feat(packet): Add module for low-level packet construction and parsing

Signed-off-by: Jianhui Zhao <[email protected]>

Author: zhaojh329

CMakeLists.txt

@@ -191,7 +191,7 @@ install(
 )
 
 install(
-    FILES time.lua sys.lua file.lua dns.lua socket.lua mqtt.lua
+    FILES time.lua sys.lua file.lua dns.lua socket.lua packet.lua mqtt.lua
         websocket.lua sync.lua nl.lua genl.lua ip.lua nl80211.lua
     DESTINATION ${LUA_INSTALL_PREFIX}/eco
 )

README.md

@@ -41,6 +41,7 @@ Lua-eco also provides some modules for you to build applications quickly:
 * `nl80211`: Show/manipulate wireless devices and their configuration.
 * `termios`: Bind unix API for terminal/serial I/O.
 * `ssh`: Bind libssh2.
+* `packet`: For low-level packet construction and parsing.
 
 Would you like to try it? Kinda interesting.
 
@@ -98,3 +99,4 @@ end, 'eco2')
             <*> lua-eco-websocket........................... websocket support for lua-eco
             <*> lua-eco-netlink............................... netlink support for lua-eco
             <*> lua-eco-nl80211............................... nl80211 support for lua-eco
+            <*> lua-eco-packet................................. packet support for lua-eco

README_ZH.md

@@ -44,6 +44,7 @@ Lua-eco 还提供了一些有用的模块，方便您快速构建应用程序:
 * `nl80211`: 显示/操作无线设备及其配置。
 * `termios`: 绑定 unix 接口用于操作终端和串口。
 * `ssh`: 绑定 libssh2.
+* `packet`: 分析和构造任意网络报文.
 
 想试试吗？很有趣的!
 
@@ -99,3 +100,4 @@ end, 'eco2')
             <*> lua-eco-websocket........................... websocket support for lua-eco
             <*> lua-eco-netlink............................... netlink support for lua-eco
             <*> lua-eco-nl80211............................... nl80211 support for lua-eco
+            <*> lua-eco-packet................................. packet support for lua-eco

examples/socket/icmp/ping.lua

@@ -6,46 +6,13 @@
 --]]
 
 local socket = require 'eco.socket'
+local packet = require 'eco.packet'
 local time = require 'eco.time'
 
-local ICMP_HEADER_LEN = 8
-
 local dest_ip = '127.0.0.1'
 local local_id = math.random(0, 65535)
-local local_seq = 1
 local local_data = 'hello'
-
-local function build_icmp_req()
-    local data = {
-        string.char(socket.ICMP_ECHO), -- type
-        '\0',        -- code
-        '\0\0',      -- checksum
-        '\0\0',      -- id: the kernel will assign it with local port
-        string.char(local_seq >> 8, local_seq & 0xff),   -- sequence
-        local_data
-    }
-
-    local_seq = local_seq + 1
-
-    return table.concat(data)
-end
-
-local function parse_icmp_resp(data)
-    if #data < ICMP_HEADER_LEN then
-        return nil, 'invalid icmp resp'
-    end
-
-    local icmp_type = data:byte(1)
-    local id_hi = data:byte(5)
-    local id_lo = data:byte(6)
-    local id = (id_hi << 8) + id_lo
-
-    local seq_hi = data:byte(7)
-    local seq_lo = data:byte(8)
-    local seq = (seq_hi << 8) + seq_lo
-
-    return icmp_type, id, seq, #data - ICMP_HEADER_LEN
-end
+local local_seq = 1
 
 local s, err = socket.icmp()
 if not s then
@@ -60,34 +27,32 @@ s:bind(nil, local_id)
 print(string.format('PING %s, %d bytes of data.', dest_ip, #local_data))
 
 while true do
-    local _, err = s:sendto(build_icmp_req(), dest_ip, 0)
+    local pkt = packet.icmp(socket.ICMP_ECHO, 0, 0, local_seq, 'hello')
+    local_seq = local_seq + 1
+
+    local _, err = s:sendto(pkt, dest_ip, 0)
     if err then
         print('send fail:', err)
         break
     end
 
     local start = time.now()
 
-    local resp, peer = s:recvfrom(1024, 5.0)
-    if not resp then
+    local data, peer = s:recvfrom(1024, 5.0)
+    if not data then
         print('recv fail:', peer)
         break
     end
 
-    local elapsed = time.now() - start
-
-    local icmp_type, id, seq, n = parse_icmp_resp(resp)
+    pkt = packet.from_icmp(data)
 
-    if icmp_type then
-        if icmp_type == socket.ICMP_ECHOREPLY then
-            if id == local_id then
-                print(string.format('%d bytes from %s: icmp_seq=%d time=%.3f ms', n, peer.ipaddr, seq, elapsed * 1000))
-            end
-        else
-            print('Got ICMP packet with type ' .. icmp_type)
+    if pkt.type == socket.ICMP_ECHOREPLY then
+        if pkt.id == local_id then
+            local elapsed = time.now() - start
+            print(string.format('%d bytes from %s: icmp_seq=%d time=%.3f ms', #pkt.data, peer.ipaddr, pkt.sequence, elapsed * 1000))
         end
     else
-        print(id)
+        print('Got ICMP packet with type ' .. pkt.type)
     end
 
     time.sleep(1.0)

examples/socket/icmp/ping6.lua

@@ -6,47 +6,14 @@
 --]]
 
 local socket = require 'eco.socket'
+local packet = require 'eco.packet'
 local time = require 'eco.time'
 
-local ICMP6_HEADER_LEN = 8
-
 local dest_ip = '::1'
 local local_id = math.random(0, 65535)
 local local_seq = 1
 local local_data = 'hello'
 
-local function build_icmp_req()
-    local data = {
-        string.char(socket.ICMPV6_ECHO_REQUEST), -- type
-        '\0',        -- code
-        '\0\0',      -- checksum
-        '\0\0',      -- id: the kernel will assign it with local port
-        string.char(local_seq >> 8, local_seq & 0xff),   -- sequence
-        local_data
-    }
-
-    local_seq = local_seq + 1
-
-    return table.concat(data)
-end
-
-local function parse_icmp_resp(data)
-    if #data < ICMP6_HEADER_LEN then
-        return nil, 'invalid icmp resp'
-    end
-
-    local icmp_type = data:byte(1)
-    local id_hi = data:byte(5)
-    local id_lo = data:byte(6)
-    local id = (id_hi << 8) + id_lo
-
-    local seq_hi = data:byte(7)
-    local seq_lo = data:byte(8)
-    local seq = (seq_hi << 8) + seq_lo
-
-    return icmp_type, id, seq, #data - ICMP6_HEADER_LEN
-end
-
 local s, err = socket.icmp6()
 if not s then
     print(err)
@@ -60,34 +27,32 @@ s:bind(nil, local_id)
 print(string.format('PING %s, %d bytes of data.', dest_ip, #local_data))
 
 while true do
-    _, err = s:sendto(build_icmp_req(), dest_ip, 0)
+    local pkt = packet.icmp6(socket.ICMPV6_ECHO_REQUEST, 0, 0, local_seq, 'hello')
+    local_seq = local_seq + 1
+
+    _, err = s:sendto(pkt, dest_ip, 0)
     if err then
         print('send fail:', err)
         break
     end
 
     local start = time.now()
 
-    local resp, peer = s:recvfrom(1024, 5.0)
-    if not resp then
+    local data, peer = s:recvfrom(1024, 5.0)
+    if not data then
         print('recv fail:', peer)
         break
     end
 
-    local elapsed = time.now() - start
-
-    local icmp_type, id, seq, n = parse_icmp_resp(resp)
+    pkt = packet.from_icmp6(data)
 
-    if icmp_type then
-        if icmp_type == socket.ICMPV6_ECHO_REPLY then
-            if id == local_id then
-                print(string.format('%d bytes from %s: icmp_seq=%d time=%.3f ms', n, peer.ipaddr, seq, elapsed * 1000))
-            end
-        else
-            print('Got ICMP packet with type ' .. icmp_type)
+    if pkt.type == socket.ICMPV6_ECHO_REPLY then
+        if pkt.id == local_id then
+            local elapsed = time.now() - start
+            print(string.format('%d bytes from %s: icmp_seq=%d time=%.3f ms', #pkt.data, peer.ipaddr, pkt.sequence, elapsed * 1000))
         end
     else
-        print(id)
+        print('Got ICMP packet with type ' .. pkt.type)
     end
 
     time.sleep(1.0)

examples/socket/packet/arp-scan.lua

@@ -0,0 +1,112 @@
+#!/usr/bin/env eco
+
+local socket = require 'eco.socket'
+local packet = require 'eco.packet'
+local link = require 'eco.ip'.link
+local sync = require 'eco.sync'
+local time = require 'eco.time'
+local sys = require 'eco.sys'
+
+sys.signal(sys.SIGINT, function()
+    print('\nGot SIGINT, now quit')
+    eco.unloop()
+end)
+
+local function usage()
+    print('Usage:', arg[0], 'eth0', '192.168.1.1/24')
+    os.exit(1)
+end
+
+if #arg < 2 then
+    usage()
+end
+
+local function get_dev_mac(dev)
+    local res, err = link.get(dev)
+    if not res then
+        error('get link:' .. err)
+    end
+
+    return res.address
+end
+
+local function send_arp(sock, dev, sender_mac, destination)
+    local arp_pkt = packet.arp(socket.ARPOP_REQUEST, sender_mac, nil, nil, destination)
+    local eth_pkt = packet.ether(sender_mac, 'ff:ff:ff:ff:ff:ff', socket.ETH_P_ARP, arp_pkt)
+
+    sock:sendto(eth_pkt, { ifname = dev })
+end
+
+local function generate_ips(subnet)
+    local base_ip, cidr = subnet:match('([%d%.]+)/(%d+)')
+    if not base_ip then
+        return nil
+    end
+
+    local base = socket.ntohl(socket.inet_aton(base_ip))
+    local mask = (~0 << (32 - cidr)) & 0xffffffff
+    local network = base & mask
+    local broadcast = network | ((-(mask & 0xffffffff) - 1) & 0xffffffff)
+    local curr_ip  = network
+
+    local ips = {}
+    local cnt = 0
+
+    while curr_ip < broadcast do
+        local ip = socket.inet_ntoa(socket.htonl(curr_ip))
+        ips[ip]= true
+        cnt = cnt + 1
+        curr_ip = curr_ip + 1
+    end
+
+    return ips, cnt
+end
+
+local device = arg[1]
+local destination = arg[2]
+
+local sender_mac = get_dev_mac(device)
+
+local ips, cnt = generate_ips(destination)
+if not ips or cnt < 1 then
+    usage()
+end
+
+local wg = sync.waitgroup()
+
+wg:add(cnt)
+
+local sock, err = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(socket.ETH_P_ARP))
+if not sock then
+    error(err)
+end
+
+eco.run(function()
+    while true do
+        local data, addr = sock:recvfrom(4096)
+        if not data then
+            error(addr)
+        end
+
+        local l2 = packet.from_ether(data)
+        if l2.proto == socket.ETH_P_ARP then
+            local l3 = l2:next()
+            if l3 and l3.op == socket.ARPOP_REPLY then
+                if ips[l3.sip] then
+                    print(l3.sha, l3.sip)
+                    wg:done()
+                end
+            end
+        end
+    end
+end)
+
+eco.run(function()
+    for ip in pairs(ips) do
+        send_arp(sock, device, sender_mac, ip)
+        time.sleep(0.01)
+    end
+end)
+
+wg:wait(5)
+os.exit(0)