Permalink
Browse files

Add support for VRRPv2 decoding

Addition of a VRRP layer that provides decoding for VRRPv2 messages (rfc3768)
  • Loading branch information...
jesseward committed Jul 10, 2016
1 parent a272c8a commit c429eb6cbfeeb5a2d474008a9ad82af7c5b389a1
Showing with 215 additions and 0 deletions.
  1. +1 −0 AUTHORS
  2. +2 −0 layers/enums.go
  3. +1 −0 layers/layertypes.go
  4. +156 −0 layers/vrrp.go
  5. +55 −0 layers/vrrp_test.go
View
@@ -24,6 +24,7 @@ Alexandre Fiori <fiorix@gmail.com>
Adrian Tam <adrian.c.m.tam@gmail.com>
Satoshi Matsumoto <kaorimatz@gmail.com>
David Stainton <dstainton415@gmail.com>
Jesse Ward <jesse@jesseward.com>
-----------------------------------------------
FORKED FROM github.com/akrennmair/gopcap
View
@@ -82,6 +82,7 @@ const (
IPProtocolIPv6Destination IPProtocol = 60
IPProtocolIPIP IPProtocol = 94
IPProtocolEtherIP IPProtocol = 97
IPProtocolVRRP IPProtocol = 112
IPProtocolSCTP IPProtocol = 132
IPProtocolUDPLite IPProtocol = 136
IPProtocolMPLSInIP IPProtocol = 137
@@ -461,6 +462,7 @@ func init() {
IPProtocolMetadata[IPProtocolMPLSInIP] = EnumMetadata{DecodeWith: gopacket.DecodeFunc(decodeMPLS), Name: "MPLS", LayerType: LayerTypeMPLS}
IPProtocolMetadata[IPProtocolNoNextHeader] = EnumMetadata{DecodeWith: gopacket.DecodePayload, Name: "NoNextHeader", LayerType: gopacket.LayerTypePayload}
IPProtocolMetadata[IPProtocolIGMP] = EnumMetadata{DecodeWith: gopacket.DecodeFunc(decodeIGMP), Name: "IGMP", LayerType: LayerTypeIGMP}
IPProtocolMetadata[IPProtocolVRRP] = EnumMetadata{DecodeWith: gopacket.DecodeFunc(decodeVRRP), Name: "VRRP", LayerType: LayerTypeVRRP}
SCTPChunkTypeMetadata[SCTPChunkTypeData] = EnumMetadata{DecodeWith: gopacket.DecodeFunc(decodeSCTPData), Name: "Data"}
SCTPChunkTypeMetadata[SCTPChunkTypeInit] = EnumMetadata{DecodeWith: gopacket.DecodeFunc(decodeSCTPInit), Name: "Init"}
View
@@ -120,6 +120,7 @@ var (
LayerTypeVXLAN = gopacket.RegisterLayerType(116, gopacket.LayerTypeMetadata{"VXLAN", gopacket.DecodeFunc(decodeVXLAN)})
LayerTypeNTP = gopacket.RegisterLayerType(117, gopacket.LayerTypeMetadata{"NTP", gopacket.DecodeFunc(decodeNTP)})
LayerTypeDHCPv4 = gopacket.RegisterLayerType(118, gopacket.LayerTypeMetadata{"DHCPv4", gopacket.DecodeFunc(decodeDHCPv4)})
LayerTypeVRRP = gopacket.RegisterLayerType(119, gopacket.LayerTypeMetadata{"VRRP", gopacket.DecodeFunc(decodeVRRP)})
)
var (
View
@@ -0,0 +1,156 @@
// Copyright 2016 Google, Inc. All rights reserved.
//
// Use of this source code is governed by a BSD-style license
// that can be found in the LICENSE file in the root of the source
// tree.
package layers
import (
"encoding/binary"
"fmt"
"net"
"github.com/google/gopacket"
)
/*
This layer provides decoding for Virtual Router Redundancy Protocol (VRRP) v2.
https://tools.ietf.org/html/rfc3768#section-5
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Type | Virtual Rtr ID| Priority | Count IP Addrs|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Auth Type | Adver Int | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address (1) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| . |
| . |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address (n) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Authentication Data (1) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Authentication Data (2) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
type VRRPv2Type uint8
type VRRPv2AuthType uint8
const (
VRRPv2Advertisement VRRPv2Type = 0x01 // router advertisement
)
// String conversions for VRRP message types
func (v VRRPv2Type) String() string {
switch v {
case VRRPv2Advertisement:
return "VRRPv2 Advertisement"
default:
return ""
}
}
const (
VRRPv2AuthNoAuth VRRPv2AuthType = 0x00 // No Authentication
VRRPv2AuthReserved1 VRRPv2AuthType = 0x01 // Reserved field 1
VRRPv2AuthReserved2 VRRPv2AuthType = 0x02 // Reserved field 2
)
func (v VRRPv2AuthType) String() string {
switch v {
case VRRPv2AuthNoAuth:
return "No Authentication"
case VRRPv2AuthReserved1:
return "Reserved"
case VRRPv2AuthReserved2:
return "Reserved"
default:
return ""
}
}
// VRRPv2 represents an VRRP v2 message.
type VRRPv2 struct {
BaseLayer
Version uint8 // The version field specifies the VRRP protocol version of this packet (v2)
Type VRRPv2Type // The type field specifies the type of this VRRP packet. The only type defined in v2 is ADVERTISEMENT
VirtualRtrID uint8 // identifies the virtual router this packet is reporting status for
Priority uint8 // specifies the sending VRRP router's priority for the virtual router (100 = default)
CountIPAddr uint8 // The number of IP addresses contained in this VRRP advertisement.
AuthType VRRPv2AuthType // identifies the authentication method being utilized
AdverInt uint8 // The Advertisement interval indicates the time interval (in seconds) between ADVERTISEMENTS. The default is 1 second
Checksum uint16 // used to detect data corruption in the VRRP message.
IPAddress []net.IP // one or more IP addresses associated with the virtual router. Specified in the CountIPAddr field.
}
// LayerType returns LayerTypeVRRP for VRRP v2 or a CARP message protocol formats.
func (v *VRRPv2) LayerType() gopacket.LayerType { return LayerTypeVRRP }
func (v *VRRPv2) DecodeFromBytes(data []byte, df gopacket.DecodeFeedback) error {
v.BaseLayer = BaseLayer{Contents: data[:len(data)]}
v.Version = data[0] >> 4 // high nibble == VRRP version. We're expecting v2
v.Type = VRRPv2Type(data[0] & 0x0F) // low nibble == VRRP type. Expecting 1 (advertisement)
if v.Type != 1 {
// rfc3768: A packet with unknown type MUST be discarded.
fmt.Errorf("Unrecognized VRRPv2 type field.")
}
v.VirtualRtrID = data[1]
v.Priority = data[2]
v.CountIPAddr = data[3]
if v.CountIPAddr < 1 {
fmt.Errorf("VRRPv2 number of IP addresses is not valid.")
}
v.AuthType = VRRPv2AuthType(data[4])
v.AdverInt = uint8(data[5])
v.Checksum = binary.BigEndian.Uint16(data[6:8])
// populate the IPAddress field. The number of addresses is specified in the v.CountIPAddr field
// offset references the starting byte containing the list of ip addresses
offset := 8
for i := uint8(0); i < v.CountIPAddr; i++ {
v.IPAddress = append(v.IPAddress, data[offset:offset+4])
offset += 4
}
// any trailing packets here may be authentication data and *should* be ignored in v2 as per RFC
//
// 5.3.10. Authentication Data
//
// The authentication string is currently only used to maintain
// backwards compatibility with RFC 2338. It SHOULD be set to zero on
// transmission and ignored on reception.
return nil
}
// CanDecode specifies the layer type in which we are attempting to unwrap.
func (v *VRRPv2) CanDecode() gopacket.LayerClass {
return LayerTypeVRRP
}
// NextLayerType specifies the next layer that should be decoded. VRRP does not contain any further payload, so we set to 0
func (v *VRRPv2) NextLayerType() gopacket.LayerType {
return gopacket.LayerTypeZero
}
// The VRRP packet does not include payload data. Setting byte slice to nil
func (v *VRRPv2) Payload() []byte {
return nil
}
// decodeVRRP will parse VRRP v2
func decodeVRRP(data []byte, p gopacket.PacketBuilder) error {
if len(data) < 8 {
return fmt.Errorf("Not a valid VRRP packet. Packet length is too small.")
}
v := &VRRPv2{}
return decodingLayerDecoder(v, data, p)
}
View
@@ -0,0 +1,55 @@
// Copyright 2016 Google, Inc. All rights reserved.
//
// Use of this source code is governed by a BSD-style license
// that can be found in the LICENSE file in the root of the source
// tree.
package layers
import (
"github.com/google/gopacket"
"testing"
)
// vrrpPacketPriority100 is the packet:
// 06:12:21.813317 IP 192.168.0.30 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 100, authtype none, intvl 1s, length 20
// 0x0000: 0100 5e00 0012 0000 5e00 0101 0800 45c0 ..^.....^.....E.
// 0x0010: 0028 0000 0000 ff70 19cd c0a8 001e e000 .(.....p........
// 0x0020: 0012 2101 6401 0001 ba52 c0a8 0001 0000 ..!.d....R......
// 0x0030: 0000 0000 0000 0000 0000 0000 ............
var vrrpPacketPriority100 = []byte{
0x01, 0x00, 0x5e, 0x00, 0x00, 0x12, 0x00, 0x00, 0x5e, 0x00, 0x01, 0x01, 0x08, 0x00, 0x45, 0xc0,
0x00, 0x28, 0x00, 0x00, 0x00, 0x00, 0xff, 0x70, 0x19, 0xcd, 0xc0, 0xa8, 0x00, 0x1e, 0xe0, 0x00,
0x00, 0x12, 0x21, 0x01, 0x64, 0x01, 0x00, 0x01, 0xba, 0x52, 0xc0, 0xa8, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
}
func TestVRRPPacketPacket0(t *testing.T) {
p := gopacket.NewPacket(vrrpPacketPriority100, LinkTypeEthernet, gopacket.Default)
if p.ErrorLayer() != nil {
t.Error("Failed to decode packet", p.ErrorLayer().Error())
}
checkLayers(p, []gopacket.LayerType{LayerTypeEthernet, LayerTypeIPv4, LayerTypeVRRP}, t)
// Version=2 Type=VRRPv2 Advertisement VirtualRtrID=1 Priority=100
vrrp := p.Layer(LayerTypeVRRP).(*VRRPv2)
if vrrp.Version != 2 {
t.Fatalf("Unable to decode VRRPv2 version. Received %d, expected %d", vrrp.Version, 2)
}
if vrrp.Type != 1 {
t.Fatalf("Unable to decode VRRPv2 type. Received %d, expected %d", vrrp.Type, 1)
}
if vrrp.Priority != 100 {
t.Fatalf("Unable to decode VRRPv2 priority. Received %d, expected %d", vrrp.Priority, 100)
}
if vrrp.Checksum != 47698 {
t.Fatalf("Unable to decode VRRPv2 checksum. Received %d, expected %d", vrrp.Checksum, 47698)
}
}
func BenchmarkDecodeVRRPPacket0(b *testing.B) {
for i := 0; i < b.N; i++ {
gopacket.NewPacket(vrrpPacketPriority100, LayerTypeEthernet, gopacket.NoCopy)
}
}

0 comments on commit c429eb6

Please sign in to comment.