Question

大家好我试图找一些方法来查看我用scapy嗅探.pcap文件时有多少tcp和udp数据包。如果你能以某种方式向我解释，我会很高兴。

from scapy.all import *
import time

def main():

path = raw_input("Enter path: ") # .pcap file
packs = rdpcap(path)
option = 0
while (option != 4):

    print "Options: soon "
    option = input("Enter your option: ")
    i = 0
    count = 0
    if(option == 1):
        print "Number of packets: "
        pack_len = len(packs)
        print pack_len
        print "Sniff tome: "
        print time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime(packs[0].time))
        print time.strftime("%Y-%m-%d %H:%M:%S",   time.gmtime(packs[pack_len-1].time))

    elif(option == 2):
        pass # HERE I NEED TO CHECK HOW MANY TCP AND UDP PACKETS I HAVE

    elif(option == 3):
        path = raw_input("Enter new path: ")
        packs = rdpcap(path)

if __name__ == "__main__":
    main()

Answer 1

例如，你可以使用'in'命令（对于凌乱的代码感到抱歉，这里已经很晚了）：

for i in range(0, len(packs))
          pkt = packs[1]
          if (TCP in pkt):
                   countTCP+= 1
          elif (UDP in pkt):
                   countUDP+= 1

希望我能正确理解你的问题......如果有效，请告诉我们。祝你好运！

使用scapy查找.pcap文件中的udp和tcp数据包数

1 个答案: