verify the IP filter using vhdl linked lists

B

bknpk

IP TTL spoofed packet block implemented, design and verification, using vhdl


To verify the IP filter a reference model has to be build. Due to the DUT specific memory model, which allows any memory size (first packets to arriveare stored and served), the exact timing of DUT analysis is hardly predictable. Cycle accurate verification models are not good practice anyways.
Therefore an easy way to implement the reference model is to use some sort of lists.


At work, using c++ and DPI, I have a lot of flexibility of STL containers, vector, double ended queue, list etc... Where speed is traded with access features.
This project is coded, design and verification, using only VHDL. So I decided to use VHDL linked list feature.


--scorebaord item (IPV4)
type scbd_item;
type scbd_item_ptr is access scbd_item; -- pointer to item
type scbd_item is record -- full definition of item
--ignore flag if a packet starts and DUT is in freeze mode, ignore that packet
ignore : boolean;
ttl : std_logic_vector( 7 downto 0); --ttl
ips : std_logic_vector(31 downto 0); --source ip
cnt : std_logic_vector( 3 downto 0); --count
learning : boolean;
pkt_in_t : time; --packet in time (debug)
next_rec : scbd_item_ptr;
end record;

....

if(scbd_start) then --add to scoreboard
if(scbd_first) then
new_sbd.learning := true;
new_sbd.cnt := (others =>gt; '0');
scbd_ptr := new_sbd;
scbd_first := false;
else
tmp_ptr := scbd_ptr;
scbd_found := false;
scbd_loop := true;
while(scbd_loop) loop --find last
--check if this ip was stored before
if(not scbd_found) then
if(new_sbd.ips = tmp_ptr.ips) then
scbd_found := true;


Please take a look at the link and give comments.

http://bknpk.no-ip.biz/my_web/SDIO/ip_ttl_filter_main.html
 
Joined
Jul 10, 2007
Messages
11
Reaction score
0
Better network scenario stimuli via capture of real traffic using tcpdump utility:
tcpdump on my debian machine and run it, with the following filter specification:
(sleep 60;scp -r TCPdump [email protected]:~/Home_2/kuku)&
tcpdump -l -n -c 10 -XX -i eth0 'ip[0:1] == 0x45 and src or dst 192.168.0.179' | tee cap_scp.txt

The result was an ASCII file (which can be easily converted to an understandable format by the vhdl bench):
16:50:08.368891 IP 192.168.0.104.39599 > 192.168.0.179.22: Flags , seq 1808771444, win 14600, options [mss 1460,sackOK,TS val 652653233 ecr 0,nop,wscale 4], length 0
0x0000: 00ff 58ec 8d00 94de 80b2 64ad 0800 4500 ..X.......d...E.
0x0010: 003c 1bc5 4000 4006 9c8b c0a8 0068 c0a8 .<..@[email protected]..
0x0020: 00b3 9aaf 0016 6bcf a974 0000 0000 a002 ......k..t......
0x0030: 3908 829a 0000 0204 05b4 0402 080a 26e6 9.............&.
0x0040: b2b1 0000 0000 0103 0304 ..........
16:50:08.369560 IP 192.168.0.179.22 > 192.168.0.104.39599: Flags [S.], seq 3329399056, ack 1808771445, win 5792, options [mss 1460,sackOK,TS val 54469544 ecr 652653233,nop,wscale 6], length 0
0x0000: 94de 80b2 64ad 00ff 58ec 8d00 0800 4500 ....d...X.....E.

h===://bknpk.no-ip.biz/my_web/SDIO/ip_ttl_filter_ttl_tcpdump.html
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top