Nmap Development mailing list archives
Re: Gsoc 2011 idea about IPv6
From: David Fifield <david () bamsoftware com>
Date: Thu, 24 Mar 2011 09:06:56 -0700
On Thu, Mar 24, 2011 at 10:21:55PM +0800, Xu Weilin wrote:
Hi all,
I have run ipv6.c program on my UBUNTU 10.10 and found some interesting
things.
1) The Traffic Class and Flow Label of IPv6 header cannot be set correctly
with the macro function ip6_pack_hdr() of Libdnet.
In the main() function we write
ip6_pack_hdr1(ip6_hdr, 0x12, 0xabcde, sizeof(packet) - sizeof(*ip6_hdr),
IP_PROTO_HOPOPTS, 13, src[0], dst[0]);
The Traffic Class should be 0x12 and the Flow Label should be 0xabcde, but
the values I captured in Wireshark were 0x10 and 0x0. The reason is that
Libdnet defines a specific operation on ip6->ip6_flow with a flowlabel mask:
ip6->ip6_flow = htonl(((uint32_t)(fc) << 28) & \
(IP6_FLOWLABEL_MASK | (fl)));
If I replace it with this:
ip6->ip6_flow = htonl(((uint32_t)(fc) << 20) | \
( (fl)));
Then the related values will be correct.
Since the flow label may be used for OS detection, we should be careful
about it.
Oh! Good find. I forgot to mention that I found the same bug, and it is fixed in newer versions of libdnet (including the libdnet that comes with Nmap).
2) send_ipv6_ip() couldn't work on my UBUNTU 10.10.
The sentence below returns '-1'
sd = socket(AF_INET6, SOCK_RAW, hdr->ip6_nxt);
and the next sentence 'perror("socket");'
prints 'socket: Protocol not supported'
This may need more tests.
I prefer to send_ipv6_eth() and send_ipv6_ipproto_raw() since they work well
and they are more powerful.
The different functions work on different operating systems--I think all three are necessary. Linux treats IPPROTO_RAW differently and incompatibly from different operating systems--it acts like IP_HDRINCL for IPv4 (header is included with packet payload). Linux uses send_ipv6_ipproto_raw. Other operating systems (like BSD) treat IPPROTO_RAW as nothing special, just IP protocol 255. They use send_ipv6_ip and use special functions to set header values. Windows doesn't support raw sockets at all, and the only way I know of is to use raw Ethernet sending with send_ipv6_eth. Other operating systems can also use send_ipv6_eth, but only on Ethernet devices, and not, for example, PPP devices. Raw sending on Windows with a non-Ethernet doesn't work at all, but it's the same for IPv4. So I think all three functions are necessary. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Gsoc 2011 idea about IPv6 许伟林 (Mar 19)
- Re: Gsoc 2011 idea about IPv6 David Fifield (Mar 21)
- Re: Gsoc 2011 idea about IPv6 Xu Weilin (Mar 24)
- Re: Gsoc 2011 idea about IPv6 David Fifield (Mar 24)
- Re: Gsoc 2011 idea about IPv6 Rob Nicholls (Mar 24)
- Re: Gsoc 2011 idea about IPv6 David Fifield (Mar 24)
- Re: Gsoc 2011 idea about IPv6 Xu Weilin (Mar 29)
- Re: Gsoc 2011 idea about IPv6 David Fifield (Mar 31)
- Re: Gsoc 2011 idea about IPv6 Xu Weilin (Mar 24)
- Re: Gsoc 2011 idea about IPv6 David Fifield (Mar 21)