def run(self):
try:
if self.no_filter:
filter = None # for PPP link
else:
filter = '(dst host %s and src host %s) or icmp' % (self.src,
self.dst)
with contextlib.closing(
conf.L2listen(iface=self.iface,
filter=filter)) as l2_listen_socket:
self.started.set()
while True:
result = select.select([l2_listen_socket], [], [], 0.1)
if l2_listen_socket not in result[0]:
if self.should_stop:
return # no data and should stop => stop
continue
packet = l2_listen_socket.recv(2048)
if IP in packet:
packet = packet[IP]
else:
continue
self.collect_packet(packet)
except:
traceback.print_exc()
def _run(self,
store=False,
prn=None,
lfilter=None,
refresh=.1,
*args,
**kwargs):
s = conf.L2listen(type=ETH_P_ALL, *args, **kwargs)
lst = []
self.running = True
try:
while True:
if self.stop_event and self.stop_event.is_set():
break
sel = select([s], [], [], refresh)
if s in sel[0]:
p = s.recv(MTU)
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
if prn:
r = prn(p)
if r is not None:
print(r)
except KeyboardInterrupt:
pass
finally:
s.close()
self.results = PacketList(lst, "Sniffed")
def online_analisys(buffer, stopper, interface, target_ip, verbose=False):
filter = '(tcp port 80 or tcp port 443) and host {}'.format(target_ip)
socket = conf.L2listen(type=ETH_P_ALL, iface=interface, filter=filter)
if verbose:
print('Sniffing packets...')
cb = lambda pkt: buffer.add_packet(pkt, verbose)
while not stopper.isSet():
sniff(opened_socket=socket, prn=cb, timeout=1, store=1)
def packet_reader(interface_name, queue):
"""Sub-process routine that reads packets and puts them to queue.
This function is meant to be run in separate subprocess and is in tight
loop reading raw packets from interface passed as parameter.
:param interface_name: Name of interface to read packets from.
:param queue: Queue in which this function will push incoming packets.
:type interface_name: str
:type queue: multiprocessing.Queue
"""
sock = conf.L2listen(iface=interface_name, type=ETH_P_ALL)
while True:
pkt = sock.recv(0x7fff)
queue.put(pkt)
def _sniff(self):
sock = conf.L2listen(type=ETH_P_ALL, filter=self._filterexp, iface=self._iface)
while 1:
try:
sel = select([sock], [], [], 1)
if sock in sel[0]:
p = sock.recv(MTU)
if p is None:
break
self._prn(p)
if self._stop_recd.is_set():
print "Breaking out of sniffer thread %s" % (self, )
break
except KeyboardInterrupt:
break
sock.close()
def run(self):
try:
self.db = connectDB()
except Exception as e:
print("! Unable to access the database")
return
self.socket = conf.L2listen(type=ETH_P_ALL,
iface=self.interface,
filter=self.filter)
while self.isStopped:
self.bytes = 0
packets = sniff(opened_socket=self.socket,
prn=self.monitor_callback,
stop_filter=self.isStopped,
timeout=self.timeout,
store=1)
self.updaterCounterAndSaveDB(packets, self.bytes)
def listen_to_tcp_packets(dumb,queue,print_counter,counter_val):
#logging.warning("In function : listen_to_tcp_packets")
if ((str(connection_type) == "plainbgp") or (str(connection_type) == "plainbgp")):
str_filter=" ip and tcp port " + str(d_port)
#str_filter=" ip src " + str(TARGET_IP) + " and tcp port " + str(d_port)
else:
str_filter=" vlan and ip and tcp port " + str(d_port)
#str_filter=" vlan and ip src " + str(TARGET_IP) + " and tcp port " + str(d_port)
interf = str(interface)
so=conf.L2listen(type=3,filter=str_filter,iface=interf)
#so=config.conf.L2socket(type=3,filter=str_filter,iface=interf)
#so=conf.L2listen(type=3,filter=str_filter,iface=interf)
c=0
while True:
try:
p = so.recv(1600)
if p is None:
logging.warning("packet was unknown")
#p.display()
queue.put(p)
c = c + 1
#logging.warning("The total count is " + str(c))
except:
logging.critical("The listen_to_tcp_packets failed")
def start(self):
self.s = conf.L2listen(iface=self.iface, filter=self.filter)
logging.debug("Connected to Master")
# This can be kept as seperate task and IoT devices can be discovered dynamically.
find_iot_devices(IOT_SUBNET)
asyncio.ensure_future(recv_event())
except:
COMM_HANDLE = None
await asyncio.sleep(5)
asyncio.ensure_future(comm_connect())
signal.signal(signal.SIGHUP, signal.SIG_IGN)
pkt_dict = packet_to_dict(IOT_DEVICE_DICT, SAFE_PORTS)
store_handle = storage_handler()
SNIFF_SOCK = conf.L2listen(type=ETH_P_ALL, iface=INTERFACE, filter='ip')
EVENT_LOOP = asyncio.get_event_loop()
EVENT_LOOP.add_reader(SNIFF_SOCK, process_packet)
asyncio.ensure_future(comm_connect())
asyncio.ensure_future(conn_task())
asyncio.ensure_future(periodic_task())
logging.debug("Listeing for packets on {}".format(INTERFACE))
try:
EVENT_LOOP.run_forever()
except KeyboardInterrupt:
pass
finally:
SNIFF_SOCK.close()
logging.debug("!!!! Program ended !!!!")
def __init__(self, interface_name):
PacketVerifier.__init__(self, interface_name)
self._sock = conf.L2listen(iface=interface_name, type=ETH_P_ALL)
def start(self):
# type: () -> None
if not self.s:
self.s = conf.L2listen(iface=self.iface, filter=self.filter)
