[BACK]Return to APD.txt CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / hping2 / docs
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / hping2 / docs / APD.txt
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 22:11:37 2012 UTC (13 years, 1 month ago) by misho
Branches: hping2, MAIN
CVS tags: v2_0_0rc3p7, v2_0_0rc3p5, v2_0_0rc3p4, v2_0_0rc3p0, v2_0_0rc3, HEAD
hping2

    1: ARS Packet Description system
    2: 
    3:   This document describes the APD format. APD is a way to describe TCP/IP
    4:   packets, and it is used in high level functions of the ARS library.
    5:   The general format is the following:
    6: 
    7: 	layer_type{field_1=value_1,field_2=value_2,...,field_n=value_n}
    8: 
    9:   more layers can be combined using the "+" simbol. Example:
   10: 
   11: 	ip{dst=192.168.1.2}+udp{sport=53,dport=53}+data{file=./dns.packet}
   12: 
   13:   You don't need to specify fields that ARS can guess. For example
   14:   if you don't specify checksums they will be correctly generated
   15:   in the process of packet compilation.
   16: 
   17:   AVAILABLE LAYERS
   18:   ~~~~~~~~~~~~~~~~
   19: 
   20:   A layer type is one of the following:
   21: 
   22: 	ip			IP header
   23: 	ipopt.eol		IP option EOL
   24: 	ipopt.nop		IP option NOP
   25: 	ipopt.sec		IP option Security
   26: 	ipopt.sid		IP option Stream ID
   27: 	ipopt.lsrr		IP option Loose Source Routing
   28: 	ipopt.ssrr		IP option Strict Source Routing
   29: 	ipopt.rr		IP option Record Route
   30: 	ipopt.ts		IP option Timestamp
   31: 	udp			UDP header
   32: 	tcp			TCP header
   33: 	tcpopt.end		TCP option END
   34: 	tcpopt.nop		TCP option NOP
   35: 	tcpopt.mss		TCP option Max Segment Size
   36: 	tcpopt.wscale		TCP option Window Scale
   37: 	tcpopt.sackperm		TCP option Selective ACK permitted
   38: 	tcpopt.sack		TCP option Selevtive ACK
   39: 	tcpopt.echo		TCP option Echo Request
   40: 	tcpopt.echoreply	TCP option Echo Reply
   41: 	tcpopt.ts		TCP option Timestamp
   42: 	icmp			ICMP header
   43: 	data			Generic Data
   44: 
   45:   Different fields are defined for different layer types:
   46: 
   47:   IP FIELDS:	DESCRIPTION:		POSSIBLE VALUE:
   48:   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   49:   saddr		Source address		192.168.1.2, or www.yahoo.com
   50:   daddr		Destination address	192.168.1.2, or www.yahoo.com
   51:   ihl		IP header len		numerical value
   52:   ver		IP version		numerical value
   53:   tos		Type of Service		numerical value
   54:   totlen	IP tot len		numerical value
   55:   id		IP packet ID		numerical value
   56:   fragoff	IP fragment offset	numerical vaule
   57:   mf		More Fragment		0 or 1
   58:   df		Dont Fragment		0 or 1
   59:   rf		Reserved Frag. bit	0 or 1
   60:   ttl		Time to Live		numerical value
   61:   proto		ip protocol field	numerical value
   62:   cksum		ip checksum		numerical value
   63: 
   64:   UDP FIELDS:	DESCRIPTION:		POSSIBLE VALUE:
   65:   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   66:   sport		Source port		numerical value
   67:   dport		Destination port	numerical value
   68:   len		UDP len field		numerical value
   69:   cksum		UDP checksum		numerical value
   70: 
   71:   TCP FIELDS:	DESCRIPTION:		POSSIBLE VALUE:
   72:   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   73:   sport		Source port		numerical value
   74:   dport		Destination port	numerical value
   75:   seq		TCP sequence number	numerical value
   76:   ack		TCP acknowledge number	numerical value
   77:   x2		TCP reserved bits	numerical value
   78:   off		TCP header size		numerical value
   79:   flags		TCP flags		FSRPAUXY (see the example)
   80:   win		TCP window		numerical value
   81:   cksum		TCP checksum		numerical value
   82:   urp		TCP urgent pointer	numerical value
   83: 
   84:   ICMP FIELDS:	DESCRIPTION:		POSSIBLE VALUE:
   85:   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   86:   type		ICMP type		numerical value
   87:   code		ICMP code		numerical value
   88:   cksum		ICMP cksum		numerical value
   89:   id		ICMP echo ID		numerical value
   90:   seq		ICMP echo sequence nr   numerical value
   91:   gw		ICMP gateway		192.168.1.2 or www.yahoo.com
   92: 
   93:   DATA FIELDS:	DESCRIPTION:		POSSIBLE VALUE:
   94:   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   95:   file		Data file		/etc/passwd
   96:   str		A string		hello world! (no escaping available)
   97: 
   98: 
   99:   Other layer types fields aren't still implemented, anyway
  100:   most of this contains sane defaults, (like IP record route option
  101:   and so on).
  102: 
  103:   You can specify numerical values as hex, octal and decimal numbers.
  104: 
  105:   Decimail:	10
  106:   Hex:		0xA
  107:   Octal:	012
  108: 
  109:   Examples
  110:   ~~~~~~~~
  111: 
  112:   /* Just an ICMP echo request */
  113:   ip{saddr=1.2.3.4,daddr=www.yahoo.com}+icmp{type=8,code=0}\
  114:   +data{str=hello world}
  115: 
  116:   /* An ICMP destination unreachable with the quoted UDP packet */
  117:   ip{saddr=1.2.3.4,daddr=5.6.7.8}+icmp{type=3,code=3}\
  118:   +ip{saddr=www.yahoo.com,daddr=1.2.3.4}+udp{sport=53,dport=53}\
  119: 
  120:   /* A TCP packet with the SYN flag set */
  121:   ip{saddr=1.2.3.4,daddr=5.6.7.8}+tcp{flags=S,dport=80,sport=10}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>