我正在尝试执行某种会话发起协议嗅探器。我正在使用pyshark的python模块,该模块为我提供了一些从接口监听数据包的功能。关键是有一个名为sniff()的函数,当我给参数packet_count=0时,它将无限期地检查数据包,直到我停止整个程序为止。
我想知道是否有一种方法可以停止cap.sniff()函数并检索cap._packets(这是一个列表),然后让程序的其余部分运行。
这是我编写的代码:
def sniffsip():
cap = pyshark.LiveCapture(interface='Ethernet')
cap.sniff(packet_count=0)#This is function sniff() that checks for packets
udp_packets = []
for i in cap._packets:
j = cap._packets.index(i)
if cap._packets[j].transport_layer == 'UDP' and cap._packets[j].highest_layer == 'SIP':
udp_packets.append(cap._packets[j])
return udp_packets
答案 0 :(得分:0)
我猜你只是想打破那个循环。
stop_flag = False # It is a global variable, you can set it in other functions
def sniffsip():
global stop_flag # Our global variable...
cap = pyshark.LiveCapture(interface='Ethernet')
cap.sniff(packet_count=0)
udp_packets = []
for i in cap._packets:
j = cap._packets.index(i)
if cap._packets[j].transport_layer == 'UDP' and cap._packets[j].highest_layer == 'SIP':
udp_packets.append(cap._packets[j])
if stop_flag: # Here check the state of the flag
stop_flag = False # Do not forget to set it false if you want to use the function again.
break # Break the cycle
return udp_packets