Closed DrSchottky closed 4 years ago
What happens if you get the packets using pcapy then dissect them using Scapy ?
Scapy dissects the packets live which pcapy doesn't. That takes more processing time
About 5-10 packets/s are you sure that simply isn't the speed of how many packets are around you ? Scapy easily reaches thousands of packets per seconds..
You're right, CPU is loaded by packet parsing This (pcapy for capture + scapy for parsing) produces the same cpu load
import pcapy
from scapy.all import *
def pkt_callback(hdr, data):
print("probe-req")
print(RadioTap(data).dBm_AntSignal)
packets = pcapy.open_live("mon0", 256, 1, 0)
packets.setfilter('type mgt subtype probe-req')
packets.loop(-1, pkt_callback)
With 5-10 packets/s I mean the number of probe request I'm receiveing, so the how many times callback is executed. Is packet dissecting so CPU intensive? I just need a few bytes from RadioTap header and Dot11 frame, should I write a simpler and dumber parser just for those?
Unfortunately, Python is know to be slow on the Zero W. This is not related to Scapy.
Hi, I'm using scapy (2.4.3) to sniff 802.11 frames on a Raspberry Pi 0W running Raspbian Stretch (Linux 4.19.66+, Python 3.5.3) Even with simple scripts like this
I get a high system load (up to 50% of cpu usage). Frames rate isn't very high (5-10/s), and an equivalent script made with other libs (like pcapy) has a CPU usage close to 0% Is it a normal behaviour?