Simple Packet Sender (SPS)
Version 4.3 "Hugoniot"
Release date: August 8, 2015
https://sites.google.com/site/simplepacketsender
https://twitter.com/h0h1r4um
h0h1r4um@yahoo.com

    Copyright (c)  2011-2015  Hohlraum (h0h1r4um@yahoo.com)
    Permission is granted to copy, distribute and/or modify this document
    under the terms of the GNU Free Documentation License, Version 1.3
    or any later version published by the Free Software Foundation;
    with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
    A copy of the license is included in the section entitled "GNU
    Free Documentation License".

***********************************

TABLE OF CONTENTS

1.0 INTRODUCTION

2.0 TO DO LIST

3.0 DISTRIBUTION TARBALL CONTENTS

4.0 BUILDING FROM THE SOURCE

5.0 GENERAL USAGE

  5.1 - Manual (viewing this page from SPS)
  5.2 - Default Settings
  5.3 - View Packet Buttons
  5.4 - Checksums and Sequence Numbers
  5.5 - Entering Data
  5.6 - Maximum Transmission Unit (MTU)
  5.7 - Link-Layer (MAC) Addresses
  5.8 - Loading and Saving Packet Values
  5.9 - Use Wireshark

6.0 IPv4

7.0 IPv6

8.0 FRAGMENTATION

9.0 IPV6 EXTENSION HEADERS

  9.1 - Hop-by-Hop Header
  9.2 - Destination Header (first and last)
  9.3 - Routing Header
  9.4 - Fragmentation Header
  9.5 - Authentication Header
  9.6 - Encapsulating Security Payload (ESP) Header

10.0 SPOOFING SOURCE IP ADDRESS AND PORT

11.0 TRACEROUTE

12.0 ASN / IP DELEGATION

14.0 DEVELOPMENT NOTES

15.0 GNU Free Documentation License

***********************************


-----1.0 INTRODUCTION-----

SPS is a C language packet crafting tool with graphical interface written using GTK+ on Linux.

It can send arbitrary numbers of IPv4 and IPv6 TCP, ICMP, and/or UDP packets. It can flood packets as well (send continuous streams). Most values in the ethernet frame can be edited. This allows the user to create packets that are invalid, if desired.

Other features include IPv4 header options, IPv4 fragmentation, TCP options, IPv6 fragmentation, hop-by-hop, destination (first and last), routing, authentication, and encapsulating security payload (ESP) extension headers.

SPS also does IPv4 and IPv6 address delegation search and reverse-search, country name/code search and reverse-search, and autonomous System (AS) number search by country and reverse-search.

SPS was written on Ubuntu Linux in C. In theory it should be portable to other Linux operating systems as long as the GTK+ runtime library is available, but it hasn't been tested by the author. You are encouraged to compile it and try. Unlike previous versions, the code is now rather Linux-specific because of the use of the PF_PACKET protocol family. It will NOT work on Microsoft Windows.

SPS does not require packet-reading and packet-sending software such as pcap.

The interface was prepared using Glade (http://glade.gnome.org) and it is in gtk-builder format. The author is neither an expert in C language nor GTK+ and does not claim to have written elegant or highly efficient code. Suggestions for improvement are always welcome, although there is no guarantee suggestions will necessarily be implemented.

Two versions of SPS are provided:

  1. Compiled on a 32-bit machine with Gtk+ 2, and
  2. Compiled on a 64-bit machine with Gtk+ 3.


-----2.0 TO DO LIST-----

Bug fixes.


-----3.0 DISTRIBUTION TARBALL CONTENTS-----

/sps-4.3/
/sps-4.3/changelog.txt

    **** 32-bit, Gtk+ 2 ****
/sps-4.3/bin32/
/sps-4.3/bin32/sps
/sps-4.3/bin32/sps.ui
/sps-4.3/bin32/traceroute.ui
/sps-4.3/bin32/hop-by-hop.ui
/sps-4.3/bin32/destination.ui
/sps-4.3/bin32/routing.ui
/sps-4.3/bin32/authentication.ui
/sps-4.3/bin32/esp.ui
/sps-4.3/bin32/rir-info.txt
/sps-4,3/bin32/country-info.txt
/sps-4.3/bin32/country_names_and_code_elements_txt
/sps-4.3/bin32/about.png
/sps-4.3/bin32/documentation.txt
/sps-4.3/bin32/UTF-8.csv

    **** 64-bit, Gtk+ 3 ****
/sps-4.3/bin64/
/sps-4.3/bin64/sps
/sps-4.3/bin64/sps.ui
/sps-4.3/bin64/traceroute.ui
/sps-4.3/bin64/hop-by-hop.ui
/sps-4.3/bin64/destination.ui
/sps-4.3/bin64/routing.ui
/sps-4.3/bin64/authentication.ui
/sps-4.3/bin64/esp.ui
/sps-4.3/bin64/rir-info.txt
/sps-4,3/bin64/country-info.txt
/sps-4.3/bin64/country_names_and_code_elements_txt
/sps-4.3/bin64/about.png
/sps-4.3/bin64/documentation.txt
/sps-4.3/bin64/UTF-8.csv

    **** 32-bit, Gtk+ 2 ****
/sps-4.3/src32/
/sps-4.3/src32/about.png
/sps-4.3/src32/allocate.c
/sps-4.3/src32/arp.c
/sps-4.3/src32/authentication.ui
/sps-4.3/src32/auth_header.c
/sps-4.3/src32/callbacks.c
/sps-4.3/src32/changelog.txt
/sps-4.3/src32/checksum.c
/sps-4.3/src32/COPYING
/sps-4.3/src32/country-info.txt
/sps-4.3/src32/country_names_and_code_elements_txt
/sps-4.3/src32/create_6to4_frame.c
/sps-4.3/src32/create_ip4_frame.c
/sps-4.3/src32/create_ip6_frame.c
/sps-4.3/src32/data_entry.c
/sps-4.3/src32/date_and_time.c
/sps-4.3/src32/destination.ui
/sps-4.3/src32/display_packet.c
/sps-4.3/src32/documentation.txt
/sps-4.3/src32/errors_and_warnings.c
/sps-4.3/src32/esp_header.c
/sps-4.3/src32/esp.ui
/sps-4.3/src32/ethernet_header.c
/sps-4.3/src32/file_data.c
/sps-4.3/src32/ftp.c
/sps-4.3/src32/header_linking_and_fragmentation.c
/sps-4.3/src32/hop_and_dst_headers.c
/sps-4.3/src32/hop-by-hop.ui
/sps-4.3/src32/http.c
/sps-4.3/src32/icmp4_checksum.c
/sps-4.3/src32/icmp6_checksum.c
/sps-4.3/src32/icmp_header.c
/sps-4.3/src32/ip4_checksum.c
/sps-4.3/src32/ipv4_and_tcp_options.c
/sps-4.3/src32/ipv4_defaults.c
/sps-4.3/src32/ipv4_header.c
/sps-4.3/src32/ipv4_send.c
/sps-4.3/src32/ipv4_traceroute.c
/sps-4.3/src32/ipv4_traceroute_defaults.c
/sps-4.3/src32/ipv6_defaults.c
/sps-4.3/src32/ipv6_header.c
/sps-4.3/src32/ipv6_send.c
/sps-4.3/src32/ipv6_traceroute.c
/sps-4.3/src32/ipv6_traceroute_defaults.c
/sps-4.3/src32/keyboard_data.c
/sps-4.3/src32/load_file.c
/sps-4.3/src32/main.c
/sps-4.3/src32/main.h
/sps-4.3/src32/Makefile
/sps-4.3/src32/misc_utils.c
/sps-4.3/src32/mtu.c
/sps-4.3/src32/neighbor_discovery.c
/sps-4.3/src32/post_message.c
/sps-4.3/src32/random.c
/sps-4.3/src32/rir-info.txt
/sps-4.3/src32/rir_utils.c
/sps-4.3/src32/routing_header.c
/sps-4.3/src32/routing.ui
/sps-4.3/src32/save_file.c
/sps-4.3/src32/show_traceroute_settings.c
/sps-4.3/src32/sixto4_defaults.c
/sps-4.3/src32/sixto4_send.c
/sps-4.3/src32/sixto4_traceroute.c
/sps-4.3/src32/sixto4_traceroute_defaults.c
/sps-4.3/src32/sps_file_format.txt
/sps-4.3/src32/sps.ui
/sps-4.3/src32/tcp4_checksum.c
/sps-4.3/src32/tcp6_checksum.c
/sps-4.3/src32/tcp_header.c
/sps-4.3/src32/this_host.c
/sps-4.3/src32/traceroute.ui
/sps-4.3/src32/udp4_checksum.c
/sps-4.3/src32/udp6_checksum.c
/sps-4.3/src32/udp_header.c
/sps-4.3/src32/update_ran_parms.c
/sps-4.3/src32/utf-8.c
/sps-4.3/src32/UTF-8.csv
/sps-4.3/src32/utils/drop_case.c
/sps-4.3/src32/utils/raise_case.c
/sps-4.3/src32/utils/validate_utf8.c

    **** 64-bit, Gtk+ 3 ****
/sps-4.3/src64/
/sps-4.3/src64/about.png
/sps-4.3/src64/allocate.c
/sps-4.3/src64/arp.c
/sps-4.3/src64/authentication.ui
/sps-4.3/src64/auth_header.c
/sps-4.3/src64/callbacks.c
/sps-4.3/src64/changelog.txt
/sps-4.3/src64/checksum.c
/sps-4.3/src64/COPYING
/sps-4.3/src64/country-info.txt
/sps-4.3/src64/country_names_and_code_elements_txt
/sps-4.3/src64/create_6to4_frame.c
/sps-4.3/src64/create_ip4_frame.c
/sps-4.3/src64/create_ip6_frame.c
/sps-4.3/src64/data_entry.c
/sps-4.3/src64/date_and_time.c
/sps-4.3/src64/destination.ui
/sps-4.3/src64/display_packet.c
/sps-4.3/src64/documentation.txt
/sps-4.3/src64/errors_and_warnings.c
/sps-4.3/src64/esp_header.c
/sps-4.3/src64/esp.ui
/sps-4.3/src64/ethernet_header.c
/sps-4.3/src64/file_data.c
/sps-4.3/src64/ftp.c
/sps-4.3/src64/header_linking_and_fragmentation.c
/sps-4.3/src64/hop_and_dst_headers.c
/sps-4.3/src64/hop-by-hop.ui
/sps-4.3/src64/http.c
/sps-4.3/src64/icmp4_checksum.c
/sps-4.3/src64/icmp6_checksum.c
/sps-4.3/src64/icmp_header.c
/sps-4.3/src64/ip4_checksum.c
/sps-4.3/src64/ipv4_and_tcp_options.c
/sps-4.3/src64/ipv4_defaults.c
/sps-4.3/src64/ipv4_header.c
/sps-4.3/src64/ipv4_send.c
/sps-4.3/src64/ipv4_traceroute.c
/sps-4.3/src64/ipv4_traceroute_defaults.c
/sps-4.3/src64/ipv6_defaults.c
/sps-4.3/src64/ipv6_header.c
/sps-4.3/src64/ipv6_send.c
/sps-4.3/src64/ipv6_traceroute.c
/sps-4.3/src64/ipv6_traceroute_defaults.c
/sps-4.3/src64/keyboard_data.c
/sps-4.3/src64/load_file.c
/sps-4.3/src64/main.c
/sps-4.3/src64/main.h
/sps-4.3/src64/Makefile
/sps-4.3/src64/misc_utils.c
/sps-4.3/src64/mtu.c
/sps-4.3/src64/neighbor_discovery.c
/sps-4.3/src64/post_message.c
/sps-4.3/src64/random.c
/sps-4.3/src64/rir-info.txt
/sps-4.3/src64/rir_utils.c
/sps-4.3/src64/routing_header.c
/sps-4.3/src64/routing.ui
/sps-4.3/src64/save_file.c
/sps-4.3/src64/show_traceroute_settings.c
/sps-4.3/src64/sixto4_defaults.c
/sps-4.3/src64/sixto4_send.c
/sps-4.3/src64/sixto4_traceroute.c
/sps-4.3/src64/sixto4_traceroute_defaults.c
/sps-4.3/src64/sps_file_format.txt
/sps-4.3/src64/sps.ui
/sps-4.3/src64/tcp4_checksum.c
/sps-4.3/src64/tcp6_checksum.c
/sps-4.3/src64/tcp_header.c
/sps-4.3/src64/this_host.c
/sps-4.3/src64/traceroute.ui
/sps-4.3/src64/udp4_checksum.c
/sps-4.3/src64/udp6_checksum.c
/sps-4.3/src64/udp_header.c
/sps-4.3/src64/update_ran_parms.c
/sps-4.3/src64/utf-8.c
/sps-4.3/src64/UTF-8.csv
/sps-4.3/src64/utils/drop_case.c
/sps-4.3/src64/utils/raise_case.c
/sps-4.3/src64/utils/validate_utf8.c


-----4.0 BUILDING FROM THE SOURCE-----

To compile SPS, you need to have the GTK+ development library 2 or 3 and glade installed. This means for GTK+ 2 on Ubuntu, you type:

sudo aptitude install libgtk2.0-dev
sudo aptitude install glade

or for GTK+ 3:

sudo aptitude install libgtk-3-dev
sudo aptitude install glade

To compile type:

./make


-----5.0 GENERAL USAGE-----

You must run SPS as root. On Ubuntu, this means you type:

sudo ./sps

VERY IMPORTANT: After changing values in any of the fields by keyboard, you must press ENTER. Forgetting to press ENTER tends to cause all kinds of confusion.

To copy data between various fields, make use of cntl-c and cntl-v to copy and paste, respectively.


5.1 - Manual (viewing this file from SPS)

When Help, Documentation is selected from the Menu bar, GTK+ uses a text view to display this manual file.

If you modify this documentation file, you must ensure that only UTF-8 characters are used. If there are any uinvalid UTF-8 characters in the file, SPS will produce an error message giving the location of the invalid characters.

In GTK+, a text view can only display UTF-8 characters. If a non-UTF-8 character exists, GTK+ will throw an exception and this file will not be displayed.

You can also use the utility program /src??/utils/validate_utf8.c which came with this release to test your file for invalid UTF-8 characters. These routines are not used by SPS and can be deleted if desired.


5.2 - Default Settings

By default, flood mode is turned off. If you stop a flood, the flood checkbox will uncheck. This is done in order to prevent accidental floods.

The Stop button on the Send page is only used to stop floods and has no other function.

All IPv4 and IPv6 source addresses default to loopback (for safety).

The default TCP settings are for a valid SYN packet.

The default ICMP settings are for a valid echo request (ping) packet.

The default UDP settings are for a valid UDP packet with no payload data. However, if the destination port is not a recognized standard UDP service, Wireshark will report the UDP packet as malformed.

All IPv6 ethernet frames default to having no extension headers.

The minimum ethernet payload (data field) is 46 bytes. SPS does not pad the packet to meet this minimum; the kernel will automatically add the necessary padding.

If you decide you want to restore the default settings for a packet type, you can press the Restore Default Values button at lower right. This only changes the values on the page you are looking at. For example, on the IPv6 TCP page pressing the Restore Default Values button only changes the IPv6 TCP values. Note, however, that new random IP addresses will be generated which, in turn, will cause new checksum values to be calculated.

5.3 - View Packet Buttons

You can use the View Packet button repeatedly without closing the pop-up windows. For example you can press View Packet, alter some values, and press it again so you can compare between pop-up windows to see how the packet contents actually changed. If Tunnel IPv6 over IPv4 (6to4) is selected on the Send page, the View Packet button will display a note at the bottom stating that the packet being shown includes 6to4 ethernet header and 6to4 IPv4 header. Sometimes when clicking on View Packet, the fragmented and unfragmented packet windows will be on top of one another (it's left up to GTK+ to choose the locations) leaving the impression only one View Packet window was created. If this occurs, just drag the top one off.

5.4 - Checksums and Sequence Numbers

When a parameter value is changed, the checksums will automatically update. However, arbitrary checksum values can then be input if an invalid checksum is desired. In other words, change checksum value last if you want to have a bogus checksum value.

See also the note in SPOOFING SOURCE IP ADDRESS AND PORT section regarding checksums.

If the IP header sequence number of a packet is set to 0, the Linux kernel replaces the IP sequence number with its own and then computes its own IP checksum.

5.5 - Entering Data

You have three options for entering TCP, ICMP, or UDP payload data:

1. ASCII data entered by keyboard,
2. Hexadecimal data entered by keyboard, or
3. Data loaded from a file.

When entering data via keyboard, you select either the ASCII or hexadecimal radio button and then type-in data in the field provided.

Once you press ENTER, the ASCII/hex radio buttons are used by SPS to interpret what you've typed. Try it both ways and use View Packet to see the effect.

For hexadecimal data entry you type single byte values, separated by commas. If what you've typed is not in an acceptable format, SPS will say so and if you look carefully at the error message, you'll see it gives examples of acceptable entries, shown here (weird spacing intentional):

23, 4e,a,cd  ,7

which SPS will interpret as: 0x23, 0x4e, 0x0a, 0xcd, 0x07.

Similar rules apply to the entry of option data. e.g., IPv4 options, TCP options, hop-by-hop options, destination options, etc., however, only the TCP, ICMP, and UDP payload data can be loaded from a file.

5.6 - Maximum Transmission Unit (MTU)

If you load data from a file, be aware that there are limits on packet size. Not only is there a maximum transmissible unit (MTU) for the route the packet will take, but the interface you are sending it from also has an MTU (typically 1500 bytes). The interface MTU assumed by SPS for the purposes of fragmentation is displayed on each protocol page and can be adjusted. The MTU may auto-correct (with a warning) if you choose too small a value. Packets will auto-fragment as necessary based on the specified MTU.

5.7 - Link-Layer (MAC) Addresses

You can determine the MAC address for any interface on your machine with either the This Host Interface Name and Hardware Address tool on the Host/IP/MAC page, or with the Source Interface Name entry on any of the TCP, ICMP, and UDP pages. Typical interface names are "wlan0", "eth0", etc.

You can interrogate for the MAC address of any other nodes on your link-local network using the IP to Link_Layer (MAC) Address tool on the Host/IP/MAC page. You can set the timeout to wait for a reply to the ARP or Neighbor discovery (ND) packet sent to request the MAC address. The timeout defaults to 2 seconds. You can type in a value or use the spin button to change the timeout between 1 and 20 seconds. If you enter an IPv4 address, ARP will be used. If you enter an IPv6 address, ND will be used.

5.8 - Loading and Saving Packet Values

If you have entered specific values in many fields, it is sometimes desirable to save your settings for re-load in the future. This can be accomplished on the Load/Save page. Here you can choose via radio buttons which sets of data will be saved to file. The file format is given in the flat file named sps_file-format.txt which accompanies this release. You may, for example, enter your router's MAC address and perhaps your IPv4 and IPv6 addresses for all the packet types and save it as a reference file which can be used as a good starting point. No data from the Host/IP/MAC page is saved or loaded. NOTE: Due to bad planning, the SPS file format has NOT BEEN CONSISTENT between versions, and thus is NOT BACKWARD-COMPATIBLE.

5.9 - Use Wireshark

It is often useful and informative to install Wireshark to see what is actually in the packets sent to the network interface, and whether replies came back.

http://www.wireshark.org

If you see a discrepancy between the View Packet display and Wireshark, please provide feedback via email, preferably with packet details so the issue can be re-created and bug fixed.


-----6.0 IPv4-----

In IPv4, you have the option of specifying the ethernet header or not. 

If you choose to specify the ethernet header, you need to specify the name of the interface you are sending from. SPS will then grab and fill in the source MAC address for you. You can still change it if you want, but you should expect weird/bad behavior. You will also need the destination hardware link-layer (MAC) address. This is the MAC address of the next node to handle the packet on its route. For example, on a home network with a router, it's the MAC address of the router. If you are directly behind a modem, then it's the MAC address of the modem.

To obtain that, or the MAC address of any other node on your link-local network, you must go to the Host/IP/MAC page and use the IP to Link-Layer (MAC) address tool. You can set the timeout for it to wait for a reply to the ARP packet sent to request the MAC address. The timeout defaults to 2 seconds. You can type in a value or use the spin button to change the timeout between 1 and 20 seconds.

If you choose not to specify the ethernet header, the Linux kernel will do the ARP interrogation for you and fill in the ethernet header for you. It should be noted that in this case, if you set the ID sequence number in the IPv4 header to zero, the kernel will change it to whatever it chooses and update the checksum appropriately. If you set the ID sequence number to a non-zero value, the kernel will not change this number and it won't alter the checksum.

Neither authentication nor encapsulating security payload (ESP) headers are implemented in SPS for IPv4. They are, however, implemented for IPv6 (see below).


-----7.0 IPv6-----

SPS provides two mechanisms for sending IPv6 packets:

1. IPv6 tunneled over IPv4 (6to4), or
2. Pure IPv6.

If your ISP supports pure IPv6 protocol, then you do not have to resort to tunneling over IPv4.

1. 6to4:

You can elect to send IPv6 packets tunneled over IPv4.  In this case, the ethernet header information entered on the IPv6 TCP, ICMP, and UDP pages are used.  However, you do have the choice of allowing the kernel determine the ethernet header contents for you.  You can also choose the source IPv4 address from which these IPv6-over-IPv4 packets are to apparently come from.

2. Pure IPv6 (i.e., no IPv4 tunnel)

With pure IPv6, you do not have the option of letting the kernel fill in the ethernet header for you, so you are obligated to get the destination link-layer address as discussed above for IPv4.


-----8.0 FRAGMENTATION-----

When enough TCP, ICMP, or UDP data is included in the packet (via keyboard or from file), the packet may need to be fragmented. SPS will automatically fragment packets as necessary to meet the default maximum transmission unit (MTU) of 1500 bytes. For tunneling IPv6 over IPv4 (6to4) the MTU is reduced to 1280 before the IPv4 header is prepended to the packet. If the packet is fragmented, the Total Length of Datagram (in IPv4 header), the Payload Length and Next Header fields (in IPv6 header), and the IPv4 checksums are re-calculated, discarding any values set by the user. This is necessary, otherwise the packet will be dropped by the next hop.


-----9.0 IPV6 EXTENSION HEADERS-----

9.1 - Hop-by-Hop Header

When entering hop-by-hop extension header options, you must provide the alignment parameters x and y. Each option has a specified alignment requirement expressed in the form xN + y. This means that the option must begin a multiple N of x bytes from the start of the hop-by-hop header, plus y bytes. For example, a router alert option has an alignment requirement of 2N + 0. The option is pre-padded to achieve the alignment, and the padding is accomplished using either Pad1 or PadN options (see Section 4.2 of RFC 2460).

Example: router alert (RFC 2711)

 5,2,0,200 with alignment of x: 2, y: 0
 Here, the value field is set to 200, which is currently an unassigned value (www.iana.org/assignments/ipv6-parameters/ipv6-parameters.xml).

Jumbograms (RFC 2675) are NOT supported in SPS and are unlikely to be; it would be hard to back-fit this feature, as many things in SPS are dependent upon a maximum packet size of IP_MAXPACKET (65535 bytes).

9.2 - Destination Header (first and last)

The format of destination headers is identical to that of hop-by-hop headers, however, there can be "first" and/or "last" destination headers. A "last" destination header's options are processed only by the final destination node. A "first" destination header can be placed such that it is processed by devices specified within a routing header.

Example: last destination header with Identifier-Locator Network Protocol (ILNP) nonce (RFC 6744)

 Option: 139,12,124,43,22,118,79,251,211,23,0,13,25,26 with alignment x: 4, y: 2
 An arbitrary 12-byte number is provided for illustrative purposes.

9.3 - Routing Header

Since there are a variety of routing header types, the user is given the freedom to enter any routing data. However, the user must provide as routing data any padding necessary to make the entire extension header end on a 64-bit boundary. For routing header type 3, the padding field must be set accordingly.

Example: source routing header for Routing Protocol for Low-power and lossy networks (RPL) (RFC 6554)

 0,0,0,0,32,1,13,184,0,0,0,0,2,20,81,255,254,47,21,86,32,1,13,184,0,0,0,0,2,62,125,211,5,41,124,194,32,1,13,184,0,0,0,0,101,255,32,60,153,1,171,43
 Type: 3, Segments Left: 3
 Three documentation IPv6 addresses are provided for illustrative purposes (RFC 3849).

9.4 - Fragmentation Header

SPS does not support user-specified fragmentation headers; all fragmentation is done automatically. As a result, a user cannot create intentionally malformed fragments (e.g., teardrop).

9.5 - Authentication Header

SPS allows authentication headers to be used in either transport or tunnel mode (RFC 2402). The IPv6 security architecture specification (RFC 4301) allows for the use of both authentication and ESP headers at the same time, however, SPS only allows either an authentication header or an ESP header, but not both. The user must supply the integrity check value (ICV). To aid in ICV calculation, the user can press the Save Data for ICV Calculation button, which will save a binary file over which the ICV should be calculated. As per Section 3.3.3 of RFC 2402, all mutable fields and the ICV field are zet to zero.

Example:

 ICV: 34,2,0,16,66,99,11,2,31,0,8,23 with SPI: 235, Sequence number: 23356
 Arbitrary values are given here for illustrative purposes.

9.6 - Encapsulating Security Payload (ESP) Header

SPS allows ESP headers to be used in either transport or tunnel mode (RFC 2406). The IPv6 security architecture specification (RFC 4301) allows for the use of both authentication and ESP headers at the same time, however, SPS only allows either an authenticatio header or an ESP header, but not both. The user must supply the integrity check value (ICV). To aid in ICV calculation, the user can press the Save Data for ICV Calculation button, which will save a binary file over which the ICV should be calculated. As per Section 3.3.4 of RFC 2406, the authentication data field is excluded.

Example:

  ICV: 34,2,0,16,66,99,11,2,31,0,8,23 with SPI: 3456  Sequence number: 415
  Arbitrary values are given here for illustrative purposes.

-----10.0 SPOOFING SOURCE IP ADDRESS, PORT, and LINK-LAYER ADDRESS-----

Note that if your computer is behind a router, IP spoofing will not work for destination IPs outside of the local network since the router will replace the source IP address with that assigned by your ISP.

Also note that some packets will cause the target machine to reply (e.g., ICMP echo request, TCP SYN, etc.). Therefore, flooding a machine located within a local network can be dangerous because the target machine will reply ("backscatter") to the source IP. If the spoofed source IP is a valid IP outside of the local network, this means backscatter from the local machine will be flooding some external machine.

All source addresses and ports default to randomized. When sending multiple packets or flooding and source IP and/or source port is set to randomize, SPS will re-compute the appropriate checksums for each packet, discarding any values set by the user. Therefore, you cannot send multiple packets or flood packets with randomized source IP and port and have invalid checksums.

PLEASE NOTE: Randomized IP addresses and port numbers will always follow the same sequence when SPS is run. i.e., the sequence is initialized with the same seed value when SPS is initially started. This allows for consistency of randomized IP addresses and port numbers between SPS runs. This was done because it can be useful when attempting to repeat previous results, however it might be undesirable under some special circumstances.

The randomized IP addresses and port numbers shown in the user interface are the values which will be used for the next packet sent (showing the last value used wouldn't be helpful). This applies to traceroute port numbers as well.

If you change the random number seed (on the PRNG page), all randomized parameter values will change to reflect the new seed, starting at the first iterate. The user interface will be updated accordingly.

If you change the random number stride (on the PRNG page), no changes are made to randomized parameters, but all new values of parameters will be based upon the new stride.

You can make the source link-layer (MAC) address (also know as hardware address) any value you like, but don't expect a reply if it doesn't match your interface. For that you may also use macchanger to change the mac address of your network card. You can get macchanger at:

http://www.alobbs.com/macchanger


-----11.0 TRACEROUTE-----

You can craft IPv4 and IPv6 traceroute packets as desired by clicking on the "Edit Traceroute Packets" button on the Traceroute page. All the rules about setting packet values are the same as discussed previously, however your latitude is somewhat more restricted because only certain packets will trigger the desired responses necessary to perform a successful traceroute.

After editing traceroute packets, DO NOT CLOSE the traceroute window if there's a chance you may want to re-edit them, otherwise some checkbutton states will be toggled upon re-opening the Edit Traceroute Packet window.

Traceroutes can be performed in IPv4, IPv6 tunneled over IPv4 (6to4), or in pure IPv6.

For TCP traceroute, we send SYN packets with time-to-live (TTL in IPv4) or hop limit (in IPv6) with increasing value starting at 1. We expect to receive ICMP Time Exceeded responses until we reach the destination host, which should then respond with SYN-ACK. Therefore, the TCP packets must be SYN frames. They default to this type of packet.

For ICMP traceroute, we send Echo Request packets with TTL or hop limit with increasing value starting at 1. We expect to receive ICMP Time Exceeded responses until we reach the destination host, which should then respond with an Echo Reply. Therefore, the ICMP packets must be Echo Request frames. They default to this type of packet.

For UDP traceroute, we send UDP packets with a (hopefully) unused port number and increasing value of TTL or hop limit starting at 1. We expect to receive ICMP Time Exceeded responses until we reach the destination host, which should then respond with Port Unreachable. Therefore, the UDP packets must have a port number that is closed on the remote host. In SPS, the default port number is 33435 but other values can be entered.

The number of probes per node can be adjusted with the Number of Probes per Hop spinbutton.

The timeout to wait for a reply can be adjusted using the Timeout for Reply spinbutton.

You can also choose whether or not IP addresses are resolved to hostnames with the Resolve Node Hostnames checkbutton. Note that resolving hostnames is a slow process and so it defaults to off. You can also copy an IP address from the traceroute results window and paste it into the Host/IP page for hostname resolution.


-----12.0 ASN / IP DELEGATION-----

On the ASN / IP Delegation page, users can perform a variety of searches in order to: find the country code for a country name, or vice-versa, find Autonomous System (AS) numbers delegated by country, or vice-versa, and find IPv4 or IPv6 address blocks delegated by country, or vice-versa.

Sometimes the date given for the delegation of an ASN is all zeros, for example:

arin|US|asn|763|1|00000000|allocated

The RIRs explain the meaning of this as follows:

"It is noted that where records do not show a date of first assignment, this can take the 00000000 value."

The delegation lists can be downloaded from their respective Regional Internet Registries (RIRs), and the ISO 3166-1 country code list from www.iso.org by clicking on the Download buttons. The country code list can also be viewed if the user is uncertain about a country name or country code spelling. Once a download is complete, the Status of a file should indicate "Loaded". Transaction messages for downloads in progress are sent to stdout by default, but the user can elect to silence these messages via the checkbutton. All file downloads should automatically work in either IPv4 or IPv6, using whichever first successfully establishes a connection to the remote host.

The RIR names, HTTP URLs, FTP URLs, delegation file directory locations, and delegation filenames are stored in file rir-info.txt so they can be changed without the need to rebuild the SPS executable.

The loading of RIR files and the country code file is performed via a separate thread. If you want to download a RIR file and then close SPS, wait a second or so for the thread to terminate before closing SPS.

The International Organization for Standardization (ISO)'s HTTP URL, country code file directory location, and country code filename are stored in file country-info.txt so they can be changed without the need to rebuild the SPS executable.

NOTE: As of August 8, 2015, ISO has paywalled the country code file, and so the latest version I had available is included in this distribution. It shouldn't change very frequently.

Since IPv4 addresses were being delegated to countries prior to the introduction of CIDR ("slash") notation, IPv4 addresses were sometimes delegated in block sizes that don't match powers of 2 (prefix length in CIDR notation). In those cases, SPS reports blocks as start-address to end-address ranges. If an IPv4 block delegation can be represented in CIDR notation, SPS expresses it in that format.

All IPv6 addresses are delegated in block sizes corresponding to prefix length, and so SPS reports all IPv6 blocks in CIDR notation.

Pleae note that for countries with large numbers of IP delegations, the search can be quite slow, with IPv4 slower than IPv6 due to the time it takes to parse IP addresses. The slowest appears to be the United States, presumeably due to the largest number of delegations.


-----13.0 UTF-8 UTILITIES-----

In the /utils sub-directory of the /src32 and /src64 source directories, there are three programs: a UTF-8 validator (validate_utf8.c), a lower-case to upper-case UTF-8 converter (raise_case.c), and an upper-case to lower-case UTF-8 converter (drop_case.c).

These three routines are not part of SPS and can be used as general tools when modifying the documentation.txt and sps_file_format.txt files, or for any other application the user chooses. GTK+ requires text to be in ASCII or UTF-8 when being rendered in a textview.


-----14.0 DEVELOPMENT NOTES-----

**** NOTE 1 - BSD Convention ****

Note that there are multiple conventions available for TCP and UDP header defined in:

/usr/include/netinet/tcp.h
/usr/include/netinet/udp.h

Currently in SPS, the BSD convention was implemented by placing the following line in main.h:

#define __FAVOR_BSD       // Use BSD format of TCP and UDP header

Either convention may be the default depending on the operating system.


**** NOTE 2 - Possible GTK+ bug ****

In the Gtk+ 2 version, if you use the mouse wheel to move between tabs, an error is generated:

(sps:2208): Gtk-CRITICAL **: gtk_widget_is_ancestor: assertion `ancestor != NULL' failed

This appears to be fixed in GTK 3.x.


**** NOTE 3 - Traceroute and ASN/IP Delegation ****

The URLs, directories, and filenames for both the RIR delegation files and the country code file are defined within main.h and main.c.

The process of downloading ASN/IP delegation files from any of the Regional Internet Registries (RIRs) or the country code file from www.iso.org requires the use of blocking network functions such as recv().

In order to ensure the user does not lose access to the user interface while files are downloading, a multi-threaded approach is used. A timeout function is also invoked which monitors the value of a flag called message_available, and creates a pop-up error dialog (e.g., "timeout on recv()") if there was a problem.

Similarly, the traceroute routines use blocking functions such as recvfrom() and getaddrinfo(). As a result, the traceroute routines are executed in a new thread, and as above, a timeout function monitors the message_available flag.

In GTK+, only functions working within the main iteration are allowed to modify the user interface. Therefore, in order to update the user interface with regard to RIR file status or traceroute results, idle functions are used, since, regardless of which thread starts them, they are always added to the main iteration. The idle functions here will only execute once and then return (FALSE) which causes them to terminate. Multiple instances of the same idle function can be invoked during a traceroute if results come in faster than the user interface can be updated.

ASN and IP address delegation searches can be quite slow. By far, the slowest are searches for delegations to the United States (largest number of delegations, resulting in, for example, 3 MB of results for IPv4 addresses). The IPv4 and IPv6 searches are done concurrently using individual threads. As above, idle functions are used to report the results to textviews.


-----15.0 GNU FREE DOCUMENTATION LICENSE-----

                GNU Free Documentation License
                 Version 1.3, 3 November 2008


 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc.
     <http://fsf.org/>
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

0. PREAMBLE

The purpose of this License is to make a manual, textbook, or other
functional and useful document "free" in the sense of freedom: to
assure everyone the effective freedom to copy and redistribute it,
with or without modifying it, either commercially or noncommercially.
Secondarily, this License preserves for the author and publisher a way
to get credit for their work, while not being considered responsible
for modifications made by others.

This License is a kind of "copyleft", which means that derivative
works of the document must themselves be free in the same sense.  It
complements the GNU General Public License, which is a copyleft
license designed for free software.

We have designed this License in order to use it for manuals for free
software, because free software needs free documentation: a free
program should come with manuals providing the same freedoms that the
software does.  But this License is not limited to software manuals;
it can be used for any textual work, regardless of subject matter or
whether it is published as a printed book.  We recommend this License
principally for works whose purpose is instruction or reference.


1. APPLICABILITY AND DEFINITIONS

This License applies to any manual or other work, in any medium, that
contains a notice placed by the copyright holder saying it can be
distributed under the terms of this License.  Such a notice grants a
world-wide, royalty-free license, unlimited in duration, to use that
work under the conditions stated herein.  The "Document", below,
refers to any such manual or work.  Any member of the public is a
licensee, and is addressed as "you".  You accept the license if you
copy, modify or distribute the work in a way requiring permission
under copyright law.

A "Modified Version" of the Document means any work containing the
Document or a portion of it, either copied verbatim, or with
modifications and/or translated into another language.

A "Secondary Section" is a named appendix or a front-matter section of
the Document that deals exclusively with the relationship of the
publishers or authors of the Document to the Document's overall
subject (or to related matters) and contains nothing that could fall
directly within that overall subject.  (Thus, if the Document is in
part a textbook of mathematics, a Secondary Section may not explain
any mathematics.)  The relationship could be a matter of historical
connection with the subject or with related matters, or of legal,
commercial, philosophical, ethical or political position regarding
them.

The "Invariant Sections" are certain Secondary Sections whose titles
are designated, as being those of Invariant Sections, in the notice
that says that the Document is released under this License.  If a
section does not fit the above definition of Secondary then it is not
allowed to be designated as Invariant.  The Document may contain zero
Invariant Sections.  If the Document does not identify any Invariant
Sections then there are none.

The "Cover Texts" are certain short passages of text that are listed,
as Front-Cover Texts or Back-Cover Texts, in the notice that says that
the Document is released under this License.  A Front-Cover Text may
be at most 5 words, and a Back-Cover Text may be at most 25 words.

A "Transparent" copy of the Document means a machine-readable copy,
represented in a format whose specification is available to the
general public, that is suitable for revising the document
straightforwardly with generic text editors or (for images composed of
pixels) generic paint programs or (for drawings) some widely available
drawing editor, and that is suitable for input to text formatters or
for automatic translation to a variety of formats suitable for input
to text formatters.  A copy made in an otherwise Transparent file
format whose markup, or absence of markup, has been arranged to thwart
or discourage subsequent modification by readers is not Transparent.
An image format is not Transparent if used for any substantial amount
of text.  A copy that is not "Transparent" is called "Opaque".

Examples of suitable formats for Transparent copies include plain
ASCII without markup, Texinfo input format, LaTeX input format, SGML
or XML using a publicly available DTD, and standard-conforming simple
HTML, PostScript or PDF designed for human modification.  Examples of
transparent image formats include PNG, XCF and JPG.  Opaque formats
include proprietary formats that can be read and edited only by
proprietary word processors, SGML or XML for which the DTD and/or
processing tools are not generally available, and the
machine-generated HTML, PostScript or PDF produced by some word
processors for output purposes only.

The "Title Page" means, for a printed book, the title page itself,
plus such following pages as are needed to hold, legibly, the material
this License requires to appear in the title page.  For works in
formats which do not have any title page as such, "Title Page" means
the text near the most prominent appearance of the work's title,
preceding the beginning of the body of the text.

The "publisher" means any person or entity that distributes copies of
the Document to the public.

A section "Entitled XYZ" means a named subunit of the Document whose
title either is precisely XYZ or contains XYZ in parentheses following
text that translates XYZ in another language.  (Here XYZ stands for a
specific section name mentioned below, such as "Acknowledgements",
"Dedications", "Endorsements", or "History".)  To "Preserve the Title"
of such a section when you modify the Document means that it remains a
section "Entitled XYZ" according to this definition.

The Document may include Warranty Disclaimers next to the notice which
states that this License applies to the Document.  These Warranty
Disclaimers are considered to be included by reference in this
License, but only as regards disclaiming warranties: any other
implication that these Warranty Disclaimers may have is void and has
no effect on the meaning of this License.

2. VERBATIM COPYING

You may copy and distribute the Document in any medium, either
commercially or noncommercially, provided that this License, the
copyright notices, and the license notice saying this License applies
to the Document are reproduced in all copies, and that you add no
other conditions whatsoever to those of this License.  You may not use
technical measures to obstruct or control the reading or further
copying of the copies you make or distribute.  However, you may accept
compensation in exchange for copies.  If you distribute a large enough
number of copies you must also follow the conditions in section 3.

You may also lend copies, under the same conditions stated above, and
you may publicly display copies.


3. COPYING IN QUANTITY

If you publish printed copies (or copies in media that commonly have
printed covers) of the Document, numbering more than 100, and the
Document's license notice requires Cover Texts, you must enclose the
copies in covers that carry, clearly and legibly, all these Cover
Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on
the back cover.  Both covers must also clearly and legibly identify
you as the publisher of these copies.  The front cover must present
the full title with all words of the title equally prominent and
visible.  You may add other material on the covers in addition.
Copying with changes limited to the covers, as long as they preserve
the title of the Document and satisfy these conditions, can be treated
as verbatim copying in other respects.

If the required texts for either cover are too voluminous to fit
legibly, you should put the first ones listed (as many as fit
reasonably) on the actual cover, and continue the rest onto adjacent
pages.

If you publish or distribute Opaque copies of the Document numbering
more than 100, you must either include a machine-readable Transparent
copy along with each Opaque copy, or state in or with each Opaque copy
a computer-network location from which the general network-using
public has access to download using public-standard network protocols
a complete Transparent copy of the Document, free of added material.
If you use the latter option, you must take reasonably prudent steps,
when you begin distribution of Opaque copies in quantity, to ensure
that this Transparent copy will remain thus accessible at the stated
location until at least one year after the last time you distribute an
Opaque copy (directly or through your agents or retailers) of that
edition to the public.

It is requested, but not required, that you contact the authors of the
Document well before redistributing any large number of copies, to
give them a chance to provide you with an updated version of the
Document.


4. MODIFICATIONS

You may copy and distribute a Modified Version of the Document under
the conditions of sections 2 and 3 above, provided that you release
the Modified Version under precisely this License, with the Modified
Version filling the role of the Document, thus licensing distribution
and modification of the Modified Version to whoever possesses a copy
of it.  In addition, you must do these things in the Modified Version:

A. Use in the Title Page (and on the covers, if any) a title distinct
   from that of the Document, and from those of previous versions
   (which should, if there were any, be listed in the History section
   of the Document).  You may use the same title as a previous version
   if the original publisher of that version gives permission.
B. List on the Title Page, as authors, one or more persons or entities
   responsible for authorship of the modifications in the Modified
   Version, together with at least five of the principal authors of the
   Document (all of its principal authors, if it has fewer than five),
   unless they release you from this requirement.
C. State on the Title page the name of the publisher of the
   Modified Version, as the publisher.
D. Preserve all the copyright notices of the Document.
E. Add an appropriate copyright notice for your modifications
   adjacent to the other copyright notices.
F. Include, immediately after the copyright notices, a license notice
   giving the public permission to use the Modified Version under the
   terms of this License, in the form shown in the Addendum below.
G. Preserve in that license notice the full lists of Invariant Sections
   and required Cover Texts given in the Document's license notice.
H. Include an unaltered copy of this License.
I. Preserve the section Entitled "History", Preserve its Title, and add
   to it an item stating at least the title, year, new authors, and
   publisher of the Modified Version as given on the Title Page.  If
   there is no section Entitled "History" in the Document, create one
   stating the title, year, authors, and publisher of the Document as
   given on its Title Page, then add an item describing the Modified
   Version as stated in the previous sentence.
J. Preserve the network location, if any, given in the Document for
   public access to a Transparent copy of the Document, and likewise
   the network locations given in the Document for previous versions
   it was based on.  These may be placed in the "History" section.
   You may omit a network location for a work that was published at
   least four years before the Document itself, or if the original
   publisher of the version it refers to gives permission.
K. For any section Entitled "Acknowledgements" or "Dedications",
   Preserve the Title of the section, and preserve in the section all
   the substance and tone of each of the contributor acknowledgements
   and/or dedications given therein.
L. Preserve all the Invariant Sections of the Document,
   unaltered in their text and in their titles.  Section numbers
   or the equivalent are not considered part of the section titles.
M. Delete any section Entitled "Endorsements".  Such a section
   may not be included in the Modified Version.
N. Do not retitle any existing section to be Entitled "Endorsements"
   or to conflict in title with any Invariant Section.
O. Preserve any Warranty Disclaimers.

If the Modified Version includes new front-matter sections or
appendices that qualify as Secondary Sections and contain no material
copied from the Document, you may at your option designate some or all
of these sections as invariant.  To do this, add their titles to the
list of Invariant Sections in the Modified Version's license notice.
These titles must be distinct from any other section titles.

You may add a section Entitled "Endorsements", provided it contains
nothing but endorsements of your Modified Version by various
parties--for example, statements of peer review or that the text has
been approved by an organization as the authoritative definition of a
standard.

You may add a passage of up to five words as a Front-Cover Text, and a
passage of up to 25 words as a Back-Cover Text, to the end of the list
of Cover Texts in the Modified Version.  Only one passage of
Front-Cover Text and one of Back-Cover Text may be added by (or
through arrangements made by) any one entity.  If the Document already
includes a cover text for the same cover, previously added by you or
by arrangement made by the same entity you are acting on behalf of,
you may not add another; but you may replace the old one, on explicit
permission from the previous publisher that added the old one.

The author(s) and publisher(s) of the Document do not by this License
give permission to use their names for publicity for or to assert or
imply endorsement of any Modified Version.


5. COMBINING DOCUMENTS

You may combine the Document with other documents released under this
License, under the terms defined in section 4 above for modified
versions, provided that you include in the combination all of the
Invariant Sections of all of the original documents, unmodified, and
list them all as Invariant Sections of your combined work in its
license notice, and that you preserve all their Warranty Disclaimers.

The combined work need only contain one copy of this License, and
multiple identical Invariant Sections may be replaced with a single
copy.  If there are multiple Invariant Sections with the same name but
different contents, make the title of each such section unique by
adding at the end of it, in parentheses, the name of the original
author or publisher of that section if known, or else a unique number.
Make the same adjustment to the section titles in the list of
Invariant Sections in the license notice of the combined work.

In the combination, you must combine any sections Entitled "History"
in the various original documents, forming one section Entitled
"History"; likewise combine any sections Entitled "Acknowledgements",
and any sections Entitled "Dedications".  You must delete all sections
Entitled "Endorsements".


6. COLLECTIONS OF DOCUMENTS

You may make a collection consisting of the Document and other
documents released under this License, and replace the individual
copies of this License in the various documents with a single copy
that is included in the collection, provided that you follow the rules
of this License for verbatim copying of each of the documents in all
other respects.

You may extract a single document from such a collection, and
distribute it individually under this License, provided you insert a
copy of this License into the extracted document, and follow this
License in all other respects regarding verbatim copying of that
document.


7. AGGREGATION WITH INDEPENDENT WORKS

A compilation of the Document or its derivatives with other separate
and independent documents or works, in or on a volume of a storage or
distribution medium, is called an "aggregate" if the copyright
resulting from the compilation is not used to limit the legal rights
of the compilation's users beyond what the individual works permit.
When the Document is included in an aggregate, this License does not
apply to the other works in the aggregate which are not themselves
derivative works of the Document.

If the Cover Text requirement of section 3 is applicable to these
copies of the Document, then if the Document is less than one half of
the entire aggregate, the Document's Cover Texts may be placed on
covers that bracket the Document within the aggregate, or the
electronic equivalent of covers if the Document is in electronic form.
Otherwise they must appear on printed covers that bracket the whole
aggregate.


8. TRANSLATION

Translation is considered a kind of modification, so you may
distribute translations of the Document under the terms of section 4.
Replacing Invariant Sections with translations requires special
permission from their copyright holders, but you may include
translations of some or all Invariant Sections in addition to the
original versions of these Invariant Sections.  You may include a
translation of this License, and all the license notices in the
Document, and any Warranty Disclaimers, provided that you also include
the original English version of this License and the original versions
of those notices and disclaimers.  In case of a disagreement between
the translation and the original version of this License or a notice
or disclaimer, the original version will prevail.

If a section in the Document is Entitled "Acknowledgements",
"Dedications", or "History", the requirement (section 4) to Preserve
its Title (section 1) will typically require changing the actual
title.


9. TERMINATION

You may not copy, modify, sublicense, or distribute the Document
except as expressly provided under this License.  Any attempt
otherwise to copy, modify, sublicense, or distribute it is void, and
will automatically terminate your rights under this License.

However, if you cease all violation of this License, then your license
from a particular copyright holder is reinstated (a) provisionally,
unless and until the copyright holder explicitly and finally
terminates your license, and (b) permanently, if the copyright holder
fails to notify you of the violation by some reasonable means prior to
60 days after the cessation.

Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.

Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License.  If your rights have been terminated and not permanently
reinstated, receipt of a copy of some or all of the same material does
not give you any rights to use it.


10. FUTURE REVISIONS OF THIS LICENSE

The Free Software Foundation may publish new, revised versions of the
GNU Free Documentation License from time to time.  Such new versions
will be similar in spirit to the present version, but may differ in
detail to address new problems or concerns.  See
http://www.gnu.org/copyleft/.

Each version of the License is given a distinguishing version number.
If the Document specifies that a particular numbered version of this
License "or any later version" applies to it, you have the option of
following the terms and conditions either of that specified version or
of any later version that has been published (not as a draft) by the
Free Software Foundation.  If the Document does not specify a version
number of this License, you may choose any version ever published (not
as a draft) by the Free Software Foundation.  If the Document
specifies that a proxy can decide which future versions of this
License can be used, that proxy's public statement of acceptance of a
version permanently authorizes you to choose that version for the
Document.

11. RELICENSING

"Massive Multiauthor Collaboration Site" (or "MMC Site") means any
World Wide Web server that publishes copyrightable works and also
provides prominent facilities for anybody to edit those works.  A
public wiki that anybody can edit is an example of such a server.  A
"Massive Multiauthor Collaboration" (or "MMC") contained in the site
means any set of copyrightable works thus published on the MMC site.

"CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 
license published by Creative Commons Corporation, a not-for-profit 
corporation with a principal place of business in San Francisco, 
California, as well as future copyleft versions of that license 
published by that same organization.

"Incorporate" means to publish or republish a Document, in whole or in 
part, as part of another Document.

An MMC is "eligible for relicensing" if it is licensed under this 
License, and if all works that were first published under this License 
somewhere other than this MMC, and subsequently incorporated in whole or 
in part into the MMC, (1) had no cover texts or invariant sections, and 
(2) were thus incorporated prior to November 1, 2008.

The operator of an MMC Site may republish an MMC contained in the site
under CC-BY-SA on the same site at any time before August 1, 2009,
provided the MMC is eligible for relicensing.


ADDENDUM: How to use this License for your documents

To use this License in a document you have written, include a copy of
the License in the document and put the following copyright and
license notices just after the title page:

    Copyright (c)  YEAR  YOUR NAME.
    Permission is granted to copy, distribute and/or modify this document
    under the terms of the GNU Free Documentation License, Version 1.3
    or any later version published by the Free Software Foundation;
    with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
    A copy of the license is included in the section entitled "GNU
    Free Documentation License".

If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts,
replace the "with...Texts." line with this:

    with the Invariant Sections being LIST THEIR TITLES, with the
    Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST.

If you have Invariant Sections without Cover Texts, or some other
combination of the three, merge those two alternatives to suit the
situation.

If your document contains nontrivial examples of program code, we
recommend releasing these examples in parallel under your choice of
free software license, such as the GNU General Public License,
to permit their use in free software.

-----end of document-----
