packet_via_dmem 0.0.0 → 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +72 -3
- data/lib/packet_via_dmem.rb +25 -9
- data/lib/packet_via_dmem/cli.rb +5 -2
- data/packet_via_dmem.gemspec +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8440c5a60e199124adc3d0324bf38437174fb6a3
|
|
4
|
+
data.tar.gz: 73eebe8936d415da89dbf6e61c1c2086d8fa050b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 16e295f2ce92ffba8b559bba2aaf92b7df0bc2e2754a72736e47b9ae3418c54b5695a74f7bc149123ab733af600d087d0e30d64e66d135c5d16066007da40097
|
|
7
|
+
data.tar.gz: b3180ed9bac4472230ca4b0bd421bd79043f5dbe321d0501431fe0f9df588d8a3862aaed6f538c7854e0797417ca6694363b22f8b366f8480cc429bf01594ed4
|
data/README.md
CHANGED
|
@@ -2,13 +2,16 @@
|
|
|
2
2
|
Finds junos packet-via-dmem packets from arbitrary output and generates text2pcap compatible output
|
|
3
3
|
|
|
4
4
|
## JunOS
|
|
5
|
+
To capture say packets with IP address 10.11.12.13
|
|
6
|
+
|
|
5
7
|
% ssh test2nqe31.dk|tee output.txt
|
|
6
8
|
fisakytt@test2nqe31-re1.dk> start shell pfe network afeb0
|
|
7
9
|
|
|
8
10
|
AFEB platform (1000Mhz QorIQ P2020 processor, 2048MB memory, 512KB flash)
|
|
9
11
|
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem enable
|
|
10
|
-
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem 0x3
|
|
11
|
-
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem 0x0
|
|
12
|
+
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem capture 0x3 0x0a0b0c0d
|
|
13
|
+
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem capture 0x0
|
|
14
|
+
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem dump
|
|
12
15
|
MX104-ABB-0(test2nqe31-re1.dk vty)# test jnh 0 packet-via-dmem disable
|
|
13
16
|
|
|
14
17
|
|
|
@@ -65,6 +68,72 @@ Finds junos packet-via-dmem packets from arbitrary output and generates text2pca
|
|
|
65
68
|
dmem = PacketViaDMEM.new
|
|
66
69
|
puts dmem.parse File.read(ARGF[0])
|
|
67
70
|
|
|
71
|
+
|
|
72
|
+
## Header format
|
|
73
|
+
Potentially first is type
|
|
74
|
+
* 00 ?? ?? ?? source ??
|
|
75
|
+
* 10 ?? ?? ?? ?? ?? source ??
|
|
76
|
+
|
|
77
|
+
Example receive headers, MX480
|
|
78
|
+
00 0b 40 60 41 08
|
|
79
|
+
00 01 c0 70 81 08
|
|
80
|
+
00 02 40 70 81 08
|
|
81
|
+
00 02 c0 70 81 08
|
|
82
|
+
10 03 40 70 05 40 81 08
|
|
83
|
+
00 03 c0 70 81 08
|
|
84
|
+
00 06 40 70 81 08
|
|
85
|
+
00 07 c0 70 81 08
|
|
86
|
+
00 08 47 f0 20 00
|
|
87
|
+
00 09 45 f0 20 00
|
|
88
|
+
00 09 c7 f0 80 00
|
|
89
|
+
00 0b c0 70 81 08
|
|
90
|
+
10 0c 08 00 02 00 1f 00
|
|
91
|
+
00 00 c0 70 81 08
|
|
92
|
+
00 01 47 f0 80 00
|
|
93
|
+
00 04 40 60 41 08
|
|
94
|
+
10 04 c0 70 01 50 81 08
|
|
95
|
+
00 05 40 70 81 08
|
|
96
|
+
00 05 c0 70 81 08
|
|
97
|
+
00 06 c5 f0 20 00
|
|
98
|
+
10 07 08 00 02 00 1f 00
|
|
99
|
+
00 08 c0 70 81 08
|
|
100
|
+
00 0a 40 70 81 08
|
|
101
|
+
00 0a c0 70 81 08
|
|
102
|
+
00 0b 47 f0 20 00
|
|
103
|
+
00 01 c0 70 81 08
|
|
104
|
+
00 02 40 60 41 08
|
|
105
|
+
00 07 c7 f0 b0 80
|
|
106
|
+
|
|
107
|
+
Example receive headers, MX80
|
|
108
|
+
00 08 00 f0 81 08
|
|
109
|
+
10 08 80 f0 05 b4 81 08
|
|
110
|
+
10 09 00 f0 05 b4 81 08
|
|
111
|
+
10 09 80 f0 05 b4 81 08
|
|
112
|
+
00 0a 00 f0 92 08
|
|
113
|
+
10 0a 80 f0 05 b4 81 08
|
|
114
|
+
10 03 00 f0 05 b4 81 08
|
|
115
|
+
00 04 00 f0 81 08
|
|
116
|
+
10 04 80 f0 05 b4 81 08
|
|
117
|
+
10 05 00 f0 05 b4 81 08
|
|
118
|
+
10 05 80 f0 05 b4 81 08
|
|
119
|
+
00 06 00 f0 81 08
|
|
120
|
+
10 06 80 f0 05 b4 81 08
|
|
121
|
+
00 07 00 f0 80 08
|
|
122
|
+
10 07 80 f0 05 b4 81 08
|
|
123
|
+
10 0b 00 f0 02 28 81 08
|
|
124
|
+
|
|
125
|
+
TAZ-TBB-0(X vty)# show ixchip ifd
|
|
126
|
+
|
|
127
|
+
IFD IFD IX WAN Ing Queue Egr Queue
|
|
128
|
+
Index Name Id Port Rt/Ct/Be H/L
|
|
129
|
+
====== ========== ====== ====== ============== ======
|
|
130
|
+
148 ge-1/0/0 2 0 0/32/64 0/32
|
|
131
|
+
149 ge-1/0/1 2 1 1/33/65 1/33
|
|
132
|
+
166 ge-1/1/8 2 18 18/50/82 18/50
|
|
133
|
+
|
|
134
|
+
For this box, second to last byte, divmod 64, returns these ports, which are
|
|
135
|
+
correct port for source.
|
|
136
|
+
|
|
68
137
|
## Todo
|
|
69
138
|
1. correctly discover how many bytes need to be popped, perhaps by finding valid ethernet headers and ignore anything before?
|
|
70
|
-
1. reverse engineer header/cookie, at least figuring out which egress NPU is going to be used should be trivial
|
|
139
|
+
1. reverse engineer header/cookie, at least figuring out which fabric stream (And hence egress NPU) is going to be used should be trivial
|
data/lib/packet_via_dmem.rb
CHANGED
|
@@ -16,7 +16,8 @@ class PacketViaDMEM
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def parse str
|
|
19
|
-
|
|
19
|
+
packets = []
|
|
20
|
+
headers = []
|
|
20
21
|
@sc.string = str
|
|
21
22
|
while @sc.scan_until PACKET
|
|
22
23
|
match = @sc.matched.split(/\s+/)
|
|
@@ -24,25 +25,40 @@ class PacketViaDMEM
|
|
|
24
25
|
next if type == :received and (not @received or @received < 1)
|
|
25
26
|
next if type == :sent and (not @sent or @sent < 1)
|
|
26
27
|
@sc.scan_until(/\n/) if type == :received
|
|
27
|
-
type = type == :received ? @received : @sent
|
|
28
28
|
pkt = ''
|
|
29
29
|
while @sc.match?(/^0x/)
|
|
30
30
|
pkt << @sc.scan_until(/\n/).strip
|
|
31
31
|
end
|
|
32
|
-
pkt = parse_packet
|
|
33
|
-
|
|
32
|
+
pkt = parse_packet pkt
|
|
33
|
+
pop = get_pop(type, pkt)
|
|
34
|
+
header = pkt[0..pop-1]
|
|
35
|
+
pkt = pkt[pop..-1]
|
|
36
|
+
if pkt
|
|
37
|
+
packets << '000000 ' + pkt.join(' ')
|
|
38
|
+
headers << header.join(' ')
|
|
39
|
+
end
|
|
34
40
|
end
|
|
35
|
-
|
|
41
|
+
[packets, headers]
|
|
36
42
|
end
|
|
37
43
|
|
|
38
44
|
private
|
|
39
45
|
|
|
40
|
-
def
|
|
46
|
+
def get_pop type, pkt
|
|
47
|
+
if type == :sent
|
|
48
|
+
@sent
|
|
49
|
+
else
|
|
50
|
+
case pkt.first.to_i(16)
|
|
51
|
+
when 0x0 then 6 #1,2,3,4,5,6
|
|
52
|
+
when 0x10 then 8 #1,2,3,4,7,8,5,6
|
|
53
|
+
else @received
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def parse_packet pkt
|
|
41
59
|
pkt = pkt.gsub(/0x/, '')
|
|
42
60
|
pkt = pkt.gsub(/\s+/, '')
|
|
43
61
|
pkt = pkt.scan(/../)
|
|
44
|
-
|
|
45
|
-
rescue
|
|
46
|
-
nil
|
|
62
|
+
pkt
|
|
47
63
|
end
|
|
48
64
|
end
|
data/lib/packet_via_dmem/cli.rb
CHANGED
|
@@ -11,7 +11,7 @@ class PacketViaDMEM
|
|
|
11
11
|
@opts = opts_parse
|
|
12
12
|
@debug = @opts.debug?
|
|
13
13
|
end
|
|
14
|
-
|
|
14
|
+
|
|
15
15
|
def run
|
|
16
16
|
file = @opts.arguments.shift
|
|
17
17
|
raise NoFile, 'filename is mandatory argument' unless file
|
|
@@ -20,7 +20,9 @@ class PacketViaDMEM
|
|
|
20
20
|
rescue
|
|
21
21
|
raise InvalidFile, "unable to read #{file}"
|
|
22
22
|
end
|
|
23
|
-
|
|
23
|
+
packets, headers = PacketViaDMEM.new(:received=>@opts[:received], :sent=>@opts[:sent]).parse file
|
|
24
|
+
$stderr.puts headers if @opts.headers?
|
|
25
|
+
puts packets
|
|
24
26
|
end
|
|
25
27
|
|
|
26
28
|
private
|
|
@@ -28,6 +30,7 @@ class PacketViaDMEM
|
|
|
28
30
|
def opts_parse
|
|
29
31
|
Slop.parse do |o|
|
|
30
32
|
o.bool '-d', '--debug', 'turn on debugging'
|
|
33
|
+
o.bool '--headers', 'print headers to stderr'
|
|
31
34
|
o.int '-r', '--received', "pop BYTES from received frames, default #{PacketViaDMEM::HEADER_SIZE[:received]}", :default=>PacketViaDMEM::HEADER_SIZE[:received]
|
|
32
35
|
o.int '-s', '--sent', "pop BYTES from senti frames, default is not to show sent frames"
|
|
33
36
|
o.on '-h', '--help' do puts o; exit; end
|
data/packet_via_dmem.gemspec
CHANGED