diff options
Diffstat (limited to 'resources/libraries/python/PacketVerifier.py')
-rw-r--r-- | resources/libraries/python/PacketVerifier.py | 344 |
1 files changed, 0 insertions, 344 deletions
diff --git a/resources/libraries/python/PacketVerifier.py b/resources/libraries/python/PacketVerifier.py deleted file mode 100644 index fb2337e49d..0000000000 --- a/resources/libraries/python/PacketVerifier.py +++ /dev/null @@ -1,344 +0,0 @@ -# Copyright (c) 2019 Cisco and/or its affiliates. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at: -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"""PacketVerifier module. - - Example. :: - - | >>> from scapy.all import * - | >>> from PacketVerifier import * - | >>> rxq = RxQueue('eth1') - | >>> txq = TxQueue('eth1') - | >>> src_mac = "AA:BB:CC:DD:EE:FF" - | >>> dst_mac = "52:54:00:ca:5d:0b" - | >>> src_ip = "11.11.11.10" - | >>> dst_ip = "11.11.11.11" - | >>> sent_packets = [] - | >>> pkt_send = Ether(src=src_mac, dst=dst_mac) / - | ... IP(src=src_ip, dst=dst_ip) / - | ... ICMP() - | >>> sent_packets.append(pkt_send) - | >>> txq.send(pkt_send) - | >>> pkt_send = Ether(src=src_mac, dst=dst_mac) / - | ... ARP(hwsrc=src_mac, psrc=src_ip, hwdst=dst_mac, pdst=dst_ip, op=2) - | >>> sent_packets.append(pkt_send) - | >>> txq.send(pkt_send) - | >>> rxq.recv(100, sent_packets).show() - | ###[ Ethernet ]### - | dst = aa:bb:cc:dd:ee:ff - | src = 52:54:00:ca:5d:0b - | type = 0x800 - | ###[ IP ]### - | version = 4L - | ihl = 5L - | tos = 0x0 - | len = 28 - | id = 43183 - | flags = - | frag = 0L - | ttl = 64 - | proto = icmp - | chksum = 0xa607 - | src = 11.11.11.11 - | dst = 11.11.11.10 - | options - | ###[ ICMP ]### - | type = echo-reply - | code = 0 - | chksum = 0xffff - | id = 0x0 - | seq = 0x0 - | ###[ Padding ]### - | load = 'RT\x00\xca]\x0b\xaa\xbb\xcc\xdd\xee\xff\x08\x06\x00\x01\x08\x00' - - Example end. -""" - -import os -import select - -from scapy.all import ETH_P_IP, ETH_P_IPV6, ETH_P_ALL, ETH_P_ARP -from scapy.config import conf -from scapy.layers.inet6 import IPv6 -from scapy.layers.l2 import Ether, ARP -from scapy.packet import Raw - -# Enable libpcap's L2listen -conf.use_pcap = True - -__all__ = [ - u"RxQueue", u"TxQueue", u"Interface", u"create_gratuitous_arp_request", - u"auto_pad", u"checksum_equal" -] - -# TODO: http://stackoverflow.com/questions/320232/ -# ensuring-subprocesses-are-dead-on-exiting-python-program - - -class PacketVerifier: - """Base class for TX and RX queue objects for packet verifier.""" - def __init__(self, interface_name): - os.system( - f"sudo echo 1 > /proc/sys/net/ipv6/conf/{interface_name}/" - f"disable_ipv6" - ) - os.system(f"sudo ip link set {interface_name} up promisc on") - self._ifname = interface_name - - -def extract_one_packet(buf): - """Extract one packet from the incoming buf buffer. - - Takes string as input and looks for first whole packet in it. - If it finds one, it returns substring from the buf parameter. - - :param buf: String representation of incoming packet buffer. - :type buf: str - :returns: String representation of first packet in buf. - :rtype: str - """ - pkt_len = 0 - - if len(buf) < 60: - return None - - try: - ether_type = Ether(buf[0:14]).type - except AttributeError: - raise RuntimeError(f"No EtherType in packet {buf!r}") - - if ether_type == ETH_P_IP: - # 14 is Ethernet fame header size. - # 4 bytes is just enough to look for length in ip header. - # ip total length contains just the IP packet length so add the Ether - # header. - pkt_len = Ether(buf[0:14+4]).len + 14 - if len(buf) < 60: - return None - elif ether_type == ETH_P_IPV6: - if not Ether(buf[0:14+6]).haslayer(IPv6): - raise RuntimeError(f"Invalid IPv6 packet {buf!r}") - # ... to add to the above, 40 bytes is the length of IPV6 header. - # The ipv6.len only contains length of the payload and not the header - pkt_len = Ether(buf)[u"IPv6"].plen + 14 + 40 - if len(buf) < 60: - return None - elif ether_type == ETH_P_ARP: - pkt = Ether(buf[:20]) - if not pkt.haslayer(ARP): - raise RuntimeError(u"Incomplete ARP packet") - # len(eth) + arp(2 hw addr type + 2 proto addr type - # + 1b len + 1b len + 2b operation) - - pkt_len = 14 + 8 - pkt_len += 2 * pkt.getlayer(ARP).hwlen - pkt_len += 2 * pkt.getlayer(ARP).plen - - del pkt - elif ether_type == 32821: # RARP (Reverse ARP) - pkt = Ether(buf[:20]) - pkt.type = ETH_P_ARP # Change to ARP so it works with scapy - pkt = Ether(pkt) - if not pkt.haslayer(ARP): - pkt.show() - raise RuntimeError(u"Incomplete RARP packet") - - # len(eth) + arp(2 hw addr type + 2 proto addr type - # + 1b len + 1b len + 2b operation) - pkt_len = 14 + 8 - pkt_len += 2 * pkt.getlayer(ARP).hwlen - pkt_len += 2 * pkt.getlayer(ARP).plen - - del pkt - else: - raise RuntimeError(f"Unknown protocol {ether_type}") - - if pkt_len < 60: - pkt_len = 60 - - if len(buf) < pkt_len: - return None - - return buf[0:pkt_len] - - -def packet_reader(interface_name, queue): - """Sub-process routine that reads packets and puts them to queue. - - This function is meant to be run in separate subprocess and is in tight - loop reading raw packets from interface passed as parameter. - - :param interface_name: Name of interface to read packets from. - :param queue: Queue in which this function will push incoming packets. - :type interface_name: str - :type queue: multiprocessing.Queue - """ - sock = conf.L2listen(iface=interface_name, type=ETH_P_ALL) - - while True: - pkt = sock.recv(0x7fff) - queue.put(pkt) - - -class RxQueue(PacketVerifier): - """Receive queue object. - - This object creates raw socket, reads packets from it and provides - function to access them. - - :param interface_name: Which interface to bind to. - :type interface_name: str - """ - def __init__(self, interface_name): - PacketVerifier.__init__(self, interface_name) - self._sock = conf.L2listen(iface=interface_name, type=ETH_P_ALL) - - def recv(self, timeout=3, ignore=None, verbose=True): - """Read next received packet. - - Returns scapy's Ether() object created from next packet in the queue. - Queue is being filled in parallel in subprocess. If no packet - arrives in given timeout queue.Empty exception will be risen. - - :param timeout: How many seconds to wait for next packet. - :param ignore: List of packets that should be ignored. - :param verbose: Used to suppress detailed logging of received packets. - :type timeout: int - :type ignore: list - :type verbose: bool - - :returns: Ether() initialized object from packet data. - :rtype: scapy.Ether - """ - ignore_list = list() - if ignore is not None: - for ig_pkt in ignore: - # Auto pad all packets in ignore list - ignore_list.append(str(auto_pad(ig_pkt))) - while True: - rlist, _, _ = select.select([self._sock], [], [], timeout) - if self._sock not in rlist: - return None - - pkt = self._sock.recv(0x7fff) - pkt_pad = str(auto_pad(pkt)) - print(f"Received packet on {self._ifname} of len {len(pkt)}") - if verbose: - if hasattr(pkt, u"show2"): - pkt.show2() - else: - # Never happens in practice, but Pylint does not know that. - print(f"Unexpected instance: {pkt!r}") - print() - if pkt_pad in ignore_list: - ignore_list.remove(pkt_pad) - print(u"Received packet ignored.") - continue - return pkt - - -class TxQueue(PacketVerifier): - """Transmission queue object. - - This object is used to send packets over RAW socket on a interface. - - :param interface_name: Which interface to send packets from. - :type interface_name: str - """ - def __init__(self, interface_name): - PacketVerifier.__init__(self, interface_name) - self._sock = conf.L2socket(iface=interface_name, type=ETH_P_ALL) - - def send(self, pkt, verbose=True): - """Send packet out of the bound interface. - - :param pkt: Packet to send. - :param verbose: Used to suppress detailed logging of sent packets. - :type pkt: string or scapy Packet derivative. - :type verbose: bool - """ - pkt = auto_pad(pkt) - print(f"Sending packet out of {self._ifname} of len {len(pkt)}") - if verbose: - pkt.show2() - print() - - self._sock.send(pkt) - - -class Interface: - """Class for network interfaces. Contains methods for sending and receiving - packets.""" - def __init__(self, if_name): - """Initialize the interface class. - - :param if_name: Name of the interface. - :type if_name: str - """ - self.if_name = if_name - self.sent_packets = [] - self.rxq = RxQueue(if_name) - self.txq = TxQueue(if_name) - - def send_pkt(self, pkt): - """Send the provided packet out the interface.""" - self.sent_packets.append(pkt) - self.txq.send(pkt) - - def recv_pkt(self, timeout=3): - """Read one packet from the interface's receive queue. - - :param timeout: Timeout value in seconds. - :type timeout: int - :returns: Ether() initialized object from packet data. - :rtype: scapy.Ether - """ - return self.rxq.recv(timeout, self.sent_packets) - - -def create_gratuitous_arp_request(src_mac, src_ip): - """Creates scapy representation of gratuitous ARP request.""" - return (Ether(src=src_mac, dst=u"ff:ff:ff:ff:ff:ff") / - ARP(psrc=src_ip, hwsrc=src_mac, pdst=src_ip) - ) - - -def auto_pad(packet): - """Pads zeroes at the end of the packet if the total len < 60 bytes.""" - # padded = str(packet) - if len(packet) < 60: - packet[Raw].load += (b"\0" * (60 - len(packet))) - return packet - - -def checksum_equal(chksum1, chksum2): - """Compares two checksums in one's complement notation. - - Checksums to be compared are calculated as 16 bit one's complement of the - one's complement sum of 16 bit words of some buffer. - In one's complement notation 0x0000 (positive zero) and 0xFFFF - (negative zero) are equivalent. - - :param chksum1: First checksum. - :param chksum2: Second checksum. - :type chksum1: uint16 - :type chksum2: uint16 - - :returns: True if checksums are equivalent, False otherwise. - :rtype: boolean - """ - if chksum1 == 0xFFFF: - chksum1 = 0 - if chksum2 == 0xFFFF: - chksum2 = 0 - return chksum1 == chksum2 |