RubyGems - ruby-pcap - Versions diffs - 0.7.9 → 0.8.1 - Mend

ruby-pcap 0.7.9 → 0.8.1

Files changed (19) hide show

checksums.yaml +5 -5
data/.github/workflows/build.yml +26 -0
data/README.md +3 -7
data/examples/capture_duration.rb +28 -0
data/ext/pcap/Pcap.c +152 -23
data/ext/pcap/arp_packet.c +82 -0
data/ext/pcap/icmp_packet.c +35 -0
data/ext/pcap/icmpv6_packet.c +107 -0
data/ext/pcap/ip_packet.c +16 -7
data/ext/pcap/ipv6_packet.c +162 -0
data/ext/pcap/packet.c +36 -8
data/ext/pcap/ruby_pcap.h +34 -4
data/ext/pcap/slow_protocol_packet.c +29 -0
data/ext/pcap/tcp_packet.c +346 -6
data/ext/pcap/udp_packet.c +262 -1
data/lib/pcap/packet.rb +123 -11
data/ruby-pcap.gemspec +4 -4
metadata +16 -10
data/.travis.yml +0 -13

data/ext/pcap/ipv6_packet.c ADDED Viewed

@@ -0,0 +1,162 @@
+/*
+ *  ipv6_packet.c
+ */
+#include "ruby_pcap.h"
+VALUE cIPv6Packet;
+#define CheckTruncateIpv6(pkt, need) CheckTruncate(pkt, pkt->hdr.layer3_off, need, "truncated IPv6")
+#define IPV6_HL 40
+VALUE
+setup_ipv6_packet(pkt, nl_len)
+     struct packet_object *pkt;
+     int nl_len;
+{
+    VALUE class;
+    class = cIPv6Packet;
+    pkt->hdr.layer4_off = pkt->hdr.layer3_off + IPV6_HL;
+    switch (IPV6_HDR(pkt)->ip6_nxt) {
+      case IPPROTO_TCP:
+        DEBUG_PRINT("setup_tcpv6_packet");
+        class = setup_tcpv6_packet(pkt, nl_len - IPV6_HL);
+        break;
+      case IPPROTO_UDP:
+        DEBUG_PRINT("setup_udpv6_packet");
+        class = setup_udpv6_packet(pkt, nl_len - IPV6_HL);
+        break;
+      case IPPROTO_ICMPV6:
+        DEBUG_PRINT("setup_icmpv6_packet");
+        class = setup_icmpv6_packet(pkt);
+        break;
+    }
+    return class;
+}
+#define IPV6P_METHOD(func, val) \
+static VALUE\
+(func)(self)\
+     VALUE self;\
+{\
+    struct ip6_hdr *ip;\
+\
+    DEBUG_PRINT(#func);\
+    ip = IPV6_HDR_OBJ(self);\
+    return (val);\
+}
+IPV6P_METHOD(ipp_ver, INT2FIX(ip->ip6_vfc >> 4))
+/*
+The bits of this field hold two values.
+The six most-significant bits hold the Differentiated Services (DS) field, which is used to classify packets.
+Currently, all standard DS fields end with a '0' bit. Any DS field that ends with two '1' bits is intended for local or experimental use.[4]
+The remaining two bits are used for Explicit Congestion Notification (ECN);
+priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic.
+*/
+IPV6P_METHOD(ipp_tc,  INT2FIX((ntohl(ip->ip6_flow) & 0x0FF00000) >> 20))
+IPV6P_METHOD(ipp_ds,  INT2FIX((ntohl(ip->ip6_flow) & 0x0FF00000) >> 22))
+IPV6P_METHOD(ipp_ecn, INT2FIX((ntohl(ip->ip6_flow) & 0x00300000) >> 20))
+IPV6P_METHOD(ipp_fl,  INT2FIX(ntohl(ip->ip6_flow) & 0x000FFFFF))
+IPV6P_METHOD(ipp_pl,  INT2FIX(ntohs(ip->ip6_plen)))
+IPV6P_METHOD(ipp_nh,  INT2FIX(ip->ip6_nxt))
+IPV6P_METHOD(ipp_hl,  INT2FIX(ip->ip6_hlim))
+static VALUE
+ipp_truncated(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip6_hdr *ip;
+    GetPacket(self, pkt);
+    ip = IPV6_HDR(pkt);
+    if IsTruncated(pkt, pkt->hdr.layer3_off, ntohs(ip->ip6_plen))
+        return Qtrue;
+    return Qfalse;
+}
+static VALUE
+ipp_data(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip6_hdr *ip;
+    int len;
+    GetPacket(self, pkt);
+    ip = IPV6_HDR(pkt);
+    CheckTruncateIpv6(pkt, 20);
+    len = pkt->hdr.pkthdr.caplen - pkt->hdr.layer3_off - IPV6_HL;
+    return rb_str_new((u_char *)ip + IPV6_HL, len);
+}
+/*
+ * IPv6Address
+ */
+static VALUE
+ipp_src_i(self)
+    VALUE self;
+{
+  struct ip6_hdr *ip;
+  ip = (struct ip6_hdr *)IPV6_HDR_OBJ(self);
+  return rb_integer_unpack(ip->ip6_src.s6_addr, 16, 1, 0, INTEGER_PACK_BIG_ENDIAN);
+}
+static VALUE
+ipp_src_s(self)
+  VALUE self;
+{
+  struct ip6_hdr *ip;
+  char buff[INET6_ADDRSTRLEN];
+  ip = (struct ip6_hdr *)IPV6_HDR_OBJ(self);
+  inet_ntop(AF_INET6, ip->ip6_src.s6_addr, buff, INET6_ADDRSTRLEN);
+  return rb_str_new2(buff);
+}
+static VALUE
+ipp_dst_i(self)
+    VALUE self;
+{
+  struct ip6_hdr *ip;
+  ip = IPV6_HDR_OBJ(self);
+  return rb_integer_unpack(ip->ip6_dst.s6_addr, 16, 1, 0, INTEGER_PACK_BIG_ENDIAN);
+}
+static VALUE
+ipp_dst_s(self)
+  VALUE self;
+{
+  char buff[INET6_ADDRSTRLEN];
+  struct ip6_hdr *ip;
+  ip = IPV6_HDR_OBJ(self);
+  inet_ntop(AF_INET6, ip->ip6_dst.s6_addr, buff, INET6_ADDRSTRLEN);
+  return rb_str_new2(buff);
+}
+void
+Init_ipv6_packet(void)
+{
+    DEBUG_PRINT("Init_ipv6_packet");
+    cIPv6Packet = rb_define_class_under(mPcap, "IPv6Packet", cPacket);
+    rb_define_method(cIPv6Packet, "ip_ver", ipp_ver, 0);
+    rb_define_method(cIPv6Packet, "ip_tc", ipp_tc, 0);
+    rb_define_method(cIPv6Packet, "ip_ds", ipp_ds, 0);
+    rb_define_method(cIPv6Packet, "ip_ecn", ipp_ecn, 0);
+    rb_define_method(cIPv6Packet, "ip_fl", ipp_fl, 0); /* IPv6 flow label */
+    rb_define_method(cIPv6Packet, "ip_pl", ipp_pl, 0); /* IPv6 Payload length */
+    rb_define_method(cIPv6Packet, "ip_nh", ipp_nh, 0); /* IPv6 Next header */
+    rb_define_method(cIPv6Packet, "ip_hl", ipp_hl, 0); /* IPv6 Hop limit */
+    rb_define_method(cIPv6Packet, "src_s", ipp_src_s, 0);
+    rb_define_method(cIPv6Packet, "dst_s", ipp_dst_s, 0);
+    rb_define_method(cIPv6Packet, "src_i", ipp_src_i, 0);
+    rb_define_method(cIPv6Packet, "dst_i", ipp_dst_i, 0);
+    rb_define_method(cIPv6Packet, "ip_data", ipp_data, 0);
+    rb_define_method(cIPv6Packet, "ip_truncated?", ipp_truncated, 0);
+}

data/ext/pcap/packet.c CHANGED Viewed

@@ -11,7 +11,17 @@
 #include <sys/socket.h>
 #include <net/if.h>
 #include <netinet/if_ether.h>
+#ifndef ETH_P_IPV6
+#define ETH_P_IPV6 0x86DD /* IPv6 packet */
+#endif
+#ifndef ETH_P_SLOW
+#define ETH_P_SLOW 0x8809 /* Slow Protocol frame */
+#endif
+#ifndef ETH_P_ARP
+#define ETH_P_ARP	0x0806		/* Address Resolution packet	*/
+#endif
 #define DL_HDR(pkt)     ((u_char *)LAYER2_HDR(pkt))
 #define DL_DATA(pkt)    ((u_char *)LAYER3_HDR(pkt))
@@ -125,14 +135,18 @@ new_packet(data, pkthdr, dl_type)
         case ETHERTYPE_IP:
             class = setup_ip_packet(pkt, nl_len);
             break;
+        case ETH_P_IPV6:
+            class = setup_ipv6_packet(pkt, nl_len);
+            break;
+        case ETH_P_ARP:
+            class = setup_arp_packet(pkt, nl_len);
+            break;
+        case ETH_P_SLOW:
+            class = setup_slow_protocol_packet(pkt, nl_len);
+            break;
         }
     }
-#if DEBUG
-    if (ruby_debug && TYPE(class) != T_CLASS) {
-        rb_fatal("not class");
-    }
-#endif
-    return Data_Wrap_Struct(class, mark_packet, free_packet, pkt);
+  return Data_Wrap_Struct(class, mark_packet, free_packet, pkt);
 }
 static VALUE
@@ -282,14 +296,18 @@ static VALUE\
 PACKET_METHOD(packet_get_udata, pkt->udata);
 PACKET_METHOD(packet_datalink, INT2FIX(pkt->hdr.dl_type));
 PACKET_METHOD(packet_ip, rb_obj_is_kind_of(self, cIPPacket));
-PACKET_METHOD(packet_tcp, rb_obj_is_kind_of(self, cTCPPacket));
-PACKET_METHOD(packet_udp, rb_obj_is_kind_of(self, cUDPPacket));
+PACKET_METHOD(packet_ipv6, rb_obj_is_kind_of(self, cIPv6Packet));
+PACKET_METHOD(packet_tcp, rb_obj_is_kind_of(self, cTCPPacket) | rb_obj_is_kind_of(self, cTCPv6Packet));
+PACKET_METHOD(packet_udp, rb_obj_is_kind_of(self, cUDPPacket) | rb_obj_is_kind_of(self, cUDPv6Packet));
 PACKET_METHOD(packet_length, UINT32_2_NUM(pkt->hdr.pkthdr.len));
 PACKET_METHOD(packet_caplen, UINT32_2_NUM(pkt->hdr.pkthdr.caplen));
 PACKET_METHOD(packet_time, rb_time_new(pkt->hdr.pkthdr.ts.tv_sec,
                                        pkt->hdr.pkthdr.ts.tv_usec));
 PACKET_METHOD(packet_time_i, rb_int2inum(pkt->hdr.pkthdr.ts.tv_sec));
 PACKET_METHOD(packet_raw_data, rb_str_new(pkt->data, pkt->hdr.pkthdr.caplen));
+PACKET_METHOD(packet_arp, rb_obj_is_kind_of(self, cARPPacket));
+PACKET_METHOD(packet_lacp, rb_obj_is_kind_of(self, cLACPPacket));
 void
 Init_packet(void)
@@ -308,9 +326,12 @@ Init_packet(void)
     rb_define_method(cPacket, "udata", packet_get_udata, 0);
     rb_define_method(cPacket, "udata=", packet_set_udata, 1);
     rb_define_method(cPacket, "datalink", packet_datalink, 0);
+    rb_define_method(cPacket, "arp?", packet_arp, 0);
     rb_define_method(cPacket, "ip?", packet_ip, 0);
+    rb_define_method(cPacket, "ipv6?", packet_ipv6, 0);
     rb_define_method(cPacket, "tcp?", packet_tcp, 0);
     rb_define_method(cPacket, "udp?", packet_udp, 0);
+    rb_define_method(cPacket, "lacp?", packet_lacp, 0);
     rb_define_method(cPacket, "length", packet_length, 0);
     rb_define_method(cPacket, "size", packet_length, 0);
     rb_define_method(cPacket, "caplen", packet_caplen, 0);
@@ -325,4 +346,11 @@ Init_packet(void)
     id_load = rb_intern("load");
     id_dump = rb_intern("dump");
     Init_ip_packet();
+    Init_arp_packet();
+    Init_ipv6_packet();
+    Init_tcp_packet();
+    Init_udp_packet();
+    Init_icmp_packet();
+    Init_icmpv6_packet();
+    Init_sp_packet();
 }

data/ext/pcap/ruby_pcap.h CHANGED Viewed

@@ -15,6 +15,8 @@
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
+#include <netinet/ip6.h>
+#include <netinet/icmp6.h>
 #include <arpa/inet.h>
 #ifndef IP_OFFMASK
 # define IP_OFFMASK 0x1fff
@@ -29,10 +31,7 @@
 #include <netdb.h>
 #ifdef DEBUG
-# define DEBUG_PRINT(x) do {\
-    ((RTEST(ruby_debug) && RTEST(ruby_verbose))?\
-    (fprintf(stderr, "%s\n", x),fflush(stderr)) : 0)\
-} while (0)
+# define DEBUG_PRINT(x) fprintf(stderr, "%s\n", x),fflush(stderr)
 #else
 # define DEBUG_PRINT(x) do {} while (0)
 #endif
@@ -89,11 +88,16 @@ struct packet_object {
         rb_raise(eTruncatedPacket, (emsg)) : 0 \
 )
+#define IsTruncated(pkt, from, need) (\
+    (from) + (need) > (pkt)->hdr.pkthdr.caplen ? \
+        1 : 0 \
+)
 #define IsKindOf(v, class) RTEST(rb_obj_is_kind_of(v, class))
 #define CheckClass(v, class) ((IsKindOf(v, class)) ? 0 :\
     rb_raise(rb_eTypeError, "wrong type %s (expected %s)",\
         rb_class2name(CLASS_OF(v)), rb_class2name(class)))
+#define DEBUG_CHECKSUM 0
 /* Pcap.c */
 extern VALUE mPcap, rbpcap_convert;
@@ -118,17 +122,43 @@ VALUE new_ipaddr(struct in_addr *);
 /* tcp_packet.c */
 extern VALUE cTCPPacket;
+extern VALUE cTCPv6Packet;
 void Init_tcp_packet(void);
 VALUE setup_tcp_packet(struct packet_object *, int);
+VALUE setup_tcpv6_packet(struct packet_object *, int);
+/* ipv6_packet.c */
+#define IPV6_HDR(pkt)     ((struct ip6_hdr *)LAYER3_HDR(pkt))
+#define IPV6_HDR_OBJ(self) ((struct ip6_hdr *)LAYER3_HDR((struct packet_object *)DATA_PTR(self)))
+extern VALUE cIPv6Packet;
+void Init_ipv6_packet(void);
+VALUE setup_ipv6_packet(struct packet_object *, int);
 /* udp_packet.c */
 extern VALUE cUDPPacket;
+extern VALUE cUDPv6Packet;
 void Init_udp_packet(void);
 VALUE setup_udp_packet(struct packet_object *, int);
+VALUE setup_udpv6_packet(struct packet_object *, int);
 /* icmp_packet.c */
 extern VALUE cICMPPacket;
+extern VALUE cICMPv6Packet;
 void Init_icmp_packet(void);
+void Init_icmpv6_packet(void);
 VALUE setup_icmp_packet(struct packet_object *, int);
+VALUE setup_icmpv6_packet(struct packet_object *);
+/* arp_packet.c */
+extern VALUE cARPPacket;
+void Init_arp_packet(void);
+VALUE setup_arp_packet(struct packet_object *, int);
+/* slow_protocol_packet.c */
+extern VALUE cSPPacket;
+extern VALUE cLACPPacket;
+void Init_sp_packet(void);
+VALUE setup_slow_protocol_packet(struct packet_object *, int);
 #endif /* RUBY_PCAP_H */

data/ext/pcap/slow_protocol_packet.c ADDED Viewed

@@ -0,0 +1,29 @@
+#include "ruby_pcap.h"
+VALUE cSPPacket;
+VALUE cLACPPacket;
+VALUE
+setup_slow_protocol_packet(pkt, nl_len)
+  struct packet_object *pkt;
+  int nl_len;
+{
+  VALUE class;
+  DEBUG_PRINT("setup_slow_protocol_packet");
+  if (pkt->data[14] == 0x01) {
+    class = cLACPPacket;
+  } else {
+    class = cSPPacket;
+  }
+  return class;
+}
+void
+Init_sp_packet(void)
+{
+    DEBUG_PRINT("Init_sp_packet");
+    cSPPacket = rb_define_class_under(mPcap, "SPPacket", cPacket);
+    cLACPPacket = rb_define_class_under(mPcap, "LACPPacket", cSPPacket);
+}