def test_pcap_dump(self):
total_len = 24 #sizeof(sturct pcap_file_header)
pkthdr_len = 16 #sizeof(struct pcap_pkthdr)
for data in dump_data:
pkthdr = ptypes.pcap_pkthdr()
pkthdr_p = ptypes.pcap_pkthdr_p(pkthdr)
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000)%(1000*1000)
pcap.pcap_dump (self.pdumper, pkthdr_p, data)
ft = pcap.pcap_dump_ftell(self.pdumper)
self.assertEqual(total_len + len(data) + pkthdr_len, ft)
total_len += len(data) + pkthdr_len
def test_pcap_dump(self):
total_len = 24 #sizeof(sturct pcap_file_header)
pkthdr_len = 16 #sizeof(struct pcap_pkthdr)
for data in dump_data:
pkthdr = ptypes.pcap_pkthdr()
pkthdr_p = ptypes.pcap_pkthdr_p(pkthdr)
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000) % (1000 * 1000)
pcap.pcap_dump(self.pdumper, pkthdr_p, data)
ft = pcap.pcap_dump_ftell(self.pdumper)
self.assertEqual(total_len + len(data) + pkthdr_len, ft)
total_len += len(data) + pkthdr_len
def dump():
hpcap = pcap.pcap_open_dead(ptypes.LINKTYPE_ETHERNET, 65535)
pdumper = pcap.pcap_dump_open(hpcap, './test.pcap')
data = b'11111111111111111111111111111111111111111111'
pkthdr = ptypes.pcap_pkthdr()
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000) % (1000 * 1000)
pcap.pcap_dump(pdumper, ptypes.pcap_pkthdr_p(pkthdr), data)
pcap.pcap_dump_flush(pdumper)
pcap.pcap_dump_close(pdumper)
pcap.pcap_close(hpcap)
def dump():
hpcap = pcap.pcap_open_dead(ptypes.LINKTYPE_ETHERNET, 65535)
pdumper = pcap.pcap_dump_open(hpcap, './test.pcap')
data = b'11111111111111111111111111111111111111111111'
pkthdr = ptypes.pcap_pkthdr()
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000)%(1000*1000)
pcap.pcap_dump(pdumper, ptypes.pcap_pkthdr_p(pkthdr), data)
pcap.pcap_dump_flush(pdumper)
pcap.pcap_dump_close(pdumper)
pcap.pcap_close(hpcap)
def pcap_next_ex(hpcap):
'''Read a packet from an interface or from an offline capture.
return (None, None) if no packets were read from a live capture or if the timeout set with pcap_open_live() has elapsed
raise PcapError if an error occured
'''
pkthdr_p = pcap_pkthdr_p()
data = c_ubyte_p()
retcode = _pcap.pcap_next_ex(hpcap, pointer(pkthdr_p), pointer(data))
if retcode == 1: #1 if the packet has been read without problems
return (pkthdr_p.contents, string_at(data, pkthdr_p.contents.caplen))
elif retcode == 0 or retcode == -2:
#0 if the timeout set with pcap_open_live() has elapsed.
#-2 if EOF was reached reading from an offline capture
return (None, None)
else: #-1 if an error occurred
raise PcapError(pcap_geterr(hpcap))
def pcap_next_ex(hpcap):
'''Read a packet from an interface or from an offline capture.
return (None, None) if no packets were read from a live capture or if the timeout set with pcap_open_live() has elapsed
raise PcapError if an error occured
'''
pkthdr_p = pcap_pkthdr_p()
data = c_ubyte_p()
retcode = _pcap.pcap_next_ex(hpcap, pointer(pkthdr_p), pointer(data))
if retcode == 1: #1 if the packet has been read without problems
return (pkthdr_p.contents, string_at(data, pkthdr_p.contents.caplen))
elif retcode == 0 or retcode == -2:
#0 if the timeout set with pcap_open_live() has elapsed.
#-2 if EOF was reached reading from an offline capture
return (None, None)
else: #-1 if an error occurred
raise PcapError(pcap_geterr(hpcap))
