Purpose

I have a little errand, for example, what does the Scapy code look like? What is Scapy? Scapy is a powerful Python-based interactive packet manipulation program and library. (Quote: https://pypi.org/project/scapy/)

** Python has no struct **, so I confirmed how to process structural data such as packets.

The target code is https://github.com/secdev/scapy

All citation codes are above.

What i found

Overview

In the code, there were the following two structure-related processes

struct module
Structure class

Basically, the former is used.

struct module

↓ It was packed with the following feeling.

    psdhdr = struct.pack("!4s4sHH",
                         inet_pton(socket.AF_INET, u.src),
                         inet_pton(socket.AF_INET, u.dst),
                         proto,
                         ln)

Structure class

↓ There is the following code, but is it for Windows pcap support? ?? I didn't know how to use it.

class sockaddr_in(Structure):
    _fields_ = [("sin_family", SHORT),
                ("sin_port", USHORT),
                ("sin_addr", in_addr),
                ("sin_zero", 8 * CHAR)]

Summary

I checked how the structural data of the packet is processed by the famous Scapy. The ** struct module ** was used. (There is a bit of a misnomer above. It may be appropriate to say that the struct module was used in the part where the data is stored.) In terms of how structures are handled in c language etc., I think it is correct to say that the parts other than the structuring are normally members of the class.

If you have any comments, please let us know. : candy: