--- /dev/null
+# INSTRUCTIONS
+#
+# This is a tool for TCP transparency testing. It allows you to send
+# a wide variety of `interesting' packets from one nominated machine
+# to another, and then examine what arrived to see if there are any
+# differences.
+#
+# Up to 4 hosts are involved: one to do the test dataset generation, a
+# sender, a receiver, and one to do the analysis.
+#
+#
+# WHAT YOU WILL NEED
+#
+# on the machine you generate the test data
+# This Makefile and corresponding Tcl script
+# Tcl (as /usr/bin/tclsh)
+# OpenSSL (as `openssl' on PATH)
+# Lots of CPU ! (the generation script is rather slow)
+#
+# on the sending machine
+# tcpreplay (http://www.subterrain.net/tools/tcpreplay/,
+# or from Debian testing 3.5.2002. I used 1.0.1-1.1)
+# and root privilege to run it
+#
+# on the receiving machine
+# tcpdump for packet capture, and root privilege to run it
+# The `on-dest.sh' script that this Makefile creates
+#
+# on the analysis machine
+# tcpdump for converting trace files only, no root privilege
+# This Makefile to drive tcpdump for you, if you like
+# diff to look at the output
+#
+# It will be much better if the machines you are using do not have any
+# other traffic. If they do the tests may disrupt it, and it'll get
+# in the way of your analysis too.
+#
+#
+# WHAT TO DO
+#
+# 1. Generate the test data.
+# * Edit this Makefile.
+# You /must/ change SOURCE and DEST; they must be IPv4 addresses.
+# You may also change PARTS, PERPART or MTU if you like.
+# * Say `make -j2 generate'. This will generate the test data sets.
+# This will take a while. Vary the -j for your system.
+# * Copy send-*.pcap and on-dest.sh to the sending machine.
+#
+# 2. Run one of the tests
+# * Pick a PART number, say 1, to start with.
+# * On the receiving machine, say, as root,
+# ./on-dest.sh PART
+# and leave it running.
+# * On the sending machine, say, as root,
+# tcpreplay -m 1 <send-PART.pcap
+# The -m 1 option makes tcpreplay send the packets at one a
+# second (they are generated as if they were captured at one
+# a second); this avoids flooding the network, which causes
+# congestion, packet loss and maybe other randomness.
+# This will take (by default) 100 seconds.
+
+#
+#
+#
+# FILES INVOLVED
+# Those made by `make generate':
+# send-*.pcap `pcap' format raw test data files
+# (feed this to tcpreplay -m 1)
+# send-*.log tcpdump's interpretation of the test data
+# with line numbers added
+# send-*.why The generator's explanations (ha ha) of
+# what the test data is
+# on-dest.sh Script for running tcpdump on the destination
+#
+# Those supposedly captured at the destination
+# recv-*.pcap `pcap' format raw received packets
+#
+# Those made during the analysis:
+# recv-*.log tcpdump's interpretation of the received packets
+# recv-*.diff difference between send-*.log and recv-*.log
+# all.diff all the .diff's concatenated in one easy file
+#
+#
+# On the receiving machine,
+#
+#
+# on the
+# Run this makefile anywhere to generate the test data sets
+#
+
+
+SOURCE= 172.18.45.35
+DEST= 172.18.45.35
+
+UNIQUE=
+# set UNIQUE to something random for less observability
+
+MTU= 100
+
+# no of packets in each individual part, including part 1
+PERPART= 10
+
+# `rest' is made of PARTS-1 parts of PERPART packets
+PARTS= 10
+
+# You shouldn't need to edit anything beyond this point.
+
+FEW_TARGETS= on-dest.sh \
+ send-1.pcap send-1.log send-1.why
+
+TARGETS= $(GEN_SMALL) \
+ send-rest.pcap send-rest.log send-rest.why
+
+R_PARTNOS= $(shell \
+ set -e; i=2; while [ $$i -le $(PARTS) ]; do \
+ echo $$i; i=$$(( $$i + 1)); done \
+ )
+
+R_BASES= $(addprefix send-,1 $(R_PARTNOS))
+R_PCAPS= $(addsuffix .pcap,$(R_BASES))
+R_WHYS= $(addsuffix .why,$(R_BASES))
+
+all: $(TARGETS)
+few: $(FEW_TARGETS)
+
+send-rest.pcap: $(R_PCAPS)
+ rm -f $@
+ dd if=$< ibs=24 count=1 of=$@
+ set -e; for f in $^; do \
+ dd ibs=24 skip=1 if=$$f >>$@; done
+
+send-rest.why: $(R_WHYS)
+ cat $(R_WHYS) >$@.1.tmp
+ nl -bp'^ ? ? ?[0-9]' <$@.1.tmp >$@.2.tmp
+ @mv -f $@.2.tmp $@
+
+send-%.pcap: ./make-probes.tcl
+ ./make-probes.tcl --write $@ --mtu $(MTU) --upto $(PERPART) \
+ --source $(SOURCE) --dest $(DEST) --xseed "$* $(UNIQUE)" \
+ >send-$*.why
+
+%.log: %.pcap
+ tcpdump -tnxvvs$$(($(MTU)+50)) -r $< >$@.1.tmp
+ nl -bp'^[0-9]' <$@.1.tmp >$@.2.tmp
+ @mv -f $@.2.tmp $@
+
+on-dest.sh: Makefile
+ @rm -f $@
+ echo >$@ "#!/bin/sh"
+ @echo >>$@ "# run this script on $(DEST) as root, saying:"
+ @echo >>$@ "# ./on-dest.sh PART"
+ @echo >>$@ "# where PART ranges from 1 to $(PARTS)"
+ @echo >>$@ "if ! [ \$$# = 1 ]; then echo >&2 'PART?'; exit 1; fi"
+ @echo >>$@ "exec tcpdump -ps$$(($(MTU)+50)) -w recv-\$$1.pcap \\"
+ @echo >>$@ " src host $(SOURCE) and dst host $(DEST)"
+ chmod +x $@
+
+clean:
+ rm -f *.tmp *~ t u v
+
+realclean: clean
+ rm -f $(TARGETS) *.pcap *.why *.log
-#!/usr/bin/tclsh8.2
+#!/usr/bin/tclsh
proc debug {level str} {
# MAYADD ICMP traceroute RFC1393
# MAYADD ICMP router discovery RFC1256
-proc port-pair {scope} {
- get-for $scope
-
- get style choice-mult \
- request 0.15 \
- reply 0.15 \
- servers 0.20 \
- random
-
- if {"$style" != "random"} {
- get port enum-def
- set def_port $port
- } else {
- set def_port x
- }
- if {"$style" != "servers"} {
- get port enum-rand 0 0xffff
- set rand_port $port
- }
- switch -exact $style {
- random { set source_port $rand_port; set dest_port $rand_port }
- request { set source_port $rand_port; set dest_port $def_port }
- reply { set source_port $def_port; set dest_port $rand_port }
- servers { set source_port $def_port; set dest_port $def_port }
- }
- return [list $source_port $dest_port $def_port $style]
-}
-
define ip-proto 4 ip {mtu} {
# RFC2003
checksum_bad 0.10 \
checksum_none 0.20 \
checksum_good]
- manyset [port-pair udp] source_port dest_port def_port style
+
+ get style choice-mult \
+ request 0.15 \
+ reply 0.15 \
+ servers 0.20 \
+ random
+
+ if {"$style" != "random"} {
+ get port enum-def
+ set def_port $port
+ } else {
+ set def_port x
+ }
+ if {"$style" != "servers"} {
+ get port enum-rand 0 0xffff
+ set rand_port $port
+ }
+ switch -exact $style {
+ random { set source_port $rand_port; set dest_port $rand_port }
+ request { set source_port $rand_port; set dest_port $def_port }
+ reply { set source_port $def_port; set dest_port $rand_port }
+ servers { set source_port $def_port; set dest_port $def_port }
+ }
if {"$style" != "random"} {
set port $def_port
namespace import PCap::*
proc emit {seed} {
- global getlog_log errorInfo mtu
+ global getlog_log errorInfo mtu fake_time_t
+ global minframelen
get-for ip
get-config source 127.0.0.1 v4addr
puts stderr "\nERROR\n$seed\n\n$emsg\n\n$errorInfo\n\n"
puts stdout "[format %6s $seed] error"
} else {
- set ts_sec [clock seconds]
+ set ts_sec [incr fake_time_t]
set ts_usec 0
- set llpkt [random-bytes 12] ;# ether addrs
- append llpkt 0800 ;# eth ip type
+ set l [packet-len $packet]
+ if {$l < $minframelen} {
+ append packet [string repeat 00 [expr {$minframelen - $l}]]
+ }
+
+ # RFC894
+ set llpkt [random-bytes 12]
+ append llpkt 0800
append llpkt $packet
set len [packet-len "$llpkt"]
set thiszone 0
set sigfigs 0
set snaplen 131073
+
+# RFC894
set linktype 1
+set minframelen 46
pcap_write {
x32 magic
s32 linktype
}
+set fake_time_t [clock seconds]
+
if {[llength $argv]} {
foreach count $argv { emit "$xseed$count" }
} else {