Scapy：IPv6數據包正在作爲原始數據包接收

Question

我正在嘗試爲IPv6建立TCP握手。 SYN數據包被髮送。接口收到SYN/ACK。

我做了接收數據包的hexdump，還pkt.show（）。我得到了以下輸出：

hexdump(pkt) 
    0000 00 30 48 FA 2C 4D 64 64 9B 75 60 01 81 00 00 01 .0H.,Mdd.u`..... 
    0010 81 00 00 01 88 64 11 00 00 01 00 42 00 57 60 00 .....d.....B.W`. 
    0020 00 00 00 18 06 40 20 11 00 01 00 00 00 00 00 00 .....@ ......... 
    0030 00 00 00 00 00 01 20 11 00 01 00 00 00 00 00 00 ...... ......... 
    0040 00 00 00 00 00 02 00 50 A1 F0 00 00 00 01 00 00 .......P........ 
    0050 00 01 60 12 FF FE B5 CA 00 00 02 04 05 98   ..`........... 

    pkt.show() 
    ###[ Ethernet ]### 
     dst  = 00:30:48:fa:2c:4d 
     src  = 64:64:9b:75:60:01 
     type  = 0x8100 
    ###[ 802.1Q ]### 
    prio  = 0L 
    id  = 0L 
    vlan  = 1L 
    type  = 0x8100 
    ###[ 802.1Q ]### 
     prio  = 0L 
     id  = 0L 
     vlan  = 1L 
     type  = 0x8864 
    ###[ PPP over Ethernet ]### 
      version = 1L 
      type  = 1L 
      code  = Session 
      sessionid = 0x1 
      len  = 66 
    ###[ PPP Link Layer ]### 
       proto  = Internet Protocol version 6 [Hinden] 
    ###[ Raw ]### 
       load  = '`\x00\x00\x00\x00\x18\x06@ \x11\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01 \x11\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00P\xa1\xf0\x00\x00\x00\x01\x00\x00\x00\x01`\x12\xff\xfe\xb5\xca\x00\x00\x02\x04\x05\x98' 

爲什麼IPv6數據包將作爲原始數據包來？

Answer 1

這看起來像Scapy中的一個錯誤，可能在PPP裁剪器中。一些診斷和解決方法如下。

我們可以重現你的錯誤有：

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether 

pkt1=Ether(input) 

# Stops at "RAW" after PPP transport 
pkt1.show() 

如果我們把它遠一點和檢查Raw層，它看起來像一個真正的IPv6數據包，但。

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether, IPv6, Raw 

pkt1=Ether(input) 

# Check the rest of the parsing makes sense: 
pkt2=IPv6(pkt1[Raw].load) 

# Pkt2 is just the IPv6 bit now 
pkt2.show() 

最後，我們可以藉此得出的邏輯結論，並用它來生成所有正確的層的Scapy的包：

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether, IPv6, Raw 

pkt1=Ether(input) 
pkt2=IPv6(pkt1[Raw].load) 

del pkt1[Raw] 
pkt1=(pkt1/pkt2) 
pkt1.show() 

，然後給我們，我們可以通過做驗證此使用Scapy的：

###[ Ethernet ]### 
    dst  = 00:30:48:fa:2c:4d 
    src  = 64:64:9b:75:60:01 
    type  = n_802_1Q 
###[ 802.1Q ]### 
    prio  = 0L 
    id  = 0L 
    vlan  = 1L 
    type  = n_802_1Q 
###[ 802.1Q ]### 
     prio  = 0L 
     id  = 0L 
     vlan  = 1L 
     type  = PPP_SES 
###[ PPP over Ethernet ]### 
      version = 1L 
      type  = 1L 
      code  = Session 
      sessionid = 0x1 
      len  = 66 
###[ PPP Link Layer ]### 
       proto  = Internet Protocol version 6 [Hinden] 
###[ IPv6 ]### 
       version = 6L 
       tc  = 0L 
       fl  = 0L 
       plen  = 24 
       nh  = TCP 
       hlim  = 64 
       src  = 2011:1::1 
       dst  = 2011:1::2 
###[ TCP ]### 
        sport  = http 
        dport  = 41456 
        seq  = 1 
        ack  = 1 
        dataofs = 6L 
        reserved = 0L 
        flags  = SA 
        window = 65534 
        chksum = 0xb5ca 
        urgptr = 0 
        options = [('MSS', 1432)] 

一個更好的解決辦法，雖然是告訴Scapy的關於層本身之間的關係，使用下列內容：

import binascii 

input=binascii.unhexlify("003048FA2C4D64649B756001810000018100000188641100000100420057600000000018064020110001000000000000000000000001201100010000000000000000000000020050A1F000000001000000016012FFFEB5CA000002040598") 

from scapy.all import Ether, IPv6, PPP, bind_layers 

bind_layers(PPP,   IPv6,   proto=0x0057) 

# Now works correctly out the box 
pkt1=Ether(input) 
pkt1.show() 

對bind_layers的調用應該在scapy/layers/ppp.py中，如果您想寫一個適當的補丁。