Question

我想使用scapy发送IGMP数据包，特别是IGMP Leave，IGMP Membership报告。是否可以这样做？

更新

我最终能够生成它们。不得不做以下事情：

1）按照此处的描述安装scapy v.2.2.0（包括setup.py中的微小更改）： scapy's contrib is missing after installing scapy on both windows and fedora

2）您需要使用来自贡献包的文件（未添加到scapy核心的功能）：

import scapy.contrib.igmp
igmpPacket = scapy.contrib.igmp.IGMP()

Answer 1

是的，可以发送IGMP数据包。谷歌搜索后，我想出了一些有用的链接，可以帮助你在某个方向。在github上，scapy中存在IGMP和IGMPv3实现。这也是一个有趣的mailing list。此外，这个post还有一些与IGMP相关的有趣内容。

Answer 2

使用此方法，您可以发送IGMP版本2（RFC2236）成员资格查询消息，而不是IGMP版本3.

以下是完整的代码和tcpdump：

>>> from scapy.all import *
>>> import scapy.contrib.igmp
>>> p = IP(dst="62.22.14.4")/scapy.contrib.igmp.IGMP()
>>> send(p)
.
Sent 1 packets.
>>>

# tcpdump -ni cplane0 igmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on cplane0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:42:01.045618 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.045631 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.046470 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.046476 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.959331 IP 62.22.14.4 > 224.1.1.1: igmp v2 report 224.1.1.1

更新：由于IGMPv3正在建设中。以下是发送IGMP版本3成员资格查询的方法：

>>> from scapy.all import *
>>>
>>> class IGMP3(Packet):
...     name = "IGMP3"
...     fields_desc = [ ByteField("type", 0x11),
...                     ByteField("mrtime", 20),
...                   XShortField("chksum", None),
...                       IPField("gaddr", "0.0.0.0"),
...                      IntField("others", 0x0)]
...     def post_build(self, p, pay):
...         p += pay
...         if self.chksum is None:
...             ck = checksum(p)
...             p = p[:2]+chr(ck>>8)+chr(ck&0xff)+p[4:]
...         return p
...
>>> bind_layers( IP, IGMP3, frag=0, proto=2)
>>> p = IP(dst="62.21.20.21")/IGMP3()
>>> send(p)
.
Sent 1 packets.
>>>

# tcpdump -ni cplane0 igmp -v
tcpdump: listening on cplane0, link-type EN10MB (Ethernet), capture size     262144 bytes
17:24:35.013987 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014000 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014476 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014482 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.218208 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
62.21.20.21 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 239.1.1.1 is_ex, 0 source(s)]

Python：使用Scapy发送IGMP数据包

2 个答案: