通过scapy配置STP协议 [英] Configure STP protocol via scapy

问题描述

我需要使用 scapy 生成和 STP 流量，当我通过 wireshark 对其进行可视化时，我得到类似于下面显示的标题的输出:当我运行此代码时:

I need to generate and STP traffic using scapy and when I visualize it via wireshark I get an output similar to the caption shown below: when I run this code:

from scapy.all import STP
import scapy
from scapy.all import *

data='STP'
sendp(Ether(dst="01:80:c2:00:00:00")/LLC(dsap=0xaa, ssap=0xaa)/STP(bpdutype=0x00, bpduflags=0x01, portid=0x8002)/data, iface="eth1", count=200)

这是我的wireshark输出

this is my wireshark output

我不知道如何将组织代码更改为 00:00:0c，因为我相信是它造成了这个问题

I don't know how to change the organization code to 00:00:0c, because I believe it's the one who is making this problem

推荐答案

你忘记了图层 SNAP

you forgot the layer SNAP

这里有 2 个帮助我调试的示例:

here are 2 exemples taht helped me debug:

• 示例 1:您的代码.
• 示例 2:添加了 SN​​AP 层

对于两个例子:

from scapy.layers.inet import SNAP
from scapy.layers.l2 import Ether, LLC, STP
data = "STP"

示例编号 1:

packet = (
    Ether(dst="01:80:c2:00:00:00")
    / LLC(dsap=0xAA, ssap=0xAA)
    / STP(bpdutype=0x00, bpduflags=0x01, portid=0x8002)
    / data
)
packet.show2()

输出:

###[ Ethernet ]### 
  dst       = 01:80:c2:00:00:00
  src       = 4c:d9:8f:77:3b:33
  type      = 0x8870
###[ LLC ]### 
     dsap      = 0xaa
     ssap      = 0xaa
     ctrl      = 3
###[ SNAP ]### 
        OUI       = 0x0
        code      = 0x1
###[ 802.3 ]### 
           dst       = 00:00:00:00:00:00
           src       = 00:00:00:00:00:00
           len       = 0
###[ Padding ]### 
              load      = '\x00\x00\x00\x00\x00\x00\x80\x02\x01\x00\x14\x00\x02\x00\x0f\x00STP'

您是否看到 scapy 如何在 LLC 层之后立即解码名为 SNAP 的层?这使得解码之后

Do you see how scapy decode a layer named SNAP right after the LLC layer? that makes the decoding all wrong after

所以让我们添加它，这样所有的解码都会正确:

so let's add it, so all the decoding will true:

例2:添加SNAP层

packet = (
    Ether(dst="01:80:c2:00:00:00")
    / LLC(dsap=0xAA, ssap=0xAA)
    / SNAP()
    / STP(bpdutype=0x00, bpduflags=0x01, portid=0x8002)
    / data
)
packet.show2()

输出:

###[ Ethernet ]### 
  dst       = 01:80:c2:00:00:00
  src       = 4c:d9:8f:77:3b:33
  type      = 0x8870
###[ LLC ]### 
     dsap      = 0xaa
     ssap      = 0xaa
     ctrl      = 3
###[ SNAP ]### 
        OUI       = 0x0
        code      = 0x10b
###[ Spanning Tree Protocol ]### 
           proto     = 0
           version   = 0
           bpdutype  = 0
           bpduflags = 1
           rootid    = 0
           rootmac   = 00:00:00:00:00:00
           pathcost  = 0
           bridgeid  = 0
           bridgemac = 00:00:00:00:00:00
           portid    = 32770
           age       = 1.0
           maxage    = 20.0
           hellotime = 2.0
           fwddelay  = 15.0
###[ Raw ]### 
              load      = 'STP'

看起来好多了.我没有尝试使用 wireshark，但至少 scapy 似乎对它很满意.

it seems to look a lot better. I didn't try with wireshark, but at the least scapy seems happy with it.

这篇关于通过scapy配置STP协议的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！