packetfu 1.1.10 → 1.1.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +2 -0
- data/.gitignore +3 -0
- data/.travis.yml +8 -0
- data/CONTRIBUTING.md +47 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +1 -1
- data/README.rdoc +35 -30
- data/Rakefile +4 -4
- data/bench/octets.rb +9 -9
- data/examples/100kpackets.rb +12 -12
- data/examples/ackscan.rb +16 -16
- data/examples/arp.rb +35 -35
- data/examples/arphood.rb +36 -36
- data/examples/dissect_thinger.rb +6 -6
- data/examples/new-simple-stats.rb +23 -23
- data/examples/packetfu-shell.rb +25 -25
- data/examples/simple-sniffer.rb +9 -9
- data/examples/simple-stats.rb +23 -23
- data/examples/slammer.rb +3 -3
- data/gem-public_cert.pem +21 -0
- data/lib/packetfu.rb +149 -127
- data/lib/packetfu/capture.rb +169 -169
- data/lib/packetfu/config.rb +52 -52
- data/lib/packetfu/inject.rb +56 -56
- data/lib/packetfu/packet.rb +531 -528
- data/lib/packetfu/pcap.rb +579 -579
- data/lib/packetfu/protos/arp.rb +90 -90
- data/lib/packetfu/protos/arp/header.rb +158 -158
- data/lib/packetfu/protos/arp/mixin.rb +36 -36
- data/lib/packetfu/protos/eth.rb +44 -44
- data/lib/packetfu/protos/eth/header.rb +243 -243
- data/lib/packetfu/protos/eth/mixin.rb +3 -3
- data/lib/packetfu/protos/hsrp.rb +69 -69
- data/lib/packetfu/protos/hsrp/header.rb +107 -107
- data/lib/packetfu/protos/hsrp/mixin.rb +29 -29
- data/lib/packetfu/protos/icmp.rb +71 -71
- data/lib/packetfu/protos/icmp/header.rb +82 -82
- data/lib/packetfu/protos/icmp/mixin.rb +14 -14
- data/lib/packetfu/protos/invalid.rb +49 -49
- data/lib/packetfu/protos/ip.rb +69 -69
- data/lib/packetfu/protos/ip/header.rb +291 -291
- data/lib/packetfu/protos/ip/mixin.rb +40 -40
- data/lib/packetfu/protos/ipv6.rb +50 -50
- data/lib/packetfu/protos/ipv6/header.rb +188 -188
- data/lib/packetfu/protos/ipv6/mixin.rb +29 -29
- data/lib/packetfu/protos/tcp.rb +176 -176
- data/lib/packetfu/protos/tcp/ecn.rb +35 -35
- data/lib/packetfu/protos/tcp/flags.rb +74 -74
- data/lib/packetfu/protos/tcp/header.rb +268 -268
- data/lib/packetfu/protos/tcp/hlen.rb +32 -32
- data/lib/packetfu/protos/tcp/mixin.rb +46 -46
- data/lib/packetfu/protos/tcp/option.rb +321 -321
- data/lib/packetfu/protos/tcp/options.rb +95 -95
- data/lib/packetfu/protos/tcp/reserved.rb +35 -35
- data/lib/packetfu/protos/udp.rb +159 -123
- data/lib/packetfu/protos/udp/header.rb +91 -91
- data/lib/packetfu/protos/udp/mixin.rb +3 -3
- data/lib/packetfu/structfu.rb +280 -280
- data/lib/packetfu/utils.rb +292 -225
- data/lib/packetfu/version.rb +41 -41
- data/packetfu.gemspec +14 -3
- data/spec/arp_spec.rb +191 -0
- data/spec/eth_spec.rb +148 -0
- data/spec/icmp_spec.rb +97 -0
- data/spec/ip_spec.rb +78 -0
- data/spec/ipv6_spec.rb +81 -0
- data/spec/packet_spec.rb +61 -59
- data/spec/packet_subclasses_spec.rb +9 -10
- data/spec/packetfu_spec.rb +55 -62
- data/spec/sample3.pcap +0 -0
- data/spec/spec_helper.rb +44 -0
- data/spec/structfu_spec.rb +270 -271
- data/spec/tcp_spec.rb +76 -77
- data/spec/udp_spec.rb +32 -0
- data/spec/utils_spec.rb +95 -0
- data/test/all_tests.rb +14 -17
- data/test/func_lldp.rb +3 -3
- data/test/ptest.rb +2 -2
- data/test/test_capture.rb +45 -45
- data/test/test_eth.rb +70 -68
- data/test/test_hsrp.rb +9 -9
- data/test/test_inject.rb +18 -18
- data/test/test_invalid.rb +16 -16
- data/test/test_octets.rb +23 -21
- data/test/test_packet.rb +156 -154
- data/test/test_pcap.rb +172 -170
- data/test/test_structfu.rb +99 -97
- data/test/test_tcp.rb +322 -320
- data/test/test_udp.rb +78 -76
- metadata +108 -44
- metadata.gz.sig +2 -0
- data/spec/ethpacket_spec.rb +0 -74
- data/test/test_arp.rb +0 -135
- data/test/test_icmp.rb +0 -62
- data/test/test_ip.rb +0 -50
- data/test/test_ip6.rb +0 -68
data/lib/packetfu/utils.rb
CHANGED
@@ -1,233 +1,300 @@
|
|
1
1
|
# -*- coding: binary -*-
|
2
2
|
require 'singleton'
|
3
3
|
require 'timeout'
|
4
|
+
require 'network_interface'
|
5
|
+
|
4
6
|
module PacketFu
|
5
7
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
8
|
+
# Utils is a collection of various and sundry network utilities that are useful for packet
|
9
|
+
# manipulation.
|
10
|
+
class Utils
|
11
|
+
|
12
|
+
# Returns the MAC address of an IP address, or nil if it's not responsive to arp. Takes
|
13
|
+
# a dotted-octect notation of the target IP address, as well as a number of parameters:
|
14
|
+
#
|
15
|
+
# === Parameters
|
16
|
+
# :iface
|
17
|
+
# Interface. Defaults to "eth0"
|
18
|
+
# :eth_saddr
|
19
|
+
# Source MAC address. Defaults to "00:00:00:00:00:00".
|
20
|
+
# :ip_saddr
|
21
|
+
# Source IP address. Defaults to "0.0.0.0"
|
22
|
+
# :flavor
|
23
|
+
# The flavor of the ARP request. Defaults to :none.
|
24
|
+
# :timeout
|
25
|
+
# Timeout in seconds. Defaults to 3.
|
26
|
+
#
|
27
|
+
# === Example
|
28
|
+
# PacketFu::Utils::arp("192.168.1.1") #=> "00:18:39:01:33:70"
|
29
|
+
# PacketFu::Utils::arp("192.168.1.1", :iface => "wlan2", :timeout => 5, :flavor => :hp_deskjet)
|
30
|
+
#
|
31
|
+
# === Warning
|
32
|
+
#
|
33
|
+
# It goes without saying, spewing forged ARP packets on your network is a great way to really
|
34
|
+
# irritate your co-workers.
|
35
|
+
def self.arp(target_ip,args={})
|
36
|
+
iface = args[:iface] || :eth0
|
37
|
+
args[:config] ||= whoami?(:iface => iface)
|
38
|
+
arp_pkt = PacketFu::ARPPacket.new(:flavor => (args[:flavor] || :none), :config => args[:config])
|
39
|
+
arp_pkt.eth_daddr = "ff:ff:ff:ff:ff:ff"
|
40
|
+
arp_pkt.arp_daddr_mac = "00:00:00:00:00:00"
|
41
|
+
arp_pkt.arp_daddr_ip = target_ip
|
42
|
+
# Stick the Capture object in its own thread.
|
43
|
+
cap_thread = Thread.new do
|
44
|
+
target_mac = nil
|
45
|
+
cap = PacketFu::Capture.new(:iface => iface, :start => true,
|
46
|
+
:filter => "arp src #{target_ip} and ether dst #{arp_pkt.eth_saddr}")
|
47
|
+
arp_pkt.to_w(iface) # Shorthand for sending single packets to the default interface.
|
48
|
+
timeout = 0
|
49
|
+
while target_mac.nil? && timeout <= (args[:timeout] || 3)
|
50
|
+
if cap.save > 0
|
51
|
+
arp_response = PacketFu::Packet.parse(cap.array[0])
|
52
|
+
target_mac = arp_response.arp_saddr_mac if arp_response.arp_saddr_ip = target_ip
|
53
|
+
end
|
54
|
+
timeout += 0.1
|
55
|
+
sleep 0.1 # Check for a response ten times per second.
