4 * Copyright (C) 1993-1998 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
10 static const char sccsid[] = "%W% %G% (C)1995 Darren Reed";
11 static const char rcsid[] = "@(#)$Id: iptests.c,v 2.8.2.9 2007/09/13 07:19:34 darrenr Exp $";
13 #include <sys/param.h>
14 #include <sys/types.h>
15 #if defined(__NetBSD__) && defined(__vax__)
17 * XXX need to declare boolean_t for _KERNEL <sys/files.h>
18 * which ends up including <sys/device.h> for vax. See PR#32907
19 * for further details.
21 typedef int boolean_t;
26 # include <machine/lock.h>
30 # if !defined(solaris) && !defined(linux) && !defined(__sgi) && !defined(hpux)
31 # include <sys/file.h>
34 # include <sys/dditypes.h>
40 #if !defined(solaris) && !defined(linux) && !defined(__sgi)
42 # include <sys/user.h>
43 # include <sys/proc.h>
45 #if !defined(ultrix) && !defined(hpux) && !defined(linux) && \
46 !defined(__sgi) && !defined(__osf__) && !defined(_AIX51)
50 # include <sys/socket.h>
53 # include <sys/stream.h>
55 #include <sys/socketvar.h>
57 #include <sys/systm.h>
58 #include <sys/session.h>
61 # include <sys/sysctl.h>
62 # include <sys/filedesc.h>
65 #include <netinet/in_systm.h>
66 #include <sys/socket.h>
68 # define _NET_ROUTE_INCLUDED
71 # include "radix_ipf_local.h"
74 #if defined(linux) && (LINUX >= 0200)
75 # include <asm/atomic.h>
78 # if defined(__FreeBSD__)
79 # include "radix_ipf.h"
81 # include <net/route.h>
83 # define __KERNEL__ /* because there's a macro not wrapped by this */
84 # include <net/route.h> /* in this file :-/ */
86 #include <netinet/in.h>
87 #include <arpa/inet.h>
88 #include <netinet/ip.h>
90 # include <netinet/ip_var.h>
92 # include <netinet/in_pcb.h>
95 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
96 # include <sys/sysmacros.h>
103 # undef _NET_ROUTE_INCLUDED
106 #if !defined(linux) && !defined(__hpux)
107 # include <netinet/tcp_timer.h>
108 # include <netinet/tcp_var.h>
110 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106000000)
111 # define USE_NANOSLEEP
116 # define PAUSE() ts.tv_sec = 0; ts.tv_nsec = 10000000; \
117 (void) nanosleep(&ts, NULL)
119 # define PAUSE() tv.tv_sec = 0; tv.tv_usec = 10000; \
120 (void) select(0, NULL, NULL, NULL, &tv)
124 void ip_test1(dev, mtu, ip, gwip, ptest)
137 int nfd, i = 0, len, id = getpid();
139 IP_HL_A(ip, sizeof(*ip) >> 2);
140 IP_V_A(ip, IPVERSION);
144 ip->ip_p = IPPROTO_UDP;
146 u = (udphdr_t *)(ip + 1);
147 u->uh_sport = htons(1);
148 u->uh_dport = htons(9);
150 u->uh_ulen = htons(sizeof(*u) + 4);
151 ip->ip_len = sizeof(*ip) + ntohs(u->uh_ulen);
154 nfd = initdevice(dev, 1);
158 if (!ptest || (ptest == 1)) {
163 printf("1.1. sending packets with ip_hl < ip_len\n");
164 for (i = 0; i < ((sizeof(*ip) + ntohs(u->uh_ulen)) >> 2); i++) {
166 (void) send_ip(nfd, 1500, ip, gwip, 1);
174 if (!ptest || (ptest == 2)) {
179 printf("1.2. sending packets with ip_hl > ip_len\n");
180 for (; i < ((sizeof(*ip) * 2 + ntohs(u->uh_ulen)) >> 2); i++) {
182 (void) send_ip(nfd, 1500, ip, gwip, 1);
190 if (!ptest || (ptest == 3)) {
195 printf("1.3. ip_v < 4\n");
196 IP_HL_A(ip, sizeof(*ip) >> 2);
197 for (i = 0; i < 4; i++) {
199 (void) send_ip(nfd, 1500, ip, gwip, 1);
207 if (!ptest || (ptest == 4)) {
212 printf("1.4. ip_v > 4\n");
213 for (i = 5; i < 16; i++) {
215 (void) send_ip(nfd, 1500, ip, gwip, 1);
223 if (!ptest || (ptest == 5)) {
225 * Part5: len < packet
228 IP_V_A(ip, IPVERSION);
230 printf("1.5.0 ip_len < packet size (size++, long packets)\n");
231 for (; i < (ip->ip_len * 2); i++) {
232 ip->ip_id = htons(id++);
234 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
235 (void) send_ether(nfd, (char *)ip, i, gwip);
241 printf("1.5.1 ip_len < packet size (ip_len-, short packets)\n");
242 for (i = len; i > 0; i--) {
243 ip->ip_id = htons(id++);
246 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
247 (void) send_ether(nfd, (char *)ip, len, gwip);
255 if (!ptest || (ptest == 6)) {
257 * Part6: len > packet
260 printf("1.6.0 ip_len > packet size (increase ip_len)\n");
261 for (i = len + 1; i < (len * 2); i++) {
262 ip->ip_id = htons(id++);
265 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
266 (void) send_ether(nfd, (char *)ip, len, gwip);
273 printf("1.6.1 ip_len > packet size (size--, short packets)\n");
274 for (i = len; i > 0; i--) {
275 ip->ip_id = htons(id++);
277 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
278 (void) send_ether(nfd, (char *)ip, i, gwip);
286 if (!ptest || (ptest == 7)) {
288 * Part7: 0 length fragment
290 printf("1.7.0 Zero length fragments (ip_off = 0x2000)\n");
292 ip->ip_len = sizeof(*ip);
293 ip->ip_off = htons(IP_MF);
294 (void) send_ip(nfd, mtu, ip, gwip, 1);
298 printf("1.7.1 Zero length fragments (ip_off = 0x3000)\n");
300 ip->ip_len = sizeof(*ip);
301 ip->ip_off = htons(IP_MF);
302 (void) send_ip(nfd, mtu, ip, gwip, 1);
306 printf("1.7.2 Zero length fragments (ip_off = 0xa000)\n");
308 ip->ip_len = sizeof(*ip);
309 ip->ip_off = htons(0xa000);
310 (void) send_ip(nfd, mtu, ip, gwip, 1);
314 printf("1.7.3 Zero length fragments (ip_off = 0x0100)\n");
316 ip->ip_len = sizeof(*ip);
317 ip->ip_off = htons(0x0100);
318 (void) send_ip(nfd, mtu, ip, gwip, 1);
323 if (!ptest || (ptest == 8)) {
326 gettimeofday(&tv, NULL);
327 srand(tv.tv_sec ^ getpid() ^ tv.tv_usec);
329 * Part8.1: 63k packet + 1k fragment at offset 0x1ffe
330 * Mark it as being ICMP (so it doesn't get junked), but
331 * don't bother about the ICMP header, we're not worrying
334 ip->ip_p = IPPROTO_ICMP;
335 ip->ip_off = htons(IP_MF);
336 u->uh_dport = htons(9);
337 ip->ip_id = htons(id++);
338 printf("1.8.1 63k packet + 1k fragment at offset 0x1ffe\n");
339 ip->ip_len = 768 + 20 + 8;
340 (void) send_ip(nfd, mtu, ip, gwip, 1);
343 ip->ip_len = MIN(768 + 20, mtu - 68);
345 for (; i < (63 * 1024 + 768); i += 768) {
346 ip->ip_off = htons(IP_MF | (i >> 3));
347 (void) send_ip(nfd, mtu, ip, gwip, 1);
352 ip->ip_len = 896 + 20;
353 ip->ip_off = htons(i >> 3);
354 (void) send_ip(nfd, mtu, ip, gwip, 1);
360 * Part8.2: 63k packet + 1k fragment at offset 0x1ffe
361 * Mark it as being ICMP (so it doesn't get junked), but
362 * don't bother about the ICMP header, we're not worrying
363 * about that here. (Lossage here)
365 ip->ip_p = IPPROTO_ICMP;
366 ip->ip_off = htons(IP_MF);
367 u->uh_dport = htons(9);
368 ip->ip_id = htons(id++);
369 printf("1.8.2 63k packet + 1k fragment at offset 0x1ffe\n");
370 ip->ip_len = 768 + 20 + 8;
371 if ((rand() & 0x1f) != 0) {
372 (void) send_ip(nfd, mtu, ip, gwip, 1);
377 ip->ip_len = MIN(768 + 20, mtu - 68);
379 for (; i < (63 * 1024 + 768); i += 768) {
380 ip->ip_off = htons(IP_MF | (i >> 3));
381 if ((rand() & 0x1f) != 0) {
382 (void) send_ip(nfd, mtu, ip, gwip, 1);
385 printf("skip %d\n", i);
389 ip->ip_len = 896 + 20;
390 ip->ip_off = htons(i >> 3);
391 if ((rand() & 0x1f) != 0) {
392 (void) send_ip(nfd, mtu, ip, gwip, 1);
400 * Part8.3: 33k packet - test for not dealing with -ve length
401 * Mark it as being ICMP (so it doesn't get junked), but
402 * don't bother about the ICMP header, we're not worrying
405 ip->ip_p = IPPROTO_ICMP;
406 ip->ip_off = htons(IP_MF);
407 u->uh_dport = htons(9);
408 ip->ip_id = htons(id++);
409 printf("1.8.3 33k packet\n");
410 ip->ip_len = 768 + 20 + 8;
411 (void) send_ip(nfd, mtu, ip, gwip, 1);
414 ip->ip_len = MIN(768 + 20, mtu - 68);
416 for (; i < (32 * 1024 + 768); i += 768) {
417 ip->ip_off = htons(IP_MF | (i >> 3));
418 (void) send_ip(nfd, mtu, ip, gwip, 1);
423 ip->ip_len = 896 + 20;
424 ip->ip_off = htons(i >> 3);
425 (void) send_ip(nfd, mtu, ip, gwip, 1);
433 if (!ptest || (ptest == 9)) {
435 * Part9: off & 0x8000 == 0x8000
438 ip->ip_off = htons(0x8000);
439 printf("1.9. ip_off & 0x8000 == 0x8000\n");
440 (void) send_ip(nfd, mtu, ip, gwip, 1);
447 if (!ptest || (ptest == 10)) {
453 printf("1.10.0 ip_ttl = 255\n");
454 (void) send_ip(nfd, mtu, ip, gwip, 1);
459 printf("1.10.1 ip_ttl = 128\n");
460 (void) send_ip(nfd, mtu, ip, gwip, 1);
465 printf("1.10.2 ip_ttl = 0\n");
466 (void) send_ip(nfd, mtu, ip, gwip, 1);
475 void ip_test2(dev, mtu, ip, gwip, ptest)
491 nfd = initdevice(dev, 1);
496 ip->ip_len = IP_HL(ip) << 2;
497 s = (u_char *)(ip + 1);
498 s[IPOPT_OPTVAL] = IPOPT_NOP;
500 if (!ptest || (ptest == 1)) {
502 * Test 1: option length > packet length,
503 * header length == packet length
505 s[IPOPT_OPTVAL] = IPOPT_TS;
507 s[IPOPT_OFFSET] = IPOPT_MINOFF;
508 ip->ip_p = IPPROTO_IP;
509 printf("2.1 option length > packet length\n");
510 (void) send_ip(nfd, mtu, ip, gwip, 1);
516 ip->ip_len = IP_HL(ip) << 2;
517 if (!ptest || (ptest == 1)) {
519 * Test 2: options have length = 0
521 printf("2.2.1 option length = 0, RR\n");
522 s[IPOPT_OPTVAL] = IPOPT_RR;
524 (void) send_ip(nfd, mtu, ip, gwip, 1);
528 printf("2.2.2 option length = 0, TS\n");
529 s[IPOPT_OPTVAL] = IPOPT_TS;
531 (void) send_ip(nfd, mtu, ip, gwip, 1);
535 printf("2.2.3 option length = 0, SECURITY\n");
536 s[IPOPT_OPTVAL] = IPOPT_SECURITY;
538 (void) send_ip(nfd, mtu, ip, gwip, 1);
542 printf("2.2.4 option length = 0, LSRR\n");
543 s[IPOPT_OPTVAL] = IPOPT_LSRR;
545 (void) send_ip(nfd, mtu, ip, gwip, 1);
549 printf("2.2.5 option length = 0, SATID\n");
550 s[IPOPT_OPTVAL] = IPOPT_SATID;
552 (void) send_ip(nfd, mtu, ip, gwip, 1);
556 printf("2.2.6 option length = 0, SSRR\n");
557 s[IPOPT_OPTVAL] = IPOPT_SSRR;
559 (void) send_ip(nfd, mtu, ip, gwip, 1);
571 void ip_test3(dev, mtu, ip, gwip, ptest)
578 static int ict1[10] = { 8, 9, 10, 13, 14, 15, 16, 17, 18, 0 };
579 static int ict2[8] = { 3, 9, 10, 13, 14, 17, 18, 0 };
588 IP_HL_A(ip, sizeof(*ip) >> 2);
589 IP_V_A(ip, IPVERSION);
593 ip->ip_p = IPPROTO_ICMP;
595 ip->ip_len = sizeof(*ip) + sizeof(*icp);
596 icp = (struct icmp *)((char *)ip + (IP_HL(ip) << 2));
598 nfd = initdevice(dev, 1);
602 if (!ptest || (ptest == 1)) {
604 * Type 0 - 31, 255, code = 0
606 bzero((char *)icp, sizeof(*icp));
607 for (i = 0; i < 32; i++) {
609 (void) send_icmp(nfd, mtu, ip, gwip);
611 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, i);
613 icp->icmp_type = 255;
614 (void) send_icmp(nfd, mtu, ip, gwip);
616 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, 255);
620 if (!ptest || (ptest == 2)) {
622 * Type 3, code = 0 - 31
625 for (i = 0; i < 32; i++) {
627 (void) send_icmp(nfd, mtu, ip, gwip);
629 printf("3.2.%d ICMP type 3 code %d (all 0's)\r", i, i);
633 if (!ptest || (ptest == 3)) {
635 * Type 4, code = 0,127,128,255
639 (void) send_icmp(nfd, mtu, ip, gwip);
641 printf("3.3.1 ICMP type 4 code 0 (all 0's)\r");
642 icp->icmp_code = 127;
643 (void) send_icmp(nfd, mtu, ip, gwip);
645 printf("3.3.2 ICMP type 4 code 127 (all 0's)\r");
646 icp->icmp_code = 128;
647 (void) send_icmp(nfd, mtu, ip, gwip);
649 printf("3.3.3 ICMP type 4 code 128 (all 0's)\r");
650 icp->icmp_code = 255;
651 (void) send_icmp(nfd, mtu, ip, gwip);
653 printf("3.3.4 ICMP type 4 code 255 (all 0's)\r");
656 if (!ptest || (ptest == 4)) {
658 * Type 5, code = 0,127,128,255
662 (void) send_icmp(nfd, mtu, ip, gwip);
664 printf("3.4.1 ICMP type 5 code 0 (all 0's)\r");
665 icp->icmp_code = 127;
666 (void) send_icmp(nfd, mtu, ip, gwip);
668 printf("3.4.2 ICMP type 5 code 127 (all 0's)\r");
669 icp->icmp_code = 128;
670 (void) send_icmp(nfd, mtu, ip, gwip);
672 printf("3.4.3 ICMP type 5 code 128 (all 0's)\r");
673 icp->icmp_code = 255;
674 (void) send_icmp(nfd, mtu, ip, gwip);
676 printf("3.4.4 ICMP type 5 code 255 (all 0's)\r");
679 if (!ptest || (ptest == 5)) {
681 * Type 8-10;13-18, code - 0,127,128,255
683 for (i = 0; ict1[i]; i++) {
684 icp->icmp_type = ict1[i];
686 (void) send_icmp(nfd, mtu, ip, gwip);
688 printf("3.5.%d ICMP type 5 code 0 (all 0's)\r",
690 icp->icmp_code = 127;
691 (void) send_icmp(nfd, mtu, ip, gwip);
693 printf("3.5.%d ICMP type 5 code 127 (all 0's)\r",
695 icp->icmp_code = 128;
696 (void) send_icmp(nfd, mtu, ip, gwip);
698 printf("3.5.%d ICMP type 5 code 128 (all 0's)\r",
700 icp->icmp_code = 255;
701 (void) send_icmp(nfd, mtu, ip, gwip);
703 printf("3.5.%d ICMP type 5 code 255 (all 0's)\r",
709 if (!ptest || (ptest == 6)) {
711 * Type 12, code - 0,127,128,129,255
715 (void) send_icmp(nfd, mtu, ip, gwip);
717 printf("3.6.1 ICMP type 12 code 0 (all 0's)\r");
718 icp->icmp_code = 127;
719 (void) send_icmp(nfd, mtu, ip, gwip);
721 printf("3.6.2 ICMP type 12 code 127 (all 0's)\r");
722 icp->icmp_code = 128;
723 (void) send_icmp(nfd, mtu, ip, gwip);
725 printf("3.6.3 ICMP type 12 code 128 (all 0's)\r");
726 icp->icmp_code = 129;
727 (void) send_icmp(nfd, mtu, ip, gwip);
729 printf("3.6.4 ICMP type 12 code 129 (all 0's)\r");
730 icp->icmp_code = 255;
731 (void) send_icmp(nfd, mtu, ip, gwip);
733 printf("3.6.5 ICMP type 12 code 255 (all 0's)\r");
737 if (!ptest || (ptest == 7)) {
739 * Type 3;9-10;13-14;17-18 - shorter packets
741 ip->ip_len = sizeof(*ip) + sizeof(*icp) / 2;
742 for (i = 0; ict2[i]; i++) {
743 icp->icmp_type = ict1[i];
745 (void) send_icmp(nfd, mtu, ip, gwip);
747 printf("3.5.%d ICMP type %d code 0 (all 0's)\r",
748 i * 4, icp->icmp_type);
749 icp->icmp_code = 127;
750 (void) send_icmp(nfd, mtu, ip, gwip);
752 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
753 i * 4 + 1, icp->icmp_type);
754 icp->icmp_code = 128;
755 (void) send_icmp(nfd, mtu, ip, gwip);
757 printf("3.5.%d ICMP type %d code 128 (all 0's)\r",
758 i * 4 + 2, icp->icmp_type);
759 icp->icmp_code = 255;
760 (void) send_icmp(nfd, mtu, ip, gwip);
762 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
763 i * 4 + 3, icp->icmp_type);
770 /* Perform test 4 (UDP) */
772 void ip_test4(dev, mtu, ip, gwip, ptest)
788 IP_HL_A(ip, sizeof(*ip) >> 2);
789 IP_V_A(ip, IPVERSION);
793 ip->ip_p = IPPROTO_UDP;
795 u = (udphdr_t *)((char *)ip + (IP_HL(ip) << 2));
796 u->uh_sport = htons(1);
797 u->uh_dport = htons(1);
798 u->uh_ulen = htons(sizeof(*u) + 4);
800 nfd = initdevice(dev, 1);
804 if (!ptest || (ptest == 1)) {
806 * Test 1. ulen > packet
808 u->uh_ulen = htons(sizeof(*u) + 4);
809 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
810 printf("4.1 UDP uh_ulen > packet size - short packets\n");
811 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
812 u->uh_ulen = htons(i);
813 (void) send_udp(nfd, 1500, ip, gwip);
821 if (!ptest || (ptest == 2)) {
823 * Test 2. ulen < packet
825 u->uh_ulen = htons(sizeof(*u) + 4);
826 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
827 printf("4.2 UDP uh_ulen < packet size - short packets\n");
828 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
830 (void) send_udp(nfd, 1500, ip, gwip);
838 if (!ptest || (ptest == 3)) {
840 * Test 3: sport = 0, sport = 1, sport = 32767
841 * sport = 32768, sport = 65535
843 u->uh_ulen = sizeof(*u) + 4;
844 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
845 printf("4.3.1 UDP sport = 0\n");
847 (void) send_udp(nfd, 1500, ip, gwip);
851 printf("4.3.2 UDP sport = 1\n");
852 u->uh_sport = htons(1);
853 (void) send_udp(nfd, 1500, ip, gwip);
857 printf("4.3.3 UDP sport = 32767\n");
858 u->uh_sport = htons(32767);
859 (void) send_udp(nfd, 1500, ip, gwip);
863 printf("4.3.4 UDP sport = 32768\n");
864 u->uh_sport = htons(32768);
865 (void) send_udp(nfd, 1500, ip, gwip);
870 printf("4.3.5 UDP sport = 65535\n");
871 u->uh_sport = htons(65535);
872 (void) send_udp(nfd, 1500, ip, gwip);
878 if (!ptest || (ptest == 4)) {
880 * Test 4: dport = 0, dport = 1, dport = 32767
881 * dport = 32768, dport = 65535
883 u->uh_ulen = ntohs(sizeof(*u) + 4);
884 u->uh_sport = htons(1);
885 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
886 printf("4.4.1 UDP dport = 0\n");
888 (void) send_udp(nfd, 1500, ip, gwip);
892 printf("4.4.2 UDP dport = 1\n");
893 u->uh_dport = htons(1);
894 (void) send_udp(nfd, 1500, ip, gwip);
898 printf("4.4.3 UDP dport = 32767\n");
899 u->uh_dport = htons(32767);
900 (void) send_udp(nfd, 1500, ip, gwip);
904 printf("4.4.4 UDP dport = 32768\n");
905 u->uh_dport = htons(32768);
906 (void) send_udp(nfd, 1500, ip, gwip);
910 printf("4.4.5 UDP dport = 65535\n");
911 u->uh_dport = htons(65535);
912 (void) send_udp(nfd, 1500, ip, gwip);
918 if (!ptest || (ptest == 5)) {
920 * Test 5: sizeof(ip_t) <= MTU <= sizeof(udphdr_t) +
923 printf("4.5 UDP 20 <= MTU <= 32\n");
924 for (i = sizeof(*ip); i <= ntohs(u->uh_ulen); i++) {
925 (void) send_udp(nfd, i, ip, gwip);
935 /* Perform test 5 (TCP) */
937 void ip_test5(dev, mtu, ip, gwip, ptest)
952 t = (tcphdr_t *)((char *)ip + (IP_HL(ip) << 2));
953 #if !defined(linux) && !defined(__osf__)
957 t->th_sport = htons(1);
958 t->th_dport = htons(1);
959 t->th_win = htons(4096);
962 t->th_seq = htonl(1);
964 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
966 nfd = initdevice(dev, 1);
970 if (!ptest || (ptest == 1)) {
972 * Test 1: flags variations, 0 - 3f
974 TCP_OFF_A(t, sizeof(*t) >> 2);
975 printf("5.1 Test TCP flag combinations\n");
976 for (i = 0; i <= (TH_URG|TH_ACK|TH_PUSH|TH_RST|TH_SYN|TH_FIN);
979 (void) send_tcp(nfd, mtu, ip, gwip);
987 if (!ptest || (ptest == 2)) {
988 t->th_flags = TH_SYN;
990 * Test 2: seq = 0, seq = 1, seq = 0x7fffffff, seq=0x80000000,
991 * seq = 0xa000000, seq = 0xffffffff
993 printf("5.2.1 TCP seq = 0\n");
994 t->th_seq = htonl(0);
995 (void) send_tcp(nfd, mtu, ip, gwip);
999 printf("5.2.2 TCP seq = 1\n");
1000 t->th_seq = htonl(1);
1001 (void) send_tcp(nfd, mtu, ip, gwip);
1005 printf("5.2.3 TCP seq = 0x7fffffff\n");
1006 t->th_seq = htonl(0x7fffffff);
1007 (void) send_tcp(nfd, mtu, ip, gwip);
1011 printf("5.2.4 TCP seq = 0x80000000\n");
1012 t->th_seq = htonl(0x80000000);
1013 (void) send_tcp(nfd, mtu, ip, gwip);
1017 printf("5.2.5 TCP seq = 0xc0000000\n");
1018 t->th_seq = htonl(0xc0000000);
1019 (void) send_tcp(nfd, mtu, ip, gwip);
1023 printf("5.2.6 TCP seq = 0xffffffff\n");
1024 t->th_seq = htonl(0xffffffff);
1025 (void) send_tcp(nfd, mtu, ip, gwip);
1030 if (!ptest || (ptest == 3)) {
1031 t->th_flags = TH_ACK;
1033 * Test 3: ack = 0, ack = 1, ack = 0x7fffffff, ack = 0x8000000
1034 * ack = 0xa000000, ack = 0xffffffff
1036 printf("5.3.1 TCP ack = 0\n");
1038 (void) send_tcp(nfd, mtu, ip, gwip);
1042 printf("5.3.2 TCP ack = 1\n");
1043 t->th_ack = htonl(1);
1044 (void) send_tcp(nfd, mtu, ip, gwip);
1048 printf("5.3.3 TCP ack = 0x7fffffff\n");
1049 t->th_ack = htonl(0x7fffffff);
1050 (void) send_tcp(nfd, mtu, ip, gwip);
1054 printf("5.3.4 TCP ack = 0x80000000\n");
1055 t->th_ack = htonl(0x80000000);
1056 (void) send_tcp(nfd, mtu, ip, gwip);
1060 printf("5.3.5 TCP ack = 0xc0000000\n");
1061 t->th_ack = htonl(0xc0000000);
1062 (void) send_tcp(nfd, mtu, ip, gwip);
1066 printf("5.3.6 TCP ack = 0xffffffff\n");
1067 t->th_ack = htonl(0xffffffff);
1068 (void) send_tcp(nfd, mtu, ip, gwip);
1073 if (!ptest || (ptest == 4)) {
1074 t->th_flags = TH_SYN;
1076 * Test 4: win = 0, win = 32768, win = 65535
1078 printf("5.4.1 TCP win = 0\n");
1079 t->th_seq = htonl(0);
1080 (void) send_tcp(nfd, mtu, ip, gwip);
1084 printf("5.4.2 TCP win = 32768\n");
1085 t->th_seq = htonl(0x7fff);
1086 (void) send_tcp(nfd, mtu, ip, gwip);
1090 printf("5.4.3 TCP win = 65535\n");
1091 t->th_win = htons(0xffff);
1092 (void) send_tcp(nfd, mtu, ip, gwip);
1097 #if !defined(linux) && !defined(__SVR4) && !defined(__svr4__) && \
1098 !defined(__sgi) && !defined(__hpux) && !defined(__osf__)
1100 struct tcpcb *tcbp, tcb;
1102 struct sockaddr_in sin;
1106 bzero((char *)&sin, sizeof(sin));
1108 for (i = 1; i < 63; i++) {
1109 fd = socket(AF_INET, SOCK_STREAM, 0);
1110 bzero((char *)&sin, sizeof(sin));
1111 sin.sin_addr.s_addr = ip->ip_dst.s_addr;
1112 sin.sin_port = htons(i);
1113 sin.sin_family = AF_INET;
1114 if (!connect(fd, (struct sockaddr *)&sin, sizeof(sin)))
1120 printf("Couldn't open a TCP socket between ports 1 and 63\n");
1121 printf("to host %s for test 5 and 6 - skipping.\n",
1122 inet_ntoa(ip->ip_dst));
1123 goto skip_five_and_six;
1126 bcopy((char *)ip, (char *)&ti, sizeof(*ip));
1127 t->th_dport = htons(i);
1129 if (!getsockname(fd, (struct sockaddr *)&sin, &slen))
1130 t->th_sport = sin.sin_port;
1131 if (!(tcbp = find_tcp(fd, &ti))) {
1132 printf("Can't find PCB\n");
1133 goto skip_five_and_six;
1135 KMCPY(&tcb, tcbp, sizeof(tcb));
1136 ti.ti_win = tcb.rcv_adv;
1137 ti.ti_seq = htonl(tcb.snd_nxt - 1);
1138 ti.ti_ack = tcb.rcv_nxt;
1140 if (!ptest || (ptest == 5)) {
1144 t->th_flags = TH_ACK|TH_URG;
1145 printf("5.5.1 TCP Urgent pointer, sport %hu dport %hu\n",
1146 ntohs(t->th_sport), ntohs(t->th_dport));
1147 t->th_urp = htons(1);
1148 (void) send_tcp(nfd, mtu, ip, gwip);
1151 t->th_seq = htonl(tcb.snd_nxt);
1152 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t) + 1;
1153 t->th_urp = htons(0x7fff);
1154 (void) send_tcp(nfd, mtu, ip, gwip);
1156 t->th_urp = htons(0x8000);
1157 (void) send_tcp(nfd, mtu, ip, gwip);
1159 t->th_urp = htons(0xffff);
1160 (void) send_tcp(nfd, mtu, ip, gwip);
1163 t->th_flags &= ~TH_URG;
1164 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1167 if (!ptest || (ptest == 6)) {
1169 * Test 6: data offset, off = 0, off is inside, off is outside
1171 t->th_flags = TH_ACK;
1172 printf("5.6.1 TCP off = 1-15, len = 40\n");
1173 for (i = 1; i < 16; i++) {
1174 TCP_OFF_A(t, ntohs(i));
1175 (void) send_tcp(nfd, mtu, ip, gwip);
1181 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1188 t->th_seq = htonl(1);
1189 t->th_ack = htonl(1);
1192 if (!ptest || (ptest == 7)) {
1193 t->th_flags = TH_SYN;
1195 * Test 7: sport = 0, sport = 1, sport = 32767
1196 * sport = 32768, sport = 65535
1198 printf("5.7.1 TCP sport = 0\n");
1200 (void) send_tcp(nfd, mtu, ip, gwip);
1204 printf("5.7.2 TCP sport = 1\n");
1205 t->th_sport = htons(1);
1206 (void) send_tcp(nfd, mtu, ip, gwip);
1210 printf("5.7.3 TCP sport = 32767\n");
1211 t->th_sport = htons(32767);
1212 (void) send_tcp(nfd, mtu, ip, gwip);
1216 printf("5.7.4 TCP sport = 32768\n");
1217 t->th_sport = htons(32768);
1218 (void) send_tcp(nfd, mtu, ip, gwip);
1222 printf("5.7.5 TCP sport = 65535\n");
1223 t->th_sport = htons(65535);
1224 (void) send_tcp(nfd, mtu, ip, gwip);
1229 if (!ptest || (ptest == 8)) {
1230 t->th_sport = htons(1);
1231 t->th_flags = TH_SYN;
1233 * Test 8: dport = 0, dport = 1, dport = 32767
1234 * dport = 32768, dport = 65535
1236 printf("5.8.1 TCP dport = 0\n");
1238 (void) send_tcp(nfd, mtu, ip, gwip);
1242 printf("5.8.2 TCP dport = 1\n");
1243 t->th_dport = htons(1);
