Pcappy: Difference between revisions
From charlesreid1
(Created page with "https://github.com/allfro/pcappy <pre> #!/usr/bin/env python from pcappy import PcapPyOffline, open_offline from sys import argv if not argv[1:]: print 'usage: %s <dump...") |
No edit summary |
||
| Line 1: | Line 1: | ||
https://github.com/allfro/pcappy | =Basics= | ||
==Overview== | |||
Pcappy is a Python wrapper for the libpcap library, which is written in C. It provides glue between libpcap and Python, without the need for intermediaries. | |||
==Link== | |||
Link: https://github.com/allfro/pcappy | |||
==Sample Script== | |||
<pre> | <pre> | ||
| Line 31: | Line 41: | ||
p.loop(-1, gotpacket, d) | p.loop(-1, gotpacket, d) | ||
</pre> | </pre> | ||
[[Category:Wireless]] | |||
[[Category:Networking]] | |||
[[Category:Python]] | |||
[[Category:Security]] | |||
Latest revision as of 08:08, 26 February 2017
Basics
Overview
Pcappy is a Python wrapper for the libpcap library, which is written in C. It provides glue between libpcap and Python, without the need for intermediaries.
Link
Link: https://github.com/allfro/pcappy
Sample Script
#!/usr/bin/env python
from pcappy import PcapPyOffline, open_offline
from sys import argv
if not argv[1:]:
print 'usage: %s <dump.pcap>' % argv[0]
exit(-1)
# Open the file
p = open_offline(argv[1])
# or this instead: p = PcapPyOffline(argv[1])
# Parse only HTTP traffic
p.filter = 'tcp and port 80'
def gotpacket(d, hdr, data):
print d, hdr, repr(data)
d['count'] += 1
# pass in some random parameters to loop()'s callback. Can be any python object you want!
d = {'label': 'HTTP', 'count': 0}
# Parameters are count, callback, user params
p.loop(-1, gotpacket, d)