dlil_inject_if_input problems
dlil_inject_if_input problems
- Subject: dlil_inject_if_input problems
- From: Matt Jaffa <email@hidden>
- Date: Sun, 19 Sep 2004 20:06:39 -0600
Ok,
maybe this is a bug or not. When I call dlil_inject_if_input on the mbuf that I created using MGETHDR, to get an mbuf with a packet header.
it crashes the system, unless in the ip header ip_vhl is set to 0x0, (in other words ip_v = 0, and ip_hl = 0).
This is because the ip protocol sees that ip_v is wrong and drops the packet, but otherwise if I have ip_vhl == to 0x45. The system crashes.
Here is my newly revised code, I don't think that if th_seq, and th_ack are totally off that it should crash the system, so that is not the concern yet.
I will have to learn how to do tcp sequence from Stevens book, but if dlil_inject_if_input crashes the system then I can't even work on that part yet.
Here is the code:
tester is the tcp header from the outgoing mbuf, and ipHeader is the ip header of the outgoing mbuf.
I think this should be working, not caring about sequencing stuff yet, just want the system to not crash yet.
char * httpresponse = (180,M_FREE,M_NOWAIT);
sprintf(httpresponse,"HTTP/1.1 200 OK\r\nCache-Control: no-store, no-cache\r\nContent-Type: text/html\r\n\r\n <HTML><BODY>This is the block page</BODY></HTML>");
struct mbuf * testin;
MGETHDR(testin,M_NOWAIT,MT_HEADER);
M_COPY_PKTHDR(testin, temp->m_orig);
struct ip newip;
u_char vhl = 0x45;
memcpy(&newip, &vhl,1);
newip.ip_hl = 5;
newip.ip_v = 4;
newip.ip_tos = 0;
int data_len = strlen(httpresponse);
newip.ip_len = struct ip) + struct tcphdr) + data_len;
newip.ip_id = 34234;
newip.ip_off = 0x0000;
newip.ip_ttl = 35;
newip.ip_p = ipHeader->ip_p;
newip.ip_sum = 0;
memcpy(&(newip.ip_src), &(ipHeader->ip_dst), struct in_addr));
memcpy(&(newip.ip_dst), &(ipHeader->ip_src), struct in_addr));
struct tcphdr newtcp;
newtcp.th_sport = tester->th_dport;
newtcp.th_dport = tester->th_sport;
newtcp.th_ack = tester->th_seq;
newtcp.th_seq = htons(tester->th_seq +1);
newtcp.th_flags = (TH_ACK|TH_FIN|TH_PUSH);
newtcp.th_off = 5;
newtcp.th_x2 = 0;
newtcp.th_win = 65535;
newtcp.th_sum = 0;
newtcp.th_urp = 0;
struct pseudo_hdr test_hdr;
test_hdr.ip_src = newip.ip_src;
test_hdr.ip_dst = newip.ip_dst;
test_hdr.protocol = newip.ip_p;
test_hdr.reserved = 0;
test_hdr.length = struct tcphdr) + data_len;
memcpy(testin->m_data,&newip,struct ip));
testin->m_len = struct ip);
testin->m_pkthdr.len = struct ip);
unsigned short asum = in_cksum(testin, struct ip));
printf("asum = %u\n", asum);
newip.ip_sum = asum;
memcpy(testin->m_data,&newip,struct ip)); testin->m_data += struct ip);
memcpy(testin->m_data,&newtcp,struct tcphdr)); testin->m_data += struct tcphdr); memcpy(testin->m_data,httpresponse,data_len); testin->m_data += data_len;
memcpy(testin->m_data,&test_hdr,struct pseudo_hdr));
testin->m_data -= (struct tcphdr) + data_len);
testin->m_len = (struct ip) + struct tcphdr) + data_len);
testin->m_pkthdr.len = (struct ip) + struct tcphdr) + data_len);
unsigned short dsum = in_cksum(testin, (struct tcphdr) + data_len + struct pseudo_hdr)));
newtcp.th_sum = dsum;
memcpy(testin->m_data,&newtcp,struct tcphdr));
testin->m_data -= struct tcphdr);
unsigned char * test = mtod(testin, unsigned char*);
int i = 0;
while(i < testin->m_pkthdr.len) {
printf("%x ",test[i]);
i++;
}
printf("\n");
unsigned short xsum = in_cksum(testin, struct ip));
printf("xsum == %x(%d)\n", xsum,xsum);
printf("Block Packet flags: %x\n", testin->m_flags);
int testing = dlil_inject_if_input(testin,frame_type,ipv4ID);
printf("Here is the result: %d\n", testing);
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden