def getIp():
global error, totalN
# 取默认网卡
# name = pcap.findalldevs()
try:
dataPack = pcap.pcap(name=NAME, promisc=True, immediate=True)
# dataPack.setfilter('udp port 9991')
# dataPack.setfilter('tcp')
logger.info('连接网卡->%s,开始抓包', NAME)
except Exception as e:
logger.error('连接网卡->%s失败,强制退出,错误信息->%s', NAME, e)
error = True
sys.exit(1)
else:
for ptime, pdata in dataPack:
totalN += 1
# 解包,获得数据链路层包
Ethernet_pack = Ethernet(pdata)
# 扩展dpkt解析ERSPAN数据
Ethernet.set_type(ETH_TYPE_ERSPAN1, Ethernet)
try:
parseTCP(Ethernet_pack)
# dataBase.insert(tags, fields)
except Exception as e:
pass
dataPack.close()
def printPcap(pcap):
# 遍历[timestamp, packet]记录的数组
for (ts, buf) in pcap:
try:
# 获取以太网部分数据
Ethernet_pack = Ethernet(buf)
Ethernet.set_type(ETH_TYPE_ERSPAN1, Ethernet)
# v = dpkt.gre.GRE(Ethernet_pack.data.data.data)
parseTCP(Ethernet_pack)
except:
print('出错')
pass
