PERFORCE change 101395 for review

Wed Jul 12 16:18:40 UTC 2006

http://perforce.freebsd.org/chv.cgi?CH=101395

Change 101395 by clem1 at clem1_ipv6vulns on 2006/07/12 16:18:23

	syslog DAD messages and print if the node claims to be a router or not.	

Affected files ...

.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/db.c#2 edit
.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/ndpwatch.c#2 edit
.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.c#2 edit
.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.h#2 edit

Differences ...

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/db.c#2 (text+ko) ====

@@ -90,7 +90,7 @@
 	register u_int len;
 	u_char *e2;
 	time_t t2;
-    
+
 	/* Lookup ipv6 address */
 	ap = ainfo_find(a);
     
@@ -99,7 +99,7 @@
 		ep = ap->elist[0];
 		if (MEMCMP(e, ep->e, 6) == 0) {
 			if (t - ep->t > NEWACTIVITY_DELTA) {
-                report("new activity", a, e, NULL, &t, &ep->t);
+                report("new activity", a, e, NULL, r, &t, &ep->t);
 			}
 			ep->t = t;
 			return (1);
@@ -110,7 +110,7 @@
 	if (ap->ecount == 0) {
 		ap->ecount = 1;
 		ap->elist[0] = elist_alloc(a, e, t, h);
-		report("new station", a, e, NULL, &t, NULL);
+		report("new station", a, e, NULL, r, &t, NULL);
 		return (1);
 	}
 
@@ -134,7 +134,7 @@
 	/* New ether address */
 	e2 = ap->elist[0]->e;
 	t2 = ap->elist[0]->t;
-	report("changed ethernet address", a, e, e2, &t, &t2);
+	report("changed ethernet address", a, e, e2, r, &t, &t2);
 	/* Make room at head of list */
 	alist_alloc(ap);
 	len = ap->ecount * sizeof(ap->elist[0]);

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/ndpwatch.c#2 (text+ko) ====

@@ -239,6 +239,15 @@
     ndp = (struct ndp_header *)(pk + ph->len - NDP_S - NDP_OPT_S);
     opt = (struct ndp_option *)(pk + ph->len - NDP_OPT_S);
 
+    /* is it a DAD message ? */
+    if (IN6_IS_ADDR_UNSPECIFIED(&ip6->src) && ndp->type == 135)
+    {
+        syslog(LOG_NOTICE, "Duplicated address detection asked for "
+                "%s from %s\n", inet_ntop(AF_INET6, &ndp->target, ip, 
+                    INET6_ADDRSTRLEN), e2str(opt->mac));
+        return;
+    }
+
     if (!sanity_icmp6(ndp, opt))
     {
         /* syslog has been filled */
@@ -254,7 +263,7 @@
         return;
     }
     t = ph->ts.tv_sec;
-    if (!ent_add(&ndp->target, opt->mac, ndp->reserved >> 31, t, NULL))
+    if (!ent_add(&ndp->target, opt->mac, ndp->reserved >> 7, t, NULL))
     {
         syslog(LOG_ERR, "ent_addr(%s, %s, ...) failed\n",
                 inet_ntop(AF_INET6, &ndp->target, ip, INET6_ADDRSTRLEN),

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.c#2 (text+ko) ====

@@ -220,7 +220,8 @@
 
 void
 report(register char *title, struct in6_addr *a, register u_char *e1,
-    register u_char *e2, register time_t *t1p, register time_t *t2p)
+    register u_char *e2, register u_int8_t r, register time_t *t1p, 
+    register time_t *t2p)
 {
 	register char *cp;
 	register int fd, pid;
@@ -293,6 +294,7 @@
 	(void)fprintf(f, fmt, "ip address", inet_ntop(AF_INET6, a, ip, 
                                                   INET6_ADDRSTRLEN));
 	(void)fprintf(f, fmt, "ethernet address", e2str(e1));
+    (void)fprintf(f, fmt, "router", (r) ? "YES" : "no");
 	if (e2) (void)fprintf(f, fmt, "old ethernet address", e2str(e2));
     
 	if (t1p)

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.h#2 (text+ko) ====

@@ -1,2 +1,2 @@
 
-void report(char *, struct in6_addr *, u_char *, u_char *, time_t *, time_t *);
+void report(char *, struct in6_addr *, u_char *, u_char *, u_int8_t r, time_t *, time_t *);
