I'm trying to make a packet sniffer in Python using sockets, but whenever I run it I always get random IP addresses for my source and target. I've never seen my own IP. I made sure that I'm converting my bytes data correctly, so I don't think that's the problem.

When I look at the raw bytes data from the socket, I notice some out of place characters. Here is an example:

b'E\x00\x00\x80\x10/@\x00@\x11C\xfa\xc0\xa82\x01\xc0\xa82\xf2\x005\xda\xce\x00lay\x00\x02\x81\x83\x00\x01\x00\x00\x00\x01\x00\x00\x0216\x0280\x0244\x03239\x07inaddr\x04arpa\x00\x00\x0c\x00\x01\xc0\x15\x00\x06\x00\x01\x00\x00\x0e\x10\x00\x03sns\x03dns\x05icann\x03org\x00\x03noc\xc0;xw\xb7\x9e\x00\x00\x1c\x00\x00\x0e\x10\x00\t:\x80\x00\x00\x0e\x10'

You can very clearly see words inside of the bytes data such as:

• lay
• inaddr
• arpa
• icann
• org

I'm wondering if this is supposed to happen, or if there's a way to filter it out. I tried filtering it out manually with this code, although my IP addresses are still messed up.

def filter_data(data):
    output = b''
    last_slash = 0
    for char in str(data):
        if char == "x" and last_slash == 0:
            output += b"\\x"
            last_slash = 2
        elif last_slash > 0:
            output += bytes(char, encoding="raw_unicode_escape")
            last_slash -= 1
    output = output.decode('unicode_escape').encode("raw_unicode_escape")
    return output

Also here is my socket connection:

conn = socket.socket(socket.AF_INET, socket.SOCK_RAW)
conn.bind((HOST, 0))
conn.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)

while True:
    raw_data = conn.recv(65535)