2 * Routines for BOOTP/DHCP packet disassembly
3 * Gilbert Ramirez <gram@verdict.uthscsa.edu>
5 * $Id: packet-bootp.c,v 1.16 1999/03/23 03:14:35 gram Exp $
7 * The information used comes from:
8 * RFC 2132: DHCP Options and BOOTP Vendor Extensions
9 * RFC 1542: Clarifications and Extensions for the Bootstrap Protocol
10 * RFC 2131: Dynamic Host Configuration Protocol
12 * Ethereal - Network traffic analyzer
13 * By Gerald Combs <gerald@unicom.net>
14 * Copyright 1998 Gerald Combs
17 * This program is free software; you can redistribute it and/or
18 * modify it under the terms of the GNU General Public License
19 * as published by the Free Software Foundation; either version 2
20 * of the License, or (at your option) any later version.
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
27 * You should have received a copy of the GNU General Public License
28 * along with this program; if not, write to the Free Software
29 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
36 #ifdef HAVE_SYS_TYPES_H
37 # include <sys/types.h>
43 enum field_type { none, ipv4, string, toggle, yes_no, special, opaque,
45 val_u_byte, val_u_short, val_u_long,
50 enum field_type ftype;
53 #define NUM_OPT_INFOS 77
55 /* returns the number of bytes consumed by this option */
57 bootp_option(const u_char *pd, proto_tree *bp_tree, int voff, int eoff)
60 enum field_type ftype;
61 u_char code = pd[voff];
62 int vlen = pd[voff+1];
64 int i, consumed = vlen + 2;
69 static const char *opt53_text[] = {
70 "Unknown Message Type",
80 static const value_string nbnt_vals[] = {
87 static struct opt_info opt[] = {
88 /* 0 */ { "Padding", none },
89 /* 1 */ { "Subnet Mask", ipv4 },
90 /* 2 */ { "Time Offset", val_s_long },
91 /* 3 */ { "Router", ipv4 },
92 /* 4 */ { "Time Server", ipv4 },
93 /* 5 */ { "Name Server", ipv4 },
94 /* 6 */ { "Domain Name Server", ipv4 },
95 /* 7 */ { "Log Server", ipv4 },
96 /* 8 */ { "Cookie Server", ipv4 },
97 /* 9 */ { "LPR Server", ipv4 },
98 /* 10 */ { "Impress Server", ipv4 },
99 /* 11 */ { "Resource Location Server", ipv4 },
100 /* 12 */ { "Host Name", string },
101 /* 13 */ { "Boot File Size", val_u_short },
102 /* 14 */ { "Merit Dump File", string },
103 /* 15 */ { "Domain Name", string },
104 /* 16 */ { "Swap Server", ipv4 },
105 /* 17 */ { "Root Path", string },
106 /* 18 */ { "Extensions Path", string },
107 /* 19 */ { "IP Forwarding", toggle },
108 /* 20 */ { "Non-Local Source Routing", toggle },
109 /* 21 */ { "Policy Filter", special },
110 /* 22 */ { "Maximum Datagram Reassembly Size", val_u_short },
111 /* 23 */ { "Default IP Time-to-Live", val_u_byte },
112 /* 24 */ { "Path MTU Aging Timeout", time_in_secs },
113 /* 25 */ { "Path MTU Plateau Table", val_u_short },
114 /* 26 */ { "Interface MTU", val_u_short },
115 /* 27 */ { "All Subnets are Local", yes_no },
116 /* 28 */ { "Broadcast Address", ipv4 },
117 /* 29 */ { "Perform Mask Discovery", toggle },
118 /* 30 */ { "Mask Supplier", yes_no },
119 /* 31 */ { "Perform Router Discover", toggle },
120 /* 32 */ { "Router Solicitation Address", ipv4 },
121 /* 33 */ { "Static Route", special },
122 /* 34 */ { "Trailer Encapsulation", toggle },
123 /* 35 */ { "ARP Cache Timeout", time_in_secs },
124 /* 36 */ { "Ethernet Encapsulation", toggle },
125 /* 37 */ { "TCP Default TTL", val_u_byte },
126 /* 38 */ { "TCP Keepalive Interval", time_in_secs },
127 /* 39 */ { "TCP Keepalive Garbage", toggle },
128 /* 40 */ { "Network Information Service Domain", string },
129 /* 41 */ { "Network Information Service Servers", ipv4 },
130 /* 42 */ { "Network Time Protocol Servers", ipv4 },
131 /* 43 */ { "Vendor-Specific Information", special },
132 /* 44 */ { "NetBIOS over TCP/IP Name Server", ipv4 },
133 /* 45 */ { "NetBIOS over TCP/IP Datagram Distribution Name Server", ipv4 },
134 /* 46 */ { "NetBIOS over TCP/IP Node Type", special },
135 /* 47 */ { "NetBIOS over TCP/IP Scope", string },
136 /* 48 */ { "X Window System Font Server", ipv4 },
137 /* 49 */ { "X Window System Display Manager", ipv4 },
138 /* 50 */ { "Requested IP Address", ipv4 },
139 /* 51 */ { "IP Address Lease Time", time_in_secs },
140 /* 52 */ { "Option Overload", special },
141 /* 53 */ { "DHCP Message Type", special },
142 /* 54 */ { "Server Identifier", ipv4 },
143 /* 55 */ { "Parameter Request List", special },
144 /* 56 */ { "Message", string },
145 /* 57 */ { "Maximum DHCP Message Size", val_u_short },
146 /* 58 */ { "Renewal Time Value", time_in_secs },
147 /* 59 */ { "Rebinding Time Value", time_in_secs },
148 /* 60 */ { "Vendor class identifier", opaque },
149 /* 61 */ { "Client identifier", special },
150 /* 64 */ { "Network Information Service+ Domain", string },
151 /* 65 */ { "Network Information Service+ Servers", ipv4 },
152 /* 66 */ { "TFTP Server Name", string },
153 /* 67 */ { "Bootfile name", string },
154 /* 68 */ { "Mobile IP Home Agent", ipv4 },
155 /* 69 */ { "SMTP Server", ipv4 },
156 /* 70 */ { "POP3 Server", ipv4 },
157 /* 71 */ { "NNTP Server", ipv4 },
158 /* 72 */ { "Default WWW Server", ipv4 },
159 /* 73 */ { "Default Finger Server", ipv4 },
160 /* 74 */ { "Default IRC Server", ipv4 },
161 /* 75 */ { "StreetTalk Server", ipv4 },
162 /* 76 */ { "StreetTalk Directory Assistance Server", ipv4 }
165 text = opt[code].text;
170 /* check how much padding we have */
171 for (i = voff + 1; i < eoff; i++ ) {
177 proto_tree_add_item(bp_tree, voff, i, "Padding");
183 /* one IP address pair */
185 proto_tree_add_item(bp_tree, voff, consumed,
186 "Option %d: %s = %s/%s", code, text,
187 ip_to_str((guint8*)&pd[voff+2]),
188 ip_to_str((guint8*)&pd[voff+6]));
190 /* > 1 IP address pair. Let's make a sub-tree */
193 vti = proto_tree_add_item(bp_tree, voff,
194 consumed, "Option %d: %s", code, text);
195 v_tree = proto_tree_new();
196 proto_item_add_subtree(vti, v_tree, ETT_BOOTP_OPTION);
197 for (i = voff + 2; i < voff + consumed; i += 8) {
198 proto_tree_add_item(v_tree, i, 8, "IP Address/Mask: %s/%s",
199 ip_to_str((guint8*)&pd[i]),
200 ip_to_str((guint8*)&pd[i+4]));
207 /* one IP address pair */
209 proto_tree_add_item(bp_tree, voff, consumed,
210 "Option %d: %s = %s/%s", code, text,
211 ip_to_str((guint8*)&pd[voff+2]),
212 ip_to_str((guint8*)&pd[voff+6]));
214 /* > 1 IP address pair. Let's make a sub-tree */
217 vti = proto_tree_add_item(bp_tree, voff,
218 consumed, "Option %d: %s", code, text);
219 v_tree = proto_tree_new();
220 proto_item_add_subtree(vti, v_tree, ETT_BOOTP_OPTION);
221 for (i = voff + 2; i < voff + consumed; i += 8) {
222 proto_tree_add_item(v_tree, i, 8,
223 "Destination IP Address/Router: %s/%s",
224 ip_to_str((guint8*)&pd[i]),
225 ip_to_str((guint8*)&pd[i+4]));
230 /* Vendor-Specific Info */
232 proto_tree_add_item(bp_tree, voff, consumed,
233 "Option %d: %s", code, text);
236 /* NetBIOS-over-TCP/IP Node Type */
239 proto_tree_add_item(bp_tree, voff, consumed,
240 "Option %d: %s = %s", code, text,
241 val_to_str(byte, nbnt_vals,
242 "Unknown (0x%02x)"));
245 /* DHCP Message Type */
248 if (byte > 0 && byte < 9) {
254 proto_tree_add_item(bp_tree, voff, 3, "Option %d: %s = DHCP %s",
255 code, text, opt53_text[i]);
258 /* Parameter Request List */
260 vti = proto_tree_add_item(bp_tree, voff,
261 vlen + 2, "Option %d: %s", code, text);
262 v_tree = proto_tree_new();
263 proto_item_add_subtree(vti, v_tree, ETT_BOOTP_OPTION);
264 for (i = 0; i < vlen; i++) {
266 if (byte < NUM_OPT_INFOS) {
267 proto_tree_add_item(v_tree, voff+2+i, 1, "%d = %s",
268 byte, opt[byte].text);
271 proto_tree_add_item(vti, voff+2+i, 1,
272 "Unknown Option Code: %d", byte);
277 /* Client Identifier */
279 /* We *MAY* use hwtype/hwaddr. If we have 7 bytes, I'll
280 guess that the first is the hwtype, and the last 6 are
283 vti = proto_tree_add_item(bp_tree, voff,
284 consumed, "Option %d: %s", code, text);
285 v_tree = proto_tree_new();
286 proto_item_add_subtree(vti, v_tree, ETT_BOOTP_OPTION);
287 proto_tree_add_item(v_tree, voff+2, 1,
289 arphrdtype_to_str(pd[voff+2],
290 "Unknown (0x%02x)"));
291 proto_tree_add_item(v_tree, voff+3, 6,
292 "Client hardware address: %s",
293 arphrdaddr_to_str((guint8*)&pd[voff+3],
296 /* otherwise, it's opaque data */
298 proto_tree_add_item(bp_tree, voff, consumed,
299 "Option %d: %s (%d bytes)", code, text, vlen);
305 proto_tree_add_item(bp_tree, voff, 1, "End Option");
315 if (code < NUM_OPT_INFOS) {
316 text = opt[code].text;
317 ftype = opt[code].ftype;
326 proto_tree_add_item(bp_tree, voff, consumed,
327 "Option %d: %s = %s", code, text,
328 ip_to_str((guint8*)&pd[voff+2]));
330 /* > 1 IP addresses. Let's make a sub-tree */
333 vti = proto_tree_add_item(bp_tree, voff,
334 consumed, "Option %d: %s", code, text);
335 v_tree = proto_tree_new();
336 proto_item_add_subtree(vti, v_tree, ETT_BOOTP_OPTION);
337 for (i = voff + 2; i < voff + consumed; i += 4) {
338 proto_tree_add_item(v_tree, i, 4, "IP Address: %s",
339 ip_to_str((guint8*)&pd[i]));
345 /* Fix for non null-terminated string supplied by
346 * John Lines <John.Lines@aeat.co.uk>
348 proto_tree_add_item(bp_tree, voff, consumed,
349 "Option %d: %s = %.*s", code, text, vlen, &pd[voff+2]);
353 proto_tree_add_item(bp_tree, voff, consumed,
354 "Option %d: %s (%d bytes)",
361 proto_tree_add_item(bp_tree, voff, consumed,
362 "Option %d: %s = %d", code, text,
363 pntohs(&pd[voff+2]));
367 vti = proto_tree_add_item(bp_tree, voff,
368 consumed, "Option %d: %s", code, text);
369 v_tree = proto_tree_new();
370 proto_item_add_subtree(vti, v_tree, ETT_BOOTP_OPTION);
371 for (i = voff + 2; i < voff + consumed; i += 2) {
372 proto_tree_add_item(v_tree, i, 4, "Value: %d",
379 proto_tree_add_item(bp_tree, voff, consumed,
380 "Option %d: %s = %d", code, text,
381 pntohl(&pd[voff+2]));
385 proto_tree_add_item(bp_tree, voff, consumed,
386 "Option %d: %s = %d", code, text, pd[voff+2]);
391 if (i != 0 && i != 1) {
392 proto_tree_add_item(bp_tree, voff, consumed,
393 "Option %d: %s = Invalid Value %d", code, text,
397 proto_tree_add_item(bp_tree, voff, consumed,
398 "Option %d: %s = %s", code, text,
399 pd[voff+2] == 0 ? "Disabled" : "Enabled");
405 if (i != 0 && i != 1) {
406 proto_tree_add_item(bp_tree, voff, consumed,
407 "Option %d: %s = Invalid Value %d", code, text,
411 proto_tree_add_item(bp_tree, voff, consumed,
412 "Option %d: %s = %s", code, text,
413 pd[voff+2] == 0 ? "No" : "Yes");
418 time_secs = pntohl(&pd[voff+2]);
419 proto_tree_add_item(bp_tree, voff, consumed,
420 "Option %d: %s = %s", code, text,
421 ((time_secs == 0xffffffff) ?
423 time_secs_to_str(time_secs)));
427 proto_tree_add_item(bp_tree, voff, consumed,
428 "Option %d: %s (%d bytes)", code, text, vlen);
432 proto_tree_add_item(bp_tree, voff, consumed,
433 "Unknown Option Code: %d (%d bytes)", code, vlen);
440 dissect_bootp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
444 int voff, eoff; /* vender offset, end offset */
446 if (check_col(fd, COL_PROTOCOL))
447 col_add_str(fd, COL_PROTOCOL, "BOOTP");
449 if (check_col(fd, COL_INFO)) {
450 if (pd[offset] == 1) {
451 col_add_fstr(fd, COL_INFO, "Boot Request from %s",
452 arphrdaddr_to_str((guint8*)&pd[offset+28],
453 pd[offset+2], pd[offset+1]));
456 col_add_str(fd, COL_INFO, "Boot Reply");
461 ti = proto_tree_add_item(tree, offset, END_OF_FRAME,
462 "Bootstrap Protocol");
463 bp_tree = proto_tree_new();
464 proto_item_add_subtree(ti, bp_tree, ETT_BOOTP);
466 proto_tree_add_item(bp_tree, offset, 1, pd[offset] == 1 ?
467 "Boot Request" : "Boot Reply");
468 proto_tree_add_item(bp_tree, offset + 1, 1,
470 arphrdtype_to_str(pd[offset+1], "Unknown (0x%02x)"));
471 proto_tree_add_item(bp_tree, offset + 2, 1,
472 "Hardware address length: %d", pd[offset+2]);
473 proto_tree_add_item(bp_tree, offset + 3, 1,
474 "Hops: %d", pd[offset+3]);
475 proto_tree_add_item(bp_tree, offset + 4, 4,
476 "Transaction ID: 0x%08x", pntohl(&pd[offset+4]));
477 proto_tree_add_item(bp_tree, offset + 8, 2,
478 "Seconds elapsed: %d", pntohs(&pd[offset+8]));
479 proto_tree_add_item(bp_tree, offset + 10, 2,
480 "Broadcast flag: %d", pd[offset+10] & 1);
481 proto_tree_add_item(bp_tree, offset + 12, 4,
482 "Client IP address: %s", ip_to_str((guint8*)&pd[offset+12]));
483 proto_tree_add_item(bp_tree, offset + 16, 4,
484 "Your (client) IP address: %s", ip_to_str((guint8*)&pd[offset+16]));
485 proto_tree_add_item(bp_tree, offset + 20, 4,
486 "Next server IP address: %s", ip_to_str((guint8*)&pd[offset+20]));
487 proto_tree_add_item(bp_tree, offset + 24, 4,
488 "Relay agent IP address: %s", ip_to_str((guint8*)&pd[offset+24]));
490 proto_tree_add_item(bp_tree, offset + 28, pd[offset+2],
491 "Client hardware address: %s",
492 arphrdaddr_to_str((guint8*)&pd[offset+28],
493 pd[offset+2], pd[offset+1]));
495 /* The server host name is optional */
497 proto_tree_add_item(bp_tree, offset + 44, 64,
498 "Server host name: %s", &pd[offset+44]);
501 proto_tree_add_item(bp_tree, offset + 44, 64,
502 "Server host name not given");
506 if (pd[offset+108]) {
507 proto_tree_add_item(bp_tree, offset + 108, 128,
508 "Boot file name: %s", &pd[offset+108]);
511 proto_tree_add_item(bp_tree, offset + 108, 128,
512 "Boot file name not given");
515 if (pntohl(&pd[offset+236]) == 0x63825363) {
516 proto_tree_add_item(bp_tree, offset + 236, 4,
517 "Magic cookie: (OK)");
520 proto_tree_add_item(bp_tree, offset + 236, 4,
522 ip_to_str((guint8*)&pd[offset+236]));
528 while (voff < eoff) {
529 voff += bootp_option(pd, bp_tree, voff, eoff);
git.samba.org / metze / wireshark / wip.git / blob