def Verify(ether_pkt):
'''Verify if a packet is useful (IP and TCP/UDP)'''
ether_pkt = Ether(ether_pkt)
t = ether_pkt.summary()
if "IP" not in t or "IPv6" in t:
#disregard non-IP packets
return
if ("UDP" not in t and "TCP" not in t) or ("error" in t):
# disregard non-(UDP and TCP) packets
return
ip_pkt = ether_pkt[IP]
if "TCP" in t:
#Treat TCP packet
tcp_pkt = ip_pkt[TCP]
return ([
"tcp",
str(ip_pkt.src),
str(ip_pkt.dst),
int(tcp_pkt.sport),
int(tcp_pkt.dport)
])
if "UDP" in t:
#Treat UDP packet
udp_pkt = ip_pkt[UDP]
return ([
"udp",
str(ip_pkt.src),
str(ip_pkt.dst),
int(udp_pkt.sport),
int(udp_pkt.dport)
])
def _get_gw_mac_address(self, gw_ip: str) -> str:
try:
self.logger.debug("sending arp for IP: %s ovs egress: %s",
gw_ip, self.config.non_nat_arp_egress_port)
eth_mac_src = get_if_hwaddr(self.config.non_nat_arp_egress_port)
pkt = Ether(dst=ETHER_BROADCAST, src=eth_mac_src)
pkt /= ARP(op="who-has", pdst=gw_ip, hwsrc=eth_mac_src, psrc="0.0.0.0")
self.logger.debug("pkt: %s", pkt.summary())
res = srp1(pkt,
type=ETH_P_ARP,
iface=self.config.non_nat_arp_egress_port,
timeout=1,
verbose=0,
nofilter=1,
promisc=0)
if res is not None:
self.logger.debug("resp: %s ", res.summary())
mac = res[ARP].hwsrc
return mac
else:
self.logger.debug("Got Null response")
except Scapy_Exception as ex:
self.logger.warning("Error in probing Mac address: err %s", ex)
return None
def run(self):
self.fifo = open(self.fifoname, "r")
if not self.fifo:
return 1
if self.debug and self.log:
self.log.write("Ready to read\n")
self.log.flush()
while self.running:
pkt = self._fifo_recv()
if len(pkt) == 0:
break
pkt = Ether(pkt)
if self.debug and self.log:
self.log.write("%s\n" % pkt.summary())
self.log.flush()
try:
sendp(pkt, iface=self.iface, verbose=False)
except Exception as e:
print str(e)
self.fifo.close()
return 0
def send_dhcp_packet(self,
mac: MacAddress,
state: DHCPState,
dhcp_desc: DHCPDescriptor = None):
"""
Send DHCP packet and record state in dhcp_client_state.
Args:
mac: MAC address of interface
state: state of DHCP packet
dhcp_desc: DHCP protocol state.
Returns:
"""
rel_ciaddr = None
# generate DHCP request packet
if state == DHCPState.DISCOVER:
dhcp_opts = [("message-type", "discover")]
dhcp_desc = DHCPDescriptor(mac, "", DHCPState.DISCOVER)
self._msg_xid = self._msg_xid + 1
pkt_xid = self._msg_xid
elif state == DHCPState.REQUEST:
dhcp_opts = [("message-type", "request"),
("requested_addr", dhcp_desc.ip),
("server_id", dhcp_desc.server_ip)]
dhcp_desc.state = DHCPState.REQUEST
pkt_xid = dhcp_desc.xid
elif state == DHCPState.RELEASE:
dhcp_opts = [("message-type", "release"),
("server_id", dhcp_desc.server_ip)]
dhcp_desc.state = DHCPState.RELEASE
self._msg_xid = self._msg_xid + 1
pkt_xid = self._msg_xid
rel_ciaddr = dhcp_desc.ip
else:
LOG.warning("Unknown egress request mac %s state %s", str(mac),
state)
return
dhcp_opts.append("end")
with self._dhcp_notify:
self.dhcp_client_state[mac.as_redis_key()] = dhcp_desc
LOG.debug("SEND %s mac %s hex %s xid %s", state.name, str(mac), mac,
self._msg_xid)
pkt = Ether(src=str(mac), dst="ff:ff:ff:ff:ff:ff")
pkt /= IP(src="0.0.0.0", dst="255.255.255.255")
pkt /= UDP(sport=68, dport=67)
pkt /= BOOTP(op=1, chaddr=mac.as_hex(), xid=pkt_xid, ciaddr=rel_ciaddr)
pkt /= DHCP(options=dhcp_opts)
LOG.debug("DHCP pkt %s", pkt.summary())
sendp(pkt, iface=self._dhcp_interface, verbose=0)
def getEtherPacket(self):
"""
构造以太网数据包
:return:
"""
try:
payload = self.entries[2].get()
ether_packet = Ether() / payload
ether_packet.src = self.entries[0].get()
ether_packet.des = self.entries[1].get()
self.resultText.insert('end', str(ether_packet) + '\n')
self.resultText.insert('end', ether_packet.summary() + '\n')
return ether_packet
except Exception as e:
print(e.with_traceback())
finally:
pass
def packet_out(self, egress_port, msg):
self.log.debug('sending-packet-out', egress_port=egress_port,
msg_hex=hexify(msg))
pkt = Ether(msg)
out_pkt = pkt
self.log.debug("packet_out: incoming: %s" % pkt.summary())
if egress_port != self.nni_port.port_no:
# don't do the vlan manipulation for the NNI port, vlans are already correct
if pkt.haslayer(Dot1Q):
if pkt.haslayer(Dot1AD):
outer_shim = pkt.getlayer(Dot1AD)
else:
outer_shim = pkt.getlayer(Dot1Q)
if isinstance(outer_shim.payload, Dot1Q):
# If double tag, remove the outer tag
out_pkt = (
Ether(src=pkt.src, dst=pkt.dst,
type=outer_shim.type) /
outer_shim.payload
)
else:
out_pkt = pkt
else:
# Add egress port as VLAN tag
out_pkt = (
Ether(src=pkt.src, dst=pkt.dst) /
Dot1Q(vlan=egress_port, type=pkt.type) /
pkt.payload
)
self.log.debug("packet_out: outgoing: %s" % out_pkt.summary())
# TODO need better way of mapping logical ports to PON ports
out_port = self.nni_port.port_no if egress_port == self.nni_port.port_no else 1
if self.ponsim_comm == 'grpc':
# send over grpc stream
stub = ponsim_pb2_grpc.PonSimStub(self.get_channel())
frame = PonSimFrame(id=self.device_id, payload=str(out_pkt), out_port=out_port)
stub.SendFrame(frame)
else:
# send over frameio
self.io_port.send(str(out_pkt))
def getDNSPacket(self):
"""
构造DNS报文
:return:
"""
try:
dns = DNS()
dns.id = int(self.entries[0].get())
dns.qr = int(self.entries[1].get())
dns.opcode = int(self.entries[2].get())
dns.rd = int(self.entries[3].get())
dns.qd = DNSQR(qname=self.entries[4].get())
udp = UDP()
ip = IP()
ip.dst = self.entries[5].get()
dns_packet = Ether() / ip / udp / dns
dns_packet.show()
self.resultText.insert('end', dns_packet.summary() + '\n')
self.resultText.insert('end', str(dns_packet) + '\n')
return dns_packet
except Exception as e:
print(e.with_traceback())
finally:
pass
def print_sniffer(pkt: Ether):
print(pkt.summary())
def run(self, pipe):
'''
Will execute IPv6 NS request
'''
# re-initialize in case of multiple consecutive runs
# (e.g. from console-plugin)
self.record.initialize()
ns_request = Ether(src=self.src_mac, dst=self.nd_dst_mac)/ \
IPv6(src=self.src_ip, dst=self.nd_dst_ipv6)/ \
ICMPv6ND_NS(tgt=self.dst_ip)/ \
ICMPv6NDOptSrcLLAddr(lladdr=self.src_mac)
# add VLAN to the packet if needed
if not self.vlan.is_default():
self.vlan.embed(ns_request, fmt=self.fmt)
for retry in range(0, (self.retries + 1)):
# send neighbor solicitation
tx_info = yield pipe.async_tx_pkt(ns_request)
self.log("ND: TX NS: {0},{1} -> {2} (retry {3})".format(
self.src_ip, self.src_mac, self.dst_ip, retry))
# wait for NA packet
pkts = yield pipe.async_wait_for_pkt(time_sec=self.timeout)
if not pkts:
self.log("ND: timeout for {0},{1} <-- {2} (retry {3})".format(
self.src_ip, self.src_mac, self.dst_ip, retry))
continue
for p in pkts:
# parse record
response = Ether(p['pkt'])
if ICMPv6NDOptDstLLAddr in response:
self.log("ND: RX NA: {0} <- {1}, {2}".format(
response[IPv6].dst, response[IPv6].src,
response[ICMPv6NDOptDstLLAddr].lladdr))
self.record.update(response)
if ICMPv6ND_NS in response:
self.handle_ns_request(pipe, response)
if self.record.is_resolved() == True:
break
if not self.record.is_resolved() == True:
# ND failed
return
#
# neighbor verification - wait for incoming NS requests from
# neighbors to achieve a proper "REACHABLE" state on remote
# device
#
start_time = time.time()
while (time.time() - start_time) < self.verify_timeout:
pkts = yield pipe.async_wait_for_pkt(time_sec=self.verify_timeout)
if not pkts:
pass
else:
for packet in pkts:
p = Ether(packet['pkt'])
if ICMPv6ND_NA in p:
# NAs are not expected anymore...
self.log(
"ND: late arrival of NA from {0} for {1} discarded"
.format(p[IPv6].src, p[IPv6].dst))
elif ICMPv6ND_NS not in p:
# everything else should be NS's
self.log("ND: got unexpected packet: {0}".format(
p.summary()))
else:
self.handle_ns_request(pipe, p)
