Commit Graph

42 Commits

Author SHA1 Message Date
Francois-Xavier Le Bail
0175075ccd Remove unused TCP ports 2018-10-02 19:27:08 +02:00
Guy Harris
f727010777 Get rid of ND_UNALIGNED.
Structures that describe packet formats now all use nd_ types, none of
which require more than 1-byte alignment, so compilers shouldn't assume
that anything in those structures is aligned on any particular boundary,
even without a "this is unaligned" hint.
2018-02-14 14:03:41 -08:00
Guy Harris
45fc519a2a Don't test for __attribute__ in the configure script.
Instead, use compiler test macros to check whether *particular*
attributes are supported, and set various #defines appropriately, in
header files.

Rename the UNALIGNED structure attribute to ND_UNALIGNED, and ask
whether we still need it.
2018-01-21 17:57:20 -08:00
Guy Harris
0f328b4aa1 More nd_ification of structures.
We don't need to use & to get a pointer to an nd_uintN_t/nd_intN_t type,
as they're arrays.
2017-12-11 00:17:47 -08:00
Denis Ovsienko
185b7ce04b WHOIS is a plain text protocol, why not decode it.
With txtproto_print() this has become trivial. Add a test.
2017-10-07 18:51:28 +01:00
Denis Ovsienko
4804e66125 TCP: put TCP-AO option decoding right
As it was correctly pointed out in GitHub issue #516, the TCPOPT_TCPAO
(formerly TCPOPT_AUTH) case had an issue with option length processing,
though without significant consequences thanks to a check elsewhere.
Besides that, the old code (introduced in 2005) decoded a structure
similar to a proposed encoding variant of the early (first published in
2007) revisions of the Internet-Draft but different from the encoding
of RFC 5925 (published in 2010). These issues are now addressed and the
TCP option renamed to TCP-AO.
2017-01-18 09:16:41 +01:00
Patrik Lundquist
2857c0bded Correct TCP option Kind value for TCP Auth and add SCPS-TP.
Fixes first problem in issue #516 while the second one isn't broken in tcpdump.
2017-01-18 09:16:41 +01:00
Denis Ovsienko
502befca57 Revert "Correct TCP option Kind value for TCP Auth and add SCPS-TP."
This reverts commit 986b783f05.
2017-01-18 09:16:35 +01:00
Denis Ovsienko
9553478d61 Revert "TCP: put TCP-AO option decoding right"
This reverts commit 87dba33322.
2017-01-18 09:16:34 +01:00
Denis Ovsienko
87dba33322 TCP: put TCP-AO option decoding right
As it was correctly pointed out in GitHub issue #516, the TCPOPT_TCPAO
(formerly TCPOPT_AUTH) case had an issue with option length processing,
though without significant consequences thanks to a check elsewhere.
Besides that, the old code (introduced in 2005) decoded a structure
similar to a proposed encoding variant of the early (first published in
2007) revisions of the Internet-Draft but different from the encoding
of RFC 5925 (published in 2010). These issues are now addressed and the
TCP option renamed to TCP-AO.
2016-11-01 17:32:44 +00:00
Patrik Lundquist
986b783f05 Correct TCP option Kind value for TCP Auth and add SCPS-TP.
Fixes first problem in issue #516 while the second one isn't broken in tcpdump.
2016-11-01 15:08:24 +00:00
Andrew Darqui
fc213645d4 Initial support for the REdis Serialization Protocol known as RESP.
This commit adds support for RESP as defined in: http://redis.io/topics/protocol.
It also supports inline commands and pipelining. Due to the popularity of RESP,
numerous services are emerging that use this protocol. You may decode RESP packets
on arbitrary ports using the "-T resp" option.

Example captures can be found in tests/resp_*.

A simple way to test this parser is to start redis-server and then run
redis-cli commands such as "redis-cli set key value".

Traditionally, redis-cli monitor is used to debug redis. Unfortunately,
the "monitor" command can cause significant load on a redis-server in
production. This parser may be used as a non-invasive alternative to
redis-cli monitor.
2016-04-26 11:00:21 +02:00
Guy Harris
91573678a1 NetBIOS Name Service can run over TCP. 2015-07-14 13:47:32 -07:00
Guy Harris
09533cc93e Clean up the port definitions.
From Bill Parker: sort the port definitions, add some additional
ports, and use #ifndef/#endif around all definitions.

From me: use consistent indentation, add the RFCs for NetBIOS-over-TCP
to the #defines for the NBT ports, and don't keep the IPv6 ports
separate.
2015-07-14 13:39:22 -07:00
Denis Ovsienko
3ba4165c4b refine use of nameser.h
Move the port number #define's to the TCP and UDP files such that they
don't require nameser.h anymore. Update the TCP printer to disregard the
multicast DNS port as it is UDP-only.
2015-07-13 10:15:32 +01:00
Daniel Lee
cc469325c3 Add support for TCP Fast Open official IANA option number
https://tools.ietf.org/html/rfc7413
2015-04-08 12:45:33 -07:00
Guy Harris
b83e04bd09 Add a routine to print "text protocols", and add FTP/HTTP/SMTP/RTSP support.
"Text protocols" are protocols that have the general feel of FTP, with
command lines with a command name and space-separated arguments and
response lines beginning with a 3-digit reply code.  They can also
include HTTP-style headers and an entity body.

We add support for the FTP control channel, HTTP, SMTP, and RTSP.  We
also change the SIP printer to use it.
2014-10-19 11:21:44 -07:00
Guy Harris
a2633f2f21 More fixes for uint8_t being shorter than u_int8_t.
Fix a typo while we're at it.
2014-04-23 11:53:22 -07:00
Guy Harris
dbddfda2c8 More getting rid of old u_intN_t. 2014-04-23 00:45:13 -07:00
Denis Ovsienko
cbaf0fdfb3 OpenFlow: add IANA-allocated TCP port
OF specifications 1.0.2 and 1.3.3 use a different port number. That
said, the old port is still likely to be seen in the wild after 4 years
of deployment. Let tcpdump recognize both for a while.
2014-03-25 23:27:23 +04:00
Guy Harris
25d016f61a Mark the TCP header structure as unaligned. 2014-01-15 14:32:39 -08:00
Denis Ovsienko
fe3253b9b8 remove tcpdump's own CVS keywords
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
2014-01-03 00:59:08 +04:00
Longinus00
b0614b45ac add support for experimental tcp fast open and parsing experimental options 2013-10-03 11:04:06 +04:00
Denis Ovsienko
ceeea95918 add minimal OpenFlow decoding framework
This change registers OpenFlow TCP port number and adds processing of
respective packets with openflow_print(), a new function that
understands the minimal OpenFlow header format and can iterate over
messages within a snapshot that starts with the header.
2013-05-29 13:03:23 +04:00
Gregory Detal
578dd316f3 Multipath TCP (RFC 6824) support
This commit adds the support of Multipath TCP (MPTCP). MPTCP is a new
extension to TCP standardized at the IETF. MPTCP allows to use several IP
addresses at the same time by distributing data across several subflows (TCP
connections) while still presenting the standard TCP socket API to the
application. Its benefits are better resource utilization, better throughput
and smoother reaction to failures.
2013-04-14 18:20:26 -04:00
Alexis La Goutte
3e75d63a77 The port for RPKI-RTR (RFC6810) is now official (TCP Port 323) 2013-02-04 14:48:45 +01:00
Hannes Gredler
917f5f341f add support for the RPKI/Router Protocol as per draft-ietf-sidr-rpki-rtr-12 2011-06-16 17:17:20 +02:00
Guy Harris
832d2c7338 From Fang Wang:
RFC 5482 specifies a new TCP option -- the TCP User Timeout
	Option (UTO) -- that allows one end of a TCP connection to
	advertise its current user timeout value.  The Kind of UTO
	option is 28 and the Length is 4.  The tcpdump currently does
	not recognize UTO option.
2009-08-18 15:02:37 -07:00
guy
a11ed8914e SMB-over-TCP (port 445) support. 2007-12-09 00:30:47 +00:00
hannes
9427d40c14 change the TCP printer to print new-style order:
- seperate fields by comma
  - use [] for flags and options sets
  - print a trailing length field

make use of tok2str() and bitttok2str()
move port definitions into tcp.h
2007-01-29 09:59:42 +00:00
hannes
95f66c8c62 add basic support for keyed authentication TCP option 2005-11-29 09:07:47 +00:00
guy
8234cdad9b From Bruce M. Simpson: add a "-M" flag to specify a shared secret for
TCP-MD5 (RFC 2385) digest verification if we have libcrypto.
2004-03-23 07:15:36 +00:00
guy
fcc82f451d The "__attribute__((packed))" tag on structures causes some files not to
compile with Sun C, as "interface.h" isn't being included before the
structures are being declared.

Furthermore, in the files that Sun C *can* compile, it doesn't cause Sun
C to generate code that's safe with unaligned accesses, as
"__attribute__" is defined as a do-nothing macro with compilers that
don't support it.

Therefore, we get rid of that tag on the structures to which it was
added, and instead use "EXTRACT_16BIT()" and "EXTRACT_32BIT()" to fetch
16-bit and 32-bit big-endian quantities from packets.  We also fix some
other references to multi-byte quantities to get rid of code that tries
to do unaligned loads on platforms that don't support them.

We also throw in a hack that makes those macros use
"__attribute__((packed))" on structures containing only one 16-bit or
32-bit integer to get the compiler to generate unaligned-safe code
rather than doing it by hand.  (GCC on SPARC produces the same code that
doing it by hand does; I don't know if GCC on any other big-endian
strict-alignment processor generates better code for that case.  On
little-endian processors, as "ntohs()" and "ntohl()" might be functions,
that might actually produce worse code.)

Fix some places to use "%u" rather than "%d" to print unsigned
quantities.
2002-12-11 07:13:49 +00:00
itojun
10afb02ac8 put __attribute__((packed)) to packet headers. s/u_short/u_int16_t/ and so
forth while i'm here
2002-11-09 17:19:16 +00:00
fenner
5de6f0fd81 Move some stuff that tried to make up for system headers from print-tcp.c
to tcp.h, since don't use the system headers now anyway it was just
 making up for our own tcp.h.
2001-05-09 01:16:57 +00:00
guy
2030f51199 C bitfields are no longer being used to extract bit fields from the IP
and TCP headers, so there's no need to stuff the byte-order stuff into
these header files.
2000-10-03 09:17:40 +00:00
itojun
9d45fb750b fix mistake in bitfield conversion 2000-10-03 03:14:46 +00:00
itojun
fb75d3cd5a always use u_intXX_t for protocol format declaration. char/short/int may not
come with exact size.  while at it, correct signedness of ip/udp header field.
nuke most of the use of bitfield.
TODO: bitfield in namser.h
2000-10-03 02:54:54 +00:00
itojun
cdaba7de64 do not use integer bitfield when we care about the resulting member size.
u_int x:4, y:4; will occupy sizeof(int) on some platforms, while it occupy
1 byte on some platforms.  use macro to decode th_off.
2000-10-03 02:26:53 +00:00
guy
6de29a0314 Declare bitfields as "u_int", not "u_char"; ANSI C doesn't guarantee
that bitfields other than "int" or "unsigned int" are allowed, some
compilers warn about them, and, given that the declaration of a bit
field says how many bits it is wide, declaring them "u_char" doesn't
have any advantage (other than making it a bit clearer, when reading the
header, that the bitfields in question are part of a single byte).
2000-09-29 05:05:47 +00:00
guy
536f512583 Add an "ip.h" header, to declare the IP stuff needed by dissectors, and
have dissectors include them rather than <netinet/ip.h> or
<netinet/ip_var.h>, if they actually need that stuff.

Put the declarations of the ICMP stuff directly into "print-icmp.c".

Remove all unnecessary includes of <netinet/ip*.h> files.

Copy the byte-order stuff from "nameser.h" into "tcp.h".
2000-09-23 08:54:24 +00:00
guy
7b50febe28 Add "tcp.h" and "udp.h" headers, to declare the TCP and UDP stuff needed
by dissectors, and have dissectors include them rather than
<netinet/udp.h>, <netinet/udp_var.h>, or <netinet/tcp.h>, if they
actually need that stuff.

Remove all unnecessary includes of <netinet/udp*.h> or <netinet/tcp*.h>
files.
2000-09-23 08:26:30 +00:00