pcapr-local 0.1.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.document +5 -0
- data/LICENSE.txt +20 -0
- data/README.md +64 -0
- data/Rakefile +57 -0
- data/VERSION +1 -0
- data/bin/pcap2par +49 -0
- data/bin/startpcapr +40 -0
- data/bin/stoppcapr +33 -0
- data/bin/xtractr +5 -0
- data/lib/environment.rb +106 -0
- data/lib/exe/xtractr +0 -0
- data/lib/mu/pcap.rb +110 -0
- data/lib/mu/pcap/ethernet.rb +148 -0
- data/lib/mu/pcap/header.rb +75 -0
- data/lib/mu/pcap/io_pair.rb +67 -0
- data/lib/mu/pcap/io_wrapper.rb +76 -0
- data/lib/mu/pcap/ip.rb +61 -0
- data/lib/mu/pcap/ipv4.rb +257 -0
- data/lib/mu/pcap/ipv6.rb +148 -0
- data/lib/mu/pcap/packet.rb +104 -0
- data/lib/mu/pcap/pkthdr.rb +155 -0
- data/lib/mu/pcap/reader.rb +61 -0
- data/lib/mu/pcap/reader/http_family.rb +170 -0
- data/lib/mu/pcap/sctp.rb +367 -0
- data/lib/mu/pcap/sctp/chunk.rb +123 -0
- data/lib/mu/pcap/sctp/chunk/data.rb +134 -0
- data/lib/mu/pcap/sctp/chunk/init.rb +100 -0
- data/lib/mu/pcap/sctp/chunk/init_ack.rb +68 -0
- data/lib/mu/pcap/sctp/parameter.rb +110 -0
- data/lib/mu/pcap/sctp/parameter/ip_address.rb +48 -0
- data/lib/mu/pcap/stream_packetizer.rb +72 -0
- data/lib/mu/pcap/tcp.rb +505 -0
- data/lib/mu/pcap/udp.rb +69 -0
- data/lib/mu/scenario/pcap.rb +164 -0
- data/lib/mu/scenario/pcap/fields.rb +50 -0
- data/lib/mu/scenario/pcap/rtp.rb +71 -0
- data/lib/pcapr_local.rb +159 -0
- data/lib/pcapr_local/config.rb +336 -0
- data/lib/pcapr_local/db.rb +197 -0
- data/lib/pcapr_local/scanner.rb +250 -0
- data/lib/pcapr_local/server.rb +178 -0
- data/lib/pcapr_local/www/favicon.ico +0 -0
- data/lib/pcapr_local/www/favicon.png +0 -0
- data/lib/pcapr_local/www/home/index.html +138 -0
- data/lib/pcapr_local/www/static/image/16x16/Cancel.png +0 -0
- data/lib/pcapr_local/www/static/image/16x16/Cancel.png.1 +0 -0
- data/lib/pcapr_local/www/static/image/16x16/Download.png +0 -0
- data/lib/pcapr_local/www/static/image/16x16/Folder3.png +0 -0
- data/lib/pcapr_local/www/static/image/16x16/Full Size.png +0 -0
- data/lib/pcapr_local/www/static/image/16x16/Minus.png +0 -0
- data/lib/pcapr_local/www/static/image/16x16/Plus.png +0 -0
- data/lib/pcapr_local/www/static/image/16x16/Search.png +0 -0
- data/lib/pcapr_local/www/static/image/16x16/User.png +0 -0
- data/lib/pcapr_local/www/static/image/48x48/Phone.png +0 -0
- data/lib/pcapr_local/www/static/image/48x48/Video.png +0 -0
- data/lib/pcapr_local/www/static/image/bar-orange.gif +0 -0
- data/lib/pcapr_local/www/static/image/beta.png +0 -0
- data/lib/pcapr_local/www/static/image/bg.png +0 -0
- data/lib/pcapr_local/www/static/image/blockquote.png +0 -0
- data/lib/pcapr_local/www/static/image/body-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/body-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl1-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl1-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl1-readmore.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl2-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl2-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl2-readmore.