Permalink
Browse files

From Sepherosa Ziehau: additional filter operations for 802.11 frame

types.  Modified to add ieee80211.h from FreeBSD, rather than depending
on the OS supplying the header, and to support all 802.11 radio header
types.

Clean up some link-layer type checks and the messages for failing those
checks.
  • Loading branch information...
1 parent 04203b9 commit 885670183dcf0f7ca39424a0f6ff9c6c1401b2ef @yuguy yuguy committed Mar 11, 2007
Showing with 308 additions and 37 deletions.
  1. +1 −0 CREDITS
  2. +1 −0 FILES
  3. +2 −1 INSTALL.txt
  4. +64 −31 gencode.c
  5. +3 −1 gencode.h
  6. +87 −3 grammar.y
  7. +146 −0 ieee80211.h
  8. +4 −1 scanner.l
View
@@ -86,6 +86,7 @@ Additional people who have contributed patches:
Scott Barron <sb125499@ohiou.edu>
Scott Gifford <sgifford@tir.com>
Sebastian Krahmer <krahmer@cs.uni-potsdam.de>
+ Sepherosa Ziehau <sepherosa@gmail.com>
Shaun Clowes <delius@progsoc.uts.edu.au>
Solomon Peachy <pizza@shaftnet.org>
Stefan Hudson <hudson@mbay.net>
View
1 FILES
@@ -44,6 +44,7 @@ findalldevstest.c
gencode.c
gencode.h
grammar.y
+ieee80211.h
inet.c
install-sh
lbl/os-aix4.h
View
@@ -1,4 +1,4 @@
-@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.18 2006-10-13 17:46:45 guy Exp $ (LBL)
+@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.19 2007-03-11 04:35:24 guy Exp $ (LBL)
To build libpcap, run "./configure" (a shell script). The configure
script will determine your system attributes and generate an
@@ -338,6 +338,7 @@ findalldevstest.c - test program for pcap_findalldevs()
gencode.c - BPF code generation routines
gencode.h - BPF code generation definitions
grammar.y - filter string grammar
+ieee80211.h - 802.11 definitions
inet.c - network routines
install-sh - BSD style install script
lbl/os-*.h - OS-dependent defines and prototypes
View
@@ -21,7 +21,7 @@
*/
#ifndef lint
static const char rcsid[] _U_ =
- "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.276 2007-02-08 07:15:27 guy Exp $ (LBL)";
+ "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.277 2007-03-11 04:35:24 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@@ -1959,12 +1959,12 @@ gen_linktype(proto)
switch (proto) {
case ETHERTYPE_IP:
case PPP_IP:
- /* FIXME add other L3 proto IDs */
+ /* FIXME add other L3 proto IDs */
return gen_mpls_linktype(Q_IP);
case ETHERTYPE_IPV6:
case PPP_IPV6:
- /* FIXME add other L3 proto IDs */
+ /* FIXME add other L3 proto IDs */
return gen_mpls_linktype(Q_IPV6);
default:
@@ -6224,7 +6224,7 @@ gen_inbound(dir)
/* match incoming packets */
b0 = gen_mcmp(OR_LINK, 3, BPF_B, 1, 0x01);
}
- break;
+ break;
default:
bpf_error("inbound/outbound not supported on linktype %d",
@@ -6242,13 +6242,12 @@ gen_pf_ifname(const char *ifname)
struct block *b0;
u_int len, off;
- if (linktype == DLT_PFLOG) {
- len = sizeof(((struct pfloghdr *)0)->ifname);
- off = offsetof(struct pfloghdr, ifname);
- } else {
- bpf_error("ifname not supported on linktype 0x%x", linktype);
+ if (linktype != DLT_PFLOG) {
+ bpf_error("ifname supported only on PF linktype");
/* NOTREACHED */
}
+ len = sizeof(((struct pfloghdr *)0)->ifname);
+ off = offsetof(struct pfloghdr, ifname);
if (strlen(ifname) >= len) {
bpf_error("ifname interface names can only be %d characters",
len-1);
@@ -6265,14 +6264,16 @@ gen_pf_ruleset(char *ruleset)
struct block *b0;
if (linktype != DLT_PFLOG) {
- bpf_error("ruleset not supported on linktype 0x%x", linktype);
+ bpf_error("ruleset supported only on PF linktype");
/* NOTREACHED */
}
+
if (strlen(ruleset) >= sizeof(((struct pfloghdr *)0)->ruleset)) {
bpf_error("ruleset names can only be %ld characters",
(long)(sizeof(((struct pfloghdr *)0)->ruleset) - 1));
/* NOTREACHED */
}
+
b0 = gen_bcmp(OR_LINK, offsetof(struct pfloghdr, ruleset),
strlen(ruleset), (const u_char *)ruleset);
return (b0);
@@ -6284,14 +6285,13 @@ gen_pf_rnr(int rnr)
{
struct block *b0;
- if (linktype == DLT_PFLOG) {
- b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, rulenr), BPF_W,
- (bpf_int32)rnr);
- } else {
- bpf_error("rnr not supported on linktype 0x%x", linktype);
+ if (linktype != DLT_PFLOG) {
+ bpf_error("rnr supported only on PF linktype");
/* NOTREACHED */
}
+ b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, rulenr), BPF_W,
+ (bpf_int32)rnr);
return (b0);
}
@@ -6302,7 +6302,7 @@ gen_pf_srnr(int srnr)
struct block *b0;
if (linktype != DLT_PFLOG) {
- bpf_error("srnr not supported on linktype 0x%x", linktype);
+ bpf_error("srnr supported only on PF linktype");
/* NOTREACHED */
}
@@ -6317,14 +6317,13 @@ gen_pf_reason(int reason)
{
struct block *b0;
- if (linktype == DLT_PFLOG) {
- b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, reason), BPF_B,
- (bpf_int32)reason);
- } else {
- bpf_error("reason not supported on linktype 0x%x", linktype);
+ if (linktype != DLT_PFLOG) {
+ bpf_error("reason supported only on PF linktype");
/* NOTREACHED */
}
+ b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, reason), BPF_B,
+ (bpf_int32)reason);
return (b0);
}
@@ -6334,14 +6333,36 @@ gen_pf_action(int action)
{
struct block *b0;
- if (linktype == DLT_PFLOG) {
- b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, action), BPF_B,
- (bpf_int32)action);
- } else {
- bpf_error("action not supported on linktype 0x%x", linktype);
+ if (linktype != DLT_PFLOG) {
+ bpf_error("action supported only on PF linktype");
/* NOTREACHED */
}
+ b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, action), BPF_B,
+ (bpf_int32)action);
+ return (b0);
+}
+
+/* IEEE 802.11 wireless header */
+struct block *
+gen_p80211_type(int type, int mask)
+{
+ struct block *b0;
+
+ switch (linktype) {
+
+ case DLT_IEEE802_11:
+ case DLT_PRISM_HEADER:
+ case DLT_IEEE802_11_RADIO_AVS:
+ case DLT_IEEE802_11_RADIO:
+ b0 = gen_mcmp(OR_LINK, 0, BPF_B, (bpf_int32)type,
+ (bpf_int32)mask);
+ break;
+
+ default:
+ bpf_error("802.11 link-layer types supported only on 802.11");
+ /* NOTREACHED */
+ }
return (b0);
}
@@ -6350,12 +6371,24 @@ gen_acode(eaddr, q)
register const u_char *eaddr;
struct qual q;
{
- if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) {
- if (linktype == DLT_ARCNET || linktype == DLT_ARCNET_LINUX)
- return gen_ahostop(eaddr, (int)q.dir);
+ switch (linktype) {
+
+ case DLT_ARCNET:
+ case DLT_ARCNET_LINUX:
+ if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) &&
+ q.proto == Q_LINK)
+ return (gen_ahostop(eaddr, (int)q.dir));
+ else {
+ bpf_error("ARCnet address used in non-arc expression");
+ /* NOTREACHED */
+ }
+ break;
+
+ default:
+ bpf_error("aid supported only on ARCnet");
+ /* NOTREACHED */
}
- bpf_error("ARCnet address used in non-arc expression");
- /* NOTREACHED */
+ return (NULL);
}
static struct block *
View
@@ -18,7 +18,7 @@
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.68 2007-02-08 07:15:27 guy Exp $ (LBL)
+ * @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.69 2007-03-11 04:35:24 guy Exp $ (LBL)
*/
/*
@@ -312,6 +312,8 @@ struct block *gen_pf_reason(int);
struct block *gen_pf_action(int);
struct block *gen_pf_dir(int);
+struct block *gen_p80211_type(int, int);
+
void bpf_optimize(struct block **);
void bpf_error(const char *, ...)
__attribute__((noreturn, format (printf, 1, 2)));
View
@@ -22,7 +22,7 @@
*/
#ifndef lint
static const char rcsid[] _U_ =
- "@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.95 2007-02-08 07:15:27 guy Exp $ (LBL)";
