def test_radiotap_packet_filter_and_parse_failing_wrong_encapsulation( marine_or_marine_pool: Union[Marine, MarinePool] ): src_ip = "78.78.78.255" dst_ip = "10.0.0.255" bpf_filter = "ip" display_filter = "ip" packet = ( radiotap.Radiotap(present_flags=radiotap.CHANNEL_MASK + radiotap.RATE_MASK) + ieee80211.IEEE80211(framectl=0x8801) + ieee80211.IEEE80211.Dataframe(sec_param=None) + llc.LLC( dsap=170, ssap=170, ctrl=3, snap=int.to_bytes(llc.LLC_TYPE_IP, 5, "big") ) + ip.IP(src_s=src_ip, dst_s=dst_ip) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=None, expected_passed=False, expected_output={}, )
def test_tcp_packet_filter_and_parse_with_field_template_with_non_existing_field_first( marine_or_marine_pool: Union[Marine, MarinePool] ): src_mac = "00:00:00:12:34:ff" dst_mac = "00:00:00:ff:00:1e" src_ip = "21.53.78.255" dst_ip = "10.0.0.255" src_port = 16424 dst_port = 41799 bpf_filter = "ip" display_filter = "tcp" field_templates = {"macro.ip.src": ["ipv6.src", "ip.src"]} expected_output = { "macro.ip.src": src_ip, } packet = ( ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac) + ip.IP(src_s=src_ip, dst_s=dst_ip) + tcp.TCP(sport=src_port, dport=dst_port) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=field_templates, expected_passed=True, expected_output=expected_output, )
def test_radiotap_packet_filter_and_parse_with_auto_encap_in_field_template( marine_or_marine_pool: Union[Marine, MarinePool] ): src_ip = "78.78.78.255" dst_ip = "10.0.0.255" bpf_filter = "ip" display_filter = "ip" field_templates = {"macro.dummy": ["radiotap.present.rate"]} expected_output = { "macro.dummy": 1, "ip.src": src_ip, "ip.dst": dst_ip, } packet = ( radiotap.Radiotap(present_flags=radiotap.CHANNEL_MASK + radiotap.RATE_MASK) + ieee80211.IEEE80211(framectl=0x8801) + ieee80211.IEEE80211.Dataframe(sec_param=None) + llc.LLC( dsap=170, ssap=170, ctrl=3, snap=int.to_bytes(llc.LLC_TYPE_IP, 5, "big") ) + ip.IP(src_s=src_ip, dst_s=dst_ip) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=None, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=field_templates, expected_passed=True, expected_output=expected_output, )
def test_radiotap_packet_filter_and_parse_parsing_wrong_encapsulation( marine_or_marine_pool: Union[Marine, MarinePool] ): src_ip = "78.78.78.255" dst_ip = "10.0.0.255" expected_output = { "radiotap.present.tsft": None, "radiotap.present.channel": None, "radiotap.present.rate": None, "wlan.fc.type_subtype": None, "llc.type": None, "ip.src": None, "ip.dst": None, } packet = ( radiotap.Radiotap(present_flags=radiotap.CHANNEL_MASK + radiotap.RATE_MASK) + ieee80211.IEEE80211(framectl=0x8801) + ieee80211.IEEE80211.Dataframe(sec_param=None) + llc.LLC( dsap=170, ssap=170, ctrl=3, snap=int.to_bytes(llc.LLC_TYPE_IP, 5, "big") ) + ip.IP(src_s=src_ip, dst_s=dst_ip) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=None, display_filter=None, field_templates=None, expected_passed=True, expected_output=expected_output, )
def test_filter_and_parse_without_filters( marine_or_marine_pool: Union[Marine, MarinePool] ): src_mac = "00:00:00:12:34:ff" dst_mac = "00:00:00:ff:00:1e" src_ip = "21.53.78.255" dst_ip = "10.0.0.255" src_port = 16424 dst_port = 41799 expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "ip.src": src_ip, "ip.dst": dst_ip, "tcp.srcport": src_port, "tcp.dstport": dst_port, } packet = ( ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac) + ip.IP(src_s=src_ip, dst_s=dst_ip) + tcp.TCP(sport=src_port, dport=dst_port) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=None, display_filter=None, field_templates=None, expected_passed=True, expected_output=expected_output, )
def tcp_packet(tcp_payload) -> bytes: packet = ( ethernet.Ethernet(src_s="00:00:00:12:34:ff", dst_s="00:00:00:ff:00:1e") + ip.IP(src_s="10.0.0.255", dst_s="21.53.78.255") + tcp.TCP( sport=16424, dport=41799, flags=tcp.TH_ACK, body_bytes=tcp_payload)) return packet.bin()
def send(self, payload): packet = ip.IP(payload) if packet[ip.IP, tcp.TCP] is not None: print("[RawSocketSimulator] RAW TCP %s:%s -> %s:%s" % ( packet[ip.IP].src_s, packet[tcp.TCP].sport, packet[ip.IP].dst_s, packet[tcp.TCP].dport, )) (self.host, self.port) = ( packet[ip.IP].dst_s, packet[tcp.TCP].dport, ) # Handle TCP SYN Scan if packet[tcp.TCP].flags == tcp.TH_SYN: if self._raw_syn_queue.qsize() < 16: self._raw_syn_queue.put(( packet[ip.IP].src_s, packet[ip.IP].dst_s, packet[tcp.TCP].sport, packet[tcp.TCP].dport, packet[tcp.TCP].seq, )) else: print("[RawSocketSimulator] Unsupported RAW scan packet:", packet)
def buildtcp(): # Ethernet header eth = ethernet.Ethernet() eth.src = b"\x00\x0c\x29\xdf\xe3\xc0" eth.dst = b"\x00\x0c\x29\x29\x85\xd2" eth.type = ethernet.ETH_TYPE_IP # IP header ipp = ip.IP() ipp.src = socket.inet_aton("172.16.13.165") ipp.dst = socket.inet_aton("172.16.13.162") ipp.p = ip.IP_PROTO_TCP # TCP header tcpp = tcp.TCP() tcpp.sport = 60001 tcpp.dport = 80 tcpp.flags = tcp.TH_SYN ipp.data = tcpp ipp.len = len(str(ip)) ipp.id = 1 tcpp._TCP__calc_sum() ipp._IP__calc_sum() eth.data = ipp # open sockets using the socket handler #sock_l2 = SocketHndl(iface_name="eth1", mode=SocketHndl.MODE_LAYER_2) # send raw bytes #sock_l2.send(eth.bin()) #print(eth.bin()) return eth.bin()
def test_icmp_packet_filter_and_parse(marine_or_marine_pool: Union[Marine, MarinePool]): src_mac = "00:00:00:12:34:ff" dst_mac = "00:00:00:ff:00:1e" src_ip = "21.53.78.255" dst_ip = "10.0.0.255" icmp_echo_type = 8 bpf_filter = "ip" display_filter = "icmp" expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "ip.src": src_ip, "ip.dst": dst_ip, "icmp.type": icmp_echo_type, } packet = ( ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac) + ip.IP(src_s=src_ip, dst_s=dst_ip, p=ip.IP_PROTO_ICMP) + icmp.ICMP(type=icmp_echo_type) + icmp.ICMP.Echo() ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=None, expected_passed=True, expected_output=expected_output, )
def _generate_zero_pkt(self, src_ip, src_port, dst_ip, dst_port, proto): assert proto == 6 zp = ethernet.Ethernet() + ip.IP(src_s=src_ip, dst_s=dst_ip) + tcp.TCP( sport=src_port, dport=dst_port, flags=24, body_bytes=bytearray(self.zpp)) return zp.bin()
def _make_syn_ack_packet(self, saddr, daddr, sport, dport, seq): packet = ip.IP(src_s=saddr, dst_s=daddr) + tcp.TCP( dport=dport, sport=sport, seq=seq, ack=seq + 1, flags=tcp.TH_SYN | tcp.TH_ACK, ) return packet.bin()
def poll(self, timeout): events = self.poller.poll(timeout) if events: # lists are true iff. they are non-empty # FIXME properly read the (fd, event) tuple, iterate list data = self.tun.read(self.tun.mtu) #sys.stdout.buffer.write(data) pack = ip.IP(data) return {"IP": pack.dst, "payload": data} else: return None
def _create_udp_base_packets( conversation: Layer3Conversation) -> Tuple[Packet, Packet]: src_port, dst_port = _generate_port(), _generate_port() base_src_to_dst = (ethernet.Ethernet( src_s=conversation.src_mac, dst_s=conversation.dst_mac, type=ethernet.ETH_TYPE_IP, ) + ip.IP(p=ip.IP_PROTO_UDP, src_s=conversation.src_ip, dst_s=conversation.dst_ip) + udp.UDP(sport=src_port, dport=dst_port)) base_dst_to_src = (ethernet.Ethernet( src_s=conversation.dst_mac, dst_s=conversation.src_mac, type=ethernet.ETH_TYPE_IP, ) + ip.IP(p=ip.IP_PROTO_UDP, src_s=conversation.dst_ip, dst_s=conversation.src_ip) + udp.UDP(sport=dst_port, dport=src_port)) return base_src_to_dst, base_dst_to_src
def send_pkt(pkt_num): ips = [] for i in range(0, pkt_num): ips.append(str(random.randint(1, 254)) + '.' + str(random.randint(1, 254)) + '.' + str(random.randint(1, 254)) + '.' + str(random.randint(1, 254))) while True: for i in range(0, pkt_num): src_ip = ips[i] print('src ip : ' + src_ip) packet_ip = ip.IP(src_s=src_ip, dst_s="192.168.10.1") + tcp.TCP(dport=8888) psock = psocket.SocketHndl(mode=psocket.SocketHndl.MODE_LAYER_3, timeout=10) psock.send(packet_ip.bin(), dst=packet_ip.dst_s) time.sleep(0.001) psock.close()
def handle_pkt(pkt): ip1 = ip.IP(pkt.get_payload()) if dns.DNS in ip1: dns1 = ip1[dns.DNS] # this is a query that we would like to rewrite if (not dns1.answers and set(q.name_s for q in dns1.queries) & TARGET_HOSTNAMES and ip1.src[-1] > 240): # only redirect packets from the client net pkt.set_mark(1234) print("Marked packet originally destined for", ip1.dst_s) pkt.accept()
def icmp_cb(pargs): """ICMP DoS""" pkt_icmpreq = ethernet.Ethernet(dst_s=pargs.mac_dst, src_s=pargs.mac_src) +\ ip.IP(src_s=pargs.ip_src, dst_s=pargs.ip_dst, p=ip.IP_PROTO_ICMP) +\ icmp.ICMP(type=8) +\ icmp.ICMP.Echo(id=1, ts=123456789, body_bytes=b"A" * 1460) psock = psocket.SocketHndl(iface_name=pargs.iface_name) for cnt in range(pargs.count): psock.send(pkt_icmpreq.bin()) psock.close()
def verdict_cb(ll_data, ll_proto_id, data, ctx): ip1 = ip.IP(data) if dns.DNS in ip1: dns1 = ip1[dns.DNS] for answer in dns1.answers: if answer.type == dns.DNS_A and answer.name_s in TARGET_HOSTNAMES: print("Modified a DNS response for", answer.name_s) answer.address = OUR_SERVER # force recalculation of UDP checksum, seems to be a bug in pypacker ip1[udp.UDP]._calc_sum() return ip1.bin(True), interceptor.NF_ACCEPT
def poll(self, timeout): logging.debug('Checking for packets on TUN...') events = self.poller.poll(timeout) if events: # lists are true iff. they are non-empty # FIXME properly read the (fd, event) tuple, iterate list logging.debug("Select poller reports TUN is readable...") data = self.tun.read(self.tun.mtu) logging.debug("Incoming packets on TUN...") #sys.stdout.buffer.write(data) pack = ip.IP(data) return {"IP": pack.dst, "payload": data} else: logging.debug("No packets from TUN.") return None
def test_dhcp_packet_filter_and_parse(marine_or_marine_pool: Union[Marine, MarinePool]): src_mac = "00:00:00:12:34:ff" dst_mac = "00:00:00:ff:00:1e" src_ip = "21.53.78.255" given_ip = "10.0.0.255" broadcast_ip = "255.255.255.255" src_port = 16424 dst_port = 68 bpf_filter = "ip" display_filter = "dhcp" expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "ip.src": src_ip, "ip.dst": broadcast_ip, "udp.srcport": src_port, "udp.dstport": dst_port, "dhcp.ip.your": given_ip, "dhcp.option.dhcp_server_id": src_ip, } packet = ( ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac) + ip.IP(src_s=src_ip, dst_s=broadcast_ip, p=ip.IP_PROTO_UDP) + udp.UDP(sport=src_port, dport=dst_port) + dhcp.DHCP( yiaddr_s=given_ip, magic=dhcp.DHCP_MAGIC, opts=[ dhcp.DHCPOpt( type=dhcp.DHCP_OPT_SERVER_ID, len=4, body_bytes=bytes(int(num) for num in src_ip.split(".")), ) ], ) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=None, expected_passed=True, expected_output=expected_output, )
def verdict_cb(data, ll_proto_id, ctx): ip1 = ip.IP(data) icmp1 = ip1[icmp.ICMP] if icmp1 is None or icmp1.type != icmp.ICMP_TYPE_ECHO_REQ: return data, interceptor.NF_ACCEPT echo1 = icmp1[icmp.ICMP.Echo] if echo1 is None: return data, interceptor.NF_ACCEPT pp_bts = b"PYPACKER" print("changing ICMP echo request packet") echo1.body_bytes = echo1.body_bytes[:len(pp_bts)] + pp_bts return ip1.bin(), interceptor.NF_ACCEPT
def ip_cb(pargs): """ IP fragment DOS """ eth_l = ethernet.Ethernet(dst_s=pargs.mac_dst, src_s=pargs.mac_src) ip_l = ip.IP(src_s=pargs.ip_src, dst_s=pargs.ip_dst) ip_l.body_bytes = b"A" * 4000 psock = psocket.SocketHndl(iface_name=pargs.iface_name) ip_frags = ip_l.create_fragments(fragment_len=8) for cnt in range(pargs.count): for ip_frag in ip_frags: eth_l.upper_layer = ip_frag psock.send(eth_l.bin()) psock.close()
def test_http_packet_filter_and_parse(marine_or_marine_pool: Union[Marine, MarinePool]): src_mac = "00:00:00:12:34:ff" dst_mac = "00:00:00:ff:00:1e" src_ip = "21.53.78.255" dst_ip = "10.0.0.255" src_port = 16424 dst_port = 80 http_type = "GET" uri = "/subtest/subsubtest" version = "HTTP/1.1" domain_name = "www.testwebsite.com" body = "random body \x09\xff\x00" bpf_filter = "ip" display_filter = "http" expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "ip.src": src_ip, "ip.dst": dst_ip, "tcp.srcport": src_port, "tcp.dstport": dst_port, "http.request.method": http_type, "http.request.uri": uri, "http.request.version": version, "http.host": domain_name, } packet = ( ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac) + ip.IP(src_s=src_ip, dst_s=dst_ip) + tcp.TCP(sport=src_port, dport=dst_port) + http.HTTP( f"{http_type} {uri} {version}\r\nHost: {domain_name}\r\n\r\n{body}\r\n".encode() ) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=None, expected_passed=True, expected_output=expected_output, )
def verdict_cb(ll_data, ll_proto_id, data, ctx, *args): print("got data") ip1 = ip.IP(data) icmp1 = ip1[icmp.ICMP] if icmp1 is None or icmp1.type != icmp.ICMP_ECHO: return data, interceptor.NF_ACCEPT echo1 = icmp1[icmp.ICMP.Echo] if echo1 is None: return data, interceptor.NF_ACCEPT pp_bts = b"PYPACKER" print("ICMP Found") #print("changing ICMP echo request packet") #echo1.body_bytes = echo1.body_bytes[:len(pp_bts)] + pp_bts return ip1.bin(), interceptor.NF_ACCEPT
def read_write_cycler(obj, iface_in, iface_out, name): while obj._state_active: try: bts = iface_in.read() try: ip.IP( bts ) if obj._ifacetype == TYPE_TUN else ethernet.Ethernet(bts) #logger.debug("Sending in cycler %s (%s -> %s):\n%s\n%s" % # (name, iface_in._iface_name, iface_out._iface_name, bts, pkt)) iface_out.write(bts) except: pass except ValueError as ex: logger.exception(ex) break except OSError as ex: logger.exception(ex) break except Exception as ex: logger.exception(ex) break
def test_dns_packet_filter_and_parse(marine_or_marine_pool: Union[Marine, MarinePool]): src_mac = "00:00:00:12:34:ff" dst_mac = "00:00:00:ff:00:1e" src_ip = "21.53.78.255" dst_ip = "10.0.0.255" src_port = 16424 dst_port = 53 bpf_filter = "ip" display_filter = "dns" domain_name = "www.testwebsite.com" expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "ip.src": src_ip, "ip.dst": dst_ip, "udp.srcport": src_port, "udp.dstport": dst_port, "dns.qry.name": domain_name, } packet = ( ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac) + ip.IP(src_s=src_ip, dst_s=dst_ip, p=ip.IP_PROTO_UDP) + udp.UDP(sport=src_port, dport=dst_port) + dns.DNS(queries=[dns.DNS.Query(name_s=domain_name, type=1, cls=1)]) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=None, expected_passed=True, expected_output=expected_output, )
from pypacker import psocket from pypacker.layer12 import ethernet from pypacker.layer3 import ip, icmp # send ICMP request psock = psocket.SocketHndl(iface_name="wlan0") icmpreq = ethernet.Ethernet(src_s="20:16:d8:ef:1f:49", dst_s="24:65:11:85:e9:00", type=ethernet.ETH_TYPE_IP) +\ ip.IP(p=ip.IP_PROTO_ICMP, src_s="192.168.178.27", dst_s="192.168.178.24") +\ icmp.ICMP(type=8) +\ icmp.ICMP.Echo(id=1, ts=123456789, body_bytes=b"12345678901234567890") psock.send(icmpreq.bin())
# psock_req.close() # # spoof NTP response # print("waiting for NTP request") psock = psocket.SocketHndl(iface_name=IFACE, timeout=600) filter = lambda p: p[ntp.NTP] is not None and p[ip.IP].src_s == IP_SRC answer = psock.recvp(filter_match_recv=filter)[0] answer_ntp = answer[ntp.NTP] print("got NTP packet: %s" % answer_ntp) ntp_answer_send = Ethernet(dst=answer[Ethernet].src, src=answer[Ethernet].dst) +\ ip.IP(src=answer[ip.IP].dst, dst_s=IP_SRC, p=ip.IP_PROTO_UDP) +\ UDP(sport=answer[UDP].dport, dport=answer[UDP].sport) +\ ntp.NTP(li=ntp.NO_WARNING, v=3, mode=ntp.SERVER, stratum=2, interval=4, update_time=answer_ntp.transmit_time, originate_time=answer_ntp.transmit_time, receive_time=b"\x00" * 4 + answer_ntp.transmit_time[4:], transmit_time=b"\x00" * 4 + answer_ntp.transmit_time[4:]) # alternative packet creation """ ntp_answer_send = answer.create_reverse() layer_ntp = ntp_answer_send[ntp.NTP] layer_ntp.mode = ntp.SERVER layer_ntp.originate_time = answer_ntp.transmit_time layer_ntp.receive_time = layer_ntp.transmit_time = b"\x00"*4 + answer_ntp.transmit_time[4:] """
direction = pypacker.Packet.DIR_UNKNOWN return direction def reverse_address(self): """ reverse_address(...) should be overwritten to be able to reverse source/destination addresses (see ethernet.Ethernet) """ self.src, self.dst = self.dst, self.src # Parse from raw bytes # First layer (Layer 2) newproto_bytes = b"\x66" + b"AAAA" + b"BBBB" + b"\x00\x16" + b"\x00" + b"1234" + b"\x00A\x01B\x02C" # Next upper layer (Layer 3) ip_bytes = ip.IP().bin() # Layer above upper layer (Layer 4) tcp_bytes = tcp.TCP().bin() newproto_pkt = NewProtocol(newproto_bytes + ip_bytes + tcp_bytes) print() print(">>> Layers of packet:") print("Output all layers: %s" % newproto_pkt) print("Access some fields: 0x%X %s %s" % (newproto_pkt.type, newproto_pkt.src, newproto_pkt.dst)) print("Access next upper layer (IP): %s" % newproto_pkt.ip) print("A layer above IP: %s" % newproto_pkt.ip.tcp) print("Same as above: %s" % newproto_pkt[tcp.TCP]) # Create new Packet by defining every single header and adding higher layers newproto_pkt = NewProtocol(
def test_tcp_packet_filter_and_parse_with_multiple_different_field_templates( marine_or_marine_pool: Union[Marine, MarinePool] ): src_mac = "00:00:00:12:34:ff" dst_mac = "00:00:00:ff:00:1e" src_ip = "21.53.78.255" dst_ip = "10.0.0.255" src_port = 16424 dst_port = 41799 bpf_filter = "ip" display_filter = "tcp" first_field_templates = { "macro.ip.src": ["ip.src", "ipv6.src"], "macro.ip.dst": ["ip.dst", "ipv6.dst"], } second_field_templates = { "macro.ip.src": ["ip.src", "ipv6.src"], "macro.ip.dst": ["ip.dst", "ipv6.dst"], "macro.srcport": ["tcp.srcport", "udp.srcport"], "macro.dstport": ["tcp.dstport", "udp.dstport"], } third_field_templates = { "macro.ip.src": ["ip.src", "ipv6.src"], "macro.ip.dst": ["ip.dst", "ipv6.dst"], "macro.dstport": ["tcp.dstport", "udp.dstport"], } first_expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "macro.ip.src": src_ip, "macro.ip.dst": dst_ip, "tcp.srcport": src_port, "tcp.dstport": dst_port, } second_expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "macro.ip.src": src_ip, "macro.ip.dst": dst_ip, "macro.srcport": src_port, "macro.dstport": dst_port, } third_expected_output = { "eth.src": src_mac, "eth.dst": dst_mac, "macro.ip.src": src_ip, "macro.ip.dst": dst_ip, "tcp.srcport": src_port, "macro.dstport": dst_port, } packet = ( ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac) + ip.IP(src_s=src_ip, dst_s=dst_ip) + tcp.TCP(sport=src_port, dport=dst_port) ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=first_field_templates, expected_passed=True, expected_output=first_expected_output, ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=second_field_templates, expected_passed=True, expected_output=second_expected_output, ) general_filter_and_parse_test( marine_or_marine_pool=marine_or_marine_pool, packet=packet.bin(), packet_encapsulation=encap_consts.ENCAP_ETHERNET, bpf_filter=bpf_filter, display_filter=display_filter, field_templates=third_field_templates, expected_passed=True, expected_output=third_expected_output, )
import socket import pypacker.pypacker as pypacker from pypacker.pypacker import Packet from pypacker import psocket from pypacker.layer12 import arp, ethernet, ieee80211, prism from pypacker.layer3 import ip, icmp psock = psocket.SocketHndl(iface_name="lo0", mode=psocket.SocketHndl.MODE_LAYER_2, timeout=10) # send ARP request arpreq = ethernet.Ethernet(src_s="12:34:56:78:90:12", type=ethernet.ETH_TYPE_ARP) +\ arp.ARP(sha_s="12:34:56:78:90:12", spa_s="192.168.0.2", tha_s="12:34:56:78:90:13", tpa_s="192.168.0.1") psock.send(arpreq.bin()) # send ICMP request icmpreq = ethernet.Ethernet(src_s="12:34:56:78:90:12", dst_s="12:34:56:78:90:13", type=ethernet.ETH_TYPE_IP) +\ ip.IP(p=ip.IP_PROTO_ICMP, src_s="192.168.0.2", dst_s="192.168.0.1") +\ icmp.ICMP(type=8) +\ icmp.ICMP.Echo(id=1, ts=123456789, body_bytes=b"12345678901234567890") psock.send(icmpreq.bin())