packetfu 1.1.5 → 1.1.6

data/lib/packetfu/protos/hsrp/mixin.rb

@@ -0,0 +1,31 @@
+module PacketFu
+	# This Mixin simplifies access to the HSRPHeaders. Mix this in with your 
+	# packet interface, and it will add methods that essentially delegate to
+	# the 'hsrp_header' method (assuming that it is a HSRPHeader object)
+	module HSRPHeaderMixin
+		def hsrp_version=(v); self.hsrp_header.hsrp_version= v; end
+		def hsrp_version; self.hsrp_header.hsrp_version; end
+		def hsrp_opcode=(v); self.hsrp_header.hsrp_opcode= v; end
+		def hsrp_opcode; self.hsrp_header.hsrp_opcode; end
+		def hsrp_state=(v); self.hsrp_header.hsrp_state= v; end
+		def hsrp_state; self.hsrp_header.hsrp_state; end
+		def hsrp_hellotime=(v); self.hsrp_header.hsrp_hellotime= v; end
+		def hsrp_hellotime; self.hsrp_header.hsrp_hellotime; end
+		def hsrp_holdtime=(v); self.hsrp_header.hsrp_holdtime= v; end
+		def hsrp_holdtime; self.hsrp_header.hsrp_holdtime; end
+		def hsrp_priority=(v); self.hsrp_header.hsrp_priority= v; end
+		def hsrp_priority; self.hsrp_header.hsrp_priority; end
+		def hsrp_group=(v); self.hsrp_header.hsrp_group= v; end
+		def hsrp_group; self.hsrp_header.hsrp_group; end
+		def hsrp_reserved=(v); self.hsrp_header.hsrp_reserved= v; end
+		def hsrp_reserved; self.hsrp_header.hsrp_reserved; end
+		def hsrp_addr=(v); self.hsrp_header.hsrp_addr= v; end
+		def hsrp_addr; self.hsrp_header.hsrp_addr; end
+		def hsrp_vip_readable; self.hsrp_header.hsrp_vip_readable; end
+		def hsrp_password_readable; self.hsrp_header.hsrp_password_readable; end
+		def hsrp_password; self.hsrp_header.hsrp_password; end
+		def hsrp_password=(v); self.hsrp_header.hsrp_password= v; end
+		def hsrp_vip; self.hsrp_header.hsrp_vip; end
+		def hsrp_vip=(v); self.hsrp_header.hsrp_vip= v; end
+	end
+end

data/lib/packetfu/protos/icmp.rb

@@ -1,97 +1,13 @@
-module PacketFu
+require 'packetfu/protos/eth/header'
+require 'packetfu/protos/eth/mixin'
 
-	# ICMPHeader is a complete ICMP struct, used in ICMPPacket. ICMP is 
-	# typically used for network administration and connectivity testing.
-	#
-	# For more on ICMP packets, see 
-	# http://www.networksorcery.com/enp/protocol/icmp.htm
-	# 
-	# ==== Header Definition
-	#
-	#   Int8    :icmp_type                        # Type
-	#   Int8    :icmp_code                        # Code
-	#   Int16   :icmp_sum    Default: calculated  # Checksum
-	#   String  :body
-	class ICMPHeader < Struct.new(:icmp_type, :icmp_code, :icmp_sum, :body)
+require 'packetfu/protos/ip/header'
+require 'packetfu/protos/ip/mixin'
 
-		include StructFu
-
-		def initialize(args={})
-			super(
-				Int8.new(args[:icmp_type]),
-				Int8.new(args[:icmp_code]),
-				Int16.new(args[:icmp_sum] || icmp_calc_sum),
-				StructFu::String.new.read(args[:body])
-			)
-		end
-
-		# Returns the object in string form.
-		def to_s
-			self.to_a.map {|x| x.to_s}.join
-		end
-
-		# Reads a string to populate the object.
-		def read(str)
-			force_binary(str)
-			return self if str.nil?
-			self[:icmp_type].read(str[0,1])
-			self[:icmp_code].read(str[1,1])
-			self[:icmp_sum].read(str[2,2])
-			self[:body].read(str[4,str.size])
-			self
-		end
-
-		# Setter for the type.
-		def icmp_type=(i); typecast i; end
-		# Getter for the type.
-		def icmp_type; self[:icmp_type].to_i; end
-		# Setter for the code.
-		def icmp_code=(i); typecast i; end
-		# Getter for the code.
-		def icmp_code; self[:icmp_code].to_i; end
-		# Setter for the checksum. Note, this is calculated automatically with 
-		# icmp_calc_sum.
-		def icmp_sum=(i); typecast i; end
-		# Getter for the checksum.
-		def icmp_sum; self[:icmp_sum].to_i; end
-
-		# Calculates and sets the checksum for the object.
-		def icmp_calc_sum
-			checksum = (icmp_type.to_i << 8)	+ icmp_code.to_i
-			chk_body = (body.to_s.size % 2 == 0 ? body.to_s : body.to_s + "\x00")
-			if 1.respond_to? :ord
-				chk_body.scan(/../).map { |x| (x[0].ord << 8) + x[1].ord }.each { |y| checksum += y }
-			else
-				chk_body.scan(/../).map { |x| (x[0] << 8) + x[1] }.each { |y| checksum += y }
-			end
-			checksum = checksum % 0xffff
-			checksum = 0xffff - checksum
-			checksum == 0 ? 0xffff : checksum
-		end
-		
-		# Recalculates the calculatable fields for ICMP.
-		def icmp_recalc(arg=:all)
-			# How silly is this, you can't intern a symbol in ruby 1.8.7pl72?
-			# I'm this close to monkey patching Symbol so you can force it...
-			arg = arg.intern if arg.respond_to? :intern
-			case arg
-			when :icmp_sum
-				self.icmp_sum=icmp_calc_sum
-			when :all
-				self.icmp_sum=icmp_calc_sum
-			else
-				raise ArgumentError, "No such field `#{arg}'"
-			end
-		end
-
-		# Readability aliases
-
-		def icmp_sum_readable
-			"0x%04x" % icmp_sum
-		end
-
-	end
+require 'packetfu/protos/icmp/header'
+require 'packetfu/protos/icmp/mixin'
 
+module PacketFu
 	# ICMPPacket is used to construct ICMP Packets. They contain an EthHeader, an IPHeader, and a ICMPHeader.
 	#
 	# == Example
@@ -119,6 +35,9 @@ module PacketFu
 	#  :config
 	#   A hash of return address details, often the output of Utils.whoami?
 	class ICMPPacket < Packet
+    include ::PacketFu::EthHeaderMixin
+    include ::PacketFu::IPHeaderMixin
+    include ::PacketFu::ICMPHeaderMixin
 
 		attr_accessor :eth_header, :ip_header, :icmp_header
 
@@ -133,10 +52,6 @@ module PacketFu
 		def read(str=nil, args={})
 			raise "Cannot parse `#{str}'" unless self.class.can_parse?(str)
 			@eth_header.read(str)
-			@ip_header.read(str[14,str.size])
-			@eth_header.body = @ip_header
-			@icmp_header.read(str[14+(@ip_header.ip_hlen),str.size])
-			@ip_header.body = @icmp_header
 			super(args)
 			self
 		end
@@ -173,7 +88,5 @@ module PacketFu
 			peek_data << "%04x" % self.ip_id
 			peek_data.join
 		end
-
 	end
-
 end

data/lib/packetfu/protos/icmp/header.rb

@@ -0,0 +1,93 @@
+module PacketFu
+	# ICMPHeader is a complete ICMP struct, used in ICMPPacket. ICMP is 
+	# typically used for network administration and connectivity testing.
+	#
+	# For more on ICMP packets, see 
+	# http://www.networksorcery.com/enp/protocol/icmp.htm
+	# 
+	# ==== Header Definition
+	#
+	#   Int8    :icmp_type                        # Type
+	#   Int8    :icmp_code                        # Code
+	#   Int16   :icmp_sum    Default: calculated  # Checksum
+	#   String  :body
+	class ICMPHeader < Struct.new(:icmp_type, :icmp_code, :icmp_sum, :body)
+
+		include StructFu
+
+		def initialize(args={})
+			super(
+				Int8.new(args[:icmp_type]),
+				Int8.new(args[:icmp_code]),
+				Int16.new(args[:icmp_sum] || icmp_calc_sum),
+				StructFu::String.new.read(args[:body])
+			)
+		end
+
+		# Returns the object in string form.
+		def to_s
+			self.to_a.map {|x| x.to_s}.join
+		end
+
+		# Reads a string to populate the object.
+		def read(str)
+			force_binary(str)
+			return self if str.nil?
+			self[:icmp_type].read(str[0,1])
+			self[:icmp_code].read(str[1,1])
+			self[:icmp_sum].read(str[2,2])
+			self[:body].read(str[4,str.size])
+			self
+		end
+
+		# Setter for the type.
+		def icmp_type=(i); typecast i; end
+		# Getter for the type.
+		def icmp_type; self[:icmp_type].to_i; end
+		# Setter for the code.
+		def icmp_code=(i); typecast i; end
+		# Getter for the code.
+		def icmp_code; self[:icmp_code].to_i; end
+		# Setter for the checksum. Note, this is calculated automatically with 
+		# icmp_calc_sum.
+		def icmp_sum=(i); typecast i; end
+		# Getter for the checksum.
+		def icmp_sum; self[:icmp_sum].to_i; end
+
+		# Calculates and sets the checksum for the object.
+		def icmp_calc_sum
+			checksum = (icmp_type.to_i << 8)	+ icmp_code.to_i
+			chk_body = (body.to_s.size % 2 == 0 ? body.to_s : body.to_s + "\x00")
+			if 1.respond_to? :ord
+				chk_body.scan(/../).map { |x| (x[0].ord << 8) + x[1].ord }.each { |y| checksum += y }
+			else
+				chk_body.scan(/../).map { |x| (x[0] << 8) + x[1] }.each { |y| checksum += y }
+			end
+			checksum = checksum % 0xffff
+			checksum = 0xffff - checksum
+			checksum == 0 ? 0xffff : checksum
+		end
+		
+		# Recalculates the calculatable fields for ICMP.
+		def icmp_recalc(arg=:all)
+			# How silly is this, you can't intern a symbol in ruby 1.8.7pl72?
+			# I'm this close to monkey patching Symbol so you can force it...
+			arg = arg.intern if arg.respond_to? :intern
+			case arg
+			when :icmp_sum
+				self.icmp_sum=icmp_calc_sum
+			when :all
+				self.icmp_sum=icmp_calc_sum
+			else
+				raise ArgumentError, "No such field `#{arg}'"
+			end
+		end
+
+		# Readability aliases
+
+		def icmp_sum_readable
+			"0x%04x" % icmp_sum
+		end
+
+	end
+end

data/lib/packetfu/protos/icmp/mixin.rb

@@ -0,0 +1,17 @@
+module PacketFu
+	# This Mixin simplifies access to the ICMPHeaders. Mix this in with your 
+	# packet interface, and it will add methods that essentially delegate to
+	# the 'icmp_header' method (assuming that it is a ICMPHeader object)
+	module ICMPHeaderMixin
+		def icmp_type=(v); self.icmp_header.icmp_type= v; end
+		def icmp_type; self.icmp_header.icmp_type; end
+		def icmp_code=(v); self.icmp_header.icmp_code= v; end
+		def icmp_code; self.icmp_header.icmp_code; end
+		def icmp_sum=(v); self.icmp_header.icmp_sum= v; end
+		def icmp_sum; self.icmp_header.icmp_sum; end
+		def icmp_calc_sum; self.icmp_header.icmp_calc_sum; end
+		def icmp_recalc(*v); self.icmp_header.icmp_recalc(*v); end
+		def icmp_sum_readable; self.icmp_header.icmp_sum_readable; end
+	end
+end
+

data/lib/packetfu/protos/ip.rb

@@ -1,298 +1,10 @@
-require 'ipaddr'
-module PacketFu
-
-	# Octets implements the addressing scheme for IP.
-	#
-	# ==== Header Definition
-	#
-	#  Int8 :o1
-	#  Int8 :o2
-	#  Int8 :o3
-	#  Int8 :o4
-	class Octets < Struct.new(:o1, :o2, :o3, :o4)
-		include StructFu
-
-		def initialize(args={})
-			super(
-			Int8.new(args[:o1]),
-			Int8.new(args[:o2]),
-			Int8.new(args[:o3]),
-			Int8.new(args[:o4]))
-		end
-
-		# Returns the object in string form.
-		def to_s
-			self.to_a.map {|x| x.to_s}.join
-		end
-
-		# Reads a string to populate the object.
-		def read(str)
-			force_binary(str)
-			return self if str.nil?
-			self[:o1].read str[0,1]
-			self[:o2].read str[1,1]
-			self[:o3].read str[2,1]
-			self[:o4].read str[3,1]
-			self
-		end
-
-		# Returns an address in dotted-quad format.
-		def to_x
-			ip_str = [o1, o2, o3, o4].map {|x| x.to_i.to_s}.join('.')
-			IPAddr.new(ip_str).to_s
-		end
-
-		# Returns an address in numerical format.
-		def to_i
-			ip_str = [o1, o2, o3, o4].map {|x| x.to_i.to_s}.join('.')
-			IPAddr.new(ip_str).to_i
-		end
-
-		# Set the IP Address by reading a dotted-quad address.
-		def read_quad(str)
-			read([IPAddr.new(str).to_i].pack("N"))
-		end
+require 'packetfu/protos/eth/header'
+require 'packetfu/protos/eth/mixin'
 
-	end
-
-	# IPHeader is a complete IP struct, used in IPPacket. Most traffic on most networks today is IP-based.
-	#
-	# For more on IP packets, see http://www.networksorcery.com/enp/protocol/ip.htm
-	#
-	# ==== Header Definition
-	#
-	#   Fixnum (4 bits)  :ip_v,     Default: 4
-	#   Fixnum (4 bits)  :ip_hl,    Default: 5
-	#   Int8             :ip_tos,   Default: 0           # TODO: Break out the bits
-	#   Int16            :ip_len,   Default: calculated 
-	#   Int16            :ip_id,    Default: calculated  # IRL, hardly random. 
-	#   Int16            :ip_frag,  Default: 0           # TODO: Break out the bits
-	#   Int8             :ip_ttl,   Default: 0xff        # Changes per flavor
-	#   Int8             :ip_proto, Default: 0x01        # TCP: 0x06, UDP 0x11, ICMP 0x01
-	#   Int16            :ip_sum,   Default: calculated 
-	#   Octets           :ip_src                       
-	#   Octets           :ip_dst                      
-	#   String           :body
-	#
-	# Note that IPPackets will always be somewhat incorrect upon initalization, 
-	# and want an IPHeader#recalc() to become correct before a 
-	# Packet#to_f or Packet#to_w.
-	class IPHeader < Struct.new(:ip_v, :ip_hl, :ip_tos, :ip_len,
-															:ip_id, :ip_frag, :ip_ttl, :ip_proto,
-															:ip_sum, :ip_src, :ip_dst, :body)
-		include StructFu
-
-		def initialize(args={})
-			@random_id = rand(0xffff)
-			super(
-				(args[:ip_v] || 4),
-				(args[:ip_hl] || 5),
-				Int8.new(args[:ip_tos]),
-				Int16.new(args[:ip_len] || 20),
-				Int16.new(args[:ip_id] || ip_calc_id),
-				Int16.new(args[:ip_frag]),
-				Int8.new(args[:ip_ttl] || 32),
-				Int8.new(args[:ip_proto]),
-				Int16.new(args[:ip_sum] || ip_calc_sum),
-				Octets.new.read(args[:ip_src] || "\x00\x00\x00\x00"),
-				Octets.new.read(args[:ip_dst] || "\x00\x00\x00\x00"),
-				StructFu::String.new.read(args[:body])
-			)
-		end
+require 'packetfu/protos/ip/header'
+require 'packetfu/protos/ip/mixin'
 
-		# Returns the object in string form.
-		def to_s
-			byte_v_hl = [(self.ip_v << 4) + self.ip_hl].pack("C")
-			byte_v_hl + (self.to_a[2,10].map {|x| x.to_s}.join)
-		end
-
-		# Reads a string to populate the object.
-		def read(str)
-			force_binary(str)
-			return self if str.nil?
-			self[:ip_v] = str[0,1].unpack("C").first >> 4
-			self[:ip_hl] = str[0,1].unpack("C").first.to_i & 0x0f
-			self[:ip_tos].read(str[1,1])
-			self[:ip_len].read(str[2,2])
-			self[:ip_id].read(str[4,2])
-			self[:ip_frag].read(str[6,2])
-			self[:ip_ttl].read(str[8,1])
-			self[:ip_proto].read(str[9,1])
-			self[:ip_sum].read(str[10,2])
-			self[:ip_src].read(str[12,4])
-			self[:ip_dst].read(str[16,4])
-			self[:body].read(str[20,str.size]) if str.size > 20
-			self
-		end
-
-		# Setter for the version.
-		def ip_v=(i); self[:ip_v] = i.to_i; end
-		# Getter for the version.
-		def ip_v; self[:ip_v].to_i; end
-		# Setter for the header length (divide by 4)
-		def ip_hl=(i); self[:ip_hl] = i.to_i; end
-		# Getter for the header length (multiply by 4)
-		def ip_hl; self[:ip_hl].to_i; end
-		# Setter for the differentiated services
-		def ip_tos=(i); typecast i; end
-		# Getter for the differentiated services
-		def ip_tos; self[:ip_tos].to_i; end
-		# Setter for total length.
-		def ip_len=(i); typecast i; end
-		# Getter for total length.
-		def ip_len; self[:ip_len].to_i; end
-		# Setter for the identication number.
-		def ip_id=(i); typecast i; end
-		# Getter for the identication number.
-		def ip_id; self[:ip_id].to_i; end
-		# Setter for the fragmentation ID.
-		def ip_frag=(i); typecast i; end
-		# Getter for the fragmentation ID.
-		def ip_frag; self[:ip_frag].to_i; end
-		# Setter for the time to live.
-		def ip_ttl=(i); typecast i; end
-		# Getter for the time to live.
-		def ip_ttl; self[:ip_ttl].to_i; end
-		# Setter for the protocol number.
-		def ip_proto=(i); typecast i; end
-		# Getter for the protocol number.
-		def ip_proto; self[:ip_proto].to_i; end
-		# Setter for the checksum.
-		def ip_sum=(i); typecast i; end
-		# Getter for the checksum.
-		def ip_sum; self[:ip_sum].to_i; end
-		# Setter for the source IP address.
-		def ip_src=(i)
-			case i
-			when Numeric
-				self[:ip_src] = Octets.new.read([i].pack("N"))
-			when Octets
-				self[:ip_src] = i
-			else
-				typecast i
-			end
-		end
-		# Getter for the source IP address.
-		def ip_src; self[:ip_src].to_i; end
-		# Setter for the destination IP address.
-		def ip_dst=(i)
-			case i
-			when Numeric
-				self[:ip_dst] = Octets.new.read([i].pack("N"))
-			when Octets
-				self[:ip_dst] = i
-			else
-				typecast i
-			end
-		end
-		# Getter for the destination IP address.
-		def ip_dst; self[:ip_dst].to_i; end
-
-		# Calulcate the true length of the packet.
-		def ip_calc_len
-			(ip_hl * 4) + body.to_s.length
-		end
-
-		# Return the claimed header length 
-		def ip_hlen
-			(ip_hl * 4)
-		end
-
-		# Calculate the true checksum of the packet.
-		# (Yes, this is the long way to do it, but it's e-z-2-read for mathtards like me.)
-		def ip_calc_sum
-			checksum =  (((self.ip_v  <<  4) + self.ip_hl) << 8) + self.ip_tos
-			checksum += self.ip_len
-			checksum +=	self.ip_id
-			checksum += self.ip_frag
-			checksum +=	(self.ip_ttl << 8) + self.ip_proto
-			checksum += (self.ip_src >> 16)
-			checksum += (self.ip_src & 0xffff)
-			checksum += (self.ip_dst >> 16)
-			checksum += (self.ip_dst & 0xffff)
-			checksum = checksum % 0xffff 
-			checksum = 0xffff - checksum
-			checksum == 0 ? 0xffff : checksum
-		end
-
-		# Retrieve the IP ID
-		def ip_calc_id
-			@random_id
-		end
-
-		# Sets a more readable IP address. If you wants to manipulate individual octets, 
-		# (eg, for host scanning in one network), it would be better use ip_src.o1 through 
-		# ip_src.o4 instead. 
-		def ip_saddr=(addr)
-			self[:ip_src].read_quad(addr)
-		end
-
-		# Returns a more readable IP source address. 
-		def ip_saddr
-			self[:ip_src].to_x
-		end
-
-		# Sets a more readable IP address.
-		def ip_daddr=(addr)
-			self[:ip_dst].read_quad(addr)
-		end
-
-		# Returns a more readable IP destination address.
-		def ip_daddr
-			self[:ip_dst].to_x
-		end
-
-		# Translate various formats of IPv4 Addresses to an array of digits.
-		def self.octet_array(addr)
-			if addr.class == String
-				oa = addr.split('.').collect {|x| x.to_i}
-			elsif addr.class == Fixnum
-				oa = IPAddr.new(addr, Socket::AF_INET).to_s.split('.')
-			elsif addr.class == Bignum
-				oa = IPAddr.new(addr, Socket::AF_INET).to_s.split('.')
-			elsif addr.class == Array
-				oa = addr
-			else
-				raise ArgumentError, "IP Address should be a dotted quad string, an array of ints, or a bignum"
-			end
-		end
-
-		# Recalculate the calculated IP fields. Valid arguments are:
-		#   :all 
-		#   :ip_len 
-		#   :ip_sum 
-		#   :ip_id
-		def ip_recalc(arg=:all)
-			case arg
-			when :ip_len
-				self.ip_len=ip_calc_len
-			when :ip_sum
-				self.ip_sum=ip_calc_sum
-			when :ip_id
-				@random_id = rand(0xffff)
-			when :all
-				self.ip_id=		ip_calc_id
-				self.ip_len=	ip_calc_len
-				self.ip_sum=	ip_calc_sum
-			else
-				raise ArgumentError, "No such field `#{arg}'"
-			end
-		end
-
-		# Readability aliases
-
-		alias :ip_src_readable :ip_saddr
-		alias :ip_dst_readable :ip_daddr
-
-		def ip_id_readable
-			"0x%04x" % ip_id
-		end
-
-		def ip_sum_readable
-			"0x%04x" % ip_sum
-		end
-
-	end
+module PacketFu
 
 	# IPPacket is used to construct IP packets. They contain an EthHeader, an IPHeader, and usually
 	# a transport-layer protocol such as UDPHeader, TCPHeader, or ICMPHeader.
@@ -322,6 +34,8 @@ module PacketFu
 	#   :config
 	#     A hash of return address details, often the output of Utils.whoami?
 	class IPPacket < Packet
+    include ::PacketFu::EthHeaderMixin
+    include ::PacketFu::IPHeaderMixin
 
 		attr_accessor :eth_header, :ip_header
 
@@ -343,8 +57,6 @@ module PacketFu
 		def read(str=nil, args={})
 			raise "Cannot parse `#{str}'" unless self.class.can_parse?(str)
 			@eth_header.read(str)
-			@ip_header.read(str[14,str.size])
-			@eth_header.body = @ip_header
 			super(args) 
 			self
 		end