sendpacket.c 26 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917
  1. /* $Id: sendpacket.c 2024 2008-05-06 19:39:35Z aturner $ */
  2. /*
  3. * Copyright (c) 2006 Aaron Turner.
  4. * Copyright (c) 1998 - 2004 Mike D. Schiffman <mike@infonexus.com>
  5. * Copyright (c) 2000 Torsten Landschoff <torsten@debian.org>
  6. * Sebastian Krahmer <krahmer@cs.uni-potsdam.de>
  7. * Copyright (c) 1993, 1994, 1995, 1996, 1998
  8. * The Regents of the University of California.
  9. * All rights reserved.
  10. *
  11. * Redistribution and use in source and binary forms, with or without
  12. * modification, are permitted provided that the following conditions
  13. * are met:
  14. *
  15. * 1. Redistributions of source code must retain the above copyright
  16. * notice, this list of conditions and the following disclaimer.
  17. * 2. Redistributions in binary form must reproduce the above copyright
  18. * notice, this list of conditions and the following disclaimer in the
  19. * documentation and/or other materials provided with the distribution.
  20. * 3. Neither the names of the copyright owners nor the names of its
  21. * contributors may be used to endorse or promote products derived from
  22. * this software without specific prior written permission.
  23. * 4. All advertising materials mentioning features or use of this software
  24. * display the following acknowledgement:
  25. * ``This product includes software developed by the University of
  26. * California, Lawrence Berkeley Laboratory and its contributors.''
  27. *
  28. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  29. * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  30. * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  31. * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
  32. * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  33. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
  34. * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  35. * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
  36. * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
  37. * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
  38. * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  39. */
  40. /* sendpacket.[ch] is my attempt to write a universal packet injection
  41. * API for BPF, libpcap, libnet, and Linux's PF_PACKET. I got sick
  42. * and tired dealing with libnet bugs and its lack of active maintenence,
  43. * but unfortunately, libpcap frame injection support is relatively new
  44. * and not everyone uses Linux, so I decided to support all four as
  45. * best as possible. If your platform/OS/hardware supports an additional
  46. * injection method, then by all means add it here (and send me a patch).
  47. *
  48. * Anyways, long story short, for now the order of preference is:
  49. * 1. PF_PACKET
  50. * 2. BPF
  51. * 3. libnet
  52. * 4. pcap_inject()
  53. * 5. pcap_sendpacket()
  54. *
  55. * Right now, one big problem with the pcap_* methods is that libpcap
  56. * doesn't provide a reliable method of getting the MAC address of
  57. * an interface (required for tcpbridge).
  58. * You can use PF_PACKET or BPF to get that, but if your system suports
  59. * those, might as well inject directly without going through another
  60. * level of indirection.
  61. *
  62. * Please note that some of this code was copied from Libnet 1.1.3
  63. */
  64. #include "config.h"
  65. #include "defines.h"
  66. #include "common.h"
  67. #include "sendpacket.h"
  68. /* Allow users to force the injection method, default is linux PF_PACKET */
  69. #define INJECT_METHOD "PF_PACKET send()"
  70. #ifdef FORCE_INJECT_LIBNET
  71. #undef HAVE_PF_PACKET
  72. #undef HAVE_PCAP_INJECT
  73. #undef HAVE_PCAP_SENDPACKET
  74. #undef HAVE_BPF
  75. #undef INJECT_METHOD
  76. #define INJECT_METHOD "libnet send()"
  77. #endif
  78. #ifdef FORCE_INJECT_BPF
  79. #undef HAVE_LIBNET
  80. #undef HAVE_PCAP_INJECT
  81. #undef HAVE_PCAP_SENDPACKET
  82. #undef HAVE_PF_PACKET
  83. #undef INJECT_METHOD
  84. #define INJECT_METHOD "bpf send()"
  85. #endif
  86. #ifdef FORCE_INJECT_PCAP_INJECT
  87. #undef HAVE_LIBNET
  88. #undef HAVE_PCAP_SENDPACKET
  89. #undef HAVE_BPF
  90. #undef HAVE_PF_PACKET
  91. #undef INJECT_METHOD
  92. #define INJECT_METHOD "pcap_inject()"
  93. #endif
  94. #ifdef FORCE_INJECT_PCAP_SENDPACKET
  95. #undef HAVE_LIBNET
  96. #undef HAVE_PCAP_INJECT
  97. #undef HAVE_BPF
  98. #undef HAVE_PF_PACKET
  99. #undef INJECT_METHOD
  100. #define INJECT_METHOD "pcap_sendpacket()"
  101. #endif
  102. #if (defined HAVE_WINPCAP && defined HAVE_PCAP_INJECT)
  103. #undef HAVE_PCAP_INJECT /* configure returns true for some odd reason */
  104. #endif
  105. #if !defined HAVE_PCAP_INJECT && !defined HAVE_PCAP_SENDPACKET && !defined HAVE_LIBNET && !defined HAVE_PF_PACKET && !defined HAVE_BPF
  106. #error You need pcap_inject() or pcap_sendpacket() from libpcap, libnet 1.1.3+, Linux's PF_PACKET or *BSD's BPF
  107. #endif
  108. #include <string.h>
  109. #include <errno.h>
  110. #include <stdarg.h>
  111. #include <stdio.h>
  112. #include <sys/types.h>
  113. #include <sys/time.h>
  114. #include <sys/ioctl.h>
  115. #include <sys/file.h>
  116. #include <sys/socket.h>
  117. #ifdef HAVE_SYS_PARAM_H
  118. #include <sys/param.h>
  119. #endif
  120. #ifdef HAVE_SYS_SYSCTL_H
  121. #include <sys/sysctl.h>
  122. #endif
  123. #ifdef HAVE_NET_ROUTE_H
  124. #include <net/route.h>
  125. #endif
  126. #include <stdlib.h>
  127. #include <unistd.h>
  128. #ifdef HAVE_PF_PACKET
  129. #include <fcntl.h>
  130. #include <sys/utsname.h>
  131. #include <net/if.h>
  132. #include <netinet/in.h>
  133. #include <linux/if_ether.h>
  134. #include <net/if_arp.h>
  135. #include <netpacket/packet.h>
  136. #ifndef __GLIBC__
  137. typedef int socklen_t;
  138. #endif
  139. static sendpacket_t *sendpacket_open_pf(const char *, char *);
  140. static struct tcpr_ether_addr *sendpacket_get_hwaddr_pf(sendpacket_t *);
  141. static int get_iface_index(int fd, const int8_t *device, char *);
  142. #endif /* HAVE_PF_PACKET */
  143. #ifdef HAVE_BPF
  144. #include <net/bpf.h>
  145. #include <sys/socket.h>
  146. #include <net/if.h>
  147. #include <sys/uio.h>
  148. #include <net/if_dl.h> // used for get_hwaddr_bpf()
  149. static sendpacket_t *sendpacket_open_bpf(const char *, char *) _U_;
  150. static struct tcpr_ether_addr *sendpacket_get_hwaddr_bpf(sendpacket_t *) _U_;
  151. #endif /* HAVE_BPF */
  152. #ifdef HAVE_LIBNET
  153. static sendpacket_t *sendpacket_open_libnet(const char *, char *) _U_;
  154. static struct tcpr_ether_addr *sendpacket_get_hwaddr_libnet(sendpacket_t *) _U_;
  155. #endif /* HAVE_LIBNET */
  156. #if (defined HAVE_PCAP_INJECT || defined HAVE_PCAP_SENDPACKET)
  157. static sendpacket_t *sendpacket_open_pcap(const char *, char *) _U_;
  158. static struct tcpr_ether_addr *sendpacket_get_hwaddr_pcap(sendpacket_t *) _U_;
  159. #endif /* HAVE_PCAP_INJECT || HAVE_PACKET_SENDPACKET */
  160. static void sendpacket_seterr(sendpacket_t *sp, const char *fmt, ...);
  161. /* You need to define didsig in your main .c file. Set to 1 if CTRL-C was pressed */
  162. extern volatile int didsig;
  163. /**
  164. * returns number of bytes sent on success or -1 on error
  165. * Note: it is theoretically possible to get a return code >0 and < len
  166. * which for most people would be considered an error (the packet wasn't fully sent)
  167. * so you may want to test for recode != len too.
  168. *
  169. * Most socket API's have two interesting errors: ENOBUFS & EAGAIN. ENOBUFS
  170. * is usually due to the kernel buffers being full. EAGAIN happens when you
  171. * try to send traffic faster then the PHY allows.
  172. */
  173. int
  174. sendpacket(sendpacket_t *sp, const u_char *data, size_t len)
  175. {
  176. int retcode;
  177. assert(sp);
  178. assert(data);
  179. if (len <= 0)
  180. return -1;
  181. TRY_SEND_AGAIN:
  182. sp->attempt ++;
  183. #if defined HAVE_PF_PACKET
  184. retcode = (int)send(sp->handle.fd, (void *)data, len, 0);
  185. /* out of buffers, or hit max PHY speed, silently retry */
  186. if (retcode < 0 && !didsig) {
  187. switch (errno) {
  188. case EAGAIN:
  189. sp->retry_eagain ++;
  190. goto TRY_SEND_AGAIN;
  191. break;
  192. case ENOBUFS:
  193. sp->retry_enobufs ++;
  194. goto TRY_SEND_AGAIN;
  195. break;
  196. default:
  197. sendpacket_seterr(sp, "Error with %s [" COUNTER_SPEC "]: %s (errno = %d)",
  198. INJECT_METHOD, sp->sent + 1, strerror(errno), errno);
  199. }
  200. }
  201. #elif defined HAVE_BPF
  202. retcode = write(sp->handle.fd, (void *)data, len);
  203. /* out of buffers, or hit max PHY speed, silently retry */
  204. if (retcode < 0 && !didsig) {
  205. switch (errno) {
  206. case EAGAIN:
  207. sp->retry_eagain ++;
  208. goto TRY_SEND_AGAIN;
  209. break;
  210. case ENOBUFS:
  211. sp->retry_enobufs ++;
  212. goto TRY_SEND_AGAIN;
  213. break;
  214. default:
  215. sendpacket_seterr(sp, "Error with %s [" COUNTER_SPEC "]: %s (errno = %d)",
  216. INJECT_METHOD, sp->sent + 1, strerror(errno), errno);
  217. }
  218. }
  219. #elif defined HAVE_LIBNET
  220. retcode = libnet_adv_write_link(sp->handle.lnet, (u_int8_t*)data, (u_int32_t)len);
  221. /* out of buffers, or hit max PHY speed, silently retry */
  222. if (retcode < 0 && !didsig) {
  223. switch (errno) {
  224. case EAGAIN:
  225. sp->retry_eagain ++;
  226. goto TRY_SEND_AGAIN;
  227. break;
  228. case ENOBUFS:
  229. sp->retry_enobufs ++;
  230. goto TRY_SEND_AGAIN;
  231. break;
  232. default:
  233. sendpacket_seterr(sp, "Error with %s [" COUNTER_SPEC "]: %s (errno = %d)",
  234. INJECT_METHOD, sp->sent + 1, strerror(errno), errno);
  235. }
  236. }
  237. #elif defined HAVE_PCAP_INJECT
  238. /*
  239. * pcap methods don't seem to support ENOBUFS, so we just straight fail
  240. * is there a better way???
  241. */
  242. retcode = pcap_inject(sp->handle.pcap, (void*)data, len);
  243. /* out of buffers, or hit max PHY speed, silently retry */
  244. if (retcode < 0 && !didsig) {
  245. switch (errno) {
  246. case EAGAIN:
  247. sp->retry_eagain ++;
  248. goto TRY_SEND_AGAIN;
  249. break;
  250. case ENOBUFS:
  251. sp->retry_enobufs ++;
  252. goto TRY_SEND_AGAIN;
  253. break;
  254. default:
  255. sendpacket_seterr(sp, "Error with %s [" COUNTER_SPEC "]: %s (errno = %d)",
  256. INJECT_METHOD, sp->sent + 1, pcap_geterr(sp->handle.pcap), errno);
  257. }
  258. }
  259. #elif defined HAVE_PCAP_SENDPACKET
  260. retcode = pcap_sendpacket(sp->handle.pcap, data, (int)len);
  261. /* out of buffers, or hit max PHY speed, silently retry */
  262. if (retcode < 0 && !didsig) {
  263. switch (errno) {
  264. case EAGAIN:
  265. sp->retry_eagain ++;
  266. goto TRY_SEND_AGAIN;
  267. break;
  268. case ENOBUFS:
  269. sp->retry_enobufs ++;
  270. goto TRY_SEND_AGAIN;
  271. break;
  272. default:
  273. sendpacket_seterr(sp, "Error with %s [" COUNTER_SPEC "]: %s (errno = %d)",
  274. INJECT_METHOD, sp->sent + 1, pcap_geterr(sp->handle.pcap), errno);
  275. }
  276. }
  277. /*
  278. * pcap_sendpacket returns 0 on success, not the packet length!
  279. * hence, we have to fix retcode to be more standard on success
  280. */
  281. if (retcode == 0)
  282. retcode = len;
  283. #endif
  284. if (retcode < 0) {
  285. sp->failed ++;
  286. } else if (retcode != (int)len) {
  287. sendpacket_seterr(sp, "Only able to write %d bytes out of %u bytes total",
  288. retcode, len);
  289. } else {
  290. sp->bytes_sent += len;
  291. sp->sent ++;
  292. }
  293. return retcode;
  294. }
  295. /**
  296. * Open the given network device name and returns a sendpacket_t struct
  297. * pass the error buffer (in case there's a problem) and the direction
  298. * that this interface represents
  299. */
  300. sendpacket_t *
  301. sendpacket_open(const char *device, char *errbuf, tcpr_dir_t direction)
  302. {
  303. sendpacket_t *sp;
  304. assert(device);
  305. assert(errbuf);
  306. #if defined HAVE_PF_PACKET
  307. sp = sendpacket_open_pf(device, errbuf);
  308. #elif defined HAVE_BPF
  309. sp = sendpacket_open_bpf(device, errbuf);
  310. #elif defined HAVE_LIBNET
  311. sp = sendpacket_open_libnet(device, errbuf);
  312. #elif (defined HAVE_PCAP_INJECT || defined HAVE_PCAP_SENDPACKET)
  313. sp = sendpacket_open_pcap(device, errbuf);
  314. #endif
  315. if (sp != NULL) {
  316. sp->open = 1;
  317. sp->cache_dir = direction;
  318. }
  319. return sp;
  320. }
  321. /**
  322. * Get packet stats for the given sendpacket_t
  323. */
  324. char *
  325. sendpacket_getstat(sendpacket_t *sp)
  326. {
  327. static char buf[1024];
  328. assert(sp);
  329. memset(buf, 0, sizeof(buf));
  330. sprintf(buf, "Statistics for network device: %s\n"
  331. "\tAttempted packets: " COUNTER_SPEC "\n"
  332. "\tSuccessful packets: " COUNTER_SPEC "\n"
  333. "\tFailed packets: " COUNTER_SPEC "\n"
  334. "\tRetried packets (ENOBUFS): " COUNTER_SPEC "\n"
  335. "\tRetried packets (EAGAIN): " COUNTER_SPEC "\n",
  336. sp->device, sp->attempt, sp->sent, sp->failed, sp->retry_enobufs, sp->retry_eagain);
  337. return(buf);
  338. }
  339. /**
  340. * close the given sendpacket
  341. */
  342. int
  343. sendpacket_close(sendpacket_t *sp)
  344. {
  345. assert(sp);
  346. safe_free(sp);
  347. return 0;
  348. }
  349. /**
  350. * returns the Layer 2 address of the interface current
  351. * open. on error, return NULL
  352. */
  353. struct tcpr_ether_addr *
  354. sendpacket_get_hwaddr(sendpacket_t *sp)
  355. {
  356. struct tcpr_ether_addr *addr;
  357. assert(sp);
  358. /* if we already have our MAC address stored, just return it */
  359. if (memcmp(&sp->ether, "\x00\x00\x00\x00\x00\x00", ETHER_ADDR_LEN) != 0)
  360. return &sp->ether;
  361. #if defined HAVE_PF_PACKET
  362. addr = sendpacket_get_hwaddr_pf(sp);
  363. #elif defined HAVE_BPF
  364. addr = sendpacket_get_hwaddr_bpf(sp);
  365. #elif defined HAVE_LIBNET
  366. addr = sendpacket_get_hwaddr_libnet(sp);
  367. #elif (defined HAVE_PCAP_INJECT || defined HAVE_PCAP_SENDPACKET)
  368. addr = sendpacket_get_hwaddr_pcap(sp);
  369. #endif
  370. return addr;
  371. }
  372. /**
  373. * returns the error string
  374. */
  375. char *
  376. sendpacket_geterr(sendpacket_t *sp)
  377. {
  378. assert(sp);
  379. return sp->errbuf;
  380. }
  381. /**
  382. * Set's the error string
  383. */
  384. static void
  385. sendpacket_seterr(sendpacket_t *sp, const char *fmt, ...)
  386. {
  387. va_list ap;
  388. assert(sp);
  389. va_start(ap, fmt);
  390. if (fmt != NULL)
  391. (void)vsnprintf(sp->errbuf, SENDPACKET_ERRBUF_SIZE, fmt, ap);
  392. va_end(ap);
  393. sp->errbuf[(SENDPACKET_ERRBUF_SIZE-1)] = '\0'; // be safe
  394. }
  395. #if defined HAVE_PCAP_INJECT || defined HAVE_PCAP_SENDPACKET
  396. /**
  397. * Inner sendpacket_open() method for using libpcap
  398. */
  399. static sendpacket_t *
  400. sendpacket_open_pcap(const char *device, char *errbuf)
  401. {
  402. pcap_t *pcap;
  403. sendpacket_t *sp;
  404. #ifdef BIOCSHDRCMPLT
  405. u_int spoof_eth_src = 1;
  406. int fd;
  407. #endif
  408. assert(device);
  409. assert(errbuf);
  410. dbg(1, "sendpacket: using Libpcap");
  411. /* open_pcap_live automatically fills out our errbuf for us */
  412. if ((pcap = pcap_open_live(device, 0, 0, 0, errbuf)) == NULL)
  413. return NULL;
  414. sp = (sendpacket_t *)safe_malloc(sizeof(sendpacket_t));
  415. strlcpy(sp->device, device, sizeof(sp->device));
  416. sp->handle.pcap = pcap;
  417. #ifdef BIOCSHDRCMPLT
  418. /*
  419. * Only systems using BPF on the backend need this...
  420. * other systems don't have ioctl and will get compile errors.
  421. */
  422. fd = pcap_get_selectable_fd(pcap);
  423. if (ioctl(fd, BIOCSHDRCMPLT, &spoof_eth_src) == -1)
  424. errx(1, "Unable to enable source MAC spoof support: %s", strerror(errno));
  425. #endif
  426. return sp;
  427. }
  428. /**
  429. * Get the hardware MAC address for the given interface using libpcap
  430. */
  431. static struct tcpr_ether_addr *
  432. sendpacket_get_hwaddr_pcap(sendpacket_t *sp)
  433. {
  434. assert(sp);
  435. sendpacket_seterr(sp, "Error: sendpacket_get_hwaddr() not yet supported for pcap injection");
  436. return NULL;
  437. }
  438. #endif /* HAVE_PCAP_INJECT || HAVE_PCAP_SENDPACKET */
  439. #if defined HAVE_LIBNET
  440. /**
  441. * Inner sendpacket_open() method for using libnet
  442. */
  443. static sendpacket_t *
  444. sendpacket_open_libnet(const char *device, char *errbuf)
  445. {
  446. libnet_t *lnet;
  447. sendpacket_t *sp;
  448. assert(device);
  449. assert(errbuf);
  450. dbg(1, "sendpacket: using Libnet");
  451. if ((lnet = libnet_init(LIBNET_LINK_ADV, device, errbuf)) == NULL)
  452. return NULL;
  453. sp = (sendpacket_t *)safe_malloc(sizeof(sendpacket_t));
  454. strlcpy(sp->device, device, sizeof(sp->device));
  455. sp->handle.lnet = lnet;
  456. return sp;
  457. }
  458. /**
  459. * Get the hardware MAC address for the given interface using libnet
  460. */
  461. static struct tcpr_ether_addr *
  462. sendpacket_get_hwaddr_libnet(sendpacket_t *sp)
  463. {
  464. struct tcpr_ether_addr *addr;
  465. assert(sp);
  466. addr = (struct tcpr_ether_addr *)libnet_get_hwaddr(sp->handle.lnet);
  467. if (addr == NULL) {
  468. sendpacket_seterr(sp, "Error getting hwaddr via libnet: %s", libnet_geterror(sp->handle.lnet));
  469. return NULL;
  470. }
  471. memcpy(&sp->ether, addr, sizeof(struct tcpr_ether_addr));
  472. return(&sp->ether);
  473. }
  474. #endif /* HAVE_LIBNET */
  475. #if defined HAVE_PF_PACKET
  476. /**
  477. * Inner sendpacket_open() method for using Linux's PF_PACKET
  478. */
  479. static sendpacket_t *
  480. sendpacket_open_pf(const char *device, char *errbuf)
  481. {
  482. int mysocket;
  483. sendpacket_t *sp;
  484. struct ifreq ifr;
  485. struct sockaddr_ll sa;
  486. int n = 1, err;
  487. socklen_t errlen = sizeof(err);
  488. assert(device);
  489. assert(errbuf);
  490. dbg(1, "sendpacket: using PF_PACKET");
  491. /* open our socket */
  492. if ((mysocket = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL))) < 0) {
  493. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "socket: %s", strerror(errno));
  494. return NULL;
  495. }
  496. /* get the interface id for the device */
  497. if ((sa.sll_ifindex = get_iface_index(mysocket, device, errbuf)) < 0) {
  498. close(mysocket);
  499. return NULL;
  500. }
  501. /* bind socket to our interface id */
  502. sa.sll_family = AF_PACKET;
  503. sa.sll_protocol = htons(ETH_P_ALL);
  504. if (bind(mysocket, (struct sockaddr *)&sa, sizeof(sa)) < 0) {
  505. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "bind error: %s", strerror(errno));
  506. close(mysocket);
  507. return NULL;
  508. }
  509. /* check for errors, network down, etc... */
  510. if (getsockopt(mysocket, SOL_SOCKET, SO_ERROR, &err, &errlen) < 0) {
  511. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "error opening %s: %s", device,
  512. strerror(errno));
  513. close(mysocket);
  514. return NULL;
  515. }
  516. if (err > 0) {
  517. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "error opening %s: %s", device,
  518. strerror(err));
  519. close(mysocket);
  520. return NULL;
  521. }
  522. /* get hardware type for our interface */
  523. memset(&ifr, 0, sizeof(ifr));
  524. strlcpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
  525. if (ioctl(mysocket, SIOCGIFHWADDR, &ifr) < 0) {
  526. close(mysocket);
  527. sendpacket_seterr(sp, "Error getting hardware type: %s", strerror(errno));
  528. return NULL;
  529. }
  530. #if 0 /* why is this check necessary??? */
  531. /* make sure it's ethernet */
  532. switch (ifr.ifr_hwaddr.sa_family) {
  533. case ARPHRD_ETHER:
  534. break;
  535. default:
  536. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE,
  537. "unsupported pysical layer type 0x%x", ifr.ifr_hwaddr.sa_family);
  538. close(mysocket);
  539. return NULL;
  540. }
  541. #endif
  542. #ifdef SO_BROADCAST
  543. /*
  544. * man 7 socket
  545. *
  546. * Set or get the broadcast flag. When enabled, datagram sockets
  547. * receive packets sent to a broadcast address and they are allowed
  548. * to send packets to a broadcast address. This option has no
  549. * effect on stream-oriented sockets.
  550. */
  551. if (setsockopt(mysocket, SOL_SOCKET, SO_BROADCAST, &n, sizeof(n)) == -1) {
  552. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE,
  553. "SO_BROADCAS: %s\n", strerror(errno));
  554. close(mysocket);
  555. return NULL;
  556. }
  557. #endif /* SO_BROADCAST */
  558. /* prep & return our sp handle */
  559. sp = (sendpacket_t *)safe_malloc(sizeof(sendpacket_t));
  560. strlcpy(sp->device, device, sizeof(sp->device));
  561. sp->handle.fd = mysocket;
  562. return sp;
  563. }
  564. /**
  565. * get the interface index (necessary for sending packets w/ PF_PACKET)
  566. */
  567. static int
  568. get_iface_index(int fd, const int8_t *device, char *errbuf) {
  569. struct ifreq ifr;
  570. memset(&ifr, 0, sizeof(ifr));
  571. strlcpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
  572. if (ioctl(fd, SIOCGIFINDEX, &ifr) == -1) {
  573. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "ioctl: %s", strerror(errno));
  574. return (-1);
  575. }
  576. return ifr.ifr_ifindex;
  577. }
  578. /**
  579. * get's the hardware address via Linux's PF packet interface
  580. */
  581. struct tcpr_ether_addr *
  582. sendpacket_get_hwaddr_pf(sendpacket_t *sp)
  583. {
  584. struct ifreq ifr;
  585. int fd;
  586. assert(sp);
  587. if (!sp->open) {
  588. sendpacket_seterr(sp, "Unable to get hardware address on un-opened sendpacket handle");
  589. return NULL;
  590. }
  591. /* create dummy socket for ioctl */
  592. if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
  593. sendpacket_seterr(sp, "Unable to open dummy socket for get_hwaddr: %s", strerror(errno));
  594. return NULL;
  595. }
  596. memset(&ifr, 0, sizeof(ifr));
  597. strlcpy(ifr.ifr_name, sp->device, sizeof(ifr.ifr_name));
  598. if (ioctl(fd, SIOCGIFHWADDR, (int8_t *)&ifr) < 0) {
  599. close(fd);
  600. sendpacket_seterr(sp, "Error getting hardware address: %s", strerror(errno));
  601. return NULL;
  602. }
  603. memcpy(&sp->ether, &ifr.ifr_hwaddr.sa_data, ETHER_ADDR_LEN);
  604. close(fd);
  605. return(&sp->ether);
  606. }
  607. #endif /* HAVE_PF_PACKET */
  608. #if defined HAVE_BPF
  609. /**
  610. * Inner sendpacket_open() method for using BSD's BPF interface
  611. */
  612. static sendpacket_t *
  613. sendpacket_open_bpf(const char *device, char *errbuf)
  614. {
  615. sendpacket_t *sp;
  616. char bpf_dev[10];
  617. int dev, mysocket, link_offset, link_type;
  618. struct ifreq ifr;
  619. struct bpf_version bv;
  620. u_int v;
  621. #if defined(BIOCGHDRCMPLT) && defined(BIOCSHDRCMPLT)
  622. u_int spoof_eth_src = 1;
  623. #endif
  624. assert(device);
  625. assert(errbuf);
  626. memset(&ifr, '\0', sizeof(struct ifreq));
  627. dbg(1, "sendpacket: using BPF");
  628. /* open socket */
  629. mysocket = -1;
  630. for (dev = 0; dev <= 9; dev ++) {
  631. memset(bpf_dev, '\0', sizeof(bpf_dev));
  632. snprintf(bpf_dev, sizeof(bpf_dev), "/dev/bpf%d", dev);
  633. if ((mysocket = open(bpf_dev, O_RDWR, 0)) > 0) {
  634. break;
  635. }
  636. }
  637. /* error?? */
  638. if (mysocket < 0) {
  639. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE,
  640. "Unable to open /dev/bpfX: %s", strerror(errno));
  641. errbuf[SENDPACKET_ERRBUF_SIZE -1] = '\0';
  642. return NULL;
  643. }
  644. /* get BPF version */
  645. if (ioctl(mysocket, BIOCVERSION, (caddr_t)&bv) < 0) {
  646. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "Unable to get bpf version: %s", strerror(errno));
  647. return NULL;
  648. }
  649. if (bv.bv_major != BPF_MAJOR_VERSION || bv.bv_minor != BPF_MINOR_VERSION) {
  650. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "Kernel's bpf version is out of date.");
  651. return NULL;
  652. }
  653. /* attach to device */
  654. strlcpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
  655. if (ioctl(mysocket, BIOCSETIF, (caddr_t)&ifr) < 0) {
  656. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "Unable to bind %s to %s: %s",
  657. bpf_dev, device, strerror(errno));
  658. return NULL;
  659. }
  660. /* get datalink type */
  661. if (ioctl(mysocket, BIOCGDLT, (caddr_t)&v) < 0) {
  662. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE, "Unable to get datalink type: %s",
  663. strerror(errno));
  664. return NULL;
  665. }
  666. /*
  667. * NetBSD and FreeBSD BPF have an ioctl for enabling/disabling
  668. * automatic filling of the link level source address.
  669. */
  670. #if defined(BIOCGHDRCMPLT) && defined(BIOCSHDRCMPLT)
  671. if (ioctl(mysocket, BIOCSHDRCMPLT, &spoof_eth_src) == -1) {
  672. snprintf(errbuf, SENDPACKET_ERRBUF_SIZE,
  673. "Unable to enable spoofing src MAC: %s", strerror(errno));
  674. return NULL;
  675. }
  676. #endif
  677. /* assign link type and offset */
  678. switch (v) {
  679. case DLT_SLIP:
  680. link_offset = 0x10;
  681. break;
  682. case DLT_RAW:
  683. link_offset = 0x0;
  684. break;
  685. case DLT_PPP:
  686. link_offset = 0x04;
  687. break;
  688. case DLT_EN10MB:
  689. default: /* default to Ethernet */
  690. link_offset = 0xe;
  691. break;
  692. }
  693. #if _BSDI_VERSION - 0 > 199510
  694. switch (v) {
  695. case DLT_SLIP:
  696. v = DLT_SLIP_BSDOS;
  697. link_offset = 0x10;
  698. break;
  699. case DLT_PPP:
  700. v = DLT_PPP_BSDOS;
  701. link_offset = 0x04;
  702. break;
  703. }
  704. #endif
  705. link_type = v;
  706. /* allocate our sp handle, and return it */
  707. sp = (sendpacket_t *)safe_malloc(sizeof(sendpacket_t));
  708. strlcpy(sp->device, device, sizeof(sp->device));
  709. sp->handle.fd = mysocket;
  710. //sp->link_type = link_type;
  711. //sp->link_offset = link_offset;
  712. return sp;
  713. }
  714. /**
  715. * Get the interface hardware MAC address when using BPF
  716. */
  717. struct tcpr_ether_addr *
  718. sendpacket_get_hwaddr_bpf(sendpacket_t *sp)
  719. {
  720. int mib[6];
  721. size_t len;
  722. int8_t *buf, *next, *end;
  723. struct if_msghdr *ifm;
  724. struct sockaddr_dl *sdl;
  725. assert(sp);
  726. mib[0] = CTL_NET;
  727. mib[1] = AF_ROUTE;
  728. mib[2] = 0;
  729. mib[3] = AF_LINK;
  730. mib[4] = NET_RT_IFLIST;
  731. mib[5] = 0;
  732. if (sysctl(mib, 6, NULL, &len, NULL, 0) == -1) {
  733. sendpacket_seterr(sp, "%s(): sysctl(): %s", __func__, strerror(errno));
  734. return NULL;
  735. }
  736. buf = (int8_t *)safe_malloc(len);
  737. if (sysctl(mib, 6, buf, &len, NULL, 0) == -1) {
  738. sendpacket_seterr(sp, "%s(): sysctl(): %s", __func__, strerror(errno));
  739. safe_free(buf);
  740. return NULL;
  741. }
  742. end = buf + len;
  743. for (next = buf; next < end; next += ifm->ifm_msglen) {
  744. ifm = (struct if_msghdr *)next;
  745. if (ifm->ifm_type == RTM_IFINFO) {
  746. sdl = (struct sockaddr_dl *)(ifm + 1);
  747. if (strncmp(&sdl->sdl_data[0], sp->device, sdl->sdl_len) == 0) {
  748. memcpy(&sp->ether, LLADDR(sdl), ETHER_ADDR_LEN);
  749. break;
  750. }
  751. }
  752. }
  753. safe_free(buf);
  754. return(&sp->ether);
  755. }
  756. #endif /* HAVE_BPF */
  757. /**
  758. * Get the DLT type of the opened sendpacket
  759. * Return -1 if we can't figure it out, else return the DLT_ value
  760. */
  761. int
  762. sendpacket_get_dlt(sendpacket_t *sp)
  763. {
  764. int dlt;
  765. #if defined HAVE_BPF
  766. int rcode;
  767. if ((rcode = ioctl(sp->handle.fd, BIOCGDLT, &dlt)) < 0) {
  768. warnx("Unable to get DLT value for BPF device (%s): %s", sp->device, strerror(errno));
  769. return(-1);
  770. }
  771. #elif defined HAVE_PF_PACKET || defined HAVE_LIBNET
  772. /* use libpcap to get dlt */
  773. pcap_t *pcap;
  774. char errbuf[PCAP_ERRBUF_SIZE];
  775. if ((pcap = pcap_open_live(sp->device, 65535, 0, 0, errbuf)) == NULL) {
  776. warnx("Unable to get DLT value for %s: %s", sp->device, errbuf);
  777. return(-1);
  778. }
  779. dlt = pcap_datalink(pcap);
  780. pcap_close(pcap);
  781. #elif defined HAVE_PCAP_SENDPACKET || defined HAVE_PCAP_INJECT
  782. dlt = pcap_datalink(sp->handle.pcap);
  783. #endif
  784. return dlt;
  785. }