scapy.contrib.tzsp

TZSP - TaZmen Sniffer Protocol

author:

Thomas Tannhaeuser, hecke@naberius.de

description:

This module provides Scapy layers for the TZSP protocol.

references:

• https://en.wikipedia.org/wiki/TZSP

• https://web.archive.org/web/20050404125022/http://www.networkchemistry.com/support/appnotes/an001_tzsp.html # noqa: E501

NOTES:

• to allow Scapy to dissect this layer automatically, you need to bind the TZSP layer to UDP using # noqa: E501 the default TZSP port (0x9090), e.g.

  bind_layers(UDP, TZSP, sport=TZSP_PORT_DEFAULT) bind_layers(UDP, TZSP, dport=TZSP_PORT_DEFAULT)

• packet format definition from www.networkchemistry.com is different from the one given by wikipedia # noqa: E501

• seems Wireshark implements the wikipedia protocol version (didn’t dive into their code) # noqa: E501

• observed (miss)behavior of Wireshark (2.2.6) - fails to decode RSSI & SNR using short values - only one byte taken - SNR is labeled as silence - WlanRadioHdrSerial is labeled as Sensor MAC - doesn’t know the packet count tag (40 / 0x28)

class scapy.contrib.tzsp.TZSP(_pkt, /, *, version=1, type=0, encapsulated_protocol=1)

Bases: Packet

ENCAPSULATED_ETHERNET = 1

ENCAPSULATED_IEEE_802_11 = 18

ENCAPSULATED_PRISM_HEADER = 119

ENCAPSULATED_PROTOCOLS = {1: 'ETHERNET', 18: 'IEEE 802.11', 119: 'PRISM HEADER', 127: 'WLAN AVS'}

ENCAPSULATED_PROTOCOL_CLASSES = {1: <class 'scapy.layers.l2.Ether'>, 18: <class 'scapy.layers.dot11.Dot11'>, 119: <class 'scapy.layers.dot11.PrismHeader'>, 127: <class 'scapy.contrib.avs.AVSWLANHeader'>}

ENCAPSULATED_WLAN_AVS = 127

TYPES = {0: 'RX_PACKET', 1: 'TX_PACKET', 3: 'CONFIG', 4: 'KEEPALIVE/NULL', 5: 'PORT'}

TYPE_CONFIG = 3

TYPE_KEEPALIVE = 4

TYPE_NULL = 4

TYPE_PORT = 5

TYPE_RX_PACKET = 0

TYPE_TX_PACKET = 1

aliastypes = [<class 'scapy.contrib.tzsp.TZSP'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (TZSP).version>, <ByteEnumField (TZSP).type>, <ShortEnumField (TZSP).encapsulated_protocol>]

get_encapsulated_payload()

get_encapsulated_payload_class()

get the class that holds the encapsulated payload of the TZSP packet :return: class representing the payload, Raw() on error

guess_payload_class(payload)

exception scapy.contrib.tzsp.TZSPStructureException

Bases: Scapy_Exception

class scapy.contrib.tzsp.TZSPTagContentionFree(_pkt, /, *, type=15, len=1, contention_free=0)

Bases: _TZSPTag

packet received in contention free period

NO = 0

YES = 1

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagContentionFree'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagContentionFree).type>, <ByteField (TZSPTagContentionFree).len>, <YesNoByteField (TZSPTagContentionFree).contention_free>]

class scapy.contrib.tzsp.TZSPTagDataRate(_pkt, /, *, type=12, len=1, data_rate=0)

Bases: _TZSPTag

wireless link data rate

DATA_RATES = {0: 'unknown', 2: '1 MB/s', 4: '2 MB/s', 10: '1 MB/s (legacy)', 11: '5.5 MB/s', 12: '6 MB/s', 18: '9 MB/s', 20: '2 MB/s (legacy)', 22: '11 MB/s', 24: '12 MB/s', 36: '18 MB/s', 44: '22 MB/s', 48: '24 MB/s', 55: '5.5 MB/s (legacy)', 66: '33 MB/s', 72: '36 MB/s', 96: '48 MB/s', 108: '54 MB/s', 110: '11 MB/s (legacy)'}

DATA_RATE_1 = 2

DATA_RATE_11 = 22

DATA_RATE_12 = 24

DATA_RATE_18 = 36

DATA_RATE_2 = 4

DATA_RATE_22 = 44

DATA_RATE_24 = 48

DATA_RATE_33 = 66

DATA_RATE_36 = 72

DATA_RATE_48 = 96

DATA_RATE_54 = 108

DATA_RATE_5_5 = 11

DATA_RATE_6 = 12

DATA_RATE_9 = 18

DATA_RATE_LEGACY_1 = 10

DATA_RATE_LEGACY_11 = 110

DATA_RATE_LEGACY_2 = 20

DATA_RATE_LEGACY_5_5 = 55

DATA_RATE_UNKNOWN = 0

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagDataRate'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagDataRate).type>, <ByteField (TZSPTagDataRate).len>, <ByteEnumField (TZSPTagDataRate).data_rate>]

class scapy.contrib.tzsp.TZSPTagDecrypted(_pkt, /, *, type=16, len=1, decrypted=1)

Bases: _TZSPTag

packet was decrypted

NO = 1

YES = 0

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagDecrypted'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagDecrypted).type>, <ByteField (TZSPTagDecrypted).len>, <YesNoByteField (TZSPTagDecrypted).decrypted>]

class scapy.contrib.tzsp.TZSPTagEnd(_pkt, /, *, type=1)

Bases: Packet

last tag

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagEnd'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagEnd).type>]

guess_payload_class(payload)

the type of the payload encapsulation is given be the outer TZSP layers attribute encapsulation_protocol # noqa: E501

class scapy.contrib.tzsp.TZSPTagError(_pkt, /, *, type=17, len=1, fcs_error=0)

Bases: _TZSPTag

frame checksum error

NO = 0

YES = 1

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagError'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagError).type>, <ByteField (TZSPTagError).len>, <YesNoByteField (TZSPTagError).fcs_error>]

class scapy.contrib.tzsp.TZSPTagPacketCount(_pkt, /, *, type=40, len=4, packet_count=0)

Bases: _TZSPTag

packet counter

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagPacketCount'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagPacketCount).type>, <ByteField (TZSPTagPacketCount).len>, <IntField (TZSPTagPacketCount).packet_count>]

class scapy.contrib.tzsp.TZSPTagPadding(_pkt, /, *, type=0)

Bases: _TZSPTag

padding tag (should be ignored)

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagPadding'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagPadding).type>]

class scapy.contrib.tzsp.TZSPTagRXChannel(_pkt, /, *, type=18, len=1, rx_channel=0)

Bases: _TZSPTag

channel the sensor was on while receiving the frame

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagRXChannel'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagRXChannel).type>, <ByteField (TZSPTagRXChannel).len>, <ByteField (TZSPTagRXChannel).rx_channel>]

class scapy.contrib.tzsp.TZSPTagRXFrameLength(_pkt, /, *, type=41, len=2, rx_frame_length=0)

Bases: _TZSPTag

received packet length

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagRXFrameLength'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagRXFrameLength).type>, <ByteField (TZSPTagRXFrameLength).len>, <ShortField (TZSPTagRXFrameLength).rx_frame_length>]

class scapy.contrib.tzsp.TZSPTagRawRSSIByte(_pkt, /, *, type=10, len=1, raw_rssi=0)

Bases: _TZSPTag

relative received signal strength - signed byte value

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagRawRSSIByte'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagRawRSSIByte).type>, <ByteField (TZSPTagRawRSSIByte).len>, <ByteField (TZSPTagRawRSSIByte).raw_rssi>]

class scapy.contrib.tzsp.TZSPTagRawRSSIShort(_pkt, /, *, type=10, len=2, raw_rssi=0)

Bases: _TZSPTag

relative received signal strength - signed short value

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagRawRSSIShort'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagRawRSSIShort).type>, <ByteField (TZSPTagRawRSSIShort).len>, <ShortField (TZSPTagRawRSSIShort).raw_rssi>]

class scapy.contrib.tzsp.TZSPTagSNRByte(_pkt, /, *, type=11, len=1, snr=0)

Bases: _TZSPTag

signal noise ratio - signed byte value

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagSNRByte'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagSNRByte).type>, <ByteField (TZSPTagSNRByte).len>, <ByteField (TZSPTagSNRByte).snr>]

class scapy.contrib.tzsp.TZSPTagSNRShort(_pkt, /, *, type=11, len=2, snr=0)

Bases: _TZSPTag

signal noise ratio - signed short value

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagSNRShort'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagSNRShort).type>, <ByteField (TZSPTagSNRShort).len>, <ShortField (TZSPTagSNRShort).snr>]

class scapy.contrib.tzsp.TZSPTagTimestamp(_pkt, /, *, type=13, len=4, timestamp=0)

Bases: _TZSPTag

MAC receive timestamp

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagTimestamp'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagTimestamp).type>, <ByteField (TZSPTagTimestamp).len>, <IntField (TZSPTagTimestamp).timestamp>]

class scapy.contrib.tzsp.TZSPTagUnknown(_pkt, /, *, type=255, len=None, data=b'')

Bases: _TZSPTag

unknown tag type dummy

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagUnknown'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (TZSPTagUnknown).type>, <FieldLenField (TZSPTagUnknown).len>, <XStrLenField (TZSPTagUnknown).data>]

class scapy.contrib.tzsp.TZSPTagWlanRadioHdrSerial(_pkt, /, *, type=60, len=None, sensor_id=b'')

Bases: _TZSPTag

(vendor specific) unique capture device (sensor/AP) identifier

aliastypes = [<class 'scapy.contrib.tzsp.TZSPTagWlanRadioHdrSerial'>, <class 'scapy.contrib.tzsp._TZSPTag'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (TZSPTagWlanRadioHdrSerial).type>, <FieldLenField (TZSPTagWlanRadioHdrSerial).len>, <StrLenField (TZSPTagWlanRadioHdrSerial).sensor_id>]