Scapy:如何将新层(802.1q)插入现有数据包?
Scapy: How to insert a new layer (802.1q) into existing packet?
我有一个数据包转储,想向数据包中注入一个 vlan 标记 (802.1q header)。
怎么做?
为了找到答案,我查看了 Scapy: Inserting a new layer and logging issues,这确实很有帮助,但包含一些废话。
我添加图层的解决方案,基于参考问题(add-dot1q_pcap.py):
import sys
from scapy.all import rdpcap, wrpcap, NoPayload, Ether, Dot1Q
# read all packets into buffer
# WARNING works only for small files
packets = []
for packet in rdpcap(sys.argv[1]):
# gets the first layer of the current packet
layer = packet.firstlayer()
# loop over the layers
while not isinstance(layer, NoPayload):
if 'chksum' in layer.default_fields:
del layer.chksum
if (type(layer) is Ether):
# adjust ether type
layer.type = 33024
# add 802.1q layer between Ether and IP
dot1q = Dot1Q(vlan=42)
dot1q.add_payload(layer.payload)
layer.remove_payload()
layer.add_payload(dot1q)
layer = dot1q
# advance to the next layer
layer = layer.payload
packets.append(packet)
wrpcap(sys.argv[2], packets)
脚本添加一个 vlan id 为 42 的 vlan 标签。
用法:./add-dot1q_pcap.py <source_file> <output_file>
我有一个数据包转储,想向数据包中注入一个 vlan 标记 (802.1q header)。
怎么做?
为了找到答案,我查看了 Scapy: Inserting a new layer and logging issues,这确实很有帮助,但包含一些废话。
我添加图层的解决方案,基于参考问题(add-dot1q_pcap.py):
import sys
from scapy.all import rdpcap, wrpcap, NoPayload, Ether, Dot1Q
# read all packets into buffer
# WARNING works only for small files
packets = []
for packet in rdpcap(sys.argv[1]):
# gets the first layer of the current packet
layer = packet.firstlayer()
# loop over the layers
while not isinstance(layer, NoPayload):
if 'chksum' in layer.default_fields:
del layer.chksum
if (type(layer) is Ether):
# adjust ether type
layer.type = 33024
# add 802.1q layer between Ether and IP
dot1q = Dot1Q(vlan=42)
dot1q.add_payload(layer.payload)
layer.remove_payload()
layer.add_payload(dot1q)
layer = dot1q
# advance to the next layer
layer = layer.payload
packets.append(packet)
wrpcap(sys.argv[2], packets)
脚本添加一个 vlan id 为 42 的 vlan 标签。
用法:./add-dot1q_pcap.py <source_file> <output_file>