我正在解析一个大文本文件以获得正确的TCP连接,我需要做的一件事就是检查服务器和主机IP地址(有30个不同的主机)是否已经相互发送了一个SYN数据包。
主持人名单:
HostList1 = ['150.100.12.130','150.100.12.131','150.100.12.132','150.100.12.133','150.100.12.134','150.100.12.135','150.100.12.136','150.100.12.137','150.100.12.138','150.100.12.139']
来自文本的示例行(有数千行):
2.000724 IP (tos 0x0, ttl 63, id 0, offset 0, flags [none], proto: TCP (6), length: 40, bad cksum 0 (->4280)!) 150.100.12.134.49153 > 150.100.0.2.57300: S, cksum 0x0000 (incorrect (-> 0xd6bb), 0:0(0) win 65535
2.000724 IP (tos 0x0, ttl 64, id 17, offset 0, flags [none], proto: TCP (6), length: 40, bad cksum 0 (->416f)!) 150.100.0.2.57300 > 150.100.12.134.49153: S, cksum 0x0000 (incorrect (-> 0xd6aa), 0:0(0) ack 1 win 65535
我当前的代码,服务器地址是150.100.0.2:
with open("serverLanTraceWithErrors.txt" , "r") as ParseFile1:
for line in ParseFile1:
if 'TCP' in line: #Check if TCP proto is in the line
Split1 = line.split(",") #Split each line by a comma for future splits
Split2 = Split1[7].split(">") #Split1[7] contains the two IP addresses, host and server and the direction of the packet
Split3 = Split1[1].split(" ") #Split3[3] will show the # hops
for item in HostList1:
if 'S' in line: #check if SYN flag is in the line
if item in Split2[1] and '150.100.0.2' in Split2[2] and '63' in Split3[3]:
print("SYN packet from host computer: %s to server completed with right # of hops %s" %(item, Split3[3]))
elif item in Split2[2] and '150.100.0.2' in Split2[1] and '64' in Split3[3] and 'ack' in Split1[9]:
print("SYN packet from server to host computer: %s completed with right # of hops %s" %(item, Split3[3]))
elif: item hasn't been found sending or receving SYN flag...
print("SYN pack from wherever to wherever not completed...")
理想情况下,应该有两种情况,即在服务器和主机之间找到SYN标志。主机到服务器和服务器回主机。我的问题是我无法找到使最后一个elif语句工作的方法,我需要一种方式来说,如果两个顶级语句中只有一个发生了它发生的IP地址。因为对于主机150.100.12.139,它只发送一个数据包到主机,主机永远不会回复一个,我的代码能够指出它。我对python的了解非常有限,所以我一直坐在这里难倒了一会儿。
答案 0 :(得分:0)
你说" 理想情况下,应该有两种情况,即在服务器和主机之间找到SYN标志"所以我猜测最后一个elif条件是检查上述条件之一是否有效。我建议使用elif而不是上一次else语句,如下所示。
for item in HostList1:
if 'S' in line: #check if SYN flag is in the line
if item in Split2[1] and '150.100.0.2' in Split2[2] and '63' in Split3[3]:
print("SYN packet from host computer: %s to server completed with right # of hops %s" %(item, Split3[3]))
elif item in Split2[2] and '150.100.0.2' in Split2[1] and '64' in Split3[3] and 'ack' in Split1[9]:
print("SYN packet from server to host computer: %s completed with right # of hops %s" %(item, Split3[3]))
else: ## item hasn't been found sending or receving SYN flag...
print("SYN pack from wherever to wherever not completed...")
让我知道它是否对你有帮助。
编辑1: 在查看评论后,我建议你以下
if item in Split2[1] and '150.100.0.2' in Split2[2] and '63' in Split3[3]:
print("SYN packet from host computer: %s to server completed with right # of hops %s" %(item, Split3[3]))
elif item in Split2[2] and '150.100.0.2' in Split2[1] and '64' in Split3[3] and 'ack' in Split1[9]:
print("SYN packet from server to host computer: %s completed with right # of hops %s" %(item, Split3[3]))
elif item not in Split2[1] or item in Split2[2] : ## item hasn't been found sending or receving SYN flag...
print("SYN pack from wherever to wherever not completed...")