4 * Copyright (C) 2012 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
10 static const char sccsid[] = "%W% %G% (C)1995 Darren Reed";
11 static const char rcsid[] = "@(#)$Id$";
13 #include <sys/param.h>
14 #include <sys/types.h>
15 #if defined(__NetBSD__) && defined(__vax__)
17 * XXX need to declare boolean_t for _KERNEL <sys/files.h>
18 * which ends up including <sys/device.h> for vax. See PR#32907
19 * for further details.
21 typedef int boolean_t;
25 # include <machine/lock.h>
26 # include <machine/mutex.h>
30 # if !defined(solaris)
31 # include <sys/file.h>
34 # include <sys/dditypes.h>
41 # include <sys/user.h>
42 # include <sys/proc.h>
45 # include <sys/socket.h>
47 # include <sys/stream.h>
49 # include <sys/socketvar.h>
52 #include <sys/systm.h>
53 #include <sys/session.h>
55 # include <sys/sysctl.h>
56 # include <sys/filedesc.h>
58 #include <netinet/in_systm.h>
59 #include <sys/socket.h>
61 # if defined(__FreeBSD__)
62 # include "radix_ipf.h"
64 # if !defined(solaris)
65 # include <net/route.h>
67 #include <netinet/in.h>
68 #include <arpa/inet.h>
69 #include <netinet/ip.h>
70 #if defined(__SVR4) || defined(__svr4__)
71 # include <sys/sysmacros.h>
77 # include <netinet/ip_var.h>
78 # if !defined(solaris)
79 # include <netinet/in_pcb.h>
82 # include <netinet/tcp_timer.h>
83 # include <netinet/tcp_var.h>
84 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106000000)
85 # define USE_NANOSLEEP
90 # define PAUSE() ts.tv_sec = 0; ts.tv_nsec = 10000000; \
91 (void) nanosleep(&ts, NULL)
93 # define PAUSE() tv.tv_sec = 0; tv.tv_usec = 10000; \
94 (void) select(0, NULL, NULL, NULL, &tv)
98 void ip_test1(dev, mtu, ip, gwip, ptest)
111 int nfd, i = 0, len, id = getpid();
113 IP_HL_A(ip, sizeof(*ip) >> 2);
114 IP_V_A(ip, IPVERSION);
118 ip->ip_p = IPPROTO_UDP;
120 u = (udphdr_t *)(ip + 1);
121 u->uh_sport = htons(1);
122 u->uh_dport = htons(9);
124 u->uh_ulen = htons(sizeof(*u) + 4);
125 ip->ip_len = sizeof(*ip) + ntohs(u->uh_ulen);
128 nfd = initdevice(dev, 1);
132 if (!ptest || (ptest == 1)) {
137 printf("1.1. sending packets with ip_hl < ip_len\n");
138 for (i = 0; i < ((sizeof(*ip) + ntohs(u->uh_ulen)) >> 2); i++) {
140 (void) send_ip(nfd, 1500, ip, gwip, 1);
148 if (!ptest || (ptest == 2)) {
153 printf("1.2. sending packets with ip_hl > ip_len\n");
154 for (; i < ((sizeof(*ip) * 2 + ntohs(u->uh_ulen)) >> 2); i++) {
156 (void) send_ip(nfd, 1500, ip, gwip, 1);
164 if (!ptest || (ptest == 3)) {
169 printf("1.3. ip_v < 4\n");
170 IP_HL_A(ip, sizeof(*ip) >> 2);
171 for (i = 0; i < 4; i++) {
173 (void) send_ip(nfd, 1500, ip, gwip, 1);
181 if (!ptest || (ptest == 4)) {
186 printf("1.4. ip_v > 4\n");
187 for (i = 5; i < 16; i++) {
189 (void) send_ip(nfd, 1500, ip, gwip, 1);
197 if (!ptest || (ptest == 5)) {
199 * Part5: len < packet
202 IP_V_A(ip, IPVERSION);
204 printf("1.5.0 ip_len < packet size (size++, long packets)\n");
205 for (; i < (ip->ip_len * 2); i++) {
206 ip->ip_id = htons(id++);
208 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
209 (void) send_ether(nfd, (char *)ip, i, gwip);
215 printf("1.5.1 ip_len < packet size (ip_len-, short packets)\n");
216 for (i = len; i > 0; i--) {
217 ip->ip_id = htons(id++);
220 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
221 (void) send_ether(nfd, (char *)ip, len, gwip);
229 if (!ptest || (ptest == 6)) {
231 * Part6: len > packet
234 printf("1.6.0 ip_len > packet size (increase ip_len)\n");
235 for (i = len + 1; i < (len * 2); i++) {
236 ip->ip_id = htons(id++);
239 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
240 (void) send_ether(nfd, (char *)ip, len, gwip);
247 printf("1.6.1 ip_len > packet size (size--, short packets)\n");
248 for (i = len; i > 0; i--) {
249 ip->ip_id = htons(id++);
251 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
252 (void) send_ether(nfd, (char *)ip, i, gwip);
260 if (!ptest || (ptest == 7)) {
262 * Part7: 0 length fragment
264 printf("1.7.0 Zero length fragments (ip_off = 0x2000)\n");
266 ip->ip_len = sizeof(*ip);
267 ip->ip_off = htons(IP_MF);
268 (void) send_ip(nfd, mtu, ip, gwip, 1);
272 printf("1.7.1 Zero length fragments (ip_off = 0x3000)\n");
274 ip->ip_len = sizeof(*ip);
275 ip->ip_off = htons(IP_MF);
276 (void) send_ip(nfd, mtu, ip, gwip, 1);
280 printf("1.7.2 Zero length fragments (ip_off = 0xa000)\n");
282 ip->ip_len = sizeof(*ip);
283 ip->ip_off = htons(0xa000);
284 (void) send_ip(nfd, mtu, ip, gwip, 1);
288 printf("1.7.3 Zero length fragments (ip_off = 0x0100)\n");
290 ip->ip_len = sizeof(*ip);
291 ip->ip_off = htons(0x0100);
292 (void) send_ip(nfd, mtu, ip, gwip, 1);
297 if (!ptest || (ptest == 8)) {
300 gettimeofday(&tv, NULL);
301 srand(tv.tv_sec ^ getpid() ^ tv.tv_usec);
303 * Part8.1: 63k packet + 1k fragment at offset 0x1ffe
304 * Mark it as being ICMP (so it doesn't get junked), but
305 * don't bother about the ICMP header, we're not worrying
308 ip->ip_p = IPPROTO_ICMP;
309 ip->ip_off = htons(IP_MF);
310 u->uh_dport = htons(9);
311 ip->ip_id = htons(id++);
312 printf("1.8.1 63k packet + 1k fragment at offset 0x1ffe\n");
313 ip->ip_len = 768 + 20 + 8;
314 (void) send_ip(nfd, mtu, ip, gwip, 1);
317 ip->ip_len = MIN(768 + 20, mtu - 68);
319 for (; i < (63 * 1024 + 768); i += 768) {
320 ip->ip_off = htons(IP_MF | (i >> 3));
321 (void) send_ip(nfd, mtu, ip, gwip, 1);
326 ip->ip_len = 896 + 20;
327 ip->ip_off = htons(i >> 3);
328 (void) send_ip(nfd, mtu, ip, gwip, 1);
334 * Part8.2: 63k packet + 1k fragment at offset 0x1ffe
335 * Mark it as being ICMP (so it doesn't get junked), but
336 * don't bother about the ICMP header, we're not worrying
337 * about that here. (Lossage here)
339 ip->ip_p = IPPROTO_ICMP;
340 ip->ip_off = htons(IP_MF);
341 u->uh_dport = htons(9);
342 ip->ip_id = htons(id++);
343 printf("1.8.2 63k packet + 1k fragment at offset 0x1ffe\n");
344 ip->ip_len = 768 + 20 + 8;
345 if ((rand() & 0x1f) != 0) {
346 (void) send_ip(nfd, mtu, ip, gwip, 1);
351 ip->ip_len = MIN(768 + 20, mtu - 68);
353 for (; i < (63 * 1024 + 768); i += 768) {
354 ip->ip_off = htons(IP_MF | (i >> 3));
355 if ((rand() & 0x1f) != 0) {
356 (void) send_ip(nfd, mtu, ip, gwip, 1);
359 printf("skip %d\n", i);
363 ip->ip_len = 896 + 20;
