예제 #1
0
    def input_tcp(self, eth, ip, tcp, timestamp):
        if not eth.src == self.mac:
            header = tacacs_plus_header()
            data = header.parse(str(tcp.data))
            server = tcp.sport == TACACS_PLUS_PORT
            if server:
                ident = "%s -> %s" % (dumbnet.ip_ntoa(
                    ip.dst), dumbnet.ip_ntoa(ip.src))
            else:
                ident = "%s -> %s" % (dumbnet.ip_ntoa(
                    ip.src), dumbnet.ip_ntoa(ip.dst))

            if not ident in self.peers:
                encrypt = not (header.flags
                               & tacacs_plus_header.FLAGS_UNENCRYPTED)
                #add to gui
                if self.ui == "gtk":
                    row_iter = self.treestore.append(
                        None, [ident, encrypt, False, ""])
                elif self.ui == "urw":
                    column = [
                        ('weight', 3,
                         self.PopUpButton(
                             "%s - ENCRYPTED(%s)" % (ident, str(encrypt)),
                             self, ident))
                    ]
                    if not header.flags & tacacs_plus_header.FLAGS_UNENCRYPTED:
                        column.append(
                            self.parent.menu_button("Crack",
                                                    self.crack_activated,
                                                    ident))
                        column.append(self.PwPopUpButton(self, ident))
                    column = urwid.Columns(column)
                    self.peerlist.append(column)
                    row_iter = self.peerlist.index(column)

                self.peers[ident] = {
                    'encrypt': encrypt,
                    'secret': None,
                    'iter': row_iter,
                    'packets': [],
                    'log': [],
                    'crack': False,
                    'crack_pkg': None,
                }
                self.log("TACACS+: Got connection %s" % ident)
            if header.flags & tacacs_plus_header.FLAGS_UNENCRYPTED:
                #cleartext
                self.peers[ident]['log'].append(self.body_to_str(header, data))
            else:
                #crypted
                if not self.peers[ident]['secret'] is None:
                    self.peers[ident]['log'].append(
                        self.body_to_str(
                            header,
                            self.decrypt(header, data,
                                         self.peers[peer]['secret']), server))
                self.peers[ident]['packets'].append((header, data, server))
                if server and header._type == tacacs_plus_header.TYPE_AUTHEN:
                    self.peers[ident]['crack_pkg'] = (header, data)
예제 #2
0
 def parse(self, data):
     self.next_hop = dumbnet.ip_ntoa(data[:4])
     (self.delay, self.bandwidth, mtu_and_hop, self.reliability, self.load,
      self.prefix) = struct.unpack("!IIIBBxxB", data[4:21])
     self.mtu = mtu_and_hop >> 8
     self.hop_count = mtu_and_hop & 0x000000ff
     self.dest = dumbnet.ip_ntoa(data[21:] + '\0' * (25 - len(data)))
예제 #3
0
 def input_udp(self, eth, ip, udp, timestamp):
     if ip.dst == dumbnet.ip_aton(RIP_MULTICAST_ADDRESS) and ip.src != self.ip:
         if ip.src not in self.hosts:
             src = dumbnet.ip_ntoa(ip.src)
             iter = self.host_treestore.append(None, [src])
             self.log("RIP: Got new host %s" % (src))
             self.hosts[ip.src] = (iter, src)
             msg = rip_message()
             msg.parse(udp.data)
             for i in msg.entries:
                 nh = dumbnet.ip_ntoa(i.nh)
                 if nh == "0.0.0.0":
                     nh = src
                 self.host_treestore.append(iter, ["%s/%s via %s metric %d" % (dumbnet.ip_ntoa(i.addr), dumbnet.ip_ntoa(i.mask), nh, i.metric)])
         else:
             (iter, src) = self.hosts[ip.src]
             msg = rip_message(None, [])
             msg.parse(udp.data)
             path = self.host_treestore.get_path(iter)
             expanded = self.host_treeview.row_expanded(path)
             child = self.host_treestore.iter_children(iter)
             while child:
               self.host_treestore.remove(child)
               child = self.host_treestore.iter_children(iter)
             for i in msg.entries:
                 nh = dumbnet.ip_ntoa(i.nh)
                 if nh == "0.0.0.0":
                     nh = src
                 self.host_treestore.append(iter, ["%s/%s via %s metric %d" % (dumbnet.ip_ntoa(i.addr), dumbnet.ip_ntoa(i.mask), nh, i.metric)])
             if expanded:
                 self.host_treeview.expand_row(path, False)
예제 #4
0
    def handle_read(self, pkt):
        # client -> destination, convert the IP from
        # the tun device to the covert destination

        if pkt.src == self.tun_ip:
            pkt.dst = self.decoy_dest
            pkt.src = self.decoy_tun_dest
            pkt.sum = 0
            pkt.data.sum = 0

            flow = (pkt.src, pkt.data.sport, pkt.dst, pkt.data.dport)

            if flow in self.flows:
                self.log.debug("Sending to con mon: %s", dpkt_to_str(pkt))
                self.con_mon.forward_c2d(str(pkt))

            if pkt.data.data and len(
                    pkt.data.data
            ) >= 4 and pkt.data.data[:4] == '\xDE\xAD\xBE\xEF':
                self.flows[flow] = True
                self.log.debug("Sending to con mon: %s", dpkt_to_str(pkt))
                self.con_mon.forward_c2d(str(pkt))
            else:
                self.log.debug("Sending to raw device: %s", dpkt_to_str(pkt))
                self.raw.sendto(str(pkt), (ip_ntoa(pkt.dst), 0))

        elif pkt.src == self.decoy_dest:
            pkt.dst = self.tun_ip
            pkt.src = self.decoy_tun_dest
            pkt.sum = 0
            pkt.data.sum = 0
            self.log.debug("Sending to client: %s", dpkt_to_str(pkt))
            self.raw.sendto(str(pkt), (ip_ntoa(pkt.dst), 0))
예제 #5
0
 def parse(self, data):
     self.next_hop = dumbnet.ip_ntoa(data[:4])
     self.originating_router = dumbnet.ip_ntoa(data[4:8])
     (self.originating_as, self.arbitrary_tag, self.external_metric,
      self.external_proto, self.flags, self.delay, self.bandwidth,
      mtu_and_hop, self.reliability, self.load,
      self.prefix) = struct.unpack("!IIIxxBBIIIBBxxB", data[8:41])
     self.mtu = mtu_and_hop >> 8
     self.hop_count = mtu_and_hop & 0x000000ff
     self.dest = dumbnet.ip_ntoa(data[41:] + '\0' * (45 - len(data)))
예제 #6
0
 def input_tcp(self, eth, ip, tcp, timestamp):
     opts = dpkt.tcp.parse_opts(tcp.opts)
     for (opt, data) in opts:
         if opt == dpkt.tcp.TCP_OPT_MD5:
             src = dumbnet.ip_ntoa(ip.src)
             dst = dumbnet.ip_ntoa(ip.dst)
             ident = "%s:%i->%s:%i" % (src, tcp.sport, dst, tcp.dport)
             if ident not in self.opts:
                 if self.ui == 'gtk':
                     iter = self.liststore.append(["%s:%i" % (src, tcp.sport), "%s:%i" % (dst, tcp.dport), "CAPTURED"])
                 self.opts[ident] = (iter, str(eth.data), data, None)
                 self.log("TCP-MD5: Got MD5 data for connection %s" % (ident))
예제 #7
0
 def input(self, data):
     packet = eigrp_packet()
     payload = packet.parse(data)
     if not packet.optcode == eigrp_packet.EIGRP_OPTCODE_HELLO:
         reply = eigrp_packet(eigrp_packet.EIGRP_OPTCODE_HELLO, 0, 0,
                              packet.seq_num, self.as_num)
         self.seq_num = packet.seq_num + 1
         self.sem.acquire()
         self.msg = reply
         self.sem.release()
         if packet.optcode == eigrp_packet.EIGRP_OPTCODE_UPDATE and len(
                 payload) > 4:
             tlv = eigrp_tlv()
             while payload:
                 payload = tlv.parse(payload)
                 if tlv.type == eigrp_tlv.EIGRP_TYPE_INTERNAL_ROUTE:
                     route = eigrp_internal_route()
                     route.parse(tlv.data)
                     if route.next_hop == "0.0.0.0":
                         route.next_hop = dumbnet.ip_ntoa(self.peer)
                     route_str = route.dest + "/" + str(
                         route.prefix) + " via " + route.next_hop
                     for i in xrange(
                             self.parent.treestore.iter_n_children(
                                 self.iter)):
                         (test_str, ) = self.parent.treestore.get(
                             self.parent.treestore.iter_nth_child(
                                 self.iter, i), self.parent.TREE_AS_ROW)
                         if test_str == route_str:
                             return
                     self.parent.treestore.append(
                         self.iter, ["INTERNAL_ROUTE", route_str])
                 if tlv.type == eigrp_tlv.EIGRP_TYPE_EXTERNAL_ROUTE:
                     route = eigrp_external_route()
                     route.parse(tlv.data)
                     if route.next_hop == "0.0.0.0":
                         route.next_hop = dumbnet.ip_ntoa(self.peer)
                     route_str = route.dest + "/" + str(
                         route.prefix
                     ) + " via " + route.next_hop + " on AS# " + str(
                         route.originating_as) + ", type " + str(
                             route.external_proto)
                     for i in xrange(
                             self.parent.treestore.iter_n_children(
                                 self.iter)):
                         (test_str, ) = self.parent.treestore.get(
                             self.parent.treestore.iter_nth_child(
                                 self.iter, i), self.parent.TREE_AS_ROW)
                         if test_str == route_str:
                             return
                     self.parent.treestore.append(
                         self.iter, ["EXTERNAL_ROUTE", route_str])
예제 #8
0
 def input_ip(self, eth, ip, timestamo):
     if ip.src != self.ip:
         if ip.src not in self.peers:
             pkg = vrrp_packet()
             pkg.parse(str(ip.data))
             src = dumbnet.ip_ntoa(ip.src)
             ips = []
             for i in pkg.ips:
                 ips.append(dumbnet.ip_ntoa(i))
             iter = self.liststore.append(
                 [src, " ".join(ips), pkg.id, pkg.prio, "Seen"])
             self.peers[ip.src] = (iter, pkg, False, False)
             self.log("VRRP-3: Got new peer %s" % (src))
예제 #9
0
    def _intf_repr(self, ifent):
        """
        Return the configuration for a network interface as a dict like interfaces(5).
        """
        if not ifent or ifent["type"] not in (dumbnet.INTF_TYPE_LOOPBACK, dumbnet.INTF_TYPE_ETH):
            return ifent

        ret = {"name": ifent["name"]}

        if not ifent.has_key("addr"):
            ret["mtu"] = ifent["mtu"]
            ret["flags"] = ifent["flags"]
            ret["type"] = self.INTF_TYPES[ifent["type"]]
            ret["typeid"] = ifent["type"]

            if ret["type"] == "eth":
                ret["family"] = "inet"
            else:
                ret["family"] = "unknown"

            if ifent.has_key("link_addr"):
                ret["hwaddress"] = str(ifent["link_addr"])

            return ret

        xaddr = ifent["addr"]
        if xaddr.addrtype == dumbnet.ADDR_TYPE_IP:
            ret["address"] = dumbnet.ip_ntoa(xaddr.ip)
            ret["netmask"] = network.format_ipv4(network.bitmask_to_mask_ipv4(xaddr.bits))
            ret["broadcast"] = str(xaddr.bcast())
            ret["network"] = str(xaddr.net())
            ret["mtu"] = ifent["mtu"]
            ret["flags"] = ifent["flags"]
            ret["type"] = self.INTF_TYPES[ifent["type"]]
            ret["typeid"] = ifent["type"]
            ret["family"] = "inet"

            gw = self._intf_ipv4_gateway(ifent["name"])

            if gw:
                ret["gateway"] = gw

            if ifent.has_key("dst_addr"):
                ret["pointopoint"] = str(ifent["dst_addr"])

            if ifent.has_key("link_addr"):
                ret["hwaddress"] = str(ifent["link_addr"])
        elif xaddr.addrtype == dumbnet.ADDR_TYPE_IP6:
            ret["address"] = dumbnet.ip6_ntoa(xaddr.ip6)
            ret["netmask"] = xaddr.bits
            ret["broadcast"] = str(xaddr.bcast())
            ret["mtu"] = ifent["mtu"]
            ret["flags"] = ifent["flags"]
            ret["type"] = self.INTF_TYPES[ifent["type"]]
            ret["family"] = "inet6"

            if ifent.has_key("link_addr"):
                ret["hwaddress"] = str(ifent["link_addr"])

        return ret
예제 #10
0
 def input_udp(self, eth, ip, udp, timestamp):
     if ip.src != self.ip and ip.src != self.ip6_ll:
         if ip.src not in self.peers:
             pkg = {}
             ip_addr = ""
             prio = 0
             auth = ""
             tlv = hsrp2_tlv()
             left = str(udp.data)
             while len(left) > 0:
                 left = tlv.parse(left)
                 if tlv.type == hsrp2_tlv.TYPE_GROUP_STATE:
                     hsrp2_group_state = hsrp2_group_state_tlv()
                     left = hsrp2_group_state.parse(left)
                     pkg["hsrp2_group_state_tlv"] = hsrp2_group_state
                     ip_addr = hsrp2_group_state.ip
                     prio = hsrp2_group_state.prio
                 elif tlv.type == hsrp2_tlv.TYPE_TEXT_AUTH:
                     hsrp2_text_auth = hsrp2_text_auth_tlv()
                     left = hsrp2_text_auth.parse(left)
                     pkg["hsrp2_text_auth_tlv"] = hsrp2_text_auth
                     auth = hsrp2_text_auth.auth_data
                 elif tlv.type == hsrp2_tlv.TYPE_MD5_AUTH:
                     hsrp2_md5_auth = hsrp2_md5_auth_tlv()
                     left = hsrp2_md5_auth.parse(left)
                     pkg["hsrp2_md5_auth_tlv"] = hsrp2_md5_auth
                     auth = "MD5: %s key#%d" % (hsrp2_md5_auth.csum.encode("hex"), hsrp2_md5_auth.keyid)
                 else:
                     return
             if type(ip) == dpkt.ip6.IP6:
                 src = dumbnet.ip6_ntoa(ip.src)
                 ip_addr = dumbnet.ip6_ntoa(ip_addr)
             else:
                 src = dumbnet.ip_ntoa(ip.src)
                 ip_addr = dumbnet.ip_ntoa(ip_addr)
             if self.ui == 'gtk':
                 iter = self.liststore.append([src, ip_addr, prio, "Seen", auth])
             elif self.ui == 'urw':
                 label = "%s - %s PRIO(%d) AUTH(%s)" % (src, ip_addr, prio, auth)
                 self.hostlist.append(self.parent.menu_button(label + " - Seen", self.urw_hostlist_activated, (ip.src, label)))
                 iter = None
             self.peers[ip.src] = (iter, pkg, False, False)
             self.log("HSRP2: Got new peer %s" % (src))
예제 #11
0
 def run(self):
     self.iter = self.parent.treestore.append(
         None, [dumbnet.ip_ntoa(self.peer),
                str(self.as_num)])
     self.send()
     self.parent.log("EIGRP: Peer " + socket.inet_ntoa(self.peer) +
                     " terminated")
     if self.parent.treestore:
         if self.parent.treestore.iter_is_valid(self.iter):
             self.parent.treestore.remove(self.iter)
     del self.parent.peers[self.peer]
예제 #12
0
 def input_udp(self, eth, ip, udp, timestamp):
     if ip.src != self.ip:
         if ip.src not in self.peers:
             pkg = hsrp_packet()
             auth = None
             data = pkg.parse(str(udp.data))
             if len(data) >= 30:
                 auth = hsrp_auth_tlv()
                 auth.parse(data)
             src = dumbnet.ip_ntoa(ip.src)
             if not auth is None:
                 auth_str = "MD5: %s key#%d" % (auth.csum.encode("hex"),
                                                auth.keyid)
             else:
                 auth_str = pkg.auth_data
             if self.ui == 'gtk':
                 iter = self.liststore.append([
                     src,
                     dumbnet.ip_ntoa(pkg.ip), pkg.prio, "Seen", auth_str
                 ])
             elif self.ui == 'urw':
                 label = "%s - %s PRIO(%d) AUTH(%s)" % (
                     src, dumbnet.ip_ntoa(pkg.ip), pkg.prio, auth_str)
                 self.hostlist.append(
                     self.parent.menu_button(label + " - Seen",
                                             self.urw_hostlist_activated,
                                             (ip.src, label)))
                 iter = None
             self.peers[ip.src] = {
                 "iter": iter,
                 "pkg": pkg,
                 "auth": auth,
                 "state": False,
                 "arp": False
             }
             self.log("HSRP: Got new peer %s" % (src))
예제 #13
0
    def _intf_ipv4_gateway(self, ifname):
        """
        Return the default gateway if it belongs to the interface
        """
        defgw = self.route.get(self.default_dst_ipv4)
        xaddr = dumbnet.intf.get(self, ifname)["addr"]
        route = self.route.get(xaddr)

        if not defgw or (route and defgw != route):
            return None

        defgwstr = str(defgw)
        address = network.parse_ipv4(dumbnet.ip_ntoa(xaddr.ip))
        netmask = network.bitmask_to_mask_ipv4(xaddr.bits)

        if network.ipv4_in_network(network.parse_ipv4(defgwstr), netmask, network.mask_ipv4(netmask, address)):
            return defgwstr
예제 #14
0
 def input_udp(self, eth, ip, udp, timestamp):
     packet = bfd_control_packet()
     packet.parse(udp.data)
     src = dumbnet.ip_ntoa(ip.src)
     dst = dumbnet.ip_ntoa(ip.dst)
     id = "%s:%s" % (src, dst)
     id_rev = "%s:%s" % (dst, src)
     auth = "None"
     if packet.flags & bfd_control_packet.FLAG_AUTH:
         auth = bfd_auth.type_to_str[packet.auth.type]
     password = ""
     if packet.flags & bfd_control_packet.FLAG_AUTH and packet.auth.type == bfd_auth.TYPE_SIMPLE:
         password = packet.auth.data
     if id not in self.neighbors and id_rev not in self.neighbors:
         self.activate_filter()
         if self.ui == 'gtk':
             self.filter_checkbutton.set_active(True)
         elif self.ui == 'urw':
             self.filter_checkbox.set_state(True)
         self.log("BFD: got new session: %s -> %s" % (src, dst))
         if self.ui == 'gtk':
             iter = self.neighbor_treestore.append(None, [
                 src, dst, bfd_control_packet.state_to_str[packet.state],
                 bfd_control_packet.diag_to_str[packet.diag], auth,
                 self.auto_answer, False
             ])
         elif self.ui == 'urw':
             label = "%s - %s %s %s AUTH(%s)" % (
                 src, dst, bfd_control_packet.state_to_str[packet.state],
                 bfd_control_packet.diag_to_str[packet.diag], auth)
             if password != "":
                 label += " PASS(%s)" % password
             answer_c = urwid.CheckBox(
                 "Answer",
                 self.auto_answer,
                 on_state_change=self.urw_answer_checkbox_changed,
                 user_data=id)
             dos_c = urwid.CheckBox(
                 "DOS",
                 False,
                 on_state_change=self.urw_dos_checkbox_changed,
                 user_data=id)
             if not auth == "None":
                 button = self.parent.menu_button(label,
                                                  self.crack_activated, id)
             else:
                 button = self.parent.menu_button(label)
             self.hostlist.append(
                 urwid.Columns([('weight', 4, button), answer_c, dos_c]))
             iter = (button, answer_c, dos_c)
         self.neighbors[id] = (iter, random.randint(0x1, 0x7fffffff),
                               self.auto_answer, False, False, udp.data,
                               password)
     if id in self.neighbors:
         (iter, discrim, answer, dos, crack, data,
          password) = self.neighbors[id]
         if self.ui == 'gtk':
             if self.neighbor_treestore.iter_is_valid(iter):
                 self.neighbor_treestore.set_value(
                     iter, self.NEIGH_STATE_ROW,
                     bfd_control_packet.state_to_str[packet.state])
                 self.neighbor_treestore.set_value(
                     iter, self.NEIGH_DIAG_ROW,
                     bfd_control_packet.diag_to_str[packet.diag])
         elif self.ui == 'urw':
             (button, answer_c, dos_c) = iter
             label = "%s - %s %s %s AUTH(%s)" % (
                 src, dst, bfd_control_packet.state_to_str[packet.state],
                 bfd_control_packet.diag_to_str[packet.diag], auth)
             if password != "":
                 label += " PASS(%s)" % password
             button.base_widget.set_label(label)
         if answer and packet.diag == bfd_control_packet.DIAG_NO:
             if packet.state == bfd_control_packet.STATE_DOWN:
                 packet.state = bfd_control_packet.STATE_INIT
             packet.your_discrim = packet.my_discrim
             packet.my_discrim = discrim
             packet.req_min_echo = 0
             udp_hdr = dpkt.udp.UDP(dport=BFD_PORT,
                                    sport=31337,
                                    data=packet.render())
             udp_hdr.ulen += len(udp_hdr.data)
             ip_hdr = dpkt.ip.IP(ttl=255,
                                 tos=0xC0,
                                 p=dpkt.ip.IP_PROTO_UDP,
                                 src=ip.dst,
                                 dst=ip.src,
                                 data=str(udp_hdr))
             ip_hdr.len += len(ip_hdr.data)
             eth_hdr = dpkt.ethernet.Ethernet(
                 dst=eth.src,
                 src=eth.dst,
                 type=dpkt.ethernet.ETH_TYPE_IP,
                 data=str(ip_hdr))
             self.dumbnet.send(str(eth_hdr))
         elif dos and packet.state > bfd_control_packet.STATE_DOWN:
             packet.state = bfd_control_packet.STATE_DOWN
             tmp = packet.your_discrim
             packet.your_discrim = packet.my_discrim
             packet.my_discrim = tmp
             udp_hdr = dpkt.udp.UDP(dport=udp.dport,
                                    sport=udp.sport,
                                    data=packet.render())
             udp_hdr.ulen += len(udp_hdr.data)
             ip_hdr = dpkt.ip.IP(ttl=255,
                                 tos=0xC0,
                                 p=dpkt.ip.IP_PROTO_UDP,
                                 src=ip.dst,
                                 dst=ip.src,
                                 data=str(udp_hdr))
             ip_hdr.len += len(ip_hdr.data)
             eth_hdr = dpkt.ethernet.Ethernet(
                 dst=eth.src,
                 src=eth.dst,
                 type=dpkt.ethernet.ETH_TYPE_IP,
                 data=str(ip_hdr))
             self.dumbnet.send(str(eth_hdr))
def parse_updates(dump):
    for (mrt_h, bgp_h, bgp_m) in dump:
        # initialize dictionary of this update message
        update = BGP_FIELDS

        # parse date
        update['date'] = time.strftime('%D %T', time.gmtime(mrt_h.ts))
        update_date_unix = update_date_to_unix_timestamp(update['date'])

        # filter on date
        if FLAGS.date != "any":
            if update_date_unix not in dates_unix:
                continue
        if start_date_unix != 0:
            if start_date_unix > update_date_unix:
                continue
        if end_date_unix != 0:
            if end_date_unix < update_date_unix:
                continue

        # parse from and to
        update['from_ip'] = dnet.ip_ntoa(bgp_h.src_ip)
        update['from_as'] = bgp_h.src_as
        update['to_ip'] = dnet.ip_ntoa(bgp_h.dst_ip)
        update['to_as'] = bgp_h.dst_as

        # parse attributes
        for attr in bgp_m.update.attributes:
            if attr.type == bgp.ORIGIN:
                update['origin'] = origin_to_str(attr.origin)
            elif attr.type == bgp.AS_PATH:
                update['as_path'] = aspath_to_array(attr.as_path)
            elif attr.type == bgp.NEXT_HOP:
                update['next_hop'] = dnet.ip_ntoa(attr.next_hop.ip)
            elif attr.type == bgp.MULTI_EXIT_DISC:
                update['multi_exit_disc'] = attr.multi_exit_disc.value
            elif attr.type == bgp.LOCAL_PREF:
                update['local_pref'] = attr.local_pref.value
            elif attr.type == bgp.ATOMIC_AGGREGATE:
                update['atomic_aggregate'] = 'AG'
            elif attr.type == bgp.AGGREGATOR:
                try:
                    update['aggregator_as'] = attr.as4_aggregator.asn
                    update['aggregator_ip'] = dnet.ip_ntoa(attr.as4_aggregator.ip)
                except AttributeError:
                    update['aggregator_as'] = attr.aggregator.asn
                    update['aggregator_ip'] = dnet.ip_ntoa(attr.aggregator.ip)
            elif attr.type == bgp.ORIGINATOR_ID:
                update['originator_id'] = dnet.ip_ntoa(attr.originator_id.value)
            elif attr.type == bgp.CLUSTER_LIST:
                update['cluster_list'] = clusterlist_to_array(attr.cluster_list)
            elif attr.type == bgp.COMMUNITIES:
                update['communities'] = communities_to_array(attr.communities)

        # parse announced
        if len(bgp_m.update.announced) > 0:
            update['announced'] = announced_or_withdrawn_to_array(bgp_m.update.announced)

        # parse withdrawn
        if len(bgp_m.update.withdrawn) > 0:
            update['withdrawn'] = announced_or_withdrawn_to_array(bgp_m.update.withdrawn)

        # filter on bgp fields and values
        if not filter_update(update):
            continue

        # print the update
        if FLAGS.print_updates:
            print_update(update)

        # add and save the update
        updates.append(update)
        plots.append(update_date_unix)
예제 #16
0
 def forward(self, pkt):
     """ Act like a decoy router.  Forward here means
     you should get the packet to the destination, which
     could either be the decoy dest or the client """
     self.log.debug("FWD Sending: %s", dpkt_to_str(pkt))
     self.raw.sendto(str(pkt), (ip_ntoa(pkt.dst), 0))
def clusterlist_to_array(cluster_list):
    arr = []
    for i, cluster in enumerate(cluster_list.list, start=0):
        arr.append('')
        arr[i] = dnet.ip_ntoa(cluster)
    return arr
def announced_or_withdrawn_to_array(routes):
    arr = []
    for i, route in enumerate(routes, start=0):
        arr.append('')
        arr[i] = '%s/%d' % (dnet.ip_ntoa(route.prefix), route.len)
    return arr
예제 #19
0
    def _intf_repr(self, ifent):
        """
        Return the configuration for a network interface as a dict like interfaces(5).
        """
        if not ifent \
           or ifent['type'] not in (dumbnet.INTF_TYPE_LOOPBACK, dumbnet.INTF_TYPE_ETH):
            return ifent

        ret = {'name': ifent['name']}

        if not ifent.has_key('addr'):
            ret['mtu'] = ifent['mtu']
            ret['flags'] = ifent['flags']
            ret['type'] = self.INTF_TYPES[ifent['type']]
            ret['typeid'] = ifent['type']

            if ret['type'] == 'eth':
                ret['family'] = 'inet'
            else:
                ret['family'] = 'unknown'

            if ifent.has_key('link_addr'):
                ret['hwaddress'] = str(ifent['link_addr'])

            return ret

        xaddr = ifent['addr']
        if xaddr.addrtype == dumbnet.ADDR_TYPE_IP:
            ret['address'] = dumbnet.ip_ntoa(xaddr.ip)
            ret['netmask'] = network.format_ipv4(
                                        network.bitmask_to_mask_ipv4(xaddr.bits))
            ret['broadcast'] = str(xaddr.bcast())
            ret['network'] = str(xaddr.net())
            ret['mtu'] = ifent['mtu']
            ret['flags'] = ifent['flags']
            ret['type'] = self.INTF_TYPES[ifent['type']]
            ret['typeid'] = ifent['type']
            ret['family'] = 'inet'

            gw = self._intf_ipv4_gateway(ifent['name'])

            if gw:
                ret['gateway'] = gw

            if ifent.has_key('dst_addr'):
                ret['pointopoint'] = str(ifent['dst_addr'])

            if ifent.has_key('link_addr'):
                ret['hwaddress'] = str(ifent['link_addr'])
        elif xaddr.addrtype == dumbnet.ADDR_TYPE_IP6:
            ret['address'] = dumbnet.ip6_ntoa(xaddr.ip6)
            ret['netmask'] = xaddr.bits
            ret['broadcast'] = str(xaddr.bcast())
            ret['mtu'] = ifent['mtu']
            ret['flags'] = ifent['flags']
            ret['type'] = self.INTF_TYPES[ifent['type']]
            ret['family'] = 'inet6'

            if ifent.has_key('link_addr'):
                ret['hwaddress'] = str(ifent['link_addr'])

        return ret
예제 #20
0
    def input_udp(self, eth, ip, udp, timestamp):
        if ip.src != self.ip:
            pkg = glbp_packet()
            data = pkg.parse(str(udp.data))
            req_resp = []
            auth = None
            nonce = None
            auth_str = "Unauthenticated"
            while len(data) > 0:
                #~ print "len: %d data: %s" % (len(data), data.encode("hex"))
                tlv = glbp_tlv()
                tlv.parse(data)
                if tlv.tlv_type == glbp_tlv.TYPE_HELLO:
                    hello = glbp_tlv_hello()
                    data = hello.parse(data)
                elif tlv.tlv_type == glbp_tlv.TYPE_REQ_RESP:
                    tmp = glbp_tlv_req_resp()
                    data = tmp.parse(data)
                    if not tmp.vmac == "\x00\x00\x00\x00\x00\x00":
                        req_resp.append(tmp)
                elif tlv.tlv_type == glbp_tlv.TYPE_AUTH:
                    auth = glbp_tlv_auth()
                    data = auth.parse(data)
                    if auth.auth_type == glbp_tlv_auth.TYPE_PLAIN:
                        auth_str = "Plaintext: '%s'" % auth.secret[:-1]
                    elif auth.auth_type == glbp_tlv_auth.TYPE_MD5_STRING:
                        auth_str = "MD5 String: '%s'" % auth.secret.encode(
                            "hex")
                    elif auth.auth_type == glbp_tlv_auth.TYPE_MD5_CHAIN:
                        auth_str = "MD5 Chain: '%s'" % auth.secret.encode(
                            "hex")
                    else:
                        auth_str = "Unknown"
                else:
                    #~ print "type: %d len: %d" % (tlv.tlv_type, tlv.tlv_length)
                    data = data[tlv.tlv_length:]
            try:
                src = dumbnet.ip_ntoa(ip.src)
            except:
                pass

            if ip.src in self.peers:
                (iter, _, _, req_resp_old, _, _, _) = self.peers[ip.src]
                for i in req_resp:
                    if not i in req_resp_old:
                        req_resp_old.append(i)
                        self.treestore.append(
                            iter,
                            ["", "", i.weight,
                             dumbnet.eth_ntoa(i.vmac), ""])
            else:
                iter = self.treestore.append(None, [
                    src,
                    dumbnet.ip_ntoa(hello.addr), hello.prio, "Seen", auth_str
                ])
                for req in req_resp:
                    self.treestore.append(
                        iter,
                        ["", "", req.weight,
                         dumbnet.eth_ntoa(req.vmac), ""])
                self.peers[ip.src] = (iter, pkg, hello, req_resp, auth, False,
                                      False)
                self.log("GLBP: Got new peer %s" % (src))