[tor-commits] [spec/master] Update the specifications of DNS and Scapy

commit 7c59c2fb301e79803db8ff5fb339e45d37e8da77 Author: Arturo Filastò arturo@filasto.net Date: Wed Jan 27 13:04:55 2016 +0100

Update the specifications of DNS and Scapy --- data-formats/df-002-dnst.md | 268 ++++++++++++------ data-formats/df-003-scapy.md | 661 ++++++++++++++++++++++++++++++++++++------- 2 files changed, 748 insertions(+), 181 deletions(-)

diff --git a/data-formats/df-002-dnst.md b/data-formats/df-002-dnst.md index a3e7909..4e1ac26 100644 --- a/data-formats/df-002-dnst.md +++ b/data-formats/df-002-dnst.md @@ -1,6 +1,6 @@ # DNSTest template data format

-Data Format Version: df-001-dnst-000 +Data Format Version: 0.2.0

This is the specification of the data format that every test that is based on ooni.templates.dnst.DNSTest shall be using. @@ -10,97 +10,193 @@ data format.

## Specification

- queries: - `list` of DNS query and answers for this testing session +``` +"queries": [ + { + "failure": "null or a string representing the failure",

-Every DNS query is formatted as follows: + "hostname": + "The hostname used in the DNS query. For PTR lookups this will be the reversed " + "ipv4 address in the form: xxx.xxx.xxx.xxx.in-addr.arpa.",

- addrs: - `list` present if the DNS query is question is of A type and will include - the IPv4 addresses of the answer. + "query_type": "A | MX | PTR | SOA",

- answers: - - [`string` representation of the Resource Record of the answer (repr), - `string` representation of the answer payload (python repr)] - - [etc. etc.] + "resolver_hostname": + "The hostname of the DNS resolver being used",

- query: - `string` that is the representation (python repr) of the DNS querie(s) - that where performed. - This string can be passed to an instance of `twisted.names.client.Resolver` - and it will reproduce the DNS query of this report. - The Query object is described in `twisted.names.dns.Query`. + "resolver_port": + "The port of the DNS resolver being used"

- query_type: - `string` the name of the DNS query that is being performed. + "answers": [ + { + "answer_type": "A | MX | PTR | SOA | CNAME",

- resolver: [`string` resolver IP address, `int` resolver port number] + "ipv4": + "(only for A answers) The dotted quad of the IPV4 address",

-## Example output + "ttl": "The ttl of the Returned resource record", + + "hostname": + "(only for PTR, SOA and CNAME answers)" + "For PTR lookups it is the hostname that points back to the queried IP." + "For CNAME lookups it is the hostname of the alias for the IP." + "For SOA answers it is the hostname of the nameserver " + "responsible for the data of this zone." + + "responsible_name": + "(only for SOA answers) The mailbox of the person responsible " + "for this zone." + + "serial_number": + "(only for SOA answers) Version number of the original copy of " + "the zone." + + "refresh_interval": + "(only for SOA answers) The time interval before which this " + "zone should be refreshed." + + "retry_interval": + "(only for SOA answers) The time interval that should be " + "elapsed before the zone should be retried in case of failure."

- input: example.com - queries: - - addrs: [203.0.113.2] - answers: - - [<RR name=example.com type=A class=IN ttl=2562s auth=False>, <A address=203.0.113.2 - ttl=2562>] - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: *id001 - - addrs: [203.0.113.2] - answers: - - [<RR name=example.com type=A class=IN ttl=7200s auth=False>, <A address=203.0.113.2 - ttl=7200>] - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.3, 53] - - addrs: [203.0.113.2] - answers: - - [<RR name=example.com type=A class=IN ttl=4007s auth=False>, <A address=203.0.113.2 - ttl=4007>] - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.4, 53] - - addrs: [203.0.113.2] - answers: - - [<RR name=example.com type=A class=IN ttl=7200s auth=False>, <A address=203.0.113.2 - ttl=7200>] - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.5, 53] - - addrs: [203.0.113.2] - answers: - - [<RR name=example.com type=A class=IN ttl=7200s auth=False>, <A address=203.0.113.2 - ttl=7200>] - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.6, 53] - - addrs: [203.0.113.2] - answers: - - [<RR name=example.com type=A class=IN ttl=7200s auth=False>, <A address=203.0.113.2 - ttl=7200>] - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.7, 53] - - addrs: [203.0.113.2] - answers: - - [<RR name=example.com type=A class=IN ttl=7200s auth=False>, <A address=203.0.113.2 - ttl=7200>] - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.8, 53] - - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.9, 53] - - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.1, 53] - - failure: deferred_timeout_error - query: '[Query(''example.com'', 1, 1)]' - query_type: A - resolver: [203.0.113.10, 53] - test_name: test_a_lookup - test_runtime: 2.6424369812011719 - test_started: 1357167921.0688701 - ... + "minimum_ttl": + "(only for SOA answers) The minimum ttl to be exported with " + "any record from this zone." + + "expiration_limit": + "(only for SOA answers) The time after which this zone should " + "no longer be authoritative." + } + ], + + + } +] +``` + +## Example output

+``` +{ + "bucket_date": "2015-11-23", + "data_format_version": "0.2.0", + "id": "e6f6257f-e7c2-48fa-8345-b7ed055ab1d2", + "input": "198.175.124.185", + "options": [ + "-f", + "citizenlab-urls-global.txt", + "-T", + "dns-server-jo.txt" + ], + "probe_asn": "AS8376", + "probe_cc": "JO", + "probe_ip": "127.0.0.1", + "report_filename": "2015-11-23/20151123T161428Z-JO-AS8376-dns_consistency-F1KI1WusW4c1T6OGyQDgHJjaSQ1bfpqV2G39bpmuHiLAJnse8R1F44vdRuTz6nO4-0.1.0-probe.json", + "report_id": "F1KI1WusW4c1T6OGyQDgHJjaSQ1bfpqV2G39bpmuHiLAJnse8R1F44vdRuTz6nO4", + "software_name": "ooniprobe", + "software_version": "1.3.1", + "test_helpers": { + "backend": "8.8.8.8:53" + }, + "input_hashes": [ + "0055f0881fba857d8b48123017d7aec83014e89f057e44b66107f657ec5e2eab" + ], + "probe_city": null, + "backend_version": "1.1.4", + "test_keys": { + "control_resolver": "8.8.8.8:53", + "errors": { + "212.118.0.1": "no_answer", + "212.118.0.2": "no_answer", + "212.38.128.3": "dns_lookup_error", + "217.144.6.6": "no_answer", + "8.8.8.8:53": "no_answer", + "80.90.160.135": "dns_lookup_error", + "80.90.160.172": "dns_lookup_error", + "81.28.112.2": "dns_lookup_error" + }, + "failed": [ + "80.90.160.172", + "8.8.8.8:53", + "212.118.0.2", + "80.90.160.135", + "212.38.128.3", + "212.118.0.1", + "217.144.6.6", + "81.28.112.2" + ], + "queries": [ + { + "answers": [], + "failure": "no_answer", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "8.8.8.8", + "resolver_port": 53 + }, + { + "answers": [], + "failure": "deferred_timeout_error", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "212.38.128.3", + "resolver_port": 53 + }, + { + "answers": [], + "failure": "no_answer", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "217.144.6.6", + "resolver_port": 53 + }, + { + "answers": [], + "failure": "deferred_timeout_error", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "81.28.112.2", + "resolver_port": 53 + }, + { + "answers": [], + "failure": "deferred_timeout_error", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "80.90.160.135", + "resolver_port": 53 + }, + { + "answers": [], + "failure": "deferred_timeout_error", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "80.90.160.172", + "resolver_port": 53 + }, + { + "answers": [], + "failure": "no_answer", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "212.118.0.1", + "resolver_port": 53 + }, + { + "answers": [], + "failure": "no_answer", + "hostname": "198.175.124.185", + "query_type": "A", + "resolver_hostname": "212.118.0.2", + "resolver_port": 53 + } + ], + "start_time": 1448291668.0, + "successful": [] + }, + "test_name": "dns_consistency", + "test_runtime": 0.0837070942, + "test_start_time": "2015-11-23 16:14:28", + "test_version": "0.6" +} +``` diff --git a/data-formats/df-003-scapy.md b/data-formats/df-003-scapy.md index c1db4fb..cae1972 100644 --- a/data-formats/df-003-scapy.md +++ b/data-formats/df-003-scapy.md @@ -1,113 +1,586 @@ # ScapyTest data format

-Data Format Version: df-003-scapy-000 +Data Format Version: 0.2.0

This specifies the data format for tests that are based on ooni.templates.scapyt.ScapyTest.

## Specification

- answer_flags: - `list` of options that are set for determining how to understand if a - received packet is answer to a sent packet (these only apply to ICMP - messages) +**sent_packets** are the packets that have been generated and sent over the +network by the probe.

- 'ipsrc' means that we check to see if the src and destination ports in - the ICMP IP citation match. +**answered_packets** are the packets that match up as answers according to the +rules defined in the **answers_flags** options.

- 'ipid' means that we look at the IPID in the response to match it up - to sent packets. +``` +{ + "answer_flags": [ + "List of options that are set for determining how to understand if a" + "received packet is answer to a sent packet (these only apply to ICMP" + "messages)"

- 'seqack' means that we check if TCP sequence number and ACK match in - the ICMP citation when processing TCP inside of ICMP. + "'ipsrc' means that we check to see if the src and destination ports in" + "the ICMP IP citation match."

- sent_packets: - This contains the list of packets that have been sent. + "'ipid' means that we look at the IPID in the response to match it up" + "to sent packets."

- - raw_packet: - `string` BASE64Encoding of packet the packet inclusive of IP - headers + "'seqack' means that we check if TCP sequence number and ACK match in" + "the ICMP citation when processing TCP inside of ICMP."

- summary: - `string` human readable representation of the packet as is the - output of scapy.packet.summary(). - - - etc. etc. - - answered_packets: - This contains the list of packets that are considered to be the - answer of the above sent packets. - - - raw_packet: - `string` BASE64Encoding of packet the packet inclusive of IP - headers - - summary: - `string` human readable representation of the packet as is the - output of scapy.packet.summary(). - - - etc. etc. + ], + "answered_packets": [ + { + "raw_packet": { + "data": "Encoding of packet the packet inclusive of IP header. " + "The type of encoding is specified in the format field." + "format": "The encoding of the data field. Currently only supports base64." + }, + "summary": + "A human readable representation of the packet as is the output " + "of repr on the scapy.packet object." + }, + ], + "sent_packets": [ + { + "raw_packet": { + "data": "Encoding of packet the packet inclusive of IP header. " + "The type of encoding is specified in the format field." + "format": "The encoding of the data field. Currently only supports base64." + }, + "summary": + "A human readable representation of the packet as is the output " + "of repr on the scapy.packet object." + }, + ], +} +```

## Example output

- answer_flags: [ipsrc] - answered_packets: - - - raw_packet: !!binary | - RQAAqI08AACAATC61Lw2eX8AAAELACiDAAAAAEUAABzCJ0AAARGEQMCosIAuppOaG2gBuwAIr1EA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIACQ/gAIAQFM9wEB - summary: IP / ICMP 212.188.54.121 > 127.0.0.1 time-exceeded ttl-zero-during-transit - / IPerror / UDPerror / Padding - - - raw_packet: !!binary | - RQAAqI09AACAAUoF1LwdLX8AAAELACiDAAAAAEUAABzCJ0AAARGEQMCosIAuppOaG2gBuwAIr1EA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIACL1wAIAQFSHgEB - summary: IP / ICMP 212.188.29.45 > 127.0.0.1 time-exceeded ttl-zero-during-transit - / IPerror / UDPerror / Padding - - - raw_packet: !!binary | - RQAAOI0+AACAAUn71Lwdpn8AAAELACiDAAAAAEUAABzCJ0AAARGEQMCosIAuppOaG2gBuwAIr1E= - summary: IP / ICMP 212.188.29.166 > 127.0.0.1 time-exceeded ttl-zero-during-transit - / IPerror / UDPerror - - - raw_packet: !!binary | - RQAAqI0/AACAAUrm1LwcSn8AAAELACiDAAAAAEUAABzCJ0AAARGEQMCosIAuppOaG2gBuwAIr1EA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIACLtwAIAQFOPgUB - summary: IP / ICMP 212.188.28.74 > 127.0.0.1 time-exceeded ttl-zero-during-transit - / IPerror / UDPerror / Padding - - - raw_packet: !!binary | - RQAAOI1BAACAAT4U1Lwpin8AAAELACiDAAAAAEUAABzCJ0AAARGEQMCosIAuppOaG2gBuwAIr1E= - summary: IP / ICMP 212.188.41.138 > 127.0.0.1 time-exceeded ttl-zero-during-transit - / IPerror / UDPerror - - - raw_packet: !!binary | - RQAAOI1CAACAAYzr2cfVpn8AAAELACiDAAAAAEUAABzCJ0AAARGEQMCosIAuppOaG2gBuwAIr1E= - summary: IP / ICMP 217.199.213.166 > 127.0.0.1 time-exceeded ttl-zero-during-transit - / IPerror / UDPerror - - - raw_packet: !!binary | - RQAAOI1DAACAAXqrLqaTB38AAAELACiDAAAAAEUAABzCJ0AAARGEQMCosIAuppOaG2gBuwAIr1E= - summary: IP / ICMP 46.166.147.7 > 127.0.0.1 time-exceeded ttl-zero-during-transit - / IPerror / UDPerror - sent_packets: - - - raw_packet: !!binary | - RQAAHH1NAAABEftCfwAAAS6mk5obaAG7AAiheQ== - summary: IP / UDP 127.0.0.1:7016 > 46.166.147.154:https - - - raw_packet: !!binary | - RQAAHG71AAACEQibfwAAAS6mk5obaAG7AAiheQ== - summary: IP / UDP 127.0.0.1:7016 > 46.166.147.154:https - - - raw_packet: !!binary | - RQAAHAUlAAADEXFrfwAAAS6mk5obaAG7AAiheQ== - summary: IP / UDP 127.0.0.1:7016 > 46.166.147.154:https - - - raw_packet: !!binary | - RQAAHBqUAAAEEVr8fwAAAS6mk5obaAG7AAiheQ== - summary: IP / UDP 127.0.0.1:7016 > 46.166.147.154:https - - - raw_packet: !!binary | - RQAAHPuMAAAFEXkDfwAAAS6mk5obaAG7AAiheQ== - summary: IP / UDP 127.0.0.1:7016 > 46.166.147.154:https - - - raw_packet: !!binary | - RQAAHK4cAAAGEcVzfwAAAS6mk5obaAG7AAiheQ== - summary: IP / UDP 127.0.0.1:7016 > 46.166.147.154:https - - - raw_packet: !!binary | - RQAAHFyiAAAHERXufwAAAS6mk5obaAG7AAiheQ== - summary: IP / UDP 127.0.0.1:7016 > 46.166.147.154:https +``` +{ + "bucket_date": "2015-11-13", + "data_format_version": "0.2.0", + "id": "ea9f588b-49ca-4261-babf-0111307877c4", + "input": null, + "options": [], + "probe_asn": "AS8048", + "probe_cc": "VE", + "probe_ip": "127.0.0.1", + "report_filename": "2015-11-13/20151113T104654Z-VE-AS8048-multi_protocol_traceroute-iq0hFnbx4ex7bAvysJBenb9uJAuh7LT02BhDrvIhK6Lpwe7PdCvJ7BHFzm4voYe7-0.1.0-probe.json", + "report_id": "iq0hFnbx4ex7bAvysJBenb9uJAuh7LT02BhDrvIhK6Lpwe7PdCvJ7BHFzm4voYe7", + "software_name": "ooniprobe", + "software_version": "1.3.1", + "test_helpers": { + "backend": "213.138.109.232" + }, + "backend_version": "1.1.4", + "input_hashes": [], + "probe_city": null, + "test_keys": { + "answer_flags": [ + "ipsrc" + ], + "answered_packets": [ + { + "raw_packet": { + "data": "RcAAOFqPAAAwAeD/1Ypt6AoAAQQDA6VKAAAAAEUAABxEnwAAAREmvAoAAQTVim3oXIYAFgAI+w0=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0xc0 len=56 id=23183 flags= frag=0L ttl=48 proto=icmp chksum=0xe0ff src=213.138.109.232 dst=10.0.1.4 options=[] |<ICMP type=dest-unreach code=port-unreachable chksum=0xa54a unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=17567 flags= frag=0L ttl=1 proto=udp chksum=0x26bc src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=23686 dport=ssh len=8 chksum=0xfb0d |>>>>]" + }, + { + "raw_packet": { + "data": "RQAAOBGSAAD/AZQuCgABAQoAAQQLAEOQAAAAAEUAABzCWAAAARGpAgoAAQTVim3ocGMAFwAIQO0=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0x0 len=56 id=4498 flags= frag=0L ttl=255 proto=icmp chksum=0x942e src=10.0.1.1 dst=10.0.1.4 options=[] |<ICMP type=time-exceeded code=ttl-zero-during-transit chksum=0x4390 unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=49752 flags= frag=0L ttl=1 proto=udp chksum=0xa902 src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=28771 dport=telnet len=8 chksum=0x40ed |>>>>]" + }, + { + "raw_packet": { + "data": "RcAAOD57AADvAetXW986TwoAAQQLAJ1NAAAAAEUAABwySQAAARE5EgoAAQTVim3ogEgANQAI1yw=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0xc0 len=56 id=15995 flags= frag=0L ttl=239 proto=icmp chksum=0xeb57 src=91.223.58.79 dst=10.0.1.4 options=[] |<ICMP type=time-exceeded code=ttl-zero-during-transit chksum=0x9d4d unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=12873 flags= frag=0L ttl=1 proto=udp chksum=0x3912 src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=32840 dport=domain len=8 chksum=0xd72c |>>>>]" + }, + { + "raw_packet": { + "data": "RcAAOCLEAAAwARjL1Ypt6AoAAQQDA6VKAAAAAEUAABwa6wAACxFGcAoAAQTVim3oZO4AFgAI8qU=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0xc0 len=56 id=8900 flags= frag=0L ttl=48 proto=icmp chksum=0x18cb src=213.138.109.232 dst=10.0.1.4 options=[] |<ICMP type=dest-unreach code=port-unreachable chksum=0xa54a unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=6891 flags= frag=0L ttl=11 proto=udp chksum=0x4670 src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=25838 dport=ssh len=8 chksum=0xf2a5 |>>>>]" + }, + { + "raw_packet": { + "data": "RQAAOBGYAAD/AZQoCgABAQoAAQQLAEOQAAAAAEUAABxnSAAAAREEEwoAAQTVim3oU6f//wAIXcA=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0x0 len=56 id=4504 flags= frag=0L ttl=255 proto=icmp chksum=0x9428 src=10.0.1.1 dst=10.0.1.4 options=[] |<ICMP type=time-exceeded code=ttl-zero-during-transit chksum=0x4390 unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=26440 flags= frag=0L ttl=1 proto=udp chksum=0x413 src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=21415 dport=65535 len=8 chksum=0x5dc0 |>>>>]" + }, + { + "raw_packet": { + "data": "RcAAOEz9AADvAdzVW986TwoAAQQLAJ1NAAAAAEUAABxiIAAAAREJOwoAAQTVim3o9N4fkAAIQzs=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0xc0 