python 抓http GET POST 客户端请求包（关键的是规则）

为了方便抓取请求，给家里智能电视提供源，做了这个，其实很多东西都可以做。

以下相当于只抓客户端150发送的包，而且只有发送包，80端口。

#!/usr/bin/env pythonfrom ctypes import *from winpcapy import *import stringimport time,os,sysimport platformos.chdir(sys.path[0])if platform.python_version()[0] == "3":raw_input=input## prototype of the packet handler## void packet_handler(u_char *dumpfile, const struct pcap_pkthdr *header, const u_char *pkt_data)PHAND=CFUNCTYPE(None,POINTER(c_ubyte),POINTER(pcap_pkthdr),POINTER(c_ubyte))## Callback function invoked by libpcap for every incoming packetdef _packet_handler(param,header,pkt_data):## save the packet on the dump fileglobal dumpfilepcap_dump(dumpfile, header, pkt_data)packet_handler=PHAND(_packet_handler)alldevs=POINTER(pcap_if_t)()d=POINTER(pcap_if_t)adhandle=pcap_terrbuf= create_string_buffer(PCAP_ERRBUF_SIZE)#dumpfile=pcap_dumper_t## Check command lineif (len(sys.argv) != 2):print ("usage: %s filename" % sys.argv[0])sys.exit(-1)## Retrieve the device list on the local machineif (pcap_findalldevs(byref(alldevs),errbuf) == -1):print ("Error in pcap_findalldevs: %s\n", errbuf.value)sys.exit(1)## Print the listi=0d=alldevs.contentswhile d:i=i+1print ("%d. %s" % (i, d.name))if (d.description):print (" (%s)\n" % (d.description))else:    print (" (No description available)\n")if d.next:    d=d.next.contentselse:    d=Falseif (i==0):print ("\nNo interfaces found! Make sure WinPcap is installed.\n")sys.exit(-1)print ("Enter the interface number (1-%d):" % (i))inum= raw_input('--> ')if inum in string.digits:inum=int(inum)else:inum=0if ((inum < 1) | (inum > i)):print ("\nInterface number out of range.\n")## Free the device listpcap_freealldevs(alldevs)sys.exit(-1)## Jump to the selected adapterd=alldevsfor i in range(0,inum-1):d=d.contents.next## Open the adapteradhandle = pcap_open_live(d.contents.name,65536,0,1000,errbuf)if (adhandle == None):print ("\nUnable to open the adapter. %s is not supported by WinPcap\n" % d.contents.name)## Free the device listpcap_freealldevs(alldevs)sys.exit(-1)#---------------------------------------fcode = bpf_program()NetMask = 0xfffffffilter = "tcp[tcpflags] & tcp-push != 0 and src net 192.168.1.150 and port 80"# 这里是关键 ## compile the filterif pcap_compile(adhandle,byref(fcode),filter,1,NetMask) < 0:    print('\nError compiling filter: wrong syntax.\n')    pcap_close(adhandle)    sys.exit(-1) ## set the filter if pcap_setfilter(adhandle,byref(fcode)) < 0:    print('\nError setting the filter\n')    pcap_close(adhandle)    sys.exit(-1)#---------------------------------------    ## Open the dump filedumpfile = pcap_dump_open(adhandle, sys.argv[1])if(dumpfile==None):print ("\nError opening output file\n")sys.exit(-1)print ("\nlistening on %s... Press Ctrl+C to stop...\n" % d.contents.description)## At this point, we no longer need the device list. Free it */pcap_freealldevs(alldevs)## start the capture */support=cast(dumpfile,POINTER(c_ubyte))while True:pcap_loop(adhandle, 5, packet_handler, support)pcap_close(adhandle);sys.exit(0)