1

I have a twisted proxy from here: Python Twisted proxy - how to intercept packets .

It prints the HTTP data, and I would like also to intercept and examine the raw IP datgrams. How to hook the callback for the IP packets?

http://twistedmatrix.com/documents/11.0.0/api/twisted.pair.ip.IPProtocol.html

Community
  • 1
  • 1
Jakub M.
  • 32,471
  • 48
  • 110
  • 179

2 Answers2

1

Twisted doesn't include comprehensive support for operating at the IP level. There is some support for parsing IP datagrams, as you found, but no built-in support for hooking into platform support for sending or receiving these.

You might want to take a look at scapy.

Jean-Paul Calderone
  • 47,755
  • 6
  • 94
  • 122
1

Twisted doesn't have a built-in friendly way to hook in a listener on a raw IP socket (SOCK_RAW). This is for several reasons:

  • using SOCK_RAW can be tricky and it can work in non-obvious ways;
  • in most environments, using such a socket requires elevated privileges;
  • and the packets you actually get through a raw socket differ a lot between operating systems (e.g., you won't get any raw TCP-protocol IP packets on *BSD/Darwin through a raw socket, even if you're root).

The best way to capture raw datagrams in general, in a remotely portable manner, is with libpcap. Here is a link to someone who appears to have combined pcap and Twisted in a reasonably intelligent way; that may help.

the paul
  • 8,972
  • 1
  • 36
  • 53