I have a simple udp server/client setup where I send a message from the client and print it on the server. This works well for a regular IP packet but the message is not received when I add an IP options header to the packet, even though I can sniff the packet using scapy.
Here's the packet without IP options
###[ Ethernet ]###
dst = 00:04:00:00:04:01
src = 00:aa:00:02:00:04
type = 0x800
###[ IP ]###
version = 4L
ihl = 5L
tos = 0x0
len = 47
id = 1
flags =
frag = 0L
ttl = 61
proto = udp
chksum = 0x62f4
src = 10.0.2.101
dst = 10.0.4.101
\options \
###[ UDP ]###
sport = 10001
dport = 3478
len = 27
chksum = 0x2bd1
###[ Raw ]###
load = 'message from a game'
And here's the packet with IP options header:
###[ Ethernet ]###
dst = 00:04:00:00:04:01
src = 00:aa:00:02:00:04
type = 0x800
###[ IP ]###
version = 4L
ihl = 8L
tos = 0x0
len = 59
id = 1
flags =
frag = 0L
ttl = 61
proto = udp
chksum = 0x5fe8
src = 10.0.2.101
dst = 10.0.4.101
\options \
|###[ IPOption ]###
| copy_flag = 1L
| optclass = control
| option = 31L
| length = 12
| value = '\x00\x01\x00\x00RTGAME'
###[ UDP ]###
sport = 10001
dport = 3478
len = 27
chksum = 0x2bd1
###[ Raw ]###
load = 'message from a game'
And here's the UDP server:
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.bind(('', args.port))
while True:
try:
data, addr = sock.recvfrom(1024)
print("received: %s" % data)
except KeyboardInterrupt:
sock.close()
break
I've been stuck on this for a few days and would love if someone could figure it out.
Thanks
have just been playing and the following works as a self-contained/minimal working example for me with Python 3.7.1 under both OSX and Linux
generating a valid set of IP Options:
from scapy.all import IPOption, raw
ipopts = raw(IPOption(
copy_flag=1, optclass='control', option=31,
value='\x00\x01\x00\x00RTGAME'))
(if you don't have Scapy, the above should generate: b'\x9f\x0c\x00\x01\x00\x00RTGAME')
client code:
import socket
from time import sleep
with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as s:
s.connect(('127.0.0.1', 3478))
s.setsockopt(socket.IPPROTO_IP, socket.IP_OPTIONS, ipopts)
while True:
s.send(b'message from a game')
sleep(1)
server code:
import socket
with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as s:
s.bind(('', 3478))
s.setsockopt(socket.IPPROTO_IP, socket.IP_RECVOPTS, 1)
while True:
print(*s.recvmsg(4096, 1024))
this should result in the "server" displaying lines like:
b'message from a game\n' [(0, 6, b'\x9f\x0c\x00\x01\x00\x00RTGAME')] 0 ('127.0.0.1', 46047)
furthermore, I can watch packets move over the network by running:
sudo tcpdump -i lo0 -vvv -n 'udp and port 3478'
at the command line, or this in Scapy:
sniff(iface='lo0', filter='udp and port 3478', prn=lambda x: x.show())
for some reason I don't actually receive the ancillary data containing the IP Options under OSX, but the data shows up in the packet sniffers.
The problem was due to an incorrect IPv4 checksum. I failed to mention in the question that I'm running this in a mininet environment with custom switches. The IP options get added in transit by a switch, but the checksum wasn't updated. Once I fixed that, the packet made it to the server.
Thanks for the help and pointers everyone!
Are there a constants in scapy for TCP and UDP?
I mean
TCP=6, UDP=17
etc...
