python-pypcap-1.1.2+debian/0000755000175000017500000000000010656245507015422 5ustar edmondsedmondspython-pypcap-1.1.2+debian/LICENSE0000644000175000017500000000262710656245324016433 0ustar edmondsedmonds Copyright (c) 2004 Dug Song All rights reserved, all wrongs reversed. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors and copyright holders may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. python-pypcap-1.1.2+debian/Makefile0000644000175000017500000000114710504370356017056 0ustar edmondsedmonds# $Id: Makefile,v 1.6 2005/10/17 00:08:17 dugsong Exp $ PYTHON = python #CONFIG_ARGS = --with-pcap=$(HOME)/build/libpcap-0.8.3 # PYTHON = C:\\Python23\\python.exe # CONFIG_ARGS = --with-pcap=..\\wpdpack all: pcap.c $(PYTHON) setup.py config $(CONFIG_ARGS) $(PYTHON) setup.py build pcap.c: pcap.pyx pyrexc pcap.pyx install: $(PYTHON) setup.py install test: $(PYTHON) test.py pkg_win32: $(PYTHON) setup.py bdist_wininst pkg_osx: bdist_mpkg --readme=README --license=LICENSE clean: $(PYTHON) setup.py clean rm -rf build dist cleandir distclean: clean $(PYTHON) setup.py clean -a rm -f config.h *~ python-pypcap-1.1.2+debian/PKG-INFO0000644000175000017500000000035510556271101016506 0ustar edmondsedmondsMetadata-Version: 1.0 Name: py-pypcap Version: 1.1.2 Summary: packet capture library Home-page: http://monkey.org/~dugsong/pypcap/ Author: Dug Song Author-email: dugsong@monkey.org License: UNKNOWN Description: UNKNOWN Platform: UNKNOWN python-pypcap-1.1.2+debian/README0000644000175000017500000000056310504370356016277 0ustar edmondsedmonds Python pcap module ------------------ this is a simplified object-oriented Python wrapper for libpcap - the current tcpdump.org version, the legacy version shipping with some of the BSD operating systems, and the WinPcap port for Windows. example use: >>> import pcap >>> for ts, pkt in pcap.pcap(): ... print ts, `pkt` ... -d. --- http://monkey.org/~dugsong python-pypcap-1.1.2+debian/pcap.pyx0000644000175000017500000003453610656244627017124 0ustar edmondsedmonds# # pcap.pyx # # $Id: pcap.pyx,v 1.20 2005/10/16 23:00:11 dugsong Exp $ """packet capture library This module provides a high level interface to packet capture systems. All packets on the network, even those destined for other hosts, are accessible through this mechanism. """ __author__ = 'Dug Song ' __maintainer__ = 'George Neville-Neil ' __copyright__ = 'Copyright (c) 2004 Dug Song' __license__ = 'BSD license' __url__ = 'http://pcs.sf.net' __version__ = '1.1' __revison__ = '2' import sys import calendar import time cdef extern from "Python.h": object PyBuffer_FromMemory(char *s, int len) int PyGILState_Ensure() void PyGILState_Release(int gil) void Py_BEGIN_ALLOW_THREADS() void Py_END_ALLOW_THREADS() cdef extern from "pcap.h": struct bpf_insn: int __xxx struct bpf_program: bpf_insn *bf_insns struct bpf_timeval: unsigned int tv_sec unsigned int tv_usec struct pcap_stat: unsigned int ps_recv unsigned int ps_drop unsigned int ps_ifdrop struct pcap_pkthdr: bpf_timeval ts unsigned int caplen unsigned int len ctypedef struct pcap_t: int __xxx ctypedef struct pcap_dumper_t: int __xxx ctypedef void (*pcap_handler)(void *arg, pcap_pkthdr *hdr, char *pkt) cdef extern from "pcap.h": pcap_t *pcap_open_live(char *device, int snaplen, int promisc, int to_ms, char *errbuf) pcap_t *pcap_open_dead(int linktype, int snaplen) pcap_t *pcap_open_offline(char *fname, char *errbuf) pcap_dumper_t *pcap_dump_open(pcap_t *p, char *fname) void pcap_dump_close(pcap_dumper_t *p) int pcap_compile(pcap_t *p, bpf_program *fp, char *str, int optimize, unsigned int netmask) int pcap_setfilter(pcap_t *p, bpf_program *fp) void pcap_freecode(bpf_program *fp) int pcap_dispatch(pcap_t *p, int cnt, pcap_handler callback, unsigned char *arg) unsigned char *pcap_next(pcap_t *p, pcap_pkthdr *hdr) int pcap_datalink(pcap_t *p) int pcap_snapshot(pcap_t *p) int pcap_stats(pcap_t *p, pcap_stat *ps) char *pcap_geterr(pcap_t *p) void pcap_close(pcap_t *p) int pcap_inject(pcap_t *p, char *buf, int size) void pcap_dump(pcap_dumper_t *p, pcap_pkthdr *h, char *sp) int bpf_filter(bpf_insn *insns, char *buf, int len, int caplen) cdef extern from "pcap_ex.h": # XXX - hrr, sync with libdnet and libevent int pcap_ex_immediate(pcap_t *p) char *pcap_ex_name(char *name) char *pcap_ex_lookupdev(char *ebuf) int pcap_ex_fileno(pcap_t *p) void pcap_ex_setup(pcap_t *p) void pcap_ex_setnonblock(pcap_t *p, int nonblock, char *ebuf) int pcap_ex_getnonblock(pcap_t *p, char *ebuf) int pcap_ex_next(pcap_t *p, pcap_pkthdr **hdr, char **pkt) int pcap_ex_compile_nopcap(int snaplen, int dlt, bpf_program *fp, char *str, int optimize, unsigned int netmask) cdef extern from *: char *strdup(char *src) void free(void *ptr) cdef struct pcap_handler_ctx: void *callback void *args int got_exc cdef void __pcap_handler(void *arg, pcap_pkthdr *hdr, char *pkt): cdef pcap_handler_ctx *ctx cdef int gil ctx = arg gil = PyGILState_Ensure() try: (ctx.callback)(hdr.ts.tv_sec + (hdr.ts.tv_usec/1000000.0), PyBuffer_FromMemory(pkt, hdr.caplen), *(ctx.args)) except: ctx.got_exc = 1 PyGILState_Release(gil) DLT_NULL = 0 DLT_EN10MB = 1 DLT_EN3MB = 2 DLT_AX25 = 3 DLT_PRONET = 4 DLT_CHAOS = 5 DLT_IEEE802 = 6 DLT_ARCNET = 7 DLT_SLIP = 8 DLT_PPP = 9 DLT_FDDI = 10 # XXX - Linux DLT_LINUX_SLL = 113 # XXX - OpenBSD DLT_PFLOG = 117 DLT_PFSYNC = 18 if sys.platform.find('openbsd') != -1: DLT_LOOP = 12 DLT_RAW = 14 else: DLT_LOOP = 108 DLT_RAW = 12 dltoff = { DLT_NULL:4, DLT_EN10MB:14, DLT_IEEE802:22, DLT_ARCNET:6, DLT_SLIP:16, DLT_PPP:4, DLT_FDDI:21, DLT_PFLOG:48, DLT_PFSYNC:4, DLT_LOOP:4, DLT_RAW:0, DLT_LINUX_SLL:16 } cdef class bpf: """bpf(filter, dlt=DLT_RAW) -> BPF filter object""" cdef bpf_program fcode def __init__(self, char *filter, dlt=DLT_RAW): if pcap_ex_compile_nopcap(65535, dlt, &self.fcode, filter, 1, 0) < 0: raise IOError, 'bad filter' def filter(self, buf): """Return boolean match for buf against our filter.""" cdef int n n = len(buf) if bpf_filter(self.fcode.bf_insns, buf, n, n) == 0: return False return True def __dealloc__(self): pcap_freecode(&self.fcode) cdef class pcap: """pcap(name=None, snaplen=65535, promisc=True, immediate=False) -> packet capture object Open a handle to a packet capture descriptor. Keyword arguments: name -- name of a network interface or dumpfile to open, or None to open the first available up interface snaplen -- maximum number of bytes to capture for each packet promisc -- boolean to specify promiscuous mode sniffing immediate -- disable buffering, if possible dumpfile -- name of a dumpfile to open, if necessary dumptype -- only open a dumpfile and specify its type """ cdef pcap_t *__pcap cdef char *__name cdef char *__filter cdef char __ebuf[256] cdef int __dloff cdef pcap_dumper_t *__dumper def __init__(self, name=None, snaplen=65535, promisc=True, timeout_ms=500, immediate=False, dumpfile="", dumptype=None): global dltoff cdef char *p if dumptype != None: try: self.__pcap = pcap_open_dead(dumptype, snaplen) except: raise OSError, "Internal error pcap_open_dead." p = dumpfile else: if not name: p = pcap_ex_lookupdev(self.__ebuf) if p == NULL: raise OSError, self.__ebuf else: p = name self.__pcap = pcap_open_offline(p, self.__ebuf) if not self.__pcap: self.__pcap = pcap_open_live(pcap_ex_name(p), snaplen, promisc, timeout_ms, self.__ebuf) if not self.__pcap: raise OSError, self.__ebuf if dumpfile != "": self.__dumper = pcap_dump_open(self.__pcap, dumpfile) if not self.__dumper: raise OSError, pcap_geterr(self.__pcap) self.__name = strdup(p) self.__filter = strdup("") try: self.__dloff = dltoff[pcap_datalink(self.__pcap)] except KeyError: pass if immediate and pcap_ex_immediate(self.__pcap) < 0: raise OSError, "couldn't set BPF immediate mode" property name: """Network interface or dumpfile name.""" def __get__(self): return self.__name property snaplen: """Maximum number of bytes to capture for each packet.""" def __get__(self): return pcap_snapshot(self.__pcap) property dloff: """Datalink offset (length of layer-2 frame header).""" def __get__(self): return self.__dloff property filter: """Current packet capture filter.""" def __get__(self): return self.__filter property fd: """File descriptor (or Win32 HANDLE) for capture handle.""" def __get__(self): return pcap_ex_fileno(self.__pcap) def fileno(self): """Return file descriptor (or Win32 HANDLE) for capture handle.""" return pcap_ex_fileno(self.__pcap) def setfilter(self, value, optimize=1): """Set BPF-format packet capture filter.""" cdef bpf_program fcode free(self.__filter) self.__filter = strdup(value) if pcap_compile(self.__pcap, &fcode, self.__filter, optimize, 0) < 0: raise OSError, pcap_geterr(self.__pcap) if pcap_setfilter(self.__pcap, &fcode) < 0: raise OSError, pcap_geterr(self.__pcap) pcap_freecode(&fcode) def setnonblock(self, nonblock=True): """Set non-blocking capture mode.""" pcap_ex_setnonblock(self.__pcap, nonblock, self.__ebuf) def getnonblock(self): """Return non-blocking capture mode as boolean.""" ret = pcap_ex_getnonblock(self.__pcap, self.__ebuf) if ret < 0: raise OSError, self.__ebuf elif ret: return True return False def datalink(self): """Return datalink type (DLT_* values).""" return pcap_datalink(self.__pcap) def next(self): """Return the next (timestamp, packet) tuple, or None on error.""" cdef pcap_pkthdr hdr cdef char *pkt pkt = pcap_next(self.__pcap, &hdr) if not pkt: return None return (hdr.ts.tv_sec + (hdr.ts.tv_usec / 1000000.0), PyBuffer_FromMemory(pkt, hdr.caplen)) def __add_pkts(self, ts, pkt, pkts): pkts.append((ts, pkt)) def readpkts(self): """Return a list of (timestamp, packet) tuples received in one buffer.""" pkts = [] self.dispatch(-1, self.__add_pkts, pkts) return pkts def dispatch(self, cnt, callback, *args): """Collect and process packets with a user callback, return the number of packets processed, or 0 for a savefile. Arguments: cnt -- number of packets to process; or 0 to process all packets until an error occurs, EOF is reached, or the read times out; or -1 to process all packets received in one buffer callback -- function with (timestamp, pkt, *args) prototype *args -- optional arguments passed to callback on execution """ cdef pcap_handler_ctx ctx cdef int n ctx.callback = callback ctx.args = args ctx.got_exc = 0 n = pcap_dispatch(self.__pcap, cnt, __pcap_handler, &ctx) if ctx.got_exc: exc = sys.exc_info() raise exc[0], exc[1], exc[2] return n def loop(self, callback, *args): """Loop forever, processing packets with a user callback. The loop can be exited with an exception, including KeyboardInterrupt. Arguments: callback -- function with (timestamp, pkt, *args) prototype *args -- optional arguments passed to callback on execution """ cdef pcap_pkthdr *hdr cdef char *pkt cdef int n pcap_ex_setup(self.__pcap) while 1: Py_BEGIN_ALLOW_THREADS n = pcap_ex_next(self.__pcap, &hdr, &pkt) Py_END_ALLOW_THREADS if n == 1: callback(hdr.ts.tv_sec + (hdr.ts.tv_usec / 1000000.0), PyBuffer_FromMemory(pkt, hdr.caplen), *args) elif n == -1: raise KeyboardInterrupt elif n == -2: break def inject(self, packet, len): """Inject a packet onto an interface. May or may not work depending on platform. Arguments: packet -- a pointer to the packet in memory """ cdef int n n = pcap_inject(self.__pcap, packet, len) if (n < 0): raise OSError, pcap_geterr(self.__pcap) return n def dump(self, packet, header=None): """Dump a packet to a previously opened save file. Arguments: packet -- the packet header -- a pcap header provided by the caller A user supplied header MUST contain the following fields header.sec: The timestamp in seconds from the Unix epoch header.usec: The timestamp in micro seconds header.caplen: Length of packet present header.len: Total length of packet """ cdef pcap_pkthdr hdr if header != None: hdr.ts.tv_sec = header.sec hdr.ts.tv_usec = header.usec hdr.caplen = header.caplen hdr.len = len(packet) else: hdr.ts.tv_sec = calendar.timegm(time.gmtime()) hdr.ts.tv_usec = 0 hdr.caplen = len(packet) hdr.len = len(packet) pcap_dump(self.__dumper, &hdr, packet) def dump_close(self): pcap_dump_close(self.__dumper) def close(self): if self.__pcap: pcap_close(self.__pcap) self.__pcap = NULL def geterr(self): """Return the last error message associated with this handle.""" return pcap_geterr(self.__pcap) def stats(self): """Return a 3-tuple of the total number of packets received, dropped, and dropped by the interface.""" cdef pcap_stat pstat if pcap_stats(self.__pcap, &pstat) < 0: raise OSError, pcap_geterr(self.__pcap) return (pstat.ps_recv, pstat.ps_drop, pstat.ps_ifdrop) def __iter__(self): pcap_ex_setup(self.__pcap) return self def __next__(self): cdef pcap_pkthdr *hdr cdef char *pkt cdef int n while 1: Py_BEGIN_ALLOW_THREADS n = pcap_ex_next(self.