veerendra2
Reputation: 2273
TCP connection state from RAW SOCKET packet sniffing
Here is my code:
ins = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, 3)
ins.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 2**30)
ins.bind((interface_name, 3))
while True:
fmt = "B"*7+"I"*21
pkt, sa_ll = self.ins.recvfrom(65535)
x = struct.unpack(fmt, ins.getsockopt(socket.IPPROTO_TCP, socket.TCP_INFO, 92))
print "===>",x
print "HEX Packet",hexlify(pkt)
process_ipframe(sa_ll[2],hexlify(pkt))
Getting socket.error: [Errno 92] Protocol not available error. Or is there any better way to get the TCP(Need only ESTAB connctions) states for the connections.
Upvotes: 1
Views: 457
Answers (1)
veerendra2
Reputation: 2273
Ok, my requirement is to get the established connections. But I was sniffing traffic on the interface for other purpose. So, I though I could get TCP states from raw sockets. But I found /proc/net/tcp: there is st field, from that I can get ESTABLISHED connections. So, I should read /proc/net/tcp continuously to get ESTAB for a specific time in different thread.
So, the answer is /proc/net/tcp. Check this question. or may I should use netfilter
Upvotes: 1
Related Questions
- Query TCP socket connection state in Python
- Packet sniffer in Python
- How to get message from incoming packets in python raw socket
- Receiving IP Packets from a raw socket
- Raw socket python packet sniffer
- Monitoring a TCP/IP connection for data
- Extract received data in a tcp socket in Python
- How to decode TCP/IP packets in python?
- sniffing network packets using python
- How to read complete IP frames from TCP socket in Python?