from scapy.all import sniff, TCP, IP, raw
import datetime
import logging
# Configure logging
logging.basicConfig(
filename="packet_capture.log",
# File to save the output
level=logging.INFO, #
Log level
format="%(asctime)s - %(message)s", # Format for log entries
datefmt="%Y-%m-%d %H:%M:%S"
# Timestamp format
)
# Define the Redpanda port (Kafka typically uses 9092;
adjust for your setup)
REDPANDA_PORT = 9092
def log_and_print(message):
"""Logs the message to a file and prints it to the
console."""
print(message)
logging.info(message)
def packet_callback(packet):
# Extract arrival
time
arrival_time =
datetime.datetime.now()
# Check if the
packet has IP and TCP layers
if IP in packet
and TCP in packet:
# Extract
general packet details
ip_src =
packet[IP].src
ip_dst =
packet[IP].dst
tcp_sport =
packet[TCP].sport
tcp_dport =
packet[TCP].dport
iface =
packet.sniffed_on if hasattr(packet, 'sniffed_on') else "Unknown
Interface"
ttl =
packet[IP].ttl
total_length =
packet[IP].len
# Extract
TCP-specific details
seq =
packet[TCP].seq
ack =
packet[TCP].ack
window =
packet[TCP].window
flags =
packet.sprintf("%TCP.flags%")
# TCP flags as a string
checksum =
packet[TCP].chksum
# Log detailed
packet info
log_and_print(f"Interface: {iface} | IP Packet:
{ip_src}:{tcp_sport} -> {ip_dst}:{tcp_dport} | Protocol: TCP")
log_and_print(f" Packet
Length: {total_length} bytes | TTL: {ttl} | Checksum: {hex(checksum)}")
log_and_print(f" Sequence
Number: {seq} | Acknowledgment Number: {ack} | Window Size: {window}")
log_and_print(f" Flags:
{flags}")
# Extract and
log raw packet data
raw_data =
raw(packet)
log_and_print(f"Raw Packet Data: {raw_data.hex()}")
# Check if
traffic is for Redpanda
if tcp_dport
== REDPANDA_PORT or tcp_sport == REDPANDA_PORT:
try:
#
Decode payload as UTF-8
payload = raw_data.decode("utf-8")
#
Assuming message has a timestamp in nanoseconds as the first field
source_time_ns = int(payload.split(",")[0]) # Adjust based on message format
source_time = datetime.datetime.fromtimestamp(source_time_ns / 1e9)
#
Calculate latency
latency = (arrival_time - source_time).total_seconds() * 1000 # Convert to milliseconds
# Log
latency details
log_and_print(f" Redpanda
Message: {payload}")
log_and_print(f" Source
Time: {source_time}, Latency: {latency:.2f} ms")
except
Exception as e:
log_and_print(f" Error
decoding Redpanda message: {e}")
log_and_print("-" * 50)
# Start sniffing packets
log_and_print("Starting packet capture... Press Ctrl+C
to stop.")
sniff(filter="tcp", prn=packet_callback,
store=False, iface="any")
Explanation of Changes
- Logging
Setup:
- The logging.basicConfig
function is configured to:
- Save
log messages to a file (packet_capture.log).
- Include
timestamps and message formatting.
- log_and_print
Function:
- A
helper function that:
- Prints
the message to the console.
- Logs
the same message to the file using logging.info.
- Output
to File:
- All
relevant output (packet details, raw data, and decoded messages) is saved
in packet_capture.log.
- File
Format:
- The
log file will contain each entry with a timestamp and message, making it
easy to analyze later.
2024-11-25 14:15:18 - Starting packet capture... Press
Ctrl+C to stop.
2024-11-25 14:15:20 - Interface: wlan0 | IP Packet:
192.168.1.10:52345 -> 192.168.1.20:9092 | Protocol: TCP
2024-11-25 14:15:20 -
Packet Length: 60 bytes | TTL: 64 | Checksum: 0x8c7b
2024-11-25 14:15:20 -
Sequence Number: 123456789 | Acknowledgment Number: 987654321 | Window
Size: 64240
2024-11-25 14:15:20 -
Flags: PA
2024-11-25 14:15:20 - Raw Packet Data:
4500003c1a2b400040067dabc0a8010ac0a80114
2024-11-25 14:15:20 -
Redpanda Message: 1698322918123456789,Hello, World!
2024-11-25 14:15:20 -
Source Time: 2024-11-25 14:15:18.123456, Latency: 22.22 ms
2024-11-25 14:15:20 -
--------------------------------------------------
No comments:
Post a Comment