This application generates PCAP files from CSV files using low-level Python tools
#this is a comment
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, dst_port=22
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, dst_port=8192,vlan=10
src_mac=20:00:00:00:00:01,dst_mac=20:00:00:00:00:02, vlan=1000
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, dst_port=22
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, src_port=12312, dst_port=514, ether_type=ipv4, protocol=tcp_syn
#ext_src_ip=192.168.1.20, ext_dst_ip=192.168.1.1, gtp=255, src_ip=10.0.0.1, dst_ip=10.0.0.2, src_port=2048, dst_port=4096
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ipv6=2603:abba:abba:acdc:dead:beef:dead:beef, dst_ipv6=2400:abba:edda:acdc:dbf3:52a8:2cb7:b38e, src_port=11771, dst_port=123,ether_type=ipv6,protocol=tcp_syn,payload_needed=false
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ipv6=2603:abba:abba:acdc:dead:beef:dead:beef, dst_ipv6=2400:abba:edda:acdc:dbf3:52a8:2cb7:b38e,dst_port=534,ether_type=ipv6,protocol=udp
If a necessary L2/L3/L4/GTP/etc. header field is missing default values will be used, which can be changed by input arguments.
- Ethernet
- IPv4
- UDP
- TCP SYN
- GTP
- IPv6
- UDP
- TCP SYN
- IPv4
In all cases, even in IPv4/UDP where checksum are optional, checksum are always calculated properly. Hence, you can use the generated pcap to replay it over muliple links as routers will not drop the packets (due to checksum errors)
There is an optional setting for each packet about the payload. The new "protocol_header" you can define for each packet is payload_needed
and by default it is set to True
.
So, if you omit it works as before and uses the packet size as an indicator.
Otherwise, you can set for some packets to not generate a payload. For instance, you might generate different types of packets with 128B packet size, but you don't want the TCP_SYN packets to have a payload at all. Then, you can disable it by adding payload_needed=false
to the particular line in your .csv file.
- Python 3
$ git clone https://github.com/cslev/pcap_generator
$ cd pcap_generator
$ python3 pcap_generator_from_csv.py -i YOUR_INPUT.CSV -o YOUR_DESIRED_PCAPFILENAME
$ python3 pcap_generator_from_csv.py -h
usage: pcap_generator_from_csv.py [-h] -i INPUT -o OUTPUT [-p PACKETSIZES] [-P] [-a SRC_MAC] [-b DST_MAC] [-c VLAN] [-d SRC_IP] [-e DST_IP] [-f TTL] [-g SRC_PORT] [-j DST_PORT] [-k GTP_TEID] [-l TIMESTAMP]
[-m ETHER_TYPE] [-n SRC_IPV6] [-u DST_IPV6] [-w PROTOCOL] [-v]
Usage of PCAP generator from CSV file
optional arguments:
-h, --help show this help message and exit
-i INPUT, --input INPUT
Specify the name of the input CSV file. For syntax, see input.csv.example!
-o OUTPUT, --output OUTPUT
Specify the output PCAP file's basename! Output will be [output].[PACKETSIZE]bytes.pcap extension is not needed!
-p PACKETSIZES, --packetsizes PACKETSIZES
Specify here the required packetsize! In case of more than one, just create a comma separated list such as 64,112,42. Default: 64
-P, --payload-needed Specifiy if you want the packets to be padded to the packetsize at all! For instance, if you want normal TCP SYN, you don't need payload - although, using TCP protocol already makes
your packet bigger than the min. of 64B
-a SRC_MAC, --src-mac SRC_MAC
Specify default source MAC address if it is not present in the input.csv. Default: 00:00:00:00:00:01
-b DST_MAC, --dst-mac DST_MAC
Specify default destination MAC address if it is not present in the input.csv. Default: 00:00:00:00:00:02
-c VLAN, --vlan VLAN Specify default VLAN tag if it is not present in the input.csv. Default: No VLAN
-d SRC_IP, --src-ip SRC_IP
Specify default source IP address if it is not present in the input.csv. Default: 10.0.0.1
-e DST_IP, --dst-ip DST_IP
Specify default destination IP address if it is not present in the input.csv. Default: 10.0.0.2
-f TTL, --ttl TTL Specify default TTL if it is not present in the input.csv. Default: 10
-g SRC_PORT, --src-port SRC_PORT
Specify default source port if it is not present in the input.csv. Default: 1234
-j DST_PORT, --dst-port DST_PORT
Specify default destination port if it is not present in the input.csv. Default: 80
-k GTP_TEID, --gtp-teid GTP_TEID
Specify default GTP_TEID if it is not present in the input.csv. Default: NO GTP TEID
-l TIMESTAMP, --timestamp TIMESTAMP
Specify the default timestamp for each packet if it is not present in the input.csv. Default: Use current time
-m ETHER_TYPE, --ether-type ETHER_TYPE
Sepcify the default ether type for each packet if is not present (ipv4/ipv6) in the input.csv. Default: ipv4
-n SRC_IPV6, --src-ipv6 SRC_IPV6
Specify the default source IPv6 address if IPv6 is desired and the value is not presentin the input.csv. Default: 2603:c022:0001:52dd:dead:beef:abba:edda (0s are not OMITTED!)
-u DST_IPV6, --dst-ipv6 DST_IPV6
Specify the default destination IPv6 address if IPv6 is desired and the value is not presentin the input.csv. Default: 2405:0800:9030:1bd2:dead:beef:dead:beef (0s are not OMITTED!)
-w PROTOCOL, --protocol PROTOCOL
Specify the default protocol if not present (udp/tcp_syn) Default: udp
-v, --verbose Enabling verbose mode
In order to create a PCAP from CSV file called 'input.csv', desired output file called 'output.pcap' with packet sizes of 64,128, and 512 assuming that if there is no VLAN header specified in the CSV file for a given header then apply VLAN tag: 505, the following command will do the job:
$ python3 pcap_generator_from_csv.py -i input.csv -o output -p 64,128,512 --vlan 505
Your PCAP files will be 'output.64bytes.pcap', 'output.128bytes.pcap', and 'output.512bytes.pcap' all consisting of the same header fields but in different packet sizes.
NOTE: if you set payload_needed=false
for some specific packets, they won't be padded to the requested packet size obviously.
THE SCRIPT IS NOT BULLET-PROOF!
PAY ATTENTION TO YOUR HEADER DATA
For instance, supply IPv4 addresses when ether_type=ipv4, and IPv6 addresses when ether_type=ipv6 and vice versa! Otherwise, you might end up using default values or run into errors!
Thanks to @egerpon for adding GTP feature
# Simply run:
./pcap_generator_from_csv.py --generate-random <number_of_packets> -o <desired_output_pcapfile_prefix>
# Example:
./pcap_generator_from_csv.py --generate-random 128 -o output