def main():
"""the main funtion"""
pcap_header, packet_headers, packets = rd_pcap('../baidu_on_phone.pcap')
for i in range(len(packets)):
print '----------------frame: %d------------' % (i + 1)
frame_info = Ethernet(packets[i][0:14])
frame_info.print_info()
#skip the packet that is not ip packet
if (frame_info.type != 'IP'):
continue
print '################# packet in the frame ################'
packet_info = Ip(packets[i][14:])
packet_info.print_info()
#skp the packet that is not tcp message
if (packet_info.protocol != 'TCP'):
continue
print '@@@@@@@@@@@@@@@@@@@ tcp fields @@@@@@@@@@@@@@@@@@@@'
message_info = Tcp(packet_info.packet[packet_info.header_len:])
message_info.print_info()
print
def main():
"""the main funtion"""
pcap_header, packet_headers, packets = rd_pcap("../baidu_on_phone.pcap")
for i in range(len(packets)):
print "----------------frame: %d------------" % (i + 1)
frame_info = Ethernet(packets[i][0:14])
frame_info.print_info()
# skip the packet that is not ip packet
if frame_info.type != "IP":
continue
print "################# packet in the frame ################"
packet_info = Ip(packets[i][14:])
packet_info.print_info()
# skp the packet that is not tcp message
if packet_info.protocol != "TCP":
continue
print "@@@@@@@@@@@@@@@@@@@ tcp fields @@@@@@@@@@@@@@@@@@@@"
message_info = Tcp(packet_info.packet[packet_info.header_len :])
message_info.print_info()
print
def __init__(self, file_name):
self.pcap_file_name = file_name
#read in the pcap_file and get the info below
#raw_packets: the packet reads from pcap file, it hasn't been parsed, it only hases the origin hex data
#pcap_packets: a Pcap_packet obj, it contains the data that has been parsed into layers
#tcp_stream_container: dispatch the tcp packets in the pcap file into tcp streams, and the packets in the tcp stream
# should be http packet(at least on port is 80)
#msg_list: the http messages list, after tcp reassemble
self.pcap_header, \
self.packet_headers, \
self.raw_packets = rd_pcap(self.pcap_file_name)
self.pcap_packets = []
self.tcp_stream_container = Tcp_stream_container()
#msg_list and http_list are parallel
self.msg_list = []
self.http_list = []
self._parse()
def __init__(self, file_name):
self.pcap_file_name = file_name
#read in the pcap_file and get the info below
#raw_packets: the packet reads from pcap file, it hasn't been parsed, it only hases the origin hex data
#pcap_packets: a Pcap_packet obj, it contains the data that has been parsed into layers
#tcp_stream_container: dispatch the tcp packets in the pcap file into tcp streams, and the packets in the tcp stream
# should be http packet(at least on port is 80)
#msg_list: the http messages list, after tcp reassemble
self.pcap_header, \
self.packet_headers, \
self.raw_packets = rd_pcap(self.pcap_file_name)
self.pcap_packets = []
self.tcp_stream_container = Tcp_stream_container()
#msg_list and http_list are parallel
self.msg_list = []
self.http_list = []
self._parse()