An Example of Python and libpcap (pcapy)

26 Oct

October 26, 2012 Sheng 0

Long long ago, I wrote this piece of code, with Python and pcapy, for my project. Today I put it on my blog, partly for recording, and partly for memento.

This program read the data in libpcap file format, filter some useless records, and write the filtered records to a new file. Majorly, the work was done with pcapy, a wrapper for libpcap packet capture library.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

#!/usr/bin/python

# Copyright (c) 2007

#

# Pcap dump file filter.

#

# This tools filter some packets in pcap capture files

# here is the packet send by our robot

#

# Authors:HonetNet Project

#

import sys

import string

from exceptions import Exception

import pcapy

from pcapy import *

def Drop(data):

"""Check if this packet should be drop

"""

#Hide some project related code

return False

def filefilter(filename):

"""filter a single file

"""

# Open file

try:

processor = open_offline(filename)

except pcapy.PcapError, e:

print "Can't open file: "+filename

print "t",e

return 1

#check if it's the Ether packet

if pcapy.DLT_EN10MB != processor.datalink():

print "Not a Ethernet packet..."

return 2

#Open the file store the data after filter

if sys.platform == 'win32':

pos = filename.rfind('')

elif sys.platform == 'linux2':

pos = filename.rfind('/')

else:

print "Running on a unexpect OS"

sys.exit(1)

if pos == -1:

newfile = "filtered-"+filename

else:

newfile = filename[:pos+1] + 'filtered-' + filename[pos+1:]

print newfile

try:

global dumper

dumper = processor.dump_open(newfile)

except pcapy.PcapError, e:

print "Can't write packet to:", newfile

print "t",e

return 3

processor.loop(0, packetHandler)

def packetHandler(hdr, data):

"""process with single packet

"""

if not Drop(data):

global dumper

dumper.dump(hdr, data)

# Process command-line arguments.

if __name__ == '__main__':

if len(sys.argv) <= 1:

print "Usage: %s <filename>" % sys.argv[0]

sys.exit(1)

filefilter(sys.argv[1])

This code is somehow bad, abuse of “import *”, import never-used library, insufficient comments, and so on. But I want to post the original copy, except one comment line. The bad of the post code could be a good teacher of future good ones.

Nowadays, the team is already the thing of the past. But I could never forget it, my first team to involve and lead.

Leave a Reply Cancel reply

tl;dr: Please put your code into a <pre>YOUR CODE</pre> section.

Hello everyone!

If you want to ask a question about the solution. DO READ the post and comments firstly.

If you had some troubles in debugging your solution, please try to ask for help on StackOverflow, instead of here.

If you want to post some comments with code or symbol, here is the guidline.

1. To post your code, please add the code inside a <pre> </pre> section (preferred), or <code> </code>. And inside the pre or code section, you do not need to escape < > and &, e.g. no need to use < instead of <.

2. To use special symbols < and > outside the pre block, please use "<" and ">" instead.

3. If you have a comment with lots of < and >, you could add the major part of your comment into a <pre class="decode:true crayon-inline "> YOUR COMMENTS </pre> section.

Finally, if you are posting the first comment here, it usually needs moderation. Please be patient and stay tuned. Thanks!

CodeSays.com Admin

Ovi February 12, 2024 at 11:14 pm on Solution to Min-Perimeter-Rectangle by codilityExactly my question too. I tried something very similar to Sheng's solution, importing the math module and using sqrt(). Codility marked it only as 80%,...
Doron Ben Ari February 11, 2024 at 4:10 am on Solution to Min-Avg-Two-Slice by codilityInspired by Sheng's great solution, I wrote the following proof: Assume you found the slice with minimal average. Assume the first two consecutive elements of...
Ovi February 4, 2024 at 9:03 am on Solution to sigma2012 (Stone-Wall) by codility def solution(H): heights = H # geometric logic: the blocks need to be cuboid, all sides are rectagular. Nothing fancy, means that the angles...
Ovidiu Oprea February 2, 2024 at 11:06 am on Solution to Fish by codilityIt's the reason why it took me 2 weeks to finish this task (in the context of adult life with non-dev job). I was trying...
Ovi January 15, 2024 at 2:40 pm on Solution to Brackets by codilityThanks for this blog post! I was banging my head against the wall thinking this is a simple / short solution, where you just build...
parikshit verma July 5, 2023 at 8:26 am on Solution to Missing-Integer by codility def missingnum(a): st=min(a) en=max(a) b=set(range(1,en+2)) if (en<1 or st>1) : return 1 else: return min(b-set(a))
Pavankumar Nandeshwar June 26, 2023 at 8:07 am on Solution to Dwarfs-Rafting by codilityOk fixed it. gives 100%: int solution(int N, string &S, string &T) { int q = N / 2 * N / 2; int lf...
Pavankumar Nandeshwar June 26, 2023 at 5:23 am on Solution to Dwarfs-Rafting by codilityCan someone explain what is wrong with my solution in C++ ? int solution(int N, string &S, string &T) { int q = N /...
Pavankumar Nandeshwar June 23, 2023 at 10:25 pm on Solution to Flood-Depth by codilityMy C++ Solution. O(N) #include <climits> int solution(vector<int> &A) { int max_depth {}; int max_lvl = {}; int min_lvl = INT_MAX; for (unsigned int i...