dpkt


Install

python setup.py install


Example

import dpkt

counter=0
ipcounter=0
tcpcounter=0
udpcounter=0

filename='sampledata.pcap'

for ts, pkt in dpkt.pcap.Reader(open(filename,'r')):

    counter+=1
    eth=dpkt.ethernet.Ethernet(pkt) 
    if eth.type!=dpkt.ethernet.ETH_TYPE_IP:
        continue

    ip=eth.data
    ipcounter+=1

    if ip.p==dpkt.ip.IP_PROTO_TCP: 
        tcpcounter+=1

    if ip.p==dpkt.ip.IP_PROTO_UDP:
        udpcounter+=1

print "Total number of packets in the pcap file: ", counter
print "Total number of ip packets: ", ipcounter
print "Total number of tcp packets: ", tcpcounter
print "Total number of udp packets: ", udpcounter


References

  1. https://github.com/kbandla/dpkt
  2. https://pypi.python.org/pypi/dpkt
  3. https://dpkt.readthedocs.io/en/latest/
  4. https://github.com/jeffsilverm/dpkt_doc
  5. https://jon.oberheide.org/blog/2008/10/15/dpkt-tutorial-2-parsing-a-pcap-file/
  6. http://www.commercialventvac.com/dpkt.html


신고

티스토리 툴바