[SOLVED] Get data from ICMP package

Get data from ICMP package

Could you tell me please, get more detailed information about the ICMP packet? Right now I'm using some code construction:

import scapy.layers.inet
from scapy.all import *


def gettingDataFromICMPTraffic(pkt):
    if pkt.haslayer(scapy.layers.inet.ICMP):
        type_8 = pkt.getlayer(scapy.layers.inet.ICMP).type
        if type_8 == 8:
            print(pkt.getlayer(scapy.layers.inet.ICMP))


def main():
    pkts = rdpcap('icmp_yes.pcap')
    for pkt in pkts:
        gettingDataFromICMPTraffic(pkt)


if __name__ == '__main__':
    main()

I get some information in the form:

ICMP 192.168.34.163 > 192.168.34.118 echo-request 0 / Raw
ICMP 192.168.34.163 > 192.168.34.118 echo-request 0 / Raw
ICMP 192.168.34.163 > 192.168.34.136 echo-request 0 / Raw / Padding
ICMP 192.168.34.163 > 192.168.34.136 echo-request 0 / Raw / Padding

I would like to get more information regarding the Sequence Number parameters, as is done in Wireshark.

I looked in the documentation and didn't find anything.

Solution

There's seq attribute among ICMP fields:

def gettingDataFromICMPTraffic(pkt):
    if pkt.haslayer(scapy.layers.inet.ICMP):
        type_8 = pkt.getlayer(scapy.layers.inet.ICMP).type
        if type_8 == 8:
            icmp_layer = pkt.getlayer(scapy.layers.inet.ICMP)
            print(icmp_layer, f'; seq number: {icmp_layer.seq}')

Sample output:

ICMP 192.168.158.139 > 174.137.42.77 echo-request 0 / Raw ; seq number: 8448
ICMP 192.168.158.139 > 174.137.42.77 echo-request 0 / Raw ; seq number: 8704
ICMP 192.168.158.139 > 174.137.42.77 echo-request 0 / Raw ; seq number: 8960
ICMP 192.168.158.139 > 174.137.42.77 echo-request 0 / Raw ; seq number: 9216