m-mizutani · September 2, 2011 09:13
diff --git a/dpkt_netbios_mdns.py b/dpkt_netbios_mdns.py
 #!/usr/bin/env python
 # coding: utf-8
 #----------------------------------------------------

 # packet capture & decoding
 import pcapy
 import dpkt

 class network_monitor:
    def __init__ (self):
        pass

    def start (self):
        # TODO: specify a device or select all devices
        # dev = pcapy.findalldevs()[0]
        dev = 'en1'
        p = pcapy.open_live(dev, 65536, False, 1)
        p.loop(-1, self.handle_packet)

    def handle_packet (self, header, data):
        eth = dpkt.ethernet.Ethernet (data)
 #        print "%04X" % eth.type
        if eth.type == dpkt.ethernet.ETH_TYPE_IP:
            ip = eth.data
            ip_data = ip.data
            if isinstance (ip_data, dpkt.udp.UDP):
                udp = ip_data
                if udp.sport == 137:
                    nb = dpkt.netbios.NS(udp.data)

                    print "NetBIOS:"
                    for q in nb.qd:
                        print 'qd:', dpkt.netbios.decode_name(q.name)
                    for a in nb.an:
                        print 'an:', dpkt.netbios.decode_name(a.name)
                    for n in nb.ns:
                        print 'ns:'. dpkt.netbios.decode_name(n.name)
                    
                    print ''
                
                if udp.dport == 5353:
                    mdns = dpkt.dns.DNS (udp.data)
                    print "MDNS:"
                    print mdns.qd
                    print mdns.an
                    print mdns.ns
                


 def main():
    network_monitor ().start ()

 if __name__=="__main__":
    main ()
	#!/usr/bin/env python
	# coding: utf-8
	#----------------------------------------------------

	# packet capture & decoding
	import pcapy
	import dpkt

	class network_monitor:
	def __init__ (self):
	pass

	def start (self):
	# TODO: specify a device or select all devices
	# dev = pcapy.findalldevs()[0]
	dev = 'en1'
	p = pcapy.open_live(dev, 65536, False, 1)
	p.loop(-1, self.handle_packet)

	def handle_packet (self, header, data):
	eth = dpkt.ethernet.Ethernet (data)
	# print "%04X" % eth.type
	if eth.type == dpkt.ethernet.ETH_TYPE_IP:
	ip = eth.data
	ip_data = ip.data
	if isinstance (ip_data, dpkt.udp.UDP):
	udp = ip_data
	if udp.sport == 137:
	nb = dpkt.netbios.NS(udp.data)

	print "NetBIOS:"
	for q in nb.qd:
	print 'qd:', dpkt.netbios.decode_name(q.name)
	for a in nb.an:
	print 'an:', dpkt.netbios.decode_name(a.name)
	for n in nb.ns:
	print 'ns:'. dpkt.netbios.decode_name(n.name)

	print ''

	if udp.dport == 5353:
	mdns = dpkt.dns.DNS (udp.data)
	print "MDNS:"
	print mdns.qd
	print mdns.an
	print mdns.ns



	def main():
	network_monitor ().start ()

	if __name__=="__main__":
	main ()