IP Checksum

Home Forums Discussions Support IP Checksum

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #4931
    pavankvnaidu
    Participant

      Can anyone help me on how to do IP Checksum?

      Based on the TCPChecksum code posted in this forum, I did the following, Is this code correct?

      VOID RecalculateIPChecksum (PINTERMEDIATE_BUFFER pPacket )
      {
      unsigned short word16, padd = 0;
      unsigned int i, sum = 0;
      PUCHAR buff;
      DWORD dwIpLen;

      iphdr_ptr pIpHeader = (iphdr_ptr)&pPacket->m_IBuffer[sizeof(ether_header)];


      dwIpLen = ntohs(pIpHeader->ip_hl);
      if ( (dwIpLen/2)*2 != dwIpLen )
      {
      padd=1;
      pPacket->m_IBuffer[dwIpLen + sizeof(ether_header)] = 0;
      }

      buff = (PUCHAR)pIpHeader;
      pIpHeader->ip_sum = 0;

      for (i=0; i< dwIpLen+padd; i=i+2){
      word16 =((buff<<8)&0xFF00)+(buff[i+1]&0xFF);
      sum = sum + (unsigned long)word16;
      }

      sum = sum + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w2);
      sum = sum + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w2);

      sum = sum + (unsigned short)dwIpLen;

      while (sum>>16)
      sum = (sum & 0xFFFF)+(sum >> 16);

      sum = ~sum;

      pIpHeader->ip_sum = ntohs((unsigned short)sum);
      }
      #5761
      Vadim Smirnov
      Keymaster

        Personally I use this one

        //
        // Function recalculates IP checksum
        //
        VOID
        RecalculateIPChecksum (
        iphdr_ptr pIpHeader
        )
        {
        unsigned short word16;
        unsigned int sum = 0;
        unsigned int i = 0;
        PUCHAR buff;

        // Initialize checksum to zero
        pIpHeader->ip_sum = 0;
        buff = (PUCHAR)pIpHeader;

        // Calculate IP header checksum
        for (i = 0; i < pIpHeader->ip_hl*sizeof(DWORD); i=i+2)
        {
        word16 = ((buff<<8)&0xFF00)+(buff[i+1]&0xFF);
        sum = sum+word16;
        }

        // keep only the last 16 bits of the 32 bit calculated sum and add the carries
        while (sum>>16)
        sum = (sum & 0xFFFF)+(sum >> 16);

        // Take the one’s complement of sum
        sum = ~sum;

        pIpHeader->ip_sum = htons((unsigned short) sum);
        }

        #5762
        pavankvnaidu
        Participant

          Thank you.

          #5763
          pavankvnaidu
          Participant

            hi SerpentFly,
            Can you help me??
            I am trying to create the new packet based on the original (old) packet.
            I am sending the new packet instead of old packet. The packet is now modified and received other side also. Now the problem is the system is sending old packets continuesly. I mean its in the loop. Can you please suggest me some thing?

            The following is the part of the code.

            bool bModified = false;
            INTERMEDIATE_BUFFER pNewPacket;
            ZeroMemory(&pNewPacket,sizeof(INTERMEDIATE_BUFFER));
            pNewPacket.m_IBuffer[0] = 0;
            if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
            {
            // Create a new packet
            CreateNewPacket(&PacketBuffer, &pNewPacket, bModified);
            }
            if(bModified)//if its modified
            {
            RecalculateIPChecksum(&pNewPacket);
            RecalculateTCPChecksum(&pNewPacket);
            PrintPacket(&pNewPacket);
            ETH_REQUEST newRequest;
            ZeroMemory ( &newRequest, sizeof(ETH_REQUEST) );
            newRequest.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
            newRequest.EthPacket.Buffer = &pNewPacket;
            if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
            {
            api.SendPacketToAdapter(&newRequest);
            }
            else
            {
            api.SendPacketToMstcp(&newRequest);
            }
            }
            else
            {
            PrintPacket(&PacketBuffer);
            if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
            {
            api.SendPacketToAdapter(&Request);
            }
            else
            {
            api.SendPacketToMstcp(&Request);
            }
            }
            #5764
            Vadim Smirnov
            Keymaster

              Probably you modify TCP packet and do this wrong. Destination system drops your packet and don’t send ACK for it, thats why your local stack sends packet again after some timeout.

              #5765
              pavankvnaidu
              Participant

                I am not touching the ACK/SYN at all, I am modifying the ip_len and the payload only. that too, if the packet has payload then only i am modifying the packet.

                Is there any way I can drop the old packet? How can I remove it from the local stack?

                thank you.

                #5766
                pavankvnaidu
                Participant

                  Hi SerpentFly,
                  I found that the repetition starts after the final ack has been sent. I don’t know why its happening. for your reference, I am posting the log file here.
                  In the log, System-1 is the system where I am modifying the packet. and as I mentioned earlier, I am modifying only the packets with payload.

                  System-1 –>System-2
                  ip_len=40
                  Seq:19027, ack:28986
                  Type = FIN ACK
                  Identification:14987

                  System-2 –>System-1
                  ip_len=40
                  Seq:28986, ack:19027
                  Type = ACK
                  Identification:61538

                  System-2 –>System-1
                  ip_len=40
                  Seq:28986, ack:19027
                  Type = FIN ACK
                  Identification:61539

                  System-1 –>System-2
                  ip_len=40
                  Seq:19027, ack:28986
                  Type = ACK
                  Identification:14988

                  Repetition Starts here….

                  System-1 –>System-2
                  ip_len=40
                  Seq:19027, ack:28986
                  Type = ACK
                  Identification:14989

                  System-2 –>System-1
                  ip_len=40
                  Seq:28986, ack:19027
                  Type = ACK
                  Identification:61540

                  System-1 –>System-2
                  ip_len=40
                  Seq:19027, ack:28986
                  Type = ACK
                  Identification:14990

                  System-2 –>System-1
                  ip_len=40
                  Seq:28986, ack:19027
                  Type = ACK
                  Identification:61541
                  ….
                  ….

                  #5767
                  Vadim Smirnov
                  Keymaster

                    I am not touching the ACK/SYN at all, I am modifying the ip_len and the payload only. that too, if the packet has payload then only i am modifying the packet.

                    If you change length of the TCP packet then you should modify SYN/ACK fields.

                    Is there any way I can drop the old packet? How can I remove it from the local stack?

                    Actually you already drop the original packet, but system generates it again and again (because your invalid packet is droped by remote system).

                    #5768
                    pavankvnaidu
                    Participant

                      hi SerpentFly,
                      Will it work if change SYN/ACK only for the packet that I am modifying? If I change how the system will recognise?

                      I have tried this too, Its not reaching the recipient.
                      I have also tried to change all the SYN/ACK but still doesn’t work.

                      I will email you my code. Can you tell me where I am doing wrong?

                      THank you.

                    Viewing 9 posts - 1 through 9 (of 9 total)
                    • You must be logged in to reply to this topic.