From owner-freebsd-hackers Sun May 5 11:30:50 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id LAA01228 for hackers-outgoing; Sun, 5 May 1996 11:30:50 -0700 (PDT) Received: from doorstep.unety.net (root@usi-00-10.Naperville.unety.net [204.70.107.30]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id LAA01223 for ; Sun, 5 May 1996 11:30:48 -0700 (PDT) Received: from webster.unety.net (webster.unety.net [206.31.202.8]) by doorstep.unety.net (8.6.9/8.6.9) with SMTP id NAA10827 for ; Sun, 5 May 1996 13:24:26 -0500 Received: by webster.unety.net with Microsoft Mail id <01BB3A86.B165FB60@webster.unety.net>; Sun, 5 May 1996 13:28:05 -0500 Message-ID: <01BB3A86.B165FB60@webster.unety.net> From: Jim Fleming To: "'FreeBSD-hackers@freebsd.org'" Subject: IPv8 Tutorial #2: Minimal IPv8 Output Hack Date: Sun, 5 May 1996 13:28:04 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk IPv8 Tutorial #2: Minimal IPv8 Output Hack --------------------------------------------------- OK...for those people that wrote asking how to generate IPv8 packets here is a very MINIMAL hack that will allow you to generate a few packets on your private systems. PLEASE DO NOT TEST THIS ON THE LEGACY INTERNET (it has enough trouble routing IPv4) Here is a very MINIMAL modification that can be added to: /usr/src/sys/netinet/ip_output.c @@@@ ORIGINAL CODE @@@@@@@@@ (about line 280) sendit: /* * If small enough for interface, can just send directly. */ if ((u_short)ip->ip_len <= ifp->if_mtu) { ip->ip_len = htons((u_short)ip->ip_len); ip->ip_off = htons((u_short)ip->ip_off); ip->ip_sum = 0; ip->ip_sum = in_cksum(m, hlen); error = (*ifp->if_output)(ifp, m, (struct sockaddr *)dst, ro->ro_rt); goto done; } @@@@ IPv8 TEST CODE @@@@@@@@@ sendit: /* * If small enough for interface, can just send directly. */ if ((u_short)ip->ip_len <= ifp->if_mtu) { ip->ip_len = htons((u_short)ip->ip_len); ip->ip_off = htons((u_short)ip->ip_off); /*@*/ /* note #1 */ if((ip->ip_v == 4) && (ip->ip_hl == 5)){ ip->ip_v = 8; /* note #2 */ ip->ip_hl = 0; /* note #3 */ ip->ip_sum = 0; /* note #4 */ } else{ ip->ip_sum = 0; ip->ip_sum = in_cksum(m, hlen); } /*@*/ error = (*ifp->if_output)(ifp, m, (struct sockaddr *)dst, ro->ro_rt); goto done; } @@@@@@@@@@@@@@@@@@@@@@ These changes do not require the IPv8 header files or any other variables or IPv8 routines. Here are some notes for the above: 1. Only small packets with simple IP headers are converted. With telnet and ping you can test some simple cases. If IPv8 traffic is carried on a separate network from IPv4, then it is difficult for crackers to be able to view all of the packets needed to understand a session. 2. By rights this should be: ip->ip_v = 0; ip->ip_v |= 8; /* Set Galaxy Information. */ 3. The ip_hl field in IPv8 is combined with the ip_v field and both should be set in one operation. The above is only a tutorial. 4. The ip_sum field carries the StarGate ids which are zero for the Legacy Internet. The statement ip->ip_sum = 0; could be moved before the if statement for only the Legacy Internet. In private systems security information can be placed here. The receiver will zap this and compute a valid checksum. (see IPv8 Tutorial #1: Minimal IPv8 hack) The header file found @ has constant definitions and macros that can make all this more lucid. Enjoy... -- Jim Fleming UNETY Systems, Inc. Naperville, IL e-mail: JimFleming@unety.net