Question

Does anyone know how to write a live data sniffer in Python which extracts the originating IP address and the full URL that was being accessed? I have looked at pulling data from urlsnarf however IPv6 is not supported (and the connections will be to IPv6 hosts).

While I can pull data from tcpdump and greping for GET/POST that would leave me with simply the path on the webserver, and I would not obtain the associated FQDN. Unfortunately using SQUID w/ IPv6 TPROXY is not an option due to the configuration of the environment.

Does anyone have any ideas on how to do this with Python bindings for libpcap? Your help would be most appreciated :)

Thanks :)

No correct solution

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top