Scapy SYN发送我们自己的IP地址
[英]Scapy SYN send on our own IP address
问题描述
I tried to send SYN packets on my local network and monitoring them with Wireshark and everything works just fine, except when i try to send a packet to my own ip address it "seems" to work because it says Sent 1 packet, but it is not really sent, i can't see the packet in Wireshark nor any answers to the packet. 
我尝试在我的本地网络上发送SYN数据包并使用Wireshark监控它们,一切正常,除非我尝试将数据包发送到我自己的IP地址,它似乎“工作”,因为它说发送1数据包,但它是没有真正发送,我看不到Wireshark中的数据包,也没有任何数据包的答案。 My setup is a computer A ( 192.168.0.1 ) with a TCP Socket Server listening on port 40508, and a computer B ( 192.168.0.2 ). 我的设置是计算机A(192.168.0.1),其中TCP套接字服务器侦听端口40508,计算机B(192.168.0.2)。
On Computer B i test: 在计算机B上我测试:
ip=IP(src="192.168.0.2",dst="192.168.0.1")
SYN=TCP(sport=40508,dport=40508,flags="S",seq=12345)
send(ip/SYN)
It works fine, i see the SYN packet on Wireshark and the SYN/ACK response from 192.168.0.1 它工作正常,我看到Wireshark上的SYN数据包和192.168.0.1的SYN / ACK响应
On Computer A i test: 在计算机A我测试:
ip=IP(src="192.168.0.1",dst="192.168.0.2")
SYN=TCP(sport=40508,dport=40508,flags="S",seq=12345)
send(ip/SYN)
It works fine too, i see the SYN packet and the RST/ACK ( there is no server listening on port 40508 on 192.168.0.2 so it sends a RST/ACK ) response from 192.168.0.2 它工作正常,我看到SYN数据包和RST / ACK(没有服务器侦听192.168.0.2上的端口40508,因此它发送RST / ACK)响应来自192.168.0.2
But when i try on Computer A : 但是当我尝试使用计算机A:
ip=IP(src="192.168.0.2",dst="192.168.0.1")
SYN=TCP(sport=40508,dport=40508,flags="S",seq=12345)
send(ip/SYN)
Nothing appears in Wireshark, as if the packet was never sent but it said like the other tests : Sent 1 packets. Wireshark中没有任何内容,好像数据包从未发送过,但它像其他测试一样说:发送1个数据包。 and returned no error whatsoever. 并且没有任何错误返回。 If i run the same test on computer B and try to send a packet to its own IP address i got the same problem. 如果我在计算机B上运行相同的测试并尝试将数据包发送到自己的IP地址,我遇到了同样的问题。
For my program i really need to send a SYN packet to my own IP address, is there a way to do that or is it impossible ? 对于我的程序,我真的需要将SYN数据包发送到我自己的IP地址,有没有办法做到这一点还是不可能?
Thanks in advance, 提前致谢,
Nolhian Nolhian
1 个解决方案
解决方案1
2 已采纳 2010-07-10 05:22:11
What network device(s) is your Wireshark installation listening on? 您正在收听Wireshark安装的网络设备是什么? I suspect it's listening on the actual network card (ethernet, wifi, or otherwise, as per the Wireshark FAQ ) -- and when sending from a computer to itself the OS can of course bypass the device (why bother with it?) and just do the "sending" by copying bits around within the TCP/IP stack in kernel memory. 我怀疑它正在侦听实际的网卡(以太网,wifi或其他方式,根据Wireshark 常见问题解答 ) - 当从计算机发送到自身时,操作系统当然可以绕过设备(为什么还要烦恼?)通过在内核内存中的TCP / IP堆栈中复制位来进行“发送”。
In other words I suspect your packet is being sent OK, just Wireshark may not see it. 换句话说,我怀疑你的数据包被发送OK,只是Wireshark的可能没看出来。 To verify this hypothesis, you could try (eg) using your browser to visit existent and nonexistent ports on your local machine, and see if Wireshark sees those packets or not. 要验证此假设,您可以尝试(例如)使用浏览器访问本地计算机上现有和不存在的端口,并查看Wireshark是否看到这些数据包。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.