__pcap, &hdr, &pkt) Py_END_ALLOW_THREADS if n == 1: return (hdr.ts.tv_sec + (hdr.ts.tv_usec / 1000000.0), PyBuffer_FromMemory(pkt, hdr.caplen)) elif n == -1: raise KeyboardInterrupt elif n == -2: raise StopIteration def __dealloc__(self): if self.__name: free(self.__name) if self.__filter: free(self.__filter) if self.__pcap: pcap_close(self.__pcap) def ex_name(char *foo): return pcap_ex_name(foo) def lookupdev(): """Return the name of a network device suitable for sniffing.""" cdef char *p, ebuf[256] p = pcap_ex_lookupdev(ebuf) if p == NULL: raise OSError, ebuf return p python-pypcap-1.1.2+debian/pcap_ex.c0000644000175000017500000001402210504370356017175 0ustar edmondsedmonds/* $Id: pcap_ex.c,v 1.12 2005/10/16 22:58:14 dugsong Exp $ */ #ifdef _WIN32 # include # include #else # include # include # include # include # include # include # include #endif #include #ifdef HAVE_PCAP_INT_H # include #endif #include "pcap_ex.h" #include "config.h" /* XXX - hack around older Python versions */ #include "patchlevel.h" #if PY_VERSION_HEX < 0x02030000 int PyGILState_Ensure() { return (0); } void PyGILState_Release(int gil) { } #endif int pcap_ex_immediate(pcap_t *pcap) { #ifdef BIOCIMMEDIATE int n = 1; return ioctl(pcap_fileno(pcap), BIOCIMMEDIATE, &n); #else return (0); #endif } #ifdef _WIN32 /* XXX - set device list in libdnet order. */ static int _pcap_ex_findalldevs(pcap_if_t **dst, char *ebuf) { pcap_if_t *pifs, *cur, *prev, *next; int ret; if ((ret = pcap_findalldevs(&pifs, ebuf)) != -1) { /* XXX - flip script like a dyslexic actor */ for (prev = NULL, cur = pifs; cur != NULL; ) { next = cur->next, cur->next = prev; prev = cur, cur = next; } *dst = prev; } return (ret); } #endif char * pcap_ex_name(char *name) { #ifdef _WIN32 /* * XXX - translate from libdnet logical interface name to * WinPcap native interface name. */ static char pcap_name[256]; pcap_if_t *pifs, *pif; char ebuf[128]; int idx, i = 0; /* XXX - according to the WinPcap FAQ, no loopback support??? */ if (strncmp(name, "eth", 3) != 0 || sscanf(name+3, "%u", &idx) != 1 || _pcap_ex_findalldevs(&pifs, ebuf) == -1) { return (name); } for (pif = pifs; pif != NULL; pif = pif->next) { if (i++ == idx) { strncpy(pcap_name, pif->name, sizeof(pcap_name)-1); pcap_name[sizeof(pcap_name)-1] = '\0'; name = pcap_name; break; } } pcap_freealldevs(pifs); return (name); #else return (name); #endif } char * pcap_ex_lookupdev(char *ebuf) { #ifdef _WIN32 /* XXX - holy poo this sux */ static char _ifname[8]; MIB_IPADDRTABLE *ipaddrs; DWORD i, dsz, outip; pcap_if_t *pifs, *pif; struct pcap_addr *pa; char *name = NULL; int idx; /* Find our primary IP address. */ ipaddrs = malloc((dsz = sizeof(*ipaddrs))); while (GetIpAddrTable(ipaddrs, &dsz, 0) == ERROR_INSUFFICIENT_BUFFER) { free(ipaddrs); ipaddrs = malloc(dsz); } outip = 0; for (i = 0; i < ipaddrs->dwNumEntries; i++) { if (ipaddrs->table[i].dwAddr != 0 && ipaddrs->table[i].dwAddr != 0x100007f #if 0 /* XXX -no wType/MIB_IPADDR_PRIMARY in w32api/iprtrmib.h */ && ipaddrs->table[i].unused2 & 0x01 #endif ) { outip = ipaddrs->table[i].dwAddr; break; } } free(ipaddrs); if (outip == 0) { /* XXX - default to first Ethernet interface. */ return ("eth0"); } /* Find matching pcap interface by IP. */ if (_pcap_ex_findalldevs(&pifs, ebuf) == -1) return (name); for (pif = pifs, idx = 0; pif != NULL && name == NULL; pif = pif->next, idx++) { for (pa = pif->addresses; pa != NULL; pa = pa->next) { if (pa->addr->sa_family == AF_INET && ((struct sockaddr_in *)pa->addr)->sin_addr.S_un.S_addr == outip) { sprintf(_ifname, "eth%d", idx); name = _ifname; break; } } } pcap_freealldevs(pifs); return (name); #else return (pcap_lookupdev(ebuf)); #endif } int pcap_ex_fileno(pcap_t *pcap) { #ifdef _WIN32 /* XXX - how to handle savefiles? */ return ((int)pcap_getevent(pcap)); #else # ifdef HAVE_PCAP_FILE FILE *f = pcap_file(pcap); # else FILE *f = pcap->sf.rfile; # endif if (f != NULL) return (fileno(f)); return (pcap_fileno(pcap)); #endif /* !_WIN32 */ } static int __pcap_ex_gotsig; #ifdef _WIN32 static BOOL CALLBACK __pcap_ex_ctrl(DWORD sig) { __pcap_ex_gotsig = 1; return (TRUE); } #else static void __pcap_ex_signal(int sig) { __pcap_ex_gotsig = 1; } #endif /* XXX - hrr, this sux */ void pcap_ex_setup(pcap_t *pcap) { #ifdef _WIN32 SetConsoleCtrlHandler(__pcap_ex_ctrl, TRUE); #else #if 0 int fd, n; fd = pcap_fileno(pcap); n = fcntl(fd, F_GETFL, 0) | O_NONBLOCK; fcntl(fd, F_SETFL, n); #endif signal(SIGINT, __pcap_ex_signal); #endif } void pcap_ex_setnonblock(pcap_t *pcap, int nonblock, char *ebuf) { #ifdef HAVE_PCAP_SETNONBLOCK pcap_setnonblock(pcap, nonblock, ebuf); #endif } int pcap_ex_getnonblock(pcap_t *pcap, char *ebuf) { #ifdef HAVE_PCAP_SETNONBLOCK return (pcap_getnonblock(pcap, ebuf)); #else return (0); #endif } /* return codes: 1 = pkt, 0 = timeout, -1 = error, -2 = EOF */ int pcap_ex_next(pcap_t *pcap, struct pcap_pkthdr **hdr, u_char **pkt) { #ifdef _WIN32 if (__pcap_ex_gotsig) { __pcap_ex_gotsig = 0; return (-1); } return (pcap_next_ex(pcap, hdr, pkt)); #else static u_char *__pkt; static struct pcap_pkthdr __hdr; struct timeval tv = { 1, 0 }; fd_set rfds; int fd, n; fd = pcap_fileno(pcap); for (;;) { if (__pcap_ex_gotsig) { __pcap_ex_gotsig = 0; return (-1); } if ((__pkt = (u_char *)pcap_next(pcap, &__hdr)) == NULL) { #ifdef HAVE_PCAP_FILE if (pcap_file(pcap) != NULL) #else if (pcap->sf.rfile != NULL) #endif return (-2); FD_ZERO(&rfds); FD_SET(fd, &rfds); n = select(fd + 1, &rfds, NULL, NULL, &tv); if (n <= 0) return (n); } else break; } *pkt = __pkt; *hdr = &__hdr; return (1); #endif } int pcap_ex_compile_nopcap(int snaplen, int dlt, struct bpf_program *fp, char *str, int optimize, unsigned int netmask) { #ifdef HAVE_PCAP_COMPILE_NOPCAP return (pcap_compile_nopcap(snaplen, dlt, fp, str, optimize, netmask)); #else FILE *f; struct pcap_file_header hdr; pcap_t *pc; char path[] = "/tmp/.pypcapXXXXXX.pcap"; char ebuf[PCAP_ERRBUF_SIZE]; int ret = -1; mktemp(path); if ((f = fopen(path, "w")) != NULL) { hdr.magic = 0xa1b2c3d4; hdr.version_major = PCAP_VERSION_MAJOR; hdr.version_minor = PCAP_VERSION_MINOR; hdr.thiszone = 0; hdr.snaplen = snaplen; hdr.sigfigs = 0; hdr.linktype = dlt; fwrite(&hdr, sizeof(hdr), 1, f); fclose(f); if ((pc = pcap_open_offline(path, ebuf)) != NULL) { ret = pcap_compile(pc, fp, str, optimize, netmask); pcap_close(pc); } unlink(path); } return (ret); #endif } python-pypcap-1.1.2+debian/pcap_ex.h0000644000175000017500000000116510504370356017206 0ustar edmondsedmonds/* $Id: pcap_ex.h,v 1.6 2005/08/29 21:11:40 dugsong Exp $ */ #ifndef PCAP_EX_H #define PCAP_EX_H int pcap_ex_immediate(pcap_t *pcap); char *pcap_ex_name(char *name); char *pcap_ex_lookupdev(char *ebuf); int pcap_ex_fileno(pcap_t *pcap); void pcap_ex_setup(pcap_t *pcap); void pcap_ex_setnonblock(pcap_t *pcap, int nonblock, char *ebuf); int pcap_ex_getnonblock(pcap_t *pcap, char *ebuf); int pcap_ex_next(pcap_t *pcap, struct pcap_pkthdr **hdr, u_char **pkt); int pcap_ex_compile_nopcap(int snaplen, int dlt, struct bpf_program *fp, char *str, int optimize, unsigned int netmask); #endif /* PCAP_EX_H */ python-pypcap-1.1.2+debian/setup.py0000644000175000017500000000765110656245452017144 0ustar edmondsedmonds#!/usr/bin/env python # # $Id: setup.py,v 1.14 2005/10/16 23:07:03 dugsong Exp $ from distutils.core import setup, Extension from distutils.command import config, clean import cPickle, glob, os, sys pcap_config = {} pcap_cache = 'config.pkl' class config_pcap(config.config): description = 'configure pcap paths' user_options = [ ('with-pcap=', None, 'path to pcap build or installation directory') ] def initialize_options(self): config.config.initialize_options(self) self.dump_source = 0 #self.noisy = 0 self.with_pcap = None def _write_config_h(self, cfg): # XXX - write out config.h for pcap_ex.c d = {} if os.path.exists(os.path.join(cfg['include_dirs'][0], 'pcap-int.h')): d['HAVE_PCAP_INT_H'] = 1 buf = open(os.path.join(cfg['include_dirs'][0], 'pcap.h')).read() if buf.find('pcap_file(') != -1: d['HAVE_PCAP_FILE'] = 1 if buf.find('pcap_compile_nopcap(') != -1: d['HAVE_PCAP_COMPILE_NOPCAP'] = 1 if buf.find('pcap_setnonblock(') != -1: d['HAVE_PCAP_SETNONBLOCK'] = 1 f = open('config.h', 'w') for k, v in d.iteritems(): f.write('#define %s %s\n' % (k, v)) def _pcap_config(self, dirs=[ None ]): cfg = {} if not dirs[0]: dirs = [ '/usr', sys.prefix ] + glob.glob('/opt/libpcap*') + \ glob.glob('../libpcap*') + glob.glob('../wpdpack*') for d in dirs: for sd in ('include', 'include/pcap', ''): incdirs = [ os.path.join(d, sd) ] if os.path.exists(os.path.join(d, sd, 'pcap.h')): cfg['include_dirs'] = [ os.path.join(d, sd) ] for sd in ('lib', ''): for lib in (('pcap', 'libpcap.a'), ('pcap', 'libpcap.dylib'), ('wpcap', 'wpcap.lib')): if os.path.exists(os.path.join(d, sd, lib[1])): cfg['library_dirs'] = [ os.path.join(d, sd) ] cfg['libraries'] = [ lib[0] ] if lib[0] == 'wpcap': cfg['libraries'].append('iphlpapi') cfg['extra_compile_args'] = \ [ '-DWIN32', '-DWPCAP' ] print 'found', cfg self._write_config_h(cfg) return cfg raise "couldn't find pcap build or installation directory" def run(self): #config.log.set_verbosity(0) cPickle.dump(self._pcap_config([ self.with_pcap ]), open(pcap_cache, 'wb')) self.temp_files.append(pcap_cache) class clean_pcap(clean.clean): def run(self): clean.clean.run(self) if self.all and os.path.exists(pcap_cache): print "removing '%s'" % pcap_cache os.unlink(pcap_cache) if len(sys.argv) > 1 and sys.argv[1] == 'build': try: pcap_config = cPickle.load(open(pcap_cache)) except IOError: print >>sys.stderr, 'run "%s config" first!' % sys.argv[0] sys.exit(1) pcap = Extension(name='pcap', sources=[ 'pcap.c', 'pcap_ex.c' ], include_dirs=pcap_config.get('include_dirs', ''), library_dirs=pcap_config.get('library_dirs', ''), libraries=pcap_config.get('libraries', ''), extra_compile_args=pcap_config.get('extra_compile_args', '')) pcap_cmds = { 'config':config_pcap, 'clean':clean_pcap } setup(name='py-pypcap', version='1.1.2', author='Dug Song', author_email='dugsong@monkey.org', url='http://monkey.org/~dugsong/pypcap/', description='packet capture library', cmdclass=pcap_cmds, ext_modules = [ pcap ]) python-pypcap-1.1.2+debian/test/0000755000175000017500000000000010656245417016401 5ustar edmondsedmondspython-pypcap-1.1.2+debian/test/test.pcap0000644000175000017500000000072410656245360020225 0ustar edmondsedmondsòaA[#>> `-aoE0&@<  }0pqaAp#66o `-aE(L@@  }1PbAl>> `-aoE0@:  }0pqbA66o `-aE(G~@@>  }1PbA1 >> `-aoE0K@9i  }0pqbAG 66o `-aE(>s@@I  }1Ppython-pypcap-1.1.2+debian/test/test.py0000755000175000017500000000254710656245401017736 0ustar edmondsedmonds#!/usr/bin/env python import glob, sys, unittest import pcap class PcapTestCase(unittest.TestCase): def test_pcap_iter(self): l = [ (x[0], len(x[1])) for x in pcap.pcap('test.pcap') ] assert l == [(1092256609.9265549, 62), (1092256609.9265759, 54), (1092256610.332396, 62), (1092256610.3324161, 54), (1092256610.8330729, 62), (1092256610.8330951, 54)], 'pcap iter' def test_pcap_properties(self): p = pcap.pcap('test.pcap') assert (p.name, p.snaplen, p.dloff, p.filter) == ('test.pcap', 2000, 14, ''), 'pcap properties' def test_pcap_errors(self): p = pcap.pcap('test.pcap') try: print p.stats() except OSError: pass assert p.geterr() != '', 'pcap_geterr' def test_pcap_dispatch(self): def __cnt_handler(ts, pkt, d): d['cnt'] += 1 p = pcap.pcap('test.pcap') d = { 'cnt':0 } n = p.dispatch(-1, __cnt_handler, d) assert n == 0 assert d['cnt'] == 6 def __bad_handler(ts, pkt): raise NotImplementedError p = pcap.pcap('test.pcap') try: p.dispatch(-1, __bad_handler) except NotImplementedError: pass def test_pcap_readpkts(self): assert len(pcap.pcap('test.pcap').readpkts()) == 6 if __name__ == '__main__': unittest.main() python-pypcap-1.1.2+debian/test/testsniff.py0000755000175000017500000000162210656245360020761 0ustar edmondsedmonds#!/usr/bin/env python import getopt, sys import dpkt, pcap def usage(): print >>sys.stderr, 'usage: %s [-i device] [pattern]' % sys.argv[0] sys.exit(1) def main(): opts, args = getopt.getopt(sys.argv[1:], 'i:h') name = None for o, a in opts: if o == '-i': name = a else: usage() pc = pcap.pcap(name) pc.setfilter(' '.join(args)) decode = { pcap.DLT_LOOP:dpkt.loopback.Loopback, pcap.DLT_NULL:dpkt.loopback.Loopback, pcap.DLT_EN10MB:dpkt.ethernet.Ethernet }[pc.datalink()] try: print 'listening on %s: %s' % (pc.name, pc.filter) for ts, pkt in pc: print ts, `decode(pkt)` except KeyboardInterrupt: nrecv, ndrop, nifdrop = pc.stats() print '\n%d packets received by filter' % nrecv print '%d packets dropped by kernel' % ndrop if __name__ == '__main__': main()