Fixed packet_marking, id2t-packets can now be filtered with ip.opt.sec_prot_auth_nsa == 1

Dockerfile

@@ -1,47 +0,0 @@
-FROM debian:stretch AS build-container
-
-# install all the necessary packages (see readme.md, but libpcap-dev might not be on that list, it's still needed)
-RUN apt-get update && apt-get install -y --no-install-recommends build-essential cmake libboost-dev libboost-python-dev libtins-dev libpcap-dev python3-dev sqlite3 \
-	python3-pip python3-scapy python3-numpy python3-matplotlib python3-scipy python3-setuptools
-RUN pip3 install lea # for some reason you cant install lea via apt
-
-# make the required directored to copy the files into
-RUN mkdir /id2t /id2t/code /id2t/code_boost /id2t/resources
-WORKDIR /id2t
-
-# copy all the necessary files
-# there are multiple commands because docker only copies the directories' contents and not the directory itself and dont know what else to do here
-COPY build.sh /id2t/
-COPY code/ /id2t/code/
-COPY code_boost/ /id2t/code_boost/
-COPY resources /id2t/resources
-
-# run the build-script
-RUN ./build.sh
-
-# use a smaller container for later execution
-# we use python 3.6 because it's the first which comes with stretch
-FROM python:3.6-slim-stretch
-
-# install required libraries
-RUN pip3 install scapy-python3 lea numpy matplotlib scipy
-
-# create and use future work directory, don't copy code_boost
-RUN mkdir /id2t /id2t/code /id2t/resources
-WORKDIR /id2t
-# copy the built project
-COPY --from=build-container /id2t /id2t
-# copy the libs libpcapreader is linked with
-# kinda hacky, but we can do it because both containers share the same os-version
-COPY --from=build-container /usr/lib/x86_64-linux-gnu/libboost_python-py35.so.1.62.0 /usr/lib/libtins.so.3.4 \
-	/usr/lib/x86_64-linux-gnu/libpython3.5m.so.1.0 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 \
-	/usr/lib/x86_64-linux-gnu/
-
-# install tcpdump because it somehow is a requirement (id2t throws a warning otherwise)
-RUN apt-get update && apt-get install -y tcpdump libpcap0.8 \
-	&& rm -rf /var/lib/apt/lists/*
-
-# add id2t to the path
-ENV PATH="$PATH:/id2t"
-# start with a shell instead of python
-CMD ["bash"]

code/Attack/MembersMgmtCommAttack.py

@@ -200,6 +200,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
         overThousand = False
 
         msg_packet_mapping = MessageMapping(messages, self.statistics.get_pcap_timestamp_start())
+        mark_packets = self.get_param_value(Param.HIDDEN_MARK)
 
         # create packets to write to PCAP file
         for msg in messages:
@@ -232,6 +233,15 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
             Generator.add_padding(packet, padding,True, True)
 
             packet.time = msg.time
+
+            if mark_packets and isinstance(packet.payload, IP):  # do this only for ip-packets
+                ip_data = packet.payload
+                hidden_opt = IPOption_Security()
+                hidden_opt.option = 2  # "normal" security opt
+                hidden_opt.security = 16  # magic value indicating NSA
+
+                ip_data.options = hidden_opt
+
             packets.append(packet)
             msg_packet_mapping.map_message(msg, packet)
             total_pkts += 1
@@ -274,18 +284,6 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
         # Store timestamp of last packet
         self.attack_end_utime = last_packet.time
 
-        if self.get_param_value(Param.HIDDEN_MARK):
-            # insert an unused ip-option
-            for p in total_pkts:
-                if isinstance(p.payload, IP): # do this only for ip-packets
-                    ip_data = p.payload
-                    hidden_opt = IPOption_Security()
-                    hidden_opt.option = 2  # "normal" security opt
-                    hidden_opt.compartment = 16  # magic value indicating NSA
-
-                    ip_data.options = hidden_opt
-
-
         # Return packets sorted by packet by timestamp and total number of packets (sent)
         return total_pkts , path_attack_pcap