0

  1. 我正在使用 pyshark 模块运行实时捕获:

    filtered_cap = pyshark.LiveCapture(display_filter='TCPP', only_summaries=True)  
packet_iter = filtered_cap.sniff_continuously()  
for pkt in packet_iter:
    print(pkt)

  2. display filter论点不正确,例如'TCPP'

  3. 运行此代码时,我遇到了无法捕获的异常。
Exception ignored in: <function Capture.____del____ at ...> 
    ...  
pyshark.capture.capture.TSharkCrashException: TShark seems to have crashed (retcode: 2)

任何建议如何解决它?

4

1 回答 1

0

你可能已经解决了这个问题,但这对我有用。

import pyshark

def filter_tcp_live_packet_capture(network_interface):
    capture = pyshark.LiveCapture(interface=network_interface, display_filter='tcp', only_summaries=True)
    capture.sniff(timeout=50)
    for packet in capture.sniff_continuously(packet_count=5):
        try:
           print(packet)
        except AttributeError as e:
           pass

filter_tcp_live_packet_capture('en0')
于 2020-02-06T17:04:17.997 回答