Derived PDUs

DNS PDU

DNS class

class DNS

Bases: cycapture.libtins._tins.PDU

DNS Protocol Data Unit

Constructor: DNS()

class QRType

Bases: enum.IntEnum

Enum used to tell if the DNS PDU is DNS query or a DNS response

Attributes: QUERY, RESPONSE

DNS.Query

alias of DNS_Query

class DNS.QueryClass

Bases: enum.IntEnum

Classes of DNS queries

Attributes: IN, CH, HS, ANY

class DNS.QueryType

Bases: enum.IntEnum

Types of DNS queries

Attributes: A, NS, MD, MF, CNAME, SOA, MB, MG, MR, NULL_R, WKS, PTR, HINFO, MINFO, MX, TXT, RP, AFSDB, X25, ISDN, RT, NSAP, NSAP_PTR, SIG, KEY, PX, GPOS, AAAA, LOC, NXT, EID, NIMLOC, SRV, ATMA, NAPTR, KX, CERT, A6, DNAM, SINK, OPT, APL, DS, SSHFP, IPSECKEY, RRSIG, NSEC, DNSKEY, DHCID, NSEC3, NSEC3PARAM

DNS.Resource

alias of DNS_Resource

DNS.add_additional(additional)

Add an additional resource record.

Parameters:additional (DNS_Resource) -- the record to be added
DNS.add_answer(answer)

Add an answer resource record.

Parameters:answer (DNS_Resource) -- the answer to be added
DNS.add_authority(authority)

Add an authority resource record.

Parameters:authority (DNS_Resource) -- the authority record to be added
DNS.add_query(q)

Add a query to perform.

Parameters:q (DNS_Query) -- the query to be added
DNS.additional_count()
Returns:int -- Returns the number of additional records
DNS.answers_count()
Returns:int -- Returns the number of answers
DNS.authority_count()
Returns:int -- Returns the number of authority records
DNS.get_additionals()
Returns:additional (list of DNS_Resource) -- the list of DNS additional records contained in the DNS PDU
DNS.get_answers()
Returns:answers (list of DNS_Resource) -- the list of DNS answers contained in the DNS PDU
DNS.get_authorities()

authority()

Returns:authority (list of DNS_Resource) -- the list of DNS authority records contained in the DNS PDU
DNS.get_queries()
Returns:queries (list of DNS_Query) -- the list of DNS queries contained in the DNS PDU
DNS.queries_count()
Returns:int -- Returns the number of queries
DNS.questions_count()
Returns:int -- Returns the number of queries
DNS.authenticated_data

authenticated data field (read-write property).

DNS.authoritative_answer

authoritative answer field (read-write property).

DNS.checking_disabled

checking disabled field (read-write property).

DNS.id

id field (read-write property)

DNS.opcode

opcode field (read-write property).

DNS.qrtype

type field (read-write property).

Can be DNS.QRType.Query or DNS.QRType.Response.

DNS.rcode

rcode field (read-write property).

DNS.recursion_available

recursion available field (read-write property).

DNS.recursion_desired

recursion desired field (read-write property).

DNS.truncated

truncated field (read-write property).

DNS.z

z field (read-write property).

DNS helpers

DNS.Query class

class DNS_Query(name=None, query_type=None, query_class=None)

Bases: object

Encapsulate a DNS query

Parameters:
  • name (bytes) -- domain name
  • query_type (int) -- query type
  • query_class (int) -- query class
name

Domain name (read-only property)

query_class

Query class (read-only property)

query_type

Query type (read-only property)

DNS.Resource class

class DNS_Resource(name=None, data=None, query_type=None, query_class=None, ttl=None)

Bases: object

Encapsulate a DNS resource

Parameters:
  • name (bytes) -- The domain name for which this record provides an answer.
  • data (bytes) -- The resource's payload
  • query_type (int) -- record type
  • query_class (int) -- record class
  • ttl (int) -- record TTL

Note

The data will be encoded properly by the DNS class before being added to this packet. That means that if the type is A or AAAA, it will be properly encoded as an IPv4 or IPv6 address. The same happens for records that contain domain names, such as NS or CNAME. This data will be encoded using DNS domain name encoding.

data

This resource's payload (read-only property)

name

Domain name (read-only property)

query_class

Record class (read-only property)

query_type

Record type (read-only property)

ttl

Record TTL (read-only property)

DHCP and BootP PDU

DHCP

class DHCP

Bases: cycapture.libtins._tins.BootP

DHCP packet

Note

When adding options, the End option is not added automatically, so you should add it yourself.

class Flags

Bases: enum.IntEnum

DHCP flags

Attributes: DISCOVER, OFFER, REQUEST, DECLINE, ACK, NAK, RELEASE, INFORM

class DHCP.OptionTypes

Bases: enum.IntEnum

DHCP options

Attributes: PAD, SUBNET_MASK, TIME_OFFSET, ROUTERS, TIME_SERVERS, NAME_SERVERS, DOMAIN_NAME_SERVERS, LOG_SERVERS, COOKIE_SERVERS, LPR_SERVERS, IMPRESS_SERVERS, RESOURCE_LOCATION_SERVERS, HOST_NAME, BOOT_SIZE, MERIT_DUMP, DOMAIN_NAME, SWAP_SERVER, ROOT_PATH, EXTENSIONS_PATH, IP_FORWARDING, NON_LOCAL_SOURCE_ROUTING, POLICY_FILTER, MAX_DGRAM_REASSEMBLY, DEFAULT_IP_TTL, PATH_MTU_AGING_TIMEOUT, PATH_MTU_PLATEAU_TABLE, INTERFACE_MTU, ALL_SUBNETS_LOCAL, BROADCAST_ADDRESS, PERFORM_MASK_DISCOVERY, MASK_SUPPLIER, ROUTER_DISCOVERY, ROUTER_SOLICITATION_ADDRESS, STATIC_ROUTES, TRAILER_ENCAPSULATION, ARP_CACHE_TIMEOUT, IEEE802_3_ENCAPSULATION, DEFAULT_TCP_TTL, TCP_KEEPALIVE_INTERVAL, TCP_KEEPALIVE_GARBAGE, NIS_DOMAIN, NIS_SERVERS, NTP_SERVERS, VENDOR_ENCAPSULATED_OPTIONS, NETBIOS_NAME_SERVERS, NETBIOS_DD_SERVER, NETBIOS_NODE_TYPE, NETBIOS_SCOPE, FONT_SERVERS, X_DISPLAY_MANAGER, DHCP_REQUESTED_ADDRESS, DHCP_LEASE_TIME, DHCP_OPTION_OVERLOAD, DHCP_MESSAGE_TYPE, DHCP_SERVER_IDENTIFIER, DHCP_PARAMETER_REQUEST_LIST, DHCP_MESSAGE, DHCP_MAX_MESSAGE_SIZE, DHCP_RENEWAL_TIME, DHCP_REBINDING_TIME, VENDOR_CLASS_IDENTIFIER, DHCP_CLIENT_IDENTIFIER, NWIP_DOMAIN_NAME, NWIP_SUBOPTIONS, USER_CLASS, FQDN, DHCP_AGENT_OPTIONS, SUBNET_SELECTION, AUTHENTICATE, END

DHCP.add_option(identifier, data=None)

Add an option

Parameters:
  • identifier (OptionTypes) -- option type
  • data (None or bytes) -- option data
DHCP.end()

Adds an end option to the option list.

The END option is not added automatically. You should explicitly add it at the end of the DHCP options to be standard-compliant.

DHCP.options()

Returns the list of current options.

Returns:options (list of 2-uple (option type int, data bytes))
DHCP.search_option(identifier)

Search for an option by type

Parameters:identifier (OptionTypes)
Returns:data (None (option is not present) or b'' (option is present, no data) or some bytes (option data))
DHCP.broadcast

Broadcast option (read-write, IPv4Address)

DHCP.domain_name

Domain name option (read-write, bytes)

DHCP.domain_name_servers

Domain name servers option (read-write, list of IPv4Address)

DHCP.hostname

Hostname option (read-write, bytes)

DHCP.lease_time

Lease time option (read-write, uint32_t)

DHCP.rebind_time

Rebind time option (read-write, uint32_t)

DHCP.renewal_time

Renewal time option (read-write, uint32_t)

DHCP.requested_ip

Requested IP option (read-write, IPv4Address)

DHCP.routers

Routers option (read-write, list of IPv4Address)

DHCP.server_identifier

Server identifier option (read-write, IPv4Address)

DHCP.subnet_mask

Subnet mask option (read-write, IPv4Address)

DHCP.type

DHCP type option (read-write, Flags)

BootP

class BootP

Bases: cycapture.libtins._tins.PDU

BootP packet

class OpCodes

Bases: enum.IntEnum

The different opcodes BootP messages

Attributes: BOOTREQUEST, BOOTREPLY

BootP.chaddr

chaddr field (read-write, bytes like b"00:01:02:03:04:05:06:07:08:09:10:11:12:13:14:ff")

BootP.ciaddr

ciaddr field (read-write, IPv4Address)

BootP.file

file field (read-write, bytes with length <= 128)

BootP.giaddr

giaddr field (read-write, IPv4Address)

BootP.hlen

hlen field (read-write, uint8_t)

BootP.hops

hops field (read-write, uint8_t)

BootP.htype

htype field (read-write, uint8_t)

BootP.opcode

OpCode field (read-write, uint8_t)

BootP.padding

padding field (read-write, uint16_t)

BootP.secs

secs field (read-write, uint16_t)

BootP.siaddr

siaddr field (read-write, IPv4Address)

BootP.sname

sname field (read-write, bytes with length <= 64)

BootP.vend

vend field (read-write, bytes)

BootP.xid

xid field (read-write, uint32_t)

BootP.yiaddr

yiaddr field (read-write, IPv4Address)