Scapy on PlanetLab

Question

Has anybody ever succeeded in using Scapy on a PlanetLab node (running Fedora 12)?

I am aware of the safe raw socket restrictions, but it seems that I can send packets through Scapy by just setting conf.L3socket=L3RawSocket. As for the reception of packets, I couldn't get Scapy to work, so I just use tcpdump.

TCP and ICMP seem to work:

• ICMP echo-requests get an echo-reply back
• ICMP echo-requests with a low TTL get a time-exceeded message back
• TCP SYN packets get a TCP RST packet back
• TCP packets with a low TTL get a time-exceeded message back

UDP doesn't:

• UDP packets to a closed port trigger an ICMP port-unreachable message, but this message doesn't make it back to my sliver. Tcpdump only sees the UDP packet.
• same thing for UDP packets expiring along their path.

Are there any additional parameters to set in order to receive these ICMP packets?

Answer 1

Not sure if this will help but in my experience in order to receive packets in scapy, you have to use the sr or sr1 method:

sr1(IP(dst="192.168.1.8")/UDP(dport=60112))

Begin emission: ...Finished to send 1 packets. Received 4 packets, got 1 answers, remaining 0 packets

<IP  version=4L ihl=5L tos=0xc0 len=56 id=47804 flags= frag=0L ttl=64 proto=icmp chksum=0x6274 src=192.168.1.8 dst=192.168.1.2 options='' |<ICMP  type=dest-unreach code=3 chksum=0x59eb unused=0 |<IPerror  version=4L ihl=5L tos=0x0 len=28 id=1 flags= frag=0L ttl=64 proto=udp chksum=0x1dfc src=192.168.1.2 dst=192.168.1.8 options='' |<UDPerror  sport=domain dport=60112 len=8 chksum=0xb803 |>>>>

The sr() function is for sending packets and receiving answers. The function returns a couple of packet and answers, and the unanswered packets. The function sr1() is a variant that only return one packet that answered the packet (or the packet set) sent. -Source