[netsniff-ng] [PATCH 7/8] flowtop: Add command-line option to dump flows to stdout
Add '-d, --dump' option which dumps flows to stdout only.
The table layout is same like in interactive mode, the difference
is only if '-s' option is enabled that in stdout mode the rows
are separated with empty line for better separation.
Interval option is also supported but only for delay to collect
such dynamic info like rate. By default interval set to 0 if --dump
option is selected.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 134 --
1 file changed, 113 insertions(+), 21 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 65a8ad4..5e529ad 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -133,12 +133,13 @@ static struct sysctl_params_ctx sysctl = { -1, -1 };
static unsigned int cols, rows;
-static unsigned int interval = 1;
+static unsigned int interval;
static bool show_src = false;
static bool resolve_dns = true;
static bool resolve_geoip = true;
static enum rate_units rate_type = RATE_BYTES;
static bool show_active_only = false;
+static bool do_dump = false;
enum tbl_flow_col {
TBL_FLOW_PROCESS,
@@ -155,7 +156,7 @@ enum tbl_flow_col {
static struct ui_table flows_tbl;
-static const char *short_options = "vhTUsDIS46ut:nGb";
+static const char *short_options = "vhTUsDIS46ut:nGbd";
static const struct option long_options[] = {
{"ipv4",no_argument,NULL, '4'},
{"ipv6",no_argument,NULL, '6'},
@@ -169,6 +170,7 @@ static const struct option long_options[] = {
{"show-src",no_argument,NULL, 's'},
{"bits",no_argument,NULL, 'b'},
{"update", no_argument,NULL, 'u'},
+ {"dump",no_argument,NULL, 'd'},
{"interval",required_argument, NULL, 't'},
{"version", no_argument,NULL, 'v'},
{"help",no_argument,NULL, 'h'},
@@ -252,6 +254,10 @@ static const struct nfct_filter_ipv6 filter_ipv6 = {
.mask = { 0x, 0x, 0x, 0x },
};
+static void collector_dump_flows(void);
+static struct nfct_handle *collector_create_updater(void);
+static void collector_refresh_flows(struct nfct_handle *handle);
+
static int64_t time_after_us(struct timeval *tv)
{
struct timeval now;
@@ -300,6 +306,7 @@ static void help(void)
" -s|--show-src Also show source, not only dest\n"
" -b|--bits Show rates in bits/s instead of
bytes/s\n"
" -u|--updateUpdate GeoIP databases\n"
+" -d|--dump Only dump flows to stdout\n"
" -t|--intervalRefresh time in seconds (default 1s)\n"
" -v|--version Print version and exit\n"
" -h|--help Print this help and exit\n\n"
@@ -456,12 +463,28 @@ static void flow_list_destroy_entry(struct flow_list *fl,
}
}
+static void flow_list_write_lock(struct flow_list *fl)
+{
+ if (do_dump)
+ return;
+
+ synchronize_rcu();
+ spinlock_lock(>lock);
+}
+
+static void flow_list_unlock(struct flow_list *fl)
+{
+ if (do_dump)
+ return;
+
+ spinlock_unlock(>lock);
+}
+
static void flow_list_destroy(struct flow_list *fl)
{
struct flow_entry *n;
- synchronize_rcu();
- spinlock_lock(_list.lock);
+ flow_list_write_lock(fl);
while (fl->head != NULL) {
n = rcu_dereference(fl->head->next);
@@ -471,7 +494,7 @@ static void flow_list_destroy(struct flow_list *fl)
rcu_assign_pointer(fl->head, n);
}
- spinlock_unlock(_list.lock);
+ flow_list_unlock(fl);
}
static int walk_process(unsigned int pid, struct flow_entry *n)
@@ -1020,6 +1043,10 @@ static void draw_flow_entry(const struct flow_entry *n)
if (show_src) {
ui_table_row_add(_tbl);
+ ui_table_row_print(_tbl, TBL_FLOW_PROCESS, " ");
+ ui_table_row_print(_tbl, TBL_FLOW_PID, " ");
+ ui_table_row_print(_tbl, TBL_FLOW_PROTO, " ");
+ ui_table_row_print(_tbl, TBL_FLOW_STATE, " ");
ui_table_row_print(_tbl, TBL_FLOW_TIME, "-->");
print_flow_peer_info(n, FLOW_DIR_DST);
@@ -1294,6 +1321,8 @@ static void presenter_curses(void)
INIT_COLOR(GREEN, BLACK);
INIT_COLOR(BLACK, GREEN);
+ ui_init(UI_CURSES);
+
flows_table_init(_tbl);
rcu_register_thread();
@@ -1368,12 +1397,54 @@ static void presenter_curses(void)
screen_end();
}
+static void presenter_stdout(void)
+{
+ str
[netsniff-ng] [PATCH 5/8] flowtop: Remove unused args in draw_flow_entry(...)
Remove unused "screen" & "line" arguments in draw_flow_entry(...)
function.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index ab3459a..cbd5a33 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -992,7 +992,7 @@ static void print_flow_peer_info(const struct flow_entry
*n, enum flow_direction
tmp, sizeof(tmp) - 1));
}
-static void draw_flow_entry(WINDOW *scr, const struct flow_entry *n, int line)
+static void draw_flow_entry(const struct flow_entry *n)
{
char tmp[128];
@@ -1119,7 +1119,7 @@ static void draw_flows(WINDOW *screen, struct flow_list
*fl,
if (--skip >= 0)
continue;
- draw_flow_entry(screen, n, line);
+ draw_flow_entry(n);
line += row_width;
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 6/8] flowtop: Move curses drawing to separate function
Move curses related drawing to separate function. Similary
there will be stdout drawing function.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index cbd5a33..65a8ad4 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -1278,15 +1278,12 @@ static void flows_table_init(struct ui_table *tbl)
ui_table_header_color_set(_tbl, COLOR(BLACK, GREEN));
}
-static void presenter(void)
+static void presenter_curses(void)
{
bool show_help = false;
int skip_lines = 0;
WINDOW *screen;
- lookup_init(LT_PORTS_TCP);
- lookup_init(LT_PORTS_UDP);
-
screen = screen_init(false);
wclear(screen);
@@ -1367,10 +1364,17 @@ static void presenter(void)
usleep(8);
}
rcu_unregister_thread();
-
ui_table_uninit(_tbl);
-
screen_end();
+}
+
+static void presenter(void)
+{
+ lookup_init(LT_PORTS_TCP);
+ lookup_init(LT_PORTS_UDP);
+
+ presenter_curses();
+
lookup_cleanup(LT_PORTS_UDP);
lookup_cleanup(LT_PORTS_TCP);
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 1/8] ui: Use custom print function
Use custom defined ui_print_yx macro to print text to screen.
This is just small preparation to unify printing in STDOUT & CURSES
modes.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
ui.c | 14 --
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/ui.c b/ui.c
index 46062d4..bc95fe3 100644
--- a/ui.c
+++ b/ui.c
@@ -8,6 +8,8 @@
#include "ui.h"
#include "xmalloc.h"
+#define ui_print_yx(y, x, fmt, ...) mvprintw(y, x, fmt, ##__VA_ARGS__)
+
void ui_table_init(struct ui_table *tbl)
{
memset(tbl, 0, sizeof(*tbl));
@@ -100,7 +102,7 @@ void ui_table_clear(struct ui_table *tbl)
tbl->rows_y = tbl->y;
for (y = tbl->y + 1; y < tbl->y + tbl->height; y++) {
- mvprintw(y, tbl->x, "%*s", tbl->width, " ");
+ ui_print_yx(y, tbl->x, "%*s", tbl->width, " ");
}
}
@@ -109,8 +111,8 @@ void ui_table_clear(struct ui_table *tbl)
static void __ui_table_row_print(struct ui_table *tbl, struct ui_col *col,
const char *str)
{
- mvprintw(tbl->rows_y, col->pos, UI_ALIGN_COL(col), col->len, col->len,
str);
- mvprintw(tbl->rows_y, col->pos + col->len, "%*s", tbl->col_pad, " ");
+ ui_print_yx(tbl->rows_y, col->pos, UI_ALIGN_COL(col), col->len,
col->len, str);
+ ui_print_yx(tbl->rows_y, col->pos + col->len, "%*s", tbl->col_pad, " ");
}
void ui_table_row_print(struct ui_table *tbl, uint32_t col_id, const char *str)
@@ -140,14 +142,14 @@ void ui_table_header_print(struct ui_table *tbl)
attron(tbl->hdr_color);
- mvprintw(tbl->y, tbl->x, "%-*.*s", max_width - tbl->x, max_width -
tbl->x, "");
- mvprintw(tbl->y, tbl->x, "");
+ ui_print_yx(tbl->y, tbl->x, "%-*.*s", max_width - tbl->x, max_width -
tbl->x, "");
+ ui_print_yx(tbl->y, tbl->x, "");
list_for_each_entry(col, >cols, entry) {
__ui_table_row_print(tbl, col, col->name);
width += col->len + tbl->col_pad;
}
- mvprintw(tbl->y, width, "%*s", max_width - width, " ");
+ ui_print_yx(tbl->y, width, "%*s", max_width - width, " ");
attroff(tbl->hdr_color);
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH] flowtop: man: Add how-to activate conntrack by modprobe
Add another tip how to activate conntrack mechanism by loading required kernel modules via modprobe. This info might be used to make these modules load automatically at startup. Signed-off-by: Vadim Kochan <vadi...@gmail.com> --- flowtop.8 | 8 1 file changed, 8 insertions(+) diff --git a/flowtop.8 b/flowtop.8 index 1367e6e..27ba22c 100644 --- a/flowtop.8 +++ b/flowtop.8 @@ -50,6 +50,14 @@ iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT .sp iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT .in -4 +.sp +or by loading the following kernel modules: +.sp +.in +4 +modprobe nf_conntrack_ipv4 +.sp +modprobe nf_conntrack_ipv6 +.in -4 .PP To dump byte/packet counters flowtop enables the sysctl(8) parameter \[lq]net.netfilter.nf_conntrack_acct\[rq] via: -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH v2 00/11] flowtop: Layout change to 1-row view
You can still review the rest patches except last 2 ones, in case if you catch some issues, so I will include them in v3 series, if it is OK for you. Thanks, On Thu, Apr 21, 2016 at 12:52 PM, Tobias Klauser <tklau...@distanz.ch> wrote: > On 2016-04-17 at 19:31:23 +0200, Vadim Kochan <vadi...@gmail.com> wrote: >> Changed flows list layout to look more a top-like output >> with header and in 1 line. When -s option is specified >> then layout changes to 2 lines view including with src peer >> info and dst under it on next line. >> >> v2: >> 1) Add UI table widget with generic implementation for >>print list items in table style. Add new UI module with >>generic table API. >> >> 2) Add Linux-like list API used from liburcu but with redefinitions >>to the Linux naming. >> >> 3) Get rid of clear & refresh screen each time while flows printing. >> >> Vadim Kochan (11): >> geoip: Allow to get country 3-code >> flowtop: Change flows layout to 1-row view >> flowtop: Add display option to show src info >> screen: Add helpers to easy use color by name >> flowtop: Use new colors naming & helpers >> list: Add re-defined double-linked list API from liburcu >> ui: Implement UI table for flows printing >> flowtop: Use new UI table API for draw flows list >> ui: Print empty rows when clear table >> flowtop: Get rid of clear() & refresh() calls >> flowtop: Simplify flows refresh delay > > Applied patches 1-5, waiting for the respin with the remaining ones. > > Thanks a lot! -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 11/11] flowtop: Simplify flows refresh delay
Simplify screen refresh logic by removing tricky delay
logic which freezes a little key pressing.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 21 +++--
1 file changed, 3 insertions(+), 18 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 3060917..2077fdb 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -1278,8 +1278,6 @@ static void flows_table_init(struct ui_table *tbl)
static void presenter(void)
{
- int time_sleep_us = 20;
- int time_passed_us = 0;
bool show_help = false;
int skip_lines = 0;
WINDOW *screen;
@@ -1299,7 +1297,6 @@ static void presenter(void)
rcu_register_thread();
while (!sigint) {
- bool redraw_flows = true;
int ch;
curs_set(0);
@@ -1351,31 +1348,19 @@ static void presenter(void)
break;
default:
fflush(stdin);
- redraw_flows = false;
break;
}
draw_header(screen);
- if (!redraw_flows)
- redraw_flows = time_passed_us >= 1 * USEC_PER_SEC;
-
- if (show_help)
- redraw_flows = false;
-
- if (redraw_flows) {
- draw_flows(screen, _list, skip_lines);
- time_passed_us = 0;
- } else {
- time_passed_us += time_sleep_us;
- }
-
if (show_help)
draw_help(screen);
+ else
+ draw_flows(screen, _list, skip_lines);
draw_footer(screen);
- usleep(time_sleep_us);
+ usleep(8);
}
rcu_unregister_thread();
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 00/11] flowtop: Layout change to 1-row view
Changed flows list layout to look more a top-like output with header and in 1 line. When -s option is specified then layout changes to 2 lines view including with src peer info and dst under it on next line. v2: 1) Add UI table widget with generic implementation for print list items in table style. Add new UI module with generic table API. 2) Add Linux-like list API used from liburcu but with redefinitions to the Linux naming. 3) Get rid of clear & refresh screen each time while flows printing. Vadim Kochan (11): geoip: Allow to get country 3-code flowtop: Change flows layout to 1-row view flowtop: Add display option to show src info screen: Add helpers to easy use color by name flowtop: Use new colors naming & helpers list: Add re-defined double-linked list API from liburcu ui: Implement UI table for flows printing flowtop: Use new UI table API for draw flows list ui: Print empty rows when clear table flowtop: Get rid of clear() & refresh() calls flowtop: Simplify flows refresh delay flowtop.c| 466 --- flowtop/Makefile | 1 + geoip.c | 14 ++ geoip.h | 2 + list.h | 39 + screen.h | 17 ++ ui.c | 160 +++ ui.h | 55 +++ 8 files changed, 527 insertions(+), 227 deletions(-) create mode 100644 list.h create mode 100644 ui.c create mode 100644 ui.h -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 04/11] screen: Add helpers to easy use color by name
Added macros which allow easy specify color pair like:
INIT_COLOR(YELLOW, BLACK);
COLOR(YELLOW, BLACK);
COLOR_ON(YELLOW, BLACK);
by calculating pair id via generic formula. Added shorter
color names via new enum.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
screen.h | 17 +
1 file changed, 17 insertions(+)
diff --git a/screen.h b/screen.h
index 7a647be..f5a15d4 100644
--- a/screen.h
+++ b/screen.h
@@ -3,6 +3,23 @@
#include
+enum colors {
+ BLACK = COLOR_BLACK,
+ RED = COLOR_RED,
+ GREEN = COLOR_GREEN,
+ YELLOW = COLOR_YELLOW,
+ BLUE= COLOR_BLUE,
+ MAGENTA = COLOR_MAGENTA,
+ CYAN= COLOR_CYAN,
+ WHITE = COLOR_WHITE,
+};
+
+#define COLOR_MASK(fg, bg) ((fg) + (bg) * (COLOR_WHITE + 1))
+#define COLOR(fg, bg) COLOR_PAIR(COLOR_MASK((fg), (bg)))
+#define INIT_COLOR(fg, bg) init_pair(COLOR_MASK((fg), (bg)), (fg), (bg))
+#define COLOR_ON(fg, bg) attron(COLOR(fg, bg))
+#define COLOR_OFF(fg, bg) attroff(COLOR(fg, bg))
+
extern WINDOW *screen_init(bool israw);
extern void screen_end(void);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 05/11] flowtop: Use new colors naming & helpers
Use new colors definitions via enum variables instead of
numbers which helps to undrerstand better which kind
of color is used.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 42 ++
1 file changed, 22 insertions(+), 20 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index aac8b80..402d4bc 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -881,29 +881,29 @@ static char *time2str(uint64_t tstamp, char *str, size_t
len)
static void print_flow_peer_info(const struct flow_entry *n, int y, int x,
enum flow_direction dir)
{
- int counters_color = COLOR_PAIR(3);
- int country_color = COLOR_PAIR(4);
+ int counters_color = COLOR(YELLOW, BLACK);
+ int src_color = COLOR(RED, BLACK);
+ int dst_color = COLOR(BLUE, BLACK);
+ int country_color = COLOR(GREEN, BLACK);
int port_color = A_BOLD;
const char *str = NULL;
uint16_t port = 0;
char tmp[128];
if (show_src && dir == FLOW_DIR_SRC) {
- counters_color = COLOR_PAIR(1);
- country_color = COLOR_PAIR(1);
- port_color |= COLOR_PAIR(1);
+ country_color = counters_color = src_color;
+ port_color |= src_color;
} else if (show_src && FLOW_DIR_DST) {
- counters_color = COLOR_PAIR(2);
- country_color = COLOR_PAIR(2);
- port_color |= COLOR_PAIR(2);
+ country_color = counters_color = dst_color;
+ port_color |= dst_color;
}
mvprintw(y, x, "");
/* Reverse DNS/IP */
- attron(COLOR_PAIR(dir == FLOW_DIR_SRC ? 1 : 2));
+ attron(dir == FLOW_DIR_SRC ? src_color : dst_color);
printw(" %-*.*s", 50, 50, SELFLD(dir, rev_dns_src, rev_dns_dst));
- attroff(COLOR_PAIR(dir == FLOW_DIR_SRC ? 1 : 2));
+ attroff(dir == FLOW_DIR_SRC ? src_color : dst_color);
/* Application port */
port = SELFLD(dir, port_src, port_dst);
@@ -956,9 +956,9 @@ static void draw_flow_entry(WINDOW *scr, const struct
flow_entry *n, int line)
mvwprintw(scr, line, 0, "");
/* Application */
- attron(COLOR_PAIR(3));
+ COLOR_ON(YELLOW, BLACK);
printw("%-*.*s", 10, 10, n->procname);
- attroff(COLOR_PAIR(3));
+ COLOR_OFF(YELLOW, BLACK);
/* PID */
slprintf(tmp, sizeof(tmp), "%.d", n->procnum);
@@ -970,7 +970,7 @@ static void draw_flow_entry(WINDOW *scr, const struct
flow_entry *n, int line)
printw(" %-*.*s", 6, 6, l4proto2str[n->l4_proto]);
/* L4 protocol state */
- attron(COLOR_PAIR(3));
+ COLOR_ON(YELLOW, BLACK);
switch (n->l4_proto) {
case IPPROTO_TCP:
str = tcp_state2str[n->tcp_state];
@@ -988,8 +988,10 @@ static void draw_flow_entry(WINDOW *scr, const struct
flow_entry *n, int line)
str = "";
break;
}
+ COLOR_OFF(YELLOW, BLACK);
printw(" %-*.*s", 11, 11, str);
attroff(COLOR_PAIR(3));
+ COLOR_OFF(YELLOW, BLACK);
/* Time */
printw(" %*.*s", 4, 4, time2str(n->timestamp_start, tmp, sizeof(tmp)));
@@ -1061,7 +1063,7 @@ static inline bool presenter_flow_wrong_state(struct
flow_entry *n)
static void draw_flows_header(WINDOW *scr, int line)
{
- attron(COLOR_PAIR(5));
+ COLOR_ON(BLACK, GREEN);
mvwprintw(scr, line, 0, "%-*.*s", cols, cols, "");
mvwprintw(scr, line, 0, "");
@@ -1077,7 +1079,7 @@ static void draw_flows_header(WINDOW *scr, int line)
wprintw(scr, " %*.*s", 10, 10, "BYTES");
wprintw(scr, " %*.*s", 10, 10, "RATE");
- attroff(COLOR_PAIR(5));
+ COLOR_OFF(BLACK, GREEN);
}
static void draw_flows(WINDOW *screen, struct flow_list *fl,
@@ -1257,11 +1259,11 @@ static void presenter(void)
screen = screen_init(false);
start_color();
- init_pair(1, COLOR_RED, COLOR_BLACK);
- init_pair(2, COLOR_BLUE, COLOR_BLACK);
- init_pair(3, COLOR_YELLOW, COLOR_BLACK);
- init_pair(4, COLOR_GREEN, COLOR_BLACK);
- init_pair(5, COLOR_BLACK, COLOR_GREEN);
+ INIT_COLOR(RED, BLACK);
+ INIT_COLOR(BLUE, BLACK);
+ INIT_COLOR(YELLOW, BLACK);
+ INIT_COLOR(GREEN, BLACK);
+ INIT_COLOR(BLACK, GREEN);
rcu_register_thread();
while (!sigint) {
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 07/11] ui: Implement UI table for flows printing
Add new module ui.c which is responsible to render
different kinds of UI widgets - tables, etc.
Implemented generic API for print table-like list of elements.
This table API might be used for print flows in curses or text mode.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
ui.c | 142 +++
ui.h | 53 +
2 files changed, 195 insertions(+)
create mode 100644 ui.c
create mode 100644 ui.h
diff --git a/ui.c b/ui.c
new file mode 100644
index 000..d5fe1a7
--- /dev/null
+++ b/ui.c
@@ -0,0 +1,142 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include "ui.h"
+#include "xmalloc.h"
+
+#include
+
+void ui_table_init(struct ui_table *tbl)
+{
+ memset(tbl, 0, sizeof(*tbl));
+
+ getsyx(tbl->y, tbl->x);
+
+ tbl->rows_y = tbl->y;
+ tbl->width = COLS;
+ tbl->col_pad = 1;
+
+ INIT_LIST_HEAD(>cols);
+}
+
+void ui_table_uninit(struct ui_table *tbl)
+{
+ struct ui_col *col, *tmp;
+
+ list_for_each_entry_safe(col, tmp, >cols, entry)
+ xfree(col);
+}
+
+void ui_table_pos_set(struct ui_table *tbl, int y, int x)
+{
+ tbl->y = y;
+ tbl->x = x;
+ tbl->rows_y = y;
+}
+
+static struct ui_col *ui_table_col_get(struct ui_table *tbl, uint32_t id)
+{
+ struct ui_col *col;
+
+ list_for_each_entry(col, >cols, entry) {
+ if (col->id == id)
+ return col;
+ }
+
+ /* Should not happen in normal case */
+ panic("Invalid column id %u\n", id);
+}
+
+static void __ui_table_pos_update(struct ui_table *tbl)
+{
+ struct ui_col *col;
+ uint32_t pos = tbl->x;
+
+ list_for_each_entry(col, >cols, entry) {
+ col->pos = pos;
+ pos += col->len + tbl->col_pad;
+ }
+}
+
+void ui_table_col_add(struct ui_table *tbl, uint32_t id, char *name, uint32_t
len)
+{
+ struct ui_col *col = xzmalloc(sizeof(*col));
+
+ col->id= id;
+ col->name = name;
+ col->len = len;
+ col->align = UI_ALIGN_LEFT;
+
+ list_add_tail(>entry, >cols);
+
+ __ui_table_pos_update(tbl);
+}
+
+void ui_table_col_color_set(struct ui_table *tbl, int col_id, int color)
+{
+ struct ui_col *col = ui_table_col_get(tbl, col_id);
+
+ col->color = color;
+}
+
+void ui_table_col_align_set(struct ui_table *tbl, int col_id, enum ui_align
align)
+{
+ struct ui_col *col = ui_table_col_get(tbl, col_id);
+
+ col->align = align;
+}
+
+void ui_table_row_add(struct ui_table *tbl)
+{
+ tbl->rows_y++;
+}
+
+void ui_table_clear(struct ui_table *tbl)
+{
+ tbl->rows_y = tbl->y;
+}
+
+#define UI_ALIGN_COL(col) (((col)->align == UI_ALIGN_LEFT) ? "%-*.*s" :
"%*.*s")
+
+static void __ui_table_row_print(struct ui_table *tbl, struct ui_col *col,
+const char *str)
+{
+ mvprintw(tbl->rows_y, col->pos, UI_ALIGN_COL(col), col->len, col->len,
str);
+ mvprintw(tbl->rows_y, col->pos + col->len, "%*s", tbl->col_pad, " ");
+}
+
+void ui_table_row_print(struct ui_table *tbl, uint32_t col_id, const char *str)
+{
+ struct ui_col *col = ui_table_col_get(tbl, col_id);
+
+ attron(col->color);
+ __ui_table_row_print(tbl, col, str);
+ attroff(col->color);
+}
+
+void ui_table_header_color_set(struct ui_table *tbl, int color)
+{
+ tbl->hdr_color = color;
+}
+
+void ui_table_header_print(struct ui_table *tbl)
+{
+ struct ui_col *col;
+ int max_width = tbl->width;
+ int width = 0;
+
+ attron(tbl->hdr_color);
+
+ mvprintw(tbl->y, tbl->x, "%-*.*s", max_width - tbl->x, max_width -
tbl->x, "");
+ mvprintw(tbl->y, tbl->x, "");
+
+ list_for_each_entry(col, >cols, entry) {
+ __ui_table_row_print(tbl, col, col->name);
+ width += col->len + tbl->col_pad;
+ }
+
+ mvprintw(tbl->y, width, "%*s", max_width - width, " ");
+ attroff(tbl->hdr_color);
+}
diff --git a/ui.h b/ui.h
new file mode 100644
index 000..02d1da2
--- /dev/null
+++ b/ui.h
@@ -0,0 +1,53 @@
+#ifndef UI_H
+#define UI_H
+
+#include "list.h"
+
+#include
+#include
+
+#define UI_MAX_WIDTH (-1)
+
+enum ui_align {
+ UI_ALIGN_LEFT,
+ UI_ALIGN_RIGHT,
+};
+
+struct ui_col {
+ struct list_head entry;
+ uint32_t id;
+ char *name;
+ uint32_t len;
+ int pos;
+ int color;
+ enum ui_align align;
+};
+
+struct ui_table {
+ int y;
+ int x;
+ int rows_y;
+ struct list_head cols;
+ int hdr_color;
+ int col_p
[netsniff-ng] [PATCH v2 06/11] list: Add re-defined double-linked list API from liburcu
Add definitions for list structure & functions without cds_/CDS_ prefix. The purpose of this change is to use such linked-list in sorting or ordering some kind of items (e.g. flowtop - flows, columns). Signed-off-by: Vadim Kochan <vadi...@gmail.com> --- list.h | 39 +++ 1 file changed, 39 insertions(+) create mode 100644 list.h diff --git a/list.h b/list.h new file mode 100644 index 000..a8ac408 --- /dev/null +++ b/list.h @@ -0,0 +1,39 @@ +#ifndef LIST_I_H +#define LIST_I_H + +#include +#include + +#define list_head cds_list_head + +#define LIST_HEAD CDS_LIST_HEAD +#define INIT_LIST_HEAD CDS_INIT_LIST_HEAD +#define LIST_HEAD_INIT CDS_LIST_HEAD_INIT + +#define list_add cds_list_add +#define list_add_tail cds_list_add_tail +#define list_del cds_list_del +#define list_del_init cds_list_del_init +#define list_move cds_list_move +#define list_replace cds_list_replace +#define list_splicecds_list_splice +#define list_entry cds_list_entry +#define list_first_entry cds_list_first_entry +#define list_for_each cds_list_for_each +#define list_for_each_safe cds_list_for_each_safe +#define list_for_each_prev cds_list_for_each_prev +#define list_for_each_prev_safecds_list_for_each_prev_safe +#define list_for_each_entrycds_list_for_each_entry +#define list_for_each_entry_safe cds_list_for_each_entry_safe +#define list_for_each_entry_reversecds_list_for_each_entry_reverse +#define list_empty cds_list_empty +#define list_replace_init cds_list_replace_init + +#define list_add_rcu cds_list_add_rcu +#define list_add_tail_rcu cds_list_add_tail_rcu +#define list_replace_rcu cds_list_replace_rcu +#define list_del_rcu cds_list_del_rcu +#define list_for_each_rcu cds_list_for_each_rcu +#define list_for_each_entry_rcucds_list_for_each_entry_rcu + +#endif /* LIST_I_H */ -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 2/5] flowtop: Change flows layout to 1-row view
On Tue, Mar 29, 2016 at 03:38:58PM +0200, Tobias Klauser wrote:
> On 2016-03-29 at 15:32:43 +0200, Vadim Kochan <vadi...@gmail.com> wrote:
> > On Tue, Mar 29, 2016 at 4:23 PM, Tobias Klauser <tklau...@distanz.ch> wrote:
> > > On 2016-03-23 at 22:00:44 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
> > >> Changed flows list layout to look more a top-like output
> > >> with header and in 1 line. When -s option is specified
> > >> then layout changes to 2 lines view including with src peer
> > >> info and dst under it on next line.
> > >>
> > >> Also shortified flow state names to allocate less space.
> > >>
> > >> Removed presenter_get_port be cause ports are printed for both peers
> > >> separately.
> > >>
> > >> The flow duration time is printed in very short form in one of the
> > >> units:
> > >> XXd - days
> > >> XXh - hours
> > >> XXm - minutes
> > >> XXs - seconds
> > >>
> > >> the reason is that it is enough to have actually generic understanding
> > >> about flow time in the biggest time unit.
> > >>
> > >> Signed-off-by: Vadim Kochan <vadi...@gmail.com>
> > >> ---
> > >> flowtop.c | 405
> > >> ++
> > >> 1 file changed, 194 insertions(+), 211 deletions(-)
> > >>
> > >> diff --git a/flowtop.c b/flowtop.c
> > >> index 4c15c06..8201321 100644
> > >> --- a/flowtop.c
> > >> +++ b/flowtop.c
> > >> @@ -62,6 +62,7 @@ struct flow_entry {
> > >> uint64_t pkts_dst, bytes_dst;
> > >> uint64_t timestamp_start, timestamp_stop;
> > >> char country_src[128], country_dst[128];
> > >> + char country_code_src[4], country_code_dst[4];
> > >> char city_src[128], city_dst[128];
> > >> char rev_dns_src[256], rev_dns_dst[256];
> > >> char procname[256];
> > >> @@ -166,11 +167,6 @@ static const char *copyright = "Please report bugs
> > >> to <netsniff-ng@googlegroups.
> > >> "This is free software: you are free to change and redistribute
> > >> it.\n"
> > >> "There is NO WARRANTY, to the extent permitted by law.";
> > >>
> > >> -static const char *const l3proto2str[AF_MAX] = {
> > >> - [AF_INET] = "ipv4",
> > >> - [AF_INET6] = "ipv6",
> > >> -};
> > >
> > > Why remove L3 protocol information from the output? I consider this
> > > quite useful. Could we somehow combine this with L4 Proto information in
> > > a generic way?
> >
> > I thought it will be easy to identify ipvX version by IPvX address format.
>
> True, didn't think of it that way. I'm fine with omitting it in that case...
>
> > >
> > >> -
> > >> static const char *const l4proto2str[IPPROTO_MAX] = {
> > >> [IPPROTO_TCP] = "tcp",
> > >> [IPPROTO_UDP] = "udp",
> > >> @@ -194,40 +190,40 @@ static const char *const l4proto2str[IPPROTO_MAX]
> > >> = {
> > >> };
> > >>
> > >> static const char *const tcp_state2str[TCP_CONNTRACK_MAX] = {
> > >> - [TCP_CONNTRACK_NONE]= "NOSTATE",
> > >> - [TCP_CONNTRACK_SYN_SENT]= "SYN_SENT",
> > >> - [TCP_CONNTRACK_SYN_RECV]= "SYN_RECV",
> > >> - [TCP_CONNTRACK_ESTABLISHED] = "ESTABLISHED",
> > >> - [TCP_CONNTRACK_FIN_WAIT]= "FIN_WAIT",
> > >> - [TCP_CONNTRACK_CLOSE_WAIT] = "CLOSE_WAIT",
> > >> - [TCP_CONNTRACK_LAST_ACK]= "LAST_ACK",
> > >> - [TCP_CONNTRACK_TIME_WAIT] = "TIME_WAIT",
> > >> - [TCP_CONNTRACK_CLOSE] = "CLOSE",
> > >> - [TCP_CONNTRACK_SYN_SENT2] = "SYN_SENT2",
> > >> + [TCP_CONNTRACK_NONE]= "NO",
> > >> + [TCP_CONNTRACK_SYN_SENT]= "SS",
> > >> + [TCP_CONNTRACK_SYN_RECV]= "SR",
> > >> + [TCP_CONNTRACK_ESTABLISHED] = "EST",
> > >> + [TCP_CONNTRACK_FIN_WAIT]
[netsniff-ng] Re: [PATCH 2/5] flowtop: Change flows layout to 1-row view
On Tue, Mar 29, 2016 at 4:23 PM, Tobias Klauser <tklau...@distanz.ch> wrote:
> On 2016-03-23 at 22:00:44 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
>> Changed flows list layout to look more a top-like output
>> with header and in 1 line. When -s option is specified
>> then layout changes to 2 lines view including with src peer
>> info and dst under it on next line.
>>
>> Also shortified flow state names to allocate less space.
>>
>> Removed presenter_get_port be cause ports are printed for both peers
>> separately.
>>
>> The flow duration time is printed in very short form in one of the
>> units:
>> XXd - days
>> XXh - hours
>> XXm - minutes
>> XXs - seconds
>>
>> the reason is that it is enough to have actually generic understanding
>> about flow time in the biggest time unit.
>>
>> Signed-off-by: Vadim Kochan <vadi...@gmail.com>
>> ---
>> flowtop.c | 405
>> ++
>> 1 file changed, 194 insertions(+), 211 deletions(-)
>>
>> diff --git a/flowtop.c b/flowtop.c
>> index 4c15c06..8201321 100644
>> --- a/flowtop.c
>> +++ b/flowtop.c
>> @@ -62,6 +62,7 @@ struct flow_entry {
>> uint64_t pkts_dst, bytes_dst;
>> uint64_t timestamp_start, timestamp_stop;
>> char country_src[128], country_dst[128];
>> + char country_code_src[4], country_code_dst[4];
>> char city_src[128], city_dst[128];
>> char rev_dns_src[256], rev_dns_dst[256];
>> char procname[256];
>> @@ -166,11 +167,6 @@ static const char *copyright = "Please report bugs to
>> <netsniff-ng@googlegroups.
>> "This is free software: you are free to change and redistribute it.\n"
>> "There is NO WARRANTY, to the extent permitted by law.";
>>
>> -static const char *const l3proto2str[AF_MAX] = {
>> - [AF_INET] = "ipv4",
>> - [AF_INET6] = "ipv6",
>> -};
>
> Why remove L3 protocol information from the output? I consider this
> quite useful. Could we somehow combine this with L4 Proto information in
> a generic way?
I thought it will be easy to identify ipvX version by IPvX address format.
>
>> -
>> static const char *const l4proto2str[IPPROTO_MAX] = {
>> [IPPROTO_TCP] = "tcp",
>> [IPPROTO_UDP] = "udp",
>> @@ -194,40 +190,40 @@ static const char *const l4proto2str[IPPROTO_MAX] = {
>> };
>>
>> static const char *const tcp_state2str[TCP_CONNTRACK_MAX] = {
>> - [TCP_CONNTRACK_NONE]= "NOSTATE",
>> - [TCP_CONNTRACK_SYN_SENT]= "SYN_SENT",
>> - [TCP_CONNTRACK_SYN_RECV]= "SYN_RECV",
>> - [TCP_CONNTRACK_ESTABLISHED] = "ESTABLISHED",
>> - [TCP_CONNTRACK_FIN_WAIT]= "FIN_WAIT",
>> - [TCP_CONNTRACK_CLOSE_WAIT] = "CLOSE_WAIT",
>> - [TCP_CONNTRACK_LAST_ACK]= "LAST_ACK",
>> - [TCP_CONNTRACK_TIME_WAIT] = "TIME_WAIT",
>> - [TCP_CONNTRACK_CLOSE] = "CLOSE",
>> - [TCP_CONNTRACK_SYN_SENT2] = "SYN_SENT2",
>> + [TCP_CONNTRACK_NONE]= "NO",
>> + [TCP_CONNTRACK_SYN_SENT]= "SS",
>> + [TCP_CONNTRACK_SYN_RECV]= "SR",
>> + [TCP_CONNTRACK_ESTABLISHED] = "EST",
>> + [TCP_CONNTRACK_FIN_WAIT]= "FWT",
>> + [TCP_CONNTRACK_CLOSE_WAIT] = "CWT",
>> + [TCP_CONNTRACK_LAST_ACK]= "LAC",
>> + [TCP_CONNTRACK_TIME_WAIT] = "TWT",
>> + [TCP_CONNTRACK_CLOSE] = "CLO",
>> + [TCP_CONNTRACK_SYN_SENT2] = "SS2",
>
>
> These abbreviations are no longer easy to grasp for the user without
> looking at this struct in the source. We should either keep the long
> names (if possible) of at least add corresponding documentation about
> the abbreviations to the manpage. Same goes for dccp_state2str and
> sctp_state2str below.
OK, what do you prefer ? I just tried to minimize the column width to
fit into at least 100-sized screen.
But OK, I will try to see how much character long names will occupy.
>>
>> -static void draw_flow_entry(WINDOW *screen, const struct flow_entry *n,
>> - unsigned int *line)
>> +static void draw_flow_entry(WINDOW *scr, const struct flow_e
[netsniff-ng] [PATCH 4/5] screen: Add helpers to easy use color by name
Added macros which allow easy specify color pair like:
INIT_COLOR(YELLOW, BLACK);
COLOR(YELLOW, BLACK);
COLOR_ON(YELLOW, BLACK);
by calculating pair id via generic formula. Added shorter
color names via new enum.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
screen.h | 17 +
1 file changed, 17 insertions(+)
diff --git a/screen.h b/screen.h
index 7a647be..f5a15d4 100644
--- a/screen.h
+++ b/screen.h
@@ -3,6 +3,23 @@
#include
+enum colors {
+ BLACK = COLOR_BLACK,
+ RED = COLOR_RED,
+ GREEN = COLOR_GREEN,
+ YELLOW = COLOR_YELLOW,
+ BLUE= COLOR_BLUE,
+ MAGENTA = COLOR_MAGENTA,
+ CYAN= COLOR_CYAN,
+ WHITE = COLOR_WHITE,
+};
+
+#define COLOR_MASK(fg, bg) ((fg) + (bg) * (COLOR_WHITE + 1))
+#define COLOR(fg, bg) COLOR_PAIR(COLOR_MASK((fg), (bg)))
+#define INIT_COLOR(fg, bg) init_pair(COLOR_MASK((fg), (bg)), (fg), (bg))
+#define COLOR_ON(fg, bg) attron(COLOR(fg, bg))
+#define COLOR_OFF(fg, bg) attroff(COLOR(fg, bg))
+
extern WINDOW *screen_init(bool israw);
extern void screen_end(void);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 0/5] flowtop: Layout change to 1-row view
Changed flows list layout to look more a top-like output with header and in 1 line. When -s option is specified then layout changes to 2 lines view including with src peer info and dst under it on next line. Also shortified flow state names to allocate less space. Removed presenter_get_port be cause ports are printed for both peers separately. The flow duration time is printed in very short form in one of the units: XXd - days XXh - hours XXm - minutes XXs - seconds the reason is that it is enough to have actually generic understanding about flow time in the biggest time unit. Vadim Kochan (5): geoip: Allow to get country 3-code flowtop: Change flows layout to 1-row view flowtop: Add display option to show src info screen: Add helpers to easy use color by name flowtop: Use new colors naming & helpers flowtop.c | 437 ++ geoip.c | 14 ++ geoip.h | 2 + screen.h | 17 +++ 4 files changed, 244 insertions(+), 226 deletions(-) -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 2/5] flowtop: Change flows layout to 1-row view
Changed flows list layout to look more a top-like output
with header and in 1 line. When -s option is specified
then layout changes to 2 lines view including with src peer
info and dst under it on next line.
Also shortified flow state names to allocate less space.
Removed presenter_get_port be cause ports are printed for both peers
separately.
The flow duration time is printed in very short form in one of the
units:
XXd - days
XXh - hours
XXm - minutes
XXs - seconds
the reason is that it is enough to have actually generic understanding
about flow time in the biggest time unit.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 405 ++
1 file changed, 194 insertions(+), 211 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 4c15c06..8201321 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -62,6 +62,7 @@ struct flow_entry {
uint64_t pkts_dst, bytes_dst;
uint64_t timestamp_start, timestamp_stop;
char country_src[128], country_dst[128];
+ char country_code_src[4], country_code_dst[4];
char city_src[128], city_dst[128];
char rev_dns_src[256], rev_dns_dst[256];
char procname[256];
@@ -166,11 +167,6 @@ static const char *copyright = "Please report bugs to
<netsniff-ng@googlegroups.
"This is free software: you are free to change and redistribute it.\n"
"There is NO WARRANTY, to the extent permitted by law.";
-static const char *const l3proto2str[AF_MAX] = {
- [AF_INET] = "ipv4",
- [AF_INET6] = "ipv6",
-};
-
static const char *const l4proto2str[IPPROTO_MAX] = {
[IPPROTO_TCP] = "tcp",
[IPPROTO_UDP] = "udp",
@@ -194,40 +190,40 @@ static const char *const l4proto2str[IPPROTO_MAX] = {
};
static const char *const tcp_state2str[TCP_CONNTRACK_MAX] = {
- [TCP_CONNTRACK_NONE]= "NOSTATE",
- [TCP_CONNTRACK_SYN_SENT]= "SYN_SENT",
- [TCP_CONNTRACK_SYN_RECV]= "SYN_RECV",
- [TCP_CONNTRACK_ESTABLISHED] = "ESTABLISHED",
- [TCP_CONNTRACK_FIN_WAIT]= "FIN_WAIT",
- [TCP_CONNTRACK_CLOSE_WAIT] = "CLOSE_WAIT",
- [TCP_CONNTRACK_LAST_ACK]= "LAST_ACK",
- [TCP_CONNTRACK_TIME_WAIT] = "TIME_WAIT",
- [TCP_CONNTRACK_CLOSE] = "CLOSE",
- [TCP_CONNTRACK_SYN_SENT2] = "SYN_SENT2",
+ [TCP_CONNTRACK_NONE]= "NO",
+ [TCP_CONNTRACK_SYN_SENT]= "SS",
+ [TCP_CONNTRACK_SYN_RECV]= "SR",
+ [TCP_CONNTRACK_ESTABLISHED] = "EST",
+ [TCP_CONNTRACK_FIN_WAIT]= "FWT",
+ [TCP_CONNTRACK_CLOSE_WAIT] = "CWT",
+ [TCP_CONNTRACK_LAST_ACK]= "LAC",
+ [TCP_CONNTRACK_TIME_WAIT] = "TWT",
+ [TCP_CONNTRACK_CLOSE] = "CLO",
+ [TCP_CONNTRACK_SYN_SENT2] = "SS2",
};
static const char *const dccp_state2str[DCCP_CONNTRACK_MAX] = {
- [DCCP_CONNTRACK_NONE] = "NOSTATE",
- [DCCP_CONNTRACK_REQUEST]= "REQUEST",
- [DCCP_CONNTRACK_RESPOND]= "RESPOND",
- [DCCP_CONNTRACK_PARTOPEN] = "PARTOPEN",
- [DCCP_CONNTRACK_OPEN] = "OPEN",
- [DCCP_CONNTRACK_CLOSEREQ] = "CLOSEREQ",
- [DCCP_CONNTRACK_CLOSING]= "CLOSING",
- [DCCP_CONNTRACK_TIMEWAIT] = "TIMEWAIT",
- [DCCP_CONNTRACK_IGNORE] = "IGNORE",
- [DCCP_CONNTRACK_INVALID]= "INVALID",
+ [DCCP_CONNTRACK_NONE] = "NO",
+ [DCCP_CONNTRACK_REQUEST]= "REQ",
+ [DCCP_CONNTRACK_RESPOND]= "RES",
+ [DCCP_CONNTRACK_PARTOPEN] = "POP",
+ [DCCP_CONNTRACK_OPEN] = "OPN",
+ [DCCP_CONNTRACK_CLOSEREQ] = "CLQ",
+ [DCCP_CONNTRACK_CLOSING]= "CLN",
+ [DCCP_CONNTRACK_TIMEWAIT] = "TWT",
+ [DCCP_CONNTRACK_IGNORE] = "IGN",
+ [DCCP_CONNTRACK_INVALID]= "INV",
};
static const char *const sctp_state2str[SCTP_CONNTRACK_MAX] = {
- [SCTP_CONNTRACK_NONE] = "NOSTATE",
- [SCTP_CONNTRACK_CLOSED] = "CLOSED",
- [SCTP_CONNTRACK_COOKIE_WAIT]= "COOKIE_WAIT",
- [SCTP_CONNTRACK_COOKIE_ECHOED] = "COOKIE_ECHOED",
- [SCTP_CONNTRACK_ESTABLISHED]= "ESTABLISHED",
- [SCTP_CONNTRACK_SHUTDOWN_SENT] = "SHU
[netsniff-ng] [PATCH 1/5] geoip: Allow to get country 3-code
Add func to get country code-3 name by IPv4/6 address
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
geoip.c | 14 ++
geoip.h | 2 ++
2 files changed, 16 insertions(+)
diff --git a/geoip.c b/geoip.c
index ee654a6..917b1a7 100644
--- a/geoip.c
+++ b/geoip.c
@@ -339,6 +339,20 @@ const char *geoip6_country_name(struct sockaddr_in6 *sa)
return GeoIP_country_name_by_ipnum_v6(gi6_country, sa->sin6_addr);
}
+const char *geoip4_country_code3_name(struct sockaddr_in *sa)
+{
+ bug_on(gi4_country == NULL);
+
+ return GeoIP_country_code3_by_ipnum(gi4_country,
ntohl(sa->sin_addr.s_addr));
+}
+
+const char *geoip6_country_code3_name(struct sockaddr_in6 *sa)
+{
+ bug_on(gi6_country == NULL);
+
+ return GeoIP_country_code3_by_ipnum_v6(gi6_country, sa->sin6_addr);
+}
+
static int fdout, fderr;
/* GeoIP people were too stupid to come to the idea that you could set
diff --git a/geoip.h b/geoip.h
index 66ed20b..0cbd619 100644
--- a/geoip.h
+++ b/geoip.h
@@ -17,6 +17,8 @@ extern const char *geoip4_region_name(struct sockaddr_in *sa);
extern const char *geoip6_region_name(struct sockaddr_in6 *sa);
extern const char *geoip4_country_name(struct sockaddr_in *sa);
extern const char *geoip6_country_name(struct sockaddr_in6 *sa);
+extern const char *geoip4_country_code3_name(struct sockaddr_in *sa);
+extern const char *geoip6_country_code3_name(struct sockaddr_in6 *sa);
extern float geoip4_longitude(struct sockaddr_in *sa);
extern float geoip4_latitude(struct sockaddr_in *sa);
extern float geoip6_longitude(struct sockaddr_in6 *sa);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 5/5] flowtop: Use new colors naming & helpers
Use new colors definitions via enum variables instead of
numbers which helps to undrerstand better which kind
of color is used.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 42 +-
1 file changed, 21 insertions(+), 21 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index a810919..aa90733 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -881,29 +881,29 @@ static char *time2str(uint64_t tstamp, char *str, size_t
len)
static void print_flow_peer_info(const struct flow_entry *n, int y, int x,
enum flow_direction dir)
{
- int counters_color = COLOR_PAIR(3);
- int country_color = COLOR_PAIR(4);
+ int counters_color = COLOR(YELLOW, BLACK);
+ int src_color = COLOR(RED, BLACK);
+ int dst_color = COLOR(BLUE, BLACK);
+ int country_color = COLOR(GREEN, BLACK);
int port_color = A_BOLD;
const char *str = NULL;
uint16_t port = 0;
char tmp[128];
if (show_src && dir == FLOW_DIR_SRC) {
- counters_color = COLOR_PAIR(1);
- country_color = COLOR_PAIR(1);
- port_color |= COLOR_PAIR(1);
+ country_color = counters_color = src_color;
+ port_color |= src_color;
} else if (show_src && FLOW_DIR_DST) {
- counters_color = COLOR_PAIR(2);
- country_color = COLOR_PAIR(2);
- port_color |= COLOR_PAIR(2);
+ country_color = counters_color = dst_color;
+ port_color |= dst_color;
}
mvprintw(y, x, "");
/* Reverse DNS/IP */
- attron(COLOR_PAIR(dir == FLOW_DIR_SRC ? 1 : 2));
+ attron(dir == FLOW_DIR_SRC ? src_color : dst_color);
printw(" %-*.*s", 50, 50, SELFLD(dir, rev_dns_src, rev_dns_dst));
- attroff(COLOR_PAIR(dir == FLOW_DIR_SRC ? 1 : 2));
+ attroff(dir == FLOW_DIR_SRC ? src_color : dst_color);
/* Application port */
port = SELFLD(dir, port_src, port_dst);
@@ -955,15 +955,15 @@ static void draw_flow_entry(WINDOW *scr, const struct
flow_entry *n, int line)
mvwprintw(scr, line, 0, "");
/* Application */
- attron(COLOR_PAIR(3));
+ COLOR_ON(YELLOW, BLACK);
printw("%-*.*s", 10, 10, n->procname);
- attroff(COLOR_PAIR(3));
+ COLOR_OFF(YELLOW, BLACK);
/* L4 protocol */
printw(" %-*.*s", 6, 6, l4proto2str[n->l4_proto]);
/* L4 protocol state */
- attron(COLOR_PAIR(3));
+ COLOR_ON(YELLOW, BLACK);
switch (n->l4_proto) {
case IPPROTO_TCP:
str = tcp_state2str[n->tcp_state];
@@ -982,7 +982,7 @@ static void draw_flow_entry(WINDOW *scr, const struct
flow_entry *n, int line)
break;
}
printw(" %-*.*s", 4, 4, str);
- attroff(COLOR_PAIR(3));
+ COLOR_OFF(YELLOW, BLACK);
/* Time */
printw(" %*.*s", 4, 4, time2str(n->timestamp_start, tmp, sizeof(tmp)));
@@ -1054,7 +1054,7 @@ static inline bool presenter_flow_wrong_state(struct
flow_entry *n)
static void draw_flows_header(WINDOW *scr, int line)
{
- attron(COLOR_PAIR(5));
+ COLOR_ON(BLACK, GREEN);
mvwprintw(scr, line, 0, "%-*.*s", cols, cols, "");
mvwprintw(scr, line, 0, "");
@@ -1069,7 +1069,7 @@ static void draw_flows_header(WINDOW *scr, int line)
wprintw(scr, " %*.*s", 10, 10, "BYTES");
wprintw(scr, " %*.*s", 10, 10, "RATE");
- attroff(COLOR_PAIR(5));
+ COLOR_OFF(BLACK, GREEN);
}
static void draw_flows(WINDOW *screen, struct flow_list *fl,
@@ -1249,11 +1249,11 @@ static void presenter(void)
screen = screen_init(false);
start_color();
- init_pair(1, COLOR_RED, COLOR_BLACK);
- init_pair(2, COLOR_BLUE, COLOR_BLACK);
- init_pair(3, COLOR_YELLOW, COLOR_BLACK);
- init_pair(4, COLOR_GREEN, COLOR_BLACK);
- init_pair(5, COLOR_BLACK, COLOR_GREEN);
+ INIT_COLOR(RED, BLACK);
+ INIT_COLOR(BLUE, BLACK);
+ INIT_COLOR(YELLOW, BLACK);
+ INIT_COLOR(GREEN, BLACK);
+ INIT_COLOR(BLACK, GREEN);
rcu_register_thread();
while (!sigint) {
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 3/5] flowtop: Add display option to show src info
Add 's' key option to toggle source peer info at runtime,
behaviour is the same like for '-s' command line option.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 20 +++-
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 8201321..a810919 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -784,10 +784,8 @@ static void flow_entry_get_extended(struct flow_entry *n)
if (n->flow_id == 0)
return;
- if (show_src) {
- flow_entry_get_extended_revdns(n, FLOW_DIR_SRC);
- flow_entry_get_extended_geo(n, FLOW_DIR_SRC);
- }
+ flow_entry_get_extended_revdns(n, FLOW_DIR_SRC);
+ flow_entry_get_extended_geo(n, FLOW_DIR_SRC);
flow_entry_get_extended_revdns(n, FLOW_DIR_DST);
flow_entry_get_extended_geo(n, FLOW_DIR_DST);
@@ -1181,12 +1179,13 @@ static void draw_help(WINDOW *screen)
mvaddnstr(row + 11, col + 3, "b Toggle rate units (bits/bytes)",
-1);
mvaddnstr(row + 12, col + 3, "a Toggle display of active flows
(rate > 0) only", -1);
+ mvaddnstr(row + 13, col + 3, "s Toggle show source peer info", -1);
- mvaddnstr(row + 14, col + 3, "T Toggle display TCP flows", -1);
- mvaddnstr(row + 15, col + 3, "U Toggle display UDP flows", -1);
- mvaddnstr(row + 16, col + 3, "D Toggle display DCCP flows", -1);
- mvaddnstr(row + 17, col + 3, "I Toggle display ICMP flows", -1);
- mvaddnstr(row + 18, col + 3, "S Toggle display SCTP flows", -1);
+ mvaddnstr(row + 15, col + 3, "T Toggle display TCP flows", -1);
+ mvaddnstr(row + 16, col + 3, "U Toggle display UDP flows", -1);
+ mvaddnstr(row + 17, col + 3, "D Toggle display DCCP flows", -1);
+ mvaddnstr(row + 18, col + 3, "I Toggle display ICMP flows", -1);
+ mvaddnstr(row + 19, col + 3, "S Toggle display SCTP flows", -1);
}
static void draw_header(WINDOW *screen)
@@ -1292,6 +1291,9 @@ static void presenter(void)
case 'a':
show_active_only = !show_active_only;
break;
+ case 's':
+ show_src = !show_src;
+ break;
case '?':
show_help = !show_help;
wclear(screen);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
On Fri, Feb 26, 2016 at 10:58 AM, Tobias Klauser <tklau...@distanz.ch> wrote: > On 2016-02-25 at 17:35:56 +0100, Vadim Kochan <vadi...@gmail.com> wrote: >> On Sat, Feb 20, 2016 at 8:47 PM, Vadim Kochan <vadi...@gmail.com> wrote: >> > On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann <borkm...@iogearbox.net> >> > wrote: >> >> Hi Vadim, >> >> >> >> thanks for looking into this, appreciate it! >> >> >> >> On 02/20/2016 03:28 PM, Vadim Kochan wrote: >> >>> >> >>> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan <vadi...@gmail.com> wrote: >> >>>> >> >>>> Hi, >> >>>> >> >>>> I tried to come up with visual separating of printed flows as currently >> >>>> its not easy to identify separate flow entry, so I did some changes and >> >>>> I am not sure if it looks good so I atached the screenshot. >> >>>> >> >>>> Regards, >> >>> >> >>> >> >>> I attached another version of odd & even flows entries style, here I >> >>> used cyan & white colors and it seem looks >> >>> better as here is no such contrast like in case with black & white >> >>> background colors (like in previous example), >> >>> also here 'country' color changed to magenta as it looks better on >> >>> white & cyan background colors. >> >> >> >> >> >> Not particularly a fan of these background colors, but I understand >> >> you'd like to improve usability on this. How about making flowtop >> >> look and navigation more like top or htop? Perhaps some of this info >> >> can be collapsed? > > Fully agree with Daniel, I'm not a big fan of too much background color > (or even color in general) in TUI interfaces either. I'd certainly > prefer if you'd go for a top/htop like interface in that case. > >> >> >> >> Thanks, >> >> Daniel >> > >> > Well, if to follow these *top-like tools then we need to print less >> > info. Curently we print: >> > >> > 1) process name >> > 2) flow state >> > 3) application proto name >> > 4) duration time >> > 5) src/dst hostname >> > 6) geo info >> > 7) pkts/bytes stats (counters & rate) > > top/htop allow you to select the columns to display. We could define a > sensible set of default columns (or even add additional ones in case we > detect a wide enough window) and then let the user add/remove other > columns. > >> > >> > We can have 2 modes for flows visualization: >> > >> > 1) Short mode (1 row per entry) (default): >> > a) process name >> > b) flow state (but with shortest names) >> > c) application proto name >> > d) src/dst info hostnames (or only dst with country if it feets) >> > e) mixed stats >> > >> > 2) Extended mode, like in current implementation >> > (but maybe be changed to color scheme which I sent in previous >> > example). > > I don't think it's necessary to have 2 modes if we go for selectable > columns. > >> > Also there might be hot-keys to >> > 1) expand 1-row entry into 3-row mode >> > 2) switch between 1- & 3- row mode for all entries. > > In case the user's window isn't wide enough to hold all columns, this > would be a nice option to display additional information. > > Cheers > Tobias Thanks, I will consider your comments, I will update you with screen shots (if you'd like) before sending patches if I will come up with something useful for the next release. Regards, -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH v2 0/4] trafgen: Add MPLS header creating
Thanks! So icmpv4 will appear in next version, I have patches but need to rebase them. On Tue, Feb 23, 2016 at 2:32 PM, Tobias Klauser <tklau...@distanz.ch> wrote: > On 2016-02-08 at 07:01:50 +0100, Vadim Kochan <vadi...@gmail.com> wrote: >> Add 'mpls()' function to create MPLS header with fields: >> >> Label, TClass, Bottom-Stack, TTL >> >> By default EtherType is set to MPLS Unicast (0x8847). >> Added man changes as well. By default bottom-stack (S-flag) is >> set to 1 but resets to 0 after the lower MPLS was added. As future >> extensions for 'mpls()' function might be: >> >> 1) Allow to mark MPLS header as multicast via setting EtherType to >> 0x8848 like: >> >> mpls(mc) or mpls(mcast) >> >> 2) Add parameters for specific label values: >> >> mpls(alert) >> >> Also fixed issue with incorrect field bit-masking which uses only >> OR to merge specified & original value which does not allow >> to set 0 value, now the original value is AND-ed with reversed field mask, so >> the required bits are reset to 0s in original value and then OR-ed with >> specified value. The problem actually apperead while setting S-flag to 0 >> when the lower MPLS header was added. >> >> Small additional fixes in trafgen.8 file like: >> >> 1) Changed ip -> ipv4 in UDP Echo example >> >> 2) Add line break for VLAN section in sentence about EtherType. >> >> v2: >> Add 'exp' parameter which is the same as 'tc|tclass'. >> >> Vadim Kochan (4): >> trafgen: proto: Fix bad field masking >> trafgen: l2: Add MPLS header generation >> trafgen: parser: Add syntax for MPLS header creating >> trafgen: man: Add description for 'mpls()' function > > Sorry for the delay, the series is now applied. Thanks Vadim! > > Please note that I'd like to close the tree for new features today and > I'll only take bug fixes (and small non-intrusive fixes Daniel or I deem > safe for inclusion) for the next release. The release of v0.6.1 is > planned in about two weeks. I'll also send an official message about the > tree being closed to the mailing list, as previously discussed :) > > Thanks -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann <borkm...@iogearbox.net> wrote: > Hi Vadim, > > thanks for looking into this, appreciate it! > > On 02/20/2016 03:28 PM, Vadim Kochan wrote: >> >> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan <vadi...@gmail.com> wrote: >>> >>> Hi, >>> >>> I tried to come up with visual separating of printed flows as currently >>> its not easy to identify separate flow entry, so I did some changes and >>> I am not sure if it looks good so I atached the screenshot. >>> >>> Regards, >> >> >> I attached another version of odd & even flows entries style, here I >> used cyan & white colors and it seem looks >> better as here is no such contrast like in case with black & white >> background colors (like in previous example), >> also here 'country' color changed to magenta as it looks better on >> white & cyan background colors. > > > Not particularly a fan of these background colors, but I understand > you'd like to improve usability on this. How about making flowtop > look and navigation more like top or htop? Perhaps some of this info > can be collapsed? > > Thanks, > Daniel Well, if to follow these *top-like tools then we need to print less info. Curently we print: 1) process name 2) flow state 3) application proto name 4) duration time 5) src/dst hostname 6) geo info 7) pkts/bytes stats (counters & rate) We can have 2 modes for flows visualization: 1) Short mode (1 row per entry) (default): a) process name b) flow state (but with shortest names) c) application proto name d) src/dst info hostnames (or only dst with country if it feets) e) mixed stats 2) Extended mode, like in current implementation (but maybe be changed to color scheme which I sent in previous example). Also there might be hot-keys to 1) expand 1-row entry into 3-row mode 2) switch between 1- & 3- row mode for all entries. What do you think ? -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan <vadi...@gmail.com> wrote: > Hi, > > I tried to come up with visual separating of printed flows as currently > its not easy to identify separate flow entry, so I did some changes and > I am not sure if it looks good so I atached the screenshot. > > Regards, I attached another version of odd & even flows entries style, here I used cyan & white colors and it seem looks better as here is no such contrast like in case with black & white background colors (like in previous example), also here 'country' color changed to magenta as it looks better on white & cyan background colors. Actually if you will like it, then 2nd step is to make good alignment formatting of fields. Regards, -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] netsniff-ng output file name by date
Simply because netsniff-ng does not support custom date-time format for pcap file name. But as I said we can extend it in the similar way like tcpdump does. On Fri, Feb 19, 2016 at 8:56 AM, and <andri...@gmail.com> wrote: > Sorry, I am beginner, so i am not sure about how to use "strftime". > One strange thing, i can't understand: for tcpdump works comand I early > wrote and it gives results that i expect: > > tcpdump -i ethx -w /destination/tcpd_'%Y%m%d_%H%M'.pcap -n -G 3600 > > (enough to use quotes) But for netsniff-ng that doesn't work and I can't get > why? > > 2016 m. vasaris 19 d., penktadienis 01:36:41 UTC+2, Vadim Kochan rašė: >> >> Hm, well we can do similary like tcpdump does - try to strftime output >> pcap file name if -F is specified. >> >> Lets see what Tobias or Daniel may suggest. >> >> Regards, >> Vadim Kochan >> >> On Thu, Feb 18, 2016 at 10:51 PM, and <andr...@gmail.com> wrote: >> > Yes, sort of that: i need that every pcap file get name, which should >> > consist from date and time, when that file created. >> > For example, with comand: >> > netsniff-ng -i ethx -o /destination/"$(date +'%Y%m%d_%H%M')".pcap -s -F >> > 1hrs >> > >> > I expect to get (hourly) multiple files like: >> > >> > /destination/20160218_2015.pcap >> > /destination/20160218_2115.pcap >> > /destination/20160218_2215.pcap >> > ... >> > >> > But i don't :( >> > >> > 2016 m. vasaris 18 d., ketvirtadienis 16:49:04 UTC+2, Vadim Kochan rašė: >> >> >> >> On Thu, Feb 18, 2016 at 2:13 PM, Andrius X <andr...@gmail.com> wrote: >> >> > Thank you for fast respond. >> >> > Sorry, I experimented a lot, but posted just part of information. >> >> > >> >> > Explanations: >> >> > My goal is capture "endless" traffic and save it to pcaps. As it is >> >> > endless >> >> > traffic, I want to have multiple pcaps (for example, minutely or >> >> > hourly >> >> > saved). >> >> > >> >> > Yes you right "$(date +'%Y%m%d_%H%M')" works, however netsniff with >> >> > it >> >> > don't >> >> > create multiple files with -F: >> >> > >> >> > sudo netsniff-ng -i ethx -o /destination/"$(date >> >> > +'%Y%m%d_%H%M')".pcap >> >> > -s -F >> >> > 10s >> >> > >> >> > just one file, or multiple files (with prefix option) but without >> >> > changing time variable: >> >> > >> >> > sudo netsniff-ng -i ethx -o /destination/ -P "$(date >> >> > +'%Y%m%d_%H%M')"_ >> >> > -s -F >> >> > 10s >> >> > >> >> > >> >> > >> >> > >> >> > For tcpdump works: >> >> > tcpdump -i ethx -w /destination/tcpd_'%Y%m%d_%H%M'.pcap -n -G 3600 >> >> > >> >> > >> >> > >> >> > 2016 m. vasaris 18 d., ketvirtadienis 12:58:10 UTC+2, Vadim Kochan >> >> > rašė: >> >> >> >> >> >> Hi, >> >> >> >> >> >> On Wed, Feb 17, 2016 at 9:55 AM, <andr...@gmail.com> wrote: >> >> >> > Hi everyone, >> >> >> > >> >> >> > I have a questions about netsniff-ng and maybe you could help me: >> >> >> > is there any possibility to format output file name by date & >> >> >> > time? >> >> >> > >> >> >> > I tried, but didn't work: >> >> >> > >> >> >> > netsniff-ng -i ethx -o /destination/"$(date +'%Y%m%d_%H%M')".pcap >> >> >> > >> >> >> > (I use netsniff-ng 0.5.7) >> >> >> > >> >> >> > PS. for tcpdump it works. >> >> >> > >> >> >> > Thanks. >> >> >> > >> >> >> > Best regards, >> >> >> > and >> >> >> > >> >> >> > -- >> >> >> > You received this message because you are subscribed to the Google >> >> >> > Groups "netsniff-ng" group. >> >> >> > To unsubscribe from this group and stop receiving emails from it, >> >> >> > send >&g
[netsniff-ng] [PATCH v2 3/4] trafgen: parser: Add syntax for MPLS header creating
Add 'mpls()' function for creating MPLS header with parameters:
lbl|label MPLS label
lastIndicates the last label on MPLS stack
tc|tclass|exp Traffic Class (TC)
ttl TTL (Time To Live)
Currently only unicast MPLS is supported, but multicast might be set
via 'eth()' function.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 7 +++
trafgen_parser.y | 34 +-
2 files changed, 40 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index e1d1a3f..3c624f8 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -120,6 +120,12 @@ ip4_addr ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"1ad" { return K_1AD; }
"1q" { return K_1Q; }
+ /* MPLS (Multi Protocol Label Switching) */
+"lbl"|"label" { return K_LABEL; }
+"last" { return K_LAST; }
+"tc"|"tclass" { return K_TC; }
+"exp" { return K_EXP; }
+
/* ARP */
"sha"|"smac" { return K_SHA; }
"spa"|"sip"{ return K_SPA; }
@@ -167,6 +173,7 @@ ip4_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"eth" { return K_ETH; }
"vlan" { return K_VLAN; }
+"mpls" { return K_MPLS; }
"arp" { return K_ARP; }
"ip4"|"ipv4" { return K_IP4; }
"udp" { return K_UDP; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 655b0ba..0b1c0fb 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -356,9 +356,10 @@ static void proto_add(enum proto_id pid)
%token K_SPORT K_DPORT
%token K_SEQ K_ACK_SEQ K_DOFF K_CWR K_ECE K_URG K_ACK K_PSH K_RST K_SYN K_FIN
K_WINDOW K_URG_PTR
%token K_TPID K_TCI K_PCP K_DEI K_1Q K_1AD
+%token K_LABEL K_TC K_LAST K_EXP
%token K_ETH
-%token K_VLAN
+%token K_VLAN K_MPLS
%token K_ARP
%token K_IP4
%token K_UDP K_TCP
@@ -583,6 +584,7 @@ ddec
proto
: eth_proto { }
| vlan_proto { }
+ | mpls_proto { }
| arp_proto { }
| ip4_proto { }
| udp_proto { }
@@ -653,6 +655,36 @@ vlan_field
{ proto_field_set_be16(hdr, VLAN_VID, $5); }
;
+mpls_proto
+ : mpls '(' mpls_param_list ')' { }
+ ;
+
+mpls
+ : K_MPLS { proto_add(PROTO_MPLS); }
+ ;
+
+mpls_param_list
+ : { }
+ | mpls_field { }
+ | mpls_field delimiter mpls_param_list { }
+ ;
+
+mpls_tc
+ : K_TC { }
+ | K_EXP { }
+ ;
+
+mpls_field
+ : K_LABEL skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_LABEL, $5); }
+ | mpls_tc skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_TC, $5); }
+ | K_LAST skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_LAST, $5); }
+ | K_TTL skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_TTL, $5); }
+ ;
+
arp_proto
: arp '(' arp_param_list ')' { }
;
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 1/4] trafgen: proto: Fix bad field masking
Current logic does OR of existing field value & shift-masked
specified value, which is not enough as 0s bits from
the specified value will be not set (be cause of OR),
so fixed it by reseting original field value by AND with
reverted field mask, in otherwords - bits part of original field
value is reset to 0s and only after OR-ed with specified shift-masked
value.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_proto.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/trafgen_proto.c b/trafgen_proto.c
index efa8fce..214547e 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -182,7 +182,9 @@ static void __proto_field_set_bytes(struct proto_hdr *hdr,
uint32_t fid,
uint8_t *bytes, bool is_default, bool is_be)
{
struct proto_field *field;
- uint8_t *payload;
+ uint8_t *payload, *p8;
+ uint16_t *p16;
+ uint32_t *p32;
uint32_t v32;
uint16_t v16;
uint8_t v8;
@@ -195,18 +197,32 @@ static void __proto_field_set_bytes(struct proto_hdr
*hdr, uint32_t fid,
payload = _packet()->payload[field->pkt_offset];
if (field->len == 1) {
+ p8 = payload;
+ *p8 = field->mask ? *p8 & ~field->mask : *p8;
+
v8 = field_shift_and_mask(field, *bytes);
- v8 = field->mask ? (v8 | *payload) : v8;
+ v8 = field->mask ? (v8 | *p8) : v8;
+
bytes =
} else if (field->len == 2) {
+ p16 = (uint16_t *)payload;
+ *p16 = be16_to_cpu(*p16);
+ *p16 = cpu_to_be16(field->mask ? *p16 & ~field->mask : *p16);
+
v16 = field_shift_and_mask(field, *(uint16_t *)bytes);
v16 = is_be ? cpu_to_be16(v16) : v16;
- v16 = field->mask ? (v16 | *(uint16_t *)payload) : v16;
+ v16 = field->mask ? (v16 | *p16) : v16;
+
bytes = (uint8_t *)
} else if (field->len == 4) {
+ p32 = (uint32_t *)payload;
+ *p32 = be32_to_cpu(*p32);
+ *p32 = cpu_to_be32(field->mask ? *p32 & ~field->mask : *p32);
+
v32 = field_shift_and_mask(field, *(uint32_t *)bytes);
v32 = is_be ? cpu_to_be32(v32) : v32;
- v32 = field->mask ? (v32 | *(uint32_t *)payload) : v32;
+ v32 = field->mask ? (v32 | *p32) : v32;
+
bytes = (uint8_t *)
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 3/4] trafgen: parser: Add syntax for MPLS header creating
Add 'mpls()' function for creating MPLS header with parameters:
lbl|label MPLS label
lastIndicates the last label on MPLS stack
tc|tclass Traffic Class
ttl TTL (Time To Live)
Currently only unicast MPLS is supported, but multicast might be set
via 'eth()' function.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 6 ++
trafgen_parser.y | 29 -
2 files changed, 34 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index e1d1a3f..58c96f7 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -120,6 +120,11 @@ ip4_addr ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"1ad" { return K_1AD; }
"1q" { return K_1Q; }
+ /* MPLS (Multi Protocol Label Switching) */
+"lbl"|"label" { return K_LABEL; }
+"last" { return K_LAST; }
+"tc"|"tclass" { return K_TC; }
+
/* ARP */
"sha"|"smac" { return K_SHA; }
"spa"|"sip"{ return K_SPA; }
@@ -167,6 +172,7 @@ ip4_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"eth" { return K_ETH; }
"vlan" { return K_VLAN; }
+"mpls" { return K_MPLS; }
"arp" { return K_ARP; }
"ip4"|"ipv4" { return K_IP4; }
"udp" { return K_UDP; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 655b0ba..5c11297 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -356,9 +356,10 @@ static void proto_add(enum proto_id pid)
%token K_SPORT K_DPORT
%token K_SEQ K_ACK_SEQ K_DOFF K_CWR K_ECE K_URG K_ACK K_PSH K_RST K_SYN K_FIN
K_WINDOW K_URG_PTR
%token K_TPID K_TCI K_PCP K_DEI K_1Q K_1AD
+%token K_LABEL K_TC K_LAST
%token K_ETH
-%token K_VLAN
+%token K_VLAN K_MPLS
%token K_ARP
%token K_IP4
%token K_UDP K_TCP
@@ -583,6 +584,7 @@ ddec
proto
: eth_proto { }
| vlan_proto { }
+ | mpls_proto { }
| arp_proto { }
| ip4_proto { }
| udp_proto { }
@@ -653,6 +655,31 @@ vlan_field
{ proto_field_set_be16(hdr, VLAN_VID, $5); }
;
+mpls_proto
+ : mpls '(' mpls_param_list ')' { }
+ ;
+
+mpls
+ : K_MPLS { proto_add(PROTO_MPLS); }
+ ;
+
+mpls_param_list
+ : { }
+ | mpls_field { }
+ | mpls_field delimiter mpls_param_list { }
+ ;
+
+mpls_field
+ : K_LABEL skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_LABEL, $5); }
+ | K_TC skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_TC, $5); }
+ | K_LAST skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_LAST, $5); }
+ | K_TTL skip_white '=' skip_white number
+ { proto_field_set_be32(hdr, MPLS_TTL, $5); }
+ ;
+
arp_proto
: arp '(' arp_param_list ')' { }
;
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 4/4] trafgen: man: Add description for 'mpls()' function
Add syntax & fields description for 'mpls()' function,
also:
1) add line break for VLAN header notes
2) fixed ip -> ipv4 in UDP echo example
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.8 | 29 +++--
1 file changed, 27 insertions(+), 2 deletions(-)
diff --git a/trafgen.8 b/trafgen.8
index 4a91d1f..ebb5beb 100644
--- a/trafgen.8
+++ b/trafgen.8
@@ -334,8 +334,33 @@ Supported protocol headers:
- Set 802.1ad header (TPID: 0x88a8)
.sp
.in -4
-By default, if the lower level header is Ethernet, its Ethertype is set to
+By default, if the lower level header is Ethernet, its EtherType is set to
0x8100 (802.1q).
+.sp
+
+.I MPLS
+:
+.B mpls(label=, tc=, last=, ttl=)
+.sp
+.in +4
+.B label|lbl
+- MPLS label value (default: 0)
+.sp
+.B tclass|tc
+- Traffic Class for QoS field (default: 0)
+.sp
+.B last
+- Bottom of stack S-flag (default: 1 for most last label)
+.sp
+.B ttl
+- Time To Live (TTL) (default: 0)
+.sp
+.in -4
+By default, if the lower level header is Ethernet, its EtherType is set to
+0x8847 (MPLS Unicast). S-flag is set automatically to 1 for the last label and
+resets to 0 if the lower MPLS label was added after.
+.sp
+
.I ARP
:
.B arp(htype=, ptype=, op=<request|reply|number>, request,
@@ -521,7 +546,7 @@ Simple example of a UDP Echo packet:
.in +5
{
eth(da=11:22:33:44:55:66),
- ip(daddr=1.2.3.4)
+ ipv4(daddr=1.2.3.4)
udp(dp=7),
"Hello world"
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 2/4] trafgen: l2: Add MPLS header generation
Add support for MPLS header creating with fields:
Label, TClass, Bottom-Stack, TTL
By default S-field is set to 1 (last label), but resets to 0
if lower MPLS header is added.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l2.c| 32
trafgen_l2.h| 7 +++
trafgen_proto.h | 1 +
3 files changed, 40 insertions(+)
diff --git a/trafgen_l2.c b/trafgen_l2.c
index a7387b8..fd2ebf1 100644
--- a/trafgen_l2.c
+++ b/trafgen_l2.c
@@ -28,6 +28,8 @@ static uint16_t pid_to_eth(enum proto_id pid)
return ETH_P_IPV6;
case PROTO_VLAN:
return ETH_P_8021Q;
+ case PROTO_MPLS:
+ return ETH_P_MPLS_UC;
default:
panic("eth: Not supported protocol id %u\n", pid);
}
@@ -94,6 +96,35 @@ static struct proto_hdr vlan_hdr = {
.set_next_proto = vlan_set_next_proto,
};
+static struct proto_field mpls_fields[] = {
+ { .id = MPLS_LABEL, .len = 4, .shift = 12, .mask = 0xf000 },
+ { .id = MPLS_TC,.len = 4, .shift = 9, .mask = 0xe00 },
+ { .id = MPLS_LAST, .len = 4, .shift = 8, .mask = 0x100 },
+ { .id = MPLS_TTL, .len = 4, .shift = 0, .mask = 0xff },
+};
+
+static void mpls_header_init(struct proto_hdr *hdr)
+{
+ proto_lower_default_add(hdr, PROTO_ETH);
+
+ proto_header_fields_add(hdr, mpls_fields, array_size(mpls_fields));
+
+ proto_field_set_default_be32(hdr, MPLS_LAST, 1);
+}
+
+static void mpls_set_next_proto(struct proto_hdr *hdr, enum proto_id pid)
+{
+ if (pid == PROTO_MPLS)
+ proto_field_set_default_be32(hdr, MPLS_LAST, 0);
+}
+
+static struct proto_hdr mpls_hdr = {
+ .id = PROTO_MPLS,
+ .layer = PROTO_L2,
+ .header_init= mpls_header_init,
+ .set_next_proto = mpls_set_next_proto,
+};
+
static struct proto_field arp_fields[] = {
{ .id = ARP_HTYPE, .len = 2 },
{ .id = ARP_PTYPE, .len = 2, .offset = 2 },
@@ -141,5 +172,6 @@ void protos_l2_init(void)
{
proto_header_register(_hdr);
proto_header_register(_hdr);
+ proto_header_register(_hdr);
proto_header_register(_hdr);
}
diff --git a/trafgen_l2.h b/trafgen_l2.h
index 9beb2aa..14f0e84 100644
--- a/trafgen_l2.h
+++ b/trafgen_l2.h
@@ -28,6 +28,13 @@ enum vlan_field {
VLAN_ETYPE,
};
+enum mpls_field {
+ MPLS_LABEL,
+ MPLS_TC,
+ MPLS_LAST,
+ MPLS_TTL,
+};
+
extern void protos_l2_init(void);
#endif /* TRAFGEN_L2_H */
diff --git a/trafgen_proto.h b/trafgen_proto.h
index 10ded79..0878a86 100644
--- a/trafgen_proto.h
+++ b/trafgen_proto.h
@@ -13,6 +13,7 @@ enum proto_id {
PROTO_NONE,
PROTO_ETH,
PROTO_VLAN,
+ PROTO_MPLS,
PROTO_ARP,
PROTO_IP4,
PROTO_IP6,
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 1/4] trafgen: proto: Fix bad field masking
Current logic does OR of existing field value & shift-masked
specified value, which is not enough as 0s bits from
the specified value will be not set (be cause of OR),
so fixed it by reseting original field value by AND with
reverted field mask, in otherwords - bits part of original field
value is reset to 0s and only after OR-ed with specified shift-masked
value.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_proto.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/trafgen_proto.c b/trafgen_proto.c
index efa8fce..214547e 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -182,7 +182,9 @@ static void __proto_field_set_bytes(struct proto_hdr *hdr,
uint32_t fid,
uint8_t *bytes, bool is_default, bool is_be)
{
struct proto_field *field;
- uint8_t *payload;
+ uint8_t *payload, *p8;
+ uint16_t *p16;
+ uint32_t *p32;
uint32_t v32;
uint16_t v16;
uint8_t v8;
@@ -195,18 +197,32 @@ static void __proto_field_set_bytes(struct proto_hdr
*hdr, uint32_t fid,
payload = _packet()->payload[field->pkt_offset];
if (field->len == 1) {
+ p8 = payload;
+ *p8 = field->mask ? *p8 & ~field->mask : *p8;
+
v8 = field_shift_and_mask(field, *bytes);
- v8 = field->mask ? (v8 | *payload) : v8;
+ v8 = field->mask ? (v8 | *p8) : v8;
+
bytes =
} else if (field->len == 2) {
+ p16 = (uint16_t *)payload;
+ *p16 = be16_to_cpu(*p16);
+ *p16 = cpu_to_be16(field->mask ? *p16 & ~field->mask : *p16);
+
v16 = field_shift_and_mask(field, *(uint16_t *)bytes);
v16 = is_be ? cpu_to_be16(v16) : v16;
- v16 = field->mask ? (v16 | *(uint16_t *)payload) : v16;
+ v16 = field->mask ? (v16 | *p16) : v16;
+
bytes = (uint8_t *)
} else if (field->len == 4) {
+ p32 = (uint32_t *)payload;
+ *p32 = be32_to_cpu(*p32);
+ *p32 = cpu_to_be32(field->mask ? *p32 & ~field->mask : *p32);
+
v32 = field_shift_and_mask(field, *(uint32_t *)bytes);
v32 = is_be ? cpu_to_be32(v32) : v32;
- v32 = field->mask ? (v32 | *(uint32_t *)payload) : v32;
+ v32 = field->mask ? (v32 | *p32) : v32;
+
bytes = (uint8_t *)
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 0/4] trafgen: Add MPLS header creating
Add 'mpls()' function to create MPLS header with fields: Label, TClass, Bottom-Stack, TTL By default EtherType is set to MPLS Unicast (0x8847). Added man changes as well. By default bottom-stack (S-flag) is set to 1 but resets to 0 after the lower MPLS was added. As future extensions for 'mpls()' function might be: 1) Allow to mark MPLS header as multicast via setting EtherType to 0x8848 like: mpls(mc) or mpls(mcast) 2) Add parameters for specific label values: mpls(alert) Also fixed issue with incorrect field bit-masking which uses only OR to merge specified & original value which does not allow to set 0 value, now the original value is AND-ed with reversed field mask, so the required bits are reset to 0s in original value and then OR-ed with specified value. The problem actually apperead while setting S-flag to 0 when the lower MPLS header was added. Small additional fixes in trafgen.8 file like: 1) Changed ip -> ipv4 in UDP Echo example 2) Add line break for VLAN section in sentence about EtherType. Vadim Kochan (4): trafgen: proto: Fix bad field masking trafgen: l2: Add MPLS header generation trafgen: parser: Add syntax for MPLS header creating trafgen: man: Add description for 'mpls()' function trafgen.8| 29 +++-- trafgen_l2.c | 32 trafgen_l2.h | 7 +++ trafgen_lexer.l | 6 ++ trafgen_parser.y | 29 - trafgen_proto.c | 24 trafgen_proto.h | 1 + 7 files changed, 121 insertions(+), 7 deletions(-) -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 3/7] trafgen: eth: Add setting next protocol id
Move setting next protocol id field from higher protocols (ARP, IPv4)
to Ethernet. It makes code little more generic w/o checking each lower
protocol and setting specific field id.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l2.c | 24 +++-
trafgen_l3.c | 4 +---
2 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/trafgen_l2.c b/trafgen_l2.c
index 529dc36..c0e92a3 100644
--- a/trafgen_l2.c
+++ b/trafgen_l2.c
@@ -6,6 +6,7 @@
#include
#include
+#include "die.h"
#include "built_in.h"
#include "trafgen_l2.h"
#include "trafgen_proto.h"
@@ -16,6 +17,27 @@ static struct proto_field eth_fields[] = {
{ .id = ETH_TYPE, .len = 2, .offset = 12 },
};
+static void eth_set_next_proto(struct proto_hdr *hdr, enum proto_id pid)
+{
+ uint16_t eth_type;
+
+ switch(pid) {
+ case PROTO_ARP:
+ eth_type = ETH_P_ARP;
+ break;
+ case PROTO_IP4:
+ eth_type = ETH_P_IP;
+ break;
+ case PROTO_IP6:
+ eth_type = ETH_P_IPV6;
+ break;
+ default:
+ panic("eth: Not supported protocol id %u\n", pid);
+ }
+
+ proto_field_set_default_be16(hdr, ETH_TYPE, eth_type);
+}
+
static void eth_header_init(struct proto_hdr *hdr)
{
proto_header_fields_add(hdr, eth_fields, array_size(eth_fields));
@@ -27,6 +49,7 @@ static struct proto_hdr eth_hdr = {
.id = PROTO_ETH,
.layer = PROTO_L2,
.header_init= eth_header_init,
+ .set_next_proto = eth_set_next_proto,
};
static struct proto_field arp_fields[] = {
@@ -51,7 +74,6 @@ static void arp_header_init(struct proto_hdr *hdr)
uint8_t bcast[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
proto_field_set_default_bytes(lower, ETH_DST_ADDR, bcast);
- proto_field_set_default_be16(lower, ETH_TYPE, ETH_P_ARP);
}
proto_header_fields_add(hdr, arp_fields, array_size(arp_fields));
diff --git a/trafgen_l3.c b/trafgen_l3.c
index 9e5126a..58eaa01 100644
--- a/trafgen_l3.c
+++ b/trafgen_l3.c
@@ -37,9 +37,7 @@ static void ipv4_header_init(struct proto_hdr *hdr)
lower = proto_lower_default_add(hdr, PROTO_ETH);
- if (lower->id == PROTO_ETH)
- proto_field_set_default_be16(lower, ETH_TYPE, ETH_P_IP);
- else if (lower->id == PROTO_IP4)
+ if (lower->id == PROTO_IP4)
proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_IPIP);
proto_header_fields_add(hdr, ipv4_fields, array_size(ipv4_fields));
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 2/7] trafgen: proto: Add set_next_proto callback to struct proto_hdr
Add set_next_proto callback to proto_hdr struct to allow lower
protocol set next protocol id by enum proto_id.
Extended proto_lower_default_add(...) function to take upper protocol
to delegate it's id to lower protocol to set next protocol field.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l2.c| 2 +-
trafgen_l3.c| 2 +-
trafgen_l4.c| 2 +-
trafgen_proto.c | 19 ++-
trafgen_proto.h | 4 +++-
5 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/trafgen_l2.c b/trafgen_l2.c
index 5600c24..529dc36 100644
--- a/trafgen_l2.c
+++ b/trafgen_l2.c
@@ -45,7 +45,7 @@ static void arp_header_init(struct proto_hdr *hdr)
{
struct proto_hdr *lower;
- lower = proto_lower_default_add(PROTO_ETH);
+ lower = proto_lower_default_add(hdr, PROTO_ETH);
if (lower->id == PROTO_ETH) {
uint8_t bcast[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
diff --git a/trafgen_l3.c b/trafgen_l3.c
index 5e47a36..9e5126a 100644
--- a/trafgen_l3.c
+++ b/trafgen_l3.c
@@ -35,7 +35,7 @@ static void ipv4_header_init(struct proto_hdr *hdr)
{
struct proto_hdr *lower;
- lower = proto_lower_default_add(PROTO_ETH);
+ lower = proto_lower_default_add(hdr, PROTO_ETH);
if (lower->id == PROTO_ETH)
proto_field_set_default_be16(lower, ETH_TYPE, ETH_P_IP);
diff --git a/trafgen_l4.c b/trafgen_l4.c
index f3d8542..1505b43 100644
--- a/trafgen_l4.c
+++ b/trafgen_l4.c
@@ -45,7 +45,7 @@ static void udp_header_init(struct proto_hdr *hdr)
{
struct proto_hdr *lower;
- lower = proto_lower_default_add(PROTO_IP4);
+ lower = proto_lower_default_add(hdr, PROTO_IP4);
if (lower->id == PROTO_IP4)
proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_UDP);
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 37cbab6..c6b9e2e 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -155,18 +155,27 @@ void proto_header_finish(struct proto_hdr *hdr)
hdr->header_finish(hdr);
}
-struct proto_hdr *proto_lower_default_add(enum proto_id pid)
+struct proto_hdr *proto_lower_default_add(struct proto_hdr *hdr,
+ enum proto_id pid)
{
+ struct proto_hdr *current;
+
if (headers_count > 0) {
- struct proto_hdr *current = proto_current_header();
+ current = proto_current_header();
if (current->layer >= proto_header_by_id(pid)->layer)
- return current;
+ goto set_proto;
if (current->id == pid)
- return current;
+ goto set_proto;
}
- return proto_header_init(pid);
+ current = proto_header_init(pid);
+
+set_proto:
+ if (current->set_next_proto)
+ current->set_next_proto(current, hdr->id);
+
+ return current;
}
static void __proto_field_set_bytes(struct proto_hdr *hdr, uint32_t fid,
diff --git a/trafgen_proto.h b/trafgen_proto.h
index 2d74f4c..491e079 100644
--- a/trafgen_proto.h
+++ b/trafgen_proto.h
@@ -50,6 +50,7 @@ struct proto_hdr {
void (*header_init)(struct proto_hdr *hdr);
void (*header_finish)(struct proto_hdr *hdr);
void (*packet_finish)(struct proto_hdr *hdr);
+ void (*set_next_proto)(struct proto_hdr *hdr, enum proto_id pid);
};
extern void protos_init(const char *dev);
@@ -58,7 +59,8 @@ extern void proto_header_register(struct proto_hdr *hdr);
extern struct proto_hdr *proto_header_init(enum proto_id pid);
extern void proto_header_finish(struct proto_hdr *hdr);
extern void proto_packet_finish(void);
-extern struct proto_hdr *proto_lower_default_add(enum proto_id pid);
+extern struct proto_hdr *proto_lower_default_add(struct proto_hdr *hdr,
+enum proto_id pid);
extern struct proto_hdr *proto_current_header(void);
extern struct proto_hdr *proto_lower_header(struct proto_hdr *hdr);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 4/7] trafgen: ipv4: Add setting next protocol id
Move setting lower protocol id field value from UDP & TCP
protocols to IPv4 only, so lower layer will know exactly value
to set in protocol id field.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l3.c | 30 --
trafgen_l4.c | 16 ++--
2 files changed, 26 insertions(+), 20 deletions(-)
diff --git a/trafgen_l3.c b/trafgen_l3.c
index 58eaa01..0e923e0 100644
--- a/trafgen_l3.c
+++ b/trafgen_l3.c
@@ -5,6 +5,7 @@
#include
+#include "die.h"
#include "csum.h"
#include "built_in.h"
#include "trafgen_l2.h"
@@ -33,12 +34,7 @@ static struct proto_field ipv4_fields[] = {
static void ipv4_header_init(struct proto_hdr *hdr)
{
- struct proto_hdr *lower;
-
- lower = proto_lower_default_add(hdr, PROTO_ETH);
-
- if (lower->id == PROTO_IP4)
- proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_IPIP);
+ proto_lower_default_add(hdr, PROTO_ETH);
proto_header_fields_add(hdr, ipv4_fields, array_size(ipv4_fields));
@@ -65,11 +61,33 @@ static void ipv4_packet_finish(struct proto_hdr *hdr)
}
}
+static void ipv4_set_next_proto(struct proto_hdr *hdr, enum proto_id pid)
+{
+ uint8_t ip_proto;
+
+ switch(pid) {
+ case PROTO_IP4:
+ ip_proto = IPPROTO_IPIP;
+ break;
+ case PROTO_UDP:
+ ip_proto = IPPROTO_UDP;
+ break;
+ case PROTO_TCP:
+ ip_proto = IPPROTO_TCP;
+ break;
+ default:
+ panic("ipv4: Not supported protocol id %u\n", pid);
+ }
+
+ proto_field_set_default_u8(hdr, IP4_PROTO, ip_proto);
+}
+
static struct proto_hdr ipv4_hdr = {
.id = PROTO_IP4,
.layer = PROTO_L3,
.header_init= ipv4_header_init,
.packet_finish = ipv4_packet_finish,
+ .set_next_proto = ipv4_set_next_proto,
};
void protos_l3_init(void)
diff --git a/trafgen_l4.c b/trafgen_l4.c
index 1505b43..64aada4 100644
--- a/trafgen_l4.c
+++ b/trafgen_l4.c
@@ -43,12 +43,7 @@ static struct proto_field tcp_fields[] = {
static void udp_header_init(struct proto_hdr *hdr)
{
- struct proto_hdr *lower;
-
- lower = proto_lower_default_add(hdr, PROTO_IP4);
-
- if (lower->id == PROTO_IP4)
- proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_UDP);
+ proto_lower_default_add(hdr, PROTO_IP4);
proto_header_fields_add(hdr, udp_fields, array_size(udp_fields));
}
@@ -85,14 +80,7 @@ static struct proto_hdr udp_hdr = {
static void tcp_header_init(struct proto_hdr *hdr)
{
- struct proto_hdr *lower;
-
- proto_lower_default_add(PROTO_IP4);
-
- lower = proto_current_header();
-
- if (lower->id == PROTO_IP4)
- proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_TCP);
+ proto_lower_default_add(hdr, PROTO_IP4);
proto_header_fields_add(hdr, tcp_fields, array_size(tcp_fields));
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 1/7] trafgen: proto: Simplify getting lower protocol after init
Change proto_header_init(...) and proto_lower_default_add(...)
functions to return struct proto_hdr * to do not call
proto_current_header(...) after, so it makes more sense to get struct
proto_hdr * right after initializing protocol by id.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l2.c | 4 +---
trafgen_l3.c | 3 +--
trafgen_l4.c | 4 +---
trafgen_parser.y | 3 +--
trafgen_proto.c | 17 ++---
trafgen_proto.h | 4 ++--
6 files changed, 16 insertions(+), 19 deletions(-)
diff --git a/trafgen_l2.c b/trafgen_l2.c
index 60da411..5600c24 100644
--- a/trafgen_l2.c
+++ b/trafgen_l2.c
@@ -45,9 +45,7 @@ static void arp_header_init(struct proto_hdr *hdr)
{
struct proto_hdr *lower;
- proto_lower_default_add(PROTO_ETH);
-
- lower = proto_current_header();
+ lower = proto_lower_default_add(PROTO_ETH);
if (lower->id == PROTO_ETH) {
uint8_t bcast[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
diff --git a/trafgen_l3.c b/trafgen_l3.c
index 1771908..5e47a36 100644
--- a/trafgen_l3.c
+++ b/trafgen_l3.c
@@ -35,9 +35,8 @@ static void ipv4_header_init(struct proto_hdr *hdr)
{
struct proto_hdr *lower;
- proto_lower_default_add(PROTO_ETH);
+ lower = proto_lower_default_add(PROTO_ETH);
- lower = proto_current_header();
if (lower->id == PROTO_ETH)
proto_field_set_default_be16(lower, ETH_TYPE, ETH_P_IP);
else if (lower->id == PROTO_IP4)
diff --git a/trafgen_l4.c b/trafgen_l4.c
index 7f80e74..f3d8542 100644
--- a/trafgen_l4.c
+++ b/trafgen_l4.c
@@ -45,9 +45,7 @@ static void udp_header_init(struct proto_hdr *hdr)
{
struct proto_hdr *lower;
- proto_lower_default_add(PROTO_IP4);
-
- lower = proto_current_header();
+ lower = proto_lower_default_add(PROTO_IP4);
if (lower->id == PROTO_IP4)
proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_UDP);
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 1bacfd0..091d6b2 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -334,8 +334,7 @@ static void set_dynamic_incdec(uint8_t start, uint8_t stop,
uint8_t stepping,
static void proto_add(enum proto_id pid)
{
- proto_header_init(pid);
- hdr = proto_current_header();
+ hdr = proto_header_init(pid);
}
%}
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 3cbf34e..37cbab6 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -131,7 +131,7 @@ bool proto_field_is_set(struct proto_hdr *hdr, uint32_t fid)
return field ? field->is_set : false;
}
-void proto_header_init(enum proto_id pid)
+struct proto_hdr *proto_header_init(enum proto_id pid)
{
struct proto_hdr *hdr = proto_header_by_id(pid);
struct proto_hdr *new_hdr;
@@ -146,6 +146,7 @@ void proto_header_init(enum proto_id pid)
new_hdr->header_init(new_hdr);
headers[headers_count++] = new_hdr;
+ return new_hdr;
}
void proto_header_finish(struct proto_hdr *hdr)
@@ -154,16 +155,18 @@ void proto_header_finish(struct proto_hdr *hdr)
hdr->header_finish(hdr);
}
-void proto_lower_default_add(enum proto_id pid)
+struct proto_hdr *proto_lower_default_add(enum proto_id pid)
{
if (headers_count > 0) {
- if (proto_current_header()->layer >=
proto_header_by_id(pid)->layer)
- return;
- if (proto_current_header()->id == pid)
- return;
+ struct proto_hdr *current = proto_current_header();
+
+ if (current->layer >= proto_header_by_id(pid)->layer)
+ return current;
+ if (current->id == pid)
+ return current;
}
- proto_header_init(pid);
+ return proto_header_init(pid);
}
static void __proto_field_set_bytes(struct proto_hdr *hdr, uint32_t fid,
diff --git a/trafgen_proto.h b/trafgen_proto.h
index 02a8cc5..2d74f4c 100644
--- a/trafgen_proto.h
+++ b/trafgen_proto.h
@@ -55,10 +55,10 @@ struct proto_hdr {
extern void protos_init(const char *dev);
extern void proto_header_register(struct proto_hdr *hdr);
-extern void proto_header_init(enum proto_id pid);
+extern struct proto_hdr *proto_header_init(enum proto_id pid);
extern void proto_header_finish(struct proto_hdr *hdr);
extern void proto_packet_finish(void);
-extern void proto_lower_default_add(enum proto_id pid);
+extern struct proto_hdr *proto_lower_default_add(enum proto_id pid);
extern struct proto_hdr *proto_current_header(void);
extern struct proto_hdr *proto_lower_header(struct proto_hdr *hdr);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 6/7] trafgen: parser: Add syntax for VLAN header creating
Add 'vlan()' function to generate VLAN header.
Fields supported:
tpid|proto Set TPID (Tag Protocol Identifier) (default 0x8100)
1ad Set TPID field as 0x88a8
1q Set TPID field as 0x8100
tci Set TCI (Tag Control Information) (default 0)
pcp Set PCP (Priority Code Point) (PCP) (default 0)
dei|cfi Set DEI (Drop Eligible Indicator) (default 0)
id Set VID (VLAN Identifier) (default 0)
VLAN identifier might be specified like just number or via 'id' parameter.
Examples:
{ eth(), vlan(1), ipv4() }
{ vlan(1, 1ad), vlan(100, pcp=3), ipv4() }
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 9 +
trafgen_parser.y | 39 +++
2 files changed, 48 insertions(+)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index ef7ec2a..e1d1a3f 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -112,6 +112,14 @@ ip4_addr ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"saddr"|"sa" { return K_SADDR; }
[e]?"type" { return K_ETYPE; }
+ /* VLAN (802.1Q & 802.1ad) */
+"tpid" { return K_TPID; }
+"tci" { return K_TCI; }
+"pcp" { return K_PCP; }
+"dei"|"cfi"{ return K_DEI; }
+"1ad" { return K_1AD; }
+"1q" { return K_1Q; }
+
/* ARP */
"sha"|"smac" { return K_SHA; }
"spa"|"sip"{ return K_SPA; }
@@ -158,6 +166,7 @@ ip4_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"urgptr" { return K_URG_PTR; }
"eth" { return K_ETH; }
+"vlan" { return K_VLAN; }
"arp" { return K_ARP; }
"ip4"|"ipv4" { return K_IP4; }
"udp" { return K_UDP; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 091d6b2..5f5b79d 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -19,6 +19,7 @@
#include
#include
#include
+#include
#include "xmalloc.h"
#include "trafgen_parser.tab.h"
@@ -354,8 +355,10 @@ static void proto_add(enum proto_id pid)
%token K_PROT K_TTL K_DSCP K_ECN K_TOS K_LEN K_ID K_FLAGS K_FRAG K_IHL K_VER
K_CSUM K_DF K_MF
%token K_SPORT K_DPORT
%token K_SEQ K_ACK_SEQ K_DOFF K_CWR K_ECE K_URG K_ACK K_PSH K_RST K_SYN K_FIN
K_WINDOW K_URG_PTR
+%token K_TPID K_TCI K_PCP K_DEI K_1Q K_1AD
%token K_ETH
+%token K_VLAN
%token K_ARP
%token K_IP4
%token K_UDP K_TCP
@@ -579,6 +582,7 @@ ddec
proto
: eth_proto { }
+ | vlan_proto { }
| arp_proto { }
| ip4_proto { }
| udp_proto { }
@@ -613,6 +617,41 @@ eth_field
{ proto_field_set_be16(hdr, ETH_TYPE, $5); }
;
+vlan_proto
+ : vlan '(' vlan_param_list ')' { }
+ ;
+
+vlan
+ : K_VLAN { proto_add(PROTO_VLAN); }
+ ;
+
+vlan_param_list
+ : { }
+ | vlan_field { }
+ | vlan_field delimiter vlan_param_list { }
+ ;
+
+vlan_field
+ : K_TPID skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, VLAN_TPID, $5); }
+ | K_PROT skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, VLAN_TPID, $5); }
+ | K_1Q
+ { proto_field_set_be16(hdr, VLAN_TPID, ETH_P_8021Q); }
+ | K_1AD
+ { proto_field_set_be16(hdr, VLAN_TPID, ETH_P_8021AD); }
+ | K_TCI skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, VLAN_TCI, $5); }
+ | K_PCP skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, VLAN_PCP, $5); }
+ | K_DEI skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, VLAN_DEI, $5); }
+ | K_ID skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, VLAN_VID, $5); }
+ | number
+ { proto_field_set_be16(hdr, VLAN_VID, $1); }
+ ;
+
arp_proto
: arp '(' arp_param_list ')' { }
;
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 7/7] trafgen: man: Add help for VLAN header function
Add usage, syntax & parameters description for 'vlan()' function.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.8 | 43 +++
1 file changed, 43 insertions(+)
diff --git a/trafgen.8 b/trafgen.8
index 207cfc5..1fe5536 100644
--- a/trafgen.8
+++ b/trafgen.8
@@ -307,6 +307,49 @@ Supported protocol headers:
- Ethernet type (default: 0)
.in -4
+.I VLAN
+:
+.B vlan(tpid=, id=, dei=, tci=, pcp=,
+.B 1q, 1ad, )
+.sp
+.in +4
+.B tpid|prot|proto
+- Tag Protocol Identifier (TPID) (default: 0x8100)
+.sp
+.B tci
+- Tag Control Information (TCI) field (VLAN Id + PCP + DEI) (default: 0)
+.sp
+.B dei|cfi
+- Drop Eligible Indicator (DEI) (formerly Canonical Format Indicator (CFI))
(default: 0)
+.sp
+.B pcp
+- Priority code point (PCP) (default: 0)
+.sp
+.B id
+- VLAN Identifier (default: 0)
+.sp
+.B
+- Set VLAN Identifier field
+.sp
+.B 1q
+- Set 802.1q header (TPID: 0x8100)
+.sp
+.B 1ad
+- Set 802.1ad header (TPID: 0x88a8)
+.sp
+.in -4
+By default, if the lower level header is Ethernet, its protocol field is set to
+0x8100 (802.1q).
+Example of adding VLAN tag with id 100:
+.in +4
+.sp
+{ vlan(100) }
+.sp
+{ vlan(id=100, pcp=3) }
+.sp
+{ vlan(100, pcp=3) }
+.in -4
+
.I ARP
:
.B arp(htype=, ptype=, op=<request|reply|number>, request,
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 0/4] trafgen: Add IPv4 and UDP protocol generation
On Fri, Jan 29, 2016 at 10:17:51AM +0100, Tobias Klauser wrote:
> On 2016-01-29 at 09:05:24 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
> > On Fri, Jan 29, 2016 at 08:48:59AM +0100, Tobias Klauser wrote:
> > > On 2016-01-28 at 23:06:23 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
> > > > Reworded commit message of 12-14 patches from series:
> > > >
> > > > "[PATCH v3 00/16] trafgen: Add proto header generation"
> > > >
> > > > 1) Added parameters & default values description.
> > > > 2) Functionality was not changed.
> > >
> > > Perfect, thanks a lot! Series now applied. I also took the manpage patch
> > > from your previous series and I'll directly fold in my few minor changes.
> >
> > BTW,
> >
> > 1) I think that few more protocol header functions might be added (VLAN
> >& TCP) before release (btw when do you plan do make release ?).
>
> IPv6 would also be nice. But I think they're now fairly easy to add with
> the existing infrastructure.
>
> As for the release. I'd like to give the current changes a few weeks to
> get some testing by others. As I'll be offline for some days beginning
> of and mid February, I'd like to target a release sometime around end of
> February, which means the tree will close for new features ~2 weeks
> before the release.
>
> > 2) I just realized that currently protocol functions are used at packet
> >compile time and checksum's will be not re-calculated if dynamic
> >functions (dinc,drand) changed some of the header or payload bytes.
> >So as future improvement it needs to add some runtime logic for
> >protocol fuctions. It will be needed also if to extend protocol
> >functions with dynamic values too, like:
> >
> >{ ip(sa=192.168.1.0/24) }
> >{ udp(sp=2000...3000) }
> >
> >really I don't know yet how to implement such syntax but this is just
> >for future thinking.
>
> Yes, supporting recalculation of checksums would certainly be nice and
> shouldn't be that hard to implement. Would be nice to get this in before
> release...
>
> As for the "dynamic values" you propose above. What is the expected
> behavior of this? Would you generate multiple packets (255 and 1000 in
> the above examples)? Do you see a use case for this or shouldn't this
> better be done by preprocessing the trafgen config file with a hand
> crafted script?
I suppose that "dynamic values" will behave similar like current dynamic
functions (dinc/ddec/drnd) - generate some new value on each packet sending
iteration.
>
> > 3) Also as I mentioned in '... Xenomai ...' thread, what about idea to
> >extend trfagen for altering ingress packets via protocol functions ?
> >So currently I see it that in ingress mode protocol functions will
> >change only parameters which were specified, the default will be
> >ignored. Again I am not sure how useful it might be.
>
> How is this related to Xenomai?
I just posted this idea in email thread with subject '...Xenomai ...'.
Anyway, never mind.
>
> Well, trafgen currently doesn't support ingress packets. Or did you mean
> netsniff-ng? In any case, I think this will be quite hard to get right
> without having to implement a lot of protocol parsing logic (which of
> course could be partially reused from the dissectors). Also you could
> only do it on a per-packet level instead of i.e. per flow. I'd like to
> see a clear benefit over kernel-level forwarding/packet-mangling
> facilites for this feature before attempting to add it.
No I meant trafgen, I just imagined that how it would be useful to alter
ingress packets via trafgens script. But w/o parsing (I assume), so for
example lets take a look on following example:
{
ipv4(sa=1.1.1.1, dp=2.2.2.2)
}
Then we can easy apply to the each ingress packet ONLY specified fields
via the same protocol functions w/o some significant changes (I assume)
and send it out via specified output device, I see it like advanced
reply feature (like tcpreply). The ingress packets might be received from
device or
pcap file.
- proposals continue ---
4) Also I think it would be good to think in direction of using dissectors
in trafgen (via -VV) to dump human readable packet, and also allow to do
not specify output device.
5) May be it make sense in the future to get rid of libnet from mz and
use protocol functions for it ...
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 0/4] trafgen: Add IPv4 and UDP protocol generation
On Fri, Jan 29, 2016 at 08:48:59AM +0100, Tobias Klauser wrote:
> On 2016-01-28 at 23:06:23 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
> > Reworded commit message of 12-14 patches from series:
> >
> > "[PATCH v3 00/16] trafgen: Add proto header generation"
> >
> > 1) Added parameters & default values description.
> > 2) Functionality was not changed.
>
> Perfect, thanks a lot! Series now applied. I also took the manpage patch
> from your previous series and I'll directly fold in my few minor changes.
BTW,
1) I think that few more protocol header functions might be added (VLAN
& TCP) before release (btw when do you plan do make release ?).
2) I just realized that currently protocol functions are used at packet
compile time and checksum's will be not re-calculated if dynamic
functions (dinc,drand) changed some of the header or payload bytes.
So as future improvement it needs to add some runtime logic for
protocol fuctions. It will be needed also if to extend protocol
functions with dynamic values too, like:
{ ip(sa=192.168.1.0/24) }
{ udp(sp=2000...3000) }
really I don't know yet how to implement such syntax but this is just
for future thinking.
3) Also as I mentioned in '... Xenomai ...' thread, what about idea to
extend trfagen for altering ingress packets via protocol functions ?
So currently I see it that in ingress mode protocol functions will
change only parameters which were specified, the default will be
ignored. Again I am not sure how useful it might be.
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 2/4] trafgen: parser: Add syntax for IPv4 protocol generation
Add 'ip4(), ipv4()' function to build IPv4 header.
Fields supported:
ihl IPv4 header length (default 5 )
ver|version IPv4 version (default 4)
ttl Time To Live (TTL) field (default 0)
dscpDiffServ field (default 0)
ecn ECN bits (default 0)
tos TOS (DSCP + ECN) field (default 0)
len|length IPv4 header + payload length (calculated by default)
id Identifier (default 0)
flags Flags field (default 0)
fragFragment offset (default 0)
csumIPv4 header checksum (calculated by default)
df Set DF (Dont Fragment) bit to 1 (default is 0)
mf Set MF (More Fragments) bit to 1 (default is 0)
sa|saddrIPv4 source address (default used from output device)
da|daddrIPv4 destination address (default 0.0.0.0)
proto IPv4 protocol id (default 0)
Example:
{ ip4(df, mf, frag=100, prot=0x1, ecn=2, dscp=20) }
{ ip4(da=1.1.1.1), ip4(sa=3.3.3.3, da=3.3.3.4) }
Last example generates IP-in-IP packet.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 15 +++
trafgen_parser.y | 51 +++
2 files changed, 66 insertions(+)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index 5467c70..eeb252f 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -119,8 +119,23 @@ ip_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"htype"{ return K_HTYPE; }
"ptype"{ return K_PTYPE; }
+"ihl" { return K_IHL; }
+"ver"|"version"{ return K_VER; }
+"ttl" { return K_TTL; }
+"dscp" { return K_DSCP; }
+"ecn" { return K_ECN; }
+"tos" { return K_TOS; }
+"len"|"length" { return K_LEN; }
+"id" { return K_ID; }
+"flags"{ return K_FLAGS; }
+"frag" { return K_FRAG; }
+"csum" { return K_CSUM; }
+"df" { return K_DF; }
+"mf" { return K_MF; }
+
"eth" { return K_ETH; }
"arp" { return K_ARP; }
+"ip4"|"ipv4" { return K_IP4; }
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 16f9025..ebc4054 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -25,6 +25,7 @@
#include "trafgen_conf.h"
#include "trafgen_proto.h"
#include "trafgen_l2.h"
+#include "trafgen_l3.h"
#include "built_in.h"
#include "die.h"
#include "str.h"
@@ -350,9 +351,11 @@ static void proto_add(enum proto_id pid)
%token K_DADDR K_SADDR K_PROT
%token K_OPER K_SHA K_SPA K_THA K_TPA K_REQUEST K_REPLY K_PTYPE K_HTYPE
+%token K_TTL K_DSCP K_ECN K_TOS K_LEN K_ID K_FLAGS K_FRAG K_IHL K_VER K_CSUM
K_DF K_MF
%token K_ETH
%token K_ARP
+%token K_IP4
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -574,6 +577,7 @@ ddec
proto
: eth_proto { }
| arp_proto { }
+ | ip4_proto { }
;
eth_proto
@@ -637,6 +641,53 @@ arp
: K_ARP { proto_add(PROTO_ARP); }
;
+ip4_proto
+ : ip4 '(' ip4_param_list ')' { }
+ ;
+
+ip4_param_list
+ : { }
+ | ip4_field { }
+ | ip4_field delimiter ip4_param_list { }
+ ;
+
+ip4_field
+ : K_VER skip_white '=' skip_white number
+ { proto_field_set_u8(hdr, IP4_VER, $5); }
+ | K_IHL skip_white '=' skip_white number
+ { proto_field_set_u8(hdr, IP4_IHL, $5); }
+ | K_DADDR skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(hdr, IP4_DADDR, $5.s_addr); }
+ | K_SADDR skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(hdr, IP4_SADDR, $5.s_addr); }
+ | K_PROT skip_white '=' skip_white number
+ { proto_field_set_u8(hdr, IP4_PROTO, $5); }
+ | K_TTL skip_white '=' skip_white number
+ { proto_field_set_u8(hdr, IP4_TTL, $5); }
+ | K_DSCP skip_white '=' skip_white number
+ { proto_field_set_u8(hdr, IP4_DSCP, $5); }
+ | K_ECN skip_white '=' skip_white number
+ { proto_field_set_u8(hdr, IP4_ECN, $5); }
+ | K_TOS skip_white '=' skip_white number
+ { proto_field_set_u8(hdr, IP4_TOS, $5); }
+ | K_LEN skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, IP4_LEN, $5); }
+ | K_ID skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, IP4_ID, $5); }
+ | K_FLAGS skip_white '=' skip_white number
+ { proto_fie
[netsniff-ng] [PATCH 3/4] trafgen: l4: Add UDP header generation logic
Add trafgen_l4.c module with generation UDP header fields.
UDP protocol generation logic automaticaly sets by default
IPPROTO_UDP to the lower protocol (if it is IPv4), also checksum &
length are calculated if it is not set by user.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l4.c | 71
trafgen_l4.h | 14 +++
trafgen_proto.c | 2 ++
4 files changed, 88 insertions(+)
create mode 100644 trafgen_l4.c
create mode 100644 trafgen_l4.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 4f342ca..3f78f07 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -22,6 +22,7 @@ trafgen-objs =xmalloc.o \
trafgen_proto.o \
trafgen_l2.o \
trafgen_l3.o \
+ trafgen_l4.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l4.c b/trafgen_l4.c
new file mode 100644
index 000..286e54a
--- /dev/null
+++ b/trafgen_l4.c
@@ -0,0 +1,71 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+#include
+
+#include "die.h"
+#include "csum.h"
+#include "built_in.h"
+#include "trafgen_l3.h"
+#include "trafgen_l4.h"
+#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+
+static struct proto_field udp_fields[] = {
+ { .id = UDP_SPORT, .len = 2, .offset = 0 },
+ { .id = UDP_DPORT, .len = 2, .offset = 2 },
+ { .id = UDP_LEN,.len = 2, .offset = 4 },
+ { .id = UDP_CSUM, .len = 2, .offset = 6 },
+};
+
+static void udp_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_IP4);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_IP4)
+ proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_UDP);
+
+ proto_header_fields_add(hdr, udp_fields, array_size(udp_fields));
+}
+
+static void udp_packet_finish(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower = proto_lower_header(hdr);
+ struct packet *pkt = current_packet();
+ uint16_t total_len;
+ uint16_t csum;
+
+ total_len = pkt->len - hdr->pkt_offset;
+ proto_field_set_default_be16(hdr, UDP_LEN, total_len);
+
+ if (proto_field_is_set(hdr, UDP_CSUM))
+ return;
+
+ if (!lower || lower->id != PROTO_IP4)
+ return;
+
+ total_len = proto_field_get_u16(hdr, UDP_LEN);
+ csum = p4_csum((void *) proto_header_ptr(lower), proto_header_ptr(hdr),
+ total_len, IPPROTO_UDP);
+
+ proto_field_set_be16(hdr, UDP_CSUM, bswap_16(csum));
+}
+
+static struct proto_hdr udp_hdr = {
+ .id = PROTO_UDP,
+ .layer = PROTO_L4,
+ .header_init= udp_header_init,
+ .packet_finish = udp_packet_finish,
+};
+
+void protos_l4_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l4.h b/trafgen_l4.h
new file mode 100644
index 000..1a60ea5
--- /dev/null
+++ b/trafgen_l4.h
@@ -0,0 +1,14 @@
+#ifndef TRAFGEN_L4_I_H
+#define TRAFGEN_L4_I_H
+
+enum udp_field {
+ UDP_SPORT,
+ UDP_DPORT,
+ UDP_LEN,
+ UDP_CSUM,
+};
+
+extern void protos_l4_init(void);
+
+#endif /* TRAFGEN_L4_I_H */
+
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 75556f9..5fcb5cc 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -13,6 +13,7 @@
#include "trafgen_conf.h"
#include "trafgen_l2.h"
#include "trafgen_l3.h"
+#include "trafgen_l4.h"
#include "trafgen_proto.h"
#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
@@ -362,6 +363,7 @@ void protos_init(const char *dev)
protos_l2_init();
protos_l3_init();
+ protos_l4_init();
for (p = registered; p; p = p->next)
p->ctx =
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 1/4] trafgen: l3: Add IPv4 header generation backend
Add L3 module for implement L3 layer protocols generation.
Implemented setting of IPv4 header with all fields except options.
By default IPv4 address of output device is used as src ip address.
On finish (after packet is specified) - total len & checksum are calculated.
Meanwhile Ethernet protocol is initialized as default lower header.
If the lower protocol is IPv4 then IPv4 protocol id is set
to IP-in-IP in lower protocol header.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l3.c | 82
trafgen_l3.h | 26 ++
trafgen_proto.c | 2 ++
4 files changed, 111 insertions(+)
create mode 100644 trafgen_l3.c
create mode 100644 trafgen_l3.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 1c95118..4f342ca 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -21,6 +21,7 @@ trafgen-objs =xmalloc.o \
cpp.o \
trafgen_proto.o \
trafgen_l2.o \
+ trafgen_l3.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l3.c b/trafgen_l3.c
new file mode 100644
index 000..dd45395
--- /dev/null
+++ b/trafgen_l3.c
@@ -0,0 +1,82 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+
+#include "csum.h"
+#include "built_in.h"
+#include "trafgen_l2.h"
+#include "trafgen_l3.h"
+#include "trafgen_proto.h"
+#include "trafgen_conf.h"
+
+static struct proto_field ipv4_fields[] = {
+ { .id = IP4_VER, .len = 1, .offset = 0, .shift = 4, .mask = 0xf0
},
+ { .id = IP4_IHL, .len = 1, .offset = 0, .shift = 0, .mask = 0x0f
},
+ { .id = IP4_DSCP, .len = 1, .offset = 1, .shift = 2, .mask = 0xfc
},
+ { .id = IP4_ECN, .len = 1, .offset = 1, .shift = 0, .mask = 0x03
},
+ { .id = IP4_TOS, .len = 1, .offset = 1 },
+ { .id = IP4_LEN, .len = 2, .offset = 2 },
+ { .id = IP4_ID,.len = 2, .offset = 4 },
+ { .id = IP4_FLAGS, .len = 2, .offset = 6, .shift = 13, .mask =
0xe000 },
+ { .id = IP4_MF,.len = 2, .offset = 6, .shift = 13, .mask =
0x2000 },
+ { .id = IP4_DF,.len = 2, .offset = 6, .shift = 14, .mask =
0x4000 },
+ { .id = IP4_FRAG_OFFS, .len = 2, .offset = 6, .shift = 0, .mask =
0x1fff },
+ { .id = IP4_TTL, .len = 1, .offset = 8 },
+ { .id = IP4_PROTO, .len = 1, .offset = 9 },
+ { .id = IP4_CSUM, .len = 2, .offset = 10 },
+ { .id = IP4_SADDR, .len = 4, .offset = 12 },
+ { .id = IP4_DADDR, .len = 4, .offset = 16 },
+};
+
+static void ipv4_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_ETH);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_ETH)
+ proto_field_set_default_be16(lower, ETH_PROTO_ID, ETH_P_IP);
+ else if (lower->id == PROTO_IP4)
+ proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_IPIP);
+
+ proto_header_fields_add(hdr, ipv4_fields, array_size(ipv4_fields));
+
+ proto_field_set_default_u8(hdr, IP4_VER, 4);
+ proto_field_set_default_u8(hdr, IP4_IHL, 5);
+ proto_field_set_default_dev_ipv4(hdr, IP4_SADDR);
+}
+
+static void ipv4_packet_finish(struct proto_hdr *hdr)
+{
+ struct packet *pkt = current_packet();
+ uint16_t total_len;
+
+ total_len = pkt->len - hdr->pkt_offset;
+ proto_field_set_default_be16(hdr, IP4_LEN, total_len);
+
+ if (!proto_field_is_set(hdr, IP4_CSUM)) {
+ uint16_t csum;
+ uint8_t ihl;
+
+ ihl = proto_field_get_u8(hdr, IP4_IHL);
+ csum = htons(calc_csum(>payload[hdr->pkt_offset], ihl *
4));
+ proto_field_set_u16(hdr, IP4_CSUM, bswap_16(csum));
+ }
+}
+
+static struct proto_hdr ipv4_hdr = {
+ .id = PROTO_IP4,
+ .layer = PROTO_L3,
+ .header_init= ipv4_header_init,
+ .packet_finish = ipv4_packet_finish,
+};
+
+void protos_l3_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l3.h b/trafgen_l3.h
new file mode 100644
index 000..d215d09
--- /dev/null
+++ b/trafgen_l3.h
@@ -0,0 +1,26 @@
+#ifndef TRAFGEN_L3_I_H
+#define TRAFGEN_L3_I_H
+
+enum ip4_field {
+ IP4_VER,
+ IP4_IHL,
+ IP4_DSCP,
+ IP4_ECN,
+ IP4_TOS,
+ IP4_LEN,
+ IP4_ID,
+ IP4_FLAGS,
+ IP4_FRAG_OFFS,
+ IP4_TTL,
+ IP4_PROTO,
+ IP4_CSUM,
+ IP4_SADDR,
+ IP4_DADDR,
+ IP4_DF,
+ IP4_MF,
+};
+
+extern void protos_l3_init(void);
+
+#endif /* TRAFGEN_L2_I_H */
+
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 2c090b2..75556f9 100644
--- a/trafgen_proto.c
[netsniff-ng] [PATCH 0/4] trafgen: Add IPv4 and UDP protocol generation
Reworded commit message of 12-14 patches from series: "[PATCH v3 00/16] trafgen: Add proto header generation" 1) Added parameters & default values description. 2) Functionality was not changed. Vadim Kochan (4): trafgen: l3: Add IPv4 header generation backend trafgen: parser: Add syntax for IPv4 protocol generation trafgen: l4: Add UDP header generation logic trafgen: parser: Add syntax to build UDP header trafgen/Makefile | 2 ++ trafgen_l3.c | 82 trafgen_l3.h | 26 ++ trafgen_l4.c | 71 trafgen_l4.h | 14 ++ trafgen_lexer.l | 19 + trafgen_parser.y | 80 ++ trafgen_proto.c | 4 +++ 8 files changed, 298 insertions(+) create mode 100644 trafgen_l3.c create mode 100644 trafgen_l3.h create mode 100644 trafgen_l4.c create mode 100644 trafgen_l4.h -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] Synchronize file creation between netsniff-ng processes possible?
Hi,
On Tue, Jan 26, 2016 at 12:12 PM, <e.bengts...@gmail.com> wrote:
> Hi everyone!
>
> I've googled a bit but not found any good answer to my question. Maybe you
> can help me out?
>
> Currently I'm running five netsniff processes capturing data from five
> different interfaces. It works really well with the limiting factor SSD write
> speed, not netsniff itself. To make post processing easier, it would be nice
> if all log files were the same size and each set of files had the same start
> time.
>
> It seems like netsniff only checks file size / time when a packet is received
> so the start time within a set of files drift more or less depending on the
> busload.
>
> Any ideas on how to synchronize the processes?
>
> Best regards
> Erik
>
> --
> You received this message because you are subscribed to the Google Groups
> "netsniff-ng" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to netsniff-ng+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Really I use netsniff-ng just for simple dissecting so I might be not
aware about some usages of the tool, but
as developer may be I may help you if you provide more info with some
output's like:
1) How do you exactly run the tool ?
2) What do you see exactly with console output example ?
3) What you 'd like to expect exactly (probably with examples of output) ?
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH v2 11/16] trafgen: parser: Add syntax to generate ARP header fields
On Tue, Jan 26, 2016 at 10:25 AM, Tobias Klauser <tklau...@distanz.ch> wrote:
> On 2016-01-26 at 00:11:53 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
>> Add syntax to generate ARP header fields:
>>
>> { arp(op=req, sip=1.1.1.1, smac=11:22:33:44:55:66) }
>> { arp() }
>>
>> Signed-off-by: Vadim Kochan <vadi...@gmail.com>
>> ---
>>
>> %%
>>
>> @@ -107,7 +109,16 @@ mac
>> ({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
>> "saddr"|"sa" { return K_SADDR; }
>> "prot"[o]? { return K_PROT; }
>>
>
> Shouldn't we allow to specify htype, ptype, hlen and plen as well (as a
> user might want to set non-conforming values)?
>
Well meanwhile it was easier to implement for me the Ethernet-IPv4
form of ARP (which is more generic and
used by masezahn too if I am not mistaken), and it looks a little
tricky to allow full-flexible ARP header crafting.
I'd like to add such ability on later work, if I will not dig into
mac80211 headers ... :-)
>> +"sha"|"smac" { return K_SHA; }
>> +"spa"|"sip" { return K_SPA; }
>> +"tha"|"tmac" { return K_THA; }
>> +"tpa"|"tip" { return K_TPA; }
>> +"req"{ return K_REQ; }
>
> Please add "request" as well.
>
Sure.
>> ;
>>
>> +arp_proto
>> + : arp '(' arp_param_list ')' { }
>> + ;
>> +
>> +arp_param_list
>> + : { }
>> + | arp_field { }
>> + | arp_field delimiter arp_param_list { }
>> + ;
>> +
>> +arp_field
>> + : K_OPER skip_white '=' skip_white K_REQ
>> + { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REQUEST); }
>> + | K_OPER skip_white '=' skip_white K_RESP
>> + { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REPLY); }
>
> Would be nice to allow numeric values here as well (again, to be able to
> specify values not conforming to the standard).
>
Right I will change it to the form:
arp(request, ...)
arp(reply, ...)
arp(op=)
Not sure if the following is also will be needed considering above's forms:
arp(op=request)
>> --
>> 2.6.3
>>
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 08/16] trafgen: parser: Add syntax to generate Ethernet header
Add syntax for generating Ethernet header fields like:
{ eth(prot=0x0800, da=11:22:33:44:55:66), fill(0xff, 60) }
{ eth(prot=0x0800) }
{ eth() }
It is important that proto_init is called before fields will be filled
to initialize the specified proto with header fields.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 15 +++
trafgen_parser.y | 57 +++-
2 files changed, 71 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index 6c27b0c..ac4fec1 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -19,6 +19,7 @@
#include "trafgen_parser.tab.h"
#include "xmalloc.h"
#include "built_in.h"
+#include "str.h"
extern void yyerror(const char *);
@@ -75,6 +76,9 @@ number_bin([0]?[b][0-1]+)
number_dec (([0])|([1-9][0-9]*))
number_ascii ([a-zA-Z])
+mac_hex([a-fA-F0-9]+)
+mac({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
+
%%
"cpu" { return K_CPU; }
@@ -99,6 +103,12 @@ number_ascii([a-zA-Z])
"const32"|"c32"{ return K_CONST32; }
"const64"|"c64"{ return K_CONST64; }
+"daddr"|"da" { return K_DADDR; }
+"saddr"|"sa" { return K_SADDR; }
+"prot"[o]? { return K_PROT; }
+
+"eth" { return K_ETH; }
+
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
[ ]*"*"[ ]*{ return '*'; }
@@ -117,6 +127,7 @@ number_ascii([a-zA-Z])
"]"{ return ']'; }
","{ return ','; }
":"{ return ':'; }
+"="{ return '='; }
"\n" { yylineno++; }
@@ -146,6 +157,10 @@ number_ascii ([a-zA-Z])
{number_ascii} { yylval.number = (uint8_t) (*yytext);
return number; }
+{mac} { if (str2mac(yytext, yylval.bytes))
+ panic("Failed to parse MAC addres %s\n", yytext);
+ return mac; }
+
"'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
return number; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 4725f7c..df1b1a6 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -21,6 +21,8 @@
#include "xmalloc.h"
#include "trafgen_parser.tab.h"
#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+#include "trafgen_l2.h"
#include "built_in.h"
#include "die.h"
#include "str.h"
@@ -59,6 +61,8 @@ extern size_t dlen;
static int our_cpu, min_cpu = -1, max_cpu = -1;
+static struct proto_hdr *hdr;
+
static inline int test_ignore(void)
{
if (min_cpu < 0 && max_cpu < 0)
@@ -324,22 +328,33 @@ static void set_dynamic_incdec(uint8_t start, uint8_t
stop, uint8_t stepping,
__setup_new_counter(>cnt[packetdc_last], start, stop, stepping,
type);
}
+static void proto_add(enum proto_id pid)
+{
+ proto_header_init(pid);
+ hdr = proto_current_header();
+}
+
%}
%union {
long long int number;
+ uint8_t bytes[256];
char *str;
}
%token K_COMMENT K_FILL K_RND K_SEQINC K_SEQDEC K_DRND K_DINC K_DDEC K_WHITE
%token K_CPU K_CSUMIP K_CSUMUDP K_CSUMTCP K_CSUMUDP6 K_CSUMTCP6 K_CONST8
K_CONST16 K_CONST32 K_CONST64
+%token K_DADDR K_SADDR K_PROT
+%token K_ETH
+
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
-%token number string
+%token number string mac
%type number expression
%type string
+%type mac
%left '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -372,9 +387,16 @@ noenforce_white
| delimiter_nowhite { }
;
+skip_white
+ : { }
+ | K_WHITE { }
+ ;
packet
: '{' noenforce_white payload noenforce_white '}' {
min_cpu = max_cpu = -1;
+
+ proto_packet_finish();
+
realloc_packet();
}
| K_CPU '(' number cpu_delim number ')' ':' noenforce_white '{'
noenforce_white payload noenforce_white '}' {
@@ -388,10 +410,15 @@ packet
max_cpu = tmp;
}
+ proto_packet_finish();
+
realloc_packet();
}
| K_CPU '(' number ')' ':' noenforce_white '{' noenforce_white payload
noenforce_white '}' {
min_cpu = max_cpu = $3;
+
+ proto_packet_finish();
+
realloc_packet();
}
;
@@ -422,6 +449,7 @@ elem
| ddec { }
| csum { }
| const { }
+ | proto { proto_header_finish(hdr); }
| inline_comme
[netsniff-ng] [PATCH v3 07/16] str: Add str2mac helper function
Add func for convert string to MAC address.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
str.c | 25 +
str.h | 1 +
2 files changed, 26 insertions(+)
diff --git a/str.c b/str.c
index e4d8722..a3421b0 100644
--- a/str.c
+++ b/str.c
@@ -7,6 +7,7 @@
#include
#include
#include
+#include
#include "str.h"
#include "die.h"
@@ -129,3 +130,27 @@ void argv_free(char **argv)
free(tmp);
}
+
+int str2mac(const char *str, uint8_t *mac)
+{
+ int i, count;
+ unsigned int tmp[6];
+
+ if (!str)
+ return -1;
+
+ count = sscanf(str, "%02X:%02X:%02X:%02X:%02X:%02X",
+ [0], [1], [2], [3], [4], [5]);
+
+ if (count != 6)
+ count = sscanf(str, "%02x:%02x:%02x:%02x:%02x:%02x",
+ [0], [1], [2], [3], [4], [5]);
+
+ if (count != 6)
+ return -1;
+
+ for (i = 0; i < 6; i++)
+ mac[i] = (uint8_t)tmp[i];
+
+ return 0;
+}
diff --git a/str.h b/str.h
index 3ffb2b9..21051ad 100644
--- a/str.h
+++ b/str.h
@@ -11,5 +11,6 @@ extern noinline void *xmemset(void *s, int c, size_t n);
extern char *argv2str(int startind, int argc, char **argv);
extern char **argv_insert(char **argv, size_t *count, const char *str);
extern void argv_free(char **argv);
+extern int str2mac(const char *str, uint8_t *mac);
#endif /* STR_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 11/16] trafgen: parser: Add syntax to generate ARP header fields
Add syntax to generate ARP header fields:
{ arp(op=req, sip=1.1.1.1, smac=11:22:33:44:55:66) }
{ arp() }
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 17 +
trafgen_parser.y | 48 +++-
2 files changed, 64 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index ac4fec1..7db0d5a 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -15,6 +15,7 @@
#include
#include
#include
+#include
#include "trafgen_parser.tab.h"
#include "xmalloc.h"
@@ -78,6 +79,7 @@ number_ascii ([a-zA-Z])
mac_hex([a-fA-F0-9]+)
mac({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
+ip_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
%%
@@ -107,7 +109,18 @@ mac
({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
"saddr"|"sa" { return K_SADDR; }
"prot"[o]? { return K_PROT; }
+"sha"|"smac" { return K_SHA; }
+"spa"|"sip"{ return K_SPA; }
+"tha"|"tmac" { return K_THA; }
+"tpa"|"tip"{ return K_TPA; }
+"req"|"request"{ return K_REQUEST; }
+"reply"{ return K_REPLY; }
+"op"|"oper"{ return K_OPER; }
+"htype"{ return K_HTYPE; }
+"ptype"{ return K_PTYPE; }
+
"eth" { return K_ETH; }
+"arp" { return K_ARP; }
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
@@ -161,6 +174,10 @@ mac
({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
panic("Failed to parse MAC addres %s\n", yytext);
return mac; }
+{ip_addr} { if (inet_pton(AF_INET, yytext, _addr) != 1)
+ panic("Failed to parse IPv4 address %s\n", yytext);
+ return ip_addr; };
+
"'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
return number; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index df1b1a6..16f9025 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -17,6 +17,8 @@
#include
#include
#include
+#include
+#include
#include "xmalloc.h"
#include "trafgen_parser.tab.h"
@@ -337,6 +339,7 @@ static void proto_add(enum proto_id pid)
%}
%union {
+ struct in_addr ip_addr;
long long int number;
uint8_t bytes[256];
char *str;
@@ -346,15 +349,19 @@ static void proto_add(enum proto_id pid)
%token K_CPU K_CSUMIP K_CSUMUDP K_CSUMTCP K_CSUMUDP6 K_CSUMTCP6 K_CONST8
K_CONST16 K_CONST32 K_CONST64
%token K_DADDR K_SADDR K_PROT
+%token K_OPER K_SHA K_SPA K_THA K_TPA K_REQUEST K_REPLY K_PTYPE K_HTYPE
+
%token K_ETH
+%token K_ARP
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
-%token number string mac
+%token number string mac ip_addr
%type number expression
%type string
%type mac
+%type ip_addr
%left '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -566,6 +573,7 @@ ddec
proto
: eth_proto { }
+ | arp_proto { }
;
eth_proto
@@ -591,6 +599,44 @@ eth_field
{ proto_field_set_be16(hdr, ETH_PROTO_ID, $5); }
;
+arp_proto
+ : arp '(' arp_param_list ')' { }
+ ;
+
+arp_param_list
+ : { }
+ | arp_field { }
+ | arp_field delimiter arp_param_list { }
+ ;
+
+arp_field
+ : K_OPER skip_white '=' skip_white K_REQUEST
+ { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REQUEST); }
+ | K_OPER skip_white '=' skip_white K_REPLY
+ { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REPLY); }
+ | K_OPER skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, ARP_OPER, $5); }
+ | K_REQUEST
+ { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REQUEST); }
+ | K_REPLY
+ { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REPLY); }
+ | K_HTYPE skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, ARP_HTYPE, $5); }
+ | K_PTYPE skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, ARP_PTYPE, $5); }
+ | K_SHA skip_white '=' skip_white mac
+ { proto_field_set_bytes(hdr, ARP_SHA, $5); }
+ | K_THA skip_white '=' skip_white mac
+ { proto_field_set_bytes(hdr, ARP_THA, $5); }
+ | K_SPA skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(hdr, ARP_SPA, $5.s_addr); }
+ | K_TPA skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(hdr, ARP_TPA, $5.s_addr); }
+ ;
+arp
+ : K_ARP { proto_add(PROTO_ARP); }
+ ;
+
%%
static void finalize_packet(void)
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 05/16] trafgen: proto: Add func for set device mac to field
Add helper function for easy set device's MAC address to proto
field which may be used by Ethernet & ARP protos generation.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_proto.c | 31 +++
trafgen_proto.h | 3 +++
2 files changed, 34 insertions(+)
diff --git a/trafgen_proto.c b/trafgen_proto.c
index fce2441..bb03a9d 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -5,7 +5,9 @@
#include
#include
+#include
+#include "dev.h"
#include "xmalloc.h"
#include "trafgen_conf.h"
#include "trafgen_proto.h"
@@ -295,6 +297,35 @@ void proto_field_set_default_be32(struct proto_hdr *hdr,
uint32_t fid, uint32_t
__proto_field_set_bytes(hdr, fid, (uint8_t *), true, true);
}
+static void __proto_field_set_dev_mac(struct proto_hdr *hdr, uint32_t fid,
+ bool is_default)
+{
+ uint8_t mac[ETH_ALEN];
+ int ret;
+
+ if (proto_field_is_set(hdr, fid))
+ return;
+
+ if (!hdr->ctx->dev)
+ panic("Device is not specified\n");
+
+ ret = device_hw_address(hdr->ctx->dev, mac);
+ if (ret < 0)
+ panic("Could not get device hw adress\n");
+
+ __proto_field_set_bytes(hdr, fid, mac, is_default, false);
+}
+
+void proto_field_set_dev_mac(struct proto_hdr *hdr, uint32_t fid)
+{
+ __proto_field_set_dev_mac(hdr, fid, false);
+}
+
+void proto_field_set_default_dev_mac(struct proto_hdr *hdr, uint32_t fid)
+{
+ __proto_field_set_dev_mac(hdr, fid, true);
+}
+
void protos_init(char *dev)
{
struct proto_hdr *p;
diff --git a/trafgen_proto.h b/trafgen_proto.h
index c727b61..4041c27 100644
--- a/trafgen_proto.h
+++ b/trafgen_proto.h
@@ -93,4 +93,7 @@ extern void proto_field_set_default_be16(struct proto_hdr
*hdr, uint32_t fid,
extern void proto_field_set_default_be32(struct proto_hdr *hdr, uint32_t fid,
uint32_t val);
+extern void proto_field_set_dev_mac(struct proto_hdr *hdr, uint32_t fid);
+extern void proto_field_set_default_dev_mac(struct proto_hdr *hdr, uint32_t
fid);
+
#endif /* TRAFGEN_PROTO_I_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 04/16] dev: Add func to get device's hw address
Add device_hw_address func to get device's MAC address.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
dev.c | 23 +++
dev.h | 1 +
2 files changed, 24 insertions(+)
diff --git a/dev.c b/dev.c
index cf8d643..ad7b917 100644
--- a/dev.c
+++ b/dev.c
@@ -124,6 +124,29 @@ int device_address(const char *ifname, int af, struct
sockaddr_storage *ss)
return ret;
}
+int device_hw_address(const char *ifname, uint8_t *addr)
+{
+ int ret, sock;
+ struct ifreq ifr;
+
+ if (unlikely(!addr))
+ return -EINVAL;
+ if (!strncmp("any", ifname, strlen("any")))
+ return -EINVAL;
+
+ sock = af_socket(AF_INET);
+
+ memset(, 0, sizeof(ifr));
+ strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
+
+ ret = ioctl(sock, SIOCGIFHWADDR, );
+ if (likely(!ret))
+ memcpy(addr, _hwaddr.sa_data[0], IFHWADDRLEN);
+
+ close(sock);
+ return ret;
+}
+
size_t device_mtu(const char *ifname)
{
size_t mtu = 0;
diff --git a/dev.h b/dev.h
index a9e4ccf..077e08f 100644
--- a/dev.h
+++ b/dev.h
@@ -7,6 +7,7 @@
extern size_t device_mtu(const char *ifname);
extern int device_address(const char *ifname, int af, struct sockaddr_storage
*ss);
extern int __device_ifindex(const char *ifname);
+extern int device_hw_address(const char *ifname, uint8_t *addr);
extern int device_ifindex(const char *ifname);
extern int device_type(const char *ifname);
extern short device_get_flags(const char *ifname);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 06/16] trafgen: l2: Add Ethernet proto header generation
Add trafgen_l2.c module for generating L2 related headers.
Add Ethernet header generating. By default source MAC address
is used from the specified output device.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l2.c | 32
trafgen_l2.h | 12
trafgen_proto.c | 3 +++
4 files changed, 48 insertions(+)
create mode 100644 trafgen_l2.c
create mode 100644 trafgen_l2.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 2ea684f..1c95118 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -20,6 +20,7 @@ trafgen-objs =xmalloc.o \
sysctl.o \
cpp.o \
trafgen_proto.o \
+ trafgen_l2.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l2.c b/trafgen_l2.c
new file mode 100644
index 000..1082049
--- /dev/null
+++ b/trafgen_l2.c
@@ -0,0 +1,32 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include "built_in.h"
+#include "trafgen_l2.h"
+#include "trafgen_proto.h"
+
+struct proto_field eth_fields[] = {
+ { .id = ETH_DST_ADDR, .len = 6, },
+ { .id = ETH_SRC_ADDR, .len = 6, .offset = 6 },
+ { .id = ETH_PROTO_ID, .len = 2, .offset = 12 },
+};
+
+static void eth_header_init(struct proto_hdr *hdr)
+{
+ proto_header_fields_add(hdr, eth_fields, array_size(eth_fields));
+
+ proto_field_set_default_dev_mac(hdr, ETH_SRC_ADDR);
+}
+
+static struct proto_hdr eth_hdr = {
+ .id = PROTO_ETH,
+ .layer = PROTO_L2,
+ .header_init= eth_header_init,
+};
+
+void protos_l2_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l2.h b/trafgen_l2.h
new file mode 100644
index 000..75d3d33
--- /dev/null
+++ b/trafgen_l2.h
@@ -0,0 +1,12 @@
+#ifndef TRAFGEN_L2_I_H
+#define TRAFGEN_L2_I_H
+
+enum eth_field {
+ ETH_DST_ADDR,
+ ETH_SRC_ADDR,
+ ETH_PROTO_ID,
+};
+
+extern void protos_l2_init(void);
+
+#endif /* TRAFGEN_L2_I_H */
diff --git a/trafgen_proto.c b/trafgen_proto.c
index bb03a9d..c374213 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -10,6 +10,7 @@
#include "dev.h"
#include "xmalloc.h"
#include "trafgen_conf.h"
+#include "trafgen_l2.h"
#include "trafgen_proto.h"
#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
@@ -332,6 +333,8 @@ void protos_init(char *dev)
ctx.dev = dev;
+ protos_l2_init();
+
for (p = registered; p; p = p->next)
p->ctx =
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 03/16] trafgen: Add basic proto generation logic
Add new trafgen_proto.c module with basic proto
header fields generation logic.
Each proto must implement proto_hdr struct and register it
to the global proto list.
Proto header consist from set of fields, and each field must be
described via proto_field struct by specifying unique id, len,
offset (relative to the header). Small fields ( < 8 bits) can be
described via left shift & mask.
Few callbacks are invoked to perform special actions to build
the header:
1) header_init - required fields must be added to the packet and
initialized with default values.
2) header_finish - it is invoked when header is specified, all user
specified fields are set.
3) packet_finish - callback is invoked from upper to lower header
to calculate such things like total len, checksum.
Proto generation API provides easy proto field setters/getters to easy
craft the packet via parser.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.c| 3 +
trafgen/Makefile | 1 +
trafgen_proto.c | 332 +++
trafgen_proto.h | 96
4 files changed, 432 insertions(+)
create mode 100644 trafgen_proto.c
create mode 100644 trafgen_proto.h
diff --git a/trafgen.c b/trafgen.c
index c74a973..949f909 100644
--- a/trafgen.c
+++ b/trafgen.c
@@ -54,6 +54,7 @@
#include "timer.h"
#include "ring_tx.h"
#include "csum.h"
+#include "trafgen_proto.h"
#ifndef timeval_to_timespec
#define timeval_to_timespec(tv, ts) { \
@@ -1215,6 +1216,8 @@ int main(int argc, char **argv)
register_signal(SIGTERM, signal_handler);
register_signal(SIGHUP, signal_handler);
+ protos_init(ctx.device);
+
if (prio_high) {
set_proc_prio(-20);
set_sched_status(SCHED_FIFO,
sched_get_priority_max(SCHED_FIFO));
diff --git a/trafgen/Makefile b/trafgen/Makefile
index bc256b2..2ea684f 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -19,6 +19,7 @@ trafgen-objs =xmalloc.o \
timer.o \
sysctl.o \
cpp.o \
+ trafgen_proto.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_proto.c b/trafgen_proto.c
new file mode 100644
index 000..fce2441
--- /dev/null
+++ b/trafgen_proto.c
@@ -0,0 +1,332 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+#include
+
+#include "xmalloc.h"
+#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+
+#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
+ ((f)->mask ? (f)->mask : (0x)))
+
+#define field_unmask_and_unshift(f, v) (((v) & \
+ ((f)->mask ? (f)->mask : (0x))) >> (f)->shift)
+
+static struct proto_ctx ctx;
+
+#define PROTO_MAX_LAYERS 16
+
+static struct proto_hdr *headers[PROTO_MAX_LAYERS];
+static uint32_t headers_count;
+
+static struct proto_hdr *registered;
+
+struct proto_hdr *proto_current_header(void)
+{
+ if (headers_count > 0)
+ return headers[headers_count - 1];
+
+ panic("No header was added\n");
+}
+
+struct proto_hdr *proto_lower_header(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower = NULL;
+ uint32_t i;
+
+ if (headers_count == 0)
+ return NULL;
+
+ for (i = 1, lower = headers[0]; i < headers_count; i++) {
+ if (headers[i] == hdr)
+ return headers[i - 1];
+ }
+
+ return lower;
+}
+
+uint8_t *proto_header_ptr(struct proto_hdr *hdr)
+{
+ return _packet()->payload[hdr->pkt_offset];
+}
+
+static struct proto_hdr *proto_header_by_id(enum proto_id id)
+{
+ struct proto_hdr *p = registered;
+
+ for (; p; p = p->next)
+ if (p->id == id)
+ return p;
+
+ panic("Can't lookup proto by id %u\n", id);
+}
+
+void proto_header_register(struct proto_hdr *hdr)
+{
+ hdr->next = registered;
+ registered = hdr;
+
+ hdr->fields = NULL;
+ hdr->fields_count = 0;
+}
+
+static void proto_fields_realloc(struct proto_hdr *hdr, size_t count)
+{
+ hdr->fields = xrealloc(hdr->fields, count * sizeof(*hdr->fields));
+ hdr->fields_count = count;
+}
+
+void proto_header_fields_add(struct proto_hdr *hdr, struct proto_field *fields,
+size_t count)
+{
+ struct packet *pkt = current_packet();
+ struct proto_field *f;
+ int i;
+
+ if (!hdr->fields)
+ hdr->pkt_offset = pkt->len;
+
+ proto_fields_realloc(hdr, hdr->fields_count + count);
+
+ for (i = 0; count >= 1; count--, i++) {
+ f = >fields[hdr->fields_count - count]
[netsniff-ng] [PATCH v3 14/16] trafgen: l4: Add UDP header generation logic
Add trafgen_l4.c module with implementation
of UDP header fields gneration.
UDP proto generation logic automaticaly sets by default
IPPROTO_UDP to the lower proto if it is IPv4, also cscum is
calculated if it is not set by user.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l4.c | 71
trafgen_l4.h | 14 +++
trafgen_proto.c | 2 ++
4 files changed, 88 insertions(+)
create mode 100644 trafgen_l4.c
create mode 100644 trafgen_l4.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 4f342ca..3f78f07 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -22,6 +22,7 @@ trafgen-objs =xmalloc.o \
trafgen_proto.o \
trafgen_l2.o \
trafgen_l3.o \
+ trafgen_l4.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l4.c b/trafgen_l4.c
new file mode 100644
index 000..286e54a
--- /dev/null
+++ b/trafgen_l4.c
@@ -0,0 +1,71 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+#include
+
+#include "die.h"
+#include "csum.h"
+#include "built_in.h"
+#include "trafgen_l3.h"
+#include "trafgen_l4.h"
+#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+
+static struct proto_field udp_fields[] = {
+ { .id = UDP_SPORT, .len = 2, .offset = 0 },
+ { .id = UDP_DPORT, .len = 2, .offset = 2 },
+ { .id = UDP_LEN,.len = 2, .offset = 4 },
+ { .id = UDP_CSUM, .len = 2, .offset = 6 },
+};
+
+static void udp_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_IP4);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_IP4)
+ proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_UDP);
+
+ proto_header_fields_add(hdr, udp_fields, array_size(udp_fields));
+}
+
+static void udp_packet_finish(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower = proto_lower_header(hdr);
+ struct packet *pkt = current_packet();
+ uint16_t total_len;
+ uint16_t csum;
+
+ total_len = pkt->len - hdr->pkt_offset;
+ proto_field_set_default_be16(hdr, UDP_LEN, total_len);
+
+ if (proto_field_is_set(hdr, UDP_CSUM))
+ return;
+
+ if (!lower || lower->id != PROTO_IP4)
+ return;
+
+ total_len = proto_field_get_u16(hdr, UDP_LEN);
+ csum = p4_csum((void *) proto_header_ptr(lower), proto_header_ptr(hdr),
+ total_len, IPPROTO_UDP);
+
+ proto_field_set_be16(hdr, UDP_CSUM, bswap_16(csum));
+}
+
+static struct proto_hdr udp_hdr = {
+ .id = PROTO_UDP,
+ .layer = PROTO_L4,
+ .header_init= udp_header_init,
+ .packet_finish = udp_packet_finish,
+};
+
+void protos_l4_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l4.h b/trafgen_l4.h
new file mode 100644
index 000..1a60ea5
--- /dev/null
+++ b/trafgen_l4.h
@@ -0,0 +1,14 @@
+#ifndef TRAFGEN_L4_I_H
+#define TRAFGEN_L4_I_H
+
+enum udp_field {
+ UDP_SPORT,
+ UDP_DPORT,
+ UDP_LEN,
+ UDP_CSUM,
+};
+
+extern void protos_l4_init(void);
+
+#endif /* TRAFGEN_L4_I_H */
+
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 3599721..0712411 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -13,6 +13,7 @@
#include "trafgen_conf.h"
#include "trafgen_l2.h"
#include "trafgen_l3.h"
+#include "trafgen_l4.h"
#include "trafgen_proto.h"
#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
@@ -368,6 +369,7 @@ void protos_init(char *dev)
protos_l2_init();
protos_l3_init();
+ protos_l4_init();
for (p = registered; p; p = p->next)
p->ctx =
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 15/16] trafgen: parser: Add syntax to build UDP header
Added trafgen syntax to set UDP header fields:
{ udp(sport=111, dport=222) }
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 4
trafgen_parser.y | 29 +
2 files changed, 33 insertions(+)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index e6007f7..f040a83 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -133,9 +133,13 @@ ip_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"df" { return K_DF; }
"mf" { return K_MF; }
+"sp"|"sport" { return K_SPORT; }
+"dp"|"dport" { return K_DPORT; }
+
"eth" { return K_ETH; }
"arp" { return K_ARP; }
"ip4"|"ipv4" { return K_IP4; }
+"udp" { return K_UDP; }
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index ebc4054..9ec09b1 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -26,6 +26,7 @@
#include "trafgen_proto.h"
#include "trafgen_l2.h"
#include "trafgen_l3.h"
+#include "trafgen_l4.h"
#include "built_in.h"
#include "die.h"
#include "str.h"
@@ -352,10 +353,12 @@ static void proto_add(enum proto_id pid)
%token K_DADDR K_SADDR K_PROT
%token K_OPER K_SHA K_SPA K_THA K_TPA K_REQUEST K_REPLY K_PTYPE K_HTYPE
%token K_TTL K_DSCP K_ECN K_TOS K_LEN K_ID K_FLAGS K_FRAG K_IHL K_VER K_CSUM
K_DF K_MF
+%token K_SPORT K_DPORT
%token K_ETH
%token K_ARP
%token K_IP4
+%token K_UDP
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -578,6 +581,7 @@ proto
: eth_proto { }
| arp_proto { }
| ip4_proto { }
+ | udp_proto { }
;
eth_proto
@@ -688,6 +692,31 @@ ip4
: K_IP4 { proto_add(PROTO_IP4); }
;
+udp_proto
+ : udp '(' udp_param_list ')' { }
+ ;
+
+udp_param_list
+ : { }
+ | udp_field { }
+ | udp_field delimiter udp_param_list { }
+ ;
+
+udp_field
+ : K_SPORT skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_SPORT, $5); }
+ | K_DPORT skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_DPORT, $5); }
+ | K_LEN skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_LEN, $5); }
+ | K_CSUM skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_CSUM, $5); }
+ ;
+
+udp
+ : K_UDP { proto_add(PROTO_UDP); }
+ ;
+
%%
static void finalize_packet(void)
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 16/16] trafgen: man: Add help for Ethernet, ARP, IPv4, UDP headers
Add description (basic syntax, proto header fields) for newer added
proto headers:
Ethernet, ARP, IPv4, UDP.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.8 | 186 ++
1 file changed, 186 insertions(+)
diff --git a/trafgen.8 b/trafgen.8
index ce82a5b..58d08e0 100644
--- a/trafgen.8
+++ b/trafgen.8
@@ -271,6 +271,192 @@ configuration, e.g. const16(0xaa) will result in ''00
aa''. Within c*()
functions, it is possible to do some arithmetics: -,+,*,/,%,&,|,<<,>>,^
E.g. const161<<8)+0x32)|0b110)*2) will be evaluated to ''02 6c''.
.PP
+IV) Proto header functions, fill protocol header with specified parameters.
+The protocol header follows the generic syntax:
+.in +8
+.sp
+(=,=,...,,...)
+.sp
+.in -8
+.in +4
+If parameter is not specified then the default value will be used (usually 0).
+Proto parameters might be set in any order, the offset of each parameter is
strictly
+defined.
+.sp
+All required lower layer headers will be filled automatically in case if they
+were not specified by the user. The headers will be filled in the order as they
+were specified. Each header will be filled with some mimimum required set of
fields.
+.in -4
+.sp
+.in +4
+Supported proto headers:
+.sp
+
+.in +4
+.I Ethernet
+:
+.B eth(da=, sa=, prot[o]=)
+.sp
+.in +15
+.B da|daddr
+- set destination MAC address (default 00:00:00:00:00:00).
+.sp
+.B sa|saddr
+- set source MAC address (default device's MAC address).
+.sp
+.B prot|proto
+- set Ethernet type/proro number (default 0).
+.in -15
+.in -4
+
+.in +4
+.I ARP
+:
+.B arp(htype=, ptype=, op=<req[uest]|reply|number>, req, reply,
+.B smac=, sip=, tmac=, tip=)
+.sp
+.in +15
+.B htype
+- set ARP HW type (default Ethernet).
+.sp
+.B ptype
+- set ARP proto type (default IPv4).
+.sp
+.B op
+- set ARP operation type (request/reply) (default request).
+.sp
+.B req|request
+- set ARP Request operation type.
+.sp
+.B reply
+- set ARP Reply operation type.
+.sp
+.B smac|sha
+- set sender HW (MAC) address (default device's MAC address).
+.sp
+.B sip|spa
+- set sender proto (IPv4) address (default device's IPv4 address).
+.sp
+.B tmac|tha
+- set target HW (MAC) address (default 00:00:00:00:00:00).
+.sp
+.B tip|tpa
+- set target proto (IPv4) address (default device's IPv4 address).
+.in -15
+.sp
+.in +4
+By default ARP Announcement request packet is filled, Ethernet destination MAC
+set to broadcast.
+.in -4
+.in -4
+
+.in +4
+.I IPv4
+:
+.B ip4|ipv4(ihl=, ver=, len=, csum=,
+.B ttl=, tos=, dscp=, ecn=,
+.in +15
+.B id=, flags=, frag=, df, mf, da=,
sa=,
+.B prot[o]=)
+.in -15
+.sp
+.in +15
+.B ver|version
+- set version field (default 4).
+.sp
+.B ihl
+- set header length in the numbers of 4 bytes (default 5).
+.sp
+.B tos
+- set TOS (Type Of Service) field (default 0).
+.sp
+.B dscp
+- set DSCP (DiffServ) field (default 0).
+.sp
+.B ecn
+- set ECN field (default 0).
+.sp
+.B len|length
+- set total length of header and data (calculated by default).
+.sp
+.B id
+- set IPv4 datagram identificator (default 0).
+.sp
+.B flags
+- set IPv4 flags value (DF,MF) (default 0).
+.sp
+.B df
+- set DF (dont fragment) flag (default 0).
+.sp
+.B mf
+- set MF (more fragment) flag (default 0).
+.sp
+.B frag
+- set fragment offset field in numbers of 8 bytes (default 0).
+.sp
+.B ttl
+- set TTL (time to live) field (default 0).
+.sp
+.B csum
+- set header checksum field (calculated by default).
+.sp
+.B sa|saddr
+- set source IPv4 address (default device's IPv4 address).
+.sp
+.B da|daddr
+- set destination IPv4 address (default 0.0.0.0).
+.sp
+.B prot|proto
+- set IPv4 proro number (default 0).
+.in -15
+.sp
+.in +4
+By default if lower header is Ethernet - ether type is set to IPv4,
+if lower header is IPv4 - proto is set to value 0x4 (IP-in-IP).
+.in -4
+.in -4
+
+.in +4
+.I UDP
+:
+.B udp(sp=, dp=, len=, csum=)
+.sp
+.in +15
+.B sp|sport
+- set source UDP port (default 0).
+.sp
+.B dp|dport
+- set destination UDP port (default 0).
+.sp
+.B len|length
+- set length field of UDP header and data (calculated by default).
+.sp
+.B csum
+- set checksum field calculated on IPv4 pseudo header (calculated by default).
+.sp
+.in -15
+.in +4
+By default if lower header is IPv4 - proto is set to UDP.
+.in -4
+.in -4
+
+Example of UDP Echo packet:
+.sp
+.in +4
+{
+.in +4
+eth(da=11:22:33:44:55:66),
+.sp
+udp(dp=7),
+.sp
+"Hello world"
+.in -4
+}
+.in -4
+
+.in -4
+
+.PP
Furthermore, there are two types of comments in trafgen configuration files:
.PP
1. Multi-line C-style comments:/* put comment here */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 10/16] trafgen: l2: Add ARP header generation logic
Add ARP proto header fields generation via src mac, src ip,
dst mac, dst ip & operaion.
By default Ethernet proto will be initialized, and ARP Announcement
request is filled.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l2.c | 52
trafgen_l2.h | 12
2 files changed, 64 insertions(+)
diff --git a/trafgen_l2.c b/trafgen_l2.c
index 1082049..a95ba91 100644
--- a/trafgen_l2.c
+++ b/trafgen_l2.c
@@ -3,10 +3,15 @@
* Subject to the GPL, version 2.
*/
+#include
+#include
+
#include "built_in.h"
#include "trafgen_l2.h"
#include "trafgen_proto.h"
+#define ETH_BCAST { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }
+
struct proto_field eth_fields[] = {
{ .id = ETH_DST_ADDR, .len = 6, },
{ .id = ETH_SRC_ADDR, .len = 6, .offset = 6 },
@@ -26,7 +31,54 @@ static struct proto_hdr eth_hdr = {
.header_init= eth_header_init,
};
+static struct proto_field arp_fields[] = {
+ { .id = ARP_HTYPE, .len = 2 },
+ { .id = ARP_PTYPE, .len = 2, .offset = 2 },
+ { .id = ARP_HLEN, .len = 1, .offset = 4 },
+ { .id = ARP_PLEN, .len = 1, .offset = 5 },
+ { .id = ARP_OPER, .len = 2, .offset = 6 },
+ { .id = ARP_SHA, .len = 6, .offset = 8 },
+ { .id = ARP_SPA, .len = 4, .offset = 14 },
+ { .id = ARP_THA, .len = 6, .offset = 18 },
+ { .id = ARP_TPA, .len = 4, .offset = 24 },
+};
+
+static void arp_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_ETH);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_ETH) {
+ uint8_t bcast[6] = ETH_BCAST;
+
+ proto_field_set_default_bytes(lower, ETH_DST_ADDR, bcast);
+ proto_field_set_default_be16(lower, ETH_PROTO_ID, ETH_P_ARP);
+ }
+
+ proto_header_fields_add(hdr, arp_fields, array_size(arp_fields));
+
+ /* Generate Announce request by default */
+ proto_field_set_default_be16(hdr, ARP_HTYPE, ARPHRD_ETHER);
+ proto_field_set_default_be16(hdr, ARP_PTYPE, ETH_P_IP);
+ proto_field_set_default_u8(hdr, ARP_HLEN, 6);
+ proto_field_set_default_u8(hdr, ARP_PLEN, 4);
+ proto_field_set_default_be16(hdr, ARP_OPER, ARPOP_REQUEST);
+ proto_field_set_default_dev_mac(hdr, ARP_SHA);
+ proto_field_set_default_dev_ipv4(hdr, ARP_SPA);
+ proto_field_set_default_dev_ipv4(hdr, ARP_TPA);
+}
+
+static struct proto_hdr arp_hdr = {
+ .id = PROTO_ARP,
+ .layer = PROTO_L2,
+ .header_init= arp_header_init,
+};
+
void protos_l2_init(void)
{
proto_header_register(_hdr);
+ proto_header_register(_hdr);
}
diff --git a/trafgen_l2.h b/trafgen_l2.h
index 75d3d33..63cef2f 100644
--- a/trafgen_l2.h
+++ b/trafgen_l2.h
@@ -7,6 +7,18 @@ enum eth_field {
ETH_PROTO_ID,
};
+enum arp_field {
+ ARP_HTYPE,
+ ARP_PTYPE,
+ ARP_HLEN,
+ ARP_PLEN,
+ ARP_OPER,
+ ARP_SHA,
+ ARP_SPA,
+ ARP_THA,
+ ARP_TPA,
+};
+
extern void protos_l2_init(void);
#endif /* TRAFGEN_L2_I_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 01/16] trafgen: Export set_fill func
Make public set_fill func to be used by proto generation code.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_conf.h | 2 ++
trafgen_parser.y | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/trafgen_conf.h b/trafgen_conf.h
index b171798..887fa3d 100644
--- a/trafgen_conf.h
+++ b/trafgen_conf.h
@@ -60,4 +60,6 @@ extern void compile_packets(char *file, bool verbose,
unsigned int cpu,
bool invoke_cpp, char *const cpp_argv[]);
extern void cleanup_packets(void);
+extern void set_fill(uint8_t val, size_t len);
+
#endif /* TRAFGEN_CONF */
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 79a8439..49ee577 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -157,7 +157,7 @@ static void set_multi_byte(uint8_t *s, size_t len)
set_byte(s[i]);
}
-static void set_fill(uint8_t val, size_t len)
+void set_fill(uint8_t val, size_t len)
{
size_t i;
struct packet *pkt = [packet_last];
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v3 12/16] trafgen: l3: Add IPv4 header generation backend
Add L3 module for implement L3 layer protos generation.
Implemented generating of IPv4 header with all fields except options.
By default IPv4 address of output device is used as src ip address.
On finish (after packet is specified) - total len & checksum is calculated.
Meanwhile Ethernet proto is initialized as default underlying proto.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l3.c | 82
trafgen_l3.h | 26 ++
trafgen_proto.c | 2 ++
4 files changed, 111 insertions(+)
create mode 100644 trafgen_l3.c
create mode 100644 trafgen_l3.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 1c95118..4f342ca 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -21,6 +21,7 @@ trafgen-objs =xmalloc.o \
cpp.o \
trafgen_proto.o \
trafgen_l2.o \
+ trafgen_l3.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l3.c b/trafgen_l3.c
new file mode 100644
index 000..dd45395
--- /dev/null
+++ b/trafgen_l3.c
@@ -0,0 +1,82 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+
+#include "csum.h"
+#include "built_in.h"
+#include "trafgen_l2.h"
+#include "trafgen_l3.h"
+#include "trafgen_proto.h"
+#include "trafgen_conf.h"
+
+static struct proto_field ipv4_fields[] = {
+ { .id = IP4_VER, .len = 1, .offset = 0, .shift = 4, .mask = 0xf0
},
+ { .id = IP4_IHL, .len = 1, .offset = 0, .shift = 0, .mask = 0x0f
},
+ { .id = IP4_DSCP, .len = 1, .offset = 1, .shift = 2, .mask = 0xfc
},
+ { .id = IP4_ECN, .len = 1, .offset = 1, .shift = 0, .mask = 0x03
},
+ { .id = IP4_TOS, .len = 1, .offset = 1 },
+ { .id = IP4_LEN, .len = 2, .offset = 2 },
+ { .id = IP4_ID,.len = 2, .offset = 4 },
+ { .id = IP4_FLAGS, .len = 2, .offset = 6, .shift = 13, .mask =
0xe000 },
+ { .id = IP4_MF,.len = 2, .offset = 6, .shift = 13, .mask =
0x2000 },
+ { .id = IP4_DF,.len = 2, .offset = 6, .shift = 14, .mask =
0x4000 },
+ { .id = IP4_FRAG_OFFS, .len = 2, .offset = 6, .shift = 0, .mask =
0x1fff },
+ { .id = IP4_TTL, .len = 1, .offset = 8 },
+ { .id = IP4_PROTO, .len = 1, .offset = 9 },
+ { .id = IP4_CSUM, .len = 2, .offset = 10 },
+ { .id = IP4_SADDR, .len = 4, .offset = 12 },
+ { .id = IP4_DADDR, .len = 4, .offset = 16 },
+};
+
+static void ipv4_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_ETH);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_ETH)
+ proto_field_set_default_be16(lower, ETH_PROTO_ID, ETH_P_IP);
+ else if (lower->id == PROTO_IP4)
+ proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_IPIP);
+
+ proto_header_fields_add(hdr, ipv4_fields, array_size(ipv4_fields));
+
+ proto_field_set_default_u8(hdr, IP4_VER, 4);
+ proto_field_set_default_u8(hdr, IP4_IHL, 5);
+ proto_field_set_default_dev_ipv4(hdr, IP4_SADDR);
+}
+
+static void ipv4_packet_finish(struct proto_hdr *hdr)
+{
+ struct packet *pkt = current_packet();
+ uint16_t total_len;
+
+ total_len = pkt->len - hdr->pkt_offset;
+ proto_field_set_default_be16(hdr, IP4_LEN, total_len);
+
+ if (!proto_field_is_set(hdr, IP4_CSUM)) {
+ uint16_t csum;
+ uint8_t ihl;
+
+ ihl = proto_field_get_u8(hdr, IP4_IHL);
+ csum = htons(calc_csum(>payload[hdr->pkt_offset], ihl *
4));
+ proto_field_set_u16(hdr, IP4_CSUM, bswap_16(csum));
+ }
+}
+
+static struct proto_hdr ipv4_hdr = {
+ .id = PROTO_IP4,
+ .layer = PROTO_L3,
+ .header_init= ipv4_header_init,
+ .packet_finish = ipv4_packet_finish,
+};
+
+void protos_l3_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l3.h b/trafgen_l3.h
new file mode 100644
index 000..d215d09
--- /dev/null
+++ b/trafgen_l3.h
@@ -0,0 +1,26 @@
+#ifndef TRAFGEN_L3_I_H
+#define TRAFGEN_L3_I_H
+
+enum ip4_field {
+ IP4_VER,
+ IP4_IHL,
+ IP4_DSCP,
+ IP4_ECN,
+ IP4_TOS,
+ IP4_LEN,
+ IP4_ID,
+ IP4_FLAGS,
+ IP4_FRAG_OFFS,
+ IP4_TTL,
+ IP4_PROTO,
+ IP4_CSUM,
+ IP4_SADDR,
+ IP4_DADDR,
+ IP4_DF,
+ IP4_MF,
+};
+
+extern void protos_l3_init(void);
+
+#endif /* TRAFGEN_L2_I_H */
+
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 58538ff..3599721 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -12,6 +12,7 @@
#include "xmalloc.h"
#include "t
[netsniff-ng] [PATCH v2 10/16] trafgen: l2: Add ARP header generation logic
Add ARP proto header fields generation via src mac, src ip,
dst mac, dst ip & operaion.
By default Ethernet proto will be initialized, and ARP Announcement
request is filled.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l2.c | 52
trafgen_l2.h | 12
2 files changed, 64 insertions(+)
diff --git a/trafgen_l2.c b/trafgen_l2.c
index 1082049..a95ba91 100644
--- a/trafgen_l2.c
+++ b/trafgen_l2.c
@@ -3,10 +3,15 @@
* Subject to the GPL, version 2.
*/
+#include
+#include
+
#include "built_in.h"
#include "trafgen_l2.h"
#include "trafgen_proto.h"
+#define ETH_BCAST { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }
+
struct proto_field eth_fields[] = {
{ .id = ETH_DST_ADDR, .len = 6, },
{ .id = ETH_SRC_ADDR, .len = 6, .offset = 6 },
@@ -26,7 +31,54 @@ static struct proto_hdr eth_hdr = {
.header_init= eth_header_init,
};
+static struct proto_field arp_fields[] = {
+ { .id = ARP_HTYPE, .len = 2 },
+ { .id = ARP_PTYPE, .len = 2, .offset = 2 },
+ { .id = ARP_HLEN, .len = 1, .offset = 4 },
+ { .id = ARP_PLEN, .len = 1, .offset = 5 },
+ { .id = ARP_OPER, .len = 2, .offset = 6 },
+ { .id = ARP_SHA, .len = 6, .offset = 8 },
+ { .id = ARP_SPA, .len = 4, .offset = 14 },
+ { .id = ARP_THA, .len = 6, .offset = 18 },
+ { .id = ARP_TPA, .len = 4, .offset = 24 },
+};
+
+static void arp_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_ETH);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_ETH) {
+ uint8_t bcast[6] = ETH_BCAST;
+
+ proto_field_set_default_bytes(lower, ETH_DST_ADDR, bcast);
+ proto_field_set_default_be16(lower, ETH_PROTO_ID, ETH_P_ARP);
+ }
+
+ proto_header_fields_add(hdr, arp_fields, array_size(arp_fields));
+
+ /* Generate Announce request by default */
+ proto_field_set_default_be16(hdr, ARP_HTYPE, ARPHRD_ETHER);
+ proto_field_set_default_be16(hdr, ARP_PTYPE, ETH_P_IP);
+ proto_field_set_default_u8(hdr, ARP_HLEN, 6);
+ proto_field_set_default_u8(hdr, ARP_PLEN, 4);
+ proto_field_set_default_be16(hdr, ARP_OPER, ARPOP_REQUEST);
+ proto_field_set_default_dev_mac(hdr, ARP_SHA);
+ proto_field_set_default_dev_ipv4(hdr, ARP_SPA);
+ proto_field_set_default_dev_ipv4(hdr, ARP_TPA);
+}
+
+static struct proto_hdr arp_hdr = {
+ .id = PROTO_ARP,
+ .layer = PROTO_L2,
+ .header_init= arp_header_init,
+};
+
void protos_l2_init(void)
{
proto_header_register(_hdr);
+ proto_header_register(_hdr);
}
diff --git a/trafgen_l2.h b/trafgen_l2.h
index 75d3d33..63cef2f 100644
--- a/trafgen_l2.h
+++ b/trafgen_l2.h
@@ -7,6 +7,18 @@ enum eth_field {
ETH_PROTO_ID,
};
+enum arp_field {
+ ARP_HTYPE,
+ ARP_PTYPE,
+ ARP_HLEN,
+ ARP_PLEN,
+ ARP_OPER,
+ ARP_SHA,
+ ARP_SPA,
+ ARP_THA,
+ ARP_TPA,
+};
+
extern void protos_l2_init(void);
#endif /* TRAFGEN_L2_I_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 16/16] trafgen: man: Add help for Ethernet, ARP, IPv4, UDP headers
Add description (basic syntax, proto header fields) for newer added
proto headers:
Ethernet, ARP, IPv4, UDP.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.8 | 174 ++
1 file changed, 174 insertions(+)
diff --git a/trafgen.8 b/trafgen.8
index ce82a5b..ae68a38 100644
--- a/trafgen.8
+++ b/trafgen.8
@@ -271,6 +271,180 @@ configuration, e.g. const16(0xaa) will result in ''00
aa''. Within c*()
functions, it is possible to do some arithmetics: -,+,*,/,%,&,|,<<,>>,^
E.g. const161<<8)+0x32)|0b110)*2) will be evaluated to ''02 6c''.
.PP
+IV) Proto header functions, fill protocol header with specified parameters.
+The protocol header follows the generic syntax:
+.in +8
+.sp
+(=,=,...,,...)
+.sp
+.in -8
+.in +4
+Parameter might be ignored and specified in any order, once parameter is set
+- the default value is ignored. So just proto header might be specified.
+.sp
+All required lower layer headers will be filled automatically in case if they
+were not specified by the user. The headers will be filled in the order as they
+were specified. Each header will be filled with some mimimum required set of
fields.
+.in -4
+.sp
+.in +4
+Supported proto headers:
+.sp
+
+.in +4
+.I Ethernet
+:
+.B eth(da=, sa=, prot[o]=)
+.sp
+.in +15
+.B da|daddr
+- set destination MAC address (default 00:00:00:00:00:00).
+.sp
+.B sa|saddr
+- set source MAC address (default device's MAC address).
+.sp
+.B prot|proto
+- set Ethernet type/proro number (default 0).
+.in -15
+.in -4
+
+.in +4
+.I ARP
+:
+.B arp(op=<req|reply|resp>, smac=, sip=, tmac=,
tip=)
+.sp
+.in +15
+.B op
+- set ARP operation type (request/reply/response) (default request).
+.sp
+.B smac|sha
+- set sender HW (MAC) address (default device's MAC address).
+.sp
+.B sip|spa
+- set sender proto (IPv4) address (default device's IPv4 address).
+.sp
+.B tmac|tha
+- set target HW (MAC) address (default 00:00:00:00:00:00).
+.sp
+.B tip|tpa
+- set target proto (IPv4) address (default device's IPv4 address).
+.in -15
+.sp
+.in +4
+By default ARP Announcement request packet is filled, Ethernet destination MAC
+set to broadcast.
+.in -4
+.in -4
+
+.in +4
+.I IPv4
+:
+.B ip4|ipv4(ihl=, ver=, len=, csum=,
+.B ttl=, tos=, dscp=, ecn=,
+.in +15
+.B id=, flags=, frag=, df, mf, da=,
sa=,
+.B prot[o]=)
+.in -15
+.sp
+.in +15
+.B ver|version
+- set version field (default 4).
+.sp
+.B ihl
+- set header length in the numbers of 4 bytes (default 5).
+.sp
+.B tos
+- set TOS (Type Of Service) field (default 0).
+.sp
+.B dscp
+- set DSCP (DiffServ) field (default 0).
+.sp
+.B ecn
+- set ECN field (default 0).
+.sp
+.B len|length
+- set total length of header and data (calculated by default).
+.sp
+.B id
+- set IPv4 datagram identificator (default 0).
+.sp
+.B flags
+- set IPv4 flags value (DF,MF) (default 0).
+.sp
+.B df
+- set DF (dont fragment) flag (default 0).
+.sp
+.B mf
+- set MF (more fragment) flag (default 0).
+.sp
+.B frag
+- set fragment offset field in numbers of 8 bytes (default 0).
+.sp
+.B ttl
+- set TTL (time to live) field (default 0).
+.sp
+.B csum
+- set header checksum field (calculated by default).
+.sp
+.B sa|saddr
+- set source IPv4 address (default device's IPv4 address).
+.sp
+.B da|daddr
+- set destination IPv4 address (default 0.0.0.0).
+.sp
+.B prot|proto
+- set IPv4 proro number (default 0).
+.in -15
+.sp
+.in +4
+By default if lower header is Ethernet - ether type is set to IPv4,
+if lower header is IPv4 - proto is set to value 0x4 (IP-in-IP).
+.in -4
+.in -4
+
+.in +4
+.I UDP
+:
+.B udp(sp=, dp=, len=, csum=)
+.sp
+.in +15
+.B sp|sport
+- set source UDP port (default 0).
+.sp
+.B dp|dport
+- set destination UDP port (default 0).
+.sp
+.B len|length
+- set length field of UDP header and data (calculated by default).
+.sp
+.B csum
+- set checksum field calculated on IPv4 pseudo header (calculated by default).
+.sp
+.in -15
+.in +4
+By default if lower header is IPv4 - proto is set to UDP.
+.in -4
+.in -4
+
+Example of some invalid DNS packet:
+.sp
+.in +4
+{
+.in +4
+eth(da=11:22:33:44:55:66),
+.sp
+ip4(da=2.2.2.2),
+.sp
+udp(sp=111, dp=53),
+.sp
+fill(0xff, 10),
+.in -4
+}
+.in -4
+
+.in -4
+
+.PP
Furthermore, there are two types of comments in trafgen configuration files:
.PP
1. Multi-line C-style comments:/* put comment here */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 08/16] trafgen: parser: Add syntax to generate Ethernet header
Add syntax for generating Ethernet header fields like:
{ eth(prot=0x0800, da=11:22:33:44:55:66), fill(0xff, 60) }
{ eth(prot=0x0800) }
{ eth() }
It is important that proto_init is called before fields will be filled
to initialize the specified proto with header fields.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 15 +++
trafgen_parser.y | 57 +++-
2 files changed, 71 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index 6c27b0c..ac4fec1 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -19,6 +19,7 @@
#include "trafgen_parser.tab.h"
#include "xmalloc.h"
#include "built_in.h"
+#include "str.h"
extern void yyerror(const char *);
@@ -75,6 +76,9 @@ number_bin([0]?[b][0-1]+)
number_dec (([0])|([1-9][0-9]*))
number_ascii ([a-zA-Z])
+mac_hex([a-fA-F0-9]+)
+mac({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
+
%%
"cpu" { return K_CPU; }
@@ -99,6 +103,12 @@ number_ascii([a-zA-Z])
"const32"|"c32"{ return K_CONST32; }
"const64"|"c64"{ return K_CONST64; }
+"daddr"|"da" { return K_DADDR; }
+"saddr"|"sa" { return K_SADDR; }
+"prot"[o]? { return K_PROT; }
+
+"eth" { return K_ETH; }
+
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
[ ]*"*"[ ]*{ return '*'; }
@@ -117,6 +127,7 @@ number_ascii([a-zA-Z])
"]"{ return ']'; }
","{ return ','; }
":"{ return ':'; }
+"="{ return '='; }
"\n" { yylineno++; }
@@ -146,6 +157,10 @@ number_ascii ([a-zA-Z])
{number_ascii} { yylval.number = (uint8_t) (*yytext);
return number; }
+{mac} { if (str2mac(yytext, yylval.bytes))
+ panic("Failed to parse MAC addres %s\n", yytext);
+ return mac; }
+
"'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
return number; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 4725f7c..df1b1a6 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -21,6 +21,8 @@
#include "xmalloc.h"
#include "trafgen_parser.tab.h"
#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+#include "trafgen_l2.h"
#include "built_in.h"
#include "die.h"
#include "str.h"
@@ -59,6 +61,8 @@ extern size_t dlen;
static int our_cpu, min_cpu = -1, max_cpu = -1;
+static struct proto_hdr *hdr;
+
static inline int test_ignore(void)
{
if (min_cpu < 0 && max_cpu < 0)
@@ -324,22 +328,33 @@ static void set_dynamic_incdec(uint8_t start, uint8_t
stop, uint8_t stepping,
__setup_new_counter(>cnt[packetdc_last], start, stop, stepping,
type);
}
+static void proto_add(enum proto_id pid)
+{
+ proto_header_init(pid);
+ hdr = proto_current_header();
+}
+
%}
%union {
long long int number;
+ uint8_t bytes[256];
char *str;
}
%token K_COMMENT K_FILL K_RND K_SEQINC K_SEQDEC K_DRND K_DINC K_DDEC K_WHITE
%token K_CPU K_CSUMIP K_CSUMUDP K_CSUMTCP K_CSUMUDP6 K_CSUMTCP6 K_CONST8
K_CONST16 K_CONST32 K_CONST64
+%token K_DADDR K_SADDR K_PROT
+%token K_ETH
+
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
-%token number string
+%token number string mac
%type number expression
%type string
+%type mac
%left '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -372,9 +387,16 @@ noenforce_white
| delimiter_nowhite { }
;
+skip_white
+ : { }
+ | K_WHITE { }
+ ;
packet
: '{' noenforce_white payload noenforce_white '}' {
min_cpu = max_cpu = -1;
+
+ proto_packet_finish();
+
realloc_packet();
}
| K_CPU '(' number cpu_delim number ')' ':' noenforce_white '{'
noenforce_white payload noenforce_white '}' {
@@ -388,10 +410,15 @@ packet
max_cpu = tmp;
}
+ proto_packet_finish();
+
realloc_packet();
}
| K_CPU '(' number ')' ':' noenforce_white '{' noenforce_white payload
noenforce_white '}' {
min_cpu = max_cpu = $3;
+
+ proto_packet_finish();
+
realloc_packet();
}
;
@@ -422,6 +449,7 @@ elem
| ddec { }
| csum { }
| const { }
+ | proto { proto_header_finish(hdr); }
| inline_comme
[netsniff-ng] [PATCH v2 09/16] trafgen: proto: Add func to fill field with device ipv4 addr
Add helper which fill device's ipv4 addr to the specified proto field.
It will be used by such protos like ARP, IPv4, etc.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_proto.c | 32
trafgen_proto.h | 3 +++
2 files changed, 35 insertions(+)
diff --git a/trafgen_proto.c b/trafgen_proto.c
index efa6803..dac806e 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -5,6 +5,7 @@
#include
#include
+#include
#include
#include "dev.h"
@@ -326,6 +327,37 @@ void proto_field_set_default_dev_mac(struct proto_hdr
*hdr, uint32_t fid)
__proto_field_set_dev_mac(hdr, fid, true);
}
+static void __proto_field_set_dev_ipv4(struct proto_hdr *hdr, uint32_t fid,
+ bool is_default)
+{
+ struct sockaddr_storage ss = { };
+ struct sockaddr_in *ss4;
+ uint32_t ip_addr;
+ int ret;
+
+ if (proto_field_is_set(hdr, fid))
+ return;
+
+ ret = device_address(hdr->ctx->dev, AF_INET, );
+ if (ret < 0)
+ panic("Could not get device IPv4 address\n");
+
+ ss4 = (struct sockaddr_in *)
+ ip_addr = ss4->sin_addr.s_addr;
+
+ __proto_field_set_bytes(hdr, fid, (uint8_t *)_addr, is_default,
false);
+}
+
+void proto_field_set_dev_ipv4(struct proto_hdr *hdr, uint32_t fid)
+{
+ __proto_field_set_dev_ipv4(hdr, fid, false);
+}
+
+void proto_field_set_default_dev_ipv4(struct proto_hdr *hdr, uint32_t fid)
+{
+ __proto_field_set_dev_ipv4(hdr, fid, true);
+}
+
void protos_init(char *dev)
{
struct proto_hdr *p;
diff --git a/trafgen_proto.h b/trafgen_proto.h
index 4041c27..b0578e3 100644
--- a/trafgen_proto.h
+++ b/trafgen_proto.h
@@ -96,4 +96,7 @@ extern void proto_field_set_default_be32(struct proto_hdr
*hdr, uint32_t fid,
extern void proto_field_set_dev_mac(struct proto_hdr *hdr, uint32_t fid);
extern void proto_field_set_default_dev_mac(struct proto_hdr *hdr, uint32_t
fid);
+extern void proto_field_set_dev_ipv4(struct proto_hdr *hdr, uint32_t fid);
+extern void proto_field_set_default_dev_ipv4(struct proto_hdr *hdr, uint32_t
fid);
+
#endif /* TRAFGEN_PROTO_I_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 14/16] trafgen: l4: Add UDP header generation logic
Add trafgen_l4.c module with implementation
of UDP header fields gneration.
UDP proto generation logic automaticaly sets by default
IPPROTO_UDP to the lower proto if it is IPv4, also cscum is
calculated if it is not set by user.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l4.c | 71
trafgen_l4.h | 14 +++
trafgen_proto.c | 2 ++
4 files changed, 88 insertions(+)
create mode 100644 trafgen_l4.c
create mode 100644 trafgen_l4.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 4f342ca..3f78f07 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -22,6 +22,7 @@ trafgen-objs =xmalloc.o \
trafgen_proto.o \
trafgen_l2.o \
trafgen_l3.o \
+ trafgen_l4.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l4.c b/trafgen_l4.c
new file mode 100644
index 000..286e54a
--- /dev/null
+++ b/trafgen_l4.c
@@ -0,0 +1,71 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+#include
+
+#include "die.h"
+#include "csum.h"
+#include "built_in.h"
+#include "trafgen_l3.h"
+#include "trafgen_l4.h"
+#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+
+static struct proto_field udp_fields[] = {
+ { .id = UDP_SPORT, .len = 2, .offset = 0 },
+ { .id = UDP_DPORT, .len = 2, .offset = 2 },
+ { .id = UDP_LEN,.len = 2, .offset = 4 },
+ { .id = UDP_CSUM, .len = 2, .offset = 6 },
+};
+
+static void udp_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_IP4);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_IP4)
+ proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_UDP);
+
+ proto_header_fields_add(hdr, udp_fields, array_size(udp_fields));
+}
+
+static void udp_packet_finish(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower = proto_lower_header(hdr);
+ struct packet *pkt = current_packet();
+ uint16_t total_len;
+ uint16_t csum;
+
+ total_len = pkt->len - hdr->pkt_offset;
+ proto_field_set_default_be16(hdr, UDP_LEN, total_len);
+
+ if (proto_field_is_set(hdr, UDP_CSUM))
+ return;
+
+ if (!lower || lower->id != PROTO_IP4)
+ return;
+
+ total_len = proto_field_get_u16(hdr, UDP_LEN);
+ csum = p4_csum((void *) proto_header_ptr(lower), proto_header_ptr(hdr),
+ total_len, IPPROTO_UDP);
+
+ proto_field_set_be16(hdr, UDP_CSUM, bswap_16(csum));
+}
+
+static struct proto_hdr udp_hdr = {
+ .id = PROTO_UDP,
+ .layer = PROTO_L4,
+ .header_init= udp_header_init,
+ .packet_finish = udp_packet_finish,
+};
+
+void protos_l4_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l4.h b/trafgen_l4.h
new file mode 100644
index 000..1a60ea5
--- /dev/null
+++ b/trafgen_l4.h
@@ -0,0 +1,14 @@
+#ifndef TRAFGEN_L4_I_H
+#define TRAFGEN_L4_I_H
+
+enum udp_field {
+ UDP_SPORT,
+ UDP_DPORT,
+ UDP_LEN,
+ UDP_CSUM,
+};
+
+extern void protos_l4_init(void);
+
+#endif /* TRAFGEN_L4_I_H */
+
diff --git a/trafgen_proto.c b/trafgen_proto.c
index e803f27..a36c0af 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -13,6 +13,7 @@
#include "trafgen_conf.h"
#include "trafgen_l2.h"
#include "trafgen_l3.h"
+#include "trafgen_l4.h"
#include "trafgen_proto.h"
#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
@@ -367,6 +368,7 @@ void protos_init(char *dev)
protos_l2_init();
protos_l3_init();
+ protos_l4_init();
for (p = registered; p; p = p->next)
p->ctx =
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 02/16] trafgen: Add helper to get current packet
Add current_packet() helper for getting current
used packet and make it public to other modules.
It will be used by proto generation logic.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_conf.h | 2 ++
trafgen_parser.y | 5 +
2 files changed, 7 insertions(+)
diff --git a/trafgen_conf.h b/trafgen_conf.h
index 887fa3d..50b437b 100644
--- a/trafgen_conf.h
+++ b/trafgen_conf.h
@@ -62,4 +62,6 @@ extern void cleanup_packets(void);
extern void set_fill(uint8_t val, size_t len);
+extern struct packet *current_packet(void);
+
#endif /* TRAFGEN_CONF */
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 49ee577..4725f7c 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -137,6 +137,11 @@ static void realloc_packet(void)
__init_new_csum_slot(_dyn[packetd_last]);
}
+struct packet *current_packet(void)
+{
+ return [packet_last];
+}
+
static void set_byte(uint8_t val)
{
struct packet *pkt = [packet_last];
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 03/16] trafgen: Add basic proto generation logic
Add new trafgen_proto.c module with basic proto
header fields generation logic.
Each proto must implement proto_hdr struct and register it
to the global proto list.
Proto header consist from set of fields, and each field must be
described via proto_field struct by specifying unique id, len,
offset (relative to the header). Small fields ( < 8 bits) can be
described via left shift & mask.
Few callbacks are invoked to perform special actions to build
the header:
1) header_init - required fields must be added to the packet and
initialized with default values.
2) header_finish - it is invoked when header is specified, all user
specified fields are set.
3) packet_finish - callback is invoked from upper to lower header
to calculate such things like total len, checksum.
Proto generation API provides easy proto field setters/getters to easy
craft the packet via parser.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.c| 3 +
trafgen/Makefile | 1 +
trafgen_proto.c | 331 +++
trafgen_proto.h | 96
4 files changed, 431 insertions(+)
create mode 100644 trafgen_proto.c
create mode 100644 trafgen_proto.h
diff --git a/trafgen.c b/trafgen.c
index c74a973..949f909 100644
--- a/trafgen.c
+++ b/trafgen.c
@@ -54,6 +54,7 @@
#include "timer.h"
#include "ring_tx.h"
#include "csum.h"
+#include "trafgen_proto.h"
#ifndef timeval_to_timespec
#define timeval_to_timespec(tv, ts) { \
@@ -1215,6 +1216,8 @@ int main(int argc, char **argv)
register_signal(SIGTERM, signal_handler);
register_signal(SIGHUP, signal_handler);
+ protos_init(ctx.device);
+
if (prio_high) {
set_proc_prio(-20);
set_sched_status(SCHED_FIFO,
sched_get_priority_max(SCHED_FIFO));
diff --git a/trafgen/Makefile b/trafgen/Makefile
index bc256b2..2ea684f 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -19,6 +19,7 @@ trafgen-objs =xmalloc.o \
timer.o \
sysctl.o \
cpp.o \
+ trafgen_proto.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_proto.c b/trafgen_proto.c
new file mode 100644
index 000..787da7a
--- /dev/null
+++ b/trafgen_proto.c
@@ -0,0 +1,331 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+#include
+
+#include "xmalloc.h"
+#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+
+#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
+ ((f)->mask ? (f)->mask : (0x)))
+
+#define field_unmask_and_unshift(f, v) (((v) & \
+ ((f)->mask ? (f)->mask : (0x))) >> (f)->shift)
+
+static struct proto_ctx ctx;
+
+#define PROTO_MAX_LAYERS 16
+
+static struct proto_hdr *headers[PROTO_MAX_LAYERS];
+static uint32_t headers_count;
+
+static struct proto_hdr *registered;
+
+struct proto_hdr *proto_current_header(void)
+{
+ if (headers_count > 0)
+ return headers[headers_count - 1];
+
+ panic("No header was added\n");
+}
+
+struct proto_hdr *proto_lower_header(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower = NULL;
+ uint32_t i;
+
+ if (headers_count == 0)
+ return NULL;
+
+ for (i = 1, lower = headers[0]; i < headers_count; i++) {
+ if (headers[i] == hdr)
+ return headers[i - 1];
+ }
+
+ return lower;
+}
+
+uint8_t *proto_header_ptr(struct proto_hdr *hdr)
+{
+ return _packet()->payload[hdr->pkt_offset];
+}
+
+static struct proto_hdr *proto_header_by_id(enum proto_id id)
+{
+ struct proto_hdr *p = registered;
+
+ for (; p; p = p->next)
+ if (p->id == id)
+ return p;
+
+ panic("Can't lookup proto by id %u\n", id);
+}
+
+void proto_header_register(struct proto_hdr *hdr)
+{
+ hdr->next = registered;
+ registered = hdr;
+
+ hdr->fields = NULL;
+ hdr->fields_count = 0;
+}
+
+static void proto_fields_realloc(struct proto_hdr *hdr, size_t count)
+{
+ hdr->fields = xrealloc(hdr->fields, count * sizeof(*hdr->fields));
+ hdr->fields_count = count;
+}
+
+void proto_header_fields_add(struct proto_hdr *hdr, struct proto_field *fields,
+size_t count)
+{
+ struct packet *pkt = current_packet();
+ struct proto_field *f;
+ int i;
+
+ if (!hdr->fields)
+ hdr->pkt_offset = pkt->len;
+
+ proto_fields_realloc(hdr, hdr->fields_count + count);
+
+ for (i = 0; count >= 1; count--, i++) {
+ f = >fields[hdr->fields_count - count]
[netsniff-ng] [PATCH v2 01/16] trafgen: Export set_fill func
Make public set_fill func to be used by proto generation code.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_conf.h | 2 ++
trafgen_parser.y | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/trafgen_conf.h b/trafgen_conf.h
index b171798..887fa3d 100644
--- a/trafgen_conf.h
+++ b/trafgen_conf.h
@@ -60,4 +60,6 @@ extern void compile_packets(char *file, bool verbose,
unsigned int cpu,
bool invoke_cpp, char *const cpp_argv[]);
extern void cleanup_packets(void);
+extern void set_fill(uint8_t val, size_t len);
+
#endif /* TRAFGEN_CONF */
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 79a8439..49ee577 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -157,7 +157,7 @@ static void set_multi_byte(uint8_t *s, size_t len)
set_byte(s[i]);
}
-static void set_fill(uint8_t val, size_t len)
+void set_fill(uint8_t val, size_t len)
{
size_t i;
struct packet *pkt = [packet_last];
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 11/16] trafgen: parser: Add syntax to generate ARP header fields
Add syntax to generate ARP header fields:
{ arp(op=req, sip=1.1.1.1, smac=11:22:33:44:55:66) }
{ arp() }
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 15 +++
trafgen_parser.y | 38 +-
2 files changed, 52 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index ac4fec1..e89d8c8 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -15,6 +15,7 @@
#include
#include
#include
+#include
#include "trafgen_parser.tab.h"
#include "xmalloc.h"
@@ -78,6 +79,7 @@ number_ascii ([a-zA-Z])
mac_hex([a-fA-F0-9]+)
mac({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
+ip_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
%%
@@ -107,7 +109,16 @@ mac
({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
"saddr"|"sa" { return K_SADDR; }
"prot"[o]? { return K_PROT; }
+"sha"|"smac" { return K_SHA; }
+"spa"|"sip"{ return K_SPA; }
+"tha"|"tmac" { return K_THA; }
+"tpa"|"tip"{ return K_TPA; }
+"req" { return K_REQ; }
+"resp"|"reply" { return K_RESP; }
+"op" { return K_OPER; }
+
"eth" { return K_ETH; }
+"arp" { return K_ARP; }
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
@@ -161,6 +172,10 @@ mac
({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
panic("Failed to parse MAC addres %s\n", yytext);
return mac; }
+{ip_addr} { if (inet_pton(AF_INET, yytext, _addr) != 1)
+ panic("Failed to parse IPv4 address %s\n", yytext);
+ return ip_addr; };
+
"'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
return number; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index df1b1a6..5c9dcd9 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -17,6 +17,8 @@
#include
#include
#include
+#include
+#include
#include "xmalloc.h"
#include "trafgen_parser.tab.h"
@@ -337,6 +339,7 @@ static void proto_add(enum proto_id pid)
%}
%union {
+ struct in_addr ip_addr;
long long int number;
uint8_t bytes[256];
char *str;
@@ -346,15 +349,19 @@ static void proto_add(enum proto_id pid)
%token K_CPU K_CSUMIP K_CSUMUDP K_CSUMTCP K_CSUMUDP6 K_CSUMTCP6 K_CONST8
K_CONST16 K_CONST32 K_CONST64
%token K_DADDR K_SADDR K_PROT
+%token K_OPER K_SHA K_SPA K_THA K_TPA K_REQ K_RESP
+
%token K_ETH
+%token K_ARP
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
-%token number string mac
+%token number string mac ip_addr
%type number expression
%type string
%type mac
+%type ip_addr
%left '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -566,6 +573,7 @@ ddec
proto
: eth_proto { }
+ | arp_proto { }
;
eth_proto
@@ -591,6 +599,34 @@ eth_field
{ proto_field_set_be16(hdr, ETH_PROTO_ID, $5); }
;
+arp_proto
+ : arp '(' arp_param_list ')' { }
+ ;
+
+arp_param_list
+ : { }
+ | arp_field { }
+ | arp_field delimiter arp_param_list { }
+ ;
+
+arp_field
+ : K_OPER skip_white '=' skip_white K_REQ
+ { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REQUEST); }
+ | K_OPER skip_white '=' skip_white K_RESP
+ { proto_field_set_be16(hdr, ARP_OPER, ARPOP_REPLY); }
+ | K_SHA skip_white '=' skip_white mac
+ { proto_field_set_bytes(hdr, ARP_SHA, $5); }
+ | K_THA skip_white '=' skip_white mac
+ { proto_field_set_bytes(hdr, ARP_THA, $5); }
+ | K_SPA skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(hdr, ARP_SPA, $5.s_addr); }
+ | K_TPA skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(hdr, ARP_TPA, $5.s_addr); }
+ ;
+arp
+ : K_ARP { proto_add(PROTO_ARP); }
+ ;
+
%%
static void finalize_packet(void)
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 15/16] trafgen: parser: Add syntax to build UDP header
Added trafgen syntax to set UDP header fields:
{ udp(sport=111, dport=222) }
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 4
trafgen_parser.y | 29 +
2 files changed, 33 insertions(+)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index 26876b4..98afc91 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -131,9 +131,13 @@ ip_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"df" { return K_DF; }
"mf" { return K_MF; }
+"sp"|"sport" { return K_SPORT; }
+"dp"|"dport" { return K_DPORT; }
+
"eth" { return K_ETH; }
"arp" { return K_ARP; }
"ip4"|"ipv4" { return K_IP4; }
+"udp" { return K_UDP; }
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 7ca8ef2..4838a8b 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -26,6 +26,7 @@
#include "trafgen_proto.h"
#include "trafgen_l2.h"
#include "trafgen_l3.h"
+#include "trafgen_l4.h"
#include "built_in.h"
#include "die.h"
#include "str.h"
@@ -352,10 +353,12 @@ static void proto_add(enum proto_id pid)
%token K_DADDR K_SADDR K_PROT
%token K_OPER K_SHA K_SPA K_THA K_TPA K_REQ K_RESP
%token K_TTL K_DSCP K_ECN K_TOS K_LEN K_ID K_FLAGS K_FRAG K_IHL K_VER K_CSUM
K_DF K_MF
+%token K_SPORT K_DPORT
%token K_ETH
%token K_ARP
%token K_IP4
+%token K_UDP
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -578,6 +581,7 @@ proto
: eth_proto { }
| arp_proto { }
| ip4_proto { }
+ | udp_proto { }
;
eth_proto
@@ -678,6 +682,31 @@ ip4
: K_IP4 { proto_add(PROTO_IP4); }
;
+udp_proto
+ : udp '(' udp_param_list ')' { }
+ ;
+
+udp_param_list
+ : { }
+ | udp_field { }
+ | udp_field delimiter udp_param_list { }
+ ;
+
+udp_field
+ : K_SPORT skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_SPORT, $5); }
+ | K_DPORT skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_DPORT, $5); }
+ | K_LEN skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_LEN, $5); }
+ | K_CSUM skip_white '=' skip_white number
+ { proto_field_set_be16(hdr, UDP_CSUM, $5); }
+ ;
+
+udp
+ : K_UDP { proto_add(PROTO_UDP); }
+ ;
+
%%
static void finalize_packet(void)
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v2 12/16] trafgen: l3: Add IPv4 header generation backend
Add L3 module for implement L3 layer protos generation.
Implemented generating of IPv4 header with all fields except options.
By default IPv4 address of output device is used as src ip address.
On finish (after packet is specified) - total len & checksum is calculated.
Meanwhile Ethernet proto is initialized as default underlying proto.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l3.c | 82
trafgen_l3.h | 26 ++
trafgen_proto.c | 2 ++
4 files changed, 111 insertions(+)
create mode 100644 trafgen_l3.c
create mode 100644 trafgen_l3.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 1c95118..4f342ca 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -21,6 +21,7 @@ trafgen-objs =xmalloc.o \
cpp.o \
trafgen_proto.o \
trafgen_l2.o \
+ trafgen_l3.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l3.c b/trafgen_l3.c
new file mode 100644
index 000..dd45395
--- /dev/null
+++ b/trafgen_l3.c
@@ -0,0 +1,82 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+
+#include "csum.h"
+#include "built_in.h"
+#include "trafgen_l2.h"
+#include "trafgen_l3.h"
+#include "trafgen_proto.h"
+#include "trafgen_conf.h"
+
+static struct proto_field ipv4_fields[] = {
+ { .id = IP4_VER, .len = 1, .offset = 0, .shift = 4, .mask = 0xf0
},
+ { .id = IP4_IHL, .len = 1, .offset = 0, .shift = 0, .mask = 0x0f
},
+ { .id = IP4_DSCP, .len = 1, .offset = 1, .shift = 2, .mask = 0xfc
},
+ { .id = IP4_ECN, .len = 1, .offset = 1, .shift = 0, .mask = 0x03
},
+ { .id = IP4_TOS, .len = 1, .offset = 1 },
+ { .id = IP4_LEN, .len = 2, .offset = 2 },
+ { .id = IP4_ID,.len = 2, .offset = 4 },
+ { .id = IP4_FLAGS, .len = 2, .offset = 6, .shift = 13, .mask =
0xe000 },
+ { .id = IP4_MF,.len = 2, .offset = 6, .shift = 13, .mask =
0x2000 },
+ { .id = IP4_DF,.len = 2, .offset = 6, .shift = 14, .mask =
0x4000 },
+ { .id = IP4_FRAG_OFFS, .len = 2, .offset = 6, .shift = 0, .mask =
0x1fff },
+ { .id = IP4_TTL, .len = 1, .offset = 8 },
+ { .id = IP4_PROTO, .len = 1, .offset = 9 },
+ { .id = IP4_CSUM, .len = 2, .offset = 10 },
+ { .id = IP4_SADDR, .len = 4, .offset = 12 },
+ { .id = IP4_DADDR, .len = 4, .offset = 16 },
+};
+
+static void ipv4_header_init(struct proto_hdr *hdr)
+{
+ struct proto_hdr *lower;
+
+ proto_lower_default_add(PROTO_ETH);
+
+ lower = proto_current_header();
+
+ if (lower->id == PROTO_ETH)
+ proto_field_set_default_be16(lower, ETH_PROTO_ID, ETH_P_IP);
+ else if (lower->id == PROTO_IP4)
+ proto_field_set_default_u8(lower, IP4_PROTO, IPPROTO_IPIP);
+
+ proto_header_fields_add(hdr, ipv4_fields, array_size(ipv4_fields));
+
+ proto_field_set_default_u8(hdr, IP4_VER, 4);
+ proto_field_set_default_u8(hdr, IP4_IHL, 5);
+ proto_field_set_default_dev_ipv4(hdr, IP4_SADDR);
+}
+
+static void ipv4_packet_finish(struct proto_hdr *hdr)
+{
+ struct packet *pkt = current_packet();
+ uint16_t total_len;
+
+ total_len = pkt->len - hdr->pkt_offset;
+ proto_field_set_default_be16(hdr, IP4_LEN, total_len);
+
+ if (!proto_field_is_set(hdr, IP4_CSUM)) {
+ uint16_t csum;
+ uint8_t ihl;
+
+ ihl = proto_field_get_u8(hdr, IP4_IHL);
+ csum = htons(calc_csum(>payload[hdr->pkt_offset], ihl *
4));
+ proto_field_set_u16(hdr, IP4_CSUM, bswap_16(csum));
+ }
+}
+
+static struct proto_hdr ipv4_hdr = {
+ .id = PROTO_IP4,
+ .layer = PROTO_L3,
+ .header_init= ipv4_header_init,
+ .packet_finish = ipv4_packet_finish,
+};
+
+void protos_l3_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l3.h b/trafgen_l3.h
new file mode 100644
index 000..d215d09
--- /dev/null
+++ b/trafgen_l3.h
@@ -0,0 +1,26 @@
+#ifndef TRAFGEN_L3_I_H
+#define TRAFGEN_L3_I_H
+
+enum ip4_field {
+ IP4_VER,
+ IP4_IHL,
+ IP4_DSCP,
+ IP4_ECN,
+ IP4_TOS,
+ IP4_LEN,
+ IP4_ID,
+ IP4_FLAGS,
+ IP4_FRAG_OFFS,
+ IP4_TTL,
+ IP4_PROTO,
+ IP4_CSUM,
+ IP4_SADDR,
+ IP4_DADDR,
+ IP4_DF,
+ IP4_MF,
+};
+
+extern void protos_l3_init(void);
+
+#endif /* TRAFGEN_L2_I_H */
+
diff --git a/trafgen_proto.c b/trafgen_proto.c
index dac806e..e803f27 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -12,6 +12,7 @@
#include "xmalloc.h"
#include "t
[netsniff-ng] [PATCH v2 06/16] trafgen: l2: Add Ethernet proto header generation
Add trafgen_l2.c module for generating L2 related headers.
Add Ethernet header generating. By default source MAC address
is used from the specified output device.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l2.c | 32
trafgen_l2.h | 12
trafgen_proto.c | 3 +++
4 files changed, 48 insertions(+)
create mode 100644 trafgen_l2.c
create mode 100644 trafgen_l2.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 2ea684f..1c95118 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -20,6 +20,7 @@ trafgen-objs =xmalloc.o \
sysctl.o \
cpp.o \
trafgen_proto.o \
+ trafgen_l2.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l2.c b/trafgen_l2.c
new file mode 100644
index 000..1082049
--- /dev/null
+++ b/trafgen_l2.c
@@ -0,0 +1,32 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include "built_in.h"
+#include "trafgen_l2.h"
+#include "trafgen_proto.h"
+
+struct proto_field eth_fields[] = {
+ { .id = ETH_DST_ADDR, .len = 6, },
+ { .id = ETH_SRC_ADDR, .len = 6, .offset = 6 },
+ { .id = ETH_PROTO_ID, .len = 2, .offset = 12 },
+};
+
+static void eth_header_init(struct proto_hdr *hdr)
+{
+ proto_header_fields_add(hdr, eth_fields, array_size(eth_fields));
+
+ proto_field_set_default_dev_mac(hdr, ETH_SRC_ADDR);
+}
+
+static struct proto_hdr eth_hdr = {
+ .id = PROTO_ETH,
+ .layer = PROTO_L2,
+ .header_init= eth_header_init,
+};
+
+void protos_l2_init(void)
+{
+ proto_header_register(_hdr);
+}
diff --git a/trafgen_l2.h b/trafgen_l2.h
new file mode 100644
index 000..75d3d33
--- /dev/null
+++ b/trafgen_l2.h
@@ -0,0 +1,12 @@
+#ifndef TRAFGEN_L2_I_H
+#define TRAFGEN_L2_I_H
+
+enum eth_field {
+ ETH_DST_ADDR,
+ ETH_SRC_ADDR,
+ ETH_PROTO_ID,
+};
+
+extern void protos_l2_init(void);
+
+#endif /* TRAFGEN_L2_I_H */
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 69579fa..efa6803 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -10,6 +10,7 @@
#include "dev.h"
#include "xmalloc.h"
#include "trafgen_conf.h"
+#include "trafgen_l2.h"
#include "trafgen_proto.h"
#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
@@ -331,6 +332,8 @@ void protos_init(char *dev)
ctx.dev = dev;
+ protos_l2_init();
+
for (p = registered; p; p = p->next)
p->ctx =
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 00/13] trafgen: Add proto header generation
On Mon, Jan 25, 2016 at 09:56:37AM +0100, Tobias Klauser wrote:
> On 2016-01-21 at 00:19:48 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
> > Add new trafgen proto generation framework which allows to describe
> > proto header fields and easy build the proto header by set/get proto
> > header fields value.
>
> This is great, thanks a lot for doing this! I only had the chance to
> have a quick look at the series and couldn't find any major problems,
> except for one thing: Please add a patch for trafgen.8, adding a section
> which shortly describes the keywords, supported protocols, default
> values for fields not specified etc. Having the user dig through git
> commit messages or parser grammars to figure out how to use these
> features is not very nice :)
>
> Once you add that I think we can safely apply the series and fix any
> remaining issues in follow-up patches. I'll also reply to some of the
> patches with some minor comments which you might want to consider for v2
> along with the changes you already announced.
>
> Thanks!
BTW, I reworked to make possible to specify headers in any order and
multiple times (which was not possible in previous version), so it
allows to make such constructions like:
{ ip(), ip(proto=0x1) }
which builds ip-in-ip header (including Ethernet). And now user
responsible to specify the order of headers, but lower layers still will
be added automatically if they were not specified by user.
Regarding man changes, well I did not include it because I am not good
in English so to do not block this series in case of English issues I
decided to work on it separately, but OK - I will try to document it.
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 04/13] trafgen: Add basic proto generation logic
On Mon, Jan 25, 2016 at 10:15:24AM +0100, Tobias Klauser wrote:
> On 2016-01-21 at 00:19:52 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
> > Add new trafgen_proto.c module with basic proto
> > header fields generation logic.
> >
> > Each proto must implement proto_gen struct and register it
> > to the global proto list.
> >
> > Proto header consist from set of fields, and each field must be
> > described via proto_field struct by specifying unique id, len,
> > offset (relative to the header). Small fields ( < 8 bits) can be
> > described via left shift & mask.
> >
> > On header_init required fields must be added to the packet and
> > initialized with default values.
> >
> > header_finish callback is invoked from upper to lower proto
> > and some final calculations might be performed (total len, checksum).
> >
> > Proto generation API provides easy proto field setters/getters to easy
> > craft the packet via parser.
> >
> > Signed-off-by: Vadim Kochan <vadi...@gmail.com>
> > ---
> > trafgen.c| 3 +
> > trafgen/Makefile | 1 +
> > trafgen_proto.c | 288
> > +++
> > trafgen_proto.h | 82
> > 4 files changed, 374 insertions(+)
> > create mode 100644 trafgen_proto.c
> > create mode 100644 trafgen_proto.h
> >
> > diff --git a/trafgen.c b/trafgen.c
> > index c74a973..949f909 100644
> > --- a/trafgen.c
> > +++ b/trafgen.c
> > @@ -54,6 +54,7 @@
> > #include "timer.h"
> > #include "ring_tx.h"
> > #include "csum.h"
> > +#include "trafgen_proto.h"
> >
> > #ifndef timeval_to_timespec
> > #define timeval_to_timespec(tv, ts) { \
> > @@ -1215,6 +1216,8 @@ int main(int argc, char **argv)
> > register_signal(SIGTERM, signal_handler);
> > register_signal(SIGHUP, signal_handler);
> >
> > + protos_init(ctx.device);
> > +
> > if (prio_high) {
> > set_proc_prio(-20);
> > set_sched_status(SCHED_FIFO,
> > sched_get_priority_max(SCHED_FIFO));
> > diff --git a/trafgen/Makefile b/trafgen/Makefile
> > index bc256b2..2ea684f 100644
> > --- a/trafgen/Makefile
> > +++ b/trafgen/Makefile
> > @@ -19,6 +19,7 @@ trafgen-objs =xmalloc.o \
> > timer.o \
> > sysctl.o \
> > cpp.o \
> > + trafgen_proto.o \
> > trafgen_lexer.yy.o \
> > trafgen_parser.tab.o \
> > trafgen.o
> > diff --git a/trafgen_proto.c b/trafgen_proto.c
> > new file mode 100644
> > index 000..caf2685
> > --- /dev/null
> > +++ b/trafgen_proto.c
> > @@ -0,0 +1,288 @@
> > +/*
> > + * netsniff-ng - the packet sniffing beast
> > + * Subject to the GPL, version 2.
> > + */
> > +
> > +#include
> > +#include
> > +
> > +#include "xmalloc.h"
> > +#include "trafgen_conf.h"
> > +#include "trafgen_proto.h"
> > +
> > +#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
> > + ((f)->mask ? (f)->mask : (0x)))
> > +
> > +#define field_unmask_and_unshift(f, v) (((v) & \
> > + ((f)->mask ? (f)->mask : (0x))) >> (f)->shift)
> > +
> > +static struct proto_ctx ctx;
> > +
> > +#define PROTO_MAX_LAYERS 8
> > +
> > +static struct proto_gen *headers[PROTO_MAX_LAYERS];
> > +static int headers_count;
> > +
> > +static struct proto_gen *protos;
> > +
> > +struct proto_gen *proto_get_by_id(enum proto_id id)
> > +{
> > + struct proto_gen *p = protos;
> > +
> > + for (; p; p = p->next)
> > + if (p->id == id)
> > + return p;
> > +
> > + panic("Can't lookup proto by id %u\n", id);
>
> Why do panic here? Wouldn't it be better to return NULL and let the
> callers handle it gracefully?
Well, just because it should not happen in normal case but only when
adding new proto syntax (parser strictly specifies the proto id).
>
> > +}
> > +
> > +void proto_register(struct proto_gen *prot)
> > +{
> > + prot->next = protos;
> > + protos = prot;
> > +
> > + prot->fields = NULL;
> > + prot->fields_count = 0;
> > +}
> > +
> > +static void proto_fields_realloc(struct proto_gen *prot, int count)
> > +{
> > + pr
[netsniff-ng] [PATCH 00/13] trafgen: Add proto header generation
Add new trafgen proto generation framework which allows to describe
proto header fields and easy build the proto header by set/get proto
header fields value.
