How to get the packet arrival time using python/scapy?

Question

I am trying to write a python program using scapy to get various details of the packet such as src/dest IP/port #. As part of this I need to get the packet time of arrival and the time between packets in each direction, and the total number of packets and bytes in each direction.

It is very similar to Can reading sessions from a pcap file with Scapy be made more memory efficient

In the code below, pkttime is not working. How do I get the packet arrival time? Thanks for your help.

from scapy.all import *

pcap_file = "test.pcap"

a = rdpcap(pcap_file)

sessions = a.sessions()

for k, v in sessions.items():

    tot_packets = len(v)
   
    proto, source, dir, target = k.split()
    srcip, srcport = source.split(":")
    dstip, dstport = target.split(":")
    if dir == '>':
       direction="outbound"
    else:
       direction="inbound"
    pkttime = v.time
    print('%s,%s,%s,%s,%s,%s,%s,%s\n' % (srcip, dstip, proto, srcport,
                                          dstport, tot_packets, direction, pkttime))

It is more helpful if you elaborate on what you mean by "not working". — M. Zhang, Nov 20 '21 at 04:01
`sessions` gives you a dictionary where its values are `PacketList` (i.e., all the packets in the capture that belongs to the session key). that's why this statement - `pkttime = v.time` is wrong. If you want to print the arrival time of the first packet change this line to `pkttime = v[0].time`. — A. Bright, Nov 21 '21 at 15:55
Thank you Zhang and Bright. I was getting the error "AttributeError: 'list' object has no attribute 'time'". v[0].time works. thank you. — Plutoverse, Nov 22 '21 at 18:28

How to get the packet arrival time using python/scapy?

0 Answers0