I want to do the following: I have a client and a server communicating. Both are in different subnets connected by a router. I want to be able to reduce the path MTU between the two by injecting an ICMP type 3, code 4 message with scapy. I know that in this packet I have to include the IP header and the first 8-Bytes of the packet that caused the ICMP error. I am sending a ping with 1300 Bytes. I want to reduce the path MTU to 1000 so that the ping would fragment in two packets starting at 1000 Bytes.
My implementation forging the ICMP error:
from scapy.all import *
def callback(pkt):
ip_orig = pkt[IP]
ip_orig.flags = 2
icmp_orig = pkt[ICMP]
icmp_error = IP(dst = pkt[IP].src, flags = 2)/ICMP(type = 3, code = 4, nexthopmtu = 1000)/ip_orig/icmp_orig
send(icmp_error, iface="eth0")
if __name__ == '__main__':
sniff(prn=callback,
store=0,
filter="greater 1000",
iface="eth0")
The problem: If I am sending the ping with OS (using ping command in Linux) I am able to successfully reduce the path MTU to 1000. HOWEVER, If I am sending the ping with scapy it ignores the ICMP error with indicated path MTU and does not fragment the packet.
Can someone help me out with this? I want to expand this to other protocols like UDP as well.