Pypacker incompatible with windows (AttributeError: sockets.AF_PACKET)

[SudoFlame]

Hi,

Unrelated note: First of all, I am sorry that I didn't put this issue in gitlab. However, Gitlab currently seems to have quite strong restrictions with allowed domain names for email. Apparently my email provider(s) aren't on this whitelist, lol.

When I create a psocket with Pypacker the following exception is thrown:

AttributeError: module 'socket' has no attribute 'AF_PACKET' Apparently, there is no such thing as socket.AF_PACKET for windows and the pypacker.psocket seems to rely on this.

Pypacker works fine with Linux, however for my use case I am restricted to Windows. In the FAQ it is stated that it should run on Windows as well. Therefore I think this should be an issue.

I am trying to write an UDP Sniffer / UDP Forwarding Script with Pypacker. Is there a workaround for the usage of pypacker.psocket or _socket.AFPACKET?

This would be a stripped down example of what I am currently doing:

from pypacker import psocket
from pypacker.layer12 import ethernet
from pypacker.layer3 import ip
from pypacker.layer4 import udp

def sniff(interface_name, port):
    psock = psocket.SocketHndl(iface_name=interface_name)
    for raw_bytes in psock:
        pypkt = ethernet.Ethernet(raw_bytes)
        if pypkt[ethernet.Ethernet, ip.IP, udp.UDP] is not None:
            if pypkt[udp.UDP].sport == port:
                print("packet: %r" % pypkt)

Thanks!

[mike01]

Thanks for the hint, I rarely use windows for development so this never popped up. SocketHndl is a very simple wrapper around the python socket for layer 2 sending/receiving. I'm not sure if you can do that with Python on Windows. This operating system is pretty restricted when it comes to RAW-socket, PACKET-socket and Data Link Layer programming. In general it is difficult to get the programs running under Windows and the available options are pretty limited. For that reason in general 3rd party libraries are recommended if you want to do network programming on Windows systems (and still write portable code). Best option seems to be winpcap an access via python. Hope that helps.

[SudoFlame]

Thanks for the comment. My first attempt was using scapy and that works flawlessly under windows and Python 2.7. However, it's a bit slow for my use case (basically bridging several interfaces for UDP packets). As pypacker is faster I thought I give it a try ;)

[mike01]

Yeah scapy uses Winpcap/Npcap (https://scapy.readthedocs.io/en/latest/installation.html#windows). If you want to use pypacker after all you could create the raw sockets yourself, should be ~4 extra lines of code.

[SudoFlame]

Ok, thanks for the hint. I'll look into it.