xref: /openbsd-src/regress/sys/netinet/frag/frag_permute.py (revision b30da24348dcdc1cb9f976c08827dece44c7c9f9) 
1647ac401Sbluhm#!/usr/local/bin/python3
23fe81ad4Sbluhm
3647ac401Sbluhmprint("send 3 non-overlapping ping fragments in all possible orders")
43fe81ad4Sbluhm
53fe81ad4Sbluhm# |----|
63fe81ad4Sbluhm#      |----|
73fe81ad4Sbluhm#           |----|
83fe81ad4Sbluhm
93fe81ad4Sbluhmimport os
103fe81ad4Sbluhmfrom addr import *
113fe81ad4Sbluhmfrom scapy.all import *
123fe81ad4Sbluhm
133fe81ad4Sbluhmpermute=[]
143fe81ad4Sbluhmpermute.append([0,1,2])
153fe81ad4Sbluhmpermute.append([0,2,1])
163fe81ad4Sbluhmpermute.append([1,0,2])
173fe81ad4Sbluhmpermute.append([2,0,1])
183fe81ad4Sbluhmpermute.append([1,2,0])
193fe81ad4Sbluhmpermute.append([2,1,0])
203fe81ad4Sbluhm
213fe81ad4Sbluhmpid=os.getpid()
22647ac401Sbluhmpayload=b"ABCDEFGHIJKLMNOP"
233fe81ad4Sbluhmfor p in permute:
243fe81ad4Sbluhm	pid += 1
253fe81ad4Sbluhm	eid=pid & 0xffff
263fe81ad4Sbluhm	packet=IP(src=LOCAL_ADDR, dst=REMOTE_ADDR)/ \
273fe81ad4Sbluhm	    ICMP(type='echo-request', id=eid)/payload
283fe81ad4Sbluhm	frag=[]
293fe81ad4Sbluhm	fid=pid & 0xffff
307cd47444Sbluhm	frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
31647ac401Sbluhm	    flags='MF')/bytes(packet)[20:28])
327cd47444Sbluhm	frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
33647ac401Sbluhm	    frag=1, flags='MF')/bytes(packet)[28:36])
347cd47444Sbluhm	frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
35647ac401Sbluhm	    frag=2)/bytes(packet)[36:48])
363fe81ad4Sbluhm	eth=[]
373fe81ad4Sbluhm	for i in range(3):
383fe81ad4Sbluhm		eth.append(Ether(src=LOCAL_MAC, dst=REMOTE_MAC)/frag[p[i]])
393fe81ad4Sbluhm
403fe81ad4Sbluhm	if os.fork() == 0:
413fe81ad4Sbluhm		time.sleep(1)
423fe81ad4Sbluhm		sendp(eth, iface=LOCAL_IF)
433fe81ad4Sbluhm		os._exit(0)
443fe81ad4Sbluhm
453fe81ad4Sbluhm	ans=sniff(iface=LOCAL_IF, timeout=3, filter=
463fe81ad4Sbluhm	    "ip and src "+REMOTE_ADDR+" and dst "+LOCAL_ADDR+" and icmp")
473fe81ad4Sbluhm	for a in ans:
483fe81ad4Sbluhm		if a and a.type == ETH_P_IP and \
493fe81ad4Sbluhm		    a.payload.proto == 1 and \
503fe81ad4Sbluhm		    a.payload.frag == 0 and a.payload.flags == 0 and \
513fe81ad4Sbluhm		    icmptypes[a.payload.payload.type] == 'echo-reply':
523fe81ad4Sbluhm			id=a.payload.payload.id
53647ac401Sbluhm			print("id=%#x" % (id))
543fe81ad4Sbluhm			if id != eid:
55647ac401Sbluhm				print("WRONG ECHO REPLY ID")
563fe81ad4Sbluhm				exit(2)
573fe81ad4Sbluhm			data=a.payload.payload.payload.load
58647ac401Sbluhm			print("payload=%s" % (data))
593fe81ad4Sbluhm			if data == payload:
603fe81ad4Sbluhm				break
61647ac401Sbluhm			print("PAYLOAD!=%s" % (payload))
623fe81ad4Sbluhm			exit(1)
633fe81ad4Sbluhm	else:
64647ac401Sbluhm		print("NO ECHO REPLY")
653fe81ad4Sbluhm		exit(2)
66*b30da243Sbluhmprint("permutation done")
67*b30da243Sbluhmexit(0)
68