Created attachment 400676 [details] ipv6-toolkit-2.0.ebuild http://www.si6networks.com/tools/ipv6toolkit/ This release includes: SI6 Networks IPv6 Toolkit v2.0 (Guille) * path6: New tool Added a fully-IPv6-capable traceroute tool, named path6. * script6: New tool Added a new tool which incorporates new functionality and also provides a shortcut to other existing tools. * blackhole6: New tool Added a new tool isolates IPv6 blackholes. * udp6: New tool Added a new tool that can send arbirary UDP/IPv6 packets. * All: Fix bug when reading packets lipcap "internals" together with select() would cause (at times) delays when reading packets. * All: Add support for Solaris Solaris is now a supported platform. * All: Fix bug in next hop determination A bug caused, in some scenarios, the tools to fail with "cannot find next hop". * All: Fix support for loopback interface The tools failed to set the "virtual" "Ether Proto" for packets sent on the loopback interface, and hence they were discarded. * All: Add support for domain names All tools now support domain names in their "-d" options. * addr6: Fix bug in address scope filtering A bug caused address scope filters to behave incorrectly. * addr6: Fix error in manual page Some of the long-option names were incorrect. * scan6: Fixes bug in address range computation Prefixes that were not multiple of 16 resulted in bogus address ranges. * scan6: Add support for port scanning scan6 now implements several techniques for TCP and UDP port scanning. * scan6: Add support for heuristic host scanning scan6 can now automatically infer the IID type of a target and reduce the search space accordingly (just "-d example.com/64" or "-d IPV6ADDRESS/64". * tcp6: Add TCP probe mode Probe mode allows you to employ tcp6 for simple probing (e.g., port scanning) * tcp6: Add "--open-mode" and "--close-mode" options These two options allow you to cause a TCP connection at a remote node to transition to any specific state (and hene perform e.g., FIN-WAIT-2 floods) * tcp6: Add "--data" option This options allows to set a specific TCP payload from the command-line (e.g., an HTTP "GET" command). * script6: Fix bug in get-aaaa, get-ns, and get-mx Domains that had a CNAME would be skipped. * frag6: Fix bug in Frag ID assessment Probes are now sent every 10ms rather than in batches, to minimize packet reordering. SI6 Networks IPv6 Toolkit v1.5.2 * All: Add support for GNU Debian/kfreebsd The toolkit would not build on GNU Debian/kfreebsd before this release. * tcp6: Add support for TCP/IPv6 probes tcp6 can now send TCP/IPv6 packets ("--probe-mode" option), and read the TCP response packets, if any. This can be leveraged for port scans, and miscellaneous measurements. SI6 Networks IPv6 Toolkit v1.5.1 * Fix Mac OS breakage libipv6.h had incorrect definitions for "struct tcp_hdr". SI6 Networks IPv6 Toolkit v1.5 * All: Improved the next-hop determination Since the toolkit employs libpcap (as there is no portable way to forge IPv6 addresses and do other tricks), it was relying on the user specifying a network interface ("-i" was mandatory for all tools) and that routers would send Router Advertisements on the local links. This not only was rather inconvenient for users (specifying a network interface was not warranted), but also meant that in setups where RAs where not available (e.g., manual configuration), the tools would fail. The toolkit now employs routing sockets (in BSDs) or Netlink (in Linux), and only uses "sending RAs" as a fall-back in case of failure (IPv6 not configured on the local host). * All: Improved source address selection This is closely related to the previous bullet. * All: More code moved to libipv6 More and more code was moved to libipv6 and removed to the individual tool source files. As with some of the above, this was painful and time-consuming, but was necessary -- and in the long run it will make code maintenance easier. * All: libipv6 used throughout all tools This was rather painful and non-exciting, but necessary.
Created attachment 400678 [details, diff] files/ipv6-toolkit-2.0-oui-snpn-path.patch
I've added the ebuild to our overlay, feel free to use it. https://github.com/pentoo/pentoo-overlay/tree/master/net-analyzer/ipv6toolkit
2 issues: * All file I/O in ebuilds must have an `|| die` to protect against failure. This will point out that your rmdir fails (which is actually a good thing) because of the service-names-port-numbers.csv file in it. * You're missing a blank line after the end of the src_install phase. (I just noticed 1.4.1 has the same problem) Of note, you probably don't have to worry about parameterizing the service-names-port-numbers.csv filename, because no other package is likely to provide that file. oui.txt was probably done because hwids already provides it, and iirc hwids is commonly installed on gentoo systems (pulled in by udev, i think).
(In reply to Anton Bolshakov from comment #2) > I've added the ebuild to our overlay, feel free to use it. > > https://github.com/pentoo/pentoo-overlay/tree/master/net-analyzer/ipv6toolkit As I said, we have a more decent ebuild. No, I'm not attaching it here every month. Grab it when you are ready to bump it.
I ported the ebuild over from pentoo with a lot of bug fixing. If you have any complaints please open a new bug, but I did take great care to leave notes in the 1.4.1 ebuild and the 2.0 ebuild to show what I changed and why. Thanks!
