From: Samuel Jero Date: Tue, 5 Feb 2013 22:31:06 +0000 (-0500) Subject: Addition of CCID3 support!!! Involves major refactoring. X-Git-Url: http://sjero.net/git/?p=dccp2tcp;a=commitdiff_plain;h=20f1a0d4c106ab4927e9b1c1ad097fbb9179eae7 Addition of CCID3 support!!! Involves major refactoring. --- diff --git a/Makefile b/Makefile index 6a534c9..ccff022 100644 --- a/Makefile +++ b/Makefile @@ -22,8 +22,8 @@ MANDIR = /usr/local/man all: dccp2tcp dccp2tcp.1 -dccp2tcp: dccp2tcp.o encap.o connections.o ccid2.o checksums.o - gcc ${CFLAGS} ${LDLIBS} --std=gnu99 dccp2tcp.o encap.o connections.o ccid2.o checksums.o -odccp2tcp +dccp2tcp: dccp2tcp.o encap.o connections.o checksums.o + gcc ${CFLAGS} ${LDLIBS} --std=gnu99 dccp2tcp.o encap.o connections.o checksums.o -odccp2tcp dccp2tcp.o: dccp2tcp.h dccp2tcp.c gcc ${CFLAGS} ${LDLIBS} --std=gnu99 -c dccp2tcp.c -odccp2tcp.o @@ -31,9 +31,6 @@ dccp2tcp.o: dccp2tcp.h dccp2tcp.c encap.o: encap.c dccp2tcp.h encap.h gcc ${CFLAGS} ${LDLIBS} --std=gnu99 -c encap.c -oencap.o -ccid2.o: ccid2.c dccp2tcp.h - gcc ${CFLAGS} ${LDLIBS} --std=gnu99 -c ccid2.c -occid2.o - connections.o: dccp2tcp.h connections.c gcc ${CFLAGS} ${LDLIBS} --std=gnu99 -c connections.c -oconnections.o diff --git a/ccid2.c b/ccid2.c deleted file mode 100644 index f8ebb2e..0000000 --- a/ccid2.c +++ /dev/null @@ -1,650 +0,0 @@ -/****************************************************************************** -Utility to convert a DCCP flow to a TCP flow for DCCP analysis via - tcptrace. - -Copyright (C) 2013 Samuel Jero - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program. If not, see . - -Author: Samuel Jero -Date: 02/2013 - -Notes: - 1)CCID2 ONLY - 2)DCCP MUST use 48 bit sequence numbers - 3)DCCP DATA packets are not implemented (Linux doesn't use them) - 4)DCCP Ack packets show up as TCP packets containing one byte -******************************************************************************/ -#include "dccp2tcp.h" - -unsigned int interp_ack_vect(u_char* hdr); -u_int32_t initialize_seq(struct host *seq, __be32 initial); -u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type type); -u_int32_t convert_ack(struct host *seq, __be32 num); -int acked_packet_size(struct host *seq, __be32 num); -void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr, __be32 dccpack); - -/*do all the dccp to tcp conversions*/ -int ccid2_convert_packet(struct packet *new, const struct const_packet* old) -{ - struct tcphdr *tcph; - struct dccp_hdr *dccph; - struct dccp_hdr_ext *dccphex; - struct dccp_hdr_ack_bits *dccphack; - struct host *h1=NULL; - struct host *h2=NULL; - int datalength; - int len=0; - const u_char* pd; - u_char* npd; - u_char* tcpopt; - - /*cast header pointers*/ - tcph=(struct tcphdr*)new->data; - dccph=(struct dccp_hdr*)old->data; - dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); - dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); - - /*Get Hosts*/ - if(get_host(new->src_id, new->dest_id, new->id_len, - dccph->dccph_sport, dccph->dccph_dport, &h1, &h2)){ - dbgprintf(0,"Error: Can't Get Hosts!\n"); - return 0; - } - if(h1==NULL || h2==NULL){ - dbgprintf(0, "Error: Can't Get Hosts!\n"); - return 0; - } - - /*Ensure packet is at least as large as DCCP header*/ - if(dccph->dccph_type!=DCCP_PKT_DATA && - old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + - sizeof(struct dccp_hdr_ack_bits))){ - dbgprintf(0, "Error: DCCP Packet Too short!\n"); - } - - /*determine data length*/ - datalength=old->length - dccph->dccph_doff*4; - pd=old->data + dccph->dccph_doff*4; - - /*set TCP standard features*/ - tcph->source=dccph->dccph_sport; - tcph->dest=dccph->dccph_dport; - tcph->doff=5; - tcph->check=htonl(0); - tcph->urg_ptr=0; - - /*Adjust TCP advertised window size*/ - if(!yellow){ - tcph->window=htons(30000); - } - - /*make changes by packet type*/ - if(dccph->dccph_type==DCCP_PKT_REQUEST){//DCCP REQUEST -->TCP SYN - dbgprintf(2,"Packet Type: Request\n"); - if(h1->state==INIT){ - if(yellow){ - tcph->window=htons(0); - } - tcph->ack_seq=htonl(0); - tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low))); - tcph->syn=1; - tcph->ack=0; - tcph->fin=0; - tcph->rst=0; - - /* add Sack-permitted option, if relevant*/ - if(sack){ - tcpopt=(u_char*)(new->data + tcph->doff*4); - *tcpopt=4; - tcpopt++; - *tcpopt=2; - tcph->doff++; - } - - /*calculate length*/ - len=tcph->doff*4; - } - } - - if(dccph->dccph_type==DCCP_PKT_RESPONSE){//DCCP RESPONSE-->TCP SYN,ACK - dbgprintf(2,"Packet Type: Response\n"); - if(h2->state==OPEN && h1->state==INIT){ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low))); - if(yellow){ - tcph->window=htons(0); - } - tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low))); - tcph->syn=1; - tcph->ack=1; - tcph->fin=0; - tcph->rst=0; - - /* add Sack-permitted option, if relevant*/ - if(sack){ - tcpopt=(u_char*)(new->data + tcph->doff*4); - *tcpopt=4; - *(tcpopt+1)=2; - tcph->doff++; - } - - /*calculate length*/ - len=tcph->doff*4; - } - } - - if(dccph->dccph_type==DCCP_PKT_DATA){//DCCP DATA----Never seen in packet capture - dbgprintf(0,"DCCP Data packet not yet implemented\n"); - exit(1); - } - - if(dccph->dccph_type==DCCP_PKT_DATAACK){//DCCP DATAACK-->TCP ACK with data - dbgprintf(2,"Packet Type: DataAck\n"); - if(green){ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph))); - } - tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type)); - if(yellow){ - tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); - } - if(sack){ - if(sack!=2 || interp_ack_vect((u_char*)dccph)){ - ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) ); - } - } - - tcph->syn=0; - tcph->ack=1; - tcph->fin=0; - tcph->rst=0; - - /*copy data*/ - npd=new->data + tcph->doff*4; - memcpy(npd, pd, datalength); - - /*calculate length*/ - len= tcph->doff*4 + datalength; - } - - if(dccph->dccph_type==DCCP_PKT_ACK){ //DCCP ACK -->TCP ACK with no data - dbgprintf(2,"Packet Type: Ack\n"); - if(green){ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph))); - } - tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type)); - if(yellow){ - tcph->window=htons(-interp_ack_vect((u_char*)dccph)*1400); - if(-interp_ack_vect((u_char*)dccph)*1400 > 65535){ - printf("Note: TCP Window Overflow @ %d.%d\n", (int)old->h->ts.tv_sec, (int)old->h->ts.tv_usec); - } - } - if(sack){ - if(sack!=2 || interp_ack_vect((u_char*)dccph)){ - ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) ); - } - } - - tcph->syn=0; - tcph->ack=1; - tcph->fin=0; - tcph->rst=0; - - /*calculate length*/ - len=tcph->doff*4 + 1; - } - - if(dccph->dccph_type==DCCP_PKT_CLOSEREQ){//DCCP CLOSEREQ----Never seen in packet capture - dbgprintf(0,"DCCP CloseReq not yet implemented\n"); - exit(1); - } - - if(dccph->dccph_type==DCCP_PKT_CLOSE){//DCCP CLOSE-->TCP FIN,ACK - dbgprintf(2,"Packet Type: Close\n"); - update_state(h1,CLOSE); - if(green){ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph))); - } - tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type)); - if(yellow){ - tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); - } - if(sack){ - if(sack!=2 || interp_ack_vect((u_char*)dccph)){ - ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) ); - } - } - - tcph->syn=0; - tcph->ack=1; - tcph->fin=1; - tcph->rst=0; - - /*calculate length*/ - len=tcph->doff*4; - } - - if(dccph->dccph_type==DCCP_PKT_RESET){//DCCP RESET-->TCP FIN,ACK (only seen at end of connection as CLOSE ACK) - if(h2->state==CLOSE){ - update_state(h1,CLOSE); - } - dbgprintf(2,"Packet Type: Reset\n"); - if(green){ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph))); - } - tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type)); - if(yellow){ - tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); - } - if(sack){ - if(sack!=2 || interp_ack_vect((u_char*)dccph)){ - ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) ); - } - } - - tcph->syn=0; - tcph->ack=1; - tcph->fin=1; - tcph->rst=0; - - /*calculate length*/ - len=tcph->doff*4; - } - - if(dccph->dccph_type==DCCP_PKT_SYNC){//DCCP SYNC - dbgprintf(2,"Packet Type: Sync\n"); - if(green){ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph))); - } - tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type)); - if(yellow){ - tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->window=htons(0); - } - if(sack){ - if(sack!=2 || interp_ack_vect((u_char*)dccph)){ - ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low) ); - } - } - - tcph->syn=0; - tcph->ack=1; - tcph->fin=0; - tcph->rst=0; - - /*calculate length*/ - len=tcph->doff*4; - } - - if(dccph->dccph_type==DCCP_PKT_SYNCACK){//DCCP SYNACK - dbgprintf(2,"Packet Type: SyncAck\n"); - if(green){ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph))); - } - tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type)); - if(yellow){ - tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); - }else{ - tcph->window=htons(0); - } - if(sack){ - if(sack!=2 || interp_ack_vect((u_char*)dccph)){ - ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low)); - } - } - - tcph->syn=0; - tcph->ack=1; - tcph->fin=0; - tcph->rst=0; - - /*calculate length*/ - len=tcph->doff*4; - } - - if(dccph->dccph_type==DCCP_PKT_INVALID){//DCCP INVALID----Never seen in packet capture - dbgprintf(0,"Invalid DCCP Packet!!\n"); - return 0; - } - - new->length=len; -return 1; -} - - -/*Parse Ack Vector Options - * Returns the Number of packets since last recorded loss*/ -unsigned int interp_ack_vect(u_char* hdr) -{ - int hdrlen=((struct dccp_hdr*)hdr)->dccph_doff*4; - //struct dccp_hdr_ext* e=(struct dccp_hdr_ext*)hdr + sizeof(struct dccp_hdr); - int optlen; - int len; - int tmp; - int bp=0; - int additional=0; - u_char* opt; - u_char* cur; - - /*setup pointer to DCCP options and determine how long the options are*/ - optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); - opt=hdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); - - /*parse options*/ - while(optlen > 0){ - - /*One byte options (no length)*/ - if(*opt< 32){ - optlen--; - opt++; - continue; - } - - /*Check option length*/ - len=*(opt+1); - if(len > optlen){ - dbgprintf(0, "Warning: Option would extend into packet data\n"); - return additional; - } - - /*Ack Vector Option*/ - if(*opt==38 || *opt==39){ - tmp=len-2; - cur=opt+2; - /*loop through Vector*/ - while(tmp > 0){ - /*ack vector works BACKWARDS through time*/ - - /*keep track of total packets recieved and if - a packet is lost, subtract all packets received - after that*/ - if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet - bp+=(*cur & 0x3F)+1; - additional= -bp; - } - - if((*cur & 0xC0)==0x00){ //received packet - bp+= (*cur & 0x3F)+1; - } - - if(((*cur& 0xC0)!= 0xC0) && ((*cur& 0xC0)!= 0x00) && ((*cur& 0xC0)!= 0x40)){ - dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!)\n"); - } - tmp--; - cur++; - } - } - - optlen-=len; - opt+=len; - } - - dbgprintf(2,"Ack vector adding: %i\n", additional); -return additional; -} - - -/* Setup Sequence Number Structure*/ -u_int32_t initialize_seq(struct host *seq, __be32 initial) -{ - /*set default values*/ - seq->cur=0; - seq->size=TBL_SZ; - - /*allocate table*/ - seq->table=(struct tbl*)malloc(sizeof(struct tbl)*TBL_SZ); - if(seq->table==NULL){ - dbgprintf(0,"Can't Allocate Memory!\n"); - exit(1); - } - - /*add first sequence number*/ - seq->table[0].old=initial; - seq->table[0].new=initial; - seq->table[0].type=DCCP_PKT_REQUEST; - seq->table[0].size=0; - update_state(seq,OPEN); -return initial; -} - - -/*Convert Sequence Numbers*/ -u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type type) -{ - int prev; - if(seq==NULL){ - dbgprintf(0,"ERROR NULL POINTER!\n"); - exit(1); - } - - if(seq->table==NULL){ - dbgprintf(1, "Warning: Connection uninitialized\n"); - return initialize_seq(seq, num); - } - - /*account for missing packets*/ - if(num - seq->table[seq->cur].old +1 >=100){ - dbgprintf(1,"Missing more than 100 packets!\n"); - } - while(seq->table[seq->cur].old +1 < num && seq->table[seq->cur].old +1 > 0){ - prev=seq->cur; - if(num - seq->table[seq->cur].old +1 <100){ - dbgprintf(1,"Missing Packet: %X\n",seq->table[prev].new+1); - } - seq->cur=(seq->cur+1)%(seq->size);/*find next available table slot*/ - seq->table[seq->cur].old=seq->table[prev].old+1; - seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size; - seq->table[seq->cur].size=size; - seq->table[seq->cur].type=type; - } - - prev=seq->cur; - seq->cur=(seq->cur+1)%(seq->size);/*find next available table slot*/ - seq->table[seq->cur].old=num; - seq->table[seq->cur].size=size; - seq->table[seq->cur].type=type; - if(seq->table[prev].type==DCCP_PKT_REQUEST || seq->table[prev].type==DCCP_PKT_RESPONSE){ - seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size; - seq->table[seq->cur].size=1; - return seq->table[prev].new + seq->table[prev].size+1; - } - if(type==DCCP_PKT_DATA || type==DCCP_PKT_DATAACK || type==DCCP_PKT_ACK){ - seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size; - return seq->table[seq->cur].new+1; - } - if(type==DCCP_PKT_SYNC || type==DCCP_PKT_SYNCACK){ - seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size; - return seq->table[seq->cur].new; - } - seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size; -return seq->table[seq->cur].new +1; -} - - -/*Convert Ack Numbers*/ -u_int32_t convert_ack(struct host *seq, __be32 num) -{ - if(seq==NULL){ - dbgprintf(0,"ERROR NULL POINTER!\n"); - exit(1); - } - - if(seq->table==NULL){ - dbgprintf(1, "Warning: Connection uninitialized\n"); - initialize_seq(seq, num); - } - - /*loop through table looking for the DCCP ack number*/ - for(int i=0; i < seq->size; i++){ - if(seq->table[i].old==num){ - return seq->table[i].new + seq->table[i].size + 1; /*TCP acks the sequence number plus 1*/ - } - } - - dbgprintf(1, "Error: Address Not Found! looking for: %X\n", num); -return 0; -} - - -/* Get size of packet being acked*/ -int acked_packet_size(struct host *seq, __be32 num) -{ - if(seq==NULL){ - dbgprintf(0,"ERROR NULL POINTER!\n"); - exit(1); - } - - if(seq->table==NULL){ - dbgprintf(1, "Warning: Connection uninitialized\n"); - initialize_seq(seq, num); - } - - /*loop through table looking for the DCCP ack number*/ - for(int i=0; i < seq->size; i++){ - if(seq->table[i].old==num){ - return seq->table[i].size; - } - } - - dbgprintf(1, "Error: Address Not Found! looking for: %X\n", num); -return 0; -} - - -/*Ack Vector to SACK Option*/ -void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr, __be32 dccpack) -{ - int hdrlen=((struct dccp_hdr*)dccphdr)->dccph_doff*4; - int optlen; - int len; - int tmp; - __be32 bp; - u_char* temp; - u_char* opt; - u_char* cur; - u_char* tlen; - u_int32_t bL=0; - u_int32_t bR; - u_int32_t* pL; - u_int32_t* pR; - int num_blocks; - int cont; - int isopt; - - /*setup pointer to DCCP options and determine how long the options are*/ - optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); - opt=dccphdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); - - /*setup tcp pointers*/ - num_blocks=4; - *tcpopts=5; - tlen=tcpopts+1; - temp=tlen; - temp++; - pL=(u_int32_t*)temp; - pR=pL+1; - - /*setup tcp control variables*/ - bp=dccpack; - cont=0; - *tlen=2; - isopt=0; - - /*parse options*/ - while(optlen > 0){ - - /*One byte options (no length)*/ - if(*opt< 32){ - optlen--; - opt++; - continue; - } - - len=*(opt+1); - if(len > optlen){ - dbgprintf(0, "Warning: Option would extend into packet data\n"); - break; - } - - /*Ack Vector Option*/ - if(*opt==38 || *opt==39){ - tmp=len-2; - cur=opt+2; - /*loop through Vector*/ - while(tmp > 0){ - /*ack vector works BACKWARDS through time*/ - - if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet - if(cont){ /*end a SACK run, if one is started*/ - bR=convert_ack(seq, bp); - cont=0; - num_blocks--; - *pR=htonl(bR); - *pL=htonl(bL); - tcph->doff+=2; - *tlen+=8; - pL=pR+1; - pR=pL+1; - } - bp= bp - (*cur & 0x3F)- 1; - } - - if((*cur & 0xC0)==0x00){ //received packet - if(!cont){ /*if no SACK run and we can start another one, do so*/ - if(num_blocks>0){ - bL=convert_ack(seq, bp); - isopt=1; - cont=1; - - } - } - bp = bp -(*cur & 0x3F)- 1; - } - tmp--; - cur++; - } - } - - optlen-=len; - opt+=len; - } - - /*if we are in the middle of a SACK run, close it*/ - if(cont){ - bR=convert_ack(seq, bp); - *pR=htonl(bR); - *pL=htonl(bL); - tcph->doff+=2; - *tlen+=8; - cont=0; - } - - /*adjust length if the option is actually added*/ - if(isopt){ - tcph->doff+=1; - } -return; -} diff --git a/connections.c b/connections.c index 7d52313..4d04d46 100644 --- a/connections.c +++ b/connections.c @@ -2,7 +2,7 @@ Utility to convert a DCCP flow to a TCP flow for DCCP analysis via tcptrace. Functions for differentiating different DCCP connections. -Copyright (C) 2012 Samuel Jero +Copyright (C) 2013 Samuel Jero This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -18,20 +18,13 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . Author: Samuel Jero -Date: 11/2012 - -Notes: - 1)CCID2 ONLY - 2)DCCP MUST use 48 bit sequence numbers - 3)Checksums are not computed (they are zeroed) - 4)DCCP DATA packets are not implemented (Linux doesn't use them) - 5)DCCP Ack packets show up as TCP packets containing one byte +Date: 02/2013 ******************************************************************************/ #include "dccp2tcp.h" /*Lookup a connection. If it doesn't exist, add a new connection and return it.*/ int get_host(u_char *src_id, u_char* dest_id, int id_len, int src_port, int dest_port, - struct host **fwd, struct host **rev){ + struct hcon **fwd, struct hcon **rev){ struct connection *ptr; /*Empty list*/ @@ -105,15 +98,17 @@ struct connection *add_connection(u_char *src_id, u_char* dest_id, int id_len, i memcpy(ptr->A.id,src_id,id_len); ptr->A.port=src_port; ptr->A.state=INIT; + ptr->A.type=UNKNOWN; memcpy(ptr->B.id,dest_id,id_len); ptr->B.port=dest_port; ptr->B.state=INIT; + ptr->B.type=UNKNOWN; return ptr; } /*Update the state on a host*/ -int update_state(struct host* hst, enum con_state st){ +int update_state(struct hcon* hst, enum con_state st){ if(!hst){ return 1; } @@ -136,3 +131,202 @@ void cleanup_connections(){ } return; } + +/* Setup Half Connection Structure*/ +u_int32_t initialize_hcon(struct hcon *hcn, __be32 initial) +{ + /*set default values*/ + hcn->cur=0; + hcn->size=TBL_SZ; + hcn->high_ack=0; + + /*allocate table*/ + hcn->table=(struct tbl*)malloc(sizeof(struct tbl)*TBL_SZ); + if(hcn->table==NULL){ + dbgprintf(0,"Can't Allocate Memory!\n"); + exit(1); + } + + /*add first sequence number*/ + hcn->table[0].old=initial; + hcn->table[0].new=initial; + hcn->table[0].type=DCCP_PKT_REQUEST; + hcn->table[0].size=0; + update_state(hcn,OPEN); +return initial; +} + +/*Convert Sequence Numbers*/ +u_int32_t add_new_seq(struct hcon *hcn, __be32 num, int size, enum dccp_pkt_type type) +{ + int prev; + if(hcn==NULL){ + dbgprintf(0,"ERROR NULL POINTER!\n"); + exit(1); + } + + if(hcn->table==NULL){ + dbgprintf(1, "Warning: Connection uninitialized\n"); + return initialize_hcon(hcn, num); + } + + /*account for missing packets*/ + if(num - hcn->table[hcn->cur].old +1 >=100){ + dbgprintf(1,"Missing more than 100 packets!\n"); + } + while(hcn->table[hcn->cur].old +1 < num && hcn->table[hcn->cur].old +1 > 0){ + prev=hcn->cur; + if(num - hcn->table[hcn->cur].old +1 <100){ + dbgprintf(1,"Missing Packet: %X\n",hcn->table[prev].new+1); + } + hcn->cur=(hcn->cur+1)%(hcn->size);/*find next available table slot*/ + hcn->table[hcn->cur].old=hcn->table[prev].old+1; + hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size; + hcn->table[hcn->cur].size=size; + hcn->table[hcn->cur].type=type; + } + + prev=hcn->cur; + hcn->cur=(hcn->cur+1)%(hcn->size);/*find next available table slot*/ + hcn->table[hcn->cur].old=num; + hcn->table[hcn->cur].size=size; + hcn->table[hcn->cur].type=type; + if(hcn->table[prev].type==DCCP_PKT_REQUEST || hcn->table[prev].type==DCCP_PKT_RESPONSE){ + hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size; + hcn->table[hcn->cur].size=1; + return hcn->table[prev].new + hcn->table[prev].size+1; + } + if(type==DCCP_PKT_DATA || type==DCCP_PKT_DATAACK || type==DCCP_PKT_ACK){ + hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size; + return hcn->table[hcn->cur].new+1; + } + if(type==DCCP_PKT_SYNC || type==DCCP_PKT_SYNCACK){ + hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size; + return hcn->table[hcn->cur].new; + } + hcn->table[hcn->cur].new=hcn->table[prev].new + hcn->table[prev].size; +return hcn->table[hcn->cur].new +1; +} + +/*Convert Ack Numbers*/ +u_int32_t convert_ack(struct hcon *hcn, __be32 num, struct hcon *o_hcn) +{ + if(hcn==NULL){ + dbgprintf(0,"ERROR NULL POINTER!\n"); + exit(1); + } + + if(hcn->table==NULL){ + dbgprintf(1, "Warning: Connection uninitialized\n"); + initialize_hcon(hcn, num); + } + + /*loop through table looking for the DCCP ack number*/ + for(int i=0; i < hcn->size; i++){ + if(hcn->table[i].old==num){ + return hcn->table[i].new + hcn->table[i].size + 1; /*TCP acks the sequence number plus 1*/ + } + } + + dbgprintf(1, "Error: Address Not Found! looking for: %X. Using highest ACK, %i, instead\n", num, o_hcn->high_ack); +return 0; +} + +/* Get size of packet being acked*/ +int acked_packet_size(struct hcon *hcn, __be32 num) +{ + if(hcn==NULL){ + dbgprintf(0,"ERROR NULL POINTER!\n"); + exit(1); + } + + if(hcn->table==NULL){ + dbgprintf(1, "Warning: Connection uninitialized\n"); + initialize_hcon(hcn, num); + } + + /*loop through table looking for the DCCP ack number*/ + for(int i=0; i < hcn->size; i++){ + if(hcn->table[i].old==num){ + return hcn->table[i].size; + } + } + + dbgprintf(1, "Error: Address Not Found! looking for: %X\n", num); +return 0; +} + +/*Parse Ack Vector Options + * Returns the Number of packets since last recorded loss*/ +unsigned int interp_ack_vect(u_char* hdr) +{ + int hdrlen=((struct dccp_hdr*)hdr)->dccph_doff*4; + //struct dccp_hdr_ext* e=(struct dccp_hdr_ext*)hdr + sizeof(struct dccp_hdr); + int optlen; + int len; + int tmp; + int bp=0; + int additional=0; + u_char* opt; + u_char* cur; + + /*setup pointer to DCCP options and determine how long the options are*/ + optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + opt=hdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + + if(optlen<=0){ + return 0; + } + + /*parse options*/ + while(optlen > 0){ + + /*One byte options (no length)*/ + if(*opt< 32){ + optlen--; + opt++; + continue; + } + + /*Check option length*/ + len=*(opt+1); + if(len > optlen){ + dbgprintf(0, "Warning: Option would extend into packet data\n"); + return additional; + } + + /*Ack Vector Option*/ + if(*opt==38 || *opt==39){ + tmp=len-2; + cur=opt+2; + /*loop through Vector*/ + while(tmp > 0){ + /*ack vector works BACKWARDS through time*/ + + /*keep track of total packets recieved and if + a packet is lost, subtract all packets received + after that*/ + if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet + bp+=(*cur & 0x3F)+1; + additional= -bp; + } + + if((*cur & 0xC0)==0x00){ //received packet + bp+= (*cur & 0x3F)+1; + } + + if(((*cur& 0xC0)!