I'm doing research this semester, and was given a Python network sniffer to modify to suit our new needs. After getting the sniffer, I tried to run it to see how it works as-is, but it seems it doesn't want to work at all...
The program sets up listening on port 80 by default, on the local machine, to log all tcp traffic.
f = open(name, "a")
devs = pcap.findalldevs()
for eth in devs:
print " %d - %s" %(i,devs[i])
sel=input(" Select interface: ")
print "Waiting for connection..."
print "Client succesfully connected!\n"
p = pcap.pcapObject()
net, mask = pcap.lookupnet(dev)
p.open_live(dev, 1600, 0, 100)
p.setfilter('tcp dst port 80',0,0)
print "Listening on %s: \n" % (dev)
# the loop method is another way of doing things
# as is the next() method
# p.next() returns a (pktlen, data, timestamp) tuple
#print '%s' % sys.exc_type
print '%d packets received, %d packets dropped, %d packets dropped by interface' % p.stats()
The issue I have is at conn,addr=s.accept(). The program just hangs no matter how many firefox browsers I open or how many links I click on. I am sudo'd in and selected my device to listen on. I've tried both wired (eth0) and wireless (wlan0) and both do not work. The only time I can get it to do anything is by commenting that line out (at which point it complains that conn does not exist, of course). The program is just suppose to listen on the local machine for all traffic coming in through port 80 (and I'm suppose to modify it once I get it working...)
Any ideas why? I'm using an Ubuntu machine.