<p>我们需要一个使用scapy的BGP层。当BGP通过TCP传输时。所以我们必须有一个已建立的(<a href="https://www.inetdaemon.com/tutorials/internet/tcp/3-way_handshake.shtml" rel="nofollow noreferrer">3 way handshake</a>)tcp套接字。TCP通过IP传输。因此,我们可以用下面的格式表示完整的数据包。在</p>
<p><code>packet = IP Layer / TCP Layer / BGP Layer</code><br/>
但是BGP本身分为两部分,BGP头和BGP有效负载(例如:OPEN,UPDATE,<a href="http://www.ciscopress.com/articles/article.asp?p=2756480&seqNum=3" rel="nofollow noreferrer">etc</a>)。所以上面的层表示如下。在</p>
<p><code>packet = IP Layer / TCP Layer / BGP Header / BGP payload</code><br/>
这里的BGP头指定了BGP的身份验证、长度和类型有效载荷。到我们可以做以下练习。(我假设您已经建立了TCP套接字。)<br/></p>
<pre><code>from scapy.layers.inet import IP, TCP
from scapy.contrib.bgp import BGPHeader, BGPUpdate, BGPPathAttr, BGPNLRI_IPv4
base = IP(src=src_ipv4_addr, dst=dst_ipv4_addr, proto=6, ttl=255) # proto=6 represents that, TCP will be travelling above this layer. This is simple IPV4 communication.
tcp = TCP(sport=established_port, dport=179, seq=current_seq_num, ack=expected_seq_num, flags='PA']) # dport=179 means, we are communicating with bgp port of the destination router/ host. sport is a random port over which tcp is established. seq and ack are the sequence number and acknowledgement numbers. flags = PA are the PUSH and ACK flags.
hdr = BGPHeader(type=2, marker=0xffffffffffffffffffffffffffffffff) # type=2 means UPDATE packet will be the BGP Payload, marker field is for authentication. max hex int (all f) are used for no auth.
up = BGPUpdate(path_attr=[BGPPathAttr(type_flags=64, type_code=5, attribute=BGPPALocalPref(local_pref=100))], nlri=BGPNLRI_IPv4(prefix=NLRI_PREFIX)) # update packet consist of path attributes and NLRI (Network layer reachability information), type_code in path attributes is for which type of path attribute it is. [more][3]
packet = base / tcp / hdr / up
packet.show2()
</code></pre>
<p>使用以下变量值(例如目的)。在</p>
^{pr2}$
<p>输出如下。在</p>
<pre><code>###[ IP ]###
version = 4
ihl = 5
tos = 0x0
len = 74
id = 1
flags =
frag = 0
ttl = 255
proto = tcp
chksum = 0xe09c
src = 10.110.99.2
dst = 10.110.99.50
\options \
###[ TCP ]###
sport = 1223
dport = bgp
seq = 1500
ack = 1000
dataofs = 5
reserved = 0
flags = PA
window = 8192
chksum = 0x102d
urgptr = 0
options = []
###[ HEADER ]###
marker = 0xffffffffffffffffffffffffffffffff
len = 34
type = UPDATE
###[ UPDATE ]###
withdrawn_routes_len= 0
\withdrawn_routes\
path_attr_len= 7
\path_attr \
|###[ BGPPathAttr ]###
| type_flags= Transitive
| type_code = LOCAL_PREF
| attr_len = 4
| \attribute \
| |###[ LOCAL_PREF ]###
| | local_pref= 100
\nlri \
|###[ IPv4 NLRI ]###
| prefix = 10.110.99.0/24
</code></pre>