modify_icmp6_reply.py

#!/usr/bin/env python3

from scapy import all as scapy
#import subprocess

INTERFACE = "eth0"
SECRET = b"thecakeisalie"

def do_reply(incoming_pkt_ether):
    # get request
    incoming_pkt = incoming_pkt_ether.payload
    echo_request = incoming_pkt.payload

    # create reply
    echo_reply = scapy.ICMPv6EchoReply(data=echo_request.data, id=echo_request.id, seq=echo_request.seq)

    # wrap reply in ipv6 and ethernet frame
    outgoing_pkt = scapy.IPv6(src=incoming_pkt.dst, dst=incoming_pkt.src)
    outgoing_pkt.payload = echo_reply
    outgoing_pkt_ether = scapy.Ether(dst=incoming_pkt_ether.src)
    outgoing_pkt_ether.payload = outgoing_pkt

    # modify reply
    outgoing_pkt_ether.payload.payload.data += b'\nDas Geheimnis lautet "%s".' % SECRET

    # send reply
    scapy.sendp(outgoing_pkt_ether, iface=INTERFACE, verbose=False)

def main():
    #output = subprocess.check_output(["/sbin/ip6tables", "-S"]).splitlines()
    #if not b'-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 128 -j DROP' in output:
    #    subprocess.call(["/sbin/ip6tables", "-A", "INPUT", "-p", "ipv6-icmp", "-m", "icmp6", "--icmpv6-type", "128", "-j", "DROP"])
    scapy.sniff(iface=INTERFACE, filter="icmp6 and ip6[40] == 128", prn=do_reply)

if __name__ == '__main__':
    main()