packetgen 0.1.0

data/lib/packetgen/header/ipv6.rb

@@ -0,0 +1,215 @@
+require 'ipaddr'
+
+module PacketGen
+  module Header
+
+    # IPv6 header class
+    # @author Sylvain Daubert
+    class IPv6 < Struct.new(:version, :traffic_class, :flow_label, :length,
+                            :next, :hop, :src, :dst, :body)
+      include StructFu
+      include HeaderMethods
+      extend HeaderClassMethods
+
+      # IPv6 address, as a group of 8 2-byte words
+      # @author Sylvain Daubert
+      class Addr < Struct.new(:a1, :a2, :a3, :a4, :a5, :a6, :a7, :a8)
+        include StructFu
+
+        # @param [Hash] options
+        # @option options [Integer] :a1
+        # @option options [Integer] :a2
+        # @option options [Integer] :a3
+        # @option options [Integer] :a4
+        # @option options [Integer] :a5
+        # @option options [Integer] :a6
+        # @option options [Integer] :a7
+        # @option options [Integer] :a8
+        def initialize(options={})
+          super Int16.new(options[:a1]),
+                Int16.new(options[:a2]),
+                Int16.new(options[:a3]),
+                Int16.new(options[:a4]),
+                Int16.new(options[:a5]),
+                Int16.new(options[:a6]),
+                Int16.new(options[:a7]),
+                Int16.new(options[:a8])
+        end
+
+        # Parse a colon-delimited address
+        # @param [String] str
+        # @return [self]
+        def parse(str)
+          return self if str.nil?
+          addr = IPAddr.new(str)
+          raise ArgumentError, 'string is not a IPv6 address' unless addr.ipv6?
+          addri = addr.to_i
+          self.a1 = addri >> 112
+          self.a2 = addri >> 96 & 0xffff
+          self.a3 = addri >> 80 & 0xffff
+          self.a4 = addri >> 64 & 0xffff
+          self.a5 = addri >> 48 & 0xffff
+          self.a6 = addri >> 32 & 0xffff
+          self.a7 = addri >> 16 & 0xffff
+          self.a8 = addri & 0xffff
+          self
+        end
+
+        # Read a Addr6 from a binary string
+        # @param [String] str
+        # @return [self]
+        def read(str)
+          force_binary str
+          self[:a1].read str[0, 2]
+          self[:a2].read str[2, 2]
+          self[:a3].read str[4, 2]
+          self[:a4].read str[6, 2]
+          self[:a5].read str[8, 2]
+          self[:a6].read str[10, 2]
+          self[:a7].read str[12, 2]
+          self[:a8].read str[14, 2]
+          self
+        end
+
+        %i(a1 a2 a3 a4 a5 a6 a7 a8).each do |sym|
+          class_eval "def #{sym}; self[:#{sym}].to_i; end\n" \
+                     "def #{sym}=(v); self[:#{sym}].read v; end" 
+        end
+
+        # Addr6 in human readable form (colon-delimited hex string)
+        # @return [String]
+        def to_x
+          IPAddr.new(to_a.map { |a| a.to_i.to_s(16) }.join(':')).to_s
+        end
+      end
+
+      # @param [Hash] options
+      # @option options [Integer] :version
+      # @option options [Integer] :traffic_length
+      # @option options [Integer] :flow_label
+      # @option options [Integer] :length payload length
+      # @option options [Integer] :next
+      # @option options [Integer] :hop
+      # @option options [String] :src colon-delimited source address
+      # @option options [String] :dst colon-delimited destination address
+      # @option options [String] :body binary string
+      def initialize(options={})
+        super options[:version] || 6,
+              options[:traffic_class] || 0,
+              options[:flow_label] || 0,
+              Int16.new(options[:length]),
+              Int8.new(options[:next]),
+              Int8.new(options[:hop] || 64),
+              Addr.new.parse(options[:src] || '::1'),
+              Addr.new.parse(options[:dst] || '::1'),
+              StructFu::String.new.read(options[:body])
+      end
+
+      # Read a IP header from a string
+      # @param [String] str binary string
+      # @return [self]
+      def read(str)
+        return self if str.nil?
+        raise ParseError, 'string too short for Eth' if str.size < self.sz
+        force_binary str
+        first32 = str[0, 4].unpack('N').first
+        self.version = first32 >> 28
+        self.traffic_class = (first32 >> 20) & 0xff
+        self.flow_label = first32 & 0xfffff
+
+        self[:length].read str[4, 2]
+        self[:next].read str[6, 1]
+        self[:hop].read str[7, 1]
+        self[:src].read str[8, 16]
+        self[:dst].read str[24, 16]
+        self[:body].read str[40..-1]
+        self
+      end
+
+      # Compute length and set +len+ field
+      # @return [Integer]
+      def calc_length
+        self.length = body.length
+      end
+
+      # Getter for length attribute
+      # @return [Integer]
+      def length
+        self[:length].to_i
+      end
+
+      # Setter for length attribute
+      # @param [Integer] i
+      # @return [Integer]
+      def length=(i)
+        self[:length].read i
+      end
+
+      # Getter for next attribute
+      # @return [Integer]
+      def next
+        self[:next].to_i
+      end
+
+      # Setter for next attribute
+      # @param [Integer] i
+      # @return [Integer]
+      def next=(i)
+        self[:next].read i
+      end
+
+      # Getter for hop attribute
+      # @return [Integer]
+      def hop
+        self[:hop].to_i
+      end
+
+      # Setter for hop attribute
+      # @param [Integer] i
+      # @return [Integer]
+      def hop=(i)
+        self[:hop].read i
+      end
+
+      # Getter for src attribute
+      # @return [String]
+      def src
+        self[:src].to_x
+      end
+      alias :source :src
+
+      # Setter for src attribute
+      # @param [String] addr
+      # @return [Integer]
+      def src=(addr)
+        self[:src].parse addr
+      end
+      alias :source= :src=
+
+      # Getter for dst attribute
+      # @return [String]
+      def dst
+        self[:dst].to_x
+      end
+      alias :destination :dst
+
+      # Setter for dst attribute
+      # @param [String] addr
+      # @return [Integer]
+      def dst=(addr)
+        self[:dst].parse addr
+      end
+      alias :destination= :dst=
+
+      # Get binary string
+      # @return [String]
+      def to_s
+        first32 = (version << 28) | (traffic_class << 20) | flow_label
+        [first32].pack('N') << to_a[3..-1].map { |field| field.to_s }.join
+      end
+    end
+
+    Eth.bind_header IPv6, proto: 0x86DD
+    IP.bind_header IPv6, proto: 41    # 6to4
+  end
+end

data/lib/packetgen/header/udp.rb

@@ -0,0 +1,133 @@
+module PacketGen
+  module Header
+
+    # UDP header class
+    # @author Sylvain Daubert
+    class UDP < Struct.new(:sport, :dport, :length, :sum, :body)
+      include StructFu
+      include HeaderMethods
+      extend HeaderClassMethods
+
+      # IP protocol number for UDP
+      IP_PROTOCOL = 17
+
+      # @param [Hash] options
+      # @option options [Integer] :sport source port
+      # @option options [Integer] :dport destination port
+      # @option options [Integer] :length UDP length. Default: calculated
+      # @option options [Integer] :sum. UDP checksum. Default: 0
+      def initialize(options={})
+        super Int16.new(options[:sport]),
+              Int16.new(options[:dport]),
+              Int16.new(options[:length]),
+              Int16.new(options[:sum]),
+              StructFu::String.new.read(options[:body])
+        unless options[:length]
+          calc_length
+        end
+      end
+
+      # Read a IP header from a string
+      # @param [String] str binary string
+      # @return [self]
+      def read(str)
+        return self if str.nil?
+        raise ParseError, 'string too short for Eth' if str.size < self.sz
+        force_binary str
+        self[:sport].read str[0, 2]
+        self[:dport].read str[2, 2]
+        self[:length].read str[4, 2]
+        self[:sum].read str[6, 2]
+        self[:body].read str[8..-1]
+      end
+
+      # Compute checksum and set +sum+ field
+      # @return [Integer]
+      def calc_sum
+        ip = ip_header(self)
+        sum = ip[:src].to_i >> 16
+        sum += ip[:src].to_i & 0xffff
+        sum += ip[:dst].to_i >> 16
+        sum += ip[:dst].to_i & 0xffff
+        sum += IP_PROTOCOL
+        sum += length
+        sum += sport
+        sum += dport
+        sum += length
+        payload = body.to_s
+        payload << "\x00" unless payload.size % 2 == 0
+        payload.unpack('n*').each { |x| sum += x }
+
+        while sum > 0xffff do
+          sum = (sum & 0xffff) + (sum >> 16)
+        end
+        sum = ~sum & 0xffff
+        self[:sum].value = (sum == 0) ? 0xffff : sum
+      end
+
+      # Compute length and set +length+ field
+      # @return [Integer]
+      def calc_length
+        self[:length].value = self.sz
+      end
+
+      # Getter for source port
+      # @return [Integer]
+      def sport
+        self[:sport].to_i
+      end
+      alias :source_port :sport
+
+      # Setter for source port
+      # @param [Integer] port
+      # @return [Integer]
+      def sport=(port)
+        self[:sport].read port
+      end
+      alias :source_port= :sport=
+
+      # Getter for destination port
+      # @return [Integer]
+      def dport
+        self[:dport].to_i
+      end
+      alias :destination_port :dport
+
+      # Setter for destination port
+      # @param [Integer] port
+      # @return [Integer]
+      def dport=(port)
+        self[:dport].read port
+      end
+      alias :destination_port= :dport=
+
+      # Getter for length attribuute
+      # @return [Integer]
+      def length
+        self[:length].to_i
+      end
+
+      # Setter for length attribuute
+      # @param [Integer] port
+      # @return [Integer]
+      def length=(len)
+        self[:length].read len
+      end
+
+      # Getter for sum attribuute
+      # @return [Integer]
+      def sum
+        self[:sum].to_i
+      end
+
+      # Setter for sum attribuute
+      # @param [Integer] sum
+      # @return [Integer]
+      def sum=(sum)
+        self[:sum].read sum
+      end
+    end
+
+    IP.bind_header UDP, proto: UDP::IP_PROTOCOL
+  end
+end

data/lib/packetgen/packet.rb

@@ -0,0 +1,357 @@
+require 'pcaprub'
+
+module PacketGen
+
+  # An object of type {Packet} handles a network packet. This packet may contain
+  # multiple protocol headers, starting from MAC layer or from Network (OSI) layer.
+  #
+  # Creating a packet is fairly simple:
+  #  Packet.gen 'IP', src: '192.168.1.1', dst: '192.168.1.2'
+  #
+  # == Create a packet
+  # Packets may be hand-made or parsed from a binary string:
+  #  Packet.gen('IP', src: '192.168.1.1', dst: '192.168.1.2').add('UDP', sport: 45000, dport: 23)
+  #  Packet.parse(binary_string)
+  #
+  # == Access packet information
+  #  pkt = Packet.gen('IP').add('UDP')
+  #  # read information
+  #  pkt.udp.sport
+  #  pkt.ip.ttl
+  #  # set information
+  #  pkt.udp.dport = 2323
+  #  pkt.ip.ttl = 1
+  #  pkt.ip(ttl: 1, id: 1234)
+  #
+  # == Save a packet to a file
+  #  pkt.write('file.pcapng')
+  #
+  # == Get packets
+  # Packets may be captured from wire:
+  #  Packet.capture('eth0') do |packet|
+  #    do_some_stuffs
+  #  end
+  #  packets = Packet.capture('eth0', max: 5)  # get 5 packets
+  #
+  # Packets may also be read from a file:
+  #  packets = Packet.read(file.pcapng)
+  #
+  # == Save packets to a file
+  #  Packet.write 'file.pcapng', packets
+  class Packet
+    # @return [Array<Header::Base]
+    attr_reader :headers
+
+    # @private maximum number of characters on a line for INSPECT
+    INSPECT_MAX_WIDTH = 70
+
+    # Create a new Packet
+    # @param [String] protocol base protocol for packet
+    # @param [Hash] options specific options for +protocol+
+    # @return [Packet]
+    def self.gen(protocol, options={})
+      self.new.add protocol, options
+    end
+
+    # Parse a binary string and generate a Packet from it.
+    #   # auto-detect first header
+    #   Packet.parse str
+    #   # force decoding a Ethernet header for first header
+    #   Packet.parse str, first_header: 'Eth'
+    # @param [String] binary_str
+    # @param [String,nil] first_header First protocol header. +nil+ means discover it!
+    # @return [Packet]
+    # @raise [ArgumentError] +first_header+ is an unknown header
+    def self.parse(binary_str, first_header: nil)
+      pkt = new
+
+      if first_header.nil?
+        # No decoding forced for first header. Have to guess it!
+        Header.all.each do |hklass|
+          hdr = hklass.new
+          hdr.read binary_str
+          # First header is found when:
+          # * for one known header,
+          # * it exists a known binding with a upper header
+          hklass.known_headers.each do |nh, binding|
+            if hdr.send(binding.key) == binding.value
+              first_header = hklass.to_s.gsub(/.*::/, '')
+              break
+            end
+          end
+          break unless first_header.nil?
+        end
+        if first_header.nil?
+          raise ParseError, 'cannot identify first header in string'
+        end
+      end
+
+      pkt.add(first_header)
+      pkt.headers.last.read binary_str
+
+      # Decode upper headers recursively
+      decode_packet_bottom_up = true
+      while decode_packet_bottom_up do
+        last_known_hdr = pkt.headers.last
+        last_known_hdr.class.known_headers.each do |nh, binding|
+          if last_known_hdr.send(binding.key) == binding.value
+            str = last_known_hdr.body
+            pkt.add nh.to_s.gsub(/.*::/, '')
+            pkt.headers.last.read str
+            break
+          end
+        end
+        decode_packet_bottom_up = (pkt.headers.last != last_known_hdr)
+      end
+
+      pkt
+    end
+
+    # Capture packets from +iface+
+    # @param [String] iface interface name
+    # @param [Hash] options capture options
+    # @option options [Integer] :max maximum number of packets to capture
+    # @option options [Integer] :timeout maximum number of seconds before end
+    #    of capture
+    # @option options [String] :filter bpf filter
+    # @option options [Boolean] :promiscuous
+    # @yieldparam [Packet] packet if a block is given, yield each captured packet
+    # @return [Array<Packet>] captured packet
+    def self.capture(iface, options={})
+      capture = Capture.new(iface, options)
+      if block_given?
+        capture.start { |packet| yield packet }
+      else
+        capture.start
+      end
+      capture.packets
+    end
+
+    # Read packets from +filename+.
+    #
+    # For more control, see {PcapNG::File}.
+    # @param [String] filename PcapNG file
+    # @return [Array<Packet>]
+    def self.read(filename)
+      PcapNG::File.new.read_packets filename
+    end
+
+    # Write packets to +filename+
+    #
+    # For more options, see {PcapNG::File}.
+    # @param [String] filename
+    # @param [Array<Packet>] packets packets to write
+    # @return [void]
+    def self.write(filename, packets)
+      pf = PcapNG::File.new
+      pf.array_to_file packets
+      pf.to_f filename
+    end
+
+    # @private
+    def initialize
+      @headers = []
+    end
+
+    # Add a protocol on packet stack
+    # @param [String] protocol
+    # @param [Hash] options protocol specific options
+    # @return [self]
+    # @raise [ArgumentError] unknown protocol
+    def add(protocol, options={})
+      klass = check_protocol(protocol)
+
+      header = klass.new(options)
+      prev_header = @headers.last
+      if prev_header
+        binding = prev_header.class.known_headers[klass]
+        if binding.nil?
+          msg = "#{prev_header.class} knowns no layer association with #{protocol}. "
+          msg << "Try #{prev_header.class}.bind_layer(PacketGen::Header::#{protocol}, "
+          msg << "#{prev_header.class.to_s.gsub(/(.*)::/, '').downcase}_proto_field: "
+          msg << "value_for_#{protocol.downcase})"
+          raise ArgumentError, msg
+        end
+        prev_header[binding.key].read binding.value
+        prev_header.body = header
+      end
+      header.packet = self
+      @headers << header
+      unless respond_to? protocol.downcase
+        self.class.class_eval "def #{protocol.downcase}(arg=nil);" \
+                              "header('#{protocol}', arg); end"
+      end
+      self
+    end
+
+    # Check if a protocol header is embedded in packet
+    # @return [Boolean]
+    # @raise [ArgumentError] unknown protocol
+    def is?(protocol)
+      klass = check_protocol protocol
+      @headers.any? { |h| h.is_a? klass }
+    end
+
+    # Recalculate all packet checksums
+    # @return [void]
+    def calc_sum
+      @headers.reverse.each do |header|
+        header.calc_sum if header.respond_to? :calc_sum
+      end
+    end
+
+    # Recalculate all packet length fields
+    # @return [void]
+    def calc_length
+      @headers.each do |header|
+        header.calc_length if header.respond_to? :calc_length
+      end
+    end
+
+    # Recalculate all calculatable fields (for now: length and sum)
+    # @return [void]
+    def calc
+      calc_sum
+      calc_length
+    end
+
+    # Get packet body
+    # @return [StructFu]
+    def body
+      @headers.last.body
+    end
+
+    # Set packet body
+    # @param [String]
+    # @return [void]
+    def body=(str)
+      @headers.last.body = str
+    end
+
+    # Get binary string
+    # @return [String]
+    def to_s
+      @headers.first.to_s
+    end
+
+    # Write a PCapNG file to disk.
+    # @param [String] filename
+    # @return [Array] see return from {PcapNG::File#to_file}
+    # @see File
+    def to_f(filename)
+      File.new.array_to_file(filename: filename, array: [self])
+    end
+    alias :write :to_f
+
+    # send packet on wire. Use first header +#to_w+ method.
+    # @param [String] iface interface name. Default to first non-loopback interface
+    # @return [void]
+    def to_w(iface=nil)
+      iface ||= PacketGen.default_iface
+      if @headers.first.respond_to? :to_w
+        @headers.first.to_w(iface)
+      else
+        type = @headers.first.class.to_s.gsub(/.*::/, '')
+        raise WireError, "don't known how to send a #{type} packet on wire"
+      end
+    end
+
+    # @return [String]
+    def inspect
+      str = dashed_line(self.class)
+      @headers.each do |header|
+        str << dashed_line(header.class, 2)
+        header.to_h.each do |attr, value|
+          next if attr == :body
+          str << inspect_line(attr, value, 2)
+        end
+      end
+      str << inspect_body
+    end
+
+    # @param [Packet] other
+    # @return [Boolean]
+    def ==(other)
+      to_s == other.to_s
+    end
+
+    private
+
+    # @overload header(protocol, layer=1)
+    #  @param [String] protocol
+    #  @param [Integer] layer
+    # @overload header(protocol, options)
+    #  @param [String] protocol
+    #  @param [Hash] options
+    # @return [Header::Base]
+    # @raise [ArgumentError] unknown protocol
+    def header(protocol, arg)
+      klass = check_protocol protocol
+
+      headers = @headers.select { |h| h.is_a? klass }
+      layer = arg.is_a?(Integer) ? arg : 1
+      header = headers[layer - 1]
+
+      if arg.is_a? Hash
+        arg.each do |key, value|
+          unless header.respond_to? "#{key}="
+            raise ArgumentError, "unknown #{key} attribute for #{header.class}"
+          end
+          header.send "#{key}=", value
+        end
+      end
+
+      header
+    end
+
+    # check if protocol is known
+    # @param [String] protocol
+    # @raise [ArgumentError] unknown protocol
+    def check_protocol(protocol)
+      unless Header.const_defined? protocol
+        raise ArgumentError, "unknown #{protocol} protocol"
+      end
+      klass = Header.const_get(protocol)
+      raise ArgumentError, "unknown #{protocol} protocol" unless klass.is_a? Class
+      klass
+    end
+
+    def dashed_line(name, level=1)
+      str = '--' * level << " #{name} "
+      str << '-' * (INSPECT_MAX_WIDTH - str.length) << "\n"
+    end
+
+    def inspect_line(attr, value, level=1)
+      str = '  ' + '  ' * level
+      val = if value.is_a? StructFu::Int
+              sz = value.to_s.size
+              "%-10s (0x%0#{2*sz}x)" % [value.to_i, value.to_i]
+            elsif value.respond_to? :to_x
+              value.to_x
+            else
+              value.to_s
+            end
+      str << "%7s %10s: %s" % [value.class.to_s.sub(/.*::/, ''), attr, val]
+      str << "\n"
+    end
+
+    def inspect_body
+      str = dashed_line('Body', 2)
+      str << (0..15).to_a.map { |v| " %02d" % v}.join << "\n"
+      str << '-' * INSPECT_MAX_WIDTH << "\n"
+      if body.size > 0
+        (body.size / 16 + 1).times do |i|
+          octets = body.to_s[i*16, 16].unpack('C*')
+          o_str = octets.map { |v| " %02x" % v}.join
+          str << o_str
+          str << ' ' * (3*16 - o_str.size) unless o_str.size >= 3*16
+          str << '  ' << octets.map { |v| v < 128 && v > 13 ? v.chr : '.' }.join
+          str << "\n"
+        end
+      end
+      str << '-' * INSPECT_MAX_WIDTH << "\n"
+    end
+  end
+end
+
+require_relative 'header'