364 ip->ip_off = htons(i >> 3);
365 if ((rand() & 0x1f) != 0) {
366 (void) send_ip(nfd, mtu, ip, gwip, 1);
374 * Part8.3: 33k packet - test for not dealing with -ve length
375 * Mark it as being ICMP (so it doesn't get junked), but
376 * don't bother about the ICMP header, we're not worrying
379 ip->ip_p = IPPROTO_ICMP;
380 ip->ip_off = htons(IP_MF);
381 u->uh_dport = htons(9);
382 ip->ip_id = htons(id++);
383 printf("1.8.3 33k packet\n");
384 ip->ip_len = 768 + 20 + 8;
385 (void) send_ip(nfd, mtu, ip, gwip, 1);
388 ip->ip_len = MIN(768 + 20, mtu - 68);
390 for (; i < (32 * 1024 + 768); i += 768) {
391 ip->ip_off = htons(IP_MF | (i >> 3));
392 (void) send_ip(nfd, mtu, ip, gwip, 1);
397 ip->ip_len = 896 + 20;
398 ip->ip_off = htons(i >> 3);
399 (void) send_ip(nfd, mtu, ip, gwip, 1);
407 if (!ptest || (ptest == 9)) {
409 * Part9: off & 0x8000 == 0x8000
412 ip->ip_off = htons(0x8000);
413 printf("1.9. ip_off & 0x8000 == 0x8000\n");
414 (void) send_ip(nfd, mtu, ip, gwip, 1);
421 if (!ptest || (ptest == 10)) {
427 printf("1.10.0 ip_ttl = 255\n");
428 (void) send_ip(nfd, mtu, ip, gwip, 1);
433 printf("1.10.1 ip_ttl = 128\n");
434 (void) send_ip(nfd, mtu, ip, gwip, 1);
439 printf("1.10.2 ip_ttl = 0\n");
440 (void) send_ip(nfd, mtu, ip, gwip, 1);
449 void ip_test2(dev, mtu, ip, gwip, ptest)
465 nfd = initdevice(dev, 1);
470 ip->ip_len = IP_HL(ip) << 2;
471 s = (u_char *)(ip + 1);
472 s[IPOPT_OPTVAL] = IPOPT_NOP;
474 if (!ptest || (ptest == 1)) {
476 * Test 1: option length > packet length,
477 * header length == packet length
479 s[IPOPT_OPTVAL] = IPOPT_TS;
481 s[IPOPT_OFFSET] = IPOPT_MINOFF;
482 ip->ip_p = IPPROTO_IP;
483 printf("2.1 option length > packet length\n");
484 (void) send_ip(nfd, mtu, ip, gwip, 1);
490 ip->ip_len = IP_HL(ip) << 2;
491 if (!ptest || (ptest == 1)) {
493 * Test 2: options have length = 0
495 printf("2.2.1 option length = 0, RR\n");
496 s[IPOPT_OPTVAL] = IPOPT_RR;
498 (void) send_ip(nfd, mtu, ip, gwip, 1);
502 printf("2.2.2 option length = 0, TS\n");
503 s[IPOPT_OPTVAL] = IPOPT_TS;
505 (void) send_ip(nfd, mtu, ip, gwip, 1);
509 printf("2.2.3 option length = 0, SECURITY\n");
510 s[IPOPT_OPTVAL] = IPOPT_SECURITY;
512 (void) send_ip(nfd, mtu, ip, gwip, 1);
516 printf("2.2.4 option length = 0, LSRR\n");
517 s[IPOPT_OPTVAL] = IPOPT_LSRR;
519 (void) send_ip(nfd, mtu, ip, gwip, 1);
523 printf("2.2.5 option length = 0, SATID\n");
524 s[IPOPT_OPTVAL] = IPOPT_SATID;
526 (void) send_ip(nfd, mtu, ip, gwip, 1);
530 printf("2.2.6 option length = 0, SSRR\n");
531 s[IPOPT_OPTVAL] = IPOPT_SSRR;
533 (void) send_ip(nfd, mtu, ip, gwip, 1);
545 void ip_test3(dev, mtu, ip, gwip, ptest)
552 static int ict1[10] = { 8, 9, 10, 13, 14, 15, 16, 17, 18, 0 };
553 static int ict2[8] = { 3, 9, 10, 13, 14, 17, 18, 0 };
562 IP_HL_A(ip, sizeof(*ip) >> 2);
563 IP_V_A(ip, IPVERSION);
567 ip->ip_p = IPPROTO_ICMP;
569 ip->ip_len = sizeof(*ip) + sizeof(*icp);
570 icp = (struct icmp *)((char *)ip + (IP_HL(ip) << 2));
572 nfd = initdevice(dev, 1);
576 if (!ptest || (ptest == 1)) {
578 * Type 0 - 31, 255, code = 0
580 bzero((char *)icp, sizeof(*icp));
