将UDP数据包从x秒中保存在PCAP文件中

发布于 2025-02-04 00:21:41 字数 534 浏览 2 评论 0原文

我正在尝试通过以太网连接从传感器到PC收到的UDP数据包。我想以PCAP文件的形式保存UDP数据。

到目前为止，我已经编写了以下代码来保存1个数据包。我运行了代码，然后使用Wireshark打开了保存的PCAP文件，并将其与Raw Wireshark数据的输出进行了比较。数据包1的0000-0010线相同，但0020线不同。 test.pcap仅捕获42个字节，而Wireshark数据包1的字节捕获了1236个字节。

如果我错了，请纠正我，但我认为这是由于我的代码没有给出足够的时间从数据包中收集所有数据。 我希望在下面修改我的代码时获得帮助，以便在时间间隔中节省PCAP文件。例如，PCAP文件将每5秒保存一次。

from scapy.all import wrpcap, Ether, IP, UDP

pkts = [Ether(src=" ", dst=" ") / IP(src=" ", dst=" ") / UDP(src=" ", dst=" ")]

wrpcap('test.pcap', [pkts])

原文

I am trying to save UDP data packets which I receive from a sensor to my PC through ethernet connection. I want to save the UDP data in the form of a pcap file.

So far I have written the following code to save 1 packet of data. I ran my code then opened up the saved pcap file using wireshark and compared it to the output from the raw wireshark data. Lines 0000 - 0010 from packet 1 are the same but line 0020 is different. test.pcap only has 42 bytes captured whereas from wireshark packet 1 has 1236 bytes captured.

Correct me if I am wrong but I think this is due to my code not giving enough time to collect all the data from the packet. I was hoping to get help in modifying my code below so that it saves the pcap file in time intervals. For example a pcap file will be saved every 5 seconds.

from scapy.all import wrpcap, Ether, IP, UDP

pkts = [Ether(src=" ", dst=" ") / IP(src=" ", dst=" ") / UDP(src=" ", dst=" ")]

wrpcap('test.pcap', [pkts])

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

梦途 2025-02-11 00:21:41

尝试此代码，让我知道您是否仍然得到较少的数据包：

#!/usr/bin/env python3
import sys
import struct
import os
import argparse

from scapy.all import sniff, sendp, hexdump, linehexdump, get_if_list, get_if_hwaddr
from scapy.all import Packet, IPOption
from scapy.all import ShortField, IntField, LongField, BitField, FieldListField, FieldLenField
from scapy.all import IP, TCP, UDP, Raw
from scapy.layers.inet import _IPOption_HDR
from scapy.all import raw
from scapy.all import bytes_hex
import hashlib
import pcapng.blocks as blocks
from pcapng import FileWriter


counter = 1

def get_if():
    ifs=get_if_list()
    iface=None
    for i in get_if_list():
        if "enp1s0f1" in i:
            iface=i
            break;
    if not iface:
        print("Cannot find eth0 interface")
        exit(1)
    return iface


def main():
    global counter
    ifaces = [i for i in os.listdir('/sys/class/net/') ]
    iface = get_if()
    print(("sniffing on %s" % iface))
    sys.stdout.flush()
    writer = FileWriter(args.outfile, shb)

    orig_packets = sniff(filter='tcp and port 5201',iface = iface)
    for packet in orig_packets:
        spb = shb.new_member(blocks.SimplePacket)
        spb.packet_data = bytes(packet)
        writer.write_block(spb)
        print("C=",counter)
        counter=counter+1

if __name__ == '__main__':
    parser = argparse.ArgumentParser()
    parser.add_argument("outfile", type=argparse.FileType("wb"))
    args = parser.parse_args()

    shb = blocks.SectionHeader(
    options={
        "shb_hardware": "artificial",
        "shb_os": "python",
        "shb_userappl": "python-pcapng",
    })
    idb = shb.new_member(
    blocks.InterfaceDescription,
    link_type=1,
    options={
        "if_description": "Hand-rolled",
        "if_os": "Python",
        "if_filter": [(0, b"tcp port 5201 and host 192.168.1.3")],
    },)

    main()

Try this code, let me know if you are still getting less packets:

#!/usr/bin/env python3
import sys
import struct
import os
import argparse

from scapy.all import sniff, sendp, hexdump, linehexdump, get_if_list, get_if_hwaddr
from scapy.all import Packet, IPOption
from scapy.all import ShortField, IntField, LongField, BitField, FieldListField, FieldLenField
from scapy.all import IP, TCP, UDP, Raw
from scapy.layers.inet import _IPOption_HDR
from scapy.all import raw
from scapy.all import bytes_hex
import hashlib
import pcapng.blocks as blocks
from pcapng import FileWriter


counter = 1

def get_if():
    ifs=get_if_list()
    iface=None
    for i in get_if_list():
        if "enp1s0f1" in i:
            iface=i
            break;
    if not iface:
        print("Cannot find eth0 interface")
        exit(1)
    return iface


def main():
    global counter
    ifaces = [i for i in os.listdir('/sys/class/net/') ]
    iface = get_if()
    print(("sniffing on %s" % iface))
    sys.stdout.flush()
    writer = FileWriter(args.outfile, shb)

    orig_packets = sniff(filter='tcp and port 5201',iface = iface)
    for packet in orig_packets:
        spb = shb.new_member(blocks.SimplePacket)
        spb.packet_data = bytes(packet)
        writer.write_block(spb)
        print("C=",counter)
        counter=counter+1

if __name__ == '__main__':
    parser = argparse.ArgumentParser()
    parser.add_argument("outfile", type=argparse.FileType("wb"))
    args = parser.parse_args()

    shb = blocks.SectionHeader(
    options={
        "shb_hardware": "artificial",
        "shb_os": "python",
        "shb_userappl": "python-pcapng",
    })
    idb = shb.new_member(
    blocks.InterfaceDescription,
    link_type=1,
    options={
        "if_description": "Hand-rolled",
        "if_os": "Python",
        "if_filter": [(0, b"tcp port 5201 and host 192.168.1.3")],
    },)

    main()

回复收藏 0 原文

~没有更多了~