zoukankan      html  css  js  c++  java

  • dpkt tutorial summary

    原文:http://www.commercialventvac.com/dpkt.html#mozTocId305148

    dpkt.ethernet.Ethernet

    dpkt.ethernet.Ethernet has attributes 'data', 'dst', 'get_type', 'ip', 'pack', 'pack_hdr', 'set_type', 'src', 'type', 'unpack']

    data

    Contains the data payload of the ethernet packet.

    dst

    Contains the destination address of the ethernet packet as a 6 byte strings.

    6 Byte Ethernet addresses can be converted to strings in format nn:nn:nn:nn:nn:nn with the function jeffs_dpkt.eth_addr_to_str()

    get_type

    Returns a class which is something from the Ethernet Type field

    (Pdb) print eth._typesw.keys()
    [2048, 8192, 34916, 2054, 34827, 33079, 8196, 34525]
    (Pdb) print eth._typesw.values()
    [<class 'dpkt.ip.IP'>, <class 'dpkt.cdp.CDP'>, <class 'dpkt.pppoe.PPPoE'>, <class 'dpkt.arp.ARP'>, <class 'dpkt.ppp.PPP'>, <class 'dpkt.ipx.IPX'>, <class 'dpkt.dtp.DTP'>, <class 'dpkt.ip6.IP6'>]
    (Pdb) print eth.get_type(2048)
    <class 'dpkt.ip.IP'>
    (Pdb) print eth.get_type(34525)
    <class 'dpkt.ip6.IP6'>
    (Pdb)

    src

    Contains the source address of the ethernet packet as a 6 byte string.

    type

    Returns the Ethernet type.  For example, type 2048 (0x0800) is IPv4 and 34525 (0x86DD) is IPv6.  For a complete list of Ethernet types, refer to http://www.iana.org/assignments/ethernet-numbers

    dpkt.ethernet.dpkt

    ['Error', 'NeedData', 'PackError', 'Packet', 'UnpackError', '_MetaPacket', '__builtins__', '__doc__', '__file__', '__name__', '__package__', '__vis_filter', 'array', 'copy', 'hexdump', 'in_cksum', 'in_cksum_add', 'in_cksum_done', 'itertools', 'socket', 'struct']

    dpkt.ethernet.stp
    dpkt.ethernet.struct

    dpkt.ip

    dpkt.pcap.Reader(f)

    dpkt.pcap.Reader(f) implements an iterator.  Each iteration returns a tuple which is a timestamp and a buffer.  The timestamp contains a time as a floating point number.  The buffer is a complete packet.  For example:

    #!/usr/bin/env python
    # -*- coding: utf-8 -*-

    import dpkt
    import sys 


    f = open(sys.argv[1])
    pcap = dpkt.pcap.Reader(f)
    frame_counter = 0
    for ts, buf in pcap:
        frame_counter += 1
        if frame_counter > 1 :
            print "%d: %f %f" % ( frame_counter, ts, ts - last_time )
        last_time = ts

    f.close()
  • 相关阅读:
    Java中的位运算符、移位运算符
    数据结构——树
    Java Collections工具类
    Map集合
    博客园插入bilibili视频
    TreeSet练习 根据字符串长度排序
    Java Set集合
    规划极限编程读后感(3)
    规划极限编程读后感(2)
    规划极限编程读后感(1)
  • 原文地址:https://www.cnblogs.com/lovemo1314/p/2038192.html
Copyright © 2011-2022 走看看