1

Summary

I am attempting to GRE encapsulate all traffic from server1 to server2 and I am testing this by pinging the IP address 10.1.1.1 on server2. I have also set up tcpdump on server2 to verify that the traffic is indeed being encapsulated.

However, I am observing the same behavior(I'm able to ping) before and after running the binary, which it is that the traffic is not being encapsulated.

Diagram

Server1<-.3-------->172.16.241.0<---.2-->Server2

I'm running the go code in Server1 and I'm running a ping on server1

code:

package main

import (
    "log"
    "net"

    "github.com/google/gopacket"
    "github.com/google/gopacket/layers"
    "github.com/google/gopacket/pcap"
)

func main() {
    // Open a network interface in promiscuous mode
    handle, err := pcap.OpenLive("eth0", 65535, true, pcap.BlockForever)
    if err != nil {
        log.Fatal(err)
    }
    defer handle.Close()

    // Set a capture filter that drops all packets
    err = handle.SetBPFFilter("ip")
    if err != nil {
        log.Fatal(err)
    }

    // Start capturing packets
    packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
    for packet := range packetSource.Packets() {
        // Check if the packet is an IPv4 packet
        ipv4Layer := packet.Layer(layers.LayerTypeIPv4)
        if ipv4Layer != nil {
            ipv4 := ipv4Layer.(*layers.IPv4)
            // Extract the Ethernet layer from the received packet
            ethLayer := packet.Layer(layers.LayerTypeEthernet)
            if ethLayer == nil {
                log.Printf("Error extracting Ethernet layer")
                continue
            }
            eth := ethLayer.(*layers.Ethernet)
            greLayer := &layers.GRE{
                Protocol: layers.EthernetTypeIPv4,
            }

            newIpv4 := &layers.IPv4{
                Version:  4,
                SrcIP:    net.IP{192, 168, 1, 1},
                DstIP:    net.IP{192, 168, 1, 2},
                Protocol: layers.IPProtocolGRE,
                Flags:    layers.IPv4DontFragment,
                TTL:      64,
                Id:       33852,
                IHL:      5,
            }

            // Update the checksums
            options := gopacket.SerializeOptions{
                ComputeChecksums: true,
            }
            buf := gopacket.NewSerializeBuffer()
            err := gopacket.SerializeLayers(buf, options,
                eth,
                greLayer,
                newIpv4,
                ipv4,
                gopacket.Payload(ipv4.BaseLayer.LayerPayload()),
            )
            if err != nil {
                log.Printf("Error serializing layers: %v", err)
            }

            // Send the modified packet
            err = handle.WritePacketData(buf.Bytes())
            if err != nil {
                log.Printf("Error sending packet: %v", err)
            }
        }
    }
}

It looks like the ping is not being captured.

amb1s1
  • 1,995
  • 5
  • 22
  • 26

1 Answers1

0
// Set a capture filter that drops all packets
err = handle.SetBPFFilter("ip")

The comment here is incorrect. Calling this func won't make it drop packets. (*Handle)SetBPFFilter compiles and sets a BPF filter for the pcap handle. It affects which packets will be captured by your app. Your app only get a copy of those captured packets, it won't cause the packets to be dropped by the network device. See also the answers to How do I block packets coming on port 23 on my computer?

It's simply impossible to do this with the gopacket package.

Zeke Lu
  • 6,349
  • 1
  • 17
  • 23