def getIp(): global error, totalN # 取默认网卡 # name = pcap.findalldevs() try: dataPack = pcap.pcap(name=NAME, promisc=True, immediate=True) # dataPack.setfilter('udp port 9991') # dataPack.setfilter('tcp') logger.info('连接网卡->%s,开始抓包', NAME) except Exception as e: logger.error('连接网卡->%s失败,强制退出,错误信息->%s', NAME, e) error = True sys.exit(1) else: for ptime, pdata in dataPack: totalN += 1 # 解包,获得数据链路层包 Ethernet_pack = Ethernet(pdata) # 扩展dpkt解析ERSPAN数据 Ethernet.set_type(ETH_TYPE_ERSPAN1, Ethernet) try: parseTCP(Ethernet_pack) # dataBase.insert(tags, fields) except Exception as e: pass dataPack.close()
def printPcap(pcap): # 遍历[timestamp, packet]记录的数组 for (ts, buf) in pcap: try: # 获取以太网部分数据 Ethernet_pack = Ethernet(buf) Ethernet.set_type(ETH_TYPE_ERSPAN1, Ethernet) # v = dpkt.gre.GRE(Ethernet_pack.data.data.data) parseTCP(Ethernet_pack) except: print('出错') pass