Highest Voted 'dpkt' Questions

8

votes

2 answers

Python Scapy vs dpkt

I am trying to analyse packets using Python's Scapy from the beginning. Upon recent searching, I found there is another module in python named as dpkt. With this module I can parse the layers of a packet, create packets, read a .pcap file and write…

python scapy dpkt

asked Jun 14 '15 at 05:07

wonder

885
1
18
32

7

votes

1 answer

parse pcap file with scapy

I am comparing scapy and dpkt in terms of speed. I have a directory with pcap files which I parse and count the http requests in each file. Here's the scapy code : import time from scapy.all import * def parse(f): x = 0 pcap = rdpcap(f) for p in…

python python-2.7 parsing scapy dpkt

asked Jan 16 '17 at 16:20

svink

101
1
9

6

votes

1 answer

How to fix issue of dpkt not being able to decode .pcap file

I am having issues running this code on my machine, but it works fine on my schools linux machines. The error i am getting is: Traceback (most recent call last): File "wireshark_02.py", line 74, in main() File…

python-3.x dpkt

asked Apr 12 '18 at 01:41

Slava A.

97
6

4

votes

1 answer

Working with Python Requests response raw file-like object (process pcap file without saving it to disk)

A pcap file is downloaded from url with the help of Python (2.7.9) Requests library: import requests response = requests.get('http://example.com/path/1.pcap', stream=True) According to documentation response.raw is a file-like object and my goal…

python python-requests scapy dpkt

asked Apr 12 '15 at 10:04

Andrey Grachev

1,259
1
14
22

3

votes

0 answers

Does dpkt support writing data files to pcpang?

Thus far, I have been unable to successfully write packets parsed from dpkt.pcapng to a new pcapng file. The timestamps are corrrectly rewritten as expected, but the packet payload is being overwritten to a generic(?) value which i cannot trace back…

dpkt pcap-ng

asked Aug 05 '19 at 09:36

Lyndon

31
4

3

votes

3 answers

Little endian packet treated as big endian by dpkt

I am using dpkt to parse some ieee80211 packets. I see that the ieee80211 object created has wrong values. Digging deeper I found that the ieee80211 treats the data as big endian while in practice the packets I am providing it are little endian. …

endianness pcap dpkt

asked Jul 17 '17 at 13:10

kroiz

1,722
1
27
43

3

votes

1 answer

Faster way to parse .pcap

I am trying to parse huge .pcap files (~1-2GB each). I have tried to use scapy but so far it is much to slow. I have benchmarked timings using the following code with different values for count from scapy.all import * from scapy.layers.dns import…

python packet scapy tcpdump dpkt

asked Jul 11 '16 at 22:18

deltap

4,176
7
26
35

3

votes

2 answers

Using dpkt to parse through pcap files

I'm doing an assignment where I have to parse through a pcap file and I am using dpkt to do so. I'm new to networking so I'm having a really hard time debugging the code / getting started. First set of code: import dpkt filename='test.pcap' f =…

python python-2.7 networking pcap dpkt

asked Jun 17 '16 at 02:23

Parampara

43
1
4

3

votes

2 answers

Convert from mac address to hex string and vice versa - both python 2 and 3

I have MAC address that I want to send to dpkt as raw data. dpkt package expect me to pass the data as hex stings. So, assuming I have the following mac address: '00:de:34:ef:2e:f4', written as: '00de34ef2ef4' and I want to encode in to…

python python-2.7 python-3.x mac-address dpkt

asked Sep 08 '15 at 15:25

cyber101

899
1
9
19

3

votes

1 answer

Python dpkt with pcap - how can I print the packet data?

I want to print out the packet data from a pcap file. The code below stores the packet data in an array but I can't figure out how to print each element of the array and then split up the data from there. A for loop on the array just returns an…

python parsing packet tcpdump dpkt

asked Jun 19 '15 at 07:56

rcy

41
1
2

3

votes

1 answer

Exception IP6 has no attribute

I'm programming in python and i have a problem, indeed when i throw my script it end some seconds after when he detect an IP6 packet. Apparently i have to filter packets and take only IP4 packet to avoid this problem and i would like to know how can…

python filter version ipv6 dpkt

asked Apr 27 '15 at 12:55

Bouh10

297
2
6
18

3

votes

4 answers

Python sniffer using pypcap and dpkt on OS X

I'm actually trying to sniff packets with python (using pypcap and dpkt). I tried the following : import dpkt, pcap pc = pcap.pcap() # construct pcap object pc.setfilter('src host X.X.X.X or dst host X.X.X.X') for timestamp, packet in pc: …

python pcap packet-sniffers dpkt

asked Nov 27 '14 at 02:21

Quentin

435
2
6
15

2

votes

1 answer

How to fix ValueError: read of closed file while parsing a pcap using dpkt

I'm new to networking, I'm trying to parse a pcap using dpkt, but I'm getting ValueError: read of closed file. Here's the code: import dpkt f = open('test.pcapng', 'rb') pcap = dpkt.pcap.Reader(f) for timestamp, buf in pcap: print…

python dpkt

asked Dec 05 '18 at 09:08

user7338738

23
3

2

votes

2 answers

What is this error when i try to parse a simple pcap file?

import dpkt f = open('gtp.pcap') pcap = dpkt.pcap.Reader(f) for ts, buf in pcap: eth = dpkt.ethernet.Ethernet(buf) print(eth) Traceback (most recent call last): File "new.py", line 4, in pcap = dpkt.pcap.Reader(f) File…

python-3.x dpkt

asked Aug 22 '18 at 13:37

Gaurang Patel

172
3
11

2

votes

0 answers

Using dpkt to obtain a protocol trace corpus given a pcap file

Info: Python 3.6.3 via Anaconda Distribution I am using dpkt to parse through a pcap file and I cycle through it collecting the ethernet, ip and tcp. Python Code: import dpkt file = open('file10','rb') pcapFile = dpkt.pcap.Reader(file) for ts, buf…

python-3.x tcp ethernet pcap dpkt

asked Nov 19 '17 at 00:08

Sai Anantapantula

21
1

Questions tagged [dpkt]