博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
测试pypcap的代码(环境:Windows, Python2.7)
阅读量:5880 次
发布时间:2019-06-19

本文共 5084 字,大约阅读时间需要 16 分钟。

hot3.png

import pcapimport sysimport stringimport timeimport socketimport struct#protocols={socket.IPPROTO_TCP:'tcp',           #socket.IPPROTO_UDP:'udp',           #socket.IPPROTO_ICMP:'icmp'}protocols={    0x00:"HOPOPT",    0x01:"ICMP",    0x02:"IGMP",    0x03:"GGP",    0x04:"IP-in-IP",    0x05:"ST",    0x06:"TCP",    0x07:"CBT",    0x08:"EGP",    0x09:"IGP",    0x0A:"BBN-RCC-MON",    0x0B:"NVP-II",    0x0C:"PUP",    0x0D:"ARGUS",    0x0E:"EMCON",    0x0F:"XNET",    0x10:"CHAOS",    0x11:"UDP",    0x12:"MUX",    0x13:"DCN-MEAS",    0x14:"HMP",    0x15:"PRM",    0x16:"XNS-IDP",    0x17:"TRUNK-1",    0x18:"TRUNK-2",    0x19:"LEAF-1",    0x1A:"LEAF-2",    0x1B:"RDP",    0x1C:"IRTP",    0x1D:"ISO-TP4",    0x1E:"NETBLT",    0x1F:"MFE-NSP",    0x20:"MERIT-INP",    0x21:"DCCP",    0x22:"3PC",    0x23:"IDPR",    0x24:"XTP",    0x25:"DDP",    0x26:"IDPR-CMTP",    0x27:"TP++",    0x28:"IL",    0x29:"IPv6",    0x2A:"SDRP",    0x2B:"IPv6-Route",    0x2C:"IPv6-Frag",    0x2D:"IDRP",    0x2E:"RSVP",    0x2F:"GRE",    0x30:"MHRP",    0x31:"BNA",    0x32:"ESP",    0x33:"AH",    0x34:"I-NLSP",    0x35:"SWIPE",    0x36:"NARP",    0x37:"MOBILE",    0x38:"TLSP",    0x39:"SKIP",    0x3A:"IPv6-ICMP",    0x3B:"IPv6-NoNxt",    0x3C:"IPv6-Opts",    0x3D:"host internal protocol", #any    0x3E:"CFTP",    0x3F:"local network", #any     0x40:"SAT-EXPAK",    0x41:"KRYPTOLAN",    0x42:"RVD",    0x43:"IPPC",    0x44:"distributed file system", #any     0x45:"SAT-MON",     0x46:"VISA",     0x47:"IPCU",     0x48:"CPNX",     0x49:"CPHB",     0x4A:"WSN",     0x4B:"PVP",     0x4C:"BR-SAT-MON",     0x4D:"SUN-ND",     0x4E:"WB-MON",     0x4F:"WB-EXPAK",     0x50:"ISO-IP",     0x51:"VMTP",     0x52:"SECURE-VMTP",     0x53:"VINES",     0x54:"TTP",     0x54:"IPTM",     0x55:"NSFNET-IGP",     0x56:"DGP",     0x57:"TCF",     0x58:"EIGRP",     0x59:"OSPF",     0x5A:"Sprite-RPC",     0x5B:"LARP",     0x5C:"MTP",     0x5D:"AX.25",     0x5E:"IPIP",     0x5F:"MICP",     0x60:"SCC-SP",     0x61:"ETHERIP",     0x62:"ENCAP",     0x63:"",     0x64:"GMTP",     0x65:"IFMP",     0x66:"PNNI",     0x67:"PIM",     0x68:"ARIS",     0x69:"SCPS",     0x6A:"QNX",     0x6B:"A/N",     0x6C:"IPComp",     0x6D:"SNP",     0x6E:"Compaq-Peer",     0x6F:"IPX-in-IP",     0x70:"VRRP",     0x71:"PGM",     0x72:"",     0x73:"L2TP",     0x74:"DDX",     0x75:"IATP",     0x76:"STP",     0x77:"SRP",     0x78:"UTI",     0x79:"SMP",     0x7A:"SM",     0x7B:"PTP",     0x7C:"IS-IS over IPv4",     0x7D:"FIRE",     0x7E:"CRTP",     0x7F:"CRUDP",     0x80:"SSCOPMCE",     0x81:"IPLT",     0x82:"SPS",     0x83:"PIPE",     0x84:"SCTP",     0x85:"FC",     0x86:"RSVP-E2E-IGNORE",     0x87:"Mobility Header",     0x88:"UDPLite",     0x89:"MPLS-in-IP",     0x8A:"manet",     0x8B:"HIP",     0x8C:"Shim6",     0x8D:"WESP",     0x8E:"ROHC", }import socketsocket.inet_ntoadef decode_ip_packet(s):    d={}    d['version']=(ord(s[0]) & 0xf0) >> 4    d['header_len']=ord(s[0]) & 0x0f    d['tos']=ord(s[1])    d['total_len']=socket.ntohs(struct.unpack('H',s[2:4])[0])    d['id']=socket.ntohs(struct.unpack('H',s[4:6])[0])    d['flags']=(ord(s[6]) & 0xe0) >> 5    d['fragment_offset']=socket.ntohs(struct.unpack('H',s[6:8])[0] & 0x1f)    d['ttl']=ord(s[8])    d['protocol']=ord(s[9])    d['checksum']=socket.ntohs(struct.unpack('H',s[10:12])[0])    d['source_address']=socket.inet_ntoa(s[12:16])     d['destination_address']=socket.inet_ntoa(s[16:20])    if d['header_len']>5:        d['options']=s[20:4*(d['header_len']-5)]    else:        d['options']=None    d['data']=s[4*d['header_len']:]    return ddef dumphex(s):    bytes = map(lambda x: '%.2x' % x, map(ord, s))    for i in xrange(0,len(bytes)/16):        print '    %s' % string.join(bytes[i*16:(i+1)*16],' ')        print '    %s' % string.join(bytes[(i+1)*16:],' ')def print_packet( data, timestamp):    if not data:        return    if data[12:14]=='\x08\x00': #IP 包        decoded=decode_ip_packet(data[14:])        print '\n%s.%f %s > %s' % (time.strftime('%H:%M',                                                 time.localtime(timestamp)),                                   timestamp % 60,                                   decoded['source_address'],                                   decoded['destination_address'])        for key in ['version', 'header_len', 'tos', 'total_len', 'id',                    'flags', 'fragment_offset', 'ttl']:            print '  %s: %d' % (key, decoded[key])        print '  protocol: %s' % protocols[decoded['protocol']]        print '  header checksum: %d' % decoded['checksum']        #print '  data:'        #dumphex(decoded['data'])if __name__=='__main__':    print ( pcap.findalldevs() )    for dev in pcap.findalldevs():        net, mask = pcap.lookupnet(dev)        print dev        print net.__repr__(),mask.__repr__()    p = pcap.pcap()    net, mask = pcap.lookupnet(dev)    try:        for timestamp, data in p:            print_packet( data, timestamp)            #print timestamp, len(data)    except KeyboardInterrupt:        print ('%s' % sys.exc_type)        print ('shutting down')

转载于:https://my.oschina.net/cppblog/blog/469183

你可能感兴趣的文章
处理 Oracle SQL in 超过1000 的解决方案
查看>>
《JAVA与模式》之简单工厂模式
查看>>
Alpha线性混合实现半透明效果
查看>>
chkconfig 系统服务管理
查看>>
一个简单的运算表达式解释器例子
查看>>
ORACLE---Unit04: SQL(高级查询)
查看>>
Entity Framework Code First 模式-建立多对多联系
查看>>
[LeetCode] Reverse Lists
查看>>
前台页面之<base>标签
查看>>
angular分页插件tm.pagination 解决触发二次请求的问题
查看>>
day08-文件操作
查看>>
教学-45 对象的相等
查看>>
贪食蛇
查看>>
关于Spring 中的事务
查看>>
为什么现在都用面向对象开发,为什么现在都用分层开发结构?
查看>>
【离散数学】 SDUT OJ 偏序关系
查看>>
写给学弟学妹的产品入门建议(持续更新)
查看>>
view视图总结
查看>>
oracle11g 数据库导出报“ EXP-00003:
查看>>
201521123009 《Java程序设计》第11周学习总结
查看>>