Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

sniff traffic on a particular port using scapy

Ok so I have client and a server code.

The server code looks like this :

import socket
import sys

HOST = ''   
PORT = 5555

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print 'Socket created'

#Bind socket to local host and port
try:
    s.bind((HOST, PORT))
except socket.error as msg:
    print 'Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1]
    sys.exit()

print 'Socket bind complete'

#Start listening on socket
s.listen(10)
print 'Socket now listening'

#now keep talking with the client
while 1:
    conn, addr = s.accept()
    print 'Connected with ' + addr[0] + ':' + str(addr[1])
    data = conn.recv(10000)
    print data
s.close()

Now what I wanna be able to do is to conduct some analysis on these incoming packets on that socket (port 5555). Basically I want extract header flags. I was trying to do this using scapy function sniff() as found here Fetch source address and port number of packet - Scapy script

only i wanna be able to just sniff packets coming in on that port .. not any other traffic.

How do I go about doing this ?

like image 701
sukhvir Avatar asked Jul 29 '14 10:07

sukhvir


1 Answers

The following will capture all packets with destination port number equal to 5555 on all available interfaces.

sniff(filter = 'dst port 5555')

You can of course specify the interface that you wish to sniff on by specifying the iface parameter.

like image 149
wookie919 Avatar answered Sep 21 '22 05:09

wookie919