This is the Cython encapsulated of the C libpcap library for python.
To install python-libpcap, run this command in your terminal:
$ sudo apt-get install libpcap-dev
$ pip3 install python-libpcap
Or
$ git clone https://github.com/caizhengxin/python-libpcap.git
$ cd python-libpcap
$ pip3 install -e .
# Multi-file quick merge
$ libpcap-merge -i test.pcap -o pcap.pcap port 502
$ libpcap-merge -i pcap/ -o pcap.pcap port 502
# Capture data packet
$ sudo libpcap-capture -i enp0s3 -v -p port 22
$ sudo libpcap-capture -i enp0s3 -o pcap.pcap port 22
# Write packet
$ libpcap-write --output pcap.pcap ac64175ffa41000ec6c9157e08004500004b8a1e400080060000c0a80002c0a80001c794006618e119b56ef0831d5018faf081910000030000231ee00000001d00c1020600c20f53494d415449432d524f4f542d4553c0010a
# Read packet
$ libpcap-read -i test.pcap -v -p port 502
from pylibpcap.pcap import rpcap
for len, t, pkt in rpcap("tests/dns.pcap"):
print("Time:", t)
print("Buf length:", len)
print("Buf:", pkt)
from pylibpcap import wpcap
buf = b'\x00\xc0\x9f2A\x8c\x00\xe0\x18\xb1\x0c\xad\x08\x00E\x00\x008' \
b'\x00\x00@\x00@\x11eG\xc0\xa8\xaa\x08\xc0\xa8\xaa\x14\x80\x1b' \
b'\x005\x00$\x85\xed\x102\x01\x00\x00\x01\x00\x00\x00\x00\x00' \
b'\x00\x06google\x03com\x00\x00\x10\x00\x01'
wpcap(buf, "pcap.pcap")
wpcap([buf, buf], "pcap.pcap")
Or
from pylibpcap import OpenPcap
with OpenPcap("pcap.pcap", "a") as f:
f.write(buf)
from pylibpcap.pcap import mpcap
mpcap("demo.pcap", "demo2.pcap")
mpcap("pcap/", "output.pcap", "port 502")
from pylibpcap import get_first_iface
print(get_first_iface())
from pylibpcap import get_iface_list
print(get_iface_list())
from pylibpcap import send_packet
buf = b'\x00\xc0\x9f2A\x8c\x00\xe0\x18\xb1\x0c\xad\x08\x00E\x00\x008' \
b'\x00\x00@\x00@\x11eG\xc0\xa8\xaa\x08\xc0\xa8\xaa\x14\x80\x1b' \
b'\x005\x00$\x85\xed\x102\x01\x00\x00\x01\x00\x00\x00\x00\x00' \
b'\x00\x06google\x03com\x00\x00\x10\x00\x01'
send_packet("enp2s0", buf)
from pylibpcap.pcap import sniff
for plen, t, buf in sniff("enp2s0", filters="port 53", count=-1, promisc=1, out_file="pcap.pcap"):
print("[+]: Payload len=", plen)
print("[+]: Time", t)
print("[+]: Payload", buf)
Or
from pylibpcap.base import Sniff
sniffobj = None
try:
sniffobj = Sniff("enp2s0", filters="port 53", count=-1, promisc=1, out_file="pcap.pcap")
for plen, t, buf in sniffobj.capture():
print("[+]: Payload len=", plen)
print("[+]: Time", t)
print("[+]: Payload", buf)
except KeyboardInterrupt:
pass
except LibpcapError as e:
print(e)
if sniffobj is not None:
stats = sniffobj.stats()
print(stats.capture_cnt, " packets captured")
print(stats.ps_recv, " packets received by filter")
print(stats.ps_drop, " packets dropped by kernel")
print(stats.ps_ifdrop, " packets dropped by iface")
This package was created with Cookiecutter and the caizhengxin/cookiecutter-package project template.
FAQs
Cython libpcap
We found that python-libpcap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.
Security News
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.