AN_BASES= $(basename $(wildcard recv-*.pcap))
AN_LOGS= $(addsuffix .log,$(AN_BASES))
AN_DIFFS= $(addsuffix .diff,$(AN_BASES))
-AN_TARGETS= $(AN_LOGS) $(AN_DIFFS)
+AN_MDIFFS= $(addsuffix .mdiff,$(AN_BASES))
+AN_SUMMARIES= $(addsuffix .summary,$(AN_BASES))
+AN_TARGETS= $(AN_LOGS) $(AN_DIFFS) $(AN_MDIFFS) $(AN_SUMMARIES)
INFORM= @echo ' GENERATED THESE FILES:'; \
echo ' $^'
anal analyse: $(AN_TARGETS)
$(INFORM)
-send-all.pcap: $(A_PCAPS) Makefile
+send-all.pcap: $(A_PCAPS)
rm -f $@
dd if=$< ibs=24 count=1 of=$@
set -e; for f in $(A_PCAPS); do \
nl -bp'^ ? ? ?[0-9]' <$@.1.tmp >$@.2.tmp
@mv -f $@.2.tmp $@
-send-%.pcap send-%.why: ./make-probes.tcl Makefile
+send-%.pcap send-%.why: ./make-probes.tcl
./make-probes.tcl --write $@ --mtu $(MTU) --upto $(PERPART) \
--source $(SOURCE) \
--dest $(DEST) \
--xseed "$* $(UNIQUE)" >send-$*.why
-%.log: %.pcap lnumber-tcpdump.pl Makefile
- tcpdump -tnxvvs$$(($(MTU)+500)) -r $< >$@.1.tmp
+%.log: %.pcap lnumber-tcpdump.pl blank-ttl-ipcsum.pl Makefile
+ tcpdump -tnxvvs$$(($(MTU)+500)) -r $< >$@.0.tmp
+ ./blank-ttl-ipcsum.pl <$@.0.tmp >$@.1.tmp
./lnumber-tcpdump.pl <$@.1.tmp >$@.2.tmp
@mv -f $@.2.tmp $@
recv-%.diff: send-%.log recv-%.log
diff -uI'^[0-9]' $^ >$@ || test $$? == 1
+recv-%.mdiff: send-%.log recv-%.log
+ diff -U 1 -I'^[0-9]\|^ [ ][ ]' $^ >$@ \
+ || test $$? == 1
+
+recv-%.summary: recv-%.mdiff mdiff-summarise.pl
+ ./mdiff-summarise.pl <$< >$@.1.tmp
+ @mv -f $@.1.tmp $@
+
%.sh: %.template Makefile
sed <$< >$@.tmp -e ' \
s/@@M/'$$(($(MTU)+500))'/; \
* When it has finished, kill on-dest.sh and monitor.sh.
Copy the file recv-1.pcap back to your analysis machine, and
there say `make anal'.
- * This will generate `recv-1.log' and `recv-1.diff'.
- Read the diff and see if it's by and large working.
+ * This will generate
+ recv-1.log recv-1.diff recv-1.mdiff recv-1.summary
+ Read the diffs and see if it's by and large working.
See below for information about interpreting the various files.
3. Run the full test
INTERPRETATION OF THE TEXT FILES - EXAMPLE
+
+You probably want to start with the recv-*.summary files. Here's an
+example line (folded and indented here to make it easier to read:
+
+-7 80.4.4.56 > 212.22.195.1: 6.115.30.33.50 > 158.55.15.27.50: \
+ udp 37 (DF) [tos 0xaf] (ttl 255, id 55590) [tos 0x62] (ttl ###, id 21803)
+
+This means that packet no.7 either the packet didn't arrive, or
+tcpdump produced different a summary line for the second packet.
+
+The recv-*.summary and recv-*.mdiff files DO NOT contain information
+about packets whose bodies changed, unless tcpdump reported the change
+in its summary. recv-*.diff contains ALL changes, even to meaningless
+parts of packets, except changes to the IP TTL and IP header checksum
+(which are expected to change).
+
+So, you can then look in recv-1.mdiff and recv-1.diff for more
+information about packet no.7, if you're interested. See below for
+help on interpreting the diffs.
+
+
Here is an example of a diff you might see:
@@ -23,12 +15,7 @@
missing. So, we can look in send-1.why or send-all.why, as
appropriate, and see this:
+batch packet within batch
+ | /
1 5 tos=0xe7 id=30130 df (!any) proto=icmp[1] \
(any) type=75 (junk) l=11 code=140
45e7002375b24000ff0152f2ac122d23ac122d064b8c34ba4844ce2d1bde5caf0ab9e6
-In send-all.why, these are prepended by another line number, which is
-the one you should use, so it would look like this:
+or this:
+ batch packet within batch
+ | /
5 1 5 tos=0xe7 id=30130 df (!any) proto=icmp[1] \
- (any) type=75 (junk) l=11 code=140
- 45e7002375b24000ff0152f2ac122d23ac122d064b8c34ba4844ce2d\
- 1bde5caf0ab9e6
-
-(The other two numbers are the batch and line within the batch.
-I have wrapped this here with \ and some indentation for ease of
-reading.)
+ / (any) type=75 (junk) l=11 code=140
+ overall 45e7002375b24000ff0152f2ac122d23ac122d064b8c34ba4844ce2d\
+ packet no. 1bde5caf0ab9e6
You can see the hex dump of the packet, which is the same as the one
in the tcpdump output, except that the tcpdump one has some extra
~ianmdlvl / vinegar-ip.git / commitdiff