def main():
#override some warning settings in pypacker. May need to change this to .CRITICAL in the future, but for now we're trying .ERROR
#without this when parsing http for example we get "WARNINGS" when packets aren't quite right in the header.
logger = pypacker.logging.getLogger("pypacker")
pypacker.logger.setLevel(pypacker.logging.ERROR)
counter = 0
startTime = time.time()
print('listening on interface {}'.format(interface))
try:
preader = pcapy.open_live(interface, 65536, False, 1)
preader.setfilter('tcp port 80 or tcp port 443')
except Exception as e:
print(e, end='\n', flush=True)
sys.exit(1)
while True:
try:
counter = counter + 1
(header, buf) = preader.next()
ts = header.getts()[0]
tcpPacket = False
pkt = None
layer = None
# try to determine what type of packets we have, there is the chance that 0x800
# may be in the spot we're checking, may want to add better testing in future
eth = ethernet.Ethernet(buf)
if hex(eth.type) == '0x800':
layer = 'eth'
pkt = eth
if (eth[ethernet.Ethernet, ip.IP, tcp.TCP] is not None):
tcpPacket = True
lcc = linuxcc.LinuxCC(buf)
if hex(lcc.type) == '0x800':
layer = 'lcc'
pkt = lcc
if (lcc[linuxcc.LinuxCC, ip.IP, tcp.TCP] is not None):
tcpPacket = True
if tcpPacket and pkt and layer:
tcpProcess(pkt, layer, ts)
except (KeyboardInterrupt, SystemExit):
raise
except Exception as e:
error_string = traceback.format_exc()
print(str(error_string))
endTime = time.time()
totalTime = endTime - startTime
if verbose:
print ('Total Time: %s, Total Packets: %s, Packets/s: %s' % (totalTime, counter, counter / totalTime ))
def packetType(buf):
tcpPacket = False
dhcpPacket = False
httpPacket = False
udpPacket = False
sslPacket = False
#try to determine what type of packets we have, there is the chance that 0x800 may be in the spot we're checking, may want to add better testing in future
eth = ethernet.Ethernet(buf)
if hex(eth.type) == '0x800':
layer = 'eth'
pkt = eth
if (eth[ethernet.Ethernet, ip.IP, tcp.TCP] is not None):
tcpPacket = True
if (eth[ethernet.Ethernet, ip.IP, udp.UDP, dhcp.DHCP] is not None):
dhcpPacket = True
if (eth[ethernet.Ethernet, ip.IP, tcp.TCP, http.HTTP] is not None):
httpPacket = True
if (eth[ethernet.Ethernet, ip.IP, udp.UDP] is not None):
udpPacket = True
if (eth[ethernet.Ethernet, ip.IP, tcp.TCP, ssl.SSL] is not None):
sslPacket = True
lcc = linuxcc.LinuxCC(buf)
if hex(lcc.type) == '0x800':
layer = 'lcc'
pkt = lcc
if (lcc[linuxcc.LinuxCC, ip.IP, tcp.TCP] is not None):
tcpPacket = True
if (lcc[linuxcc.LinuxCC, ip.IP, udp.UDP, dhcp.DHCP] is not None):
dhcpPacket = True
if (lcc[linuxcc.LinuxCC, ip.IP, tcp.TCP, http.HTTP] is not None):
httpPacket = True
if (lcc[linuxcc.LinuxCC, ip.IP, udp.UDP] is not None):
udpPacket = True
if (lcc[linuxcc.LinuxCC, ip.IP, tcp.TCP, ssl.SSL] is not None):
sslPacket = True
return (pkt, layer, tcpPacket, dhcpPacket, httpPacket, udpPacket,
sslPacket)
#print(dir(preader))
def handle_packet(o, src_ip, src_port, dst_ip, dst_port):
if not (o[ip.IP].src_s == src_ip and o[udp.UDP].sport == src_port
and o[ip.IP].dst_s == dst_ip and o[udp.UDP].dport == dst_port):
return
r = rtp.RTP(o[udp.UDP].body_bytes)
print("%d: pt=%s ts=%s seqnum=%s" % (ts, r.pt, r.ts, r.seq))
sys.stdout.write("payload: ")
for b in r.body_bytes:
sys.stdout.write(hex(b) + " ")
print("")
for ts, buf in preader:
eth = ethernet.Ethernet(buf)
if eth[ethernet.Ethernet, ip.IP, udp.UDP] is not None:
#print("found eth")
handle_packet(eth, src_ip, src_port, dst_ip, dst_port)
continue
lcc = linuxcc.LinuxCC(buf)
if lcc[linuxcc.LinuxCC, ip.IP, udp.UDP] is not None:
#print("found lcc")
handle_packet(lcc, src_ip, src_port, dst_ip, dst_port)
continue