diff --git a/sbin/ping/main.c b/sbin/ping/main.c index e07b30952199..686b412a19b7 100644 --- a/sbin/ping/main.c +++ b/sbin/ping/main.c @@ -1,214 +1,297 @@ /*- * SPDX-License-Identifier: BSD-2-Clause * * Copyright (C) 2019 Jan Sucan * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include #include #include #include #include #include +#include +#include #include #include #include #include #include #include "main.h" #ifdef INET #include "ping.h" #endif #ifdef INET6 #include "ping6.h" #endif #if defined(INET) && defined(INET6) #define OPTSTR PING6OPTS PING4OPTS #elif defined(INET) #define OPTSTR PING4OPTS #elif defined(INET6) #define OPTSTR PING6OPTS #else #error At least one of INET and INET6 is required #endif +/* various options */ +u_int options; + +char *hostname; + +/* counters */ +long nreceived; /* # of packets we got back */ +long nrepeats; /* number of duplicates */ +long ntransmitted; /* sequence # for outbound packets = #sent */ +long nrcvtimeout = 0; /* # of packets we got back after waittime */ + +/* nonzero if we've been told to finish up */ +volatile sig_atomic_t seenint; +volatile sig_atomic_t seeninfo; + +/* timing */ +int timing; /* flag to do timing */ +double tmin = 999999999.0; /* minimum round trip time */ +double tmax = 0.0; /* maximum round trip time */ +double tsum = 0.0; /* sum of all times, for doing average */ +double tsumsq = 0.0; /* sum of all times squared, for std. dev. */ + int main(int argc, char *argv[]) { #if defined(INET) struct in_addr a; #endif #if defined(INET6) struct in6_addr a6; #endif #if defined(INET) && defined(INET6) struct addrinfo hints, *res, *ai; int error; #endif int opt; #ifdef INET6 if (strcmp(getprogname(), "ping6") == 0) return ping6(argc, argv); #endif while ((opt = getopt(argc, argv, ":" OPTSTR)) != -1) { switch (opt) { #ifdef INET case '4': goto ping4; #endif #ifdef INET6 case '6': goto ping6; #endif case 'S': /* * If -S is given with a numeric parameter, * force use of the corresponding version. */ #ifdef INET if (inet_pton(AF_INET, optarg, &a) == 1) goto ping4; #endif #ifdef INET6 if (inet_pton(AF_INET6, optarg, &a6) == 1) goto ping6; #endif break; default: break; } } /* * For IPv4, only one positional argument, the target, is allowed. * For IPv6, multiple positional argument are allowed; the last * one is the target, and preceding ones are intermediate hops. * This nuance is lost here, but the only case where it matters is * an error. */ if (optind >= argc) usage(); #if defined(INET) && defined(INET6) memset(&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_RAW; if (feature_present("inet") && !feature_present("inet6")) hints.ai_family = AF_INET; if (feature_present("inet6") && !feature_present("inet")) hints.ai_family = AF_INET6; else hints.ai_family = AF_UNSPEC; error = getaddrinfo(argv[argc - 1], NULL, &hints, &res); if (res == NULL) errx(1, "%s", gai_strerror(error)); for (ai = res; ai != NULL; ai = ai->ai_next) { if (ai->ai_family == AF_INET) { freeaddrinfo(res); goto ping4; } if (ai->ai_family == AF_INET6) { freeaddrinfo(res); goto ping6; } } freeaddrinfo(res); errx(1, "Unknown host"); #endif #ifdef INET ping4: optreset = 1; optind = 1; return ping(argc, argv); #endif #ifdef INET6 ping6: optreset = 1; optind = 1; return ping6(argc, argv); #endif } +/* + * onsignal -- + * Set the global bit that causes the main loop to quit. + */ +void +onsignal(int sig) +{ + switch (sig) { + case SIGALRM: + case SIGINT: + /* + * When doing reverse DNS lookups, the seenint flag might not + * be noticed for a while. Just exit if we get a second SIGINT. + */ + if (!(options & F_HOSTNAME) && seenint != 0) + _exit(nreceived ? 0 : 2); + seenint++; + break; + case SIGINFO: + seeninfo++; + break; + } +} + +/* + * pr_summary -- + * Print out summary statistics to the given output stream. + */ +void +pr_summary(FILE * restrict stream) +{ + fprintf(stream, "\n--- %s ping statistics ---\n", hostname); + fprintf(stream, "%ld packets transmitted, ", ntransmitted); + fprintf(stream, "%ld packets received, ", nreceived); + if (nrepeats) + fprintf(stream, "+%ld duplicates, ", nrepeats); + if (ntransmitted) { + if (nreceived > ntransmitted) + fprintf(stream, "-- somebody's duplicating packets!"); + else + fprintf(stream, "%.1f%% packet loss", + ((((double)ntransmitted - nreceived) * 100.0) / + ntransmitted)); + } + if (nrcvtimeout) + fprintf(stream, ", %ld packets out of wait time", nrcvtimeout); + fputc('\n', stream); + if (nreceived && timing) { + /* Only display average to microseconds */ + double num = nreceived + nrepeats; + double avg = tsum / num; + double stddev = sqrt(fmax(0, tsumsq / num - avg * avg)); + fprintf(stream, + "round-trip min/avg/max/stddev = %.3f/%.3f/%.3f/%.3f ms\n", + tmin, avg, tmax, stddev); + } + fflush(stream); +} + void usage(void) { (void)fprintf(stderr, "usage:\n" #ifdef INET "\tping [-4AaDdfHnoQqRrv] [-C pcp] [-c count] " "[-G sweepmaxsize]\n" "\t [-g sweepminsize] [-h sweepincrsize] [-i wait] " "[-l preload]\n" "\t [-M mask | time] [-m ttl] " #ifdef IPSEC "[-P policy] " #endif "[-p pattern] [-S src_addr] \n" "\t [-s packetsize] [-t timeout] [-W waittime] [-z tos] " "IPv4-host\n" "\tping [-4AaDdfHLnoQqRrv] [-C pcp] [-c count] [-I iface] " "[-i wait]\n" "\t [-l preload] [-M mask | time] [-m ttl] " #ifdef IPSEC "[-P policy] " #endif "[-p pattern]\n" "\t [-S src_addr] [-s packetsize] [-T ttl] [-t timeout] [-W waittime]\n" "\t [-z tos] IPv4-mcast-group\n" #endif /* INET */ #ifdef INET6 "\tping [-6AaDd" #if defined(IPSEC) && !defined(IPSEC_POLICY_IPSEC) "E" #endif "fHnNoOq" #ifdef IPV6_USE_MIN_MTU "u" #endif "vyY" #if defined(IPSEC) && !defined(IPSEC_POLICY_IPSEC) "Z" #endif "] " "[-b bufsiz] [-C pcp] [-c count] [-e gateway]\n" "\t [-I interface] [-i wait] [-k addrtype] [-l preload] " "[-m hoplimit]\n" "\t [-p pattern]" #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) " [-P policy]" #endif " [-S sourceaddr] [-s packetsize] [-t timeout]\n" "\t [-W waittime] [-z tclass] [IPv6-hops ...] IPv6-host\n" #endif /* INET6 */ ); exit(1); } diff --git a/sbin/ping/main.h b/sbin/ping/main.h index 7084585e6bb0..9a883b61a350 100644 --- a/sbin/ping/main.h +++ b/sbin/ping/main.h @@ -1,54 +1,79 @@ /*- * SPDX-License-Identifier: BSD-2-Clause * * Copyright (C) 2019 Jan Sucan * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef MAIN_H #define MAIN_H 1 #ifdef IPSEC #include #endif /*IPSEC*/ #if defined(INET) && defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) #define PING4ADDOPTS "P:" #else #define PING4ADDOPTS #endif #define PING4OPTS ".::4AaC:c:DdfG:g:Hh:I:i:Ll:M:m:nop:QqRrS:s:T:t:vW:z:" PING4ADDOPTS #if defined(INET6) && defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) #define PING6ADDOPTS "P:" #elif defined(INET6) && defined(IPSEC) && !defined(IPSEC_POLICY_IPSEC) #define PING6ADDOPTS "ZE" #else #define PING6ADDOPTS #endif #define PING6OPTS ".::6Aab:C:c:Dde:fHI:i:k:l:m:nNoOp:qS:s:t:uvyYW:z:" PING6ADDOPTS +/* various options */ +extern u_int options; +#define F_HOSTNAME 0x0004 + +extern char *hostname; + +/* counters */ +extern long nreceived; /* # of packets we got back */ +extern long nrepeats; /* number of duplicates */ +extern long ntransmitted; /* sequence # for outbound packets = #sent */ +extern long nrcvtimeout; /* # of packets we got back after waittime */ + +/* nonzero if we've been told to finish up */ +extern volatile sig_atomic_t seenint; +extern volatile sig_atomic_t seeninfo; + +/* timing */ +extern int timing; /* flag to do timing */ +extern double tmin; /* minimum round trip time */ +extern double tmax; /* maximum round trip time */ +extern double tsum; /* sum of all times, for doing average */ +extern double tsumsq; /* sum of all times squared, for std. dev. */ + +void onsignal(int); +void pr_summary(FILE * __restrict); void usage(void) __dead2; #endif diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index ad16ff5a5ee9..bbb103a7361f 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -1,1794 +1,1687 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Mike Muuss. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; #endif /* not lint */ #endif #include /* * P I N G . C * * Using the Internet Control Message Protocol (ICMP) "ECHO" facility, * measure round-trip-delays and packet loss across network paths. * * Author - * Mike Muuss * U. S. Army Ballistic Research Laboratory * December, 1983 * * Status - * Public Domain. Distribution Unlimited. * Bugs - * More statistics could always be gathered. * This program has to run SUID to ROOT to access the ICMP socket. */ #include /* NB: we rely on this for */ #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef IPSEC #include #endif /*IPSEC*/ #include #include #include #include -#include #include #include #include #include #include #include #include #include #include #include "main.h" #include "ping.h" #include "utils.h" #define INADDR_LEN ((int)sizeof(in_addr_t)) #define TIMEVAL_LEN ((int)sizeof(struct tv32)) #define MASK_LEN (ICMP_MASKLEN - ICMP_MINLEN) #define TS_LEN (ICMP_TSLEN - ICMP_MINLEN) #define DEFDATALEN 56 /* default data length */ #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */ /* runs out of buffer space */ #define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN) #define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN) #define MAXWAIT 10000 /* max ms to wait for response */ #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ #define MAXTOS 255 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ #define SET(bit) (A(bit) |= B(bit)) #define CLR(bit) (A(bit) &= (~B(bit))) #define TST(bit) (A(bit) & B(bit)) struct tv32 { int32_t tv32_sec; int32_t tv32_nsec; }; /* various options */ -static int options; #define F_FLOOD 0x0001 #define F_INTERVAL 0x0002 -#define F_NUMERIC 0x0004 #define F_PINGFILLED 0x0008 #define F_QUIET 0x0010 #define F_RROUTE 0x0020 #define F_SO_DEBUG 0x0040 #define F_SO_DONTROUTE 0x0080 #define F_VERBOSE 0x0100 #define F_QUIET2 0x0200 #define F_NOLOOP 0x0400 #define F_MTTL 0x0800 #define F_MIF 0x1000 #define F_AUDIBLE 0x2000 #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC #define F_POLICY 0x4000 #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ #define F_TTL 0x8000 #define F_MISSED 0x10000 #define F_ONCE 0x20000 #define F_HDRINCL 0x40000 #define F_MASK 0x80000 #define F_TIME 0x100000 #define F_SWEEP 0x200000 #define F_WAITTIME 0x400000 #define F_IP_VLAN_PCP 0x800000 #define F_DOT 0x1000000 /* * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum * number of received sequence numbers we can keep track of. Change 128 * to 8192 for complete accuracy... */ #define MAX_DUP_CHK (8 * 128) static int mx_dup_ck = MAX_DUP_CHK; static char rcvd_tbl[MAX_DUP_CHK / 8]; static struct sockaddr_in whereto; /* who to ping */ static int datalen = DEFDATALEN; static int maxpayload; static int ssend; /* send socket file descriptor */ static int srecv; /* receive socket file descriptor */ static u_char outpackhdr[IP_MAXPACKET], *outpack; static char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ static char BSPACE = '\b'; /* characters written for flood */ static const char *DOT = "."; static size_t DOTlen = 1; static size_t DOTidx = 0; -static char *hostname; static char *shostname; static int ident; /* process id to identify our packets */ static int uid; /* cached uid for micro-optimization */ static u_char icmp_type = ICMP_ECHO; static u_char icmp_type_rsp = ICMP_ECHOREPLY; static int phdr_len = 0; static int send_len; /* counters */ static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ static long npackets; /* max packets to transmit */ -static long nreceived; /* # of packets we got back */ -static long nrepeats; /* number of duplicates */ -static long ntransmitted; /* sequence # for outbound packets = #sent */ static long snpackets; /* max packets to transmit in one sweep */ static long sntransmitted; /* # of packets we sent in this sweep */ static int sweepmax; /* max value of payload in sweep */ static int sweepmin = 0; /* start value of payload in sweep */ static int sweepincr = 1; /* payload increment in sweep */ static int interval = 1000; /* interval between packets, ms */ static int waittime = MAXWAIT; /* timeout for each packet */ -static long nrcvtimeout = 0; /* # of packets we got back after waittime */ - -/* timing */ -static int timing; /* flag to do timing */ -static double tmin = 999999999.0; /* minimum round trip time */ -static double tmax = 0.0; /* maximum round trip time */ -static double tsum = 0.0; /* sum of all times, for doing average */ -static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */ - -/* nonzero if we've been told to finish up */ -static volatile sig_atomic_t finish_up; -static volatile sig_atomic_t siginfo_p; static cap_channel_t *capdns; static void fill(char *, char *); static cap_channel_t *capdns_setup(void); -static void check_status(void); -static void finish(void) __dead2; static void pinger(void); static char *pr_addr(struct in_addr); static char *pr_ntime(n_time); static void pr_icmph(struct icmp *, struct ip *, const u_char *const); static void pr_iph(struct ip *, const u_char *); static void pr_pack(char *, ssize_t, struct sockaddr_in *, struct timespec *); -static void status(int); -static void stopit(int); int ping(int argc, char *const *argv) { struct sockaddr_in from, sock_in; struct in_addr ifaddr; struct timespec last, intvl; struct iovec iov; struct msghdr msg; struct sigaction si_sa; size_t sz; u_char *datap, packet[IP_MAXPACKET] __aligned(4); const char *errstr; char *ep, *source, *target, *payload; struct hostent *hp; #ifdef IPSEC_POLICY_IPSEC char *policy_in, *policy_out; #endif struct sockaddr_in *to; double t; u_long alarmtimeout; long long ltmp; int almost_done, ch, df, hold, i, icmp_len, mib[4], preload; int ssend_errno, srecv_errno, tos, ttl, pcp; char ctrl[CMSG_SPACE(sizeof(struct timespec))]; char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN]; #ifdef IP_OPTIONS char rspace[MAX_IPOPTLEN]; /* record route space */ #endif unsigned char loop, mttl; payload = source = NULL; #ifdef IPSEC_POLICY_IPSEC policy_in = policy_out = NULL; #endif cap_rights_t rights; - options |= F_NUMERIC; - /* * Do the stuff that we need root priv's for *first*, and * then drop our setuid bit. Save error reporting for * after arg parsing. * * Historicaly ping was using one socket 's' for sending and for * receiving. After capsicum(4) related changes we use two * sockets. It was done for special ping use case - when user * issue ping on multicast or broadcast address replies come * from different addresses, not from the address we * connect(2)'ed to, and send socket do not receive those * packets. */ ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); ssend_errno = errno; srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); srecv_errno = errno; if (setuid(getuid()) != 0) err(EX_NOPERM, "setuid() failed"); uid = getuid(); if (ssend < 0) { errno = ssend_errno; err(EX_OSERR, "ssend socket"); } if (srecv < 0) { errno = srecv_errno; err(EX_OSERR, "srecv socket"); } alarmtimeout = df = preload = tos = pcp = 0; outpack = outpackhdr + sizeof(struct ip); while ((ch = getopt(argc, argv, PING4OPTS)) != -1) { switch(ch) { case '.': options |= F_DOT; if (optarg != NULL) { DOT = optarg; DOTlen = strlen(optarg); } break; case '4': /* This option is processed in main(). */ break; case 'A': options |= F_MISSED; break; case 'a': options |= F_AUDIBLE; break; case 'C': options |= F_IP_VLAN_PCP; ltmp = strtonum(optarg, -1, 7, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid PCP: `%s'", optarg); pcp = ltmp; break; case 'c': ltmp = strtonum(optarg, 1, LONG_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid count of packets to transmit: `%s'", optarg); npackets = (long)ltmp; break; case 'D': options |= F_HDRINCL; df = 1; break; case 'd': options |= F_SO_DEBUG; break; case 'f': if (uid) { errno = EPERM; err(EX_NOPERM, "-f flag"); } options |= F_FLOOD; options |= F_DOT; setbuf(stdout, (char *)NULL); break; case 'G': /* Maximum packet size for ping sweep */ ltmp = strtonum(optarg, 1, INT_MAX, &errstr); if (errstr != NULL) { errx(EX_USAGE, "invalid packet size: `%s'", optarg); } sweepmax = (int)ltmp; if (uid != 0 && sweepmax > DEFDATALEN) { errc(EX_NOPERM, EPERM, "packet size too large: %d > %u", sweepmax, DEFDATALEN); } options |= F_SWEEP; break; case 'g': /* Minimum packet size for ping sweep */ ltmp = strtonum(optarg, 1, INT_MAX, &errstr); if (errstr != NULL) { errx(EX_USAGE, "invalid packet size: `%s'", optarg); } sweepmin = (int)ltmp; if (uid != 0 && sweepmin > DEFDATALEN) { errc(EX_NOPERM, EPERM, "packet size too large: %d > %u", sweepmin, DEFDATALEN); } options |= F_SWEEP; break; case 'H': - options &= ~F_NUMERIC; + options |= F_HOSTNAME; break; case 'h': /* Packet size increment for ping sweep */ ltmp = strtonum(optarg, 1, INT_MAX, &errstr); if (errstr != NULL) { errx(EX_USAGE, "invalid packet size: `%s'", optarg); } sweepincr = (int)ltmp; if (uid != 0 && sweepincr > DEFDATALEN) { errc(EX_NOPERM, EPERM, "packet size too large: %d > %u", sweepincr, DEFDATALEN); } options |= F_SWEEP; break; case 'I': /* multicast interface */ if (inet_aton(optarg, &ifaddr) == 0) errx(EX_USAGE, "invalid multicast interface: `%s'", optarg); options |= F_MIF; break; case 'i': /* wait between sending packets */ t = strtod(optarg, &ep) * 1000.0; if (*ep || ep == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_INTERVAL; interval = (int)t; if (uid && interval < 1000) { errno = EPERM; err(EX_NOPERM, "-i interval too short"); } break; case 'L': options |= F_NOLOOP; loop = 0; break; case 'l': ltmp = strtonum(optarg, 0, INT_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid preload value: `%s'", optarg); if (uid) { errno = EPERM; err(EX_NOPERM, "-l flag"); } preload = (int)ltmp; break; case 'M': switch(optarg[0]) { case 'M': case 'm': options |= F_MASK; break; case 'T': case 't': options |= F_TIME; break; default: errx(EX_USAGE, "invalid message: `%c'", optarg[0]); break; } break; case 'm': /* TTL */ ltmp = strtonum(optarg, 0, MAXTTL, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid TTL: `%s'", optarg); ttl = (int)ltmp; options |= F_TTL; break; case 'n': - options |= F_NUMERIC; + options &= ~F_HOSTNAME; break; case 'o': options |= F_ONCE; break; #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC case 'P': options |= F_POLICY; if (!strncmp("in", optarg, 2)) policy_in = strdup(optarg); else if (!strncmp("out", optarg, 3)) policy_out = strdup(optarg); else errx(1, "invalid security policy"); break; #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ case 'p': /* fill buffer with user pattern */ options |= F_PINGFILLED; payload = optarg; break; case 'Q': options |= F_QUIET2; break; case 'q': options |= F_QUIET; break; case 'R': options |= F_RROUTE; break; case 'r': options |= F_SO_DONTROUTE; break; case 'S': source = optarg; break; case 's': /* size of packet to send */ ltmp = strtonum(optarg, 0, INT_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid packet size: `%s'", optarg); datalen = (int)ltmp; if (uid != 0 && datalen > DEFDATALEN) { errno = EPERM; err(EX_NOPERM, "packet size too large: %d > %u", datalen, DEFDATALEN); } break; case 'T': /* multicast TTL */ ltmp = strtonum(optarg, 0, MAXTTL, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid multicast TTL: `%s'", optarg); mttl = (unsigned char)ltmp; options |= F_MTTL; break; case 't': alarmtimeout = strtoul(optarg, &ep, 0); if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) errx(EX_USAGE, "invalid timeout: `%s'", optarg); if (alarmtimeout > MAXALARM) errx(EX_USAGE, "invalid timeout: `%s' > %d", optarg, MAXALARM); { struct itimerval itv; timerclear(&itv.it_interval); timerclear(&itv.it_value); itv.it_value.tv_sec = (time_t)alarmtimeout; if (setitimer(ITIMER_REAL, &itv, NULL) != 0) err(1, "setitimer"); } break; case 'v': options |= F_VERBOSE; break; case 'W': /* wait ms for answer */ t = strtod(optarg, &ep); if (*ep || ep == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_WAITTIME; waittime = (int)t; break; case 'z': options |= F_HDRINCL; ltmp = strtol(optarg, &ep, 0); if (*ep || ep == optarg || ltmp > MAXTOS || ltmp < 0) errx(EX_USAGE, "invalid TOS: `%s'", optarg); tos = ltmp; break; default: usage(); } } if (argc - optind != 1) usage(); target = argv[optind]; switch (options & (F_MASK|F_TIME)) { case 0: break; case F_MASK: icmp_type = ICMP_MASKREQ; icmp_type_rsp = ICMP_MASKREPLY; phdr_len = MASK_LEN; if (!(options & F_QUIET)) (void)printf("ICMP_MASKREQ\n"); break; case F_TIME: icmp_type = ICMP_TSTAMP; icmp_type_rsp = ICMP_TSTAMPREPLY; phdr_len = TS_LEN; if (!(options & F_QUIET)) (void)printf("ICMP_TSTAMP\n"); break; default: errx(EX_USAGE, "ICMP_TSTAMP and ICMP_MASKREQ are exclusive."); break; } icmp_len = sizeof(struct ip) + ICMP_MINLEN + phdr_len; if (options & F_RROUTE) icmp_len += MAX_IPOPTLEN; maxpayload = IP_MAXPACKET - icmp_len; if (datalen > maxpayload) errx(EX_USAGE, "packet size too large: %d > %d", datalen, maxpayload); send_len = icmp_len + datalen; datap = &outpack[ICMP_MINLEN + phdr_len + TIMEVAL_LEN]; if (options & F_PINGFILLED) { fill((char *)datap, payload); } capdns = capdns_setup(); if (source) { bzero((char *)&sock_in, sizeof(sock_in)); sock_in.sin_family = AF_INET; if (inet_aton(source, &sock_in.sin_addr) != 0) { shostname = source; } else { hp = cap_gethostbyname2(capdns, source, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", source, hstrerror(h_errno)); sock_in.sin_len = sizeof sock_in; if ((unsigned)hp->h_length > sizeof(sock_in.sin_addr) || hp->h_length < 0) errx(1, "gethostbyname2: illegal address"); memcpy(&sock_in.sin_addr, hp->h_addr_list[0], sizeof(sock_in.sin_addr)); (void)strncpy(snamebuf, hp->h_name, sizeof(snamebuf) - 1); snamebuf[sizeof(snamebuf) - 1] = '\0'; shostname = snamebuf; } if (bind(ssend, (struct sockaddr *)&sock_in, sizeof sock_in) == -1) err(1, "bind"); } bzero(&whereto, sizeof(whereto)); to = &whereto; to->sin_family = AF_INET; to->sin_len = sizeof *to; if (inet_aton(target, &to->sin_addr) != 0) { hostname = target; } else { hp = cap_gethostbyname2(capdns, target, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", target, hstrerror(h_errno)); if ((unsigned)hp->h_length > sizeof(to->sin_addr)) errx(1, "gethostbyname2 returned an illegal address"); memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr); (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1); hnamebuf[sizeof(hnamebuf) - 1] = '\0'; hostname = hnamebuf; } /* From now on we will use only reverse DNS lookups. */ #ifdef WITH_CASPER if (capdns != NULL) { const char *types[1]; types[0] = "ADDR2NAME"; if (cap_dns_type_limit(capdns, types, 1) < 0) err(1, "unable to limit access to system.dns service"); } #endif if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0) err(1, "connect"); if (options & F_FLOOD && options & F_INTERVAL) errx(EX_USAGE, "-f and -i: incompatible options"); if (options & F_FLOOD && IN_MULTICAST(ntohl(to->sin_addr.s_addr))) errx(EX_USAGE, "-f flag cannot be used with multicast destination"); if (options & (F_MIF | F_NOLOOP | F_MTTL) && !IN_MULTICAST(ntohl(to->sin_addr.s_addr))) errx(EX_USAGE, "-I, -L, -T flags cannot be used with unicast destination"); if (datalen >= TIMEVAL_LEN) /* can we time transfer */ timing = 1; if ((options & (F_PINGFILLED | F_SWEEP)) == 0) for (i = TIMEVAL_LEN; i < datalen; ++i) *datap++ = i; ident = getpid() & 0xFFFF; hold = 1; if (options & F_SO_DEBUG) { (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); } if (options & F_SO_DONTROUTE) (void)setsockopt(ssend, SOL_SOCKET, SO_DONTROUTE, (char *)&hold, sizeof(hold)); if (options & F_IP_VLAN_PCP) { (void)setsockopt(ssend, IPPROTO_IP, IP_VLAN_PCP, (char *)&pcp, sizeof(pcp)); } #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC if (options & F_POLICY) { char *buf; if (policy_in != NULL) { buf = ipsec_set_policy(policy_in, strlen(policy_in)); if (buf == NULL) errx(EX_CONFIG, "%s", ipsec_strerror()); if (setsockopt(srecv, IPPROTO_IP, IP_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) err(EX_CONFIG, "ipsec policy cannot be configured"); free(buf); } if (policy_out != NULL) { buf = ipsec_set_policy(policy_out, strlen(policy_out)); if (buf == NULL) errx(EX_CONFIG, "%s", ipsec_strerror()); if (setsockopt(ssend, IPPROTO_IP, IP_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) err(EX_CONFIG, "ipsec policy cannot be configured"); free(buf); } } #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ if (options & F_HDRINCL) { struct ip ip; memcpy(&ip, outpackhdr, sizeof(ip)); if (!(options & (F_TTL | F_MTTL))) { mib[0] = CTL_NET; mib[1] = PF_INET; mib[2] = IPPROTO_IP; mib[3] = IPCTL_DEFTTL; sz = sizeof(ttl); if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1) err(1, "sysctl(net.inet.ip.ttl)"); } setsockopt(ssend, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold)); ip.ip_v = IPVERSION; ip.ip_hl = sizeof(struct ip) >> 2; ip.ip_tos = tos; ip.ip_id = 0; ip.ip_off = htons(df ? IP_DF : 0); ip.ip_ttl = ttl; ip.ip_p = IPPROTO_ICMP; ip.ip_src.s_addr = source ? sock_in.sin_addr.s_addr : INADDR_ANY; ip.ip_dst = to->sin_addr; memcpy(outpackhdr, &ip, sizeof(ip)); } /* * Here we enter capability mode. Further down access to global * namespaces (e.g filesystem) is restricted (see capsicum(4)). * We must connect(2) our socket before this point. */ caph_cache_catpages(); if (caph_enter_casper() < 0) err(1, "caph_enter_casper"); cap_rights_init(&rights, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); if (caph_rights_limit(srecv, &rights) < 0) err(1, "cap_rights_limit srecv"); cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT); if (caph_rights_limit(ssend, &rights) < 0) err(1, "cap_rights_limit ssend"); /* record route option */ if (options & F_RROUTE) { #ifdef IP_OPTIONS bzero(rspace, sizeof(rspace)); rspace[IPOPT_OPTVAL] = IPOPT_RR; rspace[IPOPT_OLEN] = sizeof(rspace) - 1; rspace[IPOPT_OFFSET] = IPOPT_MINOFF; rspace[sizeof(rspace) - 1] = IPOPT_EOL; if (setsockopt(ssend, IPPROTO_IP, IP_OPTIONS, rspace, sizeof(rspace)) < 0) err(EX_OSERR, "setsockopt IP_OPTIONS"); #else errx(EX_UNAVAILABLE, "record route not available in this implementation"); #endif /* IP_OPTIONS */ } if (options & F_TTL) { if (setsockopt(ssend, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl)) < 0) { err(EX_OSERR, "setsockopt IP_TTL"); } } if (options & F_NOLOOP) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(loop)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_LOOP"); } } if (options & F_MTTL) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_TTL, &mttl, sizeof(mttl)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_TTL"); } } if (options & F_MIF) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_IF, &ifaddr, sizeof(ifaddr)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_IF"); } } #ifdef SO_TIMESTAMP { int on = 1; int ts_clock = SO_TS_MONOTONIC; if (setsockopt(srecv, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on)) < 0) err(EX_OSERR, "setsockopt SO_TIMESTAMP"); if (setsockopt(srecv, SOL_SOCKET, SO_TS_CLOCK, &ts_clock, sizeof(ts_clock)) < 0) err(EX_OSERR, "setsockopt SO_TS_CLOCK"); } #endif if (sweepmax) { if (sweepmin > sweepmax) errx(EX_USAGE, "Maximum packet size must be no less than the minimum packet size"); if (sweepmax > maxpayload - TIMEVAL_LEN) errx(EX_USAGE, "Invalid sweep maximum"); if (datalen != DEFDATALEN) errx(EX_USAGE, "Packet size and ping sweep are mutually exclusive"); if (npackets > 0) { snpackets = npackets; npackets = 0; } else snpackets = 1; datalen = sweepmin; send_len = icmp_len + sweepmin; } if (options & F_SWEEP && !sweepmax) errx(EX_USAGE, "Maximum sweep size must be specified"); /* * When pinging the broadcast address, you can get a lot of answers. * Doing something so evil is useful if you are trying to stress the * ethernet, or just want to fill the arp cache to get some stuff for * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast * or multicast pings if they wish. */ /* * XXX receive buffer needs undetermined space for mbuf overhead * as well. */ hold = IP_MAXPACKET + 128; (void)setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, sizeof(hold)); /* CAP_SETSOCKOPT removed */ cap_rights_init(&rights, CAP_RECV, CAP_EVENT); if (caph_rights_limit(srecv, &rights) < 0) err(1, "cap_rights_limit srecv setsockopt"); if (uid == 0) (void)setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, (char *)&hold, sizeof(hold)); /* CAP_SETSOCKOPT removed */ cap_rights_init(&rights, CAP_SEND); if (caph_rights_limit(ssend, &rights) < 0) err(1, "cap_rights_limit ssend setsockopt"); if (to->sin_family == AF_INET) { (void)printf("PING %s (%s)", hostname, inet_ntoa(to->sin_addr)); if (source) (void)printf(" from %s", shostname); if (sweepmax) (void)printf(": (%d ... %d) data bytes\n", sweepmin, sweepmax); else (void)printf(": %d data bytes\n", datalen); } else { if (sweepmax) (void)printf("PING %s: (%d ... %d) data bytes\n", hostname, sweepmin, sweepmax); else (void)printf("PING %s: %d data bytes\n", hostname, datalen); } /* * Use sigaction() instead of signal() to get unambiguous semantics, * in particular with SA_RESTART not set. */ sigemptyset(&si_sa.sa_mask); si_sa.sa_flags = 0; - - si_sa.sa_handler = stopit; - if (sigaction(SIGINT, &si_sa, 0) == -1) { + si_sa.sa_handler = onsignal; + if (sigaction(SIGINT, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINT"); - } - - si_sa.sa_handler = status; - if (sigaction(SIGINFO, &si_sa, 0) == -1) { + seenint = 0; + if (sigaction(SIGINFO, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINFO"); - } - - if (alarmtimeout > 0) { - si_sa.sa_handler = stopit; + seeninfo = 0; + if (alarmtimeout > 0) { if (sigaction(SIGALRM, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGALRM"); - } + } bzero(&msg, sizeof(msg)); msg.msg_name = (caddr_t)&from; msg.msg_iov = &iov; msg.msg_iovlen = 1; #ifdef SO_TIMESTAMP msg.msg_control = (caddr_t)ctrl; msg.msg_controllen = sizeof(ctrl); #endif iov.iov_base = packet; iov.iov_len = IP_MAXPACKET; if (preload == 0) pinger(); /* send the first ping */ else { if (npackets != 0 && preload > npackets) preload = npackets; while (preload--) /* fire off them quickies */ pinger(); } (void)clock_gettime(CLOCK_MONOTONIC, &last); if (options & F_FLOOD) { intvl.tv_sec = 0; intvl.tv_nsec = 10000000; } else { intvl.tv_sec = interval / 1000; intvl.tv_nsec = interval % 1000 * 1000000; } almost_done = 0; - while (!finish_up) { + while (seenint == 0) { struct timespec now, timeout; fd_set rfds; int n; ssize_t cc; - check_status(); + /* signal handling */ + if (seeninfo) { + pr_summary(stderr); + seeninfo = 0; + continue; + } if ((unsigned)srecv >= FD_SETSIZE) errx(EX_OSERR, "descriptor too large"); FD_ZERO(&rfds); FD_SET(srecv, &rfds); (void)clock_gettime(CLOCK_MONOTONIC, &now); timespecadd(&last, &intvl, &timeout); timespecsub(&timeout, &now, &timeout); if (timeout.tv_sec < 0) timespecclear(&timeout); + n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL); if (n < 0) - continue; /* Must be EINTR. */ + continue; /* EINTR */ if (n == 1) { struct timespec *tv = NULL; #ifdef SO_TIMESTAMP struct cmsghdr *cmsg = CMSG_FIRSTHDR(&msg); #endif msg.msg_namelen = sizeof(from); if ((cc = recvmsg(srecv, &msg, 0)) < 0) { if (errno == EINTR) continue; warn("recvmsg"); continue; } /* If we have a 0 byte read from recvfrom continue */ if (cc == 0) continue; #ifdef SO_TIMESTAMP if (cmsg != NULL && cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_TIMESTAMP && cmsg->cmsg_len == CMSG_LEN(sizeof *tv)) { /* Copy to avoid alignment problems: */ memcpy(&now, CMSG_DATA(cmsg), sizeof(now)); tv = &now; } #endif if (tv == NULL) { (void)clock_gettime(CLOCK_MONOTONIC, &now); tv = &now; } pr_pack((char *)packet, cc, &from, tv); if ((options & F_ONCE && nreceived) || (npackets && nreceived >= npackets)) break; } - if (n == 0 || options & F_FLOOD) { + if (n == 0 || (options & F_FLOOD)) { if (sweepmax && sntransmitted == snpackets) { if (datalen + sweepincr > sweepmax) break; for (i = 0; i < sweepincr; i++) *datap++ = i; datalen += sweepincr; send_len = icmp_len + datalen; sntransmitted = 0; } if (!npackets || ntransmitted < npackets) pinger(); else { if (almost_done) break; almost_done = 1; + /* + * If we're not transmitting any more packets, + * change the timer to wait two round-trip times + * if we've received any packets or (waittime) + * milliseconds if we haven't. + */ intvl.tv_nsec = 0; if (nreceived) { intvl.tv_sec = 2 * tmax / 1000; - if (!intvl.tv_sec) + if (intvl.tv_sec == 0) intvl.tv_sec = 1; } else { intvl.tv_sec = waittime / 1000; - intvl.tv_nsec = waittime % 1000 * 1000000; + intvl.tv_nsec = + waittime % 1000 * 1000000; } } (void)clock_gettime(CLOCK_MONOTONIC, &last); if (ntransmitted - nreceived - 1 > nmissedmax) { nmissedmax = ntransmitted - nreceived - 1; if (options & F_MISSED) (void)write(STDOUT_FILENO, &BBELL, 1); } } } - finish(); - /* NOTREACHED */ - exit(0); /* Make the compiler happy */ -} - -/* - * stopit -- - * Set the global bit that causes the main loop to quit. - * Do NOT call finish() from here, since finish() does far too much - * to be called from a signal handler. - */ -void -stopit(int sig __unused) -{ + pr_summary(stdout); - /* - * When doing reverse DNS lookups, the finish_up flag might not - * be noticed for a while. Just exit if we get a second SIGINT. - */ - if (!(options & F_NUMERIC) && finish_up) - _exit(nreceived ? 0 : 2); - finish_up = 1; + exit(nreceived ? 0 : 2); } /* * pinger -- * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet * will be added on by the kernel. The ID field is our UNIX process ID, * and the sequence number is an ascending integer. The first TIMEVAL_LEN * bytes of the data portion are used to hold a UNIX "timespec" struct in * host byte-order, to compute the round-trip time. */ static void pinger(void) { struct timespec now; struct tv32 tv32; struct icmp icp; int cc, i; u_char *packet; packet = outpack; memcpy(&icp, outpack, ICMP_MINLEN + phdr_len); icp.icmp_type = icmp_type; icp.icmp_code = 0; icp.icmp_cksum = 0; icp.icmp_seq = htons(ntransmitted); icp.icmp_id = ident; /* ID */ CLR(ntransmitted % mx_dup_ck); if ((options & F_TIME) || timing) { (void)clock_gettime(CLOCK_MONOTONIC, &now); /* * Truncate seconds down to 32 bits in order * to fit the timestamp within 8 bytes of the * packet. We're only concerned with * durations, not absolute times. */ tv32.tv32_sec = (uint32_t)htonl(now.tv_sec); tv32.tv32_nsec = (uint32_t)htonl(now.tv_nsec); if (options & F_TIME) icp.icmp_otime = htonl((now.tv_sec % (24*60*60)) * 1000 + now.tv_nsec / 1000000); if (timing) bcopy((void *)&tv32, (void *)&outpack[ICMP_MINLEN + phdr_len], sizeof(tv32)); } memcpy(outpack, &icp, ICMP_MINLEN + phdr_len); cc = ICMP_MINLEN + phdr_len + datalen; /* compute ICMP checksum here */ icp.icmp_cksum = in_cksum(outpack, cc); /* Update icmp_cksum in the raw packet data buffer. */ memcpy(outpack + offsetof(struct icmp, icmp_cksum), &icp.icmp_cksum, sizeof(icp.icmp_cksum)); if (options & F_HDRINCL) { struct ip ip; cc += sizeof(struct ip); ip.ip_len = htons(cc); /* Update ip_len in the raw packet data buffer. */ memcpy(outpackhdr + offsetof(struct ip, ip_len), &ip.ip_len, sizeof(ip.ip_len)); ip.ip_sum = in_cksum(outpackhdr, cc); /* Update ip_sum in the raw packet data buffer. */ memcpy(outpackhdr + offsetof(struct ip, ip_sum), &ip.ip_sum, sizeof(ip.ip_sum)); packet = outpackhdr; } i = send(ssend, (char *)packet, cc, 0); if (i < 0 || i != cc) { if (i < 0) { if (options & F_FLOOD && errno == ENOBUFS) { usleep(FLOOD_BACKOFF); return; } warn("sendto"); } else { warn("%s: partial write: %d of %d bytes", hostname, i, cc); } } ntransmitted++; sntransmitted++; if (!(options & F_QUIET) && options & F_DOT) (void)write(STDOUT_FILENO, &DOT[DOTidx++ % DOTlen], 1); } /* * pr_pack -- * Print out the packet, if it came from us. This logic is necessary * because ALL readers of the ICMP socket get a copy of ALL ICMP packets * which arrive ('tis only fair). This permits multiple copies of this * program to be run without having intermingled output (or statistics!). */ static void pr_pack(char *buf, ssize_t cc, struct sockaddr_in *from, struct timespec *tv) { struct in_addr ina; u_char *cp, *dp, l; struct icmp icp; struct ip ip; const u_char *icmp_data_raw; ssize_t icmp_data_raw_len; double triptime; int dupflag, i, j, recv_len; int8_t hlen; uint16_t seq; static int old_rrlen; static char old_rr[MAX_IPOPTLEN]; struct ip oip; u_char oip_header_len; struct icmp oicmp; const u_char *oicmp_raw; /* * Get size of IP header of the received packet. * The header length is contained in the lower four bits of the first * byte and represents the number of 4 byte octets the header takes up. * * The IHL minimum value is 5 (20 bytes) and its maximum value is 15 * (60 bytes). */ memcpy(&l, buf, sizeof(l)); hlen = (l & 0x0f) << 2; /* Reject IP packets with a short header */ if (hlen < (int8_t) sizeof(struct ip)) { if (options & F_VERBOSE) warn("IHL too short (%d bytes) from %s", hlen, inet_ntoa(from->sin_addr)); return; } memcpy(&ip, buf, sizeof(struct ip)); /* Check packet has enough data to carry a valid ICMP header */ recv_len = cc; if (cc < hlen + ICMP_MINLEN) { if (options & F_VERBOSE) warn("packet too short (%zd bytes) from %s", cc, inet_ntoa(from->sin_addr)); return; } icmp_data_raw_len = cc - (hlen + offsetof(struct icmp, icmp_data)); icmp_data_raw = buf + hlen + offsetof(struct icmp, icmp_data); /* Now the ICMP part */ cc -= hlen; memcpy(&icp, buf + hlen, MIN((ssize_t)sizeof(icp), cc)); if (icp.icmp_type == icmp_type_rsp) { if (icp.icmp_id != ident) return; /* 'Twas not our ECHO */ ++nreceived; triptime = 0.0; if (timing) { struct timespec tv1; struct tv32 tv32; const u_char *tp; tp = icmp_data_raw + phdr_len; if ((size_t)(cc - ICMP_MINLEN - phdr_len) >= sizeof(tv1)) { /* Copy to avoid alignment problems: */ memcpy(&tv32, tp, sizeof(tv32)); tv1.tv_sec = ntohl(tv32.tv32_sec); tv1.tv_nsec = ntohl(tv32.tv32_nsec); timespecsub(tv, &tv1, tv); triptime = ((double)tv->tv_sec) * 1000.0 + ((double)tv->tv_nsec) / 1000000.0; if (triptime < 0) { warnx("time of day goes back (%.3f ms)," " clamping time to 0", triptime); triptime = 0; } tsum += triptime; tsumsq += triptime * triptime; if (triptime < tmin) tmin = triptime; if (triptime > tmax) tmax = triptime; } else timing = 0; } seq = ntohs(icp.icmp_seq); if (TST(seq % mx_dup_ck)) { ++nrepeats; --nreceived; dupflag = 1; } else { SET(seq % mx_dup_ck); dupflag = 0; } if (options & F_QUIET) return; if (options & F_WAITTIME && triptime > waittime) { ++nrcvtimeout; return; } if (options & F_DOT) (void)write(STDOUT_FILENO, &BSPACE, 1); else { (void)printf("%zd bytes from %s: icmp_seq=%u", cc, pr_addr(from->sin_addr), seq); (void)printf(" ttl=%d", ip.ip_ttl); if (timing) (void)printf(" time=%.3f ms", triptime); if (dupflag) (void)printf(" (DUP!)"); if (options & F_AUDIBLE) (void)write(STDOUT_FILENO, &BBELL, 1); if (options & F_MASK) { /* Just prentend this cast isn't ugly */ (void)printf(" mask=%s", inet_ntoa(*(struct in_addr *)&(icp.icmp_mask))); } if (options & F_TIME) { (void)printf(" tso=%s", pr_ntime(icp.icmp_otime)); (void)printf(" tsr=%s", pr_ntime(icp.icmp_rtime)); (void)printf(" tst=%s", pr_ntime(icp.icmp_ttime)); } if (recv_len != send_len) { (void)printf( "\nwrong total length %d instead of %d", recv_len, send_len); } /* check the data */ cp = (u_char*)(buf + hlen + offsetof(struct icmp, icmp_data) + phdr_len); dp = &outpack[ICMP_MINLEN + phdr_len]; cc -= ICMP_MINLEN + phdr_len; i = 0; if (timing) { /* don't check variable timestamp */ cp += TIMEVAL_LEN; dp += TIMEVAL_LEN; cc -= TIMEVAL_LEN; i += TIMEVAL_LEN; } for (; i < datalen && cc > 0; ++i, ++cp, ++dp, --cc) { if (*cp != *dp) { (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp); (void)printf("\ncp:"); cp = (u_char*)(buf + hlen + offsetof(struct icmp, icmp_data)); for (i = 0; i < datalen; ++i, ++cp) { if ((i % 16) == 8) (void)printf("\n\t"); (void)printf("%2x ", *cp); } (void)printf("\ndp:"); cp = &outpack[ICMP_MINLEN]; for (i = 0; i < datalen; ++i, ++cp) { if ((i % 16) == 8) (void)printf("\n\t"); (void)printf("%2x ", *cp); } break; } } } } else { /* * We've got something other than an ECHOREPLY. * See if it's a reply to something that we sent. * We can compare IP destination, protocol, * and ICMP type and ID. * * Only print all the error messages if we are running * as root to avoid leaking information not normally * available to those not running as root. */ /* * If we don't have enough bytes for a quoted IP header and an * ICMP header then stop. */ if (icmp_data_raw_len < (ssize_t)(sizeof(struct ip) + sizeof(struct icmp))) { if (options & F_VERBOSE) warnx("quoted data too short (%zd bytes) from %s", icmp_data_raw_len, inet_ntoa(from->sin_addr)); return; } memcpy(&oip_header_len, icmp_data_raw, sizeof(oip_header_len)); oip_header_len = (oip_header_len & 0x0f) << 2; /* Reject IP packets with a short header */ if (oip_header_len < sizeof(struct ip)) { if (options & F_VERBOSE) warnx("inner IHL too short (%d bytes) from %s", oip_header_len, inet_ntoa(from->sin_addr)); return; } /* * Check against the actual IHL length, to protect against * quoated packets carrying IP options. */ if (icmp_data_raw_len < (ssize_t)(oip_header_len + sizeof(struct icmp))) { if (options & F_VERBOSE) warnx("inner packet too short (%zd bytes) from %s", icmp_data_raw_len, inet_ntoa(from->sin_addr)); return; } memcpy(&oip, icmp_data_raw, sizeof(struct ip)); oicmp_raw = icmp_data_raw + oip_header_len; memcpy(&oicmp, oicmp_raw, sizeof(struct icmp)); if (((options & F_VERBOSE) && uid == 0) || (!(options & F_QUIET2) && (oip.ip_dst.s_addr == whereto.sin_addr.s_addr) && (oip.ip_p == IPPROTO_ICMP) && (oicmp.icmp_type == ICMP_ECHO) && (oicmp.icmp_id == ident))) { (void)printf("%zd bytes from %s: ", cc, pr_addr(from->sin_addr)); pr_icmph(&icp, &oip, icmp_data_raw); } else return; } /* Display any IP options */ cp = (u_char *)buf + sizeof(struct ip); for (; hlen > (int)sizeof(struct ip); --hlen, ++cp) switch (*cp) { case IPOPT_EOL: hlen = 0; break; case IPOPT_LSRR: case IPOPT_SSRR: (void)printf(*cp == IPOPT_LSRR ? "\nLSRR: " : "\nSSRR: "); j = cp[IPOPT_OLEN] - IPOPT_MINOFF + 1; hlen -= 2; cp += 2; if (j >= INADDR_LEN && j <= hlen - (int)sizeof(struct ip)) { for (;;) { bcopy(++cp, &ina.s_addr, INADDR_LEN); if (ina.s_addr == 0) (void)printf("\t0.0.0.0"); else (void)printf("\t%s", pr_addr(ina)); hlen -= INADDR_LEN; cp += INADDR_LEN - 1; j -= INADDR_LEN; if (j < INADDR_LEN) break; (void)putchar('\n'); } } else (void)printf("\t(truncated route)"); break; case IPOPT_RR: j = cp[IPOPT_OLEN]; /* get length */ i = cp[IPOPT_OFFSET]; /* and pointer */ hlen -= 2; cp += 2; if (i > j) i = j; i = i - IPOPT_MINOFF + 1; if (i < 0 || i > (hlen - (int)sizeof(struct ip))) { old_rrlen = 0; continue; } if (i == old_rrlen && !bcmp((char *)cp, old_rr, i) && !(options & F_DOT)) { (void)printf("\t(same route)"); hlen -= i; cp += i; break; } old_rrlen = i; bcopy((char *)cp, old_rr, i); (void)printf("\nRR: "); if (i >= INADDR_LEN && i <= hlen - (int)sizeof(struct ip)) { for (;;) { bcopy(++cp, &ina.s_addr, INADDR_LEN); if (ina.s_addr == 0) (void)printf("\t0.0.0.0"); else (void)printf("\t%s", pr_addr(ina)); hlen -= INADDR_LEN; cp += INADDR_LEN - 1; i -= INADDR_LEN; if (i < INADDR_LEN) break; (void)putchar('\n'); } } else (void)printf("\t(truncated route)"); break; case IPOPT_NOP: (void)printf("\nNOP"); break; default: (void)printf("\nunknown option %x", *cp); break; } if (!(options & F_DOT)) { (void)putchar('\n'); (void)fflush(stdout); } } -/* - * status -- - * Print out statistics when SIGINFO is received. - */ - -static void -status(int sig __unused) -{ - - siginfo_p = 1; -} - -static void -check_status(void) -{ - - if (siginfo_p) { - siginfo_p = 0; - (void)fprintf(stderr, "\r%ld/%ld packets received (%.1f%%)", - nreceived, ntransmitted, - ntransmitted ? nreceived * 100.0 / ntransmitted : 0.0); - if (nreceived && timing) - (void)fprintf(stderr, " %.3f min / %.3f avg / %.3f max", - tmin, tsum / (nreceived + nrepeats), tmax); - (void)fprintf(stderr, "\n"); - } -} - -/* - * finish -- - * Print out statistics, and give up. - */ -static void -finish(void) -{ - - (void)signal(SIGINT, SIG_IGN); - (void)signal(SIGALRM, SIG_IGN); - (void)putchar('\n'); - (void)fflush(stdout); - (void)printf("--- %s ping statistics ---\n", hostname); - (void)printf("%ld packets transmitted, ", ntransmitted); - (void)printf("%ld packets received, ", nreceived); - if (nrepeats) - (void)printf("+%ld duplicates, ", nrepeats); - if (ntransmitted) { - if (nreceived > ntransmitted) - (void)printf("-- somebody's printing up packets!"); - else - (void)printf("%.1f%% packet loss", - ((ntransmitted - nreceived) * 100.0) / - ntransmitted); - } - if (nrcvtimeout) - (void)printf(", %ld packets out of wait time", nrcvtimeout); - (void)putchar('\n'); - if (nreceived && timing) { - double n = nreceived + nrepeats; - double avg = tsum / n; - double stddev = sqrt(fmax(0, tsumsq / n - avg * avg)); - (void)printf( - "round-trip min/avg/max/stddev = %.3f/%.3f/%.3f/%.3f ms\n", - tmin, avg, tmax, stddev); - } - - if (nreceived) - exit(0); - else - exit(2); -} - /* * pr_icmph -- * Print a descriptive string about an ICMP header. */ static void pr_icmph(struct icmp *icp, struct ip *oip, const u_char *const oicmp_raw) { switch(icp->icmp_type) { case ICMP_ECHOREPLY: (void)printf("Echo Reply\n"); /* XXX ID + Seq + Data */ break; case ICMP_UNREACH: switch(icp->icmp_code) { case ICMP_UNREACH_NET: (void)printf("Destination Net Unreachable\n"); break; case ICMP_UNREACH_HOST: (void)printf("Destination Host Unreachable\n"); break; case ICMP_UNREACH_PROTOCOL: (void)printf("Destination Protocol Unreachable\n"); break; case ICMP_UNREACH_PORT: (void)printf("Destination Port Unreachable\n"); break; case ICMP_UNREACH_NEEDFRAG: (void)printf("frag needed and DF set (MTU %d)\n", ntohs(icp->icmp_nextmtu)); break; case ICMP_UNREACH_SRCFAIL: (void)printf("Source Route Failed\n"); break; case ICMP_UNREACH_FILTER_PROHIB: (void)printf("Communication prohibited by filter\n"); break; default: (void)printf("Dest Unreachable, Bad Code: %d\n", icp->icmp_code); break; } /* Print returned IP header information */ pr_iph(oip, oicmp_raw); break; case ICMP_SOURCEQUENCH: (void)printf("Source Quench\n"); pr_iph(oip, oicmp_raw); break; case ICMP_REDIRECT: switch(icp->icmp_code) { case ICMP_REDIRECT_NET: (void)printf("Redirect Network"); break; case ICMP_REDIRECT_HOST: (void)printf("Redirect Host"); break; case ICMP_REDIRECT_TOSNET: (void)printf("Redirect Type of Service and Network"); break; case ICMP_REDIRECT_TOSHOST: (void)printf("Redirect Type of Service and Host"); break; default: (void)printf("Redirect, Bad Code: %d", icp->icmp_code); break; } (void)printf("(New addr: %s)\n", inet_ntoa(icp->icmp_gwaddr)); pr_iph(oip, oicmp_raw); break; case ICMP_ECHO: (void)printf("Echo Request\n"); /* XXX ID + Seq + Data */ break; case ICMP_TIMXCEED: switch(icp->icmp_code) { case ICMP_TIMXCEED_INTRANS: (void)printf("Time to live exceeded\n"); break; case ICMP_TIMXCEED_REASS: (void)printf("Frag reassembly time exceeded\n"); break; default: (void)printf("Time exceeded, Bad Code: %d\n", icp->icmp_code); break; } pr_iph(oip, oicmp_raw); break; case ICMP_PARAMPROB: (void)printf("Parameter problem: pointer = 0x%02x\n", icp->icmp_hun.ih_pptr); pr_iph(oip, oicmp_raw); break; case ICMP_TSTAMP: (void)printf("Timestamp\n"); /* XXX ID + Seq + 3 timestamps */ break; case ICMP_TSTAMPREPLY: (void)printf("Timestamp Reply\n"); /* XXX ID + Seq + 3 timestamps */ break; case ICMP_IREQ: (void)printf("Information Request\n"); /* XXX ID + Seq */ break; case ICMP_IREQREPLY: (void)printf("Information Reply\n"); /* XXX ID + Seq */ break; case ICMP_MASKREQ: (void)printf("Address Mask Request\n"); break; case ICMP_MASKREPLY: (void)printf("Address Mask Reply\n"); break; case ICMP_ROUTERADVERT: (void)printf("Router Advertisement\n"); break; case ICMP_ROUTERSOLICIT: (void)printf("Router Solicitation\n"); break; default: (void)printf("Bad ICMP type: %d\n", icp->icmp_type); } } /* * pr_iph -- * Print an IP header with options. */ static void pr_iph(struct ip *ip, const u_char *cp) { struct in_addr ina; int hlen; hlen = ip->ip_hl << 2; cp = cp + sizeof(struct ip); /* point to options */ (void)printf("Vr HL TOS Len ID Flg off TTL Pro cks Src Dst\n"); (void)printf(" %1x %1x %02x %04x %04x", ip->ip_v, ip->ip_hl, ip->ip_tos, ntohs(ip->ip_len), ntohs(ip->ip_id)); (void)printf(" %1x %04x", (ntohs(ip->ip_off) & 0xe000) >> 13, ntohs(ip->ip_off) & 0x1fff); (void)printf(" %02x %02x %04x", ip->ip_ttl, ip->ip_p, ntohs(ip->ip_sum)); memcpy(&ina, &ip->ip_src.s_addr, sizeof ina); (void)printf(" %s ", inet_ntoa(ina)); memcpy(&ina, &ip->ip_dst.s_addr, sizeof ina); (void)printf(" %s ", inet_ntoa(ina)); /* dump any option bytes */ while (hlen-- > (int)sizeof(struct ip)) { (void)printf("%02x", *cp++); } (void)putchar('\n'); } /* * pr_addr -- * Return an ascii host address as a dotted quad and optionally with * a hostname. */ static char * pr_addr(struct in_addr ina) { struct hostent *hp; static char buf[16 + 3 + MAXHOSTNAMELEN]; - if (options & F_NUMERIC) + if (!(options & F_HOSTNAME)) return inet_ntoa(ina); hp = cap_gethostbyaddr(capdns, (char *)&ina, sizeof(ina), AF_INET); if (hp == NULL) return inet_ntoa(ina); (void)snprintf(buf, sizeof(buf), "%s (%s)", hp->h_name, inet_ntoa(ina)); return(buf); } static char * pr_ntime(n_time timestamp) { static char buf[11]; int hour, min, sec; sec = ntohl(timestamp) / 1000; hour = sec / 60 / 60; min = (sec % (60 * 60)) / 60; sec = (sec % (60 * 60)) % 60; (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d", hour, min, sec); return (buf); } static void fill(char *bp, char *patp) { char *cp; int pat[16]; u_int ii, jj, kk; for (cp = patp; *cp; cp++) { if (!isxdigit(*cp)) errx(EX_USAGE, "patterns must be specified as hex digits"); } ii = sscanf(patp, "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], &pat[13], &pat[14], &pat[15]); if (ii > 0) for (kk = 0; kk <= maxpayload - (TIMEVAL_LEN + ii); kk += ii) for (jj = 0; jj < ii; ++jj) bp[jj + kk] = pat[jj]; if (!(options & F_QUIET)) { (void)printf("PATTERN: 0x"); for (jj = 0; jj < ii; ++jj) (void)printf("%02x", bp[jj] & 0xFF); (void)printf("\n"); } } static cap_channel_t * capdns_setup(void) { cap_channel_t *capcas, *capdnsloc; #ifdef WITH_CASPER const char *types[2]; int families[1]; #endif capcas = cap_init(); if (capcas == NULL) err(1, "unable to create casper process"); capdnsloc = cap_service_open(capcas, "system.dns"); /* Casper capability no longer needed. */ cap_close(capcas); if (capdnsloc == NULL) err(1, "unable to open system.dns service"); #ifdef WITH_CASPER types[0] = "NAME2ADDR"; types[1] = "ADDR2NAME"; if (cap_dns_type_limit(capdnsloc, types, 2) < 0) err(1, "unable to limit access to system.dns service"); families[0] = AF_INET; if (cap_dns_family_limit(capdnsloc, families, 1) < 0) err(1, "unable to limit access to system.dns service"); #endif return (capdnsloc); } diff --git a/sbin/ping/ping6.c b/sbin/ping/ping6.c index d14da9c67a52..a71ef8a84aee 100644 --- a/sbin/ping/ping6.c +++ b/sbin/ping/ping6.c @@ -1,2881 +1,2782 @@ /* $KAME: ping6.c,v 1.169 2003/07/25 06:01:47 itojun Exp $ */ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the project nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ /* BSDI ping.c,v 2.3 1996/01/21 17:56:50 jch Exp */ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Mike Muuss. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; #endif /* not lint */ #endif #include /* * Using the InterNet Control Message Protocol (ICMP) "ECHO" facility, * measure round-trip-delays and packet loss across network paths. * * Author - * Mike Muuss * U. S. Army Ballistic Research Laboratory * December, 1983 * * Status - * Public Domain. Distribution Unlimited. * Bugs - * More statistics could always be gathered. * This program has to run SUID to ROOT to access the ICMP socket. */ /* * NOTE: * USE_SIN6_SCOPE_ID assumes that sin6_scope_id has the same semantics * as IPV6_PKTINFO. Some people object it (sin6_scope_id specifies *link* * while IPV6_PKTINFO specifies *interface*. Link is defined as collection of * network attached to 1 or more interfaces) */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include -#include #include #include #include #include #include #include #include #ifdef IPSEC #include #include #endif #include #include "main.h" #include "ping6.h" struct tv32 { u_int32_t tv32_sec; u_int32_t tv32_nsec; }; #define MAXPACKETLEN 131072 #define IP6LEN 40 #define ICMP6ECHOLEN 8 /* icmp echo header len excluding time */ #define ICMP6ECHOTMLEN sizeof(struct tv32) #define ICMP6_NIQLEN (ICMP6ECHOLEN + 8) # define CONTROLLEN 10240 /* ancillary data buffer size RFC3542 20.1 */ /* FQDN case, 64 bits of nonce + 32 bits ttl */ #define ICMP6_NIRLEN (ICMP6ECHOLEN + 12) #define EXTRA 256 /* for AH and various other headers. weird. */ #define DEFDATALEN ICMP6ECHOTMLEN #define MAXDATALEN MAXPACKETLEN - IP6LEN - ICMP6ECHOLEN #define NROUTES 9 /* number of record route slots */ #define MAXWAIT 10000 /* max ms to wait for response */ #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ #define SET(bit) (A(bit) |= B(bit)) #define CLR(bit) (A(bit) &= (~B(bit))) #define TST(bit) (A(bit) & B(bit)) #define F_FLOOD 0x0001 #define F_INTERVAL 0x0002 #define F_PINGFILLED 0x0008 #define F_QUIET 0x0010 #define F_RROUTE 0x0020 #define F_SO_DEBUG 0x0040 #define F_VERBOSE 0x0100 #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC #define F_POLICY 0x0400 #else #define F_AUTHHDR 0x0200 #define F_ENCRYPT 0x0400 #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ #define F_NODEADDR 0x0800 #define F_FQDN 0x1000 #define F_INTERFACE 0x2000 #define F_SRCADDR 0x4000 -#define F_HOSTNAME 0x10000 #define F_FQDNOLD 0x20000 #define F_NIGROUP 0x40000 #define F_SUPTYPES 0x80000 #define F_NOMINMTU 0x100000 #define F_ONCE 0x200000 #define F_AUDIBLE 0x400000 #define F_MISSED 0x800000 #define F_DONTFRAG 0x1000000 #define F_NOUSERDATA (F_NODEADDR | F_FQDN | F_FQDNOLD | F_SUPTYPES) #define F_WAITTIME 0x2000000 #define F_DOT 0x4000000 -static u_int options; #define IN6LEN sizeof(struct in6_addr) #define SA6LEN sizeof(struct sockaddr_in6) #define DUMMY_PORT 10101 #define SIN6(s) ((struct sockaddr_in6 *)(s)) /* * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum * number of received sequence numbers we can keep track of. Change 128 * to 8192 for complete accuracy... */ #define MAX_DUP_CHK (8 * 8192) static int mx_dup_ck = MAX_DUP_CHK; static char rcvd_tbl[MAX_DUP_CHK / 8]; static struct sockaddr_in6 dst; /* who to ping6 */ static struct sockaddr_in6 src; /* src addr of this packet */ static socklen_t srclen; static size_t datalen = DEFDATALEN; static int ssend; /* send socket file descriptor */ static int srecv; /* receive socket file descriptor */ static u_char outpack[MAXPACKETLEN]; static char BSPACE = '\b'; /* characters written for flood */ static char BBELL = '\a'; /* characters written for AUDIBLE */ static const char *DOT = "."; static size_t DOTlen = 1; static size_t DOTidx = 0; -static char *hostname; static int ident; /* process id to identify our packets */ static u_int8_t nonce[8]; /* nonce field for node information */ static int hoplimit = -1; /* hoplimit */ static int tclass = -1; /* traffic class */ static int pcp = -2; /* vlan priority code point */ static u_char *packet = NULL; static cap_channel_t *capdns; /* counters */ static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ static long npackets; /* max packets to transmit */ -static long nreceived; /* # of packets we got back */ -static long nrepeats; /* number of duplicates */ -static long ntransmitted; /* sequence # for outbound packets = #sent */ static long ntransmitfailures; /* number of transmit failures */ static int interval = 1000; /* interval between packets in ms */ static int waittime = MAXWAIT; /* timeout for each packet */ -static long nrcvtimeout = 0; /* # of packets we got back after waittime */ - -/* timing */ -static int timing; /* flag to do timing */ -static double tmin = 999999999.0; /* minimum round trip time */ -static double tmax = 0.0; /* maximum round trip time */ -static double tsum = 0.0; /* sum of all times, for doing average */ -static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */ /* for node addresses */ static u_short naflags; /* for ancillary data(advanced API) */ static struct msghdr smsghdr; static struct iovec smsgiov; static char *scmsg = 0; -static volatile sig_atomic_t seenint; -#ifdef SIGINFO -static volatile sig_atomic_t seeninfo; -#endif - static cap_channel_t *capdns_setup(void); static void fill(char *, char *); static int get_hoplim(struct msghdr *); static int get_pathmtu(struct msghdr *); static struct in6_pktinfo *get_rcvpktinfo(struct msghdr *); -static void onsignal(int); -static void onint(int); static size_t pingerlen(void); static int pinger(void); static const char *pr_addr(struct sockaddr *, int); static void pr_icmph(struct icmp6_hdr *, u_char *); static void pr_iph(struct ip6_hdr *); static void pr_suptypes(struct icmp6_nodeinfo *, size_t); static void pr_nodeaddr(struct icmp6_nodeinfo *, int); static int myechoreply(const struct icmp6_hdr *); static int mynireply(const struct icmp6_nodeinfo *); static const char *dnsdecode(const u_char *, const u_char *, const u_char *, char *, size_t); static void pr_pack(u_char *, int, struct msghdr *); static void pr_exthdrs(struct msghdr *); static void pr_ip6opt(void *, size_t); static void pr_rthdr(void *, size_t); static int pr_bitrange(u_int32_t, int, int); static void pr_retip(struct ip6_hdr *, u_char *); -static void summary(void); #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC static int setpolicy(int, char *); #endif #endif static char *nigroup(char *, int); int ping6(int argc, char *argv[]) { struct timespec last, intvl; struct sockaddr_in6 from, *sin6; struct addrinfo hints, *res; struct sigaction si_sa; int cc, i; int almost_done, ch, hold, packlen, preload, optval, error; int nig_oldmcprefix = -1; u_char *datap; char *e, *target, *ifname = NULL, *gateway = NULL; int ip6optlen = 0; struct cmsghdr *scmsgp = NULL; /* For control (ancillary) data received from recvmsg() */ u_char cm[CONTROLLEN]; #if defined(SO_SNDBUF) && defined(SO_RCVBUF) u_long lsockbufsize; int sockbufsize = 0; #endif int usepktinfo = 0; struct in6_pktinfo pktinfo; char *cmsg_pktinfo = NULL; struct ip6_rthdr *rthdr = NULL; #ifdef IPSEC_POLICY_IPSEC char *policy_in = NULL; char *policy_out = NULL; #endif double t; u_long alarmtimeout; size_t rthlen; #ifdef IPV6_USE_MIN_MTU int mflag = 0; #endif cap_rights_t rights_srecv; cap_rights_t rights_ssend; cap_rights_t rights_stdin; /* just to be sure */ memset(&smsghdr, 0, sizeof(smsghdr)); memset(&smsgiov, 0, sizeof(smsgiov)); memset(&pktinfo, 0, sizeof(pktinfo)); intvl.tv_sec = interval / 1000; intvl.tv_nsec = interval % 1000 * 1000000; alarmtimeout = preload = 0; datap = &outpack[ICMP6ECHOLEN + ICMP6ECHOTMLEN]; capdns = capdns_setup(); while ((ch = getopt(argc, argv, PING6OPTS)) != -1) { switch (ch) { case '.': options |= F_DOT; if (optarg != NULL) { DOT = optarg; DOTlen = strlen(optarg); } break; case '6': /* This option is processed in main(). */ break; case 'k': { char *cp; options &= ~F_NOUSERDATA; options |= F_NODEADDR; for (cp = optarg; *cp != '\0'; cp++) { switch (*cp) { case 'a': naflags |= NI_NODEADDR_FLAG_ALL; break; case 'c': case 'C': naflags |= NI_NODEADDR_FLAG_COMPAT; break; case 'l': case 'L': naflags |= NI_NODEADDR_FLAG_LINKLOCAL; break; case 's': case 'S': naflags |= NI_NODEADDR_FLAG_SITELOCAL; break; case 'g': case 'G': naflags |= NI_NODEADDR_FLAG_GLOBAL; break; case 'A': /* experimental. not in the spec */ #ifdef NI_NODEADDR_FLAG_ANYCAST naflags |= NI_NODEADDR_FLAG_ANYCAST; break; #else errx(1, "-a A is not supported on the platform"); /*NOTREACHED*/ #endif default: usage(); /*NOTREACHED*/ } } break; } case 'b': #if defined(SO_SNDBUF) && defined(SO_RCVBUF) errno = 0; e = NULL; lsockbufsize = strtoul(optarg, &e, 10); sockbufsize = (int)lsockbufsize; if (errno || !*optarg || *e || lsockbufsize > INT_MAX) errx(1, "invalid socket buffer size"); #else errx(1, "-b option ignored: SO_SNDBUF/SO_RCVBUF socket options not supported"); #endif break; case 'C': /* vlan priority code point */ pcp = strtol(optarg, &e, 10); if (*optarg == '\0' || *e != '\0') errx(1, "illegal vlan pcp %s", optarg); if (7 < pcp || pcp < -1) errx(1, "illegal vlan pcp -- %s", optarg); break; case 'c': npackets = strtol(optarg, &e, 10); if (npackets <= 0 || *optarg == '\0' || *e != '\0') errx(1, "illegal number of packets -- %s", optarg); break; case 'D': options |= F_DONTFRAG; break; case 'd': options |= F_SO_DEBUG; break; case 'f': if (getuid()) { errno = EPERM; errx(1, "Must be superuser to flood ping"); } options |= F_FLOOD; options |= F_DOT; setbuf(stdout, (char *)NULL); break; case 'e': gateway = optarg; break; case 'H': options |= F_HOSTNAME; break; case 'm': /* hoplimit */ hoplimit = strtol(optarg, &e, 10); if (*optarg == '\0' || *e != '\0') errx(1, "illegal hoplimit %s", optarg); if (255 < hoplimit || hoplimit < -1) errx(1, "illegal hoplimit -- %s", optarg); break; case 'I': ifname = optarg; options |= F_INTERFACE; #ifndef USE_SIN6_SCOPE_ID usepktinfo++; #endif break; case 'i': /* wait between sending packets */ t = strtod(optarg, &e); if (*optarg == '\0' || *e != '\0') errx(1, "illegal timing interval %s", optarg); if (t < 1 && getuid()) { errx(1, "%s: only root may use interval < 1s", strerror(EPERM)); } intvl.tv_sec = (time_t)t; intvl.tv_nsec = (long)((t - intvl.tv_sec) * 1000000000); if (intvl.tv_sec < 0) errx(1, "illegal timing interval %s", optarg); /* less than 1/hz does not make sense */ if (intvl.tv_sec == 0 && intvl.tv_nsec < 1000) { warnx("too small interval, raised to .000001"); intvl.tv_nsec = 1000; } options |= F_INTERVAL; break; case 'l': if (getuid()) { errno = EPERM; errx(1, "Must be superuser to preload"); } preload = strtol(optarg, &e, 10); if (preload < 0 || *optarg == '\0' || *e != '\0') errx(1, "illegal preload value -- %s", optarg); break; case 'u': #ifdef IPV6_USE_MIN_MTU mflag++; break; #else errx(1, "-%c is not supported on this platform", ch); /*NOTREACHED*/ #endif case 'n': options &= ~F_HOSTNAME; break; case 'N': options |= F_NIGROUP; nig_oldmcprefix++; break; case 'o': options |= F_ONCE; break; case 'p': /* fill buffer with user pattern */ options |= F_PINGFILLED; fill((char *)datap, optarg); break; case 'q': options |= F_QUIET; break; case 'a': options |= F_AUDIBLE; break; case 'A': options |= F_MISSED; break; case 'S': memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_flags = AI_NUMERICHOST; /* allow hostname? */ hints.ai_family = AF_INET6; hints.ai_socktype = SOCK_RAW; hints.ai_protocol = IPPROTO_ICMPV6; error = cap_getaddrinfo(capdns, optarg, NULL, &hints, &res); if (error) { errx(1, "invalid source address: %s", gai_strerror(error)); } /* * res->ai_family must be AF_INET6 and res->ai_addrlen * must be sizeof(src). */ memcpy(&src, res->ai_addr, res->ai_addrlen); srclen = res->ai_addrlen; freeaddrinfo(res); options |= F_SRCADDR; break; case 's': /* size of packet to send */ datalen = strtol(optarg, &e, 10); if (datalen <= 0 || *optarg == '\0' || *e != '\0') errx(1, "illegal datalen value -- %s", optarg); if (datalen > MAXDATALEN) { errx(1, "datalen value too large, maximum is %d", MAXDATALEN); } break; case 'O': options &= ~F_NOUSERDATA; options |= F_SUPTYPES; break; case 'v': options |= F_VERBOSE; break; case 'y': options &= ~F_NOUSERDATA; options |= F_FQDN; break; case 'Y': options &= ~F_NOUSERDATA; options |= F_FQDNOLD; break; case 'W': t = strtod(optarg, &e); if (*e || e == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_WAITTIME; waittime = (int)t; break; case 't': alarmtimeout = strtoul(optarg, &e, 0); if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) errx(EX_USAGE, "invalid timeout: `%s'", optarg); if (alarmtimeout > MAXALARM) errx(EX_USAGE, "invalid timeout: `%s' > %d", optarg, MAXALARM); { struct itimerval itv; timerclear(&itv.it_interval); timerclear(&itv.it_value); itv.it_value.tv_sec = (time_t)alarmtimeout; if (setitimer(ITIMER_REAL, &itv, NULL) != 0) err(1, "setitimer"); } break; case 'z': /* traffic class */ tclass = strtol(optarg, &e, 10); if (*optarg == '\0' || *e != '\0') errx(1, "illegal traffic class %s", optarg); if (255 < tclass || tclass < -1) errx(1, "illegal traffic class -- %s", optarg); break; #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC case 'P': options |= F_POLICY; if (!strncmp("in", optarg, 2)) { if ((policy_in = strdup(optarg)) == NULL) errx(1, "strdup"); } else if (!strncmp("out", optarg, 3)) { if ((policy_out = strdup(optarg)) == NULL) errx(1, "strdup"); } else errx(1, "invalid security policy"); break; #else case 'Z': options |= F_AUTHHDR; break; case 'E': options |= F_ENCRYPT; break; #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ default: usage(); /*NOTREACHED*/ } } argc -= optind; argv += optind; if (argc < 1) { usage(); /*NOTREACHED*/ } if (argc > 1) { #ifdef IPV6_RECVRTHDR /* 2292bis */ rthlen = CMSG_SPACE(inet6_rth_space(IPV6_RTHDR_TYPE_0, argc - 1)); #else /* RFC2292 */ rthlen = inet6_rthdr_space(IPV6_RTHDR_TYPE_0, argc - 1); #endif if (rthlen == 0) { errx(1, "too many intermediate hops"); /*NOTREACHED*/ } ip6optlen += rthlen; } if (options & F_NIGROUP) { target = nigroup(argv[argc - 1], nig_oldmcprefix); if (target == NULL) { usage(); /*NOTREACHED*/ } } else target = argv[argc - 1]; /* cap_getaddrinfo */ memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_flags = AI_CANONNAME; hints.ai_family = AF_INET6; hints.ai_socktype = SOCK_RAW; hints.ai_protocol = IPPROTO_ICMPV6; error = cap_getaddrinfo(capdns, target, NULL, &hints, &res); if (error) errx(1, "%s", gai_strerror(error)); if (res->ai_canonname) hostname = strdup(res->ai_canonname); else hostname = target; if (!res->ai_addr) errx(1, "cap_getaddrinfo failed"); (void)memcpy(&dst, res->ai_addr, res->ai_addrlen); if ((ssend = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) err(1, "socket ssend"); if ((srecv = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) err(1, "socket srecv"); freeaddrinfo(res); /* set the source address if specified. */ if ((options & F_SRCADDR) != 0) { /* properly fill sin6_scope_id */ if (IN6_IS_ADDR_LINKLOCAL(&src.sin6_addr) && ( IN6_IS_ADDR_LINKLOCAL(&dst.sin6_addr) || IN6_IS_ADDR_MC_LINKLOCAL(&dst.sin6_addr) || IN6_IS_ADDR_MC_NODELOCAL(&dst.sin6_addr))) { if (src.sin6_scope_id == 0) src.sin6_scope_id = dst.sin6_scope_id; if (dst.sin6_scope_id == 0) dst.sin6_scope_id = src.sin6_scope_id; } if (bind(ssend, (struct sockaddr *)&src, srclen) != 0) err(1, "bind"); } /* set the gateway (next hop) if specified */ if (gateway) { memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_INET6; hints.ai_socktype = SOCK_RAW; hints.ai_protocol = IPPROTO_ICMPV6; error = cap_getaddrinfo(capdns, gateway, NULL, &hints, &res); if (error) { errx(1, "cap_getaddrinfo for the gateway %s: %s", gateway, gai_strerror(error)); } if (res->ai_next && (options & F_VERBOSE)) warnx("gateway resolves to multiple addresses"); if (setsockopt(ssend, IPPROTO_IPV6, IPV6_NEXTHOP, res->ai_addr, res->ai_addrlen)) { err(1, "setsockopt(IPV6_NEXTHOP)"); } freeaddrinfo(res); } /* * let the kerel pass extension headers of incoming packets, * for privileged socket options */ if ((options & F_VERBOSE) != 0) { int opton = 1; #ifdef IPV6_RECVHOPOPTS if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVHOPOPTS)"); #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_HOPOPTS)"); #endif #ifdef IPV6_RECVDSTOPTS if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVDSTOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVDSTOPTS)"); #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_DSTOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_DSTOPTS)"); #endif #ifdef IPV6_RECVRTHDRDSTOPTS if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDRDSTOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)"); #endif } /* revoke root privilege */ if (seteuid(getuid()) != 0) err(1, "seteuid() failed"); if (setuid(getuid()) != 0) err(1, "setuid() failed"); if ((options & F_FLOOD) && (options & F_INTERVAL)) errx(1, "-f and -i incompatible options"); if ((options & F_NOUSERDATA) == 0) { if (datalen >= sizeof(struct tv32)) { /* we can time transfer */ timing = 1; } else timing = 0; /* in F_VERBOSE case, we may get non-echoreply packets*/ if (options & F_VERBOSE) packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; else packlen = datalen + IP6LEN + ICMP6ECHOLEN + EXTRA; } else { /* suppress timing for node information query */ timing = 0; datalen = 2048; packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; } if (!(packet = (u_char *)malloc((u_int)packlen))) err(1, "Unable to allocate packet"); if (!(options & F_PINGFILLED)) for (i = ICMP6ECHOLEN; i < packlen; ++i) *datap++ = i; ident = getpid() & 0xFFFF; arc4random_buf(nonce, sizeof(nonce)); optval = 1; if (options & F_DONTFRAG) if (setsockopt(ssend, IPPROTO_IPV6, IPV6_DONTFRAG, &optval, sizeof(optval)) == -1) err(1, "IPV6_DONTFRAG"); hold = 1; if (options & F_SO_DEBUG) { (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); } optval = IPV6_DEFHLIM; if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &optval, sizeof(optval)) == -1) err(1, "IPV6_MULTICAST_HOPS"); #ifdef IPV6_USE_MIN_MTU if (mflag != 1) { optval = mflag > 1 ? 0 : 1; if (setsockopt(ssend, IPPROTO_IPV6, IPV6_USE_MIN_MTU, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_USE_MIN_MTU)"); } #ifdef IPV6_RECVPATHMTU else { optval = 1; if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPATHMTU, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_RECVPATHMTU)"); } #endif /* IPV6_RECVPATHMTU */ #endif /* IPV6_USE_MIN_MTU */ #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC if (options & F_POLICY) { if (setpolicy(srecv, policy_in) < 0) errx(1, "%s", ipsec_strerror()); if (setpolicy(ssend, policy_out) < 0) errx(1, "%s", ipsec_strerror()); } #else if (options & F_AUTHHDR) { optval = IPSEC_LEVEL_REQUIRE; #ifdef IPV6_AUTH_TRANS_LEVEL if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); #else /* old def */ if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_LEVEL)"); if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_LEVEL)"); #endif } if (options & F_ENCRYPT) { optval = IPSEC_LEVEL_REQUIRE; if (setsockopt(ssend, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); if (setsockopt(srecv, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); } #endif /*IPSEC_POLICY_IPSEC*/ #endif #ifdef ICMP6_FILTER { struct icmp6_filter filt; if (!(options & F_VERBOSE)) { ICMP6_FILTER_SETBLOCKALL(&filt); if ((options & F_FQDN) || (options & F_FQDNOLD) || (options & F_NODEADDR) || (options & F_SUPTYPES)) ICMP6_FILTER_SETPASS(ICMP6_NI_REPLY, &filt); else ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filt); } else { ICMP6_FILTER_SETPASSALL(&filt); } if (setsockopt(srecv, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, sizeof(filt)) < 0) err(1, "setsockopt(ICMP6_FILTER)"); } #endif /*ICMP6_FILTER*/ /* let the kerel pass extension headers of incoming packets */ if ((options & F_VERBOSE) != 0) { int opton = 1; #ifdef IPV6_RECVRTHDR if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDR, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVRTHDR)"); #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RTHDR, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RTHDR)"); #endif } /* optval = 1; if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &optval, sizeof(optval)) == -1) err(1, "IPV6_MULTICAST_LOOP"); */ /* Specify the outgoing interface and/or the source address */ if (usepktinfo) ip6optlen += CMSG_SPACE(sizeof(struct in6_pktinfo)); if (hoplimit != -1) ip6optlen += CMSG_SPACE(sizeof(int)); /* set IP6 packet options */ if (ip6optlen) { if ((scmsg = (char *)malloc(ip6optlen)) == NULL) errx(1, "can't allocate enough memory"); smsghdr.msg_control = (caddr_t)scmsg; smsghdr.msg_controllen = ip6optlen; scmsgp = CMSG_FIRSTHDR(&smsghdr); } if (usepktinfo) { cmsg_pktinfo = CMSG_DATA(scmsgp); scmsgp->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); scmsgp->cmsg_level = IPPROTO_IPV6; scmsgp->cmsg_type = IPV6_PKTINFO; scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); } /* set the outgoing interface */ if (ifname) { #ifndef USE_SIN6_SCOPE_ID /* pktinfo must have already been allocated */ if ((pktinfo.ipi6_ifindex = if_nametoindex(ifname)) == 0) errx(1, "%s: invalid interface name", ifname); #else if ((dst.sin6_scope_id = if_nametoindex(ifname)) == 0) errx(1, "%s: invalid interface name", ifname); #endif } if (hoplimit != -1) { scmsgp->cmsg_len = CMSG_LEN(sizeof(int)); scmsgp->cmsg_level = IPPROTO_IPV6; scmsgp->cmsg_type = IPV6_HOPLIMIT; memcpy(CMSG_DATA(scmsgp), &hoplimit, sizeof(hoplimit)); scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); } if (tclass != -1) { if (setsockopt(ssend, IPPROTO_IPV6, IPV6_TCLASS, &tclass, sizeof(tclass)) == -1) err(1, "setsockopt(IPV6_TCLASS)"); } if (pcp != -2) { if (setsockopt(ssend, IPPROTO_IPV6, IPV6_VLAN_PCP, &pcp, sizeof(pcp)) == -1) err(1, "setsockopt(IPV6_VLAN_PCP)"); } if (argc > 1) { /* some intermediate addrs are specified */ int hops; int rthdrlen; rthdrlen = inet6_rth_space(IPV6_RTHDR_TYPE_0, argc - 1); scmsgp->cmsg_len = CMSG_LEN(rthdrlen); scmsgp->cmsg_level = IPPROTO_IPV6; scmsgp->cmsg_type = IPV6_RTHDR; rthdr = (struct ip6_rthdr *)CMSG_DATA(scmsgp); rthdr = inet6_rth_init((void *)rthdr, rthdrlen, IPV6_RTHDR_TYPE_0, argc - 1); if (rthdr == NULL) errx(1, "can't initialize rthdr"); for (hops = 0; hops < argc - 1; hops++) { memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_INET6; if ((error = cap_getaddrinfo(capdns, argv[hops], NULL, &hints, &res))) errx(1, "%s", gai_strerror(error)); if (res->ai_addr->sa_family != AF_INET6) errx(1, "bad addr family of an intermediate addr"); sin6 = (struct sockaddr_in6 *)(void *)res->ai_addr; if (inet6_rth_add(rthdr, &sin6->sin6_addr)) errx(1, "can't add an intermediate node"); freeaddrinfo(res); } scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); } /* From now on we will use only reverse DNS lookups. */ #ifdef WITH_CASPER if (capdns != NULL) { const char *types[1]; types[0] = "ADDR2NAME"; if (cap_dns_type_limit(capdns, types, nitems(types)) < 0) err(1, "unable to limit access to system.dns service"); } #endif if (!(options & F_SRCADDR)) { /* * get the source address. XXX since we revoked the root * privilege, we cannot use a raw socket for this. */ int dummy; socklen_t len = sizeof(src); if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) err(1, "UDP socket"); src.sin6_family = AF_INET6; src.sin6_addr = dst.sin6_addr; src.sin6_port = ntohs(DUMMY_PORT); src.sin6_scope_id = dst.sin6_scope_id; if (usepktinfo && setsockopt(dummy, IPPROTO_IPV6, IPV6_PKTINFO, (void *)&pktinfo, sizeof(pktinfo))) err(1, "UDP setsockopt(IPV6_PKTINFO)"); if (hoplimit != -1 && setsockopt(dummy, IPPROTO_IPV6, IPV6_UNICAST_HOPS, (void *)&hoplimit, sizeof(hoplimit))) err(1, "UDP setsockopt(IPV6_UNICAST_HOPS)"); if (hoplimit != -1 && setsockopt(dummy, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, (void *)&hoplimit, sizeof(hoplimit))) err(1, "UDP setsockopt(IPV6_MULTICAST_HOPS)"); if (rthdr && setsockopt(dummy, IPPROTO_IPV6, IPV6_RTHDR, (void *)rthdr, (rthdr->ip6r_len + 1) << 3)) err(1, "UDP setsockopt(IPV6_RTHDR)"); if (connect(dummy, (struct sockaddr *)&src, len) < 0) err(1, "UDP connect"); if (getsockname(dummy, (struct sockaddr *)&src, &len) < 0) err(1, "getsockname"); close(dummy); } /* Save pktinfo in the ancillary data. */ if (usepktinfo) memcpy(cmsg_pktinfo, &pktinfo, sizeof(pktinfo)); if (connect(ssend, (struct sockaddr *)&dst, sizeof(dst)) != 0) err(1, "connect() ssend"); caph_cache_catpages(); if (caph_enter_casper() < 0) err(1, "caph_enter_casper"); cap_rights_init(&rights_stdin); if (caph_rights_limit(STDIN_FILENO, &rights_stdin) < 0) err(1, "caph_rights_limit stdin"); if (caph_limit_stdout() < 0) err(1, "caph_limit_stdout"); if (caph_limit_stderr() < 0) err(1, "caph_limit_stderr"); cap_rights_init(&rights_srecv, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); if (caph_rights_limit(srecv, &rights_srecv) < 0) err(1, "caph_rights_limit srecv"); cap_rights_init(&rights_ssend, CAP_SEND, CAP_SETSOCKOPT); if (caph_rights_limit(ssend, &rights_ssend) < 0) err(1, "caph_rights_limit ssend"); #if defined(SO_SNDBUF) && defined(SO_RCVBUF) if (sockbufsize) { if (datalen > (size_t)sockbufsize) warnx("you need -b to increase socket buffer size"); if (setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, &sockbufsize, sizeof(sockbufsize)) < 0) err(1, "setsockopt(SO_SNDBUF)"); if (setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, &sockbufsize, sizeof(sockbufsize)) < 0) err(1, "setsockopt(SO_RCVBUF)"); } else { if (datalen > 8 * 1024) /*XXX*/ warnx("you need -b to increase socket buffer size"); /* * When pinging the broadcast address, you can get a lot of * answers. Doing something so evil is useful if you are trying * to stress the ethernet, or just want to fill the arp cache * to get some stuff for /etc/ethers. */ hold = 48 * 1024; setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, sizeof(hold)); } #endif optval = 1; #ifndef USE_SIN6_SCOPE_ID #ifdef IPV6_RECVPKTINFO if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPKTINFO, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_RECVPKTINFO)"); /* XXX err? */ #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_PKTINFO, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_PKTINFO)"); /* XXX err? */ #endif #endif /* USE_SIN6_SCOPE_ID */ #ifdef IPV6_RECVHOPLIMIT if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_RECVHOPLIMIT)"); /* XXX err? */ #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPLIMIT, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_HOPLIMIT)"); /* XXX err? */ #endif cap_rights_clear(&rights_srecv, CAP_SETSOCKOPT); if (caph_rights_limit(srecv, &rights_srecv) < 0) err(1, "caph_rights_limit srecv setsockopt"); cap_rights_clear(&rights_ssend, CAP_SETSOCKOPT); if (caph_rights_limit(ssend, &rights_ssend) < 0) err(1, "caph_rights_limit ssend setsockopt"); - printf("PING6(%lu=40+8+%lu bytes) ", (unsigned long)(40 + pingerlen()), + printf("PING(%lu=40+8+%lu bytes) ", (unsigned long)(40 + pingerlen()), (unsigned long)(pingerlen() - 8)); printf("%s --> ", pr_addr((struct sockaddr *)&src, sizeof(src))); printf("%s\n", pr_addr((struct sockaddr *)&dst, sizeof(dst))); if (preload == 0) pinger(); else { if (npackets != 0 && preload > npackets) preload = npackets; while (preload--) pinger(); } clock_gettime(CLOCK_MONOTONIC, &last); sigemptyset(&si_sa.sa_mask); si_sa.sa_flags = 0; si_sa.sa_handler = onsignal; if (sigaction(SIGINT, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINT"); seenint = 0; -#ifdef SIGINFO if (sigaction(SIGINFO, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINFO"); seeninfo = 0; -#endif if (alarmtimeout > 0) { if (sigaction(SIGALRM, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGALRM"); } if (options & F_FLOOD) { intvl.tv_sec = 0; intvl.tv_nsec = 10000000; } almost_done = 0; while (seenint == 0) { struct timespec now, timeout; struct msghdr m; struct iovec iov[2]; fd_set rfds; int n; /* signal handling */ - if (seenint) - onint(SIGINT); -#ifdef SIGINFO if (seeninfo) { - summary(); + pr_summary(stderr); seeninfo = 0; continue; } -#endif FD_ZERO(&rfds); FD_SET(srecv, &rfds); clock_gettime(CLOCK_MONOTONIC, &now); timespecadd(&last, &intvl, &timeout); timespecsub(&timeout, &now, &timeout); if (timeout.tv_sec < 0) timespecclear(&timeout); n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL); if (n < 0) continue; /* EINTR */ if (n == 1) { m.msg_name = (caddr_t)&from; m.msg_namelen = sizeof(from); memset(&iov, 0, sizeof(iov)); iov[0].iov_base = (caddr_t)packet; iov[0].iov_len = packlen; m.msg_iov = iov; m.msg_iovlen = 1; memset(cm, 0, CONTROLLEN); m.msg_control = (void *)cm; m.msg_controllen = CONTROLLEN; cc = recvmsg(srecv, &m, 0); if (cc < 0) { if (errno != EINTR) { warn("recvmsg"); sleep(1); } continue; } else if (cc == 0) { int mtu; /* * receive control messages only. Process the * exceptions (currently the only possibility is * a path MTU notification.) */ if ((mtu = get_pathmtu(&m)) > 0) { if ((options & F_VERBOSE) != 0) { printf("new path MTU (%d) is " "notified\n", mtu); } } continue; } else { /* * an ICMPv6 message (probably an echoreply) * arrived. */ pr_pack(packet, cc, &m); } if (((options & F_ONCE) != 0 && nreceived > 0) || (npackets > 0 && nreceived >= npackets)) break; } if (n == 0 || (options & F_FLOOD)) { if (npackets == 0 || ntransmitted < npackets) pinger(); else { if (almost_done) break; almost_done = 1; - /* - * If we're not transmitting any more packets, - * change the timer to wait two round-trip times - * if we've received any packets or (waittime) - * milliseconds if we haven't. - */ + /* + * If we're not transmitting any more packets, + * change the timer to wait two round-trip times + * if we've received any packets or (waittime) + * milliseconds if we haven't. + */ intvl.tv_nsec = 0; if (nreceived) { intvl.tv_sec = 2 * tmax / 1000; if (intvl.tv_sec == 0) intvl.tv_sec = 1; } else { intvl.tv_sec = waittime / 1000; intvl.tv_nsec = - waittime % 1000 * 1000000; + waittime % 1000 * 1000000; } } clock_gettime(CLOCK_MONOTONIC, &last); if (ntransmitted - nreceived - 1 > nmissedmax) { nmissedmax = ntransmitted - nreceived - 1; if (options & F_MISSED) (void)write(STDOUT_FILENO, &BBELL, 1); } } } sigemptyset(&si_sa.sa_mask); si_sa.sa_flags = 0; si_sa.sa_handler = SIG_IGN; sigaction(SIGINT, &si_sa, 0); sigaction(SIGALRM, &si_sa, 0); - summary(); + pr_summary(stdout); if(packet != NULL) free(packet); if (nreceived > 0) exit(0); else if (ntransmitted > ntransmitfailures) exit(2); else exit(EX_OSERR); } -static void -onsignal(int sig) -{ - - switch (sig) { - case SIGINT: - case SIGALRM: - seenint++; - break; -#ifdef SIGINFO - case SIGINFO: - seeninfo++; - break; -#endif - } -} - /* * pinger -- * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet * will be added on by the kernel. The ID field is our UNIX process ID, * and the sequence number is an ascending integer. The first 8 bytes * of the data portion are used to hold a UNIX "timespec" struct in VAX * byte-order, to compute the round-trip time. */ static size_t pingerlen(void) { size_t l; if (options & F_FQDN) l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); else if (options & F_FQDNOLD) l = ICMP6_NIQLEN; else if (options & F_NODEADDR) l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); else if (options & F_SUPTYPES) l = ICMP6_NIQLEN; else l = ICMP6ECHOLEN + datalen; return l; } static int pinger(void) { struct icmp6_hdr *icp; struct iovec iov[2]; int i, cc; struct icmp6_nodeinfo *nip; uint16_t seq; if (npackets && ntransmitted >= npackets) return(-1); /* no more transmission */ icp = (struct icmp6_hdr *)outpack; nip = (struct icmp6_nodeinfo *)outpack; memset(icp, 0, sizeof(*icp)); icp->icmp6_cksum = 0; seq = ntransmitted++; CLR(seq % mx_dup_ck); if (options & F_FQDN) { uint16_t s; icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; nip->ni_qtype = htons(NI_QTYPE_FQDN); nip->ni_flags = htons(0); memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, sizeof(dst.sin6_addr)); cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); datalen = 0; } else if (options & F_FQDNOLD) { uint16_t s; /* packet format in 03 draft - no Subject data on queries */ icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = 0; /* code field is always 0 */ nip->ni_qtype = htons(NI_QTYPE_FQDN); nip->ni_flags = htons(0); memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); cc = ICMP6_NIQLEN; datalen = 0; } else if (options & F_NODEADDR) { uint16_t s; icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; nip->ni_qtype = htons(NI_QTYPE_NODEADDR); nip->ni_flags = naflags; memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, sizeof(dst.sin6_addr)); cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); datalen = 0; } else if (options & F_SUPTYPES) { uint16_t s; icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = ICMP6_NI_SUBJ_FQDN; /*empty*/ nip->ni_qtype = htons(NI_QTYPE_SUPTYPES); /* we support compressed bitmap */ nip->ni_flags = NI_SUPTYPE_FLAG_COMPRESS; memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); cc = ICMP6_NIQLEN; datalen = 0; } else { icp->icmp6_type = ICMP6_ECHO_REQUEST; icp->icmp6_code = 0; icp->icmp6_id = htons(ident); icp->icmp6_seq = htons(seq); if (timing) { struct timespec tv; struct tv32 tv32; (void)clock_gettime(CLOCK_MONOTONIC, &tv); /* * Truncate seconds down to 32 bits in order * to fit the timestamp within 8 bytes of the * packet. We're only concerned with * durations, not absolute times. */ tv32.tv32_sec = (uint32_t)htonl(tv.tv_sec); tv32.tv32_nsec = (uint32_t)htonl(tv.tv_nsec); memcpy(&outpack[ICMP6ECHOLEN], &tv32, sizeof(tv32)); } cc = ICMP6ECHOLEN + datalen; } #ifdef DIAGNOSTIC if (pingerlen() != cc) errx(1, "internal error; length mismatch"); #endif memset(&iov, 0, sizeof(iov)); iov[0].iov_base = (caddr_t)outpack; iov[0].iov_len = cc; smsghdr.msg_iov = iov; smsghdr.msg_iovlen = 1; i = sendmsg(ssend, &smsghdr, 0); if (i < 0 || i != cc) { if (i < 0) { ntransmitfailures++; warn("sendmsg"); } - (void)printf("ping6: wrote %s %d chars, ret=%d\n", + (void)printf("ping: wrote %s %d chars, ret=%d\n", hostname, cc, i); } if (!(options & F_QUIET) && options & F_DOT) (void)write(STDOUT_FILENO, &DOT[DOTidx++ % DOTlen], 1); return(0); } static int myechoreply(const struct icmp6_hdr *icp) { if (ntohs(icp->icmp6_id) == ident) return 1; else return 0; } static int mynireply(const struct icmp6_nodeinfo *nip) { if (memcmp(nip->icmp6_ni_nonce + sizeof(u_int16_t), nonce + sizeof(u_int16_t), sizeof(nonce) - sizeof(u_int16_t)) == 0) return 1; else return 0; } /* * Decode a name from a DNS message. * * Format of the message is described in RFC 1035 subsection 4.1.4. * * Arguments: * sp - Pointer to a DNS pointer octet or to the first octet of a label * in the message. * ep - Pointer to the end of the message (one step past the last octet). * base - Pointer to the beginning of the message. * buf - Buffer into which the decoded name will be saved. * bufsiz - Size of the buffer 'buf'. * * Return value: * Pointer to an octet immediately following the ending zero octet * of the decoded label, or NULL if an error occurred. */ static const char * dnsdecode(const u_char *sp, const u_char *ep, const u_char *base, char *buf, size_t bufsiz) { int i; const u_char *cp; char cresult[MAXDNAME + 1]; const u_char *comp; int l; cp = sp; *buf = '\0'; if (cp >= ep) return NULL; while (cp < ep) { i = *cp; if (i == 0 || cp != sp) { if (strlcat((char *)buf, ".", bufsiz) >= bufsiz) return NULL; /*result overrun*/ } if (i == 0) break; cp++; if ((i & 0xc0) == 0xc0 && cp - base > (i & 0x3f)) { /* DNS compression */ if (!base) return NULL; comp = base + (i & 0x3f); if (dnsdecode(comp, cp, base, cresult, sizeof(cresult)) == NULL) return NULL; if (strlcat(buf, cresult, bufsiz) >= bufsiz) return NULL; /*result overrun*/ break; } else if ((i & 0x3f) == i) { if (i > ep - cp) return NULL; /*source overrun*/ while (i-- > 0 && cp < ep) { l = snprintf(cresult, sizeof(cresult), isprint(*cp) ? "%c" : "\\%03o", *cp & 0xff); if ((size_t)l >= sizeof(cresult) || l < 0) return NULL; if (strlcat(buf, cresult, bufsiz) >= bufsiz) return NULL; /*result overrun*/ cp++; } } else return NULL; /*invalid label*/ } if (i != 0) return NULL; /*not terminated*/ cp++; return cp; } /* * pr_pack -- * Print out the packet, if it came from us. This logic is necessary * because ALL readers of the ICMP socket get a copy of ALL ICMP packets * which arrive ('tis only fair). This permits multiple copies of this * program to be run without having intermingled output (or statistics!). */ static void pr_pack(u_char *buf, int cc, struct msghdr *mhdr) { #define safeputc(c) printf((isprint((c)) ? "%c" : "\\%03o"), c) struct icmp6_hdr *icp; struct icmp6_nodeinfo *ni; int i; int hoplim; struct sockaddr *from; int fromlen; const u_char *cp = NULL; u_char *dp, *end = buf + cc; struct in6_pktinfo *pktinfo = NULL; struct timespec tv, tp; struct tv32 tpp; double triptime = 0; int dupflag; size_t off; int oldfqdn; u_int16_t seq; char dnsname[MAXDNAME + 1]; (void)clock_gettime(CLOCK_MONOTONIC, &tv); if (!mhdr || !mhdr->msg_name || mhdr->msg_namelen != sizeof(struct sockaddr_in6) || ((struct sockaddr *)mhdr->msg_name)->sa_family != AF_INET6) { if (options & F_VERBOSE) warnx("invalid peername"); return; } from = (struct sockaddr *)mhdr->msg_name; fromlen = mhdr->msg_namelen; if (cc < (int)sizeof(struct icmp6_hdr)) { if (options & F_VERBOSE) warnx("packet too short (%d bytes) from %s", cc, pr_addr(from, fromlen)); return; } if (((mhdr->msg_flags & MSG_CTRUNC) != 0) && (options & F_VERBOSE) != 0) warnx("some control data discarded, insufficient buffer size"); icp = (struct icmp6_hdr *)buf; ni = (struct icmp6_nodeinfo *)buf; off = 0; if ((hoplim = get_hoplim(mhdr)) == -1) { warnx("failed to get receiving hop limit"); return; } if ((pktinfo = get_rcvpktinfo(mhdr)) == NULL) { warnx("failed to get receiving packet information"); return; } if (icp->icmp6_type == ICMP6_ECHO_REPLY && myechoreply(icp)) { seq = ntohs(icp->icmp6_seq); ++nreceived; if (timing) { memcpy(&tpp, icp + 1, sizeof(tpp)); tp.tv_sec = ntohl(tpp.tv32_sec); tp.tv_nsec = ntohl(tpp.tv32_nsec); timespecsub(&tv, &tp, &tv); triptime = ((double)tv.tv_sec) * 1000.0 + ((double)tv.tv_nsec) / 1000000.0; tsum += triptime; tsumsq += triptime * triptime; if (triptime < tmin) tmin = triptime; if (triptime > tmax) tmax = triptime; } if (TST(seq % mx_dup_ck)) { ++nrepeats; --nreceived; dupflag = 1; } else { SET(seq % mx_dup_ck); dupflag = 0; } if (options & F_QUIET) return; if (options & F_WAITTIME && triptime > waittime) { ++nrcvtimeout; return; } if (options & F_DOT) (void)write(STDOUT_FILENO, &BSPACE, 1); else { if (options & F_AUDIBLE) (void)write(STDOUT_FILENO, &BBELL, 1); (void)printf("%d bytes from %s, icmp_seq=%u", cc, pr_addr(from, fromlen), seq); (void)printf(" hlim=%d", hoplim); if ((options & F_VERBOSE) != 0) { struct sockaddr_in6 dstsa; memset(&dstsa, 0, sizeof(dstsa)); dstsa.sin6_family = AF_INET6; dstsa.sin6_len = sizeof(dstsa); dstsa.sin6_scope_id = pktinfo->ipi6_ifindex; dstsa.sin6_addr = pktinfo->ipi6_addr; (void)printf(" dst=%s", pr_addr((struct sockaddr *)&dstsa, sizeof(dstsa))); } if (timing) (void)printf(" time=%.3f ms", triptime); if (dupflag) (void)printf("(DUP!)"); /* check the data */ cp = buf + off + ICMP6ECHOLEN + ICMP6ECHOTMLEN; dp = outpack + ICMP6ECHOLEN + ICMP6ECHOTMLEN; for (i = 8; cp < end; ++i, ++cp, ++dp) { if (*cp != *dp) { (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp); break; } } } } else if (icp->icmp6_type == ICMP6_NI_REPLY && mynireply(ni)) { memcpy(&seq, ni->icmp6_ni_nonce, sizeof(seq)); seq = ntohs(seq); ++nreceived; if (TST(seq % mx_dup_ck)) { ++nrepeats; --nreceived; dupflag = 1; } else { SET(seq % mx_dup_ck); dupflag = 0; } if (options & F_QUIET) return; (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); switch (ntohs(ni->ni_code)) { case ICMP6_NI_SUCCESS: break; case ICMP6_NI_REFUSED: printf("refused, type 0x%x", ntohs(ni->ni_type)); goto fqdnend; case ICMP6_NI_UNKNOWN: printf("unknown, type 0x%x", ntohs(ni->ni_type)); goto fqdnend; default: printf("unknown code 0x%x, type 0x%x", ntohs(ni->ni_code), ntohs(ni->ni_type)); goto fqdnend; } switch (ntohs(ni->ni_qtype)) { case NI_QTYPE_NOOP: printf("NodeInfo NOOP"); break; case NI_QTYPE_SUPTYPES: pr_suptypes(ni, end - (u_char *)ni); break; case NI_QTYPE_NODEADDR: pr_nodeaddr(ni, end - (u_char *)ni); break; case NI_QTYPE_FQDN: default: /* XXX: for backward compatibility */ cp = (u_char *)ni + ICMP6_NIRLEN; if (buf[off + ICMP6_NIRLEN] == cc - off - ICMP6_NIRLEN - 1) oldfqdn = 1; else oldfqdn = 0; if (oldfqdn) { cp++; /* skip length */ while (cp < end) { safeputc(*cp & 0xff); cp++; } } else { i = 0; while (cp < end) { cp = dnsdecode((const u_char *)cp, end, (const u_char *)(ni + 1), dnsname, sizeof(dnsname)); if (cp == NULL) { printf("???"); break; } /* * name-lookup special handling for * truncated name */ if (cp + 1 <= end && !*cp && strlen(dnsname) > 0) { dnsname[strlen(dnsname) - 1] = '\0'; cp++; } printf("%s%s", i > 0 ? "," : "", dnsname); } } if (options & F_VERBOSE) { u_long t; int32_t ttl; int comma = 0; (void)printf(" ("); /*)*/ switch (ni->ni_code) { case ICMP6_NI_REFUSED: (void)printf("refused"); comma++; break; case ICMP6_NI_UNKNOWN: (void)printf("unknown qtype"); comma++; break; } if ((end - (u_char *)ni) < ICMP6_NIRLEN) { /* case of refusion, unknown */ /*(*/ putchar(')'); goto fqdnend; } memcpy(&t, &buf[off+ICMP6ECHOLEN+8], sizeof(t)); ttl = (int32_t)ntohl(t); if (comma) printf(","); if (!(ni->ni_flags & NI_FQDN_FLAG_VALIDTTL)) { (void)printf("TTL=%d:meaningless", (int)ttl); } else { if (ttl < 0) { (void)printf("TTL=%d:invalid", ttl); } else (void)printf("TTL=%d", ttl); } comma++; if (oldfqdn) { if (comma) printf(","); printf("03 draft"); comma++; } else { cp = (u_char *)ni + ICMP6_NIRLEN; if (cp == end) { if (comma) printf(","); printf("no name"); comma++; } } if (buf[off + ICMP6_NIRLEN] != cc - off - ICMP6_NIRLEN - 1 && oldfqdn) { if (comma) printf(","); (void)printf("invalid namelen:%d/%lu", buf[off + ICMP6_NIRLEN], (u_long)cc - off - ICMP6_NIRLEN - 1); comma++; } /*(*/ putchar(')'); } fqdnend: ; } } else { /* We've got something other than an ECHOREPLY */ if (!(options & F_VERBOSE)) return; (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); pr_icmph(icp, end); } if (!(options & F_DOT)) { (void)putchar('\n'); if (options & F_VERBOSE) pr_exthdrs(mhdr); (void)fflush(stdout); } #undef safeputc } static void pr_exthdrs(struct msghdr *mhdr) { ssize_t bufsize; void *bufp; struct cmsghdr *cm; bufsize = 0; bufp = mhdr->msg_control; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_level != IPPROTO_IPV6) continue; bufsize = CONTROLLEN - ((caddr_t)CMSG_DATA(cm) - (caddr_t)bufp); if (bufsize <= 0) continue; switch (cm->cmsg_type) { case IPV6_HOPOPTS: printf(" HbH Options: "); pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); break; case IPV6_DSTOPTS: #ifdef IPV6_RTHDRDSTOPTS case IPV6_RTHDRDSTOPTS: #endif printf(" Dst Options: "); pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); break; case IPV6_RTHDR: printf(" Routing: "); pr_rthdr(CMSG_DATA(cm), (size_t)bufsize); break; } } } static void pr_ip6opt(void *extbuf, size_t bufsize) { struct ip6_hbh *ext; int currentlen; u_int8_t type; socklen_t extlen, len; void *databuf; size_t offset; u_int16_t value2; u_int32_t value4; ext = (struct ip6_hbh *)extbuf; extlen = (ext->ip6h_len + 1) * 8; printf("nxt %u, len %u (%lu bytes)\n", ext->ip6h_nxt, (unsigned int)ext->ip6h_len, (unsigned long)extlen); /* * Bounds checking on the ancillary data buffer: * subtract the size of a cmsg structure from the buffer size. */ if (bufsize < (extlen + CMSG_SPACE(0))) { extlen = bufsize - CMSG_SPACE(0); warnx("options truncated, showing only %u (total=%u)", (unsigned int)(extlen / 8 - 1), (unsigned int)(ext->ip6h_len)); } currentlen = 0; while (1) { currentlen = inet6_opt_next(extbuf, extlen, currentlen, &type, &len, &databuf); if (currentlen == -1) break; switch (type) { /* * Note that inet6_opt_next automatically skips any padding * optins. */ case IP6OPT_JUMBO: offset = 0; offset = inet6_opt_get_val(databuf, offset, &value4, sizeof(value4)); printf(" Jumbo Payload Opt: Length %u\n", (u_int32_t)ntohl(value4)); break; case IP6OPT_ROUTER_ALERT: offset = 0; offset = inet6_opt_get_val(databuf, offset, &value2, sizeof(value2)); printf(" Router Alert Opt: Type %u\n", ntohs(value2)); break; default: printf(" Received Opt %u len %lu\n", type, (unsigned long)len); break; } } return; } static void pr_rthdr(void *extbuf, size_t bufsize) { struct in6_addr *in6; char ntopbuf[INET6_ADDRSTRLEN]; struct ip6_rthdr *rh = (struct ip6_rthdr *)extbuf; int i, segments, origsegs, rthsize, size0, size1; /* print fixed part of the header */ printf("nxt %u, len %u (%d bytes), type %u, ", rh->ip6r_nxt, rh->ip6r_len, (rh->ip6r_len + 1) << 3, rh->ip6r_type); if ((segments = inet6_rth_segments(extbuf)) >= 0) { printf("%d segments, ", segments); printf("%d left\n", rh->ip6r_segleft); } else { printf("segments unknown, "); printf("%d left\n", rh->ip6r_segleft); return; } /* * Bounds checking on the ancillary data buffer. When calculating * the number of items to show keep in mind: * - The size of the cmsg structure * - The size of one segment (the size of a Type 0 routing header) * - When dividing add a fudge factor of one in case the * dividend is not evenly divisible by the divisor */ rthsize = (rh->ip6r_len + 1) * 8; if (bufsize < (rthsize + CMSG_SPACE(0))) { origsegs = segments; size0 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 0); size1 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 1); segments -= (rthsize - (bufsize - CMSG_SPACE(0))) / (size1 - size0) + 1; warnx("segments truncated, showing only %d (total=%d)", segments, origsegs); } for (i = 0; i < segments; i++) { in6 = inet6_rth_getaddr(extbuf, i); if (in6 == NULL) printf(" [%d]\n", i); else { if (!inet_ntop(AF_INET6, in6, ntopbuf, sizeof(ntopbuf))) strlcpy(ntopbuf, "?", sizeof(ntopbuf)); printf(" [%d]%s\n", i, ntopbuf); } } return; } static int pr_bitrange(u_int32_t v, int soff, int ii) { int off; int i; off = 0; while (off < 32) { /* shift till we have 0x01 */ if ((v & 0x01) == 0) { if (ii > 1) printf("-%u", soff + off - 1); ii = 0; switch (v & 0x0f) { case 0x00: v >>= 4; off += 4; continue; case 0x08: v >>= 3; off += 3; continue; case 0x04: case 0x0c: v >>= 2; off += 2; continue; default: v >>= 1; off += 1; continue; } } /* we have 0x01 with us */ for (i = 0; i < 32 - off; i++) { if ((v & (0x01 << i)) == 0) break; } if (!ii) printf(" %u", soff + off); ii += i; v >>= i; off += i; } return ii; } static void pr_suptypes(struct icmp6_nodeinfo *ni, size_t nilen) /* ni->qtype must be SUPTYPES */ { size_t clen; u_int32_t v; const u_char *cp, *end; u_int16_t cur; struct cbit { u_int16_t words; /*32bit count*/ u_int16_t skip; } cbit; #define MAXQTYPES (1 << 16) size_t off; int b; cp = (u_char *)(ni + 1); end = ((u_char *)ni) + nilen; cur = 0; b = 0; printf("NodeInfo Supported Qtypes"); if (options & F_VERBOSE) { if (ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) printf(", compressed bitmap"); else printf(", raw bitmap"); } while (cp < end) { clen = (size_t)(end - cp); if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) == 0) { if (clen == 0 || clen > MAXQTYPES / 8 || clen % sizeof(v)) { printf("???"); return; } } else { if (clen < sizeof(cbit) || clen % sizeof(v)) return; memcpy(&cbit, cp, sizeof(cbit)); if (sizeof(cbit) + ntohs(cbit.words) * sizeof(v) > clen) return; cp += sizeof(cbit); clen = ntohs(cbit.words) * sizeof(v); if (cur + clen * 8 + (u_long)ntohs(cbit.skip) * 32 > MAXQTYPES) return; } for (off = 0; off < clen; off += sizeof(v)) { memcpy(&v, cp + off, sizeof(v)); v = (u_int32_t)ntohl(v); b = pr_bitrange(v, (int)(cur + off * 8), b); } /* flush the remaining bits */ b = pr_bitrange(0, (int)(cur + off * 8), b); cp += clen; cur += clen * 8; if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) != 0) cur += ntohs(cbit.skip) * 32; } } static void pr_nodeaddr(struct icmp6_nodeinfo *ni, int nilen) /* ni->qtype must be NODEADDR */ { u_char *cp = (u_char *)(ni + 1); char ntop_buf[INET6_ADDRSTRLEN]; int withttl = 0; nilen -= sizeof(struct icmp6_nodeinfo); if (options & F_VERBOSE) { switch (ni->ni_code) { case ICMP6_NI_REFUSED: (void)printf("refused"); break; case ICMP6_NI_UNKNOWN: (void)printf("unknown qtype"); break; } if (ni->ni_flags & NI_NODEADDR_FLAG_TRUNCATE) (void)printf(" truncated"); } putchar('\n'); if (nilen <= 0) printf(" no address\n"); /* * In icmp-name-lookups 05 and later, TTL of each returned address * is contained in the resposne. We try to detect the version * by the length of the data, but note that the detection algorithm * is incomplete. We assume the latest draft by default. */ if (nilen % (sizeof(u_int32_t) + sizeof(struct in6_addr)) == 0) withttl = 1; while (nilen > 0) { u_int32_t ttl = 0; if (withttl) { uint32_t t; memcpy(&t, cp, sizeof(t)); ttl = (u_int32_t)ntohl(t); cp += sizeof(u_int32_t); nilen -= sizeof(u_int32_t); } if (inet_ntop(AF_INET6, cp, ntop_buf, sizeof(ntop_buf)) == NULL) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); printf(" %s", ntop_buf); if (withttl) { if (ttl == 0xffffffff) { /* * XXX: can this convention be applied to all * type of TTL (i.e. non-ND TTL)? */ printf("(TTL=infty)"); } else printf("(TTL=%u)", ttl); } putchar('\n'); nilen -= sizeof(struct in6_addr); cp += sizeof(struct in6_addr); } } static int get_hoplim(struct msghdr *mhdr) { struct cmsghdr *cm; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_len == 0) return(-1); if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_HOPLIMIT && cm->cmsg_len == CMSG_LEN(sizeof(int))) { int r; memcpy(&r, CMSG_DATA(cm), sizeof(r)); return(r); } } return(-1); } static struct in6_pktinfo * get_rcvpktinfo(struct msghdr *mhdr) { static struct in6_pktinfo pi; struct cmsghdr *cm; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_len == 0) return(NULL); if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_PKTINFO && cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) { memcpy(&pi, CMSG_DATA(cm), sizeof(pi)); return(&pi); } } return(NULL); } static int get_pathmtu(struct msghdr *mhdr) { #ifdef IPV6_RECVPATHMTU struct cmsghdr *cm; struct ip6_mtuinfo mtuctl; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_len == 0) return(0); if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_PATHMTU && cm->cmsg_len == CMSG_LEN(sizeof(struct ip6_mtuinfo))) { memcpy(&mtuctl, CMSG_DATA(cm), sizeof(mtuctl)); /* * If the notified destination is different from * the one we are pinging, just ignore the info. * We check the scope ID only when both notified value * and our own value have non-0 values, because we may * have used the default scope zone ID for sending, * in which case the scope ID value is 0. */ if (!IN6_ARE_ADDR_EQUAL(&mtuctl.ip6m_addr.sin6_addr, &dst.sin6_addr) || (mtuctl.ip6m_addr.sin6_scope_id && dst.sin6_scope_id && mtuctl.ip6m_addr.sin6_scope_id != dst.sin6_scope_id)) { if ((options & F_VERBOSE) != 0) { printf("path MTU for %s is notified. " "(ignored)\n", pr_addr((struct sockaddr *)&mtuctl.ip6m_addr, sizeof(mtuctl.ip6m_addr))); } return(0); } /* * Ignore an invalid MTU. XXX: can we just believe * the kernel check? */ if (mtuctl.ip6m_mtu < IPV6_MMTU) return(0); /* notification for our destination. return the MTU. */ return((int)mtuctl.ip6m_mtu); } } #endif return(0); } -/* - * onint -- - * SIGINT handler. - */ -/* ARGSUSED */ -static void -onint(int notused __unused) -{ - /* - * When doing reverse DNS lookups, the seenint flag might not - * be noticed for a while. Just exit if we get a second SIGINT. - */ - if ((options & F_HOSTNAME) && seenint != 0) - _exit(nreceived ? 0 : 2); -} - -/* - * summary -- - * Print out statistics. - */ -static void -summary(void) -{ - - (void)printf("\n--- %s ping6 statistics ---\n", hostname); - (void)printf("%ld packets transmitted, ", ntransmitted); - (void)printf("%ld packets received, ", nreceived); - if (nrepeats) - (void)printf("+%ld duplicates, ", nrepeats); - if (ntransmitted) { - if (nreceived > ntransmitted) - (void)printf("-- somebody's duplicating packets!"); - else - (void)printf("%.1f%% packet loss", - ((((double)ntransmitted - nreceived) * 100.0) / - ntransmitted)); - } - if (nrcvtimeout) - printf(", %ld packets out of wait time", nrcvtimeout); - (void)putchar('\n'); - if (nreceived && timing) { - /* Only display average to microseconds */ - double num = nreceived + nrepeats; - double avg = tsum / num; - double stddev = sqrt(fmax(0, tsumsq / num - avg * avg)); - (void)printf( - "round-trip min/avg/max/std-dev = %.3f/%.3f/%.3f/%.3f ms\n", - tmin, avg, tmax, stddev); - (void)fflush(stdout); - } - (void)fflush(stdout); -} - /*subject type*/ static const char *niqcode[] = { "IPv6 address", "DNS label", /*or empty*/ "IPv4 address", }; /*result code*/ static const char *nircode[] = { "Success", "Refused", "Unknown", }; /* * pr_icmph -- * Print a descriptive string about an ICMP header. */ static void pr_icmph(struct icmp6_hdr *icp, u_char *end) { char ntop_buf[INET6_ADDRSTRLEN]; struct nd_redirect *red; struct icmp6_nodeinfo *ni; char dnsname[MAXDNAME + 1]; const u_char *cp; size_t l; switch (icp->icmp6_type) { case ICMP6_DST_UNREACH: switch (icp->icmp6_code) { case ICMP6_DST_UNREACH_NOROUTE: (void)printf("No Route to Destination\n"); break; case ICMP6_DST_UNREACH_ADMIN: (void)printf("Destination Administratively " "Unreachable\n"); break; case ICMP6_DST_UNREACH_BEYONDSCOPE: (void)printf("Destination Unreachable Beyond Scope\n"); break; case ICMP6_DST_UNREACH_ADDR: (void)printf("Destination Host Unreachable\n"); break; case ICMP6_DST_UNREACH_NOPORT: (void)printf("Destination Port Unreachable\n"); break; default: (void)printf("Destination Unreachable, Bad Code: %d\n", icp->icmp6_code); break; } /* Print returned IP header information */ pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_PACKET_TOO_BIG: (void)printf("Packet too big mtu = %d\n", (int)ntohl(icp->icmp6_mtu)); pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_TIME_EXCEEDED: switch (icp->icmp6_code) { case ICMP6_TIME_EXCEED_TRANSIT: (void)printf("Time to live exceeded\n"); break; case ICMP6_TIME_EXCEED_REASSEMBLY: (void)printf("Frag reassembly time exceeded\n"); break; default: (void)printf("Time exceeded, Bad Code: %d\n", icp->icmp6_code); break; } pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_PARAM_PROB: (void)printf("Parameter problem: "); switch (icp->icmp6_code) { case ICMP6_PARAMPROB_HEADER: (void)printf("Erroneous Header "); break; case ICMP6_PARAMPROB_NEXTHEADER: (void)printf("Unknown Nextheader "); break; case ICMP6_PARAMPROB_OPTION: (void)printf("Unrecognized Option "); break; default: (void)printf("Bad code(%d) ", icp->icmp6_code); break; } (void)printf("pointer = 0x%02x\n", (u_int32_t)ntohl(icp->icmp6_pptr)); pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_ECHO_REQUEST: (void)printf("Echo Request"); /* XXX ID + Seq + Data */ break; case ICMP6_ECHO_REPLY: (void)printf("Echo Reply"); /* XXX ID + Seq + Data */ break; case ICMP6_MEMBERSHIP_QUERY: (void)printf("Listener Query"); break; case ICMP6_MEMBERSHIP_REPORT: (void)printf("Listener Report"); break; case ICMP6_MEMBERSHIP_REDUCTION: (void)printf("Listener Done"); break; case ND_ROUTER_SOLICIT: (void)printf("Router Solicitation"); break; case ND_ROUTER_ADVERT: (void)printf("Router Advertisement"); break; case ND_NEIGHBOR_SOLICIT: (void)printf("Neighbor Solicitation"); break; case ND_NEIGHBOR_ADVERT: (void)printf("Neighbor Advertisement"); break; case ND_REDIRECT: red = (struct nd_redirect *)icp; (void)printf("Redirect\n"); if (!inet_ntop(AF_INET6, &red->nd_rd_dst, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); (void)printf("Destination: %s", ntop_buf); if (!inet_ntop(AF_INET6, &red->nd_rd_target, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); (void)printf(" New Target: %s", ntop_buf); break; case ICMP6_NI_QUERY: (void)printf("Node Information Query"); /* XXX ID + Seq + Data */ ni = (struct icmp6_nodeinfo *)icp; l = end - (u_char *)(ni + 1); printf(", "); switch (ntohs(ni->ni_qtype)) { case NI_QTYPE_NOOP: (void)printf("NOOP"); break; case NI_QTYPE_SUPTYPES: (void)printf("Supported qtypes"); break; case NI_QTYPE_FQDN: (void)printf("DNS name"); break; case NI_QTYPE_NODEADDR: (void)printf("nodeaddr"); break; case NI_QTYPE_IPV4ADDR: (void)printf("IPv4 nodeaddr"); break; default: (void)printf("unknown qtype"); break; } if (options & F_VERBOSE) { switch (ni->ni_code) { case ICMP6_NI_SUBJ_IPV6: if (l == sizeof(struct in6_addr) && inet_ntop(AF_INET6, ni + 1, ntop_buf, sizeof(ntop_buf)) != NULL) { (void)printf(", subject=%s(%s)", niqcode[ni->ni_code], ntop_buf); } else { #if 1 /* backward compat to -W */ (void)printf(", oldfqdn"); #else (void)printf(", invalid"); #endif } break; case ICMP6_NI_SUBJ_FQDN: if (end == (u_char *)(ni + 1)) { (void)printf(", no subject"); break; } printf(", subject=%s", niqcode[ni->ni_code]); cp = (const u_char *)(ni + 1); cp = dnsdecode(cp, end, NULL, dnsname, sizeof(dnsname)); if (cp != NULL) printf("(%s)", dnsname); else printf("(invalid)"); break; case ICMP6_NI_SUBJ_IPV4: if (l == sizeof(struct in_addr) && inet_ntop(AF_INET, ni + 1, ntop_buf, sizeof(ntop_buf)) != NULL) { (void)printf(", subject=%s(%s)", niqcode[ni->ni_code], ntop_buf); } else (void)printf(", invalid"); break; default: (void)printf(", invalid"); break; } } break; case ICMP6_NI_REPLY: (void)printf("Node Information Reply"); /* XXX ID + Seq + Data */ ni = (struct icmp6_nodeinfo *)icp; printf(", "); switch (ntohs(ni->ni_qtype)) { case NI_QTYPE_NOOP: (void)printf("NOOP"); break; case NI_QTYPE_SUPTYPES: (void)printf("Supported qtypes"); break; case NI_QTYPE_FQDN: (void)printf("DNS name"); break; case NI_QTYPE_NODEADDR: (void)printf("nodeaddr"); break; case NI_QTYPE_IPV4ADDR: (void)printf("IPv4 nodeaddr"); break; default: (void)printf("unknown qtype"); break; } if (options & F_VERBOSE) { if (ni->ni_code > nitems(nircode)) printf(", invalid"); else printf(", %s", nircode[ni->ni_code]); } break; default: (void)printf("Bad ICMP type: %d", icp->icmp6_type); } } /* * pr_iph -- * Print an IP6 header. */ static void pr_iph(struct ip6_hdr *ip6) { u_int32_t flow = ip6->ip6_flow & IPV6_FLOWLABEL_MASK; u_int8_t tc; char ntop_buf[INET6_ADDRSTRLEN]; tc = *(&ip6->ip6_vfc + 1); /* XXX */ tc = (tc >> 4) & 0x0f; tc |= (ip6->ip6_vfc << 4); printf("Vr TC Flow Plen Nxt Hlim\n"); printf(" %1x %02x %05x %04x %02x %02x\n", (ip6->ip6_vfc & IPV6_VERSION_MASK) >> 4, tc, (u_int32_t)ntohl(flow), ntohs(ip6->ip6_plen), ip6->ip6_nxt, ip6->ip6_hlim); if (!inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); printf("%s->", ntop_buf); if (!inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); printf("%s\n", ntop_buf); } /* * pr_addr -- * Return an ascii host address as a dotted quad and optionally with * a hostname. */ static const char * pr_addr(struct sockaddr *addr, int addrlen) { static char buf[NI_MAXHOST]; int flag = 0; - if ((options & F_HOSTNAME) == 0) + if (!(options & F_HOSTNAME)) flag |= NI_NUMERICHOST; if (cap_getnameinfo(capdns, addr, addrlen, buf, sizeof(buf), NULL, 0, flag) == 0) return (buf); else return "?"; } /* * pr_retip -- * Dump some info on a returned (via ICMPv6) IPv6 packet. */ static void pr_retip(struct ip6_hdr *ip6, u_char *end) { u_char *cp = (u_char *)ip6, nh; int hlen; if ((size_t)(end - (u_char *)ip6) < sizeof(*ip6)) { printf("IP6"); goto trunc; } pr_iph(ip6); hlen = sizeof(*ip6); nh = ip6->ip6_nxt; cp += hlen; while (end - cp >= 8) { #ifdef IPSEC struct ah ah; #endif switch (nh) { case IPPROTO_HOPOPTS: printf("HBH "); hlen = (((struct ip6_hbh *)cp)->ip6h_len+1) << 3; nh = ((struct ip6_hbh *)cp)->ip6h_nxt; break; case IPPROTO_DSTOPTS: printf("DSTOPT "); hlen = (((struct ip6_dest *)cp)->ip6d_len+1) << 3; nh = ((struct ip6_dest *)cp)->ip6d_nxt; break; case IPPROTO_FRAGMENT: printf("FRAG "); hlen = sizeof(struct ip6_frag); nh = ((struct ip6_frag *)cp)->ip6f_nxt; break; case IPPROTO_ROUTING: printf("RTHDR "); hlen = (((struct ip6_rthdr *)cp)->ip6r_len+1) << 3; nh = ((struct ip6_rthdr *)cp)->ip6r_nxt; break; #ifdef IPSEC case IPPROTO_AH: printf("AH "); memcpy(&ah, cp, sizeof(ah)); hlen = (ah.ah_len+2) << 2; nh = ah.ah_nxt; break; #endif case IPPROTO_ICMPV6: printf("ICMP6: type = %d, code = %d\n", *cp, *(cp + 1)); return; case IPPROTO_ESP: printf("ESP\n"); return; case IPPROTO_TCP: printf("TCP: from port %u, to port %u (decimal)\n", (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3))); return; case IPPROTO_UDP: printf("UDP: from port %u, to port %u (decimal)\n", (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3))); return; default: printf("Unknown Header(%d)\n", nh); return; } if ((cp += hlen) >= end) goto trunc; } if (end - cp < 8) goto trunc; putchar('\n'); return; trunc: printf("...\n"); return; } static void fill(char *bp, char *patp) { int ii, jj, kk; int pat[16]; char *cp; for (cp = patp; *cp; cp++) if (!isxdigit(*cp)) errx(1, "patterns must be specified as hex digits"); ii = sscanf(patp, "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], &pat[13], &pat[14], &pat[15]); /* xxx */ if (ii > 0) for (kk = 0; (size_t)kk <= MAXDATALEN - 8 + sizeof(struct tv32) + ii; kk += ii) for (jj = 0; jj < ii; ++jj) bp[jj + kk] = pat[jj]; if (!(options & F_QUIET)) { (void)printf("PATTERN: 0x"); for (jj = 0; jj < ii; ++jj) (void)printf("%02x", bp[jj] & 0xFF); (void)printf("\n"); } } #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC static int setpolicy(int so __unused, char *policy) { char *buf; if (policy == NULL) return 0; /* ignore */ buf = ipsec_set_policy(policy, strlen(policy)); if (buf == NULL) errx(1, "%s", ipsec_strerror()); if (setsockopt(ssend, IPPROTO_IPV6, IPV6_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) warnx("Unable to set IPsec policy"); free(buf); return 0; } #endif #endif static char * nigroup(char *name, int nig_oldmcprefix) { char *p; char *q; MD5_CTX ctxt; u_int8_t digest[16]; u_int8_t c; size_t l; char hbuf[NI_MAXHOST]; struct in6_addr in6; int valid; p = strchr(name, '.'); if (!p) p = name + strlen(name); l = p - name; if (l > 63 || l > sizeof(hbuf) - 1) return NULL; /*label too long*/ strncpy(hbuf, name, l); hbuf[(int)l] = '\0'; for (q = name; *q; q++) { if (isupper(*(unsigned char *)q)) *q = tolower(*(unsigned char *)q); } /* generate 16 bytes of pseudo-random value. */ memset(&ctxt, 0, sizeof(ctxt)); MD5Init(&ctxt); c = l & 0xff; MD5Update(&ctxt, &c, sizeof(c)); MD5Update(&ctxt, (unsigned char *)name, l); MD5Final(digest, &ctxt); if (nig_oldmcprefix) { /* draft-ietf-ipngwg-icmp-name-lookup */ valid = inet_pton(AF_INET6, "ff02::2:0000:0000", &in6); } else { /* RFC 4620 */ valid = inet_pton(AF_INET6, "ff02::2:ff00:0000", &in6); } if (valid != 1) return NULL; /*XXX*/ if (nig_oldmcprefix) { /* draft-ietf-ipngwg-icmp-name-lookup */ bcopy(digest, &in6.s6_addr[12], 4); } else { /* RFC 4620 */ bcopy(digest, &in6.s6_addr[13], 3); } if (inet_ntop(AF_INET6, &in6, hbuf, sizeof(hbuf)) == NULL) return NULL; return strdup(hbuf); } static cap_channel_t * capdns_setup(void) { cap_channel_t *capcas, *capdnsloc; #ifdef WITH_CASPER const char *types[2]; int families[1]; #endif capcas = cap_init(); if (capcas == NULL) err(1, "unable to create casper process"); capdnsloc = cap_service_open(capcas, "system.dns"); /* Casper capability no longer needed. */ cap_close(capcas); if (capdnsloc == NULL) err(1, "unable to open system.dns service"); #ifdef WITH_CASPER types[0] = "NAME2ADDR"; types[1] = "ADDR2NAME"; if (cap_dns_type_limit(capdnsloc, types, nitems(types)) < 0) err(1, "unable to limit access to system.dns service"); families[0] = AF_INET6; if (cap_dns_family_limit(capdnsloc, families, nitems(families)) < 0) err(1, "unable to limit access to system.dns service"); #endif return (capdnsloc); } diff --git a/sbin/ping/tests/ping_6_c1_s8_t1.out b/sbin/ping/tests/ping_6_c1_s8_t1.out index 81c56e6cf586..0d207e74bc3e 100644 --- a/sbin/ping/tests/ping_6_c1_s8_t1.out +++ b/sbin/ping/tests/ping_6_c1_s8_t1.out @@ -1,6 +1,6 @@ -PING6(56=40+8+8 bytes) ::1 --> ::1 +PING(56=40+8+8 bytes) ::1 --> ::1 16 bytes from ::1, icmp_seq=0 hlim= time= ms ---- localhost ping6 statistics --- +--- localhost ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms diff --git a/sbin/ping/tests/ping_c1_s8_t1_S1.out b/sbin/ping/tests/ping_c1_s8_t1_S1.out index 81c56e6cf586..0d207e74bc3e 100644 --- a/sbin/ping/tests/ping_c1_s8_t1_S1.out +++ b/sbin/ping/tests/ping_c1_s8_t1_S1.out @@ -1,6 +1,6 @@ -PING6(56=40+8+8 bytes) ::1 --> ::1 +PING(56=40+8+8 bytes) ::1 --> ::1 16 bytes from ::1, icmp_seq=0 hlim= time= ms ---- localhost ping6 statistics --- +--- localhost ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms diff --git a/sbin/ping/tests/test_ping.py b/sbin/ping/tests/test_ping.py index 1c2540cb6d15..c51823103133 100644 --- a/sbin/ping/tests/test_ping.py +++ b/sbin/ping/tests/test_ping.py @@ -1,1419 +1,1419 @@ import pytest import logging import os import re import subprocess from atf_python.sys.net.vnet import IfaceFactory from atf_python.sys.net.vnet import SingleVnetTestTemplate from atf_python.sys.net.tools import ToolsHelper from typing import List from typing import Optional logging.getLogger("scapy").setLevel(logging.CRITICAL) import scapy.all as sc def build_response_packet(echo, ip, icmp, oip_ihl, special): icmp_id_seq_types = [0, 8, 13, 14, 15, 16, 17, 18, 37, 38] oip = echo[sc.IP] oicmp = echo[sc.ICMP] load = echo[sc.ICMP].payload oip[sc.IP].remove_payload() oicmp[sc.ICMP].remove_payload() oicmp.type = 8 # As if the original IP packet had these set oip.ihl = None oip.len = None oip.id = 1 oip.flags = ip.flags oip.chksum = None oip.options = ip.options # Inner packet (oip) options if oip_ihl: oip.ihl = oip_ihl # Special options if special == "no-payload": load = "" if special == "tcp": oip.proto = "tcp" tcp = sc.TCP(sport=1234, dport=5678) return ip / icmp / oip / tcp if special == "udp": oip.proto = "udp" udp = sc.UDP(sport=1234, dport=5678) return ip / icmp / oip / udp if special == "warp": # Build a package with a timestamp of INT_MAX # (time-warped package) payload_no_timestamp = sc.bytes_hex(load)[16:] load = (b"\xff" * 8) + sc.hex_bytes(payload_no_timestamp) if special == "wrong": # Build a package with a wrong last byte payload_no_last_byte = sc.bytes_hex(load)[:-2] load = (sc.hex_bytes(payload_no_last_byte)) + b"\x00" if special == "not-mine": # Modify the ICMP Identifier field oicmp.id += 1 if icmp.type in icmp_id_seq_types: pkt = ip / icmp / load else: ip.options = "" pkt = ip / icmp / oip / oicmp / load return pkt def generate_ip_options(opts): if not opts: return "" routers = [ "192.0.2.10", "192.0.2.20", "192.0.2.30", "192.0.2.40", "192.0.2.50", "192.0.2.60", "192.0.2.70", "192.0.2.80", "192.0.2.90", ] routers_zero = [0, 0, 0, 0, 0, 0, 0, 0, 0] if opts == "EOL": options = sc.IPOption(b"\x00") elif opts == "NOP": options = sc.IPOption(b"\x01") elif opts == "NOP-40": options = sc.IPOption(b"\x01" * 40) elif opts == "RR": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption_RR(pointer=40, routers=routers) elif opts == "RR-same": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption_RR(pointer=3, routers=routers_zero) elif opts == "RR-trunc": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption_RR(length=7, routers=routers_zero) elif opts == "LSRR": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption_LSRR(routers=routers) elif opts == "LSRR-trunc": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption_LSRR(length=3, routers=routers_zero) elif opts == "SSRR": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption_SSRR(routers=routers) elif opts == "SSRR-trunc": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption_SSRR(length=3, routers=routers_zero) elif opts == "unk": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption(b"\x9f") elif opts == "unk-40": ToolsHelper.set_sysctl("net.inet.ip.process_options", 0) options = sc.IPOption(b"\x9f" * 40) else: options = "" return options def pinger( # Required arguments # Avoid setting defaults on these arguments, # as we want to set them explicitly in the tests iface: str, /, src: sc.scapy.fields.SourceIPField, dst: sc.scapy.layers.inet.DestIPField, icmp_type: sc.scapy.fields.ByteEnumField, icmp_code: sc.scapy.fields.MultiEnumField, # IP arguments ihl: Optional[sc.scapy.fields.BitField] = None, flags: Optional[sc.scapy.fields.FlagsField] = None, opts: Optional[str] = None, oip_ihl: Optional[sc.scapy.fields.BitField] = None, special: Optional[str] = None, # ICMP arguments # Match names with icmp_pptr: sc.scapy.fields.ByteField = 0, icmp_gwaddr: sc.scapy.fields.IPField = "0.0.0.0", icmp_nextmtu: sc.scapy.fields.ShortField = 0, icmp_otime: sc.scapy.layers.inet.ICMPTimeStampField = 0, icmp_rtime: sc.scapy.layers.inet.ICMPTimeStampField = 0, icmp_ttime: sc.scapy.layers.inet.ICMPTimeStampField = 0, icmp_mask: sc.scapy.fields.IPField = "0.0.0.0", request: Optional[str] = None, # Miscellaneous arguments count: int = 1, dup: bool = False, verbose: bool = True, ) -> subprocess.CompletedProcess: """P I N G E R Echo reply faker :param str iface: Interface to send packet to :keyword src: Source packet IP :type src: class:`scapy.fields.SourceIPField` :keyword dst: Destination packet IP :type dst: class:`scapy.layers.inet.DestIPField` :keyword icmp_type: ICMP type :type icmp_type: class:`scapy.fields.ByteEnumField` :keyword icmp_code: ICMP code :type icmp_code: class:`scapy.fields.MultiEnumField` :keyword ihl: Internet Header Length, defaults to None :type ihl: class:`scapy.fields.BitField`, optional :keyword flags: IP flags - one of `DF`, `MF` or `evil`, defaults to None :type flags: class:`scapy.fields.FlagsField`, optional :keyword opts: Include IP options - one of `EOL`, `NOP`, `NOP-40`, `unk`, `unk-40`, `RR`, `RR-same`, `RR-trunc`, `LSRR`, `LSRR-trunc`, `SSRR` or `SSRR-trunc`, defaults to None :type opts: str, optional :keyword oip_ihl: Inner packet's Internet Header Length, defaults to None :type oip_ihl: class:`scapy.fields.BitField`, optional :keyword special: Send a special packet - one of `no-payload`, `not-mine`, `tcp`, `udp`, `wrong` or `warp`, defaults to None :type special: str, optional :keyword icmp_pptr: ICMP pointer, defaults to 0 :type icmp_pptr: class:`scapy.fields.ByteField` :keyword icmp_gwaddr: ICMP gateway IP address, defaults to "0.0.0.0" :type icmp_gwaddr: class:`scapy.fields.IPField` :keyword icmp_nextmtu: ICMP next MTU, defaults to 0 :type icmp_nextmtu: class:`scapy.fields.ShortField` :keyword icmp_otime: ICMP originate timestamp, defaults to 0 :type icmp_otime: class:`scapy.layers.inet.ICMPTimeStampField` :keyword icmp_rtime: ICMP receive timestamp, defaults to 0 :type icmp_rtime: class:`scapy.layers.inet.ICMPTimeStampField` :keyword icmp_ttime: ICMP transmit timestamp, defaults to 0 :type icmp_ttime: class:`scapy.layers.inet.ICMPTimeStampField` :keyword icmp_mask: ICMP address mask, defaults to "0.0.0.0" :type icmp_mask: class:`scapy.fields.IPField` :keyword request: Request type - one of `mask` or `timestamp`, defaults to None :type request: str, optional :keyword count: Number of packets to send, defaults to 1 :type count: int :keyword dup: Duplicate packets, defaults to `False` :type dup: bool :keyword verbose: Turn on/off verbosity, defaults to `True` :type verbose: bool :return: A class:`subprocess.CompletedProcess` with the output from the ping utility :rtype: class:`subprocess.CompletedProcess` """ tun = sc.TunTapInterface(iface) subprocess.run(["ifconfig", tun.iface, "up"], check=True) subprocess.run(["ifconfig", tun.iface, src, dst], check=True) ip_opts = generate_ip_options(opts) ip = sc.IP(ihl=ihl, flags=flags, src=dst, dst=src, options=ip_opts) command = [ "/sbin/ping", "-c", str(count), "-t", str(count), ] if verbose: command += ["-v"] if request == "mask": command += ["-Mm"] if request == "timestamp": command += ["-Mt"] if special: command += ["-p1"] if opts in [ "RR", "RR-same", "RR-trunc", "LSRR", "LSRR-trunc", "SSRR", "SSRR-trunc", ]: command += ["-R"] command += [dst] with subprocess.Popen( args=command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True ) as ping: for dummy in range(count): echo = tun.recv() icmp = sc.ICMP( type=icmp_type, code=icmp_code, id=echo[sc.ICMP].id, seq=echo[sc.ICMP].seq, ts_ori=icmp_otime, ts_rx=icmp_rtime, ts_tx=icmp_ttime, gw=icmp_gwaddr, ptr=icmp_pptr, addr_mask=icmp_mask, nexthopmtu=icmp_nextmtu, ) pkt = build_response_packet(echo, ip, icmp, oip_ihl, special) tun.send(pkt) if dup is True: tun.send(pkt) stdout, stderr = ping.communicate() return subprocess.CompletedProcess( ping.args, ping.returncode, stdout, stderr ) def redact(output): """Redact some elements of ping's output""" pattern_replacements = [ ("localhost \([0-9]{1,3}(\.[0-9]{1,3}){3}\)", "localhost"), ("from [0-9]{1,3}(\.[0-9]{1,3}){3}", "from"), ("hlim=[0-9]*", "hlim="), ("ttl=[0-9]*", "ttl="), ("time=[0-9.-]*", "time="), ("\(-[0-9\.]+[0-9]+ ms\)", "(- ms)"), ("[0-9\.]+/[0-9.]+", "/"), ] for pattern, repl in pattern_replacements: output = re.sub(pattern, repl, output) return output class TestPing(SingleVnetTestTemplate): IPV6_PREFIXES: List[str] = ["2001:db8::1/64"] IPV4_PREFIXES: List[str] = ["192.0.2.1/24"] # Each param in testdata contains a dictionary with the command, # and the expected outcome (returncode, redacted stdout, and stderr) testdata = [ pytest.param( { "args": "ping -4 -c1 -s56 -t1 localhost", "returncode": 0, "stdout": """\ PING localhost: 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms --- localhost ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_4_c1_s56_t1_localhost", ), pytest.param( { "args": "ping -6 -c1 -s8 -t1 localhost", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) ::1 --> ::1 +PING(56=40+8+8 bytes) ::1 --> ::1 16 bytes from ::1, icmp_seq=0 hlim= time= ms ---- localhost ping6 statistics --- +--- localhost ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_6_c1_s8_t1_localhost", ), pytest.param( { "args": "ping -A -c1 192.0.2.1", "returncode": 0, "stdout": """\ PING 192.0.2.1 (192.0.2.1): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms --- 192.0.2.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_A_c1_192_0_2_1", ), pytest.param( { "args": "ping -A -c1 192.0.2.2", "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_A_c1_192_0_2_2", ), pytest.param( { "args": "ping -A -c1 2001:db8::1", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 16 bytes from 2001:db8::1, icmp_seq=0 hlim= time= ms ---- 2001:db8::1 ping6 statistics --- +--- 2001:db8::1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_A_c1_2001_db8__1", ), pytest.param( { "args": "ping -A -c1 2001:db8::2", "returncode": 2, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 ---- 2001:db8::2 ping6 statistics --- +--- 2001:db8::2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_A_c1_2001_db8__2", ), pytest.param( { "args": "ping -A -c3 192.0.2.1", "returncode": 0, "stdout": """\ PING 192.0.2.1 (192.0.2.1): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms 64 bytes from: icmp_seq=1 ttl= time= ms 64 bytes from: icmp_seq=2 ttl= time= ms --- 192.0.2.1 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_A_3_192_0.2.1", ), pytest.param( { "args": "ping -A -c3 192.0.2.2", "returncode": 2, "stdout": """\ \x07\x07PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_A_c3_192_0_2_2", ), pytest.param( { "args": "ping -A -c3 2001:db8::1", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 16 bytes from 2001:db8::1, icmp_seq=0 hlim= time= ms 16 bytes from 2001:db8::1, icmp_seq=1 hlim= time= ms 16 bytes from 2001:db8::1, icmp_seq=2 hlim= time= ms ---- 2001:db8::1 ping6 statistics --- +--- 2001:db8::1 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_A_c3_2001_db8__1", ), pytest.param( { "args": "ping -A -c3 2001:db8::2", "returncode": 2, "stdout": """\ -\x07\x07PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 +\x07\x07PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 ---- 2001:db8::2 ping6 statistics --- +--- 2001:db8::2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_A_c3_2001_db8__2", ), pytest.param( { "args": "ping -c1 192.0.2.1", "returncode": 0, "stdout": """\ PING 192.0.2.1 (192.0.2.1): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms --- 192.0.2.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_c1_192_0_2_1", ), pytest.param( { "args": "ping -c1 192.0.2.2", "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_c1_192_0_2_2", ), pytest.param( { "args": "ping -c1 2001:db8::1", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 16 bytes from 2001:db8::1, icmp_seq=0 hlim= time= ms ---- 2001:db8::1 ping6 statistics --- +--- 2001:db8::1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_c1_2001_db8__1", ), pytest.param( { "args": "ping -c1 2001:db8::2", "returncode": 2, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 ---- 2001:db8::2 ping6 statistics --- +--- 2001:db8::2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_c1_2001_db8__2", ), pytest.param( { "args": "ping -c1 -S127.0.0.1 -s56 -t1 localhost", "returncode": 0, "stdout": """\ PING localhost from: 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms --- localhost ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_c1_S127_0_0_1_s56_t1_localhost", ), pytest.param( { "args": "ping -c1 -S::1 -s8 -t1 localhost", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) ::1 --> ::1 +PING(56=40+8+8 bytes) ::1 --> ::1 16 bytes from ::1, icmp_seq=0 hlim= time= ms ---- localhost ping6 statistics --- +--- localhost ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_c1_S__1_s8_t1_localhost", ), pytest.param( { "args": "ping -c3 192.0.2.1", "returncode": 0, "stdout": """\ PING 192.0.2.1 (192.0.2.1): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms 64 bytes from: icmp_seq=1 ttl= time= ms 64 bytes from: icmp_seq=2 ttl= time= ms --- 192.0.2.1 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_c3_192_0_2_1", ), pytest.param( { "args": "ping -c3 192.0.2.2", "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_c3_192_0_2_2", ), pytest.param( { "args": "ping -c3 2001:db8::1", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 16 bytes from 2001:db8::1, icmp_seq=0 hlim= time= ms 16 bytes from 2001:db8::1, icmp_seq=1 hlim= time= ms 16 bytes from 2001:db8::1, icmp_seq=2 hlim= time= ms ---- 2001:db8::1 ping6 statistics --- +--- 2001:db8::1 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_c3_2001_db8__1", ), pytest.param( { "args": "ping -c3 2001:db8::2", "returncode": 2, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 ---- 2001:db8::2 ping6 statistics --- +--- 2001:db8::2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_c3_2001_db8__2", ), pytest.param( { "args": "ping -q -c1 192.0.2.1", "returncode": 0, "stdout": """\ PING 192.0.2.1 (192.0.2.1): 56 data bytes --- 192.0.2.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_q_c1_192_0_2_1", ), pytest.param( { "args": "ping -q -c1 192.0.2.2", "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_q_c1_192_0_2_2", ), pytest.param( { "args": "ping -q -c1 2001:db8::1", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 ---- 2001:db8::1 ping6 statistics --- +--- 2001:db8::1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_q_c1_2001_db8__1", ), pytest.param( { "args": "ping -q -c1 2001:db8::2", "returncode": 2, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 ---- 2001:db8::2 ping6 statistics --- +--- 2001:db8::2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_q_c1_2001_db8__2", ), pytest.param( { "args": "ping -q -c3 192.0.2.1", "returncode": 0, "stdout": """\ PING 192.0.2.1 (192.0.2.1): 56 data bytes --- 192.0.2.1 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_q_c3_192_0_2_1", ), pytest.param( { "args": "ping -q -c3 192.0.2.2", "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_q_c3_192_0_2_2", ), pytest.param( { "args": "ping -q -c3 2001:db8::1", "returncode": 0, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::1 ---- 2001:db8::1 ping6 statistics --- +--- 2001:db8::1 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss -round-trip min/avg/max/std-dev = /// ms +round-trip min/avg/max/stddev = /// ms """, "stderr": "", }, id="_q_c3_2001_db8__1", ), pytest.param( { "args": "ping -q -c3 2001:db8::2", "returncode": 2, "stdout": """\ -PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 +PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2 ---- 2001:db8::2 ping6 statistics --- +--- 2001:db8::2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", }, id="_q_c3_2001_db8__2", ), ] @pytest.mark.parametrize("expected", testdata) def test_ping(self, expected): """Test ping""" ping = subprocess.run( expected["args"].split(), capture_output=True, timeout=15, text=True, ) assert ping.returncode == expected["returncode"] assert redact(ping.stdout) == expected["stdout"] assert ping.stderr == expected["stderr"] # Each param in ping46_testdata contains a dictionary with the arguments # and the expected outcome (returncode, redacted stdout, and stderr) # common to `ping -4` and `ping -6` ping46_testdata = [ pytest.param( { "args": "-Wx localhost", "returncode": os.EX_USAGE, "stdout": "", "stderr": "ping: invalid timing interval: `x'\n", }, id="_Wx_localhost", ), ] @pytest.mark.parametrize("expected", ping46_testdata) def test_ping_46(self, expected): """Test ping -4/ping -6""" for version in [4, 6]: ping = subprocess.run( ["ping", f"-{version}"] + expected["args"].split(), capture_output=True, timeout=15, text=True, ) assert ping.returncode == expected["returncode"] assert redact(ping.stdout) == expected["stdout"] assert ping.stderr == expected["stderr"] # Each param in pinger_testdata contains a dictionary with the keywords to # `pinger()` and a dictionary with the expected outcome (returncode, # stdout, stderr, and if ping's output is redacted) pinger_testdata = [ pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "EOL", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms wrong total length 88 instead of 84 --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_EOL", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "LSRR", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms LSRR: 192.0.2.10 192.0.2.20 192.0.2.30 192.0.2.40 192.0.2.50 192.0.2.60 192.0.2.70 192.0.2.80 192.0.2.90 --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_LSRR", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "LSRR-trunc", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms LSRR: (truncated route) --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_LSRR_trunc", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "SSRR", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms SSRR: 192.0.2.10 192.0.2.20 192.0.2.30 192.0.2.40 192.0.2.50 192.0.2.60 192.0.2.70 192.0.2.80 192.0.2.90 --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_SSRR", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "SSRR-trunc", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms SSRR: (truncated route) --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_SSRR_trunc", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "RR", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms RR: 192.0.2.10 192.0.2.20 192.0.2.30 192.0.2.40 192.0.2.50 192.0.2.60 192.0.2.70 192.0.2.80 192.0.2.90 --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_RR", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "RR-same", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms (same route) --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_RR_same", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "RR-trunc", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms RR: (truncated route) --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_RR_trunc", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "NOP", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms wrong total length 88 instead of 84 NOP --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_NOP", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "ihl": 0x4, }, { "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", # "IHL too short" message not shown "redacted": False, }, id="_IHL_too_short", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "special": "no-payload", }, { "returncode": 2, "stdout": """\ PATTERN: 0x01 PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": """\ ping: quoted data too short (28 bytes) from 192.0.2.2 """, "redacted": False, }, id="_quoted_data_too_short", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "oip_ihl": 0x4, }, { "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", # "inner IHL too short" message not shown "redacted": False, }, id="_inner_IHL_too_short", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "oip_ihl": 0xF, }, { "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": """\ ping: inner packet too short (84 bytes) from 192.0.2.2 """, "redacted": False, }, id="_inner_packet_too_short", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "oip_ihl": 0xF, "special": "no-payload", }, { "returncode": 2, "stdout": """\ PATTERN: 0x01 PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", "redacted": False, }, id="_max_inner_packet_ihl_without_payload", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "NOP-40", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms wrong total length 124 instead of 84 NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_NOP_40", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "opts": "unk", }, { "returncode": 0, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms wrong total length 88 instead of 84 unknown option 9f --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": "", "redacted": True, }, id="_0_0_opts_unk", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "opts": "NOP-40", }, { "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 132 bytes from 192.0.2.2: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2 01010101010101010101010101010101010101010101010101010101010101010101010101010101 --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", "redacted": False, }, id="_3_1_opts_NOP_40", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "flags": "DF", }, { "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 92 bytes from 192.0.2.2: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 0001 2 0000 40 01 b6a4 192.0.2.1 192.0.2.2 --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", "redacted": False, }, id="_3_1_flags_DF", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "special": "tcp", }, { "returncode": 2, "stdout": """\ PATTERN: 0x01 PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": """\ ping: quoted data too short (40 bytes) from 192.0.2.2 """, "redacted": False, }, id="_3_1_special_tcp", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "special": "udp", }, { "returncode": 2, "stdout": """\ PATTERN: 0x01 PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": """\ ping: quoted data too short (28 bytes) from 192.0.2.2 """, "redacted": False, }, id="_3_1_special_udp", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "verbose": False, }, { "returncode": 2, "stdout": """\ PING 192.0.2.2 (192.0.2.2): 56 data bytes 92 bytes from 192.0.2.2: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 0001 0 0000 40 01 f6a4 192.0.2.1 192.0.2.2 --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", "redacted": False, }, id="_3_1_verbose_false", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 3, "icmp_code": 1, "special": "not-mine", "verbose": False, }, { "returncode": 2, "stdout": """\ PATTERN: 0x01 PING 192.0.2.2 (192.0.2.2): 56 data bytes --- 192.0.2.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss """, "stderr": "", "redacted": False, }, id="_3_1_special_not_mine_verbose_false", ), pytest.param( { "src": "192.0.2.1", "dst": "192.0.2.2", "icmp_type": 0, "icmp_code": 0, "special": "warp", }, { "returncode": 0, "stdout": """\ PATTERN: 0x01 PING 192.0.2.2 (192.0.2.2): 56 data bytes 64 bytes from: icmp_seq=0 ttl= time= ms --- 192.0.2.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = /// ms """, "stderr": """\ ping: time of day goes back (- ms), clamping time to 0 """, "redacted": True, }, id="_0_0_special_warp", ), ] @pytest.mark.parametrize("pinger_kargs, expected", pinger_testdata) @pytest.mark.require_progs(["scapy"]) @pytest.mark.require_user("root") def test_pinger(self, pinger_kargs, expected): """Test ping using pinger(), a reply faker""" iface = IfaceFactory().create_iface("", "tun")[0].name ping = pinger(iface, **pinger_kargs) assert ping.returncode == expected["returncode"] if expected["redacted"]: assert redact(ping.stdout) == expected["stdout"] assert redact(ping.stderr) == expected["stderr"] else: assert ping.stdout == expected["stdout"] assert ping.stderr == expected["stderr"]