def simple_ipv6_packet(pktlen=100, dl_dst='00:01:02:03:04:05', dl_src='00:06:07:08:09:0a', dl_vlan_enable=False, dl_vlan=0, dl_vlan_pcp=0, dl_vlan_cfi=0, ip_src='fe80::2420:52ff:fe8f:5189', ip_dst='fe80::2420:52ff:fe8f:5190', ip_tos=0, tcp_sport=0, tcp_dport=0, EH = False, EHpkt = scapy.IPv6ExtHdrDestOpt() ): """ Return a simple dataplane IPv6 packet Supports a few parameters: @param len Length of packet in bytes w/o CRC @param dl_dst Destinatino MAC @param dl_src Source MAC @param dl_vlan_enable True if the packet is with vlan, False otherwise @param dl_vlan VLAN ID @param dl_vlan_pcp VLAN priority @param ip_src IPv6 source @param ip_dst IPv6 destination @param ip_tos IP ToS @param tcp_dport TCP destination port @param ip_sport TCP source port Generates a simple TCP request. Users shouldn't assume anything about this packet other than that it is a valid ethernet/IP/TCP frame. """ # Note Dot1Q.id is really CFI if (dl_vlan_enable): pkt = scapy.Ether(dst=dl_dst, src=dl_src)/ \ scapy.Dot1Q(prio=dl_vlan_pcp, id=dl_vlan_cfi, vlan=dl_vlan)/ \ scapy.IP(src=ip_src, dst=ip_dst, tos=ip_tos) else: pkt = scapy.Ether(dst=dl_dst, src=dl_src)/ \ scapy.IPv6(src=ip_src, dst=ip_dst) # Add IPv6 Extension Headers if EH: pkt = pkt / EHpkt if (tcp_sport >0 and tcp_dport >0): pkt = pkt / scapy.TCP(sport=tcp_sport, dport=tcp_dport) pktlen = len(pkt) # why?? pkt = pkt/("D" * (pktlen - len(pkt))) return pkt
def runTest(self): pkt = simple_ipv6_packet(EH = True, EHpkt = scapy.IPv6ExtHdrHopByHop()/scapy.IPv6ExtHdrDestOpt()) of_ports = pa_port_map.keys() of_ports.sort() ing_port = of_ports[0] pa_logger.info("Sending IPv6 packet with HBHandDO EHs to " + str(ing_port)) pa_logger.debug("Data: " + str(pkt).encode('hex')) self.dataplane.send(ing_port, str(pkt))
def testIPv6StickyPktinfo(self): for _ in xrange(self.ITERATIONS): for netid in self.tuns: s = net_test.UDPSocket(AF_INET6) # Set a flowlabel. net_test.SetFlowLabel(s, net_test.IPV6_ADDR, 0xdead) s.setsockopt(net_test.SOL_IPV6, net_test.IPV6_FLOWINFO_SEND, 1) # Set some destination options. nonce = "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c" dstopts = "".join([ "\x11\x02", # Next header=UDP, 24 bytes of options. "\x01\x06", "\x00" * 6, # PadN, 6 bytes of padding. "\x8b\x0c", # ILNP nonce, 12 bytes. nonce ]) s.setsockopt(net_test.SOL_IPV6, IPV6_DSTOPTS, dstopts) s.setsockopt(net_test.SOL_IPV6, IPV6_UNICAST_HOPS, 255) pktinfo = multinetwork_base.MakePktInfo( 6, None, self.ifindices[netid]) # Set the sticky pktinfo option. s.setsockopt(net_test.SOL_IPV6, IPV6_PKTINFO, pktinfo) # Specify the flowlabel in the destination address. s.sendto(UDP_PAYLOAD, (net_test.IPV6_ADDR, 53, 0xdead, 0)) sport = s.getsockname()[1] srcaddr = self.MyAddress(6, netid) expected = (scapy.IPv6( src=srcaddr, dst=net_test.IPV6_ADDR, fl=0xdead, hlim=255) / scapy.IPv6ExtHdrDestOpt(options=[ scapy.PadN(optdata="\x00\x00\x00\x00\x00\x00"), scapy.HBHOptUnknown(otype=0x8b, optdata=nonce) ]) / scapy.UDP(sport=sport, dport=53) / UDP_PAYLOAD) msg = "IPv6 UDP using sticky pktinfo: expected UDP packet on %s" % ( self.GetInterfaceName(netid)) self.ExpectPacketOn(netid, msg, expected)
def main(): parser = argparse.ArgumentParser( "frag6.py", description="IPv6 fragementation test tool") parser.add_argument( '--sendif', nargs=1, required=True, help='The interface through which the packet will be sent') parser.add_argument('--recvif', nargs=1, required=True, help='The interface on which to check for the packet') parser.add_argument('--src', nargs=1, required=True, help='The source IP address') parser.add_argument('--to', nargs=1, required=True, help='The destination IP address') parser.add_argument('--debug', required=False, action='store_true', help='Enable test debugging') args = parser.parse_args() # Start sniffing on recvif sniffer = Sniffer(args, check_icmp6_error) sniffer2 = Sniffer(args, check_icmp6_error_2) ######################################################################## # # A fragment with payload and offset set to add up to >64k when # another frag with offset=0 arrives and has an unfrag part. # This is us checking for all fragments queued already when the # one with off=0 arrives. Note: unless the off=0 has its own problem # it will be queued and off!=0 ones might be expunged with param prob. # # A: Reassembly failure, timeout after # R: ICMPv6 param prob, param header (1st frag) # R: ICMPv6 time exceeded (2nd frag, as off=0) # data = "6" * 15 ip6f01 = \ sp.Ether() / \ sp.IPv6(src=args.src[0], dst=args.to[0]) / \ sp.IPv6ExtHdrFragment(offset=0x1ffc, m=0, id=8) / \ sp.UDP(dport=3456, sport=6543) / \ data data = "6" * 8 ip6f02 = \ sp.Ether() / \ sp.IPv6(src=args.src[0], dst=args.to[0]) / \ sp.IPv6ExtHdrDestOpt(options = \ sp.PadN(optdata="\x00\x00\x00\x00\x00\x00")) / \ sp.IPv6ExtHdrFragment(offset=0, m=1, id=8) / \ sp.UDP(dport=3456, sport=6543) / \ data if args.debug: ip6f01.display() ip6f02.display() sp.sendp(ip6f01, iface=args.sendif[0], verbose=False) sp.sendp(ip6f02, iface=args.sendif[0], verbose=False) sleep(1.00) sniffer.setEnd() sniffer.join() if not sniffer.foundCorrectPacket: sys.exit(1) sleep(75) sniffer2.setEnd() sniffer2.join() if not sniffer2.foundCorrectPacket: sys.exit(1) sys.exit(0)
def getExtHdrs(args): ext = None # XXX-TODO Try to put them in an order which could make sense # in real life packets and according to the RFCs. if args.hbh: hbh = sp.IPv6ExtHdrHopByHop(options = \ sp.PadN(optdata="\x00\x00\x00\x00\x00\x00")) ext = addExt(ext, hbh) if args.rh: rh = sp.IPv6ExtHdrRouting(type=0) ext = addExt(ext, rh) if args.frag6: frag6 = sp.IPv6ExtHdrFragment(offset=0, m=0, id=0x1234) ext = addExt(ext, frag6) if args.esp: # XXX TODO esp = None ext = addExt(ext, esp) if args.ah: # XXX TODO ah = None ext = addExt(ext, ah) if args.dest: dest = sp.IPv6ExtHdrDestOpt(options = \ sp.PadN(optdata="\x00\x00\x00\x00\x00\x00")) ext = addExt(ext, dest) if args.mobi: # XXX TODO mobi = None ext = addExt(ext, mobi) if args.hip: # XXX TODO hip = None ext = addExt(ext, hip) if args.shim6: # XXX TODO shim6 = None ext = addExt(ext, shim6) if args.proto253: # XXX TODO tft = None ext = addExt(ext, tft) if args.proto254: # XXX TODO tff = None ext = addExt(ext, tff) if args.hbhbad: hbhbad = sp.IPv6ExtHdrHopByHop(options = \ sp.PadN(optdata="\x00\x00\x00\x00\x00\x00")) ext = addExt(ext, hbhbad) return ext
def main(): parser = argparse.ArgumentParser( "frag6.py", description="IPv6 fragementation test tool") parser.add_argument( '--sendif', nargs=1, required=True, help='The interface through which the packet will be sent') parser.add_argument('--recvif', nargs=1, required=True, help='The interface on which to check for the packet') parser.add_argument('--src', nargs=1, required=True, help='The source IP address') parser.add_argument('--to', nargs=1, required=True, help='The destination IP address') parser.add_argument('--debug', required=False, action='store_true', help='Enable test debugging') args = parser.parse_args() # Start sniffing on recvif sniffer = Sniffer(args, check_icmp6_error) ######################################################################## # # Atomic fragment. # # A: Nothing listening on UDP port. # R: ICMPv6 dst unreach, unreach port. # ip6f01 = sp.Ether() / \ sp.IPv6(src=args.src[0], dst=args.to[0]) / \ sp.IPv6ExtHdrFragment(offset=0, m=0, id=3) / \ sp.UDP(dport=3456, sport=6543) if args.debug: ip6f01.display() sp.sendp(ip6f01, iface=args.sendif[0], verbose=False) sleep(0.10) sniffer.setEnd() sniffer.join() if not sniffer.foundCorrectPacket: sys.exit(1) # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # ## # # Atomic fragment with extension header. # # A: Nothing listening on UDP port. # R: ICMPv6 dst unreach, unreach port. # # Start sniffing on recvif sniffer = Sniffer(args, check_icmp6_error) ip6f01 = sp.Ether() / \ sp.IPv6(src=args.src[0], dst=args.to[0]) / \ sp.IPv6ExtHdrDestOpt(options = \ sp.PadN(optdata="\x00\x00\x00\x00\x00\x00")) / \ sp.IPv6ExtHdrFragment(offset=0, m=0, id=0x3001) / \ sp.UDP(dport=3456, sport=6543) if args.debug: ip6f01.display() sp.sendp(ip6f01, iface=args.sendif[0], verbose=False) sleep(0.10) sniffer.setEnd() sniffer.join() if not sniffer.foundCorrectPacket: sys.exit(1) sys.exit(0)
def main(): parser = argparse.ArgumentParser("frag6.py", description="IPv6 fragementation test tool") parser.add_argument('--sendif', nargs=1, required=True, help='The interface through which the packet will be sent') parser.add_argument('--recvif', nargs=1, required=True, help='The interface on which to check for the packet') parser.add_argument('--src', nargs=1, required=True, help='The source IP address') parser.add_argument('--to', nargs=1, required=True, help='The destination IP address') parser.add_argument('--debug', required=False, action='store_true', help='Enable test debugging') args = parser.parse_args() # Start sniffing on recvif sniffer = Sniffer(args, check_icmp6_error) ######################################################################## # # Send a proper first fragment (off=0) and a second fragment which # just fits the 64k. The re-send the first fragment with an extra # unfragmentable part making the 64k to exceed the limit. # This is to make sure we don't allow to update meta-data for a # 1st fragmented packet should a second arrive but given the # fragmentable part is an exact duplicate only that fragment # will be silently discarded. # # A: Reassembly failure, timeout after # R: ICMPv6 time exceeded / statistics for the duplicate # data = "6" * 8 ip6f00 = \ sp.Ether() / \ sp.IPv6(src=args.src[0], dst=args.to[0]) / \ sp.IPv6ExtHdrFragment(offset=0, m=1, id=20) / \ sp.UDP(dport=3456, sport=6543) / \ data data = "6" * 15 ip6f01 = \ sp.Ether() / \ sp.IPv6(src=args.src[0], dst=args.to[0]) / \ sp.IPv6ExtHdrFragment(offset=0x1ffc, m=0, id=20) / \ sp.UDP(dport=3456, sport=6543) / \ data data = "6" * 8 ip6f02 = \ sp.Ether() / \ sp.IPv6(src=args.src[0], dst=args.to[0]) / \ sp.IPv6ExtHdrDestOpt(options = \ sp.PadN(optdata="\x00\x00\x00\x00\x00\x00")) / \ sp.IPv6ExtHdrFragment(offset=0, m=1, id=20) / \ sp.UDP(dport=3456, sport=6543) / \ data if args.debug : ip6f00.display() ip6f01.display() ip6f02.display() sp.sendp(ip6f00, iface=args.sendif[0], verbose=False) sp.sendp(ip6f01, iface=args.sendif[0], verbose=False) sp.sendp(ip6f02, iface=args.sendif[0], verbose=False) sleep(75) sniffer.setEnd() sniffer.join() if not sniffer.foundCorrectPacket: sys.exit(1) sys.exit(0)