我们可以使用 pyshark 模块来捕获/解析远程服务器中的数据包吗?发现它在本地界面中工作:
>>> import pyshark
>>> capture = pyshark.LiveCapture(interface='eth2')
>>> capture.sniff(timeout=50)
>>> capture
<LiveCapture (4 packets)>
>>>
>>> capture[3]
<CDP Packet>
>>>
>>> print capture[3]
Packet (Length: 272)
Layer ETH:
Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Length: 258
Address: Cisco_36:59:eb (6c:9c:ed:36:59:eb)
远程服务器也需要做同样的事情(提供 IP 和更多过滤器)