packet_via_dmem 0.0.0 → 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +72 -3
- data/lib/packet_via_dmem.rb +25 -9
- data/lib/packet_via_dmem/cli.rb +5 -2
- data/packet_via_dmem.gemspec +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8440c5a60e199124adc3d0324bf38437174fb6a3
|
|
4
|
+
data.tar.gz: 73eebe8936d415da89dbf6e61c1c2086d8fa050b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 16e295f2ce92ffba8b559bba2aaf92b7df0bc2e2754a72736e47b9ae3418c54b5695a74f7bc149123ab733af600d087d0e30d64e66d135c5d16066007da40097
|
|
7
|
+
data.tar.gz: b3180ed9bac4472230ca4b0bd421bd79043f5dbe321d0501431fe0f9df588d8a3862aaed6f538c7854e0797417ca6694363b22f8b366f8480cc429bf01594ed4
|
data/README.md
CHANGED
|
@@ -2,13 +2,16 @@
|
|
|
2
2
|
Finds junos packet-via-dmem packets from arbitrary output and generates text2pcap compatible output
|
|
3
3
|
|
|
4
4
|
## JunOS
|
|
5
|
+
To capture say packets with IP address 10.11.12.13
|
|
6
|
+
|
|
5
7
|
% ssh test2nqe31.dk|tee output.txt
|
|
6
8
|
fisakytt@test2nqe31-re1.dk> start shell pfe network afeb0
|
|
7
9
|
|
|
8
10
|
AFEB platform (1000Mhz QorIQ P2020 processor, 2048MB memory, 512KB flash)
|
|
9
11
|
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem enable
|
|
10
|
-
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem 0x3
|
|
11
|
-
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem 0x0
|
|
12
|
+
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem capture 0x3 0x0a0b0c0d
|
|
13
|
+
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem capture 0x0
|
|
14
|
+
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem dump
|
|
12
15
|
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem disable
|
|
13
16
|
|
|
14
17
|
|
|
@@ -65,6 +68,72 @@ Finds junos packet-via-dmem packets from arbitrary output and generates text2pca
|
|
|
65
68
|
dmem = PacketViaDMEM.new
|
|
66
69
|
puts dmem.parse File.read(ARGF[0])
|
|
67
70
|
|
|
71
|
+
|
|
72
|
+
## Header format
|
|
73
|
+
Potentially first is type
|
|
74
|
+
* 00 ?? ?? ?? source ??
|
|
75
|
+
* 10 ?? ?? ?? ?? ?? source ??
|
|
76
|
+
|
|
77
|
+
Example receive headers, MX480
|
|
78
|
+
00 0b 40 60 41 08
|
|
79
|
+
00 01 c0 70 81 08
|
|
80
|
+
00 02 40 70 81 08
|
|
81
|
+
00 02 c0 70 81 08
|
|
82
|
+
10 03 40 70 05 40 81 08
|
|
83
|
+
00 03 c0 70 81 08
|
|
84
|
+
00 06 40 70 81 08
|
|
85
|
+
00 07 c0 70 81 08
|
|
86
|
+
00 08 47 f0 20 00
|
|
87
|
+
00 09 45 f0 20 00
|
|
88
|
+
00 09 c7 f0 80 00
|
|
89
|
+
00 0b c0 70 81 08
|
|
90
|
+
10 0c 08 00 02 00 1f 00
|
|
91
|
+
00 00 c0 70 81 08
|
|
92
|
+
00 01 47 f0 80 00
|
|
93
|
+
00 04 40 60 41 08
|
|
94
|
+
10 04 c0 70 01 50 81 08
|
|
95
|
+
00 05 40 70 81 08
|
|
96
|
+
00 05 c0 70 81 08
|
|
97
|
+
00 06 c5 f0 20 00
|
|
98
|
+
10 07 08 00 02 00 1f 00
|
|
99
|
+
00 08 c0 70 81 08
|
|
100
|
+
00 0a 40 70 81 08
|
|
101
|
+
00 0a c0 70 81 08
|
|
102
|
+
00 0b 47 f0 20 00
|
|
103
|
+
00 01 c0 70 81 08
|
|
104
|
+
00 02 40 60 41 08
|
|
105
|
+
00 07 c7 f0 b0 80
|
|
106
|
+
|
|
107
|
+
Example receive headers, MX80
|
|
108
|
+
00 08 00 f0 81 08
|
|
109
|
+
10 08 80 f0 05 b4 81 08
|
|
110
|
+
10 09 00 f0 05 b4 81 08
|
|
111
|
+
10 09 80 f0 05 b4 81 08
|
|
112
|
+
00 0a 00 f0 92 08
|
|
113
|
+
10 0a 80 f0 05 b4 81 08
|
|
114
|
+
10 03 00 f0 05 b4 81 08
|
|
115
|
+
00 04 00 f0 81 08
|
|
116
|
+
10 04 80 f0 05 b4 81 08
|
|
117
|
+
10 05 00 f0 05 b4 81 08
|
|
118
|
+
10 05 80 f0 05 b4 81 08
|
|
119
|
+
00 06 00 f0 81 08
|
|
120
|
+
10 06 80 f0 05 b4 81 08
|
|
121
|
+
00 07 00 f0 80 08
|
|
122
|
+
10 07 80 f0 05 b4 81 08
|
|
123
|
+
10 0b 00 f0 02 28 81 08
|
|
124
|
+
|
|
125
|
+
TAZ-TBB-0(X vty)# show ixchip ifd
|
|
126
|
+
|
|
127
|
+
IFD IFD IX WAN Ing Queue Egr Queue
|
|
128
|
+
Index Name Id Port Rt/Ct/Be H/L
|
|
129
|
+
====== ========== ====== ====== ============== ======
|
|
130
|
+
148 ge-1/0/0 2 0 0/32/64 0/32
|
|
131
|
+
149 ge-1/0/1 2 1 1/33/65 1/33
|
|
132
|
+
166 ge-1/1/8 2 18 18/50/82 18/50
|
|
133
|
+
|
|
134
|
+
For this box, second to last byte, divmod 64, returns these ports, which are
|
|
135
|
+
correct port for source.
|
|
136
|
+
|
|
68
137
|
## Todo
|
|
69
138
|
1. correctly discover how many bytes need to be popped, perhaps by finding valid ethernet headers and ignore anything before?
|
|
70
|
-
1. reverse engineer header/cookie, at least figuring out which egress NPU is going to be used should be trivial
|
|
139
|
+
1. reverse engineer header/cookie, at least figuring out which fabric stream (And hence egress NPU) is going to be used should be trivial
|
data/lib/packet_via_dmem.rb
CHANGED
|
@@ -16,7 +16,8 @@ class PacketViaDMEM
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def parse str
|
|
19
|
-
|
|
19
|
+
packets = []
|
|
20
|
+
headers = []
|
|
20
21
|
@sc.string = str
|
|
21
22
|
while @sc.scan_until PACKET
|
|
22
23
|
match = @sc.matched.split(/\s+/)
|
|
@@ -24,25 +25,40 @@ class PacketViaDMEM
|
|
|
24
25
|
next if type == :received and (not @received or @received < 1)
|
|
25
26
|
next if type == :sent and (not @sent or @sent < 1)
|
|
26
27
|
@sc.scan_until(/\n/) if type == :received
|
|
27
|
-
type = type == :received ? @received : @sent
|
|
28
28
|
pkt = ''
|
|
29
29
|
while @sc.match?(/^0x/)
|
|
30
30
|
pkt << @sc.scan_until(/\n/).strip
|
|
31
31
|
end
|
|
32
|
-
pkt = parse_packet
|
|
33
|
-
|
|
32
|
+
pkt = parse_packet pkt
|
|
33
|
+
pop = get_pop(type, pkt)
|
|
34
|
+
header = pkt[0..pop-1]
|
|
35
|
+
pkt = pkt[pop..-1]
|
|
36
|
+
if pkt
|
|
37
|
+
packets << '000000 ' + pkt.join(' ')
|
|
38
|
+
headers << header.join(' ')
|
|
39
|
+
end
|
|
34
40
|
end
|
|
35
|
-
|
|
41
|
+
[packets, headers]
|
|
36
42
|
end
|
|
37
43
|
|
|
38
44
|
private
|
|
39
45
|
|
|
40
|
-
def
|
|
46
|
+
def get_pop type, pkt
|
|
47
|
+
if type == :sent
|
|
48
|
+
@sent
|
|
49
|
+
else
|
|
50
|
+
case pkt.first.to_i(16)
|
|
51
|
+
when 0x0 then 6 #1,2,3,4,5,6
|
|
52
|
+
when 0x10 then 8 #1,2,3,4,7,8,5,6
|
|
53
|
+
else @received
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def parse_packet pkt
|
|
41
59
|
pkt = pkt.gsub(/0x/, '')
|
|
42
60
|
pkt = pkt.gsub(/\s+/, '')
|
|
43
61
|
pkt = pkt.scan(/../)
|
|
44
|
-
|
|
45
|
-
rescue
|
|
46
|
-
nil
|
|
62
|
+
pkt
|
|
47
63
|
end
|
|
48
64
|
end
|
data/lib/packet_via_dmem/cli.rb
CHANGED
|
@@ -11,7 +11,7 @@ class PacketViaDMEM
|
|
|
11
11
|
@opts = opts_parse
|
|
12
12
|
@debug = @opts.debug?
|
|
13
13
|
end
|
|
14
|
-
|
|
14
|
+
|
|
15
15
|
def run
|
|
16
16
|
file = @opts.arguments.shift
|
|
17
17
|
raise NoFile, 'filename is mandatory argument' unless file
|
|
@@ -20,7 +20,9 @@ class PacketViaDMEM
|
|
|
20
20
|
rescue
|
|
21
21
|
raise InvalidFile, "unable to read #{file}"
|
|
22
22
|
end
|
|
23
|
-
|
|
23
|
+
packets, headers = PacketViaDMEM.new(:received=>@opts[:received], :sent=>@opts[:sent]).parse file
|
|
24
|
+
$stderr.puts headers if @opts.headers?
|
|
25
|
+
puts packets
|
|
24
26
|
end
|
|
25
27
|
|
|
26
28
|
private
|
|
@@ -28,6 +30,7 @@ class PacketViaDMEM
|
|
|
28
30
|
def opts_parse
|
|
29
31
|
Slop.parse do |o|
|
|
30
32
|
o.bool '-d', '--debug', 'turn on debugging'
|
|
33
|
+
o.bool '--headers', 'print headers to stderr'
|
|
31
34
|
o.int '-r', '--received', "pop BYTES from received frames, default #{PacketViaDMEM::HEADER_SIZE[:received]}", :default=>PacketViaDMEM::HEADER_SIZE[:received]
|
|
32
35
|
o.int '-s', '--sent', "pop BYTES from senti frames, default is not to show sent frames"
|
|
33
36
|
o.on '-h', '--help' do puts o; exit; end
|
data/packet_via_dmem.gemspec
CHANGED