堆栈内存溢出
  简体   繁体   English

在 scapy 中通过物理环回发送数据包

[英]Sending a packet over physical loopback in scapy

 原文  2016-12-15 14:19:54       python/ linux/ networking/ scapy

问题描述

I've recently discovered Scapy & it looks wonderful我最近发现了 Scapy,它看起来很棒

I'm trying to look at simple traffic over a physical loopback module / stub on my NIC.我正在尝试查看 NIC 上物理环回模块/存根上的简单流量。

But Scapy sniff doesn't give anything但 Scapy 嗅探并没有给出任何东西

What I'm doing to send a packet is:我正在做的发送数据包是:

payload = 'data'*10
snf = sniff(filter="icmp", iface="eth0")
for x in xrange(1, 10):
  sendp(Ether(dst=src_mac, src=spoof_src_mac)/IP(dst=dst_ip, src=spoof_src_ip)/ICMP()/payload, iface=ifname)

f.open('scapylog.log', 'w')
f.write(str(snf))

with src_mac = my mac address & dsp_ip my ip address. src_mac = 我的 mac 地址 & dsp_ip 我的 ip 地址。 the "spoof" fields are just random (valid) mac & ip values. “欺骗”字段只是随机(有效)的 mac 和 ip 值。

The resulting sniff / logfile is empty.结果嗅探/日志文件是空的。 nothing to report没什么可报告的

I can see that traffic is going in the network through the ifconfig stats of the interfaces that increment each time I call this script - so traffic is flowing...我可以看到流量通过接口的 ifconfig 统计信息进入网络,每次我调用这个脚本时都会增加 - 所以流量正在流动......

If someone has an idea why I'm not seeing my traffic I'd be happy to hear :)如果有人知道为什么我看不到我的流量,我会很高兴听到:)

Thanks!谢谢!

1 个解决方案

解决方案1
 4  2017-01-03 18:25:01

Just stumbled across your question while looking for a similar solution myself.只是在自己寻找类似的解决方案时偶然发现了您的问题。 I found this on the Scapy Troubleshooting page:我在Scapy 故障排除页面上找到了这个:

The loopback interface is a very special interface.环回接口是一个非常特殊的接口。 Packets going through it are not really assembled and dissassembled.通过它的数据包并没有真正组装和拆卸。 The kernel routes the packet to its destination while it is still stored an internal structure.内核将数据包路由到其目的地,同时它仍存储在内部结构中。 What you see with tcpdump -i lo is only a fake to make you think everything is normal.你用 tcpdump -i lo 看到的只是假的,让你觉得一切正常。 The kernel is not aware of what Scapy is doing behind his back, so what you see on the loopback interface is also a fake.内核不知道 Scapy 在背后做什么,所以你在环回接口上看到的也是假的。 Except this one did not come from a local structure.除了这个不是来自本地结构。 Thus the kernel will never receive it.因此内核永远不会收到它。

In order to speak to local applications, you need to build your packets one layer upper, using a PF_INET/SOCK_RAW socket instead of a PF_PACKET/SOCK_RAW (or its equivalent on other systems than Linux):为了与本地应用程序对话,您需要使用 PF_INET/SOCK_RAW 套接字而不是 PF_PACKET/SOCK_RAW(或在 Linux 以外的其他系统上的等效项)将数据包构建到上一层:

>>> conf.L3socket
<class __main__.L3PacketSocket at 0xb7bdf5fc>
>>> conf.L3socket=L3RawSocket
>>> sr1(IP(dst="127.0.0.1")/ICMP())
<IP  version=4L ihl=5L tos=0x0 len=28 id=40953 flags= frag=0L ttl=64 proto=ICMP chksum=0xdce5 src=127.0.0.1 dst=127.0.0.1 options='' |<ICMP  type=echo-reply code=0 chksum=0xffff id=0x0 seq=0x0 |>>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 带有小包的数据包发送 - Packet sending with scapy 简单的scapy脚本不发送数据包 - Simple scapy script not sending packet 发送scapy IP数据包,没有接口IP错误 - Sending scapy IP packet with no interface IP error 如何一遍又一遍地发送数据包直到响应(Scapy) - How to send a packet over and over until response (Scapy) Scapy将原型作为ipv6发送给ipv4数据包 - Scapy sending proto as ipv6 for a ipv4 packet scapy花费无限时间发送TCP SYN数据包而没有回复。 - scapy takes infinite time sending TCP SYN packet with no reply. 如何通过Scapy发送FIN数据包关闭连接? - How can I close a connection via scapy sending a FIN packet? 用scapy指定数据包长度 - Specifying packet length with scapy Scapy代理HTTP数据包 - Scapy proxy HTTP packet 如何腌制一个scapy包? - How to pickle a scapy packet?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM