scapy.py | searchcode

/src/pentest/wifitap/scapy.py

Large files files are truncated, but you can click here to view the full file

#! /usr/bin/env python

#############################################################################
##                                                                         ##
## scapy.py --- Interactive packet manipulation tool                       ##
##              see http://www.secdev.org/projects/scapy/                  ##
##              for more informations                                      ##
##                                                                         ##
## Copyright (C) 2003  Philippe Biondi <phil@secdev.org>                   ##
##                                                                         ##
## This program is free software; you can redistribute it and/or modify it ##
## under the terms of the GNU General Public License version 2 as          ##
## published by the Free Software Foundation; version 2.                   ##
##                                                                         ##
## This program is distributed in the hope that it will be useful, but     ##
## WITHOUT ANY WARRANTY; without even the implied warranty of              ##
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU       ##
## General Public License for more details.                                ##
##                                                                         ##
#############################################################################

#
# $Log: scapy.py,v $
# Revision 1.0.4.74  2006/08/27 17:36:08  pbi
# - tweaked make_*_table() to add horizontal separation lines
#
# Revision 1.0.4.73  2006/08/27 16:11:06  pbi
# - added multiplot to plot many series from the same packet list. The function must returns
#   a couple whose first element is the label of a serie and the second is the data to plot.
#
# Revision 1.0.4.72  2006/08/27 15:13:36  pbi
# - WARNING: API change. crc32() is now the zlib function.
#   crc32(0xffffffffL, s) --> ~crc32(z)&0xffffffffL
#
# Revision 1.0.4.71  2006/08/27 14:16:47  pbi
# - fixed possible failures in DNS.summary()
#
# Revision 1.0.4.70  2006/08/27 14:11:38  pbi
# - improved L3PacketSocket to build the list of interfaces only when needed (promisc=1)
#
# Revision 1.0.4.69  2006/08/27 14:10:05  pbi
# - added gz parameter to PcapWriter (and thus wrpcap()) to gzip captures
# - added abilty to read gzipped pcap files in PcapReader (and thus rdpcap())
#
# Revision 1.0.4.68  2006/08/27 13:59:20  pbi
# - changed Net representation for it to work with Packet.command()
#
# Revision 1.0.4.67  2006/08/27 13:58:48  pbi
# - added diffplot() to PacketList to plot a function of couples (l[i],l[i+delay])
#
# Revision 1.0.4.66  2006/08/27 12:52:13  pbi
# - added prototype to psdump() and pdfdump() docstring
#
# Revision 1.0.4.65  2006/08/27 12:47:32  pbi
# - have srloop() and srploop() return results of all probes
#
# Revision 1.0.4.64  2006/08/11 12:24:31  pbi
# - patched getmacbyip() to handle IP multicast and return the right MAC multicast
#
# Revision 1.0.4.63  2006/08/11 12:13:45  pbi
# - fixed lambda filtering in PacketList.plot()
#
# Revision 1.0.4.62  2006/08/11 12:12:51  pbi
# - fixed reinstantiation of a PacketList as parameter to another PacketList
#
# Revision 1.0.4.61  2006/08/11 12:11:10  pbi
# - added docstring to route.delt()
#
# Revision 1.0.4.60  2006/08/11 12:10:41  pbi
# - fixed /proc/net/route parsing to handle reject routes
#
# Revision 1.0.4.59  2006/08/05 15:38:50  pbi
# - added ActionField(): a wrapper to put arround a field that will trigger the call of a method
#   each time a value is manually set into a field
#
# Revision 1.0.4.58  2006/08/05 15:37:31  pbi
# - fix: moved call to superclass' constructor in EnumField's constructor
#
# Revision 1.0.4.57  2006/07/28 21:57:19  pbi
# - fixed get_if_hwaddr() exception catching in SourceMACField and ARPSourceMACField
#
# Revision 1.0.4.56  2006/07/28 17:24:39  pbi
# - fixed typo in inet_pton
#
# Revision 1.0.4.55  2006/07/19 17:23:30  pbi
# - fix: ls() look for Packet subclasses in both globals() and __builtin__
#
# Revision 1.0.4.54  2006/07/19 17:13:25  pbi
# - forced _ special variable initisalization to None in autorun_commands()
#
# Revision 1.0.4.53  2006/07/17 17:35:48  pbi
# - replaced getattr() by Packet.getfieldval() in FieldLenField.i2m()
#
# Revision 1.0.4.52  2006/07/17 17:28:20  pbi
# - improved MACField.i2m()
#
# Revision 1.0.4.51  2006/07/17 17:27:40  pbi
# - changed Packet.__iter__() to clone unrolled packets without transforming fields values through i2h() and h2i()
#
# Revision 1.0.4.50  2006/07/17 15:18:06  pbi
# - added Packet.getfieldval() and NoPayload.getfieldval() to return the internal value of a field
# - changed Packet.__getattr__() to use Packet.getfieldval()
# - changed do_build, do_build_ps, guess_payload_class, __eq__, haslayer, getlayer to use Packet.getfieldval()
#
# Revision 1.0.4.49  2006/07/17 14:00:53  pbi
# - fixed little endian fields for big endian machines (replaced @ by <)
#
# Revision 1.0.4.48  2006/07/17 13:43:04  pbi
# - simplified PacketListField.addfield()
#
# Revision 1.0.4.47  2006/07/17 13:42:09  pbi
# - simplified Dot11SCField.is_applicable()
#
# Revision 1.0.4.46  2006/07/17 13:40:55  pbi
# - added __nonzero__() methods to Packet and Payload for the first to be true and the second
#   to be false without assembling the packet
#
# Revision 1.0.4.45  2006/07/17 13:37:19  pbi
# - fixed Ether_Dot3_Dispatcher() to make it work with no arguments
#
# Revision 1.0.4.44  2006/07/13 09:52:57  pbi
# - Fixed 3BytesField assembling (N. Bareil, ticket #6)
#
# Revision 1.0.4.43  2006/07/12 16:07:11  pbi
# - fixed docstring of Packet.post_dissection()
#
# Revision 1.0.4.42  2006/07/12 13:36:01  pbi
# - added Packet.from_hexcap() class method
#
# Revision 1.0.4.41  2006/07/12 13:35:37  pbi
# - added a Packet.pre_dissect() hook
#
# Revision 1.0.4.40  2006/07/12 13:23:19  pbi
# - Added a Ether/802.3 dispatcher for "Ethernet" linktype
# - 802.1q use LLC payload if type < 1500
# - enhanced Dot3.mysummary()
#
# Revision 1.0.4.39  2006/07/11 22:40:37  pbi
# - fixed Dot11.answers() behaviour for management frames (L. Butti, ticket #5)
#
# Revision 1.0.4.38  2006/07/11 22:37:36  pbi
# - fixed endianness of some 802.11 fields (L. Butti, ticket #3)
#
# Revision 1.0.4.37  2006/07/11 22:36:06  pbi
# - removed SC field from 802.11 control frames (L. Butti, ticket #4)
#
# Revision 1.0.4.36  2006/07/11 22:10:01  pbi
# - fixed TCPOptionsField to support SAck option (P. Lindholm, ticket #3)
# - strengthened TCPOptionsField against bad options
#
# Revision 1.0.4.35  2006/07/11 21:57:37  pbi
# - fix typo
#
# Revision 1.0.4.34  2006/06/23 17:35:43  pbi
# - improved error message details for get_if_hwaddr()
#
# Revision 1.0.4.33  2006/06/23 17:33:38  pbi
# - arping() function can update ARP cache if parameter cache=1 (D. Schuster, ticket #2)
#
# Revision 1.0.4.32  2006/06/23 16:27:44  pbi
# - fixed: overloaded volatile fields were not fixed for sending
#
# Revision 1.0.4.31  2006/05/27 23:04:41  pbi
# - fixed possible loop in TCP options
#
# Revision 1.0.4.30  2006/05/25 18:00:40  pbi
# - added split_layers(), split_top_down() and split_bottom_up() to undo the
#   effects of bind_layers(), bind_top_down() and bind_bottom_up()
#
# Revision 1.0.4.29  2006/05/25 10:25:32  pbi
# - added missing SPI field for ISAKMP_payload_Proposal
#
# Revision 1.0.4.28  2006/05/25 09:23:16  pbi
# - almost reversed Field.h2i() removal patch (1.0.4.25) (changed my mind :))
# - had Field.any2i() use Field.h2i()
#
# Revision 1.0.4.27  2006/05/24 21:15:22  pbi
# - enhanced Packet.__getattr__ prettiness
#
# Revision 1.0.4.26  2006/05/24 20:50:47  pbi
# - enhanced prettiness of DNSRRCountField
#
# Revision 1.0.4.25  2006/05/24 20:49:44  pbi
# - removed h2i() methods from Field API
#
# Revision 1.0.4.24  2006/04/29 13:52:35  pbi
# - added next_payload value overloading for ISAKMP layers
#
# Revision 1.0.4.23  2006/04/29 13:31:18  pbi
# - removed forgotten debug prints..
#
# Revision 1.0.4.22  2006/04/29 13:20:30  pbi
# - fixed ISAKMPTransformSetField
# - fixed ISAKMP_payload_Transform length calculation
#
# Revision 1.0.4.21  2006/04/29 12:48:13  pbi
# - WARNING: Field API changed. parameter shift must be now provided to the
#   length-varying field and not to the length field.
# - added Field.i2len() method to return the length of a field (the number of
#   bytes in the raw packet string)
#
# Revision 1.0.4.20  2006/04/28 21:53:24  pbi
# - fixed some problems with Packet.haslayer()/getlayer() for empty and list fields
# - reduced Packet.haslayer()/getlayer() speed overhead to the same level as older versions
#
# Revision 1.0.4.19  2006/04/26 14:55:18  pbi
# - fixed (again) filter attaching on linux/amd64 (W. Robinet)
#
# Revision 1.0.4.18  2006/04/26 12:55:29  pbi
# - fixed Dot11WEP default icv value
#
# Revision 1.0.4.17  2006/04/26 12:55:01  pbi
# - ATTENTION: API change: Packet.post_build() now takes current
#   assembled layer and assembled payload separately. Thus the
#   new prototype: post_build(self, pkt payload) -> pkt. post_build()
#   is in charge to join current layer and payload.
#   Old API will work for a small transition time.
#
# Revision 1.0.4.16  2006/04/25 15:23:49  pbi
# - added internal _iterpacket parameter to SetGen to prevent iteration over Packet instances
# - bugfix: prevented iteration over Packet instances in Packet.getlayer/haslayer/show()
#
# Revision 1.0.4.15  2006/04/24 12:27:35  pbi
# - added NetFlow v1 protocol layer (M. Geli)
#
# Revision 1.0.4.14  2006/04/24 11:08:53  pbi
# - big ISAKMPAttributeTypes update (W. McVey)
# - changed ISAKMPTransformSetField to dissectTLV attributes (W. McVey)
# - changed ISAKMPTransformSetField to assemble TLV attributes
# - fixed ISAKMPTransformSetField to handle broken packets
#
# Revision 1.0.4.13  2006/04/23 21:12:08  pbi
# - big p0f update (P. Lalet)
#
# Revision 1.0.4.12  2006/04/20 13:10:13  pbi
# - fixed a bug with alias_type in Packet.guess_payload_class() when a field exists only
#   in the alias class
#
# Revision 1.0.4.11  2006/04/20 13:07:15  pbi
# - enhanced LaTeXTheme2: used \bfseries and added colors to styles fail, success and even
#
# Revision 1.0.4.10  2006/04/20 09:13:49  pbi
# - fixed SetGen to better test int couples for intervals
#
# Revision 1.0.4.9  2006/04/10 05:31:11  pbi
# - use None value to specify timeout must be calculated in __sr_loop()
#
# Revision 1.0.4.8  2006/04/09 05:40:19  pbi
# - added PacketListField.do_copy()
# - modified fuzz() to handle PacketListField
#
# Revision 1.0.4.7  2006/04/08 16:05:24  pbi
# - added PacketListField whose length come from another fiekd
# - changed Packet.haslayer(), Packet.getlayer() and Packet.show() to handle PacketListField
#
# Revision 1.0.4.6  2006/04/02 14:49:28  pbi
# - modified getlayer() to accept "LAYER.field" parameters to enable format strings' %
#   operator to work : "dst=%(IP.dst)s dport=%(TCP.dport)04i" % pkt
#
# Revision 1.0.4.5  2006/04/02 13:12:10  pbi
# - added __mul__() and __rmul__() operators to handle multiplication with an int
#
# Revision 1.0.4.4  2006/03/27 13:32:50  pbi
# - added missing fileno() to PcapReader and PcapWriter
#
# Revision 1.0.4.3  2006/03/22 12:59:35  pbi
# - use binary mode to open files (Windows needs that...)
#
# Revision 1.0.4.2  2006/03/22 12:42:46  pbi
# - replicated packet creation time when unrolling an implicit packet
#
# Revision 1.0.4.1  2006/03/17 12:48:28  pbi
# Release 1.0.4
#
# Revision 1.0.3.34  2006/03/17 12:48:02  pbi
# - added docstring for TracerouteResult.trace3D()
#
# Revision 1.0.3.33  2006/03/14 19:05:05  pbi
# - added equality tests between two packets.
#
# Revision 1.0.3.32  2006/03/14 18:35:41  pbi
# - added a timeout parameter to sniff()
#
# Revision 1.0.3.31  2006/03/14 17:48:30  pbi
# - removed deprecated Packet.send()
#
# Revision 1.0.3.30  2006/03/14 17:46:03  pbi
# - fix indentation quirk
#
# Revision 1.0.3.29  2006/03/14 15:12:59  pbi
# - removed forgotten print in Packet.trace3D()
#
# Revision 1.0.3.28  2006/03/12 18:00:42  pbi
# - made Packet.getlayer() and Packet.haslayer() also work with class names
# - got rid of Packet.haslayer_str()
#
# Revision 1.0.3.27  2006/03/12 17:56:14  pbi
# - improved Packet.getlayer(), Packet.haslayer() and Packet.haslayer_str()
#   to look into PacketFields.
#
# Revision 1.0.3.26  2006/03/09 22:25:00  pbi
# - removed bad loop in L3PacketSocket and L2Socket when discarding outgoing packets (W. McVey)
#
# Revision 1.0.3.25  2006/03/09 22:15:38  pbi
# - added Ctrl-Click to TracerouteResult.trace3D() to scan an IP
#
# Revision 1.0.3.24  2006/02/28 18:33:32  pbi
# - added a "trans" parameter to colgen to handle automatic specific conversions into color object
# - used colgen() in Packet.canvas_dump()
#
# Revision 1.0.3.23  2006/02/28 18:24:27  pbi
# - removed makecol() from TracerouteResult.graph()
#
# Revision 1.0.3.22  2006/02/28 18:23:46  pbi
# - turned makecol() TracerouteResult.graph()' internal function into colgen() generator tool
#
# Revision 1.0.3.21  2006/02/28 18:04:10  pbi
# - added TracerouteResult.trace3D() to have a 3D traceroute visualization with VPython
#
# Revision 1.0.3.20  2006/02/27 18:03:46  pbi
# - added get_trace() method to TraceouteResult() to extract traceroute data
#
# Revision 1.0.3.19  2006/02/27 15:13:36  pbi
# - Fixed Dot11Beacon's fields' endianness (G. Lukas)
#
# Revision 1.0.3.18  2006/02/27 15:08:25  pbi
# - factorised tex_escape() function from ps/pdfdump()
# - added LatexTheme2 for autorun_get_latex_interactive_session()
# - escape stuff in autorun_get_latex_interactive_session()
#
# Revision 1.0.3.17  2006/02/22 11:33:34  pbi
# - added config.prog to reference external program pathes
#
# Revision 1.0.3.16  2006/02/22 11:19:26  pbi
# - added afterglow clone attempt (http://sourceforge.net/projects/afterglow)
#
# Revision 1.0.3.15  2006/02/22 11:14:39  pbi
# - added prog parameter to do_graph()
#
# Revision 1.0.3.15  2006/02/21 12:45:00  pbi
# - added prog paramter to do_graph()
#
# Revision 1.0.3.14  2006/02/21 12:21:44  pbi
# - removed hard dependancy on libreadline. Now works even if no libreadline is installed
#
# Revision 1.0.3.13  2006/02/19 14:06:28  pbi
# - fixed show()'s indentation
#
# Revision 1.0.3.12  2006/02/19 13:49:18  pbi
# - many docstrings corrections
#
# Revision 1.0.3.11  2006/02/17 16:29:38  pbi
# - improved show() to use an exploded view for fields which hold packets
# - added show_indent flag to Packet() that can be overloaded to 0 for layers that are followed by peers
#   and for whom indentation in show() is not desired
#
# Revision 1.0.3.10  2006/02/17 11:14:16  pbi
# - changed conversation parameter to group getsrc/getdst into getsrcdst
#
# Revision 1.0.3.9  2006/02/17 10:57:53  pbi
# - added docstrings for PacketList
#
# Revision 1.0.3.8  2006/02/16 15:45:51  pbi
# - added docstrings to sr*(), wrpcap(), rdpcap()
#
# Revision 1.0.3.7  2006/02/16 15:37:44  pbi
# - fixed conf.BTsocket assignment BluetoothSocket BluetoothL2CAPSocket
#
# Revision 1.0.3.6  2006/02/16 15:11:13  pbi
# - added docstrings to many methods of Packet
#
# Revision 1.0.3.5  2006/02/16 14:09:07  pbi
# - added BluetoothHCIsocket
# - added L2socket to sniff
# - added HCI_Hdr, L2CAP_Hdr layers, moved L2CAP to L2CAP_HdrCmd
#
# Revision 1.0.3.4  2006/02/12 01:06:52  pbi
# - initialize payload's underlayer before payload's dissection
#
# Revision 1.0.3.3  2006/01/29 00:06:48  pbi
# - added shortcut to PacketList to extract a given protocol with []. ex : lst[ICMP]
#
# Revision 1.0.3.2  2006/01/28 23:52:21  pbi
# - removed useless (and racy) __del__() methods from PcapReader and PcapWriter
#
# Revision 1.0.3.1  2006/01/28 14:32:55  pbi
# Release 1.0.3
#
# Revision 1.0.2.37  2006/01/28 13:14:25  pbi
# - tweaked ls() for add-on classes to appear in the listing
#
# Revision 1.0.2.36  2006/01/28 13:02:15  pbi
# - replaced remaining occurences of use of display() [deprecated, use show()]
# - removed URL from dummy IPv6 classes names
#
# Revision 1.0.2.35  2006/01/17 18:02:42  pbi
# - finished Packet.canvas_dup() escape() function. Every char is correctly translated into TeX
#
# Revision 1.0.2.34  2006/01/15 13:15:57  pbi
# -added information-request and information-response to ICMP types (J. Bowie)
#
# Revision 1.0.2.33  2006/01/15 13:15:16  pbi
# - fixed NetBIOSNameField incorrect length calculation (J. Bowie)
#
# Revision 1.0.2.32  2006/01/14 16:54:29  pbi
# - added missing _IPv6optionHearder dummy class
# - removed useless IPv6_instace() function
#
# Revision 1.0.2.31  2006/01/12 11:02:51  pbi
# - fixed 1.0.2.29 collision fix (s/mtu/mtu_present/)
#
# Revision 1.0.2.30  2006/01/11 17:45:45  pbi
# - fixed endianness problems in PcapReader()
# - fixed PcapReader.read_all()
# - added missing try/except to PcapReader.read_packet()
# - removed PcapReader.read_PacketList() (read_all() already returns a PacketList)
# - removed debug "print" from PcapWriter()
# - added endianness parameter in PcapWriter()
#
# Revision 1.0.2.29  2006/01/11 17:00:01  pbi
# - added Solaris support (wit help from S. Despret)
# - added Solaris missing IPPROTO_GRE
# - changed read_routes() to work with Solaris netstat
# - fixed read_route() local variable collision (mtu became mtu_present)
# - changed variable fl to flg
#
# Revision 1.0.2.28  2006/01/05 17:49:17  pbi
# - re-added indentation in Packet.show(). Can be tweaked with "indent" parameter
#
# Revision 1.0.2.27  2006/01/04 15:04:17  pbi
# - added missing try/except arround dissection in rdpcap()
#
# Revision 1.0.2.26  2005/12/23 00:51:51  pbi
# - strengthened DNS disassembly
#
# Revision 1.0.2.25  2005/12/23 00:11:09  pbi
# - have scapy work if Python IPv6 support is not compiled in socketmodule
#
# Revision 1.0.2.24  2005/12/23 00:08:50  pbi
# - aliased socket.inet_ntoa into local namespace for consistency with other ?to?
#
# Revision 1.0.2.23  2005/12/22 17:58:08  pbi
# - fixed and enhanced autorun_commands()
#
# Revision 1.0.2.22  2005/12/21 23:00:16  pbi
# - fixed bug introduced by fix 1.0.2.19 on _
#
# Revision 1.0.2.21  2005/12/21 22:58:45  pbi
# - added Packet.get_field() to get a field instance from its name
# - modified some fields to use Packet.get_field() instead of a complex operation
#
# Revision 1.0.2.20  2005/12/19 12:43:52  pbi
# - added FieldListField to create arrays of fields whose number is given in a FieldLenField
#
# Revision 1.0.2.19  2005/12/18 22:46:35  pbi
# - fixed uninitialized _ in autorun_commands()
#
# Revision 1.0.2.18  2005/12/17 11:27:05  pbi
# - Changed ColorTheme class be usable
# - Added NoTheme class
# - added autorun_get_text_interactive_session()
# - added autorun_get_ansi_interactive_session()
# - added autorun_get_latex_interactive_session() (miss some special chars filtering)
#
# Revision 1.0.2.17  2005/12/15 15:13:58  pbi
# - IPv6 migration step 1: integrate some IPv6 routing stuff for IPv6 fork to work
#   as an add-on
#
# Revision 1.0.2.16  2005/12/07 18:02:26  pbi
# - added fallbacks if tcpdump can't be run and libpcap is not used
#
# Revision 1.0.2.15  2005/12/07 17:44:11  pbi
# - fixed socket filter pushing for x86_64 arch. (W. Robinet)
#
# Revision 1.0.2.14  2005/12/06 16:41:30  pbi
# - added conf.check_TCPerror_seqack (default 0) to relax ICMP error matching for TCP
#   packets (some broken PIX play with sequence numbers and forget to tidy them up)
#
# Revision 1.0.2.13  2005/11/27 00:09:30  pbi
# - added code to run interactive sessions automatically
#
# Revision 1.0.2.12  2005/11/26 11:33:55  pbi
# - catch exceptions in ColorPrompt from bad color theme to avoid
#   program termination
#
# Revision 1.0.2.11  2005/11/26 11:10:44  pbi
# - added class HTMLTheme2 with trigram instead of '<' and '>' to easily convert others into &lt; and &gt;
#
# Revision 1.0.2.10  2005/11/20 16:23:01  pbi
# - improved a bit error handling of import dnet/pcap
# - made INFO messages for missing files a bit more clear
#
# Revision 1.0.2.9  2005/11/19 08:39:09  pbi
# - handle API change between pylibpcap 0.4 and 0.5
#
# Revision 1.0.2.8  2005/11/17 11:05:56  pbi
# - changed Packet.sprintf() format string specificator to accept only the
#   field name and take the currend layer
#
# Revision 1.0.2.7  2005/11/17 10:24:53  pbi
# - added onlyasc parameter to linehexdump()
# - added onlyasc parameter to fragleak() and fragleak2()
#
# Revision 1.0.2.6  2005/11/15 04:55:11  pbi
# - added Packet.command() to go from a packet instance to the Scapy command to generate it
#
# Revision 1.0.2.5  2005/11/15 03:04:51  pbi
# - write history in an atexit registered function
#
# Revision 1.0.2.4  2005/11/15 02:58:44  pbi
# - fixed Enum fields for them to work with lists of values
#
# Revision 1.0.2.3  2005/11/09 19:56:42  pbi
# - added a ColorTheme.__repr__() to fix objects that used it, like conf object!
#
# Revision 1.0.2.2  2005/11/09 18:26:57  pbi
# - fixed itom() to return positive values even for big endian platforms
# - fixed RandIP default __init__ parameter to be 0.0.0.0/0 instead of 0/0
#
# Revision 1.0.2.1  2005/11/07 14:04:39  pbi
# release 1.0.2
#
# Revision 1.0.1.13  2005/11/07 14:00:54  pbi
# - fixed Dot11Auth.seqnum to be little endian
# - added Dot11Auth.answers()
#
# Revision 1.0.1.12  2005/11/07 13:39:31  pbi
# - fixed some stuff in the LaTeX color theme
#
# Revision 1.0.1.11  2005/11/07 13:38:36  pbi
# - added timeout parameter to fragleak()
# - created fragleak2()
#
# Revision 1.0.1.10  2005/11/07 13:37:20  pbi
# - fixed LLC/SNAP binding to overload LLC.ctrl with 3
#
# Revision 1.0.1.9  2005/11/07 13:35:12  pbi
# - changed Dot11.summary() to show src > dst
# - added Dot11.answers()
#
# Revision 1.0.1.8  2005/11/07 13:33:43  pbi
# - added DNS.answsers()
#
# Revision 1.0.1.7  2005/11/07 13:33:19  pbi
# - added SignedIntField() and LESignedIntField
# - converted PrismHeader's "signal" field to signed
#
# Revision 1.0.1.6  2005/11/01 12:22:02  pbi
# - added hint_iface parameter to sendp()
# - used hint_iface in arpcachepoison()
#
# Revision 1.0.1.5  2005/10/31 12:29:09  pbi
# - added ConditionalField to wrap a field and apply a condition to its presense
# - added NewDefaultValues metaclass to create new Packet classes from old ones
#   with new default default values
# - added GRE protocol from rfc2784. (need more work for rfc1701)
#
# Revision 1.0.1.4  2005/10/27 15:12:32  pbi
# - created VolatileValue class to handle volatile values like RandomField
# - redesigned inheritence of random fields arround VolatileValue
# - added DelayedEval() volatile value
#
# Revision 1.0.1.3  2005/10/27 14:59:11  pbi
# - Changed color themes handling. Now LatexTheme and HTMLTheme are not ugly hacks anymore.
#
# Revision 1.0.1.2  2005/10/26 16:15:06  pbi
# - added CharEnumField()
# - declared s2i and i2s in EnumField before calling superclass' contructor
#
# Revision 1.0.1.1  2005/10/25 07:49:35  pbi
# Release 1.0.1
#
# Revision 1.0.0.61  2005/10/25 07:48:48  pbi
# - added rebuild option to Packet.p{s|df}dump() to dump a packet as-is
#
# Revision 1.0.0.60  2005/10/23 18:20:30  pbi
# - PacketList.sr() return ( (matched couples), (unmatched packets) ) from the packet list
#
# Revision 1.0.0.59  2005/10/23 17:15:34  pbi
# - added layer_shift option to every p{s|df}dump() method to explode hexa dump by layers
#
# Revision 1.0.0.58  2005/10/23 17:09:29  pbi
# - return a loopback route when no default route is present. XXX: linux specific!
#
# Revision 1.0.0.57  2005/10/23 17:07:59  pbi
# - split bind_layers() into bind_top_down() and bind_bottom_up()
#
# Revision 1.0.0.56  2005/10/23 16:57:26  pbi
# - fixed dissection errors exception management when conf.debug_dissector is true
#
# Revision 1.0.0.55  2005/10/23 16:56:00  pbi
# - made MACField's default value to be "00:00:00:00:00:00"
# - fixed DestMACField's default value to be "ff:ff:ff:ff:ff:ff"
#
# Revision 1.0.0.54  2005/10/23 16:54:00  pbi
# - fixed Field.randval() to work with string formats and modifiers
# - fixed fuzz() not to overload default value if field's proposed randval is None
#
# Revision 1.0.0.53  2005/10/17 16:03:36  pbi
# - uniformized to "lfilter" the paramter name for lambda expressions used as filters
# - removed a superfluous line in crc32()
#
# Revision 1.0.0.52  2005/10/15 13:17:18  pbi
# - AutoTime() and IntAutoTime() classes that give a field a time dependant value
# - PacketList.timeskew_graph() should work on SndRcvList()
#
# Revision 1.0.0.51  2005/10/08 20:52:45  pbi
# - added StreamSocket supersocket to emulate a datagram socket on a stream
#   socket that supports MSG_PEEK and whose base layer class knows its own size
#   and put the remaining in Padding()
#
# Revision 1.0.0.50  2005/10/08 12:46:56  pbi
# - remove useless routes in netstat -rn output (P. Lalet)
#
# Revision 1.0.0.49  2005/10/08 12:41:23  pbi
# - fixed netmask calculations (P. Lalet)
#
# Revision 1.0.0.48  2005/10/08 11:21:28  pbi
# - use color for packet numbering in nsummary() et al.
#
# Revision 1.0.0.47  2005/10/06 12:57:25  pbi
# - fixed MAC addresses calculation when IP is a Gen() instance (G. Valadon)
#
# Revision 1.0.0.46  2005/10/06 12:44:51  pbi
# - added route.get_if_bcast() to get interface's broadcast address (F. Raynal)
# - added a check in getmacbyip() to give a broadcast MAC for a broadcast IP
# - added sndrcv() (thus sr*() family)  "multi" parameter to accept many answers
#   from one stimulus. (If stimulus uses a broadcast dst address, you'll need
#   to set conf.checkIPaddr=0)
#
# Revision 1.0.0.45  2005/10/06 12:03:46  pbi
# - changed sys.exit() into os._exit() in sndrcv() to prevent children to flush files buffers
#   that would be written a second time by the parent (SJ Murdoch)
#
# Revision 1.0.0.44  2005/10/06 11:44:48  pbi
# - worked arround (I hope) all FreeBSD/MacOS/pcap issues (look at pcap_get_selectable_fd() note of pcap8 manpage).
#   Thus no more active waits or unseen packets. Still problems to interrupt a capture with ^C on some FreeBSD kernels :(
#
# Revision 1.0.0.43  2005/10/05 11:51:33  pbi
# - added nofilter option to supersockets to handle ethertype filtering for non-linux stuff
#   and for ARP resolution to bypass conf.except_filter
#
# Revision 1.0.0.42  2005/10/05 11:28:14  pbi
# - added RandMAC()
# - added early support for fuzzing
# - added fuzz()
#
# Revision 1.0.0.41  2005/10/05 11:14:57  pbi
# - modified Packet.__iter__ to also evaluate random defaults fields
#
# Revision 1.0.0.40  2005/10/05 11:11:56  pbi
# - filtered more characters for LaTeX in ps/pdf dump
# - removed character that has magically appeared in DHCP_am
#
# Revision 1.0.0.39  2005/10/05 11:08:32  pbi
# - fixed StrFixedLenField.addfield()
#
# Revision 1.0.0.38  2005/10/05 11:06:51  pbi
# - overloaded RandFields repr() to give the class name
# - added RandLong()
# - added RandBin() to be RandString() for all chars
# - added RandTermString()
# - added RandIP default template to be "0/0"
#
# Revision 1.0.0.37  2005/10/05 11:01:20  pbi
# - more tests in DHCP_am.make_reply() to handle garbage in
#
# Revision 1.0.0.36  2005/09/24 14:37:51  pbi
# - added a "padding" option to TracerouteResult.graph() to show routers that pad
#
# Revision 1.0.0.35  2005/09/24 14:32:40  pbi
# - added Packet.psdump() and Packet.pdfdump()
# - added PacketList.psdump() and PacketList.pdfdump()
#
# Revision 1.0.0.34  2005/09/24 14:30:15  pbi
# - ability to change the BPF filter in traceroute()
#
# Revision 1.0.0.33  2005/09/24 14:29:30  pbi
# - completed PrismHeader layer
#
# Revision 1.0.0.32  2005/09/24 14:27:27  pbi
# - deprecated "packet.haslayer(l)" by "l in Packet"
# - deprecated "Packet.getlayer(l)" by "Packet[l]"
#
# Revision 1.0.0.31  2005/09/24 14:25:01  pbi
# - better error message if gnuplot wrapper is missing
# - fixed subclass test in dissection error treatment
# - fixed Dot11Elt summary
# - fixed __sr_loop() to prevent stats calc if no packet have been received
# - fixed sniff() to break loop at the end of reading a file (offline optoin)
#
# Revision 1.0.0.30  2005/09/13 16:03:47  pbi
# - added Dot11Elt.mysummary() for SSID displaying
# - fixed Enum*.i2repr()
#
# Revision 1.0.0.29  2005/09/13 16:02:35  pbi
# - fix build of packets with more than one padding
#
# Revision 1.0.0.28  2005/09/12 16:14:41  pbi
# - new hexdump() which displays offsets
#
# Revision 1.0.0.27  2005/09/12 14:56:31  pbi
# - new summary() and mysummary() semantic (backward compatible!) to enable more than one class to be expanded.
#   The higher gives its dependances along with its own summary
#
# Revision 1.0.0.26  2005/09/12 14:03:10  pbi
# - added ip.dst in ICMP summary()
#
# Revision 1.0.0.25  2005/09/12 13:25:22  pbi
# - added post_dissection() method, called at the end of the dissection, when the packet is ready
# - added default_payload_class() called when layer bonds are not sufficient
# - improved/fixed conf.debug_dissector() which failed when guess_payload_class() returned None
#
# Revision 1.0.0.24  2005/09/08 14:13:36  pbi
# - added RandIP()
#
# Revision 1.0.0.23  2005/09/08 05:29:23  pbi
# - added conf.debug_dissecto checks where it was missing in SuperSockets
# - Slice pcap object only once we know its not None ! (N. Peterson)
#
# Revision 1.0.0.22  2005/09/06 17:08:47  pbi
# - made AnsweringMachine() callable instead of using the run() method
#
# Revision 1.0.0.21  2005/09/06 17:05:19  pbi
# - new logging/warning facility using the logging module
#
# Revision 1.0.0.20  2005/08/28 18:01:12  pbi
# - 802.11 tweaks
#
# Revision 1.0.0.19  2005/08/28 18:00:14  pbi
# - added Packet.decode_payload_as()
#
# Revision 1.0.0.18  2005/08/28 17:51:05  pbi
# - Added XShortEnumField()
#
# Revision 1.0.0.17  2005/08/17 18:11:13  pbi
# - fixed crc32() computation for big endian systems
#
# Revision 1.0.0.16  2005/08/17 12:54:47  pbi
# - fix regression introduced in 1.0.0.4 (netstat parsing)
#
# Revision 1.0.0.15  2005/08/16 17:00:35  pbi
# - fixed socket creation/attach filter race condition for L2Socket and L3PacketSocket.
#   No more packets shoud go through the filter.
#
# Revision 1.0.0.14  2005/08/16 16:58:59  pbi
# - don't return outgoing packets in L2Socket and L3PacketSocket
# - L2Socket and L3PacketSocket don't catch the exception if conf.dissector=1
#
# Revision 1.0.0.13  2005/08/16 16:56:09  pbi
# - enhanced Packet.summary() code
#
# Revision 1.0.0.12  2005/08/16 16:53:31  pbi
# - keep tcp/udp ports numeric in traceroute result
#
# Revision 1.0.0.11  2005/08/15 09:27:45  pbi
# - added NTP.mysummary()
#
# Revision 1.0.0.10  2005/08/15 09:18:56  pbi
# - fixed Ether.summary() (P. Lalet)
#
# Revision 1.0.0.9  2005/08/10 22:18:25  pbi
# - moved code to build answering machines' functions into a metaclass
#
# Revision 1.0.0.8  2005/08/10 20:05:45  pbi
# - added MobileIP protocol (rfc3344 and friends) (B. Andersson)
#
# Revision 1.0.0.7  2005/08/10 20:01:56  pbi
# - changed Ether.mysummary() (P. Lalet)
# - Update of Sebek protocols (P. Lalet)
#
# Revision 1.0.0.6  2005/08/10 19:53:19  pbi
# - fix problem in declaraion of answering machine functions
#
# Revision 1.0.0.5  2005/08/10 15:43:03  pbi
# - added resolution of numbers from /etc/ethertypes, /etc/protocols and
#   /etc/services (P. Lalet)
# - tweaked some mysummary() accordingly
#
# Revision 1.0.0.4  2005/08/10 14:48:06  pbi
# - Better netstat parsing for OpenBSD (P. Lalet)
#
# Revision 1.0.0.3  2005/08/10 14:41:21  pbi
# - fixed regression introduced by previous patch : Gen and Packet are not
#   classes anymore but types.
