tessl/pypi-scapy
Interactive packet manipulation program and library for network security research and testing
—
Pending
protocol-layers.mddocs/
Protocol Layers
Comprehensive implementation of network protocols from Layer 2 to Layer 7, enabling packet crafting and analysis for over 100 different network protocols and their variants.
Capabilities
Layer 2 Protocols
Data link layer protocols for local network communication and frame handling.
class Ether(Packet):
"""
Ethernet frame for Layer 2 communication.
"""
def __init__(self, dst: str = "ff:ff:ff:ff:ff:ff", src: str = None, type: int = None):
"""
Parameters:
- dst: Destination MAC address
- src: Source MAC address (auto-detected if None)
- type: EtherType field value
"""
class Dot1Q(Packet):
"""
802.1Q VLAN tagging.
"""
def __init__(self, vlan: int = 1, prio: int = 0, type: int = None):
"""
Parameters:
- vlan: VLAN ID
- prio: Priority field
- type: EtherType field
"""
class ARP(Packet):
"""
Address Resolution Protocol.
"""
def __init__(self, op: int = 1, hwsrc: str = None, psrc: str = None,
hwdst: str = "00:00:00:00:00:00", pdst: str = "0.0.0.0"):
"""
Parameters:
- op: Operation (1=request, 2=reply)
- hwsrc: Source hardware address
- psrc: Source protocol address
- hwdst: Destination hardware address
- pdst: Destination protocol address
"""
class LLC(Packet):
"""
Logical Link Control.
"""
class SNAP(Packet):
"""
SubNetwork Access Protocol.
"""
class STP(Packet):
"""
Spanning Tree Protocol.
"""
class CookedLinux(Packet):
"""
Linux cooked capture format.
"""Internet Protocol (IPv4)
Core IPv4 implementation with options support and utility methods.
class IP(Packet):
"""
IPv4 packet with utility methods.
"""
def __init__(self, dst: str = "127.0.0.1", src: str = None, ttl: int = 64,
proto: int = None, **kwargs):
"""
Parameters:
- dst: Destination IP address
- src: Source IP address (auto-detected if None)
- ttl: Time to live
- proto: Protocol number (auto-detected from upper layer)
- **kwargs: Other IP header fields
"""
def route(self):
"""Get routing information for this packet."""
def whois(self) -> str:
"""Get whois information for destination IP."""
def hops(self) -> int:
"""Calculate number of hops to destination."""
class IPOption(Packet):
"""Base class for IP options."""
class IPOption_RR(IPOption):
"""Record Route option."""
class IPOption_LSRR(IPOption):
"""Loose Source Record Route option."""
class IPOption_SSRR(IPOption):
"""Strict Source Record Route option."""
class IPOption_Timestamp(IPOption):
"""Timestamp option."""IPv6 Protocol
IPv6 implementation with extension headers support.
class IPv6(Packet):
"""
IPv6 packet.
"""
def __init__(self, dst: str = "::1", src: str = None, hlim: int = 64, **kwargs):
"""
Parameters:
- dst: Destination IPv6 address
- src: Source IPv6 address
- hlim: Hop limit
- **kwargs: Other IPv6 header fields
"""
class IPv6ExtHdrHopByHop(Packet):
"""IPv6 Hop-by-Hop Options Header."""
class IPv6ExtHdrDestOpt(Packet):
"""IPv6 Destination Options Header."""
class IPv6ExtHdrRouting(Packet):
"""IPv6 Routing Header."""
class IPv6ExtHdrFragment(Packet):
"""IPv6 Fragment Header."""Transport Layer Protocols
Layer 4 protocols for end-to-end communication.
class TCP(Packet):
"""
Transmission Control Protocol.
"""
def __init__(self, sport: int = 20, dport: int = 80, seq: int = 0,
ack: int = 0, flags: int = 2, **kwargs):
"""
Parameters:
- sport: Source port (default 20)
- dport: Destination port
- seq: Sequence number
- ack: Acknowledgment number
- flags: TCP flags (SYN=2, ACK=16, FIN=1, RST=4, PSH=8, URG=32)
- **kwargs: Other TCP header fields
"""
class UDP(Packet):
"""
User Datagram Protocol.
"""
def __init__(self, sport: int = 53, dport: int = 53, **kwargs):
"""
Parameters:
- sport: Source port (default 53)
- dport: Destination port (default 53)
- **kwargs: Other UDP header fields
"""
class SCTP(Packet):
"""
Stream Control Transmission Protocol.
"""ICMP Protocols
Internet Control Message Protocol for IPv4 and IPv6.
class ICMP(Packet):
"""
Internet Control Message Protocol.
"""
def __init__(self, type: int = 8, code: int = 0, **kwargs):
"""
Parameters:
- type: ICMP message type (8=echo request, 0=echo reply)
- code: ICMP code
- **kwargs: Other ICMP fields
"""
class ICMPv6Unknown(Packet):
"""Unknown ICMPv6 message type."""
class ICMPv6EchoRequest(Packet):
"""ICMPv6 Echo Request."""
class ICMPv6EchoReply(Packet):
"""ICMPv6 Echo Reply."""
class ICMPv6ND_NS(Packet):
"""ICMPv6 Neighbor Solicitation."""
class ICMPv6ND_NA(Packet):
"""ICMPv6 Neighbor Advertisement."""Application Layer Protocols
Higher-level protocols for specific applications and services.
class DNS(Packet):
"""
Domain Name System.
"""
def __init__(self, id: int = None, qr: int = 0, rd: int = 1,
qd: 'DNSQR' = None, **kwargs):
"""
Parameters:
- id: Transaction ID (random if None)
- qr: Query/Response flag (0=query, 1=response)
- rd: Recursion Desired
- qd: Question section
- **kwargs: Other DNS header fields
"""
class DNSQR(Packet):
"""
DNS Question Record.
"""
def __init__(self, qname: str = ".", qtype: int = 1, qclass: int = 1):
"""
Parameters:
- qname: Query name
- qtype: Query type (1=A, 28=AAAA, 15=MX, etc.)
- qclass: Query class (1=IN)
"""
class DNSRR(Packet):
"""
DNS Resource Record.
"""
class DHCP(Packet):
"""
Dynamic Host Configuration Protocol.
"""
def __init__(self, op: int = 1, **kwargs):
"""
Parameters:
- op: Operation (1=request, 2=reply)
- **kwargs: Other DHCP fields
"""
class HTTP(Packet):
"""
Hypertext Transfer Protocol.
"""
class HTTPRequest(HTTP):
"""HTTP Request."""
class HTTPResponse(HTTP):
"""HTTP Response."""Wireless Protocols
Wireless networking protocols including 802.11, Bluetooth, and Zigbee.
class Dot11(Packet):
"""
802.11 wireless frame.
"""
def __init__(self, type: int = 0, subtype: int = 0, **kwargs):
"""
Parameters:
- type: Frame type
- subtype: Frame subtype
- **kwargs: Other 802.11 fields
"""
class Dot11Beacon(Packet):
"""802.11 Beacon frame."""
class Dot11ProbeReq(Packet):
"""802.11 Probe Request."""
class Dot11ProbeResp(Packet):
"""802.11 Probe Response."""
class Dot11Auth(Packet):
"""802.11 Authentication."""
class Dot11AssoReq(Packet):
"""802.11 Association Request."""
class BTLE(Packet):
"""
Bluetooth Low Energy.
"""
class BTLE_ADV(Packet):
"""BLE Advertisement."""
class ZigbeeNWK(Packet):
"""
Zigbee Network Layer.
"""Security Protocols
Security and encryption protocols.
class IPSec(Packet):
"""IP Security protocol base."""
class AH(Packet):
"""Authentication Header."""
class ESP(Packet):
"""Encapsulating Security Payload."""
class TLS(Packet):
"""Transport Layer Security base."""
class TLSHandshake(Packet):
"""TLS Handshake."""
class TLSApplicationData(Packet):
"""TLS Application Data."""
class EAP(Packet):
"""
Extensible Authentication Protocol.
"""Network Management
Network management and monitoring protocols.
class SNMP(Packet):
"""
Simple Network Management Protocol.
"""
class NTP(Packet):
"""
Network Time Protocol.
"""
def __init__(self, version: int = 4, mode: int = 3, **kwargs):
"""
Parameters:
- version: NTP version
- mode: NTP mode
- **kwargs: Other NTP fields
"""
class NetflowHeader(Packet):
"""NetFlow header."""
class NetflowHeaderV9(Packet):
"""NetFlow v9 header."""Protocol Constants
Ethernet Types
# Ethernet protocol types
ETH_P_IP: int = 0x0800 # IPv4
ETH_P_IPV6: int = 0x86DD # IPv6
ETH_P_ARP: int = 0x0806 # ARP
ETH_P_8021Q: int = 0x8100 # 802.1Q VLANIP Protocol Numbers
# IP protocol numbers
IP_PROTOS: dict = {
1: "icmp",
6: "tcp",
17: "udp",
47: "gre",
50: "esp",
51: "ah",
# ... additional protocols
}TCP/UDP Port Numbers
# Common TCP service ports
TCP_SERVICES: dict = {
20: "ftp-data",
21: "ftp",
22: "ssh",
23: "telnet",
25: "smtp",
53: "domain",
80: "http",
110: "pop3",
143: "imap",
443: "https",
# ... additional services
}
# Common UDP service ports
UDP_SERVICES: dict = {
53: "domain",
67: "bootps",
68: "bootpc",
69: "tftp",
123: "ntp",
161: "snmp",
# ... additional services
}Usage Examples
Basic Protocol Usage
from scapy.all import *
# Layer 2: Ethernet + ARP
arp_request = Ether(dst="ff:ff:ff:ff:ff:ff") / ARP(pdst="192.168.1.1")
# Layer 3: IP + ICMP
ping = IP(dst="8.8.8.8") / ICMP()
# Layer 4: TCP SYN packet
syn = IP(dst="example.com") / TCP(dport=80, flags="S")
# Application layer: DNS query
dns_query = IP(dst="8.8.8.8") / UDP(dport=53) / DNS(rd=1, qd=DNSQR(qname="example.com"))Protocol Stacking
# Complex multi-layer packet
packet = (Ether(dst="aa:bb:cc:dd:ee:ff") /
Dot1Q(vlan=100) /
IP(dst="192.168.1.1") /
TCP(dport=443, flags="PA") /
Raw(b"GET / HTTP/1.1\\r\\nHost: example.com\\r\\n\\r\\n"))
# Show the complete protocol stack
packet.show()Wireless Packet Creation
# 802.11 beacon frame
beacon = (RadioTap() /
Dot11(type=0, subtype=8) /
Dot11Beacon(timestamp=0x123456789abcdef0) /
Dot11Elt(ID=0, info="TestNetwork")) # SSID
# Bluetooth LE advertisement
ble_adv = BTLE() / BTLE_ADV() / BTLE_ADV_IND(RxAdd=0, TxAdd=0)Protocol-Specific Operations
# TCP with specific flags
rst_packet = IP(dst="target.com") / TCP(dport=80, flags="R") # RST
fin_packet = IP(dst="target.com") / TCP(dport=80, flags="F") # FIN
psh_ack = IP(dst="target.com") / TCP(dport=80, flags="PA") # PSH+ACK
# DNS with multiple question records
multi_dns = (IP(dst="8.8.8.8") / UDP(dport=53) /
DNS(rd=1, qd=[DNSQR(qname="example.com"),
DNSQR(qname="google.com", qtype=28)])) # AAAA record
# ICMP with specific types
ping_reply = IP(dst="source.ip") / ICMP(type=0, code=0) # Echo Reply
dest_unreach = IP(dst="source.ip") / ICMP(type=3, code=1) # Host UnreachableInstall with Tessl CLI
npx tessl i tessl/pypi-scapy