Chonggang Li [Mon, 21 Aug 2017 20:34:45 +0000 (13:34 -0700)]
mtr-packet: fix compilation on OS X
Error queue is not supported by OS X, use AC_CHECK_HEADERS to introduce
a compilation flag called HAVE_LINUX_ERRQUEUE_H to skip compiling errqueue
related code.
Chonggang Li [Thu, 13 Jul 2017 23:17:08 +0000 (16:17 -0700)]
mtr-packet: use ICMP and UDP without privilege on linux
This commit enables non-privileged users to use mtr on linux without
setuid. Currently ICMP and UDP protocols are supported in this commit.
Previously, to use mtr on linux with protocol ICMP and UDP, RAW sockets
have to be opened to send out packets and receive ICMP errors, so users
must have RAW socket permission to use this program. The goal of this
commit is to make mtr usable for normal users without RAW socket
permission. The changes include:
(1) The origianl logic is not changed, but instead, when the program
fails to open RAW sockets, it will fallback to opening DGRAM scoekts.
(2) A new flag is created to indicate whether RAW socket is used for
IPv4 and IPv6 respectively.
(3) When using DGRAM sockets to send out packets, receive sockets are
not required. Instead, IP_RECVERR is enabled to receive ICMP errors.
(4) Packet receiving function is changed from recvfrom() to recvmsg() to
retrieve more information.
(5) When error is indicated, the program will check the error type and
read from the error queue of the socket. Original payload causing the
error will be read out from the error queue to match for probe, and
additional data (e.g. source ip of ICMP error packets) will be retrieved
from CMSG.
(6) Use a separate socket to probe byter order if raw socket creation
fails, to avoid double bind issue.
(7) Also a few tweaks are added to make non-RAW socket working.
Matt Kimball [Sun, 16 Jul 2017 17:19:32 +0000 (10:19 -0700)]
commandline: Added --interface for using a named network interface
Using '--interface' on the commandline (or '-I') will specify
a network interface by name. This is sometimes a more convenient
alternative to using '--address' for specifying a source address
from which to send probes.
This can be useful when you have both a wired ethernet connection
and WiFi connection, and wish to use a specific connection for the
purposes of tracing.
This feature was requested in issue #207.
This change also cleans up main() slightly by factoring out the
hostent structure generation.
Matt Kimball [Wed, 12 Jul 2017 19:48:46 +0000 (12:48 -0700)]
json: Fix malformed json when the "hubs" list is empty
When generating JSON output, and when no hosts are found when
probing, the generated JSON was malformed. (i.e. when the "hubs" list
in the generated JSON is empty, there was no closing bracket.) This can
be reproduced by tracing to an unused host address on the local subnet.
Matt Kimball [Tue, 11 Jul 2017 21:55:40 +0000 (14:55 -0700)]
ui: display "no route to host" error as host entry rather than abort
When a host is reported as unreachable in response to a particular
network probe, the Windows version of the mtr UI had the unfortuante
behavior of exiting and and printing a terse message. This is
surprising to a user, who would expect mtr probes and reporting to
continue.
With this change, probing continues and a status reading
"no route to host" is displayed in the probe report.
This change will also improve the reporting of the Unix version of
mtr, now specifying "no route to host" instead of misleadingly
indicating that no reply has been received.
Matt Kimball [Sat, 4 Feb 2017 21:18:13 +0000 (13:18 -0800)]
cleanup: Fix #ifdef structure which confuses 'ident'
The 'indent' tool is confused by some strange #ifdef structure
around HAVE_IPINFO in report.c. Cleaned up that structure
so 'indent' can be used successfully.
Matt Kimball [Sat, 7 Jan 2017 17:01:30 +0000 (09:01 -0800)]
mtr-packet: Report probe status on host unreachable (Cygwin)
When IcmpParseReplies returned with a probe completion, but the
probe's status was IP_DEST_HOST_UNREACHABLE, mtr-packet was failing
to report the probe result, and was instead printing an unhelpful
error message without any reference to a particular probe. Now
it will report a "no-route" result with the token associated with
the probe.
First, mtr-packet or override path taken from MTR_PACKET env variable will be search in PATH if not found we falllback to current directory search. This way we can use mtr without installing or setting any additional env variables.
Also fix batch file to support paths with spaces on Windows.
Matt Kimball [Fri, 30 Dec 2016 16:32:45 +0000 (16:32 +0000)]
build: fix compiler warnings when for OpenBSD, NetBSD and Solaris
When building for NetBSD, the compiler was warning about
index into an array with a character when using isspace() and
similar macros.
IPPROTO_SCTP is also not defined by NetBSD, so there were
warnings about unused SCTP related variables.
OpenBSD complains about using sprintf rather than snprintf.
It's a good idea to use snprintf, anyway, to avoid buffer overruns,
though I believe in these particular cases sprintf was safe.
Nevertheless, snprintf is now used instead.
Solaris requires strings.h to find index().
Solaris complaints about a missing sentinel pointer unless
the terminating NULL in execl is cast to a "char *".
Matt Kimball [Fri, 30 Dec 2016 19:44:32 +0000 (11:44 -0800)]
build: Fix Solaris build issues
Prefer ncurses over curses, since curses on Solaris is lacking
wattr_on and wattr_off, but ncurses has them.
Check if sys/ctypes.h exists, since Solaris lacks it.
When sending an IPv6 probe, check if the send socket is already
bound to the intended source address, and if so, avoid rebinding.
Rebinding return an error on Solaris.
Matt Kimball [Wed, 28 Dec 2016 01:09:49 +0000 (17:09 -0800)]
mtr-packet: Fall back to IPv4 only support if IPv6 sockets fail to open
If we fail to open any IPv6 sockets, rather than aborting with an
unrecoverable error, fall back to IPv4 only support. Socket
creation might fail, for example, when Linux is booted with
the kernel command-line "ipv6.disable=1".
In the case where opening IPv6 sockets fail,
'check-support feature ip-6' will indicate there is no support
for sending IPv6 probes.
Stricter error reporting revealed that test for protocols other
than ICMP were running on Cygwin. Modified the tests such that
they won't run if the protocol isn't supported.
Matt Kimball [Mon, 26 Dec 2016 09:26:01 +0000 (01:26 -0800)]
build: use AC_CHECK_LIB for ncurses, rather than pkg-tool
pkg-tool is indeed an elegant way to check for the presence
of libraries. When using pkg-config to check for ncurses, this
works great... for Linux. Unfortunately, on FreeBSD and MacOS,
ncurses is installed by default, but pkg-config is not. When
pkg-config is installed on these systems, it doesn't know about
the system installed ncurses.
Therefore, somewhat counterintuitively, it is better for portability
to just us AC_CHECK_LIB instead of PKG_CHECK_MODULES to find
ncurses.
Matt Kimball [Sun, 25 Dec 2016 17:26:34 +0000 (09:26 -0800)]
mtr-packet: drop capabilities + using BSD's linked lists for probes
At startup, we now use cap_set_proc to drop all privileged
capabilities for the mtr-packet process. This means that
capabilities granted through the commandline setcap to the
mtr-packet executable will only be in effect while the necessary
raw sockets are opened, and will be dropped before any command
requests are read.
Now we use BSD's queue.h linked list support for storing outstanding
probes. This makes iterating through in-flight probes more efficient,
as we don't need to loop through many unused probe entires when only
a few probes are outstanding.
Changed mtr-packet's default probe size to 64 bytes, to match
mainline mtr's default.
The code consistently uses 'exit(EXIT_FAILURE)' instead of 'exit(1)'.
The effect is the same, but the intent is clearer.
Matt Kimball [Fri, 23 Dec 2016 17:37:47 +0000 (09:37 -0800)]
mtr-packet: allow local address binding
A probe can be bound to a local address with the 'local-ip-4' or
'local-ip-6' arguments to 'send-probe'. The '-a' commandline
argument to mtr will cause sent probes to be bound to the specified
address.
Changed argument names for consistency:
'localport' is now 'local-port'
'bitpattern' is now 'bit-pattern'
mtr now opens and connects a UDP socket at startup to determine the
local address for display in the UI.
Windows error codes resulting from send-probe are now using the
same error strings which are used to report errors in the
Unix implementation.
We now use the mtr commandline timeout value for sent probes.
Edited the help and man page to reflect that the timeout value
no longer applies to only TCP probes, but now all probes.
With this change, I believe the mtr-packet implementation is at
feature parity with mainline mtr.
Matt Kimball [Thu, 22 Dec 2016 15:28:29 +0000 (07:28 -0800)]
mtr-packet: MPLS decoding and local UDP port usage
mtr-packet will decode any MPLS labels embedded in an
ICMP reply which results from a probe, and report those
labels with the probe reply.
When sending a UDP probe, a local port can be specified
for probe origination. In the same way that the legacy mtr
code found a location to store a unique identifier for the probe,
we'll use the destination port, the local port or the checksum
field, depending on what probe arguments have been specified.
Both MPLS and local UDP port options have been documented in the
mtr-packet man page.
Update the SECURITY documentation to reflect mtr-packet, and did
minor copyediting in the README. Also, update my email address
in AUTHORS.
Matt Kimball [Tue, 20 Dec 2016 18:09:29 +0000 (10:09 -0800)]
mtr-packet: TCP and SCTP probes
Added support for generating probes using TCP or SCTP, for both
IPv4 and IPv6. These protocols require that we create a unique
socket for each probe and watch for either a TTL expiration of
the initial packet sent during a connection attempt from that
socket or for socket connection success.
We now allocate a unique port number or ICMP sequence ID when
a probe is created, rather than using the command token for this
purpose. This relieves the calling application of the burden
of picking sensible command token values, and allows command
tokens values greater than 16 bits. However, the existing mtr
code continues to use the same command tokens values it has
previously used as port numbers, so there is no difference when
the calling program is mtr.
Split mtr's command pipe handling out from net.c and into cmdpipe.c
in the interest of future maintainability.
Split probe.py's simple probes out from the individual protocol
test cases and into common code which can be used by many
protocol tests.
Added send-probe arguments to customize the packet size,
the bitpattern which fills the packet, the IP "type of service"
and the Linux routing mark. These arguments are documented
in the mtr-packet man page, and have been hooked up to mtr's
commandline parameters.
Internally to mtr-packet, the code is now more consistent about
using errno to return error codes.
Added instrutions for building on Windows to the README.
Fixed the Makefile to build the man pages with BSD make, for FreeBSD.
BSD make lacks the GNU make extension for '%' wildcard matching.
Added a helper program for testing which listens for an ICMP
packet with a particular sequence and prints information about
that packet.
projects / thirdparty / mtr.git / log
