monitor multicast traffic/IP
ElChino
elchino at cnn.cn
Tue Aug 20 15:05:35 EDT 2013
<jasonguto at gmail.com> wrote:
> I am a Network Engineer, but have been trying to teach myself Python since Cisco
> will be leverage it on new high end models, yet I am very new to programming and
> Python; however, I have a need to have the ability to monitor traffic, more
> specificity multicast packets from a few sources.
Take a look at ImPacket and Pcapy [1+2]. Using one slightly modified sample
therein, I was able to sniff out all mcast traffic here with this command:
python sniff.py %PCAP_DEVICE% "ip[16] >= 224"
I'm on a quiet home LAN, so not much mcasts here:
Ether: 1c:bd:b9:c0:63:c6 -> 01:00:5e:00:00:01
IP 10.0.0.10 -> 224.0.0.1
110a eef5 0000 0000 ........
Ether: 1c:bd:b9:c0:63:c6 -> 01:00:5e:00:00:01
IP 10.0.0.10 -> 224.0.0.1
110a eef5 0000 0000 ........
[1] http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Impacket
[2] http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Pcapy
--gv
More information about the Python-list
mailing list