Welcome to http://pynetlibs.sourceforge.net/ update 2/03/2003

Python Network Library      DOCS SECTION

by paolo bastiancich
email: b.paolo@tiscalinet.it

download:   http://sourceforge.net/projects/pynetlibs
 

py_net_libs are a functions collection to decode network data as return by pylibpcap
at the moment dissectable protocols are:

    null (bsd style)
    ethernet
    ethernet_IP
    ppp
    ppp_lnc (link control protocol; type = 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15)+ options (0,1,2,3,4,5,7,8,9,10,13,15)
    ppp_pap (type: 1,2,3)
    ppp_chap (type: 1,2,3,4)
    ppp_lqr (link quality report)
    ppp_ccp (control compression protocol) + options (0,21,24,26)
    ppp_ipcp (ip control protocol) + options (1,2,3,4,129,130,131,132)
    ppp_ip6cp (ipv6 control protocol) + options (1,2)
    pppoe (code: 0,7,9,25,101,167) + tags (0,257,258,259,260,261,272,513,514,515)
    arp
    ip4 and options (0,1,2,3,4,5,7,8,9,11,12,18,19,20,21)
    tcp and options (0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,19)
    udp
    icmp (type: 0,3,4,5,8,9,10,11,12,13,14,15,16,17,18,30,31,37,38,40)
    igmp
    pim v.2 (type:0) + options (1,2,19,20,21)
    ip6 and options (0,1,5,194)
    icmp6 (type: 1,2,3,4,128,129,130,131,132,133,134,135,136,137,141,142  and options: 1,2,3,4,5,7,8,9,10)
    ip6-hop-by-hop
    ip6-destinations
    ip6-routing
    ip6-fragment
    ip6-authentication
    ip6-esp
    dns

    checksum computation for: ip4, ip6 (jumbograms too), tcp, udp, icmp, icmp6, igmp

(note: addresses are store as strings so three functions (haddr2dot(addr)  addr42dot(addr) and addr62dot(addr) respectively for ethrenet and arp hardware addresses, ip4 and ipv6 formats) are useful to translate them to dot notations.)

data are dissected and structured so that users are to be able to access them; below you can see  a dissected structure of an [ (ipv4) + (tcp) ] packet:
 

 [    (  4, 5, 16, 52, 63222, 2, 0, 64, 6, 49239, '\300\250\001\012','\300\250\001\013'  )  ,   (  1026, 22, 3428471602L, 1619141316L, 8, 16, 19296, 47383, 0  )    ]
       | ---------------------------------------------------------------------------------------------|        | -----------------------------------------------------------------------------|
                                                      ip header                                                                                                                     tcp header

below you can see  a dissected structure of an [ (ethernet) + (ipv4) + (udp) ] packet: 

 [    (  '\377\377\377\377\377\377', '\000HT\032U\232', 2048)   ,    (  4, 5, 0, 113, 0, 2, 0, 64, 17, 46626, '\300\250\001\012', '\300\250\001\377'  )   ,    (631, 631, 93, 8734)   ]
       | -----------------------------------------------------------------|           | ----------------------------------------------------------------------------------------|           | ---------------------|
                                       ethernet header                                                                                             ip header                                                                        udp header

below you can see an example of tcp options structure:
[  [2, 4, (1460 ,  )]   ,    [4, 2, (  )]   ,    [8, 10, (22956L, 0L)]   ,    [1]   ,    [3, 3, (0,  )]   ]

each item in list is an option list                                           --->     [2, 4, (1460 ,  )]
first two items if present are type and lenght .                   --->     (type =2   length = 4)
third item is a tuple containing option values                      --->     (1460 ,  )

alert: type should be negative if option exceeded in length
alert: option == None: options follows but packet is truncated

the module contains examples to show the way to manipulate and represent data