I got my sniffer to work in Twisted... but then I'm not using pycap : https://github.com/david415/hushVPN/blob/master/nflog_reader.py
I use the NetLinkFilter socket via this python cffi: https://github.com/mk-fg/scapy-nflog-capture Anyhow this allows me to control which packets my sniffer picks up via iptables rules like this: iptables -A INPUT -p tcp --dport 22 -j NFLOG Cheers! David On Fri, Nov 8, 2013 at 12:50 AM, Edmund Wong <ew...@pw-wspx.org> wrote: > Hi, > > I've created a script that would log on to an irc server, while > capturing packets. > > I came across the following link: > > http://dound.com/2009/09/integrating-twisted-with-a-pcap-based-python-packet-sniffer/ > > But I'm using pycap (http://pycap.sourceforge.net/), but I'm having > some difficulties with getting it to work. > > Here's the code: > > # Copyright (c) Twisted Matrix Laboratories. > # See LICENSE for details. > > # twisted imports > from twisted.words.protocols import irc > from twisted.internet import reactor, protocol > from twisted.python import log > from twisted.internet.defer import Deferred > > # system imports > import time, sys > > import pycap.capture > > def run_pcap(f): > p = pycap.capture.capture('eth0') > p.filter('src host ! 192.168.1.100 and dst host ! 192.168.1.100 and dst > port 25') > packet = None > print "Listening...\n" > while 1: > if packet: > print "Received packet." > reactor.callFromThread(f, packet) > else: > print "no packet\n" > packet = p.next() > > class LogBot(irc.IRCClient): > """A logging IRC bot.""" > > nickname = "testbot" > > def packetShow(self, packet): > """ booga """ > msg = "Port 25 hit | From:[%s] To:[%s]" % (packet[1].source, > packet[1].destination) > self.msg(self.channel, msg) > > def connectionMade(self): > irc.IRCClient.connectionMade(self) > print "Setting up callInThread\n" > reactor.callInThread(run_pcap, self.packetShow) > print "Finished setting up callInThread\n" > > def connectionLost(self, reason): > irc.IRCClient.connectionLost(self, reason) > > # callbacks for events > > def signedOn(self): > """Called when bot has succesfully signed on to server.""" > print "Signing on to %s.\n" % self.factory.channel > # self.join(self.factory.channel) > self.sendLine("JOIN %s" % (self.factory.channel,)) > > def joined(self, channel): > """This will get called when the bot joins the channel.""" > print "Joining channel %s." % channel > > def privmsg(self, user, channel, msg): > """This will get called when the bot receives a message.""" > user = user.split('!', 1)[0] > > # Check to see if they're sending me a private message > if channel == self.nickname: > msg = "It isn't nice to whisper! Play nice with the group." > self.msg(user, msg) > return > > # Otherwise check to see if it is a message directed at me > if msg.startswith(self.nickname + ":"): > msg = "%s: I am a log bot" % user > self.msg(channel, msg) > > def action(self, user, channel, msg): > """This will get called when the bot sees someone do an action.""" > user = user.split('!', 1)[0] > > # irc callbacks > > def irc_NICK(self, prefix, params): > """Called when an IRC user changes their nickname.""" > old_nick = prefix.split('!')[0] > new_nick = params[0] > > > # For fun, override the method that determines how a nickname is changed > on > # collisions. The default method appends an underscore. > def alterCollidedNick(self, nickname): > """ > Generate an altered version of a nickname that caused a collision in > an > effort to create an unused related name for subsequent registration. > """ > return nickname + '^' > > class LogBotFactory(protocol.ClientFactory): > """A factory for LogBots. > > A new protocol instance will be created each time we connect to the > server. > """ > > def __init__(self, channel): > self.channel = channel > > def buildProtocol(self, addr): > p = LogBot() > p.factory = self > return p > > def clientConnectionLost(self, connector, reason): > """If we get disconnected, reconnect to server.""" > connector.connect() > > def clientConnectionFailed(self, connector, reason): > print "connection failed:", reason > reactor.stop() > > > if __name__ == '__main__': > # create factory protocol and application > f = LogBotFactory("#testx") > > # connect factory to this host and port > reactor.connectTCP("192.168.1.170", 6667, f) > > # run bot > reactor.run() > > I was told that perhaps I could use twisted.pair, > but I have no idea how to use the module. The > documentation is lacking and I've only just started > programming in Twisted. > > Any help appreciated. > > Edmund > > > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python _______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