#
# Revision 1.0.0.2  2005/08/09 21:40:57  pbi
# - added ChangeDefaultValues metaclass to easily make a variant of a protocol
#
# Revision 1.0.0.1  2005/08/09 18:30:10  pbi
# Release 1.0.0
#
# Revision 1.0  2005/08/09 18:26:09  pbi
# 1.0 release
#
# Revision 0.9.17.110  2005/08/09 18:19:17  pbi
# - nothing
#
# Revision 0.9.17.109  2005/08/08 13:57:16  pbi
# - replaced use of __builtins__ by globals()
# - promiscuous mode is now default mode
# - added HTML color theme
#
# Revision 0.9.17.108  2005/08/05 14:12:48  pbi
# - fix: IP fragmentation offset needs to be 0 for payload to be decoded
#   (actually fixed in 0.9.17.106)
#
# Revision 0.9.17.107  2005/08/05 14:04:03  pbi
# - added 'filter' parameter to PacketList.padding()
# - added PacketList.nzpadding() method
# - added 'lfilter' parameter to sniff()
#
# Revision 0.9.17.106  2005/08/05 14:02:19  pbi
# - removed scapy module reloading to prepare interactive mode
# - tweaked interact() function, now fully functionnal
#
# Revision 0.9.17.105  2005/07/20 16:24:06  pbi
# - small fix nmap database class
#
# Revision 0.9.17.104  2005/07/20 16:22:51  pbi
# - modified Packet.guess_payload_class() semantic : added the payload as parameter
# - fixed TCP.answers() to take in account length of payload
# - added timeout arg to arping()
#
# Revision 0.9.17.103  2005/06/07 10:18:27  pbi
# - added a try/catch for get_if_hw_addr
# - fixed the netstat parsing for OpenBSD
# - changed Dot11WEP's key ID field from "key" to "keyid"
#
# Revision 0.9.17.102  2005/06/07 09:54:51  pbi
# - added LEShortEnumField
# - added L2CAP layer
# - added Bluetooth supersocket
# - added srbt() and srbt1()
#
# Revision 0.9.17.101  2005/05/30 17:21:48  pbi
# - Fixes for 0.9.17.100
#
# Revision 0.9.17.100  2005/05/30 17:08:41  pbi
# - added NetBIOS, SMB & Co support (Sebastien Chenevot & Sylvain Sarmejeanne)
#
# Revision 0.9.17.99  2005/05/28 14:28:40  pbi
# - WEP support and ICV computation
#
# Revision 0.9.17.98  2005/05/27 23:05:35  pbi
# -fixed a smlal bug in graphic traceroute
#
# Revision 0.9.17.97  2005/05/27 19:53:04  pbi
# - added WEP ciphering to Dot11WEP
#
# Revision 0.9.17.96  2005/05/25 15:15:10  pbi
# - ability to give a WEP key as an argument to unwep()
#
# Revision 0.9.17.95  2005/05/25 15:05:03  pbi
# - fixed pcap supersockets warnings
#
# Revision 0.9.17.94  2005/05/25 15:01:24  pbi
# - fixed/cleaned ISAKMP
#
# Revision 0.9.17.93  2005/05/25 15:00:34  pbi
# - fixed Packet.remove_underlayer() args
# - fixed FieldLenField
# - added Atheros Prism Header linktype
#
# Revision 0.9.17.92  2005/05/18 16:59:32  pbi
# - some voip_play() stuff
#
# Revision 0.9.17.91  2005/05/18 16:59:01  pbi
# - added BIOCIMMEDIATE option to fix BSD's BPF/pcap/select() behaviour issues
# - made PCAP/DNET the default mode, even for Linux (it seems quicker)
#
# Revision 0.9.17.90  2005/05/18 16:57:07  pbi
# - purge ARP cache when changing IP address of an interface
# - fixed loopback interface detection get_if_raw_hwaddr() for dnet
# - changed a bit Dot11PacketList behaviour
# - fixed build() overload by EAP class
# - fixed close()/recv() mix up in L2pcapListenSocket
#
# Revision 0.9.17.89  2005/05/03 19:18:22  pbi
# - DNET/PCAP stuff reordering
#
# Revision 0.9.17.88  2005/05/03 00:10:12  pbi
# - made Padding not be seen as a payload
#
# Revision 0.9.17.87  2005/04/29 22:37:39  pbi
# - added L2 recognition for L2pcapListenSocket
# - workarround for a bug in libpcap/wrapper?. .next() sometimes returns None
# - added consistant get_if_addr() and get_if_raw_addr()
# - added ifadd(), ifdel() and ifchange() methods to Route class
#
# Revision 0.9.17.86  2005/04/27 21:14:24  pbi
# - small code cleaning
#
# Revision 0.9.17.85  2005/04/27 13:53:32  pbi
# - early BSD port with libdnet and libpcap wrappers
#
# Revision 0.9.17.84  2005/04/24 14:57:45  pbi
# - added a usable geolocation database from GeoIP.
#
# Revision 0.9.17.83  2005/04/24 10:34:57  pbi
# - fixed fragment() (Peter Hardy)
#
# Revision 0.9.17.82  2005/04/23 15:29:21  pbi
# - fixed sndrcv() when given an empty set of packets
#
# Revision 0.9.17.81  2005/04/23 13:55:32  pbi
# - Some Sebek layers fixes (Pierre Lalet)
#
# Revision 0.9.17.80  2005/04/23 13:43:16  pbi
# - Early IrDA support (Pierre Lalet)
#
# Revision 0.9.17.79  2005/04/23 13:42:34  pbi
# - fixed SebekV1 and SebekV2 (Pierre Lalet)
#
# Revision 0.9.17.78  2005/04/23 13:41:33  pbi
# - fixed BitField (Pierre Lalet)
#
# Revision 0.9.17.77  2005/04/23 13:36:15  pbi
# - added threshold for warnings
#
# Revision 0.9.17.76  2005/04/23 11:27:51  pbi
# - Renamed SndRcvAns into SndRcvList
#
# Revision 0.9.17.75  2005/04/23 11:26:12  pbi
# - added color display in srloop()
#
# Revision 0.9.17.74  2005/04/22 13:30:10  pbi
# - fixed dhcp_request()
# - changed make_table semantic : take one lambda instead of 3
# - fixed import_hexcap()
# - fixed StrLenField
# - changed traceroute() and arping() to also return unanswered packets
# - ls() now sorts its output alphabetically
# - LaTeX color theme for straight copy/paste into your doc.
#
# Revision 0.9.17.73  2005/04/15 15:56:08  pbi
# - fixed ARP.answers()' return value
# - made TracerouteResult.graph() use both ASN information source
#
# Revision 0.9.17.72  2005/04/09 22:25:23  pbi
# - fix route.route() to handle extended IP sets (ex. 192.168.*.1-5)
# - generalised statistics in packet lists
# - added Dot11PacketList()
# - added some DHCP options
# - fixes in DHCP options building
# - modified unwep() to decrypt a WEP packet if it was not already done
#
# Revision 0.9.17.71  2005/04/06 10:49:11  pbi
# - forgotten debug msg in Net()
#
# Revision 0.9.17.70  2005/04/04 17:58:15  pbi
# - modified Net() to recognize things like 172.16.*.1-10
#
# Revision 0.9.17.69  2005/04/04 14:24:00  pbi
# - fix DHCP
# - added dhcp_request()
#
# Revision 0.9.17.68  2005/03/28 22:18:04  pbi
# - first attempt with time skew graphing
#
# Revision 0.9.17.67  2005/03/28 22:17:44  pbi
# - use gzip compression for load_object/save_object
# - made RandNum() and Emph() pickable
# - changed prompt color in default color theme
#
# Revision 0.9.17.66  2005/03/28 14:30:01  pbi
# - more DHCP work
#
# Revision 0.9.17.65  2005/03/28 14:29:03  pbi
# - first attempt to generate libnet C code from a packet
#
# Revision 0.9.17.64  2005/03/28 14:28:20  pbi
# - forgot to delete temporary variables in scapy's global scope
#
# Revision 0.9.17.63  2005/03/28 14:22:38  pbi
# - added colors, color themes, colored prompt
#
# Revision 0.9.17.62  2005/03/24 16:19:33  pbi
# - made it possible to use a PacketList as a parameter for send* or sr*
#
# Revision 0.9.17.61  2005/03/23 18:27:06  pbi
# - used init_cookie for ISAKMP.answers()
# - raised an exception in route.make_route if parameters are incomplete
#
# Revision 0.9.17.60  2005/03/23 17:07:56  pbi
# - fixed session loading with -s
# - prevented save_session() to trash current session
# - changed AnsweringMachine to make send_reply() a bit more generic
#
# Revision 0.9.17.59  2005/03/22 16:52:44  pbi
# - added _elt2show() to PacketList
# - changed PacketList.show() to use _elt2show()
#
# Revision 0.9.17.58  2005/03/22 16:21:39  pbi
# - added conversation() to PacketList
# - added padding() to PacketList
# - fixed StrNullField
# - added haslayer_str() to Packet
# - changed Packet.sprintf() to use haslayer_str
# - changed answers() to ask payload if same class as other
# - add count parameter to rdpcap
#
# Revision 0.9.17.57  2005/03/16 14:18:28  pbi
# - added StrNullField
#
# Revision 0.9.17.56  2005/03/14 18:14:28  pbi
# - LLNumTypes fix
# - Added linktype recognition to PcapWriter class
#
# Revision 0.9.17.55  2005/03/14 17:59:23  pbi
# - indentation cosmetic fix
#
# Revision 0.9.17.54  2005/03/14 17:53:56  pbi
# - wrpcap() now writes the correct linktype in the pcap file
#
# Revision 0.9.17.53  2005/03/14 17:22:23  pbi
# - added ISAKMP transforms decoding
#
# Revision 0.9.17.52  2005/03/14 16:40:58  pbi
# - added ikescan()
# - added ISAKMPTransformField
# - fixed PacketList's private methods names do begin only with one "_"
#
# Revision 0.9.17.51  2005/03/14 13:03:11  pbi
# - added a prn parameter to PacketList's summary() and nsummary()
#
# Revision 0.9.17.50  2005/03/14 12:56:24  pbi
# - make internal methods of PacketResult begins with __
#
# Revision 0.9.17.49  2005/03/14 12:52:41  pbi
# - Deprecated display() method (for all objects). Use show() instead.
#
# Revision 0.9.17.48  2005/03/14 12:48:29  pbi
# - Modified PacketField to stop at Padding instead of Raw
# - Added PacketLenField
# - More ISAKMP rework. Almost working.
#
# Revision 0.9.17.47  2005/03/14 10:20:49  pbi
# - added unwep() method to Dot11 packets
# - fixed 4 missing bytes in Dot11WEP
#
# Revision 0.9.17.46  2005/03/08 17:56:49  pbi
# - added a possibility to give a hint for srp() to choose the intended interface
# - added is_promisc() to find boxes in promisc mode (will not always work) (Javier Merino)
#
# Revision 0.9.17.45  2005/03/08 17:21:14  pbi
# - added PacketField
# - ISAKMP work
#
# Revision 0.9.17.44  2005/03/06 17:50:06  pbi
# - changed PCAP and DNET defaults
#
# Revision 0.9.17.43  2005/03/03 17:15:26  pbi
# - ISAKMP work
#
# Revision 0.9.17.42  2005/03/02 18:09:00  pbi
# - added make_world_trace() method to TracerouteResult for a xtraceroute-like
#
# Revision 0.9.17.41  2005/02/20 22:33:55  pbi
# - Sebek protocol definitions enhancements (Pierre Lalet)
#
# Revision 0.9.17.40  2005/02/20 22:31:49  pbi
# - added ARP answering machine (farpd) (Pierre Lalet)
#
# Revision 0.9.17.39  2005/02/20 22:22:23  pbi
# - Graphic traceroute enhanced to cope with TCP, UDP, ICMP or other traceroutes
# - ASN clustering in graphic traceroute can be controlled with the "ASN" parameter
#
# Revision 0.9.17.38  2005/02/18 21:03:26  pbi
# - MGCP  early support
# - RandString()
#
# Revision 0.9.17.37  2005/02/10 22:33:13  pbi
# - export_object()/import_object() to copy/paste base64 gzipped pickled objects
# - prevent save_session from deleting unpicklable objects
# - added hexdump() and hexraw() methods to PacketList object
# - Raw packet answers any Raw packet
# - added conf.checkIPaddr to recognize broadcast replies (BOOTP/DHCP)
#
# Revision 0.9.17.36  2005/02/02 22:39:48  pbi
# - added GPRS dummy packet class
#
# Revision 0.9.17.35  2005/01/29 00:29:25  pbi
# - added l4 parameter to traceroute() for UDP, ICMP and other layer 4 traceroutes
# - tweaked TracerouteResult display()
#
# Revision 0.9.17.34  2005/01/26 23:43:19  pbi
# - removed some outdated functions
#
# Revision 0.9.17.33  2005/01/26 23:41:58  pbi
# - small simplification of TracerouteResult display() thanks to new sprintf()
#   conditionnal statement
#
# Revision 0.9.17.32  2005/01/26 23:12:59  pbi
# - added conditionnal statements in format strings
#
# Revision 0.9.17.31  2005/01/26 22:30:36  pbi
# - removed an uneeded "else" in  sprintf()
#
# Revision 0.9.17.30  2005/01/22 22:25:24  pbi
# - re-added node coloring lost code line in traceroute graphing code
#
# Revision 0.9.17.29  2005/01/22 21:48:55  pbi
# - fixed need for warning() before it was declared
#
# Revision 0.9.17.28  2005/01/22 21:47:11  pbi
# - added ARPingResult to handle arping() results
# - moved ARPing displaying logic to ARPing object
#
# Revision 0.9.17.27  2005/01/22 21:42:59  pbi
# - added args todo_graph()
# - added TracerouteResults object to handle traceroute results
# - moved traceroute displaying logic to TracerouteResult object
# - moved traceroute graphing logic to TracerouteResult object
#
# Revision 0.9.17.26  2005/01/20 22:59:07  pbi
# - graph_traceroute : added AS clustering, colors, tweaks
#
# Revision 0.9.17.25  2005/01/17 22:10:58  pbi
# - added do_graph() to draw GraphViz graphs using SVG output, displayed with ImageMagick
# - added graph_traceroute() to make a graph from multiple traceroutes
# - added timeout parameter to traceroute()
#
# Revision 0.9.17.24  2005/01/13 14:25:00  pbi
# - added Sebek v1 and v2 protocols (Pierre Lalet)
#
# Revision 0.9.17.23  2005/01/10 21:55:14  pbi
# - addded promisc and iface parameters to L3RawSocket
#
# Revision 0.9.17.22  2004/12/26 18:07:43  pbi
# - Improved PacketList with stability by addition and slicing
# - Added plot() to PacketList using Gnuplot
# - Added StrStopField
# - Added conf.debug_disssector to prevent dissector's exception from being catched
# - Added CookedLinux packet type
# - Show linktype number when it is unknown
#
# Revision 0.9.17.21  2004/12/26 16:04:57  pbi
# - removed strace in soxmix command line
# - DHCP support (from Mattias Wadman)
# - added missing make_table to PacketList class
# - have UDP class asks its payload for answers()
#
# Revision 0.9.17.20  2004/12/01 17:13:28  pbi
# - Early WEP support
# - voip_play() tweaks
# - Added LEShortField for Dot11 SC field
#
# Revision 0.9.17.19  2004/10/18 13:42:50  pbi
# - HSRP early support
# - Cisco CSSP Skinny early support
# - added Little Endian IntEnumField
# - added filter() method to PacketList
# - some voip_play() work
# - loop parameter value in send*() is used as the time to sleep between 2 loops
#
# Revision 0.9.17.18  2004/09/21 21:45:20  pbi
# - added recv() method to PcapReader to emulate a SuperSocket
# - added "offline" parameter to sniff() to use sniff on pcap files
# - removed voip_play_offline() and renamed voip_play_sniff() to voip_play()
#   which is now available to play offline
#
# Revision 0.9.17.17  2004/09/21 21:32:41  pbi
# - added early PPPoE support (Ralf Ertzinger)
# - fixed DNS summary() to handle empty queries or answers
#
# Revision 0.9.17.16  2004/09/21 14:58:15  pbi
# - added VOIP playing functions (not tested)
#
# Revision 0.9.17.15  2004/09/17 22:00:47  pbi
# - transfert traceroute() and arping() options to sndrcv() ("retry", etc.)
# - fixed retry option in sndrcv()
# - tweaked AnweringMachine class
# - rewrited airpwn to use AnsweringMachine
#
# Revision 0.9.17.14  2004/09/13 16:57:01  pbi
# - added loopback routing
#
# Revision 0.9.17.13  2004/09/12 21:44:45  pbi
# - AnsweringMachine working as I wanted!
#
# Revision 0.9.17.12  2004/09/10 16:54:46  pbi
# - AnsweringMachine twaking
# - added DNS spoofing answering machine
#
# Revision 0.9.17.11  2004/09/08 13:42:38  pbi
# - renamed  ScapyPcapWriter class to PcapWriter
# - added linktype parameter to PcapWriter (William McVey)
# - added PcapReader class (William McVey)
#
# Revision 0.9.17.10  2004/09/08 13:06:01  pbi
# - added some text correspondances to Radius code field
#
# Revision 0.9.17.9  2004/09/06 14:28:02  pbi
# - early radius support
#
# Revision 0.9.17.8  2004/09/06 14:17:11  pbi
# - added "store" parameter to sniff()
# - added AnsweringMachine class to handle request/response protocols
# - replaced bootpd by a AnsweringMachine subclass
# - created DHCP answering machine draft
#
# Revision 0.9.17.7  2004/09/03 22:11:35  pbi
# - finished airpwn()
#
# Revision 0.9.17.6  2004/08/13 16:49:51  pbi
# - added first version of airpwn() clone
#
# Revision 0.9.17.5  2004/08/11 15:25:08  pbi
# - added RIP protocol
#
# Revision 0.9.17.4  2004/08/09 14:00:20  pbi
# - added gzip support to sessions saving
# - can force pickle protocol to inferior values for pickle backward compatility
#
# Revision 0.9.17.3  2004/08/07 10:59:34  pbi
# - fixed self reloading when launched from a different directory
# - fixed session reloading problems with PacketList() and SndRcvAns()
# - added load_session(), save_session(), update_session()
#
# Revision 0.9.17.2  2004/07/28 21:16:12  pbi
# - added nsummary() method to SndRcvList() class
#
# Revision 0.9.17.1  2004/07/26 19:52:55  pbi
# Release 0.9.17
#
# Revision 0.9.16.18  2004/07/26 19:50:16  pbi
# - added ScapyPcapWriter class (William McVey)
#
# Revision 0.9.16.17  2004/07/26 19:24:48  pbi
# - do not need to be named 'scapy.py' anymore
# - use of PacketList() for rdpcap() and sniff()
# - fixed a bug in StrFixedLenField
# - early IKE and ISAKMP support
#
# Revision 0.9.16.16  2004/07/16 15:39:37  pbi
# - small fix on bootpd
#
# Revision 0.9.16.15  2004/07/10 13:13:25  pbi
# - finished testing ethertype in supersockets to decide wether or not to apply BPF filters
#
# Revision 0.9.16.14  2004/07/10 13:06:38  pbi
# - do not apply any BPF filter if ethertype is given to a supersocket (so that ARP requests will work
#   whatever the conf.except_filter value is)
#
# Revision 0.9.16.13  2004/07/09 09:11:15  pbi
# - changed the header and blocked the licence to GPLv2 only
#
# Revision 0.9.16.12  2004/07/09 09:07:41  pbi
# - added an independant routing table (conf.route) and methods to manipulate it
# - tweaked results stats
#
# Revision 0.9.16.11  2004/07/05 22:43:49  pbi
# - wrapper classes for results presentations and manipulation
# - sndrcv() retry auto adjustment when giving a negative value
#
# Revision 0.9.16.10  2004/07/05 08:53:41  pbi
# - added retry option to sndrcv()
# - improved debug class
# - added ottl() and hops() methods for IPTools class
# - improved UDP and ICMP summary()
#
# Revision 0.9.16.9  2004/06/07 16:09:21  pbi
# - fix again TCP.answers() and TCPerror.answers()
#
# Revision 0.9.16.8  2004/06/07 16:06:27  pbi
# - fixed conf.checkIPsrc behaviour of answers() and hashret() for TCP/UDP/TCPerror/UDPerror
# - added conf.debug_match to keep track of unanswered packets in debug.sent and debug.recv
#
# Revision 0.9.16.7  2004/06/07 09:20:43  pbi
# - added LEIntField and StrFixedLenField
# - added partial PrismHeader support
#
# Revision 0.9.16.6  2004/04/29 15:46:19  pbi
# - fixed fragment()
#
# Revision 0.9.16.5  2004/03/31 09:24:43  pbi
# - fix nmap fingerprint db parsing to handle the new format (Jochen Bartl)
#
# Revision 0.9.16.4  2004/03/23 08:45:10  pbi
# - Support for reading big endian pcap files (Pekka Pietikainen)
#
# Revision 0.9.16.3  2004/02/28 11:12:12  pbi
# - got rid of some future warnings (N. Bareil <nbareil@mouarf.org>)
# - improved BitField() for arbitrary length bit fields (N. Bareil <nbareil@mouarf.org>)
# - NTP protocol (N. Bareil <nbareil@mouarf.org>)
#
# Revision 0.9.16.2  2004/02/22 17:49:51  pbi
# added first sketch of a bootp daemon: bootpd()
#
# Revision 0.9.16.1  2004/01/26 18:01:00  pbi
# Release 0.9.16
#
# Revision 0.9.15.15  2004/01/26 18:00:08  pbi
# - added more text for DNS codes
#
# Revision 0.9.15.14  2004/01/15 13:24:48  pbi
# - fixed the case where IP field is a list of nets
# - randomize IPID in traceroute() to work better with conf.checkIPsrc=0
# - added make_tex_table() and make_lined_table()
# - added IPID_count() to identify machines with their IPID
# - added sport and dport args to fragleak()
#
# Revision 0.9.15.13  2004/01/11 11:47:07  pbi
# - srploop() and srloop() improvements
#
# Revision 0.9.15.12  2004/01/11 01:28:21  pbi
# - srloop() and srploop…
Large files files are truncated, but you can click here to view the full file