Nelson's Weblog: tech / good / pcapyImpacket


Mastodon @nelson@tech.lgbt Linkblog Sat 2025-02-22 LGBTQ survey in US Wed 2025-02-19 Project 2025 Tracker Tue 2025-02-18 Thai Boys Love shows Tearoom NSFW Sun 2025-02-16 NSFW: Keith Haring Nevada County water shortage Sat 2025-02-15 Wrong about GPUs Fri 2025-02-14 Gorton font 50501 Thu 2025-02-13 Schwurbler Little Sisyphus DOGE team Wed 2025-02-12 Atkinson Hyperlegible Font Sun 2025-02-09 minisearch Heat pumps in US Fri 2025-02-07 Kottke on #uspol Pearblossom Hwy., 11 David Hockney's A Rake's Progress Thu 2025-02-06 Special government employees Wed 2025-02-05 Alley Cat (video game) Search Archives 2024 12 11 10 09 08 07 06 05 04 03 02 01 2023 12 11 10 09 08 07 06 05 04 03 02 01 2022 12 11 10 09 08 07 06 05 04 03 02 01 2021 12 11 10 09 08 07 06 05 04 03 02 01 2020 12 11 10 09 08 07 06 05 04 03 02 01 2019 12 11 10 09 08 07 06 05 04 03 02 01 2018 12 11 10 09 08 07 06 05 04 03 02 01 2017 12 11 10 09 08 07 06 05 04 03 02 01 2016 12 11 10 09 08 07 06 05 04 03 02 01 2015 12 11 10 09 08 07 06 05 04 03 02 01 2014 12 11 10 09 08 07 06 05 04 03 02 01 2013 12 11 10 09 08 07 06 05 04 03 02 01 2012 12 11 10 09 08 07 06 05 04 03 02 01 2011 12 11 10 09 08 07 06 05 04 03 02 01 2010 12 11 10 09 08 07 06 05 04 03 02 01 2009 12 11 10 09 08 07 06 05 04 03 02 01 2008 12 11 10 09 08 07 06 05 04 03 02 01 2007 12 11 10 09 08 07 06 05 04 03 02 01 2006 12 11 10 09 08 07 06 05 04 03 02 01 2005 12 11 10 09 08 07 06 05 04 03 02 01 2004 12 11 10 09 08 07 06 05 04 03 02 01 2003 12 11 10 09 08 07 06 05 04 03 02 01 2002 12 11 10 09 08 07 06 05 04 03 02 01 2001 12 11 10 09 08 07 One good site MDN Nelson Minar nelson@monkey.org Blog licensed under a Creative Commons License		Packet sniffing in Python Pcapy and Impacket are good software. They're Python libraries to make it easy to sniff packets and parse them, as well as create packets. Think of it like an ethereal you can easily program. # Print out sizes of IP packets import pcapy, impacket, impacket.ImpactDecoder decoder = impacket.ImpactDecoder.EthDecoder() # packets = pcapy.open_live("eth0", 1500, 0, 100) packets = pcapy.open_offline('/tmp/cap/capture') packets.setfilter('ip') for i in xrange(100): (header, data) = packets.next() eth = decoder.decode(data) ip = eth.child() print ip.get_ip_len() It's brand new. The docs are nearly nonexistent and the library isn't as Pythonic as one would hope. But it works pretty well! Compare also scapy (less libpcap-like). PS: I ran into a problem installing on Debian ImportError: /usr/lib/python2.3/site-packages/pcapy.so: undefined symbol: __gxx_personality_v0 The workaround was to link the `.so` with g++ instead of gcc. This is either a bug in gcc or Python distutils. tech • good 2003-12-02 17:06 Z Nelson's Weblog • tech • good