- C++ language. You can use any version (we are using C++11)
- PcapPlusPlus library (we are using latest stable)
- GNU/Linux x86_64. You can use any flavor/version (we are using Ubuntu Server 18.04)
- Since software operates on files, you can use either real HW or a virtualized/dockerized environment
The software must read packets from an input pcap file, and create and output pcap file. For each input packet, the following rules must be followed before writting it to the output file.
- If packet comes from a different VLAN ID than the one specified by --vlan option, it must be dropped
- If packet DataLink layer protocol is not ETHERNET, it must be dropped
- If packet Network layer protocol doesn't match the one specified by --ip-version option (IPv4 or IPv6), it must be dropped
- If packet Network layer protocol is IPv4 or IPv6, TTL must be decreased by the amount specified by --ttl option. If TTL is lower or equal than the option, packet must be dropped
- If packet Transport layer protocol is ICMP, it must be dropped
- If packet Transport layer protocol is UDP, and contains a DNS layer, the server address and port fields must be replaced by --dns-addr and --dns-port options
- -i: path of the input pcap file
- -o: path of the input pcap file
- --vlan: Value to be used for rule #1
- --ip-version: Value to be used for rule #3
- --ttl: Value to be used for rule #4
- --dns-addr: Value to be used for rule #6
- --dns-port: Value to be used for rule #6
- There is no need to validate the provided options (is outside of the scope of the exercise)
- If an option is not present, then the corresponding rule should not be applied
- Output pcap file should be valid and readable in Wireshark without displaying errors of any kind
make clean # Clean
make # Build
# Run with all options
./pcap-convert -i asdf -o asdf --vlan 1000 --ip-version IPv4 --dns-addr www.anuvu.com --dns-port 4500 --ttl 60
# Least options
./pcap-convert -i 802_1ad.pcapng.cap -o output1.pcap
./pcap-convert -i ultimate-pcap.pcapng -o outputx.cap --vlan 121 --ip-version IPv4 --dns-addr anuvu.com --dns-port 53 --ttl 120
# Output:
Read 36372 packets successfully and 0 packets could not be read
Written 433 packets successfully to pcap writer and 0 packets could not be written
valgrind --leak-check=full \
--show-leak-kinds=all \
--track-origins=yes \
--verbose \
--log-file=pcap-convert-out.txt \
--ip-version IPv4 --dns-addr www.anuvu.com --dns-port 5353 --ttl 60