RubyGems - ruby-pcap - Versions diffs - 0.7.9 → 0.8.0 - Mend

ruby-pcap 0.7.9 → 0.8.0

Files changed (16) hide show

checksums.yaml +5 -5
data/README.md +1 -4
data/ext/pcap/Pcap.c +125 -23
data/ext/pcap/arp_packet.c +82 -0
data/ext/pcap/icmp_packet.c +35 -0
data/ext/pcap/icmpv6_packet.c +107 -0
data/ext/pcap/ip_packet.c +16 -7
data/ext/pcap/ipv6_packet.c +162 -0
data/ext/pcap/packet.c +36 -8
data/ext/pcap/ruby_pcap.h +34 -4
data/ext/pcap/slow_protocol_packet.c +29 -0
data/ext/pcap/tcp_packet.c +346 -6
data/ext/pcap/udp_packet.c +262 -1
data/lib/pcap/packet.rb +123 -11
data/ruby-pcap.gemspec +4 -4
metadata +13 -9

data/ext/pcap/udp_packet.c CHANGED Viewed

@@ -78,6 +78,250 @@ udpp_data(self)
     return rb_str_new(UDP_DATA(pkt), len);
 }
+static VALUE
+udpp_csum_update(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip *ip;
+    struct udphdr *udp;
+    GetPacket(self, pkt);
+    ip = IP_HDR(pkt);
+    udp = UDP_HDR(pkt);
+    unsigned short *ip_src = (void *)&ip->ip_src.s_addr;
+    unsigned short *ip_dst = (void *)&ip->ip_dst.s_addr;
+    long sum = 0;
+    /* save checksum in packet */
+    unsigned short uh_sum = ntohs(udp->uh_sum);
+    unsigned short answer = 0;
+    unsigned short *temp = (unsigned short *)udp;
+    int len = ntohs(ip->ip_len) - ip->ip_hl*4; // length of ip data
+    // pseudo header sum
+    sum += ntohs(*(ip_src++));
+    sum += ntohs(*ip_src);
+    sum += ntohs(*(ip_dst++));
+    sum += ntohs(*ip_dst);
+    sum += 17;
+    sum += len;
+    // set checksum to zero and sum
+    udp->uh_sum = 0;
+    while (len > 1){
+      sum += ntohs(*temp++);
+      len -= 2;
+    }
+    if (len)
+      sum += ntohs((unsigned short) *((unsigned char *)temp));
+    while(sum>>16)
+      sum = (sum & 0xFFFF) + (sum >> 16);
+    answer = ~sum;
+    if (answer == 0)
+      answer = ~answer;
+    /*
+     * set checkum in packet
+     */
+    udp->uh_sum = htons(answer);
+    /*
+     * no change, return nil
+     */
+    if (answer == uh_sum)
+      return Qnil;
+    /*
+     * return new checkum
+     */
+    return UINT2NUM(answer);
+}
+/*
+  Set UDP source port and update checksum
+*/
+static VALUE
+udpp_sport_set(self, val)
+     VALUE self, val;
+{
+    struct packet_object *pkt;
+    struct udphdr *udp;
+    long sum = 0;
+    GetPacket(self, pkt);
+    udp = UDP_HDR(pkt);
+    /*
+     * https://tools.ietf.org/html/rfc1624
+     * HC' = ~(C + (-m) + m')
+    */
+    sum = ~(~ntohs(udp->uh_sum) - ntohs(udp->uh_sport) + NUM2USHORT(val));
+    while(sum>>16)
+      sum = (sum & 0xFFFF) + (sum >> 16);
+    /*
+     * set desired value and new checksum
+    */
+    udp->uh_sport = htons(NUM2USHORT(val));
+    udp->uh_sum = htons(sum);
+    return val;
+}
+/*
+  Set UDP destination port and update checksum
+*/
+static VALUE
+udpp_dport_set(self, val)
+     VALUE self, val;
+{
+    struct packet_object *pkt;
+    struct udphdr *udp;
+    long sum = 0;
+    GetPacket(self, pkt);
+    udp = UDP_HDR(pkt);
+    /*
+     * https://tools.ietf.org/html/rfc1624
+     * HC' = ~(C + (-m) + m')
+    */
+    sum = ~(~ntohs(udp->uh_sum) - ntohs(udp->uh_dport) + NUM2USHORT(val));
+    while(sum>>16)
+      sum = (sum & 0xFFFF) + (sum >> 16);
+    /*
+     * set desired value and new checksum
+    */
+    udp->uh_dport = htons(NUM2USHORT(val));
+    udp->uh_sum = htons(sum);
+    return val;
+}
+/*
+ * IPv6 Specific methods
+ */
+VALUE cUDPv6Packet;
+VALUE
+setup_udpv6_packet(pkt, tl_len)
+    struct packet_object *pkt;
+    int tl_len;
+{
+    VALUE class;
+    DEBUG_PRINT("setup_udpv6_packet");
+    class = cUDPv6Packet;
+    if (tl_len > 8) {
+      int hl = 8;
+      int layer5_len;
+      tl_len = MIN(tl_len, UDP_LENGTH(pkt));
+      layer5_len = tl_len - hl;
+      if (layer5_len > 0) {
+        pkt->hdr.layer5_off = pkt->hdr.layer4_off + hl;
+        /* upper layer */
+        }
+    }
+    return class;
+}
+static VALUE
+udpp_csumokv6(self)
+  VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip6_hdr *ip;
+    struct udphdr *udp;
+    GetPacket(self, pkt);
+    ip = IPV6_HDR(pkt);
+    udp = UDP_HDR(pkt);
+    unsigned short *ip_src = (void *)&ip->ip6_src.s6_addr;
+    unsigned short *ip_dst = (void *)&ip->ip6_dst.s6_addr;
+    long sum = 0;
+    unsigned short answer = 0;
+    unsigned short *temp = (unsigned short *)udp;
+    int len = ntohs(ip->ip6_plen); // length of ip data
+    unsigned short csum = ntohs(udp->uh_sum); // keep the checksum in packet
+    // pseudo header sum
+    int i = 1;
+    for (i = 0; i < 8; i++) {
+      sum += ntohs(*(ip_src));
+      sum += ntohs(*(ip_dst));
+      ip_src++;
+      ip_dst++;
+    }
+    sum += 0x11; // UDP
+    sum += len;
+    // set checksum to zero and sum
+    udp->uh_sum = 0;
+    while (len > 1){
+      sum += ntohs(*temp++);
+      len -= 2;
+    }
+    if (len)
+      sum += ntohs((unsigned short) *((unsigned char *)temp));
+    while(sum>>16)
+      sum = (sum & 0xFFFF) + (sum >> 16);
+      answer = ~sum;
+    if (answer == 0)
+      answer = ~answer;
+    udp->uh_sum = htons(csum); //restore the checkum in packet
+    if (DEBUG_CHECKSUM)
+      printf("UDP csum in packet:%d should be %d\n", csum, answer);
+    if (answer == csum)
+      return Qtrue;
+    return Qfalse;
+}
+static VALUE
+udpp_csumok(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip *ip;
+    struct udphdr *udp;
+    GetPacket(self, pkt);
+    ip = IP_HDR(pkt);
+    udp = UDP_HDR(pkt);
+    unsigned short *ip_src = (void *)&ip->ip_src.s_addr;
+    unsigned short *ip_dst = (void *)&ip->ip_dst.s_addr;
+    long sum = 0;
+    unsigned short answer = 0;
+    unsigned short *temp = (unsigned short *)udp;
+    int len = ntohs(ip->ip_len) - ip->ip_hl*4; // length of ip data