a)
looking up the implementation for IP we see that IP.proto is a ByteEnumField("proto", 0, IP_PROTOS),. This means, it takes values from the IP_PROTOS list which just loads your os /etc/protocols/. So you could either parse /etc/protocols yourself or, of scapy is already loaded, access the IP_PROTOS object directly:
>>> IP_PROTOS
</etc/protocols/ pim ip ax_25 esp tcp ah mpls_in_ip rohc ipv6_opts xtp st mobility_header dccp igmp ipv6_route igp ddp etherip wesp xns_idp ipv6_frag vrrp gre ipcomp encap ipv6 iso_tp4 sctp ipencap rsvp hip udp ggp hmp idpr_cmtp hopopt fc skip icmp pup manet isis rdp l2tp ipv6_icmp udplite egp ipip ipv6_nonxt eigrp idrp shim6 rspf ospf vmtp>
>>> IP_PROTOS.tcp
6
>>> IP_PROTOS.udp
17
>>> IP_PROTOS.ip
0
b) An alternative approach would be to read scapys layer binding information directly. This is the information that is added to a layer when you (or scapy core itself) calls bind_layers(lower,upper[,overload_fields]). You can easily read that information as follows:
>>> TCP.overload_fields
{<class 'scapy.layers.inet6.IPv6'>: {'nh': 6}, <class 'scapy.layers.inet.IP'>: {'frag': 0, 'proto': 6}}
Means, in case TCP is a payload to IPv4 (scapy.layers.inet.IP) it will override IP.proto=6.
Here's that same information for UDP
>>> UDP.overload_fields
{<class 'scapy.layers.inet6.IPv6'>: {'nh': 17}, <class 'scapy.layers.inet.IP'>: {'frag': 0, 'proto': 17}}
For reference, here is the bind_layers call for TCP/UDP
TCP and UDP are the initiators of TCP/UDP packets.
For example:
pack = IP(dst="www.google.com") / UDP(dport=80)
pack.show()
Result:
>>> pack = IP(dst="www.google.com") / UDP(dport=80)
>>> pack.show()
###[ IP ]###
version= 4
ihl= None
tos= 0x0
len= None
id= 1
flags=
frag= 0
ttl= 64
proto= udp
chksum= None
src= 'Your local address'
dst= Net('www.google.com')
\options\
###[ UDP ]###
sport= domain
dport= http
len= None
chksum= None
>>>
I have an issue setting up wvdial on my raspberry.
I have used the same config for connecting to eplus via aldi sim card.
Always when I try to connect I get the error invaild dial command.
umtskeeper with sakis3g wasn't working that good for me.
Any ideas what I need to change? I've tried a lot of possibilities so far..
[Dialer pin]
Modem = /dev/ttyUSB 1
Init1 = AT+CPIN="1622"
[Dialer umts]
Modem = /dev/ttyUSB1
Modem Type = USB Modem
Ask Password = off
Stupid Mode = on
Carrier Check = on
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Init3 = ATS0=0
Init4 = AT+COPS?
Init5 = AT+CGDCONT=1,"IP","internet.t-d1.de"
Dial Command = AT
Phone = *99#
ISDN = off
Username = ''
Password = ''
Dial Attempts = 3
Auto Reconnect = on
the error message says
sudo wvdial umts
--> WvDial: Internet dialer version 1.61
--> Initializing modem.
--> Sending: ATZ
ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Sending: ATS0=0
ATS0=0
OK
--> Sending: AT+COPS?
AT+COPS?
+COPS: 0,0,"T-Mobile D",2
OK
--> Sending: AT+CGDCONT=1,"IP","internet.t-d1.de"
AT+CGDCONT=1,"IP","internet.t-d1.de"
OK
--> Modem initialized.
--> Sending: AT*99#
--> Waiting for carrier.
AT*99***1#
ERROR
--> Invalid dial command.
--> Disconnecting at Sat Nov 28 18:35:01 2015
I have already deactivated the pin and added the usb modem to usb-modeswitch config file.. so... I ran out of ideas.
JavaMail newbie here. I'm trying to figure out what's wrong with a Javamail client that's embeded in a very large system. Sorry I do not have a short, self-contained example, but I'm hoping that someone might be able to give me some tips on how to go about debugging this issue.
It's JavaMail 1.4.3 in Java 7, running on Windows 7. The email server is on a Linux box. The intent of the code is to read all emails in an inbox, delete and expunge them, do some work on the emails, pause for a while, then repeat, looping forever. The problem is that if there are already emails in the inbox when this program starts and the JavaMail client code executes, it does not retrieve them. However, if I send emails to the inbox once the code is running, it retrieves them just fine.
The code gets the inbox with Store.getFolder("INBOX"), opens it with Folder.open(Folder.READ_WRITE) and does a Folder.getMessages(). The getMessages() call always returns no messages when first starting up, but does return the messages sent after the program's been started.
I'm using Pine to verify that the inbox does or does not contains messages, but am not opening the messages in Pine, so they should still be new. And if I use Pine to look at the inbox after running this code, it still contains old messages that were sent before the program was launched, but not any that were sent to it while the program was running (they've been successfully read, deleted and expunged).
The code should also be reading messages that are already in the inbox when it starts. I set mail.debug=true and that output follows. Again, any tips for how to dig into this would be greatly appreciated. Thanks.
// first attempt to read mail when program starts
DEBUG: JavaMail version 1.4.3
DEBUG: successfully loaded resource: /META-INF/javamail.default.providers
DEBUG: Tables of loaded providers
DEBUG: Providers Listed By Class Name: {com.sun.mail.smtp.SMTPSSLTransport=javax.mail.Provider[TRANSPORT,smt
ps,com.sun.mail.smtp.SMTPSSLTransport,Sun Microsystems, Inc], com.sun.mail.smtp.SMTPTransport=javax.mail.Provider[TRANSP
ORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc], com.sun.mail.imap.IMAPSSLStore=javax.mail.Provider[STOR
E,imaps,com.sun.mail.imap.IMAPSSLStore,Sun Microsystems, Inc], com.sun.mail.pop3.POP3SSLStore=javax.mail.Provider[STORE,
pop3s,com.sun.mail.pop3.POP3SSLStore,Sun Microsystems, Inc], com.sun.mail.imap.IMAPStore=javax.mail.Provider[STORE,imap,
com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc], com.sun.mail.pop3.POP3Store=javax.mail.Provider[STORE,pop3,com.sun.m
ail.pop3.POP3Store,Sun Microsystems, Inc]}
DEBUG: Providers Listed By Protocol: {imaps=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,S
un Microsystems, Inc], imap=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc], smtps=jav
ax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Sun Microsystems, Inc], pop3=javax.mail.Provider[STO
RE,pop3,com.sun.mail.pop3.POP3Store,Sun Microsystems, Inc], pop3s=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3
SSLStore,Sun Microsystems, Inc], smtp=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystem
s, Inc]}
DEBUG: successfully loaded resource: /META-INF/javamail.default.address.map
DEBUG: getProvider() returning javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Sun Microsystems,
Inc]
DEBUG: mail.imap.fetchsize: 16384
DEBUG: mail.imap.statuscachetimeout: 1000
DEBUG: mail.imap.appendbuffersize: -1
DEBUG: mail.imap.minidletime: 10
DEBUG: trying to connect to host "10.128.200.85", port 143, isSSL false
* OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS AUTH=LOGIN] pristine.ame.xx.com IMAP4rev1 2001.315rh at Mon, 30 Dec 2013 11:15:26 -0500 (EST)
IMAP DEBUG: AUTH: LOGIN
DEBUG: protocolConnect login, host=10.128.200.85, user=venuswmpublic, password=<non-null>
A0 AUTHENTICATE LOGIN
+ VXNlciBOYW1lAA==
dmVudXN3bXB1YmxpYw==
+ UGFzc3dvcmQA
d2VibTEyMzQ=
A0 OK [CAPABILITY IMAP4REV1 IDLE NAMESPACE MAILBOX-REFERRALS SCAN SORT THREAD=REFERENCES THREAD=ORDEREDSUBJECT MULTIAPPEND] User venuswmpublic authenticated
A1 LIST "" INBOX
* LIST (\NoInferiors) NIL INBOX
A1 OK LIST completed
DEBUG: connection available -- size: 1
A2 SELECT INBOX
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1] UID validity status
* OK [UIDNEXT 1] Predicted next UID
* FLAGS (\Answered \Flagged \Deleted \Draft \Seen)
* OK [PERMANENTFLAGS ()] Permanent flags
A2 OK [READ-WRITE] SELECT completed
A3 EXPUNGE
A3 OK EXPUNGE completed
Monitoring incoming email...
* OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS AUTH=LOGIN] pristine.ame.xx.com IMAP4rev1 2001.315rh at
Mon, 30 Dec 2013 11:15:38 -0500 (EST)
IMAP DEBUG: AUTH: LOGIN
A0 AUTHENTICATE LOGIN
+ VXNlciBOYW1lAA==
dmVudXN3bXB1YmxpYw==
+ UGFzc3dvcmQA
d2VibTEyMzQ=
A0 OK [CAPABILITY IMAP4REV1 IDLE NAMESPACE MAILBOX-REFERRALS SCAN SORT THREAD=REFERENCES THREAD=ORDEREDSUBJECT MULTIAPPEND] User venuswmpublic authenticated
IMAP DEBUG: IMAPProtocol noop
A1 NOOP
A1 OK NOOP completed
IMAP DEBUG: IMAPProtocol noop
A4 NOOP
A4 OK NOOP completed
A5 EXPUNGE
A5 OK EXPUNGE completed
A6 EXPUNGE
A6 OK EXPUNGE completed
DEBUG: pool is full, not adding an Authenticated connection
A7 CLOSE
A7 OK CLOSE completed
A8 LOGOUT
* BYE pristine.ame.xx.com IMAP4rev1 server terminating connection
A8 OK LOGOUT completed
A2 LOGOUT
* BYE pristine.ame.xx.com IMAP4rev1 server terminating connection
A2 OK LOGOUT completed
DEBUG: IMAPStore connection dead
DEBUG: IMAPStore cleanup, force false
DEBUG: IMAPStore cleanup done
// and a bunch of these...
Monitoring incoming email...
IMAP DEBUG: IMAPProtocol noop
A33 NOOP
A33 OK NOOP completed
IMAP DEBUG: IMAPProtocol noop
A77 NOOP
A77 OK NOOP completed
A78 EXPUNGE
A78 OK No messages deleted, so no update needed
Monitoring incoming email...
IMAP DEBUG: IMAPProtocol noop
A34 NOOP
A34 OK NOOP completed
IMAP DEBUG: IMAPProtocol noop
A79 NOOP
A79 OK NOOP completed
A80 EXPUNGE
A80 OK No messages deleted, so no update needed
etc...
------------------------------------
// If I send in an email while the program is running, it picks it up, but still leaves the previous ones unread in the inbox.
Monitoring incoming email...
IMAP DEBUG: IMAPProtocol noop
A4 NOOP
A4 OK NOOP completed
IMAP DEBUG: IMAPProtocol noop
A10 NOOP
* 1 EXISTS
* 1 RECENT
* OK [UIDVALIDITY 1388420519] UID validity status
* OK [UIDNEXT 2] Predicted next UID
* FLAGS (\Answered \Flagged \Deleted \Draft \Seen)
* OK [PERMANENTFLAGS (\* \Answered \Flagged \Deleted \Draft \Seen)] Permanent flags
* OK [READ-WRITE] Mailbox status
* OK [UNSEEN 1] first unseen message in /var/spool/mail/venuswmpublic
A10 OK NOOP completed
A11 EXPUNGE
A11 OK Mailbox checkpointed, but no messages expunged
A12 STORE 1 +FLAGS (\Flagged)
* 1 FETCH (FLAGS (\Recent \Flagged))
A12 OK STORE completed
A13 FETCH 1 (ENVELOPE INTERNALDATE RFC822.SIZE)
* 1 FETCH (ENVELOPE ("Mon, 30 Dec 2013 19:43:42 +0000" "test.testService"
* (("LName, FName" NIL "FName.LName" "Company.com")) (("LName, FName" NIL "FName.LName"
"Company.com")) (("LName, FName" NIL "FName.LName"
"Company.com")) (("venuswmpublic#pristine.ame.xx.com" NIL "venuswmpublic" "pristine.ame.xx.com")) NIL NI
L NIL "<DAF6C79D86A80C49A9F66B898B2821A327FD50E6#hqmbx6.eur.ad.sag>") INTERNALDATE "30-Dec-2013 11:21:51 -0500" RFC822.S
IZE 3774)
A13 OK FETCH completed
A14 FETCH 1 (BODYSTRUCTURE)
* 1 FETCH (BODYSTRUCTURE (("TEXT" "PLAIN" ("CHARSET" "us-ascii") NIL NIL "QUOTED-PRINTABLE" 15 1 NIL NIL NIL
)("TEXT" "HTML" ("CHARSET" "us-ascii") NIL NIL "QUOTED-PRINTABLE" 1899 60 NIL NIL NIL) "ALTERNATIVE" ("BOUNDARY" "_000_D
AF6C79D86A80C49A9F66B898B2821A327FD50E6hqmbx6euradsag_") NIL "EN-US"))
A14 OK FETCH completed
A15 FETCH 1 (BODY[1]<0.15>)
* 1 FETCH (BODY[1]<0> {15}
a=3D111111111
)
* 1 FETCH (FLAGS (\Recent \Seen \Flagged))
A15 OK FETCH completed
A16 FETCH 1 (BODY[1]<0.15>)
* 1 FETCH (BODY[1]<0> {15}
a=3D111111111
)
A16 OK FETCH completed
A17 FETCH 1 (BODY[2]<0.1899>)
* 1 FETCH (BODY[2]<0> {1899}
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
#font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
#font-face
{font-family:"Trebuchet MS";
panose-1:2 11 6 3 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Trebuchet MS","sans-serif";
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
#page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:"Tr=
ebuchet MS","sans-serif"">a=3D111111111<o:p></o:p></span></p=
>
</div>
</body>
</html>
)
A17 OK FETCH completed
A18 FETCH 1 (BODY[1]<0.15>)
* 1 FETCH (BODY[1]<0> {15}
a=3D111111111
)
A18 OK FETCH completed
DEBUG: JavaMail version 1.4.3
DEBUG: successfully loaded resource: /META-INF/javamail.default.providers
DEBUG: Tables of loaded providers
DEBUG: Providers Listed By Class Name: {com.sun.mail.smtp.SMTPSSLTransport=javax.mail.Provider[TRANSPORT,smt
ps,com.sun.mail.smtp.SMTPSSLTransport,Sun Microsystems, Inc], com.sun.mail.smtp.SMTPTransport=javax.mail.Provider[TRANSP
ORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc], com.sun.mail.imap.IMAPSSLStore=javax.mail.Provider[STOR
E,imaps,com.sun.mail.imap.IMAPSSLStore,Sun Microsystems, Inc], com.sun.mail.pop3.POP3SSLStore=javax.mail.Provider[STORE,
pop3s,com.sun.mail.pop3.POP3SSLStore,Sun Microsystems, Inc], com.sun.mail.imap.IMAPStore=javax.mail.Provider[STORE,imap,
com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc], com.sun.mail.pop3.POP3Store=javax.mail.Provider[STORE,pop3,com.sun.m
ail.pop3.POP3Store,Sun Microsystems, Inc]}
DEBUG: Providers Listed By Protocol: {imaps=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,S
un Microsystems, Inc], imap=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc], smtps=jav
ax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Sun Microsystems, Inc], pop3=javax.mail.Provider[STO
RE,pop3,com.sun.mail.pop3.POP3Store,Sun Microsystems, Inc], pop3s=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3
SSLStore,Sun Microsystems, Inc], smtp=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystem
s, Inc]}
DEBUG: successfully loaded resource: /META-INF/javamail.default.address.map
2013-12-30 14:43:53 EST [ISS.0015.0005D] Invoking service test.testService.
2013-12-30 14:43:53 EST [ISP.0090.0001C] ---
2013-12-30 14:43:53 EST [ISP.0090.0001C] --- test.testService EXECUTED !!!
2013-12-30 14:43:53 EST [ISP.0090.0001C] ---
A19 STORE 1 +FLAGS (\Deleted)
* 1 FETCH (FLAGS (\Recent \Seen \Deleted \Flagged))
A19 OK STORE completed
A20 EXPUNGE
* 1 EXPUNGE
* 0 EXISTS
* 0 RECENT
A20 OK Expunged 1 messages
Your server is telling JavaMail that there are no messages in the Inbox ("0 EXISTS") when it first opens it, then a message appears ("1 EXISTS"), which your program processes, deletes, and expunges. That all looks perfectly normal.
If you think there are other messages in the Inbox, the server disagrees. Perhaps you have some messages cached in your Pine client? Perhaps you've set Pine up to work similarly to how most POP3 clients work - download messages from the server, cache them locally, and delete them from the server?