--- /dev/null
+T50 was created by Nelson Brito <nbrito@sekure.org> and is
+mantained by Fernando Mercês <fernando@mentebinaria.com.br>, with
+support of some contributors:
+
+Frederico Pissara <fredericopissara@gmail.com>
--- /dev/null
+T50 - Experimental Mixed Packet Injector
+
+Legend:
++ Added feature
+* Improved/changed feature
+- Bug fixed
+! Known issue / missing feature
+
+T50 5.4.1 - November 26, 2011 - thanks to Frederico Pissara!
+ - Fixed bug in option parsing.
+ - Fixed licensing miss in some files.
+ * Improved code, reduced memory consumption.
+ * Improved Makefile, reduced compilation time, use of SS3 instructions.
+ - Manpage moved to section 8.
+ + Strip set by default.
+
+T50 5.4.0 - September 4, 2011
+ + New version scheme <MajorVersion.MinorVersion.RevisionNumber>.
+ + Added manpage.
+ * UPX and strip removed.
+ * License limitations removed.
+ * Removed libmath dependency.
+ * New smaller Makefile reducing compile time. Many flags removed.
+ ! We don't have support for IPv6 yet.
+ ! T50 may not compile in other systems nor GNU/Linux distros.
+
+T50 5.3 - April 9, 2011
+ + New License: it is, finally, licensed under GPL v2.0. Please, refer
+ to LICENSE document for further information.
+ + CIDR Support: Classless Inter-Domain Routing support for destination
+ IP address, using a really tiny C algorithm. This would allow
+ the new version to simulate DDoS in a laboratory environment.
+ + New protocols support: IGMP, EGP, RIP, DCCP, RSVP, IPSec, GRE, EIGRP
+ and OSPF.
+ + TCP Options support.
+
+ T50 3.4 - November 10, 2010
+ First public release.
--- /dev/null
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it. (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.) You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must show them these terms so they know their
+rights.
+
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary. To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ GNU GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License. The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language. (Hereinafter, translation is included without limitation in
+the term "modification".) Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+ 1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+ 2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) You must cause the modified files to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ b) You must cause any work that you distribute or publish, that in
+ whole or in part contains or is derived from the Program or any
+ part thereof, to be licensed as a whole at no charge to all third
+ parties under the terms of this License.
+
+ c) If the modified program normally reads commands interactively
+ when run, you must cause it, when started running for such
+ interactive use in the most ordinary way, to print or display an
+ announcement including an appropriate copyright notice and a
+ notice that there is no warranty (or else, saying that you provide
+ a warranty) and that users may redistribute the program under
+ these conditions, and telling the user how to view a copy of this
+ License. (Exception: if the Program itself is interactive but
+ does not normally print such an announcement, your work based on
+ the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+ a) Accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of Sections
+ 1 and 2 above on a medium customarily used for software interchange; or,
+
+ b) Accompany it with a written offer, valid for at least three
+ years, to give any third party, for a charge no more than your
+ cost of physically performing source distribution, a complete
+ machine-readable copy of the corresponding source code, to be
+ distributed under the terms of Sections 1 and 2 above on a medium
+ customarily used for software interchange; or,
+
+ c) Accompany it with the information you received as to the offer
+ to distribute corresponding source code. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form with such
+ an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it. For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable. However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License. Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+ 5. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Program or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+ 6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+ 7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all. For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded. In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+ 9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+ 10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+ NO WARRANTY
+
+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+ Gnomovision version 69, Copyright (C) year name of author
+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+ <signature of Ty Coon>, 1 April 1989
+ Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs. If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.
+
--- /dev/null
+ ___________._______________
+ \__ ___/| ____/\ _ \ T50: an Experimental Packet Injector Tool
+ | | |____ \ / /_\ \
+ | | / \\ \_/ \
+ |____| /______ / \_____ / Copyright (c) 2001-2011 Nelson Brito
+ \/ \/ All Rights Reserved
+
+T50 Experimental Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed
+to perform "Stress Testing". The concept started on 2001, right after release
+'nb-isakmp.c', and the main goal was:
+ - Having a tool to perform TCP/IP protocol fuzzer, covering common regular
+ protocols, such as: ICMP, TCP and UDP.
+
+Things have changed, and the T50 became a good unique resource capable to
+perform "Stress Testing". And, after checking the "/usr/include/linux", some
+protocols were chosen to be part of its coverage:
+ a) ICMP - Internet Control Message Protocol
+ b) IGMP - Internet Group Management Protocol
+ c) TCP - Transmission Control Protocol
+ d) UDP - User Datagram Protocol
+
+
+Why "Stress Testing"? Well, because when people are designing a new network
+infra-structure (eg. Datacenter serving to Cloud Computing) they think about:
+ a) High-Availability
+ b) Load Balancing
+ c) Backup Sites (Cold Sites, Hot Sites, and Warm Sites)
+ d) Disaster Recovery
+ e) Data Redundancy
+ f) Service Level Agreements
+ g) Etc...
+
+But almost nobody thinks about "Stress Testing", or even performs any test to
+check how the networks infra-structure behaves under stress, under overload,
+and under attack. Even during a Penetration Test, people prefer not running
+any kind of Denial-of-Service testing. Even worse, those people are missing
+one of the three key concepts of security that are common to risk management:
+ - Confidentiality
+ - Integrity
+ - AVAILABILITY
+
+T50 was designed to perform “Stress Testing” on a variety of infra-structure
+network devices (Version 2.45), using widely implemented protocols, and after
+some requests it was was re-designed to extend the tests (as of Version 5.3),
+covering some regular protocols (ICMP, TCP and UDP), some infra-structure
+specific protocols (GRE, IPSec and RSVP), and some routing protocols (RIP,
+EIGRP and OSPF).
+
+This new version (Version 5.3) is focused on internal infra-structure, which
+allows people to test the availability of its resources, and cobering:
+ a) Interior Gateway Protocols (Distance Vector Algorithm):
+ 1. Routing Information Protocol (RIP)
+ 2. Enhanced Interior Gateway Routing Protocol (EIGRP)
+
+ b) Interior Gateway Protocols (Link State Algorithm):
+ 1. Open Shortest Path First (OSPF)
+
+ c) Quality-of-Service Protocols:
+ 1. Resource ReSerVation Protocol (RSVP).
+
+ d) Tunneling/Encapsulation Protocols:
+ 1. Generic Routing Encapsulation (GRE).
+
+T50 is a powerful and unique packet injector tool, which is capable to:
+ a) Send sequentially the following fifteen (15) protocols:
+ 1. ICMP - Internet Control Message Protocol
+ 2. IGMPv1 - Internet Group Management Protocol v1
+ 3. IGMPv3 - Internet Group Management Protocol v3
+ 4. TCP - Transmission Control Protocol
+ 5. EGP - Exterior Gateway Protocol
+ 6. UDP - User Datagram Protocol
+ 7. RIPv1 - Routing Information Protocol v1
+ 8. RIPv2 - Routing Information Protocol v2
+ 9. DCCP - Datagram Congestion Control Protocol
+ 10. RSVP - Resource ReSerVation Protocol
+ 11. GRE - Generic Routing Encapsulation
+ 12. IPSec - Internet Protocol Security (AH/ESP)
+ 13. EIGRP - Enhanced Interior Gateway Routing Protocol
+ 14. OSPF - Open Shortest Path First
+
+ b) It is the only tool capable to encapsulate the protocols (listed above)
+ within Generic Routing Encapsulation (GRE).
+
+ c) Send an (quite) incredible amount of packets per second, making it a
+ "second to none" tool:
+ -> More than 1,000,000 pps of SYN Flood (+50% of the network uplink) in
+ a 1000BASE-T Network (Gigabit Ethernet).
+ -> More than 120,000 pps of SYN Flood (+60% of the network uplink) in a
+ 100BASE-TX Network (Fast Ethernet).
+
+ d) Perform "Stress Testing" on a variety of network infrastructure, network
+ devices and security solutions in place.
+
+ e) Simulate "Distributed Denial-of-Service" & "Denial-of-Service" attacks,
+ validating Firewall rules, Router ACLs, Intrusion Detection System and
+ Intrusion Prevention System policies.
+
+The main differentiator of the T50 is that it is able to send all protocols,
+sequentially, using one single SOCKET, besides it is capable to be used to
+modify network routes, letting IT Security Professionals performing advanced
+"Penetration Test".
--- /dev/null
+# T50 Makefile\r
+#\r
+# Written by Fernando Mercês <fernando@mentebinaria.com.br>\r
+#\r
+# __HAVE_TURBO__ - turbo mode enable --turbo option. This makes\r
+# T50 create a child process to improve performance.\r
+#\r
+# __HAVE_DEBUG__ - debug mode makes T50 print the source filename\r
+# and line when an error occurs. This is a good idea if you're\r
+# experiencing problems.\r
+ \r
+PREFIX=/usr\r
+MANDIR=/usr/share/man/man8\r
+SRCDIR=.\r
+CC=gcc\r
+USE_SSE=-msse -mfpmath=sse\r
+STRIP=-s\r
+CFLAGS=-W -Wall -Wextra -O3 $(USE_SSE) -ffast-math $(STRIP)\r
+INCLUDES=-I$(SRCDIR)/include\r
+DFLAGS=-D__HAVE_TURBO__ -DVERSION=\"$(shell cat ../VERSION)\"\r
+#DFLAGS+=-D__HAVE_DEBUG__\r
+SRC=$(shell find $(SRCDIR) -type f -name '*.c')\r
+ \r
+all:\r
+ $(CC) $(CFLAGS) $(INCLUDES) $(DFLAGS) $(SRC) -o t50\r
+ \r
+clean:\r
+ rm -f t50\r
+ \r
+install: \r
+ install t50 $(PREFIX)/sbin\r
+ gzip -c -9 ../t50.1 > $(MANDIR)/t50.8.gz\r
+ \r
+uninstall:\r
+ rm -f $(PREFIX)/sbin/t50\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#include <common.h>\r
+\r
+/* Validate options */\r
+int checkConfigOptions(const struct config_options *o)\r
+{\r
+ /* Warning missed privileges. */\r
+ if ( getuid() )\r
+ {\r
+ ERROR("you must have privileges to run me"); \r
+ return 0;\r
+ }\r
+\r
+ /* Warning missed target. */\r
+ if (o->ip.daddr == INADDR_ANY)\r
+ {\r
+ ERROR("try --help for usage and help");\r
+ return 0;\r
+ }\r
+\r
+ /* Sanitizing the CIDR. */\r
+ if ( (o->bits < CIDR_MINIMUM || o->bits > CIDR_MAXIMUM) && o->bits != 0)\r
+ {\r
+ char errstr[48];\r
+\r
+ sprintf(errstr, "CIDR must be beewten %d and %d",\r
+ CIDR_MINIMUM, CIDR_MAXIMUM);\r
+ ERROR(errstr);\r
+ return 0;\r
+ }\r
+\r
+ /* Sanitizing the TCP Options SACK_Permitted and SACK Edges. */\r
+ if ( (o->tcp.options & TCP_OPTION_SACK_OK) == TCP_OPTION_SACK_OK &&\r
+ (o->tcp.options & TCP_OPTION_SACK_EDGE) == TCP_OPTION_SACK_EDGE )\r
+ {\r
+ ERROR("TCP options SACK-Permitted and SACK Edges are not allowed");\r
+ return 0;\r
+ }\r
+\r
+ /* Sanitizing the TCP Options T/TCP CC and T/TCP CC.ECHO. */\r
+ if ((o->tcp.options & TCP_OPTION_CC) == TCP_OPTION_CC && (o->tcp.cc_echo) )\r
+ {\r
+ ERROR("TCP options T/TCP CC and T/TCP CC.ECHO are not allowed");\r
+ return 0;\r
+ }\r
+\r
+ /* Testing IANA IP address allocation for private internets (RFC 1700, 1918 and 3330). */\r
+ switch(ntohl(o->ip.daddr) & 0xff000000)\r
+ {\r
+ /* Allowing 10/8 (RFC 1918). */\r
+ case 0x0a000000: break;\r
+\r
+ /* Allowing 127/8 (RFC 1700). */\r
+ case 0x7f000000: break;\r
+\r
+ /* Allowing 169.254/16 (RFC 3330). */\r
+ case 0xa9000000:\r
+ if ((ntohl(o->ip.daddr) & 0xffff0000) != 0xa9fe0000)\r
+ {\r
+ fprintf(stderr, "T50 is RFC 1700, RFC 1918 and RFC 3330 compliance\n");\r
+ fflush(stderr);\r
+ return 0;\r
+ }\r
+ break;\r
+\r
+ /* Allowing 172.16/12 (RFC 1918). */\r
+ case 0xac000000:\r
+ if ((ntohl(o->ip.daddr) & 0xffff0000) < 0xac100000 || \\r
+ (ntohl(o->ip.daddr) & 0xffff0000) > 0xac1f0000)\r
+ {\r
+ fprintf(stderr, "T50 is RFC 1700, RFC 1918 and RFC 3330 compliance\n");\r
+ fflush(stderr);\r
+ return 0;\r
+ }\r
+ break;\r
+\r
+ /* Allowing 192.168/16 (RFC 1918). */\r
+ case 0xc0000000:\r
+ if ((ntohl(o->ip.daddr) & 0xffff0000) != 0xc0a80000)\r
+ {\r
+ fprintf(stderr, "T50 is RFC 1700, RFC 1918 and RFC 3330 compliance\n");\r
+ fflush(stderr);\r
+ return 0;\r
+ }\r
+ break;\r
+\r
+ /* Blocking all other IP addresses. */\r
+ default:\r
+ fprintf(stderr, "T50 is RFC 1700, RFC 1918 and RFC 3330 compliance\n");\r
+ fflush(stderr);\r
+ return 0;\r
+ break;\r
+ }\r
+\r
+#ifdef __HAVE_TURBO__\r
+ /* Sanitizing TURBO mode. */\r
+ if (o->turbo && o->flood == 0)\r
+ {\r
+ ERROR("turbo mode is only available in flood mode");\r
+ return 0;\r
+ }\r
+#endif /* __HAVE_TURBO__ */\r
+\r
+ /* Sanitizing the threshold. */\r
+ if (o->ip.protocol == IPPROTO_T50 && o->threshold < T50_THRESHOLD_MIN\r
+ && o->flood == 0)\r
+ {\r
+ fprintf(stderr,\r
+ "%s: protocol %s cannot have threshold smaller than %d\n",\r
+ PACKAGE,\r
+ mod_acronyms[o->ip.protoname],\r
+ T50_THRESHOLD_MIN);\r
+ fflush(stderr);\r
+ return 0;\r
+ }\r
+\r
+\r
+ /* Warning FLOOD mode. */\r
+ if (o->flood)\r
+ {\r
+ printf("entering in flood mode...\n");\r
+\r
+#ifdef __HAVE_TURBO__\r
+ if (o->turbo) printf("activating turbo...\n");\r
+#endif /* __HAVE_TURBO__ */\r
+\r
+ /* Warning CIDR mode. */\r
+ if (o->bits) printf("performing DDoS...\n");\r
+\r
+ printf("hit CTRL+C to break.\n");\r
+ }\r
+\r
+ /* Returning. */\r
+ return 1;\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#include <common.h>\r
+\r
+static struct cidr cidr = { 0, 0 };\r
+\r
+/* CIDR configuration tiny C algorithm */\r
+struct cidr *config_cidr(uint32_t bits, in_addr_t address) \r
+{\r
+ uint32_t netmask;\r
+\r
+ /* Configuring CIDR IP addresses. */\r
+ if (bits)\r
+ {\r
+ /*\r
+ * @nbrito -- Thu Dec 23 13:06:39 BRST 2010\r
+ * Here is a description of how to calculate, correctly, the number of\r
+ * hosts and IP addresses based on CIDR -- three instructions line.\r
+ *\r
+ * (1) Calculate the 'Network Mask' (two simple operations):\r
+ * a) Bitwise shift to the left (>>) '0xffffffff' using CIDR gives the\r
+ * number of bits to calculate the 'Network Mask'.\r
+ * b) Bitwise logic NOT (~) to turn off the bits that are on, and turn\r
+ * on the bits that are off gives the 'Network Mask'.\r
+ *\r
+ * (2) Calculate the number of hosts' IP addresses available to the \r
+ * current CIDR (two simple operations):\r
+ * a) Subtract CIDR from 32 gives the host identifier's (bits) portion\r
+ * for the IP address.\r
+ * b) Two raised to the power (pow(3)) of host identifier (bits) gives\r
+ * the number of all IP addresses available for the CIDR .\r
+ * NOTE: Subtracting two from this math skips both 'Network Address'\r
+ * and 'Broadcast Address'.\r
+ *\r
+ * (3) Calculate initial host IP address (two simple operations):\r
+ * a) Convert IP address to little-endian ('ntohl()').\r
+ * b) Bitwise logic AND (&) of host identifier (bits) portion of the IP\r
+ * address and 'Network Mask' adding one gives the first IP address\r
+ * for the CIDR.\r
+ */\r
+ netmask = ~(0xffffffffUL >> bits);\r
+ cidr.hostid = (uint32_t) (1 << (32 - bits)) - 2;\r
+ cidr.__1st_addr = (ntohl(address) & netmask) + 1;\r
+\r
+ /* XXX Sanitizing the maximum host identifier's IP addresses.\r
+ * XXX Should never reaches here!!! */\r
+ if (cidr.hostid > MAXIMUM_IP_ADDRESSES)\r
+ {\r
+ ERROR("internal error detecded -- please, report");\r
+ ERROR("cidr.hostid > MAXIMUM_IP_ADDRESSES: Probably a specific platform error");\r
+ exit(EXIT_FAILURE);\r
+ }\r
+ }\r
+\r
+ return &cidr;\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#include <common.h> \r
+\r
+/* Calculates checksum */\r
+uint16_t cksum(uint16_t * data, int32_t length)\r
+{\r
+ int32_t nleft = length;\r
+ uint16_t *w = data;\r
+ int32_t sum = 0;\r
+\r
+ /* Our algorithm is simple, using a 32 bit accumulator (sum), we add\r
+ * sequential 16 bit words to it, and at the end, fold back all the\r
+ * carry bits from the top 16 bits into the lower 16 bits. */\r
+ while(nleft > 1)\r
+ {\r
+ sum += *w++;\r
+ nleft -= 2;\r
+ }\r
+\r
+ /* mop up an odd byte, if necessary */\r
+ if(nleft == 1)\r
+ sum += *(uint8_t *)w;\r
+\r
+ /* add back carry outs from top 16 bits to low 16 bits */\r
+ sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */\r
+ sum += (sum >> 16); /* add carry */\r
+\r
+ /* returning sum truncated to 16 bits */\r
+ return ~sum;\r
+}\r
--- /dev/null
+/*
+* T50 - Experimental Mixed Packet Injector
+*
+* Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>
+* Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <common.h>
+
+char *mod_acronyms[] = {
+ "ICMP",
+ "IGMPv1",
+ "IGMPv3",
+ "TCP",
+ "EGP",
+ "UDP",
+ "RIPv1",
+ "RIPv2",
+ "DCCP",
+ "RSVP",
+ "IPSEC",
+ "EIGRP",
+ "OSPF",
+ "T50",
+ NULL
+};
+
+char *mod_names[] = {
+ "Internet Control Message Protocol",
+ "Internet Group Message Protocol v1",
+ "Internet Group Message Protocol v3",
+ "Transmission Control Protocol",
+ "Exterior Gateway Protocol",
+ "User Datagram Protocol",
+ "Routing Information Protocol v1",
+ "Routing Information Protocol v2",
+ "Datagram Congestion Control Protocol",
+ "Resource ReSerVation Protocol",
+ "Internet Protocol Security (AH/ESP)",
+ "Enhanced Interior Gateway Routing Protocol",
+ "Open Shortest Path First",
+ NULL
+};
+
+/* NOTE: This routine cannot be inlined due to its compliexity. */
+uint32_t NETMASK_RND(uint32_t foo)
+{
+ uint32_t t;
+
+ if (foo != INADDR_ANY)
+ t = foo;
+ else
+ t = ~(0xffffffffUL >> (8 + ((rand() >> 27) % 23)));
+
+ return htonl(t);
+}
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/* Default command line interface options. */\r
+static struct config_options o = {\r
+ /* XXX COMMON OPTIONS */\r
+ 1000, /* default threshold */\r
+ 0, /* do not flood */\r
+ 0, /* no GRE encapsulation by default */\r
+ 0, /* do not use bogus checksum */\r
+#ifdef __HAVE_TURBO__\r
+ 0, /* do not duplicate the attack */\r
+#endif /* __HAVE_TURBO__ */\r
+ /* XXX DCCP, TCP & UDP HEADER OPTIONS */\r
+ IPPORT_ANY, /* no default source port */\r
+ IPPORT_ANY, /* no default destination port */\r
+ /* Classless Interdomain Routing (CIDR) */\r
+ 0, /* no default CIDR bits */\r
+ /* XXX IP HEADER OPTIONS (IPPROTO_IP = 0) */\r
+ { IPTOS_PREC_IMMEDIATE, /* default type of service */\r
+ 0, /* default identification */\r
+ 0, /* default fragmentation offset */\r
+ 255, /* default time to live */\r
+ IPPROTO_TCP, /* default packet protocol */\r
+ MODULE_TCP, /* default protocol name */\r
+ INADDR_ANY, /* source address */\r
+ INADDR_ANY }, /* destination address */\r
+ /* XXX GRE HEADER OPTIONS (IPPROTO_GRE = 47) */\r
+ { 0, /* no GRE options by default */\r
+ 0, /* default sequence number present */\r
+ 0, /* default key present */\r
+ 0, /* default checksum present */\r
+ 0, /* default key */\r
+ 0, /* default sequence number */\r
+ INADDR_ANY, /* GRE source address */\r
+ INADDR_ANY }, /* GRE destination address */\r
+ /* XXX ICMP HEADER OPTIONS (IPPROTO_ICMP = 1) */\r
+ { ICMP_ECHO, /* default type */\r
+ 0, /* default code */\r
+ 0, /* default identification */\r
+ 0, /* default sequence */\r
+ INADDR_ANY }, /* destination gateway address */\r
+ /* XXX IGMP HEADER OPTIONS (IPPROTO_IGMP = 2) */\r
+ { IGMP_HOST_MEMBERSHIP_QUERY, /* default type */\r
+ 0, /* default code */\r
+ INADDR_ANY, /* default address */\r
+ 0, /* default querier robustness variable */\r
+ 0, /* default suppress router-side process */\r
+ 0, /* default querier query interv. code */\r
+ 1, /* default group record type */\r
+ 2, /* default number of sources */\r
+ INADDR_ANY, /* default group record multicast address */\r
+ { INADDR_ANY } }, /* default source address(es) */\r
+ /* XXX TCP HEADER OPTIONS (IPPROTO_TCP = 6) */\r
+ { 0, /* default sequence number */\r
+ 0, /* default acknowledgment sequence */\r
+ 0, /* default data offset */\r
+ 0, /* default end of data flag */\r
+ 0, /* default synchronize ISN flag */\r
+ 0, /* default reset connection flag */\r
+ 0, /* default push flag */\r
+ 0, /* default acknowledgment # valid flag */\r
+ 0, /* default urgent pointer valid flag */\r
+ 0, /* default ecn-echo */\r
+ 0, /* default congestion windows reduced */\r
+ 0, /* default window size */\r
+ 0, /* default urgent pointer data */\r
+ 0, /* no TCP options by default */\r
+ 0, /* default MSS option (RFC793) */\r
+ 0, /* default WSOPT option (RFC1323) */\r
+ 0, /* default TSval option (RFC1323) */\r
+ 0, /* default TSecr option (RFC1323) */\r
+ 0, /* default T/TCP CC (RFC1644) */\r
+ 0, /* default T/TCP CC.NEW (RFC1644) */\r
+ 0, /* default T/TCP CC.ECHO (RFC1644) */\r
+ 0, /* default SACK-Left option (RFC2018) */\r
+ 0, /* default SACK-Right option (RFC2018) */\r
+ 0, /* do not use MD5 option by default */\r
+ 0, /* do not use AO option by default */\r
+ 1, /* default AO key ID (RFC5925) */\r
+ 1, /* default AO next key ID (RFC5925) */\r
+ TCPOPT_EOL }, /* default NOP option (RFC793) */\r
+ /* XXX EGP HEADER OPTIONS (IPPROTO_EGP = 8) */\r
+ { EGP_NEIGHBOR_ACQUISITION, /* default type */\r
+ EGP_ACQ_CODE_CEASE_CMD, /* default code */\r
+ EGP_ACQ_STAT_ACTIVE_MODE, /* default status */\r
+ 0, /* default autonomous system */\r
+ 0, /* default sequence number */\r
+ 0, /* default hello interval */\r
+ 0 }, /* default poll interval */\r
+ /* XXX RIP HEADER OPTIONS (IPPROTO_UDP = 17) */\r
+ { 2, /* default command */\r
+ AF_INET, /* default address family identifier */\r
+ INADDR_ANY, /* default IP address */\r
+ 0, /* default metric */\r
+ 0, /* default router domain */\r
+ 0, /* default router tag */\r
+ INADDR_ANY, /* default subnet mask */\r
+ 0, /* default next hop */\r
+ 0, /* do not use authentication by default */\r
+ 1, /* default authentication key ID */\r
+ 0 }, /* default authentication sequence */\r
+ /* XXX DCCP HEADER OPTIONS (IPPROTO_DCCP = 33) */\r
+ { 0, /* default data offset */\r
+ 0, /* default checksum coverage */\r
+ 0, /* default HC-sender CCID */\r
+ DCCP_PKT_REQUEST, /* default type */\r
+ 0, /* default extend sequence number */\r
+ 0, /* default sequence number */\r
+ 0, /* default extended sequence number */\r
+ 0, /* default sequence low number */\r
+ 0, /* default service code */\r
+ 0, /* default acknowledgment # high */\r
+ 0, /* default acknowledgment # low */\r
+ 0 }, /* default reset code */\r
+ /* XXX RSVP HEADER OPTIONS (IPPROTO_RSVP = 46) */\r
+ { 1, /* default flags */\r
+ RSVP_MESSAGE_TYPE_PATH, /* default message type */\r
+ 254, /* default time to live */\r
+ INADDR_ANY, /* default SESSION destination address */\r
+ 1, /* default SESSION protocol ID */\r
+ 1, /* default SESSION flags */\r
+ IPPORT_ANY, /* default SESSION destination port */\r
+ INADDR_ANY, /* default HOP neighbor address */\r
+ 0, /* default HOP logical interface */\r
+ 360, /* default TIME refresh interval */\r
+ INADDR_ANY, /* default ERROR node address */\r
+ 2, /* default ERROR flags */\r
+ 2, /* default ERROR code */\r
+ 8, /* default ERROR value */\r
+ 1, /* default number of SCOPE(s) */\r
+ { INADDR_ANY }, /* default SCOPE address(es) */\r
+ 18, /* default STYLE option vector */\r
+ INADDR_ANY, /* default SENDER TEMPLATE address */\r
+ IPPORT_ANY, /* default SENDER TEMPLATE port */\r
+ 6, /* default TSPEC service */\r
+ 0, /* default TSPEC Token Bucket Rate */\r
+ 0, /* default TSPEC Token Bucket Size */\r
+ 0, /* default TSPEC Peak Data Rate */\r
+ 0, /* default TSEPC Minimum Policed Unit */\r
+ 0, /* default TSPEC Maximum Packet Size */\r
+ 0, /* default ADSPEC IS HOP cnt */\r
+ 0, /* default ADSPEC Path b/w estimate */\r
+ 0, /* default ADSPEC Minimum Path Latency */\r
+ 0, /* default ADSPEC Composed MTU */\r
+ 0, /* no default ADSPEC service */\r
+ 0, /* default ADSPEC ETE composed value C */\r
+ 0, /* default ADSPEC ETE composed value D */\r
+ 0, /* default ADSPEC SLR point composed C */\r
+ 0, /* default ADSPEC SLR point composed D */\r
+ INADDR_ANY }, /* default CONFIRM receiver address */\r
+ /* XXX IPSEC HEADER OPTIONS (IPPROTO_AH = 51 & IPPROTO_ESP = 50) */\r
+ { 0, /* default AH header length */\r
+ 0, /* default AH SPI */\r
+ 0, /* default AH sequence number */\r
+ 0, /* default ESP SPI */\r
+ 0 }, /* default ESP sequence number */\r
+ /* XXX EIGRP HEADER OPTIONS (IPPROTO_EIGRP = 88) */\r
+ { EIGRP_OPCODE_UPDATE, /* default opcode */\r
+ 0, /* default flags */\r
+ 0, /* default sequence number */\r
+ 0, /* default acknowledgment sequence # */\r
+ 0, /* default autonomous system */\r
+ EIGRP_TYPE_INTERNAL, /* default type */\r
+ 0, /* default length */\r
+ 0, /* no EIGRP K Values by default */\r
+ 1, /* default K1 value */\r
+ 0, /* default K2 value */\r
+ 1, /* default K3 value */\r
+ 0, /* default K4 value */\r
+ 0, /* default K5 value */\r
+ 360, /* default hold time */\r
+ 12, /* default IOS Major Version */\r
+ 4, /* default IOS Minor Version */\r
+ 1, /* default EIGRP Major Version */\r
+ 2, /* default EIGRP Minor Version */\r
+ INADDR_ANY, /* default next hop address */\r
+ 0, /* default delay */\r
+ 0, /* default bandwidth */\r
+ 1500, /* default maximum transmission unit */\r
+ 0, /* default hop count */\r
+ 0, /* default load */\r
+ 0, /* default reliability */\r
+ 0, /* default subnet prefix - aka CIDR */\r
+ INADDR_ANY, /* default destination address */\r
+ INADDR_ANY, /* default originating router */\r
+ 0, /* default originating autonomous system */\r
+ 0, /* default arbitrary tag */\r
+ 0, /* default external protocol metric */\r
+ 2, /* default external protocol ID */\r
+ 0, /* default external flags */\r
+ INADDR_ANY, /* default IP address sequence */\r
+ 0, /* default multicast sequence */\r
+ 0, /* do not use authentication by default */\r
+ 1 }, /* default authentication key ID */\r
+ /* XXX OSPF HEADER OPTIONS (IPPROTO_OSPF = 89) */\r
+ { OSPF_TYPE_HELLO, /* default type */\r
+ 0, /* default length */\r
+ INADDR_ANY, /* default router ID */\r
+ INADDR_ANY, /* default area ID */\r
+ 0, /* no default area ID is set */\r
+ 0, /* no default option is set */\r
+ INADDR_ANY, /* default subnet mask */\r
+ 0, /* default HELLO interval */\r
+ 1, /* default HELLO router priority */\r
+ 360, /* default HELLO router dead interval */\r
+ INADDR_ANY, /* default HELLO designated router */\r
+ INADDR_ANY, /* default HELLO backup designated */\r
+ 0, /* default HELLO number of neighbors */\r
+ { INADDR_ANY }, /* default HELLO neighbor address(es) */\r
+ 1500, /* default DD MTU */\r
+ 0, /* no default DD option is set */\r
+ 0, /* default DD sequence number */\r
+ 0, /* do not use DD LSA Header by default */\r
+ 360, /* default LSA age */\r
+ 0, /* age LSA by default */\r
+ LSA_TYPE_ROUTER, /* default LSA header type */\r
+ INADDR_ANY, /* default LSA ID */\r
+ INADDR_ANY, /* default LSA advertising router */\r
+ 0, /* default LSA sequence number */\r
+ 0, /* default LSA metric */\r
+ 0, /* no default Router-LSA flag is set */\r
+ INADDR_ANY, /* default Router-LSA link ID */\r
+ INADDR_ANY, /* default Router-LSA link data */\r
+ LINK_TYPE_PTP, /* default Router-LSA link type */\r
+ INADDR_ANY, /* default Network-LSA attached router */\r
+ 0, /* default ASBR/NSSA-LSA ext, larger */\r
+ INADDR_ANY, /* default ASBR/NSSA-LSA forward */\r
+ INADDR_ANY, /* default ASBR/NSSA-LSA external */\r
+ 0, /* default Group-LSA vertex type */\r
+ INADDR_ANY, /* default Group-LSA vertex ID */\r
+ 0, /* default LSS Extended TLV options */\r
+ 0, /* do not use authentication by default */\r
+ 1, /* default authentication key ID */\r
+ 0 }, /* default authentication sequence */\r
+};\r
+\r
+/* NOTE: Declare long_opt[] here as static makes sense! */\r
+static const struct option long_opt[] = {\r
+ /* XXX COMMON OPTIONS */\r
+ { "threshold", required_argument, NULL, OPTION_THRESHOLD },\r
+ { "flood", no_argument, NULL, OPTION_FLOOD },\r
+ { "encapsulated", no_argument, NULL, OPTION_ENCAPSULATED },\r
+ { "bogus-csum", no_argument, NULL, 'B' },\r
+#ifdef __HAVE_TURBO__\r
+ { "turbo", no_argument, NULL, OPTION_TURBO },\r
+#endif /* __HAVE_TURBO__ */\r
+ { "help", no_argument, NULL, 'h' },\r
+ /* XXX GRE HEADER OPTIONS (IPPROTO_GRE = 47) */\r
+ { "gre-seq-present", no_argument, NULL, OPTION_GRE_SEQUENCE_PRESENT },\r
+ { "gre-key-present", no_argument, NULL, OPTION_GRE_KEY_PRESENT },\r
+ { "gre-sum-present", no_argument, NULL, OPTION_GRE_CHECKSUM_PRESENT },\r
+ { "gre-key", required_argument, NULL, OPTION_GRE_KEY },\r
+ { "gre-sequence", required_argument, NULL, OPTION_GRE_SEQUENCE },\r
+ { "gre-saddr", required_argument, NULL, OPTION_GRE_SADDR },\r
+ { "gre-daddr", required_argument, NULL, OPTION_GRE_DADDR },\r
+ /* XXX DCCP, TCP & UDP HEADER OPTIONS */\r
+ { "sport", required_argument, NULL, OPTION_SOURCE },\r
+ { "dport", required_argument, NULL, OPTION_DESTINATION },\r
+ /* XXX IP HEADER OPTIONS (IPPROTO_IP = 0) */\r
+ { "saddr", required_argument, NULL, 's' },\r
+ { "tos", required_argument, NULL, OPTION_IP_TOS },\r
+ { "id", required_argument, NULL, OPTION_IP_ID },\r
+ { "frag-offset", required_argument, NULL, OPTION_IP_OFFSET },\r
+ { "ttl", required_argument, NULL, OPTION_IP_TTL },\r
+ { "protocol", required_argument, NULL, OPTION_IP_PROTOCOL },\r
+ /* XXX ICMP HEADER OPTIONS (IPPROTO_ICMP = 1) */\r
+ { "icmp-type", required_argument, NULL, OPTION_ICMP_TYPE },\r
+ { "icmp-code", required_argument, NULL, OPTION_ICMP_CODE },\r
+ { "icmp-gateway", required_argument, NULL, OPTION_ICMP_GATEWAY },\r
+ { "icmp-id", required_argument, NULL, OPTION_ICMP_ID },\r
+ { "icmp-sequence", required_argument, NULL, OPTION_ICMP_SEQUENCE },\r
+ /* XXX IGMP HEADER OPTIONS (IPPROTO_IGMP = 2) */\r
+ { "igmp-type", required_argument, NULL, OPTION_IGMP_TYPE },\r
+ { "igmp-code", required_argument, NULL, OPTION_IGMP_CODE },\r
+ { "igmp-group", required_argument, NULL, OPTION_IGMP_GROUP },\r
+ { "igmp-qrv", required_argument, NULL, OPTION_IGMP_QRV },\r
+ { "igmp-suppress", no_argument, NULL, OPTION_IGMP_SUPPRESS },\r
+ { "igmp-qqic", required_argument, NULL, OPTION_IGMP_QQIC },\r
+ { "igmp-grec-type", required_argument, NULL, OPTION_IGMP_GREC_TYPE }, \r
+ { "igmp-sources", required_argument, NULL, OPTION_IGMP_SOURCES },\r
+ { "igmp-multicast", required_argument, NULL, OPTION_IGMP_GREC_MULTICAST }, \r
+ { "igmp-address", required_argument, NULL, OPTION_IGMP_ADDRESS },\r
+ /* XXX TCP HEADER OPTIONS (IPPROTO_TCP = 6) */\r
+ { "acknowledge", required_argument, NULL, OPTION_TCP_ACKNOWLEDGE },\r
+ { "sequence", required_argument, NULL, OPTION_TCP_SEQUENCE },\r
+ { "data-offset", required_argument, NULL, OPTION_TCP_OFFSET },\r
+ { "fin", no_argument, NULL, 'F' },\r
+ { "syn", no_argument, NULL, 'S' },\r
+ { "rst", no_argument, NULL, 'R' },\r
+ { "psh", no_argument, NULL, 'P' },\r
+ { "ack", no_argument, NULL, 'A' },\r
+ { "urg", no_argument, NULL, 'U' },\r
+ { "ece", no_argument, NULL, 'E' },\r
+ { "cwr", no_argument, NULL, 'C' },\r
+ { "window", required_argument, NULL, 'W' },\r
+ { "urg-pointer", required_argument, NULL, OPTION_TCP_URGENT_POINTER },\r
+ { "mss", required_argument, NULL, OPTION_TCP_MSS },\r
+ { "wscale", required_argument, NULL, OPTION_TCP_WSOPT },\r
+ { "tstamp", required_argument, NULL, OPTION_TCP_TSOPT },\r
+ { "sack-ok", no_argument, NULL, OPTION_TCP_SACK_OK },\r
+ { "cc", required_argument, NULL, OPTION_TCP_CC },\r
+ { "ccnew", required_argument, NULL, OPTION_TCP_CC_NEW },\r
+ { "ccecho", required_argument, NULL, OPTION_TCP_CC_ECHO },\r
+ { "sack", required_argument, NULL, OPTION_TCP_SACK_EDGE },\r
+ { "md5-signature", no_argument, NULL, OPTION_TCP_MD5_SIGNATURE },\r
+ { "authentication", no_argument, NULL, OPTION_TCP_AUTHENTICATION },\r
+ { "auth-key-id", required_argument, NULL, OPTION_TCP_AUTH_KEY_ID },\r
+ { "auth-next-key", required_argument, NULL, OPTION_TCP_AUTH_NEXT_KEY },\r
+ { "nop", no_argument, NULL, OPTION_TCP_NOP },\r
+ /* XXX EGP HEADER OPTIONS (IPPROTO_EGP = 8) */\r
+ { "egp-type", required_argument, NULL, OPTION_EGP_TYPE },\r
+ { "egp-code", required_argument, NULL, OPTION_EGP_CODE },\r
+ { "egp-status", required_argument, NULL, OPTION_EGP_STATUS },\r
+ { "egp-as", required_argument, NULL, OPTION_EGP_AS },\r
+ { "egp-sequence", required_argument, NULL, OPTION_EGP_SEQUENCE },\r
+ { "egp-hello", required_argument, NULL, OPTION_EGP_HELLO },\r
+ { "egp-poll", required_argument, NULL, OPTION_EGP_POLL },\r
+ /* XXX RIP HEADER OPTIONS (IPPROTO_UDP = 17) */\r
+ { "rip-command", required_argument, NULL, OPTION_RIP_COMMAND },\r
+ { "rip-family", required_argument, NULL, OPTION_RIP_FAMILY },\r
+ { "rip-address", required_argument, NULL, OPTION_RIP_ADDRESS },\r
+ { "rip-metric", required_argument, NULL, OPTION_RIP_METRIC },\r
+ { "rip-domain", required_argument, NULL, OPTION_RIP_DOMAIN },\r
+ { "rip-tag", required_argument, NULL, OPTION_RIP_TAG },\r
+ { "rip-netmask", required_argument, NULL, OPTION_RIP_NETMASK },\r
+ { "rip-next-hop", required_argument, NULL, OPTION_RIP_NEXTHOP },\r
+ { "rip-authentication", no_argument, NULL, OPTION_RIP_AUTHENTICATION },\r
+ { "rip-auth-key-id", required_argument, NULL, OPTION_RIP_AUTH_KEY_ID },\r
+ { "rip-auth-sequence", required_argument, NULL, OPTION_RIP_AUTH_SEQUENCE },\r
+ /* XXX DCCP HEADER OPTIONS (IPPROTO_DCCP = 33) */\r
+ { "dccp-data-offset", required_argument, NULL, OPTION_DCCP_OFFSET },\r
+ { "dccp-cscov", required_argument, NULL, OPTION_DCCP_CSCOV },\r
+ { "dccp-ccval", required_argument, NULL, OPTION_DCCP_CCVAL },\r
+ { "dccp-type", required_argument, NULL, OPTION_DCCP_TYPE },\r
+ { "dccp-extended", no_argument, NULL, OPTION_DCCP_EXTEND },\r
+ { "dccp-sequence-1", required_argument, NULL, OPTION_DCCP_SEQUENCE_01 },\r
+ { "dccp-sequence-2", required_argument, NULL, OPTION_DCCP_SEQUENCE_02 },\r
+ { "dccp-sequence-3", required_argument, NULL, OPTION_DCCP_SEQUENCE_03 },\r
+ { "dccp-service", required_argument, NULL, OPTION_DCCP_SERVICE },\r
+ { "dccp-acknowledge-1", required_argument, NULL, OPTION_DCCP_ACKNOWLEDGE_01 },\r
+ { "dccp-acknowledge-2", required_argument, NULL, OPTION_DCCP_ACKNOWLEDGE_02 },\r
+ { "dccp-reset-code", required_argument, NULL, OPTION_DCCP_RESET_CODE },\r
+ /* XXX RSVP HEADER OPTIONS (IPPROTO_RSVP = 46) */\r
+ { "rsvp-flags", required_argument, NULL, OPTION_RSVP_FLAGS },\r
+ { "rsvp-type", required_argument, NULL, OPTION_RSVP_TYPE },\r
+ { "rsvp-ttl", required_argument, NULL, OPTION_RSVP_TTL },\r
+ { "rsvp-session-addr", required_argument, NULL, OPTION_RSVP_SESSION_ADDRESS },\r
+ { "rsvp-session-proto", required_argument, NULL, OPTION_RSVP_SESSION_PROTOCOL },\r
+ { "rsvp-session-flags", required_argument, NULL, OPTION_RSVP_SESSION_FLAGS },\r
+ { "rsvp-session-port", required_argument, NULL, OPTION_RSVP_SESSION_PORT },\r
+ { "rsvp-hop-addr", required_argument, NULL, OPTION_RSVP_HOP_ADDRESS },\r
+ { "rsvp-hop-iface", required_argument, NULL, OPTION_RSVP_HOP_IFACE },\r
+ { "rsvp-time-refresh", required_argument, NULL, OPTION_RSVP_TIME_REFRESH },\r
+ { "rsvp-error-addr", required_argument, NULL, OPTION_RSVP_ERROR_ADDRESS },\r
+ { "rsvp-error-flags", required_argument, NULL, OPTION_RSVP_ERROR_FLAGS },\r
+ { "rsvp-error-code", required_argument, NULL, OPTION_RSVP_ERROR_CODE },\r
+ { "rsvp-error-value", required_argument, NULL, OPTION_RSVP_ERROR_VALUE },\r
+ { "rsvp-scope", required_argument, NULL, OPTION_RSVP_SCOPE },\r
+ { "rsvp-address", required_argument, NULL, OPTION_RSVP_SCOPE_ADDRESS },\r
+ { "rsvp-style-option", required_argument, NULL, OPTION_RSVP_STYLE_OPTION },\r
+ { "rsvp-sender-addr", required_argument, NULL, OPTION_RSVP_SENDER_ADDRESS },\r
+ { "rsvp-sender-port", required_argument, NULL, OPTION_RSVP_SENDER_PORT },\r
+ { "rsvp-tspec-traffic", no_argument, NULL, OPTION_RSVP_TSPEC_TRAFFIC },\r
+ { "rsvp-tspec-guaranteed", no_argument, NULL, OPTION_RSVP_TSPEC_GUARANTEED },\r
+ { "rsvp-tspec-r", required_argument, NULL, OPTION_RSVP_TSPEC_TOKEN_R },\r
+ { "rsvp-tspec-b", required_argument, NULL, OPTION_RSVP_TSPEC_TOKEN_B },\r
+ { "rsvp-tspec-p", required_argument, NULL, OPTION_RSVP_TSPEC_DATA_P },\r
+ { "rsvp-tspec-m", required_argument, NULL, OPTION_RSVP_TSPEC_MINIMUM },\r
+ { "rsvp-tspec-M", required_argument, NULL, OPTION_RSVP_TSPEC_MAXIMUM },\r
+ { "rsvp-adspec-ishop", required_argument, NULL, OPTION_RSVP_ADSPEC_ISHOP },\r
+ { "rsvp-adspec-path", required_argument, NULL, OPTION_RSVP_ADSPEC_PATH },\r
+ { "rsvp-adspec-m", required_argument, NULL, OPTION_RSVP_ADSPEC_MINIMUM },\r
+ { "rsvp-adspec-mtu", required_argument, NULL, OPTION_RSVP_ADSPEC_MTU },\r
+ { "rsvp-adspec-guaranteed", no_argument, NULL, OPTION_RSVP_ADSPEC_GUARANTEED },\r
+ { "rsvp-adspec-Ctot", required_argument, NULL, OPTION_RSVP_ADSPEC_CTOT },\r
+ { "rsvp-adspec-Dtot", required_argument, NULL, OPTION_RSVP_ADSPEC_DTOT },\r
+ { "rsvp-adspec-Csum", required_argument, NULL, OPTION_RSVP_ADSPEC_CSUM },\r
+ { "rsvp-adspec-Dsum", required_argument, NULL, OPTION_RSVP_ADSPEC_DSUM },\r
+ { "rsvp-adspec-controlled", no_argument, NULL, OPTION_RSVP_ADSPEC_CONTROLLED },\r
+ { "rsvp-confirm-addr", required_argument, NULL, OPTION_RSVP_CONFIRM_ADDR },\r
+ /* XXX IPSEC HEADER OPTIONS (IPPROTO_AH = 51 & IPPROTO_ESP = 50) */\r
+ { "ipsec-ah-length", required_argument, NULL, OPTION_IPSEC_AH_LENGTH },\r
+ { "ipsec-ah-spi", required_argument, NULL, OPTION_IPSEC_AH_SPI },\r
+ { "ipsec-ah-sequence", required_argument, NULL, OPTION_IPSEC_AH_SEQUENCE },\r
+ { "ipsec-esp-spi", required_argument, NULL, OPTION_IPSEC_ESP_SPI },\r
+ { "ipsec-esp-sequence", required_argument, NULL, OPTION_IPSEC_ESP_SEQUENCE },\r
+ /* XXX EIGRP HEADER OPTIONS (IPPROTO_EIGRP = 88) */\r
+ { "eigrp-opcode", required_argument, NULL, OPTION_EIGRP_OPCODE },\r
+ { "eigrp-flags", required_argument, NULL, OPTION_EIGRP_FLAGS },\r
+ { "eigrp-sequence", required_argument, NULL, OPTION_EIGRP_SEQUENCE },\r
+ { "eigrp-acknowledge", required_argument, NULL, OPTION_EIGRP_ACKNOWLEDGE },\r
+ { "eigrp-as", required_argument, NULL, OPTION_EIGRP_AS },\r
+ { "eigrp-type", required_argument, NULL, OPTION_EIGRP_TYPE },\r
+ { "eigrp-length", required_argument, NULL, OPTION_EIGRP_LENGTH },\r
+ { "eigrp-k1", required_argument, NULL, OPTION_EIGRP_K1 },\r
+ { "eigrp-k2", required_argument, NULL, OPTION_EIGRP_K2 },\r
+ { "eigrp-k3", required_argument, NULL, OPTION_EIGRP_K3 },\r
+ { "eigrp-k4", required_argument, NULL, OPTION_EIGRP_K4 },\r
+ { "eigrp-k5", required_argument, NULL, OPTION_EIGRP_K5 },\r
+ { "eigrp-hold", required_argument, NULL, OPTION_EIGRP_HOLD },\r
+ { "eigrp-ios-ver", required_argument, NULL, OPTION_EIGRP_IOS_VERSION },\r
+ { "eigrp-rel-ver", required_argument, NULL, OPTION_EIGRP_PROTO_VERSION },\r
+ { "eigrp-next-hop", required_argument, NULL, OPTION_EIGRP_NEXTHOP },\r
+ { "eigrp-delay", required_argument, NULL, OPTION_EIGRP_DELAY },\r
+ { "eigrp-bandwidth", required_argument, NULL, OPTION_EIGRP_BANDWIDTH },\r
+ { "eigrp-mtu", required_argument, NULL, OPTION_EIGRP_MTU },\r
+ { "eigrp-hop-count", required_argument, NULL, OPTION_EIGRP_HOP_COUNT },\r
+ { "eigrp-load", required_argument, NULL, OPTION_EIGRP_LOAD },\r
+ { "eigrp-reliability", required_argument, NULL, OPTION_EIGRP_RELIABILITY },\r
+ { "eigrp-daddr", required_argument, NULL, OPTION_EIGRP_DESINATION },\r
+ { "eigrp-src-router", required_argument, NULL, OPTION_EIGRP_SOURCE_ROUTER },\r
+ { "eigrp-src-as", required_argument, NULL, OPTION_EIGRP_SOURCE_AS },\r
+ { "eigrp-tag", required_argument, NULL, OPTION_EIGRP_TAG },\r
+ { "eigrp-proto-metric", required_argument, NULL, OPTION_EIGRP_METRIC },\r
+ { "eigrp-proto-id", required_argument, NULL, OPTION_EIGRP_ID },\r
+ { "eigrp-ext-flags", required_argument, NULL, OPTION_EIGRP_EXTERNAL_FLAGS },\r
+ { "eigrp-address", required_argument, NULL, OPTION_EIGRP_ADDRESS },\r
+ { "eigrp-multicast", required_argument, NULL, OPTION_EIGRP_MULTICAST },\r
+ { "eigrp-authentication", no_argument, NULL, OPTION_EIGRP_AUTHENTICATION },\r
+ { "eigrp-auth-key-id", required_argument, NULL, OPTION_EIGRP_AUTH_KEY_ID },\r
+ /* XXX OSPF HEADER OPTIONS (IPPROTO_OSPF = 89) */\r
+ { "ospf-type", required_argument, NULL, OPTION_OSPF_TYPE },\r
+ { "ospf-length", required_argument, NULL, OPTION_OSPF_LENGTH },\r
+ { "ospf-router-id", required_argument, NULL, OPTION_OSPF_ROUTER_ID },\r
+ { "ospf-area-id", required_argument, NULL, OPTION_OSPF_AREA_ID },\r
+ { "ospf-option-MT", no_argument, NULL, '1' },\r
+ { "ospf-option-E", no_argument, NULL, '2' },\r
+ { "ospf-option-MC", no_argument, NULL, '3' },\r
+ { "ospf-option-NP", no_argument, NULL, '4' },\r
+ { "ospf-option-L", no_argument, NULL, '5' },\r
+ { "ospf-option-DC", no_argument, NULL, '6' },\r
+ { "ospf-option-O", no_argument, NULL, '7' },\r
+ { "ospf-option-DN", no_argument, NULL, '8' },\r
+ { "ospf-netmask", required_argument, NULL, OPTION_OSPF_NETMASK },\r
+ { "ospf-hello-interval", required_argument, NULL, OPTION_OSPF_HELLO_INTERVAL },\r
+ { "ospf-hello-priority", required_argument, NULL, OPTION_OSPF_HELLO_PRIORITY },\r
+ { "ospf-hello-dead", required_argument, NULL, OPTION_OSPF_HELLO_DEAD },\r
+ { "ospf-hello-design", required_argument, NULL, OPTION_OSPF_HELLO_DESIGN },\r
+ { "ospf-hello-backup", required_argument, NULL, OPTION_OSPF_HELLO_BACKUP },\r
+ { "ospf-neighbor", required_argument, NULL, OPTION_OSPF_HELLO_NEIGHBOR },\r
+ { "ospf-address", required_argument, NULL, OPTION_OSPF_HELLO_ADDRESS },\r
+ { "ospf-dd-mtu", required_argument, NULL, OPTION_OSPF_DD_MTU },\r
+ { "ospf-dd-dbdesc-MS", no_argument, NULL, OPTION_OSPF_DD_MASTER_SLAVE },\r
+ { "ospf-dd-dbdesc-M", no_argument, NULL, OPTION_OSPF_DD_MORE },\r
+ { "ospf-dd-dbdesc-I", no_argument, NULL, OPTION_OSPF_DD_INIT },\r
+ { "ospf-dd-dbdesc-R", no_argument, NULL, OPTION_OSPF_DD_OOBRESYNC },\r
+ { "ospf-dd-sequence", required_argument, NULL, OPTION_OSPF_DD_SEQUENCE },\r
+ { "ospf-dd-include-lsa", no_argument, NULL, OPTION_OSPF_DD_INCLUDE_LSA },\r
+ { "ospf-lsa-age", required_argument, NULL, OPTION_OSPF_LSA_AGE },\r
+ { "ospf-lsa-do-not-age", no_argument, NULL, OPTION_OSPF_LSA_DO_NOT_AGE },\r
+ { "ospf-lsa-type", required_argument, NULL, OPTION_OSPF_LSA_TYPE },\r
+ { "ospf-lsa-id", required_argument, NULL, OPTION_OSPF_LSA_LSID },\r
+ { "ospf-lsa-router", required_argument, NULL, OPTION_OSPF_LSA_ROUTER },\r
+ { "ospf-lsa-sequence", required_argument, NULL, OPTION_OSPF_LSA_SEQUENCE },\r
+ { "ospf-lsa-metric", required_argument, NULL, OPTION_OSPF_LSA_METRIC },\r
+ { "ospf-lsa-flag-B", no_argument, NULL, OPTION_OSPF_LSA_FLAG_BORDER },\r
+ { "ospf-lsa-flag-E", no_argument, NULL, OPTION_OSPF_LSA_FLAG_EXTERNAL },\r
+ { "ospf-lsa-flag-V", no_argument, NULL, OPTION_OSPF_LSA_FLAG_VIRTUAL },\r
+ { "ospf-lsa-flag-W", no_argument, NULL, OPTION_OSPF_LSA_FLAG_WILD },\r
+ { "ospf-lsa-flag-NT", no_argument, NULL, OPTION_OSPF_LSA_FLAG_NSSA_TR },\r
+ { "ospf-lsa-link-id", required_argument, NULL, OPTION_OSPF_LSA_LINK_ID },\r
+ { "ospf-lsa-link-data", required_argument, NULL, OPTION_OSPF_LSA_LINK_DATA },\r
+ { "ospf-lsa-link-type", required_argument, NULL, OPTION_OSPF_LSA_LINK_TYPE },\r
+ { "ospf-lsa-attached", required_argument, NULL, OPTION_OSPF_LSA_ATTACHED },\r
+ { "ospf-lsa-larger", no_argument, NULL, OPTION_OSPF_LSA_LARGER },\r
+ { "ospf-lsa-forward", required_argument, NULL, OPTION_OSPF_LSA_FORWARD },\r
+ { "ospf-lsa-external", required_argument, NULL, OPTION_OSPF_LSA_EXTERNAL },\r
+ { "ospf-vertex-router", no_argument, NULL, OPTION_OSPF_VERTEX_ROUTER },\r
+ { "ospf-vertex-network", no_argument, NULL, OPTION_OSPF_VERTEX_NETWORK },\r
+ { "ospf-vertex-id", required_argument, NULL, OPTION_OSPF_VERTEX_ID },\r
+ { "ospf-lls-extended-LR", no_argument, NULL, OPTIONS_OSPF_LLS_OPTION_LR },\r
+ { "ospf-lls-extended-RS", no_argument, NULL, OPTIONS_OSPF_LLS_OPTION_RS },\r
+ { "ospf-authentication", no_argument, NULL, OPTION_OSPF_AUTHENTICATION },\r
+ { "ospf-auth-key-id", required_argument, NULL, OPTION_OSPF_AUTH_KEY_ID },\r
+ { "ospf-auth-sequence", required_argument, NULL, OPTION_OSPF_AUTH_SEQUENCE },\r
+ { 0, 0, NULL, 0 },\r
+};\r
+\r
+/* CLI options configuration */\r
+struct config_options *getConfigOptions(int argc, char ** argv) \r
+{\r
+ int cli_opts;\r
+ int counter;\r
+\r
+ /* The following variables will be used by 'getsubopt()'. */\r
+ char *optionp, *valuep, *tmp_ptr;\r
+ int opt_ind;\r
+\r
+ /* Checking command line interface options. */\r
+ for (;;)\r
+ {\r
+ opt_ind = 0;\r
+\r
+ if ( (cli_opts = getopt_long(argc, argv, "s:12345678FSRPAUECW:Bh?", long_opt, &opt_ind)) == -1 )\r
+ break;\r
+\r
+ switch (cli_opts)\r
+ {\r
+ /* XXX COMMON OPTIONS */\r
+ case OPTION_THRESHOLD:\r
+ o.threshold = atol(optarg);\r
+ break;\r
+ case OPTION_FLOOD:\r
+ o.flood = 1;\r
+ break;\r
+ case OPTION_ENCAPSULATED:\r
+ o.encapsulated = 1;\r
+ break;\r
+ case 'B':\r
