summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorluwenpeng <[email protected]>2023-12-18 16:51:17 +0800
committerluwenpeng <[email protected]>2023-12-18 16:56:37 +0800
commit2e56bd810c956399305697ebfed0b683d88c1265 (patch)
tree7a038b561e05926329cbd67a6231df64753867a7
parentdda0cdf104b92b9e5362dc4d26ca8aa242bba727 (diff)
Add packet helpers
Diffstat
-rw-r--r--src/packet/CMakeLists.txt9
-rw-r--r--src/packet/gtest_packet.cpp26
-rw-r--r--src/packet/gtest_packet_helpers.cpp494
-rw-r--r--src/packet/packet.cpp28
-rw-r--r--src/packet/packet.h7
-rw-r--r--src/packet/packet_helpers.cpp503
-rw-r--r--src/packet/packet_helpers.h68
7 files changed, 1110 insertions, 25 deletions
diff --git a/src/packet/CMakeLists.txt b/src/packet/CMakeLists.txt
index fd771a3..9c567c8 100644
--- a/src/packet/CMakeLists.txt
+++ b/src/packet/CMakeLists.txt
@@ -2,7 +2,7 @@
# packet
###############################################################################
-add_library(packet packet.cpp)
+add_library(packet packet.cpp packet_helpers.cpp)
target_include_directories(packet PUBLIC ${CMAKE_SOURCE_DIR}/src/packet)
target_include_directories(packet PUBLIC ${CMAKE_SOURCE_DIR}/src/tuple)
target_include_directories(packet PUBLIC ${CMAKE_SOURCE_DIR}/deps/uthash)
@@ -16,5 +16,10 @@ add_executable(gtest_packet gtest_packet.cpp)
target_include_directories(gtest_packet PUBLIC ${CMAKE_CURRENT_LIST_DIR})
target_link_libraries(gtest_packet packet gtest)
+add_executable(gtest_packet_helpers gtest_packet_helpers.cpp)
+target_include_directories(gtest_packet_helpers PUBLIC ${CMAKE_CURRENT_LIST_DIR})
+target_link_libraries(gtest_packet_helpers packet gtest)
+
include(GoogleTest)
-gtest_discover_tests(gtest_packet) \ No newline at end of file
+gtest_discover_tests(gtest_packet)
+gtest_discover_tests(gtest_packet_helpers) \ No newline at end of file
diff --git a/src/packet/gtest_packet.cpp b/src/packet/gtest_packet.cpp
index f0ed264..8183cae 100644
--- a/src/packet/gtest_packet.cpp
+++ b/src/packet/gtest_packet.cpp
@@ -75,7 +75,7 @@ unsigned char data1[] = {
0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd, 0xab, 0xcd};
#if 1
-TEST(DATA_PACKET, ETH_VLAN_VLAN_IP4_IP4_UDP)
+TEST(PACKET, ETH_VLAN_VLAN_IP4_IP4_UDP)
{
char buffer[256];
struct packet handler;
@@ -315,7 +315,7 @@ unsigned char data2[] = {
0x2b, 0xb6, 0x3a, 0x9c, 0x84, 0x0e, 0x15, 0x5e, 0x75, 0x3b, 0xc9, 0x0e, 0x94, 0xe6, 0x48, 0x0e, 0x37, 0x07, 0xf8, 0xd9, 0x59, 0x4b, 0x04, 0x50};
#if 1
-TEST(DATA_PACKET, ETH_IP6_IP4_TCP_SSH)
+TEST(PACKET, ETH_IP6_IP4_TCP_SSH)
{
char buffer[256];
struct packet handler;
@@ -535,7 +535,7 @@ unsigned char data3[] = {
0x00, 0x00, 0x03, 0x84, 0x00, 0x09, 0x3a, 0x80, 0x00, 0x01, 0x51, 0x80};
#if 1
-TEST(DATA_PACKET, ETH_VLAN_IP6_IP4_GRE_PPP_IP4_UDP_DNS)
+TEST(PACKET, ETH_VLAN_IP6_IP4_GRE_PPP_IP4_UDP_DNS)
{
char buffer[256];
struct packet handler;
@@ -793,7 +793,7 @@ unsigned char data4[] = {
0x04, 0x02};
#if 1
-TEST(DATA_PACKET, ETH_IP4_IP6_TCP)
+TEST(PACKET, ETH_IP4_IP6_TCP)
{
char buffer[256];
struct packet handler;
@@ -978,7 +978,7 @@ unsigned char data5[] = {
0x58, 0x58};
#if 1
-TEST(DATA_PACKET, ETH_IP6_IP6_UDP)
+TEST(PACKET, ETH_IP6_IP6_UDP)
{
char buffer[256];
struct packet handler;
@@ -1164,7 +1164,7 @@ unsigned char data6[] = {
0x20, 0x00, 0xa7, 0x77, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4, 0x01, 0x03, 0x03, 0x08, 0x01, 0x01, 0x04, 0x02};
#if 1
-TEST(DATA_PACKET, ETH_MPLS_IP4_TCP)
+TEST(PACKET, ETH_MPLS_IP4_TCP)
{
char buffer[256];
struct packet handler;
@@ -1367,7 +1367,7 @@ unsigned char data7[] = {
0x00, 0x00, 0x60, 0x02, 0x10, 0x20, 0xf7, 0x91, 0x00, 0x00, 0x02, 0x04, 0x02, 0x18};
#if 1
-TEST(DATA_PACKET, ETH_MPLS_MPLS_IP4_TCP)
+TEST(PACKET, ETH_MPLS_MPLS_IP4_TCP)
{
char buffer[256];
struct packet handler;
@@ -1583,7 +1583,7 @@ unsigned char data8[] = {
0xda, 0x72, 0x7c, 0x31, 0xf8, 0x20, 0x80, 0x10, 0x0f, 0xc0, 0xc3, 0x61, 0x00, 0x00, 0x01, 0x01, 0x08, 0x0a, 0x00, 0x6f, 0xab, 0xdf, 0x9c, 0x61, 0xc7, 0xc5};
#if 1
-TEST(DATA_PACKET, ETH_VLAN_PPPOE_IP4_TCP)
+TEST(PACKET, ETH_VLAN_PPPOE_IP4_TCP)
{
char buffer[256];
struct packet handler;
@@ -1864,7 +1864,7 @@ unsigned char data9[] = {
0x87, 0x9c, 0x8f, 0x93, 0x97, 0xd4, 0xa2, 0x28, 0x2c, 0x79, 0x22, 0xc8};
#if 1
-TEST(DATA_PACKET, ETH_IP6_UDP_GTP_IP6_TCP_TLS)
+TEST(PACKET, ETH_IP6_UDP_GTP_IP6_TCP_TLS)
{
char buffer[256];
struct packet handler;
@@ -2151,7 +2151,7 @@ unsigned char data10[] = {
0x4f, 0xe9, 0xf5, 0xf0, 0x61, 0x5d, 0x7f, 0xc4, 0xc4, 0xd1, 0x05, 0x54, 0x13, 0xdb};
#if 1
-TEST(DATA_PACKET, ETH_IP6_UDP_GTP_IP4_TCP_TLS)
+TEST(PACKET, ETH_IP6_UDP_GTP_IP4_TCP_TLS)
{
char buffer[256];
struct packet handler;
@@ -2386,7 +2386,7 @@ unsigned char data11[] = {
0x03, 0x77, 0x77, 0x77, 0x06, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x03, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x01, 0x00, 0x01};
#if 1
-TEST(DATA_PACKET, ETH_IP4_UDP_VXLAN_ETH_IP4_UDP_DNS)
+TEST(PACKET, ETH_IP4_UDP_VXLAN_ETH_IP4_UDP_DNS)
{
char buffer[256];
struct packet handler;
@@ -2580,7 +2580,7 @@ unsigned char data12[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
#if 1
-TEST(DATA_PACKET, ETH_MPLS_MPLS_PWETHCW_ETH_ARP)
+TEST(PACKET, ETH_MPLS_MPLS_PWETHCW_ETH_ARP)
{
struct packet handler;
@@ -2679,7 +2679,7 @@ TEST(DATA_PACKET, ETH_MPLS_MPLS_PWETHCW_ETH_ARP)
#endif
#if 1
-TEST(DATA_PACKET, HASH_VALUE)
+TEST(PACKET, HASH_VALUE)
{
struct packet handler;
diff --git a/src/packet/gtest_packet_helpers.cpp b/src/packet/gtest_packet_helpers.cpp
new file mode 100644
index 0000000..feb25c9
--- /dev/null
+++ b/src/packet/gtest_packet_helpers.cpp
@@ -0,0 +1,494 @@
+#include <gtest/gtest.h>
+
+#include "packet_helpers.h"
+
+/******************************************************************************
+ * [Protocols in frame: eth:ethertype:ip:data]
+ ******************************************************************************
+ *
+ * Frame 4: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
+ * Ethernet II, Src: Fortinet_cc:87:22 (e8:1c:ba:cc:87:22), Dst: EvocInte_2f:35:b8 (00:22:46:2f:35:b8)
+ * Destination: EvocInte_2f:35:b8 (00:22:46:2f:35:b8)
+ * Source: Fortinet_cc:87:22 (e8:1c:ba:cc:87:22)
+ * Type: IPv4 (0x0800)
+ * Padding: 0000
+ * Internet Protocol Version 4, Src: 192.168.36.103, Dst: 192.168.40.137
+ * 0100 .... = Version: 4
+ * .... 0101 = Header Length: 20 bytes (5)
+ * Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * 0000 00.. = Differentiated Services Codepoint: Default (0)
+ * .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
+ * Total Length: 44
+ * Identification: 0xffff (65535)
+ * 001. .... = Flags: 0x1, More fragments
+ * 0... .... = Reserved bit: Not set
+ * .0.. .... = Don't fragment: Not set
+ * ..1. .... = More fragments: Set
+ * ...0 0000 0000 0000 = Fragment Offset: 0
+ * Time to Live: 127
+ * Protocol: TCP (6)
+ * Header Checksum: 0x4d8b [correct]
+ * [Header checksum status: Good]
+ * [Calculated Checksum: 0x4d8b]
+ * Source Address: 192.168.36.103
+ * Destination Address: 192.168.40.137
+ * [Reassembled IPv4 in frame: 5]
+ * Data (24 bytes)
+ * Data: f4a5270f9107248703d518e75018ff005e9200003132330a
+ * [Length: 24]
+ */
+
+unsigned char data1[] = {
+ 0x00, 0x22, 0x46, 0x2f, 0x35, 0xb8, 0xe8, 0x1c, 0xba, 0xcc, 0x87, 0x22, 0x08, 0x00, 0x45, 0x00, 0x00, 0x2c, 0xff, 0xff, 0x20, 0x00, 0x7f, 0x06, 0x4d, 0x8b,
+ 0xc0, 0xa8, 0x24, 0x67, 0xc0, 0xa8, 0x28, 0x89, 0xf4, 0xa5, 0x27, 0x0f, 0x91, 0x07, 0x24, 0x87, 0x03, 0xd5, 0x18, 0xe7, 0x50, 0x18, 0xff, 0x00, 0x5e, 0x92,
+ 0x00, 0x00, 0x31, 0x32, 0x33, 0x0a, 0x00, 0x00};
+
+#if 1
+TEST(PACKET_UTILS, IPV4_FRAGMENT)
+{
+ struct packet handler;
+ packet_parse(&handler, (const char *)data1, sizeof(data1));
+
+ EXPECT_TRUE(paket_is_fragment(&handler) == true);
+ EXPECT_TRUE(packet_get_layer_count(&handler) == 2);
+}
+#endif
+
+/******************************************************************************
+ * [Protocols in frame: eth:ethertype:ipv6:ipv6.fraghdr:data]
+ ******************************************************************************
+ *
+ * Frame 5: 1510 bytes on wire (12080 bits), 1510 bytes captured (12080 bits)
+ * Ethernet II, Src: Apple_c0:61:b6 (68:5b:35:c0:61:b6), Dst: Dell_94:65:38 (00:1d:09:94:65:38)
+ * Destination: Dell_94:65:38 (00:1d:09:94:65:38)
+ * Source: Apple_c0:61:b6 (68:5b:35:c0:61:b6)
+ * Type: IPv6 (0x86dd)
+ * Internet Protocol Version 6, Src: 2607:f010:3f9::1001, Dst: 2607:f010:3f9::11:0
+ * 0110 .... = Version: 6
+ * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
+ * .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
+ * .... 0010 0001 0010 1000 1001 = Flow Label: 0x21289
+ * Payload Length: 1456
+ * Next Header: Fragment Header for IPv6 (44)
+ * Hop Limit: 64
+ * Source Address: 2607:f010:3f9::1001
+ * Destination Address: 2607:f010:3f9::11:0
+ * Fragment Header for IPv6
+ * Next header: UDP (17)
+ * Reserved octet: 0x00
+ * 0000 1011 0101 0... = Offset: 362 (2896 bytes)
+ * .... .... .... .00. = Reserved bits: 0
+ * .... .... .... ...1 = More Fragments: Yes
+ * Identification: 0xf88eb466
+ * [Reassembled IPv6 in frame: 6]
+ * Data (1448 bytes)
+ * Data: 686868686868686868686868686868686868686868686868686868686868686868686868…
+ * [Length: 1448]
+ */
+
+unsigned char data2[] = {
+ 0x00, 0x1d, 0x09, 0x94, 0x65, 0x38, 0x68, 0x5b, 0x35, 0xc0, 0x61, 0xb6, 0x86, 0xdd, 0x60, 0x02, 0x12, 0x89, 0x05, 0xb0, 0x2c, 0x40, 0x26, 0x07, 0xf0, 0x10,
+ 0x03, 0xf9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x01, 0x26, 0x07, 0xf0, 0x10, 0x03, 0xf9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11,
+ 0x00, 0x00, 0x11, 0x00, 0x0b, 0x51, 0xf8, 0x8e, 0xb4, 0x66, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68, 0x68,
+ 0x68, 0x68};
+
+#if 1
+TEST(PACKET_UTILS, IPV6_FRAGMENT)
+{
+ struct packet handler;
+ packet_parse(&handler, (const char *)data2, sizeof(data2));
+
+ EXPECT_TRUE(paket_is_fragment(&handler) == true);
+ EXPECT_TRUE(packet_get_layer_count(&handler) == 2);
+}
+#endif
+
+/******************************************************************************
+ * [Protocols in frame: eth:ethertype:ip:ipv6:tcp]
+ ******************************************************************************
+ *
+ * Frame 1: 106 bytes on wire (848 bits), 106 bytes captured (848 bits)
+ * Ethernet II, Src: JuniperN_45:88:29 (2c:6b:f5:45:88:29), Dst: JuniperN_2a:a2:00 (5c:5e:ab:2a:a2:00)
+ * Destination: JuniperN_2a:a2:00 (5c:5e:ab:2a:a2:00)
+ * Source: JuniperN_45:88:29 (2c:6b:f5:45:88:29)
+ * Type: IPv4 (0x0800)
+ * Internet Protocol Version 4, Src: 210.77.88.163, Dst: 59.66.4.50
+ * 0100 .... = Version: 4
+ * .... 0101 = Header Length: 20 bytes (5)
+ * Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * Total Length: 92
+ * Identification: 0x0b4d (2893)
+ * 000. .... = Flags: 0x0
+ * ...0 0000 0000 0000 = Fragment Offset: 0
+ * Time to Live: 59
+ * Protocol: IPv6 (41)
+ * Header Checksum: 0x09c8 [validation disabled]
+ * [Header checksum status: Unverified]
+ * Source Address: 210.77.88.163
+ * Destination Address: 59.66.4.50
+ * Internet Protocol Version 6, Src: 2001:da8:200:900e:200:5efe:d24d:58a3, Dst: 2600:140e:6::1702:1058
+ * 0110 .... = Version: 6
+ * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
