search

lidebin / honeyd

Automatically exported from code.google.com/p/honeyd
0 stars 0 forks source link

Honeyd should be able to ignore packet checksums #17

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
On recent Linux systems, packets going through the loopback interface do
not get checksums inserted. This is reasonable behaviour as there is no
physical network to corrupt the data, but it does cause Honeyd to discard
the packets because the checksums are wrong.

I attach a patch for honeyd 1.5c that adds a new option: -N causes it to
ignore the checksums on TCP, UDP, and ICMP packets.

Andrew

Original issue reported on code.google.com by AFindl...@googlemail.com on 13 Nov 2009 at 3:52

Attachments:

GoogleCodeExporter commented 9 years ago 
Another alternative that would be nice would be to ignore checksums for packets 
received on the loopback 
interface, but I can't figure out how to get a handle to the interface where 
the packet originated in the 
functions where the checksum is validated (tcp_recv_cb, udp_recv_cb, etc.).

For now, I have made this change to honeyd_input function to force calculation 
of the checksum for a packet 
received on a loopback device. This isn't the optimal solution because it 
causes checksums to be computed 
twice and validated when they should just be ignored, however it avoids having 
another command-line 
argument to avoid checksumming.

--- a/honeyd.c
+++ b/honeyd.c
@@ -3016,6 +3016,10 @@ honeyd_input(const struct interface *inter, struct ip_hdr
 *ip, u_short iplen)
    int delay = 0, flags = 0;
    struct addr src, addr;

+   if (inter->if_ent.intf_flags & INTF_FLAG_LOOPBACK) {
+       /* Override checksum on IP packet to prevent drops */
+       ip_checksum(ip, iplen);
+   }
    addr_pack(&addr, ADDR_TYPE_IP, IP_ADDR_BITS, &ip->ip_dst, IP_ADDR_LEN);
    if (!router_used) {
        /* Check if a template specific drop rate applies */

Original comment by pkwar...@gmail.com on 17 May 2010 at 10:13

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
pkwar...@gmail.com I tried adding the four lines which you mentioned however it 
threw an error for me on ubuntu 12.04 with honeyd 1.5c

./configure went without an error

$ make
make  all-recursive
make[1]: Entering directory `/home/nobody/honeypot/honeyd-1.5c'
Making all in .
make[2]: Entering directory `/home/nobody/honeypot/honeyd-1.5c'
gcc -DHAVE_CONFIG_H -I. -I. -I. -I./ -I./compat -I/usr/local/include 
-I/usr/local/include -I/usr/local/include     -O2 -Wall -g 
-DPATH_HONEYDINCLUDE="\"/usr/local/include/honeyd\"" 
-DPATH_HONEYDDATA="\"/usr/local/share/honeyd\"" 
-DPATH_HONEYDLIB="\"/usr/local/lib/honeyd\"" -DHONEYD_PLUGINS_DECLARE="" 
-DHONEYD_PLUGINS="" -DPATH_RRDTOOL="\"\"" -c honeyd.c
In file included from stats.h:36:0,
                 from honeyd.c:98:
./compat/sha1.h:23:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:23:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:26:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:28:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:30:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:32:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:35:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:35:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
honeyd.c: In function ‘honeyd_input’:
honeyd.c:2844:2: error: invalid preprocessing directive #nobody
make[2]: *** [honeyd.o] Error 1
make[2]: Leaving directory `/home/nobody/honeypot/honeyd-1.5c'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/nobody/honeypot/honeyd-1.5c'
make: *** [all] Error 2
someone@somewhere:/home/nobody/honeypot/honeyd-1.5c$

Original comment by bala150...@gmail.com on 17 Oct 2013 at 5:56

GoogleCodeExporter commented 9 years ago 
The patch by  AFindl...@googlemail.com did work.

Original comment by bala150...@gmail.com on 17 Oct 2013 at 5:59

GoogleCodeExporter commented 9 years ago 
how can i applay the patch
i get this error

$make
make  all-recursive
make[1]: Entering directory `/root/Downloads/honeyd-1.5c'
Making all in .
make[2]: Entering directory `/root/Downloads/honeyd-1.5c'
gcc -DHAVE_CONFIG_H -I. -I. -I. -I./ -I./compat -I/usr/local/include 
-I/usr/local/include -I/usr/local/include     -O2 -Wall -g 
-DPATH_HONEYDINCLUDE="\"/usr/local/include/honeyd\"" 
-DPATH_HONEYDDATA="\"/usr/local/share/honeyd\"" 
-DPATH_HONEYDLIB="\"/usr/local/lib/honeyd\"" -DHONEYD_PLUGINS_DECLARE="" 
-DHONEYD_PLUGINS="" -DPATH_RRDTOOL="\"/usr/bin/rrdtool\"" -c honeyd.c
In file included from honeyd.c:97:0:
tagging.h:89:6: error: expected declaration specifiers or ‘...’ before 
‘(’ token
tagging.h:89:6: error: expected declaration specifiers or ‘...’ before 
‘(’ token
In file included from stats.h:36:0,
                 from honeyd.c:98:
./compat/sha1.h:23:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:23:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:26:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:28:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:30:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:32:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:35:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
./compat/sha1.h:35:3: warning: ‘__bounded__’ attribute directive ignored 
[-Wattributes]
make[2]: *** [honeyd.o] Error 1
make[2]: Leaving directory `/root/Downloads/honeyd-1.5c'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/root/Downloads/honeyd-1.5c'
make: *** [all] Error 2

Original comment by fayssal....@gmail.com on 25 Oct 2014 at 12:27