def test_empty_mixed2_w_rt_hdr_registered(child, iface, hw_dst, ll_dst, ll_src): # Register to routing header register_protnum(child, EXT_HDR_NH[IPv6ExtHdrRouting]) # Try sending a packet with a number of extension headers in not recommended # (but legal) order sendp(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrHopByHop() / IPv6ExtHdrRouting() / IPv6ExtHdrDestOpt() / IPv6ExtHdrFragment() / UDP() / "\x01\x02", iface=iface, verbose=0) # Routing header with payload child.expect(r"~~ SNIP 0 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len = int(child.match.group(1)) # NH = IPv6ExtHdrDestOpt, len = 0x00, routing type = 0, segments left = 0 # NH = IPv6ExtHdrFragment, len = 0x00, PadN option (0x01) of length 0x04 child.expect(r"00000000 {:02X} 00 00 00 00 00 00 00 " r"{:02X} 00 01 04 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrDestOpt], EXT_HDR_NH[IPv6ExtHdrFragment])) # NH = 17 (UDP), reserved = 0x00, fragment offset = 0, res = 0, M = 0 child.expect(r"00000010 11 00 00 00 00 00 00 00") # Hop-by-hop-option child.expect(r"~~ SNIP 1 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len += int(child.match.group(1)) # NH = IPv6ExtHdrRouting, len = 0x00, PadN option (0x01) of length 0x04 child.expect(r"00000000 {:02X} 00 01 04 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrRouting])) # IPv6 header child.expect(r"~~ SNIP 2 - size:\s+40 byte, type: NETTYPE_IPV6 \(\d+\)") child.expect_exact(r"length: {} next header: {}".format( ipv6_payload_len, EXT_HDR_NH[IPv6ExtHdrHopByHop])) child.expect_exact(r"destination address: {}".format(ll_dst)) pktbuf_empty(child) unregister(child)
def test_forward_uncomp_not_first_ext_hdr(child, iface, hw_dst, ll_dst, ll_src): dummy = "affe::1" hl = random.randint(2, 255) # sniffing for packets to dummy sniffer.start_sniff(lambda p: p[Ether].src == hw_dst) # add dummy IPv6 address dst_iface = get_first_interface(child) hw_src = get_host_hwaddr(iface) add_neighbor(child, dst_iface, dummy, hw_src) sendp(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src, hlim=hl) / IPv6ExtHdrHopByHop() / IPv6ExtHdrRouting(type=3, segleft=1, addresses=[dummy]), iface=iface, verbose=0) ps = sniffer.wait_for_sniff_results() p = [p for p in ps if p[Ether].src == hw_dst] assert (len(p) > 0) p = p[0] assert (IPv6 in p) assert (IPv6ExtHdrRouting in p) assert (p[IPv6].src == ll_src) assert (p[IPv6].dst == dummy) assert (p[IPv6].hlim == (hl - 1)) assert (p[IPv6ExtHdrRouting].type == 3) assert (p[IPv6ExtHdrRouting].segleft == 0) pktbuf_empty(child) del_neighbor(child, dst_iface, dummy)
def test_empty_routing_header_wo_register(child, iface, hw_dst, ll_dst, ll_src): # Try sending an empty routing header sendp(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting() / UDP(), iface=iface, verbose=0) pktbuf_empty(child)
def makeRH0(dstip, ethaddr, addrs): rh0 = IPv6ExtHdrRouting() rh0.type = 0 rh0.segleft = len(addrs) rh0.addresses = addrs rh0.len = len(addrs) * 2 # Payload length in 8-byte units (128/8 = 16) return makePacket(dstip, ethaddr, rh0)
def test_time_exc(child, iface, hw_dst, ll_dst, ll_src): dummy = "affe::1" p = srp1(Ether(dst=hw_dst) / IPv6(dst=ll_dst, hlim=1, src=ll_src) / IPv6ExtHdrRouting(type=3, segleft=1, addresses=[dummy]), iface=iface, timeout=1, verbose=0) assert (p is not None) assert (ICMPv6TimeExceeded in p) assert (p[ICMPv6TimeExceeded].code == 0) pktbuf_empty(child)
def test_wrong_type(child, iface, hw_dst, ll_dst, ll_src): p = srp1(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting(type=255, segleft=1, addresses=["abcd::1"]), iface=iface, timeout=1, verbose=0) assert (p is not None) assert (ICMPv6ParamProblem in p) assert (p[ICMPv6ParamProblem].code == 0 ) # erroneous header field encountered assert (p[ICMPv6ParamProblem].ptr == 42) # routing header type field pktbuf_empty(child)
def handle_pkt(pkt): #if UDP in pkt and pkt[UDP].dport == 2152: #if UDP in pkt: print "got a packet" pkt.show2() #hexdump(pkt) print "===================================ENVIANDO PACOTE ALTERADO=============================" #new implementation time.sleep(5) if pkt.segleft >= 0: new = Ether(src=pkt[Ether].dst, dst=pkt[Ether].src) extension = IPv6ExtHdrRouting() extension.segleft = pkt.segleft - 1 extension.addresses = pkt.addresses if extension.segleft == 1: new = new / IPv6( dst=extension.addresses[1], src="2001:0DB8:AC10:FE01:0000:0000:0000:0003" ) / extension / UDP( sport=64515, dport=2152) / GTP_U_Header(TEID=32) / IPv6( dst="2001:0DB8:AC10:FE01:0000:0000:0000:0001", src="2001:0DB8:AC10:FE01:0000:0000:0000:0006") / "host3" if extension.segleft == 0: new = new / IPv6( dst=extension.addresses[0], src="2001:0DB8:AC10:FE01:0000:0000:0000:0003" ) / extension / UDP( sport=64515, dport=2152) / GTP_U_Header(TEID=32) / IPv6( dst="2001:0DB8:AC10:FE01:0000:0000:0000:0001", src="2001:0DB8:AC10:FE01:0000:0000:0000:0006") / "host3" new.show2() sendp(new, loop=0, count=1) #end of new implementation #old implementation #time.sleep(5) #pkt2 = pkt #temp = pkt[Ether].src #pkt2[Ether].src = pkt2[Ether].dst #pkt2[Ether].dst = temp #pkt2.segleft = pkt2.segleft - 1 #if pkt2.segleft == 1: # pkt2[IPv6].dst = pkt2.addresses[1]; #if pkt2.segleft == 0: # pkt2[IPv6].dst = pkt2.addresses[0]; #pkt2[Raw] = (b"host3") #pkt2.show2() #sendp(pkt2, loop=0, count=1) #sr1(sendp(pkt2, loop=1, verbose = False)) ja estava comentado main()
def test_multicast_addr(child, iface, hw_dst, ll_dst, ll_src): # Send routing header with multicast address in its destinations p = srp1(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting(type=3, segleft=1, addresses=["ff02::1"]), iface=iface, timeout=1, verbose=0) assert (p is not None) assert (ICMPv6ParamProblem in p) assert (p[ICMPv6ParamProblem].code == 0 ) # erroneous header field encountered assert (p[ICMPv6ParamProblem].ptr == 48) # first address in routing header pktbuf_empty(child)
def test_seg_left_gt_len_addresses(child, iface, hw_dst, ll_dst, ll_src): # send routing header with no (0) addresses but segleft set to a value # larger than 0 p = srp1(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting(type=3, segleft=18, addresses=[]), iface=iface, timeout=1, verbose=0) assert (p is not None) assert (ICMPv6ParamProblem in p) assert (p[ICMPv6ParamProblem].code == 0 ) # erroneous header field encountered assert (p[ICMPv6ParamProblem].ptr == 43) # segleft field pktbuf_empty(child)
def test_multicast_dst(child, iface, hw_dst, ll_dst, ll_src): # sniffing for ICMPv6 parameter problem message sniffer.start_sniff(lambda p: p.haslayer(ICMPv6ParamProblem)) # send routing header with multicast destination sendp(Ether(dst=hw_dst) / IPv6(dst="ff02::1", src=ll_src) / IPv6ExtHdrRouting(type=3, segleft=1, addresses=["abcd::1"]), iface=iface, verbose=0) ps = sniffer.wait_for_sniff_results() p = [p for p in ps if ICMPv6ParamProblem in p] assert (len(p) > 0) p = p[0] assert (p[ICMPv6ParamProblem].code == 0 ) # erroneous header field encountered assert (p[ICMPv6ParamProblem].ptr == 24) # IPv6 headers destination field pktbuf_empty(child)
def test_empty_routing_header_w_register(child, iface, hw_dst, ll_dst, ll_src): # Register to routing header register_protnum(child, EXT_HDR_NH[IPv6ExtHdrRouting]) # Try sending an empty routing header sendp(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting() / UDP() / "\x01\x02", iface=iface, verbose=0) child.expect(r"~~ SNIP 0 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len = int(child.match.group(1)) # NH = 17 (UDP), len = 0x00, routing type = 0, segments left = 0 child.expect(r"00000000 11 00 00 00 00 00 00 00") child.expect(r"~~ SNIP 1 - size:\s+40 byte, type: NETTYPE_IPV6 \(\d+\)") child.expect_exact(r"length: {} next header: {}".format( ipv6_payload_len, EXT_HDR_NH[IPv6ExtHdrRouting])) child.expect_exact(r"destination address: {}".format(ll_dst)) pktbuf_empty(child) unregister(child)
def test_multiple_addrs_of_mine_uncomp(child, iface, hw_dst, ll_dst, ll_src): dummy = "affe::1" # add dummy IPv6 address dst_iface = get_first_interface(child) add_ipv6_address(child, dst_iface, dummy) p = srp1(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting( type=3, segleft=3, addresses=[ll_dst, ll_src, dummy]), iface=iface, timeout=1, verbose=0) assert (p is not None) assert (ICMPv6ParamProblem in p) assert (p[ICMPv6ParamProblem].code == 0 ) # erroneous header field encountered assert (p[ICMPv6ParamProblem].ptr == 40 + 8 + (2 * 16) ) # dummy in routing header pktbuf_empty(child) del_ipv6_address(child, dst_iface, dummy)
def test_multicast_addr(child, iface, hw_dst, ll_dst, ll_src): # sniffing for ICMPv6 parameter problem message sniffer.start_sniff(lambda p: p.haslayer(ICMPv6ParamProblem) or (p.haslayer(UDP) and (p[IPv6].dst != ll_dst))) # Send routing header with multicast address in its destinations sendp(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting(type=3, segleft=1, addresses=["abcd::1"]) / UDP(dport=2606), iface=iface, verbose=0) ps = sniffer.wait_for_sniff_results() p = [ p for p in ps if (ICMPv6ParamProblem in p) or ( (UDP in p) and (p[UDP].dport == 2606) and (p[IPv6].dst != ll_dst)) ] # packet should be discarded silently: # see https://tools.ietf.org/html/rfc6554#section-4.2 assert (len(p) == 0) pktbuf_empty(child)
def test_seq_left_0(child, iface, hw_dst, ll_dst, ll_src): register_protnum(child) sendp(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrRouting(type=3, segleft=0), iface=iface, verbose=0) # we are the target, so the packet should be dumped # empty snip child.expect(r"~~ SNIP 0 - size:\s+0 byte, type: NETTYPE_UNDEF \(\d+\)") ipv6_payload_len = 0 # parsed routing header child.expect(r"~~ SNIP 1 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len += int(child.match.group(1)) # NH = 59 (IPV6_NONXT), len = 0x00, routing type = 3, segments left = 0 child.expect(r"00000000 3B 00 03 00 00 00 00 00") # IPv6 header child.expect(r"~~ SNIP 2 - size:\s+40 byte, type: NETTYPE_IPV6 \(\d+\)") child.expect_exact(r"length: {} next header: {}".format( ipv6_payload_len, EXT_HDR_NH[IPv6ExtHdrRouting])) child.expect_exact(r"destination address: {}".format(ll_dst)) pktbuf_empty(child) unregister(child)
def test_empty_mixed1_w_dest_opt_registered(child, iface, hw_dst, ll_dst, ll_src): # Register to destination-option header register_protnum(child, EXT_HDR_NH[IPv6ExtHdrDestOpt]) # Try sending a packet with a number of extension headers in recommended # order: https://tools.ietf.org/html/rfc8200#section-4.1 sendp(Ether(dst=hw_dst) / IPv6(dst=ll_dst, src=ll_src) / IPv6ExtHdrHopByHop() / IPv6ExtHdrDestOpt() / IPv6ExtHdrRouting() / IPv6ExtHdrFragment() / IPv6ExtHdrDestOpt() / UDP() / "\x01\x02", iface=iface, verbose=0) # IPv6ExtHdrDestOpt is two times in the packet so pktdump will it print two # times # 1st print parsed up to the first IPv6ExtHdrDestOpt # Destination option 1 with payload child.expect(r"~~ SNIP 0 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len = int(child.match.group(1)) # NH = IPv6ExtHdrRouting, len = 0x00, PadN option (0x01) of length 0x04 # NH = IPv6ExtHdrFragment, len = 0x00, routing type = 0, segments left = 0 child.expect(r"00000000 {:02X} 00 01 04 00 00 00 00 " r"{:02X} 00 00 00 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrRouting], EXT_HDR_NH[IPv6ExtHdrFragment])) # NH = IPv6ExtHdrDestOpt, reserved = 0x00, fragment offset = 0, res = 0, M = 0 # NH = 17 (UDP), len = 0x00, PadN option (0x01) of length 0x04 child.expect(r"00000010 {:02X} 00 00 00 00 00 00 00 " r"11 00 01 04 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrDestOpt])) # Hop-by-hop option child.expect(r"~~ SNIP 1 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len += int(child.match.group(1)) # NH = IPv6ExtHdrDestOpt, len = 0x00, PadN option (0x01) of length 0x04 child.expect(r"00000000 {:02X} 00 01 04 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrDestOpt])) # IPv6 header child.expect(r"~~ SNIP 2 - size:\s+40 byte, type: NETTYPE_IPV6 \(\d+\)") child.expect_exact(r"length: {} next header: {}".format( ipv6_payload_len, EXT_HDR_NH[IPv6ExtHdrHopByHop])) child.expect_exact(r"destination address: {}".format(ll_dst)) # 2nd print parsed up to the second IPv6ExtHdrHopByHop # Destination option 2 with payload child.expect(r"~~ SNIP 0 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len = int(child.match.group(1)) # NH = 17 (UDP), len = 0x00, PadN option (0x01) of length 0x04 child.expect(r"00000000 11 00 01 04 00 00 00 00") # Fragment header child.expect(r"~~ SNIP 1 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len += int(child.match.group(1)) # NH = IPv6ExtHdrDestOpt, reserved = 0x00, fragment offset = 0, res = 0, M = 0 child.expect(r"00000000 {:02X} 00 00 00 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrDestOpt])) # Routing header child.expect(r"~~ SNIP 2 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len += int(child.match.group(1)) # NH = IPv6ExtHdrFragment, len = 0x00, routing type = 0, segments left = 0 child.expect(r"00000000 {:02X} 00 00 00 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrFragment])) # Destination option 1 child.expect(r"~~ SNIP 3 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len += int(child.match.group(1)) # NH = IPv6ExtHdrRouting, len = 0x00, PadN option (0x01) of length 0x04 child.expect(r"00000000 {:02X} 00 01 04 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrRouting])) # Hop-by-hop option child.expect(r"~~ SNIP 4 - size:\s+(\d+) byte, type: NETTYPE_\w+ \(\d+\)") ipv6_payload_len += int(child.match.group(1)) # NH = IPv6ExtHdrDestOpt, len = 0x00, PadN option (0x01) of length 0x04 child.expect(r"00000000 {:02X} 00 01 04 00 00 00 00".format( EXT_HDR_NH[IPv6ExtHdrDestOpt])) # IPv6 header child.expect(r"~~ SNIP 5 - size:\s+40 byte, type: NETTYPE_IPV6 \(\d+\)") child.expect_exact(r"length: {} next header: {}".format( ipv6_payload_len, EXT_HDR_NH[IPv6ExtHdrHopByHop])) child.expect_exact(r"destination address: {}".format(ll_dst)) pktbuf_empty(child) unregister(child)