Add ICMP checksum check and set risk if mismatch detected.add/icmp-tunnel-chksm-risk

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2022-03-01 13:28:28 +0100
committer: Toni Uhlig <matzeton@googlemail.com> 2022-03-02 12:07:51 +0100
commit: d7657dd1d41a5f8ec5ce0fc53a9a91b48472dfce (patch)
tree: c6d1500792b187e8997277391b80e7035ae53376 /src/lib/ndpi_utils.c
parent: 61a3c2eb5b3cac0f36a1bfadc5261b7694d3bfab (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 8cbc2e2df..26bd348cb 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -2295,6 +2295,33 @@ float ndpi_entropy(u_int8_t const * const buf, size_t len) {
   return entropy;
 }
 
+/* ******************************************************************** */
+
+u_int16_t ndpi_calculate_icmp4_checksum(u_int8_t const * const buf, size_t len) {
+  u_int16_t const * sbuf = (u_int16_t *)buf;
+  u_int32_t checksum = 0;
+
+  /*
+   * The first two bytes of the icmp header are required.
+   * The next two bytes is the checksum, which we want to ignore.
+   */
+  checksum += *sbuf++; len -= 2; /* icmp->type, icmp->code */
+  sbuf++; len -= 2; /* icmp->checksum */
+
+  for (; len > 1; len -= 2) {
+    checksum += *sbuf++;
+  }
+
+  if (len == 1) {
+    checksum += *(u_int8_t *)sbuf;
+  }
+
+  checksum = (checksum >> 16) + (checksum & 0xFFFF);
+  checksum += (checksum >> 16);
+
+  return ~checksum;
+}
+
 /* ******************************************* */
 
 char* ndpi_get_flow_name(struct ndpi_flow_struct *flow) {
author	Toni Uhlig <matzeton@googlemail.com>	2022-03-01 13:28:28 +0100
committer	Toni Uhlig <matzeton@googlemail.com>	2022-03-02 12:07:51 +0100
commit	d7657dd1d41a5f8ec5ce0fc53a9a91b48472dfce (patch)
tree	c6d1500792b187e8997277391b80e7035ae53376 /src/lib/ndpi_utils.c
parent	61a3c2eb5b3cac0f36a1bfadc5261b7694d3bfab (diff)