0
votes

To carry on from this question.https://stackguides.com/questions/9330686/parsing-pcap-in-python-2-6 I'm now trying to perform print summary but still not sure what to include in my final argument before print summary. Please see the the code below:

def run_example():

global total_packet_count, total_bytes_count, average_pkt_size

try:
    sys.argv[1]
    dmp_file = sys.argv[1]
    fp_dmp_file = open(dmp_file)
except Exception as e:
    print 'Error: please supply pcap filename!\n'
    return

f = open('test1.pcap') try: sys.argv[1] dmp_file = sys.argv[1] file = open(dmp_file) except Exception as e: print 'Error: please supply pcap filename!\n' return

pcap = dpkt.pcap.Reader(file)

for ts, buf in pcap:
    eth = dpkt.ethernet.Ethernet(buf)
    ip = eth.data
    tcp = ip.data
    src_ip = socket.inet_ntoa(ip.src)
    src_port = str(ip.data.sport)
    dst_ip = socket.inet_ntoa(ip.dst)
    dst_port = str(ip.data.dport)

    if type(ip.data) == dpkt.tcp.TCP:
        protocol = 'tcp'
    
    elif type(ip.data) == dpkt.udp.UDP:    
            protocol = 'udp'

    print_packet_info (ts, src_ip, src_port, dst_ip, dst_port, protocol, ip.len, ip.ttl)


print_summary(len (total_packet_count), len (total_bytes_count), len (average_pkt_size))

##fp_dmp_file.close()  

if name == 'main': run_example()

I managed to print packet data but still unable to print summary. I guess I need to do count values from global to be able to print summary.

Any help is much appreciated

1
I updated the code but still I need to count "global variables to be able to print summary". Can someone help with count ?Mojo
Can anyone help with count. First, I'd like to count (total packet count) then, increment (total bytes count) based on every added packet. Then we do calculate (avrage pkt size) based on previous two counts. Any hints on how to achieve that ?Mojo

1 Answers

0
votes

So firstly, we need to identify global variables again on top of our file coming after added libraries in order to have it called outside "def run_example()". Then, after "dst_port" we can call our summary variables with the fist one will increment packets in file. The second one will check the length of packets size in this case (bytes) This can be found in dkpt manual. Lastly, "print summary" variables I did wasn't wright. Instead we call our defined variables as for the average we will divide "total bytes"/"total packets" witch will give us the average size of packets.