[Python] dpkt 설치하기

dpkt

Install

python setup.py install

Example

import dpkt

counter = 0
ipcounter = 0
tcpcounter = 0
udpcounter = 0

filename = 'sampledata.pcap'

for ts, pkt in dpkt.pcap.Reader(open(filename,'r')):

    counter += 1
    eth = dpkt.ethernet.Ethernet(pkt) 
    if eth.type != dpkt.ethernet.ETH_TYPE_IP:
        continue

    ip = eth.data
    ipcounter += 1

    if ip.p == dpkt.ip.IP_PROTO_TCP: 
        tcpcounter += 1

    if ip.p == dpkt.ip.IP_PROTO_UDP:
        udpcounter += 1

print "Total number of packets in the pcap file: ", counter
print "Total number of ip packets: ", ipcounter
print "Total number of tcp packets: ", tcpcounter
print "Total number of udp packets: ", udpcounter

References

1. https://github.com/kbandla/dpkt
2. https://pypi.python.org/pypi/dpkt
3. https://dpkt.readthedocs.io/en/latest/
4. https://programtalk.com/python-examples/?api=dpkt
5. https://github.com/jeffsilverm/dpkt_doc
6. https://jon.oberheide.org/blog/2008/10/15/dpkt-tutorial-2-parsing-a-pcap-file/
7. http://www.commercialventvac.com/dpkt.html