+ o.bogus_csum = 1;\r
+ break;\r
+\r
+#ifdef __HAVE_TURBO__\r
+ case OPTION_TURBO:\r
+ o.turbo = 1;\r
+ break;\r
+#endif /* __HAVE_TURBO__ */\r
+\r
+ case OPTION_LIST_PROTOCOL:\r
+ fprintf(stdout,\r
+ "List of supported protocols:\n");\r
+ for (counter = 0; mod_acronyms[counter] != NULL ; counter++)\r
+ fprintf(stdout,\r
+ "\t%2d PROTO = %-6s (%s)\n",\r
+ counter+1,\r
+ mod_acronyms[counter],\r
+ mod_names[counter]);\r
+ exit(EXIT_SUCCESS);\r
+ break;\r
+\r
+ /* XXX GRE HEADER OPTIONS (IPPROTO_GRE = 47) */\r
+ case OPTION_GRE_SEQUENCE_PRESENT:\r
+ o.gre.options |= GRE_OPTION_SEQUENCE;\r
+ o.gre.S = 1;\r
+ break;\r
+ case OPTION_GRE_KEY_PRESENT:\r
+ o.gre.options |= GRE_OPTION_KEY;\r
+ o.gre.K = 1;\r
+ break;\r
+ case OPTION_GRE_CHECKSUM_PRESENT:\r
+ o.gre.options |= GRE_OPTION_CHECKSUM;\r
+ o.gre.C = 1;\r
+ break;\r
+ case OPTION_GRE_KEY:\r
+ o.gre.key = atol(optarg);\r
+ break;\r
+ case OPTION_GRE_SEQUENCE:\r
+ o.gre.sequence = atoi(optarg);\r
+ break;\r
+ case OPTION_GRE_SADDR:\r
+ o.gre.saddr = resolv(optarg);\r
+ break;\r
+ case OPTION_GRE_DADDR:\r
+ o.gre.daddr = resolv(optarg);\r
+ break;\r
+\r
+ /* XXX DCCP, TCP & UDP HEADER OPTIONS */\r
+ case OPTION_SOURCE:\r
+ o.source = atoi(optarg);\r
+ break;\r
+ case OPTION_DESTINATION:\r
+ o.dest = atoi(optarg);\r
+ break;\r
+\r
+ /* XXX IP HEADER OPTIONS (IPPROTO_IP = 0) */\r
+ case OPTION_IP_TOS:\r
+ o.ip.tos = atoi(optarg);\r
+ break;\r
+ case OPTION_IP_ID:\r
+ o.ip.id = atoi(optarg);\r
+ break;\r
+ case OPTION_IP_OFFSET:\r
+ o.ip.frag_off = atoi(optarg);\r
+ break;\r
+ case OPTION_IP_TTL:\r
+ o.ip.ttl = atoi(optarg);\r
+ break;\r
+ case 's':\r
+ o.ip.saddr = resolv(optarg);\r
+ break;\r
+ case OPTION_IP_PROTOCOL:\r
+ optionp = optarg;\r
+\r
+ while (*optionp != '\0')\r
+ {\r
+ switch (counter = getsubopt(&optionp, mod_acronyms, &valuep))\r
+ {\r
+ case MODULE_ICMP:\r
+ o.ip.protocol = IPPROTO_ICMP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_IGMPv1:\r
+ o.ip.protocol = IPPROTO_IGMP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_IGMPv3:\r
+ o.ip.protocol = IPPROTO_IGMP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_TCP:\r
+ o.ip.protocol = IPPROTO_TCP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_EGP:\r
+ o.ip.protocol = IPPROTO_EGP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_UDP:\r
+ o.ip.protocol = IPPROTO_UDP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_RIPv1:\r
+ o.ip.protocol = IPPROTO_UDP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_RIPv2:\r
+ o.ip.protocol = IPPROTO_UDP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_DCCP:\r
+ o.ip.protocol = IPPROTO_DCCP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_RSVP:\r
+ o.ip.protocol = IPPROTO_RSVP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_IPSEC:\r
+ o.ip.protocol = IPPROTO_AH;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_EIGRP:\r
+ o.ip.protocol = IPPROTO_EIGRP;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_OSPF:\r
+ o.ip.protocol = IPPROTO_OSPF;\r
+ o.ip.protoname = counter; break;\r
+ case MODULE_T50:\r
+ o.ip.protocol = IPPROTO_T50;\r
+ o.ip.protoname = counter; break;\r
+ default:\r
+ fprintf(stderr,\r
+ "%s(): Protocol %s is not implemented\n",\r
+ __FUNCTION__,\r
+ optarg);\r
+ fflush(stderr);\r
+ exit(EXIT_FAILURE);\r
+ }\r
+ } \r
+ break;\r
+\r
+ /* XXX ICMP HEADER OPTIONS (IPPROTO_ICMP = 1) */\r
+ case OPTION_ICMP_TYPE:\r
+ o.icmp.type = atoi(optarg); break;\r
+ case OPTION_ICMP_CODE:\r
+ o.icmp.code = atoi(optarg); break;\r
+ case OPTION_ICMP_ID:\r
+ o.icmp.id = atoi(optarg); break;\r
+ case OPTION_ICMP_SEQUENCE:\r
+ o.icmp.sequence = atoi(optarg); break;\r
+ case OPTION_ICMP_GATEWAY:\r
+ o.icmp.gateway = resolv(optarg); break;\r
+\r
+ /* XXX IGMP HEADER OPTIONS (IPPROTO_IGMP = 2) */\r
+ case OPTION_IGMP_TYPE:\r
+ o.igmp.type = atoi(optarg); break;\r
+ case OPTION_IGMP_CODE:\r
+ o.igmp.code = atoi(optarg); break;\r
+ case OPTION_IGMP_GROUP:\r
+ o.igmp.group = resolv(optarg); break;\r
+ case OPTION_IGMP_QRV:\r
+ o.igmp.qrv = atoi(optarg); break;\r
+ case OPTION_IGMP_SUPPRESS:\r
+ o.igmp.suppress = 1; break;\r
+ case OPTION_IGMP_QQIC:\r
+ o.igmp.qqic = atoi(optarg); break;\r
+ case OPTION_IGMP_GREC_TYPE:\r
+ o.igmp.grec_type = atoi(optarg); break;\r
+ case OPTION_IGMP_SOURCES:\r
+ o.igmp.sources = atoi(optarg); break;\r
+ case OPTION_IGMP_GREC_MULTICAST:\r
+ o.igmp.grec_mca = resolv(optarg); break;\r
+ case OPTION_IGMP_ADDRESS:\r
+ tmp_ptr = strtok(optarg, ",");\r
+\r
+ for (counter = 0;\r
+ counter < (int)(sizeof(o.igmp.address)/sizeof(in_addr_t));\r
+ counter++)\r
+ {\r
+ if (tmp_ptr == NULL) \r
+ break;\r
+\r
+ o.igmp.address[counter] = resolv(tmp_ptr);\r
+ tmp_ptr = strtok(NULL, ",");\r
+ }\r
+\r
+ o.igmp.sources = counter; \r
+ break;\r
+\r
+ /* XXX TCP HEADER OPTIONS (IPPROTO_TCP = 6) */\r
+ case OPTION_TCP_SEQUENCE:\r
+ o.tcp.sequence = atol(optarg); break;\r
+ case OPTION_TCP_ACKNOWLEDGE:\r
+ o.tcp.acknowledge = atol(optarg); break;\r
+ case OPTION_TCP_OFFSET:\r
+ o.tcp.doff = atoi(optarg); break;\r
+ case 'F':\r
+ o.tcp.fin = 1; break;\r
+ case 'S':\r
+ o.tcp.syn = 1; break;\r
+ case 'R':\r
+ o.tcp.rst = 1; break;\r
+ case 'P':\r
+ o.tcp.psh = 1; break;\r
+ case 'A':\r
+ o.tcp.ack = 1; break;\r
+ case 'U':\r
+ o.tcp.urg = 1; break;\r
+ case 'E':\r
+ o.tcp.ece = 1; break;\r
+ case 'C':\r
+ o.tcp.cwr = 1; break;\r
+ case 'W':\r
+ o.tcp.window = atoi(optarg); break;\r
+ case OPTION_TCP_URGENT_POINTER:\r
+ o.tcp.urg_ptr = atoi(optarg); break;\r
+ case OPTION_TCP_MSS:\r
+ o.tcp.options |= TCP_OPTION_MSS;\r
+ o.tcp.mss = atoi(optarg); break;\r
+ case OPTION_TCP_WSOPT:\r
+ o.tcp.options |= TCP_OPTION_WSOPT;\r
+ o.tcp.wsopt = atoi(optarg); break;\r
+ case OPTION_TCP_TSOPT:\r
+ o.tcp.options |= TCP_OPTION_TSOPT;\r
+ if ( (tmp_ptr = (char *) strchr(optarg, 0x3a)) != NULL )\r
+ {\r
+ uint32_t t;\r
+\r
+ if ((t = atol(tmp_ptr + 1)) != 0)\r
+ o.tcp.tsecr = t;\r
+\r
+ tmp_ptr = strtok(optarg, ":");\r
+\r
+ if (tmp_ptr != NULL)\r
+ o.tcp.tsval = atol(tmp_ptr);\r
+ } \r
+ break;\r
+ case OPTION_TCP_SACK_OK:\r
+ o.tcp.options |= TCP_OPTION_SACK_OK; break;\r
+ case OPTION_TCP_CC:\r
+ o.tcp.options |= TCP_OPTION_CC;\r
+ o.tcp.cc = atol(optarg); break;\r
+ case OPTION_TCP_CC_NEW:\r
+ o.tcp.options |= TCP_OPTION_CC_NEXT;\r
+ o.tcp.cc_new = atol(optarg); break;\r
+ case OPTION_TCP_CC_ECHO:\r
+ o.tcp.options |= TCP_OPTION_CC_NEXT;\r
+ o.tcp.cc_echo = atol(optarg); break;\r
+ case OPTION_TCP_SACK_EDGE:\r
+ o.tcp.options |= TCP_OPTION_SACK_EDGE;\r
+\r
+ if ( (tmp_ptr = (char *) strchr(optarg, 0x3a)) != NULL )\r
+ {\r
+ uint32_t t;\r
+\r
+ if ((t = atol(tmp_ptr + 1)) != 0)\r
+ o.tcp.sack_right = t;\r
+ tmp_ptr = strtok(optarg, ":");\r
+ if (tmp_ptr != NULL)\r
+ o.tcp.sack_left = atol(tmp_ptr);\r
+ } \r
+ break;\r
+\r
+ case OPTION_TCP_MD5_SIGNATURE:\r
+ o.tcp.md5 = 1;\r
+ o.tcp.auth = 0; break;\r
+ case OPTION_TCP_AUTHENTICATION:\r
+ o.tcp.md5 = 0;\r
+ o.tcp.auth = 1; break;\r
+ case OPTION_TCP_AUTH_KEY_ID:\r
+ o.tcp.key_id = atoi(optarg); break;\r
+ case OPTION_TCP_AUTH_NEXT_KEY:\r
+ o.tcp.next_key = atoi(optarg); break;\r
+ case OPTION_TCP_NOP:\r
+ o.tcp.nop = TCPOPT_NOP; break;\r
+\r
+ /* XXX EGP HEADER OPTIONS (IPPROTO_EGP = 8) */\r
+ case OPTION_EGP_TYPE:\r
+ o.egp.type = atoi(optarg); break;\r
+ case OPTION_EGP_CODE:\r
+ o.egp.code = atoi(optarg); break;\r
+ case OPTION_EGP_STATUS:\r
+ o.egp.status = atoi(optarg); break;\r
+ case OPTION_EGP_AS:\r
+ o.egp.as = atoi(optarg); break;\r
+ case OPTION_EGP_SEQUENCE:\r
+ o.egp.sequence = atoi(optarg); break;\r
+ case OPTION_EGP_HELLO:\r
+ o.egp.hello = atoi(optarg); break;\r
+ case OPTION_EGP_POLL:\r
+ o.egp.poll = atoi(optarg); break;\r
+\r
+ /* XXX RIP HEADER OPTIONS (IPPROTO_UDP = 17) */\r
+ case OPTION_RIP_COMMAND:\r
+ o.rip.command = atoi(optarg); break;\r
+ case OPTION_RIP_FAMILY:\r
+ o.rip.family = atoi(optarg); break;\r
+ case OPTION_RIP_ADDRESS:\r
+ o.rip.address = resolv(optarg); break;\r
+ case OPTION_RIP_METRIC:\r
+ o.rip.metric = atol(optarg); break;\r
+ case OPTION_RIP_DOMAIN:\r
+ o.rip.domain = atoi(optarg); break;\r
+ case OPTION_RIP_TAG:\r
+ o.rip.tag = atoi(optarg); break;\r
+ case OPTION_RIP_NETMASK:\r
+ o.rip.netmask = resolv(optarg); break;\r
+ case OPTION_RIP_NEXTHOP:\r
+ o.rip.next_hop = resolv(optarg); break;\r
+ case OPTION_RIP_AUTHENTICATION:\r
+ o.rip.auth = 1;\r
+ break;\r
+ case OPTION_RIP_AUTH_KEY_ID:\r
+ o.rip.key_id = atoi(optarg); break;\r
+ case OPTION_RIP_AUTH_SEQUENCE:\r
+ o.rip.sequence = atol(optarg); break;\r
+\r
+ /* XXX DCCP HEADER OPTIONS (IPPROTO_DCCP = 33) */\r
+ case OPTION_DCCP_OFFSET:\r
+ o.dccp.doff = atoi(optarg); break;\r
+ case OPTION_DCCP_CSCOV:\r
+ o.dccp.cscov = atoi(optarg); break;\r
+ case OPTION_DCCP_CCVAL:\r
+ o.dccp.ccval = atoi(optarg); break;\r
+ case OPTION_DCCP_TYPE:\r
+ o.dccp.type = atoi(optarg); break;\r
+ case OPTION_DCCP_EXTEND:\r
+ o.dccp.ext = 1; break;\r
+ case OPTION_DCCP_SEQUENCE_01:\r
+ o.dccp.sequence_01 = atoi(optarg); break;\r
+ case OPTION_DCCP_SEQUENCE_02:\r
+ o.dccp.sequence_02 = atoi(optarg); break;\r
+ case OPTION_DCCP_SEQUENCE_03:\r
+ o.dccp.sequence_03 = atol(optarg); break;\r
+ case OPTION_DCCP_SERVICE:\r
+ o.dccp.service = atol(optarg); break;\r
+ case OPTION_DCCP_ACKNOWLEDGE_01:\r
+ o.dccp.acknowledge_01 = atoi(optarg); break;\r
+ case OPTION_DCCP_ACKNOWLEDGE_02:\r
+ o.dccp.acknowledge_02 = atol(optarg); break;\r
+ case OPTION_DCCP_RESET_CODE:\r
+ o.dccp.rst_code = atoi(optarg); break;\r
+\r
+ /* XXX RSVP HEADER OPTIONS (IPPROTO_RSVP = 46) */\r
+ case OPTION_RSVP_FLAGS:\r
+ o.rsvp.flags = atoi(optarg); break;\r
+ case OPTION_RSVP_TYPE:\r
+ o.rsvp.type = atoi(optarg); break;\r
+ case OPTION_RSVP_TTL:\r
+ o.rsvp.ttl = atoi(optarg); break;\r
+ case OPTION_RSVP_SESSION_ADDRESS:\r
+ o.rsvp.session_addr = resolv(optarg); break;\r
+ case OPTION_RSVP_SESSION_PROTOCOL:\r
+ o.rsvp.session_proto = atoi(optarg); break;\r
+ case OPTION_RSVP_SESSION_FLAGS:\r
+ o.rsvp.session_flags = atoi(optarg); break;\r
+ case OPTION_RSVP_SESSION_PORT:\r
+ o.rsvp.session_port = atoi(optarg); break;\r
+ case OPTION_RSVP_HOP_ADDRESS:\r
+ o.rsvp.hop_addr = resolv(optarg); break;\r
+ case OPTION_RSVP_HOP_IFACE:\r
+ o.rsvp.hop_iface = atol(optarg); break;\r
+ case OPTION_RSVP_TIME_REFRESH:\r
+ o.rsvp.time_refresh = atol(optarg); break;\r
+ case OPTION_RSVP_ERROR_ADDRESS:\r
+ o.rsvp.error_addr = resolv(optarg); break;\r
+ case OPTION_RSVP_ERROR_FLAGS:\r
+ o.rsvp.error_flags = atoi(optarg); break;\r
+ case OPTION_RSVP_ERROR_CODE:\r
+ o.rsvp.error_code = atoi(optarg); break;\r
+ case OPTION_RSVP_ERROR_VALUE:\r
+ o.rsvp.error_value = atoi(optarg); break;\r
+ case OPTION_RSVP_SCOPE:\r
+ o.rsvp.scope = atoi(optarg); break;\r
+ case OPTION_RSVP_SCOPE_ADDRESS:\r
+ tmp_ptr = strtok(optarg, ",");\r
+ for (counter=0; counter < (int)(sizeof(o.rsvp.address)/sizeof(in_addr_t)); counter++)\r
+ {\r
+ if (tmp_ptr == NULL) break;\r
+ o.rsvp.address[counter] = resolv(tmp_ptr);\r
+ tmp_ptr = strtok(NULL, ",");\r
+ }\r
+ o.rsvp.scope = counter; \r
+ break;\r
+ case OPTION_RSVP_STYLE_OPTION:\r
+ o.rsvp.style_opt = atol(optarg);\r
+ break;\r
+ case OPTION_RSVP_SENDER_ADDRESS:\r
+ o.rsvp.sender_addr = resolv(optarg); break;\r
+ case OPTION_RSVP_SENDER_PORT:\r
+ o.rsvp.sender_port = atoi(optarg); break;\r
+ case OPTION_RSVP_TSPEC_TRAFFIC:\r
+ o.rsvp.tspec = TSPEC_TRAFFIC_SERVICE; break;\r
+ case OPTION_RSVP_TSPEC_GUARANTEED:\r
+ o.rsvp.tspec = TSPEC_GUARANTEED_SERVICE; break;\r
+ case OPTION_RSVP_TSPEC_TOKEN_R:\r
+ o.rsvp.tspec = TSPEC_TRAFFIC_SERVICE;\r
+ o.rsvp.tspec_r = atol(optarg); break;\r
+ case OPTION_RSVP_TSPEC_TOKEN_B:\r
+ o.rsvp.tspec = TSPEC_TRAFFIC_SERVICE;\r
+ o.rsvp.tspec_b = atol(optarg); break;\r
+ case OPTION_RSVP_TSPEC_DATA_P:\r
+ o.rsvp.tspec = TSPEC_TRAFFIC_SERVICE;\r
+ o.rsvp.tspec_p = atol(optarg); break;\r
+ case OPTION_RSVP_TSPEC_MINIMUM:\r
+ o.rsvp.tspec = TSPEC_TRAFFIC_SERVICE;\r
+ o.rsvp.tspec_m = atol(optarg); break;\r
+ case OPTION_RSVP_TSPEC_MAXIMUM:\r
+ o.rsvp.tspec = TSPEC_TRAFFIC_SERVICE;\r
+ o.rsvp.tspec_M = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_ISHOP:\r
+ o.rsvp.adspec_hop = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_PATH:\r
+ o.rsvp.adspec_path = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_MINIMUM:\r
+ o.rsvp.adspec_minimum = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_MTU:\r
+ o.rsvp.adspec_mtu = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_GUARANTEED:\r
+ o.rsvp.adspec = ADSPEC_GUARANTEED_SERVICE; break;\r
+ case OPTION_RSVP_ADSPEC_CTOT:\r
+ o.rsvp.adspec = ADSPEC_GUARANTEED_SERVICE;\r
+ o.rsvp.adspec_Ctot = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_DTOT:\r
+ o.rsvp.adspec = ADSPEC_GUARANTEED_SERVICE;\r
+ o.rsvp.adspec_Dtot = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_CSUM:\r
+ o.rsvp.adspec = ADSPEC_GUARANTEED_SERVICE;\r
+ o.rsvp.adspec_Csum = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_DSUM:\r
+ o.rsvp.adspec = ADSPEC_GUARANTEED_SERVICE;\r
+ o.rsvp.adspec_Dsum = atol(optarg); break;\r
+ case OPTION_RSVP_ADSPEC_CONTROLLED:\r
+ o.rsvp.adspec = ADSPEC_CONTROLLED_SERVICE; break;\r
+ case OPTION_RSVP_CONFIRM_ADDR:\r
+ o.rsvp.confirm_addr = resolv(optarg); break;\r
+\r
+ /* XXX IPSEC HEADER OPTIONS (IPPROTO_AH = 51 & IPPROTO_ESP = 50) */\r
+ case OPTION_IPSEC_AH_LENGTH:\r
+ o.ipsec.ah_length = atoi(optarg); break;\r
+ case OPTION_IPSEC_AH_SPI:\r
+ o.ipsec.ah_spi = atol(optarg); break;\r
+ case OPTION_IPSEC_AH_SEQUENCE:\r
+ o.ipsec.ah_sequence = atol(optarg); break;\r
+ case OPTION_IPSEC_ESP_SPI:\r
+ o.ipsec.esp_spi = atol(optarg); break;\r
+ case OPTION_IPSEC_ESP_SEQUENCE:\r
+ o.ipsec.esp_sequence = atol(optarg); break;\r
+\r
+ /* XXX EIGRP HEADER OPTIONS (IPPROTO_EIGRP = 88) */\r
+ case OPTION_EIGRP_OPCODE:\r
+ o.eigrp.opcode = atoi(optarg); break;\r
+ case OPTION_EIGRP_FLAGS:\r
+ o.eigrp.flags = atol(optarg); break;\r
+ case OPTION_EIGRP_SEQUENCE:\r
+ o.eigrp.sequence = atol(optarg); break;\r
+ case OPTION_EIGRP_ACKNOWLEDGE:\r
+ o.eigrp.acknowledge = atol(optarg); break;\r
+ case OPTION_EIGRP_AS:\r
+ o.eigrp.as = atol(optarg); break;\r
+ case OPTION_EIGRP_TYPE:\r
+ o.eigrp.type = atoi(optarg); break;\r
+ case OPTION_EIGRP_LENGTH:\r
+ o.eigrp.length = atoi(optarg); break;\r
+ case OPTION_EIGRP_K1:\r
+ o.eigrp.values |= EIGRP_KVALUE_K1;\r
+ o.eigrp.k1 = atoi(optarg); break;\r
+ case OPTION_EIGRP_K2:\r
+ o.eigrp.values |= EIGRP_KVALUE_K2;\r
+ o.eigrp.k2 = atoi(optarg); break;\r
+ case OPTION_EIGRP_K3:\r
+ o.eigrp.values |= EIGRP_KVALUE_K3;\r
+ o.eigrp.k3 = atoi(optarg); break;\r
+ case OPTION_EIGRP_K4:\r
+ o.eigrp.values |= EIGRP_KVALUE_K4;\r
+ o.eigrp.k4 = atoi(optarg); break;\r
+ case OPTION_EIGRP_K5:\r
+ o.eigrp.values |= EIGRP_KVALUE_K5;\r
+ o.eigrp.k5 = atoi(optarg); break;\r
+ case OPTION_EIGRP_HOLD:\r
+ o.eigrp.hold = atoi(optarg); break;\r
+ case OPTION_EIGRP_IOS_VERSION:\r
+ if ( (tmp_ptr = (char *) strchr(optarg, '.')) != NULL )\r
+ {\r
+ int t;\r
+\r
+ if ((t = atoi(tmp_ptr + 1)) != 0)\r
+ o.eigrp.ios_minor = t;\r
+ tmp_ptr = strtok(optarg, ".");\r
+ if (tmp_ptr != NULL)\r
+ o.eigrp.ios_major = atoi(tmp_ptr);\r
+ } \r
+ break;\r
+ case OPTION_EIGRP_PROTO_VERSION:\r
+ if ( (tmp_ptr = (char *) strchr(optarg, '.')) != NULL )\r
+ {\r
+ int t;\r
+\r
+ if ((t = atoi(tmp_ptr + 1)) != 0)\r
+ o.eigrp.ver_minor = t;\r
+ tmp_ptr = strtok(optarg, ".");\r
+ if (tmp_ptr != NULL)\r
+ o.eigrp.ver_major = atoi(tmp_ptr);\r
+ } \r
+ break;\r
+ case OPTION_EIGRP_NEXTHOP:\r
+ o.eigrp.next_hop = resolv(optarg); break;\r
+ case OPTION_EIGRP_DELAY:\r
+ o.eigrp.delay = atol(optarg); break;\r
+ case OPTION_EIGRP_BANDWIDTH:\r
+ o.eigrp.bandwidth = atol(optarg); break;\r
+ case OPTION_EIGRP_MTU:\r
+ o.eigrp.mtu = atol(optarg); break;\r
+ case OPTION_EIGRP_HOP_COUNT:\r
+ o.eigrp.hop_count = atoi(optarg); break;\r
+ case OPTION_EIGRP_LOAD:\r
+ o.eigrp.load = atoi(optarg); break;\r
+ case OPTION_EIGRP_RELIABILITY:\r
+ o.eigrp.reliability = atoi(optarg); break;\r
+ case OPTION_EIGRP_DESINATION:\r
+ if ( (tmp_ptr = (char *) strchr(optarg, '/')) == NULL )\r
+ o.eigrp.dest = resolv(optarg);\r
+ else\r
+ {\r
+ o.eigrp.prefix = atoi(tmp_ptr + 1);\r
+ tmp_ptr = strtok(optarg, "/");\r
+ if (tmp_ptr != NULL)\r
+ o.eigrp.dest = resolv(tmp_ptr);\r
+ } \r
+ break;\r
+ case OPTION_EIGRP_SOURCE_ROUTER:\r
+ o.eigrp.src_router = resolv(optarg); break;\r
+ case OPTION_EIGRP_SOURCE_AS:\r
+ o.eigrp.src_as = atol(optarg); break;\r
+ case OPTION_EIGRP_TAG:\r
+ o.eigrp.tag = atol(optarg); break;\r
+ case OPTION_EIGRP_METRIC:\r
+ o.eigrp.proto_metric = atol(optarg); break;\r
+ case OPTION_EIGRP_ID:\r
+ o.eigrp.proto_id = atoi(optarg); break;\r
+ case OPTION_EIGRP_EXTERNAL_FLAGS:\r
+ o.eigrp.ext_flags = atoi(optarg); break;\r
+ case OPTION_EIGRP_ADDRESS:\r
+ o.eigrp.address = resolv(optarg); break;\r
+ case OPTION_EIGRP_MULTICAST:\r
+ o.eigrp.multicast = atol(optarg); break;\r
+ case OPTION_EIGRP_AUTHENTICATION:\r
+ o.eigrp.auth = 1; break;\r
+ case OPTION_EIGRP_AUTH_KEY_ID:\r
+ o.eigrp.key_id = atol(optarg); break;\r
+\r
+ /* XXX OSPF HEADER OPTIONS (IPPROTO_OSPF = 89) */\r
+ case OPTION_OSPF_TYPE:\r
+ o.ospf.type = atoi(optarg); break;\r
+ case OPTION_OSPF_LENGTH:\r
+ o.ospf.length = atoi(optarg); break;\r
+ case OPTION_OSPF_ROUTER_ID:\r
+ o.ospf.rid = resolv(optarg); break;\r
+ case OPTION_OSPF_AREA_ID:\r
+ o.ospf.AID = 1;\r
+ o.ospf.aid = resolv(optarg); break;\r
+ case '1':\r
+ o.ospf.options |= OSPF_OPTION_TOS; break;\r
+ case '2':\r
+ o.ospf.options |= OSPF_OPTION_EXTERNAL; break;\r
+ case '3':\r
+ o.ospf.options |= OSPF_OPTION_MULTICAST; break;\r
+ case '4':\r
+ o.ospf.options |= OSPF_OPTION_NSSA; break;\r
+ case '5':\r
+ o.ospf.options |= OSPF_OPTION_LLS; break;\r
+ case '6':\r
+ o.ospf.options |= OSPF_OPTION_DEMAND; break;\r
+ case '7':\r
+ o.ospf.options |= OSPF_OPTION_OPAQUE; break;\r
+ case '8':\r
+ o.ospf.options |= OSPF_OPTION_DOWN; break;\r
+ case OPTION_OSPF_NETMASK:\r
+ o.ospf.netmask = resolv(optarg); break;\r
+ case OPTION_OSPF_HELLO_INTERVAL:\r
+ o.ospf.hello_interval = atoi(optarg); break;\r
+ case OPTION_OSPF_HELLO_PRIORITY:\r
+ o.ospf.hello_priority = atoi(optarg); break;\r
+ case OPTION_OSPF_HELLO_DEAD:\r
+ o.ospf.hello_dead = atol(optarg); break;\r
+ case OPTION_OSPF_HELLO_DESIGN:\r
+ o.ospf.hello_design = resolv(optarg); break;\r
+ case OPTION_OSPF_HELLO_BACKUP:\r
+ o.ospf.hello_backup = resolv(optarg); break;\r
+ case OPTION_OSPF_HELLO_NEIGHBOR:\r
+ o.ospf.neighbor = atoi(optarg); break;\r
+ case OPTION_OSPF_HELLO_ADDRESS:\r
+ tmp_ptr = strtok(optarg, ",");\r
+ for (counter=0; counter < (int)(sizeof(o.ospf.address)/sizeof(in_addr_t)); counter++)\r
+ {\r
+ if (tmp_ptr == NULL)\r
+ break;\r
+\r
+ o.ospf.address[counter] = resolv(tmp_ptr);\r
+ tmp_ptr = strtok(NULL, ",");\r
+ }\r
+ o.ospf.neighbor = counter; \r
+ break;\r
+ case OPTION_OSPF_DD_MTU:\r
+ o.ospf.dd_mtu = atoi(optarg); break;\r
+ case OPTION_OSPF_DD_MASTER_SLAVE:\r
+ o.ospf.dd_dbdesc |= DD_DBDESC_MSLAVE; break;\r
+ case OPTION_OSPF_DD_MORE:\r
+ o.ospf.dd_dbdesc |= DD_DBDESC_MORE; break;\r
+ case OPTION_OSPF_DD_INIT:\r
+ o.ospf.dd_dbdesc |= DD_DBDESC_INIT; break;\r
+ case OPTION_OSPF_DD_OOBRESYNC:\r
+ o.ospf.dd_dbdesc |= DD_DBDESC_OOBRESYNC; break;\r
+ case OPTION_OSPF_DD_SEQUENCE:\r
+ o.ospf.dd_sequence = atol(optarg); break;\r
+ case OPTION_OSPF_DD_INCLUDE_LSA:\r
+ o.ospf.dd_include_lsa = 1; break;\r
+ case OPTION_OSPF_LSA_AGE:\r
+ o.ospf.lsa_age = atoi(optarg); break;\r
+ case OPTION_OSPF_LSA_DO_NOT_AGE:\r
+ o.ospf.lsa_dage = 1; break;\r
+ case OPTION_OSPF_LSA_TYPE:\r
+ o.ospf.lsa_type = atoi(optarg); break;\r
+ case OPTION_OSPF_LSA_LSID:\r
+ o.ospf.lsa_lsid = resolv(optarg); break;\r
+ case OPTION_OSPF_LSA_ROUTER:\r
+ o.ospf.lsa_router = resolv(optarg); break;\r
+ case OPTION_OSPF_LSA_SEQUENCE:\r
+ o.ospf.lsa_sequence = atol(optarg); break;\r
+ case OPTION_OSPF_LSA_METRIC:\r
+ o.ospf.lsa_metric = atol(optarg); break;\r
+ case OPTION_OSPF_LSA_FLAG_BORDER:\r
+ o.ospf.lsa_flags |= ROUTER_FLAG_BORDER; break;\r
+ case OPTION_OSPF_LSA_FLAG_EXTERNAL:\r
+ o.ospf.lsa_flags |= ROUTER_FLAG_EXTERNAL; break;\r
+ case OPTION_OSPF_LSA_FLAG_VIRTUAL:\r
+ o.ospf.lsa_flags |= ROUTER_FLAG_VIRTUAL; break;\r
+ case OPTION_OSPF_LSA_FLAG_WILD:\r
+ o.ospf.lsa_flags |= ROUTER_FLAG_WILD; break;\r
+ case OPTION_OSPF_LSA_FLAG_NSSA_TR:\r
+ o.ospf.lsa_flags |= ROUTER_FLAG_NSSA_TR; break;\r
+ case OPTION_OSPF_LSA_LINK_ID:\r
+ o.ospf.lsa_link_id = resolv(optarg); break;\r
+ case OPTION_OSPF_LSA_LINK_DATA:\r
+ o.ospf.lsa_link_data = resolv(optarg); break;\r
+ case OPTION_OSPF_LSA_LINK_TYPE:\r
+ o.ospf.lsa_link_type = atoi(optarg); break;\r
+ case OPTION_OSPF_LSA_ATTACHED:\r
+ o.ospf.lsa_attached = resolv(optarg); break;\r
+ case OPTION_OSPF_LSA_LARGER:\r
+ o.ospf.lsa_larger = 1; break;\r
+ case OPTION_OSPF_LSA_FORWARD:\r
+ o.ospf.lsa_forward = resolv(optarg); break;\r
+ case OPTION_OSPF_LSA_EXTERNAL:\r
+ o.ospf.lsa_external = resolv(optarg); break;\r
+ case OPTION_OSPF_VERTEX_ROUTER:\r
+ o.ospf.vertex_type = VERTEX_TYPE_ROUTER; break;\r
+ case OPTION_OSPF_VERTEX_NETWORK:\r
+ o.ospf.vertex_type = VERTEX_TYPE_NETWORK; break;\r
+ case OPTION_OSPF_VERTEX_ID:\r
+ o.ospf.vertex_id = resolv(optarg); break;\r
+ case OPTIONS_OSPF_LLS_OPTION_LR:\r
+ o.ospf.lls_options = EXTENDED_OPTIONS_LR; break;\r
+ case OPTIONS_OSPF_LLS_OPTION_RS:\r
+ o.ospf.lls_options = EXTENDED_OPTIONS_RS; break;\r
+ case OPTION_OSPF_AUTHENTICATION:\r
+ o.ospf.auth = 1; break;\r
+ case OPTION_OSPF_AUTH_KEY_ID:\r
+ o.ospf.key_id = atoi(optarg); break;\r
+ case OPTION_OSPF_AUTH_SEQUENCE:\r
+ o.ospf.sequence = atol(optarg); break;\r
+\r
+ /* XXX HELP/USAGE MESSAGE */\r
+ case 'h':\r
+ case '?':\r
+ default:\r
+ usage();\r
+ exit(EXIT_FAILURE);\r
+ }\r
+ }\r
+\r
+ /* Checking the command line interface options. */\r
+ if (optind >= argc)\r
+ {\r
+ ERROR("too many arguments. Try --help for usage and help");\r
+ exit(EXIT_FAILURE);\r
+ }\r
+\r
+ if ((tmp_ptr = (char *) strchr(argv[optind], 0x2f)) == NULL)\r
+ o.ip.daddr = resolv(argv[optind]);\r
+ else\r
+ {\r
+ o.bits = atoi(tmp_ptr + 1);\r
+ tmp_ptr = strtok(argv[optind], "/");\r
+ if (tmp_ptr != NULL)\r
+ o.ip.daddr = resolv(tmp_ptr);\r
+ }\r
+\r
+ return &o;\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef __COMMON_H\r
+#define __COMMON_H\r
+\r
+#define PACKAGE "T50"\r
+#define SITE "http://t50.sf.net"\r
+\r
+#if !(linux) || !(__linux__)\r
+# error "Sorry! The t50 was only tested under Linux!"\r
+#endif /* __linux__ */\r
+\r
+#include <time.h>\r
+#include <stdio.h>\r
+#include <stdint.h>\r
+#include <netdb.h>\r
+#include <errno.h>\r
+#include <fcntl.h>\r
+#include <unistd.h>\r
+#include <stdlib.h>\r
+#include <string.h>\r
+#include <signal.h>\r
+#include <getopt.h>\r