+ * Payload Length: 32
+ * Next Header: TCP (6)
+ * Hop Limit: 64
+ * Source Address: 2001:da8:200:900e:200:5efe:d24d:58a3
+ * Destination Address: 2600:140e:6::1702:1058
+ * [Source ISATAP IPv4: 210.77.88.163]
+ * Transmission Control Protocol, Src Port: 52556, Dst Port: 80, Seq: 0, Len: 0
+ * Source Port: 52556
+ * Destination Port: 80
+ * [Stream index: 0]
+ * [Conversation completeness: Complete, WITH_DATA (31)]
+ * [TCP Segment Len: 0]
+ * Sequence Number: 0 (relative sequence number)
+ * Sequence Number (raw): 2172673142
+ * [Next Sequence Number: 1 (relative sequence number)]
+ * Acknowledgment Number: 0
+ * Acknowledgment number (raw): 0
+ * 1000 .... = Header Length: 32 bytes (8)
+ * Flags: 0x002 (SYN)
+ * Window: 8192
+ * [Calculated window size: 8192]
+ * Checksum: 0xf757 [unverified]
+ * [Checksum Status: Unverified]
+ * Urgent Pointer: 0
+ * Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
+ * [Timestamps]
+ */
+
+unsigned char data3[] = {
+ 0x5c, 0x5e, 0xab, 0x2a, 0xa2, 0x00, 0x2c, 0x6b, 0xf5, 0x45, 0x88, 0x29, 0x08, 0x00, 0x45, 0x00, 0x00, 0x5c, 0x0b, 0x4d, 0x00, 0x00, 0x3b, 0x29, 0x09, 0xc8,
+ 0xd2, 0x4d, 0x58, 0xa3, 0x3b, 0x42, 0x04, 0x32, 0x60, 0x00, 0x00, 0x00, 0x00, 0x20, 0x06, 0x40, 0x20, 0x01, 0x0d, 0xa8, 0x02, 0x00, 0x90, 0x0e, 0x02, 0x00,
+ 0x5e, 0xfe, 0xd2, 0x4d, 0x58, 0xa3, 0x26, 0x00, 0x14, 0x0e, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x17, 0x02, 0x10, 0x58, 0xcd, 0x4c, 0x00, 0x50,
+ 0x81, 0x80, 0x5c, 0x76, 0x00, 0x00, 0x00, 0x00, 0x80, 0x02, 0x20, 0x00, 0xf7, 0x57, 0x00, 0x00, 0x02, 0x04, 0x04, 0xc4, 0x01, 0x03, 0x03, 0x08, 0x01, 0x01,
+ 0x04, 0x02};
+
+#if 1
+TEST(PACKET_UTILS, ONLY_TCP)
+{
+ struct packet handler;
+ packet_parse(&handler, (const char *)data3, sizeof(data3));
+
+ EXPECT_TRUE(paket_is_fragment(&handler) == false);
+
+ // TCP
+ EXPECT_TRUE(packet_has_tcp(&handler));
+ EXPECT_TRUE(packet_get_tcp_sport(&handler) == 52556);
+ EXPECT_TRUE(packet_get_tcp_dport(&handler) == 80);
+ EXPECT_TRUE(packet_get_tcp_seq(&handler) == 2172673142);
+ EXPECT_TRUE(packet_get_tcp_ack(&handler) == 0);
+ EXPECT_TRUE(packet_get_tcp_flags(&handler) == 0x002);
+ EXPECT_TRUE(packet_has_tcp_flag_urg(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_ack(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_psh(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_rst(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_syn(&handler) == true);
+ EXPECT_TRUE(packet_has_tcp_flag_fin(&handler) == false);
+
+ // UDP
+ EXPECT_TRUE(packet_has_udp(&handler) == false);
+ EXPECT_TRUE(packet_get_inner_udp_sport(&handler) == 0);
+ EXPECT_TRUE(packet_get_inner_udp_dport(&handler) == 0);
+ EXPECT_TRUE(packet_get_outer_udp_sport(&handler) == 0);
+ EXPECT_TRUE(packet_get_outer_udp_dport(&handler) == 0);
+}
+#endif
+
+/******************************************************************************
+ * [Protocols in frame: eth:ethertype:ipv6:ipv6:udp:data]
+ ******************************************************************************
+ *
+ * Frame 1: 106 bytes on wire (848 bits), 106 bytes captured (848 bits)
+ * Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
+ * Destination: Broadcast (ff:ff:ff:ff:ff:ff)
+ * Source: 00:00:00_00:00:00 (00:00:00:00:00:00)
+ * Type: IPv6 (0x86dd)
+ * Internet Protocol Version 6, Src: 2001:4f8:4:7:2e0:81ff:fe52:ffff, Dst: 2001:4f8:4:7:2e0:81ff:fe52:9a6b
+ * 0110 .... = Version: 6
+ * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
+ * Payload Length: 52
+ * Next Header: IPv6 (41)
+ * Hop Limit: 64
+ * Source Address: 2001:4f8:4:7:2e0:81ff:fe52:ffff
+ * Destination Address: 2001:4f8:4:7:2e0:81ff:fe52:9a6b
+ * [Source SLAAC MAC: TyanComp_52:ff:ff (00:e0:81:52:ff:ff)]
+ * [Destination SLAAC MAC: TyanComp_52:9a:6b (00:e0:81:52:9a:6b)]
+ * Internet Protocol Version 6, Src: dead::beef, Dst: cafe::babe
+ * 0110 .... = Version: 6
+ * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
+ * Payload Length: 12
+ * Next Header: UDP (17)
+ * Hop Limit: 64
+ * Source Address: dead::beef
+ * Destination Address: cafe::babe
+ * User Datagram Protocol, Src Port: 30000, Dst Port: 13000
+ * Source Port: 30000
+ * Destination Port: 13000
+ * Length: 12
+ * Checksum: 0x83d2 [unverified]
+ * [Checksum Status: Unverified]
+ * [Stream index: 0]
+ * [Timestamps]
+ * UDP payload (4 bytes)
+ * Data (4 bytes)
+ */
+
+unsigned char data4[] = {
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x86, 0xdd, 0x60, 0x00, 0x00, 0x00, 0x00, 0x34, 0x29, 0x40, 0x20, 0x01, 0x04, 0xf8,
+ 0x00, 0x04, 0x00, 0x07, 0x02, 0xe0, 0x81, 0xff, 0xfe, 0x52, 0xff, 0xff, 0x20, 0x01, 0x04, 0xf8, 0x00, 0x04, 0x00, 0x07, 0x02, 0xe0, 0x81, 0xff, 0xfe, 0x52,
+ 0x9a, 0x6b, 0x60, 0x00, 0x00, 0x00, 0x00, 0x0c, 0x11, 0x40, 0xde, 0xad, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xbe, 0xef,
+ 0xca, 0xfe, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xba, 0xbe, 0x75, 0x30, 0x32, 0xc8, 0x00, 0x0c, 0x83, 0xd2, 0x58, 0x58,
+ 0x58, 0x58};
+
+#if 1
+TEST(PACKET_UTILS, ONLY_UDP)
+{
+ struct packet handler;
+ packet_parse(&handler, (const char *)data4, sizeof(data4));
+
+ EXPECT_TRUE(paket_is_fragment(&handler) == false);
+
+ // TCP
+ EXPECT_TRUE(packet_has_tcp(&handler) == false);
+ EXPECT_TRUE(packet_get_tcp_sport(&handler) == 0);
+ EXPECT_TRUE(packet_get_tcp_dport(&handler) == 0);
+ EXPECT_TRUE(packet_get_tcp_seq(&handler) == 0);
+ EXPECT_TRUE(packet_get_tcp_ack(&handler) == 0);
+ EXPECT_TRUE(packet_get_tcp_flags(&handler) == 0);
+ EXPECT_TRUE(packet_has_tcp_flag_urg(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_ack(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_psh(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_rst(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_syn(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_fin(&handler) == false);
+
+ // UDP
+ EXPECT_TRUE(packet_has_udp(&handler));
+ EXPECT_TRUE(packet_get_inner_udp_sport(&handler) == 30000);
+ EXPECT_TRUE(packet_get_inner_udp_dport(&handler) == 13000);
+ EXPECT_TRUE(packet_get_outer_udp_sport(&handler) == 30000);
+ EXPECT_TRUE(packet_get_outer_udp_dport(&handler) == 13000);
+}
+#endif
+
+/******************************************************************************
+ * [Protocols in frame: eth:ethertype:ipv6:udp:gtp:ipv6:tcp:ja3:tls]
+ ******************************************************************************
+ *
+ * Frame 1: 1442 bytes on wire (11536 bits), 1442 bytes captured (11536 bits)
+ * Ethernet II, Src: zte_0e:f5:40 (74:4a:a4:0e:f5:40), Dst: HuaweiTe_40:e9:c2 (ac:b3:b5:40:e9:c2)
+ * Destination: HuaweiTe_40:e9:c2 (ac:b3:b5:40:e9:c2)
+ * Source: zte_0e:f5:40 (74:4a:a4:0e:f5:40)
+ * Type: IPv6 (0x86dd)
+ * Internet Protocol Version 6, Src: 2409:8034:4040:5300::105, Dst: 2409:8034:4025::60:61
+ * 0110 .... = Version: 6
+ * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
+ * Payload Length: 1388
+ * Next Header: UDP (17)
+ * Hop Limit: 127
+ * Source Address: 2409:8034:4040:5300::105
+ * Destination Address: 2409:8034:4025::60:61
+ * User Datagram Protocol, Src Port: 2152, Dst Port: 2152
+ * Source Port: 2152
+ * Destination Port: 2152
+ * Length: 1388
+ * Checksum: 0xeb00 [unverified]
+ * [Checksum Status: Unverified]
+ * [Stream index: 0]
+ * [Timestamps]
+ * UDP payload (1380 bytes)
+ * GPRS Tunneling Protocol
+ * Flags: 0x30
+ * Message Type: T-PDU (0xff)
+ * Length: 1372
+ * TEID: 0x024c3cbd (38550717)
+ * Internet Protocol Version 6, Src: 2409:8c34:4400:700:0:4:0:3, Dst: 2409:8934:5082:2100:ecad:e0e4:530a:c269
+ * 0110 .... = Version: 6
+ * .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
+ * .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
+ * Payload Length: 1332
+ * Next Header: TCP (6)
+ * Hop Limit: 56
+ * Source Address: 2409:8c34:4400:700:0:4:0:3
+ * Destination Address: 2409:8934:5082:2100:ecad:e0e4:530a:c269
+ * Transmission Control Protocol, Src Port: 443, Dst Port: 46582, Seq: 1, Ack: 1, Len: 1312
+ * Source Port: 443
+ * Destination Port: 46582
+ * [Stream index: 0]
+ * [Conversation completeness: Incomplete (8)]
+ * [TCP Segment Len: 1312]
+ * Sequence Number: 1 (relative sequence number)
+ * Sequence Number (raw): 2198097831
+ * [Next Sequence Number: 1313 (relative sequence number)]
+ * Acknowledgment Number: 1 (relative ack number)
+ * Acknowledgment number (raw): 2264498872
+ * 0101 .... = Header Length: 20 bytes (5)
+ * Flags: 0x010 (ACK)
+ * Window: 529
+ * [Calculated window size: 529]
+ * [Window size scaling factor: -1 (unknown)]
+ * Checksum: 0x2c4b [unverified]
+ * [Checksum Status: Unverified]
+ * Urgent Pointer: 0
+ * [Timestamps]
+ * [SEQ/ACK analysis]
+ * TCP payload (1312 bytes)
+ * Transport Layer Security
+ */
+
+unsigned char data5[] = {
+ 0xac, 0xb3, 0xb5, 0x40, 0xe9, 0xc2, 0x74, 0x4a, 0xa4, 0x0e, 0xf5, 0x40, 0x86, 0xdd, 0x60, 0x00, 0x00, 0x00, 0x05, 0x6c, 0x11, 0x7f, 0x24, 0x09, 0x80, 0x34,
+ 0x40, 0x40, 0x53, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x05, 0x24, 0x09, 0x80, 0x34, 0x40, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60,
+ 0x00, 0x61, 0x08, 0x68, 0x08, 0x68, 0x05, 0x6c, 0xeb, 0x00, 0x30, 0xff, 0x05, 0x5c, 0x02, 0x4c, 0x3c, 0xbd, 0x60, 0x00, 0x00, 0x00, 0x05, 0x34, 0x06, 0x38,
+ 0x24, 0x09, 0x8c, 0x34, 0x44, 0x00, 0x07, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x03, 0x24, 0x09, 0x89, 0x34, 0x50, 0x82, 0x21, 0x00, 0xec, 0xad,
+ 0xe0, 0xe4, 0x53, 0x0a, 0xc2, 0x69, 0x01, 0xbb, 0xb5, 0xf6, 0x83, 0x04, 0x4f, 0xa7, 0x86, 0xf9, 0x82, 0xb8, 0x50, 0x10, 0x02, 0x11, 0x2c, 0x4b, 0x00, 0x00,
+ 0x17, 0x03, 0x03, 0x3c, 0x8c, 0x87, 0xa0, 0x99, 0x23, 0x5b, 0x53, 0x4a, 0x12, 0x1b, 0xf8, 0xba, 0xe8, 0x83, 0xc2, 0x95, 0xda, 0xb8, 0xea, 0x5b, 0xdc, 0x84,
+ 0x61, 0xa9, 0x86, 0x7e, 0x43, 0xc7, 0x31, 0x44, 0x6e, 0x11, 0xc1, 0x30, 0x21, 0x03, 0xb4, 0x21, 0x4a, 0xee, 0xc9, 0x2e, 0x14, 0xd2, 0x98, 0x63, 0x12, 0xfe,
+ 0x79, 0x58, 0xb3, 0x18, 0xa6, 0x8d, 0x0c, 0x62, 0x67, 0x51, 0xef, 0x02, 0x5a, 0xa8, 0xb3, 0x82, 0x1f, 0xe4, 0x51, 0xba, 0xde, 0xee, 0x83, 0x9c, 0x4e, 0xac,
+ 0x4d, 0xa2, 0xb7, 0x6a, 0x82, 0xe7, 0xbb, 0x00, 0xf7, 0x5a, 0xe7, 0x02, 0x71, 0x7e, 0x7d, 0x6f, 0xf2, 0xe5, 0x47, 0xd0, 0xba, 0x3c, 0x51, 0x09, 0x95, 0xcd,
+ 0xf6, 0xc9, 0x8b, 0x6f, 0xb0, 0x39, 0x11, 0x0d, 0xe9, 0x0d, 0x4d, 0x29, 0xd4, 0xcb, 0x87, 0xba, 0x11, 0xfa, 0x0d, 0x0b, 0x82, 0x95, 0xa5, 0x84, 0x94, 0x48,
+ 0xa2, 0xee, 0xa4, 0xb7, 0xb6, 0x76, 0x13, 0x4d, 0x18, 0x42, 0x91, 0x77, 0xad, 0x82, 0x38, 0xee, 0x34, 0x1c, 0xb7, 0xf6, 0x39, 0xdc, 0xa4, 0x23, 0xa1, 0x7c,
+ 0xa5, 0x0b, 0x7e, 0x4c, 0x8b, 0x81, 0x31, 0x48, 0xea, 0xf4, 0x18, 0x37, 0x09, 0x0a, 0x53, 0x13, 0x05, 0x90, 0x26, 0x10, 0x69, 0xb2, 0xa3, 0x36, 0xbc, 0xa5,
+ 0x83, 0xd8, 0x16, 0x77, 0x98, 0xc8, 0x21, 0x38, 0xd9, 0x88, 0x0c, 0xa7, 0x16, 0x97, 0x4e, 0x20, 0x6d, 0x68, 0xda, 0x1b, 0x3b, 0x4a, 0x62, 0xe0, 0x36, 0x0d,
+ 0xbf, 0x30, 0x71, 0xb1, 0xe9, 0xbe, 0x47, 0x77, 0x99, 0xb9, 0xe6, 0x26, 0xab, 0x81, 0x2e, 0x46, 0xf1, 0x1b, 0x1e, 0xfb, 0xd7, 0x81, 0x60, 0x21, 0x4a, 0x71,
+ 0x85, 0xf7, 0x9c, 0x9c, 0xd4, 0x1c, 0x52, 0xc4, 0x3d, 0x8d, 0x72, 0xf6, 0x7c, 0xd3, 0x58, 0x79, 0x0d, 0x78, 0xd7, 0x7c, 0x29, 0x2b, 0xc3, 0x96, 0x1d, 0xc7,
+ 0x96, 0x50, 0x42, 0xd7, 0xda, 0xeb, 0x29, 0x8e, 0x2a, 0x72, 0x23, 0x57, 0x0f, 0x6f, 0x37, 0x35, 0xb2, 0x42, 0x76, 0x78, 0xbf, 0xbf, 0x8c, 0x3f, 0x31, 0xa2,
+ 0x51, 0xec, 0x9e, 0x0d, 0xfd, 0xf2, 0xaf, 0x71, 0xa0, 0x4f, 0xa9, 0xf6, 0x19, 0xcf, 0x3e, 0x4b, 0xc8, 0xaa, 0x38, 0x06, 0xa1, 0x15, 0xde, 0xde, 0xef, 0x9b,
+ 0x25, 0xa3, 0xcc, 0x47, 0xca, 0x29, 0x30, 0x65, 0x5f, 0xc1, 0x8b, 0x12, 0x63, 0x79, 0xcd, 0x57, 0x4d, 0x99, 0xc0, 0xcd, 0xbe, 0x62, 0xcb, 0xc3, 0xf2, 0x6b,
+ 0x0b, 0x40, 0xc5, 0xee, 0x79, 0x0a, 0xa4, 0x75, 0x56, 0xe7, 0xe7, 0xf2, 0xfd, 0xe0, 0x72, 0x78, 0x04, 0xa2, 0x50, 0x31, 0x09, 0x8b, 0x57, 0xc3, 0x85, 0x4e,
+ 0xc4, 0xae, 0xde, 0x8a, 0xfa, 0xf6, 0x31, 0x06, 0xd2, 0x07, 0x25, 0x40, 0xce, 0x0d, 0xfd, 0x26, 0x98, 0x41, 0xa3, 0xa9, 0xa2, 0x8d, 0x8b, 0x7f, 0x6d, 0x63,
+ 0x87, 0x7e, 0x75, 0x2f, 0x78, 0xc9, 0xd5, 0x04, 0xb2, 0x4f, 0xc9, 0x94, 0xa7, 0x7f, 0xbc, 0x75, 0x7b, 0xb6, 0xfb, 0x2c, 0x46, 0xf6, 0xde, 0x36, 0x31, 0x2a,
+ 0x32, 0x1d, 0x7f, 0x30, 0x9e, 0x4a, 0x84, 0x69, 0x66, 0xac, 0xef, 0xbe, 0xb3, 0x83, 0x8c, 0xb8, 0x30, 0xd2, 0x3f, 0xcf, 0xb5, 0xbb, 0x65, 0xaa, 0xe7, 0x6b,
+ 0x74, 0x48, 0x2c, 0xb2, 0x72, 0x2b, 0x78, 0xaf, 0xd0, 0x71, 0x04, 0xa9, 0xb4, 0x65, 0xd9, 0xfc, 0x74, 0x23, 0xff, 0x89, 0xc1, 0x16, 0x23, 0xac, 0x59, 0x16,
+ 0x89, 0x41, 0xc3, 0xdb, 0xdb, 0x5b, 0x9a, 0x3d, 0x08, 0xc4, 0x12, 0x28, 0xf8, 0x10, 0xa5, 0xad, 0xc6, 0x81, 0xc0, 0x61, 0x48, 0xba, 0x9d, 0xef, 0xc7, 0xf8,
+ 0xad, 0x9a, 0xbd, 0x87, 0xfa, 0x7f, 0xa2, 0x4e, 0x4d, 0xe0, 0x19, 0xd5, 0x47, 0xc7, 0xd0, 0xfb, 0x00, 0x7b, 0xbf, 0x17, 0x80, 0xfe, 0xf5, 0x27, 0xec, 0x94,
+ 0x44, 0x3d, 0x4a, 0x34, 0x49, 0x60, 0xb4, 0x8d, 0x71, 0x6d, 0x9c, 0xf4, 0x4c, 0x33, 0xa9, 0x49, 0x58, 0x58, 0x6f, 0xe1, 0xd1, 0x7d, 0x36, 0x51, 0xf4, 0xd8,
+ 0x0d, 0x0b, 0xfc, 0xeb, 0xae, 0x58, 0x06, 0x08, 0xbf, 0x67, 0x07, 0x28, 0x7e, 0x68, 0x65, 0x79, 0x86, 0xfb, 0x43, 0x0f, 0x0a, 0xef, 0xd0, 0x97, 0x33, 0x10,
+ 0x7a, 0x20, 0xe8, 0x22, 0xe5, 0xdc, 0x0c, 0xa2, 0xa5, 0x50, 0x1b, 0x08, 0x15, 0xc2, 0xec, 0xd2, 0x06, 0x25, 0xd0, 0x3b, 0xfd, 0xe3, 0xa2, 0x6f, 0x41, 0x15,
+ 0x6d, 0x9f, 0x5f, 0xc4, 0x07, 0x5c, 0x99, 0x63, 0xd9, 0xd7, 0xdc, 0x90, 0xc9, 0x8f, 0x3a, 0x4b, 0x6a, 0x84, 0xe8, 0x3c, 0xc7, 0x71, 0x50, 0x71, 0x86, 0x71,
+ 0x7d, 0x54, 0x84, 0x7b, 0xb7, 0xca, 0xd5, 0x42, 0xaf, 0x88, 0xa5, 0xae, 0xa4, 0x9c, 0xfd, 0x71, 0x71, 0x0f, 0x67, 0xaa, 0x1b, 0x61, 0xd7, 0xf4, 0x50, 0x21,
+ 0x9d, 0x80, 0x6e, 0x54, 0xcd, 0xb6, 0xb9, 0x02, 0x3e, 0x59, 0x50, 0xff, 0xf2, 0xda, 0x21, 0x5c, 0x50, 0x6d, 0x64, 0x8c, 0x33, 0x75, 0x2a, 0xa4, 0x56, 0xb3,
+ 0xa8, 0xdb, 0xba, 0xbe, 0x52, 0xd4, 0xe5, 0x29, 0x68, 0xe2, 0x6b, 0x94, 0x6b, 0xb3, 0x90, 0x63, 0x91, 0x1a, 0x95, 0xb5, 0xd7, 0x10, 0x1b, 0xd9, 0x93, 0x4f,
+ 0x33, 0xb6, 0x6a, 0x4e, 0xcd, 0x40, 0x9d, 0x47, 0x76, 0x3e, 0x4b, 0xc7, 0x2f, 0x16, 0x96, 0x64, 0x9d, 0x4e, 0x8c, 0xfb, 0x0f, 0xd2, 0xec, 0x6c, 0xba, 0xf2,
+ 0x9c, 0xca, 0xd2, 0x3e, 0x64, 0x37, 0x32, 0x20, 0xd7, 0x4c, 0xb0, 0xe7, 0xd3, 0x75, 0x51, 0x3a, 0x94, 0xc1, 0xdf, 0x1c, 0xb3, 0x10, 0xd5, 0x1e, 0xcf, 0x7c,
+ 0xb7, 0xab, 0x4a, 0x93, 0xf0, 0x78, 0x58, 0x28, 0x63, 0x10, 0xee, 0xb0, 0xd6, 0x14, 0x81, 0x47, 0xeb, 0x2e, 0xc8, 0x6e, 0x33, 0x7e, 0xf3, 0x2d, 0xc8, 0xdb,
+ 0x29, 0x0c, 0x80, 0xe4, 0x2f, 0x10, 0x07, 0x8e, 0x08, 0x86, 0x97, 0x1b, 0x39, 0x98, 0x39, 0x06, 0xb3, 0x85, 0x53, 0xb7, 0xbb, 0x65, 0x65, 0x85, 0x0e, 0x0a,
+ 0x7d, 0x29, 0x3d, 0x3f, 0x52, 0xc2, 0x7b, 0x2b, 0x30, 0x94, 0x99, 0x6a, 0x4b, 0xad, 0xe9, 0xec, 0xcb, 0xcd, 0xae, 0x97, 0x45, 0x54, 0xd5, 0x00, 0x5e, 0xd8,
+ 0xac, 0xeb, 0x99, 0xdc, 0x58, 0x0b, 0x01, 0xeb, 0x32, 0x22, 0xc4, 0xec, 0x4f, 0xd2, 0x15, 0x03, 0x30, 0x88, 0xc7, 0x28, 0xaf, 0x78, 0xf5, 0x38, 0x84, 0x3b,
+ 0x3b, 0xe9, 0x29, 0x71, 0x50, 0xa3, 0x07, 0x49, 0x3b, 0xc6, 0x97, 0xc6, 0xf9, 0x53, 0x95, 0x51, 0x65, 0x7e, 0xd7, 0xd4, 0xe8, 0x76, 0x6a, 0x6d, 0x37, 0x6b,
+ 0xa5, 0x59, 0xaa, 0x14, 0x18, 0x8c, 0x8d, 0x65, 0x78, 0x67, 0xfb, 0x60, 0x56, 0xab, 0x04, 0xa0, 0xc2, 0x93, 0x46, 0xf1, 0x2b, 0x0d, 0x3b, 0x38, 0x62, 0x62,
+ 0x5e, 0xc8, 0x30, 0xf9, 0x45, 0x28, 0x6f, 0xa1, 0xb1, 0x88, 0xf1, 0x2b, 0x3b, 0xf8, 0xae, 0x91, 0x52, 0xc3, 0x72, 0x86, 0xe4, 0xec, 0xc3, 0x54, 0x86, 0xbf,
+ 0x8f, 0x33, 0xb1, 0x0f, 0x42, 0xc5, 0x9c, 0xb8, 0xc2, 0x67, 0x8b, 0xac, 0x78, 0xd7, 0x63, 0xab, 0x05, 0xc6, 0x6c, 0x37, 0xa1, 0x28, 0xef, 0x95, 0xc9, 0xf5,
+ 0x12, 0x38, 0x54, 0x34, 0x2e, 0x03, 0x6a, 0xaa, 0xa9, 0x97, 0x72, 0x22, 0x9f, 0x20, 0xec, 0x9e, 0x29, 0x09, 0xd8, 0x38, 0xd1, 0x86, 0x82, 0x99, 0xbd, 0x2a,
+ 0x03, 0xe9, 0x3d, 0xbd, 0xea, 0xc5, 0x8b, 0xb0, 0x4c, 0x8b, 0x7e, 0x78, 0x08, 0xef, 0x39, 0xa8, 0xb4, 0x47, 0xce, 0x44, 0xc3, 0x3f, 0x52, 0xe4, 0xbd, 0x9e,
+ 0xf6, 0xed, 0x6f, 0x6c, 0x05, 0x19, 0xa6, 0x0a, 0x1e, 0x48, 0xe3, 0x9b, 0x91, 0x61, 0xef, 0xf5, 0x91, 0x39, 0x70, 0x44, 0x1c, 0x08, 0x2e, 0x2c, 0x6c, 0x27,
+ 0xb9, 0x0e, 0xcc, 0x74, 0x69, 0xa5, 0xf8, 0x19, 0xd6, 0xbf, 0x57, 0x6c, 0x9a, 0x91, 0x74, 0xfd, 0xc2, 0x31, 0x32, 0x12, 0x06, 0xa3, 0x69, 0x71, 0xda, 0x40,
+ 0xa1, 0xf3, 0xb5, 0x9a, 0x43, 0xcc, 0xb4, 0x3c, 0x16, 0x40, 0x65, 0x2b, 0x02, 0xac, 0x5c, 0xae, 0xd6, 0x34, 0x34, 0xe3, 0x69, 0x76, 0x2c, 0xa8, 0xdd, 0x04,
+ 0x92, 0xa6, 0x7a, 0xc0, 0x87, 0x70, 0x8b, 0x85, 0xba, 0x5d, 0xbb, 0x62, 0x70, 0xcc, 0x1f, 0x21, 0x2c, 0x7e, 0xc3, 0x77, 0xcf, 0x23, 0x22, 0xf4, 0x16, 0x8e,
+ 0xf1, 0x3d, 0xdc, 0x33, 0x99, 0x5e, 0xaa, 0xa2, 0x50, 0x68, 0xde, 0x03, 0x44, 0xbb, 0xc7, 0x16, 0x2a, 0xf2, 0x08, 0xeb, 0x3d, 0x12, 0x6d, 0xcb, 0x2a, 0xaf,
+ 0xb4, 0x79, 0xdb, 0x74, 0x5e, 0x54, 0x89, 0x73, 0x0c, 0x48, 0x9c, 0x03, 0x33, 0xd2, 0x92, 0x22, 0xdb, 0x3a, 0xa0, 0x8c, 0xe2, 0x30, 0x6f, 0x39, 0xe4, 0xa9,
+ 0x24, 0x04, 0xbb, 0x85, 0x7d, 0x62, 0xc5, 0xa9, 0x98, 0x92, 0xef, 0xc6, 0xc8, 0xd1, 0x81, 0xad, 0x95, 0x40, 0x27, 0x09, 0xc7, 0x43, 0xcd, 0xb6, 0x94, 0xfc,
+ 0x1c, 0x7d, 0x1c, 0xd3, 0x47, 0xfe, 0x62, 0x9c, 0xfa, 0xeb, 0xfc, 0x02, 0x2e, 0x48, 0x62, 0xcf, 0x63, 0xdb, 0x63, 0xd9, 0x21, 0x86, 0xe8, 0x96, 0x54, 0xeb,
+ 0x6a, 0xa8, 0x78, 0x3c, 0x5b, 0xb6, 0xde, 0xa9, 0x04, 0x48, 0x63, 0xb2, 0x10, 0x02, 0x6a, 0x7f, 0x6d, 0xc8, 0x04, 0xdd, 0x99, 0x25, 0x08, 0xff, 0x80, 0x11,
+ 0x53, 0xfb, 0x7a, 0x07, 0x39, 0xd9, 0x97, 0xca, 0xf0, 0xa7, 0x46, 0x9c, 0xc2, 0xae, 0x2e, 0x05, 0x62, 0xa0, 0xd5, 0x5d, 0x17, 0x0e, 0x5c, 0x7e, 0x9a, 0xb2,
+ 0xb7, 0x9d, 0xd4, 0x4f, 0xe3, 0xac, 0x64, 0xdb, 0x6f, 0x1d, 0xdf, 0xd8, 0x41, 0xd7, 0xd9, 0x50, 0x55, 0x30, 0xeb, 0x4b, 0x19, 0xce, 0x78, 0x1f, 0xa8, 0x1e,
+ 0x87, 0x9c, 0x8f, 0x93, 0x97, 0xd4, 0xa2, 0x28, 0x2c, 0x79, 0x22, 0xc8};
+
+#if 1
+TEST(PACKET_UTILS, UDP_AND_TCP)
+{
+ struct packet handler;
+ packet_parse(&handler, (const char *)data5, sizeof(data5));
+
+ // IP
+ EXPECT_TRUE(paket_is_fragment(&handler) == false);
+
+ // TCP
+ EXPECT_TRUE(packet_has_tcp(&handler) == true);
+ EXPECT_TRUE(packet_get_tcp_sport(&handler) == 443);
+ EXPECT_TRUE(packet_get_tcp_dport(&handler) == 46582);
+ EXPECT_TRUE(packet_get_tcp_seq(&handler) == 2198097831);
+ EXPECT_TRUE(packet_get_tcp_ack(&handler) == 2264498872);
+ EXPECT_TRUE(packet_get_tcp_flags(&handler) == 0x10);
+ EXPECT_TRUE(packet_has_tcp_flag_urg(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_ack(&handler) == true);
+ EXPECT_TRUE(packet_has_tcp_flag_psh(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_rst(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_syn(&handler) == false);
+ EXPECT_TRUE(packet_has_tcp_flag_fin(&handler) == false);
+
+ // UDP
+ EXPECT_TRUE(packet_has_udp(&handler) == true);
+ EXPECT_TRUE(packet_get_inner_udp_sport(&handler) == 2152);
+ EXPECT_TRUE(packet_get_inner_udp_dport(&handler) == 2152);
+ EXPECT_TRUE(packet_get_outer_udp_sport(&handler) == 2152);
+ EXPECT_TRUE(packet_get_outer_udp_dport(&handler) == 2152);
+}
+#endif
+
+int main(int argc, char **argv)
+{
+ ::testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
diff --git a/src/packet/packet.cpp b/src/packet/packet.cpp
index 6bbda4a..bc3cf49 100644
--- a/src/packet/packet.cpp
+++ b/src/packet/packet.cpp
@@ -419,15 +419,18 @@ static inline struct layer_record *get_free_layer(struct packet *handler)
return &handler->layers[handler->layers_used];
}
-#define SET_LAYER(_handler, _layer, _type, _hdr_len, _data, _len) \
- { \
- (_layer)->type = (_type); \
- (_layer)->hdr_offset = (_handler)->data_len - (_len); \
- (_layer)->hdr_ptr = (_data); \
- (_layer)->hdr_len = (_hdr_len); \
- (_layer)->pld_ptr = (_data) + (_hdr_len); \
- (_layer)->pld_len = (_len) - (_hdr_len); \
- (_handler)->layers_used++; \
+#define SET_LAYER(_handler, _layer, _type, _hdr_len, _data, _len) \
+ { \
+ (_layer)->type = (_type); \
+ (_layer)->hdr_offset = (_handler)->data_len - (_len); \
+ (_layer)->hdr_ptr = (_data); \
+ (_layer)->hdr_len = (_hdr_len); \
+ (_layer)->pld_ptr = (_data) + (_hdr_len); \
+ (_layer)->pld_len = (_len) - (_hdr_len); \
+ (_handler)->layers_used++; \
+ PACKET_LOG_DEBUG("%s: layer[%d/%d]: %s, hdr_offset: %d, hdr_ptr: %p, hdr_len: %d, pld_ptr: %p, pld_len: %d", \
+ LOG_PACKET, (_handler)->layers_used - 1, (_handler)->layers_size, layer_type_tostring((_type)), \
+ (_layer)->hdr_offset, (_layer)->hdr_ptr, (_layer)->hdr_len, (_layer)->pld_ptr, (_layer)->pld_len); \
}
/******************************************************************************
@@ -859,6 +862,13 @@ static inline const char *parse_ipv4(struct packet *handler, const char *data, u
uint16_t hdr_len = (hdr->ip_hl & 0xf) * 4u;
SET_LAYER(handler, layer, LAYER_TYPE_IPV4, hdr_len, data, len);
+ // ip fragmented
+ if ((ntohs(hdr->ip_off) & IP_MF) || (ntohs(hdr->ip_off) & IP_OFFMASK))
+ {
+ PACKET_LOG_DEBUG("%s: ip is fragmented", LOG_PACKET);
+ return layer->pld_ptr;
+ }
+
// TESTED
return parse_l4(handler, next_proto, layer->pld_ptr, layer->pld_len);
}
diff --git a/src/packet/packet.h b/src/packet/packet.h
index e718041..6b378c8 100644
--- a/src/packet/packet.h
+++ b/src/packet/packet.h
@@ -11,11 +11,16 @@ extern "C"
#include "tuple.h"
#define PACKET_MAX_LAYERS 16
-//#define PACKET_LOG_ERROR(format, ...) void(0)
+// #define PACKET_LOG_ERROR(format, ...) void(0)
#ifndef PACKET_LOG_ERROR
#define PACKET_LOG_ERROR(format, ...) \
fprintf(stderr, "ERROR " format "\n", ##__VA_ARGS__);
#endif
+// #define PACKET_LOG_DEBUG(format, ...) void(0)
+#ifndef PACKET_LOG_DEBUG
+#define PACKET_LOG_DEBUG(format, ...) \
+ fprintf(stderr, "DEBUG " format "\n", ##__VA_ARGS__);
+#endif
enum layer_type
{
diff --git a/src/packet/packet_helpers.cpp b/src/packet/packet_helpers.cpp
new file mode 100644
index 0000000..74bb998
--- /dev/null
+++ b/src/packet/packet_helpers.cpp
@@ -0,0 +1,503 @@
+#include <arpa/inet.h>
+#include <netinet/ip.h>
+#include <netinet/ip6.h>
+#define __FAVOR_BSD 1
+#include <netinet/tcp.h>
+#include <netinet/udp.h>
+
+#include "packet_helpers.h"
+
+/******************************************************************************
+ * Private API
+ ******************************************************************************/
+
+static bool ipv4_is_fragment(const struct ip *ip_hdr, uint16_t hdr_len)
+{
+ if ((ntohs(ip_hdr->ip_off) & IP_MF) || (ntohs(ip_hdr->ip_off) & IP_OFFMASK))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+static bool ipv6_is_fragment(const struct ip6_hdr *ip6_hdr, uint16_t hdr_len)
+{
+ uint8_t next_hdr = ip6_hdr->ip6_nxt;
+ if (next_hdr == IPPROTO_FRAGMENT)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+/******************************************************************************
+ * Public API
+ ******************************************************************************/
+
+// packet
+uint64_t packet_get_zone_id(const struct packet *pkt)
+{
+ return pkt->zone_id;
+}
+
+uint16_t packet_get_raw_len(const struct packet *pkt)
+{
+ return pkt->data_len;
+}
+
+const char *packet_get0_raw_data(const struct packet *pkt)
+{
+ return pkt->data_ptr;
+}
+
+bool paket_is_fragment(const struct packet *pkt)
+{
+ for (int8_t i = 0; i < pkt->layers_used; i++)
+ {
+ if (pkt->layers[i].type == LAYER_TYPE_IPV4)
+ {
+ struct ip *ip_hdr = (struct ip *)pkt->layers[i].hdr_ptr;
+ uint16_t hdr_len = pkt->layers[i].hdr_len;
+ if (ipv4_is_fragment(ip_hdr, hdr_len))
+ {
+ return true;
+ }
+ }
+
+ if (pkt->layers[i].type == LAYER_TYPE_IPV6)
+ {
+ struct ip6_hdr *ip6_hdr = (struct ip6_hdr *)pkt->layers[i].hdr_ptr;
+ uint16_t hdr_len = pkt->layers[i].hdr_len;
+ if (ipv6_is_fragment(ip6_hdr, hdr_len))
+ {
+ return true;
+ }
+ }
+ }
+
+ return false;
+}
+
+bool packet_has_tcp(const struct packet *pkt)
+{
+ if (packet_get_innermost_layer(pkt, LAYER_TYPE_TCP))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+bool packet_has_udp(const struct packet *pkt)
+{
+ if (packet_get_innermost_layer(pkt, LAYER_TYPE_UDP))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+// foreach layer
+uint8_t packet_get_layer_count(const struct packet *pkt)
+{
+ return pkt->layers_used;
+}
+
+enum layer_type packet_get_layer_type(const struct packet *pkt, uint8_t index)
+{
+ return pkt->layers[index].type;
+}
+
+const char *packet_get_layer_hdr_ptr(const struct packet *pkt, uint8_t index)
+{
+ return pkt->layers[index].hdr_ptr;
+}
+
+const char *packet_get_layer_pld_ptr(const struct packet *pkt, uint8_t index)
+{
+ return pkt->layers[index].pld_ptr;
+}
+
+uint16_t packet_get_layer_hdr_len(const struct packet *pkt, uint8_t index)
+{
+ return pkt->layers[index].hdr_len;
+}
+
+uint16_t packet_get_layer_pld_len(const struct packet *pkt, uint8_t index)
+{
+ return pkt->layers[index].pld_len;
+}
+
+// get tcp layer
+const struct layer_record *packet_get0_tcp_layer(const struct packet *pkt)
+{
+ return packet_get_innermost_layer(pkt, LAYER_TYPE_TCP);
+}
+
+const char *packet_get_tcp_hdr_ptr(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_tcp_layer(pkt);
+ if (layer)
+ {
+ return layer->hdr_ptr;
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+const char *packet_get_tcp_pld_ptr(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_tcp_layer(pkt);
+ if (layer)
+ {
+ return layer->pld_ptr;
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+uint16_t packet_get_tcp_hdr_len(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_tcp_layer(pkt);
+ if (layer)
+ {
+ return layer->hdr_len;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_tcp_pld_len(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_tcp_layer(pkt);
+ if (layer)
+ {
+ return layer->pld_len;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_tcp_sport(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_tcp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohs(((struct tcphdr *)hdr_ptr)->source);
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_tcp_dport(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_tcp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohs(((struct tcphdr *)hdr_ptr)->dest);
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint32_t packet_get_tcp_seq(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_tcp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohl(((struct tcphdr *)hdr_ptr)->seq);
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint32_t packet_get_tcp_ack(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_tcp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohl(((struct tcphdr *)hdr_ptr)->ack_seq);
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint8_t packet_get_tcp_flags(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_tcp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ((struct tcphdr *)hdr_ptr)->th_flags;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+bool packet_has_tcp_flag_urg(const struct packet *pkt)
+{
+ if (packet_get_tcp_flags(pkt) & TH_URG)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+bool packet_has_tcp_flag_ack(const struct packet *pkt)
+{
+ if (packet_get_tcp_flags(pkt) & TH_ACK)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+bool packet_has_tcp_flag_psh(const struct packet *pkt)
+{
+ if (packet_get_tcp_flags(pkt) & TH_PUSH)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+bool packet_has_tcp_flag_rst(const struct packet *pkt)
+{
+ if (packet_get_tcp_flags(pkt) & TH_RST)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+bool packet_has_tcp_flag_syn(const struct packet *pkt)
+{
+ if (packet_get_tcp_flags(pkt) & TH_SYN)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+bool packet_has_tcp_flag_fin(const struct packet *pkt)
+{
+ if (packet_get_tcp_flags(pkt) & TH_FIN)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+// get inner udp layer
+const struct layer_record *packet_get0_inner_udp_layer(const struct packet *pkt)
+{
+ return packet_get_innermost_layer(pkt, LAYER_TYPE_UDP);
+}
+
+const char *packet_get_inner_udp_hdr_ptr(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_inner_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->hdr_ptr;
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+const char *packet_get_inner_udp_pld_ptr(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_inner_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->pld_ptr;
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+uint16_t packet_get_inner_udp_hdr_len(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_inner_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->hdr_len;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_inner_udp_pld_len(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_inner_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->pld_len;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_inner_udp_sport(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_inner_udp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohs(((struct udphdr *)hdr_ptr)->uh_sport);
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_inner_udp_dport(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_inner_udp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohs(((struct udphdr *)hdr_ptr)->uh_dport);
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+// get outer udp layer
+const struct layer_record *packet_get0_outer_udp_layer(const struct packet *pkt)
+{
+ return packet_get_outermost_layer(pkt, LAYER_TYPE_UDP);
+}
+
+const char *packet_get_outer_udp_hdr_ptr(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_outer_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->hdr_ptr;
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+const char *packet_get_outer_udp_pld_ptr(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_outer_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->pld_ptr;
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+uint16_t packet_get_outer_udp_hdr_len(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_outer_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->hdr_len;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_outer_udp_pld_len(const struct packet *pkt)
+{
+ const struct layer_record *layer = packet_get0_outer_udp_layer(pkt);
+ if (layer)
+ {
+ return layer->pld_len;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_outer_udp_sport(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_outer_udp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohs(((struct udphdr *)hdr_ptr)->uh_sport);
+ }
+ else
+ {
+ return 0;
+ }
+}
+
+uint16_t packet_get_outer_udp_dport(const struct packet *pkt)
+{
+ const char *hdr_ptr = packet_get_outer_udp_hdr_ptr(pkt);
+ if (hdr_ptr)
+ {
+ return ntohs(((struct udphdr *)hdr_ptr)->uh_dport);
+ }
+ else
+ {
+ return 0;
+ }
+}
diff --git a/src/packet/packet_helpers.h b/src/packet/packet_helpers.h
new file mode 100644
index 0000000..5158b09
--- /dev/null
+++ b/src/packet/packet_helpers.h
@@ -0,0 +1,68 @@
+#ifndef _PACKET_HELPERS_H
+#define _PACKET_HELPERS_H
+
+#ifdef __cpluscplus
+extern "C"
+{
+#endif
+
+#include "packet.h"
+
+// packet
+uint64_t packet_get_zone_id(const struct packet *pkt);
+uint16_t packet_get_raw_len(const struct packet *pkt);
+const char *packet_get0_raw_data(const struct packet *pkt);
+
+bool paket_is_fragment(const struct packet *pkt);
+bool packet_has_tcp(const struct packet *pkt);
+bool packet_has_udp(const struct packet *pkt);
+
+// foreach layer
+uint8_t packet_get_layer_count(const struct packet *pkt);
+enum layer_type packet_get_layer_type(const struct packet *pkt, uint8_t index);
+const char *packet_get_layer_hdr_ptr(const struct packet *pkt, uint8_t index);
+const char *packet_get_layer_pld_ptr(const struct packet *pkt, uint8_t index);
+uint16_t packet_get_layer_hdr_len(const struct packet *pkt, uint8_t index);
+uint16_t packet_get_layer_pld_len(const struct packet *pkt, uint8_t index);
+
+// get tcp layer
+const struct layer_record *packet_get0_tcp_layer(const struct packet *pkt);
+const char *packet_get_tcp_hdr_ptr(const struct packet *pkt);
+const char *packet_get_tcp_pld_ptr(const struct packet *pkt);
+uint16_t packet_get_tcp_hdr_len(const struct packet *pkt);
+uint16_t packet_get_tcp_pld_len(const struct packet *pkt);
+uint16_t packet_get_tcp_sport(const struct packet *pkt);
+uint16_t packet_get_tcp_dport(const struct packet *pkt);
+uint32_t packet_get_tcp_seq(const struct packet *pkt);
+uint32_t packet_get_tcp_ack(const struct packet *pkt);
+uint8_t packet_get_tcp_flags(const struct packet *pkt);
+bool packet_has_tcp_flag_urg(const struct packet *pkt);
+bool packet_has_tcp_flag_ack(const struct packet *pkt);
+bool packet_has_tcp_flag_psh(const struct packet *pkt);
+bool packet_has_tcp_flag_rst(const struct packet *pkt);
+bool packet_has_tcp_flag_syn(const struct packet *pkt);
+bool packet_has_tcp_flag_fin(const struct packet *pkt);
+
+// get inner udp layer
+const struct layer_record *packet_get0_inner_udp_layer(const struct packet *pkt);
+const char *packet_get_inner_udp_hdr_ptr(const struct packet *pkt);
+const char *packet_get_inner_udp_pld_ptr(const struct packet *pkt);
+uint16_t packet_get_inner_udp_hdr_len(const struct packet *pkt);
+uint16_t packet_get_inner_udp_pld_len(const struct packet *pkt);
+uint16_t packet_get_inner_udp_sport(const struct packet *pkt);
+uint16_t packet_get_inner_udp_dport(const struct packet *pkt);
+
+// get outer udp layer
+const struct layer_record *packet_get0_outer_udp_layer(const struct packet *pkt);
+const char *packet_get_outer_udp_hdr_ptr(const struct packet *pkt);
+const char *packet_get_outer_udp_pld_ptr(const struct packet *pkt);
+uint16_t packet_get_outer_udp_hdr_len(const struct packet *pkt);
+uint16_t packet_get_outer_udp_pld_len(const struct packet *pkt);
+uint16_t packet_get_outer_udp_sport(const struct packet *pkt);
+uint16_t packet_get_outer_udp_dport(const struct packet *pkt);
+
+#ifdef __cpluscplus
+}
+#endif
+
+#endif
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 16:11:24 +0000