#include #include "packet_helper.h" #include "packet_private.h" #include "packet_parser.h" #include "session_private.h" #include "session_manager.h" #include "tcp_reassembly.h" #include "test_packets.h" struct session_manager_options opts = { // max session number .max_tcp_session_num = 256, .max_udp_session_num = 256, // session overload .tcp_overload_evict_old_sess = 1, // 1: evict old session, 0: bypass new session .udp_overload_evict_old_sess = 1, // 1: evict old session, 0: bypass new session // tcp timeout .tcp_init_timeout = 1, .tcp_handshake_timeout = 2, .tcp_data_timeout = 3, .tcp_half_closed_timeout = 4, .tcp_time_wait_timeout = 5, .tcp_discard_timeout = 6, .tcp_unverified_rst_timeout = 7, // udp timeout .udp_data_timeout = 8, .udp_discard_timeout = 0, // duplicate packet filter .duplicated_packet_filter_enable = 1, .duplicated_packet_filter_capacity = 1000, .duplicated_packet_filter_timeout = 10, .duplicated_packet_filter_error_rate = 0.0001, // evicted session filter .evicted_session_filter_enable = 1, .evicted_session_filter_capacity = 1000, .evicted_session_filter_timeout = 10, .evicted_session_filter_error_rate = 0.0001, // TCP Reassembly .tcp_reassembly_enable = 1, .tcp_reassembly_max_timeout = 60000, .tcp_reassembly_max_segments = 16, }; static void hex_dump(const char *payload, uint32_t len) { printf("Payload Length: %u\n", len); for (uint32_t i = 0; i < len; i++) { if (i > 0 && i % 16 == 0) { printf("\n"); } printf("%02x ", (uint8_t)payload[i]); } printf("\n"); } #if 1 TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER) { struct tcp_segment *seg; struct packet pkt; struct session *sess = NULL; struct session_manager *mgr = NULL; mgr = session_manager_new(&opts, 1); EXPECT_TRUE(mgr != NULL); // C2S SYN Packet printf("\n=> Packet Parse: TCP C2S SYN packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_out_of_order_pkt1, sizeof(tcp_out_of_order_pkt1)); printf("<= Packet Parse: done\n\n"); // lookup session EXPECT_TRUE(session_manager_lookup_session_by_packet(mgr, &pkt) == NULL); // new session sess = session_manager_new_session(mgr, &pkt, 1); EXPECT_TRUE(sess); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S ACK Packet printf("\n=> Packet Parse: TCP C2S ACK packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_out_of_order_pkt2, sizeof(tcp_out_of_order_pkt2)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S Data Packet 2222 printf("\n=> Packet Parse: TCP C2S Data packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_out_of_order_pkt3, sizeof(tcp_out_of_order_pkt3)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S Data Packet 3333 printf("\n=> Packet Parse: TCP C2S Data packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_out_of_order_pkt4, sizeof(tcp_out_of_order_pkt4)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 4) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S Data Packet 4444 printf("\n=> Packet Parse: TCP C2S Data packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_out_of_order_pkt5, sizeof(tcp_out_of_order_pkt5)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 5) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S Data Packet 5555 printf("\n=> Packet Parse: TCP C2S Data packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_out_of_order_pkt6, sizeof(tcp_out_of_order_pkt6)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 6) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S Data Packet 1111 printf("\n=> Packet Parse: TCP C2S Data packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_out_of_order_pkt7, sizeof(tcp_out_of_order_pkt7)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 7) == 0); /* * 11111111111111111111111111111111111111111111111111111111111111 * 22222222222222222222222222222222222222222222222222222222222222 * 33333333333333333333333333333333333333333333333333333333333333 * 44444444444444444444444444444444444444444444444444444444444444 * 55555555555555555555555555555555555555555555555555555555555555 */ unsigned char payload1[] = { 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x0a}; unsigned char payload2[] = { 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x0a}; unsigned char payload3[] = { 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x0a}; unsigned char payload4[] = { 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x0a}; unsigned char payload5[] = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x0a}; seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg != NULL); EXPECT_TRUE(seg->len == sizeof(payload1)); EXPECT_TRUE(memcmp((void *)seg->data, payload1, sizeof(payload1)) == 0); hex_dump((const char *)seg->data, seg->len); session_free_tcp_segment(sess, seg); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg != NULL); EXPECT_TRUE(seg->len == sizeof(payload2)); EXPECT_TRUE(memcmp((void *)seg->data, payload2, sizeof(payload2)) == 0); hex_dump((const char *)seg->data, seg->len); session_free_tcp_segment(sess, seg); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg != NULL); EXPECT_TRUE(seg->len == sizeof(payload3)); EXPECT_TRUE(memcmp((void *)seg->data, payload3, sizeof(payload3)) == 0); hex_dump((const char *)seg->data, seg->len); session_free_tcp_segment(sess, seg); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg != NULL); EXPECT_TRUE(seg->len == sizeof(payload4)); EXPECT_TRUE(memcmp((void *)seg->data, payload4, sizeof(payload4)) == 0); hex_dump((const char *)seg->data, seg->len); session_free_tcp_segment(sess, seg); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg != NULL); EXPECT_TRUE(seg->len == sizeof(payload5)); EXPECT_TRUE(memcmp((void *)seg->data, payload5, sizeof(payload5)) == 0); hex_dump((const char *)seg->data, seg->len); session_free_tcp_segment(sess, seg); // expire session EXPECT_TRUE(session_manager_get_expired_session(mgr, 7 + opts.tcp_data_timeout) == NULL); // active -> closing sess = session_manager_get_expired_session(mgr, 7 + opts.tcp_data_timeout + opts.tcp_data_timeout); // closing -> closed EXPECT_TRUE(sess); EXPECT_TRUE(session_get_current_state(sess) == SESSION_STATE_CLOSED); EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_TIMEOUT); session_print(sess); // free session session_manager_free_session(mgr, sess); session_manager_free(mgr); } #endif #if 1 TEST(SESS_MGR_TCP_REASSEMBLY, SEQ_WRAPAROUND) { struct tcp_segment *seg; struct packet pkt; struct session *sess = NULL; struct session_manager *mgr = NULL; mgr = session_manager_new(&opts, 1); EXPECT_TRUE(mgr != NULL); // C2S SYN Packet printf("\n=> Packet Parse: TCP C2S SYN packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_seq_wraparound_pkt1, sizeof(tcp_seq_wraparound_pkt1)); printf("<= Packet Parse: done\n\n"); // lookup session EXPECT_TRUE(session_manager_lookup_session_by_packet(mgr, &pkt) == NULL); // new session sess = session_manager_new_session(mgr, &pkt, 1); EXPECT_TRUE(sess); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S ACK Packet printf("\n=> Packet Parse: TCP C2S ACK packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_seq_wraparound_pkt2, sizeof(tcp_seq_wraparound_pkt2)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg == NULL); // C2S Data Packet printf("\n=> Packet Parse: TCP C2S Data packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_seq_wraparound_pkt3, sizeof(tcp_seq_wraparound_pkt3)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg != NULL); EXPECT_TRUE(seg->len == sizeof(tcp_seq_wraparound_pkt3_payload)); EXPECT_TRUE(memcmp((void *)seg->data, tcp_seq_wraparound_pkt3_payload, sizeof(tcp_seq_wraparound_pkt3_payload)) == 0); hex_dump((const char *)seg->data, seg->len); session_free_tcp_segment(sess, seg); // C2S Data Packet printf("\n=> Packet Parse: TCP C2S Data packet\n"); memset(&pkt, 0, sizeof(pkt)); packet_parse(&pkt, (const char *)tcp_seq_wraparound_pkt4, sizeof(tcp_seq_wraparound_pkt4)); printf("<= Packet Parse: done\n\n"); // lookup session sess = session_manager_lookup_session_by_packet(mgr, &pkt); EXPECT_TRUE(sess); // update session EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 4) == 0); seg = session_get_tcp_segment(sess); EXPECT_TRUE(seg != NULL); EXPECT_TRUE(seg->len == sizeof(tcp_seq_wraparound_pkt4_payload)); EXPECT_TRUE(memcmp((void *)seg->data, tcp_seq_wraparound_pkt4_payload, sizeof(tcp_seq_wraparound_pkt4_payload)) == 0); hex_dump((const char *)seg->data, seg->len); session_free_tcp_segment(sess, seg); // expire session EXPECT_TRUE(session_manager_get_expired_session(mgr, 4 + opts.tcp_data_timeout) == NULL); // active -> closing sess = session_manager_get_expired_session(mgr, 4 + opts.tcp_data_timeout + opts.tcp_data_timeout); // closing -> closed EXPECT_TRUE(sess); EXPECT_TRUE(session_get_current_state(sess) == SESSION_STATE_CLOSED); EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_TIMEOUT); session_print(sess); // free session session_manager_free_session(mgr, sess); session_manager_free(mgr); } #endif int main(int argc, char **argv) { ::testing::InitGoogleTest(&argc, argv); return RUN_ALL_TESTS(); }