def bit_spliter(bit_format,data): o1=[] s1=sum(bit_format) d1=bin(data)[2:] d2="0"*s1 d3=d2+d1 d4=d3[-s1:] s2=0 for itm in bit_format: o1.append(int(d4[s2:s2+itm],2)) s2+=itm return o1 class net_stream(object): def __init__(self,data): self.data=''.join(bin(ord(itm))[2:].rjust(8, '0') for itm in data) self.bit_index=0 def g_bit(self): return self.get_bits(1) bit=property(g_bit) def g_byte(self): return self.get_bits(8) byte=property(g_byte) def __len__(self): return len(self.data) def g_word(self): return self.get_bits(16) word=property(g_word) def g_qword(self): return self.get_bits(32) qword=property(g_qword) def get_bits(self,length): self.bit_index+=length return int(self.data[self.bit_index-length:self.bit_index],2) def eof(self): return self.bit_index>=len(self.data) def __len__(self): return len(self.data) class packet(object): def __init__(self): for itm in self.__fields__: if type(itm[1]) is int: setattr(self,itm[0],0) elif type(itm[1]) is str: if hasattr(self,"init_"+itm[1]): func=getattr(self,"init_"+itm[1]) func() else: setattr(self,itm[0],0) else: setattr(self,itm[0],itm[1]()) pass def parse(self,data): for itm in self.__fields__: if type(itm[1]) is int: d1=data.get_bits(itm[1]) setattr(self,itm[0],d1) elif type(itm[1]) is str: if hasattr(self,"parse_"+itm[1]): func=getattr(self,"parse_"+itm[1]) func(data) else: getattr(self,itm[0]).parse(data) pass def __str__(self): if hasattr( self,"__name__"): o1=self.__name__ else: o1="" for itm in self.__fields__: o1+="\r\n\t" o1+=itm[0] o1+=":" if type(itm[1]) is str: if hasattr(self,"str_"+itm[1]): func=getattr(self,"str_"+itm[1]) d1=func() else: d1=getattr(self,itm[0]) else: d1=getattr(self,itm[0]) o1+=str(d1) return o1 class MAC_address(object): def __init__(self): self.address=[0x0]*6 def parse(self,data): for ind in range(6): self.address[ind]=data.byte def __str__(self): o1="MAC address : " s1="" for itm in self.address: o1+=s1 o1+=hex(itm)[2:] s1="-" o1+=" " return o1 class ethernet(packet): __fields__=[("source",MAC_address), ("destination",MAC_address), ("typ",16) ] __name__="Ethernet" class ip(packet): __name__="IP" __fields__=[("version",4)] class ipv4_address(object): def __init__(self): self.addr=[0xFF]*4 def parse(self,data): for ind in range(4): self.addr[ind]=data.byte def __str__(self): o1="" sp1="" for itm in self.addr: o1+=sp1 o1+=str(itm) sp1="." return o1 class ipv4(packet): __name__="IPV4" __fields__=[("ihl",4), ("dscp",5), ("ecn",3), ("length",16), ("id",16), ("flags",3), ("fragment_offst",13), ("ttl",8), ("protocol",8), ("checksum",16), ("source",ipv4_address), ("destination",ipv4_address) ] class udp(packet): __name__="UDP" __fields__=[("source",16), ("destination",16), ("length",16), ("checksum",16)] class tcp(packet): __name__="TCP" __fields__=[("source",16), ("destination",16), ("seuence_number",32), ("acknowledgment_number",32), ("data_offset",4), ("resv",3), ("ns",1), ("cwr",1), ("ece",1), ("urg",1), ("ack",1), ("ece",1), ("psh",1), ("rst",1), ("syn",1), ("fin",1), ("window_size",16), ("checksum",16), ("urgent_pointer",16) ] def parse(self,data): packet.parse(self,data) if self.data_offset>5: data.get_bits((self.data_offset-5)*32) if __name__=="__main__": data=net_stream("f4ec38abf7f3000c29aabcac08004500003556b9000080119e66c0a80f7ad9da9b9be57e00350021887dfaa101000001000000000000046972616e0269720000010001".decode("hex")) e1=ethernet() e1.parse(data) print e1 ip1=ip() ip1.parse(data) print ip1 ip2=ipv4() ip2.parse(data) print ip2 u1=udp() u1.parse(data) print u1 while (not data.eof()): print hex(data.byte)[2:], data=net_stream("000c29aabcacf4ec38abf7f30800450000348994000034060a5dadc274eec0a80f7a005012e9fb89d922441096a18011a62c207600000101080a2dcdb31a001319b4".decode("hex")) e1=ethernet() e1.parse(data) print e1 ip1=ip() ip1.parse(data) print ip1 ip2=ipv4() ip2.parse(data) print ip2 t1=tcp() t1.parse(data) print t1 while (not data.eof()): print hex(data.byte)[2:], ''' 0x0800 Internet Protocol version 4 (IPv4) 0x0806 Address Resolution Protocol (ARP) 0x0842 Wake-on-LAN[3] 0x22F0 Audio Video Transport Protocol as defined in IEEE Std 1722-2011 0x22F3 IETF TRILL Protocol 0x6003 DECnet Phase IV 0x8035 Reverse Address Resolution Protocol 0x809B AppleTalk (Ethertalk) 0x80F3 AppleTalk Address Resolution Protocol (AARP) 0x8100 VLAN-tagged frame (IEEE 802.1Q) & Shortest Path Bridging IEEE 802.1aq[4] 0x8137 IPX 0x8138 IPX 0x8204 QNX Qnet 0x86DD Internet Protocol Version 6 (IPv6) 0x8808 Ethernet flow control 0x8809 Slow Protocols (IEEE 802.3) 0x8819 CobraNet 0x8847 MPLS unicast 0x8848 MPLS multicast 0x8863 PPPoE Discovery Stage 0x8864 PPPoE Session Stage 0x8870 Jumbo Frames[2] 0x887B HomePlug 1.0 MME 0x888E EAP over LAN (IEEE 802.1X) 0x8892 PROFINET Protocol 0x889A HyperSCSI (SCSI over Ethernet) 0x88A2 ATA over Ethernet 0x88A4 EtherCAT Protocol 0x88A8 Provider Bridging (IEEE 802.1ad) & Shortest Path Bridging IEEE 802.1aq[5] 0x88AB Ethernet Powerlink[citation needed] 0x88CC Link Layer Discovery Protocol (LLDP) 0x88CD SERCOS III 0x88E1 HomePlug AV MME[citation needed] 0x88E3 Media Redundancy Protocol (IEC62439-2) 0x88E5 MAC security (IEEE 802.1AE) 0x88F7 Precision Time Protocol (PTP) over Ethernet (IEEE 1588) 0x8902 IEEE 802.1ag Connectivity Fault Management (CFM) Protocol / ITU-T Recommendation Y.1731 (OAM) 0x8906 Fibre Channel over Ethernet (FCoE) 0x8914 FCoE Initialization Protocol 0x8915 RDMA over Converged Ethernet (RoCE) 0x892F High-availability Seamless Redundancy (HSR) 0x9000 Ethernet Configuration Testing Protocol[6] 0xCAFE Veritas Low Latency Transport (LLT)[7] for Veritas Cluster Server '''