2 * Routines for OSPF packet disassembly
3 * (c) Copyright Hannes R. Boehm <hannes@boehm.org>
5 * $Id: packet-ospf.c,v 1.4 1998/09/29 21:34:44 hannes Exp $
7 * At this time, this module is able to analyze OSPF
8 * packets as specified in RFC2328. MOSPF (RFC1584) and other
9 * OSPF Extensions which introduce new Packet types
10 * (e.g the External Atributes LSA) are not supported.
12 * TOS - support is not fully implemented
14 * Ethereal - Network traffic analyzer
15 * By Gerald Combs <gerald@zing.org>
16 * Copyright 1998 Gerald Combs
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version 2
22 * of the License, or (at your option) any later version.
24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with this program; if not, write to the Free Software
31 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
42 #ifdef HAVE_SYS_TYPES_H
43 # include <sys/types.h>
46 #ifdef HAVE_NETINET_IN_H
47 # include <netinet/in.h>
52 #include "packet-ospf.h"
56 dissect_ospf(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) {
59 GtkWidget *ospf_tree = NULL, *ti;
60 GtkWidget *ospf_header_tree;
64 ospfh = (e_ospfhdr *) &pd[offset];
66 switch(ospfh->packet_type) {
68 packet_type="Hello Packet";
71 packet_type="DB Descr.";
74 packet_type="LS Request";
77 packet_type="LS Update";
80 packet_type="LS Acknowledge";
83 /* XXX - set it to some string with the value of
84 "ospfh->packet_type"? */
87 if (fd->win_info[COL_NUM]) {
88 strcpy(fd->win_info[COL_PROTOCOL], "OSPF");
89 sprintf(fd->win_info[COL_INFO], "%s", packet_type);
93 ti = add_item_to_tree(GTK_WIDGET(tree), offset, ntohs(ospfh->length), "Open Shortest Path First");
94 ospf_tree = gtk_tree_new();
95 add_subtree(ti, ospf_tree, ETT_OSPF);
97 ti = add_item_to_tree(GTK_WIDGET(ospf_tree), offset, OSPF_HEADER_LENGTH, "OSPF Header");
98 ospf_header_tree = gtk_tree_new();
99 add_subtree(ti, ospf_header_tree, ETT_OSPF_HDR);
101 add_item_to_tree(ospf_header_tree, offset, 1, "OSPF Version: %d", ospfh->version);
102 add_item_to_tree(ospf_header_tree, offset + 1 , 1, "OSPF Packet Type: %d (%s)",
103 ospfh->packet_type, packet_type);
104 add_item_to_tree(ospf_header_tree, offset + 2 , 2, "Packet Legth: %d",
105 ntohs(ospfh->length));
106 add_item_to_tree(ospf_header_tree, offset + 4 , 4, "Source OSPF Router ID: %s",
108 ip_to_str((guint8 *) &(ospfh->routerid)));
109 if (!(ospfh->area)) {
110 add_item_to_tree(ospf_header_tree, offset + 8 , 4, "Area ID: Backbone");
112 add_item_to_tree(ospf_header_tree, offset + 8 , 4, "Area ID: %s", ip_to_str((guint8 *) &(ospfh->area)));
114 add_item_to_tree(ospf_header_tree, offset + 12 , 2, "Packet Checksum");
115 switch( ntohs(ospfh->auth_type) ) {
117 add_item_to_tree(ospf_header_tree, offset + 14 , 2, "Auth Type: none");
118 add_item_to_tree(ospf_header_tree, offset + 16 , 8, "Auth Data (none)");
120 case OSPF_AUTH_SIMPLE:
121 add_item_to_tree(ospf_header_tree, offset + 14 , 2, "Auth Type: simple");
122 strncpy(auth_data, &(ospfh->auth_data), 8);
123 add_item_to_tree(ospf_header_tree, offset + 16 , 8, "Auth Data: %s", auth_data);
125 case OSPF_AUTH_CRYPT:
126 add_item_to_tree(ospf_header_tree, offset + 14 , 2, "Auth Type: crypt");
127 add_item_to_tree(ospf_header_tree, offset + 16 , 8, "Auth Data (crypt)");
130 add_item_to_tree(ospf_header_tree, offset + 14 , 2, "Auth Type (unknown)");
131 add_item_to_tree(ospf_header_tree, offset + 16 , 8, "Auth Data (unknown)");
136 /* Skip over header */
137 offset += OSPF_HEADER_LENGTH;
138 switch(ospfh->packet_type){
140 dissect_ospf_hello(pd, offset, fd, (GtkTree *) ospf_tree);
143 dissect_ospf_db_desc(pd, offset, fd, (GtkTree *) ospf_tree);
146 dissect_ospf_ls_req(pd, offset, fd, (GtkTree *) ospf_tree);
149 dissect_ospf_ls_upd(pd, offset, fd, (GtkTree *) ospf_tree);
152 dissect_ospf_ls_ack(pd, offset, fd, (GtkTree *) ospf_tree);
155 dissect_data(pd, offset, fd, tree);
160 dissect_ospf_hello(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) {
161 e_ospf_hello *ospfhello;
162 guint32 *ospfneighbor;
166 GtkWidget *ospf_hello_tree, *ti;
168 ospfhello = (e_ospf_hello *) &pd[offset];
171 ti = add_item_to_tree(GTK_WIDGET(tree), offset, (fd->cap_len - offset) , "OSPF Hello Packet");
172 ospf_hello_tree = gtk_tree_new();
173 add_subtree(ti, ospf_hello_tree, ETT_OSPF_HELLO);
176 add_item_to_tree(ospf_hello_tree, offset , 4, "Network Mask: %s", ip_to_str((guint8 *) &ospfhello->network_mask));
177 add_item_to_tree(ospf_hello_tree, offset + 4, 2, "Hello Intervall: %d seconds", ntohs(ospfhello->hellointervall));
179 /* ATTENTION !!! no check for length of options string */
181 if(( ospfhello->options & OSPF_OPTIONS_E ) == OSPF_OPTIONS_E){
182 strcpy( (char *)(options + options_offset), "E");
185 if(( ospfhello->options & OSPF_OPTIONS_MC ) == OSPF_OPTIONS_MC){
186 strcpy((char *) (options + options_offset), "/MC");
189 if(( ospfhello->options & OSPF_OPTIONS_NP ) == OSPF_OPTIONS_NP){
190 strcpy((char *) (options + options_offset), "/NP");
193 if(( ospfhello->options & OSPF_OPTIONS_EA ) == OSPF_OPTIONS_EA){
194 strcpy((char *) (options + options_offset) , "/EA");
197 if(( ospfhello->options & OSPF_OPTIONS_DC ) == OSPF_OPTIONS_DC){
198 strcpy((char *) (options + options_offset) , "/DC");
202 add_item_to_tree(ospf_hello_tree, offset + 6, 1, "Options: %d (%s)", ospfhello->options, options);
203 add_item_to_tree(ospf_hello_tree, offset + 7, 1, "Router Priority: %d", ospfhello->priority);
204 add_item_to_tree(ospf_hello_tree, offset + 8, 4, "RouterDeadIntervall: %ld seconds", (long)ntohl(ospfhello->dead_interval));
205 add_item_to_tree(ospf_hello_tree, offset + 12, 4, "Designated Router: %s", ip_to_str((guint8 *) &ospfhello->drouter));
206 add_item_to_tree(ospf_hello_tree, offset + 16, 4, "Backup Designated Router: %s", ip_to_str((guint8 *) &ospfhello->bdrouter));
210 while(((int)(fd->cap_len - offset)) >= 4){
211 printf("%d", fd->cap_len - offset);
212 ospfneighbor=(guint32 *) &pd[offset];
213 add_item_to_tree(ospf_hello_tree, offset, 4, "Active Neighbor: %s", ip_to_str((guint8 *) ospfneighbor));
220 dissect_ospf_db_desc(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) {
221 e_ospf_dbd *ospf_dbd;
227 GtkWidget *ospf_db_desc_tree=NULL, *ti;
229 ospf_dbd = (e_ospf_dbd *) &pd[offset];
232 ti = add_item_to_tree(GTK_WIDGET(tree), offset, (fd->cap_len - offset) , "OSPF DB Description");
233 ospf_db_desc_tree = gtk_tree_new();
234 add_subtree(ti, ospf_db_desc_tree, ETT_OSPF_DESC);
236 add_item_to_tree(ospf_db_desc_tree, offset, 2, "Interface MTU: %d", ntohs(ospf_dbd->interface_mtu) );
240 if(( ospf_dbd->options & OSPF_OPTIONS_E ) == OSPF_OPTIONS_E){
241 strcpy( (char *)(options + options_offset), "_E_");
244 if(( ospf_dbd->options & OSPF_OPTIONS_MC ) == OSPF_OPTIONS_MC){
245 strcpy((char *) (options + options_offset), "_MC_");
248 if(( ospf_dbd->options & OSPF_OPTIONS_NP ) == OSPF_OPTIONS_NP){
249 strcpy((char *) (options + options_offset), "_NP_");
252 if(( ospf_dbd->options & OSPF_OPTIONS_EA ) == OSPF_OPTIONS_EA){
253 strcpy((char *) (options + options_offset) , "_EA_");
256 if(( ospf_dbd->options & OSPF_OPTIONS_DC ) == OSPF_OPTIONS_DC){
257 strcpy((char *) (options + options_offset) , "_DC_");
261 add_item_to_tree(ospf_db_desc_tree, offset + 2 , 1, "Options: %d (%s)", ospf_dbd->options, options );
265 if(( ospf_dbd->flags & OSPF_DBD_FLAG_MS ) == OSPF_DBD_FLAG_MS){
266 strcpy( (char *)(flags + flags_offset), "_I_");
269 if(( ospf_dbd->flags & OSPF_DBD_FLAG_M ) == OSPF_DBD_FLAG_M){
270 strcpy((char *) (flags + flags_offset), "_M_");
273 if(( ospf_dbd->flags & OSPF_DBD_FLAG_I ) == OSPF_DBD_FLAG_I){
274 strcpy((char *) (flags + flags_offset), "_I_");
278 add_item_to_tree(ospf_db_desc_tree, offset + 3 , 1, "Flags: %d (%s)", ospf_dbd->flags, flags );
279 add_item_to_tree(ospf_db_desc_tree, offset + 4 , 4, "DD Sequence: %ld", (long)ntohl(ospf_dbd->dd_sequence) );
281 /* LS Headers will be processed here */
282 /* skip to the end of DB-Desc header */
284 while( ((int) (fd->cap_len - offset)) >= OSPF_LSA_HEADER_LENGTH ) {
285 dissect_ospf_lsa(pd, offset, fd, (GtkTree *) tree, FALSE);
286 offset+=OSPF_LSA_HEADER_LENGTH;
291 dissect_ospf_ls_req(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) {
292 e_ospf_ls_req *ospf_lsr;
294 GtkWidget *ospf_lsr_tree, *ti;
297 /* zero or more LS requests may be within a LS Request */
298 /* we place every request for a LSA in a single subtree */
300 while( ((int) ( fd->cap_len - offset)) >= OSPF_LS_REQ_LENGTH ){
301 ospf_lsr = (e_ospf_ls_req *) &pd[offset];
302 ti = add_item_to_tree(GTK_WIDGET(tree), offset, OSPF_LS_REQ_LENGTH, "Link State Request");
303 ospf_lsr_tree = gtk_tree_new();
304 add_subtree(ti, ospf_lsr_tree, ETT_OSPF_LSR);
306 switch( ntohl( ospf_lsr->ls_type ) ){
307 case OSPF_LSTYPE_ROUTER:
308 add_item_to_tree(ospf_lsr_tree, offset, 4, "LS Type: Router-LSA (%ld)",
309 (long)ntohl( ospf_lsr->ls_type ) );
311 case OSPF_LSTYPE_NETWORK:
312 add_item_to_tree(ospf_lsr_tree, offset, 4, "LS Type: Network-LSA (%ld)",
313 (long)ntohl( ospf_lsr->ls_type ) );
315 case OSPF_LSTYPE_SUMMERY:
316 add_item_to_tree(ospf_lsr_tree, offset, 4, "LS Type: Summary-LSA (IP network) (%ld)",
317 (long)ntohl( ospf_lsr->ls_type ) );
319 case OSPF_LSTYPE_ASBR:
320 add_item_to_tree(ospf_lsr_tree, offset, 4, "LS Type: Summary-LSA (ASBR) (%ld)",
321 (long)ntohl( ospf_lsr->ls_type ) );
323 case OSPF_LSTYPE_ASEXT:
324 add_item_to_tree(ospf_lsr_tree, offset, 4, "LS Type: AS-External-LSA (ASBR) (%ld)",
325 (long)ntohl( ospf_lsr->ls_type ) );
328 add_item_to_tree(ospf_lsr_tree, offset, 4, "LS Type: %ld (unknown)",
329 (long)ntohl( ospf_lsr->ls_type ) );
332 add_item_to_tree(ospf_lsr_tree, offset + 4, 4, "Link State ID : %s",
333 ip_to_str((guint8 *) &(ospf_lsr->ls_id)));
334 add_item_to_tree(ospf_lsr_tree, offset + 8, 4, "Advertising Router : %s",
335 ip_to_str((guint8 *) &(ospf_lsr->adv_router)));
342 dissect_ospf_ls_upd(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) {
343 e_ospf_lsa_upd_hdr *upd_hdr;
346 GtkWidget *ospf_lsa_upd_tree=NULL, *ti;
348 upd_hdr = (e_ospf_lsa_upd_hdr *) &pd[offset];
351 ti = add_item_to_tree(GTK_WIDGET(tree), offset, (fd->cap_len - offset) , "LS Update Packet");
352 ospf_lsa_upd_tree = gtk_tree_new();
353 add_subtree(ti, ospf_lsa_upd_tree, ETT_OSPF_LSA_UPD);
355 add_item_to_tree(ospf_lsa_upd_tree, offset, 4, "Nr oF LSAs: %ld", (long)ntohl(upd_hdr->lsa_nr) );
357 /* skip to the beginning of the first LSA */
358 offset+=4; /* the LS Upd PAcket contains only a 32 bit #LSAs field */
361 while(lsa_counter < ntohl(upd_hdr->lsa_nr)){
362 offset+=dissect_ospf_lsa(pd, offset, fd, (GtkTree *) ospf_lsa_upd_tree, TRUE);
368 dissect_ospf_ls_ack(const u_char *pd, int offset, frame_data *fd, GtkTree *tree) {
370 /* the body of a LS Ack packet simply contains zero or more LSA Headers */
371 while( ((int)(fd->cap_len - offset)) >= OSPF_LSA_HEADER_LENGTH ) {
372 dissect_ospf_lsa(pd, offset, fd, (GtkTree *) tree, FALSE);
373 offset+=OSPF_LSA_HEADER_LENGTH;
379 dissect_ospf_lsa(const u_char *pd, int offset, frame_data *fd, GtkTree *tree, int disassemble_body) {
380 e_ospf_lsa_hdr *lsa_hdr;
383 /* data strutures for the router LSA */
384 e_ospf_router_lsa *router_lsa;
385 e_ospf_router_data *router_data;
386 e_ospf_router_metric *tos_data;
387 guint16 link_counter;
392 /* data structures for the network lsa */
393 e_ospf_network_lsa *network_lsa;
394 guint32 *attached_router;
396 /* data structures for the summary and ASBR LSAs */
397 e_ospf_summary_lsa *summary_lsa;
399 /* data structures for the AS-External LSA */
400 e_ospf_asexternal_lsa asext_lsa;
401 guint32 asext_metric;
403 GtkWidget *ospf_lsa_tree, *ti;
405 lsa_hdr = (e_ospf_lsa_hdr *) &pd[offset];
409 switch(lsa_hdr->ls_type) {
410 case OSPF_LSTYPE_ROUTER:
411 lsa_type="Router LSA";
413 case OSPF_LSTYPE_NETWORK:
414 lsa_type="Network LSA";
416 case OSPF_LSTYPE_SUMMERY:
417 lsa_type="Summery LSA";
419 case OSPF_LSTYPE_ASBR:
422 case OSPF_LSTYPE_ASEXT:
423 lsa_type="AS-external-LSA";
430 if(disassemble_body){
431 ti = add_item_to_tree(GTK_WIDGET(tree), offset, ntohs(lsa_hdr->length),
432 "%s (Type: %d)", lsa_type, lsa_hdr->ls_type);
434 ti = add_item_to_tree(GTK_WIDGET(tree), offset, OSPF_LSA_HEADER_LENGTH, "LSA Header");
436 ospf_lsa_tree = gtk_tree_new();
437 add_subtree(ti, ospf_lsa_tree, ETT_OSPF_LSA);
440 add_item_to_tree(ospf_lsa_tree, offset, 2, "LS Age: %d seconds", ntohs(lsa_hdr->ls_age));
441 add_item_to_tree(ospf_lsa_tree, offset + 2, 1, "Options: %d ", lsa_hdr->options);
442 add_item_to_tree(ospf_lsa_tree, offset + 3, 1, "LSA Type: %d (%s)", lsa_hdr->ls_type, lsa_type);
444 add_item_to_tree(ospf_lsa_tree, offset + 4, 4, "Linke State ID: %s ",
445 ip_to_str((guint8 *) &(lsa_hdr->ls_id)));
447 add_item_to_tree(ospf_lsa_tree, offset + 8, 4, "Advertising Router: %s ",
448 ip_to_str((guint8 *) &(lsa_hdr->adv_router)));
449 add_item_to_tree(ospf_lsa_tree, offset + 12, 4, "LS Sequence Number: 0x%04lx ",
450 (unsigned long)ntohl(lsa_hdr->ls_seq));
451 add_item_to_tree(ospf_lsa_tree, offset + 16, 2, "LS Checksum: %d ", ntohs(lsa_hdr->ls_checksum));
453 add_item_to_tree(ospf_lsa_tree, offset + 18, 2, "Length: %d ", ntohs(lsa_hdr->length));
455 if(!disassemble_body){
456 return OSPF_LSA_HEADER_LENGTH;
459 /* the LSA body starts afte 20 bytes of LSA Header */
462 switch(lsa_hdr->ls_type){
463 case(OSPF_LSTYPE_ROUTER):
464 router_lsa = (e_ospf_router_lsa *) &pd[offset];
466 /* again: flags should be secified in detail */
467 add_item_to_tree(ospf_lsa_tree, offset, 1, "Flags: 0x%02x ", router_lsa->flags);
468 add_item_to_tree(ospf_lsa_tree, offset + 2, 2, "Nr. of Links: %d ",
469 ntohs(router_lsa->nr_links));
471 /* router_lsa->nr_links links follow
472 * maybe we should put each of the links into its own subtree ???
474 for(link_counter = 1 ; link_counter <= ntohs(router_lsa->nr_links); link_counter++){
476 router_data = (e_ospf_router_data *) &pd[offset];
477 /* check the Link Type and ID */
478 switch(router_data->link_type) {
480 link_type="Point-to-point connection to another router";
481 link_id="Neighboring router's Router ID";
483 case OSPF_LINK_TRANSIT:
484 link_type="Connection to a transit network";
485 link_id="IP address of Designated Router";
488 link_type="Connection to a stub network";
489 link_id="IP network/subnet number";
491 case OSPF_LINK_VIRTUAL:
492 link_type="Virtual link";
493 link_id="Neighboring router's Router ID";
496 link_type="unknown link type";
497 link_id="unknown link id";
500 add_item_to_tree(ospf_lsa_tree, offset, 4, "%s: %s", link_id,
501 ip_to_str((guint8 *) &(router_data->link_id)));
503 /* link_data should be specified in detail (e.g. network mask) (depends on link type)*/
504 add_item_to_tree(ospf_lsa_tree, offset + 4, 4, "Link Data: %s",
505 ip_to_str((guint8 *) &(router_data->link_data)));
507 add_item_to_tree(ospf_lsa_tree, offset + 8, 1, "Link Type: %d - %s",
508 router_data->link_type, link_type);
509 add_item_to_tree(ospf_lsa_tree, offset + 9, 1, "Nr. of TOS metrics: %d", router_data->nr_tos);
510 add_item_to_tree(ospf_lsa_tree, offset + 10, 2, "TOS 0 metric: %d", ntohs( router_data->tos0_metric ));
514 /* router_data->nr_tos metrics may follow each link
515 * ATTENTION: TOS metrics are not tested (I don't have TOS based routing)
516 * please send me a mail if it is/isn't working
519 for(tos_counter = 1 ; link_counter <= ntohs(router_data->nr_tos); tos_counter++){
520 tos_data = (e_ospf_router_metric *) &pd[offset];
521 add_item_to_tree(ospf_lsa_tree, offset, 1, "TOS: %d, Metric: %d",
522 tos_data->tos, ntohs(tos_data->metric));
527 case(OSPF_LSTYPE_NETWORK):
528 network_lsa = (e_ospf_network_lsa *) &pd[offset];
529 add_item_to_tree(ospf_lsa_tree, offset, 4, "Netmask: %s",
530 ip_to_str((guint8 *) &(network_lsa->network_mask)));
533 while( ((int) (fd->cap_len - offset)) >= 4){
534 attached_router = (guint32 *) &pd[offset];
535 add_item_to_tree(ospf_lsa_tree, offset, 4, "Attached Router: %s",
536 ip_to_str((guint8 *) attached_router));
540 case(OSPF_LSTYPE_SUMMERY):
541 /* Type 3 and 4 LSAs have the same format */
542 case(OSPF_LSTYPE_ASBR):
543 summary_lsa = (e_ospf_summary_lsa *) &pd[offset];
544 add_item_to_tree(ospf_lsa_tree, offset, 4, "Netmask: %s",
545 ip_to_str((guint8 *) &(summary_lsa->network_mask)));
546 /* returns only the TOS 0 metric (even if there are more TOS metrics) */
548 case(OSPF_LSTYPE_ASEXT):
549 summary_lsa = (e_ospf_summary_lsa *) &pd[offset];
550 add_item_to_tree(ospf_lsa_tree, offset, 4, "Netmask: %s",
551 ip_to_str((guint8 *) &(summary_lsa->network_mask)));
553 /* asext_lsa = (e_ospf_asexternal_lsa *) &pd[offset + 4]; */
554 memcpy(&asext_lsa, &pd[offset + 4], sizeof(asext_lsa));
555 if( (asext_lsa.options & 128) == 128 ) { /* check wether or not E bit is set */
556 add_item_to_tree(ospf_lsa_tree, offset, 1,
557 "External Type: Type 2 (metric is larger than any other link state path)");
559 add_item_to_tree(ospf_lsa_tree, offset + 4, 1,
560 "External Type: Type 1 (metric is specified in the same units as interface cost)");
562 /* the metric field of a AS-external LAS is specified in 3 bytes -> not well aligned */
563 /* this routine returns only the TOS 0 metric (even if there are more TOS metrics) */
564 memcpy(&asext_metric, &pd[offset+4], 4);
566 /* erase the leading 8 bits (the dont belong to the metric */
567 asext_metric = ntohl(asext_metric) & 0x00ffffff ;
569 add_item_to_tree(ospf_lsa_tree, offset + 5, 3,"Metric: %d", asext_metric);
570 add_item_to_tree(ospf_lsa_tree, offset + 8, 4,"Forwarding Address: %s",
571 ip_to_str((guint8 *) &(asext_lsa.gateway)));
572 add_item_to_tree(ospf_lsa_tree, offset + 12, 4,"External Route Tag: %d", ntohl(asext_lsa.external_tag));
576 /* unknown LSA type */
577 add_item_to_tree(ospf_lsa_tree, offset, (fd->cap_len - offset), "Unknown LSA Type");
580 /* return the length of this LSA */
581 return ntohs(lsa_hdr->length);
git.samba.org / obnox / wireshark / wip.git / blob