如何按以太网 MAC 地址过滤 [英] How to filter by ethernet MAC address
本文介绍了如何按以太网 MAC 地址过滤的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
以下代码:
sniff(filter = "dst aa:bb:cc:dd:ee" )
抛出错误,因为 sniff
需要的是 IP,而不是 MAC.
throws an error because sniff
is expecting an IP, not a MAC.
那么您应该如何按 MAC 过滤?
So how are you supposed to filter by MAC?
推荐答案
为 sniff
指定一个 lfilter
怎么样?
what about specyfing a lfilter
for sniff
?
zzz = sniff(lfilter=lambda d: d.src == 'aa:bb:cc:dd:ee:ff')
dst
和 src
是嗅探消息的属性.
dst
and src
are attributes of sniffed message.
以前我发布了一个答案,其中指定了 stop_filter
.我想它对你不起作用,因为 scapy 在收到第一个与 stop_filter
中的 mac 地址匹配的数据包后会停止.lfilter
应该可以完成这项工作.
来自 sendrecv.py
:
previously i have posted an answer where stop_filter
was specified. i suppose that it wouldn't work for you, since scapy would stop after receving first packet that match the mac address from stop_filter
. lfilter
should do the job.
from sendrecv.py
:
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
这篇关于如何按以太网 MAC 地址过滤的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文