1#!/usr/local/bin/python3 2# old fragment completely overlaps new one 3 4# |------------| 5# |XXXX| 6# |----| 7 8# If the current fragment is completely overlapped by existing ones, 9# drop the newer fragment. 10# if (precut >= frent->fe_len) 11# goto bad_fragment; 12# 'Nearer' traffic wins. 13 14import os 15import threading 16from addr import * 17from scapy.all import * 18 19class Sniff1(threading.Thread): 20 filter = None 21 captured = None 22 packet = None 23 def run(self): 24 self.captured = sniff(iface=SRC_IF, filter=self.filter, 25 count=1, timeout=3) 26 if self.captured: 27 self.packet = self.captured[0] 28 29dstaddr=sys.argv[1] 30pid=os.getpid() 31eid=pid & 0xffff 32payload=b"ABCDEFGHIJKLOMNOQRSTUVWX" 33dummy=b"01234567" 34packet=IP(src=SRC_OUT, dst=dstaddr)/ICMP(type='echo-request', id=eid)/payload 35fid=pid & 0xffff 36frag0=bytes(packet)[20:28] 37frag1=dummy 38frag2=bytes(packet)[28:52] 39pkt0=IP(src=SRC_OUT, dst=dstaddr, proto=1, id=fid, frag=0, flags='MF')/frag0 40pkt1=IP(src=SRC_OUT, dst=dstaddr, proto=1, id=fid, frag=2, flags='MF')/frag1 41pkt2=IP(src=SRC_OUT, dst=dstaddr, proto=1, id=fid, frag=1)/frag2 42eth=[] 43eth.append(Ether(src=SRC_MAC, dst=PF_MAC)/pkt2) 44eth.append(Ether(src=SRC_MAC, dst=PF_MAC)/pkt1) 45eth.append(Ether(src=SRC_MAC, dst=PF_MAC)/pkt0) 46 47sniffer = Sniff1(); 48sniffer.filter = "ip and src %s and dst %s and icmp" % (dstaddr, SRC_OUT) 49sniffer.start() 50time.sleep(1) 51sendp(eth, iface=SRC_IF) 52sniffer.join(timeout=5) 53a = sniffer.packet 54 55if a and a.type == ETH_P_IP and \ 56 a.payload.proto == 1 and \ 57 a.payload.frag == 0 and a.payload.flags == 0 and \ 58 icmptypes[a.payload.payload.type] == 'echo-reply': 59 id=a.payload.payload.id 60 print("id=%#x" % (id)) 61 if id != eid: 62 print("WRONG ECHO REPLY ID") 63 exit(2) 64 load=a.payload.payload.payload.load 65 print("payload=%s" % (load)) 66 if load == payload: 67 exit(0) 68 print("PAYLOAD!=%s" % (payload)) 69 exit(1) 70print("NO ECHO REPLY") 71exit(2) 72