+    int csum = ntohs(udp->uh_sum); // keep the checksum in packet
+    // pseudo header sum
+    sum += ntohs(*(ip_src++));
+    sum += ntohs(*ip_src);
+    sum += ntohs(*(ip_dst++));
+    sum += ntohs(*ip_dst);
+    sum += 17;
+    sum += len;
+    // set checksum to zero and sum
+    udp->uh_sum = 0;
+    while (len > 1){
+      sum += ntohs(*temp++);
+      len -= 2;
+    }
+    if (len)
+      sum += ntohs((unsigned short) *((unsigned char *)temp));
+    while(sum>>16)
+      sum = (sum & 0xFFFF) + (sum >> 16);
+    answer = ~sum;
+    if (answer == 0)
+      answer = ~answer;
+    udp->uh_sum = csum; //restore the checkum in packet
+    if (DEBUG_CHECKSUM)
+      printf("UDP csum in packet:%d should be %d\n", csum, answer);
+    if (answer == csum)
+      return Qtrue;
+    return Qfalse;
+}
+static VALUE
+udpp_truncated(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip *ip;
+    struct udphdr *udp;
+    GetPacket(self, pkt);
+    ip = IP_HDR(pkt);
+    udp = UDP_HDR(pkt);
+    if IsTruncated(pkt, pkt->hdr.layer3_off, ip->ip_hl * 4 + ntohs(udp->uh_ulen))
+        return Qtrue;
+    return Qfalse;
+}
 void
 Init_udp_packet(void)
 {
@@ -85,12 +329,29 @@ Init_udp_packet(void)
     /* define class UdpPacket */
     cUDPPacket = rb_define_class_under(mPcap, "UDPPacket", cIPPacket);
+    cUDPv6Packet = rb_define_class_under(mPcap, "UDPv6Packet", cIPv6Packet);
+    /* define methods under IPv4 */
     rb_define_method(cUDPPacket, "udp_sport", udpp_sport, 0);
+    rb_define_method(cUDPPacket, "udp_sport=", udpp_sport_set, 1);
     rb_define_method(cUDPPacket, "sport", udpp_sport, 0);
+    rb_define_method(cUDPPacket, "sport=", udpp_sport_set, 1);
     rb_define_method(cUDPPacket, "udp_dport", udpp_dport, 0);
+    rb_define_method(cUDPPacket, "udp_dport=", udpp_dport_set, 1);
     rb_define_method(cUDPPacket, "dport", udpp_dport, 0);
+    rb_define_method(cUDPPacket, "dport=", udpp_dport_set, 1);
     rb_define_method(cUDPPacket, "udp_len", udpp_len, 0);
     rb_define_method(cUDPPacket, "udp_sum", udpp_sum, 0);
     rb_define_method(cUDPPacket, "udp_data", udpp_data, 0);
+    rb_define_method(cUDPPacket, "udp_csum_ok?", udpp_csumok, 0);
+    rb_define_method(cUDPPacket, "udp_truncated?", udpp_truncated, 0);
+    rb_define_method(cUDPPacket, "udp_csum_update!", udpp_csum_update, 0);
+    /* define methods under IPv6 */
+    rb_define_method(cUDPv6Packet, "udp_sport", udpp_sport, 0);
+    rb_define_method(cUDPv6Packet, "sport", udpp_sport, 0);
+    rb_define_method(cUDPv6Packet, "udp_dport", udpp_dport, 0);
+    rb_define_method(cUDPv6Packet, "dport", udpp_dport, 0);
+    rb_define_method(cUDPv6Packet, "udp_len", udpp_len, 0);
+    rb_define_method(cUDPv6Packet, "udp_sum", udpp_sum, 0);
+    rb_define_method(cUDPv6Packet, "udp_data", udpp_data, 0);
+    rb_define_method(cUDPv6Packet, "udp_csum_ok?", udpp_csumokv6, 0);
 }

data/lib/pcap/packet.rb CHANGED Viewed

@@ -7,6 +7,21 @@ module Pcap
     def inspect
       "#<#{self.class}: #{self}>"
     end
+    def src_mac_address
+      return unpack_hex_string(raw_data[6, 12])
+    end
+    def dst_mac_address
+      return unpack_hex_string(raw_data[0, 6])
+    end
+    def ethertype
+      raw_data[12, 14].unpack('n')[0]
+    end
+    def unpack_hex_string(hex)
+      hex.unpack('H2H2H2H2H2H2').join('')
+    end
   end
   class IPPacket
@@ -15,6 +30,12 @@ module Pcap
     end
   end
+  class IPv6Packet
+    def to_s
+      "#{src_s} > #{dst_s} next header #{ip_nh}"
+    end
+  end
   class TCPPacket
     def tcp_data_len
       ip_len - 4 * (ip_hlen + tcp_hlen)
@@ -33,32 +54,123 @@ module Pcap
     def to_s
       "#{src}:#{sport} > #{dst}:#{dport} #{tcp_flags_s}"
     end
+  end
-    def src_mac_address
-      return unpack_hex_string(raw_data[6, 12])
+  class UDPPacket
+    def to_s
+      "#{src}:#{sport} > #{dst}:#{dport} len #{udp_len} sum #{udp_sum}"
     end
+  end
-    def dst_mac_address
-      return unpack_hex_string(raw_data[0, 6])
+  class ICMPPacket
+    def to_s
+      "#{src} > #{dst}: icmp: #{icmp_typestr}"
     end
+  end
-    def unpack_hex_string(hex)
-      return hex.unpack('H2H2H2H2H2H2').join('')
+  class TCPv6Packet
+    def tcp_flags_s
+      return \
+  (tcp_urg? ? 'U' : '.') +
+  (tcp_ack? ? 'A' : '.') +
+  (tcp_psh? ? 'P' : '.') +
+  (tcp_rst? ? 'R' : '.') +
+  (tcp_syn? ? 'S' : '.') +
+        (tcp_fin? ? 'F' : '.')
     end
-  end
-  class UDPPacket
     def to_s
-      "#{src}:#{sport} > #{dst}:#{dport} len #{udp_len} sum #{udp_sum}"
+      "#{src_s}:#{sport} > #{dst_s}:#{dport} #{tcp_flags_s}"
     end
   end
-  class ICMPPacket
+  class UDPv6Packet
     def to_s
-      "#{src} > #{dst}: icmp: #{icmp_typestr}"
+      "#{src_s}:#{sport} > #{dst_s}:#{dport} len #{udp_len} sum #{udp_sum}"
+    end
+  end
+  # Slow protocol frames
+  class SPPacket
+    # return Slow protocol subtype: 0x01 LACP, 0x02 Marker 0x03 EFM OAM
+    def sp_subtype
+      raw_data[14].unpack('C')[0]
     end
   end
+  # LACP frames
+  class LACPPacket
+    LACP_ACTIVITY = 0x01
+    LACP_TIMEOUT = 0x02
+    LACP_AGGR = 0x04
+    LACP_SYNC = 0x08
+    LACP_COLLECTING = 0x10
+    LACP_DISTR = 0x20
+    LACP_DEFAULTED = 0x40
+    LACP_EXPIRED = 0x80
+    # return LACP Version
+    def version
+      raw_data[15].unpack('C')[0]
+    end
+    # return Actor LACP flags in human readable form
+    def actor_flags
+      parse_flags(actor_info['Actor State'])
+    end
+    # return Actor LACP flags in human readable form
+    def partner_flags
+      parse_flags(partner_info['Partner State'])
+    end
+    # return LACP Actor TLV
+    def actor_info
+      # throw error if 1st TLV is not Actor
+      raise 'error in actor TLV' if raw_data[16].unpack('C')[0] != 1
+      {
+        'Actor System Priority' => raw_data[18,19].unpack('n')[0],
+        'Actor System Id' => unpack_hex_string(raw_data[20, 26]),
+        'Actor Key' => raw_data[26,27].unpack('n')[0],
+        'Actor Port Priority' => raw_data[28,29].unpack('n')[0],
+        'Actor Port' => raw_data[30,31].unpack('n')[0],
+        'Actor State' => raw_data[32].unpack('C')[0].to_i
+      }
+    end
+    # return LACP Partner TLV
+    def partner_info
+      # throw error if 2nd TLV is not Partner
+      actor_tlv_len = raw_data[17].unpack('C')[0]
+      base = 16 + actor_tlv_len
+      raise 'error in partner TLV' if raw_data[base].unpack('C')[0] != 2
+      base += 2
+      {
+        'Partner System Priority' => raw_data[base, base + 1].unpack('n')[0],
+        'Partner System Id' => unpack_hex_string(raw_data[base + 2, base + 7]),
+        'Partner Key' => raw_data[base + 8,base + 9].unpack('n')[0],
+        'Partner Port Priority' => raw_data[base + 10,base + 11].unpack('n')[0],
+        'Partner Port' => raw_data[base + 12,base + 13].unpack('n')[0],
+        'Partner State' => raw_data[base + 14].unpack('C')[0].to_i
+      }
+    end
+    # parse LACP flags based on 802.3ad-2000
+    def parse_flags(flags)
+      {
+        'Activity' => (LACP_ACTIVITY & flags).zero? ? 'Passive' : 'Active',
+        'Timeout' => (LACP_TIMEOUT & flags).zero? ? 'Long' : 'Short',
+        'Aggregation' => (LACP_AGGR & flags).zero? ? 'Individual' : 'Aggregatable',
+        'Synchronization' => (LACP_SYNC & flags).zero? ? 'OutSync' : 'InSync',
+        'Collecting' => (LACP_COLLECTING & flags).zero? ? 'NotCollecting' : 'Collecting',
+        'Distributing' => (LACP_DISTR & flags).zero? ? 'NotDistributing' : 'Distributing',
+        'Defaulted' => (LACP_DEFAULTED & flags).zero? ? 'RecvPartner' : 'DefaultPartner',
+        'Expired' => (LACP_EXPIRED & flags).zero? ? 'NotExpired' : 'Expired'
+      }
+    end
+  end
   #
   # Backword compatibility
   #

data/ruby-pcap.gemspec CHANGED Viewed

@@ -4,12 +4,12 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 Gem::Specification.new do |gem|
   gem.name          = "ruby-pcap"
-  gem.version       = "0.7.9"
-  gem.authors       = [%q{Masaki Fukushima}, %q{Andrew Hobson}]
-  gem.email         = ["mbarczak@gmail.com"]
+  gem.version       = "0.8.0"
+  gem.authors       = [%q{Masaki Fukushima}, %q{Andrew Hobson}, %q{Marcus Barczak}]
+  gem.email         = ["opensource@vitosha-labs.bg"]
   gem.description   = %q{Ruby interface to LBL Packet Capture library. This library also includes classes to access packet header fields.}
   gem.summary       = %q{Ruby interface to LBL Packet Capture library.}
-  gem.homepage      = "https://github.com/ickymettle/ruby-pcap"
+  gem.homepage      = "https://github.com/vitoshalabs/ruby-pcap"
   gem.license       = "GPL-2.0"
   gem.files         = `git ls-files`.split($/)

metadata CHANGED Viewed

@@ -1,15 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: ruby-pcap
 version: !ruby/object:Gem::Version
-  version: 0.7.9
+  version: 0.8.0
 platform: ruby
 authors:
 - Masaki Fukushima
 - Andrew Hobson
-autorequire:
+- Marcus Barczak
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-07-20 00:00:00.000000000 Z
+date: 2022-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake-compiler
@@ -28,7 +29,7 @@ dependencies:
 description: Ruby interface to LBL Packet Capture library. This library also includes
   classes to access packet header fields.
 email:
-- mbarczak@gmail.com
+- opensource@vitosha-labs.bg
 executables: []
 extensions:
 - ext/pcap/extconf.rb
@@ -75,11 +76,15 @@ files:
 - examples/tcpdump.rb
 - examples/test.rb
 - ext/pcap/Pcap.c
+- ext/pcap/arp_packet.c
 - ext/pcap/extconf.rb
 - ext/pcap/icmp_packet.c
+- ext/pcap/icmpv6_packet.c
 - ext/pcap/ip_packet.c
+- ext/pcap/ipv6_packet.c
 - ext/pcap/packet.c
 - ext/pcap/ruby_pcap.h
+- ext/pcap/slow_protocol_packet.c
 - ext/pcap/tcp_packet.c
 - ext/pcap/udp_packet.c
 - lib/pcap/packet.rb
@@ -87,11 +92,11 @@ files:
 - lib/pcap/tcpdump_time_format.rb
 - lib/pcap_misc.rb
 - ruby-pcap.gemspec
-homepage: https://github.com/ickymettle/ruby-pcap
+homepage: https://github.com/vitoshalabs/ruby-pcap
 licenses:
 - GPL-2.0
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -106,9 +111,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.2.3
-signing_key:
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: Ruby interface to LBL Packet Capture library.
 test_files: []