[Solved] Packet crafting

Hi, I'm trying to write a script that will capture signal strength of each device on my network (I've done this with just a simple tcpdump command). I now want to craft a packet and have this captured information as the payload.
I am just wondering is there a way of crafting a packet using a shell script?

Any advice would be greatly appreciated thank you.

Quick answer, no, the shell doesn't have access to raw sockets nor would "crafting" a binary packet be anything but insanely painful with what the shell provides you. The shell can certainly execute other programs that are more appropriate for this.

Without knowing your application, if you are truly looking to generate an "arbitrary" raw packet, scapy or libnet are a couple starting points.

Very seldom does one need to "craft a packet" as must applications can use one of the existing "cooked" sockets, such as those used for UDP and TCP.

1 Like

It also depends on where the data will be going. I might be tempted to investigate sending syslog packets to a remote syslog server.

  • The shell certainly can send to a syslog message with the desired contents
  • There are a zillion syslog servers that will listen for and record these messages
  • Syslog can send UDP packets, so it's very nearly as efficient as crafting your own packet
  • Messages are in text, so they're easy to read/debug

As you've brought up syslog, and I'll admit I haven't dug into it too deeply, do you know if OpenWRT natively supports syslog over TLS or, if not, which packages are required? I've seen that it can support unencrypted, unauthenticated "old-school" syslog, but I prefer to "protect" the log host.

Rich's suggestion is a good one if you need to deliver the "payload" locally. I often use MQTT over TLS with authentication if I need to have the information delivered to more than one consumer. With a "last will" on your MQTT connection, you can also get a reasonably reliable hint of the source being dead :skull:

I suggested syslog both because it can send data over a network as UDP packets (or over a TCP connection, maybe with encryption) and also because it's really easy to get it working.

If syslog worked well enough for @ConorQ, then he'd be done after only a couple hours of implementation effort. If not, he could implement a better way of sending data after verifying the rest of the application (data collection, data analysis) was working properly.

Hi @jeff and @richb-hanover thank you for your replies and I really apologize for the delayed reply I have been focusing on another part of of my code.
The reason I am creating my own packets is because I wanted to send them to an SDN controller running on my laptop (
I have tried using echo -n "hello" > /dev/udp/
Obviously I am going to change the "hello" with information that is of use to the controller but I get an error
-ash: can't create /dev/udp/ nonexistent directory
I also tried a similar way echo -n "hello" | nc 6633 but all I seem to be able to do with that method is just set up a socket connection with the controller but not actually send "hello" and it just hangs not letting me do anything. The -u option for nc does not work because the connection just gets refused.

When using nc my connection keeps being refused when trying to send a UDP packet
when I run
echo "foo" | nc -u 6633
I get back
read(net): Connection refused

Try this for writing to syslog...

root@LEDE:~# logger (Your message to syslog...no quotes)

Example -

root@LEDE:~# logger System rebooted for hard disk upgrade

Worked for me.

Solution courtesy of https://www.cyberciti.biz/tips/howto-linux-unix-write-to-syslog.html

Hi @jwoods . I'm not sure this is what I am looking for but thank you for your suggestion.
What I want to do is send a custom network packet(where I supply the destination address and payload) to an SDN controller

connection refused is weird. are you sure that you have a route to that network on your machine? Do you have another program also listening to the same port? Maybe a second netcat still running in background?

I was following @richb-hanover's line of thought...

I personally use Visual Syslog Server.

Example -

Configure remote logging


Send message

root@LEDE:~# logger Test remote packet sent to syslog

View messages on remote location with a syslog server


@dlakelan .Thank you for the reply. I definitely have a connection as the SDN controller is printing out packets related to the devices connected to the router.
The only program I have running at the moment is the simple_switch in Ryu on my laptop as the controller.
I don't think I have another netcat running as I killed everything a few times to start up the connections again

I think I figured it out. I was making a very stupid mistake when using netcat I was using the IP address of the controller which then was getting refused. I just needed to change the IP address to a random one so that the oopenvswitch would direct the packet to the controller.
Thank you for all the help.
Here is my solution which I have put inside a C program.

char message[64];
sprintf(message,"echo %d | nc -uc 6600",rssi);

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.