xlat 0.1.0.alpha1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.dockerignore +7 -0
- data/.rspec +3 -0
- data/Cargo.lock +348 -0
- data/Cargo.toml +7 -0
- data/Dockerfile +49 -0
- data/LICENSE.txt +21 -0
- data/README.md +100 -0
- data/Rakefile +82 -0
- data/benchmark/run.rb +38 -0
- data/benchmark/tcp.cfg +23 -0
- data/clab/.gitignore +5 -0
- data/clab/464xlat-ce-pd.clab.yml +138 -0
- data/clab/build.sh +6 -0
- data/exe/xlat-siit +91 -0
- data/ext/xlat/io_buffer_ext/Cargo.toml +11 -0
- data/ext/xlat/io_buffer_ext/extconf.rb +4 -0
- data/ext/xlat/io_buffer_ext/src/gvl.rs +49 -0
- data/ext/xlat/io_buffer_ext/src/io_buffer.rs +67 -0
- data/ext/xlat/io_buffer_ext/src/lib.rs +83 -0
- data/fuzz/corpus/010507e2c9f3b5132cbf036c7197f155cd85cca8 +0 -0
- data/fuzz/corpus/019a67cbfe27ed6606fe9d9cbee1ba16eb160667 +0 -0
- data/fuzz/corpus/021f01b7a6d4ba3e8e45a733c453d6c84f8c4c38 +0 -0
- data/fuzz/corpus/02db19829d1a4cbe18127e9ab1f3792e0d7fd5f7 +0 -0
- data/fuzz/corpus/059b719daf320e809db75d37ecf7823ba33ca7aa +0 -0
- data/fuzz/corpus/080ce49cbdb1983f8b9af09d511c5ec5a6bb14ed +0 -0
- data/fuzz/corpus/080d7d8674e7d60ce13b48995567a4ad21a3d652 +0 -0
- data/fuzz/corpus/08d488926f31661a1b25f60a723ae1931c762255 +0 -0
- data/fuzz/corpus/09ee56fb3259c88ad2cb94951313d792f36da221 +0 -0
- data/fuzz/corpus/0bffe4074467b5c4ba2bd5aa33839c5a1b8c1d63 +0 -0
- data/fuzz/corpus/0dac63180387255727c844898164ce20ff08fded +0 -0
- data/fuzz/corpus/0dc6f6c09c5b7bb4da8d496ac924e7e0d4aa37ad +0 -0
- data/fuzz/corpus/0e3e8e947fd9bfed02f927d1a2651e484d231fc0 +0 -0
- data/fuzz/corpus/0e5fa83f0ef8ecbf774ac96b8bdeda31395a284d +0 -0
- data/fuzz/corpus/12f93fa0b09c44d6c61ccde2731b5554bb180144 +0 -0
- data/fuzz/corpus/1659c552b9be677f2c30210430a97c3628f615be +0 -0
- data/fuzz/corpus/183aeabfe58d5ccfd5f2ed84e2f5ee4931f14eb7 +0 -0
- data/fuzz/corpus/1b9293272fbacbfff7aff4fd951dd7beb6aed3bf +0 -0
- data/fuzz/corpus/1c30abedb2d0943ef79b0620f7b3a7e8cdebc67f +0 -0
- data/fuzz/corpus/1c479cc892198d0cc389cc681206393c8ae4cbb6 +0 -0
- data/fuzz/corpus/1ca9480af5da2221fc320bb281d7c4ff73d5f33c +0 -0
- data/fuzz/corpus/1d6087f18146fac3b663bcc635fb470cb651884b +0 -0
- data/fuzz/corpus/258d23cbc2c8081782f0dd539270848e275a8e15 +0 -0
- data/fuzz/corpus/27512fa5c0ac5f4d8393ab442b50af3e83047c01 +0 -0
- data/fuzz/corpus/29933024f32228a8b65419d63dcbb56124db0df7 +0 -0
- data/fuzz/corpus/2b19339a2f24978c8413912a8003ae8ba8885684 +0 -0
- data/fuzz/corpus/2f8d2861a271e3ee2f658b01ef6ba854d8837aff +0 -0
- data/fuzz/corpus/2fed10d20fc4ed25da9cebd41209886304b39465 +0 -0
- data/fuzz/corpus/30fd38c3af4877eda7b1ca2dee1a60c4fe0f757c +0 -0
- data/fuzz/corpus/3137ba78351b6757255261a4f364e44693c3c85f +0 -0
- data/fuzz/corpus/34e68133b209c490f960f9682d33d41aab99e60f +0 -0
- data/fuzz/corpus/359870740db1c245d6dfdad1f119c7b17c3f25fc +0 -0
- data/fuzz/corpus/37b1bb01b0544125df396b925e2c4242a90d1c52 +0 -0
- data/fuzz/corpus/387cab0f8ac36f0f5496f6b0aed7d6c7ca3f2dbf +0 -0
- data/fuzz/corpus/3c4e48335e11c3bd066bbb43db4bf82249668869 +0 -0
- data/fuzz/corpus/3ec111be62099aaa9b960f4b69c65a3b12962970 +0 -0
- data/fuzz/corpus/3fb2f3f01b304e48d9c60477dfe5834693ef80db +0 -0
- data/fuzz/corpus/40cf2f11c2ea03c56864f5097d2f989b14762426 +0 -0
- data/fuzz/corpus/40cfc6a6a60f2451974522e5450ba6434f61a8bb +0 -0
- data/fuzz/corpus/4c3f43f4654332520eb57a9bcfe95951857272ce +0 -0
- data/fuzz/corpus/4c85fdf6934e86766274dd668f3f69f15c7bbc11 +0 -0
- data/fuzz/corpus/4f708dd44266b8b567e295c03811feef57c0a493 +0 -0
- data/fuzz/corpus/50cfff5d1cfc310686d7c1f38787cb77ec6fd892 +0 -0
- data/fuzz/corpus/53b2e1cb235c4479711d9ac74a375330d69f9e4c +0 -0
- data/fuzz/corpus/560373973be830ca5a34ab8e4d4b25a942ad5ed6 +0 -0
- data/fuzz/corpus/57768a4d41ccb6149219ba3eb7fe9e5b191dc4aa +0 -0
- data/fuzz/corpus/5a7833a1a882226aa3831298fdb0d23b580016d8 +0 -0
- data/fuzz/corpus/5b394ecc62e63d030cfeff7e0c484c233c7e9d63 +0 -0
- data/fuzz/corpus/5c10ea32f35ab603f1acd9b3c3ac3c397c1c690a +0 -0
- data/fuzz/corpus/5d4f6df161ce9c6465641cea9e0e97771f4249cf +0 -0
- data/fuzz/corpus/5f29c11e0f583226dfa98c236b8d48c772bccbf1 +0 -0
- data/fuzz/corpus/603d6df8d387f6b191f9b732d8928638e2deab10 +0 -0
- data/fuzz/corpus/60e17201e5bc64340b37ac96ff6302546c231eea +0 -0
- data/fuzz/corpus/65cc3e13ae39a4cd1b207a3395b5205d3fbcae7b +0 -0
- data/fuzz/corpus/692c3712da22c928e0d1b5f91ea7a74ba6fcdf5f +0 -0
- data/fuzz/corpus/69ee357cc3bda8a068bc875dda0879bb462b4984 +0 -0
- data/fuzz/corpus/6a2310279f4fa43ee4ed3809bc039f8ec7bfdeb4 +0 -0
- data/fuzz/corpus/6bfdbaafbe1d257b49f58b7a2fa3fef51894d76a +0 -0
- data/fuzz/corpus/6d3c4288760aaf7131fb3caebb5b3aad6a1828fd +0 -0
- data/fuzz/corpus/6e2f243fb0020e9bfb797c0100da18a67c8f1cb7 +0 -0
- data/fuzz/corpus/6ee7bf4cd8249100046bd4ba28b6646dfd436bd4 +0 -0
- data/fuzz/corpus/70e0947673dd1cc2680f907ecfde339688c3fadb +0 -0
- data/fuzz/corpus/76b1ab6e0edbfeefd4a23fc8a18f7d5937fe3787 +0 -0
- data/fuzz/corpus/77d6e8a03cec0da5803042fd51030e97fb11f5fd +0 -0
- data/fuzz/corpus/79b7efd2703e6343b8daf769aea6a76b199d7aa2 +0 -0
- data/fuzz/corpus/7ab28e22d79e7f2774ab2b8baaddeedf58f37475 +0 -0
- data/fuzz/corpus/7cb99d73cc9c03dc463a7892b27ae78a857c2450 +0 -0
- data/fuzz/corpus/81f5010a3c5a44639c0fbb6325c163cd5f8b7ee9 +0 -0
- data/fuzz/corpus/8317c66a4178b54bfd405332490dfd82a3949244 +0 -0
- data/fuzz/corpus/871b1e5a6ad58fbd654725c0c280f1aa278cd7b5 +0 -0
- data/fuzz/corpus/879bd3b24e7c968141bf3c69fdfb11da99af8e8e +0 -0
- data/fuzz/corpus/8a6bc02a79659eb0c71d5bc784da0f1b351b4336 +0 -0
- data/fuzz/corpus/8d6d41bc7e792d6737c35d7c989c9772ad3ae1d6 +0 -0
- data/fuzz/corpus/8ee4e2e6827b38feaa739c7a61535087ae1ca91c +0 -0
- data/fuzz/corpus/911a7cad153c517c75ea7d410c4f093865da5b50 +0 -0
- data/fuzz/corpus/932c12b633a087eff4f195da9fed03e202190515 +0 -0
- data/fuzz/corpus/93c883857d41e5cdaaa4c2b04dd316da73c9c519 +0 -0
- data/fuzz/corpus/944e31de1264ab5347f37d1454b6bcdd06b85b51 +0 -0
- data/fuzz/corpus/9882bea35622d45012774dbf8f9658c597f07d51 +0 -0
- data/fuzz/corpus/989f9271f90207d498fb69eeba16b8393f8cc70b +0 -0
- data/fuzz/corpus/9927a043166634231659695111b473cbd19fbeec +0 -0
- data/fuzz/corpus/9a33c2ce796569be8450658c6231936816ee55bb +0 -0
- data/fuzz/corpus/9a51def27a9547cf9aa059809a2d5482f75ae8af +0 -0
- data/fuzz/corpus/9b915fd1452d10a00ae2ecb0d53784a127341e79 +0 -0
- data/fuzz/corpus/9de518e7fb61598ac152a91feaf2d7bbe3e8b943 +0 -0
- data/fuzz/corpus/9eaee706fb7d021dc5f0ecc79b524de9c74f439e +0 -0
- data/fuzz/corpus/9ecb6bbe9d4c7414406e4c002b449279bf898ee4 +0 -0
- data/fuzz/corpus/a389244e26c3e525393db7c6b89495981c5160e5 +0 -0
- data/fuzz/corpus/a52173807baf225d705386e47e57a115a8cb537c +0 -0
- data/fuzz/corpus/a6fdb8761221dfd348c29c9eb224eb5cf5e4849a +0 -0
- data/fuzz/corpus/a76ca8a3f3ffb4ff898f896b65a5bae2d0ed002a +0 -0
- data/fuzz/corpus/a91ff9c074e9503baa27194d220dca03926a4f3d +0 -0
- data/fuzz/corpus/aa66cf1089cea0a8aa7e54394e75d4f2949bba74 +0 -0
- data/fuzz/corpus/aafdf57c09c20115384292e1b39cf7dae6674fff +0 -0
- data/fuzz/corpus/af0d6601066ec5c6bac2f0a57b5753ef2826463d +0 -0
- data/fuzz/corpus/b26766574788c20a8ec6927c19327f3919c7a69f +0 -0
- data/fuzz/corpus/b2b582043818797e2a53a72e3f24e545fbda3b57 +0 -0
- data/fuzz/corpus/b31e0aa5172beb560c264d8b5c84932870271e9e +0 -0
- data/fuzz/corpus/b396625aa6e69a5eef782446bbc09606050abb8a +0 -0
- data/fuzz/corpus/b5693370c14ce015236f7746ee63d0af38ec89e4 +0 -0
- data/fuzz/corpus/b8fd1ed5f8c575a8ac6a7c468bf93f1f96f8edb4 +0 -0
- data/fuzz/corpus/b928cbb72b744adec35cba73db6b09b4c0c8af42 +0 -0
- data/fuzz/corpus/b9e36aaac143135fadf4bbcac8d892a7b515cbaf +0 -0
- data/fuzz/corpus/bae2b0281a4ce082295254dd4f49183ca6b5f2d3 +0 -0
- data/fuzz/corpus/bfdc9d194a5a4ed98adfa14a47cec84ca91aa4ad +0 -0
- data/fuzz/corpus/c2f64ce75de11ecb09496d5d95955da7730872e1 +0 -0
- data/fuzz/corpus/c45f32e7bfa9ea837d6cdd1844d7c8d354981242 +0 -0
- data/fuzz/corpus/c64d7ac2a14b5227524521fab16ff0ca4e5170d6 +0 -0
- data/fuzz/corpus/c6f8466a86b7371cbf715317cbd313f609ee739b +0 -0
- data/fuzz/corpus/c9d6e62a62fffb21687fae534b8113a07f92aee6 +0 -0
- data/fuzz/corpus/d0171338648afb30043ea71f3561c60fd8372a1d +0 -0
- data/fuzz/corpus/d0faa1afa3e94f6a51a1a4c0d3dafb2600592593 +0 -0
- data/fuzz/corpus/d467fc34aec5d7f2b24a3df67dbf99080dc00681 +0 -0
- data/fuzz/corpus/d696b7b20d1cd2a3c2bf47c302afbba1696632c9 +0 -0
- data/fuzz/corpus/d6d7695a3c86643a3ad779b75ea4d00fb535a3d9 +0 -0
- data/fuzz/corpus/d7b303e5aec6bac4311102a324cbea23663b2b20 +0 -0
- data/fuzz/corpus/d8afc09fe51ea23526db161a2a1cdacba0b1fefe +0 -0
- data/fuzz/corpus/d9bb42d0a55b8a200e3dfea84ca2e6e265ef2366 +0 -0
- data/fuzz/corpus/da6d7c1f2a7d5b0dabe71f048c9c1624c8ebdbd9 +0 -0
- data/fuzz/corpus/da70dbded78bc388cd692dc36b9da4697d5b6ad2 +0 -0
- data/fuzz/corpus/da71cde284c9f10c6c6952e2e800558720914c30 +0 -0
- data/fuzz/corpus/dcdfeaf43771474c3b236ffe79e14dc78b3b09ec +0 -0
- data/fuzz/corpus/dcef32e091776dc98ac4a4cf951528857d0b7ce1 +0 -0
- data/fuzz/corpus/ddedc95cd0c2db9ad8895fb33227e3e759f57ed9 +0 -0
- data/fuzz/corpus/de361721e7f714ac3a55ef5839801e0bf3566b37 +0 -0
- data/fuzz/corpus/e1c05af770b1443f8cfeff261affb50b3c551aa0 +0 -0
- data/fuzz/corpus/e62f88307794127ffccadf614b7062c3e78ce5c0 +0 -0
- data/fuzz/corpus/e85854d63d682e0a16f9aefa477a4337dbc63f5d +0 -0
- data/fuzz/corpus/e86666a117e96697f7823d6d61b448a76c7c8c64 +0 -0
- data/fuzz/corpus/e91897c8cefdd583e1d60e6a833fab40d775cff1 +0 -0
- data/fuzz/corpus/eb8ed69481cf71efdac8df0759d28624f2bc40cc +0 -0
- data/fuzz/corpus/ee9308e841589fbabf3013d9366ac6556d82bdf9 +0 -0
- data/fuzz/corpus/ef2a0b39689c489d499abc4188b45fafdba66ab8 +0 -0
- data/fuzz/corpus/f013d9c3de8fe4958ad84c56c651031314a92e26 +0 -0
- data/fuzz/corpus/f19cf033be3041feeee3eefe45ba5adbf2f5d421 +0 -0
- data/fuzz/corpus/f1c9fa3baf1730afaa330216edcb5ba34d2590b0 +0 -0
- data/fuzz/corpus/f1ed8642840969d76fff003dc68e48a717050e72 +0 -0
- data/fuzz/corpus/f2fbe027944e00facddfcb425be9c0269fe3b8b9 +0 -0
- data/fuzz/corpus/f7f6ff7ec8323de5100118914bacde5b4cc81a9e +0 -0
- data/fuzz/corpus/fade0bf074f861cdb9013fbdd3b084a60d9ac858 +0 -0
- data/fuzz/corpus/fd85b215e07f3ce968a5e0b810c6d04930b533e8 +0 -0
- data/fuzz/corpus/fd883fb9a67accfc7c61ddda6a781677cc8efc33 +0 -0
- data/fuzz/corpus/fd8953a87e3026bdb15d52faa387a6d49586cd66 +0 -0
- data/fuzz/corpus/fe46814360987e6b9cdaebf31a8a4ec7d26125b4 +0 -0
- data/fuzz/corpus/ffd623a08d5c93aae2ffed33346316d76d9abf1c +0 -0
- data/fuzz/instrumentation.rb +13 -0
- data/fuzz/run +11 -0
- data/fuzz/test_harness.rb +38 -0
- data/fuzz/test_tracer.rb +16 -0
- data/lib/xlat/adapters/linux_tun.rb +55 -0
- data/lib/xlat/address_translation.rb +32 -0
- data/lib/xlat/address_translators/rfc6052.rb +46 -0
- data/lib/xlat/common.rb +13 -0
- data/lib/xlat/pcap.rb +48 -0
- data/lib/xlat/protocols/icmp/base.rb +76 -0
- data/lib/xlat/protocols/icmp/echo.rb +71 -0
- data/lib/xlat/protocols/icmp/error.rb +70 -0
- data/lib/xlat/protocols/icmp.rb +14 -0
- data/lib/xlat/protocols/ip/ipv4.rb +106 -0
- data/lib/xlat/protocols/ip/ipv6.rb +133 -0
- data/lib/xlat/protocols/ip.rb +208 -0
- data/lib/xlat/protocols/tcp.rb +71 -0
- data/lib/xlat/protocols/tcpudp.rb +52 -0
- data/lib/xlat/protocols/udp.rb +66 -0
- data/lib/xlat/protocols.rb +0 -0
- data/lib/xlat/rfc7915.rb +580 -0
- data/lib/xlat/runner.rb +51 -0
- data/lib/xlat/version.rb +5 -0
- data/lib/xlat.rb +8 -0
- data/sig/xlat.rbs +4 -0
- metadata +246 -0
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
data/fuzz/run
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
#!/usr/bin/bash
|
|
2
|
+
|
|
3
|
+
if ! bundle exec ruby -e 'exit(RbConfig::CONFIG["CC"] =~ /\Aclang/ ? 0 : 1)'; then
|
|
4
|
+
echo "!! Ruby needs to be built with clang !!" >&2
|
|
5
|
+
fi
|
|
6
|
+
|
|
7
|
+
bundle install --with=fuzz
|
|
8
|
+
|
|
9
|
+
export ASAN_OPTIONS="allocator_may_return_null=1:detect_leaks=0:use_sigaltstack=0"
|
|
10
|
+
|
|
11
|
+
bundle exec env LD_PRELOAD="$(bundle exec ruby -r ruzzy -e 'puts Ruzzy::ASAN_PATH')" ruby fuzz/test_tracer.rb fuzz/corpus "$@"
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
require_relative './instrumentation'
|
|
2
|
+
|
|
3
|
+
require 'ruzzy'
|
|
4
|
+
require 'xlat/rfc7915'
|
|
5
|
+
require 'xlat/address_translators/rfc6052'
|
|
6
|
+
require 'xlat/protocols/ip'
|
|
7
|
+
|
|
8
|
+
@xlat = Xlat::Rfc7915.new(
|
|
9
|
+
source_address_translator: Xlat::AddressTranslators::Rfc6052.new('2001:db8:60::/96'),
|
|
10
|
+
destination_address_translator: Xlat::AddressTranslators::Rfc6052.new('2001:db8:64::/96'),
|
|
11
|
+
)
|
|
12
|
+
|
|
13
|
+
def fuzzing_target(input)
|
|
14
|
+
buffer = IO::Buffer.new(input.bytesize)
|
|
15
|
+
buffer.set_string(input)
|
|
16
|
+
pkt = Xlat::Protocols::Ip.parse(buffer)
|
|
17
|
+
return unless pkt
|
|
18
|
+
|
|
19
|
+
case pkt.version.to_i
|
|
20
|
+
when 4
|
|
21
|
+
output = @xlat.translate_to_ipv6(pkt, 1500)
|
|
22
|
+
when 6
|
|
23
|
+
output = @xlat.translate_to_ipv4(pkt, 1500)
|
|
24
|
+
else
|
|
25
|
+
fail 'unknown IP version'
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
return output
|
|
29
|
+
ensure
|
|
30
|
+
@xlat.return_buffer_ownership
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
test_one_input = lambda do |data|
|
|
34
|
+
fuzzing_target(data) ? 0 : -1
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
RubyVM::YJIT.enable
|
|
38
|
+
Ruzzy.fuzz(test_one_input)
|
data/fuzz/test_tracer.rb
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
require_relative '../spec/test_packets.rb'
|
|
2
|
+
require 'digest/sha1'
|
|
3
|
+
require 'pathname'
|
|
4
|
+
|
|
5
|
+
corpus_dir = Pathname(__dir__).join('corpus').tap(&:mkpath)
|
|
6
|
+
TestPackets.constants.each do |k|
|
|
7
|
+
val = TestPackets.const_get(k)
|
|
8
|
+
next unless val.is_a?(IO::Buffer)
|
|
9
|
+
|
|
10
|
+
digest = Digest::SHA1.hexdigest(val.get_string)
|
|
11
|
+
File.write(corpus_dir + digest, val.get_string)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
require 'ruzzy'
|
|
15
|
+
|
|
16
|
+
Ruzzy.trace('test_harness.rb')
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
require 'socket'
|
|
2
|
+
require 'xlat/io_buffer_ext'
|
|
3
|
+
|
|
4
|
+
module Xlat
|
|
5
|
+
module Adapters
|
|
6
|
+
class LinuxTun
|
|
7
|
+
DEV_TUN = -'/dev/net/tun'
|
|
8
|
+
IFF_TUN = 0x0001
|
|
9
|
+
IFF_MULTI_QUEUE = 0x0100
|
|
10
|
+
IFF_NO_PI = 0x1000
|
|
11
|
+
TUNSETIFF = 0x400454ca
|
|
12
|
+
SIOCSIFMTU = 0x8922
|
|
13
|
+
|
|
14
|
+
def initialize(ifname, multiqueue: false)
|
|
15
|
+
unless ifname.bytesize < Socket::IFNAMSIZ # maxlen including the terminating NUL
|
|
16
|
+
raise ArgumentError, "Too long interface name: #{ifname}"
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
@ifname = ifname
|
|
20
|
+
@mtu = 1500
|
|
21
|
+
@io = File.open(DEV_TUN, 'r+:BINARY')
|
|
22
|
+
options = IFF_TUN | (multiqueue ? IFF_MULTI_QUEUE : 0) | IFF_NO_PI
|
|
23
|
+
@io.ioctl(TUNSETIFF, [@ifname, options].pack("a#{Socket::IFNAMSIZ}s!"))
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
attr_reader :mtu
|
|
27
|
+
|
|
28
|
+
def mtu=(value)
|
|
29
|
+
Socket.open(Socket::AF_INET, Socket::SOCK_STREAM, 0) do |sock|
|
|
30
|
+
sock.ioctl(SIOCSIFMTU, [@ifname, value].pack("a#{Socket::IFNAMSIZ}i!"))
|
|
31
|
+
end
|
|
32
|
+
@mtu = value
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def read(buf)
|
|
36
|
+
IOBufferExt.readv(@io, [buf])
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def write(*bufs)
|
|
40
|
+
IOBufferExt.writev(@io, bufs)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def close
|
|
44
|
+
@io.close
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def self.open(...)
|
|
48
|
+
tun = new(...)
|
|
49
|
+
yield tun
|
|
50
|
+
ensure
|
|
51
|
+
tun&.close
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
end
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Xlat
|
|
4
|
+
module AddressTranslation
|
|
5
|
+
# Translate IPv6 address bytestring into IPv4 address and write to given buffer
|
|
6
|
+
# Must return true when translation took place
|
|
7
|
+
#
|
|
8
|
+
# @param ipv6_address [IO::Buffer] IPv6 address buffer
|
|
9
|
+
# @param buffer [IO::Buffer] Destination packet buffer
|
|
10
|
+
# @param offset [Integer] Offset in buffer to write IPv6 address
|
|
11
|
+
# @return [Integer, nil] checksum delta value or nil when no translation took place
|
|
12
|
+
def translate_address_to_ipv4(ipv6_address,buffer,offset = 0)
|
|
13
|
+
raise NotImplementedError
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
# Translate IPv4 address bytestring into IPv6 address and write to given buffer
|
|
17
|
+
#
|
|
18
|
+
# @param ipv4_address [IO::Buffer] IPv4 address buffer
|
|
19
|
+
# @param buffer [IO::Buffer] Destination packet buffer
|
|
20
|
+
# @param offset [Integer] Offset in buffer to write IPv4 address
|
|
21
|
+
# @return [Integer, nil] checksum delta value or nil when no translation took place
|
|
22
|
+
def translate_address_to_ipv6(ipv4_address,buffer,offset = 0)
|
|
23
|
+
raise NotImplementedError
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
# # Must return true when receiver (translator) can perform in checksum neutral manner
|
|
27
|
+
# # https://datatracker.ietf.org/doc/html/rfc6052#section-4.1
|
|
28
|
+
# def checksum_neutral?
|
|
29
|
+
# false
|
|
30
|
+
# end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
require 'xlat/address_translation'
|
|
3
|
+
require 'xlat/common'
|
|
4
|
+
require 'ipaddr'
|
|
5
|
+
|
|
6
|
+
module Xlat
|
|
7
|
+
module AddressTranslators
|
|
8
|
+
# RFC 6052 based IPv4/IPv6 address translator. Accepts Pref64n::/96.
|
|
9
|
+
#
|
|
10
|
+
# https://www.rfc-editor.org/info/rfc6052
|
|
11
|
+
# https://datatracker.ietf.org/doc/html/rfc6052
|
|
12
|
+
class Rfc6052
|
|
13
|
+
include Xlat::AddressTranslation
|
|
14
|
+
|
|
15
|
+
def initialize(pref64n_string)
|
|
16
|
+
@pref64n = IPAddr.new(pref64n_string, Socket::AF_INET6)
|
|
17
|
+
unless @pref64n.prefix == 96
|
|
18
|
+
raise ArgumentError, "#{self.class.name} only supports Pref64::/96"
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
@pref64n_prefix = IO::Buffer.for(@pref64n.hton).slice(0, 12)
|
|
22
|
+
unless @pref64n_prefix.get_value(:U8, 8) == 0
|
|
23
|
+
raise ArgumentError, "Bits 64-71 in Pref64::/96 must be all zeroes"
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
@cs_delta = Xlat::Common.sum16be(@pref64n_prefix)
|
|
27
|
+
@cs_delta = 0 if @cs_delta % 0xffff == 0 # checksum neutrality
|
|
28
|
+
@negative_cs_delta = -@cs_delta
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def translate_address_to_ipv4(ipv6_address,buffer,offset = 0)
|
|
32
|
+
return unless (ipv6_address.slice(0, @pref64n_prefix.size) <=> @pref64n_prefix) == 0
|
|
33
|
+
buffer.copy(ipv6_address, offset, 4, 12)
|
|
34
|
+
|
|
35
|
+
@negative_cs_delta
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def translate_address_to_ipv6(ipv4_address,buffer,offset = 0)
|
|
39
|
+
buffer.copy(@pref64n_prefix, offset, 12)
|
|
40
|
+
buffer.copy(ipv4_address, offset + 12, 4)
|
|
41
|
+
|
|
42
|
+
@cs_delta
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
data/lib/xlat/common.rb
ADDED
data/lib/xlat/pcap.rb
ADDED
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# https://datatracker.ietf.org/doc/draft-ietf-opsawg-pcap/04/
|
|
2
|
+
|
|
3
|
+
module Xlat
|
|
4
|
+
class Pcap
|
|
5
|
+
attr_reader :io, :snap_len
|
|
6
|
+
|
|
7
|
+
def initialize(io, snap_len: 0xffff)
|
|
8
|
+
@io = io
|
|
9
|
+
@snap_len = snap_len
|
|
10
|
+
|
|
11
|
+
write_header
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
MAGIC = 0xA1B23C4D # nanosec timestamp
|
|
15
|
+
MAJOR = 2
|
|
16
|
+
MINOR = 4
|
|
17
|
+
LINKTYPE_RAW = 101 # raw IP
|
|
18
|
+
|
|
19
|
+
private def write_header
|
|
20
|
+
h = IO::Buffer.new(24)
|
|
21
|
+
h.set_values(%i[u32 u16 u16 u32 u32 u32 u32], 0, [
|
|
22
|
+
MAGIC,
|
|
23
|
+
MAJOR, MINOR,
|
|
24
|
+
0,
|
|
25
|
+
0,
|
|
26
|
+
@snap_len,
|
|
27
|
+
LINKTYPE_RAW,
|
|
28
|
+
])
|
|
29
|
+
|
|
30
|
+
h.write(@io)
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def write(packet, ts: Time.now)
|
|
34
|
+
caplen = [packet.size, @snap_len].min
|
|
35
|
+
|
|
36
|
+
h = IO::Buffer.new(16)
|
|
37
|
+
h.set_values(%i[u32 u32 u32 u32], 0, [
|
|
38
|
+
ts.to_i,
|
|
39
|
+
ts.nsec,
|
|
40
|
+
caplen,
|
|
41
|
+
packet.size,
|
|
42
|
+
])
|
|
43
|
+
|
|
44
|
+
h.write(@io)
|
|
45
|
+
packet.write(@io, caplen)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
end
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# This file is based on the source code available at https://github.com/kazuho/rat under MIT License
|
|
4
|
+
#
|
|
5
|
+
# Copyright (c) 2022 Kazuho Oku
|
|
6
|
+
#
|
|
7
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
8
|
+
# of this software and associated documentation files (the "Software"), to deal
|
|
9
|
+
# in the Software without restriction, including without limitation the rights
|
|
10
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
11
|
+
# copies of the Software, and to permit persons to whom the Software is
|
|
12
|
+
# furnished to do so, subject to the following conditions:
|
|
13
|
+
#
|
|
14
|
+
# The above copyright notice and this permission notice shall be included in all
|
|
15
|
+
# copies or substantial portions of the Software.
|
|
16
|
+
#
|
|
17
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
18
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
19
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
20
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
21
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
22
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
23
|
+
# SOFTWARE.
|
|
24
|
+
|
|
25
|
+
require 'xlat/common'
|
|
26
|
+
|
|
27
|
+
module Xlat
|
|
28
|
+
module Protocols
|
|
29
|
+
module Icmp
|
|
30
|
+
class Base
|
|
31
|
+
include Xlat::Common
|
|
32
|
+
|
|
33
|
+
V4_PROTOCOL_ID = 1
|
|
34
|
+
V6_PROTOCOL_ID = 58
|
|
35
|
+
|
|
36
|
+
attr_reader :type, :code
|
|
37
|
+
|
|
38
|
+
def initialize(packet)
|
|
39
|
+
@packet = packet
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def _parse
|
|
43
|
+
bytes = @packet.l4_bytes
|
|
44
|
+
offset = @packet.l4_bytes_offset
|
|
45
|
+
|
|
46
|
+
@type = bytes.get_value(:U8, offset)
|
|
47
|
+
@code = bytes.get_value(:U8, offset + 1)
|
|
48
|
+
|
|
49
|
+
self
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def self.parse(packet)
|
|
53
|
+
bytes = packet.l4_bytes
|
|
54
|
+
offset = packet.l4_bytes_offset
|
|
55
|
+
|
|
56
|
+
return nil if packet.l4_bytes_length < 8
|
|
57
|
+
|
|
58
|
+
type = bytes.get_value(:U8, offset)
|
|
59
|
+
icmp = packet.version.new_icmp(packet, type)
|
|
60
|
+
icmp._parse
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def apply(cs_delta)
|
|
64
|
+
# ICMP does not use pseudo headers
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def self.recalculate_checksum(packet)
|
|
68
|
+
packet.bytes.set_value(:U16, packet.l4_start + 2, 0)
|
|
69
|
+
checksum = Ip.checksum(packet.bytes, packet.l4_start)
|
|
70
|
+
checksum = Ip.checksum_adjust(checksum, packet.version.icmp_cs_delta(packet)) # pseudo header
|
|
71
|
+
packet.bytes.set_value(:U16, packet.l4_start + 2, checksum)
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# This file is based on the source code available at https://github.com/kazuho/rat under MIT License
|
|
4
|
+
#
|
|
5
|
+
# Copyright (c) 2022 Kazuho Oku
|
|
6
|
+
#
|
|
7
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
8
|
+
# of this software and associated documentation files (the "Software"), to deal
|
|
9
|
+
# in the Software without restriction, including without limitation the rights
|
|
10
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
11
|
+
# copies of the Software, and to permit persons to whom the Software is
|
|
12
|
+
# furnished to do so, subject to the following conditions:
|
|
13
|
+
#
|
|
14
|
+
# The above copyright notice and this permission notice shall be included in all
|
|
15
|
+
# copies or substantial portions of the Software.
|
|
16
|
+
#
|
|
17
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
18
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
19
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
20
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
21
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
22
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
23
|
+
# SOFTWARE.
|
|
24
|
+
|
|
25
|
+
require_relative './base'
|
|
26
|
+
|
|
27
|
+
module Xlat
|
|
28
|
+
module Protocols
|
|
29
|
+
module Icmp
|
|
30
|
+
class Echo < Base
|
|
31
|
+
V4_TYPE_REQUEST = 8
|
|
32
|
+
V4_TYPE_REPLY = 0
|
|
33
|
+
V6_TYPE_REQUEST = 128
|
|
34
|
+
V6_TYPE_REPLY = 129
|
|
35
|
+
|
|
36
|
+
attr_accessor :src_port, :dest_port
|
|
37
|
+
|
|
38
|
+
def initialize(packet, is_req)
|
|
39
|
+
super(packet)
|
|
40
|
+
@is_req = is_req
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def _parse
|
|
44
|
+
super
|
|
45
|
+
|
|
46
|
+
port = @packet.bytes.get_value(:U16, @packet.l4_start + 4)
|
|
47
|
+
if @is_req
|
|
48
|
+
@src_port = port
|
|
49
|
+
@dest_port = 0
|
|
50
|
+
else
|
|
51
|
+
@src_port = 0
|
|
52
|
+
@dest_port = port
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
self
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def tuple
|
|
59
|
+
[src_port, dest_port].pack('n*')
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
def apply(cs_delta)
|
|
63
|
+
#string_set16be(@packet.bytes,@packet.l4_start + 4, @is_req ? @src_port : @dest_port)
|
|
64
|
+
#Base.recalculate_checksum(@packet)
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
|