RubyGems - packetgen - Versions diffs - 2.8.7 → 3.0.0 - Mend

packetgen 2.8.7 → 3.0.0

Files changed (89) hide show

checksums.yaml +4 -4
data/.rubocop.yml +0 -1
data/README.md +5 -4
data/lib/packetgen.rb +6 -12
data/lib/packetgen/capture.rb +43 -39
data/lib/packetgen/config.rb +0 -1
data/lib/packetgen/deprecation.rb +1 -1
data/lib/packetgen/header.rb +9 -9
data/lib/packetgen/header/asn1_base.rb +10 -10
data/lib/packetgen/header/base.rb +42 -101
data/lib/packetgen/header/dhcp/option.rb +5 -11
data/lib/packetgen/header/dhcpv6/duid.rb +2 -0
data/lib/packetgen/header/dhcpv6/option.rb +2 -19
data/lib/packetgen/header/dhcpv6/options.rb +7 -0
data/lib/packetgen/header/dns.rb +5 -23
data/lib/packetgen/header/dns/name.rb +1 -0
data/lib/packetgen/header/dns/qdsection.rb +1 -0
data/lib/packetgen/header/dns/question.rb +3 -7
data/lib/packetgen/header/dns/rr.rb +3 -0
data/lib/packetgen/header/dns/rrsection.rb +1 -0
data/lib/packetgen/header/dot11.rb +1 -17
data/lib/packetgen/header/dot1x.rb +1 -0
data/lib/packetgen/header/eap.rb +4 -7
data/lib/packetgen/header/eth.rb +2 -0
data/lib/packetgen/header/http/headers.rb +3 -0
data/lib/packetgen/header/http/request.rb +5 -4
data/lib/packetgen/header/http/response.rb +5 -4
data/lib/packetgen/header/icmp.rb +6 -0
data/lib/packetgen/header/icmpv6.rb +6 -0
data/lib/packetgen/header/igmpv3/mq.rb +2 -0
data/lib/packetgen/header/ip.rb +32 -30
data/lib/packetgen/header/ip/addr.rb +1 -0
data/lib/packetgen/header/ip/option.rb +23 -20
data/lib/packetgen/header/ip/options.rb +11 -24
data/lib/packetgen/header/ipv6.rb +45 -34
data/lib/packetgen/header/ipv6/addr.rb +2 -0
data/lib/packetgen/header/ipv6/hop_by_hop.rb +7 -31
data/lib/packetgen/header/mdns.rb +1 -0
data/lib/packetgen/header/mldv2/mlq.rb +2 -0
data/lib/packetgen/header/ospfv2/lsa.rb +15 -25
data/lib/packetgen/header/ospfv3/ipv6_prefix.rb +1 -1
data/lib/packetgen/header/ospfv3/lsa.rb +8 -25
data/lib/packetgen/header/snmp.rb +2 -0
data/lib/packetgen/header/tcp.rb +23 -2
data/lib/packetgen/header/tcp/option.rb +51 -52
data/lib/packetgen/header/tcp/options.rb +17 -52
data/lib/packetgen/header/tftp.rb +3 -0
data/lib/packetgen/header/udp.rb +8 -0
data/lib/packetgen/packet.rb +119 -102
data/lib/packetgen/pcapng/block.rb +4 -10
data/lib/packetgen/pcapng/epb.rb +4 -4
data/lib/packetgen/pcapng/file.rb +7 -3
data/lib/packetgen/pcapng/idb.rb +2 -2
data/lib/packetgen/pcapng/shb.rb +3 -3
data/lib/packetgen/pcapng/spb.rb +1 -8
data/lib/packetgen/pcapng/unknown_block.rb +0 -7
data/lib/packetgen/types.rb +1 -0
data/lib/packetgen/types/array.rb +73 -71
data/lib/packetgen/types/cstring.rb +1 -1
data/lib/packetgen/types/enum.rb +3 -3
data/lib/packetgen/types/fields.rb +66 -106
data/lib/packetgen/types/int.rb +9 -5
data/lib/packetgen/types/length_from.rb +45 -0
data/lib/packetgen/types/oui.rb +2 -0
data/lib/packetgen/types/string.rb +10 -16
data/lib/packetgen/types/tlv.rb +7 -15
data/lib/packetgen/utils.rb +8 -8
data/lib/packetgen/utils/arp_spoofer.rb +1 -2
data/lib/packetgen/version.rb +1 -1
metadata +3 -21
data/lib/packetgen/header/crypto.rb +0 -62
data/lib/packetgen/header/esp.rb +0 -413
data/lib/packetgen/header/ike.rb +0 -243
data/lib/packetgen/header/ike/auth.rb +0 -165
data/lib/packetgen/header/ike/cert.rb +0 -76
data/lib/packetgen/header/ike/certreq.rb +0 -66
data/lib/packetgen/header/ike/id.rb +0 -99
data/lib/packetgen/header/ike/ke.rb +0 -79
data/lib/packetgen/header/ike/nonce.rb +0 -40
data/lib/packetgen/header/ike/notify.rb +0 -176
data/lib/packetgen/header/ike/payload.rb +0 -315
data/lib/packetgen/header/ike/sa.rb +0 -561
data/lib/packetgen/header/ike/sk.rb +0 -261
data/lib/packetgen/header/ike/ts.rb +0 -270
data/lib/packetgen/header/ike/vendor_id.rb +0 -39
data/lib/packetgen/header/netbios.rb +0 -20
data/lib/packetgen/header/netbios/datagram.rb +0 -105
data/lib/packetgen/header/netbios/name.rb +0 -67
data/lib/packetgen/header/netbios/session.rb +0 -64

data/lib/packetgen/header/ike/sk.rb DELETED Viewed

@@ -1,261 +0,0 @@
-# coding: utf-8
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    class IKE
-      # This class handles encrypted payloads, denoted SK.
-      #
-      # The encrypted payload contains other payloads in encrypted form.
-      # The Encrypted payload consists of the IKE generic payload header followed
-      # by individual fields as follows:
-      #                        1                   2                   3
-      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |                     Initialization Vector                     |
-      #   |         (length is block size for encryption algorithm)       |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   ~                    Encrypted IKE Payloads                     ~
-      #   +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |               |             Padding (0-255 octets)            |
-      #   +-+-+-+-+-+-+-+-+                               +-+-+-+-+-+-+-+-+
-      #   |                                               |  Pad Length   |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   ~                    Integrity Checksum Data                    ~
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      # Encrypted payloads are set in {#content} field, as a {Types::String}.
-      # All others fields are only set when decrypting a previously read SK
-      # payload. They also may be set manually to encrypt IKE payloads.
-      #
-      # == Read and decrypt a SK payload
-      #   # Read a IKE packet
-      #   pkt = PacketGen.read(str)
-      #   # decrypt SK payload
-      #   cipher = OpenSSL::Cipher.new('aes-128-ctr')
-      #   cipher.decrypt
-      #   cipher_key = aes_key
-      #   hmac = OpenSSL::HMAC.new(hmac_key, OpenSSL::Digest::SHA256.new)
-      #   pkt.ike_sk.decrypt! cipher, intmode: hmac, icv_length: 16   # => true if authentication is verified
-      #   pkt.ike_sk.body       # => kind of PacketGen::Header::IKE::Payload
-      #
-      # == Set and encrypt a SK payload
-      #   # Create a IKE packet
-      #   pkt = PacketGen.gen('IP').add('IP').add('UDP').add('IKE', init_spi: 0x123456789, resp_spi: 0x987654321, type: 'IKE_AUTH', message_id: 1)
-      #   # Add SK payload
-      #   pkt.add('IKE::SK', icv_length: 16)
-      #   # Add others unencrypted payloads
-      #   pkt.add('IKE::IDi').add('IKE::Auth').add('IKE::SA').add('IKE::TSi').add('IKE::TSr')
-      #   # encrypt SK payload
-      #   cipher = OpenSSL::Cipher.new('aes-128-ctr')
-      #   cipher.encrypt
-      #   cipher_key = aes_key
-      #   hmac = OpenSSL::HMAC.new(hmac_key, OpenSSL::Digest::SHA256.new)
-      #   pkt.ike_sk.encrypt! cipher, iv, salt: salt, intmode: hmac
-      #   pkt.ike_sk.body       # => String
-      #   pkt.calc_length
-      #
-      # @author Sylvain Daubert
-      class SK < Payload
-        include Crypto
-        # Payload type number
-        PAYLOAD_TYPE = 46
-        # ICV (Integrity Check Value) length
-        # @return [Integer]
-        attr_accessor :icv_length
-        # @param [Hash] options
-        # @option options [Integer] :icv_length ICV length
-        def initialize(options={})
-          @icv_length = options[:icv_length] || 0
-          super
-        end
-        # Decrypt in-place SK payload.
-        # @param [OpenSSL::Cipher] cipher keyed cipher
-        #   This cipher is confidentiality-only one, or AEAD one. To use a second
-        #   cipher to add integrity, use +:intmode+ option.
-        # @param [Hash] options
-        # @option options [Boolean] :parse parse deciphered payload to retrieve
-        #   headers (default: +true+)
-        # @option options [Fixnum] :icv_length ICV length for captured packets,
-        #   or read from PCapNG files
-        # @option options [String] :salt salt value for CTR and GCM modes
-        # @option options [OpenSSL::HMAC] :intmode integrity mode to use with a
-        #   confidentiality-only cipher. Only HMAC are supported.
-        # @return [Boolean] +true+ if SK payload is authenticated
-        def decrypt!(cipher, options={})
-          opt = { salt: '', parse: true }.merge!(options)
-          set_crypto cipher, opt[:intmode]
-          case confidentiality_mode
-          when 'gcm'
-            iv = self.content.slice!(0, 8)
-            real_iv = force_binary(opt[:salt]) + iv
-          when 'cbc'
-            cipher.padding = 0
-            real_iv = iv = self.content.slice!(0, 16)
-          when 'ctr'
-            iv = self.content.slice!(0, 8)
-            real_iv = force_binary(opt[:salt]) + iv + [1].pack('N')
-          else
-            real_iv = iv = self.content.slice!(0, 16)
-          end
-          cipher.iv = real_iv
-          if authenticated?
-            if @icv_length.zero?
-              @icv_length = opt[:icv_length].to_i if opt[:icv_length]
-              raise ParseError, 'unknown ICV size' if @icv_length.zero?
-            end
-            icv = self.content.slice!(-@icv_length, @icv_length)
-          end
-          authenticate_if_needed iv, icv
-          private_decrypt opt
-        end
-        # Encrypt in-place SK payload.
-        # @param [OpenSSL::Cipher] cipher keyed cipher
-        #   This cipher is confidentiality-only one, or AEAD one. To use a second
-        #   cipher to add integrity, use +:intmode+ option.
-        # @param [String] iv IV to encipher SK payload content
-        #   * CTR and GCM modes: +iv+ is 8-bytes long.
-        # @param [Hash] options
-        # @option options [Fixnum] :icv_length ICV length for captured packets,
-        #   or read from PCapNG files
-        # @option options [String] :salt salt value for CTR and GCM modes
-        # @option options [Fixnum] :pad_length set a padding length
-        # @option options [String] :padding set a padding. No check with
-        #   +:pad_length+ is made. If +:pad_length+ is not set, +:padding+
-        #   length is shortened to correct padding length
-        # @option options [OpenSSL::HMAC] :intmode integrity mode to use with a
-        #   confidentiality-only cipher. Only HMAC are supported.
-        # @return [self]
-        def encrypt!(cipher, iv, options={})
-          opt = { salt: '' }.merge!(options)
-          set_crypto cipher, opt[:intmode]
-          real_iv = force_binary(opt[:salt]) + force_binary(iv)
-          real_iv += [1].pack('N') if confidentiality_mode == 'ctr'
-          cipher.iv = real_iv
-          authenticate_if_needed iv
-          if opt[:pad_length]
-            pad_length = opt[:pad_length]
-            padding = force_binary(opt[:padding] || ([0] * pad_length).pack('C*'))
-          else
-            pad_length = cipher.block_size
-            pad_length = 16 if cipher.block_size == 1 # Some AES mode returns 1...
-            pad_length -= (self.body.sz + iv.size + 1) % cipher.block_size
-            pad_length = 0 if pad_length == 16
-            padding = force_binary(opt[:padding] || ([0] * pad_length).pack('C*'))
-            padding = padding[0, pad_length]
-          end
-          msg = self.body.to_s + padding + Types::Int8.new(pad_length).to_s
-          encrypted_msg = encipher(msg)
-          cipher.final # message is already padded. No need for mode padding
-          if authenticated?
-            @icv_length = opt[:icv_length] if opt[:icv_length]
-            encrypted_msg << if @conf.authenticated?
-                               @conf.auth_tag[0, @icv_length]
-                             else
-                               @intg.digest[0, @icv_length]
-                             end
-          end
-          self[:content].read(iv + encrypted_msg)
-          # Remove plain payloads
-          self[:body] = Types::String.new
-          # Remove enciphered payloads from packet
-          id = header_id(self)
-          if id < packet.headers.size - 1
-            (packet.headers.size - 1).downto(id + 1) do |index|
-              packet.headers.delete_at index
-            end
-          end
-          self.calc_length
-          self
-        end
-        private
-        def authenticate_if_needed(iv, icv=nil)
-          if @conf.authenticated?
-            @conf.auth_tag = icv if icv
-            @conf.auth_data = get_ad
-          elsif @intg
-            @intg.reset
-            @intg.update get_ad
-            @intg.update iv
-            @icv = icv
-          else
-            @icv = nil
-          end
-        end
-        # From RFC 7206, §5.1: The associated data MUST consist of the partial
-        # contents of the IKEv2 message, starting from the first octet of the
-        # Fixed IKE Header through the last octet of the Payload Header of the
-        # Encrypted Payload (i.e., the fourth octet of the Encrypted Payload).
-        def get_ad
-          str = packet.ike.to_s[0, IKE.new.sz]
-          current_payload = packet.ike.body
-          until current_payload.is_a? SK
-            str << current_payload.to_s[0, current_payload.length]
-            current_payload = current_payload.body
-          end
-          str << self.to_s[0, SK.new.sz]
-        end
-        def private_decrypt(options)
-          # decrypt
-          plain_msg = decipher(content.to_s)
-          # Remove cipher text
-          self.content.read ''
-          # check authentication tag
-          if authenticated?
-            return false unless authenticate!
-          end
-          # remove padding
-          pad_len = Types::Int8.new.read(plain_msg[-1]).to_i
-          payloads = plain_msg[0, plain_msg.size - 1 - pad_len]
-          # parse IKE payloads
-          if options[:parse]
-            klass = IKE.constants.select do |c|
-              cst = IKE.const_get(c)
-              cst.is_a?(Class) && (cst < Payload) && (cst::PAYLOAD_TYPE == self.next)
-            end
-            klass = klass.nil? ? Payload : IKE.const_get(klass.first)
-            firsth = klass.protocol_name
-            pkt = Packet.parse(payloads, first_header: firsth)
-            packet.encapsulate(pkt, parsing: true) unless pkt.nil?
-          else
-            self[:body].read payloads
-          end
-          true
-        end
-      end
-    end
-    self.add_class IKE::SK
-  end
-end

data/lib/packetgen/header/ike/ts.rb DELETED Viewed

@@ -1,270 +0,0 @@
-# coding: utf-8
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    class IKE
-      # TrafficSelector substructure, as defined in RFC 7296, §3.13.1:
-      #                        1                   2                   3
-      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |   TS Type     |IP Protocol ID*|       Selector Length         |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |           Start Port*         |           End Port*           |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |                                                               |
-      #   ~                         Starting Address*                     ~
-      #   |                                                               |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |                                                               |
-      #   ~                         Ending Address*                       ~
-      #   |                                                               |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      # @author Sylvain Daubert
-      class TrafficSelector < Types::Fields
-        # IPv4 traffic selector type
-        TS_IPV4_ADDR_RANGE = 7
-        # IPv6 traffic selector type
-        TS_IPV6_ADDR_RANGE = 8
-        # @!attribute [r] type
-        #  8-bit TS type
-        #  @return [Integer]
-        define_field :type, Types::Int8, default: 7
-        # @!attribute [r] protocol
-        #  8-bit protocol ID
-        #  @return [Integer]
-        define_field :protocol, Types::Int8, default: 0
-        # @!attribute length
-        #  16-bit Selector Length
-        #  @return [Integer]
-        define_field :length, Types::Int16
-        # @!attribute start_port
-        #  16-bit Start port
-        #  @return [Integer]
-        define_field :start_port, Types::Int16, default: 0
-        # @!attribute end_port
-        #  16-bit End port
-        #  @return [Integer]
-        define_field :end_port, Types::Int16, default: 65_535
-        # @!attribute start_addr
-        #  starting address
-        #  @return [IP::Addr, IPv6::Addr]
-        define_field :start_addr, IP::Addr
-        # @!attribute end_addr
-        #  starting address
-        #  @return [IP::Addr, IPv6::Addr]
-        define_field :end_addr, IP::Addr
-        # @param [Hash] options
-        # @option [Range] :ports port range
-        # @option [Integer] :start_port start port
-        # @option [Integer] :end_port end port
-        def initialize(options={})
-          super
-          select_addr options
-          self[:start_addr].from_human(options[:start_addr]) if options[:start_addr]
-          self[:end_addr].from_human(options[:end_addr]) if options[:end_addr]
-          self[:length].value = sz unless options[:length]
-          self.type = options[:type] if options[:type]
-          self.protocol = options[:protocol] if options[:protocol]
-          return unless options[:ports]
-          self.start_port = options[:ports].begin
-          self.end_port = options[:ports].end
-        end
-        # Populate object from a string
-        # @param [String] str
-        # @return [self]
-        def read(str)
-          super
-          select_addr_from_type type
-          super
-        end
-        # Set type
-        # @param [Integer,String] value
-        # @return [Integer]
-        def type=(value)
-          type = case value
-                 when Integer
-                   value
-                 else
-                   c = self.class.constants.grep(/TS_#{value.upcase}/).first
-                   c ? self.class.const_get(c) : nil
-                 end
-          raise ArgumentError, "unknown type #{value.inspect}" unless type
-          select_addr_from_type type
-          self[:type].value = type
-        end
-        # Set protocol
-        # @param [Integer,String] value
-        # @return [Integer]
-        def protocol=(value)
-          protocol = case value
-                     when Integer
-                       value
-                     else
-                       Proto.getprotobyname(value)
-                     end
-          raise ArgumentError, "unknown protocol #{value.inspect}" unless protocol
-          self[:protocol].value = protocol
-        end
-        # Get a human readable string
-        # @return [String]
-        def to_human
-          h = start_addr << '-' << end_addr
-          unless human_protocol.empty?
-            h << "/#{human_protocol}"
-            h << "[#{start_port}-#{end_port}]" if (start_port..end_port) != (0..65_535)
-          end
-          h
-        end
-        # Get human readable protocol name. If protocol ID is 0, an empty string
-        # is returned.
-        # @return [String]
-        def human_protocol
-          if protocol.zero?
-            ''
-          else
-            Proto.getprotobynumber(protocol) || protocol.to_s
-          end
-        end
-        # Get human readable TS type
-        # @return [String]
-        def human_type
-          case type
-          when TS_IPV4_ADDR_RANGE
-            'IPv4'
-          when TS_IPV6_ADDR_RANGE
-            'IPv6'
-          else
-            "type #{type}"
-          end
-        end
-        private
-        def select_addr_from_type(type)
-          case type
-          when TS_IPV4_ADDR_RANGE, 'IPV4', 'IPv4', 'ipv4', nil
-            self[:start_addr] = IP::Addr.new unless self[:start_addr].is_a?(IP::Addr)
-            self[:end_addr] = IP::Addr.new unless self[:end_addr].is_a?(IP::Addr)
-          when TS_IPV6_ADDR_RANGE, 'IPV6', 'IPv6', 'ipv6'
-            self[:start_addr] = IPv6::Addr.new unless self[:start_addr].is_a?(IPv6::Addr)
-            self[:end_addr] = IPv6::Addr.new unless self[:end_addr].is_a?(IPv6::Addr)
-          else
-            raise ArgumentError, "unknown type #{type}"
-          end
-        end
-        def select_addr(options)
-          if options[:type]
-            select_addr_from_type options[:type]
-          elsif options[:start_addr]
-            ipv4 = IPAddr.new(options[:start_addr]).ipv4?
-            self.type = ipv4 ? TS_IPV4_ADDR_RANGE : TS_IPV6_ADDR_RANGE
-          elsif options[:end_addr]
-            ipv4 = IPAddr.new(options[:end_addr]).ipv4?
-            self.type = ipv4 ? TS_IPV4_ADDR_RANGE : TS_IPV6_ADDR_RANGE
-          end
-        end
-      end
-      # Set of {TrafficSelector}, used by {TSi} and {TSr}.
-      # @author Sylvain Daubert
-      class TrafficSelectors < Types::Array
-        set_of TrafficSelector
-      end
-      # This class handles Traffic Selector - Initiator payloads, denoted TSi.
-      #
-      # A TSi payload consists of the IKE generic payload header (see {Payload})
-      # and some specific fields:
-      #                        1                   2                   3
-      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Number of TSs |                 RESERVED                      |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |                                                               |
-      #   ~                       <Traffic Selectors>                     ~
-      #   |                                                               |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      # These specific fields are:
-      # * {#num_ts},
-      # * {#rsv1},
-      # * {#rsv2},
-      # * and {#traffic_selectors}.
-      #
-      # == Create a TSi payload
-      #  # Create a IKE packet with a TSi payload
-      #  pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::TSi')
-      #  # add a traffic selector to this payload
-      #  pkt.ike_tsi.traffic_selectors << { protocol: 'tcp', ports: 1..1024, start_addr: '20.0.0.1', end_addr: '21.255.255.254' }
-      #  # add another traffic selector (IPv6, all protocols)
-      #  pkt.ike_tsi.traffic_selectors << { start_addr: '2001::1', end_addr: '200a:ffff:ffff:ffff:ffff:ffff:ffff:ffff' }
-      # @author Sylvain Daubert
-      class TSi < Payload
-        # Payload type number
-        PAYLOAD_TYPE = 44
-        remove_field :content
-        # @!attribute num_ts
-        #   8-bit Number of TSs
-        #   @return [Integer]
-        define_field_before :body, :num_ts, Types::Int8
-        # @!attribute rsv
-        #   24-bit RESERVED field
-        #   @return [Integer]
-        define_field_before :body, :rsv, Types::Int24
-        # @!attribute traffic_selectors
-        #  Set of {TrafficSelector}
-        #  @return {TrafficSelectors}
-        define_field_before :body, :traffic_selectors, TrafficSelectors,
-                            builder: ->(h, t) { t.new(counter: h[:num_ts]) }
-        alias selectors traffic_selectors
-        # Populate object from a string
-        # @param [String] str
-        # @return [self]
-        def read(str)
-          super(str[0, 8])
-          hlen = self.class.new.sz
-          tslen = length - hlen
-          selectors.read str[hlen, tslen]
-          body.read str[hlen + tslen..-1]
-          self
-        end
-        # Compute length and set {#length} field
-        # @return [Integer] new length
-        def calc_length
-          selectors.each(&:calc_length)
-          super
-        end
-      end
-      class TSr < TSi
-        # Payload type number
-        PAYLOAD_TYPE = 45
-      end
-    end
-    self.add_class IKE::TSi
-    self.add_class IKE::TSr
-  end
-end