581 for (i = 0; i < 32; i++) {
583 (void) send_icmp(nfd, mtu, ip, gwip);
585 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, i);
587 icp->icmp_type = 255;
588 (void) send_icmp(nfd, mtu, ip, gwip);
590 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, 255);
594 if (!ptest || (ptest == 2)) {
596 * Type 3, code = 0 - 31
599 for (i = 0; i < 32; i++) {
601 (void) send_icmp(nfd, mtu, ip, gwip);
603 printf("3.2.%d ICMP type 3 code %d (all 0's)\r", i, i);
607 if (!ptest || (ptest == 3)) {
609 * Type 4, code = 0,127,128,255
613 (void) send_icmp(nfd, mtu, ip, gwip);
615 printf("3.3.1 ICMP type 4 code 0 (all 0's)\r");
616 icp->icmp_code = 127;
617 (void) send_icmp(nfd, mtu, ip, gwip);
619 printf("3.3.2 ICMP type 4 code 127 (all 0's)\r");
620 icp->icmp_code = 128;
621 (void) send_icmp(nfd, mtu, ip, gwip);
623 printf("3.3.3 ICMP type 4 code 128 (all 0's)\r");
624 icp->icmp_code = 255;
625 (void) send_icmp(nfd, mtu, ip, gwip);
627 printf("3.3.4 ICMP type 4 code 255 (all 0's)\r");
630 if (!ptest || (ptest == 4)) {
632 * Type 5, code = 0,127,128,255
636 (void) send_icmp(nfd, mtu, ip, gwip);
638 printf("3.4.1 ICMP type 5 code 0 (all 0's)\r");
639 icp->icmp_code = 127;
640 (void) send_icmp(nfd, mtu, ip, gwip);
642 printf("3.4.2 ICMP type 5 code 127 (all 0's)\r");
643 icp->icmp_code = 128;
644 (void) send_icmp(nfd, mtu, ip, gwip);
646 printf("3.4.3 ICMP type 5 code 128 (all 0's)\r");
647 icp->icmp_code = 255;
648 (void) send_icmp(nfd, mtu, ip, gwip);
650 printf("3.4.4 ICMP type 5 code 255 (all 0's)\r");
653 if (!ptest || (ptest == 5)) {
655 * Type 8-10;13-18, code - 0,127,128,255
657 for (i = 0; ict1[i]; i++) {
658 icp->icmp_type = ict1[i];
660 (void) send_icmp(nfd, mtu, ip, gwip);
662 printf("3.5.%d ICMP type 5 code 0 (all 0's)\r",
664 icp->icmp_code = 127;
665 (void) send_icmp(nfd, mtu, ip, gwip);
667 printf("3.5.%d ICMP type 5 code 127 (all 0's)\r",
669 icp->icmp_code = 128;
670 (void) send_icmp(nfd, mtu, ip, gwip);
672 printf("3.5.%d ICMP type 5 code 128 (all 0's)\r",
674 icp->icmp_code = 255;
675 (void) send_icmp(nfd, mtu, ip, gwip);
677 printf("3.5.%d ICMP type 5 code 255 (all 0's)\r",
683 if (!ptest || (ptest == 6)) {
685 * Type 12, code - 0,127,128,129,255
689 (void) send_icmp(nfd, mtu, ip, gwip);
691 printf("3.6.1 ICMP type 12 code 0 (all 0's)\r");
692 icp->icmp_code = 127;
693 (void) send_icmp(nfd, mtu, ip, gwip);
695 printf("3.6.2 ICMP type 12 code 127 (all 0's)\r");
696 icp->icmp_code = 128;
697 (void) send_icmp(nfd, mtu, ip, gwip);
699 printf("3.6.3 ICMP type 12 code 128 (all 0's)\r");
700 icp->icmp_code = 129;
701 (void) send_icmp(nfd, mtu, ip, gwip);
703 printf("3.6.4 ICMP type 12 code 129 (all 0's)\r");
704 icp->icmp_code = 255;
705 (void) send_icmp(nfd, mtu, ip, gwip);
707 printf("3.6.5 ICMP type 12 code 255 (all 0's)\r");
711 if (!ptest || (ptest == 7)) {
713 * Type 3;9-10;13-14;17-18 - shorter packets
715 ip->ip_len = sizeof(*ip) + sizeof(*icp) / 2;
716 for (i = 0; ict2[i]; i++) {
717 icp->icmp_type = ict1[i];
719 (void) send_icmp(nfd, mtu, ip, gwip);
721 printf("3.5.%d ICMP type %d code 0 (all 0's)\r",
722 i * 4, icp->icmp_type);
723 icp->icmp_code = 127;
724 (void) send_icmp(nfd, mtu, ip, gwip);
726 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
727 i * 4 + 1, icp->icmp_type);
728 icp->icmp_code = 128;
729 (void) send_icmp(nfd, mtu, ip, gwip);
731 printf("3.5.%d ICMP type %d code 128 (all 0's)\r",
732 i * 4 + 2, icp->icmp_type);
733 icp->icmp_code = 255;
734 (void) send_icmp(nfd, mtu, ip, gwip);
736 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
737 i * 4 + 3, icp->icmp_type);
744 /* Perform test 4 (UDP) */
746 void ip_test4(dev, mtu, ip, gwip, ptest)
762 IP_HL_A(ip, sizeof(*ip) >> 2);
763 IP_V_A(ip, IPVERSION);
767 ip->ip_p = IPPROTO_UDP;
769 u = (udphdr_t *)((char *)ip + (IP_HL(ip) << 2));
770 u->uh_sport = htons(1);
771 u->uh_dport = htons(1);
772 u->uh_ulen = htons(sizeof(*u) + 4);
774 nfd = initdevice(dev, 1);
778 if (!ptest || (ptest == 1)) {
780 * Test 1. ulen > packet
782 u->uh_ulen = htons(sizeof(*u) + 4);
783 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
784 printf("4.1 UDP uh_ulen > packet size - short packets\n");
785 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
786 u->uh_ulen = htons(i);
787 (void) send_udp(nfd, 1500, ip, gwip);
795 if (!ptest || (ptest == 2)) {
797 * Test 2. ulen < packet
799 u->uh_ulen = htons(sizeof(*u) + 4);
800 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
801 printf("4.2 UDP uh_ulen < packet size - short packets\n");
802 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
804 (void) send_udp(nfd, 1500, ip, gwip);
812 if (!ptest || (ptest == 3)) {
814 * Test 3: sport = 0, sport = 1, sport = 32767
815 * sport = 32768, sport = 65535
817 u->uh_ulen = sizeof(*u) + 4;
818 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
819 printf("4.3.1 UDP sport = 0\n");
821 (void) send_udp(nfd, 1500, ip, gwip);
825 printf("4.3.2 UDP sport = 1\n");
826 u->uh_sport = htons(1);
827 (void) send_udp(nfd, 1500, ip, gwip);
831 printf("4.3.3 UDP sport = 32767\n");
832 u->uh_sport = htons(32767);
833 (void) send_udp(nfd, 1500, ip, gwip);
837 printf("4.3.4 UDP sport = 32768\n");
838 u->uh_sport = htons(32768);
839 (void) send_udp(nfd, 1500, ip, gwip);
844 printf("4.3.5 UDP sport = 65535\n");
845 u->uh_sport = htons(65535);
846 (void) send_udp(nfd, 1500, ip, gwip);
852 if (!ptest || (ptest == 4)) {
854 * Test 4: dport = 0, dport = 1, dport = 32767
855 * dport = 32768, dport = 65535
857 u->uh_ulen = ntohs(sizeof(*u) + 4);
858 u->uh_sport = htons(1);
859 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
860 printf("4.4.1 UDP dport = 0\n");
862 (void) send_udp(nfd, 1500, ip, gwip);
866 printf("4.4.2 UDP dport = 1\n");
867 u->uh_dport = htons(1);
868 (void) send_udp(nfd, 1500, ip, gwip);
872 printf("4.4.3 UDP dport = 32767\n");
873 u->uh_dport = htons(32767);
874 (void) send_udp(nfd, 1500, ip, gwip);
878 printf("4.4.4 UDP dport = 32768\n");
879 u->uh_dport = htons(32768);
880 (void) send_udp(nfd, 1500, ip, gwip);
884 printf("4.4.5 UDP dport = 65535\n");
885 u->uh_dport = htons(65535);
886 (void) send_udp(nfd, 1500, ip, gwip);
892 if (!ptest || (ptest == 5)) {
