Lua custom UDP Header - header

Is there a way to create a custom UDP header in Lua? I am using Ubuntu 11.10, Lua 5.1, and Luasocket. Am I missing a module for this to work or is it impossible?
What I was planning to do is to send a character in the length section of the UDP header from the client then decode it on the server. Is there a better way of doing this without sending data via normal data transfer?
Thanks.

The only way to modify packet headers is to use raw sockets and construct the packet yourself, including both the IP and UDP headers.
However, what you want to do, use the length field for data, will not work. Remember that all routers/switches/hubs between your client and server looks at the header to determine how long the packet is. If there isn't a valid length there they will fail sending your packet on.

Related

Read UDP packet stream into SQL Server

I have a device that broadcasts a UDP ASCII stream on my network and I want to receive and parse that stream into my db.
Do I need to buy or build UDP receiver middleware to do the protocol conversion or can this be done inside of SQL Server 2017 without third-party tools?
If you have someone with some coding knowledge, you could implement your UDP receiver in powershell see this question for example
and then send whatever data you received to your database. see here for example
In any case I would rather put that outside of the DB itself.
But if you feel like it must be within the DB, maybe it's possible to do it with stored procedure.

How to program pcap with Objective-C and get HTTP request and response values in text format

I am working with pcap in an OS X application to understand packet analysis.
I am working with a app https://github.com/jpiccari/MacAlyzer
but I am getting only raw data but I want to differentiate every domain request into separate and clear way to read request and response value. Please guide me the way to how to develop an application with pcap.
I have tried some code but they translate data into hex format. How do I convert that data into meaningful request and response objects like Charles and Fiddler show?
MacAlyzer wasn't developed for your needs. I know because I'm the author. As already stated, Charles and Fiddler are web proxies and work entirely different (and serve different purposes).
Diving a bit deeper into your question, communication between client and server happens IP-to-IP and not domain-to-domain. Domain information is not contained in the packets at the either the IP or TCP level. Instead computers request domain-to-IP lookup information which is then stored and communication is carried out using the client and server IP addresses.
MacAlyzer, and really libpcap, don't have sophisticated packet dissection (like say Wireshark) and cannot display packet information as verbosely as other programs. Before I lost interest in the project I was planning a library that would allow much richer packet dissection and analysis, but free time became very limited.
As for adding domain information to MacAlyzer, I'll explain at a high-level since it seems you know what you're doing. To include domain information instead of IP address in the Source and Destination columns you could edit function ip_host_string() in ip.m. This function controls how the client and server addresses are displayed. Modifying it to lookup the hostname from IP address and returning the resulting string would cause the domains to be displayed instead of IP addresses.
If you come up with some nice updates, consider submitting a pull request.
Here is the food for thoughts:
http://www.binarytides.com/packet-sniffer-code-c-linux/
Anyway, you will need to use C. Therefore, check the codes of the includes, for example:
http://www.eg.bucknell.edu/~cs363/2014-spring/code/tcp.h
Here is the documentation of "pcap":
http://www-01.ibm.com/support/knowledgecenter/#!/ssw_aix_71/com.ibm.aix.basetrf1/pcap_close.htm

Set the time to live (TTL) of IP packets for outgoing UDP datagrams on Arduino Ethernet

I'm using an Arduino Ethernet to send UDP datagrams to a remote host. The code I use to send a single datagram is:
Udp.begin(localPort);
...
Udp.beginPacket(remoteIP, remotePort);
Udp.write(data);
Udp.endPacket();
My issue is that I need to customize the TTL of the outgoing UDP/IP packet, but none of Udp.begin, Udp.beginPacket, Udp.write and Udp.endPacket provide a parameter to set such option.
I know that the TTL field belongs to the IP header but it seems you don't handle raw IP packets using Arduino's Ethernet / socket / w5100 libraries.
I looked into the definitions of the above functions, expecially in EthernetUDP::beginPacket where I was wondering to find something useful being it called just before I pass the payload of the message, but I got stuck since it contains not much more than a call to startUDP() (socket.cpp), and the latter deals with methods of the W5100 class that are not clear to me.
Do someone know if there is a somehow high-level facility to set the TTL of a packet, or should one go deeper into the libraries to achieve that?
Finally I found a solution. The WIZnet W5100 socket provide registers that describe the socket's behaviour as documented in W5100 Datasheet Version 1.1.6. One of these registers is Socket 0 IP TTL (S0_TTL) (address 0x0416). I see that those registers are written in the startUDP function (in socket.cpp) in order to set the socket's destination IP address and port:
W5100.writeSnDIPR(s, addr);
W5100.writeSnDPORT(s, port);
so I appended there a call to
W5100.writeSnTTL(s, (uint8_t) 255); // set TTL to 255
and it indeed worked, i.e. the sketch got compiled. Such method is undocumented, I figured it out looking at the other register-writing methods and finding on the web that exists a couple of projects that make use of it.
I also wrote this patch to provide the override Udp.beginPacket(remoteIP, remotePort, ttl) to the Ethernet libraries that come with Arduino 1.0.1 - 2012.05.21.

Sending data packets over udp

I am creating an app that acts as a remote control for a lighting console and I need to send commands to the console over UDP. The protocol that I am using has its own custom header. How do I create the data packet with header and message to send over UDP? Thanks!
If you are trying to test the protocol, without writing any code, I suggest you use WireShark.
The probably most powerful solution you can use is scapy, which is a python module that allows very advanced packet crafting and manipulation. See its documentation or search the interwebs for examples to find out how to generate arbitrary packets and transmit them.
If you can't use python for some reason, there are multiple command line tools for packet generation, one other example being nping (documentation), the brother of nmap, the popular network scanner. nping has options to generate UDP packets with arbitrary payloads, with can be specified as a hex string, for example.
There may be other options as well. It would be good to know more details like the operating system you're on or where you get your input data from, and in which format.

Does libpcap get a copy of the packet?

Does libpcap get a copy of the packet or the actual packet?
By copy, I mean: the application using libpcap gets packet A, and the kernel also gets packet A.
By actual, I mean: only the application using libpcap gets packet A, but the kernel didn't get it.
libpcap will not allow you to do what you want. The goal of pcap is to transparently receive a copy of every packet in the system.
You should investigate how to inter-operate with the existing firewall in your system, or how to add your own filters to the netfilter system (on Linux)
The kernel will get the packet then pass it through a list of filters (for example, there's usually a filter for IPsec, a firewall and so on) and once it's gone through all of these filters, it passes the packet on to the application. libpcap is another filter, but it simply adds the packet to an internal database for processing, rather than inspecting the packet, modifying or whatever else the other filters will do.
For what you want to do, the simplest solution would be to use a firewall.