def parseBgpMsg(self, psubtype, plen, pdata, verbose=1, level=0): rv = { "T": MSG_TYPES["PROTOCOL_BGP"], "ST": psubtype, "L": plen, "H": { 'TIME': 0L }, "V": {} } if psubtype in (BGP_SUBTYPES['BOGO_RIS_EXTN_1'], BGP_SUBTYPES['BOGO_RIS_EXTN_2']): print INDENT*level + '[ *** skipping *** ]' return rv if verbose > 1: print prtbin(level*INDENT, pdata[:BGP_SUBTYPE_HDR_LEN]) try: src_as, src_ip, dst_as, dst_ip =\ struct.unpack(">HLHL", pdata[:BGP_SUBTYPE_HDR_LEN]) rv["H"]["SRC_AS"] = src_as rv["H"]["SRC_IP"] = src_ip rv["H"]["DST_AS"] = dst_as rv["H"]["DST_IP"] = dst_ip except (struct.error): print INDENT*level + '[ *** struct error: bogus RIS data?! *** ]' if psubtype == BGP_SUBTYPES['STATE_CHANGE']: src, dst = struct.unpack(">HH", pdata[-4:]) print INDENT*level +\ 'state change: %s -> %s' %\ (ZEBRA_STATES[src], ZEBRA_STATES[dst]) return rv if verbose > 0: print level*INDENT + "IP(src): %s, AS(src): %d" %\ (id2str(src_ip), src_as) print level*INDENT + "IP(dst): %s, AS(dst): %d" %\ (id2str(dst_ip), dst_as) pdata = pdata[BGP_SUBTYPE_HDR_LEN:] if pdata[0:len(bgp.BGP_MARKER)] != bgp.BGP_MARKER: raise ParseExc else: msg_len, msg_type =\ struct.unpack(">HB", pdata[len(bgp.BGP_MARKER): len(bgp.BGP_MARKER)+3]) if verbose > 1: print prtbin(level*INDENT, pdata[:bgp.BGP_HDR_LEN]) if verbose > 0: print level*INDENT + "BGP message type: %s len=%d" %\ (bgp.MSG_TYPES[msg_type], msg_len) rv["V"] = bgp.parseBgpPdu(msg_type, msg_len, pdata, verbose, level+1) return rv
def parseBgp4pyMsg(self, psubtype, plen, pdata, verbose=1, level=0): rv = { "T": MSG_TYPES["PROTOCOL_BGP4PY"], "ST": psubtype, "L": plen, "H": { "TIME": 0L }, "V": {} } if verbose > 1: print prtbin(level * INDENT, pdata[:BGP4PY_SUBTYPE_HDR_LEN]) src_as, dst_as, ifc, afi, src_ip, dst_ip, ts_frac =\ parseBgp4pyMrtHdr(pdata[0:BGP4PY_SUBTYPE_HDR_LEN], verbose, level) rv["H"]["SRC_AS"] = src_as rv["H"]["DST_AS"] = dst_as rv["H"]["SRC_IP"] = src_ip rv["H"]["DST_IP"] = dst_ip rv["H"]["IFC"] = ifc rv["H"]["AFI"] = afi rv["H"]["TIME"] = ts_frac * 0.000001 pdata = pdata[BGP4PY_SUBTYPE_HDR_LEN:] if psubtype == BGP4PY_SUBTYPES["STATE_CHANGE"]: start_st, end_st = struct.unpack(">HH", pdata) rv["V"] = (start_st, end_st) if verbose > 0: print level*INDENT + "%s -> %s\n" %\ (ZEBRA_STATES[start_st], ZEBRA_STATES[end_st]) elif psubtype == BGP4PY_SUBTYPES["MESSAGE"]: msg_len, msg_type =\ struct.unpack(">HB", pdata[bgp.BGP_MARKER_LEN:bgp.BGP_HDR_LEN]) rv["V"] = bgp.parseBgpPdu(msg_type, msg_len, pdata, verbose, level) else: print level * INDENT + "[ *** SUBTYPE: %d NOT PARSED *** ]" % psubtype return rv
def parseBgp4pyMsg(self, psubtype, plen, pdata, verbose=1, level=0): rv = { "T": MSG_TYPES["PROTOCOL_BGP4PY"], "ST": psubtype, "L": plen, "H": { "TIME": 0L }, "V": {} } if verbose > 1: print prtbin(level*INDENT, pdata[:BGP4PY_SUBTYPE_HDR_LEN]) src_as, dst_as, ifc, afi, src_ip, dst_ip, ts_frac =\ parseBgp4pyMrtHdr(pdata[0:BGP4PY_SUBTYPE_HDR_LEN], verbose, level) rv["H"]["SRC_AS"] = src_as rv["H"]["DST_AS"] = dst_as rv["H"]["SRC_IP"] = src_ip rv["H"]["DST_IP"] = dst_ip rv["H"]["IFC"] = ifc rv["H"]["AFI"] = afi rv["H"]["TIME"] = ts_frac*0.000001 pdata = pdata[BGP4PY_SUBTYPE_HDR_LEN:] if psubtype == BGP4PY_SUBTYPES["STATE_CHANGE"]: start_st, end_st = struct.unpack(">HH", pdata) rv["V"] = (start_st, end_st) if verbose > 0: print level*INDENT + "%s -> %s\n" %\ (ZEBRA_STATES[start_st], ZEBRA_STATES[end_st]) elif psubtype == BGP4PY_SUBTYPES["MESSAGE"]: msg_len, msg_type =\ struct.unpack(">HB", pdata[bgp.BGP_MARKER_LEN:bgp.BGP_HDR_LEN]) rv["V"] = bgp.parseBgpPdu(msg_type, msg_len, pdata, verbose, level) else: if verbose > 1: print level*INDENT + "[ *** SUBTYPE: %d NOT PARSED *** ]" % psubtype return rv
def parseBgp4mpMsg(self, psubtype, plen, pdata, verbose=1, level=0): rv = { "T": MSG_TYPES["PROTOCOL_BGP4MP"], "ST": psubtype, "L": plen, "H": { "TIME": 0L }, "V": {} } if psubtype == BGP4MP_SUBTYPES["STATE_CHANGE"]: if verbose > 1: print prtbin(level*INDENT, pdata) # XXX HACK get occasional 8 byte packets dumped, which I don't # _believe_ to be valid; seem to have a "valid" state changes in # though. Bizarre. if plen == 8: if verbose > 0: print level*INDENT +\ "[ *** BOGUS 8 byte PAYLOAD PACKET *** ]" pdata = pdata[4:] else: src_as, dst_as, ifc, afi, src_ip, dst_ip =\ parseBgp4mpMrtHdr(pdata[0:BGP4MP_SUBTYPE_HDR_LEN], verbose, level) rv["H"]["SRC_AS"] = src_as rv["H"]["DST_AS"] = dst_as rv["H"]["SRC_IP"] = src_ip rv["H"]["DST_IP"] = dst_ip rv["H"]["IFC"] = ifc rv["H"]["AFI"] = afi pdata = pdata[BGP4MP_SUBTYPE_HDR_LEN:] start_st, end_st = struct.unpack(">HH", pdata) rv["V"] = (start_st, end_st) if verbose > 0: print level*INDENT + "%s -> %s\n" %\ (ZEBRA_STATES[start_st], ZEBRA_STATES[end_st]) elif psubtype == BGP4MP_SUBTYPES["MESSAGE"]: # XXX HACK similarly, get either (a) 4 null bytes instead of MRT # header, or (b) bogus MRT header for subtype MESSAGE. Skip them. if pdata[0:4+bgp.BGP_MARKER_LEN] == ("\000\000\000\000" + bgp.BGP_MARKER): if verbose > 1: print prtbin(level*INDENT, pdata[:4]) if verbose > 0: print level*INDENT + "[ *** BOGUS NULL MRT HEADER *** ]" pdata = pdata[4:] else: if verbose > 1: print prtbin(level*INDENT, pdata[:BGP4MP_SUBTYPE_HDR_LEN]) src_as, dst_as, ifc, afi, src_ip, dst_ip =\ parseBgp4mpMrtHdr(pdata[0:BGP4MP_SUBTYPE_HDR_LEN], verbose, level) rv["H"]["SRC_AS"] = src_as rv["H"]["DST_AS"] = dst_as rv["H"]["SRC_IP"] = src_ip rv["H"]["DST_IP"] = dst_ip rv["H"]["IFC"] = ifc rv["H"]["AFI"] = afi pdata = pdata[BGP4MP_SUBTYPE_HDR_LEN:] msg_len, msg_type =\ struct.unpack(">HB", pdata[bgp.BGP_MARKER_LEN:bgp.BGP_HDR_LEN]) rv["V"] = bgp.parseBgpPdu(msg_type, msg_len, pdata, verbose, level) else: print level*INDENT + "[ *** SUBTYPE: %d NOT PARSED *** ]" % psubtype return rv
def parseBgp4mpMsg(self, psubtype, plen, pdata, verbose=1, level=0): rv = { "T": MSG_TYPES["PROTOCOL_BGP4MP"], "ST": psubtype, "L": plen, "H": { "TIME": 0L }, "V": {} } if psubtype == BGP4MP_SUBTYPES["STATE_CHANGE"]: if verbose > 1: print prtbin(level*INDENT, pdata) # XXX HACK get occasional 8 byte packets dumped, which I don't # _believe_ to be valid; seem to have a "valid" state changes in # though. Bizarre. if plen == 8: if verbose > 0: print level*INDENT +\ "[ *** BOGUS 8 byte PAYLOAD PACKET *** ]" pdata = pdata[4:] else: src_as, dst_as, ifc, afi, src_ip, dst_ip =\ parseBgp4mpMrtHdr(pdata[0:BGP4MP_SUBTYPE_HDR_LEN], verbose, level) rv["H"]["SRC_AS"] = src_as rv["H"]["DST_AS"] = dst_as rv["H"]["SRC_IP"] = src_ip rv["H"]["DST_IP"] = dst_ip rv["H"]["IFC"] = ifc rv["H"]["AFI"] = afi pdata = pdata[BGP4MP_SUBTYPE_HDR_LEN:] start_st, end_st = struct.unpack(">HH", pdata) rv["V"] = (start_st, end_st) if verbose > 0: print level*INDENT + "%s -> %s\n" %\ (ZEBRA_STATES[start_st], ZEBRA_STATES[end_st]) elif psubtype == BGP4MP_SUBTYPES["MESSAGE"]: # XXX HACK similarly, get either (a) 4 null bytes instead of MRT # header, or (b) bogus MRT header for subtype MESSAGE. Skip them. if pdata[0:4+bgp.BGP_MARKER_LEN] == ("\000\000\000\000" + bgp.BGP_MARKER): if verbose > 1: print prtbin(level*INDENT, pdata[:4]) if verbose > 0: print level*INDENT + "[ *** BOGUS NULL MRT HEADER *** ]" pdata = pdata[4:] else: if verbose > 1: print prtbin(level*INDENT, pdata[:BGP4MP_SUBTYPE_HDR_LEN]) src_as, dst_as, ifc, afi, src_ip, dst_ip =\ parseBgp4mpMrtHdr(pdata[0:BGP4MP_SUBTYPE_HDR_LEN], verbose, level) rv["H"]["SRC_AS"] = src_as rv["H"]["DST_AS"] = dst_as rv["H"]["SRC_IP"] = src_ip rv["H"]["DST_IP"] = dst_ip rv["H"]["IFC"] = ifc rv["H"]["AFI"] = afi pdata = pdata[BGP4MP_SUBTYPE_HDR_LEN:] msg_len, msg_type =\ struct.unpack(">HB", pdata[bgp.BGP_MARKER_LEN:bgp.BGP_HDR_LEN]) rv["V"] = bgp.parseBgpPdu(msg_type, msg_len, pdata, verbose, level) else: if verbose > 1: print level*INDENT + "[ *** SUBTYPE: %d NOT PARSED *** ]" % psubtype return rv