[英]ip4 packet assembled as ip6 - libnet
我編寫了一個C程序,該程序從鏈路層開始創建一個TCP / IPv4數據包。 該程序的目標是使用開放套接字(原始端口或僅是流套接字)接收單個數據包。 該數據包包括一個以太網頭,一個tcp頭和ipv4:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <libnet.h>
#include <time.h>
uint8_t *randmac(); //creates my random source-mac, shady I know but I got
//tired of typing in the same input over and over
void gateway(); //gets my standart gateway i.e. the router (as far as
//I understand the ethernet layer is for the router
//and tcp and ip for the rest of the net.)
int main() {
uint32_t src, dst, seq, ack;
char payload[1024], destip[16];
uint16_t sp = 2001, dp = 2000;
libnet_ptag_t tcp;
libnet_ptag_t ip4;
libnet_ptag_t eth;
char errbuf[LIBNET_ERRBUF_SIZE];
int i, bytes;
uint8_t *dstmc; //destination mac address (router)
uint8_t *smc; //source mac address
int len;
libnet_t * l;
l = libnet_init(LIBNET_LINK, NULL, errbuf);
if(l == NULL)
//getting the destination ip-address, works all right...
//payload is fine too
smc = malloc(6);
gatemac = malloc(6);
libnet_seed_prand(l);
src = libnet_get_prand(LIBNET_PRu32);
seq = 0;
ack = libnet_get_prand(LIBNET_PRu32);
dst = libnet_name2addr4(l, destip, LIBNET_DONT_RESOLVE);
smc = randmac();
gateway();
//getting the rest of the required addresses etc, works as well...
tcp = libnet_build_tcp(sp, dp, seq, ack, TH_SYN, 0, 0, 0, LIBNET_TCP_H +
sizeof(payload),(uint8_t *) payload, sizeof(payload), l, 0);
if(tcp == -1)
printf("(1)unable because: %s\n", libnet_geterror(l));
perror("libnet_build_tcp()");
ip4 = libnet_build_ipv4(LIBNET_TCP_H + LIBNET_IPV4_H + sizeof(payload),
IPPROTO_TCP, 1, 1024, 60, 0, 0, src, dst, NULL, 0, l, 0); //or (uint8_t)
if(ip4 == -1)
printf("(2)unable because: %s\n", libnet_geterror(l));
perror("libnet_build_ipv4()");
eth = libnet_build_ethernet(gatemac, smc, ETHERTYPE_IP, NULL, 0, l, 0);
if(eth == -1)
printf("(3) unable because: %s\n", libnet_geterror(l));
perror("libnet_build_ethernet()");
bytes = libnet_write(l);
//error handling
}
程序本身可以正常工作,沒有錯誤,數據包被寫入等等。 但有趣的是:我無法通過任何原始或ipv4套接字接收它們。 因此,我打開了tcpdump,以查看數據包是否甚至都已發送,結果如下:
13:43:24.003324 IP 74.253.145.81 > 192.168.88.130: hopopt
13:43:27.007860 IP 74.253.145.81 > 192.168.88.130: hopopt
//Random source address, I also sent multiple packets to eliminate the
//chances of missing them.
//There is also no doubt that these are truly my programmed packets due to
//their number and random addresses.
我進行了一些研究,發現“ hopopt”代表ipv6使用的逐跳擴展頭。 為什么當我清楚地使用libnet_build_ipv4()函數時會發生這種情況。 仍然有一種方法可以正確接收這些單個數據包,或者只是使其變為普通的ipv4?
看起來,好像您沒有對libnet_build_ipv4
使用正確的參數libnet_build_ipv4
:
ip4 = libnet_build_ipv4(LIBNET_TCP_H + LIBNET_IPV4_H + sizeof(payload),
IPPROTO_TCP,1、1024、60、0、0,src,dst,NULL,0,l,0);
正確的順序是:
libnet_ptag_t libnet_build_ipv4 (u_int16_t len,
u_int8_t tos, u_int16_t id, u_int16_t frag,
u_int8_t ttl, u_int8_t prot, u_int16_t sum,
u_int32_t src, u_int32_t dst, u_int8_t * payload,
u_int32_t payload_s, libnet_t * l, libnet_ptag_t ptag);
因此,您的第六個參數(prot)為0
,與您在tcpdump中觀察到的逐跳選項(hopopt)完全對應。
您可能想要類似的東西:
ip4 = libnet_build_ipv4(LIBNET_TCP_H + LIBNET_IPV4_H + sizeof(payload), //len
0, // tos
1234, // some id
0, // No fragment
0x40, // Standard TTL (64)
IPPROTO_TCP, // Next protocol goes here
0, // Checksum, auto-filled?
src, // IP source address
dst, // IP destination address
NULL, // payload
0, // payload length
l, // libnet handle
0 // ptag
);
如果您固定參數的順序,它應該可以正常工作! 另請參見libnet 教程
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.