oneechanhax/phunix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
phunix/external/bsd/tcpdump/dist/print-syslog.c
David van Moolenbroek b636d99d91 Import NetBSD tcpdump(8) 
For now, printing of Sun RPC requests is disabled because we do not
yet have the RPC header files.  This should affect basically noone,
as we do not have any RPC-based programs yet, for the same reason.

Change-Id: Ie7818faaaacdc104d8b2c37a68866b4ce18247d6
2017-03-21 22:00:21 +00:00

151 lines
4.1 KiB
C
Raw Blame History

/*
* Copyright (c) 1998-2004 Hannes Gredler <hannes@tcpdump.org>
* The TCPDUMP project
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that: (1) source code
* distributions retain the above copyright notice and this paragraph
* in its entirety, and (2) distributions including binary code include
* the above copyright notice and this paragraph in its entirety in
* the documentation or other materials provided with the distribution.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND
* WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
* LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE.
*/
#include <sys/cdefs.h>
#ifndef lint
__RCSID("$NetBSD: print-syslog.c,v 1.5 2014/11/20 03:05:03 christos Exp $");
#endif
#define NETDISSECT_REWORKED
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <tcpdump-stdinc.h>
#include "interface.h"
#include "extract.h"
static const char tstr[] = "[|syslog]";
/*
* tokenlists and #defines taken from Ethereal - Network traffic analyzer
* by Gerald Combs <gerald@ethereal.com>
*/
#define SYSLOG_SEVERITY_MASK 0x0007 /* 0000 0000 0000 0111 */
#define SYSLOG_FACILITY_MASK 0x03f8 /* 0000 0011 1111 1000 */
#define SYSLOG_MAX_DIGITS 3 /* The maximum number if priority digits to read in. */
static const struct tok syslog_severity_values[] = {
{ 0, "emergency" },
{ 1, "alert" },
{ 2, "critical" },
{ 3, "error" },
{ 4, "warning" },
{ 5, "notice" },
{ 6, "info" },
{ 7, "debug" },
{ 0, NULL },
};
static const struct tok syslog_facility_values[] = {
{ 0, "kernel" },
{ 1, "user" },
{ 2, "mail" },
{ 3, "daemon" },
{ 4, "auth" },
{ 5, "syslog" },
{ 6, "lpr" },
{ 7, "news" },
{ 8, "uucp" },
{ 9, "cron" },
{ 10, "authpriv" },
{ 11, "ftp" },
{ 12, "ntp" },
{ 13, "security" },
{ 14, "console" },
{ 15, "cron" },
{ 16, "local0" },
{ 17, "local1" },
{ 18, "local2" },
{ 19, "local3" },
{ 20, "local4" },
{ 21, "local5" },
{ 22, "local6" },
{ 23, "local7" },
{ 0, NULL },
};
void
syslog_print(netdissect_options *ndo,
register const u_char *pptr, register u_int len)
{
uint16_t msg_off = 0;
uint16_t pri = 0;
uint16_t facility,severity;
/* extract decimal figures that are
* encapsulated within < > tags
* based on this decimal figure extract the
* severity and facility values
*/
ND_TCHECK2(*pptr, 1);
if (*(pptr+msg_off) == '<') {
msg_off++;
ND_TCHECK2(*(pptr + msg_off), 1);
while ( *(pptr+msg_off) >= '0' &&
*(pptr+msg_off) <= '9' &&
msg_off <= SYSLOG_MAX_DIGITS) {
pri = pri * 10 + (*(pptr+msg_off) - '0');
msg_off++;
ND_TCHECK2(*(pptr + msg_off), 1);
}
if (*(pptr+msg_off) != '>') {
ND_PRINT((ndo, "%s", tstr));
return;
}
msg_off++;
} else {
ND_PRINT((ndo, "%s", tstr));
return;
}
facility = (pri & SYSLOG_FACILITY_MASK) >> 3;
severity = pri & SYSLOG_SEVERITY_MASK;
if (ndo->ndo_vflag < 1 )
{
ND_PRINT((ndo, "SYSLOG %s.%s, length: %u",
tok2str(syslog_facility_values, "unknown (%u)", facility),
tok2str(syslog_severity_values, "unknown (%u)", severity),
len));
return;
}
ND_PRINT((ndo, "SYSLOG, length: %u\n\tFacility %s (%u), Severity %s (%u)\n\tMsg: ",
len,
tok2str(syslog_facility_values, "unknown (%u)", facility),
facility,
tok2str(syslog_severity_values, "unknown (%u)", severity),
severity));
/* print the syslog text in verbose mode */
for (; msg_off < len; msg_off++) {
ND_TCHECK2(*(pptr + msg_off), 1);
safeputchar(ndo, *(pptr + msg_off));
}
if (ndo->ndo_vflag > 1)
print_unknown_data(ndo, pptr, "\n\t", len);
return;
trunc:
ND_PRINT((ndo, "%s", tstr));
}
Reference in New Issue View Git Blame Copy Permalink