This knowledge base has moved to the documentation site. Please visit the knowledge base here for the most up to date content. This site is no longer maintained.

Installing and Utilizing Scapy on Cumulus Linux


scapy is a powerful interactive packet manipulation program. This short how-to shows you how to get it up and running on Cumulus Linux. scapy is not supported by Cumulus Networks but it is a Linux tool that many people enjoy for packet testing.

Installing scapy

  1. Perform a wget of the latest tar.gz file:
    cumulus@switch:/tmp$ sudo wget
    --2014-04-08 15:39:10--
    Resolving (
    Connecting to (||:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 956785 (934K) [application/x-gzip]
    Saving to: `scapy-latest.tar.gz' 100%[==============================================================================================>] 956,785 600K/s in 1.6s 2014-04-08 15:39:11 (600 KB/s) - `scapy-latest.tar.gz' saved [956785/956785]
  2. Untar the file and change into the directory.
    cumulus@switch:/tmp$ tar -xzvf scapy-latest.tar.gz
    cumulus@switch:/tmp$ cd sc*
  3. Run the install script.
    cumulus@switch:/tmp$ python install
  4. Run scapy.
    cumulus@switch:/tmp/scapy-2.1.0$ sudo scapy
    INFO: Can't import python gnuplot wrapper . Won't be able to plot.
    INFO: Can't import PyX. Won't be able to use psdump() or pdfdump().
    WARNING: No route found for IPv6 destination :: (no default route?)
    INFO: Can't import python Crypto lib. Won't be able to decrypt WEP.
    Welcome to Scapy (2.1.0)

The INFO and warning messages above relate to particular functions within scapy but are not required for its core functionality. Please read the scapy documentation for more information.

Note: scapy must be run as root. Cumulus Linux 2.0.x and later users can use sudo to run scapy.

Scapy Tutorial

Switch1 has the IP address Switch2 connects to that port correctly and has an IP address; assume you could ping this address before you installed scapy. Assume scapy is installed on Switch1 but you could perform similar commands with tcpdump and grep to filter the output you need.

>>> sniff(iface="br-untagged", filter="host", prn=lambda x: x.summary())

On Switch2, send a ping from a nonexistent address:

>>> packet = IP(src="", dst="") / ICMP(type="echo-request")
>>> send(packet)
Sent 1 packets.
>>> send(packet)
Sent 1 packets.
>>> send(packet)

Switch1 displays this output:

Ether / IP / ICMP > echo-request 0
Ether / ARP who has says
Ether / ARP who has says
Ether / IP / ICMP > echo-request 0
Ether / ARP who has says
Ether / IP / ICMP > echo-request 0
Ether / ARP who has says
Ether / ARP who has says

Notice how it is trying to ARP for a nonexistent address? scapy is great for testing out ACLs. For an interactive tutorial visit, the scapy website.


This support portal has moved

Cumulus Networks is now part of the NVIDIA Networking Business Unit! The NVIDIA Cumulus Global Support Services (GSS) team has merged its operations with the NVIDIA Mellanox support services team.

You can access NVIDIA Cumulus support content from the Mellanox support portal.

You open and update new cases on the Mellanox support portal. Any previous cases that have been closed have been migrated to the Mellanox support portal.

Cases that are still open on the Cumulus portal will continue to be managed on the Cumulus portal. Once these cases close, they will be moved to the Mellanox support portal.

Powered by Zendesk