-------[ Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 06 of 19 ]
-------------------------[ The Libnet Reference Manual v.01 ]
--------[ route route@infonexus.com ]
----[ 1] Impetus
If you are required to write C code (either by vocation or hobby) that at some point, must inject packets into a network, and the traditionally provided system APIs are insufficient, libnet is for you. Libnet provides a simple API to quickly build portable programs that write network packets.
Libnet was written for two main reasons. 1) To establish a simple interface by which network programmers could ignore the subtleties and nuances of low-level network programming (and therefore concentrate on writing their programs). 2) To mitigate the irritation many network programmers experienced due to the lack of standards.
To be honest, I can't believe someone didn't write something like libnet (also termed "libpwrite") a long time ago. It seemed like such an obvious gap that needed to be filled. I was sure the LBNL guys (Lawrence Berkeley National Laboratory -- they wrote libpcap[1]) would put something together. I mean, Libnet, simply put, is the packet injector analog to libpcap. They are brothers (or sisters).
To sum it up, this is a treatise on the art of manufacturing network packets in an efficient, consistent and portable manner using libnet.
Libnet in and of itself, has nothing to do with security. However, libnet is a wonderful utility for writing security-related applications, tools and modules. Many recent exploits have been rapidly developed using libnet as have many security related tools. Take a look at the libnet projects URL section below for some examples.
----[ 2] Overview
Libnet is a simple C library. It is designed to be small, efficient and easy to use. Libnet's main goal is portable packet creation and injection. At the time this manual was written, Libnet was in version 0.99f and had 15 different packet assemblers and two types of packet injection, IP-layer and link-layer (more on those below).
By itself, libnet is moderately useful. It can build and inject packets to the network. Libnet, however, has no provisions for packet capture. For this, one must look to libpcap. Together, libnet and libpcap are powerful tools available to the network programmer.
Libnet consists of about: - 7300 lines of code - 32 source files - 5 include files - ~54 functions - ~43 user-accessable / implemented functions
----[ 3] Design Decisions (past, present and future)
Libnet is very much an ongoing learning/research project. When I started it over a year and a half ago, I had no idea it would grow as it did incorporating as much functionality as it does. Libnet's design has changed not so much in stages, but rather in evolutions. Many of these evolutionary changes I took from other successful libraries out there. Some of the changes are hard to pass and are still in progress, while some were just simple internal changes. Then there were some modifications to the library that unfortunately changed the interface and obsoleted older versions. In this section I hope enlighten the reader as to some of the design decisions that go into libnet; where it was, where it is, and where it's going.
Modularity (interfaces and implementations)
Big programs are made up of many modules [3]. These modules provide the user with functions and data structures that are to be used in a program. A module comes in two parts: its interface and its implementation. The interface specifies what a module does, while the implementation specifies how the module does it. The interface declares all of the data types, function prototypes, global information, macros, or whatever is required by the module. The implementation adheres to the specifications set forth by the interface. This is how libnet was and is designed. Each implementation, you'll find, has a corresponding interface.
There is a third piece of this puzzle: the client. The client is the piece of code that imports and employs the interface, without having to even see the implementation. Your code is the client.
For more information on interfaces and implementations in C, I urge the reader to check out [3]. It's an excellent book that changed the way I wrote code.
Nomenclature
Initially, the naming of files, functions and other tidbits didn't seem to be that important. They took on whatever names seemed appropriate at the time. In a stand-alone program, this is bad style. In a library, it's bad style AND potentially error-prone. Library code is intended to be used on different platforms and potentially with other libraries. If one of these other libraries (or potentially the user's code) contains an object with the same name, problems result. Therefore, naming has become an important issue to me. A strict naming convention helps in two major areas:
- for filenames it keeps them ordered in a directory making for easy
perusal
- for function names, macros, and symbols it cuts down on redefinition
problems and makes the interface much easier to learn
Error Handling and Reporting
Error handling and reporting is an essential part of any programming paradigm. Delicate handling of and recovery from error conditions is an absolute necessity, especially in a third party library. I believe Libnet now has decent error handling (see below for a dissertation on assertions). It can recover from most bad situations more or less gracefully. It checks for illegal conditions under most circumstances. Reporting, however, is a different story and is still progressing. Libnet needs to have a standard error reporting convention in place. As it stands now, some functions use errno (since they are basically system call wrappers), while some accept an additional buffer argument to hold potentional error messages, and still others as yet have no provision for verbose error reporting. This needs to change and possibly might be accomplished using variable argument lists.
Assertions and Exit Points
assert(3) is a macro that accepts a single argument which it treats as an expression, evaluating it for truth. If the expression is evaluated to be false, the assert macro prints an error message and aborts (terminates) the program. Assertions are useful in the developmental stages of programs when verbose error handling is not in place or when a grievous error condition that normally should not happen occurs. Initially libnet was riddled with assertions. Libnet mainly employed assertions to catch NULL pointer dereferences before they occurred (many libnet functions accept pointer arguments expecting them to actually point somewhere). This seemed reasonable at the time because this is obviously a grievous error -- if you're passing a NULL pointer when you shouldn't, your program is probably going to crash. However, assertions also riddled the library with numerous potential unpredictable exit points. Exit points inside a supplementary library such as libnet are bad style, let alone unpredictable exit points. Library code should not cause or allow a program to exit. If a grievous error condition is detected, the library should return error codes to the main, and let it decide what to do. Code should be able to handle grievous errors well enough to be able to exit gracefully from the top level (if possible). In any event, the assertions were removed in version 0.99f in favor of error indicative return values. This preserves compatibility, while removing the exit points.
IPv4 vs IPv6
Libnet currently only supports IPv4. Support for IPv6 is definitely planned, however. The main consideration is nomenclature. Had I been mister-cool-smart guy in the beggining, I would have anticipated this and added IP version information to the function names and macros e.g.: ipv4buildip, IPV4_H. However at this point, I refuse to force users to adopt to yet another interface, so the IPv6 functions and macros will contain IPv6 in the name (much like the POSIX 1.g sockets interface [2]).
The Configure Script
Early on in the development of libnet, it became clear that there was much OS and architecture dependent code that had to conditionally included and compiled. The autoconf configuration stuff (circa version 0.7) worked great to determine what needed to be included and excluded in order to build the library, but did nothing for post-install support. Many of these CPP macros were needed to conditionally include header information for user-based code. This was initially handled by relying on the user to define the proper macros, but this quickly proved inefficient.
Libnet now employs a simple configure script. This script is created during autoconf configuration and is installed when the library is installed. It handles all of the OS and architecture dependencies automatically - however, it is now mandatory to use it. You will not be able to compile libnet-based code without. See the next section for details on how to invoke the script.
----[ 4] A Means to an Ends
This section covers operational issues including how to employ the library in a useful manner as well noting some of its quirks.
The Order of Operations
In order to build and inject an arbitrary network packet, there is a standard order of operations to be followed. There are five easy steps to packet injection happiness:
1) Network initialization
2) Memory initialization
3) Packet construction
4) Packet checksums
5) Packet injection
Each one of these is an important topic and is covered below.
Memory allocation and initialization
The first step in using libnet is to allocate memory for a packet. The conventional way to do this is via a call to libnetinitpacket(). You just need to make sure you specify enough memory for whatever packet you're going to build. This will also require some forthought as to which injection method you're going to use (see below for more information). If you're going to build a simple TCP packet (sans options) with a 30 byte payload using the IP-layer interface, you'll need 70 bytes (IP header + TCP header + payload). If you're going to build the same packet using the link-layer interface, you'll need 84 bytes (ethernet header + IP header + TCP header + payload). To be safe you can simply allocate IPMAXPACKET bytes (65535) and not worry about overwriting buffer boundries. When finished with the memory, it should be released with a call to libnetdestroy_packet() (this can either be in a garbage collection function or at the end of the program).
Another method of memory allocation is via the arena interface. Arenas are basically memory pools that allocate large chunks of memory in one call, divy out chunks as needed, then deallocate the whole pool when done. The libnet arena interface is useful when you want to preload different kinds of packets that you're potentially going to be writing in rapid succession. It is initialized with a call to libnetinitpacketarena() and chunks are retrieved with libnetnextpacketfromarena(). When finished with the memory it should be released with a call to libnetdestroypacketarena() (this can either be in a garbage collection function or at the end of the program).
An important note regarding memory management and packet construction: If you do not allocate enough memory for the type of packet you're building, your program will probably segfault on you. Libnet can detect when you haven't passed any memory, but not when you haven't passed enough. Take heed.
Network initialization
The next step is to bring up the network injection interface. With the IP-layer interface, this is with a call to libnetopenrawsock() with the appropriate protocol (usually IPPROTORAW). This call will return a raw socket with IP_HDRINCL set on the socket telling the kernel you're going to build the IP header.
The link-layer interface is brought up with a call to libnetopenlink_interface() with the proper device argument. This will return a pointer to a ready to go link interface structure.
Packet construction
Packets are constructed modularly. For each protocol layer, there should be a corresponding call to a libnetbuild function. Depending on your end goal, different things may happen here. For the above IP-layer example, calls to libnetbuildip() and libnetbuildtcp() will be made. For the link-layer example, an additional call to libnetbuild_ethernet() will be made. The ordering of the packet constructor function calls is not important, it is only important that the correct memory locations be passed to these functions. The functions need to build the packet headers inside the buffer as they would appear on the wire and be demultiplexed by the recipient. For example:
14 bytes 20 bytes 20 bytes
__________________________________________________________
| ethernet | IP | TCP |
|______________|____________________|____________________|
libnetbuildethernet() would be passed the whole buffer (as it needs to build an ethernet header at the front of the packet). libnetbuildip() would get the buffer 14 bytes (ETHH) beyond this to construct the IP header in the correct location, while libnetbuildtcp() would get the buffer 20 bytes beyond this (or 34 bytes beyond the beginning (ETHH + IP_H)). This is easily apparent in the example code.
Packet checksums
The next-to-last step is computing the packet checksums (assuming the packet is an IP packet of some sort). For the IP-layer interface, we need only compute a transport layer checksum (assuming our packet has a transport layer protocol) as the kernel will handle our IP checksum. For the link-layer interface, the IP checksum must be explicitly computed. Checksums are calculated via libnetdochecksum(), which will be expecting the buffer passed to point to the IP header of the packet.
Packet injection
The last step is to write the packet to the network. Using the IP-layer interface this is accomplished with libnetwriteip(), and with the link-layer interface it is accomplished with libnetwritelink_layer(). The functions return the number of bytes written (which should jive with the size of your packet) or a -1 on error.
Using the Configure Script
There has been some confusion on how to correctly implement the libnet-configure shell script. Since 0.99e, it has become mandatory to use this script. The library will not compile code without it. This is to avoid potential problems when user code is compiled with improper or missing CPP macros. The script also has provisions for specifiing libraries and cflags. The library switch is useful on architectures that require additional libraries to compile network code (such as Solaris). The script is very simple to use. The following examples should dispell any confusion:
At the command line you can run the script to see what defines are
used for that system:
shattered:~> libnet-config --defines
-D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H
-DLIBNET_LIL_ENDIAN
shattered:~> gcc -Wall `libnet-config --defines` foo.c -o foo
`libnet-config --libs`
In a Makefile:
DEFINES = `libnet-config --defines`
In a Makefile.in (also employing autoheader):
DEFINES = `libnet-config --defines` @DEFS@
IP-layer vs. Link-layer
People often wonder when to use the link-layer interface in place of the IP-layer interface. It's mainly trading of power and complexity for ease of use. The link-layer interface is slightly more complex and requires more coding. It's also more powerful and is a lot more portable (if you want to build ARP/RARP/ethernet frames it's the only way to go). It is basically a matter of what you need to get done.
One major issue with the link-layer interface is that in order to send packets to arbirtrary remote Internet hosts, it needs to know the MAC address of the first hop router. This is accomplished via ARP packets, but if proxy ARP isn't being done, you run into all kinds of problems determining whose MAC address to request. Code to portably alleviate this problem is being developed.
Spoofing Ethernet Addresses
Certain operating systems (specifically ones that use the Berkeley Packet Filter for link-layer access) do not allow for arbitrary specification of source ethernet addresses. This is not so much a bug as it is an oversight in the protocol. The way around this is to patch the kernel. There are two ways to patch a kernel, either statically, with kernel diffs (which requires the individual to have the kernel sources, and know how to rebuild and install a new kernel) or dynamically, with loadable kernel modules (lkms). Since it's a bit overzealous to assume people will want to patch their kernel for a library, included with the libnet distribution is lkm code to seamlessly bypass the bpf restriction.
In order to spoof ethernet packets on bpf-based systems (currently supported are FreeBSD and OpenBSD) do the following: cd to the proper support/bpf-lkm/ directory, build the module, and modload it.
The module works as per the following description:
The 4.4BSD machine-independent ethernet driver does not allow upper layers to forge the ethernet source address; all ethernet outputs cause the output routine to build a new ethernet header, and the process that does this explicitly copies the MAC address registered to the interface into this header.
This is odd, because the bpf writing convention asserts that writes to bpf must include a link-layer header; it's intuitive to assume that this header is, along with the rest of the packet data, written to the wire.
This is not the case. The link-layer header is used solely by the bpf code in order to build a sockaddr structure that is passed to the generic ethernet output routine; the header is then effectively stripped off the packet. The ethernet output routine consults this sockaddr to obtain the ethernet type and destination address, but not the source address.
The Libnet lkm simply replaces the standard ethernet output routine with a slightly modified one. This modified version retrieves the source ethernet address from the sockaddr and uses it as the source address for the header written the wire. This allows bpf to be used to seamlessly forge ethernet packets in their entirety, which has applications in address management.
The modload glue provided traverses the global list of system interfaces, and replaces any pointer to the original ethernet output routine with the new one we've provided. The unload glue undoes this. The effect of loading this module will be that all ethernet interfaces on the system will support source address forging.
Thomas H. Ptacek wrote the first version of this lkm in 1997.
Raw Sockets Limitations
Raw sockets are horribly non-standard across different platforms.
Under some x86 BSD implementations the IP header length and fragmentation bits need to be in host byte order, and under others, network byte order.
Solaris does not allow you to set many IP header related bits including the length, fragmentation flags, or IP options.
Linux, on the other hand, seems to allow the setting of any bits to any value (the exception being the IP header checksum, which is always done by the kernel -- regardless of OS type).
Because of these quirks, unless your code isn't designed to be multi-platform, you should use libnet's link-layer interface instead.
----[ 5] Internals
Libnet can be broken down into 4 basic sections: memory management, address resolution, packet handling, and support. In this section we cover every user-accessible function libnet has to offer.
Proceeding each function prototype is a small reference chart listing the return values of the function, whether or not the function is reentrant (a function is considered reentrant if it may be called repeatedly, or may be called before previous invocations have completed, and each invocation is independent of all other invocations) and a brief description of the function's arguments.
If you're wondering, yes, this is basically a verbose manpage, however, much of it is new and additional verbiage, supplemental to the existing manual page.
Memory Management Functions
int libnetinitpacket(ushort, uchar **);
RV on success: 1
RV on failure: -1
Re-entrant: yes
Arguments: 1 - desired packet size
2 - pointer to a character pointer to contain packet memory
libnet_init_packet() creates memory for a packet. Well, it doesn't so much
create memory as it requests it from the OS. It does, however, make
certain the memory is zero-filled. The function accepts two arguments, the
packet size and the address of the pointer to the packet. The packet size
parameter may be 0, in which case the library will attempt to guess a
packet size for you. The pointer to a pointer is necessary as we are
allocating memory locally. If we simply pass in a pointer (even though
we are passing in an address, we are referencing the value as a pointer --
so in essence we would be passing by value) the memory will be lost. If
we pass by address, we will retain the requested heap memory.
This function is a good example of interface hiding. This function is
essentially a malloc() wrapper. By using this function the details of
what's really happening are abstracted so that you, the programmer, can
worry about your task at hand.
void libnetdestroypacket(u_char **);
RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - pointer to a character pointer to containing packet
memory
libnet_destroy_packet() is the free() analog to libnet_init_packet. It
destroys the packet referenced by 'buf'. In reality, it is of course a
simple free() wrapper. It frees the heap memory and points `buf` to NULL
to dispel the dangling pointer. The function does make the assertion that
`buf` is not NULL. A pointer to a pointer is passed to maintain
interface consistency.
int libnetinitpacketarena(struct libnetarena **, ushort, ushort);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an arena pointer (preallocated arena)
2 - number of packets
3 - packet size
libnet_init_packet_arena() allocates and initializes a memory pool.
If you plan on building and sending several different packets, this is
a good choice. It allocates a pool of memory from which you can grab
chunks to build packets (see next_packet_from_arena()). It takes the
address to an arena structure pointer, and hints on the possible packet
size and number of packets. The last two arguments are used to compute
the size of the memory pool. As before, they can be set to 0 and the
library will attempt to choose a decent value. The function returns -1
if the malloc fails or 1 if everything goes ok.
uchar *libnetnextpacketfromarena(struct libnetarena **, u_short);
RV on success: pointer to the requested packet memory
RV on failure: NULL
Reentrant: yes
Arguments: 1 - pointer to an arena pointer
2 - requested packet size
libnet_next_packet_from_arena() returns a chunk of memory from the
specified arena of the requested size and decrements the available
byte counter. If the requested memory is not available from the arena, the
function returns NULL. Note that there is nothing preventing a poorly
coded application from using more memory than requested and causing
all kinds of problems. Take heed.
void libnetdestroypacketarena(struct libnetarena **);
RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - pointer to an arena pointer
libnet_destroy_packet_arena() frees the memory associated with the
specified arena.
Address Resolution Functions
uchar *libnethostlookup(ulong, u_short);
RV on success: human readable IP address
RV on failure: NULL
Reentrant: no
Arguments: 1 - network-byte ordered IP address
2 - flag to specify whether or not to look up canonical
hostnames (symbolic constant)
libnet_host_lookup() converts the supplied network-ordered (big-endian)
IP address into its human-readable counterpart. If the usename flag is
LIBNET_RESOLVE, the function will attempt to resolve the IP address
(possibly incurring DNS traffic) and return a canonical hostname, otherwise
if it is LIBNET_DONT_RESOLVE (or if the lookup fails), the function returns
a dotted-decimal ASCII string. This function is hopelessly non reentrant
as it uses static data.
void libnethostlookupr(ulong, ushort, uchar *);
RV on success: NA
RV on failure: NA
Reentrant: maybe
Arguments: 1 - network-byte ordered IP address
2 - flag to specify whether or not to look up canonical
hostnames (symbolic constant)
libnet_host_lookup_r() is the planned reentrant version of the above
function. As soon as reentrant network resolver libraries become
available, this function will likewise be reentrant. An additional
argument of a buffer to store the converted (or resolved) IP address is
supplied by the user.
ulong libnetnameresolve(uchar *, u_short);
RV on success: network-byte ordered IP address
RV on failure: -1
Reentrant: yes
Arguments: 1 - human readable hostname
2 - flag to specify whether or not to look up canonical
hostnames (symbolic constant)
libnet_name_resolve() takes a NULL terminated ASCII string representation
of an IP address (dots and decimals or, if the usename flag is
LIBNET_RESOLVE, canonical hostname) and converts it into a network-ordered
(big-endian) unsigned long value.
ulong libnetgetipaddr(struct linkint *, const uchar *, const uchar *);
RV on success: requested IP address
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a link interface structure
2 - pointer to the device to query
3 - pointer to a buf to contain a possible error message
libnet_get_ipaddr() returns the IP address of a specified network device.
The function takes a pointer to a link layer interface structure, a
pointer to the network device name, and an empty buffer to be used in case
of error. Upon success the function returns the IP address of the
specified interface in network-byte order or 0 upon error (and errbuf will
contain a reason).
struct etheraddr *libnetgethwaddr(struct linkint *, const uchar *, const uchar *);
RV on success: requested ethernet address (inside of struct ether_addr)
RV on failure: NULL
Reentrant: depends on architecture
Arguments: 1 - pointer to a link interface structure
2 - pointer to the device to query
3 - pointer to a buf to contain a possible error message
libnet_get_hwaddr() returns the hardware address of a specified network
device. At the time of this writing, only ethernet is supported.
The function takes a pointer to a link layer interface structure, a
pointer to the network device name, and an empty buffer to be used in case
of error. The function returns the MAC address of the specified interface
upon success or 0 upon error (and errbuf will contain a reason).
Packet Handling Functions
int libnetopenraw_sock(int);
RV on success: opened socket file descriptor
RV on failure: -1
Reentrant: yes
Arguments: 1 - protocol number of the desired socket-type (symbolic
constant)
libnet_open_raw_sock() opens a raw IP socket of the specified protocol
type (supported types vary from system to system, but usually you'll want
to open an IPPROTO_RAW socket). The function also sets the IP_HDRINCL
socket option. Returned is the socket file descriptor or -1 on error. The
function can fail if either of the underlying calls to socket or setsockopt
fail. Checking errno will reveal the reason for the error.
int libnetcloseraw_sock(int);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - socket file descriptor to be closed
libnet_close_raw_sock() will close the referenced raw socket.
int libnetselectdevice(struct sockaddrin *, uchar **, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: no
Arguments: 1 - preallocated sockaddr_in structure pointer
2 - pointer to a char pointer containing the device
3 - pointer to a buf to contain a possible error message
libnet_select_device() will run through the list of interfaces and select
one for use (ignoring the loopback device). If the device argument
points to NULL (don't pass in a NULL pointer, the function expects a
pointer to a pointer, and C can't derefrence a NULL pointer) it will
try to fill it in with the first non-loopback device it finds, otherwise,
it will try to open the specified device. If successful, 1 is returned
(and if device was NULL, it will now contain the device name which can
be used in libnet_*link*() type calls). The function can fail for a
variety of reasons, including socket system call failures, ioctl failures,
if no interfaces are found, etc.. If such an error occurs, -1 is returned
and errbuf will contain a reason.
struct linkint *libnetopenlinkinterface(char *, char *);
RV on success: filled in link-layer interface structure RV on failure: NULL Reentrant: yes Arguments: 1 - pointer to a char containing the device to open 2 - pointer to a buf to contain a possible error message
libnet_open_link_interface() opens a low-level packet interface. This is
required in order to be able inject link layer frames. Supplied is a
u_char pointer to the interface device name and a u_char pointer to an
error buffer. Returned is a filled-in link_int structure or NULL on
error (with the error buffer containing the reason). The function can
fail for a variety of reasons due to the fact that it is architecture
specific.
int libnetcloselinkinterface(struct linkint *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a link interface structure to be closed
libnet_close_link_interface() closes an opened low-level packet interface.
int libnetwriteip(int, u_char *, int);
RV on success: number of bytes written
RV on failure: -1
Reentrant: Yes
Arguments: 1 - socket file descriptor
2 - pointer to the packet buffer containing an IP datagram
3 - total packet size
libnet_write_ip() writes an IP packet to the network. The first argument
is the socket created with a previous call to libnet_open_raw_sock, the
second is a pointer to a buffer containing a complete IP datagram, and
the third argument is the total packet size. The function returns the
number of bytes written upon success or -1 on error (with errno containing
the reason).
int libnetwritelinklayer(struct linkint *, const uchar *, uchar *, int);
RV on success: number of bytes written
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an opened link interface structure
2 - pointer to the network device
3 - pointer to the packet buffer
4 - total packet size
libnet_write_link_layer() writes a link-layer frame to the network. The
first argument is a pointer to a filled-in libnet_link_int structure,
the next is a pointer to the network device, the third is the raw packet
and the last is the packet size. Returned is the number of bytes written
or -1 on error.
int libnetdochecksum(u_char *, int, int);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to the packet buffer
2 - protocol number of packet type (symbolic constant)
3 - total packet size
libnet_do_checksum() calculates the checksum for a packet. The first
argument is a pointer to a fully built IP packet. The second is the
transport protocol of the packet and the third is the packet length (not
including the IP header). The function calculates the checksum for the
transport protocol and fills it in at the appropriate header location
(this function should be called only after a complete packet has been
built).
Note that when using raw sockets the IP checksum is always computed by
the kernel and does not need to done by the user. When using the link
layer interface the IP checksum must be explicitly computed (in this
case, the protocol would be of type IPPROTO_IP and the size would include
IP_H). The function returns 1 upon success or -1 if the protocol is of
an unsupported type. Currently supported are:
Value Description
---------------------------
IPPROTO_TCP TCP
IPPROTO_UDP UDP
IPPROTO_ICMP ICMP
IPPROTO_IGMP IGMP
IPPROTO_IP IP
int libnetbuildarp(ushort, ushort, ushort, ushort, ushort, uchar *, uchar *, uchar *, uchar *, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - hardware address format (ARPHRD_ETHER)
2 - protocol address format
3 - length of the hardware address
4 - length of the protocol address
5 - ARP operation type (symbolic constant)
6 - sender's hardware address
7 - sender's protocol address
8 - target's hardware address
9 - target's protocol address
10 - pointer to packet payload
11 - packet payload size
12 - pointer to pre-allocated packet memory
libnet_build_arp() constructs an ARP (RARP) packet. At this point in the
library, the function only builds ethernet/ARP packets, but this will be
easy enough to change (whenever I get around to it). The first nine
arguments are standard ARP header arguments, with the last three being
standard libnet packet creation arguments. The ARP operation type
should be one of the following symbolic types:
Value Description
-------------------------------
ARPOP_REQUEST ARP request
ARPOP_REPLY ARP reply
ARPOP_REVREQUEST RARP request
ARPOP_REVREPLY RARP reply
ARPOP_INVREQUEST request to identify peer
ARPOP_INVREPLY reply identifying peer
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ARP packet).
The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.
int libnetbuilddns(ushort, ushort, ushort, ushort, ushort, ushort, const uchar *, int, uchar *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet id
2 - control flags
3 - number of questions
4 - number of answer resource records
5 - number of authority resource records
6 - number of additional resource records
7 - pointer to packet payload
8 - packet payload size
9 - pointer to pre-allocated packet memory
libnet_build_dns() constructs a DNS packet. The static DNS fields are
included as the first six arguments, but the optional variable length
fields must be included with the payload interface.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire DNS packet).
The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.
int libnetbuildethernet(uchar *, uchar *, ushort, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to the destination address (string)
2 - pointer to the source address (string)
3 - ethernet packet type (symbolic constant)
4 - pointer to packet payload
5 - packet payload size
6 - pointer to pre-allocated packet memory
libnet_build_ethernet() constructs an ethernet packet. The destination
address and source address arguments are expected to be arrays of
unsigned character bytes. The packet type should be one of the
following:
Value Description
-------------------------------
ETHERTYPE_PUP PUP protocol
ETHERTYPE_IP IP protocol
ETHERTYPE_ARP ARP protocol
ETHERTYPE_REVARP Reverse ARP protocol
ETHERTYPE_VLAN IEEE VLAN tagging
ETHERTYPE_LOOPBACK Used to test interfaces
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ethernet
packet).
The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.
int libnetbuildicmpecho(uchar, uchar, ushort, ushort, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - packet id
4 - packet sequence number
5 - pointer to packet payload
6 - packet payload size
7 - pointer to pre-allocated packet memory
libnet_build_icmp_echo() constructs an ICMP_ECHO / ICMP_ECHOREPLY packet.
The packet type should be ICMP_ECHOREPLY or ICMP_ECHO and the code should
be 0.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.
int libnetbuildicmpmask(uchar, uchar, ushort, ushort, ulong, const uchar *, int, uchar *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - packet id
4 - packet sequence number
5 - IP netmask
6 - pointer to packet payload
7 - packet payload size
8 - pointer to pre-allocated packet memory
libnet_build_icmp_mask() constructs an ICMP_MASKREQ / ICMP_MASKREPLY
packet. The packet type should be either ICMP_MASKREQ or ICMP_MASKREPLY
and the code should be 0. The IP netmask argument should be a 32-bit
network-byte ordered subnet mask.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.
int libnetbuildicmpunreach(uchar, uchar, ushort, uchar, ushort, ushort, uchar, uchar, ulong, ulong, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - original IP length
4 - original IP TOS
5 - original IP id
6 - original IP fragmentation bits
7 - original IP time to live
8 - original IP protocol
9 - original IP source address
10 - original IP destination address
11 - pointer to original IP payload
12 - original IP payload size
13 - pointer to pre-allocated packet memory
libnet_build_icmp_unreach() constructs an ICMP_UNREACH packet. The 3rd
through the 12th arguments are used to build the IP header of the original
packet that caused the error message (the ICMP unreachable). The packet
type should be ICMP_UNREACH and the code should be one of the following:
Value Description
-------------------------------------------
ICMP_UNREACH_NET network is unreachable
ICMP_UNREACH_HOST host is unreachable
ICMP_UNREACH_PROTOCOL protocol is unreachable
ICMP_UNREACH_PORT port is unreachable
ICMP_UNREACH_NEEDFRAG fragmentation required but DF bit was set
ICMP_UNREACH_SRCFAIL source routing failed
ICMP_UNREACH_NET_UNKNOWN network is unknown
ICMP_UNREACH_HOST_UNKNOWN host is unknown
ICMP_UNREACH_ISOLATED host / network is isolated
ICMP_UNREACH_NET_PROHIB network is prohibited
ICMP_UNREACH_HOST_PROHIB host is prohibited
ICMP_UNREACH_TOSNET IP TOS and network
ICMP_UNREACH_TOSHOST IP TOS and host
ICMP_UNREACH_FILTER_PROHIB prohibitive filtering
ICMP_UNREACH_HOST_PRECEDENCE host precedence
ICMP_UNREACH_PRECEDENCE_CUTOFF host precedence cut-off
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.
int libnetbuildicmptimeexceed(uchar, uchar, ushort, uchar, ushort, ushort, uchar, uchar, ulong, ulong, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - original IP length
4 - original IP TOS
5 - original IP id
6 - original IP fragmentation bits
7 - original IP time to live
8 - original IP protocol
9 - original IP source address
10 - original IP destination address
11 - pointer to original IP payload
12 - original IP payload size
13 - pointer to pre-allocated packet memory
libnet_build_icmp_timeexceed() contructs an ICMP_TIMEXCEED packet. This
function is identical to libnet_build_icmp_unreach with the exception of
the packet type and code. The packet type should be either
ICMP_TIMXCEED_INTRANS for packets that expired in transit (TTL expired) or
ICMP_TIMXCEED_REASS for packets that expired in the fragmentation
reassembly queue.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.
int libnetbuildicmpredirect(uchar, uchar, ulong, ushort, uchar, ushort, ushort, uchar, uchar, ulong, ulong, const uchar *, int, uchar *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - IP address of the gateway
4 - original IP length
5 - original IP TOS
6 - original IP id
7 - original IP fragmentation bits
8 - original IP time to live
9 - original IP protocol
10 - original IP source address
11 - original IP destination address
12 - pointer to original IP payload
13 - original IP payload size
14 - pointer to pre-allocated packet memory
libnet_build_icmp_redirect() constructs an ICMP_REDIRECT packet. This
function is similar to libnet_build_icmp_unreach, the differences being the
type and code and the addition of an argument to hold the IP address of the
gateway that should be used (hence the redirect). The packet type should be
ICMP_REDIRECT and the code should be one of the following:
Value Description
-----------------------------------
ICMP_UNREACH_NET redirect for network
ICMP_UNREACH_HOST redirect for host
ICMP_UNREACH_PROTOCOL redirect for type of service and network
ICMP_UNREACH_PORT redirect for type of service and host
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.
int libnetbuildicmptimestamp(uchar, uchar, ushort, ushort, ntime, ntime, ntime, const uchar *, int, uchar *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - packet id
4 - packet sequence number
5 - originate timestamp
6 - receive timestamp
7 - transmit timestamp
8 - pointer to packet payload
9 - packet payload size
10 - pointer to pre-allocated packet memory
libnet_build_icmp_timestamp() constructs an ICMP_TSTAMP / ICMP_TSTAMPREPLY
packet. The packet type should be ICMP_TSTAMP or ICMP_TSTAMPREPLY and the
code should be 0.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.
int libnetbuildigmp(uchar type, uchar code, ulong ip, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type
2 - packet code
3 - IP address
4 - pointer to packet payload
5 - packet payload size
6 - pointer to pre-allocated packet memory
libnet_build_igmp() constructs an IGMP packet. The packet type should be
one of the following:
Value Description
---------------------------------------
IGMP_MEMBERSHIP_QUERY membership query
IGMP_V1_MEMBERSHIP_REPORT version 1 membership report
IGMP_V2_MEMBERSHIP_REPORT version 2 membership report
IGMP_LEAVE_GROUP leave-group message
The code, which is a routing sub-message, should probably be left to 0,
unless you know what you're doing.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer which points to memory which is supposed to be pre-allocated
points to NULL.
int libnetbuildip(ushort, uchar, ushort, ushort, uchar, uchar, ulong, ulong, const uchar *, int, uchar *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet length (not including the IP header)
2 - type of service (symbolic constant)
3 - packet id
4 - fragmentation bits (symbolic constant) / offset
5 - time to live
6 - protocol (symbolic constant)
7 - source address
8 - destination address
9 - pointer to packet payload
10 - packet payload size
11 - pointer to pre-allocated packet memory
libnet_build_ip() constructs the mighty IP packet. The fragmentation field
may be 0 or contain some combination of the following:
Value Description
-------------------
IP_DF Don't fragment this datagram (this is only valid when alone)
IP_MF More fragments on the way (OR'd together with an offset value)
The IP_OFFMASK is used to retrieve the offset from the fragmentation field.
IP packets may be no larger than IP_MAXPACKET bytes.
The source and destination addresses need to be in network-byte order.
The payload interface should only be used to construct an arbitrary or
non-supported type IP datagram. To construct a TCP, UDP, or similar
type packet, use the relevant libnet_build function.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.
int libnetbuildrip(uchar, uchar, ushort, ushort, ushort, ulong, ulong, ulong, ulong, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - command (symbolic constant)
2 - version (symbolic constant)
3 - routing domain (or zero)
4 - address family
5 - route tag (or zero)
6 - IP address
7 - netmask (or zero)
8 - next hop IP address (or zero)
9 - metric
10 - pointer to packet payload
11 - packet payload size
12 - pointer to pre-allocated packet memory
libnet_build_rip() constructs a RIP packet. Depending on the version of
RIP you are using, packet fields are slightly different. The following
chart highlights these differences:
Argument Version 1 Version 2
-----------------------------------------
first command command
second RIPVER_1 RIPVER_2
third zero routing domain
fourth address family address family
fifth zero route tag
sixth IP address IP address
seventh zero subnet mask
eighth zero next hop IP
ninth metric metric
The RIP commands should be one of the following:
Value Description
-------------------------------
RIPCMD_REQUEST RIP request
RIPCMD_RESPONSE RIP response
RIPCMD_TRACEON RIP tracing on
RIPCMD_TRACEOFF RIP tracing off
RIPCMD_POLL RIP polling
RIPCMD_POLLENTRY
RIPCMD_MAX
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer that points to memory which is supposed to be pre-allocated
points to NULL.
int libnetbuildtcp(ushort, ushort, ulong, ulong, uchar, ushort, ushort, const uchar *, int, u_char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - source port
2 - destination port
3 - sequence number
4 - acknowledgement number
5 - control flags (symbolic constant)
6 - window size
7 - urgent pointer
8 - pointer to packet payload
9 - packet payload size
10 - pointer to pre-allocated packet memory
libnet_build_tcp() constructs a TCP packet. The control flags should be
one or more of the following (OR'd together if need be):
Value Description
-----------------------
TH_URG urgent data is present
TH_ACK acknowledgement number field should be checked
TH_PSH push this data to the application as soon as possible
TH_RST reset the referenced connection
TH_SYN synchronize sequence numbers
TH_FIN finished sending data (sender)
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer to memory which is supposed to be pre-allocated points to NULL.
int libnetbuildudp(ushort, ushort, const uchar *, int, uchar *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - source port
2 - destination port
3 - pointer to packet payload
4 - packet payload size
5 - pointer to pre-allocated packet memory
libnet_build_udp() constructs a UDP packet. Please remember that UDP
checksums are considered mandatory by the host requirements RFC.
All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).
The only way this (or any libnet_build) function will return an error is if
the pointer to memory which is supposed to be pre-allocated points to NULL.
int libnetinsertipo(struct ipoption *opt, uchar optlen, u_char *buf);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an IP options structure (filled in)
2 - length of the options
3 - pointer to a complete IP datagram
libnet_insert_ipo() inserts IP options into a pre-built IP packet.
Supplied is a pointer to an ip options structure, the size of this options
list, and a pointer the pre-built packet. The options list should be
constructed as they will appear on the wire, as they are simply inserted
into the packet at the appropriate location.
The function returns -1 if the options would result in packet too large
(greater then 65535 bytes), or if the packet buffer is NULL. It is an
unchecked runtime error for the user to have not allocated enough heap
memory for the IP packet plus the IP options.
int libnetinserttcpo(struct tcpoption *, uchar, uchar *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an TCP options structure (filled in)
2 - length of the options
3 - pointer to a complete TCP packet
libnet_insert_tcpo() inserts TCP options into a pre-built IP/TCP packet.
Supplied is a pointer to a tcp options structure, the size of this options
list, and a pointer the pre-built packet. The options list should be
constructed as they will appear on the wire, as they are simply inserted
into the packet at the appropriate location.
The function returns -1 if the options would result in packet too large
(greater then 65535 bytes), if the packet isn't an IP/TCP packet, if the
options list if longer than 20 bytes, or if the packet buffer is NULL. It
is an unchecked runtime error for the user to have not allocated enough
heap memory for the IP/TCP packet plus the IP options.
Support Functions
int libnetseedprand();
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: NA
libnet_seed_prand() seeds the pseudo-random number generator. The function
is basically a wrapper to srandom. It makes a call to gettimeofday to get
entropy. It can return -1 if the call to gettimeofday fails (check errno).
It otherwise returns 1.
ulong libnetget_prand(int);
RV on success: 1
RV on failure: NA
Reentrant: yes
Arguments: 1 - maximum size of pseudo-random number desired (symbolic
constant)
libnet_get_prand() generates a psuedo-random number. The range of the
returned number is controlled by the function's only argument:
Value Description
-------------------
PR2 0 - 1
PR8 0 - 255
PR16 0 - 32767
PRu16 0 - 65535
PR32 0 - 2147483647
PRu32 0 - 4294967295
The function does not fail.
void libnethexdump(u_char *buf, int len, int swap, FILE *stream);
RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - packet to dump
2 - packet length
3 - byte swap flag
4 - previously opened stream to dump to the packet to
libnet_hex_dump() prints out a packet in hexadecimal. It will print the
packet as it appears in memory, or as it will appear on the wire,
depending on the value of the byte-swap flag.
The function prints the packet to a previously opened stream (such as
stdout).
Note that on big-endian architectures such as Solaris, the packet will
appear the same in memory as it will on the wire.
int libnetplistchainnew(struct libnetplist_chain **, char *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer
2 - pointer to the token list
libnet_plist_chain_new() constructs a new libnet port-list chain. A libnet
port-list chain is a fast and simple way of implementing port-list ranges
(useful for applications that employ a list of ports - like a port scanner).
You'll see naive implementations that allocate an entire array of 65535
bytes and fill in the desired ports one by one. However, we only really
need to store the beginning port and the ending port, and we can
efficiently store multiple port ranges (delimited by commas) by using a
linked list chain with each node holding the beginning and ending port for
a particular range. For example, The port range `1-1024` would occupy
one node with the beginning port being 1 and the ending port being 1024.
The port range `25,110-161,6000` would result in 3 nodes being allocated.
Single ports are taken as single ranges (port 25 ends up being 25-25).
A port list range without a terminating port (port_num - ) is
considered shorthand for (port_num - 65535).
The arguments are a pointer to libnet_plist_chain pointer (which will end
up being the head of the linked list) which needs to deference an allocated
libnet_plist_chain structure and pointer to the port-list (token-list)
itself.
The function checks this character port list for valid tokens
(1234567890,- ) and returns an error if an unrecognized token is
found.
Upon success the function returns 1, and head points to the newly formed
port-list (and also contains the number of nodes in the list. If an error
occurs (an unrecognized token is found or malloc fails) -1 is returned and
head is set to NULL.
libnet_plist_chain_next_pair() should be used to extract port list pairs.
int libnetplistchainnextpair(struct libnetplistchain *, ushort *, ushort *);
RV on success: 1, 0
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer
2 - pointer to the beginning port (to be filled in)
3 - pointer to the ending port (to be filled in)
libnet_plist_chain_next_pair() fetches the next pair of ports from the
list. The function takes a pointer to the head of the prebuilt list and a
pointer to a u_short that will contain the beginning port and a pointer to
a u_short that will contain the ending port.
The function returns 1 and fills in these values if there are nodes
remaining, or if the port list chain is exhausted, it returns 0. If
an error occurs (the libnet_plist_chain pointer is NULL) the function
returns -1.
int libnetplistchaindump(struct libnetplist_chain *);
RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer
libnet_plist_chain_dump() dumps the port-list chain referenced by the
argument. The function prints the list to stdout (it's mainly meant as a
debugging tool). It returns 1 upon success or if an error occurs (the
libnet_plist_chain pointer is NULL) the function returns -1.
uchar *libnetplistchaindumpstring(struct libnetplist_chain *);
RV on success: pointer to the token list as a string
RV on failure: NULL
Reentrant: no
Arguments: 1 - pointer to a libnet_plist_chain pointer
libnet_plist_chain_dump_string() returns the port-list chain referenced by
the argument as a string. It returns the port list string upon success or
if an error occurs (the libnet_plist_chain pointer is NULL) the function
returns NULL.
void libnetplistchainfree(struct libnetplist_chain *);
RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer
libnet_plist_chain_free() frees the memory associated with the libnet
port list chain.
----[ 6] Conclusion
Libnet is a powerful and useful library. Use it well and you will prosper and people will like you. Women will want you, men will want to be you (swap genders as required).
----[ 7] URLs
Libnet Homepage: http://www.packetfactory.net/libnet
Libnet Project Page: http://www.packetfactory.net
Libnet Mailing List: libnet-subscribe@libnetdevel.com
(mailing list is, as of 09.09.99 down for unknown
reasons. It will be back up soon. Keep track of
it on the webpage.)
TracerX http://www.packetfactory.net/tracerx
----[ 8] References
[1] LBNL, Network Research Group, "libpcap", http://ee.lbl.gov
[2] Stevens, W. Richard, "UNIX Network Programming, vol. I, 2nd ed.",
Prentice Hall PTR, 1998
[3] Hanson, David R., "C Interfaces and Implementations", Addison-Wesley,
1997
----[ 9] Example code
No writ on a C library would be complete without C code. The following heavily commented example is a work in progress. It's actually an incomplete program that we were working on called tracerx (a planned enhanced traceroute -- http://www.packetfactory.net/tracerx).
The packet injection portion is complete and operational and should prove to be a good example of how to write reasonably complex code on top of libnet (and libpcap). Included is the current tracerx tree including the autoconf files such that you can build it on your machine and play with it.
<++> P55/Tracerx/txframework.c !a2064076 /* * $Id: txframework.c,v 1.3 1999/06/03 22:06:52 route Exp $ * * Tracerx * tx_framework.c - main tracerx toplevel routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_main.h"
include "./tx_error.h"
include "./tx_struct.h"
include "./tx_framework.h"
include "./txpacketinject.h"
include "./txpacketcapture.h"
include "./txpacketfilter.h"
int txinitcontrol(struct txcontrol **txc) { /* * Heap memory for the control structure. / *tx_c = (struct tx_control *)malloc(sizeof(struct tx_control)); if (!(tx_c)) { return (-1); }
/*
* Heap memory for the libnet link interface structure.
*/
(*tx_c)->l =
(struct libnet_link_int *)malloc(sizeof(struct libnet_link_int));
if (!((*tx_c)->l))
{
return (-1);
}
if (libnet_seed_prand() == -1)
{
tx_error(CRITICAL, "Can't initialize the random number generator\n");
return (-1);
}
/*
* Initialize defaults to mimic a standard traceroute scan.
*/
(*tx_c)->device = NULL; /* set later */
(*tx_c)->current_ttl = 1; /* start at 1 hop */
(*tx_c)->max_ttl = 30; /* end at 30 */
(*tx_c)->initial_sport = libnet_get_prand(PRu16);
(*tx_c)->initial_dport = 32768 + 666; /* standard tr */
(*tx_c)->id = getpid(); /* packet id */
(*tx_c)->use_name = 1; /* resolve IP addresses */
(*tx_c)->packet_size = PACKET_MIN; /* IP + UDP + payload */
(*tx_c)->ip_tos = 0; /* set later */
(*tx_c)->ip_df = 0; /* set later */
(*tx_c)->packet_offset = 0; /* set later */
(*tx_c)->protocol = IPPROTO_UDP; /* UDP */
(*tx_c)->probe_cnt = 3; /* 3 probes */
(*tx_c)->verbose = 0; /* Sssssh */
(*tx_c)->reading_wait = 5; /* 5 seconds */
(*tx_c)->writing_pause = 0; /* no writing pause */
(*tx_c)->host = 0; /* set later */
(*tx_c)->packets_sent = 0; /* set later */
(*tx_c)->packets_reply = 0; /* set later */
(*tx_c)->l = NULL; /* pcap descriptor */
(*tx_c)->p = NULL; /* libnet descriptor */
memset(&(*tx_c)->sin, 0, sizeof(struct sockaddr_in));
return (1);
}
int txinitnetwork(struct txcontrol **txc, char err_buf) { / * Set up the network interface and determine our outgoing IP address. / if (libnet_select_device(&(txc)->sin, &(*txc)->device, err_buf) == -1) { return (-1); }
/*
* Open the libnet link-layer injection interface.
*/
(*tx_c)->l = libnet_open_link_interface((*tx_c)->device, err_buf);
if (!((*tx_c)->l))
{
return (-1);
}
/*
* Open the pcap packet capturing interface.
*/
(*tx_c)->p = pcap_open_live((*tx_c)->device, PCAP_BUFSIZ, 0, 500, err_buf);
if (!((*tx_c)->p))
{
return (-1);
}
/*
* Verify minimum packet size and set the pcap filter.
*/
switch ((*tx_c)->protocol)
{
case IPPROTO_UDP:
if ((*tx_c)->packet_size < IP_H + UDP_H + TX_P)
{
tx_error(WARNING,
"Packet size too small, adjusted from %d to %d\n",
(*tx_c)->packet_size,
IP_H + UDP_H + TX_P);
(*tx_c)->packet_size = IP_H + UDP_H + TX_P;
}
if (tx_set_pcap_filter(TX_BPF_FILTER_UDP, tx_c) == -1)
{
return (-1);
}
break;
case IPPROTO_TCP:
if ((*tx_c)->packet_size < IP_H + TCP_H + TX_P)
{
tx_error(WARNING,
"Packet size too small, adjusted from %d to %d\n",
(*tx_c)->packet_size,
IP_H + TCP_H + TX_P);
(*tx_c)->packet_size = IP_H + TCP_H + TX_P;
}
if (tx_set_pcap_filter(TX_BPF_FILTER_TCP, tx_c) == -1)
{
return (-1);
}
break;
case IPPROTO_ICMP:
if ((*tx_c)->packet_size < IP_H + ICMP_ECHO_H + TX_P)
{
tx_error(WARNING,
"Packet size too small, adjusted from %d to %d\n",
(*tx_c)->packet_size,
IP_H + ICMP_ECHO_H + TX_P);
(*tx_c)->packet_size = IP_H + ICMP_ECHO_H + TX_P;
}
if (tx_set_pcap_filter(TX_BPF_FILTER_ICMP, tx_c) == -1)
{
return (-1);
}
break;
default:
sprintf(err_buf, "Unknown protocol, can't set packetsize or filter\n");
return (-1);
}
/*
* Allocate packet header memory.
*/
if (libnet_init_packet(
(*tx_c)->packet_size + ETH_H, /* include space for link layer */
&(*tx_c)->tx_packet) == -1)
{
sprintf(err_buf, "libnet_init_packet: %s\n", strerror(errno));
return (-1);
}
return (1);
}
int txdoscan(struct txcontrol **txc) { int i, j;
/*
* Build a probe `template`. This template will be used for each
* probe sent and it will be updated each pass through the main loop.
*/
tx_packet_build_probe(tx_c);
/*
* Increment the hopcounter and update packet template.
*/
for (i = 0; i < (*tx_c)->max_ttl; i++)
{
/*
* Send a round of probes.
*/
for (j = 0; j < (*tx_c)->probe_cnt; j++)
{
tx_packet_inject(tx_c);
fprintf(stderr, ".");
}
tx_packet_update_probe(tx_c);
fprintf(stderr, "\n");
}
tx_error(FATAL, "Hopcount exceeded.\n");
return (1);
}
int txshutdown(struct txcontrol *tx_c) { pcap_close((txc)->p); libnetcloselinkinterface((tx_c)->l); free((txc)->l); libnetdestroypacket(&(*txc)->tx_packet);
free(*tx_c);
} /* EOF / <--> <++> P55/Tracerx/tx_packet_build.c !3b3527d5 / * $Id: txpacketbuild.c,v 1.3 1999/06/03 22:06:52 route Exp $ * * Tracerx * txpacketbuild.c - tracerx packet construction routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_main.h"
include "./tx_error.h"
include "./tx_struct.h"
include "./tx_framework.h"
include "./txpacketinject.h"
include "./txpacketcapture.h"
int txpacketbuildprobe(struct txcontrol **txc) { int i, c; uchar errbuf[BUFSIZ]; struct etheraddr *localmac, *remotemac; uchar DEBUG_ETHER[6] = {0x00, 0x10, 0x4b, 0x6b, 0x3c, 0x16};
/*
* Get the link layer addresses we'll need -- the local address of the
* outgoing interface and remote address of the host in question (this
* will actually be the first hop router).
*/
c = tx_get_hwaddrs(&local_mac, &remote_mac, tx_c, errbuf);
if (c == -1)
{
tx_error(FATAL, "tx_get_hwaddrs could not get an address %s.\n",
errbuf);
}
/*
* Build the ethernet header portion of the packet.
*/
libnet_build_ethernet(DEBUG_ETHER/*remote_mac.ether_addr_octet*/,
local_mac->ether_addr_octet,
ETHERTYPE_IP, /* This is an IP packet */
NULL, /* No payload */
0, /* No payload */
(*tx_c)->tx_packet); /* packet memory */
/*
* Build the IP header portion of the packet.
*/
libnet_build_ip((*tx_c)->packet_size - IP_H, /* IP packetlength */
(*tx_c)->ip_tos, /* IP type of service */
(*tx_c)->id, /* IP id */
(*tx_c)->ip_df, /* IP fragmentation bits */
(*tx_c)->current_ttl, /* IP time to live */
(*tx_c)->protocol, /* transport protocol */
(*tx_c)->sin.sin_addr.s_addr, /* source IP address */
(*tx_c)->host, /* destination IP */
NULL, /* IP payload */
0, /* IP payload size */
(*tx_c)->tx_packet + ETH_H); /* packet memory */
/*
* Build the transport header and payload portion of the packet.
*/
switch ((*tx_c)->protocol)
{
case IPPROTO_UDP:
tx_packet_build_udp(tx_c);
break;
case IPPROTO_TCP:
tx_packet_build_tcp(tx_c);
break;
case IPPROTO_ICMP:
tx_packet_build_icmp(tx_c);
break;
default:
tx_error(FATAL, "Unknown transport protocol\n");
}
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_IP, IP_H);
}
int txpacketbuildudp(struct txcontrol *tx_c) { libnet_build_udp((txc)->initialsport, /* source UDP port / (txc)->initialdport, /* dest UDP port / NULL, / payload (copied later) / / The UDP header needs to know the payload size. / (txc)->packetsize - IPH - UDPH, (tx_c)->tx_packet + ETH_H + IP_H); / packet memory */
tx_packet_build_payload(tx_c, UDP_H);
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_UDP,
(*tx_c)->packet_size - IP_H);
}
int txpacketbuildtcp(struct txcontrol *tx_c) { libnet_build_tcp((txc)->initialsport, /* source TCP port / (txc)->initialdport, /* dest TCP port / libnet_get_prand(PRu32), / sequence number / 0L, / ACK number / TH_SYN, / control flags / 1024, / window size / 0, / urgent / NULL, / payload (do this later) / 0, / later / (txc)->txpacket + ETHH + IPH); /* packet memory */
tx_packet_build_payload(tx_c, TCP_H);
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_TCP,
(*tx_c)->packet_size - IP_H);
}
int txpacketbuildicmp(struct txcontrol *tx_c) { libnet_build_icmp_echo(ICMP_ECHO, 0, 0, 0, NULL, 0, (txc)->txpacket + ETHH + IPH);
tx_packet_build_payload(tx_c, ICMP_ECHO_H);
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_ICMP,
(*tx_c)->packet_size - IP_H);
}
int txpacketbuildpayload(struct txcontrol **txc, int phdrsize) { struct timeval time0; struct txpayload *p; struct libnetiphdr *iphdr; int payloadoffset;
/*
* The payload is just beyond the transport header.
*/
payload_offset = ETH_H + IP_H + p_hdr_size;
if (gettimeofday(&time0, NULL) == -1)
{
tx_error(FATAL, "Can't get timing information\n");
}
ip_hdr = (struct libnet_ip_hdr *)((*tx_c)->tx_packet + ETH_H);
p = (struct tx_payload *)((*tx_c)->tx_packet + payload_offset);
/*
* This field is pretty much deprecated since we can keep track of
* packets by controlling the ip_id field, something traceroute could
* not do.
*/
p->seq = 0;
/*
* TTL packet left with.
*/
p->ttl = ip_hdr->ip_ttl;
/*
* RTT information.
*/
p->tv = time0;
}
int txpacketupdateprobe(struct txcontrol **txc) { struct libnetiphdr *iphdr;
ip_hdr = (struct libnet_ip_hdr *)((*tx_c)->tx_packet + ETH_H);
/*
* Tracerx wouldn't be tracerx without a monotonically increasing IP
* TTL.
*/
ip_hdr->ip_ttl++;
switch ((*tx_c)->protocol)
{
case IPPROTO_TCP:
{
struct libnet_tcp_hdr *tcp_hdr;
tcp_hdr = (struct libnet_tcp_hdr *)((*tx_c)->tx_packet + ETH_H
+ IP_H);
if (!((*tx_c)->tx_flags & TX_STATIC_PORTS))
{
/*
* Increment destination port.
*/
tcp_hdr->th_dport = htons(ntohs(tcp_hdr->th_dport) + 1);
}
/*
* Update the payload information.
*/
tx_packet_build_payload(tx_c, TCP_H);
tcp_hdr->th_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_TCP,
(*tx_c)->packet_size - IP_H);
break;
}
case IPPROTO_UDP:
{
struct libnet_udp_hdr *udp_hdr;
udp_hdr = (struct libnet_udp_hdr *)((*tx_c)->tx_packet + ETH_H
+ IP_H);
if (!((*tx_c)->tx_flags & TX_STATIC_PORTS))
{
/*
* Increment destination port.
*/
udp_hdr->uh_dport = htons(ntohs(udp_hdr->uh_dport) + 1);
}
/*
* Update the payload information.
*/
tx_packet_build_payload(tx_c, UDP_H);
udp_hdr->uh_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_UDP,
(*tx_c)->packet_size - IP_H);
break;
}
case IPPROTO_ICMP:
{
struct libnet_icmp_hdr *icmp_hdr;
icmp_hdr = (struct libnet_icmp_hdr *)((*tx_c)->tx_packet + ETH_H
+ IP_H);
/*
* Update the payload information.
*/
tx_packet_build_payload(tx_c, ICMP_ECHO_H);
icmp_hdr->icmp_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_ICMP,
(*tx_c)->packet_size - IP_H);
break;
}
default:
tx_error(FATAL, "Unknown transport protocol\n");
}
ip_hdr->ip_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_IP, IP_H);
}
/* EOF / <--> <++> P55/Tracerx/tx_packet_inject.c !788114b0 / * $Id: txpacketinject.c,v 1.3 1999/06/03 22:06:52 route Exp $ * * Tracerx * txpacketinject.c - high-level packet injection routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_struct.h"
include "./tx_framework.h"
include "./tx_error.h"
int txpacketinject(struct txcontrol **txc) { int n;
n = libnet_write_link_layer(
(*tx_c)->l, /* pointer to the link interface */
(*tx_c)->device, /* the device to use */
(*tx_c)->tx_packet, /* the packet to inject */
(*tx_c)->packet_size + ETH_H); /* total packet size */
if (n != (*tx_c)->packet_size + ETH_H)
{
tx_error(CRITICAL, "Write error. Only wrote %d bytes\n", n);
}
}
/* EOF / <--> <++> P55/Tracerx/tx_packet_verify.c !7f21675e / * $Id$ * * Tracerx * txpacketverify.c - packet verification routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_struct.h"
include "./tx_framework.h"
include "./tx_error.h"
include "./txpacketcapture.h"
int txpacketverifyudp(char *packet, struct txcontrol **txc) { struct libnetiphdr *iphdr; struct libneticmphdr *icmp_hdr;
ip_hdr = (struct libnet_ip_hdr *)(packet + ETH_H);
/*
* A UDP scan is only interested in ICMP packets (or possibly a UDP
* packet -- terminal case only).
*/
if (ip_hdr->ip_p != IPPROTO_ICMP && ip_hdr->ip_p != IPPROTO_UDP)
{
return (TX_PACKET_IS_BORING);
}
icmp_hdr = (struct libnet_icmp_hdr *)(packet + ETH_H + IP_H);
switch (icmp_hdr->icmp_type)
{
case ICMP_UNREACH:
{
struct libnet_ip_hdr *o_ip_hdr;
if (ip_hdr->ip_src.s_addr == (*tx_c)->host)
{
/*
* This is an unreachable packet from our destination host.
* This has to be the terminal packet. The report module
* will need to know if it's a regular port unreachable
* message or perhaps some other type of unreachable..
*/
if (icmp_hdr->icmp_code == ICMP_UNREACH_PORT)
{
return (TX_PACKET_IS_TERMINAL);
}
else
{
return (TX_PACKET_IS_TERMINAL_EXOTIC);
}
}
/*
* Point to the original IP header inside the ICMP message's
* payload.
*/
o_ip_hdr = (struct libnet_ip_hdr *)(packet + ETH_H + IP_H +
ICMP_UNREACH_H);
if (ntohs(o_ip_hdr->ip_id) == (*tx_c)->id &&
o_ip_hdr->ip_src.s_addr ==
(*tx_c)->sin.sin_addr.s_addr)
{
/*
* The original IP header was sent by this host and contains
* our special ID field, so it's almost positively ours.
*/
return (TX_PACKET_IS_UNREACH_EN_ROUTE);
}
else
{
return (TX_PACKET_IS_BORING);
}
break;
}
case ICMP_TIMXCEED:
break;
default:
return (TX_PACKET_IS_BORING);
}
}
int txpacketverifytcp(char *packet, struct txcontrol **tx_c) { }
int txpacketverifyicmp(char *packet, struct txcontrol **tx_c) { }
/* EOF / <--> <++> P55/Tracerx/tx_packet_filter.c !df1a0488 / * $Id: txpacketfilter.c,v 1.1 1999/06/03 22:06:52 route Exp $ * * Tracerx * txpacketfilter.c - packet filtering routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_struct.h"
include "./tx_error.h"
include "./tx_main.h"
include "./txpacketfilter.h"
int txsetpcapfilter(char *filter, struct txcontrol **txc) { struct bpfprogram filtercode; bpfuint32 localnet, netmask; char err_buf[BUFSIZ];
/*
* We need the subnet mask to apply a filter.
*/
if (pcap_lookupnet((*tx_c)->device, &local_net, &netmask, err_buf) == -1)
{
tx_error(CRITICAL, "pcap_lookupnet: ", err_buf);
return (-1);
}
/*
* Compile the filter into bpf machine code.
*/
if (pcap_compile((*tx_c)->p, &filter_code, filter, 1, netmask) == -1)
{
tx_error(CRITICAL, "pcap_compile failed for some reason\n");
sprintf(err_buf, "unknown error\n");
return (-1);
}
/*
* Compile the filter into bpf machine code.
*/
if (pcap_setfilter((*tx_c)->p, &filter_code) == -1)
{
tx_error(CRITICAL, "pcap_setfilter: ", err_buf);
return (-1);
}
return (1);
}
/* EOF / <--> <++> P55/Tracerx/tx_packet_capture.c !27092cf6 / * $Id: txpacketcapture.c,v 1.2 1999/06/03 22:06:52 route Exp $ * * Tracerx * txpacketcapture.c - high-level packet capturing routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_struct.h"
include "./tx_framework.h"
include "./tx_error.h"
include "./txpacketcapture.h"
int txpacketsnatcher(struct txcontrol **txc) { int n; uchar *packet; struct pcappkthdr pc_hdr;
/*
* Temporary looping construct until parallel code is in place.
*/
for (; packet = (u_char *)pcap_next((*tx_c)->p, &pc_hdr); )
{
/*
* Submit packet for verification based on scan type.
*/
switch ((*tx_c)->protocol)
{
case IPPROTO_UDP:
n = tx_packet_verify_udp(packet, tx_c);
break;
case IPPROTO_TCP:
n = tx_packet_verify_tcp(packet, tx_c);
break;
case IPPROTO_ICMP:
n = tx_packet_verify_icmp(packet, tx_c);
break;
}
/*
* Process the response from the verifier.
*/
switch (n)
{
case -1:
/* an error occured */
case TX_PACKET_IS_BORING:
/* not something we are not interested in */
break;
case TX_PACKET_IS_EXPIRED:
tx_report(TX_PACKET_IS_EXPIRED, packet, tx_c);
break;
case TX_PACKET_IS_TERMINAL:
tx_report(TX_PACKET_IS_TERMINAL, packet, tx_c);
break;
case TX_PACKET_IS_TERMINAL_EXOTIC:
tx_report(TX_PACKET_IS_TERMINAL_EXOTIC, packet, tx_c);
break;
case TX_PACKET_IS_UNREACH_EN_ROUTE:
tx_report(TX_PACKET_IS_UNREACH_EN_ROUTE, packet, tx_c);
break;
default:
break;
}
}
}
/* EOF / <--> <++> P55/Tracerx/tx_main.c !831e8153 / * $Id: txmain.c,v 1.3 1999/06/03 22:06:52 route Exp $ * * Tracerx * txmain.c - main control logic * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_main.h"
include "./tx_util.h"
include "./version.h"
include "./tx_struct.h"
include "./tx_error.h"
include "./tx_framework.h"
int main(int argc, char argv[]) { int c, have_protocol; / Mediates combined usage of -I and -P */ uchar errbuf[BUFSIZ]; struct txcontrol *txc;
/*
* Need to be root to open link layer devices.
*/
if (geteuid() && getuid())
{
tx_error(FATAL, "Pony up the privledgez (UID or EIUD == 0).\n");
}
/*
* Initialize control structure. This structure is used by just about
* every function in the program.
*/
if (tx_init_control(&tx_c) == -1)
{
tx_error(FATAL, "tx_init_control %s\n", strerror(errno));
}
/*
* Process commandline arguments.
*/
have_protocol = 0;
while ((c = getopt(argc, argv, "dFHhInrvxf:g:i:m:P:p:q:Ss:t:w:Vv")) != EOF)
{
switch (c)
{
case 'b':
/* Select burst rate */
tx_c->burst_rate = tx_str2int(optarg, "burst rate", 1,
BURST_RATE_MAX);
case 'D':
/* Set base TCP/UDP destination port number */
tx_c->initial_dport = tx_str2int(optarg, "initial dest port",
1, PORT_MAX);
break;
case 'd':
/* Socket level debugging (SO_DEBUG) */
/* NOOP */
break;
case 'F':
/* Set IP_DF (don't fragment) bit */
tx_c->ip_df = IP_DF;
break;
case 'f':
/* Set initial (first) IP TTL */
tx_c->current_ttl = tx_str2int(optarg, "initial TTL", 1,
IP_TTL_MAX);
break;
case 'g':
/* Loose source routing */
/* NOOP */
break;
case 'H':
/* Verbose help */
/* WRITEME */
case 'h':
/* Help */
usage(argv[0]);
case 'I':
/* Use ICMP */
/* Set transport protocol and transport header size */
/* Overruled by -P */
if (!have_protocol)
{
tx_c->protocol = tx_prot_select("ICMP", &tx_c);
}
break;
case 'i':
/* Interface */
tx_c->device = optarg;
break;
case 'm':
/* Max IP TTL */
tx_c->max_ttl = tx_str2int(optarg, "max TTL", 1,
IP_TTL_MAX);
break;
case 'n':
/* Do not resolve hostnames */
tx_c->use_name = 0;
break;
case 'P':
/* Set transport protocol and transport header size */
/* (supercedes -I) */
tx_c->protocol = tx_prot_select(optarg, &tx_c);
have_protocol = 1;
break;
case 'p':
/* Set base TCP/UDP destination port number */
tx_c->initial_dport = tx_str2int(optarg, "initial dest port",
1, PORT_MAX);
break;
case 'q':
/* Number of probes (queries) */
tx_c->probe_cnt = tx_str2int(optarg, "probe cnt", 1,
PROBE_MAX);
break;
case 'r':
/* Bypass routing sockets */
/* NOOP */
break;
case 'S':
/* Do not increment TCP/UDP port numbers (static) */
tx_c->tx_flags |= TX_STATIC_PORTS;
break;
case 's':
/* Set base TCP/UDP source port number */
tx_c->initial_sport = tx_str2int(optarg, "initial source port",
1, PORT_MAX);
break;
case 't':
/* Set IP_TOS (type of service) bits */
tx_c->ip_tos = tx_str2int(optarg, "IP tos", 0, 255);
break;
case 'V':
/* Version information */
fprintf(stderr, "\n%s\nversion %s\n", BANNER, version);
exit(EXIT_SUCCESS);
case 'v':
/* Verbose output */
tx_c->verbose = 1;
break;
case 'x':
/* Toggle checksums */
/* NOOP */
break;
case 'w':
/* Time to wait (in seconds) */
tx_c->reading_wait = tx_str2int(optarg, "read wait", 2,
WAIT_MAX);
break;
default:
usage(argv[0]);
}
}
/*
* Parse the command line for the destination host and possible
* packetlength.
*/
switch (argc - optind)
{
case 2:
/*
* User specified packetlength (optional). This will later
* be verified and adjusted if necessary.
*/
tx_c->packet_size = tx_str2int(argv[optind + 1], "packet length",
PACKET_MIN, PACKET_MAX);
/* FALLTHROUGH */
case 1:
/* Host (required). */
tx_c->host = libnet_name_resolve(argv[optind], 1);
if (tx_c->host == -1)
{
tx_error(FATAL, "Cannot resolve host IP address\n");
}
break;
default:
usage(argv[0]);
}
/*
* Bring up the network components.
*/
if (tx_init_network(&tx_c, err_buf) == -1)
{
tx_error(FATAL, "Cannot initialize the network: %s\n", err_buf);
}
/*
* Start the game!
*/
tx_do_scan(&tx_c);
/*
* Stop the game!
*/
tx_shutdown(&tx_c);
return (EXIT_SUCCESS);
}
void usage(char *argv0) { fprintf(stderr, "\nUsage : %s [options] host [packetlength]\n" "\t\t [-b] burst rate\n" "\t\t [-F] IPDF\n" "\t\t [-f] base IP TTL\n" "\t\t [-g] loose source routing\n" "\t\t [-H] verbose help\n" "\t\t [-h] help\n" "\t\t [-I] use ICMP\n" "\t\t [-i] specify interface\n" "\t\t [-m] max IP TTL (hopcount)\n" "\t\t [-n] do not resolve IP addresses into hostnames\n" "\t\t [-P] transport protocol (supercedes -I)\n" "\t\t [-p] base TCP/UDP port number (destination)\n" "\t\t [-q] number of probes\n" "\t\t [-S] do not increment TCP/UDP port numbers (static)\n" "\t\t [-s] base TCP/UDP port number (source)\n" "\t\t [-t] IP TOS\n" "\t\t [-V] version information\n" "\t\t [-v] verbose output\n" "\t\t [-w] wait (in seconds)\n" "\n", argv0); exit(EXITFAILURE); }
/* EOF / <--> <++> P55/Tracerx/tx_report.c !04c69fdd / * $Id: txreport.c,v 1.1.1.1 1999/05/28 23:55:06 route Exp $ * * Tracerx * txreport.c - reporting and printing module * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_struct.h"
include "./txpacketcapture.h"
void txreport(int class, uchar packet, struct tx_control *txc) { switch (class) { case TXPACKETISEXPIRED: break; case TXPACKETISTERMINAL: break; case TXPACKETISUNREACHENROUTE: break; default: break; } }
/* EOF / <--> <++> P55/Tracerx/tx_util.c !29dd0492 / * $Id: txutil.c,v 1.2 1999/05/29 20:28:43 route Exp $ * * Tracerx * txutil.c - various routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_main.h"
include "./tx_struct.h"
include "./tx_util.h"
include "./tx_error.h"
int tx_str2int(register const char *str, register const char *what, register int min, register int max) { register const char *cp; register int val; char *ep;
if (str[0] == '0' && (str[1] == 'x' || str[1] == 'X'))
{
cp = str + 2;
val = (int)strtol(cp, &ep, 16);
}
else
{
val = (int)strtol(str, &ep, 10);
}
if (*ep != '\0')
{
tx_error(FATAL, "\"%s\" bad value for %s \n", str, what);
}
if (val < min && min >= 0)
{
if (min == 0)
{
tx_error(FATAL, "%s must be >= %d\n", what, min);
}
else
{
tx_error(FATAL, "%s must be > %d\n", what, min - 1);
}
}
if (val > max && max >= 0)
{
tx_error(FATAL, "%s must be <= %d\n", what, max);
}
return (val);
}
int txprotselect(char protocol, struct tx_control *txc) { char *suppprotocols[] = {"UDP", "TCP", "ICMP", 0}; int i;
for (i = 0; supp_protocols[i]; i++)
{
if ((!strcasecmp(supp_protocols[i], protocol)))
{
switch (i)
{
case 0:
/* UDP */
(*tx_c)->packet_size = IP_H + UDP_H + TX_P;
return (IPPROTO_UDP);
case 1:
/* TCP */
(*tx_c)->packet_size = IP_H + TCP_H + TX_P;
return (IPPROTO_TCP);
case 2:
/* ICMP */
(*tx_c)->packet_size = IP_H + ICMP_ECHO_H + TX_P;
return (IPPROTO_ICMP);
default:
tx_error(FATAL, "Unknown protocol: %s\n", protocol);
}
}
}
tx_error(FATAL, "Unknown protocol: %s\n", protocol);
/* UNREACHED (silences compiler warnings) */
return (-1);
}
int txgethwaddrs(struct etheraddr **l, struct etheraddr *r, struct tx_control *txc, uchar errbuf) { *l = get_hwaddr((txc)->l, (*txc)->device, errbuf); if (l == NULL) { return (-1); } }
/* EOF / <--> <++> P55/Tracerx/tx_error.c !1962d944 / * $Id: txerror.c,v 1.1.1.1 1999/05/28 23:55:06 route Exp $ * * Tracerx * txerror.c - error handling routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
if (HAVECONFIGH)
include "./config.h"
endif
include "./tx_main.h"
include "./tx_error.h"
void txerror(int severity, char *msg, ...) { valist ap; char buf[BUFSIZ];
va_start(ap, msg);
vsnprintf(buf, sizeof(buf) - 1, msg, ap);
switch (severity)
{
case WARNING:
fprintf(stderr, "Warning: ");
break;
case CRITICAL:
fprintf(stderr, "Critical: ");
break;
case FATAL:
fprintf(stderr, "Fatal: ");
break;
}
fprintf(stderr, "%s", buf);
va_end(ap);
if (severity == FATAL)
{
exit(EXIT_FAILURE);
}
} /* EOF / <--> <++> P55/Tracerx/tx_framework.h !4bc795bb / * $Id: tx_framework.h,v 1.3 1999/06/03 22:06:52 route Exp $ * * Tracerx * * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Copyright (c) 1998 Mike D. Schiffman mds@es2.net * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXTRACERX_H
define TXTRACERX_H
define TXSTATICPORTS 0x1
define PACKETMIN IPH + UDPH + TXP
/* min packet size */
define PACKET_MAX 1500 /* max packet size */
define BURSTRATEMAX 30 /* max burst rate */
define IPTTLMAX 255 /* max IP TTL */
define PORT_MAX 65535 /* max port */
define PROBE_MAX 100 /* max probe count per round */
define WAIT_MAX 360 /* max time to wait for responses */
define PCAP_BUFSIZ 576 /* bytes per packet we can capture */
int txinitcontrol( struct tx_control ** );
int txinitnetwork( struct tx_control **, char * );
int txdoscan( struct tx_control ** );
int txshutdown( struct txcontrol ** );
endif /* TXTRACERX_H */
/* EOF / <--> <++> P55/Tracerx/tx_packet_build.h !6de4be5c / * $Id: txpacketbuild.h,v 1.3 1999/06/03 22:06:52 route Exp $ * * Tracerx * High-level packet construction routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Copyright (c) 1998 Mike D. Schiffman mds@es2.net * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXPACKETBUILDH
define TXPACKETBUILDH
int txpacketbuildprobe( struct txcontrol ** );
int txpacketbuildpayload( struct txcontrol **, int );
int txpacketbuildudp( struct txcontrol ** );
int txpacketbuildtcp( struct txcontrol ** );
int txpacketbuildicmp( struct txcontrol ** );
int txpacketupdateprobe( struct txcontrol ** );
endif /* TXPACKETBUILDH */
/* EOF / <--> <++> P55/Tracerx/tx_packet_inject.h !9b8fc656 / * $Id: txpacketinject.h,v 1.3 1999/06/03 22:06:52 route Exp $ * * Tracerx * High-level packet injection routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Copyright (c) 1998 Mike D. Schiffman mds@es2.net * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXPACKETINJECTH
define TXPACKETINJECTH
int txpacketinject( struct tx_control ** );
endif /* TXPACKETINJECTH */
/* EOF / <--> <++> P55/Tracerx/tx_packet_verify.h !a40d5aef / * $Id$ * * Tracerx * packet verification routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXPACKETVERIFYH
define TXPACKETVERIFYH
int txpacketverifyudp( char *, struct txcontrol ** );
int txpacketverifytcp( char *, struct txcontrol ** );
int txpacketverifyicmp( char *, struct txcontrol ** );
endif /* TXPACKETVERIFYH */
/* EOF / <--> <++> P55/Tracerx/tx_packet_filter.h !f4dbb92f / * $Id: txpacketfilter.h,v 1.1 1999/06/03 22:06:52 route Exp $ * * Tracerx * packet filtering routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXPACKETFILTERH
define TXPACKETFILTERH
/* * Since we are not putting the interface into promiscuous mode, we don't * need to sift through packets looking for our IP; this simplfies our * filter language. For each scan type, we of course need to receive * ICMP TTL expired in transit type messages (ICMP type 11). * For UDP, our terminal packet is an unreachable (ICMP type 3). * For TCP, our terminal packet is a TCP RST (or an RST/ACK). * For ICMP, our terminal packet is an ICMP echo reply. * However, for the last two, we need to be prepared for unreachables as * network conditions are unpredictable. */
define TXBPFFILTER_UDP "icmp[0] == 11 or icmp[0] == 3"
define TXBPFFILTER_TCP "icmp[0] == 11 or icmp[0] == 3 or tcp[14] == 0x12 \
or tcp[14] == 0x4 or tcp[14] == 0x14"
define TXBPFFILTER_ICMP "icmp[0] == 11 or icmp[0] == 3 or icmp[0] == 0"
int txsetpcapfilter( char *, /* filter code to install */ struct txcontrol ** );
endif /* TXPACKETFILTERH */
/* EOF / <--> <++> P55/Tracerx/tx_packet_capture.h !be216cbf / * $Id: txpacketcapture.h,v 1.1.1.1 1999/05/28 23:55:06 route Exp $ * * Tracerx * High-level packet injection routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Copyright (c) 1998 Mike D. Schiffman mds@es2.net * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXPACKETCAPTUREH
define TXPACKETCAPTUREH
define TXPACKETIS_BORING 0
define TXPACKETIS_EXPIRED 1
define TXPACKETIS_TERMINAL 2
define TXPACKETISTERMINALEXOTIC 3
define TXPACKETISUNREACHEN_ROUTE 4
int txpacketsnatcher( struct tx_control ** );
endif /* TXPACKETCAPTUREH */
/* EOF / <--> <++> P55/Tracerx/tx_main.h !1526759a / * $Id: tx_main.h,v 1.2 1999/05/29 20:28:42 route Exp $ * * TracerX * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Copyright (c) 1998 Mike D. Schiffman mds@es2.net * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef MAINH
define MAINH
include
include
include
define BANNER "TracerX (c) 1999 Mike D. Schiffman mike@infonexus.com and \
Jeremy F. Rauch\njrauch@cadre.org. Distribution is unlimited provided due \ credit is given and no fee is charged.\n\nhttp://www.packetfactory.net/tracerx \ for more information.\n"
void usage( char * );
endif /* MAINH */
/* EOF / <--> <++> P55/Tracerx/tx_report.h !05ed6ef4 / * $Id$ * * Tracerx * Report generation routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXREPORT_H
define TXREPORT_H
include "./tx_struct.h"
void txreport( int, /* The class of packet we are reporting on */ uchar , / The packet to report / struct tx_control * /* u know this one */ );
endif /* TXREPORT_H */
/* EOF / <--> <++> P55/Tracerx/tx_util.h !928f1bf7 / * $Id: tx_util.h,v 1.1.1.1 1999/05/28 23:55:06 route Exp $ * * Tracerx * Misc routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXUTIL_H
define TXUTIL_H
include "./tx_struct.h"
/* * Converts a string into an integer, handling bounding errors. * Accepts base 10 or base 16 numbers. * Taken from traceroute and slightly modified. * Exits with reason upon error. / int / The converted value / tx_str2int( register const char *, / The string containing the value / register const char *, / The title of the value (for errors only) / register int, / Minimum value / register int / Maximum value */ );
int /* The protocol number / tc_prot_select( char *, / The protocol from the command line / struct tx_control * /* U know.. */ );
int /* 1 == ok, -1 == err / tx_get_hwaddrs( struct ether_addr *, /* local ethernet addr (to be filled in) / struct ether_addr *, /* remote ethernet addr (to be filled in) / struct tx_control *, /* U know.. / u_char * / errbuf */ );
endif /* TXUTIL_H */
/* EOF / <--> <++> P55/Tracerx/tx_error.h !b56cc374 / * $Id: tx_error.h,v 1.1.1.1 1999/05/28 23:55:06 route Exp $ * * Tracerx * Error handling routines * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Copyright (c) 1998 Mike D. Schiffman mds@es2.net * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. DEDICATED TO ARA. * */
ifndef TXERROR_H
define TXERROR_H
define WARNING 0x1
define CRITICAL 0x2
define FATAL 0x4
void tx_error( int, char *, ... );
endif /* TXERROR_H */
/* EOF / <--> <++> P55/Tracerx/tx_struct.h !20e7682d / * $Id: tx_struct.h,v 1.2 1999/06/03 22:06:52 route Exp $ * * Tracerx * tracerx structure prototypes * * Copyright (c) 1999 Mike D. Schiffman mike@infonexus.com * Jeremy F. Rauch jrauch@cadre.org * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */
ifndef TXSTRUCT_H
define TXSTRUCT_H
include
include
include
/* * Tracerx control structure. */
struct txcontrol { uchar txflags; /* internal flags */ uchar device; / device to use / u_char *tx_packet; / pointer to the packet / u_short ip_tos; / IP type of service / u_short ip_df; / IP dont fragment / u_short burst_rate; / burst rate / u_short current_ttl; / current IP TTL / u_short max_ttl; / max IP TTL / u_short initial_sport; / initial source port / u_short initial_dport; / initial destination port / u_short id; / tracerx packet ID / u_short use_name; / use domain names or dotted decimals / u_short packet_size; / total packet size / int packet_offset; / IP packet offset / int protocol; / transport protocol in use / int probe_cnt; / number of probes to send per round / int verbose; / verbose mode / int reading_wait; / network reading wait / int writing_pause; / network writing pause / u_long host; / destination host / u_long packets_sent; / packets sent / u_long packets_reply; / packets we got replies back / struct sockaddr_in sin; / socket address structure / struct libnet_link_int *l; / libnet packet injection structure / pcap_t *p; / pcap packet listening structure */ };
/* * Packet payload. / struct tx_payload { u_char seq; / packet sequence number / u_char ttl; / TTL packet injected with / struct timeval tv; / time vector */ };
define TXP sizeof(struct txpayload)
endif /* TXSTRUCT_H */
/* EOF /
<-->
The following tarball contains the tracerx support files including the autoconf
files and documentation.
<++> P55/Tracerx/tracerx-package.tar.gz.uue !bddbaa9f
begin 644 tracerx-package.tar.gz
M'XL(")M)V#<`W1R86-E<G@M<&%C:V%G92YT87(%QK5]M(DYZOZ%?T,-G!
M]L'RE9O)!6-,+Q@.+9AR"%YC2RW;0VRI-4%S"3Y[_M4MR3+M#,3K)GSXO.
MC&UU=U5755=7/=42.=/N^,`PN6I8/WVOU(Y[?+Y9R\J+OPLY6/KHOYK<+
M/^6W=[:W\^5"OKB-]@+:T/=)$I<@>=K+J9T;=OUCC7#GS^(P3ZL=<ORB^,
ML5>-?H6=35UA\YX5U"(K[.WMY?+;N7R)%8N5'9EJ\"$'5A]XK!7BB3NN)K.
MW>N87C36;.?1-88CGZ7TM&#$SHP[SHY4UM9'QFPUBSV>HRF\,:V!:?!)ZJ
MV^.W@GK)]1MW^?B1':NLI07ZB+W^PZ7O`UWKNURUW>';4)P#W;8&QC!P>=>P
MG,`4)2+UOG[5O4LYO6&,5(/5$:S7:G>GJ:[%)SA@6G,,VL-U.ZL>-9KV=
M[+\UC9[%_:R<AV6S?:AM<>^6'6!T^T"I'9]6WT])B.9`MJ&O-JN6ZL=>-
MP9<^(\N,<D+&LZNN:P@^K14:/3.&]63[M$?:"<'Y6KW5F9/4GW;%F6I-
MO[CKVJ[.7"U,7^PW3MY&_B&7^YW+%='[_FMK3#!P-/V.^]U>8)A].2AL
M,:P_N.[/-$$P/Z#U8(L,X!L^=V>&WW/7&#RJMJHNFI7E+57J5HMS?`IS$6_
MP@5(LZS.7KUF69N]PHIB=2KH#!<VK2C3WQ4&KIYA6^H((T*;I)>QCOH$TY@>
M/\F<X!GQL1,LX\91!8YR56^UL0+VH$[9MD!B;;F\3[+<K;AY=1,#G[D&SK3
M1YH;\;CYA(59_W5]/[<QY<#>"K5TDVL6S""Y973;Y2P#BR4U2L@9_<20P%>4
MON'YD@,37Q$?Z4"J:0^CG[JFCWAT0S(&7KQ]13-<VL-LM(;AJ!$V5_W\6/F_
M#E@OUS]ZM>K5H[/Z]YWCB?Q?V"F5XOQ?!4H^-VZR7X#KS3][*91W.JUJ
MK=ZZGLES,0KH/3X7""S'7\9%3R'S<CWG4HN]_#PH,K,--!TWW8?5>3?705
MFE32W^WX$!^;GE>Q4EF[R$U(>4<9EF]5D(2)B/J#VP3=-^,QA11&CLDSB
M!;N[0V8[;(>]Y%GE2=U@Y%SDG31R`+M:QMS9,/?$?E7#5[ICJT[W.TK'[
M=BAT2%[M]YD7.(0?(0+=M8=,[5'Y"YF0W(7XF.M\".8YSN,;/*V*F4L$P
MS7!2BR.%^C9S-!]IJL\&ANOYJJ)<R2S(3I#GH,"<R4B0>`A=+8XD2-DXO&J8
M?<B]!:KY26$5O,%,4=^3\5Z4A
M%Q=P;;FW:"@B/$@%8IJFR,-V4Y'?D%TJ9[JT8U"KLS-UB#^^:XQY(O[C
MVJ+X7RQM%[=+I2+%_XH";^K5.'U'Q[_#<%TSWGWMINF'I9M#GZKC\O>9X
MZORG5"C2B^52OEB(5\6YS^%G>++O!5]\RZ?3GE8(?]+(6O)$9*TP+<I
M^2"YZ*[MQ?T+ASN[FW_IB"?B4P6D$7PH'WK<O>=]50@22W-JVW>>0!,:<B>_
M-VQ4JB'>"8MB9T0)ZQSZ#7T.^#,V+,X>1@8P(1TRV)9@9C,(`Y(IB0
M5W?9@^9)7$4H(V8*J.(S*4Z?61W5G`<D6?"VZ%[P>:$0T'(S!1XWE#CQM
MR"LS1JW6Z)BF6>]T:R?UVK^BF^@((1H*0P0FX<&P0=H#Q$?UX\MF"C]">+W`
M9E.Y4<*)XJX4#+7)Q-%-UWVJ>^L_5[V-YKO4Z'\:53Z@M88L)^9SV$(.LT
M@^Y%JW[<N`Z!HJKMDZVL&!V&_%KU]N5I)[6,@/5M[ED;@'P3P+;T/&6]U3IO
MI72-1@P,K*2DD^.XZ?&8H#MGL3>WGN\"!GM+Y61?&("6P]9GG67]XT(](7I
M:E;8MG^.EN_W9\.@36D+?YDZZ_FYU^?,\6"4J>S;OH:S@;7^V'3'/AF]HC
MD/J(5";O\XTQ]]2/#.PN!#)DPP1M'I!2GV)[-G#M\;>+EM`.:266CYM09T$+
MEC5]R?XI=19)#=IN-K/-/O1Z7^^P9OUW=MZLJ^G$I(D57'28.1,M3F'?)9@-
M#$5^R15Y^@GM@T+P=3??2=-/6-?,[9O\G\W^IM+.3R/B^4]A>VOG)?_
M@(MVS]0'$'0L[FH^BF;_6,ZO!8)L/<8C6(%M20W70(%U0**L4L"4^M\7G
MCOC<9<<NYZQM#_P'"GW'=F#U1;F[B0)9%UF3=4:&EWP$1=%E0&1>2";BTTI.
M@L?0N.<>"RS3&!ND@T,XP)/YW&8ZY"6PD$,<I:-RU^C1HRS#WY3YW/!'%&+I
M&VO-QG;?&$!]XNYM,J$T[:&3*%R&;9L`TG*9TI=IEJ(@I];4S]T[GH($=H
M,;(=+B&&(4\^$-B!&?@@,*4P&,U^;W1.SB\[K-K\P'ZOMEK59N?#)BE"'/C$
MYY8O-?2),U;(U4"&D*$M'
M!U"WO"C+!P+&F8E,#$IC-20,=6X><W94ZR-O,<*16.5(U;$8KS;&"=8:%X35
M1@%RYDOZC7A8C&L:"T=:F979@4]2+EECV1EMT(S%OZM<"07ZYBO)2M
M<)7Q(FO>HE,7-5M>^1)##"=B$.N3V#(9>&495P4;O11BFI4@AL^828'!)
M<X;+N
^&+3O<\V,(&VL\7+303=#OE5)C@3"RAMCXA`)'E;T<4(3.VON:1F(
MGM$XW1RQDLA^X&S":YB?$M:3E7.:R4J",-@+Z#%6%DO#BCMLP`2N7R!Q>\2D
M%W^0;>Q&8]+$CML22#R.H`6!%#C=-ADR^9VU!6FE6_R-BK>;#C3(O)5,]
MG9\6@&0R1<:T4]-O?77C<28N[D\H,OT81FD]'BP!DO>SEIRDB!MG?92Y?`
M5<%IFF$CP<I$W1Q5Z'?4D;C]2L^=OXV^>J?GA'KT!GM<C@,7-?-G>7%]H+
MTWEI>J=1<D;;)M.JH3.)1G1R(_DOO)XW:/GI,HZ*I10C14LI*#I+K6H&SZFU
MME*CI0O5,@K5[BI4SRI5O[M8QA8>JW%-+Y;1[%.5[H84%^FK^EBVDF7%!('
M4W&YK'89?U19A4Y;XW^=B].KC+*2DET=G87Q,99ILQ%R2.:V5T>*@C]35PDF
MZNQ&"H.%$B(9H%!][T9^F(;W`\DH&:3((*,F>;G#5(3.USB]1,QN-H8,G-
M^2SJCQF,.(-JA`PF8DH+=;)=^>.L9?G8S:P79ET7'-[4J)GXF]6?EGM>/;W(
M2:\I79321<HS!5VKN%V[?]$/!]-I*Y!**409=:'>312D2U!TB?Y-K0.6/.$4
MX^'N][T,@F2KKDO!SDWM\6K&QF)KZTK6KC((J8,=!G;[#NUL,$ZS\KE#2278OF1V$<QCRCQY7XN-CXF7?/*^7J6OJ;R(A21D/JWI
MXG>WZ<G[1XG:DM]/WC^FCT?T)>$9XVK#?IR97U/@^T!EAK%(9J"80V5M$C
MAV=@+37%GXS)+SD$0/]ILJ"VBTY=)P)-<F^08Y-,B3@#U&1M\>4@RYO2
M(K^JEVO_LZ$5UE;ZA0IC2L,I-0S_D8YMK\DI]LF&LID)\),`DO"GN?U6YQ
MX:;!LL8?]:R5I<\?P$)SGT;4KT)@;U%X&B./XDH2`DKIDT=O3-54;!QF.L
M,XLZTQ()#&FV.H#H"$O!IQ`92M2YO>Y@@B+N?KU6SR#,YB&AC(K\42(V,>9
M0D&ON,,MIYPU0J$5\5F"+#J%[,(GTREJZ4SAY7EKAU\L,&2GP\N(1,:
MM$;UU<R]3?P'9$Q^N0#!GT?$U6#HL0D]R0)GS"`-O;DV,D\"6,W$HD^.!686
MI`L8%$D$48M2I\WSJ3#H2JA?Y,NA*:AC6O8RT923?$Q;:P5V>S("$0[/)KU
M])9ZIGK:[!9?9H\=YC;\/X7I4I=+JV?IY=+K5]V^6"0?OVR4;6Y'BBGZGI),L3R9C1JY[.8R%QDTD"5FXW%@,EU,
MZ5Z31YOBTO4ER3?@-VNI,TVA9U='(IH?4,W-%27.-N91^.\')RN)%18B.[
M!)]BUK.0HDIF4UZ,)DN]"LQ]8D18<@;F9W_@#D]^M\4_:++];8\85")V@9
MQ2$43^V>EJ(U,_KZM8?T\7WOU"-`BTW2=4B;^F[!;S4(6O#^8N5S'S>$X3KLABME"<1N5]KXVRQT:@$%W./CL7R_H
M!]B2(3&&$7B_PH=>JW8SJVP]AAFPK&91:\$\L9;>:\%CT$NHT!842;PQ%T
MU\TV/QZ)3E?0W1;:DK7;`3OE27E;W42H^P-(YJL,$JS'@Q$!:WIQX[9K).@
M3H^=:+YIUB\R54;EV&1.3KM\J)+2)7W(+"]Y$NKQT?,BTG0:V\?'![LP;[;
MNO2;..[;Y8JX]:"XG'CMW0C*2N^(L"A0=CD2;,-P0'4;:+AU#SA5P=R=E'A
M[)M9<=&DDXH;C[Q!A&Z#FMC*[6CE!OZ7BP#+P7@;?K'F:-1J!Z/M'*Q\X.FY
M/,S'BS""Q)NFN!&+..&FR1Y'QT!RP5+%Q8_6.W\A*NHD(NF)$:4"HP-BN#
M)!5R,<]R6*7($!=BW$?9R(M$?0R'*T:83;R(9N#^H%^=85BI,$,)J"D:%
MG'1%HIC$%G)AKVWGL%^[P[*=,%6P$Q9R^&Z+&P\QA:P)SO(&,XW+N6B"N$;;
MN5?/7NX\;VS#^?KG/0ZBUSO)NA/^I8XC68MSF&47^#-GX+)#4=L8E3;84N\
MJGFXW]\T,;9)1;:KM1S&H)7VSDR&TU>:7DVB$ZF2=';&/V-WE%<AA.AM,[
MC(3MMTXXA%!$0;R'D/.WX?J/RB5*'?^466W@?R&Z=LGRV:FO.4;K"BV]UP
M,X&$W3$CZRYN&K/6V7X;JY4W"XN2QL+^&2G'RQ!*S4]$K_WBG]D][UV$91
MF/969$'@*.:;L#=VXGNGH$_72[!;[-YV!Q.;(!MB0[YYR"]/._"ZP."22RH\
M4T]K!+:"5Q?RCZF@">F`"X[G2:E"'D_*;P)"R"H)$;(LQ""L<!TW(H$19LSB\EPBWW!89-JG\T5/
MZ%D15C@.FI`.R"N"V,]PUI9HR&-&5Z1.)[NYC$SLE@?UCA.&A".J"[T-K;
MLOI1B#2528?CHGI@/RZ':(A<&_H#:!H0W>^[\K'`>M;FE[NDD:4F9[@@@)
M;$D@Z"^#9@=V;%B^^G!E%J;U^FRIJ(L9-V5X;47.*)C?,*X:>@O%M$C#5]
MYWQE[>+,4,FX5L'#(E6&4C7/Y5NX9U-295^2B-O"-FBV@W;6B;QE671!>
M[)5/'MNH;LFK^(H+;-+DLB5DW$R"+J/KT"T5S\$.?^M#T(S3!PNHR"_KC?
M($@I&.)VBX7O^B6'O'WWE`INR3)%/#K=+(V)Q-[Q9Z;<MZXN..H2W$2ZT0
M#S(P625F?'B<8Z;+?"?3^=LL:A/E?-D?5C@..N5U0'Y=BF3CQ%3)PDKHC,WD
M%Y.8IV(LDF0B$YG<3^?+_DA`BI-,2%,\&\,LJM?U2.7#^N6?95DLAQ=1V//'
M<%Q$M952"0" title="" />D7!'XUX4M/"H2()SV"80?DUT"%(R5SM^3<"V^.@+T,I2[-
M(?%EV'L^M/7@JG0]RNQ5N1U5(#Q9:IX^R5WKZ'JB=-3=#^+;TK@L5LN3/`I
M3%4O5V&=EV49C-7WWRM)4E<E\:\VJF@<JY.\?QVGCOD[TUU*@=9NHB!LQ&^
MPA#)32Z<F^C0325SCM_43>PB>W-MO]R3P39S$40A1GYD8:-&:@0]6?J3[LK
MCON,@_"D@@F[+]V2'1.4N2U2)):4*'?)P':L91*?%1T"W%%9^\Q]9[[/YR
MN:"KY.):G)&-8'S3C]YVM0B$[W,)GAVV<]#?!EL'#$OF6(3R(ZS-TG_GH
M>.9EM3$;[TB)8W]B.L)>!,C=R&&HI=R@63:M'6W^EB2E)Q3C7;RWO/U)]9
M<T:]>W=73+()=]N52KL]=/]8SLK^9E%?"9CEF]!9CE5&K!PSB7CS(!R4]
MO<4^$TYD`%EG=PN6]E\^"X:49#":"W/Q@3G0+I'.]0!)"Z20<_J0XTW"@2D
M!VQ@55I7"-[=2YI4;E5CX'FCP7[A)Q!X)'HBQF&/PG]5MB77G<D%QIJ(Y
ML=NQ@QAQEP*V6$:7>L;24_6(#(02]YA7)?)4IB(&48@"LST32%#B,$"'
M%ZV669+5S0N+&%Q6T0OJFG9AG'2[>+3"1F"B&(27=+'8_DL)!!)L0HN2+P
MKQ/(E5\43D8MJSBS07/.]#&<OE<J!JMHP1U@R^'SX]W7LV8N*/)@+A,R:FHR[+KP;T6
MBUA;[PO4H\&K42;Q?'[_Z?7^RZ=6%7'?X>2@/3/-%"<\Y1^ME\<-DZX3TGH
MBI.IBX82CZE-^G-A<3H>C)SO'SO9,IQ23QE'^ESF?,]O+-@';OSRW21-G
M>SNH"2,P97/5KS;HQ"6]#Y@SD3`46F9=R(G^G0;L#A73BG$(W,&3>+F+>C
MG=V?=YZ;$K21(G,R`],@B[BHFP7L]"UZS#(WI2,/-E:)F-NKS@\1AFR",6
MBH7.<:FWYO&K5"$]JY+2162<W",8'\!T)])@,>:&]8SUUS8-"/NP%;]U2#PO
M3MZ/,M]T0'[=4P5EX.,$S<VB18'34@S\92<Q;W'1)13/MTONP/<XK@[SAH
M0CK@MLJB-MB4?-BI5D1.+;_;0.-AQC)UOA.*C[R*HPNZ=HFY!2R7<-"$=
M2#:<B^I6]Y3M,$Z7_:'%8Z#,?I<.MWWK.I1#)H0BZ:DHVQE"V_:&P/ZRP
M1D8R3<%%6$!=O/3^;(S/#R=QPTH51+=`6F-9H'+2902$8DOMU/:Z9QC)UL
MA:T^T=5D]HO-I''AF3')B!@9$^=^.EV1Z)D'#0A'9#?1`<[:$H?.QQG,=V<
MC+ATE-W#)C:9+?'M?J8@V,E6.Z:D!DV!^VLD6/VCXHE@R:D++/VX2EGN
M0&$IBQ94^\,QT$3T@'=!"F?A?N@PQ6^'>6W`:W\L[0DMQTAK!#&UA&8O#1
MD187:'%3:C1)\FQ+C$M]V6DB2S5VWSC\U(O%MU\91SI?]887CHD9.)K
M=PM%YXQ"96;')",,FG&<^^E\V1]6V`5B0CH@OSCSD<769Z6[K&KF&Y41EPZ
MREJ5<6PR6^+;72^DN"LQ#AH0CJ@%X>+?M8:L<3(R:`)Z8#\H;GXXDV!'P
MIC^L-F\G#/%86]S-[9K@:6XD9DI#$%&?T>\;L<#+,#R[Z-2"LXI-32]2&:!
M:=DS,B>S8F0J6S(BN0X2VG-9Z^%WA$"W)03#>F_/*/QDMN5CN&30A'6"T
M1&W/XDPB2^\G'8Z#)J0#\NM.P<C1!XH<':"L+O#"EM='UW$F73G1C-TA%R)
M.A>(RJNRXI-1B2^W<\4!/O#"L=!$[*+RF^B2UWLI6?=>X-B1CNS(NU^M>+3
M65,QR8@,2&X6Y\O^L,(N$)-@AMEM3^9H!WIDK$"BS!%>BV(6^8$38T8FUG/
MR(@EDD$3T@'Y36`QLL0.(N0O6O#L#RL%
MON.@">F`";:&M<G[8UOS(H)C)(1B6_WTYXO%&,G6^$X:$*FU^*:LWJ.9?54
M)ADT(1V07_YQ>T#*<NM%_E^TH-H?5C@.FI`.:/RE?!;N5YA3M*ZI4#HY#92EM4
MYDNI;`E&?Y+*ED"+5;;TX\KSJ&RE.R>)W%^ILD5B(%+8DEJG*&QI\5$\OO1U
MR'&8E]T8#]'.?(+#NS4X;!4(TLW,[6R;BS)WHU-%N+;-QJ]:9.EUA/A-
M?"5$01/29>DQE8D0E:M:\!BI5D1.+;_;0VE1O[.NB&+X1,.`YJ6FP9MF31
M8^O44I.^W8+70XQOZPPG'0A'0@V75QQ;KOXMO08A*Y5$PRPNDQCG.S.%V
MAQ6.@W%WQBAD]2=0H=DKCE$O,#X6T]KTGC#Y^$OPVN(@O60O>BX-GV3EDD8
MA!PY=`&(0CF+00OO9&Z#<E&^5+K;@@;YA;5$"CDK]99$,O=AZ'%E1S4J$6
MO5S8NTWH'J`_-ZH7[R;P0[@7I)\*7V&;29S$Z,S>1JQNI!VBC2;ON=EF.M.Q
MEF?AC?4/CF&I9!%"@/,6#2!$.(8I%!&:QXXC`]58=1']UG4"8A0D4)MOQ-A
M:.33/^6BI;I"ZMH]7QO0,8+D0994%554]5U?A^^YQLU3>A0FER;D+#3]YY
M(WFT&JJK'HIW:1CB)3D
M4)A#"6A[+$G"I(X7'(/F?2]L?LPD$8Q?RB@%"(`U4X[@_S6E8%@-BQ%-_B
M6OK%H_%^6U]?\T^HR#>IW[A.RJOK9I[G52\P_32)=V7+L@*50+"QE^9+
M_E)(/8%!F#72$TP5I!/<\5&<U_6=DL=L/#K82;J+<53PE1&9D@(\/=YMV#2#
M3.U]H;F(()HX6#3N;H=K'>71[A7A-\5P>SR9<9UNR26I'-<2ZE><<->5
M)Z[IEHP=?.BB4>RB1ANZHT,'NJ0&AC]HY9)3R[29#QU1N6=7O'4D>2C:/V
MR0*U523_J3GC<7MC]S'F8D$H*T+.:S<\B"UPI=Q*RM;T4J%?WY;7"FO`&W)
M+1!3!IPJ>91MMONV5@A6YM-+RCA\.5=JC$=A!ZE^H93.V8`7,4^]
MC#-`L5FBQOM@"'W&?HM00T8<WX@2QR2:>#W:YLJ\ON4VCUN9-VM6],'VGS6V
M"P]RA1P&@>G]+BASCQ$W(!89SX4.74AEHA")"Q9V(Z,P5T5<G_;1XL7
MH5T\5?&PD$.^KZ1U?3\P/ILOD9[U!^[!?GX#8U<H9NE[I`KSR$CANSN=J$0
M;_6+"ZH$7.JJ.E>TTS\PN:"D#G]:%%"^8Y,I\D]Z),^41AI%ARQQ<-'R2
MFS=C>6577<DS9]!=86D+R+;JF+:UZ;G#',Q6="\@$NME933J51P2Y3F`3E%
MO$R(+#[,T.)QZ-QS-$63#T:GSX,.,TC1.#43CME:@+)=^P58CMU0CJ\C
MIA?LQ,]&;)C#_94U#:W*^;/`BORU9GVUR+$&-E4R;6<(S)$D3%9"D[72VF
M&!A8!)#]:FZV#6^2V?5-)S/*1[J'O"1W*)VI'Z#FEUC'SV9H*+.0/NNT0Y
MY^PSK$9PS^;96PH10C@<^OTA,Q:!:>ED&@I&Q!O`1OLMI"ER@+.]+BX@(!
M$Q=F"Q2#-$\<Q$]4@SD@O&8A9XX9#5?U[T%#YP"BSS54HU7J)(GL>)\BX
MD1EW5OO@TSU='6+62=!&(]-(9AP5[,B-&WIB)'\NW@5JY2RUY=AC]5Z^()
M&Z>H]MZ&S$=W@/YTZ(HCTL\<Q@!7%!E<]<U&0Z_>A5(,E?BL@K%8*C^C5PP+
M5?YC556MPZX^3E=F[D%7[L)H;L*2"0C-$&"5.92D9Z8B['(]>],OQU.2
M3K$TZV26ZZ5&Z$DF.M>:"9O*B9XT"0FM[')/^:^^)JS^)=)EKM#Z-:WU@E
M^?:ZMK&(];J*ZO?Y7?XF\ED^!^QH>9#([RQWJE]D355C=KCS?77.4/
M79@5/VY0L@><:]=75]7R*J5DZ'?`\6U.%0\$D/TWAX;'],*,]LD+);?OZK'*
MWY2AU8!=7N6E$R!+XP59H.0D1IV52$GN*!@,O%:/KR0HB;K$NIW`DHU?#PZ/
M&ON-7/DGW:^YT[.2["#GN3)Z`5/E<:"^6Q]0B:=[C=WC2.\:\R57Q[E=_2
M^>OAU/"$7]_)@4[!&L/(C25Q0#UW!0@AH]#5JYV#IZ67^P=[ZI```AHG
M1^B,!K`!)/"+@T,*,L9[>VKG9>.0X(Q-PY8>+Z^@ZK][?7>TP<K-"S5EUDI
M0)4?N?UR8O#XP85GV.YIT$`/FGU\9[%'/]\AT#/;DBTD7+PA@%Z43?;HL
JL@C):O^&&GA?_[[^??W[^O?U[^O?U[^O?UOOY]N;'PJ?4$8X$`
`
end
<-->
----[ EOF