4 * Copyright (C) 1993-1998 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
10 static const char sccsid[] = "%W% %G% (C)1995 Darren Reed";
11 static const char rcsid[] = "@(#)Id: iptests.c,v 2.8.2.3 2004/04/16 23:33:04 darrenr Exp";
13 #include <sys/param.h>
14 #include <sys/types.h>
19 # if !defined(solaris) && !defined(linux) && !defined(__sgi) && !defined(hpux)
20 # include <sys/file.h>
23 # include <sys/dditypes.h>
29 #if !defined(solaris) && !defined(linux) && !defined(__sgi)
31 # include <sys/user.h>
32 # include <sys/proc.h>
34 #if !defined(ultrix) && !defined(hpux) && !defined(linux) && \
35 !defined(__sgi) && !defined(__osf__)
39 # include <sys/socket.h>
42 # include <sys/stream.h>
44 #include <sys/socketvar.h>
46 #include <sys/systm.h>
47 #include <sys/session.h>
50 # include <sys/sysctl.h>
51 # include <sys/filedesc.h>
54 #include <netinet/in_systm.h>
55 #include <sys/socket.h>
57 # define _NET_ROUTE_INCLUDED
60 #if defined(linux) && (LINUX >= 0200)
61 # include <asm/atomic.h>
64 # if defined(__FreeBSD__)
65 # include "radix_ipf.h"
67 # include <net/route.h>
69 # define __KERNEL__ /* because there's a macro not wrapped by this */
70 # include <net/route.h> /* in this file :-/ */
72 #include <netinet/in.h>
73 #include <arpa/inet.h>
74 #include <netinet/ip.h>
76 # include <netinet/ip_var.h>
78 # include <netinet/in_pcb.h>
81 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
82 # include <sys/sysmacros.h>
89 # undef _NET_ROUTE_INCLUDED
92 #if !defined(linux) && !defined(__hpux)
93 # include <netinet/tcp_timer.h>
94 # include <netinet/tcp_var.h>
96 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106000000)
97 # define USE_NANOSLEEP
102 # define PAUSE() ts.tv_sec = 0; ts.tv_nsec = 10000000; \
103 (void) nanosleep(&ts, NULL)
105 # define PAUSE() tv.tv_sec = 0; tv.tv_usec = 10000; \
106 (void) select(0, NULL, NULL, NULL, &tv)
110 void ip_test1(dev, mtu, ip, gwip, ptest)
123 int nfd, i = 0, len, id = getpid();
125 IP_HL_A(ip, sizeof(*ip) >> 2);
126 IP_V_A(ip, IPVERSION);
130 ip->ip_p = IPPROTO_UDP;
132 u = (udphdr_t *)(ip + 1);
133 u->uh_sport = htons(1);
134 u->uh_dport = htons(9);
136 u->uh_ulen = htons(sizeof(*u) + 4);
137 ip->ip_len = sizeof(*ip) + ntohs(u->uh_ulen);
139 nfd = initdevice(dev, 1);
141 if (!ptest || (ptest == 1)) {
146 printf("1.1. sending packets with ip_hl < ip_len\n");
147 for (i = 0; i < ((sizeof(*ip) + ntohs(u->uh_ulen)) >> 2); i++) {
149 (void) send_ip(nfd, 1500, ip, gwip, 1);
157 if (!ptest || (ptest == 2)) {
162 printf("1.2. sending packets with ip_hl > ip_len\n");
163 for (; i < ((sizeof(*ip) * 2 + ntohs(u->uh_ulen)) >> 2); i++) {
165 (void) send_ip(nfd, 1500, ip, gwip, 1);
173 if (!ptest || (ptest == 3)) {
178 printf("1.3. ip_v < 4\n");
179 IP_HL_A(ip, sizeof(*ip) >> 2);
180 for (i = 0; i < 4; i++) {
182 (void) send_ip(nfd, 1500, ip, gwip, 1);
190 if (!ptest || (ptest == 4)) {
195 printf("1.4. ip_v > 4\n");
196 for (i = 5; i < 16; i++) {
198 (void) send_ip(nfd, 1500, ip, gwip, 1);
206 if (!ptest || (ptest == 5)) {
208 * Part5: len < packet
211 IP_V_A(ip, IPVERSION);
213 printf("1.5.0 ip_len < packet size (size++, long packets)\n");
214 for (; i < (ip->ip_len * 2); i++) {
215 ip->ip_id = htons(id++);
217 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
218 (void) send_ether(nfd, (char *)ip, i, gwip);
224 printf("1.5.1 ip_len < packet size (ip_len-, short packets)\n");
225 for (i = len; i > 0; i--) {
226 ip->ip_id = htons(id++);
229 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
230 (void) send_ether(nfd, (char *)ip, len, gwip);
238 if (!ptest || (ptest == 6)) {
240 * Part6: len > packet
243 printf("1.6.0 ip_len > packet size (increase ip_len)\n");
244 for (i = len + 1; i < (len * 2); i++) {
245 ip->ip_id = htons(id++);
248 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
249 (void) send_ether(nfd, (char *)ip, len, gwip);
256 printf("1.6.1 ip_len > packet size (size--, short packets)\n");
257 for (i = len; i > 0; i--) {
258 ip->ip_id = htons(id++);
260 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
261 (void) send_ether(nfd, (char *)ip, i, gwip);
269 if (!ptest || (ptest == 7)) {
271 * Part7: 0 length fragment
273 printf("1.7.0 Zero length fragments (ip_off = 0x2000)\n");
275 ip->ip_len = sizeof(*ip);
276 ip->ip_off = htons(IP_MF);
277 (void) send_ip(nfd, mtu, ip, gwip, 1);
281 printf("1.7.1 Zero length fragments (ip_off = 0x3000)\n");
283 ip->ip_len = sizeof(*ip);
284 ip->ip_off = htons(IP_MF);
285 (void) send_ip(nfd, mtu, ip, gwip, 1);
289 printf("1.7.2 Zero length fragments (ip_off = 0xa000)\n");
291 ip->ip_len = sizeof(*ip);
292 ip->ip_off = htons(0xa000);
293 (void) send_ip(nfd, mtu, ip, gwip, 1);
297 printf("1.7.3 Zero length fragments (ip_off = 0x0100)\n");
299 ip->ip_len = sizeof(*ip);
300 ip->ip_off = htons(0x0100);
301 (void) send_ip(nfd, mtu, ip, gwip, 1);
306 if (!ptest || (ptest == 8)) {
309 gettimeofday(&tv, NULL);
310 srand(tv.tv_sec ^ getpid() ^ tv.tv_usec);
312 * Part8.1: 63k packet + 1k fragment at offset 0x1ffe
313 * Mark it as being ICMP (so it doesn't get junked), but
314 * don't bother about the ICMP header, we're not worrying
317 ip->ip_p = IPPROTO_ICMP;
318 ip->ip_off = htons(IP_MF);
319 u->uh_dport = htons(9);
320 ip->ip_id = htons(id++);
321 printf("1.8.1 63k packet + 1k fragment at offset 0x1ffe\n");
322 ip->ip_len = 768 + 20 + 8;
323 (void) send_ip(nfd, mtu, ip, gwip, 1);
326 ip->ip_len = MIN(768 + 20, mtu - 68);
328 for (; i < (63 * 1024 + 768); i += 768) {
329 ip->ip_off = htons(IP_MF | (i >> 3));
330 (void) send_ip(nfd, mtu, ip, gwip, 1);
335 ip->ip_len = 896 + 20;
336 ip->ip_off = htons(i >> 3);
337 (void) send_ip(nfd, mtu, ip, gwip, 1);
343 * Part8.2: 63k packet + 1k fragment at offset 0x1ffe
344 * Mark it as being ICMP (so it doesn't get junked), but
345 * don't bother about the ICMP header, we're not worrying
346 * about that here. (Lossage here)
348 ip->ip_p = IPPROTO_ICMP;
349 ip->ip_off = htons(IP_MF);
350 u->uh_dport = htons(9);
351 ip->ip_id = htons(id++);
352 printf("1.8.2 63k packet + 1k fragment at offset 0x1ffe\n");
353 ip->ip_len = 768 + 20 + 8;
354 if ((rand() & 0x1f) != 0) {
355 (void) send_ip(nfd, mtu, ip, gwip, 1);
360 ip->ip_len = MIN(768 + 20, mtu - 68);
362 for (; i < (63 * 1024 + 768); i += 768) {
363 ip->ip_off = htons(IP_MF | (i >> 3));
364 if ((rand() & 0x1f) != 0) {
365 (void) send_ip(nfd, mtu, ip, gwip, 1);
368 printf("skip %d\n", i);
372 ip->ip_len = 896 + 20;
373 ip->ip_off = htons(i >> 3);
374 if ((rand() & 0x1f) != 0) {
375 (void) send_ip(nfd, mtu, ip, gwip, 1);
383 * Part8.3: 33k packet - test for not dealing with -ve length
384 * Mark it as being ICMP (so it doesn't get junked), but
385 * don't bother about the ICMP header, we're not worrying
388 ip->ip_p = IPPROTO_ICMP;
389 ip->ip_off = htons(IP_MF);
390 u->uh_dport = htons(9);
391 ip->ip_id = htons(id++);
392 printf("1.8.3 33k packet\n");
393 ip->ip_len = 768 + 20 + 8;
394 (void) send_ip(nfd, mtu, ip, gwip, 1);
397 ip->ip_len = MIN(768 + 20, mtu - 68);
399 for (; i < (32 * 1024 + 768); i += 768) {
400 ip->ip_off = htons(IP_MF | (i >> 3));
401 (void) send_ip(nfd, mtu, ip, gwip, 1);
406 ip->ip_len = 896 + 20;
407 ip->ip_off = htons(i >> 3);
408 (void) send_ip(nfd, mtu, ip, gwip, 1);
416 if (!ptest || (ptest == 9)) {
418 * Part9: off & 0x8000 == 0x8000
421 ip->ip_off = htons(0x8000);
422 printf("1.9. ip_off & 0x8000 == 0x8000\n");
423 (void) send_ip(nfd, mtu, ip, gwip, 1);
430 if (!ptest || (ptest == 10)) {
436 printf("1.10.0 ip_ttl = 255\n");
437 (void) send_ip(nfd, mtu, ip, gwip, 1);
442 printf("1.10.1 ip_ttl = 128\n");
443 (void) send_ip(nfd, mtu, ip, gwip, 1);
448 printf("1.10.2 ip_ttl = 0\n");
449 (void) send_ip(nfd, mtu, ip, gwip, 1);
458 void ip_test2(dev, mtu, ip, gwip, ptest)
473 s = (u_char *)(ip + 1);
474 nfd = initdevice(dev, 1);
477 ip->ip_len = IP_HL(ip) << 2;
478 s[IPOPT_OPTVAL] = IPOPT_NOP;
480 if (!ptest || (ptest == 1)) {
482 * Test 1: option length > packet length,
483 * header length == packet length
485 s[IPOPT_OPTVAL] = IPOPT_TS;
487 s[IPOPT_OFFSET] = IPOPT_MINOFF;
488 ip->ip_p = IPPROTO_IP;
489 printf("2.1 option length > packet length\n");
490 (void) send_ip(nfd, mtu, ip, gwip, 1);
496 ip->ip_len = IP_HL(ip) << 2;
497 if (!ptest || (ptest == 1)) {
499 * Test 2: options have length = 0
501 printf("2.2.1 option length = 0, RR\n");
502 s[IPOPT_OPTVAL] = IPOPT_RR;
504 (void) send_ip(nfd, mtu, ip, gwip, 1);
508 printf("2.2.2 option length = 0, TS\n");
509 s[IPOPT_OPTVAL] = IPOPT_TS;
511 (void) send_ip(nfd, mtu, ip, gwip, 1);
515 printf("2.2.3 option length = 0, SECURITY\n");
516 s[IPOPT_OPTVAL] = IPOPT_SECURITY;
518 (void) send_ip(nfd, mtu, ip, gwip, 1);
522 printf("2.2.4 option length = 0, LSRR\n");
523 s[IPOPT_OPTVAL] = IPOPT_LSRR;
525 (void) send_ip(nfd, mtu, ip, gwip, 1);
529 printf("2.2.5 option length = 0, SATID\n");
530 s[IPOPT_OPTVAL] = IPOPT_SATID;
532 (void) send_ip(nfd, mtu, ip, gwip, 1);
536 printf("2.2.6 option length = 0, SSRR\n");
537 s[IPOPT_OPTVAL] = IPOPT_SSRR;
539 (void) send_ip(nfd, mtu, ip, gwip, 1);
551 void ip_test3(dev, mtu, ip, gwip, ptest)
558 static int ict1[10] = { 8, 9, 10, 13, 14, 15, 16, 17, 18, 0 };
559 static int ict2[8] = { 3, 9, 10, 13, 14, 17, 18, 0 };
568 IP_HL_A(ip, sizeof(*ip) >> 2);
569 IP_V_A(ip, IPVERSION);
573 ip->ip_p = IPPROTO_ICMP;
575 ip->ip_len = sizeof(*ip) + sizeof(*icp);
576 icp = (struct icmp *)((char *)ip + (IP_HL(ip) << 2));
577 nfd = initdevice(dev, 1);
579 if (!ptest || (ptest == 1)) {
581 * Type 0 - 31, 255, code = 0
583 bzero((char *)icp, sizeof(*icp));
584 for (i = 0; i < 32; i++) {
586 (void) send_icmp(nfd, mtu, ip, gwip);
588 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, i);
590 icp->icmp_type = 255;
591 (void) send_icmp(nfd, mtu, ip, gwip);
593 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, 255);
597 if (!ptest || (ptest == 2)) {
599 * Type 3, code = 0 - 31
602 for (i = 0; i < 32; i++) {
604 (void) send_icmp(nfd, mtu, ip, gwip);
606 printf("3.2.%d ICMP type 3 code %d (all 0's)\r", i, i);
610 if (!ptest || (ptest == 3)) {
612 * Type 4, code = 0,127,128,255
616 (void) send_icmp(nfd, mtu, ip, gwip);
618 printf("3.3.1 ICMP type 4 code 0 (all 0's)\r");
619 icp->icmp_code = 127;
620 (void) send_icmp(nfd, mtu, ip, gwip);
622 printf("3.3.2 ICMP type 4 code 127 (all 0's)\r");
623 icp->icmp_code = 128;
624 (void) send_icmp(nfd, mtu, ip, gwip);
626 printf("3.3.3 ICMP type 4 code 128 (all 0's)\r");
627 icp->icmp_code = 255;
628 (void) send_icmp(nfd, mtu, ip, gwip);
630 printf("3.3.4 ICMP type 4 code 255 (all 0's)\r");
633 if (!ptest || (ptest == 4)) {
635 * Type 5, code = 0,127,128,255
639 (void) send_icmp(nfd, mtu, ip, gwip);
641 printf("3.4.1 ICMP type 5 code 0 (all 0's)\r");
642 icp->icmp_code = 127;
643 (void) send_icmp(nfd, mtu, ip, gwip);
645 printf("3.4.2 ICMP type 5 code 127 (all 0's)\r");
646 icp->icmp_code = 128;
647 (void) send_icmp(nfd, mtu, ip, gwip);
649 printf("3.4.3 ICMP type 5 code 128 (all 0's)\r");
650 icp->icmp_code = 255;
651 (void) send_icmp(nfd, mtu, ip, gwip);
653 printf("3.4.4 ICMP type 5 code 255 (all 0's)\r");
656 if (!ptest || (ptest == 5)) {
658 * Type 8-10;13-18, code - 0,127,128,255
660 for (i = 0; ict1[i]; i++) {
661 icp->icmp_type = ict1[i];
663 (void) send_icmp(nfd, mtu, ip, gwip);
665 printf("3.5.%d ICMP type 5 code 0 (all 0's)\r",
667 icp->icmp_code = 127;
668 (void) send_icmp(nfd, mtu, ip, gwip);
670 printf("3.5.%d ICMP type 5 code 127 (all 0's)\r",
672 icp->icmp_code = 128;
673 (void) send_icmp(nfd, mtu, ip, gwip);
675 printf("3.5.%d ICMP type 5 code 128 (all 0's)\r",
677 icp->icmp_code = 255;
678 (void) send_icmp(nfd, mtu, ip, gwip);
680 printf("3.5.%d ICMP type 5 code 255 (all 0's)\r",
686 if (!ptest || (ptest == 6)) {
688 * Type 12, code - 0,127,128,129,255
692 (void) send_icmp(nfd, mtu, ip, gwip);
694 printf("3.6.1 ICMP type 12 code 0 (all 0's)\r");
695 icp->icmp_code = 127;
696 (void) send_icmp(nfd, mtu, ip, gwip);
698 printf("3.6.2 ICMP type 12 code 127 (all 0's)\r");
699 icp->icmp_code = 128;
700 (void) send_icmp(nfd, mtu, ip, gwip);
702 printf("3.6.3 ICMP type 12 code 128 (all 0's)\r");
703 icp->icmp_code = 129;
704 (void) send_icmp(nfd, mtu, ip, gwip);
706 printf("3.6.4 ICMP type 12 code 129 (all 0's)\r");
707 icp->icmp_code = 255;
708 (void) send_icmp(nfd, mtu, ip, gwip);
710 printf("3.6.5 ICMP type 12 code 255 (all 0's)\r");
714 if (!ptest || (ptest == 7)) {
716 * Type 3;9-10;13-14;17-18 - shorter packets
718 ip->ip_len = sizeof(*ip) + sizeof(*icp) / 2;
719 for (i = 0; ict2[i]; i++) {
720 icp->icmp_type = ict1[i];
