Python dpkt packet analysis
Question
I'm wanting to find the timestamping from pcap file using python dpkt package; similar to tcpdump -tttt option which would provide me the details of time with date of the packet that was generated .
2 answers
solution1
1 2014-05-02 11:33:06
It would be great if you could provide some code snippet in your question. A rough guess is that you can try something like this:
myPcap = open('test.pcap')
pcap = dpkt.pcap.Reader(myPcap)
for ts in pcap:
print ts
solution2
1 2014-05-20 07:16:46
It can be done by importing the datetime package.
import dpkt
import datetime
for ts, buf in pcap:
eth=dpkt.ethernet.Ethernet()
//this is the method that is used to convert the epoch time to date
date1=**datetime.datetime.fromtimestamp(float(ts)).strftime('%d-%m-%Y')**
//rest of the code can go after this
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Trouble parsing packet captures with dpkt and Python
python network packet analyising using dpkt
python / dpkt: Find out if packet is a tcp packet or a udp packet ,
python-dpkt: ICMP packet parsing
Python dpkt with pcap - how can I print the packet data?
How to process packet captures with Python's dpkt module
Check if packet contains Ethernet layer or a Raw IP packet using DPKT python
What does the value of 'flags' attribute of tcp packet in pcap represent when read by dpkt in python?
Install dpkt on python 3
Python Scapy vs dpkt
Related Tags