Good morning, everyone,
I am trying to write a script in python that uses scapy to perform packet capture in Windows 11 environment.
The script starts if I use:
packet = scapy.sniff(iface=None, timeout=duration, filter="tcp")
but it doesn't log anything.
If I use
packet = scapy.sniff(iface=if_to_sniff, timeout=duration, filter="tcp")
instead, I get error on opening the interface.
This is my complete test script.
import os
import scapy.all as scapy
def sniff_traffic(filename, duration):
intrf = scapy.get_if_list()
intrf_path = os.path.join(os.path.dirname(os.path.abspath(__file__)), "documents", unique_code, "intrf.txt")
with open(intrf_path, "w") as f:
for item in intrf:
f.write(f"{item}\n")
if_to_sniff = scapy.get_if_list()[0]
writer = scapy.PcapWriter(filename)
while True:
packet = scapy.sniff(iface=if_to_sniff, timeout=duration, filter="tcp")
if packet is None:
break
writer.write(packet)
if __name__ == "__main__":
unique_code = "a425c5a1-c788-43db-ae2a-cb9be6e7cc6f"
pcap_path = os.path.join(os.path.dirname(os.path.abspath(__file__)), "documents", unique_code, "packets.pcap")
intrf_path = os.path.join(os.path.dirname(os.path.abspath(__file__)), "documents", unique_code, "intrf.txt")
duration = 5
sniff_traffic(pcap_path, duration)
Can anyone give me any suggestions?
How to use Scapy with python on windows 11
The issue you mentioned with
iface=Nonemay not capture packets because it defaults to the first available network interface. You should specify the network interface you want to capture on explicitly. You can usescapy.get_if_list()to see the available interfaces and then select the appropriate one.You can use
get_if_list()as you have done to list available interfaces, but make sure you choose the correct one based on your requirements.