def verify_ip_precedence_ip_precedence(packets, exclude_src_ip=None): """Verify that all packets have mapped IP precedence value to EXP Args: packets ('obj'): Packets to analyze exclude_src_ip ('str'): Source ip to exclude Returns: True / False Raises: None """ try: from scapy.all import load_contrib from scapy.contrib.mpls import MPLS except ImportError: raise ImportError( 'scapy is not installed, please install it by running: ' 'pip install scapy') from None log.info( "Verifying that all the packets have mapped IP precedence value to EXP" ) if exclude_src_ip: log.info( "Exclude packets with source ip {ip}".format(ip=exclude_src_ip)) load_contrib("mpls") not_matched = False no_check = True for pkt in packets: if pkt.haslayer("Raw"): mpls_pkt = MPLS(pkt["Raw"]) if mpls_pkt.haslayer("IP") and ( exclude_src_ip is None or mpls_pkt["IP"].src != exclude_src_ip): no_check = False log.info("Analyzing the following packet:" "\n-------------------------------\n{}".format( mpls_pkt.show(dump=True))) tos = "{0:08b}".format(mpls_pkt["IP"].tos) cos = "{0:03b}".format(mpls_pkt["MPLS"].cos) if tos[0:3] != cos: not_matched = True log.info( "MPLS EXP 'COS' value didn't match the IP Precedence 'TOS'" ) else: log.info( "MPLS EXP 'COS' value matched the IP Precedence 'TOS'") if no_check: log.info("Didn't find any 'IPv4' protocol packets to " "analyze out of the {} packets".format(len(packets))) if not_matched: return False return True
def get_ntp_packet(packets, ip_address_source, ip_address_destination): """ Find ntp packet with src ip and dest ip in pcap file Args: packets (`obj`): pcap object ip_address_source (`str`): source ip ip_address_destination (`str`): destination ip Returns: pkt (`obj`): verified ntp packet """ try: from scapy.contrib.mpls import MPLS except ImportError: raise ImportError( 'scapy is not installed, please install it by running: ' 'pip install scapy') from None for pkt in packets: if pkt.haslayer("Raw"): mpls_pkt = MPLS(pkt["Raw"]) if (mpls_pkt.haslayer("IP") and mpls_pkt.haslayer("NTPHeader") and mpls_pkt["IP"].src == ip_address_source and mpls_pkt["IP"].dst == ip_address_destination): log.info("Found NTP packet:\n{pkt}".format(pkt=mpls_pkt.show( dump=True))) return pkt elif (pkt.haslayer("IP") and pkt.haslayer("NTPHeader") and pkt["IP"].src == ip_address_source and pkt["IP"].dst == ip_address_destination): log.info( "Found NTP packet:\n{pkt}".format(pkt=pkt.show(dump=True))) return pkt return None