scriptroute 0.4.14

data/lib/scriptroute/liveness.rb

@@ -0,0 +1,129 @@
+module Scriptroute
+class LivenessTest
+  # whether a host is responsive for measurement; try_icmp or try_tcp.
+
+  attr_reader :responsives
+  attr_reader :pingfiltering
+  attr_reader :broken # do ping, but not http.
+  attr_reader :unresponsives
+  def LivenessTest.try_icmp(destinations)
+    retvalResponsives = []
+    retvalUnresponsives = []
+    begin 
+      responses = Scriptroute::send_train( destinations.map { |dst|
+          begin
+            probe = Scriptroute::ICMPecho.new
+            probe.ip_dst = dst
+            Struct::DelayedPacket.new(0.01,probe)
+          rescue RuntimeError => e
+            # happens if dns lookup doesn't work; we'll mark it dead.
+            # 2013-aug added to handle dns fail.
+            retvalUnresponsives.push(dst)
+            nil
+          rescue => e
+            # happens if dns lookup doesn't work; we'll mark it dead.
+            retvalUnresponsives.push(dst)
+            nil
+          end
+        }.compact )
+      responses.each_with_index { |tuple,i|
+        if(tuple.response && 
+            tuple.response.packet.is_a?(Scriptroute::ICMP) && 
+            tuple.response.packet.icmp_type == Scriptroute::ICMP::ICMP_ECHOREPLY) then
+          retvalResponsives.push(destinations[i])
+        else
+          retvalUnresponsives.push(destinations[i])
+        end
+      }
+    rescue => e
+      if(e=~/packet (%d) of %d/) then
+        puts "LivenessTest.try_icmp(#{destinations.join(', ')}) took #{e} when 
+contacting %s (or maybe %s)" % [ destinations[$1.to_i], destinations[$1.to_i-1] ]
+      else
+        puts "LivenessTest.try_icmp(#{destinations.join(', ')}) took #{e}"
+      end
+    end
+    return retvalResponsives, retvalUnresponsives;
+  end
+
+  def LivenessTest.try_tcp(destinations, use_syn=false) 
+    retvalResponsives = []
+    retvalUnresponsives = []
+    if (destinations.length < 1) then
+      raise "you want to give a list of destinations to probe"
+    end
+    begin
+      responses = Scriptroute::send_train( destinations.map { |dst|
+          probe = Scriptroute::TCP.new(0) 
+          probe.ip_dst = dst
+          probe.flag_syn = use_syn
+          probe.flag_ack = !use_syn
+          if(use_syn) then 
+            probe.th_dport = 80
+          end
+          Struct::DelayedPacket.new(0.01,probe)
+        } )
+      responses.each_with_index { |tuple,i|
+        puts tuple.probe.inspect
+        puts (tuple.response.inspect or "no response")
+        # puts tuple.to_s
+        if(tuple.response && tuple.response.packet.is_a?(Scriptroute::TCP) && 
+            ( (use_syn && tuple.response.packet.flag_syn) || 
+              (!use_syn && tuple.response.packet.flag_rst)) ) then
+          retvalResponsives.push(destinations[i])
+        else
+          retvalUnresponsives.push(destinations[i])
+        end
+      }
+    rescue => e
+      if(e.to_s =~ /packet (\d+) of \d+/) then
+        puts "LivenessTest.try_tcp(...) took #{e} (#{$1} is to #{destinations[$1.to_i]} maybe #{destinations[$1.to_i - 1]} "
+      else
+        puts "LivenessTest.try_tcp(#{destinations.join(', ')}) took #{e} #{e.backtrace[0]}"
+      end
+      return destinations, []; 
+    end
+    return retvalResponsives, retvalUnresponsives;
+  end
+
+  def initialize(destinations)
+    @responsives = []
+    @unresponsives = []
+    @broken = []
+    if(destinations.is_a?(String)) then
+      # promote to an array
+      destinations = [ destinations ]
+    end
+    if(destinations.length == 0) then
+      raise "Empty array passed to LivenessTest.new()"
+    end
+    icmp_responsive, icmp_unresponsive = LivenessTest.try_icmp(destinations);
+    @pingfiltering, @unresponsives = if(icmp_unresponsive.length > 0) then
+                                       LivenessTest.try_tcp(icmp_unresponsive, false);
+                                     else
+                                       [[], [] ]
+                                     end
+    @responsives, @broken = if(icmp_responsive.length > 0) then
+                              LivenessTest.try_tcp(icmp_responsive, true);
+                            else
+                              [[], []]
+                            end
+  end
+
+  def to_s
+    "Responsives:   " + @responsives.join(" ") + 
+      "\nUnresponsivees: " + @unresponsives.join(" ") +
+      "\nPing Filtering: " + @pingfiltering.join(" ") +
+      "\nBroken (ping not http): " + @broken.join(" ")
+  end
+  def summary
+    "%d responsive, %d unresponsive" % [ @responsives.length, @unresponsives.length ]
+  end
+end
+end
+
+if __FILE__ == $0
+  if  ARGV.length > 0  then
+    puts LivenessTest.new(ARGV)
+  end
+end

data/lib/scriptroute/nameify.rb

@@ -0,0 +1,127 @@
+#!/usr/bin/ruby
+# generates a pretty version of an ip address using
+# a reverse dns lookup and running the name through
+# undns for decoding.
+
+# one might modify this to consult other databases
+# in the process.
+
+require 'scriptroute'
+
+$have_undns = begin
+                require 'undns'
+                true
+              rescue LoadError, SecurityError
+                false
+              end
+$have_origins = begin
+                  $have_undns and Undns.origins_init
+                  true
+                rescue
+                  false
+                end
+$have_socket = begin
+                 require 'socket'
+                 true
+               rescue LoadError, SecurityError
+                 $stderr.puts "couldn't load socket"
+                 false
+               end
+$have_resolv = if(!$have_socket or Socket.gethostbyname("127.0.0.1")[0] !~ /localhost/) then
+                 begin
+                   # if socket library is not there or doesn't effectively do reverse lookups (dammit)
+                   require 'resolv'
+                   true
+                 rescue LoadError, SecurityError
+                   $stderr.puts "couldn't load resolv"
+                   false
+                 end
+               else
+                 false # don't need it.
+               end
+
+module Scriptroute
+def Scriptroute::nameify(addr)
+  unless addr.is_a?(Scriptroute::IPaddress) then
+    # if not a known IP address, validate.
+    if addr == nil or addr == '' then 
+      # empty string. usually a mistake somewhere.
+      $stderr.puts "nameify('') called from:\n  " + Kernel.caller.join("\n   ")
+      return addr
+    end
+    if(! /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(addr)) then
+      # not an ip address looking thing.
+      $stderr.puts "nameify(#{addr}) called from:\n  " + Kernel.caller.join("\n   ")
+      return addr
+    end
+  end
+  name =
+    if($have_resolv) then
+      begin
+        Resolv.getnames(addr.to_s)[0]
+      rescue ArgumentError => boom
+        # seems to happen for RFC1918 space, but probably just for those
+        # addresses without a name.
+        $stderr.puts "argument error resolving '#{addr}' to name using resolv: " + boom
+        nil 
+      rescue SocketError => boom
+        nil
+      end
+    elsif($have_socket) then
+      begin
+        name = (Socket.gethostbyname(addr.to_s)[0]).gsub(/\"/,'')
+        name
+      rescue ArgumentError => boom
+        # seems to happen for RFC1918 space, but probably just for those
+        # addresses without a name.
+        $stderr.puts "argument error resolving '#{addr}' to name: " + boom
+        nil 
+      rescue SocketError => boom
+        nil
+      end
+    else
+      nil
+    end
+  attributes = if($have_undns) then
+                 if(name) then
+                   asn = Undns.get_asn_bydns(name)
+                   if($have_origins) then
+                     " [%d/%d]" % [ asn, Undns.origin_for_address_str(addr) ]
+                   elsif(asn > 0) then
+                     " [%d]" % [ asn ]
+                   else
+                     ""
+                   end +
+                     if(asn > 0) then
+                       " {%s}" % [ Undns.get_loc(asn, name) ]
+                     else
+                       ""
+                     end
+                 elsif($have_origins) then
+                   # don't have a name.
+                   " [/%d]" % [ Undns.origin_for_address_str(addr) ]
+                 else
+                   ""
+                 end
+               else
+                 ""
+               end
+
+  if(name) then
+    name + ' (' + addr.to_s + ')' + attributes
+  else
+    addr.to_s + attributes
+  end
+end
+end
+
+
+if $0 == __FILE__ then
+  # Undns.want_debug=1
+  # Undns.want_conventions_debug=1 seems to fail to work for some reason.
+  puts nameify("12.123.203.170")
+  puts Undns.get_loc(7018, "tbr1-p012502.st6wa.ip.att.net")
+  puts Undns.get_loc(0, "tbr1-p012502.st6wa.ip.att.net")
+  puts Undns.get_asn_bydns("tbr1-p012502.st6wa.ip.att.net")
+end
+

data/lib/scriptroute/packets.rb

@@ -0,0 +1,800 @@
+module Scriptroute
+# a small library of routines for constructing packets
+# as strings to hand off to the interpreter.
+  
+  class IPv4
+    IPPROTO_ICMP = 1
+    IPPROTO_TCP = 6
+    IPPROTO_UDP = 17
+  end
+
+  class ICMP < IPv4
+    ICMP_ECHO = 8
+    ICMP_ECHOREPLY = 0 
+    ICMP_UNREACH = 3 
+    ICMP_TIMXCEED = 11
+    ICMP_TIMESTAMP = 13 
+    ICMP_TIMESTAMPREPLY = 14 
+    ICMP_MASKREQ		= 17	#	/* address mask request */
+    ICMP_MASKREPLY		= 18	#	/* address mask reply */
+    ICMP_PARAMETERPROB = 12
+    
+    ICMP_UNREACH_NET	        = 0 # 	/* bad net */
+    ICMP_UNREACH_HOST	        = 1	 # /* bad host */
+    ICMP_UNREACH_PROTOCOL	        = 2	 # /* bad protocol */
+    ICMP_UNREACH_PORT	        = 3	 # /* bad port */
+    ICMP_UNREACH_NEEDFRAG	        = 4	 # /* IP_DF caused drop */
+    ICMP_UNREACH_SRCFAIL	        = 5	 # /* src route failed */
+    ICMP_UNREACH_NET_UNKNOWN        = 6	 # /* unknown net */
+    ICMP_UNREACH_HOST_UNKNOWN       = 7	 # /* unknown host */
+    ICMP_UNREACH_ISOLATED	        = 8	 # /* src host isolated */
+    ICMP_UNREACH_NET_PROHIB	        = 9	 # /* net denied */
+    ICMP_UNREACH_HOST_PROHIB        = 10 # 	/* host denied */
+    ICMP_UNREACH_TOSNET	            = 11 # 	/* bad tos for net */
+    ICMP_UNREACH_TOSHOST	        = 12 # 	/* bad tos for host */
+    ICMP_UNREACH_FILTER_PROHIB      = 13 # 	/* admin prohib */
+    ICMP_UNREACH_HOST_PRECEDENCE    = 14 # 	/* host prec vio. */
+    ICMP_UNREACH_PRECEDENCE_CUTOFF  = 15 # 	/* prec cutoff */
+  end
+  
+  class IPv4option
+    IPOPT_EOOL = 0  
+    IPOPT_EOL = 0   # deprecated, backward compatibility.
+    IPOPT_NOOP = 1
+    IPOPT_TS = 68
+    IPOPT_TIMESTAMP = IPOPT_TS
+    IPOPT_RR = 7
+    
+    IPOPT_TS_TSONLY = 0
+    IPOPT_TS_TSANDADDR = 1
+    IPOPT_TS_PRESPEC = 3
+  end
+
+  class TCP < IPv4
+    TH_FIN	= 0x01
+    TH_SYN	= 0x02
+    TH_RST	= 0x04
+    TH_PUSH	= 0x08
+    TH_ACK	= 0x10
+    TH_URG	= 0x20
+  end
+  
+end
+
+class Array
+  def inject(n)
+    each { |value| n = yield(n, value) }
+    n
+  end
+  # used for calculating header length.
+  def sum
+    inject(0) { |n, value| n + value }
+  end
+  def max
+    inject(0) { |n, value| ((n > value) ? n : value) }
+  end
+  def even_subscripts
+    r = Array.new
+    0.step(self.length, 2) { |i| r.push(self[i]) }
+    r
+  end
+  def odd_subscripts
+    r = Array.new
+    1.step(self.length, 2) { |i| r.push(self[i]) }
+    r
+  end
+end
+
+module Scriptroute
+  class IPaddress
+    # @param n [String,IPaddress,Integer] a hostname, an IP address in string form, another IPaddress or an IP address in numeric form
+    def initialize(n)
+      raise "Seems bad to initialize an IPaddress with nil." unless n
+      if(n.is_a?(String)) then
+        shf = 32
+        if n =~ /^[\d\.]+$/ then
+          @addr = n.split('.').map { |i| shf -= 8; i.to_i << shf }.sum
+        else
+          addr = Scriptroute::dns_lookup(n)
+          if addr then
+            @addr = addr.split('.').map { |i| shf -= 8; i.to_i << shf }.sum
+          else
+            $stderr.puts "unable to lookup #{n}"
+            @addr = 0
+          end
+        end
+      elsif(n.is_a?(IPaddress)) then
+        @addr = n.to_i
+      else
+        @addr = n
+      end
+    end
+    # @return [String] dotted quad notation of the IP address.
+    def to_s
+      [ @addr >> 24, @addr >> 16, @addr >> 8, @addr ].map { |i| i & 0xff }.join(".")
+    end
+    # just invokes to_s for now.
+    # @return [String]
+    def inspect
+      to_s
+    end
+    # @return [Integer]
+    def to_i
+      @addr
+    end
+    # in case you would like to store a {Hash} with IPaddresses as keys
+    def hash
+      @addr
+    end
+    # in case you would like to store a {Hash} with IPaddresses as keys
+    def eql?(other)
+      @addr == other.to_i
+    end
+    # Compares numerically, for sorting.
+    def <=>(other)
+      @addr <=> other.to_i
+    end
+    # Compares numerically, for equality test.
+    def ==(other)
+      @addr == other.to_i
+    end
+    # @returns [String] using {Scriptroute::nameify}
+    def nameify
+      Scriptroute.nameify(self.to_s)
+    end
+  end
+
+  class IPv4
+    # @return [Fixnum]
+    attr_reader :ip_hl, :ip_v, :ip_tos, :ip_len, :ip_id, :ip_off, 
+      :ip_ttl, :ip_p, :ip_sum
+    # @return [IPaddress]
+    attr_reader :ip_src, :ip_dst
+    # @return [Array<IPv4option>]
+    attr_reader :ip_options
+    # @return [Fixnum]
+    attr_writer :ip_tos, :ip_id, :ip_off, 
+      :ip_ttl, :ip_sum # :ip_dst, 
+    # @return [Array<IPv4option>]
+    attr_writer :ip_options
+
+    # @param [String,IPaddress] destination_address the destination of this packet.
+    def ip_dst=(destination_address)
+      @ip_dst = IPaddress.new(destination_address)
+    end
+
+    # @return [String] The packet in string form
+    def marshal
+      calculate_packet_len
+      [ (@ip_v << 4) + @ip_hl, @ip_tos, @ip_len, 
+        @ip_id, @ip_off, 
+        @ip_ttl, @ip_p, @ip_sum,
+        @ip_src.to_i, 
+        @ip_dst.to_i ].pack("ccn" + "nn" + "ccn" + "N" + "N") + 
+        @ip_options.map { |o| o.marshal }.join
+    end
+    # @return [Fixnum] the length of the payload, intended to be implemented by subclasses.
+    # @raise [RuntimeError] if invoked directly instead of being overloaded.
+    def ip_payload_len
+      raise  "ip_payload_len is a pure virtual function in IPv4"
+    end
+    # sets ip_hl, should not be necessary to call this explicitly.
+    # @return [void]
+    def calculate_header_len 
+      @ip_hl = [ 5 + ((ip_options.map { |o| o.ipt_len }.sum)/4.0).ceil, 15 ].min # at most 15
+    end
+    # @return [void]
+    def calculate_packet_len 
+      calculate_header_len # ensures @ip_hl is set properly
+      raise "ip_payload_len not calculated" unless ip_payload_len
+      @ip_len = ip_payload_len + (@ip_hl * 4)
+    end
+    # @param opt [IPv4option] add a record route or timestamp option.
+    # @return [void]
+    def add_option(opt)
+      opt.is_a?(IPv4option) or raise "can add only IPv4options"
+      @ip_options.push(opt)
+      calculate_header_len
+    end
+    # This method is probably only useful for calling from subclasses.
+    # @param p [Fixnum] the protocol, either Scriptroute::IPv4::IPPROTO_ICMP, IPPROTO_TCP, or IPPROTO_UDP
+    def initialize(p) 
+      if(p.is_a?(Fixnum)) then
+        @ip_v = 4
+        @ip_tos = 0
+        @ip_id = 11 
+        @ip_off = 0
+        @ip_ttl = 64
+        @ip_p = p
+        @ip_sum = 0
+        @ip_src = 0
+        @ip_dst = 0
+        @ip_options = Array.new
+        calculate_packet_len
+      else
+        raise "need a protocol number to instantiate an ipv4 packet"
+      end
+    end
+    
+    # a by-ip_p table of packet instantiators.  
+    @@creators = Hash.new
+
+    # invoke a factory(?) to create a TCP/UDP/ICMP as appropriate, then
+    # unmarshal the IPv4 header contents.
+    # @param [String] str the bytes of the packet to unpack.
+    def IPv4.creator(str) 
+      ip_vhl, ip_tos, ip_len,
+        ip_id, ip_off,
+        ip_ttl, ip_p, ip_sum,
+        ip_src, ip_dst = str.unpack("ccn" + "nn" + "ccn" + "N" + "N");
+      ip_hl = ip_vhl & 0xf;
+      if(@@creators[ip_p]) then
+        pkt = (@@creators[ip_p]).call(str[(ip_hl * 4) .. ip_len])
+
+        pkt.ipv4_unmarshal(str)
+        pkt
+      else
+        raise "unknown protocol #%d in %s" % [ ip_p, str.unpack("C*").map { |c| "%x" % c }.join(' ') ]
+      end
+    end
+
+    # unpack the ipv4 component of the packet, even if we're
+    # unmarshaling an instance of a subclass.
+    # @param [String] str The string from which to unpack.
+    # @return [void]
+    def ipv4_unmarshal(str)
+      ip_vhl, @ip_tos, @ip_len,
+        @ip_id, @ip_off,
+        @ip_ttl, @ip_p, @ip_sum,
+        ip_src, ip_dst = str.unpack("CCn" + "nn" + "CCn" + "N" + "N");
+      @ip_src, @ip_dst = [ip_src, ip_dst].map { |addr| IPaddress.new(addr) }
+      @ip_hl = ip_vhl & 0xf;
+      @ip_v = (ip_vhl & 0xf0) >> 4;
+      @ip_options = Array.new
+      if(@ip_hl > 5) then
+        add_option(IPv4option.creator(str[20 .. (@ip_hl*4)]))
+      end
+    end
+
+    # @return [String]
+    def to_s
+      "%s > %s ttl%d" % [ @ip_src, @ip_dst, @ip_ttl ] + 
+        @ip_options.map { |o| o.to_s }.join(", ")
+    end
+    private :initialize
+    private :marshal
+  end
+
+  # base class for IPv4 options.
+  class IPv4option
+    # @return [Fixnum]
+    attr_reader :ipt_code, :ipt_len, :ipt_ptr
+    attr_writer :ipt_ptr
+    @@creators = Hash.new
+    def IPv4option.creator(str) 
+      ipt_code, ipt_len, ipt_ptr = str.unpack("CCC")
+      if(@@creators[ipt_code]) then
+        pkt = (@@creators[ipt_code]).call(str)
+      else
+        raise "unknown ip option code %d" % ipt_code
+      end
+    end
+    def initialize(*rest) 
+      if(rest.length == 3) then
+        @ipt_code = rest[0]
+        @ipt_len = rest[1]
+        @ipt_ptr = rest[2]
+      else
+        @ipt_code, @ipt_len, @ipt_ptr = rest[0].unpack("CCC")
+      end
+    end
+    # @return [String] The packet in string form
+    def marshal
+      # doesn't end on a word. 
+      [ @ipt_code, @ipt_len, @ipt_ptr ].pack("CCC")
+    end
+    # @return [String]
+    def to_s
+      ": opt: code %d len %d ptr %d" % [ @ipt_code, @ipt_len, @ipt_ptr ]
+    end
+    # must be instatiated through a derived class.
+    private :marshal
+  end
+
+  # The IPv4 EOOL option, which has a purpose.
+  class EndOfOptions_option < IPv4option
+	@@creators[IPOPT_EOOL] = lambda { |hdr|
+      p = EndOfOptions_option.new(hdr)
+	}
+	def initialize(flag_or_str)
+      if(flag_or_str.is_a?(Fixnum)) then
+        super(IPOPT_EOOL, 0, 1,nil) # maximum length is 40, but tcpdump whines.
+      else
+        @ipt_code = flag_or_str.unpack("c")
+        @ipt_len=1
+      end
+	end
+    # @return [String]
+	def to_s
+      ":ip_option_code=#{@ipt_code}"
+	end
+    # @return [String] the option in string form
+	def marshal
+      @ipt_code.pack("c")  # oflw will be init'd to zero
+	end
+  end
+
+  # The IPv4 NOOP option, which has a purpose.
+  class NOOP_option < EndOfOptions_option
+    # an IP option that doesn't do anything, but we parse it anyway.
+	@@creators[IPOPT_NOOP] = lambda { |hdr| # hack in NOOP support as well
+      p = NOOP_option.new(hdr)
+	}
+  end
+
+  # The IPv4 timestamp option, which can determine routers 
+  class Timestamp_option < IPv4option
+    # @return [Fixnum]
+    attr_reader :ts_flag, :ts_overflow
+    # @return [Array<IPaddress>,nil]
+    attr_reader :routers
+    # @return [Array<Fixnum>]
+    attr_reader :times
+    @@creators[IPOPT_TS] = lambda { |hdr|
+      p = Timestamp_option.new(hdr)
+    }
+    def initialize(flag_or_str)
+      if(flag_or_str.is_a?(Fixnum)) then
+        @routers = Array.new
+        @times = Array.new
+        @ts_flag = flag_or_str
+        super(IPOPT_TS, 36, 5) # maximum length is 40, but tcpdump whines.
+      else
+        ipt_code, ipt_len, ipt_ptr, ipt_of_fl = flag_or_str.unpack("CCCC");
+        @ts_flag = ipt_of_fl & 0x0f
+        @ts_overflow = (ipt_of_fl & 0xf0) >> 4
+        @routers, @times = 
+          case @ts_flag 
+          when IPOPT_TS_TSONLY
+            [ nil, flag_or_str.unpack("xxxxN*") ]
+          when IPOPT_TS_TSANDADDR,  IPOPT_TS_PRESPEC
+            all = flag_or_str.unpack("xxxxN*")
+            [ all.even_subscripts[0...ipt_len/8].map { |rtr| IPaddress.new(rtr) }, 
+              all.odd_subscripts[0...(ipt_len/8)] ] 
+          else
+            raise "bad timestamp flag: #{@ts_flag} (code: #{ipt_code}, len: #{ipt_len}, ptr: #{ipt_ptr})"
+          end
+        super( flag_or_str )
+      end
+    end
+    # @return [String] the option in string form
+    def marshal
+      super + [ @ts_flag ].pack("c") + # oflw will be init'd to zero
+        Array.new(@ipt_len - 4, 0).pack("c*")
+    end
+  end
+
+  class RecordRoute_option < IPv4option
+    attr_reader :routers
+    @@creators[IPOPT_RR] = lambda { |hdr|
+      p = RecordRoute_option.new(hdr)
+    }
+    def initialize(*rest)
+      if(rest.length == 0) 
+        super(IPOPT_RR, 39, 4) 
+        @routers = Array.new((@ipt_len - 3 + 1)/4, 0)
+      else
+        super(rest[0]) 
+        @routers = rest[0][3..@ipt_len].unpack("N*").map { |addr| IPaddress.new(addr) }
+      end
+    end
+    # @return [String] the option in string form
+    def marshal
+      super + @routers.pack("N*")  + "\0"
+    end
+    # @return [String]
+    def to_s
+      super + ': RR: {' + @routers.join(", ") + '}'
+    end
+  end
+
+  class UDP < IPv4
+    # @return [Fixnum]
+    attr_reader :uh_sport, :uh_dport, :uh_ulen, :uh_sum
+    attr_writer :uh_dport, :uh_sum
+
+    @@creators[IPPROTO_UDP] = lambda { |hdr|
+      uh_sport, uh_dport, uh_ulen, uh_sum = hdr.unpack("nnnn")
+      if uh_sport==123 || uh_dport==123  then
+    	p = NTP.new(hdr[8..hdr.length])
+    	p.udp_unmarshal(hdr)
+      else 
+    	p = UDP.new(hdr)
+      end
+      p
+    }
+    
+    # @return [Fixnum] the udp data plus header length, uh_ulen 
+    def ip_payload_len 
+      @uh_ulen
+    end
+
+    # Create a new UDP packet from a payload size or from contents.
