diff options
| author | Maximilian Bosch <maximilian@mbosch.me> | 2020-01-08 18:13:37 +0100 |
|---|---|---|
| committer | Maximilian Bosch <maximilian@mbosch.me> | 2020-01-08 20:10:45 +0100 |
| commit | 2543ca7de4ba192ad6533259a59140deda8b1064 (patch) | |
| tree | ee5c0aa38d54c26c3a6084b5b9eaa4cdbfdd83f6 /src/tests/cases/raw_mode.rs | |
| parent | 33fb8440b1f9c0ec45cfc0c3b6b0ea5c457ade6e (diff) | |
Ensure that layer3 packets are displayed as well
When using e.g. WireGuard (a VPN which completely acts on layer3), no
packages will be matched as it's attempted to parse those as
ethernet (=layer2) packets. This is a problem as all layer3-packets fail
to get parsed properly (due to different offsets in the packet, wrong
protocols will be determined for instance).
This change inherits the basic idea from
`<libpnet/examples/packetdump.rs>` to check if it's possible to parse
version info using the IpPacket-parsers and if that fails, the sniffer
will fall-back to the ethernet-based approach.
Diffstat (limited to 'src/tests/cases/raw_mode.rs')
| -rw-r--r-- | src/tests/cases/raw_mode.rs | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/src/tests/cases/raw_mode.rs b/src/tests/cases/raw_mode.rs index 5353fd0..054f37b 100644 --- a/src/tests/cases/raw_mode.rs +++ b/src/tests/cases/raw_mode.rs @@ -36,6 +36,23 @@ fn build_tcp_packet( pkt.packet().to_vec() } +fn build_ip_tcp_packet( + source_ip: &str, + destination_ip: &str, + source_port: u16, + destination_port: u16, + payload: &'static [u8], +) -> Vec<u8> { + let mut pkt_buf = [0u8; 1500]; + let pkt = packet_builder!( + pkt_buf, + ipv4({set_source => ipv4addr!(source_ip), set_destination => ipv4addr!(destination_ip) }) / + tcp({set_source => source_port, set_destination => destination_port }) / + payload(payload) + ); + pkt.packet().to_vec() +} + fn format_raw_output(output: Vec<u8>) -> String { let stdout_utf8 = String::from_utf8(output).unwrap(); use regex::Regex; @@ -45,6 +62,25 @@ fn format_raw_output(output: Vec<u8>) -> String { } #[test] +fn one_ip_packet_of_traffic() { + let network_frames = vec![NetworkFrames::new(vec![Some(build_ip_tcp_packet( + "10.0.0.2", + "1.1.1.1", + 443, + 12345, + b"I am a fake tcp packet", + ))]) as Box<dyn DataLinkReceiver>]; + let (_, _, backend) = test_backend_factory(190, 50); + let stdout = Arc::new(Mutex::new(Vec::new())); + let os_input = os_input_output_stdout(network_frames, 2, Some(stdout.clone())); + let opts = opts_raw(); + start(backend, os_input, opts); + let stdout = Arc::try_unwrap(stdout).unwrap().into_inner().unwrap(); + let formatted = format_raw_output(stdout); + assert_snapshot!(formatted); +} + +#[test] fn one_packet_of_traffic() { let network_frames = vec![NetworkFrames::new(vec![Some(build_tcp_packet( "10.0.0.2", |