diff options
| author | luwenpeng <[email protected]> | 2023-09-08 14:37:42 +0800 |
|---|---|---|
| committer | luwenpeng <[email protected]> | 2023-09-08 14:37:50 +0800 |
| commit | 16066bd3dc9f38e21cf8247b4b913c5bcc59d57e (patch) | |
| tree | 740e602f3029f8ac90b7077c58ec3f8f3d7023fb /src | |
| parent | 92dbc9420833c3c4d716eaea3f7dae7c8638653d (diff) | |
[feature] Support IP Tunnel
* IPv4 in IPv4
* IPv4 in IPv6
* IPv6 in IPv6
* IPv6 in IPv4
Diffstat (limited to 'src')
| -rw-r--r-- | src/packet/packet.rs | 821 |
1 files changed, 821 insertions, 0 deletions
diff --git a/src/packet/packet.rs b/src/packet/packet.rs index 7e1c8ef..1b4602c 100644 --- a/src/packet/packet.rs +++ b/src/packet/packet.rs @@ -455,6 +455,12 @@ fn handle_l4<'a>( next_proto: IPProtocol, ) -> Result<(), PacketError> { match next_proto { + IPProtocol::IPINIP => { + return handle_l3(packet, input, EtherType::IPv4); + } + IPProtocol::IPV6 => { + return handle_l3(packet, input, EtherType::IPv6); + } IPProtocol::ICMP => { let result = IcmpHeader::decode(input); if let Ok((payload, header)) = result { @@ -1053,4 +1059,819 @@ mod tests { ) ) } + + #[test] + fn test_packet_handle_eth_ipv6_ipv4_tcp() { + /* + * Frame 1: 726 bytes on wire (5808 bits), 726 bytes captured (5808 bits) + * Encapsulation type: Ethernet (1) + * Arrival Time: Sep 21, 2020 14:46:16.992138000 CST + * [Time shift for this packet: 0.000000000 seconds] + * Epoch Time: 1600670776.992138000 seconds + * [Time delta from previous captured frame: 0.000000000 seconds] + * [Time delta from previous displayed frame: 0.000000000 seconds] + * [Time since reference or first frame: 0.000000000 seconds] + * Frame Number: 1 + * Frame Length: 726 bytes (5808 bits) + * Capture Length: 726 bytes (5808 bits) + * [Frame is marked: False] + * [Frame is ignored: False] + * [Protocols in frame: eth:ethertype:ipv6:ip:tcp:ssh] + * [Coloring Rule Name: TCP] + * [Coloring Rule String: tcp] + * Ethernet II, Src: EvocInte_36:51:3c (00:22:46:36:51:3c), Dst: EvocInte_36:51:38 (00:22:46:36:51:38) + * Destination: EvocInte_36:51:38 (00:22:46:36:51:38) + * Address: EvocInte_36:51:38 (00:22:46:36:51:38) + * .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) + * .... ...0 .... .... .... .... = IG bit: Individual address (unicast) + * Source: EvocInte_36:51:3c (00:22:46:36:51:3c) + * Address: EvocInte_36:51:3c (00:22:46:36:51:3c) + * .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) + * .... ...0 .... .... .... .... = IG bit: Individual address (unicast) + * Type: IPv6 (0x86dd) + * Internet Protocol Version 6, Src: 2001::192:168:40:134, Dst: 2001::192:168:40:133 + * 0110 .... = Version: 6 + * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) + * .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) + * .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000 + * Payload Length: 672 + * Next Header: IPIP (4) + * Hop Limit: 64 + * Source Address: 2001::192:168:40:134 + * Destination Address: 2001::192:168:40:133 + * [Source Teredo Server IPv4: 0.0.0.0] + * [Source Teredo Port: 65175] + * [Source Teredo Client IPv4: 255.191.254.203] + * [Destination Teredo Server IPv4: 0.0.0.0] + * [Destination Teredo Port: 65175] + * [Destination Teredo Client IPv4: 255.191.254.204] + * Internet Protocol Version 4, Src: 1.1.1.1, Dst: 2.2.2.2 + * 0100 .... = Version: 4 + * .... 0101 = Header Length: 20 bytes (5) + * Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) + * 0000 00.. = Differentiated Services Codepoint: Default (0) + * .