def generate(self, ip_dst=None, eth_dst=None):
"""Generates a Neighbor Solicitation (NS) packet (ICMP over IPv6).
Args:
ip_dst: NS ipv6 destination (Optional)
eth_dst: Ethernet (layer 2) destination address (Optional)
"""
# Compute IP addresses
target_ip6 = ip_dst if ip_dst is not None else self.dst_ipv6
ndst_ip = socket.inet_pton(socket.AF_INET6, target_ip6)
nnode_mcast = scapy.in6_getnsma(ndst_ip)
node_mcast = socket.inet_ntop(socket.AF_INET6, nnode_mcast)
# Compute MAC addresses
hw_dst = (eth_dst
if eth_dst is not None else scapy.in6_getnsmac(nnode_mcast))
# Create IPv6 layer
base = scapy.IPv6(dst=node_mcast, src=self.src_ipv6)
neighbor_solicitation = scapy.ICMPv6ND_NS(tgt=target_ip6)
src_ll_addr = scapy.ICMPv6NDOptSrcLLAddr(lladdr=self.src_mac)
ip6 = base / neighbor_solicitation / src_ll_addr
# Create Ethernet layer
ethernet = scapy.Ether(src=self.src_mac, dst=hw_dst)
self.packet = ethernet / ip6
return self.packet
def SendRA(cls, netid, retranstimer=None, reachabletime=0):
validity = 300 # seconds
macaddr = cls.RouterMacAddress(netid)
lladdr = cls._RouterAddress(netid, 6)
if retranstimer is None:
# If no retrans timer was specified, pick one that's as long as the
# router lifetime. This ensures that no spurious ND retransmits
# will interfere with test expectations.
retranstimer = validity
# We don't want any routes in the main table. If the kernel doesn't support
# putting RA routes into per-interface tables, configure routing manually.
routerlifetime = validity if HAVE_AUTOCONF_TABLE else 0
ra = (scapy.Ether(src=macaddr, dst="33:33:00:00:00:01") /
scapy.IPv6(src=lladdr, hlim=255) /
scapy.ICMPv6ND_RA(reachabletime=reachabletime,
retranstimer=retranstimer,
routerlifetime=routerlifetime) /
scapy.ICMPv6NDOptSrcLLAddr(lladdr=macaddr) /
scapy.ICMPv6NDOptPrefixInfo(prefix=cls.IPv6Prefix(netid),
prefixlen=64,
L=1,
A=1,
validlifetime=validity,
preferredlifetime=validity))
posix.write(cls.tuns[netid].fileno(), str(ra))
def create_ra(dst=None):
ether_head = scapy.Ether(src=router_mac, dst=dst)
ipv6_head = scapy.IPv6()
ipv6_head.dest = 'ff02::1'
ipv6_head.src = mac2ipv6(router_mac)
ipv6_ra = scapy.ICMPv6ND_RA()
ipv6_nd_pref = scapy.ICMPv6NDOptPrefixInfo()
ipv6_nd_pref.prefix = ipv6_nd_prefix
ipv6_nd_pref.prefixlen = 64
# Valid-Lifetime 2h
ipv6_nd_pref.validlifetime = 7200
# Preferred-Lifetime 30min
ipv6_nd_pref.preferredlifetime = 1800
# ICMPv6-Option: Route Information
o_route = scapy.ICMPv6NDOptRouteInfo()
# Default Route
o_route.prefix = '::'
# Prefix length in bit
o_route.plen = 0
# Same value as the Preferred-Lifetime of the Router
o_route.rtlifetime = 1800
# ICMPv6-Option: Recursive DNS Server
o_rdns = scapy.ICMPv6NDOptRDNSS()
# List of DNS Server Addresses
o_rdns.dns = router_dns
# Same value as the Preferred-Lifetime of the Router
o_rdns.lifetime = 1800
# ICMPv6-Option: Source Link Layer Address
o_mac = scapy.ICMPv6NDOptSrcLLAddr()
# MAC address
o_mac.lladdr = router_mac
ra = (ether_head / ipv6_head / ipv6_ra / ipv6_nd_pref / o_route / o_rdns /
o_mac)
return ra
def NS(srcaddr, tgtaddr, srcmac):
solicited = inet_pton(AF_INET6, tgtaddr)
last3bytes = tuple([ord(b) for b in solicited[-3:]])
solicited = "ff02::1:ff%02x:%02x%02x" % last3bytes
packet = (scapy.IPv6(src=srcaddr, dst=solicited) /
scapy.ICMPv6ND_NS(tgt=tgtaddr) /
scapy.ICMPv6NDOptSrcLLAddr(lladdr=srcmac))
return ("ICMPv6 NS", packet)
def ExpectUnicastProbe(self, addr):
version = 6 if ":" in addr else 4
if version == 6:
expected = (
scapy.IPv6(src=self.MyLinkLocalAddress(self.netid), dst=addr) /
scapy.ICMPv6ND_NS(tgt=addr) / scapy.ICMPv6NDOptSrcLLAddr(
lladdr=self.MyMacAddress(self.netid)))
self.ExpectPacketOn(self.netid, "Unicast probe", expected)
else:
raise NotImplementedError
def create_ns(dst_ip, dst_mac, src_ip=None, src_mac=None, tgt_ip=None):
# Solicitation
if src_ip is None:
src_ip = mac2ipv6(router_mac)
if src_mac is None:
src_mac = router_mac
if tgt_ip is None:
tgt_ip = dst_ip
ether_head = scapy.Ether(dst=dst_mac, src=src_mac)
# With solicited node multicast
ipv6_head = scapy.IPv6(src=src_ip, dst=make_sn_mc(dst_ip))
icmpv6_ns = scapy.ICMPv6ND_NS(tgt=tgt_ip)
icmpv6_opt_pref = scapy.ICMPv6NDOptSrcLLAddr(lladdr=src_mac)
sol = (ether_head / ipv6_head / icmpv6_ns / icmpv6_opt_pref)
return sol
def ExpectProbe(self, is_unicast, addr):
version = 6 if ":" in addr else 4
if version == 6:
llsrc = self.MyMacAddress(self.netid)
if is_unicast:
src = self.MyLinkLocalAddress(self.netid)
dst = addr
else:
solicited = inet_pton(AF_INET6, addr)
last3bytes = tuple([ord(b) for b in solicited[-3:]])
dst = "ff02::1:ff%02x:%02x%02x" % last3bytes
src = self.MyAddress(6, self.netid)
expected = (scapy.IPv6(src=src, dst=dst) /
scapy.ICMPv6ND_NS(tgt=addr) /
scapy.ICMPv6NDOptSrcLLAddr(lladdr=llsrc))
msg = "%s probe" % ("Unicast" if is_unicast else "Multicast")
self.ExpectPacketOn(self.netid, msg, expected)
else:
raise NotImplementedError
def generate(self,
lifetime,
enableDNS=False,
dns_lifetime=0,
ip_dst=None,
eth_dst=None):
"""Generates a Router Advertisement (RA) packet (ICMP over IPv6).
Args:
lifetime: RA lifetime
enableDNS: Add RDNSS option to RA (Optional)
dns_lifetime: Set DNS server lifetime (Optional)
ip_dst: IPv6 destination address (Optional)
eth_dst: Ethernet (layer 2) destination address (Optional)
"""
# Overwrite standard fields if desired
ip6_dst = (ip_dst if ip_dst is not None else RA_IP)
hw_dst = (eth_dst if eth_dst is not None else RA_MAC)
# Create IPv6 layer
base = scapy.IPv6(dst=ip6_dst, src=self.src_ipv6)
router_solicitation = scapy.ICMPv6ND_RA(routerlifetime=lifetime)
src_ll_addr = scapy.ICMPv6NDOptSrcLLAddr(lladdr=self.src_mac)
prefix = scapy.ICMPv6NDOptPrefixInfo(prefixlen=RA_PREFIX_LEN,
prefix=RA_PREFIX)
if enableDNS:
rndss = scapy.ICMPv6NDOptRDNSS(lifetime=dns_lifetime,
dns=[self.src_ipv6],
len=DNS_LEN)
ip6 = base / router_solicitation / src_ll_addr / prefix / rndss
else:
ip6 = base / router_solicitation / src_ll_addr / prefix
# Create Ethernet layer
ethernet = scapy.Ether(src=self.src_mac, dst=hw_dst)
self.packet = ethernet / ip6
return self.packet
