📄 nfq_dump_pcap.py
字号:
#!/usr/bin/python# need root privilegesimport structimport sysimport timefrom socket import AF_INET, AF_INET6, inet_ntoasys.path.append('python')sys.path.append('build/python')import nfqueueoutputfile = Noneoutputfilename = "dump.pcap"from scapy import Packet, PcapWriter, hexdumpwriter = Nonedef cb(i,payload): data = payload.get_data() # Add padding before packet # src mac + dst mac + 0x0800 (type: IP) pad = "\0" * 12 + "\x08\0" + data pkt = Packet(_pkt=pad) writer.write(pkt) return 1q = nfqueue.queue()q.open()q.unbind()if q.bind() != 0: q.close() raise RuntimeError("Could not bind to nfqueue")writer = PcapWriter(outputfilename)q.set_callback(cb)q.create_queue(0)try: q.try_run()except KeyboardInterrupt, e: passq.unbind()q.close()⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -