Annotation of embedaddon/hping2/docs/APD.txt, revision 1.1.1.1
1.1 misho 1: ARS Packet Description system
2:
3: This document describes the APD format. APD is a way to describe TCP/IP
4: packets, and it is used in high level functions of the ARS library.
5: The general format is the following:
6:
7: layer_type{field_1=value_1,field_2=value_2,...,field_n=value_n}
8:
9: more layers can be combined using the "+" simbol. Example:
10:
11: ip{dst=192.168.1.2}+udp{sport=53,dport=53}+data{file=./dns.packet}
12:
13: You don't need to specify fields that ARS can guess. For example
14: if you don't specify checksums they will be correctly generated
15: in the process of packet compilation.
16:
17: AVAILABLE LAYERS
18: ~~~~~~~~~~~~~~~~
19:
20: A layer type is one of the following:
21:
22: ip IP header
23: ipopt.eol IP option EOL
24: ipopt.nop IP option NOP
25: ipopt.sec IP option Security
26: ipopt.sid IP option Stream ID
27: ipopt.lsrr IP option Loose Source Routing
28: ipopt.ssrr IP option Strict Source Routing
29: ipopt.rr IP option Record Route
30: ipopt.ts IP option Timestamp
31: udp UDP header
32: tcp TCP header
33: tcpopt.end TCP option END
34: tcpopt.nop TCP option NOP
35: tcpopt.mss TCP option Max Segment Size
36: tcpopt.wscale TCP option Window Scale
37: tcpopt.sackperm TCP option Selective ACK permitted
38: tcpopt.sack TCP option Selevtive ACK
39: tcpopt.echo TCP option Echo Request
40: tcpopt.echoreply TCP option Echo Reply
41: tcpopt.ts TCP option Timestamp
42: icmp ICMP header
43: data Generic Data
44:
45: Different fields are defined for different layer types:
46:
47: IP FIELDS: DESCRIPTION: POSSIBLE VALUE:
48: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
49: saddr Source address 192.168.1.2, or www.yahoo.com
50: daddr Destination address 192.168.1.2, or www.yahoo.com
51: ihl IP header len numerical value
52: ver IP version numerical value
53: tos Type of Service numerical value
54: totlen IP tot len numerical value
55: id IP packet ID numerical value
56: fragoff IP fragment offset numerical vaule
57: mf More Fragment 0 or 1
58: df Dont Fragment 0 or 1
59: rf Reserved Frag. bit 0 or 1
60: ttl Time to Live numerical value
61: proto ip protocol field numerical value
62: cksum ip checksum numerical value
63:
64: UDP FIELDS: DESCRIPTION: POSSIBLE VALUE:
65: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
66: sport Source port numerical value
67: dport Destination port numerical value
68: len UDP len field numerical value
69: cksum UDP checksum numerical value
70:
71: TCP FIELDS: DESCRIPTION: POSSIBLE VALUE:
72: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73: sport Source port numerical value
74: dport Destination port numerical value
75: seq TCP sequence number numerical value
76: ack TCP acknowledge number numerical value
77: x2 TCP reserved bits numerical value
78: off TCP header size numerical value
79: flags TCP flags FSRPAUXY (see the example)
80: win TCP window numerical value
81: cksum TCP checksum numerical value
82: urp TCP urgent pointer numerical value
83:
84: ICMP FIELDS: DESCRIPTION: POSSIBLE VALUE:
85: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
86: type ICMP type numerical value
87: code ICMP code numerical value
88: cksum ICMP cksum numerical value
89: id ICMP echo ID numerical value
90: seq ICMP echo sequence nr numerical value
91: gw ICMP gateway 192.168.1.2 or www.yahoo.com
92:
93: DATA FIELDS: DESCRIPTION: POSSIBLE VALUE:
94: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
95: file Data file /etc/passwd
96: str A string hello world! (no escaping available)
97:
98:
99: Other layer types fields aren't still implemented, anyway
100: most of this contains sane defaults, (like IP record route option
101: and so on).
102:
103: You can specify numerical values as hex, octal and decimal numbers.
104:
105: Decimail: 10
106: Hex: 0xA
107: Octal: 012
108:
109: Examples
110: ~~~~~~~~
111:
112: /* Just an ICMP echo request */
113: ip{saddr=1.2.3.4,daddr=www.yahoo.com}+icmp{type=8,code=0}\
114: +data{str=hello world}
115:
116: /* An ICMP destination unreachable with the quoted UDP packet */
117: ip{saddr=1.2.3.4,daddr=5.6.7.8}+icmp{type=3,code=3}\
118: +ip{saddr=www.yahoo.com,daddr=1.2.3.4}+udp{sport=53,dport=53}\
119:
120: /* A TCP packet with the SYN flag set */
121: ip{saddr=1.2.3.4,daddr=5.6.7.8}+tcp{flags=S,dport=80,sport=10}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to APD.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / hping2 / docs