I have python, scapy peace of code that store my data into database (IP src and dst, ports, ..) which i use for some statistics. On some packets i am doing some manipulation (changing dst port) and then send them back out on interface.

Problem is that this packet i was manipulating with have different pkt.time value than original one and if I store those packets into database they have different packet time then they have originally.

Is there and option within creating UDP packet to put original pkt.time value? With this option packet manipulation delay would not cause disorder with my packets.

Any help is welcome

Below is my manipulation script

#!/usr/bin/env python

from scapy.all import *

# VARIABLES
interface = 'eth1'
filter_bpf = "port 8000"

def pkt_change(pkt):
    if pkt.haslayer(UDP):
        # --> pkt.time is packet time
        ts = pkt.time
        src  = pkt[IP].src
        dst = pkt[IP].dst
        sport = pkt[IP].sport
        dport = pkt[IP].dport
        msg = pkt[IP].load

        #### Spoof Response
        changed_pkt = Ether()/IP(dst=dst, src=src)/UDP(dport=8000, sport=sport)/msg

        sendp(changed_pkt, iface="eth1") 
        print 'Sent:', changed_pkt.summary()

# ------------------------------------------------
# start sniffing
print "Start Sniffing"
sniff(iface=interface, filter=filter_bpf, store=0, prn=pkt_change)

After creating changed_pkt, you can simply set its time attribute as follows:

changed_pkt.time = ts

Note that even after changing the packet's timestamp and sending it, the updated timestamp won't be reflected in the received packet on the other end since the timestamp is set in the receiving machine as the packet is received, as described here.

If you're interested in transmitting the packets to a remote machine, while keeping their timestamp, consider storing the manipulated packets in a pcap file and sending that file over to the other machine.