-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathpysniffer.py
120 lines (98 loc) · 3.17 KB
/
pysniffer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
""" pysniffer - libpcap-based sniffer. """
# pylint: disable=I1101
import pcapy
from pypacket import Packet
class Sniffer(): # pylint: disable=R0902
""" Sniffer() - Sniffer object.
Attributes:
interface (string) - Interface to sniff on.
promisc (int) - Promiscuous mode; 1 = yes, 0 = no
bpf (str) - BPF filter for sniffer.
snaplen (int) - snaplen
timeout (int) - timeout.
sniffer - fd used by libpcap.
dumper - Dumper object for logging pcap data
dumpfile - Path to pcap dumpfile
"""
# pylint: disable=R0913
def __init__(self, interface, promisc=1, bpf="", snaplen=65535, timeout=100):
self.interface = interface
self.promisc = promisc
self.bpf = bpf
self.snaplen = snaplen
self.timeout = timeout
self.sniffer = None
self.dumper = None
self.dumpfile = None
def start(self):
""" Sniffer.start() - Start the sniffer.
Args:
None.
Returns:
tuple: (True/False, None/exception message).
"""
try:
self.sniffer = pcapy.open_live(self.interface,
self.snaplen,
self.promisc,
self.timeout)
except pcapy.PcapError as exc:
return (False, exc)
self.sniffer.setfilter(self.bpf)
return (True, None)
def next(self):
""" Sniffer.next() - Get next packet from sniffer.
Args:
None.
Returns:
Packet object of the next packet on success.
None if no packet exists (non-blocking).
False on error.
"""
try:
header, packet = self.sniffer.next()
except pcapy.PcapError:
return False
if packet:
# Log packet if a dumper exists.
if self.dumper:
self.dumper.dump(header, packet)
return Packet(packet)
return None
def setnonblock(self):
""" Sniffer.setnonblock() - set sniffer to non-blocking mode.
Args:
None.
Returns:
True if successful, False if unsuccessful.
"""
try:
self.sniffer.setnonblock(1)
except AttributeError:
return False
return True
def dump_open(self, path):
""" Sniffer.dump_open() - open dumpfile to write pcaps to.
Args:
path (str) - path to dumpfile.
Returns:
tuple: (True/False, None/exception message)
"""
self.dumpfile = path
try:
self.dumper = self.sniffer.dump_open(path)
except pcapy.PcapError as exc:
return (False, exc)
return (True, None)
def dump_close(self):
""" Sniffer.dump_close() - close pcap dumpfile.
Args:
None.
Returns:
True if successful, False if unsuccessful.
"""
try:
self.dumper.close()
except AttributeError:
return False
return True