p1-bmu
commented
4 years ago PPID, and other SCTP metadata, are available through the socket notifications mechanism. Here are some references to the corenet source code, that makes use of it:
1) notifications are available at each call to sctp_recv(): https://github.com/P1sec/pycrate/blob/61203949886aaeeb31e502fbf6ad8755a140c142/pycrate_corenet/Server.py#L481
2) What you receive inside notifications needs to be configured after the creation of the socket: https://github.com/P1sec/pycrate/blob/61203949886aaeeb31e502fbf6ad8755a140c142/pycrate_corenet/Server.py#L461
3) You can then extract SCTP metadata form the notification structure: https://github.com/P1sec/pycrate/blob/61203949886aaeeb31e502fbf6ad8755a140c142/pycrate_corenet/Server.py#L556
Take care as some of them are in network byte-order (hence require conversion with ntohl), but not all. This is the way the Linux API is actually working.
All of this is documented in details in the excellent pysctp doc strings from the original developer (Elvis Pfützenreuter):
>>> import sctp
>>> help(sctp)Hope this helps.
ChaturGopalkrishna
Hi, Can you please let me know how to obtain the PPID of the received SCTP message? Which API to use?
Thanks!