class NFLogPacketProducer(object):
implements(interfaces.IPushProducer, interfaces.IReadDescriptor)
def __init__(self, dropPrivCallback = None, queues = (0,1), nflog_kwargs=dict(), consumer=None):
super(NFLogPacketProducer, self).__init__()
self.nflog_kwargs = nflog_kwargs
self.queues = queues
self.nflog = NFLOG().generator(self.queues, **self.nflog_kwargs)
self.fd = self.nflog.next()
consumer.registerProducer(self, streaming=True)
self.consumer = consumer
self.start_reading()
def start_reading(self):
"""Register with the Twisted reactor."""
reactor.addReader(self)
def stop_reading(self):
"""Unregister with the Twisted reactor."""
reactor.removeReader(self)
def pauseProducing(self):
reactor.removeReader(self)
def resumeProducing(self):
self.start_reading()
def stopProducing(self):
connDone = failure.Failure(main.CONNECTION_DONE)
self.connectionLost(connDone)
def fileno(self):
return self.fd
def connectionLost(self, reason):
self.stop_reading()
self.consumer.unregisterProducer()
# BUG: must close the netlink_filter socket?
# Does this work?
os.close(self.fd)
return reason
def doRead(self):
packet = self.nflog.next()
while True:
self.consumer.write(packet)
packet = self.nflog.send(True)
if packet is NFWouldBlock: break
def logPrefix(self):
return 'NFLogPacketProducer'
def run(self):
nflog = NFLOG().generator(self.queues,
extra_attrs=['ts'],
**self.nflog_kwargs)
next(nflog)
for pkt_info in nflog:
self.pipe.append(pkt_info)
self._pipe.write('.') # block until other thread reads it
self._pipe.flush()
def __init__(self, dropPrivCallback = None, queues = (0,1), nflog_kwargs=dict(), consumer=None):
super(NFLogPacketProducer, self).__init__()
self.nflog_kwargs = nflog_kwargs
self.queues = queues
self.nflog = NFLOG().generator(self.queues, **self.nflog_kwargs)
self.fd = self.nflog.next()
consumer.registerProducer(self, streaming=True)
self.consumer = consumer
self.start_reading()
setup(name='scapy-nflog-capture',
version='13.05.0',
author='Mike Kazantsev',
author_email='*****@*****.**',
license='WTFPL',
keywords=[
'nflog', 'scapy', 'plugin', 'driver', 'traffic', 'analysis',
'analyze', 'capture', 'dump', 'network', 'linux', 'security',
'sniffer', 'spoof', 'netfilter', 'iptables', 'xtables', 'filter',
'filtering', 'firewall', 'audit', 'cffi', 'libnetfilter_log',
'socket'
],
url='http://github.com/mk-fg/scapy-nflog-capture',
description=
'Driver for scapy to allow capturing packets via Linux NFLOG interface',
long_description=readme,
classifiers=[
'Development Status :: 4 - Beta', 'Intended Audience :: Developers',
'Intended Audience :: System Administrators',
'Intended Audience :: Telecommunications Industry',
'License :: OSI Approved', 'Operating System :: POSIX :: Linux',
'Programming Language :: Python',
'Programming Language :: Python :: 2.7',
'Programming Language :: Python :: 2 :: Only', 'Topic :: Security',
'Topic :: System :: Networking :: Monitoring',
'Topic :: System :: Operating System Kernels :: Linux'
],
ext_modules=[NFLOG().ffi.verifier.get_extension()],
py_modules=['nflog_cffi', 'scapy_nflog'],
package_data={'': ['README.txt']})