0

Documentation of pyshark module is very modest. Can you help me with understanding basic ouput of my code?

import pyshark


capture = pyshark.LiveCapture(interface='eno1')
for packet in capture.sniff_continuously(packet_count=1):
    if packet['eth']:
        print(packet['eth'])

And this is the example output:

Layer ETH:
Destination: ff:ff:ff:ff:ff:ff
Address: ff:ff:ff:ff:ff:ff
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
Source: 02:eb:9f:67:c9:42
Type: Unknown (0x8942)
Address: 02:eb:9f:67:c9:42
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)

What does the lines destination, address, source etc means? First destination and address are broadcast info, right?

dzudzitsu
  • 35
  • 3
  • did you have a look at this link https://thepacketgeek.com/pyshark-using-the-packet-object/ – James Li Aug 30 '19 at 06:51
  • Yes I do, but it's not answering my question. – dzudzitsu Aug 30 '19 at 07:02
  • on first page of that link i can read destination: The Layer 3 (IP, IPv6) destination address source: Layer 3 (IP, IPV6) source address etc.. could be an partial answer to your question – James Li Aug 30 '19 at 14:46

0 Answers0