debian/0000775000000000000000000000000011666317675007212 5ustar debian/doc-base0000664000000000000000000000043411552704161010573 0ustar Document: pcapy Title: Pcapy Reference Author: Core Security Technologies Abstract: This documentation describes the pcapy API Section: Programming/Python Format: HTML Index: /usr/share/doc/python-pcapy/pcapy.html Files: /usr/share/doc/python-pcapy/pcapy.html debian/patches/0000775000000000000000000000000011552744660010631 5ustar debian/patches/remove_exception_on_next.patch0000664000000000000000000000544111552704160016752 0ustar --- a/pcapobj.cc 2009-02-10 15:51:40.000000000 +0000 +++ b/pcapobj.cc 2009-02-10 15:58:55.000000000 +0000 @@ -193,31 +193,59 @@ static PyObject* p_next(register pcapobject* pp, PyObject*) { - struct pcap_pkthdr hdr; - const unsigned char *buf; - if (pp->ob_type != &Pcaptype) { PyErr_SetString(PcapError, "Not a pcap object"); return NULL; } + struct pcap_pkthdr *hdr; + const unsigned char *buf; + int ret; + // allow threads as this might block Py_BEGIN_ALLOW_THREADS; - buf = pcap_next(pp->pcap, &hdr); + ret = pcap_next_ex(pp->pcap, &hdr, &buf); Py_END_ALLOW_THREADS; - if(!buf) + if (ret != 1) { - PyErr_SetString(PcapError, pcap_geterr(pp->pcap)); - return NULL; + // An error occurred while reading the packet + if (ret == -1) + { + PyErr_SetString(PcapError, pcap_geterr(pp->pcap)); + return NULL; + } + // ret equals to 0 if packets are being read from a live capture + // and the timeout expired, or -2 if packets are being read from + // a 'savefile' and there are no more packets to read + else + if (ret == 0) + { + PyObject *socket = PyImport_ImportModule("socket"); + if (socket != NULL) + { + PyObject *socket_timeout = PyObject_GetAttrString(socket, "timeout"); + if (socket_timeout!=NULL) + { + PyErr_SetString(socket_timeout, "timed out"); + Py_DECREF(socket_timeout); + } + Py_DECREF(socket); + } + return NULL; + } + // -2 if packets are being read from + // a 'savefile' and there are no more packets to read + Py_INCREF(Py_None); + return Py_BuildValue("(Os)", Py_None, ""); } - PyObject *pkthdr = new_pcap_pkthdr(&hdr); - if (pkthdr) + PyObject *pkthdr = new_pcap_pkthdr(hdr); + if (pkthdr) { PyObject *ret = NULL; - ret = Py_BuildValue("(Os#)", pkthdr, buf, hdr.caplen); + ret = Py_BuildValue("(Os#)", pkthdr, buf, hdr->caplen); Py_DECREF(pkthdr); return ret; } --- a/pcapy.xml 2008-10-24 19:31:12.000000000 +0100 +++ b/pcapy.xml 2009-02-10 19:51:19.000000000 +0000 @@ -311,6 +311,14 @@ Pkthdr instance describing the data passed and data is the data itself. + + + If the packet could not be read, a tuple is returned + anyway but with header + and data equal respectively + to None and an empty string. + + debian/patches/setup.patch0000664000000000000000000000067611552704160013012 0ustar --- a/setup.py 2008-12-15 01:48:04.000000000 +0000 +++ b/setup.py 2008-12-15 01:50:32.000000000 +0000 @@ -60,8 +60,5 @@ include_dirs = include_dirs, library_dirs = library_dirs, libraries = libraries)], - scripts = ['tests/pcapytests.py', 'tests/96pings.pcap'], - data_files = [(os.path.join('share', 'doc', PACKAGE_NAME), - ['README', 'LICENSE', 'pcapy.html'])], ) debian/patches/regenerate_html_doc.patch0000664000000000000000000020444711552704160015646 0ustar --- a/pcapy.html 2009-02-10 19:52:35.000000000 +0000 +++ b/pcapy.html 2009-02-10 19:52:51.000000000 +0000 @@ -1,21 +1,24 @@ -Part I. Pcapy Reference

Pcapy Reference

CORE SECURITY TECHNOLOGIES

Copyright © 2003 CORE SECURITY TECHNOLOGIES

Revision History
Revision $Revision: 1.2 $$Date: 2003/10/23 17:24:27 $$Author: jkohen $
Initial revision

Table of Contents

I Pcapy Module Reference
open_live
open_offline
lookupdev
findalldevs
compile
II Reader Object Reference
dispatch
next
setfilter
getnet
datalink
getnonblock
dump_open
III Dumper Object Reference
dump
IV Pkthdr Object Reference
getts
V Bpf Object Reference
filter
Bibliography

Pcapy Module Reference

Table of Contents

open_live
open_offline
lookupdev
findalldevs
compile

open_live

Name

open_live — Obtain a packet capture descriptor to look at packets on the network

Synopsis

Reader open_live(device, snaplen, promisc, to_ms);
string device;
int snaplen;
int promisc;
int to_ms;

DESCRIPTION

- open_live is used to obtain a packet +Part I. Pcapy Reference

Part I. Pcapy Reference

CORE SECURITY TECHNOLOGIES

Copyright © 2003 CORE SECURITY TECHNOLOGIES

Revision History
Revision $Revision: 15 $$Date: 2003-10-23 14:24:27 -0300 (Jue, 23 Oct 2003) $$Author: jkohen $
Initial revision

Table of Contents

I. Pcapy Module Reference
open_live — Obtain a packet capture descriptor to look at packets on the network
open_offline — Obtain a packet capture descriptor to look at packets on a savefile
lookupdev — Return a network device suitable for use with + open_live
findalldevs — Obtain the list of available network devices
compile — Compile a BPF filter
II. Reader Object Reference
dispatch — Collect and process packets
next — Collect the next packet
setfilter — Specify a filter
getnet — Get the associated network number and mask
datalink — Obtain the link layer type
getnonblock — Manipulate the + non–blocking flag
dump_open — Create a Dumper object
III. Dumper Object Reference
dump — Dump a packet to a savefile
IV. Pkthdr Object Reference
getts — Obtain packet header information
V. Bpf Object Reference
filter — Test a packet against a compiled filter
Bibliography

Pcapy Module Reference

Table of Contents

open_live — Obtain a packet capture descriptor to look at packets on the network
open_offline — Obtain a packet capture descriptor to look at packets on a savefile
lookupdev — Return a network device suitable for use with + open_live
findalldevs — Obtain the list of available network devices
compile — Compile a BPF filter

Name

open_live — Obtain a packet capture descriptor to look at packets on the network

Synopsis

Reader open_live(device,  
 snaplen,  
 promisc,  
 to_ms); 
string  device;
int  snaplen;
int  promisc;
int  to_ms;

DESCRIPTION

+ open_live is used to obtain a packet capture descriptor to look at packets on the network. - device is a string that specifies the + device is a string that specifies the network device to open; on Linux systems with 2.2 or later - kernels, a device argument of any or - NULL can be used to capture packets - from all interfaces. snaplen + kernels, a device argument of any or + NULL can be used to capture packets + from all interfaces. snaplen specifies the maximum number of bytes to capture. - promisc specifies if the interface is + promisc specifies if the interface is to be put into promiscuous mode. (Note that even if this parameter is false, the interface could well be in promiscuous mode for some other reason.) For now, this - doesn't work on the any device; if an - argument of any or - NULL is supplied, the - promisc flag is ignored. - to_ms specifies the read timeout in + doesn't work on the any device; if an + argument of any or + NULL is supplied, the + promisc flag is ignored. + to_ms specifies the read timeout in milliseconds. The read timeout is used to arrange that the read not necessarily return immediately when a packet is seen, but that it wait for some amount of time to allow more @@ -23,305 +26,309 @@ kernel in one operation. Not all platforms support a read timeout; on platforms that don't, the read timeout is ignored. -

open_offline

Name

open_offline — Obtain a packet capture descriptor to look at packets on a savefile

Synopsis

Reader open_offline(filename);
string filename;

DESCRIPTION

- open_offline is called to open a - savefile for reading. filename +

Name

open_offline — Obtain a packet capture descriptor to look at packets on a savefile

Synopsis

Reader open_offline(filename); 
string  filename;

DESCRIPTION

+ open_offline is called to open a + savefile for reading. filename specifies the name of the file to open. The file has the same format as those used by - tcpdump(8) and - tcpslice(8). The name - - is a synonym for - stdin. -

lookupdev

Name

lookupdev — Return a network device suitable for use with - open_live

Synopsis

string lookupdev();

DESCRIPTION

- lookupdev returns the name of a network - device suitable for use with open_live. -

findalldevs

Name

findalldevs — Obtain the list of available network devices

Synopsis

string[] findalldevs();

DESCRIPTION

- findalldevs constructs a list of + tcpdump(8) and + tcpslice(8). The name + - is a synonym for + stdin. +

Name

lookupdev — Return a network device suitable for use with + open_live

Synopsis

string lookupdev(); 

DESCRIPTION

+ lookupdev returns the name of a network + device suitable for use with open_live. +

Name

findalldevs — Obtain the list of available network devices

Synopsis

string[] findalldevs(); 

DESCRIPTION

+ findalldevs constructs a list of network devices that can be opened with - open_live. (Note that there may be + open_live. (Note that there may be network devices that cannot be opened with - open_live, because, for example, that + open_live, because, for example, that process might not have sufficient privileges to open them for capturing; if so, those devices will not appear on the list.) -

compile

Name

compile — Compile a BPF filter

Synopsis

Bpf compile(linktype, snaplen, filter, optimize, netmask);
int linktype;
int snaplen;
string filter;
int optimize;
int32 netmask;

DESCRIPTION

- compile is used to compile the - filter into a filter program. - snaplen specifies the maximum number of - bytes to capture. optimize controls +

Name

compile — Compile a BPF filter

Synopsis

Bpf compile(linktype,  
 snaplen,  
 filter,  
 optimize,  
 netmask); 
int  linktype;
int  snaplen;
string  filter;
int  optimize;
int32  netmask;

DESCRIPTION

+ compile is used to compile the + filter into a filter program. + snaplen specifies the maximum number of + bytes to capture. optimize controls whether optimization on the resulting code is performed. - netmask specifies the netmask of the + netmask specifies the netmask of the local network. -

Reader Object Reference

Table of Contents

dispatch
next
setfilter
getnet
datalink
getnonblock
dump_open

dispatch

Name

dispatch, loop — Collect and process packets

Synopsis

int dispatch(maxcant, (* callback));
int maxcant;
void (* callback) - (Pkthdr, string);

int loop(maxcant, (* callback));
int maxcant;
void (* callback) - (Pkthdr, string);

DESCRIPTION

- dispatch is used to collect and process - packets. maxcant specifies the +

Reader Object Reference

Table of Contents

dispatch — Collect and process packets
next — Collect the next packet
setfilter — Specify a filter
getnet — Get the associated network number and mask
datalink — Obtain the link layer type
getnonblock — Manipulate the + non–blocking flag
dump_open — Create a Dumper object

Name

dispatch, loop — Collect and process packets

Synopsis

int dispatch(maxcant,  
 (* callback)); 
int  maxcant;
void  (* callback)(Pkthdr, string);
int loop(maxcant,  
 (* callback)); 
int  maxcant;
void  (* callback)(Pkthdr, string);

DESCRIPTION

+ dispatch is used to collect and process + packets. maxcant specifies the maximum number of packets to process before returning. This is not a minimum number; when reading a live capture, only one bufferful of packets is read at a time, so fewer than - maxcant packets may be processed. A - cnt of -1 + maxcant packets may be processed. A + cnt of -1 processes all the packets received in one buffer when reading a live capture, or all the packets in the file when - reading a savefile. callback + reading a savefile. callback specifies a routine to be called with two arguments: a - Pkthdr instance describing the data + Pkthdr instance describing the data passed and the data itself.

The number of packets read is returned. - 0 is returned if no packets were + 0 is returned if no packets were read from a live capture (if, for example, they were discarded because they didn't pass the packet filter, or if, on platforms that support a read timeout that starts before any packets arrive, the timeout expires before any packets arrive, or if the file descriptor for the capture device is in non–blocking mode and no packets were available to be - read) or if no more packets are available in a savefile. -

Note

- When reading a live capture, dispatch + read) or if no more packets are available in a savefile. +

Note

+ When reading a live capture, dispatch will not necessarily return when the read times out; on some platforms, the read timeout isn't supported, and, on other platforms, the timer doesn't start until at least one packet arrives. This means that the read timeout - should not be used in, for example, + should not be used in, for example, an interactive application, to allow the packet capture loop to poll for user input periodically, as there's no - guarantee that dispatch will return + guarantee that dispatch will return after the timeout expires.

