SendIP

Description

SendIP is a tool which allows creating (and, of course, sending) arbitrary IP (v4 and v6) packets. Packets may have essentially any set of IPv6/IPv4 headers in essentially any order. A wide variety of header types is supported, including almost all of the defined IPv6 extension headers.

SendIP allows detailed control of all header fields, but defaults to reasonable values for those fields you are not interested in. As a simple command-line program, SendIP is trivially scriptable.

SendIP was originally written by Mike Ricketts of Project Purple. The version distributed here is based on 2.5, with numerous additions, particularly in the areas of IPv6 extension headers and IPsec support.

Documentation

SendIP manual entry

Download

Mini-FAQ

Q: What is SendIP good for? A: SendIP allows creation of IP packets with arbitrary contents. As such, it should be useful for many purposes: protocol implementation testing, firewall and IDS testing, network test gear testing, etc.

Q: What is it not good for? A: As SendIP works at the individual packet level, it is less suitable for higher-level testing, e.g., testing some new html feature. Also, as each invocation of SendIP only creates a single packet, it isn't really appropriate for stress testing, at least in isolation.

Q: Which headers and protocols are supported? A: ipv4 (including ipip, aka 4in4), ipv6 (including 6in4, 4in6 and 6in6), icmp, icmpv6, tcp, udp, bgp, rip, ripng, ntp, ah, dest, esp, frag, gre, hop, route, wesp. For more information, see the manual entry.

Q: What operating systems does SendIP run on? A: The original SendIP has support for a number of operating systems, including various versions of FreeBSD, Solaris, and Linux. The additions here have only been tested on Linux (specifically, various Fedora releases from 7 to 11); they may well work elsewhere as well, but this is totally untested.

Q: How are string arguments handled? A: Many of the header fields, and the packet data area, can be specified via the following syntax:

Q: What is the IPsec support? A: Basic creation of AH and ESP headers (and trailers, in the case of ESP) is supported. In addition, external authentication and/or encryption modules may be called, to give more realistic emulation of IPsec behavior.

Demonstration authentication and encryption modules are included, which simply xor a "key" with the appropriate packet contents; these are obviously not intended to provide any actual security, but rather as an indication of how the module interfaces work. They should suffice for some purposes, though, such as testing heuristics for identifying ESP NULL packets.

Q: Why is the Wrapped ESP (WESP) support "provisional"? A: As of this writing, WESP is still in draft form, with no real implementations to compare against. So the code will quite likely need some revision when the final RFC is issued.

Q: How "alpha" is the alpha version? A: Pretty alpha. Much of the code has not been tested yet, since we are still developing the code we were going to test it against. It compiles nicely, though.

Q: Will you make RPMs for SendIP A: Probably. There's already a spec file, so it's really just a matter of housekeeping. Perhaps when the next non-alpha version is released.

Q: What is the license for SendIP? A: The original version is distributed under the GNU General Public License (GPL) version 2, and hence this version is, too. More precisely, the code developed here, as being, in a sense, a U.S. government publication, is technically in the public domain, but since it consists of extensions to GPL code and is provided along with such code, in practice the GPL applies to it as well.



To return to the ANTD IPv6 software distribution main page:
http://www-x.antd.nist.gov/ipv6/

Point Of Contact:
webmaster@antd.nist.gov

Last update: Tue, August 13, 2010