4 * Copyright (C) 1993-1998 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
10 static const char sccsid[] = "%W% %G% (C)1995 Darren Reed";
11 static const char rcsid[] = "@(#)$Id: iptests.c,v 2.8.2.9 2007/09/13 07:19:34 darrenr Exp $";
13 #include <sys/param.h>
14 #include <sys/types.h>
15 #if defined(__NetBSD__) && defined(__vax__)
17 * XXX need to declare boolean_t for _KERNEL <sys/files.h>
18 * which ends up including <sys/device.h> for vax. See PR#32907
19 * for further details.
21 typedef int boolean_t;
26 # include <machine/lock.h>
27 # include <machine/mutex.h>
31 # if !defined(solaris) && !defined(linux) && !defined(__sgi) && !defined(hpux)
32 # include <sys/file.h>
35 # include <sys/dditypes.h>
41 #if !defined(solaris) && !defined(linux) && !defined(__sgi)
43 # include <sys/user.h>
44 # include <sys/proc.h>
46 #if !defined(ultrix) && !defined(hpux) && !defined(linux) && \
47 !defined(__sgi) && !defined(__osf__) && !defined(_AIX51)
51 # include <sys/socket.h>
54 # include <sys/stream.h>
56 #include <sys/socketvar.h>
58 #include <sys/systm.h>
59 #include <sys/session.h>
62 # include <sys/sysctl.h>
63 # include <sys/filedesc.h>
66 #include <netinet/in_systm.h>
67 #include <sys/socket.h>
69 # define _NET_ROUTE_INCLUDED
72 # include "radix_ipf_local.h"
75 #if defined(linux) && (LINUX >= 0200)
76 # include <asm/atomic.h>
79 # if defined(__FreeBSD__)
80 # include "radix_ipf.h"
82 # include <net/route.h>
84 # define __KERNEL__ /* because there's a macro not wrapped by this */
85 # include <net/route.h> /* in this file :-/ */
87 #include <netinet/in.h>
88 #include <arpa/inet.h>
89 #include <netinet/ip.h>
91 # include <netinet/ip_var.h>
93 # include <netinet/in_pcb.h>
96 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
97 # include <sys/sysmacros.h>
104 # undef _NET_ROUTE_INCLUDED
107 #if !defined(linux) && !defined(__hpux)
108 # include <netinet/tcp_timer.h>
109 # include <netinet/tcp_var.h>
111 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106000000)
112 # define USE_NANOSLEEP
117 # define PAUSE() ts.tv_sec = 0; ts.tv_nsec = 10000000; \
118 (void) nanosleep(&ts, NULL)
120 # define PAUSE() tv.tv_sec = 0; tv.tv_usec = 10000; \
121 (void) select(0, NULL, NULL, NULL, &tv)
125 void ip_test1(dev, mtu, ip, gwip, ptest)
138 int nfd, i = 0, len, id = getpid();
140 IP_HL_A(ip, sizeof(*ip) >> 2);
141 IP_V_A(ip, IPVERSION);
145 ip->ip_p = IPPROTO_UDP;
147 u = (udphdr_t *)(ip + 1);
148 u->uh_sport = htons(1);
149 u->uh_dport = htons(9);
151 u->uh_ulen = htons(sizeof(*u) + 4);
152 ip->ip_len = sizeof(*ip) + ntohs(u->uh_ulen);
155 nfd = initdevice(dev, 1);
159 if (!ptest || (ptest == 1)) {
164 printf("1.1. sending packets with ip_hl < ip_len\n");
165 for (i = 0; i < ((sizeof(*ip) + ntohs(u->uh_ulen)) >> 2); i++) {
167 (void) send_ip(nfd, 1500, ip, gwip, 1);
175 if (!ptest || (ptest == 2)) {
180 printf("1.2. sending packets with ip_hl > ip_len\n");
181 for (; i < ((sizeof(*ip) * 2 + ntohs(u->uh_ulen)) >> 2); i++) {
183 (void) send_ip(nfd, 1500, ip, gwip, 1);
191 if (!ptest || (ptest == 3)) {
196 printf("1.3. ip_v < 4\n");
197 IP_HL_A(ip, sizeof(*ip) >> 2);
198 for (i = 0; i < 4; i++) {
200 (void) send_ip(nfd, 1500, ip, gwip, 1);
208 if (!ptest || (ptest == 4)) {
213 printf("1.4. ip_v > 4\n");
214 for (i = 5; i < 16; i++) {
216 (void) send_ip(nfd, 1500, ip, gwip, 1);
224 if (!ptest || (ptest == 5)) {
226 * Part5: len < packet
229 IP_V_A(ip, IPVERSION);
231 printf("1.5.0 ip_len < packet size (size++, long packets)\n");
232 for (; i < (ip->ip_len * 2); i++) {
233 ip->ip_id = htons(id++);
235 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
236 (void) send_ether(nfd, (char *)ip, i, gwip);
242 printf("1.5.1 ip_len < packet size (ip_len-, short packets)\n");
243 for (i = len; i > 0; i--) {
244 ip->ip_id = htons(id++);
247 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
248 (void) send_ether(nfd, (char *)ip, len, gwip);
256 if (!ptest || (ptest == 6)) {
258 * Part6: len > packet
261 printf("1.6.0 ip_len > packet size (increase ip_len)\n");
262 for (i = len + 1; i < (len * 2); i++) {
263 ip->ip_id = htons(id++);
266 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
267 (void) send_ether(nfd, (char *)ip, len, gwip);
274 printf("1.6.1 ip_len > packet size (size--, short packets)\n");
275 for (i = len; i > 0; i--) {
276 ip->ip_id = htons(id++);
278 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
279 (void) send_ether(nfd, (char *)ip, i, gwip);
287 if (!ptest || (ptest == 7)) {
289 * Part7: 0 length fragment
291 printf("1.7.0 Zero length fragments (ip_off = 0x2000)\n");
293 ip->ip_len = sizeof(*ip);
294 ip->ip_off = htons(IP_MF);
295 (void) send_ip(nfd, mtu, ip, gwip, 1);
299 printf("1.7.1 Zero length fragments (ip_off = 0x3000)\n");
301 ip->ip_len = sizeof(*ip);
302 ip->ip_off = htons(IP_MF);
303 (void) send_ip(nfd, mtu, ip, gwip, 1);
307 printf("1.7.2 Zero length fragments (ip_off = 0xa000)\n");
309 ip->ip_len = sizeof(*ip);
310 ip->ip_off = htons(0xa000);
311 (void) send_ip(nfd, mtu, ip, gwip, 1);
315 printf("1.7.3 Zero length fragments (ip_off = 0x0100)\n");
317 ip->ip_len = sizeof(*ip);
318 ip->ip_off = htons(0x0100);
319 (void) send_ip(nfd, mtu, ip, gwip, 1);
324 if (!ptest || (ptest == 8)) {
327 gettimeofday(&tv, NULL);
328 srand(tv.tv_sec ^ getpid() ^ tv.tv_usec);
330 * Part8.1: 63k packet + 1k fragment at offset 0x1ffe
331 * Mark it as being ICMP (so it doesn't get junked), but
332 * don't bother about the ICMP header, we're not worrying
335 ip->ip_p = IPPROTO_ICMP;
336 ip->ip_off = htons(IP_MF);
337 u->uh_dport = htons(9);
338 ip->ip_id = htons(id++);
339 printf("1.8.1 63k packet + 1k fragment at offset 0x1ffe\n");
340 ip->ip_len = 768 + 20 + 8;
341 (void) send_ip(nfd, mtu, ip, gwip, 1);
344 ip->ip_len = MIN(768 + 20, mtu - 68);
346 for (; i < (63 * 1024 + 768); i += 768) {
347 ip->ip_off = htons(IP_MF | (i >> 3));
348 (void) send_ip(nfd, mtu, ip, gwip, 1);
353 ip->ip_len = 896 + 20;
354 ip->ip_off = htons(i >> 3);
355 (void) send_ip(nfd, mtu, ip, gwip, 1);
361 * Part8.2: 63k packet + 1k fragment at offset 0x1ffe
362 * Mark it as being ICMP (so it doesn't get junked), but
363 * don't bother about the ICMP header, we're not worrying
364 * about that here. (Lossage here)
366 ip->ip_p = IPPROTO_ICMP;
367 ip->ip_off = htons(IP_MF);
368 u->uh_dport = htons(9);
369 ip->ip_id = htons(id++);
370 printf("1.8.2 63k packet + 1k fragment at offset 0x1ffe\n");
371 ip->ip_len = 768 + 20 + 8;
372 if ((rand() & 0x1f) != 0) {
373 (void) send_ip(nfd, mtu, ip, gwip, 1);
378 ip->ip_len = MIN(768 + 20, mtu - 68);
380 for (; i < (63 * 1024 + 768); i += 768) {
381 ip->ip_off = htons(IP_MF | (i >> 3));
382 if ((rand() & 0x1f) != 0) {
383 (void) send_ip(nfd, mtu, ip, gwip, 1);
386 printf("skip %d\n", i);
390 ip->ip_len = 896 + 20;
391 ip->ip_off = htons(i >> 3);
392 if ((rand() & 0x1f) != 0) {
393 (void) send_ip(nfd, mtu, ip, gwip, 1);
401 * Part8.3: 33k packet - test for not dealing with -ve length
402 * Mark it as being ICMP (so it doesn't get junked), but
403 * don't bother about the ICMP header, we're not worrying
406 ip->ip_p = IPPROTO_ICMP;
407 ip->ip_off = htons(IP_MF);
408 u->uh_dport = htons(9);
409 ip->ip_id = htons(id++);
410 printf("1.8.3 33k packet\n");
411 ip->ip_len = 768 + 20 + 8;
412 (void) send_ip(nfd, mtu, ip, gwip, 1);
415 ip->ip_len = MIN(768 + 20, mtu - 68);
417 for (; i < (32 * 1024 + 768); i += 768) {
418 ip->ip_off = htons(IP_MF | (i >> 3));
419 (void) send_ip(nfd, mtu, ip, gwip, 1);
424 ip->ip_len = 896 + 20;
425 ip->ip_off = htons(i >> 3);
426 (void) send_ip(nfd, mtu, ip, gwip, 1);
434 if (!ptest || (ptest == 9)) {
436 * Part9: off & 0x8000 == 0x8000
439 ip->ip_off = htons(0x8000);
440 printf("1.9. ip_off & 0x8000 == 0x8000\n");
441 (void) send_ip(nfd, mtu, ip, gwip, 1);
448 if (!ptest || (ptest == 10)) {
454 printf("1.10.0 ip_ttl = 255\n");
455 (void) send_ip(nfd, mtu, ip, gwip, 1);
460 printf("1.10.1 ip_ttl = 128\n");
461 (void) send_ip(nfd, mtu, ip, gwip, 1);
466 printf("1.10.2 ip_ttl = 0\n");
467 (void) send_ip(nfd, mtu, ip, gwip, 1);
476 void ip_test2(dev, mtu, ip, gwip, ptest)
492 nfd = initdevice(dev, 1);
497 ip->ip_len = IP_HL(ip) << 2;
498 s = (u_char *)(ip + 1);
499 s[IPOPT_OPTVAL] = IPOPT_NOP;
501 if (!ptest || (ptest == 1)) {
503 * Test 1: option length > packet length,
504 * header length == packet length
506 s[IPOPT_OPTVAL] = IPOPT_TS;
508 s[IPOPT_OFFSET] = IPOPT_MINOFF;
509 ip->ip_p = IPPROTO_IP;
510 printf("2.1 option length > packet length\n");
511 (void) send_ip(nfd, mtu, ip, gwip, 1);
517 ip->ip_len = IP_HL(ip) << 2;
518 if (!ptest || (ptest == 1)) {
520 * Test 2: options have length = 0
522 printf("2.2.1 option length = 0, RR\n");
523 s[IPOPT_OPTVAL] = IPOPT_RR;
525 (void) send_ip(nfd, mtu, ip, gwip, 1);
529 printf("2.2.2 option length = 0, TS\n");
530 s[IPOPT_OPTVAL] = IPOPT_TS;
532 (void) send_ip(nfd, mtu, ip, gwip, 1);
536 printf("2.2.3 option length = 0, SECURITY\n");
537 s[IPOPT_OPTVAL] = IPOPT_SECURITY;
539 (void) send_ip(nfd, mtu, ip, gwip, 1);
543 printf("2.2.4 option length = 0, LSRR\n");
544 s[IPOPT_OPTVAL] = IPOPT_LSRR;
546 (void) send_ip(nfd, mtu, ip, gwip, 1);
550 printf("2.2.5 option length = 0, SATID\n");
551 s[IPOPT_OPTVAL] = IPOPT_SATID;
553 (void) send_ip(nfd, mtu, ip, gwip, 1);
557 printf("2.2.6 option length = 0, SSRR\n");
558 s[IPOPT_OPTVAL] = IPOPT_SSRR;
560 (void) send_ip(nfd, mtu, ip, gwip, 1);
572 void ip_test3(dev, mtu, ip, gwip, ptest)
579 static int ict1[10] = { 8, 9, 10, 13, 14, 15, 16, 17, 18, 0 };
580 static int ict2[8] = { 3, 9, 10, 13, 14, 17, 18, 0 };
589 IP_HL_A(ip, sizeof(*ip) >> 2);
590 IP_V_A(ip, IPVERSION);
594 ip->ip_p = IPPROTO_ICMP;
596 ip->ip_len = sizeof(*ip) + sizeof(*icp);
597 icp = (struct icmp *)((char *)ip + (IP_HL(ip) << 2));
599 nfd = initdevice(dev, 1);
603 if (!ptest || (ptest == 1)) {
605 * Type 0 - 31, 255, code = 0
607 bzero((char *)icp, sizeof(*icp));
608 for (i = 0; i < 32; i++) {
610 (void) send_icmp(nfd, mtu, ip, gwip);
612 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, i);
614 icp->icmp_type = 255;
615 (void) send_icmp(nfd, mtu, ip, gwip);
617 printf("3.1.%d ICMP type %d code 0 (all 0's)\r", i, 255);
621 if (!ptest || (ptest == 2)) {
623 * Type 3, code = 0 - 31
626 for (i = 0; i < 32; i++) {
628 (void) send_icmp(nfd, mtu, ip, gwip);
630 printf("3.2.%d ICMP type 3 code %d (all 0's)\r", i, i);
634 if (!ptest || (ptest == 3)) {
636 * Type 4, code = 0,127,128,255
640 (void) send_icmp(nfd, mtu, ip, gwip);
642 printf("3.3.1 ICMP type 4 code 0 (all 0's)\r");
643 icp->icmp_code = 127;
644 (void) send_icmp(nfd, mtu, ip, gwip);
646 printf("3.3.2 ICMP type 4 code 127 (all 0's)\r");
647 icp->icmp_code = 128;
648 (void) send_icmp(nfd, mtu, ip, gwip);
650 printf("3.3.3 ICMP type 4 code 128 (all 0's)\r");
651 icp->icmp_code = 255;
652 (void) send_icmp(nfd, mtu, ip, gwip);
654 printf("3.3.4 ICMP type 4 code 255 (all 0's)\r");
657 if (!ptest || (ptest == 4)) {
659 * Type 5, code = 0,127,128,255
663 (void) send_icmp(nfd, mtu, ip, gwip);
665 printf("3.4.1 ICMP type 5 code 0 (all 0's)\r");
666 icp->icmp_code = 127;
667 (void) send_icmp(nfd, mtu, ip, gwip);
669 printf("3.4.2 ICMP type 5 code 127 (all 0's)\r");
670 icp->icmp_code = 128;
671 (void) send_icmp(nfd, mtu, ip, gwip);
673 printf("3.4.3 ICMP type 5 code 128 (all 0's)\r");
674 icp->icmp_code = 255;
675 (void) send_icmp(nfd, mtu, ip, gwip);
677 printf("3.4.4 ICMP type 5 code 255 (all 0's)\r");
680 if (!ptest || (ptest == 5)) {
682 * Type 8-10;13-18, code - 0,127,128,255
684 for (i = 0; ict1[i]; i++) {
685 icp->icmp_type = ict1[i];
687 (void) send_icmp(nfd, mtu, ip, gwip);
689 printf("3.5.%d ICMP type 5 code 0 (all 0's)\r",
691 icp->icmp_code = 127;
692 (void) send_icmp(nfd, mtu, ip, gwip);
694 printf("3.5.%d ICMP type 5 code 127 (all 0's)\r",
696 icp->icmp_code = 128;
697 (void) send_icmp(nfd, mtu, ip, gwip);
699 printf("3.5.%d ICMP type 5 code 128 (all 0's)\r",
701 icp->icmp_code = 255;
702 (void) send_icmp(nfd, mtu, ip, gwip);
704 printf("3.5.%d ICMP type 5 code 255 (all 0's)\r",
710 if (!ptest || (ptest == 6)) {
712 * Type 12, code - 0,127,128,129,255
716 (void) send_icmp(nfd, mtu, ip, gwip);
718 printf("3.6.1 ICMP type 12 code 0 (all 0's)\r");
719 icp->icmp_code = 127;
720 (void) send_icmp(nfd, mtu, ip, gwip);
722 printf("3.6.2 ICMP type 12 code 127 (all 0's)\r");
723 icp->icmp_code = 128;
724 (void) send_icmp(nfd, mtu, ip, gwip);
726 printf("3.6.3 ICMP type 12 code 128 (all 0's)\r");
727 icp->icmp_code = 129;
728 (void) send_icmp(nfd, mtu, ip, gwip);
730 printf("3.6.4 ICMP type 12 code 129 (all 0's)\r");
731 icp->icmp_code = 255;
732 (void) send_icmp(nfd, mtu, ip, gwip);
734 printf("3.6.5 ICMP type 12 code 255 (all 0's)\r");
738 if (!ptest || (ptest == 7)) {
