+++ /dev/null
-/******************************************************************************
-Utility to convert a DCCP flow to a TCP flow for DCCP analysis via
- tcptrace.
-
-Copyright (C) 2013 Samuel Jero <sj323707@ohio.edu>
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-Author: Samuel Jero <sj323707@ohio.edu>
-Date: 02/2013
-
-Notes:
- 1)CCID2 ONLY
- 2)DCCP MUST use 48 bit sequence numbers
- 3)DCCP DATA packets are not implemented (Linux doesn't use them)
- 4)DCCP Ack packets show up as TCP packets containing one byte
-******************************************************************************/
-#include "dccp2tcp.h"
-
-unsigned int interp_ack_vect(u_char* hdr);
-u_int32_t initialize_seq(struct host *seq, __be32 initial);
-u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type type);
-u_int32_t convert_ack(struct host *seq, __be32 num);
-int acked_packet_size(struct host *seq, __be32 num);
-void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr, __be32 dccpack);
-
-/*do all the dccp to tcp conversions*/
-int ccid2_convert_packet(struct packet *new, const struct const_packet* old)
-{
- struct tcphdr *tcph;
- struct dccp_hdr *dccph;
- struct dccp_hdr_ext *dccphex;
- struct dccp_hdr_ack_bits *dccphack;
- struct host *h1=NULL;
- struct host *h2=NULL;
- int datalength;
- int len=0;
- const u_char* pd;
- u_char* npd;
- u_char* tcpopt;
-
- /*cast header pointers*/
- tcph=(struct tcphdr*)new->data;
- dccph=(struct dccp_hdr*)old->data;
- dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
- dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
-
- /*Get Hosts*/
- if(get_host(new->src_id, new->dest_id, new->id_len,
- dccph->dccph_sport, dccph->dccph_dport, &h1, &h2)){
- dbgprintf(0,"Error: Can't Get Hosts!\n");
- return 0;
- }
- if(h1==NULL || h2==NULL){
- dbgprintf(0, "Error: Can't Get Hosts!\n");
- return 0;
- }
-
- /*Ensure packet is at least as large as DCCP header*/
- if(dccph->dccph_type!=DCCP_PKT_DATA &&
- old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) +
- sizeof(struct dccp_hdr_ack_bits))){
- dbgprintf(0, "Error: DCCP Packet Too short!\n");
- }
-
- /*determine data length*/
- datalength=old->length - dccph->dccph_doff*4;
- pd=old->data + dccph->dccph_doff*4;
-
- /*set TCP standard features*/
- tcph->source=dccph->dccph_sport;
- tcph->dest=dccph->dccph_dport;
- tcph->doff=5;
- tcph->check=htonl(0);
- tcph->urg_ptr=0;
-
- /*Adjust TCP advertised window size*/
- if(!yellow){
- tcph->window=htons(30000);
- }
-
- /*make changes by packet type*/
- if(dccph->dccph_type==DCCP_PKT_REQUEST){//DCCP REQUEST -->TCP SYN
- dbgprintf(2,"Packet Type: Request\n");
- if(h1->state==INIT){
- if(yellow){
- tcph->window=htons(0);
- }
- tcph->ack_seq=htonl(0);
- tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low)));
- tcph->syn=1;
- tcph->ack=0;
- tcph->fin=0;
- tcph->rst=0;
-
- /* add Sack-permitted option, if relevant*/
- if(sack){
- tcpopt=(u_char*)(new->data + tcph->doff*4);
- *tcpopt=4;
- tcpopt++;
- *tcpopt=2;
- tcph->doff++;
- }
-
- /*calculate length*/
- len=tcph->doff*4;
- }
- }
-
- if(dccph->dccph_type==DCCP_PKT_RESPONSE){//DCCP RESPONSE-->TCP SYN,ACK
- dbgprintf(2,"Packet Type: Response\n");
- if(h2->state==OPEN && h1->state==INIT){
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)));
- if(yellow){
- tcph->window=htons(0);
- }
- tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low)));
- tcph->syn=1;
- tcph->ack=1;
- tcph->fin=0;
- tcph->rst=0;
-
- /* add Sack-permitted option, if relevant*/
- if(sack){
- tcpopt=(u_char*)(new->data + tcph->doff*4);
- *tcpopt=4;
- *(tcpopt+1)=2;
- tcph->doff++;
- }
-
- /*calculate length*/
- len=tcph->doff*4;
- }
- }
-
- if(dccph->dccph_type==DCCP_PKT_DATA){//DCCP DATA----Never seen in packet capture
- dbgprintf(0,"DCCP Data packet not yet implemented\n");
- exit(1);
- }
-
- if(dccph->dccph_type==DCCP_PKT_DATAACK){//DCCP DATAACK-->TCP ACK with data
- dbgprintf(2,"Packet Type: DataAck\n");
- if(green){
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph)));
- }
- tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type));
- if(yellow){
- tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
- }
- if(sack){
- if(sack!=2 || interp_ack_vect((u_char*)dccph)){
- ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) );
- }
- }
-
- tcph->syn=0;
- tcph->ack=1;
- tcph->fin=0;
- tcph->rst=0;
-
- /*copy data*/
- npd=new->data + tcph->doff*4;
- memcpy(npd, pd, datalength);
-
- /*calculate length*/
- len= tcph->doff*4 + datalength;
- }
-
- if(dccph->dccph_type==DCCP_PKT_ACK){ //DCCP ACK -->TCP ACK with no data
- dbgprintf(2,"Packet Type: Ack\n");
- if(green){
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph)));
- }
- tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type));
- if(yellow){
- tcph->window=htons(-interp_ack_vect((u_char*)dccph)*1400);
- if(-interp_ack_vect((u_char*)dccph)*1400 > 65535){
- printf("Note: TCP Window Overflow @ %d.%d\n", (int)old->h->ts.tv_sec, (int)old->h->ts.tv_usec);
- }
- }
- if(sack){
- if(sack!=2 || interp_ack_vect((u_char*)dccph)){
- ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) );
- }
- }
-
- tcph->syn=0;
- tcph->ack=1;
- tcph->fin=0;
- tcph->rst=0;
-
- /*calculate length*/
- len=tcph->doff*4 + 1;
- }
-
- if(dccph->dccph_type==DCCP_PKT_CLOSEREQ){//DCCP CLOSEREQ----Never seen in packet capture
- dbgprintf(0,"DCCP CloseReq not yet implemented\n");
- exit(1);
- }
-
- if(dccph->dccph_type==DCCP_PKT_CLOSE){//DCCP CLOSE-->TCP FIN,ACK
- dbgprintf(2,"Packet Type: Close\n");
- update_state(h1,CLOSE);
- if(green){
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph)));
- }
- tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type));
- if(yellow){
- tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
- }
- if(sack){
- if(sack!=2 || interp_ack_vect((u_char*)dccph)){
- ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) );
- }
- }
-
- tcph->syn=0;
- tcph->ack=1;
- tcph->fin=1;
- tcph->rst=0;
-
- /*calculate length*/
- len=tcph->doff*4;
- }
-
- if(dccph->dccph_type==DCCP_PKT_RESET){//DCCP RESET-->TCP FIN,ACK (only seen at end of connection as CLOSE ACK)
- if(h2->state==CLOSE){
- update_state(h1,CLOSE);
- }
- dbgprintf(2,"Packet Type: Reset\n");
- if(green){
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph)));
- }
- tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type));
- if(yellow){
- tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
- }
- if(sack){
- if(sack!=2 || interp_ack_vect((u_char*)dccph)){
- ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) );
- }
- }
-
- tcph->syn=0;
- tcph->ack=1;
- tcph->fin=1;
- tcph->rst=0;
-
- /*calculate length*/
- len=tcph->doff*4;
- }
-
- if(dccph->dccph_type==DCCP_PKT_SYNC){//DCCP SYNC
- dbgprintf(2,"Packet Type: Sync\n");
- if(green){
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph)));
- }
- tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type));
- if(yellow){
- tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->window=htons(0);
- }
- if(sack){
- if(sack!=2 || interp_ack_vect((u_char*)dccph)){
- ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) );
- }
- }
-
- tcph->syn=0;
- tcph->ack=1;
- tcph->fin=0;
- tcph->rst=0;
-
- /*calculate length*/
- len=tcph->doff*4;
- }
-
- if(dccph->dccph_type==DCCP_PKT_SYNCACK){//DCCP SYNACK
- dbgprintf(2,"Packet Type: SyncAck\n");
- if(green){
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph)));
- }
- tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type));
- if(yellow){
- tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
- }else{
- tcph->window=htons(0);
- }
- if(sack){
- if(sack!=2 || interp_ack_vect((u_char*)dccph)){
- ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low));
- }
- }
-
- tcph->syn=0;
- tcph->ack=1;
- tcph->fin=0;
- tcph->rst=0;
-
- /*calculate length*/
- len=tcph->doff*4;
- }
-
- if(dccph->dccph_type==DCCP_PKT_INVALID){//DCCP INVALID----Never seen in packet capture
- dbgprintf(0,"Invalid DCCP Packet!!\n");
- return 0;
- }
-
- new->length=len;
-return 1;
-}
-
-
-/*Parse Ack Vector Options
- * Returns the Number of packets since last recorded loss*/
-unsigned int interp_ack_vect(u_char* hdr)
-{
- int hdrlen=((struct dccp_hdr*)hdr)->dccph_doff*4;
- //struct dccp_hdr_ext* e=(struct dccp_hdr_ext*)hdr + sizeof(struct dccp_hdr);
- int optlen;
- int len;
- int tmp;
- int bp=0;
- int additional=0;
- u_char* opt;
- u_char* cur;
-
- /*setup pointer to DCCP options and determine how long the options are*/
- optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
- opt=hdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
-
- /*parse options*/
- while(optlen > 0){
-
- /*One byte options (no length)*/
- if(*opt< 32){
- optlen--;
- opt++;
- continue;
- }
-
- /*Check option length*/
- len=*(opt+1);
- if(len > optlen){
- dbgprintf(0, "Warning: Option would extend into packet data\n");
- return additional;
- }
-
- /*Ack Vector Option*/
- if(*opt==38 || *opt==39){
- tmp=len-2;
- cur=opt+2;
- /*loop through Vector*/
- while(tmp > 0){
- /*ack vector works BACKWARDS through time*/
-
- /*keep track of total packets recieved and if
- a packet is lost, subtract all packets received
- after that*/
- if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet
- bp+=(*cur & 0x3F)+1;
- additional= -bp;
- }
-
- if((*cur & 0xC0)==0x00){ //received packet
- bp+= (*cur & 0x3F)+1;
- }
-
- if(((*cur& 0xC0)!= 0xC0) && ((*cur& 0xC0)!= 0x00) && ((*cur& 0xC0)!= 0x40)){
- dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!)\n");
- }
- tmp--;
- cur++;
- }
- }
-
- optlen-=len;
- opt+=len;
- }
-
- dbgprintf(2,"Ack vector adding: %i\n", additional);
-return additional;
-}
-
-
-/* Setup Sequence Number Structure*/
-u_int32_t initialize_seq(struct host *seq, __be32 initial)
-{
- /*set default values*/
- seq->cur=0;
- seq->size=TBL_SZ;
-
- /*allocate table*/
- seq->table=(struct tbl*)malloc(sizeof(struct tbl)*TBL_SZ);
- if(seq->table==NULL){
- dbgprintf(0,"Can't Allocate Memory!\n");
- exit(1);
- }
-
- /*add first sequence number*/
- seq->table[0].old=initial;
- seq->table[0].new=initial;
- seq->table[0].type=DCCP_PKT_REQUEST;
- seq->table[0].size=0;
- update_state(seq,OPEN);
-return initial;
-}
-
-
-/*Convert Sequence Numbers*/
-u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type type)
-{
- int prev;
- if(seq==NULL){
- dbgprintf(0,"ERROR NULL POINTER!\n");
- exit(1);
- }
-
- if(seq->table==NULL){
- dbgprintf(1, "Warning: Connection uninitialized\n");
- return initialize_seq(seq, num);
- }
-
- /*account for missing packets*/
- if(num - seq->table[seq->cur].old +1 >=100){
- dbgprintf(1,"Missing more than 100 packets!\n");
- }
- while(seq->table[seq->cur].old +1 < num && seq->table[seq->cur].old +1 > 0){
- prev=seq->cur;
- if(num - seq->table[seq->cur].old +1 <100){
- dbgprintf(1,"Missing Packet: %X\n",seq->table[prev].new+1);
- }
- seq->cur=(seq->cur+1)%(seq->size);/*find next available table slot*/
- seq->table[seq->cur].old=seq->table[prev].old+1;
- seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size;
- seq->table[seq->cur].size=size;
- seq->table[seq->cur].type=type;
- }
-
- prev=seq->cur;
- seq->cur=(seq->cur+1)%(seq->size);/*find next available table slot*/
- seq->table[seq->cur].old=num;
- seq->table[seq->cur].size=size;
- seq->table[seq->cur].type=type;
- if(seq->table[prev].type==DCCP_PKT_REQUEST || seq->table[prev].type==DCCP_PKT_RESPONSE){
- seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size;
- seq->table[seq->cur].size=1;
- return seq->table[prev].new + seq->table[prev].size+1;
- }
- if(type==DCCP_PKT_DATA || type==DCCP_PKT_DATAACK || type==DCCP_PKT_ACK){
- seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size;
- return seq->table[seq->cur].new+1;
- }
- if(type==DCCP_PKT_SYNC || type==DCCP_PKT_SYNCACK){
- seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size;
- return seq->table[seq->cur].new;
- }
- seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size;
-return seq->table[seq->cur].new +1;
-}
-
-
-/*Convert Ack Numbers*/
-u_int32_t convert_ack(struct host *seq, __be32 num)
-{
- if(seq==NULL){
- dbgprintf(0,"ERROR NULL POINTER!\n");
- exit(1);
- }
-
- if(seq->table==NULL){
- dbgprintf(1, "Warning: Connection uninitialized\n");
- initialize_seq(seq, num);
- }
-
- /*loop through table looking for the DCCP ack number*/
- for(int i=0; i < seq->size; i++){
- if(seq->table[i].old==num){
- return seq->table[i].new + seq->table[i].size + 1; /*TCP acks the sequence number plus 1*/
- }
- }
-
- dbgprintf(1, "Error: Address Not Found! looking for: %X\n", num);
-return 0;
-}
-
-
-/* Get size of packet being acked*/
-int acked_packet_size(struct host *seq, __be32 num)
-{
- if(seq==NULL){
- dbgprintf(0,"ERROR NULL POINTER!\n");
- exit(1);
- }
-
- if(seq->table==NULL){
- dbgprintf(1, "Warning: Connection uninitialized\n");
- initialize_seq(seq, num);
- }
-
- /*loop through table looking for the DCCP ack number*/
- for(int i=0; i < seq->size; i++){
- if(seq->table[i].old==num){
- return seq->table[i].size;
- }
- }
-
- dbgprintf(1, "Error: Address Not Found! looking for: %X\n", num);
-return 0;
-}
-
-
-/*Ack Vector to SACK Option*/
-void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr, __be32 dccpack)
-{
- int hdrlen=((struct dccp_hdr*)dccphdr)->dccph_doff*4;
- int optlen;
- int len;
- int tmp;
- __be32 bp;
- u_char* temp;
- u_char* opt;
- u_char* cur;
- u_char* tlen;
- u_int32_t bL=0;
- u_int32_t bR;
- u_int32_t* pL;
- u_int32_t* pR;
- int num_blocks;
- int cont;
- int isopt;
-
- /*setup pointer to DCCP options and determine how long the options are*/
- optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
- opt=dccphdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
-
- /*setup tcp pointers*/
- num_blocks=4;
- *tcpopts=5;
- tlen=tcpopts+1;
- temp=tlen;
- temp++;
- pL=(u_int32_t*)temp;
- pR=pL+1;
-
- /*setup tcp control variables*/
- bp=dccpack;
- cont=0;
- *tlen=2;
- isopt=0;
-
- /*parse options*/
- while(optlen > 0){
-
- /*One byte options (no length)*/
- if(*opt< 32){
- optlen--;
- opt++;
- continue;
- }
-
- len=*(opt+1);
- if(len > optlen){
- dbgprintf(0, "Warning: Option would extend into packet data\n");
- break;
- }
-
- /*Ack Vector Option*/
- if(*opt==38 || *opt==39){
- tmp=len-2;
- cur=opt+2;
- /*loop through Vector*/
- while(tmp > 0){
- /*ack vector works BACKWARDS through time*/
-
- if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet
- if(cont){ /*end a SACK run, if one is started*/
- bR=convert_ack(seq, bp);
- cont=0;
- num_blocks--;
- *pR=htonl(bR);
- *pL=htonl(bL);
- tcph->doff+=2;
- *tlen+=8;
- pL=pR+1;
- pR=pL+1;
- }
- bp= bp - (*cur & 0x3F)- 1;
- }
-
- if((*cur & 0xC0)==0x00){ //received packet
- if(!cont){ /*if no SACK run and we can start another one, do so*/
- if(num_blocks>0){
- bL=convert_ack(seq, bp);
- isopt=1;
- cont=1;
-
- }
- }
- bp = bp -(*cur & 0x3F)- 1;
- }
- tmp--;
- cur++;
- }
- }
-
- optlen-=len;
- opt+=len;
- }
-
- /*if we are in the middle of a SACK run, close it*/
- if(cont){
- bR=convert_ack(seq, bp);
- *pR=htonl(bR);
- *pL=htonl(bL);
- tcph->doff+=2;
- *tlen+=8;
- cont=0;
- }
-
- /*adjust length if the option is actually added*/
- if(isopt){
- tcph->doff+=1;
- }
-return;
-}
Utility to convert a DCCP flow to a TCP flow for DCCP analysis via
tcptrace. Functions for differentiating different DCCP connections.
-Copyright (C) 2012 Samuel Jero <sj323707@ohio.edu>
+Copyright (C) 2013 Samuel Jero <sj323707@ohio.edu>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
along with this program. If not, see <http://www.gnu.org/licenses/>.
Author: Samuel Jero <sj323707@ohio.edu>
-Date: 11/2012
-
-Notes:
- 1)CCID2 ONLY
- 2)DCCP MUST use 48 bit sequence numbers
- 3)Checksums are not computed (they are zeroed)
- 4)DCCP DATA packets are not implemented (Linux doesn't use them)
- 5)DCCP Ack packets show up as TCP packets containing one byte
+Date: 02/2013
******************************************************************************/
#include "dccp2tcp.h"
/*Lookup a connection. If it doesn't exist, add a new connection and return it.*/
int get_host(u_char *src_id, u_char* dest_id, int id_len, int src_port, int dest_port,
- struct host **fwd, struct host **rev){
+ struct hcon **fwd, struct hcon **rev){
struct connection *ptr;
/*Empty list*/
memcpy(ptr->A.id,src_id,id_len);
ptr->A.port=src_port;
ptr->A.state=INIT;
+ ptr->A.type=UNKNOWN;
memcpy(ptr->B.id,dest_id,id_len);
ptr->B.port=dest_port;
ptr->B.state=INIT;
+ ptr->B.type=UNKNOWN;
return ptr;
}
/*Update the state on a host*/
-int update_state(struct host* hst, enum con_state st){
+int update_state(struct hcon* hst, enum con_state st){
if(!hst){
return 1;
}
}
return;
}
+
+/* Setup Half Connection Structure*/
+u_int32_t initialize_hcon(struct hcon *hcn, __be32 initial)
+{
+ /*set default values*/
+ hcn->cur=0;
+ hcn->size=TBL_SZ;
+ hcn->high_ack=0;
+
+ /*allocate table*/
+ hcn->table=(struct tbl*)malloc(sizeof(struct tbl)*TBL_SZ);
+ if(hcn->table==NULL){
+ dbgprintf(0,"Can't Allocate Memory!\n");
+ exit(1);
+ }
+
+ /*add first sequence number*/
+ hcn->table[0].old=initial;
+ hcn->table[0].new=initial;
+ hcn->table[0].type=DCCP_PKT_REQUEST;
+ hcn->table[0].size=0;
+ update_state(hcn,OPEN);
+return initial;
+}
+
+/*Convert Sequence Numbers*/
+u_int32_t add_new_seq(struct hcon *hcn, __be32 num, int size, enum dccp_pkt_type type)
+{
+ int prev;
+ if(hcn==NULL){
+ dbgprintf(0,"ERROR NULL POINTER!\n");
+ exit(1);
+ }
+
+ if(hcn->table==NULL){
+ dbgprintf(1, "Warning: Connection uninitialized\n");
+ return initialize_hcon(hcn, num);
+ }
+
+ /*account for missing packets*/
+ if(num - hcn->table[hcn->cur].old +1 >=100){
+ dbgprintf(1,"Missing more than 100 packets!\n");
+ }
+ while(hcn->table[hcn->cur].old +1 < num && hcn->table[hcn->cur].old +1 > 0){
+ prev=hcn->cur;
+ if(num - hcn->table[hcn->cur].old +1 <100){
+ dbgprintf(1,"Missing Packet: %X\n",hcn->table[prev].new+1);
+ }
+ hcn->cur=(hcn->cur+1)%(hcn->size);/*find next available table slot*/
+ hcn->table[hcn->cur].old=hcn->table[prev].old+1;
+ hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size;
+ hcn->table[hcn->cur].size=size;
+ hcn->table[hcn->cur].type=type;
+ }
+
+ prev=hcn->cur;
+ hcn->cur=(hcn->cur+1)%(hcn->size);/*find next available table slot*/
+ hcn->table[hcn->cur].old=num;
+ hcn->table[hcn->cur].size=size;
+ hcn->table[hcn->cur].type=type;
+ if(hcn->table[prev].type==DCCP_PKT_REQUEST || hcn->table[prev].type==DCCP_PKT_RESPONSE){
+ hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size;
+ hcn->table[hcn->cur].size=1;
+ return hcn->table[prev].new + hcn->table[prev].size+1;
+ }
+ if(type==DCCP_PKT_DATA || type==DCCP_PKT_DATAACK || type==DCCP_PKT_ACK){
+ hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size;
+ return hcn->table[hcn->cur].new+1;
+ }
+ if(type==DCCP_PKT_SYNC || type==DCCP_PKT_SYNCACK){
+ hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size;
+ return hcn->table[hcn->cur].new;
+ }
+ hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size;
+return hcn->table[hcn->cur].new +1;
+}
+
+/*Convert Ack Numbers*/
+u_int32_t convert_ack(struct hcon *hcn, __be32 num, struct hcon *o_hcn)
+{
+ if(hcn==NULL){
+ dbgprintf(0,"ERROR NULL POINTER!\n");
+ exit(1);
+ }
+
+ if(hcn->table==NULL){
+ dbgprintf(1, "Warning: Connection uninitialized\n");
+ initialize_hcon(hcn, num);
+ }
+
+ /*loop through table looking for the DCCP ack number*/
+ for(int i=0; i < hcn->size; i++){
+ if(hcn->table[i].old==num){
+ return hcn->table[i].new + hcn->table[i].size + 1; /*TCP acks the sequence number plus 1*/
+ }
+ }
+
+ dbgprintf(1, "Error: Address Not Found! looking for: %X. Using highest ACK, %i, instead\n", num, o_hcn->high_ack);
+return 0;
+}
+
+/* Get size of packet being acked*/
+int acked_packet_size(struct hcon *hcn, __be32 num)
+{
+ if(hcn==NULL){
+ dbgprintf(0,"ERROR NULL POINTER!\n");
+ exit(1);
+ }
+
+ if(hcn->table==NULL){
+ dbgprintf(1, "Warning: Connection uninitialized\n");
+ initialize_hcon(hcn, num);
+ }
+
+ /*loop through table looking for the DCCP ack number*/
+ for(int i=0; i < hcn->size; i++){
+ if(hcn->table[i].old==num){
+ return hcn->table[i].size;
+ }
+ }
+
+ dbgprintf(1, "Error: Address Not Found! looking for: %X\n", num);
+return 0;
+}
+
+/*Parse Ack Vector Options
+ * Returns the Number of packets since last recorded loss*/
+unsigned int interp_ack_vect(u_char* hdr)
+{
+ int hdrlen=((struct dccp_hdr*)hdr)->dccph_doff*4;
+ //struct dccp_hdr_ext* e=(struct dccp_hdr_ext*)hdr + sizeof(struct dccp_hdr);
+ int optlen;
+ int len;
+ int tmp;
+ int bp=0;
+ int additional=0;
+ u_char* opt;
+ u_char* cur;
+
+ /*setup pointer to DCCP options and determine how long the options are*/
+ optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ opt=hdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+
+ if(optlen<=0){
+ return 0;
+ }
+
+ /*parse options*/
+ while(optlen > 0){
+
+ /*One byte options (no length)*/
+ if(*opt< 32){
+ optlen--;
+ opt++;
+ continue;
+ }
+
+ /*Check option length*/
+ len=*(opt+1);
+ if(len > optlen){
+ dbgprintf(0, "Warning: Option would extend into packet data\n");
+ return additional;
+ }
+
+ /*Ack Vector Option*/
+ if(*opt==38 || *opt==39){
+ tmp=len-2;
+ cur=opt+2;
+ /*loop through Vector*/
+ while(tmp > 0){
+ /*ack vector works BACKWARDS through time*/
+
+ /*keep track of total packets recieved and if
+ a packet is lost, subtract all packets received
+ after that*/
+ if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet
+ bp+=(*cur & 0x3F)+1;
+ additional= -bp;
+ }
+
+ if((*cur & 0xC0)==0x00){ //received packet
+ bp+= (*cur & 0x3F)+1;
+ }
+
+ if(((*cur& 0xC0)!= 0xC0) && ((*cur& 0xC0)!= 0x00) && ((*cur& 0xC0)!= 0x40)){
+ dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!)\n");
+ }
+ tmp--;
+ cur++;
+ }
+ }
+
+ optlen-=len;
+ opt+=len;
+ }
+
+ dbgprintf(2,"Ack vector adding: %i\n", additional);
+return additional;
+}
Utility to convert a DCCP flow to a TCP flow for DCCP analysis via
tcptrace.
-Copyright (C) 2012 Samuel Jero <sj323707@ohio.edu>
+Copyright (C) 2013 Samuel Jero <sj323707@ohio.edu>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
along with this program. If not, see <http://www.gnu.org/licenses/>.
Author: Samuel Jero <sj323707@ohio.edu>
-Date: 11/2012
+Date: 02/2013
Notes:
- 1)CCID2 ONLY
- 2)DCCP MUST use 48 bit sequence numbers
- 3)DCCP DATA packets are not implemented (Linux doesn't use them)
- 4)DCCP Ack packets show up as TCP packets containing one byte
+ 1)DCCP MUST use 48 bit sequence numbers
+ 2)DCCP Ack packets show up as TCP packets containing one byte
******************************************************************************/
#include "dccp2tcp.h"
void handle_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *bytes);
+int handle_request(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_response(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_dataack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_ack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_closereq(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_close(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_reset(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_sync(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_syncack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int handle_data(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2);
+int parse_options(const u_char* opt_start, int len, struct hcon* A, struct hcon* B);
+int process_feature(const u_char* feat, int len, int confirm, int L, struct hcon* A, struct hcon* B);
+void ack_vect2sack(struct hcon *seq, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr,
+ __be32 dccpack, struct hcon* o_hcn);
void version();
void usage();
struct tcphdr *tcph;
struct dccp_hdr *dccph;
struct dccp_hdr_ext *dccphex;
- struct host *h1=NULL;
- struct host *h2=NULL;
+ struct hcon *h1=NULL;
+ struct hcon *h2=NULL;
/*Safety checks*/
if(!new || !old || !new->data || !old->data || !new->h || !old->h){
exit(1);
return 0;
}
- if(old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)) || new->length < sizeof(struct dccp_hdr)){
+ if(old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext))
+ || new->length < sizeof(struct dccp_hdr)){
dbgprintf(0, "Error: DCCP Packet Too short!\n");
return 0;
}
return 0;
}
- /*TODO: Add CCID detection*/
- if(h1->type==CCID2 && h2->type==CCID2){
- if(ccid2_convert_packet(new,old)==0){
- return 0;
- }
- }
- if(h1->type==CCID3 && h2->type==CCID3){
- //ccid3_convert_packet(new,old);
+ /*set TCP standard features*/
+ tcph->source=dccph->dccph_sport;
+ tcph->dest=dccph->dccph_dport;
+ tcph->doff=5;
+ tcph->check=htonl(0);
+ tcph->urg_ptr=0;
+
+ /*Adjust TCP advertised window size*/
+ if(!yellow){
+ tcph->window=htons(30000);
}
- if(ccid2_convert_packet(new,old)==0){
- return 0;
+
+ /*Process DCCP Packet Types*/
+ switch(dccph->dccph_type){
+ case DCCP_PKT_REQUEST:
+ dbgprintf(2,"Packet Type: Request\n");
+ if(!handle_request(new, old, h1, h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_RESPONSE:
+ dbgprintf(2,"Packet Type: Response\n");
+ if(!handle_response(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_DATA:
+ if(!handle_data(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_DATAACK:
+ dbgprintf(2,"Packet Type: DataAck\n");
+ if(!handle_dataack(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_ACK:
+ dbgprintf(2,"Packet Type: Ack\n");
