Python Network Monitoring Scripts

The following scripts are developed using Python , thsark and netstat.

The broadcast packet monitor script developed with Python and Tshark , analyzes the number of broadcast packets on the network within a certain period of time. This can be used for analyzing network traffic congestion due to broadcast issues. The tool writes all broadcast packets received during the specified time to an output file. The execution and output of the code is shown below.The script is developed using Python and tshark .

Take our Python Network programming Course for $12.99 on udemy

Python source code.

import os
print “Monitoring broadcast packets on the network for 1 minute”
b=’sudo tshark -i eth0 -R “eth.dst==FF:FF:FF:FF:FF:FF” -a duration:60>output.txt’
os.popen(b)
f=open(‘output.txt’,’r’)
print “To view the type of broadcast packets open the file output.txt”

—————————————————————————————————————
Recommended Ebook – Building Network Monitoring tools with Python and Tshark


—————————————————————————————————————-

Code execution

Python network monitoring scripts

 
 

——————————————————————————————————————-
Become a packet crafting expert with our video course – Take our Python Network programming Course for $12.99 on udemy
——————————————————————————————————————-

The ping monitor script developed with Python & Tshark analyzes the number of ping requests incoming to the system on the network for a certain period of time. The tool writes the IP address of the initiators of the ping requests by capturing their source IP addresses and writing it to an output file. The source code is shown below.

Setup Python and Tshark on the system on which monitoring has to be performed.

Python source code.

import os
b=’sudo tshark -i eth0 -R “ip.dst==192.168.1.25 && icmp.type==8” -T fields -e ip.src -a duration:30>output.txt’
print “Starting traffic monitoring for ping packets for 30 seconds”
os.popen(b)
print “To view the IP addresses open the file output.txt”

The code captures all packets which has the destination address of 192.168.1.25 (Target IP) with the appropriate icmp type for ping for a duration of 30 seconds and writes the source IP address to an output.txt file. To demonstrate the functionality of the code, the system on which the script is installed (192.168.100.20), is pinged from the IP address 192.168.100.10.

The HTTP Connection monitoring script developed with Python and netsat, displays the http connections on a Windows system and prints it to the output.

Python source code

import sys
import os
import time
a=os.popen(‘netstat -b | find “http”‘).read()
print ” \http connections “,a
input(‘Press ENTER to exit’)

Code output


——————————————————————————————————————-
Learn to build custom network monitoring tools with Python and Tshark

Buy from Amazon


——————————————————————————————————————-
Take our Python Network programming Course for $12.99 on udemy