+ "@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.96 2007-03-11 04:35:24 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@@ -53,6 +53,7 @@ struct rtentry;
#include "gencode.h"
#include "pf.h"
+#include "ieee80211.h"
#include <pcap/namedb.h>
#ifdef HAVE_OS_PROTO_H
@@ -63,6 +64,10 @@ struct rtentry;
(q).dir = (d),\
(q).addr = (a)
+static const char *ieee80211_mgt_names[] = IEEE80211_MGT_SUBTYPE_NAMES;
+static const char *ieee80211_ctl_names[] = IEEE80211_CTL_SUBTYPE_NAMES;
+static const char *ieee80211_data_names[] = IEEE80211_DATA_SUBTYPE_NAMES;
+
int n_errors = 0;
static struct qual qerr = { Q_UNDEF, Q_UNDEF, Q_UNDEF, Q_UNDEF };
@@ -109,7 +114,7 @@ pcap_parse()
%type <a> arth narth
%type <i> byteop pname pnum relop irelop
%type <blk> and or paren not null prog
-%type <rblk> other pfvar
+%type <rblk> other pfvar p80211
%type <i> atmtype atmmultitype
%type <blk> atmfield
%type <blk> atmfieldvalue atmvalue atmlistvalue
@@ -143,12 +148,13 @@ pcap_parse()
%token RADIO
%token FISU LSSU MSU
%token SIO OPC DPC SLS
+%token TYPE SUBTYPE
%type <s> ID
%type <e> EID
%type <e> AID
%type <s> HID HID6
-%type <i> NUM action reason
+%type <i> NUM action reason type subtype type_subtype
%left OR AND
%nonassoc '!'
@@ -348,6 +354,7 @@ other: pqual TK_BROADCAST { $$ = gen_broadcast($1); }
| PPPOED { $$ = gen_pppoed(); }
| PPPOES { $$ = gen_pppoes(); }
| pfvar { $$ = $1; }
+ | pqual p80211 { $$ = $2; }
;
pfvar: PF_IFNAME ID { $$ = gen_pf_ifname($2); }
@@ -358,6 +365,83 @@ pfvar: PF_IFNAME ID { $$ = gen_pf_ifname($2); }
| PF_ACTION action { $$ = gen_pf_action($2); }
;
+p80211: TYPE type SUBTYPE subtype
+ { $$ = gen_p80211_type($2 | $4,
+ IEEE80211_FC0_TYPE_MASK |
+ IEEE80211_FC0_SUBTYPE_MASK);
+ }
+ | TYPE type { $$ = gen_p80211_type($2,
+ IEEE80211_FC0_TYPE_MASK);
+ }
+ | SUBTYPE type_subtype { $$ = gen_p80211_type($2,
+ IEEE80211_FC0_TYPE_MASK |
+ IEEE80211_FC0_SUBTYPE_MASK);
+ }
+ ;
+
+type: NUM
+ | ID { const char *names[] = IEEE80211_TYPE_NAMES;
+ int i, lim;
+ lim = (IEEE80211_FC0_TYPE_MASK >> IEEE80211_FC0_TYPE_SHIFT) + 1;
+ for (i = 0; i < lim; ++i) {
+ if (pcap_strcasecmp($1, names[i]) == 0) {
+ $$ = i << IEEE80211_FC0_TYPE_SHIFT;
+ break;
+ }
+ }
+ if (i == lim)
+ bpf_error("unknown 802.11 type name");
+ }
+ ;
+
+subtype: NUM
+ | ID { const char **names;
+ int i, lim;
+ if ($<i>-1 == IEEE80211_FC0_TYPE_MGT)
+ names = ieee80211_mgt_names;
+ else if ($<i>-1 == IEEE80211_FC0_TYPE_CTL)
+ names = ieee80211_ctl_names;
+ else if ($<i>-1 == IEEE80211_FC0_TYPE_DATA)
+ names = ieee80211_data_names;
+ else
+ bpf_error("unknown 802.11 type");
+ lim = (IEEE80211_FC0_SUBTYPE_MASK >> IEEE80211_FC0_SUBTYPE_SHIFT) + 1;
+ for (i = 0; i < lim; ++i) {
+ if (pcap_strcasecmp($1, names[i]) == 0) {
+ $$ = i << IEEE80211_FC0_SUBTYPE_SHIFT;
+ break;
+ }
+ }
+ if (i == lim)
+ bpf_error("unknown 802.11 subtype name");
+ }
+ ;
+
+type_subtype: ID { const char **sub_names[] = {
+ ieee80211_mgt_names,
+ ieee80211_ctl_names,
+ ieee80211_data_names
+ };
+ int i, j, lim, sub_lim;
+ sub_lim = sizeof(sub_names) / sizeof(sub_names[0]);
+ lim = (IEEE80211_FC0_SUBTYPE_MASK >> IEEE80211_FC0_SUBTYPE_SHIFT) + 1;
+ for (i = 0; i < sub_lim; ++i) {
+ const char **names = sub_names[i];
+ for (j = 0; j < lim; ++j) {
+ if (pcap_strcasecmp($1, names[j]) == 0)
+ break;
+ }
+ if (j != lim) {
+ $$ = (i << IEEE80211_FC0_TYPE_SHIFT) |
+ (j << IEEE80211_FC0_SUBTYPE_SHIFT);
+ break;
+ }
+ }
+ if (i == sub_lim)
+ bpf_error("unknown 802.11 subtype name");
+ }
+ ;
+
reason: NUM { $$ = $1; }
| ID { const char *reasons[] = PFRES_NAMES;
int i;
Oops, something went wrong.

0 comments on commit 8856701

Please sign in to comment.