netinet6/frag6/frag6_overhead0.py

*527238f8Sbluhm#!/usr/local/bin/python3
233b170eSbluhm
*527238f8Sbluhmprint("ping6 fragment that overlaps the first fragment with its head")
741f9993Sbluhm
7cd47444Sbluhm# |---------|
7cd47444Sbluhm#      |XXXX-----|
741f9993Sbluhm
741f9993Sbluhmimport os
741f9993Sbluhmfrom addr import *
741f9993Sbluhmfrom scapy.all import *
741f9993Sbluhm
9ae5678bSbluhmpid=os.getpid()
9ae5678bSbluhmeid=pid & 0xffff
*527238f8Sbluhmpayload=b"ABCDEFGHIJKLMNOP"
7b3475a7Sbluhmpacket=IPv6(src=LOCAL_ADDR6, dst=REMOTE_ADDR6)/ \
7b3475a7Sbluhm    ICMPv6EchoRequest(id=eid, data=payload)
741f9993Sbluhmfrag=[]
9ae5678bSbluhmfid=pid & 0xffffffff
*527238f8Sbluhmfrag.append(IPv6ExtHdrFragment(nh=58, id=fid, m=1)/bytes(packet)[40:56])
*527238f8Sbluhmfrag.append(IPv6ExtHdrFragment(nh=58, id=fid, offset=1)/bytes(packet)[48:64])
741f9993Sbluhmeth=[]
741f9993Sbluhmfor f in frag:
7b3475a7Sbluhm	pkt=IPv6(src=LOCAL_ADDR6, dst=REMOTE_ADDR6)/f
7b3475a7Sbluhm	eth.append(Ether(src=LOCAL_MAC, dst=REMOTE_MAC)/pkt)
741f9993Sbluhm
741f9993Sbluhmif os.fork() == 0:
741f9993Sbluhm	time.sleep(1)
7b3475a7Sbluhm	sendp(eth, iface=LOCAL_IF)
741f9993Sbluhm	os._exit(0)
741f9993Sbluhm
7b3475a7Sbluhmans=sniff(iface=LOCAL_IF, timeout=3, filter=
7b3475a7Sbluhm    "ip6 and src "+REMOTE_ADDR6+" and dst "+LOCAL_ADDR6+" and icmp6")
741f9993Sbluhmfor a in ans:
9c70e3bfSbluhm	if a and a.type == ETH_P_IPV6 and \
741f9993Sbluhm	    ipv6nh[a.payload.nh] == 'ICMPv6' and \
741f9993Sbluhm	    icmp6types[a.payload.payload.type] == 'Echo Reply':
741f9993Sbluhm		id=a.payload.payload.id
*527238f8Sbluhm		print("id=%#x" % (id))
9ae5678bSbluhm		if id != eid:
*527238f8Sbluhm			print("WRONG ECHO REPLY ID")
741f9993Sbluhm			exit(2)
741f9993Sbluhm		data=a.payload.payload.data
*527238f8Sbluhm		print("payload=%s" % (data))
741f9993Sbluhm		if data == payload:
*527238f8Sbluhm			print("ECHO REPLY")
741f9993Sbluhm			exit(1)
*527238f8Sbluhm		print("PAYLOAD!=%s" % (payload))
741f9993Sbluhm		exit(2)
*527238f8Sbluhmprint("no echo reply")
499024ccSbluhmexit(0)