Here is how to add DSCP value in an IP header with scapy.
reference
http://packetlife.net/blog/2011/aug/1/qos-marking-scapy/
$ dpkg -l python-scapy | tail -1
ii python-scapy 2.2.0-1 all Packet generator/sniffer and network scanner/discovery
|
- DSCP 10
add 10 in DSCP value
$ cat scapy_dns01.py
from scapy.all import *
answer = sr1(IP(dst="8.8.8.8",tos=40)/UDP(sport=RandShort(),dport=53)/DNS(rd=1,qd=DNSQR(qname="www.google.com")),verbose=0)
print answer[DNS].summary()
|
When adding DSCP value with scapy, you need to specify DSCP value by using tos=.
TOS field is 8 bits, DSCP field, on the other hands, is first 6 bits of TOS field, so you need to do some conversion when specifying DSCP value.
Here is how to convert DSCP 10 to tos=40.
convert int 10 to binary
>>> bin(10)
'0b1010'
add two trailing zeros
101000
then convert that to int
>>> int('101000',2)
40
tos=40
|
run the script
$ sudo python scapy_dns01.py
WARNING: No route found for IPv6 destination :: (no default route?)
DNS Ans "216.58.220.164"
|
Here is a snippet of capture data.
Internet Protocol Version 4, Src: 192.168.11.6 (192.168.11.6), Dst: 8.8.8.8 (8.8.8.8)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x28 (DSCP 0x0a: Assured Forwarding 11; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0010 10.. = Differentiated Services Codepoint: Assured Forwarding 11 (0x0a)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x0001 (1)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
|
- DSCP 63
>>> bin(63)
'0b111111'
>>> int('11111100',2)
252
|
$ cat scapy_dns01_dscp63.py
from scapy.all import *
answer = sr1(IP(dst="8.8.8.8",tos=252)/UDP(sport=RandShort(),dport=53)/DNS(rd=1,qd=DNSQR(qname="www.google.com")),verbose=0)
print answer[DNS].summary()
|
capture data
Internet Protocol Version 4, Src: 192.168.11.6 (192.168.11.6), Dst: 8.8.8.8 (8.8.8.8)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xfc (DSCP 0x3f: Unknown DSCP; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
1111 11.. = Differentiated Services Codepoint: Unknown (0x3f)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x0001 (1)
Flags: 0x00
|
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.