A trivial patch for pylibpcap-0.4 was necessary. It was so easy that it would have been a shame to include it here ;-)
Scapy is an amazing python library that can be used as a standalone tool.
Written by Philippe Biondi (EADS CCR), it was « ported » to FreeBSD by Yvan Vanhullebus & to MacOSX/fink by Olivier Warin.
Its low level networking facilities & more recently its Unit Test capabilities made it a tool of choice for testing some part of a FireWall as shown in the following example:
$ ./UTscapy.py -f HTML -o netasq_example.html -t netasq_example.txt
% A simple test campaign demonstrating UTscapy
* In the following tests, we send 1 TCP SYN packet on port 80
* to google.com, the test is successfull if:
* we got an answer with FLAGS S/A otherwise the test has failed!
############
############
+ Is there a webserver out there ?
= We send the packet and wait 2s for a reply
os.uname()
ans,unans=sr(IP(dst="64.233.167.99")/TCP(dport=80),timeout=2)
= Do we get an answer ? If so, print it on stdout
if len(ans)==1:
print ans
= Second check, is it a SYN/ACK ?
for snd,rcv in ans:
rcv.sprintf("%TCP.flags%")=='SA'
A
trivial patch for pylibpcap-0.4 was necessary. It was so easy that it
would have been a shame to include it here ;-)