Email: bknpk@hotmail.com Phone: +972-54-7649119


V

 

ASIC/FPGA Design and Verification Out Source Services

IP TTL filter digital design, implemented in VHDL.

  1. This project implements an IP TTL filter in hardware. If an IPV4 packet is identified, the DUT checks its TTL field. Based on previous values of TTL in former packets, the machine decides if the packet is spoofed or not. The main page of this project.


  2. In order to generate packets I have used so far a cpp packet generation. Recently I decided to generate more real traffic. For that I have used tcpdump to capture tarffic from a real network scenario.


  3. I installed tcpdump on my debian machine and run it, with the following filter specification:
    1. (sleep 60;scp -r TCPdump pini@192.168.0.179:~/Home_2/kuku)&
    2. tcpdump -l -n -c 10 -XX -i eth0 'ip[0:1] == 0x45 and src or dst 192.168.0.179' | tee cap_scp.txt

     The result was an ASCII file:

    1. 16:50:08.368891 IP 192.168.0.104.39599 > 192.168.0.179.22: Flags [S], seq 1808771444, win 14600, options [mss 1460,sackOK,TS val 652653233 ecr 0,nop,wscale 4], length 0
    2. 0x0000: 00ff 58ec 8d00 94de 80b2 64ad 0800 4500 ..X.......d...E.
    3. 0x0010: 003c 1bc5 4000 4006 9c8b c0a8 0068 c0a8 .<..@.@......h..
    4. 0x0020: 00b3 9aaf 0016 6bcf a974 0000 0000 a002 ......k..t......
    5. 0x0030: 3908 829a 0000 0204 05b4 0402 080a 26e6 9.............&.
    6. 0x0040: b2b1 0000 0000 0103 0304 ..........
    7. 16:50:08.369560 IP 192.168.0.179.22 > 192.168.0.104.39599: Flags [S.], seq 3329399056, ack 1808771445, win 5792, options [mss 1460,sackOK,TS val 54469544 ecr 652653233,nop,wscale 6], length 0
    8. 0x0000: 94de 80b2 64ad 00ff 58ec 8d00 0800 4500 ....d...X.....E.
    9. ...

  4. Last, but not least, is converting from tcpdump cpp packet generation to the format, which is understandable by the VHDL bench. This is done with a perl script, which is invoked from within vim:

    % !perl vim_tcpdump_ex.pl

  5. The script is shown below:

    1. #!/bin/perl
    3. #output
    4. #00 23 20 21 22 23 00 23 18 29 26 7c 08 00 45 00
    5. #00 23 00 00 40 00 40 11 79 6e c1 a8 00 b4 c0 a8
    6. #05 09 00 00 00 35 00 0f d6 41 55 44 50 44 61 74
    7. #61 00 00 00 00 -- -- -- -- -- -- -- -- -- -- --
    8. #p- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
    9. #00 23 20 21 22 23 00 23 18 29 26 7c 08 00 45 00
    10. #00 23 00 00 40 00 40 11 79 6e c0 a8 00 b4 c0 a8
    11. #05 09 00 00 00 35 00 0f d6 41 55 44 50 44 61 74
    12. #61 00 00 00 00 -- -- -- -- -- -- -- -- -- -- --
    13. #p- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
      14.
    15. $first=1;
    16. $cnt=0;
    17. while (<STDIN>) {
    18.   chomp($_);
    19.   if($_ =~ /0x[0-9a-fA-F][0-9a-fA-F][0-9a-fA-F][0-9a-fA-F]: (.*) .*/) {
    20.     @a = split(/ /, $1);
    21.     foreach $j ( @a ) {
    22.       if($cnt == 16) {
    23.         $cnt = 0; print("\n");
    24.       }
    25.       $by=substr($j, 0, 2);
    26.       print("$by ");
    27.       $by=substr($j, 2);
    28.       print("$by");
    29.       if($cnt <= 12) { print(" "); }
    30.       $cnt += 2;
    31.     }
    32.   }
    33.   else {
    34.     if($first == 0) {
    35.       while($cnt < 16) {
    36.         print("-- "); $cnt++;
    37.       }
    38.       print("\n");
    39.       print("p- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --\n");
    40.       $cnt=0;
    41.     }
    42.     else { $first = 0; }
    43.   }
    44. }
    45. while($cnt < 16) {
    46.   print("-- "); $cnt++;
    47. }
    48. print("\n");
    49. print("p- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --\n");



Search This Site

Feedback This Site




new pages on this site