diff options
author | peter <peter@FreeBSD.org> | 1997-11-16 04:52:19 +0000 |
---|---|---|
committer | peter <peter@FreeBSD.org> | 1997-11-16 04:52:19 +0000 |
commit | 594e73c3109178aa1c5317785aaa284a0c135ff4 (patch) | |
tree | 1abde20e1d717a2bf3509de2189cbe7fa3c9f91e /contrib/ipfilter/ipsend | |
parent | c4dc16ff2222e864e5ab4d236e0de3a2cb5b54da (diff) | |
download | FreeBSD-src-594e73c3109178aa1c5317785aaa284a0c135ff4.zip FreeBSD-src-594e73c3109178aa1c5317785aaa284a0c135ff4.tar.gz |
Import ipfilter 3.2.1 (update from 3.1.8)
Diffstat (limited to 'contrib/ipfilter/ipsend')
29 files changed, 1646 insertions, 299 deletions
diff --git a/contrib/ipfilter/ipsend/44arp.c b/contrib/ipfilter/ipsend/44arp.c index f46bc55..290e676 100644 --- a/contrib/ipfilter/ipsend/44arp.c +++ b/contrib/ipfilter/ipsend/44arp.c @@ -22,6 +22,9 @@ #include <netinet/in.h> #include <netinet/ip_var.h> #include <netinet/tcp.h> +#if __FreeBSD_version >= 300000 +# include <net/if_var.h> +#endif #include "ipsend.h" diff --git a/contrib/ipfilter/ipsend/Crashable b/contrib/ipfilter/ipsend/Crashable index dbe1b87..c7ffcde 100644 --- a/contrib/ipfilter/ipsend/Crashable +++ b/contrib/ipfilter/ipsend/Crashable @@ -10,6 +10,7 @@ Test 1: HP-UX 9.0 HP-UX 10.1 LivingstonsComOS + MacOS 7.x, 8.x Test 6: SunOS 4.1.x diff --git a/contrib/ipfilter/ipsend/Makefile b/contrib/ipfilter/ipsend/Makefile index df650aa..49fdb67 100644 --- a/contrib/ipfilter/ipsend/Makefile +++ b/contrib/ipfilter/ipsend/Makefile @@ -1,34 +1,64 @@ # -# (C)opyright 1993-1996 by Darren Reed. +# Copyright (C) 1993-1997 by Darren Reed. # -# This code may be freely distributed as long as it retains this notice -# and is not changed in any way. The author accepts no responsibility -# for the use of this software. I hate legaleese, don't you ? +# Redistribution and use in source and binary forms are permitted +# provided that this notice is preserved and due credit is given +# to the original author and the contributors. # -OBJS=ipsend.o ip.o ipsopt.o -ROBJS=ipresend.o ip.o resend.o +IPFT=ipft_ef.o ipft_hx.o ipft_pc.o ipft_sn.o ipft_td.o ipft_tx.o opt.o +OBJS=ipsend.o ip.o ipsopt.o y.tab.o lex.yy.o +ROBJS=ipresend.o ip.o resend.o $(IPFT) TOBJS=iptest.o iptests.o ip.o BPF=sbpf.o NIT=snit.o -SUNOS4=sock.o arp.o +SUNOS4=sock.o arp.o inet_addr.o BSD=sock.o 44arp.o LINUX=lsock.o slinux.o larp.o LINUXK= TOP=.. -SUNOS5=dlcommon.o sdlpi.o arp.o - -CC=gcc -CFLAGS=-g -I.. -DNO_IPF +SUNOS5=dlcommon.o sdlpi.o arp.o inet_addr.o +ULTRIX=ultrix.o sock.o arp.o inet_addr.o +HPUX=hpux.o sock.o arp.o inet_addr.o +#CC=gcc +DEBUG=-g +CFLAGS=$(DEBUG) -I. -Iipf +# +MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \ + "IPFLKM=$(IPFLKM)" \ + "IPFLOG=$(IPFLOG)" "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" \ + "SOLARIS2=$(SOLARIS2)" "DEBUG=$(DEBUG)" "DCPU=$(CPU)" \ + "CPUDIR=$(CPUDIR)" +# all: @echo "Use one of these targets:" @echo " sunos4-nit (standard SunOS 4.1.x)" @echo " sunos4-bpf (SunOS4.1.x with BPF in the kernel)" @echo " bsd-bpf (4.4BSD variant with BPF in the kernel)" @echo " linux10 (Linux 1.0 kernels)" + @echo " linux12 (Linux 1.2 kernels)" @echo " linux20 (Linux 2.0 kernels)" @echo " sunos5 (Solaris 2.x)" +ipf: + -if [ ! -d iplang ] ; then ln -s ../iplang iplang; fi + -if [ ! -d netinet ] ; then ln -s ../netinet netinet; fi + -if [ ! -d ipf ] ; then ln -s .. ipf; fi + +y.tab.o: iplang/iplang_y.y + -if [ -h iplang ] ; then \ + (cd iplang; ${MAKE} $(MFLAGS) 'DESTDIR=../ipsend' ) \ + else \ + (cd iplang; ${MAKE} $(MFLAGS) 'DESTDIR=..' ) \ + fi + +lex.yy.o: iplang/iplang_l.l + -if [ -h iplang ] ; then \ + (cd iplang; ${MAKE} $(MFLAGS) 'DESTDIR=../ipsend' ) \ + else \ + (cd iplang; ${MAKE} $(MFLAGS) 'DESTDIR=..' ) \ + fi + .c.o: $(CC) $(CFLAGS) $(LINUXK) -c $< -o $@ @@ -37,7 +67,7 @@ install: bpf sunos4-bpf : make ipsend "OBJS=$(OBJS)" "UNIXOBJS=$(BPF) $(SUNOS4)" "CC=$(CC)" \ - "CFLAGS=$(CFLAGS) -DDOSOCKET" + "CFLAGS=$(CFLAGS) -DDOSOCKET" "LLIB=-ll" make ipresend "ROBJS=$(ROBJS)" "UNIXOBJS=$(BPF) $(SUNOS4)" "CC=$(CC)" \ "CFLAGS=$(CFLAGS) -DDOSOCKET" make iptest "TOBJS=$(TOBJS)" "UNIXOBJS=$(BPF) $(SUNOS4)" "CC=$(CC)" \ @@ -45,7 +75,7 @@ bpf sunos4-bpf : nit sunos4 sunos4-nit : make ipsend "OBJS=$(OBJS)" "UNIXOBJS=$(NIT) $(SUNOS4)" "CC=$(CC)" \ - "CFLAGS=$(CFLAGS) -DDOSOCKET" + "CFLAGS=$(CFLAGS) -DDOSOCKET" "LLIB=-ll" make ipresend "ROBJS=$(ROBJS)" "UNIXOBJS=$(NIT) $(SUNOS4)" "CC=$(CC)" \ "CFLAGS=$(CFLAGS) -DDOSOCKET" make iptest "TOBJS=$(TOBJS)" "UNIXOBJS=$(NIT) $(SUNOS4)" "CC=$(CC)" \ @@ -53,7 +83,7 @@ nit sunos4 sunos4-nit : dlpi sunos5 : make ipsend "OBJS=$(OBJS)" "UNIXOBJS=$(SUNOS5)" "CC=$(CC)" \ - CFLAGS="$(CFLAGS) -Dsolaris" "LIBS=-lsocket -lnsl" + CFLAGS="$(CFLAGS) -Dsolaris" "LIBS=-lsocket -lnsl" "LLIB=-ll" make ipresend "ROBJS=$(ROBJS)" "UNIXOBJS=$(SUNOS5)" "CC=$(CC)" \ CFLAGS="$(CFLAGS) -Dsolaris" "LIBS=-lsocket -lnsl" make iptest "TOBJS=$(TOBJS)" "UNIXOBJS=$(SUNOS5)" "CC=$(CC)" \ @@ -61,7 +91,7 @@ dlpi sunos5 : bsd-bpf : make ipsend "OBJS=$(OBJS)" "UNIXOBJS=$(BPF) $(BSD)" "CC=$(CC)" \ - "CFLAGS=$(CFLAGS) -DDOSOCKET" + "CFLAGS=$(CFLAGS) -DDOSOCKET" "LLIB=-ll" make ipresend "ROBJS=$(ROBJS)" "UNIXOBJS=$(BPF) $(BSD)" "CC=$(CC)" \ "CFLAGS=$(CFLAGS) -DDOSOCKET" make iptest "TOBJS=$(TOBJS)" "UNIXOBJS=$(BPF) $(BSD)" "CC=$(CC)" \ @@ -69,26 +99,78 @@ bsd-bpf : linuxrev : make ipsend "OBJS=$(OBJS)" "UNIXOBJS=$(LINUX)" "CC=$(CC)" \ - CFLAGS="$(CFLAGS) -I/usr/src/linux/include -DDOSOCKET" $(LINUXK) + CFLAGS="$(CFLAGS) $(INC) -DDOSOCKET" $(LINUXK) make ipresend "ROBJS=$(ROBJS)" "UNIXOBJS=$(LINUX)" "CC=$(CC)" \ - CFLAGS="$(CFLAGS) -I/usr/src/linux/include -DDOSOCKET" $(LINUXK) + CFLAGS="$(CFLAGS) $(INC) -DDOSOCKET" $(LINUXK) make iptest "TOBJS=$(TOBJS)" "UNIXOBJS=$(LINUX)" "CC=$(CC)" \ - CFLAGS="$(CFLAGS) -I/usr/src/linux/include -DDOSOCKET" $(LINUXK) + CFLAGS="$(CFLAGS) $(INC) -DDOSOCKET" $(LINUXK) linux10: - make linuxrev 'LINUXK="LINUXK=-DLINUX=0100"' + make linuxrev 'LINUXK="LINUXK=-DLINUX=0100"' \ + "INC=-I/usr/src/linux/include" "LLIB=-lfl" + +linux12: + make linuxrev 'LINUXK="LINUXK=-DLINUX=0102"' "INC=-I/usr/src/linux" \ + "LLIB=-lfl" linux20: - make linuxrev 'LINUXK="LINUXK=-DLINUX=0200"' + make linuxrev 'LINUXK="LINUXK=-DLINUX=0200"' \ + "INC=-I/usr/src/linux/include" "LLIB=-lfl" "ELIB=-lelf" -ipsend: $(OBJS) $(UNIXOBJS) - $(CC) $(OBJS) $(UNIXOBJS) -o $@ $(LIBS) +ultrix : + make ipsend "OBJS=$(OBJS)" "UNIXOBJS=$(ULTRIX)" "CC=$(CC)" \ + CFLAGS="$(CFLAGS)" "LIBS=" "LLIB=-ll" + make ipresend "ROBJS=$(ROBJS)" "UNIXOBJS=$(ULTRIX)" "CC=$(CC)" \ + CFLAGS="$(CFLAGS)" "LIBS=" + make iptest "TOBJS=$(TOBJS)" "UNIXOBJS=$(ULTRIX)" "CC=$(CC)" \ + CFLAGS="$(CFLAGS)" "LIBS=" + +hpux9 : + make ipsend "OBJS=$(OBJS)" "UNIXOBJS=$(HPUX)" "CC=$(CC)" \ + CFLAGS="$(CFLAGS)" "LIBS=" + make ipresend "ROBJS=$(ROBJS)" "UNIXOBJS=$(HPUX)" "CC=$(CC)" \ + CFLAGS="$(CFLAGS)" "LIBS=" + make iptest "TOBJS=$(TOBJS)" "UNIXOBJS=$(HPUX)" "CC=$(CC)" \ + CFLAGS="$(CFLAGS)" "LIBS=" + +ipsend: ipf $(OBJS) $(UNIXOBJS) + $(CC) $(OBJS) $(UNIXOBJS) -o $@ $(LIBS) $(LLIB) $(ELIB) ipresend: $(ROBJS) $(UNIXOBJS) - $(CC) $(ROBJS) $(UNIXOBJS) -o $@ $(LIBS) + $(CC) $(ROBJS) $(UNIXOBJS) -o $@ $(LIBS) $(ELIB) iptest: $(TOBJS) $(UNIXOBJS) - $(CC) $(TOBJS) $(UNIXOBJS) -o $@ $(LIBS) + $(CC) $(TOBJS) $(UNIXOBJS) -o $@ $(LIBS) $(ELIB) + +ipft_ef.o: ipf/ipft_ef.c ipf/ipt.h ipf/ipf.h ipf/ip_compat.h + $(CC) $(CFLAGS) $(LINUXK) -c ipf/ipft_ef.c -o $@ + +ipft_hx.o: ipf/ipft_hx.c ipf/ipt.h ipf/ipf.h ipf/ip_compat.h + $(CC) $(CFLAGS) $(LINUXK) -c ipf/ipft_hx.c -o $@ + +ipft_pc.o: ipf/ipft_pc.c ipf/ipt.h ipf/ipf.h ipf/ip_compat.h + $(CC) $(CFLAGS) $(LINUXK) -c ipf/ipft_pc.c -o $@ + +ipft_sn.o: ipf/ipft_sn.c ipf/ipt.h ipf/ipf.h ipf/ip_compat.h + $(CC) $(CFLAGS) $(LINUXK) -c ipf/ipft_sn.c -o $@ + +ipft_td.o: ipf/ipft_td.c ipf/ipt.h ipf/ipf.h ipf/ip_compat.h + $(CC) $(CFLAGS) $(LINUXK) -c ipf/ipft_td.c -o $@ + +ipft_tx.o: ipf/ipft_tx.c ipf/ipt.h ipf/ipf.h ipf/ip_compat.h + $(CC) $(CFLAGS) $(LINUXK) -c ipf/ipft_tx.c -o $@ + +opt.o: ipf/opt.c ipf/ipt.h ipf/ipf.h ipf/ip_compat.h + $(CC) $(CFLAGS) $(LINUXK) -c ipf/opt.c -o $@ + +inet_addr.o: ipf/inet_addr.c + $(CC) $(CFLAGS) $(LINUXK) -c ipf/inet_addr.c -o $@ clean: rm -rf *.o *core a.out ipsend ipresend iptest + if [ -d iplang ]; then (cd iplang; $(MAKE) $(MFLAGS) clean); fi + if [ -d $(TOP)/iplang ]; then (cd $(TOP)/iplang; $(MAKE) $(MFLAGS) clean); fi + +do-cvs: + find . -type d -name CVS -print | xargs /bin/rm -rf + find . -type f -name .cvsignore -print | xargs /bin/rm -f diff --git a/contrib/ipfilter/ipsend/README b/contrib/ipfilter/ipsend/README new file mode 100644 index 0000000..6898cdd --- /dev/null +++ b/contrib/ipfilter/ipsend/README @@ -0,0 +1,8 @@ + +This distribution contains *ONLY* the code required to build the 'ipsend' +directory of programs (including man pages) found in the IP Filter package: +http://coombs.anu.edu.au/~avalon/ip-filter.html + +Patches, bugs, etc, please send to: + +darrenr@cyber.com.au diff --git a/contrib/ipfilter/ipsend/arp.c b/contrib/ipfilter/ipsend/arp.c index 10f27cd..27a27c3 100644 --- a/contrib/ipfilter/ipsend/arp.c +++ b/contrib/ipfilter/ipsend/arp.c @@ -1,25 +1,28 @@ /* - * arp.c (C) 1995 Darren Reed + * arp.c (C) 1995-1997 Darren Reed * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)arp.c 1.4 1/11/96 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)arp.c 1.4 1/11/96 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: arp.c,v 2.0.2.6 1997/09/28 07:13:25 darrenr Exp $"; #endif #include <stdio.h> #include <errno.h> #include <sys/types.h> #include <sys/socket.h> +#if !defined(ultrix) && !defined(hpux) #include <sys/sockio.h> +#endif #include <sys/ioctl.h> #include <netdb.h> #include <netinet/in.h> #include <net/if.h> +#ifndef ultrix #include <net/if_arp.h> +#endif #include <netinet/in.h> #include <netinet/ip_var.h> #include <netinet/tcp.h> @@ -77,9 +80,11 @@ char *ether; sin = (struct sockaddr_in *)&ar.arp_pa; sin->sin_family = AF_INET; bcopy(ip, (char *)&sin->sin_addr.s_addr, 4); +#ifndef hpux if ((hp = gethostbyaddr(ip, 4, AF_INET))) if (!(ether_hostton(hp->h_name, ether))) goto savearp; +#endif if (sfd == -1) if ((sfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) diff --git a/contrib/ipfilter/ipsend/hpux.c b/contrib/ipfilter/ipsend/hpux.c new file mode 100644 index 0000000..e4e5dc3 --- /dev/null +++ b/contrib/ipfilter/ipsend/hpux.c @@ -0,0 +1,112 @@ +/* + * (C)opyright 1997 Darren Reed. (from tcplog) + * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. + */ +#include <stdio.h> +#include <strings.h> +#include <unistd.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/file.h> +#include <sys/ioctl.h> + + +int initdevice(device, sport, tout) +char *device; +int sport, tout; +{ + int fd; + + if ((fd = socket(AF_DLI, SOCK_RAW, 0)) == -1) + perror("socket"); + return fd; +} + + +/* + * output an IP packet onto a fd opened for /dev/bpf + */ +int sendip(fd, pkt, len) +int fd, len; +char *pkt; +{ + if (send(fd, pkt, len, 0) == -1) + { + perror("send"); + return -1; + } + + return len; +} + + +char *strdup(str) +char *str; +{ + char *s; + + if ((s = (char *)malloc(strlen(str) + 1))) + return strcpy(s, str); + return NULL; +} +/* + * (C)opyright 1997 Darren Reed. (from tcplog) + * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. + */ +#include <stdio.h> +#include <strings.h> +#include <unistd.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/file.h> +#include <sys/ioctl.h> + + +int initdevice(device, sport, tout) +char *device; +int sport, tout; +{ + int fd; + + if ((fd = socket(AF_DLI, SOCK_RAW, 0)) == -1) + perror("socket"); + return fd; +} + + +/* + * output an IP packet onto a fd opened for /dev/bpf + */ +int sendip(fd, pkt, len) +int fd, len; +char *pkt; +{ + if (send(fd, pkt, len, 0) == -1) + { + perror("send"); + return -1; + } + + return len; +} + + +char *strdup(str) +char *str; +{ + char *s; + + if ((s = (char *)malloc(strlen(str) + 1))) + return strcpy(s, str); + return NULL; +} diff --git a/contrib/ipfilter/ipsend/ip.c b/contrib/ipfilter/ipsend/ip.c index 1b08222..0f8d19b 100644 --- a/contrib/ipfilter/ipsend/ip.c +++ b/contrib/ipfilter/ipsend/ip.c @@ -1,14 +1,13 @@ /* - * ip.c (C) 1995 Darren Reed + * ip.c (C) 1995-1997 Darren Reed * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "%W% %G% (C)1995"; +#if !defined(lint) +static const char sccsid[] = "%W% %G% (C)1995"; +static const char rcsid[] = "@(#)$Id: ip.c,v 2.0.2.11 1997/10/23 11:42:44 darrenr Exp $"; #endif #include <errno.h> #include <stdio.h> @@ -24,9 +23,13 @@ static char sccsid[] = "%W% %G% (C)1995"; #include <netinet/tcp.h> #include <netinet/udp.h> #include <netinet/ip_icmp.h> +#include <sys/param.h> #ifndef linux -#include <netinet/if_ether.h> -#include <netinet/ip_var.h> +# include <netinet/if_ether.h> +# include <netinet/ip_var.h> +# if __FreeBSD_version >= 300000 +# include <net/if_var.h> +# endif #endif #include "ipsend.h" @@ -67,13 +70,13 @@ struct in_addr gwip; bcopy((char *)buf, s + sizeof(*eh), len); if (gwip.s_addr == last_gw.s_addr) - bcopy(last_arp, (char *)&eh->ether_dhost, 6); - else if (arp((char *)&gwip, (char *)&eh->ether_dhost) == -1) + bcopy(last_arp, (char *)A_A eh->ether_dhost, 6); + else if (arp((char *)&gwip, (char *)A_A eh->ether_dhost) == -1) { perror("arp"); return -2; } - eh->ether_type = ETHERTYPE_IP; + eh->ether_type = htons(ETHERTYPE_IP); last_gw.s_addr = gwip.s_addr; err = sendip(nfd, s, sizeof(*eh) + len); return err; @@ -99,27 +102,29 @@ int frag; ipbuf = (char *)malloc(65536); eh = (ether_header_t *)ipbuf; - bzero((char *)&eh->ether_shost, sizeof(eh->ether_shost)); + bzero((char *)A_A eh->ether_shost, sizeof(eh->ether_shost)); if (last_gw.s_addr && (gwip.s_addr == last_gw.s_addr)) - bcopy(last_arp, (char *)&eh->ether_dhost, 6); - else if (arp((char *)&gwip, (char *)&eh->ether_dhost) == -1) + bcopy(last_arp, (char *)A_A eh->ether_dhost, 6); + else if (arp((char *)&gwip, (char *)A_A eh->ether_dhost) == -1) { perror("arp"); return -2; } - bcopy((char *)&eh->ether_dhost, last_arp, sizeof(last_arp)); - eh->ether_type = ETHERTYPE_IP; + bcopy((char *)A_A eh->ether_dhost, last_arp, sizeof(last_arp)); + eh->ether_type = htons(ETHERTYPE_IP); bcopy((char *)ip, (char *)&ipsv, sizeof(*ip)); last_gw.s_addr = gwip.s_addr; ip->ip_len = htons(ip->ip_len); ip->ip_off = htons(ip->ip_off); - if (!ip->ip_v) - ip->ip_v = IPVERSION; - if (!ip->ip_id) - ip->ip_id = htons(id++); - if (!ip->ip_ttl) - ip->ip_ttl = 60; + if (!(frag & 2)) { + if (!ip->ip_v) + ip->ip_v = IPVERSION; + if (!ip->ip_id) + ip->ip_id = htons(id++); + if (!ip->ip_ttl) + ip->ip_ttl = 60; + } if (!frag || (sizeof(*eh) + ntohs(ip->ip_len) < mtu)) { diff --git a/contrib/ipfilter/ipsend/ipresend.1 b/contrib/ipfilter/ipsend/ipresend.1 new file mode 100644 index 0000000..40f9825 --- /dev/null +++ b/contrib/ipfilter/ipsend/ipresend.1 @@ -0,0 +1,107 @@ +.TH IPRESEND 1 +.SH NAME +ipresend \- resend IP packets out to network +.SH SYNOPSIS +.B ipsend +[ +.B \-EHPRSTX +] [ +.B \-d +<device> +] [ +.B \-g +<\fIgateway\fP> +] [ +.B \-m +<\fIMTU\fP> +] [ +.B \-r +<\fIfilename\fP> +] +.SH DESCRIPTION +.PP +\fBipresend\fP was designed to allow packets to be resent, once captured, +back out onto the network for use in testing. \fIipresend\fP supports a +number of different file formats as input, including saved snoop/tcpdump +binary data. +.SH OPTIONS +.TP +.BR \-d \0<interface> +Set the interface name to be the name supplied. This is useful with the +\fB\-P, \-S, \-T\fP and \fB\-E\fP options, where it is not otherwise possible +to associate a packet with an interface. Normal "text packets" can override +this setting. +.TP +.BR \-g \0<gateway> +Specify the hostname of the gateway through which to route packets. This +is required whenever the destination host isn't directly attached to the +same network as the host from which you're sending. +.TP +.BR \-m \0<MTU> +Specify the MTU to be used when sending out packets. This option allows you +to set a fake MTU, allowing the simulation of network interfaces with small +MTU's without setting them so. +.TP +.BR \-r \0<filename> +Specify the filename from which to take input. Default is stdin. +.B \-E +The input file is to be text output from etherfind. The text formats which +are currently supported are those which result from the following etherfind +option combinations: +.PP +.nf + etherfind -n + etherfind -n -t +.fi +.LP +.TP +.B \-H +The input file is to be hex digits, representing the binary makeup of the +packet. No length correction is made, if an incorrect length is put in +the IP header. +.TP +.B \-P +The input file specified by \fB\-i\fP is a binary file produced using libpcap +(i.e., tcpdump version 3). Packets are read from this file as being input +(for rule purposes). +.TP +.B \-R +When sending packets out, send them out "raw" (the way they came in). The +only real significance here is that it will expect the link layer (i.e. +ethernet) headers to be prepended to the IP packet being output. +.TP +.B \-S +The input file is to be in "snoop" format (see RFC 1761). Packets are read +from this file and used as input from any interface. This is perhaps the +most useful input type, currently. +.TP +.B \-T +The input file is to be text output from tcpdump. The text formats which +are currently supported are those which result from the following tcpdump +option combinations: +.PP +.nf + tcpdump -n + tcpdump -nq + tcpdump -nqt + tcpdump -nqtt + tcpdump -nqte +.fi +.LP +.TP +.B \-X +The input file is composed of text descriptions of IP packets. +.TP +.SH FILES +.DT +.SH SEE ALSO +snoop(1m), tcpdump(8), etherfind(8c), ipftest(1), ipresend(1), iptest(1), bpf(4), dlpi(7p) +.SH DIAGNOSTICS +.PP +Needs to be run as root. +.SH BUGS +.PP +Not all of the input formats are sufficiently capable of introducing a +wide enough variety of packets for them to be all useful in testing. +If you find any, please send email to me at darrenr@cyber.com.au + diff --git a/contrib/ipfilter/ipsend/ipresend.c b/contrib/ipfilter/ipsend/ipresend.c index 9402104a..4de8e41 100644 --- a/contrib/ipfilter/ipsend/ipresend.c +++ b/contrib/ipfilter/ipsend/ipresend.c @@ -1,21 +1,18 @@ /* - * ipsend.c (C) 1995 Darren Reed + * ipresend.c (C) 1995-1997 Darren Reed * * This was written to test what size TCP fragments would get through * various TCP/IP packet filters, as used in IP firewalls. In certain * conditions, enough of the TCP header is missing for unpredictable * results unless the filter is aware that this can happen. * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. - * - * This was written and tested (successfully) on SunOS 4.1.x. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "%W% %G% (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "%W% %G% (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: ipresend.c,v 2.0.2.9 1997/10/12 09:48:37 darrenr Exp $"; #endif #include <stdio.h> #include <stdlib.h> @@ -58,7 +55,11 @@ char default_device[] = "ln0"; # ifdef __bsdi__ char default_device[] = "ef0"; # else +# ifdef __sgi +char default_device[] = "ec0"; +# else char default_device[] = "lan0"; +# endif # endif # endif # endif @@ -94,10 +95,10 @@ char **argv; struct in_addr gwip; struct ipread *ipr = NULL; char *name = argv[0], *gateway = NULL, *dev = NULL; - char c, *resend = NULL; - int mtu = 1500; + char *resend = NULL; + int mtu = 1500, c; - while ((c = getopt(argc, argv, "EHPSTXd:g:m:r:")) != -1) + while ((c = getopt(argc, argv, "EHPRSTXd:g:m:r:")) != -1) switch (c) { case 'd' : @@ -116,6 +117,9 @@ char **argv; case 'r' : resend = optarg; break; + case 'R' : + opts |= OPT_RAW; + break; #ifndef NO_IPF case 'E' : ipr = ðerf; diff --git a/contrib/ipfilter/ipsend/ipsend.1 b/contrib/ipfilter/ipsend/ipsend.1 new file mode 100644 index 0000000..d99038d --- /dev/null +++ b/contrib/ipfilter/ipsend/ipsend.1 @@ -0,0 +1,109 @@ +.TH IPSEND 1 +.SH NAME +ipsend \- sends IP packets +.SH SYNOPSIS +.B ipsend +[ +.B \-dITUv +] [ +.B \-i +<interface> +] [ +.B \-f +<\fIoffset\fP> +] [ +.B \-g +<\fIgateway\fP> +] [ +.B \-m +<\fIMTU\fP> +] [ +.B \-o +<\fIoption\fP> +] [ +.B \-P +<protocol> +] [ +.B \-s +<\fIsource\fP> +] [ +.B \-t +<\fIdest. port\fP> +] [ +.B \-w +<\fIwindow\fP> +] <destination> [TCP-flags] +.SH DESCRIPTION +.PP +\fBipsend\fP can be compiled in two ways. The first is used to send one-off +packets to a destination host, using command line options to specify various +attributes present in the headers. The \fIdestination\fP must be given as +the last command line option, except for when TCP flags are specified as +a combination of A, S, F, U, P and R, last. +.PP +The other way it may be compiled, with DOSOCKET defined, is to allow an +attempt at making a TCP connection using a with ipsend resending the SYN +packet as per the command line options. +.SH OPTIONS +.TP +.BR \-d +enable debugging mode. +.TP +.BR \-f \0<offset> +The \fI-f\fP allows the IP offset field in the IP header to be set to an +arbitrary value, which can be specified in decimal or hexidecimal. +.TP +.BR \-g \0<gateway> +Specify the hostname of the gateway through which to route packets. This +is required whenever the destination host isn't directly attached to the +same network as the host from which you're sending. +.TP +.BR \-i \0<interface> +Set the interface name to be the name supplied. +.TP +.TP +.BR \-m \0<MTU> +Specify the MTU to be used when sending out packets. This option allows you +to set a fake MTU, allowing the simulation of network interfaces with small +MTU's without setting them so. +.TP +.BR \-o \0<option> +Specify options to be included at the end of the IP header. An EOL option +is automatically appended and need not be given. If an option would also +have data associated with it (source as an IP# for a lsrr option), then +this will not be initialised. +.TP +.BR \-s \0<source> +Set the source address in the packet to that provided - maybe either a +hostname or IP#. +.TP +.BR \-t \0<dest. port> +Set the destination port for TCP/UDP packets. +.TP +.BR \-w \0<window> +Set the window size for TCP packets. +.TP +.B \-I +Set the protocol to ICMP. +.TP +.B \-P <protocol> +Set the protocol to the value given. If the parameter is a name, the name +is looked up in the \fI/etc/protocols\fP file. +.TP +.B \-T +Set the protocol to TCP. +.TP +.B \-U +Set the protocol to UDP. +.TP +.BR \-d +enable verbose mode. +.DT +.SH SEE ALSO +ipsend(1), ipresend(1), iptest(1), protocols(4), bpf(4), dlpi(7p) +.SH DIAGNOSTICS +.PP +Needs to be run as root. +.SH BUGS +.PP +If you find any, please send email to me at darrenr@cyber.com.au diff --git a/contrib/ipfilter/ipsend/ipsend.5 b/contrib/ipfilter/ipsend/ipsend.5 new file mode 100644 index 0000000..b6a3e04 --- /dev/null +++ b/contrib/ipfilter/ipsend/ipsend.5 @@ -0,0 +1,398 @@ +.TH IPSEND 5 +.SH NAME +ipsend \- IP packet description language +.SH DESCRIPTION +The \fBipsend\fP program expects, with the \fB-L\fP option, input to be a +text file which fits the grammar described below. The purpose of this +grammar is to allow IP packets to be described in an arbitary way which +also allows encapsulation to be so done to an arbitary level. +.SH GRAMMAR +.LP +.nf +line ::= iface | arp | send | defrouter | ipv4line . + +iface ::= ifhdr "{" ifaceopts "}" ";" . +ifhdr ::= "interface" | "iface" . +ifaceopts ::= "ifname" name | "mtu" mtu | "v4addr" ipaddr | + "eaddr" eaddr . + +send ::= "send" ";" | "send" "{" sendbodyopts "}" ";" . +sendbodyopts ::= sendbody [ sendbodyopts ] . +sendbody ::= "ifname" name | "via" ipaddr . + +defrouter ::= "router" ipaddr . + +arp ::= "arp" "{" arpbodyopts "}" ";" . +arpbodyopts ::= arpbody [ arpbodyopts ] . +arpbody ::= "v4addr" ipaddr | "eaddr" eaddr . + +bodyline ::= ipv4line | tcpline | udpline | icmpline | dataline . + +ipv4line ::= "ipv4" "{" ipv4bodyopts "}" ";" . +ipv4bodyopts ::= ipv4body [ ipv4bodyopts ] | bodyline . +ipv4body ::= "proto" protocol | "src" ipaddr | "dst" ipaddr | + "off" number | "v" number | "hl" number| "id" number | + "ttl" number | "tos" number | "sum" number | "len" number | + "opt" "{" ipv4optlist "}" ";" . +ipv4optlist ::= ipv4option [ ipv4optlist ] . +ipv4optlist = "nop" | "rr" | "zsu" | "mtup" | "mtur" | "encode" | "ts" | + "tr" | "sec" | "lsrr" | "e-sec" | "cipso" | "satid" | + "ssrr" | "addext" | "visa" | "imitd" | "eip" | "finn" | + "secclass" ipv4secclass. +ipv4secclass := "unclass" | "confid" | "reserv-1" | "reserv-2" | + "reserv-3" | "reserv-4" | "secret" | "topsecret" . + +tcpline ::= "tcp" "{" tcpbodyopts "}" ";" . +tcpbodyopts ::= tcpbody [ tcpbodyopts ] | bodyline . +tcpbody ::= "sport" port | "dport" port | "seq" number | "ack" number | + "off" number | "urp" number | "win" number | "sum" number | + "flags" tcpflags | data . + +udpline ::= "udp" "{" udpbodyopts "}" ";" . +udpbodyopts ::= udpbody [ udpbodyopts ] | bodyline . +udpbody ::= "sport" port | "dport" port | "len" number | "sum" number | + data . + +icmpline ::= "icmp" "{" icmpbodyopts "}" ";" . +icmpbodyopts ::= icmpbody [ icmpbodyopts ] | bodyline . +icmpbody ::= "type" icmptype [ "code" icmpcode ] . +icmptype ::= "echorep" | "echorep" "{" echoopts "}" ";" | "unreach" | + "unreach" "{" unreachtype "}" ";" | "squench" | "redir" | + "redir" "{" redirtype "}" ";" | "echo" "{" echoopts "}" ";" | + "echo" | "routerad" | "routersol" | "timex" | + "timex" "{" timextype "}" ";" | "paramprob" | + "paramprob" "{" parapptype "}" ";" | "timest" | "timestrep" | + "inforeq" | "inforep" | "maskreq" | "maskrep" . + +echoopts ::= echoopts [ icmpechoopts ] . +unreachtype ::= "net-unr" | "host-unr" | "proto-unr" | "port-unr" | + "needfrag" | "srcfail" | "net-unk" | "host-unk" | "isolate" | + "net-prohib" | "host-prohib" | "net-tos" | "host-tos" | + "filter-prohib" | "host-preced" | "cutoff-preced" . +redirtype ::= "net-redir" | "host-redir" | "tos-net-redir" | + "tos-host-redir" . +timextype ::= "intrans" | "reass" . +paramptype ::= "optabsent" . + +data ::= "data" "{" databodyopts "}" ";" . +databodyopts ::= "len" number | "value" string | "file" filename . + +icmpechoopts ::= "icmpseq" number | "icmpid" number . +.fi +.SH COMMANDS +.PP +Before sending any packets or defining any packets, it is necessary to +describe the interface(s) which will be used to send packets out. +.TP +.B interface +is used to describe a network interface. The description included need +not match the actual configuration currently employed by the operating +system. +.TP +.B send +is used to actually send out a packet across the network. If the +destination is not specified, it will attempt to send the packet +directly out on the network to the destination without routing it. +.TP +.B router +configures the default router for ipsend, as distinct from the default +route installed in the kernel. +.TP +.B ipv4 +is used to describe an IP (version 4) packet. IP header fields can be +specified, including options, followed by a data section which may contain +further protocol headers. +.SH IPV4 +.TP +.B hl <number> +manually specifies the IP header length (automatically adjusts with the +presence of IP options and defaults to 5); +.TP +.B v <number> +set the IP version. Default is 4. +.TP +.B tos <number> +set the type of service (TOS) field in the IP header. Default is 0. +.TP +.B len <number> +manually specifies the length of the IP packet. The length will automatically +be adjusted to accomodate data or further protocol headers. +.TP +.B off <number> +sets the fragment offset field of the IP packet. Default is 0. +.TP +.B ttl <number> +sets the time to live (TTL) field of the IP header. Default is 60. +.TP +.B proto <protocol> +sets the protocol field of the IP header. The protocol can either be a +number or a name found in \fB/etc/protocols\fP. +.TP +.B sum +manually specifies the checksum for the IP header. If left unset (0), it +will be calculated prior to being sent. +.TP +.B src +manually specifies the source address of the IP header. If left unset, it +will default to the host's IP address. +.TP +.B dst +sets the destination of the IP packet. The default is 0.0.0.0. +.TP +.B opt +is used to include IP options in the IP header. +.TP +.B tcp +is used to indicate the a TCP protocol header is to follow. See the \fBTCP\fP +section for TCP header options. +.TP +.B udp +is used to indicate the a UDP protocol header is to follow. See the \fBUDP\fP +section for UDP header options. +.TP +.B icmp +is used to indicate the a ICMP protocol header is to follow. See the +\fBICMP\fP section for ICMP header options. +.TP +.B data +is used to indicate that raw data is to be included in the IP packet. See the +\fBDATA\fP section for details on options available. +.SH "IPv4 Options" +these keywords indicate that the releveant IP option should be added to the +IP header (the header length field will be adjusted appropriately). +.TP +.B nop +No Operation [RFC 791] (space filler). +.TP +.B rr <number> +Record Router [RFC 791]. The number given specifies the number of +\fBbytes\fP to be used for storage. This should be a multiple of 4 for +proper operation. +.TP +.B zsu +Experimental Measurement. +.TP +.B mtup [RFC 1191]. +MTU Probe. +.TP +.B mtur [RFC 1191]. +MTU Ready. +.TP +.B encode +.TP +.B ts +Timestamp [RFC 791]. +.TP +.B tr +Traceroute [RFC 1393]. +.TP +.B "sec-class <security-level>, sec" +Security [RFC 1108]. This option specifies the security label for the packet. +Using \fBsec\fP sets up the framework of the security option but unless +\fBsec-class\fP is given, the level may not be set. +.TP +.B "lsrr <ip-address>" +Loose Source Route [RFC 791]. +.TP +.B e-sec +Extended Security [RFC 1108]. +.TP +.B cipso +Commercial Security. +.TP +.B satid +Stream ID [RFC 791]. +.TP +.B "ssrr <ip-address>" +Strict Source Route [RFC 791]. +.TP +.B addext +Address Extension +.TP +.B visa +Expermental Access Control. +.TP +.B imitd +IMI Traffic Descriptor. +.TP +.B eip +[RFC 1358]. +.TP +.B finn +Experimental Flow Control. +.SH TCP +.TP +.B sport <port> +sets the source port to the number/name given. Default is 0. +.TP +.B dport <port> +sets the destination port to the number/name given. Default is 0. +.TP +.B seq <number> +sets the sequence number to the number specified. Default is 0. +.TP +.B ack <number> +sets the acknowledge number to the number specified. Default is 0. +.TP +.B off <number> +sets the offset value for the start of data to the number specified. This +implies the size of the TCP header. It is automatically adjusted if TCP +options are included and defaults to 5. +.TP +.B urp <number> +sets the value of the urgent data pointer to the number specified. Default +is 0. +.TP +.B win <number> +sets the size of the TCP window to the number specified. Default is 4096. +.TP +.B sum <number> +manually specifies the checksum for the TCP pseudo-header and data. If left +unset, it defaults to 0 and is automatically calculated. +.TP +.B flags <tcp-flags> +sets the TCP flags field to match the flags specified. Valid flags are +"S" (SYN), "A" (ACK), "R" (RST), "F" (FIN), "U" (URG), "P" (PUSH). +.TP +.B opt +indicates that TCP header options follow. As TCP options are added to the +TCP header, the \fBoff\fP field is updated to match. +.TP +.B data +indicates that a data section is to follow and is to be included as raw +data, being appended to the header. +.SH "TCP options" +With a TCP header, it is possible to append a number of header options. +The TCP header offset will be updated automatically to reflect the change +in size. The valid options are: \fBnop\fP No Operation, +\fBeol\fP End Of (option) List, \fBmss [ size ]\fP Maximum Segment Size - this +sets the maximum receivable size of a packet containing data, +\fBwscale\fP Window Scale, \fBts\fP Timestamp. +.SH UDP +.TP +.B sport <port> +sets the source port to the number/name given. Default is 0. +.TP +.B dport <port> +sets the destination port to the number/name given. Default is 0. +.TP +.B len <number> +manually specifies the length of the UDP header and data. If left unset, +it is automatically adjusted to match the header presence and any data if +present. +.TP +.B sum <number> +manually specifies the checksum for the UDP pseudo-header and data. If left +unset, it defaults to 0 and is automatically calculated. +.TP +.B data +indicates that a data section is to follow and is to be included as raw +data, being appended to the header. +.SH ICMP +.TP +.B type <icmptype> +sets the ICMP type according the to the icmptype tag. This may either be +a number or one of the recognised tags (see the \fBICMP TYPES\fP section for a +list of names recognised). +.TP +.B code <icmpcode> +sets the ICMP code. +.TP +.B data +indicates that a data section is to follow and is to be included as raw +data, being appended to the header. +.SH DATA +Each of the following extend the packet in a different way. \fBLen\fP just +increases the length (without adding any content), \fBvalue\fP uses a string +and \fBfile\fP a file. +.TP +.B len <number> +extend the length of the packet by \fBnumber\fP bytes (without filling those +bytes with any particular data). +.TP +.B value <string> +indicates that the string provided should be added to the current packet as +data. A string may be a consecutive list of characters and numbers (with +no white spaces) or bounded by "'s (may not contain them, even if \\'d). +The \\ charcater is recognised with the appropriate C escaped values, including +octal numbers. +.TP +.B file <filename> +reads data in from the specified file and appends it to the current packet. +If the new total length would exceed 64k, an error will be reported. +.SH "ICMP TYPES" +.TP +.B echorep +Eecho Reply. +.TP +.B "unreach [ unreachable-code ]" +Generic Unreachable error. This is used to indicate that an error has +occurred whilst trying to send the packet across the network and that the +destination cannot be reached. The unreachable code names are: +\fBnet-unr\fP network unreachable, \fBhost-unr\fP host unreachable, +\fBproto-unr\fP protocol unreachable, \fBport-unr\fP port unreachable, +\fBneedfrag\fP, \fBsrcfail\fP source route failed, +\fBnet-unk\fP network unknown, \fBhost-unk\fP host unknown, +\fBisolate\fP, \fBnet-prohib\fP administratively prohibited contact with +network, +\fBhost-prohib\fP administratively prohibited contact with host, +\fBnet-tos\fP network unreachable with given TOS, +\fBhost-tos\fP host unreachable with given TOS, +\fBfilter-prohib\fP packet prohibited by packet filter, +\fBhost-preced\fP, +\fBcutoff-preced\fP. +.TP +.B squench +Source Quence. +.TP +.B "redir [ redirect-code ]" +Redirect (routing). This is used to indicate that the route being chosen +for forwarding the packet is suboptimal and that the sender of the packet +should be routing packets via another route. The redirect code names are: +\fBnet-redir\fP redirect packets for a network, +\fBhost-redir\fP redirect packets for a host, +\fBtos-net-redir\fP redirect packets for a network with a given TOS, +\fBtos-host-redir\fP redirect packets for a host with a given TOS. +.TP +.B echo +Echo. +.TP +.B routerad +Router Advertisment. +.TP +.B routersol +Router solicitation. +.TP +.B "timex [ timexceed-code ]" +Time Exceeded. This is used to indicate that the packet failed to reach the +destination because it was in transit too long (i.e. ttl reached 0). The +valid code names are: \fBintrans\fP, +\fBreass\fP could not reassemble packet from fragments within a given time. +.TP +.B "paramprob [ paramprob-code ]" +Parameter problem. There is only one available parameter problem code name: +\fBoptabsent\fP. +.TP +.B timest +Time stamp request. +.TP +.B "timestrep [ { timestamp-code } ]" +Time stamp reply. In a timestamp reply, it is possible to supply the +following values: \fBrtime\fP, \fBotime\fP, \fBttime\fP. +.TP +.B inforeq +Information request. +.TP +.B inforep +Information reply. +.TP +.B maskreq +Address mask request. +.TP +.B maskrep +Address mask reply. +.SH FILES +/etc/protocols +/etc/services +/etc/hosts +.SH SEE ALSO diff --git a/contrib/ipfilter/ipsend/ipsend.c b/contrib/ipfilter/ipsend/ipsend.c index ecc6473..1f47466 100644 --- a/contrib/ipfilter/ipsend/ipsend.c +++ b/contrib/ipfilter/ipsend/ipsend.c @@ -1,21 +1,18 @@ /* - * ipsend.c (C) 1995 Darren Reed + * ipsend.c (C) 1995-1997 Darren Reed * * This was written to test what size TCP fragments would get through * various TCP/IP packet filters, as used in IP firewalls. In certain * conditions, enough of the TCP header is missing for unpredictable * results unless the filter is aware that this can happen. * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. - * - * This was written and tested (successfully) on SunOS 4.1.x. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)ipsend.c 1.5 12/10/95 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)ipsend.c 1.5 12/10/95 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: ipsend.c,v 2.0.2.19 1997/10/12 09:48:38 darrenr Exp $"; #endif #include <stdio.h> #include <stdlib.h> @@ -36,12 +33,15 @@ static char sccsid[] = "@(#)ipsend.c 1.5 12/10/95 (C)1995 Darren Reed"; #include <netinet/ip_var.h> #endif #include "ipsend.h" +#include "ipf.h" extern char *optarg; extern int optind; +extern void iplang __P((FILE *)); char options[68]; +int opts; #ifdef linux char default_device[] = "eth0"; #else @@ -54,7 +54,11 @@ char default_device[] = "ln0"; # ifdef __bsdi__ char default_device[] = "ef0"; # else +# ifdef __sgi +char default_device[] = "ec0"; +# else char default_device[] = "lan0"; +# endif # endif # endif # endif @@ -71,7 +75,8 @@ char *prog; { fprintf(stderr, "Usage: %s [options] dest [flags]\n\ \toptions:\n\ -\t\t-d device\tSend out on this device\n\ +\t\t-d\tdebug mode\n\ +\t\t-i device\tSend out on this device\n\ \t\t-f fragflags\tcan set IP_MF or IP_DF\n\ \t\t-g gateway\tIP gateway to use if non-local dest.\n\ \t\t-I code,type[,gw[,dst[,src]]]\tSet ICMP protocol\n\ @@ -81,12 +86,20 @@ char *prog; \t\t-T\t\tSet TCP protocol\n\ \t\t-t port\t\tdestination port\n\ \t\t-U\t\tSet UDP protocol\n\ +\t\t-v\tverbose mode\n\ +\t\t-w <window>\tSet the TCP window size\n\ +", prog); + fprintf(stderr, "Usage: %s [-dv] -L <filename>\n\ +\toptions:\n\ +\t\t-d\tdebug mode\n\ +\t\t-L filename\tUse IP language for sending packets\n\ +\t\t-v\tverbose mode\n\ ", prog); exit(1); } -void do_icmp(ip, args) +static void do_icmp(ip, args) ip_t *ip; char *args; { @@ -158,13 +171,14 @@ int main(argc, argv) int argc; char **argv; { + FILE *langfile = NULL; struct tcpiphdr *ti; struct in_addr gwip; tcphdr_t *tcp; ip_t *ip; char *name = argv[0], host[64], *gateway = NULL, *dev = NULL; - char *src = NULL, *dst, c, *s; - int mtu = 1500, olen = 0; + char *src = NULL, *dst, *s; + int mtu = 1500, olen = 0, c, nonl = 0; /* * 65535 is maximum packet size...you never know... @@ -175,10 +189,11 @@ char **argv; ip->ip_len = sizeof(*ip); ip->ip_hl = sizeof(*ip) >> 2; - while ((c = (char)getopt(argc, argv, "IP:TUd:f:g:m:o:s:t:")) != -1) + while ((c = getopt(argc, argv, "I:L:P:TUdf:i:g:m:o:s:t:vw:")) != -1) switch (c) { case 'I' : + nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", @@ -187,10 +202,26 @@ char **argv; } do_icmp(ip, optarg); break; + case 'L' : + if (nonl) { + fprintf(stderr, + "Incorrect usage of -L option.