views:

1014

answers:

5

Is there a python library which implements a standalone TCP stack?

I can't use the usual python socket library because I'm receiving a stream of packets over a socket (they are being tunneled to me over this socket). When I receive a TCP SYN packet addressed to a particular port, I'd like to accept the connection (send a syn-ack) and then get the data sent by the other end (ack'ing appropriately).

I was hoping there was some sort of TCP stack already written which I could utilize. Any ideas? I've used lwip in the past for a C project -- something along those lines in python would be perfect.

A: 

I know this isn't directly Python related but if you are looking to do heavy network processing, you should consider Erlang instead of Python. Just a suggestion really... you can always take a shot a doing this with Twisted... if you feel adventurous (and have lots of time on your side) ;-)

jldupont
Why Erlang specifically? Why not C? C++? Java? etc...
jmucchiello
Because Erlang lands itself very well for doing asynchronous processes.
jldupont
I voted this back up - whoever voted it down should be ashamed of yourself - there is nothing wrong with asking someone to question their tooling requirements. With that said - why erlang specifically?
Shane C. Mason
Why Erlang? because doing packet manipulation is one of the reason Erlang exists in the first place: it was born out of Ericsson for their network products.
jldupont
A: 

You might be able to use the ctypes module to import lwip and use it again.

D.Shawley
Not a bad idea, but I think this would involve a lot more work than I'm looking for on this one.
David Underhill
+1  A: 

Glancing over Scapy, it looks like it might be able to handle these low-level situations. I haven't used it myself so I can't confirm that it does what you've explained; I've only glanced over the documentation.

Mark Rushakoff
Scapy is neat, but I don't think it will help me with handling the protocol itself -- just decoding the packet into its constituent fields?
David Underhill
+5  A: 

You don't say which platform you are working on, but if you are working on linux, I'd open a tun/tap interface and get the IP packets back into the kernel as a real network interface so the kernel can do all that tricky TCP stuff.

This is how (for example) OpenVPN works - it receives the raw IP packets over UDP or TCP and tunnels them back into the kernel over a tun/tap interface.

I think that there is a tun/tap interface for windows too now which was developed for the OpenVPN port to windows.

Nick Craig-Wood
I like this idea. I'm using linux, so getting the tun/tap device and a tap0 intf setup wasn't hard. Unfortunately, I'm at a loss on how to make use of it. To start, I'm writing my raw unencapsulated packet onto tap0 (with a raw socket). I see the correctly form SYN packet show up on tap0 (addressed to tap0's MAC and IP addresses). However, if I run netcat listening on tap0's IP address I don't see it respond with a syn-ack. I am able to connect to it with telnet (though the kernel seems to just shortcut this traffic through lo).Any pointers on how I could get this to work? Thanks Nick!
David Underhill
A: 

If you are already committed to the software at the other end of the socket, that is forwarding TCP packets to you, then perhaps TCPWatch will show you how to get at the SYN packets. SCAPY is certainly great for sending exactly the packets that you want, but I'm not sure that it will work as a proxy.

http://hathawaymix.org/Software/TCPWatch

However, if you are not committed to what is on the sending end, then consider using Twisted Conch or Paramiko to do SSH forwarding. Even if you don't need encryption, you can still use these with blowfish which has a low impact on your CPU. This doesn't mean that you need Conch on the other end, since SSH is standardised so any SSH software should work. In the SSH world this is normally referred to as "port forwarding" and people use an SSH terminal client to log into an SSH server and set up the port forwarding tunnel. Conch and Paramiko allow you to build this into a Python application so that there is no need for the SSH terminal client.

Michael Dillon