1 /******************************************************************************
6 Description: Utility Functions for Encapsulation
8 ******************************************************************************/
13 /*Encapsulation Selection*/
14 void encap_sel(char* string){
15 if(strcmp(string, "udp")==0 || strcmp(string,"UDP")==0){ /*UDP*/
16 state.en_ops=&udp_encap;
19 if(strcmp(string, "dccp")==0 || strcmp(string,"DCCP")==0){ /*DCCP*/
20 state.en_ops=&dccp_encap;
23 if(strcmp(string, "sll")==0 || strcmp(string,"SLL")==0){ /*SLL (Linux Cooked Capture)*/
24 state.en_ops=&sll_encap;
27 printf("Encapsulation type: %s is not supported\n", string);
32 /*Fill the encapsulation structure*/
33 int fill_eip4_encap(struct eip4_en_p *eip, const u_char* data, int dlen, struct pcap_pkthdr *h){
35 if(eip==NULL || data==NULL || h==NULL || dlen < sizeof(struct ether_header)+sizeof(struct iphdr)){
36 dbgprintf(1, "Error: Ethernet, IPv4 Encapsulation method given bad data!\n");
41 /* First time, allocate memory and copy libpcap header and encap headers
42 * this guarantees the IP "direction" of the encap headers */
43 memcpy(&eip->header, h, sizeof(struct pcap_pkthdr));
44 memcpy(eip->od, data,sizeof(struct ether_header)+sizeof(struct iphdr));
47 /* Just update the libpcap header (and associated timestamp)*/
48 memcpy(&eip->header, h, sizeof(struct pcap_pkthdr));
53 /* encapsulation manipulation after conversion */
54 int eip4_post(struct eip4_en_p *eip, int tlen, u_char* data){
57 /* Move data pointer to start of IPv4 header*/
58 data+=sizeof(struct ether_header);
60 /*Determine if the given length is reasonable*/
61 if((tlen+sizeof(struct iphdr)) > 0xFFFF){
62 dbgprintf(1, "Error: Given TCP header+data length is too large for an IPv4 packet!\n");
66 /*Adjust IPv4 header to account for packet's total length*/
67 iph=(struct iphdr*)data;
68 iph->tot_len=htons(sizeof(struct iphdr)+tlen);
72 /* Create a TCP three-way handshake */
73 int eip4_handshake(struct eip4_en_p *eip, struct pcap_pkthdr *h){
78 struct pcap_pkthdr nh;
82 if(h==NULL || state.en_priv==NULL || eip==NULL){
83 dbgprintf(1, "Error: Ethernet, IPv4 Encapsulation handshake method given bad data!\n");
87 /*create new libpcap header*/
88 memcpy(&nh, h, sizeof(struct pcap_pkthdr));
90 /*create buffer for new packet*/
91 ptr=data=malloc(MAX_PACKET);
93 dbgprintf(0,"Error: Couldn't allocate Memory\n");
97 /* 1)Create Syn Packet*/
98 /*make sure the packet is all zero*/
99 memset(data, 0, MAX_PACKET);
102 /*Set the libpcap header*/
103 nh.caplen=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr)+4;
104 nh.len=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr)+4;
105 nh.ts.tv_usec-=3000; /*Time comes from the first packet received, so make these packets earlier*/
107 /* Copy Ethernet and IP headers from private data area*/
108 /* These are headers from the first packet in the capture*/
109 memcpy(ptr, eip->od, sizeof(struct ether_header)+ sizeof(struct iphdr));
112 iph= (struct iphdr *) (ptr + sizeof(struct ether_header));
115 iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr)+4);
118 ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
119 tcph=(struct tcphdr*)ptr;
120 tcph->source=htons(1113);
121 tcph->dest=htons(1113);
123 tcph->check=htonl(0);
132 /*Initialize Sequence and Acknowledgment Numbers and Window*/
133 tcph->seq=htonl(state.seq_num++);
134 tcph->ack_seq=htonl(0);
135 tcph->window=htons(WIN_FACTOR);
137 /* Add SACK permitted option*/
138 ptr+=sizeof(struct tcphdr);
143 /*Save To Packet Capture*/
144 pcap_dump((u_char*)state.out,&nh, data);
147 /* 2)Create Syn,Ack Packet*/
148 /*make sure the packet is all zero*/
149 memset(data, 0, MAX_PACKET);
152 /*Set the libpcap header*/
153 nh.caplen=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr)+4;
154 nh.len=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr)+4;
155 nh.ts.tv_usec+=1000; /*This packet is 1/3rd closer to the first packet then the previous packet created*/
157 /* Copy Ethernet and IP headers from private data area*/
158 /* These are headers from the first packet in the capture*/
159 memcpy(data, eip->od, sizeof(struct ether_header)+ sizeof(struct iphdr));
161 /*Adjust IP header, including swapping source and destination*/
162 iph= (struct iphdr *) (ptr + sizeof(struct ether_header));
166 iph->saddr=iph->daddr;
168 iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr)+4);
171 ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
172 tcph=(struct tcphdr*)ptr;
173 tcph->source=htons(1113);
174 tcph->dest=htons(1113);
176 tcph->check=htonl(0);
185 /*Initialize Sequence and Acknowledgement Numbers and Window*/
186 tcph->seq=htonl(state.ack_num++);
187 tcph->ack_seq=htonl(state.seq_num);
188 tcph->window=htons(WIN_FACTOR);
190 /* Add SACK permitted option*/
191 ptr+=sizeof(struct tcphdr);
196 /*Save To Packet Capture*/
197 pcap_dump((u_char*)state.out,&nh, data);
199 /* 3)Create Ack Packet*/
200 /*make sure the packet is all zero*/
201 memset(data, 0, MAX_PACKET);
204 /*Set the libpcap header*/
205 nh.caplen=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
206 nh.len=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
207 nh.ts.tv_usec+=1000; /*This packet is 2/3rds between SYN and first packet*/
209 /* Copy Ethernet and IP headers from private data area*/
210 /* These are headers from the first packet in the capture*/
211 memcpy(data, eip->od, sizeof(struct ether_header)+ sizeof(struct iphdr));
214 iph= (struct iphdr *) (ptr + sizeof(struct ether_header));
217 iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
220 ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
221 tcph=(struct tcphdr*)ptr;
222 tcph->source=htons(1113);
223 tcph->dest=htons(1113);
225 tcph->check=htonl(0);
234 /*Initialize Sequence and Acknowledgement numbers and window*/
235 tcph->seq=htonl(state.seq_num++);
236 tcph->ack_seq=htonl(state.ack_num);
237 tcph->window=htons(WIN_FACTOR);
239 /*Save To Packet Capture*/
240 pcap_dump((u_char*)state.out,&nh, data);
244 /* Create a TCP ending handshake */
245 int eip4_fin(struct eip4_en_p *eip){
250 struct pcap_pkthdr nh;
255 dbgprintf(1,"Error: Ethernet, IPv4 Encapsulation Finish method given invalid data!\n");
259 /*copy the libpcap header from private data area*/
260 memcpy(&nh, &eip->header, sizeof(struct pcap_pkthdr));
262 /*create buffer for new packet*/
263 ptr=data=malloc(MAX_PACKET);
265 dbgprintf(0,"Error: Couldn't allocate Memory\n");
269 /* 1)Create Fin Packet*/
270 /*make sure the packet is all zero*/
271 memset(data, 0, MAX_PACKET);
274 /*Set the libpcap header*/
275 nh.caplen=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
276 nh.len=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
277 nh.ts.tv_usec+=1000; /*Time is from the last packet in the capture; make this packet after that packet*/
279 /* Copy Ethernet and IP headers from private data area*/
280 /* These are headers from the first packet in the capture*/
281 memcpy(ptr, eip->od, sizeof(struct ether_header)+ sizeof(struct iphdr));
284 iph= (struct iphdr *) (ptr + sizeof(struct ether_header));
287 iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
290 ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
291 tcph=(struct tcphdr*)ptr;
292 tcph->source=htons(1113);
293 tcph->dest=htons(1113);
295 tcph->check=htonl(0);
304 /* Adjust Sequence and Acknowledgment numbers and window*/
305 tcph->seq=htonl(++state.seq_num);
306 tcph->ack_seq=htonl(state.ack_num);
307 tcph->window=htons(WIN_FACTOR);
309 /*Update Sequence Number to include the fin packet in the sequence number space*/
312 /* Save To Packet Capture*/
313 pcap_dump((u_char*)state.out,&nh, data);
315 /* 2)Create Fin,Ack Packet*/
316 /*make sure the packet is all zero*/
317 memset(data, 0, MAX_PACKET);
320 /*Set the libpcap header*/
321 nh.caplen=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
322 nh.len=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
323 nh.ts.tv_usec+=1000; /*After the previous packet*/
325 /* Copy Ethernet and IP headers from private data area*/
326 /* These are headers from the first packet in the capture*/
327 memcpy(ptr, eip->od, sizeof(struct ether_header)+ sizeof(struct iphdr));
329 /*Update IP header, including swapping source and destination addresses*/
330 iph= (struct iphdr *) (ptr + sizeof(struct ether_header));
334 iph->saddr=iph->daddr;
336 iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
339 ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
340 tcph=(struct tcphdr*)ptr;
341 tcph->source=htons(1113);
342 tcph->dest=htons(1113);
344 tcph->check=htonl(0);
353 /*Adjust Sequence and Acknowledgment numbers and window*/
354 tcph->seq=htonl(state.ack_num++);
355 tcph->ack_seq=htonl(state.seq_num);
356 tcph->window=htons(WIN_FACTOR);
358 /*Save To Packet Capture*/
359 pcap_dump((u_char*)state.out,&nh, data);
361 /* 3)Create Ack Packet*/
362 /*make sure the packet is all zero*/
363 memset(data, 0, MAX_PACKET);
366 /*Set the libpcap header*/
367 nh.caplen=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
368 nh.len=sizeof(struct ether_header) +sizeof(struct iphdr)+sizeof(struct tcphdr);
369 nh.ts.tv_usec+=1000; /*After the previous packet*/
371 /* Copy Ethernet and IP headers from private data area*/
372 /* These are headers from the first packet in the capture*/
373 memcpy(ptr, eip->od, sizeof(struct ether_header)+ sizeof(struct iphdr));
376 iph= (struct iphdr *) (ptr + sizeof(struct ether_header));
379 iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
382 ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
383 tcph=(struct tcphdr*)ptr;
384 tcph->source=htons(1113);
385 tcph->dest=htons(1113);
387 tcph->check=htonl(0);
396 /*Adjust Sequence and Acknowledgment numbers and window*/
397 tcph->seq=htonl(state.seq_num++);
398 tcph->ack_seq=htonl(state.ack_num);
399 tcph->window=htons(WIN_FACTOR);
401 /*Save To Packet Capture*/
402 pcap_dump((u_char*)state.out,&nh, data);