(tree, offset, ntohs(lsa_hdr.length),
431 "%s (Type: %d)", lsa_type, lsa_hdr.ls_type);
433 ti = proto_tree_add_item(tree, offset, OSPF_LSA_HEADER_LENGTH, "LSA Header");
435 ospf_lsa_tree = proto_tree_new();
436 proto_item_add_subtree(ti, ospf_lsa_tree, ETT_OSPF_LSA);
439 proto_tree_add_item(ospf_lsa_tree, offset, 2, "LS Age: %d seconds", ntohs(lsa_hdr.ls_age));
440 proto_tree_add_item(ospf_lsa_tree, offset + 2, 1, "Options: %d ", lsa_hdr.options);
441 proto_tree_add_item(ospf_lsa_tree, offset + 3, 1, "LSA Type: %d (%s)", lsa_hdr.ls_type, lsa_type);
443 proto_tree_add_item(ospf_lsa_tree, offset + 4, 4, "Linke State ID: %s ",
444 ip_to_str((guint8 *) &(lsa_hdr.ls_id)));
446 proto_tree_add_item(ospf_lsa_tree, offset + 8, 4, "Advertising Router: %s ",
447 ip_to_str((guint8 *) &(lsa_hdr.adv_router)));
448 proto_tree_add_item(ospf_lsa_tree, offset + 12, 4, "LS Sequence Number: 0x%04lx ",
449 (unsigned long)ntohl(lsa_hdr.ls_seq));
450 proto_tree_add_item(ospf_lsa_tree, offset + 16, 2, "LS Checksum: %d ", ntohs(lsa_hdr.ls_checksum));
452 proto_tree_add_item(ospf_lsa_tree, offset + 18, 2, "Length: %d ", ntohs(lsa_hdr.length));
454 if(!disassemble_body){
455 return OSPF_LSA_HEADER_LENGTH;
458 /* the LSA body starts afte 20 bytes of LSA Header */
461 switch(lsa_hdr.ls_type){
462 case(OSPF_LSTYPE_ROUTER):
463 memcpy(&router_lsa, &pd[offset], sizeof(e_ospf_router_lsa));
465 /* again: flags should be secified in detail */
466 proto_tree_add_item(ospf_lsa_tree, offset, 1, "Flags: 0x%02x ", router_lsa.flags);
467 proto_tree_add_item(ospf_lsa_tree, offset + 2, 2, "Nr. of Links: %d ",
468 ntohs(router_lsa.nr_links));
470 /* router_lsa.nr_links links follow
471 * maybe we should put each of the links into its own subtree ???
473 for(link_counter = 1 ; link_counter <= ntohs(router_lsa.nr_links); link_counter++){
475 memcpy(&router_data, &pd[offset], sizeof(e_ospf_router_data));
476 /* check the Link Type and ID */
477 switch(router_data.link_type) {
479 link_type="Point-to-point connection to another router";
480 link_id="Neighboring router's Router ID";
482 case OSPF_LINK_TRANSIT:
483 link_type="Connection to a transit network";
484 link_id="IP address of Designated Router";
487 link_type="Connection to a stub network";
488 link_id="IP network/subnet number";
490 case OSPF_LINK_VIRTUAL:
491 link_type="Virtual link";
492 link_id="Neighboring router's Router ID";
495 link_type="unknown link type";
496 link_id="unknown link id";
499 proto_tree_add_item(ospf_lsa_tree, offset, 4, "%s: %s", link_id,
500 ip_to_str((guint8 *) &(router_data.link_id)));
502 /* link_data should be specified in detail (e.g. network mask) (depends on link type)*/
503 proto_tree_add_item(ospf_lsa_tree, offset + 4, 4, "Link Data: %s",
504 ip_to_str((guint8 *) &(router_data.link_data)));
506 proto_tree_add_item(ospf_lsa_tree, offset + 8, 1, "Link Type: %d - %s",
507 router_data.link_type, link_type);
508 proto_tree_add_item(ospf_lsa_tree, offset + 9, 1, "Nr. of TOS metrics: %d", router_data.nr_tos);
