def _read_a_packet(file_h, hdrp, layers=0):
"""
Reads the next individual packet from the capture file. Expects
the file handle to be somewhere after the header, on the next
per-packet header.
"""
raw_packet_header = file_h.read(16)
if not raw_packet_header or len(raw_packet_header) != 16:
return None
# in case the capture file is not the same endianness as ours, we have to
# use the correct byte order for the packet header
if hdrp[0].byteorder == 'big':
packet_header = struct.unpack('>IIII', raw_packet_header)
else:
packet_header = struct.unpack('<IIII', raw_packet_header)
(timestamp, timestamp_us, capture_len, packet_len) = packet_header
raw_packet_data = file_h.read(capture_len)
if not raw_packet_data or len(raw_packet_data) != capture_len:
return None
if layers > 0:
layers -= 1
raw_packet = linklayer.clookup(hdrp[0].ll_type)(raw_packet_data,
layers=layers)
else:
raw_packet = binascii.hexlify(raw_packet_data)
packet = pcap_packet(hdrp, timestamp, timestamp_us, capture_len,
packet_len, raw_packet)
return packet
def _read_a_packet(file_h, hdrp, layers=0):
"""
Reads the next individual packet from the capture file. Expects
the file handle to be somewhere after the header, on the next
per-packet header.
"""
raw_packet_header = file_h.read(16)
if not raw_packet_header or len(raw_packet_header) != 16:
return None
# in case the capture file is not the same endianness as ours, we have to
# use the correct byte order for the packet header
if hdrp[0].byteorder == 'big':
packet_header = struct.unpack('>IIII', raw_packet_header)
else:
packet_header = struct.unpack('<IIII', raw_packet_header)
(timestamp, timestamp_us, capture_len, packet_len) = packet_header
raw_packet_data = file_h.read(capture_len)
if not raw_packet_data or len(raw_packet_data) != capture_len:
return None
if layers > 0:
layers -= 1
raw_packet = linklayer.clookup(hdrp[0].ll_type)(raw_packet_data,
layers=layers)
else:
raw_packet = binascii.hexlify(raw_packet_data)
packet = pcap_packet(hdrp, timestamp, timestamp_us, capture_len,
packet_len, raw_packet)
return packet
def _read_a_packet(file_h, hdrp, layers=0):
"""
Reads the next individual packet from the capture file. Expects
the file handle to be somewhere after the header, on the next
per-packet header.
"""
raw_packet_header = file_h.read(16)
if raw_packet_header == '':
return None
assert len(raw_packet_header) == 16, 'Unexpected end of per-packet header.'
packet_header = struct.unpack('=IIII', raw_packet_header)
(timestamp, timestamp_ms, capture_len, packet_len) = packet_header
raw_packet_data = file_h.read(capture_len)
# if the capture file is not the same endianness as ours, we need to
# reverse the packet data
if not __endian_check__(hdrp):
raw_packet_data = raw_packet_data[::-1]
assert len(raw_packet_data) == capture_len, 'Unexpected end of packet.'
if layers > 0:
layers -= 1
raw_packet = linklayer.clookup(hdrp[0].ll_type)(raw_packet_data,
layers=layers)
else:
raw_packet = binascii.hexlify(raw_packet_data)
packet = pcap_packet(hdrp, timestamp, timestamp_ms, capture_len,
packet_len, raw_packet)
return packet
def _read_a_packet(file_h, hdrp, layers=0):
"""
Reads the next individual packet from the capture file. Expects
the file handle to be somewhere after the header, on the next
per-packet header.
"""
raw_packet_header = file_h.read(16)
if raw_packet_header == '':
return None
assert len(raw_packet_header) == 16, 'Unexpected end of per-packet header.'
# in case the capture file is not the same endianness as ours, we have to
# use the correct byte order for the packet header
if hdrp[0].byteorder == 'big':
packet_header = struct.unpack('>IIII', raw_packet_header)
else:
packet_header = struct.unpack('<IIII', raw_packet_header)
# typedef struct pcaprec_hdr_s {
# guint32 ts_sec; /* timestamp seconds */
# guint32 ts_usec; /* timestamp microseconds */
# guint32 incl_len; /* number of octets of packet saved in file */
# guint32 orig_len; /* actual length of packet */
# } pcaprec_hdr_t;
(timestamp, timestamp_ms, capture_len, packet_len) = packet_header
raw_packet_data = file_h.read(capture_len)
assert len(raw_packet_data) == capture_len, 'Unexpected end of packet.'
if layers > 0:
layers -= 1
raw_packet = linklayer.clookup(hdrp[0].ll_type)(raw_packet_data,
layers=layers)
else:
raw_packet = binascii.hexlify(raw_packet_data)
packet = pcap_packet(hdrp, timestamp, timestamp_ms, capture_len,
packet_len, raw_packet)
return (raw_packet_header, packet)
def test_constructor_lookup(self):
"""
Ensure the proper validation function is passed from the constructor
lookup.
"""
self.assertEqual(ethernet.Ethernet, linklayer.clookup(1))
def test_constructor_lookup(self):
"""
Ensure the proper validation function is passed from the constructor
lookup.
"""
self.assertEqual(ethernet.Ethernet, linklayer.clookup(1))
