Is there an alternative to socket.AF_PACKET for Mac OS X?

Question

I'm a programming noob following a python video tutorial to create a packet sniffer and it makes use of socket.AF_PACKET, but my system doesn't have this. I'm guessing it's because of a different operating system. Is there any simple workaround for this? Here's my code with AF_PACKET on the first line of main:

import socket
import struct
import textwrap

def main():
    conn = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.ntohs(3))

    while True:
        raw_data, addr = conn.recvfrom(65536) # biggest buffer size
        dest_mac, src_mac, eth_proto, data = ethernet_frame(raw_data)
        print('\nEthernet Frame: ')
        print('Destination: {}, Source: {}, Protocol: {}'.format(dest_mac, src_mac, eth_proto))

# Unpack ethernet frame
def ethernet_frame(data): # pass packets into this function
    dest_mac, src_mac, proto = struct.unpack('! 6s 6s H', data[:14])
    return get_mac_addr(dest_mac), get_mac_addr(src_mac), socket.htons(proto), data[14:] #htons is endian bit compatibility

# Return properly formatted MAC address (ie AA:BB:CC:DD:EE:FF)
def get_mac_addr(bytes_addr):
    bytes_str = map('{:02x}'.format, bytes_addr)   # 2 decimal places
    return ':'.join(bytes_str).upper()  # mac addr


main()

While not a Python answer, check out my answer to this question: https://stackoverflow.com/a/49413299/15809 — Mecki, Mar 21 '18 at 19:17

score -1 · Answer 1 · edited Aug 15 '16 at 00:24

-1

I assume you are using windows

Instead of AF_PACKET use AF_INET

Also instead of socket.ntohs(3) use `socket.IPPROTO_IP

edited Aug 15 '16 at 00:24

Unai Vivi

3,073
3
30
46

answered Aug 14 '16 at 22:02

Arasm

1

2

FWIW, he's not using Windows. The title and the tag both say OS X. – jweyrich Aug 14 '16 at 22:06

Is there an alternative to socket.AF_PACKET for Mac OS X?

1 Answers1