509 proto_tree_add_item(ospf_lsa_tree, offset + 10, 2, "TOS 0 metric: %d", ntohs( router_data.tos0_metric ));
513 /* router_data.nr_tos metrics may follow each link
514 * ATTENTION: TOS metrics are not tested (I don't have TOS based routing)
515 * please send me a mail if it is/isn't working
518 for(tos_counter = 1 ; link_counter <= ntohs(router_data.nr_tos); tos_counter++){
519 memcpy(&tos_data, &pd[offset], sizeof(e_ospf_router_metric));
520 proto_tree_add_item(ospf_lsa_tree, offset, 1, "TOS: %d, Metric: %d",
521 tos_data.tos, ntohs(tos_data.metric));
526 case(OSPF_LSTYPE_NETWORK):
527 memcpy(&network_lsa, &pd[offset], sizeof(e_ospf_network_lsa));
528 proto_tree_add_item(ospf_lsa_tree, offset, 4, "Netmask: %s",
529 ip_to_str((guint8 *) &(network_lsa.network_mask)));
532 while( ((int) (fd->cap_len - offset)) >= 4){
533 attached_router = (guint32 *) &pd[offset];
534 proto_tree_add_item(ospf_lsa_tree, offset, 4, "Attached Router: %s",
535 ip_to_str((guint8 *) attached_router));
539 case(OSPF_LSTYPE_SUMMERY):
540 /* Type 3 and 4 LSAs have the same format */
541 case(OSPF_LSTYPE_ASBR):
542 memcpy(&summary_lsa, &pd[offset], sizeof(e_ospf_summary_lsa));
543 proto_tree_add_item(ospf_lsa_tree, offset, 4, "Netmask: %s",
544 ip_to_str((guint8 *) &(summary_lsa.network_mask)));
545 /* returns only the TOS 0 metric (even if there are more TOS metrics) */
547 case(OSPF_LSTYPE_ASEXT):
548 memcpy(&summary_lsa, &pd[offset], sizeof(e_ospf_summary_lsa));
549 proto_tree_add_item(ospf_lsa_tree, offset, 4, "Netmask: %s",
550 ip_to_str((guint8 *) &(summary_lsa.network_mask)));
552 /* asext_lsa = (e_ospf_asexternal_lsa *) &pd[offset + 4]; */
553 memcpy(&asext_lsa, &pd[offset + 4], sizeof(asext_lsa));
554 if( (asext_lsa.options & 128) == 128 ) { /* check wether or not E bit is set */
555 proto_tree_add_item(ospf_lsa_tree, offset, 1,
556 "External Type: Type 2 (metric is larger than any other link state path)");
558 proto_tree_add_item(ospf_lsa_tree, offset + 4, 1,
559 "External Type: Type 1 (metric is specified in the same units as interface cost)");
561 /* the metric field of a AS-external LAS is specified in 3 bytes -> not well aligned */
562 /* this routine returns only the TOS 0 metric (even if there are more TOS metrics) */
563 memcpy(&asext_metric, &pd[offset+4], 4);
565 /* erase the leading 8 bits (the dont belong to the metric */
566 asext_metric = ntohl(asext_metric) & 0x00ffffff ;
568 proto_tree_add_item(ospf_lsa_tree, offset + 5, 3,"Metric: %d", asext_metric);
569 proto_tree_add_item(ospf_lsa_tree, offset + 8, 4,"Forwarding Address: %s",
570 ip_to_str((guint8 *) &(asext_lsa.gateway)));
571 proto_tree_add_item(ospf_lsa_tree, offset + 12, 4,"External Route Tag: %ld", (long)ntohl(asext_lsa.external_tag));
575 /* unknown LSA type */
576 proto_tree_add_item(ospf_lsa_tree, offset, (fd->cap_len - offset), "Unknown LSA Type");
579 /* return the length of this LSA */
580 return ntohs(lsa_hdr.length);
git.samba.org / obnox / wireshark / wip.git / blob