+    # @param paylen_or_str [Integer,String] size or contents
+    def initialize(paylen_or_str = 0)
+      if(paylen_or_str.is_a?(Fixnum)) then
+        if( paylen_or_str < 0) then raise "payload length must be >= 0" end
+        @uh_ulen = paylen_or_str + 8
+        if(@uh_ulen > 1480) then
+          raise "desired packet too big"
+        end
+        @uh_sport = 32945
+        @uh_dport = 33434
+        @uh_sum = 0
+        super( IPPROTO_UDP )
+      else
+        @uh_sport, @uh_dport, @uh_ulen, @uh_sum = paylen_or_str.unpack("nnnn")
+      end
+    end
+
+    # @return [String] header and payload of this UDP datagram.
+    def marshal
+      #    payload = "a%d"% (@payload_len)
+      #    puts payload
+      if(@uh_ulen < 8) then warn "uh_ulen should be at least 8" end
+      array_of_elements = [ @uh_sport, @uh_dport, @uh_ulen, @uh_sum ]
+      raise "a UDP header field was unset" if array_of_elements.include?(nil)
+      super + [ @uh_sport, @uh_dport, @uh_ulen, @uh_sum ].pack("nnnn")  + 
+        if ( self.class == UDP ) then
+          "\0" * ( @uh_ulen - 8 )
+        else
+          "" # the subclass will take care of it
+        end
+      
+    end
+
+    # Used for subclasses to set the UDP header fields.
+    # @param str [String] the udp header to parse into
+    #   ports, length, and checksum.
+    # @return [void]
+    def udp_unmarshal(str)
+      @uh_sport, @uh_dport, @uh_ulen, @uh_sum = str.unpack("nnnn")
+    end
+
+    # @return [String]
+    def to_s
+      super + " UDP %d > %d len %d" % [ @uh_sport, @uh_dport, @uh_ulen ] 
+    end
+
+  end
+
+  class TCP < IPv4
+    attr_reader :th_sport, :th_dport, :th_sum, :th_seq, :th_ack,
+      :th_win, :th_flags, :th_win, :th_sum, :th_urp
+    # flags don't work
+    attr_reader :flag_fin, :flag_syn, :flag_rst, :flag_push,
+      :flag_ack, :flag_urg
+    attr_writer :th_dport, :th_sum, :th_seq, :th_ack,
+      :th_win, :th_flags,  :th_win, :th_sum
+    # flags don't work
+    attr_writer :flag_fin, :flag_syn, :flag_rst, :flag_push,
+      :flag_ack, :flag_urg
+    # @return [Fixnum]
+    attr_reader :ip_p, :ip_payload_len
+
+    @@creators[IPPROTO_TCP] = lambda { |hdr|
+      TCP.new(hdr)
+    }
+    
+    def initialize(paylen_or_str = 0)
+      if(paylen_or_str.is_a?(Fixnum)) then
+        @ip_payload_len = paylen_or_str + 20 # tcp header 
+        @ip_p = IPPROTO_TCP
+        @th_dport = 80
+        @th_sport = 0 # should be set by the daemon
+        @th_seq = 0 # should be set by the user, rand likely
+        @th_ack = 0 # should be set by the user, rand likely
+        @th_flags = TH_ACK # should be left alone, but could be set.
+        @th_win   = 5180 # linux default.
+        @th_urp   = 0 # not supported
+        @th_sum   = 0 # should be set by the daemon
+        super(IPPROTO_TCP)
+      else
+        @th_sport, @th_dport, @th_seq, @th_ack, reserved, @th_flags, @th_win, @th_sum, @th_urp = paylen_or_str.unpack("nnNNCCnnn")
+      end
+    end
+    # @return [String] The packet in string form
+    def marshal
+      array_of_elements = [ @th_sport, @th_dport, @th_seq, @th_ack, 0x50, @th_flags, @th_win, @th_sum, @th_urp ]
+      raise "a TCP header field #{array_of_elements.index(nil)} was unset" if array_of_elements.include?(nil)
+      super + array_of_elements.pack("nnNNCCnnn")
+      # TODO plus payload length
+    end
+  end
+
+  class ICMP < IPv4
+    attr_reader :icmp_type, :icmp_code, :icmp_cksum
+    attr_reader :ip_p, :ip_payload_len
+
+    @@icmp_creators = Hash.new
+    @@creators[IPPROTO_ICMP] = lambda { |hdr|
+      icmp_type, icmp_code, icmp_cksum = hdr.unpack("CCn")
+      if(@@icmp_creators[icmp_type]) then
+        pkt = @@icmp_creators[icmp_type].call(hdr)
+      else
+        raise "unknown icmp type #%d" % icmp_type
+      end
+    }
+
+    def initialize(type_or_str)
+      if(type_or_str.is_a?(Fixnum)) then
+        @ip_p = IPPROTO_ICMP
+        @icmp_type = type_or_str
+        @icmp_code = 0
+        super(IPPROTO_ICMP) 
+      else
+        @icmp_type, @icmp_code, @icmp_cksum = type_or_str.unpack("CCn")
+      end
+    end
+
+    # @return [String] The packet in string form
+    def marshal
+      @icmp_type or raise "type is nil"
+      @icmp_code or raise "code is nil"
+      @icmp_cksum = 0
+      super + [ @icmp_type, @icmp_code, @icmp_cksum ].pack("CCn")
+    end
+    # @return [String]
+    def to_s
+      super + ": ICMP: type %d code %d cksum %d" %[ @icmp_type, @icmp_code, @icmp_cksum ]
+    end
+    #instantiate echo or tstamp instead.
+    private :marshal 
+  end
+
+  # Class for ping packets (echo and echo reply)
+  class ICMPecho < ICMP
+    # @return [Fixnum]
+    attr_reader :icmp_id, :icmp_seq
+    attr_writer :icmp_seq
+    @@icmp_creators[ICMP_ECHO] = 
+      @@icmp_creators[ICMP_ECHOREPLY] = lambda { |hdr|
+      ICMPecho.new(hdr)
+    }
+    def initialize(paylen_or_str = 0)
+      if(paylen_or_str.is_a?(Fixnum)) then
+        if( paylen_or_str < 0) then raise "payload length must be >= 0" end
+        @ip_payload_len = paylen_or_str + 4 + 4
+        @icmp_id = 666
+        @icmp_seq = 1
+        super(ICMP_ECHO)
+      else
+        # x is skip forward a character.
+        @ip_payload_len = paylen_or_str.length - 8
+        @icmp_id, @icmp_seq = paylen_or_str.unpack("xxxxnn")
+        super(paylen_or_str)
+      end
+    end
+    # @return [String] The packet in string form
+    def marshal
+      super + [ @icmp_id, @icmp_seq ].pack("nn") + "\0" * ( @ip_payload_len - 4 - 4 )
+    end
+    # @return [String]
+    def to_s
+      super + ": ECHO: id %d seq %d len %d" % [ @icmp_id, @icmp_seq, @ip_payload_len ] 
+    end
+  end
+
+  class ICMPtstamp < ICMP
+    # @return [Fixnum]
+    attr_reader :icmp_id, :icmp_seq
+    attr_reader :icmp_otime, :icmp_rtime, :icmp_ttime
+    attr_writer :icmp_seq
+    @@icmp_creators[ICMP_TIMESTAMP] = 
+      @@icmp_creators[ICMP_TIMESTAMPREPLY] = lambda { |hdr|
+      ICMPtstamp.new(hdr)
+    }
+    def initialize(paylen_or_str = 0)
+      if(paylen_or_str.is_a?(Fixnum)) then
+        if( paylen_or_str < 0) then raise "payload length must be >= 0" end
+        @ip_payload_len = paylen_or_str + 4 + 16
+        @icmp_id = 666
+        @icmp_seq = 1
+        @icmp_otime = 0 # one of these three should probably be nonzero by the client, but I forget which.
+        @icmp_rtime = 0
+        @icmp_ttime = 0 
+        super(ICMP_TIMESTAMP)
+      else
+        # x is skip forward a character.
+        @ip_payload_len = paylen_or_str.length - 20
+        @icmp_id, @icmp_seq, @icmp_otime, @icmp_rtime, @icmp_ttime = paylen_or_str.unpack("xxxxnnNNN")
+        super(paylen_or_str)
+      end
+    end
+    # @return [String] The packet in string form
+    def marshal
+      array_of_elements = [ @icmp_id, @icmp_seq, @icmp_otime, @icmp_rtime, @icmp_ttime ]
+      raise "an ICMP timestamp field #{array_of_elements.index(nil)} was unset" if array_of_elements.include?(nil)
+      super + array_of_elements.pack("nnNNN")
+    end
+  end
+
+  # mask request doesn't appear to be useful.
+  class ICMPmaskreq < ICMP
+    # @return [Fixnum]
+    attr_reader :icmp_id, :icmp_seq
+    attr_writer :icmp_seq
+    def initialize(payload_len = 0)
+      if( payload_len < 0) then raise "payload length must be 0" end
+      if( payload_len > 0) then raise "payload length must be 0" end
+      @ip_payload_len = payload_len + 12
+      @icmp_id = 678
+      @icmp_seq = 1
+      super(ICMP_MASKREQ)
+    end
+    # @return [String] The packet in string form
+    def marshal
+      super + [ @icmp_id, @icmp_seq, @icmp_otime, @icmp_rtime, @icmp_ttime ].pack("nnNNN")
+    end
+  end
+
+  # also handles time exceeded messages for now
+  # (same format, different code )
+  class ICMPunreach< ICMP
+    # @return [IPv4] The packet header embedded within the ICMP unreachable error message.
+    attr_reader :contents
+    @@icmp_creators[ICMP_UNREACH] = @@icmp_creators[ICMP_TIMXCEED] = 
+      lambda { |hdr|
+      ICMPunreach.new(hdr)
+    }
+    # Can create an unreachable only from string contents, never from filling in fields given a size.
+    # param string [String] the contents of the received packet.
+    def initialize(string) 
+      # first four are code, type, checksum.
+      # second four are undefined
+      @contents = IPv4.creator(string[8..-1])
+      super(string)
+    end
+    # Cannot marshal an unreachable packet for transmission; raises an exception.
+    # @return [void]
+    def marshal
+      raise "not supported"
+    end
+    # @return [String] formats the packet and the embedded packet as a string.
+    def to_s
+      super + " ( " + @contents.to_s + " )"
+    end
+  end
+
+  class NTP < UDP
+    # @return [Fixnum]
+    attr_accessor :leap_indicator, :version_number, :mode, :stratum
+    attr_accessor :poll_interval, :precision, :root_delay
+    attr_accessor :root_dispersion, :reference_identifier
+    attr_accessor :reference_timestamp, :originate_timestamp
+    attr_accessor :receive_timestamp, :transmit_timestamp
+
+    def initialize(paylen_or_str = 0)
+      if(paylen_or_str.is_a?(Fixnum)) then
+        if( paylen_or_str < 0) then raise "payload length must be >= 0" end
+        
+        @leap_indicator = 3 # alarm condition / clock not synchronized
+        @version_number = 4 # unclear if it should be.
+        @mode = 3 # client
+        @stratum = 0 # unspecified
+        @poll_interval = 4 # 16s
+        @precision = -6 # emulate ntpdate, though -20 is more likely
+        @root_delay = 1.0 # packed funny.
+        @root_dispersion = 1.0 # packed funny.
+        @reference_identifier = '0.0.0.0'
+        @reference_timestamp = 0.0
+        @originate_timestamp = 0.0
+        @receive_timestamp = 0.0
+        @transmit_timestamp = 0.0
+        
+        super( paylen_or_str + 48 )
+        
+        @uh_dport = 123
+        
+      else
+        ntp_unmarshal(paylen_or_str)
+      end
+    end
+
+    def ntp_unmarshal(str)
+
+      ntp_lvm, @stratum, @poll_interval, @precision,
+        root_delay1,root_delay2,
+        root_dispersion1,root_dispersion2,
+        r1,r2,r3,r4,
+        reference_timestamp1,reference_timestamp2,
+        originate_timestamp1,originate_timestamp2,
+        receive_timestamp1,receive_timestamp2,
+        transmit_timestamp1, transmit_timestamp2 = str.unpack( "cccc" +
+        "nn" +
+        "nn" +
+        "cccc" +
+        "NN" +
+        "NN" +
+        "NN" +
+        "NN");
+
+      @leap_indicator = (ntp_lvm >> 6) & 0xfc
+      @version_number = (ntp_lvm & 0x38) >> 3
+      @mode = ntp_lvm & 0x07
+      @root_delay = root_delay1+root_delay2/65536.0
+      @root_dispersion = root_dispersion1+root_dispersion2/65536.0
+      @reference_identifier = "%d.%d.%d.%d"% [r1,r2,r3,r4].map{ |i| (i<0)?i+256:i }
+      @reference_timestamp = reference_timestamp1 + 0.0 + reference_timestamp2/4294967296.0
+      @originate_timestamp = originate_timestamp1 + originate_timestamp2/4294967296.0
+      @receive_timestamp = receive_timestamp1 + receive_timestamp2/4294967296.0
+      @transmit_timestamp = transmit_timestamp1 + transmit_timestamp2/4294967296.0
+      
+    end
+    
+    def float_to_two_shorts(flt)
+      flt == nil and raise "need a float"
+      [ flt.to_i, ((flt - flt.to_i) * 65536).to_i ]
+    end
+
+    def float_to_two_longs(flt)
+      flt == nil and raise "need a float"
+      [ flt.to_i, ((flt - flt.to_i) * 4294967296).to_i ]
+    end
+
+    def to_bits(int, bits)
+      ret = ""
+      (1..bits).each do |b|
+        ret += (int % 2).to_s
+        int =  int / 2
+      end
+      ret
+    end
+    
+    
+    # @return [String] The packet in string form
+    def marshal
+      if ($VERBOSE) then
+        puts "marshaling with IP payload length %d" % ip_payload_len 
+      end
+      super + [ @leap_indicator * 64 + @version_number * 8 + @mode, @stratum, @poll_interval, @precision, 
+        float_to_two_shorts(@root_delay),
+        float_to_two_shorts(@root_dispersion),
+        @reference_identifier.to_i, 
+        float_to_two_longs(@reference_timestamp),
+        float_to_two_longs(@originate_timestamp),
+        float_to_two_longs(@receive_timestamp),
+        float_to_two_longs(@transmit_timestamp) ].flatten.pack("cccc" +
+        "nn" +
+        "nn" +
+        "N" +
+        "NN" +
+        "NN" +
+        "NN" +
+        "NN") + "\0" * ( @uh_ulen - 8 - 48 )
+      
+    end
+  end
+
+  # somewhat more friendly to interpret the type of the message first.
+  class ICMPparamter_problem < ICMP
+    # @return [Fixnum]
+    attr_reader :icmp_id, :icmp_seq
+    attr_writer :icmp_seq
+    @@icmp_creators[ICMP_PARAMETERPROB] = lambda { |hdr|
+      raise "ICMP_PARAMETERPROB unsupported."
+    }
+  end
+
+  class ProbeResponse
+    # this method implemented in pure ruby regardless of interpreter state.
+    # @return [String]
+    def to_s
+      "%s @%5.6f -> %s +%5.6f" % [@probe, @probe.time, (@response or "<none>"), (rtt or "-1")]
+    end
+  end
+end
+
+# Local Variables:
+# compile-command: "rake test"
+# End: