{"id":20588823,"url":"https://github.com/ciscodevnet/mud-url-validator","last_synced_at":"2025-04-14T22:03:28.273Z","repository":{"id":82659903,"uuid":"134917163","full_name":"CiscoDevNet/MUD-URL-Validator","owner":"CiscoDevNet","description":"The MUD URL Validator is a python script that finds each Ethernet frame in a PCAP file that contains a MUD URL","archived":false,"fork":false,"pushed_at":"2022-03-21T03:18:21.000Z","size":348,"stargazers_count":7,"open_issues_count":0,"forks_count":3,"subscribers_count":21,"default_branch":"master","last_synced_at":"2025-04-14T22:03:10.161Z","etag":null,"topics":["ietf","iot"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CiscoDevNet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-05-26T00:43:26.000Z","updated_at":"2025-03-22T10:52:08.000Z","dependencies_parsed_at":"2023-07-07T08:01:25.651Z","dependency_job_id":null,"html_url":"https://github.com/CiscoDevNet/MUD-URL-Validator","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CiscoDevNet%2FMUD-URL-Validator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CiscoDevNet%2FMUD-URL-Validator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CiscoDevNet%2FMUD-URL-Validator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CiscoDevNet%2FMUD-URL-Validator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CiscoDevNet","download_url":"https://codeload.github.com/CiscoDevNet/MUD-URL-Validator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248968737,"owners_count":21191159,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ietf","iot"],"created_at":"2024-11-16T07:26:34.135Z","updated_at":"2025-04-14T22:03:28.267Z","avatar_url":"https://github.com/CiscoDevNet.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MUD URL Validator\n\n\u003e **DO NOT COMMIT THIS TEXT BLOCK UPSTREAM**\n\u003e\n\u003e This repository includes a **temporary fork**, maintained by @iggy2028, \n\u003e of the dpkt repository. This fork adds support for LLDP to dpkt. This\n\u003e fork is in support of the MUD URL Validator also included in this\n\u003e repository.\n\nMUD URL Validator\n-----------------\n\nThe MUD URL Validator is a python script that finds each Ethernet frame in a \nPCAP file that contains a MUD URL. It then validates that the MUD URL is\nproperly formed according to the MUD specification\n(https://tools.ietf.org/html/draft-ietf-opsawg-mud).\n\nThe Validator will look for a MUD URL in an LLDP message, \na DHCP Discover message, and a DHCP Request message.\n\n#### Requirements:\n* version \u003e= Python 2.6 or Python3\n* dpkt (from this repository)\n* datetime\n* socket\n* validators\n* argparse\n* wget\n* termcolor\n* os\n\n#### Installation:\n\nInstall dependancies.\n\n\tpip install validators\n\tpip install wget\n\tpip install termcolor\n\nNOTE 1: Depending on your system, you may need to run pip as root. In that \ncase prepend each command with \"sudo\".\n\nNOTE 2: If you are using Python3, use \"pip3\" instead of \"pip\" when installing Python packages.\n\t\n\nInstall dpkt from this repository, which supports LLDP.\n\n\tpip install -e ./dpkt\n\nor \n\n\tcd dpkt\n\tpython setup.py install\n\nYou will also be using the validate_mud_url.py script, which can be copied to any\ndirectory that you like.\n\n### Usage\n\n1. Capturing Packets\n\nYou will need to create a PCAP file, for example using using Wireshark or\ntcpdump.  Care must be taken that the capture device has access to the\npackets being generated. \n\nTo capture DHCP packets, the capture device needs to be on the routed path \nbetween the device emitting the DHCP packets and the DHCP server. \nDHCP packets are IP packets. It may work to connect the capture device \nto another port on the switch to which the device is attached.\n\nCapturing LLDP packets takes a little more care because they are emitted \non Ethernet group addresses that are consumed by the Ethernet switch. As such,\nthey are only available on the port between the device emitting the LLDP \npackets and the switch port to which it is connected. So if you are \nvalidating a MUD URL in an LLDP packet, you'll need to install an Ethernet \nhub on that port, or configure a \"SPAN\" port on the switch \nbeing sent properly in LLDP packets. But if the device is drawing power \nfrom the switch (using PoE), then you'll need to use the \"SPAN\" port approach.\n\nTo create a SPAN port on a Cisco Catalyst switch, configure a \n\"monitor session\". For example, if you are inspecting packets from a device\nconnected to GigabitEthernet1/0/4, and capturing them on\nGigabitEthernet1/0/14, you would configure the following in the configuration:\n\n\tmonitor session 1 source interface Gi1/0/4\n\tmonitor session 1 destination interface Gi1/0/14\n\nSave the resulting file in a PCAP format (i.e., with a '.pcap' file\nextension). If you using WireShark this is not its default format.\n\n2. Discover and validate MUD URLs in the PCAP file.\n\nRun the validate_mud_url.py as follows:\n\n\tpython validate_mud_url.py \u003cfilename\u003e.pcap\n\nFor each packet in which a MUD URL was found, the Ethernet header and other\ninformation is displayed, followed by the MUD URL, and a validation note. If\nthe validation note is \"OK!\", then the MUD URL was found to be properly\nformed. If the validation note begins with \"ERROR\", then you will need to\nadjust the MUD URL as it is emitted by the device.\n\n### Contributors\n[Brian Weis](https://github.com/iggy2028)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fciscodevnet%2Fmud-url-validator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fciscodevnet%2Fmud-url-validator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fciscodevnet%2Fmud-url-validator/lists"}