摘要：ip.py定义了IP class，应该是ip协议的实现部分。1、IP class 继承自 dpkt.Packet2、IP class实现的头结构为： __hdr__ = ( ('v_hl', 'B', (4 << 4) | (20 >> 2)), #版本：4bit，默认值4，左移4位，首部长度：4bit，默认值20，右移2位 ('tos', 'B', 0), #服务类型TOS：8bit，默认值0 ('len', 'H', 20), #总长度：16bit，默认值20 (' 阅读全文

摘要：原文：http://www.commercialventvac.com/dpkt.html#mozTocId305148dpkt.ethernet.Ethernetdpkt.ethernet.Ethernet has attributes 'data', 'dst', 'get_type', 'ip', 'pack', 'pack_hdr', 'set_type', 'src', 'type', 'unpack']dataContain 阅读全文

摘要：dpkt Tutorial #4: AS Paths from MRT/BGPPreviously we looked at creating ICMP echo requests, parsing a PCAP file, and doing DNS spoofing with the dpkt framework. Today I will show how to parse the AS paths of BGP messages out of MRT routing dumps.Parsing BGP routing information is fun. However, befor 阅读全文

摘要：dpkt Tutorial #3: DNS SpoofingIn our first and second dpkt tutorials, we looked at the simple construction and parsing of packets respectively. Our third tutorial combines both parsing and construction of packets in a single utility for performing DNS spoofing (a la dsniff’s dnsspoof).In this tutori 阅读全文

摘要：dpkt Tutorial #2: Parsing a PCAP FileAs we showed in the first dpkt tutorial, dpkt makes it simple to construct packets. dpkt is equally useful for parsing packets and files, so in this second tutorial we will demonstrate parsing a PCAP file and the packets contained within it.dpkt is a sweet framew 阅读全文

摘要：dpkt Tutorial #1: ICMP EchoIn this dpkt tutorial, I will demonstrate how to construct and send a simple ICMP echo packet.dpkt is a sweet framework for creating and parsing packets. While dpkt doesn’t have much documentation, once you get the hang of using one module, the rest fall into place fairly 阅读全文