From 265290efffe27a368a3daa1c427fb601744ce2f5 Mon Sep 17 00:00:00 2001
From: Dirk Loss <mail@dirk-loss.de>
Date: Mon, 20 Jul 2009 21:05:08 +0200
Subject: [PATCH] Added Windows-specific sniff() function
---
scapy/arch/pcapdnet.py | 8 ++++-
scapy/arch/windows/__init__.py | 61 ++++++++++++++++++++++++++++++++++
2 files changed, 68 insertions(+), 1 deletion(-)
diff --git a/scapy/arch/pcapdnet.py b/scapy/arch/pcapdnet.py
index 6da9af37..d3fb250f 100644
--- a/scapy/arch/pcapdnet.py
+++ b/scapy/arch/pcapdnet.py
@@ -10,9 +10,11 @@ from scapy.data import *
from scapy.config import conf
from scapy.utils import warning
from scapy.supersocket import SuperSocket
+from scapy.error import Scapy_Exception
import scapy.arch
+
if conf.use_pcap:
@@ -71,8 +73,10 @@ if conf.use_pcap:
def __getattr__(self, attr):
return getattr(self.pcap, attr)
open_pcap = lambda *args,**kargs: _PcapWrapper_pcapy(*args,**kargs)
+
-
+ class PcapTimeoutElapsed(Scapy_Exception):
+ pass
class L2pcapListenSocket(SuperSocket):
desc = "read packets at layer 2 using libpcap"
@@ -115,6 +119,8 @@ if conf.use_pcap:
pkt = self.ins.next()
if pkt is not None:
ts,pkt = pkt
+ if scapy.arch.WINDOWS and pkt is None:
+ raise PcapTimeoutElapsed
try:
pkt = cls(pkt)
diff --git a/scapy/arch/windows/__init__.py b/scapy/arch/windows/__init__.py
index 7318a407..6b55b978 100644
--- a/scapy/arch/windows/__init__.py
+++ b/scapy/arch/windows/__init__.py
@@ -453,6 +453,67 @@ def sndrcv(pks, pkt, timeout = 2, inter = 0, verbose=None, chainCC=0, retry=0, m
import scapy.sendrecv
scapy.sendrecv.sndrcv = sndrcv
+def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
+ """Sniff packets
+sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
+
+ count: number of packets to capture. 0 means infinity
+ store: wether to store sniffed packets or discard them
+ prn: function to apply to each packet. If something is returned,
+ it is displayed. Ex:
+ ex: prn = lambda x: x.summary()
+lfilter: python function applied to each packet to determine
+ if further action may be done
+ ex: lfilter = lambda x: x.haslayer(Padding)
+offline: pcap file to read packets from, instead of sniffing them
+timeout: stop sniffing after a given time (default: None)
+L2socket: use the provided L2socket
+ """
+ c = 0
+
+ if offline is None:
+ if L2socket is None:
+ L2socket = conf.L2listen
+ s = L2socket(type=ETH_P_ALL, *arg, **karg)
+ else:
+ s = PcapReader(offline)
+
+ lst = []
+ if timeout is not None:
+ stoptime = time.time()+timeout
+ remain = None
+ while 1:
+ try:
+ if timeout is not None:
+ remain = stoptime-time.time()
+ if remain <= 0:
+ break
+
+ try:
+ p = s.recv(MTU)
+ except PcapTimeoutElapsed:
+ continue
+ if p is None:
+ break
+ if lfilter and not lfilter(p):
+ continue
+ if store:
+ lst.append(p)
+ c += 1
+ if prn:
+ r = prn(p)
+ if r is not None:
+ print >> console, r
+ if count > 0 and c >= count:
+ break
+ except KeyboardInterrupt:
+ break
+ s.close()
+ return PacketList(lst,"Sniffed")
+
+import scapy.sendrecv
+scapy.sendrecv.sniff = sniff
+
def get_if_list():
return sorted(ifaces.keys())
--
GitLab