All the packet objects (ethernet, ipv4, tcp, etc.) have a number of fields
(generally set in their __init__()). For example, tcp packets have .srcport
and .dstport among others. ipv4 objects have .srcip, .dstip, etc. Packet
objects also have a .next field which contains their payload. This might be
raw data, but it's also often another packet object (for example, an ipv4 will
often have its .next be a reference to a tcp or udp packet object). So it's
pretty common to have a chain, for example, from an ethernet object to an ipv4
object to a tcp object.
Traversing the chain by hand can be annoying, so there's also a .find(<type>)
method which will look down the chain and try to return a packet object of the
requested type if it's there. For example, the packet that forward_l2_packet()
gets called with is generally (always?) going to be an ethernet packet. If you
call .find('tcp') on this, you should either get the tcp object it contains, or
None (if, for example, it was actually a UDP packet). You can then find the
source port by checking the .srcport field of the result.
The major caveat here is that sometimes the chain of packet objects doesn't get
parsed all the way, because the switch doesn't necessarily send the entire
packet to the controller. The dnsspy sample application, for example, needs
complete DNS packets, so it installs a rule to make sure that full DNS packets
are sent.
Hope that helps.
-- Murphy
On Nov 25, 2010, at 8:32 AM, K Singh wrote:
> Hi,
>
> I am trying to parse the packets which arrive at NOX controller for following
> parameters:
> 1. Source/Destination IP address
> 2. Source/Destination Port number
>
> All this information will be obtained from TCP/UDP packet along with IP
> header. I found in "packet" folder ethernet.py, ipv4.py, tcp.py and udp.py
> are doing the packet parsing and __str__() function prints the information.
>
> I am modifying the pyswitch.py code and in the function "def
> forward_l2_packet(dpid, inport, packet, buf, bufid):" if i simply write
> print packet
> it prints the packet if its TCP or arp etc.
> How can i extract information from packet in this code?
>
> Also, i would like to verify if my understanding is correct:
> The packet_base.py is the main class for all the packets. The ethernet.py is
> the first file which is called to parse any packet. Then packet is parsed and
> sent to Ipv4.py for parsing. IPv4.py then sees if packet is either
> TCP/UDP/ICMP and calls respective files for further parsing. So if i want the
> information of src/dst IP and port numbers then i need to parse till
> TCP/UDP/ICMP stage and fill it in structure and return in a function. I cant
> figure out how I will save each information spread across different files.
>
> --
> Regards,
> Kavitesh Singh.
>
>
> _______________________________________________
> nox-dev mailing list
> nox-dev@noxrepo.org
> http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
_______________________________________________
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
