chksum = 0xa607
src = 11.11.11.11
dst = 11.11.11.10
- \options \
+ options
###[ ICMP ]###
type = echo-reply
code = 0
"""
+import os
import socket
import select
-import os
-import time
-from multiprocessing import Queue, Process
+
from scapy.all import ETH_P_IP, ETH_P_IPV6, ETH_P_ALL, ETH_P_ARP
-from scapy.all import Ether, ARP, Packet
+from scapy.all import Ether, ARP
from scapy.layers.inet6 import IPv6
__all__ = ['RxQueue', 'TxQueue', 'Interface', 'create_gratuitous_arp_request',
- 'auto_pad']
+ 'auto_pad', 'checksum_equal']
+
+# TODO: http://stackoverflow.com/questions/320232/
+# ensuring-subprocesses-are-dead-on-exiting-python-program
-# TODO: http://stackoverflow.com/questions/320232/ensuring-subprocesses-are-dead-on-exiting-python-program
class PacketVerifier(object):
"""Base class for TX and RX queue objects for packet verifier."""
Takes string as input and looks for first whole packet in it.
If it finds one, it returns substring from the buf parameter.
- :param buf: string representation of incoming packet buffer.
- :type buf: string
- :return: String representation of first packet in buf.
- :rtype: string
+ :param buf: String representation of incoming packet buffer.
+ :type buf: str
+ :returns: String representation of first packet in buf.
+ :rtype: str
"""
pkt_len = 0
if len(buf) < 60:
return None
- # print
- # print buf.__repr__()
- # print Ether(buf).__repr__()
- # print len(Ether(buf))
- # print
try:
ether_type = Ether(buf[0:14]).type
except AttributeError:
This function is meant to be run in separate subprocess and is in tight
loop reading raw packets from interface passed as parameter.
- :param interace_name: Name of interface to read packets from.
+ :param interface_name: Name of interface to read packets from.
:param queue: Queue in which this function will push incoming packets.
- :type interface_name: string
+ :type interface_name: str
:type queue: multiprocessing.Queue
- :return: None
+ :returns: None
"""
sock = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, ETH_P_ALL)
sock.bind((interface_name, ETH_P_ALL))
function to access them.
:param interface_name: Which interface to bind to.
- :type interface_name: string
+ :type interface_name: str
"""
-
def __init__(self, interface_name):
PacketVerifier.__init__(self, interface_name)
- #self._queue = Queue()
- #self._proc = Process(target=packet_reader, args=(interface_name,
- # self._queue))
- #self._proc.daemon = True
- #self._proc.start()
- #time.sleep(2)
-
- def recv(self, timeout=3, ignore=None):
+ def recv(self, timeout=3, ignore=None, verbose=True):
"""Read next received packet.
Returns scapy's Ether() object created from next packet in the queue.
arrives in given timeout queue.Empty exception will be risen.
:param timeout: How many seconds to wait for next packet.
+ :param ignore: List of packets that should be ignored.
+ :param verbose: Used to suppress detailed logging of received packets.
:type timeout: int
+ :type ignore: list
+ :type verbose: bool
- :return: Ether() initialized object from packet data.
+ :returns: Ether() initialized object from packet data.
:rtype: scapy.Ether
"""
-
- #pkt = self._queue.get(True, timeout=timeout)
(rlist, _, _) = select.select([self._sock], [], [], timeout)
if self._sock not in rlist:
return None
pkt = self._sock.recv(0x7fff)
- print 'Received packet on {0} of len {1}'.format(self._ifname, len(pkt))
- Ether(pkt).show2()
- print
+ pkt_pad = auto_pad(pkt)
+ print'Received packet on {0} of len {1}'.format(self._ifname, len(pkt))
+ if verbose:
+ Ether(pkt).show2()
+ print
if ignore is not None:
for i, ig_pkt in enumerate(ignore):
# Auto pad all packets in ignore list
ignore[i] = auto_pad(ig_pkt)
for ig_pkt in ignore:
- if ig_pkt == pkt:
+ if ig_pkt == pkt_pad:
# Found the packet in ignore list, get another one
# TODO: subtract timeout - time_spent in here
ignore.remove(ig_pkt)
- return self.recv(timeout, ignore)
+ return self.recv(timeout, ignore, verbose)
return Ether(pkt)
This object is used to send packets over RAW socket on a interface.
:param interface_name: Which interface to send packets from.
- :type interface_name: string
+ :type interface_name: str
"""
def __init__(self, interface_name):
PacketVerifier.__init__(self, interface_name)
- def send(self, pkt):
+ def send(self, pkt, verbose=True):
"""Send packet out of the bound interface.
:param pkt: Packet to send.
+ :param verbose: Used to supress detailed logging of sent packets.
:type pkt: string or scapy Packet derivative.
+ :type verbose: bool
"""
print 'Sending packet out of {0} of len {1}'.format(self._ifname,
len(pkt))
- Ether(str(pkt)).show2()
- print
+ if verbose:
+ Ether(str(pkt)).show2()
+ print
pkt = auto_pad(str(pkt))
self._sock.send(pkt)
class Interface(object):
+ """Class for network interfaces. Contains methods for sending and receiving
+ packets."""
def __init__(self, if_name):
+ """Initialize the interface class.
+
+ :param if_name: Name of the interface.
+ :type if_name: str
+ """
self.if_name = if_name
self.sent_packets = []
self.rxq = RxQueue(if_name)
self.txq = TxQueue(if_name)
def send_pkt(self, pkt):
+ """Send the provided packet out the interface."""
self.sent_packets.append(pkt)
self.txq.send(pkt)
def recv_pkt(self, timeout=3):
- return self.rxq.recv(timeout, self.sent_packets)
+ """Read one packet from the interface's receive queue.
- def close(self):
- #self.rxq._proc.terminate()
- pass
+ :param timeout: Timeout value in seconds.
+ :type timeout: int
+ :returns: Ether() initialized object from packet data.
+ :rtype: scapy.Ether
+ """
+ return self.rxq.recv(timeout, self.sent_packets)
def create_gratuitous_arp_request(src_mac, src_ip):
- """Creates scapy representation of gratuitous ARP request"""
+ """Creates scapy representation of gratuitous ARP request."""
return (Ether(src=src_mac, dst='ff:ff:ff:ff:ff:ff') /
ARP(psrc=src_ip, hwsrc=src_mac, pdst=src_ip))
padded += ('\0' * (60 - len(padded)))
return padded
+
+def checksum_equal(chksum1, chksum2):
+ """Compares two checksums in one's complement notation.
+
+ Checksums to be compared are calculated as 16 bit one's complement of the
+ one's complement sum of 16 bit words of some buffer.
+ In one's complement notation 0x0000 (positive zero) and 0xFFFF
+ (negative zero) are equivalent.
+
+ :param chksum1: First checksum.
+ :param chksum2: Second checksum.
+ :type chksum1: uint16
+ :type chksum2: uint16
+
+ :returns: True if checksums are equivalent, False otherwise.
+ :rtype: boolean
+ """
+ if chksum1 == 0xFFFF:
+ chksum1 = 0
+ if chksum2 == 0xFFFF:
+ chksum2 = 0
+ return chksum1 == chksum2