Adding support to spoof ipv6 #37
Conversation
|
Thanks for your patch. I'll try to review it soon. On which systems did you test this? |
|
This was mainly developed on OSX El Capatian, and then was tested on CentOS 7 and a Gentoo based system running a 3.18.34 kernel. To compile on Linux you need to run configure with
as the in6_pktinfo struct is guarded for some reason in glibc. The OSX only implementation was a little cleaner, as I was still using a SOCK_RAW and writing out the UDP header and calculating the checksums, but when I switched to Linux the sendmsg syscall was throwing a EINVAL so I switched to a SOCK_DGRAM and stopped writing the UDP header. |
|
This would close #16 |
|
One thing a tester noticed for this was the spoofing does not work with IPv6 mapped IPv4 addresses. This appears to be a limitation of the Linux networking stack to not accept IPV6_PKTINFO metadata for those kinds of addresses. |
Samplicator can not spoof IPv6 packes as well as IPv4 packets.
|
We have been using this in production for months now and there are no problems with it. |
|
Does linux need some special configuration for this? I haven't been able to get this to work on centos, debian, or raspian :/ |
|
@dkhenry Which flag in the samplicate command did you use to indicate it to listen to ipv6 addresses? |
|
Hi @indirakas you don't have to give any command to listen on ipv6, this patch allows you to spoof ipv6 addresses when you send out the packets, without it you will always send packets as the samplicator host IP |
|
@dkhenry Hello, I work with Indira and we are trying to implement your wonderful patch to enable spoofing for ipv6. Did you happen to also modify rawsend.h? When we compile we get a problem with struct in6_pktinfo. rawsend.c:178:41: error: invalid application of ‘sizeof’ to incomplete type ‘struct in6_pktinfo’ I'm not a C coder but I wonder if in6_pktinfo needs to be declared somewhere? rawsend.c:187:11: error: dereferencing pointer to incomplete type Thank you! |
|
@pwefel did you compile it with |
|
@dkhenry Bingo! that did the trick. Thank you so much. (I guess I should have seen the note at the beginning of this thread ) |
|
@dkhenry We are close, but something is still not right. Running from the cli with -S option fails to send. Removing the -S option works but uses the default port of 2000 and without spoofing the source IP. Any ideas on this? Below is the output with and without -S (using -d for debug) and the contents of the .conf file [root@collect-west samplicator]# ./samplicate -S -6 -d 1 -p 40033 -c /usr/local/esnet/var/samplicator/samplicator13.conf [root@collect-west samplicator]# cat samplicator13.conf Thanks. |
|
for the conf file it looks like you have the format wrong, its expecting a As for. the spoofing, I do remember that on some systems the kernel wouldn't allow you to spoof this way. I believe it was OSX that prohibited you from sending spoofed ipv6 unless you used lower level methods. |
|
Is this a correct format then: |
|
I believe the first way is.
…On Thu, Apr 29, 2021, 9:01 PM indirakas ***@***.***> wrote:
Is this a correct format then:
[::]/0: [2001:400:210:155::61]/9996
or
[::/0]: [2001:400:210:155::61/9996]
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#37 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AADXRK7E7J26L3EJ6GMCMYTTLITQ7ANCNFSM4CI56V3A>
.
|
|
It is still failing then with the "Invalid argument" error: |
|
@indirakas On newer kernels an extra |
Samplicator can now spoof IPv6 packes as well as IPv4 packets.