如何在实时数据包嗅探上添加计数器

Question

I want that every time a same packet arrives then it update count and print

# from collections import Counter

capture = pyshark.LiveCapture(interface='wlo2', bpf_filter='arp')
capture.sniff(timeout=5)

keys = {}

e_mac = '00:00:00:00:00:00' or 'ff:ff:ff:ff:ff:ff'
already_seen = []
count = 0

for packet in capture:
    keys['ip'] = packet.arp.dst_proto_ipv4
    keys['mac'] = packet.arp.dst_hw_mac
    seen = keys['mac'], keys['ip']
    
    if keys['mac'] != e_mac:
        if seen not in already_seen:
            already_seen.append(seen)

            print(packet.sniff_time, keys['mac'], keys['ip'])

currently this output i received

2021-12-06 18:59:55.325859 28:d1:27:1a:12:c0 192.168.1.3
2021-12-06 18:59:58.704726 f8:c4:f3:56:a3:70 192.168.1.1
2021-12-06 19:00:02.286922 ff:ff:ff:ff:ff:ff 192.168.1.1
2021-12-06 19:02:15.854700 44:af:28:2c:6d:6b 192.168.1.195
2021-12-06 19:07:02.440235 90:e8:68:f2:00:c1 192.168.1.13

Dec 06 16:07:45  2(i.e. times i received) 28:d1:27:1a:12:c0 192.168.1.3

Dec 06 16:08:01  4 f8:c4:f3:56:a3:70 192.168.1.1

actual output i want is like count will update only for a specific packet how many times i received it, if a new mac comes then it will maintain separate counter of that packet:

Answer 1

You have to create empty Counter() before for -loop and later update this counter inside for -loop`

---

Minimla working code:

Instead of YOUR_MAC , YOUR_IP you have to get values from package.

from collections import Counter

# --- before loop ---

count = Counter()

# --- loop ---

for x in range(5):
    mac = 'YOUR_MAC'
    ip  = 'YOUR_IP'
    count.update( [(mac, ip)] )  # it has to be list with tuple
    print(count[ (mac, ip) ], mac, ip)

Result:

1 YOUR_MAC YOUR_IP
2 YOUR_MAC YOUR_IP
3 YOUR_MAC YOUR_IP
4 YOUR_MAC YOUR_IP
5 YOUR_MAC YOUR_IP