Age | Commit message (Collapse) | Author | Files | Lines |
|
Added trafgen_dump.c module which dumps headers from packet
in .cfg format. Packet is dumped if -o <file>.cfg was specified,
it might be useful to specify *.pcap file as input and convert it
into .cfg file to edit proto fields in human readable format.
To make it possible several main changes were added:
1) packet id is embedded into struct packet.id, and
it is updated on each realloc_packet()
2) Added new struct proto_hdr.get_next_proto callback
to make possible apply fields of next header.
3) Added new dev_io ops for writting packets into .cfg file,
to re-use common dev_io mechsnism for packets dumping.
Before dump the default ETH_PROTO fields are applied as first header and
then next proto_hdr is identified via .get_next_proto(...) callback.
Meanwhile only eth, arp, vlan, ip4, udp, & tcp protos can be dissected
into *.cfg format.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Refactor dev_io_ops read & write to specify struct packet *,
it may simplify a bit a caller logic. And it allow to keep
required members within one struct packet object.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add new syntax for DNS header generation via 'dns()' proto function.
The fields are supported:
id - 16 bit identifier
qr - message is a query(0) or response(1)
op|oper - specified kind of query
aanswer - authoritative answer flag
trunc - message was truncated flag
rdesired - recursion desired flag
ravail - recursion available flag
zero - reserved for future use
rcode - response code
qdcount - number of entries in question section
ancount - number of entries in answer section
nscount - number of entries in authority section
arcount - number of entries in additional section
Also there are functions to generate DNS sections:
'qry()' function to generate separate query entry:
name - variable domain name
type - type of the query
class - class of the query
'ans()', 'auth()', 'add' functions to generate separate answer,
authoritative, adidditional entry with the same fields layout:
name - variable domain name
type - resource record type
class - class of the data
ttl - time interval that the record may be cached
len - length of data
data - variable length of bytes
All the DNS section entries will be automaticlly sorted by DNS proto API
in the way which is required by DNS header:
query entries
answer entries
authoritative entries
additional entries
'name' field in qry/ans/auth/add functions is automatically converted to
FQDN format if it was specified as "string".
There are also added functions to simplify the way of filling
some often used RR types for using them inside ans/auth/add functions:
addr(ipv4_addr | ipv6_addr) - fills the following RR fields:
len - 4 or 16 depends on IPv4 or IPv6 address was specified
data - is filled with IPv4 or IPv6 address
type - 1 for IPv4 address, 28 - for IPv6
ns(string)
type - 2
cname(string)
type - 5
ptr(string)
type - 12
EXAMPLES:
{
dns(qr=1,
auth(name="ns1", ns("ns1.org")),
ans(name="www.google.com", cname("google.com")),
auth(name="aa", ns("bb")),
qry(name="www.google.com"))
}
{
dns(qr=1, ans(name="www.google.com", addr(1.2.3.4)))
}
{
dns(qr=1, ans(name="www.google.com", addr(1::)))
}
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is quite tricky to set field value with a variable length
(i.e. DNS query name), to make it possible the field
needs to be added to header with 'len=0' in that case there
will be no any payload allocation, but only while setting the field
value the packet will be appended with a real length bytes and after
the field needs to be relocated to the right place.
Also add 'len' parameter to *_set_bytes(...) functoins to have better
control over it.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use proto_field_set_xxx(field, ...) instead of
proto_hdr_field_set_xxx(hdr, fid, ...) to be more generic and do not
depend on 'hdr' variable.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
There is no point in having the parser show translated error messages
while the rest of the program does only show them in English.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename <bytes> token member to <mac> as it is used only for MAC
address parsing, for dynamic sized bytes array we have <str>.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The parser generator's name is yacc, not yaac.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add ability to send packets from pcap file if it has
".pcap" extension via "-i,--in" option.
By default packet sending is delayed considering original
packets timestamps if no rate or delay is specified via -b/-t options.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The rules mpls_expr and icmpv6_proto are missing a terminating
semicolon. Even though bison seems to accept the rules this way, make
them consistent with all the others in the file.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Extend proto field expression to:
proto_field[{index}:{len}] = {func}
which allows to specify function on the field offset via index
and value length (default is 1 - 1 byte). This rule is optional.
It was needed to keep of proto_field's copies in packet_dyn->fields
instead of original fields which allows to scpecify different functions
on the different parts of same field, also the copy of original
proto_field allows to set custom length/pkt_offset which makes such
field behave as virtual sub-field of the original one with different
length/pkt_offset but point to the same piece of header.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Used IPv6 pattern from nftables project [1] to match valid only IPv6
address to do not mess with MAC or other syntax patterns with ':' symbol.
