how can i update counter on live packets

Question

i want to update only counter fields if a new packet arrives. other fields will remain exist with no dupes and just update counter field

import pyshark 
from collections import Counter


capture = pyshark.LiveCapture(interface='wlo2', bpf_filter='arp')
capture.sniff(timeout=5)

keys = {}

e_mac = '00:00:00:00:00:00'
already_seen = []
count = Counter()

for packet in capture:
    keys['ip'] = packet.arp.dst_proto_ipv4
    keys['mac'] = packet.arp.dst_hw_mac
    seen = keys['mac'], keys['ip']
    count.update([(keys['mac'], keys['ip'])])

    if keys['mac'] not in e_mac:
       if seen not in already_seen:
           already_seen.append(seen)
        print(packet.sniff_time, count[(keys['mac'], keys['ip'])], keys['mac'], keys['ip'])

The output i receiving:

2021-12-07 11:20:59.488378 1 f8:c4:f3:56:a3:70 192.168.1.1
2021-12-07 11:21:51.942304 1 44:af:28:2c:6d:6b 192.168.1.195
2021-12-07 11:22:31.135620 1 28:d1:27:1a:12:c0 192.168.1.3

there is no update in counter as i stopping duplicate mac. if remove duplicate condition then it will start counting of every specific packet. Here i just want that counter field work dynamically and whenever i received a packet it update only counter field.

I don't understandw what you want to count. What is expected result? Show it for you example data. Using tuple `(mac,ip)` you count how many times you get then same pair `(mac, ip)` - if you want to count only how many times you get some `mac` then you should use `mac` instead of `(mac,ip)` — furas, Dec 07 '21 at 10:04
basically it just update the counter whenever the same packet(same mac and ip) arrives — roXx, Dec 07 '21 at 10:05
```2021-12-07 11:43:37.657319 1 f8:c4:f3:56:a3:70 192.168.1.1 2021-12-07 11:43:37.755687 2 f8:c4:f3:56:a3:70 192.168.1.1 2021-12-07 11:43:54.142179 1 28:d1:27:1a:12:c0 192.168.1.3 2021-12-07 11:44:01.713647 1 ff:ff:ff:ff:ff:ff 192.168.1.1 2021-12-07 11:44:27.827003 3 f8:c4:f3:56:a3:70 192.168.1.1 2021-12-07 11:44:27.926120 4 f8:c4:f3:56:a3:70 192.168.1.1 ``` — roXx, Dec 07 '21 at 10:06
so this code should count it but your example always has different pair `mac, ip` so it always get only 1. — furas, Dec 07 '21 at 10:07
always show example in question, not in comments - it will be more readable, And show what you have on exit - all packages - and what you expected on exist - counted results. — furas, Dec 07 '21 at 10:07
as form me code works correctly but you always get different pairs `(mac,ip)` so it always give `1`. To check it you should display all `mac,ip` which you get - to see on screen if you get the same `mac,ip` again. — furas, Dec 07 '21 at 10:10
the output when i don't compare the mac and ip if they are already stored. i want that it don't print mac and ip with every new count , if a new count comes it just update the counter only and override previous count — roXx, Dec 07 '21 at 10:10
it seems your problem is totatlly different - you want to update text on screen - but console/terminal doesn't have function to do this. You would need to use special modules for clear text on screen and print it again. — furas, Dec 07 '21 at 10:13
see module [curses](https://docs.python.org/3/library/curses.html), [npyscreen](http://www.npcole.com/npyscreen/), [windows-curses](https://pypi.org/project/windows-curses/) — furas, Dec 07 '21 at 10:22
all your problem is console/terminal - normally console can't remove previous text and dispaly new value in the same place. Some modules (like progressbar) use char `\r` to move to the beginning of line and next `print()` can put new next in place of old text. But this will not work if you have mulitline text. On Linux you could also use special codes to move cursor to new place and print again all values. [bash terminal codes](https://wiki.bash-hackers.org/scripting/terminalcodes). OR you could display in GUI framework (ie. `tkinter`) and then you can remove previous text and put new one. — furas, Dec 07 '21 at 10:30

how can i update counter on live packets

0 Answers0

Linked