helpsystems / pcapy Goto Github PK
View Code? Open in Web Editor NEWPcapy is a Python extension module that interfaces with the libpcap packet capture library.
License: Other
Pcapy is a Python extension module that interfaces with the libpcap packet capture library.
License: Other
x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -Wdate-time -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -fPIC -I/usr/include/python2.7 -c pcapdumper.cc -o build/temp.linux-x86_64-2.7/pcapdumper.o
cc1plus: warning: command line option ‘-Wstrict-prototypes’ is valid for C/ObjC but not for C++
pcapdumper.cc:11:18: fatal error: pcap.h: No such file or directory
#include <pcap.h>
^
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
setup at py2.7 win7 64bit ,Visual C++ 9.0 for Python
error:
ed in function "struct _object * __cdecl open_live(struct _object *,struct _obje
ct *)" (?open_live@@YAPEAU_object@@PEAU1@0@Z)
pcapy.obj : error LNK2019: unresolved external symbol pcap_open_live referenced
in function "struct _object * __cdecl open_live(struct _object *,struct _object
*)" (?open_live@@YAPEAU_object@@PEAU1@0@Z)
pcapy.obj : error LNK2019: unresolved external symbol pcap_lookupnet referenced
in function "struct _object * __cdecl open_live(struct _object *,struct _object
*)" (?open_live@@YAPEAU_object@@PEAU1@0@Z)
pcapy.obj : error LNK2019: unresolved external symbol pcap_open_offline referenc
ed in function "struct _object * __cdecl open_offline(struct _object *,struct _o
bject *)" (?open_offline@@YAPEAU_object@@PEAU1@0@Z)
pcapy.obj : error LNK2019: unresolved external symbol pcap_open_dead referenced
in function "struct _object * __cdecl bpf_compile(struct _object *,struct _objec
t *)" (?bpf_compile@@YAPEAU_object@@PEAU1@0@Z)
build\lib.win-amd64-2.7\pcapy.pyd : fatal error LNK1120: 26 unresolved externals
error: command 'C:\Users\Administrator\AppData\Local\Programs\Common\Micr
osoft\Visual C++ for Python\9.0\VC\Bin\amd64\link.exe' failed with exit st
atus 1120
Built pcapy 0.10.8 with pypy 2.2.1 successfully, but it can't be imported. The error is:
# pypy
Python 2.7.3 (87aa9de10f9ca71da9ab4a3d53e0ba176b67d086, May 09 2014, 08:19:15)
[PyPy 2.2.1] on freebsd10
Type "help", "copyright", "credits" or "license" for more information.
And now for something completely different: ``PyPy 2.0.1 released''
>>>> from pcapy import open_live
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ImportError: unable to load extension module '/usr/local/lib/pypy-2.2/site-packages/pcapy.pypy-22.so': /usr/local/lib/pypy-2.2/site-packages/pcapy.pypy-22.so: Undefined symbol "__gxx_personality_v0"
I could fix this by adding libstdc++ to libraries in setup.py:
--- setup.py.orig 2014-05-10 10:34:10.991476679 +0200
+++ setup.py 2014-05-10 10:34:56.891831654 +0200
@@ -19,7 +19,7 @@
library_dirs.append(r'c:\devel\oss\wpdpack\Lib')
libraries = ['wpcap', 'packet', 'ws2_32']
else:
- libraries = ['pcap']
+ libraries = ['pcap', 'stdc++']
print("\n".join(pcapy.findalldevs()))
How is a human expected to know which adapter they want to specify / choose?
\Device\NPF_{5F548CD6-AB25-4913-ABC1-AE6DCF74760B}
\Device\NPF_{38014CA5-B0D9-4BE3-8CB6-4AA3442CB25F}
\Device\NPF_{1DE9A80A-A2B0-4DFE-9810-2EBD8D4DCA2C}
\Device\NPF_{AC59B406-A1B1-4F50-8621-9441AE84E06C}
\Device\NPF_{102E3A0A-8932-4156-9864-9C637014EA4E}
\Device\NPF_{26BCC034-5CAA-40A3-96D4-B2C5D9B7059F}
\Device\NPF_{6688476E-2EDB-4A6C-9976-AF020063ABC5}
\Device\NPF_{28E2730D-EAD3-4F25-85B8-DFFE14D9A054}
\Device\NPF_{556D609A-1036-466A-98B9-9A1E784AFF3A}
I installed pcapy using the source and compiled it. When I set an interface into monitor mode using tcpdump, like sudo tcpdump -I -i en0 --linktype=IEEE802_11 -e -s 256 type mgt subtype probe-response
, packets show up just fine in that window for tcpdump
, but pcapy can't seem to tell. Capturing on pcapy on that interface causes no packets to show up. Trying to set a filter on the capture object returns pcapy.PcapError: 802.11 link-layer types supported only on 802.11
. In fact, I haven't been able to get pcapy to capture anything. Calling .datalink() on the interface capture object returns 1 (ethernet) for the wireless interface.
Am I missing some dependency? Compiling pcapy went smoothly without complaints, so I can't imagine what the problem is.
When I try to use pcapy.open_live, I don't seem to get any channels in the A band. I can get data from the b/g bands fine, but nothing in the 5 Ghz A band.
I have tested this with both the AWUS1900 (8814au driver) and the AWUS036ACH (8812au driver). They can both get data okay on the 2.4 Ghz channels (1-14) when using "pcapy.open_live(interface_name, 1514, 1, 0)", but no channels above the top end of b/g.
I know the driver can get data on the A band channels because airodump-ng works fine.
Can support for the A band channels be added to pcapy?
I added a function to support pcap_open_offline_with_tstamp_precision(). Do you want me to submit a pull request?
When I run python setup.py install
compilation error occurs and proccess terminates
running install
running build
running build_ext
building 'pcapy' extension
x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -fPIC -I/usr/include/python2.7 -c pcapdumper.cc -o build/temp.linux-x86_64-2.7/pcapdumper.o
cc1plus: warning: command line option ‘-Wstrict-prototypes’ is valid for C/ObjC but not for C++
pcapdumper.cc:10:20: fatal error: Python.h: No such file or directory
#include <Python.h>
^
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
Hello, I'm trying to install pcapy on Ubuntu 16.04, but it fails with
$ sudo python3 setup.py install
running install
Checking .pth file support in /usr/local/lib/python3.5/dist-packages/
/usr/bin/python3 -E -c pass
TEST PASSED: /usr/local/lib/python3.5/dist-packages/ appears to support .pth files
running bdist_egg
running egg_info
writing top-level names to pcapy.egg-info/top_level.txt
writing dependency_links to pcapy.egg-info/dependency_links.txt
writing pcapy.egg-info/PKG-INFO
reading manifest file 'pcapy.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'pcapy.egg-info/SOURCES.txt'
installing library code to build/bdist.linux-x86_64/egg
running install_lib
running build_ext
building 'pcapy' extension
x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.5m -c pcapdumper.cc -o build/temp.linux-x86_64-3.5/pcapdumper.o
cc1plus: warning: command line option ‘-Wstrict-prototypes’ is valid for C/ObjC but not for C++
pcapdumper.cc:11:18: fatal error: pcap.h: No such file or directory
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
I have tcpdump
installed. I'm trying to install this for a client, so I'm not very familiar with any of this yet...
Looks like I do have pcap.h
in a number of places though:
$ locate pcap.h
/usr/src/linux-headers-4.4.0-72/include/linux/mfd/ezx-pcap.h
/usr/src/linux-headers-4.4.0-72-generic/include/config/ezx/pcap.h
/usr/src/linux-headers-4.4.0-72-generic/include/config/input/pcap.h
/usr/src/linux-headers-4.4.0-72-generic/include/config/regulator/pcap.h
/usr/src/linux-headers-4.4.0-72-generic/include/config/rtc/drv/pcap.h
/usr/src/linux-headers-4.4.0-72-generic/include/config/touchscreen/pcap.h
/usr/src/linux-headers-4.4.0-75/include/linux/mfd/ezx-pcap.h
/usr/src/linux-headers-4.4.0-75-generic/include/config/ezx/pcap.h
/usr/src/linux-headers-4.4.0-75-generic/include/config/input/pcap.h
/usr/src/linux-headers-4.4.0-75-generic/include/config/regulator/pcap.h
/usr/src/linux-headers-4.4.0-75-generic/include/config/rtc/drv/pcap.h
/usr/src/linux-headers-4.4.0-75-generic/include/config/touchscreen/pcap.h
/usr/src/linux-headers-4.4.0-78/include/linux/mfd/ezx-pcap.h
/usr/src/linux-headers-4.4.0-78-generic/include/config/ezx/pcap.h
/usr/src/linux-headers-4.4.0-78-generic/include/config/input/pcap.h
/usr/src/linux-headers-4.4.0-78-generic/include/config/regulator/pcap.h
/usr/src/linux-headers-4.4.0-78-generic/include/config/rtc/drv/pcap.h
/usr/src/linux-headers-4.4.0-78-generic/include/config/touchscreen/pcap.h
But not in any lib
folder.
Any ideas?
Hi,
I'm new to GitHub so I apologize if this is not the correct place to ask questions. I am not sure if this this is an issue, or my own ignorance, but I am using pcapy to read a live bytestream and record it to a .pcap file. doing so was fairly easy with the documentation i found on the web, but when i view the pcap in wireshark I have two issues:
the header timestamp is in microsecond precision only. if i capture from the same interface using tcpdump with "--time-stamp-precision nano", i see the header timestamps in nanoseconds.
The headers and payloads look fine in my pcap, but each message also has an 8 byte packet trailer which i do not see. if I use tcpdump with -K (this may not be necessary but checksum is what i suspect is why pcapy doesnt read it), each message will include the packet trailer.
because special arguments are needed to get the output i want with tcpdump, I suspect that libpcap needs to be told to turn these features on. Does pcapy support either request?
FWIW, here is a stripped down sample of what my code is doing. it is a bit more complicated else i would be using tcpdump to create the captures:
#first, i'm opening the bytestream, passing the desired interface from cli arguments:
cap = pcapy.open_live(interface, 65536, 1, 0)
#i want to write every UDP message in this packet capture, so i do the following:
while True:
(header, packet) = cap.next()
ethernet = dpkt.ethernet.Ethernet(packet)
if ethernet.type == dpkt.ethernet.ETH_TYPE_IP:
ip = ethernet.data
if ip.p == dpkt.ip.IP_PROTO_UDP:
udp = ip.data
#there's some processing that goes on in the middle, but i am not manipulating the output.
dumper = cap.dump_open(path + filename +'.pcap')
dumper.dump(header,packet)
I read that someone edited the source to enable at least the nanosecond precision, however as it is from 2014 I assume they never made a pull request or shared their code contribution:
https://stackoverflow.com/questions/21764341/pcap-nanoseconds-python
I'd appreciate any help you can give me, and happy to help where i can with diagnosis
function next() seems to have a memory leak. The with the following code the memory increases through the time:
import pcapy
class PacketSniffer:
def sniff(self):
livecapture = pcapy.open_live('eth0', 65536, 1, 0)
self._run=True
while self._run:
captured = livecapture.next()
if __name__ == '__main__':
sniffer=PacketSniffer()
sniffer.sniff()
OS: Red Hat Enterprise Linux Server release 7.3 (Maipo)
python: Python 3.5.1
pip show pcapy
Name: pcapy
Version: 0.11.1
Summary: Python pcap extension
Home-page: https://github.com/CoreSecurity/pcapy
Author: CORE Security
Author-email: [email protected]
License: Apache modified
Location: /opt/python_virtualenv/ibn/lib/python3.5/site-packages
Requires:
It would be nice to have some sort of mechanism to find out if the kernel or network interface are dropping packets due to the ring buffer being full. This happens on busy interfaces and while I set the snap length low for the type of traffic I'm dealing with, to minimize how much each packet takes in the buffer, I would like some feedback from the software on if there is loss to mitigate the issue.
tcpdump/pcap support this sort of information via pcap_stats. It's also given via tcpdump when you exit a capture.
E.G:
X packets captured
Y packets received by filter
Z packets dropped by kernel
Export pcap_get_selectable_fd, this is useful to use pcapy with external event loops.
Hi. I am using mingw32 and 32 bit python 2.7
-WpdPack is downloaded and used in include and lib dir in setup.py . I changed the Include and Lib directories in setup.py (in pcapy) and they are true.
-I also installed python setuptools
-MinGW and gcc are correctly installed (I compiled many other C++ files with them, and using python)
-I use command python setup.py build_ext -c mingw32
in the folder contains pcapy.
first I had this error :
c:\mingw\lib\gcc\mingw32\6.3.0\include\c++\cmath:1157:11: error: '::hypot' has not been declared
using ::hypot;
^~~~~
I added #define hypot _hypot
before that line and this error faded away.
now I have this error :
c:\mingw\include\stdio.h:349:12:
In file included from C:\sulley-master\WpdPack\Include/pcap/pcap.h:54:0,
from C:\sulley-master\WpdPack\Include/pcap.h:45,
from bpfobj.cc:10:
c:\mingw\include\stdio.h:345:12: error: expected initializer before '__mingw__snprintf'
extern int mingw_stdio_redirect(snprintf)(char*, size_t, const char*, ...);
c:\mingw\include\stdio.h:349:12: error: expected initializer before '__mingw__vsnprintf'
extern int mingw_stdio_redirect(vsnprintf)(char*, size_t, const char*, __VALIST);
error: command 'C:\MinGW\bin\gcc.exe' failed with exit status 1
I don't know what shall I do with this. please help me.
After cloning the repo and running python setup.py install
, I get this error
dist.py:474: UserWarning: Normalizing '0.11.5-dev' to '0.11.5.dev0'
normalized_version,
running install
running bdist_egg
running egg_info
creating pcapy.egg-info
writing pcapy.egg-info\PKG-INFO
writing dependency_links to pcapy.egg-info\dependency_links.txt
writing top-level names to pcapy.egg-info\top_level.txt
writing manifest file 'pcapy.egg-info\SOURCES.txt'
reading manifest file 'pcapy.egg-info\SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'pcapy.egg-info\SOURCES.txt'
installing library code to build\bdist.win-amd64\egg
running install_lib
running build_ext
building 'pcapy' extension
creating build
creating build\temp.win-amd64-3.6
creating build\temp.win-amd64-3.6\Release
creating build\temp.win-amd64-3.6\Release\win32
C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.25.28610\bin\HostX86\x64\cl.exe /c /nologo /Ox /W3 /GL /DNDEBUG /MT -DWIN32=1 -Ic:\wpdpack\Include -IC:\Users\user\AppData\Local\Programs\Python\Python36\include -IC:\Users\user\AppData\Local\Programs\Python\Python36\include "-IC:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.25.28610\ATLMFC\include" "-IC:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.25.28610\include" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\ucrt" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\shared" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\um" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\winrt" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\cppwinrt" /EHsc /Tppcapdumper.cc /Fobuild\temp.win-amd64-3.6\Release\pcapdumper.obj
pcapdumper.cc
pcapdumper.cc(11): fatal error C1083: Cannot open include file: 'pcap.h': No such file or directory
error: command 'C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Community\\VC\\Tools\\MSVC\\14.25.28610\\bin\\HostX86\\x64\\cl.exe' failed with exit status 2
Telling me that it cannot find pcap.h
. The same error occurs when using pip.
Hi, I face some trouble when I install pcapy
正在建立程式庫 build\temp.win-amd64-3.6\Release\pcapy.cp36-win_amd64.lib 和物件 build\temp.win-amd64-3.6\Release\pcapy.cp36-win_amd64.exp
pcapdumper.obj : error LNK2001: 無法解析的外部符號 pcap_dump_close
pcapdumper.obj : error LNK2001: 無法解析的外部符號 pcap_dump
...............
pcapy.obj : error LNK2001: 無法解析的外部符號 pcap_findalldevs
pcapy.obj : error LNK2001: 無法解析的外部符號 pcap_open_dead
pcapy.obj : error LNK2001: 無法解析的外部符號 pcap_open_offline
pcapy.obj : error LNK2001: 無法解析的外部符號 pcap_lookupnet
build\lib.win-amd64-3.6\pcapy.cp36-win_amd64.pyd : fatal error LNK1120: 26 個無法解析的外部符號
error: Setup script exited with error: command 'C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Tools\MSVC\14.12.25827\bin\HostX86\x64\link.exe' failed with exit status 1120
無法解析的外部符號 = unresolved external symbol
I use python3, anaconda in windows 10 ,64bit
how can I solve this problem, THANKS
I'm trying to package your module as an rpm package. So I'm using the typical PEP517 based build, install and test cycle used on building packages from non-root account.
python3 -sBm build -w
I found tests/pcapytests.py which looks lioke some unittest test suite however looks like it fails
+ cd pcapy-0.11.5
+ cd tests
+ PYTHONPATH=/home/tkloczko/rpmbuild/BUILDROOT/python-pcapy-0.11.5-2.fc35.x86_64//usr/lib64/python3.8/site-packages
+ /usr/bin/python3 pcapytests.py
testBPFFilter (__main__.TestPcapy)
#3 test offline BPFFilter ... pcapytests.py:61: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, pkt = r.next()
pcapytests.py:63: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
f = bpf.filter(pkt)
pcapytests.py:65: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, pkt = r.next()
ok
testClose (__main__.TestPcapy)
#7 Test the close method ... pcapytests.py:133: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, body = r.next()
ok
testContextManager (__main__.TestPcapy)
#8 Test the context manager support ... pcapytests.py:144: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, body = r.next()
ok
testEOFValue (__main__.TestPcapy)
#2 empty string is returned as packet body at end of file ... pcapytests.py:44: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, pkt = r.next()
pcapytests.py:46: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, pkt = r.next()
FAIL
testPacketDumper (__main__.TestPcapy)
#6 test that the dumper writes correct payload ... pcapytests.py:100: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, body = r.next()
pcapytests.py:103: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
dumper.dump(hdr, body)
pcapytests.py:105: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
hdr, body = r.next()
pcapytests.py:115: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
h1, b1 = r.next()
pcapytests.py:116: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
h2, b2 = r2.next()
pcapytests.py:119: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
h1, b1 = r.next()
pcapytests.py:120: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
h2, b2 = r2.next()
ok
testPacketHeaderRefCount (__main__.TestPcapy)
#1: when next() creates a pkthdr it makes one extra reference ... pcapytests.py:31: DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats
sys.getrefcount(r.next()[0]),
ok
test_get_bpf (__main__.TestPcapy) ... ok
======================================================================
FAIL: testEOFValue (__main__.TestPcapy)
#2 empty string is returned as packet body at end of file
----------------------------------------------------------------------
Traceback (most recent call last):
File "pcapytests.py", line 52, in testEOFValue
self.assertEqual(refNone, sys.getrefcount(None))
AssertionError: 6873 != 6871
----------------------------------------------------------------------
Ran 7 tests in 0.003s
FAILED (failures=1)
When calling open_live
there is a way to choose an interface but there is no way to specify which packets you want to capture (in, out, inout). Libpcap has set_direction
that solves that but there is no way to configure it via pcapy
Installing pcapy from pip
or straight from source fails. Binary cannot be installed from your website because it won't accept anything newer than 2.7 (or at least 64-bit)
Installing via CMD.exe (Win7 64-bit) ends up with this line:
"pcapdumper.cc(11) : fatal error C1083: Cannot open include file: 'pcap.h': No such file or directory"
Hi,
im trying to capture packets and im using open_live(timeout 0) with dispatch instead of next, and I dont know why but its sniffing only a few packets and then close pip.
my code:
import pcapy
import threading
import time
from pcapy import open_live, PcapErrordef parse_eth_packet_hndlr(header, packet):
print('header len:%s\n'%header.getlen())def start():
try:
packets_reader = open_live('eth2', 200, 0, 0)
except PcapError as e:
if 'That device is not up' in str(e):
logging.debug(e)
return None
try:
print('Try to start capturing packets')
packets_reader.dispatch(-1, parse_eth_packet_hndlr)
except PcapError as e:
returnif name == 'main':
start()
pcapy version:pcapy-0.11.5.dev0
python version: 2.7
please advice
When running the following simple test application pcapy will continue to consume memory until it's killed.
import pcapy
p = pcapy.open_live('any', 65535, False, 100)
while True:
p.next()
$ cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 8 (jessie)"
NAME="Debian GNU/Linux"
VERSION_ID="8"
VERSION="8 (jessie)"
ID=debian
HOME_URL="http://www.debian.org/"
SUPPORT_URL="http://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
$ find /usr/lib | grep libpcap
/usr/lib/x86_64-linux-gnu/libpcap.so.1.6.2
/usr/lib/x86_64-linux-gnu/libpcap.a
/usr/lib/x86_64-linux-gnu/libpcap.so
/usr/lib/x86_64-linux-gnu/libpcap.so.0.8
$ python3.4 --version
Python 3.4.2
ImportError: Error loading shared library libpcap.so.1.3: No such file or directory (needed by /usr/lib/python2.7/site-packages/pcapy.so)
root@turris:/# uname -a
Linux turris 4.4.39-80079e1c1e5f9ca7ad734044462a761a-4 #1 SMP Fri Feb 10 09:50:47 CET 2017 armv7l n
root@turris:/usr/lib# ls -la |grep libpcap
lrwxrwxrwx 1 root root 14 Feb 10 04:18 libpcap.so -> libpcap.so.1.8
lrwxrwxrwx 1 root root 16 Feb 23 11:34 libpcap.so.1.3 -> libpcap.so.1.8.1
lrwxrwxrwx 1 root root 16 Feb 10 04:18 libpcap.so.1.8 -> libpcap.so.1.8.1
-rw-r--r-- 1 root root 209672 Feb 10 04:18 libpcap.so.1.8.1
This is on a Turris Omnia which runs OpenWRT. It worked after I created the symbolic link above, but I don't think I should need to do that.
Arch Linux is currently trying to update to python 3.7.0, and while rebuilding all packages in our repositories, pcapy failed the testsuite with the following log:
======================================================================
FAIL: testEOFValue (__main__.TestPcapy)
----------------------------------------------------------------------
Traceback (most recent call last):
File "pcapytests.py", line 52, in testEOFValue
self.assertEqual(refNone, sys.getrefcount(None))
AssertionError: 5918 != 5915
----------------------------------------------------------------------
Ran 6 tests in 0.002s
FAILED (failures=1)
The goal of this task is to export more Pcap functions (so they are available from Python) in order to open a live capture in the same way than calling pcap_open_live function but being able to specify the internal buffer size. In a way, pcap_open_live is a wrap-up for many of these functions but it's not as flexible as manually calling each one.
The functions we have listed to achieve this goal are the following:
Please check that this functions are both available from Linux Pcap and WinPcap. If not, add pre-processor directives to avoid compilation or linking issues.
Because of ignored problems with DeprecationWarning
for PY_SSIZE_T_CLEAN
(#67, #68), Pcapy doesn't work anymore on Python3.10 (Note: read https://docs.python.org/3.10/whatsnew/3.10.html#id2)
this code don't work on python3
will you guys work out the python3 version?
python3 has removed Py_FindMethod c api
so i can't compile it
i am a new python3 coder
i just can't fix it myself
can anybody help
It would be practical to have a way to browse pcapy documentation on Github easily. This could be achieved by moving the pcapy.html
file to a /docs directory and pointing the project's Github Pages build to it.
Great python module, thanks for making it available to the public. Wondering if you could add an option (defaulted to False) to set immediate mode (no buffering of packets). Several of the other python wrappers for libpcap have an immediate flag.
There is no easy way to identify the cause of the error based on the integer. libpcap includes the function pcap_statustostr that accepts an integer and returns the error/warning string associated with it.
It seems like the statustostr function would be a good thing to add.
It it also possible to add an error exception to the activate function, however this may be a breaking change and it would not be faithful to the original libpcap implementation.
Hi,
can I manage mptcp options using pcapy?
thanks in advance,
Ginés.
not support mingw 64bits target OS.
pip install fails with the below message.
[root@default /]# pip3 install pcapy
Collecting pcapy
Downloading pcapy-0.10.9.tar.gz
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 20, in <module>
File "/tmp/pip-build-qwu_r00b/pcapy/setup.py", line 43
print 'my_init_posix: changing LDSHARED =',`g['LDSHARED']`,
^
SyntaxError: Missing parentheses in call to 'print'
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-qwu_r00b/pcapy
[root@default /]#
Is there any plan to put version 0.10.8 on Python Package Index? The current version on pypi is 0.10.3.
pip3 install pcapy==0.11.4
failed with "command 'x86_64-linux-gnu-gcc' failed with exit status 1"
The complete console output is below
root@rs-dal-karthik-test:/usr/local/talkiq/sniff_realtime# ./bin/pip3 install pcapy==0.11.4
Collecting pcapy==0.11.4
Using cached https://files.pythonhosted.org/packages/b0/68/b49e008f9e2b5ab727fb4b820c2e7d0914bd8dacb3c2d668a36b6e5d8991/pcapy-0.11.4.tar.gz
Installing collected packages: pcapy
Running setup.py install for pcapy ... error
Complete output from command /usr/local/talkiq/sniff_realtime/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-sdr47lrh/pcapy/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-dae79fry/install-record.txt --single-version-externally-managed --compile --install-headers /usr/local/talkiq/sniff_realtime/include/site/python3.7/pcapy:
running install
running build
running build_ext
building 'pcapy' extension
creating build
creating build/temp.linux-x86_64-3.7
x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/local/talkiq/sniff_realtime/include -I/usr/include/python3.7m -c pcapdumper.cc -o build/temp.linux-x86_64-3.7/pcapdumper.o
pcapdumper.cc:10:10: fatal error: Python.h: No such file or directory
#include <Python.h>
^~~~~~~~~~
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
----------------------------------------
Command "/usr/local/talkiq/sniff_realtime/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-sdr47lrh/pcapy/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-dae79fry/install-record.txt --single-version-externally-managed --compile --install-headers /usr/local/talkiq/sniff_realtime/include/site/python3.7/pcapy" failed with error code 1 in /tmp/pip-install-sdr47lrh/pcapy/
root@rs-dal-karthik-test:/usr/local/talkiq/sniff_realtime#
My python version and OS details are below
root@rs-dal-karthik-test:/usr/local/talkiq/sniff_realtime# python3 -V
Python 3.7.3rc1
root@rs-dal-karthik-test:/usr/local/talkiq/sniff_realtime# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux buster/sid"
NAME="Debian GNU/Linux"
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
How do I fix this issue?
Hi,
I've noticed, that pcapy 0.11.5 was released several weeks ago, but new version still missing from PyPI. It's a little inconvenient, since version 0.11.4 has a memory leak: 20a533f, but it was patched in 0.11.5
Is it possible to add pcapy 0.11.5 to PyPI?
I have just cloned pcapy and I am getting the following error when trying to compile it:
(python36) $ python setup.py build
my_init_posix: changing LDSHARED = 'clang++ -bundle -undefined dynamic_lookup'
to 'clang++ -bundle -undefined dynamic_lookup'
running build
running build_ext
building 'pcapy' extension
clang -Wno-unused-result -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -I/usr/local/Cellar/python3/3.6.1/Frameworks/Python.framework/Versions/3.6/include/python3.6m -c pcapdumper.cc -o build/temp.macosx-10.12-x86_64-3.6/pcapdumper.o
clang -Wno-unused-result -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -I/usr/local/Cellar/python3/3.6.1/Frameworks/Python.framework/Versions/3.6/include/python3.6m -c bpfobj.cc -o build/temp.macosx-10.12-x86_64-3.6/bpfobj.o
clang -Wno-unused-result -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -I/usr/local/Cellar/python3/3.6.1/Frameworks/Python.framework/Versions/3.6/include/python3.6m -c pcapobj.cc -o build/temp.macosx-10.12-x86_64-3.6/pcapobj.o
pcapobj.cc:652:11: error: no member named 'ob_type' in 'pcapobject'
if (pp->ob_type != &Pcaptype)
~~ ^
1 error generated.
error: command 'clang' failed with exit status 1
$ python -V
Python 3.6.1
Mac OS X Sierra(10.12.6).
Any clue?
I follow every instruction but when 'python setup.py install', following error appears
running build_ext
building 'pcapy' extension
error: Unable to find vcvarsall.bat
I put WpdPack_4_1_2 into C:\ drive
Amend setup.py append 'C:\WpdPack_4_1_2\WpdPack\Include'
I install VCForPython27.msi n Anaconda
I insert pypcap-1.1.6.tar.gz into Anaconda2\pkgs and run conda install pypcap-1.1.6.tar.gz:
Offline PC hang at Fetching package metadata:
The python select
module supports selecting on objects which provide a fileno()
method. In order to allow selecting more seamlessly on Reader
objects, I suggest adding a method like this:
def fileno(self):
return self.getfd()
I'd be happy to open a PR if this sounds like something that could get merged.
Error on the latest distutils
Collecting pcapy
Using cached pcapy-0.11.4.tar.gz (37 kB)
Preparing metadata (setup.py) ... error
error: subprocess-exited-with-error
× python setup.py egg_info did not run successfully.
│ exit code: 1
╰─> [6 lines of output]
Traceback (most recent call last):
File "<string>", line 2, in <module>
File "<pip-setuptools-caller>", line 34, in <module>
File "/tmp/pip-install-3hwz7mz1/pcapy_78572af867a84aadad6f1c4be2d457c3/setup.py", line 49, in <module>
save_init_posix = sysconfig._init_posix
AttributeError: module 'distutils.sysconfig' has no attribute '_init_posix'
[end of output]
note: This error originates from a subprocess, and is likely not a problem with pip.
error: metadata-generation-failed
× Encountered error while generating package metadata.
╰─> See above for output.
note: This is an issue with the package mentioned above, not pip.
hint: See above for details.
Seems like the _init_posix was removed since it is an internal function it is not promised to stay the same, any chance fixing it?
pypa/setuptools#3220
Hello! Just tried upgrading from 0.11.1 to 0.11.2 and I'm getting a failure, I think below is the relevant part of the log, but I can include more if necessary:
creating build/lib.macosx-10.13-x86_64-2.7
clang++ -bundle -undefined dynamic_lookup -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.13.sdk build/temp.macosx-10.13-x86_64-2.7/pcapdumper.o build/temp.macosx-10.13-x86_64-2.7/bpfobj.o build/temp.macosx-10.13-x86_64-2.7/pcapobj.o build/temp.macosx-10.13-x86_64-2.7/pcap_pkthdr.o build/temp.macosx-10.13-x86_64-2.7/pcapy.o -lpcap -lstdc++ -o build/lib.macosx-10.13-x86_64-2.7/pcapy.so
running install_lib
copying build/lib.macosx-10.13-x86_64-2.7/pcapy.so -> /Users/pcloke/.virtualenvs/my_proj/lib/python2.7/site-packages
running install_data
creating /Users/pcloke/.virtualenvs/my_proj/share/doc/pcapy
copying README -> /Users/pcloke/.virtualenvs/my_proj/share/doc/pcapy
copying LICENSE -> /Users/pcloke/.virtualenvs/my_proj/share/doc/pcapy
copying pcapy.html -> /Users/pcloke/.virtualenvs/my_proj/share/doc/pcapy
creating /Users/pcloke/.virtualenvs/my_proj/share/doc/pcapy/tests
error: can't copy 'tests/pcapytests.py': doesn't exist or not a regular file
I suspect that 7c5e051 is the cause.
I'm seeing this on both Mac and Ubuntu. Any help would be appreciated! Thanks. 👍
Hi,
Would it be possible to bind the pcap_close(pcap_t *handle)
bound to a module function, or even better, a Reader
method, so that we can do:
pcapread = pcap.open_live([...])
[...]
pcapread.close()
Or maybe I've missed how to do that with the current code?
These lines:
Lines 48 to 49 in 0c58209
are causing AttributeError: module 'distutils.sysconfig' has no attribute '_init_posix'
. Unfortunately, it's not enough to change it to just import sysconfig because then it produces:
File "/usr/lib/python3.11/site-packages/setuptools/command/build_ext.py", line 24, in <module>
get_config_var("LDSHARED")
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/setuptools/_distutils/sysconfig.py", line 549, in get_config_var
return get_config_vars().get(name)
^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/setuptools/_distutils/sysconfig.py", line 528, in get_config_vars
_config_vars = sysconfig.get_config_vars().copy()
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.11/sysconfig.py", line 688, in get_config_vars
_init_posix(_CONFIG_VARS)
^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: my_init_posix() takes 0 positional arguments but 1 was given
I'm building it with setuptools 62.6.0.
Hello,
We are studying a cleanup in scapy's code, and were comparing currently "up-to-date" python libpcap implementations, to see which were outdated. (Indeed we are currently supporting python-pypcap, python-libpcap, pcapy, dnet and dumbnet)
Pcapy is one of the most up-to-date and maintained alternatives we have, and really is a great tool. However, unlike python-libpcap
or python-pypcap
(PR), pcapy has no support for monitor mode (pcap_set_rfmon
)
As said by @guyharris in #19 (comment), it would require a deeper implementation, that is currently really lacking to pcapy. This has also been reported by #17 by @martinuy. However, it seems that this is stuck since 2016...
I know that many people have other things to do, but it would really be great if CoreSecurity/pcapy had plans about supporting all those functions.
Thank you for reading, really hoping that this project will move on, and not die like all the others.
import pcapy
Traceback (most recent call last):
File "", line 1, in
File "build\bdist.win32\egg\pcapy.py", line 7, in
File "build\bdist.win32\egg\pcapy.py", line 6, in bootstrap
ImportError: DLL load failed: 找不到指定的模块。
Winpcap has already in my computer
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.