1 # Copyright (c) 2016 Cisco and/or its affiliates.
2 # Licensed under the Apache License, Version 2.0 (the "License");
3 # you may not use this file except in compliance with the License.
4 # You may obtain a copy of the License at:
6 # http://www.apache.org/licenses/LICENSE-2.0
8 # Unless required by applicable law or agreed to in writing, software
9 # distributed under the License is distributed on an "AS IS" BASIS,
10 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11 # See the License for the specific language governing permissions and
12 # limitations under the License.
14 """PacketVerifier module.
18 >>> from scapy.all import *
19 >>> from PacketVerifier import *
20 >>> rxq = RxQueue('eth1')
21 >>> txq = TxQueue('eth1')
22 >>> src_mac = "AA:BB:CC:DD:EE:FF"
23 >>> dst_mac = "52:54:00:ca:5d:0b"
24 >>> src_ip = "11.11.11.10"
25 >>> dst_ip = "11.11.11.11"
27 >>> pkt_send = Ether(src=src_mac, dst=dst_mac) /
28 ... IP(src=src_ip, dst=dst_ip) /
30 >>> sent_packets.append(pkt_send)
31 >>> txq.send(pkt_send)
32 >>> pkt_send = Ether(src=src_mac, dst=dst_mac) /
33 ... ARP(hwsrc=src_mac, psrc=src_ip, hwdst=dst_mac, pdst=dst_ip, op=2)
34 >>> sent_packets.append(pkt_send)
35 >>> txq.send(pkt_send)
36 >>> rxq.recv(100, sent_packets).show()
38 dst = aa:bb:cc:dd:ee:ff
39 src = 52:54:00:ca:5d:0b
62 load = 'RT\x00\xca]\x0b\xaa\xbb\xcc\xdd\xee\xff\x08\x06\x00\x01\x08\x00'
70 from multiprocessing import Queue, Process
71 from scapy.all import ETH_P_IP, ETH_P_IPV6, ETH_P_ALL, ETH_P_ARP
72 from scapy.all import Ether, ARP, Packet
73 from scapy.layers.inet6 import IPv6
75 __all__ = ['RxQueue', 'TxQueue', 'Interface', 'create_gratuitous_arp_request',
78 # TODO: http://stackoverflow.com/questions/320232/ensuring-subprocesses-are-dead-on-exiting-python-program
80 class PacketVerifier(object):
81 """Base class for TX and RX queue objects for packet verifier."""
82 def __init__(self, interface_name):
83 os.system('sudo echo 1 > /proc/sys/net/ipv6/conf/{0}/disable_ipv6'
84 .format(interface_name))
85 os.system('sudo ip link set {0} up promisc on'.format(interface_name))
86 self._sock = socket.socket(socket.AF_PACKET, socket.SOCK_RAW,
88 self._sock.bind((interface_name, ETH_P_ALL))
91 def extract_one_packet(buf):
92 """Extract one packet from the incoming buf buffer.
94 Takes string as input and looks for first whole packet in it.
95 If it finds one, it returns substring from the buf parameter.
97 :param buf: string representation of incoming packet buffer.
99 :return: String representation of first packet in buf.
108 # print buf.__repr__()
109 # print Ether(buf).__repr__()
110 # print len(Ether(buf))
113 ether_type = Ether(buf[0:14]).type
114 except AttributeError:
116 'No EtherType in packet {0}'.format(buf.__repr__()))
118 if ether_type == ETH_P_IP:
119 # 14 is Ethernet fame header size.
120 # 4 bytes is just enough to look for length in ip header.
121 # ip total length contains just the IP packet length so add the Ether
123 pkt_len = Ether(buf[0:14+4]).len + 14
126 elif ether_type == ETH_P_IPV6:
127 if not Ether(buf[0:14+6]).haslayer(IPv6):
129 'Invalid IPv6 packet {0}'.format(buf.__repr__()))
130 # ... to add to the above, 40 bytes is the length of IPV6 header.
131 # The ipv6.len only contains length of the payload and not the header
132 pkt_len = Ether(buf)['IPv6'].plen + 14 + 40
135 elif ether_type == ETH_P_ARP:
136 pkt = Ether(buf[:20])
137 if not pkt.haslayer(ARP):
138 raise RuntimeError('Incomplete ARP packet')
139 # len(eth) + arp(2 hw addr type + 2 proto addr type
140 # + 1b len + 1b len + 2b operation)
143 pkt_len += 2 * pkt.getlayer(ARP).hwlen
144 pkt_len += 2 * pkt.getlayer(ARP).plen
147 elif ether_type == 32821: # RARP (Reverse ARP)
148 pkt = Ether(buf[:20])
149 pkt.type = ETH_P_ARP # Change to ARP so it works with scapy
150 pkt = Ether(str(pkt))
151 if not pkt.haslayer(ARP):
153 raise RuntimeError('Incomplete RARP packet')
155 # len(eth) + arp(2 hw addr type + 2 proto addr type
156 # + 1b len + 1b len + 2b operation)
158 pkt_len += 2 * pkt.getlayer(ARP).hwlen
159 pkt_len += 2 * pkt.getlayer(ARP).plen
163 raise RuntimeError('Unknown protocol {0}'.format(ether_type))
168 if len(buf) < pkt_len:
171 return buf[0:pkt_len]
174 def packet_reader(interface_name, queue):
175 """Sub-process routine that reads packets and puts them to queue.
177 This function is meant to be run in separate subprocess and is in tight
178 loop reading raw packets from interface passed as parameter.
180 :param interace_name: Name of interface to read packets from.
181 :param queue: Queue in which this function will push incoming packets.
182 :type interface_name: string
183 :type queue: multiprocessing.Queue
186 sock = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, ETH_P_ALL)
187 sock.bind((interface_name, ETH_P_ALL))
190 pkt = sock.recv(0x7fff)
194 class RxQueue(PacketVerifier):
195 """Receive queue object.
197 This object creates raw socket, reads packets from it and provides
198 function to access them.
200 :param interface_name: Which interface to bind to.
201 :type interface_name: string
204 def __init__(self, interface_name):
205 PacketVerifier.__init__(self, interface_name)
207 #self._queue = Queue()
208 #self._proc = Process(target=packet_reader, args=(interface_name,
210 #self._proc.daemon = True
214 def recv(self, timeout=3, ignore=None):
215 """Read next received packet.
217 Returns scapy's Ether() object created from next packet in the queue.
218 Queue is being filled in parallel in subprocess. If no packet
219 arrives in given timeout queue.Empty exception will be risen.
221 :param timeout: How many seconds to wait for next packet.
224 :return: Ether() initialized object from packet data.
228 #pkt = self._queue.get(True, timeout=timeout)
229 (rlist, _, _) = select.select([self._sock], [], [], timeout)
230 if self._sock not in rlist:
233 pkt = self._sock.recv(0x7fff)
235 if ignore is not None:
236 for i, ig_pkt in enumerate(ignore):
237 # Auto pad all packets in ignore list
238 ignore[i] = auto_pad(ig_pkt)
239 for ig_pkt in ignore:
241 # Found the packet in ignore list, get another one
242 # TODO: subtract timeout - time_spent in here
243 ignore.remove(ig_pkt)
244 return self.recv(timeout, ignore)
249 class TxQueue(PacketVerifier):
250 """Transmission queue object.
252 This object is used to send packets over RAW socket on a interface.
254 :param interface_name: Which interface to send packets from.
255 :type interface_name: string
257 def __init__(self, interface_name):
258 PacketVerifier.__init__(self, interface_name)
261 """Send packet out of the bound interface.
263 :param pkt: Packet to send.
264 :type pkt: string or scapy Packet derivative.
266 pkt = auto_pad(str(pkt))
270 class Interface(object):
271 def __init__(self, if_name):
272 self.if_name = if_name
273 self.sent_packets = []
274 self.rxq = RxQueue(if_name)
275 self.txq = TxQueue(if_name)
277 def send_pkt(self, pkt):
278 self.sent_packets.append(pkt)
281 def recv_pkt(self, timeout=3):
282 return self.rxq.recv(timeout, self.sent_packets)
285 #self.rxq._proc.terminate()
289 def create_gratuitous_arp_request(src_mac, src_ip):
290 """Creates scapy representation of gratuitous ARP request"""
291 return (Ether(src=src_mac, dst='ff:ff:ff:ff:ff:ff') /
292 ARP(psrc=src_ip, hwsrc=src_mac, pdst=src_ip))
295 def auto_pad(packet):
296 """Pads zeroes at the end of the packet if the total len < 60 bytes."""
299 padded += ('\0' * (60 - len(padded)))