Python实现网卡报文获取与内容修改转发
该实例实现ARP反向代理
#coding:utf-8
from scapy.all import *
import threading
import random
proxy_mac = "00:0c:29:93:19:97" #代理MAC地址
net_list = ["vethd5d1611","vethc70d8e3","veth8d0fff2"]
ip_list = ["192.168.134.10","192.168.134.20","192.168.134.30"] #虚拟IP池
mac_map = {}
host_ip_mac = {}
glock = threading.Lock()
def icmp_proxy_loop():
print('proxy begin wait icmp')
filterStr = "icmp"
sniff(prn=deal_icmp_packet,filter=filterStr,iface="ens38")
def deal_icmp_packet(pkt):
# pkt.display()
# hexdump(pkt)
# print(pkt.src)
# print(pkt.dst)
# print(pkt.hwsrc)
# print(pkt.hwdst)
# print(pkt.psrc)
# print(pkt.pdst)
if pkt.src != proxy_mac and pkt['IP'].dst in host_ip_mac:
pkt.src = proxy_mac
pkt.dst = host_ip_mac[pkt['IP'].dst]
sendp(pkt, count=1, iface="ens38")
def arp_proxy_loop():
print('proxy begin wait arp')
filterStr = "arp"
sniff(prn=deal_arp_packet,filter=filterStr,iface="ens38")
def deal_arp_packet(pkt):
if pkt.dst == proxy_mac:
glock.acquire()
host_ip_mac[pkt.psrc] = pkt.hwsrc
glock.release()
pkt.src = proxy_mac
pkt.hwsrc = proxy_mac
# pkt.dst = list(mac_map.keys())[list(mac_map.values()).index(i)]
pkt.dst = host_ip_mac[pkt.pdst]
pkt.hwdst = pkt.dst
# pkt.display()
hexdump(pkt)
sendp(pkt, count=1, iface="ens38")
if pkt.src != proxy_mac:
if pkt.dst == "ff:ff:ff:ff:ff:ff":
if pkt.psrc in host_ip_mac:
# glock.acquire()
# net_id = mac_map[pkt.src]
# glock.release()
pkt.src = proxy_mac
pkt.hwsrc = proxy_mac
# pkt.psrc = ip_list[net_id]
hexdump(pkt)
sendp(pkt, count=1, iface="ens38")
else:
# net_id = random.randint(0,2)
glock.acquire()
# mac_map[pkt.src] = net_id
host_ip_mac[pkt.psrc] = pkt.src
glock.release()
pkt.src = proxy_mac
pkt.hwsrc = proxy_mac
# pkt.psrc = ip_list[net_id]
hexdump(pkt)
sendp(pkt, count=1, iface="ens38")
def main():
t1 = threading.Thread(target = arp_proxy_loop)
t1.start()
t2 = threading.Thread(target = icmp_proxy_loop)
t2.start()
if __name__ == "__main__":
main()
浙公网安备 33010602011771号