722 (void) send_icmp(nfd, mtu, ip, gwip);
724 printf("3.5.%d ICMP type %d code 0 (all 0's)\r",
725 i * 4, icp->icmp_type);
726 icp->icmp_code = 127;
727 (void) send_icmp(nfd, mtu, ip, gwip);
729 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
730 i * 4 + 1, icp->icmp_type);
731 icp->icmp_code = 128;
732 (void) send_icmp(nfd, mtu, ip, gwip);
734 printf("3.5.%d ICMP type %d code 128 (all 0's)\r",
735 i * 4 + 2, icp->icmp_type);
736 icp->icmp_code = 255;
737 (void) send_icmp(nfd, mtu, ip, gwip);
739 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
740 i * 4 + 3, icp->icmp_type);
747 /* Perform test 4 (UDP) */
749 void ip_test4(dev, mtu, ip, gwip, ptest)
765 IP_HL_A(ip, sizeof(*ip) >> 2);
766 IP_V_A(ip, IPVERSION);
770 ip->ip_p = IPPROTO_UDP;
772 u = (udphdr_t *)((char *)ip + (IP_HL(ip) << 2));
773 u->uh_sport = htons(1);
774 u->uh_dport = htons(1);
775 u->uh_ulen = htons(sizeof(*u) + 4);
776 nfd = initdevice(dev, 1);
778 if (!ptest || (ptest == 1)) {
780 * Test 1. ulen > packet
782 u->uh_ulen = htons(sizeof(*u) + 4);
783 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
784 printf("4.1 UDP uh_ulen > packet size - short packets\n");
785 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
786 u->uh_ulen = htons(i);
787 (void) send_udp(nfd, 1500, ip, gwip);
795 if (!ptest || (ptest == 2)) {
797 * Test 2. ulen < packet
799 u->uh_ulen = htons(sizeof(*u) + 4);
800 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
801 printf("4.2 UDP uh_ulen < packet size - short packets\n");
802 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
804 (void) send_udp(nfd, 1500, ip, gwip);
812 if (!ptest || (ptest == 3)) {
814 * Test 3: sport = 0, sport = 1, sport = 32767
815 * sport = 32768, sport = 65535
817 u->uh_ulen = sizeof(*u) + 4;
818 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
819 printf("4.3.1 UDP sport = 0\n");
821 (void) send_udp(nfd, 1500, ip, gwip);
825 printf("4.3.2 UDP sport = 1\n");
826 u->uh_sport = htons(1);
827 (void) send_udp(nfd, 1500, ip, gwip);
831 printf("4.3.3 UDP sport = 32767\n");
832 u->uh_sport = htons(32767);
833 (void) send_udp(nfd, 1500, ip, gwip);
837 printf("4.3.4 UDP sport = 32768\n");
838 u->uh_sport = htons(32768);
839 (void) send_udp(nfd, 1500, ip, gwip);
844 printf("4.3.5 UDP sport = 65535\n");
845 u->uh_sport = htons(65535);
846 (void) send_udp(nfd, 1500, ip, gwip);
852 if (!ptest || (ptest == 4)) {
854 * Test 4: dport = 0, dport = 1, dport = 32767
855 * dport = 32768, dport = 65535
857 u->uh_ulen = ntohs(sizeof(*u) + 4);
858 u->uh_sport = htons(1);
859 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
860 printf("4.4.1 UDP dport = 0\n");
862 (void) send_udp(nfd, 1500, ip, gwip);
866 printf("4.4.2 UDP dport = 1\n");
867 u->uh_dport = htons(1);
868 (void) send_udp(nfd, 1500, ip, gwip);
872 printf("4.4.3 UDP dport = 32767\n");
873 u->uh_dport = htons(32767);
874 (void) send_udp(nfd, 1500, ip, gwip);
878 printf("4.4.4 UDP dport = 32768\n");
879 u->uh_dport = htons(32768);
880 (void) send_udp(nfd, 1500, ip, gwip);
884 printf("4.4.5 UDP dport = 65535\n");
885 u->uh_dport = htons(65535);
886 (void) send_udp(nfd, 1500, ip, gwip);
892 if (!ptest || (ptest == 5)) {
894 * Test 5: sizeof(ip_t) <= MTU <= sizeof(udphdr_t) +
897 printf("4.5 UDP 20 <= MTU <= 32\n");
898 for (i = sizeof(*ip); i <= ntohs(u->uh_ulen); i++) {
899 (void) send_udp(nfd, i, ip, gwip);
909 /* Perform test 5 (TCP) */
911 void ip_test5(dev, mtu, ip, gwip, ptest)
926 t = (tcphdr_t *)((char *)ip + (IP_HL(ip) << 2));
927 #if !defined(linux) && !defined(__osf__)
931 t->th_sport = htons(1);
932 t->th_dport = htons(1);
933 t->th_win = htons(4096);
936 t->th_seq = htonl(1);
938 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
939 nfd = initdevice(dev, 1);
941 if (!ptest || (ptest == 1)) {
943 * Test 1: flags variations, 0 - 3f
945 TCP_OFF_A(t, sizeof(*t) >> 2);
946 printf("5.1 Test TCP flag combinations\n");
947 for (i = 0; i <= (TH_URG|TH_ACK|TH_PUSH|TH_RST|TH_SYN|TH_FIN);
950 (void) send_tcp(nfd, mtu, ip, gwip);
958 if (!ptest || (ptest == 2)) {
959 t->th_flags = TH_SYN;
961 * Test 2: seq = 0, seq = 1, seq = 0x7fffffff, seq=0x80000000,
962 * seq = 0xa000000, seq = 0xffffffff
964 printf("5.2.1 TCP seq = 0\n");
965 t->th_seq = htonl(0);
966 (void) send_tcp(nfd, mtu, ip, gwip);
970 printf("5.2.2 TCP seq = 1\n");
971 t->th_seq = htonl(1);
972 (void) send_tcp(nfd, mtu, ip, gwip);
976 printf("5.2.3 TCP seq = 0x7fffffff\n");
977 t->th_seq = htonl(0x7fffffff);
978 (void) send_tcp(nfd, mtu, ip, gwip);
982 printf("5.2.4 TCP seq = 0x80000000\n");
983 t->th_seq = htonl(0x80000000);
984 (void) send_tcp(nfd, mtu, ip, gwip);
988 printf("5.2.5 TCP seq = 0xc0000000\n");
989 t->th_seq = htonl(0xc0000000);
990 (void) send_tcp(nfd, mtu, ip, gwip);
994 printf("5.2.6 TCP seq = 0xffffffff\n");
995 t->th_seq = htonl(0xffffffff);
996 (void) send_tcp(nfd, mtu, ip, gwip);
1001 if (!ptest || (ptest == 3)) {
1002 t->th_flags = TH_ACK;
1004 * Test 3: ack = 0, ack = 1, ack = 0x7fffffff, ack = 0x8000000
1005 * ack = 0xa000000, ack = 0xffffffff
1007 printf("5.3.1 TCP ack = 0\n");
1009 (void) send_tcp(nfd, mtu, ip, gwip);
1013 printf("5.3.2 TCP ack = 1\n");
1014 t->th_ack = htonl(1);
1015 (void) send_tcp(nfd, mtu, ip, gwip);
1019 printf("5.3.3 TCP ack = 0x7fffffff\n");
1020 t->th_ack = htonl(0x7fffffff);
1021 (void) send_tcp(nfd, mtu, ip, gwip);
1025 printf("5.3.4 TCP ack = 0x80000000\n");
1026 t->th_ack = htonl(0x80000000);
1027 (void) send_tcp(nfd, mtu, ip, gwip);
1031 printf("5.3.5 TCP ack = 0xc0000000\n");
1032 t->th_ack = htonl(0xc0000000);
1033 (void) send_tcp(nfd, mtu, ip, gwip);
1037 printf("5.3.6 TCP ack = 0xffffffff\n");
1038 t->th_ack = htonl(0xffffffff);
1039 (void) send_tcp(nfd, mtu, ip, gwip);
1044 if (!ptest || (ptest == 4)) {
1045 t->th_flags = TH_SYN;
1047 * Test 4: win = 0, win = 32768, win = 65535
1049 printf("5.4.1 TCP win = 0\n");
1050 t->th_seq = htonl(0);
1051 (void) send_tcp(nfd, mtu, ip, gwip);
1055 printf("5.4.2 TCP win = 32768\n");
1056 t->th_seq = htonl(0x7fff);
1057 (void) send_tcp(nfd, mtu, ip, gwip);
1061 printf("5.4.3 TCP win = 65535\n");
1062 t->th_win = htons(0xffff);
1063 (void) send_tcp(nfd, mtu, ip, gwip);
1068 #if !defined(linux) && !defined(__SVR4) && !defined(__svr4__) && \
1069 !defined(__sgi) && !defined(__hpux) && !defined(__osf__)
1071 struct tcpcb *tcbp, tcb;
1073 struct sockaddr_in sin;
1076 bzero((char *)&sin, sizeof(sin));
1078 for (i = 1; i < 63; i++) {
1079 fd = socket(AF_INET, SOCK_STREAM, 0);
1080 bzero((char *)&sin, sizeof(sin));
1081 sin.sin_addr.s_addr = ip->ip_dst.s_addr;
1082 sin.sin_port = htons(i);
1083 sin.sin_family = AF_INET;
1084 if (!connect(fd, (struct sockaddr *)&sin, sizeof(sin)))
1090 printf("Couldn't open a TCP socket between ports 1 and 63\n");
1091 printf("to host %s for test 5 and 6 - skipping.\n",
1092 inet_ntoa(ip->ip_dst));
1093 goto skip_five_and_six;
1096 bcopy((char *)ip, (char *)&ti, sizeof(*ip));
1097 t->th_dport = htons(i);
1099 if (!getsockname(fd, (struct sockaddr *)&sin, &slen))
1100 t->th_sport = sin.sin_port;
1101 if (!(tcbp = find_tcp(fd, &ti))) {
1102 printf("Can't find PCB\n");
1103 goto skip_five_and_six;
1105 KMCPY(&tcb, tcbp, sizeof(tcb));
1106 ti.ti_win = tcb.rcv_adv;
1107 ti.ti_seq = htonl(tcb.snd_nxt - 1);
1108 ti.ti_ack = tcb.rcv_nxt;
1110 if (!ptest || (ptest == 5)) {
1114 t->th_flags = TH_ACK|TH_URG;
1115 printf("5.5.1 TCP Urgent pointer, sport %hu dport %hu\n",
1116 ntohs(t->th_sport), ntohs(t->th_dport));
1117 t->th_urp = htons(1);
1118 (void) send_tcp(nfd, mtu, ip, gwip);
1121 t->th_seq = htonl(tcb.snd_nxt);
1122 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t) + 1;
1123 t->th_urp = htons(0x7fff);
1124 (void) send_tcp(nfd, mtu, ip, gwip);
1126 t->th_urp = htons(0x8000);
1127 (void) send_tcp(nfd, mtu, ip, gwip);
1129 t->th_urp = htons(0xffff);
1130 (void) send_tcp(nfd, mtu, ip, gwip);
1133 t->th_flags &= ~TH_URG;
1134 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1137 if (!ptest || (ptest == 6)) {
1139 * Test 6: data offset, off = 0, off is inside, off is outside
1141 t->th_flags = TH_ACK;
1142 printf("5.6.1 TCP off = 1-15, len = 40\n");
1143 for (i = 1; i < 16; i++) {
1144 TCP_OFF_A(t, ntohs(i));
1145 (void) send_tcp(nfd, mtu, ip, gwip);
1151 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1158 t->th_seq = htonl(1);
1159 t->th_ack = htonl(1);
1162 if (!ptest || (ptest == 7)) {
1163 t->th_flags = TH_SYN;
1165 * Test 7: sport = 0, sport = 1, sport = 32767
1166 * sport = 32768, sport = 65535
1168 printf("5.7.1 TCP sport = 0\n");
1170 (void) send_tcp(nfd, mtu, ip, gwip);
1174 printf("5.7.2 TCP sport = 1\n");
1175 t->th_sport = htons(1);
1176 (void) send_tcp(nfd, mtu, ip, gwip);
1180 printf("5.7.3 TCP sport = 32767\n");
1181 t->th_sport = htons(32767);
1182 (void) send_tcp(nfd, mtu, ip, gwip);
1186 printf("5.7.4 TCP sport = 32768\n");
1187 t->th_sport = htons(32768);
1188 (void) send_tcp(nfd, mtu, ip, gwip);
1192 printf("5.7.5 TCP sport = 65535\n");
1193 t->th_sport = htons(65535);
1194 (void) send_tcp(nfd, mtu, ip, gwip);
1199 if (!ptest || (ptest == 8)) {
1200 t->th_sport = htons(1);
1201 t->th_flags = TH_SYN;
1203 * Test 8: dport = 0, dport = 1, dport = 32767
1204 * dport = 32768, dport = 65535
1206 printf("5.8.1 TCP dport = 0\n");
1208 (void) send_tcp(nfd, mtu, ip, gwip);
1212 printf("5.8.2 TCP dport = 1\n");
1213 t->th_dport = htons(1);
1214 (void) send_tcp(nfd, mtu, ip, gwip);
1218 printf("5.8.3 TCP dport = 32767\n");
1219 t->th_dport = htons(32767);
1220 (void) send_tcp(nfd, mtu, ip, gwip);
1224 printf("5.8.4 TCP dport = 32768\n");
1225 t->th_dport = htons(32768);
1226 (void) send_tcp(nfd, mtu, ip, gwip);
1230 printf("5.8.5 TCP dport = 65535\n");
1231 t->th_dport = htons(65535);
1232 (void) send_tcp(nfd, mtu, ip, gwip);
1237 /* LAND attack - self connect, so make src & dst ip/port the same */
1238 if (!ptest || (ptest == 9)) {
1239 printf("5.9 TCP LAND attack. sport = 25, dport = 25\n");
1240 /* chose SMTP port 25 */
1241 t->th_sport = htons(25);
1242 t->th_dport = htons(25);
1243 t->th_flags = TH_SYN;
1244 ip->ip_src = ip->ip_dst;
1245 (void) send_tcp(nfd, mtu, ip, gwip);
1250 /* TCP options header checking */
1251 /* 0 length options, etc */
1255 /* Perform test 6 (exhaust mbuf test) */
1257 void ip_test6(dev, mtu, ip, gwip, ptest)
1261 struct in_addr gwip;
1264 #ifdef USE_NANOSLEEP
1272 IP_V_A(ip, IPVERSION);
1276 ip->ip_p = IPPROTO_UDP;
1278 u = (udphdr_t *)(ip + 1);
1279 u->uh_sport = htons(1);
1280 u->uh_dport = htons(9);
1283 nfd = initdevice(dev, 1);
1284 u->uh_ulen = htons(7168);
1286 printf("6. Exhaustive mbuf test.\n");
1287 printf(" Send 7k packet in 768 & 128 byte fragments, 128 times.\n");
1288 printf(" Total of around 8,900 packets\n");
1289 for (i = 0; i < 128; i++) {
1291 * First send the entire packet in 768 byte chunks.
1293 ip->ip_len = sizeof(*ip) + 768 + sizeof(*u);
1294 IP_HL_A(ip, sizeof(*ip) >> 2);
1295 ip->ip_off = htons(IP_MF);
1296 (void) send_ip(nfd, 1500, ip, gwip, 1);
1297 printf("%d %d\r", i, 0);
1301 * And again using 128 byte chunks.
1303 ip->ip_len = sizeof(*ip) + 128 + sizeof(*u);
1304 ip->ip_off = htons(IP_MF);
1305 (void) send_ip(nfd, 1500, ip, gwip, 1);
1306 printf("%d %d\r", i, 0);
1310 for (j = 768; j < 3584; j += 768) {
1311 ip->ip_len = sizeof(*ip) + 768;
1312 ip->ip_off = htons(IP_MF|(j>>3));
1313 (void) send_ip(nfd, 1500, ip, gwip, 1);
1314 printf("%d %d\r", i, j);
1318 ip->ip_len = sizeof(*ip) + 128;
1319 for (k = j - 768; k < j; k += 128) {
1320 ip->ip_off = htons(IP_MF|(k>>3));
1321 (void) send_ip(nfd, 1500, ip, gwip, 1);
1322 printf("%d %d\r", i, k);
1332 /* Perform test 7 (random packets) */
1334 static u_long tbuf[64];
1336 void ip_test7(dev, mtu, ip, gwip, ptest)
1340 struct in_addr gwip;
1344 #ifdef USE_NANOSLEEP
1352 nfd = initdevice(dev, 1);
1355 srand(time(NULL) ^ (getpid() * getppid()));
1357 printf("7. send 1024 random IP packets.\n");
1359 for (i = 0; i < 512; i++) {
1360 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1361 *s = (rand() >> 13) & 0xff;
1362 IP_V_A(pip, IPVERSION);
1363 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1364 sizeof(struct in_addr));
1366 pip->ip_len &= 0xff;
1367 (void) send_ip(nfd, mtu, pip, gwip, 0);
1374 for (i = 0; i < 512; i++) {
1375 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1376 *s = (rand() >> 13) & 0xff;
1377 IP_V_A(pip, IPVERSION);
1378 pip->ip_off &= htons(0xc000);
1379 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1380 sizeof(struct in_addr));
1382 pip->ip_len &= 0xff;
1383 (void) send_ip(nfd, mtu, pip, gwip, 0);