ipsend - IP packet description language
The ipsend program expects, with the -L option, input to be a text file
which fits the grammar described below. The purpose of this grammar is
to allow IP packets to be described in an arbitary way which also
allows encapsulation to be so done to an arbitary level.
line ::= iface | arp | send | defrouter | ipv4line .
iface ::= ifhdr "{" ifaceopts "}" ";" .
ifhdr ::= "interface" | "iface" .
ifaceopts ::= "ifname" name | "mtu" mtu | "v4addr" ipaddr |
"eaddr" eaddr .
send ::= "send" ";" | "send" "{" sendbodyopts "}" ";" .
sendbodyopts ::= sendbody [ sendbodyopts ] .
sendbody ::= "ifname" name | "via" ipaddr .
defrouter ::= "router" ipaddr .
arp ::= "arp" "{" arpbodyopts "}" ";" .
arpbodyopts ::= arpbody [ arpbodyopts ] .
arpbody ::= "v4addr" ipaddr | "eaddr" eaddr .
bodyline ::= ipv4line | tcpline | udpline | icmpline | dataline .
ipv4line ::= "ipv4" "{" ipv4bodyopts "}" ";" .
ipv4bodyopts ::= ipv4body [ ipv4bodyopts ] | bodyline .
ipv4body ::= "proto" protocol | "src" ipaddr | "dst" ipaddr |
"off" number | "v" number | "hl" number| "id" number |
"ttl" number | "tos" number | "sum" number | "len" number |
"opt" "{" ipv4optlist "}" ";" .
ipv4optlist ::= ipv4option [ ipv4optlist ] .
ipv4optlist = "nop" | "rr" | "zsu" | "mtup" | "mtur" | "encode" | "ts" |
"tr" | "sec" | "lsrr" | "e-sec" | "cipso" | "satid" |
"ssrr" | "addext" | "visa" | "imitd" | "eip" | "finn" |
"secclass" ipv4secclass.
ipv4secclass := "unclass" | "confid" | "reserv-1" | "reserv-2" |
"reserv-3" | "reserv-4" | "secret" | "topsecret" .
tcpline ::= "tcp" "{" tcpbodyopts "}" ";" .
tcpbodyopts ::= tcpbody [ tcpbodyopts ] | bodyline .
tcpbody ::= "sport" port | "dport" port | "seq" number | "ack" number |
"off" number | "urp" number | "win" number | "sum" number |
"flags" tcpflags | data .
udpline ::= "udp" "{" udpbodyopts "}" ";" .
udpbodyopts ::= udpbody [ udpbodyopts ] | bodyline .
udpbody ::= "sport" port | "dport" port | "len" number | "sum" number |
data .
icmpline ::= "icmp" "{" icmpbodyopts "}" ";" .
icmpbodyopts ::= icmpbody [ icmpbodyopts ] | bodyline .
icmpbody ::= "type" icmptype [ "code" icmpcode ] .
icmptype ::= "echorep" | "echorep" "{" echoopts "}" ";" | "unreach" |
"unreach" "{" unreachtype "}" ";" | "squench" | "redir" |
"redir" "{" redirtype "}" ";" | "echo" "{" echoopts "}" ";" |
"echo" | "routerad" | "routersol" | "timex" |
"timex" "{" timextype "}" ";" | "paramprob" |
"paramprob" "{" parapptype "}" ";" | "timest" | "timestrep" |
"inforeq" | "inforep" | "maskreq" | "maskrep" .
echoopts ::= echoopts [ icmpechoopts ] .
unreachtype ::= "net-unr" | "host-unr" | "proto-unr" | "port-unr" |
"needfrag" | "srcfail" | "net-unk" | "host-unk" | "isolate" |
"net-prohib" | "host-prohib" | "net-tos" | "host-tos" |
"filter-prohib" | "host-preced" | "cutoff-preced" .
redirtype ::= "net-redir" | "host-redir" | "tos-net-redir" |
"tos-host-redir" .
timextype ::= "intrans" | "reass" .
paramptype ::= "optabsent" .
data ::= "data" "{" databodyopts "}" ";" .
databodyopts ::= "len" number | "value" string | "file" filename .
icmpechoopts ::= "icmpseq" number | "icmpid" number .
Before sending any packets or defining any packets, it is necessary to
describe the interface(s) which will be used to send packets out.
interface
is used to describe a network interface. The description
included need not match the actual configuration currently
employed by the operating system.
send is used to actually send out a packet across the network. If
the destination is not specified, it will attempt to send the
packet directly out on the network to the destination without
routing it.
router configures the default router for ipsend, as distinct from the
default route installed in the kernel.
ipv4 is used to describe an IP (version 4) packet. IP header fields
can be specified, including options, followed by a data section
which may contain further protocol headers.
hl <number>
manually specifies the IP header length (automatically adjusts
with the presence of IP options and defaults to 5);
v <number>
set the IP version. Default is 4.
tos <number>
set the type of service (TOS) field in the IP header. Default
is 0.
len <number>
manually specifies the length of the IP packet. The length will
automatically be adjusted to accomodate data or further protocol
headers.
off <number>
sets the fragment offset field of the IP packet. Default is 0.
ttl <number>
sets the time to live (TTL) field of the IP header. Default is
60.
proto <protocol>
sets the protocol field of the IP header. The protocol can
either be a number or a name found in /etc/protocols.
sum manually specifies the checksum for the IP header. If left
unset (0), it will be calculated prior to being sent.
src manually specifies the source address of the IP header. If left
unset, it will default to the host's IP address.
dst sets the destination of the IP packet. The default is 0.0.0.0.
opt is used to include IP options in the IP header.
tcp is used to indicate the a TCP protocol header is to follow. See
the TCP section for TCP header options.
udp is used to indicate the a UDP protocol header is to follow. See
the UDP section for UDP header options.
icmp is used to indicate the a ICMP protocol header is to follow.
See the ICMP section for ICMP header options.
data is used to indicate that raw data is to be included in the IP
packet. See the DATA section for details on options available.
these keywords indicate that the releveant IP option should be added to
the IP header (the header length field will be adjusted appropriately).
nop No Operation [RFC 791] (space filler).
rr <number>
Record Router [RFC 791]. The number given specifies the number
of bytes to be used for storage. This should be a multiple of 4
for proper operation.
zsu Experimental Measurement.
mtup [RFC 1191].
MTU Probe.
mtur [RFC 1191].
MTU Ready.
encode
ts Timestamp [RFC 791].
tr Traceroute [RFC 1393].
sec-class <security-level>, sec
Security [RFC 1108]. This option specifies the security label
for the packet. Using sec sets up the framework of the security
option but unless sec-class is given, the level may not be set.
lsrr <ip-address>
Loose Source Route [RFC 791].
e-sec Extended Security [RFC 1108].
cipso Commercial Security.
satid Stream ID [RFC 791].
ssrr <ip-address>
Strict Source Route [RFC 791].
addext Address Extension
visa Expermental Access Control.
imitd IMI Traffic Descriptor.
eip [RFC 1358].
finn Experimental Flow Control.
sport <port>
sets the source port to the number/name given. Default is 0.
dport <port>
sets the destination port to the number/name given. Default is
0.
seq <number>
sets the sequence number to the number specified. Default is 0.
ack <number>
sets the acknowledge number to the number specified. Default is
0.
off <number>
sets the offset value for the start of data to the number specified.
This implies the size of the TCP header. It is automatically
adjusted if TCP options are included and defaults to 5.
urp <number>
sets the value of the urgent data pointer to the number specified.
Default is 0.
win <number>
sets the size of the TCP window to the number specified.
Default is 4096.
sum <number>
manually specifies the checksum for the TCP pseudo-header and
data. If left unset, it defaults to 0 and is automatically calculated.
flags <tcp-flags>
sets the TCP flags field to match the flags specified. Valid
flags are "S" (SYN), "A" (ACK), "R" (RST), "F" (FIN), "U" (URG),
"P" (PUSH).
opt indicates that TCP header options follow. As TCP options are
added to the TCP header, the off field is updated to match.
data indicates that a data section is to follow and is to be included
as raw data, being appended to the header.
With a TCP header, it is possible to append a number of header options.
The TCP header offset will be updated automatically to reflect the
change in size. The valid options are: nop No Operation, eol End Of
(option) List, mss [ size ] Maximum Segment Size - this sets the maximum
receivable size of a packet containing data, wscale Window Scale,
ts Timestamp.
sport <port>
sets the source port to the number/name given. Default is 0.
dport <port>
sets the destination port to the number/name given. Default is
0.
len <number>
manually specifies the length of the UDP header and data. If
left unset, it is automatically adjusted to match the header
presence and any data if present.
sum <number>
manually specifies the checksum for the UDP pseudo-header and
data. If left unset, it defaults to 0 and is automatically calculated.
data indicates that a data section is to follow and is to be included
as raw data, being appended to the header.
type <icmptype>
sets the ICMP type according the to the icmptype tag. This may
either be a number or one of the recognised tags (see the ICMP
TYPES section for a list of names recognised).
code <icmpcode>
sets the ICMP code.
data indicates that a data section is to follow and is to be included
as raw data, being appended to the header.
Each of the following extend the packet in a different way. Len just
increases the length (without adding any content), value uses a string
and file a file.
len <number>
extend the length of the packet by number bytes (without filling
those bytes with any particular data).
value <string>
indicates that the string provided should be added to the current
packet as data. A string may be a consecutive list of
characters and numbers (with no white spaces) or bounded by "'s
(may not contain them, even if \'d). The \ charcater is recognised
with the appropriate C escaped values, including octal
numbers.
file <filename>
reads data in from the specified file and appends it to the current
packet. If the new total length would exceed 64k, an error
will be reported.
echorep
Echo Reply.
unreach [ unreachable-code ]
Generic Unreachable error. This is used to indicate that an
error has occurred whilst trying to send the packet across the
network and that the destination cannot be reached. The
unreachable code names are: net-unr network unreachable, host-
unr host unreachable, proto-unr protocol unreachable, port-unr
port unreachable, needfrag, srcfail source route failed, net-unk
network unknown, host-unk host unknown, isolate, net-prohib
administratively prohibited contact with network, host-prohib
administratively prohibited contact with host, net-tos network
unreachable with given TOS, host-tos host unreachable with given
TOS, filter-prohib packet prohibited by packet filter, host-
preced, cutoff-preced.
squench
Source Quence.
redir [ redirect-code ]
Redirect (routing). This is used to indicate that the route
being chosen for forwarding the packet is suboptimal and that
the sender of the packet should be routing packets via another
route. The redirect code names are: net-redir redirect packets
for a network, host-redir redirect packets for a host, tos-net-
redir redirect packets for a network with a given TOS, tos-host-
redir redirect packets for a host with a given TOS.
echo Echo.
routerad
Router Advertisment.
routersol
Router solicitation.
timex [ timexceed-code ]
Time Exceeded. This is used to indicate that the packet failed
to reach the destination because it was in transit too long
(i.e. ttl reached 0). The valid code names are: intrans, reass
could not reassemble packet from fragments within a given time.
paramprob [ paramprob-code ]
Parameter problem. There is only one available parameter problem
code name: optabsent.
timest Time stamp request.
timestrep [ { timestamp-code } ]
Time stamp reply. In a timestamp reply, it is possible to supply
the following values: rtime, otime, ttime.
inforeq
Information request.
inforep
Information reply.
maskreq
Address mask request.
maskrep
Address mask reply.
/etc/hosts
/etc/protocols
/etc/services
ipsend(1), iptest(1), hosts(5), protocols(5), services(5)
IPSEND(5)
[ Back ] | 