Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Prevent crashes when using mausezahn in interactive mode by using calloc
to zero the memory upon allocation.
Fixes #195
Signed-off-by: Michael R Torres <mic.ric.tor@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Corrects the accidental assignment of _c_ to 'c' or 'p' due to a missing equals sign. This enables the proper display of the missing argument error message for all relevant options.
Signed-off-by: Michael R Torres <mic.ric.tor@gmail.com>
|
|
Add a command line option -R to specify SO_PRIORITY socket option. This
then sets priority of the generated SKBs, which is handy for testing Qdiscs
and other priority-dependent functionality.
Signed-off-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Check for errors in IP addresses specified, and throw an appropriate
error if they are not specified properly, e.g. if user uses `-6`
option with an IPv4 source address.
Closes #166
Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Modify -b option to generate all random MAC addresses.
Improve the random generation algorithm, use nrand48() which fills the
ethernet address in two calls instead of six calls to rand() and six
floating point calculations.
Set the locally administered bit of generated MAC addresses.
Signed-off-by: Matteo Croce <mcroce@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Originally all hex strings (whether they were given on the command line
or in a file) were handled by a call to str2hex():
bytestring_s = str2hex (tx.arg_string, bytestring, MAX_PAYLOAD_SIZE);
Commit f634c74 added code to parse out "payload=" or "p=" flags that may
have been added at the start of the hex string. This code also changed the
logic around this str2hex() call to only call the function and populate
bytestring_s if one of these flags was found. This broke the ability to
pass in a raw hex string on the command line since it fails the check and
bytestring_s is never populated with the hex bytes. I've added an else
condition to make the str2hex() call using the old method in cases where
no "payload=" or "p=" flags are found.
Signed-off-by: Nick Grauel <nicolas.grauel@plexxi.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
CMP_INT evaluates its arguments more than once, and thus passing a
post-incremented pointer as an argument causes double increments and
hence buffer overruns. This can be observed by erratic behavior of IPv6
address ranges. Fix by moving the increment to loop header.
Signed-off-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The -d flag will result in a segmentation fault if 'm' or 's' are
specified without a numeric value.
Example: mausezahn -d m ### Results in a crash
Signed-off-by: Daniel Roberson <daniel@planethacker.net>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Mausezahn will crash when given wrong payload file, e.g., "$./mausezahn
-f wrong_file". This patch fixes the segmentation fault by adding
error-handling code to fopen.
Signed-off-by: Zhouyang Jia <jiazhouyang09@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Jaroslav Škarvada <jskarvad@redhat.com>
|
|
This reverts commit bf0df3ec1875df4b167aedd0fff25e7e56408b6b.
It turns out, just checking for "." in the IPv4 source will prevent the
user from providing an FQDN (which is explicitely allowed and
supported). Also, an FQDN would be a valid argument for the IPv6 source,
so the check for ":" is also not sufficient.
Reference: #166
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Currently, mausezahn fails silently if, say the user has specified
IPv6 addresses using `-A` and `-B` but has forgotten the -6
option. Add error handling for this and the (probably uncommon)
reverse case, i.e. v4 src/dst specified, but used with the -6 option.
Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use all-nodes link local address for IPv6 when destination is not
specified.
There is a comment that says this should be done anyway. According to
RFC 4291, FF01:0:0:0:0:0:0:1 should be the correct address.
Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Closes #161
Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Check device argument by valid ifindex instead of guessing it by
different device name prefixes like "eth", "ath", "ens", "enp".
Use __device_ifindex(...) function for this, which needs to
add few more dependencies like sock.o, link.o to the Makefile for
mausezahn.
Closes #159
Suggested-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This allows a user to pass a range of IPv6 addresses, either like:
fec0:5000::1-fec0:5000::100
or in CIDR notation:
fec0:5000::0/112
These can be used for the -A and/or -B command-line options.
The largest range that can be used is a /64. In other words, if using CIDR
notation, the masklen must be <= 128 and >= 64.
Signed-off-by: Tommy Beadle <tbeadle@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Using the option -F with mausezahn, to read input out of a hexfile,
results in corrupt data transmitted (first byte will always be 0).
Properly parse "payload="/p=" at the start of the file by the same
method as used in layer3.c and layer4.c
Closes #153
Reference: http://permalink.gmane.org/gmane.linux.network.netsniff-ng/600
Signed-off-by: Thomas Fleischmann <thomas.fleischmann.08@googlemail.com>
Reported-by: Thomas De Schampheleire
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make sure params is always NULL-terminated as strncpy() doesn't
guarantee this.
Closes #134
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
mz fails to start in cli mode and prints each time different pcap errors:
$ mz -x -V
fatal flex scanner internal error--end of buffer missed
rx_arp: [ERROR] Error calling pcap_compile
or simply shuts down. Sometimes it successfully gets up.
Seems some initialization pcap functions are not thread safer.
Fixed by using mutex locking before entering pcap_loop()
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Changed to print packet types by '-t help' earlier before mz will try to
identify link device to bind.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tklauser: whitespace cleanup and minor commit message adjustments]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fixed warnings:
Warning: [lookupdev.c get_dev_params()] Cannot open socket!
when specify help for packet type:
# mz -t tcp help
Also fixes delayed output of the same command if user is root.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
I have been investigating tools to generate UDP with checksums of
zero for software testing. This is legal in IPv4 but unwise due to
inability to verify the data has not been corrupted.
I found that mausezahn was not able to create these packets due
despite being able to create incorrect UDP checksums. The code does
not distinguish set to zero and unset.
Results as seen by wireshark (UDP checksum verification enabled)
mausezahn eth0 -A 192.168.0.105 -B 192.168.0.104 -t udp "sp=32452,dp=1024" -P Hello
-> UDP checksum is automatically set to the valid value.
mausezahn eth0 -A 192.168.0.105 -B 192.168.0.104 -t udp "sp=32452,dp=1024,udp_sum=1" -P Hello
-> UDP checksum is set to 1 (which is invalid and highlighted by wireshark).
mausezahn eth0 -A 192.168.0.105 -B 192.168.0.104 -t udp "sp=32452,dp=1024,udp_sum=0" -P Hello
-> Before patch the checksum was set to the valid value.
-> After patch the checksum was sent to zero.
Signed-off-by: Mark Latimer <mark.latimer@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
ANSI C doesn't allow empty parameter list, thus use void where
appropriate. This fixes the corresponding sparse warning.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Specify the listen-addr for the CLI in /etc/netsniff-ng/mausezahn.conf
and remove the message, "mz: device not given, will use eth0" since
we're listening by IP, rather than interface now, and this shows continues
to show.
$ grep listen-addr /etc/netsniff-ng/mausezahn.conf
listen-addr = 127.0.0.1
$ mausezahn -V -x
mz: device eth0 got assigned 10.0.2.15 and is a possible candidate.
mz: device lo got assigned 127.0.0.1 (loopback)
Opening config file /etc/netsniff-ng/mausezahn.conf...
...
Mausezahn accepts incoming Telnet connections on 127.0.0.1:25542.
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Specify the port for the CLI in /etc/netsniff-ng/mausezahn.conf like so:
$ grep port /etc/netsniff-ng/mausezahn.conf
port = 65000
$ mausezahn -V -x -l 127.0.0.1
Mausezahn 0.40 - (C) 2007-2010 by Herbert Haas - http://www.perihel.at/sec/mz/
Use at your own risk and responsibility!
-- Verbose mode --
...
Opening config file /etc/netsniff-ng/mausezahn.conf...
...
Mausezahn accepts incoming Telnet connections on 127.0.0.1:65000.
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
[tklauser: Fixed whitespace issues for patch to apply cleanly]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Tobias pointed out and fixed in commit 9ef1dd15551f ("mausezahn:
Increase buffer size for listen address string") that the buffer isn't
log enough to hold the null terminator character. The declaration of the
buffer in cli.h was missed though.
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch> [commit msg edited]
|
|
Commit 134a7beb7ab ("mausezahn: re-work configuration file") changed
mausezahn to look for the configuration file in /etc/netsniff-ng. The
filename was intended to be mausezahn.conf not mausezahn.cfg to fit with
the other *.conf file extensions in /etc/netsniff-ng, so change it now.
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch> [commit msg edited]
|
|
Commit 2de653340c ("mausezahn: bind to IP address in interactive mode")
introduced mz_listen_addr of size 15 to hold the IP address to bind to.
Since an address can be maximum 15 characters long, this doesn't account
for the terminating '\0'. Fix this by increasing the buffer size to 16.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Adds new option ``-l'' that can be used to set mausezahn's
listen address to bind to an IP of choice. e.g.
mausezahn -l 127.0.0.1 -x
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
/etc/netsniff-ng/mausezahn.conf as mentioned in manual was never read
because code was statically set to mz.cfg in /etc/mausezahn. This patch
simplifies things by using the existing /etc/netsniff-ng directory created
in the default install and still using a single configuration but with a
an easier to remember name e.g. ${tool}.conf.
Example:
$ cat /etc/netsniff-ng/mausezahn.conf
user = testuser
password = testpassword
enable = awesome
Pre-patch:
$ mausezahn -x
Mausezahn accepts incoming Telnet connections on port 25542.
mz: Problems opening config file. Will use defaults
Post-patch:
$ mausezahn -x
Mausezahn accepts incoming Telnet connections on port 25542.
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Replace an odd use of the ternary operator with a more readable if/else.
This fixes Debian Bug #750077.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Older versions of libcli lack an include in libcli.h. [1] fixed the
configure script to not fail in in the test [2], and an include into
cli.h was added as well for the main mausezahn build.
[1] http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-analyzer/netsniff-ng/files/netsniff-ng-0.5.8-libcli-test.patch?revision=1.1&view=markup
[2] http://b-4.xmw.de/var/log/portage/build/net-analyzer/netsniff-ng-0.5.8_rc2:20130805-055918.log
Reported-by: Michael Weber <michael@xmw.de>
Suggested-by: Michael Weber <michael@xmw.de>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
In order to be able to better track regressions or to give support,
let us track the Git id as well in version information. This makes
the ``--version'' switch actually useful.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Fix for spelling mistakes detected by Lintian.
Signed-off-by: Kartik Mistry <kartik@debian.org>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Include long version string into tools when called with --version.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Do not show the old mausezahn version in the prompt, since
we use a different versioning scheme.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
After some back and forth, we decided that it is easier to maintain
mausezahn in a staging directory until it is fully reworked and
cleaned up to be ready to be fully integrated. This way, it is better
than having it in a separate branch, and we can also accept patches
from outside more easily. Also, while at it, fix up some function
mismatches with libcli.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|