Expose TCP and ICMP header fields
darrenldl opened this issue · 1 comments
Context
Thread on forum
Currently I am writing a firewall library which exposes a generic functor, and I intend to use MirageOS as the primary backend. The core library remains generic in its own package while the MirageOS backend code would be distributed as another package.
Minimum requirement for basic connection tracking
Exposure of the following header fields would be required to implement the basic connection tracking code, which would be necessary for load balancing, NAT, and filtering provided by the library
- TCP header
- ACK flag
- SYN flag
- FIN flag
- RST flag
- ICMP header
- ICMP type (for tracking ping requests and replies, and ICMP errors related to established connection)
- Sequence number if ICMP type is echo request or reply (not sure if this will mess up type definitions, I can handle this on the MirageOS backend code side if this is problematic)
Good to have ones, for finer examination and filtering
- TCP header
- Sequence number and acknowledgement number
Dear @darrenldl thanks for your report. I'm curious what exactly you like to have exposed.
Reading the Tcp_packet API documentation, there is: a function to decode and encode such a packet (in the Marshal and Unmarshal submodules); the packet contains the header flags (as boolean) and sequence and acknowledgement number.
Looking at the Icmpv4_packet, the header (type and subheaders) are exposed -- e.g. sequence number is part of a subheader.
I'll close this for now, please re-open if you have concrete things that are missing.