问题
I tried to sniff packets on Win10 using python. However, i find a lot of packets are actually dropped by scapy.
For example, I download a file of 2 MB from ftp, the wiresharks captures nearly 2000 packets and the scapy only captures 500.
I have tried pypcap and the result is almost the same, more than half of the packets are dropped, especially on downloading.
Is there a solution to avoid such loss and make scapy perform the same as wireshark, or there is no library on python capable of buffering a lot of packets in short time?
回答1:
You can have Scapy use tcpdump (or windump under Windows) to sniff the packets for you, using for example:
sniff(opened_socket=L2ListenTcpdump())
来源:https://stackoverflow.com/questions/47589322/how-to-sniff-all-packets-on-python-when-scapy-and-pypcap-have-serious-loss