|
|
 |
|
|
Thread Tools | Display Modes |
Jan 14th, 2006, 4:02 AM
|
#11 | |
|
Programming Guru
 
Join Date: Aug 2005
Location: England
Posts: 1,499
Rep Power: 5
 |
Quote:
|
|
|
|
|
Jan 14th, 2006, 9:55 AM
|
#12 |
|
Programming Guru
Join Date: Oct 2004
Posts: 1,041
Rep Power: 5
   |
The winpcap library is going to be your best bet, it's what ethereal uses on windows....
__________________
|
|
|
|
|
Mar 16th, 2006, 10:56 AM
|
#13 |
|
Programming Guru
Join Date: Apr 2005
Location: Waterloo, Ontario
Posts: 1,885
Rep Power: 5
 |
Okay, I finally got around to doing this.
I chose pcapy since it's high level and doesn't require any other installations (if a program using it is compiled in to an exe with py2exe). So first-most I need to be able to read incoming traffic, and I've done that. import sys
from threading import Thread
import pcapy
import impacket
class DecoderThread(Thread):
def __init__(self, pcapObj):
datalink = pcapObj.datalink()
if pcapy.DLT_EN10MB == datalink:
self.decoder = impacket.ImpactDecoder.EthDecoder()
elif pcapy.DLT_LINUX_SLL == datalink:
self.decoder = impacket.ImpactDecoder.LinuxSLLDecoder()
else:
raise Exception("Datalink type not supported: " % datalink)
self.pcap = pcapObj
Thread.__init__(self)
def run(self):
self.pcap.loop(0, self.packetHandler)
def packetHandler(self, hdr, data):
print data # LABEL: 1
# print self.decoder.decode(data) # LABEL: 2
def getInterface():
try:
ifs = pcapy.findalldevs()
except:
print "No valid interfaces."
sys.exit(1)
if 0 == len(ifs):
print "You don't have enough permissions to open any interface on this system."
sys.exit(1)
elif 1 == len(ifs):
print 'Only one interface present, defaulting to it.'
return ifs[0]
for count in range(len(ifs)):
print '%i - %s' % (count, ifs[count])
try:
idx = int(raw_input('Please select an interface: '))
except IndexError:
print "That is not a valid interface."
sys.exit(1)
return ifs[idx]
def main():
dev = getInterface()
p = pcapy.open_live(dev, 1500, 0, 100)
# p.setfilter(filter)
# print "Listening on %s: net=%s, mask=%s, linktype=%d" % (dev, p.getnet(), p.getmask(), p.datalink())
DecoderThread(p).start()
if __name__ == '__main__':
# filter = ''
# if len(sys.argv) > 1:
# filter = ' '.join(sys.argv[1:])
# main(filter)
main()But when you run that in the console, it makes annoying beeps every time a packet comes in. If you uncomment the line labelled "2" and comment the line labelled "1", this solves the problem. But it prints out the packets in a form that my program can't use. So I'd like to know how to keep it so it outputs in a plain string, as the code is intended, without any beeping. And also, how to restrict it to only pick up packets from port 15010/15050, as opposed to every port. |
|
|
|
|
Mar 16th, 2006, 5:14 PM
|
#14 |
|
Professional Programmer
Join Date: Apr 2005
Location: London, England
Posts: 459
Rep Power: 4
|
The beep may be happening because you have a bell character in there ('\a') try
print data.replace('\a', '') |
|
|
|
|
Mar 17th, 2006, 7:42 PM
|
#15 |
|
Programming Guru
Join Date: Apr 2005
Location: Waterloo, Ontario
Posts: 1,885
Rep Power: 5
|
Sweet, it worked. *thumbs up*
Any theories as to how I may exclude the packets to only those two ports? Would I have to do it internally, or with the filter option? |
|
|
|
|
Mar 18th, 2006, 5:40 AM
|
#16 |
|
Programming Guru
Join Date: Aug 2005
Location: England
Posts: 1,499
Rep Power: 5
|
Try this code:
p.setfilter("port 15010 or port 15050") |
|
|
|
|
Mar 18th, 2006, 8:22 AM
|
#17 |
|
Programming Guru
Join Date: Apr 2005
Location: Waterloo, Ontario
Posts: 1,885
Rep Power: 5
|
It ran, but didn't retrieve any packets. And it should because I have a server running on my computer on port 15010 and 15050, and a game contacting those ports. I'll see if I can lookup documentation for setfilter(), if that is the correct function.
|
|
|
|
|
| Bookmarks |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
