在 pypcapfile 中从 TCP Header 获取 ByteArray
Getting ByteArray from TCP Header in pypcapfile
我想单独解析 TCP 数据包而不使用 PCAPLib 自己的数据结构。因此,我需要获取 TCP header.
的字节数组
from pcapfile import savefile
capfile = open('delta_capture.pcap')
sf = savefile.load_savefile(capfile)
for packet in sf.packets:
print packet.timestamp
print packet.packet
print packet.header # Returns a library object, I need the bytearray instead, as I want to use my own data structure and parse.
capfile.close()
我尝试调试和检查 object 结构,但看不到任何 object 存储 TCP header 中的实际字节。
变量 "packet" 的调试器结果的屏幕截图:
甚至可以在这个库中这样做吗?
无法直接访问 header 的 bytearray。解析header中的各个字段,得到整个数据包:
for packet in sf.packets:
print(packet.timestamp)
print(packet.packet)
# show header fields
print(packet.header.contents.magic) # file magic number
print(packet.header.contents.major) # major version number
print(packet.header.contents.minor) # minor version number
print(packet.header.contents.tz_off) # timezone offset
print(packet.header.contents.ts_acc) # timestamp accuracy
print(packet.header.contents.snaplen) # snapshot length
print(packet.header.contents.ll_type) # link layer header type
print(packet.header.contents.byteorder) # byte order specifier
print(packet.header.contents.ns_resolution) # nanosecond resolution
# show entire packet
print(packet.raw())
我想单独解析 TCP 数据包而不使用 PCAPLib 自己的数据结构。因此,我需要获取 TCP header.
的字节数组from pcapfile import savefile
capfile = open('delta_capture.pcap')
sf = savefile.load_savefile(capfile)
for packet in sf.packets:
print packet.timestamp
print packet.packet
print packet.header # Returns a library object, I need the bytearray instead, as I want to use my own data structure and parse.
capfile.close()
我尝试调试和检查 object 结构,但看不到任何 object 存储 TCP header 中的实际字节。
变量 "packet" 的调试器结果的屏幕截图:
甚至可以在这个库中这样做吗?
无法直接访问 header 的 bytearray。解析header中的各个字段,得到整个数据包:
for packet in sf.packets:
print(packet.timestamp)
print(packet.packet)
# show header fields
print(packet.header.contents.magic) # file magic number
print(packet.header.contents.major) # major version number
print(packet.header.contents.minor) # minor version number
print(packet.header.contents.tz_off) # timezone offset
print(packet.header.contents.ts_acc) # timestamp accuracy
print(packet.header.contents.snaplen) # snapshot length
print(packet.header.contents.ll_type) # link layer header type
print(packet.header.contents.byteorder) # byte order specifier
print(packet.header.contents.ns_resolution) # nanosecond resolution
# show entire packet
print(packet.raw())