我正在尝试从 IPV6 数据包中获取协议号。为了实现这一点,我必须使用这些字段中的哪一个。
print(cap[36].ipv6.field_names)
['version', 'ip_version', 'tclass', 'tclass_dscp', 'tclass_ecn', 'flow', 'plen', 'nxt', 'hlim', 'src', 'addr', 'src_host', 'host', 'dst', 'dst_host']
问问题
427 次
1 回答
1
我不确定这是否是您问题的正确答案。如果不是,请告诉我,我会修改我的答案。
capture = pyshark.FileCapture(pcap_file)
for packet in capture:
if hasattr(packet, 'ipv6') and hasattr(packet, 'tcp'):
source_address = packet.ipv6.src
source_port = packet[packet.transport_layer].srcport
print(f'TCP packet -- Source Address: {source_address} -- Source Port: {source_port}')
destination_address = packet.ipv6.dst
destination_port = packet[packet.transport_layer].dstport
print(f'TCP packet -- Destination Address: {destination_address } -- Destination Port: {destination_port }')
elif hasattr(packet, 'ipv6') and hasattr(packet, 'udp'):
source_address = packet.ipv6.src
source_port = packet[packet.transport_layer].srcport
print(f'UDP packet -- Source Address: {source_address} -- Source Port: {source_port}')
destination_address = packet.ipv6.dst
destination_port = packet[packet.transport_layer].dstport
print(f'UDP packet -- Destination Address: {destination_address} -- Destination Port: {destination_port}')
更新:
对于我的回复延迟,我深表歉意。这是一个更新的答案,希望能解决 Ron Maupin 提出的问题。
capture = pyshark.FileCapture(pcap_file)
for packet in capture:
if "IPV6" in str(packet.layers):
next_header_info = regex.findall(r'(Next Header:)\s(\w.+)\s(\W\d{0,3}\W)', str(packet.layers[1]))
print(next_header_info)
# Output
[('Next Header:', 'ICMPv6', '(58)')]
[('Next Header:', 'ICMPv6', '(58)')]
[('Next Header:', 'ICMPv6', '(58)')]
[('Next Header:', 'IPv6 Hop-by-Hop Option', '(0)'), ('Next Header:', 'ICMPv6', '(58)')]
[('Next Header:', 'ICMPv6', '(58)')]
[('Next Header:', 'UDP', '(17)')]
...truncated
于 2020-02-18T18:05:12.420 回答