Skip to content →

Category: Bouncer

A bouncer bounces packets it receives from clients to servers. This is useful when people want to hide their internal network topologies. In this report, we examine a very simple case of bouncer — a bouncer that only bounces ICMP requests. When it receives an ICMP echo request, it modify the packet and forward it to the server specified by the user. After receiving the echo reply packet, it again modifies the packet and finds out where to send the packet and then sends out the reply packet. Done in 2010.

Testing Bouncer

Static testing is used to test the bouncer, that is, a separate set of test cases and sample outputs are provided. And the bouncer is given the test cases and its outputs are compared with sample outputs.

A verifier is used to accomplish the above function, and another bash script is written to automate the process.

The bash script is as follows:

The verifier is as follows:

Leave a Comment

Technical Details

We define a BPF filter as “icmp and dst host <bouncer_ip>”, which filters out all none-ICMP packets and packets not destined to the bouncer. The we compile this filter and set the filter to the capture device.

When the capture device captures a packet, a process_pkt function is called to process the packet. And that is where we validate the packets and then, if the packet is valid, update
the packet and then send it out, or write the packet to a dump file.

The process of validating the packets are as follows:

  1. Validate checksum of IP header.
  2. Validate TTL of IP.
  3. Validate IP source address
  4. Validate ICMP header checksum. 
  5. Validate ICMP type and code. 

Since we write the packet to a dump file in a separate function, so a pointer to the dump file handler is passed to the processing function when the process_pkt function is called. The same method is used to pass server IP address and test mode flag.

We keep a linked list of all the ICMP echo requests. When a ICMP echo reply is received, we go through the linked list to find out where
the original echo request comes from.

The code is as follows.

bouncer.h:

process_pkt.c:

Leave a Comment

Packet Bouncer Overview

A bouncer bounces packets it receives from clients to servers. This is useful when people want to hide their internal network topologies. In this report, we examine a very simple case of bouncer — a bouncer that only bounces ICMP requests. When it receives an ICMP echo request, it modify the packet and forward it to the server specified by the user. After receiving the echo reply packet, it
again modifies the packet and finds out where to send the packet and then sends out the reply packet.

Leave a Comment