894 * Test 5: sizeof(ip_t) <= MTU <= sizeof(udphdr_t) +
897 printf("4.5 UDP 20 <= MTU <= 32\n");
898 for (i = sizeof(*ip); i <= ntohs(u->uh_ulen); i++) {
899 (void) send_udp(nfd, i, ip, gwip);
909 /* Perform test 5 (TCP) */
911 void ip_test5(dev, mtu, ip, gwip, ptest)
926 t = (tcphdr_t *)((char *)ip + (IP_HL(ip) << 2));
929 t->th_sport = htons(1);
930 t->th_dport = htons(1);
931 t->th_win = htons(4096);
934 t->th_seq = htonl(1);
936 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
938 nfd = initdevice(dev, 1);
942 if (!ptest || (ptest == 1)) {
944 * Test 1: flags variations, 0 - 3f
946 TCP_OFF_A(t, sizeof(*t) >> 2);
947 printf("5.1 Test TCP flag combinations\n");
948 for (i = 0; i <= (TH_URG|TH_ACK|TH_PUSH|TH_RST|TH_SYN|TH_FIN);
951 (void) send_tcp(nfd, mtu, ip, gwip);
959 if (!ptest || (ptest == 2)) {
960 t->th_flags = TH_SYN;
962 * Test 2: seq = 0, seq = 1, seq = 0x7fffffff, seq=0x80000000,
963 * seq = 0xa000000, seq = 0xffffffff
965 printf("5.2.1 TCP seq = 0\n");
966 t->th_seq = htonl(0);
967 (void) send_tcp(nfd, mtu, ip, gwip);
971 printf("5.2.2 TCP seq = 1\n");
972 t->th_seq = htonl(1);
973 (void) send_tcp(nfd, mtu, ip, gwip);
977 printf("5.2.3 TCP seq = 0x7fffffff\n");
978 t->th_seq = htonl(0x7fffffff);
979 (void) send_tcp(nfd, mtu, ip, gwip);
983 printf("5.2.4 TCP seq = 0x80000000\n");
984 t->th_seq = htonl(0x80000000);
985 (void) send_tcp(nfd, mtu, ip, gwip);
989 printf("5.2.5 TCP seq = 0xc0000000\n");
990 t->th_seq = htonl(0xc0000000);
991 (void) send_tcp(nfd, mtu, ip, gwip);
995 printf("5.2.6 TCP seq = 0xffffffff\n");
996 t->th_seq = htonl(0xffffffff);
997 (void) send_tcp(nfd, mtu, ip, gwip);
1002 if (!ptest || (ptest == 3)) {
1003 t->th_flags = TH_ACK;
1005 * Test 3: ack = 0, ack = 1, ack = 0x7fffffff, ack = 0x8000000
1006 * ack = 0xa000000, ack = 0xffffffff
1008 printf("5.3.1 TCP ack = 0\n");
1010 (void) send_tcp(nfd, mtu, ip, gwip);
1014 printf("5.3.2 TCP ack = 1\n");
1015 t->th_ack = htonl(1);
1016 (void) send_tcp(nfd, mtu, ip, gwip);
1020 printf("5.3.3 TCP ack = 0x7fffffff\n");
1021 t->th_ack = htonl(0x7fffffff);
1022 (void) send_tcp(nfd, mtu, ip, gwip);
1026 printf("5.3.4 TCP ack = 0x80000000\n");
1027 t->th_ack = htonl(0x80000000);
1028 (void) send_tcp(nfd, mtu, ip, gwip);
1032 printf("5.3.5 TCP ack = 0xc0000000\n");
1033 t->th_ack = htonl(0xc0000000);
1034 (void) send_tcp(nfd, mtu, ip, gwip);
1038 printf("5.3.6 TCP ack = 0xffffffff\n");
1039 t->th_ack = htonl(0xffffffff);
1040 (void) send_tcp(nfd, mtu, ip, gwip);
1045 if (!ptest || (ptest == 4)) {
1046 t->th_flags = TH_SYN;
1048 * Test 4: win = 0, win = 32768, win = 65535
1050 printf("5.4.1 TCP win = 0\n");
1051 t->th_seq = htonl(0);
1052 (void) send_tcp(nfd, mtu, ip, gwip);
1056 printf("5.4.2 TCP win = 32768\n");
1057 t->th_seq = htonl(0x7fff);
1058 (void) send_tcp(nfd, mtu, ip, gwip);
1062 printf("5.4.3 TCP win = 65535\n");
1063 t->th_win = htons(0xffff);
1064 (void) send_tcp(nfd, mtu, ip, gwip);
1069 #if !defined(linux) && !defined(__SVR4) && !defined(__svr4__) && \
1070 !defined(__sgi) && !defined(__hpux) && !defined(__osf__)
1072 struct tcpcb *tcbp, tcb;
1074 struct sockaddr_in sin;
1078 bzero((char *)&sin, sizeof(sin));
1080 for (i = 1; i < 63; i++) {
1081 fd = socket(AF_INET, SOCK_STREAM, 0);
1082 bzero((char *)&sin, sizeof(sin));
1083 sin.sin_addr.s_addr = ip->ip_dst.s_addr;
1084 sin.sin_port = htons(i);
1085 sin.sin_family = AF_INET;
1086 if (!connect(fd, (struct sockaddr *)&sin, sizeof(sin)))
1092 printf("Couldn't open a TCP socket between ports 1 and 63\n");
1093 printf("to host %s for test 5 and 6 - skipping.\n",
1094 inet_ntoa(ip->ip_dst));
1095 goto skip_five_and_six;
1098 bcopy((char *)ip, (char *)&ti, sizeof(*ip));
1099 t->th_dport = htons(i);
1101 if (!getsockname(fd, (struct sockaddr *)&sin, &slen))
1102 t->th_sport = sin.sin_port;
1103 if (!(tcbp = find_tcp(fd, &ti))) {
1104 printf("Can't find PCB\n");
1105 goto skip_five_and_six;
1107 KMCPY(&tcb, tcbp, sizeof(tcb));
1108 ti.ti_win = tcb.rcv_adv;
1109 ti.ti_seq = htonl(tcb.snd_nxt - 1);
1110 ti.ti_ack = tcb.rcv_nxt;
1112 if (!ptest || (ptest == 5)) {
1116 t->th_flags = TH_ACK|TH_URG;
1117 printf("5.5.1 TCP Urgent pointer, sport %hu dport %hu\n",
1118 ntohs(t->th_sport), ntohs(t->th_dport));
1119 t->th_urp = htons(1);
1120 (void) send_tcp(nfd, mtu, ip, gwip);
1123 t->th_seq = htonl(tcb.snd_nxt);
1124 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t) + 1;
1125 t->th_urp = htons(0x7fff);
1126 (void) send_tcp(nfd, mtu, ip, gwip);
1128 t->th_urp = htons(0x8000);
1129 (void) send_tcp(nfd, mtu, ip, gwip);
1131 t->th_urp = htons(0xffff);
1132 (void) send_tcp(nfd, mtu, ip, gwip);
1135 t->th_flags &= ~TH_URG;
1136 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1139 if (!ptest || (ptest == 6)) {
1141 * Test 6: data offset, off = 0, off is inside, off is outside
1143 t->th_flags = TH_ACK;
1144 printf("5.6.1 TCP off = 1-15, len = 40\n");
1145 for (i = 1; i < 16; i++) {
1146 TCP_OFF_A(t, ntohs(i));
1147 (void) send_tcp(nfd, mtu, ip, gwip);
1153 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1160 t->th_seq = htonl(1);
1161 t->th_ack = htonl(1);
1164 if (!ptest || (ptest == 7)) {
1165 t->th_flags = TH_SYN;
1167 * Test 7: sport = 0, sport = 1, sport = 32767
1168 * sport = 32768, sport = 65535
1170 printf("5.7.1 TCP sport = 0\n");
1172 (void) send_tcp(nfd, mtu, ip, gwip);
1176 printf("5.7.2 TCP sport = 1\n");
1177 t->th_sport = htons(1);
1178 (void) send_tcp(nfd, mtu, ip, gwip);
1182 printf("5.7.3 TCP sport = 32767\n");
1183 t->th_sport = htons(32767);
1184 (void) send_tcp(nfd, mtu, ip, gwip);
1188 printf("5.7.4 TCP sport = 32768\n");
1189 t->th_sport = htons(32768);
1190 (void) send_tcp(nfd, mtu, ip, gwip);
1194 printf("5.7.5 TCP sport = 65535\n");
1195 t->th_sport = htons(65535);
1196 (void) send_tcp(nfd, mtu, ip, gwip);
1201 if (!ptest || (ptest == 8)) {
1202 t->th_sport = htons(1);
1203 t->th_flags = TH_SYN;
1205 * Test 8: dport = 0, dport = 1, dport = 32767
1206 * dport = 32768, dport = 65535
1208 printf("5.8.1 TCP dport = 0\n");
1210 (void) send_tcp(nfd, mtu, ip, gwip);
1214 printf("5.8.2 TCP dport = 1\n");
1215 t->th_dport = htons(1);
1216 (void) send_tcp(nfd, mtu, ip, gwip);
1220 printf("5.8.3 TCP dport = 32767\n");
1221 t->th_dport = htons(32767);
1222 (void) send_tcp(nfd, mtu, ip, gwip);
1226 printf("5.8.4 TCP dport = 32768\n");
1227 t->th_dport = htons(32768);
1228 (void) send_tcp(nfd, mtu, ip, gwip);
1232 printf("5.8.5 TCP dport = 65535\n");
1233 t->th_dport = htons(65535);
1234 (void) send_tcp(nfd, mtu, ip, gwip);
1239 /* LAND attack - self connect, so make src & dst ip/port the same */
1240 if (!ptest || (ptest == 9)) {
1241 printf("5.9 TCP LAND attack. sport = 25, dport = 25\n");
1242 /* chose SMTP port 25 */
1243 t->th_sport = htons(25);
1244 t->th_dport = htons(25);
1245 t->th_flags = TH_SYN;
1246 ip->ip_src = ip->ip_dst;
1247 (void) send_tcp(nfd, mtu, ip, gwip);
1252 /* TCP options header checking */
1253 /* 0 length options, etc */
1257 /* Perform test 6 (exhaust mbuf test) */
1259 void ip_test6(dev, mtu, ip, gwip, ptest)
1263 struct in_addr gwip;
1266 #ifdef USE_NANOSLEEP
1274 IP_V_A(ip, IPVERSION);
1278 ip->ip_p = IPPROTO_UDP;
1280 u = (udphdr_t *)(ip + 1);
1281 u->uh_sport = htons(1);
1282 u->uh_dport = htons(9);
1285 nfd = initdevice(dev, 1);
1289 u->uh_ulen = htons(7168);
1291 printf("6. Exhaustive mbuf test.\n");
1292 printf(" Send 7k packet in 768 & 128 byte fragments, 128 times.\n");
1293 printf(" Total of around 8,900 packets\n");
1294 for (i = 0; i < 128; i++) {
1296 * First send the entire packet in 768 byte chunks.
1298 ip->ip_len = sizeof(*ip) + 768 + sizeof(*u);
1299 IP_HL_A(ip, sizeof(*ip) >> 2);
1300 ip->ip_off = htons(IP_MF);
1301 (void) send_ip(nfd, 1500, ip, gwip, 1);
1302 printf("%d %d\r", i, 0);
1306 * And again using 128 byte chunks.
1308 ip->ip_len = sizeof(*ip) + 128 + sizeof(*u);
1309 ip->ip_off = htons(IP_MF);
1310 (void) send_ip(nfd, 1500, ip, gwip, 1);
1311 printf("%d %d\r", i, 0);
1315 for (j = 768; j < 3584; j += 768) {
1316 ip->ip_len = sizeof(*ip) + 768;
1317 ip->ip_off = htons(IP_MF|(j>>3));
1318 (void) send_ip(nfd, 1500, ip, gwip, 1);
1319 printf("%d %d\r", i, j);
1323 ip->ip_len = sizeof(*ip) + 128;
1324 for (k = j - 768; k < j; k += 128) {
1325 ip->ip_off = htons(IP_MF|(k>>3));
1326 (void) send_ip(nfd, 1500, ip, gwip, 1);
1327 printf("%d %d\r", i, k);
1337 /* Perform test 7 (random packets) */
1339 static u_long tbuf[64];
1341 void ip_test7(dev, mtu, ip, gwip, ptest)
1345 struct in_addr gwip;
1349 #ifdef USE_NANOSLEEP
1357 nfd = initdevice(dev, 1);
1363 srand(time(NULL) ^ (getpid() * getppid()));
1365 printf("7. send 1024 random IP packets.\n");
1367 for (i = 0; i < 512; i++) {
1368 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1369 *s = (rand() >> 13) & 0xff;
1370 IP_V_A(pip, IPVERSION);
1371 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1372 sizeof(struct in_addr));
1374 pip->ip_len &= 0xff;
1375 (void) send_ip(nfd, mtu, pip, gwip, 0);
1382 for (i = 0; i < 512; i++) {
1383 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1384 *s = (rand() >> 13) & 0xff;
1385 IP_V_A(pip, IPVERSION);
1386 pip->ip_off &= htons(0xc000);
1387 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1388 sizeof(struct in_addr));
1390 pip->ip_len &= 0xff;
1391 (void) send_ip(nfd, mtu, pip, gwip, 0);