740 * Type 3;9-10;13-14;17-18 - shorter packets
742 ip->ip_len = sizeof(*ip) + sizeof(*icp) / 2;
743 for (i = 0; ict2[i]; i++) {
744 icp->icmp_type = ict1[i];
746 (void) send_icmp(nfd, mtu, ip, gwip);
748 printf("3.5.%d ICMP type %d code 0 (all 0's)\r",
749 i * 4, icp->icmp_type);
750 icp->icmp_code = 127;
751 (void) send_icmp(nfd, mtu, ip, gwip);
753 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
754 i * 4 + 1, icp->icmp_type);
755 icp->icmp_code = 128;
756 (void) send_icmp(nfd, mtu, ip, gwip);
758 printf("3.5.%d ICMP type %d code 128 (all 0's)\r",
759 i * 4 + 2, icp->icmp_type);
760 icp->icmp_code = 255;
761 (void) send_icmp(nfd, mtu, ip, gwip);
763 printf("3.5.%d ICMP type %d code 127 (all 0's)\r",
764 i * 4 + 3, icp->icmp_type);
771 /* Perform test 4 (UDP) */
773 void ip_test4(dev, mtu, ip, gwip, ptest)
789 IP_HL_A(ip, sizeof(*ip) >> 2);
790 IP_V_A(ip, IPVERSION);
794 ip->ip_p = IPPROTO_UDP;
796 u = (udphdr_t *)((char *)ip + (IP_HL(ip) << 2));
797 u->uh_sport = htons(1);
798 u->uh_dport = htons(1);
799 u->uh_ulen = htons(sizeof(*u) + 4);
801 nfd = initdevice(dev, 1);
805 if (!ptest || (ptest == 1)) {
807 * Test 1. ulen > packet
809 u->uh_ulen = htons(sizeof(*u) + 4);
810 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
811 printf("4.1 UDP uh_ulen > packet size - short packets\n");
812 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
813 u->uh_ulen = htons(i);
814 (void) send_udp(nfd, 1500, ip, gwip);
822 if (!ptest || (ptest == 2)) {
824 * Test 2. ulen < packet
826 u->uh_ulen = htons(sizeof(*u) + 4);
827 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
828 printf("4.2 UDP uh_ulen < packet size - short packets\n");
829 for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) {
831 (void) send_udp(nfd, 1500, ip, gwip);
839 if (!ptest || (ptest == 3)) {
841 * Test 3: sport = 0, sport = 1, sport = 32767
842 * sport = 32768, sport = 65535
844 u->uh_ulen = sizeof(*u) + 4;
845 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
846 printf("4.3.1 UDP sport = 0\n");
848 (void) send_udp(nfd, 1500, ip, gwip);
852 printf("4.3.2 UDP sport = 1\n");
853 u->uh_sport = htons(1);
854 (void) send_udp(nfd, 1500, ip, gwip);
858 printf("4.3.3 UDP sport = 32767\n");
859 u->uh_sport = htons(32767);
860 (void) send_udp(nfd, 1500, ip, gwip);
864 printf("4.3.4 UDP sport = 32768\n");
865 u->uh_sport = htons(32768);
866 (void) send_udp(nfd, 1500, ip, gwip);
871 printf("4.3.5 UDP sport = 65535\n");
872 u->uh_sport = htons(65535);
873 (void) send_udp(nfd, 1500, ip, gwip);
879 if (!ptest || (ptest == 4)) {
881 * Test 4: dport = 0, dport = 1, dport = 32767
882 * dport = 32768, dport = 65535
884 u->uh_ulen = ntohs(sizeof(*u) + 4);
885 u->uh_sport = htons(1);
886 ip->ip_len = (IP_HL(ip) << 2) + ntohs(u->uh_ulen);
887 printf("4.4.1 UDP dport = 0\n");
889 (void) send_udp(nfd, 1500, ip, gwip);
893 printf("4.4.2 UDP dport = 1\n");
894 u->uh_dport = htons(1);
895 (void) send_udp(nfd, 1500, ip, gwip);
899 printf("4.4.3 UDP dport = 32767\n");
900 u->uh_dport = htons(32767);
901 (void) send_udp(nfd, 1500, ip, gwip);
905 printf("4.4.4 UDP dport = 32768\n");
906 u->uh_dport = htons(32768);
907 (void) send_udp(nfd, 1500, ip, gwip);
911 printf("4.4.5 UDP dport = 65535\n");
912 u->uh_dport = htons(65535);
913 (void) send_udp(nfd, 1500, ip, gwip);
919 if (!ptest || (ptest == 5)) {
921 * Test 5: sizeof(ip_t) <= MTU <= sizeof(udphdr_t) +
924 printf("4.5 UDP 20 <= MTU <= 32\n");
925 for (i = sizeof(*ip); i <= ntohs(u->uh_ulen); i++) {
926 (void) send_udp(nfd, i, ip, gwip);
936 /* Perform test 5 (TCP) */
938 void ip_test5(dev, mtu, ip, gwip, ptest)
953 t = (tcphdr_t *)((char *)ip + (IP_HL(ip) << 2));
954 #if !defined(linux) && !defined(__osf__)
958 t->th_sport = htons(1);
959 t->th_dport = htons(1);
960 t->th_win = htons(4096);
963 t->th_seq = htonl(1);
965 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
967 nfd = initdevice(dev, 1);
971 if (!ptest || (ptest == 1)) {
973 * Test 1: flags variations, 0 - 3f
975 TCP_OFF_A(t, sizeof(*t) >> 2);
976 printf("5.1 Test TCP flag combinations\n");
977 for (i = 0; i <= (TH_URG|TH_ACK|TH_PUSH|TH_RST|TH_SYN|TH_FIN);
980 (void) send_tcp(nfd, mtu, ip, gwip);
988 if (!ptest || (ptest == 2)) {
989 t->th_flags = TH_SYN;
991 * Test 2: seq = 0, seq = 1, seq = 0x7fffffff, seq=0x80000000,
992 * seq = 0xa000000, seq = 0xffffffff
994 printf("5.2.1 TCP seq = 0\n");
995 t->th_seq = htonl(0);
996 (void) send_tcp(nfd, mtu, ip, gwip);
1000 printf("5.2.2 TCP seq = 1\n");
1001 t->th_seq = htonl(1);
1002 (void) send_tcp(nfd, mtu, ip, gwip);
1006 printf("5.2.3 TCP seq = 0x7fffffff\n");
1007 t->th_seq = htonl(0x7fffffff);
1008 (void) send_tcp(nfd, mtu, ip, gwip);
1012 printf("5.2.4 TCP seq = 0x80000000\n");
1013 t->th_seq = htonl(0x80000000);
1014 (void) send_tcp(nfd, mtu, ip, gwip);
1018 printf("5.2.5 TCP seq = 0xc0000000\n");
1019 t->th_seq = htonl(0xc0000000);
1020 (void) send_tcp(nfd, mtu, ip, gwip);
1024 printf("5.2.6 TCP seq = 0xffffffff\n");
1025 t->th_seq = htonl(0xffffffff);
1026 (void) send_tcp(nfd, mtu, ip, gwip);
1031 if (!ptest || (ptest == 3)) {
1032 t->th_flags = TH_ACK;
1034 * Test 3: ack = 0, ack = 1, ack = 0x7fffffff, ack = 0x8000000
1035 * ack = 0xa000000, ack = 0xffffffff
1037 printf("5.3.1 TCP ack = 0\n");
1039 (void) send_tcp(nfd, mtu, ip, gwip);
1043 printf("5.3.2 TCP ack = 1\n");
1044 t->th_ack = htonl(1);
1045 (void) send_tcp(nfd, mtu, ip, gwip);
1049 printf("5.3.3 TCP ack = 0x7fffffff\n");
1050 t->th_ack = htonl(0x7fffffff);
1051 (void) send_tcp(nfd, mtu, ip, gwip);
1055 printf("5.3.4 TCP ack = 0x80000000\n");
1056 t->th_ack = htonl(0x80000000);
1057 (void) send_tcp(nfd, mtu, ip, gwip);
1061 printf("5.3.5 TCP ack = 0xc0000000\n");
1062 t->th_ack = htonl(0xc0000000);
1063 (void) send_tcp(nfd, mtu, ip, gwip);
1067 printf("5.3.6 TCP ack = 0xffffffff\n");
1068 t->th_ack = htonl(0xffffffff);
1069 (void) send_tcp(nfd, mtu, ip, gwip);
1074 if (!ptest || (ptest == 4)) {
1075 t->th_flags = TH_SYN;
1077 * Test 4: win = 0, win = 32768, win = 65535
1079 printf("5.4.1 TCP win = 0\n");
1080 t->th_seq = htonl(0);
1081 (void) send_tcp(nfd, mtu, ip, gwip);
1085 printf("5.4.2 TCP win = 32768\n");
1086 t->th_seq = htonl(0x7fff);
1087 (void) send_tcp(nfd, mtu, ip, gwip);
1091 printf("5.4.3 TCP win = 65535\n");
1092 t->th_win = htons(0xffff);
1093 (void) send_tcp(nfd, mtu, ip, gwip);
1098 #if !defined(linux) && !defined(__SVR4) && !defined(__svr4__) && \
1099 !defined(__sgi) && !defined(__hpux) && !defined(__osf__)
1101 struct tcpcb *tcbp, tcb;
1103 struct sockaddr_in sin;
1107 bzero((char *)&sin, sizeof(sin));
1109 for (i = 1; i < 63; i++) {
1110 fd = socket(AF_INET, SOCK_STREAM, 0);
1111 bzero((char *)&sin, sizeof(sin));
1112 sin.sin_addr.s_addr = ip->ip_dst.s_addr;
1113 sin.sin_port = htons(i);
1114 sin.sin_family = AF_INET;
1115 if (!connect(fd, (struct sockaddr *)&sin, sizeof(sin)))
1121 printf("Couldn't open a TCP socket between ports 1 and 63\n");
1122 printf("to host %s for test 5 and 6 - skipping.\n",
1123 inet_ntoa(ip->ip_dst));
1124 goto skip_five_and_six;
1127 bcopy((char *)ip, (char *)&ti, sizeof(*ip));
1128 t->th_dport = htons(i);
1130 if (!getsockname(fd, (struct sockaddr *)&sin, &slen))
1131 t->th_sport = sin.sin_port;
1132 if (!(tcbp = find_tcp(fd, &ti))) {
1133 printf("Can't find PCB\n");
1134 goto skip_five_and_six;
1136 KMCPY(&tcb, tcbp, sizeof(tcb));
1137 ti.ti_win = tcb.rcv_adv;
1138 ti.ti_seq = htonl(tcb.snd_nxt - 1);
1139 ti.ti_ack = tcb.rcv_nxt;
1141 if (!ptest || (ptest == 5)) {
1145 t->th_flags = TH_ACK|TH_URG;
1146 printf("5.5.1 TCP Urgent pointer, sport %hu dport %hu\n",
1147 ntohs(t->th_sport), ntohs(t->th_dport));
1148 t->th_urp = htons(1);
1149 (void) send_tcp(nfd, mtu, ip, gwip);
1152 t->th_seq = htonl(tcb.snd_nxt);
1153 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t) + 1;
1154 t->th_urp = htons(0x7fff);
1155 (void) send_tcp(nfd, mtu, ip, gwip);
1157 t->th_urp = htons(0x8000);
1158 (void) send_tcp(nfd, mtu, ip, gwip);
1160 t->th_urp = htons(0xffff);
1161 (void) send_tcp(nfd, mtu, ip, gwip);
1164 t->th_flags &= ~TH_URG;
1165 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1168 if (!ptest || (ptest == 6)) {
1170 * Test 6: data offset, off = 0, off is inside, off is outside
1172 t->th_flags = TH_ACK;
1173 printf("5.6.1 TCP off = 1-15, len = 40\n");
1174 for (i = 1; i < 16; i++) {
1175 TCP_OFF_A(t, ntohs(i));
1176 (void) send_tcp(nfd, mtu, ip, gwip);
1182 ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t);
1189 t->th_seq = htonl(1);
1190 t->th_ack = htonl(1);
1193 if (!ptest || (ptest == 7)) {
1194 t->th_flags = TH_SYN;
1196 * Test 7: sport = 0, sport = 1, sport = 32767
1197 * sport = 32768, sport = 65535
1199 printf("5.7.1 TCP sport = 0\n");
1201 (void) send_tcp(nfd, mtu, ip, gwip);
1205 printf("5.7.2 TCP sport = 1\n");
1206 t->th_sport = htons(1);
1207 (void) send_tcp(nfd, mtu, ip, gwip);
1211 printf("5.7.3 TCP sport = 32767\n");
1212 t->th_sport = htons(32767);
1213 (void) send_tcp(nfd, mtu, ip, gwip);
1217 printf("5.7.4 TCP sport = 32768\n");
1218 t->th_sport = htons(32768);
1219 (void) send_tcp(nfd, mtu, ip, gwip);
1223 printf("5.7.5 TCP sport = 65535\n");
1224 t->th_sport = htons(65535);
1225 (void) send_tcp(nfd, mtu, ip, gwip);
1230 if (!ptest || (ptest == 8)) {
1231 t->th_sport = htons(1);
1232 t->th_flags = TH_SYN;
1234 * Test 8: dport = 0, dport = 1, dport = 32767
1235 * dport = 32768, dport = 65535
1237 printf("5.8.1 TCP dport = 0\n");
1239 (void) send_tcp(nfd, mtu, ip, gwip);
1243 printf("5.8.2 TCP dport = 1\n");
1244 t->th_dport = htons(1);
1245 (void) send_tcp(nfd, mtu, ip, gwip);
1249 printf("5.8.3 TCP dport = 32767\n");
1250 t->th_dport = htons(32767);
1251 (void) send_tcp(nfd, mtu, ip, gwip);
1255 printf("5.8.4 TCP dport = 32768\n");
1256 t->th_dport = htons(32768);
1257 (void) send_tcp(nfd, mtu, ip, gwip);
1261 printf("5.8.5 TCP dport = 65535\n");
1262 t->th_dport = htons(65535);
1263 (void) send_tcp(nfd, mtu, ip, gwip);
1268 /* LAND attack - self connect, so make src & dst ip/port the same */
1269 if (!ptest || (ptest == 9)) {
1270 printf("5.9 TCP LAND attack. sport = 25, dport = 25\n");
1271 /* chose SMTP port 25 */
1272 t->th_sport = htons(25);
1273 t->th_dport = htons(25);
1274 t->th_flags = TH_SYN;
1275 ip->ip_src = ip->ip_dst;
1276 (void) send_tcp(nfd, mtu, ip, gwip);
1281 /* TCP options header checking */
1282 /* 0 length options, etc */
1286 /* Perform test 6 (exhaust mbuf test) */
1288 void ip_test6(dev, mtu, ip, gwip, ptest)
1292 struct in_addr gwip;
1295 #ifdef USE_NANOSLEEP
1303 IP_V_A(ip, IPVERSION);
1307 ip->ip_p = IPPROTO_UDP;
1309 u = (udphdr_t *)(ip + 1);
1310 u->uh_sport = htons(1);
1311 u->uh_dport = htons(9);
1314 nfd = initdevice(dev, 1);
1318 u->uh_ulen = htons(7168);
1320 printf("6. Exhaustive mbuf test.\n");
1321 printf(" Send 7k packet in 768 & 128 byte fragments, 128 times.\n");
1322 printf(" Total of around 8,900 packets\n");
1323 for (i = 0; i < 128; i++) {
1325 * First send the entire packet in 768 byte chunks.
1327 ip->ip_len = sizeof(*ip) + 768 + sizeof(*u);
1328 IP_HL_A(ip, sizeof(*ip) >> 2);
1329 ip->ip_off = htons(IP_MF);
1330 (void) send_ip(nfd, 1500, ip, gwip, 1);
1331 printf("%d %d\r", i, 0);
1335 * And again using 128 byte chunks.
1337 ip->ip_len = sizeof(*ip) + 128 + sizeof(*u);
1338 ip->ip_off = htons(IP_MF);
1339 (void) send_ip(nfd, 1500, ip, gwip, 1);
1340 printf("%d %d\r", i, 0);
1344 for (j = 768; j < 3584; j += 768) {
1345 ip->ip_len = sizeof(*ip) + 768;
1346 ip->ip_off = htons(IP_MF|(j>>3));
1347 (void) send_ip(nfd, 1500, ip, gwip, 1);
1348 printf("%d %d\r", i, j);
1352 ip->ip_len = sizeof(*ip) + 128;
1353 for (k = j - 768; k < j; k += 128) {
1354 ip->ip_off = htons(IP_MF|(k>>3));
1355 (void) send_ip(nfd, 1500, ip, gwip, 1);
1356 printf("%d %d\r", i, k);
1366 /* Perform test 7 (random packets) */
1368 static u_long tbuf[64];
1370 void ip_test7(dev, mtu, ip, gwip, ptest)
1374 struct in_addr gwip;
1378 #ifdef USE_NANOSLEEP
1386 nfd = initdevice(dev, 1);
1392 srand(time(NULL) ^ (getpid() * getppid()));
1394 printf("7. send 1024 random IP packets.\n");
1396 for (i = 0; i < 512; i++) {
1397 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1398 *s = (rand() >> 13) & 0xff;
1399 IP_V_A(pip, IPVERSION);
1400 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1401 sizeof(struct in_addr));
1403 pip->ip_len &= 0xff;
1404 (void) send_ip(nfd, mtu, pip, gwip, 0);
1411 for (i = 0; i < 512; i++) {
1412 for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++)
1413 *s = (rand() >> 13) & 0xff;
1414 IP_V_A(pip, IPVERSION);
1415 pip->ip_off &= htons(0xc000);
1416 bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst,
1417 sizeof(struct in_addr));
1419 pip->ip_len &= 0xff;
1420 (void) send_ip(nfd, mtu, pip, gwip, 0);