def main():
ap = argparse.ArgumentParser(
epilog=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter)
ap.add_argument(
"-n",
"--dry-run",
action="store_true",
help="Dry run; do not actually write files",
)
ap.add_argument("-b",
"--bytes",
help="Segment evey B bytes",
metavar="B",
type=int)
ap.add_argument("-p",
"--packets",
help="Segment evey P packets",
metavar="P",
type=int)
ap.add_argument(
"-s",
"--seconds",
help="Segment when first and last pcap timestamps span S seconds",
metavar="S",
type=int,
)
ap.add_argument(
"format",
help="Segment filename (should include strftime(3) time format)")
ap.add_argument("file", nargs="+", help="Packet Capture (.pcap) file(s)")
args = ap.parse_args()
if args.bytes is None and args.packets is None and args.seconds is None:
msg = "At least one of -b, -p, or -s is required."
ap.error(msg)
try:
pcap.segment(
filenames=args.file,
format=args.format,
nbytes=args.bytes,
npackets=args.packets,
nseconds=args.seconds,
dryrun=args.dry_run,
)
except KeyboardInterrupt:
log.info("Received Ctrl-C. Aborting pcap segmentation.")
except IOError as e:
log.error(str(e))
log.end()
def main():
ap = argparse.ArgumentParser(
epilog=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter)
ap.add_argument(
'-n',
'--dry-run',
action='store_true',
help='Dry run; do not actually write files',
)
ap.add_argument('-b',
'--bytes',
help='Segment evey B bytes',
metavar='B',
type=int)
ap.add_argument('-p',
'--packets',
help='Segment evey P packets',
metavar='P',
type=int)
ap.add_argument(
'-s',
'--seconds',
help='Segment when first and last pcap timestamps span S seconds',
metavar='S',
type=int)
ap.add_argument(
'format',
help='Segment filename (should include strftime(3) time format)')
ap.add_argument('file', nargs='+', help='Packet Capture (.pcap) file(s)')
args = ap.parse_args()
if args.bytes is None and args.packets is None and args.seconds is None:
msg = 'At least one of -b, -p, or -s is required.'
ap.error(msg)
try:
pcap.segment(filenames=args.file,
format=args.format,
nbytes=args.bytes,
npackets=args.packets,
nseconds=args.seconds,
dryrun=args.dry_run)
except KeyboardInterrupt:
log.info('Received Ctrl-C. Aborting pcap segmentation.')
except IOError as e:
log.error(str(e))
log.end()
def testSegmentBytes(log_info):
try:
with pcap.open(TmpFilename, 'w') as output:
for p in range(10):
output.write(str(p))
pcap.segment(TmpFilename, 'foo.pcap', nbytes=41, dryrun=True)
expected = 'Would write 41 bytes, 1 packets, 1 seconds to foo.pcap.'
assert len(log_info.call_args_list) == 10
for call in log_info.call_args_list:
assert call[0][0] == expected
finally:
os.unlink(TmpFilename)
def testSegmentPackets(log_info):
try:
with pcap.open(TmpFilename, "w") as output:
for p in range(10):
output.write(str(p))
pcap.segment(TmpFilename, "foo.pcap", npackets=5, dryrun=True)
expected = "Would write 109 bytes, 5 packets, 1 seconds to foo.pcap."
assert len(log_info.call_args_list) == 2
for call in log_info.call_args_list:
assert call[0][0] == expected
finally:
os.unlink(TmpFilename)
def testSegmentSeconds(log_info):
try:
header = pcap.PCapPacketHeader(orig_len=1)
with pcap.open(TmpFilename, 'w') as output:
for p in range(10):
header.ts_sec = p
output.write(str(p), header)
pcap.segment(TmpFilename, 'foo.pcap', nseconds=2, dryrun=True)
expected = 'Would write 58 bytes, 2 packets, 2 seconds to foo.pcap.'
assert len(log_info.call_args_list) == 5
for call in log_info.call_args_list:
assert call[0][0] == expected
finally:
os.unlink(TmpFilename)