Reputation: 6786
How to set option 15 on TCP/IP packets in a pcap and recalculate checksums? (preferably with scapy)
For purposes of testing network hardware I need to set (obsolete) Kind=15 (alternate checksum) option on TCP/IP connection in a pcap file I received from somebody.
This answer specifies how to set an option on a TCP packet: https://stackoverflow.com/a/29706038/857741
However, RFC1146 is not clear on whether the alternative checksum has to be specified for entire connection (section for Kind=14 says that explicitly, so it would seem that it's not a requirement for Kind=15, but I really do not want to guess here):
TCP Alternate Checksum Data Option
The format of the TCP Alternate Checksum Data Option is:
+---------+---------+---------+ +---------+
| Kind=15 |Length=N | data | ... | data |
+---------+---------+---------+ +---------+
This field is used only when the alternate checksum that is
negotiated is longer than 16 bits. These checksums will not fit in
the checksum field of the TCP header and thus at least part of them
must be put in an option. Whether the checksum is split between the
checksum field in the TCP header and the option or the entire
checksum is placed in the option is determined on a checksum by
checksum basis.
The length of this option will depend on the choice of alternate
checksum algorithm for this connection.
While computing the alternate checksum, the TCP checksum field and
the data portion TCP Alternate Checksum Data Option are replaced with
zeros.
An otherwise acceptable segment carrying this option on a connection
using a 16-bit checksum algorithm, or carrying this option with an
inappropriate number of data octets for the chosen alternate checksum
algorithm is in error and must be discarded; a RST-segment must be
generated, and the connection aborted.
Note the requirement above that RST and SYN segments must always use
the standard TCP checksum.
Sentence "Whether the checksum is split between the checksum field in the TCP header and the option or the entire checksum is placed in the option is determined on a checksum by checksum basis." seems to suggest that checksums for different packets can be calculated in different manner from packet to packet, but is anything substantive out there that says that?
OK. So I need to:
Set Kind=15 on some packets in a connection in a pcap (where "some" is either a few or all packets in a connection except SYN packets)
Potentially, recalculate checksums for those packets by hand if
scapyis not doing that.
How do I do that? (per title, preferably with scapy, but a different option would be fine too)
Upvotes: 1
Views: 23