Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/tests/sys/netinet6/frag6/frag6_20.py
39483 views
1
#!/usr/bin/env python

2
#-

3
# SPDX-License-Identifier: BSD-2-Clause

4
#

5
# Copyright (c) 2019 Netflix, Inc.

6
#

7
# Redistribution and use in source and binary forms, with or without

8
# modification, are permitted provided that the following conditions

9
# are met:

10
# 1. Redistributions of source code must retain the above copyright

11
#    notice, this list of conditions and the following disclaimer.

12
# 2. Redistributions in binary form must reproduce the above copyright

13
#    notice, this list of conditions and the following disclaimer in the

14
#    documentation and/or other materials provided with the distribution.

15
#

16
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

17
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

18
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

19
# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

20
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

21
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

22
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

23
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

24
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

25
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

26
# SUCH DAMAGE.

27
#

28
#

29


30
import argparse

31
import logging

32
logging.getLogger("scapy").setLevel(logging.CRITICAL)

33
import scapy.all as sp

34
import socket

35
import sys

36
from sniffer import Sniffer

37
from time import sleep

38


39
def check_icmp6_error(args, packet):

40
	ip6 = packet.getlayer(sp.IPv6)

41
	if not ip6:

42
		return False

43
	oip6 = sp.IPv6(src=args.src[0], dst=args.to[0])

44
	if ip6.dst != oip6.src:

45
		return False

46
	icmp6 = packet.getlayer(sp.ICMPv6TimeExceeded)

47
	if not icmp6:

48
		return False

49
	# ICMP6_TIME_EXCEED_REASSEMBLY 1

50
	if icmp6.code != 1:

51
		return False

52
	# Should we check the payload as well?

53
	# We are running in a very isolated environment and nothing else

54
	# should trigger an ICMPv6 Time Exceeded / Frag reassembly so leave it.

55
	#icmp6.display()

56
	return True

57


58


59
def main():

60
	parser = argparse.ArgumentParser("frag6.py",

61
		description="IPv6 fragementation test tool")

62
	parser.add_argument('--sendif', nargs=1,

63
		required=True,

64
		help='The interface through which the packet will be sent')

65
	parser.add_argument('--recvif', nargs=1,

66
		required=True,

67
		help='The interface on which to check for the packet')

68
	parser.add_argument('--src', nargs=1,

69
		required=True,

70
		help='The source IP address')

71
	parser.add_argument('--to', nargs=1,

72
		required=True,

73
		help='The destination IP address')

74
	parser.add_argument('--debug',

75
		required=False, action='store_true',

76
		help='Enable test debugging')

77


78
	args = parser.parse_args()

79


80


81
	# Start sniffing on recvif

82
	sniffer = Sniffer(args, check_icmp6_error)

83


84


85
	########################################################################

86
	#

87
	# Send a proper first fragment (off=0) and a second fragment which

88
	# just fits the 64k.  The re-send the first fragment with an extra

89
	# unfragmentable part making the 64k to exceed the limit.

90
	# This is to make sure we don't allow to update meta-data for a

91
	# 1st fragmented packet should a second arrive but given the

92
	# fragmentable part is an exact duplicate only that fragment

93
	# will be silently discarded.

94
	#

95
	# A:  Reassembly failure, timeout after

96
	# R:  ICMPv6 time exceeded / statistics for the duplicate

97
	#

98
	data = "6" * 8

99
	ip6f00 = \

100
		sp.Ether() / \

101
		sp.IPv6(src=args.src[0], dst=args.to[0]) / \

102
		sp.IPv6ExtHdrFragment(offset=0, m=1, id=20) / \

103
		sp.UDP(dport=3456, sport=6543) / \

104
		data

105
	data = "6" * 15

106
	ip6f01 = \

107
		sp.Ether() / \

108
		sp.IPv6(src=args.src[0], dst=args.to[0]) / \

109
		sp.IPv6ExtHdrFragment(offset=0x1ffc, m=0, id=20) / \

110
		sp.UDP(dport=3456, sport=6543) / \

111
		data

112
	data = "6" * 8

113
	ip6f02 = \

114
		sp.Ether() / \

115
		sp.IPv6(src=args.src[0], dst=args.to[0]) / \

116
		sp.IPv6ExtHdrDestOpt(options = \

117
		    sp.PadN(optdata="\x00\x00\x00\x00\x00\x00")) / \

118
		sp.IPv6ExtHdrFragment(offset=0, m=1, id=20) / \

119
		sp.UDP(dport=3456, sport=6543) / \

120
		data

121
	if args.debug :

122
		ip6f00.display()

123
		ip6f01.display()

124
		ip6f02.display()

125
	sp.sendp(ip6f00, iface=args.sendif[0], verbose=False)

126
	sp.sendp(ip6f01, iface=args.sendif[0], verbose=False)

127
	sp.sendp(ip6f02, iface=args.sendif[0], verbose=False)

128


129
	sleep(3)

130
	sniffer.setEnd()

131
	sniffer.join()

132
	if not sniffer.foundCorrectPacket:

133
		sys.exit(1)

134


135
	sys.exit(0)

136


137
if __name__ == '__main__':

138
	main()

139


140