问题描述
对于我想通过 Scapy 生成的每个数据包,我都有以下信息,它是 tcpdump 输出:
I have following information for each packet I want to generate via Scapy, it is tcpdump output:
1509472682.813373 MAC1 >MAC2, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 64271, offset 0, flags [DF], proto TCP (6), length 60)IP1.port1 >IP2.port2: Flags [S], cksum 0x4a0b (incorrect -> 0xe5b4), seq 1763588570, win 65535, options [mss 1460,sackOK,TS val 1098453 ecr 0,nop>,w0]
1509472682.813373 MAC1 > MAC2, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 64271, offset 0, flags [DF], proto TCP (6), length 60) IP1.port1 > IP2.port2: Flags [S], cksum 0x4a0b (incorrect -> 0xe5b4), seq 1763588570, win 65535, options [mss 1460,sackOK,TS val 1098453 ecr 0,nop,wscale 6], length 0
我已经生成了 TCP 数据包如下,但是当我通过 wireshark 检查它们时,似乎根本没有设置 Timestamp 选项和 Sack 未按我的预期设置.
I have generated TCP packets as follow, but when I check them via wireshark it seems that the Timestamp option is not set at all and Sack is not set as I have expected.
for r in (("mss","MSS"), ("sackOK","SAck"), ("nop","NOP"), ("TS ", "Timestamps "), ("val", "TSval"), ("ecr", "TSecr"), ("wscale","WScale")):
opt = opt.replace(*r)
opt=opt.split(",")
for op in opt:
op = op.split()
if len(op) == 2:
options.append((op[0],int(op[1])))
elif op[0] == "Timestamps": ## Need some modification, so that Scapy do not ignore it.
options.append((op[0],(int(op[2]),int(op[4]))))
elif op[0] == "SAck": ## How to set SAck option to be SAck Permitted?
options.append((op[0], ''))
else: # NOP
options.append((op[0], ()))
ip = ether/IP(src=ipsrc, dst=ipdst, len=ipLen, tos=frameTos, ttl=frameTtl, offset=frameOffset, id=frameId, flags=frameFlags, proto=protocol.lower())
if ack_n is None:
pkt = ip / TCP(sport=srcport, dport=dstport , flags=frameFlag, seq=int(seq_n), chksum=cksum, window=win, options=options) / secrets.token_bytes(frameLen-54)
else:
pkt = ip / TCP(sport=srcport, dport=dstport , flags=frameFlag, seq=int(seq_n), ack=ack_n, chksum=cksum, window=win, options=options) / secrets.token_bytes(frameLen-54)
pkt.time = frametime
wrpcap(output, pkt, append=True)
这是传递给我在开头提供的信息包的选项字段的内容:
Here is what is passed to options field for the packet I have provided its info at the beginning:
[('MSS', 1460), ('SAck', ''), ('Timestamps', (1098453, 0)), ('NOP', ()), ('WScale',6)]
但是当我通过 Wireshark 检查数据包时,Timestamps 选项没有设置,似乎 Scapy 忽略了它,并且 SAck 选项没有像我一样设置预期.
But when I check the packet via Wireshark the Timestamps option is not set, it seems that Scapy has ignored it, and the SAck option is not set as I have expected.
这是这个数据包选项字段在 Wireshark 中的样子:
Here is how this packet options field looks like in Wireshark:
这是我所期望的:
所以这里的问题是:
- 如何设置
timestamps,让Scapy不忽略它? - 如何设置
SAck,以便将其标记为允许.
- How to set
timestamps, so that the Scapy does not ignore it? - How to set
SAck, so that it is marked as permitted.
编辑 1:
我已经用SAck解决了这个问题,我应该把它作为('SAckOK', '')
I have solved the problem with SAck, I should pass it as ('SAckOK', '')
推荐答案
我终于找到了我设置错误的地方:
Finally I have find what I have set wrong:
正如我在第一次编辑中提到的,要设置允许选择性确认,我应该将选项作为 ('SAckOK', '') 传递给一个元组.
As I mentioned in my first edit, to set Selective Acknowledgment Permitted, I should pass option a tuple as ('SAckOK', '').
要设置 timestamp 我应该在内部元组中传递一个元组作为 ('Timestamp', (1098453, 0)) 选项,第一个参数是 Val 第二个是 Ecr.
To set timestamp I should pass option a tuple as ('Timestamp', (1098453, 0)) in the inner tuple the first argument is Val and the second one is Ecr.
这篇关于如何通过 Scapy 设置 TCP 选项(时间戳和 SAckOk)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!