python：在OSX上使用原始套接字

Question

我在线上发现了这个代码，发现它在OSX上不起作用。有没有人知道没有使用第三方库的正确方法？

import socket 
import struct 
import binascii 
rawSocket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(0x0003)) 
while True: 
    packet = rawSocket.recvfrom(2048) 
    ethernet_header = packet[0][0:14] 
    ethernet_detailed = struct.unpack(“!6s6s2s”, ethernet_header) 
    arp_header = packet[0][14:42] 
    arp_detailed = struct.unpack(“2s2s1s1s2s6s4s6s4s”, arp_header) 
    # skip non-ARP packets 
    ethertype = ethernet_detailed[2] 
    if ethertype != ‘\x08\x06’: 
     continue 
    source_mac = binascii.hexlify(arp_detailed[5]) 
    dest_ip = socket.inet_ntoa(arp_detailed[8]) 
    if source_mac == ‘74c24671971c’: 
     print “Tide button pressed!, IP = “ + dest_ip 

apparantly OSX没有AF_PACKET或PF_PACKET和AF_INET太高级别为了这个，我想，或者至少是需要比在更换下降更加重编码。

谢谢

Answer 1

好我想出了这一个，在mac我必须使用pcap库。这是我想出的代码。

#!/usr/bin/env python2.7 

import sys, binascii, subprocess 
import dpkt, pcap, socket 

cottonelle = 'f0272d8b52c0' 

def main(): 
    name = pcap.lookupdev() 
    try: 
     pc = pcap.pcap(name) 
    except: 
     print pc.geterr() 

    try: 
     print 'listening on %s' % (pc.name) 
     for ts, pkt in pc: 
      eth = dpkt.ethernet.Ethernet(pkt) 
      ip_hdr = eth.data 
      if eth.type != dpkt.ethernet.ETH_TYPE_ARP: 
       continue 
      if binascii.hexlify(eth.src) == cottonelle: 
       subprocess.call("/usr/local/bin/stopsim", shell=True) 
    except Exception as e: 
     print e, pc.geterr() 

if __name__ == '__main__': 
    main()