https://github.com/hackersmacker/etherip_bridge
EtherIP and CLAP client/server
https://github.com/hackersmacker/etherip_bridge
Last synced: 6 days ago
JSON representation
EtherIP and CLAP client/server
- Host: GitHub
- URL: https://github.com/hackersmacker/etherip_bridge
- Owner: HackerSmacker
- Created: 2025-04-09T20:22:16.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-04-10T22:38:20.000Z (10 months ago)
- Last Synced: 2025-04-10T23:29:33.882Z (10 months ago)
- Language: C
- Homepage:
- Size: 22.5 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README
Awesome Lists containing this project
README
Simple EtherIP/CLAP shim, based on the HECnet DECnet/LAT <--> UDP bridge program
--> WARNING: This program only works on Mac OS X, FreeBSD, NetBSD, OpenBSD, and Linux. */
1. What is this?
This is a program that listens on an Ethernet device in promiscious mode, checks inbound packets for the DECnet Phase IV, LAT, or both EtherType
numbers, and sends that data to a remote host using the EtherIP protocol. This, of course, also works in reverse! In addition, HSnet CLAP is
supported! This protocol is useful if you're trying to build a retro-network WAN, and you're behind NAT/you're running Cisco IOS as your edge
router and IOS is too stupid to let an arbitrary protocol through NAT. This program is capable of understanding the following protocol formats:
- Ethernet II, also called DIX Ethernet
- IEEE 802.2 with LLC
- IEEE 802.3 without LLC (802.3 Raw)
- IEEE 802.2 with LLC and SNAP
2. What is EtherIP? What is CLAP?
EtherIP is IP over Ethernet, with a minimal header. The protocol number is 97, and its header length is 2 bytes. The encapsulation is as follows:
[Ethernet II header, ethertype = IP]
[IPv4 header, protocol = 97]
[EtherIP header, header contents = X'3000']
[Ethernet II header, ethertype = DECnet or LAT]
[DECnet or LAT header]
CLAP (Combined LAN Access Protocol) is UDP-encapsulated EtherIP. This was the original purpose of my modified version of this program, and is a
multiplexing/combining NAT-aware Ethernet tunnel. The encapsulation is as follows:
[Ethernet II header, ethertype = IP]
[IPv4 header, protocol = UDP]
[UDP header, port = whatever
[EtherIP header, header contents = X'3000']
[Ethernet II header, ethertype = DECnet or LAT]
[DECnet or LAT header]
3. How do I run it?
Edit the bridge.conf, and set the "local" line to reflect the name of the Ethernet controller you wish to transceive on. Set the remotes to be
named whatever you want, but be sure you specify the remote IP in the form of IP:proto, where proto is 97 for EtherIP (but you can enter
whatever you want here for fun). Next, edit bridge.c and configure the two macros up top -- DPORT (which sets the EtherIP protocol number), and
NOBPF (which, if enabled, will ONLY support Ethernet II protocols and increase performance slightly; keep this defined to 1 unless you're on a
really slow computer).
4. What's the point?
EtherIP is a standard protocol that a variety of systems support, and this program is perfectly interoperable with FreeBSD EtherIP (gif tunnels
attached to a bridge, look it up if you don't believe me) and other EtherIP implementations that exist today.
5. Gimme some example config files!
This config does DECnet and LAT in between a bridge device on OS X/BSD and an EtherIP gateway:
local bridge100
decnetgw1 192.168.1.145:97
[decnet]
local
decnetgw1
[lat]
local
decnetgw1
Here's one that does DECnet and LAT differently:
local bridge100
decnetgw1 192.168.1.145:97
latgw1 192.168.1.146:97
[decnet]
local
decnetgw1
[lat]
local
latgw1
This should be enough documentation! To do UDP, run the program with ./bridge , and replace the 97 in the config with the remote port
number.
6. What else can this do?
The following protocol types, specified in the [brackets] in the config file, are supported:
- ip = IPv4 Ethernet II/LLC/SNAP
- ip6 = IPv6
- lat = DEC LAT and MOP
- decnet = DECnet Phase IV
- atalk = AppleTalk SNAP (NOTE: this includes AARP)
- netbios = LLC NetBIOS
- ipx = IPX, all frame formats (EII, 802.2, 802.3, SNAP)
- apollo = Apollo/Domain protocol
- xns = Xerox NS
- osi = ISO/OSI Network Layer (includes ESIS and ISIS)
- sna = IBM SNA, both Ethernet II and 802.2 (see caveat)
- arp = ARP (Ethernet II only), needed for IP and Apollo/Domain
- ax25 = AX.25 over Ethernet (BPQETHER)
- cdp = Cisco Discovery Protocol
- mpls = Multi-Protocol Label Switching
- ppp = PPPoE
7. Can this program encapsulate stuff in UDP?
Yes, it can. If you set the protocol number to ANYTHING but 97, that number will be reused for a UDP port number.
8. What's that caveat about SNA?
To be honest, I mainly wrote this program to do SNA. This program explicitly supports a "few" SAPs used by SNA, namely 0000, 0404, 0400, 0004, and
that's about it. These SAPs are what things like IBM VTAM, MS SNA Server/HIS, etc will use... but, you should be made aware that IBM CS/2 and CS/NT
both support SNA in Ethernet II. This is MUCH easier to match, because it's always a single EtherType. This will be matched with the [sna] entry
you have too, but, there's another problem! CS/2, specifically, really likes to change SAPs from anything in the 00 to 0F range! Yes, really! This
makes matching that really hard, so, I recommend you spin up a CS/NT routing node (since it does HPR routing without any issues and will do the
Ethernet II to Ethernet 802.2 translation for you).
9. What are the Ethernet frame formats?
I won't go into too much great detail, but, the Ethernet frame looks like this:
[xx:xx:xx:xx:xx:xx][xx:xx:xx:xx:xx:xx][xx:xx][rest of packet data]
Destination MAC Source MAC Type
The "type" there has a bit of a special meaning. If the type is greater than X'0400', the frame is said to be an Ethernet II (aka DIX) frame. If it's
less, the frame will be either 802.2, 802.3, or SNAP; the type will become a length value. Immediately following the type word for an EII frame is
the protocol, but an LLC header (usually) follows that. That looks like this:
[xx:xx:xx:xx:xx:xx][xx:xx:xx:xx:xx:xx][xx:xx][xx:xx:xx][rest of packet data]
Destination MAC Source MAC ----- -- -- --
| | | \__ Control
| | \_____ SSAP
| \________ DSAP
\____________ Length
The SSAP and DSAP can be interpreted together as a "word" and can be used to classify packets -- look for the RAWTYPE macros to see what some combos
of SSAP/DSAP can be for various things. The control field is not something I'm going to discuss, but, it's straight X.25 LAPB (LLC is literally
X.25 LAPB over Ethernet). Now,` because SAP numbers are very limited (and kinda go in the progression of IP subnet masks in terms of the bit-chomping),
something called SNAP (SubNetwork Access Protocol) was created. This adds extra fields to the header that ends up looking like this:
[xx:xx:xx:xx:xx:xx][xx:xx:xx:xx:xx:xx][xx:xx][xx:xx:xx][xx:xx:xx][xx:xx][rest of packet data]
Destination MAC Source MAC ----- -- -- -- -------- -----
| | | | | |
| | | | | \__ Protocol ID
| | | | \_________ Organization Code
| | | \___________________ Control = 0x03
| | \______________________ SSAP = 0xAA
| \_________________________ DSAP = 0xAA
\_____________________________ Length
Okay, that's SNAP. There's one more, the infamous Novell IPX 802.3 Raw. This is an 802.3 (which is 802.2 minus the LLC header) with the IPX packet
checksum (which, funnily enough, for Ethernet, is always X'FFFF') following the length. That looks like this:
[xx:xx:xx:xx:xx:xx][xx:xx:xx:xx:xx:xx][xx:xx][xx:xx][rest of packet data]
Destination MAC Source MAC ----- -----
| |
| \__ Checksum = 0xFFFF
\_________ Length
There you go! You now know enough to be dangerous.