|
56
|
+
end
|
57
|
+
target_mac
|
58
|
+
end # cap_thread
|
59
|
+
cap_thread.value
|
60
|
+
end
|
61
|
+
|
62
|
+
# Since 177/8 is IANA reserved (for now), this network should
|
63
|
+
# be handled by your default gateway and default interface.
|
64
|
+
def self.rand_routable_daddr
|
65
|
+
IPAddr.new((rand(16777216) + 2969567232), Socket::AF_INET)
|
66
|
+
end
|
67
|
+
|
68
|
+
# A helper for getting a random port number
|
69
|
+
def self.rand_port
|
70
|
+
rand(0xffff-1024)+1024
|
71
|
+
end
|
72
|
+
|
73
|
+
# Discovers the local IP and Ethernet address, which is useful for writing
|
74
|
+
# packets you expect to get a response to. Note, this is a noisy
|
75
|
+
# operation; a UDP packet is generated and dropped on to the default (or named)
|
76
|
+
# interface, and then captured (which means you need to be root to do this).
|
77
|
+
#
|
78
|
+
# whoami? returns a hash of :eth_saddr, :eth_src, :ip_saddr, :ip_src,
|
79
|
+
# :ip_src_bin, :eth_dst, and :eth_daddr (the last two are usually suitable
|
80
|
+
# for a gateway mac address). It's most useful as an argument to
|
81
|
+
# PacketFu::Config.new, or as an argument to the many Packet constructors.
|
82
|
+
#
|
83
|
+
# Note that if you have multiple interfaces with the same route (such as when
|
84
|
+
# wlan0 and eth0 are associated to the same network), the "first" one
|
85
|
+
# according to Pcap.lookupdev will be used, regardless of which :iface you
|
86
|
+
# pick.
|
87
|
+
#
|
88
|
+
# === Parameters
|
89
|
+
# :iface => "eth0"
|
90
|
+
# An interface to listen for packets on. Note that since we rely on the OS to send the probe packet,
|
91
|
+
# you will need to specify a target which will use this interface.
|
92
|
+
# :target => "1.2.3.4"
|
93
|
+
# A target IP address. By default, a packet will be sent to a random address in the 177/8 network.
|
94
|
+
def self.whoami?(args={})
|
95
|
+
unless args.kind_of? Hash
|
96
|
+
raise ArgumentError, "Argument to `whoami?' must be a Hash"
|
97
|
+
end
|
98
|
+
if args[:iface].to_s =~ /^lo/ # Linux loopback more or less. Need a switch for windows loopback, too.
|
99
|
+
dst_host = "127.0.0.1"
|
100
|
+
else
|
101
|
+
dst_host = (args[:target] || rand_routable_daddr.to_s)
|
102
|
+
end
|
103
|
+
|
104
|
+
dst_port = rand_port
|
105
|
+
msg = "PacketFu whoami? packet #{(Time.now.to_i + rand(0xffffff)+1)}"
|
106
|
+
iface = (args[:iface] || ENV['IFACE'] || default_int || :lo ).to_s
|
107
|
+
cap = PacketFu::Capture.new(:iface => iface, :promisc => false, :start => true, :filter => "udp and dst host #{dst_host} and dst port #{dst_port}")
|
108
|
+
udp_sock = UDPSocket.new
|
109
|
+
udp_sock.send(msg,0,dst_host,dst_port)
|
110
|
+
udp_sock = nil
|
111
|
+
|
112
|
+
my_data = nil
|
113
|
+
|
114
|
+
begin
|
115
|
+
Timeout::timeout(1) {
|
116
|
+
pkt = nil
|
117
|
+
|
118
|
+
while pkt.nil?
|
119
|
+
raw_pkt = cap.next
|
120
|
+
next if raw_pkt.nil?
|
121
|
+
|
122
|
+
pkt = Packet.parse(raw_pkt)
|
123
|
+
|
124
|
+
if pkt.payload == msg
|
125
|
+
|
126
|
+
my_data = {
|
127
|
+
:iface => (args[:iface] || ENV['IFACE'] || default_int || "lo").to_s,
|
128
|
+
:pcapfile => args[:pcapfile] || "/tmp/out.pcap",
|
129
|
+
:eth_saddr => pkt.eth_saddr,
|
130
|
+
:eth_src => pkt.eth_src.to_s,
|
131
|
+
:ip_saddr => pkt.ip_saddr,
|
132
|
+
:ip_src => pkt.ip_src,
|
133
|
+
:ip_src_bin => [pkt.ip_src].pack("N"),
|
134
|
+
:eth_dst => pkt.eth_dst.to_s,
|
135
|
+
:eth_daddr => pkt.eth_daddr
|
136
|
+
}
|
137
|
+
|
138
|
+
else raise SecurityError,
|
139
|
+
"whoami() packet doesn't match sent data. Something fishy's going on."
|
140
|
+
end
|
141
|
+
|
142
|
+
end
|
143
|
+
}
|
144
|
+
rescue Timeout::Error
|
145
|
+
raise SocketError, "Didn't receive the whoami() packet, can't automatically configure."
|
146
|
+
end
|
147
|
+
|
148
|
+
my_data
|
149
|
+
end
|
150
|
+
|
151
|
+
# Determine the default ip address
|
152
|
+
def self.default_ip
|
153
|
+
begin
|
154
|
+
orig, Socket.do_not_reverse_lookup = Socket.do_not_reverse_lookup, true # turn off reverse DNS resolution temporarily
|
155
|
+
|
156
|
+
UDPSocket.open do |s|
|
157
|
+
s.connect rand_routable_daddr.to_s, rand_port
|
158
|
+
s.addr.last
|
159
|
+
end
|
160
|
+
ensure
|
161
|
+
Socket.do_not_reverse_lookup = orig
|
162
|
+
end
|
163
|
+
end
|
164
|
+
|
165
|
+
# Determine the default routeable interface
|
166
|
+
def self.default_int
|
167
|
+
ip = default_ip
|
168
|
+
|
169
|
+
NetworkInterface.interfaces.each do |interface|
|
170
|
+
NetworkInterface.addresses(interface).values.each do |addresses|
|
171
|
+
addresses.each do |address|
|
172
|
+
next if address["addr"].nil?
|
173
|
+
return interface if address["addr"] == ip
|
174
|
+
end
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
# Fall back to libpcap as last resort
|
179
|
+
return Pcap.lookupdev
|
180
|
+
end
|
181
|
+
|
182
|
+
# Determine the ifconfig data string for a given interface
|
183
|
+
def self.ifconfig_data_string(iface=default_int)
|
184
|
+
# Make sure to only get interface data for a real interface
|
185
|
+
unless NetworkInterface.interfaces.include?(iface)
|
186
|
+
raise ArgumentError, "#{iface} interface does not exist"
|
187
|
+
end
|
188
|
+
return %x[ifconfig #{iface}]
|
189
|
+
end
|
190
|
+
|
191
|
+
# Handles ifconfig for various (okay, two) platforms.
|
192
|
+
# Will have Windows done shortly.
|
193
|
+
#
|
194
|
+
# Takes an argument (either string or symbol) of the interface to look up, and
|
195
|
+
# returns a hash which contains at least the :iface element, and if configured,
|
196
|
+
# these additional elements:
|
197
|
+
#
|
198
|
+
# :eth_saddr # A human readable MAC address
|
199
|
+
# :eth_src # A packed MAC address
|
200
|
+
# :ip_saddr # A dotted-quad string IPv4 address
|
201
|
+
# :ip_src # A packed IPv4 address
|
202
|
+
# :ip4_obj # An IPAddr object with bitmask
|
203
|
+
# :ip6_saddr # A colon-delimited hex IPv6 address, with bitmask
|
204
|
+
# :ip6_obj # An IPAddr object with bitmask
|
205
|
+
#
|
206
|
+
# === Example
|
207
|
+
# PacketFu::Utils.ifconfig :wlan0 # Not associated yet
|
208
|
+
# #=> {:eth_saddr=>"00:1d:e0:73:9d:ff", :eth_src=>"\000\035\340s\235\377", :iface=>"wlan0"}
|
209
|
+
# PacketFu::Utils.ifconfig("eth0") # Takes 'eth0' as default
|
210
|
+
# #=> {:eth_saddr=>"00:1c:23:35:70:3b", :eth_src=>"\000\034#5p;", :ip_saddr=>"10.10.10.9", :ip4_obj=>#<IPAddr: IPv4:10.10.10.0/255.255.254.0>, :ip_src=>"\n\n\n\t", :iface=>"eth0", :ip6_saddr=>"fe80::21c:23ff:fe35:703b/64", :ip6_obj=>#<IPAddr: IPv6:fe80:0000:0000:0000:0000:0000:0000:0000/ffff:ffff:ffff:ffff:0000:0000:0000:0000>}
|
211
|
+
# PacketFu::Utils.ifconfig :lo
|
212
|
+
# #=> {:ip_saddr=>"127.0.0.1", :ip4_obj=>#<IPAddr: IPv4:127.0.0.0/255.0.0.0>, :ip_src=>"\177\000\000\001", :iface=>"lo", :ip6_saddr=>"::1/128", :ip6_obj=>#<IPAddr: IPv6:0000:0000:0000:0000:0000:0000:0000:0001/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff>}
|
213
|
+
def self.ifconfig(iface=default_int)
|
214
|
+
ret = {}
|
215
|
+
iface = iface.to_s.scan(/[0-9A-Za-z]/).join # Sanitizing input, no spaces, semicolons, etc.
