Newer
Older
"""
Anonymize all packets in a PCAP file.
"""
import os
from pathlib import Path
from scapy.all import Packet, sniff, wrpcap
from scapy.layers.l2 import Ether, ARP
from scapy.layers.dhcp import BOOTP
from .layers.mac import anonymize_ether, anonymize_arp, anonymize_dhcp
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
### GLOBAL VARIABLES ###
packets = []
### FUNCTIONS ###
def recompute_checksums(packet: Packet) -> Packet:
"""
Recompute a given packet's checksums.
Args:
packet (scapy.Packet): scapy packet to recompute checksums for
Returns:
(scapy.Packet): packet with recomputed checksums
"""
for layer_class in packet.layers():
layer = packet.getlayer(layer_class)
try:
delattr(layer, "chksum")
except AttributeError:
pass
return packet.__class__(bytes(packet))
def anonymize_packet(packet: Packet) -> None:
"""
Anonymize a packet,
and append the anonymized packet to the global list 'packets'.
Args:
packet: scapy packet to anonymize
"""
global packets
# Anonymize MAC addresses
try:
anonymize_ether(packet.getlayer(Ether))
except AttributeError:
pass
# Anonymize MAC addresses in ARP packets
try:
anonymize_arp(packet.getlayer(ARP))
except AttributeError:
pass
# Anonymize MAC addresses in DHCP packets
try:
anonymize_dhcp(packet.getlayer(BOOTP))
except AttributeError:
pass
# Recompute packet checksums
packet = recompute_checksums(packet)
packets.append(packet)
def anonymize_pcap(input: os.PathLike, output: os.PathLike = None) -> None:
"""
Anonymize all packets in a PCAP file.
Args:
input: path to the input PCAP file
output: path to the output PCAP file.
If None, create a new file having the same name as the input file with the suffix '.anonymized.pcap'.
"""
if output is None:
output = str(Path(input).with_suffix('.anonymized.pcap'))
# Read and anonymize packets from the input file
sniff(offline=input, prn=anonymize_packet, store=False)
# Write anonymized packets to the output file
wrpcap(output, packets)