I am trying to make a filter for packets that contain HTTP data, yet I don't have a clue on how to do so.
I.E. Is there a way to filter packets using Scapy that are only HTTP?
Any help is appreciated.
Yes there is, with the .haslayer function and a bit of parsing:
methods=['GET','POST','HEAD','PUT','DELETE','CONNECT','OPTIONS','TRACE']#Define http methods s=sniff(1)#sniff one packet to parse you can put this in a loop a= a.append(s) if a.haslayer(TCP):#Checks for TCP protocol if a.dport == 80:#Checks for http port 80 if a.haslayer(Raw):#Checks if packet has payload r=a[Raw].load for i in methods:#Checks if any of the http methods are present in load, if there are it prints to screen if i in r: print r