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl3-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl3-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl3-readmore.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl4-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl4-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl4-readmore.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl5-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl6-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl7-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-hl8-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/body-readmore.png +0 -0
- data/lib/pcapr_local/www/static/image/bottom-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/bottom-l.png +0 -0
- data/lib/pcapr_local/www/static/image/bottom-r.png +0 -0
- data/lib/pcapr_local/www/static/image/btn-search.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-1.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-2.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-3.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-4.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-5.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-6.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-7.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-hl1.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-hl2.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-hl3.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-hl4.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-pathway.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-section1.png +0 -0
- data/lib/pcapr_local/www/static/image/bullet-section2.png +0 -0
- data/lib/pcapr_local/www/static/image/collapsed.gif +0 -0
- data/lib/pcapr_local/www/static/image/crosslink.png +0 -0
- data/lib/pcapr_local/www/static/image/expanded.gif +0 -0
- data/lib/pcapr_local/www/static/image/favicon.ico +0 -0
- data/lib/pcapr_local/www/static/image/favicon.png +0 -0
- data/lib/pcapr_local/www/static/image/icon-author.png +0 -0
- data/lib/pcapr_local/www/static/image/icon-created.png +0 -0
- data/lib/pcapr_local/www/static/image/p-expand.gif +0 -0
- data/lib/pcapr_local/www/static/image/pcapr-logo.png +0 -0
- data/lib/pcapr_local/www/static/image/powered-by.png +0 -0
- data/lib/pcapr_local/www/static/image/section1-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/section1-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/section1-readmore.png +0 -0
- data/lib/pcapr_local/www/static/image/section2-bg.png +0 -0
- data/lib/pcapr_local/www/static/image/section2-h3.png +0 -0
- data/lib/pcapr_local/www/static/image/section2-readmore.png +0 -0
- data/lib/pcapr_local/www/static/image/status-alert.png +0 -0
- data/lib/pcapr_local/www/static/image/status-download.png +0 -0
- data/lib/pcapr_local/www/static/image/status-info.png +0 -0
- data/lib/pcapr_local/www/static/image/status-note.png +0 -0
- data/lib/pcapr_local/www/static/image/tab-round.png +0 -0
- data/lib/pcapr_local/www/static/image/throbber.gif +0 -0
- data/lib/pcapr_local/www/static/image/user.jpg +0 -0
- data/lib/pcapr_local/www/static/script/closet/async.js +421 -0
- data/lib/pcapr_local/www/static/script/closet/closet.api.js +241 -0
- data/lib/pcapr_local/www/static/script/closet/closet.folders.js +94 -0
- data/lib/pcapr_local/www/static/script/closet/closet.js +187 -0
- data/lib/pcapr_local/www/static/script/closet/closet.mr.js +219 -0
- data/lib/pcapr_local/www/static/script/closet/closet.options.js +359 -0
- data/lib/pcapr_local/www/static/script/closet/closet.quantity.js +73 -0
- data/lib/pcapr_local/www/static/script/closet/closet.render.js +205 -0
- data/lib/pcapr_local/www/static/script/closet/closet.report.js +86 -0
- data/lib/pcapr_local/www/static/script/closet/closet.reports.http.js +135 -0
- data/lib/pcapr_local/www/static/script/closet/closet.reports.overview.js +163 -0
- data/lib/pcapr_local/www/static/script/closet/closet.reports.sip.js +159 -0
- data/lib/pcapr_local/www/static/script/closet/closet.reports.tcp.js +72 -0
- data/lib/pcapr_local/www/static/script/closet/closet.reports.visualize.js +263 -0
- data/lib/pcapr_local/www/static/script/closet/closet.util.js +40 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery-1.4.2.min.js +154 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery-ui.js +10921 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.flot.js +2123 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.flot.selection.js +184 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.flot.stack.js +184 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.form.js +643 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.jsonp.min.js +3 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.menu.js +142 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.suggest.js +308 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.ui.core.js +203 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.ui.slider.js +629 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.ui.sortable.js +1055 -0
- data/lib/pcapr_local/www/static/script/jquery/jquery.ui.widget.js +236 -0
- data/lib/pcapr_local/www/static/script/json2.js +481 -0
- data/lib/pcapr_local/www/static/script/sammy/plugins/sammy.cache.js +115 -0
- data/lib/pcapr_local/www/static/script/sammy/plugins/sammy.template.js +117 -0
- data/lib/pcapr_local/www/static/script/sammy/sammy.js +1696 -0
- data/lib/pcapr_local/www/static/script/tipsy/jquery.tipsy.js +104 -0
- data/lib/pcapr_local/www/static/style/c3p0.css +116 -0
- data/lib/pcapr_local/www/static/style/jquery.suggest.css +27 -0
- data/lib/pcapr_local/www/static/style/page.css +1113 -0
- data/lib/pcapr_local/www/static/style/tipsy.css +7 -0
- data/lib/pcapr_local/www/templates/browse.services.template +10 -0
- data/lib/pcapr_local/www/templates/browse.template +77 -0
- data/lib/pcapr_local/www/templates/flows.template +38 -0
- data/lib/pcapr_local/www/templates/pcap.template +63 -0
- data/lib/pcapr_local/www/templates/sip.calls.template +35 -0
- data/lib/pcapr_local/www/templates/statistics.template +6 -0
- data/lib/pcapr_local/xtractr.rb +179 -0
- data/lib/pcapr_local/xtractr/instance.rb +172 -0
- data/pcapr-local.gemspec +297 -0
- data/test/mu/pcap/reader/tc_http_family.rb +251 -0
- data/test/mu/pcap/tc_ethernet.rb +71 -0
- data/test/mu/pcap/tc_header.rb +56 -0
- data/test/mu/pcap/tc_ipv4.rb +103 -0
- data/test/mu/pcap/tc_ipv6.rb +83 -0
- data/test/mu/pcap/tc_packet.rb +44 -0
- data/test/mu/pcap/tc_pair.rb +58 -0
- data/test/mu/pcap/tc_pkthdr.rb +33 -0
- data/test/mu/pcap/tc_reader.rb +76 -0
- data/test/mu/pcap/tc_tcp.rb +426 -0
- data/test/mu/pcap/tc_udp.rb +33 -0
- data/test/mu/pcap/tc_wrapper.rb +80 -0
- data/test/mu/scenario/pcap/tc_fields.rb +67 -0
- data/test/mu/scenario/pcap/tc_rtp.rb +135 -0
- data/test/mu/scenario/sip_signalled_call_1.pcap +0 -0
- data/test/mu/scenario/tc_pcap.rb +190 -0
- data/test/mu/scenario/test_data/arp.pcap +0 -0
- data/test/mu/scenario/test_data/dns.pcap +0 -0
- data/test/mu/scenario/test_data/http-v6.pcap +0 -0
- data/test/mu/scenario/test_data/http.pcap +0 -0
- data/test/mu/scenario/test_data/http_chunked.pcap +0 -0
- data/test/mu/scenario/test_data/http_deflate.pcap +0 -0
- data/test/mu/scenario/test_data/httpauth3.pcap +0 -0
- data/test/mu/scenario/test_data/icmp.pcap +0 -0
- data/test/mu/scenario/test_data/sip_signalled_call_1.pcap +0 -0
- data/test/mu/tc_pcap.rb +39 -0
- data/test/mu/testcase.rb +86 -0
- data/test/pcapr_local/arp.pcap +0 -0
- data/test/pcapr_local/data.js +3 -0
- data/test/pcapr_local/http_chunked.pcap +0 -0
- data/test/pcapr_local/tc_api.rb +181 -0
- data/test/pcapr_local/test.tgz +0 -0
- data/test/pcapr_local/test_scanner.rb +241 -0
- data/test/pcapr_local/test_xtractr.rb +219 -0
- data/test/pcapr_local/testcase.rb +107 -0
- data/test/test_export_to_scenario.sh +25 -0
- data/test/test_pcapr_local.rb +29 -0
- metadata +450 -0
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
# http://www.mudynamics.com
|
|
2
|
+
# http://labs.mudynamics.com
|
|
3
|
+
# http://www.pcapr.net
|
|
4
|
+
|
|
5
|
+
require 'mu/testcase'
|
|
6
|
+
require 'mu/pcap'
|
|
7
|
+
|
|
8
|
+
module Mu
|
|
9
|
+
class Pcap
|
|
10
|
+
class Ethernet
|
|
11
|
+
|
|
12
|
+
class Test < Mu::TestCase
|
|
13
|
+
def test_basics
|
|
14
|
+
ethernet = Ethernet.new
|
|
15
|
+
ethernet.dst = '00:01:01:00:00:02'
|
|
16
|
+
ethernet.src = '00:01:01:00:00:01'
|
|
17
|
+
ethernet.type = 0x1234
|
|
18
|
+
ethernet.payload = ''
|
|
19
|
+
|
|
20
|
+
bytes = "\0\1\1\0\0\2" + "\0\1\1\0\0\1" + "\x12\x34"
|
|
21
|
+
ethernet_in = Ethernet.from_bytes bytes
|
|
22
|
+
assert_equal ethernet, ethernet_in
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def test_vlan
|
|
26
|
+
ethernet = Ethernet.new
|
|
27
|
+
ethernet.dst = '00:01:01:00:00:02'
|
|
28
|
+
ethernet.src = '00:01:01:00:00:01'
|
|
29
|
+
ethernet.type = 0x1234
|
|
30
|
+
ethernet.payload = 'hi'
|
|
31
|
+
ethernet.payload_raw = 'hi'
|
|
32
|
+
|
|
33
|
+
# Strip out VLAN tag
|
|
34
|
+
vlan = "\x81\00" + "\x00\x01"
|
|
35
|
+
bytes = "\0\1\1\0\0\2" + "\0\1\1\0\0\1" + vlan + "\x12\x34hi"
|
|
36
|
+
ethernet_in = Ethernet.from_bytes bytes
|
|
37
|
+
assert_equal ethernet, ethernet_in
|
|
38
|
+
|
|
39
|
+
# Strip out multiple VLAN tags
|
|
40
|
+
bytes = "\0\1\1\0\0\2" + "\0\1\1\0\0\1" + vlan*10 + "\x12\x34hi"
|
|
41
|
+
ethernet_in = Ethernet.from_bytes bytes
|
|
42
|
+
assert_equal ethernet, ethernet_in
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def test_pppoe
|
|
46
|
+
ethernet = Ethernet.new
|
|
47
|
+
ethernet.dst = '00:01:01:00:00:02'
|
|
48
|
+
ethernet.src = '00:01:01:00:00:01'
|
|
49
|
+
ethernet.type = ETHERTYPE_IP
|
|
50
|
+
ethernet.payload = IPv4.new '127.0.0.1', '127.0.0.2'
|
|
51
|
+
ethernet.payload_raw = ethernet.payload.to_bytes
|
|
52
|
+
|
|
53
|
+
ipv4 = IPv4.new '127.0.0.1', '127.0.0.2'
|
|
54
|
+
bytes = "\0\1\1\0\0\2" + "\0\1\1\0\0\1" + "\x88\x64" +
|
|
55
|
+
# PPPoE
|
|
56
|
+
"\x11" + # version 1, type 1
|
|
57
|
+
"\x00" + # code
|
|
58
|
+
"\x00\x01" + # session ID
|
|
59
|
+
"\x00\x14" + # length
|
|
60
|
+
# PPP
|
|
61
|
+
"\x00\x21" + # IP
|
|
62
|
+
# IPv4
|
|
63
|
+
ipv4.to_bytes
|
|
64
|
+
ethernet_in = Ethernet.from_bytes bytes
|
|
65
|
+
assert_equal ethernet, ethernet_in
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
end
|
|
70
|
+
end
|
|
71
|
+
end
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
# http://www.mudynamics.com
|
|
2
|
+
# http://labs.mudynamics.com
|
|
3
|
+
# http://www.pcapr.net
|
|
4
|
+
|
|
5
|
+
require 'mu/testcase'
|
|
6
|
+
require 'mu/pcap'
|
|
7
|
+
|
|
8
|
+
module Mu
|
|
9
|
+
class Pcap
|
|
10
|
+
class Header
|
|
11
|
+
|
|
12
|
+
class Test < Mu::TestCase
|
|
13
|
+
def test_basics
|
|
14
|
+
header = Header.new
|
|
15
|
+
header.magic = BIG_ENDIAN
|
|
16
|
+
header.version_major = 2
|
|
17
|
+
header.version_minor = 4
|
|
18
|
+
header.thiszone = 0
|
|
19
|
+
header.sigfigs = 0
|
|
20
|
+
header.snaplen = 1500
|
|
21
|
+
header.linktype = 1
|
|
22
|
+
|
|
23
|
+
# Big endian
|
|
24
|
+
bytes = "\xa1\xb2\xc3\xd4" + "\x00\x02" + "\x00\x04" +
|
|
25
|
+
"\x00\x00\x00\x00" + "\x00\x00\x00\x00" +
|
|
26
|
+
"\x00\x00\x05\xdc" + "\x00\x00\x00\x01"
|
|
27
|
+
header_in = Header.read StringIO.new(bytes)
|
|
28
|
+
assert_equal header, header_in
|
|
29
|
+
|
|
30
|
+
# Little endian
|
|
31
|
+
header.magic = LITTLE_ENDIAN
|
|
32
|
+
bytes = "\xd4\xc3\xb2\xa1" + "\x02\x00" + "\x04\x00" +
|
|
33
|
+
"\x00\x00\x00\x00" + "\x00\x00\x00\x00" +
|
|
34
|
+
"\xdc\x05\x00\x00" + "\x01\x00\x00\x00"
|
|
35
|
+
header_in = Header.read StringIO.new(bytes)
|
|
36
|
+
assert_equal header, header_in
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
|
|
40
|
+
def test_decode_null
|
|
41
|
+
ethernet = Ethernet.new
|
|
42
|
+
ethernet.src = '00:01:01:00:00:01'
|
|
43
|
+
ethernet.dst = '00:01:01:00:00:02'
|
|
44
|
+
ethernet.type = Ethernet::ETHERTYPE_IP
|
|
45
|
+
ethernet.payload = ethernet.payload_raw = 'hello'
|
|
46
|
+
bytes = nil
|
|
47
|
+
with_no_stderr do # supress warning about malformed IPv4
|
|
48
|
+
bytes = Pkthdr.decode_null BIG_ENDIAN, "\0\0\0\2hello"
|
|
49
|
+
end
|
|
50
|
+
assert_equal ethernet, bytes
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
# http://www.mudynamics.com
|
|
2
|
+
# http://labs.mudynamics.com
|
|
3
|
+
# http://www.pcapr.net
|
|
4
|
+
|
|
5
|
+
require 'mu/testcase'
|
|
6
|
+
require 'mu/pcap'
|
|
7
|
+
|
|
8
|
+
module Mu
|
|
9
|
+
class Pcap
|
|
10
|
+
class IPv4
|
|
11
|
+
|
|
12
|
+
class Test < Mu::TestCase
|
|
13
|
+
def test_basics
|
|
14
|
+
bytes =
|
