コード例 #1
0
ファイル: oinc.py プロジェクト: termlen0/transparent-security
def extract_int_data(ether_pkt):
    """
    Parses the required data from the packet
    :param ether_pkt: the packet to parse
    :return: dict with choice header fields extracted
    """
    if ether_pkt.type == IPV4_TYPE:
        ip_pkt = IP(_pkt=ether_pkt.payload)
        logger.debug('IPv4 dst - [%s], src - [%s], proto - [%s]', ip_pkt.dst,
                     ip_pkt.src, ip_pkt.proto)
    elif ether_pkt.type == IPV6_TYPE:
        ip_pkt = IPv6(_pkt=ether_pkt.payload)
        logger.debug('IPv6 dst - [%s], src - [%s], nh - [%s]', ip_pkt.dst,
                     ip_pkt.src, ip_pkt.nh)
    else:
        logger.warn('Unable to process ether type - [%s]', ether_pkt.type)
        return None

    udp_int_pkt = UDP(_pkt=ip_pkt.payload)
    logger.debug('UDP INT sport - [%s], dport - [%s], len - [%s]',
                 udp_int_pkt.sport, udp_int_pkt.dport, udp_int_pkt.len)
    int_shim_pkt = IntShim(_pkt=udp_int_pkt.payload)
    logger.debug('INT Shim next_proto - [%s], npt - [%s], length - [%s]',
                 int_shim_pkt.next_proto, int_shim_pkt.npt,
                 int_shim_pkt.length)
    int_hdr_pkt = IntHeader(_pkt=int_shim_pkt.payload)
    logger.debug('INT Header ver - [%s]', int_hdr_pkt.ver)
    int_meta_1 = IntMeta1(_pkt=int_hdr_pkt.payload)
    logger.debug('INT Meta 1 switch_id - [%s]', int_meta_1.switch_id)
    int_meta_2 = IntMeta2(_pkt=int_meta_1.payload)
    logger.debug('INT Meta 2 switch_id - [%s]', int_meta_2.switch_id)
    source_int_pkt = SourceIntMeta(_pkt=int_meta_2.payload)
    logger.debug('SourceIntMeta switch_id - [%s], orig_mac - [%s]',
                 source_int_pkt.switch_id, source_int_pkt.orig_mac)

    if int_shim_pkt.next_proto == UDP_PROTO:
        tcp_udp_pkt = UDP(_pkt=source_int_pkt.payload)
        logger.debug('TCP sport - [%s], dport - [%s], len - [%s]',
                     tcp_udp_pkt.sport, tcp_udp_pkt.dport, tcp_udp_pkt.len)
    else:
        tcp_udp_pkt = TCP(_pkt=source_int_pkt.payload)
        logger.debug('TCP sport - [%s], dport - [%s]', tcp_udp_pkt.sport,
                     tcp_udp_pkt.dport)

    orig_mac = source_int_pkt.orig_mac

    try:
        out = dict(
            devMac=orig_mac,
            devAddr=ip_pkt.src,
            dstAddr=ip_pkt.dst,
            dstPort=tcp_udp_pkt.dport,
            protocol=int_shim_pkt.next_proto,
            packetLen=len(ether_pkt),
        )
    except Exception as e:
        logger.error('Error extracting header data - %s', e)
        return None
    logger.debug('Extracted header data [%s]', out)
    return out
コード例 #2
0
def __gen_int_pkt(args, ip_ver, src_mac):
    int_data = __read_yaml_file(args.int_hdr_file)
    int_hops = len(int_data['meta'])
    shim_len = 4 + 3 + int_hops - 1
    logger.info('Int data to add to packet - [%s]', int_data)

    # TODO/FIXME - Is this correct??? It is not taking into account the
    #  UDP/TCP header or payload and whats this 34???
    ip_len = 34 + (shim_len * 4)
    if ip_ver == 4:
        pkt = (Ether(src=src_mac,
                     dst=args.switch_ethernet,
                     type=trans_sec.consts.IPV4_TYPE) /
               IP(dst=args.destination,
                  src=args.source_addr,
                  len=ip_len,
                  proto=trans_sec.consts.UDP_PROTO))
    else:
        pkt = (Ether(src=src_mac,
                     dst=args.switch_ethernet,
                     type=trans_sec.consts.IPV6_TYPE) /
               IPv6(dst=args.destination,
                    src=args.source_addr,
                    nh=trans_sec.consts.UDP_PROTO,
                    plen=ip_len))

    # Add UDP INT header
    pkt = pkt / UdpInt(len=shim_len * 4 + 8 + 6)

    # Create INT Shim header
    if args.protocol == 'UDP':
        pkt = pkt / IntShim(length=shim_len,
                            next_proto=trans_sec.consts.UDP_PROTO)
    elif args.protocol == 'TCP':
        pkt = pkt / IntShim(length=shim_len,
                            next_proto=trans_sec.consts.TCP_PROTO)

    if int_hops > 0:
        pkt = pkt / IntHeader()
        ctr = 0
        for int_meta in int_data['meta']:
            logger.info('Adding int_meta - [%s] to INT data', int_meta)

            if ctr == 0 and not int_meta.get('orig_mac'):
                logger.info('Adding IntMeta1')
                pkt = pkt / IntMeta1(switch_id=int_meta['switch_id'])
            elif ctr > 0 and not int_meta.get('orig_mac'):
                logger.info('Adding IntMeta2')
                pkt = pkt / IntMeta2(switch_id=int_meta['switch_id'])
            elif int_meta.get('orig_mac'):
                orig_mac = int_meta.get('orig_mac')
                logger.info('Adding Source INT Meta with orig_mac - [%s]',
                            orig_mac)
                pkt = pkt / SourceIntMeta(switch_id=int_meta['switch_id'],
                                          orig_mac=orig_mac)
            ctr += 1

    return pkt
コード例 #3
0
    def test_start_two_ipv6_tcp_attacks(self):
        """
        Tests to ensure that two IPv6 UDP attacks have been triggered
        :return:
        """
        pkt1 = (Ether(src=get_if_hwaddr('lo'),
                      dst=self.dst_mac,
                      type=trans_sec.consts.IPV6_TYPE) /
                IPv6(dst=self.dst_ipv6,
                     src=self.src_ipv6,
                     nh=trans_sec.consts.UDP_PROTO) / UdpInt() /
                IntShim(length=9, next_proto=trans_sec.consts.TCP_PROTO) /
                IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
                IntMeta2(switch_id=2) /
                SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
                TCP(dport=self.dport, sport=self.sport) /
                'hello transparent-security')

        pkt2 = (Ether(src=get_if_hwaddr('lo'),
                      dst=self.dst_mac,
                      type=trans_sec.consts.IPV6_TYPE) /
                IPv6(dst=self.dst_ipv6,
                     src=self.src_ipv6,
                     nh=trans_sec.consts.UDP_PROTO) / UdpInt() /
                IntShim(length=9, next_proto=trans_sec.consts.TCP_PROTO) /
                IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
                IntMeta2(switch_id=2) /
                SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
                TCP(dport=self.dport, sport=self.sport) /
                'hello transparent-security')

        for index in range(0, self.ae.packet_count):
            logger.info('Iteration #%s', index)
            ret_val1 = self.ae.process_packet(pkt1)
            ret_val2 = self.ae.process_packet(pkt2)
            logger.info('Checking index - [%s] - count - [%s]', index,
                        self.ae.packet_count)
            if index * 2 < self.ae.packet_count:
                logger.info('Expecting false - [%s]', ret_val1)
                self.assertFalse(ret_val1)
                self.assertFalse(ret_val2)
            else:
                logger.info('Expecting true - [%s]', ret_val1)
                self.assertTrue(ret_val1)
                self.assertTrue(ret_val2)
コード例 #4
0
    def setUp(self):
        self.ae = SimpleAE(mock.Mock(HttpSession),
                           packet_count=20,
                           sample_interval=2)
        self.sport = randrange(1000, 8000)
        self.dport = randrange(1000, 8000)
        self.ae_ip = '192.168.1.2'
        self.dst_ipv4 = '10.1.0.2'
        self.src_ipv4 = '10.1.0.6'
        self.dst_ipv6 = ipaddress.ip_address(
            '0000:0000:0000:0000:0000:0001:0000:0001')
        self.src_ipv4 = '10.2.0.1'
        self.src_ipv6 = ipaddress.ip_address(
            '0000:0000:0000:0000:0000:0002:0000:0001')
        self.dst_mac = rand_mac()
        self.src_mac = rand_mac()
        # self.orig_mac = rand_mac()
        self.orig_mac = '00:00:00:02:02:00'
        logger.info('Test sport - [%s] dport - [%s]', self.sport, self.dport)

        self.int_pkt_ipv4_udp = (
            Ether(src='00:00:00:00:01:01', dst=self.dst_mac) /
            IP(dst=self.dst_ipv4, src=self.src_ipv4, proto=consts.UDP_PROTO) /
            UdpInt(dport=consts.UDP_INT_DST_PORT) /
            IntShim(length=9, next_proto=consts.UDP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            UDP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.ipv4_hash = tps_utils.create_attack_hash(mac=self.orig_mac,
                                                      port=self.dport,
                                                      ip_addr=self.dst_ipv4,
                                                      ipv6_addr='::')
        ip_len = (consts.IPV4_HDR_LEN + consts.UDP_INT_HDR_LEN +
                  consts.DRPT_LEN + consts.UDP_HDR_LEN +
                  consts.DRPT_PAYLOAD_LEN)
        udp_int_len = ip_len - consts.IPV4_HDR_LEN

        self.int_drop_rpt_ipv4_udp = (
            Ether(type=consts.IPV4_TYPE) / IP(dst=self.ae_ip,
                                              src=self.src_ipv4,
                                              len=ip_len,
                                              proto=consts.UDP_PROTO) /
            UdpInt(sport=consts.UDP_INT_SRC_PORT,
                   dport=consts.UDP_TRPT_DST_PORT,
                   len=udp_int_len) /
            DropReport(ver=consts.DRPT_VER,
                       node_id=0,
                       in_type=consts.DRPT_IN_TYPE,
                       rpt_len=consts.DRPT_REP_LEN,
                       md_len=consts.DRPT_MD_LEN,
                       rep_md_bits=consts.DRPT_MD_BITS,
                       domain_id=consts.TRPT_DOMAIN_ID,
                       var_opt_bsmd=consts.DRPT_BS_MD,
                       timestamp=int(time.time()),
                       drop_count=5,
                       drop_tbl_keys=self.ipv4_hash))

        self.int_pkt_ipv4_tcp = (
            Ether(src='00:00:00:00:01:01', dst=self.dst_mac) /
            IP(dst=self.dst_ipv4, src=self.src_ipv4, proto=consts.UDP_PROTO) /
            UdpInt(dport=consts.UDP_INT_DST_PORT) /
            IntShim(length=9, next_proto=consts.TCP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            TCP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.int_pkt_ipv6_udp = (
            Ether(src='00:00:00:00:01:01',
                  dst=self.dst_mac,
                  type=consts.IPV6_TYPE) /
            IPv6(dst=self.dst_ipv6, src=self.src_ipv6, nh=consts.UDP_PROTO) /
            UDP(dport=consts.UDP_INT_DST_PORT) /
            IntShim(length=9, next_proto=consts.UDP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            UDP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.int_pkt_ipv6_tcp = (
            Ether(src='00:00:00:00:01:01',
                  dst=self.dst_mac,
                  type=consts.IPV6_TYPE) /
            IPv6(dst=self.dst_ipv6, src=self.src_ipv6, nh=consts.UDP_PROTO) /
            UDP(dport=consts.UDP_INT_DST_PORT) /
            IntShim(length=9, next_proto=consts.TCP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            TCP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.trpt_pkt_ipv4_out_ipv4_in_udp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4, src=self.src_ipv4, proto=consts.UDP_PROTO) /
            UDP(
                sport=0,
                dport=consts.UDP_TRPT_DST_PORT,
                # udp + telemetry header size
                len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            self.int_pkt_ipv4_udp)

        self.trpt_pkt_ipv4_out_ipv6_in_udp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4, src=self.src_ipv4, proto=consts.UDP_PROTO) /
            UDP(
                sport=0,
                dport=consts.UDP_TRPT_DST_PORT,
                # udp + telemetry header size
                len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            self.int_pkt_ipv6_udp)

        self.trpt_pkt_ipv4_out_ipv4_in_tcp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4, src=self.src_ipv4, proto=consts.UDP_PROTO) /
            UDP(
                sport=0,
                dport=consts.UDP_TRPT_DST_PORT,
                # udp + telemetry header size
                len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            self.int_pkt_ipv4_tcp)

        self.trpt_pkt_ipv4_out_ipv6_in_tcp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4, src=self.src_ipv4, proto=consts.UDP_PROTO) /
            UDP(
                sport=0,
                dport=consts.UDP_TRPT_DST_PORT,
                # udp + telemetry header size
                len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            self.int_pkt_ipv6_tcp)
コード例 #5
0
def __log_int_packet(ether_pkt, ip_pkt, int_hops, pkt_len):
    ip_pkt, udp_int_pkt = __get_ip_udp_int_pkt(ip_pkt)
    if not ip_pkt or not udp_int_pkt:
        logger.error('Unable to locate INT UDP Packet')
        return

    logger.debug('UdpInt - sport - [%s], dport - [%s], len - [%s]',
                 udp_int_pkt.sport, udp_int_pkt.dport, udp_int_pkt.len)
    int_shim_pkt = IntShim(_pkt=udp_int_pkt.payload)
    logger.debug('IntShim - next_proto - [%s], length - [%s]',
                 int_shim_pkt.next_proto, int_shim_pkt.length)
    int_hdr_pkt = IntHeader(_pkt=int_shim_pkt.payload)
    logger.debug(
        'INT Header meta_len - [%s] and remaining_hop_cnt - [%s]',
        int_hdr_pkt.meta_len, int_hdr_pkt.remaining_hop_cnt)

    switch_id_2 = None
    switch_id_3 = None
    if int_hops == 1:
        source_int_meta = SourceIntMeta(_pkt=int_hdr_pkt.payload)
        mac1 = source_int_meta.orig_mac
        switch_id_1 = source_int_meta.switch_id
    elif int_hops == 2:
        int_meta_2 = IntMeta2(_pkt=int_hdr_pkt.payload)
        source_int_meta = SourceIntMeta(_pkt=int_meta_2.payload)
        mac1 = source_int_meta.orig_mac
        switch_id_1 = source_int_meta.switch_id
        switch_id_2 = int_meta_2.switch_id
    elif int_hops == 3:
        int_meta_1 = IntMeta1(_pkt=int_hdr_pkt.payload)
        int_meta_2 = IntMeta2(int_meta_1.payload)
        source_int_meta = SourceIntMeta(_pkt=int_meta_2.payload)
        mac1 = source_int_meta.orig_mac
        switch_id_1 = source_int_meta.switch_id
        switch_id_2 = int_meta_2.switch_id
        switch_id_3 = int_meta_1.switch_id
    else:
        raise Exception('No support for hops > 3')

    logger.info('Ether type - [%s]', ether_pkt.type)
    if int_shim_pkt.next_proto == trans_sec.consts.UDP_PROTO:
        logger.info('UDP Packet')
        tcp_udp_packet = UDP(_pkt=source_int_meta.payload)
    else:
        logger.info('TCP Packet')
        tcp_udp_packet = TCP(_pkt=source_int_meta.payload)

    int_data = dict(
        eth_src_mac=ether_pkt.src,
        eth_dst_mac=ether_pkt.dst,
        src_ip=ip_pkt.src,
        dst_ip=ip_pkt.dst,
        mac1=mac1,
        switch_id_1=switch_id_1,
        switch_id_2=switch_id_2,
        switch_id_3=switch_id_3,
        src_port=tcp_udp_packet.sport,
        dst_port=tcp_udp_packet.dport,
        packetLen=pkt_len,
    )
    logger.warn('INT Packet data - [%s]', int_data)
コード例 #6
0
def __gen_int_pkt(args, ip_ver, src_mac):
    int_data = __read_yaml_file(args.int_hdr_file)
    int_hops = len(int_data['meta'])
    shim_len = 4 + 3 + int_hops - 1
    logger.info('Int data to add to packet - [%s]', int_data)
    udp_int_len = None
    # TODO - Find a better way to calculate PAYLOAD_LEN using args.msg
    if args.protocol == 'UDP':
        udp_int_len = trans_sec.consts.UDP_INT_HDR_LEN + (shim_len * 4) \
                      + trans_sec.consts.UDP_HDR_LEN \
                      + trans_sec.consts.PAYLOAD_LEN
    elif args.protocol == 'TCP':
        udp_int_len = trans_sec.consts.UDP_INT_HDR_LEN + (shim_len * 4) \
                      + trans_sec.consts.TCP_HDR_LEN \
                      + trans_sec.consts.PAYLOAD_LEN
    ipv4_len = trans_sec.consts.IPV4_HDR_LEN + udp_int_len
    ipv6_len = trans_sec.consts.IPV6_HDR_LEN + udp_int_len
    dst_mac = __get_dst_mac(args)
    if ip_ver == 4:
        pkt = (
            Ether(src=src_mac, dst=dst_mac, type=trans_sec.consts.IPV4_TYPE) /
            IP(dst=args.destination,
               src=args.source_addr,
               len=ipv4_len,
               proto=trans_sec.consts.UDP_PROTO))
    else:
        pkt = (
            Ether(src=src_mac, dst=dst_mac, type=trans_sec.consts.IPV6_TYPE) /
            IPv6(dst=args.destination,
                 src=args.source_addr,
                 nh=trans_sec.consts.UDP_PROTO,
                 plen=ipv6_len))

    # Add UDP INT header
    pkt = pkt / UdpInt(len=udp_int_len)

    # Create INT Shim header
    if args.protocol == 'UDP':
        pkt = pkt / IntShim(length=shim_len,
                            next_proto=trans_sec.consts.UDP_PROTO)
    elif args.protocol == 'TCP':
        pkt = pkt / IntShim(length=shim_len,
                            next_proto=trans_sec.consts.TCP_PROTO)

    if int_hops > 0:
        pkt = pkt / IntHeader()
        ctr = 0
        for int_meta in int_data['meta']:
            logger.info('Adding int_meta - [%s] to INT data', int_meta)

            if ctr == 0 and not int_meta.get('orig_mac'):
                logger.info('Adding IntMeta1')
                pkt = pkt / IntMeta1(switch_id=int_meta['switch_id'])
            elif ctr > 0 and not int_meta.get('orig_mac'):
                logger.info('Adding IntMeta2')
                pkt = pkt / IntMeta2(switch_id=int_meta['switch_id'])
            elif int_meta.get('orig_mac'):
                orig_mac = int_meta.get('orig_mac')
                logger.info('Adding Source INT Meta with orig_mac - [%s]',
                            orig_mac)
                pkt = pkt / SourceIntMeta(switch_id=int_meta['switch_id'],
                                          orig_mac=orig_mac)
            ctr += 1

    return pkt
コード例 #7
0
    def setUp(self):
        self.ae = SimpleAE(mock.Mock(HttpSession),
                           packet_count=20,
                           sample_interval=2)
        self.sport = randrange(1000, 8000)
        self.dport = randrange(1000, 8000)
        self.dst_ipv4 = '10.1.0.1'
        self.dst_ipv6 = ipaddress.ip_address(
            unicode('0000:0000:0000:0000:0000:0001:0000:0001'))
        self.src_ipv4 = '10.2.0.1'
        self.src_ipv6 = ipaddress.ip_address(
            unicode('0000:0000:0000:0000:0000:0002:0000:0001'))
        self.dst_mac = rand_mac()
        self.src_mac = rand_mac()
        # self.orig_mac = rand_mac()
        self.orig_mac = '00:00:00:02:02:00'
        logger.info('Test sport - [%s] dport - [%s]', self.sport, self.dport)

        self.int_pkt_ipv4_udp = (
            Ether(src=get_if_hwaddr('lo'), dst=self.dst_mac) /
            IP(dst=self.dst_ipv4,
               src=self.src_ipv4,
               proto=trans_sec.consts.UDP_PROTO) /
            UdpInt(dport=trans_sec.consts.UDP_INT_DST_PORT) /
            IntShim(length=9, next_proto=trans_sec.consts.UDP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            UDP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.int_pkt_ipv4_tcp = (
            Ether(src=get_if_hwaddr('lo'), dst=self.dst_mac) /
            IP(dst=self.dst_ipv4,
               src=self.src_ipv4,
               proto=trans_sec.consts.UDP_PROTO) /
            UdpInt(dport=trans_sec.consts.UDP_INT_DST_PORT) /
            IntShim(length=9, next_proto=trans_sec.consts.TCP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            TCP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.int_pkt_ipv6_udp = (
            Ether(src=get_if_hwaddr('lo'),
                  dst=self.dst_mac,
                  type=trans_sec.consts.IPV6_TYPE) /
            IPv6(dst=self.dst_ipv6,
                 src=self.src_ipv6,
                 nh=trans_sec.consts.UDP_PROTO) /
            UDP(dport=consts.UDP_TRPT_DST_PORT) /
            IntShim(length=9, next_proto=trans_sec.consts.UDP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            UDP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.int_pkt_ipv6_tcp = (
            Ether(src=get_if_hwaddr('lo'),
                  dst=self.dst_mac,
                  type=trans_sec.consts.IPV6_TYPE) /
            IPv6(dst=self.dst_ipv6,
                 src=self.src_ipv6,
                 nh=trans_sec.consts.UDP_PROTO) /
            UDP(dport=consts.UDP_TRPT_DST_PORT) /
            IntShim(length=9, next_proto=trans_sec.consts.TCP_PROTO) /
            IntHeader(meta_len=1) / IntMeta1(switch_id=3) /
            IntMeta2(switch_id=2) /
            SourceIntMeta(switch_id=1, orig_mac=self.orig_mac) /
            TCP(dport=self.dport, sport=self.sport) /
            'hello transparent-security')

        self.trpt_pkt_ipv4_out_ipv4_in_udp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4,
               src=self.src_ipv4,
               proto=trans_sec.consts.UDP_PROTO) / UDP(
                   sport=0,
                   dport=consts.UDP_TRPT_DST_PORT,
                   # udp + telemetry header size
                   len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            str(self.int_pkt_ipv4_udp))

        self.trpt_pkt_ipv4_out_ipv6_in_udp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4,
               src=self.src_ipv4,
               proto=trans_sec.consts.UDP_PROTO) / UDP(
                   sport=0,
                   dport=consts.UDP_TRPT_DST_PORT,
                   # udp + telemetry header size
                   len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            str(self.int_pkt_ipv6_udp))

        self.trpt_pkt_ipv4_out_ipv4_in_tcp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4,
               src=self.src_ipv4,
               proto=trans_sec.consts.UDP_PROTO) / UDP(
                   sport=0,
                   dport=consts.UDP_TRPT_DST_PORT,
                   # udp + telemetry header size
                   len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            str(self.int_pkt_ipv4_tcp))

        self.trpt_pkt_ipv4_out_ipv6_in_tcp = (
            Ether(src=self.src_mac, dst=self.dst_mac) /
            IP(dst=self.dst_ipv4,
               src=self.src_ipv4,
               proto=trans_sec.consts.UDP_PROTO) / UDP(
                   sport=0,
                   dport=consts.UDP_TRPT_DST_PORT,
                   # udp + telemetry header size
                   len=len(self.int_pkt_ipv4_udp) + 20 + 20) /
            TelemetryReport(domain_id=consts.TRPT_DOMAIN_ID) /
            str(self.int_pkt_ipv6_tcp))