1

这是一个未解决问题的重复

我的代码很简单:

for pcap_path in pcaps:
    f = open(pcap_path)
    pcap = dpkt.pcap.Reader(f)
    i = 1
    for ts, buf in pcap:
        eth = dpkt.ethernet.Ethernet(buf)
        ip = eth.data
        tcp = ip.data

        if tcp.dport == 80 and len(tcp.data) > 0:
            http = dpkt.http.Request(tcp.data)
            lst.append(http.headers['host'])
    f.close()

这是pcap

我不想使用其他 pcap 解析器,因为 dpkt 是迄今为止最快的。

例如,它比 scapy 快 x50 倍。

它在以下数据包中失败:

Failed in packet 1
Failed in packet 6
Failed in packet 7
Failed in packet 8
Failed in packet 10
Failed in packet 12
Failed in packet 14
Failed in packet 19
Failed in packet 21
Failed in packet 22
Failed in packet 24
Failed in packet 26
Failed in packet 28
Failed in packet 30
Failed in packet 32
Failed in packet 34
Failed in packet 36
Failed in packet 38
Failed in packet 41
Failed in packet 42
Failed in packet 45
Failed in packet 46
Failed in packet 48
Failed in packet 50
Failed in packet 52
Failed in packet 54
Failed in packet 57
Failed in packet 58
Failed in packet 60
Failed in packet 62
Failed in packet 64
Failed in packet 68
Failed in packet 70
Failed in packet 72
Failed in packet 78
Failed in packet 80
Failed in packet 90
Failed in packet 92
Failed in packet 94
Failed in packet 98
Failed in packet 100
Failed in packet 102
Failed in packet 106
Failed in packet 108
Failed in packet 110
Failed in packet 114
Failed in packet 116
Failed in packet 118
Failed in packet 120
Failed in packet 124
Failed in packet 126
Failed in packet 128
Failed in packet 130
Failed in packet 132
Failed in packet 134
Failed in packet 137
Failed in packet 143
Failed in packet 145
Failed in packet 155
Failed in packet 157
Failed in packet 159
Failed in packet 161
Failed in packet 163
Failed in packet 165
Failed in packet 169
Failed in packet 171
Failed in packet 173
Failed in packet 175
Failed in packet 178
Failed in packet 180
Failed in packet 184
Failed in packet 186
Failed in packet 188
Failed in packet 190
Failed in packet 193
Failed in packet 194
Failed in packet 196
Failed in packet 200
Failed in packet 202
Failed in packet 204
Failed in packet 208
Failed in packet 210
Failed in packet 212
Failed in packet 216
Failed in packet 218
Failed in packet 220
Failed in packet 226
Failed in packet 228
Failed in packet 238
Failed in packet 240
Failed in packet 242
Failed in packet 244
Failed in packet 248
Failed in packet 250
Failed in packet 252
Failed in packet 256
Failed in packet 258
Failed in packet 260
Failed in packet 264
Failed in packet 266
Failed in packet 268
Failed in packet 272
Failed in packet 274
Failed in packet 276
Failed in packet 280
Failed in packet 282
Failed in packet 284
Failed in packet 288
Failed in packet 290
Failed in packet 292
Failed in packet 296
Failed in packet 298
Failed in packet 300
Failed in packet 304
Failed in packet 306
Failed in packet 308
Failed in packet 312
Failed in packet 314
Failed in packet 316
4

1 回答 1

3

dpkt 检查 HTTPContent-Length标头的值是否与实际数据的长度匹配。这是严格执行的。很快就会修复。

在此期间,您可以让我在 dpkt 库中评论这一pass行,并添加一个虚拟语句来代替它。

于 2016-06-09T13:05:26.310 回答