Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect UDP checksum when using -x option #26

Open
jbromley opened this issue Nov 23, 2021 · 2 comments
Open

Incorrect UDP checksum when using -x option #26

jbromley opened this issue Nov 23, 2021 · 2 comments

Comments

@jbromley
Copy link

When sending UDP packets with the -x option, the checksum of the UDP is not adjusted. This causes packet receivers that verify the checksum to fail (e.g. socat). Either the checksum should be recalculated and adjusted or the checksum should be set to zero to indicate there is no checksum. Note that this likely applies to TCP packets as well, but I haven't tested that explicitly.

I have attached a pcap (bad_csum.pcap) file that contains two packets. The first was sent with the command
sudo packETHcli -m 2 -n 1 -i eno1 -f src-fwd.pcap -d 0
and the second was sent with the command
sudo packETHcli -m 2 -n 1 -i eno1 -f src-fwd.pcap -d 0 -x
The pcap shows that with -x the marker and sequence number are properly set, but the checksum is identical to that of the packet sent without the -x option. I have also attached the packet being sent as src-fwd.pcap.

bad_csum.zip
@jemcek
Copy link
Owner

jemcek commented Nov 23, 2021

Hi!

I'm aware of the this "problem". The cli version was actually built as a very simple tool to easily put packet(s) on the wire. The -x option was added later because it makes packet counting much easier. But it breaks testing in case where the L4 checksum is also checked. To correct this the sender should be able to completely parse the packeth it sends and recalculate checksum if needed. But because there are so many options (vlan, double vlan, ip options, ipv6 option headers etc..) this is not so easy to add. Another option as you said is to put the checksum initial packet to 0x0000 but this will work only for UDP. For TCP you need to have the checksum calculated.

For now I would encourage you to use the GUI version (with the cli as the receiver) which doesn't have this problem because it has complete packet dissector (plus many other options).

But thanks for opening the issue, maybe I will add this in next release.

@jbromley
Copy link
Author

Yes, once I started thinking about implementing this myself, I realized the dizzying array of different kinds of packets you would have to dissect to properly recalculate checksums. Unfortunately, I cannot use the GUI version as I only have terminal access to the systems in question (and they likely don't even run X). For UDP, I just hand-edited the pcap files to have a zero UDP checksum and that allowed me to continue working. It would be cool if the CLI could recompute the checksums properly, but I'd understand if you just closed this issue (or made it a feature request for a far future). By the way, thanks for this tool. It has helped me immensely.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jbromley @jemcek