/* Rewrite the TCP sequence number echoed by the ICMP packet.
* The Linux TCP layer ignores ICMP messages with bogus sequence numbers.
*/
static int map_inbound_icmp_tcp_packet(
struct socket *socket, struct packet *live_packet, char **error)
{
u32 *seq = packet_echoed_tcp_seq(live_packet);
bool is_syn = false;
u32 seq_offset = local_seq_script_to_live_offset(socket, is_syn);
*seq = htonl(ntohl(*seq) + seq_offset);
return STATUS_OK;
}
struct packet *new_icmp_packet(int address_family,
enum direction_t direction,
const char *type_string,
const char *code_string,
int protocol,
u32 tcp_start_sequence,
u32 payload_bytes,
s64 mtu,
char **error)
{
s32 type = -1; /* bad type; means "unknown so far" */
s32 code = -1; /* bad code; means "unknown so far" */
struct packet *packet = NULL; /* the newly-allocated result packet */
/* Calculate lengths in bytes of all sections of the packet.
* For now we only support the most common ICMP message
* format, which includes at the end the original outgoing IP
* header and the first 8 bytes after that (which will
* typically have the port info needed to demux the message).
*/
const int ip_fixed_bytes = ip_header_len(address_family);
const int ip_option_bytes = 0;
const int ip_header_bytes = ip_fixed_bytes + ip_option_bytes;
const int echoed_bytes = ip_fixed_bytes + ICMP_ECHO_BYTES;
const int icmp_bytes = icmp_header_len(address_family) + echoed_bytes;
const int ip_bytes = ip_header_bytes + icmp_bytes;
/* Sanity-check all the various lengths */
if (ip_option_bytes & 0x3) {
asprintf(error, "IP options are not padded correctly "
"to ensure IP header is a multiple of 4 bytes: "
"%d excess bytes", ip_option_bytes & 0x3);
goto error_out;
}
assert((ip_header_bytes & 0x3) == 0);
/* Parse the ICMP type and code */
if (parse_icmp_type_and_code(address_family, type_string, code_string,
&type, &code, error))
goto error_out;
assert(is_valid_u8(type));
assert(is_valid_u8(code));
/* Allocate and zero out a packet object of the desired size */
packet = packet_new(ip_bytes);
memset(packet->buffer, 0, ip_bytes);
packet->ip_bytes = ip_bytes;
packet->direction = direction;
packet->flags = 0;
packet->ecn = 0;
/* Set IP header fields */
const enum ip_ecn_t ecn = ECN_NONE;
set_packet_ip_header(packet, address_family, ip_bytes, direction, ecn,
icmp_protocol(address_family));
/* Find the start of the ICMP header and then populate common fields. */
void *icmp_header = packet_start(packet) + ip_header_bytes;
if (set_packet_icmp_header(packet, icmp_header, address_family,
type, code, mtu, error))
goto error_out;
/* All ICMP message types currently supported by this tool
* include a copy of the outbound IP header and the first few
* bytes inside. To ensure that the inbound ICMP message gets
* demuxed to the correct socket in the kernel, here we
* construct enough of a basic IP header and during test
* execution we fill in the port numbers and (if specified)
* TCP sequence number in the TCP header.
*/
u8 *echoed_ip = packet_echoed_ip_header(packet);
const int echoed_ip_bytes = (ip_fixed_bytes +
layer4_header_len(protocol) +
payload_bytes);
set_ip_header(echoed_ip, address_family, echoed_ip_bytes,
reverse_direction(direction), ecn, protocol);
if (protocol == IPPROTO_TCP) {
u32 *seq = packet_echoed_tcp_seq(packet);
*seq = htonl(tcp_start_sequence);
}
return packet;
error_out:
if (packet != NULL)
packet_free(packet);
return NULL;
}
