Skip to main content

[scapy] Linux-Cooked pcap to ethernet

# The pcap file formatted by "Linux cooked"
# tcpdump -r myfile.pcap -nn
reading from file event1.pcap, link-type LINUX_SLL (Linux cooked)
...
...

# step1. read myfile.pcap
pkts = rdpcap("myfile.pcap");
# step2. read myfile.pcap
pkts = [Ether(src='00:11:22:33:44:55', dst='22:33:44:55:66:77')/pkt[1:] for pkt in pkts]
# step3. modify IP address and recalculate chksum
for pkt in pkts:
 pkt[1].dst='192.168.1.10';
 pkt[1].src='192.168.1.1';
 del pkt[IP].chksum
 del pkt[UDP].chksum
# step4. packet send
sendp(pkts[0]);

# step5. save pcap
 wrpcap("output.pcap",pkts);


# tcpdump -r output.pcap -nn
reading from file output.pcap, link-type EN10MB (Ethernet)
...
...

# pkt[1:] : It means IP layer
1) Before: Linux cooked / IP / UDP / UDP-Data
2) After: Ethernet / IP / UDP / UDP-Data

Labels:

Comments

Post a Comment

Popular posts from this blog

Redmine production.log to uri log

But.. It doesn't work well. (Because the sequence of line is not arranged.) It is better way to use ' redmine_access_logger' plugin than this #!/bin/bash # Setting LOG_FILE=/redmine-3.3.3/log/production.log #LOG_FILE=mylog.log PIDFILE=/var/run/redmine_info_log.pid # Program Variables OUTPUT_LOGDIR=`dirname ${LOG_FILE}` OPT_DEBUG=0 URI_FILTER_REGEX="(^\"/people/avatar)|(^/attachments/thumbnail/)|(^\"/issues/.*\.xml)" function echo_log() { if [ "$2" != "" ]; then echo "$1" >> $2 else echo "$1" fi } if [ -f $PIDFILE ] then PID=$(cat $PIDFILE) ps -p $PID > /dev/null 2>&1 if [ $? -eq 0 ] then echo "Process already running" exit 1 else ## Process not found assume not running echo $$ > $PIDFILE if [ $? -ne 0 ] then echo "Could not create PID file" exit 1 fi fi else echo $$ > $PIDFILE if [ $? -ne 0 ]
Post a Comment
Read more

[docker/redmine] run redmine with sqlite3 in docker

Basic Rule:  I want to use "/home2/home/redmine" directory for redmine DB.  I want to use sqlite3 for redmine. 1. in host side  # adduser redmine 2. in host side. (go into dockers container for copying base files to host)  # docker run -it -v /home2/home/redmine/:/usr/src/redmine/HOST --name redmine -p 80:3000 redmine bash 2-1. in redmine container of docker : work dir is /usr/src/redmine  # cp -a config HOST/  # cp -a db HOST/  # exit 2-2. in host side : remove all docker contatiners  # docker rm $(docker ps -a -q) 2-3. in host side : chown directories.  # cd /home2/home/redmine  # chown redmine.redmine . -R 3. edit "/home2/home/redmine/config/database.yml" production:   adapter: sqlite3   database: sqlite/redmine.db   host: localhost 4. Run Redmine with daemonized.  # docker run -d -v /etc/passwd:/etc/passwd:ro -v /home2/home/redmine/DB:/usr/src/redmine/sqlite -v /home2/home/redmine/config:/usr/src/redmine/config -v /home2/home/redmin
Post a Comment
Read more

[WordPress] Change https redirect in DB.

If you make an https redirect without thinking about SSL configuration: Check DB SELECT * from wp_options where option_name IN ('siteurl', 'home'); Update UPDATE wp_options SET option_value = REPLACE(option_value, 'https://your_domain', 'http://your_domain') WHERE option_name IN ('siteurl', 'home');
Post a Comment
Read more