Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
"""
Anonymize all packets in a PCAP file.
"""
import os
from pathlib import Path
from scapy.all import Packet, sniff, wrpcap
from scapy.layers.l2 import Ether, ARP
# Packet layers
from .layers.mac import anonymize_ether, anonymize_arp
### GLOBAL VARIABLES ###
packets = []
### FUNCTIONS ###
def recompute_checksums(packet: Packet) -> Packet:
"""
Recompute a given packet's checksums.
Args:
packet (scapy.Packet): scapy packet to recompute checksums for
Returns:
(scapy.Packet): packet with recomputed checksums
"""
for layer_class in packet.layers():
layer = packet.getlayer(layer_class)
try:
delattr(layer, "chksum")
except AttributeError:
pass
return packet.__class__(bytes(packet))
def anonymize_packet(packet: Packet) -> None:
"""
Anonymize a packet,
and append the anonymized packet to the global list 'packets'.
Args:
packet: scapy packet to anonymize
"""
global packets
# Anonymize MAC addresses
try:
anonymize_ether(packet.getlayer(Ether))
except AttributeError:
pass
# Anonymize MAC addresses in ARP packets
try:
anonymize_arp(packet.getlayer(ARP))
except AttributeError:
pass
# Recompute packet checksums
packet = recompute_checksums(packet)
packets.append(packet)
def anonymize_pcap(input: os.PathLike, output: os.PathLike = None) -> None:
"""
Anonymize all packets in a PCAP file.
Args:
input: path to the input PCAP file
output: path to the output PCAP file.
If None, create a new file having the same name as the input file with the suffix '.anonymized.pcap'.
"""
if output is None:
output = str(Path(input).with_suffix('.anonymized.pcap'))
# Read and anonymize packets from the input file
sniff(offline=input, prn=anonymize_packet, store=False)
# Write anonymized packets to the output file
wrpcap(output, packets)