|
216
|
+
case RUBY_PLATFORM
|
217
|
+
when /linux/i
|
218
|
+
ifconfig_data = ifconfig_data_string(iface)
|
219
|
+
if ifconfig_data =~ /#{iface}/i
|
220
|
+
ifconfig_data = ifconfig_data.split(/[\s]*\n[\s]*/)
|
221
|
+
else
|
222
|
+
raise ArgumentError, "Cannot ifconfig #{iface}"
|
223
|
+
end
|
224
|
+
real_iface = ifconfig_data.first
|
225
|
+
ret[:iface] = real_iface.split.first.downcase
|
226
|
+
if real_iface =~ /[\s]HWaddr[\s]+([0-9a-fA-F:]{17})/i
|
227
|
+
ret[:eth_saddr] = $1.downcase
|
228
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
229
|
+
end
|
230
|
+
ifconfig_data.each do |s|
|
231
|
+
case s
|
232
|
+
when /inet addr:[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+))?/i
|
233
|
+
ret[:ip_saddr] = $1
|
234
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
|
235
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
236
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask($3) if $3
|
237
|
+
when /inet6 addr:[\s]*([0-9a-fA-F:\x2f]+)/
|
238
|
+
ret[:ip6_saddr] = $1
|
239
|
+
ret[:ip6_obj] = IPAddr.new($1)
|
240
|
+
end
|
241
|
+
end # linux
|
242
|
+
when /darwin/i
|
243
|
+
ifconfig_data = ifconfig_data_string(iface)
|
244
|
+
if ifconfig_data =~ /#{iface}/i
|
245
|
+
ifconfig_data = ifconfig_data.split(/[\s]*\n[\s]*/)
|
246
|
+
else
|
247
|
+
raise ArgumentError, "Cannot ifconfig #{iface}"
|
248
|
+
end
|
249
|
+
ret[:iface] = iface
|
250
|
+
ifconfig_data.each do |s|
|
251
|
+
case s
|
252
|
+
when /ether[\s]([0-9a-fA-F:]{17})/i
|
253
|
+
ret[:eth_saddr] = $1
|
254
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
255
|
+
when /inet[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask[\s]+(0x[a-f0-9]+))?/i
|
256
|
+
imask = 0
|
257
|
+
if $3
|
258
|
+
imask = $3.to_i(16).to_s(2).count("1")
|
259
|
+
end
|
260
|
+
|
261
|
+
ret[:ip_saddr] = $1
|
262
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
|
263
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
264
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask(imask) if imask
|
265
|
+
when /inet6[\s]*([0-9a-fA-F:\x2f]+)/
|
266
|
+
ret[:ip6_saddr] = $1
|
267
|
+
ret[:ip6_obj] = IPAddr.new($1)
|
268
|
+
end
|
269
|
+
end # darwin
|
270
|
+
when /freebsd/i
|
271
|
+
ifconfig_data = ifconfig_data_string(iface)
|
272
|
+
if ifconfig_data =~ /#{iface}/
|
273
|
+
ifconfig_data = ifconfig_data.split(/[\s]*\n[\s]*/)
|
274
|
+
else
|
275
|
+
raise ArgumentError, "Cannot ifconfig #{iface}"
|
276
|
+
end
|
277
|
+
ret[:iface] = iface
|
278
|
+
ifconfig_data.each do |s|
|
279
|
+
case s
|
280
|
+
when /ether[\s]*([0-9a-fA-F:]{17})/
|
281
|
+
ret[:eth_saddr] = $1.downcase
|
282
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
283
|
+
when /inet[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*netmask[\s]*(0x[0-9a-fA-F]{8}))?/
|
284
|
+
ret[:ip_saddr] = $1
|
285
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
|
286
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
287
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask(($3.hex.to_s(2) =~ /0*$/)) if $3
|
288
|
+
when /inet6[\s]*([0-9a-fA-F:\x2f]+)/
|
289
|
+
ret[:ip6_saddr] = $1
|
290
|
+
ret[:ip6_obj] = IPAddr.new($1)
|
291
|
+
end
|
292
|
+
end # freebsd
|
293
|
+
end # RUBY_PLATFORM
|
294
|
+
ret
|
295
|
+
end
|
296
|
+
|
297
|
+
end
|
231
298
|
|
232
299
|
end
|
233
300
|
|