len=56 id=19709 flags= frag=0L ttl=239 proto=icmp chksum=0xdcd5 src=91.223.58.79 dst=10.0.1.4 options=[] |<ICMP type=time-exceeded code=ttl-zero-during-transit chksum=0x9d4d unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=25120 flags= frag=0L ttl=1 proto=udp chksum=0x93b src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=62686 dport=http_alt len=8 chksum=0x433b |>>>>]" + }, + { + "raw_packet": { + "data": "RcAAOHZYAADvAbN6W986TwoAAQQLAJ1NAAAAAEUAABwZDgAAARFSTQoAAQTVim3ou3kAUAAIm+A=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0xc0 len=56 id=30296 flags= frag=0L ttl=239 proto=icmp chksum=0xb37a src=91.223.58.79 dst=10.0.1.4 options=[] |<ICMP type=time-exceeded code=ttl-zero-during-transit chksum=0x9d4d unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=6414 flags= frag=0L ttl=1 proto=udp chksum=0x524d src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=47993 dport=http len=8 chksum=0x9be0 |>>>>]" + }, + { + "raw_packet": { + "data": "RQAAqAJHAAD5AalDCpYAMQoAAQQLAH/9AAAABEUAABxL8AAAAhEeawoAAQTVim3oxtsAFgAIkLiqqgAWAAjHuqqqABYACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAD5AwAIAQED8+H/", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0x0 len=168 id=583 flags= frag=0L ttl=249 proto=icmp chksum=0xa943 src=10.150.0.49 dst=10.0.1.4 options=[] |<ICMP type=time-exceeded code=ttl-zero-during-transit chksum=0x7ffd unused=4 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=19440 flags= frag=0L ttl=2 proto=udp chksum=0x1e6b src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=50907 dport=ssh len=8 chksum=0x90b8 |<Padding load='\xaa\xaa\x00\x16\x00\x08\xc7\xba\xaa\xaa\x00\x16\x00\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00\xf9\x03\x00\x08\x01\x01\x03\ \xf3\xe1\xff' |>>>>>]" + }, + { + "raw_packet": { + "data": "RQAAOFaJAAD4AVoOx6g/gQoAAQQLAJ1NAAAAAEUAABw/wAAAARErmwoAAQTVim3o3yEAFgAIeHI=", + "format": "base64" + }, + "summary": "[<IP version=4L ihl=5L tos=0x0 len=56 id=22153 flags= frag=0L ttl=248 proto=icmp chksum=0x5a0e src=199.168.63.129 dst=10.0.1.4 options=[] |<ICMP type=time-exceeded code=ttl-zero-during-transit chksum=0x9d4d unused=0 |<IPerror version=4L ihl=5L tos=0x0 len=28 id=16320 flags= frag=0L ttl=1 proto=udp chksum=0x2b9b src=10.0.1.4 dst=213.138.109.232 options=[] |<UDPerror sport=57121 dport=ssh len=8 chksum=0x7872 |>>>>]" + } + ], + "sent_packets": [ + { + "raw_packet": { + "data": "RQAAKIc9AAABBuQcCgABBNWKbeiRQgAAAACVawAAAABQAiAAGr4AAA==", + "format": "base64" + }, + "summary": "[<IP id=34621 frag=0 ttl=1 proto=tcp dst=213.138.109.232 |<TCP sport=37186 dport=0 seq=38251 flags=S |>>]" + }, + { + "raw_packet": { + "data": "RQAAKADhAAABBmp5CgABBNWKbehsSAAWAACbxwAAAABQAiAAOUYAAA==", + "format": "base64" + }, + "summary": "[<IP id=225 frag=0 ttl=1 proto=tcp dst=213.138.109.232 |<TCP sport=27720 dport=ssh seq=39879 flags=S |>>]" + }, + { + "raw_packet": { + "data": "RQAAKO9JAAABBnwQCgABBNWKbeg1bwAXAAApTwAAAABQAiAA4pYAAA==", + "format": "base64" + }, + "summary": "[<IP id=61257 frag=0 ttl=1 proto=tcp dst=213.138.109.232 |<TCP sport=13679 dport=telnet seq=10575 flags=S |>>]" + }, + { + "raw_packet": { + "data": "RQAAKNKoAAABBpixCgABBNWKbeixRwA1AABobwAAAABQAiAAJ4AAAA==", + "format": "base64" + }, + "summary": "[<IP id=53928 frag=0 ttl=1 proto=tcp dst=213.138.109.232 |<TCP sport=45383 dport=domain seq=26735 flags=S |>>]" + }, + { + "raw_packet": { + "data": "RQAAKPzTAAABBm6GCgABBNWKbejCJwBQAACA3wAAAABQAiAA/hQAAA==", + "format": "base64" + }, + "summary": "[<IP id=64723 frag=0 ttl=1 proto=tcp dst=213.138.109.232 |<TCP sport=49703 dport=http seq=32991 flags=S |>>]" + }, + { + "raw_packet": { + "data": "RQAAKNzQAAABBo6JCgABBNWKbejZyAB7AAD+NQAAAABQAiAAaPIAAA==", + "format": "base64" + }, + "summary": "[<IP id=56528 frag=0 ttl=1 proto=tcp dst=213.138.109.232 |<TCP sport=55752 dport=ntp seq=65077 flags=S |>>]" + } + ], + "test_icmp_traceroute": { + "hops": [ + { + "address": "141.136.98.238", + "rtt": 2.039386034, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2439029217, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4453678131, + "ttl": 12 + } + ] + }, + "test_tcp_traceroute": { + "hops_0": [ + { + "address": "141.136.98.238", + "rtt": 2.0464248657, + "sport": 34854, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2470018864, + "sport": 10415, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4521570206, + "sport": 0, + "ttl": 12 + } + ], + "hops_123": [ + { + "address": "141.136.98.238", + "rtt": 2.0381779671, + "sport": 50988, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.240860939, + "sport": 7867, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4443869591, + "sport": 123, + "ttl": 12 + } + ], + "hops_22": [ + { + "address": "141.136.98.238", + "rtt": 2.0354959965, + "sport": 36980, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2357189655, + "sport": 26447, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4381670952, + "sport": 22, + "ttl": 12 + } + ], + "hops_23": [ + { + "address": "141.136.98.238", + "rtt": 2.0388379097, + "sport": 4690, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2384901047, + "sport": 51177, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4421479702, + "sport": 23, + "ttl": 12 + } + ], + "hops_443": [ + { + "address": "141.136.98.238", + "rtt": 2.0386300087, + "sport": 11218, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.240696907, + "sport": 26319, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4430809021, + "sport": 443, + "ttl": 12 + } + ], + "hops_53": [ + { + "address": "141.136.98.238", + "rtt": 2.0381169319, + "sport": 36901, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2402248383, + "sport": 60900, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4425189495, + "sport": 53, + "ttl": 12 + } + ], + "hops_65535": [ + { + "address": "141.136.98.238", + "rtt": 2.0387971401, + "sport": 57248, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2455801964, + "sport": 52285, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4457411766, + "sport": 65535, + "ttl": 12 + } + ], + "hops_80": [ + { + "address": "141.136.108.130", + "rtt": 1.8421959877, + "sport": 23745, + "ttl": 9 + }, + { + "address": "141.136.98.238", + "rtt": 2.0382699966, + "sport": 22618, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2403969765, + "sport": 45566, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4452321529, + "sport": 80, + "ttl": 12 + } + ], + "hops_8080": [ + { + "address": "141.136.98.238", + "rtt": 2.0389461517, + "sport": 57892, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2410969734, + "sport": 51593, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4440560341, + "sport": 8080, + "ttl": 12 + } + ] + }, + "test_udp_traceroute": { + "hops_0": [], + "hops_123": [ + { + "address": "141.136.108.130", + "rtt": 1.920017004, + "sport": 57583, + "ttl": 9 + }, + { + "address": "91.223.58.79", + "rtt": 2.24168396, + "sport": 18721, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4463579655, + "sport": 25517, + "ttl": 12 + } + ], + "hops_22": [ + { + "address": "141.136.108.130", + "rtt": 1.9136769772, + "sport": 45625, + "ttl": 9 + }, + { + "address": "141.136.98.238", + "rtt": 2.0372998714, + "sport": 50609, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2419588566, + "sport": 14160, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4428777695, + "sport": 23686, + "ttl": 12 + } + ], + "hops_23": [ + { + "address": "141.136.108.130", + "rtt": 1.9202280045, + "sport": 58718, + "ttl": 9 + }, + { + "address": "141.136.98.238", + "rtt": 2.0369830132, + "sport": 39310, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2406070232, + "sport": 9348, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4436769485, + "sport": 56507, + "ttl": 12 + } + ], + "hops_443": [ + { + "address": "141.136.108.130", + "rtt": 1.9194400311, + "sport": 61062, + "ttl": 9 + }, + { + "address": "141.136.98.238", + "rtt": 2.0356152058, + "sport": 57814, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2425971031, + "sport": 36493, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4469130039, + "sport": 20708, + "ttl": 12 + } + ], + "hops_53": [ + { + "address": "141.136.108.130", + "rtt": 1.9192700386, + "sport": 63309, + "ttl": 9 + }, + { + "address": "141.136.98.238", + "rtt": 2.0371799469, + "sport": 44259, + "ttl": 10 + }, + { + "address": "91.223.58.79", + "rtt": 2.2417399883, + "sport": 32840, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4441540241, + "sport": 6946, + "ttl": 12 + } + ], + "hops_65535": [ + { + "address": "141.136.108.130", + "rtt": 1.9188029766, + "sport": 16637, + "ttl": 9 + }, + { + "address": "91.223.58.79", + "rtt": 2.2441849709, + "sport": 56282, + "ttl": 11 + } + ], + "hops_80": [ + { + "address": "141.136.108.130", + "rtt": 1.9194018841, + "sport": 26666, + "ttl": 9 + }, + { + "address": "91.223.58.79", + "rtt": 2.2409110069, + "sport": 47993, + "ttl": 11 + }, + { + "address": "213.138.109.232", + "rtt": 2.4452769756, + "sport": 43930, + "ttl": 12 + } + ], + "hops_8080": [ + { + "address": "141.136.108.130", + "rtt": 1.9188380241, + "sport": 53083, + "ttl": 9 + }, + { + "address": "91.223.58.79", + "rtt": 2.2436709404, + "sport": 62686, + "ttl": 11 + } + ] + } + }, + "test_name": "multi_protocol_traceroute", + "test_runtime": 57.7884280682, + "test_start_time": "2015-11-13 10:46:54", + "test_version": "0.3" +} +```

## Privacy considerations

@@ -121,5 +594,3 @@ the packet they are referring to and it will contain the non anonymized user IP address). On this specific issue there is an open ticket here: https://trac.torproject.org/projects/tor/ticket/7933. - -