19
Mar
14

Tracing packet drops

I often find my self tracing where in a network traffic is being dropped. Unfortunately there are not many tools that are able to do this well.  tcptraceroute is pretty good but it doesn’t help with UDP.  Enter scappy.  Below are three small examples of how one can use scapy to trace packets through there network.  

ICMP

ans, unans = sr(IP(dst='192.0.2.1', ttl=(1,24))/ICMP(),timeout=3)
for snd,rcv in ans:
 print snd.ttl, rcv.src

TCP

ans, unans = sr(IP(dst='192.0.2.1', ttl=(1,24))/TCP(dport=6969,sport=53),timeout=3)
for snd,rcv in ans:
 print snd.ttl, rcv.src

UDP

ans, unans = sr(IP(dst='192.0.2.1', ttl=(1,24))/UDP(dport=6969,sport=53),timeout=3)
for snd,rcv in ans:
 print snd.ttl, rcv.src
Advertisements

0 Responses to “Tracing packet drops”



  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: