Scapy: how to get the full IP packet header?

Question

Scapy: how to get the full IP packet header?

In Scapy, I want to manually map packets to corresponding messages that exceed ICMP.

I need to map:

ICMP IP-in-ICMP field
The IP header and the first 8 bytes of my data packet ICMP packet is not a problem:
icmpPayload = str (icmpPacket [ICMP] .payload)

As for the first 8 bytes of the data packet, I just need to do:

str(myPacket[IP].payload)[:8]

I do not know how to get only the IP header myPacket. Everything I do now replaces the payload of the entire packet with the first 8 bytes. I'm afraid that finding and replacing, if applied to thousands of packages, might take too long.

 strOfMyPacket = str(myPacket[IP])
 strOfMyPacket.replace(str(myPacket[IP].payload),str(myPacket[IP].payload)[:8],1)

Any faster way that will allow me to do the following:

 partOfPayload = str(myPacket[IP].payload)[:8]
 fullHeader = _______
 stringToCompare = fullHeader + partOfPayload

+5

python header ip scapy

Ricky robinson Aug 3 '12 at 11:13

source

2

- , , remove_payload() Packet ( IP). . scapy, , , .

>>> ip = IP(dst='10.0.0.1', src='10.0.0.14', ttl=255)/ICMP()
>>> hexdump(ip)
0000   45 00 00 1C 00 01 00 00  FF 01 A7 D1 0A 00 00 0E   E...............
0010   0A 00 00 01 **08 00 F7 FF  00 00 00 00**               ............
>>> ip.remove_payload()
>>> hexdump(ip)
0000   45 00 00 14 00 01 00 00  FF 00 A7 DA 0A 00 00 0E   E...............
0010   0A 00 00 01                                        ....
>>>

+3

Yunus Can Emre 08 . '15 7:17

tMC · Accepted Answer · 2012-08-24T14:50:08+0000

str(myPacket)[:(myPacket[IP].ihl * 4)]

IP ihl ( ). 32- , . ( - "options" ). , 32, 8 ( * 4), , , .

, ( ), JUST IP- .

http://en.wikipedia.org/wiki/IPv4_header#Header

Scapy: how to get the full IP packet header?

More articles: