Highest Voted 'dpkt' Questions

1

vote

1 answer

How to use dpkt with 802.1Q and SLL?

I am working on a PCAP in python and using dpkt to read it. Data in PCAP file is Linux Cooked Capture, SLL for friends. This is an example packet as seen in Wireshark: Frame 3: 578 bytes on wire (4624 bits), 578 bytes captured (4624 bits) Linux…

asked Mar 27 '20 at 22:51

Lyonid

49
7

1

vote

0 answers

How to extract ARP MAC Address with Vendor Name from PCAP and save to File

I need to extract ARP MAC-addresses with vendor names from PCAP-files and save those as a CSV-file. Below code is working fine for source and destination MAC but I need the code to extract the MAC vendor name. I had used DPKT to extract the data…

python python-3.x wireshark pcap dpkt

asked May 05 '19 at 11:52

delwar.naist

51
1
12

1

vote

2 answers

Need help outputting the source and destination port number to the user, reading from a pcap file using Python, and dpkt

Hi everyone this is my first time doing PCAP programming using Python for the programming language, this is for a task for University and I have mostly got everything I need to complete the task except for one small detail. I just need to get an…

python python-2.7 pcap libpcap dpkt

asked Apr 25 '19 at 16:33

NoMReG

21
1
5

1

vote

0 answers

MemoryError using dpkt Python 2.7

I've captured data using wireshark. I am now trying to parse the data in Python 2.7 using dpkt into a dictionary which I will then pickle. I consistently keep getting MemoryError. I am assuming it could be because I am dealing with thousands of MB…

python dpkt

asked Apr 23 '19 at 08:21

user1023102

189
3
12

1

vote

1 answer

Extract Time from PCAP file and save as CSV file

I would like to extract date time from PCAP files only for ARP packets and would like to save as csv/txt. i did uses below code for extract time. print command is working fine with time. but when its save at csv file its only one date and one time…

python timestamp arp dpkt

asked Apr 14 '19 at 13:42

delwar.naist

51
1
12

1

vote

3 answers

How to properly read an HTTP Post message segmented into two TCP segments?

When I execute the following Python code on a pcap file: if tcp.dport == 80: try: http=dpkt.http.Request(tcp.data) except (dpkt.dpkt.NeedData): continue except (dpkt.dpkt.UnpackError): continue if http.method ==…

python tcp dpkt

asked Nov 16 '18 at 16:33

mksoi

131
3
13

1

vote

1 answer

What does the value of 'flags' attribute of tcp packet in pcap represent when read by dpkt in python?

I used the dpkt python package to parse a pcap file, and did the following to get the tcp packets: f = open(fname) pcap = dpkt.pcap.Reader(f) tcps = [] for ts, buff in pcap_in: eth = dpkt.ethernet.Ethernet(buff) ip = eth.data tcp =…

python tcp tcpdump dpkt

asked Feb 28 '18 at 22:25

nara

176
1
7

1

vote

0 answers

python:how to use DPKT remove duplicate data from pcap files

i want stitch http persistent connection BODY from PCAP files，but it contains some duplicates body data,how to remove these data? my codes part1part2 the following my codes: from mydpkt import Request from mydpkt import Reader, Ethernet rh_log =…

python dpkt

asked Jul 26 '17 at 07:58

Mr.shen

57
4

1

vote

1 answer

Python- timestamps of packets using DPKT

I am using dpkt library to get timestamp of packets and need to convert it into seconds. Below is my code to get packet timestamp: f = open('test.pcap') pcap = dpkt.pcap.Reader(f) for ts, buf in pcap: print "timestamp:",ts I have 2 questions…

python dpkt

asked Jun 14 '17 at 01:26

ojas

2,150
5
22
37

1

vote

0 answers

Tcp ports from proc/net/tcp are completely different from the tcp source ports after parsing .pcap files(android)

I am working on a way to find a mapping between the application and the url it accesses at a given timestamp. For this I first got the mapping of tcp port number to url by parsing the packet dump file from time t1 to t2. I wrote this python code for…

sockets tcp adb ports dpkt

asked Mar 31 '17 at 21:37

nachi_trivedi

11
1

1

vote

1 answer

Error: "To build a Debian Package you must install stdeb (pip install std eb)" when installing dpkt (Python 3.5.2)

I'm trying to install dpkt package using pip (Python 3.5.2): pip install dpkt The installation fails giving this error: Collecting dpkt Using cached dpkt-1.8.8.tar.gz Complete output from command python setup.py egg_info: Traceback (most…

python-3.x dpkt

asked Dec 17 '16 at 10:54

Yotam Hochman

63
9

1

vote

1 answer

Calculate data rate using dpkt packet parsing for radiotap header

I need to calculate the data rate for a given packet, which is capture using pcapy. I use dpkt to get the radiotap header like this: dpkt.radiotap.Radiotap(packet) Now I need to access the data rate, and I assumed (wrongly) that Rate which is…

python dpkt radiotap

asked Dec 08 '16 at 13:06

Lars Nielsen

2,005
2
25
48

1

vote

1 answer

Invalid tcpdump header due to pcap generated using mergecap when parsed using dpkt

ValueError: Invalid tcpdump header error for below code. import dpkt f = open('a.pcap') pcap = dpkt.pcap.Reader(f) for (src, sport, dst, dport, data) in udp_iterator(pc): if dport == 53: dns = dpkt.dns.DNS(data) if…

python dpkt

asked Jun 10 '16 at 09:36

Detective_007

11
3

1

vote

1 answer

Python dpkt throws NeedData exception on a valid pcap

This is a duplicate to an unsolved question My code is very simple: for pcap_path in pcaps: f = open(pcap_path) pcap = dpkt.pcap.Reader(f) i = 1 for ts, buf in pcap: eth = dpkt.ethernet.Ethernet(buf) ip = eth.data …

exception scapy pcap dpkt

asked Jun 09 '16 at 10:13

user1018517

1

vote

1 answer

Packet Generator in Tkinter

Hi guys, I hope you can help me. Sorry for my english, it's not my first language. I'm new to programming and I'm stuck in my first project. I try to program a simple data traffic generator with Tkinter and Python 2.7. I use the dpkt library as a…

python function variables tkinter dpkt

asked May 10 '16 at 09:59

junker1248

11
1

Questions tagged [dpkt]