Python 当使用scapy时,如何从数据包中读取整个ip层和tcp层?
当使用scapy接收到ICMP目的地不可到达(碎片需要ICMP类型=3代码=4)消息时,我正在进行TCP重传行为测试 测试流程如下:Python 当使用scapy时,如何从数据包中读取整个ip层和tcp层?,python,networking,tcp,scapy,Python,Networking,Tcp,Scapy,当使用scapy接收到ICMP目的地不可到达(碎片需要ICMP类型=3代码=4)消息时,我正在进行TCP重传行为测试 测试流程如下: 1.建立到服务器的TCP连接 2.建立TCP时向服务器发送HTTP GET请求 3.当HTTP响应返回时 4.向设置了小型MTU的服务器发送ICMP类型3代码4消息 问题是,ICMP TYPE=3 CODE=4消息包含该HTTP响应数据包的IP头和部分TCP头(srt、dst和seq编号)。目前,我只是从HTTP响应包中读取每个参数(如IP标识、frag标记、tt
1.建立到服务器的TCP连接
2.建立TCP时向服务器发送HTTP GET请求
3.当HTTP响应返回时
4.向设置了小型MTU的服务器发送ICMP类型3代码4消息 问题是,ICMP TYPE=3 CODE=4消息包含该HTTP响应数据包的IP头和部分TCP头(srt、dst和seq编号)。目前,我只是从HTTP响应包中读取每个参数(如IP标识、frag标记、ttl等)。问题是:是否有任何方法可以从该数据包读取整个IP和TCP报头:
ICMP(TYPE=3 code=4)/IP头/TCP头
希望以下内容能有所帮助:
>>> pkt = ICMP()/IP()/TCP()
>>> ipHeader = pkt.getlayer(IP)
>>> ipHeader
<IP frag=0 proto=tcp |<TCP |>>
>>>
pkt=ICMP()/IP()/TCP()
>>>ipHeader=pkt.getlayer(IP)
>>>ipHeader
>>>
要仅检索IP标头,请执行以下操作:
>>> pkt = Ether()/IP()/TCP()
>>> ip = pkt.getlayer(IP)
>>> ip
<IP frag=0 proto=tcp |<TCP |>>
>>> ip.remove_payload()
>>> ip
<IP |>
>>>
pkt=Ether()/IP()/TCP()
>>>ip=pkt.getlayer(ip)
>>>知识产权
>>>ip.移除_有效载荷()
>>>知识产权
>>>
我将数据包对象转换为dict对象,以简化解析过程。 代码: 输出:
/usr/bin/python2.7 /home/yuanzhi/workspace/scaptest/scaptest.py
5L
1
字典将如下所示:
{
"Ethernet": {
"src": "5e:22:73:12:50:02",
"dst": "6e:30:96:e3:a0:6c",
"type": "0x800",
"IP": {
"frag": "0L",
"src": "1.0.3.0",
"UDP": {
"dport": "isakmp",
"ISAKMP": {
"resp_cookie": "'\\xb5A\\x06\\xef\\x126~\\x95'",
"exch_type": "identityprot.",
"length": "204",
"version": "0x10",
"flags": "",
"init_cookie": "'2\\x12\\xbda\\xee\\xa8\\xba\\xa6'",
"ISAKMP SA": {
"IKE proposal": {
"SPI": "''",
"length": "44",
"IKE Transform": {
"length": "36",
"num": "0",
"transforms": "[('Encryption','AES-CBC'),('KeyLength',256),('Hash','SHA'),('Authentication','PSK'),('GroupDesc','1024MODPgr'),('LifeType','Seconds'),('LifeDuration',43200)]",
"ISAKMP Vendor ID": {......
谢谢,但这似乎得到了整个IP层,包括IP头,TCP头和TCP负载,而我只需要IP和TCP头。
{
"Ethernet": {
"src": "5e:22:73:12:50:02",
"dst": "6e:30:96:e3:a0:6c",
"type": "0x800",
"IP": {
"frag": "0L",
"src": "1.0.3.0",
"UDP": {
"dport": "isakmp",
"ISAKMP": {
"resp_cookie": "'\\xb5A\\x06\\xef\\x126~\\x95'",
"exch_type": "identityprot.",
"length": "204",
"version": "0x10",
"flags": "",
"init_cookie": "'2\\x12\\xbda\\xee\\xa8\\xba\\xa6'",
"ISAKMP SA": {
"IKE proposal": {
"SPI": "''",
"length": "44",
"IKE Transform": {
"length": "36",
"num": "0",
"transforms": "[('Encryption','AES-CBC'),('KeyLength',256),('Hash','SHA'),('Authentication','PSK'),('GroupDesc','1024MODPgr'),('LifeType','Seconds'),('LifeDuration',43200)]",
"ISAKMP Vendor ID": {......