如何通过 Scapy 设置 TCP 选项(时间戳和 SAckOk)? [英] How to set TCP options (Timestamp and SAckOk) via Scapy?

问题描述

对于我想通过 Scapy 生成的每个数据包，我都有以下信息，它是 tcpdump 输出:

I have following information for each packet I want to generate via Scapy, it is tcpdump output:

1509472682.813373 MAC1 >MAC2, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 64271, offset 0, flags [DF], proto TCP (6), length 60)IP1.port1 >IP2.port2: Flags [S], cksum 0x4a0b (incorrect -> 0xe5b4), seq 1763588570, win 65535, options [mss 1460,sackOK,TS val 1098453 ecr 0,nop>,w0]

1509472682.813373 MAC1 > MAC2, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 64271, offset 0, flags [DF], proto TCP (6), length 60) IP1.port1 > IP2.port2: Flags [S], cksum 0x4a0b (incorrect -> 0xe5b4), seq 1763588570, win 65535, options [mss 1460,sackOK,TS val 1098453 ecr 0,nop,wscale 6], length 0

我已经生成了 TCP 数据包如下，但是当我通过 wireshark 检查它们时，似乎根本没有设置 Timestamp 选项和 Sack 未按我的预期设置.

I have generated TCP packets as follow, but when I check them via wireshark it seems that the Timestamp option is not set at all and Sack is not set as I have expected.

for r in (("mss","MSS"), ("sackOK","SAck"), ("nop","NOP"), ("TS ", "Timestamps "), ("val", "TSval"), ("ecr", "TSecr"), ("wscale","WScale")):
    opt = opt.replace(*r)

opt=opt.split(",") 

for op in opt:       
    op = op.split()
    if len(op) == 2:
        options.append((op[0],int(op[1])))
    elif op[0] == "Timestamps": ## Need some modification, so that Scapy do not ignore it.
        options.append((op[0],(int(op[2]),int(op[4]))))
    elif op[0] == "SAck": ## How to set SAck option to be SAck Permitted?
        options.append((op[0], '')) 
    else: # NOP
        options.append((op[0], ()))

ip = ether/IP(src=ipsrc, dst=ipdst, len=ipLen, tos=frameTos, ttl=frameTtl, offset=frameOffset, id=frameId, flags=frameFlags, proto=protocol.lower())

if ack_n is None:
    pkt = ip / TCP(sport=srcport, dport=dstport , flags=frameFlag, seq=int(seq_n), chksum=cksum, window=win, options=options) / secrets.token_bytes(frameLen-54)                  
else:                        
    pkt = ip / TCP(sport=srcport, dport=dstport , flags=frameFlag, seq=int(seq_n), ack=ack_n, chksum=cksum, window=win, options=options) / secrets.token_bytes(frameLen-54)                  

pkt.time = frametime

wrpcap(output, pkt, append=True)

这是传递给我在开头提供的信息包的选项字段的内容:

Here is what is passed to options field for the packet I have provided its info at the beginning:

[('MSS', 1460), ('SAck', ''), ('Timestamps', (1098453, 0)), ('NOP', ()), ('WScale',6)]

但是当我通过 Wireshark 检查数据包时，Timestamps 选项没有设置，似乎 Scapy 忽略了它，并且 SAck 选项没有像我一样设置预期.

But when I check the packet via Wireshark the Timestamps option is not set, it seems that Scapy has ignored it, and the SAck option is not set as I have expected.

这是这个数据包选项字段在 Wireshark 中的样子:

Here is how this packet options field looks like in Wireshark:

这是我所期望的:

所以这里的问题是:

• 如何设置timestamps，让Scapy不忽略它?
• 如何设置SAck，以便将其标记为允许.

• How to set timestamps, so that the Scapy does not ignore it?
• How to set SAck, so that it is marked as permitted.

编辑 1:

我已经用SAck解决了这个问题，我应该把它作为('SAckOK', '')

I have solved the problem with SAck, I should pass it as ('SAckOK', '')

推荐答案

我终于找到了我设置错误的地方:

Finally I have find what I have set wrong:

正如我在第一次编辑中提到的，要设置允许选择性确认，我应该将选项作为 ('SAckOK', '') 传递给一个元组.

As I mentioned in my first edit, to set Selective Acknowledgment Permitted, I should pass option a tuple as ('SAckOK', '').

要设置 timestamp 我应该在内部元组中传递一个元组作为 ('Timestamp', (1098453, 0)) 选项，第一个参数是 Val 第二个是 Ecr.

To set timestamp I should pass option a tuple as ('Timestamp', (1098453, 0)) in the inner tuple the first argument is Val and the second one is Ecr.

这篇关于如何通过 Scapy 设置 TCP 选项(时间戳和 SAckOk)?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！