1#!/usr/bin/env python
2#-
3# SPDX-License-Identifier: BSD-2-Clause
4#
5# Copyright (c) 2019 Netflix, Inc.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10# 1. Redistributions of source code must retain the above copyright
11#    notice, this list of conditions and the following disclaimer.
12# 2. Redistributions in binary form must reproduce the above copyright
13#    notice, this list of conditions and the following disclaimer in the
14#    documentation and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26# SUCH DAMAGE.
27#
28#
29
30import argparse
31import logging
32logging.getLogger("scapy").setLevel(logging.CRITICAL)
33import scapy.all as sp
34import socket
35import sys
36from sniffer import Sniffer
37from time import sleep
38
39def check_icmp6_error(args, packet):
40	ip6 = packet.getlayer(sp.IPv6)
41	if not ip6:
42		return False
43	oip6 = sp.IPv6(src=args.src[0], dst=args.to[0])
44	if ip6.dst != oip6.src:
45		return False
46	icmp6 = packet.getlayer(sp.ICMPv6ParamProblem)
47	if not icmp6:
48		return False
49	# ICMP6_PARAMPROB_HEADER 0
50	if icmp6.code != 0:
51		return False
52	# Should we check the payload as well?
53	# We are running in a very isolated environment and nothing else
54	# should trigger an ICMPv6 Param Prob so leave it.
55	#icmp6.display()
56	return True
57
58def check_icmp6_error_2(args, packet):
59	ip6 = packet.getlayer(sp.IPv6)
60	if not ip6:
61		return False
62	oip6 = sp.IPv6(src=args.src[0], dst=args.to[0])
63	if ip6.dst != oip6.src:
64		return False
65	icmp6 = packet.getlayer(sp.ICMPv6TimeExceeded)
66	if not icmp6:
67		return False
68	# ICMP6_TIME_EXCEED_REASSEMBLY 1
69	if icmp6.code != 1:
70		return False
71	# Should we check the payload as well?
72	# We are running in a very isolated environment and nothing else
73	# should trigger an ICMPv6 Time Exceeded / Frag reassembly so leave it.
74	#icmp6.display()
75	return True
76
77def main():
78	parser = argparse.ArgumentParser("frag6.py",
79		description="IPv6 fragementation test tool")
80	parser.add_argument('--sendif', nargs=1,
81		required=True,
82		help='The interface through which the packet will be sent')
83	parser.add_argument('--recvif', nargs=1,
84		required=True,
85		help='The interface on which to check for the packet')
86	parser.add_argument('--src', nargs=1,
87		required=True,
88		help='The source IP address')
89	parser.add_argument('--to', nargs=1,
90		required=True,
91		help='The destination IP address')
92	parser.add_argument('--debug',
93		required=False, action='store_true',
94		help='Enable test debugging')
95
96	args = parser.parse_args()
97
98
99	# Start sniffing on recvif
100	sniffer = Sniffer(args, check_icmp6_error)
101	sniffer2 = Sniffer(args, check_icmp6_error_2)
102
103
104	########################################################################
105	#
106	# Two fragments with payload and offset set to add up to >64k.
107	#
108	# Make a first fragment arrive and a second to explode everything.
109	#
110	# A:  Reassembly failure.
111	# R:  ICMPv6 param prob, param header.
112	# R:  ICMPv6 timeout (1st frag, off=0)
113	#
114	data = "6" * 1280
115	ip6f01 = \
116		sp.Ether() / \
117		sp.IPv6(src=args.src[0], dst=args.to[0]) / \
118		sp.IPv6ExtHdrFragment(offset=0, m=1, id=7) / \
119		sp.UDP(dport=3456, sport=6543) / \
120		data
121	ip6f02 = \
122		sp.Ether() / \
123		sp.IPv6(src=args.src[0], dst=args.to[0]) / \
124		sp.IPv6ExtHdrFragment(offset=0x1fff, m=1, id=7) / \
125		sp.UDP(dport=3456, sport=6543) / \
126		data
127	if args.debug :
128		ip6f01.display()
129		ip6f02.display()
130	sp.sendp(ip6f01, iface=args.sendif[0], verbose=False)
131	sp.sendp(ip6f02, iface=args.sendif[0], verbose=False)
132
133	sleep(1.00)
134	sniffer.setEnd()
135	sniffer.join()
136	if not sniffer.foundCorrectPacket:
137		sys.exit(1)
138
139
140	# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # ##
141	#
142	# A fragment with payload and offset set to add up to >64k.
143	#
144	# Try again with the first packet to make things explode.
145	#
146	# A:  Reassembly failure.
147	# R:  ICMPv6 param prob, param header.
148	#
149
150	# Start sniffing on recvif
151	sniffer = Sniffer(args, check_icmp6_error)
152
153	ip6f01 = \
154		sp.Ether() / \
155		sp.IPv6(src=args.src[0], dst=args.to[0]) / \
156		sp.IPv6ExtHdrFragment(offset=0x1fff, m=1, id=0x7001) / \
157		sp.UDP(dport=3456, sport=6543) / \
158		data
159	if args.debug :
160		ip6f01.display()
161	sp.sendp(ip6f01, iface=args.sendif[0], verbose=False)
162
163	sleep(0.10)
164	sniffer.setEnd()
165	sniffer.join()
166	if not sniffer.foundCorrectPacket:
167		sys.exit(1)
168
169	# Wait for expiry from first test run.
170	sleep(3)
171	sniffer2.setEnd()
172	sniffer2.join()
173	if not sniffer2.foundCorrectPacket:
174		sys.exit(1)
175
176	sys.exit(0)
177
178if __name__ == '__main__':
179	main()
180