Scapy：IPv6数据包正在作为原始数据包接收

Question

我正在尝试为IPv6建立TCP握手。 SYN数据包被发送。接口收到SYN/ACK。

我做了接收数据包的hexdump，还pkt.show（）。我得到了以下输出：

hexdump(pkt) 
    0000 00 30 48 FA 2C 4D 64 64 9B 75 60 01 81 00 00 01 .0H.,Mdd.u`..... 
    0010 81 00 00 01 88 64 11 00 00 01 00 42 00 57 60 00 .....d.....B.W`. 
    0020 00 00 00 18 06 40 20 11 00 01 00 00 00 00 00 00 .....@ ......... 
    0030 00 00 00 00 00 01 20 11 00 01 00 00 00 00 00 00 ...... ......... 
    0040 00 00 00 00 00 02 00 50 A1 F0 00 00 00 01 00 00 .......P........ 
    0050 00 01 60 12 FF FE B5 CA 00 00 02 04 05 98   ..`........... 

    pkt.show() 
    ###[ Ethernet ]### 
     dst  = 00:30:48:fa:2c:4d 
     src  = 64:64:9b:75:60:01 
     type  = 0x8100 
    ###[ 802.1Q ]### 
    prio  = 0L 
    id  = 0L 
    vlan  = 1L 
    type  = 0x8100 
    ###[ 802.1Q ]### 
     prio  = 0L 
     id  = 0L 
     vlan  = 1L 
     type  = 0x8864 
    ###[ PPP over Ethernet ]### 
      version = 1L 
      type  = 1L 
      code  = Session 
      sessionid = 0x1 
      len  = 66 
    ###[ PPP Link Layer ]### 
       proto  = Internet Protocol version 6 [Hinden] 
    ###[ Raw ]### 
       load  = '`\x00\x00\x00\x00\x18\x06@ \x11\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01 \x11\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00P\xa1\xf0\x00\x00\x00\x01\x00\x00\x00\x01`\x12\xff\xfe\xb5\xca\x00\x00\x02\x04\x05\x98' 

为什么IPv6数据包将作为原始数据包来？

Answer 1

这看起来像Scapy中的一个错误，可能在PPP裁剪器中。一些诊断和解决方法如下。

我们可以重现你的错误有：

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether 

pkt1=Ether(input) 

# Stops at "RAW" after PPP transport 
pkt1.show() 

如果我们把它远一点和检查Raw层，它看起来像一个真正的IPv6数据包，但。

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether, IPv6, Raw 

pkt1=Ether(input) 

# Check the rest of the parsing makes sense: 
pkt2=IPv6(pkt1[Raw].load) 

# Pkt2 is just the IPv6 bit now 
pkt2.show() 

最后，我们可以借此得出的逻辑结论，并用它来生成所有正确的层的Scapy的包：

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether, IPv6, Raw 

pkt1=Ether(input) 
pkt2=IPv6(pkt1[Raw].load) 

del pkt1[Raw] 
pkt1=(pkt1/pkt2) 
pkt1.show() 

，然后给我们，我们可以通过做验证此使用Scapy的：

###[ Ethernet ]### 
    dst  = 00:30:48:fa:2c:4d 
    src  = 64:64:9b:75:60:01 
    type  = n_802_1Q 
###[ 802.1Q ]### 
    prio  = 0L 
    id  = 0L 
    vlan  = 1L 
    type  = n_802_1Q 
###[ 802.1Q ]### 
     prio  = 0L 
     id  = 0L 
     vlan  = 1L 
     type  = PPP_SES 
###[ PPP over Ethernet ]### 
      version = 1L 
      type  = 1L 
      code  = Session 
      sessionid = 0x1 
      len  = 66 
###[ PPP Link Layer ]### 
       proto  = Internet Protocol version 6 [Hinden] 
###[ IPv6 ]### 
       version = 6L 
       tc  = 0L 
       fl  = 0L 
       plen  = 24 
       nh  = TCP 
       hlim  = 64 
       src  = 2011:1::1 
       dst  = 2011:1::2 
###[ TCP ]### 
        sport  = http 
        dport  = 41456 
        seq  = 1 
        ack  = 1 
        dataofs = 6L 
        reserved = 0L 
        flags  = SA 
        window = 65534 
        chksum = 0xb5ca 
        urgptr = 0 
        options = [('MSS', 1432)] 

一个更好的解决办法，虽然是告诉Scapy的关于层本身之间的关系，使用下列内容：

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether, IPv6, PPP, bind_layers 

bind_layers(PPP,   IPv6,   proto=0x0057) 

# Now works correctly out the box 
pkt1=Ether(input) 
pkt1.show() 

对bind_layers的调用应该在scapy/layers/ppp.py中，如果您想写一个适当的补丁。