scapy.sendrecv
Functions to send and receive packets.
- class scapy.sendrecv.AsyncSniffer(*args: Any, **kwargs: Any)[source]
Bases:
objectSniff packets and return a list of packets.
- Parameters
count – number of packets to capture. 0 means infinity.
store – whether to store sniffed packets or discard them
prn – function to apply to each packet. If something is returned, it is displayed. –Ex: prn = lambda x: x.summary()
session – a session = a flow decoder used to handle stream of packets. –Ex: session=TCPSession See below for more details.
filter – BPF filter to apply.
lfilter – Python function applied to each packet to determine if further action may be done. –Ex: lfilter = lambda x: x.haslayer(Padding)
offline – PCAP file (or list of PCAP files) to read packets from, instead of sniffing them
quiet – when set to True, the process stderr is discarded (default: False).
timeout – stop sniffing after a given time (default: None).
L2socket – use the provided L2socket (default: use conf.L2listen).
opened_socket – provide an object (or a list of objects) ready to use .recv() on.
stop_filter – Python function applied to each packet to determine if we have to stop the capture after this packet. –Ex: stop_filter = lambda x: x.haslayer(TCP)
iface – interface or list of interfaces (default: None for sniffing on all interfaces).
monitor – use monitor mode. May not be available on all OS
started_callback – called as soon as the sniffer starts sniffing (default: None).
The iface, offline and opened_socket parameters can be either an element, a list of elements, or a dict object mapping an element to a label (see examples below).
For more information about the session argument, see https://scapy.rtfd.io/en/latest/usage.html#advanced-sniffing-sniffing-sessions
- Examples: synchronous
>>> sniff(filter="arp") >>> sniff(filter="tcp", ... session=IPSession, # defragment on-the-flow ... prn=lambda x: x.summary()) >>> sniff(lfilter=lambda pkt: ARP in pkt) >>> sniff(iface="eth0", prn=Packet.summary) >>> sniff(iface=["eth0", "mon0"], ... prn=lambda pkt: "%s: %s" % (pkt.sniffed_on, ... pkt.summary())) >>> sniff(iface={"eth0": "Ethernet", "mon0": "Wifi"}, ... prn=lambda pkt: "%s: %s" % (pkt.sniffed_on, ... pkt.summary()))
- Examples: asynchronous
>>> t = AsyncSniffer(iface="enp0s3") >>> t.start() >>> time.sleep(1) >>> print("nice weather today") >>> t.stop()
- stop(join: bool = True) Optional[PacketList][source]
Stops AsyncSniffer if not in async mode
- class scapy.sendrecv.SndRcvHandler(pks: SuperSocket, pkt: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], timeout: Optional[int] = None, inter: int = 0, verbose: Optional[int] = None, chainCC: bool = False, retry: int = 0, multi: bool = False, rcv_pks: Optional[SuperSocket] = None, prebuild: bool = False, _flood: Optional[_FloodGenerator] = None, threaded: bool = False, session: Optional[Union[Type[DefaultSession], DefaultSession]] = None, chainEX: bool = False)[source]
Bases:
objectUtil to send/receive packets, used by sr*(). Do not use directly.
This matches the requests and answers.
- Notes::
threaded mode: enabling threaded mode will likely break packet timestamps, but might result in a speedup when sending a big amount of packets. Disabled by default
DEVS: store the outgoing timestamp right BEFORE sending the packet to avoid races that could result in negative latency. We aren’t Stadia
- results() Tuple[SndRcvList, PacketList][source]
- scapy.sendrecv.bridge_and_sniff(if1: Union[NetworkInterface, str], if2: Union[NetworkInterface, str], xfrm12: Optional[Callable[[Packet], Union[Packet, bool]]] = None, xfrm21: Optional[Callable[[Packet], Union[Packet, bool]]] = None, prn: Optional[Callable[[Packet], Any]] = None, L2socket: Optional[Type[SuperSocket]] = None, *args: Any, **kargs: Any) PacketList[source]
Forward traffic between interfaces if1 and if2, sniff and return the exchanged packets.
- Parameters
if1 – the interfaces to use (interface names or opened sockets).
if2 –
xfrm12 – a function to call when forwarding a packet from if1 to if2. If it returns True, the packet is forwarded as it. If it returns False or None, the packet is discarded. If it returns a packet, this packet is forwarded instead of the original packet one.
xfrm21 – same as xfrm12 for packets forwarded from if2 to if1.
The other arguments are the same than for the function sniff(), except for offline, opened_socket and iface that are ignored. See help(sniff) for more.
- class scapy.sendrecv.debug[source]
Bases:
object- match = <Matched: TCP:0 UDP:0 ICMP:0 Other:0>
- recv = <Received: TCP:0 UDP:0 ICMP:0 Other:0>
- sent = <Sent: TCP:0 UDP:0 ICMP:0 Other:0>
- scapy.sendrecv.send(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], iface: Optional[Union[NetworkInterface, str]] = None, **kargs: Any) Optional[PacketList][source]
Send packets at layer 3
- Parameters
x – the packets
inter – time (in s) between two packets (default 0)
loop – send packet indefinitely (default 0)
count – number of packets to send (default None=1)
verbose – verbose mode (default None=conf.verbose)
realtime – check that a packet was sent before sending the next one
return_packets – return the sent packets
socket – the socket to use (default is conf.L3socket(kargs))
iface – the interface to send the packets on
monitor – (not on linux) send in monitor mode
- Returns
None
- scapy.sendrecv.sendp(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], iface: Optional[Union[NetworkInterface, str]] = None, iface_hint: Optional[str] = None, socket: Optional[SuperSocket] = None, **kargs: Any) Optional[PacketList][source]
Send packets at layer 2
- Parameters
x – the packets
inter – time (in s) between two packets (default 0)
loop – send packet indefinitely (default 0)
count – number of packets to send (default None=1)
verbose – verbose mode (default None=conf.verbose)
realtime – check that a packet was sent before sending the next one
return_packets – return the sent packets
socket – the socket to use (default is conf.L3socket(kargs))
iface – the interface to send the packets on
monitor – (not on linux) send in monitor mode
- Returns
None
- scapy.sendrecv.sendpfast(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], pps: Optional[float] = None, mbps: Optional[float] = None, realtime: bool = False, loop: Optional[int] = None, file_cache: bool = False, iface: Optional[Union[NetworkInterface, str]] = None, replay_args: Optional[List[str]] = None, parse_results: bool = False) Optional[Dict[str, Any]][source]
Send packets at layer 2 using tcpreplay for performance
- Parameters
pps – packets per second
mbps – MBits per second
realtime – use packet’s timestamp, bending time with real-time value
loop – number of times to process the packet list. 0 implies infinite loop
file_cache – cache packets in RAM instead of reading from disk at each iteration
iface – output interface
replay_args – List of additional tcpreplay args (List[str])
parse_results – Return a dictionary of information outputted by tcpreplay (default=False)
- Returns
stdout, stderr, command used
- scapy.sendrecv.sndrcv(*args: Any, **kwargs: Any) Tuple[SndRcvList, PacketList][source]
Scapy raw function to send a packet and receive its answer. WARNING: This is an internal function. Using sr/srp/sr1/srp is more appropriate in many cases.
- scapy.sendrecv.sndrcvflood(pks: SuperSocket, pkt: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], inter: int = 0, maxretries: Optional[int] = None, verbose: Optional[int] = None, chainCC: bool = False, timeout: Optional[int] = None) Tuple[SndRcvList, PacketList][source]
sndrcv equivalent for flooding.
- scapy.sendrecv.sniff(*args: Any, **kwargs: Any) PacketList[source]
Sniff packets and return a list of packets.
- Parameters
count – number of packets to capture. 0 means infinity.
store – whether to store sniffed packets or discard them
prn – function to apply to each packet. If something is returned, it is displayed. –Ex: prn = lambda x: x.summary()
session – a session = a flow decoder used to handle stream of packets. –Ex: session=TCPSession See below for more details.
filter – BPF filter to apply.
lfilter – Python function applied to each packet to determine if further action may be done. –Ex: lfilter = lambda x: x.haslayer(Padding)
offline – PCAP file (or list of PCAP files) to read packets from, instead of sniffing them
quiet – when set to True, the process stderr is discarded (default: False).
timeout – stop sniffing after a given time (default: None).
L2socket – use the provided L2socket (default: use conf.L2listen).
opened_socket – provide an object (or a list of objects) ready to use .recv() on.
stop_filter – Python function applied to each packet to determine if we have to stop the capture after this packet. –Ex: stop_filter = lambda x: x.haslayer(TCP)
iface – interface or list of interfaces (default: None for sniffing on all interfaces).
monitor – use monitor mode. May not be available on all OS
started_callback – called as soon as the sniffer starts sniffing (default: None).
The iface, offline and opened_socket parameters can be either an element, a list of elements, or a dict object mapping an element to a label (see examples below).
For more information about the session argument, see https://scapy.rtfd.io/en/latest/usage.html#advanced-sniffing-sniffing-sessions
- Examples: synchronous
>>> sniff(filter="arp") >>> sniff(filter="tcp", ... session=IPSession, # defragment on-the-flow ... prn=lambda x: x.summary()) >>> sniff(lfilter=lambda pkt: ARP in pkt) >>> sniff(iface="eth0", prn=Packet.summary) >>> sniff(iface=["eth0", "mon0"], ... prn=lambda pkt: "%s: %s" % (pkt.sniffed_on, ... pkt.summary())) >>> sniff(iface={"eth0": "Ethernet", "mon0": "Wifi"}, ... prn=lambda pkt: "%s: %s" % (pkt.sniffed_on, ... pkt.summary()))
- Examples: asynchronous
>>> t = AsyncSniffer(iface="enp0s3") >>> t.start() >>> time.sleep(1) >>> print("nice weather today") >>> t.stop()
- scapy.sendrecv.sr(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], promisc: Optional[bool] = None, filter: Optional[str] = None, iface: Optional[Union[NetworkInterface, str]] = None, nofilter: int = 0, *args: Any, **kargs: Any) Tuple[SndRcvList, PacketList][source]
Send and receive packets at layer 3
- Parameters
pks – SuperSocket instance to send/receive packets
pkt – the packet to send
timeout – how much time to wait after the last packet has been sent
inter – delay between two packets during sending
verbose – set verbosity level
chainCC – if True, KeyboardInterrupts will be forwarded
retry – if positive, how many times to resend unanswered packets if negative, how many times to retry when no more packets are answered
multi – whether to accept multiple answers for the same stimulus
rcv_pks – if set, will be used instead of pks to receive packets. packets will still be sent through pks
prebuild – pre-build the packets before starting to send them. Automatically enabled when a generator is passed as the packet
_flood –
threaded – if True, packets will be sent in an individual thread
session – a flow decoder used to handle stream of packets
chainEX – if True, exceptions during send will be forwarded
- scapy.sendrecv.sr1(*args: Packet, **kargs: Any) Optional[Packet][source]
Send packets at layer 3 and return only the first answer
- Parameters
pks – SuperSocket instance to send/receive packets
pkt – the packet to send
timeout – how much time to wait after the last packet has been sent
inter – delay between two packets during sending
verbose – set verbosity level
chainCC – if True, KeyboardInterrupts will be forwarded
retry – if positive, how many times to resend unanswered packets if negative, how many times to retry when no more packets are answered
multi – whether to accept multiple answers for the same stimulus
rcv_pks – if set, will be used instead of pks to receive packets. packets will still be sent through pks
prebuild – pre-build the packets before starting to send them. Automatically enabled when a generator is passed as the packet
_flood –
threaded – if True, packets will be sent in an individual thread
session – a flow decoder used to handle stream of packets
chainEX – if True, exceptions during send will be forwarded
- scapy.sendrecv.sr1flood(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], promisc: Optional[bool] = None, filter: Optional[str] = None, iface: Optional[Union[NetworkInterface, str]] = None, nofilter: int = 0, *args: Any, **kargs: Any) Optional[Packet][source]
Flood and receive packets at layer 3 and return only the first answer
- Parameters
prn – function applied to packets received
verbose – set verbosity level
nofilter – put 1 to avoid use of BPF filters
filter – provide a BPF filter
iface – listen answers only on the given interface
- scapy.sendrecv.sr_func(*args: Packet, **kargs: Any) Optional[Packet][source]
Send packets at layer 3 and return only the first answer
- Parameters
pks – SuperSocket instance to send/receive packets
pkt – the packet to send
timeout – how much time to wait after the last packet has been sent
inter – delay between two packets during sending
verbose – set verbosity level
chainCC – if True, KeyboardInterrupts will be forwarded
retry – if positive, how many times to resend unanswered packets if negative, how many times to retry when no more packets are answered
multi – whether to accept multiple answers for the same stimulus
rcv_pks – if set, will be used instead of pks to receive packets. packets will still be sent through pks
prebuild – pre-build the packets before starting to send them. Automatically enabled when a generator is passed as the packet
_flood –
threaded – if True, packets will be sent in an individual thread
session – a flow decoder used to handle stream of packets
chainEX – if True, exceptions during send will be forwarded
- scapy.sendrecv.srflood(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], promisc: Optional[bool] = None, filter: Optional[str] = None, iface: Optional[Union[NetworkInterface, str]] = None, nofilter: Optional[bool] = None, *args: Any, **kargs: Any) Tuple[SndRcvList, PacketList][source]
Flood and receive packets at layer 3
- Parameters
prn – function applied to packets received
unique – only consider packets whose print
nofilter – put 1 to avoid use of BPF filters
filter – provide a BPF filter
iface – listen answers only on the given interface
- scapy.sendrecv.srloop(pkts: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], *args: Any, **kargs: Any) Tuple[SndRcvList, PacketList][source]
Send a packet at layer 3 in loop and print the answer each time srloop(pkts, [prn], [inter], [count], …) –> None
- scapy.sendrecv.srp(x: Packet, promisc: Optional[bool] = None, iface: Optional[Union[NetworkInterface, str]] = None, iface_hint: Optional[str] = None, filter: Optional[str] = None, nofilter: int = 0, type: int = 3, *args: Any, **kargs: Any) Tuple[SndRcvList, PacketList][source]
Send and receive packets at layer 2
- Parameters
pks – SuperSocket instance to send/receive packets
pkt – the packet to send
timeout – how much time to wait after the last packet has been sent
inter – delay between two packets during sending
verbose – set verbosity level
chainCC – if True, KeyboardInterrupts will be forwarded
retry – if positive, how many times to resend unanswered packets if negative, how many times to retry when no more packets are answered
multi – whether to accept multiple answers for the same stimulus
rcv_pks – if set, will be used instead of pks to receive packets. packets will still be sent through pks
prebuild – pre-build the packets before starting to send them. Automatically enabled when a generator is passed as the packet
_flood –
threaded – if True, packets will be sent in an individual thread
session – a flow decoder used to handle stream of packets
chainEX – if True, exceptions during send will be forwarded
- scapy.sendrecv.srp1(*args: Packet, **kargs: Any) Optional[Packet][source]
Send and receive packets at layer 2 and return only the first answer
- Parameters
pks – SuperSocket instance to send/receive packets
pkt – the packet to send
timeout – how much time to wait after the last packet has been sent
inter – delay between two packets during sending
verbose – set verbosity level
chainCC – if True, KeyboardInterrupts will be forwarded
retry – if positive, how many times to resend unanswered packets if negative, how many times to retry when no more packets are answered
multi – whether to accept multiple answers for the same stimulus
rcv_pks – if set, will be used instead of pks to receive packets. packets will still be sent through pks
prebuild – pre-build the packets before starting to send them. Automatically enabled when a generator is passed as the packet
_flood –
threaded – if True, packets will be sent in an individual thread
session – a flow decoder used to handle stream of packets
chainEX – if True, exceptions during send will be forwarded
- scapy.sendrecv.srp1flood(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], promisc: Optional[bool] = None, filter: Optional[str] = None, iface: Optional[Union[NetworkInterface, str]] = None, nofilter: int = 0, *args: Any, **kargs: Any) Optional[Packet][source]
Flood and receive packets at layer 2 and return only the first answer
- Parameters
prn – function applied to packets received
verbose – set verbosity level
nofilter – put 1 to avoid use of BPF filters
filter – provide a BPF filter
iface – listen answers only on the given interface
- scapy.sendrecv.srpflood(x: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], promisc: Optional[bool] = None, filter: Optional[str] = None, iface: Optional[Union[NetworkInterface, str]] = None, iface_hint: Optional[str] = None, nofilter: Optional[bool] = None, *args: Any, **kargs: Any) Tuple[SndRcvList, PacketList][source]
Flood and receive packets at layer 2
- Parameters
prn – function applied to packets received
unique – only consider packets whose print
nofilter – put 1 to avoid use of BPF filters
filter – provide a BPF filter
iface – listen answers only on the given interface
- scapy.sendrecv.srploop(pkts: Union[List[Packet], Packet, SetGen[Packet], _PacketList[Packet]], *args: Any, **kargs: Any) Tuple[SndRcvList, PacketList][source]
Send a packet at layer 2 in loop and print the answer each time srloop(pkts, [prn], [inter], [count], …) –> None