diff --git a/src/MESA_jump_layer.cpp b/src/MESA_jump_layer.cpp index 04016eb..34a05b1 100644 --- a/src/MESA_jump_layer.cpp +++ b/src/MESA_jump_layer.cpp @@ -290,6 +290,10 @@ static int gtp_jump_to_layer(const char *raw_data, int raw_layer_type, int expe return -1; } + if(skip_len < 0){ + return -1; + } + return gtp_hdr_len + skip_len; } @@ -425,6 +429,10 @@ static int l2tp_jump_to_layer(const char *raw_data, int raw_layer_type, int exp skip_len = ipv6_jump_to_layer((char *)next_layer_hdr, __ADDR_TYPE_IP_PAIR_V6, expect_layer_type); } } + + if(skip_len < 0){ + return -1; + } return l2tp_hdr_len + skip_len; } @@ -1020,6 +1028,10 @@ static int mpls_jump_to_layer(const char *raw_data, int raw_layer_type, int exp } } + if(skip_len < 0){ + return -1; + } + return skip_len + mpls_layer_len; } diff --git a/test/gtest_jump_layer.cpp b/test/gtest_jump_layer.cpp index 3edb923..2b8811d 100644 --- a/test/gtest_jump_layer.cpp +++ b/test/gtest_jump_layer.cpp @@ -132,7 +132,7 @@ static int jump_check_tcp_pkt(const struct tcphdr *thdr, int expect_tcp_hdr_offs static int jump_check_udp_pkt(const struct udphdr *uhdr, unsigned short expect_udp_tot_len, unsigned short expect_sport_host, unsigned short expect_dport_host) { if(ntohs(uhdr->len) != expect_udp_tot_len){ - printf("\033[1;31;40mMESA_net_jump_to_layer(): udp header length error!\033[0m\n"); + printf("\033[1;31;40mMESA_net_jump_to_layer(): udp header length error, actual:%u, but expect:%u!\033[0m\n", ntohs(uhdr->len), expect_udp_tot_len); return -1; } @@ -206,7 +206,6 @@ static void jump_layer_eth_ipv4_tcp(u_char *result_val, const struct pcap_pkthdr { int ret; const void *eth_header, *ipv4_header, *tcp_header; - const void *next_header; eth_header = (void *)data; @@ -217,9 +216,21 @@ static void jump_layer_eth_ipv4_tcp(u_char *result_val, const struct pcap_pkthdr pcap_breakloop(g_jmp_pcap_handle); return; } + ret = jump_check_ipv4_pkt((struct ip*)ipv4_header, 60, IPPROTO_TCP, "192.168.10.250", "192.168.10.234"); + if(ret < 0){ + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } - const struct ip* ip4hdr = (struct ip*)ipv4_header; - jump_check_ipv4_pkt(ip4hdr, 60, IPPROTO_TCP, "192.168.10.250", "192.168.10.234"); + const void *greedy_ipv4_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4); + if(greedy_ipv4_header != ipv4_header){ + /* 就一层ip, 没有嵌套, greedy结果应该是一样的 */ + printf("\033[1;31;40mjump_layer_eth_ipv4_udp(): greedy jump to ipv4 error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } tcp_header = MESA_net_jump_to_layer((void *)ipv4_header, ADDR_TYPE_IPV4, ADDR_TYPE_TCP); if(NULL == tcp_header){ @@ -246,7 +257,22 @@ static void jump_layer_eth_ipv4_tcp(u_char *result_val, const struct pcap_pkthdr } const struct tcphdr* thdr = (struct tcphdr *)tcp_header; - jump_check_tcp_pkt(thdr, 40, 58725, 22); + ret = jump_check_tcp_pkt(thdr, 40, 58725, 22); + if(ret < 0){ + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + const void *greedy_tcp_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP); + if(greedy_tcp_header != tcp_header){ + /* 就一层ip, 没有嵌套, greedy结果应该是一样的 */ + printf("\033[1;31;40mjump_layer_eth_ipv4_udp(): greedy jump to tcp error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + printf("\033[32mjump_layer_eth_ipv4_tcp_entry() test succ\033[0m\n"); @@ -277,7 +303,6 @@ static void jump_layer_eth_ipv4_udp(u_char *result_val, const struct pcap_pkthdr { int ret; const void *eth_header = data, *ipv4_header, *udp_header; - const void *next_header; ipv4_header = MESA_net_jump_to_layer(data, ADDR_TYPE_MAC, ADDR_TYPE_IPV4); if(NULL == ipv4_header){ @@ -303,6 +328,15 @@ static void jump_layer_eth_ipv4_udp(u_char *result_val, const struct pcap_pkthdr return; } + const void *greedy_ipv4_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_UDP); + if(greedy_ipv4_header != udp_header){ + /* 就一层udp, 没有嵌套, greedy结果应该是一样的 */ + printf("\033[1;31;40mjump_layer_eth_ipv4_udp(): greedy jump to udp error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + const struct ip* ip4hdr = (struct ip*)ipv4_header; ret = jump_check_ipv4_pkt(ip4hdr, 175, IPPROTO_UDP, "192.168.210.153", "111.161.107.181"); if(ret < 0){ @@ -1119,76 +1153,132 @@ extern "C" char jump_layer_eth_ip4_udp_teredo_udp_ip6_udp_entry(struct streaminf return APP_STATE_DROPME; } +#endif -extern "C" char jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(struct streaminfo *pstream,void **pme, int thread_seq, void *a_packet) +static void jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(u_char *result_val, const struct pcap_pkthdr *hdr, const u_char *data) { int ret; - int tot_pkt_len; - const void *pkt_header; - const void *next_header; - int opt_len; - unsigned short tunnel_type = STREAM_TUNNLE_NON; - - if(pstream->pktstate == OP_STATE_PENDING){ - opt_len = sizeof(short); - ret = MESA_get_stream_opt(pstream, MSO_STREAM_TUNNEL_TYPE, &tunnel_type, &opt_len); - if((ret < 0) || (tunnel_type != STREAM_TUNNEL_GPRS_TUNNEL)){ - return APP_STATE_DROPME; - } - - ret = get_rawpkt_opt_from_streaminfo(pstream, RAW_PKT_GET_DATA, &pkt_header); - if(ret < 0){ - printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(), get_rawpkt_opt_from_streaminfo()->RAW_PKT_GET_DATA error!\033[0m\n"); - sendto_test_result(GTEST_SAPP_ERR); - exit(1); - } - ret = get_rawpkt_opt_from_streaminfo(pstream, RAW_PKT_GET_TOT_LEN, &tot_pkt_len); - if(ret < 0){ - printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(), get_rawpkt_opt_from_streaminfo()->RAW_PKT_GET_TOT_LEN error!\033[0m\n"); - sendto_test_result(GTEST_SAPP_ERR); - exit(1); - } - - next_header = MESA_net_jump_to_layer_greedy(pkt_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV6); - if(NULL == next_header){ - printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): eth->vlan->ipv6 error!\033[0m\n"); - sendto_test_result(GTEST_SAPP_ERR); - exit(1); - } - const struct ip6_hdr* inner_ip6hdr = (struct ip6_hdr*)next_header; - jump_check_ipv6_pkt(inner_ip6hdr, 64, IPPROTO_UDP, "2409:8034:4025::1:941", "2409:8034:4040:5300::205"); + const void *eth_header = data; + const void *outer_ipv6_header; + const void *outer_udp_header; + const void *gtp_header; + const void *inner_ipv4_header; + const void *inner_tcp_header; - const struct ip * inner_ip4hdr; - inner_ip4hdr = ( struct ip *)MESA_net_jump_to_layer_greedy(pkt_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4); - if(NULL == next_header){ - printf("\033[1;31;jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): eth->ipv6->udp->gtp->ipv4 error!\033[0m\n"); - sendto_test_result(GTEST_SAPP_ERR); - exit(1); - } - if(inner_ip4hdr != a_packet){ - printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): inner ip4 header is not equal with plug_entry->a_packet!\033[0m\n"); - sendto_test_result(GTEST_SAPP_ERR); - exit(1); - } - - next_header = MESA_net_jump_to_layer_greedy(pkt_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP); - if(NULL == next_header){ - printf("\033[1;31;jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): eth->ipv6->udp->gtp->ipv6->tcp error!\033[0m\n"); - sendto_test_result(GTEST_SAPP_ERR); - exit(1); - } - - const struct tcphdr* thdr = (struct tcphdr *)next_header; - jump_check_tcp_pkt(thdr, 20, 47892, 80); - - printf("\033[32m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry() test succ\033[0m\n"); - sendto_test_result(GTEST_SAPP_SUCC); + outer_ipv6_header = MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV6); + if(NULL == outer_ipv6_header){ + printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): eth->vlan->ipv6 error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + ret = jump_check_ipv6_pkt((struct ip6_hdr*)outer_ipv6_header, 64, IPPROTO_UDP, "2409:8034:4025::1:941", "2409:8034:4040:5300::205"); + if(ret < 0){ + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; } - return APP_STATE_DROPME; + outer_udp_header = MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_UDP); + if(NULL == outer_udp_header){ + printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): eth->vlan->ipv6->udp error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + ret = jump_check_udp_pkt((const struct udphdr *)outer_udp_header, 64, 2152, 2152); + if(ret < 0){ + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + const void *greedy_udp_hdr = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_UDP); + if(greedy_udp_hdr != outer_udp_header){ + printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + gtp_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_GPRS_TUNNEL); + if(NULL == gtp_header){ + printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp->gtp error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + inner_ipv4_header = ( struct ip *)MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4); + if(NULL == inner_ipv4_header){ + printf("\033[1;31;jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): eth->ipv6->udp->gtp->ipv4 error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + ret = jump_check_ipv4_pkt((struct ip *)inner_ipv4_header, 40, IPPROTO_TCP, "10.16.131.196", "112.49.26.208"); + if(ret < 0){ + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + const void *greedy_inner_ip4_hdr = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4); + if(greedy_inner_ip4_hdr != inner_ipv4_header){ + printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp->ipv4 error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + + inner_tcp_header = MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP); + if(NULL == inner_tcp_header){ + printf("\033[1;31;jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): eth->ipv6->udp->gtp->ipv6->tcp error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + ret = jump_check_tcp_pkt((struct tcphdr *)inner_tcp_header, 20, 47892, 80); + if(ret < 0){ + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + const void *greedy_tcp_hdr = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP); + if(greedy_tcp_hdr != inner_tcp_header){ + printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp->ipv4->tcp error!\033[0m\n"); + *result_val = -1; + pcap_breakloop(g_jmp_pcap_handle); + return; + } + + printf("\033[32m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp() test succ\033[0m\n"); + + *result_val = 0; + return; } -#endif + + +#define __jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp 1 +TEST(jump_layer, eth_vlan_ip6_udp_gtpext_ip4_tcp) +{ + int fun_ret; + u_char chk_res = -1; + + fun_ret = jmp_file_md5_checksum("./sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap", "d51cebb81e70baaf9568f13af867f6c4"); + ASSERT_EQ(fun_ret, 0); + + fun_ret = jmp_pcap_init("./sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap", jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp, (u_char *)&chk_res); + ASSERT_EQ(fun_ret, 0); + + ASSERT_EQ(chk_res, 0); +} + int main(int argc, char *argv[]) { diff --git a/test/sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap b/test/sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap new file mode 100644 index 0000000..39bebd8 Binary files /dev/null and b/test/sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap differ