6to4faild

Emile Aben — Dec 05, 2010 12:00 AM
6to4faild prototype script in scapy (python)

Python Source icon 6to4faild.py — Python Source, 2 kB (2280 bytes)

File contents

#!/opt/local/Library/Frameworks/Python.framework/Versions/2.5/Resources/Python.app/Contents/MacOS/Python
import sys
import re
from scapy.all import *

# response reset
# note doesn't work
def send_response_tcp_reset(pkt):
   respR = IP(dst=pkt[IP].src, src=pkt[IP].dst) / \
           IPv6(dst=pkt[IPv6].src, src=pkt[IPv6].dst) / \
           TCP(sport=pkt[TCP].dport, dport=pkt[TCP].sport, ack=pkt[TCP].seq+1 , seq=0, flags="RA")
   send(respR)

def send_response_encap_icmp6_unreach_code(pkt,my_code):
   orgV6 = pkt[IPv6]
   respEncU = IP(dst=pkt[IP].src, src=pkt[IP].dst) / \
           IPv6(dst=pkt[IPv6].src, src=pkt[IPv6].dst) / \
           ICMPv6DestUnreach(code=my_code) / \
           orgV6 / \
           pkt[TCP]
   send(respEncU)


def send_response_encap_icmp6_unreach(pkt):
   orgV6 = pkt[IPv6]
   respEncU = IP(dst=pkt[IP].src, src=pkt[IP].dst) / \
           IPv6(dst=pkt[IPv6].src, src=pkt[IPv6].dst) / \
           ICMPv6DestUnreach() / \
           orgV6 / \
           pkt[TCP]
   send(respEncU)

def send_response_icmp6_unreach(pkt):
# this is silly, IPv6 src address is not on wire
   respIU = IPv6(dst=pkt[IPv6].src, src=pkt[IPv6].dst) / \
            ICMPv6DestUnreach() / \
            pkt[IPv6] / \
            pkt[TCP]
   send(respIU)

def send_response_icmp31_unreach(pkt):
   respU31 = IP(dst=pkt[IP].src, src=pkt[IP].dst) / \
             ICMP(type=3,code=1) / \
             pkt[IP] / \
             pkt[IPv6] / \
             pkt[TCP]
   send(respU31)

def send_response_icmp_unreach_code(pkt,my_code):
   respUcode = IP(dst=pkt[IP].src, src=pkt[IP].dst) / \
              ICMP(type=3,code=my_code) / \
              pkt[IP] / \
              pkt[IPv6] / \
              pkt[TCP]
   send(respUcode)

def fast_fail_6to4(pkt):
   # todo more precise match of source pkts
   if IPv6 in pkt and re.match('^2002:',pkt[IPv6].src):
      if TCP in pkt:
         send_response_tcp_reset(pkt)
         #send_response_encap_icmp6_unreach(pkt)
         #send_response_encap_icmp6_unreach_code(pkt,4)
         #send_response_icmp31_unreach(pkt)
         #send_response_icmp_unreach_code(pkt,2)
         #send_response_icmp_unreach_code(pkt,0)
         #silly#send_response_icmp6_unreach(pkt)

sniff(prn=fast_fail_6to4,iface="en0",filter="proto 41", store=0)
Navigation
Related Items
Amsterdam Power Outage as Seen by RIPE Atlas

There was a power outage last week in the north of The Netherlands, a country with a very high ...

Internet Governance and the Middle East

In the Middle East three themes are currently being discussed by the Internet community: Advocacy, ...

The Curious Case of the Crooked TCP Handshake

In this article we will be delving into the behaviour of the Linux implementation of TCP, and ...

Measuring Countries and IXPs with RIPE Atlas

We've been working with various Internet Exchange Points (IXPs) over the last few months to see how ...

Large-scale PCAP Data Analysis Using Apache Hadoop

The RIPE NCC operates various data intensive services. As part of our DNS operations we have been ...

more ...