X-Git-Url: http://sjero.net/git/?p=ltp2tcp;a=blobdiff_plain;f=encap.c;h=c841ba29e5d76098a67f3bf2b26af1626a22b4a4;hp=51d236784a59af47e758d8c91861ecbac33b6f7c;hb=HEAD;hpb=4ef2689dab73489e6f68794f7eae59dd0010385c

diff --git a/encap.c b/encap.c
index 51d2367..c841ba2 100644
--- a/encap.c
+++ b/encap.c
@@ -1,12 +1,34 @@
 /******************************************************************************
-Author: Samuel Jero
+Utility to convert a LTP flow to a TCP flow for LTP analysis via tcptrace.
+Utility Functions for Encapsulation
 
-Date: 12/2010
+Copyright (C) 2013  Samuel Jero <sj323707@ohio.edu>
 
-Description:  Utility Functions for Encapsulation
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
 
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Author: Samuel Jero <sj323707@ohio.edu>
+Date: 06/2013
+
+Notes:
+	1)Only handles one LTP "connection". There isn't a good way to separate
+		different LTP "connections" from new sessions of the same "connection".
+		Use Tcpdump filters to separate connections. Libpcap filtering could also
+		be added in ltp2tcp.
+	2)Uses some special types from Linux (u_char, u_int32_t)
 ******************************************************************************/
 #include "ltp2tcp.h"
+#include "checksums.h"
 
 
 
@@ -53,6 +75,7 @@ int fill_eip4_encap(struct eip4_en_p *eip, const u_char* data, int dlen, struct
 /* encapsulation manipulation after conversion */
 int eip4_post(struct eip4_en_p *eip, int tlen, u_char* data){
 	struct iphdr *iph;
+	struct tcphdr *tcph;
 
 	/* Move data pointer to start of IPv4 header*/
 	data+=sizeof(struct ether_header);
@@ -65,7 +88,17 @@ int eip4_post(struct eip4_en_p *eip, int tlen, u_char* data){
 
 	/*Adjust IPv4 header to account for packet's total length*/
 	iph=(struct iphdr*)data;
-	iph->tot_len=htons(sizeof(struct iphdr)+tlen);
+	iph->tot_len=htons(iph->ihl*4+tlen);
+
+	/*Compute IPv4 Checksum*/
+	iph->check=0;
+	iph->check=ipv4_chksum(data,iph->ihl*4);
+
+	/*Compute TCP Checksum*/
+	data+=iph->ihl*4;
+	tcph=(struct tcphdr*)data;
+	tcph->check=0;
+	tcph->check=ipv4_pseudohdr_chksum(data, tlen, (u_char*)&iph->daddr, (u_char*)&iph->saddr, iph->protocol);
 	return 0;
 }
 
@@ -114,6 +147,10 @@ int eip4_handshake(struct eip4_en_p *eip, struct pcap_pkthdr *h){
 		iph->check=htonl(0);
 		iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr)+4);
 
+		/*Compute IPv4 Checksum*/
+		iph->check=0;
+		iph->check=ipv4_chksum((u_char*)iph,iph->ihl*4);
+
 		/*Build TCP header*/
 		ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
 		tcph=(struct tcphdr*)ptr;
@@ -140,6 +177,11 @@ int eip4_handshake(struct eip4_en_p *eip, struct pcap_pkthdr *h){
 		ptr++;
 		*ptr=2;
 
+		/*Compute TCP Checksum*/
+		tcph->check=0;
+		tcph->check=ipv4_pseudohdr_chksum((u_char*)tcph,tcph->doff*4,
+										(u_char*)&iph->daddr, (u_char*)&iph->saddr, iph->protocol);
+
 		/*Save To Packet Capture*/
 		pcap_dump((u_char*)state.out,&nh, data);
 
@@ -167,6 +209,10 @@ int eip4_handshake(struct eip4_en_p *eip, struct pcap_pkthdr *h){
 		iph->daddr=temp;
 		iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr)+4);
 
+		/*Compute IPv4 Checksum*/
+		iph->check=0;
+		iph->check=ipv4_chksum((u_char*)iph,iph->ihl*4);
+
 		/*Build TCP header*/
 		ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
 		tcph=(struct tcphdr*)ptr;
@@ -193,6 +239,11 @@ int eip4_handshake(struct eip4_en_p *eip, struct pcap_pkthdr *h){
 		ptr++;
 		*ptr=2;
 
+		/*Compute TCP Checksum*/
+		tcph->check=0;
+		tcph->check=ipv4_pseudohdr_chksum((u_char*)tcph,tcph->doff*4 ,
+									(u_char*)&iph->daddr, (u_char*)&iph->saddr, iph->protocol);
+
 		/*Save To Packet Capture*/
 		pcap_dump((u_char*)state.out,&nh, data);
 
@@ -216,6 +267,10 @@ int eip4_handshake(struct eip4_en_p *eip, struct pcap_pkthdr *h){
 		iph->check=htonl(0);
 		iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
 
+		/*Compute IPv4 Checksum*/
+		iph->check=0;
+		iph->check=ipv4_chksum((u_char*)iph,iph->ihl*4);
+
 		/*Build TCP header*/
 		ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
 		tcph=(struct tcphdr*)ptr;
@@ -236,6 +291,11 @@ int eip4_handshake(struct eip4_en_p *eip, struct pcap_pkthdr *h){
 		tcph->ack_seq=htonl(state.ack_num);
 		tcph->window=htons(WIN_FACTOR);
 
+		/*Compute TCP Checksum*/
+		tcph->check=0;
+		tcph->check=ipv4_pseudohdr_chksum((u_char*)tcph,tcph->doff*4,
+								(u_char*)&iph->daddr, (u_char*)&iph->saddr, iph->protocol);
+
 		/*Save To Packet Capture*/
 		pcap_dump((u_char*)state.out,&nh, data);
 	return 0;
@@ -286,6 +346,10 @@ int eip4_fin(struct eip4_en_p *eip){
 		iph->check=htonl(0);
 		iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
 
+		/*Compute IPv4 Checksum*/
+		iph->check=0;
+		iph->check=ipv4_chksum((u_char*)iph,iph->ihl*4);
+
 		/*Build TCP header*/
 		ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
 		tcph=(struct tcphdr*)ptr;
@@ -309,6 +373,11 @@ int eip4_fin(struct eip4_en_p *eip){
 		/*Update Sequence Number to include the fin packet in the sequence number space*/
 		state.seq_num++;
 
+		/*Compute TCP Checksum*/
+		tcph->check=0;
+		tcph->check=ipv4_pseudohdr_chksum((u_char*)tcph,tcph->doff*4,
+								(u_char*)&iph->daddr, (u_char*)&iph->saddr, iph->protocol);
+
 		/* Save To Packet Capture*/
 		pcap_dump((u_char*)state.out,&nh, data);
 
@@ -335,6 +404,10 @@ int eip4_fin(struct eip4_en_p *eip){
 		iph->daddr=temp;
 		iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
 
+		/*Compute IPv4 Checksum*/
+		iph->check=0;
+		iph->check=ipv4_chksum((u_char*)iph,iph->ihl*4);
+
 		/*Build TCP header*/
 		ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
 		tcph=(struct tcphdr*)ptr;
@@ -355,6 +428,11 @@ int eip4_fin(struct eip4_en_p *eip){
 		tcph->ack_seq=htonl(state.seq_num);
 		tcph->window=htons(WIN_FACTOR);
 
+		/*Compute TCP Checksum*/
+		tcph->check=0;
+		tcph->check=ipv4_pseudohdr_chksum((u_char*)tcph,sizeof(struct tcphdr),
+								(u_char*)&iph->daddr, (u_char*)&iph->saddr, iph->protocol);
+
 		/*Save To Packet Capture*/
 		pcap_dump((u_char*)state.out,&nh, data);
 
@@ -378,6 +456,10 @@ int eip4_fin(struct eip4_en_p *eip){
 		iph->check=htonl(0);
 		iph->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
 
+		/*Compute IPv4 Checksum*/
+		iph->check=0;
+		iph->check=ipv4_chksum((u_char*)iph,iph->ihl*4);
+
 		/*Build TCP header*/
 		ptr+=sizeof(struct ether_header)+ sizeof(struct iphdr);
 		tcph=(struct tcphdr*)ptr;
@@ -398,6 +480,11 @@ int eip4_fin(struct eip4_en_p *eip){
 		tcph->ack_seq=htonl(state.ack_num);
 		tcph->window=htons(WIN_FACTOR);
 
+		/*Compute TCP Checksum*/
+		tcph->check=0;
+		tcph->check=ipv4_pseudohdr_chksum((u_char*)tcph,tcph->doff*4,
+								(u_char*)&iph->daddr, (u_char*)&iph->saddr, iph->protocol);
+
 		/*Save To Packet Capture*/
 		pcap_dump((u_char*)state.out,&nh, data);
 	return 0;