Copy Link
Add to Bookmark
Report

Phrack Inc. Volume 09 Issue 55 File 06

eZine's profile picture
Published in 
Phrack Inc
 · 5 years ago

  

-------[ Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 06 of 19 ]


-------------------------[ The Libnet Reference Manual v.01 ]


--------[ route <route@infonexus.com> ]


----[ 1] Impetus

If you are required to write C code (either by vocation or hobby) that at
some point, must inject packets into a network, and the traditionally
provided system APIs are insufficient, libnet is for you. Libnet provides
a simple API to quickly build portable programs that write network packets.

Libnet was written for two main reasons. 1) To establish a simple interface
by which network programmers could ignore the subtleties and nuances of
low-level network programming (and therefore concentrate on writing their
programs). 2) To mitigate the irritation many network programmers experienced
due to the lack of standards.

To be honest, I can't believe someone didn't write something like libnet
(also termed "libpwrite") a long time ago. It seemed like such an obvious
gap that needed to be filled. I was sure the LBNL guys (Lawrence Berkeley
National Laboratory -- they wrote libpcap[1]) would put something together.
I mean, Libnet, simply put, is the packet injector analog to libpcap. They
are brothers (or sisters).

To sum it up, this is a treatise on the art of manufacturing network packets
in an efficient, consistent and portable manner using libnet.

Libnet in and of itself, has nothing to do with security. However, libnet
is a wonderful utility for writing security-related applications, tools
and modules. Many recent exploits have been rapidly developed using libnet as
have many security related tools. Take a look at the libnet projects URL
section below for some examples.


----[ 2] Overview

Libnet is a simple C library. It is designed to be small, efficient and
easy to use. Libnet's main goal is portable packet creation and injection.
At the time this manual was written, Libnet was in version 0.99f and had 15
different packet assemblers and two types of packet injection, IP-layer and
link-layer (more on those below).

By itself, libnet is moderately useful. It can build and inject packets to
the network. Libnet, however, has no provisions for packet capture. For
this, one must look to libpcap. Together, libnet and libpcap are powerful
tools available to the network programmer.

Libnet consists of about:
- 7300 lines of code
- 32 source files
- 5 include files
- ~54 functions
- ~43 user-accessable / implemented functions


----[ 3] Design Decisions (past, present and future)

Libnet is very much an ongoing learning/research project. When I started
it over a year and a half ago, I had no idea it would grow as it did
incorporating as much functionality as it does. Libnet's design has changed
not so much in stages, but rather in evolutions. Many of these evolutionary
changes I took from other successful libraries out there. Some of the changes
are hard to pass and are still in progress, while some were just simple
internal changes. Then there were some modifications to the library that
unfortunately changed the interface and obsoleted older versions. In this
section I hope enlighten the reader as to some of the design decisions that go
into libnet; where it was, where it is, and where it's going.


Modularity (interfaces and implementations)
-------------------------------------------
Big programs are made up of many modules [3]. These modules provide the user
with functions and data structures that are to be used in a program. A module
comes in two parts: its interface and its implementation. The interface
specifies what a module does, while the implementation specifies how the
module does it. The interface declares all of the data types, function
prototypes, global information, macros, or whatever is required by the module.
The implementation adheres to the specifications set forth by the interface.
This is how libnet was and is designed. Each implementation, you'll find,
has a corresponding interface.

There is a third piece of this puzzle: the client. The client is the piece
of code that imports and employs the interface, without having to even see
the implementation. Your code is the client.

For more information on interfaces and implementations in C, I urge the reader
to check out [3]. It's an excellent book that changed the way I wrote code.


Nomenclature
------------
Initially, the naming of files, functions and other tidbits didn't seem to
be that important. They took on whatever names seemed appropriate at the
time. In a stand-alone program, this is bad style. In a library, it's bad
style AND potentially error-prone. Library code is intended to be used on
different platforms and potentially with other libraries. If one of these
other libraries (or potentially the user's code) contains an object with the
same name, problems result. Therefore, naming has become an important issue
to me. A strict naming convention helps in two major areas:

- for filenames it keeps them ordered in a directory making for easy
perusal
- for function names, macros, and symbols it cuts down on redefinition
problems and makes the interface much easier to learn


Error Handling and Reporting
----------------------------
Error handling and reporting is an essential part of any programming
paradigm. Delicate handling of and recovery from error conditions is an
absolute necessity, especially in a third party library. I believe Libnet
now has decent error handling (see below for a dissertation on assertions).
It can recover from most bad situations more or less gracefully. It
checks for illegal conditions under most circumstances. Reporting, however,
is a different story and is still progressing. Libnet needs to have a standard
error reporting convention in place. As it stands now, some functions use
errno (since they are basically system call wrappers), while some accept
an additional buffer argument to hold potentional error messages, and still
others as yet have no provision for verbose error reporting. This needs to
change and possibly might be accomplished using variable argument lists.


Assertions and Exit Points
--------------------------
assert(3) is a macro that accepts a single argument which it treats as an
expression, evaluating it for truth. If the expression is evaluated to be
false, the assert macro prints an error message and aborts (terminates) the
program. Assertions are useful in the developmental stages of programs when
verbose error handling is not in place or when a grievous error condition
that normally should not happen occurs. Initially libnet was riddled with
assertions. Libnet mainly employed assertions to catch NULL pointer
dereferences before they occurred (many libnet functions accept pointer
arguments expecting them to actually point somewhere). This seemed reasonable
at the time because this is obviously a grievous error -- if you're passing a
NULL pointer when you shouldn't, your program is probably going to crash.
However, assertions also riddled the library with numerous potential
unpredictable exit points. Exit points inside a supplementary library such as
libnet are bad style, let alone unpredictable exit points. Library code should
not cause or allow a program to exit. If a grievous error condition is
detected, the library should return error codes to the main, and let it decide
what to do. Code should be able to handle grievous errors well enough to be
able to exit gracefully from the top level (if possible). In any event, the
assertions were removed in version 0.99f in favor of error indicative return
values. This preserves compatibility, while removing the exit points.


IPv4 vs IPv6
------------
Libnet currently only supports IPv4. Support for IPv6 is definitely
planned, however. The main consideration is nomenclature. Had I been
mister-cool-smart guy in the beggining, I would have anticipated this and
added IP version information to the function names and macros e.g.:
ipv4_build_ip, IPV4_H. However at this point, I refuse to force users to
adopt to yet another interface, so the IPv6 functions and macros will contain
IPv6 in the name (much like the POSIX 1.g sockets interface [2]).


The Configure Script
--------------------
Early on in the development of libnet, it became clear that there was much
OS and architecture dependent code that had to conditionally included and
compiled. The autoconf configuration stuff (circa version 0.7) worked great to
determine what needed to be included and excluded in order to build the
library, but did nothing for post-install support. Many of these CPP macros
were needed to conditionally include header information for user-based code.
This was initially handled by relying on the user to define the proper macros,
but this quickly proved inefficient.

Libnet now employs a simple configure script. This script is created during
autoconf configuration and is installed when the library is installed. It
handles all of the OS and architecture dependencies automatically - however,
it is now mandatory to use it. You will not be able to compile libnet-based
code without. See the next section for details on how to invoke the script.


----[ 4] A Means to an Ends

This section covers operational issues including how to employ the library in
a useful manner as well noting some of its quirks.


The Order of Operations
-----------------------
In order to build and inject an arbitrary network packet, there is a standard
order of operations to be followed. There are five easy steps to packet
injection happiness:

1) Network initialization
2) Memory initialization
3) Packet construction
4) Packet checksums
5) Packet injection

Each one of these is an important topic and is covered below.


Memory allocation and initialization
------------------------------------
The first step in using libnet is to allocate memory for a packet. The
conventional way to do this is via a call to libnet_init_packet(). You just
need to make sure you specify enough memory for whatever packet you're going
to build. This will also require some forthought as to which injection method
you're going to use (see below for more information). If you're going to
build a simple TCP packet (sans options) with a 30 byte payload using the
IP-layer interface, you'll need 70 bytes (IP header + TCP header + payload).
If you're going to build the same packet using the link-layer interface, you'll
need 84 bytes (ethernet header + IP header + TCP header + payload). To be
safe you can simply allocate IP_MAXPACKET bytes (65535) and not worry about
overwriting buffer boundries. When finished with the memory, it should be
released with a call to libnet_destroy_packet() (this can either be in a
garbage collection function or at the end of the program).

Another method of memory allocation is via the arena interface. Arenas are
basically memory pools that allocate large chunks of memory in one call,
divy out chunks as needed, then deallocate the whole pool when done. The
libnet arena interface is useful when you want to preload different kinds
of packets that you're potentially going to be writing in rapid succession.
It is initialized with a call to libnet_init_packet_arena() and chunks are
retrieved with libnet_next_packet_from_arena(). When finished with the memory
it should be released with a call to libnet_destroy_packet_arena() (this can
either be in a garbage collection function or at the end of the program).

An important note regarding memory management and packet construction: If you
do not allocate enough memory for the type of packet you're building, your
program will probably segfault on you. Libnet can detect when you haven't
passed *any* memory, but not when you haven't passed enough. Take heed.


Network initialization
----------------------
The next step is to bring up the network injection interface. With the
IP-layer interface, this is with a call to libnet_open_raw_sock() with the
appropriate protocol (usually IPPROTO_RAW). This call will return a raw
socket with IP_HDRINCL set on the socket telling the kernel you're going
to build the IP header.

The link-layer interface is brought up with a call to
libnet_open_link_interface() with the proper device argument. This will
return a pointer to a ready to go link interface structure.


Packet construction
-------------------
Packets are constructed modularly. For each protocol layer, there should
be a corresponding call to a libnet_build function. Depending on your
end goal, different things may happen here. For the above IP-layer example,
calls to libnet_build_ip() and libnet_build_tcp() will be made. For the
link-layer example, an additional call to libnet_build_ethernet() will be
made. The ordering of the packet constructor function calls is not important,
it is only important that the correct memory locations be passed to these
functions. The functions need to build the packet headers inside the buffer
as they would appear on the wire and be demultiplexed by the recipient.
For example:

14 bytes 20 bytes 20 bytes
__________________________________________________________
| ethernet | IP | TCP |
|______________|____________________|____________________|

libnet_build_ethernet() would be passed the whole buffer (as it needs to build
an ethernet header at the front of the packet). libnet_build_ip() would get
the buffer 14 bytes (ETH_H) beyond this to construct the IP header in the
correct location, while libnet_build_tcp() would get the buffer 20 bytes
beyond this (or 34 bytes beyond the beginning (ETH_H + IP_H)). This is
easily apparent in the example code.


Packet checksums
----------------
The next-to-last step is computing the packet checksums (assuming the packet
is an IP packet of some sort). For the IP-layer interface, we need only
compute a transport layer checksum (assuming our packet has a transport
layer protocol) as the kernel will handle our IP checksum. For the link-layer
interface, the IP checksum must be explicitly computed. Checksums are
calculated via libnet_do_checksum(), which will be expecting the buffer passed
to point to the IP header of the packet.


Packet injection
----------------
The last step is to write the packet to the network. Using the IP-layer
interface this is accomplished with libnet_write_ip(), and with the link-layer
interface it is accomplished with libnet_write_link_layer(). The functions
return the number of bytes written (which should jive with the size of your
packet) or a -1 on error.


Using the Configure Script
--------------------------
There has been some confusion on how to correctly implement the
libnet-configure shell script. Since 0.99e, it has become mandatory to use
this script. The library will not compile code without it. This is to avoid
potential problems when user code is compiled with improper or missing CPP
macros. The script also has provisions for specifiing libraries and cflags.
The library switch is useful on architectures that require additional
libraries to compile network code (such as Solaris). The script is very
simple to use. The following examples should dispell any confusion:

At the command line you can run the script to see what defines are
used for that system:

shattered:~> libnet-config --defines
-D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H
-DLIBNET_LIL_ENDIAN

shattered:~> gcc -Wall `libnet-config --defines` foo.c -o foo
`libnet-config --libs`

In a Makefile:

DEFINES = `libnet-config --defines`

In a Makefile.in (also employing autoheader):

DEFINES = `libnet-config --defines` @DEFS@


IP-layer vs. Link-layer
-----------------------
People often wonder when to use the link-layer interface in place of the
IP-layer interface. It's mainly trading of power and complexity for ease of
use. The link-layer interface is slightly more complex and requires more
coding. It's also more powerful and is a lot more portable (if you want
to build ARP/RARP/ethernet frames it's the only way to go). It is basically
a matter of what you need to get done.

One major issue with the link-layer interface is that in order to send packets
to arbirtrary remote Internet hosts, it needs to know the MAC address of the
first hop router. This is accomplished via ARP packets, but if proxy ARP
isn't being done, you run into all kinds of problems determining whose MAC
address to request. Code to portably alleviate this problem is being
developed.


Spoofing Ethernet Addresses
---------------------------
Certain operating systems (specifically ones that use the Berkeley Packet
Filter for link-layer access) do not allow for arbitrary specification of
source ethernet addresses. This is not so much a bug as it is an oversight
in the protocol. The way around this is to patch the kernel. There are two
ways to patch a kernel, either statically, with kernel diffs (which requires
the individual to have the kernel sources, and know how to rebuild and install
a new kernel) or dynamically, with loadable kernel modules (lkms). Since it's
a bit overzealous to assume people will want to patch their kernel for a
library, included with the libnet distribution is lkm code to seamlessly
bypass the bpf restriction.

In order to spoof ethernet packets on bpf-based systems (currently supported
are FreeBSD and OpenBSD) do the following: cd to the proper support/bpf-lkm/
directory, build the module, and modload it.

The module works as per the following description:

The 4.4BSD machine-independent ethernet driver does not allow upper layers
to forge the ethernet source address; all ethernet outputs cause the output
routine to build a new ethernet header, and the process that does this
explicitly copies the MAC address registered to the interface into this header.

This is odd, because the bpf writing convention asserts that writes to bpf
must include a link-layer header; it's intuitive to assume that this header
is, along with the rest of the packet data, written to the wire.

This is not the case. The link-layer header is used solely by the
bpf code in order to build a sockaddr structure that is passed to the generic
ethernet output routine; the header is then effectively stripped off the
packet. The ethernet output routine consults this sockaddr to obtain the
ethernet type and destination address, but not the source address.

The Libnet lkm simply replaces the standard ethernet output routine with a
slightly modified one. This modified version retrieves the source ethernet
address from the sockaddr and uses it as the source address for the header
written the wire. This allows bpf to be used to seamlessly forge ethernet
packets in their entirety, which has applications in address management.

The modload glue provided traverses the global list of system interfaces,
and replaces any pointer to the original ethernet output routine with the
new one we've provided. The unload glue undoes this. The effect of loading
this module will be that all ethernet interfaces on the system will support
source address forging.

Thomas H. Ptacek wrote the first version of this lkm in 1997.


Raw Sockets Limitations
-----------------------
Raw sockets are horribly non-standard across different platforms.

- Under some x86 BSD implementations the IP header length and fragmentation
bits need to be in host byte order, and under others, network byte order.

- Solaris does not allow you to set many IP header related bits including
the length, fragmentation flags, or IP options.

- Linux, on the other hand, seems to allow the setting of any bits to any
value (the exception being the IP header checksum, which is always done
by the kernel -- regardless of OS type).

Because of these quirks, unless your code isn't designed to be multi-platform,
you should use libnet's link-layer interface instead.


----[ 5] Internals

Libnet can be broken down into 4 basic sections: memory management, address
resolution, packet handling, and support. In this section we cover every
user-accessible function libnet has to offer.

Proceeding each function prototype is a small reference chart listing the
return values of the function, whether or not the function is reentrant (a
function is considered reentrant if it may be called repeatedly, or may be
called before previous invocations have completed, and each invocation is
independent of all other invocations) and a brief description of the function's
arguments.

If you're wondering, yes, this is basically a verbose manpage, however, much of
it is new and additional verbiage, supplemental to the existing manual page.


Memory Management Functions
---------------------------

int libnet_init_packet(u_short, u_char **);

RV on success: 1
RV on failure: -1
Re-entrant: yes
Arguments: 1 - desired packet size
2 - pointer to a character pointer to contain packet memory


libnet_init_packet() creates memory for a packet. Well, it doesn't so much
create memory as it requests it from the OS. It does, however, make
certain the memory is zero-filled. The function accepts two arguments, the
packet size and the address of the pointer to the packet. The packet size
parameter may be 0, in which case the library will attempt to guess a
packet size for you. The pointer to a pointer is necessary as we are
allocating memory locally. If we simply pass in a pointer (even though
we are passing in an address, we are referencing the value as a pointer --
so in essence we would be passing by value) the memory will be lost. If
we pass by address, we will retain the requested heap memory.

This function is a good example of interface hiding. This function is
essentially a malloc() wrapper. By using this function the details of
what's really happening are abstracted so that you, the programmer, can
worry about your task at hand.


void libnet_destroy_packet(u_char **);

RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - pointer to a character pointer to containing packet
memory

libnet_destroy_packet() is the free() analog to libnet_init_packet. It
destroys the packet referenced by 'buf'. In reality, it is of course a
simple free() wrapper. It frees the heap memory and points `buf` to NULL
to dispel the dangling pointer. The function does make the assertion that
`buf` is not NULL. A pointer to a pointer is passed to maintain
interface consistency.


int libnet_init_packet_arena(struct libnet_arena **, u_short, u_short);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an arena pointer (preallocated arena)
2 - number of packets
3 - packet size

libnet_init_packet_arena() allocates and initializes a memory pool.
If you plan on building and sending several different packets, this is
a good choice. It allocates a pool of memory from which you can grab
chunks to build packets (see next_packet_from_arena()). It takes the
address to an arena structure pointer, and hints on the possible packet
size and number of packets. The last two arguments are used to compute
the size of the memory pool. As before, they can be set to 0 and the
library will attempt to choose a decent value. The function returns -1
if the malloc fails or 1 if everything goes ok.


u_char *libnet_next_packet_from_arena(struct libnet_arena **, u_short);

RV on success: pointer to the requested packet memory
RV on failure: NULL
Reentrant: yes
Arguments: 1 - pointer to an arena pointer
2 - requested packet size

libnet_next_packet_from_arena() returns a chunk of memory from the
specified arena of the requested size and decrements the available
byte counter. If the requested memory is not available from the arena, the
function returns NULL. Note that there is nothing preventing a poorly
coded application from using more memory than requested and causing
all kinds of problems. Take heed.


void libnet_destroy_packet_arena(struct libnet_arena **);

RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - pointer to an arena pointer

libnet_destroy_packet_arena() frees the memory associated with the
specified arena.


Address Resolution Functions
----------------------------

u_char *libnet_host_lookup(u_long, u_short);

RV on success: human readable IP address
RV on failure: NULL
Reentrant: no
Arguments: 1 - network-byte ordered IP address
2 - flag to specify whether or not to look up canonical
hostnames (symbolic constant)

libnet_host_lookup() converts the supplied network-ordered (big-endian)
IP address into its human-readable counterpart. If the usename flag is
LIBNET_RESOLVE, the function will attempt to resolve the IP address
(possibly incurring DNS traffic) and return a canonical hostname, otherwise
if it is LIBNET_DONT_RESOLVE (or if the lookup fails), the function returns
a dotted-decimal ASCII string. This function is hopelessly non reentrant
as it uses static data.


void libnet_host_lookup_r(u_long, u_short, u_char *);

RV on success: NA
RV on failure: NA
Reentrant: maybe
Arguments: 1 - network-byte ordered IP address
2 - flag to specify whether or not to look up canonical
hostnames (symbolic constant)

libnet_host_lookup_r() is the planned reentrant version of the above
function. As soon as reentrant network resolver libraries become
available, this function will likewise be reentrant. An additional
argument of a buffer to store the converted (or resolved) IP address is
supplied by the user.


u_long libnet_name_resolve(u_char *, u_short);

RV on success: network-byte ordered IP address
RV on failure: -1
Reentrant: yes
Arguments: 1 - human readable hostname
2 - flag to specify whether or not to look up canonical
hostnames (symbolic constant)

libnet_name_resolve() takes a NULL terminated ASCII string representation
of an IP address (dots and decimals or, if the usename flag is
LIBNET_RESOLVE, canonical hostname) and converts it into a network-ordered
(big-endian) unsigned long value.


u_long libnet_get_ipaddr(struct link_int *, const u_char *, const u_char *);

RV on success: requested IP address
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a link interface structure
2 - pointer to the device to query
3 - pointer to a buf to contain a possible error message

libnet_get_ipaddr() returns the IP address of a specified network device.
The function takes a pointer to a link layer interface structure, a
pointer to the network device name, and an empty buffer to be used in case
of error. Upon success the function returns the IP address of the
specified interface in network-byte order or 0 upon error (and errbuf will
contain a reason).


struct ether_addr *libnet_get_hwaddr(struct link_int *, const u_char *,
const u_char *);

RV on success: requested ethernet address (inside of struct ether_addr)
RV on failure: NULL
Reentrant: depends on architecture
Arguments: 1 - pointer to a link interface structure
2 - pointer to the device to query
3 - pointer to a buf to contain a possible error message

libnet_get_hwaddr() returns the hardware address of a specified network
device. At the time of this writing, only ethernet is supported.
The function takes a pointer to a link layer interface structure, a
pointer to the network device name, and an empty buffer to be used in case
of error. The function returns the MAC address of the specified interface
upon success or 0 upon error (and errbuf will contain a reason).


Packet Handling Functions
-------------------------

int libnet_open_raw_sock(int);

RV on success: opened socket file descriptor
RV on failure: -1
Reentrant: yes
Arguments: 1 - protocol number of the desired socket-type (symbolic
constant)

libnet_open_raw_sock() opens a raw IP socket of the specified protocol
type (supported types vary from system to system, but usually you'll want
to open an IPPROTO_RAW socket). The function also sets the IP_HDRINCL
socket option. Returned is the socket file descriptor or -1 on error. The
function can fail if either of the underlying calls to socket or setsockopt
fail. Checking errno will reveal the reason for the error.


int libnet_close_raw_sock(int);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - socket file descriptor to be closed

libnet_close_raw_sock() will close the referenced raw socket.


int libnet_select_device(struct sockaddr_in *, u_char **, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: no
Arguments: 1 - preallocated sockaddr_in structure pointer
2 - pointer to a char pointer containing the device
3 - pointer to a buf to contain a possible error message

libnet_select_device() will run through the list of interfaces and select
one for use (ignoring the loopback device). If the device argument
points to NULL (don't pass in a NULL pointer, the function expects a
pointer to a pointer, and C can't derefrence a NULL pointer) it will
try to fill it in with the first non-loopback device it finds, otherwise,
it will try to open the specified device. If successful, 1 is returned
(and if device was NULL, it will now contain the device name which can
be used in libnet_*link*() type calls). The function can fail for a
variety of reasons, including socket system call failures, ioctl failures,
if no interfaces are found, etc.. If such an error occurs, -1 is returned
and errbuf will contain a reason.


struct link_int *libnet_open_link_interface(char *, char *);

RV on success: filled in link-layer interface structure
RV on failure: NULL
Reentrant: yes
Arguments: 1 - pointer to a char containing the device to open
2 - pointer to a buf to contain a possible error message

libnet_open_link_interface() opens a low-level packet interface. This is
required in order to be able inject link layer frames. Supplied is a
u_char pointer to the interface device name and a u_char pointer to an
error buffer. Returned is a filled-in link_int structure or NULL on
error (with the error buffer containing the reason). The function can
fail for a variety of reasons due to the fact that it is architecture
specific.


int libnet_close_link_interface(struct link_int *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a link interface structure to be closed

libnet_close_link_interface() closes an opened low-level packet interface.


int libnet_write_ip(int, u_char *, int);

RV on success: number of bytes written
RV on failure: -1
Reentrant: Yes
Arguments: 1 - socket file descriptor
2 - pointer to the packet buffer containing an IP datagram
3 - total packet size

libnet_write_ip() writes an IP packet to the network. The first argument
is the socket created with a previous call to libnet_open_raw_sock, the
second is a pointer to a buffer containing a complete IP datagram, and
the third argument is the total packet size. The function returns the
number of bytes written upon success or -1 on error (with errno containing
the reason).


int libnet_write_link_layer(struct link_int *, const u_char *, u_char *, int);

RV on success: number of bytes written
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an opened link interface structure
2 - pointer to the network device
3 - pointer to the packet buffer
4 - total packet size

libnet_write_link_layer() writes a link-layer frame to the network. The
first argument is a pointer to a filled-in libnet_link_int structure,
the next is a pointer to the network device, the third is the raw packet
and the last is the packet size. Returned is the number of bytes written
or -1 on error.


int libnet_do_checksum(u_char *, int, int);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to the packet buffer
2 - protocol number of packet type (symbolic constant)
3 - total packet size

libnet_do_checksum() calculates the checksum for a packet. The first
argument is a pointer to a fully built IP packet. The second is the
transport protocol of the packet and the third is the packet length (not
including the IP header). The function calculates the checksum for the
transport protocol and fills it in at the appropriate header location
(this function should be called only after a complete packet has been
built).

Note that when using raw sockets the IP checksum is always computed by
the kernel and does not need to done by the user. When using the link
layer interface the IP checksum must be explicitly computed (in this
case, the protocol would be of type IPPROTO_IP and the size would include
IP_H). The function returns 1 upon success or -1 if the protocol is of
an unsupported type. Currently supported are:

Value Description
---------------------------
IPPROTO_TCP TCP
IPPROTO_UDP UDP
IPPROTO_ICMP ICMP
IPPROTO_IGMP IGMP
IPPROTO_IP IP


int libnet_build_arp(u_short, u_short, u_short, u_short, u_short, u_char *,
u_char *, u_char *, u_char *, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - hardware address format (ARPHRD_ETHER)
2 - protocol address format
3 - length of the hardware address
4 - length of the protocol address
5 - ARP operation type (symbolic constant)
6 - sender's hardware address
7 - sender's protocol address
8 - target's hardware address
9 - target's protocol address
10 - pointer to packet payload
11 - packet payload size
12 - pointer to pre-allocated packet memory

libnet_build_arp() constructs an ARP (RARP) packet. At this point in the
library, the function only builds ethernet/ARP packets, but this will be
easy enough to change (whenever I get around to it). The first nine
arguments are standard ARP header arguments, with the last three being
standard libnet packet creation arguments. The ARP operation type
should be one of the following symbolic types:

Value Description
-------------------------------
ARPOP_REQUEST ARP request
ARPOP_REPLY ARP reply
ARPOP_REVREQUEST RARP request
ARPOP_REVREPLY RARP reply
ARPOP_INVREQUEST request to identify peer
ARPOP_INVREPLY reply identifying peer

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ARP packet).

The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.


int libnet_build_dns(u_short, u_short, u_short, u_short, u_short, u_short,
const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet id
2 - control flags
3 - number of questions
4 - number of answer resource records
5 - number of authority resource records
6 - number of additional resource records
7 - pointer to packet payload
8 - packet payload size
9 - pointer to pre-allocated packet memory

libnet_build_dns() constructs a DNS packet. The static DNS fields are
included as the first six arguments, but the optional variable length
fields must be included with the payload interface.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire DNS packet).

The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.


int libnet_build_ethernet(u_char *, u_char *, u_short, const u_char *, int,
u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to the destination address (string)
2 - pointer to the source address (string)
3 - ethernet packet type (symbolic constant)
4 - pointer to packet payload
5 - packet payload size
6 - pointer to pre-allocated packet memory

libnet_build_ethernet() constructs an ethernet packet. The destination
address and source address arguments are expected to be arrays of
unsigned character bytes. The packet type should be one of the
following:

Value Description
-------------------------------
ETHERTYPE_PUP PUP protocol
ETHERTYPE_IP IP protocol
ETHERTYPE_ARP ARP protocol
ETHERTYPE_REVARP Reverse ARP protocol
ETHERTYPE_VLAN IEEE VLAN tagging
ETHERTYPE_LOOPBACK Used to test interfaces

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ethernet
packet).

The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.


int libnet_build_icmp_echo(u_char, u_char, u_short, u_short, const u_char *,
int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - packet id
4 - packet sequence number
5 - pointer to packet payload
6 - packet payload size
7 - pointer to pre-allocated packet memory

libnet_build_icmp_echo() constructs an ICMP_ECHO / ICMP_ECHOREPLY packet.
The packet type should be ICMP_ECHOREPLY or ICMP_ECHO and the code should
be 0.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.


int libnet_build_icmp_mask(u_char, u_char, u_short, u_short, u_long,
const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - packet id
4 - packet sequence number
5 - IP netmask
6 - pointer to packet payload
7 - packet payload size
8 - pointer to pre-allocated packet memory

libnet_build_icmp_mask() constructs an ICMP_MASKREQ / ICMP_MASKREPLY
packet. The packet type should be either ICMP_MASKREQ or ICMP_MASKREPLY
and the code should be 0. The IP netmask argument should be a 32-bit
network-byte ordered subnet mask.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.


int libnet_build_icmp_unreach(u_char, u_char, u_short, u_char, u_short,
u_short, u_char, u_char, u_long, u_long, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - original IP length
4 - original IP TOS
5 - original IP id
6 - original IP fragmentation bits
7 - original IP time to live
8 - original IP protocol
9 - original IP source address
10 - original IP destination address
11 - pointer to original IP payload
12 - original IP payload size
13 - pointer to pre-allocated packet memory

libnet_build_icmp_unreach() constructs an ICMP_UNREACH packet. The 3rd
through the 12th arguments are used to build the IP header of the original
packet that caused the error message (the ICMP unreachable). The packet
type should be ICMP_UNREACH and the code should be one of the following:

Value Description
-------------------------------------------
ICMP_UNREACH_NET network is unreachable
ICMP_UNREACH_HOST host is unreachable
ICMP_UNREACH_PROTOCOL protocol is unreachable
ICMP_UNREACH_PORT port is unreachable
ICMP_UNREACH_NEEDFRAG fragmentation required but DF bit was set
ICMP_UNREACH_SRCFAIL source routing failed
ICMP_UNREACH_NET_UNKNOWN network is unknown
ICMP_UNREACH_HOST_UNKNOWN host is unknown
ICMP_UNREACH_ISOLATED host / network is isolated
ICMP_UNREACH_NET_PROHIB network is prohibited
ICMP_UNREACH_HOST_PROHIB host is prohibited
ICMP_UNREACH_TOSNET IP TOS and network
ICMP_UNREACH_TOSHOST IP TOS and host
ICMP_UNREACH_FILTER_PROHIB prohibitive filtering
ICMP_UNREACH_HOST_PRECEDENCE host precedence
ICMP_UNREACH_PRECEDENCE_CUTOFF host precedence cut-off

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the memory which is supposed to be pre-allocated points to NULL.


int libnet_build_icmp_timeexceed(u_char, u_char, u_short, u_char, u_short,
u_short, u_char, u_char, u_long, u_long, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - original IP length
4 - original IP TOS
5 - original IP id
6 - original IP fragmentation bits
7 - original IP time to live
8 - original IP protocol
9 - original IP source address
10 - original IP destination address
11 - pointer to original IP payload
12 - original IP payload size
13 - pointer to pre-allocated packet memory

libnet_build_icmp_timeexceed() contructs an ICMP_TIMEXCEED packet. This
function is identical to libnet_build_icmp_unreach with the exception of
the packet type and code. The packet type should be either
ICMP_TIMXCEED_INTRANS for packets that expired in transit (TTL expired) or
ICMP_TIMXCEED_REASS for packets that expired in the fragmentation
reassembly queue.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.


int libnet_build_icmp_redirect(u_char, u_char, u_long, u_short, u_char,
u_short, u_short, u_char, u_char, u_long, u_long, const u_char *, int,
u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - IP address of the gateway
4 - original IP length
5 - original IP TOS
6 - original IP id
7 - original IP fragmentation bits
8 - original IP time to live
9 - original IP protocol
10 - original IP source address
11 - original IP destination address
12 - pointer to original IP payload
13 - original IP payload size
14 - pointer to pre-allocated packet memory

libnet_build_icmp_redirect() constructs an ICMP_REDIRECT packet. This
function is similar to libnet_build_icmp_unreach, the differences being the
type and code and the addition of an argument to hold the IP address of the
gateway that should be used (hence the redirect). The packet type should be
ICMP_REDIRECT and the code should be one of the following:

Value Description
-----------------------------------
ICMP_UNREACH_NET redirect for network
ICMP_UNREACH_HOST redirect for host
ICMP_UNREACH_PROTOCOL redirect for type of service and network
ICMP_UNREACH_PORT redirect for type of service and host

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.


int libnet_build_icmp_timestamp(u_char, u_char, u_short, u_short, n_time,
n_time, n_time, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type (symbolic constant)
2 - packet code (symbolic constant)
3 - packet id
4 - packet sequence number
5 - originate timestamp
6 - receive timestamp
7 - transmit timestamp
8 - pointer to packet payload
9 - packet payload size
10 - pointer to pre-allocated packet memory

libnet_build_icmp_timestamp() constructs an ICMP_TSTAMP / ICMP_TSTAMPREPLY
packet. The packet type should be ICMP_TSTAMP or ICMP_TSTAMPREPLY and the
code should be 0.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 is no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.


int libnet_build_igmp(u_char type, u_char code, u_long ip, const u_char *,
int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet type
2 - packet code
3 - IP address
4 - pointer to packet payload
5 - packet payload size
6 - pointer to pre-allocated packet memory

libnet_build_igmp() constructs an IGMP packet. The packet type should be
one of the following:

Value Description
---------------------------------------
IGMP_MEMBERSHIP_QUERY membership query
IGMP_V1_MEMBERSHIP_REPORT version 1 membership report
IGMP_V2_MEMBERSHIP_REPORT version 2 membership report
IGMP_LEAVE_GROUP leave-group message

The code, which is a routing sub-message, should probably be left to 0,
unless you know what you're doing.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer which points to memory which is supposed to be pre-allocated
points to NULL.


int libnet_build_ip(u_short, u_char, u_short, u_short, u_char, u_char,
u_long, u_long, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - packet length (not including the IP header)
2 - type of service (symbolic constant)
3 - packet id
4 - fragmentation bits (symbolic constant) / offset
5 - time to live
6 - protocol (symbolic constant)
7 - source address
8 - destination address
9 - pointer to packet payload
10 - packet payload size
11 - pointer to pre-allocated packet memory

libnet_build_ip() constructs the mighty IP packet. The fragmentation field
may be 0 or contain some combination of the following:

Value Description
-------------------
IP_DF Don't fragment this datagram (this is only valid when alone)
IP_MF More fragments on the way (OR'd together with an offset value)

The IP_OFFMASK is used to retrieve the offset from the fragmentation field.

IP packets may be no larger than IP_MAXPACKET bytes.

The source and destination addresses need to be in network-byte order.

The payload interface should only be used to construct an arbitrary or
non-supported type IP datagram. To construct a TCP, UDP, or similar
type packet, use the relevant libnet_build function.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer to the memory which is supposed to be pre-allocated points
to NULL.


int libnet_build_rip(u_char, u_char, u_short, u_short, u_short, u_long,
u_long, u_long, u_long, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - command (symbolic constant)
2 - version (symbolic constant)
3 - routing domain (or zero)
4 - address family
5 - route tag (or zero)
6 - IP address
7 - netmask (or zero)
8 - next hop IP address (or zero)
9 - metric
10 - pointer to packet payload
11 - packet payload size
12 - pointer to pre-allocated packet memory

libnet_build_rip() constructs a RIP packet. Depending on the version of
RIP you are using, packet fields are slightly different. The following
chart highlights these differences:

Argument Version 1 Version 2
-----------------------------------------
first command command
second RIPVER_1 RIPVER_2
third zero routing domain
fourth address family address family
fifth zero route tag
sixth IP address IP address
seventh zero subnet mask
eighth zero next hop IP
ninth metric metric

The RIP commands should be one of the following:

Value Description
-------------------------------
RIPCMD_REQUEST RIP request
RIPCMD_RESPONSE RIP response
RIPCMD_TRACEON RIP tracing on
RIPCMD_TRACEOFF RIP tracing off
RIPCMD_POLL RIP polling
RIPCMD_POLLENTRY
RIPCMD_MAX

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer that points to memory which is supposed to be pre-allocated
points to NULL.


int libnet_build_tcp(u_short, u_short, u_long, u_long, u_char, u_short,
u_short, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - source port
2 - destination port
3 - sequence number
4 - acknowledgement number
5 - control flags (symbolic constant)
6 - window size
7 - urgent pointer
8 - pointer to packet payload
9 - packet payload size
10 - pointer to pre-allocated packet memory

libnet_build_tcp() constructs a TCP packet. The control flags should be
one or more of the following (OR'd together if need be):

Value Description
-----------------------
TH_URG urgent data is present
TH_ACK acknowledgement number field should be checked
TH_PSH push this data to the application as soon as possible
TH_RST reset the referenced connection
TH_SYN synchronize sequence numbers
TH_FIN finished sending data (sender)

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer to memory which is supposed to be pre-allocated points to NULL.


int libnet_build_udp(u_short, u_short, const u_char *, int, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - source port
2 - destination port
3 - pointer to packet payload
4 - packet payload size
5 - pointer to pre-allocated packet memory

libnet_build_udp() constructs a UDP packet. Please remember that UDP
checksums are considered mandatory by the host requirements RFC.

All libnet packet creation functions contain the same three terminal
arguments: a pointer to an optional payload (or NULL if no payload is to
be included), the size of the payload in bytes (or 0 if no payload is
included) and most importantly, a pointer to a pre-allocated block of
memory (which must be large enough to accommodate the entire ICMP_ECHO
packet).

The only way this (or any libnet_build) function will return an error is if
the pointer to memory which is supposed to be pre-allocated points to NULL.


int libnet_insert_ipo(struct ipoption *opt, u_char opt_len, u_char *buf);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an IP options structure (filled in)
2 - length of the options
3 - pointer to a complete IP datagram

libnet_insert_ipo() inserts IP options into a pre-built IP packet.
Supplied is a pointer to an ip options structure, the size of this options
list, and a pointer the pre-built packet. The options list should be
constructed as they will appear on the wire, as they are simply inserted
into the packet at the appropriate location.

The function returns -1 if the options would result in packet too large
(greater then 65535 bytes), or if the packet buffer is NULL. It is an
unchecked runtime error for the user to have not allocated enough heap
memory for the IP packet plus the IP options.


int libnet_insert_tcpo(struct tcpoption *, u_char, u_char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to an TCP options structure (filled in)
2 - length of the options
3 - pointer to a complete TCP packet

libnet_insert_tcpo() inserts TCP options into a pre-built IP/TCP packet.
Supplied is a pointer to a tcp options structure, the size of this options
list, and a pointer the pre-built packet. The options list should be
constructed as they will appear on the wire, as they are simply inserted
into the packet at the appropriate location.

The function returns -1 if the options would result in packet too large
(greater then 65535 bytes), if the packet isn't an IP/TCP packet, if the
options list if longer than 20 bytes, or if the packet buffer is NULL. It
is an unchecked runtime error for the user to have not allocated enough
heap memory for the IP/TCP packet plus the IP options.


Support Functions
-----------------

int libnet_seed_prand();

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: NA

libnet_seed_prand() seeds the pseudo-random number generator. The function
is basically a wrapper to srandom. It makes a call to gettimeofday to get
entropy. It can return -1 if the call to gettimeofday fails (check errno).
It otherwise returns 1.

u_long libnet_get_prand(int);

RV on success: 1
RV on failure: NA
Reentrant: yes
Arguments: 1 - maximum size of pseudo-random number desired (symbolic
constant)

libnet_get_prand() generates a psuedo-random number. The range of the
returned number is controlled by the function's only argument:

Value Description
-------------------
PR2 0 - 1
PR8 0 - 255
PR16 0 - 32767
PRu16 0 - 65535
PR32 0 - 2147483647
PRu32 0 - 4294967295

The function does not fail.


void libnet_hex_dump(u_char *buf, int len, int swap, FILE *stream);

RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - packet to dump
2 - packet length
3 - byte swap flag
4 - previously opened stream to dump to the packet to

libnet_hex_dump() prints out a packet in hexadecimal. It will print the
packet as it appears in memory, or as it will appear on the wire,
depending on the value of the byte-swap flag.

The function prints the packet to a previously opened stream (such as
stdout).

Note that on big-endian architectures such as Solaris, the packet will
appear the same in memory as it will on the wire.


int libnet_plist_chain_new(struct libnet_plist_chain **, char *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer
2 - pointer to the token list

libnet_plist_chain_new() constructs a new libnet port-list chain. A libnet
port-list chain is a fast and simple way of implementing port-list ranges
(useful for applications that employ a list of ports - like a port scanner).
You'll see naive implementations that allocate an entire array of 65535
bytes and fill in the desired ports one by one. However, we only really
need to store the beginning port and the ending port, and we can
efficiently store multiple port ranges (delimited by commas) by using a
linked list chain with each node holding the beginning and ending port for
a particular range. For example, The port range `1-1024` would occupy
one node with the beginning port being 1 and the ending port being 1024.
The port range `25,110-161,6000` would result in 3 nodes being allocated.
Single ports are taken as single ranges (port 25 ends up being 25-25).
A por

  
t list range without a terminating port (port_num - ) is
considered shorthand for (port_num - 65535).

The arguments are a pointer to libnet_plist_chain pointer (which will end
up being the head of the linked list) which needs to deference an allocated
libnet_plist_chain structure and pointer to the port-list (token-list)
itself.

The function checks this character port list for valid tokens
(1234567890,- ) and returns an error if an unrecognized token is
found.

Upon success the function returns 1, and head points to the newly formed
port-list (and also contains the number of nodes in the list. If an error
occurs (an unrecognized token is found or malloc fails) -1 is returned and
head is set to NULL.

libnet_plist_chain_next_pair() should be used to extract port list pairs.


int libnet_plist_chain_next_pair(struct libnet_plist_chain *, u_short *,
u_short *);

RV on success: 1, 0
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer
2 - pointer to the beginning port (to be filled in)
3 - pointer to the ending port (to be filled in)


libnet_plist_chain_next_pair() fetches the next pair of ports from the
list. The function takes a pointer to the head of the prebuilt list and a
pointer to a u_short that will contain the beginning port and a pointer to
a u_short that will contain the ending port.

The function returns 1 and fills in these values if there are nodes
remaining, or if the port list chain is exhausted, it returns 0. If
an error occurs (the libnet_plist_chain pointer is NULL) the function
returns -1.


int libnet_plist_chain_dump(struct libnet_plist_chain *);

RV on success: 1
RV on failure: -1
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer

libnet_plist_chain_dump() dumps the port-list chain referenced by the
argument. The function prints the list to stdout (it's mainly meant as a
debugging tool). It returns 1 upon success or if an error occurs (the
libnet_plist_chain pointer is NULL) the function returns -1.


u_char *libnet_plist_chain_dump_string(struct libnet_plist_chain *);

RV on success: pointer to the token list as a string
RV on failure: NULL
Reentrant: no
Arguments: 1 - pointer to a libnet_plist_chain pointer

libnet_plist_chain_dump_string() returns the port-list chain referenced by
the argument as a string. It returns the port list string upon success or
if an error occurs (the libnet_plist_chain pointer is NULL) the function
returns NULL.


void libnet_plist_chain_free(struct libnet_plist_chain *);

RV on success: NA
RV on failure: NA
Reentrant: yes
Arguments: 1 - pointer to a libnet_plist_chain pointer

libnet_plist_chain_free() frees the memory associated with the libnet
port list chain.


----[ 6] Conclusion

Libnet is a powerful and useful library. Use it well and you will prosper
and people will like you. Women will want you, men will want to be you (swap
genders as required).


----[ 7] URLs

Libnet Homepage: http://www.packetfactory.net/libnet
Libnet Project Page: http://www.packetfactory.net
Libnet Mailing List: libnet-subscribe@libnetdevel.com
(mailing list is, as of 09.09.99 down for unknown
reasons. It will be back up soon. Keep track of
it on the webpage.)
TracerX http://www.packetfactory.net/tracerx


----[ 8] References

[1] LBNL, Network Research Group, "libpcap", http://ee.lbl.gov
[2] Stevens, W. Richard, "UNIX Network Programming, vol. I, 2nd ed.",
Prentice Hall PTR, 1998
[3] Hanson, David R., "C Interfaces and Implementations", Addison-Wesley,
1997


----[ 9] Example code

No writ on a C library would be complete without C code. The following
heavily commented example is a work in progress. It's actually an
incomplete
program that we were working on called tracerx (a planned enhanced
traceroute -- http://www.packetfactory.net/tracerx).

The packet injection portion is complete and operational and
should prove to be a good example of how to write reasonably complex code
on top of libnet (and libpcap). Included is the current tracerx tree
including the autoconf files such that you can build it on your machine
and play with it.

<++> P55/Tracerx/tx_framework.c !a2064076
/*
* $Id: tx_framework.c,v 1.3 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* tx_framework.c - main tracerx toplevel routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_main.h"
#include "./tx_error.h"
#include "./tx_struct.h"
#include "./tx_framework.h"
#include "./tx_packet_inject.h"
#include "./tx_packet_capture.h"
#include "./tx_packet_filter.h"


int
tx_init_control(struct tx_control **tx_c)
{
/*
* Heap memory for the control structure.
*/

*tx_c = (struct tx_control *)malloc(sizeof(struct tx_control));
if (!(*tx_c))
{
return (-1);
}

/*
* Heap memory for the libnet link interface structure.
*/

(*tx_c)->l =
(struct libnet_link_int *)malloc(sizeof(struct libnet_link_int));
if (!((*tx_c)->l))
{
return (-1);
}

if (libnet_seed_prand() == -1)
{
tx_error(CRITICAL, "Can't initialize the random number generator\n");
return (-1);
}

/*
* Initialize defaults to mimic a standard traceroute scan.
*/

(*tx_c)->device = NULL; /* set later */
(*tx_c)->current_ttl = 1; /* start at 1 hop */
(*tx_c)->max_ttl = 30; /* end at 30 */
(*tx_c)->initial_sport = libnet_get_prand(PRu16);
(*tx_c)->initial_dport = 32768 + 666; /* standard tr */
(*tx_c)->id = getpid(); /* packet id */
(*tx_c)->use_name = 1; /* resolve IP addresses */
(*tx_c)->packet_size = PACKET_MIN; /* IP + UDP + payload */
(*tx_c)->ip_tos = 0; /* set later */
(*tx_c)->ip_df = 0; /* set later */
(*tx_c)->packet_offset = 0; /* set later */
(*tx_c)->protocol = IPPROTO_UDP; /* UDP */
(*tx_c)->probe_cnt = 3; /* 3 probes */
(*tx_c)->verbose = 0; /* Sssssh */
(*tx_c)->reading_wait = 5; /* 5 seconds */
(*tx_c)->writing_pause = 0; /* no writing pause */
(*tx_c)->host = 0; /* set later */
(*tx_c)->packets_sent = 0; /* set later */
(*tx_c)->packets_reply = 0; /* set later */
(*tx_c)->l = NULL; /* pcap descriptor */
(*tx_c)->p = NULL; /* libnet descriptor */
memset(&(*tx_c)->sin, 0, sizeof(struct sockaddr_in));

return (1);
}


int
tx_init_network(struct tx_control **tx_c, char *err_buf)
{
/*
* Set up the network interface and determine our outgoing IP address.
*/

if (libnet_select_device(&(*tx_c)->sin, &(*tx_c)->device, err_buf) == -1)
{
return (-1);
}

/*
* Open the libnet link-layer injection interface.
*/

(*tx_c)->l = libnet_open_link_interface((*tx_c)->device, err_buf);
if (!((*tx_c)->l))
{
return (-1);
}

/*
* Open the pcap packet capturing interface.
*/

(*tx_c)->p = pcap_open_live((*tx_c)->device, PCAP_BUFSIZ, 0, 500, err_buf);
if (!((*tx_c)->p))
{
return (-1);
}

/*
* Verify minimum packet size and set the pcap filter.
*/

switch ((*tx_c)->protocol)
{
case IPPROTO_UDP:
if ((*tx_c)->packet_size < IP_H + UDP_H + TX_P)
{
tx_error(WARNING,
"Packet size too small, adjusted from %d to %d\n",
(*tx_c)->packet_size,
IP_H + UDP_H + TX_P);
(*tx_c)->packet_size = IP_H + UDP_H + TX_P;
}
if (tx_set_pcap_filter(TX_BPF_FILTER_UDP, tx_c) == -1)
{
return (-1);
}
break;
case IPPROTO_TCP:
if ((*tx_c)->packet_size < IP_H + TCP_H + TX_P)
{
tx_error(WARNING,
"Packet size too small, adjusted from %d to %d\n",
(*tx_c)->packet_size,
IP_H + TCP_H + TX_P);
(*tx_c)->packet_size = IP_H + TCP_H + TX_P;
}
if (tx_set_pcap_filter(TX_BPF_FILTER_TCP, tx_c) == -1)
{
return (-1);
}
break;
case IPPROTO_ICMP:
if ((*tx_c)->packet_size < IP_H + ICMP_ECHO_H + TX_P)
{
tx_error(WARNING,
"Packet size too small, adjusted from %d to %d\n",
(*tx_c)->packet_size,
IP_H + ICMP_ECHO_H + TX_P);
(*tx_c)->packet_size = IP_H + ICMP_ECHO_H + TX_P;
}
if (tx_set_pcap_filter(TX_BPF_FILTER_ICMP, tx_c) == -1)
{
return (-1);
}
break;
default:
sprintf(err_buf, "Unknown protocol, can't set packetsize or filter\n");
return (-1);
}

/*
* Allocate packet header memory.
*/

if (libnet_init_packet(
(*tx_c)->packet_size + ETH_H, /* include space for link layer */
&(*tx_c)->tx_packet) == -1)
{
sprintf(err_buf, "libnet_init_packet: %s\n", strerror(errno));
return (-1);
}
return (1);
}


int
tx_do_scan(struct tx_control **tx_c)
{
int i, j;

/*
* Build a probe `template`. This template will be used for each
* probe sent and it will be updated each pass through the main loop.
*/

tx_packet_build_probe(tx_c);

/*
* Increment the hopcounter and update packet template.
*/

for (i = 0; i < (*tx_c)->max_ttl; i++)
{
/*
* Send a round of probes.
*/

for (j = 0; j < (*tx_c)->probe_cnt; j++)
{
tx_packet_inject(tx_c);
fprintf(stderr, ".");
}
tx_packet_update_probe(tx_c);
fprintf(stderr, "\n");
}
tx_error(FATAL, "Hopcount exceeded.\n");
return (1);
}


int
tx_shutdown(struct tx_control **tx_c)
{
pcap_close((*tx_c)->p);
libnet_close_link_interface((*tx_c)->l);
free((*tx_c)->l);
libnet_destroy_packet(&(*tx_c)->tx_packet);

free(*tx_c);
}
/* EOF */
<-->
<++> P55/Tracerx/tx_packet_build.c !3b3527d5
/*
* $Id: tx_packet_build.c,v 1.3 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* tx_packet_build.c - tracerx packet construction routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_main.h"
#include "./tx_error.h"
#include "./tx_struct.h"
#include "./tx_framework.h"
#include "./tx_packet_inject.h"
#include "./tx_packet_capture.h"

int
tx_packet_build_probe(struct tx_control **tx_c)
{
int i, c;
u_char errbuf[BUFSIZ];
struct ether_addr *local_mac, *remote_mac;
u_char DEBUG_ETHER[6] = {0x00, 0x10, 0x4b, 0x6b, 0x3c, 0x16};

/*
* Get the link layer addresses we'll need -- the local address of the
* outgoing interface and remote address of the host in question (this
* will actually be the first hop router).
*/

c = tx_get_hwaddrs(&local_mac, &remote_mac, tx_c, errbuf);
if (c == -1)
{
tx_error(FATAL, "tx_get_hwaddrs could not get an address %s.\n",
errbuf);
}

/*
* Build the ethernet header portion of the packet.
*/

libnet_build_ethernet(DEBUG_ETHER/*remote_mac.ether_addr_octet*/,
local_mac->ether_addr_octet,
ETHERTYPE_IP, /* This is an IP packet */
NULL, /* No payload */
0, /* No payload */
(*tx_c)->tx_packet); /* packet memory */

