当scapy和pypcap丢失严重时如何嗅探python上的所有数据包? [英] How to sniff all packets on python when scapy and pypcap have serious loss?
问题描述
我尝试使用 python 在 Win10 上嗅探数据包.但是,我发现很多数据包实际上被 scapy 丢弃了.
I tried to sniff packets on Win10 using python. However, i find a lot of packets are actually dropped by scapy.
例如,我从 ftp 下载了一个 2 MB 的文件,wireshark 捕获了近 2000 个数据包,而 scapy 只捕获了 500 个.
For example, I download a file of 2 MB from ftp, the wiresharks captures nearly 2000 packets and the scapy only captures 500.
我尝试过 pypcap,结果几乎一样,超过一半的数据包被丢弃,尤其是在下载时.
I have tried pypcap and the result is almost the same, more than half of the packets are dropped, especially on downloading.
是否有解决方案可以避免这种丢失并使 scapy 执行与wireshark 相同的性能,或者 python 上没有能够在短时间内缓冲大量数据包的库?
Is there a solution to avoid such loss and make scapy perform the same as wireshark, or there is no library on python capable of buffering a lot of packets in short time?
推荐答案
您可以让 Scapy 使用 tcpdump(或 Windows 下的 windump)为您嗅探数据包,例如:
You can have Scapy use tcpdump (or windump under Windows) to sniff the packets for you, using for example:
sniff(opened_socket=L2ListenTcpdump())
这篇关于当scapy和pypcap丢失严重时如何嗅探python上的所有数据包?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!