The getlayer() method reports incorrect Ethertype on Ethernetnet frames with 0x88a8 and 0x8100 Ethernet frames #3515
Description
I have a script that reads one Ethernet frame from a pcap file, transmit it on interface #1, sniff on interface #2 - and compares the packets.
The purpose of the script is to see if the network has modified the packet.
The script works fine except for one Ethernet Frame.
When I transmit an Ethernet frame that contains: 0x88a8 VLAN-tag, and 0x8100 VLAN-tag; scapy reports that the outer (0x88a8) tag has Ethertype 0x8100. Example from tcpdump:
00:00:28:11:11:11 > 00:10:94:00:00:0c, ethertype 802.1Q-QinQ (0x88a8), length 1500: vlan 30, p 0, ethertype 802.1Q (0x8100), vlan 100, p 0, ethertype IPv4 (0x0800), 192.85.1.22 > 192.85.1.14: ip-proto-253 1454
Output from my scapy script:
ETHE: XX_XX_XX_XX_XX__0x88a8-1.pcap; TX_IF: ens193f1; 00:00:28:11:11:11; RX_IF: ens193f0; 00:10:94:00:00:0c;
Layer 0 is Ethernet
ERROR: Layer Field Ethernet type mismatch
Rvcd 33024
Expd: 34984
Layer 0: Field match failed: field type: Received Ethernet 33024 != Expected Ethernet 34984
*** FAILED MATCH! ***
I sniff() the packet and send it through this function:
Some code:
<..>
for i, received_packet_layer in enumerate(self.get_packet_layers(packet)):
<..>
for field in received_packet_layer.fields.keys():
if not self.compare_scapy_layers_cmp(f"Field {received_packet_layer.name} {field}", received_packet_layer.fields[field], pcap_packet_layer.fields[field]):
print (f"### Layer {i}: Field match failed: field {field}: Received {received_packet_layer.name} {received_packet_layer.fields[field]} != Expected {pcap_packet_layer.name} {pcap_packet_layer.fields[field]}")
return False
<..>