|
15
|
+
"\x47"+ # version, header length
|
|
16
|
+
"\x00" + # TOS
|
|
17
|
+
"\x00\x1c" + # length
|
|
18
|
+
"\x4c\xb7" + # ID
|
|
19
|
+
"\x00\x00" + # offset
|
|
20
|
+
"\x40" + # TTL
|
|
21
|
+
"\x01" + # protocol
|
|
22
|
+
"\x99\x2a" + # checksum
|
|
23
|
+
"\x0a\x01\x02\x03" + # src-ip
|
|
24
|
+
"\x0a\x02\x03\x04" + # dst-ip
|
|
25
|
+
"\x94\x04\x00\x00\x00\x00" + "\x00\x00" # options
|
|
26
|
+
|
|
27
|
+
ipv4 = IPv4.new
|
|
28
|
+
ipv4.ip_id = 19639
|
|
29
|
+
ipv4.ttl = 64
|
|
30
|
+
ipv4.proto = 1
|
|
31
|
+
ipv4.src = '10.1.2.3'
|
|
32
|
+
ipv4.dst = '10.2.3.4'
|
|
33
|
+
ipv4.payload = ''
|
|
34
|
+
|
|
35
|
+
ipv4_in = nil
|
|
36
|
+
with_no_stderr do # supress warning about options
|
|
37
|
+
ipv4_in = IPv4.from_bytes bytes
|
|
38
|
+
end
|
|
39
|
+
assert_equal ipv4, ipv4_in
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def test_reassemble
|
|
43
|
+
# empty stream
|
|
44
|
+
assert_equal [], IPv4.reassemble([])
|
|
45
|
+
|
|
46
|
+
# one packet
|
|
47
|
+
ip = ip 0, "A" * 10
|
|
48
|
+
assert_equal [ip], IPv4.reassemble([ip])
|
|
49
|
+
|
|
50
|
+
# three packets
|
|
51
|
+
ip1 = ip IP_MF | 0, "A" * 16
|
|
52
|
+
ip2 = ip IP_MF | 2, "B" * 16
|
|
53
|
+
ip3 = ip 4, "C" * 16
|
|
54
|
+
ipo = ip IP_MF | 3, "B" * 8 + "C" * 8 # overlap
|
|
55
|
+
ipe = ip IP_MF | 1, "" # empty
|
|
56
|
+
ip = ip 0, "A" * 16 + "B" * 16 + "C" * 16
|
|
57
|
+
[[ip1, ip2, ip3],
|
|
58
|
+
[ip1, ip3, ip2],
|
|
59
|
+
[ip2, ip1, ip3],
|
|
60
|
+
[ip2, ip3, ip1],
|
|
61
|
+
[ip3, ip1, ip2],
|
|
62
|
+
[ip3, ip2, ip1]].each do |ips|
|
|
63
|
+
with_no_stderr do
|
|
64
|
+
assert_equal [ip], IPv4.reassemble(ips)
|
|
65
|
+
end
|
|
66
|
+
# test with overlapping fragment
|
|
67
|
+
0.upto(ips.length-1) do |i|
|
|
68
|
+
ips.insert i, ipo
|
|
69
|
+
with_no_stderr do
|
|
70
|
+
assert_equal [ip], IPv4.reassemble(ips)
|
|
71
|
+
end
|
|
72
|
+
ips.delete_at i
|
|
73
|
+
end
|
|
74
|
+
# test with empty fragment
|
|
75
|
+
0.upto(ips.length-1) do |i|
|
|
76
|
+
ips.insert i, ipe
|
|
77
|
+
with_no_stderr do
|
|
78
|
+
assert_equal [ip], IPv4.reassemble(ips)
|
|
79
|
+
end
|
|
80
|
+
ips.delete_at i
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
def ip offset, payload
|
|
86
|
+
ipv4 = IPv4.new
|
|
87
|
+
ethernet = Ethernet.new
|
|
88
|
+
ethernet.src = '00:01:00:00:00:01'
|
|
89
|
+
ethernet.dst = '00:01:00:00:00:02'
|
|
90
|
+
ipv4.src = '10.0.0.1'
|
|
91
|
+
ipv4.dst = '10.0.0.2'
|
|
92
|
+
ipv4.proto = IPv4::IPPROTO_TCP
|
|
93
|
+
ipv4.offset = offset
|
|
94
|
+
ipv4.payload = payload
|
|
95
|
+
ethernet.type = Ethernet::ETHERTYPE_IP
|
|
96
|
+
ethernet.payload = ipv4
|
|
97
|
+
return ethernet
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
# http://www.mudynamics.com
|
|
2
|
+
# http://labs.mudynamics.com
|
|
3
|
+
# http://www.pcapr.net
|
|
4
|
+
|
|
5
|
+
require 'mu/testcase'
|
|
6
|
+
require 'mu/pcap'
|
|
7
|
+
|
|
8
|
+
module Mu
|
|
9
|
+
class Pcap
|
|
10
|
+
class IPv6
|
|
11
|
+
|
|
12
|
+
class Test < Mu::TestCase
|
|
13
|
+
def test_basics
|
|
14
|
+
bytes =
|
|
15
|
+
"60000000" + # version, class, label
|
|
16
|
+
"0005" + # length
|
|
17
|
+
