Skip to main content

[scapy] Linux-Cooked pcap to ethernet

# The pcap file formatted by "Linux cooked"
# tcpdump -r myfile.pcap -nn
reading from file event1.pcap, link-type LINUX_SLL (Linux cooked)
...
...

# step1. read myfile.pcap
pkts = rdpcap("myfile.pcap");
# step2. read myfile.pcap
pkts = [Ether(src='00:11:22:33:44:55', dst='22:33:44:55:66:77')/pkt[1:] for pkt in pkts]
# step3. modify IP address and recalculate chksum
for pkt in pkts:
 pkt[1].dst='192.168.1.10';
 pkt[1].src='192.168.1.1';
 del pkt[IP].chksum
 del pkt[UDP].chksum
# step4. packet send
sendp(pkts[0]);

# step5. save pcap
 wrpcap("output.pcap",pkts);


# tcpdump -r output.pcap -nn
reading from file output.pcap, link-type EN10MB (Ethernet)
...
...

# pkt[1:] : It means IP layer
1) Before: Linux cooked / IP / UDP / UDP-Data
2) After: Ethernet / IP / UDP / UDP-Data

Labels:

Comments

Post a Comment

Popular posts from this blog

sanitize on in CMakeLists.txt

1. CMakeLists.txt set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address") add_compile_options(-fsanitize=address) If a subdir is set with add_subdirectory and a module that does not support sanitize is imported from the path and needs to be removed, add -fno-sanitize=address to add_compile_options in CMakeLists.txt of the subdir to remove it. Basically, if you enable sanitize, sanitize will adjust ulimit's core to 0, so core will not occur. You can do this by putting the following part as an environment variable. (Below is the part you put in systemd's service) 2. service file in systemd [Service] LimitCORE=infinity Environment="ASAN_OPTIONS=handle_segv=0:handle_abort=1:abort_on_error=1:disable_coredump=0"
Post a Comment
Read more

e1000e 0000:00:1f.6 eno1: Detected Hardware Unit Hang

 make a file: /usr/local/etc/ethtool.sh (eno1 is your mgmt i/f, vmbr0 is your bridge i/f.) #!/bin/bash ethtool -K eno1 gso off gro on tso off tx on rx on rxvlan on txvlan on sg on && ethtool -K vmbr0 gso off gro on tso off tx on rx on rxvlan on txvlan on sg on ethtool -G eno1 rx 4096 if you want to activate on reboot. /etc/systemd/system/ethtool.service [Unit] Description=ethtool script [Service] WorkingDirectory=/usr/local/etc/ ExecStart=/usr/local/etc/ethtool.sh [Install] WantedBy=multi-user.target then systemctl enable ethtool.service && systemctl start ethtool.service refs: https://forum.proxmox.com/threads/e1000-driver-hang.58284/page-8#post-390709
Post a Comment
Read more

[docker/redmine] run redmine with sqlite3 in docker

Basic Rule:  I want to use "/home2/home/redmine" directory for redmine DB.  I want to use sqlite3 for redmine. 1. in host side  # adduser redmine 2. in host side. (go into dockers container for copying base files to host)  # docker run -it -v /home2/home/redmine/:/usr/src/redmine/HOST --name redmine -p 80:3000 redmine bash 2-1. in redmine container of docker : work dir is /usr/src/redmine  # cp -a config HOST/  # cp -a db HOST/  # exit 2-2. in host side : remove all docker contatiners  # docker rm $(docker ps -a -q) 2-3. in host side : chown directories.  # cd /home2/home/redmine  # chown redmine.redmine . -R 3. edit "/home2/home/redmine/config/database.yml" production:   adapter: sqlite3   database: sqlite/redmine.db   host: localhost 4. Run Redmine with daemonized.  # docker run -d -v /etc/passwd:/etc/passwd:ro -v /home2/home/redmine/DB:/usr/src/redmine/sqlite -v /home2/home/redmine/con...
Post a Comment
Read more