1244 (void) send_tcp(nfd, mtu, ip, gwip);
1248 printf("5.8.3 TCP dport = 32767\n");
1249 t->th_dport = htons(32767);
1250 (void) send_tcp(nfd, mtu, ip, gwip);
1254 printf("5.8.4 TCP dport = 32768\n");
1255 t->th_dport = htons(32768);
1256 (void) send_tcp(nfd, mtu, ip, gwip);
1260 printf("5.8.5 TCP dport = 65535\n");
1261 t->th_dport = htons(65535);
1262 (void) send_tcp(nfd, mtu, ip, gwip);
1267 /* LAND attack - self connect, so make src & dst ip/port the same */
1268 if (!ptest || (ptest == 9)) {
1269 printf("5.9 TCP LAND attack. sport = 25, dport = 25\n");
1270 /* chose SMTP port 25 */
1271 t->th_sport = htons(25);
1272 t->th_dport = htons(25);
1273 t->th_flags = TH_SYN;
1274 ip->ip_src = ip->ip_dst;
1275 (void) send_tcp(nfd, mtu, ip, gwip);
1280 /* TCP options header checking */
1281 /* 0 length options, etc */
1285 /* Perform test 6 (exhaust mbuf test) */
1287 void ip_test6(dev, mtu, ip, gwip, ptest)
1291 struct in_addr gwip;
1294 #ifdef USE_NANOSLEEP
1302 IP_V_A(ip, IPVERSION);
1306 ip->ip_p = IPPROTO_UDP;
1308 u = (udphdr_t *)(ip + 1);
1309 u->uh_sport = htons(1);
1310 u->uh_dport = htons(9);
1313 nfd = initdevice(dev, 1);
1317 u->uh_ulen = htons(7168);
1319 printf("6. Exhaustive mbuf test.\n");
1320 printf(" Send 7k packet in 768 & 128 byte fragments, 128 times.\n");
1321 printf(" Total of around 8,900 packets\n");
1322 for (i = 0; i < 128; i++) {
1324 * First send the entire packet in 768 byte chunks.
1326 ip->ip_len = sizeof(*ip) + 768 + sizeof(*u);
1327 IP_HL_A(ip, sizeof(*ip) >> 2);
1328 ip->ip_off = htons(IP_MF);
1329 (void) send_ip(nfd, 1500, ip, gwip, 1);
1330 printf("%d %d\r", i, 0);
1334 * And again using 128 byte chunks.
1336 ip->ip_len = sizeof(*ip) + 128 + sizeof(*u);
1337 ip->ip_off = htons(IP_MF);
1338 (void) send_ip(nfd, 1500, ip, gwip, 1);
1339 printf("%d %d\r", i, 0);
1343 for (j = 768; j < 3584; j += 768) {
1344 ip->ip_len = sizeof(*ip) + 768;
1345 ip->ip_off = htons(IP_MF|(j>>3));
1346 (void) send_ip(nfd, 1500, ip, gwip, 1);
1347 printf("%d %d\r", i, j);
1351 ip->ip_len = sizeof(*ip) + 128;
1352 for (k = j - 768; k < j; k += 128) {
1353 ip->ip_off = htons(IP_MF|(k>>3));
1354 (void) send_ip(nfd, 1500, ip, gwip, 1);
1355 printf("%d %d\r", i, k);
1365 /* Perform test 7 (random packets) */
1367 static u_long tbuf[64];
1369 void ip_test7(dev, mtu, ip, gwip, ptest)
1373 struct in_addr gwip;
1377 #ifdef USE_NANOSLEEP
1385 nfd = initdevice(dev, 1);
1391 srand(time(NULL) ^ (getpid() * getppid()));
1393 printf("7. send 1024 random IP packets.\n");
1395 for (i = 0; i < 512; i++) {
1396 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1397 *s = (rand() >> 13) & 0xff;
1398 IP_V_A(pip, IPVERSION);
1399 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1400 sizeof(struct in_addr));
1402 pip->ip_len &= 0xff;
1403 (void) send_ip(nfd, mtu, pip, gwip, 0);
1410 for (i = 0; i < 512; i++) {
1411 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1412 *s = (rand() >> 13) & 0xff;
1413 IP_V_A(pip, IPVERSION);
1414 pip->ip_off &= htons(0xc000);
1415 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1416 sizeof(struct in_addr));
1418 pip->ip_len &= 0xff;
1419 (void) send_ip(nfd, mtu, pip, gwip, 0);