Skip to main content

[scapy] Linux-Cooked pcap to ethernet

# The pcap file formatted by "Linux cooked"
# tcpdump -r myfile.pcap -nn
reading from file event1.pcap, link-type LINUX_SLL (Linux cooked)
...
...

# step1. read myfile.pcap
pkts = rdpcap("myfile.pcap");
# step2. read myfile.pcap
pkts = [Ether(src='00:11:22:33:44:55', dst='22:33:44:55:66:77')/pkt[1:] for pkt in pkts]
# step3. modify IP address and recalculate chksum
for pkt in pkts:
 pkt[1].dst='192.168.1.10';
 pkt[1].src='192.168.1.1';
 del pkt[IP].chksum
 del pkt[UDP].chksum
# step4. packet send
sendp(pkts[0]);

# step5. save pcap
 wrpcap("output.pcap",pkts);


# tcpdump -r output.pcap -nn
reading from file output.pcap, link-type EN10MB (Ethernet)
...
...

# pkt[1:] : It means IP layer
1) Before: Linux cooked / IP / UDP / UDP-Data
2) After: Ethernet / IP / UDP / UDP-Data

Labels:

Comments

Post a Comment

Popular posts from this blog

sanitize on in CMakeLists.txt

1. CMakeLists.txt set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address") add_compile_options(-fsanitize=address) If a subdir is set with add_subdirectory and a module that does not support sanitize is imported from the path and needs to be removed, add -fno-sanitize=address to add_compile_options in CMakeLists.txt of the subdir to remove it. Basically, if you enable sanitize, sanitize will adjust ulimit's core to 0, so core will not occur. You can do this by putting the following part as an environment variable. (Below is the part you put in systemd's service) 2. service file in systemd [Service] LimitCORE=infinity Environment="ASAN_OPTIONS=handle_segv=0:handle_abort=1:abort_on_error=1:disable_coredump=0"
Post a Comment
Read more

[bash-script] get_info.sh print cpu allocation infomation of threads

1) way1 ps xH -o 'pid tid cmd comm pcpu psr' 2) way2 #!/bin/bash TMP_FILE=$(mktemp /tmp/abc-script.XXXXXX) echo ${TMP_FILE} ps xH -o 'pid tid cmd comm pcpu ' > ${TMP_FILE} function make_header() {   echo -n "$1"   echo " psr" } function make_values() {   echo -n "$1"   STATUS_FILE=/proc/${2}/task/${3}/status   if [ -f ${STATUS_FILE} ] ; then     CPU_SET=`cat ${STATUS_FILE}  |grep Cpus_allowed_list |awk ' { print $2 } '`   else     CPU_SET="None"   fi   echo " ${CPU_SET}" } let IDX=0 while IFS='' read -r line || [[ -n "$line" ]]; do    LINE_SEP=( $line )    MY_PID=${LINE_SEP[0]}    MY_TID=${LINE_SEP[1]}    if [ ${IDX} -eq 0 ]; then      SZ_HEADER=`make_header "$line"`      echo ${SZ_HEADER}    else      SZ_VALUES=`make_values "$line" ${MY_PID} ${MY_TID}`      echo ${SZ_VALUES}...
Post a Comment
Read more

e1000e 0000:00:1f.6 eno1: Detected Hardware Unit Hang

 make a file: /usr/local/etc/ethtool.sh (eno1 is your mgmt i/f, vmbr0 is your bridge i/f.) #!/bin/bash ethtool -K eno1 gso off gro on tso off tx on rx on rxvlan on txvlan on sg on && ethtool -K vmbr0 gso off gro on tso off tx on rx on rxvlan on txvlan on sg on ethtool -G eno1 rx 4096 if you want to activate on reboot. /etc/systemd/system/ethtool.service [Unit] Description=ethtool script [Service] WorkingDirectory=/usr/local/etc/ ExecStart=/usr/local/etc/ethtool.sh [Install] WantedBy=multi-user.target then systemctl enable ethtool.service && systemctl start ethtool.service refs: https://forum.proxmox.com/threads/e1000-driver-hang.58284/page-8#post-390709
Post a Comment
Read more