int
main(int argc, char **argv)
{
ip_t *sock;
intf_t *intf;
struct addr dst;
struct ip_hdr *ip;
struct udp_hdr *udp;
struct intf_entry entry;
int len = IP_HDR_LEN + UDP_HDR_LEN;
char buf[len];
if (argc < 2 || addr_aton(argv[1], &dst)) {
printf("error: please specify a target ip address\n");
return 1;
}
memset(buf, 0, sizeof(buf));
ip = (struct ip_hdr *) buf;
ip->ip_v = 4;
ip->ip_hl = 5;
ip->ip_tos = 0;
ip->ip_off = 0;
ip->ip_sum = 0;
ip->ip_ttl = IP_TTL_MAX;
ip->ip_p = IP_PROTO_UDP;
ip->ip_id = htons(0xdead);
ip->ip_len = htons(len);
udp = (struct udp_hdr *) (buf + IP_HDR_LEN);
udp->uh_sum = 0;
udp->uh_sport = htons(0);
udp->uh_dport = htons(5353);
udp->uh_ulen = htons(UDP_HDR_LEN);
intf = intf_open();
intf_get_dst(intf, &entry, &dst);
intf_close(intf);
ip->ip_src = entry.intf_addr.addr_ip;
ip->ip_dst = dst.addr_ip;
ip_checksum(buf, len);
sock = ip_open();
if (!sock) {
printf("error: root privileges needed for raw socket\n");
return 1;
}
ip_send(sock, buf, len);
ip_close(sock);
return 0;
}
static void __producer_play(void)
{
if (producer_status == PS_UNLOADED) {
struct track_info *ti;
if (get_next(&ti) == 0) {
int rc;
ip = ip_new(ti->filename);
rc = ip_open(ip);
if (rc) {
player_ip_error(rc, "opening file `%s'", ti->filename);
ip_delete(ip);
track_info_unref(ti);
file_changed(NULL);
} else {
ip_setup(ip);
__producer_status_update(PS_PLAYING);
file_changed(ti);
}
}
} else if (producer_status == PS_PLAYING) {
if (ip_seek(ip, 0.0) == 0) {
reset_buffer();
}
} else if (producer_status == PS_STOPPED) {
int rc;
rc = ip_open(ip);
if (rc) {
player_ip_error(rc, "opening file `%s'", ip_get_filename(ip));
ip_delete(ip);
__producer_status_update(PS_UNLOADED);
} else {
ip_setup(ip);
__producer_status_update(PS_PLAYING);
}
} else if (producer_status == PS_PAUSED) {
__producer_status_update(PS_PLAYING);
}
}
static void raw_send(const struct send_pkt *s, unsigned int len)
{
static char ip_buf[2048];
static ip_t *ip_p = NULL;
int n;
unsigned int i;
if (!ip_p) {
ip_p = ip_open();
if (!ip_p)
err(1, "ip_open");
}
for (i = 0 ; i < len; ++i) {
memset(ip_buf, 0, sizeof(ip_buf));
n = build_buf(&s[i], ip_buf, sizeof(ip_buf));
ip_checksum(ip_buf, n);
ip_send(ip_p, ip_buf, n);
}
return;
}
static int Active_Open (const char* dev)
{
if ( dev && strcasecmp(dev, "ip") )
{
s_link = eth_open(dev);
if ( !s_link )
FatalError("%s: can't open %s!\n",
"Active response", dev);
s_send = Active_SendEth;
}
else
{
s_ipnet = ip_open();
if ( !s_ipnet )
FatalError("%s: can't open ip!\n",
"Active response");
s_send = Active_SendIp;
}
return ( s_link || s_ipnet ) ? 0 : -1;
}
static int ipq_daq_initialize (
const DAQ_Config_t* cfg, void** handle, char* errBuf, size_t errMax)
{
int status;
if(cfg->name && *(cfg->name))
{
snprintf(errBuf, errMax, "The ipq DAQ module does not support interface or readback mode!");
return DAQ_ERROR_INVAL;
}
IpqImpl* impl = calloc(1, sizeof(*impl));
if ( !impl )
{
snprintf(errBuf, errMax, "%s: failed to allocate the ipq context!",
__FUNCTION__);
return DAQ_ERROR_NOMEM;
}
if ( ipq_daq_get_setup(impl, cfg, errBuf, errMax) != DAQ_SUCCESS )
{
ipq_daq_shutdown(impl);
return DAQ_ERROR;
}
impl->buf = malloc(MSG_BUF_SIZE);
if ( !impl->buf )
{
snprintf(errBuf, errMax, "%s: failed to allocate the ipq buffer!",
__FUNCTION__);
ipq_daq_shutdown(impl);
return DAQ_ERROR_NOMEM;
}
// remember to also link in, eg:
// iptables -A OUTPUT -p icmp -j QUEUE
impl->ipqh = ipq_create_handle(0, impl->proto);
if ( !impl->ipqh )
{
snprintf(errBuf, errMax, "%s: ipq_create_handle error %s\n",
__FUNCTION__, ipq_errstr());
ipq_daq_shutdown(impl);
return DAQ_ERROR;
}
// copy both packet metadata and packet payload
// paket payload is limited to IP_MAXPACKET
status = ipq_set_mode(impl->ipqh, IPQ_COPY_PACKET, IP_MAXPACKET);
if ( status < 0 )
{
snprintf(errBuf, errMax, "%s: ipq_set_mode error %s\n",
__FUNCTION__, ipq_errstr());
ipq_daq_shutdown(impl);
return DAQ_ERROR;
}
if ( impl->device && strcasecmp(impl->device, "ip") )
{
impl->link = eth_open(impl->device);
if ( !impl->link )
{
snprintf(errBuf, errMax, "%s: can't open %s!\n",
__FUNCTION__, impl->device);
ipq_daq_shutdown(impl);
return DAQ_ERROR;
}
}
else
{
impl->net = ip_open();
if ( !impl->net )
{
snprintf(errBuf, errMax, "%s: can't open ip!\n", __FUNCTION__);
ipq_daq_shutdown(impl);
return DAQ_ERROR;
}
}
impl->state = DAQ_STATE_INITIALIZED;
*handle = impl;
return DAQ_SUCCESS;
}
static int nfq_daq_initialize (
const DAQ_Config_t* cfg, void** handle, char* errBuf, size_t errMax)
{
if(cfg->name && *(cfg->name))
{
snprintf(errBuf, errMax, "The nfq DAQ module does not support interface or readback mode!");
return DAQ_ERROR_INVAL;
}
// setup internal stuff
NfqImpl *impl = calloc(1, sizeof(*impl));
if ( !impl )
{
snprintf(errBuf, errMax, "%s: failed to allocate nfq context\n",
__FUNCTION__);
return DAQ_ERROR_NOMEM;
}
if ( nfq_daq_get_setup(impl, cfg, errBuf, errMax) != DAQ_SUCCESS )
{
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
if ( (impl->buf = malloc(MSG_BUF_SIZE)) == NULL )
{
snprintf(errBuf, errMax, "%s: failed to allocate nfq buffer\n",
__FUNCTION__);
nfq_daq_shutdown(impl);
return DAQ_ERROR_NOMEM;
}
// setup input stuff
// 1. get a new q handle
if ( !(impl->nf_handle = nfq_open()) )
{
snprintf(errBuf, errMax, "%s: failed to get handle for nfq\n",
__FUNCTION__);
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
// 2. now use the new q handle to rip the rug out from other
// nfq users / handles? actually that doesn't seem to
// happen which is good, but then why is this *supposed*
// to be necessary? especially since we haven't bound to
// a qid yet, and that is exclusive anyway.
if (
(IP4(impl) && nfq_unbind_pf(impl->nf_handle, PF_INET) < 0) ||
(IP6(impl) && nfq_unbind_pf(impl->nf_handle, PF_INET6) < 0) )
{
snprintf(errBuf, errMax, "%s: failed to unbind protocols for nfq\n",
__FUNCTION__);
//nfq_daq_shutdown(impl);
//return DAQ_ERROR;
}
// 3. select protocols for the q handle
// this is necessary but insufficient because we still
// must configure iptables externally, eg:
//
// iptables -A OUTPUT -p icmp -j NFQUEUE [--queue-num <#>]
// (# defaults to 0).
//
// :( iptables rules should be managed automatically to avoid
// queueing packets to nowhere or waiting for packets that
// will never come. (ie this bind should take the -p, -s,
// etc args you can pass to iptables and create the dang
// rule!)
if (
(IP4(impl) && nfq_bind_pf(impl->nf_handle, PF_INET) < 0) ||
(IP6(impl) && nfq_bind_pf(impl->nf_handle, PF_INET6) < 0) )
{
snprintf(errBuf, errMax, "%s: failed to bind protocols for nfq\n",
__FUNCTION__);
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
// 4. bind to/allocate the specified nfqueue instance
// (this is the puppy specified via iptables as in
// above example.)
