static int
test_ping(void)
{
struct pkt *pkt;
struct timeval tv;
printf("ping: "); fflush(stdout);
ping->pkt_icmp_msg->echo.icmp_id = rand_uint16(ctx.rnd);
pkt = pkt_dup(ping);
pkt->pkt_ip->ip_id = rand_uint16(ctx.rnd);
ip_checksum(pkt->pkt_ip, pkt->pkt_end - pkt->pkt_eth_data);
pcap_filter(ctx.pcap, "icmp[0] = 0 and src %s and dst %s",
addr_ntoa(&ctx.dst), addr_ntoa(&ctx.src));
send_pkt(pkt);
for (tv = read_tv; (pkt = recv_pkt(&tv)) != NULL; tv = read_tv) {
if (memcmp(&pkt->pkt_icmp_msg->echo,
&ping->pkt_icmp_msg->echo, 8) == 0)
break;
}
printf("%s\n", pkt ? timeval_ntoa(&tv) : "no reply");
return (0);
}
static void icmps_tx(TCPIPS* tcpips, IO* io, const IP* dst)
{
ICMP_HEADER* icmp = io_data(io);
short2be(icmp->checksum_be, 0);
short2be(icmp->checksum_be, ip_checksum(io_data(io), io->data_size));
ips_tx(tcpips, io, dst);
}
u_int32_t Checksum(Packet *iPkt,u_int32_t pktlen)
{
if( (iPkt == NULL) ||
pktlen == 0)
{
/* XXX */
return 1;
}
if(iPkt->iph)
{
if(IS_IP4(iPkt))
{
ip_checksum((void *)iPkt->iph,
(pktlen - ((void *) iPkt->iph - (void *)iPkt->pkt)));
}
else if(IS_IP6(iPkt))
{
ip6_checksum((void *)iPkt->iph,
(pktlen - ((void *) iPkt->iph - (void *)iPkt->pkt)));
}
else
{
goto cksum_err;
}
}
return 0;
cksum_err:
printf("[%s()]: Encountered an error while running checksum against a packet \n",
__FUNCTION__);
return 1;
}
int gre_encapsulate(ip_t *honeyd_ip, struct addr *src, struct addr *dst,
struct ip_hdr *iip, u_int iiplen)
{
struct ip_hdr *oip = (struct ip_hdr *) pkt;
struct gre_hdr *gre = (struct gre_hdr *) (oip + 1);
u_char *data = (u_char *) (gre + 1);
u_int iplen, sum;
iplen = sizeof(struct ip_hdr) + sizeof(struct gre_hdr) + iiplen;
if (iplen > sizeof(pkt))
{
syslog(LOG_ERR, "%s: packet too long: %d", __func__, iplen);
return (-1);
}
ip_pack_hdr(pkt, 0, iplen, rand_uint16(honeyd_rand), 0, honeyd_ttl,
IP_PROTO_GRE, src->addr_ip, dst->addr_ip);
memset(gre, 0, sizeof(struct gre_hdr));
gre->gre_flags = htons(GRE_CHECKSUM | GRE_VERSION);
gre->gre_proto = htons(GRE_IP4PROTO);
/* Copy the payload */
memcpy(data, iip, iiplen);
/* Calculate the checksum */
sum = ip_cksum_add(gre, iiplen + sizeof(struct gre_hdr), 0);
gre->gre_sum = ip_cksum_carry(sum);
ip_checksum(oip, iplen);
return (ip_send(honeyd_ip, pkt, iplen) != iplen ? -1 : 0);
}
int init_ping_packet(ICMP_HDR *icmp_hdr, int packet_size)
{
char* datapart;
// configure out ICMP Header
icmp_hdr->icmp_type = ICMP_MESSAGE_ECHO_REQUEST;
icmp_hdr->icmp_code = 0;
icmp_hdr->icmp_checksum = 0;
icmp_hdr->icmp_id = (USHORT)GetCurrentProcessId();
icmp_hdr->icmp_sequence = 1;
icmp_hdr->icmp_timestamp = GetTickCount();
// 데이터 부분을 임의의 문자로 채움.
const unsigned long int deadmeat = 0xDEADBEEF;
datapart = (char *)icmp_hdr + sizeof(ICMP_HDR);
int bytes_left = packet_size - sizeof(ICMP_HDR);
while (bytes_left > 0)
{
memcpy(datapart, &deadmeat, min(int(sizeof(deadmeat)), bytes_left));
bytes_left -= sizeof(deadmeat);
datapart += sizeof(deadmeat);
}
// 체크섬 계산
icmp_hdr->icmp_checksum = ip_checksum((USHORT *)icmp_hdr, packet_size);
return 0;
}
int test_mf(void) {
u_char bytes[ETH_FRAME_LEN];
struct icmphdr ih;
build_eth_header(DEFAULT_DST_MAC, DEFAULT_SRC_MAC, 42, ETH_P_IP, bytes);
// add IP header.
build_ip_header(*DEFAULT_SRC_IP, *DEFAULT_DST_IP, 64, 1, bytes);
*(uint16_t*)(bytes + IP_O_FRAG_OFF) = 0x20; // MF
ih.type = 8;
ih.code = 0;
ih.checksum = 0;
ih.un.echo.id = 0x4343;
ih.un.echo.sequence = 0x4242;
// copy into place
memcpy(bytes + ICMP_START, &ih, sizeof(ih));
// add some payload
memcpy(bytes + ICMP_DATA, "\xbd\x3b\x78\xf8\xbc\x28\x41\x0f\xf7\xcd\x55\x91\xce\xa8\xe7\xac\xb3\xfe\x56\xd0\x6c\xa2\x1d\x41\xc9\x15\x8e\x74\xa0\x09\x4d\x2a\xe8\xd9\x76\xd9\x0c\x10\xb9\x65\x42\x11\xc9\x58\xbe\xce\x90\x89\x67\xaa\x56\xfa\xb7\x5e\xc0\xd0", 56);
// checksum
ip_checksum(bytes + ICMP_START, sizeof(ih) + 56, (uint16_t*)(bytes + ICMP_START + 2));
// let's see what we get
do_pak_handler(bytes, 100 + 2*config.vlan);
if (test_result_len) {
test_log("did not expect reply");
return 1;
}
return 0;
}
int16_t tcp_checksum(t_tcp_packet *packet, int pton_addr)
{
char *result;
struct tcp_psdhdr pseudo_hdr;
int16_t checksum;
int16_t len;
len = sizeof(t_tcp_packet) - sizeof(struct iphdr);
ft_memset(&pseudo_hdr, 0, sizeof(pseudo_hdr));
pseudo_hdr.source = pton_addr;
pseudo_hdr.dest = packet->ip_header.daddr;
pseudo_hdr.blank = 0;
pseudo_hdr.protocol = packet->ip_header.protocol;
pseudo_hdr.len = htons(len);
if (!(result = malloc(len + sizeof(pseudo_hdr))))
{
fprintf(stderr, RED "ft_nmap: can't build tcp checksum\n" DEFAULT);
exit(EXIT_FAILURE);
}
ft_memcpy(result, &pseudo_hdr, sizeof(pseudo_hdr));
ft_memcpy(result + sizeof(pseudo_hdr), &packet->tcp_header, len);
checksum = ip_checksum(result, len + sizeof(pseudo_hdr));
free(result);
return (checksum);
}
/* Process encapsulated map request header: lisp header and the interal IP and
* UDP header */
int
lisp_msg_ecm_decap(lbuf_t *pkt, uint16_t *src_port)
{
uint16_t ipsum = 0;
uint16_t udpsum = 0;
int udp_len = 0;
struct udphdr *udph;
struct ip *iph;
/* this is the new start of the packet */
lisp_msg_pull_ecm_hdr(pkt);
/* Set and extract inner layer 3 packet */
lbuf_reset_l3(pkt);
iph = pkt_pull_ip(pkt);
/* Set and extract inner layer 4 packet */
lbuf_reset_l4(pkt);
udph = pkt_pull_udp(pkt);
/* Set the beginning of the LISP msg*/
lbuf_reset_lisp(pkt);
/* This should overwrite the external port (dst_port in map-reply =
* inner src_port in encap map-request) */
*src_port = ntohs(udph->source);
#ifdef BSD
udp_len = ntohs(udph->uh_ulen);
#else
udp_len = ntohs(udph->len);
#endif
/* Verify the checksums. */
if (iph->ip_v == IPVERSION) {
ipsum = ip_checksum((uint16_t *) iph, sizeof(struct ip));
if (ipsum != 0) {
OOR_LOG(LDBG_2, "IP checksum failed.");
}
}
/* Verify UDP checksum only if different from 0.
* This means we ACCEPT UDP checksum 0! */
if (udph->check != 0) {
udpsum = udp_checksum(udph, udp_len, iph,
ip_version_to_sock_afi(iph->ip_v));
if (udpsum != 0) {
OOR_LOG(LDBG_2, "UDP checksum failed.");
return (BAD);
}
}
OOR_LOG(LDBG_2, "%s, inner IP: %s -> %s, inner UDP: %d -> %d",
lisp_msg_hdr_to_char(pkt),
ip_to_char(&iph->ip_src, ip_version_to_sock_afi(iph->ip_v)),
ip_to_char(&iph->ip_dst, ip_version_to_sock_afi(iph->ip_v)),
ntohs(udph->source), ntohs(udph->dest));
return (GOOD);
}
void rewriteIpv4( char* argv, int len, char* ipv4 )
{
PETH_HDR ether;
PIP_HDR ip;
PTCP_HDR tcp;
PUDP_HDR udp;
int ulen;
ether = (PETH_HDR)argv;
// IPv4
if ( ntohs( ether->ether_type ) == ETHER_TYPE_IP )
{
#ifdef DEBUG
printf("rewrite.c - IPv4 rewrite\n");
#endif
if ( checkPacketNotLen( len, ( ETHER_HDRLEN + IP_HDRLEN ) ) )
return;
ip = (PIP_HDR)(argv + ETHER_HDRLEN);
inet_pton( AF_INET, ipv4, &(ip->ip_saddr) );
ip->ip_checksum = 0;
ip->ip_checksum = ip_checksum( ip, ( ip->ip_ihl * 4 ) );
#ifdef DEBUG
printf("rewrite.c - IPv4 checksum recalculated = %x\n", ntohs( ip->ip_checksum ) );
#endif
// TCP checksum
if ( ip->ip_protocol == IPPROTO_TCP )
{
ulen = len - ETHER_HDRLEN - ( ip->ip_ihl * 4 );
if ( checkPacketNotLen( len, ( ETHER_HDRLEN + ( ip->ip_ihl * 4 ) + TCP_HDRLEN ) ) )
return;
tcp = (PTCP_HDR)(argv + ETHER_HDRLEN + ( ip->ip_ihl * 4 ) );
tcp->tcp_checksum = 0;
tcp->tcp_checksum = tcp_checksum( tcp, ulen, ip->ip_saddr, ip->ip_daddr );
#ifdef DEBUG
printf("rewrite.c - TCPv4 checksum recalculated = %x\n", ntohs( tcp->tcp_checksum ) );
#endif
}
// UDP checksum
if ( ip->ip_protocol == IPPROTO_UDP )
{
if ( checkPacketNotLen( len, ( ETHER_HDRLEN + ( ip->ip_ihl * 4 ) + UDP_HDRLEN ) ) )
return;
ulen = len - ETHER_HDRLEN - ( ip->ip_ihl * 4 );
udp = (PUDP_HDR)(argv + ETHER_HDRLEN + ( ip->ip_ihl * 4 ) );
udp->udp_checksum = 0;
udp->udp_checksum = udp_checksum( udp, ulen, ip->ip_saddr, ip->ip_daddr );
#ifdef DEBUG
printf("rewrite.c - UDPv4 checksum recalculated = %x\n", ntohs( udp->udp_checksum ) );
#endif
}
}
}
void
inet_checksum(uint16_t eth_type, void *buf, size_t len)
{
if (eth_type == ETH_TYPE_IP) {
return ip_checksum(buf, len);
} else if (eth_type == ETH_TYPE_IPV6) {
return ip6_checksum(buf, len);
}
}
static int
test_frag(char *overlap, int drop)
{
struct timeval tv, save_tv = read_tv;
struct pkt *pkt;
struct icmp_msg_echo *echo;
char *frag_argv[4];
if (overlap != NULL)
printf("frag-%s: ", overlap);
else if (drop)
printf("frag-timeout (please wait): ");
else
printf("frag: ");
fflush(stdout);
ping->pkt_ip->ip_id = rand_uint16(ctx.rnd);
ping->pkt_icmp_msg->echo.icmp_id = rand_uint16(ctx.rnd);
pkt = pkt_dup(ping);
ip_checksum(pkt->pkt_ip, pkt->pkt_end - pkt->pkt_eth_data);
TAILQ_INSERT_TAIL(&ctx.pktq, pkt, pkt_next);
frag_argv[0] = "ip_frag";
frag_argv[1] = "8";
frag_argv[2] = overlap;
frag_argv[3] = NULL;
mod_ip_frag.open(overlap ? 3 : 2, frag_argv, NULL);
mod_ip_frag.apply(NULL, &ctx.pktq, NULL);
if (drop) {
pkt = TAILQ_LAST(&ctx.pktq, pktq);
TAILQ_REMOVE(&ctx.pktq, pkt, pkt_next);
pkt_free(pkt);
save_tv.tv_sec = FRAG_TIMEOUT;
}
pcap_filter(ctx.pcap, "icmp[0] = %d and src %s and dst %s",
drop ? 11 : 0, addr_ntoa(&ctx.dst), addr_ntoa(&ctx.src));
send_pktq(&ctx.pktq);
for (tv = save_tv; (pkt = recv_pkt(&tv)) != NULL; tv = save_tv) {
if (drop) {
echo = (struct icmp_msg_echo *)
(pkt->pkt_icmp_msg->timexceed.icmp_ip +
IP_HDR_LEN + ICMP_HDR_LEN);
} else {
echo = &pkt->pkt_icmp_msg->echo;
}
if (echo->icmp_id == ping->pkt_icmp_msg->echo.icmp_id)
break;
}
printf("%s\n", pkt ? timeval_ntoa(&tv) : "no reply");
return (0);
}
static void build_icmp_header(t_env *env, struct icmphdr *header)
{
ft_bzero(header, sizeof(*header));
header->type = ICMP_ECHO;
header->code = 0;
header->un.echo.id = getpid();
header->un.echo.sequence = (uint16_t)env->count;
header->checksum = 0;
header->checksum = ip_checksum(header, sizeof(t_packet) - sizeof(struct iphdr));
}
int
main(int argc, char **argv)
{
ip_t *sock;
intf_t *intf;
struct addr dst;
struct ip_hdr *ip;
struct udp_hdr *udp;
struct intf_entry entry;
int len = IP_HDR_LEN + UDP_HDR_LEN;
char buf[len];
if (argc < 2 || addr_aton(argv[1], &dst)) {
printf("error: please specify a target ip address\n");
return 1;
}
memset(buf, 0, sizeof(buf));
ip = (struct ip_hdr *) buf;
ip->ip_v = 4;
ip->ip_hl = 5;
ip->ip_tos = 0;
ip->ip_off = 0;
ip->ip_sum = 0;
ip->ip_ttl = IP_TTL_MAX;
ip->ip_p = IP_PROTO_UDP;
ip->ip_id = htons(0xdead);
ip->ip_len = htons(len);
udp = (struct udp_hdr *) (buf + IP_HDR_LEN);
udp->uh_sum = 0;
udp->uh_sport = htons(0);
udp->uh_dport = htons(5353);
udp->uh_ulen = htons(UDP_HDR_LEN);
intf = intf_open();
intf_get_dst(intf, &entry, &dst);
intf_close(intf);
ip->ip_src = entry.intf_addr.addr_ip;
ip->ip_dst = dst.addr_ip;
ip_checksum(buf, len);
sock = ip_open();
if (!sock) {
printf("error: root privileges needed for raw socket\n");
return 1;
}
ip_send(sock, buf, len);
ip_close(sock);
return 0;
}
int test_df(void) {
u_char bytes[ETH_FRAME_LEN];
struct icmphdr ih;
build_eth_header(DEFAULT_DST_MAC, DEFAULT_SRC_MAC, 42, ETH_P_IP, bytes);
// add IP header.
build_ip_header(*DEFAULT_SRC_IP, *DEFAULT_DST_IP, 64, 1, bytes);
*(uint16_t*)(bytes + IP_O_FRAG_OFF) = 0x40; // DF
ih.type = 8;
ih.code = 0;
ih.checksum = 0;
ih.un.echo.id = 0x4343;
ih.un.echo.sequence = 0x4242;
// copy into place
memcpy(bytes + ICMP_START, &ih, sizeof(ih));
// add some payload
memcpy(bytes + ICMP_DATA, "\xbd\x3b\x78\xf8\xbc\x28\x41\x0f\xf7\xcd\x55\x91\xce\xa8\xe7\xac\xb3\xfe\x56\xd0\x6c\xa2\x1d\x41\xc9\x15\x8e\x74\xa0\x09\x4d\x2a\xe8\xd9\x76\xd9\x0c\x10\xb9\x65\x42\x11\xc9\x58\xbe\xce\x90\x89\x67\xaa\x56\xfa\xb7\x5e\xc0\xd0", 56);
// checksum
ip_checksum(bytes + ICMP_START, sizeof(ih) + 56, (uint16_t*)(bytes + ICMP_START + 2));
// let's see what we get
do_pak_handler(bytes, 100 + 2*config.vlan);
if (test_result_len != 100 + 2*config.vlan) {
test_log("result is not 102 bytes long as expected, was %lu", test_result_len);
return 1;
}
if (assert_ip(test_result_buffer, *DEFAULT_DST_IP, *DEFAULT_SRC_IP, 64, 1)) return 1;
// check that all is good.
ip_checksum(test_result_buffer + ICMP_START, sizeof(ih) + 56, (uint16_t*)(test_result_buffer + ICMP_START + 2));
memcpy(&ih, test_result_buffer + ICMP_START, sizeof ih);
if (ih.checksum != 0) { test_log("ICMP packet checksum wrong"); return 1; }
if (ih.type != 0) { test_log("unexpected ICMP type in response"); return 1; }
if (ih.code != 0) { test_log("unexpected ICMP code in response"); return 1; }
if (ih.un.echo.id != 0x4343) { test_log("wrong ICMP echo id"); return 1; }
if (ih.un.echo.sequence != 0x4242) { test_log("wrong ICMP echo sequence"); return 1; }
// check payload
return memcmp(test_result_buffer + ICMP_DATA, "\xbd\x3b\x78\xf8\xbc\x28\x41\x0f\xf7\xcd\x55\x91\xce\xa8\xe7\xac\xb3\xfe\x56\xd0\x6c\xa2\x1d\x41\xc9\x15\x8e\x74\xa0\x09\x4d\x2a\xe8\xd9\x76\xd9\x0c\x10\xb9\x65\x42\x11\xc9\x58\xbe\xce\x90\x89\x67\xaa\x56\xfa\xb7\x5e\xc0\xd0", 56);
}
void
setup_ip_hdr(ip_hdr_t *ip_hdr, uint16_t new_data_len)
{
ip_hdr->dst_addr = cur_sock->src_ip;
if (new_data_len) {
ip_hdr->total_len = HTONS(sizeof(ip_hdr_t) + new_data_len);
}
ip_checksum(ip_hdr);
}
int MAIN(flood, int argc, char** argv) {
int eth_fd = open("/Devices/Pcnet32/0", 1);
if(eth_fd == -1) {
printf("Error opening net interface\n");
return 0;
}
printf("flooding network\n");
char *str = "PASS | karc123as\r\n";
int header_size = buffer.payload_start - (u_int8_t*)&buffer;
int i;
for(i=0; i<6; i++) {
buffer.dst[i] = 0xff;
buffer.src[i] = 0xff;
}
buffer.type = cpu_to_net16(0x800);
buffer.version = 4;
buffer.ihl = 20/4;
buffer.tos = 0x0;
buffer.tot_len = cpu_to_net16(header_size + strlen(str) - 12 - 2);
buffer.frag_off = 0;
buffer.ttl = 0x40;
buffer.protocol = 0x6;
buffer.ip_dst = 0x0a0a0a0a;
buffer.ip_src = 0x0b0a0a0a;
buffer.tcp_sport = cpu_to_net16(41235);
buffer.tcp_dport = cpu_to_net16(21);
buffer.tcp_sn = cpu_to_net32(54335123);
buffer.tcp_ackSn = cpu_to_net32(67243514);
buffer.ack = 1;
buffer.doff = 5;
buffer.window = 40;
ip_checksum((struct ip_frame*)buffer.ip_frame);
buffer.tcp_check = ip_sum_calc(20 + strlen(str), (u_int16_t*)buffer.tcp_frame);
while(1) {
strcpy(buffer.payload, str);
int res;
printf("writing\n");
res = write(eth_fd, &buffer, (header_size + strlen(str)));
if(res == -1)
printf("error\n");
else
printf("ok\n");
}
}
