diff options
| author | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-01-28 13:47:56 +0000 |
|---|---|---|
| committer | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-01-28 13:47:56 +0000 |
| commit | 28a88f4296759220a267c306cd7770c79515c37a (patch) | |
| tree | 1b730efbb3a177bfe4d18d9c002435e11f825957 /usr.sbin | |
| parent | 995e016720a495a6985ac717701df316d9884505 (diff) | |
Print names rather than numbers for the old draft nat-t attributes,
cisco use these at least as recently as ASAs running 8.4(1)
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/tcpdump/ike.h | 15 | ||||
| -rw-r--r-- | usr.sbin/tcpdump/print-ike.c | 9 |
2 files changed, 15 insertions, 9 deletions
diff --git a/usr.sbin/tcpdump/ike.h b/usr.sbin/tcpdump/ike.h index fbc4f5b7af6..1eb550eaace 100644 --- a/usr.sbin/tcpdump/ike.h +++ b/usr.sbin/tcpdump/ike.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ike.h,v 1.23 2010/06/07 16:20:58 jsg Exp $ */ +/* $OpenBSD: ike.h,v 1.24 2012/01/28 13:47:55 sthen Exp $ */ /* * Copyright (c) 2001 Håkan Olsson. All rights reserved. @@ -382,10 +382,6 @@ #define IPSEC_ATTR_DURATION_INITIALIZER \ { "NONE", "SECONDS", "KILOBYTES", \ } -#define IPSEC_ATTR_ENCAP_INITIALIZER \ - { "NONE", "TUNNEL", "TRANSPORT", "UDP_ENCAP_TUNNEL", \ - "UDP_ENCAP_TRANSPORT" \ - } #define IPSEC_ATTR_AUTH_INITIALIZER \ { "NONE", "HMAC_MD5", "HMAC_SHA", "DES_MAC", "KPDK", \ "HMAC_SHA2_256", "HMAC_SHA2_384", "HMAC_SHA2_512", \ @@ -403,6 +399,15 @@ #define IPCOMP_INITIALIZER \ { "NONE", "OUI", "DEFLATE", "LZS", "V42BIS", \ } +static struct tok ipsec_attr_encap[] = { + { 0, "NONE" }, + { 1, "TUNNEL" }, + { 2, "TRANSPORT" }, + { 3, "UDP_ENCAP_TUNNEL" }, + { 4, "UDP_ENCAP_TRANSPORT" }, + { 61443, "UDP_ENCAP_TUNNEL_DRAFT" }, /* draft-ietf-ipsec-nat-t-ike */ + { 61444, "UDP_ENCAP_TRANSPORT_DRAFT" } /* draft-ietf-ipsec-nat-t-ike */ +}; /* * IKE mode config. diff --git a/usr.sbin/tcpdump/print-ike.c b/usr.sbin/tcpdump/print-ike.c index a93b0b106d0..6490c06b952 100644 --- a/usr.sbin/tcpdump/print-ike.c +++ b/usr.sbin/tcpdump/print-ike.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-ike.c,v 1.35 2010/06/07 16:20:58 jsg Exp $ */ +/* $OpenBSD: print-ike.c,v 1.36 2012/01/28 13:47:55 sthen Exp $ */ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999 @@ -303,7 +303,6 @@ ike_attribute_print (u_int8_t *buf, u_int8_t doi, int maxlen) static char *attr_gtype[] = IKE_ATTR_GROUP_INITIALIZER; static char *attr_ltype[] = IKE_ATTR_SA_DURATION_INITIALIZER; static char *ipsec_attrs[] = IPSEC_ATTR_INITIALIZER; - static char *ipsec_attr_encap[] = IPSEC_ATTR_ENCAP_INITIALIZER; static char *ipsec_attr_auth[] = IPSEC_ATTR_AUTH_INITIALIZER; static char *ipsec_attr_ltype[] = IPSEC_ATTR_DURATION_INITIALIZER; @@ -357,10 +356,12 @@ ike_attribute_print (u_int8_t *buf, u_int8_t doi, int maxlen) else switch(type) { CASE_PRINT(IPSEC_ATTR_SA_LIFE_TYPE, ipsec_attr_ltype); - CASE_PRINT(IPSEC_ATTR_ENCAPSULATION_MODE, - ipsec_attr_encap); CASE_PRINT(IPSEC_ATTR_AUTHENTICATION_ALGORITHM, ipsec_attr_auth); + case IPSEC_ATTR_ENCAPSULATION_MODE: + printf("%s", tok2str(ipsec_attr_encap, + "%d", val)); + break; default: printf("%d", val); } |