def test_pcap_dump(self):
total_len = 24 #sizeof(sturct pcap_file_header)
pkthdr_len = 16 #sizeof(struct pcap_pkthdr)
for data in dump_data:
pkthdr = ptypes.pcap_pkthdr()
pkthdr_p = ptypes.pcap_pkthdr_p(pkthdr)
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000)%(1000*1000)
pcap.pcap_dump (self.pdumper, pkthdr_p, data)
ft = pcap.pcap_dump_ftell(self.pdumper)
self.assertEqual(total_len + len(data) + pkthdr_len, ft)
total_len += len(data) + pkthdr_len
def test_pcap_dump(self):
total_len = 24 #sizeof(sturct pcap_file_header)
pkthdr_len = 16 #sizeof(struct pcap_pkthdr)
for data in dump_data:
pkthdr = ptypes.pcap_pkthdr()
pkthdr_p = ptypes.pcap_pkthdr_p(pkthdr)
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000) % (1000 * 1000)
pcap.pcap_dump(self.pdumper, pkthdr_p, data)
ft = pcap.pcap_dump_ftell(self.pdumper)
self.assertEqual(total_len + len(data) + pkthdr_len, ft)
total_len += len(data) + pkthdr_len
def dump():
hpcap = pcap.pcap_open_dead(ptypes.LINKTYPE_ETHERNET, 65535)
pdumper = pcap.pcap_dump_open(hpcap, './test.pcap')
data = b'11111111111111111111111111111111111111111111'
pkthdr = ptypes.pcap_pkthdr()
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000) % (1000 * 1000)
pcap.pcap_dump(pdumper, ptypes.pcap_pkthdr_p(pkthdr), data)
pcap.pcap_dump_flush(pdumper)
pcap.pcap_dump_close(pdumper)
pcap.pcap_close(hpcap)
def dump():
hpcap = pcap.pcap_open_dead(ptypes.LINKTYPE_ETHERNET, 65535)
pdumper = pcap.pcap_dump_open(hpcap, './test.pcap')
data = b'11111111111111111111111111111111111111111111'
pkthdr = ptypes.pcap_pkthdr()
pkthdr.caplen = len(data)
pkthdr.len = len(data)
now = time.time()
pkthdr.ts.tv_sec = int(now)
pkthdr.ts.tv_usec = int(now * 1000 * 1000)%(1000*1000)
pcap.pcap_dump(pdumper, ptypes.pcap_pkthdr_p(pkthdr), data)
pcap.pcap_dump_flush(pdumper)
pcap.pcap_dump_close(pdumper)
pcap.pcap_close(hpcap)
def pcap_next(hpcap):
'''Return the next available pcap_pkthdr and packet.
pcap_next() reads the next packet (by calling pcap_dispatch() with a cnt of 1) and returns a touple(pcap_pkthdr, packet) .
(None, None) is returned if an error occured, or if no packets were read from a live capture
(if, for example, they were discarded because they didn't pass the packet filter, or if,
on platforms that support a read timeout that starts before any packets arrive,
the timeout expires before any packets arrive,
or if the file descriptor for the capture device is in non-blocking mode and no packets were available to be read),
or if no more packets are available in a ``savefile.'' Unfortunately,
there is no way to determine whether an error occured or not.
'''
_pcap.pcap_next.restype = c_ubyte_p
pkthdr = pcap_pkthdr()
data = _pcap.pcap_next(hpcap, pointer(pkthdr))
if data:
return (pkthdr, string_at(data, pkthdr.caplen))
else:
return (None, None)
def pcap_next(hpcap):
'''Return the next available pcap_pkthdr and packet.
pcap_next() reads the next packet (by calling pcap_dispatch() with a cnt of 1) and returns a touple(pcap_pkthdr, packet) .
(None, None) is returned if an error occured, or if no packets were read from a live capture
(if, for example, they were discarded because they didn't pass the packet filter, or if,
on platforms that support a read timeout that starts before any packets arrive,
the timeout expires before any packets arrive,
or if the file descriptor for the capture device is in non-blocking mode and no packets were available to be read),
or if no more packets are available in a ``savefile.'' Unfortunately,
there is no way to determine whether an error occured or not.
'''
_pcap.pcap_next.restype = c_ubyte_p
pkthdr = pcap_pkthdr()
data = _pcap.pcap_next(hpcap, pointer(pkthdr))
if data:
return (pkthdr, string_at(data, pkthdr.caplen))
else:
return (None, None)
