I've been messing with QQ (a Chinese chat app) and started receiving a lot of shady traffic partly because I was stupid enough to install the insecure QQ=international version.
Anyway, so I decided to write something to provide me with a diff for networks. Basically track my current n/w with marginal shady traffic and then try to track what happens when I connect. scapy seems like the internet approved version for python but I installed: pypcap https://github.com/dugsong/pypcap import pcap for ts, pkt in pcap.pcap(): print ts, `pkt` which prints a timestamp and a pkt reference. Works great. Unfortunately I want what's in the packet and took a look at: pydoc pcap class pcap(__builtin__.object) | pcap(name=None, snaplen=65535, promisc=True, timeout_ms=None, immediate=False) -> packet capture object So, what's a 'packet capture object'? It's not in pydoc and I then wasted a lot of time looking for better docs hoping it'll be in a book or in an on-line tutorial, and that's when I encountered scapy. pypcap is and egg with a .so so how do you even do anything with it? My question is: how do you guys deal with a situation like this? Do you look through the source code? Do you switch to scapy? Do you now look for books on scapy - there are quite a few, with chapters covering it. A lot of my time goes to the dogs browsing for stuff so I was wondering if that's the norm? -- https://mail.python.org/mailman/listinfo/python-list