File: TODO

package info (click to toggle)
netexpect 0.22-2
  • links: PTS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 8,672 kB
  • ctags: 3,840
  • sloc: ansic: 19,903; sh: 14,032; xml: 3,280; yacc: 1,179; lex: 469; makefile: 185
file content (97 lines) | stat: -rw-r--r-- 4,165 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
- Sensible defaults.
- Manual page. (DONE, but on-going)
- Command-line argument processing is a mess. How to improve it? Use a parser
  that mimics tcpdump expressions???
- support UDP and ICMP as well (DONE)
- support layer 2 (DONE)
- GRE, MPLS - ask Darrin (DONE)
- Only 2 TCP options implemented. What others would be useful? (DONE)
- Should I add support for IP options? (Yes! DONE)
- Output options:
 * To stdout (raw) (DONE)
 * To stdout (in hex) (DONE)
 * To pcap file. (DONE)
 * The real thing, to the wire (partially DONE. Need to fix non-Linux platforms)
- Read options from a file. (DONE! - was "complicated", but it's done :-)
- Output specific PDUs from the final packet, like from UDP and up.
- More than 3 PDUs? (what if I want to create a custom BGP packet?)
  (don't know what this was, but it's DONE - I can create a BGP message
  just fine)
- Test suite (open valid PCAP file and use ttt to create same PCAP file.)
- Support IP and TCP options from a file (nemesis' -O option)
- The -P option should be more flexible. Maybe "-P file:payload.dat", or
  "-P data:'1 2 3 4'", or "-P repeat:'blah -times 5'"
- Debian packaging (DONE)
- configure switchs --with-pcap --with-ssl (and --without-xxx equivalents)
- A GUI?
- Add a numspec for IP addresses
- Add randomness to numspec, i.e. a default and then a probability of
  getting that default (see pysic) (DONE)
- Portability (ongoing)
- Better error handling. Right now all errors cause error() to be called,
  which ends the program.
- Ability to define multiple packets on the command line or in a command
  file. Need to have a global array of PDUs for this and need to introduce
  a new option "--eop" or "--end-of-packet". (DONE!)
- Migrate to popt (DONE)
- Implement --nocksum. Make it a flag in the PDU structure so it can be 
  specified for any PDU. (DONE)
- --only-first n (DONE)
- Ability to specify "auto" for lengths and checksums. (DONE)
- Design a way to have each PDU handle processing of its command line
  options. This should be a modular, per-PDU thing, instead of making
  options.c bigger and bigger with each new PDU. (DONE)
- Some of the PDUs require a complex specification when the PDU is
  being created on the command line (or command file.) We need
  to be able to provide on-line help that describes this complex
  specification. For example:

-------------------------- Begin example -----------------------------
$ ttt --icmpv6-router-renum help
Creates an ICMPv6 router renumbering message. Takes as parameter
a message specification that has the following format:

<code>,<sequence #>,<segment #>,max delay[,flags]

All parameters are numbers with the exception of the flags field.

flags can be: "test", "proceed", "result", "all" and "site".
They can be in any order but must be separated by ':'.

For example:

1,1,0,50000,test:proceed

1 sets the code to 1 for a Rouer Renumbering Result
1 sets the sequence number
0 sets the segment number
50000 sets the max delay in milliseconds
"test" sets the T flag - test command
"proceed" sets the P flag - Proceed previously

In this example the R, A and S flags are set to 0.
---------------------------- End example -----------------------------

- Signal handling so a Tcl command can be interrupted.

- Create a PDU Tcl object type as well as commands to handle them (done)

- Provide a way to generate a packet from a Tcl PDU object type (done)

- Provide a way to modify a generated packet (barray command?)

From Shiva:

There are a couple tools I need to write to continue analyzing the
traffic I’ve captured. Suggestions welcome:

    * I need to be able to extract HTTP payloads from a pcap. It should
    be pretty easy to re-use Wireshark’s TCP Stream reassembly to get
    the TCP layer. With that done, I could easily get the HTTP layer…
    then maybe I can hand it to some Mozilla libs to be ungzipd,
    unchuncked, etc. It would be pretty awesome if this was built into
    scapy though but to my knowledge it isn’t.

    * I need to fake DNS responses at “runtime”. I’m sure there
    are honeynet tools that do this and I could config a “malicious”
    DNS server just a easily.