+ if(!handle_ack(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_CLOSEREQ:
+ dbgprintf(2,"Packet Type: CloseReq\n");
+ if(!handle_closereq(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_CLOSE:
+ dbgprintf(2,"Packet Type: Close\n");
+ if(!handle_close(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_RESET:
+ dbgprintf(2,"Packet Type: Reset\n");
+ if(!handle_reset(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_SYNC:
+ dbgprintf(2,"Packet Type: Sync\n");
+ if(!handle_sync(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ case DCCP_PKT_SYNCACK:
+ dbgprintf(2,"Packet Type: SyncAck\n");
+ if(!handle_syncack(new,old,h1,h2)){
+ return 0;
+ }
+ break;
+ default:
+ dbgprintf(0,"Invalid DCCP Packet!!\n");
+ return 0;
+ break;
}
/*Compute TCP checksums*/
new->length, new->dest_id, new->src_id, 6);
}else{
tcph->check=0;
- dbgprintf(2,"Unknown ID Length, can't do checksums");
+ dbgprintf(2,"Unknown ID Length, can't do checksums\n");
+ }
+
+ return 1;
+}
+
+int handle_request(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ int datalength;
+ int optlen;
+ u_char* tcpopt;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)+sizeof(struct dccp_hdr_request)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+
+ /*determine data length*/
+ datalength=old->length - dccph->dccph_doff*4;
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)+sizeof(struct dccp_hdr_request);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr)-sizeof(struct dccp_hdr_ext)-sizeof(struct dccp_hdr_request);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do conversion*/
+ if(yellow){
+ tcph->window=htons(0);
+ }
+ tcph->ack_seq=htonl(0);
+ if(h1->state==INIT){
+ tcph->seq=htonl(initialize_hcon(h1, ntohl(dccphex->dccph_seq_low)));
+ }else{
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type));
+ }
+ tcph->syn=1;
+ tcph->ack=0;
+ tcph->fin=0;
+ tcph->rst=0;
+
+ /* add Sack-permitted option, if relevant*/
+ if(sack){
+ tcpopt=(u_char*)(new->data + tcph->doff*4);
+ *tcpopt=4;
+ tcpopt++;
+ *tcpopt=2;
+ tcph->doff++;
+ }
+
+ /*calculate length*/
+ new->length=tcph->doff*4;
+ return 1;
+}
+
+int handle_response(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int optlen;
+ u_char* tcpopt;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)
+ + sizeof(struct dccp_hdr_ack_bits)+sizeof(struct dccp_hdr_request)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) +
+ sizeof(struct dccp_hdr_ack_bits) + sizeof(struct dccp_hdr_request);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext)
+ - sizeof(struct dccp_hdr_ack_bits) - sizeof(struct dccp_hdr_request);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do conversion*/
+ if(h2->state!=OPEN){
+ dbgprintf(0,"Warning: DCCP Response without a Request!!\n");
+ }
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ h1->high_ack=ntohl(tcph->ack_seq);
+ if(yellow){
+ tcph->window=htons(0);
+ }
+ if(h1->state==INIT){
+ tcph->seq=htonl(initialize_hcon(h1, ntohl(dccphex->dccph_seq_low)));
}
+ tcph->syn=1;
+ tcph->ack=1;
+ tcph->fin=0;
+ tcph->rst=0;
+ /* add Sack-permitted option, if relevant*/
+ if(sack){
+ tcpopt=(u_char*)(new->data + tcph->doff*4);
+ *tcpopt=4;
+ *(tcpopt+1)=2;
+ tcph->doff++;
+ }
+
+ /*calculate length*/
+ new->length=tcph->doff*4;
return 1;
}
-void version(){
+int handle_dataack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int datalength;
+ int optlen;
+ const u_char* pd;
+ u_char* npd;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*determine data length*/
+ datalength=old->length - dccph->dccph_doff*4;
+ pd=old->data + dccph->dccph_doff*4;
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do Conversion*/
+ if(green){
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ }else{
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1));
+ }
+ h1->high_ack=ntohl(tcph->ack_seq);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type));
+ if(yellow){
+ tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
+ }
+ if(sack){
+ if(sack!=2 || interp_ack_vect((u_char*)dccph)){
+ ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1);
+ }
+ }
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=0;
+ tcph->rst=0;
+
+ /*copy data*/
+ npd=new->data + tcph->doff*4;
+ memcpy(npd, pd, datalength);
+
+ /*calculate length*/
+ new->length=tcph->doff*4 + datalength;
+ return 1;
+}
+
+int handle_ack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int optlen;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do Conversion*/
+ if(green){
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ }else{
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1));
+ }
+ h1->high_ack=ntohl(tcph->ack_seq);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type));
+ if(yellow){
+ tcph->window=htons(-interp_ack_vect((u_char*)dccph)*1400);
+ if(-interp_ack_vect((u_char*)dccph)*1400 > 65535){
+ dbgprintf(0,"Note: TCP Window Overflow @ %d.%d\n", (int)old->h->ts.tv_sec, (int)old->h->ts.tv_usec);
+ }
+ }
+ if(sack){
+ if(sack!=2 || interp_ack_vect((u_char*)dccph)){
+ ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1);
+ }
+ }
+
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=0;
+ tcph->rst=0;
+
+ /*calculate length*/
+ new->length=tcph->doff*4 + 1;
+ return 1;
+}
+
+int handle_closereq(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int optlen;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do Conversion*/
+ if(green){
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ }else{
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1));
+ }
+ h1->high_ack=ntohl(tcph->ack_seq);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type));
+ if(yellow){
+ tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
+ }
+ if(sack){
+ if(sack!=2 || interp_ack_vect((u_char*)dccph)){
+ ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1);
+ }
+ }
+
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=1;
+ tcph->rst=0;
+
+ /*calculate length*/
+ new->length=tcph->doff*4;
+ return 1;
+}
+
+int handle_close(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int optlen;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do Conversion*/
+ update_state(h1,CLOSE);
+ if(green){
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ }else{
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1));
+ }
+ h1->high_ack=ntohl(tcph->ack_seq);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type));
+ if(yellow){
+ tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
+ }
+ if(sack){
+ if(sack!=2 || interp_ack_vect((u_char*)dccph)){
+ ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1);
+ }
+ }
+
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=1;
+ tcph->rst=0;
+
+ /*calculate length*/
+ new->length=tcph->doff*4;
+ return 1;
+}
+
+int handle_reset(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int optlen;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do Conversion*/
+ if(h2->state==CLOSE){
+ update_state(h1,CLOSE);
+ }
+ if(green){
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ }else{
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1));
+ }
+ h1->high_ack=ntohl(tcph->ack_seq);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type));
+ if(yellow){
+ tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
+ }
+ if(sack){
+ if(sack!=2 || interp_ack_vect((u_char*)dccph)){
+ ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1);
+ }
+ }
+
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=1;
+ tcph->rst=0;
+
+ /*calculate length*/
+ new->length=tcph->doff*4;
+ return 1;
+}
+
+int handle_sync(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int optlen;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do Conversion*/
+ if(green){
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ }else{
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1));
+ }
+ h1->high_ack=ntohl(tcph->ack_seq);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type));
+ if(yellow){
+ tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
+ }else{
+ tcph->window=htons(0);
+ }
+ if(sack){
+ if(sack!=2 || interp_ack_vect((u_char*)dccph)){
+ ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1);
+ }
+ }
+
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=0;
+ tcph->rst=0;
+
+ /*calculate length*/
+ new->length=tcph->doff*4;
+ return 1;
+}
+
+int handle_syncack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ struct dccp_hdr_ack_bits *dccphack;
+ int optlen;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+ dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do Conversion*/
+ if(green){
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1));
+ }else{
+ tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1));
+ }
+ h1->high_ack=ntohl(tcph->ack_seq);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type));
+ if(yellow){
+ tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low)));
+ }else{
+ tcph->window=htons(0);
+ }
+ if(sack){
+ if(sack!=2 || interp_ack_vect((u_char*)dccph)){
+ ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1);
+ }
+ }
+
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=0;
+ tcph->rst=0;
+
+ /*calculate length*/
+ new->length=tcph->doff*4;
+ return 1;
+}
+
+int handle_data(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2)
+{
+ struct tcphdr *tcph;
+ struct dccp_hdr *dccph;
+ struct dccp_hdr_ext *dccphex;
+ int datalength;
+ int optlen;
+ const u_char* pd;
+ u_char* npd;
+ const u_char* dccpopt;
+
+ /*length check*/
+ if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)){
+ return 0;
+ }
+
+ /*cast header pointers*/
+ tcph=(struct tcphdr*)new->data;
+ dccph=(struct dccp_hdr*)old->data;
+ dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr));
+
+ /*determine data length*/
+ datalength=old->length - dccph->dccph_doff*4;
+ pd=old->data + dccph->dccph_doff*4;
+
+ /*Process DCCP Options*/
+ dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext);
+ optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext);
+ if(!parse_options(dccpopt,optlen,h1,h2)){
+ return 0;
+ }
+
+ /*Do conversion*/
+ tcph->ack_seq=htonl(h1->high_ack);
+ tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type));
+ tcph->syn=0;
+ tcph->ack=1;
+ tcph->fin=0;
+ tcph->rst=0;
+
+ /*copy data*/
+ npd=new->data + tcph->doff*4;
+ memcpy(npd, pd, datalength);
+
+ /*calculate length*/
+ new->length=tcph->doff*4 + datalength;
+ return 1;
+}
+
+int parse_options(const u_char* opt_start, int len, struct hcon* A, struct hcon* B)
+{
+ int optlen;
+ int length;
+ const u_char* opt;
+
+ /*setup pointer to DCCP options and determine how long the options are*/
+ optlen=len;
+ opt=opt_start;
+
+ /*parse options*/
+ while(optlen > 0){
+ /*One byte options (no length)*/
+ if(*opt< 32){
+ optlen--;
+ opt++;
+ continue;
+ }
+
+ /*Check option length*/
+ length=*(opt+1);
+ if(length > optlen){
+ dbgprintf(0, "Warning: Option would extend into packet data\n");
+ return 0;
+ }
+ if(length < 2){
+ dbgprintf(0, "Warning: Bad Option!\n");
+ return 0;
+ }
+
+ /*Ack Vector Option*/
+ if(*opt==38 || *opt==39){
+
+ }
+
+ /*NDP Count Option*/
+ if(*opt==37){
+
+ }
+
+ /*Feature negotation*/
+ if(*opt==32){
+ /*Change L*/
+ if(!process_feature(opt+2,length-2,FALSE,TRUE,A,B)){
+ return 0;
+ }
+ }
+ if(*opt==33){
+ /*Confirm L*/
+ if(!process_feature(opt+2,length-2,TRUE,TRUE,A,B)){
+ return 0;
+ }
+ }
+ if(*opt==34){
+ /*Change R*/
+ if(!process_feature(opt+2,length-2,FALSE,FALSE,A,B)){
+ return 0;
+ }
+ }
+ if(*opt==35){
+ /*Confirm R*/
+ if(!process_feature(opt+2,length-2,TRUE,FALSE,A,B)){
+ return 0;
+ }
+ }
+
+ optlen-=length;
+ opt+=length;
+ }
+
+ return 1;
+}
+
+int process_feature(const u_char* feat, int len, int confirm, int L, struct hcon* A, struct hcon* B)
+{
+ const u_char* val;
+ int ccid;
+
+ val=feat+1;
+
+ switch(*feat){
+ case 1:
+ /*CCID*/
+ if(confirm==FALSE){
+ switch(*val){
+ case 2:
+ ccid=CCID2;
+ break;
+ case 3:
+ ccid=CCID3;
+ break;
+ default:
+ ccid=UNKNOWN;
+ break;
+ }
+ if(L==TRUE){
+ B->type=ccid;
+ }else{
+ A->type=ccid;
+ }
+ }
+ break;
+ case 2:
+ /*Short sequence nums*/
+ if(confirm==FALSE && *val==1){
+ dbgprintf(0,"Error! DCCP is trying to turn on short sequence numbers! We do not support this!!\n");
+ exit(1);
+ }
+ break;
+ }
+ return 1;
+}
+
+/*Ack Vector to SACK Option*/
+void ack_vect2sack(struct hcon *hcn, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr,
+ __be32 dccpack, struct hcon* o_hcn)
+{
+ int hdrlen=((struct dccp_hdr*)dccphdr)->dccph_doff*4;
+ int optlen;
+ int len;
+ int tmp;
+ __be32 bp;
+ u_char* temp;
+ u_char* opt;
+ u_char* cur;
+ u_char* tlen;
+ u_int32_t bL=0;
+ u_int32_t bR;
+ u_int32_t* pL;
+ u_int32_t* pR;
+ int num_blocks;
+ int cont;
+ int isopt;
+
+ /*setup pointer to DCCP options and determine how long the options are*/
+ optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits);
+ opt=dccphdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits);
+
+ if(optlen<=0){
+ return;
+ }
+
+ /*setup tcp pointers*/
+ num_blocks=4;
+ *tcpopts=5;
+ tlen=tcpopts+1;
+ temp=tlen;
+ temp++;
+ pL=(u_int32_t*)temp;
+ pR=pL+1;
+
+ /*setup tcp control variables*/
+ bp=dccpack;
+ cont=0;
+ *tlen=2;
+ isopt=0;
+
+ /*parse options*/
+ while(optlen > 0){
+
+ /*One byte options (no length)*/
+ if(*opt< 32){
+ optlen--;
+ opt++;
+ continue;
+ }
+
+ len=*(opt+1);
+ if(len > optlen){
+ dbgprintf(0, "Warning: Option would extend into packet data\n");
+ break;
+ }
+
+ /*Ack Vector Option*/
+ if(*opt==38 || *opt==39){
+ tmp=len-2;
+ cur=opt+2;
+ /*loop through Vector*/
+ while(tmp > 0){
+ /*ack vector works BACKWARDS through time*/
+
+ if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet
+ if(cont){ /*end a SACK run, if one is started*/
+ bR=convert_ack(hcn, bp,o_hcn);
+ cont=0;
+ num_blocks--;
+ *pR=htonl(bR);
+ *pL=htonl(bL);
+ tcph->doff+=2;
+ *tlen+=8;
+ pL=pR+1;
+ pR=pL+1;
+ }
+ bp= bp - (*cur & 0x3F)- 1;
+ }
+
+ if((*cur & 0xC0)==0x00){ //received packet
+ if(!cont){ /*if no SACK run and we can start another one, do so*/
+ if(num_blocks>0){
+ bL=convert_ack(hcn, bp, o_hcn);
+ isopt=1;
+ cont=1;
+
+ }
+ }
+ bp = bp -(*cur & 0x3F)- 1;
+ }
+ tmp--;
+ cur++;
+ }
+ }
+
+ optlen-=len;
+ opt+=len;
+ }
+
+ /*if we are in the middle of a SACK run, close it*/
+ if(cont){
+ bR=convert_ack(hcn, bp,o_hcn);
+ *pR=htonl(bR);
+ *pL=htonl(bL);
+ tcph->doff+=2;
+ *tlen+=8;
+ cont=0;
+ }
+
+ /*adjust length if the option is actually added*/
+ if(isopt){
+ tcph->doff+=1;
+ }
+return;
+}
+
+void version()
+{
dbgprintf(0, "dccp2tcp version %.1f\nCopyright (C) %i Samuel Jero <sj323707@ohio.edu>\n", DCCP2TCP_VERSION,COPYRIGHT_YEAR);
dbgprintf(0, "This program comes with ABSOLUTELY NO WARRANTY.\n");
dbgprintf(0, "This is free software, and you are welcome to\nredistribute it under certain conditions.\n");
/*Usage information for program*/
void usage()
{
- dbgprintf(0,"Usage: dccp2tcp dccp_file tcp_file [-d] [-h] [-V] [-y] [-g] [-s]\n");
+ dbgprintf(0,"Usage: dccp2tcp [-d] [-h] [-V] [-y] [-g] [-s] dccp_file tcp_file\n");
dbgprintf(0, " -d Debug. May be repeated for aditional verbosity.\n");
dbgprintf(0, " -V Version information\n");
dbgprintf(0, " -h Help\n");