| 1 | Local unprivileged testing machinery |
| 2 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 3 | |
| 4 | This directory contains some random utilities I've found useful for |
| 5 | testing Secnet. It lets me run two (or more) instances on a single |
| 6 | machine, and get them to exchange keys and transmit packets, all as an |
| 7 | unprivileged user. |
| 8 | |
| 9 | This isn't standalone: other tools are needed to make it work. |
| 10 | Dependencies are described along with the tools they're needed by. |
| 11 | |
| 12 | * mk-sshv1-rsapriv KEYRING TAG OUT: converts a Catacomb format RSA |
| 13 | private key, in the given KEYRING with the given TAG, writing a file |
| 14 | OUT in the SSH v1 format wanted by Secnet. This needs my Catacomb |
| 15 | library, https://git.distorted.org.uk/~mdw/catacomb/, and the Python |
| 16 | bindings, https://git.distorted.org.uk/~mdw/catacomb-python/. If |
| 17 | you have some other way of generating RSA private keys in the right |
| 18 | format, then you don't need this stuff. |
| 19 | |
| 20 | * mkping FROM-NAME FROM-ADDR TO-NAME TO-ADDR OUT: formats an IPv4 ICMP |
| 21 | echo request packet with source and destination addresses FROM-ADDR |
| 22 | and TO-ADDR respectively, with payload a simple string containing |
| 23 | FROM-NAME and TO-NAME, and writes it to OUT, which may be `-' for |
| 24 | standard output. This requires the Python `ImpactPacket' library, |
| 25 | available in Debian as `python-impacket'. |
| 26 | |
| 27 | * fake-userv-ipif: is a call-compatible drop-in for `userv', but uses |
| 28 | the `tripe-uslip' program instead. To use it, configure a |
| 29 | `userv-ipif' netlink with userv-path = "./fake-userv-ipif", and |
| 30 | service-name = "SOCKET", where SOCKET names a Unix-domain socket to |
| 31 | use as the fake network interface. Secnet will start `tripe-uslip' |
| 32 | and use it as its tunnel device, and you can send and receive |
| 33 | packets with tripe-uslip -p SOCKET <IN and tripe-uslip -g SOCKET |
| 34 | >OUT respectively. I find this useful with `mkping' above to |
| 35 | generate packets, and `xxd' to inspect them. `tripe-uslip' is part |
| 36 | of TrIPE, https://git.distorted.org.uk/~mdw/tripe/. |
| 37 | |
| 38 | There are also pieces of configuration in a fairly random state. |
| 39 | They'll need tweaking to set up your particular test. |
| 40 | |
| 41 | mdw, 2017-07-13 |