def test_pcap_dump(self): total_len = 24 #sizeof(sturct pcap_file_header) pkthdr_len = 16 #sizeof(struct pcap_pkthdr) for data in dump_data: pkthdr = ptypes.pcap_pkthdr() pkthdr_p = ptypes.pcap_pkthdr_p(pkthdr) pkthdr.caplen = len(data) pkthdr.len = len(data) now = time.time() pkthdr.ts.tv_sec = int(now) pkthdr.ts.tv_usec = int(now * 1000 * 1000)%(1000*1000) pcap.pcap_dump (self.pdumper, pkthdr_p, data) ft = pcap.pcap_dump_ftell(self.pdumper) self.assertEqual(total_len + len(data) + pkthdr_len, ft) total_len += len(data) + pkthdr_len
def test_pcap_dump(self): total_len = 24 #sizeof(sturct pcap_file_header) pkthdr_len = 16 #sizeof(struct pcap_pkthdr) for data in dump_data: pkthdr = ptypes.pcap_pkthdr() pkthdr_p = ptypes.pcap_pkthdr_p(pkthdr) pkthdr.caplen = len(data) pkthdr.len = len(data) now = time.time() pkthdr.ts.tv_sec = int(now) pkthdr.ts.tv_usec = int(now * 1000 * 1000) % (1000 * 1000) pcap.pcap_dump(self.pdumper, pkthdr_p, data) ft = pcap.pcap_dump_ftell(self.pdumper) self.assertEqual(total_len + len(data) + pkthdr_len, ft) total_len += len(data) + pkthdr_len
def dump(): hpcap = pcap.pcap_open_dead(ptypes.LINKTYPE_ETHERNET, 65535) pdumper = pcap.pcap_dump_open(hpcap, './test.pcap') data = b'11111111111111111111111111111111111111111111' pkthdr = ptypes.pcap_pkthdr() pkthdr.caplen = len(data) pkthdr.len = len(data) now = time.time() pkthdr.ts.tv_sec = int(now) pkthdr.ts.tv_usec = int(now * 1000 * 1000) % (1000 * 1000) pcap.pcap_dump(pdumper, ptypes.pcap_pkthdr_p(pkthdr), data) pcap.pcap_dump_flush(pdumper) pcap.pcap_dump_close(pdumper) pcap.pcap_close(hpcap)
def dump(): hpcap = pcap.pcap_open_dead(ptypes.LINKTYPE_ETHERNET, 65535) pdumper = pcap.pcap_dump_open(hpcap, './test.pcap') data = b'11111111111111111111111111111111111111111111' pkthdr = ptypes.pcap_pkthdr() pkthdr.caplen = len(data) pkthdr.len = len(data) now = time.time() pkthdr.ts.tv_sec = int(now) pkthdr.ts.tv_usec = int(now * 1000 * 1000)%(1000*1000) pcap.pcap_dump(pdumper, ptypes.pcap_pkthdr_p(pkthdr), data) pcap.pcap_dump_flush(pdumper) pcap.pcap_dump_close(pdumper) pcap.pcap_close(hpcap)
def pcap_next_ex(hpcap): '''Read a packet from an interface or from an offline capture. return (None, None) if no packets were read from a live capture or if the timeout set with pcap_open_live() has elapsed raise PcapError if an error occured ''' pkthdr_p = pcap_pkthdr_p() data = c_ubyte_p() retcode = _pcap.pcap_next_ex(hpcap, pointer(pkthdr_p), pointer(data)) if retcode == 1: #1 if the packet has been read without problems return (pkthdr_p.contents, string_at(data, pkthdr_p.contents.caplen)) elif retcode == 0 or retcode == -2: #0 if the timeout set with pcap_open_live() has elapsed. #-2 if EOF was reached reading from an offline capture return (None, None) else: #-1 if an error occurred raise PcapError(pcap_geterr(hpcap))