├── bin
└── delete-me
├── dist
├── delete-me
└── signdist.sh
├── .gitignore
├── mkdist.sh
├── getversion.sh
├── setversion.sh
├── doc
├── DOWNLOAD.md
├── README.md
├── t50.8
└── README.modules
├── configure
├── src
├── include
│ ├── configuration.h
│ ├── t50_cksum.h
│ ├── t50_errors.h
│ ├── t50_shuffle.h
│ ├── t50_memalloc.h
│ ├── protocol
│ │ ├── t50_ip.h
│ │ ├── t50_igmp.h
│ │ ├── t50_rip.h
│ │ ├── t50_tcp_options.h
│ │ ├── t50_eigrp.h
│ │ ├── t50_egp.h
│ │ ├── t50_rsvp.h
│ │ ├── t50_gre.h
│ │ └── t50_ospf.h
│ ├── t50_cidr.h
│ ├── t50_randomizer.h
│ ├── t50_help.h
│ ├── t50_netio.h
│ ├── t50_typedefs.h
│ ├── t50_defines.h
│ └── t50_modules.h
├── shuffle.c
├── help
│ ├── ipsec_help.c
│ ├── icmp_help.c
│ ├── ip_help.c
│ ├── gre_help.c
│ ├── egp_help.c
│ ├── general_help.c
│ ├── igmp_help.c
│ ├── rip_help.c
│ ├── eigrp_help.c
│ ├── rsvp_help.c
│ ├── tcp_udp_dccp_help.c
│ └── ospf_help.c
├── cksum.c
├── errors.c
├── memalloc.c
├── usage.c
├── modules
│ ├── igmpv1.c
│ ├── icmp.c
│ ├── ip.c
│ ├── udp.c
│ ├── egp.c
│ ├── ipsec.c
│ ├── ripv1.c
│ ├── igmpv3.c
│ ├── gre.c
│ └── dccp.c
├── cidr.c
├── randomizer.c
└── netio.c
├── TODO
├── README.md
├── Makefile
└── CHANGELOG
/bin/delete-me:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/dist/delete-me:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *.tar.gz
2 | *.o
3 | *.asc
4 |
--------------------------------------------------------------------------------
/mkdist.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | make dist
4 |
--------------------------------------------------------------------------------
/getversion.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | grep ^VERSION Makefile
4 |
--------------------------------------------------------------------------------
/dist/signdist.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ -z "$1" ]; then
4 | echo Usage: $0 filename
5 | exit 1
6 | fi
7 |
8 | gpg2 -sab "$1"
9 |
--------------------------------------------------------------------------------
/setversion.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | if [ -z "$1" ]; then
4 | cat <<@@
5 | Usage: $(basename $0) version
6 |
7 | Example:
8 | $ ./$(basename $0) 5.7.3
9 | @@
10 |
11 | exit 1
12 | fi
13 |
14 | sed -i "s/PACKAGE_VERSION[ \t]\+\"\(.\+\)\"/PACKAGE_VERSION \"$1\"/" src/include/configuration.h
15 | sed -i "s/^VERSION=\(.\+\)/VERSION=$1/" Makefile
16 |
--------------------------------------------------------------------------------
/doc/DOWNLOAD.md:
--------------------------------------------------------------------------------
1 | Download and Installing {#download}
2 | =======================
3 |
4 | Download T50 source code from sourceforge at http://t50.sf.net or from GitLab at http:://gitlab.com/fredericopissarra/t50
5 |
6 | To compile and install just do:
7 |
8 |
9 | $ make
10 | $ sudo make install
11 |
12 | To run t50 you'll need to have root privileges. For instance:
13 |
14 | $ sudo t50 --threshold 10 10 192.168.10.3
15 |
--------------------------------------------------------------------------------
/configure:
--------------------------------------------------------------------------------
1 | #/bin/sh
2 |
3 | # Checks if all necessary dependencies are in place.
4 | unset ERROR
5 | if ! which make > /dev/null 2>&1; then echo 'make needed...'; ERROR=1; fi
6 | if ! which gzip > /dev/null 2>&1; then echo 'gzip needed...'; ERROR=1; fi
7 |
8 | if [ ${ERROR} ]; then
9 | echo 'Packages missing. Aborted.'
10 | exit 1
11 | fi
12 |
13 | cat <<@@
14 | To comple and install:
15 |
16 | $ make
17 | $ sudo make install
18 |
19 | To uninstall:
20 |
21 | $ sudo make uninstall
22 | @@
23 |
24 | exit 0
25 |
--------------------------------------------------------------------------------
/src/include/configuration.h:
--------------------------------------------------------------------------------
1 | #ifndef __CONFIGURATION_H_INCLUDED__
2 | #define __CONFIGURATION_H_INCLUDED__
3 |
4 | #if !defined(__GNUC__) && (__GNUC__ < 5) && (__STDC_VERSION__ < 201112)
5 | #error "Need GCC 5 or greater, with C11 standard support, to compile!"
6 | #endif
7 |
8 | /* Name of package */
9 | #define PACKAGE "t50"
10 |
11 | /* Define to the version of this package. */
12 | #define PACKAGE_VERSION "5.8.7a"
13 |
14 | /* Define to the address where bug reports for this package should be sent. */
15 | #define PACKAGE_BUGREPORT "t50-dev@googlegroups.com"
16 |
17 | /* Define to the full name of this package. */
18 | #define PACKAGE_NAME PACKAGE " " PACKAGE_VERSION
19 |
20 | /* Define to the home page for this package. */
21 | #define PACKAGE_URL "https://gitlab.com/fredericopissarra/t50.git"
22 |
23 | /* Use fork to spawn extra process */
24 | #define __HAVE_TURBO__
25 |
26 | #endif
27 |
--------------------------------------------------------------------------------
/TODO:
--------------------------------------------------------------------------------
1 | T50 - Experimental Mixed Packet Injector
2 |
3 | Legend:
4 | - Code unrelated
5 | + Code related
6 | * Ideas (t50 code unrelated)
7 | % Ideas (t50 code related)
8 |
9 | April 2nd, 2015
10 | + Improve support for ports list on --dport option (maybe round robin?)
11 | % Add support for network interface binding.
12 |
13 | March 1st, 2014
14 | - Improve t50 manpage documentation
15 | - Create some standard test scripts
16 | - Create DEB and RPM packaging (binary, dev and source packages. Maybe an PPA for Ununtu and repository for Debian too!)
17 | - Incorporate packaging on Makefile
18 | + Support for IPv6?
19 | + Are there any new protocols to implement?
20 | + Support for OS/X and BSD (and, "maybe", Windows)?
21 | % Add criteria "tcpdump" like on command line?
22 | % Change "fork()" use to pthreads (thinking on Windows port)?
23 | * Non Web GUI (using GTK+, since there is support for "Windows"!)?
24 |
--------------------------------------------------------------------------------
/src/include/t50_cksum.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __CKSUM_H__
22 | #define __CKSUM_H__
23 |
24 | #include
25 | #include
26 |
27 | uint16_t cksum ( void *, size_t );
28 |
29 | #endif
30 |
--------------------------------------------------------------------------------
/src/include/t50_errors.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __ERRORS_H__
22 | #define __ERRORS_H__
23 |
24 | void error ( const char * const fmt, ... );
25 | void fatal_error ( const char * const fmt, ... );
26 |
27 | #endif
28 |
--------------------------------------------------------------------------------
/src/include/t50_shuffle.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __T50_SHUFFLE_INCLUDED__
22 | #define __T50_SHUFFLE_INCLUDED__
23 |
24 | #include
25 | #include
26 |
27 | void shuffle ( uint32_t *, size_t );
28 |
29 | #endif
30 |
--------------------------------------------------------------------------------
/src/include/t50_memalloc.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __MEMALLOC_H__
22 | #define __MEMALLOC_H__
23 |
24 | #include
25 |
26 | extern void *packet;
27 |
28 | void alloc_packet ( size_t );
29 | void destroy_packet_buffer( void );
30 |
31 | #endif
32 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_ip.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __IP_INC__
22 | #define __IP_INC__
23 |
24 | #include
25 |
26 | struct config_options; /* Defined in config.h. */
27 |
28 | struct iphdr *ip_header ( void * restrict, uint32_t, const struct config_options * restrict );
29 |
30 | #endif
31 |
--------------------------------------------------------------------------------
/src/shuffle.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file shuffle.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 |
26 | // Knuth-Fisher-Yates (this one) is faster!
27 | void shuffle ( uint32_t *p, size_t size )
28 | {
29 | size_t i;
30 |
31 | while ( size )
32 | {
33 | i = RANDOM() % size--;
34 | swap ( p[size], p[i] );
35 | }
36 | }
37 |
38 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_igmp.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __IGMP_H__
22 | #define __IGMP_H__
23 |
24 | /** IGMP Header DEFINITIONS. */
25 | #define IGMPV3_TLEN_NSRCS(foo) ((foo) * sizeof(in_addr_t))
26 |
27 | /** Calculating IGMPv3 Header length */
28 | #define igmpv3_hdr_len(foo, bar) \
29 | ((((foo) == IGMPV3_HOST_MEMBERSHIP_REPORT) ? \
30 | sizeof(struct igmpv3_report) + sizeof(struct igmpv3_grec) : \
31 | sizeof(struct igmpv3_query)) + \
32 | IGMPV3_TLEN_NSRCS((bar)))
33 |
34 | #endif /* __IGMP_H */
35 |
--------------------------------------------------------------------------------
/src/include/t50_cidr.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __CIDR_H__
22 | #define __CIDR_H__
23 |
24 | #include
25 | #include
26 | #include
27 |
28 | #define CIDR_MINIMUM 8
29 | #define CIDR_MAXIMUM 32 // fix #7
30 |
31 | /** @struct cidr
32 | T50 cidr structure. */
33 | struct cidr
34 | {
35 | uint32_t hostid; /* hosts identifiers */
36 | in_addr_t __1st_addr; /* first IP address */
37 | };
38 |
39 | struct cidr *config_cidr ( const config_options_T * const );
40 |
41 | #endif
42 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_rip.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __RIP_H__
22 | #define __RIP_H__
23 |
24 | #define IPPORT_RIP 520
25 |
26 | #define RIP_HEADER_LENGTH 4
27 | #define RIP_TRAILER_LENGTH 4
28 | #define RIP_MESSAGE_LENGTH 20
29 | #define RIP_AUTH_LENGTH 20
30 |
31 | /** Calculating RIP Header length */
32 | #define rip_hdr_len(foo) \
33 | (RIP_HEADER_LENGTH + \
34 | RIP_MESSAGE_LENGTH + \
35 | ((foo) ? \
36 | RIP_AUTH_LENGTH + \
37 | RIP_TRAILER_LENGTH + \
38 | AUTH_TLEN_HMACMD5 : \
39 | 0))
40 |
41 | #endif /* __RIP_H */
42 |
--------------------------------------------------------------------------------
/src/include/t50_randomizer.h:
--------------------------------------------------------------------------------
1 | #ifndef __RANDOMIZER_H__
2 | #define __RANDOMIZER_H__
3 |
4 | #include
5 | #include
6 |
7 | /* Randomizer macros and function */
8 | /* NOTE: int8_t, int16_t, int32_t are synonimous of
9 | char, short and int. */
10 | /* This macro will use htonX functions only if v is !0. */
11 | /* Sometipes, v is a bitfield and NOT compatible with primitive types.
12 | Because of this, the default selector is necessary! */
13 | /* RANDOM call results have not endianess! */
14 |
15 | #define __RND(v) _Generic((v), \
16 | _Bool: (!!(v) ? (v) : RANDOM()), \
17 | int8_t: (!!(v) ? (v) : RANDOM()), \
18 | int16_t: (!!(v) ? htons((v)) : RANDOM()), \
19 | int32_t: (!!(v) ? htonl((v)) : RANDOM()), \
20 | uint8_t: (!!(v) ? (v) : RANDOM()), \
21 | uint16_t: (!!(v) ? htons((v)) : RANDOM()), \
22 | uint32_t: (!!(v) ? htonl((v)) : RANDOM()), \
23 | default: (!!(v) ? (v) : RANDOM()))
24 |
25 | // FIX: Random IP addresses and PORTS were reversed by __RND macro above.
26 | #define INADDR_RND(v) ((uint32_t)(!!(v) ? (v) : RANDOM()))
27 | #define IPPORT_RND(v) ((uint16_t)(!!(v) ? (v) : RANDOM()))
28 |
29 | extern uint32_t ( *RANDOM ) ( void );
30 | extern void ( *SRANDOM ) ( void );
31 | extern uint32_t NETMASK_RND ( uint32_t );
32 |
33 | #endif
34 |
35 |
--------------------------------------------------------------------------------
/src/help/ipsec_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file ipsec_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** IPSec options help. */
26 | void ipsec_help ( void )
27 | {
28 | puts ( "IPSEC Options:\n"
29 | " --ipsec-ah-length NUM IPSec AH header length (default NONE)\n"
30 | " --ipsec-ah-spi NUM IPSec AH SPI (default RANDOM)\n"
31 | " --ipsec-ah-sequence NUM IPSec AH sequence # (default RANDOM)\n"
32 | " --ipsec-esp-spi NUM IPSec ESP SPI (default RANDOM)\n"
33 | " --ipsec-esp-sequence NUM IPSec ESP sequence # (default RANDOM)\n" );
34 | }
35 |
36 |
--------------------------------------------------------------------------------
/src/help/icmp_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file icmp_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 |
26 | /** ICMP options help. */
27 | void icmp_help ( void )
28 | {
29 | printf ( "ICMP Options:\n"
30 | " --icmp-type NUM ICMP type (default %d)\n"
31 | " --icmp-code NUM ICMP code (default 0)\n"
32 | " --icmp-gateway ADDR ICMP redirect gateway (default RANDOM)\n"
33 | " --icmp-id NUM ICMP identification (default RANDOM)\n"
34 | " --icmp-sequence NUM ICMP sequence # (default RANDOM)\n\n",
35 | ICMP_ECHO );
36 | }
37 |
38 |
--------------------------------------------------------------------------------
/src/include/t50_help.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __HELP_INCLUDED__
22 | #define __HELP_INCLUDED__
23 |
24 | /* Add usage function interface here.
25 | Add usage function definition for protocol at src/help/ directory.
26 | Change Makefile and src/usage.c. */
27 | void general_help ( void );
28 | void gre_help ( void );
29 | void tcp_udp_dccp_help ( void );
30 | void tcp_help ( void );
31 | void ip_help ( void );
32 | void icmp_help ( void );
33 | void egp_help ( void );
34 | void rip_help ( void );
35 | void dccp_help ( void );
36 | void rsvp_help ( void );
37 | void ipsec_help ( void );
38 | void eigrp_help ( void );
39 | void ospf_help ( void );
40 |
41 | void show_version ( void ); /* Prints version info. */
42 | void usage ( void ); /* Prints usage message */
43 |
44 | #endif
45 |
--------------------------------------------------------------------------------
/src/include/t50_netio.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __NETIO_H__
22 | #define __NETIO_H__
23 |
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 |
30 | extern uint64_t bytes_sent;
31 | extern uint64_t packets_sent;
32 |
33 | /* Common routines used by code */
34 | in_addr_t resolv ( char * ); /* Resolve name to ip address. */
35 | void create_socket ( void ); /* Creates the sending socket */
36 | void close_socket ( void ); /* Close the previously created socket */
37 |
38 | /* Send the actual packet from buffer, with size bytes, using config options. */
39 | int send_packet ( const void * const,
40 | size_t,
41 | const config_options_T * const restrict );
42 |
43 | #endif
44 |
--------------------------------------------------------------------------------
/src/help/ip_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file ip_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** IP options help. */
26 | void ip_help ( void )
27 | {
28 | printf ( "IP Options:\n"
29 | " -s,--saddr ADDR IP source IP address (default RANDOM)\n"
30 | " --tos NUM IP type of service (default 0x%x)\n"
31 | " --id NUM IP identification (default RANDOM)\n"
32 | " --frag-offset NUM IP fragmentation offset (default 0)\n"
33 | " --ttl NUM IP time to live (default 255)\n"
34 | " --protocol PROTO IP protocol (default TCP)\n\n",
35 | IPTOS_PREC_IMMEDIATE );
36 | }
37 |
38 |
--------------------------------------------------------------------------------
/src/help/gre_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file gre_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** GRE options help. */
26 | void gre_help ( void )
27 | {
28 | puts ( "GRE Options:\n"
29 | " --gre-seq-present GRE sequence # present (default OFF)\n"
30 | " --gre-key-present GRE key present (default OFF)\n"
31 | " --gre-sum-present GRE checksum present (default OFF)\n"
32 | " --gre-key NUM GRE key (default RANDOM)\n"
33 | " --gre-sequence NUM GRE sequence # (default RANDOM)\n"
34 | " --gre-saddr ADDR GRE IP source IP address (default RANDOM)\n"
35 | " --gre-daddr ADDR GRE IP destination IP address (default RANDOM)\n" );
36 | }
37 |
38 |
--------------------------------------------------------------------------------
/src/include/t50_typedefs.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __TYPEDEFS_INCLUDED__
22 | #define __TYPEDEFS_INCLUDED__
23 |
24 | #include
25 | #include
26 |
27 | /* Data types */
28 | typedef int threshold_T; /* FIX: If we need more than 2147483648 packets sent,
29 | this type can be changed to int64_t. */
30 |
31 | /**
32 | * Union used to ease buffer pointer manipulation.
33 | *
34 | * This will help with pointer arithmetic. When we have to point to the next
35 | * field, on the packet buffer.
36 | *
37 | * Since an address have a fixed size, we have a generic pointer (void *) and
38 | * pointers to other types. When incrementing 'dword_ptr' on this union, we are
39 | * adding 4 to the pointer, for instance.
40 | */
41 | typedef union
42 | {
43 | void *ptr;
44 | uint8_t *byte_ptr;
45 | uint16_t *word_ptr;
46 | uint32_t *dword_ptr;
47 | in_addr_t *inaddr_ptr;
48 | uint64_t *qword_ptr;
49 | } memptr_T;
50 |
51 | #endif
52 |
--------------------------------------------------------------------------------
/src/help/egp_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file egp_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** EGP help */
26 | void egp_help ( void )
27 | {
28 | printf ( "EGP Options:\n"
29 | " --egp-type NUM EGP type (default %d)\n"
30 | " --egp-code NUM EGP code (default %d)\n"
31 | " --egp-status NUM EGP status (default %d)\n"
32 | " --egp-as NUM EGP autonomous system (default RANDOM)\n"
33 | " --egp-sequence NUM EGP sequence # (default RANDOM)\n"
34 | " --egp-hello NUM EGP hello interval (default RANDOM)\n"
35 | " --egp-poll NUM EGP poll interval (default RANDOM)\n\n",
36 | EGP_NEIGHBOR_ACQUISITION,
37 | EGP_ACQ_CODE_CEASE_CMD,
38 | EGP_ACQ_STAT_ACTIVE_MODE );
39 | }
40 |
41 |
--------------------------------------------------------------------------------
/src/help/general_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file general_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** Common options help function. */
26 | void general_help ( void )
27 | {
28 | puts ( "Common Options:\n"
29 | " --threshold NUM Threshold of packets to send (default 1000)\n"
30 | " --flood This option supersedes the \'threshold\'\n"
31 | " --encapsulated Encapsulated protocol (GRE) (default OFF)\n"
32 | " -B,--bogus-csum Bogus checksum (default OFF)\n"
33 | " --shuffle Shuffling for T50 protocol (default OFF)\n"
34 | " -q,--quiet Disable INFOs\n"
35 | #ifdef __HAVE_TURBO__
36 | " --turbo Extend the performance (default OFF)\n"
37 | #endif /* __HAVE_TURBO__ */
38 | " -l,--list-protocols List all available protocols\n"
39 | " -v,--version Print version and exit\n"
40 | " -h,--help Display this help and exit\n" );
41 | }
42 |
43 |
--------------------------------------------------------------------------------
/src/help/igmp_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file igmp_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 |
26 | /** IGMP options help. */
27 | void igmp_help ( void )
28 | {
29 | printf ( "IGMP Options:\n"
30 | " --igmp-type NUM IGMPv1/v3 type (default 0x%x)\n"
31 | " --igmp-code NUM IGMPv1/v3 code (default 0)\n"
32 | " --igmp-group ADDR IGMPv1/v3 address (default RANDOM)\n"
33 | " --igmp-qrv NUM IGMPv3 QRV (default RANDOM)\n"
34 | " --igmp-suppress IGMPv3 suppress router-side (default OFF)\n"
35 | " --igmp-qqic NUM IGMPv3 QQIC (default RANDOM)\n"
36 | " --igmp-grec-type NUM IGMPv3 group record type (default 1)\n"
37 | " --igmp-sources NUM IGMPv3 # of sources (default 2)\n"
38 | " --igmp-multicast ADDR IGMPv3 group record multicast (default RANDOM)\n"
39 | " --igmp-address ADDR,... IGMPv3 source address(es) (default RANDOM)\n\n",
40 | IGMP_HOST_MEMBERSHIP_QUERY );
41 | }
42 |
43 |
--------------------------------------------------------------------------------
/src/cksum.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file cksum.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 |
24 | /**
25 | * Calculates checksum.
26 | *
27 | * RFC 1071 compliant checksum routine.
28 | *
29 | * FIXED: last implementation was WRONG... I can't find any faster way to do this!
30 | * Yet... There was another error that didn't consider BIG ENDIAN machines...
31 | * Note to myself: Don't mess with this routine again!
32 | *
33 | * That being said, I shold find a way to calculate the checksum faster.
34 | */
35 | uint16_t cksum ( void *data, size_t length )
36 | {
37 | uint16_t *ptr;
38 | uint32_t sum;
39 |
40 | sum = 0;
41 | ptr = data;
42 | while ( length > 1 )
43 | {
44 | sum += *ptr++;
45 | length -= 2;
46 | }
47 |
48 | // if there is any additional bytes remaining...
49 | if ( length > 0 )
50 | #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
51 | sum += (uint16_t)(*(uint8_t *)ptr) << 8; // last byte must be
52 | // aligned to upper 8 bits.
53 | #else
54 | sum += *(uint8_t *)ptr;
55 | #endif
56 |
57 | // Add carry-outs...
58 | while ( sum >> 16 )
59 | sum = ( sum & 0xffffU ) + ( sum >> 16 );
60 |
61 | // NOTE: Let the caller put this in network order, if necessary!
62 | return ~sum;
63 | }
64 |
--------------------------------------------------------------------------------
/src/errors.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file errors.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | // Needed for asprintf().
23 | #define _GNU_SOURCE
24 |
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 |
31 | /* --- Using vfprintf for flexibility. */
32 | static void verror(const char * const fmt, va_list args)
33 | {
34 | char *str;
35 |
36 | if ((asprintf(&str, PACKAGE ": %s\n", fmt)) == -1)
37 | {
38 | fputs(PACKAGE ": Unknown error (not enough memory?).\n", stderr);
39 | exit(EXIT_FAILURE);
40 | }
41 |
42 | vfprintf(stderr, str, args);
43 |
44 | free(str);
45 | }
46 |
47 | /**
48 | * Standard error reporting routine. Non fatal version.
49 | */
50 | void error(const char * const fmt, ...)
51 | {
52 | va_list args;
53 |
54 | fputs(ERROR " ", stderr);
55 |
56 | va_start(args, fmt);
57 | verror(fmt, args);
58 | va_end(args);
59 | }
60 |
61 | /**
62 | * Standard error reporting routine. Fatal Version.
63 | *
64 | * This function never returns!
65 | */
66 | void fatal_error(const char * const fmt, ...)
67 | {
68 | va_list args;
69 |
70 | fputs(FATAL " ", stderr);
71 | va_start(args, fmt);
72 | verror(fmt,args);
73 | va_end(args);
74 |
75 | /* As expected. exit if a failure. */
76 | exit(EXIT_FAILURE);
77 | }
78 |
79 |
--------------------------------------------------------------------------------
/src/help/rip_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file rip_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 |
26 | /** RIP options help. */
27 | void rip_help ( void )
28 | {
29 | printf ( "RIP Options:\n"
30 | " --rip-command NUM RIPv1/v2 command (default 2)\n"
31 | " --rip-family NUM RIPv1/v2 address family (default %d)\n"
32 | " --rip-address ADDR RIPv1/v2 router address (default RANDOM)\n"
33 | " --rip-metric NUM RIPv1/v2 router metric (default RANDOM)\n"
34 | " --rip-domain NUM RIPv2 router domain (default RANDOM)\n"
35 | " --rip-tag NUM RIPv2 router tag (default RANDOM)\n"
36 | " --rip-netmask ADDR RIPv2 router subnet mask (default RANDOM)\n"
37 | " --rip-next-hop ADDR RIPv2 router next hop (default RANDOM)\n"
38 | " --rip-authentication RIPv2 authentication included (default OFF)\n"
39 | " --rip-auth-key-id NUM RIPv2 authentication key ID (default 1)\n"
40 | " --rip-auth-sequence NUM RIPv2 authentication sequence # (default RANDOM)\n\n",
41 | AF_INET );
42 | }
43 |
44 |
--------------------------------------------------------------------------------
/src/memalloc.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file memalloc.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 | #include
22 | #include
23 | #include
24 | #include
25 | #include
26 |
27 | void *packet = NULL; /* Actual packet buffer. Allocated dynamically. */
28 | static size_t current_packet_size = 0; /* Used by alloc_packet(). */
29 |
30 | /**
31 | * Preallocates the packet buffer.
32 | *
33 | * The function will reallocate memory only if the buffer isn't big enough to acomodate
34 | * new_packet_size bytes. Using IPPROTO_T50, after the first 'round', the buffer will be
35 | * big enough to accomodate all packets and no reallocations will be made.
36 | *
37 | * @param size Size of the new 'global' packet buffer.
38 | */
39 | void alloc_packet ( size_t new_packet_size )
40 | {
41 | void *p;
42 |
43 | assert( new_packet_size );
44 |
45 | /* Realloc only ig the new packet size is greater than the old. */
46 | /* NOTE: Assume the condition is false the majority of time. */
47 | if ( new_packet_size > current_packet_size )
48 | {
49 | /* Tries to reallocate memory. */
50 | /* NOTE: Assume realloc will not fail. */
51 | if ( ! ( p = realloc ( packet, new_packet_size ) ) )
52 | fatal_error ( "Error reallocating packet buffer." );
53 |
54 | /* Only assign a new pointer if successfull */
55 | packet = p;
56 | current_packet_size = new_packet_size;
57 | }
58 | }
59 |
60 | void destroy_packet_buffer ( void )
61 | {
62 | SAFE_FREE ( packet );
63 | }
64 |
--------------------------------------------------------------------------------
/src/usage.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file usage.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 |
27 | void show_version ( void )
28 | {
29 | puts ( "T50 Experimental Mixed Packet Injector Tool v" PACKAGE_VERSION "\n"
30 | "Originally created by Nelson Brito \n"
31 | "Previously maintained by Fernando Mercês \n"
32 | "Maintained by Frederico Lamberti Pissarra \n" );
33 | }
34 |
35 | /* Help and usage message */
36 | void usage ( void )
37 | {
38 | /* --- already showing version, by default! --- */
39 | //show_version();
40 |
41 | puts ( "Usage: t50 [options]" );
42 |
43 | general_help();
44 | gre_help();
45 | tcp_udp_dccp_help();
46 | tcp_help();
47 | ip_help();
48 | icmp_help();
49 | egp_help();
50 | rip_help();
51 | dccp_help();
52 | rsvp_help();
53 | ipsec_help();
54 | eigrp_help();
55 | ospf_help();
56 |
57 | puts ( "Some considerations while running this program:\n"
58 | " 1. There is no limitation of using as many options as possible.\n"
59 | " 2. Report " PACKAGE " bugs at " PACKAGE_URL ".\n"
60 | " 3. Some header fields with default values MUST be set to \'0\' for RANDOM.\n"
61 | " 4. Mandatory arguments to long options are mandatory for short options too.\n"
62 | " 5. Be nice when using " PACKAGE ", the author DENIES its use for DoS/DDoS purposes.\n"
63 | " 6. Running " PACKAGE " with \'--protocol T50\' option sends ALL protocols sequentially." );
64 |
65 | exit ( EXIT_FAILURE );
66 | }
67 |
--------------------------------------------------------------------------------
/src/include/t50_defines.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __DEFINES_INCLUDED__
22 | #define __DEFINES_INCLUDED__
23 |
24 | #define _NOINLINE __attribute__((noinline))
25 | #define _INIT __attribute__((constructor))
26 | #define _FINI __attribute__((destructor))
27 |
28 | /**
29 | * Amount of time, in seconds, to wait for child process termination.
30 | */
31 | #define WAIT_FOR_CHILD_TIMEOUT 5
32 |
33 | /**
34 | * Initial packet buffer preallocation size (2 kB).
35 | *
36 | * This size should be sufficient for all packets.
37 | * MTU usually is 1500 bytes long, over ethernet!
38 | */
39 | #define INITIAL_PACKET_SIZE 2048
40 |
41 | #define MAXIMUM_IP_ADDRESSES ((1U << 24) - 1)
42 |
43 | /* #define INADDR_ANY 0 */ // NOTE: Already defined in multiple headers (linux/in.h & netinet/in.h).
44 | #define IPPORT_ANY 0
45 |
46 | /* Global common protocol definitions used by code */
47 | #define AUTH_TYPE_HMACNUL 0
48 | #define AUTH_TYPE_HMACMD5 2
49 | #define AUTH_TLEN_HMACMD5 16
50 |
51 | #define auth_hmac_md5_len(foo) ((foo) ? AUTH_TLEN_HMACMD5 : 0)
52 |
53 | /* T50 DEFINITIONS. */
54 | #define IPPROTO_T50 69
55 | #define FIELD_MUST_BE_ZERO 0
56 |
57 | /** Macro used to test bitmasks */
58 | #define TEST_BITS(x,bits) ((x) & (bits))
59 |
60 | /** Used to test if "pid" from fork() is from a child process. */
61 | /* NOTE: fork returns always 0 for the child process. */
62 | #define IS_CHILD_PID(p) (!(p))
63 |
64 | #define swap(a,b) { typeof((a)) t; t = (a); (a) = (b); (b) = t; }
65 | #define SAFE_FREE(ptr) { if ((ptr)) { free((ptr)); (ptr) = NULL; } }
66 |
67 | #ifdef USE_ANSI
68 | #define ERROR "\x1b[31m[ERROR]\x1b[0m"
69 | #define FATAL "\x1b[31;1m[FATAL]\x1b[0m"
70 | #define INFO "\x1b[33;1m[INFO]\x1b[0m "
71 | #define DEBUG "\x1b[34m[DEBUG]\x1b[0m"
72 | #else
73 | #define ERROR "[ERROR]"
74 | #define FATAL "[FATAL]"
75 | #define INFO "[INFO] "
76 | #define DEBUG "[DEBUG]"
77 | #endif
78 |
79 | #endif
80 |
--------------------------------------------------------------------------------
/src/modules/igmpv1.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file igmpv1.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 | #include
32 |
33 | /**
34 | * IGMPv1 packet header configuration.
35 | *
36 | * This function configures and sends the IGMPv1 packet header.
37 | *
38 | * @param co Pointer to T50 configuration structure.
39 | * @param size Pointer to packet size (updated by the function).
40 | */
41 | void igmpv1 ( const config_options_T *const restrict co, size_t *restrict size )
42 | {
43 | size_t length;
44 | struct iphdr *ip;
45 |
46 | /* IGMPv1 header. */
47 | struct igmphdr *igmpv1;
48 |
49 | assert ( co != NULL );
50 |
51 | /* GRE options size. */
52 | length = gre_opt_len ( co );
53 |
54 | /* Packet size. */
55 | *size = sizeof ( struct iphdr ) +
56 | sizeof ( struct igmphdr ) +
57 | length;
58 |
59 | /* Try to reallocate packet, if necessary */
60 | alloc_packet ( *size );
61 |
62 | /* IP Header structure making a pointer to Packet. */
63 | ip = ip_header ( packet, *size, co );
64 |
65 | /* GRE Encapsulation takes place. */
66 | gre_encapsulation ( packet, co,
67 | sizeof ( struct iphdr ) +
68 | sizeof ( struct igmphdr ) );
69 |
70 | /* IGMPv1 Header structure making a pointer to Packet. */
71 | igmpv1 = ( void * ) ( ip + 1 ) + length;
72 | igmpv1->type = co->igmp.type;
73 | igmpv1->code = co->igmp.code;
74 | igmpv1->group = INADDR_RND ( co->igmp.group );
75 | igmpv1->csum = 0; /* Needed 'cause cksum() call, below! */
76 |
77 | /* Computing the checksum. */
78 | igmpv1->csum = co->bogus_csum ? RANDOM() : htons ( cksum ( igmpv1, sizeof ( struct igmphdr ) ) );
79 |
80 | /* GRE Encapsulation takes place. */
81 | gre_checksum ( packet, co, *size );
82 | }
83 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_tcp_options.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __TCP_OPTIONS_H__
22 | #define __TCP_OPTIONS_H__
23 |
24 | #include
25 |
26 | #define TCPOPT_EOL 0
27 | #define TCPOPT_NOP 1
28 | #define TCPOPT_MSS 2
29 | #define TCPOPT_WSOPT 3
30 | #define TCPOPT_SACK_OK 4
31 | #define TCPOPT_SACK_EDGE 5
32 | #define TCPOPT_TSOPT 8
33 | #define TCPOPT_CC 11
34 | #define TCPOPT_CC_NEW 12
35 | #define TCPOPT_CC_ECHO 13
36 | #define TCPOPT_MD5 19
37 | #define TCPOPT_AO 29
38 |
39 | #define TCPOLEN_MSS 4
40 | #define TCPOLEN_WSOPT 3
41 | #define TCPOLEN_SACK_OK 2
42 | #define TCPOLEN_CC 6
43 | #define TCPOLEN_TSOPT 10
44 | #define TCPOLEN_MD5 18
45 | #define TCPOLEN_AO 20
46 |
47 | /**
48 | * TCP Selective Acknowledgement Options (SACK) (RFC 2018)
49 | *
50 | * A SACK option that specifies n blocks will have a length of 8*n+2
51 | * bytes, so the 40 bytes available for TCP options can specify a
52 | * maximum of 4 blocks. It is expected that SACK will often be used
53 | * in conjunction with the Timestamp option used for RTTM,which takes
54 | * an additional 10 bytes (plus two bytes of padding); thus a maximum
55 | * of 3 SACK blocks will be allowed in this case.
56 | */
57 | #define TCPOLEN_SACK_EDGE(foo) (((foo) * (sizeof(uint32_t) * 2)) + TCPOLEN_SACK_OK)
58 |
59 | /**
60 | * Transmission Control Protocol (TCP) (RFC 793)
61 | *
62 | * Padding: variable
63 | *
64 | * The TCP header padding is used to ensure that the TCP header ends
65 | * and data begins on a 32 bit boundary. The padding is composed of
66 | * zeros.
67 | */
68 | #define TCPOLEN_PADDING(foo) (((foo) & 3) ? sizeof(uint32_t) - ((foo) & 3) : 0)
69 |
70 | /* TCP Options bitmask. */
71 | #define TCP_OPTION_MSS 0x01
72 | #define TCP_OPTION_WSOPT 0x02
73 | #define TCP_OPTION_TSOPT 0x04
74 | #define TCP_OPTION_SACK_OK 0x08
75 | #define TCP_OPTION_CC 0x10
76 | #define TCP_OPTION_CC_NEXT 0x20
77 | #define TCP_OPTION_SACK_EDGE 0x40
78 |
79 | #endif /* __TCP_OPTIONS_H */
80 |
--------------------------------------------------------------------------------
/src/modules/icmp.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file icmp.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 |
32 | /**
33 | * ICMP packet header configuration.
34 | *
35 | * This function configures and sends the ICMP packet header.
36 | *
37 | * @param co Pointer to T50 configuration structure.
38 | * @param size Pointer to packet size (updated by the function).
39 | */
40 | void icmp ( const config_options_T *const restrict co, size_t *restrict size )
41 | {
42 | size_t greoptlen; /* GRE options size. */
43 |
44 | struct iphdr *ip;
45 |
46 | /* ICMP header. */
47 | struct icmphdr *icmp;
48 |
49 | assert ( co != NULL );
50 |
51 | greoptlen = gre_opt_len ( co );
52 | *size = sizeof ( struct iphdr ) +
53 | sizeof ( struct icmphdr ) +
54 | greoptlen;
55 |
56 | /* Try to reallocate packet, if necessary */
57 | alloc_packet ( *size );
58 |
59 | /* IP Header structure making a pointer to Packet. */
60 | ip = ip_header ( packet, *size, co );
61 |
62 | /* GRE Encapsulation takes place. */
63 | gre_encapsulation ( packet, co,
64 | sizeof ( struct iphdr ) +
65 | sizeof ( struct icmphdr ) );
66 |
67 | /* ICMP Header structure making a pointer to Packet. */
68 | icmp = ( void * ) ( ip + 1 ) + greoptlen;
69 | icmp->type = co->icmp.type;
70 | icmp->code = co->icmp.code;
71 | icmp->un.echo.id = __RND ( co->icmp.id );
72 | icmp->un.echo.sequence = __RND ( co->icmp.sequence );
73 |
74 | if ( co->icmp.type == ICMP_REDIRECT )
75 | switch ( co->icmp.code )
76 | {
77 | case ICMP_REDIR_HOST:
78 | case ICMP_REDIR_NET:
79 | icmp->un.gateway = INADDR_RND ( co->icmp.gateway );
80 | }
81 |
82 | icmp->checksum = 0; // needed!
83 |
84 | /* Computing the checksum. */
85 | icmp->checksum = co->bogus_csum ? RANDOM() :
86 | htons ( cksum ( icmp, sizeof ( struct icmphdr ) ) );
87 |
88 | /* GRE Encapsulation takes place. */
89 | gre_checksum ( packet, co, *size );
90 | }
91 |
--------------------------------------------------------------------------------
/src/modules/ip.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file ip.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 |
31 | /* Defined here 'cause we need them just here.
32 | And since we are using linux/ip.h header, they are not
33 | defined there! */
34 | #define IP_MF 0x2000
35 | #define IP_DF 0x4000
36 |
37 | /**
38 | * IP header configuration.
39 | *
40 | * Every module uses this to build the IP portion of the packet.
41 | *
42 | * @param buffer Pointer to the begining of the packet.
43 | * @param packet_size size of the buffer.
44 | * @param co Pointer to T50 configuration structure.
45 | * @return Pointer to IP header structure (points to the begining of the buffer).
46 | */
47 | struct iphdr *ip_header ( void *restrict buffer,
48 | uint32_t packet_size,
49 | const config_options_T *restrict co )
50 | {
51 | struct iphdr *ip;
52 |
53 | assert ( buffer != NULL );
54 | assert ( co != NULL );
55 |
56 | ip = buffer;
57 | ip->version = IPVERSION;
58 | ip->ihl = sizeof ( struct iphdr ) / 4; /* ihl is measured in DWORDs. */
59 |
60 | /* FIXME: MAYBE TOS is filled by kernel through the SO_PRIORITY option and this is completly useless. */
61 | ip->tos = co->ip.tos;
62 |
63 | // NOTE: frag_off must be byte swapped here, not in config.c.
64 | ip->frag_off = htons ( co->ip.frag_off ? ( co->ip.frag_off >> 3 ) | IP_MF : IP_DF );
65 |
66 | /* FIXME: Is it necessary to fill tot_len when IP_HDRINCL is used? */
67 | ip->tot_len = htons ( packet_size );
68 |
69 | ip->id = __RND ( co->ip.id );
70 | ip->ttl = co->ip.ttl;
71 | ip->protocol = co->encapsulated ? IPPROTO_GRE : co->ip.protocol;
72 | ip->saddr = INADDR_RND ( co->ip.saddr );
73 | ip->daddr = co->ip.daddr;
74 | ip->check = 0; // NOTE: it will be calculated by the kernel!
75 |
76 | // FIXME: In case this code will be ported to other OSses,
77 | // we should calculate the checksum ourselves AFTER
78 | // the entire package is ready.
79 | // This can be done in main()'s main loop, before calling send_packet().
80 |
81 | return ip;
82 | }
83 |
--------------------------------------------------------------------------------
/src/modules/udp.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file udp.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 |
31 | /**
32 | * UDP packet header configuration.
33 | *
34 | * Configures the UDP packet header.
35 | * A pointer to this function will be on modules table.
36 | *
37 | * @param co Pointer to T50 configuration structure.
38 | * @param size Pointer to packet size (updated by the function).
39 | */
40 | void udp ( const config_options_T * const restrict co, size_t * restrict size )
41 | {
42 | size_t length;
43 |
44 | struct iphdr *ip;
45 | struct iphdr *gre_ip;
46 | struct udphdr *udp;
47 | struct psdhdr *pseudo;
48 |
49 | assert ( co != NULL );
50 |
51 | length = gre_opt_len ( co );
52 | *size = sizeof ( struct iphdr ) +
53 | sizeof ( struct udphdr ) +
54 | sizeof ( struct psdhdr ) +
55 | length;
56 |
57 | /* Try to reallocate packet, if necessary */
58 | alloc_packet ( *size );
59 |
60 | /* Fill IP header. */
61 | ip = ip_header ( packet, *size, co );
62 |
63 | gre_ip = gre_encapsulation ( packet, co,
64 | sizeof ( struct iphdr ) +
65 | sizeof ( struct udphdr ) );
66 |
67 | /* UDP Header structure making a pointer to IP Header structure. */
68 | udp = ( void * ) ( ip + 1 ) + length;
69 | udp->source = IPPORT_RND ( co->source );
70 | udp->dest = IPPORT_RND ( co->dest );
71 | udp->len = htons ( sizeof ( struct udphdr ) );
72 | udp->check = 0; /* needed 'cause of cksum(), below! */
73 |
74 | /* Fill PSEUDO Header structure. */
75 | pseudo = ( struct psdhdr * ) ( udp + 1 );
76 |
77 | if ( co->encapsulated )
78 | {
79 | pseudo->saddr = gre_ip->saddr;
80 | pseudo->daddr = gre_ip->daddr;
81 | }
82 | else
83 | {
84 | pseudo->saddr = ip->saddr;
85 | pseudo->daddr = ip->daddr;
86 | }
87 |
88 | pseudo->zero = 0;
89 | pseudo->protocol = co->ip.protocol;
90 | pseudo->len = htons ( sizeof ( struct udphdr ) );
91 |
92 | /* Computing the checksum. */
93 | udp->check = co->bogus_csum ? RANDOM() :
94 | htons ( cksum ( udp, ( size_t ) ( pseudo + 1 ) - ( size_t ) udp ) );
95 |
96 | gre_checksum ( packet, co, *size );
97 | }
98 |
--------------------------------------------------------------------------------
/src/modules/egp.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file egp.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 |
31 | /**
32 | * EGP packet header configuration.
33 | *
34 | * This function configures and sends the EGP packet header.
35 | *
36 | * @param co Pointer to T50 configuration structure.
37 | * @param size Pointer to packet size (updated by the function).
38 | */
39 | void egp ( const config_options_T *const restrict co, size_t *restrict size )
40 | {
41 | size_t length;
42 | struct iphdr *ip;
43 |
44 | /* EGP header and EGP acquire header. */
45 | struct egp_hdr *egp;
46 | struct egp_acq_hdr *egp_acq;
47 |
48 | assert ( co != NULL );
49 |
50 | length = gre_opt_len ( co );
51 | *size = sizeof ( struct iphdr ) +
52 | sizeof ( struct egp_hdr ) +
53 | sizeof ( struct egp_acq_hdr ) +
54 | length;
55 |
56 | /* Try to reallocate packet, if necessary */
57 | alloc_packet ( *size );
58 |
59 | /* IP Header structure making a pointer to Packet. */
60 | ip = ip_header ( packet, *size, co );
61 |
62 | /* GRE Encapsulation takes place. */
63 | gre_encapsulation ( packet, co,
64 | sizeof ( struct iphdr ) +
65 | sizeof ( struct egp_hdr ) +
66 | sizeof ( struct egp_acq_hdr ) );
67 |
68 | /*
69 | * @nbrito -- Tue Jan 18 11:09:34 BRST 2011
70 | * XXX Have to work a little bit more deeply in packet building.
71 | * XXX Checking EGP Type and building appropriate header.
72 | */
73 | /* EGP Header structure making a pointer to Packet. */
74 | egp = ( void * ) ( ip + 1 ) + length;
75 | egp->version = EGPVERSION;
76 | egp->type = co->egp.type;
77 | egp->code = co->egp.code;
78 | egp->status = co->egp.status;
79 | egp->as = __RND ( co->egp.as );
80 | egp->sequence = __RND ( co->egp.sequence );
81 | egp->check = 0;
82 |
83 | /* EGP Acquire Header structure. */
84 | egp_acq = ( struct egp_acq_hdr * ) ( egp + 1 );
85 | egp_acq->hello = __RND ( co->egp.hello );
86 | egp_acq->poll = __RND ( co->egp.poll );
87 |
88 | /* Computing the checksum. */
89 | egp->check = co->bogus_csum ? RANDOM() :
90 | htons ( cksum ( egp, ( size_t ) ( egp_acq + 1 ) - ( size_t ) egp ) );
91 |
92 | /* GRE Encapsulation takes place. */
93 | gre_checksum ( packet, co, *size );
94 | }
95 |
--------------------------------------------------------------------------------
/src/cidr.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file cidr.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include // ntohl().
24 | #include
25 | #include
26 | #include
27 | #include
28 |
29 | static struct cidr cidr = {0};
30 |
31 | /**
32 | * CIDR configuration tiny C algorithm.
33 | *
34 | * This will setup cidr structure with values in host order.
35 | *
36 | * @param bits Number of "valid" bits on netmask.
37 | * @param address IP address from command line (in network order).
38 | * @return Pointer to cidr structure.
39 | */
40 | struct cidr *config_cidr ( const config_options_T * const co )
41 | {
42 | /*
43 | * nbrito -- Thu Dec 23 13:06:39 BRST 2010
44 | * Here is a description of how to calculate, correctly, the number of
45 | * hosts and IP addresses based on CIDR -- three instructions line.
46 | *
47 | * (1) Calculate the 'Network Mask' (two simple operations):
48 | * a) Bitwise shift to the left (>>) '0xffffffff' using CIDR gives the
49 | * number of bits to calculate the 'Network Mask'.
50 | * b) Bitwise logic NOT (~) to turn off the bits that are on, and turn
51 | * on the bits that are off gives the 'Network Mask'.
52 | *
53 | * (2) Calculate the number of hosts' IP addresses available to the
54 | * current CIDR (two simple operations):
55 | * a) Subtract CIDR from 32 gives the host identifier's (bits) portion
56 | * for the IP address.
57 | * b) Two raised to the power (pow(3)) of host identifier (bits) gives
58 | * the number of all IP addresses available for the CIDR .
59 | * NOTE: Subtracting two from this math skips both 'Network Address'
60 | * and 'Broadcast Address'.
61 | *
62 | * (3) Calculate initial host IP address (two simple operations):
63 | * a) Convert IP address to little-endian ('ntohl()').
64 | * b) Bitwise logic AND (&) of host identifier (bits) portion of the IP
65 | * address and 'Network Mask' adding one gives the first IP address
66 | * for the CIDR.
67 | */
68 |
69 | // FIXME: Is this condition is really necessary?
70 | if ( co->bits < CIDR_MAXIMUM )
71 | {
72 | uint32_t netmask;
73 |
74 | cidr.hostid = ( 1U << ( 32 - co->bits ) ) - 2U;
75 |
76 | /* XXX Sanitizing the maximum host identifier's IP addresses.
77 | * XXX Should never reaches here!!! */
78 | if ( cidr.hostid > MAXIMUM_IP_ADDRESSES )
79 | {
80 | error ( "internal error detecded -- please, report.\n"
81 | "cidr.hostid (%u) > MAXIMUM_IP_ADDRESSES (%u): Probably a specific platform error.",
82 | cidr.hostid, MAXIMUM_IP_ADDRESSES );
83 |
84 | return NULL;
85 | }
86 |
87 | netmask = ~( ~0U >> co->bits );
88 | cidr.__1st_addr = ( ntohl ( co->ip.daddr ) & netmask ) + 1; // avoid bit 0 = 0.
89 | }
90 | else
91 | {
92 | cidr.hostid = 0; // means "not random address".
93 | cidr.__1st_addr = ntohl ( co->ip.daddr );
94 | }
95 |
96 | return &cidr;
97 | }
98 |
--------------------------------------------------------------------------------
/src/help/eigrp_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file eigrp_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** EIGRP help. */
26 | void eigrp_help ( void )
27 | {
28 | printf ( "EIGRP Options:\n"
29 | " --eigrp-opcode NUM EIGRP opcode (default %d)\n"
30 | " --eigrp-flags NUM EIGRP flags (default RANDOM)\n"
31 | " --eigrp-sequence NUM EIGRP sequence # (default RANDOM)\n"
32 | " --eigrp-acknowledge NUM EIGRP acknowledgment # (default RANDOM)\n"
33 | " --eigrp-as NUM EIGRP autonomous system (default RANDOM)\n"
34 | " --eigrp-type NUM EIGRP type (default %d)\n"
35 | " --eigrp-length NUM EIGRP length (default NONE)\n"
36 | " --eigrp-k1 NUM EIGRP parameter K1 value (default 1)\n"
37 | " --eigrp-k2 NUM EIGRP parameter K2 value (default 0)\n"
38 | " --eigrp-k3 NUM EIGRP parameter K3 value (default 1)\n"
39 | " --eigrp-k4 NUM EIGRP parameter K4 value (default 0)\n"
40 | " --eigrp-k5 NUM EIGRP parameter K5 value (default 0)\n"
41 | " --eigrp-hold NUM EIGRP parameter hold time (default 360)\n"
42 | " --eigrp-ios-ver NUM.NUM EIGRP IOS release version (default 12.4)\n"
43 | " --eigrp-rel-ver NUM.NUM EIGRP PROTO release version (default 1.2)\n"
44 | " --eigrp-next-hop ADDR EIGRP [in|ex]ternal next-hop (default RANDOM)\n"
45 | " --eigrp-delay NUM EIGRP [in|ex]ternal delay (default RANDOM)\n"
46 | " --eigrp-bandwidth NUM EIGRP [in|ex]ternal bandwidth (default RANDOM)\n"
47 | " --eigrp-mtu NUM EIGRP [in|ex]ternal MTU (default 1500)\n"
48 | " --eigrp-hop-count NUM EIGRP [in|ex]ternal hop count (default RANDOM)\n"
49 | " --eigrp-load NUM EIGRP [in|ex]ternal load (default RANDOM)\n"
50 | " --eigrp-reliability NUM EIGRP [in|ex]ternal reliability (default RANDOM)\n"
51 | " --eigrp-daddr ADDR/CIDR EIGRP [in|ex]ternal address(es) (default RANDOM)\n"
52 | " --eigrp-src-router ADDR EIGRP external source router (default RANDOM)\n"
53 | " --eigrp-src-as NUM EIGRP external autonomous system (default RANDOM)\n"
54 | " --eigrp-tag NUM EIGRP external arbitrary tag (default RANDOM)\n"
55 | " --eigrp-proto-metric NUM EIGRP external protocol metric (default RANDOM)\n"
56 | " --eigrp-proto-id NUM EIGRP external protocol ID (default 2)\n"
57 | " --eigrp-ext-flags NUM EIGRP external flags (default RANDOM)\n"
58 | " --eigrp-address ADDR EIGRP multicast sequence address (default RANDOM)\n"
59 | " --eigrp-multicast NUM EIGRP multicast sequence # (default RANDOM)\n"
60 | " --eigrp-authentication EIGRP authentication included (default OFF)\n"
61 | " --eigrp-auth-key-id NUM EIGRP authentication key ID (default 1)\n\n",
62 | EIGRP_OPCODE_UPDATE,
63 | EIGRP_TYPE_INTERNAL );
64 | }
65 |
66 |
--------------------------------------------------------------------------------
/src/randomizer.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file randomizer.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 |
30 | /* The Random SEED will be created by SRANDOM */
31 | static uint64_t _seed[2];
32 |
33 | /* xorshift128+
34 |
35 | We don't have to worry about the lower bits
36 | been less random than the upper, in theory. */
37 | static uint32_t random_xorshift128plus ( void )
38 | {
39 | uint64_t s0 = _seed[1];
40 | uint64_t s1 = _seed[0];
41 | _seed[0] = s0;
42 |
43 | s1 ^= s1 << 23;
44 | _seed[1] = s1 ^ s0 ^ ( s1 >> 18 ) ^ ( s0 >> 5 );
45 |
46 | return ( _seed[1] + s0 );
47 | }
48 |
49 | // NOTE: Intel specific!
50 | #if defined(__i386) || defined(__x86_64)
51 | static uint32_t random_rdrand ( void )
52 | {
53 | uint32_t r;
54 |
55 | __asm__ __volatile__ (
56 | "1: rdrand %0\n"
57 | " jnc 1b"
58 | : "=a" ( r )
59 | );
60 |
61 | return r;
62 | }
63 | #endif
64 |
65 | static void empty_srandom ( void ) {}
66 |
67 | static void get_random_seed ( void )
68 | {
69 | // NOTE: Could use gettimeofday() and use it as seed,
70 | // but, this way I'll make sure the seed is random.
71 |
72 | int _fd, r;
73 | void *p, *endp;
74 |
75 | if ( ( _fd = open ( "/dev/urandom", O_RDONLY ) ) == -1 )
76 | fatal_error ( "Cannot open /dev/urandom to get initial random seed." );
77 |
78 | /* NOTE: initializes this code "global" _seed var. */
79 | p = &_seed;
80 | endp = p + sizeof _seed;
81 |
82 | while ( p < endp )
83 | {
84 | if ( ( r = read ( _fd, p, endp - p ) ) == -1 )
85 | break;
86 |
87 | p += r;
88 | }
89 |
90 | close ( _fd );
91 |
92 | if ( r == -1 )
93 | fatal_error ( "Cannot read initial seed from /dev/urandom." );
94 | }
95 |
96 | /* The "constructor" below will overide this IF the platform is Intel/AMD and
97 | if RDRAND is supported. */
98 | void ( *SRANDOM ) ( void ) = get_random_seed;
99 | uint32_t ( *RANDOM ) ( void ) = random_xorshift128plus;
100 |
101 | /**
102 | * Returns the Randomized netmask if foo is 0 or the parameter, otherwise.
103 | *
104 | * This routine shouldn't be inlined due to its compliexity.
105 | *
106 | * @param foo IPv4 netmask (or 0 if randomized).
107 | * @return Netmask (randomized or otherwise).
108 | */
109 | uint32_t NETMASK_RND ( uint32_t foo )
110 | {
111 | if ( ! foo )
112 | {
113 | uint32_t t = RANDOM() & 0x1f;
114 | /* Here t is something between 0 and 31. */
115 |
116 | /* NOTE: This is faster than 't %= 23'. */
117 | if ( t > 22 )
118 | t -= 23;
119 |
120 | /* Here t is something between 0 and 22 */
121 |
122 | /* We need someting between 8 and 30 bits only! */
123 | foo = htonl ( ~ ( ~0U >> ( t + 8 ) ) );
124 | }
125 |
126 | return foo;
127 | }
128 |
129 | // Intel architecture dependend constructor.
130 | #if defined(__i386) || defined(__x86_64)
131 | #define RDRAND_BIT (1U << 30)
132 |
133 | //--- Make sure to use RDRAND instruction if the processor has it.
134 | static void _INIT check_rdrand ( void )
135 | {
136 | int c;
137 |
138 | __asm__ __volatile__ ( "cpuid" : "=c" ( c ) : "a" ( 1 ) :
139 | #ifdef __i386
140 | "ebx", "edx"
141 | #else /* x86_64 */
142 | "rbx", "rdx"
143 | #endif
144 | );
145 |
146 | if ( c & RDRAND_BIT )
147 | {
148 | RANDOM = random_rdrand;
149 | SRANDOM = empty_srandom; // RDRAND doesn't need a seed.
150 | }
151 | }
152 | #endif
153 |
154 |
--------------------------------------------------------------------------------
/src/help/rsvp_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file rsvp_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** RSVP options help. */
26 | void rsvp_help ( void )
27 | {
28 | puts ( "RSVP Options:\n"
29 | " --rsvp-flags NUM RSVP flags (default 1)\n"
30 | " --rsvp-type NUM RSVP message type (default 1)\n"
31 | " --rsvp-ttl NUM RSVP time to live (default 254)\n"
32 | " --rsvp-session-addr ADDR RSVP SESSION destination address (default RANDOM)\n"
33 | " --rsvp-session-proto NUM RSVP SESSION protocol ID (default 1)\n"
34 | " --rsvp-session-flags NUM RSVP SESSION flags (default 1)\n"
35 | " --rsvp-session-port NUM RSVP SESSION destination port (default RANDOM)\n"
36 | " --rsvp-hop-addr ADDR RSVP HOP neighbor address (default RANDOM)\n"
37 | " --rsvp-hop-iface NUM RSVP HOP logical interface (default RANDOM)\n"
38 | " --rsvp-time-refresh NUM RSVP TIME refresh interval (default 360)\n"
39 | " --rsvp-error-addr ADDR RSVP ERROR node address (default RANDOM)\n"
40 | " --rsvp-error-flags NUM RSVP ERROR flags (default 2)\n"
41 | " --rsvp-error-code NUM RSVP ERROR code (default 2)\n"
42 | " --rsvp-error-value NUM RSVP ERROR value (default 8)\n"
43 | " --rsvp-scope NUM RSVP SCOPE # of address(es) (default 1)\n"
44 | " --rsvp-address ADDR,... RSVP SCOPE address(es) (default RANDOM)\n"
45 | " --rsvp-style-option NUM RSVP STYLE option vector (default 18)\n"
46 | " --rsvp-sender-addr ADDR RSVP SENDER TEMPLATE address (default RANDOM)\n"
47 | " --rsvp-sender-port NUM RSVP SENDER TEMPLATE port (default RANDOM)\n"
48 | " --rsvp-tspec-traffic RSVP TSPEC service traffic (default OFF)\n"
49 | " --rsvp-tspec-guaranteed RSVP TSPEC service guaranteed (default OFF)\n"
50 | " --rsvp-tspec-r NUM RSVP TSPEC token bucket rate (default RANDOM)\n"
51 | " --rsvp-tspec-b NUM RSVP TSPEC token bucket size (default RANDOM)\n"
52 | " --rsvp-tspec-p NUM RSVP TSPEC peak data rate (default RANDOM)\n"
53 | " --rsvp-tspec-m NUM RSVP TSPEC minimum policed unit (default RANDOM)\n"
54 | " --rsvp-tspec-M NUM RSVP TSPEC maximum packet size (default RANDOM)\n"
55 | " --rsvp-adspec-ishop NUM RSVP ADSPEC IS HOP count (default RANDOM)\n"
56 | " --rsvp-adspec-path NUM RSVP ADSPEC path b/w estimate (default RANDOM)\n"
57 | " --rsvp-adspec-m NUM RSVP ADSPEC minimum path latency (default RANDOM)\n"
58 | " --rsvp-adspec-mtu NUM RSVP ADSPEC composed MTU (default RANDOM)\n"
59 | " --rsvp-adspec-guaranteed RSVP ADSPEC service guaranteed (default OFF)\n"
60 | " --rsvp-adspec-Ctot NUM RSVP ADSPEC ETE composed value C (default RANDOM)\n"
61 | " --rsvp-adspec-Dtot NUM RSVP ADSPEC ETE composed value D (default RANDOM)\n"
62 | " --rsvp-adspec-Csum NUM RSVP ADSPEC SLR point composed C (default RANDOM)\n"
63 | " --rsvp-adspec-Dsum NUM RSVP ADSPEC SLR point composed D (default RANDOM)\n"
64 | " --rsvp-adspec-controlled RSVP ADSPEC service controlled (default OFF)\n"
65 | " --rsvp-confirm-addr ADDR RSVP CONFIRM receiver address (default RANDOM)\n" );
66 | }
67 |
--------------------------------------------------------------------------------
/doc/README.md:
--------------------------------------------------------------------------------
1 | Home {#mainpage}
2 | ====
3 |
4 | __________ ________ _____
5 | |__ ___/| ____/ / _ \ the fastest packet injector.
6 | | | |____ \ / /_\ \
7 | | | / \\\ \\_/ \
8 | |____| /________/ \\_______/
9 |
10 |
11 | T50 (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing".
12 | The concept started on 2001, right after release 'nb-isakmp.c', and
13 | the main goal was:
14 | - Having a tool to perform TCP/IP protocol fuzzer, covering common regular
15 | protocols, such as: ICMP, TCP and UDP.
16 |
17 | Things have changed, and the T50 became a good unique resource capable to
18 | perform "Stress Testing". And, after checking the "/usr/include/linux", some
19 | protocols were chosen to be part of its coverage:
20 | a) ICMP - Internet Control Message Protocol
21 | b) IGMP - Internet Group Management Protocol
22 | c) TCP - Transmission Control Protocol
23 | d) UDP - User Datagram Protocol
24 |
25 | Why "Stress Testing"? Well, because when people are designing a new network
26 | infra-structure (eg. Datacenter serving to Cloud Computing) they think about:
27 | a) High-Availability
28 | b) Load Balancing
29 | c) Backup Sites (Cold Sites, Hot Sites, and Warm Sites)
30 | d) Disaster Recovery
31 | e) Data Redundancy
32 | f) Service Level Agreements
33 | g) Etc...
34 |
35 | But almost nobody thinks about "Stress Testing", or even performs any test to
36 | check how the networks infra-structure behaves under stress, under overload,
37 | and under attack. Even during a Penetration Test, people prefer not running
38 | any kind of Denial-of-Service testing. Even worse, those people are missing
39 | one of the three key concepts of security that are common to risk management:
40 | - Confidentiality
41 | - Integrity
42 | - AVAILABILITY
43 |
44 | T50 was designed to perform “Stress Testing” on a variety of infra-structure
45 | network devices (Version 2.45), using widely implemented protocols, and after
46 | some requests it was was re-designed to extend the tests (as of Version 5.3),
47 | covering some regular protocols (ICMP, TCP and UDP), some infra-structure
48 | specific protocols (GRE, IPSec and RSVP), and some routing protocols (RIP,
49 | EIGRP and OSPF).
50 |
51 | This new version (Version 5.3) is focused on internal infra-structure, which
52 | allows people to test the availability of its resources, and cobering:
53 | a) Interior Gateway Protocols (Distance Vector Algorithm):
54 | 1. Routing Information Protocol (RIP)
55 | 2. Enhanced Interior Gateway Routing Protocol (EIGRP)
56 |
57 | b) Interior Gateway Protocols (Link State Algorithm):
58 | 1. Open Shortest Path First (OSPF)
59 |
60 | c) Quality-of-Service Protocols:
61 | 1. Resource ReSerVation Protocol (RSVP).
62 |
63 | d) Tunneling/Encapsulation Protocols:
64 | 1. Generic Routing Encapsulation (GRE).
65 |
66 | T50 is a powerful and unique packet injector tool, which is capable to:
67 | a) Send sequentially the following fifteen (15) protocols:
68 | 1. ICMP - Internet Control Message Protocol
69 | 2. IGMPv1 - Internet Group Management Protocol v1
70 | 3. IGMPv3 - Internet Group Management Protocol v3
71 | 4. TCP - Transmission Control Protocol
72 | 5. EGP - Exterior Gateway Protocol
73 | 6. UDP - User Datagram Protocol
74 | 7. RIPv1 - Routing Information Protocol v1
75 | 8. RIPv2 - Routing Information Protocol v2
76 | 9. DCCP - Datagram Congestion Control Protocol
77 | 10. RSVP - Resource ReSerVation Protocol
78 | 11. GRE - Generic Routing Encapsulation
79 | 12. IPSec - Internet Protocol Security (AH/ESP)
80 | 13. EIGRP - Enhanced Interior Gateway Routing Protocol
81 | 14. OSPF - Open Shortest Path First
82 |
83 | b) It is the only tool capable to encapsulate the protocols (listed above)
84 | within Generic Routing Encapsulation (GRE).
85 |
86 | c) Send an (quite) incredible amount of packets per second, making it a
87 | "second to none" tool:
88 | -> More than 1,000,000 pps of SYN Flood (+50% of the network uplink) in
89 | a 1000BASE-T Network (Gigabit Ethernet).
90 | -> More than 120,000 pps of SYN Flood (+60% of the network uplink) in a
91 | 100BASE-TX Network (Fast Ethernet).
92 |
93 | d) Perform "Stress Testing" on a variety of network infrastructure, network
94 | devices and security solutions in place.
95 |
96 | e) Simulate "Distributed Denial-of-Service" & "Denial-of-Service" attacks,
97 | validating Firewall rules, Router ACLs, Intrusion Detection System and
98 | Intrusion Prevention System policies.
99 |
100 | The main differentiator of the T50 is that it is able to send all protocols,
101 | sequentially, using one single SOCKET, besides it is capable to be used to
102 | modify network routes, letting IT Security Professionals performing advanced
103 | "Penetration Test".
104 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_eigrp.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __EIGRP_H__
22 | #define __EIGRP_H__
23 |
24 | #include
25 |
26 | #define IPPROTO_EIGRP 88
27 | #define EIGRPVERSION 2
28 | #define EIGRP_FLAG_INIT 0x00000001
29 | #define EIGRP_FLAG_COND 0x00000002
30 |
31 | /* EIGRP Message Opcode */
32 | #define EIGRP_OPCODE_UPDATE 1
33 | #define EIGRP_OPCODE_REQUEST 2
34 | #define EIGRP_OPCODE_QUERY 3
35 | #define EIGRP_OPCODE_REPLY 4
36 | #define EIGRP_OPCODE_HELLO 5
37 | #define EIGRP_OPCODE_IPX_SAP 6
38 |
39 | /* EIGRP Message Type/Length/Value */
40 | #define EIGRP_TYPE_PARAMETER 1
41 | #define EIGRP_TYPE_AUTH 2
42 | #define EIGRP_TYPE_SEQUENCE 3
43 | #define EIGRP_TYPE_SOFTWARE 4
44 | #define EIGRP_TYPE_MULTICAST 5
45 | #define EIGRP_TYPE_INTERNAL 0x102
46 | #define EIGRP_TYPE_EXTERNAL 0x103
47 |
48 | #define EIGRP_TLEN_PARAMETER 12
49 | #define EIGRP_TLEN_AUTH 40
50 | #define EIGRP_PADDING_BLOCK 12
51 | #define EIGRP_MAXIMUM_KEYID 2147483647
52 | #define EIGRP_TLEN_SEQUENCE 9
53 | #define EIGRP_TLEN_SOFTWARE 8
54 | #define EIGRP_TLEN_MULTICAST 8
55 | #define EIGRP_TLEN_INTERNAL 25
56 | #define EIGRP_TLEN_EXTERNAL 45
57 |
58 | #define EIGRP_DADDR_BUILD(foo, bar) \
59 | ((foo) &= htonl(~(0xffffffffU >> (((bar) >> 3) * 8))))
60 |
61 | #define EIGRP_DADDR_LENGTH(foo) \
62 | ((((foo) >> 3) & 3) + ((foo) % 8 ? 1 : 0))
63 |
64 | /* EIGRP K Values bitmask */
65 | #define EIGRP_KVALUE_K1 0x01
66 | #define EIGRP_KVALUE_K2 0x02
67 | #define EIGRP_KVALUE_K3 0x04
68 | #define EIGRP_KVALUE_K4 0x08
69 | #define EIGRP_KVALUE_K5 0x10
70 |
71 | /**
72 | * Enhanced Interior Gateway Routing Protocol (EIGRP)
73 | *
74 | * 0 1 2 3 3
75 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
76 | * -----------------------------------------------------------------
77 | * | Version | Opcode | Checksum |
78 | * -----------------------------------------------------------------
79 | * | Flags |
80 | * -----------------------------------------------------------------
81 | * | Sequence Number |
82 | * -----------------------------------------------------------------
83 | * | Acknowledgment Number |
84 | * -----------------------------------------------------------------
85 | * | Autonomous System Number |
86 | * -----------------------------------------------------------------
87 | * | |
88 | * // TLV (Type/Length/Value) //
89 | * | |
90 | * -----------------------------------------------------------------
91 | *
92 | * Please, be advised that there is no deep information about EIGRP, no
93 | * other than EIGRP PCAP files public available. Due to that I have done
94 | * a deep analysis using live EIGRP PCAP files to build the EIGRP Packet.
95 | *
96 | * There are some really good resources, such as:
97 | *
98 | * http://www.protocolbase.net/protocols/protocol_EIGRP.php
99 | * http://packetlife.net/captures/category/cisco-proprietary/
100 | * http://oreilly.com/catalog/iprouting/chapter/ch04.html
101 | */
102 | struct eigrp_hdr
103 | {
104 | uint8_t version, /* version */
105 | opcode; /* opcode */
106 | uint16_t check; /* checksum */
107 | uint32_t flags; /* flags */
108 | uint32_t sequence; /* sequence number */
109 | uint32_t acknowledge; /* acknowledgment sequence # */
110 | uint32_t as; /* autonomous system */
111 | uint8_t __tlv[0]; /* TLV (Type/Length/Value) */
112 | };
113 |
114 | #endif /* __EIGRP_H */
115 |
--------------------------------------------------------------------------------
/doc/t50.8:
--------------------------------------------------------------------------------
1 | .TH T50 8 2018-09-5 "5.8" "T50 man page"
2 | .SH NAME
3 | T50 - network packet injector
4 | .SH SYNOPSIS
5 | .B t50
6 | [options] [\-\-]
7 | .IR host[/CIDR]
8 | .SH DESCRIPTION
9 | Experimental mixed packet injector tool.
10 |
11 | This is NOT a DoS tool, but a tool to inject packets using various protocols.
12 | .SH OPTIONS
13 | .TP
14 | .BI host[/CIDR]
15 | The host address is the target of T50. It can be informed in one of two formats: IP address or URI name. This address can be informed as a range of IPs (by omitting one or mode octects) or using a CIDR separating the IP (full or partial) or URI with "/##", for instance: "192.168/16" or "host.com.local/22". When using a partial IP address T50 will calculate CIDR automatically (8, 16 or 24 bits, if the first, second or third octect [from right to left] are omitted, respectively).
16 |
17 | Notice that, sometimes, the "host[/CIDR]" argument is misinterpreted as an option. When this happens, you can use the pseudo option '--' before the host address:
18 | .IP
19 | # t50 --flood -- 192.168.1.32/27
20 |
21 | Also, to avoid this error you can provide the host address as the first argument.
22 |
23 | Notice, also, ONLY IPv4 addresses are allowed. T50 don't provide IPv6 support yet.
24 | .TP
25 | .BR \-\-threshold " NUM"
26 | Number of packets to inject (default 1000).
27 | .TP
28 | .BR \-\-flood
29 | Keep injecting packets until user terminates the process (^C). Cannot be used with \-\-threshold.
30 | .TP
31 | .BR \-B ", " \-\-bogus-csum
32 | Use a bogus "random " checksum instead of calculating the actual packet checksum.
33 | .TP
34 | .BR \-\-turbo
35 | Inject packets faster (creates a child process).
36 | .TP
37 | .BR \-\-shuffle
38 | When used with T50 "protocol", it will shuffle the available protocols. Otherwise they will be sent in the same order as listed with \-\-list-protocols option.
39 | This option will not work with any other "protocol".
40 | .TP
41 | .BR \-s ", " \-\-saddr " ADDR"
42 | IP header source address (default RANDOM).
43 | .TP
44 | .BR \-p ", " \-\-protocol " protoname"
45 | Select an specific protocol to use (default: TCP. Use \-\-list-protocols to see all protocols available). Use T50 if you want to inject all available protocols.
46 | The "protocolname" is case insensitive.
47 | .TP
48 | .BR \-h ", " \-\-help
49 | Display all available options and their defaults.
50 | .TP
51 | .BR \-v ", " \-\-version
52 | Display t50 version.
53 | .TP
54 | .BR \-l ", " \-\-list-protocols
55 | Lists all available protocols T50 can provide.
56 | .SH EXAMPLES
57 | See all available protocols:
58 | .IP
59 | .nf
60 | # t50 -l
61 | T50 Experimental Mixed Packet Injector Tool 5.6.15
62 | Originally created by Nelson Brito
63 | Previously maintained by Fernando Mercês
64 | Maintained by Frederico Lamberti Pissarra
65 |
66 | [INFO] List of supported protocols (--protocol):
67 | 1 - ICMP (Internet Control Message Protocol)
68 | 2 - IGMPv1 (Internet Group Message Protocol v1)
69 | 3 - IGMPv3 (Internet Group Message Protocol v3)
70 | 4 - TCP (Transmission Control Protocol)
71 | 5 - EGP (Exterior Gateway Protocol)
72 | 6 - UDP (User Datagram Protocol)
73 | 7 - RIPv1 (Routing Internet Protocol v1)
74 | 8 - RIPv2 (Routing Internet Protocol v2)
75 | 9 - DCCP (Datagram Congestion Control Protocol)
76 | 10 - RSVP (Resource Reservation Protocol)
77 | 11 - IPSEC (Internet Security Protocl (AH/ESP))
78 | 12 - EIGRP (Enhanced Interior Gateway Routing Protocol)
79 | 13 - OSPF (Open Shortest Path First)
80 | .fi
81 | .PP
82 | Send 500 packets to a single target:
83 | .IP
84 | # t50 192.168.0.100 --threshold 500
85 | .PP
86 | Flooding targets from 192.168.0.1 to 192.168.0.254 (notice the partial IP) with TCP packets:
87 | .IP
88 | # t50 192.168.0 --flood
89 | .PP
90 | Flooding targets from 192.168.0.1 to 192.168.255.254 with all protocols T50 can provide in a random order using "Turbo" mode.
91 | .IP
92 | # t50 192.168 --flood -p t50 --shuffle --turbo
93 | .SH NOTES
94 | Root privilege is mandatory to run t50.
95 | .P
96 | There are lots of options. Please, use -h or --help to see them and their default values.
97 | .SH BUGS
98 | As noted before, the "host[/CIDR]" argument sometimes is misinterpreted as an option.
99 | This bug was introduced when the argument parser was changed to support flexible host "names".
100 | Someday I'll correct this (Frederico).
101 | .SH AUTHORS
102 | Nelson Brito
103 | .SH CONTRIBUTORS
104 | Fernando Mercês
105 | .br
106 | Frederico Lamberti Pissarra
107 | .SH BUGS and SOURCE CODE AVAILABILITY
108 | The latest release of the source code can be downloaded at:
109 | .UR https://\:gitlab.com/\:fredericopissarra/\:t50
110 | T50 GitLab Repository
111 | .UE \. You can also report bugs there or at t50-dev google group via t50-dev@googlegroups.com (but gitlab's is preferable!).
112 | .SH COPYRIGHT
113 | Copyright © 2014-2018 T50 developers.
114 | Licensed GPLv3+: GNU GPL version 3 or later .
115 | This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
116 |
--------------------------------------------------------------------------------
/src/modules/ipsec.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file ipsec.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 |
32 | /**
33 | * IPSec packet header configuration.
34 | *
35 | * This function configures and sends the IPSec packet header.
36 | *
37 | * @param co Pointer to T50 configuration structure.
38 | * @param size Pointer to packet size (updated by the function).
39 | */
40 | void ipsec ( const config_options_T *const restrict co, size_t *size )
41 | {
42 | /* IPSec AH Integrity Check Value (ICV). */
43 | #define IP_AH_ICV (sizeof(uint32_t) * 3)
44 |
45 | size_t length,
46 | esp_data, /* IPSec ESP Data Encrypted (RANDOM). */
47 | counter;
48 |
49 | /* Packet. */
50 | memptr_T buffer;
51 |
52 | struct iphdr *ip;
53 |
54 | /* IPSec AH header and IPSec ESP Header. */
55 | struct ip_auth_hdr *ip_auth;
56 | struct ip_esp_hdr *ip_esp;
57 |
58 | assert ( co != NULL );
59 |
60 | length = gre_opt_len ( co );
61 | esp_data = auth_hmac_md5_len ( 1 );
62 | *size = sizeof ( struct iphdr ) +
63 | sizeof ( struct ip_auth_hdr ) +
64 | sizeof ( struct ip_esp_hdr ) +
65 | length +
66 | IP_AH_ICV +
67 | esp_data;
68 |
69 | /* Try to reallocate packet, if necessary */
70 | alloc_packet ( *size );
71 |
72 | ip = ip_header ( packet, *size, co );
73 |
74 | /* GRE Encapsulation takes place. */
75 | gre_encapsulation ( packet, co,
76 | sizeof ( struct iphdr ) +
77 | sizeof ( struct ip_auth_hdr ) +
78 | sizeof ( struct ip_esp_hdr ) +
79 | IP_AH_ICV +
80 | esp_data );
81 |
82 | /*
83 | * IP Authentication Header (RFC 2402)
84 | *
85 | * 2. Authentication Header Format
86 | *
87 | * 0 1 2 3
88 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
89 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
90 | * | Next Header | Payload Len | RESERVED |
91 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
92 | * | Security Parameters Index (SPI) |
93 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
94 | * | Sequence Number Field |
95 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
96 | * | |
97 | * + Authentication Data (variable) |
98 | * | |
99 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
100 | */
101 |
102 | /* IPSec AH Header structure making a pointer to IP Header structure. */
103 | ip_auth = ( void * ) ( ip + 1 ) + length;
104 | ip_auth->nexthdr = IPPROTO_ESP;
105 | ip_auth->hdrlen = co->ipsec.ah_length ?
106 | co->ipsec.ah_length :
107 | ( sizeof ( struct ip_auth_hdr ) / 4 ) + 1; /* FIX: The previous line was:
108 | (sizeof(struct ip_auth_hdr) / 4) + (ip_ah_icv / ip_ah_icv); */
109 |
110 | ip_auth->spi = __RND ( co->ipsec.ah_spi );
111 | ip_auth->seq_no = __RND ( co->ipsec.ah_sequence );
112 |
113 | buffer.ptr = ip_auth + 1;
114 |
115 | /* Setting a fake encrypted content. */
116 | counter = 0;
117 |
118 | while ( counter++ < IP_AH_ICV )
119 | *buffer.byte_ptr++ = RANDOM();
120 |
121 | /* IPSec ESP Header structure making a pointer to Checksum. */
122 | ip_esp = buffer.ptr;
123 | ip_esp->spi = __RND ( co->ipsec.esp_spi );
124 | ip_esp->seq_no = __RND ( co->ipsec.esp_sequence );
125 |
126 | buffer.ptr = ip_esp + 1;
127 |
128 | /* Setting a fake encrypted content. */
129 | counter = 0;
130 |
131 | while ( counter++ < esp_data )
132 | *buffer.byte_ptr++ = RANDOM();
133 |
134 | /* GRE Encapsulation takes place. */
135 | gre_checksum ( packet, co, *size );
136 | }
137 |
--------------------------------------------------------------------------------
/src/help/tcp_udp_dccp_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file tcp_udp_dccp_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 |
27 | /** UDP and DCCP options help. */
28 | void tcp_udp_dccp_help ( void )
29 | {
30 | puts ( "DCCP/TCP/UDP Options:\n"
31 | " --sport NUM DCCP|TCP|UDP source port (default RANDOM)\n"
32 | " --dport NUM DCCP|TCP|UDP destination port (default RANDOM)\n" );
33 |
34 | }
35 |
36 | /** TCP options help. */
37 | void tcp_help ( void )
38 | {
39 | printf ( "TCP Options:\n"
40 | " --ack-seq NUM TCP ACK sequence # (default RANDOM)\n"
41 | " --sequence NUM TCP SYN sequence # (default RANDOM)\n"
42 | " --data-offset NUM TCP data offset (default %zu)\n"
43 | " -F,--fin TCP FIN flag (default OFF)\n"
44 | " -S,--syn TCP SYN flag (default OFF)\n"
45 | " -R,--rst TCP RST flag (default OFF)\n"
46 | " -P,--psh TCP PSH flag (default OFF)\n"
47 | " -A,--ack TCP ACK flag (default OFF)\n"
48 | " -U,--urg TCP URG flag (default OFF)\n"
49 | " -E,--ece TCP ECE flag (default OFF)\n"
50 | " -C,--cwr TCP CWR flag (default OFF)\n"
51 | " -W,--window NUM TCP Window size (default NONE)\n"
52 | " --urg-pointer NUM TCP URG pointer (default NONE)\n"
53 | " --mss NUM TCP Maximum Segment Size (default NONE)\n"
54 | " --wscale NUM TCP Window Scale (default NONE)\n"
55 | " --tstamp NUM:NUM TCP Timestamp (TSval:TSecr) (default NONE)\n"
56 | " --sack-ok TCP SACK-Permitted (default OFF)\n"
57 | " --ttcp-cc NUM T/TCP Connection Count (CC) (default NONE)\n"
58 | " --ccnew NUM T/TCP Connection Count (CC.NEW) (default NONE)\n"
59 | " --ccecho NUM T/TCP Connection Count (CC.ECHO) (default NONE)\n"
60 | " --sack NUM:NUM TCP SACK Edges (Left:Right) (default NONE)\n"
61 | " --md5-signature TCP MD5 signature included (default OFF)\n"
62 | " --authentication TCP-AO authentication included (default OFF)\n"
63 | " --auth-key-id NUM TCP-AO authentication key ID (default 1)\n"
64 | " --auth-next-key NUM TCP-AO authentication next key (default 1)\n"
65 | " --nop TCP No-Operation (default EOL)\n\n",
66 | ( sizeof ( struct tcphdr ) / 4 ) );
67 | }
68 |
69 | /** DCCP only options help. */
70 | void dccp_help ( void )
71 | {
72 | printf ( "DCCP Options:\n"
73 | " --dccp-data-offset NUM DCCP data offset (default VARY)\n"
74 | " --dccp-cscov NUM DCCP checksum coverage (default 0)\n"
75 | " --dccp-ccval NUM DCCP HC-Sender CCID (default RANDOM)\n"
76 | " --dccp-type NUM DCCP type (default %d)\n"
77 | " --dccp-extended DCCP extend for sequence # (default OFF)\n"
78 | " --dccp-sequence-1 NUM DCCP sequence # (default RANDOM)\n"
79 | " --dccp-sequence-2 NUM DCCP extended sequence # (default RANDOM)\n"
80 | " --dccp-sequence-3 NUM DCCP sequence # low (default RANDOM)\n"
81 | " --dccp-service NUM DCCP service code (default RANDOM)\n"
82 | " --dccp-acknowledge-1 NUM DCCP acknowledgment # high (default RANDOM)\n"
83 | " --dccp-acknowledge-2 NUM DCCP acknowledgment # low (default RANDOM)\n"
84 | " --dccp-reset-code NUM DCCP reset code (default RANDOM)\n\n",
85 | DCCP_PKT_REQUEST );
86 | }
87 |
--------------------------------------------------------------------------------
/src/modules/ripv1.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file ripv1.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #define RIPVERSION 1
23 |
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 | #include
32 | #include
33 | #include
34 |
35 | /**
36 | * RIPv1 packet header configuration.
37 | *
38 | * This function configures and sends the RIPv1 packet header.
39 | *
40 | * @param co Pointer to T50 configuration structure.
41 | * @param size Pointer to packet size (updated by the function).
42 | */
43 | void ripv1 ( const config_options_T *const restrict co, size_t *restrict size )
44 | {
45 | size_t length;
46 |
47 | memptr_T buffer;
48 |
49 | struct iphdr *ip;
50 | struct iphdr *gre_ip;
51 | struct udphdr *udp;
52 | struct psdhdr *pseudo;
53 |
54 | assert ( co != NULL );
55 |
56 | length = gre_opt_len ( co );
57 | *size = sizeof ( struct iphdr ) +
58 | sizeof ( struct udphdr ) +
59 | sizeof ( struct psdhdr ) +
60 | length +
61 | rip_hdr_len ( 0 );
62 |
63 | /* Try to reallocate packet, if necessary */
64 | alloc_packet ( *size );
65 |
66 | /* IP Header structure making a pointer to Packet. */
67 | ip = ip_header ( packet, *size, co );
68 |
69 | /* GRE Encapsulation takes place. */
70 | gre_ip = gre_encapsulation ( packet, co,
71 | sizeof ( struct iphdr ) +
72 | sizeof ( struct udphdr ) +
73 | rip_hdr_len ( 0 ) );
74 |
75 | /* UDP Header structure making a pointer to IP Header structure. */
76 | udp = ( void * ) ( ip + 1 ) + length;
77 | udp->source = udp->dest = htons ( IPPORT_RIP );
78 | udp->len = htons ( sizeof ( struct udphdr ) + rip_hdr_len ( 0 ) );
79 | udp->check = 0;
80 |
81 | buffer.ptr = udp + 1;
82 |
83 | /*
84 | * Routing Information Protocol (RIP) (RFC 1058)
85 | *
86 | * 3.1 Message formats
87 | *
88 | * 0 1 2 3 3
89 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
90 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
91 | * | command (1) | version (1) | must be zero (2) |
92 | * +---------------+---------------+-------------------------------+
93 | * | address family identifier (2) | must be zero (2) |
94 | * +-------------------------------+-------------------------------+
95 | * | IP address (4) |
96 | * +---------------------------------------------------------------+
97 | * | must be zero (4) |
98 | * +---------------------------------------------------------------+
99 | * | must be zero (4) |
100 | * +---------------------------------------------------------------+
101 | * | metric (4) |
102 | * +---------------------------------------------------------------+
103 | */
104 | *buffer.byte_ptr++ = co->rip.command;
105 | *buffer.byte_ptr++ = RIPVERSION;
106 | *buffer.word_ptr++ = FIELD_MUST_BE_ZERO;
107 | *buffer.word_ptr++ = __RND ( co->rip.family );
108 | *buffer.word_ptr++ = FIELD_MUST_BE_ZERO;
109 | *buffer.inaddr_ptr++ = INADDR_RND ( co->rip.address );
110 | *buffer.inaddr_ptr++ = FIELD_MUST_BE_ZERO;
111 | *buffer.inaddr_ptr++ = FIELD_MUST_BE_ZERO;
112 | *buffer.inaddr_ptr++ = __RND ( co->rip.metric );
113 |
114 | /* PSEUDO Header structure making a pointer to Checksum. */
115 | pseudo = buffer.ptr;
116 |
117 | if ( co->encapsulated )
118 | {
119 | pseudo->saddr = gre_ip->saddr;
120 | pseudo->daddr = gre_ip->daddr;
121 | }
122 | else
123 | {
124 | pseudo->saddr = ip->saddr;
125 | pseudo->daddr = ip->daddr;
126 | }
127 |
128 | pseudo->zero = 0;
129 | pseudo->protocol = co->ip.protocol;
130 | pseudo->len = htons ( ( size_t ) buffer.ptr - ( size_t ) udp );
131 |
132 | /* Computing the checksum. */
133 | udp->check = co->bogus_csum ? RANDOM() :
134 | htons ( cksum ( udp, ( size_t ) ( pseudo + 1 ) - ( size_t ) udp ) );
135 |
136 | /* GRE Encapsulation takes place. */
137 | gre_checksum ( packet, co, *size );
138 | }
139 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ```
2 | __________ ________ _____
3 | |__ ___/| ____/ / _ \ the fastest packet injector.
4 | | | |____ \ / /_\ \
5 | | | / \\ \_/ \
6 | |____| /________/\\_______/
7 | ```
8 |
9 | T50 (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". The concept started on 2001, right after release 'nb-isakmp.c', and the main goal was:
10 |
11 | * Having a tool to perform TCP/IP protocol fuzzer, covering common regular protocols, such as: ICMP, TCP and UDP.
12 |
13 | Things have changed, and the T50 became a good unique resource capable to perform "Stress Testing". And, after checking the "/usr/include/linux", some protocols were chosen to be part of its coverage:
14 |
15 | * ICMP - Internet Control Message Protocol
16 | * IGMP - Internet Group Management Protocol
17 | * TCP - Transmission Control Protocol
18 | * UDP - User Datagram Protocol
19 |
20 | Why "Stress Testing"? Well, because when people are designing a new network infra-structure (eg. Datacenter serving to Cloud Computing) they think about:
21 |
22 | * High-Availability
23 | * Load Balancing
24 | * Backup Sites (Cold Sites, Hot Sites, and Warm Sites)
25 | * Disaster Recovery
26 | * Data Redundancy
27 | * Service Level Agreements
28 | * Etc...
29 |
30 | But almost nobody thinks about "Stress Testing", or even performs any test to check how the networks infra-structure behaves under stress, under overload, and under attack. Even during a Penetration Test, people prefer not running any kind of Denial-of-Service testing. Even worse, those people are missing one of the three key concepts of security that are common to risk management:
31 |
32 | * Confidentiality
33 | * Integrity
34 | * AVAILABILITY
35 |
36 | T50 was designed to perform “Stress Testing” on a variety of infra-structure network devices (Version 2.45), using widely implemented protocols, and after some requests it was was re-designed to extend the tests (as of Version 5.3), covering some regular protocols (ICMP, TCP and UDP), some infra-structure specific protocols (GRE, IPSec and RSVP), and some routing protocols (RIP, EIGRP and OSPF).
37 |
38 | T50 is a powerful and unique packet injector tool, which is capable to:
39 |
40 | 1. Send sequentially the following fifteen (15) protocols:
41 | * ICMP - Internet Control Message Protocol
42 | * IGMPv1 - Internet Group Management Protocol v1
43 | * IGMPv3 - Internet Group Management Protocol v3
44 | * TCP - Transmission Control Protocol
45 | * EGP - Exterior Gateway Protocol
46 | * UDP - User Datagram Protocol
47 | * RIPv1 - Routing Information Protocol v1
48 | * RIPv2 - Routing Information Protocol v2
49 | * DCCP - Datagram Congestion Control Protocol
50 | * RSVP - Resource ReSerVation Protocol
51 | * GRE - Generic Routing Encapsulation
52 | * IPSec - Internet Protocol Security (AH/ESP)
53 | * EIGRP - Enhanced Interior Gateway Routing Protocol
54 | * OSPF - Open Shortest Path First
55 |
56 | 2. It is the only tool capable to encapsulate the protocols (listed above) within Generic Routing Encapsulation (GRE).
57 |
58 | 3. Send an (quite) incredible amount of packets per second, making it a "second to none" tool:
59 | * More than 1,000,000 pps of SYN Flood (+50% of the network uplink) in a 1000BASE-T Network (Gigabit Ethernet).
60 | * More than 120,000 pps of SYN Flood (+60% of the network uplink) in a 100BASE-TX Network (Fast Ethernet).
61 | * Perform "Stress Testing" on a variety of network infrastructure, network devices and security solutions in place.
62 | * Simulate "Distributed Denial-of-Service" & "Denial-of-Service" attacks, validating Firewall rules, Router ACLs, Intrusion Detection System and Intrusion Prevention System policies.
63 |
64 | The main differentiator of the T50 is that it is able to send all protocols, sequentially, using one single SOCKET, besides it is capable to be used to modify network routes, letting IT Security Professionals performing advanced "Penetration Test".
65 |
66 | ##HOW TO INSTALL
67 |
68 | ```bash
69 | $ make
70 | $ sudo make install
71 | ```
72 |
73 | ##COMPILE OPTIONS
74 |
75 | Define environment variable DEBUG before compiling if you don't want full optimizations to take place and symbols linked on executable.
76 |
77 | Define USE_ANSI if you want some colorized texts, using ANSI CSI escape codes.
78 |
79 | Example:
80 |
81 | ```bash
82 | $ USE_ANSI=1 make
83 | ```
84 |
85 | ##CHECKING TARBALL AUTHENTICITY
86 |
87 | I will attach a signature file for T50 tarballs on SourceForge.
88 |
89 | To get my public key with GPG:
90 |
91 | ```bash
92 | $ gpg --recv-keys fredericopissarra@gmail.com
93 | ```
94 |
95 | Here, my actual public key fingerprint:
96 |
97 | ```
98 | pub 4096R/C09C2054 2016-10-06 [expires: 2019-10-06]
99 | Key fingerprint = 11A5 2C9C E02A 24AA EBFC 046B 20AA 0246 C09C 2054
100 | uid Frederico Lamberti Pissarra
101 | sub 4096R/F9AA8B75 2016-10-06 [expires: 2019-10-06]
102 | ```
103 |
104 | After downloading the tar.gz file (f.i, t50-5.8.tar.gz), get the .asc file as well. To verify if the tarball is authentic, just type the following command:
105 |
106 | ```bash
107 | $ gpg --verify t50-5.8.tar.gz.asc t50-5.8.tar.gz
108 | gpg: Signature made Qua 25 Abr 2018 16:46:52 -03 using RSA key ID C09C2054
109 | gpg: Good signature from "Frederico Lamberti Pissarra "
110 | ```
111 |
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | #
2 | # __________ ________ _____
3 | # |__ ___/| ____/ / _ \ the fastest packet injector.
4 | # | | |____ \ / /_\ \
5 | # | | / \\ \_/ \
6 | # |____| /________/\\_______/
7 | #
8 | # NOTE: I've got rid of autoconf 'cause there is a dependency there.
9 | # This way you don't need anything other than this makefile to
10 | # compile the project.
11 |
12 | VERSION=5.8.7a
13 |
14 | #CC=gcc
15 | #
16 | # OBS: T50 will compile only on GCC 5 or above. If you are feeling lucky,
17 | # try GCC 4.9 or CLANG... But I don't recomended.
18 | #
19 |
20 | LD=$(CC)
21 |
22 | INCLUDEDIR=src/include
23 | CFLAGS=-std=gnu11 -I $(INCLUDEDIR)
24 | LDFLAGS=
25 | LDLIBS=
26 |
27 | # Just define DEBUG environment var to compile for debugging:
28 | #
29 | # $ DEBUG=1 make
30 | #
31 |
32 | ifdef DEBUG
33 | CFLAGS += -O0 -g
34 | else
35 | # Optimization level 2 (better results) and no canaries.
36 | CFLAGS += -O2 -DNDEBUG -ffast-math
37 |
38 | # strip symbols and turn more linker optimizations on (if available).
39 | LDFLAGS += -s -O2
40 |
41 | ARCHITECTURE = $(shell arch)
42 |
43 | IS_GCC = $(shell $(CC) -v 2>&1 | sed -nE 's/^(.+) version.+$$/\1/p')
44 | CC_VERSION = $(shell $(CC) -v 2>&1 | sed -nE 's/^.+version (.).+$$/\1/p')
45 |
46 | # Options for x86-64
47 | ifeq ($(ARCHITECTURE),x86_64)
48 | CFLAGS += -march=native -mtune=native -ftree-vectorize -flto -fno-stack-protector
49 |
50 | # Avoid CTE on Intel Platforms.
51 | # Currently works on GCC 9+ (don't know if works on clang).
52 | ifeq ($(IS_GCC),gcc)
53 | ifeq ($(shell expr $(CC_VERSION) \>= 9),1)
54 | CFLAGS += -fcf-protection=none
55 | endif
56 | endif
57 |
58 | LDFLAGS += -flto
59 | endif
60 | # Options for i386
61 | ifeq ($(ARCHITECTURE),i686)
62 | CFLAGS += -march=native -mtune=native -flto -fno-stack-protector
63 |
64 | # Avoid CTE on Intel Platforms.
65 | # Currently works on GCC 9+ (don't know if works on clang).
66 | ifeq ($(IS_GCC),gcc)
67 | ifeq ($(shell expr $(CC_VERSION) \>= 9),1)
68 | CFLAGS += -fcf-protection=none
69 | endif
70 | endif
71 |
72 | LDFLAGS += -flto
73 | endif
74 |
75 | # TODO: tunning for arm-cortex-a7? (Raspberry PI?)
76 | # TODO: aarch64?!
77 | # Options for ARMv7-a
78 | ifneq ($(findstring armv7,$(ARCHITECTURE)),)
79 | CFLAGS += -march=armv7-a -fno-stack-protector -flto
80 | LDFLAGS += -flto
81 | endif
82 |
83 | # Options for ARMv8-a
84 | ifneq ($(findstring armv8,$(ARCHITECTURE)),)
85 | CFLAGS += -march=armv8-a -fno-stack-protector -flto
86 | LDFLAGS += -flto
87 | endif
88 | endif
89 |
90 | # Added to use ANSI CSI codes (beautifier).
91 | ifdef USE_ANSI
92 | CFLAGS += -DUSE_ANSI
93 | endif
94 |
95 | EXECUTABLE=bin/t50
96 |
97 | OBJECTS=\
98 | src/cidr.o \
99 | src/cksum.o \
100 | src/config.o \
101 | src/errors.o \
102 | src/main.o \
103 | src/memalloc.o \
104 | src/modules.o \
105 | src/netio.o \
106 | src/randomizer.o \
107 | src/shuffle.o \
108 | src/usage.o \
109 | src/help/egp_help.o \
110 | src/help/eigrp_help.o \
111 | src/help/general_help.o \
112 | src/help/gre_help.o \
113 | src/help/icmp_help.o \
114 | src/help/igmp_help.o \
115 | src/help/ip_help.o \
116 | src/help/ipsec_help.o \
117 | src/help/ospf_help.o \
118 | src/help/rip_help.o \
119 | src/help/rsvp_help.o \
120 | src/help/tcp_udp_dccp_help.o \
121 | src/modules/dccp.o \
122 | src/modules/egp.o \
123 | src/modules/eigrp.o \
124 | src/modules/gre.o \
125 | src/modules/icmp.o \
126 | src/modules/igmpv1.o \
127 | src/modules/igmpv3.o \
128 | src/modules/ip.o \
129 | src/modules/ipsec.o \
130 | src/modules/ospf.o \
131 | src/modules/ripv1.o \
132 | src/modules/ripv2.o \
133 | src/modules/rsvp.o \
134 | src/modules/tcp.o \
135 | src/modules/udp.o
136 |
137 | .PHONY: all clean distclean dist install uninstall
138 |
139 | all: $(EXECUTABLE)
140 |
141 | # Now we'll compile to ./bin/ directory!
142 | # Explicit rule needed 'cause we have multiple objects.
143 | $(EXECUTABLE): $(OBJECTS)
144 | $(LD) $(LDFLAGS) -o $@ $^ $(LDLIBS)
145 |
146 | # Implicit rules (all .c files will be compiled!)
147 | src/%.o: src/%.c
148 | src/help/%.o: src/help/%.c
149 | src/modules/%.o: src/modules/%.c
150 |
151 | # 'clean' only deletes the object files.
152 | clean:
153 | @echo 'Deleting .o files...'
154 | -find src/ -type f -name '*.o' -delete
155 |
156 | # distclean delete the object files AND the executable.
157 | distclean: clean
158 | -rm $(EXECUTABLE) dist/*.gz dist/*.asc
159 |
160 | # Shortcut to check if user has root privileges.
161 | define checkifroot
162 | if [ `id -u` -ne 0 ]; then \
163 | echo 'Need root privileges!'; \
164 | exit 1; \
165 | fi
166 | endef
167 |
168 | # install and uninstall rules are very simple!
169 | install:
170 | @$(call checkifroot)
171 | @if [ ! -e "$(EXECUTABLE)" ]; then \
172 | echo "Try 'make' first."; \
173 | exit 1; \
174 | fi;
175 | cp bin/t50 /sbin/; cp doc/t50.8 /usr/share/man/man8/; \
176 | chown root: /sbin/t50 /usr/share/man/man8; \
177 | chmod 4750 /sbin/t50; \
178 | gzip -9 /usr/share/man/man8/t50.8; \
179 | chmod 0644 /usr/share/man/man8/t50.8.gz
180 |
181 | uninstall:
182 | @$(call checkifroot)
183 | rm /sbin/t50 /usr/share/man/man8/t50.8.gz
184 |
185 | # Needed to build the project source tarball (no signature generation here).
186 | dist: distclean
187 | tar -czvf dist/t50-$(VERSION).tar.gz --exclude=*.tar.gz --exclude=*.asc *
188 |
--------------------------------------------------------------------------------
/src/modules/igmpv3.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file igmpv3.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 | #include
32 |
33 | /**
34 | * IGMPv3 packet header configuration.
35 | *
36 | * This function configures and sends the IGMPv3 packet header.
37 | *
38 | * @para co Pointer to T50 configuration structure.
39 | * @para size Pointer to packet size (updated by the function).
40 | */
41 | void igmpv3 ( const config_options_T *const restrict co, size_t *restrict size )
42 | {
43 | size_t length;
44 |
45 | /* Packet and Checksum. */
46 | memptr_T buffer;
47 |
48 | struct iphdr *ip;
49 |
50 | /* IGMPv3 Query header, IGMPv3 Report header and IGMPv3 GREC header. */
51 | struct igmpv3_query *igmpv3_query;
52 | struct igmpv3_report *igmpv3_report;
53 | struct igmpv3_grec *igmpv3_grec;
54 |
55 | assert ( co != NULL );
56 |
57 | length = gre_opt_len ( co );
58 | *size = sizeof ( struct iphdr ) +
59 | length +
60 | igmpv3_hdr_len ( co->igmp.type, co->igmp.sources );
61 |
62 | /* Try to reallocate packet, if necessary */
63 | alloc_packet ( *size );
64 |
65 | /* IP Header structure making a pointer to Packet. */
66 | ip = ip_header ( packet, *size, co );
67 |
68 | /* GRE Encapsulation takes place. */
69 | gre_encapsulation ( packet, co,
70 | sizeof ( struct iphdr ) +
71 | igmpv3_hdr_len ( co->igmp.type, co->igmp.sources ) );
72 |
73 | /* Identifying the IGMP Type and building it. */
74 | if ( co->igmp.type == IGMPV3_HOST_MEMBERSHIP_REPORT )
75 | {
76 | uint32_t counter;
77 |
78 | /* IGMPv3 Report Header structure making a pointer to Packet. */
79 | igmpv3_report = ( void * ) ( ip + 1 ) + length;
80 | igmpv3_report->type = co->igmp.type;
81 | igmpv3_report->resv1 = FIELD_MUST_BE_ZERO;
82 | igmpv3_report->resv2 = FIELD_MUST_BE_ZERO;
83 | igmpv3_report->ngrec = htons ( 1 );
84 | igmpv3_report->csum = FIELD_MUST_BE_ZERO;
85 |
86 | /* IGMPv3 Group Record Header structure making a pointer to Checksum. */
87 | igmpv3_grec = ( struct igmpv3_grec * ) ( igmpv3_report + 1 );
88 | igmpv3_grec->grec_type = __RND ( co->igmp.grec_type );
89 | igmpv3_grec->grec_auxwords = FIELD_MUST_BE_ZERO;
90 | igmpv3_grec->grec_nsrcs = htons ( co->igmp.sources ); // Necessary even if co->igmp.sources is a 8 bit value.
91 | igmpv3_grec->grec_mca = INADDR_RND ( co->igmp.grec_mca );
92 |
93 | /* Dealing with source address(es). */
94 | buffer.ptr = igmpv3_grec + 1;
95 |
96 | /* NOTE: Assume co->igmp.sources > 0. */
97 | counter = 0;
98 |
99 | while ( counter < co->igmp.sources )
100 | *buffer.inaddr_ptr++ = INADDR_RND ( co->igmp.address[counter++] );
101 |
102 | /* Computing the checksum. */
103 | length = ( size_t ) buffer.ptr - ( size_t ) igmpv3_report;
104 | igmpv3_report->csum = co->bogus_csum ?
105 | RANDOM() :
106 | htons ( cksum ( igmpv3_report, length ) );
107 | }
108 | else
109 | {
110 | uint32_t counter;
111 |
112 | /* IGMPv3 Query Header structure making a pointer to Packet. */
113 | igmpv3_query = ( void * ) ( ip + 1 ) + length;
114 | igmpv3_query->type = co->igmp.type;
115 | igmpv3_query->code = co->igmp.code;
116 | igmpv3_query->group = INADDR_RND ( co->igmp.group );
117 | igmpv3_query->suppress = ( co->igmp.suppress != 0 );
118 | igmpv3_query->qrv = __RND ( co->igmp.qrv );
119 | igmpv3_query->qqic = __RND ( co->igmp.qqic );
120 | igmpv3_query->nsrcs = htons ( co->igmp.sources );
121 | igmpv3_query->csum = 0;
122 |
123 | /* Dealing with source address(es). */
124 | buffer.ptr = igmpv3_query + 1;
125 |
126 | /* NOTE: Assume co->igmp.sources > 0. */
127 | counter = 0;
128 |
129 | while ( counter < co->igmp.sources )
130 | *buffer.inaddr_ptr++ = INADDR_RND ( co->igmp.address[counter++] );
131 |
132 | /* Computing the checksum. */
133 | length = ( size_t ) buffer.ptr - ( size_t ) igmpv3_query;
134 | igmpv3_query->csum = co->bogus_csum ?
135 | RANDOM() :
136 | htons ( cksum ( igmpv3_query, length ) );
137 | }
138 |
139 | /* GRE Encapsulation takes place. */
140 | gre_checksum ( packet, co, *size );
141 | }
142 |
--------------------------------------------------------------------------------
/src/include/t50_modules.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __MODULES_INCLUDED__
22 | #define __MODULES_INCLUDED__
23 |
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 |
30 | /* Purpose-built protocol libraries to be used by T50 modules */
31 | #include
32 | #include
33 | #include
34 | #include
35 | #include
36 | #include
37 | #include
38 | #include
39 | #include
40 | /* NOTE: Insert your new protocol header here and change the modules table @ modules.c. */
41 |
42 | /**
43 | * User Datagram Protocol (RFC 768) Pseudo Header structure.
44 | *
45 | * Checksum is the 16-bit one's complement of the one's complement sum of a
46 | * pseudo header of information from the IP header, the UDP header, and the
47 | * data, padded with zero octets at the end (if necessary) to make a
48 | * multiple of two octets.
49 | *
50 | * The pseudo header conceptually prefixed to the UDP header contains the
51 | * source address, the destination address, the protocol, and the UDP
52 | * length. This information gives protection against misrouted datagrams.
53 | * This checksum procedure is the same as is used in TCP.
54 | *
55 | * 0 7 8 15 16 23 24 31
56 | * +--------+--------+--------+--------+
57 | * | source address |
58 | * +--------+--------+--------+--------+
59 | * | destination address |
60 | * +--------+--------+--------+--------+
61 | * | zero |protocol| UDP length |
62 | * +--------+--------+--------+--------+
63 | *
64 | * If the computed checksum is zero, it is transmitted as all ones (the
65 | * equivalent in one's complement arithmetic). An all zero transmitted
66 | * checksum value means that the transmitter generated no checksum (for
67 | * debugging or for higher level protocols that don't care).
68 | */
69 | struct psdhdr
70 | {
71 | in_addr_t saddr; /* source address */
72 | in_addr_t daddr; /* destination address */
73 | uint8_t zero; /* must be zero */
74 | uint8_t protocol; /* protocol */
75 | uint16_t len; /* header length */
76 | };
77 |
78 | typedef void ( *module_func_ptr_t ) ( const config_options_T * const restrict, size_t * restrict );
79 |
80 | /**
81 | * Modules entry structure.
82 | *
83 | * Used for modules definitions. And table iterators.
84 | */
85 | typedef struct
86 | {
87 | int protocol_id;
88 | char *name;
89 | char *description;
90 | module_func_ptr_t func;
91 | int *valid_options;
92 | } modules_table_T;
93 |
94 | /* Macros used to define the modules table. */
95 | #define BEGIN_MODULES_TABLE modules_table_T mod_table[] = {
96 | #define END_MODULES_TABLE { 0, NULL, NULL, NULL, NULL } };
97 | #define MODULE_ENTRY(id,name,descr,func) { (id), name, descr, func, func ## _validopts },
98 |
99 | #define VALID_OPTIONS_TABLE(func, ...) static int func ## _validopts[] = { __VA_ARGS__, 0 };
100 |
101 | /**
102 | * The modules table is global through all the code.
103 | */
104 | extern modules_table_T mod_table[]; // Must be extern here!
105 | extern const uint32_t number_of_modules;
106 | extern uint32_t indices[];
107 |
108 | int *get_module_valid_options_list ( int );
109 | void build_proto_indices ( void );
110 | uint32_t get_proto_index ( config_options_T * );
111 |
112 | /* Modules functions prototypes. */
113 | void icmp ( const config_options_T * const restrict, size_t * restrict );
114 | void igmpv1 ( const config_options_T * const restrict, size_t * restrict );
115 | void igmpv3 ( const config_options_T * const restrict, size_t * restrict );
116 | void tcp ( const config_options_T * const restrict, size_t * restrict );
117 | void egp ( const config_options_T * const restrict, size_t * restrict );
118 | void udp ( const config_options_T * const restrict, size_t * restrict );
119 | void ripv1 ( const config_options_T * const restrict, size_t * restrict );
120 | void ripv2 ( const config_options_T * const restrict, size_t * restrict );
121 | void dccp ( const config_options_T * const restrict, size_t * restrict );
122 | void rsvp ( const config_options_T * const restrict, size_t * restrict );
123 | void ipsec ( const config_options_T * const restrict, size_t * restrict );
124 | void eigrp ( const config_options_T * const restrict, size_t * restrict );
125 | void ospf ( const config_options_T * const restrict, size_t * restrict );
126 | /* --- add yours here */
127 |
128 | #endif
129 |
--------------------------------------------------------------------------------
/src/help/ospf_help.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file ospf_help.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2015 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 |
25 | /** OSPF options help. */
26 | void ospf_help ( void )
27 | {
28 | printf ( "OSPF Options:\n"
29 | " --ospf-type NUM OSPF type (default %d)\n"
30 | " --ospf-length NUM OSPF length (default NONE)\n"
31 | " --ospf-router-id ADDR OSPF router ID (default RANDOM)\n"
32 | " --ospf-area-id ADDR OSPF area ID (default 0.0.0.0)\n"
33 | " -1,--ospf-option-MT OSPF multi-topology / TOS-based (default RANDOM)\n"
34 | " -2,--ospf-option-E OSPF external routing capability (default RANDOM)\n"
35 | " -3,--ospf-option-MC OSPF multicast capable (default RANDOM)\n"
36 | " -4,--ospf-option-NP OSPF NSSA supported (default RANDOM)\n"
37 | " -5,--ospf-option-L OSPF LLS data block contained (default RANDOM)\n"
38 | " -6,--ospf-option-DC OSPF demand circuits supported (default RANDOM)\n"
39 | " -7,--ospf-option-O OSPF Opaque-LSA (default RANDOM)\n"
40 | " -8,--ospf-option-DN OSPF DOWN bit (default RANDOM)\n"
41 | " --ospf-netmask ADDR OSPF router subnet mask (default RANDOM)\n"
42 | " --ospf-hello-interval NUM OSPF HELLO interval (default RANDOM)\n"
43 | " --ospf-hello-priority NUM OSPF HELLO router priority (default 1)\n"
44 | " --ospf-hello-dead NUM OSPF HELLO router dead interval (default 360)\n"
45 | " --ospf-hello-design ADDR OSPF HELLO designated router (default RANDOM)\n"
46 | " --ospf-hello-backup ADDR OSPF HELLO backup designated (default RANDOM)\n"
47 | " --ospf-neighbor NUM OSPF HELLO # of neighbor(s) (default NONE)\n"
48 | " --ospf-address ADDR,... OSPF HELLO neighbor address(es) (default RANDOM)\n"
49 | " --ospf-dd-mtu NUM OSPF DD MTU (default 1500)\n"
50 | " --ospf-dd-dbdesc-MS OSPF DD master/slave bit option (default RANDOM)\n"
51 | " --ospf-dd-dbdesc-M OSPF DD more bit option (default RANDOM)\n"
52 | " --ospf-dd-dbdesc-I OSPF DD init bit option (default RANDOM)\n"
53 | " --ospf-dd-dbdesc-R OSPF DD out-of-band resync (default RANDOM)\n"
54 | " --ospf-dd-sequence NUM OSPF DD sequence # (default RANDOM)\n"
55 | " --ospf-dd-include-lsa OSPF DD include LSA header (default OFF)\n"
56 | " --ospf-lsa-age NUM OSPF LSA age (default 360)\n"
57 | " --ospf-lsa-do-not-age OSPF LSA do not age (default OFF)\n"
58 | " --ospf-lsa-type NUM OSPF LSA type (default %d)\n"
59 | " --ospf-lsa-id ADDR OSPF LSA ID address (default RANDOM)\n"
60 | " --ospf-lsa-router ADDR OSPF LSA advertising router (default RANDOM)\n"
61 | " --ospf-lsa-sequence NUM OSPF LSA sequence # (default RANDOM)\n"
62 | " --ospf-lsa-metric NUM OSPF LSA metric (default RANDOM)\n"
63 | " --ospf-lsa-flag-B OSPF Router-LSA border router (default RANDOM)\n"
64 | " --ospf-lsa-flag-E OSPF Router-LSA external router (default RANDOM)\n"
65 | " --ospf-lsa-flag-V OSPF Router-LSA virtual router (default RANDOM)\n"
66 | " --ospf-lsa-flag-W OSPF Router-LSA wild router (default RANDOM)\n"
67 | " --ospf-lsa-flag-NT OSPF Router-LSA NSSA translation (default RANDOM)\n"
68 | " --ospf-lsa-link-id ADDR OSPF Router-LSA link ID (default RANDOM)\n"
69 | " --ospf-lsa-link-data ADDR OSPF Router-LSA link data (default RANDOM)\n"
70 | " --ospf-lsa-link-type NUM OSPF Router-LSA link type (default %d)\n"
71 | " --ospf-lsa-attached ADDR OSPF Network-LSA attached router (default RANDOM)\n"
72 | " --ospf-lsa-larger OSPF ASBR/NSSA-LSA ext. larger (default OFF)\n"
73 | " --ospf-lsa-forward ADDR OSPF ASBR/NSSA-LSA forward (default RANDOM)\n"
74 | " --ospf-lsa-external ADDR OSPF ASBR/NSSA-LSA external (default RANDOM)\n"
75 | " --ospf-vertex-router OSPF Group-LSA type router (default RANDOM)\n"
76 | " --ospf-vertex-network OSPF Group-LSA type network (default RANDOM)\n"
77 | " --ospf-vertex-id ADDR OSPF Group-LSA vertex ID (default RANDOM)\n"
78 | " --ospf-lls-extended-LR OSPF LLS Extended option LR (default OFF)\n"
79 | " --ospf-lls-extended-RS OSPF LLS Extended option RS (default OFF)\n"
80 | " --ospf-authentication OSPF authentication included (default OFF)\n"
81 | " --ospf-auth-key-id NUM OSPF authentication key ID (default 1)\n"
82 | " --ospf-auth-sequence NUM OSPF authentication sequence # (default RANDOM)\n\n",
83 | OSPF_TYPE_HELLO,
84 | LSA_TYPE_ROUTER,
85 | LINK_TYPE_PTP );
86 | }
87 |
88 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_egp.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __EGP_H__
22 | #define __EGP_H__
23 |
24 | #define EGPVERSION 2
25 |
26 | #include
27 |
28 | /* EGP Message Types */
29 | #define EGP_NEIGHBOR_UPDATE_RESP 1
30 | #define EGP_NEIGHBOR_POLL_COMMAND 2
31 | #define EGP_NEIGHBOR_ACQUISITION 3
32 | #define EGP_NEIGHBOR_REACHABILITY 5
33 | #define EGP_NEIGHBOR_ERROR_RESP 8
34 |
35 | /* EGP Message Neighbor Acquisition Codes */
36 | #define EGP_ACQ_CODE_REQUEST_CMD 0
37 | #define EGP_ACQ_CODE_CONFIRM_RESP 1
38 | #define EGP_ACQ_CODE_REFUSE_RESP 2
39 | #define EGP_ACQ_CODE_CEASE_CMD 3
40 | #define EGP_ACQ_CODE_CEASE_ACKCMD 4
41 |
42 | /* EGP Message Neighbor Acquisition Type */
43 | #define EGP_ACQ_STAT_UNSPECIFIED 0
44 | #define EGP_ACQ_STAT_ACTIVE_MODE 1
45 | #define EGP_ACQ_STAT_PASSIVE_MODE 2
46 | #define EGP_ACQ_STAT_INSUFFICIENT 3
47 | #define EGP_ACQ_STAT_ADM_PROHIBIT 4
48 | #define EGP_ACQ_STAT_GOING_DOWN 5
49 | #define EGP_ACQ_STAT_PARAMETER 6
50 | #define EGP_ACQ_STAT_VIOLATION 7
51 |
52 | /**
53 | * Exterior Gateway Protocol (EGP) Formal Specification (RFC 904)
54 | *
55 | * Appendix A. EGP Message Formats
56 | *
57 | * The formats for the various EGP messages are described in this
58 | * section. All EGP messages include a ten-octet header of six fields,
59 | * which may be followed by additional fields depending on message type.
60 | * The format of the header is shown below along with a description of its
61 | * fields.
62 | *
63 | * 0 1 2 3
64 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
65 | * -----------------------------------------------------------------
66 | * | EGP Version # | Type | Code | Status |
67 | * -----------------------------------------------------------------
68 | * | Checksum | Autonomous System # |
69 | * -----------------------------------------------------------------
70 | * | Sequence # |
71 | * ---------------------------------
72 | *
73 | * EGP Version # assigned number identifying the EGP version
74 | * (currently 2)
75 | *
76 | * Type identifies the message type
77 | *
78 | * Code identifies the message code (subtype)
79 | *
80 | * Status contains message-dependent status information
81 | *
82 | * Checksum The EGP checksum is the 16-bit one's complement
83 | * of the one's complement sum of the EGP message
84 | * starting with the EGP version number field. When
85 | * computing the checksum the checksum field itself
86 | * should be zero.
87 | *
88 | * Autonomous System # assigned number identifying the particular
89 | * autonomous system
90 | *
91 | * Sequence # send state variable (commands) or receive state
92 | * variable (responses and indications)
93 | */
94 | struct egp_hdr
95 | {
96 | uint8_t version; /* version */
97 | uint8_t type; /* type */
98 | uint8_t code; /* code */
99 | uint8_t status; /* status */
100 | uint16_t check; /* checksum */
101 | uint16_t as; /* autonomous system */
102 | uint16_t sequence; /* sequence number */
103 | uint8_t __data[0]; /* data */
104 | };
105 |
106 | /**
107 | * Exterior Gateway Protocol (EGP) Formal Specification (RFC 904)
108 | *
109 | * A.1. Neighbor Acquisition Messages
110 | *
111 | * 0 1 2 3
112 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
113 | * -----------------------------------------------------------------
114 | * | EGP Version # | Type | Code | Status |
115 | * -----------------------------------------------------------------
116 | * | Checksum | Autonomous System # |
117 | * -----------------------------------------------------------------
118 | * | Sequence # | Hello Interval |
119 | * -----------------------------------------------------------------
120 | * | Poll Interval |
121 | * ---------------------------------
122 | *
123 | * Note: the Hello Interval and Poll Interval fields are present only in
124 | * Request and Confirm messages.
125 | *
126 | * Type 3
127 | *
128 | * Code 0 Request command
129 | * 1 Confirm response
130 | * 2 Refuse response
131 | * 3 Cease command
132 | * 4 Cease-ack response
133 | *
134 | * Status (see below) 0 unspecified
135 | * 1 active mode
136 | * 2 passive mode
137 | * 3 insufficient resources
138 | * 4 administratively prohibited
139 | * 5 going down
140 | * 6 parameter problem
141 | * 7 protocol violation
142 | *
143 | * Hello Interval minimum Hello command polling interval (seconds)
144 | *
145 | * Poll Interval minimum Poll command polling interval (seconds)
146 | */
147 | struct egp_acq_hdr
148 | {
149 | uint16_t hello; /* hello interval */
150 | uint16_t poll; /* poll interval */
151 | };
152 |
153 | #endif /* __EGP_H */
154 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_rsvp.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __RSVP_H__
22 | #define __RSVP_H__
23 |
24 | #include
25 |
26 | #define RSVPVERSION 1
27 |
28 | /* RSVP Message Type */
29 | #define RSVP_MESSAGE_TYPE_PATH 1
30 | #define RSVP_MESSAGE_TYPE_RESV 2
31 | #define RSVP_MESSAGE_TYPE_PATHERR 3
32 | #define RSVP_MESSAGE_TYPE_RESVERR 4
33 | #define RSVP_MESSAGE_TYPE_PATHTEAR 5
34 | #define RSVP_MESSAGE_TYPE_RESVTEAR 6
35 | #define RSVP_MESSAGE_TYPE_RESVCONF 7
36 | #define RSVP_MESSAGE_TYPE_BUNDLE 12
37 | #define RSVP_MESSAGE_TYPE_ACK 13
38 | #define RSVP_MESSAGE_TYPE_SREFRESH 15
39 | #define RSVP_MESSAGE_TYPE_HELLO 20
40 | #define RSVP_MESSAGE_TYPE_NOTIFY 21
41 |
42 | /**
43 | * Resource ReSerVation Protocol (RSVP) (RFC 2205)
44 | *
45 | * 3.1.2 Object Formats
46 | *
47 | * Every object consists of one or more 32-bit words with a one-
48 | * word header, with the following format:
49 | *
50 | * 0 1 2 3
51 | * +-------------+-------------+-------------+-------------+
52 | * | Length (bytes) | Class-Num | C-Type |
53 | * +-------------+-------------+-------------+-------------+
54 | * | |
55 | * // (Object contents) //
56 | * | |
57 | * +-------------+-------------+-------------+-------------+
58 | */
59 | #define RSVP_OBJECT_HEADER_LENGTH sizeof(uint32_t)
60 |
61 | /* RSVP Object Class */
62 | #define RSVP_OBJECT_SESSION 1
63 | #define RSVP_OBJECT_RESV_HOP 3
64 | #define RSVP_OBJECT_INTEGRITY 4
65 | #define RSVP_OBJECT_TIME_VALUES 5
66 | #define RSVP_OBJECT_ERROR_SPEC 6
67 | #define RSVP_OBJECT_SCOPE 7
68 | #define RSVP_OBJECT_STYLE 8
69 | #define RSVP_OBJECT_FLOWSPEC 9
70 | #define RSVP_OBJECT_FILTER_SPEC 10
71 | #define RSVP_OBJECT_SENDER_TEMPLATE 11
72 | #define RSVP_OBJECT_SENDER_TSPEC 12
73 | #define RSVP_OBJECT_ADSPEC 13
74 | #define RSVP_OBJECT_POLICY_DATA 14
75 | #define RSVP_OBJECT_RESV_CONFIRM 15
76 | #define RSVP_OBJECT_MESSAGE_ID 23
77 | #define RSVP_OBJECT_MESSAGE_ID_ACK 24
78 | #define RSVP_OBJECT_MESSAGE_ID_NACK 25
79 |
80 | #define RSVP_LENGTH_SESSION (RSVP_OBJECT_HEADER_LENGTH + 8)
81 | #define RSVP_LENGTH_RESV_HOP (RSVP_OBJECT_HEADER_LENGTH + 8)
82 | #define RSVP_LENGTH_INTEGRITY (RSVP_OBJECT_HEADER_LENGTH + 20)
83 | #define RSVP_LENGTH_TIME_VALUES (RSVP_OBJECT_HEADER_LENGTH + 4)
84 | #define RSVP_LENGTH_ERROR_SPEC (RSVP_OBJECT_HEADER_LENGTH + 8)
85 | #define RSVP_LENGTH_SCOPE(foo) (RSVP_OBJECT_HEADER_LENGTH + ((foo) * sizeof(in_addr_t)))
86 | #define RSVP_LENGTH_STYLE (RSVP_OBJECT_HEADER_LENGTH + 4)
87 | #define RSVP_LENGTH_FLOWSPEC (RSVP_OBJECT_HEADER_LENGTH + 32)
88 | #define RSVP_LENGTH_FILTER_SPEC (RSVP_OBJECT_HEADER_LENGTH + 8)
89 | #define RSVP_LENGTH_SENDER_TEMPLATE (RSVP_OBJECT_HEADER_LENGTH + 8)
90 | #define RSVP_LENGTH_SENDER_TSPEC (RSVP_OBJECT_HEADER_LENGTH + 8)
91 | #define RSVP_LENGTH_ADSPEC (RSVP_OBJECT_HEADER_LENGTH + ADSPEC_MESSAGE_HEADER)
92 | #define RSVP_LENGTH_RESV_CONFIRM (RSVP_OBJECT_HEADER_LENGTH + 4)
93 |
94 | /* RSVP TSPEC Class Service */
95 | #define TSPEC_MESSAGE_HEADER 4
96 |
97 | #define TSPEC_TRAFFIC_SERVICE 1
98 | #define TSPEC_GUARANTEED_SERVICE 2
99 | #define TSPECT_TOKEN_BUCKET_SERVICE 127
100 | #define TSPEC_TOKEN_BUCKET_LENGTH 24
101 | #define TSPEC_SERVICES(foo) \
102 | ((((foo) == TSPEC_TRAFFIC_SERVICE) || \
103 | ((foo) == TSPEC_GUARANTEED_SERVICE)) ? \
104 | TSPEC_TOKEN_BUCKET_LENGTH : 0)
105 |
106 | /* RSVP ADSPEC Class Service */
107 | #define ADSPEC_PARAMETER_SERVICE 1
108 | #define ADSPEC_GUARANTEED_SERVICE 2
109 | #define ADSPEC_CONTROLLED_SERVICE 5
110 |
111 | #define ADSPEC_MESSAGE_HEADER 4
112 | #define ADSPEC_SERVDATA_HEADER 4
113 | #define ADSPEC_PARAMETER_DATA 4
114 | #define ADSPEC_PARAMETER_LENGTH (ADSPEC_MESSAGE_HEADER + ((ADSPEC_SERVDATA_HEADER + ADSPEC_PARAMETER_DATA) * 4))
115 | #define ADSPEC_PARAMETER_ISHOPCNT 4
116 | #define ADSPEC_PARAMETER_BANDWIDTH 6
117 | #define ADSPEC_PARAMETER_LATENCY 8
118 | #define ADSPEC_PARAMETER_COMPMTU 10
119 | #define ADSPEC_GUARANTEED_LENGTH (ADSPEC_MESSAGE_HEADER + ((ADSPEC_SERVDATA_HEADER + ADSPEC_PARAMETER_DATA) * 4))
120 | #define ADSPEC_CONTROLLED_LENGTH ADSPEC_MESSAGE_HEADER
121 | #define ADSPEC_SERVICES(foo) \
122 | (ADSPEC_PARAMETER_LENGTH + \
123 | ((((foo) == ADSPEC_CONTROLLED_SERVICE) || \
124 | ((foo) == ADSPEC_GUARANTEED_SERVICE)) ? \
125 | ADSPEC_GUARANTEED_LENGTH : 0) + \
126 | (((foo) == ADSPEC_CONTROLLED_SERVICE) ? \
127 | ADSPEC_CONTROLLED_LENGTH : 0))
128 |
129 | /**
130 | * Resource ReSerVation Protocol (RSVP) (RFC 2205)
131 | *
132 | * 3.1.1 Common Header
133 | *
134 | * 0 1 2 3
135 | * +------+------+-------------+----------------------------
136 | * | Vers | Flags| Msg Type | RSVP Checksum |
137 | * +------+------+-------------+---------------------------+
138 | * | Send_TTL | (Reserved) | RSVP Length |
139 | * --------------+-------------+----------------------------
140 | */
141 | struct rsvp_common_hdr
142 | {
143 | #if defined(__LITTLE_ENDIAN_BITFIELD)
144 | uint16_t flags: 4, /* flags */
145 | version: 4, /* version */
146 | type: 8; /* message type */
147 | #elif defined(__BIG_ENDIAN_BITFIELD)
148 | uint16_t version: 4, /* version */
149 | flags: 4, /* flags */
150 | type: 8; /* message type */
151 | #else
152 | # error "Adjust your defines"
153 | #endif
154 | uint16_t check; /* checksum */
155 | uint8_t ttl; /* time to live */
156 | uint8_t reserved; /* reserved */
157 | uint16_t length; /* message length */
158 | };
159 |
160 | #endif /* __RSVP_H */
161 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_gre.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef GRE_H_INCLUDED_
22 | #define GRE_H_INCLUDED_
23 |
24 | #include
25 | #include
26 |
27 | #define GREVERSION 0
28 |
29 | /* GRE Options */
30 | #define GRE_OPTION_STRICT 0x01
31 | #define GRE_OPTION_SEQUENCE 0x02
32 | #define GRE_OPTION_KEY 0x04
33 | #define GRE_OPTION_ROUTING 0x08
34 | #define GRE_OPTION_CHECKSUM 0x10
35 |
36 | #define GRE_OPTLEN_SEQUENCE sizeof(struct gre_seq_hdr)
37 | #define GRE_OPTLEN_KEY sizeof(struct gre_key_hdr)
38 | #define GRE_OPTLEN_CHECKSUM sizeof(struct gre_sum_hdr)
39 |
40 |
41 | /**
42 | * Generic Routing Encapsulation (GRE) (RFC 1701)
43 | *
44 | * The GRE packet header has form:
45 | *
46 | * 0 1 2 3
47 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
48 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
49 | * |C|R|K|S|s|Recur| Flags | Ver | Protocol Type |
50 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
51 | * | Checksum (optional) | Offset (optional) |
52 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
53 | * | Key (optional) |
54 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
55 | * | Sequence Number (optional) |
56 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
57 | * | Routing (optional)
58 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
59 | *
60 | * Key and Sequence Number Extensions to GRE (RFC 2890)
61 | *
62 | * The proposed GRE header will have the following format:
63 | *
64 | * 0 1 2 3
65 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
66 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
67 | * |C| |K|S| Reserved0 | Ver | Protocol Type |
68 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
69 | * | Checksum (optional) | Reserved1 (Optional) |
70 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
71 | * | Key (optional) |
72 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
73 | * | Sequence Number (Optional) |
74 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
75 | */
76 | struct gre_hdr
77 | {
78 | #if defined(__LITTLE_ENDIAN_BITFIELD)
79 | uint16_t recur: 3, /* recursion control */
80 | s: 1, /* strict source route */
81 | S: 1, /* sequence number present */
82 | K: 1, /* key present */
83 | R: 1, /* routing present */
84 | C: 1, /* checksum present */
85 | version: 3, /* version */
86 | flags: 5; /* flags */
87 | #elif defined(__BIG_ENDIAN_BITFIELD)
88 | uint16_t C: 1, /* checksum present */
89 | R: 1, /* routing present */
90 | K: 1, /* key present */
91 | S: 1, /* sequence number present */
92 | s: 1, /* strict source route */
93 | recur: 3, /* recursion control */
94 | flags: 5, /* flags */
95 | version: 3; /* version */
96 | #else
97 | # error "Adjust your defines"
98 | #endif
99 | uint16_t proto; /* protocol */
100 | uint8_t __optional[0]; /* optional */
101 | };
102 |
103 | /**
104 | * Generic Routing Encapsulation (GRE) (RFC 1701)
105 | *
106 | * Offset (2 octets)
107 | *
108 | * The offset field indicates the octet offset from the start of the
109 | * Routing field to the first octet of the active Source Route Entry
110 | * to be examined. This field is present if the Routing Present or
111 | * the Checksum Present bit is set to 1, and contains valid information
112 | * only if the Routing Present bit is set to 1.
113 | *
114 | * Checksum (2 octets)
115 | *
116 | * The Checksum field contains the IP (one's complement) checksum of
117 | * the GRE header and the payload packet. This field is present if
118 | * the Routing Present or the Checksum Present bit is set to 1, and
119 | * contains valid information only if the Checksum Present bit is set
120 | * to 1.
121 | */
122 | struct gre_sum_hdr
123 | {
124 | uint16_t check; /* checksum */
125 | uint16_t offset; /* offset */
126 | };
127 |
128 | /**
129 | * Generic Routing Encapsulation (GRE) (RFC 1701)
130 | *
131 | * Key (4 octets)
132 | *
133 | * The Key field contains a four octet number which was inserted by
134 | * the encapsulator. It may be used by the receiver to authenticate the
135 | * source of the packet. The techniques for determining authenticity are
136 | * outside of the scope of this document. The Key field is only present
137 | * if the Key Present field is set to 1.
138 | */
139 | struct gre_key_hdr
140 | {
141 | uint32_t key; /* key */
142 | };
143 |
144 | /**
145 | * Generic Routing Encapsulation (GRE) (RFC 1701)
146 | *
147 | * Sequence Number (4 octets)
148 | *
149 | * The Sequence Number field contains an unsigned 32 bit integer which
150 | * is inserted by the encapsulator. It may be used by the receiver to
151 | * establish the order in which packets have been transmitted from the
152 | * encapsulator to the receiver. The exact algorithms for the generation
153 | * of the Sequence Number and the semantics of their reception is
154 | * outside of the scope of this document.
155 | */
156 | struct gre_seq_hdr
157 | {
158 | uint32_t sequence; /* sequence number */
159 | };
160 |
161 | struct config_options; /* Defined in config.h. */
162 |
163 | size_t gre_opt_len ( const struct config_options * const );
164 | struct iphdr *gre_encapsulation ( void * restrict, const struct config_options * const restrict, size_t );
165 | void gre_checksum ( void * restrict, const struct config_options * const restrict, size_t );
166 |
167 | #endif /* __GRE_H */
168 |
--------------------------------------------------------------------------------
/src/modules/gre.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file gre.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 | #include
32 |
33 | /**
34 | * GRE encapsulation routine.
35 | *
36 | * @param buffer Pointer to the begining of the packet buffer.
37 | * @param co Pointer to T50 configuration structure.
38 | * @param total_len Length of the buffer.
39 | * @return Pointer to IP header (the begining of the buffer).
40 | */
41 | struct iphdr *gre_encapsulation ( void * restrict buffer,
42 | const config_options_T * const restrict co,
43 | size_t total_len )
44 | {
45 | struct iphdr *ip, *gre_ip;
46 | struct gre_hdr *gre;
47 | void *ptr;
48 |
49 | assert ( buffer != NULL );
50 | assert ( co != NULL );
51 |
52 | if ( !co->encapsulated )
53 | return NULL;
54 |
55 | ip = buffer;
56 |
57 | /* GRE Header structure. */
58 | /*
59 | 0 1 2 3
60 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
61 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
62 | |C|R|K|S|s|Recur| Flags | Ver | Protocol Type |
63 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
64 | | Checksum (optional) | Offset (optional) |
65 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
66 | | Key (optional) |
67 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
68 | | Sequence Number (optional) |
69 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
70 | | Routing (optional)
71 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
72 | */
73 |
74 | gre = ( struct gre_hdr * ) ( ip + 1 );
75 | gre->C = co->gre.C;
76 | gre->K = co->gre.K;
77 | gre->R = FIELD_MUST_BE_ZERO;
78 | gre->S = co->gre.S;
79 | gre->s = FIELD_MUST_BE_ZERO;
80 | gre->recur = FIELD_MUST_BE_ZERO; // That's why this is not in config.c!
81 | gre->version = GREVERSION;
82 | gre->flags = FIELD_MUST_BE_ZERO;
83 | gre->proto = htons ( ETH_P_IP );
84 |
85 | /* Computing the GRE offset. */
86 | ptr = gre + 1;
87 |
88 | /* GRE CHECKSUM? */
89 | if ( co->gre.C )
90 | {
91 | /* GRE CHECKSUM Header structure making a pointer to IP Header structure. */
92 | struct gre_sum_hdr *gre_sum = ptr;
93 |
94 | gre_sum->offset = FIELD_MUST_BE_ZERO;
95 | gre_sum->check = 0;
96 |
97 | ptr = gre_sum + 1;
98 | }
99 |
100 | /* GRE KEY? */
101 | if ( co->gre.K )
102 | {
103 | /* GRE KEY Header structure making a pointer to IP Header structure. */
104 | struct gre_key_hdr *gre_key = ptr;
105 |
106 | gre_key->key = __RND ( co->gre.key );
107 |
108 | ptr = gre_key + 1;
109 | }
110 |
111 | /* GRE SEQUENCE? */
112 | if ( co->gre.S )
113 | {
114 | /* GRE SEQUENCE Header structure making a pointer to IP Header structure. */
115 | struct gre_seq_hdr *gre_seq = ptr;
116 |
117 | gre_seq->sequence = __RND ( co->gre.sequence );
118 |
119 | ptr = gre_seq + 1;
120 | }
121 |
122 | /*
123 | * Generic Routing Encapsulation over IPv4 networks (RFC 1702)
124 | *
125 | * IP as both delivery and payload protocol
126 | *
127 | * When IP is encapsulated in IP, the TTL, TOS, and IP security options
128 | * MAY be copied from the payload packet into the same fields in the
129 | * delivery packet. The payload packet's TTL MUST be decremented when the
130 | * packet is decapsulated to insure that no packet lives forever.
131 | */
132 | /* GRE Encapsulated IP Header structure making a pointer to to IP Header structure. */
133 | gre_ip = ptr;
134 | gre_ip->version = ip->version;
135 | gre_ip->ihl = ip->ihl;
136 | gre_ip->tos = ip->tos;
137 | gre_ip->frag_off = htons ( ip->frag_off ); // NOTE: Not swapped on config.c!
138 | gre_ip->tot_len = htons ( total_len );
139 | gre_ip->id = ip->id;
140 | gre_ip->ttl = ip->ttl;
141 | gre_ip->protocol = co->ip.protocol;
142 | gre_ip->saddr = co->gre.saddr ? co->gre.saddr : ip->saddr;
143 | gre_ip->daddr = co->gre.daddr ? co->gre.daddr : ip->daddr;
144 |
145 | /* Computing the checksum. */
146 | gre_ip->check = co->bogus_csum ? RANDOM() :
147 | htons ( cksum ( gre_ip, sizeof ( struct iphdr ) ) );
148 |
149 | return gre_ip;
150 | }
151 |
152 | /**
153 | * Calculates GRE checksum.
154 | *
155 | * @param buffer Pointer to the begining of packet buffer.
156 | * @param co Pointer to T50 configuration structure.
157 | * @packet_size Size of the packet.
158 | */
159 | void gre_checksum ( void * restrict buffer,
160 | const config_options_T * restrict const co,
161 | size_t packet_size )
162 | {
163 | struct gre_hdr *gre;
164 | struct gre_sum_hdr *gre_sum;
165 |
166 | assert ( buffer != NULL );
167 | assert ( co != NULL );
168 |
169 | /* GRE Encapsulation takes place. */
170 | if ( co->encapsulated && co->gre.C )
171 | {
172 | gre = ( struct gre_hdr * ) ( ( struct iphdr * ) buffer + 1 );
173 | gre_sum = ( struct gre_sum_hdr * ) ( gre + 1 );
174 |
175 | /* Computing the checksum. */
176 | gre_sum->check = co->bogus_csum ?
177 | RANDOM() :
178 | cksum ( gre, packet_size - sizeof ( struct iphdr ) ); // All packet, except the main IP header.
179 | }
180 | }
181 |
182 | /* GRE header size calculation. */
183 | size_t gre_opt_len ( const config_options_T * const co )
184 | {
185 | size_t size;
186 |
187 | /*
188 | * The code starts with size '0' and it accumulates all the required
189 | * size if the conditionals match. Otherwise, it returns size '0'.
190 | */
191 | size = 0;
192 |
193 | /*
194 | * Returns the size of the entire GRE packet only in the case of
195 | * encapsulation has been defined ('--encapsulated').
196 | */
197 | if ( co->encapsulated )
198 | {
199 | /*
200 | * First thing is to accumulate GRE Header size.
201 | * And the extra IP header size.
202 | */
203 | size = sizeof ( struct gre_hdr ) + sizeof ( struct iphdr );
204 |
205 | /*
206 | * Checking whether add OPTIONAL header size.
207 | *
208 | * CHECKSUM HEADER?
209 | */
210 | if ( co->gre.C )
211 | size += GRE_OPTLEN_CHECKSUM;
212 |
213 | /* KEY HEADER? */
214 | if ( co->gre.K )
215 | size += GRE_OPTLEN_KEY;
216 |
217 | /* SEQUENCE HEADER? */
218 | if ( co->gre.S )
219 | size += GRE_OPTLEN_SEQUENCE;
220 | }
221 |
222 | return size;
223 | }
224 |
225 |
--------------------------------------------------------------------------------
/CHANGELOG:
--------------------------------------------------------------------------------
1 | T50 - Experimental Mixed Packet Injector
2 |
3 | Legend:
4 | + Added feature
5 | * Improved/changed feature
6 | - Bug fixed
7 | ! Known issue / missing feature
8 |
9 | T50 5.8.8
10 | + Preliminary avoidance of CTE for Intel Processors
11 | in the Makefile.
12 |
13 | T50 5.8.7
14 | - Fixed tcphdr.doff calculation.
15 |
16 | T50 5.8.5 - Aug 30th, 2019
17 | * Fixed possible pointer arithmetic problems in modules
18 | * Regression: back using size_t instead of uint32_t
19 | * Improved readbility (using while loops, instead of for)
20 |
21 | T50 5.8.4 - Apr 23rd, 2019
22 | - ^C is not shown when user stops the flooding process.
23 |
24 | T50 5.8.3 - Nov 24th, 2018
25 | - Makefile now checks GCC version (5 or greater needed!)
26 |
27 | T50 5.8.2 - Sep 10th, 2018
28 | - cksum() RFC 1071 compliance and endianess fixes.
29 |
30 | T50 5.8.1 - Sep 4th, 2018
31 | * Some routines were simplified to increase performance.
32 | + Display Statistics on process termination: Number of packets and throughput (experimental).
33 | (each process will print their statistics preceeded by [PID:...]).
34 |
35 | T50 5.8 - Jun 27th, 2018
36 | - Lots of fields were in little endian format (Intel platforms);
37 | - TCP option --ack-seq wasn't being evaluated at command line;
38 | - TCP option --sequence wasn't being evaluated at command ilne;
39 | - TCP option --data-offset wasn't being evaluated at command line;
40 | - TCP option --urg-pointer wasn't being evaluated at command line;
41 | - Corrected range checkings for options;
42 | - Checksums were in little endian format as well (Intel platforms);
43 | * Make sure functions with more than one pointer as arguments have __restrict__ keyword in all of them.
44 | This is a hint to the compiler optimization routines in C99/C11.
45 | * Makefile compile and link options changed -z norelro and -z execstack were reported to cause freezes;
46 | * Using -ftree-vectorize only for x86-64 (Intel), 'cause not all i386 supports SIMD.
47 |
48 | T50 5.7.3 - Jun 19th, 2018
49 | * No more GNU Build System. Plain Makefile, bogus configuration script and maintainer's setversion.sh.
50 | Version configuration are in src/include/configuration.h file.
51 | - Forgot to enable USE_ANSI feature on Makefile.
52 | * Added execstack and norelro options to linker (smaller executable).
53 |
54 | T50 5.7.2 - Apr 29th, 2018
55 | - When configuring with --enable-debug, lots of compile erros occur. fixed!
56 | * Prefeer to use RDRAND on Intel platforms, if it's implemented.
57 | * Simplification of randomizer functions due to the fact that RDRAND is, at least, 4 times faster than xorshift128+.
58 |
59 | T50 5.7.1 - Mar 9th, 2018
60 | * Changed size_t types from some functions to uint32_t.
61 |
62 | T50 5.7.0 - Jul 26th, 2017
63 | - Some IP addresses were in LITTLE ENDIAN format.
64 | * Improvements on configure.ac
65 |
66 | T50 5.6.15 - Jun 27th, 2017
67 | T50 5.6.14 - Jun 26th, 2017
68 | - Some bugs on inline assembly (SRANDOM()) syntax fixed.
69 |
70 | T50 5.6.13 - May 16th, 2017
71 | + Added --shuffle option for T50 PROTOCOL, otherwise all protocols will be sent
72 | in the same sequence given by --list-protocols option.
73 | * SRANDOM() now uses RDRAND instruction for x86 machines, if available.
74 | * Got rid of get_number_of_registered_modules() function.
75 | The global var num_of_modules is available to that purpose.
76 | * Man page updated.
77 | - The command line bug is fixed...
78 |
79 | T50 5.6.12 - May 12th, 2017
80 | - Minor bugs solved.
81 | * Made get_ordinal_suffix() smaller.
82 | ! OSPF protocol code is now more "readable".
83 | * Changed "hard coded" tests on configure.ac, using autoconf extensions.
84 |
85 | T50 5.6.11 - May 8th, 2017
86 | * __RND, IPPORT_RND and IPADDR_RND macros now will only respect endianess if
87 | the returning value is not RANDOM.
88 |
89 | T50 5.6.10 - May 5th, 2017
90 | * Changed the Linear Congruential Pseudo Number Generator by XorShift128+.
91 |
92 | T50 5.6.9 - April 18th, 2017
93 | * Got rid of some asserts.
94 | * configure script improved.
95 | * Manpage updated.
96 |
97 | T50 5.6.8 - April 11th, 2017
98 | * Total source code refactoring to better distribute the functions.
99 | * Got rid of common.h header file.
100 | * Added -fno-stack-protection option on compilation.
101 | * Changes on header files "namespaces" to avoid confusion with system's
102 | header files (added t50_ prefix).
103 |
104 | T50 5.6.7 - September 1st, 2016
105 | * Checks for Linux on configure script
106 | * Uses compiler processor's optimizations options only for x86-64 and i?86.
107 |
108 | T50 5.6.6 - August, 2016
109 | - Fixed a bug on command line parser.
110 |
111 | T50 5.6.3 - May 30th, 2016
112 | * Project now compiles and installs with GNU Build System help.
113 | * Compiler option -mtune=native changed to -march=native. SSE options for i386 not necessary anymore.
114 |
115 | T50 5.5 - March 19th, 2016
116 | * Minor fixes
117 | * Added comments to the code (for developers)
118 |
119 | T50 5.5 - March 16th, 2016
120 | * SIGTSTP and SIGTRAP are now blocked.
121 | - Some nasty bugs based on kl0nEz discovery fixed.
122 | - A nasty bug detected by kl0nEz (shell crash!) was corrected.
123 |
124 | T50 5.5 - December 18th, 2015
125 | + Added experimental xorshift128+ pseudo random number generator routine.
126 |
127 | T50 5.5 - December 1st, 2015
128 | - The PRNG now generates 32 bit unsigned numbers.
129 | * t50.c changed to main.c
130 |
131 | T50 5.5 - February 3rd, 2015
132 | ! Changed the behavior of signals from RESTART to INTERRUPT.
133 | * The raw socket is NON BLOCKING now.
134 | ! Improved command line parser: No more duplicated options accepted!
135 | --protocol is case insensitive now.
136 | - Add call to tcp_help() to usage().
137 | * Support for RDRAND and BMI2 instruction set added.
138 | - Small bug when calculating IP address on t50.c fixed
139 | + Added some "post-mortem" debug routines
140 | * If sendto's errno is EPERM, show permission error message asking to check firewall settings.
141 | - Fixed bugs of modules memory allocations.
142 | * Code compiles fine with LLVM clang 3.x;
143 | * SSE is enabled by default in x86-64 architecture (commented on Makefile);
144 | * Changed return type of module funcions;
145 | * Small corrections on modules functions;
146 | * All files were converted to UNIX text format;
147 | * gre_encapsulation() was still not used on ospf.c;
148 | - Calls to sendto with second parameter were wrong;
149 | * Function ip_header() added to modules/ip.c.
150 | - On embeded systems the use of VLAs (Variable Length Arrays) in modules functions can be hazardous
151 | due to restricted stack space. "Differential" buffer reallocation on heap fix this problem;
152 | * cksum() 5 times faster now (summing QWORDs, DWORDs WORDs and BYTES, in that order);
153 | * Using a trick to deal with pointers of multiple types on modules functions;
154 | * New Makefile (still needs some tweaks) for better incremental compiling;
155 | * Minor fix on getOrdinalSuffix() function, no t50.c (11, 12 & 13 have a "th" suffix!).
156 | + Added comments with FIX, FIXME, NOTE prefix for better code reading.
157 | * Changed the way modules table are declared. See modules.c for advice.
158 | * Module table are not order dependant anymore!
159 | * Created src/help directory and src/include/help.h header to improve module "modularity".
160 | * Host name now can be a partial IP or name, optionally followed by "/cidr".
161 | Partial IP have the format 'a(.b(.c(.d)))'. Formats as 'a.b./cidr' are invalid.
162 | ! if a name or a full IP is given, the default cidr is 32. T50 will fail showing the message:
163 | "CIDR must be between 8 and 30.".
164 | - CIDR bug above fixed by Fernando Mercês.
165 | * socket descriptor isolated from anyone except sock.c.
166 | * "modules" just manipulates the packet buffer. main() actually sends the packet.
167 | * 'stdout' is now unbuffered on initialization. To avoid line buffer behavior oddities (if any).
168 | * Added -std=gnu99 to CFLAGS, on Makefile.
169 | ! Possible wrong way to calculate threshold for turbo mode.
170 | - Threshold bugs fixed.
171 | ! Possible wrong way to threat SIGCHLD signal.
172 | - Added a SIGALRM handler and a timeout of 5 seconds when main process waits for child.
173 |
174 | T50 5.4.1 - August 11th, 2013
175 | - Fixed bug in option parsing.
176 | - Fixed license missing in some files.
177 | * Depecrecation of gethostbyname() - thanks to Cooler
178 | * Improved code, reduced memory consumption - thanks to Frederico Pissara
179 | * Improved Makefile, reduced compilation time, use of SS3 instructions.
180 | * Removed private IP address restriction.
181 | - Manpage moved to section 8.
182 | + Strip set by default.
183 |
184 | T50 5.4.0 - September 4th, 2011
185 | + New version scheme .
186 | + Added manpage.
187 | * UPX and strip removed.
188 | * License limitations removed.
189 | * Removed libmath dependency.
190 | * New smaller Makefile reducing compile time. Many flags removed.
191 | ! We don't have support for IPv6 yet.
192 | ! T50 may not compile in other systems nor GNU/Linux distros.
193 |
194 | T50 5.3 - April 9th, 2011
195 | + New License: it is, finally, licensed under GPL v2.0. Please, refer
196 | to LICENSE document for further information.
197 | + CIDR Support: Classless Inter-Domain Routing support for destination
198 | IP address, using a really tiny C algorithm. This would allow
199 | the new version to simulate DDoS in a laboratory environment.
200 | + New protocols support: IGMP, EGP, RIP, DCCP, RSVP, IPSec, GRE, EIGRP
201 | and OSPF.
202 | + TCP Options support.
203 |
204 | T50 2.45 - November 10th, 2010
205 | First public release.
206 |
--------------------------------------------------------------------------------
/src/include/protocol/t50_ospf.h:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /*
3 | * T50 - Experimental Mixed Packet Injector
4 | *
5 | * Copyright (C) 2010 - 2014 - T50 developers
6 | *
7 | * This program is free software: you can redistribute it and/or modify
8 | * it under the terms of the GNU General Public License as published by
9 | * the Free Software Foundation, either version 2 of the License, or
10 | * (at your option) any later version.
11 | *
12 | * This program is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | * GNU General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU General Public License
18 | * along with this program. If not, see .
19 | */
20 |
21 | #ifndef __OSPF_H__
22 | #define __OSPF_H__
23 |
24 | #include
25 | #include
26 |
27 | #define OSPFVERSION 2
28 | #define IPPROTO_OSPF 89
29 |
30 | /* OSPF Message Type */
31 | #define OSPF_TYPE_HELLO 1
32 | #define OSPF_TYPE_DD 2
33 | #define OSPF_TYPE_LSREQUEST 3
34 | #define OSPF_TYPE_LSUPDATE 4
35 | #define OSPF_TYPE_LSACK 5
36 |
37 | #define OSPF_TLEN_NEIGHBOR(foo) ((foo) * sizeof(in_addr_t))
38 | #define OSPF_TLEN_LSUPDATE 4
39 | #define OSPF_TLEN_DD 8
40 | #define OSPF_TLEN_LSREQUEST 12
41 | #define OSPF_TLEN_HELLO 20
42 |
43 | /* OSPF HELLO, DD and LSA Option */
44 | #define OSPF_OPTION_TOS 0x01
45 | #define OSPF_OPTION_EXTERNAL 0x02
46 | #define OSPF_OPTION_MULTICAST 0x04
47 | #define OSPF_OPTION_NSSA 0x08
48 | #define OSPF_OPTION_LLS 0x10
49 | #define OSPF_OPTION_DEMAND 0x20
50 | #define OSPF_OPTION_OPAQUE 0x40
51 | #define OSPF_OPTION_DOWN 0x80
52 |
53 | /* OSPF DD DB Description */
54 | #define DD_DBDESC_MSLAVE 0x01
55 | #define DD_DBDESC_MORE 0x02
56 | #define DD_DBDESC_INIT 0x04
57 | #define DD_DBDESC_OOBRESYNC 0x08
58 |
59 | /* OSPF LSA LS Type */
60 | #define LSA_TYPE_ROUTER 1
61 | #define LSA_TYPE_NETWORK 2
62 | #define LSA_TYPE_SUMMARY_IP 3
63 | #define LSA_TYPE_SUMMARY_AS 4
64 | #define LSA_TYPE_ASBR 5
65 | #define LSA_TYPE_MULTICAST 6
66 | #define LSA_TYPE_NSSA 7
67 | #define LSA_TYPE_OPAQUE_LINK 9
68 | #define LSA_TYPE_OPAQUE_AREA 10
69 | #define LSA_TYPE_OPAQUE_FLOOD 11
70 |
71 | #define LSA_TLEN_GENERIC(x) \
72 | (sizeof(struct ospf_lsa_hdr) + \
73 | ((x) * sizeof(uint32_t)))
74 |
75 | #define LSA_TLEN_MULTICAST LSA_TLEN_GENERIC(2)
76 | #define LSA_TLEN_NETWORK LSA_TLEN_GENERIC(2)
77 | #define LSA_TLEN_SUMMARY LSA_TLEN_GENERIC(2)
78 | #define LSA_TLEN_ASBR LSA_TLEN_GENERIC(4)
79 | #define LSA_TLEN_ROUTER LSA_TLEN_GENERIC(4)
80 | #define LSA_TLEN_NSSA LSA_TLEN_ASBR
81 |
82 | /* OSPF Router-LSA Flag */
83 | #define ROUTER_FLAG_BORDER 0x01
84 | #define ROUTER_FLAG_EXTERNAL 0x02
85 | #define ROUTER_FLAG_VIRTUAL 0x04
86 | #define ROUTER_FLAG_WILD 0x08
87 | #define ROUTER_FLAG_NSSA_TR 0x10
88 |
89 | /* OSPF Router-LSA Link type */
90 | #define LINK_TYPE_PTP 1
91 | #define LINK_TYPE_TRANSIT 2
92 | #define LINK_TYPE_STUB 3
93 | #define LINK_TYPE_VIRTUAL 4
94 |
95 | /* OSPF Group-LSA Type */
96 | #define VERTEX_TYPE_ROUTER 1
97 | #define VERTEX_TYPE_NETWORK 2
98 |
99 | #define OSPF_TLV_HEADER sizeof(struct ospf_lls_hdr)
100 |
101 | /* OSPF LLS Type/Length/Value */
102 | #define OSPF_TLV_RESERVED 0
103 | #define OSPF_TLV_EXTENDED 1
104 | #define OSPF_TLV_CRYPTO 2
105 |
106 | #define OSPF_LEN_EXTENDED OSPF_TLV_HEADER
107 | #define EXTENDED_OPTIONS_LR 0x00000001
108 | #define EXTENDED_OPTIONS_RS 0x00000002
109 | #define OSPF_LEN_CRYPTO ( OSPF_TLV_HEADER + AUTH_TLEN_HMACMD5 )
110 |
111 | /** Calculating OSPF LLS Type/Length/Value length */
112 | #define ospf_tlv_len(foo, bar, baz) \
113 | ((((foo) == OSPF_TYPE_HELLO) || \
114 | ((foo) == OSPF_TYPE_DD)) ? \
115 | ((bar) ? \
116 | OSPF_TLV_HEADER * 2 + \
117 | OSPF_LEN_EXTENDED + \
118 | ((baz) ? \
119 | OSPF_TLV_HEADER + \
120 | OSPF_LEN_CRYPTO : \
121 | 0) : \
122 | 0) : \
123 | 0)
124 |
125 | /**
126 | * OSPF Version 2 (RFC 2328)
127 | *
128 | * A.3.1 The OSPF packet header
129 | *
130 | * 0 1 2 3
131 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
132 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
133 | * | Version # | Type | Packet length |
134 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
135 | * | Router ID |
136 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
137 | * | Area ID |
138 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
139 | * | Checksum | AuType |
140 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
141 | */
142 | struct ospf_hdr
143 | {
144 | uint8_t version, /* version */
145 | type; /* type */
146 | uint16_t length; /* length */
147 | in_addr_t rid; /* router ID */
148 | in_addr_t aid; /* area ID */
149 | uint16_t check; /* checksum */
150 | uint16_t autype; /* authentication type */
151 | uint8_t __ospf_auth[0]; /* authentication header */
152 | uint8_t __ospf_type_hdr[0]; /* type header */
153 | };
154 |
155 | /**
156 | * OSPF Version 2 (RFC 2328)
157 | *
158 | * A.3.1 The OSPF packet header
159 | *
160 | * 0 1 2 3
161 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
162 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
163 | * | Authentication |
164 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
165 | * | Authentication |
166 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
167 | *
168 | * D.3 Cryptographic authentication
169 | *
170 | * 0 1 2 3
171 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
172 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
173 | * | 0 | Key ID | Auth Data Len |
174 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
175 | * | Cryptographic sequence number |
176 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
177 | */
178 | struct ospf_auth_hdr
179 | {
180 | uint16_t reserved; /* reserved must be zero */
181 | uint8_t key_id, /* authentication key ID */
182 | length; /* authentication length */
183 | uint32_t sequence; /* authentication sequence # */
184 | };
185 |
186 | /**
187 | * OSPF Version 2 (RFC 2328)
188 | *
189 | * A.4.1 The Link State Advertisement (LSA) header
190 | *
191 | * 0 1 2 3
192 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
193 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
194 | * | LS age | Options | LS type |
195 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
196 | * | Link State ID |
197 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
198 | * | Advertising Router |
199 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
200 | * | LS sequence number |
201 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
202 | * | LS checksum | length |
203 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
204 | */
205 | struct ospf_lsa_hdr
206 | {
207 | uint16_t age; /* LSA age */
208 | uint8_t options; /* LSA options */
209 | uint8_t type; /* LSA type */
210 | in_addr_t lsid; /* LSA link state ID */
211 | in_addr_t router; /* LSA advertising router */
212 | uint32_t sequence; /* LSA sequence number */
213 | uint16_t check; /* LSA checksum */
214 | uint16_t length; /* LSA length */
215 | };
216 |
217 | /**
218 | * OSPF Link-Local Signaling (RFC 5613)
219 | *
220 | * 2.2. LLS Data Block
221 | *
222 | * 0 1 2 3
223 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
224 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
225 | * | Checksum | LLS Data Length |
226 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
227 | * | |
228 | * | LLS TLVs |
229 | * . .
230 | * . .
231 | * . .
232 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
233 | */
234 | struct ospf_lls_hdr
235 | {
236 | uint16_t check; /* LLS checksum */
237 | uint16_t length; /* LLS length */
238 | };
239 |
240 | #endif /* __OSPF_H */
241 |
--------------------------------------------------------------------------------
/doc/README.modules:
--------------------------------------------------------------------------------
1 | How to create a new module for T50
2 |
3 | Suppose you want to add a new protocol for packet injection on T50. Let's say
4 | you want to add "Stream Control Transport Protocol" (SCTP).
5 |
6 | For this example I choose this protocol because it's defined in
7 | header as IPPROTO_SCTP. You can code any protocol you want. But if your protocol
8 | description (IPPROTO_xxx) isn't available on standard header files, you *MUST*
9 | create your own definition on 'src/include/defines.h' file. The IPPROTO_T50
10 | definition, for instance, is defined there.
11 |
12 | Adding a module is a 5 step process:
13 |
14 | ** STEP 1:
15 |
16 | The first step is to create a module that re-allocate, fills the packet buffer
17 | and returns the packet buffer size to the caller. All module routines *MUST*
18 | follow the signature defined in "typedefs.h":
19 |
20 | ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
21 | │ typedef void (*module_func_ptr_t)(const struct config_options * const __restrict__, size_t *); │
22 | └────────────────────────────────────────────────────────────────────────────────────────────────┘
23 |
24 | Your module *MUST* be created in src/modules/ directory as 'sctp.c'. You
25 | *SHOULD* code something like this:
26 |
27 | ┌──────────────────────────────────────────────────────────────────────────────┐
28 | │ #include /* Include all t50 definitions and prototypes. */ │
29 | │ │
30 | │ static void fill_sctp(void *buffer); │
31 | │ static size_t get_sctp_buffer_size(void); │
32 | │ │
33 | │ /* This is the module! */ │
34 | │ void sctp(const struct config_options * const __restrict__ co, size_t *size) │
35 | │ { │
36 | │ /* Working pointers to the buffer */ │
37 | │ struct iphdr *ip; │
38 | │ │
39 | │ /* Get the packet size */ │
40 | │ *size = sizeof(struct iphdr) + get_sctp_buffer_size(); │
41 | │ │
42 | │ /* Tries to reallocate space for the packet buffer, if necessary. */ │
43 | │ alloc_packet(*size); │
44 | │ │
45 | │ /* Fill IP header */ │
46 | │ ip = ip_header(packet, *size, │
47 | │ │
48 | │ fill_sctp(packet + sizeof(struct iphdr)); │
49 | │ } │
50 | │ │
51 | │ /* This will fill the buffer part of sctp protocol. */ │
52 | │ static void fill_sctp(void *buffer, size_t size) { ... } │
53 | │ │
54 | │ /* This is only an example! */ │
55 | │ #define SCTP_SIZE 524 │
56 | │ static size_t get_sctp_buffer_size(void) { return SCTP_SIZE; } │
57 | └──────────────────────────────────────────────────────────────────────────────┘
58 |
59 | Notice that "packet" is a global pointer to the packet buffer used by all
60 | modules. It is necessary to reallocate the buffer for every module, since the
61 | previous module who use it could leave a very small buffer behind.
62 |
63 | Any protocol specific structures, types *SHOULD* be defined in a separated
64 | header file 'sctp.h' in 'src/include/protocol/' directory and this header *MUST*
65 | be added to '/src/include/common.h' file.
66 |
67 | The prototype of the module function *MUST* be added to 'src/include/modules.h'
68 | file:
69 |
70 | ┌───────────────────────────────────────────────────────────────────────────────┐
71 | │ extern void sctp(const struct config_options * const __restrict__, size_t *); │
72 | └───────────────────────────────────────────────────────────────────────────────┘
73 |
74 | Take a look at the actual modules. They are a little more complicated than this,
75 | but essentially, that's all they do.
76 |
77 | ** STEP 2:
78 |
79 | Create an entry on 'src/modules.c'. You *MUST* add a line like this before
80 | END_MODULES_TABLE declaration:
81 |
82 | ┌────────────────────────────────────────────────────────────────────────────────┐
83 | │ MODULE_ENTRY(IPPROTO_SCTP, "SCTP","Stream Control Transport Protocol", sctp) │
84 | │ END_MODULES_TABLE │
85 | └────────────────────────────────────────────────────────────────────────────────┘
86 |
87 | This way T50 now knows how to fill the packet for your protocol.
88 |
89 | ** STEP 3:
90 |
91 | Change config_options structure on 'src/config.c' and 'src/include/config.h'.
92 | Let's say that SCTP needs only one item called 'tag' (a 32 bits value) that
93 | could be a random value. You can add a new structure on config_options:
94 |
95 | ┌───────────────────────────────────────────────────────────────────────────┐
96 | │ struct { │
97 | │ uint32_t tag; │
98 | │ } sctp; │
99 | └───────────────────────────────────────────────────────────────────────────┘
100 |
101 | OBS: The "random" part depends on the module. The macro __RND(), defined in
102 | 'src/include/defines.h' will return an random value if its parameter is 0. You
103 | acn use this on your function to garantee an random value if this 'tag' is
104 | informed as 0 or not informed at all in the command line.
105 |
106 | Now, add an OPTION_SCTP_TAG in the enumeration at the beggining of config.h file.
107 |
108 | Add a default value to config_options 'co' variable at config.c, if you need
109 | something different from 0.
110 |
111 | Add an entry called 'sctp-tag' on long_opt array to allow you to change this
112 | value through the command line:
113 |
114 | ┌───────────────────────────────────────────────────────────────────────────┐
115 | │ { "sctp-tag", required_argument, NULL, OPTION_SCTP_TAG }, │
116 | └───────────────────────────────────────────────────────────────────────────┘
117 |
118 | And, finally, change getConfigOptions() function, adding a 'case' inside the
119 | 'switch(cli_opts)' block, like this:
120 |
121 | ┌───────────────────────────────────────────────────────────────────────────┐
122 | │ case OPTION_SCTP_TAG: co.sctp.tag = atoi(optarg): break; │
123 | └───────────────────────────────────────────────────────────────────────────┘
124 |
125 | ** STEP 4
126 |
127 | Create a routine showing the usage for SCTP protocol options and put it on
128 | sctp_help.c at 'src/help/' directory:
129 |
130 | ┌─────────────────────────────────────────────────────────────────────────────────────────────────┐
131 | │ void sctp_help(void) │
132 | │ { │
133 | │ puts("SCTP Options:\n" │
134 | │ " --sctp-tag NUM SCTP tag number (default RANDOM)\n"); │
135 | │ } │
136 | └─────────────────────────────────────────────────────────────────────────────────────────────────┘
137 |
138 | To keep the standard, the first line starts with a description of the protocol
139 | followed by "Options:". The following lines are formated as (printf style):
140 |
141 | " --%-23s %-32s (default: %s)\n"
142 |
143 | Where the first string (max 23 chars) is the option. The second string (32 chars
144 | max) is a small description and the last string is a numeric value or "RANDOM",
145 | depending of what you did in config_options 'co' and your module.
146 |
147 | After creating the sctp_help() functiom, put a call on the usage routine at 'src/usage.c':
148 |
149 | ┌───────────────────────────────────────────────────────────────────────────────┐
150 | │ ... │
151 | │ rsvp_help(); │
152 | │ ipsec_help(); │
153 | │ eigrp_help(); │
154 | │ ospf_help(); │
155 | │ sctp_help(); /* Added sctp help */ │
156 | └───────────────────────────────────────────────────────────────────────────────┘
157 |
158 | ** STEP 5 (FINAL)
159 |
160 | Modify the Makefile adding the object filename (sctp.o) file location on OBJS var:
161 |
162 | ┌────────────────────────────────────────────────────────────────────────────────┐
163 | │ ... │
164 | │ $(OBJ_DIR)/modules/igmpv1.o \ │
165 | │ $(OBJ_DIR)/modules/icmp.o \ │
166 | │ $(OBJ_DIR)/modules/sctp.o \ <-- here! │
167 | │ $(OBJ_DIR)/common.o \ │
168 | │ ... │
169 | └────────────────────────────────────────────────────────────────────────────────┘
170 |
171 | And test everything trying to compile the project:
172 |
173 | $ make
174 |
175 | Don't forget to compile in DEBUG mode and test everything with your favorite
176 | debugger:
177 |
178 | $ DEBUG=1 make
179 | $ sudo gdb release/t50
180 |
181 | Good luck!
182 |
183 | Frederico Lamberti Pissarra
184 | April 3rd, 2014
185 |
--------------------------------------------------------------------------------
/src/netio.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file netio.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 | #include
32 | #include
33 | #include
34 | #include
35 | #include
36 |
37 | /* Maximum number of tries to send the packet. */
38 | #define MAX_SENDTO_RETRYS 10
39 |
40 | /* Polling timeout is 1 second. */
41 | #define TIMEOUT 1000
42 |
43 | /* Initialized for error condition, just in case! */
44 | static int fd = -1;
45 |
46 | /* Used for statistics. */
47 | uint64_t bytes_sent = 0ULL;
48 | uint64_t packets_sent = 0ULL;
49 |
50 | //static int wait_for_io ( int );
51 | static void socket_setnonblocking( int );
52 | static void socket_setiphdrincl( int );
53 | static ssize_t socket_send ( int, struct sockaddr_in *, void *, size_t );
54 | #ifdef SO_SNDBUF
55 | static void socket_setup_sendbuffer ( int );
56 | #endif
57 | #ifdef SO_BROADCAST
58 | static void socket_setbroadcast( int );
59 | #endif
60 | #ifdef SO_PRIORITY
61 | static void socket_setpriority( int );
62 | #endif
63 |
64 | /**
65 | * Creates and configure a raw socket.
66 | */
67 | void create_socket ( void )
68 | {
69 | /* Setting SOCKET RAW.
70 | NOTE: Protocol must be IPPROTO_RAW on Linux.
71 | On FreeBSD, if we use 0 IPPROTO_RAW is assumed by default,
72 | but on linux will cause an error. */
73 | if ( ( fd = socket ( AF_INET, SOCK_RAW, IPPROTO_RAW ) ) == -1 )
74 | {
75 | #ifndef NDEBUG
76 | fatal_error ( "Cannot open raw socket: \"%s\"", strerror ( errno ) );
77 | #else
78 | fatal_error ( "Cannot open raw socket" );
79 | #endif
80 | }
81 |
82 | socket_setnonblocking( fd ); // FIXME: Possibly not necessary!
83 | socket_setiphdrincl( fd );
84 |
85 | #ifdef SO_SNDBUF
86 | socket_setup_sendbuffer ( fd );
87 | #endif
88 |
89 | #ifdef SO_BROADCAST
90 | socket_setbroadcast( fd );
91 | #endif
92 |
93 | #ifdef SO_PRIORITY
94 | socket_setpriority( fd );
95 | #endif
96 | }
97 |
98 | /**
99 | * Tiny routine used to make sure the socket file descriptor is closed.
100 | */
101 | void close_socket ( void )
102 | {
103 | /* Close only if the descriptor is valid. */
104 | if ( fd > 0 )
105 | {
106 | close ( fd ); // AS_SAFE!
107 |
108 | /* Added to avoid multiple socket closing. */
109 | fd = -1;
110 | }
111 | }
112 |
113 | /**
114 | * Send a packet through the wire.
115 | *
116 | * @param buffer Pointer to the packet buffer.
117 | * @param size Size of the buffer.
118 | * @param co Pointer to configurations for T50.
119 | * @return true (success) or false (error).
120 | */
121 | int send_packet ( const void * const buffer,
122 | size_t size,
123 | const config_options_T * const restrict co )
124 | {
125 | struct sockaddr_in sin =
126 | {
127 | .sin_family = AF_INET,
128 | .sin_port = htons ( IPPORT_RND ( co->dest ) ),
129 | .sin_addr.s_addr = co->ip.daddr /* Already in network byte order! */
130 | };
131 |
132 | assert ( buffer != NULL );
133 | assert ( size > 0 );
134 | assert ( co != NULL );
135 |
136 | /* Use socket_send(), below. */
137 | errno = 0;
138 | if ( socket_send ( fd, &sin, ( void * ) buffer, size ) == -1 )
139 | {
140 | if ( errno == EPERM )
141 | fatal_error ( "Cannot send packet (Permission!?). Please check your firewall rules (iptables?)." );
142 |
143 | return 0;
144 | }
145 |
146 | packets_sent++;
147 |
148 | return 1;
149 | }
150 |
151 | #ifdef SO_SNDBUF
152 | /* Taken from libdnet by Dug Song. */
153 | void socket_setup_sendbuffer ( int fd )
154 | {
155 | uint32_t i, n;
156 | socklen_t len;
157 |
158 | /* Getting SO_SNDBUF. */
159 | len = sizeof ( n );
160 |
161 | if ( getsockopt ( fd, SOL_SOCKET, SO_SNDBUF, &n, &len ) == -1 )
162 | {
163 | #ifndef NDEBUG
164 | fatal_error ( "Cannot get socket buffer: \"%s\"", strerror ( errno ) );
165 | #else
166 | fatal_error ( "Cannot get socket buffer" );
167 | #endif
168 | }
169 |
170 | /* Setting the maximum SO_SNDBUF in bytes.
171 | * 128 = 1 Kib
172 | * 10485760 = 80 Mib */
173 | i = n + 128;
174 | while ( i < 10485760 )
175 | {
176 | /* Setting SO_SNDBUF. */
177 | errno = 0;
178 |
179 | /* FIXME: On kernel's net/ipv4.raw.c seems that only ICMP_FILTER is a valid option. Must check! */
180 | if ( setsockopt ( fd, SOL_SOCKET, SO_SNDBUF, &i, sizeof ( i ) ) == -1 )
181 | {
182 | if ( errno == ENOBUFS )
183 | break;
184 |
185 | fatal_error ( "Cannot set socket buffer" );
186 | }
187 |
188 | i += 128;
189 | }
190 | }
191 | #endif /* SO_SNDBUF */
192 |
193 | // FIXME: Maybe it is necessary to insert a counter, in case of multiple failures...
194 | static ssize_t socket_send ( int fd, struct sockaddr_in *saddr, void *buffer, size_t size )
195 | {
196 | ssize_t r;
197 |
198 | /* sendto can set errno to EINTR if a signal interrupts the syscall or
199 | EAGAIN (or EWOULDBLOCK) if there is no room in the send buffer. */
200 | retry:
201 | errno = 0;
202 | r = sendto ( fd, buffer, size, MSG_NOSIGNAL, ( struct sockaddr * ) saddr, sizeof ( struct sockaddr_in ) );
203 |
204 | /* FIXME: Is this really necessary? */
205 | switch ( errno )
206 | {
207 | case EINTR:
208 | case EAGAIN:
209 | #if EWOULDBLOCK != EAGAIN
210 | case EWOULDBLOCK:
211 | #endif
212 | goto retry;
213 | }
214 |
215 | bytes_sent += size;
216 |
217 | return r;
218 | }
219 |
220 | /**
221 | * IPv4 name resolver using getaddrinfo().
222 | *
223 | * Since T50 don't support IPv6 addresses, this routine will
224 | * try to get only the first IPv6 address mapped to IPv4, if
225 | * no IPv4 address can be found.
226 | *
227 | * @param name The name, as in "www.target.com"...
228 | * @return IPv4 address found (in network order), or 0 if not found.
229 | */
230 | in_addr_t resolv ( char *name )
231 | {
232 | #pragma GCC diagnostic push
233 | #pragma GCC diagnostic ignored "-Wmissing-field-initializers"
234 | /* FIXME: Hints getaddrinfo() to return only IPv4 compatible addresses.
235 | Not sure if it is wise to use AF_UNSPEC here... */
236 | struct addrinfo hints = { .ai_family = AF_UNSPEC, .ai_flags = AI_ALL | AI_V4MAPPED },
237 | *res, *res0 = NULL;
238 | #pragma GCC diagnostic pop
239 |
240 | in_addr_t addr = 0;
241 | int err;
242 |
243 | assert ( name != NULL );
244 |
245 | if ( ( err = getaddrinfo ( name, NULL, &hints, &res0 ) ) != 0 )
246 | {
247 | if ( res0 )
248 | freeaddrinfo ( res0 );
249 |
250 | error ( "Error on resolv(). getaddrinfo() reports: %s.", gai_strerror ( err ) );
251 | }
252 |
253 | /* scan all the list. */
254 | res = res0;
255 | while ( res && ! addr )
256 | {
257 | switch ( res->ai_family )
258 | {
259 | case AF_INET:
260 | addr = ( ( struct sockaddr_in * ) res->ai_addr )->sin_addr.s_addr;
261 | break;
262 |
263 | // FIXME: This is probably wrong!
264 | case AF_INET6:
265 | addr = ( ( struct sockaddr_in6 * ) res->ai_addr )->sin6_addr.s6_addr32[3];
266 | }
267 |
268 | res = res->ai_next;
269 | }
270 |
271 | // Free the linked list.
272 | freeaddrinfo ( res0 );
273 |
274 | return addr;
275 | }
276 |
277 | // FIXME: Accordingly to Nelson Brito, this is not necessary
278 | // because we're dealing with RAW sockets. Must check!
279 | void socket_setnonblocking( int fd )
280 | {
281 | int flag;
282 |
283 | /* Try to change the socket mode to NON BLOCKING. */
284 | if ( ( flag = fcntl ( fd, F_GETFL ) ) == -1 )
285 | {
286 | #ifndef NDEBUG
287 | fatal_error ( "Cannot get socket flags: \"%s\"", strerror ( errno ) );
288 | #else
289 | fatal_error ( "Cannot get socket flags" );
290 | #endif
291 | }
292 |
293 | if ( fcntl ( fd, F_SETFL, flag | O_NONBLOCK ) == -1 )
294 | {
295 | #ifndef NDEBUG
296 | fatal_error ( "Cannot set socket to non-blocking mode: \"%s\"", strerror ( errno ) );
297 | #else
298 | fatal_error ( "Cannot set socket to non-blocking mode" );
299 | #endif
300 | }
301 | }
302 |
303 | void socket_setiphdrincl( int fd )
304 | {
305 | /* This is valid for Linux */
306 | int n = 1;
307 |
308 | /* Setting IP_HDRINCL. */
309 | /* NOTE: We will provide the IP header, but enabling this option, on linux,
310 | still makes the kernel calculates the checksum and total_length. */
311 | /* FIXME: manpages says IP_HDRINCL enabled provides the IP packet checksum automatically.
312 | Must check! */
313 | /* FIXME: On kernel's net/ipv4.raw.c seems that only ICMP_FILTER is a valid option. Must check! */
314 | if ( setsockopt ( fd, IPPROTO_IP, IP_HDRINCL, &n, sizeof ( n ) ) == -1 )
315 | {
316 | #ifndef NDEBUG
317 | fatal_error ( "Cannot set socket options: \"%s\"", strerror ( errno ) );
318 | #else
319 | fatal_error ( "Cannot set socket options" );
320 | #endif
321 | }
322 | }
323 |
324 | #ifdef SO_BROADCAST
325 | void socket_setbroadcast( int fd )
326 | {
327 | int n = 1;
328 |
329 | /* FIXME: On kernel's net/ipv4.raw.c seems that only ICMP_FILTER is a valid option. Must check! */
330 | if ( setsockopt ( fd, SOL_SOCKET, SO_BROADCAST, &n, sizeof ( n ) ) == -1 )
331 | {
332 | #ifndef NDEBUG
333 | fatal_error ( "Cannot set socket broadcast flag: \"%s\"", strerror ( errno ) );
334 | #else
335 | fatal_error ( "Cannot set socket broadcast flag" );
336 | #endif
337 | }
338 | }
339 | #endif
340 |
341 | #ifdef SO_PRIORITY
342 | void socket_setpriority( int fd )
343 | {
344 | int n = 1;
345 |
346 | /* FIXME: Is it a good idea to ajust the socket priority to 1? */
347 | /* FIXME: On kernel's net/ipv4.raw.c seems that only ICMP_FILTER is a valid option. Must check! */
348 | if ( setsockopt ( fd, SOL_SOCKET, SO_PRIORITY, &n, sizeof ( n ) ) == -1 )
349 | {
350 | #ifndef NDEBUG
351 | fatal_error ( "Cannot set socket priority: \"%s\"", strerror ( errno ) );
352 | #else
353 | fatal_error ( "Cannot set socket priority" );
354 | #endif
355 | }
356 | }
357 | #endif
358 |
--------------------------------------------------------------------------------
/src/modules/dccp.c:
--------------------------------------------------------------------------------
1 | /* vim: set ts=2 et sw=2 : */
2 | /** @file dccp.c */
3 | /*
4 | * T50 - Experimental Mixed Packet Injector
5 | *
6 | * Copyright (C) 2010 - 2019 - T50 developers
7 | *
8 | * This program is free software: you can redistribute it and/or modify
9 | * it under the terms of the GNU General Public License as published by
10 | * the Free Software Foundation, either version 2 of the License, or
11 | * (at your option) any later version.
12 | *
13 | * This program is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | * GNU General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU General Public License
19 | * along with this program. If not, see .
20 | */
21 |
22 | #include
23 | #include
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 | #include
30 | #include
31 | #include
32 |
33 | /**
34 | * DCCP packet header configuration.
35 | *
36 | * This function configures and sends the DCCP packet header.
37 | *
38 | * @param co Pointer to T50 configuration structure.
39 | * @param size Pointer to packet size (updated by the function).
40 | */
41 | void dccp ( const config_options_T *const restrict co, size_t *restrict size )
42 | {
43 | size_t length,
44 | dccp_length, /* DCCP header length. */
45 | dccp_ext_length; /* DCCP Extended Sequence Number length. */
46 |
47 | /* Packet and Checksum. */
48 | void *buffer_ptr;
49 |
50 | struct iphdr *ip;
51 |
52 | /* GRE Encapsulated IP Header. */
53 | struct iphdr *gre_ip;
54 |
55 | /* DCCP header and PSEUDO header. */
56 | struct dccp_hdr *dccp;
57 | struct psdhdr *pseudo;
58 |
59 | /* DCCP Headers. */
60 | struct dccp_hdr_ext *dccp_ext;
61 | struct dccp_hdr_request *dccp_req;
62 | struct dccp_hdr_response *dccp_res;
63 | struct dccp_hdr_ack_bits *dccp_ack;
64 | struct dccp_hdr_reset *dccp_rst;
65 |
66 | assert ( co != NULL );
67 |
68 | length = gre_opt_len ( co );
69 | dccp_length = dccp_packet_hdr_len ( co->dccp.type );
70 | dccp_ext_length = ( co->dccp.ext ? sizeof ( struct dccp_hdr_ext ) : 0 );
71 |
72 | *size = sizeof ( struct iphdr ) +
73 | sizeof ( struct dccp_hdr ) +
74 | sizeof ( struct psdhdr ) +
75 | dccp_ext_length +
76 | dccp_length +
77 | length;
78 |
79 | /* Try to reallocate packet, if necessary */
80 | alloc_packet ( *size );
81 |
82 | /* IP Header structure making a pointer to Packet. */
83 | ip = ip_header ( packet, *size, co );
84 |
85 | /* Prepare GRE encapsulation, if needed */
86 | gre_ip = gre_encapsulation ( packet, co,
87 | sizeof ( struct iphdr ) +
88 | sizeof ( struct dccp_hdr ) +
89 | dccp_ext_length +
90 | dccp_length );
91 |
92 | /* DCCP Header structure making a pointer to Packet. */
93 | dccp = ( void * ) ( ip + 1 ) + length;
94 | dccp->dccph_sport = IPPORT_RND ( co->source );
95 | dccp->dccph_dport = IPPORT_RND ( co->dest );
96 |
97 | /*
98 | * Datagram Congestion Control Protocol (DCCP) (RFC 4340)
99 | *
100 | * Data Offset: 8 bits
101 | * The offset from the start of the packet's DCCP header to the start
102 | * of its application data area, in 32-bit words. The receiver MUST
103 | * ignore packets whose Data Offset is smaller than the minimum-sized
104 | * header for the given Type or larger than the DCCP packet itself.
105 | */
106 | dccp->dccph_doff = co->dccp.doff ?
107 | co->dccp.doff : ( sizeof ( struct dccp_hdr ) + dccp_length + dccp_ext_length ) / 4;
108 | dccp->dccph_type = co->dccp.type;
109 | dccp->dccph_ccval = __RND ( co->dccp.ccval );
110 |
111 | /*
112 | * Datagram Congestion Control Protocol (DCCP) (RFC 4340)
113 | *
114 | * 9.2. Header Checksum Coverage Field
115 | *
116 | * The Checksum Coverage field in the DCCP generic header (see Section
117 | * 5.1) specifies what parts of the packet are covered by the Checksum
118 | * field, as follows:
119 | *
120 | * CsCov = 0 The Checksum field covers the DCCP header, DCCP
121 | * options, network-layer pseudoheader, and all
122 | * application data in the packet, possibly padded on
123 | * the right with zeros to an even number of bytes.
124 | *
125 | * CsCov = 1-15 The Checksum field covers the DCCP header, DCCP
126 | * options, network-layer pseudoheader, and the initial
127 | * (CsCov-1)*4 bytes of the packet's application data.
128 | */
129 | dccp->dccph_cscov = co->dccp.cscov ?
130 | ( co->dccp.cscov - 1 ) * 4 :
131 | ( co->bogus_csum ? ( uint8_t ) ( RANDOM() & 0xf ) : co->dccp.cscov );
132 |
133 | /*
134 | * Datagram Congestion Control Protocol (DCCP) (RFC 4340)
135 | *
136 | * 5.1. Generic Header
137 | *
138 | * The DCCP generic header takes different forms depending on the value
139 | * of X, the Extended Sequence Numbers bit. If X is one, the Sequence
140 | * Number field is 48 bits long, and the generic header takes 16 bytes,
141 | * as follows.
142 | *
143 | * 0 1 2 3
144 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
145 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
146 | * | Source Port | Dest Port |
147 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
148 | * | Data Offset | CCVal | CsCov | Checksum |
149 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
150 | * | | |X| | .
151 | * | Res | Type |=| Reserved | Sequence Number (high bits) .
152 | * | | |1| | .
153 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
154 | * . Sequence Number (low bits) |
155 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
156 | *
157 | * If X is zero, only the low 24 bits of the Sequence Number are
158 | * transmitted, and the generic header is 12 bytes long.
159 | *
160 | * 0 1 2 3
161 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
162 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
163 | * | Source Port | Dest Port |
164 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
165 | * | Data Offset | CCVal | CsCov | Checksum |
166 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
167 | * | | |X| |
168 | * | Res | Type |=| Sequence Number (low bits) |
169 | * | | |0| |
170 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
171 | */
172 | dccp->dccph_x = co->dccp.ext;
173 | dccp->dccph_seq = __RND ( co->dccp.sequence_01 );
174 | dccp->dccph_seq2 = co->dccp.ext ? 0 : __RND ( co->dccp.sequence_02 );
175 | dccp->dccph_checksum = 0;
176 |
177 | /* NOTE: Not using union 'memptr_T' this time!!! */
178 | buffer_ptr = dccp + 1;
179 |
180 | /* DCCP Extended Header structure making a pointer to Checksum. */
181 | if ( co->dccp.ext )
182 | {
183 | dccp_ext = buffer_ptr;
184 | dccp_ext->dccph_seq_low = __RND ( co->dccp.sequence_03 );
185 |
186 | buffer_ptr = dccp_ext + 1;
187 | }
188 |
189 | /* Identifying the DCCP Type and building it. */
190 | switch ( co->dccp.type )
191 | {
192 | case DCCP_PKT_REQUEST:
193 | /* DCCP Request Header structure making a pointer to Checksum. */
194 | dccp_req = buffer_ptr;
195 | dccp_req->dccph_req_service = __RND ( co->dccp.service );
196 |
197 | buffer_ptr = dccp_req + 1;
198 | break;
199 |
200 | case DCCP_PKT_RESPONSE:
201 | /* DCCP Response Header structure making a pointer to Checksum. */
202 | dccp_res = buffer_ptr;
203 | dccp_res->dccph_resp_ack.dccph_reserved1 = FIELD_MUST_BE_ZERO;
204 | dccp_res->dccph_resp_ack.dccph_ack_nr_high = __RND ( co->dccp.acknowledge_01 );
205 | dccp_res->dccph_resp_ack.dccph_ack_nr_low = __RND ( co->dccp.acknowledge_02 );
206 | dccp_res->dccph_resp_service = __RND ( co->dccp.service );
207 |
208 | buffer_ptr = dccp_res + 1;
209 |
210 | case DCCP_PKT_DATA:
211 | break;
212 |
213 | case DCCP_PKT_DATAACK:
214 | case DCCP_PKT_ACK:
215 | case DCCP_PKT_SYNC:
216 | case DCCP_PKT_SYNCACK:
217 | case DCCP_PKT_CLOSE:
218 | case DCCP_PKT_CLOSEREQ:
219 | /* DCCP Acknowledgment Header structure making a pointer to Checksum. */
220 | dccp_ack = buffer_ptr;
221 | dccp_ack->dccph_reserved1 = FIELD_MUST_BE_ZERO;
222 | dccp_ack->dccph_ack_nr_high = __RND ( co->dccp.acknowledge_01 );
223 |
224 | /* Until DCCP Options implementation. */
225 | if ( co->dccp.type == DCCP_PKT_DATAACK ||
226 | co->dccp.type == DCCP_PKT_ACK )
227 | dccp_ack->dccph_ack_nr_low = htonl ( 1 );
228 | else
229 | dccp_ack->dccph_ack_nr_low = __RND ( co->dccp.acknowledge_02 );
230 |
231 | buffer_ptr = dccp_ack + 1;
232 | break;
233 |
234 | default:
235 | /* DCCP Reset Header structure making a pointer to Checksum. */
236 | dccp_rst = buffer_ptr;
237 | dccp_rst->dccph_reset_ack.dccph_reserved1 = FIELD_MUST_BE_ZERO;
238 | dccp_rst->dccph_reset_ack.dccph_ack_nr_high = __RND ( co->dccp.acknowledge_01 );
239 | dccp_rst->dccph_reset_ack.dccph_ack_nr_low = __RND ( co->dccp.acknowledge_02 );
240 | dccp_rst->dccph_reset_code = __RND ( co->dccp.rst_code );
241 |
242 | buffer_ptr = dccp_rst + 1;
243 | break;
244 | }
245 |
246 | /* PSEUDO Header structure??? */
247 | pseudo = buffer_ptr;
248 |
249 | if ( co->encapsulated )
250 | {
251 | pseudo->saddr = gre_ip->saddr;
252 | pseudo->daddr = gre_ip->daddr;
253 | }
254 | else
255 | {
256 | pseudo->saddr = ip->saddr;
257 | pseudo->daddr = ip->daddr;
258 | }
259 |
260 | pseudo->zero = 0;
261 | pseudo->protocol = co->ip.protocol;
262 | pseudo->len = htons ( ( size_t ) buffer_ptr - ( size_t ) dccp );
263 |
264 | /* Computing the checksum. */
265 | dccp->dccph_checksum = co->bogus_csum ? RANDOM() :
266 | htons ( cksum ( dccp, ( size_t ) ( pseudo + 1 ) - ( size_t ) dccp ) );
267 |
268 | /* Finish GRE encapsulation, if needed */
269 | gre_checksum ( packet, co, *size );
270 | }
271 |
--------------------------------------------------------------------------------