transmission:l2tp

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Prochaine révision 		Révision précédente
transmission:l2tp [2020/11/08 19:30]
sthibaul créée 		transmission:l2tp [2025/03/30 18:47] (Version actuelle)
sthibaul voir les ZLB
Ligne 27: Ligne 27:
 ===== Travaux de la fédé ===== ===== Travaux de la fédé =====
  
-  Éventuellement les liens vers les travaux de la fédé+On travaille avec l2tpns 
 +  * https://code.ffdn.org/l2tpns/l2tpns 
 +  * https://salsa.debian.org/debian/l2tpns/-/commits/master 
 +  * https://lists.ffdn.org/wws/info/l2tpns 
 +  * https://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=both;package=l2tpns 
 +  * Ancien upstream: https://github.com/bodea/l2tpns puis http://git.sameswireless.fr/l2tpns.git et puis aussi https://sourceforge.net/projects/l2tpns/
  
 ===== Documentation ===== ===== Documentation =====
  
   * [[https://www.grenode.net/Documentation_technique/R%C3%A9seau/Collecte_xDSL/#l2tp]]   * [[https://www.grenode.net/Documentation_technique/R%C3%A9seau/Collecte_xDSL/#l2tp]]
 +
 +  * Observer les logins pap/chap:
 +
 +```
 +tcpdump -n -vvv   -i any 'udp and port 1701 and
 +   (udp[8] & 0x80) == 0 and
 +       ((udp[16] == 0xc0 or udp[16] == 0xc2) and udp[17] == 0x23)  
 +     or  ((udp[18] == 0xc0 or udp[18] == 0xc2) and udp[19] == 0x23) )'
 +```
 +
 +  * Observer les négociations en tous genre (pas de trafic ipv4, ipv6, echo, ccp, mlppp):
 +
 +```
 +sudo tcpdump -v -n -i any 'udp and port 1701 and (len <= 40 or (
 +       ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0x00 and udp[17] == 0x21) )
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0xFF and udp[17] == 0x03 and udp[18] == 0x00 and udp[19] == 0x21) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0x00 and udp[19] == 0x21) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0xFF and udp[19] == 0x03 and udp[20] == 0x00 and udp[21] == 0x21) )
 +
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0x00 and udp[17] == 0x57) )
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0xFF and udp[17] == 0x03 and udp[18] == 0x00 and udp[19] == 0x57) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0x00 and udp[19] == 0x57) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0xFF and udp[19] == 0x03 and udp[20] == 0x00 and udp[21] == 0x57) )
 +
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0x00 and udp[17] == 0x3d) )
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0xFF and udp[17] == 0x03 and udp[18] == 0x00 and udp[19] == 0x3d) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0x00 and udp[19] == 0x3d) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0xFF and udp[19] == 0x03 and udp[20] == 0x00 and udp[21] == 0x3d) )
 +
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0x80 and udp[17] == 0xfd) )
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0xFF and udp[17] == 0x03 and udp[18] == 0x80 and udp[19] == 0xfd) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0x80 and udp[19] == 0xfd) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0xFF and udp[19] == 0x03 and udp[20] == 0x80 and udp[21] == 0xfd) )
 +
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[18] == 0x9 ) )
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0xFF and udp[17] == 0x03 and udp[20] == 0x9 ) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[20] == 0x9 ) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0xFF and udp[19] == 0x03 and udp[22] == 0x9 ) )
 +
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[18] == 0xa ) )
 +   and ( not (( udp[8] & 0x40 == 0 ) and udp[16] == 0xFF and udp[17] == 0x03 and udp[20] == 0xa ) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[20] == 0xa ) )
 +   and ( not (( udp[8] & 0x40 != 0 ) and udp[18] == 0xFF and udp[19] == 0x03 and udp[22] == 0xa ) )
 +) )'
 +```
 +
 +  * Observer un tunnel en particulier:
 +
 +```
 +sudo tcpdump -v -n -i any 'udp and port 1701
 +    and ( ( ( udp[8] & 0x40 == 0 ) and udp[10] = 0 and udp[11] = 10 ) or
 +          ( ( udp[8] & 0x40 != 0 ) and udp[12] = 0 and udp[13] = 10 ) )
 +          '
 +```
 +
 +  * Observer une session en particulier:
 +
 +```
 +sudo tcpdump -v -n -i any 'udp and port 1701
 +    and ( ( ( udp[8] & 0x40 == 0 ) and udp[12] = 0 and udp[13] = 123 ) or
 +          ( ( udp[8] & 0x40 != 0 ) and udp[14] = 0 and udp[15] = 123 ) )
 +          '
 +```
 +
 +  * Observer le dhcpv6:
 +
 +```
 +sudo tcpdump -v -n -i any 'udp and port 1701
 +    and (    ( ( udp[8] & 0x40 != 0 ) and udp[18] == 0x00 and udp[19] == 0x57 and udp[26] == 0x11 and udp[60] == 0x2 and ( udp[61] == 0x22 or udp[61] == 0x23 ) )
 +          or ( ( udp[8] & 0x40 == 0 ) and udp[16] == 0x00 and udp[17] == 0x57 and udp[24] == 0x11 and udp[58] == 0x2 and ( udp[59] == 0x22 or udp[59] == 0x23 ) ) )
 +          '
 +
 +```
 +
 +  * Observer les RS/RA:
 +
 +```
 +sudo tcpdump -v -n -i any 'udp and port 1701
 +    and (    ( ( udp[8] & 0x40 != 0 ) and udp[18] == 0x00 and udp[19] == 0x57 and udp[26] == 58 and ( udp[60] == 134 or udp[60] == 133 ) )
 +          or ( ( udp[8] & 0x40 == 0 ) and udp[16] == 0x00 and udp[17] == 0x57 and udp[24] == 58 and ( udp[58] == 134 or udp[58] == 133 ) ) )
 +          '
 +```
 +
  • transmission/l2tp.1604860241.txt.gz
  • Dernière modification: 2020/11/08 19:30
  • de sthibaul