"59" + # next header
|
|
18
|
+
"40" + # hop limit
|
|
19
|
+
"00000000000000000000000000000001" + # source
|
|
20
|
+
"ff020000000000000000000000000005" # destination
|
|
21
|
+
bytes = bytes.from_hex + 'hello'
|
|
22
|
+
|
|
23
|
+
ipv6 = IPv6.new
|
|
24
|
+
ipv6.next_header = 0x59
|
|
25
|
+
ipv6.hop_limit = 64
|
|
26
|
+
ipv6.src = '::1'
|
|
27
|
+
ipv6.dst = 'ff02::5'
|
|
28
|
+
ipv6.payload = 'hello'
|
|
29
|
+
ipv6.payload_raw = 'hello'
|
|
30
|
+
|
|
31
|
+
ipv6_in = nil
|
|
32
|
+
with_no_stderr do # supress warning about options
|
|
33
|
+
ipv6_in = IPv6.from_bytes bytes
|
|
34
|
+
end
|
|
35
|
+
assert_equal ipv6, ipv6_in
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def test_headers
|
|
39
|
+
packet =
|
|
40
|
+
"60000000" + # version, class, label
|
|
41
|
+
"%04x" + # length
|
|
42
|
+
"%02x" + # next header
|
|
43
|
+
"40" + # hop limit
|
|
44
|
+
"00000000000000000000000000000001" + # source
|
|
45
|
+
"ff020000000000000000000000000005" # destination
|
|
46
|
+
|
|
47
|
+
# No next header
|
|
48
|
+
bytes = (packet % [0, IP::IPPROTO_NONE]).from_hex
|
|
49
|
+
ipv6 = IPv6.from_bytes bytes
|
|
50
|
+
assert_equal IP::IPPROTO_NONE, ipv6.next_header
|
|
51
|
+
assert_equal '', ipv6.payload
|
|
52
|
+
|
|
53
|
+
# Hop-by-hop options
|
|
54
|
+
bytes = (packet % [8, IP::IPPROTO_HOPOPTS]).from_hex +
|
|
55
|
+
[IP::IPPROTO_NONE, 0, "\0\0\0\0\0\0"].pack('CCa6')
|
|
56
|
+
ipv6 = IPv6.from_bytes bytes
|
|
57
|
+
assert_equal IP::IPPROTO_NONE, ipv6.next_header
|
|
58
|
+
|
|
59
|
+
# Routing header options
|
|
60
|
+
bytes = (packet % [8, IP::IPPROTO_ROUTING]).from_hex +
|
|
61
|
+
[IP::IPPROTO_NONE, 0, "\0\0\0\0\0\0"].pack('CCa6')
|
|
62
|
+
ipv6 = IPv6.from_bytes bytes
|
|
63
|
+
assert_equal IP::IPPROTO_NONE, ipv6.next_header
|
|
64
|
+
|
|
65
|
+
# Destination options
|
|
66
|
+
bytes = (packet % [8, IP::IPPROTO_DSTOPTS]).from_hex +
|
|
67
|
+
[IP::IPPROTO_NONE, 0, "\0\0\0\0\0\0"].pack('CCa6')
|
|
68
|
+
ipv6 = IPv6.from_bytes bytes
|
|
69
|
+
assert_equal IP::IPPROTO_NONE, ipv6.next_header
|
|
70
|
+
|
|
71
|
+
# Fragment (not supported)
|
|
72
|
+
bytes = (packet % [8, IP::IPPROTO_FRAGMENT]).from_hex +
|
|
73
|
+
[IP::IPPROTO_NONE, 0, 0, 0].pack('CCnN')
|
|
74
|
+
with_no_stderr do
|
|
75
|
+
ipv6 = IPv6.from_bytes bytes
|
|
76
|
+
end
|
|
77
|
+
assert_equal IP::IPPROTO_FRAGMENT, ipv6.next_header
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# http://www.mudynamics.com
|
|
2
|
+
# http://labs.mudynamics.com
|
|
3
|
+
# http://www.pcapr.net
|
|
4
|
+
|
|
5
|
+
require 'mu/testcase'
|
|
6
|
+
require 'mu/pcap'
|
|
7
|
+
|
|
8
|
+
module Mu
|
|
9
|
+
class Pcap
|
|
10
|
+
class Packet
|
|
11
|
+
|
|
12
|
+
class Test < Mu::TestCase
|
|
13
|
+
def test_isolate_l7
|
|
14
|
+
# Empty
|
|
15
|
+
assert_equal [], Packet.isolate_l7([])
|
|
16
|
+
|
|
17
|
+
# Ethernet
|
|
18
|
+
ethernet = Ethernet.new
|
|
19
|
+
assert_equal [ethernet], Packet.isolate_l7([ethernet])
|
|
20
|
+
|
|
21
|
+
# UDP packet
|
|
22
|
+
udp = Ethernet.new
|
|
23
|
+
udp.payload = IPv4.new
|
|
24
|
+
udp.payload.payload = UDP.new
|
|
25
|
+
udp.payload.payload.src_port = 1000
|
|
26
|
+
assert_equal [udp], Packet.isolate_l7([udp])
|
|
27
|
+
|
|
28
|
+
# UDP packet and Ethernet
|
|
29
|
+
assert_equal [udp], Packet.isolate_l7([udp, ethernet])
|
|
30
|
+
assert_equal [udp], Packet.isolate_l7([ethernet, udp])
|
|
31
|
+
|
|
32
|
+
# UDP packet and DNS
|
|
33
|
+
dns = Ethernet.new
|
|
34
|
+
dns.payload = IPv4.new
|
|
35
|
+
dns.payload.payload = UDP.new
|
|
36
|
+
dns.payload.payload.src_port = 53
|
|
37
|
+
assert_equal [udp], Packet.isolate_l7([udp, dns])
|
|
38
|
+
assert_equal [udp], Packet.isolate_l7([dns, udp])
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# http://www.mudynamics.com
|
|
2
|
+
# http://labs.mudynamics.com
|
|
3
|
+
# http://www.pcapr.net
|
|
4
|
+
|
|
5
|
+
require 'mu/testcase'
|
|
6
|
+
require 'mu/pcap/io_pair'
|
|
7
|
+
|
|
8
|
+
module Mu
|
|
9
|
+
class Pcap
|
|
10
|
+
class IOPair
|
|
11
|
+
class Test < Mu::TestCase
|
|
12
|
+
|
|
13
|
+
def test_stream
|
|
14
|
+
io1, io2 = IOPair.stream_pair
|
|
15
|
+
|
|
16
|
+
# send
|
|
17
|
+
assert_equal 3, io1.write("foo")
|
|
18
|
+
assert_equal "foo", io2.read(3)
|
|
19
|
+
|
|
20
|
+
# another
|
|
21
|
+
assert_equal 3, io1.write("bar")
|
|
22
|
+
assert_equal "bar", io2.read(0xffff)
|
|
23
|
+
|
|
24
|
+
# reverse
|
|
25
|
+
assert_equal 3, io2.write("baz")
|
|
26
|
+
assert_equal "baz", io1.read(0xffff)
|
|
27
|
+
|
|
28
|
+
# 2 sends, 1 receive
|
|
29
|
+
assert_equal 3, io1.write("one")
|
|
30
|
+
assert_equal 3, io1.write("two")
|
|
31
|
+
assert_equal "onetwo", io2.read(6)
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def test_packet
|
|
35
|
+
io1, io2 = IOPair.packet_pair
|
|
36
|
+
|
|
37
|
+
# send
|
|
38
|
+
assert_equal 3, io1.write("foo")
|
|
39
|
+
assert_equal "foo", io2.read
|
|
40
|
+
|
|
41
|
+
# another
|
|
42
|
+
assert_equal 3, io1.write("bar")
|
|
43
|
+
assert_equal "bar", io2.read
|
|
44
|
+
|
|
45
|
+
# reverse
|
|
46
|
+
assert_equal 3, io2.write("baz")
|
|
47
|
+
assert_equal "baz", io1.read
|
|
48
|
+
|
|
49
|
+
# 2 sends, 2 receives
|
|
50
|
+
assert_equal 3, io1.write("one")
|
|
51
|
+
assert_equal 3, io1.write("two")
|
|
52
|
+
assert_equal "one", io2.read
|
|
53
|
+
assert_equal "two", io2.read
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
end
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
# http://www.mudynamics.com
|
|
2
|
+
# http://labs.mudynamics.com
|
|
3
|
+
# http://www.pcapr.net
|
|
4
|
+
|
|
5
|
+
require 'mu/testcase'
|
|
6
|
+
require 'mu/pcap'
|
|
7
|
+
|
|
8
|
+
module Mu
|
|
9
|
+
class Pcap
|
|
10
|
+
class Pkthdr
|
|
11
|
+
|
|
12
|
+
class Test < Mu::TestCase
|
|
13
|
+
def test_basics
|
|
14
|
+
pkthdr = Pkthdr.new
|
|
15
|
+
pkthdr.endian = LITTLE_ENDIAN
|
|
16
|
+
pkthdr.ts_sec = 1191265036
|
|
17
|
+
pkthdr.ts_usec = 73432
|
|
18
|
+
pkthdr.caplen = 73
|
|
19
|
+
pkthdr.len = 73
|
|
20
|
+
pkthdr.pkt = 'X' * 73
|
|
21
|
+
|
|
22
|
+
bytes = "\x0c\x43\x01\x47" + "\xd8\x1e\x01\x00" +
|
|
23
|
+
"\x49\x00\x00\x00" + "\x49\x00\x00\x00" + ("X" * 73)
|
|
24
|
+
pkthdr_in = Pkthdr.read StringIO.new(bytes), LITTLE_ENDIAN
|
|
25
|
+
assert_equal pkthdr, pkthdr_in
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
|