/*
* Build the IP header portion of the packet.
*/

libnet_build_ip((*tx_c)->packet_size - IP_H, /* IP packetlength */
(*tx_c)->ip_tos, /* IP type of service */
(*tx_c)->id, /* IP id */
(*tx_c)->ip_df, /* IP fragmentation bits */
(*tx_c)->current_ttl, /* IP time to live */
(*tx_c)->protocol, /* transport protocol */
(*tx_c)->sin.sin_addr.s_addr, /* source IP address */
(*tx_c)->host, /* destination IP */
NULL, /* IP payload */
0, /* IP payload size */
(*tx_c)->tx_packet + ETH_H); /* packet memory */

/*
* Build the transport header and payload portion of the packet.
*/

switch ((*tx_c)->protocol)
{
case IPPROTO_UDP:
tx_packet_build_udp(tx_c);
break;
case IPPROTO_TCP:
tx_packet_build_tcp(tx_c);
break;
case IPPROTO_ICMP:
tx_packet_build_icmp(tx_c);
break;
default:
tx_error(FATAL, "Unknown transport protocol\n");
}
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_IP, IP_H);
}


int
tx_packet_build_udp(struct tx_control **tx_c)
{
libnet_build_udp((*tx_c)->initial_sport, /* source UDP port */
(*tx_c)->initial_dport, /* dest UDP port */
NULL, /* payload (copied later) */
/* The UDP header needs to know the payload size. */
(*tx_c)->packet_size - IP_H - UDP_H,
(*tx_c)->tx_packet + ETH_H + IP_H); /* packet memory */

tx_packet_build_payload(tx_c, UDP_H);

libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_UDP,
(*tx_c)->packet_size - IP_H);
}


int
tx_packet_build_tcp(struct tx_control **tx_c)
{
libnet_build_tcp((*tx_c)->initial_sport, /* source TCP port */
(*tx_c)->initial_dport, /* dest TCP port */
libnet_get_prand(PRu32), /* sequence number */
0L, /* ACK number */
TH_SYN, /* control flags */
1024, /* window size */
0, /* urgent */
NULL, /* payload (do this later) */
0, /* later */
(*tx_c)->tx_packet + ETH_H + IP_H); /* packet memory */

tx_packet_build_payload(tx_c, TCP_H);

libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_TCP,
(*tx_c)->packet_size - IP_H);
}


int
tx_packet_build_icmp(struct tx_control **tx_c)
{
libnet_build_icmp_echo(ICMP_ECHO,
0,
0,
0,
NULL,
0,
(*tx_c)->tx_packet + ETH_H + IP_H);

tx_packet_build_payload(tx_c, ICMP_ECHO_H);

libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_ICMP,
(*tx_c)->packet_size - IP_H);
}


int
tx_packet_build_payload(struct tx_control **tx_c, int p_hdr_size)
{
struct timeval time0;
struct tx_payload *p;
struct libnet_ip_hdr *ip_hdr;
int payload_offset;

/*
* The payload is just beyond the transport header.
*/

payload_offset = ETH_H + IP_H + p_hdr_size;

if (gettimeofday(&time0, NULL) == -1)
{
tx_error(FATAL, "Can't get timing information\n");
}

ip_hdr = (struct libnet_ip_hdr *)((*tx_c)->tx_packet + ETH_H);
p = (struct tx_payload *)((*tx_c)->tx_packet + payload_offset);

/*
* This field is pretty much deprecated since we can keep track of
* packets by controlling the ip_id field, something traceroute could
* not do.
*/

p->seq = 0;

/*
* TTL packet left with.
*/

p->ttl = ip_hdr->ip_ttl;

/*
* RTT information.
*/

p->tv = time0;
}


int
tx_packet_update_probe(struct tx_control **tx_c)
{
struct libnet_ip_hdr *ip_hdr;

ip_hdr = (struct libnet_ip_hdr *)((*tx_c)->tx_packet + ETH_H);

/*
* Tracerx wouldn't be tracerx without a monotonically increasing IP
* TTL.
*/

ip_hdr->ip_ttl++;

switch ((*tx_c)->protocol)
{
case IPPROTO_TCP:
{
struct libnet_tcp_hdr *tcp_hdr;
tcp_hdr = (struct libnet_tcp_hdr *)((*tx_c)->tx_packet + ETH_H
+ IP_H);
if (!((*tx_c)->tx_flags & TX_STATIC_PORTS))
{
/*
* Increment destination port.
*/

tcp_hdr->th_dport = htons(ntohs(tcp_hdr->th_dport) + 1);
}
/*
* Update the payload information.
*/

tx_packet_build_payload(tx_c, TCP_H);
tcp_hdr->th_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_TCP,
(*tx_c)->packet_size - IP_H);
break;
}
case IPPROTO_UDP:
{
struct libnet_udp_hdr *udp_hdr;
udp_hdr = (struct libnet_udp_hdr *)((*tx_c)->tx_packet + ETH_H
+ IP_H);
if (!((*tx_c)->tx_flags & TX_STATIC_PORTS))
{
/*
* Increment destination port.
*/

udp_hdr->uh_dport = htons(ntohs(udp_hdr->uh_dport) + 1);
}
/*
* Update the payload information.
*/

tx_packet_build_payload(tx_c, UDP_H);
udp_hdr->uh_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_UDP,
(*tx_c)->packet_size - IP_H);
break;
}
case IPPROTO_ICMP:
{
struct libnet_icmp_hdr *icmp_hdr;
icmp_hdr = (struct libnet_icmp_hdr *)((*tx_c)->tx_packet + ETH_H
+ IP_H);
/*
* Update the payload information.
*/

tx_packet_build_payload(tx_c, ICMP_ECHO_H);
icmp_hdr->icmp_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_ICMP,
(*tx_c)->packet_size - IP_H);
break;
}
default:
tx_error(FATAL, "Unknown transport protocol\n");
}
ip_hdr->ip_sum = 0;
libnet_do_checksum((*tx_c)->tx_packet + ETH_H, IPPROTO_IP, IP_H);
}


/* EOF */
<-->
<++> P55/Tracerx/tx_packet_inject.c !788114b0
/*
* $Id: tx_packet_inject.c,v 1.3 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* tx_packet_inject.c - high-level packet injection routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_struct.h"
#include "./tx_framework.h"
#include "./tx_error.h"

int
tx_packet_inject(struct tx_control **tx_c)
{
int n;

n = libnet_write_link_layer(
(*tx_c)->l, /* pointer to the link interface */
(*tx_c)->device, /* the device to use */
(*tx_c)->tx_packet, /* the packet to inject */
(*tx_c)->packet_size + ETH_H); /* total packet size */

if (n != (*tx_c)->packet_size + ETH_H)
{
tx_error(CRITICAL, "Write error. Only wrote %d bytes\n", n);
}
}

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_verify.c !7f21675e
/*
* $Id$
*
* Tracerx
* tx_packet_verify.c - packet verification routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_struct.h"
#include "./tx_framework.h"
#include "./tx_error.h"
#include "./tx_packet_capture.h"


int
tx_packet_verify_udp(char *packet, struct tx_control **tx_c)
{
struct libnet_ip_hdr *ip_hdr;
struct libnet_icmp_hdr *icmp_hdr;

ip_hdr = (struct libnet_ip_hdr *)(packet + ETH_H);

/*
* A UDP scan is only interested in ICMP packets (or possibly a UDP
* packet -- terminal case only).
*/

if (ip_hdr->ip_p != IPPROTO_ICMP && ip_hdr->ip_p != IPPROTO_UDP)
{
return (TX_PACKET_IS_BORING);
}

icmp_hdr = (struct libnet_icmp_hdr *)(packet + ETH_H + IP_H);

switch (icmp_hdr->icmp_type)
{
case ICMP_UNREACH:
{
struct libnet_ip_hdr *o_ip_hdr;

if (ip_hdr->ip_src.s_addr == (*tx_c)->host)
{
/*
* This is an unreachable packet from our destination host.
* This has to be the terminal packet. The report module
* will need to know if it's a regular port unreachable
* message or perhaps some other type of unreachable..
*/

if (icmp_hdr->icmp_code == ICMP_UNREACH_PORT)
{
return (TX_PACKET_IS_TERMINAL);
}
else
{
return (TX_PACKET_IS_TERMINAL_EXOTIC);
}
}

/*
* Point to the original IP header inside the ICMP message's
* payload.
*/

o_ip_hdr = (struct libnet_ip_hdr *)(packet + ETH_H + IP_H +
ICMP_UNREACH_H);

if (ntohs(o_ip_hdr->ip_id) == (*tx_c)->id &&
o_ip_hdr->ip_src.s_addr ==
(*tx_c)->sin.sin_addr.s_addr)
{
/*
* The original IP header was sent by this host and contains
* our special ID field, so it's almost positively ours.
*/

return (TX_PACKET_IS_UNREACH_EN_ROUTE);
}
else
{
return (TX_PACKET_IS_BORING);
}
break;
}
case ICMP_TIMXCEED:

break;
default:
return (TX_PACKET_IS_BORING);
}
}


int
tx_packet_verify_tcp(char *packet, struct tx_control **tx_c)
{
}


int
tx_packet_verify_icmp(char *packet, struct tx_control **tx_c)
{
}

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_filter.c !df1a0488
/*
* $Id: tx_packet_filter.c,v 1.1 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* tx_packet_filter.c - packet filtering routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_struct.h"
#include "./tx_error.h"
#include "./tx_main.h"
#include "./tx_packet_filter.h"


int
tx_set_pcap_filter(char *filter, struct tx_control **tx_c)
{
struct bpf_program filter_code;
bpf_u_int32 local_net, netmask;
char err_buf[BUFSIZ];

/*
* We need the subnet mask to apply a filter.
*/

if (pcap_lookupnet((*tx_c)->device, &local_net, &netmask, err_buf) == -1)
{
tx_error(CRITICAL, "pcap_lookupnet: ", err_buf);
return (-1);
}

/*
* Compile the filter into bpf machine code.
*/

if (pcap_compile((*tx_c)->p, &filter_code, filter, 1, netmask) == -1)
{
tx_error(CRITICAL, "pcap_compile failed for some reason\n");
sprintf(err_buf, "unknown error\n");
return (-1);
}

/*
* Compile the filter into bpf machine code.
*/

if (pcap_setfilter((*tx_c)->p, &filter_code) == -1)
{
tx_error(CRITICAL, "pcap_setfilter: ", err_buf);
return (-1);
}
return (1);
}

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_capture.c !27092cf6
/*
* $Id: tx_packet_capture.c,v 1.2 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* tx_packet_capture.c - high-level packet capturing routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_struct.h"
#include "./tx_framework.h"
#include "./tx_error.h"
#include "./tx_packet_capture.h"

int
tx_packet_snatcher(struct tx_control **tx_c)
{
int n;
u_char *packet;
struct pcap_pkthdr pc_hdr;

/*
* Temporary looping construct until parallel code is in place.
*/

for (; packet = (u_char *)pcap_next((*tx_c)->p, &pc_hdr); )
{
/*
* Submit packet for verification based on scan type.
*/

switch ((*tx_c)->protocol)
{
case IPPROTO_UDP:
n = tx_packet_verify_udp(packet, tx_c);
break;
case IPPROTO_TCP:
n = tx_packet_verify_tcp(packet, tx_c);
break;
case IPPROTO_ICMP:
n = tx_packet_verify_icmp(packet, tx_c);
break;
}

/*
* Process the response from the verifier.
*/

switch (n)
{
case -1:
/* an error occured */
case TX_PACKET_IS_BORING:
/* not something we are not interested in */
break;
case TX_PACKET_IS_EXPIRED:
tx_report(TX_PACKET_IS_EXPIRED, packet, tx_c);
break;
case TX_PACKET_IS_TERMINAL:
tx_report(TX_PACKET_IS_TERMINAL, packet, tx_c);
break;
case TX_PACKET_IS_TERMINAL_EXOTIC:
tx_report(TX_PACKET_IS_TERMINAL_EXOTIC, packet, tx_c);
break;
case TX_PACKET_IS_UNREACH_EN_ROUTE:
tx_report(TX_PACKET_IS_UNREACH_EN_ROUTE, packet, tx_c);
break;
default:
break;
}
}
}


/* EOF */
<-->
<++> P55/Tracerx/tx_main.c !831e8153
/*
* $Id: tx_main.c,v 1.3 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* tx_main.c - main control logic
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_main.h"
#include "./tx_util.h"
#include "./version.h"
#include "./tx_struct.h"
#include "./tx_error.h"
#include "./tx_framework.h"

int
main(int argc, char *argv[])
{
int c,
have_protocol; /* Mediates combined usage of -I and -P */
u_char err_buf[BUFSIZ];
struct tx_control *tx_c;

/*
* Need to be root to open link layer devices.
*/

if (geteuid() && getuid())
{
tx_error(FATAL, "Pony up the privledgez (UID or EIUD == 0).\n");
}

/*
* Initialize control structure. This structure is used by just about
* every function in the program.
*/

if (tx_init_control(&tx_c) == -1)
{
tx_error(FATAL, "tx_init_control %s\n", strerror(errno));
}

/*
* Process commandline arguments.
*/

have_protocol = 0;
while ((c = getopt(argc, argv, "dFHhInrvxf:g:i:m:P:p:q:Ss:t:w:Vv")) != EOF)
{
switch (c)
{
case 'b':
/* Select burst rate */
tx_c->burst_rate = tx_str2int(optarg, "burst rate", 1,
BURST_RATE_MAX);
case 'D':
/* Set base TCP/UDP destination port number */
tx_c->initial_dport = tx_str2int(optarg, "initial dest port",
1, PORT_MAX);
break;
case 'd':
/* Socket level debugging (SO_DEBUG) */
/* NOOP */
break;
case 'F':
/* Set IP_DF (don't fragment) bit */
tx_c->ip_df = IP_DF;
break;
case 'f':
/* Set initial (first) IP TTL */
tx_c->current_ttl = tx_str2int(optarg, "initial TTL", 1,
IP_TTL_MAX);
break;
case 'g':
/* Loose source routing */
/* NOOP */
break;
case 'H':
/* Verbose help */
/* WRITEME */
case 'h':
/* Help */
usage(argv[0]);
case 'I':
/* Use ICMP */
/* Set transport protocol and transport header size */
/* Overruled by -P */
if (!have_protocol)
{
tx_c->protocol = tx_prot_select("ICMP", &tx_c);
}
break;
case 'i':
/* Interface */
tx_c->device = optarg;
break;
case 'm':
/* Max IP TTL */
tx_c->max_ttl = tx_str2int(optarg, "max TTL", 1,
IP_TTL_MAX);
break;
case 'n':
/* Do not resolve hostnames */
tx_c->use_name = 0;
break;
case 'P':
/* Set transport protocol and transport header size */
/* (supercedes -I) */
tx_c->protocol = tx_prot_select(optarg, &tx_c);
have_protocol = 1;
break;
case 'p':
/* Set base TCP/UDP destination port number */
tx_c->initial_dport = tx_str2int(optarg, "initial dest port",
1, PORT_MAX);
break;
case 'q':
/* Number of probes (queries) */
tx_c->probe_cnt = tx_str2int(optarg, "probe cnt", 1,
PROBE_MAX);
break;
case 'r':
/* Bypass routing sockets */
/* NOOP */
break;
case 'S':
/* Do not increment TCP/UDP port numbers (static) */
tx_c->tx_flags |= TX_STATIC_PORTS;
break;
case 's':
/* Set base TCP/UDP source port number */
tx_c->initial_sport = tx_str2int(optarg, "initial source port",
1, PORT_MAX);
break;
case 't':
/* Set IP_TOS (type of service) bits */
tx_c->ip_tos = tx_str2int(optarg, "IP tos", 0, 255);
break;
case 'V':
/* Version information */
fprintf(stderr, "\n%s\nversion %s\n", BANNER, version);
exit(EXIT_SUCCESS);
case 'v':
/* Verbose output */
tx_c->verbose = 1;
break;
case 'x':
/* Toggle checksums */
/* NOOP */
break;
case 'w':
/* Time to wait (in seconds) */
tx_c->reading_wait = tx_str2int(optarg, "read wait", 2,
WAIT_MAX);
break;
default:
usage(argv[0]);
}
}

/*
* Parse the command line for the destination host and possible
* packetlength.
*/

switch (argc - optind)
{
case 2:
/*
* User specified packetlength (optional). This will later
* be verified and adjusted if necessary.
*/

tx_c->packet_size = tx_str2int(argv[optind + 1], "packet length",
PACKET_MIN, PACKET_MAX);
/* FALLTHROUGH */
case 1:
/* Host (required). */
tx_c->host = libnet_name_resolve(argv[optind], 1);
if (tx_c->host == -1)
{
tx_error(FATAL, "Cannot resolve host IP address\n");
}
break;
default:
usage(argv[0]);
}

/*
* Bring up the network components.
*/

if (tx_init_network(&tx_c, err_buf) == -1)
{
tx_error(FATAL, "Cannot initialize the network: %s\n", err_buf);
}

/*
* Start the game!
*/

tx_do_scan(&tx_c);

/*
* Stop the game!
*/

tx_shutdown(&tx_c);

return (EXIT_SUCCESS);
}


void
usage(char *argv0)
{
fprintf(stderr,
"\nUsage : %s [options] host [packetlength]\n"
"\t\t [-b] burst rate\n"
"\t\t [-F] IP_DF\n"
"\t\t [-f] base IP TTL\n"
"\t\t [-g] loose source routing\n"
"\t\t [-H] verbose help\n"
"\t\t [-h] help\n"
"\t\t [-I] use ICMP\n"
"\t\t [-i] specify interface\n"
"\t\t [-m] max IP TTL (hopcount)\n"
"\t\t [-n] do not resolve IP addresses into hostnames\n"
"\t\t [-P] transport protocol (supercedes -I)\n"
"\t\t [-p] base TCP/UDP port number (destination)\n"
"\t\t [-q] number of probes\n"
"\t\t [-S] do not increment TCP/UDP port numbers (static)\n"
"\t\t [-s] base TCP/UDP port number (source)\n"
"\t\t [-t] IP TOS\n"
"\t\t [-V] version information\n"
"\t\t [-v] verbose output\n"
"\t\t [-w] wait (in seconds)\n"
"\n", argv0);
exit(EXIT_FAILURE);
}

/* EOF */
<-->
<++> P55/Tracerx/tx_report.c !04c69fdd
/*
* $Id: tx_report.c,v 1.1.1.1 1999/05/28 23:55:06 route Exp $
*
* Tracerx
* tx_report.c - reporting and printing module
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_struct.h"
#include "./tx_packet_capture.h"


void
tx_report(int class, u_char *packet, struct tx_control **tx_c)
{
switch (class)
{
case TX_PACKET_IS_EXPIRED:
break;
case TX_PACKET_IS_TERMINAL:
break;
case TX_PACKET_IS_UNREACH_EN_ROUTE:
break;
default:
break;
}
}

/* EOF */
<-->
<++> P55/Tracerx/tx_util.c !29dd0492
/*
* $Id: tx_util.c,v 1.2 1999/05/29 20:28:43 route Exp $
*
* Tracerx
* tx_util.c - various routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_main.h"
#include "./tx_struct.h"
#include "./tx_util.h"
#include "./tx_error.h"

int
tx_str2int(register const char *str, register const char *what,
register int min, register int max)
{
register const char *cp;
register int val;
char *ep;

if (str[0] == '0' && (str[1] == 'x' || str[1] == 'X'))
{
cp = str + 2;
val = (int)strtol(cp, &ep, 16);
}
else
{
val = (int)strtol(str, &ep, 10);
}

if (*ep != '\0')
{
tx_error(FATAL, "\"%s\" bad value for %s \n", str, what);
}
if (val < min && min >= 0)
{
if (min == 0)
{
tx_error(FATAL, "%s must be >= %d\n", what, min);
}
else
{
tx_error(FATAL, "%s must be > %d\n", what, min - 1);
}
}
if (val > max && max >= 0)
{
tx_error(FATAL, "%s must be <= %d\n", what, max);
}
return (val);
}


int
tx_prot_select(char *protocol, struct tx_control **tx_c)
{
char *supp_protocols[] = {"UDP", "TCP", "ICMP", 0};
int i;

for (i = 0; supp_protocols[i]; i++)
{
if ((!strcasecmp(supp_protocols[i], protocol)))
{
switch (i)
{
case 0:
/* UDP */
(*tx_c)->packet_size = IP_H + UDP_H + TX_P;
return (IPPROTO_UDP);
case 1:
/* TCP */
(*tx_c)->packet_size = IP_H + TCP_H + TX_P;
return (IPPROTO_TCP);
case 2:
/* ICMP */
(*tx_c)->packet_size = IP_H + ICMP_ECHO_H + TX_P;
return (IPPROTO_ICMP);
default:
tx_error(FATAL, "Unknown protocol: %s\n", protocol);
}
}
}
tx_error(FATAL, "Unknown protocol: %s\n", protocol);
/* UNREACHED (silences compiler warnings) */
return (-1);
}


int
tx_get_hwaddrs(struct ether_addr **l, struct ether_addr **r,
struct tx_control **tx_c, u_char *errbuf)
{
*l = get_hwaddr((*tx_c)->l, (*tx_c)->device, errbuf);
if (l == NULL)
{
return (-1);
}
}

/* EOF */
<-->
<++> P55/Tracerx/tx_error.c !1962d944
/*
* $Id: tx_error.c,v 1.1.1.1 1999/05/28 23:55:06 route Exp $
*
* Tracerx
* tx_error.c - error handling routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#if (HAVE_CONFIG_H)
#include "./config.h"
#endif
#include "./tx_main.h"
#include "./tx_error.h"

void
tx_error(int severity, char *msg, ...)
{
va_list ap;
char buf[BUFSIZ];

va_start(ap, msg);
vsnprintf(buf, sizeof(buf) - 1, msg, ap);

switch (severity)
{
case WARNING:
fprintf(stderr, "Warning: ");
break;
case CRITICAL:
fprintf(stderr, "Critical: ");
break;
case FATAL:
fprintf(stderr, "Fatal: ");
break;
}
fprintf(stderr, "%s", buf);
va_end(ap);

if (severity == FATAL)
{
exit(EXIT_FAILURE);
}
}
/* EOF */
<-->
<++> P55/Tracerx/tx_framework.h !4bc795bb
/*
* $Id: tx_framework.h,v 1.3 1999/06/03 22:06:52 route Exp $
*
* Tracerx
*
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Copyright (c) 1998 Mike D. Schiffman <mds@es2.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_TRACERX_H
#define _TX_TRACERX_H

#define TX_STATIC_PORTS 0x1

#define PACKET_MIN IP_H + UDP_H + TX_P
/* min packet size */
#define PACKET_MAX 1500 /* max packet size */
#define BURST_RATE_MAX 30 /* max burst rate */
#define IP_TTL_MAX 255 /* max IP TTL */
#define PORT_MAX 65535 /* max port */
#define PROBE_MAX 100 /* max probe count per round */
#define WAIT_MAX 360 /* max time to wait for responses */
#define PCAP_BUFSIZ 576 /* bytes per packet we can capture */

int
tx_init_control(
struct tx_control **
);

int
tx_init_network(
struct tx_control **,
char *
);

int
tx_do_scan(
struct tx_control **
);

int
tx_shutdown(
struct tx_control **
);

#endif /* _TX_TRACERX_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_build.h !6de4be5c
/*
* $Id: tx_packet_build.h,v 1.3 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* High-level packet construction routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Copyright (c) 1998 Mike D. Schiffman <mds@es2.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_PACKET_BUILD_H
#define _TX_PACKET_BUILD_H


int
tx_packet_build_probe(
struct tx_control **
);


int
tx_packet_build_payload(
struct tx_control **,
int
);


int
tx_packet_build_udp(
struct tx_control **
);


int
tx_packet_build_tcp(
struct tx_control **
);


int
tx_packet_build_icmp(
struct tx_control **
);


int
tx_packet_update_probe(
struct tx_control **
);

#endif /* _TX_PACKET_BUILD_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_inject.h !9b8fc656
/*
* $Id: tx_packet_inject.h,v 1.3 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* High-level packet injection routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Copyright (c) 1998 Mike D. Schiffman <mds@es2.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_PACKET_INJECT_H
#define _TX_PACKET_INJECT_H

int
tx_packet_inject(
struct tx_control **
);

#endif /* _TX_PACKET_INJECT_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_verify.h !a40d5aef
/*
* $Id$
*
* Tracerx
* packet verification routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_PACKET_VERIFY_H
#define _TX_PACKET_VERIFY_H


int
tx_packet_verify_udp(
char *,
struct tx_control **
);


int
tx_packet_verify_tcp(
char *,
struct tx_control **
);


int
tx_packet_verify_icmp(
char *,
struct tx_control **
);


#endif /* _TX_PACKET_VERIFY_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_filter.h !f4dbb92f
/*
* $Id: tx_packet_filter.h,v 1.1 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* packet filtering routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_PACKET_FILTER_H
#define _TX_PACKET_FILTER_H

/*
* Since we are not putting the interface into promiscuous mode, we don't
* need to sift through packets looking for our IP; this simplfies our
* filter language. For each scan type, we of course need to receive
* ICMP TTL expired in transit type messages (ICMP type 11).
* For UDP, our terminal packet is an unreachable (ICMP type 3).
* For TCP, our terminal packet is a TCP RST (or an RST/ACK).
* For ICMP, our terminal packet is an ICMP echo reply.
* However, for the last two, we need to be prepared for unreachables as
* network conditions are unpredictable.
*/


#define

  
TX_BPF_FILTER_UDP "icmp[0] == 11 or icmp[0] == 3"
#define TX_BPF_FILTER_TCP "icmp[0] == 11 or icmp[0] == 3 or tcp[14] == 0x12 \
or tcp[14] == 0x4 or tcp[14] == 0x14"

#define TX_BPF_FILTER_ICMP "icmp[0] == 11 or icmp[0] == 3 or icmp[0] == 0"

int
tx_set_pcap_filter(
char *, /* filter code to install */
struct tx_control **
);

#endif /* _TX_PACKET_FILTER_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_packet_capture.h !be216cbf
/*
* $Id: tx_packet_capture.h,v 1.1.1.1 1999/05/28 23:55:06 route Exp $
*
* Tracerx
* High-level packet injection routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Copyright (c) 1998 Mike D. Schiffman <mds@es2.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_PACKET_CAPTURE_H
#define _TX_PACKET_CAPTURE_H

#define TX_PACKET_IS_BORING 0
#define TX_PACKET_IS_EXPIRED 1
#define TX_PACKET_IS_TERMINAL 2
#define TX_PACKET_IS_TERMINAL_EXOTIC 3
#define TX_PACKET_IS_UNREACH_EN_ROUTE 4

int
tx_packet_snatcher(
struct tx_control **
);



#endif /* _TX_PACKET_CAPTURE_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_main.h !1526759a
/*
* $Id: tx_main.h,v 1.2 1999/05/29 20:28:42 route Exp $
*
* TracerX
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Copyright (c) 1998 Mike D. Schiffman <mds@es2.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _MAIN_H
#define _MAIN_H

#include <stdarg.h>
#include <pcap.h>
#include <libnet.h>

#define BANNER "TracerX (c) 1999 Mike D. Schiffman <mike@infonexus.com> and \
Jeremy F. Rauch\n<jrauch@cadre.org>. Distribution is unlimited provided due \
credit is given and no fee is charged.\n\nhttp://www.packetfactory.net/tracerx \
for more information.\n"


void
usage(
char *
);

#endif /* _MAIN_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_report.h !05ed6ef4
/*
* $Id$
*
* Tracerx
* Report generation routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_REPORT_H
#define _TX_REPORT_H

#include "./tx_struct.h"

void
tx_report(
int, /* The class of packet we are reporting on */
u_char *, /* The packet to report */
struct tx_control ** /* u know this one */
);


#endif /* _TX_REPORT_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_util.h !928f1bf7
/*
* $Id: tx_util.h,v 1.1.1.1 1999/05/28 23:55:06 route Exp $
*
* Tracerx
* Misc routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_UTIL_H
#define _TX_UTIL_H

#include "./tx_struct.h"

/*
* Converts a string into an integer, handling bounding errors.
* Accepts base 10 or base 16 numbers.
* Taken from traceroute and slightly modified.
* Exits with reason upon error.
*/

int /* The converted value */
tx_str2int(
register const char *, /* The string containing the value */
register const char *, /* The title of the value (for errors only) */
register int, /* Minimum value */
register int /* Maximum value */
);


int /* The protocol number */
tc_prot_select(
char *, /* The protocol from the command line */
struct tx_control ** /* U know.. */
);


int /* 1 == ok, -1 == err */
tx_get_hwaddrs(
struct ether_addr **, /* local ethernet addr (to be filled in) */
struct ether_addr **, /* remote ethernet addr (to be filled in) */
struct tx_control **, /* U know.. */
u_char * /* errbuf */
);

#endif /* _TX_UTIL_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_error.h !b56cc374
/*
* $Id: tx_error.h,v 1.1.1.1 1999/05/28 23:55:06 route Exp $
*
* Tracerx
* Error handling routines
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Copyright (c) 1998 Mike D. Schiffman <mds@es2.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. DEDICATED TO ARA.
*
*/


#ifndef _TX_ERROR_H
#define _TX_ERROR_H

#define WARNING 0x1
#define CRITICAL 0x2
#define FATAL 0x4

void
tx_error(
int,
char *,
...
);

#endif /* _TX_ERROR_H */

/* EOF */
<-->
<++> P55/Tracerx/tx_struct.h !20e7682d
/*
* $Id: tx_struct.h,v 1.2 1999/06/03 22:06:52 route Exp $
*
* Tracerx
* tracerx structure prototypes
*
* Copyright (c) 1999 Mike D. Schiffman <mike@infonexus.com>
* Jeremy F. Rauch <jrauch@cadre.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/


#ifndef _TX_STRUCT_H
#define _TX_STRUCT_H

#include <unistd.h>
#include <pcap.h>
#include <libnet.h>

/*
* Tracerx control structure.
*/


struct tx_control
{
u_char tx_flags; /* internal flags */
u_char *device; /* device to use */
u_char *tx_packet; /* pointer to the packet */
u_short ip_tos; /* IP type of service */
u_short ip_df; /* IP dont fragment */
u_short burst_rate; /* burst rate */
u_short current_ttl; /* current IP TTL */
u_short max_ttl; /* max IP TTL */
u_short initial_sport; /* initial source port */
u_short initial_dport; /* initial destination port */
u_short id; /* tracerx packet ID */
u_short use_name; /* use domain names or dotted decimals */
u_short packet_size; /* total packet size */
int packet_offset; /* IP packet offset */
int protocol; /* transport protocol in use */
int probe_cnt; /* number of probes to send per round */
int verbose; /* verbose mode */
int reading_wait; /* network reading wait */
int writing_pause; /* network writing pause */
u_long host; /* destination host */
u_long packets_sent; /* packets sent */
u_long packets_reply; /* packets we got replies back */
struct sockaddr_in sin; /* socket address structure */
struct libnet_link_int *l; /* libnet packet injection structure */
pcap_t *p; /* pcap packet listening structure */
};


/*
* Packet payload.
*/

struct tx_payload
{
u_char seq; /* packet sequence number */
u_char ttl; /* TTL packet injected with */
struct timeval tv; /* time vector */
};
#define TX_P sizeof(struct tx_payload)

#endif /* _TX_STRUCT_H */

/* EOF */
<-->
The following tarball contains the tracerx support files including the autoconf
files and documentation.
<++> P55/Tracerx/tracerx-package.tar.gz.uue !bddbaa9f
begin 644 tracerx-package.tar.gz

end
<-->

----[ EOF

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT