Enable IP Spoofing on Unix machines

Enabling IP Spoofing on Unix or Linux machines

Configuring multiple IP addresses on a Windows NT or Unix machine must be done manually on the injector machine. You cannot enable IP Spoofing using the script’s Runtime Settings. To enable this feature, add the web_set_sockets_option() function to your script.

This document describes how to configure a Unix or Linux machine in order to support multiple IP addresses; there is also a detailed description of the web_set_sockets_option() function.

Enabling multiple IP addresses on a Solaris or Linux machine

With Solaris or Linux, it is possible to configure multiple IP addresses for a single physical interface. This allows a machine with a single ethernet card to appear as an entire network of different machines. In order to configure the lance Ethernet (le0) device to support more than one IP address, do the following:

1. Create entries in /etc/hosts for each hostname your physical machine will appear to be.

128.195.10.31 myhost

128.195.10.46 myhost2

128.195.10.78 myhost3

2. Create /etc/hostname.le0:n files that contain the hostname for the virtual host.

Note: hostname.le0:0 is the same as hostname.le0.

/etc/hostname.le0 (Contains name myhost)

/etc/hostname.le0:1 (Contains name myhost2)

/etc/hostname.le0:2 (Contains name myhost3)

The above changes will cause the virtual hosts to be configured at boot time.

You can also directly enable or modify a logical hosts configuration by running ifconfig directly on one of the logical hosts by using the le0:n naming scheme.

Solaris:

% ifconfig le0:1 up

% ifconfig le0:1 129.153.76.72

% ifconfig le0:1 down

Linux:

ifconfig eth0:1 <new ip> netmask <netmask>

Example:

ifconfig eth0:1 129.153.76.72 netmask <netmask>

Note:

If you are using a 100 MB card you should replace le0 with hme0.

Enabling multiple IP addresses on a HP machine

HP 10.20

In order to enable multiple IP addresses on an HP 10.20 machine, you need to first install the patch PHNE_12492. This patch enables the ifalias command. In order to add an IP address, use the ifalias command with the following parameters:

ifalias net_device_name add ip_address

Example:

If the machine network device is lan0 and you would like to add the IP address 199.203.78.5, the following command should be used:

ifalias lan0 add 199.203.78.5

In order to remove the same IP address, when done, use the following:

ifalias lan0 delete 199.203.78.5

Limitations:

You can only add addresses from the same net as the card’s real address. This limitation does not exist in 10.30 method.

Enabling IP Spoofing from a script

IP Spoofing cannot be enabled via a script’s Runtime Settings. It can only be enabled by adding the web_set_sockets_option() function to the script.

int web_set_sockets_option ( const char *mpszOptionID, const char * pszOptionValue );

mpszOptionID — The option whose value you want to set.

pszOptionValue — The value of the specified option.

The web_set_sockets_option function sets a socket option.

The following options are supported:

LOAD_VERIFY_FILE: Load the certificate file in PEM-format.

DEFAULT_VERIFY_PATH: The directory of the PEM-format certificate file.

SSL_VERSION: The SSL version: 2, 3, 2 and 3, TLS.

SSL_CIPHER_LIST: A list of supported SSL ciphers.

SO_REUSE_ADDRESS: Allows a port to be reused.

USER_IP_ADDRESS: Allows the client IP address [and port number] to be set.

IP_ADDRESS_BY_INDEX: Set a machine with a registered IP address by its index.

Example:

The web_set_sockets_option() function sets the IP address "129.33.44.01" to the Vuser:

web_set_sockets_option ("USER_IP_ADDRESS", "129.33.44.06");

To enable a unique IP address for each Vuser, you can parameterize the script, in the following way:

1. Create a parameter file called "IP" that contains the list of the configured IP addresses on the injector machine.

Example:

IP

129.33.44.01

129.33.44.02

129.33.44.03

129.33.44.04

2. Use the web_set_sockets_option function in the following way:

web_set_sockets_option ("USER_IP_ADDRESS", "{IP}");

As the web_set_sockets_option function does parameterization itself, there is no need to use lr_eval_string("{IP}") as the second parameter for the function.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s