[riot-notifications] [RIOT-OS/RIOT] shell/commands: fix, only accept proper pong response to icmpv6_echo (#12159)

Francisco notifications at github.com
Tue Sep 3 09:14:48 CEST 2019


### Contribution description

This PR fixes the Bug introduced in #11933. 

### Testing procedure

Follow the testing procedure in #11519. To test in a controlled setting follow the testing procedure sugested by @benemorius:

To test this in a controlled setting I captured and injected ping replies with a Linux node connected via a border router to a Riot node using this procedure:
1) Prepare Linux node to capture its own outgoing ping reply:
`tcpdump -i eth0 "icmp6 && ip6[40] == 129" -n -c1 -w icmp-reply.pcap`
1) Use the border router to block the genuine ping reply from reaching the Riot node:
`ip6tables -I FORWARD -o lowpan0 -p icmpv6 --icmpv6-type echo-reply -j DROP`
1) Ping Linux node from Riot node using 1 ping and a 60 second timeout:
`ping6 2001:470:4bb0:ffff::1 -c 1 -W 60000`
1) On Linux node modify the source address of the captured packet:
`tcprewrite --infile=icmp-reply.pcap --outfile=icmp-reply2.pcap --pnat=[2001:470:4bb0:ffff::1]:[2001:470:4bb0:ffff::2]`
1) On border router unblock ping replies:
`ip6tables -D FORWARD -o lowpan0 -p icmpv6 --icmpv6-type echo-reply -j DROP`
1) On Linux node send modified ping reply:
`tcpreplay --intf1=eth0 icmp-reply2.pcap`
1) Observe whether the Riot node prints the reply. It should not.
`12 bytes from 2001:470:4bb0:ffff::2 id:0xbe45/0xbe45 icmp_seq=0 ttl=63 rssi=-85 dBm time=13823.374 ms`
1) As before, block ping replies at the border router:
`ip6tables -I FORWARD -o lowpan0 -p icmpv6 --icmpv6-type echo-reply -j DROP`
1) As before, send a ping from the Riot node:
`ping6 2001:470:4bb0:ffff::1 -c 1 -W 60000`
1) As before, unblock ping replies:
`ip6tables -D FORWARD -o lowpan0 -p icmpv6 --icmpv6-type echo-reply -j DROP`
1) From the Linux node send the unmodified ping reply captured earlier:
`tcpreplay --intf1=eth0 icmp-reply.pcap`
1) Observe whether the Riot node prints the reply. It should not.
`12 bytes from 2001:470:4bb0:ffff::1 id:0xbe45/0x2e08 icmp_seq=0 ttl=63 rssi=-86 dBm time=52156.860 ms`


### Issues/PRs references

Fixes #11519
You can view, comment on, or merge this pull request online at:

  https://github.com/RIOT-OS/RIOT/pull/12159

-- Commit Summary --

  * shell/commands: fix, only accept proper pong response

-- File Changes --

    M sys/shell/commands/sc_gnrc_icmpv6_echo.c (2)

-- Patch Links --

https://github.com/RIOT-OS/RIOT/pull/12159.patch
https://github.com/RIOT-OS/RIOT/pull/12159.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/12159
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190903/d34c58aa/attachment.htm>


More information about the notifications mailing list