from scapy.all import * #pull in all of scapy -- you could do it other ways, but this makes it isomorphic to using scapy command line
import socket
import sys
import time

def main():
	if len(sys.argv) > 1: #if we have a command line argument
		try:
			packets: PacketList = rdpcap(sys.argv[1])
			#rdpcap is how we read a previously captured pcap file
		except:
			print("File read failure: %s not found" % sys.argv[1])
			sys.exit(1)
	else:
		print("Need a pcap file to read!")
		sys.exit(1)
	#bpf = 'tcp and src host 192.168.86.228 and src port 80 and dst host 192.168.86.167'
	#filtered = packets.filter(bpf)
	#print(packets) #this gives us a nice summary of what we have in the pcap file

	for p in packets[:5]: #let's only look at the first 100
		packet : Packet = p
		#we can filter based on what scapy calls "layers"
		#each layer is a portion of a packet
		#so a DNS packet would have an IP layer, a UDP layer, and a DNS layer
		#ICMP would be IP, TCP, ICMP layers
		#and because we're on an ethernet network, all of the above also has an ether layer
		#let's not print DNS packets
		#if not packet.haslayer(DNS):
		# print(packet.summary)
		lsc()
		#packet.show() #print the contents of the packet
		#print(packet.summary()) #we also can print out a summary of the packet, similar to tcpdump default output
		time.sleep(0.2) #small pause between packets


if __name__ == '__main__':
	main()