#define BGPNLRI_FSPEC_EQUAL 0x01
#define BGPNLRI_FSPEC_TCPF_NOTBIT 0x02
#define BGPNLRI_FSPEC_TCPF_MATCHBIT 0x01
-#define BGPNLRI_FSPEC_DSCP_BITMASK 0xFC
+#define BGPNLRI_FSPEC_DSCP_BITMASK 0x3F
/* BGP flow spec specific filter value: TCP flags, Packet fragment ... */
#define BGPNLRI_FSPEC_TH_FIN 0x01
static const value_string flowspec_nlri_opvaluepair_type[] = {
{ BGPNLRI_FSPEC_DST_PFIX, "Destination prefix filter" },
{ BGPNLRI_FSPEC_SRC_PFIX, "Source prefix filter" },
- { BGPNLRI_FSPEC_IP_PROTO, "IP protocol filter" },
+ { BGPNLRI_FSPEC_IP_PROTO, "Protocol / Next Header filter" },
{ BGPNLRI_FSPEC_PORT, "Port filter" },
{ BGPNLRI_FSPEC_DST_PORT, "Destination port filter" },
{ BGPNLRI_FSPEC_SRC_PORT, "Source port filter" },
static int hf_bgp_flowspec_nlri_fflag_isf = -1;
static int hf_bgp_flowspec_nlri_fflag_df = -1;
static int hf_bgp_flowspec_nlri_dscp = -1;
+static int hf_bgp_flowspec_nlri_src_ipv6_pref = -1;
+static int hf_bgp_flowspec_nlri_dst_ipv6_pref = -1;
+static int hf_bgp_flowspec_nlri_ipv6_pref_len = -1;
+static int hf_bgp_flowspec_nlri_ipv6_pref_offset = -1;
/* BGP update safi ndt nlri draft-nalawade-idr-mdt-safi-03 */
static expert_field ei_bgp_ext_com_len_bad = EI_INIT;
static expert_field ei_bgp_attr_pmsi_opaque_type = EI_INIT;
static expert_field ei_bgp_attr_pmsi_tunnel_type = EI_INIT;
+static expert_field ei_bgp_prefix_length_err = EI_INIT;
static expert_field ei_bgp_evpn_nlri_rt4_len_err = EI_INIT;
static expert_field ei_bgp_evpn_nlri_rt_type_err = EI_INIT;
decode_prefix6(proto_tree *tree, int hf_addr, tvbuff_t *tvb, gint offset,
guint16 tlen, const char *tag)
{
- proto_tree *prefix_tree;
- struct e_in6_addr addr; /* IPv6 address */
- int plen; /* prefix length */
- int length; /* number of octets needed for prefix */
+ proto_tree *prefix_tree;
+ struct e_in6_addr addr; /* IPv6 address */
+ int plen; /* prefix length */
+ int length; /* number of octets needed for prefix */
/* snarf length and prefix */
plen = tvb_get_guint8(tvb, offset);
return(1 + length);
}
+static int
+decode_fspec_match_prefix6(proto_tree *tree, proto_item *parent_item, int hf_addr,
+ tvbuff_t *tvb, gint offset, guint16 tlen, packet_info *pinfo)
+{
+ proto_tree *prefix_tree;
+ struct e_in6_addr addr; /* IPv6 address */
+ int plen; /* prefix length */
+ int length; /* number of octets needed for prefix */
+ int poffset_place = 1;
+ int plength_place = 0;
+
+ /* snarf length and prefix */
+ plen = tvb_get_guint8(tvb, offset);
+ if (plen == 0) /* I should be facing a draft 04 version where the prefix offset is switched with length */
+ {
+ plen = tvb_get_guint8(tvb, offset+1);
+ poffset_place = 0;
+ plength_place = 1;
+ }
+ length = ipv6_addr_and_mask(tvb, offset + 2, &addr, plen);
+ if (length < 0) {
+ expert_add_info_format(pinfo, parent_item, &ei_bgp_prefix_length_err, "Length is invalid %u", plen);
+ return -1;
+ }
+
+ /* put prefix into protocol tree */
+ prefix_tree = proto_tree_add_subtree_format(tree, tvb, offset,
+ tlen != 0 ? tlen : 1 + length, ett_bgp_prefix, NULL, "%s/%u",
+ ip6_to_str(&addr), plen);
+ proto_tree_add_item(prefix_tree, hf_bgp_flowspec_nlri_ipv6_pref_len, tvb, offset + plength_place, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(prefix_tree, hf_bgp_flowspec_nlri_ipv6_pref_offset, tvb, offset + poffset_place, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_ipv6(prefix_tree, hf_addr, tvb, offset + 2, length,
+ addr.bytes);
+ if (parent_item != NULL)
+ proto_item_append_text(parent_item, " (%s/%u)",
+ ip6_to_str(&addr), plen);
+ return(2 + length);
+}
+
static const char*
decode_bgp_rd(tvbuff_t *tvb, gint offset)
{
else
{
proto_item_append_text(parent_item," %s%s%s%s",
- ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "||" : "&& ",
+ ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "|| " : "&& ",
((nlri_operator & BGPNLRI_FSPEC_GREATER_THAN) == 0) ? "" : ">",
((nlri_operator & BGPNLRI_FSPEC_LESS_THAN) == 0) ? "" : "<",
((nlri_operator & BGPNLRI_FSPEC_EQUAL) == 0) ? "" : "=");
else
{
proto_item_append_text(parent_item," %s%s%s%s",
- ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "||" : "&& ",
+ ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "|| " : "&& ",
((nlri_operator & BGPNLRI_FSPEC_GREATER_THAN) == 0) ? "" : ">",
((nlri_operator & BGPNLRI_FSPEC_LESS_THAN) == 0) ? "" : "<",
((nlri_operator & BGPNLRI_FSPEC_EQUAL) == 0) ? "" : "=");
else
{
proto_item_append_text(parent_item," %s%s%s%s",
- ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "||" : "&& ",
+ ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "|| " : "&& ",
((nlri_operator & BGPNLRI_FSPEC_GREATER_THAN) == 0) ? "" : ">",
((nlri_operator & BGPNLRI_FSPEC_LESS_THAN) == 0) ? "" : "<",
((nlri_operator & BGPNLRI_FSPEC_EQUAL) == 0) ? "" : "=");
else
{
proto_item_append_text(parent_item," %s%s%s%s",
- ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "||" : "&& ",
+ ((nlri_operator & BGPNLRI_FSPEC_AND_BIT) == 0) ? "|| " : "&& ",
((nlri_operator & BGPNLRI_FSPEC_GREATER_THAN) == 0) ? "" : ">",
((nlri_operator & BGPNLRI_FSPEC_LESS_THAN) == 0) ? "" : "<",
((nlri_operator & BGPNLRI_FSPEC_EQUAL) == 0) ? "" : "=");
return -1; /* frag flags have to be coded in 1 byte */
}
dscp_flags = tvb_get_guint8(tvb,offset+cursor_op_val);
- dscp_flags = dscp_flags >> 2;
proto_tree_add_item(parent_tree, hf_bgp_flowspec_nlri_dscp, tvb, offset+cursor_op_val, 1, ENC_BIG_ENDIAN);
proto_item_append_text(parent_item,"%s",val_to_str_ext_const(dscp_flags,&dscp_vals_ext, "Unknown DSCP"));
cursor_op_val = cursor_op_val + value_len;
proto_tree *filter_tree;
- if (afi != AFNUM_INET)
+ if (afi != AFNUM_INET && afi != AFNUM_INET6)
{
expert_add_info(pinfo, NULL, &ei_bgp_afi_type_not_supported);
return(-1);
switch (tvb_get_guint8(tvb,offset+cursor_fspec)) {
case BGPNLRI_FSPEC_DST_PFIX:
cursor_fspec++;
- filter_len = decode_prefix4(filter_tree, filter_item, hf_bgp_flowspec_nlri_dst_pref_ipv4, tvb, offset+cursor_fspec, 0, "Destination IP filter");
+ if (afi == AFNUM_INET)
+ filter_len = decode_prefix4(filter_tree, filter_item, hf_bgp_flowspec_nlri_dst_pref_ipv4,
+ tvb, offset+cursor_fspec, 0, "Destination IP filter");
+ else if (afi == AFNUM_INET6)
+ filter_len = decode_fspec_match_prefix6(filter_tree, filter_item, hf_bgp_flowspec_nlri_dst_ipv6_pref,
+ tvb, offset+cursor_fspec, 0, pinfo);
+ else cursor_fspec = tot_flow_len;
if (filter_len == -1)
cursor_fspec= tot_flow_len;
break;
case BGPNLRI_FSPEC_SRC_PFIX:
cursor_fspec++;
- filter_len = decode_prefix4(filter_tree, filter_item, hf_bgp_flowspec_nlri_src_pref_ipv4, tvb, offset+cursor_fspec, 0, "Source IP filter");
+ if (afi == AFNUM_INET)
+ filter_len = decode_prefix4(filter_tree, filter_item, hf_bgp_flowspec_nlri_src_pref_ipv4,
+ tvb, offset+cursor_fspec, 0, "Source IP filter");
+ else if (afi == AFNUM_INET6)
+ filter_len = decode_fspec_match_prefix6(filter_tree, filter_item, hf_bgp_flowspec_nlri_src_ipv6_pref,
+ tvb, offset+cursor_fspec, 0, pinfo);
+ else cursor_fspec = tot_flow_len;
if (filter_len == -1)
cursor_fspec= tot_flow_len;
break;
return -1;
} /* switch (rd_type) */
break;
-
+ case SAFNUM_FSPEC_RULE:
+ case SAFNUM_FSPEC_VPN_RULE:
+ total_length = decode_flowspec_nlri(tree, tvb, offset, afi, pinfo);
+ if(total_length < 0)
+ return(-1);
+ total_length++;
+ break;
default:
proto_tree_add_text(tree, tvb, start_offset, 0,
"Unknown SAFI (%u) for AFI %u", safi, afi);
case BGP_EXT_COM_STYPE_EXP_F_RMARK: /* Flow spec traffic-remarking [RFC5575] */
proto_tree_add_item(community_tree, hf_bgp_ext_com_value_fs_remark, tvb, offset+7, 1, ENC_BIG_ENDIAN);
dscp_flags = tvb_get_guint8(tvb,offset+7);
- dscp_flags = dscp_flags >> 2;
proto_item_append_text(community_item, "%s", val_to_str_ext_const(dscp_flags,&dscp_vals_ext, "Unknown DSCP"));
break;
{ &hf_bgp_flowspec_nlri_dscp,
{ "Differentiated Services Codepoint", "bgp.flowspec_nlri.val_dsfield", FT_UINT8, BASE_HEX | BASE_EXT_STRING,
&dscp_vals_ext, BGPNLRI_FSPEC_DSCP_BITMASK, NULL, HFILL }},
+ { &hf_bgp_flowspec_nlri_src_ipv6_pref,
+ { "Source IPv6 prefix", "bgp.flowspec_nlri.src_ipv6_pref", FT_IPv6, BASE_NONE,
+ NULL, 0x0, NULL, HFILL}},
+ { &hf_bgp_flowspec_nlri_dst_ipv6_pref,
+ { "Destination IPv6 prefix", "bgp.flowspec_nlri.dst_ipv6_pref", FT_IPv6, BASE_NONE,
+ NULL, 0x0, NULL, HFILL}},
+ { &hf_bgp_flowspec_nlri_ipv6_pref_len,
+ { "IPv6 prefix length", "bgp.flowspec_nlri.ipv6_pref_length", FT_UINT8, BASE_DEC,
+ NULL, 0x0, NULL, HFILL}},
+ { &hf_bgp_flowspec_nlri_ipv6_pref_offset,
+ { "IPv6 prefix offset", "bgp.flowspec_nlri.ipv6_pref_offset", FT_UINT8, BASE_DEC,
+ NULL, 0x0, NULL, HFILL}},
/* end of bgp flow spec */
/* BGP update safi ndt nlri draft-nalawade-idr-mdt-safi-03 */
{ &hf_bgp_mdt_nlri_safi_rd,
{ &ei_bgp_evpn_nlri_rt4_len_err, { "bgp.evpn.len", PI_MALFORMED, PI_ERROR, "Length is invalid", EXPFILL }},
{ &ei_bgp_evpn_nlri_rt_type_err, { "bgp.evpn.type", PI_MALFORMED, PI_ERROR, "EVPN Route Type is invalid", EXPFILL }},
{ &ei_bgp_attr_pmsi_tunnel_type, { "bgp.attr.pmsi.tunnel_type", PI_PROTOCOL, PI_ERROR, "Unknown Tunnel type", EXPFILL }},
- { &ei_bgp_attr_pmsi_opaque_type, { "bgp.attr.pmsi.opaque_type", PI_PROTOCOL, PI_ERROR, "Unvalid pmsi opaque type", EXPFILL }}
+ { &ei_bgp_attr_pmsi_opaque_type, { "bgp.attr.pmsi.opaque_type", PI_PROTOCOL, PI_ERROR, "Unvalid pmsi opaque type", EXPFILL }},
+ { &ei_bgp_prefix_length_err, { "bgp.prefix.length", PI_MALFORMED, PI_ERROR, "Unvalid IPv6 prefix length", EXPFILL}}
};
module_t *bgp_module;
git.samba.org / metze / wireshark / wip.git / commitdiff