+#include <sys/time.h>\r
+#include <sys/socket.h>\r
+#include <sys/resource.h>\r
+\r
+/* This code prefers to use Linux headers rather than BSD favored */\r
+#include <linux/ip.h>\r
+#include <linux/tcp.h>\r
+#include <linux/udp.h>\r
+#include <linux/icmp.h>\r
+#include <linux/igmp.h>\r
+#include <linux/dccp.h>\r
+#include <linux/if_ether.h>\r
+\r
+/* Purpose-built config library to be used by T50 modules */\r
+#include <config.h>\r
+\r
+/* Purpose-built protocol libraries to be used by T50 modules */\r
+#include <protocol/egp.h>\r
+#include <protocol/gre.h>\r
+#include <protocol/rip.h>\r
+#include <protocol/igmp.h>\r
+#include <protocol/ospf.h>\r
+#include <protocol/rsvp.h>\r
+#include <protocol/eigrp.h>\r
+#include <protocol/tcp_options.h>\r
+\r
+/* NOTE: This will do nothing. Used only to prevent warnings. */\r
+#define UNUSED_PARAM(x) { (x) = (x); }\r
+\r
+/* Data types */\r
+typedef uint32_t in_addr_t;\r
+typedef int socket_t;\r
+\r
+/* Limits */\r
+\r
+/* #define RAND_MAX 2147483647 */ /* NOTE: Already defined @ stdlib.h */\r
+#define CIDR_MINIMUM 8\r
+#define CIDR_MAXIMUM 30\r
+#define MAXIMUM_IP_ADDRESSES 16777215\r
+\r
+/* #define INADDR_ANY ((in_addr_t) 0) */ /* NOTE: Already defined @ linux/in.h */\r
+#define IPPORT_ANY ((uint16_t) 0)\r
+\r
+extern char *mod_acronyms[];\r
+extern char *mod_names[];\r
+\r
+/* OBS: Used only in config.c.\r
+ Isn't better to move this definitions?! */\r
+enum t50_module\r
+{\r
+ MODULE_ICMP = 0,\r
+#define MODULE_ICMP MODULE_ICMP\r
+ MODULE_IGMPv1,\r
+#define MODULE_IGMPv1 MODULE_IGMPv1\r
+ MODULE_IGMPv3,\r
+#define MODULE_IGMPv3 MODULE_IGMPv3\r
+ MODULE_TCP,\r
+#define MODULE_TCP MODULE_TCP\r
+ MODULE_EGP,\r
+#define MODULE_EGP MODULE_EGP\r
+ MODULE_UDP,\r
+#define MODULE_UDP MODULE_UDP\r
+ MODULE_RIPv1,\r
+#define MODULE_RIPv1 MODULE_RIPv1\r
+ MODULE_RIPv2,\r
+#define MODULE_RIPv2 MODULE_RIPv2\r
+ MODULE_DCCP,\r
+#define MODULE_DCCP MODULE_DCCP\r
+ MODULE_RSVP,\r
+#define MODULE_RSVP MODULE_RSVP\r
+ MODULE_IPSEC,\r
+#define MODULE_IPSEC MODULE_IPSEC\r
+ MODULE_EIGRP,\r
+#define MODULE_EIGRP MODULE_EIGRP\r
+ MODULE_OSPF,\r
+#define MODULE_OSPF MODULE_OSPF\r
+\r
+ MODULE_T50,\r
+# define MODULE_T50 MODULE_T50\r
+# define T50_THRESHOLD_MIN MODULE_T50\r
+};\r
+\r
+/* Global common protocol definitions used by code */\r
+#define AUTH_TYPE_HMACNUL 0x0000\r
+#define AUTH_TYPE_HMACMD5 0x0002\r
+#define AUTH_TLEN_HMACMD5 16\r
+#define AUTH_TLEN_HMACMD5 16\r
+#define auth_hmac_md5_len(foo) ((foo) ? AUTH_TLEN_HMACMD5 : 0)\r
+\r
+#define IPVERSION 4\r
+#define IP_MF 0x2000\r
+#define IP_DF 0x4000\r
+\r
+/* T50 DEFINITIONS. */\r
+#define IPPROTO_T50 69\r
+#define FIELD_MUST_BE_NULL NULL\r
+#define FIELD_MUST_BE_ZERO 0\r
+\r
+/* Common protocol structures used by code */\r
+/*\r
+ * User Datagram Protocol (RFC 768)\r
+ *\r
+ * Checksum is the 16-bit one's complement of the one's complement sum of a\r
+ * pseudo header of information from the IP header, the UDP header, and the\r
+ * data, padded with zero octets at the end (if necessary) to make a\r
+ * multiple of two octets.\r
+ *\r
+ * The pseudo header conceptually prefixed to the UDP header contains the\r
+ * source address, the destination address, the protocol, and the UDP\r
+ * length. This information gives protection against misrouted datagrams.\r
+ * This checksum procedure is the same as is used in TCP.\r
+ *\r
+ * 0 7 8 15 16 23 24 31 \r
+ * +--------+--------+--------+--------+\r
+ * | source address |\r
+ * +--------+--------+--------+--------+\r
+ * | destination address |\r
+ * +--------+--------+--------+--------+\r
+ * | zero |protocol| UDP length |\r
+ * +--------+--------+--------+--------+\r
+ *\r
+ * If the computed checksum is zero, it is transmitted as all ones (the\r
+ * equivalent in one's complement arithmetic). An all zero transmitted\r
+ * checksum value means that the transmitter generated no checksum (for\r
+ * debugging or for higher level protocols that don't care). \r
+ */\r
+struct psdhdr \r
+{\r
+ in_addr_t saddr; /* source address */\r
+ in_addr_t daddr; /* destination address */\r
+ uint8_t zero; /* must be zero */\r
+ uint8_t protocol; /* protocol */\r
+ uint16_t len; /* header length */\r
+};\r
+\r
+/* Common macros used by code */\r
+#define __32BIT_RND(foo) ((foo) == 0 ? (uint32_t)rand() : (uint32_t)(foo))\r
+#define __24BIT_RND(foo) ((foo) == 0 ? rand() >> 8 : (foo))\r
+#define __16BIT_RND(foo) ((foo) == 0 ? rand() >> 16 : (foo))\r
+#define __8BIT_RND(foo) ((foo) == 0 ? rand() >> 24 : (foo))\r
+#define __7BIT_RND(foo) ((foo) == 0 ? rand() >> 25 : (foo))\r
+#define __6BIT_RND(foo) ((foo) == 0 ? rand() >> 26 : (foo))\r
+#define __5BIT_RND(foo) ((foo) == 0 ? rand() >> 27 : (foo))\r
+#define __4BIT_RND(foo) ((foo) == 0 ? rand() >> 28 : (foo))\r
+#define __3BIT_RND(foo) ((foo) == 0 ? rand() >> 29 : (foo))\r
+#define __2BIT_RND(foo) ((foo) == 0 ? (uint32_t)(rand() >> 30) : (uint32_t)(foo))\r
+\r
+#define INADDR_RND(foo) __32BIT_RND(foo)\r
+#define IPPORT_RND(foo) __16BIT_RND(foo)\r
+\r
+extern uint32_t NETMASK_RND(uint32_t);\r
+\r
+#ifdef __HAVE_DEBUG__\r
+#define ERROR(s) \\r
+ fprintf(stderr, "%s: %s at %s, line %d\n", PACKAGE, s, __FILE__, \\r
+ __LINE__); fflush(stderr);\r
+#else\r
+#define ERROR(s) fprintf(stderr, "%s: %s\n", PACKAGE, s); fflush(stderr);\r
+#endif\r
+\r
+/* Common routines used by code */\r
+extern struct cidr *config_cidr(uint32_t, in_addr_t);\r
+/* Command line interface options validation. */\r
+extern int checkConfigOptions(const struct config_options *);\r
+/* Checksum calculation. */\r
+extern uint16_t cksum(uint16_t *, int32_t);\r
+/* Command line interface options configuration. */\r
+extern struct config_options *getConfigOptions(int, char **);\r
+/* IP address and name resolve. */\r
+extern in_addr_t resolv(char *);\r
+/* Socket configuration. */\r
+extern socket_t sock(void);\r
+/* Help and usage message. */\r
+extern void usage(void);\r
+\r
+/* Common module routines used by code */\r
+/* Function Name: ICMP packet header configuration. */\r
+extern void icmp (const socket_t, const struct config_options *);\r
+/* Function Name: IGMPv1 packet header configuration. */\r
+extern void igmpv1 (const socket_t, const struct config_options *);\r
+/* Function Name: IGMPv3 packet header configuration. */\r
+extern void igmpv3 (const socket_t, const struct config_options *);\r
+/* Function Name: TCP packet header configuration. */\r
+extern void tcp (const socket_t, const struct config_options *);\r
+/* Function Name: EGP packet header configuration. */\r
+extern void egp (const socket_t, const struct config_options *);\r
+/* Function Name: UDP packet header configuration. */\r
+extern void udp (const socket_t, const struct config_options *);\r
+/* Function Name: RIPv1 packet header configuration. */\r
+extern void ripv1 (const socket_t, const struct config_options *);\r
+/* Function Name: RIPv2 packet header configuration. */\r
+extern void ripv2 (const socket_t, const struct config_options *);\r
+/* Function Name: DCCP packet header configuration. */\r
+extern void dccp (const socket_t, const struct config_options *);\r
+/* Function Name: RSVP packet header configuration. */\r
+extern void rsvp (const socket_t, const struct config_options *);\r
+/* Function Name: IPSec packet header configuration. */\r
+extern void ipsec (const socket_t, const struct config_options *);\r
+/* Function Name: EIGRP packet header configuration. */\r
+extern void eigrp (const socket_t, const struct config_options *);\r
+/* Function Name: OSPF packet header configuration. */\r
+extern void ospf (const socket_t, const struct config_options *);\r
+\r
+#endif /* __COMMON_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef CONFIG_H\r
+#define CONFIG_H\r
+\r
+#include <common.h>\r
+\r
+/* Command line interface options which do not have short options */\r
+enum {\r
+ /* XXX COMMON OPTIONS */\r
+ OPTION_THRESHOLD = 128,\r
+ OPTION_FLOOD,\r
+ OPTION_ENCAPSULATED,\r
+#ifdef __HAVE_TURBO__\r
+ OPTION_TURBO,\r
+#endif /* __HAVE_TURBO__ */\r
+ OPTION_LIST_PROTOCOL,\r
+ /* XXX DCCP, TCP & UDP HEADER OPTIONS */\r
+ OPTION_SOURCE,\r
+ OPTION_DESTINATION,\r
+ /* XXX IP HEADER OPTIONS (IPPROTO_IP = 0) */\r
+ OPTION_IP_TOS,\r
+ OPTION_IP_ID,\r
+ OPTION_IP_OFFSET,\r
+ OPTION_IP_TTL,\r
+ OPTION_IP_PROTOCOL,\r
+ /* XXX GRE HEADER OPTIONS (IPPROTO_GRE = 47) */\r
+ OPTION_GRE_SEQUENCE_PRESENT,\r
+ OPTION_GRE_KEY_PRESENT,\r
+ OPTION_GRE_CHECKSUM_PRESENT,\r
+ OPTION_GRE_KEY,\r
+ OPTION_GRE_SEQUENCE,\r
+ OPTION_GRE_SADDR,\r
+ OPTION_GRE_DADDR,\r
+ /* XXX ICMP HEADER OPTIONS (IPPROTO_ICMP = 1) */\r
+ OPTION_ICMP_TYPE,\r
+ OPTION_ICMP_CODE,\r
+ OPTION_ICMP_GATEWAY,\r
+ OPTION_ICMP_ID,\r
+ OPTION_ICMP_SEQUENCE,\r
+ /* XXX IGMP HEADER OPTIONS (IPPROTO_IGMP = 2) */\r
+ OPTION_IGMP_TYPE,\r
+ OPTION_IGMP_CODE,\r
+ OPTION_IGMP_GROUP,\r
+ OPTION_IGMP_QRV,\r
+ OPTION_IGMP_SUPPRESS,\r
+ OPTION_IGMP_QQIC,\r
+ OPTION_IGMP_GREC_TYPE,\r
+ OPTION_IGMP_SOURCES,\r
+ OPTION_IGMP_GREC_MULTICAST,\r
+ OPTION_IGMP_ADDRESS,\r
+ /* XXX TCP HEADER OPTIONS (IPPROTO_TCP = 6) */\r
+ OPTION_TCP_ACKNOWLEDGE,\r
+ OPTION_TCP_SEQUENCE,\r
+ OPTION_TCP_OFFSET,\r
+ OPTION_TCP_URGENT_POINTER,\r
+ OPTION_TCP_MSS,\r
+ OPTION_TCP_WSOPT,\r
+ OPTION_TCP_TSOPT,\r
+ OPTION_TCP_SACK_OK,\r
+ OPTION_TCP_CC,\r
+ OPTION_TCP_CC_NEW,\r
+ OPTION_TCP_CC_ECHO,\r
+ OPTION_TCP_SACK_EDGE,\r
+ OPTION_TCP_MD5_SIGNATURE,\r
+ OPTION_TCP_AUTHENTICATION,\r
+ OPTION_TCP_AUTH_KEY_ID,\r
+ OPTION_TCP_AUTH_NEXT_KEY,\r
+ OPTION_TCP_NOP,\r
+ /* XXX EGP HEADER OPTIONS (IPPROTO_EGP = 8) */\r
+ OPTION_EGP_TYPE,\r
+ OPTION_EGP_CODE,\r
+ OPTION_EGP_STATUS,\r
+ OPTION_EGP_AS,\r
+ OPTION_EGP_SEQUENCE,\r
+ OPTION_EGP_HELLO,\r
+ OPTION_EGP_POLL,\r
+ /* XXX RIP HEADER OPTIONS (IPPROTO_UDP = 17) */\r
+ OPTION_RIP_COMMAND,\r
+ OPTION_RIP_FAMILY,\r
+ OPTION_RIP_ADDRESS,\r
+ OPTION_RIP_METRIC,\r
+ OPTION_RIP_DOMAIN,\r
+ OPTION_RIP_TAG,\r
+ OPTION_RIP_NETMASK,\r
+ OPTION_RIP_NEXTHOP,\r
+ OPTION_RIP_AUTHENTICATION,\r
+ OPTION_RIP_AUTH_KEY_ID,\r
+ OPTION_RIP_AUTH_SEQUENCE,\r
+ /* XXX DCCP HEADER OPTIONS (IPPROTO_DCCP = 33) */\r
+ OPTION_DCCP_OFFSET,\r
+ OPTION_DCCP_CSCOV,\r
+ OPTION_DCCP_CCVAL,\r
+ OPTION_DCCP_TYPE,\r
+ OPTION_DCCP_EXTEND,\r
+ OPTION_DCCP_SEQUENCE_01,\r
+ OPTION_DCCP_SEQUENCE_02,\r
+ OPTION_DCCP_SEQUENCE_03,\r
+ OPTION_DCCP_SERVICE,\r
+ OPTION_DCCP_ACKNOWLEDGE_01,\r
+ OPTION_DCCP_ACKNOWLEDGE_02,\r
+ OPTION_DCCP_RESET_CODE,\r
+ /* XXX RSVP HEADER OPTIONS (IPPROTO_RSVP = 46) */\r
+ OPTION_RSVP_FLAGS,\r
+ OPTION_RSVP_TYPE,\r
+ OPTION_RSVP_TTL,\r
+ OPTION_RSVP_SESSION_ADDRESS,\r
+ OPTION_RSVP_SESSION_PROTOCOL,\r
+ OPTION_RSVP_SESSION_FLAGS,\r
+ OPTION_RSVP_SESSION_PORT,\r
+ OPTION_RSVP_HOP_ADDRESS,\r
+ OPTION_RSVP_HOP_IFACE,\r
+ OPTION_RSVP_TIME_REFRESH,\r
+ OPTION_RSVP_ERROR_ADDRESS,\r
+ OPTION_RSVP_ERROR_FLAGS,\r
+ OPTION_RSVP_ERROR_CODE,\r
+ OPTION_RSVP_ERROR_VALUE,\r
+ OPTION_RSVP_SCOPE,\r
+ OPTION_RSVP_SCOPE_ADDRESS,\r
+ OPTION_RSVP_STYLE_OPTION,\r
+ OPTION_RSVP_SENDER_ADDRESS,\r
+ OPTION_RSVP_SENDER_PORT,\r
+ OPTION_RSVP_TSPEC_TRAFFIC,\r
+ OPTION_RSVP_TSPEC_GUARANTEED,\r
+ OPTION_RSVP_TSPEC_TOKEN_R,\r
+ OPTION_RSVP_TSPEC_TOKEN_B,\r
+ OPTION_RSVP_TSPEC_DATA_P,\r
+ OPTION_RSVP_TSPEC_MINIMUM,\r
+ OPTION_RSVP_TSPEC_MAXIMUM,\r
+ OPTION_RSVP_ADSPEC_ISHOP,\r
+ OPTION_RSVP_ADSPEC_PATH,\r
+ OPTION_RSVP_ADSPEC_MINIMUM,\r
+ OPTION_RSVP_ADSPEC_MTU,\r
+ OPTION_RSVP_ADSPEC_GUARANTEED,\r
+ OPTION_RSVP_ADSPEC_CONTROLLED,\r
+ OPTION_RSVP_ADSPEC_CTOT,\r
+ OPTION_RSVP_ADSPEC_DTOT,\r
+ OPTION_RSVP_ADSPEC_CSUM,\r
+ OPTION_RSVP_ADSPEC_DSUM,\r
+ OPTION_RSVP_CONFIRM_ADDR,\r
+ /* XXX IPSEC HEADER OPTIONS (IPPROTO_AH = 51 & IPPROTO_ESP = 50) */\r
+ OPTION_IPSEC_AH_LENGTH,\r
+ OPTION_IPSEC_AH_SPI,\r
+ OPTION_IPSEC_AH_SEQUENCE,\r
+ OPTION_IPSEC_ESP_SPI,\r
+ OPTION_IPSEC_ESP_SEQUENCE,\r
+ /* XXX EIGRP HEADER OPTIONS (IPPROTO_EIGRP = 88) */\r
+ OPTION_EIGRP_OPCODE,\r
+ OPTION_EIGRP_FLAGS,\r
+ OPTION_EIGRP_SEQUENCE,\r
+ OPTION_EIGRP_ACKNOWLEDGE,\r
+ OPTION_EIGRP_AS,\r
+ OPTION_EIGRP_TYPE,\r
+ OPTION_EIGRP_LENGTH,\r
+ OPTION_EIGRP_K1,\r
+ OPTION_EIGRP_K2,\r
+ OPTION_EIGRP_K3,\r
+ OPTION_EIGRP_K4,\r
+ OPTION_EIGRP_K5,\r
+ OPTION_EIGRP_HOLD,\r
+ OPTION_EIGRP_IOS_VERSION,\r
+ OPTION_EIGRP_PROTO_VERSION,\r
+ OPTION_EIGRP_NEXTHOP,\r
+ OPTION_EIGRP_DELAY,\r
+ OPTION_EIGRP_BANDWIDTH,\r
+ OPTION_EIGRP_MTU,\r
+ OPTION_EIGRP_HOP_COUNT,\r
+ OPTION_EIGRP_LOAD,\r
+ OPTION_EIGRP_RELIABILITY,\r
+ OPTION_EIGRP_DESINATION,\r
+ OPTION_EIGRP_SOURCE_ROUTER,\r
+ OPTION_EIGRP_SOURCE_AS,\r
+ OPTION_EIGRP_TAG,\r
+ OPTION_EIGRP_METRIC,\r
+ OPTION_EIGRP_ID,\r
+ OPTION_EIGRP_EXTERNAL_FLAGS,\r
+ OPTION_EIGRP_ADDRESS,\r
+ OPTION_EIGRP_MULTICAST,\r
+ OPTION_EIGRP_AUTHENTICATION,\r
+ OPTION_EIGRP_AUTH_KEY_ID,\r
+ /* XXX OSPF HEADER OPTIONS (IPPROTO_OSPF = 89) */\r
+ OPTION_OSPF_TYPE,\r
+ OPTION_OSPF_LENGTH,\r
+ OPTION_OSPF_ROUTER_ID,\r
+ OPTION_OSPF_AREA_ID,\r
+ OPTION_OSPF_NETMASK,\r
+ OPTION_OSPF_HELLO_INTERVAL,\r
+ OPTION_OSPF_HELLO_PRIORITY,\r
+ OPTION_OSPF_HELLO_DEAD,\r
+ OPTION_OSPF_HELLO_DESIGN,\r
+ OPTION_OSPF_HELLO_BACKUP,\r
+ OPTION_OSPF_HELLO_NEIGHBOR,\r
+ OPTION_OSPF_HELLO_ADDRESS,\r
+ OPTION_OSPF_DD_MTU,\r
+ OPTION_OSPF_DD_MASTER_SLAVE,\r
+ OPTION_OSPF_DD_MORE,\r
+ OPTION_OSPF_DD_INIT,\r
+ OPTION_OSPF_DD_OOBRESYNC,\r
+ OPTION_OSPF_DD_SEQUENCE,\r
+ OPTION_OSPF_DD_INCLUDE_LSA,\r
+ OPTION_OSPF_LSA_AGE,\r
+ OPTION_OSPF_LSA_DO_NOT_AGE,\r
+ OPTION_OSPF_LSA_TYPE,\r
+ OPTION_OSPF_LSA_LSID,\r
+ OPTION_OSPF_LSA_ROUTER,\r
+ OPTION_OSPF_LSA_SEQUENCE,\r
+ OPTION_OSPF_LSA_METRIC,\r
+ OPTION_OSPF_LSA_FLAG_BORDER,\r
+ OPTION_OSPF_LSA_FLAG_EXTERNAL,\r
+ OPTION_OSPF_LSA_FLAG_VIRTUAL,\r
+ OPTION_OSPF_LSA_FLAG_WILD,\r
+ OPTION_OSPF_LSA_FLAG_NSSA_TR,\r
+ OPTION_OSPF_LSA_LINK_ID,\r
+ OPTION_OSPF_LSA_LINK_DATA,\r
+ OPTION_OSPF_LSA_LINK_TYPE,\r
+ OPTION_OSPF_LSA_ATTACHED,\r
+ OPTION_OSPF_LSA_LARGER,\r
+ OPTION_OSPF_LSA_FORWARD,\r
+ OPTION_OSPF_LSA_EXTERNAL,\r
+ OPTION_OSPF_VERTEX_ROUTER,\r
+ OPTION_OSPF_VERTEX_NETWORK,\r
+ OPTION_OSPF_VERTEX_ID,\r
+ OPTIONS_OSPF_LLS_OPTION_LR,\r
+ OPTIONS_OSPF_LLS_OPTION_RS,\r
+ OPTION_OSPF_AUTHENTICATION,\r
+ OPTION_OSPF_AUTH_KEY_ID,\r
+ OPTION_OSPF_AUTH_SEQUENCE,\r
+};\r
+\r
+\r
+/* Config structures */\r
+struct cidr{\r
+ uint32_t hostid; /* hosts identifiers */\r
+ in_addr_t __1st_addr; /* first IP address */\r
+};\r
+\r
+struct config_options {\r
+ /* XXX COMMON OPTIONS */\r
+ uint32_t threshold; /* amount of packets */\r
+ uint32_t flood; /* flood */\r
+ uint8_t encapsulated:1; /* GRE encapsulated */\r
+ uint32_t bogus_csum; /* bogus packet checksum */\r
+#ifdef __HAVE_TURBO__\r
+ uint32_t turbo; /* duplicate the attack */\r
+#endif /* __HAVE_TURBO__ */\r
+ /* XXX DCCP, TCP & UDP HEADER OPTIONS */\r
+ uint16_t source; /* general source port */\r
+ uint16_t dest; /* general destination port */\r
+\r
+ uint32_t bits:5; /* CIDR bits */\r
+\r
+ /* XXX IP HEADER OPTIONS (IPPROTO_IP = 0) */\r
+ struct{\r
+ uint8_t tos; /* type of service */\r
+ uint16_t id; /* identification */\r
+ uint16_t frag_off; /* fragmentation offset */\r
+ uint8_t ttl; /* time to live */\r
+ uint8_t protocol; /* packet protocol */\r
+ uint32_t protoname; /* protocol name */\r
+ in_addr_t saddr; /* source address */\r
+ in_addr_t daddr; /* destination address */\r
+ } ip;\r
+ /* XXX GRE HEADER OPTIONS (IPPROTO_GRE = 47) */\r
+ struct{\r
+ uint8_t options; /* GRE options bitmask */\r
+ uint8_t S:1; /* sequence number present */\r
+ uint8_t K:1; /* key present */\r
+ uint8_t C:1; /* checksum present */\r
+ uint32_t key; /* key */\r
+ uint32_t sequence; /* sequence number */\r
+ in_addr_t saddr; /* GRE source address */\r
+ in_addr_t daddr; /* GRE destination address */\r
+ } gre;\r
+ /* XXX ICMP HEADER OPTIONS (IPPROTO_ICMP = 1) */\r
+ struct{\r
+ uint8_t type; /* type */\r
+ uint8_t code; /* code */\r
+ uint16_t id; /* identification */\r
+ uint16_t sequence; /* sequence number */\r
+ in_addr_t gateway; /* gateway address */\r
+ } icmp;\r
+ /* XXX IGMP HEADER OPTIONS (IPPROTO_IGMP = 2) */\r
+ struct{\r
+ uint8_t type; /* type */\r
+ uint8_t code; /* code */\r
+ in_addr_t group; /* group address */\r
+ uint8_t qrv:3, /* querier robustness variable */\r
+ suppress:1; /* suppress router-side */\r
+ uint8_t qqic; /* querier query interv. code */\r
+ uint8_t grec_type; /* group record type */\r
+ uint8_t sources; /* number of sources */\r
+ in_addr_t grec_mca; /* group record multicast addr */\r
+ in_addr_t address[255]; /* source address(es) */\r
+ } igmp;\r
+ /* XXX TCP HEADER OPTIONS (IPPROTO_TCP = 6) */\r
+ struct{\r
+ uint32_t sequence; /* initial sequence number */\r
+ uint32_t acknowledge; /* acknowledgment sequence */\r
+ uint8_t doff:4; /* data offset */\r
+ uint8_t fin:1; /* end of data flag */\r
+ uint8_t syn:1; /* synchronize ISN flag */\r
+ uint8_t rst:1; /* reset connection flag */\r
+ uint8_t psh:1; /* push flag */\r
+ uint8_t ack:1; /* acknowledgment # valid flag */\r
+ uint8_t urg:1; /* urgent pointer valid flag */\r
+ uint8_t ece:1; /* ecn-echo */\r
+ uint8_t cwr:1; /* congestion windows reduced */\r
+ uint16_t window; /* window size */\r
+ uint16_t urg_ptr; /* urgent pointer data */\r
+ uint8_t options; /* TCP options bitmask */\r
+ uint16_t mss; /* MSS option (RFC793) */\r
+ uint8_t wsopt; /* WSOPT option (RFC1323) */\r
+ uint32_t tsval; /* TSval option (RFC1323) */\r
+ uint32_t tsecr; /* TSecr option (RFC1323) */\r
+ uint32_t cc; /* T/TCP CC (RFC1644) */\r
+ uint32_t cc_new; /* T/TCP CC.NEW (RFC1644) */\r
+ uint32_t cc_echo; /* T/TCP CC.ECHO (RFC1644) */\r
+ uint32_t sack_left; /* SACK-Left option (RFC2018) */\r
+ uint32_t sack_right; /* SACK-Right option (RFC2018) */\r
+ uint8_t md5:1; /* MD5 Option (RFC2385) */\r
+ uint8_t auth:1; /* AO Option (RFC5925) */\r
+ uint8_t key_id; /* AO key ID (RFC5925) */\r
+ uint8_t next_key; /* AO next key ID (RFC5925) */\r
+ uint8_t nop; /* NOP option (RFC793) */\r
+ } tcp;\r
+ /* XXX EGP HEADER OPTIONS (IPPROTO_EGP = 8) */\r
+ struct{\r
+ uint8_t type; /* type */\r
+ uint8_t code; /* code */\r
+ uint8_t status; /* status */\r
+ uint16_t as; /* autonomous system */\r
+ uint16_t sequence; /* sequence number */\r
+ uint16_t hello; /* hello interval */\r
+ uint16_t poll; /* poll interval */\r
+ } egp;\r
+ /* XXX RIP HEADER OPTIONS (IPPROTO_UDP = 17) */\r
+ struct{\r
+ uint8_t command; /* command */\r
+ uint16_t family; /* address family identifier */\r
+ in_addr_t address; /* IP address */\r
+ uint32_t metric; /* metric */\r
+ uint16_t domain; /* router domain */\r
+ uint16_t tag; /* router tag */\r
+ in_addr_t netmask; /* subnet mask */\r
+ in_addr_t next_hop; /* next hop */\r
+ uint8_t auth:1; /* authentication */\r
+ uint8_t key_id; /* authentication key ID */\r
+ uint32_t sequence; /* authentication sequence */\r
+ } rip;\r
+ /* XXX DCCP HEADER OPTIONS (IPPROTO_DCCP = 33) */\r
+ struct{\r
+ uint8_t doff; /* data offset */\r
+ uint8_t cscov:4; /* checksum coverage */\r
+ uint8_t ccval:4; /* HC-sender CCID */\r
+ uint8_t type:4; /* DCCP type */\r
+ uint8_t ext:1; /* extend the sequence number */\r
+ uint16_t sequence_01; /* sequence number */\r
+ uint8_t sequence_02; /* extended sequence number */\r
+ uint32_t sequence_03; /* low sequence number */\r
+ uint32_t service; /* service code */\r
+ uint16_t acknowledge_01; /* acknowledgment # high */\r
+ uint32_t acknowledge_02; /* acknowledgment # low */\r
+ uint8_t rst_code; /* reset code */\r
+ } dccp;\r
+ /* XXX RSVP HEADER OPTIONS (IPPROTO_RSVP = 46) */\r
+ struct{\r
+ uint8_t flags:4; /* flags */\r
+ uint8_t type; /* message type */\r
+ uint8_t ttl; /* time to live */\r
+ in_addr_t session_addr; /* SESSION destination address */\r
+ uint8_t session_proto; /* SESSION protocol ID */\r
+ uint8_t session_flags; /* SESSION flags */\r
+ uint16_t session_port; /* SESSION destination port */\r
+ in_addr_t hop_addr; /* RESV_HOP neighbor address */\r
+ uint32_t hop_iface; /* RESV_HOP logical interface */\r
+ uint32_t time_refresh; /* TIME refresh interval */\r
+ in_addr_t error_addr; /* ERROR node address */\r
+ uint8_t error_flags:3; /* ERROR flags */\r
+ uint8_t error_code; /* ERROR code */\r
+ uint16_t error_value; /* ERROR value */\r
+ uint8_t scope; /* number of SCOPE(s) */\r
+ in_addr_t address[255]; /* SCOPE address(es) */\r
+ uint32_t style_opt:24; /* STYLE option vector */\r
+ in_addr_t sender_addr; /* SENDER TEMPLATE address */\r
+ uint16_t sender_port; /* SENDER TEMPLATE port */\r
+ uint8_t tspec; /* TSPEC services */\r
+ uint32_t tspec_r; /* TSPEC Token Bucket Rate */\r
+ uint32_t tspec_b; /* TSPEC Token Bucket Size */\r
+ uint32_t tspec_p; /* TSPEC Peak Data Rate */\r
+ uint32_t tspec_m; /* TSEPC Minimum Policed Unit */\r
+ uint32_t tspec_M; /* TSPEC Maximum Packet Size */\r
+ uint32_t adspec_hop; /* ADSPEC IS HOP cnt */\r
+ uint32_t adspec_path; /* ADSPEC Path b/w estimate */\r
+ uint32_t adspec_minimum; /* ADSPEC Minimum Path Latency */\r
+ uint32_t adspec_mtu; /* ADSPEC Composed MTU */\r
+ uint8_t adspec; /* ADSPEC services */\r
+ uint32_t adspec_Ctot; /* ADSPEC ETE composed value C */\r
+ uint32_t adspec_Dtot; /* ADSPEC ETE composed value D */\r
+ uint32_t adspec_Csum; /* ADSPEC SLR point composed C */\r
+ uint32_t adspec_Dsum; /* ADSPEC SLR point composed C */\r
+ in_addr_t confirm_addr; /* CONFIRM receiver address */\r
+ } rsvp;\r
+ /* XXX IPSEC HEADER OPTIONS (IPPROTO_AH = 51 & IPPROTO_ESP = 50) */\r
+ struct{\r
+ uint8_t ah_length; /* AH header length */\r
+ uint32_t ah_spi; /* AH SPI */\r
+ uint32_t ah_sequence; /* AH sequence number */\r
+ uint32_t esp_spi; /* ESP SPI */\r
+ uint32_t esp_sequence; /* ESP sequence number */\r
+ } ipsec;\r
+ /* XXX EIGRP HEADER OPTIONS (IPPROTO_EIGRP = 88) */\r
+ struct{\r
+ uint8_t opcode; /* opcode */\r
+ uint32_t flags; /* flags */\r
+ uint32_t sequence; /* sequence number */\r
+ uint32_t acknowledge; /* acknowledgment sequence # */\r
+ uint32_t as; /* autonomous system */\r
+ uint16_t type; /* type */\r
+ uint16_t length; /* length */\r
+ uint8_t values; /* EIGRP K values bitmask */\r
+ uint8_t k1; /* K1 value */\r
+ uint8_t k2; /* K2 value */\r
+ uint8_t k3; /* K3 value */\r
+ uint8_t k4; /* K4 value */\r
+ uint8_t k5; /* K5 value */\r
+ uint16_t hold; /* hold time */\r
+ uint8_t ios_major; /* IOS Major Version */\r
+ uint8_t ios_minor; /* IOS Minor Version */\r
+ uint8_t ver_major; /* EIGRP Major Version */\r
+ uint8_t ver_minor; /* EIGRP Minor Version */\r
+ in_addr_t next_hop; /* next hop address */\r
+ uint32_t delay; /* delay */\r
+ uint32_t bandwidth; /* bandwidth */\r
+ uint32_t mtu:24; /* maximum transmission unit */\r
+ uint8_t hop_count; /* hop count */\r
+ uint8_t load; /* load */\r
+ uint8_t reliability; /* reliability */\r
+ uint8_t prefix:5; /* subnet prefix - aka CIDR */\r
+ in_addr_t dest; /* destination address */\r
+ in_addr_t src_router; /* originating router */\r
+ uint32_t src_as; /* originating autonomous sys */\r
+ uint32_t tag; /* arbitrary tag */\r
+ uint32_t proto_metric; /* external protocol metric */\r
+ uint8_t proto_id; /* external protocol ID */\r
+ uint8_t ext_flags; /* external flags */\r
+ in_addr_t address; /* IP address sequence */\r
+ uint32_t multicast; /* multicast sequence */\r
+ uint8_t auth:1; /* authentication */\r
+ uint32_t key_id; /* authentication key ID */\r
+ }eigrp;\r
+ /* XXX OSPF HEADER OPTIONS (IPPROTO_OSPF = 89) */\r
+ struct{\r
+ uint8_t type; /* type */\r
+ uint16_t length; /* length */\r
+ in_addr_t rid; /* router ID */\r
+ in_addr_t aid; /* area ID */\r
+ uint8_t AID:1; /* area ID present */\r
+ uint8_t options; /* options */\r
+ in_addr_t netmask; /* subnet mask */\r
+ uint16_t hello_interval; /* HELLO interval */\r
+ uint8_t hello_priority; /* HELLO router priority */\r
+ uint32_t hello_dead; /* HELLO router dead interval */\r
+ in_addr_t hello_design; /* HELLO designated router */\r
+ in_addr_t hello_backup; /* HELLO backup designated */\r
+ uint8_t neighbor; /* HELLO number of neighbors */\r
+ in_addr_t address[255]; /* HELLO neighbor address(es) */\r
+ uint16_t dd_mtu; /* DD MTU */ \r
+ uint8_t dd_dbdesc; /* DD DB description */\r
+ uint32_t dd_sequence; /* DD sequence number */\r
+ uint8_t dd_include_lsa; /* DD LSA Header */\r
+ uint16_t lsa_age; /* LSA age */\r
+ uint8_t lsa_dage:1; /* LSA do not age */\r
+ uint8_t lsa_type; /* LSA header type */\r
+ in_addr_t lsa_lsid; /* LSA ID */\r
+ in_addr_t lsa_router; /* LSA advertising router */\r
+ uint32_t lsa_sequence; /* LSA sequence number */\r
+ uint32_t lsa_metric:24; /* LSA metric */\r
+ uint8_t lsa_flags; /* Router-LSA flags */\r
+ in_addr_t lsa_link_id; /* Router-LSA link ID */\r
+ in_addr_t lsa_link_data; /* Router-LSA link data */\r
+ uint8_t lsa_link_type; /* Router-LSA link type */\r
+ in_addr_t lsa_attached; /* Network-LSA attached router */\r
+ uint8_t lsa_larger:1; /* ASBR/NSSA-LSA ext. larger */\r
+ in_addr_t lsa_forward; /* ASBR/NSSA-LSA forward */\r
+ in_addr_t lsa_external; /* ASBR/NSSA-LSA external */\r
+ uint32_t vertex_type; /* Group-LSA vertex type */\r
+ in_addr_t vertex_id; /* Group-LSA vertex ID */\r
+ uint32_t lls_options; /* LSS Extended TLV options */\r
+ uint8_t auth:1; /* authentication */\r
+ uint8_t key_id; /* authentication key ID */\r
+ uint32_t sequence; /* authentication sequence */\r
+ } ospf;\r
+};\r
+#endif /* CONFIG_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef __EGP_H\r
+#define __EGP_H\r
+\r
+#define EGPVERSION 2\r
+\r
+#include <common.h>\r
+\r
+/* EGP Message Types */\r
+enum egp_type {\r
+ EGP_NEIGHBOR_UPDATE_RESP = 1,\r
+#define EGP_NEIGHBOR_UPDATE_RESP EGP_NEIGHBOR_UPDATE_RESP\r
+ EGP_NEIGHBOR_POLL_COMMAND,\r
+#define EGP_NEIGHBOR_POLL_COMMAND EGP_NEIGHBOR_POLL_COMMAND\r
+ EGP_NEIGHBOR_ACQUISITION,\r
+#define EGP_NEIGHBOR_ACQUISITION EGP_NEIGHBOR_ACQUISITION\r
+ EGP_NEIGHBOR_REACHABILITY = 5,\r
+#define EGP_NEIGHBOR_REACHABILITY EGP_NEIGHBOR_REACHABILITY\r
+ EGP_NEIGHBOR_ERROR_RESP = 8\r
+#define EGP_NEIGHBOR_ERROR_RESP EGP_NEIGHBOR_ERROR_RESP\r
+};\r
+\r
+/* EGP Message Neighbor Acquisition Codes */\r
+enum acquisition_code {\r
+ EGP_ACQ_CODE_REQUEST_CMD = 0,\r
+#define EGP_ACQ_CODE_REQUEST_CMD EGP_ACQ_CODE_REQUEST_CMD\r
+ EGP_ACQ_CODE_CONFIRM_RESP,\r
+#define EGP_ACQ_CODE_CONFIRM_RESP EGP_ACQ_CODE_CONFIRM_RESP\r
+ EGP_ACQ_CODE_REFUSE_RESP,\r
+#define EGP_ACQ_CODE_REFUSE_RESP EGP_ACQ_CODE_REFUSE_RESP\r
+ EGP_ACQ_CODE_CEASE_CMD,\r
+#define EGP_ACQ_CODE_CEASE_CMD EGP_ACQ_CODE_CEASE_CMD\r
+ EGP_ACQ_CODE_CEASE_ACKCMD,\r
+#define EGP_ACQ_CODE_CEASE_ACKCMD EGP_ACQ_CODE_CEASE_ACKCMD\r
+\r
+};\r
+\r
+/* EGP Message Neighbor Acquisition Type */\r
+enum egp_acq_status {\r
+ EGP_ACQ_STAT_UNSPECIFIED = 0,\r
+#define EGP_ACQ_STAT_UNSPECIFIED EGP_ACQ_STAT_UNSPECIFIED\r
+ EGP_ACQ_STAT_ACTIVE_MODE,\r
+#define EGP_ACQ_STAT_ACTIVE_MODE EGP_ACQ_STAT_ACTIVE_MODE\r
+ EGP_ACQ_STAT_PASSIVE_MODE,\r
+#define EGP_ACQ_STAT_PASSIVE_MODE EGP_ACQ_STAT_PASSIVE_MODE\r
+ EGP_ACQ_STAT_INSUFFICIENT,\r
+#define EGP_ACQ_STAT_INSUFFICIENT EGP_ACQ_STAT_INSUFFICIENT\r
+ EGP_ACQ_STAT_ADM_PROHIBIT,\r
+#define EGP_ACQ_STAT_ADM_PROHIBIT EGP_ACQ_STAT_ADM_PROHIBIT\r
+ EGP_ACQ_STAT_GOING_DOWN,\r
+#define EGP_ACQ_STAT_GOING_DOWN EGP_ACQ_STAT_GOING_DOWN\r
+ EGP_ACQ_STAT_PARAMETER,\r
+#define EGP_ACQ_STAT_PARAMETER EGP_ACQ_STAT_PARAMETER\r
+ EGP_ACQ_STAT_VIOLATION,\r
+#define EGP_ACQ_STAT_VIOLATION EGP_ACQ_STAT_VIOLATION\r
+};\r
+\r
+/* EGP PROTOCOL STRUCTURES\r
+\r
+ EGP protocol structures used by code.\r
+ Any new EGP protocol structure should be added in this section. */\r
+/*\r
+ * Exterior Gateway Protocol (EGP) Formal Specification (RFC 904)\r
+ *\r
+ * Appendix A. EGP Message Formats\r
+ *\r
+ * The formats for the various EGP messages are described in this\r
+ * section. All EGP messages include a ten-octet header of six fields,\r
+ * which may be followed by additional fields depending on message type.\r
+ * The format of the header is shown below along with a description of its\r
+ * fields.\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | EGP Version # | Type | Code | Status |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Checksum | Autonomous System # |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Sequence # |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ *\r
+ * EGP Version # assigned number identifying the EGP version\r
+ * (currently 2)\r
+ *\r
+ * Type identifies the message type\r
+ *\r
+ * Code identifies the message code (subtype)\r
+ *\r
+ * Status contains message-dependent status information\r
+ *\r
+ * Checksum The EGP checksum is the 16-bit one's complement\r
+ * of the one's complement sum of the EGP message\r
+ * starting with the EGP version number field. When\r
+ * computing the checksum the checksum field itself\r
+ * should be zero.\r
+ *\r
+ * Autonomous System # assigned number identifying the particular\r
+ * autonomous system\r
+ * \r
+ * Sequence # send state variable (commands) or receive state\r
+ * variable (responses and indications)\r
+ */\r
+ \r
+struct egp_hdr {\r
+ uint8_t version; /* version */\r
+ uint8_t type; /* type */\r
+ uint8_t code; /* code */\r
+ uint8_t status; /* status */\r
+ uint16_t check; /* checksum */\r
+ uint16_t as; /* autonomous system */\r
+ uint16_t sequence; /* sequence number */\r
+ uint8_t __data[0]; /* data */\r
+};\r
+\r
+/*\r
+ * Exterior Gateway Protocol (EGP) Formal Specification (RFC 904)\r
+ *\r
+ * A.1. Neighbor Acquisition Messages\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | EGP Version # | Type | Code | Status |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Checksum | Autonomous System # |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Sequence # | Hello Interval |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Poll Interval |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ *\r
+ * Note: the Hello Interval and Poll Interval fields are present only in\r
+ * Request and Confirm messages.\r
+ *\r
+ * Type 3\r
+ *\r
+ * Code 0 Request command\r
+ * 1 Confirm response\r
+ * 2 Refuse response\r
+ * 3 Cease command\r
+ * 4 Cease-ack response\r
+ *\r
+ * Status (see below) 0 unspecified\r
+ * 1 active mode\r
+ * 2 passive mode\r
+ * 3 insufficient resources\r
+ * 4 administratively prohibited\r
+ * 5 going down\r
+ * 6 parameter problem\r
+ * 7 protocol violation\r
+ *\r
+ * Hello Interval minimum Hello command polling interval (seconds)\r
+ *\r
+ * Poll Interval minimum Poll command polling interval (seconds)\r
+ */\r
+ \r
+struct egp_acq_hdr {\r
+ __be16 hello; /* hello interval */\r
+ __be16 poll; /* poll interval */\r
+};\r
+\r
+#endif /* __EGP_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef EIGRP_H\r
+#define EIGRP_H\r
+\r
+#define IPPROTO_EIGRP 88\r
+#define EIGRPVERSION 2\r
+#define EIGRP_FLAG_INIT 0x00000001\r
+#define EIGRP_FLAG_COND 0x00000002\r
+\r
+#include <common.h>\r
+\r
+/* EIGRP Message Opcode */\r
+enum eigrp_opcode {\r
+ EIGRP_OPCODE_UPDATE = 1,\r
+#define EIGRP_OPCODE_UPDATE EIGRP_OPCODE_UPDATE\r
+ EIGRP_OPCODE_REQUEST,\r
+#define EIGRP_OPCODE_REQUEST EIGRP_OPCODE_REQUEST\r
+ EIGRP_OPCODE_QUERY,\r
+#define EIGRP_OPCODE_QUERY EIGRP_OPCODE_QUERY\r
+ EIGRP_OPCODE_REPLY,\r
+#define EIGRP_OPCODE_REPLY EIGRP_OPCODE_REPLY\r
+ EIGRP_OPCODE_HELLO,\r
+#define EIGRP_OPCODE_HELLO EIGRP_OPCODE_HELLO\r
+ EIGRP_OPCODE_IPX_SAP,\r
+#define EIGRP_OPCODE_IPX_SAP EIGRP_OPCODE_IPX_SAP\r
+};\r
+\r
+/* EIGRP Message Type/Length/Value */\r
+enum eigrp_tlv {\r
+ EIGRP_TYPE_PARAMETER = 0x0001,\r
+#define EIGRP_TYPE_PARAMETER EIGRP_TYPE_PARAMETER\r
+#define EIGRP_TLEN_PARAMETER 12\r
+ EIGRP_TYPE_AUTH,\r
+#define EIGRP_TYPE_AUTH EIGRP_TYPE_AUTH\r
+#define EIGRP_TLEN_AUTH 40\r
+#define EIGRP_PADDING_BLOCK 12\r
+#define EIGRP_MAXIMUM_KEYID 2147483647\r
+ EIGRP_TYPE_SEQUENCE,\r
+#define EIGRP_TYPE_SEQUENCE EIGRP_TYPE_SEQUENCE\r
+#define EIGRP_TLEN_SEQUENCE 9\r
+ EIGRP_TYPE_SOFTWARE,\r
+#define EIGRP_TYPE_SOFTWARE EIGRP_TYPE_SOFTWARE\r
+#define EIGRP_TLEN_SOFTWARE 8\r
+ EIGRP_TYPE_MULTICAST,\r
+#define EIGRP_TYPE_MULTICAST EIGRP_TYPE_MULTICAST\r
+#define EIGRP_TLEN_MULTICAST 8\r
+ EIGRP_TYPE_INTERNAL = 0x0102,\r
+#define EIGRP_TYPE_INTERNAL EIGRP_TYPE_INTERNAL\r
+#define EIGRP_TLEN_INTERNAL 25\r
+ EIGRP_TYPE_EXTERNAL = 0x0103,\r
+#define EIGRP_TYPE_EXTERNAL EIGRP_TYPE_EXTERNAL\r
+#define EIGRP_TLEN_EXTERNAL 45\r
+#define EIGRP_DADDR_BUILD(foo, bar) \\r
+ (foo &= htonl(~(0xffffffff >> ((bar >> 3) * 8))))\r
+\r
+#define EIGRP_DADDR_LENGTH(foo) \\r
+ (((foo >> 3) & 3) + (foo % 8 ? 1 : 0))\r
+};\r
+\r
+/* EIGRP K Values bitmask */\r
+enum eigrp_kvalue_bitmask{\r
+ EIGRP_KVALUE_K1 = 0x01,\r
+#define EIGRP_KVALUE_K1 EIGRP_KVALUE_K1\r
+ EIGRP_KVALUE_K2 = 0x02,\r
+#define EIGRP_KVALUE_K2 EIGRP_KVALUE_K2\r
+ EIGRP_KVALUE_K3 = 0x04,\r
+#define EIGRP_KVALUE_K3 EIGRP_KVALUE_K3\r
+ EIGRP_KVALUE_K4 = 0x08,\r
+#define EIGRP_KVALUE_K4 EIGRP_KVALUE_K4\r
+ EIGRP_KVALUE_K5 = 0x10,\r
+#define EIGRP_KVALUE_K5 EIGRP_KVALUE_K5\r
+};\r
+\r
+/*\r
+ * Enhanced Interior Gateway Routing Protocol (EIGRP)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Version | Opcode | Checksum |\r
+ * +---------------+---------------+-------------------------------+\r
+ * | Flags |\r
+ * +-------------------------------+-------------------------------+\r
+ * | Sequence Number |\r
+ * +---------------------------------------------------------------+\r
+ * | Acknowledgment Number |\r
+ * +---------------------------------------------------------------+\r
+ * | Autonomous System Number |\r
+ * +---------------------------------------------------------------+\r
+ * | |\r
+ * // TLV (Type/Length/Value) //\r
+ * | |\r
+ * +---------------------------------------------------------------+\r
+ *\r
+ * Please, be advised that there is no deep information about EIGRP, no\r
+ * other than EIGRP PCAP files public available. Due to that I have done\r
+ * a deep analysis using live EIGRP PCAP files to build the EIGRP Packet.\r
+ *\r
+ * There are some really good resources, such as:\r
+ * http://www.protocolbase.net/protocols/protocol_EIGRP.php\r
+ * http://packetlife.net/captures/category/cisco-proprietary/\r
+ * http://oreilly.com/catalog/iprouting/chapter/ch04.html\r
+ */\r
+ \r
+/* EIGRP PROTOCOL STRUCTURES */\r
+struct eigrp_hdr {\r
+ uint16_t version:8, /* version */\r
+ opcode:8; /* opcode */\r
+ uint16_t check; /* checksum */\r
+ uint32_t flags; /* flags */\r
+ uint32_t sequence; /* sequence number */\r
+ uint32_t acknowledge; /* acknowledgment sequence # */\r
+ uint32_t as; /* autonomous system */\r
+ uint8_t __tlv[0]; /* TLV (Type/Length/Value) */\r
+};\r
+\r
+#endif /* __EIGRP_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+#ifndef __GRE_H\r
+#define __GRE_H 1\r
+\r
+#include <common.h>\r
+\r
+#define GREVERSION 0\r
+\r
+/* GRE Options */\r
+enum gre_option{\r
+ GRE_OPTION_STRICT = 0x01,\r
+#define GRE_OPTION_STRICT GRE_OPTION_STRICT\r
+ GRE_OPTION_SEQUENCE = 0x02,\r
+#define GRE_OPTION_SEQUENCE GRE_OPTION_SEQUENCE\r
+#define GRE_OPTLEN_SEQUENCE sizeof (struct gre_seq_hdr)\r
+ GRE_OPTION_KEY = 0x04,\r
+#define GRE_OPTION_KEY GRE_OPTION_KEY\r
+#define GRE_OPTLEN_KEY sizeof(struct gre_key_hdr)\r
+ GRE_OPTION_ROUTING = 0x08,\r
+#define GRE_OPTION_ROUTING GRE_OPTION_ROUTING\r
+ GRE_OPTION_CHECKSUM = 0x10,\r
+#define GRE_OPTION_CHECKSUM GRE_OPTION_CHECKSUM\r
+#define GRE_OPTLEN_CHECKSUM sizeof(struct gre_sum_hdr)\r
+};\r
+\r
+\r
+/* GRE PROTOCOL STRUCTURES\r
+\r
+ GRE protocol structures used by code.\r
+ Any new GRE protocol structure should be added in this section. */\r
+/*\r
+ * Generic Routing Encapsulation (GRE) (RFC 1701)\r
+ *\r
+ * The GRE packet header has form:\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * |C|R|K|S|s|Recur| Flags | Ver | Protocol Type |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Checksum (optional) | Offset (optional) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Key (optional) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Sequence Number (optional) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Routing (optional)\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ *\r
+ * Key and Sequence Number Extensions to GRE (RFC 2890)\r
+ *\r
+ * The proposed GRE header will have the following format:\r
+ *\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * |C| |K|S| Reserved0 | Ver | Protocol Type |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Checksum (optional) | Reserved1 (Optional) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Key (optional) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Sequence Number (Optional) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ */\r
+struct gre_hdr{\r
+#if defined(__LITTLE_ENDIAN_BITFIELD)\r
+ uint16_t recur:3, /* recursion control */\r
+ s:1, /* strict source route */\r
+ S:1, /* sequence number present */\r
+ K:1, /* key present */\r
+ R:1, /* routing present */\r
+ C:1, /* checksum present */\r
+ version:3, /* version */\r
+ flags:5; /* flags */\r
+#elif defined(__BIG_ENDIAN_BITFIELD)\r
+ uint16_t C:1, /* checksum present */\r
+ R:1, /* routing present */\r
+ K:1, /* key present */\r
+ S:1, /* sequence number present */\r
+ s:1, /* strict source route */\r
+ recur:3, /* recursion control */\r
+ flags:5, /* flags */\r
+ version:3; /* version */\r
+#else\r
+# error "Adjust your <asm/byteorder.h> defines"\r
+#endif\r
+ uint16_t proto; /* protocol */\r
+ uint8_t __optional[0]; /* optional */\r
+};\r
+/*\r
+ * Generic Routing Encapsulation (GRE) (RFC 1701)\r
+ *\r
+ * Offset (2 octets)\r
+ *\r
+ * The offset field indicates the octet offset from the start of the\r
+ * Routing field to the first octet of the active Source Route Entry\r
+ * to be examined. This field is present if the Routing Present or\r
+ * the Checksum Present bit is set to 1, and contains valid information\r
+ * only if the Routing Present bit is set to 1.\r
+ *\r
+ * Checksum (2 octets)\r
+ *\r
+ * The Checksum field contains the IP (one's complement) checksum of\r
+ * the GRE header and the payload packet. This field is present if\r
+ * the Routing Present or the Checksum Present bit is set to 1, and\r
+ * contains valid information only if the Checksum Present bit is set\r
+ * to 1.\r
+ */\r
+struct gre_sum_hdr{\r
+ uint16_t check; /* checksum */\r
+ uint16_t offset; /* offset */\r
+};\r
+/*\r
+ * Generic Routing Encapsulation (GRE) (RFC 1701)\r
+ *\r
+ * Key (4 octets)\r
+ *\r
+ * The Key field contains a four octet number which was inserted by\r
+ * the encapsulator. It may be used by the receiver to authenticate the\r
+ * source of the packet. The techniques for determining authenticity are\r
+ * outside of the scope of this document. The Key field is only present\r
+ * if the Key Present field is set to 1.\r
+ */\r
+struct gre_key_hdr{\r
+ uint32_t key; /* key */\r
+};\r
+/*\r
+ * Generic Routing Encapsulation (GRE) (RFC 1701)\r
+ *\r
+ * Sequence Number (4 octets)\r
+ *\r
+ * The Sequence Number field contains an unsigned 32 bit integer which\r
+ * is inserted by the encapsulator. It may be used by the receiver to\r
+ * establish the order in which packets have been transmitted from the\r
+ * encapsulator to the receiver. The exact algorithms for the generation\r
+ * of the Sequence Number and the semantics of their reception is \r
+ * outside of the scope of this document.\r
+ */\r
+struct gre_seq_hdr{\r
+ uint32_t sequence; /* sequence number */\r
+}; \r
+\r
+size_t gre_opt_len(const uint8_t foo, const uint8_t bar);\r
+struct iphdr *gre_encapsulation(void *, const struct config_options *, uint32_t);\r
+void gre_checksum(void *, const struct config_options *, uint32_t);\r
+\r
+#endif /* __GRE_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+#ifndef __IGMP_H\r
+#define __IGMP_H 1\r
+\r
+#include <common.h>\r
+\r
+/* IGMP Header DEFINITIONS. */\r
+#define IGMPV3_TLEN_NSRCS(foo) \\r
+ (foo * sizeof(in_addr_t))\r
+/* Calculating IGMPv3 Header length */\r
+#define igmpv3_hdr_len(foo, bar) \\r
+ ((foo == IGMPV3_HOST_MEMBERSHIP_REPORT ? \\r
+ sizeof(struct igmpv3_report) + \\r
+ sizeof(struct igmpv3_grec) : \\r
+ sizeof(struct igmpv3_query)) + \\r
+ IGMPV3_TLEN_NSRCS(bar))\r
+\r
+#endif /* __IGMP_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef __OSPF_H\r
+#define __OSPF_H 1\r
+\r
+#include <common.h>\r
+\r
+#define IPPROTO_OSPF 89\r
+#define OSPFVERSION 2\r
+/* OSPF Message Type */\r
+enum ospf_type{\r
+ OSPF_TYPE_HELLO = 1,\r
+#define OSPF_TLEN_HELLO 20\r
+#define OSPF_TLEN_NEIGHBOR(foo) \\r
+ (foo * sizeof(in_addr_t))\r
+ OSPF_TYPE_DD,\r
+#define OSPF_TLEN_DD 8\r
+ OSPF_TYPE_LSREQUEST,\r
+#define OSPF_TLEN_LSREQUEST 12\r
+ OSPF_TYPE_LSUPDATE,\r
+#define OSPF_TLEN_LSUPDATE 4\r
+ OSPF_TYPE_LSACK,\r
+#define OSPF_TYPE_LSACK OSPF_TYPE_LSACK\r
+};\r
+/* OSPF HELLO, DD and LSA Option */\r
+enum ospf_option{\r
+ OSPF_OPTION_TOS = 0x01,\r
+#define OSPF_OPTION_TOS OSPF_OPTION_TOS\r
+ OSPF_OPTION_EXTERNAL = 0x02,\r
+#define OSPF_OPTION_EXTERNAL OSPF_OPTION_EXTERNAL\r
+ OSPF_OPTION_MULTICAST = 0x04,\r
+#define OSPF_OPTION_MULTICAST OSPF_OPTION_MULTICAST\r
+ OSPF_OPTION_NSSA = 0x08,\r
+#define OSPF_OPTION_NSSA OSPF_OPTION_NSSA\r
+ OSPF_OPTION_LLS = 0x10,\r
+#define OSPF_OPTION_LLS OSPF_OPTION_LLS\r
+ OSPF_OPTION_DEMAND = 0x20,\r
+#define OSPF_OPTION_DEMAND OSPF_OPTION_DEMAND\r
+ OSPF_OPTION_OPAQUE = 0x40,\r
+#define OSPF_OPTION_OPAQUE OSPF_OPTION_OPAQUE\r
+ OSPF_OPTION_DOWN = 0x80,\r
+#define OSPF_OPTION_DOWN OSPF_OPTION_DOWN\r
+};\r
+/* OSPF DD DB Description */\r
+enum dd_dbdesc{\r
+ DD_DBDESC_MSLAVE = 0x01,\r
+#define DD_DBDESC_MSLAVE DD_DBDESC_MSLAVE\r
+ DD_DBDESC_MORE = 0x02,\r
+#define DD_DBDESC_MORE DD_DBDESC_MORE\r
+ DD_DBDESC_INIT = 0x04,\r
+#define DD_DBDESC_INIT DD_DBDESC_INIT\r
+ DD_DBDESC_OOBRESYNC = 0x08,\r
+#define DD_DBDESC_OOBRESYNC DD_DBDESC_OOBRESYNC\r
+};\r
+/* OSPF LSA LS Type */\r
+enum lsa_type{\r
+#define LSA_TLEN_GENERIC(foo) \\r
+ (sizeof(struct ospf_lsa_hdr) + \\r
+ (foo * sizeof(uint32_t)))\r
+ LSA_TYPE_ROUTER = 1,\r
+#define LSA_TLEN_ROUTER LSA_TLEN_GENERIC(4)\r
+ LSA_TYPE_NETWORK,\r
+#define LSA_TLEN_NETWORK LSA_TLEN_GENERIC(2)\r
+ LSA_TYPE_SUMMARY_IP,\r
+#define LSA_TYPE_SUMMARY_IP LSA_TYPE_SUMMARY_IP\r
+ LSA_TYPE_SUMMARY_AS,\r
+#define LSA_TLEN_SUMMARY LSA_TLEN_GENERIC(2)\r
+ LSA_TYPE_ASBR,\r
+#define LSA_TYPE_ASBR LSA_TYPE_ASBR\r
+#define LSA_TLEN_ASBR LSA_TLEN_GENERIC(4)\r
+ LSA_TYPE_MULTICAST,\r
+#define LSA_TLEN_MULTICAST LSA_TLEN_GENERIC(2)\r
+ LSA_TYPE_NSSA,\r
+#define LSA_TLEN_NSSA LSA_TLEN_ASBR\r
+ LSA_TYPE_OPAQUE_LINK = 9,\r
+#define LSA_TYPE_OPAQUE_LINK LSA_TYPE_OPAQUE_LINK\r
+ LSA_TYPE_OPAQUE_AREA,\r
+#define LSA_TYPE_OPAQUE_AREA LSA_TYPE_OPAQUE_AREA\r
+ LSA_TYPE_OPAQUE_FLOOD,\r
+#define LSA_TYPE_OPAQUE_FLOOD LSA_TYPE_OPAQUE_FLOOD\r
+};\r
+/* OSPF Router-LSA Flag */\r
+enum router_flag{\r
+ ROUTER_FLAG_BORDER = 0x01,\r
+#define ROUTER_FLAG_BORDER ROUTER_FLAG_BORDER\r
+ ROUTER_FLAG_EXTERNAL = 0x02,\r
+#define ROUTER_FLAG_EXTERNAL ROUTER_FLAG_EXTERNAL\r
+ ROUTER_FLAG_VIRTUAL = 0x04,\r
+#define ROUTER_FLAG_VIRTUAL ROUTER_FLAG_VIRTUAL\r
+ ROUTER_FLAG_WILD = 0x08,\r
+#define ROUTER_FLAG_WILD ROUTER_FLAG_WILD\r
+ ROUTER_FLAG_NSSA_TR = 0x10,\r
+#define ROUTER_FLAG_NSSA_TR ROUTER_FLAG_NSSA_TR\r
+};\r
+/* OSPF Router-LSA Link type */\r
+enum link_type{\r
+ LINK_TYPE_PTP = 1,\r
+#define LINK_TYPE_PTP LINK_TYPE_PTP\r
+ LINK_TYPE_TRANSIT,\r
+#define LINK_TYPE_TRANSIT LINK_TYPE_TRANSIT\r
+ LINK_TYPE_STUB,\r
+#define LINK_TYPE_STUB LINK_TYPE_STUB\r
+ LINK_TYPE_VIRTUAL,\r
+#define LINK_TYPE_VIRTUAL LINK_TYPE_VIRTUAL\r
+};\r
+/* OSPF Group-LSA Type */\r
+enum vertex_type{\r
+ VERTEX_TYPE_ROUTER = 0x00000001,\r
+#define VERTEX_TYPE_ROUTER VERTEX_TYPE_ROUTER\r
+ VERTEX_TYPE_NETWORK,\r
+#define VERTEX_TYPE_NETWORK VERTEX_TYPE_NETWORK\r
+};\r
+#define OSPF_TLV_HEADER sizeof(struct ospf_lls_hdr)\r
+/* OSPF LLS Type/Length/Value */\r
+enum ospf_tlv{\r
+ OSPF_TLV_RESERVED = 0,\r
+#define OSPF_TLV_RESERVED OSPF_TLV_RESERVED\r
+ OSPF_TLV_EXTENDED,\r
+#define OSPF_TLV_EXTENDED OSPF_TLV_EXTENDED\r
+#define OSPF_LEN_EXTENDED OSPF_TLV_HEADER\r
+#define EXTENDED_OPTIONS_LR 0x00000001\r
+#define EXTENDED_OPTIONS_RS 0x00000002\r
+ OSPF_TLV_CRYPTO,\r
+#define OSPF_LEN_CRYPTO \\r
+ OSPF_TLV_HEADER + \\r
+ AUTH_TLEN_HMACMD5\r
+};\r
+/* Calculating OSPF LLS Type/Length/Value length */\r
+# define ospf_tlv_len(foo, bar, baz) \\r
+ (foo == OSPF_TYPE_HELLO || \\r
+ foo == OSPF_TYPE_DD ? \\r
+ (bar ? \\r
+ OSPF_TLV_HEADER * 2 + \\r
+ OSPF_LEN_EXTENDED + \\r
+ (baz ? \\r
+ OSPF_TLV_HEADER + \\r
+ OSPF_LEN_CRYPTO : \\r
+ 0) : \\r
+ 0) : \\r
+ 0)\r
+\r
+/* OSPF PROTOCOL STRUCTURES\r
+\r
+ OSPF protocol structures used by code.\r
+ Any new OSPF protocol structure should be added in this section. */\r
+/*\r
+ * OSPF Version 2 (RFC 2328)\r
+ *\r
+ * A.3.1 The OSPF packet header\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Version # | Type | Packet length |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Router ID |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Area ID |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Checksum | AuType |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ */\r
+struct ospf_hdr{\r
+ uint16_t version:8, /* version */\r
+ type:8; /* type */\r
+ uint16_t length; /* length */\r
+ in_addr_t rid; /* router ID */\r
+ in_addr_t aid; /* area ID */\r
+ uint16_t check; /* checksum */\r
+ uint16_t autype; /* authentication type */\r
+ uint8_t __ospf_auth[0]; /* authentication header */\r
+ uint8_t __ospf_type_hdr[0]; /* type header */\r
+};\r
+/*\r
+ * OSPF Version 2 (RFC 2328)\r
+ *\r
+ * A.3.1 The OSPF packet header\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Authentication |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Authentication |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ *\r
+ * D.3 Cryptographic authentication\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | 0 | Key ID | Auth Data Len |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Cryptographic sequence number |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ */\r
+struct ospf_auth_hdr{\r
+ uint16_t reserved; /* reserved must be zero */\r
+ uint16_t key_id:8, /* authentication key ID */\r
+ length:8; /* authentication length */\r
+ uint32_t sequence; /* authentication sequence # */\r
+};\r
+/*\r
+ * OSPF Version 2 (RFC 2328)\r
+ *\r
+ * A.4.1 The Link State Advertisement (LSA) header\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | LS age | Options | LS type |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Link State ID |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Advertising Router |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | LS sequence number |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | LS checksum | length |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ */\r
+struct ospf_lsa_hdr{\r
+ uint16_t age; /* LSA age */\r
+ uint8_t options; /* LSA options */\r
+ uint8_t type; /* LSA type */\r
+ in_addr_t lsid; /* LSA link state ID */\r
+ in_addr_t router; /* LSA advertising router */\r
+ uint32_t sequence; /* LSA sequence number */\r
+ uint16_t check; /* LSA checksum */\r
+ uint16_t length; /* LSA length */\r
+};\r
+/*\r
+ * OSPF Link-Local Signaling (RFC 5613)\r
+ *\r
+ * 2.2. LLS Data Block\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Checksum | LLS Data Length |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | |\r
+ * | LLS TLVs |\r
+ * . .\r
+ * . .\r
+ * . .\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ */\r
+struct ospf_lls_hdr{\r
+ uint16_t check; /* LLS checksum */\r
+ uint16_t length; /* LLS length */\r
+};\r
+\r
+#endif /* __OSPF_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef __RIP_H\r
+#define __RIP_H 1\r
+\r
+#include <common.h>\r
+\r
+#define IPPORT_RIP 520\r
+#define RIP_HEADER_LENGTH 4\r
+#define RIP_MESSAGE_LENGTH 20\r
+#define RIP_AUTH_LENGTH 20\r
+#define RIP_TRAILER_LENGTH 4\r
+\r
+/* Calculating RIP Header length */\r
+# define rip_hdr_len(foo) \\r
+ (RIP_HEADER_LENGTH + \\r
+ RIP_MESSAGE_LENGTH + \\r
+ (foo ? \\r
+ RIP_AUTH_LENGTH + \\r
+ RIP_TRAILER_LENGTH + \\r
+ AUTH_TLEN_HMACMD5 : \\r
+ 0))\r
+\r
+#endif /* __RIP_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef __RSVP_H\r
+#define __RSVP_H 1\r
+\r
+#include <common.h>\r
+\r
+#define RSVPVERSION 1\r
+\r
+/* RSVP Message Type */\r
+enum rsvp_type{\r
+ RSVP_MESSAGE_TYPE_PATH = 1,\r
+#define RSVP_MESSAGE_TYPE_PATH RSVP_MESSAGE_TYPE_PATH\r
+ RSVP_MESSAGE_TYPE_RESV,\r
+#define RSVP_MESSAGE_TYPE_RESV RSVP_MESSAGE_TYPE_RESV\r
+ RSVP_MESSAGE_TYPE_PATHERR,\r
+#define RSVP_MESSAGE_TYPE_PATHERR RSVP_MESSAGE_TYPE_PATHERR\r
+ RSVP_MESSAGE_TYPE_RESVERR,\r
+#define RSVP_MESSAGE_TYPE_RESVERR RSVP_MESSAGE_TYPE_RESVERR\r
+ RSVP_MESSAGE_TYPE_PATHTEAR,\r
+#define RSVP_MESSAGE_TYPE_PATHTEAR RSVP_MESSAGE_TYPE_PATHTEAR\r
+ RSVP_MESSAGE_TYPE_RESVTEAR,\r
+#define RSVP_MESSAGE_TYPE_RESVTEAR RSVP_MESSAGE_TYPE_RESVTEAR\r
+ RSVP_MESSAGE_TYPE_RESVCONF,\r
+#define RSVP_MESSAGE_TYPE_RESVCONF RSVP_MESSAGE_TYPE_RESVCONF\r
+ RSVP_MESSAGE_TYPE_BUNDLE = 12,\r
+#define RSVP_MESSAGE_TYPE_BUNDLE RSVP_MESSAGE_TYPE_BUNDLE\r
+ RSVP_MESSAGE_TYPE_ACK,\r
+#define RSVP_MESSAGE_TYPE_ACK RSVP_MESSAGE_TYPE_ACK\r
+ RSVP_MESSAGE_TYPE_SREFRESH = 15,\r
+#define RSVP_MESSAGE_TYPE_SREFRESH RSVP_MESSAGE_TYPE_SREFRESH\r
+ RSVP_MESSAGE_TYPE_HELLO = 20,\r
+#define RSVP_MESSAGE_TYPE_HELLO RSVP_MESSAGE_TYPE_HELLO\r
+ RSVP_MESSAGE_TYPE_NOTIFY,\r
+#define RSVP_MESSAGE_TYPE_NOTIFY RSVP_MESSAGE_TYPE_NOTIFY\r
+};\r
+/*\r
+ * Resource ReSerVation Protocol (RSVP) (RFC 2205)\r
+ *\r
+ * 3.1.2 Object Formats\r
+ *\r
+ * Every object consists of one or more 32-bit words with a one-\r
+ * word header, with the following format:\r
+ *\r
+ * 0 1 2 3\r
+ * +-------------+-------------+-------------+-------------+\r
+ * | Length (bytes) | Class-Num | C-Type |\r
+ * +-------------+-------------+-------------+-------------+\r
+ * | |\r
+ * // (Object contents) //\r
+ * | |\r
+ * +-------------+-------------+-------------+-------------+\r
+ */\r
+#define RSVP_OBJECT_HEADER_LENGTH \\r
+ (sizeof(uint16_t) + \\r
+ (sizeof(uint8_t) * 2))\r
+/* RSVP Object Class */\r
+enum rsvp_object_class{\r
+ RSVP_OBJECT_SESSION = 1,\r
+#define RSVP_OBJECT_SESSION RSVP_OBJECT_SESSION\r
+#define RSVP_LENGTH_SESSION RSVP_OBJECT_HEADER_LENGTH + 8\r
+ RSVP_OBJECT_RESV_HOP = 3,\r
+#define RSVP_LENGTH_RESV_HOP RSVP_OBJECT_HEADER_LENGTH + 8\r
+ RSVP_OBJECT_INTEGRITY,\r
+#define RSVP_LENGTH_INTEGRITY RSVP_OBJECT_HEADER_LENGTH + 20\r
+ RSVP_OBJECT_TIME_VALUES,\r
+#define RSVP_LENGTH_TIME_VALUES RSVP_OBJECT_HEADER_LENGTH + 4\r
+ RSVP_OBJECT_ERROR_SPEC,\r
+#define RSVP_LENGTH_ERROR_SPEC RSVP_OBJECT_HEADER_LENGTH + 8\r
+ RSVP_OBJECT_SCOPE,\r
+#define RSVP_LENGTH_SCOPE(foo) \\r
+ (RSVP_OBJECT_HEADER_LENGTH + \\r
+ (foo * sizeof(in_addr_t)))\r
+ RSVP_OBJECT_STYLE,\r
+#define RSVP_LENGTH_STYLE RSVP_OBJECT_HEADER_LENGTH + 4\r
+ RSVP_OBJECT_FLOWSPEC,\r
+#define RSVP_LENGTH_FLOWSPEC RSVP_OBJECT_HEADER_LENGTH + 32\r
+ RSVP_OBJECT_FILTER_SPEC,\r
+#define RSVP_LENGTH_FILTER_SPEC RSVP_OBJECT_HEADER_LENGTH + 8\r
+ RSVP_OBJECT_SENDER_TEMPLATE,\r
+#define RSVP_LENGTH_SENDER_TEMPLATE RSVP_OBJECT_HEADER_LENGTH + 8\r
+ RSVP_OBJECT_SENDER_TSPEC,\r
+#define RSVP_LENGTH_SENDER_TSPEC RSVP_OBJECT_HEADER_LENGTH + 8\r
+ RSVP_OBJECT_ADSPEC,\r
+#define RSVP_OBJECT_ADSPEC RSVP_OBJECT_ADSPEC\r
+#define RSVP_LENGTH_ADSPEC RSVP_OBJECT_HEADER_LENGTH + ADSPEC_MESSAGE_HEADER\r
+ RSVP_OBJECT_POLICY_DATA,\r
+#define RSVP_OBJECT_POLICY_DATA RSVP_OBJECT_POLICY_DATA\r
+ RSVP_OBJECT_RESV_CONFIRM,\r
+#define RSVP_OBJECT_RESV_CONFIRM RSVP_OBJECT_RESV_CONFIRM\r
+#define RSVP_LENGTH_RESV_CONFIRM RSVP_OBJECT_HEADER_LENGTH + 4\r
+ RSVP_OBJECT_MESSAGE_ID = 23,\r
+#define RSVP_OBJECT_MESSAGE_ID RSVP_OBJECT_MESSAGE_ID\r
+ RSVP_OBJECT_MESSAGE_ID_ACK,\r
+#define RSVP_OBJECT_MESSAGE_ID_ACK RSVP_OBJECT_MESSAGE_ID_ACK\r
+ RSVP_OBJECT_MESSAGE_ID_NACK = RSVP_OBJECT_MESSAGE_ID_ACK,\r
+#define RSVP_OBJECT_MESSAGE_ID_NACK RSVP_OBJECT_MESSAGE_ID_NACK\r
+};\r
+/* RSVP TSPEC Class Service */\r
+enum tspec_service{\r
+#define TSPEC_MESSAGE_HEADER 4\r
+ TSPEC_TRAFFIC_SERVICE = 1,\r
+#define TSPEC_TRAFFIC_SERVICE TSPEC_TRAFFIC_SERVICE\r
+ TSPEC_GUARANTEED_SERVICE,\r
+#define TSPEC_GUARANTEED_SERVICE TSPEC_GUARANTEED_SERVICE\r
+#define TSPECT_TOKEN_BUCKET_SERVICE 127\r
+#define TSPEC_TOKEN_BUCKET_LENGTH 24\r
+#define TSPEC_SERVICES(foo) \\r
+ (foo == TSPEC_TRAFFIC_SERVICE || \\r
+ foo == TSPEC_GUARANTEED_SERVICE ? \\r
+ TSPEC_TOKEN_BUCKET_LENGTH : \\r
+ 0)\r
+};\r
+/* RSVP ADSPEC Class Service */\r
+enum adspec_service{\r
+#define ADSPEC_MESSAGE_HEADER 4\r
+#define ADSPEC_SERVDATA_HEADER 4\r
+#define ADSPEC_PARAMETER_DATA 4\r
+ ADSPEC_PARAMETER_SERVICE = 1,\r
+#define ADSPEC_PARAMETER_SERVICE ADSPEC_PARAMETER_SERVICE\r
+#define ADSPEC_PARAMETER_LENGTH \\r
+ (ADSPEC_MESSAGE_HEADER + \\r
+ ((ADSPEC_SERVDATA_HEADER + \\r
+ ADSPEC_PARAMETER_DATA) * 4))\r
+#define ADSPEC_PARAMETER_ISHOPCNT 4\r
+#define ADSPEC_PARAMETER_BANDWIDTH 6\r
+#define ADSPEC_PARAMETER_LATENCY 8\r
+#define ADSPEC_PARAMETER_COMPMTU 10\r
+ ADSPEC_GUARANTEED_SERVICE,\r
+#define ADSPEC_GUARANTEED_SERVICE ADSPEC_GUARANTEED_SERVICE\r
+#define ADSPEC_GUARANTEED_LENGTH \\r
+ (ADSPEC_MESSAGE_HEADER + \\r
+ ((ADSPEC_SERVDATA_HEADER + \\r
+ ADSPEC_PARAMETER_DATA) * 4))\r
+ ADSPEC_CONTROLLED_SERVICE = 5,\r
+#define ADSPEC_CONTROLLED_SERVICE ADSPEC_CONTROLLED_SERVICE\r
+#define ADSPEC_CONTROLLED_LENGTH ADSPEC_MESSAGE_HEADER\r
+#define ADSPEC_SERVICES(foo) \\r
+ (ADSPEC_PARAMETER_LENGTH + \\r
+ (foo == ADSPEC_CONTROLLED_SERVICE || \\r
+ foo == ADSPEC_GUARANTEED_SERVICE ? \\r
+ ADSPEC_GUARANTEED_LENGTH : \\r
+ 0) + \\r
+ (foo == ADSPEC_CONTROLLED_SERVICE ? \\r
+ ADSPEC_CONTROLLED_LENGTH : \\r
+ 0))\r
+};\r
+\r
+\r
+/* RSVP PROTOCOL STRUCTURES\r
+\r
+ RSVP protocol structures used by code.\r
+ Any new RSVP protocol structure should be added in this section. */\r
+/*\r
+ * Resource ReSerVation Protocol (RSVP) (RFC 2205)\r
+ *\r
+ * 3.1.1 Common Header\r
+ *\r
+ * 0 1 2 3\r
+ * +-------------+-------------+-------------+-------------+\r
+ * | Vers | Flags| Msg Type | RSVP Checksum |\r
+ * +-------------+-------------+-------------+-------------+\r
+ * | Send_TTL | (Reserved) | RSVP Length |\r
+ * +-------------+-------------+-------------+-------------+\r
+ */\r
+struct rsvp_common_hdr{\r
+#if defined(__LITTLE_ENDIAN_BITFIELD)\r
+ uint16_t flags:4, /* flags */\r
+ version:4, /* version */\r
+ type:8; /* message type */\r
+#elif defined(__BIG_ENDIAN_BITFIELD)\r
+ uint16_t version:4, /* version */\r
+ flags:4, /* flags */\r
+ type:8; /* message type */\r
+#else\r
+# error "Adjust your <asm/byteorder.h> defines"\r
+#endif\r
+ uint16_t check; /* checksum */\r
+ uint8_t ttl; /* time to live */\r
+ uint8_t reserved; /* reserved */\r
+ uint16_t length; /* message length */\r
+};\r
+\r
+#endif /* __RSVP_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+*/\r
+\r
+#ifndef __TCP_OPTIONS_H\r
+#define __TCP_OPTIONS_H 1\r
+\r
+#include <common.h>\r
+\r
+enum tcp_option{\r
+ TCPOPT_EOL = 0,\r
+#define TCPOPT_EOL TCPOPT_EOL\r
+ TCPOPT_NOP,\r
+#define TCPOPT_NOP TCPOPT_NOP\r
+ TCPOPT_MSS,\r
+#define TCPOPT_MSS TCPOPT_MSS\r
+#define TCPOLEN_MSS 4\r
+ TCPOPT_WSOPT,\r
+#define TCPOPT_WSOPT TCPOPT_WSOPT\r
+#define TCPOLEN_WSOPT 3\r
+ TCPOPT_SACK_OK,\r
+#define TCPOPT_SACK_OK TCPOPT_SACK_OK\r
+#define TCPOLEN_SACK_OK 2\r
+ TCPOPT_SACK_EDGE,\r
+#define TCPOPT_SACK_EDGE TCPOPT_SACK_EDGE\r
+/*\r
+ * TCP Selective Acknowledgement Options (SACK) (RFC 2018)\r
+ *\r
+ * A SACK option that specifies n blocks will have a length of 8*n+2\r
+ * bytes, so the 40 bytes available for TCP options can specify a\r
+ * maximum of 4 blocks. It is expected that SACK will often be used \r
+ * in conjunction with the Timestamp option used for RTTM,which takes\r
+ * an additional 10 bytes (plus two bytes of padding); thus a maximum\r
+ * of 3 SACK blocks will be allowed in this case.\r
+ */\r
+#define TCPOLEN_SACK_EDGE(foo) \\r
+ ((foo * (sizeof(uint32_t) * 2)) + \\r
+ TCPOLEN_SACK_OK)\r
+ TCPOPT_TSOPT = 8,\r
+#define TCPOPT_TSOPT TCPOPT_TSOPT\r
+#define TCPOLEN_TSOPT 10\r
+ TCPOPT_CC = 11,\r
+#define TCPOPT_CC TCPOPT_CC\r
+ TCPOPT_CC_NEW,\r
+#define TCPOPT_CC_NEW TCPOPT_CC_NEW\r
+ TCPOPT_CC_ECHO,\r
+#define TCPOPT_CC_ECHO TCPOPT_CC_ECHO\r
+#define TCPOLEN_CC 6\r
+ TCPOPT_MD5 = 19,\r
+#define TCPOPT_MD5 TCPOPT_MD5\r
+#define TCPOLEN_MD5 18\r
+ TCPOPT_AO = 29,\r
+#define TCPOPT_AO TCPOPT_AO\r
+#define TCPOLEN_AO 20\r
+\r
+/*\r
+ * Transmission Control Protocol (TCP) (RFC 793)\r
+ *\r
+ * Padding: variable\r
+ *\r
+ * The TCP header padding is used to ensure that the TCP header ends\r
+ * and data begins on a 32 bit boundary. The padding is composed of\r
+ * zeros.\r
+ */\r
+#define TCPOLEN_PADDING(foo) \\r
+ ((foo & 3) ? \\r
+ sizeof(uint32_t) - (foo & 3) : \\r
+ 0)\r
+};\r
+/* TCP Options bitmask. */\r
+enum tcp_option_bitmask{\r
+ TCP_OPTION_MSS = 0x01,\r
+#define TCP_OPTION_MSS TCP_OPTION_MSS\r
+ TCP_OPTION_WSOPT = 0x02,\r
+#define TCP_OPTION_WSOPT TCP_OPTION_WSOPT\r
+ TCP_OPTION_TSOPT = 0x04,\r
+#define TCP_OPTION_TSOPT TCP_OPTION_TSOPT\r
+ TCP_OPTION_SACK_OK = 0x08,\r
+#define TCP_OPTION_SACK_OK TCP_OPTION_SACK_OK\r
+ TCP_OPTION_CC = 0x10,\r
+#define TCP_OPTION_CC TCP_OPTION_CC\r
+ TCP_OPTION_CC_NEXT = 0x20,\r
+#define TCP_OPTION_CC_NEXT TCP_OPTION_CC_NEXT\r
+ TCP_OPTION_SACK_EDGE = 0x40,\r
+#define TCP_OPTION_SACK_EDGE TCP_OPTION_SACK_EDGE\r
+};\r
+\r
+#endif /* __TCP_OPTIONS_H */\r
--- /dev/null
+/*\r
+ * T50 - Experimental Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/* Function Name: DCCP packet header configuration.\r
+\r
+Description: This function configures and sends the DCCP packet header.\r
+\r
+Targets: N/A */\r
+void dccp(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* DCCP Header length. */\r
+ size_t dccp_length = dccp_packet_hdr_len(o->dccp.type);\r
+\r
+ /* DCCP Extended Sequence NUmber length. */\r
+ uint32_t dccp_ext_length = (o->dccp.ext ? \r
+ sizeof(struct dccp_hdr_ext) : \r
+ 0);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ sizeof(struct dccp_hdr) + \r
+ dccp_ext_length + \r
+ dccp_length;\r
+\r
+ /* Checksum offset and GRE offset. */\r
+ uint32_t offset;\r
+\r
+ /* Packet and Checksum. */\r
+ uint8_t packet[packet_size], *checksum;\r
+\r
+ /* Socket address and IP heade. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct iphdr * gre_ip;\r
+\r
+ /* DCCP header and PSEUDO header. */\r
+ struct dccp_hdr * dccp;\r
+ struct psdhdr * pseudo;\r
+\r
+ /* DCCP Headers. */\r
+ struct dccp_hdr_ext * dccp_ext;\r
+ struct dccp_hdr_request * dccp_req;\r
+ struct dccp_hdr_response * dccp_res;\r
+ struct dccp_hdr_ack_bits * dccp_ack;\r
+ struct dccp_hdr_reset * dccp_rst;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ /* IP Header structure making a pointer to Packet. */\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ gre_ip = gre_encapsulation(packet, o, \r
+ sizeof(struct iphdr) + \r
+ sizeof(struct dccp_hdr) + \r
+ dccp_ext_length + \r
+ dccp_length);\r
+\r
+ /* DCCP Header structure making a pointer to Packet. */\r
+ dccp = (struct dccp_hdr *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ dccp->dccph_sport = htons(IPPORT_RND(o->source)); \r
+ dccp->dccph_dport = htons(IPPORT_RND(o->dest));\r
+ /*\r
+ * Datagram Congestion Control Protocol (DCCP) (RFC 4340)\r
+ *\r
+ * Data Offset: 8 bits\r
+ * The offset from the start of the packet's DCCP header to the start\r
+ * of its application data area, in 32-bit words. The receiver MUST\r
+ * ignore packets whose Data Offset is smaller than the minimum-sized\r
+ * header for the given Type or larger than the DCCP packet itself.\r
+ */\r
+ dccp->dccph_doff = o->dccp.doff ? \r
+ o->dccp.doff : \r
+ (sizeof(struct dccp_hdr) + \r
+ dccp_length + \r
+ dccp_ext_length)/4;\r
+ dccp->dccph_type = o->dccp.type;\r
+ dccp->dccph_ccval = __4BIT_RND(o->dccp.ccval);\r
+ /*\r
+ * Datagram Congestion Control Protocol (DCCP) (RFC 4340)\r
+ *\r
+ * 9.2. Header Checksum Coverage Field\r
+ *\r
+ * The Checksum Coverage field in the DCCP generic header (see Section\r
+ * 5.1) specifies what parts of the packet are covered by the Checksum\r
+ * field, as follows:\r
+ *\r
+ * CsCov = 0 The Checksum field covers the DCCP header, DCCP\r
+ * options, network-layer pseudoheader, and all\r
+ * application data in the packet, possibly padded on \r
+ * the right with zeros to an even number of bytes.\r
+ *\r
+ * CsCov = 1-15 The Checksum field covers the DCCP header, DCCP\r
+ * options, network-layer pseudoheader, and the initial\r
+ * (CsCov-1)*4 bytes of the packet's application data.\r
+ */\r
+ dccp->dccph_cscov = o->dccp.cscov ? \r
+ (o->dccp.cscov-1)*4 : \r
+ (o->bogus_csum ? \r
+ __4BIT_RND(0) : \r
+ o->dccp.cscov);\r
+ /*\r
+ * Datagram Congestion Control Protocol (DCCP) (RFC 4340)\r
+ *\r
+ * 5.1. Generic Header\r
+ *\r
+ * The DCCP generic header takes different forms depending on the value\r
+ * of X, the Extended Sequence Numbers bit. If X is one, the Sequence\r
+ * Number field is 48 bits long, and the generic header takes 16 bytes,\r
+ * as follows.\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Source Port | Dest Port |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Data Offset | CCVal | CsCov | Checksum |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | | |X| | .\r
+ * | Res | Type |=| Reserved | Sequence Number (high bits) .\r
+ * | | |1| | .\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * . Sequence Number (low bits) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ *\r
+ * If X is zero, only the low 24 bits of the Sequence Number are\r
+ * transmitted, and the generic header is 12 bytes long.\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Source Port | Dest Port |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Data Offset | CCVal | CsCov | Checksum |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+\r
+ * | | |X| |\r
+ * | Res | Type |=| Sequence Number (low bits) |\r
+ * | | |0| |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ */\r
+ dccp->dccph_x = o->dccp.ext;\r
+ dccp->dccph_seq = htons(__16BIT_RND(o->dccp.sequence_01));\r
+ dccp->dccph_seq2 = o->dccp.ext ? \r
+ 0 : \r
+ __8BIT_RND(o->dccp.sequence_02);\r
+ dccp->dccph_checksum = 0;\r
+\r
+ /* Computing the Checksum offset. */\r
+ offset = sizeof(struct dccp_hdr);\r
+\r
+ /* Storing both Checksum and Packet. */\r
+ checksum = (uint8_t *)dccp + offset;\r
+\r
+ /* DCCP Extended Header structure making a pointer to Checksum. */\r
+ if (o->dccp.ext)\r
+ {\r
+ dccp_ext = (struct dccp_hdr_ext *)(checksum + (offset - sizeof(struct dccp_hdr)));\r
+ dccp_ext->dccph_seq_low = htonl(__32BIT_RND(o->dccp.sequence_03));\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct dccp_hdr_ext);\r
+ }\r
+\r
+ /* Identifying the DCCP Type and building it. */\r
+ switch (o->dccp.type)\r
+ {\r
+ case DCCP_PKT_REQUEST:\r
+ /* DCCP Request Header structure making a pointer to Checksum. */\r
+ dccp_req = (struct dccp_hdr_request *)(checksum + (offset - sizeof(struct dccp_hdr)));\r
+ dccp_req->dccph_req_service = htonl(__32BIT_RND(o->dccp.service));\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct dccp_hdr_request);\r
+ break;\r
+\r
+ case DCCP_PKT_RESPONSE:\r
+ /* DCCP Response Header structure making a pointer to Checksum. */\r
+ dccp_res = (struct dccp_hdr_response *)(checksum + (offset - sizeof(struct dccp_hdr)));\r
+ dccp_res->dccph_resp_ack.dccph_reserved1 = FIELD_MUST_BE_ZERO;\r
+ dccp_res->dccph_resp_ack.dccph_ack_nr_high = htons(__16BIT_RND(o->dccp.acknowledge_01));\r
+ dccp_res->dccph_resp_ack.dccph_ack_nr_low = htonl(__32BIT_RND(o->dccp.acknowledge_02));\r
+ dccp_res->dccph_resp_service = htonl(__32BIT_RND(o->dccp.service));\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct dccp_hdr_response);\r
+\r
+ case DCCP_PKT_DATA:\r
+ break;\r
+\r
+ case DCCP_PKT_DATAACK:\r
+ case DCCP_PKT_ACK:\r
+ case DCCP_PKT_SYNC:\r
+ case DCCP_PKT_SYNCACK:\r
+ case DCCP_PKT_CLOSE:\r
+ case DCCP_PKT_CLOSEREQ:\r
+ /* DCCP Acknowledgment Header structure making a pointer to Checksum. */\r
+ dccp_ack = (struct dccp_hdr_ack_bits *)(checksum + (offset - sizeof(struct dccp_hdr)));\r
+ dccp_ack->dccph_reserved1 = FIELD_MUST_BE_ZERO;\r
+ dccp_ack->dccph_ack_nr_high = htons(__16BIT_RND(o->dccp.acknowledge_01));\r
+ /* Until DCCP Options implementation. */\r
+ if (o->dccp.type == DCCP_PKT_DATAACK ||\r
+ o->dccp.type == DCCP_PKT_ACK)\r
+ dccp_ack->dccph_ack_nr_low = htonl(0x00000001);\r
+ else\r
+ dccp_ack->dccph_ack_nr_low = htonl(__32BIT_RND(o->dccp.acknowledge_02));\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct dccp_hdr_ack_bits);\r
+ break;\r
+\r
+ default:\r
+ /* DCCP Reset Header structure making a pointer to Checksum. */\r
+ dccp_rst = (struct dccp_hdr_reset *)(checksum + (offset - sizeof(struct dccp_hdr)));\r
+ dccp_rst->dccph_reset_ack.dccph_reserved1 = FIELD_MUST_BE_ZERO;\r
+ dccp_rst->dccph_reset_ack.dccph_ack_nr_high = htons(__16BIT_RND(o->dccp.acknowledge_01));\r
+ dccp_rst->dccph_reset_ack.dccph_ack_nr_low = htonl(__32BIT_RND(o->dccp.acknowledge_02));\r
+ dccp_rst->dccph_reset_code = __8BIT_RND(o->dccp.rst_code);\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct dccp_hdr_reset);\r
+ break;\r
+ }\r
+\r
+ /* Checksum making a pointer to PSEUDO Header structure. */\r
+ pseudo = (struct psdhdr *)(checksum + (offset - sizeof(struct dccp_hdr)));\r
+ pseudo->saddr = o->encapsulated ? \r
+ gre_ip->saddr : \r
+ ip->saddr;\r
+ pseudo->daddr = o->encapsulated ? \r
+ gre_ip->daddr : \r
+ ip->daddr;\r
+ pseudo->zero = 0;\r
+ pseudo->protocol = o->ip.protocol;\r
+ pseudo->len = htons(offset);\r
+\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct psdhdr);\r
+\r
+ /* Computing the checksum. */\r
+ dccp->dccph_checksum = o->bogus_csum ? \r
+ __16BIT_RND(0) : \r
+ cksum((uint16_t *)dccp, offset);\r
+\r
+ gre_checksum(packet, o, packet_size);\r
+\r
+ /* Sending Packet. */\r
+ if (sendto(fd, &packet, packet_size, 0|MSG_NOSIGNAL, (struct sockaddr *)&sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)\r
+ {\r
+ perror("sendto()");\r
+ /* Closing the socket. */\r
+ close(fd);\r
+ /* Exiting. */\r
+ exit(EXIT_FAILURE);\r
+ }\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/* Function Name: EGP packet header configuration.\r
+\r
+Description: This function configures and sends the EGP packet header.\r
+\r
+Targets: N/A */\r
+void egp(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ sizeof(struct egp_hdr) + \r
+ sizeof(struct egp_acq_hdr);\r
+\r
+ /* Checksum offset and GRE offset. */\r
+ uint32_t offset;\r
+\r
+ /* Packet and Checksum. */\r
+ uint8_t packet[packet_size], *checksum;\r
+\r
+ /* Socket address and IP header. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct iphdr * gre_ip __attribute__ ((unused));\r
+\r
+ /* EGP header and EGP acquire header. */\r
+ struct egp_hdr * egp;\r
+ struct egp_acq_hdr * egp_acq;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ /* IP Header structure making a pointer to Packet. */\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_ip = gre_encapsulation(packet, o,\r
+ sizeof(struct iphdr) + \r
+ sizeof(struct egp_hdr) + \r
+ sizeof(struct egp_acq_hdr));\r
+\r
+ /*\r
+ * @nbrito -- Tue Jan 18 11:09:34 BRST 2011\r
+ * XXX Have to work a little bit more deeply in packet building.\r
+ * XXX Checking EGP Type and building appropriate header.\r
+ */\r
+ /* EGP Header structure making a pointer to Packet. */\r
+ egp = (struct egp_hdr *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ egp->version = EGPVERSION; \r
+ egp->type = o->egp.type;\r
+ egp->code = o->egp.code;\r
+ egp->status = o->egp.status;\r
+ egp->as = __16BIT_RND(o->egp.as);\r
+ egp->sequence = __16BIT_RND(o->egp.sequence);\r
+ egp->check = 0;\r
+\r
+ /* Computing the Checksum offset. */\r
+ offset = sizeof(struct egp_hdr);\r
+\r
+ /* Storing both Checksum and Packet. */\r
+ checksum = (uint8_t *)egp + offset;\r
+\r
+ /* EGP Acquire Header structure making a pointer to Checksum. */\r
