scapy.layers.inet module

IPv4 (Internet Protocol v4).

class scapy.layers.inet.DestIPField(name, default)

Bases: scapy.fields.IPField, scapy.fields.DestField

bindings = {<class 'scapy.layers.inet.UDP'>: [('224.0.0.251', {'dport': 5353}), ('224.0.0.2', {'dport': 1985})], <class 'scapy.contrib.ospf.OSPF_Hdr'>: [('224.0.0.5', {})]}

i2h(pkt, x)

Convert internal value to human value

i2m(pkt, x)

Convert internal value to machine value

class scapy.layers.inet.ICMP

Bases: scapy.packet.Packet

aliastypes = [<class 'scapy.layers.inet.ICMP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

fields_desc = [<Field (ICMP,ICMPerror).type>, <Field (ICMP,ICMPerror).code>, <Field (ICMP,ICMPerror).chksum>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>]

guess_payload_class(payload)

DEV: Guesses the next payload class from layer bonds. Can be overloaded to use a different mechanism.

Parameters:payload (str) – the layer’s payload Returns:the payload class

hashret()

DEV: returns a string that has the same value for a request and its answer.

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

post_build(p, pay)

DEV: called right after the current layer is build.

Parameters:

• pkt (str) – the current packet (build by self_buil function)
• pay (str) – the packet payload (build by do_build_payload function)

Returns:

a string of the packet with the payload

class scapy.layers.inet.ICMPTimeStampField(name, default)

Bases: scapy.fields.IntField

any2i(pkt, val)

Try to understand the most input values possible and make an internal value from them

i2repr(pkt, val)

Convert internal value to a nice representation

re_hmsm = re.compile('([0-2]?[0-9])[Hh:](([0-5]?[0-9])([Mm:]([0-5]?[0-9])([sS:.]([0-9]{0,3}))?)?)?$')

class scapy.layers.inet.ICMPerror

Bases: scapy.layers.inet.ICMP

aliastypes = [<class 'scapy.layers.inet.ICMPerror'>, <class 'scapy.layers.inet.ICMP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

fields_desc = [<Field (ICMP,ICMPerror).type>, <Field (ICMP,ICMPerror).code>, <Field (ICMP,ICMPerror).chksum>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>]

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

post_dissection(pkt)

class scapy.layers.inet.IP

Bases: scapy.packet.Packet, scapy.layers.inet.IPTools

aliastypes = [<class 'scapy.layers.inet.IP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

extract_padding(s)

DEV: to be overloaded to extract current layer’s padding.

Parameters:s (str) – the current layer Returns:a couple of strings (actual layer, padding)

fields_desc = [<Field (IP,IPerror,_IPv46).version>, <Field (IP,IPerror,_IPv46).ihl>, <Field (IP,IPerror,_IPv46).tos>, <Field (IP,IPerror,_IPv46).len>, <Field (IP,IPerror,_IPv46).id>, <Field (IP,IPerror,_IPv46).flags>, <Field (IP,IPerror,_IPv46).frag>, <Field (IP,IPerror,_IPv46).ttl>, <Field (IP,IPerror,_IPv46).proto>, <Field (IP,IPerror,_IPv46).chksum>, <scapy.fields.Emph object>, <scapy.fields.Emph object>, <Field (IP,IPerror,_IPv46).options>]

fragment(fragsize=1480)

Fragment IP datagrams

hashret()

DEV: returns a string that has the same value for a request and its answer.

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

payload_guess = [({'frag': 0, 'proto': 4}, <class 'scapy.layers.inet.IP'>), ({'frag': 0, 'proto': 1}, <class 'scapy.layers.inet.ICMP'>), ({'frag': 0, 'proto': 6}, <class 'scapy.layers.inet.TCP'>), ({'frag': 0, 'proto': 17}, <class 'scapy.layers.inet.UDP'>), ({'frag': 0, 'proto': 47}, <class 'scapy.layers.l2.GRE'>), ({'proto': 41}, <class 'scapy.layers.inet6.IPv6'>), ({'proto': 112, 'dst': '224.0.0.18'}, <class 'scapy.contrib.carp.CARP'>), ({'proto': 132}, <class 'scapy.layers.sctp.SCTP'>), ({'proto': 88}, <class 'scapy.contrib.eigrp.EIGRP'>), ({'frag': 0, 'proto': 97}, <class 'scapy.contrib.etherip.EtherIP'>), ({'proto': 137}, <class 'scapy.contrib.mpls.MPLS'>), ({'frag': 0, 'proto': 2, 'ttl': 1}, <class 'scapy.contrib.igmp.IGMP'>), ({'frag': 0, 'proto': 2, 'ttl': 1, 'tos': 192, 'dst': '224.0.0.22'}, <class 'scapy.contrib.igmpv3.IGMPv3'>), ({'proto': 51}, <class 'scapy.layers.ipsec.AH'>), ({'proto': 50}, <class 'scapy.layers.ipsec.ESP'>), ({'proto': 89}, <class 'scapy.contrib.ospf.OSPF_Hdr'>), ({'proto': 46}, <class 'scapy.contrib.rsvp.RSVP'>)]

post_build(p, pay)

DEV: called right after the current layer is build.

Parameters:

• pkt (str) – the current packet (build by self_buil function)
• pay (str) – the packet payload (build by do_build_payload function)

Returns:

a string of the packet with the payload

route()

scapy.layers.inet.IPID_count(lst, funcID=<function <lambda>>, funcpres=<function <lambda>>)

Identify IP id values classes in a list of packets

lst: a list of packets funcID: a function that returns IP id values funcpres: a function used to summarize packets

class scapy.layers.inet.IPOption

Bases: scapy.packet.Packet

aliastypes = [<class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

classmethod dispatch_hook(pkt=None, *args, **kargs)

extract_padding(p)

DEV: to be overloaded to extract current layer’s padding.

Parameters:s (str) – the current layer Returns:a couple of strings (actual layer, padding)

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption).option>, <Field (IPOption).length>, <Field (IPOption).value>]

classmethod register_variant()

registered_ip_options = {0: <class 'scapy.layers.inet.IPOption_EOL'>, 1: <class 'scapy.layers.inet.IPOption_NOP'>, 2: <class 'scapy.layers.inet.IPOption_Security'>, 3: <class 'scapy.layers.inet.IPOption_LSRR'>, 7: <class 'scapy.layers.inet.IPOption_RR'>, 8: <class 'scapy.layers.inet.IPOption_Stream_Id'>, 9: <class 'scapy.layers.inet.IPOption_SSRR'>, 11: <class 'scapy.layers.inet.IPOption_MTU_Probe'>, 12: <class 'scapy.layers.inet.IPOption_MTU_Reply'>, 18: <class 'scapy.layers.inet.IPOption_Traceroute'>, 19: <class 'scapy.layers.inet.IPOption_Address_Extension'>, 20: <class 'scapy.layers.inet.IPOption_Router_Alert'>, 21: <class 'scapy.layers.inet.IPOption_SDBM'>}

class scapy.layers.inet.IPOption_Address_Extension

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_Address_Extension'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_Address_Extension).option>, <Field (IPOption_Address_Extension).length>, <Field (IPOption_Address_Extension).src_ext>, <Field (IPOption_Address_Extension).dst_ext>]

class scapy.layers.inet.IPOption_EOL

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_EOL'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_EOL).option>]

class scapy.layers.inet.IPOption_LSRR

Bases: scapy.layers.inet.IPOption_RR

aliastypes = [<class 'scapy.layers.inet.IPOption_LSRR'>, <class 'scapy.layers.inet.IPOption_RR'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_LSRR).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_RR,IPOption_LSRR).option>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).length>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).pointer>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).routers>]

class scapy.layers.inet.IPOption_MTU_Probe

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_MTU_Probe'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_MTU_Probe).option>, <Field (IPOption_MTU_Probe,IPOption_MTU_Reply).length>, <Field (IPOption_MTU_Probe,IPOption_MTU_Reply).mtu>]

class scapy.layers.inet.IPOption_MTU_Reply

Bases: scapy.layers.inet.IPOption_MTU_Probe

aliastypes = [<class 'scapy.layers.inet.IPOption_MTU_Reply'>, <class 'scapy.layers.inet.IPOption_MTU_Probe'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_MTU_Probe,IPOption_MTU_Reply).option>, <Field (IPOption_MTU_Probe,IPOption_MTU_Reply).length>, <Field (IPOption_MTU_Probe,IPOption_MTU_Reply).mtu>]

class scapy.layers.inet.IPOption_NOP

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_NOP'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_NOP).option>]

class scapy.layers.inet.IPOption_RR

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_RR'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_RR).option>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).length>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).pointer>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).routers>]

get_current_router()

class scapy.layers.inet.IPOption_Router_Alert

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_Router_Alert'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Router_Alert).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_Router_Alert).option>, <Field (IPOption_Router_Alert).length>, <Field (IPOption_Router_Alert).alert>]

class scapy.layers.inet.IPOption_SDBM

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_SDBM'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_SDBM).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_SDBM).option>, <Field (IPOption_SDBM).length>, <Field (IPOption_SDBM).addresses>]

class scapy.layers.inet.IPOption_SSRR

Bases: scapy.layers.inet.IPOption_RR

aliastypes = [<class 'scapy.layers.inet.IPOption_SSRR'>, <class 'scapy.layers.inet.IPOption_RR'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_SSRR).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_RR,IPOption_SSRR).option>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).length>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).pointer>, <Field (IPOption_RR,IPOption_LSRR,IPOption_SSRR).routers>]

class scapy.layers.inet.IPOption_Security

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_Security'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_Security).option>, <Field (IPOption_Security).length>, <Field (IPOption_Security).security>, <Field (IPOption_Security).compartment>, <Field (IPOption_Security).handling_restrictions>, <Field (IPOption_Security).transmission_control_code>]

class scapy.layers.inet.IPOption_Stream_Id

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_Stream_Id'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_Stream_Id).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_Stream_Id).option>, <Field (IPOption_Stream_Id).length>, <Field (IPOption_Stream_Id).security>]

class scapy.layers.inet.IPOption_Traceroute

Bases: scapy.layers.inet.IPOption

aliastypes = [<class 'scapy.layers.inet.IPOption_Traceroute'>, <class 'scapy.layers.inet.IPOption'>, <class 'scapy.packet.Packet'>]

fields_desc = [<Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_RR,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute).copy_flag>, <Field (_IPOption_HDR,IPOption,IPOption_EOL,IPOption_NOP,IPOption_Security,IPOption_RR,IPOption_LSRR,IPOption_SSRR,IPOption_Stream_Id,IPOption_MTU_Probe,IPOption_MTU_Reply,IPOption_Traceroute,IPOption_Address_Extension,IPOption_Router_Alert,IPOption_SDBM).optclass>, <Field (_IPOption_HDR,IPOption,IPOption_Traceroute).option>, <Field (IPOption_Traceroute).length>, <Field (IPOption_Traceroute).id>, <Field (IPOption_Traceroute).outbound_hops>, <Field (IPOption_Traceroute).return_hops>, <Field (IPOption_Traceroute).originator_ip>]

class scapy.layers.inet.IPTools

Bases: object

Add more powers to a class with an “src” attribute.

hops()

ottl()

whois()

whois the source and print the output

class scapy.layers.inet.IPerror

Bases: scapy.layers.inet.IP

aliastypes = [<class 'scapy.layers.inet.IPerror'>, <class 'scapy.layers.inet.IP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

fields_desc = [<Field (IP,IPerror,_IPv46).version>, <Field (IP,IPerror,_IPv46).ihl>, <Field (IP,IPerror,_IPv46).tos>, <Field (IP,IPerror,_IPv46).len>, <Field (IP,IPerror,_IPv46).id>, <Field (IP,IPerror,_IPv46).flags>, <Field (IP,IPerror,_IPv46).frag>, <Field (IP,IPerror,_IPv46).ttl>, <Field (IP,IPerror,_IPv46).proto>, <Field (IP,IPerror,_IPv46).chksum>, <scapy.fields.Emph object>, <scapy.fields.Emph object>, <Field (IP,IPerror,_IPv46).options>]

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

payload_guess = [({'frag': 0, 'proto': 4}, <class 'scapy.layers.inet.IPerror'>), ({'frag': 0, 'proto': 1}, <class 'scapy.layers.inet.ICMPerror'>), ({'frag': 0, 'proto': 6}, <class 'scapy.layers.inet.TCPerror'>), ({'frag': 0, 'proto': 17}, <class 'scapy.layers.inet.UDPerror'>)]

class scapy.layers.inet.RandTCPOptions(size=None)

Bases: scapy.volatile.VolatileValue

class scapy.layers.inet.TCP

Bases: scapy.packet.Packet

aliastypes = [<class 'scapy.layers.inet.TCP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

fields_desc = [<Field (TCP,TCPerror).sport>, <Field (TCP,TCPerror).dport>, <Field (TCP,TCPerror).seq>, <Field (TCP,TCPerror).ack>, <Field (TCP,TCPerror).dataofs>, <Field (TCP,TCPerror).reserved>, <Field (TCP,TCPerror).flags>, <Field (TCP,TCPerror).window>, <Field (TCP,TCPerror).chksum>, <Field (TCP,TCPerror).urgptr>, <Field (TCP,TCPerror).options>]

hashret()

DEV: returns a string that has the same value for a request and its answer.

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

payload_guess = [({'sport': 6801}, <class 'scapy.contrib.automotive.bmw.enet.ENET'>), ({'dport': 6801}, <class 'scapy.contrib.automotive.bmw.enet.ENET'>), ({'sport': 6801, 'dport': 6801}, <class 'scapy.contrib.automotive.bmw.enet.ENET'>), ({'sport': 30490}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30491}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30492}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30493}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30494}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30495}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30496}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30497}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30498}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30499}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30500}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30501}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30502}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30503}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30504}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'dport': 179}, <class 'scapy.contrib.bgp.BGP'>), ({'sport': 179}, <class 'scapy.contrib.bgp.BGP'>), ({'dport': 3868}, <class 'scapy.contrib.diameter.DiamG'>), ({'sport': 3868}, <class 'scapy.contrib.diameter.DiamG'>), ({'dport': 44818}, <class 'scapy.contrib.enipTCP.ENIPTCP'>), ({'sport': 44818}, <class 'scapy.contrib.enipTCP.ENIPTCP'>), ({'sport': 646}, <class 'scapy.contrib.ldp.LDP'>), ({'dport': 646}, <class 'scapy.contrib.ldp.LDP'>), ({'sport': 646}, <class 'scapy.layers.inet.UDP'>), ({'dport': 646}, <class 'scapy.layers.inet.UDP'>), ({'sport': 646, 'dport': 646}, <class 'scapy.contrib.ldp.LDP'>), ({'dport': 502}, <class 'scapy.contrib.modbus.ModbusADURequest'>), ({'sport': 502}, <class 'scapy.contrib.modbus.ModbusADUResponse'>), ({'sport': 1883}, <class 'scapy.contrib.mqtt.MQTT'>), ({'dport': 1883}, <class 'scapy.contrib.mqtt.MQTT'>), ({'dport': 53}, <class 'scapy.layers.dns.DNS'>), ({'sport': 53}, <class 'scapy.layers.dns.DNS'>), ({'dport': 139}, <class 'scapy.layers.netbios.NBTSession'>), ({'sport': 1723}, <class 'scapy.layers.pptp.PPTP'>), ({'dport': 1723}, <class 'scapy.layers.pptp.PPTP'>), ({'dport': 2000}, <class 'scapy.layers.skinny.Skinny'>), ({'sport': 2000}, <class 'scapy.layers.skinny.Skinny'>), ({'dport': 2000, 'sport': 2000}, <class 'scapy.layers.skinny.Skinny'>), ({'dport': 6653}, <class 'scapy.contrib.openflow.OpenFlow'>), ({'sport': 6653}, <class 'scapy.contrib.openflow.OpenFlow'>), ({'dport': 6633}, <class 'scapy.contrib.openflow.OpenFlow'>), ({'sport': 6633}, <class 'scapy.contrib.openflow.OpenFlow'>), ({'dport': 323}, <class 'scapy.contrib.rtr.RTR'>), ({'sport': 323}, <class 'scapy.contrib.rtr.RTR'>), ({'dport': 8282}, <class 'scapy.contrib.rtr.RTR'>), ({'sport': 8282}, <class 'scapy.contrib.rtr.RTR'>), ({'dport': 2222}, <class 'scapy.contrib.rtr.RTR'>), ({'sport': 2222}, <class 'scapy.contrib.rtr.RTR'>), ({'sport': 2404}, <class 'scapy.contrib.scada.iec104.iec104.IEC104_APDU'>), ({'dport': 2404}, <class 'scapy.contrib.scada.iec104.iec104.IEC104_APDU'>), ({'dport': 2000}, <class 'scapy.contrib.skinny.Skinny'>), ({'sport': 2000}, <class 'scapy.contrib.skinny.Skinny'>), ({'sport': 1080}, <class 'scapy.contrib.socks.SOCKS'>), ({'dport': 1080}, <class 'scapy.contrib.socks.SOCKS'>), ({'dport': 49}, <class 'scapy.contrib.tacacs.TacacsHeader'>), ({'sport': 49}, <class 'scapy.contrib.tacacs.TacacsHeader'>), ({'sport': 80}, <class 'scapy.layers.http.HTTP'>), ({'dport': 80}, <class 'scapy.layers.http.HTTP'>), ({'sport': 80, 'dport': 80}, <class 'scapy.layers.http.HTTP'>), ({'sport': 8080}, <class 'scapy.layers.http.HTTP'>), ({'dport': 8080}, <class 'scapy.layers.http.HTTP'>)]

post_build(p, pay)

DEV: called right after the current layer is build.

Parameters:

• pkt (str) – the current packet (build by self_buil function)
• pay (str) – the packet payload (build by do_build_payload function)

Returns:

a string of the packet with the payload

class scapy.layers.inet.TCPOptionsField(name, default, fmt='H', remain=0)

Bases: scapy.fields.StrField

getfield(pkt, s)

Extract an internal value from a string

Extract from the raw packet s the field value belonging to layer pkt.

Returns a two-element list, first the raw packet string after having removed the extracted field, second the extracted field itself in internal representation.

i2h(pkt, x)

Convert internal value to human value

i2m(pkt, x)

Convert internal value to machine value

islist = 1

m2i(pkt, x)

Convert machine value to internal value

randval()

Return a volatile object whose value is both random and suitable for this field

class scapy.layers.inet.TCP_client(*args, **kargs)

Bases: scapy.automaton.Automaton

Creates a TCP Client Automaton. This automaton will handle TCP 3-way handshake.

Usage: the easiest usage is to use it as a SuperSocket.

>>> a = TCP_client.tcplink(HTTP, "www.google.com", 80)
>>> a.send(HTTPRequest())
>>> a.recv()

CLOSED(*args, **kargs)

ESTABLISHED(*args, **kargs)

LAST_ACK(*args, **kargs)

START(*args, **kargs)

SYN_SENT(*args, **kargs)

ack_of_fin_received(pkt)

actions = {'ack_of_fin_received': [], 'connect': [<function TCP_client.send_syn>], 'fin_received': [<function TCP_client.send_finack>], 'incoming_data_received': [<function TCP_client.receive_data>], 'outgoing_data_received': [<function TCP_client.send_data>], 'reset_received': [], 'synack_received': [<function TCP_client.send_ack_of_synack>]}

conditions = {'CLOSED': [], 'ESTABLISHED': [], 'LAST_ACK': [], 'START': [<function TCP_client.connect>], 'SYN_SENT': []}

connect()

fin_received(pkt)

incoming_data_received(pkt)

initial_states = [<function ATMT.state.<locals>.deco.<locals>.state_wrapper>]

ioevents = {'CLOSED': [], 'ESTABLISHED': [<function TCP_client.outgoing_data_received>], 'LAST_ACK': [], 'START': [], 'SYN_SENT': []}

ionames = ['tcp']

iosupersockets = [<function TCP_client.outgoing_data_received>]

master_filter(pkt)

outgoing_data_received(fd)

parse_args(ip, port, *args, **kargs)

receive_data(pkt)

recv_conditions = {'CLOSED': [], 'ESTABLISHED': [<function TCP_client.incoming_data_received>, <function TCP_client.reset_received>, <function TCP_client.fin_received>], 'LAST_ACK': [<function TCP_client.ack_of_fin_received>], 'START': [], 'SYN_SENT': [<function TCP_client.synack_received>]}

reset_received(pkt)

send_ack_of_synack(pkt)

send_data(d)

send_finack(pkt)

send_syn()

state = None

states = {'CLOSED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'ESTABLISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'LAST_ACK': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'START': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SYN_SENT': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>}

synack_received(pkt)

tcplink = <scapy.automaton._ATMT_to_supersocket object>

timeout = {'CLOSED': [(None, None)], 'ESTABLISHED': [(None, None)], 'LAST_ACK': [(None, None)], 'START': [(None, None)], 'SYN_SENT': [(None, None)]}

class scapy.layers.inet.TCPerror

Bases: scapy.layers.inet.TCP

aliastypes = [<class 'scapy.layers.inet.TCPerror'>, <class 'scapy.layers.inet.TCP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

fields_desc = [<Field (TCP,TCPerror).sport>, <Field (TCP,TCPerror).dport>, <Field (TCP,TCPerror).seq>, <Field (TCP,TCPerror).ack>, <Field (TCP,TCPerror).dataofs>, <Field (TCP,TCPerror).reserved>, <Field (TCP,TCPerror).flags>, <Field (TCP,TCPerror).window>, <Field (TCP,TCPerror).chksum>, <Field (TCP,TCPerror).urgptr>, <Field (TCP,TCPerror).options>]

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

post_dissection(pkt)

class scapy.layers.inet.TracerouteResult(res=None, name='Traceroute', stats=None)

Bases: scapy.plist.SndRcvList

get_trace()

graph(ASres=<scapy.as_resolvers.AS_resolver_multi object>, padding=0, **kargs)

x.graph(ASres=conf.AS_resolver, other args): ASres=None : no AS resolver => no clustering ASres=AS_resolver() : default whois AS resolver (riswhois.ripe.net) ASres=AS_resolver_cymru(): use whois.cymru.com whois database ASres=AS_resolver(server=”whois.ra.net”) type: output type (svg, ps, gif, jpg, etc.), passed to dot’s “-T” option # noqa: E501 target: filename or redirect. Defaults pipe to Imagemagick’s display program # noqa: E501 prog: which graphviz program to use

graphASres

graphdef

graphpadding

hloc

make_graph(ASres=None, padding=0)

nloc

padding

Same as hexraw(), for Padding layer

show()

Best way to display the packet list. Defaults to nsummary() method

trace3D(join=True)

Give a 3D representation of the traceroute. right button: rotate the scene middle button: zoom shift-left button: move the scene left button on a ball: toggle IP displaying double-click button on a ball: scan ports 21,22,23,25,80 and 443 and display the result

trace3D_notebook()

Same than trace3D, used when ran from Jupyther notebooks

world_trace()

Display traceroute results on a world map.

class scapy.layers.inet.UDP

Bases: scapy.packet.Packet

aliastypes = [<class 'scapy.layers.inet.UDP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

extract_padding(s)

DEV: to be overloaded to extract current layer’s padding.

Parameters:s (str) – the current layer Returns:a couple of strings (actual layer, padding)

fields_desc = [<Field (UDP,UDPerror).sport>, <Field (UDP,UDPerror).dport>, <Field (UDP,UDPerror).len>, <Field (UDP,UDPerror).chksum>]

hashret()

DEV: returns a string that has the same value for a request and its answer.

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

payload_guess = [({'sport': 30490}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30491}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30492}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30493}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30494}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30495}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30496}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30497}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30498}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30499}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30500}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30501}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30502}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30503}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'sport': 30504}, <class 'scapy.contrib.automotive.someip.SOMEIP'>), ({'dport': 8138}, <class 'scapy.contrib.bier.BIFT'>), ({'sport': 1113, 'dport': 1113}, <class 'scapy.contrib.ltp.LTP'>), ({'sport': 5683}, <class 'scapy.contrib.coap.CoAP'>), ({'dport': 5683}, <class 'scapy.contrib.coap.CoAP'>), ({'dport': 6081}, <class 'scapy.contrib.geneve.GENEVE'>), ({'dport': 2123}, <class 'scapy.contrib.gtp.GTPHeader'>), ({'sport': 2123}, <class 'scapy.contrib.gtp.GTPHeader'>), ({'dport': 2123, 'sport': 2123}, <class 'scapy.contrib.gtp.GTPHeader'>), ({'dport': 2152}, <class 'scapy.contrib.gtp.GTP_U_Header'>), ({'sport': 2152}, <class 'scapy.contrib.gtp.GTP_U_Header'>), ({'dport': 2152, 'sport': 2152}, <class 'scapy.contrib.gtp.GTP_U_Header'>), ({'dport': 6635}, <class 'scapy.contrib.mpls.MPLS'>), ({'dport': 500, 'sport': 500}, <class 'scapy.contrib.ikev2.IKEv2'>), ({'dport': 4500, 'sport': 4500}, <class 'scapy.contrib.ikev2.IKEv2'>), ({'sport': 646, 'dport': 646}, <class 'scapy.contrib.ldp.LDP'>), ({'sport': 1883}, <class 'scapy.contrib.mqttsn.MQTTSN'>), ({'dport': 1883}, <class 'scapy.contrib.mqttsn.MQTTSN'>), ({'dport': 1883, 'sport': 1883}, <class 'scapy.contrib.mqttsn.MQTTSN'>), ({'dport': 67, 'sport': 68}, <class 'scapy.layers.dhcp.BOOTP'>), ({'dport': 68, 'sport': 67}, <class 'scapy.layers.dhcp.BOOTP'>), ({'dport': 67, 'sport': 67}, <class 'scapy.layers.dhcp.BOOTP'>), ({'dport': 547}, <function _dhcp6_dispatcher>), ({'dport': 546}, <function _dhcp6_dispatcher>), ({'dport': 5353}, <class 'scapy.layers.dns.DNS'>), ({'sport': 5353}, <class 'scapy.layers.dns.DNS'>), ({'dport': 53}, <class 'scapy.layers.dns.DNS'>), ({'sport': 53}, <class 'scapy.layers.dns.DNS'>), ({'dport': 1985}, <class 'scapy.layers.hsrp.HSRP'>), ({'sport': 1985}, <class 'scapy.layers.hsrp.HSRP'>), ({'dport': 2029}, <class 'scapy.layers.hsrp.HSRP'>), ({'sport': 2029}, <class 'scapy.layers.hsrp.HSRP'>), ({'dport': 1985, 'sport': 1985}, <class 'scapy.layers.hsrp.HSRP'>), ({'dport': 2029, 'sport': 2029}, <class 'scapy.layers.hsrp.HSRP'>), ({'dport': 4500}, <class 'scapy.layers.ipsec.ESP'>), ({'sport': 4500}, <class 'scapy.layers.ipsec.ESP'>), ({'dport': 1701}, <class 'scapy.layers.l2tp.L2TP'>), ({'sport': 1701}, <class 'scapy.layers.l2tp.L2TP'>), ({'dport': 1701, 'sport': 1701}, <class 'scapy.layers.l2tp.L2TP'>), ({'dport': 5355}, <class 'scapy.layers.llmnr._LLMNR'>), ({'sport': 5355}, <class 'scapy.layers.llmnr._LLMNR'>), ({'sport': 5355, 'dport': 5355}, <class 'scapy.layers.llmnr._LLMNR'>), ({'dport': 2727}, <class 'scapy.layers.mgcp.MGCP'>), ({'sport': 2727}, <class 'scapy.layers.mgcp.MGCP'>), ({'sport': 2727, 'dport': 2727}, <class 'scapy.layers.mgcp.MGCP'>), ({'dport': 434}, <class 'scapy.layers.mobileip.MobileIP'>), ({'sport': 434}, <class 'scapy.layers.mobileip.MobileIP'>), ({'sport': 434, 'dport': 434}, <class 'scapy.layers.mobileip.MobileIP'>), ({'dport': 137}, <class 'scapy.layers.netbios.NBNSQueryRequest'>), ({'dport': 137}, <class 'scapy.layers.netbios.NBNSRequest'>), ({'sport': 137}, <class 'scapy.layers.netbios.NBNSQueryResponse'>), ({'sport': 137}, <class 'scapy.layers.netbios.NBNSQueryResponseNegative'>), ({'sport': 137}, <class 'scapy.layers.netbios.NBNSNodeStatusResponse'>), ({'sport': 137}, <class 'scapy.layers.netbios.NBNSWackResponse'>), ({'dport': 138}, <class 'scapy.layers.netbios.NBTDatagram'>), ({'dport': 2055}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'sport': 2055}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'dport': 2056}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'sport': 2056}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'dport': 9995}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'sport': 9995}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'dport': 9996}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'sport': 9996}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'dport': 6343}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'sport': 6343}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'dport': 2055, 'sport': 2055}, <class 'scapy.layers.netflow.NetflowHeader'>), ({'sport': 123}, <class 'scapy.layers.ntp.NTP'>), ({'dport': 123}, <class 'scapy.layers.ntp.NTP'>), ({'sport': 123, 'dport': 123}, <class 'scapy.layers.ntp.NTP'>), ({'sport': 1812}, <class 'scapy.layers.radius.Radius'>), ({'dport': 1812}, <class 'scapy.layers.radius.Radius'>), ({'sport': 1813}, <class 'scapy.layers.radius.Radius'>), ({'dport': 1813}, <class 'scapy.layers.radius.Radius'>), ({'dport': 520}, <class 'scapy.layers.rip.RIP'>), ({'sport': 520}, <class 'scapy.layers.rip.RIP'>), ({'sport': 520, 'dport': 520}, <class 'scapy.layers.rip.RIP'>), ({'sport': 161}, <class 'scapy.layers.snmp.SNMP'>), ({'dport': 161}, <class 'scapy.layers.snmp.SNMP'>), ({'sport': 162}, <class 'scapy.layers.snmp.SNMP'>), ({'dport': 162}, <class 'scapy.layers.snmp.SNMP'>), ({'sport': 161, 'dport': 161}, <class 'scapy.layers.snmp.SNMP'>), ({'dport': 69}, <class 'scapy.layers.tftp.TFTP'>), ({'dport': 4789}, <class 'scapy.layers.vxlan.VXLAN'>), ({'dport': 4790}, <class 'scapy.layers.vxlan.VXLAN'>), ({'dport': 6633}, <class 'scapy.layers.vxlan.VXLAN'>), ({'dport': 8472}, <class 'scapy.layers.vxlan.VXLAN'>), ({'dport': 48879}, <class 'scapy.layers.vxlan.VXLAN'>), ({'sport': 4789}, <class 'scapy.layers.vxlan.VXLAN'>), ({'sport': 4790}, <class 'scapy.layers.vxlan.VXLAN'>), ({'sport': 6633}, <class 'scapy.layers.vxlan.VXLAN'>), ({'sport': 8472}, <class 'scapy.layers.vxlan.VXLAN'>), ({'sport': 4789, 'dport': 4789}, <class 'scapy.layers.vxlan.VXLAN'>), ({'sport': 17754}, <class 'scapy.layers.zigbee.ZEP2'>), ({'sport': 17754}, <class 'scapy.layers.zigbee.ZEP2'>), ({'sport': 17754, 'dport': 17754}, <class 'scapy.layers.zigbee.ZEP2'>), ({'dport': 34962}, <class 'scapy.contrib.pnio.ProfinetIO'>), ({'sport': 521, 'dport': 521}, <class 'scapy.contrib.ripng.RIPng'>), ({'sport': 1101}, <class 'scapy.contrib.sebek.SebekHead'>), ({'dport': 1101}, <class 'scapy.contrib.sebek.SebekHead'>), ({'dport': 1101, 'sport': 1101}, <class 'scapy.contrib.sebek.SebekHead'>), ({'sport': 1080}, <class 'scapy.contrib.socks.SOCKS5UDP'>), ({'sport': 1080}, <class 'scapy.contrib.socks.SOCKS5UDP'>), ({'sport': 1080, 'dport': 1080}, <class 'scapy.contrib.socks.SOCKS5UDP'>), ({'sport': 1589}, <class 'scapy.contrib.vqp.VQP'>), ({'dport': 1589}, <class 'scapy.contrib.vqp.VQP'>), ({'dport': 51820}, <class 'scapy.contrib.wireguard.Wireguard'>), ({'sport': 51820}, <class 'scapy.contrib.wireguard.Wireguard'>)]

post_build(p, pay)

DEV: called right after the current layer is build.

Parameters:

• pkt (str) – the current packet (build by self_buil function)
• pay (str) – the packet payload (build by do_build_payload function)

Returns:

a string of the packet with the payload

class scapy.layers.inet.UDPerror

Bases: scapy.layers.inet.UDP

aliastypes = [<class 'scapy.layers.inet.UDPerror'>, <class 'scapy.layers.inet.UDP'>, <class 'scapy.packet.Packet'>]

answers(other)

DEV: true if self is an answer from other

fields_desc = [<Field (UDP,UDPerror).sport>, <Field (UDP,UDPerror).dport>, <Field (UDP,UDPerror).len>, <Field (UDP,UDPerror).chksum>]

mysummary()

DEV: can be overloaded to return a string that summarizes the layer. Only one mysummary() is used in a whole packet summary: the one of the upper layer, # noqa: E501 except if a mysummary() also returns (as a couple) a list of layers whose # noqa: E501 mysummary() must be called if they are present.

post_dissection(pkt)

scapy.layers.inet.defrag(plist) → ([not fragmented], [defragmented],

[ [bad fragments], [bad fragments], … ])

scapy.layers.inet.defragment(plist) → plist defragmented as much as possible

scapy.layers.inet.fragleak(target, sport=123, dport=123, timeout=0.2, onlyasc=0, count=None)

scapy.layers.inet.fragleak2(target, timeout=0.4, onlyasc=0, count=None)

scapy.layers.inet.fragment(pkt, fragsize=1480)

Fragment a big IP datagram

scapy.layers.inet.in4_chksum(proto, u, p)

As Specified in RFC 2460 - 8.1 Upper-Layer Checksums

Performs IPv4 Upper Layer checksum computation. Provided parameters are: - ‘proto’ : value of upper layer protocol - ‘u’ : IP upper layer instance - ‘p’ : the payload of the upper layer provided as a string

scapy.layers.inet.inet_register_l3(l2, l3)

scapy.layers.inet.overlap_frag(p, overlap, fragsize=8, overlap_fragsize=None)

Build overlapping fragments to bypass NIPS

p: the original packet overlap: the overlapping data fragsize: the fragment size of the packet overlap_fragsize: the fragment size of the overlapping packet

scapy.layers.inet.report_ports(target, ports)

portscan a target and output a LaTeX table report_ports(target, ports) -> string

scapy.layers.inet.traceroute(target, dport=80, minttl=1, maxttl=30, sport=<RandShort>, l4=None, filter=None, timeout=2, verbose=None, **kargs)

Instant TCP traceroute

Parameters:

• target – hostnames or IP addresses
• dport – TCP destination port (default is 80)
• minttl – minimum TTL (default is 1)
• maxttl – maximum TTL (default is 30)
• sport – TCP source port (default is random)
• l4 – use a Scapy packet instead of TCP
• filter – BPF filter applied to received packets
• timeout – time to wait for answers (default is 2s)
• verbose – detailed output

Returns:

an TracerouteResult, and a list of unanswered packets

scapy.layers.inet.traceroute_map(ips, **kargs)

Util function to call traceroute on multiple targets, then show the different paths on a map.

Parameters:

• ips – a list of IPs on which traceroute will be called
• kargs – (optional) kwargs, passed to traceroute