[英]Capturing traffic of two hosts in Mininet with Python
I currently have two hosts which run a client and server Python program which send TLS traffic to one another - I have tested this outside of mininet to confirm it works (and it does!).我目前有两台主机,它们运行一个客户端和服务器 Python 程序,它们将 TLS 流量相互发送 - 我已经在 mininet 之外测试了它以确认它可以工作(并且确实如此!)。
However, the goal here is to use tcpdump /tshark/wireshark to capture the TLS traffic between these two hosts.但是,这里的目标是使用tcpdump /tshark/wireshark 来捕获这两个主机之间的 TLS 流量。 I have tried things such as using
quietRun
or subprocess.Popen
to call tcpdump -i any -w capture.pcap
however these do not seem to capture the traffic for my hosts, or they stall until I ctrl+c and/or go straight to the CLI(net).我已经试过的东西,如使用
quietRun
或subprocess.Popen
调用tcpdump -i any -w capture.pcap
但这些似乎并没有捕捉到的交通为我的主机,或者拖延,直到我CTRL + C和/或直接进入CLI(网络)。
For reference;以供参考; this is all using mininet CLI - the aim is to do this programmatically
这都是使用 mininet CLI - 目的是以编程方式执行此操作
Below is the current code:以下是当前代码:
#!/usr/bin/python
# -*- coding: utf-8 -*-
# from sys import exit # pylint: disable=redefined-builtin
import sys
import os
import subprocess
import time
from functools import partial
from mininet.node import Host, UserSwitch, OVSKernelSwitch, Controller, Switch
from mininet.topo import Topo, SingleSwitchTopo
from mininet.util import quietRun, pmonitor
from mininet.log import error, lg, info, setLogLevel
from mininet.net import Mininet
from mininet.cli import CLI
from mininet.link import TCLink
class ExperimentTopology(Topo):
"""Custom mininet topology for robot-controller experiments"""
def __init__(self):
"""Create custom topology"""
# Initialize topology
Topo.__init__(self)
# Add hosts and switches
switch = self.addSwitch("s1")
h1= self.addHost("h1")
h2= self.addHost("h2")
# Set link parameters (delay, etc.)
# bw = Bandwidth in Mbps
# delay = Link delay (s, ms, us)
# loss = Percentage packet loss
# max_queue_size = Maximum queue size
# use_htb = Use the Hierarchical Token Bucket rate limiter and netem delay/loss emulator?
# linkopts = dict(bw=10, delay="5ms", loss=10) #max_queue_size=1000
# Add links
self.addLink(switch, h1) # to use params, add ", **linkopts"
self.addLink(switch, h2)
def main():
lg.setLogLevel("info")
# quietRun('tcpdump -i any -w capture.pcap')
net = Mininet(topo=ExperimentTopology(), waitConnected=True)
net.start()
h1= net.get('h1')
h1p= robot.popen('python3 tls_server.py -i %s -p %d &' % (str(h1.IP()), 443))
# time.sleep(10)
h2 = net.get('h2')
h2.cmd('python3 tls_client.py -i %s -p %d -m %s -d %s -s %s' % (str(h2.IP()), 443, 'x', 1, '12.5'))
# net.popen('tcpdump -i any -w capture.pcap') # _process = subprocess.Popen(['sudo', 'tcpdump', '-i', 'any', '-w', 'capture.pcap'])
s1 = net.get('s1')
s1.cmd(os.system('sudo tshark -w $HOME/captures/capture.pcap'))
CLI(net)
h1p.terminate()
net.stop()
# _process.terminate()
if __name__ == '__main__':
main()
** EDIT: TLS client and server files:: ** ** 编辑:TLS 客户端和服务器文件:: **
tls_client.py: tls_client.py:
#!/usr/bin/python
# -*- coding: utf-8 -*-
import socket
import ssl
import optparse
import time
from scapy.all import *
load_layer("usb")
parser = optparse.OptionParser()
parser.add_option('-i', dest='ip', default='127.0.0.1')
parser.add_option('-p', dest='port', type='int', default=12345)
parser.add_option('-m', dest='movement', default='x')
parser.add_option('-d', dest='distance', type='int', default=1)
parser.add_option('-s', dest='speed', default='12.5')
(options, args) = parser.parse_args()
hostname = options.ip # '127.0.0.1'
port = options.port # 443
context = ssl.SSLContext()
# Confirm these min + max values
MIN_X = 150
MAX_X = 300
MIN_Y = -230
MAX_Y = 230
MIN_Z = -50
MAX_Z = 150
MIN_SPEED = 12.5 # 12.5, 25, 50, 100
MAX_SPEED = 100.0
NUM_RUNS = 5
with socket.create_connection((hostname, port)) as sock:
with context.wrap_socket(sock, server_hostname=hostname) as ssock:
print(ssock.version())
# Load pcap file
# x_packets = rdpcap('pcaps/operation_move_x.pcapng')
# Now we have handshake and socket open, lets send messages
# Get data from wireshark dump, and use ssock.sendall(bytes)
# TODO: Set these (x,y,z) to the default starting values for robot
i = 0
g = 0
x = 0.00
y = 0.00
z = 0.00
f = options.speed # 12.5
if options.movement == 'x':
for j in range(NUM_RUNS):
i = 0
for k in [k for k in range(MIN_X, MAX_X+1, int(options.distance))]:
x = k
payload = '#' + str(i) + ' G' + str(g) + ' X' + str(x) + ' Y' + str(y) + ' Z' + str(z) + ' F' + str(f)
ssock.sendall(bytes(payload, encoding='utf-8'))
time.sleep(1)
i += 1
elif options.movement == 'y':
for j in range(NUM_RUNS):
i = 0
for k in [k for k in range(MIN_X, MAX_X+1, int(options.distance))]:
y = k
payload = '#' + str(i) + ' G' + str(g) + ' X' + str(x) + ' Y' + str(y) + ' Z' + str(z) + ' F' + str(f)
ssock.sendall(bytes(payload, encoding='utf-8'))
time.sleep(1)
i += 1
elif options.movement == 'z':
for j in range(NUM_RUNS):
i = 0
for k in [k for k in range(MIN_X, MAX_X+1, int(options.distance))]:
z = k
payload = '#' + str(i) + ' G' + str(g) + ' X' + str(x) + ' Y' + str(y) + ' Z' + str(z) + ' F' + str(f)
ssock.sendall(bytes(payload, encoding='utf-8'))
time.sleep(1)
i += 1
elif options.movement == 'xy':
for i in range(NUM_RUNS):
i = 0
for k in [k for k in range(MIN_X, MAX_X+1, int(options.distance))]: # y pos will be x-120 (too keep in Y range)
x = k
y = k-120
payload = '#' + str(i) + ' G' + str(g) + ' X' + str(x) + ' Y' + str(y) + ' Z' + str(z) + ' F' + str(f)
ssock.sendall(bytes(payload, encoding='utf-8'))
time.sleep(1)
i += 1
elif options.movement == 'xz':
for i in range(NUM_RUNS):
i = 0
z = 0
for k in [k for k in range(MIN_X, MAX_X+1, int(options.distance))]: # z pos will be (x/10)+5 (too keep in Z range)
x = k
if z == MAX_Z:
z = MAX_Z
else:
z += 1
payload = '#' + str(i) + ' G' + str(g) + ' X' + str(x) + ' Y' + str(y) + ' Z' + str(z) + ' F' + str(f)
ssock.sendall(bytes(payload, encoding='utf-8'))
time.sleep(1)
i += 1
elif options.movement == 'yz':
for i in range(NUM_RUNS):
i = 0
z = 0
for k in [k for k in range(MIN_Y, MAX_Y+1, int(options.distance))]:
y = k
if z >= MAX_Z:
z = 0
else:
z += 1
payload = '#' + str(i) + ' G' + str(g) + ' X' + str(x) + ' Y' + str(y) + ' Z' + str(z) + ' F' + str(f)
ssock.sendall(bytes(payload, encoding='utf-8'))
time.sleep(1)
i += 1
elif options.movement == 'xyz':
for i in range(NUM_RUNS):
i = 0
y = MIN_Y
z = MIN_Z
for k in [k for k in range(MIN_X, MAX_X+1)]:
x = k
if y >= MAX_Y:
y = 0
else:
y += 1
if z >= MAX_Z:
z = 0
else:
z += 1
payload = '#' + str(i) + ' G' + str(g) + ' X' + str(x) + ' Y' + str(y) + ' Z' + str(z) + ' F' + str(f)
ssock.sendall(bytes(payload, encoding='utf-8'))
time.sleep(1)
i += 1
** tls_server.py ** ** tls_server.py **
#!/usr/bin/python
# -*- coding: utf-8 -*-
import socket
import ssl
import optparse
parser = optparse.OptionParser()
parser.add_option('-i', dest='ip', default='')
parser.add_option('-p', dest='port', type='int', default=12345)
(options, args) = parser.parse_args()
hostname = options.ip # '127.0.0.1'
port = options.port # 443
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain('robot.cert', 'robot.key')
print('Loaded certificate and key..')
with socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) as sock:
print('Socket starting..')
sock.bind((hostname, port))
sock.listen(25)
with context.wrap_socket(sock, server_side=True) as ssock:
print('Socket connection established!')
(conn, addr) = ssock.accept()
f = open('server_output.txt', 'w')
while True:
message = conn.recv()
if not message:
break
# message = message.decode()
f.write('%s: %s\n' % (addr, message))
f.flush()
# print(message)
I have done this in the past by using the node's popen method to start the pcap and then the terminate to close the process and force it to record the pcap.过去我通过使用节点的popen方法启动 pcap 然后终止关闭进程并强制它记录 pcap 来完成此操作。
Say you have a node called h1 .假设您有一个名为h1的节点。 Then you can do
然后你可以做
h1_pcap = h1.popen('tcpdump -w h1_dump.pcap')
# Do stuff here
# ...
h1_pcap.terminate()
This should record all traffic on h1 into h1_dump.pcap once the script is executed.一旦执行脚本,这应该将 h1 上的所有流量记录到 h1_dump.pcap 中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.