In this last video of this section, we are going to wrap up our code analysis and test our application. But first of all, let's focus on this part of the script. As you can notice, I have added yet another confirmation message right here, stating that the sniffing process has begun. I think it is very important to let the user know in which stage of the application execution He is currently in. Next, I've used an IF Elif else block to differentiate between the case when the user wants all protocols to be considered for the capture. And the case when only one protocol ARP or boothby or ICMP is going to have its packets recorded.

So if the user enters zero at the prompt, this corresponds to the if clause, then we are going to use the sniff function, also passing several arguments to implement the desired behavior in this case, therefore in between the parentheses of sniff argument is the interface which is set to the net IE face variable where we previously stored the user's input. Next we have the counter argument, referencing the variable pointing to the number of packets that the user wants to be sniffed, converted from string to integer followed by the timeout argument in seconds, also converted to an integer. Finally, using the PRN argument, we can point to the function that we previously defined in order to have this function called for each packet. And that's it. Using these four arguments, we are calling the sniff function from within this Cappy module to start our capture. The second scenario the one described by the Edit clause is when the user picks a certain protocol and it is very similar to the scenario we just discussed.

Actually, all the arguments are pointing to the same variables as before, with one exception. The new thing here is the addition of the filter argument as you can see right here, which references the Protoss NIF various This argument is the one performing the filtering of network packets by protocol. For instance, we will have filter equals ICMP. And this will consider only ICMP packets in this case, the rest of the arguments stay the same. Finally, we have the else clause, which covers the case when the protocols that the user inputs as a prompt is not recognized, meaning any other string other than zero, ARP would be or ICMP. In that case, the program lets the user know that the protocol is invalid and quit, thus allowing the user to try again.

Last but not least, we are printing a closing message to the user pointing him or her to the log file to check the results. And in order to save the changes made to the file, we are also closing the log file right here using the close method. That's it. At this point, we are ready to start testing. So I'm going to open up the Ubuntu virtual machine. Let me log in first and the first thing to do is to create our screen or file.

So let's use the touch command touch, let's say sniff.pi. Now let's edit the file. And we're actually going to copy and paste the code from notepad plus plus on the windows host operating system to this new script on the Ubuntu machine. So let me do sudo nano, sniff dot p y, enter Python. Okay, this is the text editor. Now, I'm going to copy this entire code right here, and then I'm going to paste it.

Okay. Finally, I'm going to save this file. So Ctrl plus O, enter and Ctrl x. Let's do an ls on the current directory. And indeed, this is our script right here. And there aren't any log files currently in this folder.

Okay, next, I'm going to open yet another terminal session. Okay, from within this terminal session, I'm going to ping an IP address which doesn't belong to any device, but it is from the same subnet 10 dot 10 dot 10 dot x as the open to virtual machine. And I'm going to use a ping to a non existing device in order to generate some ARP messages as well apart from ICMP messages that we're going to generate in a bit. So I'm going to ping For example, 10 dot 10 dot 10 dot 210, which doesn't belong to any device, as I said, but for now, I'm not going to run the Ping. First of all, let's run the application itself. So we have sudo, Python three, sniff dot P, why enter.

First we are asked for the interface on which to run the sniffer, and we have NP zero s eight, enter. As you can see, the interface has been set to promiscuous mode and we have a confirmation message for that. Next, enter the number of packets to capture. Let's go with infinity and the number of seconds to run the capture. Let's say 30 seconds. This way, we will capture as many packets as possible inside this timeout of 30 seconds.

Okay, enter Now we are asked for the protocol. And again, I'm going to go with the old protocols, so zero again. And finally we have to create our log file. I'm going to name it log one dot txt, Enter. And now at this point, our application is listening for packets. I'm going to ping this to obtain some our packets.

And also from within the windows host, I'm going to issue some ICMP packets to our Ubuntu virtual machine. Okay, that's enough. Now let's wait for the timeout to expire. Okay, let's do an ls, you can see our log file being created right here. And now let's see the contents of this file cat log one dot txt. And indeed, we have our packets that have been captured, and also the ICMP packets that we initiated from our windows host.

Okay, now let's use a filter for our next test. So I'm going to run the application once again. The same interface EMP. 08 the number of packets to capture, let's go with 10 packets, the number of seconds to run the capture, let's say 30 seconds again, the protocol. Let's choose ICMP a name to the log file, let's say log two dot txt. So we are creating a new log file, enter.

Another packet capture has begun. Let me generate some other ARP messages by changing the IP address again. And also let's generate some ICMP packets once again. Okay, let's stop this as well. And now let's see the log file. So cat log two dot txt and you can see that this time we only have ICMP packets.

And no our packets have been included in this capture in this result, because we used the ICMP filter right here. Okay, so these were a couple of basic tests using our packet sniffer. Of course, many other tests can be performed and also lots of other improvements and additions. can be made to the application itself. Now it's your job to enhance the application and maybe add more functionality to this script according to your needs. You now have the necessary testing environment and also a code framework to build upon.

So I hope you enjoyed this section and I will see you soon. Cheers.