Search code examples
pythonnetworkingscapybgp

Setting up BGP Layer Using Scapy

I am trying to use Scapy to send packets that have a BGP layer

I am currently stuck on a rudimentary part of this problem because I am unable to set up the BGP layer. I followed the instructions to set up the regular IP and TCP Layer.

Eg:

>>a=IP(src="192.168.1.1",dst="192.168.1.2")/TCP(sport=179,dport=50)

But the problem arises when I do this:

>>a=a/BGP()
NameError: name BGP is not defined

I have seen the BGP implementations in the contrib file from Scapy Github (https://github.com/secdev/scapy/blob/9201f1cf1318edd5768d7e2ee968b7fba0a24c5e/scapy/contrib/bgp.py) so I think Scapy does support BGP implementations

I am new to networking so I was wondering if you could help me set up the BGP layer

Thanks for taking the time to read this!

Solution

  • Just going to try and help here. I have zero experience with BGP type packets, but... I copied the bgp.py file from the link you provided into scapy/layers. Using ls() I found the following:

    BGPAuthenticationData : BGP Authentication Data
BGPErrorSubcodes : BGP Error Subcodes
BGPHeader  : BGP header
BGPNotification : BGP Notification fields
BGPOpen    : BGP Open Header
BGPOptionalParameter : BGP Optional Parameters
BGPPathAttribute : BGP Attribute fields
BGPUpdate  : BGP Update fields

    I could then use say ls(BGPUpdate) to show this:

    withdrawn_len : ShortField           = (None)
withdrawn  : FieldListField       = ([])
tp_len     : ShortField           = (None)
total_path : PacketListField      = ([])
nlri       : FieldListField       = ([])

    and was able to create this packet:

    pkt = pkt = IP()/TCP()/BGPUpdate()
pkt.show()
###[ IP ]###
  version   = 4
  ihl       = None
  tos       = 0x0
  len       = None
  id        = 1
  flags     = 
  frag      = 0
  ttl       = 64
  proto     = tcp
  chksum    = None
  src       = 127.0.0.1
  dst       = 127.0.0.1
  \options   \
###[ TCP ]###
     sport     = ftp_data
     dport     = http
     seq       = 0
     ack       = 0
     dataofs   = None
     reserved  = 0
     flags     = S
     window    = 8192
     chksum    = None
     urgptr    = 0
     options   = {}
###[ BGP Update fields ]###
        withdrawn_len= None
        withdrawn = []
        tp_len    = None
        \total_path\
        nlri      = []

    I'm not sure what all of the different types of BGP layers/packets are used for or where the Communities Number would be set. Possibly in BGPPathAttribute(type=x). Type 5 is "LOCAL_PREF" which may correspond to Community Values. Try this Link.

    pkt = BGPPathAttribute(type=5)
pkt.show()
###[ BGP Attribute fields ]###
  flags     = Transitive
  type      = LOCAL_PREF
  attr_len  = None
  value     = ''

    Anyway, hope that helps a little.

    Edit: Forgot. I also added "bgp" to the load_layers section of scapy/config.py. Line 373. Like this:

       load_layers =  ["l2", "inet", "dhcp", "dns", "dot11", "gprs", "hsrp", "inet6", "ir", "isakmp", "l2tp",
               "mgcp", "mobileip", "netbios", "netflow", "ntp", "ppp", "radius", "rip", "rtp",
               "sebek", "skinny", "smb", "snmp", "tftp", "x509", "bluetooth", "dhcp6", "llmnr", "sctp", "vrrp",
               "ipsec","bgp"]