gkatev/arp-reply.py

## arp-reply.py
#!/usr/bin/python3

import sys
from scapy.all import send, ARP, conf

s = conf.L3socket(promisc=False)

for line in sys.stdin:
	p = line.strip().split(' ')

	# Whom the ARP concerned
	host_ip = p[0]
	host_mac = p[1]

	# Sent the ARP request
	source_ip = p[2]
	source_mac = p[3]

	print("ARP Reply to (%s, %s), %s is-at %s"
		% (source_ip, source_mac, host_ip, host_mac))

	s.send(ARP(op=ARP.is_at, psrc=host_ip, hwsrc=host_mac,
		pdst=source_ip, hwdst=source_mac))

## arp-server.service
[Unit]
Description=ARP Server
After=network.target

StartLimitIntervalSec=60
StartLimitBurst=5

[Service]
Type=simple

Environment="PYTHONUNBUFFERED=1"
ExecStart=/config/scripts/arp/arp-server.sh

Restart=on-failure
RestartSec=1

[Install]
WantedBy=multi-user.target

## arp-server.sh
#!/bin/bash

set -e

declare -A ip_mac

# Answer ARP requests for <addr> with <mac>
ip_mac[<IP ADDRESS 1>]=<MAC ADDRESS 1>
ip_mac[<IP ADDRESS 2>]=<MAC ADDRESS 2>

# Ignore requests from these addresses
blacklist=(<IP ADDRESS 3> <IP ADDRESS 4>)

# ----------------

if [ ! "$INTERFACE" ]; then
	export INTERFACE="switch0"
fi

# SCRIPT_DIR="$(dirname $(realpath "$0"))"
# ARP_REPLY="$SCRIPT_DIR/arp-reply.py"

ARP_REPLY="/config/scripts/arp/arp-reply.py"

# ----------------

if [ $EUID != 0 ]; then
   echo "Please run as root"
   exit 1
fi

dl="dst $(sed 's/ / or dst /g' <<< "${!ip_mac[@]}")"
sl="src $(sed 's/ / or src /g' <<< "${blacklist[@]}")"

tcpdump -etln -i "$INTERFACE" "arp and (arp[6:2] = 1) and ($dl) and not ($sl)" \
| while read -r req; do
	target_ip=$(awk '{print $11}' <<< $req)
	source_ip=$(awk '{print substr($13, 0, length($13)-1)}' <<< $req)
	source_mac=$(awk '{print $1}' <<< $req)

	echo "$target_ip" "${ip_mac[$target_ip]}" "$source_ip" "$source_mac"
done | "$ARP_REPLY"
	#!/usr/bin/python3

	import sys
	from scapy.all import send, ARP, conf

	s = conf.L3socket(promisc=False)

	for line in sys.stdin:
	p = line.strip().split(' ')

	# Whom the ARP concerned
	host_ip = p[0]
	host_mac = p[1]

	# Sent the ARP request
	source_ip = p[2]
	source_mac = p[3]

	print("ARP Reply to (%s, %s), %s is-at %s"
	% (source_ip, source_mac, host_ip, host_mac))

	s.send(ARP(op=ARP.is_at, psrc=host_ip, hwsrc=host_mac,
	pdst=source_ip, hwdst=source_mac))
	[Unit]
	Description=ARP Server
	After=network.target

	StartLimitIntervalSec=60
	StartLimitBurst=5

	[Service]
	Type=simple

	Environment="PYTHONUNBUFFERED=1"
	ExecStart=/config/scripts/arp/arp-server.sh

	Restart=on-failure
	RestartSec=1

	[Install]
	WantedBy=multi-user.target
	#!/bin/bash

	set -e

	declare -A ip_mac

	# Answer ARP requests for <addr> with <mac>
	ip_mac[<IP ADDRESS 1>]=<MAC ADDRESS 1>
	ip_mac[<IP ADDRESS 2>]=<MAC ADDRESS 2>

	# Ignore requests from these addresses
	blacklist=(<IP ADDRESS 3> <IP ADDRESS 4>)

	# ----------------

	if [ ! "$INTERFACE" ]; then
	export INTERFACE="switch0"
	fi

	# SCRIPT_DIR="$(dirname $(realpath "$0"))"
	# ARP_REPLY="$SCRIPT_DIR/arp-reply.py"

	ARP_REPLY="/config/scripts/arp/arp-reply.py"

	# ----------------

	if [ $EUID != 0 ]; then
	echo "Please run as root"
	exit 1
	fi

	dl="dst $(sed 's/ / or dst /g' <<< "${!ip_mac[@]}")"
	sl="src $(sed 's/ / or src /g' <<< "${blacklist[@]}")"

	tcpdump -etln -i "$INTERFACE" "arp and (arp[6:2] = 1) and ($dl) and not ($sl)" \
	\| while read -r req; do
	target_ip=$(awk '{print $11}' <<< $req)
	source_ip=$(awk '{print substr($13, 0, length($13)-1)}' <<< $req)
	source_mac=$(awk '{print $1}' <<< $req)

	echo "$target_ip" "${ip_mac[$target_ip]}" "$source_ip" "$source_mac"
	done \| "$ARP_REPLY"