Reputation: 399
Python: wrong ip is shown in packet header
I'm forwarding a machine's packets through mine. I tested with tcpdump host <machine_ip> to see if everything is alright, and it is. Now I need to capture these packets. I chose to do this with Python. Right now I'm trying to filter the packets, but the ip that is printed is different from the right one. It should've been 192.168.0.8:
import socket
from struct import *
print("Started")
with socket.socket(socket.AF_PACKET,socket.SOCK_RAW, socket.ntohs(0x0003)) as s:
while True:
packet=s.recvfrom(65565)
content=packet[0]
ip_header=unpack('!BBHHHBBH4s4s', content[:20])
source_ip=socket.inet_ntoa(ip_header[8])
print(source_ip)
The printed ones are 8.0.69.0 and 8.0.69.16, which none of these matches the expected form.
Upvotes: 0
Views: 601
Answers (1)
Reputation: 69
This is because in front of the raw data is the MAC header.
If You change the line:
ip_header=unpack('!BBHHHBBH4s4s', content[:20])
to
ip_header=unpack('!BBHHHBBH4s4s', content[14:34])
You will probably get your ip address. I said probably becase it really depends on the link layer, as there might be a vlan tag present, thus shifting the ip header even further.
Upvotes: 1
Related Questions
- Python socket returning different IP address for the same host name in local and server
- Cannot connect to socket on '' ip address. Python
- Python Socket strange IP connection from outside
- Getting the wrong IP in socket library (Python) - [Getting the information from another adapter]
- python socket issues reading ip
- python Socket server with real ip address
- socket.gethostbyname giving wrong IP
- Python- can't connect to my IP
- IP of client that connect to server
- Finding ip address using python's socket module