[Click] AnonymizeIPAddr and ethernet headers

Brian Gallaway gallaway at cs.usask.ca
Thu Oct 27 17:48:45 EDT 2005 

Thanks John and Beyers.  That worked like a charm (for now, I just did 
the cast instead of fixing the element).

I have found Click and ipsumdump to be very nice to work with.  A big 
thanks to the developers for that.

Brian.

On Thursday 27 October 2005 07:36, Beyers Cronje wrote:
> Hi Brian,
>
> Just use:
> click_ether* e = (click_ether*) p->data();
> Obviously this assumes you havent used Strip or something similar.
>
> Or you can use set_ether_header to set the pointer.
>
> Make sure you use a WritablePacket when modifying content of the
> packet.
>
> Beyers
>
> On 10/27/05, Brian Gallaway <gallaway at cs.usask.ca> wrote:
> > I am using the ipsumdump program derived from Click to do
> > anonymization and sanitization of VOIP traces. In the end, I will
> > need to capture traffic from the live network, and write the
> > results to a tcpdump file. The hard parts regarding decoding the
> > VOIP packets and dropping RTP voice data have already been
> > completed.
> >
> > I also decided to tackle anonymizing ethernet MAC addresses. I
> > added the following code to AnonymizeIPAddr::simple_action() :
> >
> > // bdg730 - anonymize ethernet by simply writing the ipaddress
> > // in place of the MAC address
> > //FIXME: memset and memcpy segfault on live captures
> > click_ether *eth = q->ether_header();
> > memcpy(eth->ether_dhost,&dst,4);
> > memcpy(eth->ether_shost,&src,4);
> > memset(&(eth->ether_dhost[4]),0,2);
> > memset(&(eth->ether_shost[4]),0,2);
> >
> > However, as you can tell from the comments, this code only worked
> > when I had ipsumdump read an existing tcpdump capture. Running this
> > live on the network causes a segfault.
> >
> > The reason for the segfault is that the Packet object 'q' has a
> > null ethernet header. When capturing from a tcpdump file, this
> > header is present and can be modified. The modifications will be
> > reflected in the tcpdump file that is written by ipsumdump. But
> > when capturing from the live network, the header is not available
> > to AnonymizeIPAddr. Yet the ethernet header will end up being
> > written to the final dump file.
> >
> > I am just wondering what the reasons are for the differences in
> > behavior here, and if there is somewhere else in the pipeline that
> > I could safely get at and modify the ethernet header before it is
> > output to disk.
> >
> > Thanks,
> > Brian.
> >
> > --
> > Brian Gallaway
> > Programmer/Analyst
> > Department of Computer Science
> > University of Saskatchewan
> > phone: 306 966-2662
> > email: gallaway at cs.usask.ca
> >
> >
> > _______________________________________________
> > click mailing list
> > click at amsterdam.lcs.mit.edu
> > https://amsterdam.lcs.mit.edu/mailman/listinfo/click

More information about the click mailing list