Meanwhile implemented Ethernet, ARP & IPv4 proto headers generation,
with fixed header size. Each proto has its own syntax rules
to specify header field, but really looks similary:
{ (=,, =) }
Proto statement might be combined with other packet funcs like:
{ ip(mf, proto=0x1), fill(0xff, 100) }
Each proto generates some default header so it is not possible to fill packet
only with some set of header fields and rest - via fill(..) func.
Currently there is no runtime invoking of proto fields description but is
planned to
be added in separate series.
Vadim Kochan (13):
trafgen: Export set_fill func
trafgen: Add helper to get current packet
dev: Add func to get device's hw address
trafgen: Add basic proto generation logic
trafgen: proto: Add func for set device mac to field
trafgen: l2: Add Ethernet proto header generation
str: Add str2mac helper function
trafgen: parser: Add syntax to generate Ethernet header
trafgen: proto: Add func to fill field with device ipv4 addr
trafgen: l2: Add ARP header generation logic
trafgen: parser: Add syntax to generate ARP header fields
trafgen: l3: Add IPv4 header generation backend
trafgen: parser: Add syntax for IPv4 proto
dev.c| 23
dev.h| 1 +
str.c| 25
str.h| 1 +
trafgen.c| 3 +
trafgen/Makefile | 3 +
trafgen_conf.h | 4 +
trafgen_l2.c | 76
trafgen_l2.h | 24
trafgen_l3.c | 71 +++
trafgen_l3.h | 26
trafgen_lexer.l | 45 +++
trafgen_parser.y | 151 ++-
trafgen_proto.c | 360 +++
trafgen_proto.h | 88 ++
15 files changed, 899 insertions(+), 2 deletions(-)
create mode 100644 trafgen_l2.c
create mode 100644 trafgen_l2.h
create mode 100644 trafgen_l3.c
create mode 100644 trafgen_l3.h
create mode 100644 trafgen_proto.c
create mode 100644 trafgen_proto.h
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 07/13] str: Add str2mac helper function
Add func for convert string to MAC address.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
str.c | 25 +
str.h | 1 +
2 files changed, 26 insertions(+)
diff --git a/str.c b/str.c
index e4d8722..aca069a 100644
--- a/str.c
+++ b/str.c
@@ -7,6 +7,7 @@
#include
#include
#include
+#include
#include "str.h"
#include "die.h"
@@ -129,3 +130,27 @@ void argv_free(char **argv)
free(tmp);
}
+
+int str2mac(char *str, uint8_t *mac)
+{
+ int i, count;
+ unsigned int tmp[6];
+
+ if (!str)
+ return -1;
+
+ count = sscanf(str, "%02X:%02X:%02X:%02X:%02X:%02X",
+ [0], [1], [2], [3], [4], [5]);
+
+ if (count != 6)
+ count = sscanf(str, "%02x:%02x:%02x:%02x:%02x:%02x",
+ [0], [1], [2], [3], [4], [5]);
+
+ if (count != 6)
+ return -1;
+
+ for (i = 0; i < 6; i++)
+ mac[i] = (uint8_t)tmp[i];
+
+ return 0;
+}
diff --git a/str.h b/str.h
index 3ffb2b9..9b29222 100644
--- a/str.h
+++ b/str.h
@@ -11,5 +11,6 @@ extern noinline void *xmemset(void *s, int c, size_t n);
extern char *argv2str(int startind, int argc, char **argv);
extern char **argv_insert(char **argv, size_t *count, const char *str);
extern void argv_free(char **argv);
+extern int str2mac(char *str, uint8_t *mac);
#endif /* STR_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 05/13] trafgen: proto: Add func for set device mac to field
Add helper function for easy set device's MAC address to proto
field which may be used by Ethernet & ARP protos generation.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_proto.c | 32
trafgen_proto.h | 3 +++
2 files changed, 35 insertions(+)
diff --git a/trafgen_proto.c b/trafgen_proto.c
index caf2685..e48a13e 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -5,7 +5,9 @@
#include
#include
+#include
+#include "dev.h"
#include "xmalloc.h"
#include "trafgen_conf.h"
#include "trafgen_proto.h"
@@ -251,6 +253,36 @@ void proto_field_set_default_be32(enum proto_id pid,
uint32_t fid, uint32_t val)
__proto_field_set_bytes(pid, fid, (uint8_t *), true, true);
}
+static void __proto_field_set_dev_mac(enum proto_id pid, uint32_t fid,
+ bool is_default)
+{
+ struct proto_gen *prot = proto_get_by_id(pid);
+ uint8_t mac[ETH_ALEN];
+ int ret;
+
+ if (proto_field_is_set(pid, fid))
+ return;
+
+ if (!prot->ctx->dev)
+ panic("Device is not specified\n");
+
+ ret = device_hw_address(prot->ctx->dev, mac);
+ if (ret < 0)
+ panic("Could not get device hw adress\n");
+
+ __proto_field_set_bytes(prot->id, fid, mac, is_default, false);
+}
+
+void proto_field_set_dev_mac(enum proto_id pid, uint32_t fid)
+{
+ __proto_field_set_dev_mac(pid, fid, false);
+}
+
+void proto_field_set_default_dev_mac(enum proto_id pid, uint32_t fid)
+{
+ __proto_field_set_dev_mac(pid, fid, true);
+}
+
void protos_init(char *dev)
{
struct proto_gen *p;
diff --git a/trafgen_proto.h b/trafgen_proto.h
index 76f3376..821872a 100644
--- a/trafgen_proto.h
+++ b/trafgen_proto.h
@@ -79,4 +79,7 @@ extern void proto_field_set_default_be16(enum proto_id pid,
uint32_t fid,
extern void proto_field_set_default_be32(enum proto_id pid, uint32_t fid,
uint32_t val);
+extern void proto_field_set_dev_mac(enum proto_id pid, uint32_t fid);
+extern void proto_field_set_default_dev_mac(enum proto_id pid, uint32_t fid);
+
#endif /* TRAFGEN_PROTO_I_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 02/13] trafgen: Add helper to get current packet
Add current_packet() helper for getting current
used packet and make it public to other modules.
It will be used by proto generation logic.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_conf.h | 2 ++
trafgen_parser.y | 5 +
2 files changed, 7 insertions(+)
diff --git a/trafgen_conf.h b/trafgen_conf.h
index 887fa3d..50b437b 100644
--- a/trafgen_conf.h
+++ b/trafgen_conf.h
@@ -62,4 +62,6 @@ extern void cleanup_packets(void);
extern void set_fill(uint8_t val, size_t len);
+extern struct packet *current_packet(void);
+
#endif /* TRAFGEN_CONF */
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 49ee577..4725f7c 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -137,6 +137,11 @@ static void realloc_packet(void)
__init_new_csum_slot(_dyn[packetd_last]);
}
+struct packet *current_packet(void)
+{
+ return [packet_last];
+}
+
static void set_byte(uint8_t val)
{
struct packet *pkt = [packet_last];
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 12/13] trafgen: l3: Add IPv4 header generation backend
Add L3 module for implement L3 layer protos generation.
Implemented generating of IPv4 header with all fields except options.
By default IPv4 address of output device is used as src ip address.
On finish (after packet is specified) - total len & checksum is calculated.
Meanwhile Ethernet proto is initialized as default underlying proto.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l3.c | 71
trafgen_l3.h | 26 +
trafgen_proto.c | 2 ++
4 files changed, 100 insertions(+)
create mode 100644 trafgen_l3.c
create mode 100644 trafgen_l3.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 1c95118..4f342ca 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -21,6 +21,7 @@ trafgen-objs =xmalloc.o \
cpp.o \
trafgen_proto.o \
trafgen_l2.o \
+ trafgen_l3.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l3.c b/trafgen_l3.c
new file mode 100644
index 000..1b393e9
--- /dev/null
+++ b/trafgen_l3.c
@@ -0,0 +1,71 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include
+
+#include "csum.h"
+#include "built_in.h"
+#include "trafgen_l2.h"
+#include "trafgen_l3.h"
+#include "trafgen_proto.h"
+#include "trafgen_conf.h"
+
+static struct proto_field ipv4_fields[] = {
+ { .id = IP4_VER, .len = 1, .offset = 0, .shift = 4, .mask = 0xf0
},
+ { .id = IP4_IHL, .len = 1, .offset = 0, .shift = 0, .mask = 0x0f
},
+ { .id = IP4_DSCP, .len = 1, .offset = 1, .shift = 2, .mask = 0xfc
},
+ { .id = IP4_ECN, .len = 1, .offset = 1, .shift = 0, .mask = 0x03
},
+ { .id = IP4_TOS, .len = 1, .offset = 1 },
+ { .id = IP4_LEN, .len = 2, .offset = 2 },
+ { .id = IP4_ID,.len = 2, .offset = 4 },
+ { .id = IP4_FLAGS, .len = 2, .offset = 6, .shift = 13, .mask =
0xe000 },
+ { .id = IP4_MF,.len = 2, .offset = 6, .shift = 13, .mask =
0x2000 },
+ { .id = IP4_DF,.len = 2, .offset = 6, .shift = 14, .mask =
0x4000 },
+ { .id = IP4_FRAG_OFFS, .len = 2, .offset = 6, .shift = 0, .mask =
0x1fff },
+ { .id = IP4_TTL, .len = 1, .offset = 8 },
+ { .id = IP4_PROTO, .len = 1, .offset = 9 },
+ { .id = IP4_CSUM, .len = 2, .offset = 10 },
+ { .id = IP4_SADDR, .len = 4, .offset = 12 },
+ { .id = IP4_DADDR, .len = 4, .offset = 16 },
+};
+
+static void ipv4_header_init(struct proto_gen *prot)
+{
+ proto_header_init(PROTO_ETH);
+
+ proto_field_set_default_be16(PROTO_ETH, ETH_PROTO_ID, ETH_P_IP);
+
+ proto_fields_add(prot->id, ipv4_fields, array_size(ipv4_fields));
+
+ proto_field_set_default_u8(prot->id, IP4_VER, 4);
+ proto_field_set_default_u8(prot->id, IP4_IHL, 5);
+ proto_field_set_default_dev_ipv4(prot->id, IP4_SADDR);
+}
+
+static void ipv4_header_finish(struct proto_gen *prot)
+{
+ struct packet *pkt = current_packet();
+ uint16_t total_len;
+ uint16_t csum;
+ uint8_t ihl;
+
+ total_len = pkt->len - prot->pkt_offset;
+ proto_field_set_default_be16(prot->id, IP4_LEN, total_len);
+
+ ihl = proto_field_get_u8(prot->id, IP4_IHL);
+ csum = htons(calc_csum(>payload[prot->pkt_offset], ihl * 4));
+ proto_field_set_default_u16(prot->id, IP4_CSUM, bswap_16(csum));
+}
+
+static struct proto_gen ipv4_prot = {
+ .id = PROTO_IP4,
+ .header_init= ipv4_header_init,
+ .header_finish = ipv4_header_finish,
+};
+
+void protos_l3_init(void)
+{
+ proto_register(_prot);
+}
diff --git a/trafgen_l3.h b/trafgen_l3.h
new file mode 100644
index 000..d215d09
--- /dev/null
+++ b/trafgen_l3.h
@@ -0,0 +1,26 @@
+#ifndef TRAFGEN_L3_I_H
+#define TRAFGEN_L3_I_H
+
+enum ip4_field {
+ IP4_VER,
+ IP4_IHL,
+ IP4_DSCP,
+ IP4_ECN,
+ IP4_TOS,
+ IP4_LEN,
+ IP4_ID,
+ IP4_FLAGS,
+ IP4_FRAG_OFFS,
+ IP4_TTL,
+ IP4_PROTO,
+ IP4_CSUM,
+ IP4_SADDR,
+ IP4_DADDR,
+ IP4_DF,
+ IP4_MF,
+};
+
+extern void protos_l3_init(void);
+
+#endif /* TRAFGEN_L2_I_H */
+
diff --git a/trafgen_proto.c b/trafgen_proto.c
index 4c30116..ae18092 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -12,6 +12,7 @@
#include "xmalloc.h"
#include "trafgen_conf.h"
#include "trafgen_l2.h"
+#include "trafgen_l3.h"
#include "trafgen_proto.h"
#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
@@ -326,6 +327,7 @@ void protos_init(char *dev)
ctx.dev = dev;
protos_l2_init();
+ protos_l3_init();
[netsniff-ng] [PATCH 11/13] trafgen: parser: Add syntax to generate ARP header fields
Add syntax to generate ARP header fields:
{ arp(op=req, sip=1.1.1.1, smac=11:22:33:44:55:66) }
{ arp() }
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 15 +++
trafgen_parser.y | 38 +-
2 files changed, 52 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index 670b5dc..9bbd982 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -15,6 +15,7 @@
#include
#include
#include
+#include
#include "trafgen_parser.tab.h"
#include "xmalloc.h"
@@ -78,6 +79,7 @@ number_ascii ([a-zA-Z])
mac_hex([a-fA-F0-9]+)
mac({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
+ip_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
%%
@@ -107,7 +109,16 @@ mac
({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
"saddr"|"sa" { return F_SADDR; }
"prot"[o]? { return F_PROT; }
+"sha"|"smac" { return F_SHA; }
+"sta"|"sip"{ return F_SPA; }
+"tha"|"tmac" { return F_THA; }
+"tpa"|"tip"{ return F_TPA; }
+"req" { return F_REQ; }
+"resp"|"reply" { return F_RESP; }
+"op" { return F_OPER; }
+
"eth" { return P_ETH; }
+"arp" { return P_ARP; }
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
@@ -161,6 +172,10 @@ mac
({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
panic("Failed to parse MAC addres %s\n", yytext);
return mac; }
+{ip_addr} { if (inet_pton(AF_INET, yytext, _addr) != 1)
+ panic("Failed to parse IPv4 address %s\n", yytext);
+ return ip_addr; };
+
"'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
return number; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 269cb13..185b4a8 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -17,6 +17,8 @@
#include
#include
#include
+#include
+#include
#include "xmalloc.h"
#include "trafgen_parser.tab.h"
@@ -337,6 +339,7 @@ static void proto_init(enum proto_id pid)
%}
%union {
+ struct in_addr ip_addr;
long long int number;
uint8_t bytes[256];
char *str;
@@ -346,15 +349,19 @@ static void proto_init(enum proto_id pid)
%token K_CPU K_CSUMIP K_CSUMUDP K_CSUMTCP K_CSUMUDP6 K_CSUMTCP6 K_CONST8
K_CONST16 K_CONST32 K_CONST64
%token F_DADDR F_SADDR F_PROT
+%token F_OPER F_SHA F_SPA F_THA F_TPA F_REQ F_RESP
+
%token P_ETH
+%token P_ARP
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
-%token number string mac
+%token number string mac ip_addr
%type number expression
%type string
%type mac
+%type ip_addr
%left '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -566,6 +573,7 @@ ddec
proto
: eth_proto { }
+ | arp_proto { }
;
eth_proto
@@ -591,6 +599,34 @@ eth_field
{ proto_field_set_be16(PROTO_ETH, ETH_PROTO_ID, $5); }
;
+arp_proto
+ : arp '(' arp_param_list ')' { }
+ ;
+
+arp_param_list
+ : { }
+ | arp_field { }
+ | arp_field delimiter arp_param_list { }
+ ;
+
+arp_field
+ : F_OPER skip_white '=' skip_white F_REQ
+ { proto_field_set_be16(PROTO_ARP, ARP_OPER, ARPOP_REQUEST); }
+ | F_OPER skip_white '=' skip_white F_RESP
+ { proto_field_set_be16(PROTO_ARP, ARP_OPER, ARPOP_REPLY); }
+ | F_SHA skip_white '=' skip_white mac
+ { proto_field_set_bytes(PROTO_ARP, ARP_SHA, $5); }
+ | F_THA skip_white '=' skip_white mac
+ { proto_field_set_bytes(PROTO_ARP, ARP_THA, $5); }
+ | F_SPA skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(PROTO_ARP, ARP_SPA, $5.s_addr); }
+ | F_TPA skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(PROTO_ARP, ARP_TPA, $5.s_addr); }
+ ;
+arp
+ : P_ARP { proto_init(PROTO_ARP); }
+ ;
+
%%
static void finalize_packet(void)
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 06/13] trafgen: l2: Add Ethernet proto header generation
Add trafgen_l2.c module for generating L2 related headers.
Add Ethernet header generating. By default source MAC address
is used from the specified output device.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen/Makefile | 1 +
trafgen_l2.c | 31 +++
trafgen_l2.h | 12
trafgen_proto.c | 3 +++
4 files changed, 47 insertions(+)
create mode 100644 trafgen_l2.c
create mode 100644 trafgen_l2.h
diff --git a/trafgen/Makefile b/trafgen/Makefile
index 2ea684f..1c95118 100644
--- a/trafgen/Makefile
+++ b/trafgen/Makefile
@@ -20,6 +20,7 @@ trafgen-objs =xmalloc.o \
sysctl.o \
cpp.o \
trafgen_proto.o \
+ trafgen_l2.o \
trafgen_lexer.yy.o \
trafgen_parser.tab.o \
trafgen.o
diff --git a/trafgen_l2.c b/trafgen_l2.c
new file mode 100644
index 000..5d245b8
--- /dev/null
+++ b/trafgen_l2.c
@@ -0,0 +1,31 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Subject to the GPL, version 2.
+ */
+
+#include "built_in.h"
+#include "trafgen_l2.h"
+#include "trafgen_proto.h"
+
+struct proto_field eth_fields[] = {
+ { .id = ETH_DST_ADDR, .len = 6, },
+ { .id = ETH_SRC_ADDR, .len = 6, .offset = 6 },
+ { .id = ETH_PROTO_ID, .len = 2, .offset = 12 },
+};
+
+static void eth_header_init(struct proto_gen *prot)
+{
+ proto_fields_add(prot->id, eth_fields, array_size(eth_fields));
+
+ proto_field_set_default_dev_mac(prot->id, ETH_SRC_ADDR);
+}
+
+static struct proto_gen eth_prot = {
+ .id = PROTO_ETH,
+ .header_init= eth_header_init,
+};
+
+void protos_l2_init(void)
+{
+ proto_register(_prot);
+}
diff --git a/trafgen_l2.h b/trafgen_l2.h
new file mode 100644
index 000..75d3d33
--- /dev/null
+++ b/trafgen_l2.h
@@ -0,0 +1,12 @@
+#ifndef TRAFGEN_L2_I_H
+#define TRAFGEN_L2_I_H
+
+enum eth_field {
+ ETH_DST_ADDR,
+ ETH_SRC_ADDR,
+ ETH_PROTO_ID,
+};
+
+extern void protos_l2_init(void);
+
+#endif /* TRAFGEN_L2_I_H */
diff --git a/trafgen_proto.c b/trafgen_proto.c
index e48a13e..ce6d682 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -10,6 +10,7 @@
#include "dev.h"
#include "xmalloc.h"
#include "trafgen_conf.h"
+#include "trafgen_l2.h"
#include "trafgen_proto.h"
#define field_shift_and_mask(f, v) (((v) << (f)->shift) & \
@@ -289,6 +290,8 @@ void protos_init(char *dev)
ctx.dev = dev;
+ protos_l2_init();
+
for (p = protos; p; p = p->next)
p->ctx =
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 10/13] trafgen: l2: Add ARP header generation logic
Add ARP proto header fields generation via src mac, src ip,
dst mac, dst ip & operaion.
By default Ethernet proto will be initialized, and ARP probe
request is filled.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_l2.c | 45 +
trafgen_l2.h | 12
2 files changed, 57 insertions(+)
diff --git a/trafgen_l2.c b/trafgen_l2.c
index 5d245b8..adee113 100644
--- a/trafgen_l2.c
+++ b/trafgen_l2.c
@@ -3,10 +3,15 @@
* Subject to the GPL, version 2.
*/
+#include
+#include
+
#include "built_in.h"
#include "trafgen_l2.h"
#include "trafgen_proto.h"
+#define ETH_BCAST { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }
+
struct proto_field eth_fields[] = {
{ .id = ETH_DST_ADDR, .len = 6, },
{ .id = ETH_SRC_ADDR, .len = 6, .offset = 6 },
@@ -25,7 +30,47 @@ static struct proto_gen eth_prot = {
.header_init= eth_header_init,
};
+static struct proto_field arp_fields[] = {
+ { .id = ARP_HTYPE, .len = 2 },
+ { .id = ARP_PTYPE, .len = 2, .offset = 2 },
+ { .id = ARP_HLEN, .len = 1, .offset = 4 },
+ { .id = ARP_PLEN, .len = 1, .offset = 5 },
+ { .id = ARP_OPER, .len = 2, .offset = 6 },
+ { .id = ARP_SHA, .len = 6, .offset = 8 },
+ { .id = ARP_SPA, .len = 4, .offset = 14 },
+ { .id = ARP_THA, .len = 6, .offset = 18 },
+ { .id = ARP_TPA, .len = 4, .offset = 24 },
+};
+
+static void arp_header_init(struct proto_gen *prot)
+{
+ uint8_t mac[6] = ETH_BCAST;
+
+ proto_header_init(PROTO_ETH);
+
+ proto_field_set_default_bytes(PROTO_ETH, ETH_DST_ADDR, mac);
+ proto_field_set_default_be16(PROTO_ETH, ETH_PROTO_ID, ETH_P_ARP);
+
+ proto_fields_add(prot->id, arp_fields, array_size(arp_fields));
+
+ /* Generate probe request by default */
+ proto_field_set_default_be16(prot->id, ARP_HTYPE, ARPHRD_ETHER);
+ proto_field_set_default_be16(prot->id, ARP_PTYPE, ETH_P_IP);
+ proto_field_set_default_u8(prot->id, ARP_HLEN, 6);
+ proto_field_set_default_u8(prot->id, ARP_PLEN, 4);
+ proto_field_set_default_be16(prot->id, ARP_OPER, ARPOP_REQUEST);
+proto_field_set_default_dev_mac(prot->id, ARP_SHA);
+ proto_field_set_default_dev_ipv4(prot->id, ARP_SPA);
+ proto_field_set_default_dev_ipv4(prot->id, ARP_TPA);
+}
+
+static struct proto_gen arp_prot = {
+ .id = PROTO_ARP,
+ .header_init= arp_header_init,
+};
+
void protos_l2_init(void)
{
proto_register(_prot);
+ proto_register(_prot);
}
diff --git a/trafgen_l2.h b/trafgen_l2.h
index 75d3d33..63cef2f 100644
--- a/trafgen_l2.h
+++ b/trafgen_l2.h
@@ -7,6 +7,18 @@ enum eth_field {
ETH_PROTO_ID,
};
+enum arp_field {
+ ARP_HTYPE,
+ ARP_PTYPE,
+ ARP_HLEN,
+ ARP_PLEN,
+ ARP_OPER,
+ ARP_SHA,
+ ARP_SPA,
+ ARP_THA,
+ ARP_TPA,
+};
+
extern void protos_l2_init(void);
#endif /* TRAFGEN_L2_I_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 13/13] trafgen: parser: Add syntax for IPv4 proto
Add syntax to specify IPv4 header fields:
{ ip(df, mf, frag=100, prot=0x1, ecn=2, dscp=20) }
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 15 +++
trafgen_parser.y | 51 +++
2 files changed, 66 insertions(+)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index 9bbd982..b9bcd10 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -117,8 +117,23 @@ ip_addr([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
"resp"|"reply" { return F_RESP; }
"op" { return F_OPER; }
+"ihl" { return F_IHL; }
+"ver" { return F_VER; }
+"ttl" { return F_TTL; }
+"dscp" { return F_DSCP; }
+"ecn" { return F_ECN; }
+"tos" { return F_TOS; }
+"len" { return F_LEN; }
+"id" { return F_ID; }
+"flags"{ return F_FLAGS; }
+"frag" { return F_FRAG; }
+"csum" { return F_CSUM; }
+"df" { return F_DF; }
+"mf" { return F_MF; }
+
"eth" { return P_ETH; }
"arp" { return P_ARP; }
+"ip" { return P_IP4; }
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 185b4a8..e36babf 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -25,6 +25,7 @@
#include "trafgen_conf.h"
#include "trafgen_proto.h"
#include "trafgen_l2.h"
+#include "trafgen_l3.h"
#include "built_in.h"
#include "die.h"
#include "str.h"
@@ -350,9 +351,11 @@ static void proto_init(enum proto_id pid)
%token F_DADDR F_SADDR F_PROT
%token F_OPER F_SHA F_SPA F_THA F_TPA F_REQ F_RESP
+%token F_TTL F_DSCP F_ECN F_TOS F_LEN F_ID F_FLAGS F_FRAG F_IHL F_VER F_CSUM
F_DF F_MF
%token P_ETH
%token P_ARP
+%token P_IP4
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -574,6 +577,7 @@ ddec
proto
: eth_proto { }
| arp_proto { }
+ | ip4_proto { }
;
eth_proto
@@ -627,6 +631,53 @@ arp
: P_ARP { proto_init(PROTO_ARP); }
;
+ip4_proto
+ : ip4 '(' ip4_param_list ')' { }
+ ;
+
+ip4_param_list
+ : { }
+ | ip4_field { }
+ | ip4_field delimiter ip4_param_list { }
+ ;
+
+ip4_field
+ : F_VER skip_white '=' skip_white number
+ { proto_field_set_u8(PROTO_IP4, IP4_VER, $5); }
+ | F_IHL skip_white '=' skip_white number
+ { proto_field_set_u8(PROTO_IP4, IP4_IHL, $5); }
+ | F_DADDR skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(PROTO_IP4, IP4_DADDR, $5.s_addr); }
+ | F_SADDR skip_white '=' skip_white ip_addr
+ { proto_field_set_u32(PROTO_IP4, IP4_SADDR, $5.s_addr); }
+ | F_PROT skip_white '=' skip_white number
+ { proto_field_set_u8(PROTO_IP4, IP4_PROTO, $5); }
+ | F_TTL skip_white '=' skip_white number
+ { proto_field_set_u8(PROTO_IP4, IP4_TTL, $5); }
+ | F_DSCP skip_white '=' skip_white number
+ { proto_field_set_u8(PROTO_IP4, IP4_DSCP, $5); }
+ | F_ECN skip_white '=' skip_white number
+ { proto_field_set_u8(PROTO_IP4, IP4_ECN, $5); }
+ | F_TOS skip_white '=' skip_white number
+ { proto_field_set_u8(PROTO_IP4, IP4_TOS, $5); }
+ | F_LEN skip_white '=' skip_white number
+ { proto_field_set_be16(PROTO_IP4, IP4_LEN, $5); }
+ | F_ID skip_white '=' skip_white number
+ { proto_field_set_be16(PROTO_IP4, IP4_ID, $5); }
+ | F_FLAGS skip_white '=' skip_white number
+ { proto_field_set_be16(PROTO_IP4, IP4_FLAGS, $5); }
+ | F_DF { proto_field_set_be16(PROTO_IP4, IP4_DF, 1); }
+ | F_MF { proto_field_set_be16(PROTO_IP4, IP4_MF, 1); }
+ | F_FRAG skip_white '=' skip_white number
+ { proto_field_set_be16(PROTO_IP4, IP4_FRAG_OFFS, $5); }
+ | F_CSUM skip_white '=' skip_white number
+ { proto_field_set_be16(PROTO_IP4, IP4_CSUM, $5); }
+ ;
+
+ip4
+ : P_IP4 { proto_init(PROTO_IP4); }
+ ;
+
%%
static void finalize_packet(void)
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 09/13] trafgen: proto: Add func to fill field with device ipv4 addr
Add helper which fill device's ipv4 addr to the specified proto field.
It will be used by such protos like ARP, IPv4, etc.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_proto.c | 35 +++
trafgen_proto.h | 3 +++
2 files changed, 38 insertions(+)
diff --git a/trafgen_proto.c b/trafgen_proto.c
index ce6d682..4c30116 100644
--- a/trafgen_proto.c
+++ b/trafgen_proto.c
@@ -5,6 +5,7 @@
#include
#include
+#include
#include
#include "dev.h"
@@ -284,6 +285,40 @@ void proto_field_set_default_dev_mac(enum proto_id pid,
uint32_t fid)
__proto_field_set_dev_mac(pid, fid, true);
}
+static void __proto_field_set_dev_ipv4(enum proto_id pid, uint32_t fid,
+ bool is_default)
+{
+ struct sockaddr_storage ss = { };
+ struct sockaddr_in *ss4;
+ struct proto_gen *prot;
+ uint32_t ip_addr;
+ int ret;
+
+ if (proto_field_is_set(pid, fid))
+ return;
+
+ prot = proto_get_by_id(pid);
+
+ ret = device_address(prot->ctx->dev, AF_INET, );
+ if (ret < 0)
+ panic("Could not get device IPv4 address\n");
+
+ ss4 = (struct sockaddr_in *)
+ ip_addr = ss4->sin_addr.s_addr;
+
+ __proto_field_set_bytes(pid, fid, (uint8_t *)_addr, is_default,
false);
+}
+
+void proto_field_set_dev_ipv4(enum proto_id pid, uint32_t fid)
+{
+ __proto_field_set_dev_ipv4(pid, fid, false);
+}
+
+void proto_field_set_default_dev_ipv4(enum proto_id pid, uint32_t fid)
+{
+ __proto_field_set_dev_ipv4(pid, fid, true);
+}
+
void protos_init(char *dev)
{
struct proto_gen *p;
diff --git a/trafgen_proto.h b/trafgen_proto.h
index 821872a..4300a4e 100644
--- a/trafgen_proto.h
+++ b/trafgen_proto.h
@@ -82,4 +82,7 @@ extern void proto_field_set_default_be32(enum proto_id pid,
uint32_t fid,
extern void proto_field_set_dev_mac(enum proto_id pid, uint32_t fid);
extern void proto_field_set_default_dev_mac(enum proto_id pid, uint32_t fid);
+extern void proto_field_set_dev_ipv4(enum proto_id pid, uint32_t fid);
+extern void proto_field_set_default_dev_ipv4(enum proto_id pid, uint32_t fid);
+
#endif /* TRAFGEN_PROTO_I_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 08/13] trafgen: parser: Add syntax to generate Ethernet header
Add syntax for generating Ethernet header fields like:
{ eth(prot=0x0800, da=11:22:33:44:55:66), fill(0xff, 60) }
{ eth(prot=0x0800) }
{ eth() }
It is important that proto_init is called before fields will be filled
to initialize the specified proto with header fields.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen_lexer.l | 15 +++
trafgen_parser.y | 57 +++-
2 files changed, 71 insertions(+), 1 deletion(-)
diff --git a/trafgen_lexer.l b/trafgen_lexer.l
index 6c27b0c..670b5dc 100644
--- a/trafgen_lexer.l
+++ b/trafgen_lexer.l
@@ -19,6 +19,7 @@
#include "trafgen_parser.tab.h"
#include "xmalloc.h"
#include "built_in.h"
+#include "str.h"
extern void yyerror(const char *);
@@ -75,6 +76,9 @@ number_bin([0]?[b][0-1]+)
number_dec (([0])|([1-9][0-9]*))
number_ascii ([a-zA-Z])
+mac_hex([a-fA-F0-9]+)
+mac({mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex}:{mac_hex})
+
%%
"cpu" { return K_CPU; }
@@ -99,6 +103,12 @@ number_ascii([a-zA-Z])
"const32"|"c32"{ return K_CONST32; }
"const64"|"c64"{ return K_CONST64; }
+"daddr"|"da" { return F_DADDR; }
+"saddr"|"sa" { return F_SADDR; }
+"prot"[o]? { return F_PROT; }
+
+"eth" { return P_ETH; }
+
[ ]*"-"[ ]*{ return '-'; }
[ ]*"+"[ ]*{ return '+'; }
[ ]*"*"[ ]*{ return '*'; }
@@ -117,6 +127,7 @@ number_ascii([a-zA-Z])
"]"{ return ']'; }
","{ return ','; }
":"{ return ':'; }
+"="{ return '='; }
"\n" { yylineno++; }
@@ -146,6 +157,10 @@ number_ascii ([a-zA-Z])
{number_ascii} { yylval.number = (uint8_t) (*yytext);
return number; }
+{mac} { if (str2mac(yytext, yylval.bytes))
+ panic("Failed to parse MAC addres %s\n", yytext);
+ return mac; }
+
"'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
return number; }
diff --git a/trafgen_parser.y b/trafgen_parser.y
index 4725f7c..269cb13 100644
--- a/trafgen_parser.y
+++ b/trafgen_parser.y
@@ -21,6 +21,8 @@
#include "xmalloc.h"
#include "trafgen_parser.tab.h"
#include "trafgen_conf.h"
+#include "trafgen_proto.h"
+#include "trafgen_l2.h"
#include "built_in.h"
#include "die.h"
#include "str.h"
@@ -59,6 +61,8 @@ extern size_t dlen;
static int our_cpu, min_cpu = -1, max_cpu = -1;
+static enum proto_id proto;
+
static inline int test_ignore(void)
{
if (min_cpu < 0 && max_cpu < 0)
@@ -324,22 +328,33 @@ static void set_dynamic_incdec(uint8_t start, uint8_t
stop, uint8_t stepping,
__setup_new_counter(>cnt[packetdc_last], start, stop, stepping,
type);
}
+static void proto_init(enum proto_id pid)
+{
+ proto = pid;
+ proto_header_init(proto);
+}
+
%}
%union {
long long int number;
+ uint8_t bytes[256];
char *str;
}
%token K_COMMENT K_FILL K_RND K_SEQINC K_SEQDEC K_DRND K_DINC K_DDEC K_WHITE
%token K_CPU K_CSUMIP K_CSUMUDP K_CSUMTCP K_CSUMUDP6 K_CSUMTCP6 K_CONST8
K_CONST16 K_CONST32 K_CONST64
+%token F_DADDR F_SADDR F_PROT
+%token P_ETH
+
%token ',' '{' '}' '(' ')' '[' ']' ':' '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
-%token number string
+%token number string mac
%type number expression
%type string
+%type mac
%left '-' '+' '*' '/' '%' '&' '|' '<' '>' '^'
@@ -372,9 +387,16 @@ noenforce_white
| delimiter_nowhite { }
;
+skip_white
+ : { }
+ | K_WHITE { }
+ ;
packet
: '{' noenforce_white payload noenforce_white '}' {
min_cpu = max_cpu = -1;
+
+ proto_packet_finish();
+
realloc_packet();
}
| K_CPU '(' number cpu_delim number ')' ':' noenforce_white '{'
noenforce_white payload noenforce_white '}' {
@@ -388,10 +410,15 @@ packet
max_cpu = tmp;
}
+ proto_packet_finish();
+
realloc_packet();
}
| K_CPU '(' number ')' ':' noenforce_white '{' noenforce_white payload
noenforce_white '}' {
min_cpu = max_cpu = $3;
+
+ proto_packet_finish();
+
realloc_packet();
}
;
@@ -422,6 +449,7 @@ elem
| ddec { }
| csum { }
| const { }
+ | proto { }
| inline_comment { }
;
@@ -536,6 +564,33 @@ ddec
[netsniff-ng] [PATCH 0/2] trafgen: Small changes for unit parsing (gap, ring size)
Small simplification of unit parsing for gap & ring size option by using strtoul for setting start of unit name instead of checking it char by char. Vadim Kochan (2): trafgen: Simplify 'gap' option unit parsing trafgen: Simplify ring size unit parsing trafgen.c | 30 ++ 1 file changed, 10 insertions(+), 20 deletions(-) -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] Adjusting PPS ?
On Mon, Dec 14, 2015 at 4:13 PM, Burak Özalp <burak.oz...@labrisnetworks.com> wrote: > Thank you it works!! > > > On 14-12-2015 15:51, Daniel Borkmann wrote: >> >> On 12/14/2015 02:45 PM, Burak Özalp wrote: >>> >>> Hi everbody, >>> >>> I recently use trafgen, it is very useful and with your helps, I manage >>> to create 6Mpps as you know. My problem is, is it possible to set pps value >>> with argument or config file? I need very small values (like 140pps) and i >>> want to use trafgen instead of hping, because it deserves it :) >>> >>> How can i restrict pps value? >> >> >> Setting a concrete pps value is currently not supported, but you can >> specify a interpacket gap that trafgen should wait between packets, >> perhaps that helps a bit in reducing your load: >> >> $ trafgen -h >> [...] >> -t|--gap Set approx. interpacket gap (s/ms/us/ns, >> def: us) >> [...] >> >>> Best Regards >>> Burak Ozalp > > Hi Burak, New "-b,--rate" option was added for trafgen (you can pull latest sources from development repo) which allows to specify packet sending rate in: pps/B/kB/MB/GB/kBit/Mbit/Gbit/KiB/MiB/GiB. Regards, Vadim Kochan -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 1/2] flowtop: Use one func to update flow entry
Seems there is no need to have 2 separate handlers
for the flow updating, so use one which was used
for flow refreshing. Significant change is that new entry
will be not added if it was not found in the list, but such
case should not happen.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 84 +--
1 file changed, 33 insertions(+), 51 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 1d438ba..cc5ffa2 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -421,20 +421,6 @@ static struct flow_entry *flow_list_find_prev_id(const
struct flow_list *fl,
return NULL;
}
-static void flow_list_update_entry(struct flow_list *fl,
- const struct nf_conntrack *ct)
-{
- struct flow_entry *n;
-
- n = flow_list_find_id(fl, nfct_get_attr_u32(ct, ATTR_ID));
- if (n == NULL) {
- flow_list_new_entry(fl, ct);
- return;
- }
-
- flow_entry_from_ct(n, ct);
-}
-
static void flow_list_destroy_entry(struct flow_list *fl,
const struct nf_conntrack *ct)
{
@@ -1373,34 +1359,6 @@ static void presenter(void)
lookup_cleanup(LT_PORTS_TCP);
}
-static int flow_event_cb(enum nf_conntrack_msg_type type,
-struct nf_conntrack *ct, void *data __maybe_unused)
-{
- if (sigint)
- return NFCT_CB_STOP;
-
- synchronize_rcu();
- spinlock_lock(_list.lock);
-
- switch (type) {
- case NFCT_T_NEW:
- flow_list_new_entry(_list, ct);
- break;
- case NFCT_T_UPDATE:
- flow_list_update_entry(_list, ct);
- break;
- case NFCT_T_DESTROY:
- flow_list_destroy_entry(_list, ct);
- break;
- default:
- break;
- }
-
- spinlock_unlock(_list.lock);
-
- return NFCT_CB_CONTINUE;
-}
-
static void restore_sysctl(void *obj)
{
struct sysctl_params_ctx *sysctl_ctx = obj;
@@ -1463,17 +1421,10 @@ static void flow_entry_filter(struct flow_entry *n)
n->is_visible = true;
}
-static int flow_update_cb(enum nf_conntrack_msg_type type,
- struct nf_conntrack *ct, void *data __maybe_unused)
+static int flow_list_update_entry(struct flow_list *fl, struct nf_conntrack
*ct)
{
struct flow_entry *n;
- if (type != NFCT_T_UPDATE)
- return NFCT_CB_CONTINUE;
-
- if (sigint)
- return NFCT_CB_STOP;
-
n = flow_list_find_id(_list, nfct_get_attr_u32(ct, ATTR_ID));
if (!n)
return NFCT_CB_CONTINUE;
@@ -1486,6 +1437,37 @@ static int flow_update_cb(enum nf_conntrack_msg_type
type,
return NFCT_CB_CONTINUE;
}
+static int flow_event_cb(enum nf_conntrack_msg_type type,
+struct nf_conntrack *ct, void *data __maybe_unused)
+{
+ if (sigint)
+ return NFCT_CB_STOP;
+
+ synchronize_rcu();
+ spinlock_lock(_list.lock);
+
+ switch (type) {
+ case NFCT_T_NEW:
+ flow_list_new_entry(_list, ct);
+ break;
+ case NFCT_T_UPDATE:
+ flow_list_update_entry(_list, ct);
+ break;
+ case NFCT_T_DESTROY:
+ flow_list_destroy_entry(_list, ct);
+ break;
+ default:
+ break;
+ }
+
+ spinlock_unlock(_list.lock);
+
+ if (sigint)
+ return NFCT_CB_STOP;
+
+ return NFCT_CB_CONTINUE;
+}
+
static void collector_refresh_flows(struct nfct_handle *handle)
{
struct flow_entry *n;
@@ -1653,7 +1635,7 @@ static void *collector(void *null __maybe_unused)
if (!ct_update)
panic("Cannot create a nfct handle: %s\n", strerror(errno));
- nfct_callback_register(ct_update, NFCT_T_ALL, flow_update_cb, NULL);
+ nfct_callback_register(ct_update, NFCT_T_ALL, flow_event_cb, NULL);
poll_fd[0].fd = nfct_fd(ct_event);
poll_fd[0].events = POLLIN;
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 0/2] flowtop: Simplify flows dump & refreshing
Use one nfct handler for flows dump, refreshing & events to make code simpler. Vadim Kochan (2): flowtop: Use one func to update flow entry flowtop: Use one nfct handle for dump & refresh flows flowtop.c | 96 ++- 1 file changed, 33 insertions(+), 63 deletions(-) -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 2/2] flowtop: Use one nfct handle for dump & refresh flows
Simplify dump & flows refreshing via one nfct handle, which is enough.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 14 +-
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index cc5ffa2..4c15c06 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -1615,7 +1615,6 @@ static void collector_dump_flows(void)
static void *collector(void *null __maybe_unused)
{
- struct nfct_handle *ct_update;
struct nfct_handle *ct_event;
struct pollfd poll_fd[1];
@@ -1631,12 +1630,6 @@ static void *collector(void *null __maybe_unused)
nfct_callback_register(ct_event, NFCT_T_ALL, flow_event_cb, NULL);
- ct_update = nfct_open(CONNTRACK, NF_NETLINK_CONNTRACK_UPDATE);
- if (!ct_update)
- panic("Cannot create a nfct handle: %s\n", strerror(errno));
-
- nfct_callback_register(ct_update, NFCT_T_ALL, flow_event_cb, NULL);
-
poll_fd[0].fd = nfct_fd(ct_event);
poll_fd[0].events = POLLIN;
@@ -1644,10 +1637,6 @@ static void *collector(void *null __maybe_unused)
panic("Cannot set non-blocking socket: fcntl(): %s\n",
strerror(errno));
- if (fcntl(nfct_fd(ct_update), F_SETFL, O_NONBLOCK) == -1)
- panic("Cannot set non-blocking socket: fcntl(): %s\n",
- strerror(errno));
-
rcu_register_thread();
collector_dump_flows();
@@ -1666,7 +1655,7 @@ static void *collector(void *null __maybe_unused)
collector_dump_flows();
}
- collector_refresh_flows(ct_update);
+ collector_refresh_flows(ct_event);
status = poll(poll_fd, 1, 0);
if (status < 0) {
@@ -1688,7 +1677,6 @@ static void *collector(void *null __maybe_unused)
spinlock_destroy(_list.lock);
nfct_close(ct_event);
- nfct_close(ct_update);
pthread_exit(NULL);
}
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH v2] trafgen: Add option to specify packets sending rate
On Wed, Dec 23, 2015 at 10:31:23PM +0200, Vadim Kochan wrote:
> Added -b,--rate option in units of:
>
> pps/B/kB/MB/kBit/Mbit/Gbit/KiB/MiB/GiB
>
> to specify rate at which packets will be sent.
> Similary to -t,--gap option the packets will be sent
> in slow mode with 1 CPU.
>
> Tested with ifpps.
>
> Signed-off-by: Vadim Kochan <vadi...@gmail.com>
> ---
> v2:
> 1) Fixed KB -> kB
> 2) Added SHAPER_NONE type
>
> trafgen.8 | 4 ++
> trafgen.c | 140
> ++
> 2 files changed, 135 insertions(+), 9 deletions(-)
>
> diff --git a/trafgen.8 b/trafgen.8
> index 6f5d318..677fc7d 100644
> --- a/trafgen.8
> +++ b/trafgen.8
> @@ -136,6 +136,10 @@ probing for a given interval, iii) ping-like debugging
> with specific payload
> patterns. Furthermore, the TX_RING interface does not cope with interpacket
> gaps.
> .PP
> +.SS -b , --rate
> +Specify the rate of packet sending in
> pps/B/kB/MB/GB/kBit/Mbit/Gbit/KiB/MiB/GiB units.
> +Similary to -t,--gap option - packets are sent in slow mode.
> +.PP
> .SS -S , --ring-size
> Manually define the TX_RING resp. TX_RING size in ''KiB/MiB/GiB''. On
> default the size is being determined based on the network connectivity rate.
> diff --git a/trafgen.c b/trafgen.c
> index df2ecf4..f208336 100644
> --- a/trafgen.c
> +++ b/trafgen.c
> @@ -55,6 +55,27 @@
> #include "ring_tx.h"
> #include "csum.h"
>
> +#ifndef timeval_to_timespec
> +#define timeval_to_timespec(tv, ts) { \
> + (ts)->tv_sec = (tv)->tv_sec; \
> + (ts)->tv_nsec = (tv)->tv_usec * 1000; \
> +}
> +#endif
> +
> +enum shaper_type {
> + SHAPER_NONE,
> + SHAPER_PKTS,
> + SHAPER_BYTES,
> +};
> +
> +struct shaper {
> + enum shaper_type type;
> + unsigned long long sent;
> + unsigned long long rate;
> + struct timeval start;
> + struct timeval end;
> +};
> +
> struct ctx {
> bool rand, rfraw, jumbo_support, verbose, smoke_test, enforce,
> qdisc_path;
> size_t reserve_size;
> @@ -65,6 +86,7 @@ struct ctx {
> struct timespec gap;
> struct sockaddr_in dest;
> char *packet_str;
> + struct shaper sh;
> };
>
> struct cpu_stats {
> @@ -83,7 +105,7 @@ size_t plen = 0;
> struct packet_dyn *packet_dyn = NULL;
> size_t dlen = 0;
>
> -static const char *short_options =
> "d:c:n:t:vJhS:rk:i:o:VRs:P:eE:pu:g:CHQqD:";
> +static const char *short_options =
> "d:c:n:t:vJhS:rk:i:o:VRs:P:eE:pu:g:CHQqD:b:";
> static const struct option long_options[] = {
> {"dev", required_argument, NULL, 'd'},
> {"out", required_argument, NULL, 'o'},
> @@ -91,6 +113,7 @@ static const struct option long_options[] = {
> {"conf",required_argument, NULL, 'c'},
> {"num", required_argument, NULL, 'n'},
> {"gap", required_argument, NULL, 't'},
> + {"rate",required_argument, NULL, 'b'},
> {"cpus",required_argument, NULL, 'P'},
> {"ring-size", required_argument, NULL, 'S'},
> {"kernel-pull", required_argument, NULL, 'k'},
> @@ -172,6 +195,7 @@ static void __noreturn help(void)
>" -r|--rand Randomize packet selection (def:
> round robin)\n"
>" -P|--cpusSpecify number of forks(<= CPUs)
> (def: #CPUs)\n"
>" -t|--gap Set approx. interpacket gap
> (s/ms/us/ns, def: us)\n"
> + " -b|--rateSend traffic at specified rate
> (pps/B/kB/MB/GB/kBit/Mbit/Gbit/KiB/MiB/GiB)\n"
>" -S|--ring-size Manually set mmap size
> (KiB/MiB/GiB)\n"
>" -E|--seedManually set srand(3) seed\n"
>" -u|--user Drop privileges and change to
> userid\n"
> @@ -535,6 +559,52 @@ static int xmit_smoke_probe(int icmp_sock, struct ctx
> *ctx)
> return -1;
> }
>
> +static bool shaper_is_set(struct shaper *sh)
> +{
> + return sh->type != SHAPER_NONE;
> +}
> +
> +static void shaper_start(struct shaper *sh)
> +{
> + bug_on(gettimeofday(>start, NULL));
> + sh->sent = 0;
> +}
> +
> +static void shaper_init(struct shaper *sh, unsigned long long rate, enum
>
[netsniff-ng] [PATCH] trafgen: Add option to specify packets sending rate
Added -b,--rate option in units of:
pps/B/KB/MB/kBit/Mbit/Gbit/KiB/MiB/GiB
to specify rate at which packets will be sent.
Similary to -t,--gap option the packets will be sent
in slow mode with 1 CPU.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.8 | 4 ++
trafgen.c | 138 ++
2 files changed, 133 insertions(+), 9 deletions(-)
diff --git a/trafgen.8 b/trafgen.8
index 6f5d318..c78a373 100644
--- a/trafgen.8
+++ b/trafgen.8
@@ -136,6 +136,10 @@ probing for a given interval, iii) ping-like debugging
with specific payload
patterns. Furthermore, the TX_RING interface does not cope with interpacket
gaps.
.PP
+.SS -b , --rate
+Specify the rate of packet sending in
pps/B/KB/MB/GB/kBit/Mbit/Gbit/KiB/MiB/GiB units.
+Similary to -t,--gap option - packets are sent in slow mode.
+.PP
.SS -S , --ring-size
Manually define the TX_RING resp. TX_RING size in ''KiB/MiB/GiB''. On
default the size is being determined based on the network connectivity rate.
diff --git a/trafgen.c b/trafgen.c
index df2ecf4..969b8b7 100644
--- a/trafgen.c
+++ b/trafgen.c
@@ -55,6 +55,26 @@
#include "ring_tx.h"
#include "csum.h"
+#ifndef timeval_to_timespec
+#define timeval_to_timespec(tv, ts) { \
+ (ts)->tv_sec = (tv)->tv_sec; \
+ (ts)->tv_nsec = (tv)->tv_usec * 1000; \
+}
+#endif
+
+enum shaper_type {
+ SHAPER_PKTS,
+ SHAPER_BYTES,
+};
+
+struct shaper {
+ enum shaper_type type;
+ unsigned long rate;
+ unsigned long long sent;
+ struct timeval start;
+ struct timeval end;
+};
+
struct ctx {
bool rand, rfraw, jumbo_support, verbose, smoke_test, enforce,
qdisc_path;
size_t reserve_size;
@@ -65,6 +85,7 @@ struct ctx {
struct timespec gap;
struct sockaddr_in dest;
char *packet_str;
+ struct shaper sh;
};
struct cpu_stats {
@@ -83,7 +104,7 @@ size_t plen = 0;
struct packet_dyn *packet_dyn = NULL;
size_t dlen = 0;
-static const char *short_options = "d:c:n:t:vJhS:rk:i:o:VRs:P:eE:pu:g:CHQqD:";
+static const char *short_options =
"d:c:n:t:vJhS:rk:i:o:VRs:P:eE:pu:g:CHQqD:b:";
static const struct option long_options[] = {
{"dev", required_argument, NULL, 'd'},
{"out", required_argument, NULL, 'o'},
@@ -91,6 +112,7 @@ static const struct option long_options[] = {
{"conf",required_argument, NULL, 'c'},
{"num", required_argument, NULL, 'n'},
{"gap", required_argument, NULL, 't'},
+ {"rate",required_argument, NULL, 'b'},
{"cpus",required_argument, NULL, 'P'},
{"ring-size", required_argument, NULL, 'S'},
{"kernel-pull", required_argument, NULL, 'k'},
@@ -172,6 +194,7 @@ static void __noreturn help(void)
" -r|--rand Randomize packet selection (def:
round robin)\n"
" -P|--cpusSpecify number of forks(<= CPUs)
(def: #CPUs)\n"
" -t|--gap Set approx. interpacket gap
(s/ms/us/ns, def: us)\n"
+" -b|--rateSend traffic at specified rate
(pps/B/KB/MB/GB/kBit/Mbit/Gbit/KiB/MiB/GiB)\n"
" -S|--ring-size Manually set mmap size
(KiB/MiB/GiB)\n"
" -E|--seedManually set srand(3) seed\n"
" -u|--user Drop privileges and change to
userid\n"
@@ -535,6 +558,51 @@ static int xmit_smoke_probe(int icmp_sock, struct ctx *ctx)
return -1;
}
+static bool shaper_is_set(struct shaper *sh)
+{
+ return sh->rate != 0;
+}
+
+static void shaper_start(struct shaper *sh)
+{
+ bug_on(gettimeofday(>start, NULL));
+ sh->sent = 0;
+}
+
+static void shaper_init(struct shaper *sh, unsigned long rate, enum
shaper_type type)
+{
+ memset(sh, 0, sizeof(struct shaper));
+ sh->rate = rate;
+ sh->type = type;
+}
+
+static void shaper_delay(struct shaper *sh, unsigned long long pkt_len)
+{
+ if ((sh->start.tv_sec | sh->start.tv_usec) > 0) {
+ sh->sent += sh->type == SHAPER_BYTES ? pkt_len : 1;
+
+ if (sh->sent >= sh->rate) {
+ struct timeval delay_us;
+ struct timespec delay_ns;
+ struct timeval time_sent;
+ struct timeval time_1s = { .tv_sec = 1 };
+
+ bug_on(gettimeofday(>end, NULL));
+ timersub(>end, >start, _sent);
+
+ if (timercmp(_1s, _sent,
[netsniff-ng] Re: Shell variables support in trafgen
On Wednesday, May 13, 2015 at 10:04:28 AM UTC+3, Kenneth Aaron wrote: > > Hi, > > Is it possible to use shell variables in the configuration file? > The use case I have is a script that sets variables such as IP address ( > $SrcIP_Byte1 , $SrcIP_Byte2 , $SrcIP_Byte3 , $SrcIP_Byte4 ) then trafgen is > called using a standard configuration file, but the variables $SrcIP_Byte1 > etc are referenced from within the config file itself > The alternative is that the shell script use 'sed' or other means of > manipulating the config file, but variables are so much easier > > Thanks > Hi, I added -D option which allows to .pass C preprocessor macro/define (with combination of -p,--cpp option) and I think it can be used similary to what you requested. The changes currently are only in master branch in official repo. The same option was added for bpfc. Regards, Vadim Kochan -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 0/3] flowtop: Misc updates: filter state, refresh flag reset
There are just few different changes like: 1) Show family in filter status bar 2) Show if 'Active' flows mode is selected in filter status bar 3) Reset do_refresh flag immideately if it is enabled to make able refresh flows again if this flag was changed while refreshing. Vadim Kochan (3): flowtop: Show selected proto family flowtop: Indicate if 'active' flows mode is selected flowtop: Refresh flows if filter was changed while flows loading flowtop.c | 35 --- 1 file changed, 24 insertions(+), 11 deletions(-) -- 2.6.3 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 3/3] flowtop: Refresh flows if filter was changed while flows loading
Reset do_reload_flows flag before dump flows. It allows to change
filter state more dynamically
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index d90e1ee..1d438ba 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -1676,12 +1676,12 @@ static void *collector(void *null __maybe_unused)
if (!do_reload_flows) {
usleep(USEC_PER_SEC * interval);
} else {
+ do_reload_flows = false;
+
flow_list_destroy(_list);
collector_create_filter(ct_event);
collector_dump_flows();
-
- do_reload_flows = false;
}
collector_refresh_flows(ct_update);
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH 2/3] flowtop: Indicate if 'active' flows mode is selected
Show 'Active' filter status if 'a' was pressed.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
flowtop.c | 4
1 file changed, 4 insertions(+)
diff --git a/flowtop.c b/flowtop.c
index 52e4bef..d90e1ee 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -1146,6 +1146,7 @@ static void draw_flows(WINDOW *screen, struct flow_list
*fl,
}
mvwprintw(screen, 1, 2, "Kernel netfilter flows(%u) for ", flows);
+
if (what & INCLUDE_IPV4)
printw("IPv4,");
if (what & INCLUDE_IPV6)
@@ -1162,6 +1163,9 @@ static void draw_flows(WINDOW *screen, struct flow_list
*fl,
printw("ICMP,");
if (what & INCLUDE_ICMP && what & INCLUDE_IPV6)
printw("ICMP6,");
+ if (show_active_only)
+ printw("Active,");
+
printw(" [+%d]", skip_lines);
if (is_flow_collecting)
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 1/4] netsniff-ng: nlmsg: Resolve genl family name
On Tue, Dec 08, 2015 at 05:00:52PM +0100, Tobias Klauser wrote:
> On 2015-11-30 at 01:05:04 +0100, Vadim Kochan <vadi...@gmail.com> wrote:
> > Print name of resolved genl family name by type
>
> This patch does quite a bit more than the description says (i.e. the
> init/uninit hooks). Please be a bit more verbose in your patch
> descriptions.
>
> > Signed-off-by: Vadim Kochan <vadi...@gmail.com>
> > ---
> > dissector_netlink.c | 3 ++
> > proto.h | 15 ++
> > proto_nlmsg.c | 82
> > +
> > protos.h| 2 +-
> > 4 files changed, 96 insertions(+), 6 deletions(-)
> >
> > diff --git a/dissector_netlink.c b/dissector_netlink.c
> > index 2b23a99..b4de112 100644
> > --- a/dissector_netlink.c
> > +++ b/dissector_netlink.c
> > @@ -19,10 +19,13 @@ static inline void dissector_init_exit(int type)
> >
> > void dissector_init_netlink(int fnttype)
> > {
> > + proto_ops_init(_ops);
> > +
> > dissector_init_entry(fnttype);
> > dissector_init_exit(fnttype);
> > }
> >
> > void dissector_cleanup_netlink(void)
> > {
> > + proto_ops_uninit(_ops);
> > }
> > diff --git a/proto.h b/proto.h
> > index 0cc1fd8..03a07e2 100644
> > --- a/proto.h
> > +++ b/proto.h
> > @@ -10,6 +10,7 @@
> >
> > #include
> > #include
> > +#include
>
> What is this needed for?
>
> >
> > #include "tprintf.h"
> >
> > @@ -20,6 +21,8 @@ struct protocol {
> > const unsigned int key;
> > void (*print_full)(struct pkt_buff *pkt);
> > void (*print_less)(struct pkt_buff *pkt);
> > + void (*init)(void);
> > + void (*uninit)(void);
>
> I don't think the very specific case of dissecting genl family messages
> deserves the introduction of these hooks. How about just doing the init
> work the first time the genl stuff is actually used?
Yes, init can be done on demand within proto_nlmsg.c module by 1st, but what
about uninit ?
May be at least uninit/cleanup/exit hook might be added only which will
close genl socket if it is not NULL ?
Regards,
>
> Sorry for the brevity, I currently have a very limited bandwidth to
> review patches...
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v4 6/6] trafgen: Added option to pass macro/define for C preprocessor
Add -D,--define option which allows to pass multiple
macro/defines which can be used in trafgen script
(e.g. by #ifdef ).
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
trafgen.8| 4
trafgen.c| 19 +++
trafgen_conf.h | 3 ++-
trafgen_parser.y | 5 +++--
4 files changed, 24 insertions(+), 7 deletions(-)
diff --git a/trafgen.8 b/trafgen.8
index 18b2b61..d84970c 100644
--- a/trafgen.8
+++ b/trafgen.8
@@ -79,6 +79,10 @@ Pass the packet configuration to the C preprocessor before
reading it into
trafgen. This allows #define and #include directives (e.g. to include
definitions from system headers) to be used in the trafgen configuration file.
.PP
+.SS -D, --define
+Add macro/define for C preprocessor to use it within trafgen file. This option
is used
+in combination with -p,--cpp option.
+.PP
.SS -J, --jumbo-support
By default trafgen's ring buffer frames are of a fixed size of 2048 bytes.
This means that if you're expecting jumbo frames or even super jumbo frames to
diff --git a/trafgen.c b/trafgen.c
index d01f160..c599da4 100644
--- a/trafgen.c
+++ b/trafgen.c
@@ -83,7 +83,7 @@ size_t plen = 0;
struct packet_dyn *packet_dyn = NULL;
size_t dlen = 0;
-static const char *short_options = "d:c:n:t:vJhS:rk:i:o:VRs:P:eE:pu:g:CHQq";
+static const char *short_options = "d:c:n:t:vJhS:rk:i:o:VRs:P:eE:pu:g:CHQqD:";
static const struct option long_options[] = {
{"dev", required_argument, NULL, 'd'},
{"out", required_argument, NULL, 'o'},
@@ -105,6 +105,7 @@ static const struct option long_options[] = {
{"jumbo-support", no_argument,NULL, 'J'},
{"no-cpu-stats",no_argument,NULL, 'C'},
{"cpp", no_argument,NULL, 'p'},
+ {"define", required_argument, NULL, 'D'},
{"rfraw", no_argument,NULL, 'R'},
{"rand",no_argument,NULL, 'r'},
{"verbose", no_argument,NULL, 'V'},
@@ -163,6 +164,7 @@ static void __noreturn help(void)
" -i|-c|--in|--conf Packet configuration
file/stdin\n"
" -o|-d|--out|--dev Networking device i.e., eth0\n"
" -p|--cpp Run packet config through C
preprocessor\n"
+" -D|--defineAdd macro/define for C
preprocessor\n"
" -J|--jumbo-support Support 64KB super jumbo frames
(def: 2048B)\n"
" -R|--rfraw Inject raw 802.11 frames\n"
" -s|--smoke-test Probe if machine survived
fuzz-tested packet\n"
@@ -823,12 +825,13 @@ static void xmit_packet_precheck(struct ctx *ctx,
unsigned int cpu)
}
static void main_loop(struct ctx *ctx, char *confname, bool slow,
- unsigned int cpu, bool invoke_cpp, unsigned long orig_num)
+ unsigned int cpu, bool invoke_cpp, char **cpp_argv,
+ unsigned long orig_num)
{
if (ctx->packet_str)
compile_packets_str(ctx->packet_str, ctx->verbose, cpu);
else
- compile_packets(confname, ctx->verbose, cpu, invoke_cpp);
+ compile_packets(confname, ctx->verbose, cpu, invoke_cpp,
cpp_argv);
preprocess_packets();
@@ -896,6 +899,8 @@ int main(int argc, char **argv)
unsigned long long tx_packets, tx_bytes;
struct ctx ctx;
int min_opts = 5;
+ char **cpp_argv = NULL;
+ int cpp_argc = 0;
fmemset(, 0, sizeof(ctx));
ctx.cpus = get_number_cpus_online();
@@ -924,6 +929,10 @@ int main(int argc, char **argv)
case 'p':
invoke_cpp = true;
break;
+ case 'D':
+ cpp_argv = argv_insert(cpp_argv, _argc, "-D");
+ cpp_argv = argv_insert(cpp_argv, _argc, optarg);
+ break;
case 'V':
ctx.verbose = true;
break;
@@ -1133,7 +1142,8 @@ int main(int argc, char **argv)
srand(seed);
cpu_affinity(i);
- main_loop(, confname, slow, i, invoke_cpp,
orig_num);
+ main_loop(, confname, slow, i, invoke_cpp,
+ cpp_argv, orig_num);
goto thread_out;
case -1:
@@ -1179,6 +1189,7 @@ thread_out:
if (set_irq_aff)
device_restore_irq_affinity_list();
+ argv_free(cpp_argv);
free(ctx.device);
free(ctx.device_trans);
free(ct
[netsniff-ng] [PATCH v4 1/6] proc: Add function to execute process with argv list
Add proc_exec function which executes given process with
argv list via fork + execvp.
It allows to replace 'system' call approach which is used
for invoking cpp and securely extend it with additional options
like -D.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
proc.c | 29 +
proc.h | 1 +
2 files changed, 30 insertions(+)
diff --git a/proc.c b/proc.c
index 672f00d..0937159 100644
--- a/proc.c
+++ b/proc.c
@@ -1,5 +1,6 @@
#define _GNU_SOURCE
#include
+#include
#include
#include
#include
@@ -79,3 +80,31 @@ ssize_t proc_get_cmdline(unsigned int pid, char *cmdline,
size_t len)
return ret;
}
+
+int proc_exec(char *proc, char **argv)
+{
+ int status;
+ pid_t pid;
+
+ pid = fork();
+ if (pid < 0) {
+ perror("fork");
+ return -1;
+ }
+ if (!pid) {
+ if (execvp(proc, argv) < 0)
+ fprintf(stderr, "Failed to exec: %s\n", proc);
+
+ _exit(1);
+ }
+
+ if (waitpid(pid, , 0) < 0) {
+ perror("waitpid");
+ return -2;
+ }
+
+ if (!WIFEXITED(status))
+ return -WEXITSTATUS(status);
+
+ return 0;
+}
diff --git a/proc.h b/proc.h
index 996ce06..a4b5443 100644
--- a/proc.h
+++ b/proc.h
@@ -7,5 +7,6 @@ extern void cpu_affinity(int cpu);
extern int set_proc_prio(int prio);
extern int set_sched_status(int policy, int priority);
extern ssize_t proc_get_cmdline(unsigned int pid, char *cmdline, size_t len);
+extern int proc_exec(char *proc, char **argv);
#endif /* PROC_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v4 4/6] str: Add helper to extend dynamically argv list
Add argv_insert function to dynamically insert string
into argv list.
Also added argv_free func to easy free dynamically allocated
argv list.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
str.c | 20
str.h | 2 ++
2 files changed, 22 insertions(+)
diff --git a/str.c b/str.c
index f4cb099..6c42b5d 100644
--- a/str.c
+++ b/str.c
@@ -109,3 +109,23 @@ char *argv2str(int startind, int argc, char **argv)
return str;
}
+
+char **argv_insert(char **argv, int *count, char *str)
+{
+ argv = (char **)xrealloc(argv, (*count + 2) * sizeof(char *));
+ argv[*count] = str ? xstrdup(str) : xstrdup("");
+ argv[*count + 1] = NULL;
+
+ *count += 1;
+ return argv;
+}
+
+void argv_free(char **argv)
+{
+ char **tmp = argv;
+
+ for (; argv && *argv; argv++)
+ free(*argv);
+
+ free(tmp);
+}
diff --git a/str.h b/str.h
index 7d078da..8de9e11 100644
--- a/str.h
+++ b/str.h
@@ -9,5 +9,7 @@ extern int slprintf_nocheck(char *dst, size_t size, const char
*fmt, ...);
extern char *strtrim_right(char *p, char c);
extern noinline void *xmemset(void *s, int c, size_t n);
extern char *argv2str(int startind, int argc, char **argv);
+extern char **argv_insert(char **argv, int *count, char *str);
+extern void argv_free(char **argv);
#endif /* STR_H */
--
2.6.3
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH v4 5/6] bpfc: Add option to pass macro/define for C preprocessor
Add -D,--define option to pass macro/define for C preprocessor
(e.g. to use #ifdef's within bpf file). Option allows to pass
multiple -D,--define options.
Signed-off-by: Vadim Kochan <vadi...@gmail.com>
---
bpf_parser.y | 6 +++---
bpfc.8 | 4
bpfc.c | 16 +---
3 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/bpf_parser.y b/bpf_parser.y
index 7331cc5..2c566a1 100644
--- a/bpf_parser.y
+++ b/bpf_parser.y
@@ -28,7 +28,7 @@
#include "cpp.h"
int compile_filter(char *file, int verbose, int bypass, int format,
- bool invoke_cpp);
+ bool invoke_cpp, char **cpp_argv);
static int curr_instr = 0;
@@ -735,7 +735,7 @@ static void pretty_printer(const struct sock_fprog *prog,
int format)
}
int compile_filter(char *file, int verbose, int bypass, int format,
- bool invoke_cpp)
+ bool invoke_cpp, char **cpp_argv)
{
int i;
struct sock_fprog res;
@@ -745,7 +745,7 @@ int compile_filter(char *file, int verbose, int bypass, int
format,
memset(tmp_file, 0, sizeof(tmp_file));
if (invoke_cpp) {
- ret = cpp_exec(file, tmp_file, sizeof(tmp_file), NULL);
+ ret = cpp_exec(file, tmp_file, sizeof(tmp_file), cpp_argv);
if (ret) {
fprintf(stderr, "Failed to invoke C preprocessor!\n");
goto exit;
diff --git a/bpfc.8 b/bpfc.8
index 8a99e2e..dde7da5 100644
--- a/bpfc.8
+++ b/bpfc.8
@@ -65,6 +65,10 @@ Pass the bpf program through the C preprocessor before
reading it in
bpfc. This allows #define and #include directives (e.g. to include
definitions from system headers) to be used in the bpf program.
.PP
+.SS -D, --define
+Add macro/define for C preprocessor to use it within bpf file. This option is
used
+in combination with -p,--cpp option.
+.PP
.SS -f , --format
Specify a different output format than the default that is netsniff-ng
compatible. The specifier can be: C, netsniff-ng, xt_bpf, tcpdump.
diff --git a/bpfc.c b/bpfc.c
index d360cf5..e6dfeb7 100644
--- a/bpfc.c
+++ b/bpfc.c
@@ -17,12 +17,14 @@
#include "die.h"
#include "bpf.h"
#include "config.h"
+#include "str.h"
-static const char *short_options = "vhi:Vdbf:p";
+static const char *short_options = "vhi:Vdbf:pD:";
static const struct option long_options[] = {
{"input", required_argument, NULL, 'i'},
{"format", required_argument, NULL, 'f'},
{"cpp", no_argument,NULL, 'p'},
+ {"define", required_argument, NULL, 'D'},
{"verbose", no_argument,NULL, 'V'},
{"bypass", no_argument,NULL, 'b'},
{"dump",no_argument,NULL, 'd'},
@@ -39,7 +41,7 @@ static const char *copyright = "Please report bugs to
<netsniff-ng@googlegroups.
"There is NO WARRANTY, to the extent permitted by law.";
extern int compile_filter(char *file, int verbose, int bypass, int format,
- bool invoke_cpp);
+ bool invoke_cpp, char **cpp_argv);
static void __noreturn help(void)
{
@@ -49,6 +51,7 @@ static void __noreturn help(void)
"Options:\n"
" -i|--input Berkeley Packet Filter file/stdin\n"
" -p|--cppRun bpf program through C
preprocessor\n"
+" -D|--define Add macro/define for C preprocessor\n"
" -f|--format Output format:
C|netsniff-ng|xt_bpf|tcpdump\n"
" -b|--bypass Bypass filter validation (e.g. for bug
testing)\n"
" -V|--verboseBe more verbose\n"
@@ -81,6 +84,8 @@ int main(int argc, char **argv)
{
int ret, verbose = 0, c, opt_index, bypass = 0, format = 0;
bool invoke_cpp = false;
+ char **cpp_argv = NULL;
+ int cpp_argc = 0;
char *file = NULL;
setfsuid(getuid());
@@ -104,6 +109,10 @@ int main(int argc, char **argv)
case 'p':
invoke_cpp = true;
break;
+ case 'D':
+ cpp_argv = argv_insert(cpp_argv, _argc, "-D");
+ cpp_argv = argv_insert(cpp_argv, _argc, optarg);
+ break;
case 'f':
if (!strncmp(optarg, "C", 1) ||
!strncmp(optarg, "netsniff-ng", 11))
@@ -146,8 +155,9 @@ int main(int argc, char **argv)
if (!file)
panic("No Berkeley Packet Filter program specified!\n");
- ret = compile_filter(file, verbose, bypass, forma
