Next Previous Top
Content
Next Previous Top
5. Library Internals
This section is devoted to the internals of the library. First covered are all the user-accessible functions, then constants, macros and finally libnet-specific data structures. Proceeding each function prototype is a small table listing the return values of the function, whether or not the function is reentrant (a function is considered reentrant if it may be called repeatedly, or may be called before previous invocations have completed, and each invocation is independent of all other invocations and a brief description of the function!s arguments.
5.1 Memory Management Functions
int libnet_init_packet(u_short packet_size, u_char **bu !"
return value upon success return value upon failure re-entrant arguments
" -" yes " - desired pac#et si$e % - address of a u&char pointer
libnet&init&pac#et( creates memory for a pac#et (it doesn!t so much create memory as it re'uests it from the underlying operating system via malloc( . (pon success the memory is $ero-filled. The function accepts two arguments, the pac#et si$e and the address of the pointer to the pac#et. The pac#et si$e parameter may be ), in which case the library will attempt to guess a pac#et si$e for you. Passing in the pointer to a pointer (passing by address is necessary as we are allocating memory locally. *f we instead passed in +ust a pointer (passing by value the allocated memory would be lost. This function is a good example of interface hiding. This function is essentially a malloc( wrapper. ,y using this function the details of what!s really happening are abstracted so that you, the programmer, can worry about your tas# at hand.
#oi$ libnet_$estroy_packet(u_char **bu !"
return value upon success return value upon failure re-entrant arguments
NNyes " - address of a u&char pointer
libnet&destroy&pac#et( is the free( analog to libnet&init&pac#et. *t destroys the pac#et referenced by !buf!. *n reality, it is of course a simple free( wrapper. *t frees the heap memory and points .buf. to N(//
to dispel the dangling pointer. The function does ma#e the assertion that .buf. is not N(//. - pointer to a pointer is passed to maintain interface consistency.
int libnet_init_packet_arena(struct libnet_arena **arena, u_short packet_size, u_short packet_size!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to an arena structure pointer % - number of pac#ets 0 - pac#et si$e
libnet&init&pac#et&arena( allocates and initiali$es a memory pool. *f you plan on building and sending several different pac#ets, this is a good choice. *t allocates a pool of memory from which you can grab chun#s to build pac#ets (see next&pac#et&from&arena( . *t ta#es the address to an arena structure pointer, and hints on the possible pac#et si$e and number of pac#ets. The last two arguments are used to compute the si$e of the memory pool. -s before, they can be set to ) and the library will attempt to choose a decent value. The function returns -" if the malloc fails or " if everything goes o#.
u_char *libnet_ne%t_packet_ rom_arena(struct libnet_arena **arena, u_short packet_size!"
return value upon success return value upon failure re-entrant arguments
pointer to the re'uest pac#et memory N(// yes " - pointer to the arena % - re'uested pac#et si$e
libnet&next&pac#et&from&arena( returns a chun# of memory from the specified arena of the re'uested si$e and decrements the arenas available byte counter. *f the re'uested memory is not available from the arena, the function returns N(//. Note that there is nothing preventing a poorly coded application from using more memory than re'uested and causing all #inds of problems. Ta#e heed.
#oi$ libnet_$estroy_packet_arena(struct libnet_arena **arena!"
return value upon success return value upon failure re-entrant arguments
NNyes " - pointer to the arena
libnet&destroy&pac#et&arena( frees the memory associated with the specified arena.
5.& '$$ress (esolution Functions
u_char *libnet_host_lookup(u_long ip, u_short use_name!"
return value upon success return value upon failure re-entrant arguments
pointer to the converted *P address N(// no " - networ#-byte ordered *P address % - use&name flag
libnet&host&loo#up( converts the supplied networ#-ordered (big-endian *P address into its humanreadable counterpart. *f the usename flag is /*,N1T&2134/51, the function will attempt to resolve the *P address (possibly incurring 6N3 networ# traffic and return a canonical hostname, otherwise if it is /*,N1T&64NT&2134/51 (or if the loo#up fails , the function returns a dotted-decimal -37** string. This function is hopelessly non reentrant as it uses static data.
#oi$ libnet_host_lookup_r(u_long ip, u_short use_name, u_char *bu !"
return value upon success return value upon failure re-entrant arguments
NNdepends on architecture " - networ#-byte ordered *P address % - use&name flag 0 - buffer to contain the converted *P address
libnet&host&loo#up&r( is the planned reentrant version of the above function. *f reentrant networ# resolver libraries become available, this function will li#ewise be reentrant. -n additional argument of a buffer to store the converted (or resolved *P address is supplied by the user.
u_long libnet_name_resol#e(u_char *ip, u_short use_name!"
return value upon success return value upon failure re-entrant arguments
networ#-byte ordered *P address -" yes " - human readable *P address or F86N % - use&name flag
libnet&name&resolve( ta#es a N(// terminated -37** string representation of an *P address (dots and decimals or, if the usename flag is /*,N1T&2134/51, a canonical hostname and converts it into a networ#-ordered (big-endian unsigned long value.
u_long libnet_get_ipa$$r(struct libnet_link_int *l, const u_char *$e#ice, const u_char *ebu !"
return value upon success return value upon failure re-entrant arguments
re'uested *P address -" yes " - pointer to a lin# interface structure % - pointer to the device to 'uery 0 - pointer to a buffer to contain a possible error message
libnet&get&ipaddr( returns the *P address of a specified networ# device. The function ta#es a pointer to a lin# layer interface structure, a pointer to the networ# device name, and an empty buffer to be used in case of error. (pon success the function returns the *P address of the specified interface in networ#-byte order or ) upon error (and errbuf will contain a reason .
struct ether_a$$r *libnet_get_h)a$$r(struct libnet_link_int *l, const u_char *$e#ice, const u_char *ebu !"
return value upon success return value upon failure re-entrant arguments
pointer to the re'uested ethernet address N(// depends on architecture " - pointer to a lin# interface structure % - pointer to the device to 'uery 0 - pointer to a buffer to contain a possible error message
libnet&get&hwaddr( returns the hardware address of a specified networ# device. -t the time of this writing, only ethernet is supported. The function ta#es a pointer to a lin# layer interface structure, a pointer to the networ# device name, and an empty buffer to be used in case of error. The function returns the 9-7 address of the specified interface upon success or N(// upon error (and errbuf will contain a reason .
5.* +acket In,ection -upport Functions
int libnet_open_ra)_sock(int protocol!"
return value upon success return value upon failure
opened soc#et -"
re-entrant arguments
yes " - protocol number of desired soc#et type
libnet&open&raw&soc#( opens a raw *P soc#et of the specified protocol type (supported types vary from system to system, but usually you!ll want to open an *PP24T4&2-: soc#et . The function also sets the *P&;62*N7/ soc#et option. 2eturned is the soc#et file descriptor or -" on error. The function can fail if either of the underlying calls to soc#et or setsoc#opt fails. 7hec#ing errno will reveal the reason for the error.
int libnet_close_ra)_sock(int socket!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - soc#et to be closed
libnet&close&raw&soc#( will close the referenced raw soc#et.
int libnet_select_$e#ice(struct socka$$r_in *sin, u_char **$e#ice, u_char *ebu !"
return value upon success return value upon failure re-entrant arguments
" -" no " - pointer to a soc#addr&in structure pointer % - pointer to the device to 'uery 0 - pointer to a buffer to contain a possible error message
libnet&select&device( will run through the list of interfaces and select one for use (ignoring the loopbac# device . *f the device argument points to N(// (don!t pass in a N(// pointer, the function expects a pointer to a pointer, and 7 can!t derefrence a N(// pointer it will try to fill it in with the first nonloopbac# device it finds, otherwise, it will try to open the specified device. *f successful, " is returned (and if device was N(//, it will now contain the device name which can be used in libnet&<lin#<( type calls . The function can fail for a variety of reasons, including soc#et system call failures, ioctl failures, if no interfaces are found, etc.. *f such an error occurs, -" is returned and errbuf will contain a reason.
struct libnet_link_int *libnet_open_link_inter ace(char *$e#ice, char *ebu !"
return value upon success return value upon failure
pointer to a lin# interface structure N(//
re-entrant arguments
yes " - pointer to a device % - pointer to a buffer to contain a possible error message
libnet&open&lin#&interface( opens a low-level pac#et interface. This is re'uired in order to be able in+ect lin# layer frames. 3upplied is a u&char pointer to the interface device name and a u&char pointer to an error buffer. 2eturned is a filled-in lin#&int structure or N(// on error (with the error buffer containing the reason . The function can fail for a variety of reasons due to the fact that it is architecture specific.
int libnet_close_link_inter ace(struct libnet_link_int *l!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to a lin# interface structure
libnet&close&lin#&interface( closes an opened low-level pac#et interface.
int libnet_)rite_ip(int socket, u_char *packet, int packet_size!"
return value upon success return value upon failure re-entrant arguments
pac#et si$e -" yes " - soc#et % - pointer to the pac#et 0 - pac#et si$e
libnet&write&ip( writes an *P pac#et to the networ#. The first argument is the soc#et created with a previous call to libnet&open&raw&soc#, the second is a pointer to a buffer containing a complete *P datagram, and the third argument is the total pac#et si$e. The function returns the number of bytes written upon success or -" on error (with errno containing the reason .
int libnet_)rite_link_layer(struct libnet_link_int *l, const u_char *$e#ice, u_char *packet, int packet_size!"
return value upon success return value upon failure re-entrant arguments
pac#et si$e -" depends on architecture " - pointer to a lin# interface structure
% - pointer to the networ# device 0 - pointer to the pac#et = - pac#et si$e libnet&write&lin#&layer( writes a lin#-layer frame to the networ#. The first argument is a pointer to a filled-in libnet&lin#&int structure, the next is a pointer to the networ# device, the third is the raw pac#et and the last is the pac#et si$e. 2eturned is the number of bytes written or -" on error.
int libnet_$o_checksum(u_char *packet, int protocol, int packet_size!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to a pac#et % - protocol number of pac#et type 0 - pac#et si$e
libnet&do&chec#sum( calculates the chec#sum for a pac#et. The first argument is a pointer to a fully built *P pac#et. The second is the transport protocol of the pac#et and the third is the pac#et length (not including the *P header . The function calculates the chec#sum for the transport protocol and fills it in at the appropriate header location (this function should be called only after a complete pac#et has been built . Note that when using raw soc#ets the *P chec#sum is always computed by the #ernel and does not need to done by the user. :hen using the lin# layer interface the *P chec#sum must be explicitly computed (in this case, the protocol would be of type *PP24T4&*P and the si$e would include *P&; . The function returns " upon success or -" if the protocol is of an unsupported type. 7urrently supported are>
.'L/0
*PP24T4&T7P *PP24T4&(6P *PP24T4&*79P *PP24T4&*?9P *PP24T4&*P *PP24T4&43PF *PP24T4&43PF
+(12131L
T7P (6P *79P *?9P *P (for the lin#-layer api 43PF 43PF&/3-
5.4 +acket 3onstruction Functions
-ll libnet pac#et creation functions contain the same three terminal arguments> a pointer to an optional payload (or N(// if no payload is to be included , the length of the payload in bytes (or ) if no payload is included and most importantly, a pointer to a pre-allocated bloc# of memory (which must be large enough to accommodate the entire pac#et and payload .
The only way for any libnet pac#et construction function will return an error is if the memory which is supposed to be pre-allocated points to N(//.
libnet_buil$_arp(u_short hr$), u_short prot, u_short h_len, u_short p_len, u_short op, u_char *s_ha, u_char *s_pa, u_char *t_ha, u_char *t_pa, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - hardware address format (-2P;26&1T;12 % - protocol address format 0 - length of the hardware address = - length of the protocol address @ - -2P operation type A - sender!s hardware address B - sender!s protocol address C - target!s hardware address D - target!s protocol address ") - pointer to pac#et payload "" - pac#et payload length "% - pointer to pre-allocated pac#et memory
arguments
libnet&build&arp( constructs an -2P (2-2P pac#et. -t this point in the library, the function only builds ethernetE-2P pac#ets, but this will be easy enough to change (whenever * get around to it . The first nine arguments are standard -2P header arguments, with the last three being standard libnet pac#et creation arguments. The -2P operation type should be one of the following symbolic types>
.'L/0
-2P4P&218(13T -2P4P&21P/F -2P4P&215218(13T -2P4P&21521P/F -2P4P&*N5218(13T -2P4P&*N521P/F
50-3(I+2I16
-2P re'uest -2P reply 2-2P re'uest 2-2P reply re'uest to identify peer reply identifying peer
int libnet_buil$_$ns(u_short i$, u_short lags, u_short num_7, u_short num_ans)_rr, u_short num_auth_rr, u_short num_a$$_rr, const u_char * payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure
" -"
re-entrant
yes " - pac#et id % - control flags 0 - number of 'uestions = - number of answer resource records @ - number of authority resource records A - number of additional resource records B - pointer to pac#et payload C - pac#et payload length D - pointer to pre-allocated pac#et memory
arguments
libnet&build&dns( constructs a 6N3 pac#et. The static 6N3 fields are included as the first six arguments, but the optional variable length fields must be included with the payload interface.
int libnet_buil$_ethernet(u_char *$a$$r, u_char *sa$$r, u_short i$, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pointer to the destination address % - pointer to the source address 0 - ethernet pac#et type = - pointer to pac#et payload @ - pac#et payload si$e A - pointer to pre-allocated pac#et memory
arguments
libnet&buildðernet( constructs an ethernet pac#et. The destination address and source address arguments are expected to be arrays of unsigned character bytes. The pac#et type should be one of the following>
.'L/0
1T;12TFP1&P(P 1T;12TFP1&*P 1T;12TFP1&-2P 1T;12TFP1&215-2P 1T;12TFP1&5/-N 1T;12TFP1&/44P,-7G
+(12131L
P(P *P -2P 2-2P *111 5/-N tagging loopbac# test
int libnet_buil$_icmp_echo(u_char type, u_char co$e, u_short i$, u_short se7, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes "- pac#et type % - pac#et code 0 - pac#et id = - pac#et se'uence number @ - pointer to pac#et payload A - pac#et payload si$e B - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp&echo( constructs an *79P&17;4 E *79P&17;421P/F pac#et. The pac#et type should be *79P&17;421P/F or *79P&17;4 and the code should be ).
int libnet_buil$_icmp_mask(u_char type, u_char co$e, u_short i$, u_short se7, u_long mask, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et type % - pac#et code 0 - pac#et id = - pac#et se'uence number @ - *P netmas# A - pointer to pac#et payload B - pac#et payload length C - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp&mas#( constructs an *79P&9-3G218 E *79P&9-3G21P/F pac#et. The pac#et type should be either *79P&9-3G218 or *79P&9-3G21P/F and the code should be ). The *P netmas# argument should be a 0%-bit networ#-byte ordered subnet mas#.
int libnet_buil$_icmp_unreach(u_char type, u_char co$e, u_short orig_len, u_char orig_tos, u_short orig_i$, u_short orig_ rag, u_char orig_ttl, u_char orig_prot, u_long orig_sa$$r, u_long orig_$a$$r, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pac#et type % - pac#et code
0 - original *P length = - original *P T43 @ - original *P id A - original *P fragmentation bits B - original *P time to live C - original *P protocol D - original *P source address ") - original *P destination address "" - pointer to original *P payload "% - original *P payload si$e "0 - pointer to pre-allocated pac#et memory libnet&build&icmp&unreach( constructs an *79P&(N21-7; pac#et. The 0rd through the "%th arguments are used to build the *P header of the original pac#et that caused the error message (the *79P unreachable . The pac#et type should be *79P&(N21-7; and the code should be one of the following>
.'L/0
*79P&(N21-7;&N1T *79P&(N21-7;&;43T *79P&(N21-7;&P24T474/ *79P&(N21-7;&P42T *79P&(N21-7;&N116F2-? *79P&(N21-7;&327F-*/ *79P&(N21-7;&N1T&(NG4:N *79P&(N21-7;&;43T&P24;*, *79P&(N21-7;&T43N1T *79P&(N21-7;&T43;43T *79P&(N21-7;&F*/T12&P24;*, *79P&(N21-7;&;43T&P217161N71 *79P&(N21-7;&P217161N71&7(T4FF
50-3-(I+2I16
networ# is unreachable host is unreachable protocol is unreachable port is unreachable fragmentation re'uired but 6F bit set source routing failed networ# is un#nown host is prohibited *P T43 and networ# *P T43 and host prohibitive filtering host precedence host precedence cut-off
int libnet_buil$_icmp_timee%cee$(u_char, u_char, u_short, u_char, u_short, u_short, u_char, u_char, u_long, u_long, const u_char *, int, u_char *!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pac#et type % - pac#et code 0 - original *P length = - original *P T43 @ - original *P id A - original *P fragmentation bits
B - original *P time to live C - original *P protocol D - original *P source address ") - original *P destination address "" - pointer to original *P payload "% - original *P payload si$e "0 - pointer to pre-allocated pac#et memory libnet&build&icmp&timeexceed( constructs an *79P&T*91H7116 pac#et. This function is identical to libnet&build&icmp&unreach with the exception of the pac#et type and code. The pac#et type should be either *79P&T*9H7116&*NT2-N3 for pac#ets that expired in transit (TT/ expired or *79P&T*9H7116&21-33 for pac#ets that expired in the fragmentation reassembly 'ueue.
int libnet_buil$_icmp_re$irect(u_char type, u_char co$e, u_long gate)ay, u_short orig_len, u_char orig_tos, u_short orig_i$, u_short orig_ rag, u_char orig_ttl, u_char orig_prot, u_long orig_sa$$r, u_long orig_$a$$r, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et type % - pac#et code 0 - *P address of the gateway = - original *P length @ - original *P T43 A - original *P id B - original *P fragmentation bits C - original *P time to live D - original *P protocol ") - original *P source address "" - original *P destination address "% - pointer to original *P payload "0 - original *P payload si$e "= - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp&redirect( constructs an *79P&216*217T pac#et. This function is similar to libnet&build&icmp&unreach, the differences being the type and code and the addition of an argument to hold the *P address of the gateway that should be used (hence the redirect . The pac#et type should be *79P&216*217T and the code should be one of the following>
.'L/0
*79P&(N21-7;&N1T *79P&(N21-7;&;43T *79P&(N21-7;&P24T474/
50-3-(I+2I16
redirect for networ# redirect for host redirect for T43 and networ#
*79P&(N21-7;&P42T
redirect for T43 and host
int libnet_buil$_icmp_timestamp(u_char type, u_char co$e, u_short i$, u_short se7, n_time otime, n_time rtime, n_time ttime, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et type % - pac#et code 0 - pac#et id = - pac#et se'uence number @ - originate timestamp A - receive timestamp B - transmit timestamp C - pointer to pac#et payload D - pac#et payload si$e ") - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp×tamp( constructs an *79P&T3T-9P E *79P&T3T-9P21P/F pac#et. The pac#et type should be *79P&T3T-9P or *79P&T3T-9P21P/F and the code should be ).
int libnet_buil$_igmp(u_char type, u_char co$e, u_long ip, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant " -" yes " - pac#et type % - pac#et code 0 - *P address = - pointer to pac#et payload @ - pac#et payload si$e A - pointer to pre-allocated pac#et memory
arguments
libnet&build&igmp( constructs an *?9P pac#et. The pac#et type should be one of the following>
.'L/0
*?9P&919,123;*P&8(12F *?9P&5"&919,123;*P&21P42T *?9P&5%&919,123;*P&21P42T *?9P&/1-51&?24(P
50-3-(I+2I16
membership 'uery version " membership report version % membership report leave-group message
The code, which is a routing sub-message, should probably be left to ), unless you #now what you!re doing.
int libnet_buil$_ip(u_short len, u_char tos, u_short ip_i$, u_short rag, u_char ttl, u_char protocol, u_long sa$$r, u_long $a$$r, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et length (not including the *P header % - type of service 0 - pac#et id = - fragmentation bits E offset @ - time to live A - protocol B - source address C - destination address D - pointer to pac#et payload ") - pac#et payload length "" - pointer to pre-allocated pac#et memory
arguments
libnet&build&ip( constructs the mighty *P pac#et. The fragmentation field may be ) or contain some combination of the following>
.'L/0
*P&6F *P&9F
50-3(I+2I16
don!t fragment this datagram (only valid when alone more fragments on the way (42!d together with an offset value
The *P&4FF9-3G is used to retrieve the offset from the fragmentation field. *P pac#ets may be no larger than *P&9-HP-7G1T bytes. The source and destination addresses need to be in networ#-byte order. The payload interface should only be used to construct an arbitrary or non-supported type *P datagram. To construct a T7P, (6P, or similar type pac#et, use the relevant libnet&build function.
int libnet_buil$_osp (u_short len, u_char type, u_long router_i$, u_long area_i$, u_short auth_type, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - pac#et length (not including the 43PF header % - pac#et type 0 - router *6 = - area *6
@ - authentication type A - pointer to pac#et payload B - pac#et payload length C - pointer to pre-allocated pac#et memory libnet&build&ospf( builds a 43PF pac#et. Fou pass the pac#et length (not including the 43PF header , the pac#et type, 0%-bit router *6, 0%-bit area *6, the authentication type, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The payload should not be used to build the ;ello, /3-, /3(, /32, or 6,6 pac#ets as there are specific construction functions for those pac#et types. The following variables are to be used for the 43PF pac#et type>
.'L/0
43PF&(96 43PF&;1//4 43PF&6,6 43PF&/32 43PF&/3( 43PF&/3-
50-3-(I+2I16
(96 monitoring pac#et ;ello pac#et 6atabase description pac#et /in# state re'uest pac#et /in# state update pac#et /in# state ac#nowledgement pac#et
The following are the possible authentication types>
.'L/0
43PF&-(T;&N(// 43PF&-(T;&3*9P/1 43PF&-(T;&96@
50-3(I+2I16
N(// password plaintext, C character password 96@
The following is the structure used for the A= bit field when using 96@> struct auth { u_short ospf_auth_null; u_char ospf_auth_keyid; u_char ospf_auth_len; u_int ospf_auth_se"; %;
/* /* /* /*
NULL 16 bits */ Key I */ !uth data len */ #e"uence nu$ */
int libnet_buil$_osp _hello(u_long netmask, u_short inter#al, u_char options, u_char priority, u_int $ea$_inter#al, u_long $es_router, u_long backup, u_long neighbor, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure
" -"
re-entrant
yes " - netmas# for interface % - num of seconds since last pac#et was sent 0 - options = - priority @ - num of seconds until router is deemed dead A - designated router B - bac#up router C - neighbor D - pac#et payload ") - payload length "" - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&hello( builds an 43PF ;ello pac#et. Fou pass the netmas# for the interface, the number of seconds since the last pac#et was sent, possible options, the router!s priority (if ), it can!t be a bac#up router , the time (in seconds until a router is deemed down, the networ#s designated router, the networ#s bac#up router, a neighbor, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory used for the pac#et. *f there is more than one neighbor that is to be included in the pac#et, +ust allocate enough space for the pac#et buf, and pass the neighbors as the Ioptional data payload.I
int libnet_buil$_osp _$b$(u_short len, u_char options, u_char type, u_int se7uence_num, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant
" -" yes " - length % - options 0 - type = - se'uence number @ - pac#et payload A - payload length B - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&dbd( builds an 43PF 6ata,ase 6escription (6,6 pac#et. Fou pass the maximum length of an *P pac#et the interface can use, pac#et options, the type of exchange occurring, a se'uence number, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The following can be used for the type variable>
.'L/0
6,6&*,*T 6,6&9,*T 6,6&93,*T
50-3(I+2I16
*nitiali$ation bit 9ore 6,6 pac#ets en route 3ender is the master
int libnet_buil$_osp _lsr(u_int type, u_int ls_i$, u_long a$#_router, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant
" -" yes " - type % - *6 0 - advertising router = - pac#et payload @ - payload length A - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsr( builds an 43PF /in# 3tate 2e'uest (/32 pac#et. Fou pass the type of lin# state pac#et being re'uested, the lin# state *6, the advertising router, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. 3ee the libnet&build&ospf&lsa( section for more information regarding variables.
int libnet_buil$_osp _lsu(u_int num, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - number of /3- pac#ets inside % - pac#et payload 0 - payload length = - pointer to pre-allocated pac#et memory
libnet&build&ospf&lsu( builds an 43PF /in# 3tate (pdate (/3( pac#et. Fou pass the number of /in# 3tate -c#nowledgment (/3- pac#ets that will be in the pac#et, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et.
int libnet_buil$_osp _lsa(u_short age, u_char options, u_char type, u_int ls_i$, u_long a$#_router, u_int se7uence_num, u_short len, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - lin# state age % - options
0 - type = - lin# state *6 @ - advertising router A - se'uence number B - length not including /3- header C - pac#et payload D - payload length ") - pointer to pre-allocated pac#et memory libnet&build&ospf&lsa( builds an 43PF /in# 3tate -c#nowledgement (/3- pac#et. Fou pass the lin# state age, pac#et options, type of /3-, the lin# state *6, the advertising router, the pac#et!s se'uence number, the length of the pac#et (¬& including the /3- header length , a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The following variables can be used for the type of /3->
.'L/0
/3&TFP1&2T2 /3&TFP1&N1T /3&TFP1&*P /3&TFP1&-3,2 /3&TFP1&-31HT
50-3(I+2I16
2outer /3Networ# /33ummary /3- (*P networ# 3ummary /3- (-3,2 -3-1xternal /3-
int libnet_buil$_osp _lsa_rtr(u_short lags, u_short num, u_int i$, u_int $ata, u_char type, u_char tos, u_short metric, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant " -" yes " - flags % - number of lin#s 0 - lin# *6 = - info for lin# *6 @ - router lin# type A - T43 metrics B - pac#et payload C - payload length D - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsa&rtr( builds an 43PF /in# 3tate 2outer pac#et. Fou pass the optional pac#et flags, the number of lin#s within that pac#et, the lin# *6 (helps describe the next variable , the info for the specified lin# *6, the type of router lin#, the number of T43 metrics for this lin#, the metric (the cost of using the lin# , a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The possible flags (not including )x)) are as follows>
.'L/0
2T2&F/-?3&: 2T2&F/-?3&1 2T2&F/-?3&,
50-3(I+2I16
: bit 1 bit , bit
The possible lin# *6!s are as follows>
.'L/0
/*NG&*6&N,2&*6 /*NG&*6&*P&613 /*NG&*6&3(,
50-3(I+2I16
Neighbors router *6 *P address of router *P subnet number
The possible values for the router type are as follows>
.'L/0
2T2&TFP1&PTP 2T2&TFP1&T2-N3 2T2&TFP1&3T(, 2T2&TFP1&52T/
50-3(I+2I16
Point to point 7onnection to a .transit networ#. 7onnection to a .stub networ#. 7onnection to a .virtual lin#.
int libnet_buil$_osp _lsa_net(u_long netmask, u_int router_i$, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant " -" yes " - netmas# % - router *6 0 - pac#et payload = - pac#et payload length @ - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsa&net( builds an 43PF /in# 3ate Networ# pac#et. Fou pass the interface!s netmas#, the router *6, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et.
int libnet_buil$_osp _lsa_sum(u_long netmask, u_int metric, u_int tos, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant
" -" yes " - netmas# % - metric 0 - T43 = - pac#et payload @ - pac#et payload length A - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsa&sum( builds an 43PF /in# 3tate 3ummary pac#et. Fou pass the interface!s netmas#, the cost of using the lin# (metric , the T43, which is passed as a unsigned integer but the first C bits are the T43 and the last %= bits are the T43 metric, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et.
int libnet_buil$_osp _lsa_as(u_long netmask, u_int metric, u_long )$_a$$r, u_int tag, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant " -" yes " - netmas# % - metric 0 - forwarding address = - external route tag A - pac#et payload B - pac#et payload length C - pointer to pre-allocated pac#et memory
arguments
libnet&buils&ospf&lsa&as( builds an 43PF /in# 3tate -3 1xternal pac#et. Fou pass the interface!s netmas#, the cost of using the lin# (metric , the forwarding address, the external route tag, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. *n reality, the metric only uses the last %= bits of the unsigned int. The first Cbits are reserved for a possible bit to be set (the 1 bit, see above for more info . The variable -3&1&,*T&4N can be used logically to set the 1 bit on.
int libnet_buil$_rip(u_char cm$, u_char #er, u_short $omain, u_short a$$r_ am, u_short route_tag, u_long ip, u_long mask, u_long ne%t_hop, u_long metric, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant " -" yes
arguments
" - command % - version 0 - routing domain (or $ero = - address family @ - route tag (or $ero A - *P address B - netmas# (or $ero C - next hop *P address (or $ero D - metric ") - pointer to pac#et payload "" - pac#et payload length "% - pointer to pre-allocated pac#et memory
libnet&build&rip( constructs a 2*P pac#et. 6epending on the version of 2*P you are using, pac#et fields are slightly different. The following chart highlights these differences>
'(8/M062
" % 0 = @ A B C D
.0(-I16 1
command 2*P512&" $ero address family $ero *P address $ero $ero metric
.0(-I16 &
command 2*P512&% routing domain address family subnet mas# *P address subnet mas# next hop ip metric
The 2*P commands should be one of the following>
.'L/0
2*P796&218(13T 2*P796&213P4N31 2*P796&T2-714N 2*P796&T2-714FF 2*P796&P4// 2*P796&9-H
50-3(I+2I16
2*P re'uest 2*P response 2*P tracing on 2*P tracing off 2*P polling
2*P796&P4//1NT2F 2*P poll entry
int libnet_buil$_tcp(u_short th_sport, u_short th_$port, u_long th_se7, u_long th_ack, u_char th_ lags, u_short th_)in, u_short th_urg, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - source port % - destination port 0 - se'uence number = - ac#nowledgement number @ - control flags A - window si$e B - urgent pointer C - pointer to pac#et payload D - pac#et payload si$e ") - pointer to pre-allocated pac#et memory
arguments
libnet&build&tcp( constructs a T7P pac#et. The control flags should be one or more of the following (42!d together if need be >
.'L/0
T;&(2? T;&-7G T;&P3; T;&23T T;&3FN T;&F*N
50-3-(I+2I16
urgent data is present ac#nowledgement number field should be chec#ed push this data to the application reset the referenced connection synchroni$e connection se'uence numbers sender is finished sending data
int libnet_buil$_u$p(u_short sport, u_short $port, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant " -" yes " - source port % - destination port 0 - pointer to pac#et payload = - pac#et payload si$e @ - pointer to pre-allocated pac#et memory
arguments
libnet&build&udp( constructs a (6P pac#et. Please remember that (6P chec#sums are considered mandatory by the host re'uirements 2F7.
int libnet_insert_ipo(struct ipoption *opt, u_char opt_len, u_char *packet_bu !"
return value upon success "
return value upon failure re-entrant arguments
-" yes " - pointer to a *P options structure (filled in % - options length 0 - pointer to a complete *P pac#et
libnet&insert&ipo( inserts *P options into a pre-built *P pac#et. 3upplied is a pointer to an ip options structure, the si$e of this options list, and a pointer the pre-built pac#et. The options list should be constructed as they will appear on the wire, as they are simply inserted into the pac#et at the appropriate location. The function returns -" if the options would result in pac#et too large (greater then A@@0@ bytes , or if the pac#et buffer is N(//. *t is an unchec#ed runtime error for the user to have not allocated enough heap memory for the *P pac#et plus the *P options.
int libnet_insert_tcpo(struct tcpoption *opt, u_char opt_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - pointer to a T7P options structure (filled in % - options length 0 - pointer to a complete *PET7P pac#et
libnet&insert&tcpo( inserts T7P options into a pre-built *PET7P pac#et. 3upplied is a pointer to a tcp options structure, the si$e of this options list, and a pointer the pre-built pac#et. The options list should be constructed as they will appear on the wire, as they are simply inserted into the pac#et at the appropriate location. The function returns -" if the options would result in pac#et too large (greater then A@@0@ bytes , if the pac#et isn!t an *PET7P pac#et, if the options list if longer than %) bytes, or if the pac#et buffer is N(//. *t is an unchec#ed runtime error for the user to have not allocated enough heap memory for the *PET7P pac#et plus the *P options.
5.5 -upport Functions
int libnet_see$_pran$(!"
return value upon success return value upon failure re-entrant arguments " -" yes N-
libnet&seed&prand( seeds the pseudo-random number generator. The function is basically a wrapper to srandom. *t ma#es a call to gettimeofday to get entropy. *t can return -" if the call to gettimeofday fails (chec# errno . *t otherwise returns ".
u_long libnet_get_pran$(int mo$ulus!"
return value upon success return value upon failure re-entrant arguments
" Nyes " - maximum si$e of pseudo-random number desired
libnet&get&prand( generates a psuedo-random number. The range of the returned number is controlled by the function!s only argument>
.'L/0
/*,N1T&P2% /*,N1T&P2C /*,N1T&P2"A /*,N1T&P2u"A /*,N1T&P20% /*,N1T&P2u0%
50-3-(I+2I16
)-" ) - %@@ ) - 0%BAB ) - A@@0@ ) - %"=B=C0A=B ) - =%D=DAB%D@
The function does not fail.
#oi$ libnet_he%_$ump(u_char * bu , int len, int s)ap, FIL0 *stream!"
return value upon success return value upon failure re-entrant arguments NNyes " - pac#et to dump % - pac#et length 0 - byte swap flag = - previously opened stream in which to dump pac#et
libnet&hex&dump( prints out a pac#et in hexadecimal. *t will print the pac#et as it appears in memory, or as it will appear on the wire, depending on the value of the byte-swap flag. The function prints the pac#et to a previously opened stream (such as stdout . Note that on big-endian architectures such as 3olaris, the pac#et will appear the same in memory as it will on the wire.
int libnet_plist_chain_ne)(struct libnet_plist_chain **plist, char *token_list!"
return value upon success return value upon failure re-entrant arguments " -" yes " - pointer to a libnet&plist&chain pointer % - pointer to to#en list
libnet&plist&chain&new( constructs a new libnet port-list chain. - libnet port-list chain is a fast and simple way of implementing port-list ranges (useful for applications that employ a list of ports - li#e a port scanner . Fou!ll see naive implementations that allocate an entire array of A@@0@ bytes and fill in the desired ports one by one. ;owever, we only really need to store the beginning port and the ending port, and we can efficiently store multiple port ranges (delimited by commas by using a lin#ed list chain with each node holding the beginning and ending port for a particular range. For example, The port range ."")%=. would occupy one node with the beginning port being " and the ending port being ")%=. The port range .%@,"")-"A",A))). would result in 0 nodes being allocated. 3ingle ports are ta#en as single ranges (port %@ ends up being %@-%@ . - port list range without a terminating port (port&num - is considered shorthand for (port&num - A@@0@ . The arguments are a pointer to libnet&plist&chain pointer (which will end up being the head of the lin#ed list which needs to deference an allocated libnet&plist&chain structure and pointer to the port-list (to#enlist itself. The function chec#s this character port list for valid to#ens ("%0=@ABCD),- and returns an error if an unrecogni$ed to#en is found. (pon success the function returns ", and head points to the newly formed port-list (and also contains the number of nodes in the list. *f an error occurs (an unrecogni$ed to#en is found or malloc fails -" is returned and head is set to N(//. libnet&plist&chain&next&pair( should be used to extract port list pairs.
int libnet_plist_chain_ne%t_pair(struct libnet_plist_chain *plist, u_short *bport, u_short *eport!"
return value upon success return value upon failure re-entrant arguments ", ) -" yes " - pointer to a libnet&plist&chain pointer % - pointer to the beginning port (to be filled in 0 - pointer to the ending port (to be filled in
libnet&plist&chain&next&pair( fetches the next pair of ports from the list. The function ta#es a pointer to the head of the prebuilt list and a pointer to a u&short that will contain the beginning port and a pointer to a u&short that will contain the ending port.
The function returns " and fills in these values if there are nodes remaining, or if the port list chain is exhausted, it returns ). *f an error occurs (the libnet&plist&chain pointer is N(// the function returns -".
int libnet_plist_chain_$ump(struct libnet_plist_chain *plist!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to a libnet&plist&chain pointer
libnet&plist&chain&dump( dumps the port-list chain referenced by the argument. The function prints the list to stdout (it!s mainly meant as a debugging tool . *t returns " upon success or if an error occurs (the libnet&plist&chain pointer is N(// the function returns -".
u_char *libnet_plist_chain_$ump_string(struct libnet_plist_chain *plist!"
return value upon success return value upon failure re-entrant arguments pointer to the to#en list N(// no " - pointer to a libnet&plist&chain pointer
libnet&plist&chain&dump&string( returns the port-list chain referenced by the argument as a string. *t returns the port list string upon success or if an error occurs (the libnet&plist&chain pointer is N(// the function returns N(//.
#oi$ libnet_plist_chain_ ree(struct libnet_plist_chain *plist!"
return value upon success return value upon failure re-entrant arguments NNyes " - pointer to a libnet&plist&chain pointer
libnet&plist&chain&free( frees the memory associated with the libnet port list chain.
5.9 -ymbolic 3onstants
/ibnet conveniently defines standard pac#et header si$es, for use with many pac#et manipulation functions, as per the following chart>
-:M;1LI3 316-2'62
/*,N1T&-2P&; /*,N1T&6N3&; /*,N1T&1T;&; /*,N1T&*79P&; (deprecated /*,N1T&*79P&17;4&; /*,N1T&*79P&9-3G&; /*,N1T&*79P&(N21-7;&; /*,N1T&*79P&T*9H7116&; /*,N1T&*79P&216*217T&; /*,N1T&*79P&T3&; /*,N1T&*?9P&; /*,N1T&*P&; /*,N1T&2*P&; /*,N1T&T7P&; /*,N1T&(6P&; 9ore pac#et memory constants>
-I<0 I6 ;:20%C "% "= = C "% C C C %) C %) %= %) C
-:M;1LI3 316-2'62 M0'6I68
/*,N1T&P-7G1T /*,N1T&4PT3 /*,N1T&9-H&P-7G1T enough memory for a T7P or (6P header and an *P header enough memory for *P or T7P options (=) bytes enough memory for *P&9-HP-7G1T (A@@0@ bytes
The following are used for psuedo random number generation, with libnet&get&prand( >
-:M;1LI3 316-2'62
/*,N1T&P2-N6&9-H /*,N1T&P2% /*,N1T&P2C /*,N1T&P2"A /*,N1T&P2u"A
('680
A@@0@ )-% ) - %@@ ) - 0%BAB ) - A@@0@
/*,N1T&P20% /*,N1T&P2u0%
) - %"=B=C0A=B ) - =%D=DAB%D@
For error messaging, used in con+unction with libnet&error( >
-:M;1LI3 316-2'62 M0'6I68
/*,N1T&122&:-2N*N? /*,N1T&122&72*T*7-/ /*,N1T&122&F-T-/
warning error message critical error message fatal error message (program will exit
For use with libnet&host&loo#up( , libnet&host&loo#up&r( , and libnet&name&resolve( >
-:M;1LI3 316-2'62
/*,N1T&64NT&2134/51 /*,N1T&2134/51
M0'6I68
do not resolve *P addresses into F86Ns attempt to resolve *P addresses into F86Ns
5.= Macros
The arena interface defines the following macros>
M'3(1
/*,N1T&?1T&-21N-&3*J1(arena /*,N1T&?1T&-21N-&219-*N*N?&,FT13(arena
M0'6I68
returns the si$e of the arena returns the number of bytes left in the arena
To print the ethernet address from an ether&addr struct use the following macro>
M'3(1
/*,N1T&P2*NT&1T;&-662(e 6e%t +re#ious2op
M0'6I68
Prints the ethernet address of the ether&addr struct
5. Library Internals
This section is devoted to the internals of the library. First covered are all the user-accessible functions, then constants, macros and finally libnet-specific data structures. Proceeding each function prototype is a small table listing the return values of the function, whether or not the function is reentrant (a function is considered reentrant if it may be called repeatedly, or may be called before previous invocations have completed, and each invocation is independent of all other invocations and a brief description of the function!s arguments.
5.1 Memory Management Functions
int libnet_init_packet(u_short packet_size, u_char **bu !"
return value upon success return value upon failure re-entrant arguments
" -" yes " - desired pac#et si$e % - address of a u&char pointer
libnet&init&pac#et( creates memory for a pac#et (it doesn!t so much create memory as it re'uests it from the underlying operating system via malloc( . (pon success the memory is $ero-filled. The function accepts two arguments, the pac#et si$e and the address of the pointer to the pac#et. The pac#et si$e parameter may be ), in which case the library will attempt to guess a pac#et si$e for you. Passing in the pointer to a pointer (passing by address is necessary as we are allocating memory locally. *f we instead passed in +ust a pointer (passing by value the allocated memory would be lost. This function is a good example of interface hiding. This function is essentially a malloc( wrapper. ,y using this function the details of what!s really happening are abstracted so that you, the programmer, can worry about your tas# at hand.
#oi$ libnet_$estroy_packet(u_char **bu !"
return value upon success return value upon failure re-entrant arguments
NNyes " - address of a u&char pointer
libnet&destroy&pac#et( is the free( analog to libnet&init&pac#et. *t destroys the pac#et referenced by !buf!. *n reality, it is of course a simple free( wrapper. *t frees the heap memory and points .buf. to N(//
to dispel the dangling pointer. The function does ma#e the assertion that .buf. is not N(//. - pointer to a pointer is passed to maintain interface consistency.
int libnet_init_packet_arena(struct libnet_arena **arena, u_short packet_size, u_short packet_size!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to an arena structure pointer % - number of pac#ets 0 - pac#et si$e
libnet&init&pac#et&arena( allocates and initiali$es a memory pool. *f you plan on building and sending several different pac#ets, this is a good choice. *t allocates a pool of memory from which you can grab chun#s to build pac#ets (see next&pac#et&from&arena( . *t ta#es the address to an arena structure pointer, and hints on the possible pac#et si$e and number of pac#ets. The last two arguments are used to compute the si$e of the memory pool. -s before, they can be set to ) and the library will attempt to choose a decent value. The function returns -" if the malloc fails or " if everything goes o#.
u_char *libnet_ne%t_packet_ rom_arena(struct libnet_arena **arena, u_short packet_size!"
return value upon success return value upon failure re-entrant arguments
pointer to the re'uest pac#et memory N(// yes " - pointer to the arena % - re'uested pac#et si$e
libnet&next&pac#et&from&arena( returns a chun# of memory from the specified arena of the re'uested si$e and decrements the arenas available byte counter. *f the re'uested memory is not available from the arena, the function returns N(//. Note that there is nothing preventing a poorly coded application from using more memory than re'uested and causing all #inds of problems. Ta#e heed.
#oi$ libnet_$estroy_packet_arena(struct libnet_arena **arena!"
return value upon success return value upon failure re-entrant arguments
NNyes " - pointer to the arena
libnet&destroy&pac#et&arena( frees the memory associated with the specified arena.
5.& '$$ress (esolution Functions
u_char *libnet_host_lookup(u_long ip, u_short use_name!"
return value upon success return value upon failure re-entrant arguments
pointer to the converted *P address N(// no " - networ#-byte ordered *P address % - use&name flag
libnet&host&loo#up( converts the supplied networ#-ordered (big-endian *P address into its humanreadable counterpart. *f the usename flag is /*,N1T&2134/51, the function will attempt to resolve the *P address (possibly incurring 6N3 networ# traffic and return a canonical hostname, otherwise if it is /*,N1T&64NT&2134/51 (or if the loo#up fails , the function returns a dotted-decimal -37** string. This function is hopelessly non reentrant as it uses static data.
#oi$ libnet_host_lookup_r(u_long ip, u_short use_name, u_char *bu !"
return value upon success return value upon failure re-entrant arguments
NNdepends on architecture " - networ#-byte ordered *P address % - use&name flag 0 - buffer to contain the converted *P address
libnet&host&loo#up&r( is the planned reentrant version of the above function. *f reentrant networ# resolver libraries become available, this function will li#ewise be reentrant. -n additional argument of a buffer to store the converted (or resolved *P address is supplied by the user.
u_long libnet_name_resol#e(u_char *ip, u_short use_name!"
return value upon success return value upon failure re-entrant arguments
networ#-byte ordered *P address -" yes " - human readable *P address or F86N % - use&name flag
libnet&name&resolve( ta#es a N(// terminated -37** string representation of an *P address (dots and decimals or, if the usename flag is /*,N1T&2134/51, a canonical hostname and converts it into a networ#-ordered (big-endian unsigned long value.
u_long libnet_get_ipa$$r(struct libnet_link_int *l, const u_char *$e#ice, const u_char *ebu !"
return value upon success return value upon failure re-entrant arguments
re'uested *P address -" yes " - pointer to a lin# interface structure % - pointer to the device to 'uery 0 - pointer to a buffer to contain a possible error message
libnet&get&ipaddr( returns the *P address of a specified networ# device. The function ta#es a pointer to a lin# layer interface structure, a pointer to the networ# device name, and an empty buffer to be used in case of error. (pon success the function returns the *P address of the specified interface in networ#-byte order or ) upon error (and errbuf will contain a reason .
struct ether_a$$r *libnet_get_h)a$$r(struct libnet_link_int *l, const u_char *$e#ice, const u_char *ebu !"
return value upon success return value upon failure re-entrant arguments
pointer to the re'uested ethernet address N(// depends on architecture " - pointer to a lin# interface structure % - pointer to the device to 'uery 0 - pointer to a buffer to contain a possible error message
libnet&get&hwaddr( returns the hardware address of a specified networ# device. -t the time of this writing, only ethernet is supported. The function ta#es a pointer to a lin# layer interface structure, a pointer to the networ# device name, and an empty buffer to be used in case of error. The function returns the 9-7 address of the specified interface upon success or N(// upon error (and errbuf will contain a reason .
5.* +acket In,ection -upport Functions
int libnet_open_ra)_sock(int protocol!"
return value upon success return value upon failure
opened soc#et -"
re-entrant arguments
yes " - protocol number of desired soc#et type
libnet&open&raw&soc#( opens a raw *P soc#et of the specified protocol type (supported types vary from system to system, but usually you!ll want to open an *PP24T4&2-: soc#et . The function also sets the *P&;62*N7/ soc#et option. 2eturned is the soc#et file descriptor or -" on error. The function can fail if either of the underlying calls to soc#et or setsoc#opt fails. 7hec#ing errno will reveal the reason for the error.
int libnet_close_ra)_sock(int socket!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - soc#et to be closed
libnet&close&raw&soc#( will close the referenced raw soc#et.
int libnet_select_$e#ice(struct socka$$r_in *sin, u_char **$e#ice, u_char *ebu !"
return value upon success return value upon failure re-entrant arguments
" -" no " - pointer to a soc#addr&in structure pointer % - pointer to the device to 'uery 0 - pointer to a buffer to contain a possible error message
libnet&select&device( will run through the list of interfaces and select one for use (ignoring the loopbac# device . *f the device argument points to N(// (don!t pass in a N(// pointer, the function expects a pointer to a pointer, and 7 can!t derefrence a N(// pointer it will try to fill it in with the first nonloopbac# device it finds, otherwise, it will try to open the specified device. *f successful, " is returned (and if device was N(//, it will now contain the device name which can be used in libnet&<lin#<( type calls . The function can fail for a variety of reasons, including soc#et system call failures, ioctl failures, if no interfaces are found, etc.. *f such an error occurs, -" is returned and errbuf will contain a reason.
struct libnet_link_int *libnet_open_link_inter ace(char *$e#ice, char *ebu !"
return value upon success return value upon failure
pointer to a lin# interface structure N(//
re-entrant arguments
yes " - pointer to a device % - pointer to a buffer to contain a possible error message
libnet&open&lin#&interface( opens a low-level pac#et interface. This is re'uired in order to be able in+ect lin# layer frames. 3upplied is a u&char pointer to the interface device name and a u&char pointer to an error buffer. 2eturned is a filled-in lin#&int structure or N(// on error (with the error buffer containing the reason . The function can fail for a variety of reasons due to the fact that it is architecture specific.
int libnet_close_link_inter ace(struct libnet_link_int *l!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to a lin# interface structure
libnet&close&lin#&interface( closes an opened low-level pac#et interface.
int libnet_)rite_ip(int socket, u_char *packet, int packet_size!"
return value upon success return value upon failure re-entrant arguments
pac#et si$e -" yes " - soc#et % - pointer to the pac#et 0 - pac#et si$e
libnet&write&ip( writes an *P pac#et to the networ#. The first argument is the soc#et created with a previous call to libnet&open&raw&soc#, the second is a pointer to a buffer containing a complete *P datagram, and the third argument is the total pac#et si$e. The function returns the number of bytes written upon success or -" on error (with errno containing the reason .
int libnet_)rite_link_layer(struct libnet_link_int *l, const u_char *$e#ice, u_char *packet, int packet_size!"
return value upon success return value upon failure re-entrant arguments
pac#et si$e -" depends on architecture " - pointer to a lin# interface structure
% - pointer to the networ# device 0 - pointer to the pac#et = - pac#et si$e libnet&write&lin#&layer( writes a lin#-layer frame to the networ#. The first argument is a pointer to a filled-in libnet&lin#&int structure, the next is a pointer to the networ# device, the third is the raw pac#et and the last is the pac#et si$e. 2eturned is the number of bytes written or -" on error.
int libnet_$o_checksum(u_char *packet, int protocol, int packet_size!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to a pac#et % - protocol number of pac#et type 0 - pac#et si$e
libnet&do&chec#sum( calculates the chec#sum for a pac#et. The first argument is a pointer to a fully built *P pac#et. The second is the transport protocol of the pac#et and the third is the pac#et length (not including the *P header . The function calculates the chec#sum for the transport protocol and fills it in at the appropriate header location (this function should be called only after a complete pac#et has been built . Note that when using raw soc#ets the *P chec#sum is always computed by the #ernel and does not need to done by the user. :hen using the lin# layer interface the *P chec#sum must be explicitly computed (in this case, the protocol would be of type *PP24T4&*P and the si$e would include *P&; . The function returns " upon success or -" if the protocol is of an unsupported type. 7urrently supported are>
.'L/0
*PP24T4&T7P *PP24T4&(6P *PP24T4&*79P *PP24T4&*?9P *PP24T4&*P *PP24T4&43PF *PP24T4&43PF
+(12131L
T7P (6P *79P *?9P *P (for the lin#-layer api 43PF 43PF&/3-
5.4 +acket 3onstruction Functions
-ll libnet pac#et creation functions contain the same three terminal arguments> a pointer to an optional payload (or N(// if no payload is to be included , the length of the payload in bytes (or ) if no payload is included and most importantly, a pointer to a pre-allocated bloc# of memory (which must be large enough to accommodate the entire pac#et and payload .
The only way for any libnet pac#et construction function will return an error is if the memory which is supposed to be pre-allocated points to N(//.
libnet_buil$_arp(u_short hr$), u_short prot, u_short h_len, u_short p_len, u_short op, u_char *s_ha, u_char *s_pa, u_char *t_ha, u_char *t_pa, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - hardware address format (-2P;26&1T;12 % - protocol address format 0 - length of the hardware address = - length of the protocol address @ - -2P operation type A - sender!s hardware address B - sender!s protocol address C - target!s hardware address D - target!s protocol address ") - pointer to pac#et payload "" - pac#et payload length "% - pointer to pre-allocated pac#et memory
arguments
libnet&build&arp( constructs an -2P (2-2P pac#et. -t this point in the library, the function only builds ethernetE-2P pac#ets, but this will be easy enough to change (whenever * get around to it . The first nine arguments are standard -2P header arguments, with the last three being standard libnet pac#et creation arguments. The -2P operation type should be one of the following symbolic types>
.'L/0
-2P4P&218(13T -2P4P&21P/F -2P4P&215218(13T -2P4P&21521P/F -2P4P&*N5218(13T -2P4P&*N521P/F
50-3(I+2I16
-2P re'uest -2P reply 2-2P re'uest 2-2P reply re'uest to identify peer reply identifying peer
int libnet_buil$_$ns(u_short i$, u_short lags, u_short num_7, u_short num_ans)_rr, u_short num_auth_rr, u_short num_a$$_rr, const u_char * payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure
" -"
re-entrant
yes " - pac#et id % - control flags 0 - number of 'uestions = - number of answer resource records @ - number of authority resource records A - number of additional resource records B - pointer to pac#et payload C - pac#et payload length D - pointer to pre-allocated pac#et memory
arguments
libnet&build&dns( constructs a 6N3 pac#et. The static 6N3 fields are included as the first six arguments, but the optional variable length fields must be included with the payload interface.
int libnet_buil$_ethernet(u_char *$a$$r, u_char *sa$$r, u_short i$, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pointer to the destination address % - pointer to the source address 0 - ethernet pac#et type = - pointer to pac#et payload @ - pac#et payload si$e A - pointer to pre-allocated pac#et memory
arguments
libnet&buildðernet( constructs an ethernet pac#et. The destination address and source address arguments are expected to be arrays of unsigned character bytes. The pac#et type should be one of the following>
.'L/0
1T;12TFP1&P(P 1T;12TFP1&*P 1T;12TFP1&-2P 1T;12TFP1&215-2P 1T;12TFP1&5/-N 1T;12TFP1&/44P,-7G
+(12131L
P(P *P -2P 2-2P *111 5/-N tagging loopbac# test
int libnet_buil$_icmp_echo(u_char type, u_char co$e, u_short i$, u_short se7, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes "- pac#et type % - pac#et code 0 - pac#et id = - pac#et se'uence number @ - pointer to pac#et payload A - pac#et payload si$e B - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp&echo( constructs an *79P&17;4 E *79P&17;421P/F pac#et. The pac#et type should be *79P&17;421P/F or *79P&17;4 and the code should be ).
int libnet_buil$_icmp_mask(u_char type, u_char co$e, u_short i$, u_short se7, u_long mask, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et type % - pac#et code 0 - pac#et id = - pac#et se'uence number @ - *P netmas# A - pointer to pac#et payload B - pac#et payload length C - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp&mas#( constructs an *79P&9-3G218 E *79P&9-3G21P/F pac#et. The pac#et type should be either *79P&9-3G218 or *79P&9-3G21P/F and the code should be ). The *P netmas# argument should be a 0%-bit networ#-byte ordered subnet mas#.
int libnet_buil$_icmp_unreach(u_char type, u_char co$e, u_short orig_len, u_char orig_tos, u_short orig_i$, u_short orig_ rag, u_char orig_ttl, u_char orig_prot, u_long orig_sa$$r, u_long orig_$a$$r, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pac#et type % - pac#et code
0 - original *P length = - original *P T43 @ - original *P id A - original *P fragmentation bits B - original *P time to live C - original *P protocol D - original *P source address ") - original *P destination address "" - pointer to original *P payload "% - original *P payload si$e "0 - pointer to pre-allocated pac#et memory libnet&build&icmp&unreach( constructs an *79P&(N21-7; pac#et. The 0rd through the "%th arguments are used to build the *P header of the original pac#et that caused the error message (the *79P unreachable . The pac#et type should be *79P&(N21-7; and the code should be one of the following>
.'L/0
*79P&(N21-7;&N1T *79P&(N21-7;&;43T *79P&(N21-7;&P24T474/ *79P&(N21-7;&P42T *79P&(N21-7;&N116F2-? *79P&(N21-7;&327F-*/ *79P&(N21-7;&N1T&(NG4:N *79P&(N21-7;&;43T&P24;*, *79P&(N21-7;&T43N1T *79P&(N21-7;&T43;43T *79P&(N21-7;&F*/T12&P24;*, *79P&(N21-7;&;43T&P217161N71 *79P&(N21-7;&P217161N71&7(T4FF
50-3-(I+2I16
networ# is unreachable host is unreachable protocol is unreachable port is unreachable fragmentation re'uired but 6F bit set source routing failed networ# is un#nown host is prohibited *P T43 and networ# *P T43 and host prohibitive filtering host precedence host precedence cut-off
int libnet_buil$_icmp_timee%cee$(u_char, u_char, u_short, u_char, u_short, u_short, u_char, u_char, u_long, u_long, const u_char *, int, u_char *!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pac#et type % - pac#et code 0 - original *P length = - original *P T43 @ - original *P id A - original *P fragmentation bits
B - original *P time to live C - original *P protocol D - original *P source address ") - original *P destination address "" - pointer to original *P payload "% - original *P payload si$e "0 - pointer to pre-allocated pac#et memory libnet&build&icmp&timeexceed( constructs an *79P&T*91H7116 pac#et. This function is identical to libnet&build&icmp&unreach with the exception of the pac#et type and code. The pac#et type should be either *79P&T*9H7116&*NT2-N3 for pac#ets that expired in transit (TT/ expired or *79P&T*9H7116&21-33 for pac#ets that expired in the fragmentation reassembly 'ueue.
int libnet_buil$_icmp_re$irect(u_char type, u_char co$e, u_long gate)ay, u_short orig_len, u_char orig_tos, u_short orig_i$, u_short orig_ rag, u_char orig_ttl, u_char orig_prot, u_long orig_sa$$r, u_long orig_$a$$r, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et type % - pac#et code 0 - *P address of the gateway = - original *P length @ - original *P T43 A - original *P id B - original *P fragmentation bits C - original *P time to live D - original *P protocol ") - original *P source address "" - original *P destination address "% - pointer to original *P payload "0 - original *P payload si$e "= - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp&redirect( constructs an *79P&216*217T pac#et. This function is similar to libnet&build&icmp&unreach, the differences being the type and code and the addition of an argument to hold the *P address of the gateway that should be used (hence the redirect . The pac#et type should be *79P&216*217T and the code should be one of the following>
.'L/0
*79P&(N21-7;&N1T *79P&(N21-7;&;43T *79P&(N21-7;&P24T474/
50-3-(I+2I16
redirect for networ# redirect for host redirect for T43 and networ#
*79P&(N21-7;&P42T
redirect for T43 and host
int libnet_buil$_icmp_timestamp(u_char type, u_char co$e, u_short i$, u_short se7, n_time otime, n_time rtime, n_time ttime, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et type % - pac#et code 0 - pac#et id = - pac#et se'uence number @ - originate timestamp A - receive timestamp B - transmit timestamp C - pointer to pac#et payload D - pac#et payload si$e ") - pointer to pre-allocated pac#et memory
arguments
libnet&build&icmp×tamp( constructs an *79P&T3T-9P E *79P&T3T-9P21P/F pac#et. The pac#et type should be *79P&T3T-9P or *79P&T3T-9P21P/F and the code should be ).
int libnet_buil$_igmp(u_char type, u_char co$e, u_long ip, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant " -" yes " - pac#et type % - pac#et code 0 - *P address = - pointer to pac#et payload @ - pac#et payload si$e A - pointer to pre-allocated pac#et memory
arguments
libnet&build&igmp( constructs an *?9P pac#et. The pac#et type should be one of the following>
.'L/0
*?9P&919,123;*P&8(12F *?9P&5"&919,123;*P&21P42T *?9P&5%&919,123;*P&21P42T *?9P&/1-51&?24(P
50-3-(I+2I16
membership 'uery version " membership report version % membership report leave-group message
The code, which is a routing sub-message, should probably be left to ), unless you #now what you!re doing.
int libnet_buil$_ip(u_short len, u_char tos, u_short ip_i$, u_short rag, u_char ttl, u_char protocol, u_long sa$$r, u_long $a$$r, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - pac#et length (not including the *P header % - type of service 0 - pac#et id = - fragmentation bits E offset @ - time to live A - protocol B - source address C - destination address D - pointer to pac#et payload ") - pac#et payload length "" - pointer to pre-allocated pac#et memory
arguments
libnet&build&ip( constructs the mighty *P pac#et. The fragmentation field may be ) or contain some combination of the following>
.'L/0
*P&6F *P&9F
50-3(I+2I16
don!t fragment this datagram (only valid when alone more fragments on the way (42!d together with an offset value
The *P&4FF9-3G is used to retrieve the offset from the fragmentation field. *P pac#ets may be no larger than *P&9-HP-7G1T bytes. The source and destination addresses need to be in networ#-byte order. The payload interface should only be used to construct an arbitrary or non-supported type *P datagram. To construct a T7P, (6P, or similar type pac#et, use the relevant libnet&build function.
int libnet_buil$_osp (u_short len, u_char type, u_long router_i$, u_long area_i$, u_short auth_type, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - pac#et length (not including the 43PF header % - pac#et type 0 - router *6 = - area *6
@ - authentication type A - pointer to pac#et payload B - pac#et payload length C - pointer to pre-allocated pac#et memory libnet&build&ospf( builds a 43PF pac#et. Fou pass the pac#et length (not including the 43PF header , the pac#et type, 0%-bit router *6, 0%-bit area *6, the authentication type, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The payload should not be used to build the ;ello, /3-, /3(, /32, or 6,6 pac#ets as there are specific construction functions for those pac#et types. The following variables are to be used for the 43PF pac#et type>
.'L/0
43PF&(96 43PF&;1//4 43PF&6,6 43PF&/32 43PF&/3( 43PF&/3-
50-3-(I+2I16
(96 monitoring pac#et ;ello pac#et 6atabase description pac#et /in# state re'uest pac#et /in# state update pac#et /in# state ac#nowledgement pac#et
The following are the possible authentication types>
.'L/0
43PF&-(T;&N(// 43PF&-(T;&3*9P/1 43PF&-(T;&96@
50-3(I+2I16
N(// password plaintext, C character password 96@
The following is the structure used for the A= bit field when using 96@> struct auth { u_short ospf_auth_null; u_char ospf_auth_keyid; u_char ospf_auth_len; u_int ospf_auth_se"; %;
/* /* /* /*
NULL 16 bits */ Key I */ !uth data len */ #e"uence nu$ */
int libnet_buil$_osp _hello(u_long netmask, u_short inter#al, u_char options, u_char priority, u_int $ea$_inter#al, u_long $es_router, u_long backup, u_long neighbor, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure
" -"
re-entrant
yes " - netmas# for interface % - num of seconds since last pac#et was sent 0 - options = - priority @ - num of seconds until router is deemed dead A - designated router B - bac#up router C - neighbor D - pac#et payload ") - payload length "" - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&hello( builds an 43PF ;ello pac#et. Fou pass the netmas# for the interface, the number of seconds since the last pac#et was sent, possible options, the router!s priority (if ), it can!t be a bac#up router , the time (in seconds until a router is deemed down, the networ#s designated router, the networ#s bac#up router, a neighbor, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory used for the pac#et. *f there is more than one neighbor that is to be included in the pac#et, +ust allocate enough space for the pac#et buf, and pass the neighbors as the Ioptional data payload.I
int libnet_buil$_osp _$b$(u_short len, u_char options, u_char type, u_int se7uence_num, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant
" -" yes " - length % - options 0 - type = - se'uence number @ - pac#et payload A - payload length B - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&dbd( builds an 43PF 6ata,ase 6escription (6,6 pac#et. Fou pass the maximum length of an *P pac#et the interface can use, pac#et options, the type of exchange occurring, a se'uence number, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The following can be used for the type variable>
.'L/0
6,6&*,*T 6,6&9,*T 6,6&93,*T
50-3(I+2I16
*nitiali$ation bit 9ore 6,6 pac#ets en route 3ender is the master
int libnet_buil$_osp _lsr(u_int type, u_int ls_i$, u_long a$#_router, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant
" -" yes " - type % - *6 0 - advertising router = - pac#et payload @ - payload length A - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsr( builds an 43PF /in# 3tate 2e'uest (/32 pac#et. Fou pass the type of lin# state pac#et being re'uested, the lin# state *6, the advertising router, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. 3ee the libnet&build&ospf&lsa( section for more information regarding variables.
int libnet_buil$_osp _lsu(u_int num, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - number of /3- pac#ets inside % - pac#et payload 0 - payload length = - pointer to pre-allocated pac#et memory
libnet&build&ospf&lsu( builds an 43PF /in# 3tate (pdate (/3( pac#et. Fou pass the number of /in# 3tate -c#nowledgment (/3- pac#ets that will be in the pac#et, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et.
int libnet_buil$_osp _lsa(u_short age, u_char options, u_char type, u_int ls_i$, u_long a$#_router, u_int se7uence_num, u_short len, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - lin# state age % - options
0 - type = - lin# state *6 @ - advertising router A - se'uence number B - length not including /3- header C - pac#et payload D - payload length ") - pointer to pre-allocated pac#et memory libnet&build&ospf&lsa( builds an 43PF /in# 3tate -c#nowledgement (/3- pac#et. Fou pass the lin# state age, pac#et options, type of /3-, the lin# state *6, the advertising router, the pac#et!s se'uence number, the length of the pac#et (¬& including the /3- header length , a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The following variables can be used for the type of /3->
.'L/0
/3&TFP1&2T2 /3&TFP1&N1T /3&TFP1&*P /3&TFP1&-3,2 /3&TFP1&-31HT
50-3(I+2I16
2outer /3Networ# /33ummary /3- (*P networ# 3ummary /3- (-3,2 -3-1xternal /3-
int libnet_buil$_osp _lsa_rtr(u_short lags, u_short num, u_int i$, u_int $ata, u_char type, u_char tos, u_short metric, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant " -" yes " - flags % - number of lin#s 0 - lin# *6 = - info for lin# *6 @ - router lin# type A - T43 metrics B - pac#et payload C - payload length D - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsa&rtr( builds an 43PF /in# 3tate 2outer pac#et. Fou pass the optional pac#et flags, the number of lin#s within that pac#et, the lin# *6 (helps describe the next variable , the info for the specified lin# *6, the type of router lin#, the number of T43 metrics for this lin#, the metric (the cost of using the lin# , a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. The possible flags (not including )x)) are as follows>
.'L/0
2T2&F/-?3&: 2T2&F/-?3&1 2T2&F/-?3&,
50-3(I+2I16
: bit 1 bit , bit
The possible lin# *6!s are as follows>
.'L/0
/*NG&*6&N,2&*6 /*NG&*6&*P&613 /*NG&*6&3(,
50-3(I+2I16
Neighbors router *6 *P address of router *P subnet number
The possible values for the router type are as follows>
.'L/0
2T2&TFP1&PTP 2T2&TFP1&T2-N3 2T2&TFP1&3T(, 2T2&TFP1&52T/
50-3(I+2I16
Point to point 7onnection to a .transit networ#. 7onnection to a .stub networ#. 7onnection to a .virtual lin#.
int libnet_buil$_osp _lsa_net(u_long netmask, u_int router_i$, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant " -" yes " - netmas# % - router *6 0 - pac#et payload = - pac#et payload length @ - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsa&net( builds an 43PF /in# 3ate Networ# pac#et. Fou pass the interface!s netmas#, the router *6, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et.
int libnet_buil$_osp _lsa_sum(u_long netmask, u_int metric, u_int tos, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant
" -" yes " - netmas# % - metric 0 - T43 = - pac#et payload @ - pac#et payload length A - pointer to pre-allocated pac#et memory
arguments
libnet&build&ospf&lsa&sum( builds an 43PF /in# 3tate 3ummary pac#et. Fou pass the interface!s netmas#, the cost of using the lin# (metric , the T43, which is passed as a unsigned integer but the first C bits are the T43 and the last %= bits are the T43 metric, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et.
int libnet_buil$_osp _lsa_as(u_long netmask, u_int metric, u_long )$_a$$r, u_int tag, const char *payloa$, int payloa$_s, u_char *bu !"
return value upon success return value upon failure re-entrant " -" yes " - netmas# % - metric 0 - forwarding address = - external route tag A - pac#et payload B - pac#et payload length C - pointer to pre-allocated pac#et memory
arguments
libnet&buils&ospf&lsa&as( builds an 43PF /in# 3tate -3 1xternal pac#et. Fou pass the interface!s netmas#, the cost of using the lin# (metric , the forwarding address, the external route tag, a pointer to an optional data payload, the payload length, and a pointer to a pre-allocated bloc# of memory for the pac#et. *n reality, the metric only uses the last %= bits of the unsigned int. The first Cbits are reserved for a possible bit to be set (the 1 bit, see above for more info . The variable -3&1&,*T&4N can be used logically to set the 1 bit on.
int libnet_buil$_rip(u_char cm$, u_char #er, u_short $omain, u_short a$$r_ am, u_short route_tag, u_long ip, u_long mask, u_long ne%t_hop, u_long metric, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant " -" yes
arguments
" - command % - version 0 - routing domain (or $ero = - address family @ - route tag (or $ero A - *P address B - netmas# (or $ero C - next hop *P address (or $ero D - metric ") - pointer to pac#et payload "" - pac#et payload length "% - pointer to pre-allocated pac#et memory
libnet&build&rip( constructs a 2*P pac#et. 6epending on the version of 2*P you are using, pac#et fields are slightly different. The following chart highlights these differences>
'(8/M062
" % 0 = @ A B C D
.0(-I16 1
command 2*P512&" $ero address family $ero *P address $ero $ero metric
.0(-I16 &
command 2*P512&% routing domain address family subnet mas# *P address subnet mas# next hop ip metric
The 2*P commands should be one of the following>
.'L/0
2*P796&218(13T 2*P796&213P4N31 2*P796&T2-714N 2*P796&T2-714FF 2*P796&P4// 2*P796&9-H
50-3(I+2I16
2*P re'uest 2*P response 2*P tracing on 2*P tracing off 2*P polling
2*P796&P4//1NT2F 2*P poll entry
int libnet_buil$_tcp(u_short th_sport, u_short th_$port, u_long th_se7, u_long th_ack, u_char th_ lags, u_short th_)in, u_short th_urg, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant
" -" yes " - source port % - destination port 0 - se'uence number = - ac#nowledgement number @ - control flags A - window si$e B - urgent pointer C - pointer to pac#et payload D - pac#et payload si$e ") - pointer to pre-allocated pac#et memory
arguments
libnet&build&tcp( constructs a T7P pac#et. The control flags should be one or more of the following (42!d together if need be >
.'L/0
T;&(2? T;&-7G T;&P3; T;&23T T;&3FN T;&F*N
50-3-(I+2I16
urgent data is present ac#nowledgement number field should be chec#ed push this data to the application reset the referenced connection synchroni$e connection se'uence numbers sender is finished sending data
int libnet_buil$_u$p(u_short sport, u_short $port, const u_char *payloa$, int payloa$_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant " -" yes " - source port % - destination port 0 - pointer to pac#et payload = - pac#et payload si$e @ - pointer to pre-allocated pac#et memory
arguments
libnet&build&udp( constructs a (6P pac#et. Please remember that (6P chec#sums are considered mandatory by the host re'uirements 2F7.
int libnet_insert_ipo(struct ipoption *opt, u_char opt_len, u_char *packet_bu !"
return value upon success "
return value upon failure re-entrant arguments
-" yes " - pointer to a *P options structure (filled in % - options length 0 - pointer to a complete *P pac#et
libnet&insert&ipo( inserts *P options into a pre-built *P pac#et. 3upplied is a pointer to an ip options structure, the si$e of this options list, and a pointer the pre-built pac#et. The options list should be constructed as they will appear on the wire, as they are simply inserted into the pac#et at the appropriate location. The function returns -" if the options would result in pac#et too large (greater then A@@0@ bytes , or if the pac#et buffer is N(//. *t is an unchec#ed runtime error for the user to have not allocated enough heap memory for the *P pac#et plus the *P options.
int libnet_insert_tcpo(struct tcpoption *opt, u_char opt_len, u_char *packet_bu !"
return value upon success return value upon failure re-entrant arguments " -" yes " - pointer to a T7P options structure (filled in % - options length 0 - pointer to a complete *PET7P pac#et
libnet&insert&tcpo( inserts T7P options into a pre-built *PET7P pac#et. 3upplied is a pointer to a tcp options structure, the si$e of this options list, and a pointer the pre-built pac#et. The options list should be constructed as they will appear on the wire, as they are simply inserted into the pac#et at the appropriate location. The function returns -" if the options would result in pac#et too large (greater then A@@0@ bytes , if the pac#et isn!t an *PET7P pac#et, if the options list if longer than %) bytes, or if the pac#et buffer is N(//. *t is an unchec#ed runtime error for the user to have not allocated enough heap memory for the *PET7P pac#et plus the *P options.
5.5 -upport Functions
int libnet_see$_pran$(!"
return value upon success return value upon failure re-entrant arguments " -" yes N-
libnet&seed&prand( seeds the pseudo-random number generator. The function is basically a wrapper to srandom. *t ma#es a call to gettimeofday to get entropy. *t can return -" if the call to gettimeofday fails (chec# errno . *t otherwise returns ".
u_long libnet_get_pran$(int mo$ulus!"
return value upon success return value upon failure re-entrant arguments
" Nyes " - maximum si$e of pseudo-random number desired
libnet&get&prand( generates a psuedo-random number. The range of the returned number is controlled by the function!s only argument>
.'L/0
/*,N1T&P2% /*,N1T&P2C /*,N1T&P2"A /*,N1T&P2u"A /*,N1T&P20% /*,N1T&P2u0%
50-3-(I+2I16
)-" ) - %@@ ) - 0%BAB ) - A@@0@ ) - %"=B=C0A=B ) - =%D=DAB%D@
The function does not fail.
#oi$ libnet_he%_$ump(u_char * bu , int len, int s)ap, FIL0 *stream!"
return value upon success return value upon failure re-entrant arguments NNyes " - pac#et to dump % - pac#et length 0 - byte swap flag = - previously opened stream in which to dump pac#et
libnet&hex&dump( prints out a pac#et in hexadecimal. *t will print the pac#et as it appears in memory, or as it will appear on the wire, depending on the value of the byte-swap flag. The function prints the pac#et to a previously opened stream (such as stdout . Note that on big-endian architectures such as 3olaris, the pac#et will appear the same in memory as it will on the wire.
int libnet_plist_chain_ne)(struct libnet_plist_chain **plist, char *token_list!"
return value upon success return value upon failure re-entrant arguments " -" yes " - pointer to a libnet&plist&chain pointer % - pointer to to#en list
libnet&plist&chain&new( constructs a new libnet port-list chain. - libnet port-list chain is a fast and simple way of implementing port-list ranges (useful for applications that employ a list of ports - li#e a port scanner . Fou!ll see naive implementations that allocate an entire array of A@@0@ bytes and fill in the desired ports one by one. ;owever, we only really need to store the beginning port and the ending port, and we can efficiently store multiple port ranges (delimited by commas by using a lin#ed list chain with each node holding the beginning and ending port for a particular range. For example, The port range ."")%=. would occupy one node with the beginning port being " and the ending port being ")%=. The port range .%@,"")-"A",A))). would result in 0 nodes being allocated. 3ingle ports are ta#en as single ranges (port %@ ends up being %@-%@ . - port list range without a terminating port (port&num - is considered shorthand for (port&num - A@@0@ . The arguments are a pointer to libnet&plist&chain pointer (which will end up being the head of the lin#ed list which needs to deference an allocated libnet&plist&chain structure and pointer to the port-list (to#enlist itself. The function chec#s this character port list for valid to#ens ("%0=@ABCD),- and returns an error if an unrecogni$ed to#en is found. (pon success the function returns ", and head points to the newly formed port-list (and also contains the number of nodes in the list. *f an error occurs (an unrecogni$ed to#en is found or malloc fails -" is returned and head is set to N(//. libnet&plist&chain&next&pair( should be used to extract port list pairs.
int libnet_plist_chain_ne%t_pair(struct libnet_plist_chain *plist, u_short *bport, u_short *eport!"
return value upon success return value upon failure re-entrant arguments ", ) -" yes " - pointer to a libnet&plist&chain pointer % - pointer to the beginning port (to be filled in 0 - pointer to the ending port (to be filled in
libnet&plist&chain&next&pair( fetches the next pair of ports from the list. The function ta#es a pointer to the head of the prebuilt list and a pointer to a u&short that will contain the beginning port and a pointer to a u&short that will contain the ending port.
The function returns " and fills in these values if there are nodes remaining, or if the port list chain is exhausted, it returns ). *f an error occurs (the libnet&plist&chain pointer is N(// the function returns -".
int libnet_plist_chain_$ump(struct libnet_plist_chain *plist!"
return value upon success return value upon failure re-entrant arguments
" -" yes " - pointer to a libnet&plist&chain pointer
libnet&plist&chain&dump( dumps the port-list chain referenced by the argument. The function prints the list to stdout (it!s mainly meant as a debugging tool . *t returns " upon success or if an error occurs (the libnet&plist&chain pointer is N(// the function returns -".
u_char *libnet_plist_chain_$ump_string(struct libnet_plist_chain *plist!"
return value upon success return value upon failure re-entrant arguments pointer to the to#en list N(// no " - pointer to a libnet&plist&chain pointer
libnet&plist&chain&dump&string( returns the port-list chain referenced by the argument as a string. *t returns the port list string upon success or if an error occurs (the libnet&plist&chain pointer is N(// the function returns N(//.
#oi$ libnet_plist_chain_ ree(struct libnet_plist_chain *plist!"
return value upon success return value upon failure re-entrant arguments NNyes " - pointer to a libnet&plist&chain pointer
libnet&plist&chain&free( frees the memory associated with the libnet port list chain.
5.9 -ymbolic 3onstants
/ibnet conveniently defines standard pac#et header si$es, for use with many pac#et manipulation functions, as per the following chart>
-:M;1LI3 316-2'62
/*,N1T&-2P&; /*,N1T&6N3&; /*,N1T&1T;&; /*,N1T&*79P&; (deprecated /*,N1T&*79P&17;4&; /*,N1T&*79P&9-3G&; /*,N1T&*79P&(N21-7;&; /*,N1T&*79P&T*9H7116&; /*,N1T&*79P&216*217T&; /*,N1T&*79P&T3&; /*,N1T&*?9P&; /*,N1T&*P&; /*,N1T&2*P&; /*,N1T&T7P&; /*,N1T&(6P&; 9ore pac#et memory constants>
-I<0 I6 ;:20%C "% "= = C "% C C C %) C %) %= %) C
-:M;1LI3 316-2'62 M0'6I68
/*,N1T&P-7G1T /*,N1T&4PT3 /*,N1T&9-H&P-7G1T enough memory for a T7P or (6P header and an *P header enough memory for *P or T7P options (=) bytes enough memory for *P&9-HP-7G1T (A@@0@ bytes
The following are used for psuedo random number generation, with libnet&get&prand( >
-:M;1LI3 316-2'62
/*,N1T&P2-N6&9-H /*,N1T&P2% /*,N1T&P2C /*,N1T&P2"A /*,N1T&P2u"A
('680
A@@0@ )-% ) - %@@ ) - 0%BAB ) - A@@0@
/*,N1T&P20% /*,N1T&P2u0%
) - %"=B=C0A=B ) - =%D=DAB%D@
For error messaging, used in con+unction with libnet&error( >
-:M;1LI3 316-2'62 M0'6I68
/*,N1T&122&:-2N*N? /*,N1T&122&72*T*7-/ /*,N1T&122&F-T-/
warning error message critical error message fatal error message (program will exit
For use with libnet&host&loo#up( , libnet&host&loo#up&r( , and libnet&name&resolve( >
-:M;1LI3 316-2'62
/*,N1T&64NT&2134/51 /*,N1T&2134/51
M0'6I68
do not resolve *P addresses into F86Ns attempt to resolve *P addresses into F86Ns
5.= Macros
The arena interface defines the following macros>
M'3(1
/*,N1T&?1T&-21N-&3*J1(arena /*,N1T&?1T&-21N-&219-*N*N?&,FT13(arena
M0'6I68
returns the si$e of the arena returns the number of bytes left in the arena
To print the ethernet address from an ether&addr struct use the following macro>
M'3(1
/*,N1T&P2*NT&1T;&-662(e 6e%t +re#ious2op
M0'6I68
Prints the ethernet address of the ether&addr struct
