I've got a tcpdump file that I managed to split and parse to get it get information I needed: src ip+port and dst ip+port.
f = open('dump2.txt', 'r')
lines = f.read().splitlines(`)
for line in lines:
line = line.split()
if len(line) >0:
srcIpList = line[2]
srcIp = srcIpList.split('.')[:4]
srcPortList = line[2]
srcPort = srcPortList.split('.')[4:]
dstIpList = line[4]
dstIp = dstIpList.split('.')[:4]
dstPortList = line[4]
dstPort = dstPortList.split('.')[4:]
Output:
['142', '55', '1', '9'] ['80'] ['142', '55', '186', '239'] ['1220:']
['142', '55', '194', '76'] ['3956'] ['142', '55', '1', '9'] ['80:']
['142', '55', '1', '9'] ['80'] ['142', '55', '149', '106'] ['1591:']
['142', '55', '186', '239'] ['1220'] ['142', '55', '1', '9'] ['80:']
['142', '55', '1', '9'] ['80'] ['142', '55', '117', '173'] ['3784:']
['142', '55', '1', '9'] ['80'] ['142', '55', '117', '173'] ['3784:']
['142', '55', '149', '106'] ['1591'] ['142', '55', '1', '9'] ['80:']
Now I'm trying to to create a dictionary called Hosts where the keys are all the unique IP addresses (src ip + dst ip) those keys are to keep count of how many times the ip addresses are repeated
I assume i have to run everything through an if statement where it adds the IP addresses to the dictionary and keeps a counter of how many times it the same addresses are added.
My trouble is I have the lists created but don't have a clue on how to convert the contents of them into a dictionary.
EDIT The function is supposed to be called Maker. Using Maker to generate a new key/value pair in my dictionary or modifing an exisiting entry. It's suppose to do this for every line in the dump.
def Maker(src,dst):
if src in list(Hosts()):
#add one to the src counter in Hosts(src) array
else Hosts[src] = [1,0]
if dst in list(Hosts()):
#add one to the dst counter in Hosts(dst) array
else Hosts[dst] = [0,1]
