def __icmpCheck(self): icmp = self.__packet[ICMP] if icmp.type != 8 or len(self.__packet[Raw].load) not in (1, 64): print 'ICMP check failed' SNMP.incrementMIB(SNMP_IP_MIB_CODE) return False return True
def __checkFragmentedPacket(self, packet): id = packet[IP].id if id not in self.__fragmented_packets.keys(): SNMP.incrementMIB(SNMP_FRAG_MIB_CODE) print 'fail at check frag' return False return True
def __checkDefragmentedPacket(self, packet): offset_val = packet[IP].frag << 3 payload_length = packet[IP].len - 20 if payload_length != packet[UDP].len: SNMP.incrementMIB(SNMP_IP_MIB_CODE) print offset_val, payload_length, packet[UDP].len print 'failed at checking defragmented packet' return False return True
def __ipCheck(self): ip = self.__packet[IP] # ip layer checks if ip.version != 4 or ip.ihl != 5 or ip.proto not in (1, 17) or \ ip.chksum == 0: print 'Ip check failed for packet with id', ip.id SNMP.incrementMIB(SNMP_IP_MIB_CODE) return False return True
def __basicChecks(self, packet): #fragmentation checks if packet[IP].flags != 0: if hasattr(packet.conf_vl, 'port_characteristic'): if packet.conf_vl.port_characteristic == PORT_SAMPLING: SNMP.incrementMIB(SNMP_FRAG_MIB_CODE) return False return True if (packet[IP].dst != packet.conf_vl.ip_dst): SNMP.incrementMIB(SNMP_FRAG_MIB_CODE) return False return True
def __udpCheck(self): packet = self.__packet port = packet.conf_vl if packet[UDP].chksum != 0: print 'packet has no udp checksum as 0' SNMP.incrementMIB(SNMP_UDP_MIB_CODE) return False else: if port.port_characteristic == PORT_SAMPLING: if (packet[UDP].len - 8) != port.buffer_size: print 'Data size != buffer size for packet with Id',\ packet[IP].id SNMP.incrementMIB(SNMP_UDP_MIB_CODE) return False else: if (packet[UDP].len - 8) > port.buffer_size: print 'Data size > buffer size for packet with Id', \ packet[IP].id, packet[UDP].len, port.buffer_size SNMP.incrementMIB(SNMP_UDP_MIB_CODE) return False return True