alexforster / pdu Goto Github PK

RFC768:

If the computed checksum is zero it is transmitted as all ones (the equivalent in one's complement arithmetic). An all zero transmitted checksum value means that the transmitter generated no checksum (for debugging or for higher level protocols that don't care).

Inspired by google/gopacket#883

this line breaks on my machine (tshark 3.2.3) https://github.com/alexforster/pdu/blob/master/tests/tests.rs#L162

❯ tshark -n -o ip.defragment:false -o ipv6.defragment:false -o tcp.desegment_tcp_streams:false -T pdml -r /home/sky/git/pdu/tests/pcaps/gre-erspan.pcap  | rg frag_offset
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="20" show="0" value="4000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="20" show="0" value="4000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="20" show="0" value="4000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="70" show="0" value="0000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="20" show="0" value="4000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="70" show="0" value="0000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="20" show="0" value="4000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="70" show="0" value="0000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="20" show="0" value="4000"/>
    <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="70" show="0" value="0000"/>

seemingly value is just hex encoded bytes without any additional bit-masking? show is correct but value has the flag bits still present -- probably just want to do the same except mask those off before asserting equals?

Hi! 👋 I'm exploring using Rust to write bpf programs, and this package is a great fit for some of the networking usecases like xdp. I also found https://github.com/uccidibuti/rebpf/blob/37775452ca79b7c232d535e8c989f07d751a612e/examples/basic03_map_counter/src/kern.rs#L40-L57 which is a reflection of https://github.com/xdp-project/xdp-tutorial/tree/master/basic03-map-counter, and noticed rebpf is based on libbpf-sys which you also maintain 😄 thanks for the quality libraries.

If you look at the first link from rebpf, that example can't import pdu because it runs in a bpf context which requires function inlining for non-bpf code. This crate already works for no_std which is great. I've tested that slapping #[inline] everywhere makes some of the basics work properly in bpf programs.

Would you consider a cargo feature or some other method of inlining every function so the crate can be used easily from bpf programs? Alternatively if you have some experience with this, do you know an easier approach to use pdu in that context?

I'm happy to help prepare a PR if you're on board, but I wasn't sure what the best approach would be other than manually adding conditional #[inline] everywhere (proc macro of some sort)?

Appreciate your thoughts 😃

pub fn buffer(&self) -> &'a [u8] instead of pub fn buffer(&'a self) -> &'a [u8]. &'a is the lifetime of the underlying buffer, not the Pdu struct. Borrowing self as &'a self does something funky (i do not understand lifetimes well enough to say exactly what) with the &'a lifetime and limits the lifetime of the return value to the lifetime of the struct. For example

fn extract_tcp<'a>(packet: &'a[u8]) -> Option<&'a[u8]> {
    const IP_PROTOCOL_TCP: u8 = 6;
    Some(match Ip::new(packet).ok()? {
        Ip::Ipv4(v4) if v4.protocol() == IP_PROTOCOL_TCP => {
            &v4.buffer()[v4.computed_ihl()..]
        },
        Ip::Ipv6(v6) if v6.computed_protocol() == IP_PROTOCOL_TCP => {
            &v6.buffer()[v6.computed_ihl()..]
        },
        _ => return None,
    })
}

gives the error "error[E0515]: cannot return value referencing local variable v4" with pdu 1.4.2, but it compiles when pointed at a fork (https://github.com/tsheinen/pdu) where i just find-and-replaced every &'a self with &self.