Last active
January 17, 2017 08:53
-
-
Save wmnsk/596cf57846f1f48aa0e927b7bc2ff197 to your computer and use it in GitHub Desktop.
Test code snippet for kbandla/dpkt PR#320
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- coding: utf-8 -*- | |
from __future__ import print_function | |
import dpkt | |
import sys | |
import socket | |
from binascii import hexlify as hx | |
outfile = open(sys.argv[1], 'wb') | |
cli_mac = bytes(bytearray.fromhex('080042000001')) | |
srv_mac = bytes(bytearray.fromhex('080042000002')) | |
ethtype = dpkt.ethernet.ETH_TYPE_IP | |
cli_ip = socket.inet_aton('1.1.1.1') | |
srv_ip = socket.inet_aton('2.2.2.2') | |
ipproto = dpkt.ip.IP_PROTO_UDP | |
cli_port = 53001 | |
srv_port = 1813 | |
eth_cli = dpkt.ethernet.Ethernet( | |
src=cli_mac, | |
dst=srv_mac, | |
type=ethtype | |
) | |
eth_srv = dpkt.ethernet.Ethernet( | |
src=srv_mac, | |
dst=cli_mac, | |
type=ethtype | |
) | |
ip_cli = dpkt.ip.IP( | |
id=0, | |
src=cli_ip, | |
dst=srv_ip, | |
p=ipproto | |
) | |
ip_srv = dpkt.ip.IP( | |
id=0, | |
src=srv_ip, | |
dst=cli_ip, | |
p=ipproto | |
) | |
udp_cli = dpkt.udp.UDP( | |
sport=cli_port, | |
dport=srv_port | |
) | |
udp_srv = dpkt.udp.UDP( | |
sport=srv_port, | |
dport=cli_port | |
) | |
rad_cli = dpkt.radius.RADIUS( | |
code=dpkt.radius.RADIUS_ACCT_REQUEST, | |
id=1, | |
auth=b'\xde\xad\xbe\xef'*4 | |
) | |
rad_srv = dpkt.radius.RADIUS( | |
code=dpkt.radius.RADIUS_ACCT_RESPONSE, | |
id=1, | |
auth=b'\xbe\xef\xde\xad'*4 | |
) | |
tgpp_imsi = dpkt.radius.VSA(type=1, data=b'440991234567890') | |
avps_cli = [ | |
dpkt.radius.AVP( | |
type=dpkt.radius.RADIUS_USER_NAME, | |
data=b'819012345678@some.operator.net' | |
), | |
dpkt.radius.AVP( | |
type=dpkt.radius.RADIUS_CALLING_STATION_ID, | |
data=b'819012345678' | |
), | |
dpkt.radius.AVP( | |
type=dpkt.radius.RADIUS_CALLED_STATION_ID, | |
data=b'some.operator.net' | |
), | |
dpkt.radius.AVP( | |
type=dpkt.radius.RADIUS_NAS_IP_ADDR, | |
data=socket.inet_aton('111.111.111.111') | |
), | |
dpkt.radius.AVP( | |
type=dpkt.radius.RADIUS_VENDOR_SPECIFIC, | |
vendor=10415, | |
data=bytes(tgpp_imsi) | |
), | |
] | |
rad_cli.data = avps_cli | |
udp_cli.data = rad_cli | |
udp_cli.ulen = len(bytes(udp_cli)) | |
ip_cli.data = udp_cli | |
eth_cli.data = ip_cli | |
rad_srv.data = b'' | |
udp_srv.data = rad_srv | |
udp_srv.ulen = len(bytes(udp_srv)) | |
ip_srv.data = udp_srv | |
eth_srv.data = ip_srv | |
writer = dpkt.pcap.Writer(outfile) | |
writer.writepkt(eth_cli) | |
writer.writepkt(eth_srv) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# tshark -V -r radius_acct_sample.pcap | |
Running as user "root" and group "root". This could be dangerous. | |
Frame 1: 156 bytes on wire (1248 bits), 156 bytes captured (1248 bits) | |
Encapsulation type: Ethernet (1) | |
Arrival Time: Jan 17, 2017 17:52:40.749091000 JST | |
[Time shift for this packet: 0.000000000 seconds] | |
Epoch Time: 1484643160.749091000 seconds | |
[Time delta from previous captured frame: 0.000000000 seconds] | |
[Time delta from previous displayed frame: 0.000000000 seconds] | |
[Time since reference or first frame: 0.000000000 seconds] | |
Frame Number: 1 | |
Frame Length: 156 bytes (1248 bits) | |
Capture Length: 156 bytes (1248 bits) | |
[Frame is marked: False] | |
[Frame is ignored: False] | |
[Protocols in frame: eth:ethertype:ip:udp:radius] | |
Ethernet II, Src: JapanMac_00:00:01 (08:00:42:00:00:01), Dst: JapanMac_00:00:02 (08:00:42:00:00:02) | |
Destination: JapanMac_00:00:02 (08:00:42:00:00:02) | |
Address: JapanMac_00:00:02 (08:00:42:00:00:02) | |
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) | |
.... ...0 .... .... .... .... = IG bit: Individual address (unicast) | |
Source: JapanMac_00:00:01 (08:00:42:00:00:01) | |
Address: JapanMac_00:00:01 (08:00:42:00:00:01) | |
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) | |
.... ...0 .... .... .... .... = IG bit: Individual address (unicast) | |
Type: IPv4 (0x0800) | |
Internet Protocol Version 4, Src: 1.1.1.1, Dst: 2.2.2.2 | |
0100 .... = Version: 4 | |
.... 0101 = Header Length: 20 bytes (5) | |
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) | |
0000 00.. = Differentiated Services Codepoint: Default (0) | |
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) | |
Total Length: 142 | |
Identification: 0x0000 (0) | |
Flags: 0x00 | |
0... .... = Reserved bit: Not set | |
.0.. .... = Don't fragment: Not set | |
..0. .... = More fragments: Not set | |
Fragment offset: 0 | |
Time to live: 64 | |
Protocol: UDP (17) | |
Header checksum: 0x745a [validation disabled] | |
[Header checksum status: Unverified] | |
Source: 1.1.1.1 | |
Destination: 2.2.2.2 | |
User Datagram Protocol, Src Port: 53001, Dst Port: 1813 | |
Source Port: 53001 | |
Destination Port: 1813 | |
Length: 122 | |
Checksum: 0xa7ab [unverified] | |
[Checksum Status: Unverified] | |
[Stream index: 0] | |
RADIUS Protocol | |
Code: Accounting-Request (4) | |
Packet identifier: 0x1 (1) | |
Length: 114 | |
Authenticator: deadbeefdeadbeefdeadbeefdeadbeef | |
Attribute Value Pairs | |
AVP: l=32 t=User-Name(1): 819012345678@some.operator.net | |
AVP Type: 1 | |
AVP Length: 32 | |
User-Name: 819012345678@some.operator.net | |
AVP: l=14 t=Calling-Station-Id(31): 819012345678 | |
AVP Type: 31 | |
AVP Length: 14 | |
Calling-Station-Id: 819012345678 | |
AVP: l=19 t=Called-Station-Id(30): some.operator.net | |
AVP Type: 30 | |
AVP Length: 19 | |
Called-Station-Id: some.operator.net | |
AVP: l=6 t=NAS-IP-Address(4): 111.111.111.111 | |
AVP Type: 4 | |
AVP Length: 6 | |
NAS-IP-Address: 111.111.111.111 | |
AVP: l=23 t=Vendor-Specific(26) v=3GPP(10415) | |
AVP Type: 26 | |
AVP Length: 23 | |
VSA: l=17 t=3GPP-IMSI(1): 440991234567890 | |
3GPP-IMSI: 440991234567890 | |
Frame 2: 62 bytes on wire (496 bits), 62 bytes captured (496 bits) | |
Encapsulation type: Ethernet (1) | |
Arrival Time: Jan 17, 2017 17:52:40.749267000 JST | |
[Time shift for this packet: 0.000000000 seconds] | |
Epoch Time: 1484643160.749267000 seconds | |
[Time delta from previous captured frame: 0.000176000 seconds] | |
[Time delta from previous displayed frame: 0.000176000 seconds] | |
[Time since reference or first frame: 0.000176000 seconds] | |
Frame Number: 2 | |
Frame Length: 62 bytes (496 bits) | |
Capture Length: 62 bytes (496 bits) | |
[Frame is marked: False] | |
[Frame is ignored: False] | |
[Protocols in frame: eth:ethertype:ip:udp:radius] | |
Ethernet II, Src: JapanMac_00:00:02 (08:00:42:00:00:02), Dst: JapanMac_00:00:01 (08:00:42:00:00:01) | |
Destination: JapanMac_00:00:01 (08:00:42:00:00:01) | |
Address: JapanMac_00:00:01 (08:00:42:00:00:01) | |
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) | |
.... ...0 .... .... .... .... = IG bit: Individual address (unicast) | |
Source: JapanMac_00:00:02 (08:00:42:00:00:02) | |
Address: JapanMac_00:00:02 (08:00:42:00:00:02) | |
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) | |
.... ...0 .... .... .... .... = IG bit: Individual address (unicast) | |
Type: IPv4 (0x0800) | |
Internet Protocol Version 4, Src: 2.2.2.2, Dst: 1.1.1.1 | |
0100 .... = Version: 4 | |
.... 0101 = Header Length: 20 bytes (5) | |
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) | |
0000 00.. = Differentiated Services Codepoint: Default (0) | |
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) | |
Total Length: 48 | |
Identification: 0x0000 (0) | |
Flags: 0x00 | |
0... .... = Reserved bit: Not set | |
.0.. .... = Don't fragment: Not set | |
..0. .... = More fragments: Not set | |
Fragment offset: 0 | |
Time to live: 64 | |
Protocol: UDP (17) | |
Header checksum: 0x74b8 [validation disabled] | |
[Header checksum status: Unverified] | |
Source: 2.2.2.2 | |
Destination: 1.1.1.1 | |
User Datagram Protocol, Src Port: 1813, Dst Port: 53001 | |
Source Port: 1813 | |
Destination Port: 53001 | |
Length: 28 | |
Checksum: 0xa806 [unverified] | |
[Checksum Status: Unverified] | |
[Stream index: 0] | |
RADIUS Protocol | |
Code: Accounting-Response (5) | |
Packet identifier: 0x1 (1) | |
Length: 20 | |
Authenticator: beefdeadbeefdeadbeefdeadbeefdead | |
[This is a response to a request in frame 1] | |
[Time from request: 0.000176000 seconds] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment