-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmonitoringPackets.py
26 lines (25 loc) · 1.17 KB
/
monitoringPackets.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
import pyshark
import time
import ipaddress
def get_packets(networkInterface, numberOfPackets):
# define capture object
capture = pyshark.LiveCapture(interface=networkInterface)
## listen for number of packets defined in the configuration filtered to only include traffic originating at a private ip
print(f"listening for {numberOfPackets} packets on {networkInterface}")
packets = []
for packet in capture.sniff_continuously(packet_count=numberOfPackets):
# get timestamp
localtime = time.asctime(time.localtime(time.time()))
# adjusted output
try:
protocol = packet.transport_layer
# get packet content
src_addr = packet.ip.src # source address
if ipaddress.ip_address(src_addr).is_private == True:
dstport = packet[protocol].dstport
if int(dstport) < 10000: # source private
packets.append(packet)
print (" %s %s IP %s:%s <-> %s:%s (%s)" % (packet.eth.src, localtime, src_addr, packet[protocol].srcport, packet.ip.dst, dstport, protocol))
except AttributeError as e:
pass
return packets