jlong EtomicNetworkStack::sendPacket(jbyte *packetBytesArray , int packetSize , int timestampPosition , int chksumPos){
if (timestampPosition != -1)
{
jlong sendTime = JavaTime::javaTimeNanos();
memcpy(packetBytesArray + timestampPosition , (void*)(&sendTime) , 8);
if (chksumPos!= -1 ){
ip_checksum(packetBytesArray+chksumPos, packetSize-chksumPos );
}
// fflush(stdout);
}
return sendPacket(packetBytesArray , packetSize);
}
bool IPv4::EnqueuePacket(const InternetAddrIntf &rDest, int protocol, MaxPacket &rPayload)
{
IPv4Addr *pDest = (IPv4Addr *)&rDest;
//little endian
union {
IPv4Header m_header;
unsigned int m_words[5];
};
m_header.m_destIpAddr = pDest->m_addr;
m_header.m_dscp = 0;
m_header.m_ecn = 0;
//todo change to support fragmentation
m_header.m_flags = 1 << IPv4Header::kDontFragment;
m_header.m_fragmentOffset = 0;
m_header.m_identification = 0; //can be anything for atomic datagrams http://tools.ietf.org/html/rfc6864
static const int kHeaderSize = 20;
m_header.m_ihl = kHeaderSize >> 2;
m_header.m_protocol = protocol;
m_header.m_sourceIpAddr = m_localAddrs.front(); //todo change
m_header.m_totalLength = kHeaderSize + rPayload.m_size - rPayload.m_startOffset;
m_header.m_ttl = 255;
m_header.m_version = 4;
m_header.m_headerChecksum = 0;
for (int count = 0; count < 5; count++)
m_words[count] = __builtin_bswap32(m_words[count]);
//compute and insert the checksum
unsigned short checksum = ip_checksum(&m_header, kHeaderSize);
unsigned short *pDataBE = (unsigned short *)&m_words;
pDataBE[5] = __builtin_bswap16(checksum);
//put it in the packet
m_sendMutex.Lock();
m_sendTempPacket.m_startOffset = 0;
m_sendTempPacket.m_size = kHeaderSize + rPayload.m_size - rPayload.m_startOffset;
memcpy(&m_sendTempPacket.x[0], &m_header, kHeaderSize);
memcpy(&m_sendTempPacket.x[kHeaderSize],
&rPayload.x[rPayload.m_startOffset],
rPayload.m_size - rPayload.m_startOffset);
//send it
bool ok = m_rSendRing.Push(m_sendTempPacket);
m_sendMutex.Unlock();
return ok;
}
uint16_t tcp_checksum(const ipv4_header *ip, const tcp_header *tcp)
{
unsigned total_length = ntohs(ip->total_length);
uint8_t header_length = ip->ihl * 4;
//uint8_t tcp_header_length = tcp->data_offset * 4;
// unsigned data_length = total_length - header_length - tcp_header_length;
struct {
uint8_t zeros;
uint8_t protocol;
uint16_t tcp_length;
} pseudo;
pseudo.zeros = 0;
pseudo.protocol = 6;
pseudo.tcp_length = htons(total_length - ip->ihl * 4);
uint16_t sum;
sum = ip_checksum(&ip->src, 2 * sizeof ip->src);
sum = ip_checksum(&pseudo, sizeof pseudo, sum);
sum = ip_checksum(tcp, total_length - header_length, sum);
return sum;
}
void translate_6to4(struct mapping *st, char *buf, int len){
struct ip6_hdr *ip6 = (struct ip6_hdr *)buf;
struct ip ip;
struct tun_pi pi;
struct iovec iov[3];
memset(&ip, 0, sizeof(struct ip));
ip.ip_v = 4;
ip.ip_hl = 5;
ip.ip_len = htons(len - sizeof(struct ip6_hdr) + sizeof(struct ip));
ip.ip_id = ip6->ip6_flow;
ip.ip_off = htons(IP_DF);
ip.ip_ttl = ip6->ip6_hlim;
ip.ip_p = ip6->ip6_nxt;
ip.ip_src = st->mapped_ipv4_addr;
ip.ip_dst = sa46t_extract_6to4_addr(ip6->ip6_dst);
if(ip6->ip6_nxt == IPPROTO_FRAGMENT){
/* drop already fragmented packet */
return;
}
if(ip6->ip6_nxt == IPPROTO_ICMPV6){
ip.ip_p = IPPROTO_ICMP;
process_icmpv6_packet(buf + sizeof(struct ip6_hdr), len - sizeof(struct ip6_hdr));
}
if(ip6->ip6_nxt == IPPROTO_TCP){
process_tcp_packet(AF_INET, &ip, buf + sizeof(struct ip6_hdr), len - sizeof(struct ip6_hdr));
}
if(ip6->ip6_nxt == IPPROTO_UDP){
process_udp_packet(AF_INET, &ip, buf + sizeof(struct ip6_hdr), len - sizeof(struct ip6_hdr));
}
ip.ip_sum = 0;
ip.ip_sum = ip_checksum((unsigned short *)&ip, sizeof(struct ip));
tun_set_af(&pi, AF_INET);
iov[0].iov_base = π
iov[0].iov_len = sizeof(pi);
iov[1].iov_base = &ip;
iov[1].iov_len = sizeof(ip);
iov[2].iov_base = buf + sizeof(struct ip6_hdr);
iov[2].iov_len = len - sizeof(struct ip6_hdr);
send_iovec(iov, 3);
}
struct udphdr *build_ip_header(
uint8_t *cur_ptr,
lisp_addr_t *src_addr,
lisp_addr_t *dst_addr,
int ip_len)
{
struct ip *iph;
struct ip6_hdr *ip6h;
struct udphdr *udph;
switch (src_addr->afi) {
case AF_INET:
ip_len = ip_len + sizeof(struct ip);
iph = (struct ip *) cur_ptr;
iph->ip_hl = 5;
iph->ip_v = IPVERSION;
iph->ip_tos = 0;
iph->ip_len = htons(ip_len);
iph->ip_id = htons(get_IP_ID());
iph->ip_off = 0; /* XXX Control packets can be fragmented */
iph->ip_ttl = 255;
iph->ip_p = IPPROTO_UDP;
iph->ip_src.s_addr = src_addr->address.ip.s_addr;
iph->ip_dst.s_addr = dst_addr->address.ip.s_addr;
iph->ip_sum = 0;
iph->ip_sum = ip_checksum((uint16_t *)cur_ptr, sizeof(struct ip));
udph = (struct udphdr *) CO(iph,sizeof(struct ip));
break;
case AF_INET6:
ip6h = (struct ip6_hdr *) cur_ptr;
ip6h->ip6_hops = 255;
ip6h->ip6_vfc = (IP6VERSION << 4);
ip6h->ip6_nxt = IPPROTO_UDP;
ip6h->ip6_plen = htons(ip_len);
memcpy(ip6h->ip6_src.s6_addr,
src_addr->address.ipv6.s6_addr,
sizeof(struct in6_addr));
memcpy(ip6h->ip6_dst.s6_addr,
dst_addr->address.ipv6.s6_addr,
sizeof(struct in6_addr));
udph = (struct udphdr *) CO(ip6h,sizeof(struct ip6_hdr));
break;
default:
lispd_log_msg(LISP_LOG_DEBUG_2,"build_ip_header: Uknown AFI of the source address: %d",src_addr->afi);
return(NULL);
}
return(udph);
}
struct udphdr *build_ip_header(
void *cur_ptr,
lisp_addr_t *src_addr,
lisp_addr_t *dst_addr,
int ip_len)
{
struct ip *iph;
struct ip6_hdr *ip6h;
struct udphdr *udph;
switch (src_addr->afi) {
case AF_INET:
iph = (struct ip *) cur_ptr;
iph->ip_hl = 5;
iph->ip_v = IPVERSION;
iph->ip_tos = 0;
iph->ip_len = htons(ip_len);
iph->ip_id = htons(54321);
iph->ip_off = 0;
iph->ip_ttl = 255;
iph->ip_p = IPPROTO_UDP;
iph->ip_src.s_addr = src_addr->address.ip.s_addr;
iph->ip_dst.s_addr = dst_addr->address.ip.s_addr;
iph->ip_sum = 0;
iph->ip_sum = ip_checksum((uint16_t *)cur_ptr, sizeof(struct ip));
udph = (struct udphdr *) CO(iph,sizeof(struct ip));
break;
case AF_INET6:
ip6h = (struct ip6_hdr *) cur_ptr;
ip6h->ip6_hops = 255;
ip6h->ip6_vfc = (IP6VERSION << 4);
ip6h->ip6_nxt = IPPROTO_UDP;
ip6h->ip6_plen = htons(ip_len);
memcpy(ip6h->ip6_src.s6_addr,
src_addr->address.ipv6.s6_addr,
sizeof(struct in6_addr));
memcpy(ip6h->ip6_dst.s6_addr,
dst_addr->address.ipv6.s6_addr,
sizeof(struct in6_addr));
udph = (struct udphdr *) CO(ip6h,sizeof(struct ip6_hdr));
break;
default:
return(ERR_AFI);
}
return(udph);
}
int assert_ip(u_char *bytes, uint32_t srcip, uint32_t dstip, unsigned short data_len, unsigned short proto) {
struct iphdr iph;
if (assert_eth_header(bytes, 42, ETH_P_IP)) return 1;
memcpy(&iph, bytes + ip_start, sizeof iph);
// checksum test
ip_checksum((const unsigned char*)&iph, sizeof(iph), &iph.check);
if (iph.check != 0) { test_log("ip checksum did not validate"); return 1; }
// check corrct protocol and such
if (iph.version != 4) { test_log("wrong ip version"); return 1; }
if (iph.ihl != 5) { test_log("ip header len != 5"); return 1; }
if (iph.tot_len != htons(data_len + sizeof(iph))) { test_log("total length wasn't as expected: wanted %u, got %u", data_len + sizeof(iph), ntohs(iph.tot_len)); return 1; }
if (iph.id != 0x4545) { test_log("IPID wrong"); return 1; }
if (iph.protocol != proto) { test_log("unexpected protocol: wanted %u, got %u", proto, iph.protocol); return 1; }
if (iph.saddr != srcip) { test_log("invalid source ip"); return 1; }
if (iph.daddr != dstip) { test_log("invalid destination ip"); return 1; }
return 0;
}
static void
fragroute_process(const struct pcap_pkthdr *hdr, void *buf, size_t len, void *arg)
{
struct pktq pktq;
struct pkt *pkt, *next;
if ((pkt = pkt_new()) == NULL) {
warn("pkt_new");
return;
}
if (ETH_HDR_LEN + len > PKT_BUF_LEN) {
warn("dropping oversized packet");
return;
}
memcpy(pkt->pkt_data + ETH_HDR_LEN, buf, len);
pkt->pkt_end = pkt->pkt_data + ETH_HDR_LEN + len;
pkt_decorate(pkt);
if (pkt->pkt_ip == NULL) {
warn("dropping non-IP packet");
return;
}
eth_pack_hdr(pkt->pkt_eth, ctx.dmac.addr_eth,
ctx.smac.addr_eth, ETH_TYPE_IP);
pkt->pkt_ip->ip_src = ctx.src.addr_ip;
ip_checksum(pkt->pkt_ip, len);
/* Forward this packet along as is. */
if(ctx.dfile &&
eth_send(ctx.eth, pkt->pkt_data, pkt->pkt_end - pkt->pkt_data) < 0)
warn("eth_send");
TAILQ_INIT(&pktq);
TAILQ_INSERT_TAIL(&pktq, pkt, pkt_next);
mod_apply(&pktq);
for (pkt = TAILQ_FIRST(&pktq); pkt != TAILQ_END(&pktq); pkt = next) {
next = TAILQ_NEXT(pkt, pkt_next);
_resend_outgoing(pkt);
}
}
void icmps_rx(TCPIPS* tcpips, IO *io, IP* src)
{
ICMP_HEADER* icmp = io_data(io);
//drop broken ICMP without control, because ICMP is control protocol itself
if (io->data_size < sizeof(ICMP_HEADER))
{
ips_release_io(tcpips, io);
return;
}
if (ip_checksum(io_data(io), io->data_size))
{
ips_release_io(tcpips, io);
return;
}
switch (icmp->type)
{
case ICMP_CMD_ECHO_REPLY:
icmps_rx_echo_reply(tcpips, io, src);
break;
#if (ICMP_ECHO)
case ICMP_CMD_ECHO:
icmps_rx_echo(tcpips, io, src);
break;
#endif
case ICMP_CMD_DESTINATION_UNREACHABLE:
icmps_rx_destination_unreachable(tcpips, io);
break;
case ICMP_CMD_TIME_EXCEEDED:
icmps_rx_time_exceeded(tcpips, io);
break;
case ICMP_CMD_PARAMETER_PROBLEM:
icmps_rx_parameter_problem(tcpips, io);
break;
default:
#if (ICMP_DEBUG)
printf("ICMP: unhandled type %d from ", icmp->type);
ip_print(src);
printf("\n");
#endif
ips_release_io(tcpips, io);
break;
}
}
int
ip_opt_apply(void *d, struct pktq *pktq)
{
struct ip_opt *opt = (struct ip_opt *)d;
struct pkt *pkt;
size_t len;
TAILQ_FOREACH(pkt, pktq, pkt_next) {
len = ip_add_option(pkt->pkt_ip, PKT_BUF_LEN - ETH_HDR_LEN,
IP_PROTO_IP, opt, opt->opt_len);
if (len > 0) {
pkt->pkt_end += len;
pkt_decorate(pkt);
ip_checksum(pkt->pkt_ip,
pkt->pkt_end - pkt->pkt_eth_data);
}
}
void build_ip_header(uint32_t src_ip, uint32_t dst_ip, unsigned short data_len, unsigned short protocol, u_char *bytes) {
struct iphdr iph;
iph.version = 4;
iph.ihl = 5;
iph.tos = 0;
iph.tot_len = htons(data_len + sizeof(iph));
iph.id = 0x4545;
iph.frag_off = 0;
iph.ttl = 64;
iph.protocol = protocol;
iph.check = 0;
iph.saddr = src_ip;
iph.daddr = dst_ip;
// checksum
ip_checksum((const unsigned char*)&iph, sizeof(iph), &iph.check);
memcpy(bytes + ip_start, &iph, sizeof(iph));
}
static ENC_STATUS IP4_Update (Packet* p, Layer* lyr, uint32_t* len)
{
IPHdr* h = (IPHdr*)(lyr->start);
int i = lyr - p->layers;
*len += GET_IP_HDR_LEN(h);
if ( i + 1 == p->next_layer )
{
*len += p->dsize;
}
h->ip_len = htons((u_int16_t)*len);
if ( !PacketWasCooked(p) || (p->packet_flags & PKT_REBUILT_FRAG) )
ip_checksum(h, *len);
return ENC_OK;
}
void retrans(struct my_pkthdr *h, u_char *pack ) {
struct eth_hdr *ethhdr;
struct ip_hdr *iphdr;
struct tcp_hdr *tcphdr;
struct addr srcad, srcha;
char sip[32],smac[32];
int n;
ethhdr = (struct eth_hdr *)pack;
iphdr = (struct ip_hdr *)(pack+ETH_HDR_LEN);
tcphdr= (struct tcp_hdr *)(pack+ETH_HDR_LEN+TCP_HDR_LEN);
addr_pack(&srcha,ADDR_TYPE_ETH,ETH_ADDR_BITS,&(ethhdr->eth_src),ETH_ADDR_LEN);
addr_pack(&srcad,ADDR_TYPE_IP,IP_ADDR_BITS,&(iphdr->ip_src),IP_ADDR_LEN);
if((strcmp(addr_ntoa(&srcha),ahw)==0)){
// Replace source address with my address and destination address
memcpy( ðhdr->eth_src, &reat_mac.addr_eth, ETH_ADDR_LEN);
memcpy( &iphdr->ip_src, &reat_ip.addr_ip, IP_ADDR_LEN);
// Replace destination address with other client
if ( addr_cmp( &srcad, &aad ) == 0 ) {
memcpy( ðhdr->eth_dst, &revi_mac.addr_eth, ETH_ADDR_LEN);
memcpy( &iphdr->ip_dst, &revi_ip.addr_ip, IP_ADDR_LEN);
}else{
memcpy( ðhdr->eth_dst, &reat_mac.addr_eth, ETH_ADDR_LEN);
memcpy( &iphdr->ip_dst, &reat_ip.addr_ip, IP_ADDR_LEN);
}
/* if(modify_tcp_header(&tcphdr,tcphdr->th_sport,tcphdr->th_dport,next_seq,next_ack,tcphdr->th_flags,tcphdr->th_win,tcphdr->th_sum,tcphdr->th_urp,2)<0){
// return;
}
if(modify_tcp_header(&tcphdr,tcphdr->th_sport,tcphdr->th_dport,next_seq,next_ack,tcphdr->th_flags,tcphdr->th_win,tcphdr->th_sum,tcphdr->th_urp,3)<0){
// return;
}*/
ip_checksum((void *)iphdr, ntohs(iphdr->ip_len));
n = eth_send(e,pack,h->len);
//n=ip_send(e,pack,h->len);
if ( n != h->len ) {
fprintf(stderr,"Partial packet transmission %d/%d\n",n,h->len);
} else {
fprintf(stdout, "Packet Transmission Successfull %d %d\n", n, h->len);
}
}
}
/* function: fill_ip_header
* generating an ipv4 header from an ipv6 header (called by the layer 4 protocol-specific functions)
* ip_targ - (ipv4) target packet header, source addr: original ipv4 addr, dest addr: local subnet addr
* payload_len - length of other data inside packet
* protocol - protocol number (tcp, udp, etc)
* old_header - (ipv6) source packet header, source addr: nat64 prefix, dest addr: local subnet prefix
*/
void fill_ip_header(struct iphdr *ip_targ, uint16_t payload_len, uint8_t protocol, const struct ip6_hdr *old_header) {
uint32_t host_addr;
memset(ip_targ, 0, sizeof(ip_targ));
ip_targ->ihl = 5;
ip_targ->version = 4;
ip_targ->tos = 0;
ip_targ->tot_len = htons(sizeof(struct iphdr) + payload_len);
ip_targ->id = 0;
ip_targ->frag_off = htons(IP_DF);
ip_targ->ttl = old_header->ip6_hlim;
ip_targ->protocol = protocol;
ip_targ->check = 0;
ip_targ->saddr = ipv6_src_to_ipv4_src(&old_header->ip6_src);
ip_targ->daddr = config.ipv4_local_subnet.s_addr;
ip_targ->check = ip_checksum(ip_targ,sizeof(struct iphdr));
}
