Newer
Older
"""
Anonymize all packets in a PCAP file.
"""
import os
from pathlib import Path
from scapy.all import Packet, sniff, wrpcap
# Packet layers
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
### GLOBAL VARIABLES ###
packets = []
### FUNCTIONS ###
def recompute_checksums(packet: Packet) -> Packet:
"""
Recompute a given packet's checksums.
Args:
packet (scapy.Packet): scapy packet to recompute checksums for
Returns:
(scapy.Packet): packet with recomputed checksums
"""
for layer_class in packet.layers():
layer = packet.getlayer(layer_class)
try:
delattr(layer, "chksum")
except AttributeError:
pass
return packet.__class__(bytes(packet))
def anonymize_packet(packet: Packet) -> None:
"""
Anonymize a packet,
and append the anonymized packet to the global list 'packets'.
Args:
packet: scapy packet to anonymize
"""
global packets
# Anonymize MAC addresses
anonymize_pkt_macs(packet)
# Anonymize application layer
# TODO
# Recompute packet checksums
packet = recompute_checksums(packet)
packets.append(packet)
def anonymize_pcap(input: os.PathLike, output: os.PathLike = None) -> None:
"""
Anonymize all packets in a PCAP file.
Args:
input: path to the input PCAP file
output: path to the output PCAP file.
If None, create a new file having the same name as the input file with the suffix '.anonymized.pcap'.
"""
if output is None:
output = str(Path(input).with_suffix('.anonymized.pcap'))
# Read and anonymize packets from the input file
sniff(offline=input, prn=anonymize_packet, store=False)
# Write anonymized packets to the output file
wrpcap(output, packets)