tonusoo

interfaces {
    lo0 {
        unit 0 {
            family inet {
                filter {
                    input-list [ discard-frags accept-single-hop-bfd-v4 accept-multi-hop-bfd-v4 accept-bgp-v4 accept-ospf2 accept-vrrpv3-v4 accept-established-v4 accept-common-services-v4 discard-all-v4 ];
                }
            }
            family inet6 {
                filter {

tonusoo

version 1.0;

ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
ns dyn = "http://exslt.org/dynamic";
ns snmp extension = "http://exslt.org/functions";


template find-alarm($alarm_severity) {

tonusoo

#!/usr/bin/python3 -u

"""
Title               : send-dst-unreach
Last modified date  : 14.02.2024
Author              : Martin Tonusoo
Description         : Reads packets from Netfilter queue, sends the
                      ICMPv6 type "Destination Unreachable" code
                      "Source address failed ingress/egress policy"
                      as a response to those packets and finally

tonusoo

#!/usr/bin/env python3

"""

https://github.com/systemd/systemd/issues/27219


Usage:

# for i in {1..10}; do scapy-dhcp-client.py; done

tonusoo

# Setup below allows one guest to receive untagged frames while the other guest receives tagged traffic.

# Mark the frames depending on the ingress interface. eth0 is facing the physical network.
ebtables -A FORWARD -i eth0.173 -j mark --mark-set 173 --mark-target CONTINUE
ebtables -A FORWARD -i eth0.174 -j mark --mark-set 174 --mark-target CONTINUE

# vnet0 is a TAP device facing the virtual machine.
# Switch to classful prio qdisc for egress traffic.
tc qdisc add dev vnet0 handle fffe: root prio
# Attach filters to qdisc handle which will perform the VLAN push.

tonusoo

#include <stdio.h>
#include <unistd.h>
#include <netinet/igmp.h>
#include <linux/mroute.h>
#include <arpa/inet.h>

// socket configuration is based on https://github.com/pali/igmpproxy

int main() {

tonusoo

#!/usr/bin/env python3

import multiprocessing
from datetime import datetime
from scapy.all import sniff, send, IP
from scapy.contrib.igmp import IGMP


def sniffer():
    sniff(iface="ens3", filter="dst 239.3.5.3 and igmp", store=0, count=1)

tonusoo

#!/usr/bin/env python3
#
# Shows the delay between IGMPv2 "General Membership Query" and specific IGMPv2 "Membership Report".
# Example output:
#
# 22:01:01.561632 - 0.000 - IGMPv2 General Membership Query: 192.168.0.1 > 224.0.0.1: Max Resp Time: 10.00 s
# 22:01:02.124777 - 0.563 - IGMPv2 Membership Report: 192.168.0.100 > 239.3.5.3: Group Address: 239.3.5.3
#
# 22:01:13.337657 - 0.000 - IGMPv2 General Membership Query: 192.168.0.1 > 224.0.0.1: Max Resp Time: 10.00 s
# 22:01:19.994571 - 6.657 - IGMPv2 General Membership Query: 192.168.0.1 > 224.0.0.1: Max Resp Time: 10.00 s

tonusoo

version 1.1;

ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";


import "../import/junos.xsl";

var $event-definition = {

tonusoo

version 1.1;

ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";

import "../import/junos.xsl";


match configuration {