Skip site navigation (1)Skip section navigation (2) 
Date:      19 Jan 2000 14:56:10 +0100
From:      Dag-Erling Smorgrav <des@flood.ping.uio.no>
To:        hackers@freebsd.org, security@freebsd.org
Subject:   New option to ping(8): dump packet contents
Message-ID:  <xzpd7qymah1.fsf@flood.ping.uio.no>
next in thread | raw e-mail | index | archive | help 
--=-=-=

The attached patch adds a -D option to ping(8) which makes it dump the
payload of the reply packet instead of comparing it to the payload of
the original request packet. This is useful in cases where the target
host purposeldy modifies the payload before replying, e.g. if you hack
your stack to report the load average in echo reply packets.

DES
-- 
Dag-Erling Smorgrav - des@flood.ping.uio.no


--=-=-=
Content-Disposition: attachment; filename=ping-dump.diff
Content-Description: patch

Index: ping.c
===================================================================
RCS file: /home/ncvs/src/sbin/ping/ping.c,v
retrieving revision 1.49
diff -u -r1.49 ping.c
--- ping.c	2000/01/14 23:40:38	1.49
+++ ping.c	2000/01/19 13:48:53
@@ -133,6 +133,7 @@
 #define F_POLICY	0x4000
 #endif /*IPSEC_POLICY_IPSEC*/
 #endif /*IPSEC*/
+#define F_DUMP		0x8000
 
 /*
  * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum
@@ -234,10 +235,10 @@
 
 	datap = &outpack[8 + PHDR_LEN];
 #ifndef IPSEC
-	while ((ch = getopt(argc, argv, "I:LQRT:c:adfi:l:np:qrs:t:v")) != -1)
+	while ((ch = getopt(argc, argv, "I:LQRT:c:adDfi:l:np:qrs:t:v")) != -1)
 #else
 #ifdef IPSEC_POLICY_IPSEC
-	while ((ch = getopt(argc, argv, "I:LQRT:c:adfi:l:np:qrs:t:vP:")) != -1)
+	while ((ch = getopt(argc, argv, "I:LQRT:c:adDfi:l:np:qrs:t:vP:")) != -1)
 #endif /*IPSEC_POLICY_IPSEC*/
 #endif
 	{
@@ -256,6 +257,9 @@
 		case 'd':
 			options |= F_SO_DEBUG;
 			break;
+		case 'D':
+			options |= F_DUMP;
+			break;
 		case 'f':
 			if (uid) {
 				errno = EPERM;
@@ -837,7 +841,13 @@
 			cp = (u_char*)&icp->icmp_data[PHDR_LEN];
 			dp = &outpack[8 + PHDR_LEN];
 			for (i = PHDR_LEN; i < datalen; ++i, ++cp, ++dp) {
-				if (*cp != *dp) {
+				if (options & F_DUMP) {
+					if ((i - PHDR_LEN) % 16 == 8)
+						putchar(' ');
+					if ((i - PHDR_LEN) % 16 == 0)
+						putchar('\n');
+					printf(" %02x", *dp);
+				} else if (*cp != *dp) {
 	(void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x",
 	    i, *dp, *cp);
 					printf("\ncp:");

--=-=-=--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpd7qymah1.fsf>