我正在尝试编写一个程序来嗅探通过python2.7套接字嗅出ICMP和TCP请求数据包但是,我只知道如何嗅探端口上的传入数据包。
该程序可以执行,以嗅探Llnux上的超级用户的任何传出ICMP和TCP数据包。我该怎么办?
pycap
(项目页面中的示例)
>>> import dpkt, pcap
>>> pc = pcap.pcap()
>>> pc.setfilter('icmp')
>>> for ts, pkt in pc:
... print `dpkt.ethernet.Ethernet(pkt)`
...
Ethernet(src='x00x03Gxb2Mxe4', dst='x00x03Gx06hx18', data=IP(src='nx00x01x1c', dst='nx00x01x10', sum=39799, len=60, p=1, ttl=128, id=35102, data=ICMP(sum=24667, type=8, data=Echo(id=512, seq=60160, data='abcdefghijklmnopqrstuvwabcdefghi'))))
Ethernet(src='x00x03Gx06hx18', dst='x00x03Gxb2Mxe4', data=IP(src='nx00x01x10', dst='nx00x01x1c', sum=43697, len=60, p=1, ttl=255, id=64227, data=ICMP(sum=26715, data=Echo(id=512, seq=60160, data='abcdefghijklmnopqrstuvwabcdefghi'))))
^CTraceback (most recent call last):
File '<stdin>', line 1, in ?
File 'pcap.pyx', line 298, in pcap.pcap.__next__
KeyboardInterrupt
>>>
>>> pc.stats()
(4851, 0, 0)