Pcapy and Impacket are good software. They're Python libraries to make it easy to sniff packets and parse them, as well as create packets. Think of it like an ethereal you can easily program.
# Print out sizes of IP packets
import pcapy, impacket, impacket.ImpactDecoder
decoder = impacket.ImpactDecoder.EthDecoder()
# packets = pcapy.open_live("eth0", 1500, 0, 100)
packets = pcapy.open_offline('/tmp/cap/capture')
for i in xrange(100):
(header, data) = packets.next()
eth = decoder.decode(data)
ip = eth.child()
PS: I ran into a problem installing on Debian
ImportError: /usr/lib/python2.3/site-packages/pcapy.so: undefined symbol: __gxx_personality_v0The workaround was to link the .so with g++ instead of gcc. This is either a bug in gcc or Python distutils.