netinet/pmtu/tcp_atomicfrag6.py

*e7abe75aSbluhm#!/usr/local/bin/python3
93a55b4aSbluhm
93a55b4aSbluhmimport os
2b21f7bdSbluhmimport threading
93a55b4aSbluhmfrom addr import *
93a55b4aSbluhmfrom scapy.all import *
93a55b4aSbluhm
2b21f7bdSbluhmclass Sniff(threading.Thread):
2b21f7bdSbluhm	filter = None
2b21f7bdSbluhm	captured = None
2b21f7bdSbluhm	packet = None
2b21f7bdSbluhm	def __init__(self):
2b21f7bdSbluhm		# clear packets buffered by scapy bpf
2b21f7bdSbluhm		sniff(iface=LOCAL_IF, timeout=1)
2b21f7bdSbluhm		super(Sniff, self).__init__()
2b21f7bdSbluhm	def run(self):
2b21f7bdSbluhm		self.captured = sniff(iface=LOCAL_IF, filter=self.filter,
2b21f7bdSbluhm		    timeout=3)
2b21f7bdSbluhm		if self.captured:
2b21f7bdSbluhm			self.packet = self.captured[0]
2b21f7bdSbluhm
93a55b4aSbluhme=Ether(src=LOCAL_MAC, dst=REMOTE_MAC)
93a55b4aSbluhmip6=IPv6(src=FAKE_NET_ADDR6, dst=REMOTE_ADDR6)
9ae5678bSbluhmtport=os.getpid() & 0xffff
93a55b4aSbluhm
*e7abe75aSbluhmprint("Send SYN packet, receive SYN+ACK.")
9ae5678bSbluhmsyn=TCP(sport=tport, dport='chargen', seq=1, flags='S', window=(2**16)-1)
93a55b4aSbluhmsynack=srp1(e/ip6/syn, iface=LOCAL_IF, timeout=5)
93a55b4aSbluhm
93a55b4aSbluhmif synack is None:
*e7abe75aSbluhm	print("ERROR: No SYN+ACK from chargen server received.")
93a55b4aSbluhm	exit(1)
93a55b4aSbluhm
*e7abe75aSbluhmprint("Send ACK packet, receive chargen data.")
93a55b4aSbluhmack=TCP(sport=synack.dport, dport=synack.sport, seq=2, flags='A',
93a55b4aSbluhm    ack=synack.seq+1, window=(2**16)-1)
93a55b4aSbluhmdata=srp1(e/ip6/ack, iface=LOCAL_IF, timeout=5)
93a55b4aSbluhm
93a55b4aSbluhmif data is None:
*e7abe75aSbluhm	print("ERROR: No data from chargen server received.")
93a55b4aSbluhm	exit(1)
93a55b4aSbluhm
*e7abe75aSbluhmprint("Fill our receive buffer.")
93a55b4aSbluhmtime.sleep(1)
93a55b4aSbluhm
2b21f7bdSbluhm# srp1 cannot be used, fragment answer will not match outgoing ICMP6 packet
2b21f7bdSbluhmsniffer = Sniff()
2b21f7bdSbluhmsniffer.filter = \
2b21f7bdSbluhm    "ip6 and src "+ip6.dst+" and dst "+ip6.src+" and proto ipv6-frag"
2b21f7bdSbluhmsniffer.start()
2b21f7bdSbluhmtime.sleep(1)
2b21f7bdSbluhm
*e7abe75aSbluhmprint("Send ICMP6 packet too big packet with MTU 1272.")
93a55b4aSbluhmicmp6=ICMPv6PacketTooBig(mtu=1272)/data.payload
caed3289Sbluhmsendp(e/IPv6(src=LOCAL_ADDR6, dst=REMOTE_ADDR6)/icmp6, iface=LOCAL_IF)
93a55b4aSbluhm
*e7abe75aSbluhmprint("Path MTU discovery will not resend data, ICMP6 packet is ignored.")
2b21f7bdSbluhmsniffer.join(timeout=5)
93a55b4aSbluhm
*e7abe75aSbluhmprint("IPv6 atomic fragments must not be generated.")
03da3b73Sbluhmfrag=None
2b21f7bdSbluhmfor a in sniffer.captured:
93a55b4aSbluhm	fh=a.payload.payload
93a55b4aSbluhm	if fh.offset != 0 or fh.nh != (ip6/syn).nh:
93a55b4aSbluhm		continue
93a55b4aSbluhm	th=fh.payload
93a55b4aSbluhm	if th.sport != syn.dport or th.dport != syn.sport:
93a55b4aSbluhm		continue
93a55b4aSbluhm	frag=a
93a55b4aSbluhm	break
03da3b73Sbluhm
03da3b73Sbluhmif frag is not None:
*e7abe75aSbluhm	print("ERROR: Matching IPv6 fragment TCP answer found.")
03da3b73Sbluhm	exit(1)
03da3b73Sbluhm
*e7abe75aSbluhmprint("Send ACK again to trigger retransmit.")
03da3b73Sbluhmdata=srp1(e/ip6/ack, iface=LOCAL_IF, timeout=5)
03da3b73Sbluhm
03da3b73Sbluhmif data is None:
*e7abe75aSbluhm	print("ERROR: No data retransmit from chargen server received.")
93a55b4aSbluhm	exit(1)
93a55b4aSbluhm
*e7abe75aSbluhmprint("Cleanup the other's socket with a reset packet.")
93a55b4aSbluhmrst=TCP(sport=synack.dport, dport=synack.sport, seq=2, flags='AR',
93a55b4aSbluhm    ack=synack.seq+1)
93a55b4aSbluhmsendp(e/ip6/rst, iface=LOCAL_IF)
93a55b4aSbluhm
03da3b73Sbluhmlen = data.plen + len(IPv6())
*e7abe75aSbluhmprint("len=%d" % len)
03da3b73Sbluhmif len != 1500:
*e7abe75aSbluhm	print("ERROR: TCP data packet len is %d, expected 1500." % len)
93a55b4aSbluhm	exit(1)
93a55b4aSbluhm
93a55b4aSbluhmexit(0)