Hi, I'm trying to write a script that will capture signal strength of each device on my network (I've done this with just a simple tcpdump command). I now want to craft a packet and have this captured information as the payload.
I am just wondering is there a way of crafting a packet using a shell script?
Any advice would be greatly appreciated thank you.
Quick answer, no, the shell doesn't have access to raw sockets nor would "crafting" a binary packet be anything but insanely painful with what the shell provides you. The shell can certainly execute other programs that are more appropriate for this.
Without knowing your application, if you are truly looking to generate an "arbitrary" raw packet, scapy or libnet are a couple starting points.
Very seldom does one need to "craft a packet" as must applications can use one of the existing "cooked" sockets, such as those used for UDP and TCP.
It also depends on where the data will be going. I might be tempted to investigate sending syslog packets to a remote syslog server.
- The shell certainly can send to a syslog message with the desired contents
- There are a zillion syslog servers that will listen for and record these messages
- Syslog can send UDP packets, so it's very nearly as efficient as crafting your own packet
- Messages are in text, so they're easy to read/debug
As you've brought up syslog, and I'll admit I haven't dug into it too deeply, do you know if OpenWRT natively supports syslog over TLS or, if not, which packages are required? I've seen that it can support unencrypted, unauthenticated "old-school" syslog, but I prefer to "protect" the log host.
Rich's suggestion is a good one if you need to deliver the "payload" locally. I often use MQTT over TLS with authentication if I need to have the information delivered to more than one consumer. With a "last will" on your MQTT connection, you can also get a reasonably reliable hint of the source being dead
I suggested syslog both because it can send data over a network as UDP packets (or over a TCP connection, maybe with encryption) and also because it's really easy to get it working.
If syslog worked well enough for @ConorQ, then he'd be done after only a couple hours of implementation effort. If not, he could implement a better way of sending data after verifying the rest of the application (data collection, data analysis) was working properly.
Hi @jeff and @richb-hanover thank you for your replies and I really apologize for the delayed reply I have been focusing on another part of of my code.
The reason I am creating my own packets is because I wanted to send them to an SDN controller running on my laptop (192.168.2.173:6633)
I have tried using echo -n "hello" > /dev/udp/192.168.2.173/6633
Obviously I am going to change the "hello" with information that is of use to the controller but I get an error
-ash: can't create /dev/udp/192.168.2.173/6633: nonexistent directory
I also tried a similar way echo -n "hello" | nc 192.168.2.173 6633 but all I seem to be able to do with that method is just set up a socket connection with the controller but not actually send "hello" and it just hangs not letting me do anything. The -u option for nc does not work because the connection just gets refused.
When using nc my connection keeps being refused when trying to send a UDP packet
when I run
echo "foo" | nc -u 192.168.2.173 6633
I get back
read(net): Connection refused
Try this for writing to syslog...
root@LEDE:~# logger (Your message to syslog...no quotes)
root@LEDE:~# logger System rebooted for hard disk upgrade
Worked for me.
Solution courtesy of https://www.cyberciti.biz/tips/howto-linux-unix-write-to-syslog.html
Hi @jwoods . I'm not sure this is what I am looking for but thank you for your suggestion.
What I want to do is send a custom network packet(where I supply the destination address and payload) to an SDN controller
connection refused is weird. are you sure that you have a route to that network on your machine? Do you have another program also listening to the same port? Maybe a second netcat still running in background?
I was following @richb-hanover's line of thought...
I personally use Visual Syslog Server.
Configure remote logging
root@LEDE:~# logger Test remote packet sent to syslog
View messages on remote location with a syslog server
@dlakelan .Thank you for the reply. I definitely have a connection as the SDN controller is printing out packets related to the devices connected to the router.
The only program I have running at the moment is the simple_switch in Ryu on my laptop as the controller.
I don't think I have another netcat running as I killed everything a few times to start up the connections again
I think I figured it out. I was making a very stupid mistake when using netcat I was using the IP address of the controller which then was getting refused. I just needed to change the IP address to a random one so that the oopenvswitch would direct the packet to the controller.
Thank you for all the help.
Here is my solution which I have put inside a C program.
sprintf(message,"echo %d | nc -uc 192.168.2.172 6600",rssi);
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.