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * Total Length: 672 + * Identification: 0x0968 (2408) + * 000. .... = Flags: 0x0 + * 0... .... = Reserved bit: Not set + * .0.. .... = Don't fragment: Not set + * ..0. .... = More fragments: Not set + * ...0 0000 0000 0000 = Fragment Offset: 0 + * Time to Live: 212 + * Protocol: TCP (6) + * Header Checksum: 0xd4ea [correct] + * [Header checksum status: Good] + * [Calculated Checksum: 0xd4ea] + * Source Address: 1.1.1.1 + * Destination Address: 2.2.2.2 + * Transmission Control Protocol, Src Port: 57639, Dst Port: 22, Seq: 1, Ack: 1, Len: 632 + * Source Port: 57639 + * Destination Port: 22 + * [Stream index: 0] + * [Conversation completeness: Incomplete (8)] + * [TCP Segment Len: 632] + * Sequence Number: 1 (relative sequence number) + * Sequence Number (raw): 1508621024 + * [Next Sequence Number: 633 (relative sequence number)] + * Acknowledgment Number: 1 (relative ack number) + * Acknowledgment number (raw): 2828957019 + * 0101 .... = Header Length: 20 bytes (5) + * Flags: 0x018 (PSH, ACK) + * 000. .... .... = Reserved: Not set + * ...0 .... .... = Accurate ECN: Not set + * .... 0... .... = Congestion Window Reduced: Not set + * .... .0.. .... = ECN-Echo: Not set + * .... ..0. .... = Urgent: Not set + * .... ...1 .... = Acknowledgment: Set + * .... .... 1... = Push: Set + * .... .... .0.. = Reset: Not set + * .... .... ..0. = Syn: Not set + * .... .... ...0 = Fin: Not set + * [TCP Flags: ·······AP···] + * Window: 28584 + * [Calculated window size: 28584] + * [Window size scaling factor: -1 (unknown)] + * Checksum: 0xc51f [correct] + * [Checksum Status: Good] + * [Calculated Checksum: 0xc51f] + * Urgent Pointer: 0 + * [Timestamps] + * [Time since first frame in this TCP stream: 0.000000000 seconds] + * [Time since previous frame in this TCP stream: 0.000000000 seconds] + * [SEQ/ACK analysis] + * [Bytes in flight: 632] + * [Bytes sent since last PSH flag: 632] + * TCP payload (632 bytes) + * SSH Protocol + * Packet Length (encrypted): 4fe3a948 + * Encrypted Packet: 9bbea8070ebb5bf1151dc9bedf7889a28f125fad51d5faa70bf234005b77aeabe449a7a5… + * [Direction: client-to-server] + */ + + let bytes = [ + 0x00, 0x22, 0x46, 0x36, 0x51, 0x38, 0x00, 0x22, 0x46, 0x36, 0x51, 0x3c, 0x86, 0xdd, + 0x60, 0x00, 0x00, 0x00, 0x02, 0xa0, 0x04, 0x40, 0x20, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x01, 0x92, 0x01, 0x68, 0x00, 0x40, 0x01, 0x34, 0x20, 0x01, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x01, 0x92, 0x01, 0x68, 0x00, 0x40, 0x01, 0x33, 0x45, 0x00, + 0x02, 0xa0, 0x09, 0x68, 0x00, 0x00, 0xd4, 0x06, 0xd4, 0xea, 0x01, 0x01, 0x01, 0x01, + 0x02, 0x02, 0x02, 0x02, 0xe1, 0x27, 0x00, 0x16, 0x59, 0xeb, 0xba, 0xe0, 0xa8, 0x9e, + 0x75, 0x5b, 0x50, 0x18, 0x6f, 0xa8, 0xc5, 0x1f, 0x00, 0x00, 0x4f, 0xe3, 0xa9, 0x48, + 0x9b, 0xbe, 0xa8, 0x07, 0x0e, 0xbb, 0x5b, 0xf1, 0x15, 0x1d, 0xc9, 0xbe, 0xdf, 0x78, + 0x89, 0xa2, 0x8f, 0x12, 0x5f, 0xad, 0x51, 0xd5, 0xfa, 0xa7, 0x0b, 0xf2, 0x34, 0x00, + 0x5b, 0x77, 0xae, 0xab, 0xe4, 0x49, 0xa7, 0xa5, 0xa7, 0x1f, 0xda, 0x90, 0xcc, 0xe1, + 0x8e, 0x9f, 0xe9, 0xee, 0x53, 0x59, 0xa4, 0x17, 0xf8, 0x0d, 0x40, 0xe5, 0x75, 0x97, + 0xf0, 0x29, 0xfa, 0x7c, 0xb8, 0x12, 0x7e, 0x93, 0xbc, 0x7e, 0x0a, 0x69, 0x8f, 0x1d, + 0x7b, 0x1a, 0x2e, 0xf6, 0xa6, 0x78, 0x67, 0x26, 0xfe, 0x8f, 0xcf, 0x5a, 0x02, 0x7d, + 0xbb, 0x1b, 0xdb, 0xc7, 0x71, 0xee, 0xe9, 0xd9, 0xc1, 0x48, 0xbf, 0xc7, 0xcc, 0x00, + 0x82, 0x7f, 0x69, 0x52, 0xa7, 0xe1, 0x12, 0xec, 0xf1, 0x93, 0xa8, 0x55, 0x5b, 0x33, + 0xd3, 0x35, 0x11, 0x5d, 0xf8, 0x3d, 0x5b, 0x94, 0xc9, 0x67, 0xae, 0xba, 0xc0, 0x4a, + 0x8b, 0x25, 0x8d, 0xbf, 0xd4, 0xcc, 0x24, 0xb7, 0x3d, 0x0f, 0x1a, 0x57, 0x20, 0x5c, + 0x64, 0x62, 0xf7, 0x3c, 0xff, 0xaf, 0x6b, 0xf2, 0xf3, 0xca, 0xd1, 0xcb, 0x7b, 0x9f, + 0xc1, 0x31, 0x25, 0x01, 0xd1, 0x18, 0x78, 0x81, 0xf8, 0xae, 0x61, 0x4b, 0x59, 0xa1, + 0xbe, 0x4a, 0x94, 0x12, 0xa3, 0x05, 0x4a, 0x26, 0x85, 0xbd, 0x5e, 0x59, 0xb2, 0xc2, + 0x24, 0xec, 0xd6, 0x94, 0x6e, 0xc5, 0x7a, 0xdf, 0x21, 0x21, 0xe4, 0x06, 0x67, 0x89, + 0xe0, 0x76, 0x85, 0xa9, 0x00, 0x43, 0xfe, 0x72, 0x8c, 0x10, 0xe4, 0x96, 0x63, 0x1a, + 0xe8, 0x84, 0xe1, 0x86, 0xa2, 0xa5, 0x67, 0x31, 0x67, 0x44, 0xca, 0xec, 0xe8, 0xa1, + 0x3e, 0x5f, 0x4e, 0x71, 0x5d, 0xd4, 0x34, 0xa9, 0x3d, 0xfa, 0x6a, 0xdb, 0xfb, 0x28, + 0x2b, 0x70, 0xcc, 0xf1, 0x3c, 0x7c, 0xf5, 0x39, 0xb5, 0xd0, 0xa2, 0x56, 0x22, 0x96, + 0x7e, 0xc5, 0x0e, 0x66, 0x2d, 0xcd, 0x5c, 0x33, 0x43, 0x1c, 0xca, 0x17, 0x77, 0x46, + 0xb2, 0x41, 0x06, 0x8a, 0x7c, 0x7c, 0x66, 0x06, 0x18, 0x33, 0x21, 0x16, 0x8f, 0x5a, + 0xb7, 0xdd, 0x10, 0xa1, 0xab, 0xe9, 0x66, 0xf7, 0x90, 0x22, 0x2c, 0xbe, 0xdd, 0xad, + 0xe1, 0x40, 0xe9, 0x21, 0x53, 0x97, 0x07, 0x97, 0x6b, 0xd6, 0x91, 0x11, 0x44, 0x4e, + 0x9d, 0x1f, 0x57, 0x07, 0xed, 0xa2, 0xac, 0x77, 0xc0, 0x84, 0xb7, 0xc5, 0x2b, 0xaa, + 0x17, 0xd2, 0xdb, 0x2a, 0x15, 0x47, 0x2b, 0x69, 0xf1, 0xb4, 0xb5, 0x8f, 0x98, 0xcf, + 0x26, 0x03, 0xf0, 0x4b, 0x1a, 0xba, 0x94, 0xc4, 0x12, 0xe3, 0xd1, 0x38, 0x0c, 0x2e, + 0x87, 0x33, 0x0f, 0xe1, 0xa6, 0xba, 0x75, 0xd0, 0xa4, 0x94, 0x80, 0x49, 0x67, 0xa8, + 0x90, 0x31, 0x19, 0xaa, 0xf9, 0x78, 0x0d, 0xdd, 0x64, 0xe3, 0xc7, 0x0e, 0x81, 0xa7, + 0x6b, 0x44, 0x0c, 0xb5, 0xa0, 0x25, 0x8a, 0xa2, 0xdc, 0x5e, 0xbc, 0xcd, 0xb4, 0x87, + 0x1b, 0x6c, 0x08, 0x38, 0x63, 0xa8, 0xc1, 0xde, 0xe2, 0xa1, 0xa4, 0x19, 0x1e, 0x3c, + 0x67, 0x3b, 0xf7, 0x7f, 0x67, 0xfb, 0x50, 0x9a, 0x06, 0x5c, 0xdd, 0xf2, 0x26, 0x2c, + 0xb9, 0xd2, 0xbd, 0x80, 0xd5, 0xfc, 0xc5, 0x54, 0x6c, 0xc1, 0xea, 0x76, 0x3e, 0xd4, + 0xbb, 0x57, 0x65, 0x6a, 0xf8, 0x8e, 0x3e, 0x93, 0xe5, 0x03, 0xfc, 0xce, 0xf1, 0x1c, + 0xf3, 0x10, 0xae, 0x87, 0x78, 0x46, 0x02, 0x63, 0xc5, 0xc0, 0x41, 0xbd, 0xae, 0x46, + 0x68, 0x0c, 0x92, 0x22, 0xa4, 0xc0, 0xce, 0xf3, 0xc4, 0xf7, 0x83, 0xa9, 0x22, 0x78, + 0x74, 0x7f, 0x2e, 0xc1, 0xc6, 0x3b, 0x72, 0x26, 0x4b, 0x45, 0xbd, 0x1b, 0x9f, 0x66, + 0x61, 0x46, 0xbb, 0x0f, 0xf3, 0xc5, 0x65, 0x95, 0xbc, 0xae, 0x8f, 0x37, 0xfd, 0xa3, + 0x20, 0xb6, 0xe4, 0xa8, 0xff, 0x45, 0xa1, 0x01, 0xa1, 0x76, 0xb3, 0xad, 0x16, 0x07, + 0x39, 0x58, 0x3b, 0x34, 0xe9, 0xe6, 0xc0, 0xee, 0x7f, 0x65, 0x6f, 0x68, 0xf4, 0x45, + 0xa4, 0x85, 0xa7, 0x50, 0x63, 0xce, 0x0b, 0x0d, 0xbd, 0xd1, 0x20, 0xc8, 0x41, 0x37, + 0x05, 0x1f, 0x81, 0xf3, 0x7c, 0xe7, 0x67, 0x15, 0xce, 0xad, 0x76, 0x95, 0x1a, 0x93, + 0x4a, 0xab, 0xc4, 0xea, 0x30, 0x44, 0x13, 0x47, 0xec, 0x79, 0xa2, 0x41, 0x0c, 0xdd, + 0x42, 0xdf, 0xbf, 0x02, 0xef, 0x9e, 0x67, 0x7e, 0x1e, 0xb0, 0x2a, 0x7f, 0x97, 0xf3, + 0x5a, 0xbc, 0x21, 0x8d, 0xf9, 0xc3, 0x30, 0x45, 0xfe, 0x72, 0x74, 0x04, 0x53, 0x99, + 0xe7, 0xd1, 0x2b, 0xb6, 0x3a, 0x9c, 0x84, 0x0e, 0x15, 0x5e, 0x75, 0x3b, 0xc9, 0x0e, + 0x94, 0xe6, 0x48, 0x0e, 0x37, 0x07, 0xf8, 0xd9, 0x59, 0x4b, 0x04, 0x50, + ]; + + let mut packet = Packet::new(&bytes, bytes.len() as u32); + let result = packet.handle(); + assert_eq!(result.is_ok(), true); + + assert_eq!(packet.encapsulation.len(), 4); + assert_eq!( + packet.encapsulation[0], + Encapsulation::L2_ETH( + EthernetFrame { + source_mac: MacAddress([0x00, 0x22, 0x46, 0x36, 0x51, 0x3c]), + dest_mac: MacAddress([0x00, 0x22, 0x46, 0x36, 0x51, 0x38]), + ether_type: EtherType::IPv6, + }, + &bytes[14..] + ) + ); + assert_eq!( + packet.encapsulation[1], + Encapsulation::L3_IPV6( + IPv6Header { + version: 6, + dsc: 0, + ecn: 0, + flow_label: 0, + length: 672, + next_header: IPProtocol::IPINIP, + hop_limit: 64, + source_address: Ipv6Addr::new(0x2001, 0x0, 0x0, 0x0, 0x192, 0x168, 0x40, 0x134), + dest_address: Ipv6Addr::new(0x2001, 0x0, 0x0, 0x0, 0x192, 0x168, 0x40, 0x133), + }, + &bytes[54..] + ) + ); + assert_eq!( + packet.encapsulation[2], + Encapsulation::L3_IPV4( + IPv4Header { + version: 4, + ihl: 20, + tos: 0, + length: 672, + id: 0x0968, + flags: 0x0, + frag_offset: 0, + ttl: 212, + protocol: IPProtocol::TCP, + checksum: 0xd4ea, + source_address: Ipv4Addr::new(1, 1, 1, 1), + dest_address: Ipv4Addr::new(2, 2, 2, 2), + }, + &bytes[74..] + ) + ); + assert_eq!( + packet.encapsulation[3], + Encapsulation::L4_TCP( + TcpHeader { + source_port: 57639, + dest_port: 22, + seq_num: 1508621024, + ack_num: 2828957019, + data_offset: 20, + reserved: 0, + flag_urg: false, + flag_ack: true, + flag_psh: true, + flag_rst: false, + flag_syn: false, + flag_fin: false, + window: 28584, + checksum: 0xc51f, + urgent_ptr: 0, + options: None, + }, + &bytes[94..] + ) + ); + + // assert_eq!(1, 0); + } + + #[test] + fn test_packet_handle_eth_ipv4_ipv6_tcp() { + /* + * Frame 8: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) + * Encapsulation type: Ethernet (1) + * Arrival Time: Dec 1, 2015 11:44:34.-817364000 CST + * [Expert Info (Note/Sequence): Arrival Time: Fractional second -817364000 is invalid, the valid range is 0-1000000000] + * [Arrival Time: Fractional second -817364000 is invalid, the valid range is 0-1000000000] + * [Severity level: Note] + * [Group: Sequence] + * [Time shift for this packet: 0.000000000 seconds] + * Epoch Time: -1448941474.817364000 seconds + * [Time delta from previous captured frame: -0.1891105000 seconds] + * [Time delta from previous displayed frame: -0.1891105000 seconds] + * [Time since reference or first frame: -0.1891105000 seconds] + * Frame Number: 8 + * Frame Length: 94 bytes (752 bits) + * Capture Length: 94 bytes (752 bits) + * [Frame is marked: False] + * [Frame is ignored: False] + * [Protocols in frame: eth:ethertype:ip:ipv6:tcp] + * [Coloring Rule Name: Bad TCP] + * [Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update && !tcp.analysis.keep_alive && !tcp.analysis.keep_alive_ack] + * Ethernet II, Src: JuniperN_45:88:29 (2c:6b:f5:45:88:29), Dst: JuniperN_2a:a2:00 (5c:5e:ab:2a:a2:00) + * Destination: JuniperN_2a:a2:00 (5c:5e:ab:2a:a2:00) + * Address: JuniperN_2a:a2:00 (5c:5e:ab:2a:a2:00) + * .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) + * .... ...0 .... .... .... .... = IG bit: Individual address (unicast) + * Source: JuniperN_45:88:29 (2c:6b:f5:45:88:29) + * Address: JuniperN_45:88:29 (2c:6b:f5:45:88:29) + * .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) + * .... ...0 .... .... .... .... = IG bit: Individual address (unicast) + * Type: IPv4 (0x0800) + * Internet Protocol Version 4, Src: 210.77.88.163, Dst: 59.66.4.50 + * 0100 .... = Version: 4 + * .... 0101 = Header Length: 20 bytes (5) + * Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) + * 0000 00.. = Differentiated Services Codepoint: Default (0) + * .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * Total Length: 80 + * Identification: 0x0b53 (2899) + * 000. .... = Flags: 0x0 + * 0... .... = Reserved bit: Not set + * .0.. .... = Don't fragment: Not set + * ..0. .... = More fragments: Not set + * ...0 0000 0000 0000 = Fragment Offset: 0 + * Time to Live: 59 + * Protocol: IPv6 (41) + * Header Checksum: 0x09ce [correct] + * [Header checksum status: Good] + * [Calculated Checksum: 0x09ce] + * Source Address: 210.77.88.163 + * Destination Address: 59.66.4.50 + * Internet Protocol Version 6, Src: 2001:da8:200:900e:200:5efe:d24d:58a3, Dst: 2600:140e:6::1702:1058 + * 0110 .... = Version: 6 + * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) + * .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) + * .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000 + * Payload Length: 20 + * Next Header: TCP (6) + * Hop Limit: 64 + * Source Address: 2001:da8:200:900e:200:5efe:d24d:58a3 + * Destination Address: 2600:140e:6::1702:1058 + * [Source ISATAP IPv4: 210.77.88.163] + * Transmission Control Protocol, Src Port: 52556, Dst Port: 80, Seq: 98, Ack: 1, Len: 0 + * Source Port: 52556 + * Destination Port: 80 + * [Stream index: 0] + * [Conversation completeness: Complete, WITH_DATA (31)] + * [TCP Segment Len: 0] + * Sequence Number: 98 (relative sequence number) + * Sequence Number (raw): 2172673240 + * [Next Sequence Number: 98 (relative sequence number)] + * Acknowledgment Number: 1 (relative ack number) + * Acknowledgment number (raw): 3192771652 + * 0101 .... = Header Length: 20 bytes (5) + * Flags: 0x010 (ACK) + * 000. .... .... = Reserved: Not set + * ...0 .... .... = Accurate ECN: Not set + * .... 0... .... = Congestion Window Reduced: Not set + * .... .0.. .... = ECN-Echo: Not set + * .... ..0. .... = Urgent: Not set + * .... ...1 .... = Acknowledgment: Set + * .... .... 0... = Push: Not set + * .... .... .0.. = Reset: Not set + * .... .... ..0. = Syn: Not set + * .... .... ...0 = Fin: Not set + * [TCP Flags: ·······A····] + * Window: 257 + * [Calculated window size: 65792] + * [Window size scaling factor: 256] + * Checksum: 0xc336 [correct] + * [Checksum Status: Good] + * [Calculated Checksum: 0xc336] + * Urgent Pointer: 0 + * [Timestamps] + * [Time since first frame in this TCP stream: -0.1891105000 seconds] + * [Time since previous frame in this TCP stream: -0.1891105000 seconds] + * [SEQ/ACK analysis] + * [iRTT: -0.1891105000 seconds] + * [TCP Analysis Flags] + * [This is a TCP duplicate ack] + * [Duplicate ACK #: 1] + * [Duplicate to the ACK in frame: 3] + * [Expert Info (Note/Sequence): Duplicate ACK (#1)] + * [Duplicate ACK (#1)] + * [Severity level: Note] + * [Group: Sequence] + */ + + let bytes = [ + 0x5c, 0x5e, 0xab, 0x2a, 0xa2, 0x00, 0x2c, 0x6b, 0xf5, 0x45, 0x88, 0x29, 0x08, 0x00, + 0x45, 0x00, 0x00, 0x50, 0x0b, 0x53, 0x00, 0x00, 0x3b, 0x29, 0x09, 0xce, 0xd2, 0x4d, + 0x58, 0xa3, 0x3b, 0x42, 0x04, 0x32, 0x60, 0x00, 0x00, 0x00, 0x00, 0x14, 0x06, 0x40, + 0x20, 0x01, 0x0d, 0xa8, 0x02, 0x00, 0x90, 0x0e, 0x02, 0x00, 0x5e, 0xfe, 0xd2, 0x4d, + 0x58, 0xa3, 0x26, 0x00, 0x14, 0x0e, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x17, 0x02, 0x10, 0x58, 0xcd, 0x4c, 0x00, 0x50, 0x81, 0x80, 0x5c, 0xd8, 0xbe, 0x4d, + 0xd4, 0x44, 0x50, 0x10, 0x01, 0x01, 0xc3, 0x36, 0x00, 0x00, + ]; + + let mut packet = Packet::new(&bytes, bytes.len() as u32); + let result = packet.handle(); + assert_eq!(result.is_ok(), true); + + assert_eq!(packet.encapsulation.len(), 4); + assert_eq!( + packet.encapsulation[0], + Encapsulation::L2_ETH( + EthernetFrame { + source_mac: MacAddress([0x2c, 0x6b, 0xf5, 0x45, 0x88, 0x29]), + dest_mac: MacAddress([0x5c, 0x5e, 0xab, 0x2a, 0xa2, 0x00]), + ether_type: EtherType::IPv4, + }, + &bytes[14..] + ) + ); + assert_eq!( + packet.encapsulation[1], + Encapsulation::L3_IPV4( + IPv4Header { + version: 4, + ihl: 20, + tos: 0, + length: 80, + id: 0x0b53, + flags: 0x0, + frag_offset: 0, + ttl: 59, + protocol: IPProtocol::IPV6, + checksum: 0x09ce, + source_address: Ipv4Addr::new(210, 77, 88, 163), + dest_address: Ipv4Addr::new(59, 66, 4, 50), + }, + &bytes[34..] + ) + ); + assert_eq!( + packet.encapsulation[2], + Encapsulation::L3_IPV6( + IPv6Header { + version: 6, + dsc: 0, + ecn: 0, + flow_label: 0, + length: 20, + next_header: IPProtocol::TCP, + hop_limit: 64, + source_address: Ipv6Addr::new( + 0x2001, 0x0da8, 0x0200, 0x900e, 0x0200, 0x5efe, 0xd24d, 0x58a3 + ), + dest_address: Ipv6Addr::new( + 0x2600, 0x140e, 0x0006, 0x0000, 0x0000, 0x0000, 0x1702, 0x1058 + ), + }, + &bytes[74..] + ) + ); + assert_eq!( + packet.encapsulation[3], + Encapsulation::L4_TCP( + TcpHeader { + source_port: 52556, + dest_port: 80, + seq_num: 2172673240, + ack_num: 3192771652, + data_offset: 20, + reserved: 0, + flag_urg: false, + flag_ack: true, + flag_psh: false, + flag_rst: false, + flag_syn: false, + flag_fin: false, + window: 257, + checksum: 0xc336, + urgent_ptr: 0, + options: None, + }, + &bytes[94..] + ) + ); + + // assert_eq!(1, 0); + } + + #[test] + fn test_packet_handle_eth_ipv6_ipv6_udp() { + /* + * Frame 1: 106 bytes on wire (848 bits), 106 bytes captured (848 bits) + * Encapsulation type: Ethernet (1) + * Arrival Time: Apr 24, 2012 00:17:52.162188000 CST + * [Time shift for this packet: 0.000000000 seconds] + * Epoch Time: 1335197872.162188000 seconds + * [Time delta from previous captured frame: 0.000000000 seconds] + * [Time delta from previous displayed frame: 0.000000000 seconds] + * [Time since reference or first frame: 0.000000000 seconds] + * Frame Number: 1 + * Frame Length: 106 bytes (848 bits) + * Capture Length: 106 bytes (848 bits) + * [Frame is marked: False] + * [Frame is ignored: False] + * [Protocols in frame: eth:ethertype:ipv6:ipv6:udp:data] + * [Coloring Rule Name: UDP] + * [Coloring Rule String: udp] + * Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: Broadcast (ff:ff:ff:ff:ff:ff) + * Destination: Broadcast (ff:ff:ff:ff:ff:ff) + * Address: Broadcast (ff:ff:ff:ff:ff:ff) + * .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) + * .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast) + * Source: 00:00:00_00:00:00 (00:00:00:00:00:00) + * Address: 00:00:00_00:00:00 (00:00:00:00:00:00) + * .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) + * .... ...0 .... .... .... .... = IG bit: Individual address (unicast) + * Type: IPv6 (0x86dd) + * Internet Protocol Version 6, Src: 2001:4f8:4:7:2e0:81ff:fe52:ffff, Dst: 2001:4f8:4:7:2e0:81ff:fe52:9a6b + * 0110 .... = Version: 6 + * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) + * .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) + * .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000 + * Payload Length: 52 + * Next Header: IPv6 (41) + * Hop Limit: 64 + * Source Address: 2001:4f8:4:7:2e0:81ff:fe52:ffff + * Destination Address: 2001:4f8:4:7:2e0:81ff:fe52:9a6b + * [Source SLAAC MAC: TyanComp_52:ff:ff (00:e0:81:52:ff:ff)] + * [Destination SLAAC MAC: TyanComp_52:9a:6b (00:e0:81:52:9a:6b)] + * Internet Protocol Version 6, Src: dead::beef, Dst: cafe::babe + * 0110 .... = Version: 6 + * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) + * .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) + * .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000 + * Payload Length: 12 + * Next Header: UDP (17) + * Hop Limit: 64 + * Source Address: dead::beef + * Destination Address: cafe::babe + * User Datagram Protocol, Src Port: 30000, Dst Port: 13000 + * Source Port: 30000 + * Destination Port: 13000 + * Length: 12 + * Checksum: 0x83d2 [correct] + * [Calculated Checksum: 0x83d2] + * [Checksum Status: Good] + * [Stream index: 0] + * [Timestamps] + * [Time since first frame: 0.000000000 seconds] + * [Time since previous frame: 0.000000000 seconds] + * UDP payload (4 bytes) + * Data (4 bytes) + * Data: 58585858 + * [Length: 4] + */ + + let bytes = [ + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x86, 0xdd, + 0x60, 0x00, 0x00, 0x00, 0x00, 0x34, 0x29, 0x40, 0x20, 0x01, 0x04, 0xf8, 0x00, 0x04, + 0x00, 0x07, 0x02, 0xe0, 0x81, 0xff, 0xfe, 0x52, 0xff, 0xff, 0x20, 0x01, 0x04, 0xf8, + 0x00, 0x04, 0x00, 0x07, 0x02, 0xe0, 0x81, 0xff, 0xfe, 0x52, 0x9a, 0x6b, 0x60, 0x00, + 0x00, 0x00, 0x00, 0x0c, 0x11, 0x40, 0xde, 0xad, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xbe, 0xef, 0xca, 0xfe, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xba, 0xbe, 0x75, 0x30, 0x32, 0xc8, + 0x00, 0x0c, 0x83, 0xd2, 0x58, 0x58, 0x58, 0x58, + ]; + + let mut packet = Packet::new(&bytes, bytes.len() as u32); + let result = packet.handle(); + assert_eq!(result.is_ok(), true); + + assert_eq!(packet.encapsulation.len(), 4); + assert_eq!( + packet.encapsulation[0], + Encapsulation::L2_ETH( + EthernetFrame { + source_mac: MacAddress([0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), + dest_mac: MacAddress([0xff, 0xff, 0xff, 0xff, 0xff, 0xff]), + ether_type: EtherType::IPv6, + }, + &bytes[14..] + ) + ); + assert_eq!( + packet.encapsulation[1], + Encapsulation::L3_IPV6( + IPv6Header { + version: 6, + dsc: 0, + ecn: 0, + flow_label: 0, + length: 52, + next_header: IPProtocol::IPV6, + hop_limit: 64, + source_address: Ipv6Addr::new( + 0x2001, 0x04f8, 0x0004, 0x0007, 0x02e0, 0x81ff, 0xfe52, 0xffff + ), + dest_address: Ipv6Addr::new( + 0x2001, 0x04f8, 0x0004, 0x0007, 0x02e0, 0x81ff, 0xfe52, 0x9a6b + ), + }, + &bytes[54..] + ) + ); + assert_eq!( + packet.encapsulation[2], + Encapsulation::L3_IPV6( + IPv6Header { + version: 6, + dsc: 0, + ecn: 0, + flow_label: 0, + length: 12, + next_header: IPProtocol::UDP, + hop_limit: 64, + source_address: Ipv6Addr::new( + 0xdead, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0xbeef + ), + dest_address: Ipv6Addr::new( + 0xcafe, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0xbabe + ), + }, + &bytes[94..] + ) + ); + assert_eq!( + packet.encapsulation[3], + Encapsulation::L4_UDP( + UdpHeader { + source_port: 30000, + dest_port: 13000, + length: 12, + checksum: 0x83d2, + }, + &bytes[102..] + ) + ); + + // assert_eq!(1, 0); + } + + #[test] + fn test_packet_handle_eth_vlan_vlan_ipv4_ipv4_udp() { + /* + * Frame 1: 170 bytes on wire (1360 bits), 170 bytes captured (1360 bits) + * Encapsulation type: Ethernet (1) + * Arrival Time: Sep 16, 2018 04:44:31.794779000 CST + * [Time shift for this packet: 0.000000000 seconds] + * Epoch Time: 1537044271.794779000 seconds + * [Time delta from previous captured frame: 0.000000000 seconds] + * [Time delta from previous displayed frame: 0.000000000 seconds] + * [Time since reference or first frame: 0.000000000 seconds] + * Frame Number: 1 + * Frame Length: 170 bytes (1360 bits) + * Capture Length: 170 bytes (1360 bits) + * [Frame is marked: False] + * [Frame is ignored: False] + * [Protocols in frame: eth:ethertype:vlan:ethertype:vlan:ethertype:ip:ip:udp:data] + * [Coloring Rule Name: UDP] + * [Coloring Rule String: udp] + * Ethernet II, Src: HuaweiTe_3b:b3:9a (a4:c6:4f:3b:b3:9a), Dst: 00:00:00_00:00:04 (00:00:00:00:00:04) + * Destination: 00:00:00_00:00:04 (00:00:00:00:00:04) + * Address: 00:00:00_00:00:04 (00:00:00:00:00:04) + * .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) + * .... ...0 .... .... .... .... = IG bit: Individual address (unicast) + * Source: HuaweiTe_3b:b3:9a (a4:c6:4f:3b:b3:9a) + * Address: HuaweiTe_3b:b3:9a (a4:c6:4f:3b:b3:9a) + * .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) + * .... ...0 .... .... .... .... = IG bit: Individual address (unicast) + * Type: 802.1Q Virtual LAN (0x8100) + * 802.1Q Virtual LAN, PRI: 3, DEI: 0, ID: 1624 + * 011. .... .... .... = Priority: Critical Applications (3) + * ...0 .... .... .... = DEI: Ineligible + * .... 0110 0101 1000 = ID: 1624 + * Type: 802.1Q Virtual LAN (0x8100) + * 802.1Q Virtual LAN, PRI: 3, DEI: 0, ID: 505 + * 011. .... .... .... = Priority: Critical Applications (3) + * ...0 .... .... .... = DEI: Ineligible + * .... 0001 1111 1001 = ID: 505 + * Type: IPv4 (0x0800) + * Internet Protocol Version 4, Src: 69.67.35.146, Dst: 41.202.46.110 + * 0100 .... = Version: 4 + * .... 0101 = Header Length: 20 bytes (5) + * Differentiated Services Field: 0xb8 (DSCP: EF PHB, ECN: Not-ECT) + * 1011 10.. = Differentiated Services Codepoint: Expedited Forwarding (46) + * .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * Total Length: 148 + * Identification: 0xe858 (59480) + * 000. .... = Flags: 0x0 + * 0... .... = Reserved bit: Not set + * .0.. .... = Don't fragment: Not set + * ..0. .... = More fragments: Not set + * ...0 0000 0000 0000 = Fragment Offset: 0 + * Time to Live: 255 + * Protocol: IPIP (4) + * Header Checksum: 0x1148 [correct] + * [Header checksum status: Good] + * [Calculated Checksum: 0x1148] + * Source Address: 69.67.35.146 + * Destination Address: 41.202.46.110 + * Internet Protocol Version 4, Src: 10.10.100.25, Dst: 10.10.101.2 + * 0100 .... = Version: 4 + * .... 0101 = Header Length: 20 bytes (5) + * Differentiated Services Field: 0xb8 (DSCP: EF PHB, ECN: Not-ECT) + * 1011 10.. = Differentiated Services Codepoint: Expedited Forwarding (46) + * .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) + * Total Length: 128 + * Identification: 0x0001 (1) + * 000. .... = Flags: 0x0 + * 0... .... = Reserved bit: Not set + * .0.. .... = Don't fragment: Not set + * ..0. .... = More fragments: Not set + * ...0 0000 0000 0000 = Fragment Offset: 0 + * Time to Live: 254 + * Protocol: UDP (17) + * Header Checksum: 0xde84 [correct] + * [Header checksum status: Good] + * [Calculated Checksum: 0xde84] + * Source Address: 10.10.100.25 + * Destination Address: 10.10.101.2 + * User Datagram Protocol, Src Port: 62367, Dst Port: 17000 + * Source Port: 62367 + * Destination Port: 17000 + * Length: 108 + * Checksum: 0x4b9a [correct] + * [Calculated Checksum: 0x4b9a] + * [Checksum Status: Good] + * [Stream index: 0] + * [Timestamps] + * [Time since first frame: 0.000000000 seconds] + * [Time since previous frame: 0.000000000 seconds] + * UDP payload (100 bytes) + * Data (100 bytes) + * Data: 0002000004736c100000000000010000abcdabcdabcdabcdabcdabcdabcdabcdabcdabcd… + * [Length: 100] + */ + + let bytes = [ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0xa4, 0xc6, 0x4f, 0x3b, 0xb3, 0x9a, 0x81, 0x00, + 0x66, 0x58, 0x81, 0x00, 0x61, 0xf9, 0x08, 0x00, 0x45, 0xb8, 0x00, 0x94, 0xe8, 0x58, + 0x00, 0x00, 0xff, 0x04, 0x11, 0x48, 0x45, 0x43, 0x23, 0x92, 0x29, 0xca, 0x2e, 0x6e, + 0x45, 0xb8, 0x00, 0x80, 0x00, 0x01, 0x00, 0x00, 0xfe, 0x11, 0xde, 0x84, 0x0a, 0x0a, + 0x64, 0x19, 0x0a, 0x0a, 0x65, 0x02, 0xf3, 0x9f, 0x42, 0x68, 0x00, 0x6c, 0x4b, 0x9a, + 0x00, 0x02, 0x00, 0x00, 0x04, 0x73, 0x6c, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, + 0x00, 0x00, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, + 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, + 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, + 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, + 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, + 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, + 0xab, 0xcd, + ]; + + let mut packet = Packet::new(&bytes, bytes.len() as u32); + let result = packet.handle(); + assert_eq!(result.is_ok(), true); + + assert_eq!(packet.encapsulation.len(), 6); + assert_eq!( + packet.encapsulation[0], + Encapsulation::L2_ETH( + EthernetFrame { + source_mac: MacAddress([0xa4, 0xc6, 0x4f, 0x3b, 0xb3, 0x9a]), + dest_mac: MacAddress([0x00, 0x00, 0x00, 0x00, 0x00, 0x04]), + ether_type: EtherType::VLAN, + }, + &bytes[14..] + ) + ); + assert_eq!( + packet.encapsulation[1], + Encapsulation::L2_VLAN( + VlanHeader { + priority_code_point: 3, + drop_eligible_indicator: false, + vlan_identifier: 1624, + ether_type: EtherType::VLAN, + }, + &bytes[18..] + ) + ); + assert_eq!( + packet.encapsulation[2], + Encapsulation::L2_VLAN( + VlanHeader { + priority_code_point: 3, + drop_eligible_indicator: false, + vlan_identifier: 505, + ether_type: EtherType::IPv4, + }, + &bytes[22..] + ) + ); + assert_eq!( + packet.encapsulation[3], + Encapsulation::L3_IPV4( + IPv4Header { + version: 4, + ihl: 20, + tos: 0xb8, + length: 148, + id: 0xe858, + flags: 0x0, + frag_offset: 0, + ttl: 255, + protocol: IPProtocol::IPINIP, + checksum: 0x1148, + source_address: Ipv4Addr::new(69, 67, 35, 146), + dest_address: Ipv4Addr::new(41, 202, 46, 110), + }, + &bytes[42..] + ) + ); + assert_eq!( + packet.encapsulation[4], + Encapsulation::L3_IPV4( + IPv4Header { + version: 4, + ihl: 20, + tos: 0xb8, + length: 128, + id: 0x0001, + flags: 0x0, + frag_offset: 0, + ttl: 254, + protocol: IPProtocol::UDP, + checksum: 0xde84, + source_address: Ipv4Addr::new(10, 10, 100, 25), + dest_address: Ipv4Addr::new(10, 10, 101, 2), + }, + &bytes[62..] + ) + ); + assert_eq!( + packet.encapsulation[5], + Encapsulation::L4_UDP( + UdpHeader { + source_port: 62367, + dest_port: 17000, + length: 108, + checksum: 0x4b9a, + }, + &bytes[70..] + ) + ); + + // assert_eq!(1, 0); + } } |