Added Windows-specific sniff() function

265290ef · Dirk Loss · 13e894ef · 265290ef · 265290ef
Commit 265290ef authored 15 years ago by Dirk Loss
--- a/scapy/arch/pcapdnet.py
+++ b/scapy/arch/pcapdnet.py
@@ -10,9 +10,11 @@ from scapy.data import *
 from scapy.config import conf
 from scapy.utils import warning
 from scapy.supersocket import SuperSocket
+from scapy.error import Scapy_Exception
 import scapy.arch


+
 if conf.use_pcap:    


@@ -71,8 +73,10 @@ if conf.use_pcap:
                def __getattr__(self, attr):
                    return getattr(self.pcap, attr)
            open_pcap = lambda *args,**kargs: _PcapWrapper_pcapy(*args,**kargs)
+
        
-    
+        class PcapTimeoutElapsed(Scapy_Exception):
+            pass
    
        class L2pcapListenSocket(SuperSocket):
            desc = "read packets at layer 2 using libpcap"
@@ -115,6 +119,8 @@ if conf.use_pcap:
                    pkt = self.ins.next()
                    if pkt is not None:
                        ts,pkt = pkt
+                    if scapy.arch.WINDOWS and pkt is None:
+                        raise PcapTimeoutElapsed
                
                try:
                    pkt = cls(pkt)

--- a/scapy/arch/windows/__init__.py
+++ b/scapy/arch/windows/__init__.py
@@ -453,6 +453,67 @@ def sndrcv(pks, pkt, timeout = 2, inter = 0, verbose=None, chainCC=0, retry=0, m
 import scapy.sendrecv
 scapy.sendrecv.sndrcv = sndrcv

+def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
+    """Sniff packets
+sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
+
+  count: number of packets to capture. 0 means infinity
+  store: wether to store sniffed packets or discard them
+    prn: function to apply to each packet. If something is returned,
+         it is displayed. Ex:
+         ex: prn = lambda x: x.summary()
+lfilter: python function applied to each packet to determine
+         if further action may be done
+         ex: lfilter = lambda x: x.haslayer(Padding)
+offline: pcap file to read packets from, instead of sniffing them
+timeout: stop sniffing after a given time (default: None)
+L2socket: use the provided L2socket
+    """
+    c = 0
+
+    if offline is None:
+        if L2socket is None:
+            L2socket = conf.L2listen
+        s = L2socket(type=ETH_P_ALL, *arg, **karg)
+    else:
+        s = PcapReader(offline)
+
+    lst = []
+    if timeout is not None:
+        stoptime = time.time()+timeout
+    remain = None
+    while 1:
+        try:
+            if timeout is not None:
+                remain = stoptime-time.time()
+                if remain <= 0:
+                    break
+
+            try:
+                p = s.recv(MTU)
+            except PcapTimeoutElapsed:
+                continue
+            if p is None:
+                break
+            if lfilter and not lfilter(p):
+                continue
+            if store:
+                lst.append(p)
+            c += 1
+            if prn:
+                r = prn(p)
+                if r is not None:
+                    print >> console, r
+            if count > 0 and c >= count:
+                break
+        except KeyboardInterrupt:
+            break
+    s.close()
+    return PacketList(lst,"Sniffed")
+
+import scapy.sendrecv
+scapy.sendrecv.sniff = sniff
+
 def get_if_list():
    return sorted(ifaces.keys())