def __init__(self, data, hdr_length):
print('Ethernet Protocol: IPv4')
ip_hdr_ = data[hdr_length : hdr_length + IPV4_HDR_SIZE]
ip_hdr = struct.unpack('!BBHHHBBH4s4s', ip_hdr_)
version_ = ip_hdr[0]
version = version_ >> 4 # bit shift to get the first 4 bits only
ihl = (version_ & 0xf) * 4 # set first 4 bits to 0 to get last 4 bits only
# The idea of using the socket lib came from this example code
# https://www.binarytides.com/code-a-packet-sniffer-in-python-with-pcapy-extension/
src_addr = socket.inet_ntoa(ip_hdr[8])
dest_addr = socket.inet_ntoa(ip_hdr[9])
print('Source Address: {} | Destination Address: {}'.format(src_addr, dest_addr))
protocol = ip_hdr[6]
total_hdr_size = ihl + hdr_length # the total size of the currently processed headers
# ICMPv4
if protocol == 1:
ICMPHandler(data, total_hdr_size, ihl)
# TCP
elif protocol == 6:
print('Protocol: TCP')
TCPHandler(data, total_hdr_size, ihl)
# UDP
elif protocol == 17:
print('Protocol: UDP')
UDPHandler(data, total_hdr_size, ihl)
# unknown
else:
print('Protocol: Unknown')
print('Data:')
hexdump.hexdump(data[total_hdr_size:])
def __init__(self, pkt_dict, data, hdr_length):
src_mac_addr = mac2str(pkt_dict['source'])
dest_mac_addr = mac2str(pkt_dict['dest'])
print('Source MAC: {} | Destination MAC: {}'.format(src_mac_addr, dest_mac_addr))
protocol = pkt_dict['type']
if protocol == 2048: # IPv4 = 0x86DD = 2048
IPv4Handler(data, hdr_length)
elif protocol == 34525: # IPv6 = 0x86DD = 34525
IPv6Handler(data, hdr_length)
else: # unknown protocol
print('DataLink Type: Unknown. Type = {}'.format(type))
hexdump.hexdump(data[hdr_length:])
def __init__(self, data, hdr_length):
ipe_hdr = data[hdr_length:hdr_length + 2]
ipe_hdr_ = struct.unpack('!BB', ipe_hdr)
next_header = ipe_hdr_[0]
next_header_len = (ipe_hdr_[1] + 1) * 8
total_hdr_size = hdr_length + next_header_len
print('Next header length: {} (bytes)'.format(next_header, next_header_len))
# ICMPv6
if next_header == 58:
print('Protocol: ICMPv6')
ICMPv6Handler(data, total_hdr_size)
# TCP
elif next_header == 6:
TCPHandler(data, total_hdr_size, IPV6_HDR_SIZE)
# UDP
elif next_header == 17:
UDPHandler(data, total_hdr_size, IPV6_HDR_SIZE)
# Hop-by-hop options header
elif next_header == 0:
print('Protocol: Hop-by-hop options header')
IPv6ExtentionHandler(data, total_hdr_size)
# Routing header
elif next_header == 43:
print('Protocol: Routing header')
IPv6ExtentionHandler(data, total_hdr_size)
# Fragment header
elif next_header == 44:
print('Protocol: Fragment header')
IPv6ExtentionHandler(data, total_hdr_size)
# Destination options header
elif next_header == 60:
print('Protocol: Destination options header')
IPv6ExtentionHandler(data, total_hdr_size)
# Authentication header
elif next_header == 51:
print('Protocol: Authentication header')
IPv6ExtentionHandler(data, total_hdr_size)
# Encapsulating security payload header
elif next_header == 50:
print('Protocol: Encapsulating security payload header')
IPv6ExtentionHandler(data, total_hdr_size)
# IPv6
elif next_header == 41:
print('Protocol: IPv6')
IPv6Handler(data, total_hdr_size)
# unknown
else:
print('Protocol: Unknown')
print('Data:')
hexdump.hexdump(data[total_hdr_size:])
def __init__(self, data, hdr_length, ihl):
udp_hdr = data[hdr_length : hdr_length + UDP_HDR_SIZE]
udp_hdr_ = struct.unpack('!HHHH', udp_hdr)
src_port = str(udp_hdr_[0])
dest_port = str(udp_hdr_[1])
print('Source Port: {} | Destination Port: {}'.format(src_port, dest_port))
total_hdr_size = ETHERNET_HDR_SIZE + ihl + UDP_HDR_SIZE
payload_size = len(data) - total_hdr_size
print('Payload Size: ({})'.format(payload_size))
print("Data:")
hexdump.hexdump(data[total_hdr_size:])
def __init__(self, data, hdr_length):
print('Ethernet Protocol: IPv6')
ip_hdr_ = data[hdr_length:hdr_length + IPV6_HDR_SIZE]
ip_hdr = struct.unpack('!LHBB16s16s', ip_hdr_)
src_addr = mac2str(ip_hdr[4])
dest_addr = mac2str(ip_hdr[5])
print('Source Address: {} | Destination Address: {}'.format(src_addr, dest_addr))
next_header = ip_hdr[2]
# ICMPv6
if next_header == 58:
print('Protocol: ICMPv6')
ICMPv6Handler(data, IPV6_HDR_SIZE + hdr_length)
# TCP
elif next_header == 6:
TCPHandler(data, IPV6_HDR_SIZE + hdr_length, IPV6_HDR_SIZE)
# UDP
elif next_header == 17:
UDPHandler(data, IPV6_HDR_SIZE + hdr_length, IPV6_HDR_SIZE)
# Hop-by-hop options header
elif next_header == 0:
print('Protocol: Hop-by-hop options header')
IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE)
# Routing header
elif next_header == 43:
print('Protocol: Routing header')
IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE)
# Fragment header
elif next_header == 44:
print('Protocol: Fragment header')
IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE)
# Destination options header
elif next_header == 60:
print('Protocol: Destination options header')
IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE)
# Authentication header
elif next_header == 51:
print('Protocol: Authentication header')
IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE)
# Encapsulating security payload header
elif next_header == 50:
print('Protocol: Encapsulating security payload header')
IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE)
# unknown
else:
print('Protocol: unknown')
print('Data:')
hexdump.hexdump(data[hdr_length + IPV6_HDR_SIZE:])