[1] http://git.netfilter.org/nftables/tree/src/scanner.l
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: add refrence to nftables source]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename all proto_field_xxx(...) functions to proto_hdr_field(...).
It is good for 2 reasons:
1) proto_hdr_field_xxx naming is more consistent as
it is related to proto_hdr API.
2) It makes possible to introduce proto_field_xxx API
which will operate only with struct proto_field.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename field_expr rule to field_value_expr to indicate the rule
relates to field value part in case if there will be added field_expr
rule to describe field expression syntax.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
In the third attempt, finally do the packet slot zeroing correctly. Zero
the struct packet in __init_new_packet_slot() not the struct packet_dyn
in __init_new_counter_slot().
Don't know what hit me yesterday...
Fixes: d6d511ecff24 ("trafgen: proto: Zero out newly allocated struct packet")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix the fat-fingered previous commit which I pushed out too early ;(
Fixes: d6d511ecff24 ("trafgen: proto: Zero out newly allocated struct packet")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
When allocating a new struct packet, the headers and headers_count
fields are not zeroed and retain whatever value the allocator returned.
Incidentally, this usually seems to have been zero. But on some systems
(e.g. Ubuntu 16.04 with a self-compiled 4.9) it is not and we hit the
following bug_on:
trafgen: trafgen_proto.c:135: proto_header_push: Assertion `!(pkt->headers_count >= 16)' failed.
Fix this by properly zeroing the entire struct packet.
Fixes: e7dd63060e44 ("trafgen: proto: Update field value at runtime")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
ETH_P_8021AD might be undefined on 2.6.x Linux version (tested
on Ubuntu 10 with 2.6.32 Linux), so lets check and define it.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 'pfc()' function for PFC header creation with fields:
code - MAC Control opcode
prio - Priority enable vector
prio(0)..prio(7) - Enable/disable pause for prio X
time(0)..time(7) - Set pause time for prio X
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 'pause()' proto header function for IEEE 802.3X PAUSE header
generation with the fields:
code - MAC Control opcode (default 0x0001)
time - PAUSE time (default 0)
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add syntax for specify dynamic random function for proto field:
drnd() | drnd(min, max)
EXAMPLE:
{ udp(sport=drnd()) }
{ udp(sport=drnd(1000, 2000)) }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 'dinc()' function in 'field_expr' rules to be used for dynamically
incrementing of any specified field:
SYNTAX := dinc() | dinc(step) | dinc(min, max) | dinc(min, max, step)
EXAMPLES:
{ udp(sport=dinc() }
{ udp(sport=dinc(1) }
{ udp(sport=dinc(100, 125, 5) }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Changed parsing logic of field value expression to be more generic. Such
approach will allow to easy extend field value expression to support
dynamic field functions.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Currently struct proto_hdr is used twofold:
1) Statically define protocol behavior, i.e. all the *_hdr definitions in
trafgen_l{2,3,4}.c which map a protocol id/layer to a set of callback
functions.
2) For each packet created at parse time the struct is memcpy()'ed
(including all the static information from 1) and then used to store
dynamic information at parse/run time.
Thus, struct proto_hdr members such as the proto id, layer and the
pointers callback functions get copied for each created packet (in
addition to the other fields which get changed during parsing). Also,
static/dynamic information get mixed and we e.g. can't make the protocol
definitions const to ensure they'll not get changed by mistake.
Rather than copying the struct proto_hdr for every packet, clearly
separate the two purposes defined above by splitting struct proto_hdr
into two structs:
1) struct proto_ops for the static (const) protocol behavior definition
2) struct proto_hdr (reduced) for dynamic information
struct proto_hdr keeps a pointer to the corresponding proto_ops instance
and uses it to execute the corresponding callbacks.
Reference: https://groups.google.com/forum/#!msg/netsniff-ng/20RvwJdh50Y/eMkbmKSaBgAJ
Acked-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
If a non-accessible (or non-existing) file is passed to trafgen and the
-p/--cpp option is used, the preprocessor will fail but trafgen will
continue running and producing follow-up errors messages:
cpp: error: foo.conf: No such file or directory
cpp: warning: ā-x cā after last input file has no effect
cpp: fatal error: no input files
compilation terminated.
0 packets to schedule
Enabled kernel qdisc bypass
0 bytes in total
Running! Hang up with ^C!
Enabled kernel qdisc bypass
TX,V2: 0.50 MiB, 256 Frames, each 2048 Byte allocated
TX,V2: 0.50 MiB, 256 Frames, each 2048 Byte allocated
0 packets outgoing
0 bytes outgoing
0 sec, 0 usec on CPU0 (0 packets)
0 sec, 0 usec on CPU1 (0 packets)
To avoid this, check that the file is readable before passing it to the
preprocessor and error out if is not readable.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Until now headers were used only for packet creation at compile time,
which does not allow to handle dynamic field updates at runtime. To
support dynamic updates, it is necessary to keep the proto_hdr entries
around after packet compilation so we can reference the header fields to
dynamically update.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Adjust patch description, simplify code]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Using of current_packet() is not possible for dynamically updated fields
so we need to keep the packet index in proto_hdr struct to reference the
correct packet.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support for generating ICMPv4 headers using the 'icmp4()/icmpv4()'
trafgen generation functions.
Fields supported:
type Set type field (default 0: Echo reply)
Supported keywords: echorequest, echoreply
code Set code field (default 0)
csum Set checksum field (calculated by default)
mtu Set mtu field for destination unreachable (default 0)
seq Set sequence field (default 0)
id Set identifier field (default 0)
addr Set redirect address (default 0.0.0.0)
Example (send ping request):
{ icmpv4(echorequest, seq=1, id=1326) }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: squash commits, consistency between functionality and docu]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
After splitting etype & type to different tokens it is possible
to use 'type' for ICMP type field which is used by RFC.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Split [e]type to separate 'type' & 'etype' keywords,
the reason is that 'type' might be used in other protocol
headers (e.g. ICMP).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support for generating simple ICMPv6 headers using the 'icmp6()/icmpv6()'
trafgen generation function.
Fields supported:
mtype Message type (default: 0)
Supported keywords: echorequest, echoreply
code Code (default: 0)
csum Message checksum (calculated by default)
Examples:
{ eth(), ipv6(daddr=::1), icmpv6(echorequest), 42, 42, 0, 0 }'
If not explicitely specified, the lower header is initialized as Ethernet.
Suggested-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support for generating simple IPv6 headers using the 'ip6()/ipv6()'
trafgen generation function.
Fields supported:
ver|version Version (default: 6)
tc|tclass Traffic class (default: 0)
fl|flow Flow Label (default: 0)
len|length Payload length (calculated by default)
nh|nexthdr Type of next header (default: 0)
hl|hoplimit|ttl Hop Limit, TTL (default: 0)
sa|saddr Source IPv6 address (default: device address)
da|daddr Destination IPv6 address (default: 0:0:0:0:0:0:0:0)
Examples:
{ eth(), ipv6(daddr=1:2:3:4:5:6:7:8) }
{ ipv6(tc=2, hl=3, daddr=::1) }
{ eth(), ipv6(nh=58, sa=2001:db8::, da=::1), 128, 0, 0x52, 0x03, 0, 0, 0, 0 }
If not explicitely specified, the lower header is initialized as Ethernet.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 'mpls()' function for creating MPLS header with parameters:
lbl|label MPLS label
last Indicates the last label on MPLS stack
tc|tclass|exp Traffic Class (TC)
ttl TTL (Time To Live)
Currently only unicast MPLS is supported, but multicast might be set
via 'eth()' function.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 'vlan()' function to generate VLAN header.
Fields supported:
tpid|proto Set TPID (Tag Protocol Identifier) (default 0x8100)
1ad Set TPID field as 0x88a8
1q Set TPID field as 0x8100
tci Set TCI (Tag Control Information) (default 0)
pcp Set PCP (Priority Code Point) (PCP) (default 0)
dei|cfi Set DEI (Drop Eligible Indicator) (default 0)
id Set VID (VLAN Identifier) (default 0)
Examples:
{ eth(), vlan(id=1), ipv4() }
{ vlan(id=1, 1ad), vlan(id=100, pcp=3), ipv4() }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Change proto_header_init(...) and proto_lower_default_add(...)
functions to return struct proto_hdr * to do not call
proto_current_header(...) after, so it makes more sense to get struct
proto_hdr * right after initializing protocol by id.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Get rid of some unnecessary double spaces to make parsers rules look
consistent.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Commit 2ba202b introduced the [e]type field for specifiying the
Ethertype, but at the same time made the existing "prot[o]" field name
not work anymore. Fix it by providing a specific parser rule as it
cannot be solved in the lexer grammar alone (which will always use the
first matching token).
Fixes: 2ba202b ("trafgen: parser: Support "etype"/"type" keywords for Ethertype")
Reported-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add a function 'tcp()' to generate TCP headers from the trafgen
configuration language.
Fields supported:
sp|sport TCP source port (default 0)
dp|dport TCP destination port (default 0)
seq Sequence number (default: 0)
aseq|ackseq Acknowledgement number (default 0)
doff|hlen Header length/data offset (default: 5)
cwr Congestion Window Reduced flag (default: 0)
ece|ecn ECN-Echo flag (default: 0)
urg Urgent flag (default: 0)
ack Acknowledgement flag (default: 0)
psh Push flag (default: 0)
rst Reset flag (default: 0)
syn Synchronize flag (default: 0)
fin Finish flag (default: 0)
win|window Receive window size (default: 0)
csum Checksum field (calculated automatically)
urgptr Urgent pointer (default: 0)
Example (SYN on port 80/http):
{ tcp(dport=80, syn, window=5840) }
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename lexer/parser type and union member ip_addr to ip4_addr. This
will make it easier to distinguish from IPv6 addresses, to be added an a
follow-up patch.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The IEEE 802.3 standard commonly refers to the field specifying the
upper layer protocol as Ethertype, not protocol. Thus, also support the
keywords "etype" and "type" for this field.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add function 'udp()' to generate UDP header.
Fields supported:
sp|sport UDP source port (default 0)
dp|dport UDP destination port (default 0)
len|length Length of UDP header + payload (calculated automatically)
csum Checksum field (calculated automatically)
Example (Echo request):
{ udp(dport=7) }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 'ip4(), ipv4()' function to build IPv4 header.
Fields supported:
ihl IPv4 header length (default 5 )
ver|version IPv4 version (default 4)
ttl Time To Live (TTL) field (default 0)
dscp DiffServ field (default 0)
ecn ECN bits (default 0)
tos TOS (DSCP + ECN) field (default 0)
len|length IPv4 header + payload length (calculated by default)
id Identifier (default 0)
flags Flags field (default 0)
frag Fragment offset (default 0)
csum IPv4 header checksum (calculated by default)
df Set DF (Dont Fragment) bit to 1 (default is 0)
mf Set MF (More Fragments) bit to 1 (default is 0)
sa|saddr IPv4 source address (default used from output device)
da|daddr IPv4 destination address (default 0.0.0.0)
proto IPv4 protocol id (default 0)
Example:
{ ip4(df, mf, frag=100, prot=0x1, ecn=2, dscp=20) }
{ ip4(da=1.1.1.1), ip4(sa=3.3.3.3, da=3.3.3.4) }
Last example generates IP-in-IP packet.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add function 'arp()' to support generating ARP header fields from
the trafgen configuration language.
Supported fields:
htype hardware type, default: 1 (Ethernet)
ptype protocol type, default: 0x0800 (IP)
op|oper operation (req|request, reply, <num>), default: 1 (request)
sha|smac sender MAC address, default: device MAC
spa|sip sender IP address, default: device IP
tha|tmac target MAC address, default: 00:00:00:00:00:00
tpa|tip target IP address, default: 0.0.0.0
Note: setting hlen and tlen is not supported, these will by set to
hlen=6 and plen=4 in any case.
Example usage:
{ arp(op=request, sip=1.1.1.1, smac=11:22:33:44:55:66, tip=42.42.42.42) }
{ arp() }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: document keywords in commit message]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add function 'eth()' to support generating Ethernet header fields from the
trafgen configuration language.
Supported fields:
da|daddr destination address, default: 00:00:00:00:00:00
sa|saddr source address, default: device MAC
prot|proto protocol number, default: 0x0000
Example usage:
{ eth(prot=0x0800, da=11:22:33:44:55:66), fill(0xff, 60) }
{ eth(prot=0x0800) }
{ eth() }
It is important that proto_init is called before fields will be filled
to initialize the specified proto with header fields.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: document supported keywords in commit message]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add current_packet() helper for getting current
used packet and make it public to other modules.
It will be used by proto generation logic.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make public set_fill func to be used by proto generation code.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Pass argv as char *const argv[] as execvp expects it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add -D,--define option which allows to pass multiple
macro/defines which can be used in trafgen script
(e.g. by #ifdef ).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Extend cpp_exec function with args parameter to
specify additional cpp options (like -D).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
In case if cpp failed then it is possible that trafgen
may hang on closing uninitialized yyin.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|