Parse pcap file into txt file

0
votes

How do i parse a pcap file and convert it into a text file wherein each line in the text file is a packet?

i tried writing it into text file as given below but special characters are showing up when i print eth. Therefore, when i try to write it into a text file, the following error shows up.

TypeError: expected a character buffer object

import dpkt

f1 = open('temp.pcap')
pcap = dpkt.pcap.Reader(f1)
f2 = open('tempMan.txt', 'w')

for ts, buf in pcap:
    eth = dpkt.ethernet.Ethernet(buf)
    print eth
    f2.write(eth)
1
pythonparsingpcappacketsdpkt
Please define what a textfile in your context is, especially the encoding.Klaus D.
A textfile as in a readable text file. Like the one we get when we do this: sudo tshark -V -r tcpdump-log-06-03-2015.pcap > tcpdump-log-06-03-2015.txtNormal one
I just want to try to achieve this in pythonNormal one

1 Answers

0
votes

You could try and cast your etc object as a string 

print str(etc)

However you are not making your like in cap any easier.

A better mechanism of understanding what is going on is to use the excellent scapy package (pip install scapy)

The reason is that scary will help you understand the structure of the IP Stack - and access variables in it.