stackoom
  简体   繁体   中英

Filter options for sniff function in scapy

 原文  2016-05-26 06:37:23       python/ linux/ networking/ ethernet/ scapy

Question

I'm working on a scapy based tool where at a point I need to sniff a packet based on protocol and the ip address of the destination

I'd like to know about the ways in which filter option in sniff() function can be used. I tried using format in documentation but most of the times it results in problems like this. the filter of sniff function in scapy does not work properly .

The one which I used was 

a=sniff(filter="host 172.16.18.69 and tcp port 80",prn = comp_pkt,count = 1)

Thanks in advance!

1 answers

solution1
 14 ACCPTED  2016-05-26 07:07:20

sniff() uses Berkeley Packet Filter (BPF) syntax (the same one as tcpdump ), here are some examples:

Packets from or to host: 

host x.x.x.x

Only TCP SYN segments: 

tcp[tcpflags] & tcp-syn != 0

Everything ICMP but echo requests/replies: 

icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Python 3 - Scapy sniff filter options filter in scapy function sniff() says libpcap is not available the filter of sniff function in scapy does not work properly Scapy sniff filter not functioning Scapy filtering with sniff() function Sniff Function in Scapy not working Win Error in running Scapy Sniff function Python - scapy sniff() filter with port range Scapy sniff() function not working for no apparent reason scapy sniff function not catching any packets
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM