1 #### Packet Forger JSON Specification Rev 0.1
5 2021-10, initialized by Zhang, Qi
9 A Parse Graph is a unidirectional graph. It is consist of a set of nodes and edges. A node represent a network protocol header, and an edge represent the linkage of two protocol headers which is adjacent in the packet. An example of a parse graph have 5 nodes and 6 edges.
11 [](https://mermaid-js.github.io/mermaid-live-editor/edit#eyJjb2RlIjoiZ3JhcGggVERcbiAgICBBKChNQUMpKSAtLT4gQigoSVB2NCkpXG4gICAgQSgoTUFDKSkgLS0-IEMoKElQdjYpKVxuICAgIEIgLS0-IEQoKFRDUCkpXG4gICAgQyAtLT4gRCgoVENQKSlcbiAgICBCIC0tPiBFKChVRFApKVxuICAgIEMgLS0-IEUoKFVEUCkpXG4gICAgIiwibWVybWFpZCI6IntcbiAgXCJ0aGVtZVwiOiBcImRhcmtcIlxufSIsInVwZGF0ZUVkaXRvciI6ZmFsc2UsImF1dG9TeW5jIjp0cnVlLCJ1cGRhdGVEaWFncmFtIjpmYWxzZX0)
13 A Node or an Edge is described by a json object. There is no json representation for a parse graph, software should load all json objects of nodes and edges then build the parse graph logic in memory.
17 A json object of Node will include below properties:
21 This should always be "node".
25 This is the name of the protocol.
29 This is an array of fields in the protocol header which also imply the bit order. For example, json object of mac header as below:
53 For each field, there are properties can be defined:
57 The name of the field, typically it should be unique to all fields in the same node, except when it is "reserved".
61 Size of the field, note, the unit is "bit" but not "byte".
62 Sometime a field's size can be decided by another field's value, for example, a geneve header's "options" field's size is decided by "optlen" field's value, so we have below:
80 Since when "optlen" increases 1 which means 4 bytes (32 bits) increase of "options"'s size so the bit value should shift left 5.
84 Defined the input string format of the value, all formats are described in the section **Input Format** which also described the default format if it is not explicitly defined.
88 Defined the default value of the field when a protocol header instance is created by the node. If not defined, the default value is always 0. The default value can be overwritten when forging a packet with specific value of the field. For example, we defined the default ipv4 address as below:
100 "default" : "1.1.1.1"
106 "default" : "2.2.2.2"
113 Define if a field is read only or not, typically it will be used together with "default". For example, the version of IPv4 header should be 4 and can't be overwritten.
127 A reserved field implies it is "readonly" and should always be 0.
131 A field could be optional depends on some flag as another field. For example, the GRE header has couple optional fields.
171 "name" : "sequencenumber",
178 The expresion of an optional field can use "**&**" or "**|**" combine multiple conditions, for example for gtpu header, we have below optional fields.
206 "name" : "sequencenumber",
208 "optional" : "e=1|s=1|pn=1",
218 Some field's value cover the length of the payload or size of an optional field in the same header, so it should be auto increased during packet forging. For example the "totallength" of ipv4 header is a autoincrease feild.
227 "name" : "totallength",
230 "autoincrease" : "true",
238 A field which is autoincrease also imply its readonly.
242 Typically this should only be enabled for an optional field to trigger another field's autoincrease. For example, the gtpc's "messagelength" field cover all the data start from field "teid", so its default size is 4 bytes which cover sequencenumber + 8 reserved bit, and should be increased if "teid" exist or any payload be appended.
251 "name" : "messagelength",
254 "autoincrease" : "true",
260 "increaselength" : "true"
263 "name" : "sequencenumber",
275 This defines an array of attributes, the attribute does not define the data belongs to current protocol header, but it impact the behaviour during applying actions of an edge when the protocol header is involved. For example, a geneve node has attribute "udpport" which define the udp tunnel port, so when it is appended after a udp header, the udp header's dst port is expected to be changed to this value.
294 An attribute can only have below properties which take same effect when they are in field.
297 * size (must be fixed value)
303 A json object of Edge will include below properties:
307 This should always be "edge".
311 This is the start node of the edge.
315 This is the end node of the edge.
319 This is an array of actions the should be applied during packet forging.
320 For example, when append a ipv4 headers after a mac header, the "ethertype" field of mac should be set to "0x0800":
329 "dst" : "start.ethertype",
335 Each action should have two properties:
339 This describe the target field to set, it is formatted as <node>.<field>
340 node must be "start" or "end".
344 This describe the value to set, it could be a const value or same format as dst's.
345 For example when append a vlan header after mac, we will have below actions:
354 "dst" : "start.ethertype",
358 "dst" : "end.ethertype",
359 "src" : "start.ethertype"
366 To avoid duplication, multiple edges can be aggregate into the one json object if there actions are same. So, multiple node name can be added to **start** or **end** with seperateor "**,**".
368 For example, all ipv6 and ipv6 extention header share the same actions when append a udp header
373 "start" : "ipv6,ipv6srh,ipv6crh16,ipv6crh32",
377 "dst" : "start.nextheader",
384 Another examples is gre and nvgre share the same actions when be appanded after a ipv4 header:
392 "dst" : "start.protocol",
401 A path defines a sequence of nodes which is the input parameter for a packet forging, a packet forging should fail if the path can't be recognised as a subgraph of the parser graph.
403 A json object of a path should include below properties:
407 This should always be "path".
411 This is an array of node configurations which also imply the protocol header sequence of a packet. Below is an example to forge an ipv4 / udp packet with default value.
430 A node configuration can have below properties:
434 This is a protocol name (a node name).
438 This is an array of 3 member tuples:
442 The name of the field or attribute that belongs to the node, note a readonly field should not be selected.
446 The value to set the field or attribute.
450 This is optional, if it is not defined, corresponding bit of the mask should be set to 0, and it should be ignored for an attribute.
454 This is optional. When this json file is the input of flow adding commands, it can be used directly as the flow rule's action.
456 An example to forge a ipv4 packet with src ip address 192.168.0.1 and dst ip address 192.168.0.2, also take ip address as mask.
470 "value" : "192.168.0.1",
471 "mask" : "255.255.255.255"
475 "value" : "192.168.0.2",
476 "mask" : "255.255.255.255"
481 "actions" : "redirect-to-queue 3"
488 Every field or attribute is associated with an **Input Format**, so the software can figure out how to parse default value in the node or a config value in the path.
490 Currently we have 8 predefined format and don't support customised format.
494 accept number from 0 to 255 or hex from 0x0 to 0xff.
498 accept number from 0 to 65535 or hex from 0x0 to 0xffff.
502 accept number from 0 to 4294967295 or hex from 0x0 to 0xffffffff
506 accept number from 0 to 2^64 -1 or hex from 0x0 to 0xffffffffffffffff
510 accept xx:xx:xx:xx:xx:xx , x in hex from 0 to f
514 accept n.n.n.n , n from 0 to 255
518 accept xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, x in hex from 0 to f
524 If format is not defined for a field or attribute, the default format will be selected base on size as below, and the MSB should be ignored by software if the value exceeds the limitation.
526 | Size | Default Format |
527 | ------------- | -------------- |
533 | variable size | bytearray |
Code Review / vpp.git / blob