Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Get header ip options and padding with dpkt #417

Open
andypitcher opened this issue Jul 16, 2018 · 1 comment
Open

Get header ip options and padding with dpkt #417

andypitcher opened this issue Jul 16, 2018 · 1 comment
Labels

Comments

@andypitcher
Copy link

Hi,

Is there a way to retrieve the ip options and padding from ip.py in dpkt? I would like to get router alert at the end, and the padding,
I can't find the options within the below code when hdr is defining the ip header values:

class IP(dpkt.Packet):
    """Internet Protocol.
    TODO: Longer class information....
    Attributes:
        __hdr__: Header fields of IP.
        TODO.
    """

    __hdr__ = (
        ('_v_hl', 'B', (4 << 4) | (20 >> 2)),
        ('tos', 'B', 0),
        ('len', 'H', 20),
        ('id', 'H', 0),
        ('off', 'H', 0),
        ('ttl', 'B', 64),
        ('p', 'B', 0),
        ('sum', 'H', 0),
        ('src', '4s', b'\x00' * 4),
        ('dst', '4s', b'\x00' * 4)
    )
    _protosw = {}
    opts = b''

Thanks!

@andypitcher
Copy link
Author

Hi,

This issue can be partially resolved, here is the code to retrieve IP router alert:

  #Check router alert (HL has to be above 5 and ip.opts == '\x94\x04\x00\x00')
            if ip.hl > 5:
                if ip.opts == dpkt.ip.IP_OPT_RALERT:
                    ip_ralert=1

IP_OPT_RALERT line has been added to dpkt ip.py source code:


# Reserved Addresses
IP_ADDR_ANY = "\x00\x00\x00\x00"    # 0.0.0.0
IP_ADDR_BROADCAST = "\xff\xff\xff\xff"    # 255.255.255.255
IP_ADDR_LOOPBACK = "\x7f\x00\x00\x01"    # 127.0.0.1
IP_ADDR_MCAST_ALL = "\xe0\x00\x00\x01"    # 224.0.0.1
IP_ADDR_MCAST_LOCAL = "\xe0\x00\x00\xff"    # 224.0.0.255
IP_OPT_RALERT= "\x94\x04\x00\x00"

Cheers!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants