pcapy/impacket 的 IPv6 解码器
我使用 pcapy/impacket 库,用于在 Python 中解码网络数据包。 它有一个了解 IPv4 数据包语法的 IP 解码器,但显然没有 IPv6 解码器。
有人得到一个吗?
在一封私人信件中,Impacket 维护者表示,从 Scapy 开始可能会更好
I use the pcapy/impacket library to decode network packets in Python. It has an IP decoder which knows about the syntax of IPv4 packets but apparently no IPv6 decoder.
Does anyone get one?
In a private correspondance, the Impacket maintainers say it may be better to start with Scapy
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
Impacket 维护者推荐的 Scapy 目前没有 IPv6 解码功能。 但有一个非官方扩展可以做到这一点。
有了这个扩展,它就可以工作了:
但是对于大的痕迹来说,它的速度非常慢。 所以,我可能不得不尝试 Impacket,甚至回到 C。
Scapy, recommended by the Impacket maintainers, has no IPv6 decoding at this time. But there is an unofficial extension to do so.
With this extension, it works:
but it is awfully slow for large traces. So, I may have to try Impacket nevertheless or even go back to C.
您可能需要研究
dpkt,这是另一种数据包解析/建筑图书馆。 它是由pypcap(一个不同的 libpcap)的作者编写的包装器,但让它与 pcapy 一起工作应该不会太困难,看看它是否比 Scapy 更快。You may want to look into
dpkt, yet another packet parsing/building library. It was written by the author ofpypcap, a different libpcap wrapper, but it shouldn't be too difficult to get it working with pcapy to see if it's faster for your purposes than Scapy.我以前从未使用过 pcapy,但我确实在 C 项目中使用过 libpcap。 正如 pcapy 页面所述,它不是静态链接到 libcap,因此您可以升级到支持 IPv6 的较新版本。
根据libpcap变更日志,2008年10月27日发布的1.0版本默认支持IPv6 (它应该具有 IPv6 的时间更长,但现在默认使用该选项进行编译),因此您应该能够使用此版本捕获 IPv6 流量。 最新的 pcapy 版本是从 2007 年 3 月 27 日开始的,所以最多应该包括 2007 年 9 月 10 日发布的 libcap 0.9.8 版本。
我不知道这是否足以让您能够捕获 IPv6 流量,因为pcapy API 可能需要一些更改来支持它,而这是 pcapy 开发人员的屋顶。
更新:显然pylibpcap(libpcap的Python包装器)的版本比pcapy,因此应该更好地支持较新的 libpcap 功能。
有关 PCAP (libpcap) 的更多一般信息请参见此处。
I have never used pcapy before, but I do have used libpcap in C projects. As the pcapy page states it is not statically linked to libcap, so you can upgrade to a newer one with IPv6 support.
According to libpcap changelog, version 1.0 released on October 27, 2008, has default IPv6 support (it is supposed to have IPv6 from much longer but it is now default compiled with that option), so you should be able to capture IPv6 traffic with this version. Latest pcapy release is from March 27, 2007, so at most it should include a 0.9.8 version of libcap released on September 10, 2007.
I don't know if that would be enough for you to be able to capture IPv6 traffic since pcapy API would probably requiere some changes to support it, and that's on pcapy developer's roof.
Update: Apparently pylibpcap, a python wrapper to libpcap, has newer releases than pcapy, so newer libpcap features should be better supported.
More information about PCAP (libpcap) in general here.
使用来自 google 的非常有用的单文件库
您可以从http://code.google 。 com/p/ipaddr-py/
支持 IPv4、IPv6、ip 验证、网络掩码和前缀管理等。它的编码和文档良好。
祝你好运
埃米利奥
You can use a really useful one-file library from google from
http://code.google.com/p/ipaddr-py/
that supports IPv4, IPv6, ip validation, netmask and prefix managements, etc. It's well coded and documented.
Good luck
Emilio