44 lines
1.9 KiB
Markdown
44 lines
1.9 KiB
Markdown
# Inject Packet
|
|
|
|
## 捕包
|
|
|
|
``` shell
|
|
/opt/tsg/mrzcpd/bin/mrpdump -- --pdump "dev_name=nf_0_fw,queue=*" --bpf-rule="host 192.0.2.110 and port 80" --dumpfile-path=/home/admin/fw.pcap
|
|
tcpdump -i virtio_dign_c host 192.0.2.110 and port 80 -n -v -w virtio_dign_c.pcap
|
|
tcpdump -i virtio_dign_s host 192.0.2.110 and port 80 -n -v -w virtio_dign_s.pcap
|
|
```
|
|
|
|
## 运行
|
|
|
|
``` shell
|
|
./packet_injector -t tcp-rst -c c2s-packet -n 1 # After recv SYN
|
|
./packet_injector -t tcp-rst -c s2c-packet -n 1 # After recv SYN-ACK
|
|
./packet_injector -t tcp-rst -c c2s-packet -n 2 # After recv Sub-ACK
|
|
./packet_injector -t tcp-rst -c c2s-packet -n 3 # After recv First-Payload
|
|
```
|
|
|
|
``` shell
|
|
./packet_injector -t tcp-fin -c c2s-packet -n 1 # After recv SYN
|
|
./packet_injector -t tcp-fin -c s2c-packet -n 1 # After recv SYN-ACK
|
|
./packet_injector -t tcp-fin -c c2s-packet -n 2 # After recv Sub-ACK
|
|
./packet_injector -t tcp-fin -c c2s-packet -n 3 # After recv First-Payload
|
|
```
|
|
|
|
## 拨测
|
|
|
|
``` shell
|
|
kubectl -n tsg-os-system exec -it dign-client-9h8rm -c dign-client sh
|
|
curl -v http://http.badssl.selftest.gdnt-cloud.website --resolve "http.badssl.selftest.gdnt-cloud.website:80:192.0.2.110"
|
|
```
|
|
|
|
## 结果
|
|
|
|
| -t | -c | -n | Note | result |
|
|
| ----------- | ----------- | ----------- | ---------------------------- | ----------- |
|
|
| tcp-rst | c2s-packet | 1 | After recv SYN | Failed |
|
|
| tcp-rst | s2c-packet | 1 | After recv SYN-ACK | Success |
|
|
| tcp-rst | c2s-packet | 2 | After recv Sub-ACK | Success |
|
|
| tcp-rst | c2s-packet | 3 | After recv C2S First-Payload | Success |
|
|
| tcp-rst | s2c-packet | 3 | After recv S2C First-payload | Success |
|
|
| tcp-payload | c2s-packet | 3 | After recv C2S First-Payload | Success |
|
|
| tcp-payload | s2c-packet | 3 | After recv S2C First-payload | Success | |