Packet monitors

class whad.common.monitors.PcapWriterMonitor(pcap_file, monitor_reception=True, monitor_transmission=True, append=True)

PcapWriterMonitor.

Monitor allowing to export the traffic transmitted and received by the targeted connector to a PCAP file with appropriate header.

Usage:

>>> monitor = PcapWriterMonitor("mypcapfile.pcap")
>>> monitor.attach(connector)
>>> monitor.start()

close()

Performs an action when the monitor is closed or destroyed.

default_formatter(packet)

Formatter used by default, if no formatter is found in the targeted connector. It only extracts the accurate timestamp if one is available in metadata.

property packets_written

Return the number of packets already written

process_packet(packet)

Performs the monitoring action when a packet is received or transmitted by the targeted connector.

Parameters:

packet – scapy packet to process

setup()

Performs an action when the monitor is started for the first time (e.g., configuration).

class whad.common.monitors.WiresharkMonitor(monitor_reception=True, monitor_transmission=True)

WiresharkMonitor.

Runs a wireshark instance in background and monitor the traffic received and transmitted by the targeted connector. It is mainly a very basic wrapper that launches wireshark in background, creates a named fifo and populates it using underlying PcapWriterMonitor implementation.

attach(connector)

Attach to connector

close()

Performs an action when the monitor is closed or destroyed.

is_terminated() → bool

Check if wireshark process has terminated.

Returns:

True if process has terminated, False otherwise

Return type:

bool

setup()

Performs an action when the monitor is started for the first time (e.g., configuration).