[Click] AnonymizeIPAddr and ethernet headers

Beyers Cronje bcronje at gmail.com
Thu Oct 27 09:36:14 EDT 2005 

Hi Brian,

Just use:
click_ether* e = (click_ether*) p->data();
Obviously this assumes you havent used Strip or something similar.

Or you can use set_ether_header to set the pointer.

Make sure you use a WritablePacket when modifying content of the packet.

Beyers


On 10/27/05, Brian Gallaway <gallaway at cs.usask.ca> wrote:
>
> I am using the ipsumdump program derived from Click to do anonymization
> and sanitization of VOIP traces. In the end, I will need to capture
> traffic from the live network, and write the results to a tcpdump file.
> The hard parts regarding decoding the VOIP packets and dropping RTP
> voice data have already been completed.
>
> I also decided to tackle anonymizing ethernet MAC addresses. I added
> the following code to AnonymizeIPAddr::simple_action() :
>
> // bdg730 - anonymize ethernet by simply writing the ipaddress
> // in place of the MAC address
> //FIXME: memset and memcpy segfault on live captures
> click_ether *eth = q->ether_header();
> memcpy(eth->ether_dhost,&dst,4);
> memcpy(eth->ether_shost,&src,4);
> memset(&(eth->ether_dhost[4]),0,2);
> memset(&(eth->ether_shost[4]),0,2);
>
> However, as you can tell from the comments, this code only worked
> when I had ipsumdump read an existing tcpdump capture. Running this
> live on the network causes a segfault.
>
> The reason for the segfault is that the Packet object 'q' has a null
> ethernet header. When capturing from a tcpdump file, this header is
> present and can be modified. The modifications will be reflected in
> the tcpdump file that is written by ipsumdump. But when capturing from
> the live network, the header is not available to AnonymizeIPAddr. Yet
> the ethernet header will end up being written to the final dump file.
>
> I am just wondering what the reasons are for the differences in behavior
> here, and if there is somewhere else in the pipeline that I could
> safely get at and modify the ethernet header before it is output to
> disk.
>
> Thanks,
> Brian.
>
> --
> Brian Gallaway
> Programmer/Analyst
> Department of Computer Science
> University of Saskatchewan
> phone: 306 966-2662
> email: gallaway at cs.usask.ca
>
>
> _______________________________________________
> click mailing list
> click at amsterdam.lcs.mit.edu
> https://amsterdam.lcs.mit.edu/mailman/listinfo/click
>

More information about the click mailing list