wireless - Scapy python script consuming too much cpu while sniffing -

i have coded wireless probe sniffer using python + scapy. i'm want use script in openwrt routers.

everytime captures probe request nearby devices, information send webservice. (mac, power , probe).

my problem high consumption of cpu. script runs quite in laptop (it takes between 50-70% of cpu), when run in openwrt router (400mhz cpu,16 ram) takes 99%. it's known bug in scapy lost of packets high loads (i have tested @ same time script in laptop , in router , router not catched available packets in air)

i made optimizations code, think there's more room improvement.

this script.

#!/usr/bin/python scapy.all import * import time import thread import requests datetime import datetime  probe_request_type=0 probe_request_subtype=4 buf={'arrival':0,'source':0,'dest':0,'pwr':0,'probe':0} uuid='1a2b3'  def packethandler(pkt):     global buf     if pkt.haslayer(dot11):         if pkt.type==probe_request_type , pkt.subtype == probe_request_subtype:             arrival= int(time.mktime(time.localtime()))             try:                 = pkt.notdecoded             except:                 extra=none              if extra!=none:                 signal_strength = -(256-ord(extra[-4:-3]))             else:                 signal_strength = -100              source = pkt.addr2             dest= pkt.addr3             pwr=signal_strength             probe=pkt.getlayer(dot11).info              if buf['source']!=source , buf['probe']!=probe:                 print 'launch %r %r %r' % (source,dest,probe)                 buf={'arrival':arrival,'source':source,'dest':dest,'pwr':pwr,'probe':probe}                  try:                     thread.start_new_thread(exporter,(arrival,source,dest,pwr,probe))                 except:                     print 'error launching thread %r' % source  def exporter (arrival,source,dest,pwr,probe):     global uuid     urlg='http://webservice.com/?arrival='+str(arrival)+'&source='+str(source)+'&dest='+str(dest)+'&pwr='+str(pwr)+'&probe='+str(probe)+'&uuid='+uuid     try:         r=requests.get(urlg)         print r.status_code         print r.content     except:         print 'error in thread:::::: %r' % source        def main():     print "[%s] starting scan"%datetime.now()     sniff(iface=sys.argv[1],prn=packethandler,store=0)  if __name__=="__main__":     main() 

[update]

after lot of reading , deep searching (it seems not many people have found full solution same issue or similar). have found can filter directly sniff function, i've added filter catch probe requests.

def main():     print "[%s] starting scan"%datetime.now()     sniff(iface=sys.argv[1],prn=packethandler, filter='link[26] = 0x40',store=0) 

in laptop runs smooth, using between 1%-3% of cpu , catching of available packets in air.

but when run on router, script throws error , crash.

traceback (most recent call last):   file "snrv2.py", line 66, in <module>     main()   file "snrv2.py", line 63, in main     sniff(iface=sys.argv[1],prn=packethandler, filter='link[26] = 0x40',store=0)   file "/usr/lib/python2.7/site-packages/scapy/sendrecv.py", line 550, in sniff     s = l2socket(type=eth_p_all, *arg, **karg)   file "/usr/lib/python2.7/site-packages/scapy/arch/linux.py", line 460, in __init__     attach_filter(self.ins, filter)   file "/usr/lib/python2.7/site-packages/scapy/arch/linux.py", line 132, in attach_filter     s.setsockopt(sol_socket, so_attach_filter, bpfh)   file "/usr/lib/python2.7/socket.py", line 224, in meth     return getattr(self._sock,name)(*args) socket.error: [errno 99] protocol not available 

i have tried using bpf filter syntax (the same used in tcpdump http://biot.com/capstats/bpf.html) , supposed can use in scapy filter syntax error.

sniff fucntion:

def main():                                                                                                                                                print "[%s] starting scan"%datetime.now()                                                                                                              sniff(iface=sys.argv[1],prn=packethandler, filter='type mgt subtype probe-req', store=0)  

error:

traceback (most recent call last):   file "snrv2.py", line 66, in <module>     main()   file "snrv2.py", line 63, in main     sniff(iface=sys.argv[1],prn=packethandler, filter='type mgt subtype probe-req', store=0)   file "/usr/lib/python2.7/site-packages/scapy/sendrecv.py", line 550, in sniff     s = l2socket(type=eth_p_all, *arg, **karg)   file "/usr/lib/python2.7/site-packages/scapy/arch/linux.py", line 460, in __init__     attach_filter(self.ins, filter)   file "/usr/lib/python2.7/site-packages/scapy/arch/linux.py", line 120, in attach_filter     raise scapy_exception("filter parse error") nameerror: global name 'scapy_exception' not defined 

in router have installed last version of scapy , tcpdump. don't know do.

i encountered similar error (socket.error: [errno 99] protocol not available) when tried use sniff() filter on netgear wndr4300.

after lot of searching on google, found reason linux kernel of router not enable config_packet. mentioned in the scapy installation guide, follows:

• make sure kernel has packet sockets selected (config_packet)
• if kernel < 2.6, make sure socket filtering selected config_filter)

if set config_packet=y when compile kernel, enable bpf underlying socket.