diff options
author | Sam Roberts <vieuxtech@gmail.com> | 2010-02-18 14:42:34 -0800 |
---|---|---|
committer | Sam Roberts <vieuxtech@gmail.com> | 2010-02-18 14:42:34 -0800 |
commit | 69bee641d27fc335e3de89074a2fe27abcee7dbc (patch) | |
tree | 9ef6f1d55f6c3faa4fdd1ef9ff0cfd909c658e00 | |
parent | e4093139d5fb9e0e1a6eccfc452120f5d0eccd2b (diff) | |
download | libnet-69bee641d27fc335e3de89074a2fe27abcee7dbc.tar.gz |
Factored pcap reencoding out, and implemented reencoding test on pcaps.
-rw-r--r-- | lua/.gitignore | 1 | ||||
-rw-r--r-- | lua/dhcp.pcap | bin | 0 -> 1400 bytes | |||
-rw-r--r-- | lua/netutil.lua | 69 | ||||
-rwxr-xr-x | lua/pcap-reencode | 26 | ||||
-rwxr-xr-x | lua/recoding-test | 50 |
5 files changed, 105 insertions, 41 deletions
diff --git a/lua/.gitignore b/lua/.gitignore index 051f225..b71a675 100644 --- a/lua/.gitignore +++ b/lua/.gitignore @@ -1,4 +1,5 @@ *.so *.test _* +reencoded-*.pcap cap0.pcap diff --git a/lua/dhcp.pcap b/lua/dhcp.pcap Binary files differnew file mode 100644 index 0000000..373794d --- /dev/null +++ b/lua/dhcp.pcap diff --git a/lua/netutil.lua b/lua/netutil.lua index c54b844..4774d00 100644 --- a/lua/netutil.lua +++ b/lua/netutil.lua @@ -1,3 +1,5 @@ +require"pcap" +require"net" require"tostring" -- Quote a string into lua form (including the non-printable characters from @@ -18,7 +20,11 @@ end q = quote -- binary to hex +-- binary to hex function h(s) + if s == nil then + return "nil" + end local function hex(s) return string.format("%02x", string.byte(s)) end @@ -40,3 +46,66 @@ function b(s) return s end +function countdiff(s0, s1) + assert(#s0 == #s1) + local count = 0 + for i=1,#s0 do + if string.byte(s0, i) ~= string.byte(s1, i) then + count = count + 1 + end + end + return count +end + +function assertmostlyeql(threshold, s0, s1) + assert(#s0 == #s1) + local diff = countdiff(s0, s1) + assert(diff <= threshold, diff) +end + +function pcapreencode(incap, outcap) + if not outcap then + outcap = "reencoded-"..incap + end + os.remove(outcap) + + local cap = assert(pcap.open_offline(incap)) + local dmp = assert(cap:dump_open(outcap)) + local n = assert(net.init()) + local i = 0 + for pkt, time, len in cap.next, cap do + i = i + 1 + print("packet", i, "wirelen", len, "timestamp", time, os.date("!%c", time)) + assert(n:clear()) + assert(n:decode_eth(pkt)) + assert(dmp:dump(n:block(), time, len)) + end + -- FIXME assert(i > 0) + dmp:close() + cap:close() + n:destroy() + return outcap +end + +function assertpcapsimilar(threshold, file0, file1) + local n0 = assert(net.init()) + local n1 = assert(net.init()) + local cap0 = assert(pcap.open_offline(file0)) + local cap1 = assert(pcap.open_offline(file1)) + local i = 0 + for pkt0, time0, len0 in cap0.next, cap0 do + local pkt1, time1, len1 = assert(cap1:next()) + i = i + 1 + + print("packet0", i, "wirelen", len0, "timestamp", time0, os.date("!%c", time0)) + print("packet1", i, "wirelen", len1, "timestamp", time1, os.date("!%c", time1)) + + assert(len0 == len1) + assert(time0 == time1, string.format("%.7f ~= %.7f", time0, time1)) + assertmostlyeql(threshold, pkt0, pkt1) + end + assert(cap1:next() == nil) + n0:destroy() + n1:destroy() +end + diff --git a/lua/pcap-reencode b/lua/pcap-reencode index ea2480c..4b43f7b 100755 --- a/lua/pcap-reencode +++ b/lua/pcap-reencode @@ -1,28 +1,6 @@ #!/usr/bin/env lua --- binary to hex -function h(s) - local function hex(s) - return string.format("%02x", string.byte(s)) - end - return "["..#s.."] "..string.gsub(s, ".", hex) -end +require"netutil" -require"pcap" -require"net" -require"tostring" - -cap = assert(pcap.open_offline(arg[1])) -dmp = assert(cap:dump_open(arg[2])) - -n = net.init() - -local i = 0; -for pkt, time, len in cap.next, cap do - i = i + 1 - print("packet", i, "wirelen", len, "timestamp", time, os.date("!%c", time)) - assert(n:clear()) - assert(n:decode_eth(pkt)) - assert(dmp:dump(n:block(), time, len)) -end +pcapreencode(arg[1], arg[2]) diff --git a/lua/recoding-test b/lua/recoding-test index 3cb2a12..21d4942 100755 --- a/lua/recoding-test +++ b/lua/recoding-test @@ -44,23 +44,6 @@ function build_tcp() return n:block() end -local function countdiff(s0, s1) - assert(#s0 == #s1) - local count = 0 - for i=1,#s0 do - if string.byte(s0, i) ~= string.byte(s1, i) then - count = count + 1 - end - end - return count -end - -local function assertmostlyeql(threshold, s0, s1) - assert(#s0 == #s1) - local diff = countdiff(s0, s1) - assert(diff <= threshold, diff) -end - -- Build packets: udp = build_udp() @@ -384,3 +367,36 @@ roundtrip_ipv4_from_eth("modbus response", roundtrip_ipv4_from_eth("snmp_packet", "08003715e6bc00123f4a33d2080045000052aa1a0000801111c3ac1f1336ac1f13493e2d00a1003e8d4d303402010004067075626c6963a027020127020100020100301c300c06082b060102010105000500300c06082b060102010106000500") + +do + print("test: reencode") + + local function reencode_invalid_packets(infile, threshold) + print("infile", infile) + local outfile = pcapreencode(infile) + print("outfile", outfile) + assertpcapsimilar(threshold or 0, infile, outfile) + end + + -- dhcp0 actually has invalid ip checksums, must have been captured on a local host + reencode_invalid_packets"dhcp.pcap" + + --[[ + reencode_invalid_packets"1266367426.00000000.pcap" + reencode_invalid_packets"1266367426.00000001.pcap" + reencode_invalid_packets"1266367426.00000002.pcap" + reencode_invalid_packets"1266367426.00000003.pcap" + reencode_invalid_packets"1266367426.00000004.pcap" + reencode_invalid_packets"1266367426.00000005.pcap" + reencode_invalid_packets"1266367426.00000006.pcap" + reencode_invalid_packets"1266367426.00000007.pcap" + reencode_invalid_packets"1266367426.00000008.pcap" + reencode_invalid_packets"1266367426.00000009.pcap" + reencode_invalid_packets"1266367426.00000010.pcap" + reencode_invalid_packets"1266367426.00000011.pcap" + reencode_invalid_packets"1266367426.00000012.pcap" + reencode_invalid_packets"1266368836.00000000.pcap" + reencode_invalid_packets"1266368836.00000001.pcap" + --]] +end + |