IP Checksum

Home Forums Discussions Support Portal IP Checksum

This topic contains 8 replies, has 2 voices, and was last updated by  pavankvnaidu 12 years, 4 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #4931

    pavankvnaidu
    Participant

    Can anyone help me on how to do IP Checksum?

    Based on the TCPChecksum code posted in this forum, I did the following, Is this code correct?

    VOID RecalculateIPChecksum (PINTERMEDIATE_BUFFER pPacket )
    {
    unsigned short word16, padd = 0;
    unsigned int i, sum = 0;
    PUCHAR buff;
    DWORD dwIpLen;

    iphdr_ptr pIpHeader = (iphdr_ptr)&pPacket->m_IBuffer[sizeof(ether_header)];


    dwIpLen = ntohs(pIpHeader->ip_hl);
    if ( (dwIpLen/2)*2 != dwIpLen )
    {
    padd=1;
    pPacket->m_IBuffer[dwIpLen + sizeof(ether_header)] = 0;
    }

    buff = (PUCHAR)pIpHeader;
    pIpHeader->ip_sum = 0;

    for (i=0; i< dwIpLen+padd; i=i+2){
    word16 =((buff< <8)&0xFF00)+(buff[i+1]&0xFF);
    sum = sum + (unsigned long)word16;
    }

    sum = sum + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w2);
    sum = sum + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w2);

    sum = sum + (unsigned short)dwIpLen;

    while (sum>>16)
    sum = (sum & 0xFFFF)+(sum >> 16);

    sum = ~sum;

    pIpHeader->ip_sum = ntohs((unsigned short)sum);
    }
    #5761

    Vadim Smirnov
    Moderator

    Personally I use this one

    //
    // Function recalculates IP checksum
    //
    VOID
    RecalculateIPChecksum (
    iphdr_ptr pIpHeader
    )
    {
    unsigned short word16;
    unsigned int sum = 0;
    unsigned int i = 0;
    PUCHAR buff;

    // Initialize checksum to zero
    pIpHeader->ip_sum = 0;
    buff = (PUCHAR)pIpHeader;

    // Calculate IP header checksum
    for (i = 0; i < pIpHeader->ip_hl*sizeof(DWORD); i=i+2)
    {
    word16 = ((buff< <8)&0xFF00)+(buff[i+1]&0xFF);
    sum = sum+word16;
    }

    // keep only the last 16 bits of the 32 bit calculated sum and add the carries
    while (sum>>16)
    sum = (sum & 0xFFFF)+(sum >> 16);

    // Take the one’s complement of sum
    sum = ~sum;

    pIpHeader->ip_sum = htons((unsigned short) sum);
    }

    #5762

    pavankvnaidu
    Participant

    Thank you.

    #5763

    pavankvnaidu
    Participant

    hi SerpentFly,
    Can you help me??
    I am trying to create the new packet based on the original (old) packet.
    I am sending the new packet instead of old packet. The packet is now modified and received other side also. Now the problem is the system is sending old packets continuesly. I mean its in the loop. Can you please suggest me some thing?

    The following is the part of the code.

    bool bModified = false;
    INTERMEDIATE_BUFFER pNewPacket;
    ZeroMemory(&pNewPacket,sizeof(INTERMEDIATE_BUFFER));
    pNewPacket.m_IBuffer[0] = 0;
    if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
    {
    // Create a new packet
    CreateNewPacket(&PacketBuffer, &pNewPacket, bModified);
    }
    if(bModified)//if its modified
    {
    RecalculateIPChecksum(&pNewPacket);
    RecalculateTCPChecksum(&pNewPacket);
    PrintPacket(&pNewPacket);
    ETH_REQUEST newRequest;
    ZeroMemory ( &newRequest, sizeof(ETH_REQUEST) );
    newRequest.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
    newRequest.EthPacket.Buffer = &pNewPacket;
    if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
    {
    api.SendPacketToAdapter(&newRequest);
    }
    else
    {
    api.SendPacketToMstcp(&newRequest);
    }
    }
    else
    {
    PrintPacket(&PacketBuffer);
    if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
    {
    api.SendPacketToAdapter(&Request);
    }
    else
    {
    api.SendPacketToMstcp(&Request);
    }
    }
    #5764

    Vadim Smirnov
    Moderator

    Probably you modify TCP packet and do this wrong. Destination system drops your packet and don’t send ACK for it, thats why your local stack sends packet again after some timeout.

    #5765

    pavankvnaidu
    Participant

    I am not touching the ACK/SYN at all, I am modifying the ip_len and the payload only. that too, if the packet has payload then only i am modifying the packet.

    Is there any way I can drop the old packet? How can I remove it from the local stack?

    thank you.

    #5766

    pavankvnaidu
    Participant

    Hi SerpentFly,
    I found that the repetition starts after the final ack has been sent. I don’t know why its happening. for your reference, I am posting the log file here.
    In the log, System-1 is the system where I am modifying the packet. and as I mentioned earlier, I am modifying only the packets with payload.

    System-1 –>System-2
    ip_len=40
    Seq:19027, ack:28986
    Type = FIN ACK
    Identification:14987

    System-2 –>System-1
    ip_len=40
    Seq:28986, ack:19027
    Type = ACK
    Identification:61538

    System-2 –>System-1
    ip_len=40
    Seq:28986, ack:19027
    Type = FIN ACK
    Identification:61539

    System-1 –>System-2
    ip_len=40
    Seq:19027, ack:28986
    Type = ACK
    Identification:14988

    Repetition Starts here….

    System-1 –>System-2
    ip_len=40
    Seq:19027, ack:28986
    Type = ACK
    Identification:14989

    System-2 –>System-1
    ip_len=40
    Seq:28986, ack:19027
    Type = ACK
    Identification:61540

    System-1 –>System-2
    ip_len=40
    Seq:19027, ack:28986
    Type = ACK
    Identification:14990

    System-2 –>System-1
    ip_len=40
    Seq:28986, ack:19027
    Type = ACK
    Identification:61541
    ….
    ….

    #5767

    Vadim Smirnov
    Moderator

    I am not touching the ACK/SYN at all, I am modifying the ip_len and the payload only. that too, if the packet has payload then only i am modifying the packet.

    If you change length of the TCP packet then you should modify SYN/ACK fields.

    Is there any way I can drop the old packet? How can I remove it from the local stack?

    Actually you already drop the original packet, but system generates it again and again (because your invalid packet is droped by remote system).

    #5768

    pavankvnaidu
    Participant

    hi SerpentFly,
    Will it work if change SYN/ACK only for the packet that I am modifying? If I change how the system will recognise?

    I have tried this too, Its not reaching the recipient.
    I have also tried to change all the SYN/ACK but still doesn’t work.

    I will email you my code. Can you tell me where I am doing wrong?

    THank you.

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.