Flood - Your friendly network packet generator

Flood is a network packet generator for Unix-like systems (tested with Solaris and Linux at the time of writing this text). It can be used (in conjunction with a network sniffer) to test network services like bootp or network infrastructure components. It uses a session specific config file, called FlOoT dAtA fIlE, for parametrization and template files to specify the structure of the payload of the network packets.

Flood in general is friendly, because it can be used to test network services in a handy and flexible way. That's my main use case for the tool. But -on behalf of the user- it can react very beasty and flood the network with tons of packets. You have been warned.

Installation and Usage

As always, just download the package, unpack it and follow the README. Further instructions will be available in the upcoming DOCUMENTATION.

Flood in Action

The screenshot shows flood in action:

flood_xterm.png

The user wants to access a machine named www on port 80 with the TCP protocol. She wants to send four packets with a delay of 100 ms between the packets. And she wants the tool to be verbose. These parameters may be placed in the FlOoD dAtA fIlE, too, but parameters given at the command line have precedence.

The payload is described in a FlOoD dAtA fIlE named httpget.flood:

# FlOoD dAtA fIlE

# HTTP Get Request for the Flood Network Packet Generator

# Configuration parameters
cfg.template=tpl/httpget.tpl
cfg.destinationaddress=localhost

# Template parameters
tpl.host:String=192.168.42.1
tpl.url:String=/index.html
tpl.CRLF:ByteField=13,10
tpl.SPACE:Byte=32

This data file consists of configuration parameters and template parameters. In the example the value of the configuration parameter destinationaddress is overwritten with the value of its command line equivalent -a.

Template parameters make sense only in conjunction with a template. So a template file named httpget.tpl is referenced by a configuration parameter. The template depicts the structure of the payload:

# HTTP Get Request Template for the Flood Network Packet Generator

Z1:String=GET @url@@SPACE@
Z2:String=HTTP/1.0@CRLF@
Z3:String=Host: @host@@@CRLF
Z4:String=User-Agent: Flood v0.2 - Your friendly network packet generator@CRLF@
Z5:String=Accept: */*@CRLF@
Z6:ByteField=@CRLF@

A line in the template consists of a name (e.g. Z1, Z2), a data type (e.g. String, ByteField) and a value. The value consists of pure data (e.g. the string 'GET') of the named type and of any number of freely named placeholders (e.g. @url@, @CRLF@) of different types. The network protocol dependend structure of the payload may be looked up in the corresponding RFCs for example.

To construct the payload, Flood replaces every placeholder with its current value (noted in the data file). Then the values are concatenated. The resulting byte field is used as the payload.

The usage of templates and FlOoD dAtA fIlEs is further discussed in the upcoming DOCUMENTATION.

Open Topics

Flood is under development yet. Features are added as I need them or if you, the happy Flood users, request some fancy features. Some goodies I have in mind are (in arbitrary order):

  • Use a new client port for every sent packet.
  • Dump received packets to a file descriptor.
  • Start more than one sender process if the user requests that.
  • Making the beast scriptable, so that one can 'script' a complete dhcp session e.g.
  • Write documentation and usage info that deserves its name. Depict some real life use cases.
  • More data types, more templates.
  • Debian- and RPM-Packages.
  • Better error checking and handling.

Feedback

Feel free to contact me (pkgs@c0t0d0s0.de) and tell me your opinion about Flood. Do you find Flood useful? Perhaps you have some feature requests? More protocol templates? How do you use this tool? Your opinion is greatly appreciated.

Downloads

License

All Flood stuff is released under the GNU General Public License, Version 2.

Impressum