gfwleak/stellar-stellar
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

optimizate inject packt test case

Browse Source
This commit is contained in:
luwenpeng
2024-06-27 15:07:54 +08:00
parent 83bffdd008
commit da9fb7cd11
40 changed files with 904 additions and 1004 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
test/packet_inject/CMakeLists.txt
View File

@@ -1,18 +1,14 @@
# build packet_injector
add_executable(packet_injector packet_inject_main.cpp packet_inject_plugin.cpp)
target_link_libraries(packet_injector "-rdynamic")
target_link_libraries(packet_injector stellar_core)
# build libpacket_inject_plugin.so
add_library(packet_inject_plugin SHARED packet_inject_plugin.cpp)
target_include_directories(packet_inject_plugin PUBLIC ${CMAKE_SOURCE_DIR}/include/)
set_target_properties(packet_inject_plugin PROPERTIES LINK_FLAGS "-Wl,--version-script=${CMAKE_CURRENT_LIST_DIR}/version.map")
# build libpacket_inject.so
add_library(packet_inject SHARED packet_inject.cpp)
target_link_libraries(packet_inject stellar_devel toml)
target_include_directories(packet_inject PUBLIC ${CMAKE_SOURCE_DIR}/include/)
set_target_properties(packet_inject PROPERTIES LINK_FLAGS "-Wl,--version-script=${CMAKE_CURRENT_LIST_DIR}/version.map")
# build gtest
function(packet_inject_add_case EXEC_NAME)
add_executable(${EXEC_NAME} ${EXEC_NAME}.cpp packet_inject_main.cpp packet_inject_plugin.cpp packet_inject_test.cpp)
add_executable(${EXEC_NAME} ${EXEC_NAME}.cpp)
target_link_libraries(${EXEC_NAME} "-rdynamic")
target_link_libraries(${EXEC_NAME} stellar_core gtest)
target_link_libraries(${EXEC_NAME} stellar_devel gtest)
gtest_discover_tests(${EXEC_NAME})
endfunction()
@@ -26,5 +22,4 @@ packet_inject_add_case(gtest_inject_tcp_payload_after_recv_s2c_first_payload)
packet_inject_add_case(gtest_inject_tcp_payload_fin_rst_after_recv_c2s_first_payload)
file(COPY ./conf/ DESTINATION ./conf/)
file(COPY ./pcap/ DESTINATION ./pcap/)
file(COPY ./plugin/ DESTINATION ./plugin/)
file(COPY ./pcap/ DESTINATION ./pcap/)

34
test/packet_inject/README.md
View File

@@ -8,22 +8,6 @@ tcpdump -i virtio_dign_c host 192.0.2.110 and port 80 -n -v -w virtio_dign_c.pca
tcpdump -i virtio_dign_s host 192.0.2.110 and port 80 -n -v -w virtio_dign_s.pcap
```
## 运行
``` shell
./packet_injector -t tcp-rst -c c2s-packet -n 1 # After recv SYN
./packet_injector -t tcp-rst -c s2c-packet -n 1 # After recv SYN-ACK
./packet_injector -t tcp-rst -c c2s-packet -n 2 # After recv Sub-ACK
./packet_injector -t tcp-rst -c c2s-packet -n 3 # After recv First-Payload
```
``` shell
./packet_injector -t tcp-fin -c c2s-packet -n 1 # After recv SYN
./packet_injector -t tcp-fin -c s2c-packet -n 1 # After recv SYN-ACK
./packet_injector -t tcp-fin -c c2s-packet -n 2 # After recv Sub-ACK
./packet_injector -t tcp-fin -c c2s-packet -n 3 # After recv First-Payload
```
## 拨测
``` shell
@@ -33,12 +17,12 @@ curl -v http://http.badssl.selftest.gdnt-cloud.website --resolve "http.badssl.se
## 结果
| -t | -c | -n | Note | result |
| ----------- | ----------- | ----------- | ---------------------------- | ----------- |
| tcp-rst | c2s-packet | 1 | After recv SYN | Failed |
| tcp-rst | s2c-packet | 1 | After recv SYN-ACK | Success |
| tcp-rst | c2s-packet | 2 | After recv Sub-ACK | Success |
| tcp-rst | c2s-packet | 3 | After recv C2S First-Payload | Success |
| tcp-rst | s2c-packet | 3 | After recv S2C First-payload | Success |
| tcp-payload | c2s-packet | 3 | After recv C2S First-Payload | Success |
| tcp-payload | s2c-packet | 3 | After recv S2C First-payload | Success |
| type | dir | pkts | note | result |
| ----------- | ---- | ---- | ---------------------------- | ----------- |
| TCP-RST | C2S | 1 | After recv SYN | Failed |
| TCP-RST | S2C | 1 | After recv SYN-ACK | Success |
| TCP-RST | C2S | 2 | After recv Sub-ACK | Success |
| TCP-RST | C2S | 3 | After recv C2S First-Payload | Success |
| TCP-RST | S2C | 3 | After recv S2C First-payload | Success |
| TCP-PAYLOAD | C2S | 3 | After recv C2S First-Payload | Success |
| TCP-PAYLOAD | S2C | 3 | After recv S2C First-payload | Success |

7
test/packet_inject/conf/inject_ipv4_based_tcp_payload_after_recv_c2s_first_payload.toml Normal file
View File

@@ -0,0 +1,7 @@
# When C2S direction received 3 packets, inject a TCP packet with payload
[packet_inject]
filter_ip = any # eg: 2001:db8::1, 192.168.1.100, any
filter_port = 0 # eg: 80, 443 (0 for any)
filter_dir = C2S # eg: C2S, S2C
filter_pkts = 3 # can not be 0
inject_type = TCP-PAYLOAD # eg: TCP-RST, TCP-FIN, TCP-PAYLOAD, TCP-PAYLOAD-FIN-RST, UDP-PAYLOAD, CTRL-MSG

7
test/packet_inject/conf/inject_ipv4_based_tcp_payload_after_recv_s2c_first_payload.toml Normal file
View File

@@ -0,0 +1,7 @@
# When S2C direction received 3 packets, inject a TCP packet with payload
[packet_inject]
filter_ip = any # eg: 2001:db8::1, 192.168.1.100, any
filter_port = 0 # eg: 80, 443 (0 for any)
filter_dir = S2C # eg: C2S, S2C
filter_pkts = 3 # can not be 0
inject_type = TCP-PAYLOAD # eg: TCP-RST, TCP-FIN, TCP-PAYLOAD, TCP-PAYLOAD-FIN-RST, UDP-PAYLOAD, CTRL-MSG

7
test/packet_inject/conf/inject_ipv4_based_tcp_payload_fin_rst_after_recv_c2s_first_payload.toml Normal file
View File

@@ -0,0 +1,7 @@
# When C2S direction received 3 packets, inject a TCP packet with payload, then a FIN packet, then a RST packet
[packet_inject]
filter_ip = any # eg: 2001:db8::1, 192.168.1.100, any
filter_port = 0 # eg: 80, 443 (0 for any)
filter_dir = C2S # eg: C2S, S2C
filter_pkts = 3 # can not be 0
inject_type = TCP-PAYLOAD-FIN-RST # eg: TCP-RST, TCP-FIN, TCP-PAYLOAD, TCP-PAYLOAD-FIN-RST, UDP-PAYLOAD, CTRL-MSG

7
test/packet_inject/conf/inject_ipv4_based_tcp_rst_after_recv_c2s_first_payload.toml Normal file
View File

@@ -0,0 +1,7 @@
# When C2S direction received 3 packets, inject a TCP RST packet
[packet_inject]
filter_ip = any # eg: 2001:db8::1, 192.168.1.100, any
filter_port = 0 # eg: 80, 443 (0 for any)
filter_dir = C2S # eg: C2S, S2C
filter_pkts = 3 # can not be 0
inject_type = TCP-RST # eg: TCP-RST, TCP-FIN, TCP-PAYLOAD, TCP-PAYLOAD-FIN-RST, UDP-PAYLOAD, CTRL-MSG

7
test/packet_inject/conf/inject_ipv4_based_tcp_rst_after_recv_s2c_first_payload.toml Normal file
View File

@@ -0,0 +1,7 @@
# When S2C direction received 3 packets, inject a TCP RST packet
[packet_inject]
filter_ip = any # eg: 2001:db8::1, 192.168.1.100, any
filter_port = 0 # eg: 80, 443 (0 for any)
filter_dir = S2C # eg: C2S, S2C
filter_pkts = 3 # can not be 0
inject_type = TCP-RST # eg: TCP-RST, TCP-FIN, TCP-PAYLOAD, TCP-PAYLOAD-FIN-RST, UDP-PAYLOAD, CTRL-MSG

7
test/packet_inject/conf/inject_ipv4_based_tcp_rst_after_recv_sub_ack.toml Normal file
View File

@@ -0,0 +1,7 @@
# When C2S direction received 2 packets, inject a TCP RST packet
[packet_inject]
filter_ip = any # eg: 2001:db8::1, 192.168.1.100, any
filter_port = 0 # eg: 80, 443 (0 for any)
filter_dir = C2S # eg: C2S, S2C
filter_pkts = 2 # can not be 0
inject_type = TCP-RST # eg: TCP-RST, TCP-FIN, TCP-PAYLOAD, TCP-PAYLOAD-FIN-RST, UDP-PAYLOAD, CTRL-MSG

7
test/packet_inject/conf/inject_ipv4_based_tcp_rst_after_recv_syn_ack.toml Normal file
View File

@@ -0,0 +1,7 @@
# When S2C direction received 1 packets, inject a TCP RST packet
[packet_inject]
filter_ip = any # eg: 2001:db8::1, 192.168.1.100, any
filter_port = 0 # eg: 80, 443 (0 for any)
filter_dir = S2C # eg: C2S, S2C
filter_pkts = 1 # can not be 0
inject_type = TCP-RST # eg: TCP-RST, TCP-FIN, TCP-PAYLOAD, TCP-PAYLOAD-FIN-RST, UDP-PAYLOAD, CTRL-MSG

4
test/packet_inject/conf/spec.toml Normal file
View File

@@ -0,0 +1,4 @@
[[plugin]]
path = "./plugin/libpacket_inject.so"
init = "packet_inject_init"
exit = "packet_inject_exit"

25
test/packet_inject/gtest_inject_tcp_payload_after_recv_c2s_first_payload.cpp
View File

@@ -4,26 +4,17 @@
TEST(INJECT_IPV4_BASED_TCP_PAYLOAD, AFTER_RECV_C2S_FIRST_PAYLOAD)
{
char current_dir[1024] = {0};
char curr_dir[1024] = {0};
char work_dir[2048] = {0};
char input_dir[2048] = {0};
getcwd(current_dir, sizeof(current_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", current_dir, "inject_ipv4_based_tcp_payload_after_recv_c2s_first_payload");
snprintf(input_dir, sizeof(input_dir), "%s/%s", current_dir, "pcap/inject_ipv4_based_tcp_payload_after_recv_c2s_first_payload/test/");
char pcap_dir[2048] = {0};
getcwd(curr_dir, sizeof(curr_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", curr_dir, "INJECT_IPV4_BASED_TCP_PAYLOAD_AFTER_RECV_C2S_FIRST_PAYLOAD");
snprintf(pcap_dir, sizeof(pcap_dir), "%s/%s", curr_dir, "pcap/inject_ipv4_based_tcp_payload_after_recv_c2s_first_payload/test/");
struct packet_inject_case test = {
// descriptor
.finish_clean_work_dir = 0,
.descriptor = "Inject IPv4 based TCP Payload after receiving C2S first payload packet.",
.work_dir = work_dir,
// prefix
.input_prefix = input_dir,
// input pcap
.pcap_dir = pcap_dir,
.input_pcap = "input.pcap",
// compare
.compares = {
{
.expect_pcap = "expect-192.0.2.110:80-192.0.2.212:54146-1.pcap",
@@ -46,9 +37,7 @@ TEST(INJECT_IPV4_BASED_TCP_PAYLOAD, AFTER_RECV_C2S_FIRST_PAYLOAD)
.inject_pcap = NULL,
},
},
// packet injector command
.packet_injector_cmd = {"./packet_injector", "-t", "tcp-payload", "-c", "c2s-packet", "-n", "3"},
.plugin_config_file = "inject_ipv4_based_tcp_payload_after_recv_c2s_first_payload.toml",
.diff_skip_pattern = "-I frame.time -I frame.time_epoch -I ip.id -I ip.ttl -I ip.checksum -I tcp.checksum -I tcp.window_size",
};

25
test/packet_inject/gtest_inject_tcp_payload_after_recv_s2c_first_payload.cpp
View File

@@ -4,26 +4,17 @@
TEST(INJECT_IPV4_BASED_TCP_PAYLOAD, AFTER_RECV_S2C_FIRST_PAYLOAD)
{
char current_dir[1024] = {0};
char curr_dir[1024] = {0};
char work_dir[2048] = {0};
char input_dir[2048] = {0};
getcwd(current_dir, sizeof(current_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", current_dir, "inject_ipv4_based_tcp_payload_after_recv_s2c_first_payload");
snprintf(input_dir, sizeof(input_dir), "%s/%s", current_dir, "pcap/inject_ipv4_based_tcp_payload_after_recv_s2c_first_payload/test/");
char pcap_dir[2048] = {0};
getcwd(curr_dir, sizeof(curr_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", curr_dir, "INJECT_IPV4_BASED_TCP_PAYLOAD_AFTER_RECV_S2C_FIRST_PAYLOAD");
snprintf(pcap_dir, sizeof(pcap_dir), "%s/%s", curr_dir, "pcap/inject_ipv4_based_tcp_payload_after_recv_s2c_first_payload/test/");
struct packet_inject_case test = {
// descriptor
.finish_clean_work_dir = 0,
.descriptor = "Inject IPv4 based TCP Payload after receiving S2C first payload packet.",
.work_dir = work_dir,
// prefix
.input_prefix = input_dir,
// input pcap
.pcap_dir = pcap_dir,
.input_pcap = "input.pcap",
// compare
.compares = {
{
.expect_pcap = "expect-192.0.2.110:80-192.0.2.213:48322-1.pcap",
@@ -46,9 +37,7 @@ TEST(INJECT_IPV4_BASED_TCP_PAYLOAD, AFTER_RECV_S2C_FIRST_PAYLOAD)
.inject_pcap = NULL,
},
},
// packet injector command
.packet_injector_cmd = {"./packet_injector", "-t", "tcp-payload", "-c", "s2c-packet", "-n", "3"},
.plugin_config_file = "inject_ipv4_based_tcp_payload_after_recv_s2c_first_payload.toml",
.diff_skip_pattern = "-I frame.time -I frame.time_epoch -I ip.id -I ip.ttl -I ip.checksum -I tcp.checksum -I tcp.window_size",
};

25
test/packet_inject/gtest_inject_tcp_payload_fin_rst_after_recv_c2s_first_payload.cpp
View File

@@ -4,26 +4,17 @@
TEST(INJECT_IPV4_BASED_TCP_PAYLOAD_FIN_RST, AFTER_RECV_C2S_FIRST_PAYLOAD)
{
char current_dir[1024] = {0};
char curr_dir[1024] = {0};
char work_dir[2048] = {0};
char input_dir[2048] = {0};
getcwd(current_dir, sizeof(current_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", current_dir, "inject_ipv4_based_tcp_payload_fin_rst_after_recv_c2s_first_payload");
snprintf(input_dir, sizeof(input_dir), "%s/%s", current_dir, "pcap/inject_ipv4_based_tcp_payload_fin_rst_after_recv_c2s_first_payload/test/");
char pcap_dir[2048] = {0};
getcwd(curr_dir, sizeof(curr_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", curr_dir, "INJECT_IPV4_BASED_TCP_PAYLOAD_FIN_RST_AFTER_RECV_C2S_FIRST_PAYLOAD");
snprintf(pcap_dir, sizeof(pcap_dir), "%s/%s", curr_dir, "pcap/inject_ipv4_based_tcp_payload_fin_rst_after_recv_c2s_first_payload/test/");
struct packet_inject_case test = {
// descriptor
.finish_clean_work_dir = 0,
.descriptor = "Inject IPv4 based TCP Payload & FIN & RST after receiving C2S first payload packet.",
.work_dir = work_dir,
// prefix
.input_prefix = input_dir,
// input pcap
.pcap_dir = pcap_dir,
.input_pcap = "input.pcap",
// compare
.compares = {
{
.expect_pcap = "expect-192.0.2.110:80-192.0.2.213:37296-1.pcap",
@@ -54,9 +45,7 @@ TEST(INJECT_IPV4_BASED_TCP_PAYLOAD_FIN_RST, AFTER_RECV_C2S_FIRST_PAYLOAD)
.inject_pcap = NULL,
},
},
// packet injector command
.packet_injector_cmd = {"./packet_injector", "-t", "tcp-payload-fin-rst", "-c", "c2s-packet", "-n", "3"},
.plugin_config_file = "inject_ipv4_based_tcp_payload_fin_rst_after_recv_c2s_first_payload.toml",
.diff_skip_pattern = "-I frame.time -I frame.time_epoch -I ip.id -I ip.ttl -I ip.checksum -I tcp.checksum -I tcp.window_size",
};

25
test/packet_inject/gtest_inject_tcp_rst_after_recv_c2s_first_payload.cpp
View File

@@ -4,26 +4,17 @@
TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_C2S_FIRST_PAYLOAD)
{
char current_dir[1024] = {0};
char curr_dir[1024] = {0};
char work_dir[2048] = {0};
char input_dir[2048] = {0};
getcwd(current_dir, sizeof(current_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", current_dir, "inject_ipv4_based_tcp_rst_after_recv_c2s_first_payload");
snprintf(input_dir, sizeof(input_dir), "%s/%s", current_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_c2s_first_payload/test/");
char pcap_dir[2048] = {0};
getcwd(curr_dir, sizeof(curr_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", curr_dir, "INJECT_IPV4_BASED_TCP_RST_AFTER_RECV_C2S_FIRST_PAYLOAD");
snprintf(pcap_dir, sizeof(pcap_dir), "%s/%s", curr_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_c2s_first_payload/test/");
struct packet_inject_case test = {
// descriptor
.finish_clean_work_dir = 0,
.descriptor = "Inject IPv4 based TCP RST after receiving C2S first payload packet.",
.work_dir = work_dir,
// prefix
.input_prefix = input_dir,
// input pcap
.pcap_dir = pcap_dir,
.input_pcap = "input.pcap",
// compare
.compares = {
{
.expect_pcap = "expect-192.0.2.211:35116-192.0.2.110:80-1.pcap",
@@ -38,9 +29,7 @@ TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_C2S_FIRST_PAYLOAD)
.inject_pcap = NULL,
},
},
// packet injector command
.packet_injector_cmd = {"./packet_injector", "-t", "tcp-rst", "-c", "c2s-packet", "-n", "3"},
.plugin_config_file = "inject_ipv4_based_tcp_rst_after_recv_c2s_first_payload.toml",
.diff_skip_pattern = "-I frame.time -I frame.time_epoch -I ip.id -I ip.ttl -I ip.checksum -I tcp.checksum -I tcp.window_size",
};

25
test/packet_inject/gtest_inject_tcp_rst_after_recv_s2c_first_payload.cpp
View File

@@ -4,26 +4,17 @@
TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_S2C_FIRST_PAYLOAD)
{
char current_dir[1024] = {0};
char curr_dir[1024] = {0};
char work_dir[2048] = {0};
char input_dir[2048] = {0};
getcwd(current_dir, sizeof(current_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", current_dir, "inject_ipv4_based_tcp_rst_after_recv_s2c_first_payload");
snprintf(input_dir, sizeof(input_dir), "%s/%s", current_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_s2c_first_payload/test/");
char pcap_dir[2048] = {0};
getcwd(curr_dir, sizeof(curr_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", curr_dir, "INJECT_IPV4_BASED_TCP_RST_AFTER_RECV_S2C_FIRST_PAYLOAD");
snprintf(pcap_dir, sizeof(pcap_dir), "%s/%s", curr_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_s2c_first_payload/test/");
struct packet_inject_case test = {
// descriptor
.finish_clean_work_dir = 0,
.descriptor = "Inject IPv4 based TCP RST after receiving S2C first payload packet.",
.work_dir = work_dir,
// prefix
.input_prefix = input_dir,
// input pcap
.pcap_dir = pcap_dir,
.input_pcap = "input.pcap",
// compare
.compares = {
{
.expect_pcap = "expect-192.0.2.211:54408-192.0.2.110:80-1.pcap",
@@ -38,9 +29,7 @@ TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_S2C_FIRST_PAYLOAD)
.inject_pcap = NULL,
},
},
// packet injector command
.packet_injector_cmd = {"./packet_injector", "-t", "tcp-rst", "-c", "s2c-packet", "-n", "3"},
.plugin_config_file = "inject_ipv4_based_tcp_rst_after_recv_s2c_first_payload.toml",
.diff_skip_pattern = "-I frame.time -I frame.time_epoch -I ip.id -I ip.ttl -I ip.checksum -I tcp.checksum -I tcp.window_size",
};

25
test/packet_inject/gtest_inject_tcp_rst_after_recv_sub_ack.cpp
View File

@@ -4,26 +4,17 @@
TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_SUB_ACK)
{
char current_dir[1024] = {0};
char curr_dir[1024] = {0};
char work_dir[2048] = {0};
char input_dir[2048] = {0};
getcwd(current_dir, sizeof(current_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", current_dir, "inject_ipv4_based_tcp_rst_after_recv_sub_ack");
snprintf(input_dir, sizeof(input_dir), "%s/%s", current_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_sub_ack/test/");
char pcap_dir[2048] = {0};
getcwd(curr_dir, sizeof(curr_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", curr_dir, "INJECT_IPV4_BASED_TCP_RST_AFTER_RECV_SUB_ACK");
snprintf(pcap_dir, sizeof(pcap_dir), "%s/%s", curr_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_sub_ack/test/");
struct packet_inject_case test = {
// descriptor
.finish_clean_work_dir = 0,
.descriptor = "Inject IPv4 based TCP RST after receiving SUB-ACK packet.",
.work_dir = work_dir,
// prefix
.input_prefix = input_dir,
// input pcap
.pcap_dir = pcap_dir,
.input_pcap = "input.pcap",
// compare
.compares = {
{
.expect_pcap = "expect-192.0.2.211:42242-192.0.2.110:80-1.pcap",
@@ -38,9 +29,7 @@ TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_SUB_ACK)
.inject_pcap = NULL,
},
},
// packet injector command
.packet_injector_cmd = {"./packet_injector", "-t", "tcp-rst", "-c", "c2s-packet", "-n", "2"},
.plugin_config_file = "inject_ipv4_based_tcp_rst_after_recv_sub_ack.toml",
.diff_skip_pattern = "-I frame.time -I frame.time_epoch -I ip.id -I ip.ttl -I ip.checksum -I tcp.checksum -I tcp.window_size",
};

25
test/packet_inject/gtest_inject_tcp_rst_after_recv_syn_ack.cpp
View File

@@ -4,26 +4,17 @@
TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_SYN_ACK)
{
char current_dir[1024] = {0};
char curr_dir[1024] = {0};
char work_dir[2048] = {0};
char input_dir[2048] = {0};
getcwd(current_dir, sizeof(current_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", current_dir, "inject_ipv4_based_tcp_rst_after_recv_syn_ack");
snprintf(input_dir, sizeof(input_dir), "%s/%s", current_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_syn_ack/test/");
char pcap_dir[2048] = {0};
getcwd(curr_dir, sizeof(curr_dir));
snprintf(work_dir, sizeof(work_dir), "%s/%s", curr_dir, "INJECT_IPV4_BASED_TCP_RST_AFTER_RECV_SYN_ACK");
snprintf(pcap_dir, sizeof(pcap_dir), "%s/%s", curr_dir, "pcap/inject_ipv4_based_tcp_rst_after_recv_syn_ack/test/");
struct packet_inject_case test = {
// descriptor
.finish_clean_work_dir = 0,
.descriptor = "Inject IPv4 based TCP RST after receiving SYN-ACK packet.",
.work_dir = work_dir,
// prefix
.input_prefix = input_dir,
// input pcap
.pcap_dir = pcap_dir,
.input_pcap = "input.pcap",
// compare
.compares = {
{
.expect_pcap = "expect-192.0.2.211:59942-192.0.2.110:80-1.pcap",
@@ -38,9 +29,7 @@ TEST(INJECT_IPV4_BASED_TCP_RST, AFTER_RECV_SYN_ACK)
.inject_pcap = NULL,
},
},
// packet injector command
.packet_injector_cmd = {"./packet_injector", "-t", "tcp-rst", "-c", "s2c-packet", "-n", "1"},
.plugin_config_file = "inject_ipv4_based_tcp_rst_after_recv_syn_ack.toml",
.diff_skip_pattern = "-I frame.time -I frame.time_epoch -I ip.id -I ip.ttl -I ip.checksum -I tcp.checksum -I tcp.window_size",
};

568
test/packet_inject/packet_inject.cpp Normal file
View File

@@ -0,0 +1,568 @@
#include <stdio.h>
#include <errno.h>
#include <stdlib.h>
#include <string.h>
#include <arpa/inet.h>
#include "toml.h"
#include "stellar/layer.h"
#include "stellar/session_mq.h"
#define LOG_ERR(fmt, ...) printf("ERROR [packet inject] " fmt, ##__VA_ARGS__)
#define LOG_INFO(fmt, ...) printf("INFO [packet inject] " fmt, ##__VA_ARGS__)
/******************************************************************************
* Config
******************************************************************************/
enum inject_type
{
INJECT_TCP_RST = 1,
INJECT_TCP_FIN = 2,
INJECT_TCP_PAYLOAD = 3,
INJECT_TCP_PAYLOAD_FIN_RST = 4,
INJECT_UDP_PAYLOAD = 5,
INJECT_CTRL_MSG = 6,
};
struct config
{
int family; // AF_INET or AF_INET6
union
{
struct sockaddr_in v4;
struct sockaddr_in6 v6;
} addr;
uint16_t port;
uint64_t number; // inject packet after (C2S/S2C) direction receiving n packets
enum inject_type type;
enum flow_direction direction;
};
static const char *inject_type_to_str(enum inject_type type)
{
switch (type)
{
case INJECT_TCP_RST:
return "TCP-RST";
case INJECT_TCP_FIN:
return "TCP-FIN";
case INJECT_TCP_PAYLOAD:
return "TCP-PAYLOAD";
case INJECT_TCP_PAYLOAD_FIN_RST:
return "TCP-PAYLOAD-FIN-RST";
case INJECT_UDP_PAYLOAD:
return "UDP-PAYLOAD";
case INJECT_CTRL_MSG:
return "CTRL-MSG";
default:
return "UNKNOWN";
}
}
static int load_config(struct config *config, const char *file)
{
int ret = -1;
char errbuf[200];
const char *ptr;
FILE *fp = NULL;
toml_table_t *root = NULL;
toml_table_t *sub = NULL;
memset(config, 0, sizeof(struct config));
fp = fopen(file, "r");
if (fp == NULL)
{
LOG_ERR("open config file %s failed, %s\n", file, strerror(errno));
goto error_out;
}
root = toml_parse_file(fp, errbuf, sizeof(errbuf));
if (root == NULL)
{
LOG_ERR("parse config file %s failed, %s\n", file, errbuf);
goto error_out;
}
sub = toml_table_in(root, "packet_inject");
if (sub == NULL)
{
LOG_ERR("config file missing packet_inject section\n");
goto error_out;
}
ptr = toml_raw_in(sub, "filter_ip");
if (ptr == NULL)
{
LOG_ERR("config file missing packet_inject->filter_ip\n");
goto error_out;
}
if (strcmp(ptr, "any") == 0)
{
config->family = AF_UNSPEC;
}
else if (inet_pton(AF_INET, ptr, &config->addr.v4.sin_addr) == 1)
{
config->family = AF_INET;
}
else if (inet_pton(AF_INET6, ptr, &config->addr.v6.sin6_addr) == 1)
{
config->family = AF_INET6;
}
else
{
LOG_ERR("parse packet_inject->filter_ip failed, invalid ip address: %s\n", ptr);
goto error_out;
}
ptr = toml_raw_in(sub, "filter_port");
if (ptr == NULL)
{
LOG_ERR("config file missing packet_inject->filter_port\n");
goto error_out;
}
config->port = atoi(ptr);
ptr = toml_raw_in(sub, "filter_dir");
if (ptr == NULL)
{
LOG_ERR("config file missing packet_inject->filter_dir\n");
goto error_out;
}
if (strcmp(ptr, "C2S") == 0)
{
config->direction = FLOW_DIRECTION_C2S;
}
else if (strcmp(ptr, "S2C") == 0)
{
config->direction = FLOW_DIRECTION_S2C;
}
else
{
LOG_ERR("parse packet_inject->filter_dir failed, invalid direction: %s\n", ptr);
goto error_out;
}
ptr = toml_raw_in(sub, "filter_pkts");
if (ptr == NULL)
{
LOG_ERR("config file missing packet_inject->filter_pkts\n");
goto error_out;
}
config->number = atoi(ptr);
if (config->number == 0)
{
LOG_ERR("parse packet_inject->filter_pkts failed, invalid number: %s\n", ptr);
goto error_out;
}
ptr = toml_raw_in(sub, "inject_type");
if (ptr == NULL)
{
LOG_ERR("config file missing packet_inject->inject_type\n");
goto error_out;
}
if (strcmp(ptr, "TCP-RST") == 0)
{
config->type = INJECT_TCP_RST;
}
else if (strcmp(ptr, "TCP-FIN") == 0)
{
config->type = INJECT_TCP_FIN;
}
else if (strcmp(ptr, "TCP-PAYLOAD") == 0)
{
config->type = INJECT_TCP_PAYLOAD;
}
else if (strcmp(ptr, "TCP-PAYLOAD-FIN-RST") == 0)
{
config->type = INJECT_TCP_PAYLOAD_FIN_RST;
}
else if (strcmp(ptr, "UDP-PAYLOAD") == 0)
{
config->type = INJECT_UDP_PAYLOAD;
}
else if (strcmp(ptr, "CTRL-MSG") == 0)
{
config->type = INJECT_CTRL_MSG;
}
else
{
LOG_ERR("parse packet_inject->inject_type failed, invalid inject type: %s\n", ptr);
goto error_out;
}
ret = 0;
error_out:
if (root)
{
toml_free(root);
}
if (fp)
{
fclose(fp);
}
return ret;
}
static void print_config(const struct config *config)
{
char addr_str[INET6_ADDRSTRLEN] = {0};
switch (config->family)
{
case AF_INET:
inet_ntop(AF_INET, &config->addr.v4, addr_str, INET6_ADDRSTRLEN);
break;
case AF_INET6:
inet_ntop(AF_INET6, &config->addr.v6, addr_str, INET6_ADDRSTRLEN);
break;
default:
snprintf(addr_str, INET6_ADDRSTRLEN, "any");
break;
}
LOG_INFO("config->filter_ip : %s\n", addr_str);
LOG_INFO("config->filter_port : %d\n", config->port);
LOG_INFO("config->filter_dir : %s\n", config->direction == FLOW_DIRECTION_C2S ? "C2S" : "S2C");
LOG_INFO("config->filter_pkts : %lu\n", config->number);
LOG_INFO("config->inject_type : %s\n", inject_type_to_str(config->type));
}
/******************************************************************************
* Utils
******************************************************************************/
struct packet_exdata
{
enum flow_direction flow_dir;
union
{
struct in_addr v4;
struct in6_addr v6;
} src_addr, dst_addr;
uint16_t src_port; // host byte order
uint16_t dst_port; // host byte order
uint16_t tcp_payload_len;
uint32_t tcp_seq; // host byte order
uint32_t tcp_ack; // host byte order
uint8_t tcp_flags;
uint32_t inc_seq;
uint32_t inc_ack;
};
static inline void packet_exdata_init(const struct packet *pkt, enum flow_direction dir, struct packet_exdata *pkt_exdata)
{
memset(pkt_exdata, 0, sizeof(struct packet_exdata));
pkt_exdata->flow_dir = dir;
int get_inner_addr = 0;
struct layer layer;
PACKET_FOREACH_LAYER_REVERSE(pkt, layer)
{
switch (layer.proto)
{
case LAYER_PROTO_TCP:
pkt_exdata->src_port = ntohs(layer.hdr.tcp->th_sport);
pkt_exdata->dst_port = ntohs(layer.hdr.tcp->th_dport);
pkt_exdata->tcp_seq = ntohl(layer.hdr.tcp->th_seq);
pkt_exdata->tcp_ack = ntohl(layer.hdr.tcp->th_ack);
pkt_exdata->tcp_flags = layer.hdr.tcp->th_flags;
pkt_exdata->tcp_payload_len = packet_get_payload_len(pkt);
break;
case LAYER_PROTO_UDP:
pkt_exdata->src_port = ntohs(layer.hdr.udp->uh_sport);
pkt_exdata->dst_port = ntohs(layer.hdr.udp->uh_dport);
break;
case LAYER_PROTO_IPV4:
pkt_exdata->src_addr.v4 = layer.hdr.ip4->ip_src;
pkt_exdata->dst_addr.v4 = layer.hdr.ip4->ip_dst;
get_inner_addr = 1;
break;
case LAYER_PROTO_IPV6:
pkt_exdata->src_addr.v6 = layer.hdr.ip6->ip6_src;
pkt_exdata->dst_addr.v6 = layer.hdr.ip6->ip6_dst;
get_inner_addr = 1;
break;
default:
break;
}
if (get_inner_addr)
{
break;
}
}
}
static inline uint32_t uint32_add(uint32_t seq, uint32_t inc)
{
if (seq > UINT32_MAX - inc)
{
seq = ((uint64_t)seq + (uint64_t)inc) % (4294967296);
}
else
{
seq += inc;
}
return seq;
}
static void imitate_and_send_udp_packet(struct stellar *st, struct session *sess, struct packet_exdata *pkt_exdata,
enum flow_direction inject_dir, const char *udp_payload, uint16_t udp_payload_len)
{
const struct packet *origin_pkt = session_get_first_packet(sess, inject_dir);
if (origin_pkt == NULL)
{
LOG_ERR("imitate UDP packet failed, %s origin packet is NULL\n", inject_dir == FLOW_DIRECTION_C2S ? "C2S" : "S2C");
return;
}
struct packet *imitate_pkt = imitate_udp_packet(origin_pkt, udp_payload, udp_payload_len);
if (imitate_pkt == NULL)
{
LOG_ERR("imitate UDP packet failed\n");
return;
}
stellar_send_crafted_packet(st, imitate_pkt);
}
static void imitate_and_send_tcp_packet(struct stellar *st, struct session *sess, struct packet_exdata *pkt_exdata,
enum flow_direction inject_dir, uint8_t tcp_flags, const char *tcp_payload, uint16_t tcp_payload_len)
{
uint32_t tcp_seq = 0;
uint32_t tcp_ack = 0;
/*
* +--------+ current packet +---------+ C2S RST +--------+
* | |----------------->| |----------------->| |
* | Client | | Stellar | | Server |
* | |<-----------------| |<-----------------| |
* +--------+ S2C RST +---------+ +--------+
*
* for example: current packet is C2S
*
* inject direction == current direction (inject C2S RST)
* tcp_seq = current_packet_seq
* tcp_ack = current_packet_ack
*
* inject direction != current direction (inject S2C RST)
* tcp_seq = current_packet_ack
* tcp_ack = current_packet_seq + current_packet_payload_len
* or if current packet is a SYN-ACK packet
* tcp_seq = current_packet_seq
* tcp_ack = current_packet_ack + current_packet_payload_len + 1
*/
if (inject_dir == pkt_exdata->flow_dir)
{
tcp_seq = uint32_add(pkt_exdata->tcp_seq, pkt_exdata->inc_seq);
tcp_ack = pkt_exdata->tcp_ack;
pkt_exdata->inc_seq += tcp_payload_len;
pkt_exdata->inc_seq += (tcp_flags & TH_FIN) ? 1 : 0; // inject RST packer after FIN packer, tcp_seq should be increased by 1
}
else
{
tcp_seq = uint32_add(pkt_exdata->tcp_ack, pkt_exdata->inc_ack);
tcp_ack = uint32_add(pkt_exdata->tcp_seq, pkt_exdata->tcp_payload_len + (pkt_exdata->tcp_flags & TH_SYN ? 1 : 0));
pkt_exdata->inc_ack += tcp_payload_len;
pkt_exdata->inc_ack += (tcp_flags & TH_FIN) ? 1 : 0; // inject RST packer after FIN packer, ack should be increased by 1
}
const struct packet *origin_pkt = session_get_first_packet(sess, inject_dir);
if (origin_pkt == NULL)
{
LOG_ERR("imitate TCP packet failed, %s origin packet is NULL\n", inject_dir == FLOW_DIRECTION_C2S ? "C2S" : "S2C");
return;
}
struct packet *imitate_pkt = imitate_tcp_packet(origin_pkt, tcp_seq, tcp_ack, tcp_flags, tcp_payload, tcp_payload_len);
if (imitate_pkt == NULL)
{
LOG_ERR("imitate TCP packet failed\n");
return;
}
stellar_send_crafted_packet(st, imitate_pkt);
}
/******************************************************************************
* Core logic
******************************************************************************/
struct plugin_ctx
{
struct config config;
struct stellar *st;
int sess_plug_id;
int tcp_topic_id;
int udp_topic_id;
};
static void *on_sess_new(struct session *sess, void *plugin_ctx)
{
// struct plugin_ctx *ctx = (struct plugin_ctx *)plugin_ctx;
LOG_INFO("handle session new: %s\n", session_get0_readable_addr(sess));
return NULL;
}
static void on_sess_free(struct session *sess, void *sess_ctx, void *plugin_ctx)
{
// struct plugin_ctx *ctx = (struct plugin_ctx *)plugin_ctx;
LOG_INFO("handle session free: %s\n", session_get0_readable_addr(sess));
}
static void on_sess_msg(struct session *sess, int topic_id, const void *msg, void *sess_ctx, void *plugin_ctx)
{
char buffer[1024] = {0};
struct packet *pkt = (struct packet *)msg;
struct plugin_ctx *ctx = (struct plugin_ctx *)plugin_ctx;
struct stellar *st = ctx->st;
struct config *config = &ctx->config;
enum flow_direction flow_dir = session_get_current_flow_direction(sess);
LOG_INFO("handle session msg: %s (C2S received packets: %lu, S2C received packets: %lu)\n",
session_get0_readable_addr(sess),
session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PACKETS_RECEIVED),
session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PACKETS_RECEIVED));
struct packet_exdata pkt_exdata;
packet_exdata_init(pkt, flow_dir, &pkt_exdata);
if (config->family == AF_INET &&
memcmp(&config->addr.v4, &pkt_exdata.src_addr.v4, sizeof(struct in_addr)) != 0 &&
memcmp(&config->addr.v4, &pkt_exdata.dst_addr.v4, sizeof(struct in_addr)) != 0)
{
return;
}
if (config->family == AF_INET6 &&
memcmp(&config->addr.v6, &pkt_exdata.src_addr.v6, sizeof(struct in6_addr)) != 0 &&
memcmp(&config->addr.v6, &pkt_exdata.dst_addr.v6, sizeof(struct in6_addr)) != 0)
{
return;
}
if (config->port &&
pkt_exdata.src_port != config->port &&
pkt_exdata.dst_port != config->port)
{
return;
}
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_INJECTED_PACKETS_SUCCESS) > 0 ||
session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_INJECTED_PACKETS_SUCCESS) > 0)
{
return;
}
if (config->direction == FLOW_DIRECTION_C2S && session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PACKETS_RECEIVED) != config->number)
{
return;
}
if (config->direction == FLOW_DIRECTION_S2C && session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PACKETS_RECEIVED) != config->number)
{
return;
}
switch (config->type)
{
case INJECT_TCP_RST:
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_C2S, TH_RST | TH_ACK, NULL, 0);
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_RST | TH_ACK, NULL, 0);
session_set_discard(sess);
break;
case INJECT_TCP_FIN:
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_C2S, TH_FIN | TH_ACK, NULL, 0);
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_FIN | TH_ACK, NULL, 0);
session_set_discard(sess);
break;
case INJECT_TCP_PAYLOAD:
snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\nContent-Length: %d\r\n\r\n%s", 5 + 5 + 2, "Hello");
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_ACK, buffer, strlen(buffer)); // inject payload to client
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_ACK, "World\r\n", 7); // inject payload to client
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_RST | TH_ACK, NULL, 0); // inject RST to client
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_C2S, TH_RST | TH_ACK, NULL, 0); // inject RST to server
session_set_discard(sess);
break;
case INJECT_TCP_PAYLOAD_FIN_RST:
snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\nContent-Length: %d\r\n\r\n%s", 5 + 5 + 2, "Hello");
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_ACK, buffer, strlen(buffer)); // inject payload to client
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_ACK, "World\r\n", 7); // inject payload to client
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_FIN | TH_ACK, NULL, 0); // inject FIN to client
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, TH_RST | TH_ACK, NULL, 0); // inject RST to client
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_C2S, TH_FIN | TH_ACK, NULL, 0); // inject FIN to server
imitate_and_send_tcp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_C2S, TH_RST | TH_ACK, NULL, 0); // inject RST to server
session_set_discard(sess);
break;
case INJECT_UDP_PAYLOAD:
imitate_and_send_udp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_C2S, "Hello Server", 12);
imitate_and_send_udp_packet(st, sess, &pkt_exdata, FLOW_DIRECTION_S2C, "Hello Client", 12);
session_set_discard(sess);
break;
case INJECT_CTRL_MSG:
// TOOD
break;
default:
break;
}
}
/******************************************************************************
* Plugin API
******************************************************************************/
extern "C"
{
void *packet_inject_init(struct stellar *st)
{
struct plugin_ctx *ctx = (struct plugin_ctx *)calloc(1, sizeof(struct plugin_ctx));
if (ctx == NULL)
{
return NULL;
}
if (load_config(&ctx->config, "./plugin/inject.toml") == -1)
{
LOG_ERR("load config failed\n");
free(ctx);
return NULL;
}
print_config(&ctx->config);
ctx->st = st;
ctx->sess_plug_id = stellar_session_plugin_register(st, on_sess_new, on_sess_free, ctx);
ctx->tcp_topic_id = stellar_session_mq_get_topic_id(st, TOPIC_TCP);
ctx->udp_topic_id = stellar_session_mq_get_topic_id(st, TOPIC_UDP);
stellar_session_mq_subscribe(st, ctx->tcp_topic_id, on_sess_msg, ctx->sess_plug_id);
stellar_session_mq_subscribe(st, ctx->udp_topic_id, on_sess_msg, ctx->sess_plug_id);
LOG_INFO("init\n");
return ctx;
}
void packet_inject_exit(void *plugin_ctx)
{
struct plugin_ctx *ctx = (struct plugin_ctx *)plugin_ctx;
if (ctx)
{
LOG_INFO("exit\n");
free(ctx);
}
}
}

166
test/packet_inject/packet_inject_main.cpp
View File

@@ -1,166 +0,0 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "stellar_utils.h"
#include "packet_inject_main.h"
struct packet_inject_rule rule = {0};
static void usage(char *cmd)
{
printf("Usage: %s [options]\n\n", cmd);
printf("Options:\n");
printf(" -h <ip> Host IP address\n");
printf(" -p <port> Port number\n");
printf(" -t <type> Type of manipulation\n");
printf(" Options: tcp-rst, tcp-fin, tcp-payload, tcp-payload-fin-rst, udp-payload, ctrl-msg\n");
printf(" -c <condition> Condition for manipulation\n");
printf(" Options: c2s-packet, s2c-packet\n");
printf(" -n <number> Number of packets received before injecting action\n\n");
printf("Example:\n");
printf(" %s -h 192.168.1.100 -p 8080 -t tcp-payload -c c2s-packet -n 5\n", cmd);
printf(" %s -h 2001:db8::1 -p 8080 -t tcp-rst -c s2c-packet -n 10\n", cmd);
printf("\n");
}
static int parse_cmd(int argc, char **argv)
{
int opt = 0;
const char *host = NULL;
const char *type = NULL;
const char *condition = NULL;
while ((opt = getopt(argc, argv, "h:p:t:c:n:")) != -1)
{
switch (opt)
{
case 'h':
host = optarg;
break;
case 'p':
rule.port = htons(atoi(optarg));
break;
case 't':
type = optarg;
break;
case 'c':
condition = optarg;
break;
case 'n':
rule.number = atoi(optarg);
break;
default:
usage(argv[0]);
break;
}
}
if (host)
{
if (inet_pton(AF_INET, host, &rule.addr4) != 1)
{
if (inet_pton(AF_INET6, host, &rule.addr6) != 1)
{
printf("unable to convert host %s to IPv4 / IPv6\n", host);
return -1;
}
else
{
rule.family = AF_INET6;
}
}
else
{
rule.family = AF_INET;
}
}
if (type == NULL)
{
usage(argv[0]);
printf("invalid type\n");
return -1;
}
else if (strcmp(type, "tcp-rst") == 0)
{
rule.inject_type = INJECT_TYPE_TCP_RST;
}
else if (strcmp(type, "tcp-fin") == 0)
{
rule.inject_type = INJECT_TYPE_TCP_FIN;
}
else if (strcmp(type, "tcp-payload") == 0)
{
rule.inject_type = INJECT_TYPE_TCP_PAYLOAD;
}
else if (strcmp(type, "tcp-payload-fin-rst") == 0)
{
rule.inject_type = INJECT_TYPE_TCP_PAYLOAD_FIN_RST;
}
else if (strcmp(type, "udp-payload") == 0)
{
rule.inject_type = INJECT_TYPE_UDP_PAYLOAD;
}
else if (strcmp(type, "ctrl-msg") == 0)
{
rule.inject_type = INJECT_TYPE_CTRL_MSG;
}
else
{
usage(argv[0]);
printf("invalid type\n");
return -1;
}
if (condition == NULL)
{
usage(argv[0]);
printf("invalid condition\n");
return -1;
}
else if (strcmp(condition, "c2s-packet") == 0)
{
rule.direction = AFTER_RECV_C2S_N_PACKET;
}
else if (strcmp(condition, "s2c-packet") == 0)
{
rule.direction = AFTER_RECV_S2C_N_PACKET;
}
else
{
usage(argv[0]);
printf("invalid condition\n");
return -1;
}
if (rule.number <= 0)
{
usage(argv[0]);
printf("invalid count\n");
return -1;
}
printf("%s load inject rule:\n", argv[0]);
printf(" host : %s\n", host);
printf(" port : %d\n", ntohs(rule.port));
printf(" type : %s\n", type);
printf(" condition : %s\n", condition);
printf(" count : %lu\n\n", rule.number);
return 0;
}
int packet_inject_main(int argc, char **argv)
{
if (parse_cmd(argc, argv) != 0)
{
return -1;
}
return stellar_main(argc, argv);
}
int __attribute__((weak)) main(int argc, char **argv)
{
return packet_inject_main(argc, argv);
}

44
test/packet_inject/packet_inject_main.h
View File

@@ -1,44 +0,0 @@
#pragma once
#ifdef __cplusplus
extern "C"
{
#endif
#include <arpa/inet.h>
#include "stellar/packet.h"
#define AFTER_RECV_C2S_N_PACKET 1
#define AFTER_RECV_S2C_N_PACKET 2
enum packet_inject_type
{
INJECT_TYPE_TCP_RST = 1,
INJECT_TYPE_TCP_FIN = 2,
INJECT_TYPE_TCP_PAYLOAD = 3,
INJECT_TYPE_TCP_PAYLOAD_FIN_RST = 4,
INJECT_TYPE_UDP_PAYLOAD = 5,
INJECT_TYPE_CTRL_MSG = 6,
};
struct packet_inject_rule
{
int family; /* AF_INET or AF_INET6 */
struct in_addr addr4; /* network order */
struct in6_addr addr6; /* network order */
uint16_t port; /* network order */
enum packet_inject_type inject_type;
// inject packet after (C2S/S2C) receiving n packets
int direction; // AFTER_RECV_C2S_N_PACKET or AFTER_RECV_S2C_N_PACKET
uint64_t number; // n packets received
};
extern struct packet_inject_rule rule;
int packet_inject_main(int argc, char **argv);
#ifdef __cplusplus
}
#endif

177
test/packet_inject/packet_inject_plugin.cpp
View File

@@ -1,177 +0,0 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "stellar/layer.h"
#include "stellar/session_mq.h"
#include "packet_inject_main.h"
struct packet_inject_plugin_ctx
{
struct stellar *st;
int sess_plug_id;
int tcp_topic_id;
int udp_topic_id;
char name[64];
};
static void *on_sess_new(struct session *sess, void *plugin_ctx)
{
struct packet_inject_plugin_ctx *ctx = (struct packet_inject_plugin_ctx *)plugin_ctx;
printf("[%s] pluign handle session new: %s\n", ctx->name, session_get0_readable_addr(sess));
return NULL;
}
static void on_sess_free(struct session *sess, void *sess_ctx, void *plugin_ctx)
{
struct packet_inject_plugin_ctx *ctx = (struct packet_inject_plugin_ctx *)plugin_ctx;
printf("[%s] pluign handle session free: %s\n", ctx->name, session_get0_readable_addr(sess));
}
static void on_sess_msg(struct session *sess, int topic_id, const void *msg, void *sess_ctx, void *plugin_ctx)
{
struct packet_inject_plugin_ctx *ctx = (struct packet_inject_plugin_ctx *)plugin_ctx;
printf("[%s] pluign handle session msg: %s (C2S received packets: %lu, S2C received packets: %lu)\n",
ctx->name, session_get0_readable_addr(sess),
session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PACKETS_RECEIVED),
session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PACKETS_RECEIVED));
struct packet *pkt = (struct packet *)msg;
char buffer[1024] = {0};
int is_ip_hit = 0;
int is_port_hit = 0;
struct layer layer;
PACKET_FOREACH_LAYER_REVERSE(pkt, layer)
{
switch (layer.proto)
{
case LAYER_PROTO_IPV4:
if (memcmp(&layer.hdr.ip4->ip_src, &rule.addr4, sizeof(struct in_addr)) == 0 ||
memcmp(&layer.hdr.ip4->ip_dst, &rule.addr4, sizeof(struct in_addr)) == 0)
{
is_ip_hit = 1;
}
break;
case LAYER_PROTO_IPV6:
if (memcmp(&layer.hdr.ip6->ip6_src, &rule.addr6, sizeof(struct in6_addr)) == 0 ||
memcmp(&layer.hdr.ip6->ip6_dst, &rule.addr6, sizeof(struct in6_addr)) == 0)
{
is_ip_hit = 1;
}
break;
case LAYER_PROTO_TCP:
if (layer.hdr.tcp->th_sport == rule.port ||
layer.hdr.tcp->th_dport == rule.port)
{
is_port_hit = 1;
}
break;
case LAYER_PROTO_UDP:
if (layer.hdr.udp->uh_sport == rule.port ||
layer.hdr.udp->uh_dport == rule.port)
{
is_port_hit = 1;
}
break;
default:
break;
}
}
if (rule.family && !is_ip_hit)
{
return;
}
if (rule.port && !is_port_hit)
{
return;
}
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_INJECTED_PACKETS_SUCCESS) > 0 ||
session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_INJECTED_PACKETS_SUCCESS) > 0)
{
return;
}
if (rule.direction == AFTER_RECV_C2S_N_PACKET && session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PACKETS_RECEIVED) != rule.number)
{
return;
}
if (rule.direction == AFTER_RECV_S2C_N_PACKET && session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PACKETS_RECEIVED) != rule.number)
{
return;
}
switch (rule.inject_type)
{
case INJECT_TYPE_TCP_RST:
stellar_inject_tcp_rst(ctx->st, sess, FLOW_DIRECTION_C2S);
stellar_inject_tcp_rst(ctx->st, sess, FLOW_DIRECTION_S2C);
session_set_discard(sess);
break;
case INJECT_TYPE_TCP_FIN:
stellar_inject_tcp_fin(ctx->st, sess, FLOW_DIRECTION_C2S);
stellar_inject_tcp_fin(ctx->st, sess, FLOW_DIRECTION_S2C);
session_set_discard(sess);
break;
case INJECT_TYPE_TCP_PAYLOAD:
snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\nContent-Length: %d\r\n\r\n%s", 5 + 5 + 2, "Hello");
stellar_inject_tcp_payload(ctx->st, sess, FLOW_DIRECTION_S2C, buffer, strlen(buffer)); // inject payload to client
stellar_inject_tcp_payload(ctx->st, sess, FLOW_DIRECTION_S2C, "World\r\n", 7); // inject payload to client
stellar_inject_tcp_rst(ctx->st, sess, FLOW_DIRECTION_S2C); // inject RST to client
stellar_inject_tcp_rst(ctx->st, sess, FLOW_DIRECTION_C2S); // inject RST to server
session_set_discard(sess);
break;
case INJECT_TYPE_TCP_PAYLOAD_FIN_RST:
snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\nContent-Length: %d\r\n\r\n%s", 5 + 5 + 2, "Hello");
stellar_inject_tcp_payload(ctx->st, sess, FLOW_DIRECTION_S2C, buffer, strlen(buffer)); // inject payload to client
stellar_inject_tcp_payload(ctx->st, sess, FLOW_DIRECTION_S2C, "World\r\n", 7); // inject payload to client
stellar_inject_tcp_fin(ctx->st, sess, FLOW_DIRECTION_S2C); // inject FIN to client
stellar_inject_tcp_rst(ctx->st, sess, FLOW_DIRECTION_S2C); // inject RST to client
stellar_inject_tcp_fin(ctx->st, sess, FLOW_DIRECTION_C2S); // inject FIN to server
stellar_inject_tcp_rst(ctx->st, sess, FLOW_DIRECTION_C2S); // inject RST to server
session_set_discard(sess);
break;
case INJECT_TYPE_UDP_PAYLOAD:
stellar_inject_udp_payload(ctx->st, sess, FLOW_DIRECTION_C2S, "Hello Server", 12);
stellar_inject_udp_payload(ctx->st, sess, FLOW_DIRECTION_S2C, "Hello Client", 12);
session_set_discard(sess);
break;
case INJECT_TYPE_CTRL_MSG:
// TOOD
break;
default:
break;
}
}
extern "C"
{
void *packet_inject_plugin_init(struct stellar *st)
{
struct packet_inject_plugin_ctx *ctx = (struct packet_inject_plugin_ctx *)calloc(1, sizeof(struct packet_inject_plugin_ctx));
if (ctx == NULL)
{
return NULL;
}
ctx->st = st;
ctx->sess_plug_id = stellar_session_plugin_register(st, on_sess_new, on_sess_free, ctx);
ctx->tcp_topic_id = stellar_session_mq_get_topic_id(st, TOPIC_TCP);
ctx->udp_topic_id = stellar_session_mq_get_topic_id(st, TOPIC_UDP);
snprintf(ctx->name, sizeof(ctx->name), "packet_inject");
stellar_session_mq_subscribe(st, ctx->tcp_topic_id, on_sess_msg, ctx->sess_plug_id);
stellar_session_mq_subscribe(st, ctx->udp_topic_id, on_sess_msg, ctx->sess_plug_id);
printf("[%s] plugin init\n", ctx->name);
return ctx;
}
void packet_inject_plugin_exit(void *plugin_ctx)
{
struct packet_inject_plugin_ctx *ctx = (struct packet_inject_plugin_ctx *)plugin_ctx;
if (ctx)
{
printf("[%s] plugin exit\n", ctx->name);
free(ctx);
}
}
}

181
test/packet_inject/packet_inject_test.cpp
View File

@@ -1,181 +0,0 @@
#include <stdarg.h>
#include <unistd.h>
#include <sys/stat.h>
#include <gtest/gtest.h>
#include "packet_inject_test.h"
#include "packet_inject_main.h"
static int args_len(const char **args)
{
int i = 0;
while (args[i] != NULL)
{
i++;
}
return i;
}
static void system_cmd(const char *cmd, ...)
{
char buf[1024] = {0};
va_list args;
va_start(args, cmd);
vsnprintf(buf, sizeof(buf), cmd, args);
va_end(args);
system(buf);
}
static int replace_file_string(const char *file, const char *old_str, const char *new_str)
{
#define BUFFER_SIZE 1024
FILE *in_fp = fopen(file, "r");
if (in_fp == NULL)
{
printf("Open file %s failed, %s\n", file, strerror(errno));
return -1;
}
FILE *tmp_fp = tmpfile();
if (tmp_fp == NULL)
{
printf("Create temporary file failed, %s\n", strerror(errno));
fclose(in_fp);
return -1;
}
size_t old_len = strlen(old_str);
size_t new_len = strlen(new_str);
char buff[BUFFER_SIZE];
while (fgets(buff, BUFFER_SIZE, in_fp))
{
char *pos = buff;
if ((pos = strstr(pos, old_str)))
{
fwrite(buff, 1, pos - buff, tmp_fp); // Write characters before the old_str
fwrite(new_str, 1, new_len, tmp_fp); // Write the new_str
pos += old_len; // Move past the old_str
fwrite(pos, 1, strlen(pos), tmp_fp); // Write characters after the old_str
}
else
{
fputs(buff, tmp_fp); // Write the remaining part of the line
}
}
fclose(in_fp);
fseek(tmp_fp, 0, SEEK_SET);
FILE *out_fp = fopen(file, "w");
if (out_fp == NULL)
{
printf("Open file %s for writing failed, %s\n", file, strerror(errno));
fclose(tmp_fp);
return -1;
}
while (fgets(buff, BUFFER_SIZE, tmp_fp))
{
fputs(buff, out_fp); // Write the contents of the temporary file to the original file
}
fclose(tmp_fp);
fclose(out_fp);
return 0;
}
static void expect_cmp_inject(const char *expect_pcap_file, const char *inject_pcap_file, const char *diff_skip_pattern, int idx)
{
struct stat s;
char expect_pcap_json[1024] = {0};
char inject_pcap_json[1024] = {0};
char diff_json_txt[1024] = {0};
snprintf(expect_pcap_json, sizeof(expect_pcap_json), "expect_pcap_%d.json", idx);
snprintf(inject_pcap_json, sizeof(inject_pcap_json), "inject_pcap_%d.json", idx);
snprintf(diff_json_txt, sizeof(diff_json_txt), "json_diff_%d.txt", idx);
stat(expect_pcap_file, &s);
EXPECT_TRUE(s.st_size > 0);
stat(inject_pcap_file, &s);
EXPECT_TRUE(s.st_size > 0);
printf("\033[32m tcpdump read expect pcap (%s) \033[0m\n", expect_pcap_file);
system_cmd("tcpdump -r %s", expect_pcap_file);
printf("\033[32m tcpdump read inject pcap (%s) \033[0m\n", inject_pcap_file);
system_cmd("tcpdump -r %s", inject_pcap_file);
system_cmd("tshark -r %s -T json | jq >> %s", expect_pcap_file, expect_pcap_json);
system_cmd("tshark -r %s -T json | jq >> %s", inject_pcap_file, inject_pcap_json);
stat(expect_pcap_json, &s);
EXPECT_TRUE(s.st_size > 0);
stat(inject_pcap_json, &s);
EXPECT_TRUE(s.st_size > 0);
system_cmd("diff %s %s %s >> %s", diff_skip_pattern, expect_pcap_json, inject_pcap_json, diff_json_txt);
stat(diff_json_txt, &s);
EXPECT_TRUE(s.st_size == 0);
}
void packet_inject_test(struct packet_inject_case *test)
{
printf("\033[32m ============================================= \033[0m\n");
printf("\033[32mTest: %s\033[0m\n", test->descriptor);
printf("\033[32m ============================================= \033[0m\n");
// create directory
char dumpfile_dir[1024] = {0};
snprintf(dumpfile_dir, sizeof(dumpfile_dir), "%s/input/", test->work_dir);
system_cmd("rm -rf %s", test->work_dir);
system_cmd("mkdir -p %s", dumpfile_dir);
system_cmd("mkdir -p %s/log/", test->work_dir);
// copy file to work directory
for (int i = 0; i < MAX_COMPARISON; i++)
{
if (test->compares[i].expect_pcap)
{
system_cmd("cp %s/%s %s", test->input_prefix, test->compares[i].expect_pcap, test->work_dir);
}
}
system_cmd("cp %s/%s %s", test->input_prefix, test->input_pcap, dumpfile_dir);
system_cmd("cp -r conf %s/", test->work_dir);
system_cmd("cp -r plugin %s/", test->work_dir);
system_cmd("cp -r libpacket_inject_plugin.so %s/", test->work_dir);
// run packet injector
char cwd[2048] = {0};
char temp[2048] = {0};
getcwd(cwd, sizeof(cwd));
chdir(test->work_dir);
snprintf(temp, sizeof(temp), "dumpfile_dir = \"%s\"", dumpfile_dir);
EXPECT_TRUE(replace_file_string("./conf/stellar.toml", "mode = marsio", "mode = dumpfile") == 0);
EXPECT_TRUE(replace_file_string("./conf/stellar.toml", "dumpfile_dir = \"/tmp/dumpfile/\"", temp) == 0);
packet_inject_main(args_len(test->packet_injector_cmd), (char **)test->packet_injector_cmd);
// compare pcap
for (int i = 0; i < MAX_COMPARISON; i++)
{
if (test->compares[i].expect_pcap && test->compares[i].inject_pcap)
{
expect_cmp_inject(test->compares[i].expect_pcap, test->compares[i].inject_pcap, test->diff_skip_pattern, i + 1);
}
}
// clean work directory
if (test->finish_clean_work_dir)
{
system_cmd("rm -rf %s", test->work_dir);
}
chdir(cwd);
}

170
test/packet_inject/packet_inject_test.h
View File

@@ -5,15 +5,21 @@ extern "C"
{
#endif
#include <stdarg.h>
#include <unistd.h>
#include <sys/stat.h>
#include <gtest/gtest.h>
#include "stellar/stellar.h"
#define BUFFER_SIZE 1024
#define MAX_COMPARISON 16
struct packet_inject_case
{
int finish_clean_work_dir;
const char *descriptor;
const char *work_dir;
const char *input_prefix;
const char *pcap_dir;
const char *input_pcap;
struct
@@ -22,11 +28,165 @@ struct packet_inject_case
const char *inject_pcap;
} compares[MAX_COMPARISON];
const char *packet_injector_cmd[16];
const char *plugin_config_file;
const char *diff_skip_pattern;
};
void packet_inject_test(struct packet_inject_case *test);
static inline void system_cmd(const char *cmd, ...)
{
char buf[1024] = {0};
va_list args;
va_start(args, cmd);
vsnprintf(buf, sizeof(buf), cmd, args);
va_end(args);
system(buf);
}
static inline int replace_file_string(const char *file, const char *old_str, const char *new_str)
{
FILE *in_fp = fopen(file, "r");
if (in_fp == NULL)
{
printf("Open file %s failed, %s\n", file, strerror(errno));
return -1;
}
FILE *tmp_fp = tmpfile();
if (tmp_fp == NULL)
{
printf("Create temporary file failed, %s\n", strerror(errno));
fclose(in_fp);
return -1;
}
size_t old_len = strlen(old_str);
size_t new_len = strlen(new_str);
char buff[BUFFER_SIZE];
while (fgets(buff, BUFFER_SIZE, in_fp))
{
char *pos = buff;
if ((pos = strstr(pos, old_str)))
{
fwrite(buff, 1, pos - buff, tmp_fp); // Write characters before the old_str
fwrite(new_str, 1, new_len, tmp_fp); // Write the new_str
pos += old_len; // Move past the old_str
fwrite(pos, 1, strlen(pos), tmp_fp); // Write characters after the old_str
}
else
{
fputs(buff, tmp_fp); // Write the remaining part of the line
}
}
fclose(in_fp);
fseek(tmp_fp, 0, SEEK_SET);
FILE *out_fp = fopen(file, "w");
if (out_fp == NULL)
{
printf("Open file %s for writing failed, %s\n", file, strerror(errno));
fclose(tmp_fp);
return -1;
}
while (fgets(buff, BUFFER_SIZE, tmp_fp))
{
fputs(buff, out_fp); // Write the contents of the temporary file to the original file
}
fclose(tmp_fp);
fclose(out_fp);
return 0;
}
static inline void expect_cmp_inject(const char *expect_pcap_file, const char *inject_pcap_file, const char *diff_skip_pattern, int idx)
{
struct stat s;
char expect_pcap_json[1024] = {0};
char inject_pcap_json[1024] = {0};
char diff_json_txt[1024] = {0};
snprintf(expect_pcap_json, sizeof(expect_pcap_json), "expect_pcap_%d.json", idx);
snprintf(inject_pcap_json, sizeof(inject_pcap_json), "inject_pcap_%d.json", idx);
snprintf(diff_json_txt, sizeof(diff_json_txt), "json_diff_%d.txt", idx);
stat(expect_pcap_file, &s);
EXPECT_TRUE(s.st_size > 0);
stat(inject_pcap_file, &s);
EXPECT_TRUE(s.st_size > 0);
printf("\033[32m tcpdump read expect pcap (%s) \033[0m\n", expect_pcap_file);
system_cmd("tcpdump -r %s", expect_pcap_file);
printf("\033[32m tcpdump read inject pcap (%s) \033[0m\n", inject_pcap_file);
system_cmd("tcpdump -r %s", inject_pcap_file);
system_cmd("tshark -r %s -T json | jq >> %s", expect_pcap_file, expect_pcap_json);
system_cmd("tshark -r %s -T json | jq >> %s", inject_pcap_file, inject_pcap_json);
stat(expect_pcap_json, &s);
EXPECT_TRUE(s.st_size > 0);
stat(inject_pcap_json, &s);
EXPECT_TRUE(s.st_size > 0);
system_cmd("diff %s %s %s >> %s", diff_skip_pattern, expect_pcap_json, inject_pcap_json, diff_json_txt);
stat(diff_json_txt, &s);
EXPECT_TRUE(s.st_size == 0);
}
static inline void packet_inject_test(struct packet_inject_case *test)
{
// create directory
char dumpfile_dir[1024] = {0};
snprintf(dumpfile_dir, sizeof(dumpfile_dir), "%s/input/", test->work_dir);
system_cmd("rm -rf %s", test->work_dir);
system_cmd("mkdir -p %s/input/", test->work_dir);
system_cmd("mkdir -p %s/log/", test->work_dir);
system_cmd("mkdir -p %s/conf/", test->work_dir);
system_cmd("mkdir -p %s/plugin/", test->work_dir);
// copy file
for (int i = 0; i < MAX_COMPARISON; i++)
{
if (test->compares[i].expect_pcap)
{
system_cmd("cp %s/%s %s", test->pcap_dir, test->compares[i].expect_pcap, test->work_dir);
}
}
system_cmd("cp %s/%s %s/input/", test->pcap_dir, test->input_pcap, test->work_dir);
system_cmd("cp conf/log.toml %s/conf/", test->work_dir);
system_cmd("cp conf/stellar.toml %s/conf/", test->work_dir);
system_cmd("cp conf/spec.toml %s/plugin/", test->work_dir);
system_cmd("cp conf/%s %s/plugin/inject.toml", test->plugin_config_file, test->work_dir);
system_cmd("cp libpacket_inject.so %s/plugin/", test->work_dir);
// run
char cwd[2048] = {0};
char temp[2048] = {0};
getcwd(cwd, sizeof(cwd));
chdir(test->work_dir);
snprintf(temp, sizeof(temp), "dumpfile_dir = \"%s\"", dumpfile_dir);
EXPECT_TRUE(replace_file_string("./conf/stellar.toml", "mode = marsio", "mode = dumpfile") == 0);
EXPECT_TRUE(replace_file_string("./conf/stellar.toml", "dumpfile_dir = \"/tmp/dumpfile/\"", temp) == 0);
stellar_run(0, NULL);
// compare
for (int i = 0; i < MAX_COMPARISON; i++)
{
if (test->compares[i].expect_pcap && test->compares[i].inject_pcap)
{
expect_cmp_inject(test->compares[i].expect_pcap, test->compares[i].inject_pcap, test->diff_skip_pattern, i + 1);
}
}
chdir(cwd);
}
#ifdef __cplusplus
}

4
test/packet_inject/plugin/spec.toml
View File

@@ -1,4 +0,0 @@
[[plugin]]
path = "./libpacket_inject_plugin.so"
init = "packet_inject_plugin_init"
exit = "packet_inject_plugin_exit"

6
test/packet_inject/version.map
View File

@@ -1,7 +1,7 @@
LIBPACKET_INJECT_PLUGIN {
LIBPACKET_INJECT {
global:
packet_inject_plugin_init;
packet_inject_plugin_exit;
packet_inject_init;
packet_inject_exit;
local: *;
};

4
test/packet_parser/cmp_layers.sh
View File

@@ -2,8 +2,8 @@
input=$1
if [ -d "$input" ]; then
input_dir=$input
pcap_files=($(find ${input_dir} -type f -name "*.pcap"))
pcap_dir=$input
pcap_files=($(find ${pcap_dir} -type f -name "*.pcap"))
elif [ -f "$input" ]; then
input_file=$input
pcap_files=($input_file)