1#!/usr/local/bin/python3 2# check ip and udp checksum in returned icmp packet 3 4import os 5from addr import * 6from scapy.all import * 7 8dstaddr=sys.argv[1] 9uport=os.getpid() & 0xffff 10# inetd ignores UDP packets from privileged port or nfs 11if uport < 1024 or uport == 2049: 12 uport+=1024 13payload=b"a" * 1472 14p=(Ether(src=SRC_MAC, dst=PF_MAC)/IP(flags="DF", src=SRC_OUT, dst=dstaddr)/ 15 UDP(sport=uport, dport=9)/payload) 16ipcksum=IP(bytes(p.payload)).chksum 17print("ipcksum=%#04x" % (ipcksum)) 18udpcksum=IP(bytes(p.payload)).payload.chksum 19print("udpcksum=%#04x" % (udpcksum)) 20a=srp1(p, iface=SRC_IF, timeout=2) 21if a and a.type == ETH_P_IP and \ 22 a.payload.proto == 1 and \ 23 icmptypes[a.payload.payload.type] == 'dest-unreach' and \ 24 icmpcodes[a.payload.payload.type][a.payload.payload.code] == \ 25 'fragmentation-needed': 26 outeripcksum=a.payload.chksum 27 print("outeripcksum=%#04x" % (outeripcksum)) 28 outercksum=a.payload.payload.chksum 29 print("outercksum=%#04x" % (outercksum)) 30 q=a.payload.payload.payload 31 inneripcksum=q.chksum 32 print("inneripcksum=%#04x" % (inneripcksum)) 33 if q.proto == 17: 34 innercksum=q.payload.chksum 35 print("innercksum=%#04x" % (innercksum)) 36 if innercksum == udpcksum: 37 exit(0) 38 print("INNERCKSUM!=UDPCKSUM") 39 exit(1) 40 print("NO INNER UDP REQUEST") 41 exit(2) 42print("NO FRAGMENTATION NEEDED") 43exit(2) 44