
# g-net-speed

### Network benchmark, stress test and reliability assessment utility

#### Description
`gns` is used to benchmark or stress test network services and equipment.
It can operate as either server or client to transfer data over one or more
TCP connection or a UDP stream. Apart from RAW and TLS connections, the tool
also provides HTTP client and WebSocket server. In server mode, the protocol is
selected by the client request, with fallback to RAW if no protocol is detected.
In client mode, the use of protocol is configured from the command line. The
number of TCP connections, packet size, and other options are also set from the
command line. The default packet size is 2 MB for TCP and 1472 bytes for UDP.
Secure connections require a certificate file in the current directory with the
name `gvalkov.com.pem`.

#### Command line options
```text
gns <-l --listen> <-p source port>
gns <host IP> <port>
```

| Command | Alternative  | Description |
| ------: | :----------- | :---------- |
| `-s`    |              | Source IP   |
| `-p`    |              | Source port |
| `-c`    | `1-1024`     | Number of connections |
| `-P`    | `--print`    | Print packets |
| `-O`    | `--once`     | Print only the first packet|
| `-v`    | `--verbose`  | Use verbose output |
| `-q`    | `--quiet`    | Connect silently |
| `-L`    |              | Packet length e.g. `1472` `1405` `1422` `65112` `65507` |
| `-U`    | `[count]`    | Use UDP mode, exit after count packets have been sent |
| `-u`    | `-udp`       | Use UDP mode |
| `-g`    | `-h` `hostname` `/path` `[count]` | Send GET/HEAD requests in each packet |
| `-d`    | `--delay-initial` `ms` | Initial delay between sending packets |
| `-D`    | `--delay` `us`         | Delay between sending packets |
| `-A`    | `--delay-adaptive` `[1-18]` | Adapts the delay based on feedback for lost packets: |
|         |              | The number of lost packets is reporoted by the |
|         |              | receiving side. |
|         |              | High values reduce speed variations, but may slow |
|         |              | transfers. |
|         |              | Low values cause the transfer speed to raise faster. |
|         |              | |
| `-w`    | `--write`    | Write to socket |
| `-W`    |              | Accept WebSocket connections |
| `-t`    | `--tls`      | Enable TLS client |
| `-H`    | `--honeypot` | [Honeypod mode](#honeypot-warning) (disable receive task) |


#### Sample use
```powershell
gns -lp 81
gns -lp 81 -s 192.168.192.77
gns 192.168.192.1 81 -s 192.168.192.77 -p 81
```

#### Honeypot warning
Normally the program accepts connections or connects to some server,
then reads the incomming packets, which frees system resources and enables
normal communication over the network. If `--write` is enabled, the program
also writes data to the socket. The `--honeypot` (`-H`) switch disables all
receiving tasks. This may jam system resources and disrupt network communications.
Some Wi-Fi cards disconnect, if a client in this mode starts receiving data.
iOS and macOS are likely to kernel panic.

#### DDoS warning
Please do not use this tool for DDoS without permission from the target!
It is fully capable of wreaking havoc. The user is liable for any damage caused.
Some DSL dvices go offline if targeted over UDP.

#### iOS and macOS vulnerability
Some platforms, notably iOS and macOS have an IP stack which is rather unreliable.
This tool is very likely to cause kernel panic if used properly. While this could
affect either side of the connection, usually the side sending data is affected.
The receiving side may also crash if it lacks resources to process all incoming
data in time, or in the case when Honeypot mode is used. The crash is triggered by
the system Watchdog, due to resource exhaustion causing critical system services
to become unresponsive. A common symptom predating a crash is complete or partial
loss of network connectivity and no ICMP replay from localhost. The Apple security
team had been notified about this vulnerability on February the 17th 2020. While
their team have accomplished a huge improvement, the issue is still exploitable,
given enough effort. They have also proven to be extremely hard to work with. When
the vulnerability was first discovered, it was as simple as visiting a malicious
web page in any browser, and the system would crash. The first web exploit used
128 parallel WebSocket connections sending large packets of data, while with a
native application 32 connections were sufficient. In the original vulnerability,
there was an instant and permanent loss of network connectivity. Any application
attempting to use the network would stop responding until the system is restarted.
iOS used to restar in 10 seconds, while macOS took 3 minutes. Demo
[iOS](https://httpstorm.com/apple/g-net-crash/g-net-crash.2020-05-30.LTE.mov),
[macOS](https://httpstorm.com/apple/g-net-crash/g-net-crash.2020-06-05.macOS.hotspot-LTE.01.mov).


#### Supported Platforms
☂︎ Apple iOS, macOS  
☂︎ FreeBSD  
☂︎ Linux, OpenWRT  
☂︎ Windows  


#### [Prerequisites and build instructions](../../../lib.git#Prerequisites)


#### © 2014-2023 Georgi Valkov
https://httpstorm.com/download/g-net-speed/