- loop is similar to - dispatch except it keeps reading - packets until maxcant packets are + loop is similar to + dispatch except it keeps reading + packets until maxcant packets are processed or an error occurs. It does - not return when live read timeouts + not return when live read timeouts occur. Rather, specifying a non–zero read timeout to - open_live and then calling - dispatch allows the reception and + open_live and then calling + dispatch allows the reception and processing of any packets that arrive when the timeout - occurs. A negative maxcant causes - loop to loop forever (or at least until - an error occurs). 0 is returned - if maxcant is exhausted. -

next

Name

next — Collect the next packet

Synopsis

(Pkthdr, string) next();

DESCRIPTION

- next reads the next packet (by calling - dispatch with a - maxcant of 1) + occurs. A negative maxcant causes + loop to loop forever (or at least until + an error occurs). 0 is returned + if maxcant is exhausted. +

Name

next — Collect the next packet

Synopsis

(Pkthdr, string) next(); 

DESCRIPTION

+ next reads the next packet (by calling + dispatch with a + maxcant of 1) and returns a tuple (header, data) where - header is a - Pkthdr instance describing the data - passed and data is the data itself. -

setfilter

Name

setfilter — Specify a filter

Synopsis

setfilter(filter);
string filter;

DESCRIPTION

- setfilter is used to specify a filter + header is a + Pkthdr instance describing the data + passed and data is the data itself. +

Note

+ If the packet could not be read, a tuple is returned + anyway but with header + and data equal respectively + to None and an empty string. +

Name

setfilter — Specify a filter

Synopsis

setfilter(filter); 
string  filter;

DESCRIPTION

+ setfilter is used to specify a filter for this object. -

getnet

Name

getnet, getmask — Get the associated network number and mask

Synopsis

int32 getnet();

int32 getmask();

DESCRIPTION

- getnet and getmask +

Name

getnet, getmask — Get the associated network number and mask

Synopsis

int32 getnet(); 
int32 getmask(); 

DESCRIPTION

+ getnet and getmask are used to determine the network number and mask associated with the network device attached to this - Reader. -

datalink

Name

datalink — Obtain the link layer type

Synopsis

int datalink();

DESCRIPTION

- datalink returns the link layer type; link layer types it can return include: -

DLT_NULL

- BSD loopback encapsulation; the + Reader. +

Name

datalink — Obtain the link layer type

Synopsis

int datalink(); 

DESCRIPTION

+ datalink returns the link layer type; link layer types it can return include: +

DLT_NULL

+ BSD loopback encapsulation; the link layer header is a 4–byte field, in host - byte order, containing a PF_ - value from socket.h for the + byte order, containing a PF_ + value from socket.h for the network–layer protocol of the packet. -

Note

- “host byte order” is the byte order +

Note

+ “host byte order” is the byte order of the machine on which the packets are captured, - and the PF_ values are for - the OS of the machine on which + and the PF_ values are for + the OS of the machine on which the packets are captured; if a live capture is - being done, “host byte order” is the + being done, “host byte order” is the byte order of the machine capturing the packets, - and the PF_ values are those - of the OS of the machine - capturing the packets, but if a savefile is being - read, the byte order and PF_ - values are not necessarily + and the PF_ values are those + of the OS of the machine + capturing the packets, but if a savefile is being + read, the byte order and PF_ + values are not necessarily those of the machine reading the capture file. -

DLT_EN10MB

Ethernet (10Mb, 100Mb, 1000Mb, and up)

DLT_IEEE802

IEEE 802.5 Token Ring

DLT_ARCNET

ARCNET

DLT_SLIP

- SLIP; the link layer header contains, in order: -

  • +

DLT_EN10MB
Ethernet (10Mb, 100Mb, 1000Mb, and up)
DLT_IEEE802
IEEE 802.5 Token Ring
DLT_ARCNET
ARCNET
DLT_SLIP

+ SLIP; the link layer header contains, in order: +

  • a 1–byte flag, which is - 0 for packets received by - the machine and 1 for + 0 for packets received by + the machine and 1 for packets sent by the machine. -

  • - a 1–byte field, the upper 4 bits of which indicate the type of packet, as per RFC 1144: +

  • + a 1–byte field, the upper 4 bits of which indicate the type of packet, as per RFC 1144: -

    • - 0x40; an unmodified - IP datagram - (TYPE_IP) -

    • - 0x70; an - uncompressed–TCP/IP +

      • + 0x40; an unmodified + IP datagram + (TYPE_IP) +
      • + 0x70; an + uncompressed–TCP/IP datagram - (UNCOMPRESSED_TCP), + (UNCOMPRESSED_TCP), with that byte being the first byte of - the raw IP header on + the raw IP header on the wire, containing the connection number in the protocol field -

      • - 0x80; a - compressed–TCP/IP +

      • + 0x80; a + compressed–TCP/IP datagram - (COMPRESSED_TCP), + (COMPRESSED_TCP), with that byte being the first byte of - the compressed TCP/IP + the compressed TCP/IP datagram header -

      -

    • - for UNCOMPRESSED_TCP, the - rest of the modified IP +

    +

  • + for UNCOMPRESSED_TCP, the + rest of the modified IP header, and for - COMPRESSED_TCP, the - compressed TCP/IP datagram + COMPRESSED_TCP, the + compressed TCP/IP datagram header -

- for a total of 16 bytes; the uncompressed IP datagram follows the header. -

DLT_PPP

- PPP; if the first 2 bytes are - 0xff and 0x03, - it's PPP in - HDLC–like framing, with the - PPP header following those two - bytes, otherwise it's PPP without +

+ for a total of 16 bytes; the uncompressed IP datagram follows the header. +

DLT_PPP
+ PPP; if the first 2 bytes are + 0xff and 0x03, + it's PPP in + HDLC–like framing, with the + PPP header following those two + bytes, otherwise it's PPP without framing, and the packet begins with the - PPP header. -

DLT_FDDI

FDDI

DLT_ATM_RFC1483

- RFC 1483 - LLC/SNAP–encapsulated - ATM; the packet begins with an - IEEE 802.2 LLC + PPP header. +

DLT_FDDI
FDDI
DLT_ATM_RFC1483
+ RFC 1483 + LLC/SNAP–encapsulated + ATM; the packet begins with an + IEEE 802.2 LLC header. -

DLT_RAW

- Raw IP; the packet begins with an - IP header. -

DLT_PPP_SERIAL

- PPP in - HDLC–like framing, as per - RFC 1662, or Cisco - PPP with HDLC +

DLT_RAW
+ Raw IP; the packet begins with an + IP header. +
DLT_PPP_SERIAL
+ PPP in + HDLC–like framing, as per + RFC 1662, or Cisco + PPP with HDLC framing, as per section §4.3.1 of - RFC 1547; the first byte will be - 0xFF for PPP - in HDLC–like framing, and - will be 0x0F or - 0x8F for Cisco - PPP with HDLC + RFC 1547; the first byte will be + 0xFF for PPP + in HDLC–like framing, and + will be 0x0F or + 0x8F for Cisco + PPP with HDLC framing. -

DLT_PPP_ETHER

- PPPoE; the packet begins with a - PPPoE header, as per - RFC 2516. -

DLT_C_HDLC

- Cisco PPP with - HDLC framing, as per section - § 4.3.1 of RFC 1547. -

DLT_IEEE802_11

- IEEE 802.11 wireless - LAN. -

DLT_LOOP

+

DLT_PPP_ETHER
+ PPPoE; the packet begins with a + PPPoE header, as per + RFC 2516. +
DLT_C_HDLC
+ Cisco PPP with + HDLC framing, as per section + § 4.3.1 of RFC 1547. +
DLT_IEEE802_11
+ IEEE 802.11 wireless + LAN. +
DLT_LOOP

OpenBSD loopback encapsulation; the link layer header is a 4–byte field, in network byte - order, containing a PF_ value - from OpenBSD's socket.h for the + order, containing a PF_ value + from OpenBSD's socket.h for the network–layer protocol of the packet. -

Note

- Note that, if a savefile is being read, those - PF_ values are - not necessarily those of the +

Note

+ Note that, if a savefile is being read, those + PF_ values are + not necessarily those of the machine reading the capture file. -

