Improve handling of IPv6 routing type 0 extension headers.

- flow_weird event with name argument value of "routing0_hdr" is raised for packets containing an IPv6 routing type 0 header because this type of header is now deprecated according to RFC 5095. - packets with a routing type 0 header and non-zero segments left now use the last address in that header in order to associate with a connection/flow and for calculating TCP/UDP checksums. - added a set of IPv4/IPv6 TCP/UDP checksum unit tests
2025-10-08 01:28:20 +00:00 · 2012-03-27 16:05:45 -05:00 · 2012-03-27 16:05:45 -05:00 · f4101b5265
commit f4101b5265
parent d889f14638
39 changed files with 171 additions and 121 deletions
--- a/testing/btest/core/checksums.test
+++ b/testing/btest/core/checksums.test
@ -0,0 +1,15 @@
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip4-bad-chksum.pcap >>bad.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip4-tcp-bad-chksum.pcap >>bad.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip4-udp-bad-chksum.pcap >>bad.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-route0-tcp-bad-chksum.pcap >>bad.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-route0-udp-bad-chksum.pcap >>bad.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-tcp-bad-chksum.pcap >>bad.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-udp-bad-chksum.pcap >>bad.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip4-tcp-good-chksum.pcap >>good.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip4-udp-good-chksum.pcap >>good.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-route0-tcp-good-chksum.pcap >>good.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-route0-udp-good-chksum.pcap >>good.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-tcp-good-chksum.pcap >>good.out 2>&1
+# @TEST-EXEC: bro -b -r $TRACES/chksums/ip6-udp-good-chksum.pcap >>good.out 2>&1
+# @TEST-EXEC: btest-diff bad.out
+# @TEST-EXEC: btest-diff good.out
--- a/testing/btest/core/ipv6_ext_headers.test
+++ b/testing/btest/core/ipv6_ext_headers.test
@ -1,10 +1,22 @@
-# @TEST-EXEC: bro -C -b -r $TRACES/ext_hdr_hbh_routing.trace %INPUT >output
+# @TEST-EXEC: bro -b -r $TRACES/ipv6-hbh-routing0.trace %INPUT >output
 # @TEST-EXEC: btest-diff output

 # Just check that the event is raised correctly for a packet containing
 # extension headers.
-
 event ipv6_ext_headers(c: connection, p: pkt_hdr)
 	{
 	print p;
 	}
+
+# Also check the weird for routing type 0 extensions headers
+event flow_weird(name: string, src: addr, dst: addr)
+	{
+	print fmt("weird %s from %s to %s", name, src, dst);
+	}
+
+# And the connection for routing type 0 packets with non-zero segments left
+# should use the last address in that extension header.
+event new_connection(c: connection)
+	{
+	print c$id;
+	}