Linux scapy the ARP packet verbose process

[Email protected]:~# scapy
Warning:no Route found for IPv6 destination:: (No default route?)
Info:can ' t import Python ecdsa lib. Disabled Certificate Manipulation Tools
Welcome to Scapy (unknown.version)

>> A=ether ()/arp ()
>> A.show ()
###[Ethernet]###
dst= 00:50:56:ef:49:1f
Src= 00:0c:29:e2:bb:15
Type= 0x806
###[ARP]###
Hwtype= 0x1
Ptype= 0x800
Hwlen= 6
Plen= 4
op= Who-has
Hwsrc= 00:0c:29:e2:bb:15
Psrc= 192.168.80.250
hwdst= 00:00:00:00:00:00
pdst= 0.0.0.0

>>ARP1=SRP (Ether (src= ' 00:0c:29:e2:bb:15 ', dst= ' FF:FF:FF:FF:FF:FF ')/arp (op=1,hwsrc= ' 00:0c:29:e2:bb:15 ', Hwdst= ' 00:00:00:00:00:00 ', psrc= ' 192.168.80.250 ', pdst= ' 192.168.80.251 ',))
Begin emission:
*finished to send 1 packets.

Received 1 packets, got 1 answers, remaining 0 packets
1) >>> print (ARP1)
(<results:tcp:0 udp:0 icmp:0 Other:1>, <unanswered:tcp:0 udp:0 icmp:0 other:0>)
Generate received response and forfeiture to response tuple;
2) To view the data types for ARP1:

>> print (Type (ARP1))
<type ' tuple ' > for tuples
3) Use the tuple method to print only received messages:
>> print (arp1[0])
<results:tcp:0 udp:0 icmp:0 Other:1>
4) display arp1[0] Data type:
>> print (Type (arp1[0]))
<class ' Scapy.plist.SndRcvList ' >
5) View the ' Scapy.plist.SndRcvList data type processing method (view https://fossies.org/dox/scapy-2.3.3/) using Res method
6) Generate the packet sent and received in the response packet and list the package Res method
>> Print (arp1[0].res) * First pair of sending and receiving packages
[(<ether dst=ff:ff:ff:ff:ff:ff src=00:0c:29:e2:bb:15 type=0x806 |<arp op=who-has hwsrc=00:0c:29:e2:bb:15 psrc= 192.168.80.250 hwdst=00:00:00:00:00:00 pdst=192.168.80.251 |>>, <ether dst=00:0c:29:e2:bb:15 src=00:0c : 29:21:fd:03 type=0x806 |<arp hwtype=0x1 ptype=0x800 hwlen=6 plen=4 op=is-at hwsrc=00:0c:29:21:fd:03 psrc= 192.168.80.251 hwdst=00:0c:29:e2:bb:15 pdst=192.168.80.250 |<padding load= ' \x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00 ' |>>>)]
7) Submit the data of the packet collection
>> print (arp1[0].res[0][1])
8) View Arp1[0].res[0][1] Data type:
>> print (Type (arp1[0].res[0][1]))
<class ' Scapy.layers.l2.Ether ' >
9) View the Scapy.layers.l2.Ether data type processing method (Internet View https://fossies.org/dox/scapy-2.3.3/)
Static Public Attributes
String name = "Ethernet"

List Fields_desc

The method
10) Extract the packet data using the fields method (generating the corresponding dictionary):
Print (Arp1[0].res[0][1].fields)
{' src ': ' 00:0c:29:21:fd:03 ', ' DST ': ' 00:0c:29:e2:bb:15 ', ' type ': 2054}
11) Read the packet data using the Show method:
Print (Arp1[0].res[0][1].show ())
###[Ethernet]###
dst= 00:0c:29:e2:bb:15
Src= 00:0c:29:21:fd:03
Type= 0x806
###[ARP]###
Hwtype= 0x1
Ptype= 0x800
Hwlen= 6
Plen= 4
op= Is-at
Hwsrc= 00:0c:29:21:fd:03
Psrc= 192.168.80.251
hwdst= 00:0c:29:e2:bb:15
pdst= 192.168.80.250
###[Padding]###
Load= ' \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 '
12) Use the Show method to read the ARP in the receiving data:

>> print (Arp1[0].res[0][1][1].show ())
###[ARP]###
Hwtype= 0x1
Ptype= 0x800
Hwlen= 6
Plen= 4
op= Is-at
Hwsrc= 00:0c:29:21:fd:03
Psrc= 192.168.80.251
hwdst= 00:0c:29:e2:bb:15
pdst= 192.168.80.250
###[Padding]###
Load= ' \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 '
13) Generate the print results you want:
>> print (' IP: ' + arp1[0].res[0][1][1].fields[' psrc ']+ ' Mac: ' + arp1[0].res[0][1][1].fields[' hwsrc ')
ip:192.168.80.251 mac:00:0c:29:21:fd:03
14) Data structure:

Linux scapy the ARP packet verbose process