DLT_LINUX_SLL

+

DLT_LINUX_SLL

Linux cooked capture encapsulation; the link layer header contains, in order: -

  • - a 2–byte "packet type", in network +

    • + a 2–byte "packet type", in network byte order, which is one of: -

      • - 0; packet was sent to +

        • + 0; packet was sent to us by somebody else. -

        • - 1; packet was +

        • + 1; packet was broadcast by somebody else. -

        • - 2; packet was +

        • + 2; packet was multicast, but not broadcast, by somebody else. -

        • - 3; packet was sent by +

        • + 3; packet was sent by somebody else to somebody else. -

        • - 4; packet was sent by +

        • + 4; packet was sent by us. -

        -

      • +

      +

    • a 2–byte field, in network byte order, containing a Linux - ARPHRD_ value for the + ARPHRD_ value for the link layer device type. -

    • +

    • a 2–byte field, in network byte order, containing the length of the link layer address of the sender of the packet (which could be 0). -

    • +

    • an 8–byte field containing that number of bytes of the link layer header (if there are more than 8 bytes, only the first 8 are present). -

    • +

    • a 2–byte field containing an Ethernet protocol type, in network byte order, or - containing 1 for Novell + containing 1 for Novell 802.3 frames without an 802.2 - LLC header or - 4 for frames beginning with - an 802.2 LLC header. -

    -

DLT_LTALK

+ LLC header or + 4 for frames beginning with + an 802.2 LLC header. +

+

DLT_LTALK
Apple LocalTalk; the packet begins with an AppleTalk - LLAP header. -

-

getnonblock

Name

getnonblock, setnonblock — Manipulate the - non–blocking flag

Synopsis

int getnonblock();

setnonblock(state);
int state;

DESCRIPTION

- getnonblock returns the current + LLAP header. +

+

Name

getnonblock, setnonblock — Manipulate the + non–blocking flag

Synopsis

int getnonblock(); 
setnonblock(state); 
int  state;

DESCRIPTION

+ getnonblock returns the current non–blocking state of the capture descriptor; it - always returns 0 on savefiles. -

DESCRIPTION

- setnonblock puts a capture descriptor, - opened with open_live, into + always returns 0 on savefiles. +

DESCRIPTION

+ setnonblock puts a capture descriptor, + opened with open_live, into non–blocking mode, or takes it out of non–blocking mode, depending on whether the - state argument is non–zero or - zero. It has no effect on savefiles. In non–blocking + state argument is non–zero or + zero. It has no effect on savefiles. In non–blocking mode, an attempt to read from the capture descriptor with - dispatch will, if no packets are + dispatch will, if no packets are currently available to be read, return - 0 immediately rather than + 0 immediately rather than blocking waiting for packets to arrive. - loop and next will + loop and next will not work in non–blocking mode. -

dump_open

Name

dump_open — Create a Dumper object

Synopsis

Dumper dump_open(filename);
string filename;

DESCRIPTION

- dump_open is called to open a savefile +

Name

dump_open — Create a Dumper object

Synopsis

Dumper dump_open(filename); 
string  filename;

DESCRIPTION

+ dump_open is called to open a savefile for writing and associate it to a newly created - Dumper instance. The name - - is a synonym for stdout. - filename specifies the name of the + Dumper instance. The name + - is a synonym for stdout. + filename specifies the name of the file to open. -

Dumper Object Reference

Table of Contents

dump

dump

Name

dump — Dump a packet to a savefile

Synopsis

dump(header, data);
Pkthdr header;
string data;

DESCRIPTION

- dump outputs a packet to the savefile - opened with dump_open from type - Reader. -

Pkthdr Object Reference

Table of Contents

getts

getts

Name

getts, getcaplen, getlen — Obtain packet header information

Synopsis

(long, long) getts();

long getcaplen();

long getlen();

DESCRIPTION

- getts, getcaplen - and getlen return the timestamp, +

Dumper Object Reference

Table of Contents

dump — Dump a packet to a savefile

Name

dump — Dump a packet to a savefile

Synopsis

dump(header,  
 data); 
Pkthdr  header;
string  data;

DESCRIPTION

+ dump outputs a packet to the savefile + opened with dump_open from type + Reader. +

Pkthdr Object Reference

Table of Contents

getts — Obtain packet header information

Name

getts, getcaplen, getlen — Obtain packet header information

Synopsis

(long, long) getts(); 
long getcaplen(); 
long getlen(); 

DESCRIPTION

+ getts, getcaplen + and getlen return the timestamp, capture length and total length fields of the packet header, respectively.

@@ -333,17 +340,17 @@ bytes (which might be more than the number of bytes available from the capture, if the length of the packet is larger than the maximum number of bytes to capture). -

Bpf Object Reference

Table of Contents

filter

filter

Name

filter — Test a packet against a compiled filter

Synopsis

int filter(packet);
string packet;

DESCRIPTION

- filter tests a packet against a +

Bpf Object Reference

Table of Contents

filter — Test a packet against a compiled filter

Name

filter — Test a packet against a compiled filter

Synopsis

int filter(packet); 
string  packet;

DESCRIPTION

+ filter tests a packet against a compiled filter as returned by - pcapy's compile. + pcapy's compile. If the packet is allowed to pass through - -1 is returned, otherwise - filter returns - 0. -

Bibliography

Sources

+ -1 is returned, otherwise + filter returns + 0. +

Bibliography

Sources

Portions of this work based on - pcap(3) by the Lawrence + pcap(3) by the Lawrence Berkeley National Laboratory, University of California, Berkeley, CA. .

debian/patches/series0000664000000000000000000000010511552742351012035 0ustar setup.patch remove_exception_on_next.patch regenerate_html_doc.patch debian/copyright0000664000000000000000000000551011552741137011132 0ustar This package was debianized by Arnaud Fontaine on Tue, 11 Apr 2006 14:08:14 +0200. It was downloaded from http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Pcapy Copyright (C) 2003-2011 CORE Security Technologies . All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The end-user documentation included with the redistribution, if any, must include the following acknowledgment: "This product includes software developed by CORE Security Technologies (http://www.coresecurity.com/)." Alternately, this acknowledgment may appear in the software itself, if and wherever such third-party acknowledgments normally appear. 4. The names "Pcapy" and "CORE Security Technologies" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact oss@coresecurity.com. 5. Products derived from this software may not be called "Pcapy", nor may "Pcapy" appear in their name, without prior written permission of CORE Security Technologies. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The Debian packaging is (C) 2006-2011, Arnaud Fontaine and is licensed under the GPL (version 2 or later). On Debian systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-2'. debian/compat0000664000000000000000000000000211552704161010370 0ustar 5 debian/control0000664000000000000000000000231511552741103010573 0ustar Source: pcapy Section: python Priority: optional Maintainer: Arnaud Fontaine Uploaders: Debian Python Modules Team Build-Depends: debhelper (>= 5.0.37.2), cdbs (>= 0.4.90-1~), python-all-dev (>= 2.6.6-3~), libpcap0.8-dev Homepage: http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Pcapy Vcs-Svn: svn://svn.debian.org/python-modules/packages/pcapy/trunk/ Vcs-Browser: http://svn.debian.org/viewsvn/python-modules/packages/pcapy/trunk/ X-Python-Version: all Standards-Version: 3.9.2 Package: python-pcapy Architecture: any Provides: ${python:Provides} Depends: ${python:Depends}, ${shlibs:Depends}, ${misc:Depends} Recommends: python-impacket Suggests: doc-base Description: Python interface to the libpcap packet capture library Pcapy is a Python extension module that interfaces with the libpcap packet capture library. . Pcapy enables Python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets. debian/pycompat0000664000000000000000000000000211552704161010741 0ustar 2 debian/watch0000664000000000000000000000035211552704161010223 0ustar version=3 opts=filenamemangle=s/.*=(.*)/$1/ \ http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Pcapy \ /index\.php\?module=Wiki&action=attachment&type=tool&page=Pcapy&file=pcapy-([0-9.]+)\.tar\.gz debian/changelog0000664000000000000000000001057211666317675011071 0ustar pcapy (0.10.8-1build1) precise; urgency=low * No-change rebuild to drop spurious libsfgcc1 dependency on armhf. -- Adam Conrad Fri, 02 Dec 2011 21:04:13 -0700 pcapy (0.10.8-1) unstable; urgency=low * New upstream release. + Drop debian/patches/fix_sigsegv.patch applied by upstream. * Use dh_python2 rather than deprecated dh_pycentral. Closes: #616934. + debian/control: - Rename now deprecated XS-Python-Version to X-Python-Version. - Remove now deprecated XB-Python-Version. - Bump cdbs version to 0.4.90-1~. - Bump python-all-dev version to 2.6.6-3~. - Remove Build-Depends on python-central. + debian/rules: - Remove DEB_PYTHON_SYSTEM. * debian/control: + Bump Standards-Version to 3.9.2. No changes needed. * debian/changelog: + Update copyright years. -- Arnaud Fontaine Mon, 18 Apr 2011 13:47:46 +0900 pcapy (0.10.6-2) unstable; urgency=low [ Arnaud Fontaine ] * Switch to dpkg-source 3.0 (quilt) format. + Drop Build-Depends on patchutils in debian/control. + Drop include of simple-patchsys.mk in debian/rules. * debian/control: + Bump Standards-Version to 3.9.1. No changes needed. * debian/patches: + Add fix_sigsegv.patch to fix SIGSEGV. Thanks to Jakub Wilk. Closes: #589956. * debian/copyright: + Update copyright years. [ Jakub Wilk ] * New upstream URL: update debian/copyright, debian/watch and debian/control. -- Arnaud Fontaine Thu, 29 Jul 2010 19:12:19 +0100 pcapy (0.10.6-1) unstable; urgency=low [ Arnaud Fontaine ] * New upstream release. Closes: #500043. * Add 02_remove_exception_on_next.patch, next() now returns None instead of raising an exception when pcap_next() returns NULL. Closes: #500041. + Add 03_regenerate_html_doc.patch as the patch updates the documentation. * debian/control: + Add ${misc:Depends} Depends in case the result of a call to any of dh_ commands cause the package to depend on another one. + Update Standards-Version to 3.8.0. No change needed. + Update Homepage field. * debian/copyright: + Update download location. + Update copyright years. * debian/watch: + Update URL. [ Sandro Tosi ] * debian/control: - Switch Vcs-Browser field to viewsvn. -- Arnaud Fontaine Mon, 15 Dec 2008 01:33:24 +0000 pcapy (0.10.5-2) unstable; urgency=low [ Arnaud Fontaine ] * New email address. * Remove useless debian/control.in. * debian/changelog: + Update copyright years. * debian/control: + Update Standards-Version to 3.7.3. No changes needed. + Fix spelling error in description by replacing python by Python. * debian/doc-base: + Update section to Programming/Python. [ Piotr Ożarowski ] * debian/control: + Add Homepage field. + Rename XS-Vcs-* fields to Vcs-* (dpkg supports them now). [ Sandro Tosi ] * debian/control - Uniformise Vcs-Browser field. -- Arnaud Fontaine Thu, 29 May 2008 20:58:28 +0200 pcapy (0.10.5-1) unstable; urgency=low [ Arnaud Fontaine ] * New upstream release. * debian/control*: + Add Suggests against doc-base. + Update Build-Depends. + Remove useless Replaces and Conflicts fields as etch has been released. * debian/doc-base: + Add doc-base for the documentation. * debian/copyrigth: + Update copyright years. + Add copyright for the package. [ Piotr Ozarowski ] * Added XS-Vcs-{Svn,Browser} field. * Added debian/watch file. -- Arnaud Fontaine Tue, 08 May 2007 11:57:24 +0200 pcapy (0.10.4-2) unstable; urgency=low * Update Standards-Version to 3.7.2. No changes needed. * New Python policy changes. Closes: #373475. + Add debian/pycompat. + debian/compat: - Update debhelper compatibility to 5. + debian/rules: - Add DEB_PYTHON_SYSTEM=pycentral. - Clean debian/rules. + debian/control.in: - Remove all versioned packages. - Add XB-Python-Version field for binary package. - Add XS-Python-Version field for source package. - Add Conflicts and Replaces fields against previous revisions. -- Arnaud Fontaine Sat, 24 Jun 2006 17:04:20 +0200 pcapy (0.10.4-1) unstable; urgency=low * Initial release. Closes: #322727. -- Arnaud Fontaine Tue, 11 Apr 2006 14:08:14 +0200 debian/rules0000775000000000000000000000025411552741120010247 0ustar #!/usr/bin/make -f # -*- mode: makefile; coding: utf-8 -*- # Common rules include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/python-distutils.mk debian/source/0000775000000000000000000000000011552744660010502 5ustar debian/source/format0000664000000000000000000000001411552704157011705 0ustar 3.0 (quilt) debian/docs0000664000000000000000000000001311552704161010037 0ustar pcapy.html