def merge_cap_files (pcap_file_list, out_filename, delete_src = False):
exising_pcaps = [f for f in pcap_file_list if os.path.exists(f)]
if not exising_pcaps:
print('ERROR: DP cores did not produce output files!')
return
if len(exising_pcaps) != len(pcap_file_list):
print("WARNING: not all DP cores produced output files\n")
out_pkts = []
for src in exising_pcaps:
pkts = RawPcapReader(src)
out_pkts += pkts
if delete_src:
os.unlink(src)
# sort by timestamp
out_pkts = sorted(out_pkts, key = __ts_key)
writer = RawPcapWriter(out_filename, linktype = 1)
writer._write_header(None)
for pkt in out_pkts:
writer._write_packet(pkt[0], sec=pkt[1][0], usec=pkt[1][1], caplen=pkt[1][2], wirelen=None)
def _write_pcap_files(self, iface_pkts_map):
""" Writes the collected packets to their respective interfaces.
This is done by creating a pcap file with the corresponding name. """
for iface, pkts in iface_pkts_map.items():
direction = "in"
infile = self.filename(iface, direction)
# Linktype 1 the Ethernet Link Type, see also 'man pcap-linktype'
fp = RawPcapWriter(infile, linktype=1)
fp._write_header(None)
for pkt_data in pkts:
try:
fp._write_packet(pkt_data)
except ValueError:
report_err(self.outputs["stderr"], "Invalid packet data",
pkt_data)
return FAILURE
return SUCCESS
def merge_cap_files(pcap_file_list, out_filename, delete_src=False):
if not all([os.path.exists(f) for f in pcap_file_list]):
print("failed to merge cap file list...\nnot all files exist\n")
return
out_pkts = []
for src in pcap_file_list:
pkts = RawPcapReader(src)
out_pkts += pkts
if delete_src:
os.unlink(src)
# sort by timestamp
out_pkts = sorted(out_pkts, key=__ts_key)
writer = RawPcapWriter(out_filename, linktype=1)
writer._write_header(None)
for pkt in out_pkts:
writer._write_packet(pkt[0], sec=pkt[1][0],
usec=pkt[1][1], caplen=pkt[1][2], wirelen=None)
raise getopt.GetoptError("Missing pcap file (-i)")
except getopt.GetoptError, e:
print >>sys.stderr, "ERROR: %s" % e
raise SystemExit
from scapy.config import conf
from scapy.utils import RawPcapReader, RawPcapWriter, hexdiff
from scapy.layers import all
pcap = RawPcapReader(PCAP_IN)
pcap_out = None
if PCAP_OUT:
pcap_out = RawPcapWriter(
PCAP_OUT, append=APPEND, gz=COMPRESS, linktype=pcap.linktype)
pcap_out._write_header(None)
LLcls = conf.l2types.get(pcap.linktype)
if LLcls is None:
print >>sys.stderr, " Unknown link type [%i]. Can't test anything!" % pcap.linktype
raise SystemExit
i = -1
differ = 0
failed = 0
for p1, meta in pcap:
i += 1
try:
p2d = LLcls(p1)
p2 = str(p2d)
except KeyboardInterrupt:
def main(argv):
PCAP_IN = None
PCAP_OUT = None
COMPRESS = False
APPEND = False
DIFF = False
VERBOSE = 0
try:
opts = getopt.getopt(argv, "hi:o:azdv")
for opt, parm in opts[0]:
if opt == "-h":
usage()
raise SystemExit
elif opt == "-i":
PCAP_IN = parm
elif opt == "-o":
PCAP_OUT = parm
elif opt == "-v":
VERBOSE += 1
elif opt == "-d":
DIFF = True
elif opt == "-a":
APPEND = True
elif opt == "-z":
COMPRESS = True
if PCAP_IN is None:
raise getopt.GetoptError("Missing pcap file (-i)")
except getopt.GetoptError as e:
print >> sys.stderr, "ERROR: %s" % e
raise SystemExit
from scapy.config import conf
from scapy.utils import RawPcapReader, RawPcapWriter, hexdiff
from scapy.layers import all
pcap = RawPcapReader(PCAP_IN)
pcap_out = None
if PCAP_OUT:
pcap_out = RawPcapWriter(PCAP_OUT,
append=APPEND,
gz=COMPRESS,
linktype=pcap.linktype)
pcap_out._write_header(None)
LLcls = conf.l2types.get(pcap.linktype)
if LLcls is None:
print >> sys.stderr, " Unknown link type [%i]. Can't test anything!" % pcap.linktype
raise SystemExit
i = -1
differ = 0
failed = 0
for p1, meta in pcap:
i += 1
try:
p2d = LLcls(p1)
p2 = str(p2d)
except KeyboardInterrupt:
raise
except Exception as e:
print "Dissection error on packet %i" % i
failed += 1
else:
if p1 == p2:
if VERBOSE >= 2:
print "Packet %i ok" % i
continue
else:
print "Packet %i differs" % i
differ += 1
if VERBOSE >= 1:
print repr(p2d)
if DIFF:
hexdiff(p1, p2)
if pcap_out is not None:
pcap_out.write(p1)
i += 1
correct = i - differ - failed
print "%i total packets. %i ok, %i differed, %i failed. %.2f%% correct." % (
i, correct, differ, failed, i and 100.0 * (correct) / i)
except getopt.GetoptError,e:
print >>sys.stderr,"ERROR: %s" % e
raise SystemExit
from scapy.config import conf
from scapy.utils import RawPcapReader,RawPcapWriter,hexdiff
from scapy.layers import all
pcap = RawPcapReader(PCAP_IN)
pcap_out = None
if PCAP_OUT:
pcap_out = RawPcapWriter(PCAP_OUT, append=APPEND, gz=COMPRESS, linktype=pcap.linktype)
pcap_out._write_header(None)
LLcls = conf.l2types.get(pcap.linktype)
if LLcls is None:
print >>sys.stderr," Unknown link type [%i]. Can't test anything!" % pcap.linktype
raise SystemExit
i=-1
differ=0
failed=0
for p1,meta in pcap:
i += 1
try:
p2d = LLcls(p1)
p2 = str(p2d)
def main(argv):
PCAP_IN = None
PCAP_OUT = None
COMPRESS = False
APPEND = False
DIFF = False
VERBOSE = 0
try:
opts = getopt.getopt(argv, "hi:o:azdv")
for opt, parm in opts[0]:
if opt == "-h":
usage()
raise SystemExit
elif opt == "-i":
PCAP_IN = parm
elif opt == "-o":
PCAP_OUT = parm
elif opt == "-v":
VERBOSE += 1
elif opt == "-d":
DIFF = True
elif opt == "-a":
APPEND = True
elif opt == "-z":
COMPRESS = True
if PCAP_IN is None:
raise getopt.GetoptError("Missing pcap file (-i)")
except getopt.GetoptError as e:
print("ERROR: %s" % e, file=sys.stderr)
raise SystemExit
from scapy.config import conf
from scapy.utils import RawPcapReader, RawPcapWriter, hexdiff
from scapy.layers import all # noqa: F401
pcap = RawPcapReader(PCAP_IN)
pcap_out = None
if PCAP_OUT:
pcap_out = RawPcapWriter(PCAP_OUT, append=APPEND, gz=COMPRESS, linktype=pcap.linktype) # noqa: E501
pcap_out._write_header(None)
LLcls = conf.l2types.get(pcap.linktype)
if LLcls is None:
print(" Unknown link type [%i]. Can't test anything!" % pcap.linktype, file=sys.stderr) # noqa: E501
raise SystemExit
i = -1
differ = 0
failed = 0
for p1, meta in pcap:
i += 1
try:
p2d = LLcls(p1)
p2 = str(p2d)
except KeyboardInterrupt:
raise
except Exception as e:
print("Dissection error on packet %i: %s" % (i, e))
failed += 1
else:
if p1 == p2:
if VERBOSE >= 2:
print("Packet %i ok" % i)
continue
else:
print("Packet %i differs" % i)
differ += 1
if VERBOSE >= 1:
print(repr(p2d))
if DIFF:
hexdiff(p1, p2)
if pcap_out is not None:
pcap_out.write(p1)
i += 1
correct = i - differ - failed
print("%i total packets. %i ok, %i differed, %i failed. %.2f%% correct." % (i, correct, differ, # noqa: E501
failed, i and 100.0 * (correct) / i)) # noqa: E501