= 0xC0) && ((*cur& 0xC0)!= 0x00) && ((*cur& 0xC0)!= 0x40)){ + dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!)\n"); + } + tmp--; + cur++; + } + } + + optlen-=len; + opt+=len; + } + + dbgprintf(2,"Ack vector adding: %i\n", additional); +return additional; +} diff --git a/dccp2tcp.c b/dccp2tcp.c index fb648cf..db9ca53 100644 --- a/dccp2tcp.c +++ b/dccp2tcp.c @@ -2,7 +2,7 @@ Utility to convert a DCCP flow to a TCP flow for DCCP analysis via tcptrace. -Copyright (C) 2012 Samuel Jero +Copyright (C) 2013 Samuel Jero This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -18,13 +18,11 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . Author: Samuel Jero -Date: 11/2012 +Date: 02/2013 Notes: - 1)CCID2 ONLY - 2)DCCP MUST use 48 bit sequence numbers - 3)DCCP DATA packets are not implemented (Linux doesn't use them) - 4)DCCP Ack packets show up as TCP packets containing one byte + 1)DCCP MUST use 48 bit sequence numbers + 2)DCCP Ack packets show up as TCP packets containing one byte ******************************************************************************/ #include "dccp2tcp.h" @@ -45,6 +43,20 @@ struct connection *chead; /*connection list*/ void handle_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *bytes); +int handle_request(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_response(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_dataack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_ack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_closereq(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_close(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_reset(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_sync(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_syncack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int handle_data(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2); +int parse_options(const u_char* opt_start, int len, struct hcon* A, struct hcon* B); +int process_feature(const u_char* feat, int len, int confirm, int L, struct hcon* A, struct hcon* B); +void ack_vect2sack(struct hcon *seq, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr, + __be32 dccpack, struct hcon* o_hcn); void version(); void usage(); @@ -206,8 +218,8 @@ int convert_packet(struct packet *new, const struct const_packet* old) struct tcphdr *tcph; struct dccp_hdr *dccph; struct dccp_hdr_ext *dccphex; - struct host *h1=NULL; - struct host *h2=NULL; + struct hcon *h1=NULL; + struct hcon *h2=NULL; /*Safety checks*/ if(!new || !old || !new->data || !old->data || !new->h || !old->h){ @@ -215,7 +227,8 @@ int convert_packet(struct packet *new, const struct const_packet* old) exit(1); return 0; } - if(old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)) || new->length < sizeof(struct dccp_hdr)){ + if(old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)) + || new->length < sizeof(struct dccp_hdr)){ dbgprintf(0, "Error: DCCP Packet Too short!\n"); return 0; } @@ -245,17 +258,83 @@ int convert_packet(struct packet *new, const struct const_packet* old) return 0; } - /*TODO: Add CCID detection*/ - if(h1->type==CCID2 && h2->type==CCID2){ - if(ccid2_convert_packet(new,old)==0){ - return 0; - } - } - if(h1->type==CCID3 && h2->type==CCID3){ - //ccid3_convert_packet(new,old); + /*set TCP standard features*/ + tcph->source=dccph->dccph_sport; + tcph->dest=dccph->dccph_dport; + tcph->doff=5; + tcph->check=htonl(0); + tcph->urg_ptr=0; + + /*Adjust TCP advertised window size*/ + if(!yellow){ + tcph->window=htons(30000); } - if(ccid2_convert_packet(new,old)==0){ - return 0; + + /*Process DCCP Packet Types*/ + switch(dccph->dccph_type){ + case DCCP_PKT_REQUEST: + dbgprintf(2,"Packet Type: Request\n"); + if(!handle_request(new, old, h1, h2)){ + return 0; + } + break; + case DCCP_PKT_RESPONSE: + dbgprintf(2,"Packet Type: Response\n"); + if(!handle_response(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_DATA: + if(!handle_data(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_DATAACK: + dbgprintf(2,"Packet Type: DataAck\n"); + if(!handle_dataack(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_ACK: + dbgprintf(2,"Packet Type: Ack\n"); + if(!handle_ack(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_CLOSEREQ: + dbgprintf(2,"Packet Type: CloseReq\n"); + if(!handle_closereq(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_CLOSE: + dbgprintf(2,"Packet Type: Close\n"); + if(!handle_close(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_RESET: + dbgprintf(2,"Packet Type: Reset\n"); + if(!handle_reset(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_SYNC: + dbgprintf(2,"Packet Type: Sync\n"); + if(!handle_sync(new,old,h1,h2)){ + return 0; + } + break; + case DCCP_PKT_SYNCACK: + dbgprintf(2,"Packet Type: SyncAck\n"); + if(!handle_syncack(new,old,h1,h2)){ + return 0; + } + break; + default: + dbgprintf(0,"Invalid DCCP Packet!!\n"); + return 0; + break; } /*Compute TCP checksums*/ @@ -269,13 +348,815 @@ int convert_packet(struct packet *new, const struct const_packet* old) new->length, new->dest_id, new->src_id, 6); }else{ tcph->check=0; - dbgprintf(2,"Unknown ID Length, can't do checksums"); + dbgprintf(2,"Unknown ID Length, can't do checksums\n"); + } + + return 1; +} + +int handle_request(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + int datalength; + int optlen; + u_char* tcpopt; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)+sizeof(struct dccp_hdr_request)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + + /*determine data length*/ + datalength=old->length - dccph->dccph_doff*4; + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)+sizeof(struct dccp_hdr_request); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr)-sizeof(struct dccp_hdr_ext)-sizeof(struct dccp_hdr_request); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do conversion*/ + if(yellow){ + tcph->window=htons(0); + } + tcph->ack_seq=htonl(0); + if(h1->state==INIT){ + tcph->seq=htonl(initialize_hcon(h1, ntohl(dccphex->dccph_seq_low))); + }else{ + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type)); + } + tcph->syn=1; + tcph->ack=0; + tcph->fin=0; + tcph->rst=0; + + /* add Sack-permitted option, if relevant*/ + if(sack){ + tcpopt=(u_char*)(new->data + tcph->doff*4); + *tcpopt=4; + tcpopt++; + *tcpopt=2; + tcph->doff++; + } + + /*calculate length*/ + new->length=tcph->doff*4; + return 1; +} + +int handle_response(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int optlen; + u_char* tcpopt; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + + sizeof(struct dccp_hdr_ack_bits)+sizeof(struct dccp_hdr_request)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + + sizeof(struct dccp_hdr_ack_bits) + sizeof(struct dccp_hdr_request); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) + - sizeof(struct dccp_hdr_ack_bits) - sizeof(struct dccp_hdr_request); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do conversion*/ + if(h2->state!=OPEN){ + dbgprintf(0,"Warning: DCCP Response without a Request!!\n"); + } + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + h1->high_ack=ntohl(tcph->ack_seq); + if(yellow){ + tcph->window=htons(0); + } + if(h1->state==INIT){ + tcph->seq=htonl(initialize_hcon(h1, ntohl(dccphex->dccph_seq_low))); } + tcph->syn=1; + tcph->ack=1; + tcph->fin=0; + tcph->rst=0; + /* add Sack-permitted option, if relevant*/ + if(sack){ + tcpopt=(u_char*)(new->data + tcph->doff*4); + *tcpopt=4; + *(tcpopt+1)=2; + tcph->doff++; + } + + /*calculate length*/ + new->length=tcph->doff*4; return 1; } -void version(){ +int handle_dataack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int datalength; + int optlen; + const u_char* pd; + u_char* npd; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*determine data length*/ + datalength=old->length - dccph->dccph_doff*4; + pd=old->data + dccph->dccph_doff*4; + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do Conversion*/ + if(green){ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + }else{ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1)); + } + h1->high_ack=ntohl(tcph->ack_seq); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type)); + if(yellow){ + tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); + } + if(sack){ + if(sack!=2 || interp_ack_vect((u_char*)dccph)){ + ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1); + } + } + tcph->syn=0; + tcph->ack=1; + tcph->fin=0; + tcph->rst=0; + + /*copy data*/ + npd=new->data + tcph->doff*4; + memcpy(npd, pd, datalength); + + /*calculate length*/ + new->length=tcph->doff*4 + datalength; + return 1; +} + +int handle_ack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int optlen; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do Conversion*/ + if(green){ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + }else{ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1)); + } + h1->high_ack=ntohl(tcph->ack_seq); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type)); + if(yellow){ + tcph->window=htons(-interp_ack_vect((u_char*)dccph)*1400); + if(-interp_ack_vect((u_char*)dccph)*1400 > 65535){ + dbgprintf(0,"Note: TCP Window Overflow @ %d.%d\n", (int)old->h->ts.tv_sec, (int)old->h->ts.tv_usec); + } + } + if(sack){ + if(sack!=2 || interp_ack_vect((u_char*)dccph)){ + ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1); + } + } + + tcph->syn=0; + tcph->ack=1; + tcph->fin=0; + tcph->rst=0; + + /*calculate length*/ + new->length=tcph->doff*4 + 1; + return 1; +} + +int handle_closereq(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int optlen; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do Conversion*/ + if(green){ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + }else{ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1)); + } + h1->high_ack=ntohl(tcph->ack_seq); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type)); + if(yellow){ + tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); + } + if(sack){ + if(sack!=2 || interp_ack_vect((u_char*)dccph)){ + ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1); + } + } + + tcph->syn=0; + tcph->ack=1; + tcph->fin=1; + tcph->rst=0; + + /*calculate length*/ + new->length=tcph->doff*4; + return 1; +} + +int handle_close(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int optlen; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do Conversion*/ + update_state(h1,CLOSE); + if(green){ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + }else{ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1)); + } + h1->high_ack=ntohl(tcph->ack_seq); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type)); + if(yellow){ + tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); + } + if(sack){ + if(sack!=2 || interp_ack_vect((u_char*)dccph)){ + ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1); + } + } + + tcph->syn=0; + tcph->ack=1; + tcph->fin=1; + tcph->rst=0; + + /*calculate length*/ + new->length=tcph->doff*4; + return 1; +} + +int handle_reset(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int optlen; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do Conversion*/ + if(h2->state==CLOSE){ + update_state(h1,CLOSE); + } + if(green){ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + }else{ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1)); + } + h1->high_ack=ntohl(tcph->ack_seq); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),1,dccph->dccph_type)); + if(yellow){ + tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); + } + if(sack){ + if(sack!=2 || interp_ack_vect((u_char*)dccph)){ + ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1); + } + } + + tcph->syn=0; + tcph->ack=1; + tcph->fin=1; + tcph->rst=0; + + /*calculate length*/ + new->length=tcph->doff*4; + return 1; +} + +int handle_sync(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int optlen; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do Conversion*/ + if(green){ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + }else{ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1)); + } + h1->high_ack=ntohl(tcph->ack_seq); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type)); + if(yellow){ + tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); + }else{ + tcph->window=htons(0); + } + if(sack){ + if(sack!=2 || interp_ack_vect((u_char*)dccph)){ + ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1); + } + } + + tcph->syn=0; + tcph->ack=1; + tcph->fin=0; + tcph->rst=0; + + /*calculate length*/ + new->length=tcph->doff*4; + return 1; +} + +int handle_syncack(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + struct dccp_hdr_ack_bits *dccphack; + int optlen; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + dccphack=(struct dccp_hdr_ack_bits*)(old->data+ sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)); + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do Conversion*/ + if(green){ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low),h1)); + }else{ + tcph->ack_seq=htonl(convert_ack(h2,ntohl(dccphack->dccph_ack_nr_low)+interp_ack_vect((u_char*)dccph),h1)); + } + h1->high_ack=ntohl(tcph->ack_seq); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),0,dccph->dccph_type)); + if(yellow){ + tcph->window=htons(-interp_ack_vect((u_char*)dccph)*acked_packet_size(h2, ntohl(dccphack->dccph_ack_nr_low))); + }else{ + tcph->window=htons(0); + } + if(sack){ + if(sack!=2 || interp_ack_vect((u_char*)dccph)){ + ack_vect2sack(h2, tcph, (u_char*)tcph + tcph->doff*4, (u_char*)dccph, ntohl(dccphack->dccph_ack_nr_low),h1); + } + } + + tcph->syn=0; + tcph->ack=1; + tcph->fin=0; + tcph->rst=0; + + /*calculate length*/ + new->length=tcph->doff*4; + return 1; +} + +int handle_data(struct packet* new, const struct const_packet* old, struct hcon* h1, struct hcon* h2) +{ + struct tcphdr *tcph; + struct dccp_hdr *dccph; + struct dccp_hdr_ext *dccphex; + int datalength; + int optlen; + const u_char* pd; + u_char* npd; + const u_char* dccpopt; + + /*length check*/ + if(new->length < sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)){ + return 0; + } + + /*cast header pointers*/ + tcph=(struct tcphdr*)new->data; + dccph=(struct dccp_hdr*)old->data; + dccphex=(struct dccp_hdr_ext*)(old->data+sizeof(struct dccp_hdr)); + + /*determine data length*/ + datalength=old->length - dccph->dccph_doff*4; + pd=old->data + dccph->dccph_doff*4; + + /*Process DCCP Options*/ + dccpopt=old->data + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext); + optlen=dccph->dccph_doff*4 - sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext); + if(!parse_options(dccpopt,optlen,h1,h2)){ + return 0; + } + + /*Do conversion*/ + tcph->ack_seq=htonl(h1->high_ack); + tcph->seq=htonl(add_new_seq(h1, ntohl(dccphex->dccph_seq_low),datalength, dccph->dccph_type)); + tcph->syn=0; + tcph->ack=1; + tcph->fin=0; + tcph->rst=0; + + /*copy data*/ + npd=new->data + tcph->doff*4; + memcpy(npd, pd, datalength); + + /*calculate length*/ + new->length=tcph->doff*4 + datalength; + return 1; +} + +int parse_options(const u_char* opt_start, int len, struct hcon* A, struct hcon* B) +{ + int optlen; + int length; + const u_char* opt; + + /*setup pointer to DCCP options and determine how long the options are*/ + optlen=len; + opt=opt_start; + + /*parse options*/ + while(optlen > 0){ + /*One byte options (no length)*/ + if(*opt< 32){ + optlen--; + opt++; + continue; + } + + /*Check option length*/ + length=*(opt+1); + if(length > optlen){ + dbgprintf(0, "Warning: Option would extend into packet data\n"); + return 0; + } + if(length < 2){ + dbgprintf(0, "Warning: Bad Option!\n"); + return 0; + } + + /*Ack Vector Option*/ + if(*opt==38 || *opt==39){ + + } + + /*NDP Count Option*/ + if(*opt==37){ + + } + + /*Feature negotation*/ + if(*opt==32){ + /*Change L*/ + if(!process_feature(opt+2,length-2,FALSE,TRUE,A,B)){ + return 0; + } + } + if(*opt==33){ + /*Confirm L*/ + if(!process_feature(opt+2,length-2,TRUE,TRUE,A,B)){ + return 0; + } + } + if(*opt==34){ + /*Change R*/ + if(!process_feature(opt+2,length-2,FALSE,FALSE,A,B)){ + return 0; + } + } + if(*opt==35){ + /*Confirm R*/ + if(!process_feature(opt+2,length-2,TRUE,FALSE,A,B)){ + return 0; + } + } + + optlen-=length; + opt+=length; + } + + return 1; +} + +int process_feature(const u_char* feat, int len, int confirm, int L, struct hcon* A, struct hcon* B) +{ + const u_char* val; + int ccid; + + val=feat+1; + + switch(*feat){ + case 1: + /*CCID*/ + if(confirm==FALSE){ + switch(*val){ + case 2: + ccid=CCID2; + break; + case 3: + ccid=CCID3; + break; + default: + ccid=UNKNOWN; + break; + } + if(L==TRUE){ + B->type=ccid; + }else{ + A->type=ccid; + } + } + break; + case 2: + /*Short sequence nums*/ + if(confirm==FALSE && *val==1){ + dbgprintf(0,"Error! DCCP is trying to turn on short sequence numbers! We do not support this!!\n"); + exit(1); + } + break; + } + return 1; +} + +/*Ack Vector to SACK Option*/ +void ack_vect2sack(struct hcon *hcn, struct tcphdr *tcph, u_char* tcpopts, u_char* dccphdr, + __be32 dccpack, struct hcon* o_hcn) +{ + int hdrlen=((struct dccp_hdr*)dccphdr)->dccph_doff*4; + int optlen; + int len; + int tmp; + __be32 bp; + u_char* temp; + u_char* opt; + u_char* cur; + u_char* tlen; + u_int32_t bL=0; + u_int32_t bR; + u_int32_t* pL; + u_int32_t* pR; + int num_blocks; + int cont; + int isopt; + + /*setup pointer to DCCP options and determine how long the options are*/ + optlen=hdrlen-sizeof(struct dccp_hdr) - sizeof(struct dccp_hdr_ext) - sizeof(struct dccp_hdr_ack_bits); + opt=dccphdr + sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); + + if(optlen<=0){ + return; + } + + /*setup tcp pointers*/ + num_blocks=4; + *tcpopts=5; + tlen=tcpopts+1; + temp=tlen; + temp++; + pL=(u_int32_t*)temp; + pR=pL+1; + + /*setup tcp control variables*/ + bp=dccpack; + cont=0; + *tlen=2; + isopt=0; + + /*parse options*/ + while(optlen > 0){ + + /*One byte options (no length)*/ + if(*opt< 32){ + optlen--; + opt++; + continue; + } + + len=*(opt+1); + if(len > optlen){ + dbgprintf(0, "Warning: Option would extend into packet data\n"); + break; + } + + /*Ack Vector Option*/ + if(*opt==38 || *opt==39){ + tmp=len-2; + cur=opt+2; + /*loop through Vector*/ + while(tmp > 0){ + /*ack vector works BACKWARDS through time*/ + + if((*cur & 0xC0)==0xC0 || (*cur & 0xC0)==0x40){ //lost packet + if(cont){ /*end a SACK run, if one is started*/ + bR=convert_ack(hcn, bp,o_hcn); + cont=0; + num_blocks--; + *pR=htonl(bR); + *pL=htonl(bL); + tcph->doff+=2; + *tlen+=8; + pL=pR+1; + pR=pL+1; + } + bp= bp - (*cur & 0x3F)- 1; + } + + if((*cur & 0xC0)==0x00){ //received packet + if(!cont){ /*if no SACK run and we can start another one, do so*/ + if(num_blocks>0){ + bL=convert_ack(hcn, bp, o_hcn); + isopt=1; + cont=1; + + } + } + bp = bp -(*cur & 0x3F)- 1; + } + tmp--; + cur++; + } + } + + optlen-=len; + opt+=len; + } + + /*if we are in the middle of a SACK run, close it*/ + if(cont){ + bR=convert_ack(hcn, bp,o_hcn); + *pR=htonl(bR); + *pL=htonl(bL); + tcph->doff+=2; + *tlen+=8; + cont=0; + } + + /*adjust length if the option is actually added*/ + if(isopt){ + tcph->doff+=1; + } +return; +} + +void version() +{ dbgprintf(0, "dccp2tcp version %.1f\nCopyright (C) %i Samuel Jero \n", DCCP2TCP_VERSION,COPYRIGHT_YEAR); dbgprintf(0, "This program comes with ABSOLUTELY NO WARRANTY.\n"); dbgprintf(0, "This is free software, and you are welcome to\nredistribute it under certain conditions.\n"); @@ -285,7 +1166,7 @@ void version(){ /*Usage information for program*/ void usage() { - dbgprintf(0,"Usage: dccp2tcp dccp_file tcp_file [-d] [-h] [-V] [-y] [-g] [-s]\n"); + dbgprintf(0,"Usage: dccp2tcp [-d] [-h] [-V] [-y] [-g] [-s] dccp_file tcp_file\n"); dbgprintf(0, " -d Debug. May be repeated for aditional verbosity.\n"); dbgprintf(0, " -V Version information\n"); dbgprintf(0, " -h Help\n"); diff --git a/dccp2tcp.h b/dccp2tcp.h index e3b373c..dafaeac 100644 --- a/dccp2tcp.h +++ b/dccp2tcp.h @@ -2,7 +2,7 @@ Utility to convert a DCCP flow to a TCP flow for DCCP analysis via tcptrace. -Copyright (C) 2012 Samuel Jero +Copyright (C) 2013 Samuel Jero This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -18,13 +18,11 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . Author: Samuel Jero -Date: 11/2012 +Date: 02/2013 Notes: - 1)CCID2 ONLY - 2)DCCP MUST use 48 bit sequence numbers - 3)DCCP DATA packets are not implemented (Linux doesn't use them) - 4)DCCP Ack packets show up as TCP packets containing one byte + 1)DCCP MUST use 48 bit sequence numbers + 2)DCCP Ack packets show up as TCP packets containing one byte ******************************************************************************/ #ifndef _DCCP2TCP_H #define _DCCP2TCP_H @@ -58,8 +56,8 @@ Notes: #define MAX_PACKET 1600 /*Maximum size of TCP packet */ #define TBL_SZ 40000 /*Size of Sequence Number Table*/ - - +#define TRUE 1 +#define FALSE 0 /*Packet structure*/ struct packet{ @@ -95,14 +93,15 @@ enum con_type{ CCID3, }; -/*Host---half of a connection*/ -struct host{ +/*Half Connection structure*/ +struct hcon{ int id_len; /*Length of ID*/ u_char *id; /*Host ID*/ __be16 port; /*Host DCCP port*/ struct tbl *table; /*Host Sequence Number Table*/ int size; /*Size of Sequence Number Table*/ int cur; /*Current TCP Sequence Number*/ + int high_ack;/*Highest ACK seen*/ enum con_state state; /*Connection state*/ enum con_type type; /*Connection type*/ }; @@ -110,8 +109,8 @@ struct host{ /*Connection structure*/ struct connection{ struct connection *next; /*List pointer*/ - struct host A; /*Host A*/ - struct host B; /*Host B*/ + struct hcon A; /*Host A*/ + struct hcon B; /*Host B*/ }; /*sequence number table structure */ @@ -143,13 +142,17 @@ int do_encap(int link, struct packet *new, const struct const_packet *old); /*Connection functions*/ int get_host(u_char *src_id, u_char* dest_id, int id_len, int src_port, int dest_port, - struct host **fwd, struct host **rev); + struct hcon **fwd, struct hcon **rev); struct connection *add_connection(u_char *src_id, u_char* dest_id, int id_len, int src_port, int dest_port); -int update_state(struct host* hst, enum con_state st); +int update_state(struct hcon* hst, enum con_state st); void cleanup_connections(); -/*Per-CCID convert functions*/ -int ccid2_convert_packet(struct packet *new, const struct const_packet* old); +/*Half Connection/Sequence number functions*/ +u_int32_t initialize_hcon(struct hcon *hcn, __be32 initial); +u_int32_t add_new_seq(struct hcon *hcn, __be32 num, int size, enum dccp_pkt_type type); +u_int32_t convert_ack(struct hcon *hcn, __be32 num, struct hcon *o_hcn); +int acked_packet_size(struct hcon *hcn, __be32 num); +unsigned int interp_ack_vect(u_char* hdr); #endif