+ egp_acq = (struct egp_acq_hdr *)(checksum + (offset - sizeof(struct egp_hdr)));\r
+ egp_acq->hello = __16BIT_RND(o->egp.hello);\r
+ egp_acq->poll = __16BIT_RND(o->egp.poll);\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct egp_acq_hdr);\r
+\r
+ /* Computing the checksum. */\r
+ egp->check = o->bogus_csum ? \r
+ __16BIT_RND(0) : \r
+ cksum((uint16_t *)egp, offset);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_checksum(packet, o, packet_size);\r
+\r
+ /* Sending packet. */\r
+ if (sendto(fd, &packet, packet_size, 0|MSG_NOSIGNAL, (struct sockaddr *)&sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)\r
+ {\r
+ perror("sendto()");\r
+ /* Closing the socket. */\r
+ close(fd);\r
+ /* Exiting. */\r
+ exit(EXIT_FAILURE);\r
+ }\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/*\r
+ * prototypes.\r
+ */\r
+static size_t eigrp_hdr_len(const uint16_t, const uint16_t, const uint8_t, const uint32_t);\r
+\r
+/* Function Name: EIGRP packet header configuration.\r
+\r
+Description: This function configures and sends the EIGRP packet header.\r
+\r
+Targets: N/A */\r
+void eigrp(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* EIGRP Destination Address and Prefix. */\r
+ in_addr_t dest = INADDR_RND(o->eigrp.dest);\r
+\r
+ /* Must compute the EIGRP Destination Prefix here. */\r
+ uint32_t prefix = __5BIT_RND(o->eigrp.prefix);\r
+\r
+ /* EIGRP TLV size. */\r
+ size_t eigrp_tlv_len = eigrp_hdr_len(o->eigrp.opcode, o->eigrp.type, prefix, o->eigrp.auth);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ sizeof(struct eigrp_hdr) + \r
+ eigrp_tlv_len;\r
+\r
+ /* Checksum offset, GRE offset and Counter. */\r
+ uint32_t offset, counter;\r
+\r
+ /* Packet and Checksum. */\r
+ uint8_t packet[packet_size], *checksum;\r
+\r
+ /* Socket address and IP header. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct iphdr * gre_ip __attribute__ ((unused));\r
+\r
+ /* EIGRP header. */\r
+ struct eigrp_hdr * eigrp;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ /* IP Header structure making a pointer to Packet. */\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_ip = gre_encapsulation(packet, o, \r
+ sizeof(struct iphdr) + \r
+ sizeof(struct eigrp_hdr) + \r
+ eigrp_tlv_len);\r
+\r
+ /* \r
+ * Please, be advised that there is no deep information about EIGRP, no\r
+ * other than EIGRP PCAP files public available. Due to that I have done\r
+ * a deep analysis using live EIGRP PCAP files to build the EIGRP Packet.\r
+ *\r
+ * There are some really good resources, such as:\r
+ * http://www.protocolbase.net/protocols/protocol_EIGRP.php\r
+ * http://packetlife.net/captures/category/cisco-proprietary/\r
+ * http://oreilly.com/catalog/iprouting/chapter/ch04.html\r
+ *\r
+ * EIGRP Header structure making a pointer to IP Header structure.\r
+ */\r
+ eigrp = (struct eigrp_hdr *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ eigrp->version = o->eigrp.ver_minor ? \r
+ o->eigrp.ver_minor : \r
+ EIGRPVERSION;\r
+ eigrp->opcode = __8BIT_RND(o->eigrp.opcode);\r
+ eigrp->flags = htonl(__32BIT_RND(o->eigrp.flags));\r
+ eigrp->sequence = htonl(__32BIT_RND(o->eigrp.sequence));\r
+ eigrp->acknowledge = o->eigrp.type == EIGRP_TYPE_SEQUENCE ? \r
+ htonl(__32BIT_RND(o->eigrp.acknowledge)) : \r
+ 0;\r
+ eigrp->as = htonl(__32BIT_RND(o->eigrp.as));\r
+ eigrp->check = 0;\r
+\r
+ /* Computing the Checksum offset. */\r
+ offset = sizeof(struct eigrp_hdr);\r
+\r
+ /* Storing both Checksum and Packet. */\r
+ checksum = (uint8_t *)eigrp + offset;\r
+\r
+ /*\r
+ * Every live EIGRP PCAP file brings Authentication Data TLV first.\r
+ *\r
+ * The Authentication Data TVL must be used only in some cases:\r
+ * 1. IP Internal or External Routes TLV for Update\r
+ * 2. Software Version with Parameter TLVs for Hello\r
+ * 3. Next Multicast Sequence TLV for Hello\r
+ */\r
+ if (o->eigrp.auth)\r
+ {\r
+ if (o->eigrp.opcode == EIGRP_OPCODE_UPDATE ||\r
+ (o->eigrp.opcode == EIGRP_OPCODE_HELLO &&\r
+ (o->eigrp.type == EIGRP_TYPE_MULTICAST ||\r
+ o->eigrp.type == EIGRP_TYPE_SOFTWARE)))\r
+ {\r
+ /*\r
+ * Enhanced Interior Gateway Routing Protocol (EIGRP)\r
+ *\r
+ * Authentication Data TLV (EIGRP Type = 0x0002)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Type | Length |\r
+ * +---------------------------------------------------------------+\r
+ * | Authentication Method | Authentication Key Size |\r
+ * +---------------------------------------------------------------+\r
+ * | Authentication Key ID |\r
+ * +---------------------------------------------------------------+\r
+ * | |\r
+ * + +\r
+ * | Padding (?) |\r
+ * + +\r
+ * | |\r
+ * +---------------------------------------------------------------+\r
+ * | |\r
+ * + +\r
+ * | Authentication Key Block |\r
+ * + (MD5 Digest) +\r
+ * | |\r
+ * + +\r
+ * | |\r
+ * +---------------------------------------------------------------+\r
+ */\r
+ *((uint16_t *)checksum) = htons(EIGRP_TYPE_AUTH);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint16_t *)checksum) = htons(o->eigrp.length ? \r
+ o->eigrp.length : \r
+ EIGRP_TLEN_AUTH);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint16_t *)checksum) = htons(AUTH_TYPE_HMACMD5);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint16_t *)checksum) = htons(auth_hmac_md5_len(o->eigrp.auth));\r
+ checksum += sizeof(uint16_t);\r
+ *((uint32_t *)checksum) = htonl(__32BIT_RND(o->eigrp.key_id));\r
+ checksum += sizeof(uint32_t);\r
+ for(counter = 0 ; counter < EIGRP_PADDING_BLOCK ; counter++)\r
+ *checksum++ = FIELD_MUST_BE_ZERO;\r
+ /*\r
+ * The Authentication key uses HMAC-MD5 or HMAC-SHA-1 digest.\r
+ */\r
+ for(counter = 0 ; counter < auth_hmac_md5_len(o->eigrp.auth) ; counter++)\r
+ *checksum++ = __8BIT_RND(0);\r
+ /* Computing the Checksum offset. */\r
+ offset += EIGRP_TLEN_AUTH;\r
+ }\r
+ }\r
+\r
+ /*\r
+ * AFAIK, there are differences when building the EIGRP packet for\r
+ * Update, Request, Query and Reply. Any EIGRP PCAP file I saw does\r
+ * not carry Paremeter, Software Version and/or Multicast Sequence,\r
+ * instead, it carries Authentication Data, IP Internal and External\r
+ * Routes or nothing (depends on the EIGRP Type).\r
+ */\r
+ if (o->eigrp.opcode == EIGRP_OPCODE_UPDATE ||\r
+ o->eigrp.opcode == EIGRP_OPCODE_REQUEST ||\r
+ o->eigrp.opcode == EIGRP_OPCODE_QUERY ||\r
+ o->eigrp.opcode == EIGRP_OPCODE_REPLY)\r
+ {\r
+ if (o->eigrp.type == EIGRP_TYPE_INTERNAL ||\r
+ o->eigrp.type == EIGRP_TYPE_EXTERNAL)\r
+ {\r
+ /*\r
+ * Enhanced Interior Gateway Routing Protocol (EIGRP)\r
+ *\r
+ * IP Internal Routes TLV (EIGRP Type = 0x0102)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Type | Length |\r
+ * +---------------------------------------------------------------+\r
+ * | Next Hop Address |\r
+ * +---------------------------------------------------------------+\r
+ * | Delay |\r
+ * +---------------------------------------------------------------+\r
+ * | Bandwidth |\r
+ * +---------------------------------------------------------------+\r
+ * | Maximum Transmission Unit (MTU) | Hop Count |\r
+ * +---------------------------------------------------------------+\r
+ * | Reliability | Load | Reserved |\r
+ * +---------------------------------------------------------------+\r
+ * | Prefix //\r
+ * +---------------+\r
+ *\r
+ * +---------------------------------------------------------------+\r
+ * // Destination IP Address(es) (1-4 octets) |\r
+ * +---------------------------------------------------------------+\r
+ *\r
+ * IP External Routes TLV (EIGRP Type = 0x0103)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Type | Length |\r
+ * +---------------------------------------------------------------+\r
+ * | Next Hop Address |\r
+ * +---------------------------------------------------------------+\r
+ * | Originating Router |\r
+ * +---------------------------------------------------------------+\r
+ * | Originating Autonomous System |\r
+ * +---------------------------------------------------------------+\r
+ * | Arbitrary TAG |\r
+ * +---------------------------------------------------------------+\r
+ * | External Protocol Metric |\r
+ * +---------------------------------------------------------------+\r
+ * | Reserved1 | Ext. Proto ID | Flags |\r
+ * +---------------------------------------------------------------+\r
+ * | Delay |\r
+ * +---------------------------------------------------------------+\r
+ * | Bandwidth |\r
+ * +---------------------------------------------------------------+\r
+ * | Maximum Transmission Unit (MTU) | Hop Count |\r
+ * +---------------------------------------------------------------+\r
+ * | Reliability | Load | Reserved2 |\r
+ * +---------------------------------------------------------------+\r
+ * | Prefix //\r
+ * +---------------+\r
+ *\r
+ * +---------------------------------------------------------------+\r
+ * // Destination IP Address(es) (1-4 octets) |\r
+ * +---------------------------------------------------------------+\r
+ *\r
+ * The only difference between Internal and External Routes TLVs is 20\r
+ * octets.\r
+ */\r
+ *((uint16_t *)checksum) = htons(o->eigrp.type == EIGRP_TYPE_INTERNAL ? \r
+ EIGRP_TYPE_INTERNAL : \r
+ EIGRP_TYPE_EXTERNAL);\r
+ checksum += sizeof(uint16_t);\r
+ /*\r
+ * For both Internal and External Routes TLV the code must perform\r
+ * an additional step to compute the EIGRP header length, because \r
+ * it depends on the the EIGRP Prefix, and it can be 1-4 octets.\r
+ */\r
+ *((uint16_t *)checksum) = htons(o->eigrp.length ? \r
+ o->eigrp.length : \r
+ (o->eigrp.type == EIGRP_TYPE_INTERNAL ? \r
+ EIGRP_TLEN_INTERNAL : \r
+ EIGRP_TLEN_EXTERNAL) + \r
+ EIGRP_DADDR_LENGTH(prefix));\r
+ checksum += sizeof(uint16_t);\r
+ *((in_addr_t *)checksum) = INADDR_RND(o->eigrp.next_hop);\r
+ checksum += sizeof(in_addr_t);\r
+ /*\r
+ * The only difference between Internal and External Routes TLVs is 20\r
+ * octets. Building 20 extra octets for IP External Routes TLV.\r
+ */\r
+ if (o->eigrp.type == EIGRP_TYPE_EXTERNAL)\r
+ {\r
+ *((in_addr_t *)checksum) = INADDR_RND(o->eigrp.src_router);\r
+ checksum += sizeof(in_addr_t);\r
+ *((uint32_t *)checksum) = htonl(__32BIT_RND(o->eigrp.src_as));\r
+ checksum += sizeof(uint32_t);\r
+ *((uint32_t *)checksum) = htonl(__32BIT_RND(o->eigrp.tag));\r
+ checksum += sizeof(uint32_t);\r
+ *((uint32_t *)checksum) = htonl(__32BIT_RND(o->eigrp.proto_metric));\r
+ checksum += sizeof(uint32_t);\r
+ *((uint16_t *)checksum) = o->eigrp.opcode == EIGRP_OPCODE_UPDATE ? \r
+ FIELD_MUST_BE_ZERO : \r
+ htons(0x0004);\r
+ checksum += sizeof(uint16_t);\r
+ *checksum++ = __8BIT_RND(o->eigrp.proto_id);\r
+ *checksum++ = __8BIT_RND(o->eigrp.ext_flags);\r
+ }\r
+ *((uint32_t *)checksum) = htonl(__32BIT_RND(o->eigrp.delay));\r
+ checksum += sizeof(uint32_t);\r
+ *((uint32_t *)checksum) = htonl(__32BIT_RND(o->eigrp.bandwidth));\r
+ checksum += sizeof(uint32_t);\r
+ *((uint32_t *)checksum) = htonl(__24BIT_RND(o->eigrp.mtu) << 8);\r
+ checksum += sizeof(uint32_t) - 1;\r
+ *checksum++ = __8BIT_RND(o->eigrp.hop_count);\r
+ *checksum++ = __8BIT_RND(o->eigrp.reliability);\r
+ *checksum++ = __8BIT_RND(o->eigrp.load);\r
+ *((uint16_t *)checksum) = o->eigrp.opcode == EIGRP_OPCODE_UPDATE ? \r
+ FIELD_MUST_BE_ZERO : \r
+ htons(0x0004);\r
+ checksum += sizeof(uint16_t);\r
+ *checksum++ = prefix;\r
+ *((in_addr_t *)checksum) = EIGRP_DADDR_BUILD(dest, prefix);\r
+ checksum += EIGRP_DADDR_LENGTH(prefix);\r
+ /* Computing the Checksum offset. */\r
+ offset += (o->eigrp.type == EIGRP_TYPE_INTERNAL ? \r
+ EIGRP_TLEN_INTERNAL : \r
+ EIGRP_TLEN_EXTERNAL) + \r
+ EIGRP_DADDR_LENGTH(prefix);\r
+ }\r
+ /*\r
+ * In the other hand, EIGRP Packet for Hello can carry Paremeter, \r
+ * Software Version, Multicast Sequence or nothing (Acknowledge).\r
+ */\r
+ }else if (o->eigrp.opcode == EIGRP_OPCODE_HELLO)\r
+ {\r
+ /*\r
+ * AFAIK, EIGRP TLVs must follow a predefined sequence in order to\r
+ * be built. I am not sure whether any TLV's precedence will impact\r
+ * in the routers' processing of EIGRP Packet, so I am following \r
+ * exactly what I saw on live EIGRP PCAP files. Read the code and\r
+ * you will understand what I am talking about.\r
+ */\r
+ switch (o->eigrp.type)\r
+ {\r
+ case EIGRP_TYPE_PARAMETER:\r
+ /*\r
+ * Enhanced Interior Gateway Routing Protocol (EIGRP)\r
+ *\r
+ * General Parameter TLV (EIGRP Type = 0x0001)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Type | Length |\r
+ * +---------------------------------------------------------------+\r
+ * | K1 | K2 | K3 | K4 |\r
+ * +---------------------------------------------------------------+\r
+ * | K5 | Reserved | Hold Time |\r
+ * +---------------------------------------------------------------+\r
+ */\r
+eigrp_parameter: \r
+ *((uint16_t *)checksum) = htons(EIGRP_TYPE_PARAMETER);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint16_t *)checksum) = htons(o->eigrp.length ? \r
+ o->eigrp.length : \r
+ EIGRP_TLEN_PARAMETER);\r
+ checksum += sizeof(uint16_t);\r
+ *checksum++ = (o->eigrp.values & EIGRP_KVALUE_K1) == EIGRP_KVALUE_K1 ? \r
+ __8BIT_RND(o->eigrp.k1) : \r
+ o->eigrp.k1;\r
+ *checksum++ = (o->eigrp.values & EIGRP_KVALUE_K2) == EIGRP_KVALUE_K2 ? \r
+ __8BIT_RND(o->eigrp.k2) : \r
+ o->eigrp.k2;\r
+ *checksum++ = (o->eigrp.values & EIGRP_KVALUE_K3) == EIGRP_KVALUE_K3 ? \r
+ __8BIT_RND(o->eigrp.k3) : \r
+ o->eigrp.k3;\r
+ *checksum++ = (o->eigrp.values & EIGRP_KVALUE_K4) == EIGRP_KVALUE_K4 ? \r
+ __8BIT_RND(o->eigrp.k4) : \r
+ o->eigrp.k4;\r
+ *checksum++ = (o->eigrp.values & EIGRP_KVALUE_K5) == EIGRP_KVALUE_K5 ? \r
+ __8BIT_RND(o->eigrp.k5) : \r
+ o->eigrp.k5;\r
+ *checksum++ = FIELD_MUST_BE_ZERO;\r
+ *((uint16_t *)checksum) = htons(o->eigrp.hold);\r
+ checksum += sizeof(uint16_t);\r
+ /* Computing the Checksum offset. */\r
+ offset += EIGRP_TLEN_PARAMETER;\r
+ /* Going to the next TLV, if it needs to do so-> */\r
+ if (o->eigrp.type == EIGRP_TYPE_SOFTWARE ||\r
+ o->eigrp.type == EIGRP_TYPE_MULTICAST)\r
+ goto eigrp_software;\r
+ break;\r
+\r
+ case EIGRP_TYPE_SOFTWARE:\r
+ /* Going to the next TLV. */\r
+ goto eigrp_parameter;\r
+ /*\r
+ * Enhanced Interior Gateway Routing Protocol (EIGRP)\r
+ *\r
+ * Software Version TLV (EIGRP Type = 0x0004)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Type | Length |\r
+ * +---------------------------------------------------------------+\r
+ * | IOS Major | IOS Minor | EIGRP Major | EIGRP Minor |\r
+ * +---------------------------------------------------------------+\r
+ */\r
+eigrp_software: \r
+ *((uint16_t *)checksum) = htons(EIGRP_TYPE_SOFTWARE);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint16_t *)checksum) = htons(o->eigrp.length ? \r
+ o->eigrp.length : \r
+ EIGRP_TLEN_SOFTWARE);\r
+ checksum += sizeof(uint16_t);\r
+ *checksum++ = __8BIT_RND(o->eigrp.ios_major);\r
+ *checksum++ = __8BIT_RND(o->eigrp.ios_minor);\r
+ *checksum++ = __8BIT_RND(o->eigrp.ver_major);\r
+ *checksum++ = __8BIT_RND(o->eigrp.ver_minor);\r
+ /* Computing the Checksum offset. */\r
+ offset += EIGRP_TLEN_SOFTWARE;\r
+ /* Going to the next TLV, if it needs to do so-> */\r
+ if (o->eigrp.type == EIGRP_TYPE_MULTICAST)\r
+ goto eigrp_multicast;\r
+ break;\r
+\r
+ case EIGRP_TYPE_MULTICAST:\r
+ /* Going to the next TLV. */\r
+ goto eigrp_parameter;\r
+ /*\r
+ * Enhanced Interior Gateway Routing Protocol (EIGRP)\r
+ *\r
+ * Sequence TLV (EIGRP Type = 0x0003)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Type | Length |\r
+ * +---------------------------------------------------------------+\r
+ * | Addr Length //\r
+ * +---------------+\r
+ *\r
+ * +---------------------------------------------------------------+\r
+ * // IP Address |\r
+ * +---------------------------------------------------------------+\r
+ */\r
+eigrp_multicast:\r
+ *((uint16_t *)checksum) = htons(EIGRP_TYPE_SEQUENCE);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint16_t *)checksum) = htons(o->eigrp.length ? \r
+ o->eigrp.length : \r
+ EIGRP_TLEN_SEQUENCE);\r
+ checksum += sizeof(uint16_t);\r
+ *checksum++ = sizeof(o->eigrp.address);\r
+ *((in_addr_t *)checksum) = INADDR_RND(o->eigrp.address);\r
+ checksum += sizeof(in_addr_t);\r
+ /*\r
+ * Enhanced Interior Gateway Routing Protocol (EIGRP)\r
+ *\r
+ * Next Multicast Sequence TLV (EIGRP Type = 0x0005)\r
+ *\r
+ * 0 1 2 3 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Type | Length |\r
+ * +---------------------------------------------------------------+\r
+ * | Next Multicast Sequence |\r
+ * +---------------------------------------------------------------+\r
+ */ \r
+ *((uint16_t *)checksum) = htons(EIGRP_TYPE_MULTICAST);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint16_t *)checksum) = htons(o->eigrp.length ? \r
+ o->eigrp.length : \r
+ EIGRP_TLEN_MULTICAST);\r
+ checksum += sizeof(uint16_t);\r
+ *((uint32_t *)checksum) = htonl(__32BIT_RND(o->eigrp.multicast));\r
+ checksum += sizeof(uint32_t);\r
+ /* Computing the Checksum offset. */\r
+ offset += EIGRP_TLEN_MULTICAST + \r
+ EIGRP_TLEN_SEQUENCE;\r
+ break;\r
+ default:\r
+ break;\r
+ }\r
+ }\r
+\r
+ /* Computing the checksum. */\r
+ eigrp->check = o->bogus_csum ? \r
+ __16BIT_RND(0) : \r
+ cksum((uint16_t *)eigrp, offset);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_checksum(packet, o, packet_size);\r
+\r
+ /* Sending packet. */\r
+ if (sendto(fd, &packet, packet_size, 0|MSG_NOSIGNAL, (struct sockaddr *) &sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)\r
+ {\r
+ perror("sendto()");\r
+ /* Closing the socket. */\r
+ close(fd);\r
+ /* Exiting. */\r
+ exit(EXIT_FAILURE);\r
+ }\r
+}\r
+\r
+/* EIGRP header size calculation */\r
+static size_t eigrp_hdr_len(const uint16_t foo,\r
+ const uint16_t bar, const uint8_t baz, const uint32_t qux)\r
+{\r
+ /* The code starts with size '0' and it accumulates all the required\r
+ * size if the conditionals match. Otherwise, it returns size '0'. */\r
+ size_t size=0;\r
+\r
+ /*\r
+ * The Authentication Data TVL must be used only in some cases:\r
+ * 1. IP Internal or External Routes TLV for Update\r
+ * 2. Software Version with Parameter TLVs for Hello\r
+ * 3. Next Multicast Sequence TLV for Hello\r
+ */\r
+ if (qux)\r
+ {\r
+ if (foo == EIGRP_OPCODE_UPDATE ||\r
+ (foo == EIGRP_OPCODE_HELLO &&\r
+ (bar == EIGRP_TYPE_MULTICAST ||\r
+ bar == EIGRP_TYPE_SOFTWARE)))\r
+ size += EIGRP_TLEN_AUTH;\r
+ }\r
+ /*\r
+ * AFAIK, there are differences when building the EIGRP packet for\r
+ * Update, Request, Query and Reply. Any EIGRP PCAP file I saw does\r
+ * not carry Parameter, Software Version and/or Multicast Sequence,\r
+ * instead, it carries Authentication Data, IP Internal and External\r
+ * Routes or nothing (depends on the EIGRP Type).\r
+ */\r
+ if (foo == EIGRP_OPCODE_UPDATE ||\r
+ foo == EIGRP_OPCODE_REQUEST ||\r
+ foo == EIGRP_OPCODE_QUERY ||\r
+ foo == EIGRP_OPCODE_REPLY)\r
+ {\r
+ /*\r
+ * For both Internal and External Routes TLV the code must perform\r
+ * an additional step to compute the EIGRP header length, because \r
+ * it depends on the the EIGRP Prefix, and it can be 1-4 octets.\r
+ */\r
+ if (bar == EIGRP_TYPE_INTERNAL)\r
+ {\r
+ size += EIGRP_TLEN_INTERNAL;\r
+ size += EIGRP_DADDR_LENGTH(baz);\r
+ }else if (bar == EIGRP_TYPE_EXTERNAL)\r
+ {\r
+ size += EIGRP_TLEN_EXTERNAL;\r
+ size += EIGRP_DADDR_LENGTH(baz);\r
+ }\r
+ /*\r
+ * In the other hand, EIGRP Packet for Hello can carry Parameter, \r
+ * Software Version, Multicast Sequence or nothing (Acknowledge).\r
+ */\r
+ }\r
+ else if (foo == EIGRP_OPCODE_HELLO)\r
+ {\r
+ /*\r
+ * AFAIK, EIGRP TLVs must follow a predefined sequence in order to\r
+ * be built. I am not sure whether any TLV's precedence will impact\r
+ * in the routers' processing of EIGRP Packet, so I am following \r
+ * exactly what I saw on live EIGRP PCAP files. Read the code and\r
+ * you will understand what I am talking about.\r
+ */\r
+ switch(bar)\r
+ {\r
+ case EIGRP_TYPE_MULTICAST:\r
+ size += EIGRP_TLEN_MULTICAST;\r
+ size += EIGRP_TLEN_SEQUENCE;\r
+ case EIGRP_TYPE_SOFTWARE:\r
+ size += EIGRP_TLEN_SOFTWARE;\r
+ case EIGRP_TYPE_PARAMETER:\r
+ size += EIGRP_TLEN_PARAMETER;\r
+ break;\r
+ }\r
+ }\r
+\r
+ return size;\r
+}\r
+\r
--- /dev/null
+/*
+* T50 - Experimental Mixed Packet Injector
+*
+* Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>
+* Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <common.h>
+
+struct iphdr *gre_encapsulation(void *buffer, const struct config_options *o, uint32_t total_len)
+{
+ struct iphdr *ip, *gre_ip __attribute__ ((unused));
+ struct gre_hdr *gre;
+ struct gre_sum_hdr *gre_sum;
+ int offset;
+
+ /* GRE Encapsulation takes place. */
+ if (o->encapsulated)
+ {
+ ip = (struct iphdr *)buffer;
+ offset = sizeof(struct iphdr);
+
+ /* GRE Header structure making a pointer to IP Header structure. */
+ gre = (struct gre_hdr *)((uint8_t *)ip + offset);
+ gre->C = o->gre.C;
+ gre->K = o->gre.K;
+ gre->R = FIELD_MUST_BE_ZERO;
+ gre->S = o->gre.S;
+ gre->s = FIELD_MUST_BE_ZERO;
+ gre->recur = FIELD_MUST_BE_ZERO;
+ gre->version = GREVERSION;
+ gre->flags = FIELD_MUST_BE_ZERO;
+ gre->proto = htons(ETH_P_IP);
+
+ /* Computing the GRE offset. */
+ offset += sizeof(struct gre_hdr);
+
+ /* GRE CHECKSUM? */
+ if (o->gre.options & GRE_OPTION_CHECKSUM)
+ {
+ /* GRE CHECKSUM Header structure making a pointer to IP Header structure. */
+ gre_sum = (struct gre_sum_hdr *)((uint8_t *)ip + offset);
+ gre_sum->offset = FIELD_MUST_BE_ZERO;
+ gre_sum->check = 0;
+ /* Computing the GRE offset. */
+ offset += GRE_OPTLEN_CHECKSUM;
+ }
+
+ /* GRE KEY? */
+ if (o->gre.options & GRE_OPTION_KEY)
+ {
+ /* GRE KEY Header structure making a pointer to IP Header structure. */
+ struct gre_key_hdr *gre_key;
+
+ gre_key = (struct gre_key_hdr *)((uint8_t *)ip + offset);
+ gre_key->key = htonl(__32BIT_RND(o->gre.key));
+ /* Computing the GRE offset. */
+ offset += GRE_OPTLEN_KEY;
+ }
+
+ /* GRE SEQUENCE? */
+ if (o->gre.options & GRE_OPTION_SEQUENCE)
+ {
+ /* GRE SEQUENCE Header structure making a pointer to IP Header structure. */
+ struct gre_seq_hdr *gre_seq;
+
+ gre_seq = (struct gre_seq_hdr *)((uint8_t *)ip + offset);
+ gre_seq->sequence = htonl(__32BIT_RND(o->gre.sequence));
+ /* Computing the GRE offset. */
+ offset += GRE_OPTLEN_SEQUENCE;
+ }
+
+ /*
+ * Generic Routing Encapsulation over IPv4 networks (RFC 1702)
+ *
+ * IP as both delivery and payload protocol
+ *
+ * When IP is encapsulated in IP, the TTL, TOS, and IP security options
+ * MAY be copied from the payload packet into the same fields in the
+ * delivery packet. The payload packet's TTL MUST be decremented when the
+ * packet is decapsulated to insure that no packet lives forever.
+ */
+ /* GRE Encapsulated IP Header structure making a pointer to to IP Header structure. */
+ gre_ip = (struct iphdr *)((uint8_t *)ip + offset);
+ gre_ip->version = ip->version;
+ gre_ip->ihl = ip->ihl;
+ gre_ip->tos = ip->tos;
+ gre_ip->frag_off = ip->frag_off;
+ gre_ip->tot_len = htons(total_len);
+ gre_ip->id = ip->id;
+ gre_ip->ttl = ip->ttl;
+ gre_ip->protocol = o->ip.protocol;
+ gre_ip->saddr = o->gre.saddr ? o->gre.saddr : ip->saddr;
+ gre_ip->daddr = o->gre.daddr ? o->gre.daddr : ip->daddr;
+ /* Computing the checksum. */
+ //gre_ip->check = 0;
+ gre_ip->check = o->bogus_csum ?
+ __16BIT_RND(0) :
+ cksum((uint16_t *)gre_ip, sizeof(struct iphdr));
+
+ return gre_ip;
+ }
+
+ return NULL;
+}
+
+void gre_checksum(void *buffer, const struct config_options *o, uint32_t packet_size)
+{
+ struct iphdr *ip __attribute__ ((unused));
+ struct gre_hdr *gre;
+ struct gre_sum_hdr *gre_sum;
+
+ /* GRE Encapsulation takes place. */
+ if (o->encapsulated)
+ {
+ ip = (struct iphdr *)buffer;
+ gre = (struct gre_hdr *)((uint8_t *)buffer + sizeof(struct iphdr));
+ gre_sum = (struct gre_sum_hdr *)((uint8_t *)gre + sizeof(struct gre_hdr));
+
+ /* Computing the checksum. */
+ if (o->gre.options & GRE_OPTION_CHECKSUM)
+ gre_sum->check = o->bogus_csum ?
+ __16BIT_RND(0) :
+ cksum((uint16_t *)gre, packet_size - sizeof(struct iphdr));
+ }
+}
+
+/* Function Name: GRE header size calculation.
+
+ Description: This function calculates the size of GRE header.
+
+ Targets: N/A */
+size_t gre_opt_len(const uint8_t foo, const uint8_t bar)
+{
+ size_t size;
+
+ /*
+ * The code starts with size '0' and it accumulates all the required
+ * size if the conditionals match. Otherwise, it returns size '0'.
+ */
+ size = 0;
+
+ /*
+ * Returns the size of the entire GRE packet only in the case of
+ * encapsulation has been defined ('--encapsulated').
+ */
+ if(bar){
+ /*
+ * First thing is to accumulate GRE Header size.
+ */
+ size += sizeof(struct gre_hdr);
+
+ /*
+ * Checking whether add OPTIONAL header size.
+ *
+ * CHECKSUM HEADER?
+ */
+ if((foo & GRE_OPTION_CHECKSUM) == GRE_OPTION_CHECKSUM)
+ size += GRE_OPTLEN_CHECKSUM;
+ /* KEY HEADER? */
+ if((foo & GRE_OPTION_KEY) == GRE_OPTION_KEY)
+ size += GRE_OPTLEN_KEY;
+ /* SEQUENCE HEADER? */
+ if((foo & GRE_OPTION_SEQUENCE) == GRE_OPTION_SEQUENCE)
+ size += GRE_OPTLEN_SEQUENCE;
+
+ /*
+ * Accumulating an extra IP Header size.
+ */
+ size += sizeof(struct iphdr);
+ }
+
+ return(size);
+}
+
+
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/* Function Name: ICMP packet header configuration.\r
+\r
+Description: This function configures and sends the ICMP packet header.\r
+\r
+Targets: N/A */\r
+void icmp(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ sizeof(struct icmphdr);\r
+\r
+ /* Checksum offset and GRE offset. */\r
+ uint32_t offset;\r
+\r
+ /* Packet. */\r
+ uint8_t packet[packet_size];\r
+\r
+ /* Socket address and IP header. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct iphdr * gre_ip __attribute__ ((unused));\r
+\r
+ /* ICMP header. */\r
+ struct icmphdr * icmp;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ /* IP Header structure making a pointer to Packet. */\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_ip = gre_encapsulation(packet, o,\r
+ sizeof(struct iphdr) + \r
+ sizeof(struct icmphdr));\r
+\r
+ /* ICMP Header structure making a pointer to Packet. */\r
+ icmp = (struct icmphdr *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ icmp->type = o->icmp.type;\r
+ icmp->code = o->icmp.code;\r
+ icmp->un.echo.id = htons(__16BIT_RND(o->icmp.id));\r
+ icmp->un.echo.sequence = htons(__16BIT_RND(o->icmp.sequence));\r
+ if (o->icmp.type == ICMP_REDIRECT &&\r
+ (o->icmp.code == ICMP_REDIR_HOST ||\r
+ o->icmp.code == ICMP_REDIR_NET))\r
+ icmp->un.gateway = INADDR_RND(o->icmp.gateway);\r
+ icmp->checksum = 0;\r
+\r
+ /* Computing the Packet offset. */\r
+ offset = sizeof(struct icmphdr);\r
+\r
+ /* Computing the checksum. */\r
+ icmp->checksum = o->bogus_csum ? \r
+ __16BIT_RND(0) : \r
+ cksum((uint16_t *)icmp, offset);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_checksum(packet, o, packet_size);\r
+\r
+ /* Sending packet. */\r
+ if (sendto(fd, &packet, packet_size, 0|MSG_NOSIGNAL, (struct sockaddr *)&sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)\r
+ {\r
+ perror("sendto()");\r
+ /* Closing the socket. */\r
+ close(fd);\r
+ /* Exiting. */\r
+ exit(EXIT_FAILURE);\r
+ }\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/* Function Name: IGMPv1 packet header configuration.\r
+Description: This function configures and sends the IGMPv1 packet header. */\r
+void igmpv1(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ sizeof(struct igmphdr);\r
+\r
+ /* Checksum offset and GRE offset. */\r
+ uint32_t offset;\r
+\r
+ /* Packet. */\r
+ uint8_t packet[packet_size];\r
+\r
+ /* Socket address, IP header and IGMPv1 header. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct iphdr * gre_ip __attribute__ ((unused));\r
+\r
+ /* IGMPv1 header. */\r
+ struct igmphdr * igmpv1;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ /* IP Header structure making a pointer to Packet. */\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_ip = gre_encapsulation(packet, o,\r
+ sizeof(struct iphdr) + \r
+ sizeof(struct igmphdr));\r
+\r
+ /* IGMPv1 Header structure making a pointer to Packet. */\r
+ igmpv1 = (struct igmphdr *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ igmpv1->type = o->igmp.type;\r
+ igmpv1->code = o->igmp.code;\r
+ igmpv1->group = INADDR_RND(o->igmp.group);\r
+ igmpv1->csum = 0;\r
+ /* Computing the Packet offset. */\r
+ offset = sizeof(struct igmphdr);\r
+\r
+ /* Computing the checksum. */\r
+ igmpv1->csum = o->bogus_csum ? \r
+ __16BIT_RND(0) : \r
+ cksum((uint16_t *)igmpv1, offset);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_checksum(packet, o, packet_size);\r
+\r
+ /* Sending packet. */\r
+ if (sendto(fd, &packet, packet_size, 0|MSG_NOSIGNAL, (struct sockaddr *)&sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)\r
+ {\r
+ perror("sendto()");\r
+ /* Closing the socket. */\r
+ close(fd);\r
+ /* Exiting. */\r
+ exit(EXIT_FAILURE);\r
+ }\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/* Function Name: IGMPv3 packet header configuration.\r
+Description: This function configures and sends the IGMPv3 packet header. */\r
+void igmpv3(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ igmpv3_hdr_len(o->igmp.type, o->igmp.sources);\r
+\r
+ /* Checksum offset, GRE offset and Counter. */\r
+ uint32_t offset, counter;\r
+\r
+ /* Packet and Checksum. */\r
+ uint8_t packet[packet_size], *checksum;\r
+\r
+ /* Socket address and IP header. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct iphdr * gre_ip __attribute__ ((unused));\r
+\r
+ /* IGMPv3 Query header, IGMPv3 Report header and IGMPv3 GREC header. */\r
+ struct igmpv3_query * igmpv3_query;\r
+ struct igmpv3_report * igmpv3_report;\r
+ struct igmpv3_grec * igmpv3_grec;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ /* IP Header structure making a pointer to Packet. */\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_ip = gre_encapsulation(packet, o,\r
+ sizeof(struct iphdr) + \r
+ igmpv3_hdr_len(o->igmp.type, o->igmp.sources));\r
+\r
+ /* Identifying the IGMP Type and building it. */\r
+ if (o->igmp.type == IGMPV3_HOST_MEMBERSHIP_REPORT)\r
+ {\r
+ /* IGMPv3 Report Header structure making a pointer to Packet. */\r
+ igmpv3_report = (struct igmpv3_report *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ igmpv3_report->type = o->igmp.type;\r
+ igmpv3_report->resv1 = FIELD_MUST_BE_ZERO;\r
+ igmpv3_report->resv2 = FIELD_MUST_BE_ZERO;\r
+ igmpv3_report->ngrec = htons(1);\r
+ igmpv3_report->csum = 0;\r
+ /* Computing the Checksum offset. */\r
+ offset = sizeof(struct igmpv3_report);\r
+\r
+ /* Storing both Checksum and Packet. */\r
+ checksum = (uint8_t *)igmpv3_report + offset;\r
+\r
+ /* IGMPv3 Group Record Header structure making a pointer to Checksum. */\r
+ igmpv3_grec = (struct igmpv3_grec *)(checksum + (offset - sizeof(struct igmpv3_report)));\r
+ igmpv3_grec->grec_type = __8BIT_RND(o->igmp.grec_type);\r
+ igmpv3_grec->grec_auxwords = FIELD_MUST_BE_ZERO;\r
+ igmpv3_grec->grec_nsrcs = htons(o->igmp.sources);\r
+ igmpv3_grec->grec_mca = INADDR_RND(o->igmp.grec_mca);\r
+ checksum += sizeof(struct igmpv3_grec);\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct igmpv3_grec);\r
+ /* Dealing with source address(es). */\r
+ for(counter = 0 ; counter < o->igmp.sources ; counter++)\r
+ {\r
+ *((in_addr_t *)checksum) = INADDR_RND(o->igmp.address[counter]);\r
+ checksum += sizeof(in_addr_t);\r
+ }\r
+ /* Computing the Checksum offset. */\r
+ offset += IGMPV3_TLEN_NSRCS(o->igmp.sources);\r
+ /* Computing the checksum. */\r
+ igmpv3_report->csum = o->bogus_csum ? \r
+ __16BIT_RND(0) : \r
+ cksum((uint16_t *)igmpv3_report, offset);\r
+ }else{\r
+ /* IGMPv3 Query Header structure making a pointer to Packet. */\r
+ igmpv3_query = (struct igmpv3_query *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ igmpv3_query->type = o->igmp.type;\r
+ igmpv3_query->code = o->igmp.code;\r
+ igmpv3_query->group = INADDR_RND(o->igmp.group);\r
+ igmpv3_query->suppress = o->igmp.suppress;\r
+ igmpv3_query->qrv = __3BIT_RND(o->igmp.qrv);\r
+ igmpv3_query->qqic = __8BIT_RND(o->igmp.qqic);\r
+ igmpv3_query->nsrcs = htons(o->igmp.sources);\r
+ igmpv3_query->csum = 0;\r
+ /* Computing the Checksum offset. */\r
+ offset = sizeof(struct igmpv3_query);\r
+\r
+ /* Storing both Checksum and Packet. */\r
+ checksum = (uint8_t *)igmpv3_query + offset;\r
+\r
+ /* Dealing with source address(es). */\r
+ for(counter = 0 ; counter < o->igmp.sources ; counter++)\r
+ {\r
+ *((in_addr_t *)checksum) = INADDR_RND(o->igmp.address[counter]);\r
+ checksum += sizeof(in_addr_t);\r
+ }\r
+ /* Computing the Checksum offset. */\r
+ offset += IGMPV3_TLEN_NSRCS(o->igmp.sources);\r
+ /* Computing the checksum. */\r
+ igmpv3_query->csum = o->bogus_csum ? \r
+ __16BIT_RND(0) : \r
+ cksum((uint16_t *)igmpv3_query, offset);\r
+ }\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_checksum(packet, o, packet_size);\r
+\r
+ /* Sending Packet. */\r
+ if (sendto(fd, &packet, packet_size, 0|MSG_NOSIGNAL, (struct sockaddr *)&sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)\r
+ {\r
+ perror("sendto()");\r
+ /* Closing the socket. */\r
+ close(fd);\r
+ /* Exiting. */\r
+ exit(EXIT_FAILURE);\r
+ }\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/* Function Name: IPSec packet header configuration.\r
+\r
+Description: This function configures and sends the IPSec packet header.\r
+\r
+Targets: N/A */\r
+void ipsec(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* IPSec AH Integrity Check Value (ICV) */\r
+ size_t ip_ah_icv = sizeof(uint32_t) * 3;\r
+\r
+ /* IPSec ESP Data Encrypted (RANDOM). */\r
+ size_t esp_data = auth_hmac_md5_len(1);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ sizeof(struct ip_auth_hdr) + \r
+ ip_ah_icv +\r
+ sizeof(struct ip_esp_hdr) + \r
+ esp_data;\r
+\r
+ /* Checksum offset, GRE offset and Counter. */\r
+ uint32_t offset, counter;\r
+\r
+ /* Packet. */\r
+ uint8_t packet[packet_size], *checksum;\r
+\r
+ /* Socket address, IP header and IPSec AH header. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct iphdr * gre_ip __attribute__ ((unused));\r
+\r
+ /* IPSec AH header and IPSec ESP Header. */\r
+ struct ip_auth_hdr * ip_auth;\r
+ struct ip_esp_hdr * ip_esp;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_ip = gre_encapsulation(packet, o,\r
+ sizeof(struct iphdr) + \r
+ sizeof(struct ip_auth_hdr) + \r
+ ip_ah_icv +\r
+ sizeof(struct ip_esp_hdr) + \r
+ esp_data);\r
+\r
+ /* IPSec AH Header structure making a pointer to IP Header structure. */\r
+ ip_auth = (struct ip_auth_hdr *)((uint8_t *)ip + sizeof(struct iphdr) + greoptlen);\r
+ ip_auth->nexthdr = IPPROTO_ESP;\r
+ ip_auth->hdrlen = o->ipsec.ah_length ? \r
+ o->ipsec.ah_length : \r
+ (sizeof(struct ip_auth_hdr)/4) + (ip_ah_icv/ip_ah_icv);\r
+ ip_auth->spi = htonl(__32BIT_RND(o->ipsec.ah_spi));\r
+ ip_auth->seq_no = htonl(__32BIT_RND(o->ipsec.ah_sequence));\r
+\r
+ /* Computing the Checksum offset. */\r
+ offset = sizeof(struct ip_auth_hdr);\r
+\r
+ /* Storing both Checksum and Packet. */\r
+ checksum = (uint8_t *)ip_auth + offset;\r
+\r
+ /*\r
+ * IP Authentication Header (RFC 2402)\r
+ *\r
+ * 2. Authentication Header Format\r
+ *\r
+ * 0 1 2 3\r
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Next Header | Payload Len | RESERVED |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Security Parameters Index (SPI) |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | Sequence Number Field |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ * | |\r
+ * + Authentication Data (variable) |\r
+ * | |\r
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
+ */\r
+ /* Setting a fake encrypted content. */\r
+ for(counter = 0 ; counter < ip_ah_icv ; counter++)\r
+ *checksum++ = __8BIT_RND(0);\r
+\r
+ /* IPSec ESP Header structure making a pointer to Checksum. */\r
+ ip_esp = (struct ip_esp_hdr *)(checksum + (offset - sizeof(struct ip_auth_hdr)));\r
+ ip_esp->spi = htonl(__32BIT_RND(o->ipsec.esp_spi));\r
+ ip_esp->seq_no = htonl(__32BIT_RND(o->ipsec.esp_sequence));\r
+ /* Computing the Checksum offset. */\r
+ offset += sizeof(struct ip_esp_hdr);\r
+ /* Carrying forward the Checksum. */\r
+ checksum += sizeof(struct ip_esp_hdr);\r
+\r
+ /* Setting a fake encrypted content. */\r
+ for(counter = 0 ; counter < esp_data ; counter++)\r
+ *checksum++ = __8BIT_RND(0);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ gre_checksum(packet, o, packet_size);\r
+\r
+ /* Sending packet. */\r
+ if (sendto(fd, &packet, packet_size, 0|MSG_NOSIGNAL, (struct sockaddr *)&sin, sizeof(struct sockaddr)) == -1 && errno != EPERM)\r
+ {\r
+ perror("sendto()");\r
+ /* Closing the socket. */\r
+ close(fd);\r
+ /* Exiting. */\r
+ exit(EXIT_FAILURE);\r
+ }\r
+}\r
--- /dev/null
+/*\r
+ * T50 - Experimental Mixed Packet Injector\r
+ *\r
+ * Copyright (C) 2010 - 2011 Nelson Brito <nbrito@sekure.org>\r
+ * Copyright (C) 2011 - Fernando Mercês <fernando@mentebinaria.com.br>\r
+ *\r
+ * This program is free software: you can redistribute it and/or modify\r
+ * it under the terms of the GNU General Public License as published by\r
+ * the Free Software Foundation, either version 2 of the License, or\r
+ * (at your option) any later version.\r
+ *\r
+ * This program is distributed in the hope that it will be useful,\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ * GNU General Public License for more details.\r
+ *\r
+ * You should have received a copy of the GNU General Public License\r
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.\r
+ */\r
+\r
+#include <common.h>\r
+\r
+/*\r
+ * prototypes.\r
+ */\r
+static size_t ospf_hdr_len(const uint8_t, const uint8_t, const uint8_t, const uint8_t);\r
+\r
+/* Function Name: OSPF packet header configuration.\r
+\r
+Description: This function configures and sends the OSPF packet header.\r
+\r
+Targets: N/A */\r
+void ospf(const socket_t fd, const struct config_options *o)\r
+{\r
+ /* GRE options size. */\r
+ size_t greoptlen = gre_opt_len(o->gre.options, o->encapsulated);\r
+\r
+ /* OSPF options? */\r
+ const uint8_t ospf_options = __8BIT_RND(o->ospf.options);\r
+\r
+ /* OSPF LLS Header? */\r
+ uint8_t lls = ((ospf_options & OSPF_OPTION_LLS) == OSPF_OPTION_LLS ? 1 : 0);\r
+\r
+ /* OSPF Header length. */\r
+ size_t ospf_length = ospf_hdr_len(o->ospf.type, o->ospf.neighbor, o->ospf.lsa_type, o->ospf.dd_include_lsa);\r
+\r
+ /* Packet size. */\r
+ const uint32_t packet_size = sizeof(struct iphdr) + \r
+ greoptlen + \r
+ sizeof(struct ospf_hdr) + \r
+ sizeof(struct ospf_auth_hdr) + \r
+ ospf_length + \r
+ auth_hmac_md5_len(o->ospf.auth) + \r
+ ospf_tlv_len(o->ospf.type, lls, o->ospf.auth);\r
+\r
+ /* Checksum offset, GRE offset and Counter. */\r
+ uint32_t offset, counter;\r
+\r
+ /* Packet and Checksum. */\r
+ uint8_t packet[packet_size], *checksum;\r
+\r
+ /* Socket address and IP header. */\r
+ struct sockaddr_in sin;\r
+ struct iphdr * ip;\r
+\r
+ /* GRE Encapsulated IP Header. */\r
+ struct gre_hdr * gre = NULL;\r
+ struct gre_sum_hdr * gre_sum = NULL;\r
+ struct iphdr * gre_ip __attribute__ ((unused)) = NULL;\r
+\r
+ /* OSPF header. */\r
+ struct ospf_hdr * ospf;\r
+\r
+ /* OSPF Auth header, LSA header and LLS TLVs. */\r
+ struct ospf_auth_hdr * ospf_auth;\r
+ struct ospf_lsa_hdr * ospf_lsa;\r
+ struct ospf_lls_hdr * ospf_lls;\r
+\r
+ /* Setting SOCKADDR structure. */\r
+ sin.sin_family = AF_INET;\r
+ sin.sin_port = htons(IPPORT_RND(o->dest));\r
+ sin.sin_addr.s_addr = o->ip.daddr;\r
+\r
+ /* IP Header structure making a pointer to Packet. */\r
+ ip = (struct iphdr *)packet;\r
+ ip->version = IPVERSION;\r
+ ip->ihl = sizeof(struct iphdr)/4;\r
+ ip->tos = o->ip.tos;\r
+ ip->frag_off = htons(o->ip.frag_off ? \r
+ (o->ip.frag_off >> 3) | IP_MF : \r
+ o->ip.frag_off | IP_DF);\r
+ ip->tot_len = htons(packet_size);\r
+ ip->id = htons(__16BIT_RND(o->ip.id));\r
+ ip->ttl = o->ip.ttl;\r
+ ip->protocol = o->encapsulated ? \r
+ IPPROTO_GRE : \r
+ o->ip.protocol;\r
+ ip->saddr = INADDR_RND(o->ip.saddr);\r
+ ip->daddr = o->ip.daddr;\r
+ /* The code does not have to handle this, Kernel will do-> */\r
+ ip->check = 0;\r
+\r
+ /* Computing the GRE Offset. */\r
+ offset = sizeof(struct iphdr);\r
+\r
+ /* GRE Encapsulation takes place. */\r
+ if (o->encapsulated)\r
+ {\r
+ /* GRE Header structure making a pointer to IP Header structure. */\r
+ gre = (struct gre_hdr *)((uint8_t *)ip + offset);\r
+ gre->C = o->gre.C;\r
+ gre->K = o->gre.K;\r
+ gre->R = FIELD_MUST_BE_ZERO;\r
+ gre->S = o->gre.S;\r
+ gre->s = FIELD_MUST_BE_ZERO;\r
+ gre->recur = FIELD_MUST_BE_ZERO;\r
+ gre->version = GREVERSION;\r
+ gre->flags = FIELD_MUST_BE_ZERO;\r
+ gre->proto = htons(ETH_P_IP);\r
+ /* Computing the GRE offset. */\r
+ offset += sizeof(struct gre_hdr);\r
+\r
+ /* GRE CHECKSUM? */\r
+ if (o->gre.options & GRE_OPTION_CHECKSUM)\r
+ {\r
+ /* GRE CHECKSUM Header structure making a pointer to IP Header structure. */\r
+ gre_sum = (struct gre_sum_hdr *)((uint8_t *)ip + offset);\r
+ gre_sum->offset = FIELD_MUST_BE_ZERO;\r
+ gre_sum->check = 0;\r
+ /* Computing the GRE offset. */\r
+ offset += GRE_OPTLEN_CHECKSUM;\r
+ }\r
+\r
+ /* GRE KEY? */\r
+ if (o->gre.options & GRE_OPTION_KEY)\r
+ {\r
+ /* GRE KEY Header structure making a pointer to IP Header structure. */\r
+ struct gre_key_hdr *gre_key;\r
+\r
+ gre_key = (struct gre_key_hdr *)((uint8_t *)ip + offset);\r
+ gre_key->key = htonl(__32BIT_RND(o->gre.key));\r
+ /* Computing the GRE offset. */\r
+ offset += GRE_OPTLEN_KEY;\r
+ }\r
+\r
+ /* GRE SEQUENCE? */\r
+ if (o->gre.options & GRE_OPTION_SEQUENCE)\r
+ {\r
+ /* GRE SEQUENCE Header structure making a pointer to IP Header structure. */\r
+ struct gre_seq_hdr *gre_seq;\r
+\r
+ gre_seq = (struct gre_seq_hdr *)((uint8_t *)ip + offset);\r
+ gre_seq->sequence = htonl(__32BIT_RND(o->gre.sequence));\r
+ /* Computing the GRE offset. */\r
+ offset += GRE_OPTLEN_SEQUENCE;\r
+ }\r
+\r
+ /*\r
+ * Generic Routing Encapsulation over IPv4 networks (RFC 1702)\r
+ *\r
+ * IP as both delivery and payload protocol\r
+ *\r
+ * When IP is encapsulated in IP, the TTL, TOS, and IP security options\r
+ * MAY be copied from the payload packet into the same fields in the\r
+
Kali Linux Git Repositories / packages / t50.git / commitdiff