//
// ** there can be at most 1 nf_queue per qid
if ( !(impl->nf_queue = nfq_create_queue(
impl->nf_handle, impl->qid, daq_nfq_callback, impl)) )
{
snprintf(errBuf, errMax, "%s: nf queue creation failed\n",
__FUNCTION__);
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
// 5. configure copying for maximum overhead
if ( nfq_set_mode(impl->nf_queue, NFQNL_COPY_PACKET, IP_MAXPACKET) < 0 )
{
snprintf(errBuf, errMax, "%s: unable to set packet copy mode\n",
__FUNCTION__);
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
// 6. set queue length (optional)
if ( impl->qlen > 0 &&
nfq_set_queue_maxlen(impl->nf_queue, impl->qlen))
{
snprintf(errBuf, errMax, "%s: unable to set queue length\n",
__FUNCTION__);
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
// 7. get the q socket descriptor
// (after getting not 1 but 2 handles!)
impl->sock = nfq_fd(impl->nf_handle);
// setup output stuff
// we've got 2 handles and a socket descriptor but, incredibly,
// no way to inject?
if ( impl->device && strcasecmp(impl->device, "ip") )
{
impl->link = eth_open(impl->device);
if ( !impl->link )
{
snprintf(errBuf, errMax, "%s: can't open %s!\n",
__FUNCTION__, impl->device);
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
}
else
{
impl->net = ip_open();
if ( !impl->net )
{
snprintf(errBuf, errMax, "%s: can't open ip!\n", __FUNCTION__);
nfq_daq_shutdown(impl);
return DAQ_ERROR;
}
}
impl->state = DAQ_STATE_INITIALIZED;
*handle = impl;
return DAQ_SUCCESS;
}
int
main(int argc, char *argv[])
{
struct intf_entry ifent;
intf_t *intf;
int i, tests;
char *cmd;
if (argc < 3)
usage();
for (tests = 0, i = 1; i < argc - 1; i++) {
cmd = argv[i];
if (strcmp(cmd, "all") == 0)
tests = ~0;
else if (strcmp(cmd, "ping") == 0)
tests |= TEST_PING;
else if (strcmp(cmd, "ip-opt") == 0)
tests |= TEST_IP_OPT;
else if (strcmp(cmd, "ip-tracert") == 0)
tests |= TEST_IP_TRACERT;
else if (strcmp(cmd, "frag") == 0)
tests |= TEST_FRAG;
else if (strcmp(cmd, "frag-new") == 0)
tests |= TEST_FRAG_NEW;
else if (strcmp(cmd, "frag-old") == 0)
tests |= TEST_FRAG_OLD;
else if (strcmp(cmd, "frag-timeout") == 0)
tests |= TEST_FRAG_TIMEOUT;
else
usage();
}
if (addr_aton(argv[i], &ctx.dst) < 0)
err(1, "invalid host %s", argv[i]);
if ((intf = intf_open()) == NULL)
err(1, "couldn't open interface handle");
ifent.intf_len = sizeof(ifent);
if (intf_get_dst(intf, &ifent, &ctx.dst) < 0)
err(1, "couldn't find interface for %s", addr_ntoa(&ctx.dst));
memcpy(&ctx.src, &ifent.intf_addr, sizeof(ctx.src));
ctx.src.addr_bits = IP_ADDR_BITS;
intf_close(intf);
if ((ctx.ip = ip_open()) == NULL)
err(1, "couldn't open raw IP interface");
if ((ctx.pcap = pcap_open(ifent.intf_name)) == NULL)
err(1, "couldn't open %s for sniffing", ifent.intf_name);
if ((ctx.dloff = pcap_dloff(ctx.pcap)) < 0)
err(1, "couldn't determine link layer offset");
ctx.rnd = rand_open();
pkt_init(16);
TAILQ_INIT(&ctx.pktq);
ping = pkt_new();
ip_pack_hdr(ping->pkt_ip, 0, IP_HDR_LEN + 8 + 24, 666, 0,
IP_TTL_DEFAULT, IP_PROTO_ICMP, ctx.src.addr_ip, ctx.dst.addr_ip);
icmp_pack_hdr_echo(ping->pkt_icmp, ICMP_ECHO, ICMP_CODE_NONE,
666, 1, "AAAAAAAABBBBBBBBCCCCCCCC", 24);
ping->pkt_end = ping->pkt_eth_data + IP_HDR_LEN + 8 + 24;
pkt_decorate(ping);
if ((tests & TEST_PING) != 0)
test_ping();
if ((tests & TEST_IP_OPT) != 0)
test_ip_opt();
if ((tests & TEST_IP_TRACERT) != 0)
test_ip_tracert();
if ((tests & TEST_FRAG) != 0)
test_frag(NULL, 0);
if ((tests & TEST_FRAG_NEW) != 0)
test_frag("new", 0);
if ((tests & TEST_FRAG_OLD) != 0)
test_frag("old", 0);
if ((tests & TEST_FRAG_TIMEOUT) != 0)
test_frag(NULL, 1);
rand_close(ctx.rnd);
pcap_close(ctx.pcap);
ip_close(ctx.ip);
exit(0);
}