\n"); + usage(name); + } + if (!strcmp(optarg, "-")) + langfile = stdin; + else if (!(langfile = fopen(optarg, "r"))) { + fprintf(stderr, "can't open file %s\n", + optarg); + exit(1); + } + iplang(langfile); + return 0; case 'P' : { struct protoent *p; + nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", @@ -205,6 +236,7 @@ char **argv; break; } case 'T' : + nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", @@ -215,6 +247,7 @@ char **argv; ip->ip_len += sizeof(tcphdr_t); break; case 'U' : + nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", @@ -225,15 +258,22 @@ char **argv; ip->ip_len += sizeof(udphdr_t); break; case 'd' : - dev = optarg; + opts |= OPT_DEBUG; break; case 'f' : + nonl++; ip->ip_off = strtol(optarg, NULL, 0); break; case 'g' : + nonl++; gateway = optarg; break; + case 'i' : + nonl++; + dev = optarg; + break; case 'm' : + nonl++; mtu = atoi(optarg); if (mtu < 28) { @@ -242,16 +282,23 @@ char **argv; } break; case 'o' : - olen = optname(optarg, options); + nonl++; + olen = buildopts(optarg, options, (ip->ip_hl - 5) << 2); break; case 's' : + nonl++; src = optarg; break; case 't' : + nonl++; if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_UDP) tcp->th_dport = htons(atoi(optarg)); break; + case 'v' : + opts |= OPT_VERBOSE; + break; case 'w' : + nonl++; if (ip->ip_p == IPPROTO_TCP) tcp->th_win = atoi(optarg); else @@ -262,7 +309,7 @@ char **argv; usage(name); } - if (argc - optind < 2) + if (argc - optind < 1) usage(name); dst = argv[optind++]; @@ -292,6 +339,23 @@ char **argv; exit(2); } + if (olen) + { + caddr_t ipo = (caddr_t)ip; + + printf("Options: %d\n", olen); + ti = (struct tcpiphdr *)malloc(olen + ip->ip_len); + bcopy((char *)ip, (char *)ti, sizeof(*ip)); + ip = (ip_t *)ti; + ip->ip_hl = (olen >> 2); + bcopy(options, (char *)(ip + 1), olen); + bcopy((char *)tcp, (char *)(ip + 1) + olen, sizeof(*tcp)); + ip->ip_len += olen; + bcopy((char *)ip, (char *)ipo, ip->ip_len); + ip = (ip_t *)ipo; + tcp = (tcphdr_t *)((char *)(ip + 1) + olen); + } + if (ip->ip_p == IPPROTO_TCP) for (s = argv[optind]; (c = *s); s++) switch(c) @@ -326,19 +390,6 @@ char **argv; printf("Flags: %#x\n", tcp->th_flags); printf("mtu: %d\n", mtu); - if (olen) - { - printf("Options: %d\n", olen); - ti = (struct tcpiphdr *)malloc(olen + ip->ip_len); - bcopy((char *)ip, (char *)ti, sizeof(*ip)); - ip = (ip_t *)ti; - ip->ip_hl += (olen >> 2); - bcopy(options, (char *)(ip + 1), olen); - bcopy((char *)tcp, (char *)(ip + 1) + olen, sizeof(*tcp)); - tcp = (tcphdr_t *)((char *)(ip + 1) + olen); - ip->ip_len += olen; - } - #ifdef DOSOCKET if (tcp->th_dport) return do_socket(dev, mtu, ti, gwip); diff --git a/contrib/ipfilter/ipsend/ipsend.h b/contrib/ipfilter/ipsend/ipsend.h index 362e273..a2ff49c 100644 --- a/contrib/ipfilter/ipsend/ipsend.h +++ b/contrib/ipfilter/ipsend/ipsend.h @@ -27,6 +27,7 @@ #endif #include "tcpip.h" #include "ipt.h" +#include "ipf.h" extern int resolve __P((char *, char *)); extern int arp __P((char *, char *)); @@ -39,7 +40,8 @@ extern int send_icmp __P((int, int, ip_t *, struct in_addr)); extern int send_packet __P((int, int, ip_t *, struct in_addr)); extern int send_packets __P((char *, int, ip_t *, struct in_addr)); extern u_short seclevel __P((char *)); -extern u_long optname __P((char *, char *)); +extern u_32_t buildopts __P((char *, char *, int)); +extern int addipopt __P((char *, struct ipopt_names *, int, char *)); extern int initdevice __P((char *, int, int)); extern int sendip __P((int, char *, int)); #ifdef linux @@ -57,8 +59,9 @@ extern void ip_test5 __P((char *, int, ip_t *, struct in_addr, int)); extern void ip_test6 __P((char *, int, ip_t *, struct in_addr, int)); extern void ip_test7 __P((char *, int, ip_t *, struct in_addr, int)); extern int do_socket __P((char *, int, struct tcpiphdr *, struct in_addr)); - extern int openkmem __P((void)); extern int kmemcpy __P((char *, void *, int)); #define KMCPY(a,b,c) kmemcpy((char *)(a), (void *)(b), (int)(c)) + +#define OPT_RAW 0x80000 diff --git a/contrib/ipfilter/ipsend/ipsopt.c b/contrib/ipfilter/ipsend/ipsopt.c index 8313559..3c9a21d 100644 --- a/contrib/ipfilter/ipsend/ipsopt.c +++ b/contrib/ipfilter/ipsend/ipsopt.c @@ -1,22 +1,29 @@ /* - * (C)opyright 1995 by Darren Reed. + * Copyright (C) 1995-1997 by Darren Reed. * - * This code may be freely distributed as long as it retains this notice - * and is not changed in any way. The author accepts no responsibility - * for the use of this software. I hate legaleese, don't you ? + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)ipsopt.c 1.2 1/11/96 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)ipsopt.c 1.2 1/11/96 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: ipsopt.c,v 2.0.2.10 1997/09/28 07:13:28 darrenr Exp $"; #endif #include <stdio.h> #include <string.h> +#include <stdlib.h> #include <sys/types.h> #include <sys/time.h> #include <sys/socket.h> #include <netinet/in.h> #include <netinet/in_systm.h> #include <netinet/ip.h> -#include "ip_compat.h" +#ifndef linux +#include <netinet/ip_var.h> +#endif +#include <netinet/tcp.h> +#include <arpa/inet.h> +#include "ipsend.h" #ifndef __P @@ -28,17 +35,10 @@ static char sccsid[] = "@(#)ipsopt.c 1.2 1/11/96 (C)1995 Darren Reed"; #endif -struct ipopt_names { - int on_value; - int on_bit; - int on_siz; - char *on_name; -}; - struct ipopt_names ionames[] = { { IPOPT_EOL, 0x01, 1, "eol" }, { IPOPT_NOP, 0x02, 1, "nop" }, - { IPOPT_RR, 0x04, 7, "rr" }, /* 1 route */ + { IPOPT_RR, 0x04, 3, "rr" }, /* 1 route */ { IPOPT_TS, 0x08, 8, "ts" }, /* 1 TS */ { IPOPT_SECURITY, 0x08, 11, "sec-level" }, { IPOPT_LSRR, 0x10, 7, "lsrr" }, /* 1 route */ @@ -59,10 +59,6 @@ struct ipopt_names secnames[] = { }; -u_short seclevel __P((char *)); -u_long optname __P((char *, char *)); - - u_short seclevel(slevel) char *slevel; { @@ -80,14 +76,82 @@ char *slevel; } -u_long optname(cp, op) +int addipopt(op, io, len, class) +char *op; +struct ipopt_names *io; +int len; +char *class; +{ + struct in_addr ipadr; + int olen = len, srr = 0; + u_short val; + u_char lvl; + char *s = op, *t; + + if ((len + io->on_siz) > 48) { + fprintf(stderr, "options too long\n"); + return 0; + } + len += io->on_siz; + *op++ = io->on_value; + if (io->on_siz > 1) { + /* + * Allow option to specify RR buffer length in bytes. + */ + if (io->on_value == IPOPT_RR) { + val = (class && *class) ? atoi(class) : 4; + *op++ = val + io->on_siz; + len += val; + } else + *op++ = io->on_siz; + *op++ = IPOPT_MINOFF; + + while (class && *class) { + t = NULL; + switch (io->on_value) + { + case IPOPT_SECURITY : + lvl = seclevel(class); + *(op - 1) = lvl; + break; + case IPOPT_LSRR : + case IPOPT_SSRR : + if ((t = strchr(class, ','))) + *t = '\0'; + ipadr.s_addr = inet_addr(class); + srr++; + bcopy((char *)&ipadr, op, sizeof(ipadr)); + op += sizeof(ipadr); + break; + case IPOPT_SATID : + val = atoi(class); + bcopy((char *)&val, op, 2); + break; + } + + if (t) + *t++ = ','; + class = t; + } + if (srr) + s[IPOPT_OLEN] = IPOPT_MINOFF - 1 + 4 * srr; + if (io->on_value == IPOPT_RR) + op += val; + else + op += io->on_siz - 3; + } + return len - olen; +} + + +u_32_t buildopts(cp, op, len) char *cp, *op; +int len; { struct ipopt_names *io; - u_short lvl; - u_long msk = 0; + u_32_t msk = 0; char *s, *t; - int len = 0; + int inc, lastop = -1; for (s = strtok(cp, ","); s; s = strtok(NULL, ",")) { if ((t = strchr(s, '='))) @@ -95,21 +159,10 @@ char *cp, *op; for (io = ionames; io->on_name; io++) { if (strcasecmp(s, io->on_name) || (msk & io->on_bit)) continue; - if ((len + io->on_siz) > 48) { - fprintf(stderr, "options too long\n"); - return 0; - } - len += io->on_siz; - *op++ = io->on_value; - if (io->on_siz > 1) { - *op++ = io->on_siz; - *op++ = IPOPT_MINOFF; - - if (t && !strcasecmp(s, "sec-level")) { - lvl = seclevel(t); - bcopy(&lvl, op, sizeof(lvl)); - } - op += io->on_siz - 3; + lastop = io->on_value; + if ((inc = addipopt(op, io, len, t))) { + op += inc; + len += inc; } msk |= io->on_bit; break; @@ -119,7 +172,24 @@ char *cp, *op; return 0; } } - *op++ = IPOPT_EOL; - len++; + + if (len & 3) { + while (len & 3) { + *op++ = ((len & 3) == 3) ? IPOPT_EOL : IPOPT_NOP; + len++; + } + } else { + if (lastop != IPOPT_EOL) { + if (lastop == IPOPT_NOP) + *(op - 1) = IPOPT_EOL; + else { + *op++ = IPOPT_NOP; + *op++ = IPOPT_NOP; + *op++ = IPOPT_NOP; + *op = IPOPT_EOL; + len += 4; + } + } + } return len; } diff --git a/contrib/ipfilter/ipsend/iptest.1 b/contrib/ipfilter/ipsend/iptest.1 new file mode 100644 index 0000000..3c98a4c --- /dev/null +++ b/contrib/ipfilter/ipsend/iptest.1 @@ -0,0 +1,101 @@ +.TH IPTEST 1 +.SH NAME +iptest \- automatically generate a packets to test IP functionality +.SH SYNOPSIS +.B iptest +[ +.B \-1234567 +] [ +.B \-d +<device> +] [ +.B \-g +<gateway> +] [ +.B \-m +<\fIMTU\fP> +] [ +.B \-p +<\fIpointtest\fP> +] [ +.B \-s +<\fIsource\fP> +] <destination> +.SH DESCRIPTION +.PP +\fBiptest\fP ... +.SH OPTIONS +.TP +.B \-1 +Run IP test group #1. This group of tests generates packets with the IP +header fields set to invalid values given other packet characteristics. +The point tests are: 1 (ip_hl < ip_len), 2 (ip_hl > ip_len), +3 (ip_v < 4), 4 (ip_v > 4), 5 (ip_len < packetsize, long packets), +6 (ip_len > packet size, short packets), 7 (Zero length fragments), +8 (packet > 64k after reassembly), 9 (IP offset with MSB set), 10 (ttl +variations). +.TP +.B \-2 +Run IP test group #2. This group of tests generates packets with the IP +options constructed with invalud values given other packet characteristics. +The point tests are: 1 (option length > packet length), 2 (option length = 0). +.TP +.B \-3 +Run IP test group #3. This group of tests generates packets with the ICMP +header fields set to non-standard values. The point tests are: 1 (ICMP types +0-31 & 255), 2 (type 3 & code 0 - 31), 3 (type 4 & code 0, 127, 128, 255), +4 (type 5 & code 0, 127, 128, 255), 5 (types 8-10,13-18 with codes 0, 127, +128 and 255), 6 (type 12 & code 0, 127, 128, 129, 255) and 7 (type 3 & codes +9-10, 13-14 and 17-18 - shortened packets). +.TP +.B \-4 +Run IP test group #4. This group of tests generates packets with the UDP +header fields set to non-standard values. The point tests are: 1 (UDP length +> packet size), 2 (UDP length < packetsize), 3 (sport = 0, 1, 32767, 32768, +65535), 4 (dport = 0, 1, 32767, 32768, 65535) and 5 (sizeof(struct ip) <= MTU +<= sizeof(struct udphdr) + sizeof(struct ip)). +.TP +.B \-5 +Run IP test group #5. This group of tests generates packets with the TCP +header fields set to non-standard values. The point tests are: 1 (TCP flags +variations, all combinations), 2 (seq = 0, 0x7fffffff, 0x8000000, 0xa0000000, +0xffffffff), 3 (ack = 0, 0x7fffffff, 0x8000000, 0xa0000000, 0xffffffff), +4 (SYN packet with window of 0, 32768, 65535), 5 (set urgent pointer to 1, +0x7fff, 0x8000, 0xffff), 6 (data offset), 7 (sport = 0, 1, 32767, 32768, +65535) and 8 (dport = 0, 1, 32767, 32768, 65535). +.TP +.B \-6 +Run IP test group #6. This test generates a large number of fragments in +an attempt to exhaust the network buffers used for holding packets for later +reassembly. WARNING: this may crash or cause serious performance degradation +to the target host. +.TP +.B \-7 +Run IP test group #7. This test generates 1024 random IP packets with only +the IP version, checksum, length and IP offset field correct. +.TP +.BR \-d \0<interface> +Set the interface name to be the name supplied. +.TP +.BR \-g \0<gateway> +Specify the hostname of the gateway through which to route packets. This +is required whenever the destination host isn't directly attached to the +same network as the host from which you're sending. +.TP +.BR \-m \0<MTU> +Specify the MTU to be used when sending out packets. This option allows you +to set a fake MTU, allowing the simulation of network interfaces with small +MTU's without setting them so. +.TP +.B \-p <test> +Run a... +.DT +.SH SEE ALSO +ipsend(1), ipresend(1), bpf(4), dlpi(7p) +.SH DIAGNOSTICS +Only one of the numeric test options may be given when \fIiptest\fP is run. +.PP +Needs to be run as root. +.SH BUGS +.PP +If you find any, please send email to me at darrenr@cyber.com.au diff --git a/contrib/ipfilter/ipsend/iptest.c b/contrib/ipfilter/ipsend/iptest.c index 93d7f4a..6b3cf23 100644 --- a/contrib/ipfilter/ipsend/iptest.c +++ b/contrib/ipfilter/ipsend/iptest.c @@ -1,21 +1,18 @@ /* - * ipsend.c (C) 1995 Darren Reed + * ipsend.c (C) 1995-1997 Darren Reed * * This was written to test what size TCP fragments would get through * various TCP/IP packet filters, as used in IP firewalls. In certain * conditions, enough of the TCP header is missing for unpredictable * results unless the filter is aware that this can happen. * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. - * - * This was written and tested (successfully) on SunOS 4.1.x. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "%W% %G% (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "%W% %G% (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: iptest.c,v 2.0.2.8 1997/10/12 09:48:39 darrenr Exp $"; #endif #include <stdio.h> #include <netdb.h> @@ -57,7 +54,11 @@ char default_device[] = "ln0"; # ifdef __bsdi__ char default_device[] = "ef0"; # else +# ifdef __sgi +char default_device[] = "ec0"; +# else char default_device[] = "lan0"; +# endif # endif # endif # endif @@ -97,8 +98,8 @@ char **argv; struct in_addr gwip; ip_t *ip; char *name = argv[0], host[64], *gateway = NULL, *dev = NULL; - char *src = NULL, *dst, c; - int mtu = 1500, tests = 0, pointtest = 0; + char *src = NULL, *dst; + int mtu = 1500, tests = 0, pointtest = 0, c; /* * 65535 is maximum packet size...you never know... @@ -108,8 +109,7 @@ char **argv; ip->ip_len = sizeof(*ip); ip->ip_hl = sizeof(*ip) >> 2; - while ((c = (char)getopt(argc, argv, - "1234567IP:TUd:f:g:m:o:p:s:t:")) != -1) + while ((c = getopt(argc, argv, "1234567d:g:m:p:s:")) != -1) switch (c) { case '1' : diff --git a/contrib/ipfilter/ipsend/iptests.c b/contrib/ipfilter/ipsend/iptests.c index 6b5ecb9..f938272 100644 --- a/contrib/ipfilter/ipsend/iptests.c +++ b/contrib/ipfilter/ipsend/iptests.c @@ -1,12 +1,13 @@ /* - * (C)opyright 1993, 1994, 1995 by Darren Reed. + * Copyright (C) 1993-1997 by Darren Reed. * - * This code may be freely distributed as long as it retains this notice - * and is not changed in any way. The author accepts no responsibility - * for the use of this software. I hate legaleese, don't you ? + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "%W% %G% (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "%W% %G% (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: iptests.c,v 2.0.2.13 1997/10/23 11:42:45 darrenr Exp $"; #endif #include <stdio.h> #include <unistd.h> @@ -15,7 +16,7 @@ static char sccsid[] = "%W% %G% (C)1995 Darren Reed"; #include <sys/types.h> #include <sys/time.h> #include <sys/param.h> -#if !defined(solaris) +#if !defined(solaris) && !defined(linux) && !defined(__sgi) # define _KERNEL # define KERNEL # include <sys/file.h> @@ -25,8 +26,12 @@ static char sccsid[] = "%W% %G% (C)1995 Darren Reed"; # include <sys/user.h> # include <sys/proc.h> #endif -#include <kvm.h> -#include <sys/socket.h> +#if !defined(ultrix) && !defined(hpux) && !defined(linux) && !defined(__sgi) +# include <kvm.h> +#endif +#ifndef ultrix +# include <sys/socket.h> +#endif #if defined(solaris) # include <sys/stream.h> #endif @@ -36,28 +41,37 @@ static char sccsid[] = "%W% %G% (C)1995 Darren Reed"; #include <sys/session.h> #endif #if BSD >= 199103 -#include <sys/sysctl.h> -#include <sys/filedesc.h> -#include <paths.h> +# include <sys/sysctl.h> +# include <sys/filedesc.h> +# include <paths.h> #endif #include <netinet/in_systm.h> #include <sys/socket.h> #include <net/if.h> -#include <net/route.h> +#if defined(linux) && (LINUX >= 0200) +# include <asm/atomic.h> +#endif +#if !defined(linux) +# include <net/route.h> +#else +# define __KERNEL__ /* because there's a macro not wrapped by this */ +# include <net/route.h> /* in this file :-/ */ +#endif #include <netinet/in.h> #include <arpa/inet.h> #include <netinet/ip.h> #include <netinet/tcp.h> #include <netinet/udp.h> #include <netinet/ip_icmp.h> -#include <netinet/if_ether.h> -#include <netinet/ip_var.h> -#include <netinet/in_pcb.h> -#include <netinet/tcp_timer.h> -#include <netinet/tcp_var.h> -# if defined(__SVR4) || defined(__svr4__) -#include <sys/sysmacros.h> -# endif +#ifndef linux +# include <netinet/ip_var.h> +# include <netinet/in_pcb.h> +# include <netinet/tcp_timer.h> +# include <netinet/tcp_var.h> +#endif +#if defined(__SVR4) || defined(__svr4__) || defined(__sgi) +# include <sys/sysmacros.h> +#endif #include "ipsend.h" @@ -74,7 +88,7 @@ int ptest; { struct timeval tv; udphdr_t *u; - int nfd, i, len, id = getpid(); + int nfd, i = 0, len, id = getpid(); ip->ip_hl = sizeof(*ip) >> 2; ip->ip_v = IPVERSION; @@ -705,7 +719,7 @@ struct in_addr gwip; int ptest; { struct timeval tv; - struct udphdr *u; + udphdr_t *u; int nfd, i; @@ -836,10 +850,10 @@ int ptest; PAUSE(); } - if (!ptest || (ptest == 4)) { + if (!ptest || (ptest == 5)) { /* - * Test 5: sizeof(struct ip) <= MTU <= sizeof(struct udphdr) + - * sizeof(struct ip) + * Test 5: sizeof(ip_t) <= MTU <= sizeof(udphdr_t) + + * sizeof(ip_t) */ printf("4.5 UDP 20 <= MTU <= 32\n"); for (i = sizeof(*ip); i <= u->uh_ulen; i++) { @@ -867,7 +881,9 @@ int ptest; int nfd, i; t = (tcphdr_t *)((char *)ip + (ip->ip_hl << 2)); +#ifndef linux t->th_x2 = 0; +#endif t->th_off = 0; t->th_sport = 1; t->th_dport = 1; @@ -1005,7 +1021,7 @@ int ptest; PAUSE(); } -#if !defined(linux) && !defined(__SVR4) && !defined(__svr4__) +#if !defined(linux) && !defined(__SVR4) && !defined(__svr4__) && !defined(__sgi) { struct tcpcb *t, tcb; struct tcpiphdr ti; diff --git a/contrib/ipfilter/ipsend/larp.c b/contrib/ipfilter/ipsend/larp.c index 1eb4b2f..7d38ddf 100644 --- a/contrib/ipfilter/ipsend/larp.c +++ b/contrib/ipfilter/ipsend/larp.c @@ -1,14 +1,13 @@ /* - * larp.c (C) 1995 Darren Reed + * larp.c (C) 1995-1997 Darren Reed * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)larp.c 1.1 8/19/95 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)larp.c 1.1 8/19/95 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: larp.c,v 2.0.2.3 1997/09/28 07:13:31 darrenr Exp $"; #endif #include <stdio.h> #include <errno.h> diff --git a/contrib/ipfilter/ipsend/linux.h b/contrib/ipfilter/ipsend/linux.h index 7eb382b..c7bb5a5 100644 --- a/contrib/ipfilter/ipsend/linux.h +++ b/contrib/ipfilter/ipsend/linux.h @@ -1,5 +1,5 @@ /* - * (C)opyright 1995 by Darren Reed. + * Copyright (C) 1995-1997 by Darren Reed. * * This code may be freely distributed as long as it retains this notice * and is not changed in any way. The author accepts no responsibility diff --git a/contrib/ipfilter/ipsend/lsock.c b/contrib/ipfilter/ipsend/lsock.c index 5cc3122..db81dfd 100644 --- a/contrib/ipfilter/ipsend/lsock.c +++ b/contrib/ipfilter/ipsend/lsock.c @@ -1,14 +1,13 @@ /* - * lsock.c (C) 1995 Darren Reed + * lsock.c (C) 1995-1997 Darren Reed * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)lsock.c 1.2 1/11/96 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)lsock.c 1.2 1/11/96 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: lsock.c,v 2.0.2.7 1997/09/28 07:13:32 darrenr Exp $"; #endif #include <stdio.h> #include <unistd.h> @@ -45,7 +44,7 @@ static char sccsid[] = "@(#)lsock.c 1.2 1/11/96 (C)1995 Darren Reed"; #include <netinet/in.h> #include <netinet/in_systm.h> #include <net/if.h> -#if LINUX < 0103 +#if LINUX < 0200 #include <net/inet/sock.h> #endif #include "ipsend.h" @@ -188,12 +187,11 @@ struct tcpiphdr *ti; return i->u.socket_i.data; } -int do_socket(dev, mtu, ti, gwip, flags) +int do_socket(dev, mtu, ti, gwip) char *dev; int mtu; struct tcpiphdr *ti; struct in_addr gwip; -int flags; { struct sockaddr_in rsin, lsin; struct sock *s, sk; @@ -227,7 +225,7 @@ int flags; (void) getsockname(fd, (struct sockaddr *)&lsin, &len); ti->ti_sport = lsin.sin_port; printf("sport %d\n", ntohs(lsin.sin_port)); - nfd = initdevice(dev, ntohs(lsin.sin_port)); + nfd = initdevice(dev, ntohs(lsin.sin_port), 0); if (!(s = find_tcp(fd, ti))) return -1; @@ -247,8 +245,9 @@ int flags; ti->ti_win = sk.window; ti->ti_seq = sk.sent_seq - 1; ti->ti_ack = sk.rcv_ack_seq; + ti->ti_flags = TH_SYN; - if (send_tcp(nfd, mtu, ti, gwip, TH_SYN) == -1) + if (send_tcp(nfd, mtu, (ip_t *)ti, gwip) == -1) return -1; (void)write(fd, "Hello World\n", 12); sleep(2); diff --git a/contrib/ipfilter/ipsend/resend.c b/contrib/ipfilter/ipsend/resend.c index 84d3215..dcf7cc7 100644 --- a/contrib/ipfilter/ipsend/resend.c +++ b/contrib/ipfilter/ipsend/resend.c @@ -1,14 +1,18 @@ /* - * resend.c (C) 1995 Darren Reed + * resend.c (C) 1995-1997 Darren Reed * * This was written to test what size TCP fragments would get through * various TCP/IP packet filters, as used in IP firewalls. In certain * conditions, enough of the TCP header is missing for unpredictable * results unless the filter is aware that this can happen. * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)resend.c 1.3 1/11/96 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)resend.c 1.3 1/11/96 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: resend.c,v 2.0.2.12 1997/10/23 11:42:46 darrenr Exp $"; #endif #include <stdio.h> #include <netdb.h> @@ -27,17 +31,21 @@ static char sccsid[] = "@(#)resend.c 1.3 1/11/96 (C)1995 Darren Reed"; #include <netinet/udp.h> #include <netinet/ip_icmp.h> #ifndef linux -#include <netinet/ip_var.h> -#include <netinet/if_ether.h> +# include <netinet/ip_var.h> +# include <netinet/if_ether.h> +# if __FreeBSD_version >= 300000 +# include <net/if_var.h> +# endif #endif #include "ipsend.h" +extern int opts; static u_char buf[65536]; /* 1 big packet */ -static void printpacket __P((ip_t *)); +void printpacket __P((ip_t *)); -static void printpacket(ip) +void printpacket(ip) ip_t *ip; { tcphdr_t *t; @@ -90,7 +98,7 @@ char *datain; ip = (struct ip *)buf; eh = (ether_header_t *)malloc(sizeof(*eh)); - bzero(&eh->ether_shost, sizeof(eh->ether_shost)); + bzero((char *)A_A eh->ether_shost, sizeof(eh->ether_shost)); if (gwip.s_addr && (arp((char *)&gwip, dhost) == -1)) { perror("arp"); @@ -99,21 +107,31 @@ char *datain; while ((i = (*r->r_readip)(buf, sizeof(buf), NULL, NULL)) > 0) { - len = ntohs(ip->ip_len); - eh = (ether_header_t *)realloc((char *)eh, sizeof(*eh) + len); - eh->ether_type = htons((u_short)ETHERTYPE_IP); - if (!gwip.s_addr) { - if (arp((char *)&gwip, - (char *)&eh->ether_dhost) == -1) { - perror("arp"); - continue; - } - } else - bcopy(dhost, (char *)&eh->ether_dhost, sizeof(dhost)); - bcopy(ip, (char *)(eh + 1), len); - printpacket(ip); + if (!(opts & OPT_RAW)) { + len = ntohs(ip->ip_len); + eh = (ether_header_t *)realloc((char *)eh, sizeof(*eh) + len); + eh->ether_type = htons((u_short)ETHERTYPE_IP); + if (!gwip.s_addr) { + if (arp((char *)&gwip, + (char *)A_A eh->ether_dhost) == -1) { + perror("arp"); + continue; + } + } else + bcopy(dhost, (char *)A_A eh->ether_dhost, + sizeof(dhost)); + if (!ip->ip_sum) + ip->ip_sum = chksum((u_short *)ip, + ip->ip_hl << 2); + bcopy(ip, (char *)(eh + 1), len); + len += sizeof(*eh); + printpacket(ip); + } else { + eh = (ether_header_t *)buf; + len = i; + } - if (sendip(wfd, (char *)eh, sizeof(*eh) + len) == -1) + if (sendip(wfd, (char *)eh, len) == -1) { perror("send_packet"); break; diff --git a/contrib/ipfilter/ipsend/sbpf.c b/contrib/ipfilter/ipsend/sbpf.c index dd781ab..d3df96f 100644 --- a/contrib/ipfilter/ipsend/sbpf.c +++ b/contrib/ipfilter/ipsend/sbpf.c @@ -1,9 +1,9 @@ /* - * (C)opyright October 1995 Darren Reed. (from tcplog) - * - * This software may be freely distributed as long as it is not altered - * in any way and that this messagge always accompanies it. + * (C)opyright 1995-1997 Darren Reed. (from tcplog) * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ #include <stdio.h> #include <netdb.h> @@ -31,15 +31,15 @@ #include <netinet/in.h> #include <netinet/in_systm.h> #include <netinet/ip.h> -#include <netinet/if_ether.h> #include <netinet/ip_var.h> #include <netinet/udp.h> #include <netinet/udp_var.h> #include <netinet/tcp.h> #include "ipsend.h" -#if !defined(lint) && defined(LIBC_SCCS) -static char sbpf[] = "@(#)sbpf.c 1.3 8/25/95 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)sbpf.c 1.3 8/25/95 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: sbpf.c,v 2.0.2.7 1997/10/23 11:42:47 darrenr Exp $"; #endif /* diff --git a/contrib/ipfilter/ipsend/sdlpi.c b/contrib/ipfilter/ipsend/sdlpi.c index 94d71ae..1f181c2 100644 --- a/contrib/ipfilter/ipsend/sdlpi.c +++ b/contrib/ipfilter/ipsend/sdlpi.c @@ -1,12 +1,9 @@ /* - * (C)opyright October 1992 Darren Reed. (from tcplog) - * - * This software may be freely distributed as long as it is not altered - * in any way and that this messagge always accompanies it. - * - * The author of this software makes no garuntee about the - * performance of this package or its suitability to fulfill any purpose. + * (C)opyright 1992-1997 Darren Reed. (from tcplog) * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ #include <stdio.h> @@ -23,8 +20,10 @@ #include <sys/ioctl.h> #include <sys/stropts.h> +#ifdef sun #include <sys/pfmod.h> #include <sys/bufmod.h> +#endif #include <sys/dlpi.h> #include <net/if.h> @@ -39,8 +38,9 @@ #include "ipsend.h" -#if !defined(lint) && defined(LIBC_SCCS) -static char snitid[] = "@(#)sdlpi.c 1.3 10/30/95 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)sdlpi.c 1.3 10/30/95 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: sdlpi.c,v 2.0.2.6 1997/10/15 14:49:14 darrenr Exp $"; #endif #define CHUNKSIZE 8192 @@ -90,11 +90,15 @@ int sport, tout; /* * write full headers */ +#ifdef sun /* we require RAW DLPI mode, which is a Sun extension */ if (strioctl(fd, DLIOCRAW, -1, 0, NULL) == -1) { fprintf(stderr, "DLIOCRAW error\n"); exit(-1); } +#else +you lose +#endif return fd; } diff --git a/contrib/ipfilter/ipsend/sirix.c b/contrib/ipfilter/ipsend/sirix.c new file mode 100644 index 0000000..a1933e0 --- /dev/null +++ b/contrib/ipfilter/ipsend/sirix.c @@ -0,0 +1,94 @@ +/* + * (C)opyright 1992-1997 Darren Reed. + * (C)opyright 1997 Marc Boucher. + * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. + */ +#include <stdio.h> +#include <sys/types.h> +#include <string.h> +#include <unistd.h> +#include <stdlib.h> +#include <errno.h> +#include <sys/socket.h> +#include <sys/ioctl.h> + +#include <net/if.h> +#include <net/raw.h> +#include <netinet/in.h> +#include <netinet/in_systm.h> +#include <netinet/ip.h> +#include <netinet/if_ether.h> +#include <netinet/ip_var.h> +#include <netinet/udp.h> +#include <netinet/udp_var.h> +#include <netinet/tcp.h> +#include "ipsend.h" + +#if !defined(lint) && defined(LIBC_SCCS) +static char sirix[] = "@(#)sirix.c 1.0 10/9/97 (C)1997 Marc Boucher"; +#endif + + +int initdevice(char *device, int sport, int tout) +{ + int fd; + struct sockaddr_raw sr; + + if ((fd = socket(PF_RAW, SOCK_RAW, RAWPROTO_DRAIN)) < 0) + { + perror("socket(PF_RAW, SOCK_RAW, RAWPROTO_DRAIN)"); + return -1; + } + + memset(&sr, 0, sizeof(sr)); + sr.sr_family = AF_RAW; + sr.sr_port = ETHERTYPE_IP; + strncpy(sr.sr_ifname, device, sizeof(sr.sr_ifname)); + if (bind(fd, &sr, sizeof(sr)) < 0) + { + perror("bind AF_RAW"); + close(fd); + return -1; + } + return fd; +} + + +/* + * output an IP packet + */ +int sendip(int fd, char *pkt, int len) +{ + struct sockaddr_raw sr; + int srlen = sizeof(sr); + struct ifreq ifr; + struct ether_header *eh = (struct ether_header *)pkt; + + if (getsockname(fd, &sr, &srlen) == -1) + { + perror("getsockname"); + return -1; + } + + memset(&ifr, 0, sizeof(ifr)); + strncpy(ifr.ifr_name, sr.sr_ifname, sizeof ifr.ifr_name); + + if (ioctl(fd, SIOCGIFADDR, &ifr) == -1) + { + perror("ioctl SIOCGIFADDR"); + return -1; + } + + memcpy(eh->ether_shost, ifr.ifr_addr.sa_data, sizeof(eh->ether_shost)); + + if (write(fd, pkt, len) == -1) + { + perror("send"); + return -1; + } + + return len; +} diff --git a/contrib/ipfilter/ipsend/slinux.c b/contrib/ipfilter/ipsend/slinux.c index 7e4c7bf..29dbcd9 100644 --- a/contrib/ipfilter/ipsend/slinux.c +++ b/contrib/ipfilter/ipsend/slinux.c @@ -1,12 +1,9 @@ /* - * (C)opyright October 1992 Darren Reed. (from tcplog) - * - * This software may be freely distributed as long as it is not altered - * in any way and that this messagge always accompanies it. - * - * The author of this software makes no garuntee about the - * performance of this package or its suitability to fulfill any purpose. + * (C)opyright 1992-1997 Darren Reed. (from tcplog) * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ #include <stdio.h> @@ -30,8 +27,9 @@ #include <netinet/tcp.h> #include "ipsend.h" -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)slinux.c 1.2 8/25/95"; +#if !defined(lint) +static const char sccsid[] = "@(#)slinux.c 1.2 8/25/95"; +static const char rcsid[] = "@(#)$Id: slinux.c,v 2.0.2.6 1997/09/28 07:13:35 darrenr Exp $"; #endif #define CHUNKSIZE 8192 @@ -46,9 +44,9 @@ static int timeout; static char *eth_dev = NULL; -int initdevice(dev, sport, tout) +int initdevice(dev, sport, spare) char *dev; -int sport, tout; +int sport, spare; { int fd; diff --git a/contrib/ipfilter/ipsend/snit.c b/contrib/ipfilter/ipsend/snit.c index e738fdb..65b8e67 100644 --- a/contrib/ipfilter/ipsend/snit.c +++ b/contrib/ipfilter/ipsend/snit.c @@ -1,12 +1,9 @@ /* - * (C)opyright October 1992 Darren Reed. (from tcplog) - * - * This software may be freely distributed as long as it is not altered - * in any way and that this messagge always accompanies it. - * - * The author of this software makes no garuntee about the - * performance of this package or its suitability to fulfill any purpose. + * (C)opyright 1992-1997 Darren Reed. (from tcplog) * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ #include <stdio.h> @@ -41,8 +38,9 @@ #include "ipsend.h" -#if !defined(lint) && defined(LIBC_SCCS) -static char snitid[] = "@(#)snit.c 1.5 1/11/96 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)snit.c 1.5 1/11/96 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: snit.c,v 2.0.2.4 1997/09/28 07:13:36 darrenr Exp $"; #endif #define CHUNKSIZE 8192 diff --git a/contrib/ipfilter/ipsend/sock.c b/contrib/ipfilter/ipsend/sock.c index b753426..92e4a24 100644 --- a/contrib/ipfilter/ipsend/sock.c +++ b/contrib/ipfilter/ipsend/sock.c @@ -1,14 +1,13 @@ /* - * sock.c (C) 1995 Darren Reed + * sock.c (C) 1995-1997 Darren Reed * - * The author provides this program as-is, with no gaurantee for its - * suitability for any specific purpose. The author takes no responsibility - * for the misuse/abuse of this program and provides it for the sole purpose - * of testing packet filter policies. This file maybe distributed freely - * providing it is not modified and that this notice remains in tact. + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. */ -#if !defined(lint) && defined(LIBC_SCCS) -static char sccsid[] = "@(#)sock.c 1.2 1/11/96 (C)1995 Darren Reed"; +#if !defined(lint) +static const char sccsid[] = "@(#)sock.c 1.2 1/11/96 (C)1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: sock.c,v 2.0.2.9 1997/09/28 07:13:37 darrenr Exp $"; #endif #include <stdio.h> #include <unistd.h> @@ -20,10 +19,16 @@ static char sccsid[] = "@(#)sock.c 1.2 1/11/96 (C)1995 Darren Reed"; #include <sys/time.h> #include <sys/param.h> #include <sys/stat.h> +#ifndef ultrix #include <fcntl.h> +#endif #include <sys/dir.h> #define _KERNEL #define KERNEL +#ifdef ultrix +# undef LOCORE +# include <sys/smp_lock.h> +#endif #include <sys/file.h> #undef _KERNEL #undef KERNEL @@ -32,7 +37,9 @@ static char sccsid[] = "@(#)sock.c 1.2 1/11/96 (C)1995 Darren Reed"; #include <sys/socket.h> #include <sys/socketvar.h> #include <sys/proc.h> -#include <kvm.h> +#if !defined(ultrix) && !defined(hpux) +# include <kvm.h> +#endif #ifdef sun #include <sys/systm.h> #include <sys/session.h> @@ -89,11 +96,12 @@ void *pos; int n; { static int kfd = -1; + off_t offset = (u_long)pos; if (kfd == -1) kfd = open(KMEM, O_RDONLY); - if (lseek(kfd, (off_t)pos, SEEK_SET) == -1) + if (lseek(kfd, offset, SEEK_SET) == -1) { perror("lseek"); return -1; @@ -106,9 +114,14 @@ int n; return n; } -struct nlist names[3] = { +struct nlist names[4] = { { "_proc" }, { "_nproc" }, +#ifdef ultrix + { "_u" }, +#else + { NULL }, +#endif { NULL } }; @@ -170,26 +183,35 @@ struct tcpiphdr *ti; if (!(p = getproc())) return NULL; - +printf("fl %x ty %x cn %d mc %d\n", +f->f_flag, f->f_type, f->f_count, f->f_msgcount); up = (struct user *)malloc(sizeof(*up)); +#ifndef ultrix if (KMCPY(up, p->p_uarea, sizeof(*up)) == -1) { fprintf(stderr, "read(%#x,%#x) failed\n", p, p->p_uarea); return NULL; } +#else + if (KMCPY(up, names[2].n_value, sizeof(*up)) == -1) + { + fprintf(stderr, "read(%#x,%#x) failed\n", p, names[2].n_value); + return NULL; + } +#endif o = (struct file **)calloc(1, sizeof(*o) * (up->u_lastfile + 1)); if (KMCPY(o, up->u_ofile, (up->u_lastfile + 1) * sizeof(*o)) == -1) { fprintf(stderr, "read(%#x,%#x,%d) - u_ofile - failed\n", - up->u_ofile_arr, o, sizeof(*o)); + up->u_ofile, o, sizeof(*o)); return NULL; } f = (struct file *)calloc(1, sizeof(*f)); if (KMCPY(f, o[fd], sizeof(*f)) == -1) { fprintf(stderr, "read(%#x,%#x,%d) - o[fd] - failed\n", - up->u_ofile_arr[fd], f, sizeof(*f)); + up->u_ofile[fd], f, sizeof(*f)); return NULL; } @@ -223,7 +245,8 @@ static struct kinfo_proc *getproc() { static struct kinfo_proc kp; pid_t pid = getpid(); - int n, mib[4]; + int mib[4]; + size_t n; mib[0] = CTL_KERN; mib[1] = KERN_PROC; @@ -265,39 +288,39 @@ struct tcpiphdr *ti; o = (struct file **)calloc(1, sizeof(*o) * (fd->fd_lastfile + 1)); if (KMCPY(o, fd->fd_ofiles, (fd->fd_lastfile + 1) * sizeof(*o)) == -1) { - fprintf(stderr, "read(%#lx,%#lx,%d) - u_ofile - failed\n", - (u_long)fd->fd_ofiles, (u_long)o, sizeof(*o)); + fprintf(stderr, "read(%#lx,%#lx,%lu) - u_ofile - failed\n", + (u_long)fd->fd_ofiles, (u_long)o, (u_long)sizeof(*o)); return NULL; } f = (struct file *)calloc(1, sizeof(*f)); if (KMCPY(f, o[tfd], sizeof(*f)) == -1) { - fprintf(stderr, "read(%#lx,%#lx,%d) - o[tfd] - failed\n", - (u_long)o[tfd], (u_long)f, sizeof(*f)); + fprintf(stderr, "read(%#lx,%#lx,%lu) - o[tfd] - failed\n", + (u_long)o[tfd], (u_long)f, (u_long)sizeof(*f)); return NULL; } s = (struct socket *)calloc(1, sizeof(*s)); if (KMCPY(s, f->f_data, sizeof(*s)) == -1) { - fprintf(stderr, "read(%#lx,%#lx,%d) - f_data - failed\n", - (u_long)f->f_data, (u_long)s, sizeof(*s)); + fprintf(stderr, "read(%#lx,%#lx,%lu) - f_data - failed\n", + (u_long)f->f_data, (u_long)s, (u_long)sizeof(*s)); return NULL; } i = (struct inpcb *)calloc(1, sizeof(*i)); if (KMCPY(i, s->so_pcb, sizeof(*i)) == -1) { - fprintf(stderr, "kvm_read(%#lx,%#lx,%d) - so_pcb - failed\n", - (u_long)s->so_pcb, (u_long)i, sizeof(*i)); + fprintf(stderr, "kvm_read(%#lx,%#lx,%lu) - so_pcb - failed\n", + (u_long)s->so_pcb, (u_long)i, (u_long)sizeof(*i)); return NULL; } t = (struct tcpcb *)calloc(1, sizeof(*t)); if (KMCPY(t, i->inp_ppcb, sizeof(*t)) == -1) { - fprintf(stderr, "read(%#lx,%#lx,%d) - inp_ppcb - failed\n", - (u_long)i->inp_ppcb, (u_long)t, sizeof(*t)); + fprintf(stderr, "read(%#lx,%#lx,%lu) - inp_ppcb - failed\n", + (u_long)i->inp_ppcb, (u_long)t, (u_long)sizeof(*t)); return NULL; } return (struct tcpcb *)i->inp_ppcb; diff --git a/contrib/ipfilter/ipsend/tcpip.h b/contrib/ipfilter/ipsend/tcpip.h index 78f274f..d92d9f8 100644 --- a/contrib/ipfilter/ipsend/tcpip.h +++ b/contrib/ipfilter/ipsend/tcpip.h @@ -1,22 +1,75 @@ -/* @(#)tcpip.h 1.7 88/08/19 SMI; from UCB 7.1 6/5/85 */ - /* - * Copyright (c) 1982, 1986 Regents of the University of California. - * All rights reserved. The Berkeley software License Agreement - * specifies the terms and conditions for redistribution. + * Copyright (c) 1982, 1986, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)tcpip.h 8.1 (Berkeley) 6/10/93 + * $Id: tcpip.h,v 2.0.2.3.2.1 1997/11/12 11:01:12 darrenr Exp $ */ +#ifndef _NETINET_TCPIP_H_ +#define _NETINET_TCPIP_H_ + +# if defined(linux) && !defined(LINUX_IPOVLY) +# define LINUX_IPOVLY +struct ipovly { + caddr_t ih_next, ih_prev; /* for protocol sequence q's */ + u_char ih_x1; /* (unused) */ + u_char ih_pr; /* protocol */ + short ih_len; /* protocol length */ + struct in_addr ih_src; /* source internet address */ + struct in_addr ih_dst; /* destination internet address */ +}; +# endif + /* * Tcp+ip header, after ip options removed. */ - -#ifndef _netinet_tcpip_h -#define _netinet_tcpip_h - struct tcpiphdr { struct ipovly ti_i; /* overlaid ip structure */ - tcphdr_t ti_t; /* tcp header */ +#ifdef linux + tcphdr_t ti_t; +#else + struct tcphdr ti_t; /* tcp header */ +#endif +}; +#ifdef notyet +/* + * Tcp+ip header, after ip options removed but including TCP options. + */ +struct full_tcpiphdr { + struct ipovly ti_i; /* overlaid ip structure */ + struct tcphdr ti_t; /* tcp header */ + char ti_o[TCP_MAXOLEN]; /* space for tcp options */ }; +#endif /* notyet */ #define ti_next ti_i.ih_next #define ti_prev ti_i.ih_prev #define ti_x1 ti_i.ih_x1 @@ -35,4 +88,4 @@ struct tcpiphdr { #define ti_sum ti_t.th_sum #define ti_urp ti_t.th_urp -#endif /*!_netinet_tcpip_h*/ +#endif diff --git a/contrib/ipfilter/ipsend/ultrix.c b/contrib/ipfilter/ipsend/ultrix.c new file mode 100644 index 0000000..186d269 --- /dev/null +++ b/contrib/ipfilter/ipsend/ultrix.c @@ -0,0 +1,86 @@ +/* + * (C)opyright 1997 Darren Reed. (from tcplog) + * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and due credit is given + * to the original author and the contributors. + */ +#include <stdio.h> +#include <strings.h> +#include <unistd.h> +#include <stdlib.h> +#include <ctype.h> +#include <sys/types.h> +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/file.h> +#include <sys/ioctl.h> +#include <net/if.h> +#include <netinet/in.h> +#include <netinet/if_ether.h> +#include <netdnet/dli_var.h> + + +static struct dli_devid dli_devid; + + +int initdevice(device, sport, tout) +char *device; +int sport, tout; +{ + u_char *s; + int fd; + + fd = socket(AF_DLI, SOCK_DGRAM, 0); + if (fd == -1) + perror("socket(AF_DLI,SOCK_DGRAM)"); + else { + strncpy(dli_devid.dli_devname, device, DLI_DEVSIZE); + dli_devid.dli_devname[DLI_DEVSIZE] ='\0'; + for (s = dli_devid.dli_devname; *s && isalpha((char)*s); s++) + ; + if (*s && isdigit((char)*s)) { + dli_devid.dli_devnumber = atoi(s); + } + } + return fd; +} + + +/* + * output an IP packet onto a fd opened for /dev/bpf + */ +int sendip(fd, pkt, len) +int fd, len; +char *pkt; +{ + struct sockaddr_dl dl; + struct sockaddr_edl *edl = &dl.choose_addr.dli_eaddr; + + dl.dli_family = AF_DLI; + dl.dli_substructype = DLI_ETHERNET; + bcopy((char *)&dli_devid, (char *)&dl.dli_device, sizeof(dli_devid)); + bcopy(pkt, edl->dli_target, DLI_EADDRSIZE); + bcopy(pkt, edl->dli_dest, DLI_EADDRSIZE); + bcopy(pkt + DLI_EADDRSIZE * 2, (char *)&edl->dli_protype, 2); + edl->dli_ioctlflg = 0; + + if (sendto(fd, pkt, len, 0, (struct sockaddr *)&dl, sizeof(dl)) == -1) + { + perror("send"); + return -1; + } + + return len; +} + + +char *strdup(str) +char *str; +{ + char *s; + + if ((s = (char *)malloc(strlen(str) + 1))) + return strcpy(s, str); + return NULL; +} |